Remove the libssl/src directory

author: beck <beck@openbsd.org> 2016-09-03 11:33:34 +0000
committer: beck <beck@openbsd.org> 2016-09-03 11:33:34 +0000
commit: 8204a9859e29f943f9d45fa3c5bacf005da87a21 (patch)
tree: 3d72799b17122728ed1ce817d171df956c52a633 /lib/libssl/src
parent: Remove NULL pointer checks before calls to free(). (diff)
download: wireguard-openbsd-8204a9859e29f943f9d45fa3c5bacf005da87a21.tar.xz
wireguard-openbsd-8204a9859e29f943f9d45fa3c5bacf005da87a21.zip
1190 files changed, 0 insertions, 386114 deletions
diff --git a/lib/libssl/src/LICENSE b/lib/libssl/src/LICENSE
deleted file mode 100644
index 892e14a4500..00000000000
--- a/lib/libssl/src/LICENSE
+++ /dev/null
@@ -1,133 +0,0 @@
-
-  LibReSSL files are retained under the copyright of the authors. New
-  additions are ISC licensed as per OpenBSD's normal licensing policy,
-  or are placed in the public domain. 
-
-  The OpenSSL code is distributed under the terms of the original OpenSSL
-  licenses which follow:
-
-  LICENSE ISSUES
-  ==============
-
-  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
-  the OpenSSL License and the original SSLeay license apply to the toolkit.
-  See below for the actual license texts.  In case of any license issues
-  related to OpenSSL please contact openssl-core@openssl.org.
-
-  OpenSSL License
-  ---------------
-
-/* ====================================================================
- * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
- Original SSLeay License
- -----------------------
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
diff --git a/lib/libssl/src/apps/openssl.cnf b/lib/libssl/src/apps/openssl.cnf
deleted file mode 100644
index ed4bde52e8a..00000000000
--- a/lib/libssl/src/apps/openssl.cnf
+++ /dev/null
@@ -1,348 +0,0 @@
-#
-# OpenSSL example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-# This definition stops the following lines choking if HOME isn't
-# defined.
-HOME			= .
-
-# Extra OBJECT IDENTIFIER info:
-#oid_file		= $ENV::HOME/.oid
-oid_section		= new_oids
-
-# To use this configuration file with the "-extfile" option of the
-# "openssl x509" utility, name here the section containing the
-# X.509v3 extensions to use:
-# extensions		=
-# (Alternatively, use a configuration file that has only
-# X.509v3 extensions in its main [= default] section.)
-
-[ new_oids ]
-
-# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
-# Add a simple OID like this:
-# testoid1=1.2.3.4
-# Or use config file substitution like this:
-# testoid2=${testoid1}.5.6
-
-# Policies used by the TSA examples.
-tsa_policy1 = 1.2.3.4.1
-tsa_policy2 = 1.2.3.4.5.6
-tsa_policy3 = 1.2.3.4.5.7
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-#unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crlnumber	= $dir/crlnumber	# the current crl number
-					# must be commented out to leave a V1 CRL
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-
-x509_extensions	= usr_cert		# The extentions to add to the cert
-
-# Comment out the following two lines for the "traditional"
-# (and highly broken) format.
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-# Extension copying option: use with caution.
-# copy_extensions = copy
-
-# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
-# so this is commented out by default to leave a V1 CRL.
-# crlnumber must also be commented out to leave a V1 CRL.
-# crl_extensions	= crl_ext
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= default		# use public key default MD
-preserve	= no			# keep passed DN ordering
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= privkey.pem
-distinguished_name	= req_distinguished_name
-attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-# Passwords for private keys if not present they will be prompted for
-# input_password = secret
-# output_password = secret
-
-# This sets a mask for permitted string types. There are several options.
-# default: PrintableString, T61String, BMPString.
-# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
-# utf8only: only UTF8Strings (PKIX recommendation after 2004).
-# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
-# MASK:XXXX a literal mask value.
-# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
-string_mask = utf8only
-
-# req_extensions = v3_req # The extensions to add to a certificate request
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_min			= 2
-countryName_max			= 2
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Some-State
-
-localityName			= Locality Name (eg, city)
-
-0.organizationName		= Organization Name (eg, company)
-0.organizationName_default	= Internet Widgits Pty Ltd
-
-# we can do this but it is not needed normally :-)
-#1.organizationName		= Second Organization Name (eg, company)
-#1.organizationName_default	= World Wide Web Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-#organizationalUnitName_default	=
-
-commonName			= Common Name (e.g. server FQDN or YOUR name)
-commonName_max			= 64
-
-emailAddress			= Email Address
-emailAddress_max		= 64
-
-# SET-ex3			= SET extension number 3
-
-[ req_attributes ]
-challengePassword		= A challenge password
-challengePassword_min		= 4
-challengePassword_max		= 20
-
-unstructuredName		= An optional company name
-
-[ usr_cert ]
-
-# These extensions are added when 'ca' signs a request.
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This is required for TSA certificates.
-# extendedKeyUsage = critical,timeStamping
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-[ v3_ca ]
-
-
-# Extensions for a typical CA
-
-
-# PKIX recommendation.
-
-subjectKeyIdentifier=hash
-
-authorityKeyIdentifier=keyid:always,issuer
-
-# This is what PKIX recommends but some broken software chokes on critical
-# extensions.
-#basicConstraints = critical,CA:true
-# So we do this instead.
-basicConstraints = CA:true
-
-# Key usage: this is typical for a CA certificate. However since it will
-# prevent it being used as an test self-signed certificate it is best
-# left out by default.
-# keyUsage = cRLSign, keyCertSign
-
-# Some might want this also
-# nsCertType = sslCA, emailCA
-
-# Include email address in subject alt name: another PKIX recommendation
-# subjectAltName=email:copy
-# Copy issuer details
-# issuerAltName=issuer:copy
-
-# DER hex encoding of an extension: beware experts only!
-# obj=DER:02:03
-# Where 'obj' is a standard or added object
-# You can even override a supported extension:
-# basicConstraints= critical, DER:30:03:01:01:FF
-
-[ crl_ext ]
-
-# CRL extensions.
-# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
-
-# issuerAltName=issuer:copy
-authorityKeyIdentifier=keyid:always
-
-[ proxy_cert_ext ]
-# These extensions should be added when creating a proxy certificate
-
-# This goes against PKIX guidelines but some CAs do it and some software
-# requires this to avoid interpreting an end user certificate as a CA.
-
-basicConstraints=CA:FALSE
-
-# Here are some examples of the usage of nsCertType. If it is omitted
-# the certificate can be used for anything *except* object signing.
-
-# This is OK for an SSL server.
-# nsCertType			= server
-
-# For an object signing certificate this would be used.
-# nsCertType = objsign
-
-# For normal client use this is typical
-# nsCertType = client, email
-
-# and for everything including object signing:
-# nsCertType = client, email, objsign
-
-# This is typical in keyUsage for a client certificate.
-# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-
-# This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-# This stuff is for subjectAltName and issuerAltname.
-# Import the email address.
-# subjectAltName=email:copy
-# An alternative to produce certificates that aren't
-# deprecated according to PKIX.
-# subjectAltName=email:move
-
-# Copy subject details
-# issuerAltName=issuer:copy
-
-#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
-#nsBaseUrl
-#nsRevocationUrl
-#nsRenewalUrl
-#nsCaPolicyUrl
-#nsSslServerName
-
-# This really needs to be in place for it to be a proxy certificate.
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
-
-####################################################################
-[ tsa ]
-
-default_tsa = tsa_config1	# the default TSA section
-
-[ tsa_config1 ]
-
-# These are used by the TSA reply generation only.
-dir		= ./demoCA		# TSA root directory
-serial		= $dir/tsaserial	# The current serial number (mandatory)
-crypto_device	= builtin		# OpenSSL engine to use for signing
-signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/cacert.pem	# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
-accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
-clock_precision_digits  = 0	# number of digits after dot. (optional)
-ordering		= yes	# Is ordering defined for timestamps?
-				# (optional, default: no)
-tsa_name		= yes	# Must the TSA name be included in the reply?
-				# (optional, default: no)
-ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
-				# (optional, default: no)
diff --git a/lib/libssl/src/crypto/aes/README b/lib/libssl/src/crypto/aes/README
deleted file mode 100644
index 0f9620a80ec..00000000000
--- a/lib/libssl/src/crypto/aes/README
+++ /dev/null
@@ -1,3 +0,0 @@
-This is an OpenSSL-compatible version of AES (also called Rijndael).
-aes_core.c is basically the same as rijndael-alg-fst.c but with an
-API that looks like the rest of the OpenSSL symmetric cipher suite.
diff --git a/lib/libssl/src/crypto/aes/aes.h b/lib/libssl/src/crypto/aes/aes.h
deleted file mode 100644
index c904485d8f5..00000000000
--- a/lib/libssl/src/crypto/aes/aes.h
+++ /dev/null
@@ -1,126 +0,0 @@
-/* $OpenBSD: aes.h,v 1.14 2014/07/09 09:10:07 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_H
-#define HEADER_AES_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#include <stddef.h>
-
-#define AES_ENCRYPT	1
-#define AES_DECRYPT	0
-
-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-#define AES_MAXNR 14
-#define AES_BLOCK_SIZE 16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-struct aes_key_st {
-	unsigned int rd_key[4 *(AES_MAXNR + 1)];
-	int rounds;
-};
-typedef struct aes_key_st AES_KEY;
-
-const char *AES_options(void);
-
-int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-    AES_KEY *key);
-int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-    AES_KEY *key);
-
-void AES_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-void AES_decrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-
-void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key, const int enc);
-void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
-void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
-    const int enc);
-void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
-    const int enc);
-void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int *num,
-    const int enc);
-void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int *num);
-void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
-    unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num);
-/* NB: the IV is _two_ blocks long */
-void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);
-
-int AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
-    const unsigned char *in, unsigned int inlen);
-int AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
-    const unsigned char *in, unsigned int inlen);
-
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* !HEADER_AES_H */
diff --git a/lib/libssl/src/crypto/aes/aes_cbc.c b/lib/libssl/src/crypto/aes/aes_cbc.c
deleted file mode 100644
index 5e76f6ea018..00000000000
--- a/lib/libssl/src/crypto/aes/aes_cbc.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* $OpenBSD: aes_cbc.c,v 1.12 2014/06/12 15:49:27 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void
-AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t len, const AES_KEY *key, unsigned char *ivec, const int enc)
-{
-	if (enc)
-		CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
-		    (block128_f)AES_encrypt);
-	else
-		CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
-		    (block128_f)AES_decrypt);
-}
diff --git a/lib/libssl/src/crypto/aes/aes_cfb.c b/lib/libssl/src/crypto/aes/aes_cfb.c
deleted file mode 100644
index a6384f944df..00000000000
--- a/lib/libssl/src/crypto/aes/aes_cfb.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* $OpenBSD: aes_cfb.c,v 1.8 2014/06/12 15:49:27 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-/* The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-
-void
-AES_cfb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
-    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
-{
-	CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)AES_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void
-AES_cfb1_encrypt(const unsigned char *in, unsigned char *out, size_t length,
-    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
-{
-	CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)AES_encrypt);
-}
-
-void
-AES_cfb8_encrypt(const unsigned char *in, unsigned char *out, size_t length,
-    const AES_KEY *key, unsigned char *ivec, int *num, const int enc)
-{
-	CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)AES_encrypt);
-}
-
diff --git a/lib/libssl/src/crypto/aes/aes_core.c b/lib/libssl/src/crypto/aes/aes_core.c
deleted file mode 100644
index 1b8a24c714d..00000000000
--- a/lib/libssl/src/crypto/aes/aes_core.c
+++ /dev/null
@@ -1,1374 +0,0 @@
-/* $OpenBSD: aes_core.c,v 1.13 2015/11/05 21:59:13 miod Exp $ */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto@terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* Note: rewritten a little bit to provide error control and an OpenSSL-
-   compatible API */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-#ifndef AES_ASM
-/*
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-
-static const u32 Te0[256] = {
-	0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
-	0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
-	0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
-	0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
-	0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
-	0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
-	0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
-	0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
-	0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
-	0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
-	0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
-	0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
-	0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
-	0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
-	0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
-	0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
-	0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
-	0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
-	0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
-	0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
-	0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
-	0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
-	0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
-	0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
-	0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
-	0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
-	0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
-	0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
-	0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
-	0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
-	0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
-	0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
-	0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
-	0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
-	0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
-	0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
-	0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
-	0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
-	0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
-	0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
-	0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
-	0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
-	0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
-	0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
-	0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
-	0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
-	0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
-	0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
-	0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
-	0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
-	0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
-	0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
-	0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
-	0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
-	0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
-	0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
-	0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
-	0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
-	0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
-	0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
-	0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
-	0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
-	0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
-	0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-};
-static const u32 Te1[256] = {
-	0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
-	0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
-	0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
-	0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
-	0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
-	0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
-	0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
-	0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
-	0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
-	0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
-	0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
-	0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
-	0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
-	0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
-	0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
-	0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
-	0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
-	0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
-	0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
-	0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
-	0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
-	0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
-	0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
-	0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
-	0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
-	0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
-	0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
-	0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
-	0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
-	0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
-	0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
-	0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
-	0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
-	0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
-	0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
-	0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
-	0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
-	0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
-	0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
-	0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
-	0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
-	0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
-	0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
-	0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
-	0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
-	0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
-	0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
-	0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
-	0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
-	0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
-	0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
-	0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
-	0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
-	0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
-	0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
-	0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
-	0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
-	0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
-	0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
-	0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
-	0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
-	0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
-	0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
-	0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-};
-static const u32 Te2[256] = {
-	0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
-	0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
-	0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
-	0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
-	0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
-	0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
-	0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
-	0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
-	0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
-	0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
-	0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
-	0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
-	0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
-	0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
-	0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
-	0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
-	0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
-	0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
-	0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
-	0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
-	0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
-	0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
-	0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
-	0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
-	0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
-	0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
-	0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
-	0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
-	0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
-	0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
-	0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
-	0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
-	0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
-	0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
-	0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
-	0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
-	0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
-	0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
-	0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
-	0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
-	0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
-	0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
-	0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
-	0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
-	0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
-	0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
-	0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
-	0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
-	0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
-	0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
-	0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
-	0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
-	0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
-	0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
-	0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
-	0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
-	0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
-	0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
-	0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
-	0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
-	0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
-	0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
-	0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
-	0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-};
-static const u32 Te3[256] = {
-	0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
-	0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
-	0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
-	0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
-	0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
-	0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
-	0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
-	0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
-	0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
-	0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
-	0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
-	0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
-	0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
-	0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
-	0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
-	0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
-	0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
-	0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
-	0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
-	0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
-	0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
-	0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
-	0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
-	0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
-	0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
-	0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
-	0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
-	0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
-	0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
-	0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
-	0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
-	0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
-	0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
-	0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
-	0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
-	0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
-	0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
-	0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
-	0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
-	0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
-	0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
-	0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
-	0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
-	0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
-	0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
-	0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
-	0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
-	0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
-	0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
-	0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
-	0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
-	0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
-	0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
-	0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
-	0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
-	0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
-	0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
-	0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
-	0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
-	0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
-	0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
-	0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
-	0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
-	0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-};
-
-static const u32 Td0[256] = {
-	0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
-	0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
-	0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
-	0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
-	0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
-	0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
-	0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
-	0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
-	0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
-	0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
-	0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
-	0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
-	0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
-	0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
-	0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
-	0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
-	0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
-	0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
-	0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
-	0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
-	0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
-	0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
-	0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
-	0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
-	0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
-	0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
-	0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
-	0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
-	0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
-	0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
-	0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
-	0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
-	0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
-	0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
-	0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
-	0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
-	0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
-	0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
-	0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
-	0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
-	0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
-	0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
-	0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
-	0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
-	0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
-	0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
-	0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
-	0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
-	0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
-	0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
-	0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
-	0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
-	0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
-	0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
-	0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
-	0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
-	0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
-	0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
-	0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
-	0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
-	0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
-	0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
-	0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
-	0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-};
-static const u32 Td1[256] = {
-	0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
-	0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
-	0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
-	0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
-	0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
-	0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
-	0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
-	0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
-	0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
-	0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
-	0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
-	0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
-	0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
-	0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
-	0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
-	0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
-	0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
-	0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
-	0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
-	0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
-	0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
-	0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
-	0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
-	0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
-	0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
-	0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
-	0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
-	0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
-	0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
-	0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
-	0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
-	0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
-	0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
-	0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
-	0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
-	0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
-	0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
-	0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
-	0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
-	0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
-	0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
-	0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
-	0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
-	0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
-	0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
-	0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
-	0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
-	0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
-	0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
-	0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
-	0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
-	0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
-	0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
-	0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
-	0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
-	0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
-	0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
-	0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
-	0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
-	0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
-	0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
-	0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
-	0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
-	0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-};
-static const u32 Td2[256] = {
-	0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
-	0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
-	0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
-	0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
-	0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
-	0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
-	0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
-	0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
-	0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
-	0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
-	0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
-	0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
-	0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
-	0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
-	0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
-	0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
-	0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
-	0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
-	0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
-	0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
-	0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
-	0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
-	0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
-	0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
-	0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
-	0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
-	0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
-	0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
-	0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
-	0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
-	0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
-	0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
-	0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
-	0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
-	0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
-	0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
-	0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
-	0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
-	0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
-	0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
-	0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
-	0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
-	0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
-	0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
-	0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
-	0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
-	0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
-	0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
-	0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
-	0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
-	0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
-	0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
-	0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
-	0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
-	0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
-	0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
-	0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
-	0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
-	0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
-	0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
-	0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
-	0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
-	0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
-	0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-};
-static const u32 Td3[256] = {
-	0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
-	0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
-	0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
-	0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
-	0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
-	0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
-	0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
-	0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
-	0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
-	0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
-	0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
-	0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
-	0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
-	0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
-	0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
-	0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
-	0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
-	0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
-	0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
-	0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
-	0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
-	0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
-	0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
-	0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
-	0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
-	0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
-	0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
-	0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
-	0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
-	0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
-	0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
-	0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
-	0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
-	0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
-	0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
-	0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
-	0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
-	0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
-	0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
-	0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
-	0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
-	0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
-	0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
-	0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
-	0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
-	0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
-	0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
-	0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
-	0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
-	0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
-	0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
-	0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
-	0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
-	0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
-	0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
-	0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
-	0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
-	0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
-	0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
-	0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
-	0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
-	0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
-	0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
-	0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-};
-static const u8 Td4[256] = {
-	0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-	0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-	0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-	0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-	0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-	0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-	0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-	0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-	0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-	0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-	0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-	0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-	0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-	0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-	0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-	0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-	0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-	0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-	0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-	0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-	0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-	0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-	0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-	0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-	0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-	0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-	0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-	0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-	0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-	0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-	0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-	0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
-};
-static const u32 rcon[] = {
-	0x01000000, 0x02000000, 0x04000000, 0x08000000,
-	0x10000000, 0x20000000, 0x40000000, 0x80000000,
-	0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int
-AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
-{
-	u32 *rk;
-	int i = 0;
-	u32 temp;
-
-	if (!userKey || !key)
-		return -1;
-	if (bits != 128 && bits != 192 && bits != 256)
-		return -2;
-
-	rk = key->rd_key;
-
-	if (bits == 128)
-		key->rounds = 10;
-	else if (bits == 192)
-		key->rounds = 12;
-	else
-		key->rounds = 14;
-
-	rk[0] = GETU32(userKey);
-	rk[1] = GETU32(userKey + 4);
-	rk[2] = GETU32(userKey + 8);
-	rk[3] = GETU32(userKey + 12);
-	if (bits == 128) {
-		while (1) {
-			temp = rk[3];
-			rk[4] = rk[0] ^
-			    (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-			    (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
-			    (Te0[(temp) & 0xff] & 0x0000ff00) ^
-			    (Te1[(temp >> 24)] & 0x000000ff) ^
-			    rcon[i];
-			rk[5] = rk[1] ^ rk[4];
-			rk[6] = rk[2] ^ rk[5];
-			rk[7] = rk[3] ^ rk[6];
-			if (++i == 10) {
-				return 0;
-			}
-			rk += 4;
-		}
-	}
-	rk[4] = GETU32(userKey + 16);
-	rk[5] = GETU32(userKey + 20);
-	if (bits == 192) {
-		while (1) {
-			temp = rk[5];
-			rk[6] = rk[ 0] ^
-			    (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-			    (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
-			    (Te0[(temp) & 0xff] & 0x0000ff00) ^
-			    (Te1[(temp >> 24)] & 0x000000ff) ^
-			    rcon[i];
-			rk[7] = rk[1] ^ rk[6];
-			rk[8] = rk[2] ^ rk[7];
-			rk[9] = rk[3] ^ rk[8];
-			if (++i == 8) {
-				return 0;
-			}
-			rk[10] = rk[4] ^ rk[9];
-			rk[11] = rk[5] ^ rk[10];
-			rk += 6;
-		}
-	}
-	rk[6] = GETU32(userKey + 24);
-	rk[7] = GETU32(userKey + 28);
-	if (bits == 256) {
-		while (1) {
-			temp = rk[7];
-			rk[8] = rk[0] ^
-			    (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
-			    (Te3[(temp >> 8) & 0xff] & 0x00ff0000) ^
-			    (Te0[(temp) & 0xff] & 0x0000ff00) ^
-			    (Te1[(temp >> 24)] & 0x000000ff) ^
-			    rcon[i];
-			rk[9] = rk[1] ^ rk[8];
-			rk[10] = rk[2] ^ rk[9];
-			rk[11] = rk[3] ^ rk[10];
-			if (++i == 7) {
-				return 0;
-			}
-			temp = rk[11];
-			rk[12] = rk[4] ^
-			    (Te2[(temp >> 24)] & 0xff000000) ^
-			    (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
-			    (Te0[(temp >> 8) & 0xff] & 0x0000ff00) ^
-			    (Te1[(temp) & 0xff] & 0x000000ff);
-			rk[13] = rk[5] ^ rk[12];
-			rk[14] = rk[6] ^ rk[13];
-			rk[15] = rk[7] ^ rk[14];
-
-			rk += 8;
-		}
-	}
-	return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int
-AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
-{
-	u32 *rk;
-	int i, j, status;
-	u32 temp;
-
-	/* first, start with an encryption schedule */
-	status = AES_set_encrypt_key(userKey, bits, key);
-	if (status < 0)
-		return status;
-
-	rk = key->rd_key;
-
-	/* invert the order of the round keys: */
-	for (i = 0, j = 4 * (key->rounds); i < j; i += 4, j -= 4) {
-		temp = rk[i];
-		rk[i] = rk[j];
-		rk[j] = temp;
-		temp = rk[i + 1];
-		rk[i + 1] = rk[j + 1];
-		rk[j + 1] = temp;
-		temp = rk[i + 2];
-		rk[i + 2] = rk[j + 2];
-		rk[j + 2] = temp;
-		temp = rk[i + 3];
-		rk[i + 3] = rk[j + 3];
-		rk[j + 3] = temp;
-	}
-	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
-	for (i = 1; i < (key->rounds); i++) {
-		rk += 4;
-		rk[0] =
-		    Td0[Te1[(rk[0] >> 24)] & 0xff] ^
-		    Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
-		    Td2[Te1[(rk[0] >> 8) & 0xff] & 0xff] ^
-		    Td3[Te1[(rk[0]) & 0xff] & 0xff];
-		rk[1] =
-		    Td0[Te1[(rk[1] >> 24)] & 0xff] ^
-		    Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
-		    Td2[Te1[(rk[1] >> 8) & 0xff] & 0xff] ^
-		    Td3[Te1[(rk[1]) & 0xff] & 0xff];
-		rk[2] =
-		    Td0[Te1[(rk[2] >> 24)] & 0xff] ^
-		    Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
-		    Td2[Te1[(rk[2] >> 8) & 0xff] & 0xff] ^
-		    Td3[Te1[(rk[2]) & 0xff] & 0xff];
-		rk[3] =
-		    Td0[Te1[(rk[3] >> 24)] & 0xff] ^
-		    Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
-		    Td2[Te1[(rk[3] >> 8) & 0xff] & 0xff] ^
-		    Td3[Te1[(rk[3]) & 0xff] & 0xff];
-	}
-	return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void
-AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
-{
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-	int r;
-#endif /* ?FULL_UNROLL */
-
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-	s0 = GETU32(in     ) ^ rk[0];
-	s1 = GETU32(in +  4) ^ rk[1];
-	s2 = GETU32(in +  8) ^ rk[2];
-	s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-	/* round 1: */
-	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
-	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
-	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
-	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
-	/* round 2: */
-	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
-	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
-	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
-	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
-	/* round 3: */
-	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
-	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
-	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
-	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
-	/* round 4: */
-	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
-	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
-	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
-	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
-	/* round 5: */
-	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
-	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
-	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
-	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
-	/* round 6: */
-	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
-	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
-	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
-	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
-	/* round 7: */
-	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
-	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
-	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
-	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
-	/* round 8: */
-	s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
-	s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
-	s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
-	s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
-	/* round 9: */
-	t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
-	t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
-	t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
-	t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
-	if (key->rounds > 10) {
-		/* round 10: */
-		s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
-		s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
-		s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
-		s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
-		/* round 11: */
-		t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
-		t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
-		t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
-		t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
-		if (key->rounds > 12) {
-			/* round 12: */
-			s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
-			s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
-			s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
-			s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
-			/* round 13: */
-			t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
-			t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
-			t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
-			t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
-		}
-	}
-	rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-	r = key->rounds >> 1;
-	for (;;) {
-		t0 =
-		    Te0[(s0 >> 24)] ^
-		    Te1[(s1 >> 16) & 0xff] ^
-		    Te2[(s2 >> 8) & 0xff] ^
-		    Te3[(s3) & 0xff] ^
-		    rk[4];
-		t1 =
-		    Te0[(s1 >> 24)] ^
-		    Te1[(s2 >> 16) & 0xff] ^
-		    Te2[(s3 >> 8) & 0xff] ^
-		    Te3[(s0) & 0xff] ^
-		    rk[5];
-		t2 =
-		    Te0[(s2 >> 24)] ^
-		    Te1[(s3 >> 16) & 0xff] ^
-		    Te2[(s0 >> 8) & 0xff] ^
-		    Te3[(s1) & 0xff] ^
-		    rk[6];
-		t3 =
-		    Te0[(s3 >> 24)] ^
-		    Te1[(s0 >> 16) & 0xff] ^
-		    Te2[(s1 >> 8) & 0xff] ^
-		    Te3[(s2) & 0xff] ^
-		    rk[7];
-
-		rk += 8;
-		if (--r == 0) {
-			break;
-		}
-
-		s0 =
-		    Te0[(t0 >> 24)] ^
-		    Te1[(t1 >> 16) & 0xff] ^
-		    Te2[(t2 >> 8) & 0xff] ^
-		    Te3[(t3) & 0xff] ^
-		    rk[0];
-		s1 =
-		    Te0[(t1 >> 24)] ^
-		    Te1[(t2 >> 16) & 0xff] ^
-		    Te2[(t3 >> 8) & 0xff] ^
-		    Te3[(t0) & 0xff] ^
-		    rk[1];
-		s2 =
-		    Te0[(t2 >> 24)] ^
-		    Te1[(t3 >> 16) & 0xff] ^
-		    Te2[(t0 >> 8) & 0xff] ^
-		    Te3[(t1) & 0xff] ^
-		    rk[2];
-		s3 =
-		    Te0[(t3 >> 24)] ^
-		    Te1[(t0 >> 16) & 0xff] ^
-		    Te2[(t1 >> 8) & 0xff] ^
-		    Te3[(t2) & 0xff] ^
-		    rk[3];
-	}
-#endif /* ?FULL_UNROLL */
-	/*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-	s0 =
-	    (Te2[(t0 >> 24)] & 0xff000000) ^
-	    (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
-	    (Te0[(t2 >> 8) & 0xff] & 0x0000ff00) ^
-	    (Te1[(t3) & 0xff] & 0x000000ff) ^
-	    rk[0];
-	PUTU32(out, s0);
-	s1 =
-	    (Te2[(t1 >> 24)] & 0xff000000) ^
-	    (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
-	    (Te0[(t3 >> 8) & 0xff] & 0x0000ff00) ^
-	    (Te1[(t0) & 0xff] & 0x000000ff) ^
-	    rk[1];
-	PUTU32(out +  4, s1);
-	s2 =
-	    (Te2[(t2 >> 24)] & 0xff000000) ^
-	    (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
-	    (Te0[(t0 >> 8) & 0xff] & 0x0000ff00) ^
-	    (Te1[(t1) & 0xff] & 0x000000ff) ^
-	    rk[2];
-	PUTU32(out +  8, s2);
-	s3 =
-	    (Te2[(t3 >> 24)] & 0xff000000) ^
-	    (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
-	    (Te0[(t1 >> 8) & 0xff] & 0x0000ff00) ^
-	    (Te1[(t2) & 0xff] & 0x000000ff) ^
-	    rk[3];
-	PUTU32(out + 12, s3);
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void
-AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
-{
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t0, t1, t2, t3;
-#ifndef FULL_UNROLL
-	int r;
-#endif /* ?FULL_UNROLL */
-
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-	s0 = GETU32(in) ^ rk[0];
-	s1 = GETU32(in + 4) ^ rk[1];
-	s2 = GETU32(in + 8) ^ rk[2];
-	s3 = GETU32(in + 12) ^ rk[3];
-#ifdef FULL_UNROLL
-	/* round 1: */
-	t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
-	t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
-	t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
-	t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
-	/* round 2: */
-	s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
-	s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
-	s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
-	s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
-	/* round 3: */
-	t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
-	t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
-	t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
-	t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
-	/* round 4: */
-	s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
-	s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
-	s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
-	s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
-	/* round 5: */
-	t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
-	t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
-	t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
-	t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
-	/* round 6: */
-	s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
-	s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
-	s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
-	s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
-	/* round 7: */
-	t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
-	t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
-	t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
-	t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
-	/* round 8: */
-	s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
-	s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
-	s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
-	s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
-	/* round 9: */
-	t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
-	t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
-	t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
-	t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
-	if (key->rounds > 10) {
-		/* round 10: */
-		s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
-		s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
-		s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
-		s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
-		/* round 11: */
-		t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
-		t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
-		t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
-		t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
-		if (key->rounds > 12) {
-			/* round 12: */
-			s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
-			s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
-			s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
-			s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
-			/* round 13: */
-			t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
-			t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
-			t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
-			t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
-		}
-	}
-	rk += key->rounds << 2;
-#else  /* !FULL_UNROLL */
-    /*
-     * Nr - 1 full rounds:
-     */
-	r = key->rounds >> 1;
-	for (;;) {
-		t0 =
-		    Td0[(s0 >> 24)] ^
-		    Td1[(s3 >> 16) & 0xff] ^
-		    Td2[(s2 >> 8) & 0xff] ^
-		    Td3[(s1) & 0xff] ^
-		    rk[4];
-		t1 =
-		    Td0[(s1 >> 24)] ^
-		    Td1[(s0 >> 16) & 0xff] ^
-		    Td2[(s3 >> 8) & 0xff] ^
-		    Td3[(s2) & 0xff] ^
-		    rk[5];
-		t2 =
-		    Td0[(s2 >> 24)] ^
-		    Td1[(s1 >> 16) & 0xff] ^
-		    Td2[(s0 >> 8) & 0xff] ^
-		    Td3[(s3) & 0xff] ^
-		    rk[6];
-		t3 =
-		    Td0[(s3 >> 24)] ^
-		    Td1[(s2 >> 16) & 0xff] ^
-		    Td2[(s1 >> 8) & 0xff] ^
-		    Td3[(s0) & 0xff] ^
-		    rk[7];
-
-		rk += 8;
-		if (--r == 0) {
-			break;
-		}
-
-		s0 =
-		    Td0[(t0 >> 24)] ^
-		    Td1[(t3 >> 16) & 0xff] ^
-		    Td2[(t2 >> 8) & 0xff] ^
-		    Td3[(t1) & 0xff] ^
-		    rk[0];
-		s1 =
-		    Td0[(t1 >> 24)] ^
-		    Td1[(t0 >> 16) & 0xff] ^
-		    Td2[(t3 >> 8) & 0xff] ^
-		    Td3[(t2) & 0xff] ^
-		    rk[1];
-		s2 =
-		    Td0[(t2 >> 24)] ^
-		    Td1[(t1 >> 16) & 0xff] ^
-		    Td2[(t0 >> 8) & 0xff] ^
-		    Td3[(t3) & 0xff] ^
-		    rk[2];
-		s3 =
-		    Td0[(t3 >> 24)] ^
-		    Td1[(t2 >> 16) & 0xff] ^
-		    Td2[(t1 >> 8) & 0xff] ^
-		    Td3[(t0) & 0xff] ^
-		    rk[3];
-	}
-#endif /* ?FULL_UNROLL */
-    /*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-	s0 =
-	    (((uint32_t)Td4[(t0 >> 24)]) << 24) ^
-	    (Td4[(t3 >> 16) & 0xff] << 16) ^
-	    (Td4[(t2 >> 8) & 0xff] <<  8) ^
-	    (Td4[(t1) & 0xff]) ^
-	    rk[0];
-	PUTU32(out, s0);
-	s1 =
-	    (((uint32_t)Td4[(t1 >> 24)]) << 24) ^
-	    (Td4[(t0 >> 16) & 0xff] << 16) ^
-	    (Td4[(t3 >> 8) & 0xff] <<  8) ^
-	    (Td4[(t2) & 0xff]) ^
-	    rk[1];
-	PUTU32(out + 4, s1);
-	s2 =
-	    (((uint32_t)Td4[(t2 >> 24)]) << 24) ^
-	    (Td4[(t1 >> 16) & 0xff] << 16) ^
-	    (Td4[(t0 >> 8) & 0xff] <<  8) ^
-	    (Td4[(t3) & 0xff]) ^
-	    rk[2];
-	PUTU32(out + 8, s2);
-	s3 =
-	    (((uint32_t)Td4[(t3 >> 24)]) << 24) ^
-	    (Td4[(t2 >> 16) & 0xff] << 16) ^
-	    (Td4[(t1 >> 8) & 0xff] <<  8) ^
-	    (Td4[(t0) & 0xff]) ^
-	    rk[3];
-	PUTU32(out + 12, s3);
-}
-
-#else /* AES_ASM */
-
-static const u8 Te4[256] = {
-	0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
-	0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
-	0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
-	0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
-	0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
-	0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
-	0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
-	0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
-	0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
-	0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
-	0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
-	0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
-	0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
-	0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
-	0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
-	0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
-	0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
-	0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
-	0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
-	0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
-	0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
-	0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
-	0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
-	0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
-	0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
-	0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
-	0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
-	0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
-	0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
-	0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
-	0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
-	0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-static const u32 rcon[] = {
-	0x01000000, 0x02000000, 0x04000000, 0x08000000,
-	0x10000000, 0x20000000, 0x40000000, 0x80000000,
-	0x1B000000, 0x36000000,
-	/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int
-AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
-{
-	u32 *rk;
-	int i = 0;
-	u32 temp;
-
-	if (!userKey || !key)
-		return -1;
-	if (bits != 128 && bits != 192 && bits != 256)
-		return -2;
-
-	rk = key->rd_key;
-
-	if (bits == 128)
-		key->rounds = 10;
-	else if (bits == 192)
-		key->rounds = 12;
-	else
-		key->rounds = 14;
-
-	rk[0] = GETU32(userKey);
-	rk[1] = GETU32(userKey +  4);
-	rk[2] = GETU32(userKey +  8);
-	rk[3] = GETU32(userKey + 12);
-	if (bits == 128) {
-		while (1) {
-			temp = rk[3];
-			rk[4] = rk[0] ^
-			    (Te4[(temp >> 16) & 0xff] << 24) ^
-			    (Te4[(temp >> 8) & 0xff] << 16) ^
-			    (Te4[(temp) & 0xff] << 8) ^
-			    (Te4[(temp >> 24)]) ^
-			    rcon[i];
-			rk[5] = rk[1] ^ rk[4];
-			rk[6] = rk[2] ^ rk[5];
-			rk[7] = rk[3] ^ rk[6];
-			if (++i == 10) {
-				return 0;
-			}
-			rk += 4;
-		}
-	}
-	rk[4] = GETU32(userKey + 16);
-	rk[5] = GETU32(userKey + 20);
-	if (bits == 192) {
-		while (1) {
-			temp = rk[5];
-			rk[6] = rk[0] ^
-			    (Te4[(temp >> 16) & 0xff] << 24) ^
-			    (Te4[(temp >> 8) & 0xff] << 16) ^
-			    (Te4[(temp) & 0xff] << 8) ^
-			    (Te4[(temp >> 24)]) ^
-			    rcon[i];
-			rk[7] = rk[1] ^ rk[6];
-			rk[8] = rk[2] ^ rk[7];
-			rk[9] = rk[3] ^ rk[8];
-			if (++i == 8) {
-				return 0;
-			}
-			rk[10] = rk[4] ^ rk[9];
-			rk[11] = rk[5] ^ rk[10];
-			rk += 6;
-		}
-	}
-	rk[6] = GETU32(userKey + 24);
-	rk[7] = GETU32(userKey + 28);
-	if (bits == 256) {
-		while (1) {
-			temp = rk[7];
-			rk[8] = rk[0] ^
-			    (Te4[(temp >> 16) & 0xff] << 24) ^
-			    (Te4[(temp >> 8) & 0xff] << 16) ^
-			    (Te4[(temp) & 0xff] << 8) ^
-			    (Te4[(temp >> 24)]) ^
-			    rcon[i];
-			rk[9] = rk[1] ^ rk[8];
-			rk[10] = rk[2] ^ rk[9];
-			rk[11] = rk[3] ^ rk[10];
-			if (++i == 7) {
-				return 0;
-			}
-			temp = rk[11];
-			rk[12] = rk[4] ^
-			    (Te4[(temp >> 24)] << 24) ^
-			    (Te4[(temp >> 16) & 0xff] << 16) ^
-			    (Te4[(temp >> 8) & 0xff] << 8) ^
-			    (Te4[(temp) & 0xff]);
-			rk[13] = rk[5] ^ rk[12];
-			rk[14] = rk[6] ^ rk[13];
-			rk[15] = rk[7] ^ rk[14];
-
-			rk += 8;
-		}
-	}
-	return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int
-AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-    AES_KEY *key)
-{
-	u32 *rk;
-	int i, j, status;
-	u32 temp;
-
-	/* first, start with an encryption schedule */
-	status = AES_set_encrypt_key(userKey, bits, key);
-	if (status < 0)
-		return status;
-
-	rk = key->rd_key;
-
-	/* invert the order of the round keys: */
-	for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-		temp = rk[i];
-		rk[i] = rk[j];
-		rk[j] = temp;
-		temp = rk[i + 1];
-		rk[i + 1] = rk[j + 1];
-		rk[j + 1] = temp;
-		temp = rk[i + 2];
-		rk[i + 2] = rk[j + 2];
-		rk[j + 2] = temp;
-		temp = rk[i + 3];
-		rk[i + 3] = rk[j + 3];
-		rk[j + 3] = temp;
-	}
-	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
-	for (i = 1; i < (key->rounds); i++) {
-		rk += 4;
-		for (j = 0; j < 4; j++) {
-			u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-			tp1 = rk[j];
-			m = tp1 & 0x80808080;
-			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp2 & 0x80808080;
-			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp4 & 0x80808080;
-			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			tp9 = tp8 ^ tp1;
-			tpb = tp9 ^ tp2;
-			tpd = tp9 ^ tp4;
-			tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-			rk[j] = tpe ^ ROTATE(tpd, 16) ^
-			    ROTATE(tp9, 24) ^ ROTATE(tpb, 8);
-#else
-			rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
-			    (tp9 >> 8) ^ (tp9 << 24) ^
-			    (tpb >> 24) ^ (tpb << 8);
-#endif
-		}
-	}
-	return 0;
-}
-
-#endif /* AES_ASM */
diff --git a/lib/libssl/src/crypto/aes/aes_ctr.c b/lib/libssl/src/crypto/aes/aes_ctr.c
deleted file mode 100644
index 607914599bd..00000000000
--- a/lib/libssl/src/crypto/aes/aes_ctr.c
+++ /dev/null
@@ -1,62 +0,0 @@
-/* $OpenBSD: aes_ctr.c,v 1.9 2014/06/12 15:49:27 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void
-AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char ivec[AES_BLOCK_SIZE],
-    unsigned char ecount_buf[AES_BLOCK_SIZE], unsigned int *num)
-{
-	CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
-	    (block128_f)AES_encrypt);
-}
diff --git a/lib/libssl/src/crypto/aes/aes_ecb.c b/lib/libssl/src/crypto/aes/aes_ecb.c
deleted file mode 100644
index b05e53994b2..00000000000
--- a/lib/libssl/src/crypto/aes/aes_ecb.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* $OpenBSD: aes_ecb.c,v 1.6 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-void
-AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key, const int enc)
-{
-	if (AES_ENCRYPT == enc)
-		AES_encrypt(in, out, key);
-	else
-		AES_decrypt(in, out, key);
-}
diff --git a/lib/libssl/src/crypto/aes/aes_ige.c b/lib/libssl/src/crypto/aes/aes_ige.c
deleted file mode 100644
index 16ef5612eb7..00000000000
--- a/lib/libssl/src/crypto/aes/aes_ige.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/* $OpenBSD: aes_ige.c,v 1.7 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/crypto.h>
-
-#include "aes_locl.h"
-
-#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
-typedef struct {
-	unsigned long data[N_WORDS];
-} aes_block_t;
-
-/* XXX: probably some better way to do this */
-#if defined(__i386__) || defined(__x86_64__)
-#define UNALIGNED_MEMOPS_ARE_FAST 1
-#else
-#define UNALIGNED_MEMOPS_ARE_FAST 0
-#endif
-
-#if UNALIGNED_MEMOPS_ARE_FAST
-#define load_block(d, s)        (d) = *(const aes_block_t *)(s)
-#define store_block(d, s)       *(aes_block_t *)(d) = (s)
-#else
-#define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
-#define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
-#endif
-
-/* N.B. The IV for this mode is _twice_ the block size */
-
-void
-AES_ige_encrypt(const unsigned char *in, unsigned char *out, size_t length,
-    const AES_KEY *key, unsigned char *ivec, const int enc)
-{
-	size_t n;
-	size_t len;
-
-	OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
-
-	len = length / AES_BLOCK_SIZE;
-
-	if (AES_ENCRYPT == enc) {
-		if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
-		    ((size_t)in|(size_t)out|(size_t)ivec) %
-		    sizeof(long) == 0)) {
-			aes_block_t *ivp = (aes_block_t *)ivec;
-			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
-
-			while (len) {
-				aes_block_t *inp = (aes_block_t *)in;
-				aes_block_t *outp = (aes_block_t *)out;
-
-				for (n = 0; n < N_WORDS; ++n)
-					outp->data[n] = inp->data[n] ^ ivp->data[n];
-				AES_encrypt((unsigned char *)outp->data, (unsigned char *)outp->data, key);
-				for (n = 0; n < N_WORDS; ++n)
-					outp->data[n] ^= iv2p->data[n];
-				ivp = outp;
-				iv2p = inp;
-				--len;
-				in += AES_BLOCK_SIZE;
-				out += AES_BLOCK_SIZE;
-			}
-			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
-			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
-		} else {
-			aes_block_t tmp, tmp2;
-			aes_block_t iv;
-			aes_block_t iv2;
-
-			load_block(iv, ivec);
-			load_block(iv2, ivec + AES_BLOCK_SIZE);
-
-			while (len) {
-				load_block(tmp, in);
-				for (n = 0; n < N_WORDS; ++n)
-					tmp2.data[n] = tmp.data[n] ^ iv.data[n];
-				AES_encrypt((unsigned char *)tmp2.data,
-				    (unsigned char *)tmp2.data, key);
-				for (n = 0; n < N_WORDS; ++n)
-					tmp2.data[n] ^= iv2.data[n];
-				store_block(out, tmp2);
-				iv = tmp2;
-				iv2 = tmp;
-				--len;
-				in += AES_BLOCK_SIZE;
-				out += AES_BLOCK_SIZE;
-			}
-			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
-			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
-		}
-	} else {
-		if (in != out && (UNALIGNED_MEMOPS_ARE_FAST ||
-		    ((size_t)in|(size_t)out|(size_t)ivec) %
-		    sizeof(long) == 0)) {
-			aes_block_t *ivp = (aes_block_t *)ivec;
-			aes_block_t *iv2p = (aes_block_t *)(ivec + AES_BLOCK_SIZE);
-
-			while (len) {
-				aes_block_t tmp;
-				aes_block_t *inp = (aes_block_t *)in;
-				aes_block_t *outp = (aes_block_t *)out;
-
-				for (n = 0; n < N_WORDS; ++n)
-					tmp.data[n] = inp->data[n] ^ iv2p->data[n];
-				AES_decrypt((unsigned char *)tmp.data,
-				    (unsigned char *)outp->data, key);
-				for (n = 0; n < N_WORDS; ++n)
-					outp->data[n] ^= ivp->data[n];
-				ivp = inp;
-				iv2p = outp;
-				--len;
-				in += AES_BLOCK_SIZE;
-				out += AES_BLOCK_SIZE;
-			}
-			memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
-			memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
-		} else {
-			aes_block_t tmp, tmp2;
-			aes_block_t iv;
-			aes_block_t iv2;
-
-			load_block(iv, ivec);
-			load_block(iv2, ivec + AES_BLOCK_SIZE);
-
-			while (len) {
-				load_block(tmp, in);
-				tmp2 = tmp;
-				for (n = 0; n < N_WORDS; ++n)
-					tmp.data[n] ^= iv2.data[n];
-				AES_decrypt((unsigned char *)tmp.data,
-				    (unsigned char *)tmp.data, key);
-				for (n = 0; n < N_WORDS; ++n)
-					tmp.data[n] ^= iv.data[n];
-				store_block(out, tmp);
-				iv = tmp2;
-				iv2 = tmp;
-				--len;
-				in += AES_BLOCK_SIZE;
-				out += AES_BLOCK_SIZE;
-			}
-			memcpy(ivec, iv.data, AES_BLOCK_SIZE);
-			memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
-		}
-	}
-}
diff --git a/lib/libssl/src/crypto/aes/aes_locl.h b/lib/libssl/src/crypto/aes/aes_locl.h
deleted file mode 100644
index 83b20b5f5bb..00000000000
--- a/lib/libssl/src/crypto/aes/aes_locl.h
+++ /dev/null
@@ -1,79 +0,0 @@
-/* $OpenBSD: aes_locl.h,v 1.10 2014/06/12 15:49:27 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_AES_LOCL_H
-#define HEADER_AES_LOCL_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_AES
-#error AES is disabled.
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
-#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
-
-typedef unsigned int u32;
-typedef unsigned short u16;
-typedef unsigned char u8;
-
-#define MAXKC   (256/32)
-#define MAXKB   (256/8)
-#define MAXNR   14
-
-/* This controls loop-unrolling in aes_core.c */
-#undef FULL_UNROLL
-
-#endif /* !HEADER_AES_LOCL_H */
diff --git a/lib/libssl/src/crypto/aes/aes_misc.c b/lib/libssl/src/crypto/aes/aes_misc.c
deleted file mode 100644
index 6c1506dd799..00000000000
--- a/lib/libssl/src/crypto/aes/aes_misc.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* $OpenBSD: aes_misc.c,v 1.10 2014/07/09 11:10:50 bcook Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-const char *
-AES_options(void)
-{
-#ifdef FULL_UNROLL
-	return "aes(full)";
-#else   
-	return "aes(partial)";
-#endif
-}
diff --git a/lib/libssl/src/crypto/aes/aes_ofb.c b/lib/libssl/src/crypto/aes/aes_ofb.c
deleted file mode 100644
index f8dc03a26e8..00000000000
--- a/lib/libssl/src/crypto/aes/aes_ofb.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* $OpenBSD: aes_ofb.c,v 1.6 2014/06/12 15:49:27 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/aes.h>
-#include <openssl/modes.h>
-
-void
-AES_ofb128_encrypt(const unsigned char *in, unsigned char *out, size_t length,
-    const AES_KEY *key, unsigned char *ivec, int *num)
-{
-	CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
-	    (block128_f)AES_encrypt);
-}
diff --git a/lib/libssl/src/crypto/aes/aes_wrap.c b/lib/libssl/src/crypto/aes/aes_wrap.c
deleted file mode 100644
index ac2f83a9938..00000000000
--- a/lib/libssl/src/crypto/aes/aes_wrap.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* $OpenBSD: aes_wrap.c,v 1.10 2015/09/10 15:56:24 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/aes.h>
-#include <openssl/bio.h>
-
-static const unsigned char default_iv[] = {
-	0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
-};
-
-int
-AES_wrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
-    const unsigned char *in, unsigned int inlen)
-{
-	unsigned char *A, B[16], *R;
-	unsigned int i, j, t;
-	if ((inlen & 0x7) || (inlen < 8))
-		return -1;
-	A = B;
-	t = 1;
-	memcpy(out + 8, in, inlen);
-	if (!iv)
-		iv = default_iv;
-
-	memcpy(A, iv, 8);
-
-	for (j = 0; j < 6; j++) {
-		R = out + 8;
-		for (i = 0; i < inlen; i += 8, t++, R += 8) {
-			memcpy(B + 8, R, 8);
-			AES_encrypt(B, B, key);
-			A[7] ^= (unsigned char)(t & 0xff);
-			if (t > 0xff) {
-				A[6] ^= (unsigned char)((t >> 8) & 0xff);
-				A[5] ^= (unsigned char)((t >> 16) & 0xff);
-				A[4] ^= (unsigned char)((t >> 24) & 0xff);
-			}
-			memcpy(R, B + 8, 8);
-		}
-	}
-	memcpy(out, A, 8);
-	return inlen + 8;
-}
-
-int
-AES_unwrap_key(AES_KEY *key, const unsigned char *iv, unsigned char *out,
-    const unsigned char *in, unsigned int inlen)
-{
-	unsigned char *A, B[16], *R;
-	unsigned int i, j, t;
-	inlen -= 8;
-	if (inlen & 0x7)
-		return -1;
-	if (inlen < 8)
-		return -1;
-	A = B;
-	t = 6 * (inlen >> 3);
-	memcpy(A, in, 8);
-	memcpy(out, in + 8, inlen);
-	for (j = 0; j < 6; j++) {
-		R = out + inlen - 8;
-		for (i = 0; i < inlen; i += 8, t--, R -= 8) {
-			A[7] ^= (unsigned char)(t & 0xff);
-			if (t > 0xff) {
-				A[6] ^= (unsigned char)((t >> 8) & 0xff);
-				A[5] ^= (unsigned char)((t >> 16) & 0xff);
-				A[4] ^= (unsigned char)((t >> 24) & 0xff);
-			}
-			memcpy(B + 8, R, 8);
-			AES_decrypt(B, B, key);
-			memcpy(R, B + 8, 8);
-		}
-	}
-	if (!iv)
-		iv = default_iv;
-	if (memcmp(A, iv, 8)) {
-		explicit_bzero(out, inlen);
-		return 0;
-	}
-	return inlen;
-}
diff --git a/lib/libssl/src/crypto/aes/aes_x86core.c b/lib/libssl/src/crypto/aes/aes_x86core.c
deleted file mode 100644
index c604fa876f4..00000000000
--- a/lib/libssl/src/crypto/aes/aes_x86core.c
+++ /dev/null
@@ -1,1080 +0,0 @@
-/* $OpenBSD: aes_x86core.c,v 1.8 2015/02/10 09:46:30 miod Exp $ */
-/**
- * rijndael-alg-fst.c
- *
- * @version 3.0 (December 2000)
- *
- * Optimised ANSI C code for the Rijndael cipher (now AES)
- *
- * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
- * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
- * @author Paulo Barreto <paulo.barreto@terra.com.br>
- *
- * This code is hereby placed in the public domain.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This is experimental x86[_64] derivative. It assumes little-endian
- * byte order and expects CPU to sustain unaligned memory references.
- * It is used as playground for cache-time attack mitigations and
- * serves as reference C implementation for x86[_64] assembler.
- *
- *					<appro@fy.chalmers.se>
- */
-
-
-#ifndef AES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <stdlib.h>
-#include <openssl/aes.h>
-#include "aes_locl.h"
-
-/*
- * These two parameters control which table, 256-byte or 2KB, is
- * referenced in outer and respectively inner rounds.
- */
-#define AES_COMPACT_IN_OUTER_ROUNDS
-#ifdef  AES_COMPACT_IN_OUTER_ROUNDS
-/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
- * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
- * by factor of ~2. */
-# undef  AES_COMPACT_IN_INNER_ROUNDS
-#endif
-
-#if 1
-static void
-prefetch256(const void *table)
-{
-	volatile unsigned long *t = (void *)table, ret;
-	unsigned long sum;
-	int i;
-
-	/* 32 is common least cache-line size */
-	for (sum = 0, i = 0; i < 256/sizeof(t[0]); i += 32 / sizeof(t[0]))
-		sum ^= t[i];
-
-	ret = sum;
-}
-#else
-# define prefetch256(t)
-#endif
-
-#undef GETU32
-#define GETU32(p) (*((u32*)(p)))
-
-#if defined(_LP64)
-typedef unsigned long u64;
-#define U64(C)	C##UL
-#else
-typedef unsigned long long u64;
-#define U64(C)	C##ULL
-#endif
-
-#undef ROTATE
-#if defined(__GNUC__) && __GNUC__>=2
-# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#   define ROTATE(a,n)	({ unsigned int ret;	\
-				asm (			\
-				"roll %1,%0"		\
-				: "=r"(ret)		\
-				: "I"(n), "0"(a)	\
-				: "cc");		\
-			   ret;				\
-			})
-# endif
-#endif
-/*
-Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
-Te0[x] = S [x].[02, 01, 01, 03];
-Te1[x] = S [x].[03, 02, 01, 01];
-Te2[x] = S [x].[01, 03, 02, 01];
-Te3[x] = S [x].[01, 01, 03, 02];
-*/
-#define Te0 (u32)((u64*)((u8*)Te+0))
-#define Te1 (u32)((u64*)((u8*)Te+3))
-#define Te2 (u32)((u64*)((u8*)Te+2))
-#define Te3 (u32)((u64*)((u8*)Te+1))
-/*
-Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
-Td0[x] = Si[x].[0e, 09, 0d, 0b];
-Td1[x] = Si[x].[0b, 0e, 09, 0d];
-Td2[x] = Si[x].[0d, 0b, 0e, 09];
-Td3[x] = Si[x].[09, 0d, 0b, 0e];
-Td4[x] = Si[x].[01];
-*/
-#define Td0 (u32)((u64*)((u8*)Td+0))
-#define Td1 (u32)((u64*)((u8*)Td+3))
-#define Td2 (u32)((u64*)((u8*)Td+2))
-#define Td3 (u32)((u64*)((u8*)Td+1))
-
-static const u64 Te[256] = {
-	U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
-	U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
-	U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
-	U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
-	U64(0x5030306050303060), U64(0x0301010203010102),
-	U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
-	U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
-	U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
-	U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
-	U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
-	U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
-	U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
-	U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
-	U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
-	U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
-	U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
-	U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
-	U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
-	U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
-	U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
-	U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
-	U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
-	U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
-	U64(0x5331316253313162), U64(0x3f15152a3f15152a),
-	U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
-	U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
-	U64(0x2818183028181830), U64(0xa1969637a1969637),
-	U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
-	U64(0x0907070e0907070e), U64(0x3612122436121224),
-	U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
-	U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
-	U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
-	U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
-	U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
-	U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
-	U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
-	U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
-	U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
-	U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
-	U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
-	U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
-	U64(0x0000000000000000), U64(0x2cededc12cededc1),
-	U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
-	U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
-	U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
-	U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
-	U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
-	U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
-	U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
-	U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
-	U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
-	U64(0x5533336655333366), U64(0x9485851194858511),
-	U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
-	U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
-	U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
-	U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
-	U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
-	U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
-	U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
-	U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
-	U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
-	U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
-	U64(0x3010102030101020), U64(0x1affffe51affffe5),
-	U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
-	U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
-	U64(0x3513132635131326), U64(0x2fececc32fececc3),
-	U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
-	U64(0xcc444488cc444488), U64(0x3917172e3917172e),
-	U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
-	U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
-	U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
-	U64(0x2b1919322b191932), U64(0x957373e6957373e6),
-	U64(0xa06060c0a06060c0), U64(0x9881811998818119),
-	U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
-	U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
-	U64(0xab90903bab90903b), U64(0x8388880b8388880b),
-	U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
-	U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
-	U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
-	U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
-	U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
-	U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
-	U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
-	U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
-	U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
-	U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
-	U64(0xa8919139a8919139), U64(0xa4959531a4959531),
-	U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
-	U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
-	U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
-	U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
-	U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
-	U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
-	U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
-	U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
-	U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
-	U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
-	U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
-	U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
-	U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
-	U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
-	U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
-	U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
-	U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
-	U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
-	U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
-	U64(0xd8484890d8484890), U64(0x0503030605030306),
-	U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
-	U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
-	U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
-	U64(0x9186861791868617), U64(0x58c1c19958c1c199),
-	U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
-	U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
-	U64(0xb398982bb398982b), U64(0x3311112233111122),
-	U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
-	U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
-	U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
-	U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
-	U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
-	U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
-	U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
-	U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
-	U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
-	U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
-	U64(0xc3414182c3414182), U64(0xb0999929b0999929),
-	U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
-	U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
-	U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
-};
-
-static const u8 Te4[256] = {
-	0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
-	0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
-	0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
-	0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
-	0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
-	0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
-	0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
-	0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
-	0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
-	0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
-	0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
-	0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
-	0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
-	0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
-	0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
-	0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
-	0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
-	0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
-	0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
-	0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
-	0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
-	0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
-	0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
-	0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
-	0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
-	0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
-	0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
-	0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
-	0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
-	0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
-	0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
-	0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
-};
-
-static const u64 Td[256] = {
-	U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
-	U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
-	U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
-	U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
-	U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
-	U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
-	U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
-	U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
-	U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
-	U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
-	U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
-	U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
-	U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
-	U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
-	U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
-	U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
-	U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
-	U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
-	U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
-	U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
-	U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
-	U64(0x6033519760335197), U64(0x457f5362457f5362),
-	U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
-	U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
-	U64(0x5868487058684870), U64(0x19fd458f19fd458f),
-	U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
-	U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
-	U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
-	U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
-	U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
-	U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
-	U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
-	U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
-	U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
-	U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
-	U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
-	U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
-	U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
-	U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
-	U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
-	U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
-	U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
-	U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
-	U64(0x6fd406046fd40604), U64(0xff155060ff155060),
-	U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
-	U64(0xcc434089cc434089), U64(0x779ed967779ed967),
-	U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
-	U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
-	U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
-	U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
-	U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
-	U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
-	U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
-	U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
-	U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
-	U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
-	U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
-	U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
-	U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
-	U64(0x694b775a694b775a), U64(0x161a121c161a121c),
-	U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
-	U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
-	U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
-	U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
-	U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
-	U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
-	U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
-	U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
-	U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
-	U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
-	U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
-	U64(0x4022971340229713), U64(0x2011c6842011c684),
-	U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
-	U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
-	U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
-	U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
-	U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
-	U64(0xfa489411fa489411), U64(0x2264e9472264e947),
-	U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
-	U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
-	U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
-	U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
-	U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
-	U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
-	U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
-	U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
-	U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
-	U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
-	U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
-	U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
-	U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
-	U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
-	U64(0x097826cd097826cd), U64(0xf418596ef418596e),
-	U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
-	U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
-	U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
-	U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
-	U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
-	U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
-	U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
-	U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
-	U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
-	U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
-	U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
-	U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
-	U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
-	U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
-	U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
-	U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
-	U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
-	U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
-	U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
-	U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
-	U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
-	U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
-	U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
-	U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
-	U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
-	U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
-	U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
-	U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
-	U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
-	U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
-	U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
-	U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
-	U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
-	U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
-	U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
-};
-static const u8 Td4[256] = {
-	0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-	0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-	0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-	0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-	0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-	0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-	0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-	0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-	0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-	0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-	0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-	0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-	0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-	0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-	0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-	0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-	0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-	0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-	0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-	0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-	0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-	0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-	0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-	0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-	0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-	0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-	0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-	0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-	0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-	0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-	0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-	0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
-};
-
-static const u32 rcon[] = {
-	0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
-	0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
-	0x0000001bU, 0x00000036U,
-	/* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-/**
- * Expand the cipher key into the encryption key schedule.
- */
-int
-AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key) {
-	u32 *rk;
-	int i = 0;
-	u32 temp;
-
-	if (!userKey || !key)
-		return -1;
-	if (bits != 128 && bits != 192 && bits != 256)
-		return -2;
-
-	rk = key->rd_key;
-
-	if (bits == 128)
-		key->rounds = 10;
-	else if (bits == 192)
-		key->rounds = 12;
-	else
-		key->rounds = 14;
-
-	rk[0] = GETU32(userKey);
-	rk[1] = GETU32(userKey +  4);
-	rk[2] = GETU32(userKey +  8);
-	rk[3] = GETU32(userKey + 12);
-	if (bits == 128) {
-		while (1) {
-			temp = rk[3];
-			rk[4] = rk[0] ^
-			    (Te4[(temp >> 8) & 0xff]) ^
-			    (Te4[(temp >> 16) & 0xff] <<  8) ^
-			    (Te4[(temp >> 24)] << 16) ^
-			    (Te4[(temp) & 0xff] << 24) ^
-			    rcon[i];
-			rk[5] = rk[1] ^ rk[4];
-			rk[6] = rk[2] ^ rk[5];
-			rk[7] = rk[3] ^ rk[6];
-			if (++i == 10) {
-				return 0;
-			}
-			rk += 4;
-		}
-	}
-	rk[4] = GETU32(userKey + 16);
-	rk[5] = GETU32(userKey + 20);
-	if (bits == 192) {
-		while (1) {
-			temp = rk[5];
-			rk[6] = rk[ 0] ^
-			    (Te4[(temp >> 8) & 0xff]) ^
-			    (Te4[(temp >> 16) & 0xff] << 8) ^
-			    (Te4[(temp >> 24)] << 16) ^
-			    (Te4[(temp) & 0xff] << 24) ^
-			rcon[i];
-			rk[7] = rk[1] ^ rk[6];
-			rk[8] = rk[2] ^ rk[7];
-			rk[9] = rk[3] ^ rk[8];
-			if (++i == 8) {
-				return 0;
-			}
-			rk[10] = rk[4] ^ rk[9];
-			rk[11] = rk[5] ^ rk[10];
-			rk += 6;
-		}
-	}
-	rk[6] = GETU32(userKey + 24);
-	rk[7] = GETU32(userKey + 28);
-	if (bits == 256) {
-		while (1) {
-			temp = rk[7];
-			rk[8] = rk[0] ^
-			    (Te4[(temp >> 8) & 0xff]) ^
-			    (Te4[(temp >> 16) & 0xff] << 8) ^
-			    (Te4[(temp >> 24)] << 16) ^
-			    (Te4[(temp) & 0xff] << 24) ^
-			    rcon[i];
-			rk[9] = rk[1] ^ rk[8];
-			rk[10] = rk[2] ^ rk[9];
-			rk[11] = rk[3] ^ rk[10];
-			if (++i == 7) {
-				return 0;
-			}
-			temp = rk[11];
-			rk[12] = rk[4] ^
-			    (Te4[(temp) & 0xff]) ^
-			    (Te4[(temp >> 8) & 0xff] << 8) ^
-			    (Te4[(temp >> 16) & 0xff] << 16) ^
-			    (Te4[(temp >> 24)] << 24);
-			rk[13] = rk[5] ^ rk[12];
-			rk[14] = rk[6] ^ rk[13];
-			rk[15] = rk[7] ^ rk[14];
-
-			rk += 8;
-		}
-	}
-	return 0;
-}
-
-/**
- * Expand the cipher key into the decryption key schedule.
- */
-int
-AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key)
-{
-	u32 *rk;
-	int i, j, status;
-	u32 temp;
-
-	/* first, start with an encryption schedule */
-	status = AES_set_encrypt_key(userKey, bits, key);
-	if (status < 0)
-		return status;
-
-	rk = key->rd_key;
-
-	/* invert the order of the round keys: */
-	for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
-		temp = rk[i];
-		rk[i] = rk[j];
-		rk[j] = temp;
-		temp = rk[i + 1];
-		rk[i + 1] = rk[j + 1];
-		rk[j + 1] = temp;
-		temp = rk[i + 2];
-		rk[i + 2] = rk[j + 2];
-		rk[j + 2] = temp;
-		temp = rk[i + 3];
-		rk[i + 3] = rk[j + 3];
-		rk[j + 3] = temp;
-	}
-	/* apply the inverse MixColumn transform to all round keys but the first and the last: */
-	for (i = 1; i < (key->rounds); i++) {
-		rk += 4;
-#if 1
-		for (j = 0; j < 4; j++) {
-			u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-			tp1 = rk[j];
-			m = tp1 & 0x80808080;
-			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp2 & 0x80808080;
-			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp4 & 0x80808080;
-			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			tp9 = tp8 ^ tp1;
-			tpb = tp9 ^ tp2;
-			tpd = tp9 ^ tp4;
-			tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-			rk[j] = tpe ^ ROTATE(tpd, 16) ^
-			ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
-#else
-			rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
-			    (tp9 >> 24) ^ (tp9 << 8) ^
-			    (tpb >> 8) ^ (tpb << 24);
-#endif
-		}
-#else
-		rk[0] =
-		    Td0[Te2[(rk[0]) & 0xff] & 0xff] ^
-		    Td1[Te2[(rk[0] >> 8) & 0xff] & 0xff] ^
-		    Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
-		    Td3[Te2[(rk[0] >> 24)] & 0xff];
-		rk[1] =
-		    Td0[Te2[(rk[1]) & 0xff] & 0xff] ^
-		    Td1[Te2[(rk[1] >> 8) & 0xff] & 0xff] ^
-		    Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
-		    Td3[Te2[(rk[1] >> 24)] & 0xff];
-		rk[2] =
-		    Td0[Te2[(rk[2]) & 0xff] & 0xff] ^
-		    Td1[Te2[(rk[2] >> 8) & 0xff] & 0xff] ^
-		    Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
-		    Td3[Te2[(rk[2] >> 24)] & 0xff];
-		rk[3] =
-		    Td0[Te2[(rk[3]) & 0xff] & 0xff] ^
-		    Td1[Te2[(rk[3] >> 8) & 0xff] & 0xff] ^
-		    Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
-		    Td3[Te2[(rk[3] >> 24)] & 0xff];
-#endif
-	}
-	return 0;
-}
-
-/*
- * Encrypt a single block
- * in and out can overlap
- */
-void
-AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
-{
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t[4];
-	int r;
-
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-	s0 = GETU32(in) ^ rk[0];
-	s1 = GETU32(in + 4) ^ rk[1];
-	s2 = GETU32(in + 8) ^ rk[2];
-	s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-	prefetch256(Te4);
-
-	t[0] = Te4[(s0) & 0xff] ^
-	    Te4[(s1 >> 8) & 0xff] << 8 ^
-	    Te4[(s2 >> 16) & 0xff] << 16 ^
-	    Te4[(s3 >> 24)] << 24;
-	t[1] = Te4[(s1) & 0xff] ^
-	    Te4[(s2 >> 8) & 0xff] << 8 ^
-	    Te4[(s3 >> 16) & 0xff] << 16 ^
-	    Te4[(s0 >> 24)] << 24;
-	t[2] = Te4[(s2) & 0xff] ^
-	    Te4[(s3 >> 8) & 0xff] << 8 ^
-	    Te4[(s0 >> 16) & 0xff] << 16 ^
-	    Te4[(s1 >> 24)] << 24;
-	t[3] = Te4[(s3) & 0xff] ^
-	    Te4[(s0 >> 8) & 0xff] << 8 ^
-	    Te4[(s1 >> 16) & 0xff] << 16 ^
-	    Te4[(s2 >> 24)] << 24;
-
-	/* now do the linear transform using words */
-	{
-		int i;
-		u32 r0, r1, r2;
-
-		for (i = 0; i < 4; i++) {
-			r0 = t[i];
-			r1 = r0 & 0x80808080;
-			r2 = ((r0 & 0x7f7f7f7f) << 1) ^
-			    ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
-			t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
-			    ROTATE(r0, 16) ^ ROTATE(r0, 8);
-#else
-			t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
-			    (r0 << 16) ^ (r0 >> 16) ^ (r0 << 8) ^ (r0 >> 24);
-#endif
-			t[i] ^= rk[4 + i];
-		}
-	}
-#else
-	t[0] = Te0[(s0) & 0xff] ^
-	    Te1[(s1 >> 8) & 0xff] ^
-	    Te2[(s2 >> 16) & 0xff] ^
-	    Te3[(s3 >> 24)] ^
-	    rk[4];
-	t[1] = Te0[(s1) & 0xff] ^
-	    Te1[(s2 >> 8) & 0xff] ^
-	    Te2[(s3 >> 16) & 0xff] ^
-	    Te3[(s0 >> 24)] ^
-	    rk[5];
-	t[2] = Te0[(s2) & 0xff] ^
-	    Te1[(s3 >> 8) & 0xff] ^
-	    Te2[(s0 >> 16) & 0xff] ^
-	    Te3[(s1 >> 24)] ^
-	    rk[6];
-	t[3] = Te0[(s3) & 0xff] ^
-	    Te1[(s0 >> 8) & 0xff] ^
-	    Te2[(s1 >> 16) & 0xff] ^
-	    Te3[(s2 >> 24)] ^
-	    rk[7];
-#endif
-	s0 = t[0];
-	s1 = t[1];
-	s2 = t[2];
-	s3 = t[3];
-
-    /*
-     * Nr - 2 full rounds:
-     */
-	for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
-		t[0] = Te4[(s0) & 0xff] ^
-		    Te4[(s1 >> 8) & 0xff] << 8 ^
-		    Te4[(s2 >> 16) & 0xff] << 16 ^
-		    Te4[(s3 >> 24)] << 24;
-		t[1] = Te4[(s1) & 0xff] ^
-		    Te4[(s2 >> 8) & 0xff] << 8 ^
-		    Te4[(s3 >> 16) & 0xff] << 16 ^
-		    Te4[(s0 >> 24)] << 24;
-		t[2] = Te4[(s2) & 0xff] ^
-		    Te4[(s3 >> 8) & 0xff] << 8 ^
-		    Te4[(s0 >> 16) & 0xff] << 16 ^
-		    Te4[(s1 >> 24)] << 24;
-		t[3] = Te4[(s3) & 0xff] ^
-		    Te4[(s0 >> 8) & 0xff] << 8 ^
-		    Te4[(s1 >> 16) & 0xff] << 16 ^
-		    Te4[(s2 >> 24)] << 24;
-
-		/* now do the linear transform using words */
-		{
-			int i;
-			u32 r0, r1, r2;
-
-			for (i = 0; i < 4; i++) {
-				r0 = t[i];
-				r1 = r0 & 0x80808080;
-				r2 = ((r0 & 0x7f7f7f7f) << 1) ^
-				    ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
-#if defined(ROTATE)
-				t[i] = r2 ^ ROTATE(r2, 24) ^ ROTATE(r0, 24) ^
-				    ROTATE(r0, 16) ^ ROTATE(r0, 8);
-#else
-				t[i] = r2 ^ ((r2 ^ r0) << 24) ^
-				    ((r2 ^ r0) >> 8) ^
-				    (r0 << 16) ^ (r0 >> 16) ^
-				    (r0 << 8) ^ (r0 >> 24);
-#endif
-				t[i] ^= rk[i];
-			}
-		}
-#else
-		t[0] = Te0[(s0) & 0xff] ^
-		    Te1[(s1 >> 8) & 0xff] ^
-		    Te2[(s2 >> 16) & 0xff] ^
-		    Te3[(s3 >> 24)] ^
-		    rk[0];
-		t[1] = Te0[(s1) & 0xff] ^
-		    Te1[(s2 >> 8) & 0xff] ^
-		    Te2[(s3 >> 16) & 0xff] ^
-		    Te3[(s0 >> 24)] ^
-		    rk[1];
-		t[2] = Te0[(s2) & 0xff] ^
-		    Te1[(s3 >> 8) & 0xff] ^
-		    Te2[(s0 >> 16) & 0xff] ^
-		    Te3[(s1 >> 24)] ^
-		    rk[2];
-		t[3] = Te0[(s3) & 0xff] ^
-		    Te1[(s0 >> 8) & 0xff] ^
-		    Te2[(s1 >> 16) & 0xff] ^
-		    Te3[(s2 >> 24)] ^
-		    rk[3];
-#endif
-		s0 = t[0];
-		s1 = t[1];
-		s2 = t[2];
-		s3 = t[3];
-	}
-	/*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-	prefetch256(Te4);
-
-	*(u32*)(out + 0) =
-	    Te4[(s0) & 0xff] ^
-	    Te4[(s1 >> 8) & 0xff] << 8 ^
-	    Te4[(s2 >> 16) & 0xff] << 16 ^
-	    Te4[(s3 >> 24)] << 24 ^
-	    rk[0];
-	*(u32*)(out + 4) =
-	    Te4[(s1) & 0xff] ^
-	    Te4[(s2 >> 8) & 0xff] << 8 ^
-	    Te4[(s3 >> 16) & 0xff] << 16 ^
-	    Te4[(s0 >> 24)] << 24 ^
-	    rk[1];
-	*(u32*)(out + 8) =
-	    Te4[(s2) & 0xff] ^
-	    Te4[(s3 >> 8) & 0xff] << 8 ^
-	    Te4[(s0 >> 16) & 0xff] << 16 ^
-	    Te4[(s1 >> 24)] << 24 ^
-	    rk[2];
-	*(u32*)(out + 12) =
-	    Te4[(s3) & 0xff] ^
-	    Te4[(s0 >> 8) & 0xff] << 8 ^
-	    Te4[(s1 >> 16) & 0xff] << 16 ^
-	    Te4[(s2 >> 24)] << 24 ^
-	    rk[3];
-#else
-	*(u32*)(out + 0) =
-	    (Te2[(s0) & 0xff] & 0x000000ffU) ^
-	    (Te3[(s1 >> 8) & 0xff] & 0x0000ff00U) ^
-	    (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
-	    (Te1[(s3 >> 24)] & 0xff000000U) ^
-	    rk[0];
-	*(u32*)(out + 4) =
-	    (Te2[(s1) & 0xff] & 0x000000ffU) ^
-	    (Te3[(s2 >> 8) & 0xff] & 0x0000ff00U) ^
-	    (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
-	    (Te1[(s0 >> 24)] & 0xff000000U) ^
-	    rk[1];
-	*(u32*)(out + 8) =
-	    (Te2[(s2) & 0xff] & 0x000000ffU) ^
-	    (Te3[(s3 >> 8) & 0xff] & 0x0000ff00U) ^
-	    (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
-	    (Te1[(s1 >> 24)] & 0xff000000U) ^
-	    rk[2];
-	*(u32*)(out + 12) =
-	    (Te2[(s3) & 0xff] & 0x000000ffU) ^
-	    (Te3[(s0 >> 8) & 0xff] & 0x0000ff00U) ^
-	    (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
-	    (Te1[(s2 >> 24)] & 0xff000000U) ^
-	    rk[3];
-#endif
-}
-
-/*
- * Decrypt a single block
- * in and out can overlap
- */
-void
-AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
-{
-	const u32 *rk;
-	u32 s0, s1, s2, s3, t[4];
-	int r;
-
-	rk = key->rd_key;
-
-	/*
-	 * map byte array block to cipher state
-	 * and add initial round key:
-	 */
-	s0 = GETU32(in) ^ rk[0];
-	s1 = GETU32(in +  4) ^ rk[1];
-	s2 = GETU32(in +  8) ^ rk[2];
-	s3 = GETU32(in + 12) ^ rk[3];
-
-#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
-	prefetch256(Td4);
-
-	t[0] = Td4[(s0) & 0xff] ^
-	    Td4[(s3 >> 8) & 0xff] << 8 ^
-	    Td4[(s2 >> 16) & 0xff] << 16 ^
-	    Td4[(s1 >> 24)] << 24;
-	t[1] = Td4[(s1) & 0xff] ^
-	    Td4[(s0 >> 8) & 0xff] << 8 ^
-	    Td4[(s3 >> 16) & 0xff] << 16 ^
-	    Td4[(s2 >> 24)] << 24;
-	t[2] = Td4[(s2) & 0xff] ^
-	    Td4[(s1 >> 8) & 0xff] << 8 ^
-	    Td4[(s0 >> 16) & 0xff] << 16 ^
-	    Td4[(s3 >> 24)] << 24;
-	t[3] = Td4[(s3) & 0xff] ^
-	    Td4[(s2 >> 8) & 0xff] << 8 ^
-	    Td4[(s1 >> 16) & 0xff] << 16 ^
-	    Td4[(s0 >> 24)] << 24;
-
-	/* now do the linear transform using words */
-	{
-		int i;
-		u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-		for (i = 0; i < 4; i++) {
-			tp1 = t[i];
-			m = tp1 & 0x80808080;
-			tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp2 & 0x80808080;
-			tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			m = tp4 & 0x80808080;
-			tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-			    ((m - (m >> 7)) & 0x1b1b1b1b);
-			tp9 = tp8 ^ tp1;
-			tpb = tp9 ^ tp2;
-			tpd = tp9 ^ tp4;
-			tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-			t[i] = tpe ^ ROTATE(tpd, 16) ^
-			    ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
-#else
-			t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
-			    (tp9 >> 24) ^ (tp9 << 8) ^ (tpb >> 8) ^ (tpb << 24);
-#endif
-			t[i] ^= rk[4 + i];
-		}
-	}
-#else
-	t[0] = Td0[(s0) & 0xff] ^
-	    Td1[(s3 >> 8) & 0xff] ^
-	    Td2[(s2 >> 16) & 0xff] ^
-	    Td3[(s1 >> 24)] ^
-	    rk[4];
-	t[1] = Td0[(s1) & 0xff] ^
-	    Td1[(s0 >> 8) & 0xff] ^
-	    Td2[(s3 >> 16) & 0xff] ^
-	    Td3[(s2 >> 24)] ^
-	    rk[5];
-	t[2] = Td0[(s2) & 0xff] ^
-	    Td1[(s1 >> 8) & 0xff] ^
-	    Td2[(s0 >> 16) & 0xff] ^
-	    Td3[(s3 >> 24)] ^
-	    rk[6];
-	t[3] = Td0[(s3) & 0xff] ^
-	    Td1[(s2 >> 8) & 0xff] ^
-	    Td2[(s1 >> 16) & 0xff] ^
-	    Td3[(s0 >> 24)] ^
-	    rk[7];
-#endif
-	s0 = t[0];
-	s1 = t[1];
-	s2 = t[2];
-	s3 = t[3];
-
-    /*
-     * Nr - 2 full rounds:
-     */
-	for (rk += 8, r = key->rounds - 2; r > 0; rk += 4, r--) {
-#if defined(AES_COMPACT_IN_INNER_ROUNDS)
-		t[0] = Td4[(s0) & 0xff] ^
-		    Td4[(s3 >> 8) & 0xff] << 8 ^
-		    Td4[(s2 >> 16) & 0xff] << 16 ^
-		    Td4[(s1 >> 24)] << 24;
-		t[1] = Td4[(s1) & 0xff] ^
-		    Td4[(s0 >> 8) & 0xff] << 8 ^
-		    Td4[(s3 >> 16) & 0xff] << 16 ^
-		    Td4[(s2 >> 24)] << 24;
-		t[2] = Td4[(s2) & 0xff] ^
-		    Td4[(s1 >> 8) & 0xff] << 8 ^
-		    Td4[(s0 >> 16) & 0xff] << 16 ^
-		    Td4[(s3 >> 24)] << 24;
-		t[3] = Td4[(s3) & 0xff] ^
-		    Td4[(s2 >> 8) & 0xff] << 8 ^
-		    Td4[(s1 >> 16) & 0xff] << 16 ^
-		    Td4[(s0 >> 24)] << 24;
-
-		/* now do the linear transform using words */
-		{
-			int i;
-			u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
-
-			for (i = 0; i < 4; i++) {
-				tp1 = t[i];
-				m = tp1 & 0x80808080;
-				tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
-				    ((m - (m >> 7)) & 0x1b1b1b1b);
-				m = tp2 & 0x80808080;
-				tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
-				    ((m - (m >> 7)) & 0x1b1b1b1b);
-				m = tp4 & 0x80808080;
-				    tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
-				    ((m - (m >> 7)) & 0x1b1b1b1b);
-				tp9 = tp8 ^ tp1;
-				tpb = tp9 ^ tp2;
-				tpd = tp9 ^ tp4;
-				tpe = tp8 ^ tp4 ^ tp2;
-#if defined(ROTATE)
-				t[i] = tpe ^ ROTATE(tpd, 16) ^
-				    ROTATE(tp9, 8) ^ ROTATE(tpb, 24);
-#else
-				t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^
-				    (tp9 >> 24) ^ (tp9 << 8) ^
-				    (tpb >> 8) ^ (tpb << 24);
-#endif
-				t[i] ^= rk[i];
-			}
-		}
-#else
-		t[0] = Td0[(s0) & 0xff] ^
-		    Td1[(s3 >> 8) & 0xff] ^
-		    Td2[(s2 >> 16) & 0xff] ^
-		    Td3[(s1 >> 24)] ^
-		    rk[0];
-		t[1] = Td0[(s1) & 0xff] ^
-		    Td1[(s0 >>  8) & 0xff] ^
-		    Td2[(s3 >> 16) & 0xff] ^
-		    Td3[(s2 >> 24)] ^
-		    rk[1];
-		t[2] = Td0[(s2) & 0xff] ^
-		    Td1[(s1 >> 8) & 0xff] ^
-		    Td2[(s0 >> 16) & 0xff] ^
-		    Td3[(s3 >> 24)] ^
-		    rk[2];
-		t[3] = Td0[(s3) & 0xff] ^
-		    Td1[(s2 >> 8) & 0xff] ^
-		    Td2[(s1 >> 16) & 0xff] ^
-		    Td3[(s0 >> 24)] ^
-		    rk[3];
-#endif
-		s0 = t[0];
-		s1 = t[1];
-		s2 = t[2];
-		s3 = t[3];
-	}
-	/*
-	 * apply last round and
-	 * map cipher state to byte array block:
-	 */
-	prefetch256(Td4);
-
-	*(u32*)(out + 0) =
-	    (Td4[(s0) & 0xff]) ^
-	    (Td4[(s3 >> 8) & 0xff] << 8) ^
-	    (Td4[(s2 >> 16) & 0xff] << 16) ^
-	    (Td4[(s1 >> 24)] << 24) ^
-	    rk[0];
-	*(u32*)(out + 4) =
-	    (Td4[(s1) & 0xff]) ^
-	    (Td4[(s0 >> 8) & 0xff] << 8) ^
-	    (Td4[(s3 >> 16) & 0xff] << 16) ^
-	    (Td4[(s2 >> 24)] << 24) ^
-	    rk[1];
-	*(u32*)(out + 8) =
-	    (Td4[(s2) & 0xff]) ^
-	    (Td4[(s1 >>  8) & 0xff] << 8) ^
-	    (Td4[(s0 >> 16) & 0xff] << 16) ^
-	    (Td4[(s3 >> 24)] << 24) ^
-	    rk[2];
-	*(u32*)(out + 12) =
-	    (Td4[(s3) & 0xff]) ^
-	    (Td4[(s2 >> 8) & 0xff] << 8) ^
-	    (Td4[(s1 >> 16) & 0xff] << 16) ^
-	    (Td4[(s0 >> 24)] << 24) ^
-	    rk[3];
-}
diff --git a/lib/libssl/src/crypto/aes/asm/aes-586.pl b/lib/libssl/src/crypto/aes/asm/aes-586.pl
deleted file mode 100644
index aab40e6f1cf..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-586.pl
+++ /dev/null
@@ -1,2980 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Version 4.3.
-#
-# You might fail to appreciate this module performance from the first
-# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
-# to be *the* best Intel C compiler without -KPIC, performance appears
-# to be virtually identical... But try to re-configure with shared
-# library support... Aha! Intel compiler "suddenly" lags behind by 30%
-# [on P4, more on others]:-) And if compared to position-independent
-# code generated by GNU C, this code performs *more* than *twice* as
-# fast! Yes, all this buzz about PIC means that unlike other hand-
-# coded implementations, this one was explicitly designed to be safe
-# to use even in shared library context... This also means that this
-# code isn't necessarily absolutely fastest "ever," because in order
-# to achieve position independence an extra register has to be
-# off-loaded to stack, which affects the benchmark result.
-#
-# Special note about instruction choice. Do you recall RC4_INT code
-# performing poorly on P4? It might be the time to figure out why.
-# RC4_INT code implies effective address calculations in base+offset*4
-# form. Trouble is that it seems that offset scaling turned to be
-# critical path... At least eliminating scaling resulted in 2.8x RC4
-# performance improvement [as you might recall]. As AES code is hungry
-# for scaling too, I [try to] avoid the latter by favoring off-by-2
-# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF.
-#
-# As was shown by Dean Gaudet <dean@arctic.org>, the above note turned
-# void. Performance improvement with off-by-2 shifts was observed on
-# intermediate implementation, which was spilling yet another register
-# to stack... Final offset*4 code below runs just a tad faster on P4,
-# but exhibits up to 10% improvement on other cores.
-#
-# Second version is "monolithic" replacement for aes_core.c, which in
-# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
-# This made it possible to implement little-endian variant of the
-# algorithm without modifying the base C code. Motivating factor for
-# the undertaken effort was that it appeared that in tight IA-32
-# register window little-endian flavor could achieve slightly higher
-# Instruction Level Parallelism, and it indeed resulted in up to 15%
-# better performance on most recent �-archs...
-#
-# Third version adds AES_cbc_encrypt implementation, which resulted in
-# up to 40% performance imrovement of CBC benchmark results. 40% was
-# observed on P4 core, where "overall" imrovement coefficient, i.e. if
-# compared to PIC generated by GCC and in CBC mode, was observed to be
-# as large as 4x:-) CBC performance is virtually identical to ECB now
-# and on some platforms even better, e.g. 17.6 "small" cycles/byte on
-# Opteron, because certain function prologues and epilogues are
-# effectively taken out of the loop...
-#
-# Version 3.2 implements compressed tables and prefetch of these tables
-# in CBC[!] mode. Former means that 3/4 of table references are now
-# misaligned, which unfortunately has negative impact on elder IA-32
-# implementations, Pentium suffered 30% penalty, PIII - 10%.
-#
-# Version 3.3 avoids L1 cache aliasing between stack frame and
-# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The
-# latter is achieved by copying the key schedule to controlled place in
-# stack. This unfortunately has rather strong impact on small block CBC
-# performance, ~2x deterioration on 16-byte block if compared to 3.3.
-#
-# Version 3.5 checks if there is L1 cache aliasing between user-supplied
-# key schedule and S-boxes and abstains from copying the former if
-# there is no. This allows end-user to consciously retain small block
-# performance by aligning key schedule in specific manner.
-#
-# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB.
-#
-# Current ECB performance numbers for 128-bit key in CPU cycles per
-# processed byte [measure commonly used by AES benchmarkers] are:
-#
-#		small footprint		fully unrolled
-# P4		24			22
-# AMD K8	20			19
-# PIII		25			23
-# Pentium	81			78
-#
-# Version 3.7 reimplements outer rounds as "compact." Meaning that
-# first and last rounds reference compact 256 bytes S-box. This means
-# that first round consumes a lot more CPU cycles and that encrypt
-# and decrypt performance becomes asymmetric. Encrypt performance
-# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is
-# aggressively pre-fetched.
-#
-# Version 4.0 effectively rolls back to 3.6 and instead implements
-# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact,
-# which use exclusively 256 byte S-box. These functions are to be
-# called in modes not concealing plain text, such as ECB, or when
-# we're asked to process smaller amount of data [or unconditionally
-# on hyper-threading CPU]. Currently it's called unconditionally from
-# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine
-# still needs to be modified to switch between slower and faster
-# mode when appropriate... But in either case benchmark landscape
-# changes dramatically and below numbers are CPU cycles per processed
-# byte for 128-bit key.
-#
-#		ECB encrypt	ECB decrypt	CBC large chunk
-# P4		56[60]		84[100]		23
-# AMD K8	48[44]		70[79]		18
-# PIII		41[50]		61[91]		24
-# Core 2	32[38]		45[70]		18.5
-# Pentium	120		160		77
-#
-# Version 4.1 switches to compact S-box even in key schedule setup.
-#
-# Version 4.2 prefetches compact S-box in every SSE round or in other
-# words every cache-line is *guaranteed* to be accessed within ~50
-# cycles window. Why just SSE? Because it's needed on hyper-threading
-# CPU! Which is also why it's prefetched with 64 byte stride. Best
-# part is that it has no negative effect on performance:-)  
-#
-# Version 4.3 implements switch between compact and non-compact block
-# functions in AES_cbc_encrypt depending on how much data was asked
-# to be processed in one stroke.
-#
-######################################################################
-# Timing attacks are classified in two classes: synchronous when
-# attacker consciously initiates cryptographic operation and collects
-# timing data of various character afterwards, and asynchronous when
-# malicious code is executed on same CPU simultaneously with AES,
-# instruments itself and performs statistical analysis of this data.
-#
-# As far as synchronous attacks go the root to the AES timing
-# vulnerability is twofold. Firstly, of 256 S-box elements at most 160
-# are referred to in single 128-bit block operation. Well, in C
-# implementation with 4 distinct tables it's actually as little as 40
-# references per 256 elements table, but anyway... Secondly, even
-# though S-box elements are clustered into smaller amount of cache-
-# lines, smaller than 160 and even 40, it turned out that for certain
-# plain-text pattern[s] or simply put chosen plain-text and given key
-# few cache-lines remain unaccessed during block operation. Now, if
-# attacker can figure out this access pattern, he can deduct the key
-# [or at least part of it]. The natural way to mitigate this kind of
-# attacks is to minimize the amount of cache-lines in S-box and/or
-# prefetch them to ensure that every one is accessed for more uniform
-# timing. But note that *if* plain-text was concealed in such way that
-# input to block function is distributed *uniformly*, then attack
-# wouldn't apply. Now note that some encryption modes, most notably
-# CBC, do mask the plain-text in this exact way [secure cipher output
-# is distributed uniformly]. Yes, one still might find input that
-# would reveal the information about given key, but if amount of
-# candidate inputs to be tried is larger than amount of possible key
-# combinations then attack becomes infeasible. This is why revised
-# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk
-# of data is to be processed in one stroke. The current size limit of
-# 512 bytes is chosen to provide same [diminishigly low] probability
-# for cache-line to remain untouched in large chunk operation with
-# large S-box as for single block operation with compact S-box and
-# surely needs more careful consideration...
-#
-# As for asynchronous attacks. There are two flavours: attacker code
-# being interleaved with AES on hyper-threading CPU at *instruction*
-# level, and two processes time sharing single core. As for latter.
-# Two vectors. 1. Given that attacker process has higher priority,
-# yield execution to process performing AES just before timer fires
-# off the scheduler, immediately regain control of CPU and analyze the
-# cache state. For this attack to be efficient attacker would have to
-# effectively slow down the operation by several *orders* of magnitute,
-# by ratio of time slice to duration of handful of AES rounds, which
-# unlikely to remain unnoticed. Not to mention that this also means
-# that he would spend correspondigly more time to collect enough
-# statistical data to mount the attack. It's probably appropriate to
-# say that if adeversary reckons that this attack is beneficial and
-# risks to be noticed, you probably have larger problems having him
-# mere opportunity. In other words suggested code design expects you
-# to preclude/mitigate this attack by overall system security design.
-# 2. Attacker manages to make his code interrupt driven. In order for
-# this kind of attack to be feasible, interrupt rate has to be high
-# enough, again comparable to duration of handful of AES rounds. But
-# is there interrupt source of such rate? Hardly, not even 1Gbps NIC
-# generates interrupts at such raging rate...
-#
-# And now back to the former, hyper-threading CPU or more specifically
-# Intel P4. Recall that asynchronous attack implies that malicious
-# code instruments itself. And naturally instrumentation granularity
-# has be noticeably lower than duration of codepath accessing S-box.
-# Given that all cache-lines are accessed during that time that is.
-# Current implementation accesses *all* cache-lines within ~50 cycles
-# window, which is actually *less* than RDTSC latency on Intel P4!
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386");
-&static_label("AES_Te");
-&static_label("AES_Td");
-
-$s0="eax";
-$s1="ebx";
-$s2="ecx";
-$s3="edx";
-$key="edi";
-$acc="esi";
-$tbl="ebp";
-
-# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated
-# by caller
-$__ra=&DWP(0,"esp");	# return address
-$__s0=&DWP(4,"esp");	# s0 backing store
-$__s1=&DWP(8,"esp");	# s1 backing store
-$__s2=&DWP(12,"esp");	# s2 backing store
-$__s3=&DWP(16,"esp");	# s3 backing store
-$__key=&DWP(20,"esp");	# pointer to key schedule
-$__end=&DWP(24,"esp");	# pointer to end of key schedule
-$__tbl=&DWP(28,"esp");	# %ebp backing store
-
-# stack frame layout in AES_[en|crypt] routines, which differs from
-# above by 4 and overlaps by %ebp backing store
-$_tbl=&DWP(24,"esp");
-$_esp=&DWP(28,"esp");
-
-sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
-
-$speed_limit=512;	# chunks smaller than $speed_limit are
-			# processed with compact routine in CBC mode
-$small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
-			# recent �-archs], but ~5 times smaller!
-			# I favor compact code to minimize cache
-			# contention and in hope to "collect" 5% back
-			# in real-life applications...
-
-$vertical_spin=0;	# shift "verticaly" defaults to 0, because of
-			# its proof-of-concept status...
-# Note that there is no decvert(), as well as last encryption round is
-# performed with "horizontal" shifts. This is because this "vertical"
-# implementation [one which groups shifts on a given $s[i] to form a
-# "column," unlike "horizontal" one, which groups shifts on different
-# $s[i] to form a "row"] is work in progress. It was observed to run
-# few percents faster on Intel cores, but not AMD. On AMD K8 core it's
-# whole 12% slower:-( So we face a trade-off... Shall it be resolved
-# some day? Till then the code is considered experimental and by
-# default remains dormant...
-
-sub encvert()
-{ my ($te,@s) = @_;
-  my $v0 = $acc, $v1 = $key;
-
-	&mov	($v0,$s[3]);				# copy s3
-	&mov	(&DWP(4,"esp"),$s[2]);			# save s2
-	&mov	($v1,$s[0]);				# copy s0
-	&mov	(&DWP(8,"esp"),$s[1]);			# save s1
-
-	&movz	($s[2],&HB($s[0]));
-	&and	($s[0],0xFF);
-	&mov	($s[0],&DWP(0,$te,$s[0],8));		# s0>>0
-	&shr	($v1,16);
-	&mov	($s[3],&DWP(3,$te,$s[2],8));		# s0>>8
-	&movz	($s[1],&HB($v1));
-	&and	($v1,0xFF);
-	&mov	($s[2],&DWP(2,$te,$v1,8));		# s0>>16
-	 &mov	($v1,$v0);
-	&mov	($s[1],&DWP(1,$te,$s[1],8));		# s0>>24
-
-	&and	($v0,0xFF);
-	&xor	($s[3],&DWP(0,$te,$v0,8));		# s3>>0
-	&movz	($v0,&HB($v1));
-	&shr	($v1,16);
-	&xor	($s[2],&DWP(3,$te,$v0,8));		# s3>>8
-	&movz	($v0,&HB($v1));
-	&and	($v1,0xFF);
-	&xor	($s[1],&DWP(2,$te,$v1,8));		# s3>>16
-	 &mov	($v1,&DWP(4,"esp"));			# restore s2
-	&xor	($s[0],&DWP(1,$te,$v0,8));		# s3>>24
-
-	&mov	($v0,$v1);
-	&and	($v1,0xFF);
-	&xor	($s[2],&DWP(0,$te,$v1,8));		# s2>>0
-	&movz	($v1,&HB($v0));
-	&shr	($v0,16);
-	&xor	($s[1],&DWP(3,$te,$v1,8));		# s2>>8
-	&movz	($v1,&HB($v0));
-	&and	($v0,0xFF);
-	&xor	($s[0],&DWP(2,$te,$v0,8));		# s2>>16
-	 &mov	($v0,&DWP(8,"esp"));			# restore s1
-	&xor	($s[3],&DWP(1,$te,$v1,8));		# s2>>24
-
-	&mov	($v1,$v0);
-	&and	($v0,0xFF);
-	&xor	($s[1],&DWP(0,$te,$v0,8));		# s1>>0
-	&movz	($v0,&HB($v1));
-	&shr	($v1,16);
-	&xor	($s[0],&DWP(3,$te,$v0,8));		# s1>>8
-	&movz	($v0,&HB($v1));
-	&and	($v1,0xFF);
-	&xor	($s[3],&DWP(2,$te,$v1,8));		# s1>>16
-	 &mov	($key,$__key);				# reincarnate v1 as key
-	&xor	($s[2],&DWP(1,$te,$v0,8));		# s1>>24
-}
-
-# Another experimental routine, which features "horizontal spin," but
-# eliminates one reference to stack. Strangely enough runs slower...
-sub enchoriz()
-{ my $v0 = $key, $v1 = $acc;
-
-	&movz	($v0,&LB($s0));			#  3, 2, 1, 0*
-	&rotr	($s2,8);			#  8,11,10, 9
-	&mov	($v1,&DWP(0,$te,$v0,8));	#  0
-	&movz	($v0,&HB($s1));			#  7, 6, 5*, 4
-	&rotr	($s3,16);			# 13,12,15,14
-	&xor	($v1,&DWP(3,$te,$v0,8));	#  5
-	&movz	($v0,&HB($s2));			#  8,11,10*, 9
-	&rotr	($s0,16);			#  1, 0, 3, 2
-	&xor	($v1,&DWP(2,$te,$v0,8));	# 10
-	&movz	($v0,&HB($s3));			# 13,12,15*,14
-	&xor	($v1,&DWP(1,$te,$v0,8));	# 15, t[0] collected
-	&mov	($__s0,$v1);			# t[0] saved
-
-	&movz	($v0,&LB($s1));			#  7, 6, 5, 4*
-	&shr	($s1,16);			#  -, -, 7, 6
-	&mov	($v1,&DWP(0,$te,$v0,8));	#  4
-	&movz	($v0,&LB($s3));			# 13,12,15,14*
-	&xor	($v1,&DWP(2,$te,$v0,8));	# 14
-	&movz	($v0,&HB($s0));			#  1, 0, 3*, 2
-	&and	($s3,0xffff0000);		# 13,12, -, -
-	&xor	($v1,&DWP(1,$te,$v0,8));	#  3
-	&movz	($v0,&LB($s2));			#  8,11,10, 9*
-	&or	($s3,$s1);			# 13,12, 7, 6
-	&xor	($v1,&DWP(3,$te,$v0,8));	#  9, t[1] collected
-	&mov	($s1,$v1);			#  s[1]=t[1]
-
-	&movz	($v0,&LB($s0));			#  1, 0, 3, 2*
-	&shr	($s2,16);			#  -, -, 8,11
-	&mov	($v1,&DWP(2,$te,$v0,8));	#  2
-	&movz	($v0,&HB($s3));			# 13,12, 7*, 6
-	&xor	($v1,&DWP(1,$te,$v0,8));	#  7
-	&movz	($v0,&HB($s2));			#  -, -, 8*,11
-	&xor	($v1,&DWP(0,$te,$v0,8));	#  8
-	&mov	($v0,$s3);
-	&shr	($v0,24);			# 13
-	&xor	($v1,&DWP(3,$te,$v0,8));	# 13, t[2] collected
-
-	&movz	($v0,&LB($s2));			#  -, -, 8,11*
-	&shr	($s0,24);			#  1*
-	&mov	($s2,&DWP(1,$te,$v0,8));	# 11
-	&xor	($s2,&DWP(3,$te,$s0,8));	#  1
-	&mov	($s0,$__s0);			# s[0]=t[0]
-	&movz	($v0,&LB($s3));			# 13,12, 7, 6*
-	&shr	($s3,16);			#   ,  ,13,12
-	&xor	($s2,&DWP(2,$te,$v0,8));	#  6
-	&mov	($key,$__key);			# reincarnate v0 as key
-	&and	($s3,0xff);			#   ,  ,13,12*
-	&mov	($s3,&DWP(0,$te,$s3,8));	# 12
-	&xor	($s3,$s2);			# s[2]=t[3] collected
-	&mov	($s2,$v1);			# s[2]=t[2]
-}
-
-# More experimental code... SSE one... Even though this one eliminates
-# *all* references to stack, it's not faster...
-sub sse_encbody()
-{
-	&movz	($acc,&LB("eax"));		#  0
-	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  0
-	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
-	&movz	("edx",&HB("eax"));		#  1
-	&mov	("edx",&DWP(3,$tbl,"edx",8));	#  1
-	&shr	("eax",16);			#  5, 4
-
-	&movz	($acc,&LB("ebx"));		# 10
-	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 10
-	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
-	&movz	($acc,&HB("ebx"));		# 11
-	&xor	("edx",&DWP(1,$tbl,$acc,8));	# 11
-	&shr	("ebx",16);			# 15,14
-
-	&movz	($acc,&HB("eax"));		#  5
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  5
-	&movq	("mm3",QWP(16,$key));
-	&movz	($acc,&HB("ebx"));		# 15
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	# 15
-	&movd	("mm0","ecx");			# t[0] collected
-
-	&movz	($acc,&LB("eax"));		#  4
-	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  4
-	&movd	("eax","mm2");			#  7, 6, 3, 2
-	&movz	($acc,&LB("ebx"));		# 14
-	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 14
-	&movd	("ebx","mm6");			# 13,12, 9, 8
-
-	&movz	($acc,&HB("eax"));		#  3
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  3
-	&movz	($acc,&HB("ebx"));		#  9
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  9
-	&movd	("mm1","ecx");			# t[1] collected
-
-	&movz	($acc,&LB("eax"));		#  2
-	&mov	("ecx",&DWP(2,$tbl,$acc,8));	#  2
-	&shr	("eax",16);			#  7, 6
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-	&movz	($acc,&LB("ebx"));		#  8
-	&xor	("ecx",&DWP(0,$tbl,$acc,8));	#  8
-	&shr	("ebx",16);			# 13,12
-
-	&movz	($acc,&HB("eax"));		#  7
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  7
-	&pxor	("mm0","mm3");
-	&movz	("eax",&LB("eax"));		#  6
-	&xor	("edx",&DWP(2,$tbl,"eax",8));	#  6
-	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
-	&movz	($acc,&HB("ebx"));		# 13
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	# 13
-	&xor	("ecx",&DWP(24,$key));		# t[2]
-	&movd	("mm4","ecx");			# t[2] collected
-	&movz	("ebx",&LB("ebx"));		# 12
-	&xor	("edx",&DWP(0,$tbl,"ebx",8));	# 12
-	&shr	("ecx",16);
-	&movd	("eax","mm1");			#  5, 4, 1, 0
-	&mov	("ebx",&DWP(28,$key));		# t[3]
-	&xor	("ebx","edx");
-	&movd	("mm5","ebx");			# t[3] collected
-	&and	("ebx",0xffff0000);
-	&or	("ebx","ecx");
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-######################################################################
-# "Compact" block function
-######################################################################
-
-sub enccompact()
-{ my $Fn = mov;
-  while ($#_>5) { pop(@_); $Fn=sub{}; }
-  my ($i,$te,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# $Fn is used in first compact round and its purpose is to
-	# void restoration of some values from stack, so that after
-	# 4xenccompact with extra argument $key value is left there...
-	if ($i==3)  {	&$Fn	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&movz	($out,&BP(-128,$te,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]);
-			&shr	($tmp,24);			}
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-	&comment();
-}
-
-sub enctransform()
-{ my @s = ($s0,$s1,$s2,$s3);
-  my $i = shift;
-  my $tmp = $tbl;
-  my $r2  = $key ;
-
-	&mov	($acc,$s[$i]);
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($r2,&DWP(0,$s[$i],$s[$i]));
-	&sub	($acc,$tmp);
-	&and	($r2,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	&mov	($tmp,$s[$i]);
-	&xor	($acc,$r2);	# r2
-
-	&xor	($s[$i],$acc);	# r0 ^ r2
-	&rotl	($s[$i],24);
-	&xor	($s[$i],$acc)	# ROTATE(r2^r0,24) ^ r2
-	&rotr	($tmp,16);
-	&xor	($s[$i],$tmp);
-	&rotr	($tmp,8);
-	&xor	($s[$i],$tmp);
-}
-
-&function_begin_B("_x86_AES_encrypt_compact");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	# prefetch Te4
-	&mov	($key,&DWP(0-128,$tbl));
-	&mov	($acc,&DWP(32-128,$tbl));
-	&mov	($key,&DWP(64-128,$tbl));
-	&mov	($acc,&DWP(96-128,$tbl));
-	&mov	($key,&DWP(128-128,$tbl));
-	&mov	($acc,&DWP(160-128,$tbl));
-	&mov	($key,&DWP(192-128,$tbl));
-	&mov	($acc,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-
-		&enccompact(0,$tbl,$s0,$s1,$s2,$s3,1);
-		&enccompact(1,$tbl,$s1,$s2,$s3,$s0,1);
-		&enccompact(2,$tbl,$s2,$s3,$s0,$s1,1);
-		&enccompact(3,$tbl,$s3,$s0,$s1,$s2,1);
-		&enctransform(2);
-		&enctransform(3);
-		&enctransform(0);
-		&enctransform(1);
-		&mov 	($key,$__key);
-		&mov	($tbl,$__tbl);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-	&cmp	($key,$__end);
-	&mov	($__key,$key);
-	&jb	(&label("loop"));
-
-	&enccompact(0,$tbl,$s0,$s1,$s2,$s3);
-	&enccompact(1,$tbl,$s1,$s2,$s3,$s0);
-	&enccompact(2,$tbl,$s2,$s3,$s0,$s1);
-	&enccompact(3,$tbl,$s3,$s0,$s1,$s2);
-
-	&xor	($s0,&DWP(16,$key));
-	&xor	($s1,&DWP(20,$key));
-	&xor	($s2,&DWP(24,$key));
-	&xor	($s3,&DWP(28,$key));
-
-	&ret	();
-&function_end_B("_x86_AES_encrypt_compact");
-
-######################################################################
-# "Compact" SSE block function.
-######################################################################
-#
-# Performance is not actually extraordinary in comparison to pure
-# x86 code. In particular encrypt performance is virtually the same.
-# Decrypt performance on the other hand is 15-20% better on newer
-# �-archs [but we're thankful for *any* improvement here], and ~50%
-# better on PIII:-) And additionally on the pros side this code
-# eliminates redundant references to stack and thus relieves/
-# minimizes the pressure on the memory bus.
-#
-# MMX register layout                           lsb
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |          mm4          |          mm0          |
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |     s3    |     s2    |     s1    |     s0    |    
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0|
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-#
-# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8.
-# In this terms encryption and decryption "compact" permutation
-# matrices can be depicted as following:
-#
-# encryption              lsb	# decryption              lsb
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t0 || 15 | 10 |  5 |  0 |	# | t0 ||  7 | 10 | 13 |  0 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t1 ||  3 | 14 |  9 |  4 |	# | t1 || 11 | 14 |  1 |  4 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t2 ||  7 |  2 | 13 |  8 |	# | t2 || 15 |  2 |  5 |  8 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t3 || 11 |  6 |  1 | 12 |	# | t3 ||  3 |  6 |  9 | 12 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-#
-######################################################################
-# Why not xmm registers? Short answer. It was actually tested and
-# was not any faster, but *contrary*, most notably on Intel CPUs.
-# Longer answer. Main advantage of using mm registers is that movd
-# latency is lower, especially on Intel P4. While arithmetic
-# instructions are twice as many, they can be scheduled every cycle
-# and not every second one when they are operating on xmm register,
-# so that "arithmetic throughput" remains virtually the same. And
-# finally the code can be executed even on elder SSE-only CPUs:-)
-
-sub sse_enccompact()
-{
-	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
-	&pshufw	("mm5","mm4",0x0d);		# 15,14,11,10
-	&movd	("eax","mm1");			#  5, 4, 1, 0
-	&movd	("ebx","mm5");			# 15,14,11,10
-
-	&movz	($acc,&LB("eax"));		#  0
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
-	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
-	&movz	("edx",&HB("eax"));		#  1
-	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
-	&shl	("edx",8);			#  1
-	&shr	("eax",16);			#  5, 4
-
-	&movz	($acc,&LB("ebx"));		# 10
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 10
-	&shl	($acc,16);			# 10
-	&or	("ecx",$acc);			# 10
-	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
-	&movz	($acc,&HB("ebx"));		# 11
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 11
-	&shl	($acc,24);			# 11
-	&or	("edx",$acc);			# 11
-	&shr	("ebx",16);			# 15,14
-
-	&movz	($acc,&HB("eax"));		#  5
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  5
-	&shl	($acc,8);			#  5
-	&or	("ecx",$acc);			#  5
-	&movz	($acc,&HB("ebx"));		# 15
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 15
-	&shl	($acc,24);			# 15
-	&or	("ecx",$acc);			# 15
-	&movd	("mm0","ecx");			# t[0] collected
-
-	&movz	($acc,&LB("eax"));		#  4
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  4
-	&movd	("eax","mm2");			#  7, 6, 3, 2
-	&movz	($acc,&LB("ebx"));		# 14
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 14
-	&shl	($acc,16);			# 14
-	&or	("ecx",$acc);			# 14
-
-	&movd	("ebx","mm6");			# 13,12, 9, 8
-	&movz	($acc,&HB("eax"));		#  3
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  3
-	&shl	($acc,24);			#  3
-	&or	("ecx",$acc);			#  3
-	&movz	($acc,&HB("ebx"));		#  9
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  9
-	&shl	($acc,8);			#  9
-	&or	("ecx",$acc);			#  9
-	&movd	("mm1","ecx");			# t[1] collected
-
-	&movz	($acc,&LB("ebx"));		#  8
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  8
-	&shr	("ebx",16);			# 13,12
-	&movz	($acc,&LB("eax"));		#  2
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  2
-	&shl	($acc,16);			#  2
-	&or	("ecx",$acc);			#  2
-	&shr	("eax",16);			#  7, 6
-
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-
-	&movz	($acc,&HB("eax"));		#  7
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  7
-	&shl	($acc,24);			#  7
-	&or	("ecx",$acc);			#  7
-	&and	("eax",0xff);			#  6
-	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  6
-	&shl	("eax",16);			#  6
-	&or	("edx","eax");			#  6
-	&movz	($acc,&HB("ebx"));		# 13
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 13
-	&shl	($acc,8);			# 13
-	&or	("ecx",$acc);			# 13
-	&movd	("mm4","ecx");			# t[2] collected
-	&and	("ebx",0xff);			# 12
-	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	# 12
-	&or	("edx","ebx");			# 12
-	&movd	("mm5","edx");			# t[3] collected
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-					if (!$x86only) {
-&function_begin_B("_sse_AES_encrypt_compact");
-	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
-	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	&mov	($s0,0x1b1b1b1b);		# magic constant
-	&mov	(&DWP(8,"esp"),$s0);
-	&mov	(&DWP(12,"esp"),$s0);
-
-	# prefetch Te4
-	&mov	($s0,&DWP(0-128,$tbl));
-	&mov	($s1,&DWP(32-128,$tbl));
-	&mov	($s2,&DWP(64-128,$tbl));
-	&mov	($s3,&DWP(96-128,$tbl));
-	&mov	($s0,&DWP(128-128,$tbl));
-	&mov	($s1,&DWP(160-128,$tbl));
-	&mov	($s2,&DWP(192-128,$tbl));
-	&mov	($s3,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-		&sse_enccompact();
-		&add	($key,16);
-		&cmp	($key,$__end);
-		&ja	(&label("out"));
-
-		&movq	("mm2",&QWP(8,"esp"));
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&movq	("mm1","mm0");		&movq	("mm5","mm4");	# r0
-		&pcmpgtb("mm3","mm0");		&pcmpgtb("mm7","mm4");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&pshufw	("mm2","mm0",0xb1);	&pshufw	("mm6","mm4",0xb1);# ROTATE(r0,16)
-		&paddb	("mm0","mm0");		&paddb	("mm4","mm4");
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# = r2
-		&pshufw	("mm3","mm2",0xb1);	&pshufw	("mm7","mm6",0xb1);# r0
-		&pxor	("mm1","mm0");		&pxor	("mm5","mm4");	# r0^r2
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(r0,16)
-
-		&movq	("mm2","mm3");		&movq	("mm6","mm7");
-		&pslld	("mm3",8);		&pslld	("mm7",8);
-		&psrld	("mm2",24);		&psrld	("mm6",24);
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= r0<<8
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= r0>>24
-
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
-		&psrld	("mm1",8);		&psrld	("mm5",8);
-		&mov	($s0,&DWP(0-128,$tbl));
-		&pslld	("mm3",24);		&pslld	("mm7",24);
-		&mov	($s1,&DWP(64-128,$tbl));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= (r2^r0)<<8
-		&mov	($s2,&DWP(128-128,$tbl));
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= (r2^r0)>>24
-		&mov	($s3,&DWP(192-128,$tbl));
-
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
-	&jmp	(&label("loop"));
-
-	&set_label("out",16);
-	&pxor	("mm0",&QWP(0,$key));
-	&pxor	("mm4",&QWP(8,$key));
-
-	&ret	();
-&function_end_B("_sse_AES_encrypt_compact");
-					}
-
-######################################################################
-# Vanilla block function.
-######################################################################
-
-sub encstep()
-{ my ($i,$te,@s) = @_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# lines marked with #%e?x[i] denote "reordered" instructions...
-	if ($i==3)  {	&mov	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);
-			&and	($out,0xFF);			}
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(0,$te,$out,8));
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(3,$te,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&xor	($out,&DWP(2,$te,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]); 
-			&shr	($tmp,24)			}
-			&xor	($out,&DWP(1,$te,$tmp,8));
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-			&comment();
-}
-
-sub enclast()
-{ my ($i,$te,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	if ($i==3)  {	&mov	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(2,$te,$out,8));
-			&and	($out,0x000000ff);
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&mov	($tmp,&DWP(0,$te,$tmp,8));
-			&and	($tmp,0x0000ff00);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&mov	($tmp,&DWP(0,$te,$tmp,8));
-			&and	($tmp,0x00ff0000);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]);
-			&shr	($tmp,24);			}
-			&mov	($tmp,&DWP(2,$te,$tmp,8));
-			&and	($tmp,0xff000000);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-}
-
-&function_begin_B("_x86_AES_encrypt");
-	if ($vertical_spin) {
-		# I need high parts of volatile registers to be accessible...
-		&exch	($s1="edi",$key="ebx");
-		&mov	($s2="esi",$acc="ecx");
-	}
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	if ($small_footprint) {
-	    &lea	($acc,&DWP(-2,$acc,$acc));
-	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	($__end,$acc);		# end of key schedule
-
-	    &set_label("loop",16);
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,$__end);
-	    &mov	($__key,$key);
-	    &jb		(&label("loop"));
-	}
-	else {
-	    &cmp	($acc,10);
-	    &jle	(&label("10rounds"));
-	    &cmp	($acc,12);
-	    &jle	(&label("12rounds"));
-
-	&set_label("14rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("12rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("10rounds",4);
-	    for ($i=1;$i<10;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	}
-
-	if ($vertical_spin) {
-	    # "reincarnate" some registers for "horizontal" spin...
-	    &mov	($s1="ebx",$key="edi");
-	    &mov	($s2="ecx",$acc="esi");
-	}
-	&enclast(0,$tbl,$s0,$s1,$s2,$s3);
-	&enclast(1,$tbl,$s1,$s2,$s3,$s0);
-	&enclast(2,$tbl,$s2,$s3,$s0,$s1);
-	&enclast(3,$tbl,$s3,$s0,$s1,$s2);
-
-	&add	($key,$small_footprint?16:160);
-	&xor	($s0,&DWP(0,$key));
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&ret	();
-
-&set_label("AES_Te",64);	# Yes! I keep it in the code segment!
-	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
-	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
-	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
-	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
-	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
-	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
-	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
-	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
-	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
-	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
-	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
-	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
-	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
-	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
-	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
-	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
-	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
-	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
-	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
-	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
-	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
-	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
-	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
-	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
-	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
-	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
-	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
-	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
-	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
-	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
-	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
-	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
-	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
-	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
-	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
-	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
-	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
-	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
-	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
-	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
-	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
-	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
-	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
-	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
-	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
-	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
-	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
-	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
-	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
-	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
-	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
-	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
-	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
-	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
-	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
-	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
-	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
-	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
-	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
-	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
-	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
-	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
-	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
-	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
-
-#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-#rcon:
-	&data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
-	&data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
-	&data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000);
-	&data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000);
-&function_end_B("_x86_AES_encrypt");
-
-# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-&function_begin("AES_encrypt");
-	&mov	($acc,&wparam(0));		# load inp
-	&mov	($key,&wparam(2));		# load key
-
-	&mov	($s0,"esp");
-	&sub	("esp",36);
-	&and	("esp",-64);			# align to cache-line
-
-	# place stack frame just "above" the key schedule
-	&lea	($s1,&DWP(-64-63,$key));
-	&sub	($s1,"esp");
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp",$s1);
-	&add	("esp",4);	# 4 is reserved for caller's return address
-	&mov	($_esp,$s0);			# save stack pointer
-
-	&call   (&label("pic_point"));          # make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only);
-	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-
-	# pick Te4 copy which can't "overlap" with stack frame or key schedule
-	&lea	($s1,&DWP(768-4,"esp"));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),25);	# check for SSE bit
-	&jnc	(&label("x86"));
-
-	&movq	("mm0",&QWP(0,$acc));
-	&movq	("mm4",&QWP(8,$acc));
-	&call	("_sse_AES_encrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&movq	(&QWP(0,$acc),"mm0");		# write output data
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&function_end_A();
-					}
-	&set_label("x86",16);
-	&mov	($_tbl,$tbl);
-	&mov	($s0,&DWP(0,$acc));		# load input data
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-	&call	("_x86_AES_encrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&mov	(&DWP(0,$acc),$s0);		# write output data
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-&function_end("AES_encrypt");
-
-#--------------------------------------------------------------------#
-
-######################################################################
-# "Compact" block function
-######################################################################
-
-sub deccompact()
-{ my $Fn = mov;
-  while ($#_>5) { pop(@_); $Fn=sub{}; }
-  my ($i,$td,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# $Fn is used in first compact round and its purpose is to
-	# void restoration of some values from stack, so that after
-	# 4xdeccompact with extra argument $key, $s0 and $s1 values
-	# are left there...
-	if($i==3)   {	&$Fn	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&movz	($out,&BP(-128,$td,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &$Fn ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&$Fn	($s[3],$__s0);			}
-}
-
-# must be called with 2,3,0,1 as argument sequence!!!
-sub dectransform()
-{ my @s = ($s0,$s1,$s2,$s3);
-  my $i = shift;
-  my $tmp = $key;
-  my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1);
-  my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1);
-  my $tp8 = $tbl;
-
-	&mov	($acc,$s[$i]);
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp2,&DWP(0,$s[$i],$s[$i]));
-	&sub	($acc,$tmp);
-	&and	($tp2,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	&xor	($acc,$tp2);
-	&mov	($tp2,$acc);
-
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp4,&DWP(0,$tp2,$tp2));
-	&sub	($acc,$tmp);
-	&and	($tp4,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp2,$s[$i]);	# tp2^tp1
-	&xor	($acc,$tp4);
-	&mov	($tp4,$acc);
-
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp8,&DWP(0,$tp4,$tp4));
-	&sub	($acc,$tmp);
-	&and	($tp8,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp4,$s[$i]);	# tp4^tp1
-	 &rotl	($s[$i],8);	# = ROTATE(tp1,8)
-	&xor	($tp8,$acc);
-
-	&xor	($s[$i],$tp2);
-	&xor	($tp2,$tp8);
-	&rotl	($tp2,24);
-	&xor	($s[$i],$tp4);
-	&xor	($tp4,$tp8);
-	&rotl	($tp4,16);
-	&xor	($s[$i],$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
-	&rotl	($tp8,8);
-	&xor	($s[$i],$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
-	&xor	($s[$i],$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
-	 &mov	($s[0],$__s0)			if($i==2); #prefetch $s0
-	 &mov	($s[1],$__s1)			if($i==3); #prefetch $s1
-	 &mov	($s[2],$__s2)			if($i==1);
-	&xor	($s[$i],$tp8);	# ^= ROTATE(tp8,8)
-
-	&mov	($s[3],$__s3)			if($i==1);
-	&mov	(&DWP(4+4*$i,"esp"),$s[$i])	if($i>=2);
-}
-
-&function_begin_B("_x86_AES_decrypt_compact");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	# prefetch Td4
-	&mov	($key,&DWP(0-128,$tbl));
-	&mov	($acc,&DWP(32-128,$tbl));
-	&mov	($key,&DWP(64-128,$tbl));
-	&mov	($acc,&DWP(96-128,$tbl));
-	&mov	($key,&DWP(128-128,$tbl));
-	&mov	($acc,&DWP(160-128,$tbl));
-	&mov	($key,&DWP(192-128,$tbl));
-	&mov	($acc,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-
-		&deccompact(0,$tbl,$s0,$s3,$s2,$s1,1);
-		&deccompact(1,$tbl,$s1,$s0,$s3,$s2,1);
-		&deccompact(2,$tbl,$s2,$s1,$s0,$s3,1);
-		&deccompact(3,$tbl,$s3,$s2,$s1,$s0,1);
-		&dectransform(2);
-		&dectransform(3);
-		&dectransform(0);
-		&dectransform(1);
-		&mov 	($key,$__key);
-		&mov	($tbl,$__tbl);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-	&cmp	($key,$__end);
-	&mov	($__key,$key);
-	&jb	(&label("loop"));
-
-	&deccompact(0,$tbl,$s0,$s3,$s2,$s1);
-	&deccompact(1,$tbl,$s1,$s0,$s3,$s2);
-	&deccompact(2,$tbl,$s2,$s1,$s0,$s3);
-	&deccompact(3,$tbl,$s3,$s2,$s1,$s0);
-
-	&xor	($s0,&DWP(16,$key));
-	&xor	($s1,&DWP(20,$key));
-	&xor	($s2,&DWP(24,$key));
-	&xor	($s3,&DWP(28,$key));
-
-	&ret	();
-&function_end_B("_x86_AES_decrypt_compact");
-
-######################################################################
-# "Compact" SSE block function.
-######################################################################
-
-sub sse_deccompact()
-{
-	&pshufw	("mm1","mm0",0x0c);		#  7, 6, 1, 0
-	&movd	("eax","mm1");			#  7, 6, 1, 0
-
-	&pshufw	("mm5","mm4",0x09);		# 13,12,11,10
-	&movz	($acc,&LB("eax"));		#  0
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
-	&movd	("ebx","mm5");			# 13,12,11,10
-	&movz	("edx",&HB("eax"));		#  1
-	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
-	&shl	("edx",8);			#  1
-
-	&pshufw	("mm2","mm0",0x06);		#  3, 2, 5, 4
-	&movz	($acc,&LB("ebx"));		# 10
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 10
-	&shl	($acc,16);			# 10
-	&or	("ecx",$acc);			# 10
-	&shr	("eax",16);			#  7, 6
-	&movz	($acc,&HB("ebx"));		# 11
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 11
-	&shl	($acc,24);			# 11
-	&or	("edx",$acc);			# 11
-	&shr	("ebx",16);			# 13,12
-
-	&pshufw	("mm6","mm4",0x03);		# 9, 8,15,14
-	&movz	($acc,&HB("eax"));		#  7
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  7
-	&shl	($acc,24);			#  7
-	&or	("ecx",$acc);			#  7
-	&movz	($acc,&HB("ebx"));		# 13
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 13
-	&shl	($acc,8);			# 13
-	&or	("ecx",$acc);			# 13
-	&movd	("mm0","ecx");			# t[0] collected
-
-	&movz	($acc,&LB("eax"));		#  6
-	&movd	("eax","mm2");			#  3, 2, 5, 4
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  6
-	&shl	("ecx",16);			#  6
-	&movz	($acc,&LB("ebx"));		# 12
-	&movd	("ebx","mm6");			#  9, 8,15,14
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 12
-	&or	("ecx",$acc);			# 12
-
-	&movz	($acc,&LB("eax"));		#  4
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  4
-	&or	("edx",$acc);			#  4
-	&movz	($acc,&LB("ebx"));		# 14
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 14
-	&shl	($acc,16);			# 14
-	&or	("edx",$acc);			# 14
-	&movd	("mm1","edx");			# t[1] collected
-
-	&movz	($acc,&HB("eax"));		#  5
-	&movz	("edx",&BP(-128,$tbl,$acc,1));	#  5
-	&shl	("edx",8);			#  5
-	&movz	($acc,&HB("ebx"));		# 15
-	&shr	("eax",16);			#  3, 2
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	# 15
-	&shl	($acc,24);			# 15
-	&or	("edx",$acc);			# 15
-	&shr	("ebx",16);			#  9, 8
-
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-
-	&movz	($acc,&HB("ebx"));		#  9
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  9
-	&shl	($acc,8);			#  9
-	&or	("ecx",$acc);			#  9
-	&and	("ebx",0xff);			#  8
-	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	#  8
-	&or	("edx","ebx");			#  8
-	&movz	($acc,&LB("eax"));		#  2
-	&movz	($acc,&BP(-128,$tbl,$acc,1));	#  2
-	&shl	($acc,16);			#  2
-	&or	("edx",$acc);			#  2
-	&movd	("mm4","edx");			# t[2] collected
-	&movz	("eax",&HB("eax"));		#  3
-	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  3
-	&shl	("eax",24);			#  3
-	&or	("ecx","eax");			#  3
-	&movd	("mm5","ecx");			# t[3] collected
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-					if (!$x86only) {
-&function_begin_B("_sse_AES_decrypt_compact");
-	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
-	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	&mov	($s0,0x1b1b1b1b);		# magic constant
-	&mov	(&DWP(8,"esp"),$s0);
-	&mov	(&DWP(12,"esp"),$s0);
-
-	# prefetch Td4
-	&mov	($s0,&DWP(0-128,$tbl));
-	&mov	($s1,&DWP(32-128,$tbl));
-	&mov	($s2,&DWP(64-128,$tbl));
-	&mov	($s3,&DWP(96-128,$tbl));
-	&mov	($s0,&DWP(128-128,$tbl));
-	&mov	($s1,&DWP(160-128,$tbl));
-	&mov	($s2,&DWP(192-128,$tbl));
-	&mov	($s3,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-		&sse_deccompact();
-		&add	($key,16);
-		&cmp	($key,$__end);
-		&ja	(&label("out"));
-
-		# ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N)
-		&movq	("mm3","mm0");		&movq	("mm7","mm4");
-		&movq	("mm2","mm0",1);	&movq	("mm6","mm4",1);
-		&movq	("mm1","mm0");		&movq	("mm5","mm4");
-		&pshufw	("mm0","mm0",0xb1);	&pshufw	("mm4","mm4",0xb1);# = ROTATE(tp0,16)
-		&pslld	("mm2",8);		&pslld	("mm6",8);
-		&psrld	("mm3",8);		&psrld	("mm7",8);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<8
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>8
-		&pslld	("mm2",16);		&pslld	("mm6",16);
-		&psrld	("mm3",16);		&psrld	("mm7",16);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<24
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>24
-
-		&movq	("mm3",&QWP(8,"esp"));
-		&pxor	("mm2","mm2");		&pxor	("mm6","mm6");
-		&pcmpgtb("mm2","mm1");		&pcmpgtb("mm6","mm5");
-		&pand	("mm2","mm3");		&pand	("mm6","mm3");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm2");		&pxor	("mm5","mm6");	# tp2
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&movq	("mm2","mm1");		&movq	("mm6","mm5");
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp2
-		&pslld	("mm3",24);		&pslld	("mm7",24);
-		&psrld	("mm2",8);		&psrld	("mm6",8);
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp2<<24
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp2>>8
-
-		&movq	("mm2",&QWP(8,"esp"));
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp4
-		&pshufw	("mm3","mm1",0xb1);	&pshufw	("mm7","mm5",0xb1);
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp4
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= ROTATE(tp4,16)	
-
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp8
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&pshufw	("mm2","mm1",0xb1);	&pshufw	("mm6","mm5",0xb1);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(tp8,16)
-		&pslld	("mm1",8);		&pslld	("mm5",8);
-		&psrld	("mm3",8);		&psrld	("mm7",8);
-		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<8
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>8
-		&mov	($s0,&DWP(0-128,$tbl));
-		&pslld	("mm1",16);		&pslld	("mm5",16);
-		&mov	($s1,&DWP(64-128,$tbl));
-		&psrld	("mm3",16);		&psrld	("mm7",16);
-		&mov	($s2,&DWP(128-128,$tbl));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<24
-		&mov	($s3,&DWP(192-128,$tbl));
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>24
-
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
-	&jmp	(&label("loop"));
-
-	&set_label("out",16);
-	&pxor	("mm0",&QWP(0,$key));
-	&pxor	("mm4",&QWP(8,$key));
-
-	&ret	();
-&function_end_B("_sse_AES_decrypt_compact");
-					}
-
-######################################################################
-# Vanilla block function.
-######################################################################
-
-sub decstep()
-{ my ($i,$td,@s) = @_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# no instructions are reordered, as performance appears
-	# optimal... or rather that all attempts to reorder didn't
-	# result in better performance [which by the way is not a
-	# bit lower than ecryption].
-	if($i==3)   {	&mov	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&mov	($out,&DWP(0,$td,$out,8));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(3,$td,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	&mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&xor	($out,&DWP(2,$td,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&xor	($out,&DWP(1,$td,$tmp,8));
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$__s0);			}
-			&comment();
-}
-
-sub declast()
-{ my ($i,$td,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	if($i==0)   {	&lea	($td,&DWP(2048+128,$td));
-			&mov	($tmp,&DWP(0-128,$td));
-			&mov	($acc,&DWP(32-128,$td));
-			&mov	($tmp,&DWP(64-128,$td));
-			&mov	($acc,&DWP(96-128,$td));
-			&mov	($tmp,&DWP(128-128,$td));
-			&mov	($acc,&DWP(160-128,$td));
-			&mov	($tmp,&DWP(192-128,$td));
-			&mov	($acc,&DWP(224-128,$td));
-			&lea	($td,&DWP(-128,$td));		}
-	if($i==3)   {	&mov	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&movz	($out,&BP(0,$td,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$__s0);
-			&lea	($td,&DWP(-2048,$td));		}
-}
-
-&function_begin_B("_x86_AES_decrypt");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	if ($small_footprint) {
-	    &lea	($acc,&DWP(-2,$acc,$acc));
-	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	($__end,$acc);		# end of key schedule
-	    &set_label("loop",16);
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,$__end);
-	    &mov	($__key,$key);
-	    &jb		(&label("loop"));
-	}
-	else {
-	    &cmp	($acc,10);
-	    &jle	(&label("10rounds"));
-	    &cmp	($acc,12);
-	    &jle	(&label("12rounds"));
-
-	&set_label("14rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("12rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("10rounds",4);
-	    for ($i=1;$i<10;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	}
-
-	&declast(0,$tbl,$s0,$s3,$s2,$s1);
-	&declast(1,$tbl,$s1,$s0,$s3,$s2);
-	&declast(2,$tbl,$s2,$s1,$s0,$s3);
-	&declast(3,$tbl,$s3,$s2,$s1,$s0);
-
-	&add	($key,$small_footprint?16:160);
-	&xor	($s0,&DWP(0,$key));
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&ret	();
-
-&set_label("AES_Td",64);	# Yes! I keep it in the code segment!
-	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
-	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
-	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
-	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
-	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
-	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
-	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
-	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
-	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
-	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
-	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
-	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
-	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
-	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
-	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
-	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
-	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
-	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
-	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
-	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
-	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
-	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
-	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
-	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
-	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
-	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
-	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
-	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
-	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
-	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
-	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
-	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
-	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
-	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
-	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
-	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
-	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
-	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
-	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
-	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
-	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
-	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
-	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
-	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
-	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
-	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
-	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
-	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
-	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
-	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
-	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
-	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
-	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
-	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
-	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
-	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
-	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
-	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
-	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
-	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
-	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
-	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
-	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
-	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-
-#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-&function_end_B("_x86_AES_decrypt");
-
-# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-&function_begin("AES_decrypt");
-	&mov	($acc,&wparam(0));		# load inp
-	&mov	($key,&wparam(2));		# load key
-
-	&mov	($s0,"esp");
-	&sub	("esp",36);
-	&and	("esp",-64);			# align to cache-line
-
-	# place stack frame just "above" the key schedule
-	&lea	($s1,&DWP(-64-63,$key));
-	&sub	($s1,"esp");
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp",$s1);
-	&add	("esp",4);	# 4 is reserved for caller's return address
-	&mov	($_esp,$s0);	# save stack pointer
-
-	&call   (&label("pic_point"));          # make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
-	&lea    ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl));
-
-	# pick Td4 copy which can't "overlap" with stack frame or key schedule
-	&lea	($s1,&DWP(768-4,"esp"));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),25);	# check for SSE bit
-	&jnc	(&label("x86"));
-
-	&movq	("mm0",&QWP(0,$acc));
-	&movq	("mm4",&QWP(8,$acc));
-	&call	("_sse_AES_decrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&movq	(&QWP(0,$acc),"mm0");		# write output data
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&function_end_A();
-					}
-	&set_label("x86",16);
-	&mov	($_tbl,$tbl);
-	&mov	($s0,&DWP(0,$acc));		# load input data
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-	&call	("_x86_AES_decrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&mov	(&DWP(0,$acc),$s0);		# write output data
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-&function_end("AES_decrypt");
-
-# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const AES_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-# stack frame layout
-#             -4(%esp)		# return address	 0(%esp)
-#              0(%esp)		# s0 backing store	 4(%esp)	
-#              4(%esp)		# s1 backing store	 8(%esp)
-#              8(%esp)		# s2 backing store	12(%esp)
-#             12(%esp)		# s3 backing store	16(%esp)
-#             16(%esp)		# key backup		20(%esp)
-#             20(%esp)		# end of key schedule	24(%esp)
-#             24(%esp)		# %ebp backup		28(%esp)
-#             28(%esp)		# %esp backup
-my $_inp=&DWP(32,"esp");	# copy of wparam(0)
-my $_out=&DWP(36,"esp");	# copy of wparam(1)
-my $_len=&DWP(40,"esp");	# copy of wparam(2)
-my $_key=&DWP(44,"esp");	# copy of wparam(3)
-my $_ivp=&DWP(48,"esp");	# copy of wparam(4)
-my $_tmp=&DWP(52,"esp");	# volatile variable
-#
-my $ivec=&DWP(60,"esp");	# ivec[16]
-my $aes_key=&DWP(76,"esp");	# copy of aes_key
-my $mark=&DWP(76+240,"esp");	# copy of aes_key->rounds
-
-&function_begin("AES_cbc_encrypt");
-	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
-	&cmp	($s2,0);
-	&je	(&label("drop_out"));
-
-	&call   (&label("pic_point"));		# make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
-
-	&cmp	(&wparam(5),0);
-	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-	&jne	(&label("picked_te"));
-	&lea	($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl));
-	&set_label("picked_te");
-
-	# one can argue if this is required
-	&pushf	();
-	&cld	();
-
-	&cmp	($s2,$speed_limit);
-	&jb	(&label("slow_way"));
-	&test	($s2,15);
-	&jnz	(&label("slow_way"));
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
-	&jc	(&label("slow_way"));
-					}
-	# pre-allocate aligned stack frame...
-	&lea	($acc,&DWP(-80-244,"esp"));
-	&and	($acc,-64);
-
-	# ... and make sure it doesn't alias with $tbl modulo 4096
-	&mov	($s0,$tbl);
-	&lea	($s1,&DWP(2048+256,$tbl));
-	&mov	($s3,$acc);
-	&and	($s0,0xfff);		# s = %ebp&0xfff
-	&and	($s1,0xfff);		# e = (%ebp+2048+256)&0xfff
-	&and	($s3,0xfff);		# p = %esp&0xfff
-
-	&cmp	($s3,$s1);		# if (p>=e) %esp =- (p-e);
-	&jb	(&label("tbl_break_out"));
-	&sub	($s3,$s1);
-	&sub	($acc,$s3);
-	&jmp	(&label("tbl_ok"));
-	&set_label("tbl_break_out",4);	# else %esp -= (p-s)&0xfff + framesz;
-	&sub	($s3,$s0);
-	&and	($s3,0xfff);
-	&add	($s3,384);
-	&sub	($acc,$s3);
-	&set_label("tbl_ok",4);
-
-	&lea	($s3,&wparam(0));	# obtain pointer to parameter block
-	&exch	("esp",$acc);		# allocate stack frame
-	&add	("esp",4);		# reserve for return address!
-	&mov	($_tbl,$tbl);		# save %ebp
-	&mov	($_esp,$acc);		# save %esp
-
-	&mov	($s0,&DWP(0,$s3));	# load inp
-	&mov	($s1,&DWP(4,$s3));	# load out
-	#&mov	($s2,&DWP(8,$s3));	# load len
-	&mov	($key,&DWP(12,$s3));	# load key
-	&mov	($acc,&DWP(16,$s3));	# load ivp
-	&mov	($s3,&DWP(20,$s3));	# load enc flag
-
-	&mov	($_inp,$s0);		# save copy of inp
-	&mov	($_out,$s1);		# save copy of out
-	&mov	($_len,$s2);		# save copy of len
-	&mov	($_key,$key);		# save copy of key
-	&mov	($_ivp,$acc);		# save copy of ivp
-
-	&mov	($mark,0);		# copy of aes_key->rounds = 0;
-	# do we copy key schedule to stack?
-	&mov	($s1 eq "ebx" ? $s1 : "",$key);
-	&mov	($s2 eq "ecx" ? $s2 : "",244/4);
-	&sub	($s1,$tbl);
-	&mov	("esi",$key);
-	&and	($s1,0xfff);
-	&lea	("edi",$aes_key);
-	&cmp	($s1,2048+256);
-	&jb	(&label("do_copy"));
-	&cmp	($s1,4096-244);
-	&jb	(&label("skip_copy"));
-	&set_label("do_copy",4);
-		&mov	($_key,"edi");
-		&data_word(0xA5F3F689);	# rep movsd
-	&set_label("skip_copy");
-
-	&mov	($key,16);
-	&set_label("prefetch_tbl",4);
-		&mov	($s0,&DWP(0,$tbl));
-		&mov	($s1,&DWP(32,$tbl));
-		&mov	($s2,&DWP(64,$tbl));
-		&mov	($acc,&DWP(96,$tbl));
-		&lea	($tbl,&DWP(128,$tbl));
-		&sub	($key,1);
-	&jnz	(&label("prefetch_tbl"));
-	&sub	($tbl,2048);
-
-	&mov	($acc,$_inp);
-	&mov	($key,$_ivp);
-
-	&cmp	($s3,0);
-	&je	(&label("fast_decrypt"));
-
-#----------------------------- ENCRYPT -----------------------------#
-	&mov	($s0,&DWP(0,$key));		# load iv
-	&mov	($s1,&DWP(4,$key));
-
-	&set_label("fast_enc_loop",16);
-		&mov	($s2,&DWP(8,$key));
-		&mov	($s3,&DWP(12,$key));
-
-		&xor	($s0,&DWP(0,$acc));	# xor input data
-		&xor	($s1,&DWP(4,$acc));
-		&xor	($s2,&DWP(8,$acc));
-		&xor	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_encrypt");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&mov	(&DWP(0,$key),$s0);	# save output data
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($s2,$_len);		# load len
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_enc_loop"));
-	&mov	($acc,$_ivp);		# load ivp
-	&mov	($s2,&DWP(8,$key));	# restore last 2 dwords
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# save ivec
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&cmp	($mark,0);		# was the key schedule copied?
-	&mov	("edi",$_key);
-	&je	(&label("skip_ezero"));
-	# zero copy of key schedule
-	&mov	("ecx",240/4);
-	&xor	("eax","eax");
-	&align	(4);
-	&data_word(0xABF3F689);	# rep stosd
-	&set_label("skip_ezero")
-	&mov	("esp",$_esp);
-	&popf	();
-    &set_label("drop_out");
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-#----------------------------- DECRYPT -----------------------------#
-&set_label("fast_decrypt",16);
-
-	&cmp	($acc,$_out);
-	&je	(&label("fast_dec_in_place"));	# in-place processing...
-
-	&mov	($_tmp,$key);
-
-	&align	(4);
-	&set_label("fast_dec_loop",16);
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt");
-
-		&mov	($key,$_tmp);		# load ivp
-		&mov	($acc,$_len);		# load len
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&mov	($key,$_out);		# load out
-		&mov	($acc,$_inp);		# load inp
-
-		&mov	(&DWP(0,$key),$s0);	# write output
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($s2,$_len);		# load len
-		&mov	($_tmp,$acc);		# save ivp
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($key,&DWP(16,$key));	# advance out
-		&mov	($_out,$key);		# save out
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_dec_loop"));
-	&mov	($key,$_tmp);		# load temp ivp
-	&mov	($acc,$_ivp);		# load user ivp
-	&mov	($s0,&DWP(0,$key));	# load iv
-	&mov	($s1,&DWP(4,$key));
-	&mov	($s2,&DWP(8,$key));
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# copy back to user
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-	&jmp	(&label("fast_dec_out"));
-
-    &set_label("fast_dec_in_place",16);
-	&set_label("fast_dec_in_place_loop");
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&lea	($key,$ivec);
-		&mov	(&DWP(0,$key),$s0);	# copy to temp
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt");
-
-		&mov	($key,$_ivp);		# load ivp
-		&mov	($acc,$_out);		# load out
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&mov	(&DWP(0,$acc),$s0);	# write output
-		&mov	(&DWP(4,$acc),$s1);
-		&mov	(&DWP(8,$acc),$s2);
-		&mov	(&DWP(12,$acc),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance out
-		&mov	($_out,$acc);		# save out
-
-		&lea	($acc,$ivec);
-		&mov	($s0,&DWP(0,$acc));	# read temp
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	(&DWP(0,$key),$s0);	# copy iv
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($s2,$_len);		# load len
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_dec_in_place_loop"));
-
-    &set_label("fast_dec_out",4);
-	&cmp	($mark,0);		# was the key schedule copied?
-	&mov	("edi",$_key);
-	&je	(&label("skip_dzero"));
-	# zero copy of key schedule
-	&mov	("ecx",240/4);
-	&xor	("eax","eax");
-	&align	(4);
-	&data_word(0xABF3F689);	# rep stosd
-	&set_label("skip_dzero")
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-#--------------------------- SLOW ROUTINE ---------------------------#
-&set_label("slow_way",16);
-
-	&mov	($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap
-	&mov	($key,&wparam(3));	# load key
-
-	# pre-allocate aligned stack frame...
-	&lea	($acc,&DWP(-80,"esp"));
-	&and	($acc,-64);
-
-	# ... and make sure it doesn't alias with $key modulo 1024
-	&lea	($s1,&DWP(-80-63,$key));
-	&sub	($s1,$acc);
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	($acc,$s1);
-
-	# pick S-box copy which can't overlap with stack frame or $key
-	&lea	($s1,&DWP(768,$acc));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-	&lea	($s3,&wparam(0));	# pointer to parameter block
-
-	&exch	("esp",$acc);
-	&add	("esp",4);		# reserve for return address!
-	&mov	($_tbl,$tbl);		# save %ebp
-	&mov	($_esp,$acc);		# save %esp
-	&mov	($_tmp,$s0);		# save OPENSSL_ia32cap
-
-	&mov	($s0,&DWP(0,$s3));	# load inp
-	&mov	($s1,&DWP(4,$s3));	# load out
-	#&mov	($s2,&DWP(8,$s3));	# load len
-	#&mov	($key,&DWP(12,$s3));	# load key
-	&mov	($acc,&DWP(16,$s3));	# load ivp
-	&mov	($s3,&DWP(20,$s3));	# load enc flag
-
-	&mov	($_inp,$s0);		# save copy of inp
-	&mov	($_out,$s1);		# save copy of out
-	&mov	($_len,$s2);		# save copy of len
-	&mov	($_key,$key);		# save copy of key
-	&mov	($_ivp,$acc);		# save copy of ivp
-
-	&mov	($key,$acc);
-	&mov	($acc,$s0);
-
-	&cmp	($s3,0);
-	&je	(&label("slow_decrypt"));
-
-#--------------------------- SLOW ENCRYPT ---------------------------#
-	&cmp	($s2,16);
-	&mov	($s3,$s1);
-	&jb	(&label("slow_enc_tail"));
-
-					if (!$x86only) {
-	&bt	($_tmp,25);		# check for SSE bit
-	&jnc	(&label("slow_enc_x86"));
-
-	&movq	("mm0",&QWP(0,$key));	# load iv
-	&movq	("mm4",&QWP(8,$key));
-
-	&set_label("slow_enc_loop_sse",16);
-		&pxor	("mm0",&QWP(0,$acc));	# xor input data
-		&pxor	("mm4",&QWP(8,$acc));
-
-		&mov	($key,$_key);
-		&call	("_sse_AES_encrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-		&mov	($s2,$_len);		# load len
-
-		&movq	(&QWP(0,$key),"mm0");	# save output data
-		&movq	(&QWP(8,$key),"mm4");
-
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&cmp	($s2,16);
-		&mov	($_len,$s2);		# save len
-	&jae	(&label("slow_enc_loop_sse"));
-	&test	($s2,15);
-	&jnz	(&label("slow_enc_tail"));
-	&mov	($acc,$_ivp);		# load ivp
-	&movq	(&QWP(0,$acc),"mm0");	# save ivec
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-					}
-    &set_label("slow_enc_x86",16);
-	&mov	($s0,&DWP(0,$key));	# load iv
-	&mov	($s1,&DWP(4,$key));
-
-	&set_label("slow_enc_loop_x86",4);
-		&mov	($s2,&DWP(8,$key));
-		&mov	($s3,&DWP(12,$key));
-
-		&xor	($s0,&DWP(0,$acc));	# xor input data
-		&xor	($s1,&DWP(4,$acc));
-		&xor	($s2,&DWP(8,$acc));
-		&xor	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_encrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&mov	(&DWP(0,$key),$s0);	# save output data
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($s2,$_len);		# load len
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&cmp	($s2,16);
-		&mov	($_len,$s2);		# save len
-	&jae	(&label("slow_enc_loop_x86"));
-	&test	($s2,15);
-	&jnz	(&label("slow_enc_tail"));
-	&mov	($acc,$_ivp);		# load ivp
-	&mov	($s2,&DWP(8,$key));	# restore last dwords
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# save ivec
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_enc_tail",16);
-	&emms	()	if (!$x86only);
-	&mov	($key eq "edi"? $key:"",$s3);	# load out to edi
-	&mov	($s1,16);
-	&sub	($s1,$s2);
-	&cmp	($key,$acc eq "esi"? $acc:"");	# compare with inp
-	&je	(&label("enc_in_place"));
-	&align	(4);
-	&data_word(0xA4F3F689);	# rep movsb	# copy input
-	&jmp	(&label("enc_skip_in_place"));
-    &set_label("enc_in_place");
-	&lea	($key,&DWP(0,$key,$s2));
-    &set_label("enc_skip_in_place");
-	&mov	($s2,$s1);
-	&xor	($s0,$s0);
-	&align	(4);
-	&data_word(0xAAF3F689);	# rep stosb	# zero tail
-
-	&mov	($key,$_ivp);			# restore ivp
-	&mov	($acc,$s3);			# output as input
-	&mov	($s0,&DWP(0,$key));
-	&mov	($s1,&DWP(4,$key));
-	&mov	($_len,16);			# len=16
-	&jmp	(&label("slow_enc_loop_x86"));	# one more spin...
-
-#--------------------------- SLOW DECRYPT ---------------------------#
-&set_label("slow_decrypt",16);
-					if (!$x86only) {
-	&bt	($_tmp,25);		# check for SSE bit
-	&jnc	(&label("slow_dec_loop_x86"));
-
-	&set_label("slow_dec_loop_sse",4);
-		&movq	("mm0",&QWP(0,$acc));	# read input
-		&movq	("mm4",&QWP(8,$acc));
-
-		&mov	($key,$_key);
-		&call	("_sse_AES_decrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&lea	($s0,$ivec);
-		&mov	($s1,$_out);		# load out
-		&mov	($s2,$_len);		# load len
-		&mov	($key,$_ivp);		# load ivp
-
-		&movq	("mm1",&QWP(0,$acc));	# re-read input
-		&movq	("mm5",&QWP(8,$acc));
-
-		&pxor	("mm0",&QWP(0,$key));	# xor iv
-		&pxor	("mm4",&QWP(8,$key));
-
-		&movq	(&QWP(0,$key),"mm1");	# copy input to iv
-		&movq	(&QWP(8,$key),"mm5");
-
-		&sub	($s2,16);		# decrease len
-		&jc	(&label("slow_dec_partial_sse"));
-
-		&movq	(&QWP(0,$s1),"mm0");	# write output
-		&movq	(&QWP(8,$s1),"mm4");
-
-		&lea	($s1,&DWP(16,$s1));	# advance out
-		&mov	($_out,$s1);		# save out
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("slow_dec_loop_sse"));
-	&emms	();
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_dec_partial_sse",16);
-	&movq	(&QWP(0,$s0),"mm0");	# save output to temp
-	&movq	(&QWP(8,$s0),"mm4");
-	&emms	();
-
-	&add	($s2 eq "ecx" ? "ecx":"",16);
-	&mov	("edi",$s1);		# out
-	&mov	("esi",$s0);		# temp
-	&align	(4);
-	&data_word(0xA4F3F689);		# rep movsb # copy partial output
-
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-					}
-	&set_label("slow_dec_loop_x86",16);
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&lea	($key,$ivec);
-		&mov	(&DWP(0,$key),$s0);	# copy to temp
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt_compact");
-
-		&mov	($key,$_ivp);		# load ivp
-		&mov	($acc,$_len);		# load len
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&sub	($acc,16);
-		&jc	(&label("slow_dec_partial_x86"));
-
-		&mov	($_len,$acc);		# save len
-		&mov	($acc,$_out);		# load out
-
-		&mov	(&DWP(0,$acc),$s0);	# write output
-		&mov	(&DWP(4,$acc),$s1);
-		&mov	(&DWP(8,$acc),$s2);
-		&mov	(&DWP(12,$acc),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance out
-		&mov	($_out,$acc);		# save out
-
-		&lea	($acc,$ivec);
-		&mov	($s0,&DWP(0,$acc));	# read temp
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	(&DWP(0,$key),$s0);	# copy it to iv
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($acc,$_inp);		# load inp
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-	&jnz	(&label("slow_dec_loop_x86"));
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_dec_partial_x86",16);
-	&lea	($acc,$ivec);
-	&mov	(&DWP(0,$acc),$s0);	# save output to temp
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&mov	($acc,$_inp);
-	&mov	($s0,&DWP(0,$acc));	# re-read input
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-
-	&mov	(&DWP(0,$key),$s0);	# copy it to iv
-	&mov	(&DWP(4,$key),$s1);
-	&mov	(&DWP(8,$key),$s2);
-	&mov	(&DWP(12,$key),$s3);
-
-	&mov	("ecx",$_len);
-	&mov	("edi",$_out);
-	&lea	("esi",$ivec);
-	&align	(4);
-	&data_word(0xA4F3F689);		# rep movsb # copy partial output
-
-	&mov	("esp",$_esp);
-	&popf	();
-&function_end("AES_cbc_encrypt");
-}
-
-#------------------------------------------------------------------#
-
-sub enckey()
-{
-	&movz	("esi",&LB("edx"));		# rk[i]>>0
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&movz	("esi",&HB("edx"));		# rk[i]>>8
-	&shl	("ebx",24);
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&shr	("edx",16);
-	&movz	("esi",&LB("edx"));		# rk[i]>>16
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&movz	("esi",&HB("edx"));		# rk[i]>>24
-	&shl	("ebx",8);
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&shl	("ebx",16);
-	&xor	("eax","ebx");
-
-	&xor	("eax",&DWP(1024-128,$tbl,"ecx",4));	# rcon
-}
-
-&function_begin("_x86_AES_set_encrypt_key");
-	&mov	("esi",&wparam(1));		# user supplied key
-	&mov	("edi",&wparam(3));		# private key schedule
-
-	&test	("esi",-1);
-	&jz	(&label("badpointer"));
-	&test	("edi",-1);
-	&jz	(&label("badpointer"));
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&lea	($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-	&lea	($tbl,&DWP(2048+128,$tbl));
-
-	# prefetch Te4
-	&mov	("eax",&DWP(0-128,$tbl));
-	&mov	("ebx",&DWP(32-128,$tbl));
-	&mov	("ecx",&DWP(64-128,$tbl));
-	&mov	("edx",&DWP(96-128,$tbl));
-	&mov	("eax",&DWP(128-128,$tbl));
-	&mov	("ebx",&DWP(160-128,$tbl));
-	&mov	("ecx",&DWP(192-128,$tbl));
-	&mov	("edx",&DWP(224-128,$tbl));
-
-	&mov	("ecx",&wparam(2));		# number of bits in key
-	&cmp	("ecx",128);
-	&je	(&label("10rounds"));
-	&cmp	("ecx",192);
-	&je	(&label("12rounds"));
-	&cmp	("ecx",256);
-	&je	(&label("14rounds"));
-	&mov	("eax",-2);			# invalid number of bits
-	&jmp	(&label("exit"));
-
-    &set_label("10rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 4 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("10shortcut"));
-
-	&align	(4);
-	&set_label("10loop");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-		&mov	("edx",&DWP(12,"edi"));		# rk[3]
-	&set_label("10shortcut");
-		&enckey	();
-
-		&mov	(&DWP(16,"edi"),"eax");		# rk[4]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(20,"edi"),"eax");		# rk[5]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
-		&inc	("ecx");
-		&add	("edi",16);
-		&cmp	("ecx",10);
-	&jl	(&label("10loop"));
-
-	&mov	(&DWP(80,"edi"),10);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-		
-    &set_label("12rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 6 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-	&mov	("ecx",&DWP(16,"esi"));
-	&mov	("edx",&DWP(20,"esi"));
-	&mov	(&DWP(16,"edi"),"ecx");
-	&mov	(&DWP(20,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("12shortcut"));
-
-	&align	(4);
-	&set_label("12loop");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-		&mov	("edx",&DWP(20,"edi"));		# rk[5]
-	&set_label("12shortcut");
-		&enckey	();
-
-		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
-
-		&cmp	("ecx",7);
-		&je	(&label("12break"));
-		&inc	("ecx");
-
-		&xor	("eax",&DWP(16,"edi"));
-		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
-		&xor	("eax",&DWP(20,"edi"));
-		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
-
-		&add	("edi",24);
-	&jmp	(&label("12loop"));
-
-	&set_label("12break");
-	&mov	(&DWP(72,"edi"),12);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-
-    &set_label("14rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 8 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-	&mov	("eax",&DWP(16,"esi"));
-	&mov	("ebx",&DWP(20,"esi"));
-	&mov	("ecx",&DWP(24,"esi"));
-	&mov	("edx",&DWP(28,"esi"));
-	&mov	(&DWP(16,"edi"),"eax");
-	&mov	(&DWP(20,"edi"),"ebx");
-	&mov	(&DWP(24,"edi"),"ecx");
-	&mov	(&DWP(28,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("14shortcut"));
-
-	&align	(4);
-	&set_label("14loop");
-		&mov	("edx",&DWP(28,"edi"));		# rk[7]
-	&set_label("14shortcut");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-
-		&enckey	();
-
-		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
-
-		&cmp	("ecx",6);
-		&je	(&label("14break"));
-		&inc	("ecx");
-
-		&mov	("edx","eax");
-		&mov	("eax",&DWP(16,"edi"));		# rk[4]
-		&movz	("esi",&LB("edx"));		# rk[11]>>0
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&movz	("esi",&HB("edx"));		# rk[11]>>8
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&shr	("edx",16);
-		&shl	("ebx",8);
-		&movz	("esi",&LB("edx"));		# rk[11]>>16
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&movz	("esi",&HB("edx"));		# rk[11]>>24
-		&shl	("ebx",16);
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&shl	("ebx",24);
-		&xor	("eax","ebx");
-
-		&mov	(&DWP(48,"edi"),"eax");		# rk[12]
-		&xor	("eax",&DWP(20,"edi"));
-		&mov	(&DWP(52,"edi"),"eax");		# rk[13]
-		&xor	("eax",&DWP(24,"edi"));
-		&mov	(&DWP(56,"edi"),"eax");		# rk[14]
-		&xor	("eax",&DWP(28,"edi"));
-		&mov	(&DWP(60,"edi"),"eax");		# rk[15]
-
-		&add	("edi",32);
-	&jmp	(&label("14loop"));
-
-	&set_label("14break");
-	&mov	(&DWP(48,"edi"),14);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-
-    &set_label("badpointer");
-	&mov	("eax",-1);
-    &set_label("exit");
-&function_end("_x86_AES_set_encrypt_key");
-
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_encrypt_key");
-	&call	("_x86_AES_set_encrypt_key");
-	&ret	();
-&function_end_B("AES_set_encrypt_key");
-
-sub deckey()
-{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
-  my $tmp = $tbl;
-
-	&mov	($acc,$tp1);
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp2,&DWP(0,$tp1,$tp1));
-	&sub	($acc,$tmp);
-	&and	($tp2,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	&xor	($acc,$tp2);
-	&mov	($tp2,$acc);
-
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp4,&DWP(0,$tp2,$tp2));
-	&sub	($acc,$tmp);
-	&and	($tp4,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp2,$tp1);	# tp2^tp1
-	&xor	($acc,$tp4);
-	&mov	($tp4,$acc);
-
-	&and	($acc,0x80808080);
-	&mov	($tmp,$acc);
-	&shr	($tmp,7);
-	&lea	($tp8,&DWP(0,$tp4,$tp4));
-	 &xor	($tp4,$tp1);	# tp4^tp1
-	&sub	($acc,$tmp);
-	&and	($tp8,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &rotl	($tp1,8);	# = ROTATE(tp1,8)
-	&xor	($tp8,$acc);
-
-	&mov	($tmp,&DWP(4*($i+1),$key));	# modulo-scheduled load
-
-	&xor	($tp1,$tp2);
-	&xor	($tp2,$tp8);
-	&xor	($tp1,$tp4);
-	&rotl	($tp2,24);
-	&xor	($tp4,$tp8);
-	&xor	($tp1,$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
-	&rotl	($tp4,16);
-	&xor	($tp1,$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
-	&rotl	($tp8,8);
-	&xor	($tp1,$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
-	&mov	($tp2,$tmp);
-	&xor	($tp1,$tp8);	# ^= ROTATE(tp8,8)
-
-	&mov	(&DWP(4*$i,$key),$tp1);
-}
-
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_decrypt_key");
-	&call	("_x86_AES_set_encrypt_key");
-	&cmp	("eax",0);
-	&je	(&label("proceed"));
-	&ret	();
-
-    &set_label("proceed");
-	&push	("ebp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-
-	&mov	("esi",&wparam(2));
-	&mov	("ecx",&DWP(240,"esi"));	# pull number of rounds
-	&lea	("ecx",&DWP(0,"","ecx",4));
-	&lea	("edi",&DWP(0,"esi","ecx",4));	# pointer to last chunk
-
-	&set_label("invert",4);			# invert order of chunks
-		&mov	("eax",&DWP(0,"esi"));
-		&mov	("ebx",&DWP(4,"esi"));
-		&mov	("ecx",&DWP(0,"edi"));
-		&mov	("edx",&DWP(4,"edi"));
-		&mov	(&DWP(0,"edi"),"eax");
-		&mov	(&DWP(4,"edi"),"ebx");
-		&mov	(&DWP(0,"esi"),"ecx");
-		&mov	(&DWP(4,"esi"),"edx");
-		&mov	("eax",&DWP(8,"esi"));
-		&mov	("ebx",&DWP(12,"esi"));
-		&mov	("ecx",&DWP(8,"edi"));
-		&mov	("edx",&DWP(12,"edi"));
-		&mov	(&DWP(8,"edi"),"eax");
-		&mov	(&DWP(12,"edi"),"ebx");
-		&mov	(&DWP(8,"esi"),"ecx");
-		&mov	(&DWP(12,"esi"),"edx");
-		&add	("esi",16);
-		&sub	("edi",16);
-		&cmp	("esi","edi");
-	&jne	(&label("invert"));
-
-	&mov	($key,&wparam(2));
-	&mov	($acc,&DWP(240,$key));		# pull number of rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	(&wparam(2),$acc);
-
-	&mov	($s0,&DWP(16,$key));		# modulo-scheduled load
-	&set_label("permute",4);		# permute the key schedule
-		&add	($key,16);
-		&deckey	(0,$key,$s0,$s1,$s2,$s3);
-		&deckey	(1,$key,$s1,$s2,$s3,$s0);
-		&deckey	(2,$key,$s2,$s3,$s0,$s1);
-		&deckey	(3,$key,$s3,$s0,$s1,$s2);
-		&cmp	($key,&wparam(2));
-	&jb	(&label("permute"));
-
-	&xor	("eax","eax");			# return success
-&function_end("AES_set_decrypt_key");
-&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/aes/asm/aes-armv4.pl b/lib/libssl/src/crypto/aes/asm/aes-armv4.pl
deleted file mode 100644
index 717cc1ed7f0..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-armv4.pl
+++ /dev/null
@@ -1,1134 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# AES for ARMv4
-
-# January 2007.
-#
-# Code uses single 1K S-box and is >2 times faster than code generated
-# by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
-# allows to merge logical or arithmetic operation with shift or rotate
-# in one instruction and emit combined result every cycle. The module
-# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
-# key [on single-issue Xscale PXA250 core].
-
-# May 2007.
-#
-# AES_set_[en|de]crypt_key is added.
-
-# July 2010.
-#
-# Rescheduling for dual-issue pipeline resulted in 12% improvement on
-# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
-
-# February 2011.
-#
-# Profiler-assisted and platform-specific optimization resulted in 16%
-# improvement on Cortex A8 core and ~21.5 cycles per byte.
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$s0="r0";
-$s1="r1";
-$s2="r2";
-$s3="r3";
-$t1="r4";
-$t2="r5";
-$t3="r6";
-$i1="r7";
-$i2="r8";
-$i3="r9";
-
-$tbl="r10";
-$key="r11";
-$rounds="r12";
-
-$code=<<___;
-#include "arm_arch.h"
-.text
-.code	32
-
-.type	AES_Te,%object
-.align	5
-AES_Te:
-.word	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
-.word	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
-.word	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
-.word	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
-.word	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
-.word	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
-.word	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
-.word	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
-.word	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
-.word	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
-.word	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
-.word	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
-.word	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
-.word	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
-.word	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
-.word	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
-.word	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
-.word	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
-.word	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
-.word	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
-.word	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
-.word	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
-.word	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
-.word	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
-.word	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
-.word	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
-.word	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
-.word	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
-.word	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
-.word	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
-.word	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
-.word	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
-.word	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
-.word	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
-.word	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
-.word	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
-.word	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
-.word	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
-.word	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
-.word	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
-.word	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
-.word	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
-.word	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
-.word	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
-.word	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
-.word	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
-.word	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
-.word	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
-.word	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
-.word	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
-.word	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
-.word	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
-.word	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
-.word	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
-.word	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
-.word	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
-.word	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
-.word	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
-.word	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
-.word	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
-.word	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
-.word	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
-.word	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
-.word	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
-@ Te4[256]
-.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-@ rcon[]
-.word	0x01000000, 0x02000000, 0x04000000, 0x08000000
-.word	0x10000000, 0x20000000, 0x40000000, 0x80000000
-.word	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
-.size	AES_Te,.-AES_Te
-
-@ void AES_encrypt(const unsigned char *in, unsigned char *out,
-@ 		 const AES_KEY *key) {
-.global AES_encrypt
-.type   AES_encrypt,%function
-.align	5
-AES_encrypt:
-	sub	r3,pc,#8		@ AES_encrypt
-	stmdb   sp!,{r1,r4-r12,lr}
-	mov	$rounds,r0		@ inp
-	mov	$key,r2
-	sub	$tbl,r3,#AES_encrypt-AES_Te	@ Te
-#if __ARM_ARCH__<7
-	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
-	ldrb	$t1,[$rounds,#2]	@ manner...
-	ldrb	$t2,[$rounds,#1]
-	ldrb	$t3,[$rounds,#0]
-	orr	$s0,$s0,$t1,lsl#8
-	ldrb	$s1,[$rounds,#7]
-	orr	$s0,$s0,$t2,lsl#16
-	ldrb	$t1,[$rounds,#6]
-	orr	$s0,$s0,$t3,lsl#24
-	ldrb	$t2,[$rounds,#5]
-	ldrb	$t3,[$rounds,#4]
-	orr	$s1,$s1,$t1,lsl#8
-	ldrb	$s2,[$rounds,#11]
-	orr	$s1,$s1,$t2,lsl#16
-	ldrb	$t1,[$rounds,#10]
-	orr	$s1,$s1,$t3,lsl#24
-	ldrb	$t2,[$rounds,#9]
-	ldrb	$t3,[$rounds,#8]
-	orr	$s2,$s2,$t1,lsl#8
-	ldrb	$s3,[$rounds,#15]
-	orr	$s2,$s2,$t2,lsl#16
-	ldrb	$t1,[$rounds,#14]
-	orr	$s2,$s2,$t3,lsl#24
-	ldrb	$t2,[$rounds,#13]
-	ldrb	$t3,[$rounds,#12]
-	orr	$s3,$s3,$t1,lsl#8
-	orr	$s3,$s3,$t2,lsl#16
-	orr	$s3,$s3,$t3,lsl#24
-#else
-	ldr	$s0,[$rounds,#0]
-	ldr	$s1,[$rounds,#4]
-	ldr	$s2,[$rounds,#8]
-	ldr	$s3,[$rounds,#12]
-#ifdef __ARMEL__
-	rev	$s0,$s0
-	rev	$s1,$s1
-	rev	$s2,$s2
-	rev	$s3,$s3
-#endif
-#endif
-	bl	_armv4_AES_encrypt
-
-	ldr	$rounds,[sp],#4		@ pop out
-#if __ARM_ARCH__>=7
-#ifdef __ARMEL__
-	rev	$s0,$s0
-	rev	$s1,$s1
-	rev	$s2,$s2
-	rev	$s3,$s3
-#endif
-	str	$s0,[$rounds,#0]
-	str	$s1,[$rounds,#4]
-	str	$s2,[$rounds,#8]
-	str	$s3,[$rounds,#12]
-#else
-	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
-	mov	$t2,$s0,lsr#16		@ manner...
-	mov	$t3,$s0,lsr#8
-	strb	$t1,[$rounds,#0]
-	strb	$t2,[$rounds,#1]
-	mov	$t1,$s1,lsr#24
-	strb	$t3,[$rounds,#2]
-	mov	$t2,$s1,lsr#16
-	strb	$s0,[$rounds,#3]
-	mov	$t3,$s1,lsr#8
-	strb	$t1,[$rounds,#4]
-	strb	$t2,[$rounds,#5]
-	mov	$t1,$s2,lsr#24
-	strb	$t3,[$rounds,#6]
-	mov	$t2,$s2,lsr#16
-	strb	$s1,[$rounds,#7]
-	mov	$t3,$s2,lsr#8
-	strb	$t1,[$rounds,#8]
-	strb	$t2,[$rounds,#9]
-	mov	$t1,$s3,lsr#24
-	strb	$t3,[$rounds,#10]
-	mov	$t2,$s3,lsr#16
-	strb	$s2,[$rounds,#11]
-	mov	$t3,$s3,lsr#8
-	strb	$t1,[$rounds,#12]
-	strb	$t2,[$rounds,#13]
-	strb	$t3,[$rounds,#14]
-	strb	$s3,[$rounds,#15]
-#endif
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r12,pc}
-#else
-	ldmia   sp!,{r4-r12,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	AES_encrypt,.-AES_encrypt
-
-.type   _armv4_AES_encrypt,%function
-.align	2
-_armv4_AES_encrypt:
-	str	lr,[sp,#-4]!		@ push lr
-	ldmia	$key!,{$t1-$i1}
-	eor	$s0,$s0,$t1
-	ldr	$rounds,[$key,#240-16]
-	eor	$s1,$s1,$t2
-	eor	$s2,$s2,$t3
-	eor	$s3,$s3,$i1
-	sub	$rounds,$rounds,#1
-	mov	lr,#255
-
-	and	$i1,lr,$s0
-	and	$i2,lr,$s0,lsr#8
-	and	$i3,lr,$s0,lsr#16
-	mov	$s0,$s0,lsr#24
-.Lenc_loop:
-	ldr	$t1,[$tbl,$i1,lsl#2]	@ Te3[s0>>0]
-	and	$i1,lr,$s1,lsr#16	@ i0
-	ldr	$t2,[$tbl,$i2,lsl#2]	@ Te2[s0>>8]
-	and	$i2,lr,$s1
-	ldr	$t3,[$tbl,$i3,lsl#2]	@ Te1[s0>>16]
-	and	$i3,lr,$s1,lsr#8
-	ldr	$s0,[$tbl,$s0,lsl#2]	@ Te0[s0>>24]
-	mov	$s1,$s1,lsr#24
-
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te1[s1>>16]
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te3[s1>>0]
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te2[s1>>8]
-	eor	$s0,$s0,$i1,ror#8
-	ldr	$s1,[$tbl,$s1,lsl#2]	@ Te0[s1>>24]
-	and	$i1,lr,$s2,lsr#8	@ i0
-	eor	$t2,$t2,$i2,ror#8
-	and	$i2,lr,$s2,lsr#16	@ i1
-	eor	$t3,$t3,$i3,ror#8
-	and	$i3,lr,$s2
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te2[s2>>8]
-	eor	$s1,$s1,$t1,ror#24
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te1[s2>>16]
-	mov	$s2,$s2,lsr#24
-
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te3[s2>>0]
-	eor	$s0,$s0,$i1,ror#16
-	ldr	$s2,[$tbl,$s2,lsl#2]	@ Te0[s2>>24]
-	and	$i1,lr,$s3		@ i0
-	eor	$s1,$s1,$i2,ror#8
-	and	$i2,lr,$s3,lsr#8	@ i1
-	eor	$t3,$t3,$i3,ror#16
-	and	$i3,lr,$s3,lsr#16	@ i2
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te3[s3>>0]
-	eor	$s2,$s2,$t2,ror#16
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te2[s3>>8]
-	mov	$s3,$s3,lsr#24
-
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te1[s3>>16]
-	eor	$s0,$s0,$i1,ror#24
-	ldr	$i1,[$key],#16
-	eor	$s1,$s1,$i2,ror#16
-	ldr	$s3,[$tbl,$s3,lsl#2]	@ Te0[s3>>24]
-	eor	$s2,$s2,$i3,ror#8
-	ldr	$t1,[$key,#-12]
-	eor	$s3,$s3,$t3,ror#8
-
-	ldr	$t2,[$key,#-8]
-	eor	$s0,$s0,$i1
-	ldr	$t3,[$key,#-4]
-	and	$i1,lr,$s0
-	eor	$s1,$s1,$t1
-	and	$i2,lr,$s0,lsr#8
-	eor	$s2,$s2,$t2
-	and	$i3,lr,$s0,lsr#16
-	eor	$s3,$s3,$t3
-	mov	$s0,$s0,lsr#24
-
-	subs	$rounds,$rounds,#1
-	bne	.Lenc_loop
-
-	add	$tbl,$tbl,#2
-
-	ldrb	$t1,[$tbl,$i1,lsl#2]	@ Te4[s0>>0]
-	and	$i1,lr,$s1,lsr#16	@ i0
-	ldrb	$t2,[$tbl,$i2,lsl#2]	@ Te4[s0>>8]
-	and	$i2,lr,$s1
-	ldrb	$t3,[$tbl,$i3,lsl#2]	@ Te4[s0>>16]
-	and	$i3,lr,$s1,lsr#8
-	ldrb	$s0,[$tbl,$s0,lsl#2]	@ Te4[s0>>24]
-	mov	$s1,$s1,lsr#24
-
-	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s1>>16]
-	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s1>>0]
-	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s1>>8]
-	eor	$s0,$i1,$s0,lsl#8
-	ldrb	$s1,[$tbl,$s1,lsl#2]	@ Te4[s1>>24]
-	and	$i1,lr,$s2,lsr#8	@ i0
-	eor	$t2,$i2,$t2,lsl#8
-	and	$i2,lr,$s2,lsr#16	@ i1
-	eor	$t3,$i3,$t3,lsl#8
-	and	$i3,lr,$s2
-	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s2>>8]
-	eor	$s1,$t1,$s1,lsl#24
-	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s2>>16]
-	mov	$s2,$s2,lsr#24
-
-	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s2>>0]
-	eor	$s0,$i1,$s0,lsl#8
-	ldrb	$s2,[$tbl,$s2,lsl#2]	@ Te4[s2>>24]
-	and	$i1,lr,$s3		@ i0
-	eor	$s1,$s1,$i2,lsl#16
-	and	$i2,lr,$s3,lsr#8	@ i1
-	eor	$t3,$i3,$t3,lsl#8
-	and	$i3,lr,$s3,lsr#16	@ i2
-	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s3>>0]
-	eor	$s2,$t2,$s2,lsl#24
-	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s3>>8]
-	mov	$s3,$s3,lsr#24
-
-	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s3>>16]
-	eor	$s0,$i1,$s0,lsl#8
-	ldr	$i1,[$key,#0]
-	ldrb	$s3,[$tbl,$s3,lsl#2]	@ Te4[s3>>24]
-	eor	$s1,$s1,$i2,lsl#8
-	ldr	$t1,[$key,#4]
-	eor	$s2,$s2,$i3,lsl#16
-	ldr	$t2,[$key,#8]
-	eor	$s3,$t3,$s3,lsl#24
-	ldr	$t3,[$key,#12]
-
-	eor	$s0,$s0,$i1
-	eor	$s1,$s1,$t1
-	eor	$s2,$s2,$t2
-	eor	$s3,$s3,$t3
-
-	sub	$tbl,$tbl,#2
-	ldr	pc,[sp],#4		@ pop and return
-.size	_armv4_AES_encrypt,.-_armv4_AES_encrypt
-
-.global AES_set_encrypt_key
-.type   AES_set_encrypt_key,%function
-.align	5
-AES_set_encrypt_key:
-_armv4_AES_set_encrypt_key:
-	sub	r3,pc,#8		@ AES_set_encrypt_key
-	teq	r0,#0
-	moveq	r0,#-1
-	beq	.Labrt
-	teq	r2,#0
-	moveq	r0,#-1
-	beq	.Labrt
-
-	teq	r1,#128
-	beq	.Lok
-	teq	r1,#192
-	beq	.Lok
-	teq	r1,#256
-	movne	r0,#-1
-	bne	.Labrt
-
-.Lok:	stmdb   sp!,{r4-r12,lr}
-	sub	$tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024	@ Te4
-
-	mov	$rounds,r0		@ inp
-	mov	lr,r1			@ bits
-	mov	$key,r2			@ key
-
-#if __ARM_ARCH__<7
-	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
-	ldrb	$t1,[$rounds,#2]	@ manner...
-	ldrb	$t2,[$rounds,#1]
-	ldrb	$t3,[$rounds,#0]
-	orr	$s0,$s0,$t1,lsl#8
-	ldrb	$s1,[$rounds,#7]
-	orr	$s0,$s0,$t2,lsl#16
-	ldrb	$t1,[$rounds,#6]
-	orr	$s0,$s0,$t3,lsl#24
-	ldrb	$t2,[$rounds,#5]
-	ldrb	$t3,[$rounds,#4]
-	orr	$s1,$s1,$t1,lsl#8
-	ldrb	$s2,[$rounds,#11]
-	orr	$s1,$s1,$t2,lsl#16
-	ldrb	$t1,[$rounds,#10]
-	orr	$s1,$s1,$t3,lsl#24
-	ldrb	$t2,[$rounds,#9]
-	ldrb	$t3,[$rounds,#8]
-	orr	$s2,$s2,$t1,lsl#8
-	ldrb	$s3,[$rounds,#15]
-	orr	$s2,$s2,$t2,lsl#16
-	ldrb	$t1,[$rounds,#14]
-	orr	$s2,$s2,$t3,lsl#24
-	ldrb	$t2,[$rounds,#13]
-	ldrb	$t3,[$rounds,#12]
-	orr	$s3,$s3,$t1,lsl#8
-	str	$s0,[$key],#16
-	orr	$s3,$s3,$t2,lsl#16
-	str	$s1,[$key,#-12]
-	orr	$s3,$s3,$t3,lsl#24
-	str	$s2,[$key,#-8]
-	str	$s3,[$key,#-4]
-#else
-	ldr	$s0,[$rounds,#0]
-	ldr	$s1,[$rounds,#4]
-	ldr	$s2,[$rounds,#8]
-	ldr	$s3,[$rounds,#12]
-#ifdef __ARMEL__
-	rev	$s0,$s0
-	rev	$s1,$s1
-	rev	$s2,$s2
-	rev	$s3,$s3
-#endif
-	str	$s0,[$key],#16
-	str	$s1,[$key,#-12]
-	str	$s2,[$key,#-8]
-	str	$s3,[$key,#-4]
-#endif
-
-	teq	lr,#128
-	bne	.Lnot128
-	mov	$rounds,#10
-	str	$rounds,[$key,#240-16]
-	add	$t3,$tbl,#256			@ rcon
-	mov	lr,#255
-
-.L128_loop:
-	and	$t2,lr,$s3,lsr#24
-	and	$i1,lr,$s3,lsr#16
-	ldrb	$t2,[$tbl,$t2]
-	and	$i2,lr,$s3,lsr#8
-	ldrb	$i1,[$tbl,$i1]
-	and	$i3,lr,$s3
-	ldrb	$i2,[$tbl,$i2]
-	orr	$t2,$t2,$i1,lsl#24
-	ldrb	$i3,[$tbl,$i3]
-	orr	$t2,$t2,$i2,lsl#16
-	ldr	$t1,[$t3],#4			@ rcon[i++]
-	orr	$t2,$t2,$i3,lsl#8
-	eor	$t2,$t2,$t1
-	eor	$s0,$s0,$t2			@ rk[4]=rk[0]^...
-	eor	$s1,$s1,$s0			@ rk[5]=rk[1]^rk[4]
-	str	$s0,[$key],#16
-	eor	$s2,$s2,$s1			@ rk[6]=rk[2]^rk[5]
-	str	$s1,[$key,#-12]
-	eor	$s3,$s3,$s2			@ rk[7]=rk[3]^rk[6]
-	str	$s2,[$key,#-8]
-	subs	$rounds,$rounds,#1
-	str	$s3,[$key,#-4]
-	bne	.L128_loop
-	sub	r2,$key,#176
-	b	.Ldone
-
-.Lnot128:
-#if __ARM_ARCH__<7
-	ldrb	$i2,[$rounds,#19]
-	ldrb	$t1,[$rounds,#18]
-	ldrb	$t2,[$rounds,#17]
-	ldrb	$t3,[$rounds,#16]
-	orr	$i2,$i2,$t1,lsl#8
-	ldrb	$i3,[$rounds,#23]
-	orr	$i2,$i2,$t2,lsl#16
-	ldrb	$t1,[$rounds,#22]
-	orr	$i2,$i2,$t3,lsl#24
-	ldrb	$t2,[$rounds,#21]
-	ldrb	$t3,[$rounds,#20]
-	orr	$i3,$i3,$t1,lsl#8
-	orr	$i3,$i3,$t2,lsl#16
-	str	$i2,[$key],#8
-	orr	$i3,$i3,$t3,lsl#24
-	str	$i3,[$key,#-4]
-#else
-	ldr	$i2,[$rounds,#16]
-	ldr	$i3,[$rounds,#20]
-#ifdef __ARMEL__
-	rev	$i2,$i2
-	rev	$i3,$i3
-#endif
-	str	$i2,[$key],#8
-	str	$i3,[$key,#-4]
-#endif
-
-	teq	lr,#192
-	bne	.Lnot192
-	mov	$rounds,#12
-	str	$rounds,[$key,#240-24]
-	add	$t3,$tbl,#256			@ rcon
-	mov	lr,#255
-	mov	$rounds,#8
-
-.L192_loop:
-	and	$t2,lr,$i3,lsr#24
-	and	$i1,lr,$i3,lsr#16
-	ldrb	$t2,[$tbl,$t2]
-	and	$i2,lr,$i3,lsr#8
-	ldrb	$i1,[$tbl,$i1]
-	and	$i3,lr,$i3
-	ldrb	$i2,[$tbl,$i2]
-	orr	$t2,$t2,$i1,lsl#24
-	ldrb	$i3,[$tbl,$i3]
-	orr	$t2,$t2,$i2,lsl#16
-	ldr	$t1,[$t3],#4			@ rcon[i++]
-	orr	$t2,$t2,$i3,lsl#8
-	eor	$i3,$t2,$t1
-	eor	$s0,$s0,$i3			@ rk[6]=rk[0]^...
-	eor	$s1,$s1,$s0			@ rk[7]=rk[1]^rk[6]
-	str	$s0,[$key],#24
-	eor	$s2,$s2,$s1			@ rk[8]=rk[2]^rk[7]
-	str	$s1,[$key,#-20]
-	eor	$s3,$s3,$s2			@ rk[9]=rk[3]^rk[8]
-	str	$s2,[$key,#-16]
-	subs	$rounds,$rounds,#1
-	str	$s3,[$key,#-12]
-	subeq	r2,$key,#216
-	beq	.Ldone
-
-	ldr	$i1,[$key,#-32]
-	ldr	$i2,[$key,#-28]
-	eor	$i1,$i1,$s3			@ rk[10]=rk[4]^rk[9]
-	eor	$i3,$i2,$i1			@ rk[11]=rk[5]^rk[10]
-	str	$i1,[$key,#-8]
-	str	$i3,[$key,#-4]
-	b	.L192_loop
-
-.Lnot192:
-#if __ARM_ARCH__<7
-	ldrb	$i2,[$rounds,#27]
-	ldrb	$t1,[$rounds,#26]
-	ldrb	$t2,[$rounds,#25]
-	ldrb	$t3,[$rounds,#24]
-	orr	$i2,$i2,$t1,lsl#8
-	ldrb	$i3,[$rounds,#31]
-	orr	$i2,$i2,$t2,lsl#16
-	ldrb	$t1,[$rounds,#30]
-	orr	$i2,$i2,$t3,lsl#24
-	ldrb	$t2,[$rounds,#29]
-	ldrb	$t3,[$rounds,#28]
-	orr	$i3,$i3,$t1,lsl#8
-	orr	$i3,$i3,$t2,lsl#16
-	str	$i2,[$key],#8
-	orr	$i3,$i3,$t3,lsl#24
-	str	$i3,[$key,#-4]
-#else
-	ldr	$i2,[$rounds,#24]
-	ldr	$i3,[$rounds,#28]
-#ifdef __ARMEL__
-	rev	$i2,$i2
-	rev	$i3,$i3
-#endif
-	str	$i2,[$key],#8
-	str	$i3,[$key,#-4]
-#endif
-
-	mov	$rounds,#14
-	str	$rounds,[$key,#240-32]
-	add	$t3,$tbl,#256			@ rcon
-	mov	lr,#255
-	mov	$rounds,#7
-
-.L256_loop:
-	and	$t2,lr,$i3,lsr#24
-	and	$i1,lr,$i3,lsr#16
-	ldrb	$t2,[$tbl,$t2]
-	and	$i2,lr,$i3,lsr#8
-	ldrb	$i1,[$tbl,$i1]
-	and	$i3,lr,$i3
-	ldrb	$i2,[$tbl,$i2]
-	orr	$t2,$t2,$i1,lsl#24
-	ldrb	$i3,[$tbl,$i3]
-	orr	$t2,$t2,$i2,lsl#16
-	ldr	$t1,[$t3],#4			@ rcon[i++]
-	orr	$t2,$t2,$i3,lsl#8
-	eor	$i3,$t2,$t1
-	eor	$s0,$s0,$i3			@ rk[8]=rk[0]^...
-	eor	$s1,$s1,$s0			@ rk[9]=rk[1]^rk[8]
-	str	$s0,[$key],#32
-	eor	$s2,$s2,$s1			@ rk[10]=rk[2]^rk[9]
-	str	$s1,[$key,#-28]
-	eor	$s3,$s3,$s2			@ rk[11]=rk[3]^rk[10]
-	str	$s2,[$key,#-24]
-	subs	$rounds,$rounds,#1
-	str	$s3,[$key,#-20]
-	subeq	r2,$key,#256
-	beq	.Ldone
-
-	and	$t2,lr,$s3
-	and	$i1,lr,$s3,lsr#8
-	ldrb	$t2,[$tbl,$t2]
-	and	$i2,lr,$s3,lsr#16
-	ldrb	$i1,[$tbl,$i1]
-	and	$i3,lr,$s3,lsr#24
-	ldrb	$i2,[$tbl,$i2]
-	orr	$t2,$t2,$i1,lsl#8
-	ldrb	$i3,[$tbl,$i3]
-	orr	$t2,$t2,$i2,lsl#16
-	ldr	$t1,[$key,#-48]
-	orr	$t2,$t2,$i3,lsl#24
-
-	ldr	$i1,[$key,#-44]
-	ldr	$i2,[$key,#-40]
-	eor	$t1,$t1,$t2			@ rk[12]=rk[4]^...
-	ldr	$i3,[$key,#-36]
-	eor	$i1,$i1,$t1			@ rk[13]=rk[5]^rk[12]
-	str	$t1,[$key,#-16]
-	eor	$i2,$i2,$i1			@ rk[14]=rk[6]^rk[13]
-	str	$i1,[$key,#-12]
-	eor	$i3,$i3,$i2			@ rk[15]=rk[7]^rk[14]
-	str	$i2,[$key,#-8]
-	str	$i3,[$key,#-4]
-	b	.L256_loop
-
-.Ldone:	mov	r0,#0
-	ldmia   sp!,{r4-r12,lr}
-.Labrt:	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-.size	AES_set_encrypt_key,.-AES_set_encrypt_key
-
-.global AES_set_decrypt_key
-.type   AES_set_decrypt_key,%function
-.align	5
-AES_set_decrypt_key:
-	str	lr,[sp,#-4]!            @ push lr
-	bl	_armv4_AES_set_encrypt_key
-	teq	r0,#0
-	ldrne	lr,[sp],#4              @ pop lr
-	bne	.Labrt
-
-	stmdb   sp!,{r4-r12}
-
-	ldr	$rounds,[r2,#240]	@ AES_set_encrypt_key preserves r2,
-	mov	$key,r2			@ which is AES_KEY *key
-	mov	$i1,r2
-	add	$i2,r2,$rounds,lsl#4
-
-.Linv:	ldr	$s0,[$i1]
-	ldr	$s1,[$i1,#4]
-	ldr	$s2,[$i1,#8]
-	ldr	$s3,[$i1,#12]
-	ldr	$t1,[$i2]
-	ldr	$t2,[$i2,#4]
-	ldr	$t3,[$i2,#8]
-	ldr	$i3,[$i2,#12]
-	str	$s0,[$i2],#-16
-	str	$s1,[$i2,#16+4]
-	str	$s2,[$i2,#16+8]
-	str	$s3,[$i2,#16+12]
-	str	$t1,[$i1],#16
-	str	$t2,[$i1,#-12]
-	str	$t3,[$i1,#-8]
-	str	$i3,[$i1,#-4]
-	teq	$i1,$i2
-	bne	.Linv
-___
-$mask80=$i1;
-$mask1b=$i2;
-$mask7f=$i3;
-$code.=<<___;
-	ldr	$s0,[$key,#16]!		@ prefetch tp1
-	mov	$mask80,#0x80
-	mov	$mask1b,#0x1b
-	orr	$mask80,$mask80,#0x8000
-	orr	$mask1b,$mask1b,#0x1b00
-	orr	$mask80,$mask80,$mask80,lsl#16
-	orr	$mask1b,$mask1b,$mask1b,lsl#16
-	sub	$rounds,$rounds,#1
-	mvn	$mask7f,$mask80
-	mov	$rounds,$rounds,lsl#2	@ (rounds-1)*4
-
-.Lmix:	and	$t1,$s0,$mask80
-	and	$s1,$s0,$mask7f
-	sub	$t1,$t1,$t1,lsr#7
-	and	$t1,$t1,$mask1b
-	eor	$s1,$t1,$s1,lsl#1	@ tp2
-
-	and	$t1,$s1,$mask80
-	and	$s2,$s1,$mask7f
-	sub	$t1,$t1,$t1,lsr#7
-	and	$t1,$t1,$mask1b
-	eor	$s2,$t1,$s2,lsl#1	@ tp4
-
-	and	$t1,$s2,$mask80
-	and	$s3,$s2,$mask7f
-	sub	$t1,$t1,$t1,lsr#7
-	and	$t1,$t1,$mask1b
-	eor	$s3,$t1,$s3,lsl#1	@ tp8
-
-	eor	$t1,$s1,$s2
-	eor	$t2,$s0,$s3		@ tp9
-	eor	$t1,$t1,$s3		@ tpe
-	eor	$t1,$t1,$s1,ror#24
-	eor	$t1,$t1,$t2,ror#24	@ ^= ROTATE(tpb=tp9^tp2,8)
-	eor	$t1,$t1,$s2,ror#16
-	eor	$t1,$t1,$t2,ror#16	@ ^= ROTATE(tpd=tp9^tp4,16)
-	eor	$t1,$t1,$t2,ror#8	@ ^= ROTATE(tp9,24)
-
-	ldr	$s0,[$key,#4]		@ prefetch tp1
-	str	$t1,[$key],#4
-	subs	$rounds,$rounds,#1
-	bne	.Lmix
-
-	mov	r0,#0
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r12,pc}
-#else
-	ldmia   sp!,{r4-r12,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	AES_set_decrypt_key,.-AES_set_decrypt_key
-
-.type	AES_Td,%object
-.align	5
-AES_Td:
-.word	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
-.word	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
-.word	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
-.word	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
-.word	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
-.word	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
-.word	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
-.word	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
-.word	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
-.word	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
-.word	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
-.word	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
-.word	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
-.word	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
-.word	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
-.word	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
-.word	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
-.word	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
-.word	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
-.word	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
-.word	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
-.word	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
-.word	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
-.word	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
-.word	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
-.word	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
-.word	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
-.word	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
-.word	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
-.word	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
-.word	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
-.word	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
-.word	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
-.word	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
-.word	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
-.word	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
-.word	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
-.word	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
-.word	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
-.word	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
-.word	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
-.word	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
-.word	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
-.word	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
-.word	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
-.word	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
-.word	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
-.word	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
-.word	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
-.word	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
-.word	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
-.word	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
-.word	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
-.word	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
-.word	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
-.word	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
-.word	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
-.word	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
-.word	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
-.word	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
-.word	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
-.word	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
-.word	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
-.word	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-@ Td4[256]
-.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-.size	AES_Td,.-AES_Td
-
-@ void AES_decrypt(const unsigned char *in, unsigned char *out,
-@ 		 const AES_KEY *key) {
-.global AES_decrypt
-.type   AES_decrypt,%function
-.align	5
-AES_decrypt:
-	sub	r3,pc,#8		@ AES_decrypt
-	stmdb   sp!,{r1,r4-r12,lr}
-	mov	$rounds,r0		@ inp
-	mov	$key,r2
-	sub	$tbl,r3,#AES_decrypt-AES_Td		@ Td
-#if __ARM_ARCH__<7
-	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
-	ldrb	$t1,[$rounds,#2]	@ manner...
-	ldrb	$t2,[$rounds,#1]
-	ldrb	$t3,[$rounds,#0]
-	orr	$s0,$s0,$t1,lsl#8
-	ldrb	$s1,[$rounds,#7]
-	orr	$s0,$s0,$t2,lsl#16
-	ldrb	$t1,[$rounds,#6]
-	orr	$s0,$s0,$t3,lsl#24
-	ldrb	$t2,[$rounds,#5]
-	ldrb	$t3,[$rounds,#4]
-	orr	$s1,$s1,$t1,lsl#8
-	ldrb	$s2,[$rounds,#11]
-	orr	$s1,$s1,$t2,lsl#16
-	ldrb	$t1,[$rounds,#10]
-	orr	$s1,$s1,$t3,lsl#24
-	ldrb	$t2,[$rounds,#9]
-	ldrb	$t3,[$rounds,#8]
-	orr	$s2,$s2,$t1,lsl#8
-	ldrb	$s3,[$rounds,#15]
-	orr	$s2,$s2,$t2,lsl#16
-	ldrb	$t1,[$rounds,#14]
-	orr	$s2,$s2,$t3,lsl#24
-	ldrb	$t2,[$rounds,#13]
-	ldrb	$t3,[$rounds,#12]
-	orr	$s3,$s3,$t1,lsl#8
-	orr	$s3,$s3,$t2,lsl#16
-	orr	$s3,$s3,$t3,lsl#24
-#else
-	ldr	$s0,[$rounds,#0]
-	ldr	$s1,[$rounds,#4]
-	ldr	$s2,[$rounds,#8]
-	ldr	$s3,[$rounds,#12]
-#ifdef __ARMEL__
-	rev	$s0,$s0
-	rev	$s1,$s1
-	rev	$s2,$s2
-	rev	$s3,$s3
-#endif
-#endif
-	bl	_armv4_AES_decrypt
-
-	ldr	$rounds,[sp],#4		@ pop out
-#if __ARM_ARCH__>=7
-#ifdef __ARMEL__
-	rev	$s0,$s0
-	rev	$s1,$s1
-	rev	$s2,$s2
-	rev	$s3,$s3
-#endif
-	str	$s0,[$rounds,#0]
-	str	$s1,[$rounds,#4]
-	str	$s2,[$rounds,#8]
-	str	$s3,[$rounds,#12]
-#else
-	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
-	mov	$t2,$s0,lsr#16		@ manner...
-	mov	$t3,$s0,lsr#8
-	strb	$t1,[$rounds,#0]
-	strb	$t2,[$rounds,#1]
-	mov	$t1,$s1,lsr#24
-	strb	$t3,[$rounds,#2]
-	mov	$t2,$s1,lsr#16
-	strb	$s0,[$rounds,#3]
-	mov	$t3,$s1,lsr#8
-	strb	$t1,[$rounds,#4]
-	strb	$t2,[$rounds,#5]
-	mov	$t1,$s2,lsr#24
-	strb	$t3,[$rounds,#6]
-	mov	$t2,$s2,lsr#16
-	strb	$s1,[$rounds,#7]
-	mov	$t3,$s2,lsr#8
-	strb	$t1,[$rounds,#8]
-	strb	$t2,[$rounds,#9]
-	mov	$t1,$s3,lsr#24
-	strb	$t3,[$rounds,#10]
-	mov	$t2,$s3,lsr#16
-	strb	$s2,[$rounds,#11]
-	mov	$t3,$s3,lsr#8
-	strb	$t1,[$rounds,#12]
-	strb	$t2,[$rounds,#13]
-	strb	$t3,[$rounds,#14]
-	strb	$s3,[$rounds,#15]
-#endif
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r12,pc}
-#else
-	ldmia   sp!,{r4-r12,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	AES_decrypt,.-AES_decrypt
-
-.type   _armv4_AES_decrypt,%function
-.align	2
-_armv4_AES_decrypt:
-	str	lr,[sp,#-4]!		@ push lr
-	ldmia	$key!,{$t1-$i1}
-	eor	$s0,$s0,$t1
-	ldr	$rounds,[$key,#240-16]
-	eor	$s1,$s1,$t2
-	eor	$s2,$s2,$t3
-	eor	$s3,$s3,$i1
-	sub	$rounds,$rounds,#1
-	mov	lr,#255
-
-	and	$i1,lr,$s0,lsr#16
-	and	$i2,lr,$s0,lsr#8
-	and	$i3,lr,$s0
-	mov	$s0,$s0,lsr#24
-.Ldec_loop:
-	ldr	$t1,[$tbl,$i1,lsl#2]	@ Td1[s0>>16]
-	and	$i1,lr,$s1		@ i0
-	ldr	$t2,[$tbl,$i2,lsl#2]	@ Td2[s0>>8]
-	and	$i2,lr,$s1,lsr#16
-	ldr	$t3,[$tbl,$i3,lsl#2]	@ Td3[s0>>0]
-	and	$i3,lr,$s1,lsr#8
-	ldr	$s0,[$tbl,$s0,lsl#2]	@ Td0[s0>>24]
-	mov	$s1,$s1,lsr#24
-
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td3[s1>>0]
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td1[s1>>16]
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td2[s1>>8]
-	eor	$s0,$s0,$i1,ror#24
-	ldr	$s1,[$tbl,$s1,lsl#2]	@ Td0[s1>>24]
-	and	$i1,lr,$s2,lsr#8	@ i0
-	eor	$t2,$i2,$t2,ror#8
-	and	$i2,lr,$s2		@ i1
-	eor	$t3,$i3,$t3,ror#8
-	and	$i3,lr,$s2,lsr#16
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td2[s2>>8]
-	eor	$s1,$s1,$t1,ror#8
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td3[s2>>0]
-	mov	$s2,$s2,lsr#24
-
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td1[s2>>16]
-	eor	$s0,$s0,$i1,ror#16
-	ldr	$s2,[$tbl,$s2,lsl#2]	@ Td0[s2>>24]
-	and	$i1,lr,$s3,lsr#16	@ i0
-	eor	$s1,$s1,$i2,ror#24
-	and	$i2,lr,$s3,lsr#8	@ i1
-	eor	$t3,$i3,$t3,ror#8
-	and	$i3,lr,$s3		@ i2
-	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td1[s3>>16]
-	eor	$s2,$s2,$t2,ror#8
-	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td2[s3>>8]
-	mov	$s3,$s3,lsr#24
-
-	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td3[s3>>0]
-	eor	$s0,$s0,$i1,ror#8
-	ldr	$i1,[$key],#16
-	eor	$s1,$s1,$i2,ror#16
-	ldr	$s3,[$tbl,$s3,lsl#2]	@ Td0[s3>>24]
-	eor	$s2,$s2,$i3,ror#24
-
-	ldr	$t1,[$key,#-12]
-	eor	$s0,$s0,$i1
-	ldr	$t2,[$key,#-8]
-	eor	$s3,$s3,$t3,ror#8
-	ldr	$t3,[$key,#-4]
-	and	$i1,lr,$s0,lsr#16
-	eor	$s1,$s1,$t1
-	and	$i2,lr,$s0,lsr#8
-	eor	$s2,$s2,$t2
-	and	$i3,lr,$s0
-	eor	$s3,$s3,$t3
-	mov	$s0,$s0,lsr#24
-
-	subs	$rounds,$rounds,#1
-	bne	.Ldec_loop
-
-	add	$tbl,$tbl,#1024
-
-	ldr	$t2,[$tbl,#0]		@ prefetch Td4
-	ldr	$t3,[$tbl,#32]
-	ldr	$t1,[$tbl,#64]
-	ldr	$t2,[$tbl,#96]
-	ldr	$t3,[$tbl,#128]
-	ldr	$t1,[$tbl,#160]
-	ldr	$t2,[$tbl,#192]
-	ldr	$t3,[$tbl,#224]
-
-	ldrb	$s0,[$tbl,$s0]		@ Td4[s0>>24]
-	ldrb	$t1,[$tbl,$i1]		@ Td4[s0>>16]
-	and	$i1,lr,$s1		@ i0
-	ldrb	$t2,[$tbl,$i2]		@ Td4[s0>>8]
-	and	$i2,lr,$s1,lsr#16
-	ldrb	$t3,[$tbl,$i3]		@ Td4[s0>>0]
-	and	$i3,lr,$s1,lsr#8
-
-	ldrb	$i1,[$tbl,$i1]		@ Td4[s1>>0]
-	ldrb	$s1,[$tbl,$s1,lsr#24]	@ Td4[s1>>24]
-	ldrb	$i2,[$tbl,$i2]		@ Td4[s1>>16]
-	eor	$s0,$i1,$s0,lsl#24
-	ldrb	$i3,[$tbl,$i3]		@ Td4[s1>>8]
-	eor	$s1,$t1,$s1,lsl#8
-	and	$i1,lr,$s2,lsr#8	@ i0
-	eor	$t2,$t2,$i2,lsl#8
-	and	$i2,lr,$s2		@ i1
-	ldrb	$i1,[$tbl,$i1]		@ Td4[s2>>8]
-	eor	$t3,$t3,$i3,lsl#8
-	ldrb	$i2,[$tbl,$i2]		@ Td4[s2>>0]
-	and	$i3,lr,$s2,lsr#16
-
-	ldrb	$s2,[$tbl,$s2,lsr#24]	@ Td4[s2>>24]
-	eor	$s0,$s0,$i1,lsl#8
-	ldrb	$i3,[$tbl,$i3]		@ Td4[s2>>16]
-	eor	$s1,$i2,$s1,lsl#16
-	and	$i1,lr,$s3,lsr#16	@ i0
-	eor	$s2,$t2,$s2,lsl#16
-	and	$i2,lr,$s3,lsr#8	@ i1
-	ldrb	$i1,[$tbl,$i1]		@ Td4[s3>>16]
-	eor	$t3,$t3,$i3,lsl#16
-	ldrb	$i2,[$tbl,$i2]		@ Td4[s3>>8]
-	and	$i3,lr,$s3		@ i2
-
-	ldrb	$i3,[$tbl,$i3]		@ Td4[s3>>0]
-	ldrb	$s3,[$tbl,$s3,lsr#24]	@ Td4[s3>>24]
-	eor	$s0,$s0,$i1,lsl#16
-	ldr	$i1,[$key,#0]
-	eor	$s1,$s1,$i2,lsl#8
-	ldr	$t1,[$key,#4]
-	eor	$s2,$i3,$s2,lsl#8
-	ldr	$t2,[$key,#8]
-	eor	$s3,$t3,$s3,lsl#24
-	ldr	$t3,[$key,#12]
-
-	eor	$s0,$s0,$i1
-	eor	$s1,$s1,$t1
-	eor	$s2,$s2,$t2
-	eor	$s3,$s3,$t3
-
-	sub	$tbl,$tbl,#1024
-	ldr	pc,[sp],#4		@ pop and return
-.size	_armv4_AES_decrypt,.-_armv4_AES_decrypt
-.asciz	"AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT;	# enforce flush
diff --git a/lib/libssl/src/crypto/aes/asm/aes-ia64.S b/lib/libssl/src/crypto/aes/asm/aes-ia64.S
deleted file mode 100644
index 7f6c4c36629..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-ia64.S
+++ /dev/null
@@ -1,1123 +0,0 @@
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project. Rights for redistribution and usage in source and binary
-// forms are granted according to the OpenSSL license.
-// ====================================================================
-//
-// What's wrong with compiler generated code? Compiler never uses
-// variable 'shr' which is pairable with 'extr'/'dep' instructions.
-// Then it uses 'zxt' which is an I-type, but can be replaced with
-// 'and' which in turn can be assigned to M-port [there're double as
-// much M-ports as there're I-ports on Itanium 2]. By sacrificing few
-// registers for small constants (255, 24 and 16) to be used with
-// 'shr' and 'and' instructions I can achieve better ILP, Intruction
-// Level Parallelism, and performance. This code outperforms GCC 3.3
-// generated code by over factor of 2 (two), GCC 3.4 - by 70% and
-// HP C - by 40%. Measured best-case scenario, i.e. aligned
-// big-endian input, ECB timing on Itanium 2 is (18 + 13*rounds)
-// ticks per block, or 9.25 CPU cycles per byte for 128 bit key.
-
-// Version 1.2 mitigates the hazard of cache-timing attacks by
-// a) compressing S-boxes from 8KB to 2KB+256B, b) scheduling
-// references to S-boxes for L2 cache latency, c) prefetching T[ed]4
-// prior last round. As result performance dropped to (26 + 15*rounds)
-// ticks per block or 11 cycles per byte processed with 128-bit key.
-// This is ~16% deterioration. For reference Itanium 2 L1 cache has
-// 64 bytes line size and L2 - 128 bytes...
-
-.ident	"aes-ia64.S, version 1.2"
-.ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-.explicit
-.text
-
-rk0=r8;     rk1=r9;
-
-pfssave=r2;
-lcsave=r10;
-prsave=r3;
-maskff=r11;
-twenty4=r14;
-sixteen=r15;
-
-te00=r16;   te11=r17;   te22=r18;   te33=r19;
-te01=r20;   te12=r21;   te23=r22;   te30=r23;
-te02=r24;   te13=r25;   te20=r26;   te31=r27;
-te03=r28;   te10=r29;   te21=r30;   te32=r31;
-
-// these are rotating...
-t0=r32;     s0=r33;
-t1=r34;     s1=r35;
-t2=r36;     s2=r37;
-t3=r38;     s3=r39;
-
-te0=r40;    te1=r41;    te2=r42;    te3=r43;
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-# define ADDP	addp4
-#else
-# define ADDP	add
-#endif
-
-// Offsets from Te0
-#define TE0	0
-#define TE2	2
-#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
-#define TE1	3
-#define TE3	1
-#else
-#define TE1	1
-#define TE3	3
-#endif
-
-// This implies that AES_KEY comprises 32-bit key schedule elements
-// even on LP64 platforms.
-#ifndef	KSZ
-# define KSZ	4
-# define LDKEY	ld4
-#endif
-
-.proc	_ia64_AES_encrypt#
-// Input:	rk0-rk1
-//		te0
-//		te3	as AES_KEY->rounds!!!
-//		s0-s3
-//		maskff,twenty4,sixteen
-// Output:	r16,r20,r24,r28 as s0-s3
-// Clobber:	r16-r31,rk0-rk1,r32-r43
-.align	32
-_ia64_AES_encrypt:
-	.prologue
-	.altrp	b6
-	.body
-{ .mmi;	alloc	r16=ar.pfs,12,0,0,8
-	LDKEY	t0=[rk0],2*KSZ
-	mov	pr.rot=1<<16	}
-{ .mmi;	LDKEY	t1=[rk1],2*KSZ
-	add	te1=TE1,te0
-	add	te3=-3,te3	};;
-{ .mib;	LDKEY	t2=[rk0],2*KSZ
-	mov	ar.ec=2		}
-{ .mib;	LDKEY	t3=[rk1],2*KSZ
-	add	te2=TE2,te0
-	brp.loop.imp	.Le_top,.Le_end-16	};;
-
-{ .mmi;	xor	s0=s0,t0
-	xor	s1=s1,t1
-	mov	ar.lc=te3	}
-{ .mmi;	xor	s2=s2,t2
-	xor	s3=s3,t3
-	add	te3=TE3,te0	};;
-
-.align	32
-.Le_top:
-{ .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
-	(p0)	and	te33=s3,maskff		// 0/0:s3&0xff
-	(p0)	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
-{ .mmi; (p0)	LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
-	(p0)	and	te30=s0,maskff		// 0/1:s0&0xff
-	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
-{ .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	(p0)	shladd	te33=te33,3,te3		// 1/0:te0+s0>>24
-	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
-{ .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	(p0)	shladd	te30=te30,3,te3		// 1/1:te3+s0
-	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
-{ .mmi;	(p0)	ld4	te33=[te33]		// 2/0:te3[s3&0xff]
-	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
-	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
-{ .mmi;	(p0)	ld4	te30=[te30]		// 2/1:te3[s0]
-	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
-	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
-{ .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
-	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
-	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
-{ .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
-	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
-	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
-{ .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
-	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
-	(p0)	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
-{ .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
-	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
-	(p0)	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
-{ .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
-	(p0)	shladd	te11=te11,3,te1		// 5/0:te1+s1>>16
-	(p0)	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
-{ .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
-	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
-	(p0)	and	te31=s1,maskff	};;	// 5/2:s1&0xff
-{ .mmi;	(p0)	ld4	te11=[te11]		// 6/0:te1[s1>>16]
-	(p0)	shladd	te12=te12,3,te1		// 6/1:te1+s2>>16
-	(p0)	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
-{ .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
-	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
-	(p0)	and	te32=s2,maskff	};;	// 6/3:s2&0xff
-
-{ .mmi;	(p0)	ld4	te12=[te12]		// 7/1:te1[s2>>16]
-	(p0)	shladd	te31=te31,3,te3		// 7/2:te3+s1&0xff
-	(p0)	and	te13=te13,maskff}	// 7/2:s3>>16&0xff
-{ .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
-	(p0)	shladd	te32=te32,3,te3		// 7/3:te3+s2
-	(p0)	xor	t0=t0,te33	};;	// 7/0:
-{ .mmi;	(p0)	ld4	te31=[te31]		// 8/2:te3[s1]
-	(p0)	shladd	te13=te13,3,te1		// 8/2:te1+s3>>16
-	(p0)	xor	t0=t0,te22	}	// 8/0:
-{ .mmi;	(p0)	ld4	te32=[te32]		// 8/3:te3[s2]
-	(p0)	shladd	te10=te10,3,te1		// 8/3:te1+s0>>16
-	(p0)	xor	t1=t1,te30	};;	// 8/1:
-{ .mmi;	(p0)	ld4	te13=[te13]		// 9/2:te1[s3>>16]
-	(p0)	ld4	te10=[te10]		// 9/3:te1[s0>>16]
-	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
-{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
-	(p0)	xor	t2=t2,te20		// 10[9]/2:
-	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
-{ .mmi;	(p0)	xor	t0=t0,te11		// 11[10]/0:done!
-	(p0)	xor	t1=t1,te01		// 11[10]/1:
-	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
-{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
-	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
-{ .mmi;	(p0)	xor	t1=t1,te12		// 13[11]/1:done!
-	(p0)	xor	t2=t2,te31		// 13[11]/2:
-	(p0)	xor	t3=t3,te32	}	// 13[11]/3:
-{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
-	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
-{ .mib;	(p0)	xor	t2=t2,te13		// 14[12]/2:done!
-	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
-{ .mib;	(p0)	xor	t3=t3,te10		// 14[12]/3:done!
-	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
-	br.ctop.sptk	.Le_top		};;
-.Le_end:
-
-
-{ .mmi;	ld8	te12=[te0]		// prefetch Te4
-	ld8	te31=[te1]	}
-{ .mmi;	ld8	te10=[te2]
-	ld8	te32=[te3]	}
-
-{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
-	and	te33=s3,maskff		// 0/0:s3&0xff
-	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
-{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
-	and	te30=s0,maskff		// 0/1:s0&0xff
-	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
-{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	add	te33=te33,te0		// 1/0:te0+s0>>24
-	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
-{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	add	te30=te30,te0		// 1/1:te0+s0
-	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
-{ .mmi;	ld1	te33=[te33]		// 2/0:te0[s3&0xff]
-	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
-	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
-{ .mmi;	ld1	te30=[te30]		// 2/1:te0[s0]
-	add	te23=te23,te0		// 2/1:te0+s3>>8
-	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
-{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
-	add	te20=te20,te0		// 3/2:te0+s0>>8
-	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
-{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
-	add	te00=te00,te0		// 3/0:te0+s0>>24
-	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
-{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
-	add	te21=te21,te0		// 4/3:te0+s2
-	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
-{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
-	add	te01=te01,te0		// 4/1:te0+s1>>24
-	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
-{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
-	add	te11=te11,te0		// 5/0:te0+s1>>16
-	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
-{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
-	add	te02=te02,te0		// 5/2:te0+s2>>24
-	and	te31=s1,maskff	};;	// 5/2:s1&0xff
-{ .mmi;	ld1	te11=[te11]		// 6/0:te0[s1>>16]
-	add	te12=te12,te0		// 6/1:te0+s2>>16
-	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
-{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
-	add	te03=te03,te0		// 6/3:te0+s0>>16
-	and	te32=s2,maskff	};;	// 6/3:s2&0xff
-
-{ .mmi;	ld1	te12=[te12]		// 7/1:te0[s2>>16]
-	add	te31=te31,te0		// 7/2:te0+s1&0xff
-	dep	te33=te22,te33,8,8}	// 7/0:
-{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
-	add	te32=te32,te0		// 7/3:te0+s2
-	and	te13=te13,maskff};;	// 7/2:s3>>16&0xff
-{ .mmi;	ld1	te31=[te31]		// 8/2:te0[s1]
-	add	te13=te13,te0		// 8/2:te0+s3>>16
-	dep	te30=te23,te30,8,8}	// 8/1:
-{ .mmi;	ld1	te32=[te32]		// 8/3:te0[s2]
-	add	te10=te10,te0		// 8/3:te0+s0>>16
-	shl	te00=te00,twenty4};;	// 8/0:
-{ .mii;	ld1	te13=[te13]		// 9/2:te0[s3>>16]
-	dep	te33=te11,te33,16,8	// 9/0:
-	shl	te01=te01,twenty4};;	// 9/1:
-{ .mii;	ld1	te10=[te10]		// 10/3:te0[s0>>16]
-	dep	te31=te20,te31,8,8	// 10/2:
-	shl	te02=te02,twenty4};;	// 10/2:
-{ .mii;	xor	t0=t0,te33		// 11/0:
-	dep	te32=te21,te32,8,8	// 11/3:
-	shl	te12=te12,sixteen};;	// 11/1:
-{ .mii;	xor	r16=t0,te00		// 12/0:done!
-	dep	te31=te13,te31,16,8	// 12/2:
-	shl	te03=te03,twenty4};;	// 12/3:
-{ .mmi;	xor	t1=t1,te01		// 13/1:
-	xor	t2=t2,te02		// 13/2:
-	dep	te32=te10,te32,16,8};;	// 13/3:
-{ .mmi;	xor	t1=t1,te30		// 14/1:
-	xor	r24=t2,te31		// 14/2:done!
-	xor	t3=t3,te32	};;	// 14/3:
-{ .mib;	xor	r20=t1,te12		// 15/1:done!
-	xor	r28=t3,te03		// 15/3:done!
-	br.ret.sptk	b6	};;
-.endp	_ia64_AES_encrypt#
-
-// void AES_encrypt (const void *in,void *out,const AES_KEY *key);
-.global	AES_encrypt#
-.proc	AES_encrypt#
-.align	32
-AES_encrypt:
-	.prologue
-	.save	ar.pfs,pfssave
-{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
-	and	out0=3,in0
-	mov	r3=ip			}
-{ .mmi;	ADDP	in0=0,in0
-	mov	loc0=psr.um
-	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
-
-{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
-	add	out8=(AES_Te#-AES_encrypt#),r3	// Te0
-	.save	pr,prsave
-	mov	prsave=pr		}
-{ .mmi;	rum	1<<3				// clear um.ac
-	.save	ar.lc,lcsave
-	mov	lcsave=ar.lc		};;
-
-	.body
-#if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
-{ .mib; cmp.ne	p6,p0=out0,r0
-	add	out0=4,in0
-(p6)	br.dpnt.many	.Le_i_unaligned	};;
-
-{ .mmi;	ld4	out1=[in0],8		// s0
-	and	out9=3,in1
-	mov	twenty4=24		}
-{ .mmi;	ld4	out3=[out0],8		// s1
-	ADDP	rk0=0,in2
-	mov	sixteen=16		};;
-{ .mmi;	ld4	out5=[in0]		// s2
-	cmp.ne	p6,p0=out9,r0
-	mov	maskff=0xff		}
-{ .mmb;	ld4	out7=[out0]		// s3
-	ADDP	rk1=KSZ,in2
-	br.call.sptk.many	b6=_ia64_AES_encrypt	};;
-
-{ .mib;	ADDP	in0=4,in1
-	ADDP	in1=0,in1
-(p6)	br.spnt	.Le_o_unaligned		};;
-
-{ .mii;	mov	psr.um=loc0
-	mov	ar.pfs=pfssave
-	mov	ar.lc=lcsave		};;
-{ .mmi;	st4	[in1]=r16,8		// s0
-	st4	[in0]=r20,8		// s1
-	mov	pr=prsave,0x1ffff	};;
-{ .mmb;	st4	[in1]=r24		// s2
-	st4	[in0]=r28		// s3
-	br.ret.sptk.many	b0	};;
-#endif
-
-.align	32
-.Le_i_unaligned:
-{ .mmi;	add	out0=1,in0
-	add	out2=2,in0
-	add	out4=3,in0	};;
-{ .mmi;	ld1	r16=[in0],4
-	ld1	r17=[out0],4	}//;;
-{ .mmi;	ld1	r18=[out2],4
-	ld1	out1=[out4],4	};;	// s0
-{ .mmi;	ld1	r20=[in0],4
-	ld1	r21=[out0],4	}//;;
-{ .mmi;	ld1	r22=[out2],4
-	ld1	out3=[out4],4	};;	// s1
-{ .mmi;	ld1	r24=[in0],4
-	ld1	r25=[out0],4	}//;;
-{ .mmi;	ld1	r26=[out2],4
-	ld1	out5=[out4],4	};;	// s2
-{ .mmi;	ld1	r28=[in0]
-	ld1	r29=[out0]	}//;;
-{ .mmi;	ld1	r30=[out2]
-	ld1	out7=[out4]	};;	// s3
-
-{ .mii;
-	dep	out1=r16,out1,24,8	//;;
-	dep	out3=r20,out3,24,8	}//;;
-{ .mii;	ADDP	rk0=0,in2
-	dep	out5=r24,out5,24,8	//;;
-	dep	out7=r28,out7,24,8	};;
-{ .mii;	ADDP	rk1=KSZ,in2
-	dep	out1=r17,out1,16,8	//;;
-	dep	out3=r21,out3,16,8	}//;;
-{ .mii;	mov	twenty4=24
-	dep	out5=r25,out5,16,8	//;;
-	dep	out7=r29,out7,16,8	};;
-{ .mii;	mov	sixteen=16
-	dep	out1=r18,out1,8,8	//;;
-	dep	out3=r22,out3,8,8	}//;;
-{ .mii;	mov	maskff=0xff
-	dep	out5=r26,out5,8,8	//;;
-	dep	out7=r30,out7,8,8	};;
-
-{ .mib;	br.call.sptk.many	b6=_ia64_AES_encrypt	};;
-
-.Le_o_unaligned:
-{ .mii;	ADDP	out0=0,in1
-	extr.u	r17=r16,8,8			// s0
-	shr.u	r19=r16,twenty4		}//;;
-{ .mii;	ADDP	out1=1,in1
-	extr.u	r18=r16,16,8
-	shr.u	r23=r20,twenty4		}//;;	// s1
-{ .mii;	ADDP	out2=2,in1
-	extr.u	r21=r20,8,8
-	shr.u	r22=r20,sixteen		}//;;
-{ .mii;	ADDP	out3=3,in1
-	extr.u	r25=r24,8,8			// s2
-	shr.u	r27=r24,twenty4		};;
-{ .mii;	st1	[out3]=r16,4
-	extr.u	r26=r24,16,8
-	shr.u	r31=r28,twenty4		}//;;	// s3
-{ .mii;	st1	[out2]=r17,4
-	extr.u	r29=r28,8,8
-	shr.u	r30=r28,sixteen		}//;;
-
-{ .mmi;	st1	[out1]=r18,4
-	st1	[out0]=r19,4		};;
-{ .mmi;	st1	[out3]=r20,4
-	st1	[out2]=r21,4		}//;;
-{ .mmi;	st1	[out1]=r22,4
-	st1	[out0]=r23,4		};;
-{ .mmi;	st1	[out3]=r24,4
-	st1	[out2]=r25,4
-	mov	pr=prsave,0x1ffff	}//;;
-{ .mmi;	st1	[out1]=r26,4
-	st1	[out0]=r27,4
-	mov	ar.pfs=pfssave		};;
-{ .mmi;	st1	[out3]=r28
-	st1	[out2]=r29
-	mov	ar.lc=lcsave		}//;;
-{ .mmi;	st1	[out1]=r30
-	st1	[out0]=r31		}
-{ .mfb;	mov	psr.um=loc0			// restore user mask
-	br.ret.sptk.many	b0	};;
-.endp	AES_encrypt#
-
-// *AES_decrypt are autogenerated by the following script:
-#if 0
-#!/usr/bin/env perl
-print "// *AES_decrypt are autogenerated by the following script:\n#if 0\n";
-open(PROG,'<'.$0); while(<PROG>) { print; } close(PROG);
-print "#endif\n";
-while(<>) {
-	$process=1	if (/\.proc\s+_ia64_AES_encrypt/);
-	next		if (!$process);
-
-	#s/te00=s0/td00=s0/;	s/te00/td00/g;
-	s/te11=s1/td13=s3/;	s/te11/td13/g;
-	#s/te22=s2/td22=s2/;	s/te22/td22/g;
-	s/te33=s3/td31=s1/;	s/te33/td31/g;
-
-	#s/te01=s1/td01=s1/;	s/te01/td01/g;
-	s/te12=s2/td10=s0/;	s/te12/td10/g;
-	#s/te23=s3/td23=s3/;	s/te23/td23/g;
-	s/te30=s0/td32=s2/;	s/te30/td32/g;
-
-	#s/te02=s2/td02=s2/;	s/te02/td02/g;
-	s/te13=s3/td11=s1/;	s/te13/td11/g;
-	#s/te20=s0/td20=s0/;	s/te20/td20/g;
-	s/te31=s1/td33=s3/;	s/te31/td33/g;
-
-	#s/te03=s3/td03=s3/;	s/te03/td03/g;
-	s/te10=s0/td12=s2/;	s/te10/td12/g;
-	#s/te21=s1/td21=s1/;	s/te21/td21/g;
-	s/te32=s2/td30=s0/;	s/te32/td30/g;
-
-	s/td/te/g;
-
-	s/AES_encrypt/AES_decrypt/g;
-	s/\.Le_/.Ld_/g;
-	s/AES_Te#/AES_Td#/g;
-
-	print;
-
-	exit		if (/\.endp\s+AES_decrypt/);
-}
-#endif
-.proc	_ia64_AES_decrypt#
-// Input:	rk0-rk1
-//		te0
-//		te3	as AES_KEY->rounds!!!
-//		s0-s3
-//		maskff,twenty4,sixteen
-// Output:	r16,r20,r24,r28 as s0-s3
-// Clobber:	r16-r31,rk0-rk1,r32-r43
-.align	32
-_ia64_AES_decrypt:
-	.prologue
-	.altrp	b6
-	.body
-{ .mmi;	alloc	r16=ar.pfs,12,0,0,8
-	LDKEY	t0=[rk0],2*KSZ
-	mov	pr.rot=1<<16	}
-{ .mmi;	LDKEY	t1=[rk1],2*KSZ
-	add	te1=TE1,te0
-	add	te3=-3,te3	};;
-{ .mib;	LDKEY	t2=[rk0],2*KSZ
-	mov	ar.ec=2		}
-{ .mib;	LDKEY	t3=[rk1],2*KSZ
-	add	te2=TE2,te0
-	brp.loop.imp	.Ld_top,.Ld_end-16	};;
-
-{ .mmi;	xor	s0=s0,t0
-	xor	s1=s1,t1
-	mov	ar.lc=te3	}
-{ .mmi;	xor	s2=s2,t2
-	xor	s3=s3,t3
-	add	te3=TE3,te0	};;
-
-.align	32
-.Ld_top:
-{ .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
-	(p0)	and	te31=s1,maskff		// 0/0:s3&0xff
-	(p0)	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
-{ .mmi; (p0)	LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
-	(p0)	and	te32=s2,maskff		// 0/1:s0&0xff
-	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
-{ .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	(p0)	shladd	te31=te31,3,te3		// 1/0:te0+s0>>24
-	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
-{ .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	(p0)	shladd	te32=te32,3,te3		// 1/1:te3+s0
-	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
-{ .mmi;	(p0)	ld4	te31=[te31]		// 2/0:te3[s3&0xff]
-	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
-	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
-{ .mmi;	(p0)	ld4	te32=[te32]		// 2/1:te3[s0]
-	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
-	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
-{ .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
-	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
-	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
-{ .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
-	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
-	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
-{ .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
-	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
-	(p0)	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
-{ .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
-	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
-	(p0)	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
-{ .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
-	(p0)	shladd	te13=te13,3,te1		// 5/0:te1+s1>>16
-	(p0)	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
-{ .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
-	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
-	(p0)	and	te33=s3,maskff	};;	// 5/2:s1&0xff
-{ .mmi;	(p0)	ld4	te13=[te13]		// 6/0:te1[s1>>16]
-	(p0)	shladd	te10=te10,3,te1		// 6/1:te1+s2>>16
-	(p0)	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
-{ .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
-	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
-	(p0)	and	te30=s0,maskff	};;	// 6/3:s2&0xff
-
-{ .mmi;	(p0)	ld4	te10=[te10]		// 7/1:te1[s2>>16]
-	(p0)	shladd	te33=te33,3,te3		// 7/2:te3+s1&0xff
-	(p0)	and	te11=te11,maskff}	// 7/2:s3>>16&0xff
-{ .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
-	(p0)	shladd	te30=te30,3,te3		// 7/3:te3+s2
-	(p0)	xor	t0=t0,te31	};;	// 7/0:
-{ .mmi;	(p0)	ld4	te33=[te33]		// 8/2:te3[s1]
-	(p0)	shladd	te11=te11,3,te1		// 8/2:te1+s3>>16
-	(p0)	xor	t0=t0,te22	}	// 8/0:
-{ .mmi;	(p0)	ld4	te30=[te30]		// 8/3:te3[s2]
-	(p0)	shladd	te12=te12,3,te1		// 8/3:te1+s0>>16
-	(p0)	xor	t1=t1,te32	};;	// 8/1:
-{ .mmi;	(p0)	ld4	te11=[te11]		// 9/2:te1[s3>>16]
-	(p0)	ld4	te12=[te12]		// 9/3:te1[s0>>16]
-	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
-{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
-	(p0)	xor	t2=t2,te20		// 10[9]/2:
-	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
-{ .mmi;	(p0)	xor	t0=t0,te13		// 11[10]/0:done!
-	(p0)	xor	t1=t1,te01		// 11[10]/1:
-	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
-{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
-	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
-{ .mmi;	(p0)	xor	t1=t1,te10		// 13[11]/1:done!
-	(p0)	xor	t2=t2,te33		// 13[11]/2:
-	(p0)	xor	t3=t3,te30	}	// 13[11]/3:
-{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
-	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
-{ .mib;	(p0)	xor	t2=t2,te11		// 14[12]/2:done!
-	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
-{ .mib;	(p0)	xor	t3=t3,te12		// 14[12]/3:done!
-	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
-	br.ctop.sptk	.Ld_top		};;
-.Ld_end:
-
-
-{ .mmi;	ld8	te10=[te0]		// prefetch Td4
-	ld8	te33=[te1]	}
-{ .mmi;	ld8	te12=[te2]
-	ld8	te30=[te3]	}
-
-{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
-	and	te31=s1,maskff		// 0/0:s3&0xff
-	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
-{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
-	and	te32=s2,maskff		// 0/1:s0&0xff
-	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
-{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
-	add	te31=te31,te0		// 1/0:te0+s0>>24
-	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
-{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
-	add	te32=te32,te0		// 1/1:te0+s0
-	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
-{ .mmi;	ld1	te31=[te31]		// 2/0:te0[s3&0xff]
-	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
-	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
-{ .mmi;	ld1	te32=[te32]		// 2/1:te0[s0]
-	add	te23=te23,te0		// 2/1:te0+s3>>8
-	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
-{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
-	add	te20=te20,te0		// 3/2:te0+s0>>8
-	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
-{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
-	add	te00=te00,te0		// 3/0:te0+s0>>24
-	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
-{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
-	add	te21=te21,te0		// 4/3:te0+s2
-	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
-{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
-	add	te01=te01,te0		// 4/1:te0+s1>>24
-	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
-{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
-	add	te13=te13,te0		// 5/0:te0+s1>>16
-	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
-{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
-	add	te02=te02,te0		// 5/2:te0+s2>>24
-	and	te33=s3,maskff	};;	// 5/2:s1&0xff
-{ .mmi;	ld1	te13=[te13]		// 6/0:te0[s1>>16]
-	add	te10=te10,te0		// 6/1:te0+s2>>16
-	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
-{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
-	add	te03=te03,te0		// 6/3:te0+s0>>16
-	and	te30=s0,maskff	};;	// 6/3:s2&0xff
-
-{ .mmi;	ld1	te10=[te10]		// 7/1:te0[s2>>16]
-	add	te33=te33,te0		// 7/2:te0+s1&0xff
-	dep	te31=te22,te31,8,8}	// 7/0:
-{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
-	add	te30=te30,te0		// 7/3:te0+s2
-	and	te11=te11,maskff};;	// 7/2:s3>>16&0xff
-{ .mmi;	ld1	te33=[te33]		// 8/2:te0[s1]
-	add	te11=te11,te0		// 8/2:te0+s3>>16
-	dep	te32=te23,te32,8,8}	// 8/1:
-{ .mmi;	ld1	te30=[te30]		// 8/3:te0[s2]
-	add	te12=te12,te0		// 8/3:te0+s0>>16
-	shl	te00=te00,twenty4};;	// 8/0:
-{ .mii;	ld1	te11=[te11]		// 9/2:te0[s3>>16]
-	dep	te31=te13,te31,16,8	// 9/0:
-	shl	te01=te01,twenty4};;	// 9/1:
-{ .mii;	ld1	te12=[te12]		// 10/3:te0[s0>>16]
-	dep	te33=te20,te33,8,8	// 10/2:
-	shl	te02=te02,twenty4};;	// 10/2:
-{ .mii;	xor	t0=t0,te31		// 11/0:
-	dep	te30=te21,te30,8,8	// 11/3:
-	shl	te10=te10,sixteen};;	// 11/1:
-{ .mii;	xor	r16=t0,te00		// 12/0:done!
-	dep	te33=te11,te33,16,8	// 12/2:
-	shl	te03=te03,twenty4};;	// 12/3:
-{ .mmi;	xor	t1=t1,te01		// 13/1:
-	xor	t2=t2,te02		// 13/2:
-	dep	te30=te12,te30,16,8};;	// 13/3:
-{ .mmi;	xor	t1=t1,te32		// 14/1:
-	xor	r24=t2,te33		// 14/2:done!
-	xor	t3=t3,te30	};;	// 14/3:
-{ .mib;	xor	r20=t1,te10		// 15/1:done!
-	xor	r28=t3,te03		// 15/3:done!
-	br.ret.sptk	b6	};;
-.endp	_ia64_AES_decrypt#
-
-// void AES_decrypt (const void *in,void *out,const AES_KEY *key);
-.global	AES_decrypt#
-.proc	AES_decrypt#
-.align	32
-AES_decrypt:
-	.prologue
-	.save	ar.pfs,pfssave
-{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
-	and	out0=3,in0
-	mov	r3=ip			}
-{ .mmi;	ADDP	in0=0,in0
-	mov	loc0=psr.um
-	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
-
-{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
-	add	out8=(AES_Td#-AES_decrypt#),r3	// Te0
-	.save	pr,prsave
-	mov	prsave=pr		}
-{ .mmi;	rum	1<<3				// clear um.ac
-	.save	ar.lc,lcsave
-	mov	lcsave=ar.lc		};;
-
-	.body
-#if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
-{ .mib; cmp.ne	p6,p0=out0,r0
-	add	out0=4,in0
-(p6)	br.dpnt.many	.Ld_i_unaligned	};;
-
-{ .mmi;	ld4	out1=[in0],8		// s0
-	and	out9=3,in1
-	mov	twenty4=24		}
-{ .mmi;	ld4	out3=[out0],8		// s1
-	ADDP	rk0=0,in2
-	mov	sixteen=16		};;
-{ .mmi;	ld4	out5=[in0]		// s2
-	cmp.ne	p6,p0=out9,r0
-	mov	maskff=0xff		}
-{ .mmb;	ld4	out7=[out0]		// s3
-	ADDP	rk1=KSZ,in2
-	br.call.sptk.many	b6=_ia64_AES_decrypt	};;
-
-{ .mib;	ADDP	in0=4,in1
-	ADDP	in1=0,in1
-(p6)	br.spnt	.Ld_o_unaligned		};;
-
-{ .mii;	mov	psr.um=loc0
-	mov	ar.pfs=pfssave
-	mov	ar.lc=lcsave		};;
-{ .mmi;	st4	[in1]=r16,8		// s0
-	st4	[in0]=r20,8		// s1
-	mov	pr=prsave,0x1ffff	};;
-{ .mmb;	st4	[in1]=r24		// s2
-	st4	[in0]=r28		// s3
-	br.ret.sptk.many	b0	};;
-#endif
-
-.align	32
-.Ld_i_unaligned:
-{ .mmi;	add	out0=1,in0
-	add	out2=2,in0
-	add	out4=3,in0	};;
-{ .mmi;	ld1	r16=[in0],4
-	ld1	r17=[out0],4	}//;;
-{ .mmi;	ld1	r18=[out2],4
-	ld1	out1=[out4],4	};;	// s0
-{ .mmi;	ld1	r20=[in0],4
-	ld1	r21=[out0],4	}//;;
-{ .mmi;	ld1	r22=[out2],4
-	ld1	out3=[out4],4	};;	// s1
-{ .mmi;	ld1	r24=[in0],4
-	ld1	r25=[out0],4	}//;;
-{ .mmi;	ld1	r26=[out2],4
-	ld1	out5=[out4],4	};;	// s2
-{ .mmi;	ld1	r28=[in0]
-	ld1	r29=[out0]	}//;;
-{ .mmi;	ld1	r30=[out2]
-	ld1	out7=[out4]	};;	// s3
-
-{ .mii;
-	dep	out1=r16,out1,24,8	//;;
-	dep	out3=r20,out3,24,8	}//;;
-{ .mii;	ADDP	rk0=0,in2
-	dep	out5=r24,out5,24,8	//;;
-	dep	out7=r28,out7,24,8	};;
-{ .mii;	ADDP	rk1=KSZ,in2
-	dep	out1=r17,out1,16,8	//;;
-	dep	out3=r21,out3,16,8	}//;;
-{ .mii;	mov	twenty4=24
-	dep	out5=r25,out5,16,8	//;;
-	dep	out7=r29,out7,16,8	};;
-{ .mii;	mov	sixteen=16
-	dep	out1=r18,out1,8,8	//;;
-	dep	out3=r22,out3,8,8	}//;;
-{ .mii;	mov	maskff=0xff
-	dep	out5=r26,out5,8,8	//;;
-	dep	out7=r30,out7,8,8	};;
-
-{ .mib;	br.call.sptk.many	b6=_ia64_AES_decrypt	};;
-
-.Ld_o_unaligned:
-{ .mii;	ADDP	out0=0,in1
-	extr.u	r17=r16,8,8			// s0
-	shr.u	r19=r16,twenty4		}//;;
-{ .mii;	ADDP	out1=1,in1
-	extr.u	r18=r16,16,8
-	shr.u	r23=r20,twenty4		}//;;	// s1
-{ .mii;	ADDP	out2=2,in1
-	extr.u	r21=r20,8,8
-	shr.u	r22=r20,sixteen		}//;;
-{ .mii;	ADDP	out3=3,in1
-	extr.u	r25=r24,8,8			// s2
-	shr.u	r27=r24,twenty4		};;
-{ .mii;	st1	[out3]=r16,4
-	extr.u	r26=r24,16,8
-	shr.u	r31=r28,twenty4		}//;;	// s3
-{ .mii;	st1	[out2]=r17,4
-	extr.u	r29=r28,8,8
-	shr.u	r30=r28,sixteen		}//;;
-
-{ .mmi;	st1	[out1]=r18,4
-	st1	[out0]=r19,4		};;
-{ .mmi;	st1	[out3]=r20,4
-	st1	[out2]=r21,4		}//;;
-{ .mmi;	st1	[out1]=r22,4
-	st1	[out0]=r23,4		};;
-{ .mmi;	st1	[out3]=r24,4
-	st1	[out2]=r25,4
-	mov	pr=prsave,0x1ffff	}//;;
-{ .mmi;	st1	[out1]=r26,4
-	st1	[out0]=r27,4
-	mov	ar.pfs=pfssave		};;
-{ .mmi;	st1	[out3]=r28
-	st1	[out2]=r29
-	mov	ar.lc=lcsave		}//;;
-{ .mmi;	st1	[out1]=r30
-	st1	[out0]=r31		}
-{ .mfb;	mov	psr.um=loc0			// restore user mask
-	br.ret.sptk.many	b0	};;
-.endp	AES_decrypt#
-
-// leave it in .text segment...
-.align	64
-.global	AES_Te#
-.type	AES_Te#,@object
-AES_Te:	data4	0xc66363a5,0xc66363a5, 0xf87c7c84,0xf87c7c84
-	data4	0xee777799,0xee777799, 0xf67b7b8d,0xf67b7b8d
-	data4	0xfff2f20d,0xfff2f20d, 0xd66b6bbd,0xd66b6bbd
-	data4	0xde6f6fb1,0xde6f6fb1, 0x91c5c554,0x91c5c554
-	data4	0x60303050,0x60303050, 0x02010103,0x02010103
-	data4	0xce6767a9,0xce6767a9, 0x562b2b7d,0x562b2b7d
-	data4	0xe7fefe19,0xe7fefe19, 0xb5d7d762,0xb5d7d762
-	data4	0x4dababe6,0x4dababe6, 0xec76769a,0xec76769a
-	data4	0x8fcaca45,0x8fcaca45, 0x1f82829d,0x1f82829d
-	data4	0x89c9c940,0x89c9c940, 0xfa7d7d87,0xfa7d7d87
-	data4	0xeffafa15,0xeffafa15, 0xb25959eb,0xb25959eb
-	data4	0x8e4747c9,0x8e4747c9, 0xfbf0f00b,0xfbf0f00b
-	data4	0x41adadec,0x41adadec, 0xb3d4d467,0xb3d4d467
-	data4	0x5fa2a2fd,0x5fa2a2fd, 0x45afafea,0x45afafea
-	data4	0x239c9cbf,0x239c9cbf, 0x53a4a4f7,0x53a4a4f7
-	data4	0xe4727296,0xe4727296, 0x9bc0c05b,0x9bc0c05b
-	data4	0x75b7b7c2,0x75b7b7c2, 0xe1fdfd1c,0xe1fdfd1c
-	data4	0x3d9393ae,0x3d9393ae, 0x4c26266a,0x4c26266a
-	data4	0x6c36365a,0x6c36365a, 0x7e3f3f41,0x7e3f3f41
-	data4	0xf5f7f702,0xf5f7f702, 0x83cccc4f,0x83cccc4f
-	data4	0x6834345c,0x6834345c, 0x51a5a5f4,0x51a5a5f4
-	data4	0xd1e5e534,0xd1e5e534, 0xf9f1f108,0xf9f1f108
-	data4	0xe2717193,0xe2717193, 0xabd8d873,0xabd8d873
-	data4	0x62313153,0x62313153, 0x2a15153f,0x2a15153f
-	data4	0x0804040c,0x0804040c, 0x95c7c752,0x95c7c752
-	data4	0x46232365,0x46232365, 0x9dc3c35e,0x9dc3c35e
-	data4	0x30181828,0x30181828, 0x379696a1,0x379696a1
-	data4	0x0a05050f,0x0a05050f, 0x2f9a9ab5,0x2f9a9ab5
-	data4	0x0e070709,0x0e070709, 0x24121236,0x24121236
-	data4	0x1b80809b,0x1b80809b, 0xdfe2e23d,0xdfe2e23d
-	data4	0xcdebeb26,0xcdebeb26, 0x4e272769,0x4e272769
-	data4	0x7fb2b2cd,0x7fb2b2cd, 0xea75759f,0xea75759f
-	data4	0x1209091b,0x1209091b, 0x1d83839e,0x1d83839e
-	data4	0x582c2c74,0x582c2c74, 0x341a1a2e,0x341a1a2e
-	data4	0x361b1b2d,0x361b1b2d, 0xdc6e6eb2,0xdc6e6eb2
-	data4	0xb45a5aee,0xb45a5aee, 0x5ba0a0fb,0x5ba0a0fb
-	data4	0xa45252f6,0xa45252f6, 0x763b3b4d,0x763b3b4d
-	data4	0xb7d6d661,0xb7d6d661, 0x7db3b3ce,0x7db3b3ce
-	data4	0x5229297b,0x5229297b, 0xdde3e33e,0xdde3e33e
-	data4	0x5e2f2f71,0x5e2f2f71, 0x13848497,0x13848497
-	data4	0xa65353f5,0xa65353f5, 0xb9d1d168,0xb9d1d168
-	data4	0x00000000,0x00000000, 0xc1eded2c,0xc1eded2c
-	data4	0x40202060,0x40202060, 0xe3fcfc1f,0xe3fcfc1f
-	data4	0x79b1b1c8,0x79b1b1c8, 0xb65b5bed,0xb65b5bed
-	data4	0xd46a6abe,0xd46a6abe, 0x8dcbcb46,0x8dcbcb46
-	data4	0x67bebed9,0x67bebed9, 0x7239394b,0x7239394b
-	data4	0x944a4ade,0x944a4ade, 0x984c4cd4,0x984c4cd4
-	data4	0xb05858e8,0xb05858e8, 0x85cfcf4a,0x85cfcf4a
-	data4	0xbbd0d06b,0xbbd0d06b, 0xc5efef2a,0xc5efef2a
-	data4	0x4faaaae5,0x4faaaae5, 0xedfbfb16,0xedfbfb16
-	data4	0x864343c5,0x864343c5, 0x9a4d4dd7,0x9a4d4dd7
-	data4	0x66333355,0x66333355, 0x11858594,0x11858594
-	data4	0x8a4545cf,0x8a4545cf, 0xe9f9f910,0xe9f9f910
-	data4	0x04020206,0x04020206, 0xfe7f7f81,0xfe7f7f81
-	data4	0xa05050f0,0xa05050f0, 0x783c3c44,0x783c3c44
-	data4	0x259f9fba,0x259f9fba, 0x4ba8a8e3,0x4ba8a8e3
-	data4	0xa25151f3,0xa25151f3, 0x5da3a3fe,0x5da3a3fe
-	data4	0x804040c0,0x804040c0, 0x058f8f8a,0x058f8f8a
-	data4	0x3f9292ad,0x3f9292ad, 0x219d9dbc,0x219d9dbc
-	data4	0x70383848,0x70383848, 0xf1f5f504,0xf1f5f504
-	data4	0x63bcbcdf,0x63bcbcdf, 0x77b6b6c1,0x77b6b6c1
-	data4	0xafdada75,0xafdada75, 0x42212163,0x42212163
-	data4	0x20101030,0x20101030, 0xe5ffff1a,0xe5ffff1a
-	data4	0xfdf3f30e,0xfdf3f30e, 0xbfd2d26d,0xbfd2d26d
-	data4	0x81cdcd4c,0x81cdcd4c, 0x180c0c14,0x180c0c14
-	data4	0x26131335,0x26131335, 0xc3ecec2f,0xc3ecec2f
-	data4	0xbe5f5fe1,0xbe5f5fe1, 0x359797a2,0x359797a2
-	data4	0x884444cc,0x884444cc, 0x2e171739,0x2e171739
-	data4	0x93c4c457,0x93c4c457, 0x55a7a7f2,0x55a7a7f2
-	data4	0xfc7e7e82,0xfc7e7e82, 0x7a3d3d47,0x7a3d3d47
-	data4	0xc86464ac,0xc86464ac, 0xba5d5de7,0xba5d5de7
-	data4	0x3219192b,0x3219192b, 0xe6737395,0xe6737395
-	data4	0xc06060a0,0xc06060a0, 0x19818198,0x19818198
-	data4	0x9e4f4fd1,0x9e4f4fd1, 0xa3dcdc7f,0xa3dcdc7f
-	data4	0x44222266,0x44222266, 0x542a2a7e,0x542a2a7e
-	data4	0x3b9090ab,0x3b9090ab, 0x0b888883,0x0b888883
-	data4	0x8c4646ca,0x8c4646ca, 0xc7eeee29,0xc7eeee29
-	data4	0x6bb8b8d3,0x6bb8b8d3, 0x2814143c,0x2814143c
-	data4	0xa7dede79,0xa7dede79, 0xbc5e5ee2,0xbc5e5ee2
-	data4	0x160b0b1d,0x160b0b1d, 0xaddbdb76,0xaddbdb76
-	data4	0xdbe0e03b,0xdbe0e03b, 0x64323256,0x64323256
-	data4	0x743a3a4e,0x743a3a4e, 0x140a0a1e,0x140a0a1e
-	data4	0x924949db,0x924949db, 0x0c06060a,0x0c06060a
-	data4	0x4824246c,0x4824246c, 0xb85c5ce4,0xb85c5ce4
-	data4	0x9fc2c25d,0x9fc2c25d, 0xbdd3d36e,0xbdd3d36e
-	data4	0x43acacef,0x43acacef, 0xc46262a6,0xc46262a6
-	data4	0x399191a8,0x399191a8, 0x319595a4,0x319595a4
-	data4	0xd3e4e437,0xd3e4e437, 0xf279798b,0xf279798b
-	data4	0xd5e7e732,0xd5e7e732, 0x8bc8c843,0x8bc8c843
-	data4	0x6e373759,0x6e373759, 0xda6d6db7,0xda6d6db7
-	data4	0x018d8d8c,0x018d8d8c, 0xb1d5d564,0xb1d5d564
-	data4	0x9c4e4ed2,0x9c4e4ed2, 0x49a9a9e0,0x49a9a9e0
-	data4	0xd86c6cb4,0xd86c6cb4, 0xac5656fa,0xac5656fa
-	data4	0xf3f4f407,0xf3f4f407, 0xcfeaea25,0xcfeaea25
-	data4	0xca6565af,0xca6565af, 0xf47a7a8e,0xf47a7a8e
-	data4	0x47aeaee9,0x47aeaee9, 0x10080818,0x10080818
-	data4	0x6fbabad5,0x6fbabad5, 0xf0787888,0xf0787888
-	data4	0x4a25256f,0x4a25256f, 0x5c2e2e72,0x5c2e2e72
-	data4	0x381c1c24,0x381c1c24, 0x57a6a6f1,0x57a6a6f1
-	data4	0x73b4b4c7,0x73b4b4c7, 0x97c6c651,0x97c6c651
-	data4	0xcbe8e823,0xcbe8e823, 0xa1dddd7c,0xa1dddd7c
-	data4	0xe874749c,0xe874749c, 0x3e1f1f21,0x3e1f1f21
-	data4	0x964b4bdd,0x964b4bdd, 0x61bdbddc,0x61bdbddc
-	data4	0x0d8b8b86,0x0d8b8b86, 0x0f8a8a85,0x0f8a8a85
-	data4	0xe0707090,0xe0707090, 0x7c3e3e42,0x7c3e3e42
-	data4	0x71b5b5c4,0x71b5b5c4, 0xcc6666aa,0xcc6666aa
-	data4	0x904848d8,0x904848d8, 0x06030305,0x06030305
-	data4	0xf7f6f601,0xf7f6f601, 0x1c0e0e12,0x1c0e0e12
-	data4	0xc26161a3,0xc26161a3, 0x6a35355f,0x6a35355f
-	data4	0xae5757f9,0xae5757f9, 0x69b9b9d0,0x69b9b9d0
-	data4	0x17868691,0x17868691, 0x99c1c158,0x99c1c158
-	data4	0x3a1d1d27,0x3a1d1d27, 0x279e9eb9,0x279e9eb9
-	data4	0xd9e1e138,0xd9e1e138, 0xebf8f813,0xebf8f813
-	data4	0x2b9898b3,0x2b9898b3, 0x22111133,0x22111133
-	data4	0xd26969bb,0xd26969bb, 0xa9d9d970,0xa9d9d970
-	data4	0x078e8e89,0x078e8e89, 0x339494a7,0x339494a7
-	data4	0x2d9b9bb6,0x2d9b9bb6, 0x3c1e1e22,0x3c1e1e22
-	data4	0x15878792,0x15878792, 0xc9e9e920,0xc9e9e920
-	data4	0x87cece49,0x87cece49, 0xaa5555ff,0xaa5555ff
-	data4	0x50282878,0x50282878, 0xa5dfdf7a,0xa5dfdf7a
-	data4	0x038c8c8f,0x038c8c8f, 0x59a1a1f8,0x59a1a1f8
-	data4	0x09898980,0x09898980, 0x1a0d0d17,0x1a0d0d17
-	data4	0x65bfbfda,0x65bfbfda, 0xd7e6e631,0xd7e6e631
-	data4	0x844242c6,0x844242c6, 0xd06868b8,0xd06868b8
-	data4	0x824141c3,0x824141c3, 0x299999b0,0x299999b0
-	data4	0x5a2d2d77,0x5a2d2d77, 0x1e0f0f11,0x1e0f0f11
-	data4	0x7bb0b0cb,0x7bb0b0cb, 0xa85454fc,0xa85454fc
-	data4	0x6dbbbbd6,0x6dbbbbd6, 0x2c16163a,0x2c16163a
-// Te4:
-	data1	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-	data1	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-	data1	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-	data1	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-	data1	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-	data1	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-	data1	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-	data1	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-	data1	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-	data1	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-	data1	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-	data1	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-	data1	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-	data1	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-	data1	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-	data1	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-	data1	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-	data1	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-	data1	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-	data1	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-	data1	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-	data1	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-	data1	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-	data1	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-	data1	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-	data1	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-	data1	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-	data1	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-	data1	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-	data1	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-	data1	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-	data1	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-.size	AES_Te#,2048+256	// HP-UX assembler fails to ".-AES_Te#"
-
-.align	64
-.global	AES_Td#
-.type	AES_Td#,@object
-AES_Td:	data4	0x51f4a750,0x51f4a750, 0x7e416553,0x7e416553
-	data4	0x1a17a4c3,0x1a17a4c3, 0x3a275e96,0x3a275e96
-	data4	0x3bab6bcb,0x3bab6bcb, 0x1f9d45f1,0x1f9d45f1
-	data4	0xacfa58ab,0xacfa58ab, 0x4be30393,0x4be30393
-	data4	0x2030fa55,0x2030fa55, 0xad766df6,0xad766df6
-	data4	0x88cc7691,0x88cc7691, 0xf5024c25,0xf5024c25
-	data4	0x4fe5d7fc,0x4fe5d7fc, 0xc52acbd7,0xc52acbd7
-	data4	0x26354480,0x26354480, 0xb562a38f,0xb562a38f
-	data4	0xdeb15a49,0xdeb15a49, 0x25ba1b67,0x25ba1b67
-	data4	0x45ea0e98,0x45ea0e98, 0x5dfec0e1,0x5dfec0e1
-	data4	0xc32f7502,0xc32f7502, 0x814cf012,0x814cf012
-	data4	0x8d4697a3,0x8d4697a3, 0x6bd3f9c6,0x6bd3f9c6
-	data4	0x038f5fe7,0x038f5fe7, 0x15929c95,0x15929c95
-	data4	0xbf6d7aeb,0xbf6d7aeb, 0x955259da,0x955259da
-	data4	0xd4be832d,0xd4be832d, 0x587421d3,0x587421d3
-	data4	0x49e06929,0x49e06929, 0x8ec9c844,0x8ec9c844
-	data4	0x75c2896a,0x75c2896a, 0xf48e7978,0xf48e7978
-	data4	0x99583e6b,0x99583e6b, 0x27b971dd,0x27b971dd
-	data4	0xbee14fb6,0xbee14fb6, 0xf088ad17,0xf088ad17
-	data4	0xc920ac66,0xc920ac66, 0x7dce3ab4,0x7dce3ab4
-	data4	0x63df4a18,0x63df4a18, 0xe51a3182,0xe51a3182
-	data4	0x97513360,0x97513360, 0x62537f45,0x62537f45
-	data4	0xb16477e0,0xb16477e0, 0xbb6bae84,0xbb6bae84
-	data4	0xfe81a01c,0xfe81a01c, 0xf9082b94,0xf9082b94
-	data4	0x70486858,0x70486858, 0x8f45fd19,0x8f45fd19
-	data4	0x94de6c87,0x94de6c87, 0x527bf8b7,0x527bf8b7
-	data4	0xab73d323,0xab73d323, 0x724b02e2,0x724b02e2
-	data4	0xe31f8f57,0xe31f8f57, 0x6655ab2a,0x6655ab2a
-	data4	0xb2eb2807,0xb2eb2807, 0x2fb5c203,0x2fb5c203
-	data4	0x86c57b9a,0x86c57b9a, 0xd33708a5,0xd33708a5
-	data4	0x302887f2,0x302887f2, 0x23bfa5b2,0x23bfa5b2
-	data4	0x02036aba,0x02036aba, 0xed16825c,0xed16825c
-	data4	0x8acf1c2b,0x8acf1c2b, 0xa779b492,0xa779b492
-	data4	0xf307f2f0,0xf307f2f0, 0x4e69e2a1,0x4e69e2a1
-	data4	0x65daf4cd,0x65daf4cd, 0x0605bed5,0x0605bed5
-	data4	0xd134621f,0xd134621f, 0xc4a6fe8a,0xc4a6fe8a
-	data4	0x342e539d,0x342e539d, 0xa2f355a0,0xa2f355a0
-	data4	0x058ae132,0x058ae132, 0xa4f6eb75,0xa4f6eb75
-	data4	0x0b83ec39,0x0b83ec39, 0x4060efaa,0x4060efaa
-	data4	0x5e719f06,0x5e719f06, 0xbd6e1051,0xbd6e1051
-	data4	0x3e218af9,0x3e218af9, 0x96dd063d,0x96dd063d
-	data4	0xdd3e05ae,0xdd3e05ae, 0x4de6bd46,0x4de6bd46
-	data4	0x91548db5,0x91548db5, 0x71c45d05,0x71c45d05
-	data4	0x0406d46f,0x0406d46f, 0x605015ff,0x605015ff
-	data4	0x1998fb24,0x1998fb24, 0xd6bde997,0xd6bde997
-	data4	0x894043cc,0x894043cc, 0x67d99e77,0x67d99e77
-	data4	0xb0e842bd,0xb0e842bd, 0x07898b88,0x07898b88
-	data4	0xe7195b38,0xe7195b38, 0x79c8eedb,0x79c8eedb
-	data4	0xa17c0a47,0xa17c0a47, 0x7c420fe9,0x7c420fe9
-	data4	0xf8841ec9,0xf8841ec9, 0x00000000,0x00000000
-	data4	0x09808683,0x09808683, 0x322bed48,0x322bed48
-	data4	0x1e1170ac,0x1e1170ac, 0x6c5a724e,0x6c5a724e
-	data4	0xfd0efffb,0xfd0efffb, 0x0f853856,0x0f853856
-	data4	0x3daed51e,0x3daed51e, 0x362d3927,0x362d3927
-	data4	0x0a0fd964,0x0a0fd964, 0x685ca621,0x685ca621
-	data4	0x9b5b54d1,0x9b5b54d1, 0x24362e3a,0x24362e3a
-	data4	0x0c0a67b1,0x0c0a67b1, 0x9357e70f,0x9357e70f
-	data4	0xb4ee96d2,0xb4ee96d2, 0x1b9b919e,0x1b9b919e
-	data4	0x80c0c54f,0x80c0c54f, 0x61dc20a2,0x61dc20a2
-	data4	0x5a774b69,0x5a774b69, 0x1c121a16,0x1c121a16
-	data4	0xe293ba0a,0xe293ba0a, 0xc0a02ae5,0xc0a02ae5
-	data4	0x3c22e043,0x3c22e043, 0x121b171d,0x121b171d
-	data4	0x0e090d0b,0x0e090d0b, 0xf28bc7ad,0xf28bc7ad
-	data4	0x2db6a8b9,0x2db6a8b9, 0x141ea9c8,0x141ea9c8
-	data4	0x57f11985,0x57f11985, 0xaf75074c,0xaf75074c
-	data4	0xee99ddbb,0xee99ddbb, 0xa37f60fd,0xa37f60fd
-	data4	0xf701269f,0xf701269f, 0x5c72f5bc,0x5c72f5bc
-	data4	0x44663bc5,0x44663bc5, 0x5bfb7e34,0x5bfb7e34
-	data4	0x8b432976,0x8b432976, 0xcb23c6dc,0xcb23c6dc
-	data4	0xb6edfc68,0xb6edfc68, 0xb8e4f163,0xb8e4f163
-	data4	0xd731dcca,0xd731dcca, 0x42638510,0x42638510
-	data4	0x13972240,0x13972240, 0x84c61120,0x84c61120
-	data4	0x854a247d,0x854a247d, 0xd2bb3df8,0xd2bb3df8
-	data4	0xaef93211,0xaef93211, 0xc729a16d,0xc729a16d
-	data4	0x1d9e2f4b,0x1d9e2f4b, 0xdcb230f3,0xdcb230f3
-	data4	0x0d8652ec,0x0d8652ec, 0x77c1e3d0,0x77c1e3d0
-	data4	0x2bb3166c,0x2bb3166c, 0xa970b999,0xa970b999
-	data4	0x119448fa,0x119448fa, 0x47e96422,0x47e96422
-	data4	0xa8fc8cc4,0xa8fc8cc4, 0xa0f03f1a,0xa0f03f1a
-	data4	0x567d2cd8,0x567d2cd8, 0x223390ef,0x223390ef
-	data4	0x87494ec7,0x87494ec7, 0xd938d1c1,0xd938d1c1
-	data4	0x8ccaa2fe,0x8ccaa2fe, 0x98d40b36,0x98d40b36
-	data4	0xa6f581cf,0xa6f581cf, 0xa57ade28,0xa57ade28
-	data4	0xdab78e26,0xdab78e26, 0x3fadbfa4,0x3fadbfa4
-	data4	0x2c3a9de4,0x2c3a9de4, 0x5078920d,0x5078920d
-	data4	0x6a5fcc9b,0x6a5fcc9b, 0x547e4662,0x547e4662
-	data4	0xf68d13c2,0xf68d13c2, 0x90d8b8e8,0x90d8b8e8
-	data4	0x2e39f75e,0x2e39f75e, 0x82c3aff5,0x82c3aff5
-	data4	0x9f5d80be,0x9f5d80be, 0x69d0937c,0x69d0937c
-	data4	0x6fd52da9,0x6fd52da9, 0xcf2512b3,0xcf2512b3
-	data4	0xc8ac993b,0xc8ac993b, 0x10187da7,0x10187da7
-	data4	0xe89c636e,0xe89c636e, 0xdb3bbb7b,0xdb3bbb7b
-	data4	0xcd267809,0xcd267809, 0x6e5918f4,0x6e5918f4
-	data4	0xec9ab701,0xec9ab701, 0x834f9aa8,0x834f9aa8
-	data4	0xe6956e65,0xe6956e65, 0xaaffe67e,0xaaffe67e
-	data4	0x21bccf08,0x21bccf08, 0xef15e8e6,0xef15e8e6
-	data4	0xbae79bd9,0xbae79bd9, 0x4a6f36ce,0x4a6f36ce
-	data4	0xea9f09d4,0xea9f09d4, 0x29b07cd6,0x29b07cd6
-	data4	0x31a4b2af,0x31a4b2af, 0x2a3f2331,0x2a3f2331
-	data4	0xc6a59430,0xc6a59430, 0x35a266c0,0x35a266c0
-	data4	0x744ebc37,0x744ebc37, 0xfc82caa6,0xfc82caa6
-	data4	0xe090d0b0,0xe090d0b0, 0x33a7d815,0x33a7d815
-	data4	0xf104984a,0xf104984a, 0x41ecdaf7,0x41ecdaf7
-	data4	0x7fcd500e,0x7fcd500e, 0x1791f62f,0x1791f62f
-	data4	0x764dd68d,0x764dd68d, 0x43efb04d,0x43efb04d
-	data4	0xccaa4d54,0xccaa4d54, 0xe49604df,0xe49604df
-	data4	0x9ed1b5e3,0x9ed1b5e3, 0x4c6a881b,0x4c6a881b
-	data4	0xc12c1fb8,0xc12c1fb8, 0x4665517f,0x4665517f
-	data4	0x9d5eea04,0x9d5eea04, 0x018c355d,0x018c355d
-	data4	0xfa877473,0xfa877473, 0xfb0b412e,0xfb0b412e
-	data4	0xb3671d5a,0xb3671d5a, 0x92dbd252,0x92dbd252
-	data4	0xe9105633,0xe9105633, 0x6dd64713,0x6dd64713
-	data4	0x9ad7618c,0x9ad7618c, 0x37a10c7a,0x37a10c7a
-	data4	0x59f8148e,0x59f8148e, 0xeb133c89,0xeb133c89
-	data4	0xcea927ee,0xcea927ee, 0xb761c935,0xb761c935
-	data4	0xe11ce5ed,0xe11ce5ed, 0x7a47b13c,0x7a47b13c
-	data4	0x9cd2df59,0x9cd2df59, 0x55f2733f,0x55f2733f
-	data4	0x1814ce79,0x1814ce79, 0x73c737bf,0x73c737bf
-	data4	0x53f7cdea,0x53f7cdea, 0x5ffdaa5b,0x5ffdaa5b
-	data4	0xdf3d6f14,0xdf3d6f14, 0x7844db86,0x7844db86
-	data4	0xcaaff381,0xcaaff381, 0xb968c43e,0xb968c43e
-	data4	0x3824342c,0x3824342c, 0xc2a3405f,0xc2a3405f
-	data4	0x161dc372,0x161dc372, 0xbce2250c,0xbce2250c
-	data4	0x283c498b,0x283c498b, 0xff0d9541,0xff0d9541
-	data4	0x39a80171,0x39a80171, 0x080cb3de,0x080cb3de
-	data4	0xd8b4e49c,0xd8b4e49c, 0x6456c190,0x6456c190
-	data4	0x7bcb8461,0x7bcb8461, 0xd532b670,0xd532b670
-	data4	0x486c5c74,0x486c5c74, 0xd0b85742,0xd0b85742
-// Td4:
-	data1	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-	data1	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-	data1	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-	data1	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-	data1	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-	data1	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-	data1	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-	data1	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-	data1	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-	data1	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-	data1	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-	data1	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-	data1	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-	data1	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-	data1	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-	data1	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-	data1	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-	data1	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-	data1	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-	data1	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-	data1	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-	data1	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-	data1	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-	data1	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-	data1	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-	data1	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-	data1	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-	data1	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-	data1	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-	data1	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-	data1	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-	data1	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-.size	AES_Td#,2048+256	// HP-UX assembler fails to ".-AES_Td#"
diff --git a/lib/libssl/src/crypto/aes/asm/aes-mips.pl b/lib/libssl/src/crypto/aes/asm/aes-mips.pl
deleted file mode 100644
index 2f6ff74ffe1..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-mips.pl
+++ /dev/null
@@ -1,1613 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# AES for MIPS
-
-# October 2010
-#
-# Code uses 1K[+256B] S-box and on single-issue core [such as R5000]
-# spends ~68 cycles per byte processed with 128-bit key. This is ~16%
-# faster than gcc-generated code, which is not very impressive. But
-# recall that compressed S-box requires extra processing, namely
-# additional rotations. Rotations are implemented with lwl/lwr pairs,
-# which is normally used for loading unaligned data. Another cool
-# thing about this module is its endian neutrality, which means that
-# it processes data without ever changing byte order...
-
-######################################################################
-# There is a number of MIPS ABI in use, O32 and N32/64 are most
-# widely used. Then there is a new contender: NUBI. It appears that if
-# one picks the latter, it's possible to arrange code in ABI neutral
-# manner. Therefore let's stick to NUBI register layout:
-#
-($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
-($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
-($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
-#
-# The return value is placed in $a0. Following coding rules facilitate
-# interoperability:
-#
-# - never ever touch $tp, "thread pointer", former $gp;
-# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
-#   old code];
-# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
-#
-# For reference here is register layout for N32/64 MIPS ABIs:
-#
-# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
-# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
-# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
-# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
-#
-$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
-
-if ($flavour =~ /64/i) {
-	$LA="dla";
-} else {
-	$LA="la";
-}
-
-if ($flavour =~ /64|n32/i) {
-	$PTR_ADD="dadd";	# incidentally works even on n32
-	$PTR_SUB="dsub";	# incidentally works even on n32
-	$REG_S="sd";
-	$REG_L="ld";
-	$PTR_SLL="dsll";	# incidentally works even on n32
-	$SZREG=8;
-} else {
-	$PTR_ADD="add";
-	$PTR_SUB="sub";
-	$REG_S="sw";
-	$REG_L="lw";
-	$PTR_SLL="sll";
-	$SZREG=4;
-}
-$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
-#
-# <appro@openssl.org>
-#
-######################################################################
-
-$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
-
-for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);	}
-open STDOUT,">$output";
-
-if (!defined($big_endian))
-{    $big_endian=(unpack('L',pack('N',1))==1);   }
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-my ($MSB,$LSB)=(0,3);	# automatically converted to little-endian
-
-$code.=<<___;
-.text
-#if !defined(__vxworks) || defined(__pic__)
-.option	pic2
-#endif
-.set	noat
-___
-
-{{{
-my $FRAMESIZE=16*$SZREG;
-my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
-
-my ($inp,$out,$key,$Tbl,$s0,$s1,$s2,$s3)=($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7);
-my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
-my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23));
-my ($key0,$cnt)=($gp,$fp);
-
-# instuction ordering is "stolen" from output from MIPSpro assembler
-# invoked with -mips3 -O3 arguments...
-$code.=<<___;
-.align	5
-.ent	_mips_AES_encrypt
-_mips_AES_encrypt:
-	.frame	$sp,0,$ra
-	.set	reorder
-	lw	$t0,0($key)
-	lw	$t1,4($key)
-	lw	$t2,8($key)
-	lw	$t3,12($key)
-	lw	$cnt,240($key)
-	$PTR_ADD $key0,$key,16
-
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-
-	sub	$cnt,1
-	_xtr	$i0,$s1,16-2
-.Loop_enc:
-	_xtr	$i1,$s2,16-2
-	_xtr	$i2,$s3,16-2
-	_xtr	$i3,$s0,16-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t0,3($i0)		# Te1[s1>>16]
-	lwl	$t1,3($i1)		# Te1[s2>>16]
-	lwl	$t2,3($i2)		# Te1[s3>>16]
-	lwl	$t3,3($i3)		# Te1[s0>>16]
-	lwr	$t0,2($i0)		# Te1[s1>>16]
-	lwr	$t1,2($i1)		# Te1[s2>>16]
-	lwr	$t2,2($i2)		# Te1[s3>>16]
-	lwr	$t3,2($i3)		# Te1[s0>>16]
-
-	_xtr	$i0,$s2,8-2
-	_xtr	$i1,$s3,8-2
-	_xtr	$i2,$s0,8-2
-	_xtr	$i3,$s1,8-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t4,2($i0)		# Te2[s2>>8]
-	lwl	$t5,2($i1)		# Te2[s3>>8]
-	lwl	$t6,2($i2)		# Te2[s0>>8]
-	lwl	$t7,2($i3)		# Te2[s1>>8]
-	lwr	$t4,1($i0)		# Te2[s2>>8]
-	lwr	$t5,1($i1)		# Te2[s3>>8]
-	lwr	$t6,1($i2)		# Te2[s0>>8]
-	lwr	$t7,1($i3)		# Te2[s1>>8]
-
-	_xtr	$i0,$s3,0-2
-	_xtr	$i1,$s0,0-2
-	_xtr	$i2,$s1,0-2
-	_xtr	$i3,$s2,0-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t8,1($i0)		# Te3[s3]
-	lwl	$t9,1($i1)		# Te3[s0]
-	lwl	$t10,1($i2)		# Te3[s1]
-	lwl	$t11,1($i3)		# Te3[s2]
-	lwr	$t8,0($i0)		# Te3[s3]
-	lwr	$t9,0($i1)		# Te3[s0]
-	lwr	$t10,0($i2)		# Te3[s1]
-	lwr	$t11,0($i3)		# Te3[s2]
-
-	_xtr	$i0,$s0,24-2
-	_xtr	$i1,$s1,24-2
-	_xtr	$i2,$s2,24-2
-	_xtr	$i3,$s3,24-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-	lw	$t4,0($i0)		# Te0[s0>>24]
-	lw	$t5,0($i1)		# Te0[s1>>24]
-	lw	$t6,0($i2)		# Te0[s2>>24]
-	lw	$t7,0($i3)		# Te0[s3>>24]
-
-	lw	$s0,0($key0)
-	lw	$s1,4($key0)
-	lw	$s2,8($key0)
-	lw	$s3,12($key0)
-
-	xor	$t0,$t8
-	xor	$t1,$t9
-	xor	$t2,$t10
-	xor	$t3,$t11
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	sub	$cnt,1
-	$PTR_ADD $key0,16
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-	.set	noreorder
-	bnez	$cnt,.Loop_enc
-	_xtr	$i0,$s1,16-2
-
-	.set	reorder
-	_xtr	$i1,$s2,16-2
-	_xtr	$i2,$s3,16-2
-	_xtr	$i3,$s0,16-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t0,2($i0)		# Te4[s1>>16]
-	lbu	$t1,2($i1)		# Te4[s2>>16]
-	lbu	$t2,2($i2)		# Te4[s3>>16]
-	lbu	$t3,2($i3)		# Te4[s0>>16]
-
-	_xtr	$i0,$s2,8-2
-	_xtr	$i1,$s3,8-2
-	_xtr	$i2,$s0,8-2
-	_xtr	$i3,$s1,8-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t4,2($i0)		# Te4[s2>>8]
-	lbu	$t5,2($i1)		# Te4[s3>>8]
-	lbu	$t6,2($i2)		# Te4[s0>>8]
-	lbu	$t7,2($i3)		# Te4[s1>>8]
-
-	_xtr	$i0,$s0,24-2
-	_xtr	$i1,$s1,24-2
-	_xtr	$i2,$s2,24-2
-	_xtr	$i3,$s3,24-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t8,2($i0)		# Te4[s0>>24]
-	lbu	$t9,2($i1)		# Te4[s1>>24]
-	lbu	$t10,2($i2)		# Te4[s2>>24]
-	lbu	$t11,2($i3)		# Te4[s3>>24]
-
-	_xtr	$i0,$s3,0-2
-	_xtr	$i1,$s0,0-2
-	_xtr	$i2,$s1,0-2
-	_xtr	$i3,$s2,0-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-
-	_ins	$t0,16
-	_ins	$t1,16
-	_ins	$t2,16
-	_ins	$t3,16
-
-	_ins	$t4,8
-	_ins	$t5,8
-	_ins	$t6,8
-	_ins	$t7,8
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t4,2($i0)		# Te4[s3]
-	lbu	$t5,2($i1)		# Te4[s0]
-	lbu	$t6,2($i2)		# Te4[s1]
-	lbu	$t7,2($i3)		# Te4[s2]
-
-	_ins	$t8,24
-	_ins	$t9,24
-	_ins	$t10,24
-	_ins	$t11,24
-
-	lw	$s0,0($key0)
-	lw	$s1,4($key0)
-	lw	$s2,8($key0)
-	lw	$s3,12($key0)
-
-	xor	$t0,$t8
-	xor	$t1,$t9
-	xor	$t2,$t10
-	xor	$t3,$t11
-
-	_ins	$t4,0
-	_ins	$t5,0
-	_ins	$t6,0
-	_ins	$t7,0
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-
-	jr	$ra
-.end	_mips_AES_encrypt
-
-.align	5
-.globl	AES_encrypt
-.ent	AES_encrypt
-AES_encrypt:
-	.frame	$sp,$FRAMESIZE,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
-	.cpload	$pf
-___
-$code.=<<___;
-	$PTR_SUB $sp,$FRAMESIZE
-	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	\$15,$FRAMESIZE-11*$SZREG($sp)
-	$REG_S	\$14,$FRAMESIZE-12*$SZREG($sp)
-	$REG_S	\$13,$FRAMESIZE-13*$SZREG($sp)
-	$REG_S	\$12,$FRAMESIZE-14*$SZREG($sp)
-	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
-	.cplocal	$Tbl
-	.cpsetup	$pf,$zero,AES_encrypt
-___
-$code.=<<___;
-	.set	reorder
-	$LA	$Tbl,AES_Te		# PIC-ified 'load address'
-
-	lwl	$s0,0+$MSB($inp)
-	lwl	$s1,4+$MSB($inp)
-	lwl	$s2,8+$MSB($inp)
-	lwl	$s3,12+$MSB($inp)
-	lwr	$s0,0+$LSB($inp)
-	lwr	$s1,4+$LSB($inp)
-	lwr	$s2,8+$LSB($inp)
-	lwr	$s3,12+$LSB($inp)
-
-	bal	_mips_AES_encrypt
-
-	swr	$s0,0+$LSB($out)
-	swr	$s1,4+$LSB($out)
-	swr	$s2,8+$LSB($out)
-	swr	$s3,12+$LSB($out)
-	swl	$s0,0+$MSB($out)
-	swl	$s1,4+$MSB($out)
-	swl	$s2,8+$MSB($out)
-	swl	$s3,12+$MSB($out)
-
-	.set	noreorder
-	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	\$15,$FRAMESIZE-11*$SZREG($sp)
-	$REG_L	\$14,$FRAMESIZE-12*$SZREG($sp)
-	$REG_L	\$13,$FRAMESIZE-13*$SZREG($sp)
-	$REG_L	\$12,$FRAMESIZE-14*$SZREG($sp)
-	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE
-.end	AES_encrypt
-___
-
-$code.=<<___;
-.align	5
-.ent	_mips_AES_decrypt
-_mips_AES_decrypt:
-	.frame	$sp,0,$ra
-	.set	reorder
-	lw	$t0,0($key)
-	lw	$t1,4($key)
-	lw	$t2,8($key)
-	lw	$t3,12($key)
-	lw	$cnt,240($key)
-	$PTR_ADD $key0,$key,16
-
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-
-	sub	$cnt,1
-	_xtr	$i0,$s3,16-2
-.Loop_dec:
-	_xtr	$i1,$s0,16-2
-	_xtr	$i2,$s1,16-2
-	_xtr	$i3,$s2,16-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t0,3($i0)		# Td1[s3>>16]
-	lwl	$t1,3($i1)		# Td1[s0>>16]
-	lwl	$t2,3($i2)		# Td1[s1>>16]
-	lwl	$t3,3($i3)		# Td1[s2>>16]
-	lwr	$t0,2($i0)		# Td1[s3>>16]
-	lwr	$t1,2($i1)		# Td1[s0>>16]
-	lwr	$t2,2($i2)		# Td1[s1>>16]
-	lwr	$t3,2($i3)		# Td1[s2>>16]
-
-	_xtr	$i0,$s2,8-2
-	_xtr	$i1,$s3,8-2
-	_xtr	$i2,$s0,8-2
-	_xtr	$i3,$s1,8-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t4,2($i0)		# Td2[s2>>8]
-	lwl	$t5,2($i1)		# Td2[s3>>8]
-	lwl	$t6,2($i2)		# Td2[s0>>8]
-	lwl	$t7,2($i3)		# Td2[s1>>8]
-	lwr	$t4,1($i0)		# Td2[s2>>8]
-	lwr	$t5,1($i1)		# Td2[s3>>8]
-	lwr	$t6,1($i2)		# Td2[s0>>8]
-	lwr	$t7,1($i3)		# Td2[s1>>8]
-
-	_xtr	$i0,$s1,0-2
-	_xtr	$i1,$s2,0-2
-	_xtr	$i2,$s3,0-2
-	_xtr	$i3,$s0,0-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lwl	$t8,1($i0)		# Td3[s1]
-	lwl	$t9,1($i1)		# Td3[s2]
-	lwl	$t10,1($i2)		# Td3[s3]
-	lwl	$t11,1($i3)		# Td3[s0]
-	lwr	$t8,0($i0)		# Td3[s1]
-	lwr	$t9,0($i1)		# Td3[s2]
-	lwr	$t10,0($i2)		# Td3[s3]
-	lwr	$t11,0($i3)		# Td3[s0]
-
-	_xtr	$i0,$s0,24-2
-	_xtr	$i1,$s1,24-2
-	_xtr	$i2,$s2,24-2
-	_xtr	$i3,$s3,24-2
-	and	$i0,0x3fc
-	and	$i1,0x3fc
-	and	$i2,0x3fc
-	and	$i3,0x3fc
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-
-	lw	$t4,0($i0)		# Td0[s0>>24]
-	lw	$t5,0($i1)		# Td0[s1>>24]
-	lw	$t6,0($i2)		# Td0[s2>>24]
-	lw	$t7,0($i3)		# Td0[s3>>24]
-
-	lw	$s0,0($key0)
-	lw	$s1,4($key0)
-	lw	$s2,8($key0)
-	lw	$s3,12($key0)
-
-	xor	$t0,$t8
-	xor	$t1,$t9
-	xor	$t2,$t10
-	xor	$t3,$t11
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	sub	$cnt,1
-	$PTR_ADD $key0,16
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-	.set	noreorder
-	bnez	$cnt,.Loop_dec
-	_xtr	$i0,$s3,16-2
-
-	.set	reorder
-	lw	$t4,1024($Tbl)		# prefetch Td4
-	lw	$t5,1024+32($Tbl)
-	lw	$t6,1024+64($Tbl)
-	lw	$t7,1024+96($Tbl)
-	lw	$t8,1024+128($Tbl)
-	lw	$t9,1024+160($Tbl)
-	lw	$t10,1024+192($Tbl)
-	lw	$t11,1024+224($Tbl)
-
-	_xtr	$i0,$s3,16
-	_xtr	$i1,$s0,16
-	_xtr	$i2,$s1,16
-	_xtr	$i3,$s2,16
-	and	$i0,0xff
-	and	$i1,0xff
-	and	$i2,0xff
-	and	$i3,0xff
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t0,1024($i0)		# Td4[s3>>16]
-	lbu	$t1,1024($i1)		# Td4[s0>>16]
-	lbu	$t2,1024($i2)		# Td4[s1>>16]
-	lbu	$t3,1024($i3)		# Td4[s2>>16]
-
-	_xtr	$i0,$s2,8
-	_xtr	$i1,$s3,8
-	_xtr	$i2,$s0,8
-	_xtr	$i3,$s1,8
-	and	$i0,0xff
-	and	$i1,0xff
-	and	$i2,0xff
-	and	$i3,0xff
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t4,1024($i0)		# Td4[s2>>8]
-	lbu	$t5,1024($i1)		# Td4[s3>>8]
-	lbu	$t6,1024($i2)		# Td4[s0>>8]
-	lbu	$t7,1024($i3)		# Td4[s1>>8]
-
-	_xtr	$i0,$s0,24
-	_xtr	$i1,$s1,24
-	_xtr	$i2,$s2,24
-	_xtr	$i3,$s3,24
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t8,1024($i0)		# Td4[s0>>24]
-	lbu	$t9,1024($i1)		# Td4[s1>>24]
-	lbu	$t10,1024($i2)		# Td4[s2>>24]
-	lbu	$t11,1024($i3)		# Td4[s3>>24]
-
-	_xtr	$i0,$s1,0
-	_xtr	$i1,$s2,0
-	_xtr	$i2,$s3,0
-	_xtr	$i3,$s0,0
-
-	_ins	$t0,16
-	_ins	$t1,16
-	_ins	$t2,16
-	_ins	$t3,16
-
-	_ins	$t4,8
-	_ins	$t5,8
-	_ins	$t6,8
-	_ins	$t7,8
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$t4,1024($i0)		# Td4[s1]
-	lbu	$t5,1024($i1)		# Td4[s2]
-	lbu	$t6,1024($i2)		# Td4[s3]
-	lbu	$t7,1024($i3)		# Td4[s0]
-
-	_ins	$t8,24
-	_ins	$t9,24
-	_ins	$t10,24
-	_ins	$t11,24
-
-	lw	$s0,0($key0)
-	lw	$s1,4($key0)
-	lw	$s2,8($key0)
-	lw	$s3,12($key0)
-
-	_ins	$t4,0
-	_ins	$t5,0
-	_ins	$t6,0
-	_ins	$t7,0
-
-
-	xor	$t0,$t8
-	xor	$t1,$t9
-	xor	$t2,$t10
-	xor	$t3,$t11
-
-	xor	$t0,$t4
-	xor	$t1,$t5
-	xor	$t2,$t6
-	xor	$t3,$t7
-
-	xor	$s0,$t0
-	xor	$s1,$t1
-	xor	$s2,$t2
-	xor	$s3,$t3
-
-	jr	$ra
-.end	_mips_AES_decrypt
-
-.align	5
-.globl	AES_decrypt
-.ent	AES_decrypt
-AES_decrypt:
-	.frame	$sp,$FRAMESIZE,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
-	.cpload	$pf
-___
-$code.=<<___;
-	$PTR_SUB $sp,$FRAMESIZE
-	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	\$15,$FRAMESIZE-11*$SZREG($sp)
-	$REG_S	\$14,$FRAMESIZE-12*$SZREG($sp)
-	$REG_S	\$13,$FRAMESIZE-13*$SZREG($sp)
-	$REG_S	\$12,$FRAMESIZE-14*$SZREG($sp)
-	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
-	.cplocal	$Tbl
-	.cpsetup	$pf,$zero,AES_decrypt
-___
-$code.=<<___;
-	.set	reorder
-	$LA	$Tbl,AES_Td		# PIC-ified 'load address'
-
-	lwl	$s0,0+$MSB($inp)
-	lwl	$s1,4+$MSB($inp)
-	lwl	$s2,8+$MSB($inp)
-	lwl	$s3,12+$MSB($inp)
-	lwr	$s0,0+$LSB($inp)
-	lwr	$s1,4+$LSB($inp)
-	lwr	$s2,8+$LSB($inp)
-	lwr	$s3,12+$LSB($inp)
-
-	bal	_mips_AES_decrypt
-
-	swr	$s0,0+$LSB($out)
-	swr	$s1,4+$LSB($out)
-	swr	$s2,8+$LSB($out)
-	swr	$s3,12+$LSB($out)
-	swl	$s0,0+$MSB($out)
-	swl	$s1,4+$MSB($out)
-	swl	$s2,8+$MSB($out)
-	swl	$s3,12+$MSB($out)
-
-	.set	noreorder
-	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	\$15,$FRAMESIZE-11*$SZREG($sp)
-	$REG_L	\$14,$FRAMESIZE-12*$SZREG($sp)
-	$REG_L	\$13,$FRAMESIZE-13*$SZREG($sp)
-	$REG_L	\$12,$FRAMESIZE-14*$SZREG($sp)
-	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE
-.end	AES_decrypt
-___
-}}}
-
-{{{
-my $FRAMESIZE=8*$SZREG;
-my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc000f008 : 0xc0000000;
-
-my ($inp,$bits,$key,$Tbl)=($a0,$a1,$a2,$a3);
-my ($rk0,$rk1,$rk2,$rk3,$rk4,$rk5,$rk6,$rk7)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
-my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
-my ($rcon,$cnt)=($gp,$fp);
-
-$code.=<<___;
-.align	5
-.ent	_mips_AES_set_encrypt_key
-_mips_AES_set_encrypt_key:
-	.frame	$sp,0,$ra
-	.set	noreorder
-	beqz	$inp,.Lekey_done
-	li	$t0,-1
-	beqz	$key,.Lekey_done
-	$PTR_ADD $rcon,$Tbl,1024+256
-
-	.set	reorder
-	lwl	$rk0,0+$MSB($inp)	# load 128 bits
-	lwl	$rk1,4+$MSB($inp)
-	lwl	$rk2,8+$MSB($inp)
-	lwl	$rk3,12+$MSB($inp)
-	li	$at,128
-	lwr	$rk0,0+$LSB($inp)
-	lwr	$rk1,4+$LSB($inp)
-	lwr	$rk2,8+$LSB($inp)
-	lwr	$rk3,12+$LSB($inp)
-	.set	noreorder
-	beq	$bits,$at,.L128bits
-	li	$cnt,10
-
-	.set	reorder
-	lwl	$rk4,16+$MSB($inp)	# load 192 bits
-	lwl	$rk5,20+$MSB($inp)
-	li	$at,192
-	lwr	$rk4,16+$LSB($inp)
-	lwr	$rk5,20+$LSB($inp)
-	.set	noreorder
-	beq	$bits,$at,.L192bits
-	li	$cnt,8
-
-	.set	reorder
-	lwl	$rk6,24+$MSB($inp)	# load 256 bits
-	lwl	$rk7,28+$MSB($inp)
-	li	$at,256
-	lwr	$rk6,24+$LSB($inp)
-	lwr	$rk7,28+$LSB($inp)
-	.set	noreorder
-	beq	$bits,$at,.L256bits
-	li	$cnt,7
-
-	b	.Lekey_done
-	li	$t0,-2
-
-.align	4
-.L128bits:
-	.set	reorder
-	srl	$i0,$rk3,16
-	srl	$i1,$rk3,8
-	and	$i0,0xff
-	and	$i1,0xff
-	and	$i2,$rk3,0xff
-	srl	$i3,$rk3,24
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$i0,1024($i0)
-	lbu	$i1,1024($i1)
-	lbu	$i2,1024($i2)
-	lbu	$i3,1024($i3)
-
-	sw	$rk0,0($key)
-	sw	$rk1,4($key)
-	sw	$rk2,8($key)
-	sw	$rk3,12($key)
-	sub	$cnt,1
-	$PTR_ADD $key,16
-
-	_bias	$i0,24
-	_bias	$i1,16
-	_bias	$i2,8
-	_bias	$i3,0
-
-	xor	$rk0,$i0
-	lw	$i0,0($rcon)
-	xor	$rk0,$i1
-	xor	$rk0,$i2
-	xor	$rk0,$i3
-	xor	$rk0,$i0
-
-	xor	$rk1,$rk0
-	xor	$rk2,$rk1
-	xor	$rk3,$rk2
-
-	.set	noreorder
-	bnez	$cnt,.L128bits
-	$PTR_ADD $rcon,4
-
-	sw	$rk0,0($key)
-	sw	$rk1,4($key)
-	sw	$rk2,8($key)
-	li	$cnt,10
-	sw	$rk3,12($key)
-	li	$t0,0
-	sw	$cnt,80($key)
-	b	.Lekey_done
-	$PTR_SUB $key,10*16
-
-.align	4
-.L192bits:
-	.set	reorder
-	srl	$i0,$rk5,16
-	srl	$i1,$rk5,8
-	and	$i0,0xff
-	and	$i1,0xff
-	and	$i2,$rk5,0xff
-	srl	$i3,$rk5,24
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$i0,1024($i0)
-	lbu	$i1,1024($i1)
-	lbu	$i2,1024($i2)
-	lbu	$i3,1024($i3)
-
-	sw	$rk0,0($key)
-	sw	$rk1,4($key)
-	sw	$rk2,8($key)
-	sw	$rk3,12($key)
-	sw	$rk4,16($key)
-	sw	$rk5,20($key)
-	sub	$cnt,1
-	$PTR_ADD $key,24
-
-	_bias	$i0,24
-	_bias	$i1,16
-	_bias	$i2,8
-	_bias	$i3,0
-
-	xor	$rk0,$i0
-	lw	$i0,0($rcon)
-	xor	$rk0,$i1
-	xor	$rk0,$i2
-	xor	$rk0,$i3
-	xor	$rk0,$i0
-
-	xor	$rk1,$rk0
-	xor	$rk2,$rk1
-	xor	$rk3,$rk2
-	xor	$rk4,$rk3
-	xor	$rk5,$rk4
-
-	.set	noreorder
-	bnez	$cnt,.L192bits
-	$PTR_ADD $rcon,4
-
-	sw	$rk0,0($key)
-	sw	$rk1,4($key)
-	sw	$rk2,8($key)
-	li	$cnt,12
-	sw	$rk3,12($key)
-	li	$t0,0
-	sw	$cnt,48($key)
-	b	.Lekey_done
-	$PTR_SUB $key,12*16
-
-.align	4
-.L256bits:
-	.set	reorder
-	srl	$i0,$rk7,16
-	srl	$i1,$rk7,8
-	and	$i0,0xff
-	and	$i1,0xff
-	and	$i2,$rk7,0xff
-	srl	$i3,$rk7,24
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$i0,1024($i0)
-	lbu	$i1,1024($i1)
-	lbu	$i2,1024($i2)
-	lbu	$i3,1024($i3)
-
-	sw	$rk0,0($key)
-	sw	$rk1,4($key)
-	sw	$rk2,8($key)
-	sw	$rk3,12($key)
-	sw	$rk4,16($key)
-	sw	$rk5,20($key)
-	sw	$rk6,24($key)
-	sw	$rk7,28($key)
-	sub	$cnt,1
-
-	_bias	$i0,24
-	_bias	$i1,16
-	_bias	$i2,8
-	_bias	$i3,0
-
-	xor	$rk0,$i0
-	lw	$i0,0($rcon)
-	xor	$rk0,$i1
-	xor	$rk0,$i2
-	xor	$rk0,$i3
-	xor	$rk0,$i0
-
-	xor	$rk1,$rk0
-	xor	$rk2,$rk1
-	xor	$rk3,$rk2
-	beqz	$cnt,.L256bits_done
-
-	srl	$i0,$rk3,24
-	srl	$i1,$rk3,16
-	srl	$i2,$rk3,8
-	and	$i3,$rk3,0xff
-	and	$i1,0xff
-	and	$i2,0xff
-	$PTR_ADD $i0,$Tbl
-	$PTR_ADD $i1,$Tbl
-	$PTR_ADD $i2,$Tbl
-	$PTR_ADD $i3,$Tbl
-	lbu	$i0,1024($i0)
-	lbu	$i1,1024($i1)
-	lbu	$i2,1024($i2)
-	lbu	$i3,1024($i3)
-	sll	$i0,24
-	sll	$i1,16
-	sll	$i2,8
-
-	xor	$rk4,$i0
-	xor	$rk4,$i1
-	xor	$rk4,$i2
-	xor	$rk4,$i3
-
-	xor	$rk5,$rk4
-	xor	$rk6,$rk5
-	xor	$rk7,$rk6
-
-	$PTR_ADD $key,32
-	.set	noreorder
-	b	.L256bits
-	$PTR_ADD $rcon,4
-
-.L256bits_done:
-	sw	$rk0,32($key)
-	sw	$rk1,36($key)
-	sw	$rk2,40($key)
-	li	$cnt,14
-	sw	$rk3,44($key)
-	li	$t0,0
-	sw	$cnt,48($key)
-	$PTR_SUB $key,12*16
-
-.Lekey_done:
-	jr	$ra
-	nop
-.end	_mips_AES_set_encrypt_key
-
-.globl	AES_set_encrypt_key
-.ent	AES_set_encrypt_key
-AES_set_encrypt_key:
-	.frame	$sp,$FRAMESIZE,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
-	.cpload	$pf
-___
-$code.=<<___;
-	$PTR_SUB $sp,$FRAMESIZE
-	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	$s3,$FRAMESIZE-3*$SZREG($sp)
-	$REG_S	$s2,$FRAMESIZE-4*$SZREG($sp)
-	$REG_S	$s1,$FRAMESIZE-5*$SZREG($sp)
-	$REG_S	$s0,$FRAMESIZE-6*$SZREG($sp)
-	$REG_S	$gp,$FRAMESIZE-7*$SZREG($sp)
-___
-$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
-	.cplocal	$Tbl
-	.cpsetup	$pf,$zero,AES_set_encrypt_key
-___
-$code.=<<___;
-	.set	reorder
-	$LA	$Tbl,AES_Te		# PIC-ified 'load address'
-
-	bal	_mips_AES_set_encrypt_key
-
-	.set	noreorder
-	move	$a0,$t0
-	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
-	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
-	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
-	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
-	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE
-.end	AES_set_encrypt_key
-___
-
-my ($head,$tail)=($inp,$bits);
-my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
-my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
-$code.=<<___;
-.align	5
-.globl	AES_set_decrypt_key
-.ent	AES_set_decrypt_key
-AES_set_decrypt_key:
-	.frame	$sp,$FRAMESIZE,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
-	.cpload	$pf
-___
-$code.=<<___;
-	$PTR_SUB $sp,$FRAMESIZE
-	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	$s3,$FRAMESIZE-3*$SZREG($sp)
-	$REG_S	$s2,$FRAMESIZE-4*$SZREG($sp)
-	$REG_S	$s1,$FRAMESIZE-5*$SZREG($sp)
-	$REG_S	$s0,$FRAMESIZE-6*$SZREG($sp)
-	$REG_S	$gp,$FRAMESIZE-7*$SZREG($sp)
-___
-$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
-	.cplocal	$Tbl
-	.cpsetup	$pf,$zero,AES_set_decrypt_key
-___
-$code.=<<___;
-	.set	reorder
-	$LA	$Tbl,AES_Te		# PIC-ified 'load address'
-
-	bal	_mips_AES_set_encrypt_key
-
-	bltz	$t0,.Ldkey_done
-
-	sll	$at,$cnt,4
-	$PTR_ADD $head,$key,0
-	$PTR_ADD $tail,$key,$at
-.align	4
-.Lswap:
-	lw	$rk0,0($head)
-	lw	$rk1,4($head)
-	lw	$rk2,8($head)
-	lw	$rk3,12($head)
-	lw	$rk4,0($tail)
-	lw	$rk5,4($tail)
-	lw	$rk6,8($tail)
-	lw	$rk7,12($tail)
-	sw	$rk0,0($tail)
-	sw	$rk1,4($tail)
-	sw	$rk2,8($tail)
-	sw	$rk3,12($tail)
-	$PTR_ADD $head,16
-	$PTR_SUB $tail,16
-	sw	$rk4,-16($head)
-	sw	$rk5,-12($head)
-	sw	$rk6,-8($head)
-	sw	$rk7,-4($head)
-	bne	$head,$tail,.Lswap
-
-	lw	$tp1,16($key)		# modulo-scheduled
-	lui	$x80808080,0x8080
-	sub	$cnt,1
-	or	$x80808080,0x8080
-	sll	$cnt,2
-	$PTR_ADD $key,16
-	lui	$x1b1b1b1b,0x1b1b
-	nor	$x7f7f7f7f,$zero,$x80808080
-	or	$x1b1b1b1b,0x1b1b
-.align	4
-.Lmix:
-	and	$m,$tp1,$x80808080
-	and	$tp2,$tp1,$x7f7f7f7f
-	srl	$tp4,$m,7
-	addu	$tp2,$tp2		# tp2<<1
-	subu	$m,$tp4
-	and	$m,$x1b1b1b1b
-	xor	$tp2,$m
-
-	and	$m,$tp2,$x80808080
-	and	$tp4,$tp2,$x7f7f7f7f
-	srl	$tp8,$m,7
-	addu	$tp4,$tp4		# tp4<<1
-	subu	$m,$tp8
-	and	$m,$x1b1b1b1b
-	xor	$tp4,$m
-
-	and	$m,$tp4,$x80808080
-	and	$tp8,$tp4,$x7f7f7f7f
-	srl	$tp9,$m,7
-	addu	$tp8,$tp8		# tp8<<1
-	subu	$m,$tp9
-	and	$m,$x1b1b1b1b
-	xor	$tp8,$m
-
-	xor	$tp9,$tp8,$tp1
-	xor	$tpe,$tp8,$tp4
-	xor	$tpb,$tp9,$tp2
-	xor	$tpd,$tp9,$tp4
-
-	_ror	$tp1,$tpd,16
-	 xor	$tpe,$tp2
-	_ror	$tp2,$tpd,-16
-	xor	$tpe,$tp1
-	_ror	$tp1,$tp9,8
-	xor	$tpe,$tp2
-	_ror	$tp2,$tp9,-24
-	xor	$tpe,$tp1
-	_ror	$tp1,$tpb,24
-	xor	$tpe,$tp2
-	_ror	$tp2,$tpb,-8
-	xor	$tpe,$tp1
-	lw	$tp1,4($key)		# modulo-scheduled
-	xor	$tpe,$tp2
-	sub	$cnt,1
-	sw	$tpe,0($key)
-	$PTR_ADD $key,4
-	bnez	$cnt,.Lmix
-
-	li	$t0,0
-.Ldkey_done:
-	.set	noreorder
-	move	$a0,$t0
-	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
-	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
-	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
-	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
-	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE
-.end	AES_set_decrypt_key
-___
-}}}
-
-######################################################################
-# Tables are kept in endian-neutral manner
-$code.=<<___;
-.rdata
-.align	6
-AES_Te:
-.byte	0xc6,0x63,0x63,0xa5,	0xf8,0x7c,0x7c,0x84	# Te0
-.byte	0xee,0x77,0x77,0x99,	0xf6,0x7b,0x7b,0x8d
-.byte	0xff,0xf2,0xf2,0x0d,	0xd6,0x6b,0x6b,0xbd
-.byte	0xde,0x6f,0x6f,0xb1,	0x91,0xc5,0xc5,0x54
-.byte	0x60,0x30,0x30,0x50,	0x02,0x01,0x01,0x03
-.byte	0xce,0x67,0x67,0xa9,	0x56,0x2b,0x2b,0x7d
-.byte	0xe7,0xfe,0xfe,0x19,	0xb5,0xd7,0xd7,0x62
-.byte	0x4d,0xab,0xab,0xe6,	0xec,0x76,0x76,0x9a
-.byte	0x8f,0xca,0xca,0x45,	0x1f,0x82,0x82,0x9d
-.byte	0x89,0xc9,0xc9,0x40,	0xfa,0x7d,0x7d,0x87
-.byte	0xef,0xfa,0xfa,0x15,	0xb2,0x59,0x59,0xeb
-.byte	0x8e,0x47,0x47,0xc9,	0xfb,0xf0,0xf0,0x0b
-.byte	0x41,0xad,0xad,0xec,	0xb3,0xd4,0xd4,0x67
-.byte	0x5f,0xa2,0xa2,0xfd,	0x45,0xaf,0xaf,0xea
-.byte	0x23,0x9c,0x9c,0xbf,	0x53,0xa4,0xa4,0xf7
-.byte	0xe4,0x72,0x72,0x96,	0x9b,0xc0,0xc0,0x5b
-.byte	0x75,0xb7,0xb7,0xc2,	0xe1,0xfd,0xfd,0x1c
-.byte	0x3d,0x93,0x93,0xae,	0x4c,0x26,0x26,0x6a
-.byte	0x6c,0x36,0x36,0x5a,	0x7e,0x3f,0x3f,0x41
-.byte	0xf5,0xf7,0xf7,0x02,	0x83,0xcc,0xcc,0x4f
-.byte	0x68,0x34,0x34,0x5c,	0x51,0xa5,0xa5,0xf4
-.byte	0xd1,0xe5,0xe5,0x34,	0xf9,0xf1,0xf1,0x08
-.byte	0xe2,0x71,0x71,0x93,	0xab,0xd8,0xd8,0x73
-.byte	0x62,0x31,0x31,0x53,	0x2a,0x15,0x15,0x3f
-.byte	0x08,0x04,0x04,0x0c,	0x95,0xc7,0xc7,0x52
-.byte	0x46,0x23,0x23,0x65,	0x9d,0xc3,0xc3,0x5e
-.byte	0x30,0x18,0x18,0x28,	0x37,0x96,0x96,0xa1
-.byte	0x0a,0x05,0x05,0x0f,	0x2f,0x9a,0x9a,0xb5
-.byte	0x0e,0x07,0x07,0x09,	0x24,0x12,0x12,0x36
-.byte	0x1b,0x80,0x80,0x9b,	0xdf,0xe2,0xe2,0x3d
-.byte	0xcd,0xeb,0xeb,0x26,	0x4e,0x27,0x27,0x69
-.byte	0x7f,0xb2,0xb2,0xcd,	0xea,0x75,0x75,0x9f
-.byte	0x12,0x09,0x09,0x1b,	0x1d,0x83,0x83,0x9e
-.byte	0x58,0x2c,0x2c,0x74,	0x34,0x1a,0x1a,0x2e
-.byte	0x36,0x1b,0x1b,0x2d,	0xdc,0x6e,0x6e,0xb2
-.byte	0xb4,0x5a,0x5a,0xee,	0x5b,0xa0,0xa0,0xfb
-.byte	0xa4,0x52,0x52,0xf6,	0x76,0x3b,0x3b,0x4d
-.byte	0xb7,0xd6,0xd6,0x61,	0x7d,0xb3,0xb3,0xce
-.byte	0x52,0x29,0x29,0x7b,	0xdd,0xe3,0xe3,0x3e
-.byte	0x5e,0x2f,0x2f,0x71,	0x13,0x84,0x84,0x97
-.byte	0xa6,0x53,0x53,0xf5,	0xb9,0xd1,0xd1,0x68
-.byte	0x00,0x00,0x00,0x00,	0xc1,0xed,0xed,0x2c
-.byte	0x40,0x20,0x20,0x60,	0xe3,0xfc,0xfc,0x1f
-.byte	0x79,0xb1,0xb1,0xc8,	0xb6,0x5b,0x5b,0xed
-.byte	0xd4,0x6a,0x6a,0xbe,	0x8d,0xcb,0xcb,0x46
-.byte	0x67,0xbe,0xbe,0xd9,	0x72,0x39,0x39,0x4b
-.byte	0x94,0x4a,0x4a,0xde,	0x98,0x4c,0x4c,0xd4
-.byte	0xb0,0x58,0x58,0xe8,	0x85,0xcf,0xcf,0x4a
-.byte	0xbb,0xd0,0xd0,0x6b,	0xc5,0xef,0xef,0x2a
-.byte	0x4f,0xaa,0xaa,0xe5,	0xed,0xfb,0xfb,0x16
-.byte	0x86,0x43,0x43,0xc5,	0x9a,0x4d,0x4d,0xd7
-.byte	0x66,0x33,0x33,0x55,	0x11,0x85,0x85,0x94
-.byte	0x8a,0x45,0x45,0xcf,	0xe9,0xf9,0xf9,0x10
-.byte	0x04,0x02,0x02,0x06,	0xfe,0x7f,0x7f,0x81
-.byte	0xa0,0x50,0x50,0xf0,	0x78,0x3c,0x3c,0x44
-.byte	0x25,0x9f,0x9f,0xba,	0x4b,0xa8,0xa8,0xe3
-.byte	0xa2,0x51,0x51,0xf3,	0x5d,0xa3,0xa3,0xfe
-.byte	0x80,0x40,0x40,0xc0,	0x05,0x8f,0x8f,0x8a
-.byte	0x3f,0x92,0x92,0xad,	0x21,0x9d,0x9d,0xbc
-.byte	0x70,0x38,0x38,0x48,	0xf1,0xf5,0xf5,0x04
-.byte	0x63,0xbc,0xbc,0xdf,	0x77,0xb6,0xb6,0xc1
-.byte	0xaf,0xda,0xda,0x75,	0x42,0x21,0x21,0x63
-.byte	0x20,0x10,0x10,0x30,	0xe5,0xff,0xff,0x1a
-.byte	0xfd,0xf3,0xf3,0x0e,	0xbf,0xd2,0xd2,0x6d
-.byte	0x81,0xcd,0xcd,0x4c,	0x18,0x0c,0x0c,0x14
-.byte	0x26,0x13,0x13,0x35,	0xc3,0xec,0xec,0x2f
-.byte	0xbe,0x5f,0x5f,0xe1,	0x35,0x97,0x97,0xa2
-.byte	0x88,0x44,0x44,0xcc,	0x2e,0x17,0x17,0x39
-.byte	0x93,0xc4,0xc4,0x57,	0x55,0xa7,0xa7,0xf2
-.byte	0xfc,0x7e,0x7e,0x82,	0x7a,0x3d,0x3d,0x47
-.byte	0xc8,0x64,0x64,0xac,	0xba,0x5d,0x5d,0xe7
-.byte	0x32,0x19,0x19,0x2b,	0xe6,0x73,0x73,0x95
-.byte	0xc0,0x60,0x60,0xa0,	0x19,0x81,0x81,0x98
-.byte	0x9e,0x4f,0x4f,0xd1,	0xa3,0xdc,0xdc,0x7f
-.byte	0x44,0x22,0x22,0x66,	0x54,0x2a,0x2a,0x7e
-.byte	0x3b,0x90,0x90,0xab,	0x0b,0x88,0x88,0x83
-.byte	0x8c,0x46,0x46,0xca,	0xc7,0xee,0xee,0x29
-.byte	0x6b,0xb8,0xb8,0xd3,	0x28,0x14,0x14,0x3c
-.byte	0xa7,0xde,0xde,0x79,	0xbc,0x5e,0x5e,0xe2
-.byte	0x16,0x0b,0x0b,0x1d,	0xad,0xdb,0xdb,0x76
-.byte	0xdb,0xe0,0xe0,0x3b,	0x64,0x32,0x32,0x56
-.byte	0x74,0x3a,0x3a,0x4e,	0x14,0x0a,0x0a,0x1e
-.byte	0x92,0x49,0x49,0xdb,	0x0c,0x06,0x06,0x0a
-.byte	0x48,0x24,0x24,0x6c,	0xb8,0x5c,0x5c,0xe4
-.byte	0x9f,0xc2,0xc2,0x5d,	0xbd,0xd3,0xd3,0x6e
-.byte	0x43,0xac,0xac,0xef,	0xc4,0x62,0x62,0xa6
-.byte	0x39,0x91,0x91,0xa8,	0x31,0x95,0x95,0xa4
-.byte	0xd3,0xe4,0xe4,0x37,	0xf2,0x79,0x79,0x8b
-.byte	0xd5,0xe7,0xe7,0x32,	0x8b,0xc8,0xc8,0x43
-.byte	0x6e,0x37,0x37,0x59,	0xda,0x6d,0x6d,0xb7
-.byte	0x01,0x8d,0x8d,0x8c,	0xb1,0xd5,0xd5,0x64
-.byte	0x9c,0x4e,0x4e,0xd2,	0x49,0xa9,0xa9,0xe0
-.byte	0xd8,0x6c,0x6c,0xb4,	0xac,0x56,0x56,0xfa
-.byte	0xf3,0xf4,0xf4,0x07,	0xcf,0xea,0xea,0x25
-.byte	0xca,0x65,0x65,0xaf,	0xf4,0x7a,0x7a,0x8e
-.byte	0x47,0xae,0xae,0xe9,	0x10,0x08,0x08,0x18
-.byte	0x6f,0xba,0xba,0xd5,	0xf0,0x78,0x78,0x88
-.byte	0x4a,0x25,0x25,0x6f,	0x5c,0x2e,0x2e,0x72
-.byte	0x38,0x1c,0x1c,0x24,	0x57,0xa6,0xa6,0xf1
-.byte	0x73,0xb4,0xb4,0xc7,	0x97,0xc6,0xc6,0x51
-.byte	0xcb,0xe8,0xe8,0x23,	0xa1,0xdd,0xdd,0x7c
-.byte	0xe8,0x74,0x74,0x9c,	0x3e,0x1f,0x1f,0x21
-.byte	0x96,0x4b,0x4b,0xdd,	0x61,0xbd,0xbd,0xdc
-.byte	0x0d,0x8b,0x8b,0x86,	0x0f,0x8a,0x8a,0x85
-.byte	0xe0,0x70,0x70,0x90,	0x7c,0x3e,0x3e,0x42
-.byte	0x71,0xb5,0xb5,0xc4,	0xcc,0x66,0x66,0xaa
-.byte	0x90,0x48,0x48,0xd8,	0x06,0x03,0x03,0x05
-.byte	0xf7,0xf6,0xf6,0x01,	0x1c,0x0e,0x0e,0x12
-.byte	0xc2,0x61,0x61,0xa3,	0x6a,0x35,0x35,0x5f
-.byte	0xae,0x57,0x57,0xf9,	0x69,0xb9,0xb9,0xd0
-.byte	0x17,0x86,0x86,0x91,	0x99,0xc1,0xc1,0x58
-.byte	0x3a,0x1d,0x1d,0x27,	0x27,0x9e,0x9e,0xb9
-.byte	0xd9,0xe1,0xe1,0x38,	0xeb,0xf8,0xf8,0x13
-.byte	0x2b,0x98,0x98,0xb3,	0x22,0x11,0x11,0x33
-.byte	0xd2,0x69,0x69,0xbb,	0xa9,0xd9,0xd9,0x70
-.byte	0x07,0x8e,0x8e,0x89,	0x33,0x94,0x94,0xa7
-.byte	0x2d,0x9b,0x9b,0xb6,	0x3c,0x1e,0x1e,0x22
-.byte	0x15,0x87,0x87,0x92,	0xc9,0xe9,0xe9,0x20
-.byte	0x87,0xce,0xce,0x49,	0xaa,0x55,0x55,0xff
-.byte	0x50,0x28,0x28,0x78,	0xa5,0xdf,0xdf,0x7a
-.byte	0x03,0x8c,0x8c,0x8f,	0x59,0xa1,0xa1,0xf8
-.byte	0x09,0x89,0x89,0x80,	0x1a,0x0d,0x0d,0x17
-.byte	0x65,0xbf,0xbf,0xda,	0xd7,0xe6,0xe6,0x31
-.byte	0x84,0x42,0x42,0xc6,	0xd0,0x68,0x68,0xb8
-.byte	0x82,0x41,0x41,0xc3,	0x29,0x99,0x99,0xb0
-.byte	0x5a,0x2d,0x2d,0x77,	0x1e,0x0f,0x0f,0x11
-.byte	0x7b,0xb0,0xb0,0xcb,	0xa8,0x54,0x54,0xfc
-.byte	0x6d,0xbb,0xbb,0xd6,	0x2c,0x16,0x16,0x3a
-
-.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5	# Te4
-.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-
-.byte	0x01,0x00,0x00,0x00,	0x02,0x00,0x00,0x00	# rcon
-.byte	0x04,0x00,0x00,0x00,	0x08,0x00,0x00,0x00
-.byte	0x10,0x00,0x00,0x00,	0x20,0x00,0x00,0x00
-.byte	0x40,0x00,0x00,0x00,	0x80,0x00,0x00,0x00
-.byte	0x1B,0x00,0x00,0x00,	0x36,0x00,0x00,0x00
-
-.align	6
-AES_Td:
-.byte	0x51,0xf4,0xa7,0x50,	0x7e,0x41,0x65,0x53	# Td0
-.byte	0x1a,0x17,0xa4,0xc3,	0x3a,0x27,0x5e,0x96
-.byte	0x3b,0xab,0x6b,0xcb,	0x1f,0x9d,0x45,0xf1
-.byte	0xac,0xfa,0x58,0xab,	0x4b,0xe3,0x03,0x93
-.byte	0x20,0x30,0xfa,0x55,	0xad,0x76,0x6d,0xf6
-.byte	0x88,0xcc,0x76,0x91,	0xf5,0x02,0x4c,0x25
-.byte	0x4f,0xe5,0xd7,0xfc,	0xc5,0x2a,0xcb,0xd7
-.byte	0x26,0x35,0x44,0x80,	0xb5,0x62,0xa3,0x8f
-.byte	0xde,0xb1,0x5a,0x49,	0x25,0xba,0x1b,0x67
-.byte	0x45,0xea,0x0e,0x98,	0x5d,0xfe,0xc0,0xe1
-.byte	0xc3,0x2f,0x75,0x02,	0x81,0x4c,0xf0,0x12
-.byte	0x8d,0x46,0x97,0xa3,	0x6b,0xd3,0xf9,0xc6
-.byte	0x03,0x8f,0x5f,0xe7,	0x15,0x92,0x9c,0x95
-.byte	0xbf,0x6d,0x7a,0xeb,	0x95,0x52,0x59,0xda
-.byte	0xd4,0xbe,0x83,0x2d,	0x58,0x74,0x21,0xd3
-.byte	0x49,0xe0,0x69,0x29,	0x8e,0xc9,0xc8,0x44
-.byte	0x75,0xc2,0x89,0x6a,	0xf4,0x8e,0x79,0x78
-.byte	0x99,0x58,0x3e,0x6b,	0x27,0xb9,0x71,0xdd
-.byte	0xbe,0xe1,0x4f,0xb6,	0xf0,0x88,0xad,0x17
-.byte	0xc9,0x20,0xac,0x66,	0x7d,0xce,0x3a,0xb4
-.byte	0x63,0xdf,0x4a,0x18,	0xe5,0x1a,0x31,0x82
-.byte	0x97,0x51,0x33,0x60,	0x62,0x53,0x7f,0x45
-.byte	0xb1,0x64,0x77,0xe0,	0xbb,0x6b,0xae,0x84
-.byte	0xfe,0x81,0xa0,0x1c,	0xf9,0x08,0x2b,0x94
-.byte	0x70,0x48,0x68,0x58,	0x8f,0x45,0xfd,0x19
-.byte	0x94,0xde,0x6c,0x87,	0x52,0x7b,0xf8,0xb7
-.byte	0xab,0x73,0xd3,0x23,	0x72,0x4b,0x02,0xe2
-.byte	0xe3,0x1f,0x8f,0x57,	0x66,0x55,0xab,0x2a
-.byte	0xb2,0xeb,0x28,0x07,	0x2f,0xb5,0xc2,0x03
-.byte	0x86,0xc5,0x7b,0x9a,	0xd3,0x37,0x08,0xa5
-.byte	0x30,0x28,0x87,0xf2,	0x23,0xbf,0xa5,0xb2
-.byte	0x02,0x03,0x6a,0xba,	0xed,0x16,0x82,0x5c
-.byte	0x8a,0xcf,0x1c,0x2b,	0xa7,0x79,0xb4,0x92
-.byte	0xf3,0x07,0xf2,0xf0,	0x4e,0x69,0xe2,0xa1
-.byte	0x65,0xda,0xf4,0xcd,	0x06,0x05,0xbe,0xd5
-.byte	0xd1,0x34,0x62,0x1f,	0xc4,0xa6,0xfe,0x8a
-.byte	0x34,0x2e,0x53,0x9d,	0xa2,0xf3,0x55,0xa0
-.byte	0x05,0x8a,0xe1,0x32,	0xa4,0xf6,0xeb,0x75
-.byte	0x0b,0x83,0xec,0x39,	0x40,0x60,0xef,0xaa
-.byte	0x5e,0x71,0x9f,0x06,	0xbd,0x6e,0x10,0x51
-.byte	0x3e,0x21,0x8a,0xf9,	0x96,0xdd,0x06,0x3d
-.byte	0xdd,0x3e,0x05,0xae,	0x4d,0xe6,0xbd,0x46
-.byte	0x91,0x54,0x8d,0xb5,	0x71,0xc4,0x5d,0x05
-.byte	0x04,0x06,0xd4,0x6f,	0x60,0x50,0x15,0xff
-.byte	0x19,0x98,0xfb,0x24,	0xd6,0xbd,0xe9,0x97
-.byte	0x89,0x40,0x43,0xcc,	0x67,0xd9,0x9e,0x77
-.byte	0xb0,0xe8,0x42,0xbd,	0x07,0x89,0x8b,0x88
-.byte	0xe7,0x19,0x5b,0x38,	0x79,0xc8,0xee,0xdb
-.byte	0xa1,0x7c,0x0a,0x47,	0x7c,0x42,0x0f,0xe9
-.byte	0xf8,0x84,0x1e,0xc9,	0x00,0x00,0x00,0x00
-.byte	0x09,0x80,0x86,0x83,	0x32,0x2b,0xed,0x48
-.byte	0x1e,0x11,0x70,0xac,	0x6c,0x5a,0x72,0x4e
-.byte	0xfd,0x0e,0xff,0xfb,	0x0f,0x85,0x38,0x56
-.byte	0x3d,0xae,0xd5,0x1e,	0x36,0x2d,0x39,0x27
-.byte	0x0a,0x0f,0xd9,0x64,	0x68,0x5c,0xa6,0x21
-.byte	0x9b,0x5b,0x54,0xd1,	0x24,0x36,0x2e,0x3a
-.byte	0x0c,0x0a,0x67,0xb1,	0x93,0x57,0xe7,0x0f
-.byte	0xb4,0xee,0x96,0xd2,	0x1b,0x9b,0x91,0x9e
-.byte	0x80,0xc0,0xc5,0x4f,	0x61,0xdc,0x20,0xa2
-.byte	0x5a,0x77,0x4b,0x69,	0x1c,0x12,0x1a,0x16
-.byte	0xe2,0x93,0xba,0x0a,	0xc0,0xa0,0x2a,0xe5
-.byte	0x3c,0x22,0xe0,0x43,	0x12,0x1b,0x17,0x1d
-.byte	0x0e,0x09,0x0d,0x0b,	0xf2,0x8b,0xc7,0xad
-.byte	0x2d,0xb6,0xa8,0xb9,	0x14,0x1e,0xa9,0xc8
-.byte	0x57,0xf1,0x19,0x85,	0xaf,0x75,0x07,0x4c
-.byte	0xee,0x99,0xdd,0xbb,	0xa3,0x7f,0x60,0xfd
-.byte	0xf7,0x01,0x26,0x9f,	0x5c,0x72,0xf5,0xbc
-.byte	0x44,0x66,0x3b,0xc5,	0x5b,0xfb,0x7e,0x34
-.byte	0x8b,0x43,0x29,0x76,	0xcb,0x23,0xc6,0xdc
-.byte	0xb6,0xed,0xfc,0x68,	0xb8,0xe4,0xf1,0x63
-.byte	0xd7,0x31,0xdc,0xca,	0x42,0x63,0x85,0x10
-.byte	0x13,0x97,0x22,0x40,	0x84,0xc6,0x11,0x20
-.byte	0x85,0x4a,0x24,0x7d,	0xd2,0xbb,0x3d,0xf8
-.byte	0xae,0xf9,0x32,0x11,	0xc7,0x29,0xa1,0x6d
-.byte	0x1d,0x9e,0x2f,0x4b,	0xdc,0xb2,0x30,0xf3
-.byte	0x0d,0x86,0x52,0xec,	0x77,0xc1,0xe3,0xd0
-.byte	0x2b,0xb3,0x16,0x6c,	0xa9,0x70,0xb9,0x99
-.byte	0x11,0x94,0x48,0xfa,	0x47,0xe9,0x64,0x22
-.byte	0xa8,0xfc,0x8c,0xc4,	0xa0,0xf0,0x3f,0x1a
-.byte	0x56,0x7d,0x2c,0xd8,	0x22,0x33,0x90,0xef
-.byte	0x87,0x49,0x4e,0xc7,	0xd9,0x38,0xd1,0xc1
-.byte	0x8c,0xca,0xa2,0xfe,	0x98,0xd4,0x0b,0x36
-.byte	0xa6,0xf5,0x81,0xcf,	0xa5,0x7a,0xde,0x28
-.byte	0xda,0xb7,0x8e,0x26,	0x3f,0xad,0xbf,0xa4
-.byte	0x2c,0x3a,0x9d,0xe4,	0x50,0x78,0x92,0x0d
-.byte	0x6a,0x5f,0xcc,0x9b,	0x54,0x7e,0x46,0x62
-.byte	0xf6,0x8d,0x13,0xc2,	0x90,0xd8,0xb8,0xe8
-.byte	0x2e,0x39,0xf7,0x5e,	0x82,0xc3,0xaf,0xf5
-.byte	0x9f,0x5d,0x80,0xbe,	0x69,0xd0,0x93,0x7c
-.byte	0x6f,0xd5,0x2d,0xa9,	0xcf,0x25,0x12,0xb3
-.byte	0xc8,0xac,0x99,0x3b,	0x10,0x18,0x7d,0xa7
-.byte	0xe8,0x9c,0x63,0x6e,	0xdb,0x3b,0xbb,0x7b
-.byte	0xcd,0x26,0x78,0x09,	0x6e,0x59,0x18,0xf4
-.byte	0xec,0x9a,0xb7,0x01,	0x83,0x4f,0x9a,0xa8
-.byte	0xe6,0x95,0x6e,0x65,	0xaa,0xff,0xe6,0x7e
-.byte	0x21,0xbc,0xcf,0x08,	0xef,0x15,0xe8,0xe6
-.byte	0xba,0xe7,0x9b,0xd9,	0x4a,0x6f,0x36,0xce
-.byte	0xea,0x9f,0x09,0xd4,	0x29,0xb0,0x7c,0xd6
-.byte	0x31,0xa4,0xb2,0xaf,	0x2a,0x3f,0x23,0x31
-.byte	0xc6,0xa5,0x94,0x30,	0x35,0xa2,0x66,0xc0
-.byte	0x74,0x4e,0xbc,0x37,	0xfc,0x82,0xca,0xa6
-.byte	0xe0,0x90,0xd0,0xb0,	0x33,0xa7,0xd8,0x15
-.byte	0xf1,0x04,0x98,0x4a,	0x41,0xec,0xda,0xf7
-.byte	0x7f,0xcd,0x50,0x0e,	0x17,0x91,0xf6,0x2f
-.byte	0x76,0x4d,0xd6,0x8d,	0x43,0xef,0xb0,0x4d
-.byte	0xcc,0xaa,0x4d,0x54,	0xe4,0x96,0x04,0xdf
-.byte	0x9e,0xd1,0xb5,0xe3,	0x4c,0x6a,0x88,0x1b
-.byte	0xc1,0x2c,0x1f,0xb8,	0x46,0x65,0x51,0x7f
-.byte	0x9d,0x5e,0xea,0x04,	0x01,0x8c,0x35,0x5d
-.byte	0xfa,0x87,0x74,0x73,	0xfb,0x0b,0x41,0x2e
-.byte	0xb3,0x67,0x1d,0x5a,	0x92,0xdb,0xd2,0x52
-.byte	0xe9,0x10,0x56,0x33,	0x6d,0xd6,0x47,0x13
-.byte	0x9a,0xd7,0x61,0x8c,	0x37,0xa1,0x0c,0x7a
-.byte	0x59,0xf8,0x14,0x8e,	0xeb,0x13,0x3c,0x89
-.byte	0xce,0xa9,0x27,0xee,	0xb7,0x61,0xc9,0x35
-.byte	0xe1,0x1c,0xe5,0xed,	0x7a,0x47,0xb1,0x3c
-.byte	0x9c,0xd2,0xdf,0x59,	0x55,0xf2,0x73,0x3f
-.byte	0x18,0x14,0xce,0x79,	0x73,0xc7,0x37,0xbf
-.byte	0x53,0xf7,0xcd,0xea,	0x5f,0xfd,0xaa,0x5b
-.byte	0xdf,0x3d,0x6f,0x14,	0x78,0x44,0xdb,0x86
-.byte	0xca,0xaf,0xf3,0x81,	0xb9,0x68,0xc4,0x3e
-.byte	0x38,0x24,0x34,0x2c,	0xc2,0xa3,0x40,0x5f
-.byte	0x16,0x1d,0xc3,0x72,	0xbc,0xe2,0x25,0x0c
-.byte	0x28,0x3c,0x49,0x8b,	0xff,0x0d,0x95,0x41
-.byte	0x39,0xa8,0x01,0x71,	0x08,0x0c,0xb3,0xde
-.byte	0xd8,0xb4,0xe4,0x9c,	0x64,0x56,0xc1,0x90
-.byte	0x7b,0xcb,0x84,0x61,	0xd5,0x32,0xb6,0x70
-.byte	0x48,0x6c,0x5c,0x74,	0xd0,0xb8,0x57,0x42
-
-.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38	# Td4
-.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-___
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-
-	# made-up _instructions, _xtr, _ins, _ror and _bias, cope
-	# with byte order dependencies...
-	if (/^\s+_/) {
-	    s/(_[a-z]+\s+)(\$[0-9]+),([^,]+)(#.*)*$/$1$2,$2,$3/;
-
-	    s/_xtr\s+(\$[0-9]+),(\$[0-9]+),([0-9]+(\-2)*)/
-		sprintf("srl\t$1,$2,%d",$big_endian ?	eval($3)
-					:		eval("24-$3"))/e or
-	    s/_ins\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
-		sprintf("sll\t$1,$2,%d",$big_endian ?	eval($3)
-					:		eval("24-$3"))/e or
-	    s/_ror\s+(\$[0-9]+),(\$[0-9]+),(\-?[0-9]+)/
-		sprintf("srl\t$1,$2,%d",$big_endian ?	eval($3)
-					:		eval("$3*-1"))/e or
-	    s/_bias\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
-		sprintf("sll\t$1,$2,%d",$big_endian ?	eval($3)
-					:		eval("($3-16)&31"))/e;
-
-	    s/srl\s+(\$[0-9]+),(\$[0-9]+),\-([0-9]+)/
-		sprintf("sll\t$1,$2,$3")/e				or
-	    s/srl\s+(\$[0-9]+),(\$[0-9]+),0/
-		sprintf("and\t$1,$2,0xff")/e				or
-	    s/(sll\s+\$[0-9]+,\$[0-9]+,0)/#$1/;
-	}
-
-	# convert lwl/lwr and swr/swl to little-endian order
-	if (!$big_endian && /^\s+[sl]w[lr]\s+/) {
-	    s/([sl]wl.*)([0-9]+)\((\$[0-9]+)\)/
-		sprintf("$1%d($3)",eval("$2-$2%4+($2%4-1)&3"))/e	or
-	    s/([sl]wr.*)([0-9]+)\((\$[0-9]+)\)/
-		sprintf("$1%d($3)",eval("$2-$2%4+($2%4+1)&3"))/e;
-	}
-
-	print $_,"\n";
-}
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/aes-parisc.pl b/lib/libssl/src/crypto/aes/asm/aes-parisc.pl
deleted file mode 100644
index f12a1c18ec2..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-parisc.pl
+++ /dev/null
@@ -1,1028 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# AES for PA-RISC.
-#
-# June 2009.
-#
-# The module is mechanical transliteration of aes-sparcv9.pl, but with
-# a twist: S-boxes are compressed even further down to 1K+256B. On
-# PA-7100LC performance is ~40% better than gcc 3.2 generated code and
-# is about 33 cycles per byte processed with 128-bit key. Newer CPUs
-# perform at 16 cycles per byte. It's not faster than code generated
-# by vendor compiler, but recall that it has compressed S-boxes, which
-# requires extra processing.
-#
-# Special thanks to polarhome.com for providing HP-UX account.
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-} else {
-	$LEVEL		="1.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-}
-
-$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
-				#                 [+ argument transfer]
-$inp="%r26";	# arg0
-$out="%r25";	# arg1
-$key="%r24";	# arg2
-
-($s0,$s1,$s2,$s3) = ("%r1","%r2","%r3","%r4");
-($t0,$t1,$t2,$t3) = ("%r5","%r6","%r7","%r8");
-
-($acc0, $acc1, $acc2, $acc3, $acc4, $acc5, $acc6, $acc7,
- $acc8, $acc9,$acc10,$acc11,$acc12,$acc13,$acc14,$acc15) =
-("%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16",
-"%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r26");
-
-$tbl="%r28";
-$rounds="%r29";
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	AES_encrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
-	.ALIGN	64
-AES_encrypt
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
-	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
-	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
-	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
-	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
-	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
-	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
-
-	blr	%r0,$tbl
-	ldi	3,$t0
-L\$enc_pic
-	andcm	$tbl,$t0,$tbl
-	ldo	L\$AES_Te-L\$enc_pic($tbl),$tbl
-
-	and	$inp,$t0,$t0
-	sub	$inp,$t0,$inp
-	ldw	0($inp),$s0
-	ldw	4($inp),$s1
-	ldw	8($inp),$s2
-	comib,=	0,$t0,L\$enc_inp_aligned
-	ldw	12($inp),$s3
-
-	sh3addl	$t0,%r0,$t0
-	subi	32,$t0,$t0
-	mtctl	$t0,%cr11
-	ldw	16($inp),$t1
-	vshd	$s0,$s1,$s0
-	vshd	$s1,$s2,$s1
-	vshd	$s2,$s3,$s2
-	vshd	$s3,$t1,$s3
-
-L\$enc_inp_aligned
-	bl	_parisc_AES_encrypt,%r31
-	nop
-
-	extru,<> $out,31,2,%r0
-	b	L\$enc_out_aligned
-	nop
-
-	_srm	$s0,24,$acc0
-	_srm	$s0,16,$acc1
-	stb	$acc0,0($out)
-	_srm	$s0,8,$acc2
-	stb	$acc1,1($out)
-	_srm	$s1,24,$acc4
-	stb	$acc2,2($out)
-	_srm	$s1,16,$acc5
-	stb	$s0,3($out)
-	_srm	$s1,8,$acc6
-	stb	$acc4,4($out)
-	_srm	$s2,24,$acc0
-	stb	$acc5,5($out)
-	_srm	$s2,16,$acc1
-	stb	$acc6,6($out)
-	_srm	$s2,8,$acc2
-	stb	$s1,7($out)
-	_srm	$s3,24,$acc4
-	stb	$acc0,8($out)
-	_srm	$s3,16,$acc5
-	stb	$acc1,9($out)
-	_srm	$s3,8,$acc6
-	stb	$acc2,10($out)
-	stb	$s2,11($out)
-	stb	$acc4,12($out)
-	stb	$acc5,13($out)
-	stb	$acc6,14($out)
-	b	L\$enc_done
-	stb	$s3,15($out)
-
-L\$enc_out_aligned
-	stw	$s0,0($out)
-	stw	$s1,4($out)
-	stw	$s2,8($out)
-	stw	$s3,12($out)
-
-L\$enc_done
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
-	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
-	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
-	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
-	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
-	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
-	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.ALIGN	16
-_parisc_AES_encrypt
-	.PROC
-	.CALLINFO	MILLICODE
-	.ENTRY
-	ldw	240($key),$rounds
-	ldw	0($key),$t0
-	ldw	4($key),$t1
-	ldw	8($key),$t2
-	_srm	$rounds,1,$rounds
-	xor	$t0,$s0,$s0
-	ldw	12($key),$t3
-	_srm	$s0,24,$acc0
-	xor	$t1,$s1,$s1
-	ldw	16($key),$t0
-	_srm	$s1,16,$acc1
-	xor	$t2,$s2,$s2
-	ldw	20($key),$t1
-	xor	$t3,$s3,$s3
-	ldw	24($key),$t2
-	ldw	28($key),$t3
-L\$enc_loop
-	_srm	$s2,8,$acc2
-	ldwx,s	$acc0($tbl),$acc0
-	_srm	$s3,0,$acc3
-	ldwx,s	$acc1($tbl),$acc1
-	_srm	$s1,24,$acc4
-	ldwx,s	$acc2($tbl),$acc2
-	_srm	$s2,16,$acc5
-	ldwx,s	$acc3($tbl),$acc3
-	_srm	$s3,8,$acc6
-	ldwx,s	$acc4($tbl),$acc4
-	_srm	$s0,0,$acc7
-	ldwx,s	$acc5($tbl),$acc5
-	_srm	$s2,24,$acc8
-	ldwx,s	$acc6($tbl),$acc6
-	_srm	$s3,16,$acc9
-	ldwx,s	$acc7($tbl),$acc7
-	_srm	$s0,8,$acc10
-	ldwx,s	$acc8($tbl),$acc8
-	_srm	$s1,0,$acc11
-	ldwx,s	$acc9($tbl),$acc9
-	_srm	$s3,24,$acc12
-	ldwx,s	$acc10($tbl),$acc10
-	_srm	$s0,16,$acc13
-	ldwx,s	$acc11($tbl),$acc11
-	_srm	$s1,8,$acc14
-	ldwx,s	$acc12($tbl),$acc12
-	_srm	$s2,0,$acc15
-	ldwx,s	$acc13($tbl),$acc13
-	ldwx,s	$acc14($tbl),$acc14
-	ldwx,s	$acc15($tbl),$acc15
-	addib,= -1,$rounds,L\$enc_last
-	ldo	32($key),$key
-
-		_ror	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ldw	0($key),$s0
-		_ror	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ldw	4($key),$s1
-		_ror	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ldw	8($key),$s2
-		_ror	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ldw	12($key),$s3
-		_ror	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		_ror	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		_ror	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		_ror	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		_ror	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		_ror	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		_ror	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		_ror	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	_srm	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-	_srm	$t1,16,$acc1
-		xor	$acc15,$t3,$t3
-
-	_srm	$t2,8,$acc2
-	ldwx,s	$acc0($tbl),$acc0
-	_srm	$t3,0,$acc3
-	ldwx,s	$acc1($tbl),$acc1
-	_srm	$t1,24,$acc4
-	ldwx,s	$acc2($tbl),$acc2
-	_srm	$t2,16,$acc5
-	ldwx,s	$acc3($tbl),$acc3
-	_srm	$t3,8,$acc6
-	ldwx,s	$acc4($tbl),$acc4
-	_srm	$t0,0,$acc7
-	ldwx,s	$acc5($tbl),$acc5
-	_srm	$t2,24,$acc8
-	ldwx,s	$acc6($tbl),$acc6
-	_srm	$t3,16,$acc9
-	ldwx,s	$acc7($tbl),$acc7
-	_srm	$t0,8,$acc10
-	ldwx,s	$acc8($tbl),$acc8
-	_srm	$t1,0,$acc11
-	ldwx,s	$acc9($tbl),$acc9
-	_srm	$t3,24,$acc12
-	ldwx,s	$acc10($tbl),$acc10
-	_srm	$t0,16,$acc13
-	ldwx,s	$acc11($tbl),$acc11
-	_srm	$t1,8,$acc14
-	ldwx,s	$acc12($tbl),$acc12
-	_srm	$t2,0,$acc15
-	ldwx,s	$acc13($tbl),$acc13
-		_ror	$acc1,8,$acc1
-	ldwx,s	$acc14($tbl),$acc14
-
-		_ror	$acc2,16,$acc2
-		xor	$acc0,$s0,$s0
-	ldwx,s	$acc15($tbl),$acc15
-		_ror	$acc3,24,$acc3
-		xor	$acc1,$s0,$s0
-	ldw	16($key),$t0
-		_ror	$acc5,8,$acc5
-		xor	$acc2,$s0,$s0
-	ldw	20($key),$t1
-		_ror	$acc6,16,$acc6
-		xor	$acc3,$s0,$s0
-	ldw	24($key),$t2
-		_ror	$acc7,24,$acc7
-		xor	$acc4,$s1,$s1
-	ldw	28($key),$t3
-		_ror	$acc9,8,$acc9
-		xor	$acc5,$s1,$s1
-	ldw	1024+0($tbl),%r0		; prefetch te4
-		_ror	$acc10,16,$acc10
-		xor	$acc6,$s1,$s1
-	ldw	1024+32($tbl),%r0		; prefetch te4
-		_ror	$acc11,24,$acc11
-		xor	$acc7,$s1,$s1
-	ldw	1024+64($tbl),%r0		; prefetch te4
-		_ror	$acc13,8,$acc13
-		xor	$acc8,$s2,$s2
-	ldw	1024+96($tbl),%r0		; prefetch te4
-		_ror	$acc14,16,$acc14
-		xor	$acc9,$s2,$s2
-	ldw	1024+128($tbl),%r0		; prefetch te4
-		_ror	$acc15,24,$acc15
-		xor	$acc10,$s2,$s2
-	ldw	1024+160($tbl),%r0		; prefetch te4
-	_srm	$s0,24,$acc0
-		xor	$acc11,$s2,$s2
-	ldw	1024+192($tbl),%r0		; prefetch te4
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-	ldw	1024+224($tbl),%r0		; prefetch te4
-	_srm	$s1,16,$acc1
-		xor	$acc14,$s3,$s3
-	b	L\$enc_loop
-		xor	$acc15,$s3,$s3
-
-	.ALIGN	16
-L\$enc_last
-	ldo	1024($tbl),$rounds
-		_ror	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ldw	0($key),$s0
-		_ror	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ldw	4($key),$s1
-		_ror	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ldw	8($key),$s2
-		_ror	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ldw	12($key),$s3
-		_ror	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		_ror	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		_ror	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		_ror	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		_ror	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		_ror	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		_ror	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		_ror	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	_srm	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-	_srm	$t1,16,$acc1
-		xor	$acc15,$t3,$t3
-
-	_srm	$t2,8,$acc2
-	ldbx	$acc0($rounds),$acc0
-	_srm	$t1,24,$acc4
-	ldbx	$acc1($rounds),$acc1
-	_srm	$t2,16,$acc5
-	_srm	$t3,0,$acc3
-	ldbx	$acc2($rounds),$acc2
-	ldbx	$acc3($rounds),$acc3
-	_srm	$t3,8,$acc6
-	ldbx	$acc4($rounds),$acc4
-	_srm	$t2,24,$acc8
-	ldbx	$acc5($rounds),$acc5
-	_srm	$t3,16,$acc9
-	_srm	$t0,0,$acc7
-	ldbx	$acc6($rounds),$acc6
-	ldbx	$acc7($rounds),$acc7
-	_srm	$t0,8,$acc10
-	ldbx	$acc8($rounds),$acc8
-	_srm	$t3,24,$acc12
-	ldbx	$acc9($rounds),$acc9
-	_srm	$t0,16,$acc13
-	_srm	$t1,0,$acc11
-	ldbx	$acc10($rounds),$acc10
-	_srm	$t1,8,$acc14
-	ldbx	$acc11($rounds),$acc11
-	ldbx	$acc12($rounds),$acc12
-	ldbx	$acc13($rounds),$acc13
-	_srm	$t2,0,$acc15
-	ldbx	$acc14($rounds),$acc14
-
-		dep	$acc0,7,8,$acc3
-	ldbx	$acc15($rounds),$acc15
-		dep	$acc4,7,8,$acc7
-		dep	$acc1,15,8,$acc3
-		dep	$acc5,15,8,$acc7
-		dep	$acc2,23,8,$acc3
-		dep	$acc6,23,8,$acc7
-		xor	$acc3,$s0,$s0
-		xor	$acc7,$s1,$s1
-		dep	$acc8,7,8,$acc11
-		dep	$acc12,7,8,$acc15
-		dep	$acc9,15,8,$acc11
-		dep	$acc13,15,8,$acc15
-		dep	$acc10,23,8,$acc11
-		dep	$acc14,23,8,$acc15
-		xor	$acc11,$s2,$s2
-
-	bv	(%r31)
-	.EXIT
-		xor	$acc15,$s3,$s3
-	.PROCEND
-
-	.ALIGN	64
-L\$AES_Te
-	.WORD	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
-	.WORD	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
-	.WORD	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
-	.WORD	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
-	.WORD	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
-	.WORD	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
-	.WORD	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
-	.WORD	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
-	.WORD	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
-	.WORD	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
-	.WORD	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
-	.WORD	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
-	.WORD	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
-	.WORD	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
-	.WORD	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
-	.WORD	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
-	.WORD	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
-	.WORD	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
-	.WORD	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
-	.WORD	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
-	.WORD	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
-	.WORD	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
-	.WORD	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
-	.WORD	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
-	.WORD	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
-	.WORD	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
-	.WORD	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
-	.WORD	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
-	.WORD	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
-	.WORD	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
-	.WORD	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
-	.WORD	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
-	.WORD	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
-	.WORD	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
-	.WORD	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
-	.WORD	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
-	.WORD	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
-	.WORD	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
-	.WORD	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
-	.WORD	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
-	.WORD	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
-	.WORD	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
-	.WORD	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
-	.WORD	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
-	.WORD	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
-	.WORD	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
-	.WORD	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
-	.WORD	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
-	.WORD	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
-	.WORD	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
-	.WORD	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
-	.WORD	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
-	.WORD	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
-	.WORD	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
-	.WORD	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
-	.WORD	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
-	.WORD	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
-	.WORD	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
-	.WORD	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
-	.WORD	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
-	.WORD	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
-	.WORD	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
-	.WORD	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
-	.WORD	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
-	.BYTE	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-	.BYTE	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-	.BYTE	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-	.BYTE	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-	.BYTE	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-	.BYTE	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-	.BYTE	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-	.BYTE	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-	.BYTE	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-	.BYTE	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-	.BYTE	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-	.BYTE	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-	.BYTE	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-	.BYTE	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-	.BYTE	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-	.BYTE	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-	.BYTE	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-	.BYTE	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-	.BYTE	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-	.BYTE	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-	.BYTE	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-	.BYTE	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-	.BYTE	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-	.BYTE	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-	.BYTE	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-	.BYTE	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-	.BYTE	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-	.BYTE	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-	.BYTE	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-	.BYTE	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-	.BYTE	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-	.BYTE	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-___
-
-$code.=<<___;
-	.EXPORT	AES_decrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
-	.ALIGN	16
-AES_decrypt
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
-	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
-	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
-	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
-	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
-	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
-	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
-
-	blr	%r0,$tbl
-	ldi	3,$t0
-L\$dec_pic
-	andcm	$tbl,$t0,$tbl
-	ldo	L\$AES_Td-L\$dec_pic($tbl),$tbl
-
-	and	$inp,$t0,$t0
-	sub	$inp,$t0,$inp
-	ldw	0($inp),$s0
-	ldw	4($inp),$s1
-	ldw	8($inp),$s2
-	comib,=	0,$t0,L\$dec_inp_aligned
-	ldw	12($inp),$s3
-
-	sh3addl	$t0,%r0,$t0
-	subi	32,$t0,$t0
-	mtctl	$t0,%cr11
-	ldw	16($inp),$t1
-	vshd	$s0,$s1,$s0
-	vshd	$s1,$s2,$s1
-	vshd	$s2,$s3,$s2
-	vshd	$s3,$t1,$s3
-
-L\$dec_inp_aligned
-	bl	_parisc_AES_decrypt,%r31
-	nop
-
-	extru,<> $out,31,2,%r0
-	b	L\$dec_out_aligned
-	nop
-
-	_srm	$s0,24,$acc0
-	_srm	$s0,16,$acc1
-	stb	$acc0,0($out)
-	_srm	$s0,8,$acc2
-	stb	$acc1,1($out)
-	_srm	$s1,24,$acc4
-	stb	$acc2,2($out)
-	_srm	$s1,16,$acc5
-	stb	$s0,3($out)
-	_srm	$s1,8,$acc6
-	stb	$acc4,4($out)
-	_srm	$s2,24,$acc0
-	stb	$acc5,5($out)
-	_srm	$s2,16,$acc1
-	stb	$acc6,6($out)
-	_srm	$s2,8,$acc2
-	stb	$s1,7($out)
-	_srm	$s3,24,$acc4
-	stb	$acc0,8($out)
-	_srm	$s3,16,$acc5
-	stb	$acc1,9($out)
-	_srm	$s3,8,$acc6
-	stb	$acc2,10($out)
-	stb	$s2,11($out)
-	stb	$acc4,12($out)
-	stb	$acc5,13($out)
-	stb	$acc6,14($out)
-	b	L\$dec_done
-	stb	$s3,15($out)
-
-L\$dec_out_aligned
-	stw	$s0,0($out)
-	stw	$s1,4($out)
-	stw	$s2,8($out)
-	stw	$s3,12($out)
-
-L\$dec_done
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
-	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
-	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
-	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
-	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
-	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
-	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.ALIGN	16
-_parisc_AES_decrypt
-	.PROC
-	.CALLINFO	MILLICODE
-	.ENTRY
-	ldw	240($key),$rounds
-	ldw	0($key),$t0
-	ldw	4($key),$t1
-	ldw	8($key),$t2
-	ldw	12($key),$t3
-	_srm	$rounds,1,$rounds
-	xor	$t0,$s0,$s0
-	ldw	16($key),$t0
-	xor	$t1,$s1,$s1
-	ldw	20($key),$t1
-	_srm	$s0,24,$acc0
-	xor	$t2,$s2,$s2
-	ldw	24($key),$t2
-	xor	$t3,$s3,$s3
-	ldw	28($key),$t3
-	_srm	$s3,16,$acc1
-L\$dec_loop
-	_srm	$s2,8,$acc2
-	ldwx,s	$acc0($tbl),$acc0
-	_srm	$s1,0,$acc3
-	ldwx,s	$acc1($tbl),$acc1
-	_srm	$s1,24,$acc4
-	ldwx,s	$acc2($tbl),$acc2
-	_srm	$s0,16,$acc5
-	ldwx,s	$acc3($tbl),$acc3
-	_srm	$s3,8,$acc6
-	ldwx,s	$acc4($tbl),$acc4
-	_srm	$s2,0,$acc7
-	ldwx,s	$acc5($tbl),$acc5
-	_srm	$s2,24,$acc8
-	ldwx,s	$acc6($tbl),$acc6
-	_srm	$s1,16,$acc9
-	ldwx,s	$acc7($tbl),$acc7
-	_srm	$s0,8,$acc10
-	ldwx,s	$acc8($tbl),$acc8
-	_srm	$s3,0,$acc11
-	ldwx,s	$acc9($tbl),$acc9
-	_srm	$s3,24,$acc12
-	ldwx,s	$acc10($tbl),$acc10
-	_srm	$s2,16,$acc13
-	ldwx,s	$acc11($tbl),$acc11
-	_srm	$s1,8,$acc14
-	ldwx,s	$acc12($tbl),$acc12
-	_srm	$s0,0,$acc15
-	ldwx,s	$acc13($tbl),$acc13
-	ldwx,s	$acc14($tbl),$acc14
-	ldwx,s	$acc15($tbl),$acc15
-	addib,= -1,$rounds,L\$dec_last
-	ldo	32($key),$key
-
-		_ror	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ldw	0($key),$s0
-		_ror	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ldw	4($key),$s1
-		_ror	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ldw	8($key),$s2
-		_ror	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ldw	12($key),$s3
-		_ror	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		_ror	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		_ror	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		_ror	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		_ror	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		_ror	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		_ror	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		_ror	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	_srm	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-		xor	$acc15,$t3,$t3
-	_srm	$t3,16,$acc1
-
-	_srm	$t2,8,$acc2
-	ldwx,s	$acc0($tbl),$acc0
-	_srm	$t1,0,$acc3
-	ldwx,s	$acc1($tbl),$acc1
-	_srm	$t1,24,$acc4
-	ldwx,s	$acc2($tbl),$acc2
-	_srm	$t0,16,$acc5
-	ldwx,s	$acc3($tbl),$acc3
-	_srm	$t3,8,$acc6
-	ldwx,s	$acc4($tbl),$acc4
-	_srm	$t2,0,$acc7
-	ldwx,s	$acc5($tbl),$acc5
-	_srm	$t2,24,$acc8
-	ldwx,s	$acc6($tbl),$acc6
-	_srm	$t1,16,$acc9
-	ldwx,s	$acc7($tbl),$acc7
-	_srm	$t0,8,$acc10
-	ldwx,s	$acc8($tbl),$acc8
-	_srm	$t3,0,$acc11
-	ldwx,s	$acc9($tbl),$acc9
-	_srm	$t3,24,$acc12
-	ldwx,s	$acc10($tbl),$acc10
-	_srm	$t2,16,$acc13
-	ldwx,s	$acc11($tbl),$acc11
-	_srm	$t1,8,$acc14
-	ldwx,s	$acc12($tbl),$acc12
-	_srm	$t0,0,$acc15
-	ldwx,s	$acc13($tbl),$acc13
-		_ror	$acc1,8,$acc1
-	ldwx,s	$acc14($tbl),$acc14
-
-		_ror	$acc2,16,$acc2
-		xor	$acc0,$s0,$s0
-	ldwx,s	$acc15($tbl),$acc15
-		_ror	$acc3,24,$acc3
-		xor	$acc1,$s0,$s0
-	ldw	16($key),$t0
-		_ror	$acc5,8,$acc5
-		xor	$acc2,$s0,$s0
-	ldw	20($key),$t1
-		_ror	$acc6,16,$acc6
-		xor	$acc3,$s0,$s0
-	ldw	24($key),$t2
-		_ror	$acc7,24,$acc7
-		xor	$acc4,$s1,$s1
-	ldw	28($key),$t3
-		_ror	$acc9,8,$acc9
-		xor	$acc5,$s1,$s1
-	ldw	1024+0($tbl),%r0		; prefetch td4
-		_ror	$acc10,16,$acc10
-		xor	$acc6,$s1,$s1
-	ldw	1024+32($tbl),%r0		; prefetch td4
-		_ror	$acc11,24,$acc11
-		xor	$acc7,$s1,$s1
-	ldw	1024+64($tbl),%r0		; prefetch td4
-		_ror	$acc13,8,$acc13
-		xor	$acc8,$s2,$s2
-	ldw	1024+96($tbl),%r0		; prefetch td4
-		_ror	$acc14,16,$acc14
-		xor	$acc9,$s2,$s2
-	ldw	1024+128($tbl),%r0		; prefetch td4
-		_ror	$acc15,24,$acc15
-		xor	$acc10,$s2,$s2
-	ldw	1024+160($tbl),%r0		; prefetch td4
-	_srm	$s0,24,$acc0
-		xor	$acc11,$s2,$s2
-	ldw	1024+192($tbl),%r0		; prefetch td4
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-	ldw	1024+224($tbl),%r0		; prefetch td4
-		xor	$acc14,$s3,$s3
-		xor	$acc15,$s3,$s3
-	b	L\$dec_loop
-	_srm	$s3,16,$acc1
-
-	.ALIGN	16
-L\$dec_last
-	ldo	1024($tbl),$rounds
-		_ror	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ldw	0($key),$s0
-		_ror	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ldw	4($key),$s1
-		_ror	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ldw	8($key),$s2
-		_ror	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ldw	12($key),$s3
-		_ror	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		_ror	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		_ror	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		_ror	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		_ror	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		_ror	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		_ror	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		_ror	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	_srm	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-		xor	$acc15,$t3,$t3
-	_srm	$t3,16,$acc1
-
-	_srm	$t2,8,$acc2
-	ldbx	$acc0($rounds),$acc0
-	_srm	$t1,24,$acc4
-	ldbx	$acc1($rounds),$acc1
-	_srm	$t0,16,$acc5
-	_srm	$t1,0,$acc3
-	ldbx	$acc2($rounds),$acc2
-	ldbx	$acc3($rounds),$acc3
-	_srm	$t3,8,$acc6
-	ldbx	$acc4($rounds),$acc4
-	_srm	$t2,24,$acc8
-	ldbx	$acc5($rounds),$acc5
-	_srm	$t1,16,$acc9
-	_srm	$t2,0,$acc7
-	ldbx	$acc6($rounds),$acc6
-	ldbx	$acc7($rounds),$acc7
-	_srm	$t0,8,$acc10
-	ldbx	$acc8($rounds),$acc8
-	_srm	$t3,24,$acc12
-	ldbx	$acc9($rounds),$acc9
-	_srm	$t2,16,$acc13
-	_srm	$t3,0,$acc11
-	ldbx	$acc10($rounds),$acc10
-	_srm	$t1,8,$acc14
-	ldbx	$acc11($rounds),$acc11
-	ldbx	$acc12($rounds),$acc12
-	ldbx	$acc13($rounds),$acc13
-	_srm	$t0,0,$acc15
-	ldbx	$acc14($rounds),$acc14
-
-		dep	$acc0,7,8,$acc3
-	ldbx	$acc15($rounds),$acc15
-		dep	$acc4,7,8,$acc7
-		dep	$acc1,15,8,$acc3
-		dep	$acc5,15,8,$acc7
-		dep	$acc2,23,8,$acc3
-		dep	$acc6,23,8,$acc7
-		xor	$acc3,$s0,$s0
-		xor	$acc7,$s1,$s1
-		dep	$acc8,7,8,$acc11
-		dep	$acc12,7,8,$acc15
-		dep	$acc9,15,8,$acc11
-		dep	$acc13,15,8,$acc15
-		dep	$acc10,23,8,$acc11
-		dep	$acc14,23,8,$acc15
-		xor	$acc11,$s2,$s2
-
-	bv	(%r31)
-	.EXIT
-		xor	$acc15,$s3,$s3
-	.PROCEND
-
-	.ALIGN	64
-L\$AES_Td
-	.WORD	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
-	.WORD	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
-	.WORD	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
-	.WORD	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
-	.WORD	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
-	.WORD	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
-	.WORD	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
-	.WORD	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
-	.WORD	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
-	.WORD	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
-	.WORD	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
-	.WORD	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
-	.WORD	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
-	.WORD	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
-	.WORD	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
-	.WORD	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
-	.WORD	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
-	.WORD	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
-	.WORD	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
-	.WORD	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
-	.WORD	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
-	.WORD	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
-	.WORD	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
-	.WORD	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
-	.WORD	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
-	.WORD	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
-	.WORD	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
-	.WORD	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
-	.WORD	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
-	.WORD	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
-	.WORD	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
-	.WORD	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
-	.WORD	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
-	.WORD	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
-	.WORD	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
-	.WORD	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
-	.WORD	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
-	.WORD	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
-	.WORD	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
-	.WORD	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
-	.WORD	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
-	.WORD	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
-	.WORD	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
-	.WORD	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
-	.WORD	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
-	.WORD	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
-	.WORD	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
-	.WORD	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
-	.WORD	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
-	.WORD	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
-	.WORD	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
-	.WORD	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
-	.WORD	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
-	.WORD	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
-	.WORD	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
-	.WORD	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
-	.WORD	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
-	.WORD	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
-	.WORD	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
-	.WORD	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
-	.WORD	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
-	.WORD	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
-	.WORD	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
-	.WORD	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
-	.BYTE	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-	.BYTE	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-	.BYTE	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-	.BYTE	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-	.BYTE	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-	.BYTE	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-	.BYTE	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-	.BYTE	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-	.BYTE	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-	.BYTE	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-	.BYTE	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-	.BYTE	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-	.BYTE	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-	.BYTE	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-	.BYTE	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-	.BYTE	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-	.BYTE	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-	.BYTE	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-	.BYTE	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-	.BYTE	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-	.BYTE	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-	.BYTE	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-	.BYTE	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-	.BYTE	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-	.BYTE	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-	.BYTE	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-	.BYTE	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-	.BYTE	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-	.BYTE	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-	.BYTE	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-	.BYTE	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-	.BYTE	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-
-	.data
-	.STRINGZ "AES for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-
-	# translate made up instructons: _ror, _srm
-	s/_ror(\s+)(%r[0-9]+),/shd$1$2,$2,/				or
-
-	s/_srm(\s+%r[0-9]+),([0-9]+),/
-		$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
-		:            sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
-
-	s/,\*/,/			if ($SIZE_T==4);
-	s/\bbv\b(.*\(%r2\))/bve$1/	if ($SIZE_T==8);
-	print $_,"\n";
-}
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/aes-ppc.pl b/lib/libssl/src/crypto/aes/asm/aes-ppc.pl
deleted file mode 100644
index 7c52cbe5f9f..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-ppc.pl
+++ /dev/null
@@ -1,1365 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# Needs more work: key setup, CBC routine...
-#
-# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with
-# 128-bit key, which is ~40% better than 64-bit code generated by gcc
-# 4.0. But these are not the ones currently used! Their "compact"
-# counterparts are, for security reason. ppc_AES_encrypt_compact runs
-# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
-# at 1/3 of ppc_AES_decrypt.
-
-# February 2010
-#
-# Rescheduling instructions to favour Power6 pipeline gave 10%
-# performance improvement on the platfrom in question (and marginal
-# improvement even on others). It should be noted that Power6 fails
-# to process byte in 18 cycles, only in 23, because it fails to issue
-# 4 load instructions in two cycles, only in 3. As result non-compact
-# block subroutines are 25% slower than one would expect. Compact
-# functions scale better, because they have pure computational part,
-# which scales perfectly with clock frequency. To be specific
-# ppc_AES_encrypt_compact operates at 42 cycles per byte, while
-# ppc_AES_decrypt_compact - at 55 (in 64-bit build).
-
-$flavour = shift;
-
-if ($flavour =~ /64/) {
-	$SIZE_T	=8;
-	$LRSAVE	=2*$SIZE_T;
-	$STU	="stdu";
-	$POP	="ld";
-	$PUSH	="std";
-} elsif ($flavour =~ /32/) {
-	$SIZE_T	=4;
-	$LRSAVE	=$SIZE_T;
-	$STU	="stwu";
-	$POP	="lwz";
-	$PUSH	="stw";
-} else { die "nonsense $flavour"; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-$FRAME=32*$SIZE_T;
-
-sub _data_word()
-{ my $i;
-    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
-}
-
-$sp="r1";
-$toc="r2";
-$inp="r3";
-$out="r4";
-$key="r5";
-
-$Tbl0="r3";
-$Tbl1="r6";
-$Tbl2="r7";
-$Tbl3="r2";
-
-$s0="r8";
-$s1="r9";
-$s2="r10";
-$s3="r11";
-
-$t0="r12";
-$t1="r13";
-$t2="r14";
-$t3="r15";
-
-$acc00="r16";
-$acc01="r17";
-$acc02="r18";
-$acc03="r19";
-
-$acc04="r20";
-$acc05="r21";
-$acc06="r22";
-$acc07="r23";
-
-$acc08="r24";
-$acc09="r25";
-$acc10="r26";
-$acc11="r27";
-
-$acc12="r28";
-$acc13="r29";
-$acc14="r30";
-$acc15="r31";
-
-# stay away from TLS pointer
-if ($SIZE_T==8)	{ die if ($t1 ne "r13");  $t1="r0";		}
-else		{ die if ($Tbl3 ne "r2"); $Tbl3=$t0; $t0="r0";	}
-$mask80=$Tbl2;
-$mask1b=$Tbl3;
-
-$code.=<<___;
-.machine	"any"
-.text
-
-.align	7
-LAES_Te:
-	mflr	r0
-	bcl	20,31,\$+4
-	mflr	$Tbl0	;    vvvvv "distance" between . and 1st data entry
-	addi	$Tbl0,$Tbl0,`128-8`
-	mtlr	r0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-	.space	`64-9*4`
-LAES_Td:
-	mflr	r0
-	bcl	20,31,\$+4
-	mflr	$Tbl0	;    vvvvvvvv "distance" between . and 1st data entry
-	addi	$Tbl0,$Tbl0,`128-64-8+2048+256`
-	mtlr	r0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-	.space	`128-64-9*4`
-___
-&_data_word(
-	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
-	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
-	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
-	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
-	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
-	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
-	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
-	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
-	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
-	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
-	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
-	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
-	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
-	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
-	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
-	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
-	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
-	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
-	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
-	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
-	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
-	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
-	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
-	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
-	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
-	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
-	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
-	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
-	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
-	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
-	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
-	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
-	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
-	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
-	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
-	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
-	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
-	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
-	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
-	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
-	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
-	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
-	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
-$code.=<<___;
-.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-___
-&_data_word(
-	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
-	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
-	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
-	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
-	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
-	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
-	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
-	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
-	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
-	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
-	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
-	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
-	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
-	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
-	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
-	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
-	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
-	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
-	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
-	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
-	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
-	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
-	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
-	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
-	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
-	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
-	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
-	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
-	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
-	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
-	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
-	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
-	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
-	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
-	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
-	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
-	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
-	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
-	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
-	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
-	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
-	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
-	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
-$code.=<<___;
-.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-
-
-.globl	.AES_encrypt
-.align	7
-.AES_encrypt:
-	$STU	$sp,-$FRAME($sp)
-	mflr	r0
-
-	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
-	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
-	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
-	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
-	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
-	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
-	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
-	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
-	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
-	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
-	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
-	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
-	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
-	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
-	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
-	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
-	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
-	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
-	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
-	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
-
-	andi.	$t0,$inp,3
-	andi.	$t1,$out,3
-	or.	$t0,$t0,$t1
-	bne	Lenc_unaligned
-
-Lenc_unaligned_ok:
-	lwz	$s0,0($inp)
-	lwz	$s1,4($inp)
-	lwz	$s2,8($inp)
-	lwz	$s3,12($inp)
-	bl	LAES_Te
-	bl	Lppc_AES_encrypt_compact
-	stw	$s0,0($out)
-	stw	$s1,4($out)
-	stw	$s2,8($out)
-	stw	$s3,12($out)
-	b	Lenc_done
-
-Lenc_unaligned:
-	subfic	$t0,$inp,4096
-	subfic	$t1,$out,4096
-	andi.	$t0,$t0,4096-16
-	beq	Lenc_xpage
-	andi.	$t1,$t1,4096-16
-	bne	Lenc_unaligned_ok
-
-Lenc_xpage:
-	lbz	$acc00,0($inp)
-	lbz	$acc01,1($inp)
-	lbz	$acc02,2($inp)
-	lbz	$s0,3($inp)
-	lbz	$acc04,4($inp)
-	lbz	$acc05,5($inp)
-	lbz	$acc06,6($inp)
-	lbz	$s1,7($inp)
-	lbz	$acc08,8($inp)
-	lbz	$acc09,9($inp)
-	lbz	$acc10,10($inp)
-	insrwi	$s0,$acc00,8,0
-	lbz	$s2,11($inp)
-	insrwi	$s1,$acc04,8,0
-	lbz	$acc12,12($inp)
-	insrwi	$s0,$acc01,8,8
-	lbz	$acc13,13($inp)
-	insrwi	$s1,$acc05,8,8
-	lbz	$acc14,14($inp)
-	insrwi	$s0,$acc02,8,16
-	lbz	$s3,15($inp)
-	insrwi	$s1,$acc06,8,16
-	insrwi	$s2,$acc08,8,0
-	insrwi	$s3,$acc12,8,0
-	insrwi	$s2,$acc09,8,8
-	insrwi	$s3,$acc13,8,8
-	insrwi	$s2,$acc10,8,16
-	insrwi	$s3,$acc14,8,16
-
-	bl	LAES_Te
-	bl	Lppc_AES_encrypt_compact
-
-	extrwi	$acc00,$s0,8,0
-	extrwi	$acc01,$s0,8,8
-	stb	$acc00,0($out)
-	extrwi	$acc02,$s0,8,16
-	stb	$acc01,1($out)
-	stb	$acc02,2($out)
-	extrwi	$acc04,$s1,8,0
-	stb	$s0,3($out)
-	extrwi	$acc05,$s1,8,8
-	stb	$acc04,4($out)
-	extrwi	$acc06,$s1,8,16
-	stb	$acc05,5($out)
-	stb	$acc06,6($out)
-	extrwi	$acc08,$s2,8,0
-	stb	$s1,7($out)
-	extrwi	$acc09,$s2,8,8
-	stb	$acc08,8($out)
-	extrwi	$acc10,$s2,8,16
-	stb	$acc09,9($out)
-	stb	$acc10,10($out)
-	extrwi	$acc12,$s3,8,0
-	stb	$s2,11($out)
-	extrwi	$acc13,$s3,8,8
-	stb	$acc12,12($out)
-	extrwi	$acc14,$s3,8,16
-	stb	$acc13,13($out)
-	stb	$acc14,14($out)
-	stb	$s3,15($out)
-
-Lenc_done:
-	$POP	r0,`$FRAME+$LRSAVE`($sp)
-	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
-	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
-	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
-	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
-	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
-	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
-	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
-	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
-	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
-	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
-	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
-	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
-	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
-	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
-	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
-	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
-	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
-	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
-	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
-	mtlr	r0
-	addi	$sp,$sp,$FRAME
-	blr
-	.long	0
-	.byte	0,12,4,1,0x80,18,3,0
-	.long	0
-
-.align	5
-Lppc_AES_encrypt:
-	lwz	$acc00,240($key)
-	addi	$Tbl1,$Tbl0,3
-	lwz	$t0,0($key)
-	addi	$Tbl2,$Tbl0,2
-	lwz	$t1,4($key)
-	addi	$Tbl3,$Tbl0,1
-	lwz	$t2,8($key)
-	addi	$acc00,$acc00,-1
-	lwz	$t3,12($key)
-	addi	$key,$key,16
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	mtctr	$acc00
-.align	4
-Lenc_loop:
-	rlwinm	$acc00,$s0,`32-24+3`,21,28
-	rlwinm	$acc01,$s1,`32-24+3`,21,28
-	rlwinm	$acc02,$s2,`32-24+3`,21,28
-	rlwinm	$acc03,$s3,`32-24+3`,21,28
-	lwz	$t0,0($key)
-	rlwinm	$acc04,$s1,`32-16+3`,21,28
-	lwz	$t1,4($key)
-	rlwinm	$acc05,$s2,`32-16+3`,21,28
-	lwz	$t2,8($key)
-	rlwinm	$acc06,$s3,`32-16+3`,21,28
-	lwz	$t3,12($key)
-	rlwinm	$acc07,$s0,`32-16+3`,21,28
-	lwzx	$acc00,$Tbl0,$acc00
-	rlwinm	$acc08,$s2,`32-8+3`,21,28
-	lwzx	$acc01,$Tbl0,$acc01
-	rlwinm	$acc09,$s3,`32-8+3`,21,28
-	lwzx	$acc02,$Tbl0,$acc02
-	rlwinm	$acc10,$s0,`32-8+3`,21,28
-	lwzx	$acc03,$Tbl0,$acc03
-	rlwinm	$acc11,$s1,`32-8+3`,21,28
-	lwzx	$acc04,$Tbl1,$acc04
-	rlwinm	$acc12,$s3,`0+3`,21,28
-	lwzx	$acc05,$Tbl1,$acc05
-	rlwinm	$acc13,$s0,`0+3`,21,28
-	lwzx	$acc06,$Tbl1,$acc06
-	rlwinm	$acc14,$s1,`0+3`,21,28
-	lwzx	$acc07,$Tbl1,$acc07
-	rlwinm	$acc15,$s2,`0+3`,21,28
-	lwzx	$acc08,$Tbl2,$acc08
-	xor	$t0,$t0,$acc00
-	lwzx	$acc09,$Tbl2,$acc09
-	xor	$t1,$t1,$acc01
-	lwzx	$acc10,$Tbl2,$acc10
-	xor	$t2,$t2,$acc02
-	lwzx	$acc11,$Tbl2,$acc11
-	xor	$t3,$t3,$acc03
-	lwzx	$acc12,$Tbl3,$acc12
-	xor	$t0,$t0,$acc04
-	lwzx	$acc13,$Tbl3,$acc13
-	xor	$t1,$t1,$acc05
-	lwzx	$acc14,$Tbl3,$acc14
-	xor	$t2,$t2,$acc06
-	lwzx	$acc15,$Tbl3,$acc15
-	xor	$t3,$t3,$acc07
-	xor	$t0,$t0,$acc08
-	xor	$t1,$t1,$acc09
-	xor	$t2,$t2,$acc10
-	xor	$t3,$t3,$acc11
-	xor	$s0,$t0,$acc12
-	xor	$s1,$t1,$acc13
-	xor	$s2,$t2,$acc14
-	xor	$s3,$t3,$acc15
-	addi	$key,$key,16
-	bdnz-	Lenc_loop
-
-	addi	$Tbl2,$Tbl0,2048
-	nop
-	lwz	$t0,0($key)
-	rlwinm	$acc00,$s0,`32-24`,24,31
-	lwz	$t1,4($key)
-	rlwinm	$acc01,$s1,`32-24`,24,31
-	lwz	$t2,8($key)
-	rlwinm	$acc02,$s2,`32-24`,24,31
-	lwz	$t3,12($key)
-	rlwinm	$acc03,$s3,`32-24`,24,31
-	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Te4
-	rlwinm	$acc04,$s1,`32-16`,24,31
-	lwz	$acc09,`2048+32`($Tbl0)
-	rlwinm	$acc05,$s2,`32-16`,24,31
-	lwz	$acc10,`2048+64`($Tbl0)
-	rlwinm	$acc06,$s3,`32-16`,24,31
-	lwz	$acc11,`2048+96`($Tbl0)
-	rlwinm	$acc07,$s0,`32-16`,24,31
-	lwz	$acc12,`2048+128`($Tbl0)
-	rlwinm	$acc08,$s2,`32-8`,24,31
-	lwz	$acc13,`2048+160`($Tbl0)
-	rlwinm	$acc09,$s3,`32-8`,24,31
-	lwz	$acc14,`2048+192`($Tbl0)
-	rlwinm	$acc10,$s0,`32-8`,24,31
-	lwz	$acc15,`2048+224`($Tbl0)
-	rlwinm	$acc11,$s1,`32-8`,24,31
-	lbzx	$acc00,$Tbl2,$acc00
-	rlwinm	$acc12,$s3,`0`,24,31
-	lbzx	$acc01,$Tbl2,$acc01
-	rlwinm	$acc13,$s0,`0`,24,31
-	lbzx	$acc02,$Tbl2,$acc02
-	rlwinm	$acc14,$s1,`0`,24,31
-	lbzx	$acc03,$Tbl2,$acc03
-	rlwinm	$acc15,$s2,`0`,24,31
-	lbzx	$acc04,$Tbl2,$acc04
-	rlwinm	$s0,$acc00,24,0,7
-	lbzx	$acc05,$Tbl2,$acc05
-	rlwinm	$s1,$acc01,24,0,7
-	lbzx	$acc06,$Tbl2,$acc06
-	rlwinm	$s2,$acc02,24,0,7
-	lbzx	$acc07,$Tbl2,$acc07
-	rlwinm	$s3,$acc03,24,0,7
-	lbzx	$acc08,$Tbl2,$acc08
-	rlwimi	$s0,$acc04,16,8,15
-	lbzx	$acc09,$Tbl2,$acc09
-	rlwimi	$s1,$acc05,16,8,15
-	lbzx	$acc10,$Tbl2,$acc10
-	rlwimi	$s2,$acc06,16,8,15
-	lbzx	$acc11,$Tbl2,$acc11
-	rlwimi	$s3,$acc07,16,8,15
-	lbzx	$acc12,$Tbl2,$acc12
-	rlwimi	$s0,$acc08,8,16,23
-	lbzx	$acc13,$Tbl2,$acc13
-	rlwimi	$s1,$acc09,8,16,23
-	lbzx	$acc14,$Tbl2,$acc14
-	rlwimi	$s2,$acc10,8,16,23
-	lbzx	$acc15,$Tbl2,$acc15
-	rlwimi	$s3,$acc11,8,16,23
-	or	$s0,$s0,$acc12
-	or	$s1,$s1,$acc13
-	or	$s2,$s2,$acc14
-	or	$s3,$s3,$acc15
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-
-.align	4
-Lppc_AES_encrypt_compact:
-	lwz	$acc00,240($key)
-	addi	$Tbl1,$Tbl0,2048
-	lwz	$t0,0($key)
-	lis	$mask80,0x8080
-	lwz	$t1,4($key)
-	lis	$mask1b,0x1b1b
-	lwz	$t2,8($key)
-	ori	$mask80,$mask80,0x8080
-	lwz	$t3,12($key)
-	ori	$mask1b,$mask1b,0x1b1b
-	addi	$key,$key,16
-	mtctr	$acc00
-.align	4
-Lenc_compact_loop:
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	rlwinm	$acc00,$s0,`32-24`,24,31
-	xor	$s2,$s2,$t2
-	rlwinm	$acc01,$s1,`32-24`,24,31
-	xor	$s3,$s3,$t3
-	rlwinm	$acc02,$s2,`32-24`,24,31
-	rlwinm	$acc03,$s3,`32-24`,24,31
-	rlwinm	$acc04,$s1,`32-16`,24,31
-	rlwinm	$acc05,$s2,`32-16`,24,31
-	rlwinm	$acc06,$s3,`32-16`,24,31
-	rlwinm	$acc07,$s0,`32-16`,24,31
-	lbzx	$acc00,$Tbl1,$acc00
-	rlwinm	$acc08,$s2,`32-8`,24,31
-	lbzx	$acc01,$Tbl1,$acc01
-	rlwinm	$acc09,$s3,`32-8`,24,31
-	lbzx	$acc02,$Tbl1,$acc02
-	rlwinm	$acc10,$s0,`32-8`,24,31
-	lbzx	$acc03,$Tbl1,$acc03
-	rlwinm	$acc11,$s1,`32-8`,24,31
-	lbzx	$acc04,$Tbl1,$acc04
-	rlwinm	$acc12,$s3,`0`,24,31
-	lbzx	$acc05,$Tbl1,$acc05
-	rlwinm	$acc13,$s0,`0`,24,31
-	lbzx	$acc06,$Tbl1,$acc06
-	rlwinm	$acc14,$s1,`0`,24,31
-	lbzx	$acc07,$Tbl1,$acc07
-	rlwinm	$acc15,$s2,`0`,24,31
-	lbzx	$acc08,$Tbl1,$acc08
-	rlwinm	$s0,$acc00,24,0,7
-	lbzx	$acc09,$Tbl1,$acc09
-	rlwinm	$s1,$acc01,24,0,7
-	lbzx	$acc10,$Tbl1,$acc10
-	rlwinm	$s2,$acc02,24,0,7
-	lbzx	$acc11,$Tbl1,$acc11
-	rlwinm	$s3,$acc03,24,0,7
-	lbzx	$acc12,$Tbl1,$acc12
-	rlwimi	$s0,$acc04,16,8,15
-	lbzx	$acc13,$Tbl1,$acc13
-	rlwimi	$s1,$acc05,16,8,15
-	lbzx	$acc14,$Tbl1,$acc14
-	rlwimi	$s2,$acc06,16,8,15
-	lbzx	$acc15,$Tbl1,$acc15
-	rlwimi	$s3,$acc07,16,8,15
-	rlwimi	$s0,$acc08,8,16,23
-	rlwimi	$s1,$acc09,8,16,23
-	rlwimi	$s2,$acc10,8,16,23
-	rlwimi	$s3,$acc11,8,16,23
-	lwz	$t0,0($key)
-	or	$s0,$s0,$acc12
-	lwz	$t1,4($key)
-	or	$s1,$s1,$acc13
-	lwz	$t2,8($key)
-	or	$s2,$s2,$acc14
-	lwz	$t3,12($key)
-	or	$s3,$s3,$acc15
-
-	addi	$key,$key,16
-	bdz	Lenc_compact_done
-
-	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
-	and	$acc01,$s1,$mask80
-	and	$acc02,$s2,$mask80
-	and	$acc03,$s3,$mask80
-	srwi	$acc04,$acc00,7		# r1>>7
-	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
-	srwi	$acc05,$acc01,7
-	andc	$acc09,$s1,$mask80
-	srwi	$acc06,$acc02,7
-	andc	$acc10,$s2,$mask80
-	srwi	$acc07,$acc03,7
-	andc	$acc11,$s3,$mask80
-	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
-	sub	$acc01,$acc01,$acc05
-	sub	$acc02,$acc02,$acc06
-	sub	$acc03,$acc03,$acc07
-	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
-	add	$acc09,$acc09,$acc09
-	add	$acc10,$acc10,$acc10
-	add	$acc11,$acc11,$acc11
-	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc01,$acc01,$mask1b
-	and	$acc02,$acc02,$mask1b
-	and	$acc03,$acc03,$mask1b
-	xor	$acc00,$acc00,$acc08	# r2
-	xor	$acc01,$acc01,$acc09
-	 rotlwi	$acc12,$s0,16		# ROTATE(r0,16)
-	xor	$acc02,$acc02,$acc10
-	 rotlwi	$acc13,$s1,16
-	xor	$acc03,$acc03,$acc11
-	 rotlwi	$acc14,$s2,16
-
-	xor	$s0,$s0,$acc00		# r0^r2
-	rotlwi	$acc15,$s3,16
-	xor	$s1,$s1,$acc01
-	rotrwi	$s0,$s0,24		# ROTATE(r2^r0,24)
-	xor	$s2,$s2,$acc02
-	rotrwi	$s1,$s1,24
-	xor	$s3,$s3,$acc03
-	rotrwi	$s2,$s2,24
-	xor	$s0,$s0,$acc00		# ROTATE(r2^r0,24)^r2
-	rotrwi	$s3,$s3,24
-	xor	$s1,$s1,$acc01
-	xor	$s2,$s2,$acc02
-	xor	$s3,$s3,$acc03
-	rotlwi	$acc08,$acc12,8		# ROTATE(r0,24)
-	xor	$s0,$s0,$acc12		#
-	rotlwi	$acc09,$acc13,8
-	xor	$s1,$s1,$acc13
-	rotlwi	$acc10,$acc14,8
-	xor	$s2,$s2,$acc14
-	rotlwi	$acc11,$acc15,8
-	xor	$s3,$s3,$acc15
-	xor	$s0,$s0,$acc08		#
-	xor	$s1,$s1,$acc09
-	xor	$s2,$s2,$acc10
-	xor	$s3,$s3,$acc11
-
-	b	Lenc_compact_loop
-.align	4
-Lenc_compact_done:
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-
-.globl	.AES_decrypt
-.align	7
-.AES_decrypt:
-	$STU	$sp,-$FRAME($sp)
-	mflr	r0
-
-	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
-	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
-	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
-	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
-	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
-	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
-	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
-	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
-	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
-	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
-	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
-	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
-	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
-	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
-	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
-	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
-	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
-	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
-	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
-	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
-
-	andi.	$t0,$inp,3
-	andi.	$t1,$out,3
-	or.	$t0,$t0,$t1
-	bne	Ldec_unaligned
-
-Ldec_unaligned_ok:
-	lwz	$s0,0($inp)
-	lwz	$s1,4($inp)
-	lwz	$s2,8($inp)
-	lwz	$s3,12($inp)
-	bl	LAES_Td
-	bl	Lppc_AES_decrypt_compact
-	stw	$s0,0($out)
-	stw	$s1,4($out)
-	stw	$s2,8($out)
-	stw	$s3,12($out)
-	b	Ldec_done
-
-Ldec_unaligned:
-	subfic	$t0,$inp,4096
-	subfic	$t1,$out,4096
-	andi.	$t0,$t0,4096-16
-	beq	Ldec_xpage
-	andi.	$t1,$t1,4096-16
-	bne	Ldec_unaligned_ok
-
-Ldec_xpage:
-	lbz	$acc00,0($inp)
-	lbz	$acc01,1($inp)
-	lbz	$acc02,2($inp)
-	lbz	$s0,3($inp)
-	lbz	$acc04,4($inp)
-	lbz	$acc05,5($inp)
-	lbz	$acc06,6($inp)
-	lbz	$s1,7($inp)
-	lbz	$acc08,8($inp)
-	lbz	$acc09,9($inp)
-	lbz	$acc10,10($inp)
-	insrwi	$s0,$acc00,8,0
-	lbz	$s2,11($inp)
-	insrwi	$s1,$acc04,8,0
-	lbz	$acc12,12($inp)
-	insrwi	$s0,$acc01,8,8
-	lbz	$acc13,13($inp)
-	insrwi	$s1,$acc05,8,8
-	lbz	$acc14,14($inp)
-	insrwi	$s0,$acc02,8,16
-	lbz	$s3,15($inp)
-	insrwi	$s1,$acc06,8,16
-	insrwi	$s2,$acc08,8,0
-	insrwi	$s3,$acc12,8,0
-	insrwi	$s2,$acc09,8,8
-	insrwi	$s3,$acc13,8,8
-	insrwi	$s2,$acc10,8,16
-	insrwi	$s3,$acc14,8,16
-
-	bl	LAES_Td
-	bl	Lppc_AES_decrypt_compact
-
-	extrwi	$acc00,$s0,8,0
-	extrwi	$acc01,$s0,8,8
-	stb	$acc00,0($out)
-	extrwi	$acc02,$s0,8,16
-	stb	$acc01,1($out)
-	stb	$acc02,2($out)
-	extrwi	$acc04,$s1,8,0
-	stb	$s0,3($out)
-	extrwi	$acc05,$s1,8,8
-	stb	$acc04,4($out)
-	extrwi	$acc06,$s1,8,16
-	stb	$acc05,5($out)
-	stb	$acc06,6($out)
-	extrwi	$acc08,$s2,8,0
-	stb	$s1,7($out)
-	extrwi	$acc09,$s2,8,8
-	stb	$acc08,8($out)
-	extrwi	$acc10,$s2,8,16
-	stb	$acc09,9($out)
-	stb	$acc10,10($out)
-	extrwi	$acc12,$s3,8,0
-	stb	$s2,11($out)
-	extrwi	$acc13,$s3,8,8
-	stb	$acc12,12($out)
-	extrwi	$acc14,$s3,8,16
-	stb	$acc13,13($out)
-	stb	$acc14,14($out)
-	stb	$s3,15($out)
-
-Ldec_done:
-	$POP	r0,`$FRAME+$LRSAVE`($sp)
-	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
-	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
-	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
-	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
-	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
-	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
-	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
-	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
-	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
-	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
-	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
-	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
-	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
-	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
-	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
-	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
-	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
-	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
-	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
-	mtlr	r0
-	addi	$sp,$sp,$FRAME
-	blr
-	.long	0
-	.byte	0,12,4,1,0x80,18,3,0
-	.long	0
-
-.align	5
-Lppc_AES_decrypt:
-	lwz	$acc00,240($key)
-	addi	$Tbl1,$Tbl0,3
-	lwz	$t0,0($key)
-	addi	$Tbl2,$Tbl0,2
-	lwz	$t1,4($key)
-	addi	$Tbl3,$Tbl0,1
-	lwz	$t2,8($key)
-	addi	$acc00,$acc00,-1
-	lwz	$t3,12($key)
-	addi	$key,$key,16
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	mtctr	$acc00
-.align	4
-Ldec_loop:
-	rlwinm	$acc00,$s0,`32-24+3`,21,28
-	rlwinm	$acc01,$s1,`32-24+3`,21,28
-	rlwinm	$acc02,$s2,`32-24+3`,21,28
-	rlwinm	$acc03,$s3,`32-24+3`,21,28
-	lwz	$t0,0($key)
-	rlwinm	$acc04,$s3,`32-16+3`,21,28
-	lwz	$t1,4($key)
-	rlwinm	$acc05,$s0,`32-16+3`,21,28
-	lwz	$t2,8($key)
-	rlwinm	$acc06,$s1,`32-16+3`,21,28
-	lwz	$t3,12($key)
-	rlwinm	$acc07,$s2,`32-16+3`,21,28
-	lwzx	$acc00,$Tbl0,$acc00
-	rlwinm	$acc08,$s2,`32-8+3`,21,28
-	lwzx	$acc01,$Tbl0,$acc01
-	rlwinm	$acc09,$s3,`32-8+3`,21,28
-	lwzx	$acc02,$Tbl0,$acc02
-	rlwinm	$acc10,$s0,`32-8+3`,21,28
-	lwzx	$acc03,$Tbl0,$acc03
-	rlwinm	$acc11,$s1,`32-8+3`,21,28
-	lwzx	$acc04,$Tbl1,$acc04
-	rlwinm	$acc12,$s1,`0+3`,21,28
-	lwzx	$acc05,$Tbl1,$acc05
-	rlwinm	$acc13,$s2,`0+3`,21,28
-	lwzx	$acc06,$Tbl1,$acc06
-	rlwinm	$acc14,$s3,`0+3`,21,28
-	lwzx	$acc07,$Tbl1,$acc07
-	rlwinm	$acc15,$s0,`0+3`,21,28
-	lwzx	$acc08,$Tbl2,$acc08
-	xor	$t0,$t0,$acc00
-	lwzx	$acc09,$Tbl2,$acc09
-	xor	$t1,$t1,$acc01
-	lwzx	$acc10,$Tbl2,$acc10
-	xor	$t2,$t2,$acc02
-	lwzx	$acc11,$Tbl2,$acc11
-	xor	$t3,$t3,$acc03
-	lwzx	$acc12,$Tbl3,$acc12
-	xor	$t0,$t0,$acc04
-	lwzx	$acc13,$Tbl3,$acc13
-	xor	$t1,$t1,$acc05
-	lwzx	$acc14,$Tbl3,$acc14
-	xor	$t2,$t2,$acc06
-	lwzx	$acc15,$Tbl3,$acc15
-	xor	$t3,$t3,$acc07
-	xor	$t0,$t0,$acc08
-	xor	$t1,$t1,$acc09
-	xor	$t2,$t2,$acc10
-	xor	$t3,$t3,$acc11
-	xor	$s0,$t0,$acc12
-	xor	$s1,$t1,$acc13
-	xor	$s2,$t2,$acc14
-	xor	$s3,$t3,$acc15
-	addi	$key,$key,16
-	bdnz-	Ldec_loop
-
-	addi	$Tbl2,$Tbl0,2048
-	nop
-	lwz	$t0,0($key)
-	rlwinm	$acc00,$s0,`32-24`,24,31
-	lwz	$t1,4($key)
-	rlwinm	$acc01,$s1,`32-24`,24,31
-	lwz	$t2,8($key)
-	rlwinm	$acc02,$s2,`32-24`,24,31
-	lwz	$t3,12($key)
-	rlwinm	$acc03,$s3,`32-24`,24,31
-	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Td4
-	rlwinm	$acc04,$s3,`32-16`,24,31
-	lwz	$acc09,`2048+32`($Tbl0)
-	rlwinm	$acc05,$s0,`32-16`,24,31
-	lwz	$acc10,`2048+64`($Tbl0)
-	lbzx	$acc00,$Tbl2,$acc00
-	lwz	$acc11,`2048+96`($Tbl0)
-	lbzx	$acc01,$Tbl2,$acc01
-	lwz	$acc12,`2048+128`($Tbl0)
-	rlwinm	$acc06,$s1,`32-16`,24,31
-	lwz	$acc13,`2048+160`($Tbl0)
-	rlwinm	$acc07,$s2,`32-16`,24,31
-	lwz	$acc14,`2048+192`($Tbl0)
-	rlwinm	$acc08,$s2,`32-8`,24,31
-	lwz	$acc15,`2048+224`($Tbl0)
-	rlwinm	$acc09,$s3,`32-8`,24,31
-	lbzx	$acc02,$Tbl2,$acc02
-	rlwinm	$acc10,$s0,`32-8`,24,31
-	lbzx	$acc03,$Tbl2,$acc03
-	rlwinm	$acc11,$s1,`32-8`,24,31
-	lbzx	$acc04,$Tbl2,$acc04
-	rlwinm	$acc12,$s1,`0`,24,31
-	lbzx	$acc05,$Tbl2,$acc05
-	rlwinm	$acc13,$s2,`0`,24,31
-	lbzx	$acc06,$Tbl2,$acc06
-	rlwinm	$acc14,$s3,`0`,24,31
-	lbzx	$acc07,$Tbl2,$acc07
-	rlwinm	$acc15,$s0,`0`,24,31
-	lbzx	$acc08,$Tbl2,$acc08
-	rlwinm	$s0,$acc00,24,0,7
-	lbzx	$acc09,$Tbl2,$acc09
-	rlwinm	$s1,$acc01,24,0,7
-	lbzx	$acc10,$Tbl2,$acc10
-	rlwinm	$s2,$acc02,24,0,7
-	lbzx	$acc11,$Tbl2,$acc11
-	rlwinm	$s3,$acc03,24,0,7
-	lbzx	$acc12,$Tbl2,$acc12
-	rlwimi	$s0,$acc04,16,8,15
-	lbzx	$acc13,$Tbl2,$acc13
-	rlwimi	$s1,$acc05,16,8,15
-	lbzx	$acc14,$Tbl2,$acc14
-	rlwimi	$s2,$acc06,16,8,15
-	lbzx	$acc15,$Tbl2,$acc15
-	rlwimi	$s3,$acc07,16,8,15
-	rlwimi	$s0,$acc08,8,16,23
-	rlwimi	$s1,$acc09,8,16,23
-	rlwimi	$s2,$acc10,8,16,23
-	rlwimi	$s3,$acc11,8,16,23
-	or	$s0,$s0,$acc12
-	or	$s1,$s1,$acc13
-	or	$s2,$s2,$acc14
-	or	$s3,$s3,$acc15
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-
-.align	4
-Lppc_AES_decrypt_compact:
-	lwz	$acc00,240($key)
-	addi	$Tbl1,$Tbl0,2048
-	lwz	$t0,0($key)
-	lis	$mask80,0x8080
-	lwz	$t1,4($key)
-	lis	$mask1b,0x1b1b
-	lwz	$t2,8($key)
-	ori	$mask80,$mask80,0x8080
-	lwz	$t3,12($key)
-	ori	$mask1b,$mask1b,0x1b1b
-	addi	$key,$key,16
-___
-$code.=<<___ if ($SIZE_T==8);
-	insrdi	$mask80,$mask80,32,0
-	insrdi	$mask1b,$mask1b,32,0
-___
-$code.=<<___;
-	mtctr	$acc00
-.align	4
-Ldec_compact_loop:
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	rlwinm	$acc00,$s0,`32-24`,24,31
-	xor	$s2,$s2,$t2
-	rlwinm	$acc01,$s1,`32-24`,24,31
-	xor	$s3,$s3,$t3
-	rlwinm	$acc02,$s2,`32-24`,24,31
-	rlwinm	$acc03,$s3,`32-24`,24,31
-	rlwinm	$acc04,$s3,`32-16`,24,31
-	rlwinm	$acc05,$s0,`32-16`,24,31
-	rlwinm	$acc06,$s1,`32-16`,24,31
-	rlwinm	$acc07,$s2,`32-16`,24,31
-	lbzx	$acc00,$Tbl1,$acc00
-	rlwinm	$acc08,$s2,`32-8`,24,31
-	lbzx	$acc01,$Tbl1,$acc01
-	rlwinm	$acc09,$s3,`32-8`,24,31
-	lbzx	$acc02,$Tbl1,$acc02
-	rlwinm	$acc10,$s0,`32-8`,24,31
-	lbzx	$acc03,$Tbl1,$acc03
-	rlwinm	$acc11,$s1,`32-8`,24,31
-	lbzx	$acc04,$Tbl1,$acc04
-	rlwinm	$acc12,$s1,`0`,24,31
-	lbzx	$acc05,$Tbl1,$acc05
-	rlwinm	$acc13,$s2,`0`,24,31
-	lbzx	$acc06,$Tbl1,$acc06
-	rlwinm	$acc14,$s3,`0`,24,31
-	lbzx	$acc07,$Tbl1,$acc07
-	rlwinm	$acc15,$s0,`0`,24,31
-	lbzx	$acc08,$Tbl1,$acc08
-	rlwinm	$s0,$acc00,24,0,7
-	lbzx	$acc09,$Tbl1,$acc09
-	rlwinm	$s1,$acc01,24,0,7
-	lbzx	$acc10,$Tbl1,$acc10
-	rlwinm	$s2,$acc02,24,0,7
-	lbzx	$acc11,$Tbl1,$acc11
-	rlwinm	$s3,$acc03,24,0,7
-	lbzx	$acc12,$Tbl1,$acc12
-	rlwimi	$s0,$acc04,16,8,15
-	lbzx	$acc13,$Tbl1,$acc13
-	rlwimi	$s1,$acc05,16,8,15
-	lbzx	$acc14,$Tbl1,$acc14
-	rlwimi	$s2,$acc06,16,8,15
-	lbzx	$acc15,$Tbl1,$acc15
-	rlwimi	$s3,$acc07,16,8,15
-	rlwimi	$s0,$acc08,8,16,23
-	rlwimi	$s1,$acc09,8,16,23
-	rlwimi	$s2,$acc10,8,16,23
-	rlwimi	$s3,$acc11,8,16,23
-	lwz	$t0,0($key)
-	or	$s0,$s0,$acc12
-	lwz	$t1,4($key)
-	or	$s1,$s1,$acc13
-	lwz	$t2,8($key)
-	or	$s2,$s2,$acc14
-	lwz	$t3,12($key)
-	or	$s3,$s3,$acc15
-
-	addi	$key,$key,16
-	bdz	Ldec_compact_done
-___
-$code.=<<___ if ($SIZE_T==8);
-	# vectorized permutation improves decrypt performance by 10%
-	insrdi	$s0,$s1,32,0
-	insrdi	$s2,$s3,32,0
-
-	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
-	and	$acc02,$s2,$mask80
-	srdi	$acc04,$acc00,7		# r1>>7
-	srdi	$acc06,$acc02,7
-	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
-	andc	$acc10,$s2,$mask80
-	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
-	sub	$acc02,$acc02,$acc06
-	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
-	add	$acc10,$acc10,$acc10
-	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc02,$acc02,$mask1b
-	xor	$acc00,$acc00,$acc08	# r2
-	xor	$acc02,$acc02,$acc10
-
-	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
-	and	$acc06,$acc02,$mask80
-	srdi	$acc08,$acc04,7		# r1>>7
-	srdi	$acc10,$acc06,7
-	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
-	andc	$acc14,$acc02,$mask80
-	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
-	sub	$acc06,$acc06,$acc10
-	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
-	add	$acc14,$acc14,$acc14
-	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc06,$acc06,$mask1b
-	xor	$acc04,$acc04,$acc12	# r4
-	xor	$acc06,$acc06,$acc14
-
-	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
-	and	$acc10,$acc06,$mask80
-	srdi	$acc12,$acc08,7		# r1>>7
-	srdi	$acc14,$acc10,7
-	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
-	sub	$acc10,$acc10,$acc14
-	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
-	andc	$acc14,$acc06,$mask80
-	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
-	add	$acc14,$acc14,$acc14
-	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc10,$acc10,$mask1b
-	xor	$acc08,$acc08,$acc12	# r8
-	xor	$acc10,$acc10,$acc14
-
-	xor	$acc00,$acc00,$s0	# r2^r0
-	xor	$acc02,$acc02,$s2
-	xor	$acc04,$acc04,$s0	# r4^r0
-	xor	$acc06,$acc06,$s2
-
-	extrdi	$acc01,$acc00,32,0
-	extrdi	$acc03,$acc02,32,0
-	extrdi	$acc05,$acc04,32,0
-	extrdi	$acc07,$acc06,32,0
-	extrdi	$acc09,$acc08,32,0
-	extrdi	$acc11,$acc10,32,0
-___
-$code.=<<___ if ($SIZE_T==4);
-	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
-	and	$acc01,$s1,$mask80
-	and	$acc02,$s2,$mask80
-	and	$acc03,$s3,$mask80
-	srwi	$acc04,$acc00,7		# r1>>7
-	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
-	srwi	$acc05,$acc01,7
-	andc	$acc09,$s1,$mask80
-	srwi	$acc06,$acc02,7
-	andc	$acc10,$s2,$mask80
-	srwi	$acc07,$acc03,7
-	andc	$acc11,$s3,$mask80
-	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
-	sub	$acc01,$acc01,$acc05
-	sub	$acc02,$acc02,$acc06
-	sub	$acc03,$acc03,$acc07
-	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
-	add	$acc09,$acc09,$acc09
-	add	$acc10,$acc10,$acc10
-	add	$acc11,$acc11,$acc11
-	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc01,$acc01,$mask1b
-	and	$acc02,$acc02,$mask1b
-	and	$acc03,$acc03,$mask1b
-	xor	$acc00,$acc00,$acc08	# r2
-	xor	$acc01,$acc01,$acc09
-	xor	$acc02,$acc02,$acc10
-	xor	$acc03,$acc03,$acc11
-
-	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
-	and	$acc05,$acc01,$mask80
-	and	$acc06,$acc02,$mask80
-	and	$acc07,$acc03,$mask80
-	srwi	$acc08,$acc04,7		# r1>>7
-	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
-	srwi	$acc09,$acc05,7
-	andc	$acc13,$acc01,$mask80
-	srwi	$acc10,$acc06,7
-	andc	$acc14,$acc02,$mask80
-	srwi	$acc11,$acc07,7
-	andc	$acc15,$acc03,$mask80
-	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
-	sub	$acc05,$acc05,$acc09
-	sub	$acc06,$acc06,$acc10
-	sub	$acc07,$acc07,$acc11
-	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
-	add	$acc13,$acc13,$acc13
-	add	$acc14,$acc14,$acc14
-	add	$acc15,$acc15,$acc15
-	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc05,$acc05,$mask1b
-	and	$acc06,$acc06,$mask1b
-	and	$acc07,$acc07,$mask1b
-	xor	$acc04,$acc04,$acc12	# r4
-	xor	$acc05,$acc05,$acc13
-	xor	$acc06,$acc06,$acc14
-	xor	$acc07,$acc07,$acc15
-
-	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
-	and	$acc09,$acc05,$mask80
-	srwi	$acc12,$acc08,7		# r1>>7
-	and	$acc10,$acc06,$mask80
-	srwi	$acc13,$acc09,7
-	and	$acc11,$acc07,$mask80
-	srwi	$acc14,$acc10,7
-	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
-	srwi	$acc15,$acc11,7
-	sub	$acc09,$acc09,$acc13
-	sub	$acc10,$acc10,$acc14
-	sub	$acc11,$acc11,$acc15
-	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
-	andc	$acc13,$acc05,$mask80
-	andc	$acc14,$acc06,$mask80
-	andc	$acc15,$acc07,$mask80
-	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
-	add	$acc13,$acc13,$acc13
-	add	$acc14,$acc14,$acc14
-	add	$acc15,$acc15,$acc15
-	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
-	and	$acc09,$acc09,$mask1b
-	and	$acc10,$acc10,$mask1b
-	and	$acc11,$acc11,$mask1b
-	xor	$acc08,$acc08,$acc12	# r8
-	xor	$acc09,$acc09,$acc13
-	xor	$acc10,$acc10,$acc14
-	xor	$acc11,$acc11,$acc15
-
-	xor	$acc00,$acc00,$s0	# r2^r0
-	xor	$acc01,$acc01,$s1
-	xor	$acc02,$acc02,$s2
-	xor	$acc03,$acc03,$s3
-	xor	$acc04,$acc04,$s0	# r4^r0
-	xor	$acc05,$acc05,$s1
-	xor	$acc06,$acc06,$s2
-	xor	$acc07,$acc07,$s3
-___
-$code.=<<___;
-	rotrwi	$s0,$s0,8		# = ROTATE(r0,8)
-	rotrwi	$s1,$s1,8
-	xor	$s0,$s0,$acc00		# ^= r2^r0
-	rotrwi	$s2,$s2,8
-	xor	$s1,$s1,$acc01
-	rotrwi	$s3,$s3,8
-	xor	$s2,$s2,$acc02
-	xor	$s3,$s3,$acc03
-	xor	$acc00,$acc00,$acc08
-	xor	$acc01,$acc01,$acc09
-	xor	$acc02,$acc02,$acc10
-	xor	$acc03,$acc03,$acc11
-	xor	$s0,$s0,$acc04		# ^= r4^r0
-	rotrwi	$acc00,$acc00,24
-	xor	$s1,$s1,$acc05
-	rotrwi	$acc01,$acc01,24
-	xor	$s2,$s2,$acc06
-	rotrwi	$acc02,$acc02,24
-	xor	$s3,$s3,$acc07
-	rotrwi	$acc03,$acc03,24
-	xor	$acc04,$acc04,$acc08
-	xor	$acc05,$acc05,$acc09
-	xor	$acc06,$acc06,$acc10
-	xor	$acc07,$acc07,$acc11
-	xor	$s0,$s0,$acc08		# ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)]
-	rotrwi	$acc04,$acc04,16
-	xor	$s1,$s1,$acc09
-	rotrwi	$acc05,$acc05,16
-	xor	$s2,$s2,$acc10
-	rotrwi	$acc06,$acc06,16
-	xor	$s3,$s3,$acc11
-	rotrwi	$acc07,$acc07,16
-	xor	$s0,$s0,$acc00		# ^= ROTATE(r8^r2^r0,24)
-	rotrwi	$acc08,$acc08,8
-	xor	$s1,$s1,$acc01
-	rotrwi	$acc09,$acc09,8
-	xor	$s2,$s2,$acc02
-	rotrwi	$acc10,$acc10,8
-	xor	$s3,$s3,$acc03
-	rotrwi	$acc11,$acc11,8
-	xor	$s0,$s0,$acc04		# ^= ROTATE(r8^r4^r0,16)
-	xor	$s1,$s1,$acc05
-	xor	$s2,$s2,$acc06
-	xor	$s3,$s3,$acc07
-	xor	$s0,$s0,$acc08		# ^= ROTATE(r8,8)	
-	xor	$s1,$s1,$acc09	
-	xor	$s2,$s2,$acc10	
-	xor	$s3,$s3,$acc11	
-
-	b	Ldec_compact_loop
-.align	4
-Ldec_compact_done:
-	xor	$s0,$s0,$t0
-	xor	$s1,$s1,$t1
-	xor	$s2,$s2,$t2
-	xor	$s3,$s3,$t3
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-
-.asciz	"AES for PPC, CRYPTOGAMS by <appro\@openssl.org>"
-.align	7
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/aes-s390x.pl b/lib/libssl/src/crypto/aes/asm/aes-s390x.pl
deleted file mode 100644
index 71d5b55077f..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-s390x.pl
+++ /dev/null
@@ -1,2237 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# AES for s390x.
-
-# April 2007.
-#
-# Software performance improvement over gcc-generated code is ~70% and
-# in absolute terms is ~73 cycles per byte processed with 128-bit key.
-# You're likely to exclaim "why so slow?" Keep in mind that z-CPUs are
-# *strictly* in-order execution and issued instruction [in this case
-# load value from memory is critical] has to complete before execution
-# flow proceeds. S-boxes are compressed to 2KB[+256B].
-#
-# As for hardware acceleration support. It's basically a "teaser," as
-# it can and should be improved in several ways. Most notably support
-# for CBC is not utilized, nor multiple blocks are ever processed.
-# Then software key schedule can be postponed till hardware support
-# detection... Performance improvement over assembler is reportedly
-# ~2.5x, but can reach >8x [naturally on larger chunks] if proper
-# support is implemented.
-
-# May 2007.
-#
-# Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
-# for 128-bit keys, if hardware support is detected.
-
-# Januray 2009.
-#
-# Add support for hardware AES192/256 and reschedule instructions to
-# minimize/avoid Address Generation Interlock hazard and to favour
-# dual-issue z10 pipeline. This gave ~25% improvement on z10 and
-# almost 50% on z9. The gain is smaller on z10, because being dual-
-# issue z10 makes it improssible to eliminate the interlock condition:
-# critial path is not long enough. Yet it spends ~24 cycles per byte
-# processed with 128-bit key.
-#
-# Unlike previous version hardware support detection takes place only
-# at the moment of key schedule setup, which is denoted in key->rounds.
-# This is done, because deferred key setup can't be made MT-safe, not
-# for keys longer than 128 bits.
-#
-# Add AES_cbc_encrypt, which gives incredible performance improvement,
-# it was measured to be ~6.6x. It's less than previously mentioned 8x,
-# because software implementation was optimized.
-
-# May 2010.
-#
-# Add AES_ctr32_encrypt. If hardware-assisted, it provides up to 4.3x
-# performance improvement over "generic" counter mode routine relying
-# on single-block, also hardware-assisted, AES_encrypt. "Up to" refers
-# to the fact that exact throughput value depends on current stack
-# frame alignment within 4KB page. In worst case you get ~75% of the
-# maximum, but *on average* it would be as much as ~98%. Meaning that
-# worst case is unlike, it's like hitting ravine on plateau.
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific. On z990 it was measured to perform
-# 2x better than code generated by gcc 4.3.
-
-# December 2010.
-#
-# Add support for z196 "cipher message with counter" instruction.
-# Note however that it's disengaged, because it was measured to
-# perform ~12% worse than vanilla km-based code...
-
-# February 2011.
-#
-# Add AES_xts_[en|de]crypt. This includes support for z196 km-xts-aes
-# instructions, which deliver ~70% improvement at 8KB block size over
-# vanilla km-based code, 37% - at most like 512-bytes block size.
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$softonly=0;	# allow hardware support
-
-$t0="%r0";	$mask="%r0";
-$t1="%r1";
-$t2="%r2";	$inp="%r2";
-$t3="%r3";	$out="%r3";	$bits="%r3";
-$key="%r4";
-$i1="%r5";
-$i2="%r6";
-$i3="%r7";
-$s0="%r8";
-$s1="%r9";
-$s2="%r10";
-$s3="%r11";
-$tbl="%r12";
-$rounds="%r13";
-$ra="%r14";
-$sp="%r15";
-
-$stdframe=16*$SIZE_T+4*8;
-
-sub _data_word()
-{ my $i;
-    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
-}
-
-$code=<<___;
-.text
-
-.type	AES_Te,\@object
-.align	256
-AES_Te:
-___
-&_data_word(
-	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
-	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
-	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
-	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
-	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
-	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
-	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
-	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
-	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
-	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
-	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
-	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
-	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
-	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
-	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
-	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
-	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
-	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
-	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
-	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
-	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
-	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
-	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
-	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
-	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
-	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
-	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
-	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
-	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
-	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
-	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
-	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
-	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
-	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
-	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
-	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
-	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
-	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
-	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
-	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
-	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
-	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
-	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
-$code.=<<___;
-# Te4[256]
-.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-# rcon[]
-.long	0x01000000, 0x02000000, 0x04000000, 0x08000000
-.long	0x10000000, 0x20000000, 0x40000000, 0x80000000
-.long	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
-.align	256
-.size	AES_Te,.-AES_Te
-
-# void AES_encrypt(const unsigned char *inp, unsigned char *out,
-# 		 const AES_KEY *key) {
-.globl	AES_encrypt
-.type	AES_encrypt,\@function
-AES_encrypt:
-___
-$code.=<<___ if (!$softonly);
-	l	%r0,240($key)
-	lhi	%r1,16
-	clr	%r0,%r1
-	jl	.Lesoft
-
-	la	%r1,0($key)
-	#la	%r2,0($inp)
-	la	%r4,0($out)
-	lghi	%r3,16		# single block length
-	.long	0xb92e0042	# km %r4,%r2
-	brc	1,.-4		# can this happen?
-	br	%r14
-.align	64
-.Lesoft:
-___
-$code.=<<___;
-	stm${g}	%r3,$ra,3*$SIZE_T($sp)
-
-	llgf	$s0,0($inp)
-	llgf	$s1,4($inp)
-	llgf	$s2,8($inp)
-	llgf	$s3,12($inp)
-
-	larl	$tbl,AES_Te
-	bras	$ra,_s390x_AES_encrypt
-
-	l${g}	$out,3*$SIZE_T($sp)
-	st	$s0,0($out)
-	st	$s1,4($out)
-	st	$s2,8($out)
-	st	$s3,12($out)
-
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	br	$ra
-.size	AES_encrypt,.-AES_encrypt
-
-.type   _s390x_AES_encrypt,\@function
-.align	16
-_s390x_AES_encrypt:
-	st${g}	$ra,15*$SIZE_T($sp)
-	x	$s0,0($key)
-	x	$s1,4($key)
-	x	$s2,8($key)
-	x	$s3,12($key)
-	l	$rounds,240($key)
-	llill	$mask,`0xff<<3`
-	aghi	$rounds,-1
-	j	.Lenc_loop
-.align	16
-.Lenc_loop:
-	sllg	$t1,$s0,`0+3`
-	srlg	$t2,$s0,`8-3`
-	srlg	$t3,$s0,`16-3`
-	srl	$s0,`24-3`
-	nr	$s0,$mask
-	ngr	$t1,$mask
-	nr	$t2,$mask
-	nr	$t3,$mask
-
-	srlg	$i1,$s1,`16-3`	# i0
-	sllg	$i2,$s1,`0+3`
-	srlg	$i3,$s1,`8-3`
-	srl	$s1,`24-3`
-	nr	$i1,$mask
-	nr	$s1,$mask
-	ngr	$i2,$mask
-	nr	$i3,$mask
-
-	l	$s0,0($s0,$tbl)	# Te0[s0>>24]
-	l	$t1,1($t1,$tbl)	# Te3[s0>>0]
-	l	$t2,2($t2,$tbl) # Te2[s0>>8]
-	l	$t3,3($t3,$tbl)	# Te1[s0>>16]
-
-	x	$s0,3($i1,$tbl)	# Te1[s1>>16]
-	l	$s1,0($s1,$tbl)	# Te0[s1>>24]
-	x	$t2,1($i2,$tbl)	# Te3[s1>>0]
-	x	$t3,2($i3,$tbl)	# Te2[s1>>8]
-
-	srlg	$i1,$s2,`8-3`	# i0
-	srlg	$i2,$s2,`16-3`	# i1
-	nr	$i1,$mask
-	nr	$i2,$mask
-	sllg	$i3,$s2,`0+3`
-	srl	$s2,`24-3`
-	nr	$s2,$mask
-	ngr	$i3,$mask
-
-	xr	$s1,$t1
-	srlg	$ra,$s3,`8-3`	# i1
-	sllg	$t1,$s3,`0+3`	# i0
-	nr	$ra,$mask
-	la	$key,16($key)
-	ngr	$t1,$mask
-
-	x	$s0,2($i1,$tbl)	# Te2[s2>>8]
-	x	$s1,3($i2,$tbl)	# Te1[s2>>16]
-	l	$s2,0($s2,$tbl)	# Te0[s2>>24]
-	x	$t3,1($i3,$tbl)	# Te3[s2>>0]
-
-	srlg	$i3,$s3,`16-3`	# i2
-	xr	$s2,$t2
-	srl	$s3,`24-3`
-	nr	$i3,$mask
-	nr	$s3,$mask
-
-	x	$s0,0($key)
-	x	$s1,4($key)
-	x	$s2,8($key)
-	x	$t3,12($key)
-
-	x	$s0,1($t1,$tbl)	# Te3[s3>>0]
-	x	$s1,2($ra,$tbl)	# Te2[s3>>8]
-	x	$s2,3($i3,$tbl)	# Te1[s3>>16]
-	l	$s3,0($s3,$tbl)	# Te0[s3>>24]
-	xr	$s3,$t3
-
-	brct	$rounds,.Lenc_loop
-	.align	16
-
-	sllg	$t1,$s0,`0+3`
-	srlg	$t2,$s0,`8-3`
-	ngr	$t1,$mask
-	srlg	$t3,$s0,`16-3`
-	srl	$s0,`24-3`
-	nr	$s0,$mask
-	nr	$t2,$mask
-	nr	$t3,$mask
-
-	srlg	$i1,$s1,`16-3`	# i0
-	sllg	$i2,$s1,`0+3`
-	ngr	$i2,$mask
-	srlg	$i3,$s1,`8-3`
-	srl	$s1,`24-3`
-	nr	$i1,$mask
-	nr	$s1,$mask
-	nr	$i3,$mask
-
-	llgc	$s0,2($s0,$tbl)	# Te4[s0>>24]
-	llgc	$t1,2($t1,$tbl)	# Te4[s0>>0]
-	sll	$s0,24
-	llgc	$t2,2($t2,$tbl)	# Te4[s0>>8]
-	llgc	$t3,2($t3,$tbl)	# Te4[s0>>16]
-	sll	$t2,8
-	sll	$t3,16
-
-	llgc	$i1,2($i1,$tbl)	# Te4[s1>>16]
-	llgc	$s1,2($s1,$tbl)	# Te4[s1>>24]
-	llgc	$i2,2($i2,$tbl)	# Te4[s1>>0]
-	llgc	$i3,2($i3,$tbl)	# Te4[s1>>8]
-	sll	$i1,16
-	sll	$s1,24
-	sll	$i3,8
-	or	$s0,$i1
-	or	$s1,$t1
-	or	$t2,$i2
-	or	$t3,$i3
-	
-	srlg	$i1,$s2,`8-3`	# i0
-	srlg	$i2,$s2,`16-3`	# i1
-	nr	$i1,$mask
-	nr	$i2,$mask
-	sllg	$i3,$s2,`0+3`
-	srl	$s2,`24-3`
-	ngr	$i3,$mask
-	nr	$s2,$mask
-
-	sllg	$t1,$s3,`0+3`	# i0
-	srlg	$ra,$s3,`8-3`	# i1
-	ngr	$t1,$mask
-
-	llgc	$i1,2($i1,$tbl)	# Te4[s2>>8]
-	llgc	$i2,2($i2,$tbl)	# Te4[s2>>16]
-	sll	$i1,8
-	llgc	$s2,2($s2,$tbl)	# Te4[s2>>24]
-	llgc	$i3,2($i3,$tbl)	# Te4[s2>>0]
-	sll	$i2,16
-	nr	$ra,$mask
-	sll	$s2,24
-	or	$s0,$i1
-	or	$s1,$i2
-	or	$s2,$t2
-	or	$t3,$i3
-
-	srlg	$i3,$s3,`16-3`	# i2
-	srl	$s3,`24-3`
-	nr	$i3,$mask
-	nr	$s3,$mask
-
-	l	$t0,16($key)
-	l	$t2,20($key)
-
-	llgc	$i1,2($t1,$tbl)	# Te4[s3>>0]
-	llgc	$i2,2($ra,$tbl)	# Te4[s3>>8]
-	llgc	$i3,2($i3,$tbl)	# Te4[s3>>16]
-	llgc	$s3,2($s3,$tbl)	# Te4[s3>>24]
-	sll	$i2,8
-	sll	$i3,16
-	sll	$s3,24
-	or	$s0,$i1
-	or	$s1,$i2
-	or	$s2,$i3
-	or	$s3,$t3
-
-	l${g}	$ra,15*$SIZE_T($sp)
-	xr	$s0,$t0
-	xr	$s1,$t2
-	x	$s2,24($key)
-	x	$s3,28($key)
-
-	br	$ra	
-.size	_s390x_AES_encrypt,.-_s390x_AES_encrypt
-___
-
-$code.=<<___;
-.type	AES_Td,\@object
-.align	256
-AES_Td:
-___
-&_data_word(
-	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
-	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
-	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
-	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
-	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
-	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
-	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
-	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
-	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
-	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
-	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
-	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
-	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
-	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
-	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
-	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
-	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
-	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
-	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
-	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
-	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
-	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
-	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
-	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
-	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
-	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
-	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
-	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
-	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
-	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
-	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
-	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
-	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
-	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
-	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
-	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
-	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
-	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
-	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
-	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
-	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
-	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
-	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
-$code.=<<___;
-# Td4[256]
-.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-.size	AES_Td,.-AES_Td
-
-# void AES_decrypt(const unsigned char *inp, unsigned char *out,
-# 		 const AES_KEY *key) {
-.globl	AES_decrypt
-.type	AES_decrypt,\@function
-AES_decrypt:
-___
-$code.=<<___ if (!$softonly);
-	l	%r0,240($key)
-	lhi	%r1,16
-	clr	%r0,%r1
-	jl	.Ldsoft
-
-	la	%r1,0($key)
-	#la	%r2,0($inp)
-	la	%r4,0($out)
-	lghi	%r3,16		# single block length
-	.long	0xb92e0042	# km %r4,%r2
-	brc	1,.-4		# can this happen?
-	br	%r14
-.align	64
-.Ldsoft:
-___
-$code.=<<___;
-	stm${g}	%r3,$ra,3*$SIZE_T($sp)
-
-	llgf	$s0,0($inp)
-	llgf	$s1,4($inp)
-	llgf	$s2,8($inp)
-	llgf	$s3,12($inp)
-
-	larl	$tbl,AES_Td
-	bras	$ra,_s390x_AES_decrypt
-
-	l${g}	$out,3*$SIZE_T($sp)
-	st	$s0,0($out)
-	st	$s1,4($out)
-	st	$s2,8($out)
-	st	$s3,12($out)
-
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	br	$ra
-.size	AES_decrypt,.-AES_decrypt
-
-.type   _s390x_AES_decrypt,\@function
-.align	16
-_s390x_AES_decrypt:
-	st${g}	$ra,15*$SIZE_T($sp)
-	x	$s0,0($key)
-	x	$s1,4($key)
-	x	$s2,8($key)
-	x	$s3,12($key)
-	l	$rounds,240($key)
-	llill	$mask,`0xff<<3`
-	aghi	$rounds,-1
-	j	.Ldec_loop
-.align	16
-.Ldec_loop:
-	srlg	$t1,$s0,`16-3`
-	srlg	$t2,$s0,`8-3`
-	sllg	$t3,$s0,`0+3`
-	srl	$s0,`24-3`
-	nr	$s0,$mask
-	nr	$t1,$mask
-	nr	$t2,$mask
-	ngr	$t3,$mask
-
-	sllg	$i1,$s1,`0+3`	# i0
-	srlg	$i2,$s1,`16-3`
-	srlg	$i3,$s1,`8-3`
-	srl	$s1,`24-3`
-	ngr	$i1,$mask
-	nr	$s1,$mask
-	nr	$i2,$mask
-	nr	$i3,$mask
-
-	l	$s0,0($s0,$tbl)	# Td0[s0>>24]
-	l	$t1,3($t1,$tbl)	# Td1[s0>>16]
-	l	$t2,2($t2,$tbl)	# Td2[s0>>8]
-	l	$t3,1($t3,$tbl)	# Td3[s0>>0]
-
-	x	$s0,1($i1,$tbl)	# Td3[s1>>0]
-	l	$s1,0($s1,$tbl)	# Td0[s1>>24]
-	x	$t2,3($i2,$tbl)	# Td1[s1>>16]
-	x	$t3,2($i3,$tbl)	# Td2[s1>>8]
-
-	srlg	$i1,$s2,`8-3`	# i0
-	sllg	$i2,$s2,`0+3`	# i1
-	srlg	$i3,$s2,`16-3`
-	srl	$s2,`24-3`
-	nr	$i1,$mask
-	ngr	$i2,$mask
-	nr	$s2,$mask
-	nr	$i3,$mask
-
-	xr	$s1,$t1
-	srlg	$ra,$s3,`8-3`	# i1
-	srlg	$t1,$s3,`16-3`	# i0
-	nr	$ra,$mask
-	la	$key,16($key)
-	nr	$t1,$mask
-
-	x	$s0,2($i1,$tbl)	# Td2[s2>>8]
-	x	$s1,1($i2,$tbl)	# Td3[s2>>0]
-	l	$s2,0($s2,$tbl)	# Td0[s2>>24]
-	x	$t3,3($i3,$tbl)	# Td1[s2>>16]
-
-	sllg	$i3,$s3,`0+3`	# i2
-	srl	$s3,`24-3`
-	ngr	$i3,$mask
-	nr	$s3,$mask
-
-	xr	$s2,$t2
-	x	$s0,0($key)
-	x	$s1,4($key)
-	x	$s2,8($key)
-	x	$t3,12($key)
-
-	x	$s0,3($t1,$tbl)	# Td1[s3>>16]
-	x	$s1,2($ra,$tbl)	# Td2[s3>>8]
-	x	$s2,1($i3,$tbl)	# Td3[s3>>0]
-	l	$s3,0($s3,$tbl)	# Td0[s3>>24]
-	xr	$s3,$t3
-
-	brct	$rounds,.Ldec_loop
-	.align	16
-
-	l	$t1,`2048+0`($tbl)	# prefetch Td4
-	l	$t2,`2048+64`($tbl)
-	l	$t3,`2048+128`($tbl)
-	l	$i1,`2048+192`($tbl)
-	llill	$mask,0xff
-
-	srlg	$i3,$s0,24	# i0
-	srlg	$t1,$s0,16
-	srlg	$t2,$s0,8
-	nr	$s0,$mask	# i3
-	nr	$t1,$mask
-
-	srlg	$i1,$s1,24
-	nr	$t2,$mask
-	srlg	$i2,$s1,16
-	srlg	$ra,$s1,8
-	nr	$s1,$mask	# i0
-	nr	$i2,$mask
-	nr	$ra,$mask
-
-	llgc	$i3,2048($i3,$tbl)	# Td4[s0>>24]
-	llgc	$t1,2048($t1,$tbl)	# Td4[s0>>16]
-	llgc	$t2,2048($t2,$tbl)	# Td4[s0>>8]
-	sll	$t1,16
-	llgc	$t3,2048($s0,$tbl)	# Td4[s0>>0]
-	sllg	$s0,$i3,24
-	sll	$t2,8
-
-	llgc	$s1,2048($s1,$tbl)	# Td4[s1>>0]
-	llgc	$i1,2048($i1,$tbl)	# Td4[s1>>24]
-	llgc	$i2,2048($i2,$tbl)	# Td4[s1>>16]
-	sll	$i1,24
-	llgc	$i3,2048($ra,$tbl)	# Td4[s1>>8]
-	sll	$i2,16
-	sll	$i3,8
-	or	$s0,$s1
-	or	$t1,$i1
-	or	$t2,$i2
-	or	$t3,$i3
-
-	srlg	$i1,$s2,8	# i0
-	srlg	$i2,$s2,24
-	srlg	$i3,$s2,16
-	nr	$s2,$mask	# i1
-	nr	$i1,$mask
-	nr	$i3,$mask
-	llgc	$i1,2048($i1,$tbl)	# Td4[s2>>8]
-	llgc	$s1,2048($s2,$tbl)	# Td4[s2>>0]
-	llgc	$i2,2048($i2,$tbl)	# Td4[s2>>24]
-	llgc	$i3,2048($i3,$tbl)	# Td4[s2>>16]
-	sll	$i1,8
-	sll	$i2,24
-	or	$s0,$i1
-	sll	$i3,16
-	or	$t2,$i2
-	or	$t3,$i3
-
-	srlg	$i1,$s3,16	# i0
-	srlg	$i2,$s3,8	# i1
-	srlg	$i3,$s3,24
-	nr	$s3,$mask	# i2
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-	l${g}	$ra,15*$SIZE_T($sp)
-	or	$s1,$t1
-	l	$t0,16($key)
-	l	$t1,20($key)
-
-	llgc	$i1,2048($i1,$tbl)	# Td4[s3>>16]
-	llgc	$i2,2048($i2,$tbl)	# Td4[s3>>8]
-	sll	$i1,16
-	llgc	$s2,2048($s3,$tbl)	# Td4[s3>>0]
-	llgc	$s3,2048($i3,$tbl)	# Td4[s3>>24]
-	sll	$i2,8
-	sll	$s3,24
-	or	$s0,$i1
-	or	$s1,$i2
-	or	$s2,$t2
-	or	$s3,$t3
-
-	xr	$s0,$t0
-	xr	$s1,$t1
-	x	$s2,24($key)
-	x	$s3,28($key)
-
-	br	$ra	
-.size	_s390x_AES_decrypt,.-_s390x_AES_decrypt
-___
-
-$code.=<<___;
-# void AES_set_encrypt_key(const unsigned char *in, int bits,
-# 		 AES_KEY *key) {
-.globl	AES_set_encrypt_key
-.type	AES_set_encrypt_key,\@function
-.align	16
-AES_set_encrypt_key:
-_s390x_AES_set_encrypt_key:
-	lghi	$t0,0
-	cl${g}r	$inp,$t0
-	je	.Lminus1
-	cl${g}r	$key,$t0
-	je	.Lminus1
-
-	lghi	$t0,128
-	clr	$bits,$t0
-	je	.Lproceed
-	lghi	$t0,192
-	clr	$bits,$t0
-	je	.Lproceed
-	lghi	$t0,256
-	clr	$bits,$t0
-	je	.Lproceed
-	lghi	%r2,-2
-	br	%r14
-
-.align	16
-.Lproceed:
-___
-$code.=<<___ if (!$softonly);
-	# convert bits to km code, [128,192,256]->[18,19,20]
-	lhi	%r5,-128
-	lhi	%r0,18
-	ar	%r5,$bits
-	srl	%r5,6
-	ar	%r5,%r0
-
-	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lekey_internal
-
-	lghi	%r0,0		# query capability vector
-	la	%r1,16($sp)
-	.long	0xb92f0042	# kmc %r4,%r2
-
-	llihh	%r1,0x8000
-	srlg	%r1,%r1,0(%r5)
-	ng	%r1,16($sp)
-	jz	.Lekey_internal
-
-	lmg	%r0,%r1,0($inp)	# just copy 128 bits...
-	stmg	%r0,%r1,0($key)
-	lhi	%r0,192
-	cr	$bits,%r0
-	jl	1f
-	lg	%r1,16($inp)
-	stg	%r1,16($key)
-	je	1f
-	lg	%r1,24($inp)
-	stg	%r1,24($key)
-1:	st	$bits,236($key)	# save bits [for debugging purposes]
-	lgr	$t0,%r5
-	st	%r5,240($key)	# save km code
-	lghi	%r2,0
-	br	%r14
-___
-$code.=<<___;
-.align	16
-.Lekey_internal:
-	stm${g}	%r4,%r13,4*$SIZE_T($sp)	# all non-volatile regs and $key
-
-	larl	$tbl,AES_Te+2048
-
-	llgf	$s0,0($inp)
-	llgf	$s1,4($inp)
-	llgf	$s2,8($inp)
-	llgf	$s3,12($inp)
-	st	$s0,0($key)
-	st	$s1,4($key)
-	st	$s2,8($key)
-	st	$s3,12($key)
-	lghi	$t0,128
-	cr	$bits,$t0
-	jne	.Lnot128
-
-	llill	$mask,0xff
-	lghi	$t3,0			# i=0
-	lghi	$rounds,10
-	st	$rounds,240($key)
-
-	llgfr	$t2,$s3			# temp=rk[3]
-	srlg	$i1,$s3,8
-	srlg	$i2,$s3,16
-	srlg	$i3,$s3,24
-	nr	$t2,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-.align	16
-.L128_loop:
-	la	$t2,0($t2,$tbl)
-	la	$i1,0($i1,$tbl)
-	la	$i2,0($i2,$tbl)
-	la	$i3,0($i3,$tbl)
-	icm	$t2,2,0($t2)		# Te4[rk[3]>>0]<<8
-	icm	$t2,4,0($i1)		# Te4[rk[3]>>8]<<16
-	icm	$t2,8,0($i2)		# Te4[rk[3]>>16]<<24
-	icm	$t2,1,0($i3)		# Te4[rk[3]>>24]
-	x	$t2,256($t3,$tbl)	# rcon[i]
-	xr	$s0,$t2			# rk[4]=rk[0]^...
-	xr	$s1,$s0			# rk[5]=rk[1]^rk[4]
-	xr	$s2,$s1			# rk[6]=rk[2]^rk[5]
-	xr	$s3,$s2			# rk[7]=rk[3]^rk[6]
-
-	llgfr	$t2,$s3			# temp=rk[3]
-	srlg	$i1,$s3,8
-	srlg	$i2,$s3,16
-	nr	$t2,$mask
-	nr	$i1,$mask
-	srlg	$i3,$s3,24
-	nr	$i2,$mask
-
-	st	$s0,16($key)
-	st	$s1,20($key)
-	st	$s2,24($key)
-	st	$s3,28($key)
-	la	$key,16($key)		# key+=4
-	la	$t3,4($t3)		# i++
-	brct	$rounds,.L128_loop
-	lghi	$t0,10
-	lghi	%r2,0
-	lm${g}	%r4,%r13,4*$SIZE_T($sp)
-	br	$ra
-
-.align	16
-.Lnot128:
-	llgf	$t0,16($inp)
-	llgf	$t1,20($inp)
-	st	$t0,16($key)
-	st	$t1,20($key)
-	lghi	$t0,192
-	cr	$bits,$t0
-	jne	.Lnot192
-
-	llill	$mask,0xff
-	lghi	$t3,0			# i=0
-	lghi	$rounds,12
-	st	$rounds,240($key)
-	lghi	$rounds,8
-
-	srlg	$i1,$t1,8
-	srlg	$i2,$t1,16
-	srlg	$i3,$t1,24
-	nr	$t1,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-.align	16
-.L192_loop:
-	la	$t1,0($t1,$tbl)
-	la	$i1,0($i1,$tbl)
-	la	$i2,0($i2,$tbl)
-	la	$i3,0($i3,$tbl)
-	icm	$t1,2,0($t1)		# Te4[rk[5]>>0]<<8
-	icm	$t1,4,0($i1)		# Te4[rk[5]>>8]<<16
-	icm	$t1,8,0($i2)		# Te4[rk[5]>>16]<<24
-	icm	$t1,1,0($i3)		# Te4[rk[5]>>24]
-	x	$t1,256($t3,$tbl)	# rcon[i]
-	xr	$s0,$t1			# rk[6]=rk[0]^...
-	xr	$s1,$s0			# rk[7]=rk[1]^rk[6]
-	xr	$s2,$s1			# rk[8]=rk[2]^rk[7]
-	xr	$s3,$s2			# rk[9]=rk[3]^rk[8]
-
-	st	$s0,24($key)
-	st	$s1,28($key)
-	st	$s2,32($key)
-	st	$s3,36($key)
-	brct	$rounds,.L192_continue
-	lghi	$t0,12
-	lghi	%r2,0
-	lm${g}	%r4,%r13,4*$SIZE_T($sp)
-	br	$ra
-
-.align	16
-.L192_continue:
-	lgr	$t1,$s3
-	x	$t1,16($key)		# rk[10]=rk[4]^rk[9]
-	st	$t1,40($key)
-	x	$t1,20($key)		# rk[11]=rk[5]^rk[10]
-	st	$t1,44($key)
-
-	srlg	$i1,$t1,8
-	srlg	$i2,$t1,16
-	srlg	$i3,$t1,24
-	nr	$t1,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-	la	$key,24($key)		# key+=6
-	la	$t3,4($t3)		# i++
-	j	.L192_loop
-
-.align	16
-.Lnot192:
-	llgf	$t0,24($inp)
-	llgf	$t1,28($inp)
-	st	$t0,24($key)
-	st	$t1,28($key)
-	llill	$mask,0xff
-	lghi	$t3,0			# i=0
-	lghi	$rounds,14
-	st	$rounds,240($key)
-	lghi	$rounds,7
-
-	srlg	$i1,$t1,8
-	srlg	$i2,$t1,16
-	srlg	$i3,$t1,24
-	nr	$t1,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-.align	16
-.L256_loop:
-	la	$t1,0($t1,$tbl)
-	la	$i1,0($i1,$tbl)
-	la	$i2,0($i2,$tbl)
-	la	$i3,0($i3,$tbl)
-	icm	$t1,2,0($t1)		# Te4[rk[7]>>0]<<8
-	icm	$t1,4,0($i1)		# Te4[rk[7]>>8]<<16
-	icm	$t1,8,0($i2)		# Te4[rk[7]>>16]<<24
-	icm	$t1,1,0($i3)		# Te4[rk[7]>>24]
-	x	$t1,256($t3,$tbl)	# rcon[i]
-	xr	$s0,$t1			# rk[8]=rk[0]^...
-	xr	$s1,$s0			# rk[9]=rk[1]^rk[8]
-	xr	$s2,$s1			# rk[10]=rk[2]^rk[9]
-	xr	$s3,$s2			# rk[11]=rk[3]^rk[10]
-	st	$s0,32($key)
-	st	$s1,36($key)
-	st	$s2,40($key)
-	st	$s3,44($key)
-	brct	$rounds,.L256_continue
-	lghi	$t0,14
-	lghi	%r2,0
-	lm${g}	%r4,%r13,4*$SIZE_T($sp)
-	br	$ra
-
-.align	16
-.L256_continue:
-	lgr	$t1,$s3			# temp=rk[11]
-	srlg	$i1,$s3,8
-	srlg	$i2,$s3,16
-	srlg	$i3,$s3,24
-	nr	$t1,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-	la	$t1,0($t1,$tbl)
-	la	$i1,0($i1,$tbl)
-	la	$i2,0($i2,$tbl)
-	la	$i3,0($i3,$tbl)
-	llgc	$t1,0($t1)		# Te4[rk[11]>>0]
-	icm	$t1,2,0($i1)		# Te4[rk[11]>>8]<<8
-	icm	$t1,4,0($i2)		# Te4[rk[11]>>16]<<16
-	icm	$t1,8,0($i3)		# Te4[rk[11]>>24]<<24
-	x	$t1,16($key)		# rk[12]=rk[4]^...
-	st	$t1,48($key)
-	x	$t1,20($key)		# rk[13]=rk[5]^rk[12]
-	st	$t1,52($key)
-	x	$t1,24($key)		# rk[14]=rk[6]^rk[13]
-	st	$t1,56($key)
-	x	$t1,28($key)		# rk[15]=rk[7]^rk[14]
-	st	$t1,60($key)
-
-	srlg	$i1,$t1,8
-	srlg	$i2,$t1,16
-	srlg	$i3,$t1,24
-	nr	$t1,$mask
-	nr	$i1,$mask
-	nr	$i2,$mask
-
-	la	$key,32($key)		# key+=8
-	la	$t3,4($t3)		# i++
-	j	.L256_loop
-
-.Lminus1:
-	lghi	%r2,-1
-	br	$ra
-.size	AES_set_encrypt_key,.-AES_set_encrypt_key
-
-# void AES_set_decrypt_key(const unsigned char *in, int bits,
-# 		 AES_KEY *key) {
-.globl	AES_set_decrypt_key
-.type	AES_set_decrypt_key,\@function
-.align	16
-AES_set_decrypt_key:
-	#st${g}	$key,4*$SIZE_T($sp)	# I rely on AES_set_encrypt_key to
-	st${g}	$ra,14*$SIZE_T($sp)	# save non-volatile registers and $key!
-	bras	$ra,_s390x_AES_set_encrypt_key
-	#l${g}	$key,4*$SIZE_T($sp)
-	l${g}	$ra,14*$SIZE_T($sp)
-	ltgr	%r2,%r2
-	bnzr	$ra
-___
-$code.=<<___ if (!$softonly);
-	#l	$t0,240($key)
-	lhi	$t1,16
-	cr	$t0,$t1
-	jl	.Lgo
-	oill	$t0,0x80	# set "decrypt" bit
-	st	$t0,240($key)
-	br	$ra
-___
-$code.=<<___;
-.align	16
-.Lgo:	lgr	$rounds,$t0	#llgf	$rounds,240($key)
-	la	$i1,0($key)
-	sllg	$i2,$rounds,4
-	la	$i2,0($i2,$key)
-	srl	$rounds,1
-	lghi	$t1,-16
-
-.align	16
-.Linv:	lmg	$s0,$s1,0($i1)
-	lmg	$s2,$s3,0($i2)
-	stmg	$s0,$s1,0($i2)
-	stmg	$s2,$s3,0($i1)
-	la	$i1,16($i1)
-	la	$i2,0($t1,$i2)
-	brct	$rounds,.Linv
-___
-$mask80=$i1;
-$mask1b=$i2;
-$maskfe=$i3;
-$code.=<<___;
-	llgf	$rounds,240($key)
-	aghi	$rounds,-1
-	sll	$rounds,2	# (rounds-1)*4
-	llilh	$mask80,0x8080
-	llilh	$mask1b,0x1b1b
-	llilh	$maskfe,0xfefe
-	oill	$mask80,0x8080
-	oill	$mask1b,0x1b1b
-	oill	$maskfe,0xfefe
-
-.align	16
-.Lmix:	l	$s0,16($key)	# tp1
-	lr	$s1,$s0
-	ngr	$s1,$mask80
-	srlg	$t1,$s1,7
-	slr	$s1,$t1
-	nr	$s1,$mask1b
-	sllg	$t1,$s0,1
-	nr	$t1,$maskfe
-	xr	$s1,$t1		# tp2
-
-	lr	$s2,$s1
-	ngr	$s2,$mask80
-	srlg	$t1,$s2,7
-	slr	$s2,$t1
-	nr	$s2,$mask1b
-	sllg	$t1,$s1,1
-	nr	$t1,$maskfe
-	xr	$s2,$t1		# tp4
-
-	lr	$s3,$s2
-	ngr	$s3,$mask80
-	srlg	$t1,$s3,7
-	slr	$s3,$t1
-	nr	$s3,$mask1b
-	sllg	$t1,$s2,1
-	nr	$t1,$maskfe
-	xr	$s3,$t1		# tp8
-
-	xr	$s1,$s0		# tp2^tp1
-	xr	$s2,$s0		# tp4^tp1
-	rll	$s0,$s0,24	# = ROTATE(tp1,8)
-	xr	$s2,$s3		# ^=tp8
-	xr	$s0,$s1		# ^=tp2^tp1
-	xr	$s1,$s3		# tp2^tp1^tp8
-	xr	$s0,$s2		# ^=tp4^tp1^tp8
-	rll	$s1,$s1,8
-	rll	$s2,$s2,16
-	xr	$s0,$s1		# ^= ROTATE(tp8^tp2^tp1,24)
-	rll	$s3,$s3,24
-	xr	$s0,$s2    	# ^= ROTATE(tp8^tp4^tp1,16)
-	xr	$s0,$s3		# ^= ROTATE(tp8,8)
-
-	st	$s0,16($key)
-	la	$key,4($key)
-	brct	$rounds,.Lmix
-
-	lm${g}	%r6,%r13,6*$SIZE_T($sp)# as was saved by AES_set_encrypt_key!
-	lghi	%r2,0
-	br	$ra
-.size	AES_set_decrypt_key,.-AES_set_decrypt_key
-___
-
-########################################################################
-# void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
-#                     size_t length, const AES_KEY *key,
-#                     unsigned char *ivec, const int enc)
-{
-my $inp="%r2";
-my $out="%r4";	# length and out are swapped
-my $len="%r3";
-my $key="%r5";
-my $ivp="%r6";
-
-$code.=<<___;
-.globl	AES_cbc_encrypt
-.type	AES_cbc_encrypt,\@function
-.align	16
-AES_cbc_encrypt:
-	xgr	%r3,%r4		# flip %r3 and %r4, out and len
-	xgr	%r4,%r3
-	xgr	%r3,%r4
-___
-$code.=<<___ if (!$softonly);
-	lhi	%r0,16
-	cl	%r0,240($key)
-	jh	.Lcbc_software
-
-	lg	%r0,0($ivp)	# copy ivec
-	lg	%r1,8($ivp)
-	stmg	%r0,%r1,16($sp)
-	lmg	%r0,%r1,0($key)	# copy key, cover 256 bit
-	stmg	%r0,%r1,32($sp)
-	lmg	%r0,%r1,16($key)
-	stmg	%r0,%r1,48($sp)
-	l	%r0,240($key)	# load kmc code
-	lghi	$key,15		# res=len%16, len-=res;
-	ngr	$key,$len
-	sl${g}r	$len,$key
-	la	%r1,16($sp)	# parameter block - ivec || key
-	jz	.Lkmc_truncated
-	.long	0xb92f0042	# kmc %r4,%r2
-	brc	1,.-4		# pay attention to "partial completion"
-	ltr	$key,$key
-	jnz	.Lkmc_truncated
-.Lkmc_done:
-	lmg	%r0,%r1,16($sp)	# copy ivec to caller
-	stg	%r0,0($ivp)
-	stg	%r1,8($ivp)
-	br	$ra
-.align	16
-.Lkmc_truncated:
-	ahi	$key,-1		# it's the way it's encoded in mvc
-	tmll	%r0,0x80
-	jnz	.Lkmc_truncated_dec
-	lghi	%r1,0
-	stg	%r1,16*$SIZE_T($sp)
-	stg	%r1,16*$SIZE_T+8($sp)
-	bras	%r1,1f
-	mvc	16*$SIZE_T(1,$sp),0($inp)
-1:	ex	$key,0(%r1)
-	la	%r1,16($sp)	# restore parameter block
-	la	$inp,16*$SIZE_T($sp)
-	lghi	$len,16
-	.long	0xb92f0042	# kmc %r4,%r2
-	j	.Lkmc_done
-.align	16
-.Lkmc_truncated_dec:
-	st${g}	$out,4*$SIZE_T($sp)
-	la	$out,16*$SIZE_T($sp)
-	lghi	$len,16
-	.long	0xb92f0042	# kmc %r4,%r2
-	l${g}	$out,4*$SIZE_T($sp)
-	bras	%r1,2f
-	mvc	0(1,$out),16*$SIZE_T($sp)
-2:	ex	$key,0(%r1)
-	j	.Lkmc_done
-.align	16
-.Lcbc_software:
-___
-$code.=<<___;
-	stm${g}	$key,$ra,5*$SIZE_T($sp)
-	lhi	%r0,0
-	cl	%r0,`$stdframe+$SIZE_T-4`($sp)
-	je	.Lcbc_decrypt
-
-	larl	$tbl,AES_Te
-
-	llgf	$s0,0($ivp)
-	llgf	$s1,4($ivp)
-	llgf	$s2,8($ivp)
-	llgf	$s3,12($ivp)
-
-	lghi	$t0,16
-	sl${g}r	$len,$t0
-	brc	4,.Lcbc_enc_tail	# if borrow
-.Lcbc_enc_loop:
-	stm${g}	$inp,$out,2*$SIZE_T($sp)
-	x	$s0,0($inp)
-	x	$s1,4($inp)
-	x	$s2,8($inp)
-	x	$s3,12($inp)
-	lgr	%r4,$key
-
-	bras	$ra,_s390x_AES_encrypt
-
-	lm${g}	$inp,$key,2*$SIZE_T($sp)
-	st	$s0,0($out)
-	st	$s1,4($out)
-	st	$s2,8($out)
-	st	$s3,12($out)
-
-	la	$inp,16($inp)
-	la	$out,16($out)
-	lghi	$t0,16
-	lt${g}r	$len,$len
-	jz	.Lcbc_enc_done
-	sl${g}r	$len,$t0
-	brc	4,.Lcbc_enc_tail	# if borrow
-	j	.Lcbc_enc_loop
-.align	16
-.Lcbc_enc_done:
-	l${g}	$ivp,6*$SIZE_T($sp)
-	st	$s0,0($ivp)
-	st	$s1,4($ivp)	
-	st	$s2,8($ivp)
-	st	$s3,12($ivp)
-
-	lm${g}	%r7,$ra,7*$SIZE_T($sp)
-	br	$ra
-
-.align	16
-.Lcbc_enc_tail:
-	aghi	$len,15
-	lghi	$t0,0
-	stg	$t0,16*$SIZE_T($sp)
-	stg	$t0,16*$SIZE_T+8($sp)
-	bras	$t1,3f
-	mvc	16*$SIZE_T(1,$sp),0($inp)
-3:	ex	$len,0($t1)
-	lghi	$len,0
-	la	$inp,16*$SIZE_T($sp)
-	j	.Lcbc_enc_loop
-
-.align	16
-.Lcbc_decrypt:
-	larl	$tbl,AES_Td
-
-	lg	$t0,0($ivp)
-	lg	$t1,8($ivp)
-	stmg	$t0,$t1,16*$SIZE_T($sp)
-
-.Lcbc_dec_loop:
-	stm${g}	$inp,$out,2*$SIZE_T($sp)
-	llgf	$s0,0($inp)
-	llgf	$s1,4($inp)
-	llgf	$s2,8($inp)
-	llgf	$s3,12($inp)
-	lgr	%r4,$key
-
-	bras	$ra,_s390x_AES_decrypt
-
-	lm${g}	$inp,$key,2*$SIZE_T($sp)
-	sllg	$s0,$s0,32
-	sllg	$s2,$s2,32
-	lr	$s0,$s1
-	lr	$s2,$s3
-
-	lg	$t0,0($inp)
-	lg	$t1,8($inp)
-	xg	$s0,16*$SIZE_T($sp)
-	xg	$s2,16*$SIZE_T+8($sp)
-	lghi	$s1,16
-	sl${g}r	$len,$s1
-	brc	4,.Lcbc_dec_tail	# if borrow
-	brc	2,.Lcbc_dec_done	# if zero
-	stg	$s0,0($out)
-	stg	$s2,8($out)
-	stmg	$t0,$t1,16*$SIZE_T($sp)
-
-	la	$inp,16($inp)
-	la	$out,16($out)
-	j	.Lcbc_dec_loop
-
-.Lcbc_dec_done:
-	stg	$s0,0($out)
-	stg	$s2,8($out)
-.Lcbc_dec_exit:
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	stmg	$t0,$t1,0($ivp)
-
-	br	$ra
-
-.align	16
-.Lcbc_dec_tail:
-	aghi	$len,15
-	stg	$s0,16*$SIZE_T($sp)
-	stg	$s2,16*$SIZE_T+8($sp)
-	bras	$s1,4f
-	mvc	0(1,$out),16*$SIZE_T($sp)
-4:	ex	$len,0($s1)
-	j	.Lcbc_dec_exit
-.size	AES_cbc_encrypt,.-AES_cbc_encrypt
-___
-}
-########################################################################
-# void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-#                     size_t blocks, const AES_KEY *key,
-#                     const unsigned char *ivec)
-{
-my $inp="%r2";
-my $out="%r4";	# blocks and out are swapped
-my $len="%r3";
-my $key="%r5";	my $iv0="%r5";
-my $ivp="%r6";
-my $fp ="%r7";
-
-$code.=<<___;
-.globl	AES_ctr32_encrypt
-.type	AES_ctr32_encrypt,\@function
-.align	16
-AES_ctr32_encrypt:
-	xgr	%r3,%r4		# flip %r3 and %r4, $out and $len
-	xgr	%r4,%r3
-	xgr	%r3,%r4
-	llgfr	$len,$len	# safe in ctr32 subroutine even in 64-bit case
-___
-$code.=<<___ if (!$softonly);
-	l	%r0,240($key)
-	lhi	%r1,16
-	clr	%r0,%r1
-	jl	.Lctr32_software
-
-	stm${g}	%r6,$s3,6*$SIZE_T($sp)
-
-	slgr	$out,$inp
-	la	%r1,0($key)	# %r1 is permanent copy of $key
-	lg	$iv0,0($ivp)	# load ivec
-	lg	$ivp,8($ivp)
-
-	# prepare and allocate stack frame at the top of 4K page
-	# with 1K reserved for eventual signal handling
-	lghi	$s0,-1024-256-16# guarantee at least 256-bytes buffer
-	lghi	$s1,-4096
-	algr	$s0,$sp
-	lgr	$fp,$sp
-	ngr	$s0,$s1		# align at page boundary
-	slgr	$fp,$s0		# total buffer size
-	lgr	$s2,$sp
-	lghi	$s1,1024+16	# sl[g]fi is extended-immediate facility
-	slgr	$fp,$s1		# deduct reservation to get usable buffer size
-	# buffer size is at lest 256 and at most 3072+256-16
-
-	la	$sp,1024($s0)	# alloca
-	srlg	$fp,$fp,4	# convert bytes to blocks, minimum 16
-	st${g}	$s2,0($sp)	# back-chain
-	st${g}	$fp,$SIZE_T($sp)
-
-	slgr	$len,$fp
-	brc	1,.Lctr32_hw_switch	# not zero, no borrow
-	algr	$fp,$len	# input is shorter than allocated buffer
-	lghi	$len,0
-	st${g}	$fp,$SIZE_T($sp)
-
-.Lctr32_hw_switch:
-___
-$code.=<<___ if (0);	######### kmctr code was measured to be ~12% slower
-	larl	$s0,OPENSSL_s390xcap_P
-	lg	$s0,8($s0)
-	tmhh	$s0,0x0004	# check for message_security-assist-4
-	jz	.Lctr32_km_loop
-
-	llgfr	$s0,%r0
-	lgr	$s1,%r1
-	lghi	%r0,0
-	la	%r1,16($sp)
-	.long	0xb92d2042	# kmctr %r4,%r2,%r2
-
-	llihh	%r0,0x8000	# check if kmctr supports the function code
-	srlg	%r0,%r0,0($s0)
-	ng	%r0,16($sp)
-	lgr	%r0,$s0
-	lgr	%r1,$s1
-	jz	.Lctr32_km_loop
-
-####### kmctr code
-	algr	$out,$inp	# restore $out
-	lgr	$s1,$len	# $s1 undertakes $len
-	j	.Lctr32_kmctr_loop
-.align	16
-.Lctr32_kmctr_loop:
-	la	$s2,16($sp)
-	lgr	$s3,$fp
-.Lctr32_kmctr_prepare:
-	stg	$iv0,0($s2)
-	stg	$ivp,8($s2)
-	la	$s2,16($s2)
-	ahi	$ivp,1		# 32-bit increment, preserves upper half
-	brct	$s3,.Lctr32_kmctr_prepare
-
-	#la	$inp,0($inp)	# inp
-	sllg	$len,$fp,4	# len
-	#la	$out,0($out)	# out
-	la	$s2,16($sp)	# iv
-	.long	0xb92da042	# kmctr $out,$s2,$inp
-	brc	1,.-4		# pay attention to "partial completion"
-
-	slgr	$s1,$fp
-	brc	1,.Lctr32_kmctr_loop	# not zero, no borrow
-	algr	$fp,$s1
-	lghi	$s1,0
-	brc	4+1,.Lctr32_kmctr_loop	# not zero
-
-	l${g}	$sp,0($sp)
-	lm${g}	%r6,$s3,6*$SIZE_T($sp)
-	br	$ra
-.align	16
-___
-$code.=<<___;
-.Lctr32_km_loop:
-	la	$s2,16($sp)
-	lgr	$s3,$fp
-.Lctr32_km_prepare:
-	stg	$iv0,0($s2)
-	stg	$ivp,8($s2)
-	la	$s2,16($s2)
-	ahi	$ivp,1		# 32-bit increment, preserves upper half
-	brct	$s3,.Lctr32_km_prepare
-
-	la	$s0,16($sp)	# inp
-	sllg	$s1,$fp,4	# len
-	la	$s2,16($sp)	# out
-	.long	0xb92e00a8	# km %r10,%r8
-	brc	1,.-4		# pay attention to "partial completion"
-
-	la	$s2,16($sp)
-	lgr	$s3,$fp
-	slgr	$s2,$inp
-.Lctr32_km_xor:
-	lg	$s0,0($inp)
-	lg	$s1,8($inp)
-	xg	$s0,0($s2,$inp)
-	xg	$s1,8($s2,$inp)
-	stg	$s0,0($out,$inp)
-	stg	$s1,8($out,$inp)
-	la	$inp,16($inp)
-	brct	$s3,.Lctr32_km_xor
-
-	slgr	$len,$fp
-	brc	1,.Lctr32_km_loop	# not zero, no borrow
-	algr	$fp,$len
-	lghi	$len,0
-	brc	4+1,.Lctr32_km_loop	# not zero
-
-	l${g}	$s0,0($sp)
-	l${g}	$s1,$SIZE_T($sp)
-	la	$s2,16($sp)
-.Lctr32_km_zap:
-	stg	$s0,0($s2)
-	stg	$s0,8($s2)
-	la	$s2,16($s2)
-	brct	$s1,.Lctr32_km_zap
-
-	la	$sp,0($s0)
-	lm${g}	%r6,$s3,6*$SIZE_T($sp)
-	br	$ra
-.align	16
-.Lctr32_software:
-___
-$code.=<<___;
-	stm${g}	$key,$ra,5*$SIZE_T($sp)
-	sl${g}r	$inp,$out
-	larl	$tbl,AES_Te
-	llgf	$t1,12($ivp)
-
-.Lctr32_loop:
-	stm${g}	$inp,$out,2*$SIZE_T($sp)
-	llgf	$s0,0($ivp)
-	llgf	$s1,4($ivp)
-	llgf	$s2,8($ivp)
-	lgr	$s3,$t1
-	st	$t1,16*$SIZE_T($sp)
-	lgr	%r4,$key
-
-	bras	$ra,_s390x_AES_encrypt
-
-	lm${g}	$inp,$ivp,2*$SIZE_T($sp)
-	llgf	$t1,16*$SIZE_T($sp)
-	x	$s0,0($inp,$out)
-	x	$s1,4($inp,$out)
-	x	$s2,8($inp,$out)
-	x	$s3,12($inp,$out)
-	stm	$s0,$s3,0($out)
-
-	la	$out,16($out)
-	ahi	$t1,1		# 32-bit increment
-	brct	$len,.Lctr32_loop
-
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	br	$ra
-.size	AES_ctr32_encrypt,.-AES_ctr32_encrypt
-___
-}
-
-########################################################################
-# void AES_xts_encrypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2,
-#	const unsigned char iv[16]);
-#
-{
-my $inp="%r2";
-my $out="%r4";	# len and out are swapped
-my $len="%r3";
-my $key1="%r5";	# $i1
-my $key2="%r6";	# $i2
-my $fp="%r7";	# $i3
-my $tweak=16*$SIZE_T+16;	# or $stdframe-16, bottom of the frame...
-
-$code.=<<___;
-.type	_s390x_xts_km,\@function
-.align	16
-_s390x_xts_km:
-___
-$code.=<<___ if(1);
-	llgfr	$s0,%r0			# put aside the function code
-	lghi	$s1,0x7f
-	nr	$s1,%r0
-	lghi	%r0,0			# query capability vector
-	la	%r1,$tweak-16($sp)
-	.long	0xb92e0042		# km %r4,%r2
-	llihh	%r1,0x8000
-	srlg	%r1,%r1,32($s1)		# check for 32+function code
-	ng	%r1,$tweak-16($sp)
-	lgr	%r0,$s0			# restore the function code
-	la	%r1,0($key1)		# restore $key1
-	jz	.Lxts_km_vanilla
-
-	lmg	$i2,$i3,$tweak($sp)	# put aside the tweak value
-	algr	$out,$inp
-
-	oill	%r0,32			# switch to xts function code
-	aghi	$s1,-18			#
-	sllg	$s1,$s1,3		# (function code - 18)*8, 0 or 16
-	la	%r1,$tweak-16($sp)
-	slgr	%r1,$s1			# parameter block position
-	lmg	$s0,$s3,0($key1)	# load 256 bits of key material,
-	stmg	$s0,$s3,0(%r1)		# and copy it to parameter block.
-					# yes, it contains junk and overlaps
-					# with the tweak in 128-bit case.
-					# it's done to avoid conditional
-					# branch.
-	stmg	$i2,$i3,$tweak($sp)	# "re-seat" the tweak value
-
-	.long	0xb92e0042		# km %r4,%r2
-	brc	1,.-4			# pay attention to "partial completion"
-
-	lrvg	$s0,$tweak+0($sp)	# load the last tweak
-	lrvg	$s1,$tweak+8($sp)
-	stmg	%r0,%r3,$tweak-32($sp)	# wipe copy of the key
-
-	nill	%r0,0xffdf		# switch back to original function code
-	la	%r1,0($key1)		# restore pointer to $key1
-	slgr	$out,$inp
-
-	llgc	$len,2*$SIZE_T-1($sp)
-	nill	$len,0x0f		# $len%=16
-	br	$ra
-	
-.align	16
-.Lxts_km_vanilla:
-___
-$code.=<<___;
-	# prepare and allocate stack frame at the top of 4K page
-	# with 1K reserved for eventual signal handling
-	lghi	$s0,-1024-256-16# guarantee at least 256-bytes buffer
-	lghi	$s1,-4096
-	algr	$s0,$sp
-	lgr	$fp,$sp
-	ngr	$s0,$s1		# align at page boundary
-	slgr	$fp,$s0		# total buffer size
-	lgr	$s2,$sp
-	lghi	$s1,1024+16	# sl[g]fi is extended-immediate facility
-	slgr	$fp,$s1		# deduct reservation to get usable buffer size
-	# buffer size is at lest 256 and at most 3072+256-16
-
-	la	$sp,1024($s0)	# alloca
-	nill	$fp,0xfff0	# round to 16*n
-	st${g}	$s2,0($sp)	# back-chain
-	nill	$len,0xfff0	# redundant
-	st${g}	$fp,$SIZE_T($sp)
-
-	slgr	$len,$fp
-	brc	1,.Lxts_km_go	# not zero, no borrow
-	algr	$fp,$len	# input is shorter than allocated buffer
-	lghi	$len,0
-	st${g}	$fp,$SIZE_T($sp)
-
-.Lxts_km_go:
-	lrvg	$s0,$tweak+0($s2)	# load the tweak value in little-endian
-	lrvg	$s1,$tweak+8($s2)
-
-	la	$s2,16($sp)		# vector of ascending tweak values
-	slgr	$s2,$inp
-	srlg	$s3,$fp,4
-	j	.Lxts_km_start
-
-.Lxts_km_loop:
-	la	$s2,16($sp)
-	slgr	$s2,$inp
-	srlg	$s3,$fp,4
-.Lxts_km_prepare:
-	lghi	$i1,0x87
-	srag	$i2,$s1,63		# broadcast upper bit
-	ngr	$i1,$i2			# rem
-	algr	$s0,$s0
-	alcgr	$s1,$s1
-	xgr	$s0,$i1
-.Lxts_km_start:
-	lrvgr	$i1,$s0			# flip byte order
-	lrvgr	$i2,$s1
-	stg	$i1,0($s2,$inp)
-	stg	$i2,8($s2,$inp)
-	xg	$i1,0($inp)
-	xg	$i2,8($inp)
-	stg	$i1,0($out,$inp)
-	stg	$i2,8($out,$inp)
-	la	$inp,16($inp)
-	brct	$s3,.Lxts_km_prepare
-
-	slgr	$inp,$fp		# rewind $inp
-	la	$s2,0($out,$inp)
-	lgr	$s3,$fp
-	.long	0xb92e00aa		# km $s2,$s2
-	brc	1,.-4			# pay attention to "partial completion"
-
-	la	$s2,16($sp)
-	slgr	$s2,$inp
-	srlg	$s3,$fp,4
-.Lxts_km_xor:
-	lg	$i1,0($out,$inp)
-	lg	$i2,8($out,$inp)
-	xg	$i1,0($s2,$inp)
-	xg	$i2,8($s2,$inp)
-	stg	$i1,0($out,$inp)
-	stg	$i2,8($out,$inp)
-	la	$inp,16($inp)
-	brct	$s3,.Lxts_km_xor
-
-	slgr	$len,$fp
-	brc	1,.Lxts_km_loop		# not zero, no borrow
-	algr	$fp,$len
-	lghi	$len,0
-	brc	4+1,.Lxts_km_loop	# not zero
-
-	l${g}	$i1,0($sp)		# back-chain
-	llgf	$fp,`2*$SIZE_T-4`($sp)	# bytes used
-	la	$i2,16($sp)
-	srlg	$fp,$fp,4
-.Lxts_km_zap:
-	stg	$i1,0($i2)
-	stg	$i1,8($i2)
-	la	$i2,16($i2)
-	brct	$fp,.Lxts_km_zap
-
-	la	$sp,0($i1)
-	llgc	$len,2*$SIZE_T-1($i1)
-	nill	$len,0x0f		# $len%=16
-	bzr	$ra
-
-	# generate one more tweak...
-	lghi	$i1,0x87
-	srag	$i2,$s1,63		# broadcast upper bit
-	ngr	$i1,$i2			# rem
-	algr	$s0,$s0
-	alcgr	$s1,$s1
-	xgr	$s0,$i1
-
-	ltr	$len,$len		# clear zero flag
-	br	$ra
-.size	_s390x_xts_km,.-_s390x_xts_km
-
-.globl	AES_xts_encrypt
-.type	AES_xts_encrypt,\@function
-.align	16
-AES_xts_encrypt:
-	xgr	%r3,%r4			# flip %r3 and %r4, $out and $len
-	xgr	%r4,%r3
-	xgr	%r3,%r4
-___
-$code.=<<___ if ($SIZE_T==4);
-	llgfr	$len,$len
-___
-$code.=<<___;
-	st${g}	$len,1*$SIZE_T($sp)	# save copy of $len
-	srag	$len,$len,4		# formally wrong, because it expands
-					# sign byte, but who can afford asking
-					# to process more than 2^63-1 bytes?
-					# I use it, because it sets condition
-					# code...
-	bcr	8,$ra			# abort if zero (i.e. less than 16)
-___
-$code.=<<___ if (!$softonly);
-	llgf	%r0,240($key2)
-	lhi	%r1,16
-	clr	%r0,%r1
-	jl	.Lxts_enc_software
-
-	st${g}	$ra,5*$SIZE_T($sp)
-	stm${g}	%r6,$s3,6*$SIZE_T($sp)
-
-	sllg	$len,$len,4		# $len&=~15
-	slgr	$out,$inp
-
-	# generate the tweak value
-	l${g}	$s3,$stdframe($sp)	# pointer to iv
-	la	$s2,$tweak($sp)
-	lmg	$s0,$s1,0($s3)
-	lghi	$s3,16
-	stmg	$s0,$s1,0($s2)
-	la	%r1,0($key2)		# $key2 is not needed anymore
-	.long	0xb92e00aa		# km $s2,$s2, generate the tweak
-	brc	1,.-4			# can this happen?
-
-	l	%r0,240($key1)
-	la	%r1,0($key1)		# $key1 is not needed anymore
-	bras	$ra,_s390x_xts_km
-	jz	.Lxts_enc_km_done
-
-	aghi	$inp,-16		# take one step back
-	la	$i3,0($out,$inp)	# put aside real $out
-.Lxts_enc_km_steal:
-	llgc	$i1,16($inp)
-	llgc	$i2,0($out,$inp)
-	stc	$i1,0($out,$inp)
-	stc	$i2,16($out,$inp)
-	la	$inp,1($inp)
-	brct	$len,.Lxts_enc_km_steal
-
-	la	$s2,0($i3)
-	lghi	$s3,16
-	lrvgr	$i1,$s0			# flip byte order
-	lrvgr	$i2,$s1
-	xg	$i1,0($s2)
-	xg	$i2,8($s2)
-	stg	$i1,0($s2)
-	stg	$i2,8($s2)
-	.long	0xb92e00aa		# km $s2,$s2
-	brc	1,.-4			# can this happen?
-	lrvgr	$i1,$s0			# flip byte order
-	lrvgr	$i2,$s1
-	xg	$i1,0($i3)
-	xg	$i2,8($i3)
-	stg	$i1,0($i3)
-	stg	$i2,8($i3)
-
-.Lxts_enc_km_done:
-	stg	$sp,$tweak+0($sp)	# wipe tweak
-	stg	$sp,$tweak+8($sp)
-	l${g}	$ra,5*$SIZE_T($sp)
-	lm${g}	%r6,$s3,6*$SIZE_T($sp)
-	br	$ra
-.align	16
-.Lxts_enc_software:
-___
-$code.=<<___;
-	stm${g}	%r6,$ra,6*$SIZE_T($sp)
-
-	slgr	$out,$inp
-
-	l${g}	$s3,$stdframe($sp)	# ivp
-	llgf	$s0,0($s3)		# load iv
-	llgf	$s1,4($s3)
-	llgf	$s2,8($s3)
-	llgf	$s3,12($s3)
-	stm${g}	%r2,%r5,2*$SIZE_T($sp)
-	la	$key,0($key2)
-	larl	$tbl,AES_Te
-	bras	$ra,_s390x_AES_encrypt	# generate the tweak
-	lm${g}	%r2,%r5,2*$SIZE_T($sp)
-	stm	$s0,$s3,$tweak($sp)	# save the tweak
-	j	.Lxts_enc_enter
-
-.align	16
-.Lxts_enc_loop:
-	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
-	lrvg	$s3,$tweak+8($sp)
-	lghi	%r1,0x87
-	srag	%r0,$s3,63		# broadcast upper bit
-	ngr	%r1,%r0			# rem
-	algr	$s1,$s1
-	alcgr	$s3,$s3
-	xgr	$s1,%r1
-	lrvgr	$s1,$s1			# flip byte order
-	lrvgr	$s3,$s3
-	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
-	stg	$s1,$tweak+0($sp)	# save the tweak
-	llgfr	$s1,$s1
-	srlg	$s2,$s3,32
-	stg	$s3,$tweak+8($sp)
-	llgfr	$s3,$s3
-	la	$inp,16($inp)		# $inp+=16
-.Lxts_enc_enter:
-	x	$s0,0($inp)		# ^=*($inp)
-	x	$s1,4($inp)
-	x	$s2,8($inp)
-	x	$s3,12($inp)
-	stm${g}	%r2,%r3,2*$SIZE_T($sp)	# only two registers are changing
-	la	$key,0($key1)
-	bras	$ra,_s390x_AES_encrypt
-	lm${g}	%r2,%r5,2*$SIZE_T($sp)
-	x	$s0,$tweak+0($sp)	# ^=tweak
-	x	$s1,$tweak+4($sp)
-	x	$s2,$tweak+8($sp)
-	x	$s3,$tweak+12($sp)
-	st	$s0,0($out,$inp)
-	st	$s1,4($out,$inp)
-	st	$s2,8($out,$inp)
-	st	$s3,12($out,$inp)
-	brct${g}	$len,.Lxts_enc_loop
-
-	llgc	$len,`2*$SIZE_T-1`($sp)
-	nill	$len,0x0f		# $len%16
-	jz	.Lxts_enc_done
-
-	la	$i3,0($inp,$out)	# put aside real $out
-.Lxts_enc_steal:
-	llgc	%r0,16($inp)
-	llgc	%r1,0($out,$inp)
-	stc	%r0,0($out,$inp)
-	stc	%r1,16($out,$inp)
-	la	$inp,1($inp)
-	brct	$len,.Lxts_enc_steal
-	la	$out,0($i3)		# restore real $out
-
-	# generate last tweak...
-	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
-	lrvg	$s3,$tweak+8($sp)
-	lghi	%r1,0x87
-	srag	%r0,$s3,63		# broadcast upper bit
-	ngr	%r1,%r0			# rem
-	algr	$s1,$s1
-	alcgr	$s3,$s3
-	xgr	$s1,%r1
-	lrvgr	$s1,$s1			# flip byte order
-	lrvgr	$s3,$s3
-	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
-	stg	$s1,$tweak+0($sp)	# save the tweak
-	llgfr	$s1,$s1
-	srlg	$s2,$s3,32
-	stg	$s3,$tweak+8($sp)
-	llgfr	$s3,$s3
-
-	x	$s0,0($out)		# ^=*(inp)|stolen cipther-text
-	x	$s1,4($out)
-	x	$s2,8($out)
-	x	$s3,12($out)
-	st${g}	$out,4*$SIZE_T($sp)
-	la	$key,0($key1)
-	bras	$ra,_s390x_AES_encrypt
-	l${g}	$out,4*$SIZE_T($sp)
-	x	$s0,`$tweak+0`($sp)	# ^=tweak
-	x	$s1,`$tweak+4`($sp)
-	x	$s2,`$tweak+8`($sp)
-	x	$s3,`$tweak+12`($sp)
-	st	$s0,0($out)
-	st	$s1,4($out)
-	st	$s2,8($out)
-	st	$s3,12($out)
-
-.Lxts_enc_done:
-	stg	$sp,$tweak+0($sp)	# wipe tweak
-	stg	$sp,$twesk+8($sp)
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	br	$ra
-.size	AES_xts_encrypt,.-AES_xts_encrypt
-___
-# void AES_xts_decrypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2,
-#	const unsigned char iv[16]);
-#
-$code.=<<___;
-.globl	AES_xts_decrypt
-.type	AES_xts_decrypt,\@function
-.align	16
-AES_xts_decrypt:
-	xgr	%r3,%r4			# flip %r3 and %r4, $out and $len
-	xgr	%r4,%r3
-	xgr	%r3,%r4
-___
-$code.=<<___ if ($SIZE_T==4);
-	llgfr	$len,$len
-___
-$code.=<<___;
-	st${g}	$len,1*$SIZE_T($sp)	# save copy of $len
-	aghi	$len,-16
-	bcr	4,$ra			# abort if less than zero. formally
-					# wrong, because $len is unsigned,
-					# but who can afford asking to
-					# process more than 2^63-1 bytes?
-	tmll	$len,0x0f
-	jnz	.Lxts_dec_proceed
-	aghi	$len,16
-.Lxts_dec_proceed:
-___
-$code.=<<___ if (!$softonly);
-	llgf	%r0,240($key2)
-	lhi	%r1,16
-	clr	%r0,%r1
-	jl	.Lxts_dec_software
-
-	st${g}	$ra,5*$SIZE_T($sp)
-	stm${g}	%r6,$s3,6*$SIZE_T($sp)
-
-	nill	$len,0xfff0		# $len&=~15
-	slgr	$out,$inp
-
-	# generate the tweak value
-	l${g}	$s3,$stdframe($sp)	# pointer to iv
-	la	$s2,$tweak($sp)
-	lmg	$s0,$s1,0($s3)
-	lghi	$s3,16
-	stmg	$s0,$s1,0($s2)
-	la	%r1,0($key2)		# $key2 is not needed past this point
-	.long	0xb92e00aa		# km $s2,$s2, generate the tweak
-	brc	1,.-4			# can this happen?
-
-	l	%r0,240($key1)
-	la	%r1,0($key1)		# $key1 is not needed anymore
-
-	ltgr	$len,$len
-	jz	.Lxts_dec_km_short
-	bras	$ra,_s390x_xts_km
-	jz	.Lxts_dec_km_done
-
-	lrvgr	$s2,$s0			# make copy in reverse byte order
-	lrvgr	$s3,$s1
-	j	.Lxts_dec_km_2ndtweak
-
-.Lxts_dec_km_short:
-	llgc	$len,`2*$SIZE_T-1`($sp)
-	nill	$len,0x0f		# $len%=16
-	lrvg	$s0,$tweak+0($sp)	# load the tweak
-	lrvg	$s1,$tweak+8($sp)
-	lrvgr	$s2,$s0			# make copy in reverse byte order
-	lrvgr	$s3,$s1
-
-.Lxts_dec_km_2ndtweak:
-	lghi	$i1,0x87
-	srag	$i2,$s1,63		# broadcast upper bit
-	ngr	$i1,$i2			# rem
-	algr	$s0,$s0
-	alcgr	$s1,$s1
-	xgr	$s0,$i1
-	lrvgr	$i1,$s0			# flip byte order
-	lrvgr	$i2,$s1
-
-	xg	$i1,0($inp)
-	xg	$i2,8($inp)
-	stg	$i1,0($out,$inp)
-	stg	$i2,8($out,$inp)
-	la	$i2,0($out,$inp)
-	lghi	$i3,16
-	.long	0xb92e0066		# km $i2,$i2
-	brc	1,.-4			# can this happen?
-	lrvgr	$i1,$s0
-	lrvgr	$i2,$s1
-	xg	$i1,0($out,$inp)
-	xg	$i2,8($out,$inp)
-	stg	$i1,0($out,$inp)
-	stg	$i2,8($out,$inp)
-
-	la	$i3,0($out,$inp)	# put aside real $out
-.Lxts_dec_km_steal:
-	llgc	$i1,16($inp)
-	llgc	$i2,0($out,$inp)
-	stc	$i1,0($out,$inp)
-	stc	$i2,16($out,$inp)
-	la	$inp,1($inp)
-	brct	$len,.Lxts_dec_km_steal
-
-	lgr	$s0,$s2
-	lgr	$s1,$s3
-	xg	$s0,0($i3)
-	xg	$s1,8($i3)
-	stg	$s0,0($i3)
-	stg	$s1,8($i3)
-	la	$s0,0($i3)
-	lghi	$s1,16
-	.long	0xb92e0088		# km $s0,$s0
-	brc	1,.-4			# can this happen?
-	xg	$s2,0($i3)
-	xg	$s3,8($i3)
-	stg	$s2,0($i3)
-	stg	$s3,8($i3)
-.Lxts_dec_km_done:
-	stg	$sp,$tweak+0($sp)	# wipe tweak
-	stg	$sp,$tweak+8($sp)
-	l${g}	$ra,5*$SIZE_T($sp)
-	lm${g}	%r6,$s3,6*$SIZE_T($sp)
-	br	$ra
-.align	16
-.Lxts_dec_software:
-___
-$code.=<<___;
-	stm${g}	%r6,$ra,6*$SIZE_T($sp)
-
-	srlg	$len,$len,4
-	slgr	$out,$inp
-
-	l${g}	$s3,$stdframe($sp)	# ivp
-	llgf	$s0,0($s3)		# load iv
-	llgf	$s1,4($s3)
-	llgf	$s2,8($s3)
-	llgf	$s3,12($s3)
-	stm${g}	%r2,%r5,2*$SIZE_T($sp)
-	la	$key,0($key2)
-	larl	$tbl,AES_Te
-	bras	$ra,_s390x_AES_encrypt	# generate the tweak
-	lm${g}	%r2,%r5,2*$SIZE_T($sp)
-	larl	$tbl,AES_Td
-	lt${g}r	$len,$len
-	stm	$s0,$s3,$tweak($sp)	# save the tweak
-	jz	.Lxts_dec_short
-	j	.Lxts_dec_enter
-
-.align	16
-.Lxts_dec_loop:
-	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
-	lrvg	$s3,$tweak+8($sp)
-	lghi	%r1,0x87
-	srag	%r0,$s3,63		# broadcast upper bit
-	ngr	%r1,%r0			# rem
-	algr	$s1,$s1
-	alcgr	$s3,$s3
-	xgr	$s1,%r1
-	lrvgr	$s1,$s1			# flip byte order
-	lrvgr	$s3,$s3
-	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
-	stg	$s1,$tweak+0($sp)	# save the tweak
-	llgfr	$s1,$s1
-	srlg	$s2,$s3,32
-	stg	$s3,$tweak+8($sp)
-	llgfr	$s3,$s3
-.Lxts_dec_enter:
-	x	$s0,0($inp)		# tweak^=*(inp)
-	x	$s1,4($inp)
-	x	$s2,8($inp)
-	x	$s3,12($inp)
-	stm${g}	%r2,%r3,2*$SIZE_T($sp)	# only two registers are changing
-	la	$key,0($key1)
-	bras	$ra,_s390x_AES_decrypt
-	lm${g}	%r2,%r5,2*$SIZE_T($sp)
-	x	$s0,$tweak+0($sp)	# ^=tweak
-	x	$s1,$tweak+4($sp)
-	x	$s2,$tweak+8($sp)
-	x	$s3,$tweak+12($sp)
-	st	$s0,0($out,$inp)
-	st	$s1,4($out,$inp)
-	st	$s2,8($out,$inp)
-	st	$s3,12($out,$inp)
-	la	$inp,16($inp)
-	brct${g}	$len,.Lxts_dec_loop
-
-	llgc	$len,`2*$SIZE_T-1`($sp)
-	nill	$len,0x0f		# $len%16
-	jz	.Lxts_dec_done
-
-	# generate pair of tweaks...
-	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
-	lrvg	$s3,$tweak+8($sp)
-	lghi	%r1,0x87
-	srag	%r0,$s3,63		# broadcast upper bit
-	ngr	%r1,%r0			# rem
-	algr	$s1,$s1
-	alcgr	$s3,$s3
-	xgr	$s1,%r1
-	lrvgr	$i2,$s1			# flip byte order
-	lrvgr	$i3,$s3
-	stmg	$i2,$i3,$tweak($sp)	# save the 1st tweak
-	j	.Lxts_dec_2ndtweak
-
-.align	16
-.Lxts_dec_short:
-	llgc	$len,`2*$SIZE_T-1`($sp)
-	nill	$len,0x0f		# $len%16
-	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
-	lrvg	$s3,$tweak+8($sp)
-.Lxts_dec_2ndtweak:
-	lghi	%r1,0x87
-	srag	%r0,$s3,63		# broadcast upper bit
-	ngr	%r1,%r0			# rem
-	algr	$s1,$s1
-	alcgr	$s3,$s3
-	xgr	$s1,%r1
-	lrvgr	$s1,$s1			# flip byte order
-	lrvgr	$s3,$s3
-	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits
-	stg	$s1,$tweak-16+0($sp)	# save the 2nd tweak
-	llgfr	$s1,$s1
-	srlg	$s2,$s3,32
-	stg	$s3,$tweak-16+8($sp)
-	llgfr	$s3,$s3
-
-	x	$s0,0($inp)		# tweak_the_2nd^=*(inp)
-	x	$s1,4($inp)
-	x	$s2,8($inp)
-	x	$s3,12($inp)
-	stm${g}	%r2,%r3,2*$SIZE_T($sp)
-	la	$key,0($key1)
-	bras	$ra,_s390x_AES_decrypt
-	lm${g}	%r2,%r5,2*$SIZE_T($sp)
-	x	$s0,$tweak-16+0($sp)	# ^=tweak_the_2nd
-	x	$s1,$tweak-16+4($sp)
-	x	$s2,$tweak-16+8($sp)
-	x	$s3,$tweak-16+12($sp)
-	st	$s0,0($out,$inp)
-	st	$s1,4($out,$inp)
-	st	$s2,8($out,$inp)
-	st	$s3,12($out,$inp)
-
-	la	$i3,0($out,$inp)	# put aside real $out
-.Lxts_dec_steal:
-	llgc	%r0,16($inp)
-	llgc	%r1,0($out,$inp)
-	stc	%r0,0($out,$inp)
-	stc	%r1,16($out,$inp)
-	la	$inp,1($inp)
-	brct	$len,.Lxts_dec_steal
-	la	$out,0($i3)		# restore real $out
-
-	lm	$s0,$s3,$tweak($sp)	# load the 1st tweak
-	x	$s0,0($out)		# tweak^=*(inp)|stolen cipher-text
-	x	$s1,4($out)
-	x	$s2,8($out)
-	x	$s3,12($out)
-	st${g}	$out,4*$SIZE_T($sp)
-	la	$key,0($key1)
-	bras	$ra,_s390x_AES_decrypt
-	l${g}	$out,4*$SIZE_T($sp)
-	x	$s0,$tweak+0($sp)	# ^=tweak
-	x	$s1,$tweak+4($sp)
-	x	$s2,$tweak+8($sp)
-	x	$s3,$tweak+12($sp)
-	st	$s0,0($out)
-	st	$s1,4($out)
-	st	$s2,8($out)
-	st	$s3,12($out)
-	stg	$sp,$tweak-16+0($sp)	# wipe 2nd tweak
-	stg	$sp,$tweak-16+8($sp)
-.Lxts_dec_done:
-	stg	$sp,$tweak+0($sp)	# wipe tweak
-	stg	$sp,$twesk+8($sp)
-	lm${g}	%r6,$ra,6*$SIZE_T($sp)
-	br	$ra
-.size	AES_xts_decrypt,.-AES_xts_decrypt
-___
-}
-$code.=<<___;
-.string	"AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm	OPENSSL_s390xcap_P,16,8
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;	# force flush
diff --git a/lib/libssl/src/crypto/aes/asm/aes-sparcv9.pl b/lib/libssl/src/crypto/aes/asm/aes-sparcv9.pl
deleted file mode 100755
index 403c4d12904..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-sparcv9.pl
+++ /dev/null
@@ -1,1182 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# Version 1.1
-#
-# The major reason for undertaken effort was to mitigate the hazard of
-# cache-timing attack. This is [currently and initially!] addressed in
-# two ways. 1. S-boxes are compressed from 5KB to 2KB+256B size each.
-# 2. References to them are scheduled for L2 cache latency, meaning
-# that the tables don't have to reside in L1 cache. Once again, this
-# is an initial draft and one should expect more countermeasures to
-# be implemented...
-#
-# Version 1.1 prefetches T[ed]4 in order to mitigate attack on last
-# round.
-#
-# Even though performance was not the primary goal [on the contrary,
-# extra shifts "induced" by compressed S-box and longer loop epilogue
-# "induced" by scheduling for L2 have negative effect on performance],
-# the code turned out to run in ~23 cycles per processed byte en-/
-# decrypted with 128-bit key. This is pretty good result for code
-# with mentioned qualities and UltraSPARC core. Compared to Sun C
-# generated code my encrypt procedure runs just few percents faster,
-# while decrypt one - whole 50% faster [yes, Sun C failed to generate
-# optimal decrypt procedure]. Compared to GNU C generated code both
-# procedures are more than 60% faster:-)
-
-$bits=32;
-for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)	{ $bias=2047; $frame=192; }
-else		{ $bias=0;    $frame=112; }
-$locals=16;
-
-$acc0="%l0";
-$acc1="%o0";
-$acc2="%o1";
-$acc3="%o2";
-
-$acc4="%l1";
-$acc5="%o3";
-$acc6="%o4";
-$acc7="%o5";
-
-$acc8="%l2";
-$acc9="%o7";
-$acc10="%g1";
-$acc11="%g2";
-
-$acc12="%l3";
-$acc13="%g3";
-$acc14="%g4";
-$acc15="%g5";
-
-$t0="%l4";
-$t1="%l5";
-$t2="%l6";
-$t3="%l7";
-
-$s0="%i0";
-$s1="%i1";
-$s2="%i2";
-$s3="%i3";
-$tbl="%i4";
-$key="%i5";
-$rounds="%i7";	# aliases with return address, which is off-loaded to stack
-
-sub _data_word()
-{ my $i;
-    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
-}
-
-$code.=<<___ if ($bits==64);
-.register	%g2,#scratch
-.register	%g3,#scratch
-___
-$code.=<<___;
-.section	".text",#alloc,#execinstr
-
-.align	256
-AES_Te:
-___
-&_data_word(
-	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
-	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
-	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
-	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
-	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
-	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
-	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
-	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
-	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
-	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
-	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
-	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
-	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
-	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
-	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
-	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
-	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
-	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
-	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
-	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
-	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
-	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
-	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
-	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
-	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
-	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
-	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
-	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
-	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
-	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
-	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
-	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
-	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
-	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
-	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
-	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
-	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
-	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
-	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
-	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
-	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
-	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
-	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
-	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
-	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
-	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
-	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
-	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
-	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
-	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
-	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
-	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
-	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
-	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
-	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
-	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
-	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
-	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
-	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
-	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
-	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
-	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
-	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
-	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
-$code.=<<___;
-	.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
-	.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
-	.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
-	.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
-	.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
-	.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
-	.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
-	.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
-	.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
-	.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
-	.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
-	.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
-	.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
-	.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
-	.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
-	.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
-	.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
-	.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
-	.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
-	.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
-	.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
-	.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
-	.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
-	.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
-	.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
-	.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
-	.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
-	.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
-	.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
-	.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
-	.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
-	.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-.type	AES_Te,#object
-.size	AES_Te,(.-AES_Te)
-
-.align	64
-.skip	16
-_sparcv9_AES_encrypt:
-	save	%sp,-$frame-$locals,%sp
-	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
-	ld	[$key+240],$rounds
-	ld	[$key+0],$t0
-	ld	[$key+4],$t1			!
-	ld	[$key+8],$t2
-	srl	$rounds,1,$rounds
-	xor	$t0,$s0,$s0
-	ld	[$key+12],$t3
-	srl	$s0,21,$acc0
-	xor	$t1,$s1,$s1
-	ld	[$key+16],$t0
-	srl	$s1,13,$acc1			!
-	xor	$t2,$s2,$s2
-	ld	[$key+20],$t1
-	xor	$t3,$s3,$s3
-	ld	[$key+24],$t2
-	and	$acc0,2040,$acc0
-	ld	[$key+28],$t3
-	nop
-.Lenc_loop:
-	srl	$s2,5,$acc2			!
-	and	$acc1,2040,$acc1
-	ldx	[$tbl+$acc0],$acc0
-	sll	$s3,3,$acc3
-	and	$acc2,2040,$acc2
-	ldx	[$tbl+$acc1],$acc1
-	srl	$s1,21,$acc4
-	and	$acc3,2040,$acc3
-	ldx	[$tbl+$acc2],$acc2		!
-	srl	$s2,13,$acc5
-	and	$acc4,2040,$acc4
-	ldx	[$tbl+$acc3],$acc3
-	srl	$s3,5,$acc6
-	and	$acc5,2040,$acc5
-	ldx	[$tbl+$acc4],$acc4
-	fmovs	%f0,%f0
-	sll	$s0,3,$acc7			!
-	and	$acc6,2040,$acc6
-	ldx	[$tbl+$acc5],$acc5
-	srl	$s2,21,$acc8
-	and	$acc7,2040,$acc7
-	ldx	[$tbl+$acc6],$acc6
-	srl	$s3,13,$acc9
-	and	$acc8,2040,$acc8
-	ldx	[$tbl+$acc7],$acc7		!
-	srl	$s0,5,$acc10
-	and	$acc9,2040,$acc9
-	ldx	[$tbl+$acc8],$acc8
-	sll	$s1,3,$acc11
-	and	$acc10,2040,$acc10
-	ldx	[$tbl+$acc9],$acc9
-	fmovs	%f0,%f0
-	srl	$s3,21,$acc12			!
-	and	$acc11,2040,$acc11
-	ldx	[$tbl+$acc10],$acc10
-	srl	$s0,13,$acc13
-	and	$acc12,2040,$acc12
-	ldx	[$tbl+$acc11],$acc11
-	srl	$s1,5,$acc14
-	and	$acc13,2040,$acc13
-	ldx	[$tbl+$acc12],$acc12		!
-	sll	$s2,3,$acc15
-	and	$acc14,2040,$acc14
-	ldx	[$tbl+$acc13],$acc13
-	and	$acc15,2040,$acc15
-	add	$key,32,$key
-	ldx	[$tbl+$acc14],$acc14
-	fmovs	%f0,%f0
-	subcc	$rounds,1,$rounds		!
-	ldx	[$tbl+$acc15],$acc15
-	bz,a,pn	%icc,.Lenc_last
-	add	$tbl,2048,$rounds
-
-		srlx	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ld	[$key+0],$s0
-	fmovs	%f0,%f0
-		srlx	$acc2,16,$acc2		!
-		xor	$acc1,$t0,$t0
-	ld	[$key+4],$s1
-		srlx	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ld	[$key+8],$s2
-		srlx	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ld	[$key+12],$s3			!
-		srlx	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-	fmovs	%f0,%f0
-		srlx	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		srlx	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		srlx	$acc10,16,$acc10	!
-		xor	$acc7,$t1,$t1
-		srlx	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		srlx	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		srlx	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		srlx	$acc15,24,$acc15	!
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	srl	$t0,21,$acc0
-		xor	$acc14,$t3,$t3
-	srl	$t1,13,$acc1
-		xor	$acc15,$t3,$t3
-
-	and	$acc0,2040,$acc0		!
-	srl	$t2,5,$acc2
-	and	$acc1,2040,$acc1
-	ldx	[$tbl+$acc0],$acc0
-	sll	$t3,3,$acc3
-	and	$acc2,2040,$acc2
-	ldx	[$tbl+$acc1],$acc1
-	fmovs	%f0,%f0
-	srl	$t1,21,$acc4			!
-	and	$acc3,2040,$acc3
-	ldx	[$tbl+$acc2],$acc2
-	srl	$t2,13,$acc5
-	and	$acc4,2040,$acc4
-	ldx	[$tbl+$acc3],$acc3
-	srl	$t3,5,$acc6
-	and	$acc5,2040,$acc5
-	ldx	[$tbl+$acc4],$acc4		!
-	sll	$t0,3,$acc7
-	and	$acc6,2040,$acc6
-	ldx	[$tbl+$acc5],$acc5
-	srl	$t2,21,$acc8
-	and	$acc7,2040,$acc7
-	ldx	[$tbl+$acc6],$acc6
-	fmovs	%f0,%f0
-	srl	$t3,13,$acc9			!
-	and	$acc8,2040,$acc8
-	ldx	[$tbl+$acc7],$acc7
-	srl	$t0,5,$acc10
-	and	$acc9,2040,$acc9
-	ldx	[$tbl+$acc8],$acc8
-	sll	$t1,3,$acc11
-	and	$acc10,2040,$acc10
-	ldx	[$tbl+$acc9],$acc9		!
-	srl	$t3,21,$acc12
-	and	$acc11,2040,$acc11
-	ldx	[$tbl+$acc10],$acc10
-	srl	$t0,13,$acc13
-	and	$acc12,2040,$acc12
-	ldx	[$tbl+$acc11],$acc11
-	fmovs	%f0,%f0
-	srl	$t1,5,$acc14			!
-	and	$acc13,2040,$acc13
-	ldx	[$tbl+$acc12],$acc12
-	sll	$t2,3,$acc15
-	and	$acc14,2040,$acc14
-	ldx	[$tbl+$acc13],$acc13
-		srlx	$acc1,8,$acc1
-	and	$acc15,2040,$acc15
-	ldx	[$tbl+$acc14],$acc14		!
-
-		srlx	$acc2,16,$acc2
-		xor	$acc0,$s0,$s0
-	ldx	[$tbl+$acc15],$acc15
-		srlx	$acc3,24,$acc3
-		xor	$acc1,$s0,$s0
-	ld	[$key+16],$t0
-	fmovs	%f0,%f0
-		srlx	$acc5,8,$acc5		!
-		xor	$acc2,$s0,$s0
-	ld	[$key+20],$t1
-		srlx	$acc6,16,$acc6
-		xor	$acc3,$s0,$s0
-	ld	[$key+24],$t2
-		srlx	$acc7,24,$acc7
-		xor	$acc4,$s1,$s1
-	ld	[$key+28],$t3			!
-		srlx	$acc9,8,$acc9
-		xor	$acc5,$s1,$s1
-	ldx	[$tbl+2048+0],%g0		! prefetch te4
-		srlx	$acc10,16,$acc10
-		xor	$acc6,$s1,$s1
-	ldx	[$tbl+2048+32],%g0		! prefetch te4
-		srlx	$acc11,24,$acc11
-		xor	$acc7,$s1,$s1
-	ldx	[$tbl+2048+64],%g0		! prefetch te4
-		srlx	$acc13,8,$acc13
-		xor	$acc8,$s2,$s2
-	ldx	[$tbl+2048+96],%g0		! prefetch te4
-		srlx	$acc14,16,$acc14	!
-		xor	$acc9,$s2,$s2
-	ldx	[$tbl+2048+128],%g0		! prefetch te4
-		srlx	$acc15,24,$acc15
-		xor	$acc10,$s2,$s2
-	ldx	[$tbl+2048+160],%g0		! prefetch te4
-	srl	$s0,21,$acc0
-		xor	$acc11,$s2,$s2
-	ldx	[$tbl+2048+192],%g0		! prefetch te4
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-	ldx	[$tbl+2048+224],%g0		! prefetch te4
-	srl	$s1,13,$acc1			!
-		xor	$acc14,$s3,$s3
-		xor	$acc15,$s3,$s3
-	ba	.Lenc_loop
-	and	$acc0,2040,$acc0
-
-.align	32
-.Lenc_last:
-		srlx	$acc1,8,$acc1		!
-		xor	$acc0,$t0,$t0
-	ld	[$key+0],$s0
-		srlx	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ld	[$key+4],$s1
-		srlx	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ld	[$key+8],$s2			!
-		srlx	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ld	[$key+12],$s3
-		srlx	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		srlx	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		srlx	$acc9,8,$acc9		!
-		xor	$acc6,$t1,$t1
-		srlx	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		srlx	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		srlx	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		srlx	$acc14,16,$acc14	!
-		xor	$acc10,$t2,$t2
-		srlx	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	srl	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-	srl	$t1,16,$acc1			!
-		xor	$acc15,$t3,$t3
-
-	srl	$t2,8,$acc2
-	and	$acc1,255,$acc1
-	ldub	[$rounds+$acc0],$acc0
-	srl	$t1,24,$acc4
-	and	$acc2,255,$acc2
-	ldub	[$rounds+$acc1],$acc1
-	srl	$t2,16,$acc5			!
-	and	$t3,255,$acc3
-	ldub	[$rounds+$acc2],$acc2
-	ldub	[$rounds+$acc3],$acc3
-	srl	$t3,8,$acc6
-	and	$acc5,255,$acc5
-	ldub	[$rounds+$acc4],$acc4
-	fmovs	%f0,%f0
-	srl	$t2,24,$acc8			!
-	and	$acc6,255,$acc6
-	ldub	[$rounds+$acc5],$acc5
-	srl	$t3,16,$acc9
-	and	$t0,255,$acc7
-	ldub	[$rounds+$acc6],$acc6
-	ldub	[$rounds+$acc7],$acc7
-	fmovs	%f0,%f0
-	srl	$t0,8,$acc10			!
-	and	$acc9,255,$acc9
-	ldub	[$rounds+$acc8],$acc8
-	srl	$t3,24,$acc12
-	and	$acc10,255,$acc10
-	ldub	[$rounds+$acc9],$acc9
-	srl	$t0,16,$acc13
-	and	$t1,255,$acc11
-	ldub	[$rounds+$acc10],$acc10		!
-	srl	$t1,8,$acc14
-	and	$acc13,255,$acc13
-	ldub	[$rounds+$acc11],$acc11
-	ldub	[$rounds+$acc12],$acc12
-	and	$acc14,255,$acc14
-	ldub	[$rounds+$acc13],$acc13
-	and	$t2,255,$acc15
-	ldub	[$rounds+$acc14],$acc14		!
-
-		sll	$acc0,24,$acc0
-		xor	$acc3,$s0,$s0
-	ldub	[$rounds+$acc15],$acc15
-		sll	$acc1,16,$acc1
-		xor	$acc0,$s0,$s0
-	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
-	fmovs	%f0,%f0
-		sll	$acc2,8,$acc2		!
-		xor	$acc1,$s0,$s0
-		sll	$acc4,24,$acc4
-		xor	$acc2,$s0,$s0
-		sll	$acc5,16,$acc5
-		xor	$acc7,$s1,$s1
-		sll	$acc6,8,$acc6
-		xor	$acc4,$s1,$s1
-		sll	$acc8,24,$acc8		!
-		xor	$acc5,$s1,$s1
-		sll	$acc9,16,$acc9
-		xor	$acc11,$s2,$s2
-		sll	$acc10,8,$acc10
-		xor	$acc6,$s1,$s1
-		sll	$acc12,24,$acc12
-		xor	$acc8,$s2,$s2
-		sll	$acc13,16,$acc13	!
-		xor	$acc9,$s2,$s2
-		sll	$acc14,8,$acc14
-		xor	$acc10,$s2,$s2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-		xor	$acc14,$s3,$s3
-		xor	$acc15,$s3,$s3
-
-	ret
-	restore
-.type	_sparcv9_AES_encrypt,#function
-.size	_sparcv9_AES_encrypt,(.-_sparcv9_AES_encrypt)
-
-.align	32
-.globl	AES_encrypt
-AES_encrypt:
-	or	%o0,%o1,%g1
-	andcc	%g1,3,%g0
-	bnz,pn	%xcc,.Lunaligned_enc
-	save	%sp,-$frame,%sp
-
-	ld	[%i0+0],%o0
-	ld	[%i0+4],%o1
-	ld	[%i0+8],%o2
-	ld	[%i0+12],%o3
-
-1:	call	.+8
-	add	%o7,AES_Te-1b,%o4
-	call	_sparcv9_AES_encrypt
-	mov	%i2,%o5
-
-	st	%o0,[%i1+0]
-	st	%o1,[%i1+4]
-	st	%o2,[%i1+8]
-	st	%o3,[%i1+12]
-
-	ret
-	restore
-
-.align	32
-.Lunaligned_enc:
-	ldub	[%i0+0],%l0
-	ldub	[%i0+1],%l1
-	ldub	[%i0+2],%l2
-
-	sll	%l0,24,%l0
-	ldub	[%i0+3],%l3
-	sll	%l1,16,%l1
-	ldub	[%i0+4],%l4
-	sll	%l2,8,%l2
-	or	%l1,%l0,%l0
-	ldub	[%i0+5],%l5
-	sll	%l4,24,%l4
-	or	%l3,%l2,%l2
-	ldub	[%i0+6],%l6
-	sll	%l5,16,%l5
-	or	%l0,%l2,%o0
-	ldub	[%i0+7],%l7
-
-	sll	%l6,8,%l6
-	or	%l5,%l4,%l4
-	ldub	[%i0+8],%l0
-	or	%l7,%l6,%l6
-	ldub	[%i0+9],%l1
-	or	%l4,%l6,%o1
-	ldub	[%i0+10],%l2
-
-	sll	%l0,24,%l0
-	ldub	[%i0+11],%l3
-	sll	%l1,16,%l1
-	ldub	[%i0+12],%l4
-	sll	%l2,8,%l2
-	or	%l1,%l0,%l0
-	ldub	[%i0+13],%l5
-	sll	%l4,24,%l4
-	or	%l3,%l2,%l2
-	ldub	[%i0+14],%l6
-	sll	%l5,16,%l5
-	or	%l0,%l2,%o2
-	ldub	[%i0+15],%l7
-
-	sll	%l6,8,%l6
-	or	%l5,%l4,%l4
-	or	%l7,%l6,%l6
-	or	%l4,%l6,%o3
-
-1:	call	.+8
-	add	%o7,AES_Te-1b,%o4
-	call	_sparcv9_AES_encrypt
-	mov	%i2,%o5
-
-	srl	%o0,24,%l0
-	srl	%o0,16,%l1
-	stb	%l0,[%i1+0]
-	srl	%o0,8,%l2
-	stb	%l1,[%i1+1]
-	stb	%l2,[%i1+2]
-	srl	%o1,24,%l4
-	stb	%o0,[%i1+3]
-
-	srl	%o1,16,%l5
-	stb	%l4,[%i1+4]
-	srl	%o1,8,%l6
-	stb	%l5,[%i1+5]
-	stb	%l6,[%i1+6]
-	srl	%o2,24,%l0
-	stb	%o1,[%i1+7]
-
-	srl	%o2,16,%l1
-	stb	%l0,[%i1+8]
-	srl	%o2,8,%l2
-	stb	%l1,[%i1+9]
-	stb	%l2,[%i1+10]
-	srl	%o3,24,%l4
-	stb	%o2,[%i1+11]
-
-	srl	%o3,16,%l5
-	stb	%l4,[%i1+12]
-	srl	%o3,8,%l6
-	stb	%l5,[%i1+13]
-	stb	%l6,[%i1+14]
-	stb	%o3,[%i1+15]
-
-	ret
-	restore
-.type	AES_encrypt,#function
-.size	AES_encrypt,(.-AES_encrypt)
-
-___
-
-$code.=<<___;
-.align	256
-AES_Td:
-___
-&_data_word(
-	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
-	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
-	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
-	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
-	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
-	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
-	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
-	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
-	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
-	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
-	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
-	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
-	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
-	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
-	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
-	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
-	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
-	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
-	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
-	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
-	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
-	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
-	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
-	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
-	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
-	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
-	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
-	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
-	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
-	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
-	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
-	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
-	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
-	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
-	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
-	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
-	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
-	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
-	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
-	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
-	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
-	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
-	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
-	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
-	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
-	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
-	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
-	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
-	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
-	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
-	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
-	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
-	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
-	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
-	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
-	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
-	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
-	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
-	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
-	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
-	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
-	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
-	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
-	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
-$code.=<<___;
-	.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
-	.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
-	.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
-	.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
-	.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
-	.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
-	.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
-	.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
-	.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
-	.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
-	.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
-	.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
-	.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
-	.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
-	.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
-	.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
-	.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
-	.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
-	.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
-	.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
-	.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
-	.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
-	.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
-	.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
-	.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
-	.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
-	.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
-	.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
-	.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
-	.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
-	.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
-	.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-.type	AES_Td,#object
-.size	AES_Td,(.-AES_Td)
-
-.align	64
-.skip	16
-_sparcv9_AES_decrypt:
-	save	%sp,-$frame-$locals,%sp
-	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
-	ld	[$key+240],$rounds
-	ld	[$key+0],$t0
-	ld	[$key+4],$t1			!
-	ld	[$key+8],$t2
-	ld	[$key+12],$t3
-	srl	$rounds,1,$rounds
-	xor	$t0,$s0,$s0
-	ld	[$key+16],$t0
-	xor	$t1,$s1,$s1
-	ld	[$key+20],$t1
-	srl	$s0,21,$acc0			!
-	xor	$t2,$s2,$s2
-	ld	[$key+24],$t2
-	xor	$t3,$s3,$s3
-	and	$acc0,2040,$acc0
-	ld	[$key+28],$t3
-	srl	$s3,13,$acc1
-	nop
-.Ldec_loop:
-	srl	$s2,5,$acc2			!
-	and	$acc1,2040,$acc1
-	ldx	[$tbl+$acc0],$acc0
-	sll	$s1,3,$acc3
-	and	$acc2,2040,$acc2
-	ldx	[$tbl+$acc1],$acc1
-	srl	$s1,21,$acc4
-	and	$acc3,2040,$acc3
-	ldx	[$tbl+$acc2],$acc2		!
-	srl	$s0,13,$acc5
-	and	$acc4,2040,$acc4
-	ldx	[$tbl+$acc3],$acc3
-	srl	$s3,5,$acc6
-	and	$acc5,2040,$acc5
-	ldx	[$tbl+$acc4],$acc4
-	fmovs	%f0,%f0
-	sll	$s2,3,$acc7			!
-	and	$acc6,2040,$acc6
-	ldx	[$tbl+$acc5],$acc5
-	srl	$s2,21,$acc8
-	and	$acc7,2040,$acc7
-	ldx	[$tbl+$acc6],$acc6
-	srl	$s1,13,$acc9
-	and	$acc8,2040,$acc8
-	ldx	[$tbl+$acc7],$acc7		!
-	srl	$s0,5,$acc10
-	and	$acc9,2040,$acc9
-	ldx	[$tbl+$acc8],$acc8
-	sll	$s3,3,$acc11
-	and	$acc10,2040,$acc10
-	ldx	[$tbl+$acc9],$acc9
-	fmovs	%f0,%f0
-	srl	$s3,21,$acc12			!
-	and	$acc11,2040,$acc11
-	ldx	[$tbl+$acc10],$acc10
-	srl	$s2,13,$acc13
-	and	$acc12,2040,$acc12
-	ldx	[$tbl+$acc11],$acc11
-	srl	$s1,5,$acc14
-	and	$acc13,2040,$acc13
-	ldx	[$tbl+$acc12],$acc12		!
-	sll	$s0,3,$acc15
-	and	$acc14,2040,$acc14
-	ldx	[$tbl+$acc13],$acc13
-	and	$acc15,2040,$acc15
-	add	$key,32,$key
-	ldx	[$tbl+$acc14],$acc14
-	fmovs	%f0,%f0
-	subcc	$rounds,1,$rounds		!
-	ldx	[$tbl+$acc15],$acc15
-	bz,a,pn	%icc,.Ldec_last
-	add	$tbl,2048,$rounds
-
-		srlx	$acc1,8,$acc1
-		xor	$acc0,$t0,$t0
-	ld	[$key+0],$s0
-	fmovs	%f0,%f0
-		srlx	$acc2,16,$acc2		!
-		xor	$acc1,$t0,$t0
-	ld	[$key+4],$s1
-		srlx	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ld	[$key+8],$s2
-		srlx	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ld	[$key+12],$s3			!
-		srlx	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-	fmovs	%f0,%f0
-		srlx	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		srlx	$acc9,8,$acc9
-		xor	$acc6,$t1,$t1
-		srlx	$acc10,16,$acc10	!
-		xor	$acc7,$t1,$t1
-		srlx	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		srlx	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		srlx	$acc14,16,$acc14
-		xor	$acc10,$t2,$t2
-		srlx	$acc15,24,$acc15	!
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	srl	$t0,21,$acc0
-		xor	$acc14,$t3,$t3
-		xor	$acc15,$t3,$t3
-	srl	$t3,13,$acc1
-
-	and	$acc0,2040,$acc0		!
-	srl	$t2,5,$acc2
-	and	$acc1,2040,$acc1
-	ldx	[$tbl+$acc0],$acc0
-	sll	$t1,3,$acc3
-	and	$acc2,2040,$acc2
-	ldx	[$tbl+$acc1],$acc1
-	fmovs	%f0,%f0
-	srl	$t1,21,$acc4			!
-	and	$acc3,2040,$acc3
-	ldx	[$tbl+$acc2],$acc2
-	srl	$t0,13,$acc5
-	and	$acc4,2040,$acc4
-	ldx	[$tbl+$acc3],$acc3
-	srl	$t3,5,$acc6
-	and	$acc5,2040,$acc5
-	ldx	[$tbl+$acc4],$acc4		!
-	sll	$t2,3,$acc7
-	and	$acc6,2040,$acc6
-	ldx	[$tbl+$acc5],$acc5
-	srl	$t2,21,$acc8
-	and	$acc7,2040,$acc7
-	ldx	[$tbl+$acc6],$acc6
-	fmovs	%f0,%f0
-	srl	$t1,13,$acc9			!
-	and	$acc8,2040,$acc8
-	ldx	[$tbl+$acc7],$acc7
-	srl	$t0,5,$acc10
-	and	$acc9,2040,$acc9
-	ldx	[$tbl+$acc8],$acc8
-	sll	$t3,3,$acc11
-	and	$acc10,2040,$acc10
-	ldx	[$tbl+$acc9],$acc9		!
-	srl	$t3,21,$acc12
-	and	$acc11,2040,$acc11
-	ldx	[$tbl+$acc10],$acc10
-	srl	$t2,13,$acc13
-	and	$acc12,2040,$acc12
-	ldx	[$tbl+$acc11],$acc11
-	fmovs	%f0,%f0
-	srl	$t1,5,$acc14			!
-	and	$acc13,2040,$acc13
-	ldx	[$tbl+$acc12],$acc12
-	sll	$t0,3,$acc15
-	and	$acc14,2040,$acc14
-	ldx	[$tbl+$acc13],$acc13
-		srlx	$acc1,8,$acc1
-	and	$acc15,2040,$acc15
-	ldx	[$tbl+$acc14],$acc14		!
-
-		srlx	$acc2,16,$acc2
-		xor	$acc0,$s0,$s0
-	ldx	[$tbl+$acc15],$acc15
-		srlx	$acc3,24,$acc3
-		xor	$acc1,$s0,$s0
-	ld	[$key+16],$t0
-	fmovs	%f0,%f0
-		srlx	$acc5,8,$acc5		!
-		xor	$acc2,$s0,$s0
-	ld	[$key+20],$t1
-		srlx	$acc6,16,$acc6
-		xor	$acc3,$s0,$s0
-	ld	[$key+24],$t2
-		srlx	$acc7,24,$acc7
-		xor	$acc4,$s1,$s1
-	ld	[$key+28],$t3			!
-		srlx	$acc9,8,$acc9
-		xor	$acc5,$s1,$s1
-	ldx	[$tbl+2048+0],%g0		! prefetch td4
-		srlx	$acc10,16,$acc10
-		xor	$acc6,$s1,$s1
-	ldx	[$tbl+2048+32],%g0		! prefetch td4
-		srlx	$acc11,24,$acc11
-		xor	$acc7,$s1,$s1
-	ldx	[$tbl+2048+64],%g0		! prefetch td4
-		srlx	$acc13,8,$acc13
-		xor	$acc8,$s2,$s2
-	ldx	[$tbl+2048+96],%g0		! prefetch td4
-		srlx	$acc14,16,$acc14	!
-		xor	$acc9,$s2,$s2
-	ldx	[$tbl+2048+128],%g0		! prefetch td4
-		srlx	$acc15,24,$acc15
-		xor	$acc10,$s2,$s2
-	ldx	[$tbl+2048+160],%g0		! prefetch td4
-	srl	$s0,21,$acc0
-		xor	$acc11,$s2,$s2
-	ldx	[$tbl+2048+192],%g0		! prefetch td4
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-	ldx	[$tbl+2048+224],%g0		! prefetch td4
-	and	$acc0,2040,$acc0		!
-		xor	$acc14,$s3,$s3
-		xor	$acc15,$s3,$s3
-	ba	.Ldec_loop
-	srl	$s3,13,$acc1
-
-.align	32
-.Ldec_last:
-		srlx	$acc1,8,$acc1		!
-		xor	$acc0,$t0,$t0
-	ld	[$key+0],$s0
-		srlx	$acc2,16,$acc2
-		xor	$acc1,$t0,$t0
-	ld	[$key+4],$s1
-		srlx	$acc3,24,$acc3
-		xor	$acc2,$t0,$t0
-	ld	[$key+8],$s2			!
-		srlx	$acc5,8,$acc5
-		xor	$acc3,$t0,$t0
-	ld	[$key+12],$s3
-		srlx	$acc6,16,$acc6
-		xor	$acc4,$t1,$t1
-		srlx	$acc7,24,$acc7
-		xor	$acc5,$t1,$t1
-		srlx	$acc9,8,$acc9		!
-		xor	$acc6,$t1,$t1
-		srlx	$acc10,16,$acc10
-		xor	$acc7,$t1,$t1
-		srlx	$acc11,24,$acc11
-		xor	$acc8,$t2,$t2
-		srlx	$acc13,8,$acc13
-		xor	$acc9,$t2,$t2
-		srlx	$acc14,16,$acc14	!
-		xor	$acc10,$t2,$t2
-		srlx	$acc15,24,$acc15
-		xor	$acc11,$t2,$t2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$t3,$t3
-	srl	$t0,24,$acc0
-		xor	$acc14,$t3,$t3
-		xor	$acc15,$t3,$t3		!
-	srl	$t3,16,$acc1
-
-	srl	$t2,8,$acc2
-	and	$acc1,255,$acc1
-	ldub	[$rounds+$acc0],$acc0
-	srl	$t1,24,$acc4
-	and	$acc2,255,$acc2
-	ldub	[$rounds+$acc1],$acc1
-	srl	$t0,16,$acc5			!
-	and	$t1,255,$acc3
-	ldub	[$rounds+$acc2],$acc2
-	ldub	[$rounds+$acc3],$acc3
-	srl	$t3,8,$acc6
-	and	$acc5,255,$acc5
-	ldub	[$rounds+$acc4],$acc4
-	fmovs	%f0,%f0
-	srl	$t2,24,$acc8			!
-	and	$acc6,255,$acc6
-	ldub	[$rounds+$acc5],$acc5
-	srl	$t1,16,$acc9
-	and	$t2,255,$acc7
-	ldub	[$rounds+$acc6],$acc6
-	ldub	[$rounds+$acc7],$acc7
-	fmovs	%f0,%f0
-	srl	$t0,8,$acc10			!
-	and	$acc9,255,$acc9
-	ldub	[$rounds+$acc8],$acc8
-	srl	$t3,24,$acc12
-	and	$acc10,255,$acc10
-	ldub	[$rounds+$acc9],$acc9
-	srl	$t2,16,$acc13
-	and	$t3,255,$acc11
-	ldub	[$rounds+$acc10],$acc10		!
-	srl	$t1,8,$acc14
-	and	$acc13,255,$acc13
-	ldub	[$rounds+$acc11],$acc11
-	ldub	[$rounds+$acc12],$acc12
-	and	$acc14,255,$acc14
-	ldub	[$rounds+$acc13],$acc13
-	and	$t0,255,$acc15
-	ldub	[$rounds+$acc14],$acc14		!
-
-		sll	$acc0,24,$acc0
-		xor	$acc3,$s0,$s0
-	ldub	[$rounds+$acc15],$acc15
-		sll	$acc1,16,$acc1
-		xor	$acc0,$s0,$s0
-	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
-	fmovs	%f0,%f0
-		sll	$acc2,8,$acc2		!
-		xor	$acc1,$s0,$s0
-		sll	$acc4,24,$acc4
-		xor	$acc2,$s0,$s0
-		sll	$acc5,16,$acc5
-		xor	$acc7,$s1,$s1
-		sll	$acc6,8,$acc6
-		xor	$acc4,$s1,$s1
-		sll	$acc8,24,$acc8		!
-		xor	$acc5,$s1,$s1
-		sll	$acc9,16,$acc9
-		xor	$acc11,$s2,$s2
-		sll	$acc10,8,$acc10
-		xor	$acc6,$s1,$s1
-		sll	$acc12,24,$acc12
-		xor	$acc8,$s2,$s2
-		sll	$acc13,16,$acc13	!
-		xor	$acc9,$s2,$s2
-		sll	$acc14,8,$acc14
-		xor	$acc10,$s2,$s2
-		xor	$acc12,$acc14,$acc14
-		xor	$acc13,$s3,$s3
-		xor	$acc14,$s3,$s3
-		xor	$acc15,$s3,$s3
-
-	ret
-	restore
-.type	_sparcv9_AES_decrypt,#function
-.size	_sparcv9_AES_decrypt,(.-_sparcv9_AES_decrypt)
-
-.align	32
-.globl	AES_decrypt
-AES_decrypt:
-	or	%o0,%o1,%g1
-	andcc	%g1,3,%g0
-	bnz,pn	%xcc,.Lunaligned_dec
-	save	%sp,-$frame,%sp
-
-	ld	[%i0+0],%o0
-	ld	[%i0+4],%o1
-	ld	[%i0+8],%o2
-	ld	[%i0+12],%o3
-
-1:	call	.+8
-	add	%o7,AES_Td-1b,%o4
-	call	_sparcv9_AES_decrypt
-	mov	%i2,%o5
-
-	st	%o0,[%i1+0]
-	st	%o1,[%i1+4]
-	st	%o2,[%i1+8]
-	st	%o3,[%i1+12]
-
-	ret
-	restore
-
-.align	32
-.Lunaligned_dec:
-	ldub	[%i0+0],%l0
-	ldub	[%i0+1],%l1
-	ldub	[%i0+2],%l2
-
-	sll	%l0,24,%l0
-	ldub	[%i0+3],%l3
-	sll	%l1,16,%l1
-	ldub	[%i0+4],%l4
-	sll	%l2,8,%l2
-	or	%l1,%l0,%l0
-	ldub	[%i0+5],%l5
-	sll	%l4,24,%l4
-	or	%l3,%l2,%l2
-	ldub	[%i0+6],%l6
-	sll	%l5,16,%l5
-	or	%l0,%l2,%o0
-	ldub	[%i0+7],%l7
-
-	sll	%l6,8,%l6
-	or	%l5,%l4,%l4
-	ldub	[%i0+8],%l0
-	or	%l7,%l6,%l6
-	ldub	[%i0+9],%l1
-	or	%l4,%l6,%o1
-	ldub	[%i0+10],%l2
-
-	sll	%l0,24,%l0
-	ldub	[%i0+11],%l3
-	sll	%l1,16,%l1
-	ldub	[%i0+12],%l4
-	sll	%l2,8,%l2
-	or	%l1,%l0,%l0
-	ldub	[%i0+13],%l5
-	sll	%l4,24,%l4
-	or	%l3,%l2,%l2
-	ldub	[%i0+14],%l6
-	sll	%l5,16,%l5
-	or	%l0,%l2,%o2
-	ldub	[%i0+15],%l7
-
-	sll	%l6,8,%l6
-	or	%l5,%l4,%l4
-	or	%l7,%l6,%l6
-	or	%l4,%l6,%o3
-
-1:	call	.+8
-	add	%o7,AES_Td-1b,%o4
-	call	_sparcv9_AES_decrypt
-	mov	%i2,%o5
-
-	srl	%o0,24,%l0
-	srl	%o0,16,%l1
-	stb	%l0,[%i1+0]
-	srl	%o0,8,%l2
-	stb	%l1,[%i1+1]
-	stb	%l2,[%i1+2]
-	srl	%o1,24,%l4
-	stb	%o0,[%i1+3]
-
-	srl	%o1,16,%l5
-	stb	%l4,[%i1+4]
-	srl	%o1,8,%l6
-	stb	%l5,[%i1+5]
-	stb	%l6,[%i1+6]
-	srl	%o2,24,%l0
-	stb	%o1,[%i1+7]
-
-	srl	%o2,16,%l1
-	stb	%l0,[%i1+8]
-	srl	%o2,8,%l2
-	stb	%l1,[%i1+9]
-	stb	%l2,[%i1+10]
-	srl	%o3,24,%l4
-	stb	%o2,[%i1+11]
-
-	srl	%o3,16,%l5
-	stb	%l4,[%i1+12]
-	srl	%o3,8,%l6
-	stb	%l5,[%i1+13]
-	stb	%l6,[%i1+14]
-	stb	%o3,[%i1+15]
-
-	ret
-	restore
-.type	AES_decrypt,#function
-.size	AES_decrypt,(.-AES_decrypt)
-___
-
-# fmovs instructions substituting for FP nops were originally added
-# to meet specific instruction alignment requirements to maximize ILP.
-# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have
-# undesired effect, so just omit them and sacrifice some portion of
-# percent in performance...
-$code =~ s/fmovs.*$//gm;
-
-print $code;
-close STDOUT;	# ensure flush
diff --git a/lib/libssl/src/crypto/aes/asm/aes-x86_64.pl b/lib/libssl/src/crypto/aes/asm/aes-x86_64.pl
deleted file mode 100755
index f75e90ba87d..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aes-x86_64.pl
+++ /dev/null
@@ -1,2819 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Version 2.1.
-#
-# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on
-# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version
-# [you'll notice a lot of resemblance], such as compressed S-boxes
-# in little-endian byte order, prefetch of these tables in CBC mode,
-# as well as avoiding L1 cache aliasing between stack frame and key
-# schedule and already mentioned tables, compressed Td4...
-#
-# Performance in number of cycles per processed byte for 128-bit key:
-#
-#		ECB encrypt	ECB decrypt	CBC large chunk
-# AMD64		33		41		13.0
-# EM64T		38		59		18.6(*)
-# Core 2	30		43		14.5(*)
-#
-# (*) with hyper-threading off
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$verticalspin=1;	# unlike 32-bit version $verticalspin performs
-			# ~15% better on both AMD and Intel cores
-$speed_limit=512;	# see aes-586.pl for details
-
-$code=".text\n";
-
-$s0="%eax";
-$s1="%ebx";
-$s2="%ecx";
-$s3="%edx";
-$acc0="%esi";	$mask80="%rsi";
-$acc1="%edi";	$maskfe="%rdi";
-$acc2="%ebp";	$mask1b="%rbp";
-$inp="%r8";
-$out="%r9";
-$t0="%r10d";
-$t1="%r11d";
-$t2="%r12d";
-$rnds="%r13d";
-$sbox="%r14";
-$key="%r15";
-
-sub hi() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1h/;	$r; }
-sub lo() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1l/;
-			$r =~ s/%[er]([sd]i)/%\1l/;
-			$r =~ s/%(r[0-9]+)[d]?/%\1b/;	$r; }
-sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/;
-			$r =~ s/%r([0-9]+)/%r\1d/;	$r; }
-sub _data_word()
-{ my $i;
-    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
-}
-sub data_word()
-{ my $i;
-  my $last=pop(@_);
-    $code.=".long\t";
-    while(defined($i=shift)) { $code.=sprintf"0x%08x,",$i; }
-    $code.=sprintf"0x%08x\n",$last;
-}
-
-sub data_byte()
-{ my $i;
-  my $last=pop(@_);
-    $code.=".byte\t";
-    while(defined($i=shift)) { $code.=sprintf"0x%02x,",$i&0xff; }
-    $code.=sprintf"0x%02x\n",$last&0xff;
-}
-
-sub encvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	# favor 3-way issue Opteron pipeline...
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	mov	0($sbox,$acc0,8),$t0
-	mov	0($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	movzb	`&lo("$s3")`,$acc2
-	xor	3($sbox,$acc0,8),$t0
-	xor	3($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s3")`,$acc0
-	shr	\$16,$s2
-	movzb	`&hi("$s0")`,$acc2
-	xor	3($sbox,$acc0,8),$t2
-	shr	\$16,$s3
-	xor	3($sbox,$acc2,8),$t3
-
-	shr	\$16,$s1
-	lea	16($key),$key
-	shr	\$16,$s0
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	xor	2($sbox,$acc0,8),$t0
-	xor	2($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	movzb	`&lo("$s1")`,$acc2
-	xor	1($sbox,$acc0,8),$t0
-	xor	1($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t3
-
-	mov	12($key),$s3
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	mov	0($key),$s0
-	xor	1($sbox,$acc1,8),$t2
-	xor	1($sbox,$acc2,8),$t3
-
-	mov	4($key),$s1
-	mov	8($key),$s2
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub enclastvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	movzb	2($sbox,$acc0,8),$t0
-	movzb	2($sbox,$acc1,8),$t1
-	movzb	2($sbox,$acc2,8),$t2
-
-	movzb	`&lo("$s3")`,$acc0
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	movzb	2($sbox,$acc0,8),$t3
-	mov	0($sbox,$acc1,8),$acc1	#$t0
-	mov	0($sbox,$acc2,8),$acc2	#$t1
-
-	and	\$0x0000ff00,$acc1
-	and	\$0x0000ff00,$acc2
-
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-	shr	\$16,$s2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	shr	\$16,$s3
-	mov	0($sbox,$acc0,8),$acc0	#$t2
-	mov	0($sbox,$acc1,8),$acc1	#$t3
-
-	and	\$0x0000ff00,$acc0
-	and	\$0x0000ff00,$acc1
-	shr	\$16,$s1
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-	shr	\$16,$s0
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	mov	0($sbox,$acc0,8),$acc0	#$t0
-	mov	0($sbox,$acc1,8),$acc1	#$t1
-	mov	0($sbox,$acc2,8),$acc2	#$t2
-
-	and	\$0x00ff0000,$acc0
-	and	\$0x00ff0000,$acc1
-	and	\$0x00ff0000,$acc2
-
-	xor	$acc0,$t0
-	xor	$acc1,$t1
-	xor	$acc2,$t2
-
-	movzb	`&lo("$s1")`,$acc0
-	movzb	`&hi("$s3")`,$acc1
-	movzb	`&hi("$s0")`,$acc2
-	mov	0($sbox,$acc0,8),$acc0	#$t3
-	mov	2($sbox,$acc1,8),$acc1	#$t0
-	mov	2($sbox,$acc2,8),$acc2	#$t1
-
-	and	\$0x00ff0000,$acc0
-	and	\$0xff000000,$acc1
-	and	\$0xff000000,$acc2
-
-	xor	$acc0,$t3
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	mov	16+12($key),$s3
-	mov	2($sbox,$acc0,8),$acc0	#$t2
-	mov	2($sbox,$acc1,8),$acc1	#$t3
-	mov	16+0($key),$s0
-
-	and	\$0xff000000,$acc0
-	and	\$0xff000000,$acc1
-
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-
-	mov	16+4($key),$s1
-	mov	16+8($key),$s2
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub encstep()
-{ my ($i,@s) = @_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	if ($i==3) {
-		$tmp0=$s[1];
-		$tmp1=$s[2];
-		$tmp2=$s[3];
-	}
-	$code.="	movzb	".&lo($s[0]).",$out\n";
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	lea	16($key),$key\n"	if ($i==0);
-
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	mov	0($sbox,$out,8),$out\n";
-
-	$code.="	shr	\$16,$tmp1\n";
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-	$code.="	xor	3($sbox,$tmp0,8),$out\n";
-
-	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-	$code.="	xor	4*$i($key),$out\n";
-
-	$code.="	xor	2($sbox,$tmp1,8),$out\n";
-	$code.="	xor	1($sbox,$tmp2,8),$out\n";
-
-	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-sub enclast()
-{ my ($i,@s)=@_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	if ($i==3) {
-		$tmp0=$s[1];
-		$tmp1=$s[2];
-		$tmp2=$s[3];
-	}
-	$code.="	movzb	".&lo($s[0]).",$out\n";
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-
-	$code.="	mov	2($sbox,$out,8),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-	$code.="	and	\$0x000000ff,$out\n";
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	mov	0($sbox,$tmp0,8),$tmp0\n";
-	$code.="	mov	0($sbox,$tmp1,8),$tmp1\n";
-	$code.="	mov	2($sbox,$tmp2,8),$tmp2\n";
-
-	$code.="	and	\$0x0000ff00,$tmp0\n";
-	$code.="	and	\$0x00ff0000,$tmp1\n";
-	$code.="	and	\$0xff000000,$tmp2\n";
-
-	$code.="	xor	$tmp0,$out\n";
-	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
-	$code.="	xor	$tmp1,$out\n";
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	xor	$tmp2,$out\n";
-	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-$code.=<<___;
-.type	_x86_64_AES_encrypt,\@abi-omnipotent
-.align	16
-_x86_64_AES_encrypt:
-	xor	0($key),$s0			# xor with key
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-
-	mov	240($key),$rnds			# load key->rounds
-	sub	\$1,$rnds
-	jmp	.Lenc_loop
-.align	16
-.Lenc_loop:
-___
-	if ($verticalspin) { &encvert(); }
-	else {	&encstep(0,$s0,$s1,$s2,$s3);
-		&encstep(1,$s1,$s2,$s3,$s0);
-		&encstep(2,$s2,$s3,$s0,$s1);
-		&encstep(3,$s3,$s0,$s1,$s2);
-	}
-$code.=<<___;
-	sub	\$1,$rnds
-	jnz	.Lenc_loop
-___
-	if ($verticalspin) { &enclastvert(); }
-	else {	&enclast(0,$s0,$s1,$s2,$s3);
-		&enclast(1,$s1,$s2,$s3,$s0);
-		&enclast(2,$s2,$s3,$s0,$s1);
-		&enclast(3,$s3,$s0,$s1,$s2);
-		$code.=<<___;
-		xor	16+0($key),$s0		# xor with key
-		xor	16+4($key),$s1
-		xor	16+8($key),$s2
-		xor	16+12($key),$s3
-___
-	}
-$code.=<<___;
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_encrypt,.-_x86_64_AES_encrypt
-___
-
-# it's possible to implement this by shifting tN by 8, filling least
-# significant byte with byte load and finally bswap-ing at the end,
-# but such partial register load kills Core 2...
-sub enccompactvert()
-{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$t0
-	movzb	`&lo("$s1")`,$t1
-	movzb	`&lo("$s2")`,$t2
-	movzb	($sbox,$t0,1),$t0
-	movzb	($sbox,$t1,1),$t1
-	movzb	($sbox,$t2,1),$t2
-
-	movzb	`&lo("$s3")`,$t3
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	movzb	($sbox,$t3,1),$t3
-	movzb	($sbox,$acc0,1),$t4	#$t0
-	movzb	($sbox,$acc1,1),$t5	#$t1
-
-	movzb	`&hi("$s3")`,$acc2
-	movzb	`&hi("$s0")`,$acc0
-	shr	\$16,$s2
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-	shr	\$16,$s3
-
-	movzb	`&lo("$s2")`,$acc1
-	shl	\$8,$t4
-	shl	\$8,$t5
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	xor	$t4,$t0
-	xor	$t5,$t1
-
-	movzb	`&lo("$s3")`,$t4
-	shr	\$16,$s0
-	shr	\$16,$s1
-	movzb	`&lo("$s0")`,$t5
-	shl	\$8,$acc2
-	shl	\$8,$acc0
-	movzb	($sbox,$t4,1),$t4	#$t1
-	movzb	($sbox,$t5,1),$t5	#$t2
-	xor	$acc2,$t2
-	xor	$acc0,$t3
-
-	movzb	`&lo("$s1")`,$acc2
-	movzb	`&hi("$s3")`,$acc0
-	shl	\$16,$acc1
-	movzb	($sbox,$acc2,1),$acc2	#$t3
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	xor	$acc1,$t0
-
-	movzb	`&hi("$s0")`,$acc1
-	shr	\$8,$s2
-	shr	\$8,$s1
-	movzb	($sbox,$acc1,1),$acc1	#$t1
-	movzb	($sbox,$s2,1),$s3	#$t3
-	movzb	($sbox,$s1,1),$s2	#$t2
-	shl	\$16,$t4
-	shl	\$16,$t5
-	shl	\$16,$acc2
-	xor	$t4,$t1
-	xor	$t5,$t2
-	xor	$acc2,$t3
-
-	shl	\$24,$acc0
-	shl	\$24,$acc1
-	shl	\$24,$s3
-	xor	$acc0,$t0
-	shl	\$24,$s2
-	xor	$acc1,$t1
-	mov	$t0,$s0
-	mov	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub enctransform_ref()
-{ my $sn = shift;
-  my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	mov	$sn,$acc
-	and	\$0x80808080,$acc
-	mov	$acc,$tmp
-	shr	\$7,$tmp
-	lea	($sn,$sn),$r2
-	sub	$tmp,$acc
-	and	\$0xfefefefe,$r2
-	and	\$0x1b1b1b1b,$acc
-	mov	$sn,$tmp
-	xor	$acc,$r2
-
-	xor	$r2,$sn
-	rol	\$24,$sn
-	xor	$r2,$sn
-	ror	\$16,$tmp
-	xor	$tmp,$sn
-	ror	\$8,$tmp
-	xor	$tmp,$sn
-___
-}
-
-# unlike decrypt case it does not pay off to parallelize enctransform
-sub enctransform()
-{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d");
-
-$code.=<<___;
-	mov	$s0,$acc0
-	mov	$s1,$acc1
-	and	\$0x80808080,$acc0
-	and	\$0x80808080,$acc1
-	mov	$acc0,$t0
-	mov	$acc1,$t1
-	shr	\$7,$t0
-	lea	($s0,$s0),$r20
-	shr	\$7,$t1
-	lea	($s1,$s1),$r21
-	sub	$t0,$acc0
-	sub	$t1,$acc1
-	and	\$0xfefefefe,$r20
-	and	\$0xfefefefe,$r21
-	and	\$0x1b1b1b1b,$acc0
-	and	\$0x1b1b1b1b,$acc1
-	mov	$s0,$t0
-	mov	$s1,$t1
-	xor	$acc0,$r20
-	xor	$acc1,$r21
-
-	xor	$r20,$s0
-	xor	$r21,$s1
-	 mov	$s2,$acc0
-	 mov	$s3,$acc1
-	rol	\$24,$s0
-	rol	\$24,$s1
-	 and	\$0x80808080,$acc0
-	 and	\$0x80808080,$acc1
-	xor	$r20,$s0
-	xor	$r21,$s1
-	 mov	$acc0,$t2
-	 mov	$acc1,$t3
-	ror	\$16,$t0
-	ror	\$16,$t1
-	 shr	\$7,$t2
-	 lea	($s2,$s2),$r20
-	xor	$t0,$s0
-	xor	$t1,$s1
-	 shr	\$7,$t3
-	 lea	($s3,$s3),$r21
-	ror	\$8,$t0
-	ror	\$8,$t1
-	 sub	$t2,$acc0
-	 sub	$t3,$acc1
-	xor	$t0,$s0
-	xor	$t1,$s1
-
-	and	\$0xfefefefe,$r20
-	and	\$0xfefefefe,$r21
-	and	\$0x1b1b1b1b,$acc0
-	and	\$0x1b1b1b1b,$acc1
-	mov	$s2,$t2
-	mov	$s3,$t3
-	xor	$acc0,$r20
-	xor	$acc1,$r21
-
-	xor	$r20,$s2
-	xor	$r21,$s3
-	rol	\$24,$s2
-	rol	\$24,$s3
-	xor	$r20,$s2
-	xor	$r21,$s3
-	mov	0($sbox),$acc0			# prefetch Te4
-	ror	\$16,$t2
-	ror	\$16,$t3
-	mov	64($sbox),$acc1
-	xor	$t2,$s2
-	xor	$t3,$s3
-	mov	128($sbox),$r20
-	ror	\$8,$t2
-	ror	\$8,$t3
-	mov	192($sbox),$r21
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-$code.=<<___;
-.type	_x86_64_AES_encrypt_compact,\@abi-omnipotent
-.align	16
-_x86_64_AES_encrypt_compact:
-	lea	128($sbox),$inp			# size optimization
-	mov	0-128($inp),$acc1		# prefetch Te4
-	mov	32-128($inp),$acc2
-	mov	64-128($inp),$t0
-	mov	96-128($inp),$t1
-	mov	128-128($inp),$acc1
-	mov	160-128($inp),$acc2
-	mov	192-128($inp),$t0
-	mov	224-128($inp),$t1
-	jmp	.Lenc_loop_compact
-.align	16
-.Lenc_loop_compact:
-		xor	0($key),$s0		# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-		lea	16($key),$key
-___
-		&enccompactvert();
-$code.=<<___;
-		cmp	16(%rsp),$key
-		je	.Lenc_compact_done
-___
-		&enctransform();
-$code.=<<___;
-	jmp	.Lenc_loop_compact
-.align	16
-.Lenc_compact_done:
-	xor	0($key),$s0
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact
-___
-
-# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-$code.=<<___;
-.globl	AES_encrypt
-.type	AES_encrypt,\@function,3
-.align	16
-.globl	asm_AES_encrypt
-.hidden	asm_AES_encrypt
-asm_AES_encrypt:
-AES_encrypt:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	# allocate frame "above" key schedule
-	mov	%rsp,%r10
-	lea	-63(%rdx),%rcx	# %rdx is key argument
-	and	\$-64,%rsp
-	sub	%rsp,%rcx
-	neg	%rcx
-	and	\$0x3c0,%rcx
-	sub	%rcx,%rsp
-	sub	\$32,%rsp
-
-	mov	%rsi,16(%rsp)	# save out
-	mov	%r10,24(%rsp)	# save real stack pointer
-.Lenc_prologue:
-
-	mov	%rdx,$key
-	mov	240($key),$rnds	# load rounds
-
-	mov	0(%rdi),$s0	# load input vector
-	mov	4(%rdi),$s1
-	mov	8(%rdi),$s2
-	mov	12(%rdi),$s3
-
-	shl	\$4,$rnds
-	lea	($key,$rnds),%rbp
-	mov	$key,(%rsp)	# key schedule
-	mov	%rbp,8(%rsp)	# end of key schedule
-
-	# pick Te4 copy which can't "overlap" with stack frame or key schedule
-	lea	.LAES_Te+2048(%rip),$sbox
-	lea	768(%rsp),%rbp
-	sub	$sbox,%rbp
-	and	\$0x300,%rbp
-	lea	($sbox,%rbp),$sbox
-
-	call	_x86_64_AES_encrypt_compact
-
-	mov	16(%rsp),$out	# restore out
-	mov	24(%rsp),%rsi	# restore saved stack pointer
-	mov	$s0,0($out)	# write output vector
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lenc_epilogue:
-	ret
-.size	AES_encrypt,.-AES_encrypt
-___
-
-#------------------------------------------------------------------#
-
-sub decvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	# favor 3-way issue Opteron pipeline...
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	mov	0($sbox,$acc0,8),$t0
-	mov	0($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	movzb	`&lo("$s3")`,$acc2
-	xor	3($sbox,$acc0,8),$t0
-	xor	3($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s1")`,$acc0
-	shr	\$16,$s0
-	movzb	`&hi("$s2")`,$acc2
-	xor	3($sbox,$acc0,8),$t2
-	shr	\$16,$s3
-	xor	3($sbox,$acc2,8),$t3
-
-	shr	\$16,$s1
-	lea	16($key),$key
-	shr	\$16,$s2
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	xor	2($sbox,$acc0,8),$t0
-	xor	2($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	movzb	`&lo("$s1")`,$acc2
-	xor	1($sbox,$acc0,8),$t0
-	xor	1($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s3")`,$acc0
-	mov	12($key),$s3
-	movzb	`&hi("$s0")`,$acc2
-	xor	1($sbox,$acc0,8),$t2
-	mov	0($key),$s0
-	xor	1($sbox,$acc2,8),$t3
-
-	xor	$t0,$s0
-	mov	4($key),$s1
-	mov	8($key),$s2
-	xor	$t2,$s2
-	xor	$t1,$s1
-	xor	$t3,$s3
-___
-}
-
-sub declastvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	lea	2048($sbox),$sbox	# size optimization
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	movzb	($sbox,$acc0,1),$t0
-	movzb	($sbox,$acc1,1),$t1
-	movzb	($sbox,$acc2,1),$t2
-
-	movzb	`&lo("$s3")`,$acc0
-	movzb	`&hi("$s3")`,$acc1
-	movzb	`&hi("$s0")`,$acc2
-	movzb	($sbox,$acc0,1),$t3
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	movzb	($sbox,$acc2,1),$acc2	#$t1
-
-	shl	\$8,$acc1
-	shl	\$8,$acc2
-
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-	shr	\$16,$s3
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	shr	\$16,$s0
-	movzb	($sbox,$acc0,1),$acc0	#$t2
-	movzb	($sbox,$acc1,1),$acc1	#$t3
-
-	shl	\$8,$acc0
-	shl	\$8,$acc1
-	shr	\$16,$s1
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-	shr	\$16,$s2
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	movzb	($sbox,$acc1,1),$acc1	#$t1
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-
-	shl	\$16,$acc0
-	shl	\$16,$acc1
-	shl	\$16,$acc2
-
-	xor	$acc0,$t0
-	xor	$acc1,$t1
-	xor	$acc2,$t2
-
-	movzb	`&lo("$s1")`,$acc0
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	movzb	($sbox,$acc2,1),$acc2	#$t1
-
-	shl	\$16,$acc0
-	shl	\$24,$acc1
-	shl	\$24,$acc2
-
-	xor	$acc0,$t3
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	mov	16+12($key),$s3
-	movzb	($sbox,$acc0,1),$acc0	#$t2
-	movzb	($sbox,$acc1,1),$acc1	#$t3
-	mov	16+0($key),$s0
-
-	shl	\$24,$acc0
-	shl	\$24,$acc1
-
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-
-	mov	16+4($key),$s1
-	mov	16+8($key),$s2
-	lea	-2048($sbox),$sbox
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub decstep()
-{ my ($i,@s) = @_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	$code.="	mov	$s[0],$out\n"		if ($i!=3);
-			$tmp1=$s[2]			if ($i==3);
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	and	\$0xFF,$out\n";
-
-	$code.="	mov	0($sbox,$out,8),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-			$tmp2=$s[3]			if ($i==3);
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-			$tmp0=$s[1]			if ($i==3);
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	and	\$0xFF,$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	xor	3($sbox,$tmp0,8),$out\n";
-	$code.="	xor	2($sbox,$tmp1,8),$out\n";
-	$code.="	xor	1($sbox,$tmp2,8),$out\n";
-
-	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-sub declast()
-{ my ($i,@s)=@_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	$code.="	mov	$s[0],$out\n"		if ($i!=3);
-			$tmp1=$s[2]			if ($i==3);
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	and	\$0xFF,$out\n";
-
-	$code.="	movzb	2048($sbox,$out,1),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-			$tmp2=$s[3]			if ($i==3);
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-			$tmp0=$s[1]			if ($i==3);
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	and	\$0xFF,$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	movzb	2048($sbox,$tmp0,1),$tmp0\n";
-	$code.="	movzb	2048($sbox,$tmp1,1),$tmp1\n";
-	$code.="	movzb	2048($sbox,$tmp2,1),$tmp2\n";
-
-	$code.="	shl	\$8,$tmp0\n";
-	$code.="	shl	\$16,$tmp1\n";
-	$code.="	shl	\$24,$tmp2\n";
-
-	$code.="	xor	$tmp0,$out\n";
-	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
-	$code.="	xor	$tmp1,$out\n";
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	xor	$tmp2,$out\n";
-	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-$code.=<<___;
-.type	_x86_64_AES_decrypt,\@abi-omnipotent
-.align	16
-_x86_64_AES_decrypt:
-	xor	0($key),$s0			# xor with key
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-
-	mov	240($key),$rnds			# load key->rounds
-	sub	\$1,$rnds
-	jmp	.Ldec_loop
-.align	16
-.Ldec_loop:
-___
-	if ($verticalspin) { &decvert(); }
-	else {	&decstep(0,$s0,$s3,$s2,$s1);
-		&decstep(1,$s1,$s0,$s3,$s2);
-		&decstep(2,$s2,$s1,$s0,$s3);
-		&decstep(3,$s3,$s2,$s1,$s0);
-		$code.=<<___;
-		lea	16($key),$key
-		xor	0($key),$s0			# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-___
-	}
-$code.=<<___;
-	sub	\$1,$rnds
-	jnz	.Ldec_loop
-___
-	if ($verticalspin) { &declastvert(); }
-	else {	&declast(0,$s0,$s3,$s2,$s1);
-		&declast(1,$s1,$s0,$s3,$s2);
-		&declast(2,$s2,$s1,$s0,$s3);
-		&declast(3,$s3,$s2,$s1,$s0);
-		$code.=<<___;
-		xor	16+0($key),$s0			# xor with key
-		xor	16+4($key),$s1
-		xor	16+8($key),$s2
-		xor	16+12($key),$s3
-___
-	}
-$code.=<<___;
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_decrypt,.-_x86_64_AES_decrypt
-___
-
-sub deccompactvert()
-{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$t0
-	movzb	`&lo("$s1")`,$t1
-	movzb	`&lo("$s2")`,$t2
-	movzb	($sbox,$t0,1),$t0
-	movzb	($sbox,$t1,1),$t1
-	movzb	($sbox,$t2,1),$t2
-
-	movzb	`&lo("$s3")`,$t3
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	movzb	($sbox,$t3,1),$t3
-	movzb	($sbox,$acc0,1),$t4	#$t0
-	movzb	($sbox,$acc1,1),$t5	#$t1
-
-	movzb	`&hi("$s1")`,$acc2
-	movzb	`&hi("$s2")`,$acc0
-	shr	\$16,$s2
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-	shr	\$16,$s3
-
-	movzb	`&lo("$s2")`,$acc1
-	shl	\$8,$t4
-	shl	\$8,$t5
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	xor	$t4,$t0
-	xor	$t5,$t1
-
-	movzb	`&lo("$s3")`,$t4
-	shr	\$16,$s0
-	shr	\$16,$s1
-	movzb	`&lo("$s0")`,$t5
-	shl	\$8,$acc2
-	shl	\$8,$acc0
-	movzb	($sbox,$t4,1),$t4	#$t1
-	movzb	($sbox,$t5,1),$t5	#$t2
-	xor	$acc2,$t2
-	xor	$acc0,$t3
-
-	movzb	`&lo("$s1")`,$acc2
-	movzb	`&hi("$s1")`,$acc0
-	shl	\$16,$acc1
-	movzb	($sbox,$acc2,1),$acc2	#$t3
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	xor	$acc1,$t0
-
-	movzb	`&hi("$s2")`,$acc1
-	shl	\$16,$t4
-	shl	\$16,$t5
-	movzb	($sbox,$acc1,1),$s1	#$t1
-	xor	$t4,$t1
-	xor	$t5,$t2
-
-	movzb	`&hi("$s3")`,$acc1
-	shr	\$8,$s0
-	shl	\$16,$acc2
-	movzb	($sbox,$acc1,1),$s2	#$t2
-	movzb	($sbox,$s0,1),$s3	#$t3
-	xor	$acc2,$t3
-
-	shl	\$24,$acc0
-	shl	\$24,$s1
-	shl	\$24,$s2
-	xor	$acc0,$t0
-	shl	\$24,$s3
-	xor	$t1,$s1
-	mov	$t0,$s0
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-# parallelized version! input is pair of 64-bit values: %rax=s1.s0
-# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1,
-# %ecx=s2 and %edx=s3.
-sub dectransform()
-{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx");
-  my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx");
-  my $prefetch = shift;
-
-$code.=<<___;
-	mov	$tp10,$acc0
-	mov	$tp18,$acc8
-	and	$mask80,$acc0
-	and	$mask80,$acc8
-	mov	$acc0,$tp40
-	mov	$acc8,$tp48
-	shr	\$7,$tp40
-	lea	($tp10,$tp10),$tp20
-	shr	\$7,$tp48
-	lea	($tp18,$tp18),$tp28
-	sub	$tp40,$acc0
-	sub	$tp48,$acc8
-	and	$maskfe,$tp20
-	and	$maskfe,$tp28
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$tp20,$acc0
-	xor	$tp28,$acc8
-	mov	$acc0,$tp20
-	mov	$acc8,$tp28
-
-	and	$mask80,$acc0
-	and	$mask80,$acc8
-	mov	$acc0,$tp80
-	mov	$acc8,$tp88
-	shr	\$7,$tp80
-	lea	($tp20,$tp20),$tp40
-	shr	\$7,$tp88
-	lea	($tp28,$tp28),$tp48
-	sub	$tp80,$acc0
-	sub	$tp88,$acc8
-	and	$maskfe,$tp40
-	and	$maskfe,$tp48
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$tp40,$acc0
-	xor	$tp48,$acc8
-	mov	$acc0,$tp40
-	mov	$acc8,$tp48
-
-	and	$mask80,$acc0
-	and	$mask80,$acc8
-	mov	$acc0,$tp80
-	mov	$acc8,$tp88
-	shr	\$7,$tp80
-	 xor	$tp10,$tp20		# tp2^=tp1
-	shr	\$7,$tp88
-	 xor	$tp18,$tp28		# tp2^=tp1
-	sub	$tp80,$acc0
-	sub	$tp88,$acc8
-	lea	($tp40,$tp40),$tp80
-	lea	($tp48,$tp48),$tp88
-	 xor	$tp10,$tp40		# tp4^=tp1
-	 xor	$tp18,$tp48		# tp4^=tp1
-	and	$maskfe,$tp80
-	and	$maskfe,$tp88
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$acc0,$tp80
-	xor	$acc8,$tp88
-
-	xor	$tp80,$tp10		# tp1^=tp8
-	xor	$tp88,$tp18		# tp1^=tp8
-	xor	$tp80,$tp20		# tp2^tp1^=tp8
-	xor	$tp88,$tp28		# tp2^tp1^=tp8
-	mov	$tp10,$acc0
-	mov	$tp18,$acc8
-	xor	$tp80,$tp40		# tp4^tp1^=tp8
-	xor	$tp88,$tp48		# tp4^tp1^=tp8
-	shr	\$32,$acc0
-	shr	\$32,$acc8
-	xor	$tp20,$tp80		# tp8^=tp8^tp2^tp1=tp2^tp1
-	xor	$tp28,$tp88		# tp8^=tp8^tp2^tp1=tp2^tp1
-	rol	\$8,`&LO("$tp10")`	# ROTATE(tp1^tp8,8)
-	rol	\$8,`&LO("$tp18")`	# ROTATE(tp1^tp8,8)
-	xor	$tp40,$tp80		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
-	xor	$tp48,$tp88		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
-
-	rol	\$8,`&LO("$acc0")`	# ROTATE(tp1^tp8,8)
-	rol	\$8,`&LO("$acc8")`	# ROTATE(tp1^tp8,8)
-	xor	`&LO("$tp80")`,`&LO("$tp10")`
-	xor	`&LO("$tp88")`,`&LO("$tp18")`
-	shr	\$32,$tp80
-	shr	\$32,$tp88
-	xor	`&LO("$tp80")`,`&LO("$acc0")`
-	xor	`&LO("$tp88")`,`&LO("$acc8")`
-
-	mov	$tp20,$tp80
-	mov	$tp28,$tp88
-	shr	\$32,$tp80
-	shr	\$32,$tp88
-	rol	\$24,`&LO("$tp20")`	# ROTATE(tp2^tp1^tp8,24)
-	rol	\$24,`&LO("$tp28")`	# ROTATE(tp2^tp1^tp8,24)
-	rol	\$24,`&LO("$tp80")`	# ROTATE(tp2^tp1^tp8,24)
-	rol	\$24,`&LO("$tp88")`	# ROTATE(tp2^tp1^tp8,24)
-	xor	`&LO("$tp20")`,`&LO("$tp10")`
-	xor	`&LO("$tp28")`,`&LO("$tp18")`
-	mov	$tp40,$tp20
-	mov	$tp48,$tp28
-	xor	`&LO("$tp80")`,`&LO("$acc0")`
-	xor	`&LO("$tp88")`,`&LO("$acc8")`
-
-	`"mov	0($sbox),$mask80"	if ($prefetch)`
-	shr	\$32,$tp20
-	shr	\$32,$tp28
-	`"mov	64($sbox),$maskfe"	if ($prefetch)`
-	rol	\$16,`&LO("$tp40")`	# ROTATE(tp4^tp1^tp8,16)
-	rol	\$16,`&LO("$tp48")`	# ROTATE(tp4^tp1^tp8,16)
-	`"mov	128($sbox),$mask1b"	if ($prefetch)`
-	rol	\$16,`&LO("$tp20")`	# ROTATE(tp4^tp1^tp8,16)
-	rol	\$16,`&LO("$tp28")`	# ROTATE(tp4^tp1^tp8,16)
-	`"mov	192($sbox),$tp80"	if ($prefetch)`
-	xor	`&LO("$tp40")`,`&LO("$tp10")`
-	xor	`&LO("$tp48")`,`&LO("$tp18")`
-	`"mov	256($sbox),$tp88"	if ($prefetch)`
-	xor	`&LO("$tp20")`,`&LO("$acc0")`
-	xor	`&LO("$tp28")`,`&LO("$acc8")`
-___
-}
-
-$code.=<<___;
-.type	_x86_64_AES_decrypt_compact,\@abi-omnipotent
-.align	16
-_x86_64_AES_decrypt_compact:
-	lea	128($sbox),$inp			# size optimization
-	mov	0-128($inp),$acc1		# prefetch Td4
-	mov	32-128($inp),$acc2
-	mov	64-128($inp),$t0
-	mov	96-128($inp),$t1
-	mov	128-128($inp),$acc1
-	mov	160-128($inp),$acc2
-	mov	192-128($inp),$t0
-	mov	224-128($inp),$t1
-	jmp	.Ldec_loop_compact
-
-.align	16
-.Ldec_loop_compact:
-		xor	0($key),$s0		# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-		lea	16($key),$key
-___
-		&deccompactvert();
-$code.=<<___;
-		cmp	16(%rsp),$key
-		je	.Ldec_compact_done
-
-		mov	256+0($sbox),$mask80
-		shl	\$32,%rbx
-		shl	\$32,%rdx
-		mov	256+8($sbox),$maskfe
-		or	%rbx,%rax
-		or	%rdx,%rcx
-		mov	256+16($sbox),$mask1b
-___
-		&dectransform(1);
-$code.=<<___;
-	jmp	.Ldec_loop_compact
-.align	16
-.Ldec_compact_done:
-	xor	0($key),$s0
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact
-___
-
-# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-$code.=<<___;
-.globl	AES_decrypt
-.type	AES_decrypt,\@function,3
-.align	16
-.globl	asm_AES_decrypt
-.hidden	asm_AES_decrypt
-asm_AES_decrypt:
-AES_decrypt:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	# allocate frame "above" key schedule
-	mov	%rsp,%r10
-	lea	-63(%rdx),%rcx	# %rdx is key argument
-	and	\$-64,%rsp
-	sub	%rsp,%rcx
-	neg	%rcx
-	and	\$0x3c0,%rcx
-	sub	%rcx,%rsp
-	sub	\$32,%rsp
-
-	mov	%rsi,16(%rsp)	# save out
-	mov	%r10,24(%rsp)	# save real stack pointer
-.Ldec_prologue:
-
-	mov	%rdx,$key
-	mov	240($key),$rnds	# load rounds
-
-	mov	0(%rdi),$s0	# load input vector
-	mov	4(%rdi),$s1
-	mov	8(%rdi),$s2
-	mov	12(%rdi),$s3
-
-	shl	\$4,$rnds
-	lea	($key,$rnds),%rbp
-	mov	$key,(%rsp)	# key schedule
-	mov	%rbp,8(%rsp)	# end of key schedule
-
-	# pick Td4 copy which can't "overlap" with stack frame or key schedule
-	lea	.LAES_Td+2048(%rip),$sbox
-	lea	768(%rsp),%rbp
-	sub	$sbox,%rbp
-	and	\$0x300,%rbp
-	lea	($sbox,%rbp),$sbox
-	shr	\$3,%rbp	# recall "magic" constants!
-	add	%rbp,$sbox
-
-	call	_x86_64_AES_decrypt_compact
-
-	mov	16(%rsp),$out	# restore out
-	mov	24(%rsp),%rsi	# restore saved stack pointer
-	mov	$s0,0($out)	# write output vector
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Ldec_epilogue:
-	ret
-.size	AES_decrypt,.-AES_decrypt
-___
-#------------------------------------------------------------------#
-
-sub enckey()
-{
-$code.=<<___;
-	movz	%dl,%esi		# rk[i]>>0
-	movzb	-128(%rbp,%rsi),%ebx
-	movz	%dh,%esi		# rk[i]>>8
-	shl	\$24,%ebx
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	shr	\$16,%edx
-	movz	%dl,%esi		# rk[i]>>16
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	movz	%dh,%esi		# rk[i]>>24
-	shl	\$8,%ebx
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	shl	\$16,%ebx
-	xor	%ebx,%eax
-
-	xor	1024-128(%rbp,%rcx,4),%eax		# rcon
-___
-}
-
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-$code.=<<___;
-.globl	AES_set_encrypt_key
-.type	AES_set_encrypt_key,\@function,3
-.align	16
-AES_set_encrypt_key:
-	push	%rbx
-	push	%rbp
-	push	%r12			# redundant, but allows to share 
-	push	%r13			# exception handler...
-	push	%r14
-	push	%r15
-	sub	\$8,%rsp
-.Lenc_key_prologue:
-
-	call	_x86_64_AES_set_encrypt_key
-
-	mov	8(%rsp),%r15
-	mov	16(%rsp),%r14
-	mov	24(%rsp),%r13
-	mov	32(%rsp),%r12
-	mov	40(%rsp),%rbp
-	mov	48(%rsp),%rbx
-	add	\$56,%rsp
-.Lenc_key_epilogue:
-	ret
-.size	AES_set_encrypt_key,.-AES_set_encrypt_key
-
-.type	_x86_64_AES_set_encrypt_key,\@abi-omnipotent
-.align	16
-_x86_64_AES_set_encrypt_key:
-	mov	%esi,%ecx			# %ecx=bits
-	mov	%rdi,%rsi			# %rsi=userKey
-	mov	%rdx,%rdi			# %rdi=key
-
-	test	\$-1,%rsi
-	jz	.Lbadpointer
-	test	\$-1,%rdi
-	jz	.Lbadpointer
-
-	lea	.LAES_Te(%rip),%rbp
-	lea	2048+128(%rbp),%rbp
-
-	# prefetch Te4
-	mov	0-128(%rbp),%eax
-	mov	32-128(%rbp),%ebx
-	mov	64-128(%rbp),%r8d
-	mov	96-128(%rbp),%edx
-	mov	128-128(%rbp),%eax
-	mov	160-128(%rbp),%ebx
-	mov	192-128(%rbp),%r8d
-	mov	224-128(%rbp),%edx
-
-	cmp	\$128,%ecx
-	je	.L10rounds
-	cmp	\$192,%ecx
-	je	.L12rounds
-	cmp	\$256,%ecx
-	je	.L14rounds
-	mov	\$-2,%rax			# invalid number of bits
-	jmp	.Lexit
-
-.L10rounds:
-	mov	0(%rsi),%rax			# copy first 4 dwords
-	mov	8(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rdx,8(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L10shortcut
-.align	4
-.L10loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	12(%rdi),%edx			# rk[3]
-.L10shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,16(%rdi)			# rk[4]
-		xor	4(%rdi),%eax
-		mov	%eax,20(%rdi)			# rk[5]
-		xor	8(%rdi),%eax
-		mov	%eax,24(%rdi)			# rk[6]
-		xor	12(%rdi),%eax
-		mov	%eax,28(%rdi)			# rk[7]
-		add	\$1,%ecx
-		lea	16(%rdi),%rdi
-		cmp	\$10,%ecx
-	jl	.L10loop
-
-	movl	\$10,80(%rdi)			# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.L12rounds:
-	mov	0(%rsi),%rax			# copy first 6 dwords
-	mov	8(%rsi),%rbx
-	mov	16(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rbx,8(%rdi)
-	mov	%rdx,16(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L12shortcut
-.align	4
-.L12loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	20(%rdi),%edx			# rk[5]
-.L12shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,24(%rdi)			# rk[6]
-		xor	4(%rdi),%eax
-		mov	%eax,28(%rdi)			# rk[7]
-		xor	8(%rdi),%eax
-		mov	%eax,32(%rdi)			# rk[8]
-		xor	12(%rdi),%eax
-		mov	%eax,36(%rdi)			# rk[9]
-
-		cmp	\$7,%ecx
-		je	.L12break
-		add	\$1,%ecx
-
-		xor	16(%rdi),%eax
-		mov	%eax,40(%rdi)			# rk[10]
-		xor	20(%rdi),%eax
-		mov	%eax,44(%rdi)			# rk[11]
-
-		lea	24(%rdi),%rdi
-	jmp	.L12loop
-.L12break:
-	movl	\$12,72(%rdi)		# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.L14rounds:		
-	mov	0(%rsi),%rax			# copy first 8 dwords
-	mov	8(%rsi),%rbx
-	mov	16(%rsi),%rcx
-	mov	24(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rbx,8(%rdi)
-	mov	%rcx,16(%rdi)
-	mov	%rdx,24(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L14shortcut
-.align	4
-.L14loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	28(%rdi),%edx			# rk[4]
-.L14shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,32(%rdi)			# rk[8]
-		xor	4(%rdi),%eax
-		mov	%eax,36(%rdi)			# rk[9]
-		xor	8(%rdi),%eax
-		mov	%eax,40(%rdi)			# rk[10]
-		xor	12(%rdi),%eax
-		mov	%eax,44(%rdi)			# rk[11]
-
-		cmp	\$6,%ecx
-		je	.L14break
-		add	\$1,%ecx
-
-		mov	%eax,%edx
-		mov	16(%rdi),%eax			# rk[4]
-		movz	%dl,%esi			# rk[11]>>0
-		movzb	-128(%rbp,%rsi),%ebx
-		movz	%dh,%esi			# rk[11]>>8
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		shr	\$16,%edx
-		shl	\$8,%ebx
-		movz	%dl,%esi			# rk[11]>>16
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		movz	%dh,%esi			# rk[11]>>24
-		shl	\$16,%ebx
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		shl	\$24,%ebx
-		xor	%ebx,%eax
-
-		mov	%eax,48(%rdi)			# rk[12]
-		xor	20(%rdi),%eax
-		mov	%eax,52(%rdi)			# rk[13]
-		xor	24(%rdi),%eax
-		mov	%eax,56(%rdi)			# rk[14]
-		xor	28(%rdi),%eax
-		mov	%eax,60(%rdi)			# rk[15]
-
-		lea	32(%rdi),%rdi
-	jmp	.L14loop
-.L14break:
-	movl	\$14,48(%rdi)		# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.Lbadpointer:
-	mov	\$-1,%rax
-.Lexit:
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
-___
-
-sub deckey_ref()
-{ my ($i,$ptr,$te,$td) = @_;
-  my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d");
-$code.=<<___;
-	mov	$i($ptr),$tp1
-	mov	$tp1,$acc
-	and	\$0x80808080,$acc
-	mov	$acc,$tp4
-	shr	\$7,$tp4
-	lea	0($tp1,$tp1),$tp2
-	sub	$tp4,$acc
-	and	\$0xfefefefe,$tp2
-	and	\$0x1b1b1b1b,$acc
-	xor	$tp2,$acc
-	mov	$acc,$tp2
-
-	and	\$0x80808080,$acc
-	mov	$acc,$tp8
-	shr	\$7,$tp8
-	lea	0($tp2,$tp2),$tp4
-	sub	$tp8,$acc
-	and	\$0xfefefefe,$tp4
-	and	\$0x1b1b1b1b,$acc
-	 xor	$tp1,$tp2		# tp2^tp1
-	xor	$tp4,$acc
-	mov	$acc,$tp4
-
-	and	\$0x80808080,$acc
-	mov	$acc,$tp8
-	shr	\$7,$tp8
-	sub	$tp8,$acc
-	lea	0($tp4,$tp4),$tp8
-	 xor	$tp1,$tp4		# tp4^tp1
-	and	\$0xfefefefe,$tp8
-	and	\$0x1b1b1b1b,$acc
-	xor	$acc,$tp8
-
-	xor	$tp8,$tp1		# tp1^tp8
-	rol	\$8,$tp1		# ROTATE(tp1^tp8,8)
-	xor	$tp8,$tp2		# tp2^tp1^tp8
-	xor	$tp8,$tp4		# tp4^tp1^tp8
-	xor	$tp2,$tp8
-	xor	$tp4,$tp8		# tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2
-
-	xor	$tp8,$tp1
-	rol	\$24,$tp2		# ROTATE(tp2^tp1^tp8,24)
-	xor	$tp2,$tp1
-	rol	\$16,$tp4		# ROTATE(tp4^tp1^tp8,16)
-	xor	$tp4,$tp1
-
-	mov	$tp1,$i($ptr)
-___
-}
-
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-$code.=<<___;
-.globl	AES_set_decrypt_key
-.type	AES_set_decrypt_key,\@function,3
-.align	16
-AES_set_decrypt_key:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	push	%rdx			# save key schedule
-.Ldec_key_prologue:
-
-	call	_x86_64_AES_set_encrypt_key
-	mov	(%rsp),%r8		# restore key schedule
-	cmp	\$0,%eax
-	jne	.Labort
-
-	mov	240(%r8),%r14d		# pull number of rounds
-	xor	%rdi,%rdi
-	lea	(%rdi,%r14d,4),%rcx
-	mov	%r8,%rsi
-	lea	(%r8,%rcx,4),%rdi	# pointer to last chunk
-.align	4
-.Linvert:
-		mov	0(%rsi),%rax
-		mov	8(%rsi),%rbx
-		mov	0(%rdi),%rcx
-		mov	8(%rdi),%rdx
-		mov	%rax,0(%rdi)
-		mov	%rbx,8(%rdi)
-		mov	%rcx,0(%rsi)
-		mov	%rdx,8(%rsi)
-		lea	16(%rsi),%rsi
-		lea	-16(%rdi),%rdi
-		cmp	%rsi,%rdi
-	jne	.Linvert
-
-	lea	.LAES_Te+2048+1024(%rip),%rax	# rcon
-
-	mov	40(%rax),$mask80
-	mov	48(%rax),$maskfe
-	mov	56(%rax),$mask1b
-
-	mov	%r8,$key
-	sub	\$1,%r14d
-.align	4
-.Lpermute:
-		lea	16($key),$key
-		mov	0($key),%rax
-		mov	8($key),%rcx
-___
-		&dectransform ();
-$code.=<<___;
-		mov	%eax,0($key)
-		mov	%ebx,4($key)
-		mov	%ecx,8($key)
-		mov	%edx,12($key)
-		sub	\$1,%r14d
-	jnz	.Lpermute
-
-	xor	%rax,%rax
-.Labort:
-	mov	8(%rsp),%r15
-	mov	16(%rsp),%r14
-	mov	24(%rsp),%r13
-	mov	32(%rsp),%r12
-	mov	40(%rsp),%rbp
-	mov	48(%rsp),%rbx
-	add	\$56,%rsp
-.Ldec_key_epilogue:
-	ret
-.size	AES_set_decrypt_key,.-AES_set_decrypt_key
-___
-
-# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const AES_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-# stack frame layout
-# -8(%rsp)		return address
-my $keyp="0(%rsp)";		# one to pass as $key
-my $keyend="8(%rsp)";		# &(keyp->rd_key[4*keyp->rounds])
-my $_rsp="16(%rsp)";		# saved %rsp
-my $_inp="24(%rsp)";		# copy of 1st parameter, inp
-my $_out="32(%rsp)";		# copy of 2nd parameter, out
-my $_len="40(%rsp)";		# copy of 3rd parameter, length
-my $_key="48(%rsp)";		# copy of 4th parameter, key
-my $_ivp="56(%rsp)";		# copy of 5th parameter, ivp
-my $ivec="64(%rsp)";		# ivec[16]
-my $aes_key="80(%rsp)";		# copy of aes_key
-my $mark="80+240(%rsp)";	# copy of aes_key->rounds
-
-$code.=<<___;
-.globl	AES_cbc_encrypt
-.type	AES_cbc_encrypt,\@function,6
-.align	16
-.extern	OPENSSL_ia32cap_P
-.globl	asm_AES_cbc_encrypt
-.hidden	asm_AES_cbc_encrypt
-asm_AES_cbc_encrypt:
-AES_cbc_encrypt:
-	cmp	\$0,%rdx	# check length
-	je	.Lcbc_epilogue
-	pushfq
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-.Lcbc_prologue:
-
-	cld
-	mov	%r9d,%r9d	# clear upper half of enc
-
-	lea	.LAES_Te(%rip),$sbox
-	cmp	\$0,%r9
-	jne	.Lcbc_picked_te
-	lea	.LAES_Td(%rip),$sbox
-.Lcbc_picked_te:
-
-	mov	OPENSSL_ia32cap_P(%rip),%r10d
-	cmp	\$$speed_limit,%rdx
-	jb	.Lcbc_slow_prologue
-	test	\$15,%rdx
-	jnz	.Lcbc_slow_prologue
-	bt	\$28,%r10d
-	jc	.Lcbc_slow_prologue
-
-	# allocate aligned stack frame...
-	lea	-88-248(%rsp),$key
-	and	\$-64,$key
-
-	# ... and make sure it doesn't alias with AES_T[ed] modulo 4096
-	mov	$sbox,%r10
-	lea	2304($sbox),%r11
-	mov	$key,%r12
-	and	\$0xFFF,%r10	# s = $sbox&0xfff
-	and	\$0xFFF,%r11	# e = ($sbox+2048)&0xfff
-	and	\$0xFFF,%r12	# p = %rsp&0xfff
-
-	cmp	%r11,%r12	# if (p=>e) %rsp =- (p-e);
-	jb	.Lcbc_te_break_out
-	sub	%r11,%r12
-	sub	%r12,$key
-	jmp	.Lcbc_te_ok
-.Lcbc_te_break_out:		# else %rsp -= (p-s)&0xfff + framesz
-	sub	%r10,%r12
-	and	\$0xFFF,%r12
-	add	\$320,%r12
-	sub	%r12,$key
-.align	4
-.Lcbc_te_ok:
-
-	xchg	%rsp,$key
-	#add	\$8,%rsp	# reserve for return address!
-	mov	$key,$_rsp	# save %rsp
-.Lcbc_fast_body:
-	mov	%rdi,$_inp	# save copy of inp
-	mov	%rsi,$_out	# save copy of out
-	mov	%rdx,$_len	# save copy of len
-	mov	%rcx,$_key	# save copy of key
-	mov	%r8,$_ivp	# save copy of ivp
-	movl	\$0,$mark	# copy of aes_key->rounds = 0;
-	mov	%r8,%rbp	# rearrange input arguments
-	mov	%r9,%rbx
-	mov	%rsi,$out
-	mov	%rdi,$inp
-	mov	%rcx,$key
-
-	mov	240($key),%eax		# key->rounds
-	# do we copy key schedule to stack?
-	mov	$key,%r10
-	sub	$sbox,%r10
-	and	\$0xfff,%r10
-	cmp	\$2304,%r10
-	jb	.Lcbc_do_ecopy
-	cmp	\$4096-248,%r10
-	jb	.Lcbc_skip_ecopy
-.align	4
-.Lcbc_do_ecopy:
-		mov	$key,%rsi
-		lea	$aes_key,%rdi
-		lea	$aes_key,$key
-		mov	\$240/8,%ecx
-		.long	0x90A548F3	# rep movsq
-		mov	%eax,(%rdi)	# copy aes_key->rounds
-.Lcbc_skip_ecopy:
-	mov	$key,$keyp	# save key pointer
-
-	mov	\$18,%ecx
-.align	4
-.Lcbc_prefetch_te:
-		mov	0($sbox),%r10
-		mov	32($sbox),%r11
-		mov	64($sbox),%r12
-		mov	96($sbox),%r13
-		lea	128($sbox),$sbox
-		sub	\$1,%ecx
-	jnz	.Lcbc_prefetch_te
-	lea	-2304($sbox),$sbox
-
-	cmp	\$0,%rbx
-	je	.LFAST_DECRYPT
-
-#----------------------------- ENCRYPT -----------------------------#
-	mov	0(%rbp),$s0		# load iv
-	mov	4(%rbp),$s1
-	mov	8(%rbp),$s2
-	mov	12(%rbp),$s3
-
-.align	4
-.Lcbc_fast_enc_loop:
-		xor	0($inp),$s0
-		xor	4($inp),$s1
-		xor	8($inp),$s2
-		xor	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_encrypt
-
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10
-		mov	$s0,0($out)
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		sub	\$16,%r10
-		test	\$-16,%r10
-		mov	%r10,$_len
-	jnz	.Lcbc_fast_enc_loop
-	mov	$_ivp,%rbp	# restore ivp
-	mov	$s0,0(%rbp)	# save ivec
-	mov	$s1,4(%rbp)
-	mov	$s2,8(%rbp)
-	mov	$s3,12(%rbp)
-
-	jmp	.Lcbc_fast_cleanup
-
-#----------------------------- DECRYPT -----------------------------#
-.align	16
-.LFAST_DECRYPT:
-	cmp	$inp,$out
-	je	.Lcbc_fast_dec_in_place
-
-	mov	%rbp,$ivec
-.align	4
-.Lcbc_fast_dec_loop:
-		mov	0($inp),$s0	# read input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_decrypt
-
-		mov	$ivec,%rbp	# load ivp
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10	# load len
-		xor	0(%rbp),$s0	# xor iv
-		xor	4(%rbp),$s1
-		xor	8(%rbp),$s2
-		xor	12(%rbp),$s3
-		mov	$inp,%rbp	# current input, next iv
-
-		sub	\$16,%r10
-		mov	%r10,$_len	# update len
-		mov	%rbp,$ivec	# update ivp
-
-		mov	$s0,0($out)	# write output
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-	jnz	.Lcbc_fast_dec_loop
-	mov	$_ivp,%r12		# load user ivp
-	mov	0(%rbp),%r10		# load iv
-	mov	8(%rbp),%r11
-	mov	%r10,0(%r12)		# copy back to user
-	mov	%r11,8(%r12)
-	jmp	.Lcbc_fast_cleanup
-
-.align	16
-.Lcbc_fast_dec_in_place:
-	mov	0(%rbp),%r10		# copy iv to stack
-	mov	8(%rbp),%r11
-	mov	%r10,0+$ivec
-	mov	%r11,8+$ivec
-.align	4
-.Lcbc_fast_dec_in_place_loop:
-		mov	0($inp),$s0	# load input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_decrypt
-
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10
-		xor	0+$ivec,$s0
-		xor	4+$ivec,$s1
-		xor	8+$ivec,$s2
-		xor	12+$ivec,$s3
-
-		mov	0($inp),%r11	# load input
-		mov	8($inp),%r12
-		sub	\$16,%r10
-		jz	.Lcbc_fast_dec_in_place_done
-
-		mov	%r11,0+$ivec	# copy input to iv
-		mov	%r12,8+$ivec
-
-		mov	$s0,0($out)	# save output [zaps input]
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		mov	%r10,$_len
-	jmp	.Lcbc_fast_dec_in_place_loop
-.Lcbc_fast_dec_in_place_done:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)	# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0($out)	# save output [zaps input]
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-.align	4
-.Lcbc_fast_cleanup:
-	cmpl	\$0,$mark	# was the key schedule copied?
-	lea	$aes_key,%rdi
-	je	.Lcbc_exit
-		mov	\$240/8,%ecx
-		xor	%rax,%rax
-		.long	0x90AB48F3	# rep stosq
-
-	jmp	.Lcbc_exit
-
-#--------------------------- SLOW ROUTINE ---------------------------#
-.align	16
-.Lcbc_slow_prologue:
-	# allocate aligned stack frame...
-	lea	-88(%rsp),%rbp
-	and	\$-64,%rbp
-	# ... just "above" key schedule
-	lea	-88-63(%rcx),%r10
-	sub	%rbp,%r10
-	neg	%r10
-	and	\$0x3c0,%r10
-	sub	%r10,%rbp
-
-	xchg	%rsp,%rbp
-	#add	\$8,%rsp	# reserve for return address!
-	mov	%rbp,$_rsp	# save %rsp
-.Lcbc_slow_body:
-	#mov	%rdi,$_inp	# save copy of inp
-	#mov	%rsi,$_out	# save copy of out
-	#mov	%rdx,$_len	# save copy of len
-	#mov	%rcx,$_key	# save copy of key
-	mov	%r8,$_ivp	# save copy of ivp
-	mov	%r8,%rbp	# rearrange input arguments
-	mov	%r9,%rbx
-	mov	%rsi,$out
-	mov	%rdi,$inp
-	mov	%rcx,$key
-	mov	%rdx,%r10
-
-	mov	240($key),%eax
-	mov	$key,$keyp	# save key pointer
-	shl	\$4,%eax
-	lea	($key,%rax),%rax
-	mov	%rax,$keyend
-
-	# pick Te4 copy which can't "overlap" with stack frame or key scdedule
-	lea	2048($sbox),$sbox
-	lea	768-8(%rsp),%rax
-	sub	$sbox,%rax
-	and	\$0x300,%rax
-	lea	($sbox,%rax),$sbox
-
-	cmp	\$0,%rbx
-	je	.LSLOW_DECRYPT
-
-#--------------------------- SLOW ENCRYPT ---------------------------#
-	test	\$-16,%r10		# check upon length
-	mov	0(%rbp),$s0		# load iv
-	mov	4(%rbp),$s1
-	mov	8(%rbp),$s2
-	mov	12(%rbp),$s3
-	jz	.Lcbc_slow_enc_tail	# short input...
-
-.align	4
-.Lcbc_slow_enc_loop:
-		xor	0($inp),$s0
-		xor	4($inp),$s1
-		xor	8($inp),$s2
-		xor	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# save inp
-		mov	$out,$_out	# save out
-		mov	%r10,$_len	# save len
-
-		call	_x86_64_AES_encrypt_compact
-
-		mov	$_inp,$inp	# restore inp
-		mov	$_out,$out	# restore out
-		mov	$_len,%r10	# restore len
-		mov	$s0,0($out)
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		sub	\$16,%r10
-		test	\$-16,%r10
-	jnz	.Lcbc_slow_enc_loop
-	test	\$15,%r10
-	jnz	.Lcbc_slow_enc_tail
-	mov	$_ivp,%rbp	# restore ivp
-	mov	$s0,0(%rbp)	# save ivec
-	mov	$s1,4(%rbp)
-	mov	$s2,8(%rbp)
-	mov	$s3,12(%rbp)
-
-	jmp	.Lcbc_exit
-
-.align	4
-.Lcbc_slow_enc_tail:
-	mov	%rax,%r11
-	mov	%rcx,%r12
-	mov	%r10,%rcx
-	mov	$inp,%rsi
-	mov	$out,%rdi
-	.long	0x9066A4F3		# rep movsb
-	mov	\$16,%rcx		# zero tail
-	sub	%r10,%rcx
-	xor	%rax,%rax
-	.long	0x9066AAF3		# rep stosb
-	mov	$out,$inp		# this is not a mistake!
-	mov	\$16,%r10		# len=16
-	mov	%r11,%rax
-	mov	%r12,%rcx
-	jmp	.Lcbc_slow_enc_loop	# one more spin...
-#--------------------------- SLOW DECRYPT ---------------------------#
-.align	16
-.LSLOW_DECRYPT:
-	shr	\$3,%rax
-	add	%rax,$sbox		# recall "magic" constants!
-
-	mov	0(%rbp),%r11		# copy iv to stack
-	mov	8(%rbp),%r12
-	mov	%r11,0+$ivec
-	mov	%r12,8+$ivec
-
-.align	4
-.Lcbc_slow_dec_loop:
-		mov	0($inp),$s0	# load input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# save inp
-		mov	$out,$_out	# save out
-		mov	%r10,$_len	# save len
-
-		call	_x86_64_AES_decrypt_compact
-
-		mov	$_inp,$inp	# restore inp
-		mov	$_out,$out	# restore out
-		mov	$_len,%r10
-		xor	0+$ivec,$s0
-		xor	4+$ivec,$s1
-		xor	8+$ivec,$s2
-		xor	12+$ivec,$s3
-
-		mov	0($inp),%r11	# load input
-		mov	8($inp),%r12
-		sub	\$16,%r10
-		jc	.Lcbc_slow_dec_partial
-		jz	.Lcbc_slow_dec_done
-
-		mov	%r11,0+$ivec	# copy input to iv
-		mov	%r12,8+$ivec
-
-		mov	$s0,0($out)	# save output [can zap input]
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-	jmp	.Lcbc_slow_dec_loop
-.Lcbc_slow_dec_done:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)		# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0($out)		# save output [can zap input]
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	jmp	.Lcbc_exit
-
-.align	4
-.Lcbc_slow_dec_partial:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)		# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0+$ivec		# save output to stack
-	mov	$s1,4+$ivec
-	mov	$s2,8+$ivec
-	mov	$s3,12+$ivec
-
-	mov	$out,%rdi
-	lea	$ivec,%rsi
-	lea	16(%r10),%rcx
-	.long	0x9066A4F3	# rep movsb
-	jmp	.Lcbc_exit
-
-.align	16
-.Lcbc_exit:
-	mov	$_rsp,%rsi
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lcbc_popfq:
-	popfq
-.Lcbc_epilogue:
-	ret
-.size	AES_cbc_encrypt,.-AES_cbc_encrypt
-___
-}
-
-$code.=<<___;
-.align	64
-.LAES_Te:
-___
-	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
-	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
-	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
-	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
-	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
-	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
-	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
-	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
-	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
-	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
-	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
-	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
-	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
-	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
-	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
-	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
-	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
-	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
-	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
-	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
-	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
-	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
-	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
-	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
-	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
-	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
-	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
-	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
-	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
-	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
-	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
-	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
-	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
-	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
-	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
-	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
-	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
-	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
-	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
-	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
-	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
-	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
-	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
-	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
-	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
-	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
-	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
-	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
-	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
-	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
-	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
-	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
-	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
-	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
-	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
-	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
-	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
-	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
-	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
-	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
-	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
-	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
-	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
-	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
-
-#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-#rcon:
-$code.=<<___;
-	.long	0x00000001, 0x00000002, 0x00000004, 0x00000008
-	.long	0x00000010, 0x00000020, 0x00000040, 0x00000080
-	.long	0x0000001b, 0x00000036, 0x80808080, 0x80808080
-	.long	0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b
-___
-$code.=<<___;
-.align	64
-.LAES_Td:
-___
-	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
-	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
-	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
-	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
-	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
-	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
-	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
-	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
-	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
-	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
-	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
-	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
-	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
-	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
-	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
-	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
-	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
-	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
-	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
-	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
-	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
-	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
-	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
-	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
-	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
-	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
-	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
-	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
-	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
-	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
-	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
-	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
-	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
-	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
-	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
-	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
-	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
-	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
-	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
-	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
-	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
-	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
-	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
-	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
-	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
-	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
-	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
-	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
-	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
-	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
-	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
-	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
-	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
-	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
-	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
-	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
-	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
-	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
-	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
-	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
-	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
-	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
-	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
-	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-
-#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-.asciz  "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	block_se_handler,\@abi-omnipotent
-.align	16
-block_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_block_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_block_prologue
-
-	mov	24(%rax),%rax		# pull saved real stack pointer
-	lea	48(%rax),%rax		# adjust...
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_block_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	jmp	.Lcommon_seh_exit
-.size	block_se_handler,.-block_se_handler
-
-.type	key_se_handler,\@abi-omnipotent
-.align	16
-key_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_key_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_key_prologue
-
-	lea	56(%rax),%rax
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_key_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	jmp	.Lcommon_seh_exit
-.size	key_se_handler,.-key_se_handler
-
-.type	cbc_se_handler,\@abi-omnipotent
-.align	16
-cbc_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lcbc_prologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
-	jb	.Lin_cbc_prologue
-
-	lea	.Lcbc_fast_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_fast_body
-	jb	.Lin_cbc_frame_setup
-
-	lea	.Lcbc_slow_prologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_prologue
-	jb	.Lin_cbc_body
-
-	lea	.Lcbc_slow_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_body
-	jb	.Lin_cbc_frame_setup
-
-.Lin_cbc_body:
-	mov	152($context),%rax	# pull context->Rsp
-
-	lea	.Lcbc_epilogue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lcbc_epilogue
-	jae	.Lin_cbc_prologue
-
-	lea	8(%rax),%rax
-
-	lea	.Lcbc_popfq(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lcbc_popfq
-	jae	.Lin_cbc_prologue
-
-	mov	`16-8`(%rax),%rax	# biased $_rsp
-	lea	56(%rax),%rax
-
-.Lin_cbc_frame_setup:
-	mov	-16(%rax),%rbx
-	mov	-24(%rax),%rbp
-	mov	-32(%rax),%r12
-	mov	-40(%rax),%r13
-	mov	-48(%rax),%r14
-	mov	-56(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_cbc_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-.Lcommon_seh_exit:
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	cbc_se_handler,.-cbc_se_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_AES_encrypt
-	.rva	.LSEH_end_AES_encrypt
-	.rva	.LSEH_info_AES_encrypt
-
-	.rva	.LSEH_begin_AES_decrypt
-	.rva	.LSEH_end_AES_decrypt
-	.rva	.LSEH_info_AES_decrypt
-
-	.rva	.LSEH_begin_AES_set_encrypt_key
-	.rva	.LSEH_end_AES_set_encrypt_key
-	.rva	.LSEH_info_AES_set_encrypt_key
-
-	.rva	.LSEH_begin_AES_set_decrypt_key
-	.rva	.LSEH_end_AES_set_decrypt_key
-	.rva	.LSEH_info_AES_set_decrypt_key
-
-	.rva	.LSEH_begin_AES_cbc_encrypt
-	.rva	.LSEH_end_AES_cbc_encrypt
-	.rva	.LSEH_info_AES_cbc_encrypt
-
-.section	.xdata
-.align	8
-.LSEH_info_AES_encrypt:
-	.byte	9,0,0,0
-	.rva	block_se_handler
-	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
-.LSEH_info_AES_decrypt:
-	.byte	9,0,0,0
-	.rva	block_se_handler
-	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
-.LSEH_info_AES_set_encrypt_key:
-	.byte	9,0,0,0
-	.rva	key_se_handler
-	.rva	.Lenc_key_prologue,.Lenc_key_epilogue	# HandlerData[]
-.LSEH_info_AES_set_decrypt_key:
-	.byte	9,0,0,0
-	.rva	key_se_handler
-	.rva	.Ldec_key_prologue,.Ldec_key_epilogue	# HandlerData[]
-.LSEH_info_AES_cbc_encrypt:
-	.byte	9,0,0,0
-	.rva	cbc_se_handler
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/aesni-sha1-x86_64.pl b/lib/libssl/src/crypto/aes/asm/aesni-sha1-x86_64.pl
deleted file mode 100644
index 39b504cbe58..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aesni-sha1-x86_64.pl
+++ /dev/null
@@ -1,1232 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# June 2011
-#
-# This is AESNI-CBC+SHA1 "stitch" implementation. The idea, as spelled
-# in http://download.intel.com/design/intarch/papers/323686.pdf, is
-# that since AESNI-CBC encrypt exhibit *very* low instruction-level
-# parallelism, interleaving it with another algorithm would allow to
-# utilize processor resources better and achieve better performance.
-# SHA1 instruction sequences(*) are taken from sha1-x86_64.pl and
-# AESNI code is weaved into it. Below are performance numbers in
-# cycles per processed byte, less is better, for standalone AESNI-CBC
-# encrypt, sum of the latter and standalone SHA1, and "stitched"
-# subroutine:
-#
-#		AES-128-CBC	+SHA1		stitch      gain
-# Westmere	3.77[+5.6]	9.37		6.65	    +41%
-# Sandy Bridge	5.05[+5.2(6.3)]	10.25(11.35)	6.16(7.08)  +67%(+60%)
-#
-#		AES-192-CBC
-# Westmere	4.51		10.11		6.97	    +45%
-# Sandy Bridge	6.05		11.25(12.35)	6.34(7.27)  +77%(+70%)
-#
-#		AES-256-CBC
-# Westmere	5.25		10.85		7.25	    +50%
-# Sandy Bridge	7.05		12.25(13.35)	7.06(7.70)  +74%(+73%)
-#
-# (*)	There are two code paths: SSSE3 and AVX. See sha1-568.pl for
-#	background information. Above numbers in parentheses are SSSE3
-#	results collected on AVX-capable CPU, i.e. apply on OSes that
-#	don't support AVX.
-#
-# Needless to mention that it makes no sense to implement "stitched"
-# *decrypt* subroutine. Because *both* AESNI-CBC decrypt and SHA1
-# fully utilize parallelism, so stitching would not give any gain
-# anyway. Well, there might be some, e.g. because of better cache
-# locality... For reference, here are performance results for
-# standalone AESNI-CBC decrypt:
-#
-#		AES-128-CBC	AES-192-CBC	AES-256-CBC
-# Westmere	1.31		1.55		1.80
-# Sandy Bridge	0.93		1.06		1.22
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
-		=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
-	   $1>=2.19);
-$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
-	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
-	   $1>=2.09);
-$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
-	   `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
-	   $1>=10);
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# void aesni_cbc_sha1_enc(const void *inp,
-#			void *out,
-#			size_t length,
-#			const AES_KEY *key,
-#			unsigned char *iv,
-#			SHA_CTX *ctx,
-#			const void *in0);
-
-$code.=<<___;
-.text
-.extern	OPENSSL_ia32cap_P
-
-.globl	aesni_cbc_sha1_enc
-.type	aesni_cbc_sha1_enc,\@abi-omnipotent
-.align	16
-aesni_cbc_sha1_enc:
-	# caller should check for SSSE3 and AES-NI bits
-	mov	OPENSSL_ia32cap_P+0(%rip),%r10d
-	mov	OPENSSL_ia32cap_P+4(%rip),%r11d
-___
-$code.=<<___ if ($avx);
-	and	\$`1<<28`,%r11d		# mask AVX bit
-	and	\$`1<<30`,%r10d		# mask "Intel CPU" bit
-	or	%r11d,%r10d
-	cmp	\$`1<<28|1<<30`,%r10d
-	je	aesni_cbc_sha1_enc_avx
-___
-$code.=<<___;
-	jmp	aesni_cbc_sha1_enc_ssse3
-	ret
-.size	aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
-___
-
-my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
-
-my $Xi=4;
-my @X=map("%xmm$_",(4..7,0..3));
-my @Tx=map("%xmm$_",(8..10));
-my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
-my @T=("%esi","%edi");
-my $j=0; my $jj=0; my $r=0; my $sn=0;
-my $K_XX_XX="%r11";
-my ($iv,$in,$rndkey0)=map("%xmm$_",(11..13));
-my @rndkey=("%xmm14","%xmm15");
-
-sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
-{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
-  my $arg = pop;
-    $arg = "\$$arg" if ($arg*1 eq $arg);
-    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
-}
-
-my $_rol=sub { &rol(@_) };
-my $_ror=sub { &ror(@_) };
-
-$code.=<<___;
-.type	aesni_cbc_sha1_enc_ssse3,\@function,6
-.align	16
-aesni_cbc_sha1_enc_ssse3:
-	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
-	#shr	\$6,$len			# debugging artefact
-	#jz	.Lepilogue_ssse3		# debugging artefact
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
-	#mov	$in0,$inp			# debugging artefact
-	#lea	64(%rsp),$ctx			# debugging artefact
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,96+0(%rsp)
-	movaps	%xmm7,96+16(%rsp)
-	movaps	%xmm8,96+32(%rsp)
-	movaps	%xmm9,96+48(%rsp)
-	movaps	%xmm10,96+64(%rsp)
-	movaps	%xmm11,96+80(%rsp)
-	movaps	%xmm12,96+96(%rsp)
-	movaps	%xmm13,96+112(%rsp)
-	movaps	%xmm14,96+128(%rsp)
-	movaps	%xmm15,96+144(%rsp)
-.Lprologue_ssse3:
-___
-$code.=<<___;
-	mov	$in0,%r12			# reassign arguments
-	mov	$out,%r13
-	mov	$len,%r14
-	mov	$key,%r15
-	movdqu	($ivp),$iv			# load IV
-	mov	$ivp,88(%rsp)			# save $ivp
-___
-my ($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
-my $rounds="${ivp}d";
-$code.=<<___;
-	shl	\$6,$len
-	sub	$in0,$out
-	mov	240($key),$rounds
-	add	$inp,$len		# end of input
-
-	lea	K_XX_XX(%rip),$K_XX_XX
-	mov	0($ctx),$A		# load context
-	mov	4($ctx),$B
-	mov	8($ctx),$C
-	mov	12($ctx),$D
-	mov	$B,@T[0]		# magic seed
-	mov	16($ctx),$E
-
-	movdqa	64($K_XX_XX),@X[2]	# pbswap mask
-	movdqa	0($K_XX_XX),@Tx[1]	# K_00_19
-	movdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
-	movdqu	16($inp),@X[-3&7]
-	movdqu	32($inp),@X[-2&7]
-	movdqu	48($inp),@X[-1&7]
-	pshufb	@X[2],@X[-4&7]		# byte swap
-	add	\$64,$inp
-	pshufb	@X[2],@X[-3&7]
-	pshufb	@X[2],@X[-2&7]
-	pshufb	@X[2],@X[-1&7]
-	paddd	@Tx[1],@X[-4&7]		# add K_00_19
-	paddd	@Tx[1],@X[-3&7]
-	paddd	@Tx[1],@X[-2&7]
-	movdqa	@X[-4&7],0(%rsp)	# X[]+K xfer to IALU
-	psubd	@Tx[1],@X[-4&7]		# restore X[]
-	movdqa	@X[-3&7],16(%rsp)
-	psubd	@Tx[1],@X[-3&7]
-	movdqa	@X[-2&7],32(%rsp)
-	psubd	@Tx[1],@X[-2&7]
-	movups	($key),$rndkey0		# $key[0]
-	movups	16($key),$rndkey[0]	# forward reference
-	jmp	.Loop_ssse3
-___
-
-my $aesenc=sub {
-  use integer;
-  my ($n,$k)=($r/10,$r%10);
-    if ($k==0) {
-      $code.=<<___;
-	movups		`16*$n`($in0),$in		# load input
-	xorps		$rndkey0,$in
-___
-      $code.=<<___ if ($n);
-	movups		$iv,`16*($n-1)`($out,$in0)	# write output
-___
-      $code.=<<___;
-	xorps		$in,$iv
-	aesenc		$rndkey[0],$iv
-	movups		`32+16*$k`($key),$rndkey[1]
-___
-    } elsif ($k==9) {
-      $sn++;
-      $code.=<<___;
-	cmp		\$11,$rounds
-	jb		.Laesenclast$sn
-	movups		`32+16*($k+0)`($key),$rndkey[1]
-	aesenc		$rndkey[0],$iv
-	movups		`32+16*($k+1)`($key),$rndkey[0]
-	aesenc		$rndkey[1],$iv
-	je		.Laesenclast$sn
-	movups		`32+16*($k+2)`($key),$rndkey[1]
-	aesenc		$rndkey[0],$iv
-	movups		`32+16*($k+3)`($key),$rndkey[0]
-	aesenc		$rndkey[1],$iv
-.Laesenclast$sn:
-	aesenclast	$rndkey[0],$iv
-	movups		16($key),$rndkey[1]		# forward reference
-___
-    } else {
-      $code.=<<___;
-	aesenc		$rndkey[0],$iv
-	movups		`32+16*$k`($key),$rndkey[1]
-___
-    }
-    $r++;	unshift(@rndkey,pop(@rndkey));
-};
-
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&movdqa	(@X[0],@X[-3&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(@Tx[0],@X[-1&7]);
-	&palignr(@X[0],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psrldq	(@Tx[0],4);		# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&movdqa	(@Tx[2],@X[0]);
-	&movdqa	(@Tx[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslldq	(@Tx[2],12);		# "X[0]"<<96, extract one dword
-	&paddd	(@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@Tx[0],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(@Tx[1],@Tx[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@Tx[2],30);
-	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslld	(@Tx[1],2);
-	&pxor	(@X[0],@Tx[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)");	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xupdate_ssse3_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&movdqa	(@Tx[0],@X[-1&7])	if ($Xi==8);
-	 eval(shift(@insns));		# body_20_39
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
-	&palignr(@Tx[0],@X[-2&7],8);	# compose "X[-6]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
-	 eval(shift(@insns));
-	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
-	if ($Xi%5) {
-	  &movdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
-	} else {			# ... or load next one
-	  &movdqa	(@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
-	}
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&movdqa	(@Tx[0],@X[0]);
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pslld	(@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	&psrld	(@Tx[0],30);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &movdqa	(@Tx[1],@X[0])	if ($Xi<19);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xuplast_ssse3_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&cmp	($inp,$len);
-	&je	(".Ldone_ssse3");
-
-	unshift(@Tx,pop(@Tx));
-
-	&movdqa	(@X[2],"64($K_XX_XX)");		# pbswap mask
-	&movdqa	(@Tx[1],"0($K_XX_XX)");		# K_00_19
-	&movdqu	(@X[-4&7],"0($inp)");		# load input
-	&movdqu	(@X[-3&7],"16($inp)");
-	&movdqu	(@X[-2&7],"32($inp)");
-	&movdqu	(@X[-1&7],"48($inp)");
-	&pshufb	(@X[-4&7],@X[2]);		# byte swap
-	&add	($inp,64);
-
-  $Xi=0;
-}
-
-sub Xloop_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pshufb	(@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&paddd	(@X[($Xi-4)&7],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(eval(16*$Xi)."(%rsp)",@X[($Xi-4)&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psubd	(@X[($Xi-4)&7],@Tx[1]);
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-sub body_00_19 () {
-  use integer;
-  my ($k,$n);
-  my @r=(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,eval(4*($j&15))."(%rsp)");',	# X[]+K xfer
-	'&xor	($c,$d);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&xor	($c,$d);',	# restore $c
-	'&xor	(@T[0],$d);',
-	'&add	($e,$a);',
-	'&$_ror	($b,$j?7:2);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-	$n = scalar(@r);
-	$k = (($jj+1)*12/20)*20*$n/12;	# 12 aesencs per these 20 rounds
-	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n);
-	$jj++;
-    return @r;
-}
-
-sub body_20_39 () {
-  use integer;
-  my ($k,$n);
-  my @r=(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,eval(4*($j++&15))."(%rsp)");',	# X[]+K xfer
-	'&xor	(@T[0],$d);',	# ($b^$d)
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&xor	(@T[0],$c);',	# ($b^$d^$c)
-	'&add	($e,$a);',
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-	$n = scalar(@r);
-	$k = (($jj+1)*8/20)*20*$n/8;	# 8 aesencs per these 20 rounds
-	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n);
-	$jj++;
-    return @r;
-}
-
-sub body_40_59 () {
-  use integer;
-  my ($k,$n);
-  my @r=(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&mov	(@T[1],$c);',
-	'&xor	($c,$d);',
-	'&add	($e,eval(4*($j++&15))."(%rsp)");',	# X[]+K xfer
-	'&and	(@T[1],$d);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[1]);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&add	($e,@T[0]);',
-	'&xor	($c,$d);',	# restore $c
-	'&add	($e,$a);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-	$n = scalar(@r);
-	$k=(($jj+1)*12/20)*20*$n/12;	# 12 aesencs per these 20 rounds
-	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n);
-	$jj++;
-    return @r;
-}
-$code.=<<___;
-.align	16
-.Loop_ssse3:
-___
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xuplast_ssse3_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-				$saved_r=$r; @saved_rndkey=@rndkey;
-
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-
-$code.=<<___;
-	movups	$iv,48($out,$in0)		# write output
-	lea	64($in0),$in0
-
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	add	12($ctx),$D
-	mov	$A,0($ctx)
-	add	16($ctx),$E
-	mov	@T[0],4($ctx)
-	mov	@T[0],$B			# magic seed
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	jmp	.Loop_ssse3
-
-.align	16
-.Ldone_ssse3:
-___
-				$jj=$j=$saved_j; @V=@saved_V;
-				$r=$saved_r;     @rndkey=@saved_rndkey;
-
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-
-$code.=<<___;
-	movups	$iv,48($out,$in0)		# write output
-	mov	88(%rsp),$ivp			# restore $ivp
-
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	mov	$A,0($ctx)
-	add	12($ctx),$D
-	mov	@T[0],4($ctx)
-	add	16($ctx),$E
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	movups	$iv,($ivp)			# write IV
-___
-$code.=<<___ if ($win64);
-	movaps	96+0(%rsp),%xmm6
-	movaps	96+16(%rsp),%xmm7
-	movaps	96+32(%rsp),%xmm8
-	movaps	96+48(%rsp),%xmm9
-	movaps	96+64(%rsp),%xmm10
-	movaps	96+80(%rsp),%xmm11
-	movaps	96+96(%rsp),%xmm12
-	movaps	96+112(%rsp),%xmm13
-	movaps	96+128(%rsp),%xmm14
-	movaps	96+144(%rsp),%xmm15
-___
-$code.=<<___;
-	lea	`104+($win64?10*16:0)`(%rsp),%rsi
-	mov	0(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lepilogue_ssse3:
-	ret
-.size	aesni_cbc_sha1_enc_ssse3,.-aesni_cbc_sha1_enc_ssse3
-___
-
-$j=$jj=$r=$sn=0;
-
-if ($avx) {
-my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
-
-my $Xi=4;
-my @X=map("%xmm$_",(4..7,0..3));
-my @Tx=map("%xmm$_",(8..10));
-my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
-my @T=("%esi","%edi");
-
-my $_rol=sub { &shld(@_[0],@_) };
-my $_ror=sub { &shrd(@_[0],@_) };
-
-$code.=<<___;
-.type	aesni_cbc_sha1_enc_avx,\@function,6
-.align	16
-aesni_cbc_sha1_enc_avx:
-	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
-	#shr	\$6,$len			# debugging artefact
-	#jz	.Lepilogue_avx			# debugging artefact
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
-	#mov	$in0,$inp			# debugging artefact
-	#lea	64(%rsp),$ctx			# debugging artefact
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,96+0(%rsp)
-	movaps	%xmm7,96+16(%rsp)
-	movaps	%xmm8,96+32(%rsp)
-	movaps	%xmm9,96+48(%rsp)
-	movaps	%xmm10,96+64(%rsp)
-	movaps	%xmm11,96+80(%rsp)
-	movaps	%xmm12,96+96(%rsp)
-	movaps	%xmm13,96+112(%rsp)
-	movaps	%xmm14,96+128(%rsp)
-	movaps	%xmm15,96+144(%rsp)
-.Lprologue_avx:
-___
-$code.=<<___;
-	vzeroall
-	mov	$in0,%r12			# reassign arguments
-	mov	$out,%r13
-	mov	$len,%r14
-	mov	$key,%r15
-	vmovdqu	($ivp),$iv			# load IV
-	mov	$ivp,88(%rsp)			# save $ivp
-___
-my ($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
-my $rounds="${ivp}d";
-$code.=<<___;
-	shl	\$6,$len
-	sub	$in0,$out
-	mov	240($key),$rounds
-	add	\$112,$key		# size optimization
-	add	$inp,$len		# end of input
-
-	lea	K_XX_XX(%rip),$K_XX_XX
-	mov	0($ctx),$A		# load context
-	mov	4($ctx),$B
-	mov	8($ctx),$C
-	mov	12($ctx),$D
-	mov	$B,@T[0]		# magic seed
-	mov	16($ctx),$E
-
-	vmovdqa	64($K_XX_XX),@X[2]	# pbswap mask
-	vmovdqa	0($K_XX_XX),@Tx[1]	# K_00_19
-	vmovdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
-	vmovdqu	16($inp),@X[-3&7]
-	vmovdqu	32($inp),@X[-2&7]
-	vmovdqu	48($inp),@X[-1&7]
-	vpshufb	@X[2],@X[-4&7],@X[-4&7]	# byte swap
-	add	\$64,$inp
-	vpshufb	@X[2],@X[-3&7],@X[-3&7]
-	vpshufb	@X[2],@X[-2&7],@X[-2&7]
-	vpshufb	@X[2],@X[-1&7],@X[-1&7]
-	vpaddd	@Tx[1],@X[-4&7],@X[0]	# add K_00_19
-	vpaddd	@Tx[1],@X[-3&7],@X[1]
-	vpaddd	@Tx[1],@X[-2&7],@X[2]
-	vmovdqa	@X[0],0(%rsp)		# X[]+K xfer to IALU
-	vmovdqa	@X[1],16(%rsp)
-	vmovdqa	@X[2],32(%rsp)
-	vmovups	-112($key),$rndkey0	# $key[0]
-	vmovups	16-112($key),$rndkey[0]	# forward reference
-	jmp	.Loop_avx
-___
-
-my $aesenc=sub {
-  use integer;
-  my ($n,$k)=($r/10,$r%10);
-    if ($k==0) {
-      $code.=<<___;
-	vmovups		`16*$n`($in0),$in		# load input
-	vxorps		$rndkey0,$in,$in
-___
-      $code.=<<___ if ($n);
-	vmovups		$iv,`16*($n-1)`($out,$in0)	# write output
-___
-      $code.=<<___;
-	vxorps		$in,$iv,$iv
-	vaesenc		$rndkey[0],$iv,$iv
-	vmovups		`32+16*$k-112`($key),$rndkey[1]
-___
-    } elsif ($k==9) {
-      $sn++;
-      $code.=<<___;
-	cmp		\$11,$rounds
-	jb		.Lvaesenclast$sn
-	vaesenc		$rndkey[0],$iv,$iv
-	vmovups		`32+16*($k+0)-112`($key),$rndkey[1]
-	vaesenc		$rndkey[1],$iv,$iv
-	vmovups		`32+16*($k+1)-112`($key),$rndkey[0]
-	je		.Lvaesenclast$sn
-	vaesenc		$rndkey[0],$iv,$iv
-	vmovups		`32+16*($k+2)-112`($key),$rndkey[1]
-	vaesenc		$rndkey[1],$iv,$iv
-	vmovups		`32+16*($k+3)-112`($key),$rndkey[0]
-.Lvaesenclast$sn:
-	vaesenclast	$rndkey[0],$iv,$iv
-	vmovups		16-112($key),$rndkey[1]		# forward reference
-___
-    } else {
-      $code.=<<___;
-	vaesenc		$rndkey[0],$iv,$iv
-	vmovups		`32+16*$k-112`($key),$rndkey[1]
-___
-    }
-    $r++;	unshift(@rndkey,pop(@rndkey));
-};
-
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpsrldq(@Tx[0],@X[-1&7],4);	# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@Tx[0],@X[0],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslldq(@Tx[2],@X[0],12);		# "X[0]"<<96, extract one dword
-	&vpaddd	(@X[0],@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@Tx[1],@Tx[2],30);
-	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslld	(@Tx[2],@Tx[2],2);
-	&vpxor	(@X[0],@X[0],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[2]);		# "X[0]"^=("X[0]">>96)<<<2
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)");	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xupdate_avx_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
-	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpxor	(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
-	 eval(shift(@insns));
-	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
-	if ($Xi%5) {
-	  &vmovdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
-	} else {			# ... or load next one
-	  &vmovdqa	(@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
-	}
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpsrld	(@Tx[0],@X[0],30);
-	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpslld	(@X[0],@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &vmovdqa	(@Tx[1],@X[0])	if ($Xi<19);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xuplast_avx_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&cmp	($inp,$len);
-	&je	(".Ldone_avx");
-
-	unshift(@Tx,pop(@Tx));
-
-	&vmovdqa(@X[2],"64($K_XX_XX)");		# pbswap mask
-	&vmovdqa(@Tx[1],"0($K_XX_XX)");		# K_00_19
-	&vmovdqu(@X[-4&7],"0($inp)");		# load input
-	&vmovdqu(@X[-3&7],"16($inp)");
-	&vmovdqu(@X[-2&7],"32($inp)");
-	&vmovdqu(@X[-1&7],"48($inp)");
-	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
-	&add	($inp,64);
-
-  $Xi=0;
-}
-
-sub Xloop_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpaddd	(@X[$Xi&7],@X[($Xi-4)&7],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vmovdqa(eval(16*$Xi)."(%rsp)",@X[$Xi&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-$code.=<<___;
-.align	16
-.Loop_avx:
-___
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xuplast_avx_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-				$saved_r=$r; @saved_rndkey=@rndkey;
-
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-
-$code.=<<___;
-	vmovups	$iv,48($out,$in0)		# write output
-	lea	64($in0),$in0
-
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	add	12($ctx),$D
-	mov	$A,0($ctx)
-	add	16($ctx),$E
-	mov	@T[0],4($ctx)
-	mov	@T[0],$B			# magic seed
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	jmp	.Loop_avx
-
-.align	16
-.Ldone_avx:
-___
-				$jj=$j=$saved_j; @V=@saved_V;
-				$r=$saved_r;     @rndkey=@saved_rndkey;
-
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-
-$code.=<<___;
-	vmovups	$iv,48($out,$in0)		# write output
-	mov	88(%rsp),$ivp			# restore $ivp
-
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	mov	$A,0($ctx)
-	add	12($ctx),$D
-	mov	@T[0],4($ctx)
-	add	16($ctx),$E
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	vmovups	$iv,($ivp)			# write IV
-	vzeroall
-___
-$code.=<<___ if ($win64);
-	movaps	96+0(%rsp),%xmm6
-	movaps	96+16(%rsp),%xmm7
-	movaps	96+32(%rsp),%xmm8
-	movaps	96+48(%rsp),%xmm9
-	movaps	96+64(%rsp),%xmm10
-	movaps	96+80(%rsp),%xmm11
-	movaps	96+96(%rsp),%xmm12
-	movaps	96+112(%rsp),%xmm13
-	movaps	96+128(%rsp),%xmm14
-	movaps	96+144(%rsp),%xmm15
-___
-$code.=<<___;
-	lea	`104+($win64?10*16:0)`(%rsp),%rsi
-	mov	0(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lepilogue_avx:
-	ret
-.size	aesni_cbc_sha1_enc_avx,.-aesni_cbc_sha1_enc_avx
-___
-}
-$code.=<<___;
-.align	64
-K_XX_XX:
-.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
-.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
-.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
-.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
-.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap mask
-
-.asciz	"AESNI-CBC+SHA1 stitch for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	ssse3_handler,\@abi-omnipotent
-.align	16
-ssse3_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lcommon_seh_tail
-
-	lea	96(%rax),%rsi
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$20,%ecx
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	`104+10*16`(%rax),%rax	# adjust stack pointer
-
-	mov	0(%rax),%r15
-	mov	8(%rax),%r14
-	mov	16(%rax),%r13
-	mov	24(%rax),%r12
-	mov	32(%rax),%rbp
-	mov	40(%rax),%rbx
-	lea	48(%rax),%rax
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lcommon_seh_tail:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	ssse3_handler,.-ssse3_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_aesni_cbc_sha1_enc_ssse3
-	.rva	.LSEH_end_aesni_cbc_sha1_enc_ssse3
-	.rva	.LSEH_info_aesni_cbc_sha1_enc_ssse3
-___
-$code.=<<___ if ($avx);
-	.rva	.LSEH_begin_aesni_cbc_sha1_enc_avx
-	.rva	.LSEH_end_aesni_cbc_sha1_enc_avx
-	.rva	.LSEH_info_aesni_cbc_sha1_enc_avx
-___
-$code.=<<___;
-.section	.xdata
-.align	8
-.LSEH_info_aesni_cbc_sha1_enc_ssse3:
-	.byte	9,0,0,0
-	.rva	ssse3_handler
-	.rva	.Lprologue_ssse3,.Lepilogue_ssse3	# HandlerData[]
-___
-$code.=<<___ if ($avx);
-.LSEH_info_aesni_cbc_sha1_enc_avx:
-	.byte	9,0,0,0
-	.rva	ssse3_handler
-	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
-___
-}
-
-####################################################################
-sub rex {
-  local *opcode=shift;
-  my ($dst,$src)=@_;
-  my $rex=0;
-
-    $rex|=0x04			if($dst>=8);
-    $rex|=0x01			if($src>=8);
-    push @opcode,$rex|0x40	if($rex);
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/aesni-x86.pl b/lib/libssl/src/crypto/aes/asm/aesni-x86.pl
deleted file mode 100644
index 8c1d0b5bed2..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aesni-x86.pl
+++ /dev/null
@@ -1,2189 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# This module implements support for Intel AES-NI extension. In
-# OpenSSL context it's used with Intel engine, but can also be used as
-# drop-in replacement for crypto/aes/asm/aes-586.pl [see below for
-# details].
-#
-# Performance.
-#
-# To start with see corresponding paragraph in aesni-x86_64.pl...
-# Instead of filling table similar to one found there I've chosen to
-# summarize *comparison* results for raw ECB, CTR and CBC benchmarks.
-# The simplified table below represents 32-bit performance relative
-# to 64-bit one in every given point. Ratios vary for different
-# encryption modes, therefore interval values.
-#
-#	16-byte     64-byte     256-byte    1-KB        8-KB
-#	53-67%      67-84%      91-94%      95-98%      97-99.5%
-#
-# Lower ratios for smaller block sizes are perfectly understandable,
-# because function call overhead is higher in 32-bit mode. Largest
-# 8-KB block performance is virtually same: 32-bit code is less than
-# 1% slower for ECB, CBC and CCM, and ~3% slower otherwise.
-
-# January 2011
-#
-# See aesni-x86_64.pl for details. Unlike x86_64 version this module
-# interleaves at most 6 aes[enc|dec] instructions, because there are
-# not enough registers for 8x interleave [which should be optimal for
-# Sandy Bridge]. Actually, performance results for 6x interleave
-# factor presented in aesni-x86_64.pl (except for CTR) are for this
-# module.
-
-# April 2011
-#
-# Add aesni_xts_[en|de]crypt. Westmere spends 1.50 cycles processing
-# one byte out of 8KB with 128-bit key, Sandy Bridge - 1.09.
-
-$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
-			# generates drop-in replacement for
-			# crypto/aes/asm/aes-586.pl:-)
-$inline=1;		# inline _aesni_[en|de]crypt
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-if ($PREFIX eq "aesni")	{ $movekey=*movups; }
-else			{ $movekey=*movups; }
-
-$len="eax";
-$rounds="ecx";
-$key="edx";
-$inp="esi";
-$out="edi";
-$rounds_="ebx";	# backup copy for $rounds
-$key_="ebp";	# backup copy for $key
-
-$rndkey0="xmm0";
-$rndkey1="xmm1";
-$inout0="xmm2";
-$inout1="xmm3";
-$inout2="xmm4";
-$inout3="xmm5";	$in1="xmm5";
-$inout4="xmm6";	$in0="xmm6";
-$inout5="xmm7";	$ivec="xmm7";
-
-# AESNI extension
-sub aeskeygenassist
-{ my($dst,$src,$imm)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
-    {	&data_byte(0x66,0x0f,0x3a,0xdf,0xc0|($1<<3)|$2,$imm);	}
-}
-sub aescommon
-{ my($opcodelet,$dst,$src)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
-    {	&data_byte(0x66,0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);}
-}
-sub aesimc	{ aescommon(0xdb,@_); }
-sub aesenc	{ aescommon(0xdc,@_); }
-sub aesenclast	{ aescommon(0xdd,@_); }
-sub aesdec	{ aescommon(0xde,@_); }
-sub aesdeclast	{ aescommon(0xdf,@_); }
-
-# Inline version of internal aesni_[en|de]crypt1
-{ my $sn;
-sub aesni_inline_generate1
-{ my ($p,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout));
-  $sn++;
-
-    &$movekey		($rndkey0,&QWP(0,$key));
-    &$movekey		($rndkey1,&QWP(16,$key));
-    &xorps		($ivec,$rndkey0)	if (defined($ivec));
-    &lea		($key,&DWP(32,$key));
-    &xorps		($inout,$ivec)		if (defined($ivec));
-    &xorps		($inout,$rndkey0)	if (!defined($ivec));
-    &set_label("${p}1_loop_$sn");
-	eval"&aes${p}	($inout,$rndkey1)";
-	&dec		($rounds);
-	&$movekey	($rndkey1,&QWP(0,$key));
-	&lea		($key,&DWP(16,$key));
-    &jnz		(&label("${p}1_loop_$sn"));
-    eval"&aes${p}last	($inout,$rndkey1)";
-}}
-
-sub aesni_generate1	# fully unrolled loop
-{ my ($p,$inout)=@_; $inout=$inout0 if (!defined($inout));
-
-    &function_begin_B("_aesni_${p}rypt1");
-	&movups		($rndkey0,&QWP(0,$key));
-	&$movekey	($rndkey1,&QWP(0x10,$key));
-	&xorps		($inout,$rndkey0);
-	&$movekey	($rndkey0,&QWP(0x20,$key));
-	&lea		($key,&DWP(0x30,$key));
-	&cmp		($rounds,11);
-	&jb		(&label("${p}128"));
-	&lea		($key,&DWP(0x20,$key));
-	&je		(&label("${p}192"));
-	&lea		($key,&DWP(0x20,$key));
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(-0x40,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(-0x30,$key));
-    &set_label("${p}192");
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(-0x20,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(-0x10,$key));
-    &set_label("${p}128");
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(0,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0x10,$key));
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(0x20,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0x30,$key));
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(0x40,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0x50,$key));
-	eval"&aes${p}	($inout,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(0x60,$key));
-	eval"&aes${p}	($inout,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0x70,$key));
-	eval"&aes${p}	($inout,$rndkey1)";
-    eval"&aes${p}last	($inout,$rndkey0)";
-    &ret();
-    &function_end_B("_aesni_${p}rypt1");
-}
-
-# void $PREFIX_encrypt (const void *inp,void *out,const AES_KEY *key);
-&aesni_generate1("enc") if (!$inline);
-&function_begin_B("${PREFIX}_encrypt");
-	&mov	("eax",&wparam(0));
-	&mov	($key,&wparam(2));
-	&movups	($inout0,&QWP(0,"eax"));
-	&mov	($rounds,&DWP(240,$key));
-	&mov	("eax",&wparam(1));
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&movups	(&QWP(0,"eax"),$inout0);
-	&ret	();
-&function_end_B("${PREFIX}_encrypt");
-
-# void $PREFIX_decrypt (const void *inp,void *out,const AES_KEY *key);
-&aesni_generate1("dec") if(!$inline);
-&function_begin_B("${PREFIX}_decrypt");
-	&mov	("eax",&wparam(0));
-	&mov	($key,&wparam(2));
-	&movups	($inout0,&QWP(0,"eax"));
-	&mov	($rounds,&DWP(240,$key));
-	&mov	("eax",&wparam(1));
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&movups	(&QWP(0,"eax"),$inout0);
-	&ret	();
-&function_end_B("${PREFIX}_decrypt");
-
-# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
-# factor. Why 3x subroutine were originally used in loops? Even though
-# aes[enc|dec] latency was originally 6, it could be scheduled only
-# every *2nd* cycle. Thus 3x interleave was the one providing optimal
-# utilization, i.e. when subroutine's throughput is virtually same as
-# of non-interleaved subroutine [for number of input blocks up to 3].
-# This is why it makes no sense to implement 2x subroutine.
-# aes[enc|dec] latency in next processor generation is 8, but the
-# instructions can be scheduled every cycle. Optimal interleave for
-# new processor is therefore 8x, but it's unfeasible to accommodate it
-# in XMM registers addreassable in 32-bit mode and therefore 6x is
-# used instead...
-
-sub aesni_generate3
-{ my $p=shift;
-
-    &function_begin_B("_aesni_${p}rypt3");
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&shr		($rounds,1);
-	&$movekey	($rndkey1,&QWP(16,$key));
-	&lea		($key,&DWP(32,$key));
-	&xorps		($inout0,$rndkey0);
-	&pxor		($inout1,$rndkey0);
-	&pxor		($inout2,$rndkey0);
-	&$movekey	($rndkey0,&QWP(0,$key));
-
-    &set_label("${p}3_loop");
-	eval"&aes${p}	($inout0,$rndkey1)";
-	eval"&aes${p}	($inout1,$rndkey1)";
-	&dec		($rounds);
-	eval"&aes${p}	($inout2,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(16,$key));
-	eval"&aes${p}	($inout0,$rndkey0)";
-	eval"&aes${p}	($inout1,$rndkey0)";
-	&lea		($key,&DWP(32,$key));
-	eval"&aes${p}	($inout2,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&jnz		(&label("${p}3_loop"));
-    eval"&aes${p}	($inout0,$rndkey1)";
-    eval"&aes${p}	($inout1,$rndkey1)";
-    eval"&aes${p}	($inout2,$rndkey1)";
-    eval"&aes${p}last	($inout0,$rndkey0)";
-    eval"&aes${p}last	($inout1,$rndkey0)";
-    eval"&aes${p}last	($inout2,$rndkey0)";
-    &ret();
-    &function_end_B("_aesni_${p}rypt3");
-}
-
-# 4x interleave is implemented to improve small block performance,
-# most notably [and naturally] 4 block by ~30%. One can argue that one
-# should have implemented 5x as well, but improvement  would be <20%,
-# so it's not worth it...
-sub aesni_generate4
-{ my $p=shift;
-
-    &function_begin_B("_aesni_${p}rypt4");
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&$movekey	($rndkey1,&QWP(16,$key));
-	&shr		($rounds,1);
-	&lea		($key,&DWP(32,$key));
-	&xorps		($inout0,$rndkey0);
-	&pxor		($inout1,$rndkey0);
-	&pxor		($inout2,$rndkey0);
-	&pxor		($inout3,$rndkey0);
-	&$movekey	($rndkey0,&QWP(0,$key));
-
-    &set_label("${p}4_loop");
-	eval"&aes${p}	($inout0,$rndkey1)";
-	eval"&aes${p}	($inout1,$rndkey1)";
-	&dec		($rounds);
-	eval"&aes${p}	($inout2,$rndkey1)";
-	eval"&aes${p}	($inout3,$rndkey1)";
-	&$movekey	($rndkey1,&QWP(16,$key));
-	eval"&aes${p}	($inout0,$rndkey0)";
-	eval"&aes${p}	($inout1,$rndkey0)";
-	&lea		($key,&DWP(32,$key));
-	eval"&aes${p}	($inout2,$rndkey0)";
-	eval"&aes${p}	($inout3,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0,$key));
-    &jnz		(&label("${p}4_loop"));
-
-    eval"&aes${p}	($inout0,$rndkey1)";
-    eval"&aes${p}	($inout1,$rndkey1)";
-    eval"&aes${p}	($inout2,$rndkey1)";
-    eval"&aes${p}	($inout3,$rndkey1)";
-    eval"&aes${p}last	($inout0,$rndkey0)";
-    eval"&aes${p}last	($inout1,$rndkey0)";
-    eval"&aes${p}last	($inout2,$rndkey0)";
-    eval"&aes${p}last	($inout3,$rndkey0)";
-    &ret();
-    &function_end_B("_aesni_${p}rypt4");
-}
-
-sub aesni_generate6
-{ my $p=shift;
-
-    &function_begin_B("_aesni_${p}rypt6");
-    &static_label("_aesni_${p}rypt6_enter");
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&shr		($rounds,1);
-	&$movekey	($rndkey1,&QWP(16,$key));
-	&lea		($key,&DWP(32,$key));
-	&xorps		($inout0,$rndkey0);
-	&pxor		($inout1,$rndkey0);	# pxor does better here
-	eval"&aes${p}	($inout0,$rndkey1)";
-	&pxor		($inout2,$rndkey0);
-	eval"&aes${p}	($inout1,$rndkey1)";
-	&pxor		($inout3,$rndkey0);
-	&dec		($rounds);
-	eval"&aes${p}	($inout2,$rndkey1)";
-	&pxor		($inout4,$rndkey0);
-	eval"&aes${p}	($inout3,$rndkey1)";
-	&pxor		($inout5,$rndkey0);
-	eval"&aes${p}	($inout4,$rndkey1)";
-	&$movekey	($rndkey0,&QWP(0,$key));
-	eval"&aes${p}	($inout5,$rndkey1)";
-	&jmp		(&label("_aesni_${p}rypt6_enter"));
-
-    &set_label("${p}6_loop",16);
-	eval"&aes${p}	($inout0,$rndkey1)";
-	eval"&aes${p}	($inout1,$rndkey1)";
-	&dec		($rounds);
-	eval"&aes${p}	($inout2,$rndkey1)";
-	eval"&aes${p}	($inout3,$rndkey1)";
-	eval"&aes${p}	($inout4,$rndkey1)";
-	eval"&aes${p}	($inout5,$rndkey1)";
-    &set_label("_aesni_${p}rypt6_enter",16);
-	&$movekey	($rndkey1,&QWP(16,$key));
-	eval"&aes${p}	($inout0,$rndkey0)";
-	eval"&aes${p}	($inout1,$rndkey0)";
-	&lea		($key,&DWP(32,$key));
-	eval"&aes${p}	($inout2,$rndkey0)";
-	eval"&aes${p}	($inout3,$rndkey0)";
-	eval"&aes${p}	($inout4,$rndkey0)";
-	eval"&aes${p}	($inout5,$rndkey0)";
-	&$movekey	($rndkey0,&QWP(0,$key));
-    &jnz		(&label("${p}6_loop"));
-
-    eval"&aes${p}	($inout0,$rndkey1)";
-    eval"&aes${p}	($inout1,$rndkey1)";
-    eval"&aes${p}	($inout2,$rndkey1)";
-    eval"&aes${p}	($inout3,$rndkey1)";
-    eval"&aes${p}	($inout4,$rndkey1)";
-    eval"&aes${p}	($inout5,$rndkey1)";
-    eval"&aes${p}last	($inout0,$rndkey0)";
-    eval"&aes${p}last	($inout1,$rndkey0)";
-    eval"&aes${p}last	($inout2,$rndkey0)";
-    eval"&aes${p}last	($inout3,$rndkey0)";
-    eval"&aes${p}last	($inout4,$rndkey0)";
-    eval"&aes${p}last	($inout5,$rndkey0)";
-    &ret();
-    &function_end_B("_aesni_${p}rypt6");
-}
-&aesni_generate3("enc") if ($PREFIX eq "aesni");
-&aesni_generate3("dec");
-&aesni_generate4("enc") if ($PREFIX eq "aesni");
-&aesni_generate4("dec");
-&aesni_generate6("enc") if ($PREFIX eq "aesni");
-&aesni_generate6("dec");
-
-if ($PREFIX eq "aesni") {
-######################################################################
-# void aesni_ecb_encrypt (const void *in, void *out,
-#                         size_t length, const AES_KEY *key,
-#                         int enc);
-&function_begin("aesni_ecb_encrypt");
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));
-	&mov	($rounds_,&wparam(4));
-	&and	($len,-16);
-	&jz	(&label("ecb_ret"));
-	&mov	($rounds,&DWP(240,$key));
-	&test	($rounds_,$rounds_);
-	&jz	(&label("ecb_decrypt"));
-
-	&mov	($key_,$key);		# backup $key
-	&mov	($rounds_,$rounds);	# backup $rounds
-	&cmp	($len,0x60);
-	&jb	(&label("ecb_enc_tail"));
-
-	&movdqu	($inout0,&QWP(0,$inp));
-	&movdqu	($inout1,&QWP(0x10,$inp));
-	&movdqu	($inout2,&QWP(0x20,$inp));
-	&movdqu	($inout3,&QWP(0x30,$inp));
-	&movdqu	($inout4,&QWP(0x40,$inp));
-	&movdqu	($inout5,&QWP(0x50,$inp));
-	&lea	($inp,&DWP(0x60,$inp));
-	&sub	($len,0x60);
-	&jmp	(&label("ecb_enc_loop6_enter"));
-
-&set_label("ecb_enc_loop6",16);
-	&movups	(&QWP(0,$out),$inout0);
-	&movdqu	($inout0,&QWP(0,$inp));
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movdqu	($inout1,&QWP(0x10,$inp));
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movdqu	($inout2,&QWP(0x20,$inp));
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movdqu	($inout3,&QWP(0x30,$inp));
-	&movups	(&QWP(0x40,$out),$inout4);
-	&movdqu	($inout4,&QWP(0x40,$inp));
-	&movups	(&QWP(0x50,$out),$inout5);
-	&lea	($out,&DWP(0x60,$out));
-	&movdqu	($inout5,&QWP(0x50,$inp));
-	&lea	($inp,&DWP(0x60,$inp));
-&set_label("ecb_enc_loop6_enter");
-
-	&call	("_aesni_encrypt6");
-
-	&mov	($key,$key_);		# restore $key
-	&mov	($rounds,$rounds_);	# restore $rounds
-	&sub	($len,0x60);
-	&jnc	(&label("ecb_enc_loop6"));
-
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movups	(&QWP(0x40,$out),$inout4);
-	&movups	(&QWP(0x50,$out),$inout5);
-	&lea	($out,&DWP(0x60,$out));
-	&add	($len,0x60);
-	&jz	(&label("ecb_ret"));
-
-&set_label("ecb_enc_tail");
-	&movups	($inout0,&QWP(0,$inp));
-	&cmp	($len,0x20);
-	&jb	(&label("ecb_enc_one"));
-	&movups	($inout1,&QWP(0x10,$inp));
-	&je	(&label("ecb_enc_two"));
-	&movups	($inout2,&QWP(0x20,$inp));
-	&cmp	($len,0x40);
-	&jb	(&label("ecb_enc_three"));
-	&movups	($inout3,&QWP(0x30,$inp));
-	&je	(&label("ecb_enc_four"));
-	&movups	($inout4,&QWP(0x40,$inp));
-	&xorps	($inout5,$inout5);
-	&call	("_aesni_encrypt6");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movups	(&QWP(0x40,$out),$inout4);
-	jmp	(&label("ecb_ret"));
-
-&set_label("ecb_enc_one",16);
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&movups	(&QWP(0,$out),$inout0);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_enc_two",16);
-	&xorps	($inout2,$inout2);
-	&call	("_aesni_encrypt3");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_enc_three",16);
-	&call	("_aesni_encrypt3");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_enc_four",16);
-	&call	("_aesni_encrypt4");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&jmp	(&label("ecb_ret"));
-######################################################################
-&set_label("ecb_decrypt",16);
-	&mov	($key_,$key);		# backup $key
-	&mov	($rounds_,$rounds);	# backup $rounds
-	&cmp	($len,0x60);
-	&jb	(&label("ecb_dec_tail"));
-
-	&movdqu	($inout0,&QWP(0,$inp));
-	&movdqu	($inout1,&QWP(0x10,$inp));
-	&movdqu	($inout2,&QWP(0x20,$inp));
-	&movdqu	($inout3,&QWP(0x30,$inp));
-	&movdqu	($inout4,&QWP(0x40,$inp));
-	&movdqu	($inout5,&QWP(0x50,$inp));
-	&lea	($inp,&DWP(0x60,$inp));
-	&sub	($len,0x60);
-	&jmp	(&label("ecb_dec_loop6_enter"));
-
-&set_label("ecb_dec_loop6",16);
-	&movups	(&QWP(0,$out),$inout0);
-	&movdqu	($inout0,&QWP(0,$inp));
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movdqu	($inout1,&QWP(0x10,$inp));
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movdqu	($inout2,&QWP(0x20,$inp));
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movdqu	($inout3,&QWP(0x30,$inp));
-	&movups	(&QWP(0x40,$out),$inout4);
-	&movdqu	($inout4,&QWP(0x40,$inp));
-	&movups	(&QWP(0x50,$out),$inout5);
-	&lea	($out,&DWP(0x60,$out));
-	&movdqu	($inout5,&QWP(0x50,$inp));
-	&lea	($inp,&DWP(0x60,$inp));
-&set_label("ecb_dec_loop6_enter");
-
-	&call	("_aesni_decrypt6");
-
-	&mov	($key,$key_);		# restore $key
-	&mov	($rounds,$rounds_);	# restore $rounds
-	&sub	($len,0x60);
-	&jnc	(&label("ecb_dec_loop6"));
-
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movups	(&QWP(0x40,$out),$inout4);
-	&movups	(&QWP(0x50,$out),$inout5);
-	&lea	($out,&DWP(0x60,$out));
-	&add	($len,0x60);
-	&jz	(&label("ecb_ret"));
-
-&set_label("ecb_dec_tail");
-	&movups	($inout0,&QWP(0,$inp));
-	&cmp	($len,0x20);
-	&jb	(&label("ecb_dec_one"));
-	&movups	($inout1,&QWP(0x10,$inp));
-	&je	(&label("ecb_dec_two"));
-	&movups	($inout2,&QWP(0x20,$inp));
-	&cmp	($len,0x40);
-	&jb	(&label("ecb_dec_three"));
-	&movups	($inout3,&QWP(0x30,$inp));
-	&je	(&label("ecb_dec_four"));
-	&movups	($inout4,&QWP(0x40,$inp));
-	&xorps	($inout5,$inout5);
-	&call	("_aesni_decrypt6");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movups	(&QWP(0x40,$out),$inout4);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_dec_one",16);
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&movups	(&QWP(0,$out),$inout0);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_dec_two",16);
-	&xorps	($inout2,$inout2);
-	&call	("_aesni_decrypt3");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_dec_three",16);
-	&call	("_aesni_decrypt3");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&jmp	(&label("ecb_ret"));
-
-&set_label("ecb_dec_four",16);
-	&call	("_aesni_decrypt4");
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-
-&set_label("ecb_ret");
-&function_end("aesni_ecb_encrypt");
-
-######################################################################
-# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
-#                         size_t blocks, const AES_KEY *key,
-#                         const char *ivec,char *cmac);
-#
-# Handles only complete blocks, operates on 64-bit counter and
-# does not update *ivec! Nor does it finalize CMAC value
-# (see engine/eng_aesni.c for details)
-#
-{ my $cmac=$inout1;
-&function_begin("aesni_ccm64_encrypt_blocks");
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));
-	&mov	($rounds_,&wparam(4));
-	&mov	($rounds,&wparam(5));
-	&mov	($key_,"esp");
-	&sub	("esp",60);
-	&and	("esp",-16);			# align stack
-	&mov	(&DWP(48,"esp"),$key_);
-
-	&movdqu	($ivec,&QWP(0,$rounds_));	# load ivec
-	&movdqu	($cmac,&QWP(0,$rounds));	# load cmac
-	&mov	($rounds,&DWP(240,$key));
-
-	# compose byte-swap control mask for pshufb on stack
-	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
-	&mov	(&DWP(4,"esp"),0x08090a0b);
-	&mov	(&DWP(8,"esp"),0x04050607);
-	&mov	(&DWP(12,"esp"),0x00010203);
-
-	# compose counter increment vector on stack
-	&mov	($rounds_,1);
-	&xor	($key_,$key_);
-	&mov	(&DWP(16,"esp"),$rounds_);
-	&mov	(&DWP(20,"esp"),$key_);
-	&mov	(&DWP(24,"esp"),$key_);
-	&mov	(&DWP(28,"esp"),$key_);
-
-	&shr	($rounds,1);
-	&lea	($key_,&DWP(0,$key));
-	&movdqa	($inout3,&QWP(0,"esp"));
-	&movdqa	($inout0,$ivec);
-	&mov	($rounds_,$rounds);
-	&pshufb	($ivec,$inout3);
-
-&set_label("ccm64_enc_outer");
-	&$movekey	($rndkey0,&QWP(0,$key_));
-	&mov		($rounds,$rounds_);
-	&movups		($in0,&QWP(0,$inp));
-
-	&xorps		($inout0,$rndkey0);
-	&$movekey	($rndkey1,&QWP(16,$key_));
-	&xorps		($rndkey0,$in0);
-	&lea		($key,&DWP(32,$key_));
-	&xorps		($cmac,$rndkey0);		# cmac^=inp
-	&$movekey	($rndkey0,&QWP(0,$key));
-
-&set_label("ccm64_enc2_loop");
-	&aesenc		($inout0,$rndkey1);
-	&dec		($rounds);
-	&aesenc		($cmac,$rndkey1);
-	&$movekey	($rndkey1,&QWP(16,$key));
-	&aesenc		($inout0,$rndkey0);
-	&lea		($key,&DWP(32,$key));
-	&aesenc		($cmac,$rndkey0);
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&jnz		(&label("ccm64_enc2_loop"));
-	&aesenc		($inout0,$rndkey1);
-	&aesenc		($cmac,$rndkey1);
-	&paddq		($ivec,&QWP(16,"esp"));
-	&aesenclast	($inout0,$rndkey0);
-	&aesenclast	($cmac,$rndkey0);
-
-	&dec	($len);
-	&lea	($inp,&DWP(16,$inp));
-	&xorps	($in0,$inout0);			# inp^=E(ivec)
-	&movdqa	($inout0,$ivec);
-	&movups	(&QWP(0,$out),$in0);		# save output
-	&lea	($out,&DWP(16,$out));
-	&pshufb	($inout0,$inout3);
-	&jnz	(&label("ccm64_enc_outer"));
-
-	&mov	("esp",&DWP(48,"esp"));
-	&mov	($out,&wparam(5));
-	&movups	(&QWP(0,$out),$cmac);
-&function_end("aesni_ccm64_encrypt_blocks");
-
-&function_begin("aesni_ccm64_decrypt_blocks");
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));
-	&mov	($rounds_,&wparam(4));
-	&mov	($rounds,&wparam(5));
-	&mov	($key_,"esp");
-	&sub	("esp",60);
-	&and	("esp",-16);			# align stack
-	&mov	(&DWP(48,"esp"),$key_);
-
-	&movdqu	($ivec,&QWP(0,$rounds_));	# load ivec
-	&movdqu	($cmac,&QWP(0,$rounds));	# load cmac
-	&mov	($rounds,&DWP(240,$key));
-
-	# compose byte-swap control mask for pshufb on stack
-	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
-	&mov	(&DWP(4,"esp"),0x08090a0b);
-	&mov	(&DWP(8,"esp"),0x04050607);
-	&mov	(&DWP(12,"esp"),0x00010203);
-
-	# compose counter increment vector on stack
-	&mov	($rounds_,1);
-	&xor	($key_,$key_);
-	&mov	(&DWP(16,"esp"),$rounds_);
-	&mov	(&DWP(20,"esp"),$key_);
-	&mov	(&DWP(24,"esp"),$key_);
-	&mov	(&DWP(28,"esp"),$key_);
-
-	&movdqa	($inout3,&QWP(0,"esp"));	# bswap mask
-	&movdqa	($inout0,$ivec);
-
-	&mov	($key_,$key);
-	&mov	($rounds_,$rounds);
-
-	&pshufb	($ivec,$inout3);
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&movups	($in0,&QWP(0,$inp));		# load inp
-	&paddq	($ivec,&QWP(16,"esp"));
-	&lea	($inp,&QWP(16,$inp));
-	&jmp	(&label("ccm64_dec_outer"));
-
-&set_label("ccm64_dec_outer",16);
-	&xorps	($in0,$inout0);			# inp ^= E(ivec)
-	&movdqa	($inout0,$ivec);
-	&mov	($rounds,$rounds_);
-	&movups	(&QWP(0,$out),$in0);		# save output
-	&lea	($out,&DWP(16,$out));
-	&pshufb	($inout0,$inout3);
-
-	&sub	($len,1);
-	&jz	(&label("ccm64_dec_break"));
-
-	&$movekey	($rndkey0,&QWP(0,$key_));
-	&shr		($rounds,1);
-	&$movekey	($rndkey1,&QWP(16,$key_));
-	&xorps		($in0,$rndkey0);
-	&lea		($key,&DWP(32,$key_));
-	&xorps		($inout0,$rndkey0);
-	&xorps		($cmac,$in0);		# cmac^=out
-	&$movekey	($rndkey0,&QWP(0,$key));
-
-&set_label("ccm64_dec2_loop");
-	&aesenc		($inout0,$rndkey1);
-	&dec		($rounds);
-	&aesenc		($cmac,$rndkey1);
-	&$movekey	($rndkey1,&QWP(16,$key));
-	&aesenc		($inout0,$rndkey0);
-	&lea		($key,&DWP(32,$key));
-	&aesenc		($cmac,$rndkey0);
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&jnz		(&label("ccm64_dec2_loop"));
-	&movups		($in0,&QWP(0,$inp));	# load inp
-	&paddq		($ivec,&QWP(16,"esp"));
-	&aesenc		($inout0,$rndkey1);
-	&aesenc		($cmac,$rndkey1);
-	&lea		($inp,&QWP(16,$inp));
-	&aesenclast	($inout0,$rndkey0);
-	&aesenclast	($cmac,$rndkey0);
-	&jmp	(&label("ccm64_dec_outer"));
-
-&set_label("ccm64_dec_break",16);
-	&mov	($key,$key_);
-	if ($inline)
-	{   &aesni_inline_generate1("enc",$cmac,$in0);	}
-	else
-	{   &call	("_aesni_encrypt1",$cmac);	}
-
-	&mov	("esp",&DWP(48,"esp"));
-	&mov	($out,&wparam(5));
-	&movups	(&QWP(0,$out),$cmac);
-&function_end("aesni_ccm64_decrypt_blocks");
-}
-
-######################################################################
-# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
-#                         size_t blocks, const AES_KEY *key,
-#                         const char *ivec);
-#
-# Handles only complete blocks, operates on 32-bit counter and
-# does not update *ivec! (see engine/eng_aesni.c for details)
-#
-# stack layout:
-#	0	pshufb mask
-#	16	vector addend: 0,6,6,6
-# 	32	counter-less ivec
-#	48	1st triplet of counter vector
-#	64	2nd triplet of counter vector
-#	80	saved %esp
-
-&function_begin("aesni_ctr32_encrypt_blocks");
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));
-	&mov	($rounds_,&wparam(4));
-	&mov	($key_,"esp");
-	&sub	("esp",88);
-	&and	("esp",-16);			# align stack
-	&mov	(&DWP(80,"esp"),$key_);
-
-	&cmp	($len,1);
-	&je	(&label("ctr32_one_shortcut"));
-
-	&movdqu	($inout5,&QWP(0,$rounds_));	# load ivec
-
-	# compose byte-swap control mask for pshufb on stack
-	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
-	&mov	(&DWP(4,"esp"),0x08090a0b);
-	&mov	(&DWP(8,"esp"),0x04050607);
-	&mov	(&DWP(12,"esp"),0x00010203);
-
-	# compose counter increment vector on stack
-	&mov	($rounds,6);
-	&xor	($key_,$key_);
-	&mov	(&DWP(16,"esp"),$rounds);
-	&mov	(&DWP(20,"esp"),$rounds);
-	&mov	(&DWP(24,"esp"),$rounds);
-	&mov	(&DWP(28,"esp"),$key_);
-
-	&pextrd	($rounds_,$inout5,3);		# pull 32-bit counter
-	&pinsrd	($inout5,$key_,3);		# wipe 32-bit counter
-
-	&mov	($rounds,&DWP(240,$key));	# key->rounds
-
-	# compose 2 vectors of 3x32-bit counters
-	&bswap	($rounds_);
-	&pxor	($rndkey1,$rndkey1);
-	&pxor	($rndkey0,$rndkey0);
-	&movdqa	($inout0,&QWP(0,"esp"));	# load byte-swap mask
-	&pinsrd	($rndkey1,$rounds_,0);
-	&lea	($key_,&DWP(3,$rounds_));
-	&pinsrd	($rndkey0,$key_,0);
-	&inc	($rounds_);
-	&pinsrd	($rndkey1,$rounds_,1);
-	&inc	($key_);
-	&pinsrd	($rndkey0,$key_,1);
-	&inc	($rounds_);
-	&pinsrd	($rndkey1,$rounds_,2);
-	&inc	($key_);
-	&pinsrd	($rndkey0,$key_,2);
-	&movdqa	(&QWP(48,"esp"),$rndkey1);	# save 1st triplet
-	&pshufb	($rndkey1,$inout0);		# byte swap
-	&movdqa	(&QWP(64,"esp"),$rndkey0);	# save 2nd triplet
-	&pshufb	($rndkey0,$inout0);		# byte swap
-
-	&pshufd	($inout0,$rndkey1,3<<6);	# place counter to upper dword
-	&pshufd	($inout1,$rndkey1,2<<6);
-	&cmp	($len,6);
-	&jb	(&label("ctr32_tail"));
-	&movdqa	(&QWP(32,"esp"),$inout5);	# save counter-less ivec
-	&shr	($rounds,1);
-	&mov	($key_,$key);			# backup $key
-	&mov	($rounds_,$rounds);		# backup $rounds
-	&sub	($len,6);
-	&jmp	(&label("ctr32_loop6"));
-
-&set_label("ctr32_loop6",16);
-	&pshufd	($inout2,$rndkey1,1<<6);
-	&movdqa	($rndkey1,&QWP(32,"esp"));	# pull counter-less ivec
-	&pshufd	($inout3,$rndkey0,3<<6);
-	&por	($inout0,$rndkey1);		# merge counter-less ivec
-	&pshufd	($inout4,$rndkey0,2<<6);
-	&por	($inout1,$rndkey1);
-	&pshufd	($inout5,$rndkey0,1<<6);
-	&por	($inout2,$rndkey1);
-	&por	($inout3,$rndkey1);
-	&por	($inout4,$rndkey1);
-	&por	($inout5,$rndkey1);
-
-	# inlining _aesni_encrypt6's prologue gives ~4% improvement...
-	&$movekey	($rndkey0,&QWP(0,$key_));
-	&$movekey	($rndkey1,&QWP(16,$key_));
-	&lea		($key,&DWP(32,$key_));
-	&dec		($rounds);
-	&pxor		($inout0,$rndkey0);
-	&pxor		($inout1,$rndkey0);
-	&aesenc		($inout0,$rndkey1);
-	&pxor		($inout2,$rndkey0);
-	&aesenc		($inout1,$rndkey1);
-	&pxor		($inout3,$rndkey0);
-	&aesenc		($inout2,$rndkey1);
-	&pxor		($inout4,$rndkey0);
-	&aesenc		($inout3,$rndkey1);
-	&pxor		($inout5,$rndkey0);
-	&aesenc		($inout4,$rndkey1);
-	&$movekey	($rndkey0,&QWP(0,$key));
-	&aesenc		($inout5,$rndkey1);
-
-	&call		(&label("_aesni_encrypt6_enter"));
-
-	&movups	($rndkey1,&QWP(0,$inp));
-	&movups	($rndkey0,&QWP(0x10,$inp));
-	&xorps	($inout0,$rndkey1);
-	&movups	($rndkey1,&QWP(0x20,$inp));
-	&xorps	($inout1,$rndkey0);
-	&movups	(&QWP(0,$out),$inout0);
-	&movdqa	($rndkey0,&QWP(16,"esp"));	# load increment
-	&xorps	($inout2,$rndkey1);
-	&movdqa	($rndkey1,&QWP(48,"esp"));	# load 1st triplet
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-
-	&paddd	($rndkey1,$rndkey0);		# 1st triplet increment
-	&paddd	($rndkey0,&QWP(64,"esp"));	# 2nd triplet increment
-	&movdqa	($inout0,&QWP(0,"esp"));	# load byte swap mask
-
-	&movups	($inout1,&QWP(0x30,$inp));
-	&movups	($inout2,&QWP(0x40,$inp));
-	&xorps	($inout3,$inout1);
-	&movups	($inout1,&QWP(0x50,$inp));
-	&lea	($inp,&DWP(0x60,$inp));
-	&movdqa	(&QWP(48,"esp"),$rndkey1);	# save 1st triplet
-	&pshufb	($rndkey1,$inout0);		# byte swap
-	&xorps	($inout4,$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&xorps	($inout5,$inout1);
-	&movdqa	(&QWP(64,"esp"),$rndkey0);	# save 2nd triplet
-	&pshufb	($rndkey0,$inout0);		# byte swap
-	&movups	(&QWP(0x40,$out),$inout4);
-	&pshufd	($inout0,$rndkey1,3<<6);
-	&movups	(&QWP(0x50,$out),$inout5);
-	&lea	($out,&DWP(0x60,$out));
-
-	&mov	($rounds,$rounds_);
-	&pshufd	($inout1,$rndkey1,2<<6);
-	&sub	($len,6);
-	&jnc	(&label("ctr32_loop6"));
-
-	&add	($len,6);
-	&jz	(&label("ctr32_ret"));
-	&mov	($key,$key_);
-	&lea	($rounds,&DWP(1,"",$rounds,2));	# restore $rounds
-	&movdqa	($inout5,&QWP(32,"esp"));	# pull count-less ivec
-
-&set_label("ctr32_tail");
-	&por	($inout0,$inout5);
-	&cmp	($len,2);
-	&jb	(&label("ctr32_one"));
-
-	&pshufd	($inout2,$rndkey1,1<<6);
-	&por	($inout1,$inout5);
-	&je	(&label("ctr32_two"));
-
-	&pshufd	($inout3,$rndkey0,3<<6);
-	&por	($inout2,$inout5);
-	&cmp	($len,4);
-	&jb	(&label("ctr32_three"));
-
-	&pshufd	($inout4,$rndkey0,2<<6);
-	&por	($inout3,$inout5);
-	&je	(&label("ctr32_four"));
-
-	&por	($inout4,$inout5);
-	&call	("_aesni_encrypt6");
-	&movups	($rndkey1,&QWP(0,$inp));
-	&movups	($rndkey0,&QWP(0x10,$inp));
-	&xorps	($inout0,$rndkey1);
-	&movups	($rndkey1,&QWP(0x20,$inp));
-	&xorps	($inout1,$rndkey0);
-	&movups	($rndkey0,&QWP(0x30,$inp));
-	&xorps	($inout2,$rndkey1);
-	&movups	($rndkey1,&QWP(0x40,$inp));
-	&xorps	($inout3,$rndkey0);
-	&movups	(&QWP(0,$out),$inout0);
-	&xorps	($inout4,$rndkey1);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&movups	(&QWP(0x40,$out),$inout4);
-	&jmp	(&label("ctr32_ret"));
-
-&set_label("ctr32_one_shortcut",16);
-	&movups	($inout0,&QWP(0,$rounds_));	# load ivec
-	&mov	($rounds,&DWP(240,$key));
-	
-&set_label("ctr32_one");
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&movups	($in0,&QWP(0,$inp));
-	&xorps	($in0,$inout0);
-	&movups	(&QWP(0,$out),$in0);
-	&jmp	(&label("ctr32_ret"));
-
-&set_label("ctr32_two",16);
-	&call	("_aesni_encrypt3");
-	&movups	($inout3,&QWP(0,$inp));
-	&movups	($inout4,&QWP(0x10,$inp));
-	&xorps	($inout0,$inout3);
-	&xorps	($inout1,$inout4);
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&jmp	(&label("ctr32_ret"));
-
-&set_label("ctr32_three",16);
-	&call	("_aesni_encrypt3");
-	&movups	($inout3,&QWP(0,$inp));
-	&movups	($inout4,&QWP(0x10,$inp));
-	&xorps	($inout0,$inout3);
-	&movups	($inout5,&QWP(0x20,$inp));
-	&xorps	($inout1,$inout4);
-	&movups	(&QWP(0,$out),$inout0);
-	&xorps	($inout2,$inout5);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&jmp	(&label("ctr32_ret"));
-
-&set_label("ctr32_four",16);
-	&call	("_aesni_encrypt4");
-	&movups	($inout4,&QWP(0,$inp));
-	&movups	($inout5,&QWP(0x10,$inp));
-	&movups	($rndkey1,&QWP(0x20,$inp));
-	&xorps	($inout0,$inout4);
-	&movups	($rndkey0,&QWP(0x30,$inp));
-	&xorps	($inout1,$inout5);
-	&movups	(&QWP(0,$out),$inout0);
-	&xorps	($inout2,$rndkey1);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&xorps	($inout3,$rndkey0);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-
-&set_label("ctr32_ret");
-	&mov	("esp",&DWP(80,"esp"));
-&function_end("aesni_ctr32_encrypt_blocks");
-
-######################################################################
-# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2
-#	const unsigned char iv[16]);
-#
-{ my ($tweak,$twtmp,$twres,$twmask)=($rndkey1,$rndkey0,$inout0,$inout1);
-
-&function_begin("aesni_xts_encrypt");
-	&mov	($key,&wparam(4));		# key2
-	&mov	($inp,&wparam(5));		# clear-text tweak
-
-	&mov	($rounds,&DWP(240,$key));	# key2->rounds
-	&movups	($inout0,&QWP(0,$inp));
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));		# key1
-
-	&mov	($key_,"esp");
-	&sub	("esp",16*7+8);
-	&mov	($rounds,&DWP(240,$key));	# key1->rounds
-	&and	("esp",-16);			# align stack
-
-	&mov	(&DWP(16*6+0,"esp"),0x87);	# compose the magic constant
-	&mov	(&DWP(16*6+4,"esp"),0);
-	&mov	(&DWP(16*6+8,"esp"),1);
-	&mov	(&DWP(16*6+12,"esp"),0);
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save original $len
-	&mov	(&DWP(16*7+4,"esp"),$key_);	# save original %esp
-
-	&movdqa	($tweak,$inout0);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($twmask,&QWP(6*16,"esp"));	# 0x0...010...87
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-
-	&and	($len,-16);
-	&mov	($key_,$key);			# backup $key
-	&mov	($rounds_,$rounds);		# backup $rounds
-	&sub	($len,16*6);
-	&jc	(&label("xts_enc_short"));
-
-	&shr	($rounds,1);
-	&mov	($rounds_,$rounds);
-	&jmp	(&label("xts_enc_loop6"));
-
-&set_label("xts_enc_loop6",16);
-	for ($i=0;$i<4;$i++) {
-	    &pshufd	($twres,$twtmp,0x13);
-	    &pxor	($twtmp,$twtmp);
-	    &movdqa	(&QWP(16*$i,"esp"),$tweak);
-	    &paddq	($tweak,$tweak);	# &psllq($tweak,1);
-	    &pand	($twres,$twmask);	# isolate carry and residue
-	    &pcmpgtd	($twtmp,$tweak);	# broadcast upper bits
-	    &pxor	($tweak,$twres);
-	}
-	&pshufd	($inout5,$twtmp,0x13);
-	&movdqa	(&QWP(16*$i++,"esp"),$tweak);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	 &$movekey	($rndkey0,&QWP(0,$key_));
-	&pand	($inout5,$twmask);		# isolate carry and residue
-	 &movups	($inout0,&QWP(0,$inp));	# load input
-	&pxor	($inout5,$tweak);
-
-	# inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
-	&movdqu	($inout1,&QWP(16*1,$inp));
-	 &xorps		($inout0,$rndkey0);	# input^=rndkey[0]
-	&movdqu	($inout2,&QWP(16*2,$inp));
-	 &pxor		($inout1,$rndkey0);
-	&movdqu	($inout3,&QWP(16*3,$inp));
-	 &pxor		($inout2,$rndkey0);
-	&movdqu	($inout4,&QWP(16*4,$inp));
-	 &pxor		($inout3,$rndkey0);
-	&movdqu	($rndkey1,&QWP(16*5,$inp));
-	 &pxor		($inout4,$rndkey0);
-	&lea	($inp,&DWP(16*6,$inp));
-	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movdqa	(&QWP(16*$i,"esp"),$inout5);	# save last tweak
-	&pxor	($inout5,$rndkey1);
-
-	 &$movekey	($rndkey1,&QWP(16,$key_));
-	 &lea		($key,&DWP(32,$key_));
-	&pxor	($inout1,&QWP(16*1,"esp"));
-	 &aesenc	($inout0,$rndkey1);
-	&pxor	($inout2,&QWP(16*2,"esp"));
-	 &aesenc	($inout1,$rndkey1);
-	&pxor	($inout3,&QWP(16*3,"esp"));
-	 &dec		($rounds);
-	 &aesenc	($inout2,$rndkey1);
-	&pxor	($inout4,&QWP(16*4,"esp"));
-	 &aesenc	($inout3,$rndkey1);
-	&pxor		($inout5,$rndkey0);
-	 &aesenc	($inout4,$rndkey1);
-	 &$movekey	($rndkey0,&QWP(0,$key));
-	 &aesenc	($inout5,$rndkey1);
-	&call		(&label("_aesni_encrypt6_enter"));
-
-	&movdqa	($tweak,&QWP(16*5,"esp"));	# last tweak
-       &pxor	($twtmp,$twtmp);
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-       &pcmpgtd	($twtmp,$tweak);		# broadcast upper bits
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout2,&QWP(16*2,"esp"));
-	&movups	(&QWP(16*1,$out),$inout1);
-	&xorps	($inout3,&QWP(16*3,"esp"));
-	&movups	(&QWP(16*2,$out),$inout2);
-	&xorps	($inout4,&QWP(16*4,"esp"));
-	&movups	(&QWP(16*3,$out),$inout3);
-	&xorps	($inout5,$tweak);
-	&movups	(&QWP(16*4,$out),$inout4);
-       &pshufd	($twres,$twtmp,0x13);
-	&movups	(&QWP(16*5,$out),$inout5);
-	&lea	($out,&DWP(16*6,$out));
-       &movdqa	($twmask,&QWP(16*6,"esp"));	# 0x0...010...87
-
-	&pxor	($twtmp,$twtmp);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&mov	($rounds,$rounds_);		# restore $rounds
-	&pxor	($tweak,$twres);
-
-	&sub	($len,16*6);
-	&jnc	(&label("xts_enc_loop6"));
-
-	&lea	($rounds,&DWP(1,"",$rounds,2));	# restore $rounds
-	&mov	($key,$key_);			# restore $key
-	&mov	($rounds_,$rounds);
-
-&set_label("xts_enc_short");
-	&add	($len,16*6);
-	&jz	(&label("xts_enc_done6x"));
-
-	&movdqa	($inout3,$tweak);		# put aside previous tweak
-	&cmp	($len,0x20);
-	&jb	(&label("xts_enc_one"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&je	(&label("xts_enc_two"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($inout4,$tweak);		# put aside previous tweak
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&cmp	($len,0x40);
-	&jb	(&label("xts_enc_three"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($inout5,$tweak);		# put aside previous tweak
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&movdqa	(&QWP(16*0,"esp"),$inout3);
-	&movdqa	(&QWP(16*1,"esp"),$inout4);
-	&je	(&label("xts_enc_four"));
-
-	&movdqa	(&QWP(16*2,"esp"),$inout5);
-	&pshufd	($inout5,$twtmp,0x13);
-	&movdqa	(&QWP(16*3,"esp"),$tweak);
-	&paddq	($tweak,$tweak);		# &psllq($inout0,1);
-	&pand	($inout5,$twmask);		# isolate carry and residue
-	&pxor	($inout5,$tweak);
-
-	&movdqu	($inout0,&QWP(16*0,$inp));	# load input
-	&movdqu	($inout1,&QWP(16*1,$inp));
-	&movdqu	($inout2,&QWP(16*2,$inp));
-	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movdqu	($inout3,&QWP(16*3,$inp));
-	&pxor	($inout1,&QWP(16*1,"esp"));
-	&movdqu	($inout4,&QWP(16*4,$inp));
-	&pxor	($inout2,&QWP(16*2,"esp"));
-	&lea	($inp,&DWP(16*5,$inp));
-	&pxor	($inout3,&QWP(16*3,"esp"));
-	&movdqa	(&QWP(16*4,"esp"),$inout5);	# save last tweak
-	&pxor	($inout4,$inout5);
-
-	&call	("_aesni_encrypt6");
-
-	&movaps	($tweak,&QWP(16*4,"esp"));	# last tweak
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,&QWP(16*2,"esp"));
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout3,&QWP(16*3,"esp"));
-	&movups	(&QWP(16*1,$out),$inout1);
-	&xorps	($inout4,$tweak);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&movups	(&QWP(16*3,$out),$inout3);
-	&movups	(&QWP(16*4,$out),$inout4);
-	&lea	($out,&DWP(16*5,$out));
-	&jmp	(&label("xts_enc_done"));
-
-&set_label("xts_enc_one",16);
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&lea	($inp,&DWP(16*1,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&lea	($out,&DWP(16*1,$out));
-
-	&movdqa	($tweak,$inout3);		# last tweak
-	&jmp	(&label("xts_enc_done"));
-
-&set_label("xts_enc_two",16);
-	&movaps	($inout4,$tweak);		# put aside last tweak
-
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&lea	($inp,&DWP(16*2,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	&xorps	($inout1,$inout4);
-	&xorps	($inout2,$inout2);
-
-	&call	("_aesni_encrypt3");
-
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&xorps	($inout1,$inout4);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&movups	(&QWP(16*1,$out),$inout1);
-	&lea	($out,&DWP(16*2,$out));
-
-	&movdqa	($tweak,$inout4);		# last tweak
-	&jmp	(&label("xts_enc_done"));
-
-&set_label("xts_enc_three",16);
-	&movaps	($inout5,$tweak);		# put aside last tweak
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&movups	($inout2,&QWP(16*2,$inp));
-	&lea	($inp,&DWP(16*3,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	&xorps	($inout1,$inout4);
-	&xorps	($inout2,$inout5);
-
-	&call	("_aesni_encrypt3");
-
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&xorps	($inout1,$inout4);
-	&xorps	($inout2,$inout5);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&movups	(&QWP(16*1,$out),$inout1);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&lea	($out,&DWP(16*3,$out));
-
-	&movdqa	($tweak,$inout5);		# last tweak
-	&jmp	(&label("xts_enc_done"));
-
-&set_label("xts_enc_four",16);
-	&movaps	($inout4,$tweak);		# put aside last tweak
-
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&movups	($inout2,&QWP(16*2,$inp));
-	&xorps	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movups	($inout3,&QWP(16*3,$inp));
-	&lea	($inp,&DWP(16*4,$inp));
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,$inout5);
-	&xorps	($inout3,$inout4);
-
-	&call	("_aesni_encrypt4");
-
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,$inout5);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout3,$inout4);
-	&movups	(&QWP(16*1,$out),$inout1);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&movups	(&QWP(16*3,$out),$inout3);
-	&lea	($out,&DWP(16*4,$out));
-
-	&movdqa	($tweak,$inout4);		# last tweak
-	&jmp	(&label("xts_enc_done"));
-
-&set_label("xts_enc_done6x",16);		# $tweak is pre-calculated
-	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
-	&and	($len,15);
-	&jz	(&label("xts_enc_ret"));
-	&movdqa	($inout3,$tweak);
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
-	&jmp	(&label("xts_enc_steal"));
-
-&set_label("xts_enc_done",16);
-	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
-	&pxor	($twtmp,$twtmp);
-	&and	($len,15);
-	&jz	(&label("xts_enc_ret"));
-
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
-	&pshufd	($inout3,$twtmp,0x13);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($inout3,&QWP(16*6,"esp"));	# isolate carry and residue
-	&pxor	($inout3,$tweak);
-
-&set_label("xts_enc_steal");
-	&movz	($rounds,&BP(0,$inp));
-	&movz	($key,&BP(-16,$out));
-	&lea	($inp,&DWP(1,$inp));
-	&mov	(&BP(-16,$out),&LB($rounds));
-	&mov	(&BP(0,$out),&LB($key));
-	&lea	($out,&DWP(1,$out));
-	&sub	($len,1);
-	&jnz	(&label("xts_enc_steal"));
-
-	&sub	($out,&DWP(16*7+0,"esp"));	# rewind $out
-	&mov	($key,$key_);			# restore $key
-	&mov	($rounds,$rounds_);		# restore $rounds
-
-	&movups	($inout0,&QWP(-16,$out));	# load input
-	&xorps	($inout0,$inout3);		# input^=tweak
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&movups	(&QWP(-16,$out),$inout0);	# write output
-
-&set_label("xts_enc_ret");
-	&mov	("esp",&DWP(16*7+4,"esp"));	# restore %esp
-&function_end("aesni_xts_encrypt");
-
-&function_begin("aesni_xts_decrypt");
-	&mov	($key,&wparam(4));		# key2
-	&mov	($inp,&wparam(5));		# clear-text tweak
-
-	&mov	($rounds,&DWP(240,$key));	# key2->rounds
-	&movups	($inout0,&QWP(0,$inp));
-	if ($inline)
-	{   &aesni_inline_generate1("enc");	}
-	else
-	{   &call	("_aesni_encrypt1");	}
-
-	&mov	($inp,&wparam(0));
-	&mov	($out,&wparam(1));
-	&mov	($len,&wparam(2));
-	&mov	($key,&wparam(3));		# key1
-
-	&mov	($key_,"esp");
-	&sub	("esp",16*7+8);
-	&and	("esp",-16);			# align stack
-
-	&xor	($rounds_,$rounds_);		# if(len%16) len-=16;
-	&test	($len,15);
-	&setnz	(&LB($rounds_));
-	&shl	($rounds_,4);
-	&sub	($len,$rounds_);
-
-	&mov	(&DWP(16*6+0,"esp"),0x87);	# compose the magic constant
-	&mov	(&DWP(16*6+4,"esp"),0);
-	&mov	(&DWP(16*6+8,"esp"),1);
-	&mov	(&DWP(16*6+12,"esp"),0);
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save original $len
-	&mov	(&DWP(16*7+4,"esp"),$key_);	# save original %esp
-
-	&mov	($rounds,&DWP(240,$key));	# key1->rounds
-	&mov	($key_,$key);			# backup $key
-	&mov	($rounds_,$rounds);		# backup $rounds
-
-	&movdqa	($tweak,$inout0);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($twmask,&QWP(6*16,"esp"));	# 0x0...010...87
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-
-	&and	($len,-16);
-	&sub	($len,16*6);
-	&jc	(&label("xts_dec_short"));
-
-	&shr	($rounds,1);
-	&mov	($rounds_,$rounds);
-	&jmp	(&label("xts_dec_loop6"));
-
-&set_label("xts_dec_loop6",16);
-	for ($i=0;$i<4;$i++) {
-	    &pshufd	($twres,$twtmp,0x13);
-	    &pxor	($twtmp,$twtmp);
-	    &movdqa	(&QWP(16*$i,"esp"),$tweak);
-	    &paddq	($tweak,$tweak);	# &psllq($tweak,1);
-	    &pand	($twres,$twmask);	# isolate carry and residue
-	    &pcmpgtd	($twtmp,$tweak);	# broadcast upper bits
-	    &pxor	($tweak,$twres);
-	}
-	&pshufd	($inout5,$twtmp,0x13);
-	&movdqa	(&QWP(16*$i++,"esp"),$tweak);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	 &$movekey	($rndkey0,&QWP(0,$key_));
-	&pand	($inout5,$twmask);		# isolate carry and residue
-	 &movups	($inout0,&QWP(0,$inp));	# load input
-	&pxor	($inout5,$tweak);
-
-	# inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
-	&movdqu	($inout1,&QWP(16*1,$inp));
-	 &xorps		($inout0,$rndkey0);	# input^=rndkey[0]
-	&movdqu	($inout2,&QWP(16*2,$inp));
-	 &pxor		($inout1,$rndkey0);
-	&movdqu	($inout3,&QWP(16*3,$inp));
-	 &pxor		($inout2,$rndkey0);
-	&movdqu	($inout4,&QWP(16*4,$inp));
-	 &pxor		($inout3,$rndkey0);
-	&movdqu	($rndkey1,&QWP(16*5,$inp));
-	 &pxor		($inout4,$rndkey0);
-	&lea	($inp,&DWP(16*6,$inp));
-	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movdqa	(&QWP(16*$i,"esp"),$inout5);	# save last tweak
-	&pxor	($inout5,$rndkey1);
-
-	 &$movekey	($rndkey1,&QWP(16,$key_));
-	 &lea		($key,&DWP(32,$key_));
-	&pxor	($inout1,&QWP(16*1,"esp"));
-	 &aesdec	($inout0,$rndkey1);
-	&pxor	($inout2,&QWP(16*2,"esp"));
-	 &aesdec	($inout1,$rndkey1);
-	&pxor	($inout3,&QWP(16*3,"esp"));
-	 &dec		($rounds);
-	 &aesdec	($inout2,$rndkey1);
-	&pxor	($inout4,&QWP(16*4,"esp"));
-	 &aesdec	($inout3,$rndkey1);
-	&pxor		($inout5,$rndkey0);
-	 &aesdec	($inout4,$rndkey1);
-	 &$movekey	($rndkey0,&QWP(0,$key));
-	 &aesdec	($inout5,$rndkey1);
-	&call		(&label("_aesni_decrypt6_enter"));
-
-	&movdqa	($tweak,&QWP(16*5,"esp"));	# last tweak
-       &pxor	($twtmp,$twtmp);
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-       &pcmpgtd	($twtmp,$tweak);		# broadcast upper bits
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout2,&QWP(16*2,"esp"));
-	&movups	(&QWP(16*1,$out),$inout1);
-	&xorps	($inout3,&QWP(16*3,"esp"));
-	&movups	(&QWP(16*2,$out),$inout2);
-	&xorps	($inout4,&QWP(16*4,"esp"));
-	&movups	(&QWP(16*3,$out),$inout3);
-	&xorps	($inout5,$tweak);
-	&movups	(&QWP(16*4,$out),$inout4);
-       &pshufd	($twres,$twtmp,0x13);
-	&movups	(&QWP(16*5,$out),$inout5);
-	&lea	($out,&DWP(16*6,$out));
-       &movdqa	($twmask,&QWP(16*6,"esp"));	# 0x0...010...87
-
-	&pxor	($twtmp,$twtmp);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&mov	($rounds,$rounds_);		# restore $rounds
-	&pxor	($tweak,$twres);
-
-	&sub	($len,16*6);
-	&jnc	(&label("xts_dec_loop6"));
-
-	&lea	($rounds,&DWP(1,"",$rounds,2));	# restore $rounds
-	&mov	($key,$key_);			# restore $key
-	&mov	($rounds_,$rounds);
-
-&set_label("xts_dec_short");
-	&add	($len,16*6);
-	&jz	(&label("xts_dec_done6x"));
-
-	&movdqa	($inout3,$tweak);		# put aside previous tweak
-	&cmp	($len,0x20);
-	&jb	(&label("xts_dec_one"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&je	(&label("xts_dec_two"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($inout4,$tweak);		# put aside previous tweak
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&cmp	($len,0x40);
-	&jb	(&label("xts_dec_three"));
-
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($inout5,$tweak);		# put aside previous tweak
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-	&movdqa	(&QWP(16*0,"esp"),$inout3);
-	&movdqa	(&QWP(16*1,"esp"),$inout4);
-	&je	(&label("xts_dec_four"));
-
-	&movdqa	(&QWP(16*2,"esp"),$inout5);
-	&pshufd	($inout5,$twtmp,0x13);
-	&movdqa	(&QWP(16*3,"esp"),$tweak);
-	&paddq	($tweak,$tweak);		# &psllq($inout0,1);
-	&pand	($inout5,$twmask);		# isolate carry and residue
-	&pxor	($inout5,$tweak);
-
-	&movdqu	($inout0,&QWP(16*0,$inp));	# load input
-	&movdqu	($inout1,&QWP(16*1,$inp));
-	&movdqu	($inout2,&QWP(16*2,$inp));
-	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movdqu	($inout3,&QWP(16*3,$inp));
-	&pxor	($inout1,&QWP(16*1,"esp"));
-	&movdqu	($inout4,&QWP(16*4,$inp));
-	&pxor	($inout2,&QWP(16*2,"esp"));
-	&lea	($inp,&DWP(16*5,$inp));
-	&pxor	($inout3,&QWP(16*3,"esp"));
-	&movdqa	(&QWP(16*4,"esp"),$inout5);	# save last tweak
-	&pxor	($inout4,$inout5);
-
-	&call	("_aesni_decrypt6");
-
-	&movaps	($tweak,&QWP(16*4,"esp"));	# last tweak
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,&QWP(16*2,"esp"));
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout3,&QWP(16*3,"esp"));
-	&movups	(&QWP(16*1,$out),$inout1);
-	&xorps	($inout4,$tweak);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&movups	(&QWP(16*3,$out),$inout3);
-	&movups	(&QWP(16*4,$out),$inout4);
-	&lea	($out,&DWP(16*5,$out));
-	&jmp	(&label("xts_dec_done"));
-
-&set_label("xts_dec_one",16);
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&lea	($inp,&DWP(16*1,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&lea	($out,&DWP(16*1,$out));
-
-	&movdqa	($tweak,$inout3);		# last tweak
-	&jmp	(&label("xts_dec_done"));
-
-&set_label("xts_dec_two",16);
-	&movaps	($inout4,$tweak);		# put aside last tweak
-
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&lea	($inp,&DWP(16*2,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	&xorps	($inout1,$inout4);
-
-	&call	("_aesni_decrypt3");
-
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&xorps	($inout1,$inout4);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&movups	(&QWP(16*1,$out),$inout1);
-	&lea	($out,&DWP(16*2,$out));
-
-	&movdqa	($tweak,$inout4);		# last tweak
-	&jmp	(&label("xts_dec_done"));
-
-&set_label("xts_dec_three",16);
-	&movaps	($inout5,$tweak);		# put aside last tweak
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&movups	($inout2,&QWP(16*2,$inp));
-	&lea	($inp,&DWP(16*3,$inp));
-	&xorps	($inout0,$inout3);		# input^=tweak
-	&xorps	($inout1,$inout4);
-	&xorps	($inout2,$inout5);
-
-	&call	("_aesni_decrypt3");
-
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&xorps	($inout1,$inout4);
-	&xorps	($inout2,$inout5);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&movups	(&QWP(16*1,$out),$inout1);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&lea	($out,&DWP(16*3,$out));
-
-	&movdqa	($tweak,$inout5);		# last tweak
-	&jmp	(&label("xts_dec_done"));
-
-&set_label("xts_dec_four",16);
-	&movaps	($inout4,$tweak);		# put aside last tweak
-
-	&movups	($inout0,&QWP(16*0,$inp));	# load input
-	&movups	($inout1,&QWP(16*1,$inp));
-	&movups	($inout2,&QWP(16*2,$inp));
-	&xorps	($inout0,&QWP(16*0,"esp"));	# input^=tweak
-	&movups	($inout3,&QWP(16*3,$inp));
-	&lea	($inp,&DWP(16*4,$inp));
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,$inout5);
-	&xorps	($inout3,$inout4);
-
-	&call	("_aesni_decrypt4");
-
-	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
-	&xorps	($inout1,&QWP(16*1,"esp"));
-	&xorps	($inout2,$inout5);
-	&movups	(&QWP(16*0,$out),$inout0);	# write output
-	&xorps	($inout3,$inout4);
-	&movups	(&QWP(16*1,$out),$inout1);
-	&movups	(&QWP(16*2,$out),$inout2);
-	&movups	(&QWP(16*3,$out),$inout3);
-	&lea	($out,&DWP(16*4,$out));
-
-	&movdqa	($tweak,$inout4);		# last tweak
-	&jmp	(&label("xts_dec_done"));
-
-&set_label("xts_dec_done6x",16);		# $tweak is pre-calculated
-	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
-	&and	($len,15);
-	&jz	(&label("xts_dec_ret"));
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
-	&jmp	(&label("xts_dec_only_one_more"));
-
-&set_label("xts_dec_done",16);
-	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
-	&pxor	($twtmp,$twtmp);
-	&and	($len,15);
-	&jz	(&label("xts_dec_ret"));
-
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
-	&pshufd	($twres,$twtmp,0x13);
-	&pxor	($twtmp,$twtmp);
-	&movdqa	($twmask,&QWP(16*6,"esp"));
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($twres,$twmask);		# isolate carry and residue
-	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
-	&pxor	($tweak,$twres);
-
-&set_label("xts_dec_only_one_more");
-	&pshufd	($inout3,$twtmp,0x13);
-	&movdqa	($inout4,$tweak);		# put aside previous tweak
-	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
-	&pand	($inout3,$twmask);		# isolate carry and residue
-	&pxor	($inout3,$tweak);
-
-	&mov	($key,$key_);			# restore $key
-	&mov	($rounds,$rounds_);		# restore $rounds
-
-	&movups	($inout0,&QWP(0,$inp));		# load input
-	&xorps	($inout0,$inout3);		# input^=tweak
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&xorps	($inout0,$inout3);		# output^=tweak
-	&movups	(&QWP(0,$out),$inout0);		# write output
-
-&set_label("xts_dec_steal");
-	&movz	($rounds,&BP(16,$inp));
-	&movz	($key,&BP(0,$out));
-	&lea	($inp,&DWP(1,$inp));
-	&mov	(&BP(0,$out),&LB($rounds));
-	&mov	(&BP(16,$out),&LB($key));
-	&lea	($out,&DWP(1,$out));
-	&sub	($len,1);
-	&jnz	(&label("xts_dec_steal"));
-
-	&sub	($out,&DWP(16*7+0,"esp"));	# rewind $out
-	&mov	($key,$key_);			# restore $key
-	&mov	($rounds,$rounds_);		# restore $rounds
-
-	&movups	($inout0,&QWP(0,$out));		# load input
-	&xorps	($inout0,$inout4);		# input^=tweak
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&xorps	($inout0,$inout4);		# output^=tweak
-	&movups	(&QWP(0,$out),$inout0);		# write output
-
-&set_label("xts_dec_ret");
-	&mov	("esp",&DWP(16*7+4,"esp"));	# restore %esp
-&function_end("aesni_xts_decrypt");
-}
-}
-
-######################################################################
-# void $PREFIX_cbc_encrypt (const void *inp, void *out,
-#                           size_t length, const AES_KEY *key,
-#                           unsigned char *ivp,const int enc);
-&function_begin("${PREFIX}_cbc_encrypt");
-	&mov	($inp,&wparam(0));
-	&mov	($rounds_,"esp");
-	&mov	($out,&wparam(1));
-	&sub	($rounds_,24);
-	&mov	($len,&wparam(2));
-	&and	($rounds_,-16);
-	&mov	($key,&wparam(3));
-	&mov	($key_,&wparam(4));
-	&test	($len,$len);
-	&jz	(&label("cbc_abort"));
-
-	&cmp	(&wparam(5),0);
-	&xchg	($rounds_,"esp");		# alloca
-	&movups	($ivec,&QWP(0,$key_));		# load IV
-	&mov	($rounds,&DWP(240,$key));
-	&mov	($key_,$key);			# backup $key
-	&mov	(&DWP(16,"esp"),$rounds_);	# save original %esp
-	&mov	($rounds_,$rounds);		# backup $rounds
-	&je	(&label("cbc_decrypt"));
-
-	&movaps	($inout0,$ivec);
-	&cmp	($len,16);
-	&jb	(&label("cbc_enc_tail"));
-	&sub	($len,16);
-	&jmp	(&label("cbc_enc_loop"));
-
-&set_label("cbc_enc_loop",16);
-	&movups	($ivec,&QWP(0,$inp));		# input actually
-	&lea	($inp,&DWP(16,$inp));
-	if ($inline)
-	{   &aesni_inline_generate1("enc",$inout0,$ivec);	}
-	else
-	{   &xorps($inout0,$ivec); &call("_aesni_encrypt1");	}
-	&mov	($rounds,$rounds_);	# restore $rounds
-	&mov	($key,$key_);		# restore $key
-	&movups	(&QWP(0,$out),$inout0);	# store output
-	&lea	($out,&DWP(16,$out));
-	&sub	($len,16);
-	&jnc	(&label("cbc_enc_loop"));
-	&add	($len,16);
-	&jnz	(&label("cbc_enc_tail"));
-	&movaps	($ivec,$inout0);
-	&jmp	(&label("cbc_ret"));
-
-&set_label("cbc_enc_tail");
-	&mov	("ecx",$len);		# zaps $rounds
-	&data_word(0xA4F3F689);		# rep movsb
-	&mov	("ecx",16);		# zero tail
-	&sub	("ecx",$len);
-	&xor	("eax","eax");		# zaps $len
-	&data_word(0xAAF3F689);		# rep stosb
-	&lea	($out,&DWP(-16,$out));	# rewind $out by 1 block
-	&mov	($rounds,$rounds_);	# restore $rounds
-	&mov	($inp,$out);		# $inp and $out are the same
-	&mov	($key,$key_);		# restore $key
-	&jmp	(&label("cbc_enc_loop"));
-######################################################################
-&set_label("cbc_decrypt",16);
-	&cmp	($len,0x50);
-	&jbe	(&label("cbc_dec_tail"));
-	&movaps	(&QWP(0,"esp"),$ivec);		# save IV
-	&sub	($len,0x50);
-	&jmp	(&label("cbc_dec_loop6_enter"));
-
-&set_label("cbc_dec_loop6",16);
-	&movaps	(&QWP(0,"esp"),$rndkey0);	# save IV
-	&movups	(&QWP(0,$out),$inout5);
-	&lea	($out,&DWP(0x10,$out));
-&set_label("cbc_dec_loop6_enter");
-	&movdqu	($inout0,&QWP(0,$inp));
-	&movdqu	($inout1,&QWP(0x10,$inp));
-	&movdqu	($inout2,&QWP(0x20,$inp));
-	&movdqu	($inout3,&QWP(0x30,$inp));
-	&movdqu	($inout4,&QWP(0x40,$inp));
-	&movdqu	($inout5,&QWP(0x50,$inp));
-
-	&call	("_aesni_decrypt6");
-
-	&movups	($rndkey1,&QWP(0,$inp));
-	&movups	($rndkey0,&QWP(0x10,$inp));
-	&xorps	($inout0,&QWP(0,"esp"));	# ^=IV
-	&xorps	($inout1,$rndkey1);
-	&movups	($rndkey1,&QWP(0x20,$inp));
-	&xorps	($inout2,$rndkey0);
-	&movups	($rndkey0,&QWP(0x30,$inp));
-	&xorps	($inout3,$rndkey1);
-	&movups	($rndkey1,&QWP(0x40,$inp));
-	&xorps	($inout4,$rndkey0);
-	&movups	($rndkey0,&QWP(0x50,$inp));	# IV
-	&xorps	($inout5,$rndkey1);
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&lea	($inp,&DWP(0x60,$inp));
-	&movups	(&QWP(0x20,$out),$inout2);
-	&mov	($rounds,$rounds_)		# restore $rounds
-	&movups	(&QWP(0x30,$out),$inout3);
-	&mov	($key,$key_);			# restore $key
-	&movups	(&QWP(0x40,$out),$inout4);
-	&lea	($out,&DWP(0x50,$out));
-	&sub	($len,0x60);
-	&ja	(&label("cbc_dec_loop6"));
-
-	&movaps	($inout0,$inout5);
-	&movaps	($ivec,$rndkey0);
-	&add	($len,0x50);
-	&jle	(&label("cbc_dec_tail_collected"));
-	&movups	(&QWP(0,$out),$inout0);
-	&lea	($out,&DWP(0x10,$out));
-&set_label("cbc_dec_tail");
-	&movups	($inout0,&QWP(0,$inp));
-	&movaps	($in0,$inout0);
-	&cmp	($len,0x10);
-	&jbe	(&label("cbc_dec_one"));
-
-	&movups	($inout1,&QWP(0x10,$inp));
-	&movaps	($in1,$inout1);
-	&cmp	($len,0x20);
-	&jbe	(&label("cbc_dec_two"));
-
-	&movups	($inout2,&QWP(0x20,$inp));
-	&cmp	($len,0x30);
-	&jbe	(&label("cbc_dec_three"));
-
-	&movups	($inout3,&QWP(0x30,$inp));
-	&cmp	($len,0x40);
-	&jbe	(&label("cbc_dec_four"));
-
-	&movups	($inout4,&QWP(0x40,$inp));
-	&movaps	(&QWP(0,"esp"),$ivec);		# save IV
-	&movups	($inout0,&QWP(0,$inp));
-	&xorps	($inout5,$inout5);
-	&call	("_aesni_decrypt6");
-	&movups	($rndkey1,&QWP(0,$inp));
-	&movups	($rndkey0,&QWP(0x10,$inp));
-	&xorps	($inout0,&QWP(0,"esp"));	# ^= IV
-	&xorps	($inout1,$rndkey1);
-	&movups	($rndkey1,&QWP(0x20,$inp));
-	&xorps	($inout2,$rndkey0);
-	&movups	($rndkey0,&QWP(0x30,$inp));
-	&xorps	($inout3,$rndkey1);
-	&movups	($ivec,&QWP(0x40,$inp));	# IV
-	&xorps	($inout4,$rndkey0);
-	&movups	(&QWP(0,$out),$inout0);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&movups	(&QWP(0x30,$out),$inout3);
-	&lea	($out,&DWP(0x40,$out));
-	&movaps	($inout0,$inout4);
-	&sub	($len,0x50);
-	&jmp	(&label("cbc_dec_tail_collected"));
-
-&set_label("cbc_dec_one",16);
-	if ($inline)
-	{   &aesni_inline_generate1("dec");	}
-	else
-	{   &call	("_aesni_decrypt1");	}
-	&xorps	($inout0,$ivec);
-	&movaps	($ivec,$in0);
-	&sub	($len,0x10);
-	&jmp	(&label("cbc_dec_tail_collected"));
-
-&set_label("cbc_dec_two",16);
-	&xorps	($inout2,$inout2);
-	&call	("_aesni_decrypt3");
-	&xorps	($inout0,$ivec);
-	&xorps	($inout1,$in0);
-	&movups	(&QWP(0,$out),$inout0);
-	&movaps	($inout0,$inout1);
-	&lea	($out,&DWP(0x10,$out));
-	&movaps	($ivec,$in1);
-	&sub	($len,0x20);
-	&jmp	(&label("cbc_dec_tail_collected"));
-
-&set_label("cbc_dec_three",16);
-	&call	("_aesni_decrypt3");
-	&xorps	($inout0,$ivec);
-	&xorps	($inout1,$in0);
-	&xorps	($inout2,$in1);
-	&movups	(&QWP(0,$out),$inout0);
-	&movaps	($inout0,$inout2);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&lea	($out,&DWP(0x20,$out));
-	&movups	($ivec,&QWP(0x20,$inp));
-	&sub	($len,0x30);
-	&jmp	(&label("cbc_dec_tail_collected"));
-
-&set_label("cbc_dec_four",16);
-	&call	("_aesni_decrypt4");
-	&movups	($rndkey1,&QWP(0x10,$inp));
-	&movups	($rndkey0,&QWP(0x20,$inp));
-	&xorps	($inout0,$ivec);
-	&movups	($ivec,&QWP(0x30,$inp));
-	&xorps	($inout1,$in0);
-	&movups	(&QWP(0,$out),$inout0);
-	&xorps	($inout2,$rndkey1);
-	&movups	(&QWP(0x10,$out),$inout1);
-	&xorps	($inout3,$rndkey0);
-	&movups	(&QWP(0x20,$out),$inout2);
-	&lea	($out,&DWP(0x30,$out));
-	&movaps	($inout0,$inout3);
-	&sub	($len,0x40);
-
-&set_label("cbc_dec_tail_collected");
-	&and	($len,15);
-	&jnz	(&label("cbc_dec_tail_partial"));
-	&movups	(&QWP(0,$out),$inout0);
-	&jmp	(&label("cbc_ret"));
-
-&set_label("cbc_dec_tail_partial",16);
-	&movaps	(&QWP(0,"esp"),$inout0);
-	&mov	("ecx",16);
-	&mov	($inp,"esp");
-	&sub	("ecx",$len);
-	&data_word(0xA4F3F689);		# rep movsb
-
-&set_label("cbc_ret");
-	&mov	("esp",&DWP(16,"esp"));	# pull original %esp
-	&mov	($key_,&wparam(4));
-	&movups	(&QWP(0,$key_),$ivec);	# output IV
-&set_label("cbc_abort");
-&function_end("${PREFIX}_cbc_encrypt");
-
-######################################################################
-# Mechanical port from aesni-x86_64.pl.
-#
-# _aesni_set_encrypt_key is private interface,
-# input:
-#	"eax"	const unsigned char *userKey
-#	$rounds	int bits
-#	$key	AES_KEY *key
-# output:
-#	"eax"	return code
-#	$round	rounds
-
-&function_begin_B("_aesni_set_encrypt_key");
-	&test	("eax","eax");
-	&jz	(&label("bad_pointer"));
-	&test	($key,$key);
-	&jz	(&label("bad_pointer"));
-
-	&movups	("xmm0",&QWP(0,"eax"));	# pull first 128 bits of *userKey
-	&xorps	("xmm4","xmm4");	# low dword of xmm4 is assumed 0
-	&lea	($key,&DWP(16,$key));
-	&cmp	($rounds,256);
-	&je	(&label("14rounds"));
-	&cmp	($rounds,192);
-	&je	(&label("12rounds"));
-	&cmp	($rounds,128);
-	&jne	(&label("bad_keybits"));
-
-&set_label("10rounds",16);
-	&mov		($rounds,9);
-	&$movekey	(&QWP(-16,$key),"xmm0");	# round 0
-	&aeskeygenassist("xmm1","xmm0",0x01);		# round 1
-	&call		(&label("key_128_cold"));
-	&aeskeygenassist("xmm1","xmm0",0x2);		# round 2
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x04);		# round 3
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x08);		# round 4
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x10);		# round 5
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x20);		# round 6
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x40);		# round 7
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x80);		# round 8
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x1b);		# round 9
-	&call		(&label("key_128"));
-	&aeskeygenassist("xmm1","xmm0",0x36);		# round 10
-	&call		(&label("key_128"));
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&mov		(&DWP(80,$key),$rounds);
-	&xor		("eax","eax");
-	&ret();
-
-&set_label("key_128",16);
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&lea		($key,&DWP(16,$key));
-&set_label("key_128_cold");
-	&shufps		("xmm4","xmm0",0b00010000);
-	&xorps		("xmm0","xmm4");
-	&shufps		("xmm4","xmm0",0b10001100);
-	&xorps		("xmm0","xmm4");
-	&shufps		("xmm1","xmm1",0b11111111);	# critical path
-	&xorps		("xmm0","xmm1");
-	&ret();
-
-&set_label("12rounds",16);
-	&movq		("xmm2",&QWP(16,"eax"));	# remaining 1/3 of *userKey
-	&mov		($rounds,11);
-	&$movekey	(&QWP(-16,$key),"xmm0")		# round 0
-	&aeskeygenassist("xmm1","xmm2",0x01);		# round 1,2
-	&call		(&label("key_192a_cold"));
-	&aeskeygenassist("xmm1","xmm2",0x02);		# round 2,3
-	&call		(&label("key_192b"));
-	&aeskeygenassist("xmm1","xmm2",0x04);		# round 4,5
-	&call		(&label("key_192a"));
-	&aeskeygenassist("xmm1","xmm2",0x08);		# round 5,6
-	&call		(&label("key_192b"));
-	&aeskeygenassist("xmm1","xmm2",0x10);		# round 7,8
-	&call		(&label("key_192a"));
-	&aeskeygenassist("xmm1","xmm2",0x20);		# round 8,9
-	&call		(&label("key_192b"));
-	&aeskeygenassist("xmm1","xmm2",0x40);		# round 10,11
-	&call		(&label("key_192a"));
-	&aeskeygenassist("xmm1","xmm2",0x80);		# round 11,12
-	&call		(&label("key_192b"));
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&mov		(&DWP(48,$key),$rounds);
-	&xor		("eax","eax");
-	&ret();
-
-&set_label("key_192a",16);
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&lea		($key,&DWP(16,$key));
-&set_label("key_192a_cold",16);
-	&movaps		("xmm5","xmm2");
-&set_label("key_192b_warm");
-	&shufps		("xmm4","xmm0",0b00010000);
-	&movdqa		("xmm3","xmm2");
-	&xorps		("xmm0","xmm4");
-	&shufps		("xmm4","xmm0",0b10001100);
-	&pslldq		("xmm3",4);
-	&xorps		("xmm0","xmm4");
-	&pshufd		("xmm1","xmm1",0b01010101);	# critical path
-	&pxor		("xmm2","xmm3");
-	&pxor		("xmm0","xmm1");
-	&pshufd		("xmm3","xmm0",0b11111111);
-	&pxor		("xmm2","xmm3");
-	&ret();
-
-&set_label("key_192b",16);
-	&movaps		("xmm3","xmm0");
-	&shufps		("xmm5","xmm0",0b01000100);
-	&$movekey	(&QWP(0,$key),"xmm5");
-	&shufps		("xmm3","xmm2",0b01001110);
-	&$movekey	(&QWP(16,$key),"xmm3");
-	&lea		($key,&DWP(32,$key));
-	&jmp		(&label("key_192b_warm"));
-
-&set_label("14rounds",16);
-	&movups		("xmm2",&QWP(16,"eax"));	# remaining half of *userKey
-	&mov		($rounds,13);
-	&lea		($key,&DWP(16,$key));
-	&$movekey	(&QWP(-32,$key),"xmm0");	# round 0
-	&$movekey	(&QWP(-16,$key),"xmm2");	# round 1
-	&aeskeygenassist("xmm1","xmm2",0x01);		# round 2
-	&call		(&label("key_256a_cold"));
-	&aeskeygenassist("xmm1","xmm0",0x01);		# round 3
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x02);		# round 4
-	&call		(&label("key_256a"));
-	&aeskeygenassist("xmm1","xmm0",0x02);		# round 5
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x04);		# round 6
-	&call		(&label("key_256a"));
-	&aeskeygenassist("xmm1","xmm0",0x04);		# round 7
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x08);		# round 8
-	&call		(&label("key_256a"));
-	&aeskeygenassist("xmm1","xmm0",0x08);		# round 9
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x10);		# round 10
-	&call		(&label("key_256a"));
-	&aeskeygenassist("xmm1","xmm0",0x10);		# round 11
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x20);		# round 12
-	&call		(&label("key_256a"));
-	&aeskeygenassist("xmm1","xmm0",0x20);		# round 13
-	&call		(&label("key_256b"));
-	&aeskeygenassist("xmm1","xmm2",0x40);		# round 14
-	&call		(&label("key_256a"));
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&mov		(&DWP(16,$key),$rounds);
-	&xor		("eax","eax");
-	&ret();
-
-&set_label("key_256a",16);
-	&$movekey	(&QWP(0,$key),"xmm2");
-	&lea		($key,&DWP(16,$key));
-&set_label("key_256a_cold");
-	&shufps		("xmm4","xmm0",0b00010000);
-	&xorps		("xmm0","xmm4");
-	&shufps		("xmm4","xmm0",0b10001100);
-	&xorps		("xmm0","xmm4");
-	&shufps		("xmm1","xmm1",0b11111111);	# critical path
-	&xorps		("xmm0","xmm1");
-	&ret();
-
-&set_label("key_256b",16);
-	&$movekey	(&QWP(0,$key),"xmm0");
-	&lea		($key,&DWP(16,$key));
-
-	&shufps		("xmm4","xmm2",0b00010000);
-	&xorps		("xmm2","xmm4");
-	&shufps		("xmm4","xmm2",0b10001100);
-	&xorps		("xmm2","xmm4");
-	&shufps		("xmm1","xmm1",0b10101010);	# critical path
-	&xorps		("xmm2","xmm1");
-	&ret();
-
-&set_label("bad_pointer",4);
-	&mov	("eax",-1);
-	&ret	();
-&set_label("bad_keybits",4);
-	&mov	("eax",-2);
-	&ret	();
-&function_end_B("_aesni_set_encrypt_key");
-
-# int $PREFIX_set_encrypt_key (const unsigned char *userKey, int bits,
-#                              AES_KEY *key)
-&function_begin_B("${PREFIX}_set_encrypt_key");
-	&mov	("eax",&wparam(0));
-	&mov	($rounds,&wparam(1));
-	&mov	($key,&wparam(2));
-	&call	("_aesni_set_encrypt_key");
-	&ret	();
-&function_end_B("${PREFIX}_set_encrypt_key");
-
-# int $PREFIX_set_decrypt_key (const unsigned char *userKey, int bits,
-#                              AES_KEY *key)
-&function_begin_B("${PREFIX}_set_decrypt_key");
-	&mov	("eax",&wparam(0));
-	&mov	($rounds,&wparam(1));
-	&mov	($key,&wparam(2));
-	&call	("_aesni_set_encrypt_key");
-	&mov	($key,&wparam(2));
-	&shl	($rounds,4)	# rounds-1 after _aesni_set_encrypt_key
-	&test	("eax","eax");
-	&jnz	(&label("dec_key_ret"));
-	&lea	("eax",&DWP(16,$key,$rounds));	# end of key schedule
-
-	&$movekey	("xmm0",&QWP(0,$key));	# just swap
-	&$movekey	("xmm1",&QWP(0,"eax"));
-	&$movekey	(&QWP(0,"eax"),"xmm0");
-	&$movekey	(&QWP(0,$key),"xmm1");
-	&lea		($key,&DWP(16,$key));
-	&lea		("eax",&DWP(-16,"eax"));
-
-&set_label("dec_key_inverse");
-	&$movekey	("xmm0",&QWP(0,$key));	# swap and inverse
-	&$movekey	("xmm1",&QWP(0,"eax"));
-	&aesimc		("xmm0","xmm0");
-	&aesimc		("xmm1","xmm1");
-	&lea		($key,&DWP(16,$key));
-	&lea		("eax",&DWP(-16,"eax"));
-	&$movekey	(&QWP(16,"eax"),"xmm0");
-	&$movekey	(&QWP(-16,$key),"xmm1");
-	&cmp		("eax",$key);
-	&ja		(&label("dec_key_inverse"));
-
-	&$movekey	("xmm0",&QWP(0,$key));	# inverse middle
-	&aesimc		("xmm0","xmm0");
-	&$movekey	(&QWP(0,$key),"xmm0");
-
-	&xor		("eax","eax");		# return success
-&set_label("dec_key_ret");
-	&ret	();
-&function_end_B("${PREFIX}_set_decrypt_key");
-&asciz("AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/aes/asm/aesni-x86_64.pl b/lib/libssl/src/crypto/aes/asm/aesni-x86_64.pl
deleted file mode 100644
index c073667fcbc..00000000000
--- a/lib/libssl/src/crypto/aes/asm/aesni-x86_64.pl
+++ /dev/null
@@ -1,3041 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# This module implements support for Intel AES-NI extension. In
-# OpenSSL context it's used with Intel engine, but can also be used as
-# drop-in replacement for crypto/aes/asm/aes-x86_64.pl [see below for
-# details].
-#
-# Performance.
-#
-# Given aes(enc|dec) instructions' latency asymptotic performance for
-# non-parallelizable modes such as CBC encrypt is 3.75 cycles per byte
-# processed with 128-bit key. And given their throughput asymptotic
-# performance for parallelizable modes is 1.25 cycles per byte. Being
-# asymptotic limit it's not something you commonly achieve in reality,
-# but how close does one get? Below are results collected for
-# different modes and block sized. Pairs of numbers are for en-/
-# decryption.
-#
-#	16-byte     64-byte     256-byte    1-KB        8-KB
-# ECB	4.25/4.25   1.38/1.38   1.28/1.28   1.26/1.26	1.26/1.26
-# CTR	5.42/5.42   1.92/1.92   1.44/1.44   1.28/1.28   1.26/1.26
-# CBC	4.38/4.43   4.15/1.43   4.07/1.32   4.07/1.29   4.06/1.28
-# CCM	5.66/9.42   4.42/5.41   4.16/4.40   4.09/4.15   4.06/4.07   
-# OFB	5.42/5.42   4.64/4.64   4.44/4.44   4.39/4.39   4.38/4.38
-# CFB	5.73/5.85   5.56/5.62   5.48/5.56   5.47/5.55   5.47/5.55
-#
-# ECB, CTR, CBC and CCM results are free from EVP overhead. This means
-# that otherwise used 'openssl speed -evp aes-128-??? -engine aesni
-# [-decrypt]' will exhibit 10-15% worse results for smaller blocks.
-# The results were collected with specially crafted speed.c benchmark
-# in order to compare them with results reported in "Intel Advanced
-# Encryption Standard (AES) New Instruction Set" White Paper Revision
-# 3.0 dated May 2010. All above results are consistently better. This
-# module also provides better performance for block sizes smaller than
-# 128 bytes in points *not* represented in the above table.
-#
-# Looking at the results for 8-KB buffer.
-#
-# CFB and OFB results are far from the limit, because implementation
-# uses "generic" CRYPTO_[c|o]fb128_encrypt interfaces relying on
-# single-block aesni_encrypt, which is not the most optimal way to go.
-# CBC encrypt result is unexpectedly high and there is no documented
-# explanation for it. Seemingly there is a small penalty for feeding
-# the result back to AES unit the way it's done in CBC mode. There is
-# nothing one can do and the result appears optimal. CCM result is
-# identical to CBC, because CBC-MAC is essentially CBC encrypt without
-# saving output. CCM CTR "stays invisible," because it's neatly
-# interleaved wih CBC-MAC. This provides ~30% improvement over
-# "straghtforward" CCM implementation with CTR and CBC-MAC performed
-# disjointly. Parallelizable modes practically achieve the theoretical
-# limit.
-#
-# Looking at how results vary with buffer size.
-#
-# Curves are practically saturated at 1-KB buffer size. In most cases
-# "256-byte" performance is >95%, and "64-byte" is ~90% of "8-KB" one.
-# CTR curve doesn't follow this pattern and is "slowest" changing one
-# with "256-byte" result being 87% of "8-KB." This is because overhead
-# in CTR mode is most computationally intensive. Small-block CCM
-# decrypt is slower than encrypt, because first CTR and last CBC-MAC
-# iterations can't be interleaved.
-#
-# Results for 192- and 256-bit keys.
-#
-# EVP-free results were observed to scale perfectly with number of
-# rounds for larger block sizes, i.e. 192-bit result being 10/12 times
-# lower and 256-bit one - 10/14. Well, in CBC encrypt case differences
-# are a tad smaller, because the above mentioned penalty biases all
-# results by same constant value. In similar way function call
-# overhead affects small-block performance, as well as OFB and CFB
-# results. Differences are not large, most common coefficients are
-# 10/11.7 and 10/13.4 (as opposite to 10/12.0 and 10/14.0), but one
-# observe even 10/11.2 and 10/12.4 (CTR, OFB, CFB)...
-
-# January 2011
-#
-# While Westmere processor features 6 cycles latency for aes[enc|dec]
-# instructions, which can be scheduled every second cycle, Sandy
-# Bridge spends 8 cycles per instruction, but it can schedule them
-# every cycle. This means that code targeting Westmere would perform
-# suboptimally on Sandy Bridge. Therefore this update.
-#
-# In addition, non-parallelizable CBC encrypt (as well as CCM) is
-# optimized. Relative improvement might appear modest, 8% on Westmere,
-# but in absolute terms it's 3.77 cycles per byte encrypted with
-# 128-bit key on Westmere, and 5.07 - on Sandy Bridge. These numbers
-# should be compared to asymptotic limits of 3.75 for Westmere and
-# 5.00 for Sandy Bridge. Actually, the fact that they get this close
-# to asymptotic limits is quite amazing. Indeed, the limit is
-# calculated as latency times number of rounds, 10 for 128-bit key,
-# and divided by 16, the number of bytes in block, or in other words
-# it accounts *solely* for aesenc instructions. But there are extra
-# instructions, and numbers so close to the asymptotic limits mean
-# that it's as if it takes as little as *one* additional cycle to
-# execute all of them. How is it possible? It is possible thanks to
-# out-of-order execution logic, which manages to overlap post-
-# processing of previous block, things like saving the output, with
-# actual encryption of current block, as well as pre-processing of
-# current block, things like fetching input and xor-ing it with
-# 0-round element of the key schedule, with actual encryption of
-# previous block. Keep this in mind...
-#
-# For parallelizable modes, such as ECB, CBC decrypt, CTR, higher
-# performance is achieved by interleaving instructions working on
-# independent blocks. In which case asymptotic limit for such modes
-# can be obtained by dividing above mentioned numbers by AES
-# instructions' interleave factor. Westmere can execute at most 3 
-# instructions at a time, meaning that optimal interleave factor is 3,
-# and that's where the "magic" number of 1.25 come from. "Optimal
-# interleave factor" means that increase of interleave factor does
-# not improve performance. The formula has proven to reflect reality
-# pretty well on Westmere... Sandy Bridge on the other hand can
-# execute up to 8 AES instructions at a time, so how does varying
-# interleave factor affect the performance? Here is table for ECB
-# (numbers are cycles per byte processed with 128-bit key):
-#
-# instruction interleave factor		3x	6x	8x
-# theoretical asymptotic limit		1.67	0.83	0.625
-# measured performance for 8KB block	1.05	0.86	0.84
-#
-# "as if" interleave factor		4.7x	5.8x	6.0x
-#
-# Further data for other parallelizable modes:
-#
-# CBC decrypt				1.16	0.93	0.93
-# CTR					1.14	0.91	n/a
-#
-# Well, given 3x column it's probably inappropriate to call the limit
-# asymptotic, if it can be surpassed, isn't it? What happens there?
-# Rewind to CBC paragraph for the answer. Yes, out-of-order execution
-# magic is responsible for this. Processor overlaps not only the
-# additional instructions with AES ones, but even AES instuctions
-# processing adjacent triplets of independent blocks. In the 6x case
-# additional instructions  still claim disproportionally small amount
-# of additional cycles, but in 8x case number of instructions must be
-# a tad too high for out-of-order logic to cope with, and AES unit
-# remains underutilized... As you can see 8x interleave is hardly
-# justifiable, so there no need to feel bad that 32-bit aesni-x86.pl
-# utilizies 6x interleave because of limited register bank capacity.
-#
-# Higher interleave factors do have negative impact on Westmere
-# performance. While for ECB mode it's negligible ~1.5%, other
-# parallelizables perform ~5% worse, which is outweighed by ~25%
-# improvement on Sandy Bridge. To balance regression on Westmere
-# CTR mode was implemented with 6x aesenc interleave factor.
-
-# April 2011
-#
-# Add aesni_xts_[en|de]crypt. Westmere spends 1.33 cycles processing
-# one byte out of 8KB with 128-bit key, Sandy Bridge - 0.97. Just like
-# in CTR mode AES instruction interleave factor was chosen to be 6x.
-
-$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
-			# generates drop-in replacement for
-			# crypto/aes/asm/aes-x86_64.pl:-)
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$movkey = $PREFIX eq "aesni" ? "movups" : "movups";
-@_4args=$win64?	("%rcx","%rdx","%r8", "%r9") :	# Win64 order
-		("%rdi","%rsi","%rdx","%rcx");	# Unix order
-
-$code=".text\n";
-
-$rounds="%eax";	# input to and changed by aesni_[en|de]cryptN !!!
-# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ...
-$inp="%rdi";
-$out="%rsi";
-$len="%rdx";
-$key="%rcx";	# input to and changed by aesni_[en|de]cryptN !!!
-$ivp="%r8";	# cbc, ctr, ...
-
-$rnds_="%r10d";	# backup copy for $rounds
-$key_="%r11";	# backup copy for $key
-
-# %xmm register layout
-$rndkey0="%xmm0";	$rndkey1="%xmm1";
-$inout0="%xmm2";	$inout1="%xmm3";
-$inout2="%xmm4";	$inout3="%xmm5";
-$inout4="%xmm6";	$inout5="%xmm7";
-$inout6="%xmm8";	$inout7="%xmm9";
-
-$in2="%xmm6";		$in1="%xmm7";	# used in CBC decrypt, CTR, ...
-$in0="%xmm8";		$iv="%xmm9";
-
-# Inline version of internal aesni_[en|de]crypt1.
-#
-# Why folded loop? Because aes[enc|dec] is slow enough to accommodate
-# cycles which take care of loop variables...
-{ my $sn;
-sub aesni_generate1 {
-my ($p,$key,$rounds,$inout,$ivec)=@_;	$inout=$inout0 if (!defined($inout));
-++$sn;
-$code.=<<___;
-	$movkey	($key),$rndkey0
-	$movkey	16($key),$rndkey1
-___
-$code.=<<___ if (defined($ivec));
-	xorps	$rndkey0,$ivec
-	lea	32($key),$key
-	xorps	$ivec,$inout
-___
-$code.=<<___ if (!defined($ivec));
-	lea	32($key),$key
-	xorps	$rndkey0,$inout
-___
-$code.=<<___;
-.Loop_${p}1_$sn:
-	aes${p}	$rndkey1,$inout
-	dec	$rounds
-	$movkey	($key),$rndkey1
-	lea	16($key),$key
-	jnz	.Loop_${p}1_$sn	# loop body is 16 bytes
-	aes${p}last	$rndkey1,$inout
-___
-}}
-# void $PREFIX_[en|de]crypt (const void *inp,void *out,const AES_KEY *key);
-#
-{ my ($inp,$out,$key) = @_4args;
-
-$code.=<<___;
-.globl	${PREFIX}_encrypt
-.type	${PREFIX}_encrypt,\@abi-omnipotent
-.align	16
-${PREFIX}_encrypt:
-	movups	($inp),$inout0		# load input
-	mov	240($key),$rounds	# key->rounds
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	movups	$inout0,($out)		# output
-	ret
-.size	${PREFIX}_encrypt,.-${PREFIX}_encrypt
-
-.globl	${PREFIX}_decrypt
-.type	${PREFIX}_decrypt,\@abi-omnipotent
-.align	16
-${PREFIX}_decrypt:
-	movups	($inp),$inout0		# load input
-	mov	240($key),$rounds	# key->rounds
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	movups	$inout0,($out)		# output
-	ret
-.size	${PREFIX}_decrypt, .-${PREFIX}_decrypt
-___
-}
-
-# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
-# factor. Why 3x subroutine were originally used in loops? Even though
-# aes[enc|dec] latency was originally 6, it could be scheduled only
-# every *2nd* cycle. Thus 3x interleave was the one providing optimal
-# utilization, i.e. when subroutine's throughput is virtually same as
-# of non-interleaved subroutine [for number of input blocks up to 3].
-# This is why it makes no sense to implement 2x subroutine.
-# aes[enc|dec] latency in next processor generation is 8, but the
-# instructions can be scheduled every cycle. Optimal interleave for
-# new processor is therefore 8x...
-sub aesni_generate3 {
-my $dir=shift;
-# As already mentioned it takes in $key and $rounds, which are *not*
-# preserved. $inout[0-2] is cipher/clear text...
-$code.=<<___;
-.type	_aesni_${dir}rypt3,\@abi-omnipotent
-.align	16
-_aesni_${dir}rypt3:
-	$movkey	($key),$rndkey0
-	shr	\$1,$rounds
-	$movkey	16($key),$rndkey1
-	lea	32($key),$key
-	xorps	$rndkey0,$inout0
-	xorps	$rndkey0,$inout1
-	xorps	$rndkey0,$inout2
-	$movkey		($key),$rndkey0
-
-.L${dir}_loop3:
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout2
-	$movkey		16($key),$rndkey1
-	aes${dir}	$rndkey0,$inout0
-	aes${dir}	$rndkey0,$inout1
-	lea		32($key),$key
-	aes${dir}	$rndkey0,$inout2
-	$movkey		($key),$rndkey0
-	jnz		.L${dir}_loop3
-
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}last	$rndkey0,$inout0
-	aes${dir}last	$rndkey0,$inout1
-	aes${dir}last	$rndkey0,$inout2
-	ret
-.size	_aesni_${dir}rypt3,.-_aesni_${dir}rypt3
-___
-}
-# 4x interleave is implemented to improve small block performance,
-# most notably [and naturally] 4 block by ~30%. One can argue that one
-# should have implemented 5x as well, but improvement would be <20%,
-# so it's not worth it...
-sub aesni_generate4 {
-my $dir=shift;
-# As already mentioned it takes in $key and $rounds, which are *not*
-# preserved. $inout[0-3] is cipher/clear text...
-$code.=<<___;
-.type	_aesni_${dir}rypt4,\@abi-omnipotent
-.align	16
-_aesni_${dir}rypt4:
-	$movkey	($key),$rndkey0
-	shr	\$1,$rounds
-	$movkey	16($key),$rndkey1
-	lea	32($key),$key
-	xorps	$rndkey0,$inout0
-	xorps	$rndkey0,$inout1
-	xorps	$rndkey0,$inout2
-	xorps	$rndkey0,$inout3
-	$movkey	($key),$rndkey0
-
-.L${dir}_loop4:
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	$movkey		16($key),$rndkey1
-	aes${dir}	$rndkey0,$inout0
-	aes${dir}	$rndkey0,$inout1
-	lea		32($key),$key
-	aes${dir}	$rndkey0,$inout2
-	aes${dir}	$rndkey0,$inout3
-	$movkey		($key),$rndkey0
-	jnz		.L${dir}_loop4
-
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	aes${dir}last	$rndkey0,$inout0
-	aes${dir}last	$rndkey0,$inout1
-	aes${dir}last	$rndkey0,$inout2
-	aes${dir}last	$rndkey0,$inout3
-	ret
-.size	_aesni_${dir}rypt4,.-_aesni_${dir}rypt4
-___
-}
-sub aesni_generate6 {
-my $dir=shift;
-# As already mentioned it takes in $key and $rounds, which are *not*
-# preserved. $inout[0-5] is cipher/clear text...
-$code.=<<___;
-.type	_aesni_${dir}rypt6,\@abi-omnipotent
-.align	16
-_aesni_${dir}rypt6:
-	$movkey		($key),$rndkey0
-	shr		\$1,$rounds
-	$movkey		16($key),$rndkey1
-	lea		32($key),$key
-	xorps		$rndkey0,$inout0
-	pxor		$rndkey0,$inout1
-	aes${dir}	$rndkey1,$inout0
-	pxor		$rndkey0,$inout2
-	aes${dir}	$rndkey1,$inout1
-	pxor		$rndkey0,$inout3
-	aes${dir}	$rndkey1,$inout2
-	pxor		$rndkey0,$inout4
-	aes${dir}	$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout4
-	$movkey		($key),$rndkey0
-	aes${dir}	$rndkey1,$inout5
-	jmp		.L${dir}_loop6_enter
-.align	16
-.L${dir}_loop6:
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	aes${dir}	$rndkey1,$inout4
-	aes${dir}	$rndkey1,$inout5
-.L${dir}_loop6_enter:				# happens to be 16-byte aligned
-	$movkey		16($key),$rndkey1
-	aes${dir}	$rndkey0,$inout0
-	aes${dir}	$rndkey0,$inout1
-	lea		32($key),$key
-	aes${dir}	$rndkey0,$inout2
-	aes${dir}	$rndkey0,$inout3
-	aes${dir}	$rndkey0,$inout4
-	aes${dir}	$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	jnz		.L${dir}_loop6
-
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	aes${dir}	$rndkey1,$inout4
-	aes${dir}	$rndkey1,$inout5
-	aes${dir}last	$rndkey0,$inout0
-	aes${dir}last	$rndkey0,$inout1
-	aes${dir}last	$rndkey0,$inout2
-	aes${dir}last	$rndkey0,$inout3
-	aes${dir}last	$rndkey0,$inout4
-	aes${dir}last	$rndkey0,$inout5
-	ret
-.size	_aesni_${dir}rypt6,.-_aesni_${dir}rypt6
-___
-}
-sub aesni_generate8 {
-my $dir=shift;
-# As already mentioned it takes in $key and $rounds, which are *not*
-# preserved. $inout[0-7] is cipher/clear text...
-$code.=<<___;
-.type	_aesni_${dir}rypt8,\@abi-omnipotent
-.align	16
-_aesni_${dir}rypt8:
-	$movkey		($key),$rndkey0
-	shr		\$1,$rounds
-	$movkey		16($key),$rndkey1
-	lea		32($key),$key
-	xorps		$rndkey0,$inout0
-	xorps		$rndkey0,$inout1
-	aes${dir}	$rndkey1,$inout0
-	pxor		$rndkey0,$inout2
-	aes${dir}	$rndkey1,$inout1
-	pxor		$rndkey0,$inout3
-	aes${dir}	$rndkey1,$inout2
-	pxor		$rndkey0,$inout4
-	aes${dir}	$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout4
-	pxor		$rndkey0,$inout6
-	aes${dir}	$rndkey1,$inout5
-	pxor		$rndkey0,$inout7
-	$movkey		($key),$rndkey0
-	aes${dir}	$rndkey1,$inout6
-	aes${dir}	$rndkey1,$inout7
-	$movkey		16($key),$rndkey1
-	jmp		.L${dir}_loop8_enter
-.align	16
-.L${dir}_loop8:
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	dec		$rounds
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	aes${dir}	$rndkey1,$inout4
-	aes${dir}	$rndkey1,$inout5
-	aes${dir}	$rndkey1,$inout6
-	aes${dir}	$rndkey1,$inout7
-	$movkey		16($key),$rndkey1
-.L${dir}_loop8_enter:				# happens to be 16-byte aligned
-	aes${dir}	$rndkey0,$inout0
-	aes${dir}	$rndkey0,$inout1
-	lea		32($key),$key
-	aes${dir}	$rndkey0,$inout2
-	aes${dir}	$rndkey0,$inout3
-	aes${dir}	$rndkey0,$inout4
-	aes${dir}	$rndkey0,$inout5
-	aes${dir}	$rndkey0,$inout6
-	aes${dir}	$rndkey0,$inout7
-	$movkey		($key),$rndkey0
-	jnz		.L${dir}_loop8
-
-	aes${dir}	$rndkey1,$inout0
-	aes${dir}	$rndkey1,$inout1
-	aes${dir}	$rndkey1,$inout2
-	aes${dir}	$rndkey1,$inout3
-	aes${dir}	$rndkey1,$inout4
-	aes${dir}	$rndkey1,$inout5
-	aes${dir}	$rndkey1,$inout6
-	aes${dir}	$rndkey1,$inout7
-	aes${dir}last	$rndkey0,$inout0
-	aes${dir}last	$rndkey0,$inout1
-	aes${dir}last	$rndkey0,$inout2
-	aes${dir}last	$rndkey0,$inout3
-	aes${dir}last	$rndkey0,$inout4
-	aes${dir}last	$rndkey0,$inout5
-	aes${dir}last	$rndkey0,$inout6
-	aes${dir}last	$rndkey0,$inout7
-	ret
-.size	_aesni_${dir}rypt8,.-_aesni_${dir}rypt8
-___
-}
-&aesni_generate3("enc") if ($PREFIX eq "aesni");
-&aesni_generate3("dec");
-&aesni_generate4("enc") if ($PREFIX eq "aesni");
-&aesni_generate4("dec");
-&aesni_generate6("enc") if ($PREFIX eq "aesni");
-&aesni_generate6("dec");
-&aesni_generate8("enc") if ($PREFIX eq "aesni");
-&aesni_generate8("dec");
-
-if ($PREFIX eq "aesni") {
-########################################################################
-# void aesni_ecb_encrypt (const void *in, void *out,
-#			  size_t length, const AES_KEY *key,
-#			  int enc);
-$code.=<<___;
-.globl	aesni_ecb_encrypt
-.type	aesni_ecb_encrypt,\@function,5
-.align	16
-aesni_ecb_encrypt:
-	and	\$-16,$len
-	jz	.Lecb_ret
-
-	mov	240($key),$rounds	# key->rounds
-	$movkey	($key),$rndkey0
-	mov	$key,$key_		# backup $key
-	mov	$rounds,$rnds_		# backup $rounds
-	test	%r8d,%r8d		# 5th argument
-	jz	.Lecb_decrypt
-#--------------------------- ECB ENCRYPT ------------------------------#
-	cmp	\$0x80,$len
-	jb	.Lecb_enc_tail
-
-	movdqu	($inp),$inout0
-	movdqu	0x10($inp),$inout1
-	movdqu	0x20($inp),$inout2
-	movdqu	0x30($inp),$inout3
-	movdqu	0x40($inp),$inout4
-	movdqu	0x50($inp),$inout5
-	movdqu	0x60($inp),$inout6
-	movdqu	0x70($inp),$inout7
-	lea	0x80($inp),$inp
-	sub	\$0x80,$len
-	jmp	.Lecb_enc_loop8_enter
-.align 16
-.Lecb_enc_loop8:
-	movups	$inout0,($out)
-	mov	$key_,$key		# restore $key
-	movdqu	($inp),$inout0
-	mov	$rnds_,$rounds		# restore $rounds
-	movups	$inout1,0x10($out)
-	movdqu	0x10($inp),$inout1
-	movups	$inout2,0x20($out)
-	movdqu	0x20($inp),$inout2
-	movups	$inout3,0x30($out)
-	movdqu	0x30($inp),$inout3
-	movups	$inout4,0x40($out)
-	movdqu	0x40($inp),$inout4
-	movups	$inout5,0x50($out)
-	movdqu	0x50($inp),$inout5
-	movups	$inout6,0x60($out)
-	movdqu	0x60($inp),$inout6
-	movups	$inout7,0x70($out)
-	lea	0x80($out),$out
-	movdqu	0x70($inp),$inout7
-	lea	0x80($inp),$inp
-.Lecb_enc_loop8_enter:
-
-	call	_aesni_encrypt8
-
-	sub	\$0x80,$len
-	jnc	.Lecb_enc_loop8
-
-	movups	$inout0,($out)
-	mov	$key_,$key		# restore $key
-	movups	$inout1,0x10($out)
-	mov	$rnds_,$rounds		# restore $rounds
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	movups	$inout6,0x60($out)
-	movups	$inout7,0x70($out)
-	lea	0x80($out),$out
-	add	\$0x80,$len
-	jz	.Lecb_ret
-
-.Lecb_enc_tail:
-	movups	($inp),$inout0
-	cmp	\$0x20,$len
-	jb	.Lecb_enc_one
-	movups	0x10($inp),$inout1
-	je	.Lecb_enc_two
-	movups	0x20($inp),$inout2
-	cmp	\$0x40,$len
-	jb	.Lecb_enc_three
-	movups	0x30($inp),$inout3
-	je	.Lecb_enc_four
-	movups	0x40($inp),$inout4
-	cmp	\$0x60,$len
-	jb	.Lecb_enc_five
-	movups	0x50($inp),$inout5
-	je	.Lecb_enc_six
-	movdqu	0x60($inp),$inout6
-	call	_aesni_encrypt8
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	movups	$inout6,0x60($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_one:
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	movups	$inout0,($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_two:
-	xorps	$inout2,$inout2
-	call	_aesni_encrypt3
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_three:
-	call	_aesni_encrypt3
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_four:
-	call	_aesni_encrypt4
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_five:
-	xorps	$inout5,$inout5
-	call	_aesni_encrypt6
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_enc_six:
-	call	_aesni_encrypt6
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	jmp	.Lecb_ret
-#--------------------------- ECB DECRYPT ------------------------------#
-.align	16
-.Lecb_decrypt:
-	cmp	\$0x80,$len
-	jb	.Lecb_dec_tail
-
-	movdqu	($inp),$inout0
-	movdqu	0x10($inp),$inout1
-	movdqu	0x20($inp),$inout2
-	movdqu	0x30($inp),$inout3
-	movdqu	0x40($inp),$inout4
-	movdqu	0x50($inp),$inout5
-	movdqu	0x60($inp),$inout6
-	movdqu	0x70($inp),$inout7
-	lea	0x80($inp),$inp
-	sub	\$0x80,$len
-	jmp	.Lecb_dec_loop8_enter
-.align 16
-.Lecb_dec_loop8:
-	movups	$inout0,($out)
-	mov	$key_,$key		# restore $key
-	movdqu	($inp),$inout0
-	mov	$rnds_,$rounds		# restore $rounds
-	movups	$inout1,0x10($out)
-	movdqu	0x10($inp),$inout1
-	movups	$inout2,0x20($out)
-	movdqu	0x20($inp),$inout2
-	movups	$inout3,0x30($out)
-	movdqu	0x30($inp),$inout3
-	movups	$inout4,0x40($out)
-	movdqu	0x40($inp),$inout4
-	movups	$inout5,0x50($out)
-	movdqu	0x50($inp),$inout5
-	movups	$inout6,0x60($out)
-	movdqu	0x60($inp),$inout6
-	movups	$inout7,0x70($out)
-	lea	0x80($out),$out
-	movdqu	0x70($inp),$inout7
-	lea	0x80($inp),$inp
-.Lecb_dec_loop8_enter:
-
-	call	_aesni_decrypt8
-
-	$movkey	($key_),$rndkey0
-	sub	\$0x80,$len
-	jnc	.Lecb_dec_loop8
-
-	movups	$inout0,($out)
-	mov	$key_,$key		# restore $key
-	movups	$inout1,0x10($out)
-	mov	$rnds_,$rounds		# restore $rounds
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	movups	$inout6,0x60($out)
-	movups	$inout7,0x70($out)
-	lea	0x80($out),$out
-	add	\$0x80,$len
-	jz	.Lecb_ret
-
-.Lecb_dec_tail:
-	movups	($inp),$inout0
-	cmp	\$0x20,$len
-	jb	.Lecb_dec_one
-	movups	0x10($inp),$inout1
-	je	.Lecb_dec_two
-	movups	0x20($inp),$inout2
-	cmp	\$0x40,$len
-	jb	.Lecb_dec_three
-	movups	0x30($inp),$inout3
-	je	.Lecb_dec_four
-	movups	0x40($inp),$inout4
-	cmp	\$0x60,$len
-	jb	.Lecb_dec_five
-	movups	0x50($inp),$inout5
-	je	.Lecb_dec_six
-	movups	0x60($inp),$inout6
-	$movkey	($key),$rndkey0
-	call	_aesni_decrypt8
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	movups	$inout6,0x60($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_one:
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	movups	$inout0,($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_two:
-	xorps	$inout2,$inout2
-	call	_aesni_decrypt3
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_three:
-	call	_aesni_decrypt3
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_four:
-	call	_aesni_decrypt4
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_five:
-	xorps	$inout5,$inout5
-	call	_aesni_decrypt6
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	jmp	.Lecb_ret
-.align	16
-.Lecb_dec_six:
-	call	_aesni_decrypt6
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-
-.Lecb_ret:
-	ret
-.size	aesni_ecb_encrypt,.-aesni_ecb_encrypt
-___
-
-{
-######################################################################
-# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
-#                         size_t blocks, const AES_KEY *key,
-#                         const char *ivec,char *cmac);
-#
-# Handles only complete blocks, operates on 64-bit counter and
-# does not update *ivec! Nor does it finalize CMAC value
-# (see engine/eng_aesni.c for details)
-#
-{
-my $cmac="%r9";	# 6th argument
-
-my $increment="%xmm6";
-my $bswap_mask="%xmm7";
-
-$code.=<<___;
-.globl	aesni_ccm64_encrypt_blocks
-.type	aesni_ccm64_encrypt_blocks,\@function,6
-.align	16
-aesni_ccm64_encrypt_blocks:
-___
-$code.=<<___ if ($win64);
-	lea	-0x58(%rsp),%rsp
-	movaps	%xmm6,(%rsp)
-	movaps	%xmm7,0x10(%rsp)
-	movaps	%xmm8,0x20(%rsp)
-	movaps	%xmm9,0x30(%rsp)
-.Lccm64_enc_body:
-___
-$code.=<<___;
-	mov	240($key),$rounds		# key->rounds
-	movdqu	($ivp),$iv
-	movdqa	.Lincrement64(%rip),$increment
-	movdqa	.Lbswap_mask(%rip),$bswap_mask
-
-	shr	\$1,$rounds
-	lea	0($key),$key_
-	movdqu	($cmac),$inout1
-	movdqa	$iv,$inout0
-	mov	$rounds,$rnds_
-	pshufb	$bswap_mask,$iv
-	jmp	.Lccm64_enc_outer
-.align	16
-.Lccm64_enc_outer:
-	$movkey	($key_),$rndkey0
-	mov	$rnds_,$rounds
-	movups	($inp),$in0			# load inp
-
-	xorps	$rndkey0,$inout0		# counter
-	$movkey	16($key_),$rndkey1
-	xorps	$in0,$rndkey0
-	lea	32($key_),$key
-	xorps	$rndkey0,$inout1		# cmac^=inp
-	$movkey	($key),$rndkey0
-
-.Lccm64_enc2_loop:
-	aesenc	$rndkey1,$inout0
-	dec	$rounds
-	aesenc	$rndkey1,$inout1
-	$movkey	16($key),$rndkey1
-	aesenc	$rndkey0,$inout0
-	lea	32($key),$key
-	aesenc	$rndkey0,$inout1
-	$movkey	0($key),$rndkey0
-	jnz	.Lccm64_enc2_loop
-	aesenc	$rndkey1,$inout0
-	aesenc	$rndkey1,$inout1
-	paddq	$increment,$iv
-	aesenclast	$rndkey0,$inout0
-	aesenclast	$rndkey0,$inout1
-
-	dec	$len
-	lea	16($inp),$inp
-	xorps	$inout0,$in0			# inp ^= E(iv)
-	movdqa	$iv,$inout0
-	movups	$in0,($out)			# save output
-	lea	16($out),$out
-	pshufb	$bswap_mask,$inout0
-	jnz	.Lccm64_enc_outer
-
-	movups	$inout1,($cmac)
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsp),%xmm6
-	movaps	0x10(%rsp),%xmm7
-	movaps	0x20(%rsp),%xmm8
-	movaps	0x30(%rsp),%xmm9
-	lea	0x58(%rsp),%rsp
-.Lccm64_enc_ret:
-___
-$code.=<<___;
-	ret
-.size	aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
-___
-######################################################################
-$code.=<<___;
-.globl	aesni_ccm64_decrypt_blocks
-.type	aesni_ccm64_decrypt_blocks,\@function,6
-.align	16
-aesni_ccm64_decrypt_blocks:
-___
-$code.=<<___ if ($win64);
-	lea	-0x58(%rsp),%rsp
-	movaps	%xmm6,(%rsp)
-	movaps	%xmm7,0x10(%rsp)
-	movaps	%xmm8,0x20(%rsp)
-	movaps	%xmm9,0x30(%rsp)
-.Lccm64_dec_body:
-___
-$code.=<<___;
-	mov	240($key),$rounds		# key->rounds
-	movups	($ivp),$iv
-	movdqu	($cmac),$inout1
-	movdqa	.Lincrement64(%rip),$increment
-	movdqa	.Lbswap_mask(%rip),$bswap_mask
-
-	movaps	$iv,$inout0
-	mov	$rounds,$rnds_
-	mov	$key,$key_
-	pshufb	$bswap_mask,$iv
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	movups	($inp),$in0			# load inp
-	paddq	$increment,$iv
-	lea	16($inp),$inp
-	jmp	.Lccm64_dec_outer
-.align	16
-.Lccm64_dec_outer:
-	xorps	$inout0,$in0			# inp ^= E(iv)
-	movdqa	$iv,$inout0
-	mov	$rnds_,$rounds
-	movups	$in0,($out)			# save output
-	lea	16($out),$out
-	pshufb	$bswap_mask,$inout0
-
-	sub	\$1,$len
-	jz	.Lccm64_dec_break
-
-	$movkey	($key_),$rndkey0
-	shr	\$1,$rounds
-	$movkey	16($key_),$rndkey1
-	xorps	$rndkey0,$in0
-	lea	32($key_),$key
-	xorps	$rndkey0,$inout0
-	xorps	$in0,$inout1			# cmac^=out
-	$movkey	($key),$rndkey0
-
-.Lccm64_dec2_loop:
-	aesenc	$rndkey1,$inout0
-	dec	$rounds
-	aesenc	$rndkey1,$inout1
-	$movkey	16($key),$rndkey1
-	aesenc	$rndkey0,$inout0
-	lea	32($key),$key
-	aesenc	$rndkey0,$inout1
-	$movkey	0($key),$rndkey0
-	jnz	.Lccm64_dec2_loop
-	movups	($inp),$in0			# load inp
-	paddq	$increment,$iv
-	aesenc	$rndkey1,$inout0
-	aesenc	$rndkey1,$inout1
-	lea	16($inp),$inp
-	aesenclast	$rndkey0,$inout0
-	aesenclast	$rndkey0,$inout1
-	jmp	.Lccm64_dec_outer
-
-.align	16
-.Lccm64_dec_break:
-	#xorps	$in0,$inout1			# cmac^=out
-___
-	&aesni_generate1("enc",$key_,$rounds,$inout1,$in0);
-$code.=<<___;
-	movups	$inout1,($cmac)
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsp),%xmm6
-	movaps	0x10(%rsp),%xmm7
-	movaps	0x20(%rsp),%xmm8
-	movaps	0x30(%rsp),%xmm9
-	lea	0x58(%rsp),%rsp
-.Lccm64_dec_ret:
-___
-$code.=<<___;
-	ret
-.size	aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
-___
-}
-######################################################################
-# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
-#                         size_t blocks, const AES_KEY *key,
-#                         const char *ivec);
-#
-# Handles only complete blocks, operates on 32-bit counter and
-# does not update *ivec! (see engine/eng_aesni.c for details)
-#
-{
-my $reserved = $win64?0:-0x28;
-my ($in0,$in1,$in2,$in3)=map("%xmm$_",(8..11));
-my ($iv0,$iv1,$ivec)=("%xmm12","%xmm13","%xmm14");
-my $bswap_mask="%xmm15";
-
-$code.=<<___;
-.globl	aesni_ctr32_encrypt_blocks
-.type	aesni_ctr32_encrypt_blocks,\@function,5
-.align	16
-aesni_ctr32_encrypt_blocks:
-___
-$code.=<<___ if ($win64);
-	lea	-0xc8(%rsp),%rsp
-	movaps	%xmm6,0x20(%rsp)
-	movaps	%xmm7,0x30(%rsp)
-	movaps	%xmm8,0x40(%rsp)
-	movaps	%xmm9,0x50(%rsp)
-	movaps	%xmm10,0x60(%rsp)
-	movaps	%xmm11,0x70(%rsp)
-	movaps	%xmm12,0x80(%rsp)
-	movaps	%xmm13,0x90(%rsp)
-	movaps	%xmm14,0xa0(%rsp)
-	movaps	%xmm15,0xb0(%rsp)
-.Lctr32_body:
-___
-$code.=<<___;
-	cmp	\$1,$len
-	je	.Lctr32_one_shortcut
-
-	movdqu	($ivp),$ivec
-	movdqa	.Lbswap_mask(%rip),$bswap_mask
-	xor	$rounds,$rounds
-	pextrd	\$3,$ivec,$rnds_		# pull 32-bit counter
-	pinsrd	\$3,$rounds,$ivec		# wipe 32-bit counter
-
-	mov	240($key),$rounds		# key->rounds
-	bswap	$rnds_
-	pxor	$iv0,$iv0			# vector of 3 32-bit counters
-	pxor	$iv1,$iv1			# vector of 3 32-bit counters
-	pinsrd	\$0,$rnds_,$iv0
-	lea	3($rnds_),$key_
-	pinsrd	\$0,$key_,$iv1
-	inc	$rnds_
-	pinsrd	\$1,$rnds_,$iv0
-	inc	$key_
-	pinsrd	\$1,$key_,$iv1
-	inc	$rnds_
-	pinsrd	\$2,$rnds_,$iv0
-	inc	$key_
-	pinsrd	\$2,$key_,$iv1
-	movdqa	$iv0,$reserved(%rsp)
-	pshufb	$bswap_mask,$iv0
-	movdqa	$iv1,`$reserved+0x10`(%rsp)
-	pshufb	$bswap_mask,$iv1
-
-	pshufd	\$`3<<6`,$iv0,$inout0		# place counter to upper dword
-	pshufd	\$`2<<6`,$iv0,$inout1
-	pshufd	\$`1<<6`,$iv0,$inout2
-	cmp	\$6,$len
-	jb	.Lctr32_tail
-	shr	\$1,$rounds
-	mov	$key,$key_			# backup $key
-	mov	$rounds,$rnds_			# backup $rounds
-	sub	\$6,$len
-	jmp	.Lctr32_loop6
-
-.align	16
-.Lctr32_loop6:
-	pshufd	\$`3<<6`,$iv1,$inout3
-	por	$ivec,$inout0			# merge counter-less ivec
-	 $movkey	($key_),$rndkey0
-	pshufd	\$`2<<6`,$iv1,$inout4
-	por	$ivec,$inout1
-	 $movkey	16($key_),$rndkey1
-	pshufd	\$`1<<6`,$iv1,$inout5
-	por	$ivec,$inout2
-	por	$ivec,$inout3
-	 xorps		$rndkey0,$inout0
-	por	$ivec,$inout4
-	por	$ivec,$inout5
-
-	# inline _aesni_encrypt6 and interleave last rounds
-	# with own code...
-
-	pxor		$rndkey0,$inout1
-	aesenc		$rndkey1,$inout0
-	lea		32($key_),$key
-	pxor		$rndkey0,$inout2
-	aesenc		$rndkey1,$inout1
-	 movdqa		.Lincrement32(%rip),$iv1
-	pxor		$rndkey0,$inout3
-	aesenc		$rndkey1,$inout2
-	 movdqa		$reserved(%rsp),$iv0
-	pxor		$rndkey0,$inout4
-	aesenc		$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	dec		$rounds
-	aesenc		$rndkey1,$inout4
-	aesenc		$rndkey1,$inout5
-	jmp		.Lctr32_enc_loop6_enter
-.align	16
-.Lctr32_enc_loop6:
-	aesenc		$rndkey1,$inout0
-	aesenc		$rndkey1,$inout1
-	dec		$rounds
-	aesenc		$rndkey1,$inout2
-	aesenc		$rndkey1,$inout3
-	aesenc		$rndkey1,$inout4
-	aesenc		$rndkey1,$inout5
-.Lctr32_enc_loop6_enter:
-	$movkey		16($key),$rndkey1
-	aesenc		$rndkey0,$inout0
-	aesenc		$rndkey0,$inout1
-	lea		32($key),$key
-	aesenc		$rndkey0,$inout2
-	aesenc		$rndkey0,$inout3
-	aesenc		$rndkey0,$inout4
-	aesenc		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	jnz		.Lctr32_enc_loop6
-
-	aesenc		$rndkey1,$inout0
-	 paddd		$iv1,$iv0		# increment counter vector
-	aesenc		$rndkey1,$inout1
-	 paddd		`$reserved+0x10`(%rsp),$iv1
-	aesenc		$rndkey1,$inout2
-	 movdqa		$iv0,$reserved(%rsp)	# save counter vector
-	aesenc		$rndkey1,$inout3
-	 movdqa		$iv1,`$reserved+0x10`(%rsp)
-	aesenc		$rndkey1,$inout4
-	 pshufb		$bswap_mask,$iv0	# byte swap
-	aesenc		$rndkey1,$inout5
-	 pshufb		$bswap_mask,$iv1
-
-	aesenclast	$rndkey0,$inout0
-	 movups		($inp),$in0		# load input
-	aesenclast	$rndkey0,$inout1
-	 movups		0x10($inp),$in1
-	aesenclast	$rndkey0,$inout2
-	 movups		0x20($inp),$in2
-	aesenclast	$rndkey0,$inout3
-	 movups		0x30($inp),$in3
-	aesenclast	$rndkey0,$inout4
-	 movups		0x40($inp),$rndkey1
-	aesenclast	$rndkey0,$inout5
-	 movups		0x50($inp),$rndkey0
-	 lea	0x60($inp),$inp
-
-	xorps	$inout0,$in0			# xor
-	 pshufd	\$`3<<6`,$iv0,$inout0
-	xorps	$inout1,$in1
-	 pshufd	\$`2<<6`,$iv0,$inout1
-	movups	$in0,($out)			# store output
-	xorps	$inout2,$in2
-	 pshufd	\$`1<<6`,$iv0,$inout2
-	movups	$in1,0x10($out)
-	xorps	$inout3,$in3
-	movups	$in2,0x20($out)
-	xorps	$inout4,$rndkey1
-	movups	$in3,0x30($out)
-	xorps	$inout5,$rndkey0
-	movups	$rndkey1,0x40($out)
-	movups	$rndkey0,0x50($out)
-	lea	0x60($out),$out
-	mov	$rnds_,$rounds
-	sub	\$6,$len
-	jnc	.Lctr32_loop6
-
-	add	\$6,$len
-	jz	.Lctr32_done
-	mov	$key_,$key			# restore $key
-	lea	1($rounds,$rounds),$rounds	# restore original value
-
-.Lctr32_tail:
-	por	$ivec,$inout0
-	movups	($inp),$in0
-	cmp	\$2,$len
-	jb	.Lctr32_one
-
-	por	$ivec,$inout1
-	movups	0x10($inp),$in1
-	je	.Lctr32_two
-
-	pshufd	\$`3<<6`,$iv1,$inout3
-	por	$ivec,$inout2
-	movups	0x20($inp),$in2
-	cmp	\$4,$len
-	jb	.Lctr32_three
-
-	pshufd	\$`2<<6`,$iv1,$inout4
-	por	$ivec,$inout3
-	movups	0x30($inp),$in3
-	je	.Lctr32_four
-
-	por	$ivec,$inout4
-	xorps	$inout5,$inout5
-
-	call	_aesni_encrypt6
-
-	movups	0x40($inp),$rndkey1
-	xorps	$inout0,$in0
-	xorps	$inout1,$in1
-	movups	$in0,($out)
-	xorps	$inout2,$in2
-	movups	$in1,0x10($out)
-	xorps	$inout3,$in3
-	movups	$in2,0x20($out)
-	xorps	$inout4,$rndkey1
-	movups	$in3,0x30($out)
-	movups	$rndkey1,0x40($out)
-	jmp	.Lctr32_done
-
-.align	16
-.Lctr32_one_shortcut:
-	movups	($ivp),$inout0
-	movups	($inp),$in0
-	mov	240($key),$rounds		# key->rounds
-.Lctr32_one:
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	xorps	$inout0,$in0
-	movups	$in0,($out)
-	jmp	.Lctr32_done
-
-.align	16
-.Lctr32_two:
-	xorps	$inout2,$inout2
-	call	_aesni_encrypt3
-	xorps	$inout0,$in0
-	xorps	$inout1,$in1
-	movups	$in0,($out)
-	movups	$in1,0x10($out)
-	jmp	.Lctr32_done
-
-.align	16
-.Lctr32_three:
-	call	_aesni_encrypt3
-	xorps	$inout0,$in0
-	xorps	$inout1,$in1
-	movups	$in0,($out)
-	xorps	$inout2,$in2
-	movups	$in1,0x10($out)
-	movups	$in2,0x20($out)
-	jmp	.Lctr32_done
-
-.align	16
-.Lctr32_four:
-	call	_aesni_encrypt4
-	xorps	$inout0,$in0
-	xorps	$inout1,$in1
-	movups	$in0,($out)
-	xorps	$inout2,$in2
-	movups	$in1,0x10($out)
-	xorps	$inout3,$in3
-	movups	$in2,0x20($out)
-	movups	$in3,0x30($out)
-
-.Lctr32_done:
-___
-$code.=<<___ if ($win64);
-	movaps	0x20(%rsp),%xmm6
-	movaps	0x30(%rsp),%xmm7
-	movaps	0x40(%rsp),%xmm8
-	movaps	0x50(%rsp),%xmm9
-	movaps	0x60(%rsp),%xmm10
-	movaps	0x70(%rsp),%xmm11
-	movaps	0x80(%rsp),%xmm12
-	movaps	0x90(%rsp),%xmm13
-	movaps	0xa0(%rsp),%xmm14
-	movaps	0xb0(%rsp),%xmm15
-	lea	0xc8(%rsp),%rsp
-.Lctr32_ret:
-___
-$code.=<<___;
-	ret
-.size	aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks
-___
-}
-
-######################################################################
-# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2
-#	const unsigned char iv[16]);
-#
-{
-my @tweak=map("%xmm$_",(10..15));
-my ($twmask,$twres,$twtmp)=("%xmm8","%xmm9",@tweak[4]);
-my ($key2,$ivp,$len_)=("%r8","%r9","%r9");
-my $frame_size = 0x68 + ($win64?160:0);
-
-$code.=<<___;
-.globl	aesni_xts_encrypt
-.type	aesni_xts_encrypt,\@function,6
-.align	16
-aesni_xts_encrypt:
-	lea	-$frame_size(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,0x60(%rsp)
-	movaps	%xmm7,0x70(%rsp)
-	movaps	%xmm8,0x80(%rsp)
-	movaps	%xmm9,0x90(%rsp)
-	movaps	%xmm10,0xa0(%rsp)
-	movaps	%xmm11,0xb0(%rsp)
-	movaps	%xmm12,0xc0(%rsp)
-	movaps	%xmm13,0xd0(%rsp)
-	movaps	%xmm14,0xe0(%rsp)
-	movaps	%xmm15,0xf0(%rsp)
-.Lxts_enc_body:
-___
-$code.=<<___;
-	movups	($ivp),@tweak[5]		# load clear-text tweak
-	mov	240(%r8),$rounds		# key2->rounds
-	mov	240($key),$rnds_		# key1->rounds
-___
-	# generate the tweak
-	&aesni_generate1("enc",$key2,$rounds,@tweak[5]);
-$code.=<<___;
-	mov	$key,$key_			# backup $key
-	mov	$rnds_,$rounds			# backup $rounds
-	mov	$len,$len_			# backup $len
-	and	\$-16,$len
-
-	movdqa	.Lxts_magic(%rip),$twmask
-	pxor	$twtmp,$twtmp
-	pcmpgtd	@tweak[5],$twtmp		# broadcast upper bits
-___
-    for ($i=0;$i<4;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[$i]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	pand	$twmask,$twres			# isolate carry and residue
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	pxor	$twres,@tweak[5]
-___
-    }
-$code.=<<___;
-	sub	\$16*6,$len
-	jc	.Lxts_enc_short
-
-	shr	\$1,$rounds
-	sub	\$1,$rounds
-	mov	$rounds,$rnds_
-	jmp	.Lxts_enc_grandloop
-
-.align	16
-.Lxts_enc_grandloop:
-	pshufd	\$0x13,$twtmp,$twres
-	movdqa	@tweak[5],@tweak[4]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	movdqu	`16*0`($inp),$inout0		# load input
-	pand	$twmask,$twres			# isolate carry and residue
-	movdqu	`16*1`($inp),$inout1
-	pxor	$twres,@tweak[5]
-
-	movdqu	`16*2`($inp),$inout2
-	pxor	@tweak[0],$inout0		# input^=tweak
-	movdqu	`16*3`($inp),$inout3
-	pxor	@tweak[1],$inout1
-	movdqu	`16*4`($inp),$inout4
-	pxor	@tweak[2],$inout2
-	movdqu	`16*5`($inp),$inout5
-	lea	`16*6`($inp),$inp
-	pxor	@tweak[3],$inout3
-	$movkey		($key_),$rndkey0
-	pxor	@tweak[4],$inout4
-	pxor	@tweak[5],$inout5
-
-	# inline _aesni_encrypt6 and interleave first and last rounds
-	# with own code...
-	$movkey		16($key_),$rndkey1
-	pxor		$rndkey0,$inout0
-	pxor		$rndkey0,$inout1
-	 movdqa	@tweak[0],`16*0`(%rsp)		# put aside tweaks
-	aesenc		$rndkey1,$inout0
-	lea		32($key_),$key
-	pxor		$rndkey0,$inout2
-	 movdqa	@tweak[1],`16*1`(%rsp)
-	aesenc		$rndkey1,$inout1
-	pxor		$rndkey0,$inout3
-	 movdqa	@tweak[2],`16*2`(%rsp)
-	aesenc		$rndkey1,$inout2
-	pxor		$rndkey0,$inout4
-	 movdqa	@tweak[3],`16*3`(%rsp)
-	aesenc		$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	dec		$rounds
-	 movdqa	@tweak[4],`16*4`(%rsp)
-	aesenc		$rndkey1,$inout4
-	 movdqa	@tweak[5],`16*5`(%rsp)
-	aesenc		$rndkey1,$inout5
-	pxor	$twtmp,$twtmp
-	pcmpgtd	@tweak[5],$twtmp
-	jmp		.Lxts_enc_loop6_enter
-
-.align	16
-.Lxts_enc_loop6:
-	aesenc		$rndkey1,$inout0
-	aesenc		$rndkey1,$inout1
-	dec		$rounds
-	aesenc		$rndkey1,$inout2
-	aesenc		$rndkey1,$inout3
-	aesenc		$rndkey1,$inout4
-	aesenc		$rndkey1,$inout5
-.Lxts_enc_loop6_enter:
-	$movkey		16($key),$rndkey1
-	aesenc		$rndkey0,$inout0
-	aesenc		$rndkey0,$inout1
-	lea		32($key),$key
-	aesenc		$rndkey0,$inout2
-	aesenc		$rndkey0,$inout3
-	aesenc		$rndkey0,$inout4
-	aesenc		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	jnz		.Lxts_enc_loop6
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesenc		$rndkey1,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesenc		$rndkey1,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcast upper bits
-	 aesenc		$rndkey1,$inout2
-	pxor	$twres,@tweak[5]
-	 aesenc		$rndkey1,$inout3
-	 aesenc		$rndkey1,$inout4
-	 aesenc		$rndkey1,$inout5
-	 $movkey	16($key),$rndkey1
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[0]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesenc		$rndkey0,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesenc		$rndkey0,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesenc		$rndkey0,$inout2
-	pxor	$twres,@tweak[5]
-	 aesenc		$rndkey0,$inout3
-	 aesenc		$rndkey0,$inout4
-	 aesenc		$rndkey0,$inout5
-	 $movkey	32($key),$rndkey0
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[1]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesenc		$rndkey1,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesenc		$rndkey1,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesenc		$rndkey1,$inout2
-	pxor	$twres,@tweak[5]
-	 aesenc		$rndkey1,$inout3
-	 aesenc		$rndkey1,$inout4
-	 aesenc		$rndkey1,$inout5
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[2]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesenclast	$rndkey0,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesenclast	$rndkey0,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesenclast	$rndkey0,$inout2
-	pxor	$twres,@tweak[5]
-	 aesenclast	$rndkey0,$inout3
-	 aesenclast	$rndkey0,$inout4
-	 aesenclast	$rndkey0,$inout5
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[3]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 xorps	`16*0`(%rsp),$inout0		# output^=tweak
-	pand	$twmask,$twres			# isolate carry and residue
-	 xorps	`16*1`(%rsp),$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	pxor	$twres,@tweak[5]
-
-	xorps	`16*2`(%rsp),$inout2
-	movups	$inout0,`16*0`($out)		# write output
-	xorps	`16*3`(%rsp),$inout3
-	movups	$inout1,`16*1`($out)
-	xorps	`16*4`(%rsp),$inout4
-	movups	$inout2,`16*2`($out)
-	xorps	`16*5`(%rsp),$inout5
-	movups	$inout3,`16*3`($out)
-	mov	$rnds_,$rounds			# restore $rounds
-	movups	$inout4,`16*4`($out)
-	movups	$inout5,`16*5`($out)
-	lea	`16*6`($out),$out
-	sub	\$16*6,$len
-	jnc	.Lxts_enc_grandloop
-
-	lea	3($rounds,$rounds),$rounds	# restore original value
-	mov	$key_,$key			# restore $key
-	mov	$rounds,$rnds_			# backup $rounds
-
-.Lxts_enc_short:
-	add	\$16*6,$len
-	jz	.Lxts_enc_done
-
-	cmp	\$0x20,$len
-	jb	.Lxts_enc_one
-	je	.Lxts_enc_two
-
-	cmp	\$0x40,$len
-	jb	.Lxts_enc_three
-	je	.Lxts_enc_four
-
-	pshufd	\$0x13,$twtmp,$twres
-	movdqa	@tweak[5],@tweak[4]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	 movdqu	($inp),$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 movdqu	16*1($inp),$inout1
-	pxor	$twres,@tweak[5]
-
-	movdqu	16*2($inp),$inout2
-	pxor	@tweak[0],$inout0
-	movdqu	16*3($inp),$inout3
-	pxor	@tweak[1],$inout1
-	movdqu	16*4($inp),$inout4
-	lea	16*5($inp),$inp
-	pxor	@tweak[2],$inout2
-	pxor	@tweak[3],$inout3
-	pxor	@tweak[4],$inout4
-
-	call	_aesni_encrypt6
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[5],@tweak[0]
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	movdqu	$inout0,($out)
-	xorps	@tweak[3],$inout3
-	movdqu	$inout1,16*1($out)
-	xorps	@tweak[4],$inout4
-	movdqu	$inout2,16*2($out)
-	movdqu	$inout3,16*3($out)
-	movdqu	$inout4,16*4($out)
-	lea	16*5($out),$out
-	jmp	.Lxts_enc_done
-
-.align	16
-.Lxts_enc_one:
-	movups	($inp),$inout0
-	lea	16*1($inp),$inp
-	xorps	@tweak[0],$inout0
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[1],@tweak[0]
-	movups	$inout0,($out)
-	lea	16*1($out),$out
-	jmp	.Lxts_enc_done
-
-.align	16
-.Lxts_enc_two:
-	movups	($inp),$inout0
-	movups	16($inp),$inout1
-	lea	32($inp),$inp
-	xorps	@tweak[0],$inout0
-	xorps	@tweak[1],$inout1
-
-	call	_aesni_encrypt3
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[2],@tweak[0]
-	xorps	@tweak[1],$inout1
-	movups	$inout0,($out)
-	movups	$inout1,16*1($out)
-	lea	16*2($out),$out
-	jmp	.Lxts_enc_done
-
-.align	16
-.Lxts_enc_three:
-	movups	($inp),$inout0
-	movups	16*1($inp),$inout1
-	movups	16*2($inp),$inout2
-	lea	16*3($inp),$inp
-	xorps	@tweak[0],$inout0
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-
-	call	_aesni_encrypt3
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[3],@tweak[0]
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	movups	$inout0,($out)
-	movups	$inout1,16*1($out)
-	movups	$inout2,16*2($out)
-	lea	16*3($out),$out
-	jmp	.Lxts_enc_done
-
-.align	16
-.Lxts_enc_four:
-	movups	($inp),$inout0
-	movups	16*1($inp),$inout1
-	movups	16*2($inp),$inout2
-	xorps	@tweak[0],$inout0
-	movups	16*3($inp),$inout3
-	lea	16*4($inp),$inp
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	xorps	@tweak[3],$inout3
-
-	call	_aesni_encrypt4
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[5],@tweak[0]
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	movups	$inout0,($out)
-	xorps	@tweak[3],$inout3
-	movups	$inout1,16*1($out)
-	movups	$inout2,16*2($out)
-	movups	$inout3,16*3($out)
-	lea	16*4($out),$out
-	jmp	.Lxts_enc_done
-
-.align	16
-.Lxts_enc_done:
-	and	\$15,$len_
-	jz	.Lxts_enc_ret
-	mov	$len_,$len
-
-.Lxts_enc_steal:
-	movzb	($inp),%eax			# borrow $rounds ...
-	movzb	-16($out),%ecx			# ... and $key
-	lea	1($inp),$inp
-	mov	%al,-16($out)
-	mov	%cl,0($out)
-	lea	1($out),$out
-	sub	\$1,$len
-	jnz	.Lxts_enc_steal
-
-	sub	$len_,$out			# rewind $out
-	mov	$key_,$key			# restore $key
-	mov	$rnds_,$rounds			# restore $rounds
-
-	movups	-16($out),$inout0
-	xorps	@tweak[0],$inout0
-___
-	&aesni_generate1("enc",$key,$rounds);
-$code.=<<___;
-	xorps	@tweak[0],$inout0
-	movups	$inout0,-16($out)
-
-.Lxts_enc_ret:
-___
-$code.=<<___ if ($win64);
-	movaps	0x60(%rsp),%xmm6
-	movaps	0x70(%rsp),%xmm7
-	movaps	0x80(%rsp),%xmm8
-	movaps	0x90(%rsp),%xmm9
-	movaps	0xa0(%rsp),%xmm10
-	movaps	0xb0(%rsp),%xmm11
-	movaps	0xc0(%rsp),%xmm12
-	movaps	0xd0(%rsp),%xmm13
-	movaps	0xe0(%rsp),%xmm14
-	movaps	0xf0(%rsp),%xmm15
-___
-$code.=<<___;
-	lea	$frame_size(%rsp),%rsp
-.Lxts_enc_epilogue:
-	ret
-.size	aesni_xts_encrypt,.-aesni_xts_encrypt
-___
-
-$code.=<<___;
-.globl	aesni_xts_decrypt
-.type	aesni_xts_decrypt,\@function,6
-.align	16
-aesni_xts_decrypt:
-	lea	-$frame_size(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,0x60(%rsp)
-	movaps	%xmm7,0x70(%rsp)
-	movaps	%xmm8,0x80(%rsp)
-	movaps	%xmm9,0x90(%rsp)
-	movaps	%xmm10,0xa0(%rsp)
-	movaps	%xmm11,0xb0(%rsp)
-	movaps	%xmm12,0xc0(%rsp)
-	movaps	%xmm13,0xd0(%rsp)
-	movaps	%xmm14,0xe0(%rsp)
-	movaps	%xmm15,0xf0(%rsp)
-.Lxts_dec_body:
-___
-$code.=<<___;
-	movups	($ivp),@tweak[5]		# load clear-text tweak
-	mov	240($key2),$rounds		# key2->rounds
-	mov	240($key),$rnds_		# key1->rounds
-___
-	# generate the tweak
-	&aesni_generate1("enc",$key2,$rounds,@tweak[5]);
-$code.=<<___;
-	xor	%eax,%eax			# if ($len%16) len-=16;
-	test	\$15,$len
-	setnz	%al
-	shl	\$4,%rax
-	sub	%rax,$len
-
-	mov	$key,$key_			# backup $key
-	mov	$rnds_,$rounds			# backup $rounds
-	mov	$len,$len_			# backup $len
-	and	\$-16,$len
-
-	movdqa	.Lxts_magic(%rip),$twmask
-	pxor	$twtmp,$twtmp
-	pcmpgtd	@tweak[5],$twtmp		# broadcast upper bits
-___
-    for ($i=0;$i<4;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[$i]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	pand	$twmask,$twres			# isolate carry and residue
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	pxor	$twres,@tweak[5]
-___
-    }
-$code.=<<___;
-	sub	\$16*6,$len
-	jc	.Lxts_dec_short
-
-	shr	\$1,$rounds
-	sub	\$1,$rounds
-	mov	$rounds,$rnds_
-	jmp	.Lxts_dec_grandloop
-
-.align	16
-.Lxts_dec_grandloop:
-	pshufd	\$0x13,$twtmp,$twres
-	movdqa	@tweak[5],@tweak[4]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	movdqu	`16*0`($inp),$inout0		# load input
-	pand	$twmask,$twres			# isolate carry and residue
-	movdqu	`16*1`($inp),$inout1
-	pxor	$twres,@tweak[5]
-
-	movdqu	`16*2`($inp),$inout2
-	pxor	@tweak[0],$inout0		# input^=tweak
-	movdqu	`16*3`($inp),$inout3
-	pxor	@tweak[1],$inout1
-	movdqu	`16*4`($inp),$inout4
-	pxor	@tweak[2],$inout2
-	movdqu	`16*5`($inp),$inout5
-	lea	`16*6`($inp),$inp
-	pxor	@tweak[3],$inout3
-	$movkey		($key_),$rndkey0
-	pxor	@tweak[4],$inout4
-	pxor	@tweak[5],$inout5
-
-	# inline _aesni_decrypt6 and interleave first and last rounds
-	# with own code...
-	$movkey		16($key_),$rndkey1
-	pxor		$rndkey0,$inout0
-	pxor		$rndkey0,$inout1
-	 movdqa	@tweak[0],`16*0`(%rsp)		# put aside tweaks
-	aesdec		$rndkey1,$inout0
-	lea		32($key_),$key
-	pxor		$rndkey0,$inout2
-	 movdqa	@tweak[1],`16*1`(%rsp)
-	aesdec		$rndkey1,$inout1
-	pxor		$rndkey0,$inout3
-	 movdqa	@tweak[2],`16*2`(%rsp)
-	aesdec		$rndkey1,$inout2
-	pxor		$rndkey0,$inout4
-	 movdqa	@tweak[3],`16*3`(%rsp)
-	aesdec		$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	dec		$rounds
-	 movdqa	@tweak[4],`16*4`(%rsp)
-	aesdec		$rndkey1,$inout4
-	 movdqa	@tweak[5],`16*5`(%rsp)
-	aesdec		$rndkey1,$inout5
-	pxor	$twtmp,$twtmp
-	pcmpgtd	@tweak[5],$twtmp
-	jmp		.Lxts_dec_loop6_enter
-
-.align	16
-.Lxts_dec_loop6:
-	aesdec		$rndkey1,$inout0
-	aesdec		$rndkey1,$inout1
-	dec		$rounds
-	aesdec		$rndkey1,$inout2
-	aesdec		$rndkey1,$inout3
-	aesdec		$rndkey1,$inout4
-	aesdec		$rndkey1,$inout5
-.Lxts_dec_loop6_enter:
-	$movkey		16($key),$rndkey1
-	aesdec		$rndkey0,$inout0
-	aesdec		$rndkey0,$inout1
-	lea		32($key),$key
-	aesdec		$rndkey0,$inout2
-	aesdec		$rndkey0,$inout3
-	aesdec		$rndkey0,$inout4
-	aesdec		$rndkey0,$inout5
-	$movkey		($key),$rndkey0
-	jnz		.Lxts_dec_loop6
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesdec		$rndkey1,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesdec		$rndkey1,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcast upper bits
-	 aesdec		$rndkey1,$inout2
-	pxor	$twres,@tweak[5]
-	 aesdec		$rndkey1,$inout3
-	 aesdec		$rndkey1,$inout4
-	 aesdec		$rndkey1,$inout5
-	 $movkey	16($key),$rndkey1
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[0]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesdec		$rndkey0,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesdec		$rndkey0,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesdec		$rndkey0,$inout2
-	pxor	$twres,@tweak[5]
-	 aesdec		$rndkey0,$inout3
-	 aesdec		$rndkey0,$inout4
-	 aesdec		$rndkey0,$inout5
-	 $movkey	32($key),$rndkey0
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[1]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesdec		$rndkey1,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesdec		$rndkey1,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesdec		$rndkey1,$inout2
-	pxor	$twres,@tweak[5]
-	 aesdec		$rndkey1,$inout3
-	 aesdec		$rndkey1,$inout4
-	 aesdec		$rndkey1,$inout5
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[2]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 aesdeclast	$rndkey0,$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 aesdeclast	$rndkey0,$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	 aesdeclast	$rndkey0,$inout2
-	pxor	$twres,@tweak[5]
-	 aesdeclast	$rndkey0,$inout3
-	 aesdeclast	$rndkey0,$inout4
-	 aesdeclast	$rndkey0,$inout5
-
-	pshufd	\$0x13,$twtmp,$twres
-	pxor	$twtmp,$twtmp
-	movdqa	@tweak[5],@tweak[3]
-	paddq	@tweak[5],@tweak[5]		# psllq	1,$tweak
-	 xorps	`16*0`(%rsp),$inout0		# output^=tweak
-	pand	$twmask,$twres			# isolate carry and residue
-	 xorps	`16*1`(%rsp),$inout1
-	pcmpgtd	@tweak[5],$twtmp		# broadcat upper bits
-	pxor	$twres,@tweak[5]
-
-	xorps	`16*2`(%rsp),$inout2
-	movups	$inout0,`16*0`($out)		# write output
-	xorps	`16*3`(%rsp),$inout3
-	movups	$inout1,`16*1`($out)
-	xorps	`16*4`(%rsp),$inout4
-	movups	$inout2,`16*2`($out)
-	xorps	`16*5`(%rsp),$inout5
-	movups	$inout3,`16*3`($out)
-	mov	$rnds_,$rounds			# restore $rounds
-	movups	$inout4,`16*4`($out)
-	movups	$inout5,`16*5`($out)
-	lea	`16*6`($out),$out
-	sub	\$16*6,$len
-	jnc	.Lxts_dec_grandloop
-
-	lea	3($rounds,$rounds),$rounds	# restore original value
-	mov	$key_,$key			# restore $key
-	mov	$rounds,$rnds_			# backup $rounds
-
-.Lxts_dec_short:
-	add	\$16*6,$len
-	jz	.Lxts_dec_done
-
-	cmp	\$0x20,$len
-	jb	.Lxts_dec_one
-	je	.Lxts_dec_two
-
-	cmp	\$0x40,$len
-	jb	.Lxts_dec_three
-	je	.Lxts_dec_four
-
-	pshufd	\$0x13,$twtmp,$twres
-	movdqa	@tweak[5],@tweak[4]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	 movdqu	($inp),$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 movdqu	16*1($inp),$inout1
-	pxor	$twres,@tweak[5]
-
-	movdqu	16*2($inp),$inout2
-	pxor	@tweak[0],$inout0
-	movdqu	16*3($inp),$inout3
-	pxor	@tweak[1],$inout1
-	movdqu	16*4($inp),$inout4
-	lea	16*5($inp),$inp
-	pxor	@tweak[2],$inout2
-	pxor	@tweak[3],$inout3
-	pxor	@tweak[4],$inout4
-
-	call	_aesni_decrypt6
-
-	xorps	@tweak[0],$inout0
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	movdqu	$inout0,($out)
-	xorps	@tweak[3],$inout3
-	movdqu	$inout1,16*1($out)
-	xorps	@tweak[4],$inout4
-	movdqu	$inout2,16*2($out)
-	 pxor		$twtmp,$twtmp
-	movdqu	$inout3,16*3($out)
-	 pcmpgtd	@tweak[5],$twtmp
-	movdqu	$inout4,16*4($out)
-	lea	16*5($out),$out
-	 pshufd		\$0x13,$twtmp,@tweak[1]	# $twres
-	and	\$15,$len_
-	jz	.Lxts_dec_ret
-
-	movdqa	@tweak[5],@tweak[0]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	pand	$twmask,@tweak[1]		# isolate carry and residue
-	pxor	@tweak[5],@tweak[1]
-	jmp	.Lxts_dec_done2
-
-.align	16
-.Lxts_dec_one:
-	movups	($inp),$inout0
-	lea	16*1($inp),$inp
-	xorps	@tweak[0],$inout0
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[1],@tweak[0]
-	movups	$inout0,($out)
-	movdqa	@tweak[2],@tweak[1]
-	lea	16*1($out),$out
-	jmp	.Lxts_dec_done
-
-.align	16
-.Lxts_dec_two:
-	movups	($inp),$inout0
-	movups	16($inp),$inout1
-	lea	32($inp),$inp
-	xorps	@tweak[0],$inout0
-	xorps	@tweak[1],$inout1
-
-	call	_aesni_decrypt3
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[2],@tweak[0]
-	xorps	@tweak[1],$inout1
-	movdqa	@tweak[3],@tweak[1]
-	movups	$inout0,($out)
-	movups	$inout1,16*1($out)
-	lea	16*2($out),$out
-	jmp	.Lxts_dec_done
-
-.align	16
-.Lxts_dec_three:
-	movups	($inp),$inout0
-	movups	16*1($inp),$inout1
-	movups	16*2($inp),$inout2
-	lea	16*3($inp),$inp
-	xorps	@tweak[0],$inout0
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-
-	call	_aesni_decrypt3
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[3],@tweak[0]
-	xorps	@tweak[1],$inout1
-	movdqa	@tweak[5],@tweak[1]
-	xorps	@tweak[2],$inout2
-	movups	$inout0,($out)
-	movups	$inout1,16*1($out)
-	movups	$inout2,16*2($out)
-	lea	16*3($out),$out
-	jmp	.Lxts_dec_done
-
-.align	16
-.Lxts_dec_four:
-	pshufd	\$0x13,$twtmp,$twres
-	movdqa	@tweak[5],@tweak[4]
-	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
-	 movups	($inp),$inout0
-	pand	$twmask,$twres			# isolate carry and residue
-	 movups	16*1($inp),$inout1
-	pxor	$twres,@tweak[5]
-
-	movups	16*2($inp),$inout2
-	xorps	@tweak[0],$inout0
-	movups	16*3($inp),$inout3
-	lea	16*4($inp),$inp
-	xorps	@tweak[1],$inout1
-	xorps	@tweak[2],$inout2
-	xorps	@tweak[3],$inout3
-
-	call	_aesni_decrypt4
-
-	xorps	@tweak[0],$inout0
-	movdqa	@tweak[4],@tweak[0]
-	xorps	@tweak[1],$inout1
-	movdqa	@tweak[5],@tweak[1]
-	xorps	@tweak[2],$inout2
-	movups	$inout0,($out)
-	xorps	@tweak[3],$inout3
-	movups	$inout1,16*1($out)
-	movups	$inout2,16*2($out)
-	movups	$inout3,16*3($out)
-	lea	16*4($out),$out
-	jmp	.Lxts_dec_done
-
-.align	16
-.Lxts_dec_done:
-	and	\$15,$len_
-	jz	.Lxts_dec_ret
-.Lxts_dec_done2:
-	mov	$len_,$len
-	mov	$key_,$key			# restore $key
-	mov	$rnds_,$rounds			# restore $rounds
-
-	movups	($inp),$inout0
-	xorps	@tweak[1],$inout0
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	xorps	@tweak[1],$inout0
-	movups	$inout0,($out)
-
-.Lxts_dec_steal:
-	movzb	16($inp),%eax			# borrow $rounds ...
-	movzb	($out),%ecx			# ... and $key
-	lea	1($inp),$inp
-	mov	%al,($out)
-	mov	%cl,16($out)
-	lea	1($out),$out
-	sub	\$1,$len
-	jnz	.Lxts_dec_steal
-
-	sub	$len_,$out			# rewind $out
-	mov	$key_,$key			# restore $key
-	mov	$rnds_,$rounds			# restore $rounds
-
-	movups	($out),$inout0
-	xorps	@tweak[0],$inout0
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	xorps	@tweak[0],$inout0
-	movups	$inout0,($out)
-
-.Lxts_dec_ret:
-___
-$code.=<<___ if ($win64);
-	movaps	0x60(%rsp),%xmm6
-	movaps	0x70(%rsp),%xmm7
-	movaps	0x80(%rsp),%xmm8
-	movaps	0x90(%rsp),%xmm9
-	movaps	0xa0(%rsp),%xmm10
-	movaps	0xb0(%rsp),%xmm11
-	movaps	0xc0(%rsp),%xmm12
-	movaps	0xd0(%rsp),%xmm13
-	movaps	0xe0(%rsp),%xmm14
-	movaps	0xf0(%rsp),%xmm15
-___
-$code.=<<___;
-	lea	$frame_size(%rsp),%rsp
-.Lxts_dec_epilogue:
-	ret
-.size	aesni_xts_decrypt,.-aesni_xts_decrypt
-___
-} }}
-
-########################################################################
-# void $PREFIX_cbc_encrypt (const void *inp, void *out,
-#			    size_t length, const AES_KEY *key,
-#			    unsigned char *ivp,const int enc);
-{
-my $reserved = $win64?0x40:-0x18;	# used in decrypt
-$code.=<<___;
-.globl	${PREFIX}_cbc_encrypt
-.type	${PREFIX}_cbc_encrypt,\@function,6
-.align	16
-${PREFIX}_cbc_encrypt:
-	test	$len,$len		# check length
-	jz	.Lcbc_ret
-
-	mov	240($key),$rnds_	# key->rounds
-	mov	$key,$key_		# backup $key
-	test	%r9d,%r9d		# 6th argument
-	jz	.Lcbc_decrypt
-#--------------------------- CBC ENCRYPT ------------------------------#
-	movups	($ivp),$inout0		# load iv as initial state
-	mov	$rnds_,$rounds
-	cmp	\$16,$len
-	jb	.Lcbc_enc_tail
-	sub	\$16,$len
-	jmp	.Lcbc_enc_loop
-.align	16
-.Lcbc_enc_loop:
-	movups	($inp),$inout1		# load input
-	lea	16($inp),$inp
-	#xorps	$inout1,$inout0
-___
-	&aesni_generate1("enc",$key,$rounds,$inout0,$inout1);
-$code.=<<___;
-	mov	$rnds_,$rounds		# restore $rounds
-	mov	$key_,$key		# restore $key
-	movups	$inout0,0($out)		# store output
-	lea	16($out),$out
-	sub	\$16,$len
-	jnc	.Lcbc_enc_loop
-	add	\$16,$len
-	jnz	.Lcbc_enc_tail
-	movups	$inout0,($ivp)
-	jmp	.Lcbc_ret
-
-.Lcbc_enc_tail:
-	mov	$len,%rcx	# zaps $key
-	xchg	$inp,$out	# $inp is %rsi and $out is %rdi now
-	.long	0x9066A4F3	# rep movsb
-	mov	\$16,%ecx	# zero tail
-	sub	$len,%rcx
-	xor	%eax,%eax
-	.long	0x9066AAF3	# rep stosb
-	lea	-16(%rdi),%rdi	# rewind $out by 1 block
-	mov	$rnds_,$rounds	# restore $rounds
-	mov	%rdi,%rsi	# $inp and $out are the same
-	mov	$key_,$key	# restore $key
-	xor	$len,$len	# len=16
-	jmp	.Lcbc_enc_loop	# one more spin
-#--------------------------- CBC DECRYPT ------------------------------#
-.align	16
-.Lcbc_decrypt:
-___
-$code.=<<___ if ($win64);
-	lea	-0x58(%rsp),%rsp
-	movaps	%xmm6,(%rsp)
-	movaps	%xmm7,0x10(%rsp)
-	movaps	%xmm8,0x20(%rsp)
-	movaps	%xmm9,0x30(%rsp)
-.Lcbc_decrypt_body:
-___
-$code.=<<___;
-	movups	($ivp),$iv
-	mov	$rnds_,$rounds
-	cmp	\$0x70,$len
-	jbe	.Lcbc_dec_tail
-	shr	\$1,$rnds_
-	sub	\$0x70,$len
-	mov	$rnds_,$rounds
-	movaps	$iv,$reserved(%rsp)
-	jmp	.Lcbc_dec_loop8_enter
-.align	16
-.Lcbc_dec_loop8:
-	movaps	$rndkey0,$reserved(%rsp)	# save IV
-	movups	$inout7,($out)
-	lea	0x10($out),$out
-.Lcbc_dec_loop8_enter:
-	$movkey		($key),$rndkey0
-	movups	($inp),$inout0			# load input
-	movups	0x10($inp),$inout1
-	$movkey		16($key),$rndkey1
-
-	lea		32($key),$key
-	movdqu	0x20($inp),$inout2
-	xorps		$rndkey0,$inout0
-	movdqu	0x30($inp),$inout3
-	xorps		$rndkey0,$inout1
-	movdqu	0x40($inp),$inout4
-	aesdec		$rndkey1,$inout0
-	pxor		$rndkey0,$inout2
-	movdqu	0x50($inp),$inout5
-	aesdec		$rndkey1,$inout1
-	pxor		$rndkey0,$inout3
-	movdqu	0x60($inp),$inout6
-	aesdec		$rndkey1,$inout2
-	pxor		$rndkey0,$inout4
-	movdqu	0x70($inp),$inout7
-	aesdec		$rndkey1,$inout3
-	pxor		$rndkey0,$inout5
-	dec		$rounds
-	aesdec		$rndkey1,$inout4
-	pxor		$rndkey0,$inout6
-	aesdec		$rndkey1,$inout5
-	pxor		$rndkey0,$inout7
-	$movkey		($key),$rndkey0
-	aesdec		$rndkey1,$inout6
-	aesdec		$rndkey1,$inout7
-	$movkey		16($key),$rndkey1
-
-	call		.Ldec_loop8_enter
-
-	movups	($inp),$rndkey1		# re-load input
-	movups	0x10($inp),$rndkey0
-	xorps	$reserved(%rsp),$inout0	# ^= IV
-	xorps	$rndkey1,$inout1
-	movups	0x20($inp),$rndkey1
-	xorps	$rndkey0,$inout2
-	movups	0x30($inp),$rndkey0
-	xorps	$rndkey1,$inout3
-	movups	0x40($inp),$rndkey1
-	xorps	$rndkey0,$inout4
-	movups	0x50($inp),$rndkey0
-	xorps	$rndkey1,$inout5
-	movups	0x60($inp),$rndkey1
-	xorps	$rndkey0,$inout6
-	movups	0x70($inp),$rndkey0	# IV
-	xorps	$rndkey1,$inout7
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	mov	$rnds_,$rounds		# restore $rounds
-	movups	$inout4,0x40($out)
-	mov	$key_,$key		# restore $key
-	movups	$inout5,0x50($out)
-	lea	0x80($inp),$inp
-	movups	$inout6,0x60($out)
-	lea	0x70($out),$out
-	sub	\$0x80,$len
-	ja	.Lcbc_dec_loop8
-
-	movaps	$inout7,$inout0
-	movaps	$rndkey0,$iv
-	add	\$0x70,$len
-	jle	.Lcbc_dec_tail_collected
-	movups	$inout0,($out)
-	lea	1($rnds_,$rnds_),$rounds
-	lea	0x10($out),$out
-.Lcbc_dec_tail:
-	movups	($inp),$inout0
-	movaps	$inout0,$in0
-	cmp	\$0x10,$len
-	jbe	.Lcbc_dec_one
-
-	movups	0x10($inp),$inout1
-	movaps	$inout1,$in1
-	cmp	\$0x20,$len
-	jbe	.Lcbc_dec_two
-
-	movups	0x20($inp),$inout2
-	movaps	$inout2,$in2
-	cmp	\$0x30,$len
-	jbe	.Lcbc_dec_three
-
-	movups	0x30($inp),$inout3
-	cmp	\$0x40,$len
-	jbe	.Lcbc_dec_four
-
-	movups	0x40($inp),$inout4
-	cmp	\$0x50,$len
-	jbe	.Lcbc_dec_five
-
-	movups	0x50($inp),$inout5
-	cmp	\$0x60,$len
-	jbe	.Lcbc_dec_six
-
-	movups	0x60($inp),$inout6
-	movaps	$iv,$reserved(%rsp)	# save IV
-	call	_aesni_decrypt8
-	movups	($inp),$rndkey1
-	movups	0x10($inp),$rndkey0
-	xorps	$reserved(%rsp),$inout0	# ^= IV
-	xorps	$rndkey1,$inout1
-	movups	0x20($inp),$rndkey1
-	xorps	$rndkey0,$inout2
-	movups	0x30($inp),$rndkey0
-	xorps	$rndkey1,$inout3
-	movups	0x40($inp),$rndkey1
-	xorps	$rndkey0,$inout4
-	movups	0x50($inp),$rndkey0
-	xorps	$rndkey1,$inout5
-	movups	0x60($inp),$iv		# IV
-	xorps	$rndkey0,$inout6
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	movups	$inout5,0x50($out)
-	lea	0x60($out),$out
-	movaps	$inout6,$inout0
-	sub	\$0x70,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_one:
-___
-	&aesni_generate1("dec",$key,$rounds);
-$code.=<<___;
-	xorps	$iv,$inout0
-	movaps	$in0,$iv
-	sub	\$0x10,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_two:
-	xorps	$inout2,$inout2
-	call	_aesni_decrypt3
-	xorps	$iv,$inout0
-	xorps	$in0,$inout1
-	movups	$inout0,($out)
-	movaps	$in1,$iv
-	movaps	$inout1,$inout0
-	lea	0x10($out),$out
-	sub	\$0x20,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_three:
-	call	_aesni_decrypt3
-	xorps	$iv,$inout0
-	xorps	$in0,$inout1
-	movups	$inout0,($out)
-	xorps	$in1,$inout2
-	movups	$inout1,0x10($out)
-	movaps	$in2,$iv
-	movaps	$inout2,$inout0
-	lea	0x20($out),$out
-	sub	\$0x30,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_four:
-	call	_aesni_decrypt4
-	xorps	$iv,$inout0
-	movups	0x30($inp),$iv
-	xorps	$in0,$inout1
-	movups	$inout0,($out)
-	xorps	$in1,$inout2
-	movups	$inout1,0x10($out)
-	xorps	$in2,$inout3
-	movups	$inout2,0x20($out)
-	movaps	$inout3,$inout0
-	lea	0x30($out),$out
-	sub	\$0x40,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_five:
-	xorps	$inout5,$inout5
-	call	_aesni_decrypt6
-	movups	0x10($inp),$rndkey1
-	movups	0x20($inp),$rndkey0
-	xorps	$iv,$inout0
-	xorps	$in0,$inout1
-	xorps	$rndkey1,$inout2
-	movups	0x30($inp),$rndkey1
-	xorps	$rndkey0,$inout3
-	movups	0x40($inp),$iv
-	xorps	$rndkey1,$inout4
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	lea	0x40($out),$out
-	movaps	$inout4,$inout0
-	sub	\$0x50,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_six:
-	call	_aesni_decrypt6
-	movups	0x10($inp),$rndkey1
-	movups	0x20($inp),$rndkey0
-	xorps	$iv,$inout0
-	xorps	$in0,$inout1
-	xorps	$rndkey1,$inout2
-	movups	0x30($inp),$rndkey1
-	xorps	$rndkey0,$inout3
-	movups	0x40($inp),$rndkey0
-	xorps	$rndkey1,$inout4
-	movups	0x50($inp),$iv
-	xorps	$rndkey0,$inout5
-	movups	$inout0,($out)
-	movups	$inout1,0x10($out)
-	movups	$inout2,0x20($out)
-	movups	$inout3,0x30($out)
-	movups	$inout4,0x40($out)
-	lea	0x50($out),$out
-	movaps	$inout5,$inout0
-	sub	\$0x60,$len
-	jmp	.Lcbc_dec_tail_collected
-.align	16
-.Lcbc_dec_tail_collected:
-	and	\$15,$len
-	movups	$iv,($ivp)
-	jnz	.Lcbc_dec_tail_partial
-	movups	$inout0,($out)
-	jmp	.Lcbc_dec_ret
-.align	16
-.Lcbc_dec_tail_partial:
-	movaps	$inout0,$reserved(%rsp)
-	mov	\$16,%rcx
-	mov	$out,%rdi
-	sub	$len,%rcx
-	lea	$reserved(%rsp),%rsi
-	.long	0x9066A4F3	# rep movsb
-
-.Lcbc_dec_ret:
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsp),%xmm6
-	movaps	0x10(%rsp),%xmm7
-	movaps	0x20(%rsp),%xmm8
-	movaps	0x30(%rsp),%xmm9
-	lea	0x58(%rsp),%rsp
-___
-$code.=<<___;
-.Lcbc_ret:
-	ret
-.size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
-___
-} 
-# int $PREFIX_set_[en|de]crypt_key (const unsigned char *userKey,
-#				int bits, AES_KEY *key)
-{ my ($inp,$bits,$key) = @_4args;
-  $bits =~ s/%r/%e/;
-
-$code.=<<___;
-.globl	${PREFIX}_set_decrypt_key
-.type	${PREFIX}_set_decrypt_key,\@abi-omnipotent
-.align	16
-${PREFIX}_set_decrypt_key:
-	sub	\$8,%rsp
-	call	__aesni_set_encrypt_key
-	shl	\$4,$bits		# rounds-1 after _aesni_set_encrypt_key
-	test	%eax,%eax
-	jnz	.Ldec_key_ret
-	lea	16($key,$bits),$inp	# points at the end of key schedule
-
-	$movkey	($key),%xmm0		# just swap
-	$movkey	($inp),%xmm1
-	$movkey	%xmm0,($inp)
-	$movkey	%xmm1,($key)
-	lea	16($key),$key
-	lea	-16($inp),$inp
-
-.Ldec_key_inverse:
-	$movkey	($key),%xmm0		# swap and inverse
-	$movkey	($inp),%xmm1
-	aesimc	%xmm0,%xmm0
-	aesimc	%xmm1,%xmm1
-	lea	16($key),$key
-	lea	-16($inp),$inp
-	$movkey	%xmm0,16($inp)
-	$movkey	%xmm1,-16($key)
-	cmp	$key,$inp
-	ja	.Ldec_key_inverse
-
-	$movkey	($key),%xmm0		# inverse middle
-	aesimc	%xmm0,%xmm0
-	$movkey	%xmm0,($inp)
-.Ldec_key_ret:
-	add	\$8,%rsp
-	ret
-.LSEH_end_set_decrypt_key:
-.size	${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
-___
-
-# This is based on submission by
-#
-#	Huang Ying <ying.huang@intel.com>
-#	Vinodh Gopal <vinodh.gopal@intel.com>
-#	Kahraman Akdemir
-#
-# Agressively optimized in respect to aeskeygenassist's critical path
-# and is contained in %xmm0-5 to meet Win64 ABI requirement.
-#
-$code.=<<___;
-.globl	${PREFIX}_set_encrypt_key
-.type	${PREFIX}_set_encrypt_key,\@abi-omnipotent
-.align	16
-${PREFIX}_set_encrypt_key:
-__aesni_set_encrypt_key:
-	sub	\$8,%rsp
-	mov	\$-1,%rax
-	test	$inp,$inp
-	jz	.Lenc_key_ret
-	test	$key,$key
-	jz	.Lenc_key_ret
-
-	movups	($inp),%xmm0		# pull first 128 bits of *userKey
-	xorps	%xmm4,%xmm4		# low dword of xmm4 is assumed 0
-	lea	16($key),%rax
-	cmp	\$256,$bits
-	je	.L14rounds
-	cmp	\$192,$bits
-	je	.L12rounds
-	cmp	\$128,$bits
-	jne	.Lbad_keybits
-
-.L10rounds:
-	mov	\$9,$bits			# 10 rounds for 128-bit key
-	$movkey	%xmm0,($key)			# round 0
-	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 1
-	call		.Lkey_expansion_128_cold
-	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 2
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 3
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 4
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 5
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 6
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x40,%xmm0,%xmm1	# round 7
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x80,%xmm0,%xmm1	# round 8
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x1b,%xmm0,%xmm1	# round 9
-	call		.Lkey_expansion_128
-	aeskeygenassist	\$0x36,%xmm0,%xmm1	# round 10
-	call		.Lkey_expansion_128
-	$movkey	%xmm0,(%rax)
-	mov	$bits,80(%rax)	# 240(%rdx)
-	xor	%eax,%eax
-	jmp	.Lenc_key_ret
-
-.align	16
-.L12rounds:
-	movq	16($inp),%xmm2			# remaining 1/3 of *userKey
-	mov	\$11,$bits			# 12 rounds for 192
-	$movkey	%xmm0,($key)			# round 0
-	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 1,2
-	call		.Lkey_expansion_192a_cold
-	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 2,3
-	call		.Lkey_expansion_192b
-	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 4,5
-	call		.Lkey_expansion_192a
-	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 5,6
-	call		.Lkey_expansion_192b
-	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 7,8
-	call		.Lkey_expansion_192a
-	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 8,9
-	call		.Lkey_expansion_192b
-	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 10,11
-	call		.Lkey_expansion_192a
-	aeskeygenassist	\$0x80,%xmm2,%xmm1	# round 11,12
-	call		.Lkey_expansion_192b
-	$movkey	%xmm0,(%rax)
-	mov	$bits,48(%rax)	# 240(%rdx)
-	xor	%rax, %rax
-	jmp	.Lenc_key_ret
-
-.align	16
-.L14rounds:
-	movups	16($inp),%xmm2			# remaning half of *userKey
-	mov	\$13,$bits			# 14 rounds for 256
-	lea	16(%rax),%rax
-	$movkey	%xmm0,($key)			# round 0
-	$movkey	%xmm2,16($key)			# round 1
-	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 2
-	call		.Lkey_expansion_256a_cold
-	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 3
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 4
-	call		.Lkey_expansion_256a
-	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 5
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 6
-	call		.Lkey_expansion_256a
-	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 7
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 8
-	call		.Lkey_expansion_256a
-	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 9
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 10
-	call		.Lkey_expansion_256a
-	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 11
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 12
-	call		.Lkey_expansion_256a
-	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 13
-	call		.Lkey_expansion_256b
-	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 14
-	call		.Lkey_expansion_256a
-	$movkey	%xmm0,(%rax)
-	mov	$bits,16(%rax)	# 240(%rdx)
-	xor	%rax,%rax
-	jmp	.Lenc_key_ret
-
-.align	16
-.Lbad_keybits:
-	mov	\$-2,%rax
-.Lenc_key_ret:
-	add	\$8,%rsp
-	ret
-.LSEH_end_set_encrypt_key:
-
-.align	16
-.Lkey_expansion_128:
-	$movkey	%xmm0,(%rax)
-	lea	16(%rax),%rax
-.Lkey_expansion_128_cold:
-	shufps	\$0b00010000,%xmm0,%xmm4
-	xorps	%xmm4, %xmm0
-	shufps	\$0b10001100,%xmm0,%xmm4
-	xorps	%xmm4, %xmm0
-	shufps	\$0b11111111,%xmm1,%xmm1	# critical path
-	xorps	%xmm1,%xmm0
-	ret
-
-.align 16
-.Lkey_expansion_192a:
-	$movkey	%xmm0,(%rax)
-	lea	16(%rax),%rax
-.Lkey_expansion_192a_cold:
-	movaps	%xmm2, %xmm5
-.Lkey_expansion_192b_warm:
-	shufps	\$0b00010000,%xmm0,%xmm4
-	movdqa	%xmm2,%xmm3
-	xorps	%xmm4,%xmm0
-	shufps	\$0b10001100,%xmm0,%xmm4
-	pslldq	\$4,%xmm3
-	xorps	%xmm4,%xmm0
-	pshufd	\$0b01010101,%xmm1,%xmm1	# critical path
-	pxor	%xmm3,%xmm2
-	pxor	%xmm1,%xmm0
-	pshufd	\$0b11111111,%xmm0,%xmm3
-	pxor	%xmm3,%xmm2
-	ret
-
-.align 16
-.Lkey_expansion_192b:
-	movaps	%xmm0,%xmm3
-	shufps	\$0b01000100,%xmm0,%xmm5
-	$movkey	%xmm5,(%rax)
-	shufps	\$0b01001110,%xmm2,%xmm3
-	$movkey	%xmm3,16(%rax)
-	lea	32(%rax),%rax
-	jmp	.Lkey_expansion_192b_warm
-
-.align	16
-.Lkey_expansion_256a:
-	$movkey	%xmm2,(%rax)
-	lea	16(%rax),%rax
-.Lkey_expansion_256a_cold:
-	shufps	\$0b00010000,%xmm0,%xmm4
-	xorps	%xmm4,%xmm0
-	shufps	\$0b10001100,%xmm0,%xmm4
-	xorps	%xmm4,%xmm0
-	shufps	\$0b11111111,%xmm1,%xmm1	# critical path
-	xorps	%xmm1,%xmm0
-	ret
-
-.align 16
-.Lkey_expansion_256b:
-	$movkey	%xmm0,(%rax)
-	lea	16(%rax),%rax
-
-	shufps	\$0b00010000,%xmm2,%xmm4
-	xorps	%xmm4,%xmm2
-	shufps	\$0b10001100,%xmm2,%xmm4
-	xorps	%xmm4,%xmm2
-	shufps	\$0b10101010,%xmm1,%xmm1	# critical path
-	xorps	%xmm1,%xmm2
-	ret
-.size	${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
-.size	__aesni_set_encrypt_key,.-__aesni_set_encrypt_key
-___
-}
-
-$code.=<<___;
-.align	64
-.Lbswap_mask:
-	.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
-.Lincrement32:
-	.long	6,6,6,0
-.Lincrement64:
-	.long	1,0,0,0
-.Lxts_magic:
-	.long	0x87,0,1,0
-
-.asciz  "AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-___
-$code.=<<___ if ($PREFIX eq "aesni");
-.type	ecb_se_handler,\@abi-omnipotent
-.align	16
-ecb_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	jmp	.Lcommon_seh_tail
-.size	ecb_se_handler,.-ecb_se_handler
-
-.type	ccm64_se_handler,\@abi-omnipotent
-.align	16
-ccm64_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lcommon_seh_tail
-
-	lea	0(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$8,%ecx		# 4*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0x58(%rax),%rax		# adjust stack pointer
-
-	jmp	.Lcommon_seh_tail
-.size	ccm64_se_handler,.-ccm64_se_handler
-
-.type	ctr32_se_handler,\@abi-omnipotent
-.align	16
-ctr32_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lctr32_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<"prologue" label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	lea	.Lctr32_ret(%rip),%r10
-	cmp	%r10,%rbx
-	jae	.Lcommon_seh_tail
-
-	lea	0x20(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0xc8(%rax),%rax		# adjust stack pointer
-
-	jmp	.Lcommon_seh_tail
-.size	ctr32_se_handler,.-ctr32_se_handler
-
-.type	xts_se_handler,\@abi-omnipotent
-.align	16
-xts_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue lable
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lcommon_seh_tail
-
-	lea	0x60(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# & context.Xmm6
-	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0x68+160(%rax),%rax	# adjust stack pointer
-
-	jmp	.Lcommon_seh_tail
-.size	xts_se_handler,.-xts_se_handler
-___
-$code.=<<___;
-.type	cbc_se_handler,\@abi-omnipotent
-.align	16
-cbc_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	152($context),%rax	# pull context->Rsp
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lcbc_decrypt(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<"prologue" label
-	jb	.Lcommon_seh_tail
-
-	lea	.Lcbc_decrypt_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<cbc_decrypt_body
-	jb	.Lrestore_cbc_rax
-
-	lea	.Lcbc_ret(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>="epilogue" label
-	jae	.Lcommon_seh_tail
-
-	lea	0(%rax),%rsi		# top of stack
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$8,%ecx		# 4*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0x58(%rax),%rax		# adjust stack pointer
-	jmp	.Lcommon_seh_tail
-
-.Lrestore_cbc_rax:
-	mov	120($context),%rax
-
-.Lcommon_seh_tail:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	cbc_se_handler,.-cbc_se_handler
-
-.section	.pdata
-.align	4
-___
-$code.=<<___ if ($PREFIX eq "aesni");
-	.rva	.LSEH_begin_aesni_ecb_encrypt
-	.rva	.LSEH_end_aesni_ecb_encrypt
-	.rva	.LSEH_info_ecb
-
-	.rva	.LSEH_begin_aesni_ccm64_encrypt_blocks
-	.rva	.LSEH_end_aesni_ccm64_encrypt_blocks
-	.rva	.LSEH_info_ccm64_enc
-
-	.rva	.LSEH_begin_aesni_ccm64_decrypt_blocks
-	.rva	.LSEH_end_aesni_ccm64_decrypt_blocks
-	.rva	.LSEH_info_ccm64_dec
-
-	.rva	.LSEH_begin_aesni_ctr32_encrypt_blocks
-	.rva	.LSEH_end_aesni_ctr32_encrypt_blocks
-	.rva	.LSEH_info_ctr32
-
-	.rva	.LSEH_begin_aesni_xts_encrypt
-	.rva	.LSEH_end_aesni_xts_encrypt
-	.rva	.LSEH_info_xts_enc
-
-	.rva	.LSEH_begin_aesni_xts_decrypt
-	.rva	.LSEH_end_aesni_xts_decrypt
-	.rva	.LSEH_info_xts_dec
-___
-$code.=<<___;
-	.rva	.LSEH_begin_${PREFIX}_cbc_encrypt
-	.rva	.LSEH_end_${PREFIX}_cbc_encrypt
-	.rva	.LSEH_info_cbc
-
-	.rva	${PREFIX}_set_decrypt_key
-	.rva	.LSEH_end_set_decrypt_key
-	.rva	.LSEH_info_key
-
-	.rva	${PREFIX}_set_encrypt_key
-	.rva	.LSEH_end_set_encrypt_key
-	.rva	.LSEH_info_key
-.section	.xdata
-.align	8
-___
-$code.=<<___ if ($PREFIX eq "aesni");
-.LSEH_info_ecb:
-	.byte	9,0,0,0
-	.rva	ecb_se_handler
-.LSEH_info_ccm64_enc:
-	.byte	9,0,0,0
-	.rva	ccm64_se_handler
-	.rva	.Lccm64_enc_body,.Lccm64_enc_ret	# HandlerData[]
-.LSEH_info_ccm64_dec:
-	.byte	9,0,0,0
-	.rva	ccm64_se_handler
-	.rva	.Lccm64_dec_body,.Lccm64_dec_ret	# HandlerData[]
-.LSEH_info_ctr32:
-	.byte	9,0,0,0
-	.rva	ctr32_se_handler
-.LSEH_info_xts_enc:
-	.byte	9,0,0,0
-	.rva	xts_se_handler
-	.rva	.Lxts_enc_body,.Lxts_enc_epilogue	# HandlerData[]
-.LSEH_info_xts_dec:
-	.byte	9,0,0,0
-	.rva	xts_se_handler
-	.rva	.Lxts_dec_body,.Lxts_dec_epilogue	# HandlerData[]
-___
-$code.=<<___;
-.LSEH_info_cbc:
-	.byte	9,0,0,0
-	.rva	cbc_se_handler
-.LSEH_info_key:
-	.byte	0x01,0x04,0x01,0x00
-	.byte	0x04,0x02,0x00,0x00	# sub rsp,8
-___
-}
-
-sub rex {
-  local *opcode=shift;
-  my ($dst,$src)=@_;
-  my $rex=0;
-
-    $rex|=0x04			if($dst>=8);
-    $rex|=0x01			if($src>=8);
-    push @opcode,$rex|0x40	if($rex);
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/bsaes-x86_64.pl b/lib/libssl/src/crypto/aes/asm/bsaes-x86_64.pl
deleted file mode 100644
index 41b90f08443..00000000000
--- a/lib/libssl/src/crypto/aes/asm/bsaes-x86_64.pl
+++ /dev/null
@@ -1,3108 +0,0 @@
-#!/usr/bin/env perl
-
-###################################################################
-### AES-128 [originally in CTR mode]				###
-### bitsliced implementation for Intel Core 2 processors	###
-### requires support of SSE extensions up to SSSE3		###
-### Author: Emilia Käsper and Peter Schwabe			###
-### Date: 2009-03-19						###
-### Public domain						###
-###								###
-### See http://homes.esat.kuleuven.be/~ekasper/#software for	###
-### further information.					###
-###################################################################
-#
-# September 2011.
-#
-# Started as transliteration to "perlasm" the original code has
-# undergone following changes:
-#
-# - code was made position-independent;
-# - rounds were folded into a loop resulting in >5x size reduction
-#   from 12.5KB to 2.2KB;
-# - above was possibile thanks to mixcolumns() modification that
-#   allowed to feed its output back to aesenc[last], this was
-#   achieved at cost of two additional inter-registers moves;
-# - some instruction reordering and interleaving;
-# - this module doesn't implement key setup subroutine, instead it
-#   relies on conversion of "conventional" key schedule as returned
-#   by AES_set_encrypt_key (see discussion below);
-# - first and last round keys are treated differently, which allowed
-#   to skip one shiftrows(), reduce bit-sliced key schedule and
-#   speed-up conversion by 22%;
-# - support for 192- and 256-bit keys was added;
-#
-# Resulting performance in CPU cycles spent to encrypt one byte out
-# of 4096-byte buffer with 128-bit key is:
-#
-#		Emilia's	this(*)		difference
-#
-# Core 2    	9.30		8.69		+7%
-# Nehalem(**) 	7.63		6.98		+9%
-# Atom	    	17.1		17.4		-2%(***)
-#
-# (*)	Comparison is not completely fair, because "this" is ECB,
-#	i.e. no extra processing such as counter values calculation
-#	and xor-ing input as in Emilia's CTR implementation is
-#	performed. However, the CTR calculations stand for not more
-#	than 1% of total time, so comparison is *rather* fair.
-#
-# (**)	Results were collected on Westmere, which is considered to
-#	be equivalent to Nehalem for this code.
-#
-# (***)	Slowdown on Atom is rather strange per se, because original
-#	implementation has a number of 9+-bytes instructions, which
-#	are bad for Atom front-end, and which I eliminated completely.
-#	In attempt to address deterioration sbox() was tested in FP
-#	SIMD "domain" (movaps instead of movdqa, xorps instead of
-#	pxor, etc.). While it resulted in nominal 4% improvement on
-#	Atom, it hurted Westmere by more than 2x factor.
-#
-# As for key schedule conversion subroutine. Interface to OpenSSL
-# relies on per-invocation on-the-fly conversion. This naturally
-# has impact on performance, especially for short inputs. Conversion
-# time in CPU cycles and its ratio to CPU cycles spent in 8x block
-# function is:
-#
-# 		conversion	conversion/8x block
-# Core 2	240		0.22
-# Nehalem	180		0.20
-# Atom		430		0.19
-#
-# The ratio values mean that 128-byte blocks will be processed
-# 16-18% slower, 256-byte blocks - 9-10%, 384-byte blocks - 6-7%,
-# etc. Then keep in mind that input sizes not divisible by 128 are
-# *effectively* slower, especially shortest ones, e.g. consecutive
-# 144-byte blocks are processed 44% slower than one would expect,
-# 272 - 29%, 400 - 22%, etc. Yet, despite all these "shortcomings"
-# it's still faster than ["hyper-threading-safe" code path in]
-# aes-x86_64.pl on all lengths above 64 bytes...
-#
-# October 2011.
-#
-# Add decryption procedure. Performance in CPU cycles spent to decrypt
-# one byte out of 4096-byte buffer with 128-bit key is:
-#
-# Core 2	9.83
-# Nehalem	7.74
-# Atom		19.0
-#
-# November 2011.
-#
-# Add bsaes_xts_[en|de]crypt. Less-than-80-bytes-block performance is
-# suboptimal, but XTS is meant to be used with larger blocks...
-#
-#						<appro@openssl.org>
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
-my @XMM=map("%xmm$_",(15,0..14));	# best on Atom, +10% over (0..15)
-my $ecb=0;	# suppress unreferenced ECB subroutines, spare some space...
-
-{
-my ($key,$rounds,$const)=("%rax","%r10d","%r11");
-
-sub Sbox {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb
-my @b=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-	&InBasisChange	(@b);
-	&Inv_GF256	(@b[6,5,0,3,7,1,4,2],@t,@s);
-	&OutBasisChange	(@b[7,1,4,2,6,5,0,3]);
-}
-
-sub InBasisChange {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb 
-my @b=@_[0..7];
-$code.=<<___;
-	pxor	@b[6], @b[5]
-	pxor	@b[1], @b[2]
-	pxor	@b[0], @b[3]
-	pxor	@b[2], @b[6]
-	pxor 	@b[0], @b[5]
-
-	pxor	@b[3], @b[6]
-	pxor	@b[7], @b[3]
-	pxor	@b[5], @b[7]
-	pxor	@b[4], @b[3]
-	pxor	@b[5], @b[4]
-	pxor	@b[1], @b[3]
-
-	pxor	@b[7], @b[2]
-	pxor	@b[5], @b[1]
-___
-}
-
-sub OutBasisChange {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb
-my @b=@_[0..7];
-$code.=<<___;
-	pxor	@b[6], @b[0]
-	pxor	@b[4], @b[1]
-	pxor	@b[0], @b[2]
-	pxor	@b[6], @b[4]
-	pxor	@b[1], @b[6]
-
-	pxor	@b[5], @b[1]
-	pxor	@b[3], @b[5]
-	pxor	@b[7], @b[3]
-	pxor	@b[5], @b[7]
-	pxor	@b[5], @b[2]
-
-	pxor	@b[7], @b[4]
-___
-}
-
-sub InvSbox {
-# input in lsb 	> [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb	> [b0, b1, b6, b4, b2, b7, b3, b5] < msb
-my @b=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-	&InvInBasisChange	(@b);
-	&Inv_GF256		(@b[5,1,2,6,3,7,0,4],@t,@s);
-	&InvOutBasisChange	(@b[3,7,0,4,5,1,2,6]);
-}
-
-sub InvInBasisChange {		# OutBasisChange in reverse
-my @b=@_[5,1,2,6,3,7,0,4];
-$code.=<<___
-	pxor	@b[7], @b[4]
-
-	pxor	@b[5], @b[7]
-	pxor	@b[5], @b[2]
-	pxor	@b[7], @b[3]
-	pxor	@b[3], @b[5]
-	pxor	@b[5], @b[1]
-
-	pxor	@b[1], @b[6]
-	pxor	@b[0], @b[2]
-	pxor	@b[6], @b[4]
-	pxor	@b[6], @b[0]
-	pxor	@b[4], @b[1]
-___
-}
-
-sub InvOutBasisChange {		# InBasisChange in reverse
-my @b=@_[2,5,7,3,6,1,0,4];
-$code.=<<___;
-	pxor	@b[5], @b[1]
-	pxor	@b[7], @b[2]
-
-	pxor	@b[1], @b[3]
-	pxor	@b[5], @b[4]
-	pxor	@b[5], @b[7]
-	pxor	@b[4], @b[3]
-	 pxor 	@b[0], @b[5]
-	pxor	@b[7], @b[3]
-	 pxor	@b[2], @b[6]
-	 pxor	@b[1], @b[2]
-	pxor	@b[3], @b[6]
-
-	pxor	@b[0], @b[3]
-	pxor	@b[6], @b[5]
-___
-}
-
-sub Mul_GF4 {
-#;*************************************************************
-#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) *
-#;*************************************************************
-my ($x0,$x1,$y0,$y1,$t0)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	pxor 	$y1, $t0
-	pand	$x0, $t0
-	pxor	$x1, $x0
-	pand	$y0, $x1
-	pand	$y1, $x0
-	pxor	$x1, $x0
-	pxor	$t0, $x1
-___
-}
-
-sub Mul_GF4_N {				# not used, see next subroutine
-# multiply and scale by N
-my ($x0,$x1,$y0,$y1,$t0)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	pxor	$y1, $t0
-	pand	$x0, $t0
-	pxor	$x1, $x0
-	pand	$y0, $x1
-	pand	$y1, $x0
-	pxor	$x0, $x1
-	pxor	$t0, $x0
-___
-}
-
-sub Mul_GF4_N_GF4 {
-# interleaved Mul_GF4_N and Mul_GF4
-my ($x0,$x1,$y0,$y1,$t0,
-    $x2,$x3,$y2,$y3,$t1)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	 movdqa	$y2, $t1
-	pxor	$y1, $t0
-	 pxor 	$y3, $t1
-	pand	$x0, $t0
-	 pand	$x2, $t1
-	pxor	$x1, $x0
-	 pxor	$x3, $x2
-	pand	$y0, $x1
-	 pand	$y2, $x3
-	pand	$y1, $x0
-	 pand	$y3, $x2
-	pxor	$x0, $x1
-	 pxor	$x3, $x2
-	pxor	$t0, $x0
-	 pxor	$t1, $x3
-___
-}
-sub Mul_GF16_2 {
-my @x=@_[0..7];
-my @y=@_[8..11];
-my @t=@_[12..15];
-$code.=<<___;
-	movdqa	@x[0], @t[0]
-	movdqa	@x[1], @t[1]
-___
-	&Mul_GF4  	(@x[0], @x[1], @y[0], @y[1], @t[2]);
-$code.=<<___;
-	pxor	@x[2], @t[0]
-	pxor	@x[3], @t[1]
-	pxor	@y[2], @y[0]
-	pxor	@y[3], @y[1]
-___
-	Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
-			 @x[2], @x[3], @y[2], @y[3], @t[2]);
-$code.=<<___;
-	pxor	@t[0], @x[0]
-	pxor	@t[0], @x[2]
-	pxor	@t[1], @x[1]
-	pxor	@t[1], @x[3]
-
-	movdqa	@x[4], @t[0]
-	movdqa	@x[5], @t[1]
-	pxor	@x[6], @t[0]
-	pxor	@x[7], @t[1]
-___
-	&Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
-			 @x[6], @x[7], @y[2], @y[3], @t[2]);
-$code.=<<___;
-	pxor	@y[2], @y[0]
-	pxor	@y[3], @y[1]
-___
-	&Mul_GF4  	(@x[4], @x[5], @y[0], @y[1], @t[3]);
-$code.=<<___;
-	pxor	@t[0], @x[4]
-	pxor	@t[0], @x[6]
-	pxor	@t[1], @x[5]
-	pxor	@t[1], @x[7]
-___
-}
-sub Inv_GF256 {
-#;********************************************************************
-#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144)       *
-#;********************************************************************
-my @x=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-# direct optimizations from hardware
-$code.=<<___;
-	movdqa	@x[4], @t[3]
-	movdqa	@x[5], @t[2]
-	movdqa	@x[1], @t[1]
-	movdqa	@x[7], @s[1]
-	movdqa	@x[0], @s[0]
-
-	pxor	@x[6], @t[3]
-	pxor	@x[7], @t[2]
-	pxor	@x[3], @t[1]
-	 movdqa	@t[3], @s[2]
-	pxor	@x[6], @s[1]
-	 movdqa	@t[2], @t[0]
-	pxor	@x[2], @s[0]
-	 movdqa	@t[3], @s[3]
-
-	por	@t[1], @t[2]
-	por	@s[0], @t[3]
-	pxor	@t[0], @s[3]
-	pand	@s[0], @s[2]
-	pxor	@t[1], @s[0]
-	pand	@t[1], @t[0]
-	pand	@s[0], @s[3]
-	movdqa	@x[3], @s[0]
-	pxor	@x[2], @s[0]
-	pand	@s[0], @s[1]
-	pxor	@s[1], @t[3]
-	pxor	@s[1], @t[2]
-	movdqa	@x[4], @s[1]
-	movdqa	@x[1], @s[0]
-	pxor	@x[5], @s[1]
-	pxor	@x[0], @s[0]
-	movdqa	@s[1], @t[1]
-	pand	@s[0], @s[1]
-	por	@s[0], @t[1]
-	pxor	@s[1], @t[0]
-	pxor	@s[3], @t[3]
-	pxor	@s[2], @t[2]
-	pxor	@s[3], @t[1]
-	movdqa	@x[7], @s[0]
-	pxor	@s[2], @t[0]
-	movdqa	@x[6], @s[1]
-	pxor	@s[2], @t[1]
-	movdqa	@x[5], @s[2]
-	pand	@x[3], @s[0]
-	movdqa	@x[4], @s[3]
-	pand	@x[2], @s[1]
-	pand	@x[1], @s[2]
-	por	@x[0], @s[3]
-	pxor	@s[0], @t[3]
-	pxor	@s[1], @t[2]
-	pxor	@s[2], @t[1]
-	pxor	@s[3], @t[0] 
-
-	#Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3
-
-	# new smaller inversion
-
-	movdqa	@t[3], @s[0]
-	pand	@t[1], @t[3]
-	pxor	@t[2], @s[0]
-
-	movdqa	@t[0], @s[2]
-	movdqa	@s[0], @s[3]
-	pxor	@t[3], @s[2]
-	pand	@s[2], @s[3]
-
-	movdqa	@t[1], @s[1]
-	pxor	@t[2], @s[3]
-	pxor	@t[0], @s[1]
-
-	pxor	@t[2], @t[3]
-
-	pand	@t[3], @s[1]
-
-	movdqa	@s[2], @t[2]
-	pxor	@t[0], @s[1]
-
-	pxor	@s[1], @t[2]
-	pxor	@s[1], @t[1]
-
-	pand	@t[0], @t[2]
-
-	pxor	@t[2], @s[2]
-	pxor	@t[2], @t[1]
-
-	pand	@s[3], @s[2]
-
-	pxor	@s[0], @s[2]
-___
-# output in s3, s2, s1, t1
-
-# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3
-
-# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3
-	&Mul_GF16_2(@x,@s[3,2,1],@t[1],@s[0],@t[0,2,3]);
-
-### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb
-}
-
-# AES linear components
-
-sub ShiftRows {
-my @x=@_[0..7];
-my $mask=pop;
-$code.=<<___;
-	pxor	0x00($key),@x[0]
-	pxor	0x10($key),@x[1]
-	pshufb	$mask,@x[0]
-	pxor	0x20($key),@x[2]
-	pshufb	$mask,@x[1]
-	pxor	0x30($key),@x[3]
-	pshufb	$mask,@x[2]
-	pxor	0x40($key),@x[4]
-	pshufb	$mask,@x[3]
-	pxor	0x50($key),@x[5]
-	pshufb	$mask,@x[4]
-	pxor	0x60($key),@x[6]
-	pshufb	$mask,@x[5]
-	pxor	0x70($key),@x[7]
-	pshufb	$mask,@x[6]
-	lea	0x80($key),$key
-	pshufb	$mask,@x[7]
-___
-}
-
-sub MixColumns {
-# modified to emit output in order suitable for feeding back to aesenc[last]
-my @x=@_[0..7];
-my @t=@_[8..15];
-my $inv=@_[16];	# optional
-$code.=<<___;
-	pshufd	\$0x93, @x[0], @t[0]	# x0 <<< 32
-	pshufd	\$0x93, @x[1], @t[1]
-	 pxor	@t[0], @x[0]		# x0 ^ (x0 <<< 32)
-	pshufd	\$0x93, @x[2], @t[2]
-	 pxor	@t[1], @x[1]
-	pshufd	\$0x93, @x[3], @t[3]
-	 pxor	@t[2], @x[2]
-	pshufd	\$0x93, @x[4], @t[4]
-	 pxor	@t[3], @x[3]
-	pshufd	\$0x93, @x[5], @t[5]
-	 pxor	@t[4], @x[4]
-	pshufd	\$0x93, @x[6], @t[6]
-	 pxor	@t[5], @x[5]
-	pshufd	\$0x93, @x[7], @t[7]
-	 pxor	@t[6], @x[6]
-	 pxor	@t[7], @x[7]
-
-	pxor	@x[0], @t[1]
-	pxor	@x[7], @t[0]
-	pxor	@x[7], @t[1]
-	 pshufd	\$0x4E, @x[0], @x[0] 	# (x0 ^ (x0 <<< 32)) <<< 64)
-	pxor	@x[1], @t[2]
-	 pshufd	\$0x4E, @x[1], @x[1]
-	pxor	@x[4], @t[5]
-	 pxor	@t[0], @x[0]
-	pxor	@x[5], @t[6]
-	 pxor	@t[1], @x[1]
-	pxor	@x[3], @t[4]
-	 pshufd	\$0x4E, @x[4], @t[0]
-	pxor	@x[6], @t[7]
-	 pshufd	\$0x4E, @x[5], @t[1]
-	pxor	@x[2], @t[3]
-	 pshufd	\$0x4E, @x[3], @x[4]
-	pxor	@x[7], @t[3]
-	 pshufd	\$0x4E, @x[7], @x[5]
-	pxor	@x[7], @t[4]
-	 pshufd	\$0x4E, @x[6], @x[3]
-	pxor	@t[4], @t[0]
-	 pshufd	\$0x4E, @x[2], @x[6]
-	pxor	@t[5], @t[1]
-___
-$code.=<<___ if (!$inv);
-	pxor	@t[3], @x[4]
-	pxor	@t[7], @x[5]
-	pxor	@t[6], @x[3]
-	 movdqa	@t[0], @x[2]
-	pxor	@t[2], @x[6]
-	 movdqa	@t[1], @x[7]
-___
-$code.=<<___ if ($inv);
-	pxor	@x[4], @t[3]
-	pxor	@t[7], @x[5]
-	pxor	@x[3], @t[6]
-	 movdqa	@t[0], @x[3]
-	pxor	@t[2], @x[6]
-	 movdqa	@t[6], @x[2]
-	 movdqa	@t[1], @x[7]
-	 movdqa	@x[6], @x[4]
-	 movdqa	@t[3], @x[6]
-___
-}
-
-sub InvMixColumns_orig {
-my @x=@_[0..7];
-my @t=@_[8..15];
-
-$code.=<<___;
-	# multiplication by 0x0e
-	pshufd	\$0x93, @x[7], @t[7]
-	movdqa	@x[2], @t[2]
-	pxor	@x[5], @x[7]		# 7 5
-	pxor	@x[5], @x[2]		# 2 5
-	pshufd	\$0x93, @x[0], @t[0]
-	movdqa	@x[5], @t[5]
-	pxor	@x[0], @x[5]		# 5 0		[1]
-	pxor	@x[1], @x[0]		# 0 1
-	pshufd	\$0x93, @x[1], @t[1]
-	pxor	@x[2], @x[1]		# 1 25
-	pxor	@x[6], @x[0]		# 01 6		[2]
-	pxor	@x[3], @x[1]		# 125 3		[4]
-	pshufd	\$0x93, @x[3], @t[3]
-	pxor	@x[0], @x[2]		# 25 016	[3]
-	pxor	@x[7], @x[3]		# 3 75
-	pxor	@x[6], @x[7]		# 75 6		[0]
-	pshufd	\$0x93, @x[6], @t[6]
-	movdqa	@x[4], @t[4]
-	pxor	@x[4], @x[6]		# 6 4
-	pxor	@x[3], @x[4]		# 4 375		[6]
-	pxor	@x[7], @x[3]		# 375 756=36
-	pxor	@t[5], @x[6]		# 64 5		[7]
-	pxor	@t[2], @x[3]		# 36 2
-	pxor	@t[4], @x[3]		# 362 4		[5]
-	pshufd	\$0x93, @t[5], @t[5]
-___
-					my @y = @x[7,5,0,2,1,3,4,6];
-$code.=<<___;
-	# multiplication by 0x0b
-	pxor	@y[0], @y[1]
-	pxor	@t[0], @y[0]
-	pxor	@t[1], @y[1]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[5], @y[0]
-	pxor	@t[6], @y[1]
-	pxor	@t[7], @y[0]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[6], @t[7]		# clobber t[7]
-	pxor	@y[0], @y[1]
-
-	pxor	@t[0], @y[3]
-	pshufd	\$0x93, @t[0], @t[0]
-	pxor	@t[1], @y[2]
-	pxor	@t[1], @y[4]
-	pxor	@t[2], @y[2]
-	pshufd	\$0x93, @t[1], @t[1]
-	pxor	@t[2], @y[3]
-	pxor	@t[2], @y[5]
-	pxor	@t[7], @y[2]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[3], @y[3]
-	pxor	@t[3], @y[6]
-	pxor	@t[3], @y[4]
-	pshufd	\$0x93, @t[3], @t[3]
-	pxor	@t[4], @y[7]
-	pxor	@t[4], @y[5]
-	pxor	@t[7], @y[7]
-	pxor	@t[5], @y[3]
-	pxor	@t[4], @y[4]
-	pxor	@t[5], @t[7]		# clobber t[7] even more
-
-	pxor	@t[7], @y[5]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[7], @y[6]
-	pxor	@t[7], @y[4]
-
-	pxor	@t[5], @t[7]
-	pshufd	\$0x93, @t[5], @t[5]
-	pxor	@t[6], @t[7]		# restore t[7]
-
-	# multiplication by 0x0d
-	pxor	@y[7], @y[4]
-	pxor	@t[4], @y[7]
-	pshufd	\$0x93, @t[6], @t[6]
-	pxor	@t[0], @y[2]
-	pxor	@t[5], @y[7]
-	pxor	@t[2], @y[2]
-	pshufd	\$0x93, @t[7], @t[7]
-
-	pxor	@y[1], @y[3]
-	pxor	@t[1], @y[1]
-	pxor	@t[0], @y[0]
-	pxor	@t[0], @y[3]
-	pxor	@t[5], @y[1]
-	pxor	@t[5], @y[0]
-	pxor	@t[7], @y[1]
-	pshufd	\$0x93, @t[0], @t[0]
-	pxor	@t[6], @y[0]
-	pxor	@y[1], @y[3]
-	pxor	@t[1], @y[4]
-	pshufd	\$0x93, @t[1], @t[1]
-
-	pxor	@t[7], @y[7]
-	pxor	@t[2], @y[4]
-	pxor	@t[2], @y[5]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[6], @y[2]
-	pxor	@t[3], @t[6]		# clobber t[6]
-	pxor	@y[7], @y[4]
-	pxor	@t[6], @y[3]
-
-	pxor	@t[6], @y[6]
-	pxor	@t[5], @y[5]
-	pxor	@t[4], @y[6]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[6], @y[5]
-	pxor	@t[7], @y[6]
-	pxor	@t[3], @t[6]		# restore t[6]
-
-	pshufd	\$0x93, @t[5], @t[5]
-	pshufd	\$0x93, @t[6], @t[6]
-	pshufd	\$0x93, @t[7], @t[7]
-	pshufd	\$0x93, @t[3], @t[3]
-
-	# multiplication by 0x09
-	pxor	@y[1], @y[4]
-	pxor	@y[1], @t[1]		# t[1]=y[1]
-	pxor	@t[5], @t[0]		# clobber t[0]
-	pxor	@t[5], @t[1]
-	pxor	@t[0], @y[3]
-	pxor	@y[0], @t[0]		# t[0]=y[0]
-	pxor	@t[6], @t[1]
-	pxor	@t[7], @t[6]		# clobber t[6]
-	pxor	@t[1], @y[4]
-	pxor	@t[4], @y[7]
-	pxor	@y[4], @t[4]		# t[4]=y[4]
-	pxor	@t[3], @y[6]
-	pxor	@y[3], @t[3]		# t[3]=y[3]
-	pxor	@t[2], @y[5]
-	pxor	@y[2], @t[2]		# t[2]=y[2]
-	pxor	@t[7], @t[3]
-	pxor	@y[5], @t[5]		# t[5]=y[5]
-	pxor	@t[6], @t[2]
-	pxor	@t[6], @t[5]
-	pxor	@y[6], @t[6]		# t[6]=y[6]
-	pxor	@y[7], @t[7]		# t[7]=y[7]
-
-	movdqa	@t[0],@XMM[0]
-	movdqa	@t[1],@XMM[1]
-	movdqa	@t[2],@XMM[2]
-	movdqa	@t[3],@XMM[3]
-	movdqa	@t[4],@XMM[4]
-	movdqa	@t[5],@XMM[5]
-	movdqa	@t[6],@XMM[6]
-	movdqa	@t[7],@XMM[7]
-___
-}
-
-sub InvMixColumns {
-my @x=@_[0..7];
-my @t=@_[8..15];
-
-# Thanks to Jussi Kivilinna for providing pointer to
-#
-# | 0e 0b 0d 09 |   | 02 03 01 01 |   | 05 00 04 00 |
-# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
-# | 0d 09 0e 0b |   | 01 01 02 03 |   | 04 00 05 00 |
-# | 0b 0d 09 0e |   | 03 01 01 02 |   | 00 04 00 05 |
-
-$code.=<<___;
-	# multiplication by 0x05-0x00-0x04-0x00
-	pshufd	\$0x4E, @x[0], @t[0]
-	pshufd	\$0x4E, @x[6], @t[6]
-	pxor	@x[0], @t[0]
-	pshufd	\$0x4E, @x[7], @t[7]
-	pxor	@x[6], @t[6]
-	pshufd	\$0x4E, @x[1], @t[1]
-	pxor	@x[7], @t[7]
-	pshufd	\$0x4E, @x[2], @t[2]
-	pxor	@x[1], @t[1]
-	pshufd	\$0x4E, @x[3], @t[3]
-	pxor	@x[2], @t[2]
-	 pxor	@t[6], @x[0]
-	 pxor	@t[6], @x[1]
-	pshufd	\$0x4E, @x[4], @t[4]
-	pxor	@x[3], @t[3]
-	 pxor	@t[0], @x[2]
-	 pxor	@t[1], @x[3]
-	pshufd	\$0x4E, @x[5], @t[5]
-	pxor	@x[4], @t[4]
-	 pxor	@t[7], @x[1]
-	 pxor	@t[2], @x[4]
-	pxor	@x[5], @t[5]
-
-	 pxor	@t[7], @x[2]
-	 pxor	@t[6], @x[3]
-	 pxor	@t[6], @x[4]
-	 pxor	@t[3], @x[5]
-	 pxor	@t[4], @x[6]
-	 pxor	@t[7], @x[4]
-	 pxor	@t[7], @x[5]
-	 pxor	@t[5], @x[7]
-___
-	&MixColumns	(@x,@t,1);	# flipped 2<->3 and 4<->6
-}
-
-sub aesenc {				# not used
-my @b=@_[0..7];
-my @t=@_[8..15];
-$code.=<<___;
-	movdqa	0x30($const),@t[0]	# .LSR
-___
-	&ShiftRows	(@b,@t[0]);
-	&Sbox		(@b,@t);
-	&MixColumns	(@b[0,1,4,6,3,7,2,5],@t);
-}
-
-sub aesenclast {			# not used
-my @b=@_[0..7];
-my @t=@_[8..15];
-$code.=<<___;
-	movdqa	0x40($const),@t[0]	# .LSRM0
-___
-	&ShiftRows	(@b,@t[0]);
-	&Sbox		(@b,@t);
-$code.=<<___
-	pxor	0x00($key),@b[0]
-	pxor	0x10($key),@b[1]
-	pxor	0x20($key),@b[4]
-	pxor	0x30($key),@b[6]
-	pxor	0x40($key),@b[3]
-	pxor	0x50($key),@b[7]
-	pxor	0x60($key),@b[2]
-	pxor	0x70($key),@b[5]
-___
-}
-
-sub swapmove {
-my ($a,$b,$n,$mask,$t)=@_;
-$code.=<<___;
-	movdqa	$b,$t
-	psrlq	\$$n,$b
-	pxor  	$a,$b
-	pand	$mask,$b
-	pxor	$b,$a
-	psllq	\$$n,$b
-	pxor	$t,$b
-___
-}
-sub swapmove2x {
-my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_;
-$code.=<<___;
-	movdqa	$b0,$t0
-	psrlq	\$$n,$b0
-	 movdqa	$b1,$t1
-	 psrlq	\$$n,$b1
-	pxor  	$a0,$b0
-	 pxor  	$a1,$b1
-	pand	$mask,$b0
-	 pand	$mask,$b1
-	pxor	$b0,$a0
-	psllq	\$$n,$b0
-	 pxor	$b1,$a1
-	 psllq	\$$n,$b1
-	pxor	$t0,$b0
-	 pxor	$t1,$b1
-___
-}
-
-sub bitslice {
-my @x=reverse(@_[0..7]);
-my ($t0,$t1,$t2,$t3)=@_[8..11];
-$code.=<<___;
-	movdqa	0x00($const),$t0	# .LBS0
-	movdqa	0x10($const),$t1	# .LBS1
-___
-	&swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3);
-	&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
-$code.=<<___;
-	movdqa	0x20($const),$t0	# .LBS2
-___
-	&swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3);
-	&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
-
-	&swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3);
-	&swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3);
-}
-
-$code.=<<___;
-.text
-
-.extern	asm_AES_encrypt
-.extern	asm_AES_decrypt
-
-.type	_bsaes_encrypt8,\@abi-omnipotent
-.align	64
-_bsaes_encrypt8:
-	lea	.LBS0(%rip), $const	# constants table
-
-	movdqa	($key), @XMM[9]		# round 0 key
-	lea	0x10($key), $key
-	movdqa	0x50($const), @XMM[8]	# .LM0SR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	 pshufb	@XMM[8], @XMM[0]
-	pxor	@XMM[9], @XMM[2]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[2]
-	pxor	@XMM[9], @XMM[4]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[4]
-	pxor	@XMM[9], @XMM[6]
-	 pshufb	@XMM[8], @XMM[5]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[6]
-	 pshufb	@XMM[8], @XMM[7]
-_bsaes_encrypt8_bitslice:
-___
-	&bitslice	(@XMM[0..7, 8..11]);
-$code.=<<___;
-	dec	$rounds
-	jmp	.Lenc_sbox
-.align	16
-.Lenc_loop:
-___
-	&ShiftRows	(@XMM[0..7, 8]);
-$code.=".Lenc_sbox:\n";
-	&Sbox		(@XMM[0..7, 8..15]);
-$code.=<<___;
-	dec	$rounds
-	jl	.Lenc_done
-___
-	&MixColumns	(@XMM[0,1,4,6,3,7,2,5, 8..15]);
-$code.=<<___;
-	movdqa	0x30($const), @XMM[8]	# .LSR
-	jnz	.Lenc_loop
-	movdqa	0x40($const), @XMM[8]	# .LSRM0
-	jmp	.Lenc_loop
-.align	16
-.Lenc_done:
-___
-	# output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb
-	&bitslice	(@XMM[0,1,4,6,3,7,2,5, 8..11]);
-$code.=<<___;
-	movdqa	($key), @XMM[8]		# last round key
-	pxor	@XMM[8], @XMM[4]
-	pxor	@XMM[8], @XMM[6]
-	pxor	@XMM[8], @XMM[3]
-	pxor	@XMM[8], @XMM[7]
-	pxor	@XMM[8], @XMM[2]
-	pxor	@XMM[8], @XMM[5]
-	pxor	@XMM[8], @XMM[0]
-	pxor	@XMM[8], @XMM[1]
-	ret
-.size	_bsaes_encrypt8,.-_bsaes_encrypt8
-
-.type	_bsaes_decrypt8,\@abi-omnipotent
-.align	64
-_bsaes_decrypt8:
-	lea	.LBS0(%rip), $const	# constants table
-
-	movdqa	($key), @XMM[9]		# round 0 key
-	lea	0x10($key), $key
-	movdqa	-0x30($const), @XMM[8]	# .LM0ISR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	 pshufb	@XMM[8], @XMM[0]
-	pxor	@XMM[9], @XMM[2]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[2]
-	pxor	@XMM[9], @XMM[4]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[4]
-	pxor	@XMM[9], @XMM[6]
-	 pshufb	@XMM[8], @XMM[5]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[6]
-	 pshufb	@XMM[8], @XMM[7]
-___
-	&bitslice	(@XMM[0..7, 8..11]);
-$code.=<<___;
-	dec	$rounds
-	jmp	.Ldec_sbox
-.align	16
-.Ldec_loop:
-___
-	&ShiftRows	(@XMM[0..7, 8]);
-$code.=".Ldec_sbox:\n";
-	&InvSbox	(@XMM[0..7, 8..15]);
-$code.=<<___;
-	dec	$rounds
-	jl	.Ldec_done
-___
-	&InvMixColumns	(@XMM[0,1,6,4,2,7,3,5, 8..15]);
-$code.=<<___;
-	movdqa	-0x10($const), @XMM[8]	# .LISR
-	jnz	.Ldec_loop
-	movdqa	-0x20($const), @XMM[8]	# .LISRM0
-	jmp	.Ldec_loop
-.align	16
-.Ldec_done:
-___
-	&bitslice	(@XMM[0,1,6,4,2,7,3,5, 8..11]);
-$code.=<<___;
-	movdqa	($key), @XMM[8]		# last round key
-	pxor	@XMM[8], @XMM[6]
-	pxor	@XMM[8], @XMM[4]
-	pxor	@XMM[8], @XMM[2]
-	pxor	@XMM[8], @XMM[7]
-	pxor	@XMM[8], @XMM[3]
-	pxor	@XMM[8], @XMM[5]
-	pxor	@XMM[8], @XMM[0]
-	pxor	@XMM[8], @XMM[1]
-	ret
-.size	_bsaes_decrypt8,.-_bsaes_decrypt8
-___
-}
-{
-my ($out,$inp,$rounds,$const)=("%rax","%rcx","%r10d","%r11");
-
-sub bitslice_key {
-my @x=reverse(@_[0..7]);
-my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12];
-
-	&swapmove	(@x[0,1],1,$bs0,$t2,$t3);
-$code.=<<___;
-	#&swapmove(@x[2,3],1,$t0,$t2,$t3);
-	movdqa	@x[0], @x[2]
-	movdqa	@x[1], @x[3]
-___
-	#&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
-
-	&swapmove2x	(@x[0,2,1,3],2,$bs1,$t2,$t3);
-$code.=<<___;
-	#&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
-	movdqa	@x[0], @x[4]
-	movdqa	@x[2], @x[6]
-	movdqa	@x[1], @x[5]
-	movdqa	@x[3], @x[7]
-___
-	&swapmove2x	(@x[0,4,1,5],4,$bs2,$t2,$t3);
-	&swapmove2x	(@x[2,6,3,7],4,$bs2,$t2,$t3);
-}
-
-$code.=<<___;
-.type	_bsaes_key_convert,\@abi-omnipotent
-.align	16
-_bsaes_key_convert:
-	lea	.Lmasks(%rip), $const
-	movdqu	($inp), %xmm7		# load round 0 key
-	lea	0x10($inp), $inp
-	movdqa	0x00($const), %xmm0	# 0x01...
-	movdqa	0x10($const), %xmm1	# 0x02...
-	movdqa	0x20($const), %xmm2	# 0x04...
-	movdqa	0x30($const), %xmm3	# 0x08...
-	movdqa	0x40($const), %xmm4	# .LM0
-	pcmpeqd	%xmm5, %xmm5		# .LNOT
-
-	movdqu	($inp), %xmm6		# load round 1 key
-	movdqa	%xmm7, ($out)		# save round 0 key
-	lea	0x10($out), $out
-	dec	$rounds
-	jmp	.Lkey_loop
-.align	16
-.Lkey_loop:
-	pshufb	%xmm4, %xmm6		# .LM0
-
-	movdqa	%xmm0,	%xmm8
-	movdqa	%xmm1,	%xmm9
-
-	pand	%xmm6,	%xmm8
-	pand	%xmm6,	%xmm9
-	movdqa	%xmm2,	%xmm10
-	pcmpeqb	%xmm0,	%xmm8
-	psllq	\$4,	%xmm0		# 0x10...
-	movdqa	%xmm3,	%xmm11
-	pcmpeqb	%xmm1,	%xmm9
-	psllq	\$4,	%xmm1		# 0x20...
-
-	pand	%xmm6,	%xmm10
-	pand	%xmm6,	%xmm11
-	movdqa	%xmm0,	%xmm12
-	pcmpeqb	%xmm2,	%xmm10
-	psllq	\$4,	%xmm2		# 0x40...
-	movdqa	%xmm1,	%xmm13
-	pcmpeqb	%xmm3,	%xmm11
-	psllq	\$4,	%xmm3		# 0x80...
-
-	movdqa	%xmm2,	%xmm14
-	movdqa	%xmm3,	%xmm15
-	 pxor	%xmm5,	%xmm8		# "pnot"
-	 pxor	%xmm5,	%xmm9
-
-	pand	%xmm6,	%xmm12
-	pand	%xmm6,	%xmm13
-	 movdqa	%xmm8, 0x00($out)	# write bit-sliced round key
-	pcmpeqb	%xmm0,	%xmm12
-	psrlq	\$4,	%xmm0		# 0x01...
-	 movdqa	%xmm9, 0x10($out)
-	pcmpeqb	%xmm1,	%xmm13
-	psrlq	\$4,	%xmm1		# 0x02...
-	 lea	0x10($inp), $inp
-
-	pand	%xmm6,	%xmm14
-	pand	%xmm6,	%xmm15
-	 movdqa	%xmm10, 0x20($out)
-	pcmpeqb	%xmm2,	%xmm14
-	psrlq	\$4,	%xmm2		# 0x04...
-	 movdqa	%xmm11, 0x30($out)
-	pcmpeqb	%xmm3,	%xmm15
-	psrlq	\$4,	%xmm3		# 0x08...
-	 movdqu	($inp), %xmm6		# load next round key
-
-	pxor	%xmm5, %xmm13		# "pnot"
-	pxor	%xmm5, %xmm14
-	movdqa	%xmm12, 0x40($out)
-	movdqa	%xmm13, 0x50($out)
-	movdqa	%xmm14, 0x60($out)
-	movdqa	%xmm15, 0x70($out)
-	lea	0x80($out),$out
-	dec	$rounds
-	jnz	.Lkey_loop
-
-	movdqa	0x50($const), %xmm7	# .L63
-	#movdqa	%xmm6, ($out)		# don't save last round key
-	ret
-.size	_bsaes_key_convert,.-_bsaes_key_convert
-___
-}
-
-if (0 && !$win64) {	# following four functions are unsupported interface
-			# used for benchmarking...
-$code.=<<___;
-.globl	bsaes_enc_key_convert
-.type	bsaes_enc_key_convert,\@function,2
-.align	16
-bsaes_enc_key_convert:
-	mov	240($inp),%r10d		# pass rounds
-	mov	$inp,%rcx		# pass key
-	mov	$out,%rax		# pass key schedule
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-	ret
-.size	bsaes_enc_key_convert,.-bsaes_enc_key_convert
-
-.globl	bsaes_encrypt_128
-.type	bsaes_encrypt_128,\@function,4
-.align	16
-bsaes_encrypt_128:
-.Lenc128_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	movdqu	0x60($inp), @XMM[6]
-	movdqu	0x70($inp), @XMM[7]
-	mov	$key, %rax		# pass the $key
-	lea	0x80($inp), $inp
-	mov	\$10,%r10d
-
-	call	_bsaes_encrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$0x80,$len
-	ja	.Lenc128_loop
-	ret
-.size	bsaes_encrypt_128,.-bsaes_encrypt_128
-
-.globl	bsaes_dec_key_convert
-.type	bsaes_dec_key_convert,\@function,2
-.align	16
-bsaes_dec_key_convert:
-	mov	240($inp),%r10d		# pass rounds
-	mov	$inp,%rcx		# pass key
-	mov	$out,%rax		# pass key schedule
-	call	_bsaes_key_convert
-	pxor	($out),%xmm7		# fix up round 0 key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,($out)
-	ret
-.size	bsaes_dec_key_convert,.-bsaes_dec_key_convert
-
-.globl	bsaes_decrypt_128
-.type	bsaes_decrypt_128,\@function,4
-.align	16
-bsaes_decrypt_128:
-.Ldec128_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	movdqu	0x60($inp), @XMM[6]
-	movdqu	0x70($inp), @XMM[7]
-	mov	$key, %rax		# pass the $key
-	lea	0x80($inp), $inp
-	mov	\$10,%r10d
-
-	call	_bsaes_decrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$0x80,$len
-	ja	.Ldec128_loop
-	ret
-.size	bsaes_decrypt_128,.-bsaes_decrypt_128
-___
-}
-{
-######################################################################
-#
-# OpenSSL interface
-#
-my ($arg1,$arg2,$arg3,$arg4,$arg5,$arg6)=$win64	? ("%rcx","%rdx","%r8","%r9","%r10","%r11d")
-						: ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-my ($inp,$out,$len,$key)=("%r12","%r13","%r14","%r15");
-
-if ($ecb) {
-$code.=<<___;
-.globl	bsaes_ecb_encrypt_blocks
-.type	bsaes_ecb_encrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ecb_encrypt_blocks:
-	mov	%rsp, %rax
-.Lecb_enc_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lecb_enc_body:
-___
-$code.=<<___;
-	mov	%rsp,%rbp		# backup %rsp
-	mov	240($arg4),%eax		# rounds
-	mov	$arg1,$inp		# backup arguments
-	mov	$arg2,$out
-	mov	$arg3,$len
-	mov	$arg4,$key
-	cmp	\$8,$arg3
-	jb	.Lecb_enc_short
-
-	mov	%eax,%ebx		# backup rounds
-	shl	\$7,%rax		# 128 bytes per inner round key
-	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
-	sub	%rax,%rsp
-	mov	%rsp,%rax		# pass key schedule
-	mov	$key,%rcx		# pass key
-	mov	%ebx,%r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-
-	sub	\$8,$len
-.Lecb_enc_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%ebx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	lea	0x80($inp), $inp
-
-	call	_bsaes_encrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lecb_enc_loop
-
-	add	\$8,$len
-	jz	.Lecb_enc_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%ebx,%r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lecb_enc_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lecb_enc_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lecb_enc_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lecb_enc_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lecb_enc_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lecb_enc_six
-	movdqu	0x60($inp), @XMM[6]
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_six:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_five:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_four:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_three:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_two:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_one:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_short:
-	lea	($inp), $arg1
-	lea	($out), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt
-	lea	16($inp), $inp
-	lea	16($out), $out
-	dec	$len
-	jnz	.Lecb_enc_short
-
-.Lecb_enc_done:
-	lea	(%rsp),%rax
-	pxor	%xmm0, %xmm0
-.Lecb_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	jb	.Lecb_enc_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lecb_enc_epilogue:
-	ret
-.size	bsaes_ecb_encrypt_blocks,.-bsaes_ecb_encrypt_blocks
-
-.globl	bsaes_ecb_decrypt_blocks
-.type	bsaes_ecb_decrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ecb_decrypt_blocks:
-	mov	%rsp, %rax
-.Lecb_dec_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lecb_dec_body:
-___
-$code.=<<___;
-	mov	%rsp,%rbp		# backup %rsp
-	mov	240($arg4),%eax		# rounds
-	mov	$arg1,$inp		# backup arguments
-	mov	$arg2,$out
-	mov	$arg3,$len
-	mov	$arg4,$key
-	cmp	\$8,$arg3
-	jb	.Lecb_dec_short
-
-	mov	%eax,%ebx		# backup rounds
-	shl	\$7,%rax		# 128 bytes per inner round key
-	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
-	sub	%rax,%rsp
-	mov	%rsp,%rax		# pass key schedule
-	mov	$key,%rcx		# pass key
-	mov	%ebx,%r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp),%xmm7		# fix up 0 round key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,(%rsp)
-
-	sub	\$8,$len
-.Lecb_dec_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%ebx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	lea	0x80($inp), $inp
-
-	call	_bsaes_decrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lecb_dec_loop
-
-	add	\$8,$len
-	jz	.Lecb_dec_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%ebx,%r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lecb_dec_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lecb_dec_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lecb_dec_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lecb_dec_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lecb_dec_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lecb_dec_six
-	movdqu	0x60($inp), @XMM[6]
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_six:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_five:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_four:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_three:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_two:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_one:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_short:
-	lea	($inp), $arg1
-	lea	($out), $arg2
-	lea	($key), $arg3
-	call	asm_AES_decrypt
-	lea	16($inp), $inp
-	lea	16($out), $out
-	dec	$len
-	jnz	.Lecb_dec_short
-
-.Lecb_dec_done:
-	lea	(%rsp),%rax
-	pxor	%xmm0, %xmm0
-.Lecb_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	jb	.Lecb_dec_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lecb_dec_epilogue:
-	ret
-.size	bsaes_ecb_decrypt_blocks,.-bsaes_ecb_decrypt_blocks
-___
-}
-$code.=<<___;
-.extern	asm_AES_cbc_encrypt
-.globl	bsaes_cbc_encrypt
-.type	bsaes_cbc_encrypt,\@abi-omnipotent
-.align	16
-bsaes_cbc_encrypt:
-___
-$code.=<<___ if ($win64);
-	mov	48(%rsp),$arg6		# pull direction flag
-___
-$code.=<<___;
-	cmp	\$0,$arg6
-	jne	asm_AES_cbc_encrypt
-	cmp	\$128,$arg3
-	jb	asm_AES_cbc_encrypt
-
-	mov	%rsp, %rax
-.Lcbc_dec_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp), %rsp
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lcbc_dec_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-	mov	240($arg4), %eax	# rounds
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-	mov	$arg5, %rbx
-	shr	\$4, $len		# bytes to blocks
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp),%xmm7		# fix up 0 round key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,(%rsp)
-
-	movdqu	(%rbx), @XMM[15]	# load IV
-	sub	\$8,$len
-.Lcbc_dec_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%edx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-
-	call	_bsaes_decrypt8
-
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[12], @XMM[7]
-	movdqu	0x60($inp), @XMM[14]
-	pxor	@XMM[13], @XMM[3]
-	movdqu	0x70($inp), @XMM[15]	# IV
-	pxor	@XMM[14], @XMM[5]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x80($inp), $inp
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lcbc_dec_loop
-
-	add	\$8,$len
-	jz	.Lcbc_dec_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lcbc_dec_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lcbc_dec_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lcbc_dec_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lcbc_dec_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lcbc_dec_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lcbc_dec_six
-	movdqu	0x60($inp), @XMM[6]
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[12], @XMM[7]
-	movdqu	0x60($inp), @XMM[15]	# IV
-	pxor	@XMM[13], @XMM[3]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_six:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[15]	# IV
-	pxor	@XMM[12], @XMM[7]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_five:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[15]	# IV
-	pxor	@XMM[11], @XMM[2]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_four:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[15]	# IV
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_three:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[15]	# IV
-	pxor	@XMM[9], @XMM[6]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_two:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[15]	# IV
-	pxor	@XMM[8], @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_one:
-	lea	($inp), $arg1
-	lea	0x20(%rbp), $arg2	# buffer output
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[15]	# ^= IV
-	movdqu	@XMM[15], ($out)	# write output
-	movdqa	@XMM[0], @XMM[15]	# IV
-
-.Lcbc_dec_done:
-	movdqu	@XMM[15], (%rbx)	# return IV
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lcbc_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lcbc_dec_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lcbc_dec_epilogue:
-	ret
-.size	bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
-
-.globl	bsaes_ctr32_encrypt_blocks
-.type	bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ctr32_encrypt_blocks:
-	mov	%rsp, %rax
-.Lctr_enc_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp), %rsp
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lctr_enc_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-	movdqu	($arg5), %xmm0		# load counter
-	mov	240($arg4), %eax	# rounds
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-	movdqa	%xmm0, 0x20(%rbp)	# copy counter
-	cmp	\$8, $arg3
-	jb	.Lctr_enc_short
-
-	mov	%eax, %ebx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%ebx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-
-	movdqa	(%rsp), @XMM[9]		# load round0 key
-	lea	.LADD1(%rip), %r11
-	movdqa	0x20(%rbp), @XMM[0]	# counter copy
-	movdqa	-0x20(%r11), @XMM[8]	# .LSWPUP
-	pshufb	@XMM[8], @XMM[9]	# byte swap upper part
-	pshufb	@XMM[8], @XMM[0]
-	movdqa	@XMM[9], (%rsp)		# save adjusted round0 key
-	jmp	.Lctr_enc_loop
-.align	16
-.Lctr_enc_loop:
-	movdqa	@XMM[0], 0x20(%rbp)	# save counter
-	movdqa	@XMM[0], @XMM[1]	# prepare 8 counter values
-	movdqa	@XMM[0], @XMM[2]
-	paddd	0x00(%r11), @XMM[1]	# .LADD1
-	movdqa	@XMM[0], @XMM[3]
-	paddd	0x10(%r11), @XMM[2]	# .LADD2
-	movdqa	@XMM[0], @XMM[4]
-	paddd	0x20(%r11), @XMM[3]	# .LADD3
-	movdqa	@XMM[0], @XMM[5]
-	paddd	0x30(%r11), @XMM[4]	# .LADD4
-	movdqa	@XMM[0], @XMM[6]
-	paddd	0x40(%r11), @XMM[5]	# .LADD5
-	movdqa	@XMM[0], @XMM[7]
-	paddd	0x50(%r11), @XMM[6]	# .LADD6
-	paddd	0x60(%r11), @XMM[7]	# .LADD7
-
-	# Borrow prologue from _bsaes_encrypt8 to use the opportunity
-	# to flip byte order in 32-bit counter
-	movdqa	(%rsp), @XMM[9]		# round 0 key
-	lea	0x10(%rsp), %rax	# pass key schedule
-	movdqa	-0x10(%r11), @XMM[8]	# .LSWPUPM0SR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	 pshufb	@XMM[8], @XMM[0]
-	pxor	@XMM[9], @XMM[2]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[2]
-	pxor	@XMM[9], @XMM[4]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[4]
-	pxor	@XMM[9], @XMM[6]
-	 pshufb	@XMM[8], @XMM[5]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[6]
-	lea	.LBS0(%rip), %r11	# constants table
-	 pshufb	@XMM[8], @XMM[7]
-	mov	%ebx,%r10d		# pass rounds
-
-	call	_bsaes_encrypt8_bitslice
-
-	sub	\$8,$len
-	jc	.Lctr_enc_loop_done
-
-	movdqu	0x00($inp), @XMM[8]	# load input
-	movdqu	0x10($inp), @XMM[9]
-	movdqu	0x20($inp), @XMM[10]
-	movdqu	0x30($inp), @XMM[11]
-	movdqu	0x40($inp), @XMM[12]
-	movdqu	0x50($inp), @XMM[13]
-	movdqu	0x60($inp), @XMM[14]
-	movdqu	0x70($inp), @XMM[15]
-	lea	0x80($inp),$inp
-	pxor	@XMM[0], @XMM[8]
-	movdqa	0x20(%rbp), @XMM[0]	# load counter
-	pxor	@XMM[9], @XMM[1]
-	movdqu	@XMM[8], 0x00($out)	# write output
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	@XMM[11], @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	@XMM[12], @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	@XMM[13], @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	@XMM[14], @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	@XMM[15], @XMM[5]
-	movdqu	@XMM[2], 0x60($out)
-	lea	.LADD1(%rip), %r11
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	paddd	0x70(%r11), @XMM[0]	# .LADD8
-	jnz	.Lctr_enc_loop
-
-	jmp	.Lctr_enc_done
-.align	16
-.Lctr_enc_loop_done:
-	add	\$8, $len
-	movdqu	0x00($inp), @XMM[8]	# load input
-	pxor	@XMM[8], @XMM[0]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	cmp	\$2,$len
-	jb	.Lctr_enc_done
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[9], @XMM[1]
-	movdqu	@XMM[1], 0x10($out)
-	je	.Lctr_enc_done
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[4], 0x20($out)
-	cmp	\$4,$len
-	jb	.Lctr_enc_done
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[11], @XMM[6]
-	movdqu	@XMM[6], 0x30($out)
-	je	.Lctr_enc_done
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[12], @XMM[3]
-	movdqu	@XMM[3], 0x40($out)
-	cmp	\$6,$len
-	jb	.Lctr_enc_done
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[13], @XMM[7]
-	movdqu	@XMM[7], 0x50($out)
-	je	.Lctr_enc_done
-	movdqu	0x60($inp), @XMM[14]
-	pxor	@XMM[14], @XMM[2]
-	movdqu	@XMM[2], 0x60($out)
-	jmp	.Lctr_enc_done
-
-.align	16
-.Lctr_enc_short:
-	lea	0x20(%rbp), $arg1
-	lea	0x30(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt
-	movdqu	($inp), @XMM[1]
-	lea	16($inp), $inp
-	mov	0x2c(%rbp), %eax	# load 32-bit counter
-	bswap	%eax
-	pxor	0x30(%rbp), @XMM[1]
-	inc	%eax			# increment
-	movdqu	@XMM[1], ($out)
-	bswap	%eax
-	lea	16($out), $out
-	mov	%eax, 0x2c(%rsp)	# save 32-bit counter
-	dec	$len
-	jnz	.Lctr_enc_short
-
-.Lctr_enc_done:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lctr_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lctr_enc_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lctr_enc_epilogue:
-	ret
-.size	bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
-___
-######################################################################
-# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2,
-#	const unsigned char iv[16]);
-#
-my ($twmask,$twres,$twtmp)=@XMM[13..15];
-$arg6=~s/d$//;
-
-$code.=<<___;
-.globl	bsaes_xts_encrypt
-.type	bsaes_xts_encrypt,\@abi-omnipotent
-.align	16
-bsaes_xts_encrypt:
-	mov	%rsp, %rax
-.Lxts_enc_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp), %rsp
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull key2
-	mov	0xa8(%rsp),$arg6	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lxts_enc_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-
-	lea	($arg6), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($arg5), $arg3
-	call	asm_AES_encrypt		# generate initial tweak
-
-	mov	240($key), %eax		# rounds
-	mov	$len, %rbx		# backup $len
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6, %xmm7		# fix up last round key
-	movdqa	%xmm7, (%rax)		# save last round key
-
-	and	\$-16, $len
-	sub	\$0x80, %rsp		# place for tweak[8]
-	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-
-	sub	\$0x80, $len
-	jc	.Lxts_enc_short
-	jmp	.Lxts_enc_loop
-
-.align	16
-.Lxts_enc_loop:
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqu	0x70($inp), @XMM[8+7]
-	lea	0x80($inp), $inp
-	movdqa	@XMM[7], 0x70(%rsp)
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	pxor	@XMM[8+7], @XMM[7]
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	0x60(%rsp), @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	0x70(%rsp), @XMM[5]
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-
-	sub	\$0x80,$len
-	jnc	.Lxts_enc_loop
-
-.Lxts_enc_short:
-	add	\$0x80, $len
-	jz	.Lxts_enc_done
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-	cmp	\$`0x10*$i`,$len
-	je	.Lxts_enc_$i
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqa	@XMM[7], 0x70(%rsp)
-	lea	0x70($inp), $inp
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	0x60(%rsp), @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	lea	0x70($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_6:
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x60($inp), $inp
-	pxor	@XMM[8+5], @XMM[5]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	lea	0x60($out), $out
-
-	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_5:
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x50($inp), $inp
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	lea	0x50($out), $out
-
-	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_4:
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x40($inp), $inp
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	lea	0x40($out), $out
-
-	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_3:
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x30($inp), $inp
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	lea	0x30($out), $out
-
-	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_2:
-	pxor	@XMM[8+0], @XMM[0]
-	lea	0x20($inp), $inp
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	lea	0x20($out), $out
-
-	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_1:
-	pxor	@XMM[0], @XMM[8]
-	lea	0x10($inp), $inp
-	movdqa	@XMM[8], 0x20(%rbp)
-	lea	0x20(%rbp), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
-	#pxor	@XMM[8], @XMM[0]
-	#lea	0x80(%rsp), %rax	# pass key schedule
-	#mov	%edx, %r10d		# pass rounds
-	#call	_bsaes_encrypt8
-	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x10($out), $out
-
-	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
-
-.Lxts_enc_done:
-	and	\$15, %ebx
-	jz	.Lxts_enc_ret
-	mov	$out, %rdx
-
-.Lxts_enc_steal:
-	movzb	($inp), %eax
-	movzb	-16(%rdx), %ecx
-	lea	1($inp), $inp
-	mov	%al, -16(%rdx)
-	mov	%cl, 0(%rdx)
-	lea	1(%rdx), %rdx
-	sub	\$1,%ebx
-	jnz	.Lxts_enc_steal
-
-	movdqu	-16($out), @XMM[0]
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[7], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_encrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[7]
-	movdqu	@XMM[7], -16($out)
-
-.Lxts_enc_ret:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lxts_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lxts_enc_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lxts_enc_epilogue:
-	ret
-.size	bsaes_xts_encrypt,.-bsaes_xts_encrypt
-
-.globl	bsaes_xts_decrypt
-.type	bsaes_xts_decrypt,\@abi-omnipotent
-.align	16
-bsaes_xts_decrypt:
-	mov	%rsp, %rax
-.Lxts_dec_prologue:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	lea	-0x48(%rsp), %rsp
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull key2
-	mov	0xa8(%rsp),$arg6	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lxts_dec_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-
-	lea	($arg6), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($arg5), $arg3
-	call	asm_AES_encrypt		# generate initial tweak
-
-	mov	240($key), %eax		# rounds
-	mov	$len, %rbx		# backup $len
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp), %xmm7		# fix up round 0 key
-	movdqa	%xmm6, (%rax)		# save last round key
-	movdqa	%xmm7, (%rsp)
-
-	xor	%eax, %eax		# if ($len%16) len-=16;
-	and	\$-16, $len
-	test	\$15, %ebx
-	setnz	%al
-	shl	\$4, %rax
-	sub	%rax, $len
-
-	sub	\$0x80, %rsp		# place for tweak[8]
-	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-
-	sub	\$0x80, $len
-	jc	.Lxts_dec_short
-	jmp	.Lxts_dec_loop
-
-.align	16
-.Lxts_dec_loop:
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqu	0x70($inp), @XMM[8+7]
-	lea	0x80($inp), $inp
-	movdqa	@XMM[7], 0x70(%rsp)
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	pxor	@XMM[8+7], @XMM[7]
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	pxor	0x60(%rsp), @XMM[3]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	0x70(%rsp), @XMM[5]
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-
-	sub	\$0x80,$len
-	jnc	.Lxts_dec_loop
-
-.Lxts_dec_short:
-	add	\$0x80, $len
-	jz	.Lxts_dec_done
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-	cmp	\$`0x10*$i`,$len
-	je	.Lxts_dec_$i
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqa	@XMM[7], 0x70(%rsp)
-	lea	0x70($inp), $inp
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	pxor	0x60(%rsp), @XMM[3]
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	lea	0x70($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_6:
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x60($inp), $inp
-	pxor	@XMM[8+5], @XMM[5]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	lea	0x60($out), $out
-
-	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_5:
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x50($inp), $inp
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	lea	0x50($out), $out
-
-	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_4:
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x40($inp), $inp
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	lea	0x40($out), $out
-
-	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_3:
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x30($inp), $inp
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	lea	0x30($out), $out
-
-	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_2:
-	pxor	@XMM[8+0], @XMM[0]
-	lea	0x20($inp), $inp
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	lea	0x20($out), $out
-
-	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_1:
-	pxor	@XMM[0], @XMM[8]
-	lea	0x10($inp), $inp
-	movdqa	@XMM[8], 0x20(%rbp)
-	lea	0x20(%rbp), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
-	#pxor	@XMM[8], @XMM[0]
-	#lea	0x80(%rsp), %rax	# pass key schedule
-	#mov	%edx, %r10d		# pass rounds
-	#call	_bsaes_decrypt8
-	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x10($out), $out
-
-	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
-
-.Lxts_dec_done:
-	and	\$15, %ebx
-	jz	.Lxts_dec_ret
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	movdqa	@XMM[7], @XMM[6]
-	paddq	@XMM[7], @XMM[7]	# psllq 1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	movdqu	($inp), @XMM[0]
-	pxor	$twres, @XMM[7]
-
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[7], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[7]
-	mov	$out, %rdx
-	movdqu	@XMM[7], ($out)
-
-.Lxts_dec_steal:
-	movzb	16($inp), %eax
-	movzb	(%rdx), %ecx
-	lea	1($inp), $inp
-	mov	%al, (%rdx)
-	mov	%cl, 16(%rdx)
-	lea	1(%rdx), %rdx
-	sub	\$1,%ebx
-	jnz	.Lxts_dec_steal
-
-	movdqu	($out), @XMM[0]
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[6], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[6]
-	movdqu	@XMM[6], ($out)
-
-.Lxts_dec_ret:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lxts_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lxts_dec_bzero
-
-	lea	(%rbp),%rsp		# restore %rsp
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rbp), %rsp
-___
-$code.=<<___;
-	mov	0x48(%rsp), %r15
-	mov	0x50(%rsp), %r14
-	mov	0x58(%rsp), %r13
-	mov	0x60(%rsp), %r12
-	mov	0x68(%rsp), %rbx
-	mov	0x70(%rsp), %rax
-	lea	0x78(%rsp), %rsp
-	mov	%rax, %rbp
-.Lxts_dec_epilogue:
-	ret
-.size	bsaes_xts_decrypt,.-bsaes_xts_decrypt
-___
-}
-$code.=<<___;
-.type	_bsaes_const,\@object
-.align	64
-_bsaes_const:
-.LM0ISR:	# InvShiftRows constants
-	.quad	0x0a0e0206070b0f03, 0x0004080c0d010509
-.LISRM0:
-	.quad	0x01040b0e0205080f, 0x0306090c00070a0d
-.LISR:
-	.quad	0x0504070602010003, 0x0f0e0d0c080b0a09
-.LBS0:		# bit-slice constants
-	.quad	0x5555555555555555, 0x5555555555555555
-.LBS1:
-	.quad	0x3333333333333333, 0x3333333333333333
-.LBS2:
-	.quad	0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f
-.LSR:		# shiftrows constants
-	.quad	0x0504070600030201, 0x0f0e0d0c0a09080b
-.LSRM0:
-	.quad	0x0304090e00050a0f, 0x01060b0c0207080d
-.LM0SR:
-	.quad	0x0a0e02060f03070b, 0x0004080c05090d01
-.LSWPUP:	# byte-swap upper dword
-	.quad	0x0706050403020100, 0x0c0d0e0f0b0a0908
-.LSWPUPM0SR:
-	.quad	0x0a0d02060c03070b, 0x0004080f05090e01
-.LADD1:		# counter increment constants
-	.quad	0x0000000000000000, 0x0000000100000000
-.LADD2:
-	.quad	0x0000000000000000, 0x0000000200000000
-.LADD3:
-	.quad	0x0000000000000000, 0x0000000300000000
-.LADD4:
-	.quad	0x0000000000000000, 0x0000000400000000
-.LADD5:
-	.quad	0x0000000000000000, 0x0000000500000000
-.LADD6:
-	.quad	0x0000000000000000, 0x0000000600000000
-.LADD7:
-	.quad	0x0000000000000000, 0x0000000700000000
-.LADD8:
-	.quad	0x0000000000000000, 0x0000000800000000
-.Lxts_magic:
-	.long	0x87,0,1,0
-.Lmasks:
-	.quad	0x0101010101010101, 0x0101010101010101
-	.quad	0x0202020202020202, 0x0202020202020202
-	.quad	0x0404040404040404, 0x0404040404040404
-	.quad	0x0808080808080808, 0x0808080808080808
-.LM0:
-	.quad	0x02060a0e03070b0f, 0x0004080c0105090d
-.L63:
-	.quad	0x6363636363636363, 0x6363636363636363
-.asciz	"Bit-sliced AES for x86_64/SSSE3, Emilia Käsper, Peter Schwabe, Andy Polyakov"
-.align	64
-.size	_bsaes_const,.-_bsaes_const
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_prologue
-
-	mov	160($context),%rax	# pull context->Rbp
-
-	lea	0x40(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0xa0(%rax),%rax		# adjust stack pointer
-
-	mov	0x70(%rax),%rbp
-	mov	0x68(%rax),%rbx
-	mov	0x60(%rax),%r12
-	mov	0x58(%rax),%r13
-	mov	0x50(%rax),%r14
-	mov	0x48(%rax),%r15
-	lea	0x78(%rax),%rax		# adjust stack pointer
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_prologue:
-	mov	%rax,152($context)	# restore context->Rsp
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	se_handler,.-se_handler
-
-.section	.pdata
-.align	4
-___
-$code.=<<___ if ($ecb);
-	.rva	.Lecb_enc_prologue
-	.rva	.Lecb_enc_epilogue
-	.rva	.Lecb_enc_info
-
-	.rva	.Lecb_dec_prologue
-	.rva	.Lecb_dec_epilogue
-	.rva	.Lecb_dec_info
-___
-$code.=<<___;
-	.rva	.Lcbc_dec_prologue
-	.rva	.Lcbc_dec_epilogue
-	.rva	.Lcbc_dec_info
-
-	.rva	.Lctr_enc_prologue
-	.rva	.Lctr_enc_epilogue
-	.rva	.Lctr_enc_info
-
-	.rva	.Lxts_enc_prologue
-	.rva	.Lxts_enc_epilogue
-	.rva	.Lxts_enc_info
-
-	.rva	.Lxts_dec_prologue
-	.rva	.Lxts_dec_epilogue
-	.rva	.Lxts_dec_info
-
-.section	.xdata
-.align	8
-___
-$code.=<<___ if ($ecb);
-.Lecb_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lecb_enc_body,.Lecb_enc_epilogue	# HandlerData[]
-.Lecb_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lecb_dec_body,.Lecb_dec_epilogue	# HandlerData[]
-___
-$code.=<<___;
-.Lcbc_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lcbc_dec_body,.Lcbc_dec_epilogue	# HandlerData[]
-.Lctr_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lctr_enc_body,.Lctr_enc_epilogue	# HandlerData[]
-.Lxts_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lxts_enc_body,.Lxts_enc_epilogue	# HandlerData[]
-.Lxts_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lxts_dec_body,.Lxts_dec_epilogue	# HandlerData[]
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/aes/asm/vpaes-x86.pl b/lib/libssl/src/crypto/aes/asm/vpaes-x86.pl
deleted file mode 100644
index 1533e2c3042..00000000000
--- a/lib/libssl/src/crypto/aes/asm/vpaes-x86.pl
+++ /dev/null
@@ -1,903 +0,0 @@
-#!/usr/bin/env perl
-
-######################################################################
-## Constant-time SSSE3 AES core implementation.
-## version 0.1
-##
-## By Mike Hamburg (Stanford University), 2009
-## Public domain.
-##
-## For details see http://shiftleft.org/papers/vector_aes/ and
-## http://crypto.stanford.edu/vpaes/.
-
-######################################################################
-# September 2011.
-#
-# Port vpaes-x86_64.pl as 32-bit "almost" drop-in replacement for
-# aes-586.pl. "Almost" refers to the fact that AES_cbc_encrypt
-# doesn't handle partial vectors (doesn't have to if called from
-# EVP only). "Drop-in" implies that this module doesn't share key
-# schedule structure with the original nor does it make assumption
-# about its alignment...
-#
-# Performance summary. aes-586.pl column lists large-block CBC
-# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
-# byte processed with 128-bit key, and vpaes-x86.pl column - [also
-# large-block CBC] encrypt/decrypt.
-#
-#		aes-586.pl		vpaes-x86.pl
-#
-# Core 2(**)	29.1/42.3/18.3		22.0/25.6(***)
-# Nehalem	27.9/40.4/18.1		10.3/12.0
-# Atom		102./119./60.1		64.5/85.3(***)
-#
-# (*)	"Hyper-threading" in the context refers rather to cache shared
-#	among multiple cores, than to specifically Intel HTT. As vast
-#	majority of contemporary cores share cache, slower code path
-#	is common place. In other words "with-hyper-threading-off"
-#	results are presented mostly for reference purposes.
-#
-# (**)	"Core 2" refers to initial 65nm design, a.k.a. Conroe.
-#
-# (***)	Less impressive improvement on Core 2 and Atom is due to slow
-#	pshufb,	yet it's respectable +32%/65%  improvement on Core 2
-#	and +58%/40% on Atom (as implied, over "hyper-threading-safe"
-#	code path).
-#
-#						<appro@openssl.org>
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"vpaes-x86.pl",$x86only = $ARGV[$#ARGV] eq "386");
-
-$PREFIX="vpaes";
-
-my  ($round, $base, $magic, $key, $const, $inp, $out)=
-    ("eax",  "ebx", "ecx",  "edx","ebp",  "esi","edi");
-
-&static_label("_vpaes_consts");
-&static_label("_vpaes_schedule_low_round");
-
-&set_label("_vpaes_consts",64);
-$k_inv=-0x30;		# inv, inva
-	&data_word(0x0D080180,0x0E05060F,0x0A0B0C02,0x04070309);
-	&data_word(0x0F0B0780,0x01040A06,0x02050809,0x030D0E0C);
-
-$k_s0F=-0x10;		# s0F
-	&data_word(0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F);
-
-$k_ipt=0x00;		# input transform (lo, hi)
-	&data_word(0x5A2A7000,0xC2B2E898,0x52227808,0xCABAE090);
-	&data_word(0x317C4D00,0x4C01307D,0xB0FDCC81,0xCD80B1FC);
-
-$k_sb1=0x20;		# sb1u, sb1t
-	&data_word(0xCB503E00,0xB19BE18F,0x142AF544,0xA5DF7A6E);
-	&data_word(0xFAE22300,0x3618D415,0x0D2ED9EF,0x3BF7CCC1);
-$k_sb2=0x40;		# sb2u, sb2t
-	&data_word(0x0B712400,0xE27A93C6,0xBC982FCD,0x5EB7E955);
-	&data_word(0x0AE12900,0x69EB8840,0xAB82234A,0xC2A163C8);
-$k_sbo=0x60;		# sbou, sbot
-	&data_word(0x6FBDC700,0xD0D26D17,0xC502A878,0x15AABF7A);
-	&data_word(0x5FBB6A00,0xCFE474A5,0x412B35FA,0x8E1E90D1);
-
-$k_mc_forward=0x80;	# mc_forward
-	&data_word(0x00030201,0x04070605,0x080B0A09,0x0C0F0E0D);
-	&data_word(0x04070605,0x080B0A09,0x0C0F0E0D,0x00030201);
-	&data_word(0x080B0A09,0x0C0F0E0D,0x00030201,0x04070605);
-	&data_word(0x0C0F0E0D,0x00030201,0x04070605,0x080B0A09);
-
-$k_mc_backward=0xc0;	# mc_backward
-	&data_word(0x02010003,0x06050407,0x0A09080B,0x0E0D0C0F);
-	&data_word(0x0E0D0C0F,0x02010003,0x06050407,0x0A09080B);
-	&data_word(0x0A09080B,0x0E0D0C0F,0x02010003,0x06050407);
-	&data_word(0x06050407,0x0A09080B,0x0E0D0C0F,0x02010003);
-
-$k_sr=0x100;		# sr
-	&data_word(0x03020100,0x07060504,0x0B0A0908,0x0F0E0D0C);
-	&data_word(0x0F0A0500,0x030E0904,0x07020D08,0x0B06010C);
-	&data_word(0x0B020900,0x0F060D04,0x030A0108,0x070E050C);
-	&data_word(0x070A0D00,0x0B0E0104,0x0F020508,0x0306090C);
-
-$k_rcon=0x140;		# rcon
-	&data_word(0xAF9DEEB6,0x1F8391B9,0x4D7C7D81,0x702A9808);
-
-$k_s63=0x150;		# s63: all equal to 0x63 transformed
-	&data_word(0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B);
-
-$k_opt=0x160;		# output transform
-	&data_word(0xD6B66000,0xFF9F4929,0xDEBE6808,0xF7974121);
-	&data_word(0x50BCEC00,0x01EDBD51,0xB05C0CE0,0xE10D5DB1);
-
-$k_deskew=0x180;	# deskew tables: inverts the sbox's "skew"
-	&data_word(0x47A4E300,0x07E4A340,0x5DBEF91A,0x1DFEB95A);
-	&data_word(0x83EA6900,0x5F36B5DC,0xF49D1E77,0x2841C2AB);
-##
-##  Decryption stuff
-##  Key schedule constants
-##
-$k_dksd=0x1a0;		# decryption key schedule: invskew x*D
-	&data_word(0xA3E44700,0xFEB91A5D,0x5A1DBEF9,0x0740E3A4);
-	&data_word(0xB5368300,0x41C277F4,0xAB289D1E,0x5FDC69EA);
-$k_dksb=0x1c0;		# decryption key schedule: invskew x*B
-	&data_word(0x8550D500,0x9A4FCA1F,0x1CC94C99,0x03D65386);
-	&data_word(0xB6FC4A00,0x115BEDA7,0x7E3482C8,0xD993256F);
-$k_dkse=0x1e0;		# decryption key schedule: invskew x*E + 0x63
-	&data_word(0x1FC9D600,0xD5031CCA,0x994F5086,0x53859A4C);
-	&data_word(0x4FDC7BE8,0xA2319605,0x20B31487,0xCD5EF96A);
-$k_dks9=0x200;		# decryption key schedule: invskew x*9
-	&data_word(0x7ED9A700,0xB6116FC8,0x82255BFC,0x4AED9334);
-	&data_word(0x27143300,0x45765162,0xE9DAFDCE,0x8BB89FAC);
-
-##
-##  Decryption stuff
-##  Round function constants
-##
-$k_dipt=0x220;		# decryption input transform
-	&data_word(0x0B545F00,0x0F505B04,0x114E451A,0x154A411E);
-	&data_word(0x60056500,0x86E383E6,0xF491F194,0x12771772);
-
-$k_dsb9=0x240;		# decryption sbox output *9*u, *9*t
-	&data_word(0x9A86D600,0x851C0353,0x4F994CC9,0xCAD51F50);
-	&data_word(0xECD74900,0xC03B1789,0xB2FBA565,0x725E2C9E);
-$k_dsbd=0x260;		# decryption sbox output *D*u, *D*t
-	&data_word(0xE6B1A200,0x7D57CCDF,0x882A4439,0xF56E9B13);
-	&data_word(0x24C6CB00,0x3CE2FAF7,0x15DEEFD3,0x2931180D);
-$k_dsbb=0x280;		# decryption sbox output *B*u, *B*t
-	&data_word(0x96B44200,0xD0226492,0xB0F2D404,0x602646F6);
-	&data_word(0xCD596700,0xC19498A6,0x3255AA6B,0xF3FF0C3E);
-$k_dsbe=0x2a0;		# decryption sbox output *E*u, *E*t
-	&data_word(0x26D4D000,0x46F29296,0x64B4F6B0,0x22426004);
-	&data_word(0xFFAAC100,0x0C55A6CD,0x98593E32,0x9467F36B);
-$k_dsbo=0x2c0;		# decryption sbox final output
-	&data_word(0x7EF94000,0x1387EA53,0xD4943E2D,0xC7AA6DB9);
-	&data_word(0x93441D00,0x12D7560F,0xD8C58E9C,0xCA4B8159);
-&asciz	("Vector Permutation AES for x86/SSSE3, Mike Hamburg (Stanford University)");
-&align	(64);
-
-&function_begin_B("_vpaes_preheat");
-	&add	($const,&DWP(0,"esp"));
-	&movdqa	("xmm7",&QWP($k_inv,$const));
-	&movdqa	("xmm6",&QWP($k_s0F,$const));
-	&ret	();
-&function_end_B("_vpaes_preheat");
-
-##
-##  _aes_encrypt_core
-##
-##  AES-encrypt %xmm0.
-##
-##  Inputs:
-##     %xmm0 = input
-##     %xmm6-%xmm7 as in _vpaes_preheat
-##    (%edx) = scheduled keys
-##
-##  Output in %xmm0
-##  Clobbers  %xmm1-%xmm5, %eax, %ebx, %ecx, %edx
-##
-##
-&function_begin_B("_vpaes_encrypt_core");
-	&mov	($magic,16);
-	&mov	($round,&DWP(240,$key));
-	&movdqa	("xmm1","xmm6")
-	&movdqa	("xmm2",&QWP($k_ipt,$const));
-	&pandn	("xmm1","xmm0");
-	&movdqu	("xmm5",&QWP(0,$key));
-	&psrld	("xmm1",4);
-	&pand	("xmm0","xmm6");
-	&pshufb	("xmm2","xmm0");
-	&movdqa	("xmm0",&QWP($k_ipt+16,$const));
-	&pshufb	("xmm0","xmm1");
-	&pxor	("xmm2","xmm5");
-	&pxor	("xmm0","xmm2");
-	&add	($key,16);
-	&lea	($base,&DWP($k_mc_backward,$const));
-	&jmp	(&label("enc_entry"));
-
-
-&set_label("enc_loop",16);
-	# middle of middle round
-	&movdqa	("xmm4",&QWP($k_sb1,$const));	# 4 : sb1u
-	&pshufb	("xmm4","xmm2");		# 4 = sb1u
-	&pxor	("xmm4","xmm5");		# 4 = sb1u + k
-	&movdqa	("xmm0",&QWP($k_sb1+16,$const));# 0 : sb1t
-	&pshufb	("xmm0","xmm3");		# 0 = sb1t
-	&pxor	("xmm0","xmm4");		# 0 = A
-	&movdqa	("xmm5",&QWP($k_sb2,$const));	# 4 : sb2u
-	&pshufb	("xmm5","xmm2");		# 4 = sb2u
-	&movdqa	("xmm1",&QWP(-0x40,$base,$magic));# .Lk_mc_forward[]
-	&movdqa	("xmm2",&QWP($k_sb2+16,$const));# 2 : sb2t
-	&pshufb	("xmm2","xmm3");		# 2 = sb2t
-	&pxor	("xmm2","xmm5");		# 2 = 2A
-	&movdqa	("xmm4",&QWP(0,$base,$magic));	# .Lk_mc_backward[]
-	&movdqa	("xmm3","xmm0");		# 3 = A
-	&pshufb	("xmm0","xmm1");		# 0 = B
-	&add	($key,16);			# next key
-	&pxor	("xmm0","xmm2");		# 0 = 2A+B
-	&pshufb	("xmm3","xmm4");		# 3 = D
-	&add	($magic,16);			# next mc
-	&pxor	("xmm3","xmm0");		# 3 = 2A+B+D
-	&pshufb	("xmm0","xmm1");		# 0 = 2B+C
-	&and	($magic,0x30);			# ... mod 4
-	&pxor	("xmm0","xmm3");		# 0 = 2A+3B+C+D
-	&sub	($round,1);			# nr--
-
-&set_label("enc_entry");
-	# top of round
-	&movdqa	("xmm1","xmm6");		# 1 : i
-	&pandn	("xmm1","xmm0");		# 1 = i<<4
-	&psrld	("xmm1",4);			# 1 = i
-	&pand	("xmm0","xmm6");		# 0 = k
-	&movdqa	("xmm5",&QWP($k_inv+16,$const));# 2 : a/k
-	&pshufb	("xmm5","xmm0");		# 2 = a/k
-	&pxor	("xmm0","xmm1");		# 0 = j
-	&movdqa	("xmm3","xmm7");		# 3 : 1/i
-	&pshufb	("xmm3","xmm1");		# 3 = 1/i
-	&pxor	("xmm3","xmm5");		# 3 = iak = 1/i + a/k
-	&movdqa	("xmm4","xmm7");		# 4 : 1/j
-	&pshufb	("xmm4","xmm0");		# 4 = 1/j
-	&pxor	("xmm4","xmm5");		# 4 = jak = 1/j + a/k
-	&movdqa	("xmm2","xmm7");		# 2 : 1/iak
-	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
-	&pxor	("xmm2","xmm0");		# 2 = io
-	&movdqa	("xmm3","xmm7");		# 3 : 1/jak
-	&movdqu	("xmm5",&QWP(0,$key));
-	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
-	&pxor	("xmm3","xmm1");		# 3 = jo
-	&jnz	(&label("enc_loop"));
-
-	# middle of last round
-	&movdqa	("xmm4",&QWP($k_sbo,$const));	# 3 : sbou      .Lk_sbo
-	&movdqa	("xmm0",&QWP($k_sbo+16,$const));# 3 : sbot      .Lk_sbo+16
-	&pshufb	("xmm4","xmm2");		# 4 = sbou
-	&pxor	("xmm4","xmm5");		# 4 = sb1u + k
-	&pshufb	("xmm0","xmm3");		# 0 = sb1t
-	&movdqa	("xmm1",&QWP(0x40,$base,$magic));# .Lk_sr[]
-	&pxor	("xmm0","xmm4");		# 0 = A
-	&pshufb	("xmm0","xmm1");
-	&ret	();
-&function_end_B("_vpaes_encrypt_core");
-
-##
-##  Decryption core
-##
-##  Same API as encryption core.
-##
-&function_begin_B("_vpaes_decrypt_core");
-	&mov	($round,&DWP(240,$key));
-	&lea	($base,&DWP($k_dsbd,$const));
-	&movdqa	("xmm1","xmm6");
-	&movdqa	("xmm2",&QWP($k_dipt-$k_dsbd,$base));
-	&pandn	("xmm1","xmm0");
-	&mov	($magic,$round);
-	&psrld	("xmm1",4)
-	&movdqu	("xmm5",&QWP(0,$key));
-	&shl	($magic,4);
-	&pand	("xmm0","xmm6");
-	&pshufb	("xmm2","xmm0");
-	&movdqa	("xmm0",&QWP($k_dipt-$k_dsbd+16,$base));
-	&xor	($magic,0x30);
-	&pshufb	("xmm0","xmm1");
-	&and	($magic,0x30);
-	&pxor	("xmm2","xmm5");
-	&movdqa	("xmm5",&QWP($k_mc_forward+48,$const));
-	&pxor	("xmm0","xmm2");
-	&add	($key,16);
-	&lea	($magic,&DWP($k_sr-$k_dsbd,$base,$magic));
-	&jmp	(&label("dec_entry"));
-
-&set_label("dec_loop",16);
-##
-##  Inverse mix columns
-##
-	&movdqa	("xmm4",&QWP(-0x20,$base));	# 4 : sb9u
-	&pshufb	("xmm4","xmm2");		# 4 = sb9u
-	&pxor	("xmm4","xmm0");
-	&movdqa	("xmm0",&QWP(-0x10,$base));	# 0 : sb9t
-	&pshufb	("xmm0","xmm3");		# 0 = sb9t
-	&pxor	("xmm0","xmm4");		# 0 = ch
-	&add	($key,16);			# next round key
-
-	&pshufb	("xmm0","xmm5");		# MC ch
-	&movdqa	("xmm4",&QWP(0,$base));		# 4 : sbdu
-	&pshufb	("xmm4","xmm2");		# 4 = sbdu
-	&pxor	("xmm4","xmm0");		# 4 = ch
-	&movdqa	("xmm0",&QWP(0x10,$base));	# 0 : sbdt
-	&pshufb	("xmm0","xmm3");		# 0 = sbdt
-	&pxor	("xmm0","xmm4");		# 0 = ch
-	&sub	($round,1);			# nr--
-
-	&pshufb	("xmm0","xmm5");		# MC ch
-	&movdqa	("xmm4",&QWP(0x20,$base));	# 4 : sbbu
-	&pshufb	("xmm4","xmm2");		# 4 = sbbu
-	&pxor	("xmm4","xmm0");		# 4 = ch
-	&movdqa	("xmm0",&QWP(0x30,$base));	# 0 : sbbt
-	&pshufb	("xmm0","xmm3");		# 0 = sbbt
-	&pxor	("xmm0","xmm4");		# 0 = ch
-
-	&pshufb	("xmm0","xmm5");		# MC ch
-	&movdqa	("xmm4",&QWP(0x40,$base));	# 4 : sbeu
-	&pshufb	("xmm4","xmm2");		# 4 = sbeu
-	&pxor	("xmm4","xmm0");		# 4 = ch
-	&movdqa	("xmm0",&QWP(0x50,$base));	# 0 : sbet
-	&pshufb	("xmm0","xmm3");		# 0 = sbet
-	&pxor	("xmm0","xmm4");		# 0 = ch
-
-	&palignr("xmm5","xmm5",12);
-
-&set_label("dec_entry");
-	# top of round
-	&movdqa	("xmm1","xmm6");		# 1 : i
-	&pandn	("xmm1","xmm0");		# 1 = i<<4
-	&psrld	("xmm1",4);			# 1 = i
-	&pand	("xmm0","xmm6");		# 0 = k
-	&movdqa	("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
-	&pshufb	("xmm2","xmm0");		# 2 = a/k
-	&pxor	("xmm0","xmm1");		# 0 = j
-	&movdqa	("xmm3","xmm7");		# 3 : 1/i
-	&pshufb	("xmm3","xmm1");		# 3 = 1/i
-	&pxor	("xmm3","xmm2");		# 3 = iak = 1/i + a/k
-	&movdqa	("xmm4","xmm7");		# 4 : 1/j
-	&pshufb	("xmm4","xmm0");		# 4 = 1/j
-	&pxor	("xmm4","xmm2");		# 4 = jak = 1/j + a/k
-	&movdqa	("xmm2","xmm7");		# 2 : 1/iak
-	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
-	&pxor	("xmm2","xmm0");		# 2 = io
-	&movdqa	("xmm3","xmm7");		# 3 : 1/jak
-	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
-	&pxor	("xmm3","xmm1");		# 3 = jo
-	&movdqu	("xmm0",&QWP(0,$key));
-	&jnz	(&label("dec_loop"));
-
-	# middle of last round
-	&movdqa	("xmm4",&QWP(0x60,$base));	# 3 : sbou
-	&pshufb	("xmm4","xmm2");		# 4 = sbou
-	&pxor	("xmm4","xmm0");		# 4 = sb1u + k
-	&movdqa	("xmm0",&QWP(0x70,$base));	# 0 : sbot
-	&movdqa	("xmm2",&QWP(0,$magic));
-	&pshufb	("xmm0","xmm3");		# 0 = sb1t
-	&pxor	("xmm0","xmm4");		# 0 = A
-	&pshufb	("xmm0","xmm2");
-	&ret	();
-&function_end_B("_vpaes_decrypt_core");
-
-########################################################
-##                                                    ##
-##                  AES key schedule                  ##
-##                                                    ##
-########################################################
-&function_begin_B("_vpaes_schedule_core");
-	&add	($const,&DWP(0,"esp"));
-	&movdqu	("xmm0",&QWP(0,$inp));		# load key (unaligned)
-	&movdqa	("xmm2",&QWP($k_rcon,$const));	# load rcon
-
-	# input transform
-	&movdqa	("xmm3","xmm0");
-	&lea	($base,&DWP($k_ipt,$const));
-	&movdqa	(&QWP(4,"esp"),"xmm2");		# xmm8
-	&call	("_vpaes_schedule_transform");
-	&movdqa	("xmm7","xmm0");
-
-	&test	($out,$out);
-	&jnz	(&label("schedule_am_decrypting"));
-
-	# encrypting, output zeroth round key after transform
-	&movdqu	(&QWP(0,$key),"xmm0");
-	&jmp	(&label("schedule_go"));
-
-&set_label("schedule_am_decrypting");
-	# decrypting, output zeroth round key after shiftrows
-	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
-	&pshufb	("xmm3","xmm1");
-	&movdqu	(&QWP(0,$key),"xmm3");
-	&xor	($magic,0x30);
-
-&set_label("schedule_go");
-	&cmp	($round,192);
-	&ja	(&label("schedule_256"));
-	&je	(&label("schedule_192"));
-	# 128: fall though
-
-##
-##  .schedule_128
-##
-##  128-bit specific part of key schedule.
-##
-##  This schedule is really simple, because all its parts
-##  are accomplished by the subroutines.
-##
-&set_label("schedule_128");
-	&mov	($round,10);
-
-&set_label("loop_schedule_128");
-	&call	("_vpaes_schedule_round");
-	&dec	($round);
-	&jz	(&label("schedule_mangle_last"));
-	&call	("_vpaes_schedule_mangle");	# write output
-	&jmp	(&label("loop_schedule_128"));
-
-##
-##  .aes_schedule_192
-##
-##  192-bit specific part of key schedule.
-##
-##  The main body of this schedule is the same as the 128-bit
-##  schedule, but with more smearing.  The long, high side is
-##  stored in %xmm7 as before, and the short, low side is in
-##  the high bits of %xmm6.
-##
-##  This schedule is somewhat nastier, however, because each
-##  round produces 192 bits of key material, or 1.5 round keys.
-##  Therefore, on each cycle we do 2 rounds and produce 3 round
-##  keys.
-##
-&set_label("schedule_192",16);
-	&movdqu	("xmm0",&QWP(8,$inp));		# load key part 2 (very unaligned)
-	&call	("_vpaes_schedule_transform");	# input transform	
-	&movdqa	("xmm6","xmm0");		# save short part
-	&pxor	("xmm4","xmm4");		# clear 4
-	&movhlps("xmm6","xmm4");		# clobber low side with zeros
-	&mov	($round,4);
-
-&set_label("loop_schedule_192");
-	&call	("_vpaes_schedule_round");
-	&palignr("xmm0","xmm6",8);
-	&call	("_vpaes_schedule_mangle");	# save key n
-	&call	("_vpaes_schedule_192_smear");
-	&call	("_vpaes_schedule_mangle");	# save key n+1
-	&call	("_vpaes_schedule_round");
-	&dec	($round);
-	&jz	(&label("schedule_mangle_last"));
-	&call	("_vpaes_schedule_mangle");	# save key n+2
-	&call	("_vpaes_schedule_192_smear");
-	&jmp	(&label("loop_schedule_192"));
-
-##
-##  .aes_schedule_256
-##
-##  256-bit specific part of key schedule.
-##
-##  The structure here is very similar to the 128-bit
-##  schedule, but with an additional "low side" in
-##  %xmm6.  The low side's rounds are the same as the
-##  high side's, except no rcon and no rotation.
-##
-&set_label("schedule_256",16);
-	&movdqu	("xmm0",&QWP(16,$inp));		# load key part 2 (unaligned)
-	&call	("_vpaes_schedule_transform");	# input transform	
-	&mov	($round,7);
-
-&set_label("loop_schedule_256");
-	&call	("_vpaes_schedule_mangle");	# output low result
-	&movdqa	("xmm6","xmm0");		# save cur_lo in xmm6
-
-	# high round
-	&call	("_vpaes_schedule_round");
-	&dec	($round);
-	&jz	(&label("schedule_mangle_last"));
-	&call	("_vpaes_schedule_mangle");	
-
-	# low round. swap xmm7 and xmm6
-	&pshufd	("xmm0","xmm0",0xFF);
-	&movdqa	(&QWP(20,"esp"),"xmm7");
-	&movdqa	("xmm7","xmm6");
-	&call	("_vpaes_schedule_low_round");
-	&movdqa	("xmm7",&QWP(20,"esp"));
-
-	&jmp	(&label("loop_schedule_256"));
-
-##
-##  .aes_schedule_mangle_last
-##
-##  Mangler for last round of key schedule
-##  Mangles %xmm0
-##    when encrypting, outputs out(%xmm0) ^ 63
-##    when decrypting, outputs unskew(%xmm0)
-##
-##  Always called right before return... jumps to cleanup and exits
-##
-&set_label("schedule_mangle_last",16);
-	# schedule last round key from xmm0
-	&lea	($base,&DWP($k_deskew,$const));
-	&test	($out,$out);
-	&jnz	(&label("schedule_mangle_last_dec"));
-
-	# encrypting
-	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
-	&pshufb	("xmm0","xmm1");		# output permute
-	&lea	($base,&DWP($k_opt,$const));	# prepare to output transform
-	&add	($key,32);
-
-&set_label("schedule_mangle_last_dec");
-	&add	($key,-16);
-	&pxor	("xmm0",&QWP($k_s63,$const));
-	&call	("_vpaes_schedule_transform");	# output transform
-	&movdqu	(&QWP(0,$key),"xmm0");		# save last key
-
-	# cleanup
-	&pxor	("xmm0","xmm0");
-	&pxor	("xmm1","xmm1");
-	&pxor	("xmm2","xmm2");
-	&pxor	("xmm3","xmm3");
-	&pxor	("xmm4","xmm4");
-	&pxor	("xmm5","xmm5");
-	&pxor	("xmm6","xmm6");
-	&pxor	("xmm7","xmm7");
-	&ret	();
-&function_end_B("_vpaes_schedule_core");
-
-##
-##  .aes_schedule_192_smear
-##
-##  Smear the short, low side in the 192-bit key schedule.
-##
-##  Inputs:
-##    %xmm7: high side, b  a  x  y
-##    %xmm6:  low side, d  c  0  0
-##    %xmm13: 0
-##
-##  Outputs:
-##    %xmm6: b+c+d  b+c  0  0
-##    %xmm0: b+c+d  b+c  b  a
-##
-&function_begin_B("_vpaes_schedule_192_smear");
-	&pshufd	("xmm0","xmm6",0x80);		# d c 0 0 -> c 0 0 0
-	&pxor	("xmm6","xmm0");		# -> c+d c 0 0
-	&pshufd	("xmm0","xmm7",0xFE);		# b a _ _ -> b b b a
-	&pxor	("xmm6","xmm0");		# -> b+c+d b+c b a
-	&movdqa	("xmm0","xmm6");
-	&pxor	("xmm1","xmm1");
-	&movhlps("xmm6","xmm1");		# clobber low side with zeros
-	&ret	();
-&function_end_B("_vpaes_schedule_192_smear");
-
-##
-##  .aes_schedule_round
-##
-##  Runs one main round of the key schedule on %xmm0, %xmm7
-##
-##  Specifically, runs subbytes on the high dword of %xmm0
-##  then rotates it by one byte and xors into the low dword of
-##  %xmm7.
-##
-##  Adds rcon from low byte of %xmm8, then rotates %xmm8 for
-##  next rcon.
-##
-##  Smears the dwords of %xmm7 by xoring the low into the
-##  second low, result into third, result into highest.
-##
-##  Returns results in %xmm7 = %xmm0.
-##  Clobbers %xmm1-%xmm5.
-##
-&function_begin_B("_vpaes_schedule_round");
-	# extract rcon from xmm8
-	&movdqa	("xmm2",&QWP(8,"esp"));		# xmm8
-	&pxor	("xmm1","xmm1");
-	&palignr("xmm1","xmm2",15);
-	&palignr("xmm2","xmm2",15);
-	&pxor	("xmm7","xmm1");
-
-	# rotate
-	&pshufd	("xmm0","xmm0",0xFF);
-	&palignr("xmm0","xmm0",1);
-
-	# fall through...
-	&movdqa	(&QWP(8,"esp"),"xmm2");		# xmm8
-
-	# low round: same as high round, but no rotation and no rcon.
-&set_label("_vpaes_schedule_low_round");
-	# smear xmm7
-	&movdqa	("xmm1","xmm7");
-	&pslldq	("xmm7",4);
-	&pxor	("xmm7","xmm1");
-	&movdqa	("xmm1","xmm7");
-	&pslldq	("xmm7",8);
-	&pxor	("xmm7","xmm1");
-	&pxor	("xmm7",&QWP($k_s63,$const));
-
-	# subbyte
-	&movdqa	("xmm4",&QWP($k_s0F,$const));
-	&movdqa	("xmm5",&QWP($k_inv,$const));	# 4 : 1/j
-	&movdqa	("xmm1","xmm4");	
-	&pandn	("xmm1","xmm0");
-	&psrld	("xmm1",4);			# 1 = i
-	&pand	("xmm0","xmm4");		# 0 = k
-	&movdqa	("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
-	&pshufb	("xmm2","xmm0");		# 2 = a/k
-	&pxor	("xmm0","xmm1");		# 0 = j
-	&movdqa	("xmm3","xmm5");		# 3 : 1/i
-	&pshufb	("xmm3","xmm1");		# 3 = 1/i
-	&pxor	("xmm3","xmm2");		# 3 = iak = 1/i + a/k
-	&movdqa	("xmm4","xmm5");		# 4 : 1/j
-	&pshufb	("xmm4","xmm0");		# 4 = 1/j
-	&pxor	("xmm4","xmm2");		# 4 = jak = 1/j + a/k
-	&movdqa	("xmm2","xmm5");		# 2 : 1/iak
-	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
-	&pxor	("xmm2","xmm0");		# 2 = io
-	&movdqa	("xmm3","xmm5");		# 3 : 1/jak
-	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
-	&pxor	("xmm3","xmm1");		# 3 = jo
-	&movdqa	("xmm4",&QWP($k_sb1,$const));	# 4 : sbou
-	&pshufb	("xmm4","xmm2");		# 4 = sbou
-	&movdqa	("xmm0",&QWP($k_sb1+16,$const));# 0 : sbot
-	&pshufb	("xmm0","xmm3");		# 0 = sb1t
-	&pxor	("xmm0","xmm4");		# 0 = sbox output
-
-	# add in smeared stuff
-	&pxor	("xmm0","xmm7");
-	&movdqa	("xmm7","xmm0");
-	&ret	();
-&function_end_B("_vpaes_schedule_round");
-
-##
-##  .aes_schedule_transform
-##
-##  Linear-transform %xmm0 according to tables at (%ebx)
-##
-##  Output in %xmm0
-##  Clobbers %xmm1, %xmm2
-##
-&function_begin_B("_vpaes_schedule_transform");
-	&movdqa	("xmm2",&QWP($k_s0F,$const));
-	&movdqa	("xmm1","xmm2");
-	&pandn	("xmm1","xmm0");
-	&psrld	("xmm1",4);
-	&pand	("xmm0","xmm2");
-	&movdqa	("xmm2",&QWP(0,$base));
-	&pshufb	("xmm2","xmm0");
-	&movdqa	("xmm0",&QWP(16,$base));
-	&pshufb	("xmm0","xmm1");
-	&pxor	("xmm0","xmm2");
-	&ret	();
-&function_end_B("_vpaes_schedule_transform");
-
-##
-##  .aes_schedule_mangle
-##
-##  Mangle xmm0 from (basis-transformed) standard version
-##  to our version.
-##
-##  On encrypt,
-##    xor with 0x63
-##    multiply by circulant 0,1,1,1
-##    apply shiftrows transform
-##
-##  On decrypt,
-##    xor with 0x63
-##    multiply by "inverse mixcolumns" circulant E,B,D,9
-##    deskew
-##    apply shiftrows transform
-##
-##
-##  Writes out to (%edx), and increments or decrements it
-##  Keeps track of round number mod 4 in %ecx
-##  Preserves xmm0
-##  Clobbers xmm1-xmm5
-##
-&function_begin_B("_vpaes_schedule_mangle");
-	&movdqa	("xmm4","xmm0");	# save xmm0 for later
-	&movdqa	("xmm5",&QWP($k_mc_forward,$const));
-	&test	($out,$out);
-	&jnz	(&label("schedule_mangle_dec"));
-
-	# encrypting
-	&add	($key,16);
-	&pxor	("xmm4",&QWP($k_s63,$const));
-	&pshufb	("xmm4","xmm5");
-	&movdqa	("xmm3","xmm4");
-	&pshufb	("xmm4","xmm5");
-	&pxor	("xmm3","xmm4");
-	&pshufb	("xmm4","xmm5");
-	&pxor	("xmm3","xmm4");
-
-	&jmp	(&label("schedule_mangle_both"));
-
-&set_label("schedule_mangle_dec",16);
-	# inverse mix columns
-	&movdqa	("xmm2",&QWP($k_s0F,$const));
-	&lea	($inp,&DWP($k_dksd,$const));
-	&movdqa	("xmm1","xmm2");
-	&pandn	("xmm1","xmm4");
-	&psrld	("xmm1",4);			# 1 = hi
-	&pand	("xmm4","xmm2");		# 4 = lo
-
-	&movdqa	("xmm2",&QWP(0,$inp));
-	&pshufb	("xmm2","xmm4");
-	&movdqa	("xmm3",&QWP(0x10,$inp));
-	&pshufb	("xmm3","xmm1");
-	&pxor	("xmm3","xmm2");
-	&pshufb	("xmm3","xmm5");
-
-	&movdqa	("xmm2",&QWP(0x20,$inp));
-	&pshufb	("xmm2","xmm4");
-	&pxor	("xmm2","xmm3");
-	&movdqa	("xmm3",&QWP(0x30,$inp));
-	&pshufb	("xmm3","xmm1");
-	&pxor	("xmm3","xmm2");
-	&pshufb	("xmm3","xmm5");
-
-	&movdqa	("xmm2",&QWP(0x40,$inp));
-	&pshufb	("xmm2","xmm4");
-	&pxor	("xmm2","xmm3");
-	&movdqa	("xmm3",&QWP(0x50,$inp));
-	&pshufb	("xmm3","xmm1");
-	&pxor	("xmm3","xmm2");
-	&pshufb	("xmm3","xmm5");
-
-	&movdqa	("xmm2",&QWP(0x60,$inp));
-	&pshufb	("xmm2","xmm4");
-	&pxor	("xmm2","xmm3");
-	&movdqa	("xmm3",&QWP(0x70,$inp));
-	&pshufb	("xmm3","xmm1");
-	&pxor	("xmm3","xmm2");
-
-	&add	($key,-16);
-
-&set_label("schedule_mangle_both");
-	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
-	&pshufb	("xmm3","xmm1");
-	&add	($magic,-16);
-	&and	($magic,0x30);
-	&movdqu	(&QWP(0,$key),"xmm3");
-	&ret	();
-&function_end_B("_vpaes_schedule_mangle");
-
-#
-# Interface to OpenSSL
-#
-&function_begin("${PREFIX}_set_encrypt_key");
-	&mov	($inp,&wparam(0));		# inp
-	&lea	($base,&DWP(-56,"esp"));
-	&mov	($round,&wparam(1));		# bits
-	&and	($base,-16);
-	&mov	($key,&wparam(2));		# key
-	&xchg	($base,"esp");			# alloca
-	&mov	(&DWP(48,"esp"),$base);
-
-	&mov	($base,$round);
-	&shr	($base,5);
-	&add	($base,5);
-	&mov	(&DWP(240,$key),$base);		# AES_KEY->rounds = nbits/32+5;
-	&mov	($magic,0x30);
-	&mov	($out,0);
-
-	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
-	&call	("_vpaes_schedule_core");
-&set_label("pic_point");
-
-	&mov	("esp",&DWP(48,"esp"));
-	&xor	("eax","eax");
-&function_end("${PREFIX}_set_encrypt_key");
-
-&function_begin("${PREFIX}_set_decrypt_key");
-	&mov	($inp,&wparam(0));		# inp
-	&lea	($base,&DWP(-56,"esp"));
-	&mov	($round,&wparam(1));		# bits
-	&and	($base,-16);
-	&mov	($key,&wparam(2));		# key
-	&xchg	($base,"esp");			# alloca
-	&mov	(&DWP(48,"esp"),$base);
-
-	&mov	($base,$round);
-	&shr	($base,5);
-	&add	($base,5);
-	&mov	(&DWP(240,$key),$base);	# AES_KEY->rounds = nbits/32+5;
-	&shl	($base,4);
-	&lea	($key,&DWP(16,$key,$base));
-
-	&mov	($out,1);
-	&mov	($magic,$round);
-	&shr	($magic,1);
-	&and	($magic,32);
-	&xor	($magic,32);			# nbist==192?0:32;
-
-	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
-	&call	("_vpaes_schedule_core");
-&set_label("pic_point");
-
-	&mov	("esp",&DWP(48,"esp"));
-	&xor	("eax","eax");
-&function_end("${PREFIX}_set_decrypt_key");
-
-&function_begin("${PREFIX}_encrypt");
-	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
-	&call	("_vpaes_preheat");
-&set_label("pic_point");
-	&mov	($inp,&wparam(0));		# inp
-	&lea	($base,&DWP(-56,"esp"));
-	&mov	($out,&wparam(1));		# out
-	&and	($base,-16);
-	&mov	($key,&wparam(2));		# key
-	&xchg	($base,"esp");			# alloca
-	&mov	(&DWP(48,"esp"),$base);
-
-	&movdqu	("xmm0",&QWP(0,$inp));
-	&call	("_vpaes_encrypt_core");
-	&movdqu	(&QWP(0,$out),"xmm0");
-
-	&mov	("esp",&DWP(48,"esp"));
-&function_end("${PREFIX}_encrypt");
-
-&function_begin("${PREFIX}_decrypt");
-	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
-	&call	("_vpaes_preheat");
-&set_label("pic_point");
-	&mov	($inp,&wparam(0));		# inp
-	&lea	($base,&DWP(-56,"esp"));
-	&mov	($out,&wparam(1));		# out
-	&and	($base,-16);
-	&mov	($key,&wparam(2));		# key
-	&xchg	($base,"esp");			# alloca
-	&mov	(&DWP(48,"esp"),$base);
-
-	&movdqu	("xmm0",&QWP(0,$inp));
-	&call	("_vpaes_decrypt_core");
-	&movdqu	(&QWP(0,$out),"xmm0");
-
-	&mov	("esp",&DWP(48,"esp"));
-&function_end("${PREFIX}_decrypt");
-
-&function_begin("${PREFIX}_cbc_encrypt");
-	&mov	($inp,&wparam(0));		# inp
-	&mov	($out,&wparam(1));		# out
-	&mov	($round,&wparam(2));		# len
-	&mov	($key,&wparam(3));		# key
-	&sub	($round,16);
-	&jc	(&label("cbc_abort"));
-	&lea	($base,&DWP(-56,"esp"));
-	&mov	($const,&wparam(4));		# ivp
-	&and	($base,-16);
-	&mov	($magic,&wparam(5));		# enc
-	&xchg	($base,"esp");			# alloca
-	&movdqu	("xmm1",&QWP(0,$const));	# load IV
-	&sub	($out,$inp);
-	&mov	(&DWP(48,"esp"),$base);
-
-	&mov	(&DWP(0,"esp"),$out);		# save out
-	&mov	(&DWP(4,"esp"),$key)		# save key
-	&mov	(&DWP(8,"esp"),$const);		# save ivp
-	&mov	($out,$round);			# $out works as $len
-
-	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
-	&call	("_vpaes_preheat");
-&set_label("pic_point");
-	&cmp	($magic,0);
-	&je	(&label("cbc_dec_loop"));
-	&jmp	(&label("cbc_enc_loop"));
-
-&set_label("cbc_enc_loop",16);
-	&movdqu	("xmm0",&QWP(0,$inp));		# load input
-	&pxor	("xmm0","xmm1");		# inp^=iv
-	&call	("_vpaes_encrypt_core");
-	&mov	($base,&DWP(0,"esp"));		# restore out
-	&mov	($key,&DWP(4,"esp"));		# restore key
-	&movdqa	("xmm1","xmm0");
-	&movdqu	(&QWP(0,$base,$inp),"xmm0");	# write output
-	&lea	($inp,&DWP(16,$inp));
-	&sub	($out,16);
-	&jnc	(&label("cbc_enc_loop"));
-	&jmp	(&label("cbc_done"));
-
-&set_label("cbc_dec_loop",16);
-	&movdqu	("xmm0",&QWP(0,$inp));		# load input
-	&movdqa	(&QWP(16,"esp"),"xmm1");	# save IV
-	&movdqa	(&QWP(32,"esp"),"xmm0");	# save future IV
-	&call	("_vpaes_decrypt_core");
-	&mov	($base,&DWP(0,"esp"));		# restore out
-	&mov	($key,&DWP(4,"esp"));		# restore key
-	&pxor	("xmm0",&QWP(16,"esp"));	# out^=iv
-	&movdqa	("xmm1",&QWP(32,"esp"));	# load next IV
-	&movdqu	(&QWP(0,$base,$inp),"xmm0");	# write output
-	&lea	($inp,&DWP(16,$inp));
-	&sub	($out,16);
-	&jnc	(&label("cbc_dec_loop"));
-
-&set_label("cbc_done");
-	&mov	($base,&DWP(8,"esp"));		# restore ivp
-	&mov	("esp",&DWP(48,"esp"));
-	&movdqu	(&QWP(0,$base),"xmm1");		# write IV
-&set_label("cbc_abort");
-&function_end("${PREFIX}_cbc_encrypt");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/aes/asm/vpaes-x86_64.pl b/lib/libssl/src/crypto/aes/asm/vpaes-x86_64.pl
deleted file mode 100644
index bd7f45b8509..00000000000
--- a/lib/libssl/src/crypto/aes/asm/vpaes-x86_64.pl
+++ /dev/null
@@ -1,1207 +0,0 @@
-#!/usr/bin/env perl
-
-######################################################################
-## Constant-time SSSE3 AES core implementation.
-## version 0.1
-##
-## By Mike Hamburg (Stanford University), 2009
-## Public domain.
-##
-## For details see http://shiftleft.org/papers/vector_aes/ and
-## http://crypto.stanford.edu/vpaes/.
-
-######################################################################
-# September 2011.
-#
-# Interface to OpenSSL as "almost" drop-in replacement for
-# aes-x86_64.pl. "Almost" refers to the fact that AES_cbc_encrypt
-# doesn't handle partial vectors (doesn't have to if called from
-# EVP only). "Drop-in" implies that this module doesn't share key
-# schedule structure with the original nor does it make assumption
-# about its alignment...
-#
-# Performance summary. aes-x86_64.pl column lists large-block CBC
-# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
-# byte processed with 128-bit key, and vpaes-x86_64.pl column -
-# [also large-block CBC] encrypt/decrypt.
-#
-#		aes-x86_64.pl		vpaes-x86_64.pl
-#
-# Core 2(**)	30.5/43.7/14.3		21.8/25.7(***)
-# Nehalem	30.5/42.2/14.6		 9.8/11.8
-# Atom		63.9/79.0/32.1		64.0/84.8(***)
-#
-# (*)	"Hyper-threading" in the context refers rather to cache shared
-#	among multiple cores, than to specifically Intel HTT. As vast
-#	majority of contemporary cores share cache, slower code path
-#	is common place. In other words "with-hyper-threading-off"
-#	results are presented mostly for reference purposes.
-#
-# (**)	"Core 2" refers to initial 65nm design, a.k.a. Conroe.
-#
-# (***)	Less impressive improvement on Core 2 and Atom is due to slow
-#	pshufb,	yet it's respectable +40%/78% improvement on Core 2
-#	(as implied, over "hyper-threading-safe" code path).
-#
-#						<appro@openssl.org>
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$PREFIX="vpaes";
-
-$code.=<<___;
-.text
-
-##
-##  _aes_encrypt_core
-##
-##  AES-encrypt %xmm0.
-##
-##  Inputs:
-##     %xmm0 = input
-##     %xmm9-%xmm15 as in _vpaes_preheat
-##    (%rdx) = scheduled keys
-##
-##  Output in %xmm0
-##  Clobbers  %xmm1-%xmm5, %r9, %r10, %r11, %rax
-##  Preserves %xmm6 - %xmm8 so you get some local vectors
-##
-##
-.type	_vpaes_encrypt_core,\@abi-omnipotent
-.align 16
-_vpaes_encrypt_core:
-	mov	%rdx,	%r9
-	mov	\$16,	%r11
-	mov	240(%rdx),%eax
-	movdqa	%xmm9,	%xmm1
-	movdqa	.Lk_ipt(%rip), %xmm2	# iptlo
-	pandn	%xmm0,	%xmm1
-	movdqu	(%r9),	%xmm5		# round0 key
-	psrld	\$4,	%xmm1
-	pand	%xmm9,	%xmm0
-	pshufb	%xmm0,	%xmm2
-	movdqa	.Lk_ipt+16(%rip), %xmm0	# ipthi
-	pshufb	%xmm1,	%xmm0
-	pxor	%xmm5,	%xmm2
-	pxor	%xmm2,	%xmm0
-	add	\$16,	%r9
-	lea	.Lk_mc_backward(%rip),%r10
-	jmp	.Lenc_entry
-
-.align 16
-.Lenc_loop:
-	# middle of middle round
-	movdqa  %xmm13,	%xmm4	# 4 : sb1u
-	pshufb  %xmm2,	%xmm4	# 4 = sb1u
-	pxor	%xmm5,	%xmm4	# 4 = sb1u + k
-	movdqa  %xmm12,	%xmm0	# 0 : sb1t
-	pshufb  %xmm3,	%xmm0	# 0 = sb1t
-	pxor	%xmm4,	%xmm0	# 0 = A
-	movdqa  %xmm15,	%xmm5	# 4 : sb2u
-	pshufb	%xmm2,	%xmm5	# 4 = sb2u
-	movdqa	-0x40(%r11,%r10), %xmm1		# .Lk_mc_forward[]
-	movdqa	%xmm14, %xmm2	# 2 : sb2t
-	pshufb	%xmm3,  %xmm2	# 2 = sb2t
-	pxor	%xmm5,	%xmm2	# 2 = 2A
-	movdqa	(%r11,%r10), %xmm4		# .Lk_mc_backward[]
-	movdqa	%xmm0,  %xmm3	# 3 = A
-	pshufb  %xmm1,  %xmm0	# 0 = B
-	add	\$16,	%r9	# next key
-	pxor	%xmm2,  %xmm0	# 0 = 2A+B
-	pshufb	%xmm4,	%xmm3	# 3 = D
-	add	\$16,	%r11	# next mc
-	pxor	%xmm0,	%xmm3	# 3 = 2A+B+D
-	pshufb  %xmm1,	%xmm0	# 0 = 2B+C
-	and	\$0x30,	%r11	# ... mod 4
-	pxor	%xmm3,	%xmm0	# 0 = 2A+3B+C+D
-	sub	\$1,%rax	# nr--
-
-.Lenc_entry:
-	# top of round
-	movdqa  %xmm9, 	%xmm1	# 1 : i
-	pandn	%xmm0, 	%xmm1	# 1 = i<<4
-	psrld	\$4,   	%xmm1   # 1 = i
-	pand	%xmm9, 	%xmm0   # 0 = k
-	movdqa	%xmm11, %xmm5	# 2 : a/k
-	pshufb  %xmm0,  %xmm5	# 2 = a/k
-	pxor	%xmm1,	%xmm0	# 0 = j
-	movdqa	%xmm10,	%xmm3  	# 3 : 1/i
-	pshufb  %xmm1, 	%xmm3  	# 3 = 1/i
-	pxor	%xmm5, 	%xmm3  	# 3 = iak = 1/i + a/k
-	movdqa	%xmm10,	%xmm4  	# 4 : 1/j
-	pshufb	%xmm0, 	%xmm4  	# 4 = 1/j
-	pxor	%xmm5, 	%xmm4  	# 4 = jak = 1/j + a/k
-	movdqa	%xmm10,	%xmm2  	# 2 : 1/iak
-	pshufb  %xmm3,	%xmm2  	# 2 = 1/iak
-	pxor	%xmm0, 	%xmm2  	# 2 = io
-	movdqa	%xmm10, %xmm3   # 3 : 1/jak
-	movdqu	(%r9),	%xmm5
-	pshufb  %xmm4,  %xmm3   # 3 = 1/jak
-	pxor	%xmm1,  %xmm3   # 3 = jo
-	jnz	.Lenc_loop
-
-	# middle of last round
-	movdqa	-0x60(%r10), %xmm4	# 3 : sbou	.Lk_sbo
-	movdqa	-0x50(%r10), %xmm0	# 0 : sbot	.Lk_sbo+16
-	pshufb  %xmm2,  %xmm4	# 4 = sbou
-	pxor	%xmm5,  %xmm4	# 4 = sb1u + k
-	pshufb  %xmm3,	%xmm0	# 0 = sb1t
-	movdqa	0x40(%r11,%r10), %xmm1		# .Lk_sr[]
-	pxor	%xmm4,	%xmm0	# 0 = A
-	pshufb	%xmm1,	%xmm0
-	ret
-.size	_vpaes_encrypt_core,.-_vpaes_encrypt_core
-	
-##
-##  Decryption core
-##
-##  Same API as encryption core.
-##
-.type	_vpaes_decrypt_core,\@abi-omnipotent
-.align	16
-_vpaes_decrypt_core:
-	mov	%rdx,	%r9		# load key
-	mov	240(%rdx),%eax
-	movdqa	%xmm9,	%xmm1
-	movdqa	.Lk_dipt(%rip), %xmm2	# iptlo
-	pandn	%xmm0,	%xmm1
-	mov	%rax,	%r11
-	psrld	\$4,	%xmm1
-	movdqu	(%r9),	%xmm5		# round0 key
-	shl	\$4,	%r11
-	pand	%xmm9,	%xmm0
-	pshufb	%xmm0,	%xmm2
-	movdqa	.Lk_dipt+16(%rip), %xmm0 # ipthi
-	xor	\$0x30,	%r11
-	lea	.Lk_dsbd(%rip),%r10
-	pshufb	%xmm1,	%xmm0
-	and	\$0x30,	%r11
-	pxor	%xmm5,	%xmm2
-	movdqa	.Lk_mc_forward+48(%rip), %xmm5
-	pxor	%xmm2,	%xmm0
-	add	\$16,	%r9
-	add	%r10,	%r11
-	jmp	.Ldec_entry
-
-.align 16
-.Ldec_loop:
-##
-##  Inverse mix columns
-##
-	movdqa  -0x20(%r10),%xmm4	# 4 : sb9u
-	pshufb	%xmm2,	%xmm4		# 4 = sb9u
-	pxor	%xmm0,	%xmm4
-	movdqa  -0x10(%r10),%xmm0	# 0 : sb9t
-	pshufb	%xmm3,	%xmm0		# 0 = sb9t
-	pxor	%xmm4,	%xmm0		# 0 = ch
-	add	\$16, %r9		# next round key
-
-	pshufb	%xmm5,	%xmm0		# MC ch
-	movdqa  0x00(%r10),%xmm4	# 4 : sbdu
-	pshufb	%xmm2,	%xmm4		# 4 = sbdu
-	pxor	%xmm0,	%xmm4		# 4 = ch
-	movdqa  0x10(%r10),%xmm0	# 0 : sbdt
-	pshufb	%xmm3,	%xmm0		# 0 = sbdt
-	pxor	%xmm4,	%xmm0		# 0 = ch
-	sub	\$1,%rax		# nr--
-	
-	pshufb	%xmm5,	%xmm0		# MC ch
-	movdqa  0x20(%r10),%xmm4	# 4 : sbbu
-	pshufb	%xmm2,	%xmm4		# 4 = sbbu
-	pxor	%xmm0,	%xmm4		# 4 = ch
-	movdqa  0x30(%r10),%xmm0	# 0 : sbbt
-	pshufb	%xmm3,	%xmm0		# 0 = sbbt
-	pxor	%xmm4,	%xmm0		# 0 = ch
-	
-	pshufb	%xmm5,	%xmm0		# MC ch
-	movdqa  0x40(%r10),%xmm4	# 4 : sbeu
-	pshufb	%xmm2,	%xmm4		# 4 = sbeu
-	pxor	%xmm0,	%xmm4		# 4 = ch
-	movdqa  0x50(%r10),%xmm0	# 0 : sbet
-	pshufb	%xmm3,	%xmm0		# 0 = sbet
-	pxor	%xmm4,	%xmm0		# 0 = ch
-
-	palignr	\$12,	%xmm5,	%xmm5
-	
-.Ldec_entry:
-	# top of round
-	movdqa  %xmm9, 	%xmm1	# 1 : i
-	pandn	%xmm0, 	%xmm1	# 1 = i<<4
-	psrld	\$4,    %xmm1	# 1 = i
-	pand	%xmm9, 	%xmm0	# 0 = k
-	movdqa	%xmm11, %xmm2	# 2 : a/k
-	pshufb  %xmm0,  %xmm2	# 2 = a/k
-	pxor	%xmm1,	%xmm0	# 0 = j
-	movdqa	%xmm10,	%xmm3	# 3 : 1/i
-	pshufb  %xmm1, 	%xmm3	# 3 = 1/i
-	pxor	%xmm2, 	%xmm3	# 3 = iak = 1/i + a/k
-	movdqa	%xmm10,	%xmm4	# 4 : 1/j
-	pshufb	%xmm0, 	%xmm4	# 4 = 1/j
-	pxor	%xmm2, 	%xmm4	# 4 = jak = 1/j + a/k
-	movdqa	%xmm10,	%xmm2	# 2 : 1/iak
-	pshufb  %xmm3,	%xmm2	# 2 = 1/iak
-	pxor	%xmm0, 	%xmm2	# 2 = io
-	movdqa	%xmm10, %xmm3	# 3 : 1/jak
-	pshufb  %xmm4,  %xmm3	# 3 = 1/jak
-	pxor	%xmm1,  %xmm3	# 3 = jo
-	movdqu	(%r9),	%xmm0
-	jnz	.Ldec_loop
-
-	# middle of last round
-	movdqa	0x60(%r10), %xmm4	# 3 : sbou
-	pshufb  %xmm2,  %xmm4	# 4 = sbou
-	pxor	%xmm0,  %xmm4	# 4 = sb1u + k
-	movdqa	0x70(%r10), %xmm0	# 0 : sbot
-	movdqa	-0x160(%r11), %xmm2	# .Lk_sr-.Lk_dsbd=-0x160
-	pshufb  %xmm3,	%xmm0	# 0 = sb1t
-	pxor	%xmm4,	%xmm0	# 0 = A
-	pshufb	%xmm2,	%xmm0
-	ret
-.size	_vpaes_decrypt_core,.-_vpaes_decrypt_core
-
-########################################################
-##                                                    ##
-##                  AES key schedule                  ##
-##                                                    ##
-########################################################
-.type	_vpaes_schedule_core,\@abi-omnipotent
-.align	16
-_vpaes_schedule_core:
-	# rdi = key
-	# rsi = size in bits
-	# rdx = buffer
-	# rcx = direction.  0=encrypt, 1=decrypt
-
-	call	_vpaes_preheat		# load the tables
-	movdqa	.Lk_rcon(%rip), %xmm8	# load rcon
-	movdqu	(%rdi),	%xmm0		# load key (unaligned)
-
-	# input transform
-	movdqa	%xmm0,	%xmm3
-	lea	.Lk_ipt(%rip), %r11
-	call	_vpaes_schedule_transform
-	movdqa	%xmm0,	%xmm7
-
-	lea	.Lk_sr(%rip),%r10
-	test	%rcx,	%rcx
-	jnz	.Lschedule_am_decrypting
-
-	# encrypting, output zeroth round key after transform
-	movdqu	%xmm0,	(%rdx)
-	jmp	.Lschedule_go
-
-.Lschedule_am_decrypting:
-	# decrypting, output zeroth round key after shiftrows
-	movdqa	(%r8,%r10),%xmm1
-	pshufb  %xmm1,	%xmm3
-	movdqu	%xmm3,	(%rdx)
-	xor	\$0x30, %r8
-
-.Lschedule_go:
-	cmp	\$192,	%esi
-	ja	.Lschedule_256
-	je	.Lschedule_192
-	# 128: fall though
-
-##
-##  .schedule_128
-##
-##  128-bit specific part of key schedule.
-##
-##  This schedule is really simple, because all its parts
-##  are accomplished by the subroutines.
-##
-.Lschedule_128:
-	mov	\$10, %esi
-	
-.Loop_schedule_128:
-	call 	_vpaes_schedule_round
-	dec	%rsi
-	jz 	.Lschedule_mangle_last
-	call	_vpaes_schedule_mangle	# write output
-	jmp 	.Loop_schedule_128
-
-##
-##  .aes_schedule_192
-##
-##  192-bit specific part of key schedule.
-##
-##  The main body of this schedule is the same as the 128-bit
-##  schedule, but with more smearing.  The long, high side is
-##  stored in %xmm7 as before, and the short, low side is in
-##  the high bits of %xmm6.
-##
-##  This schedule is somewhat nastier, however, because each
-##  round produces 192 bits of key material, or 1.5 round keys.
-##  Therefore, on each cycle we do 2 rounds and produce 3 round
-##  keys.
-##
-.align	16
-.Lschedule_192:
-	movdqu	8(%rdi),%xmm0		# load key part 2 (very unaligned)
-	call	_vpaes_schedule_transform	# input transform
-	movdqa	%xmm0,	%xmm6		# save short part
-	pxor	%xmm4,	%xmm4		# clear 4
-	movhlps	%xmm4,	%xmm6		# clobber low side with zeros
-	mov	\$4,	%esi
-
-.Loop_schedule_192:
-	call	_vpaes_schedule_round
-	palignr	\$8,%xmm6,%xmm0	
-	call	_vpaes_schedule_mangle	# save key n
-	call	_vpaes_schedule_192_smear
-	call	_vpaes_schedule_mangle	# save key n+1
-	call	_vpaes_schedule_round
-	dec	%rsi
-	jz 	.Lschedule_mangle_last
-	call	_vpaes_schedule_mangle	# save key n+2
-	call	_vpaes_schedule_192_smear
-	jmp	.Loop_schedule_192
-
-##
-##  .aes_schedule_256
-##
-##  256-bit specific part of key schedule.
-##
-##  The structure here is very similar to the 128-bit
-##  schedule, but with an additional "low side" in
-##  %xmm6.  The low side's rounds are the same as the
-##  high side's, except no rcon and no rotation.
-##
-.align	16
-.Lschedule_256:
-	movdqu	16(%rdi),%xmm0		# load key part 2 (unaligned)
-	call	_vpaes_schedule_transform	# input transform
-	mov	\$7, %esi
-	
-.Loop_schedule_256:
-	call	_vpaes_schedule_mangle	# output low result
-	movdqa	%xmm0,	%xmm6		# save cur_lo in xmm6
-
-	# high round
-	call	_vpaes_schedule_round
-	dec	%rsi
-	jz 	.Lschedule_mangle_last
-	call	_vpaes_schedule_mangle	
-
-	# low round. swap xmm7 and xmm6
-	pshufd	\$0xFF,	%xmm0,	%xmm0
-	movdqa	%xmm7,	%xmm5
-	movdqa	%xmm6,	%xmm7
-	call	_vpaes_schedule_low_round
-	movdqa	%xmm5,	%xmm7
-	
-	jmp	.Loop_schedule_256
-
-	
-##
-##  .aes_schedule_mangle_last
-##
-##  Mangler for last round of key schedule
-##  Mangles %xmm0
-##    when encrypting, outputs out(%xmm0) ^ 63
-##    when decrypting, outputs unskew(%xmm0)
-##
-##  Always called right before return... jumps to cleanup and exits
-##
-.align	16
-.Lschedule_mangle_last:
-	# schedule last round key from xmm0
-	lea	.Lk_deskew(%rip),%r11	# prepare to deskew
-	test	%rcx, 	%rcx
-	jnz	.Lschedule_mangle_last_dec
-
-	# encrypting
-	movdqa	(%r8,%r10),%xmm1
-	pshufb	%xmm1,	%xmm0		# output permute
-	lea	.Lk_opt(%rip),	%r11	# prepare to output transform
-	add	\$32,	%rdx
-
-.Lschedule_mangle_last_dec:
-	add	\$-16,	%rdx
-	pxor	.Lk_s63(%rip),	%xmm0
-	call	_vpaes_schedule_transform # output transform
-	movdqu	%xmm0,	(%rdx)		# save last key
-
-	# cleanup
-	pxor	%xmm0,  %xmm0
-	pxor	%xmm1,  %xmm1
-	pxor	%xmm2,  %xmm2
-	pxor	%xmm3,  %xmm3
-	pxor	%xmm4,  %xmm4
-	pxor	%xmm5,  %xmm5
-	pxor	%xmm6,  %xmm6
-	pxor	%xmm7,  %xmm7
-	ret
-.size	_vpaes_schedule_core,.-_vpaes_schedule_core
-
-##
-##  .aes_schedule_192_smear
-##
-##  Smear the short, low side in the 192-bit key schedule.
-##
-##  Inputs:
-##    %xmm7: high side, b  a  x  y
-##    %xmm6:  low side, d  c  0  0
-##    %xmm13: 0
-##
-##  Outputs:
-##    %xmm6: b+c+d  b+c  0  0
-##    %xmm0: b+c+d  b+c  b  a
-##
-.type	_vpaes_schedule_192_smear,\@abi-omnipotent
-.align	16
-_vpaes_schedule_192_smear:
-	pshufd	\$0x80,	%xmm6,	%xmm0	# d c 0 0 -> c 0 0 0
-	pxor	%xmm0,	%xmm6		# -> c+d c 0 0
-	pshufd	\$0xFE,	%xmm7,	%xmm0	# b a _ _ -> b b b a
-	pxor	%xmm0,	%xmm6		# -> b+c+d b+c b a
-	movdqa	%xmm6,	%xmm0
-	pxor	%xmm1,	%xmm1
-	movhlps	%xmm1,	%xmm6		# clobber low side with zeros
-	ret
-.size	_vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear
-
-##
-##  .aes_schedule_round
-##
-##  Runs one main round of the key schedule on %xmm0, %xmm7
-##
-##  Specifically, runs subbytes on the high dword of %xmm0
-##  then rotates it by one byte and xors into the low dword of
-##  %xmm7.
-##
-##  Adds rcon from low byte of %xmm8, then rotates %xmm8 for
-##  next rcon.
-##
-##  Smears the dwords of %xmm7 by xoring the low into the
-##  second low, result into third, result into highest.
-##
-##  Returns results in %xmm7 = %xmm0.
-##  Clobbers %xmm1-%xmm4, %r11.
-##
-.type	_vpaes_schedule_round,\@abi-omnipotent
-.align	16
-_vpaes_schedule_round:
-	# extract rcon from xmm8
-	pxor	%xmm1,	%xmm1
-	palignr	\$15,	%xmm8,	%xmm1
-	palignr	\$15,	%xmm8,	%xmm8
-	pxor	%xmm1,	%xmm7
-
-	# rotate
-	pshufd	\$0xFF,	%xmm0,	%xmm0
-	palignr	\$1,	%xmm0,	%xmm0
-	
-	# fall through...
-	
-	# low round: same as high round, but no rotation and no rcon.
-_vpaes_schedule_low_round:
-	# smear xmm7
-	movdqa	%xmm7,	%xmm1
-	pslldq	\$4,	%xmm7
-	pxor	%xmm1,	%xmm7
-	movdqa	%xmm7,	%xmm1
-	pslldq	\$8,	%xmm7
-	pxor	%xmm1,	%xmm7
-	pxor	.Lk_s63(%rip), %xmm7
-
-	# subbytes
-	movdqa  %xmm9, 	%xmm1
-	pandn	%xmm0, 	%xmm1
-	psrld	\$4,    %xmm1		# 1 = i
-	pand	%xmm9, 	%xmm0		# 0 = k
-	movdqa	%xmm11, %xmm2		# 2 : a/k
-	pshufb  %xmm0,  %xmm2		# 2 = a/k
-	pxor	%xmm1,	%xmm0		# 0 = j
-	movdqa	%xmm10,	%xmm3		# 3 : 1/i
-	pshufb  %xmm1, 	%xmm3		# 3 = 1/i
-	pxor	%xmm2, 	%xmm3		# 3 = iak = 1/i + a/k
-	movdqa	%xmm10,	%xmm4		# 4 : 1/j
-	pshufb	%xmm0, 	%xmm4		# 4 = 1/j
-	pxor	%xmm2, 	%xmm4		# 4 = jak = 1/j + a/k
-	movdqa	%xmm10,	%xmm2		# 2 : 1/iak
-	pshufb  %xmm3,	%xmm2		# 2 = 1/iak
-	pxor	%xmm0, 	%xmm2		# 2 = io
-	movdqa	%xmm10, %xmm3		# 3 : 1/jak
-	pshufb  %xmm4,  %xmm3		# 3 = 1/jak
-	pxor	%xmm1,  %xmm3		# 3 = jo
-	movdqa	%xmm13, %xmm4		# 4 : sbou
-	pshufb  %xmm2,  %xmm4		# 4 = sbou
-	movdqa	%xmm12, %xmm0		# 0 : sbot
-	pshufb  %xmm3,	%xmm0		# 0 = sb1t
-	pxor	%xmm4, 	%xmm0		# 0 = sbox output
-
-	# add in smeared stuff
-	pxor	%xmm7,	%xmm0	
-	movdqa	%xmm0,	%xmm7
-	ret
-.size	_vpaes_schedule_round,.-_vpaes_schedule_round
-
-##
-##  .aes_schedule_transform
-##
-##  Linear-transform %xmm0 according to tables at (%r11)
-##
-##  Requires that %xmm9 = 0x0F0F... as in preheat
-##  Output in %xmm0
-##  Clobbers %xmm1, %xmm2
-##
-.type	_vpaes_schedule_transform,\@abi-omnipotent
-.align	16
-_vpaes_schedule_transform:
-	movdqa	%xmm9,	%xmm1
-	pandn	%xmm0,	%xmm1
-	psrld	\$4,	%xmm1
-	pand	%xmm9,	%xmm0
-	movdqa	(%r11), %xmm2 	# lo
-	pshufb	%xmm0,	%xmm2
-	movdqa	16(%r11), %xmm0 # hi
-	pshufb	%xmm1,	%xmm0
-	pxor	%xmm2,	%xmm0
-	ret
-.size	_vpaes_schedule_transform,.-_vpaes_schedule_transform
-
-##
-##  .aes_schedule_mangle
-##
-##  Mangle xmm0 from (basis-transformed) standard version
-##  to our version.
-##
-##  On encrypt,
-##    xor with 0x63
-##    multiply by circulant 0,1,1,1
-##    apply shiftrows transform
-##
-##  On decrypt,
-##    xor with 0x63
-##    multiply by "inverse mixcolumns" circulant E,B,D,9
-##    deskew
-##    apply shiftrows transform
-##
-##
-##  Writes out to (%rdx), and increments or decrements it
-##  Keeps track of round number mod 4 in %r8
-##  Preserves xmm0
-##  Clobbers xmm1-xmm5
-##
-.type	_vpaes_schedule_mangle,\@abi-omnipotent
-.align	16
-_vpaes_schedule_mangle:
-	movdqa	%xmm0,	%xmm4	# save xmm0 for later
-	movdqa	.Lk_mc_forward(%rip),%xmm5
-	test	%rcx, 	%rcx
-	jnz	.Lschedule_mangle_dec
-
-	# encrypting
-	add	\$16,	%rdx
-	pxor	.Lk_s63(%rip),%xmm4
-	pshufb	%xmm5,	%xmm4
-	movdqa	%xmm4,	%xmm3
-	pshufb	%xmm5,	%xmm4
-	pxor	%xmm4,	%xmm3
-	pshufb	%xmm5,	%xmm4
-	pxor	%xmm4,	%xmm3
-
-	jmp	.Lschedule_mangle_both
-.align	16
-.Lschedule_mangle_dec:
-	# inverse mix columns
-	lea	.Lk_dksd(%rip),%r11
-	movdqa	%xmm9,	%xmm1
-	pandn	%xmm4,	%xmm1
-	psrld	\$4,	%xmm1	# 1 = hi
-	pand	%xmm9,	%xmm4	# 4 = lo
-
-	movdqa	0x00(%r11), %xmm2
-	pshufb	%xmm4,	%xmm2
-	movdqa	0x10(%r11), %xmm3
-	pshufb	%xmm1,	%xmm3
-	pxor	%xmm2,	%xmm3
-	pshufb	%xmm5,	%xmm3
-
-	movdqa	0x20(%r11), %xmm2
-	pshufb	%xmm4,	%xmm2
-	pxor	%xmm3,	%xmm2
-	movdqa	0x30(%r11), %xmm3
-	pshufb	%xmm1,	%xmm3
-	pxor	%xmm2,	%xmm3
-	pshufb	%xmm5,	%xmm3
-
-	movdqa	0x40(%r11), %xmm2
-	pshufb	%xmm4,	%xmm2
-	pxor	%xmm3,	%xmm2
-	movdqa	0x50(%r11), %xmm3
-	pshufb	%xmm1,	%xmm3
-	pxor	%xmm2,	%xmm3
-	pshufb	%xmm5,	%xmm3
-
-	movdqa	0x60(%r11), %xmm2
-	pshufb	%xmm4,	%xmm2
-	pxor	%xmm3,	%xmm2
-	movdqa	0x70(%r11), %xmm3
-	pshufb	%xmm1,	%xmm3
-	pxor	%xmm2,	%xmm3
-
-	add	\$-16,	%rdx
-
-.Lschedule_mangle_both:
-	movdqa	(%r8,%r10),%xmm1
-	pshufb	%xmm1,%xmm3
-	add	\$-16,	%r8
-	and	\$0x30,	%r8
-	movdqu	%xmm3,	(%rdx)
-	ret
-.size	_vpaes_schedule_mangle,.-_vpaes_schedule_mangle
-
-#
-# Interface to OpenSSL
-#
-.globl	${PREFIX}_set_encrypt_key
-.type	${PREFIX}_set_encrypt_key,\@function,3
-.align	16
-${PREFIX}_set_encrypt_key:
-___
-$code.=<<___ if ($win64);
-	lea	-0xb8(%rsp),%rsp
-	movaps	%xmm6,0x10(%rsp)
-	movaps	%xmm7,0x20(%rsp)
-	movaps	%xmm8,0x30(%rsp)
-	movaps	%xmm9,0x40(%rsp)
-	movaps	%xmm10,0x50(%rsp)
-	movaps	%xmm11,0x60(%rsp)
-	movaps	%xmm12,0x70(%rsp)
-	movaps	%xmm13,0x80(%rsp)
-	movaps	%xmm14,0x90(%rsp)
-	movaps	%xmm15,0xa0(%rsp)
-.Lenc_key_body:
-___
-$code.=<<___;
-	mov	%esi,%eax
-	shr	\$5,%eax
-	add	\$5,%eax
-	mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
-
-	mov	\$0,%ecx
-	mov	\$0x30,%r8d
-	call	_vpaes_schedule_core
-___
-$code.=<<___ if ($win64);
-	movaps	0x10(%rsp),%xmm6
-	movaps	0x20(%rsp),%xmm7
-	movaps	0x30(%rsp),%xmm8
-	movaps	0x40(%rsp),%xmm9
-	movaps	0x50(%rsp),%xmm10
-	movaps	0x60(%rsp),%xmm11
-	movaps	0x70(%rsp),%xmm12
-	movaps	0x80(%rsp),%xmm13
-	movaps	0x90(%rsp),%xmm14
-	movaps	0xa0(%rsp),%xmm15
-	lea	0xb8(%rsp),%rsp
-.Lenc_key_epilogue:
-___
-$code.=<<___;
-	xor	%eax,%eax
-	ret
-.size	${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
-
-.globl	${PREFIX}_set_decrypt_key
-.type	${PREFIX}_set_decrypt_key,\@function,3
-.align	16
-${PREFIX}_set_decrypt_key:
-___
-$code.=<<___ if ($win64);
-	lea	-0xb8(%rsp),%rsp
-	movaps	%xmm6,0x10(%rsp)
-	movaps	%xmm7,0x20(%rsp)
-	movaps	%xmm8,0x30(%rsp)
-	movaps	%xmm9,0x40(%rsp)
-	movaps	%xmm10,0x50(%rsp)
-	movaps	%xmm11,0x60(%rsp)
-	movaps	%xmm12,0x70(%rsp)
-	movaps	%xmm13,0x80(%rsp)
-	movaps	%xmm14,0x90(%rsp)
-	movaps	%xmm15,0xa0(%rsp)
-.Ldec_key_body:
-___
-$code.=<<___;
-	mov	%esi,%eax
-	shr	\$5,%eax
-	add	\$5,%eax
-	mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
-	shl	\$4,%eax
-	lea	16(%rdx,%rax),%rdx
-
-	mov	\$1,%ecx
-	mov	%esi,%r8d
-	shr	\$1,%r8d
-	and	\$32,%r8d
-	xor	\$32,%r8d	# nbits==192?0:32
-	call	_vpaes_schedule_core
-___
-$code.=<<___ if ($win64);
-	movaps	0x10(%rsp),%xmm6
-	movaps	0x20(%rsp),%xmm7
-	movaps	0x30(%rsp),%xmm8
-	movaps	0x40(%rsp),%xmm9
-	movaps	0x50(%rsp),%xmm10
-	movaps	0x60(%rsp),%xmm11
-	movaps	0x70(%rsp),%xmm12
-	movaps	0x80(%rsp),%xmm13
-	movaps	0x90(%rsp),%xmm14
-	movaps	0xa0(%rsp),%xmm15
-	lea	0xb8(%rsp),%rsp
-.Ldec_key_epilogue:
-___
-$code.=<<___;
-	xor	%eax,%eax
-	ret
-.size	${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
-
-.globl	${PREFIX}_encrypt
-.type	${PREFIX}_encrypt,\@function,3
-.align	16
-${PREFIX}_encrypt:
-___
-$code.=<<___ if ($win64);
-	lea	-0xb8(%rsp),%rsp
-	movaps	%xmm6,0x10(%rsp)
-	movaps	%xmm7,0x20(%rsp)
-	movaps	%xmm8,0x30(%rsp)
-	movaps	%xmm9,0x40(%rsp)
-	movaps	%xmm10,0x50(%rsp)
-	movaps	%xmm11,0x60(%rsp)
-	movaps	%xmm12,0x70(%rsp)
-	movaps	%xmm13,0x80(%rsp)
-	movaps	%xmm14,0x90(%rsp)
-	movaps	%xmm15,0xa0(%rsp)
-.Lenc_body:
-___
-$code.=<<___;
-	movdqu	(%rdi),%xmm0
-	call	_vpaes_preheat
-	call	_vpaes_encrypt_core
-	movdqu	%xmm0,(%rsi)
-___
-$code.=<<___ if ($win64);
-	movaps	0x10(%rsp),%xmm6
-	movaps	0x20(%rsp),%xmm7
-	movaps	0x30(%rsp),%xmm8
-	movaps	0x40(%rsp),%xmm9
-	movaps	0x50(%rsp),%xmm10
-	movaps	0x60(%rsp),%xmm11
-	movaps	0x70(%rsp),%xmm12
-	movaps	0x80(%rsp),%xmm13
-	movaps	0x90(%rsp),%xmm14
-	movaps	0xa0(%rsp),%xmm15
-	lea	0xb8(%rsp),%rsp
-.Lenc_epilogue:
-___
-$code.=<<___;
-	ret
-.size	${PREFIX}_encrypt,.-${PREFIX}_encrypt
-
-.globl	${PREFIX}_decrypt
-.type	${PREFIX}_decrypt,\@function,3
-.align	16
-${PREFIX}_decrypt:
-___
-$code.=<<___ if ($win64);
-	lea	-0xb8(%rsp),%rsp
-	movaps	%xmm6,0x10(%rsp)
-	movaps	%xmm7,0x20(%rsp)
-	movaps	%xmm8,0x30(%rsp)
-	movaps	%xmm9,0x40(%rsp)
-	movaps	%xmm10,0x50(%rsp)
-	movaps	%xmm11,0x60(%rsp)
-	movaps	%xmm12,0x70(%rsp)
-	movaps	%xmm13,0x80(%rsp)
-	movaps	%xmm14,0x90(%rsp)
-	movaps	%xmm15,0xa0(%rsp)
-.Ldec_body:
-___
-$code.=<<___;
-	movdqu	(%rdi),%xmm0
-	call	_vpaes_preheat
-	call	_vpaes_decrypt_core
-	movdqu	%xmm0,(%rsi)
-___
-$code.=<<___ if ($win64);
-	movaps	0x10(%rsp),%xmm6
-	movaps	0x20(%rsp),%xmm7
-	movaps	0x30(%rsp),%xmm8
-	movaps	0x40(%rsp),%xmm9
-	movaps	0x50(%rsp),%xmm10
-	movaps	0x60(%rsp),%xmm11
-	movaps	0x70(%rsp),%xmm12
-	movaps	0x80(%rsp),%xmm13
-	movaps	0x90(%rsp),%xmm14
-	movaps	0xa0(%rsp),%xmm15
-	lea	0xb8(%rsp),%rsp
-.Ldec_epilogue:
-___
-$code.=<<___;
-	ret
-.size	${PREFIX}_decrypt,.-${PREFIX}_decrypt
-___
-{
-my ($inp,$out,$len,$key,$ivp,$enc)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
-# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
-#                       size_t length, const AES_KEY *key,
-#                       unsigned char *ivp,const int enc);
-$code.=<<___;
-.globl	${PREFIX}_cbc_encrypt
-.type	${PREFIX}_cbc_encrypt,\@function,6
-.align	16
-${PREFIX}_cbc_encrypt:
-	xchg	$key,$len
-___
-($len,$key)=($key,$len);
-$code.=<<___;
-	sub	\$16,$len
-	jc	.Lcbc_abort
-___
-$code.=<<___ if ($win64);
-	lea	-0xb8(%rsp),%rsp
-	movaps	%xmm6,0x10(%rsp)
-	movaps	%xmm7,0x20(%rsp)
-	movaps	%xmm8,0x30(%rsp)
-	movaps	%xmm9,0x40(%rsp)
-	movaps	%xmm10,0x50(%rsp)
-	movaps	%xmm11,0x60(%rsp)
-	movaps	%xmm12,0x70(%rsp)
-	movaps	%xmm13,0x80(%rsp)
-	movaps	%xmm14,0x90(%rsp)
-	movaps	%xmm15,0xa0(%rsp)
-.Lcbc_body:
-___
-$code.=<<___;
-	movdqu	($ivp),%xmm6		# load IV
-	sub	$inp,$out
-	call	_vpaes_preheat
-	cmp	\$0,${enc}d
-	je	.Lcbc_dec_loop
-	jmp	.Lcbc_enc_loop
-.align	16
-.Lcbc_enc_loop:
-	movdqu	($inp),%xmm0
-	pxor	%xmm6,%xmm0
-	call	_vpaes_encrypt_core
-	movdqa	%xmm0,%xmm6
-	movdqu	%xmm0,($out,$inp)
-	lea	16($inp),$inp
-	sub	\$16,$len
-	jnc	.Lcbc_enc_loop
-	jmp	.Lcbc_done
-.align	16
-.Lcbc_dec_loop:
-	movdqu	($inp),%xmm0
-	movdqa	%xmm0,%xmm7
-	call	_vpaes_decrypt_core
-	pxor	%xmm6,%xmm0
-	movdqa	%xmm7,%xmm6
-	movdqu	%xmm0,($out,$inp)
-	lea	16($inp),$inp
-	sub	\$16,$len
-	jnc	.Lcbc_dec_loop
-.Lcbc_done:
-	movdqu	%xmm6,($ivp)		# save IV
-___
-$code.=<<___ if ($win64);
-	movaps	0x10(%rsp),%xmm6
-	movaps	0x20(%rsp),%xmm7
-	movaps	0x30(%rsp),%xmm8
-	movaps	0x40(%rsp),%xmm9
-	movaps	0x50(%rsp),%xmm10
-	movaps	0x60(%rsp),%xmm11
-	movaps	0x70(%rsp),%xmm12
-	movaps	0x80(%rsp),%xmm13
-	movaps	0x90(%rsp),%xmm14
-	movaps	0xa0(%rsp),%xmm15
-	lea	0xb8(%rsp),%rsp
-.Lcbc_epilogue:
-___
-$code.=<<___;
-.Lcbc_abort:
-	ret
-.size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
-___
-}
-$code.=<<___;
-##
-##  _aes_preheat
-##
-##  Fills register %r10 -> .aes_consts (so you can -fPIC)
-##  and %xmm9-%xmm15 as specified below.
-##
-.type	_vpaes_preheat,\@abi-omnipotent
-.align	16
-_vpaes_preheat:
-	lea	.Lk_s0F(%rip), %r10
-	movdqa	-0x20(%r10), %xmm10	# .Lk_inv
-	movdqa	-0x10(%r10), %xmm11	# .Lk_inv+16
-	movdqa	0x00(%r10), %xmm9	# .Lk_s0F
-	movdqa	0x30(%r10), %xmm13	# .Lk_sb1
-	movdqa	0x40(%r10), %xmm12	# .Lk_sb1+16
-	movdqa	0x50(%r10), %xmm15	# .Lk_sb2
-	movdqa	0x60(%r10), %xmm14	# .Lk_sb2+16
-	ret
-.size	_vpaes_preheat,.-_vpaes_preheat
-########################################################
-##                                                    ##
-##                     Constants                      ##
-##                                                    ##
-########################################################
-.type	_vpaes_consts,\@object
-.align	64
-_vpaes_consts:
-.Lk_inv:	# inv, inva
-	.quad	0x0E05060F0D080180, 0x040703090A0B0C02
-	.quad	0x01040A060F0B0780, 0x030D0E0C02050809
-
-.Lk_s0F:	# s0F
-	.quad	0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
-
-.Lk_ipt:	# input transform (lo, hi)
-	.quad	0xC2B2E8985A2A7000, 0xCABAE09052227808
-	.quad	0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
-
-.Lk_sb1:	# sb1u, sb1t
-	.quad	0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
-	.quad	0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
-.Lk_sb2:	# sb2u, sb2t
-	.quad	0xE27A93C60B712400, 0x5EB7E955BC982FCD
-	.quad	0x69EB88400AE12900, 0xC2A163C8AB82234A
-.Lk_sbo:	# sbou, sbot
-	.quad	0xD0D26D176FBDC700, 0x15AABF7AC502A878
-	.quad	0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
-
-.Lk_mc_forward:	# mc_forward
-	.quad	0x0407060500030201, 0x0C0F0E0D080B0A09
-	.quad	0x080B0A0904070605, 0x000302010C0F0E0D
-	.quad	0x0C0F0E0D080B0A09, 0x0407060500030201
-	.quad	0x000302010C0F0E0D, 0x080B0A0904070605
-
-.Lk_mc_backward:# mc_backward
-	.quad	0x0605040702010003, 0x0E0D0C0F0A09080B
-	.quad	0x020100030E0D0C0F, 0x0A09080B06050407
-	.quad	0x0E0D0C0F0A09080B, 0x0605040702010003
-	.quad	0x0A09080B06050407, 0x020100030E0D0C0F
-
-.Lk_sr:		# sr
-	.quad	0x0706050403020100, 0x0F0E0D0C0B0A0908
-	.quad	0x030E09040F0A0500, 0x0B06010C07020D08
-	.quad	0x0F060D040B020900, 0x070E050C030A0108
-	.quad	0x0B0E0104070A0D00, 0x0306090C0F020508
-
-.Lk_rcon:	# rcon
-	.quad	0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
-
-.Lk_s63:	# s63: all equal to 0x63 transformed
-	.quad	0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
-
-.Lk_opt:	# output transform
-	.quad	0xFF9F4929D6B66000, 0xF7974121DEBE6808
-	.quad	0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
-
-.Lk_deskew:	# deskew tables: inverts the sbox's "skew"
-	.quad	0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
-	.quad	0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
-
-##
-##  Decryption stuff
-##  Key schedule constants
-##
-.Lk_dksd:	# decryption key schedule: invskew x*D
-	.quad	0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
-	.quad	0x41C277F4B5368300, 0x5FDC69EAAB289D1E
-.Lk_dksb:	# decryption key schedule: invskew x*B
-	.quad	0x9A4FCA1F8550D500, 0x03D653861CC94C99
-	.quad	0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
-.Lk_dkse:	# decryption key schedule: invskew x*E + 0x63
-	.quad	0xD5031CCA1FC9D600, 0x53859A4C994F5086
-	.quad	0xA23196054FDC7BE8, 0xCD5EF96A20B31487
-.Lk_dks9:	# decryption key schedule: invskew x*9
-	.quad	0xB6116FC87ED9A700, 0x4AED933482255BFC
-	.quad	0x4576516227143300, 0x8BB89FACE9DAFDCE
-
-##
-##  Decryption stuff
-##  Round function constants
-##
-.Lk_dipt:	# decryption input transform
-	.quad	0x0F505B040B545F00, 0x154A411E114E451A
-	.quad	0x86E383E660056500, 0x12771772F491F194
-
-.Lk_dsb9:	# decryption sbox output *9*u, *9*t
-	.quad	0x851C03539A86D600, 0xCAD51F504F994CC9
-	.quad	0xC03B1789ECD74900, 0x725E2C9EB2FBA565
-.Lk_dsbd:	# decryption sbox output *D*u, *D*t
-	.quad	0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
-	.quad	0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
-.Lk_dsbb:	# decryption sbox output *B*u, *B*t
-	.quad	0xD022649296B44200, 0x602646F6B0F2D404
-	.quad	0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
-.Lk_dsbe:	# decryption sbox output *E*u, *E*t
-	.quad	0x46F2929626D4D000, 0x2242600464B4F6B0
-	.quad	0x0C55A6CDFFAAC100, 0x9467F36B98593E32
-.Lk_dsbo:	# decryption sbox final output
-	.quad	0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
-	.quad	0x12D7560F93441D00, 0xCA4B8159D8C58E9C
-.asciz	"Vector Permutation AES for x86_64/SSSE3, Mike Hamburg (Stanford University)"
-.align	64
-.size	_vpaes_consts,.-_vpaes_consts
-___
-
-if ($win64) {
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_prologue
-
-	lea	16(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0xb8(%rax),%rax		# adjust stack pointer
-
-.Lin_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	se_handler,.-se_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_${PREFIX}_set_encrypt_key
-	.rva	.LSEH_end_${PREFIX}_set_encrypt_key
-	.rva	.LSEH_info_${PREFIX}_set_encrypt_key
-
-	.rva	.LSEH_begin_${PREFIX}_set_decrypt_key
-	.rva	.LSEH_end_${PREFIX}_set_decrypt_key
-	.rva	.LSEH_info_${PREFIX}_set_decrypt_key
-
-	.rva	.LSEH_begin_${PREFIX}_encrypt
-	.rva	.LSEH_end_${PREFIX}_encrypt
-	.rva	.LSEH_info_${PREFIX}_encrypt
-
-	.rva	.LSEH_begin_${PREFIX}_decrypt
-	.rva	.LSEH_end_${PREFIX}_decrypt
-	.rva	.LSEH_info_${PREFIX}_decrypt
-
-	.rva	.LSEH_begin_${PREFIX}_cbc_encrypt
-	.rva	.LSEH_end_${PREFIX}_cbc_encrypt
-	.rva	.LSEH_info_${PREFIX}_cbc_encrypt
-
-.section	.xdata
-.align	8
-.LSEH_info_${PREFIX}_set_encrypt_key:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lenc_key_body,.Lenc_key_epilogue	# HandlerData[]
-.LSEH_info_${PREFIX}_set_decrypt_key:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Ldec_key_body,.Ldec_key_epilogue	# HandlerData[]
-.LSEH_info_${PREFIX}_encrypt:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lenc_body,.Lenc_epilogue		# HandlerData[]
-.LSEH_info_${PREFIX}_decrypt:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Ldec_body,.Ldec_epilogue		# HandlerData[]
-.LSEH_info_${PREFIX}_cbc_encrypt:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lcbc_body,.Lcbc_epilogue		# HandlerData[]
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/alphacpuid.pl b/lib/libssl/src/crypto/alphacpuid.pl
deleted file mode 100644
index 0ff4ae22e33..00000000000
--- a/lib/libssl/src/crypto/alphacpuid.pl
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/bin/env perl
-print <<'___';
-.text
-
-.set	noat
-
-.globl	OPENSSL_cpuid_setup
-.ent	OPENSSL_cpuid_setup
-OPENSSL_cpuid_setup:
-	.frame	$30,0,$26
-	.prologue 0
-	ret	($26)
-.end	OPENSSL_cpuid_setup
-
-.globl	OPENSSL_wipe_cpu
-.ent	OPENSSL_wipe_cpu
-OPENSSL_wipe_cpu:
-	.frame	$30,0,$26
-	.prologue 0
-	clr	$1
-	clr	$2
-	clr	$3
-	clr	$4
-	clr	$5
-	clr	$6
-	clr	$7
-	clr	$8
-	clr	$16
-	clr	$17
-	clr	$18
-	clr	$19
-	clr	$20
-	clr	$21
-	clr	$22
-	clr	$23
-	clr	$24
-	clr	$25
-	clr	$27
-	clr	$at
-	clr	$29
-	fclr	$f0
-	fclr	$f1
-	fclr	$f10
-	fclr	$f11
-	fclr	$f12
-	fclr	$f13
-	fclr	$f14
-	fclr	$f15
-	fclr	$f16
-	fclr	$f17
-	fclr	$f18
-	fclr	$f19
-	fclr	$f20
-	fclr	$f21
-	fclr	$f22
-	fclr	$f23
-	fclr	$f24
-	fclr	$f25
-	fclr	$f26
-	fclr	$f27
-	fclr	$f28
-	fclr	$f29
-	fclr	$f30
-	mov	$sp,$0
-	ret	($26)
-.end	OPENSSL_wipe_cpu
-
-.globl	OPENSSL_atomic_add
-.ent	OPENSSL_atomic_add
-OPENSSL_atomic_add:
-	.frame	$30,0,$26
-	.prologue 0
-1:	ldl_l	$0,0($16)
-	addl	$0,$17,$1
-	stl_c	$1,0($16)
-	beq	$1,1b
-	addl	$0,$17,$0
-	ret	($26)
-.end	OPENSSL_atomic_add
-___
diff --git a/lib/libssl/src/crypto/arm_arch.h b/lib/libssl/src/crypto/arm_arch.h
deleted file mode 100644
index 3304be81ab1..00000000000
--- a/lib/libssl/src/crypto/arm_arch.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/* $OpenBSD: arm_arch.h,v 1.7 2015/06/29 06:40:06 jsg Exp $ */
-#ifndef __ARM_ARCH_H__
-#define __ARM_ARCH_H__
-
-#if !defined(__ARM_ARCH__)
-# if defined(__CC_ARM)
-#  define __ARM_ARCH__ __TARGET_ARCH_ARM
-#  if defined(__BIG_ENDIAN)
-#   define __ARMEB__
-#  else
-#   define __ARMEL__
-#  endif
-# elif defined(__GNUC__)
-  /*
-   * Why doesn't gcc define __ARM_ARCH__? Instead it defines
-   * bunch of below macros. See all_architectures[] table in
-   * gcc/config/arm/arm.c. On a side note it defines
-   * __ARMEL__/__ARMEB__ for little-/big-endian.
-   */
-#  if	defined(__ARM_ARCH_7__)	|| defined(__ARM_ARCH_7A__)	|| \
-	defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__)	|| \
-	defined(__ARM_ARCH_7EM__)
-#   define __ARM_ARCH__ 7
-#  elif	defined(__ARM_ARCH_6__)	|| defined(__ARM_ARCH_6J__)	|| \
-	defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__)	|| \
-	defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__)	|| \
-	defined(__ARM_ARCH_6T2__)
-#   define __ARM_ARCH__ 6
-#  elif	defined(__ARM_ARCH_5__)	|| defined(__ARM_ARCH_5T__)	|| \
-	defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__)	|| \
-	defined(__ARM_ARCH_5TEJ__)
-#   define __ARM_ARCH__ 5
-#  elif	defined(__ARM_ARCH_4__)	|| defined(__ARM_ARCH_4T__)
-#   define __ARM_ARCH__ 4
-#  else
-#   error "unsupported ARM architecture"
-#  endif
-# endif
-#endif
-
-#if !defined(__ASSEMBLER__)
-extern unsigned int OPENSSL_armcap_P;
-
-#define ARMV7_NEON      (1<<0)
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/armcap.c b/lib/libssl/src/crypto/armcap.c
deleted file mode 100644
index 7ee94d48b12..00000000000
--- a/lib/libssl/src/crypto/armcap.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* $OpenBSD: armcap.c,v 1.6 2014/06/20 21:00:46 deraadt Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include <crypto.h>
-
-#include "arm_arch.h"
-
-unsigned int OPENSSL_armcap_P;
-
-#if __ARM_ARCH__ >= 7
-static sigset_t all_masked;
-
-static sigjmp_buf ill_jmp;
-	static void ill_handler (int sig) { siglongjmp(ill_jmp, sig);
-}
-
-/*
- * Following subroutines could have been inlined, but it's not all
- * ARM compilers support inline assembler...
- */
-void _armv7_neon_probe(void);
-#endif
-
-#if defined(__GNUC__) && __GNUC__>=2
-void OPENSSL_cpuid_setup(void) __attribute__((constructor));
-#endif
-
-void
-OPENSSL_cpuid_setup(void)
-{
-#ifndef __OpenBSD__
-	char *e;
-#endif
-#if __ARM_ARCH__ >= 7
-	struct sigaction	ill_oact, ill_act;
-	sigset_t		oset;
-#endif
-	static int trigger = 0;
-
-	if (trigger)
-		return;
-	trigger = 1;
-
-	OPENSSL_armcap_P = 0;
-
-#if __ARM_ARCH__ >= 7
-	sigfillset(&all_masked);
-	sigdelset(&all_masked, SIGILL);
-	sigdelset(&all_masked, SIGTRAP);
-	sigdelset(&all_masked, SIGFPE);
-	sigdelset(&all_masked, SIGBUS);
-	sigdelset(&all_masked, SIGSEGV);
-
-	memset(&ill_act, 0, sizeof(ill_act));
-	ill_act.sa_handler = ill_handler;
-	ill_act.sa_mask = all_masked;
-
-	sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-	sigaction(SIGILL, &ill_act, &ill_oact);
-
-	if (sigsetjmp(ill_jmp, 1) == 0) {
-		_armv7_neon_probe();
-		OPENSSL_armcap_P |= ARMV7_NEON;
-	}
-
-	sigaction (SIGILL, &ill_oact, NULL);
-	sigprocmask(SIG_SETMASK, &oset, NULL);
-#endif
-}
diff --git a/lib/libssl/src/crypto/armv4cpuid.S b/lib/libssl/src/crypto/armv4cpuid.S
deleted file mode 100644
index 5ca979f3b3e..00000000000
--- a/lib/libssl/src/crypto/armv4cpuid.S
+++ /dev/null
@@ -1,99 +0,0 @@
-#include "arm_arch.h"
-
-.text
-.code	32
-
-.align	5
-#if __ARM_ARCH__>=7
-.global	_armv7_neon_probe
-.type	_armv7_neon_probe,%function
-_armv7_neon_probe:
-	.word	0xf26ee1fe	@ vorr	q15,q15,q15
-	.word	0xe12fff1e	@ bx	lr
-.size	_armv7_neon_probe,.-_armv7_neon_probe
-#endif
-
-.global	OPENSSL_atomic_add
-.type	OPENSSL_atomic_add,%function
-OPENSSL_atomic_add:
-#if __ARM_ARCH__>=6
-.Ladd:	ldrex	r2,[r0]
-	add	r3,r2,r1
-	strex	r2,r3,[r0]
-	cmp	r2,#0
-	bne	.Ladd
-	mov	r0,r3
-	.word	0xe12fff1e	@ bx	lr
-#else
-	stmdb	sp!,{r4-r6,lr}
-	ldr	r2,.Lspinlock
-	adr	r3,.Lspinlock
-	mov	r4,r0
-	mov	r5,r1
-	add	r6,r3,r2	@ &spinlock
-	b	.+8
-.Lspin:	bl	sched_yield
-	mov	r0,#-1
-	swp	r0,r0,[r6]
-	cmp	r0,#0
-	bne	.Lspin
-
-	ldr	r2,[r4]
-	add	r2,r2,r5
-	str	r2,[r4]
-	str	r0,[r6]		@ release spinlock
-	ldmia	sp!,{r4-r6,lr}
-	tst	lr,#1
-	moveq	pc,lr
-	.word	0xe12fff1e	@ bx	lr
-#endif
-.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
-
-.global	OPENSSL_wipe_cpu
-.type	OPENSSL_wipe_cpu,%function
-OPENSSL_wipe_cpu:
-	ldr	r0,.LOPENSSL_armcap
-	adr	r1,.LOPENSSL_armcap
-	ldr	r0,[r1,r0]
-	eor	r2,r2,r2
-	eor	r3,r3,r3
-	eor	ip,ip,ip
-	tst	r0,#1
-	beq	.Lwipe_done
-	.word	0xf3000150	@ veor    q0, q0, q0
-	.word	0xf3022152	@ veor    q1, q1, q1
-	.word	0xf3044154	@ veor    q2, q2, q2
-	.word	0xf3066156	@ veor    q3, q3, q3
-	.word	0xf34001f0	@ veor    q8, q8, q8
-	.word	0xf34221f2	@ veor    q9, q9, q9
-	.word	0xf34441f4	@ veor    q10, q10, q10
-	.word	0xf34661f6	@ veor    q11, q11, q11
-	.word	0xf34881f8	@ veor    q12, q12, q12
-	.word	0xf34aa1fa	@ veor    q13, q13, q13
-	.word	0xf34cc1fc	@ veor    q14, q14, q14
-	.word	0xf34ee1fe	@ veor    q15, q15, q15
-.Lwipe_done:
-	mov	r0,sp
-	tst	lr,#1
-	moveq	pc,lr
-	.word	0xe12fff1e	@ bx	lr
-.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-
-.align	5
-.LOPENSSL_armcap:
-.word	OPENSSL_armcap_P-.LOPENSSL_armcap
-#if __ARM_ARCH__>=6
-.align	5
-#else
-.Lspinlock:
-.word	atomic_add_spinlock-.Lspinlock
-.align	5
-
-.data
-.align	2
-atomic_add_spinlock:
-.word	0
-#endif
-
-.comm	OPENSSL_armcap_P,4,4
-.hidden	OPENSSL_armcap_P
diff --git a/lib/libssl/src/crypto/asn1/a_bitstr.c b/lib/libssl/src/crypto/asn1/a_bitstr.c
deleted file mode 100644
index c847b471d69..00000000000
--- a/lib/libssl/src/crypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* $OpenBSD: a_bitstr.c,v 1.23 2015/09/29 13:54:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-int
-ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
-{
-	return ASN1_STRING_set(x, d, len);
-}
-
-int
-i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-{
-	int ret, j, bits, len;
-	unsigned char *p, *d;
-
-	if (a == NULL)
-		return (0);
-
-	len = a->length;
-
-	if (len > 0) {
-		if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
-			bits = (int)a->flags & 0x07;
-		} else {
-			for (; len > 0; len--) {
-				if (a->data[len - 1])
-					break;
-			}
-			j = a->data[len - 1];
-			if (j & 0x01)
-				bits = 0;
-			else if (j & 0x02)
-				bits = 1;
-			else if (j & 0x04)
-				bits = 2;
-			else if (j & 0x08)
-				bits = 3;
-			else if (j & 0x10)
-				bits = 4;
-			else if (j & 0x20)
-				bits = 5;
-			else if (j & 0x40)
-				bits = 6;
-			else if (j & 0x80)
-				bits = 7;
-			else
-				bits = 0; /* should not happen */
-		}
-	} else
-		bits = 0;
-
-	ret = 1 + len;
-	if (pp == NULL)
-		return (ret);
-
-	p= *pp;
-
-	*(p++) = (unsigned char)bits;
-	d = a->data;
-	memcpy(p, d, len);
-	p += len;
-	if (len > 0)
-		p[-1]&=(0xff << bits);
-	*pp = p;
-	return (ret);
-}
-
-ASN1_BIT_STRING *
-c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **pp, long len)
-{
-	ASN1_BIT_STRING *ret = NULL;
-	const unsigned char *p;
-	unsigned char *s;
-	int i;
-
-	if (len < 1) {
-		i = ASN1_R_STRING_TOO_SHORT;
-		goto err;
-	}
-
-	if ((a == NULL) || ((*a) == NULL)) {
-		if ((ret = ASN1_BIT_STRING_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	p = *pp;
-	i = *(p++);
-	/* We do this to preserve the settings.  If we modify
-	 * the settings, via the _set_bit function, we will recalculate
-	 * on output */
-	ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
-	ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
-
-	if (len-- > 1) /* using one because of the bits left byte */
-	{
-		s = malloc(len);
-		if (s == NULL) {
-			i = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-		memcpy(s, p, len);
-		s[len - 1] &= (0xff << i);
-		p += len;
-	} else
-		s = NULL;
-
-	ret->length = (int)len;
-	free(ret->data);
-	ret->data = s;
-	ret->type = V_ASN1_BIT_STRING;
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_BIT_STRING_free(ret);
-	return (NULL);
-}
-
-/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
- */
-int
-ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
-{
-	int w, v, iv;
-	unsigned char *c;
-
-	w = n/8;
-	v = 1 << (7 - (n & 0x07));
-	iv = ~v;
-	if (!value)
-		v = 0;
-
-	if (a == NULL)
-		return 0;
-
-	a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */
-
-	if ((a->length < (w + 1)) || (a->data == NULL)) {
-		if (!value)
-			return(1); /* Don't need to set */
-		c = OPENSSL_realloc_clean(a->data, a->length, w + 1);
-		if (c == NULL) {
-			ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if (w + 1 - a->length > 0)
-			memset(c + a->length, 0, w + 1 - a->length);
-		a->data = c;
-		a->length = w + 1;
-	}
-	a->data[w] = ((a->data[w]) & iv) | v;
-	while ((a->length > 0) && (a->data[a->length - 1] == 0))
-		a->length--;
-
-	return (1);
-}
-
-int
-ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
-{
-	int w, v;
-
-	w = n / 8;
-	v = 1 << (7 - (n & 0x07));
-	if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
-		return (0);
-	return ((a->data[w] & v) != 0);
-}
-
-/*
- * Checks if the given bit string contains only bits specified by
- * the flags vector. Returns 0 if there is at least one bit set in 'a'
- * which is not specified in 'flags', 1 otherwise.
- * 'len' is the length of 'flags'.
- */
-int
-ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, unsigned char *flags, int flags_len)
-{
-	int i, ok;
-
-	/* Check if there is one bit set at all. */
-	if (!a || !a->data)
-		return 1;
-
-	/* Check each byte of the internal representation of the bit string. */
-	ok = 1;
-	for (i = 0; i < a->length && ok; ++i) {
-		unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
-		/* We are done if there is an unneeded bit set. */
-		ok = (a->data[i] & mask) == 0;
-	}
-	return ok;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_bool.c b/lib/libssl/src/crypto/asn1/a_bool.c
deleted file mode 100644
index d5a0c0c8a45..00000000000
--- a/lib/libssl/src/crypto/asn1/a_bool.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: a_bool.c,v 1.7 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-
-int
-i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
-{
-	int r;
-	unsigned char *p;
-
-	r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
-	if (pp == NULL)
-		return (r);
-	p = *pp;
-
-	ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
-	*(p++) = (unsigned char)a;
-	*pp = p;
-	return (r);
-}
-
-int
-d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
-{
-	int ret = -1;
-	const unsigned char *p;
-	long len;
-	int inf, tag, xclass;
-	int i = 0;
-
-	p = *pp;
-	inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-	if (inf & 0x80) {
-		i = ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-	}
-
-	if (tag != V_ASN1_BOOLEAN) {
-		i = ASN1_R_EXPECTING_A_BOOLEAN;
-		goto err;
-	}
-
-	if (len != 1) {
-		i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
-		goto err;
-	}
-	ret = (int)*(p++);
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_bytes.c b/lib/libssl/src/crypto/asn1/a_bytes.c
deleted file mode 100644
index 727ad3ed9b2..00000000000
--- a/lib/libssl/src/crypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* $OpenBSD: a_bytes.c,v 1.18 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
-/* type is a 'bitmap' of acceptable string types.
- */
-ASN1_STRING *
-d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
-    long length, int type)
-{
-	ASN1_STRING *ret = NULL;
-	const unsigned char *p;
-	unsigned char *s;
-	long len;
-	int inf, tag, xclass;
-	int i = 0;
-
-	p = *pp;
-	inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-	if (inf & 0x80)
-		goto err;
-
-	if (tag >= 32) {
-		i = ASN1_R_TAG_VALUE_TOO_HIGH;
-		goto err;
-	}
-	if (!(ASN1_tag2bit(tag) & type)) {
-		i = ASN1_R_WRONG_TYPE;
-		goto err;
-	}
-
-	/* If a bit-string, exit early */
-	if (tag == V_ASN1_BIT_STRING)
-		return (d2i_ASN1_BIT_STRING(a, pp, length));
-
-	if ((a == NULL) || ((*a) == NULL)) {
-		if ((ret = ASN1_STRING_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	if (len != 0) {
-		s = malloc(len + 1);
-		if (s == NULL) {
-			i = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-		memcpy(s, p, len);
-		s[len]='\0';
-		p += len;
-	} else
-		s = NULL;
-
-	free(ret->data);
-	ret->length = (int)len;
-	ret->data = s;
-	ret->type = tag;
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
-	if (a == NULL || *a != ret)
-		ASN1_STRING_free(ret);
-	return (NULL);
-}
-
-int
-i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
-{
-	int ret, r, constructed;
-	unsigned char *p;
-
-	if (a == NULL)
-		return (0);
-
-	if (tag == V_ASN1_BIT_STRING)
-		return (i2d_ASN1_BIT_STRING(a, pp));
-
-	ret = a->length;
-	r = ASN1_object_size(0, ret, tag);
-	if (pp == NULL)
-		return (r);
-	p = *pp;
-
-	if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
-		constructed = 1;
-	else
-		constructed = 0;
-	ASN1_put_object(&p, constructed, ret, tag, xclass);
-	memcpy(p, a->data, a->length);
-	p += a->length;
-	*pp = p;
-	return (r);
-}
-
-ASN1_STRING *
-d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
-    long length, int Ptag, int Pclass)
-{
-	ASN1_STRING *ret = NULL;
-	const unsigned char *p;
-	unsigned char *s;
-	long len;
-	int inf, tag, xclass;
-	int i = 0;
-
-	if ((a == NULL) || ((*a) == NULL)) {
-		if ((ret = ASN1_STRING_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	p= *pp;
-	inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-	if (inf & 0x80) {
-		i = ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-	}
-
-	if (tag != Ptag) {
-		i = ASN1_R_WRONG_TAG;
-		goto err;
-	}
-
-	if (inf & V_ASN1_CONSTRUCTED) {
-		ASN1_const_CTX c;
-
-		c.pp = pp;
-		c.p = p;
-		c.inf = inf;
-		c.slen = len;
-		c.tag = Ptag;
-		c.xclass = Pclass;
-		c.max = (length == 0) ? 0 : (p + length);
-		if (!asn1_collate_primitive(ret, &c))
-			goto err;
-		else {
-			p = c.p;
-		}
-	} else {
-		if (len != 0) {
-			if ((ret->length < len) || (ret->data == NULL)) {
-				free(ret->data);
-				ret->data = NULL;
-				s = malloc(len + 1);
-				if (s == NULL) {
-					i = ERR_R_MALLOC_FAILURE;
-					goto err;
-				}
-			} else
-				s = ret->data;
-			memcpy(s, p, len);
-			s[len] = '\0';
-			p += len;
-		} else {
-			s = NULL;
-			free(ret->data);
-		}
-
-		ret->length = (int)len;
-		ret->data = s;
-		ret->type = Ptag;
-	}
-
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	if (a == NULL || *a != ret)
-		ASN1_STRING_free(ret);
-	ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
-	return (NULL);
-}
-
-
-/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
- * them into the one structure that is then returned */
-/* There have been a few bug fixes for this function from
- * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
-static int
-asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
-{
-	ASN1_STRING *os = NULL;
-	BUF_MEM b;
-	int num;
-
-	b.length = 0;
-	b.max = 0;
-	b.data = NULL;
-
-	if (a == NULL) {
-		c->error = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-	}
-
-	num = 0;
-	for (;;) {
-		if (c->inf & 1) {
-			c->eos = ASN1_const_check_infinite_end(&c->p,
-			    (long)(c->max - c->p));
-			if (c->eos)
-				break;
-		} else {
-			if (c->slen <= 0)
-				break;
-		}
-
-		c->q = c->p;
-		if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag,
-		    c->xclass) == NULL) {
-			c->error = ERR_R_ASN1_LIB;
-			goto err;
-		}
-
-		if (!BUF_MEM_grow_clean(&b, num + os->length)) {
-			c->error = ERR_R_BUF_LIB;
-			goto err;
-		}
-		memcpy(&(b.data[num]), os->data, os->length);
-		if (!(c->inf & 1))
-			c->slen -= (c->p - c->q);
-		num += os->length;
-	}
-
-	if (!asn1_const_Finish(c))
-		goto err;
-
-	a->length = num;
-	free(a->data);
-	a->data = (unsigned char *)b.data;
-	ASN1_STRING_free(os);
-	return (1);
-
-err:
-	ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
-	ASN1_STRING_free(os);
-	free(b.data);
-	return (0);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_d2i_fp.c b/lib/libssl/src/crypto/asn1/a_d2i_fp.c
deleted file mode 100644
index c00b304c612..00000000000
--- a/lib/libssl/src/crypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,296 +0,0 @@
-/* $OpenBSD: a_d2i_fp.c,v 1.15 2016/05/20 15:46:21 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
-
-#ifndef NO_OLD_ASN1
-
-void *
-ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
-{
-	BIO *b;
-	void *ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
-		return (NULL);
-	}
-	BIO_set_fp(b, in, BIO_NOCLOSE);
-	ret = ASN1_d2i_bio(xnew, d2i, b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-void *
-ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
-{
-	BUF_MEM *b = NULL;
-	const unsigned char *p;
-	void *ret = NULL;
-	int len;
-
-	len = asn1_d2i_read_bio(in, &b);
-	if (len < 0)
-		goto err;
-
-	p = (unsigned char *)b->data;
-	ret = d2i(x, &p, len);
-
-err:
-	if (b != NULL)
-		BUF_MEM_free(b);
-	return (ret);
-}
-
-#endif
-
-void *
-ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
-{
-	BUF_MEM *b = NULL;
-	const unsigned char *p;
-	void *ret = NULL;
-	int len;
-
-	len = asn1_d2i_read_bio(in, &b);
-	if (len < 0)
-		goto err;
-
-	p = (const unsigned char *)b->data;
-	ret = ASN1_item_d2i(x, &p, len, it);
-
-err:
-	if (b != NULL)
-		BUF_MEM_free(b);
-	return (ret);
-}
-
-void *
-ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
-{
-	BIO *b;
-	char *ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
-		return (NULL);
-	}
-	BIO_set_fp(b, in, BIO_NOCLOSE);
-	ret = ASN1_item_d2i_bio(it, b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-#define HEADER_SIZE   8
-#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
-static int
-asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
-{
-	BUF_MEM *b;
-	unsigned char *p;
-	int i;
-	ASN1_const_CTX c;
-	size_t want = HEADER_SIZE;
-	int eos = 0;
-	size_t off = 0;
-	size_t len = 0;
-
-	b = BUF_MEM_new();
-	if (b == NULL) {
-		ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-
-	ERR_clear_error();
-	for (;;) {
-		if (want >= (len - off)) {
-			want -= (len - off);
-
-			if (len + want < len ||
-			    !BUF_MEM_grow_clean(b, len + want)) {
-				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			i = BIO_read(in, &(b->data[len]), want);
-			if ((i < 0) && ((len - off) == 0)) {
-				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-				    ASN1_R_NOT_ENOUGH_DATA);
-				goto err;
-			}
-			if (i > 0) {
-				if (len + i < len) {
-					ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-					    ASN1_R_TOO_LONG);
-					goto err;
-				}
-				len += i;
-			}
-		}
-		/* else data already loaded */
-
-		p = (unsigned char *) & (b->data[off]);
-		c.p = p;
-		c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag),
-		    &(c.xclass), len - off);
-		if (c.inf & 0x80) {
-			unsigned long e;
-
-			e = ERR_GET_REASON(ERR_peek_error());
-			if (e != ASN1_R_TOO_LONG)
-				goto err;
-			else
-				ERR_clear_error(); /* clear error */
-		}
-		i = c.p - p;	/* header length */
-		off += i;	/* end of data */
-
-		if (c.inf & 1) {
-			/* no data body so go round again */
-			eos++;
-			if (eos < 0) {
-				ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-				    ASN1_R_HEADER_TOO_LONG);
-				goto err;
-			}
-			want = HEADER_SIZE;
-		} else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
-			/* eos value, so go back and read another header */
-			eos--;
-			if (eos <= 0)
-				break;
-			else
-				want = HEADER_SIZE;
-		} else {
-			/* suck in c.slen bytes of data */
-			want = c.slen;
-			if (want > (len - off)) {
-				size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
-
-				want -= (len - off);
-				if (want > INT_MAX /* BIO_read takes an int length */ ||
-				    len+want < len) {
-					ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-					    ASN1_R_TOO_LONG);
-					goto err;
-				}
-				while (want > 0) {
-					/*
-					 * Read content in chunks of increasing size
-					 * so we can return an error for EOF without
-					 * having to allocate the entire content length
-					 * in one go.
-					 */
-					size_t chunk = want > chunk_max ? chunk_max : want;
-
-					if (!BUF_MEM_grow_clean(b, len + chunk)) {
-						ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-						    ERR_R_MALLOC_FAILURE);
-						goto err;
-					}
-					want -= chunk;
-					while (chunk > 0) {
-						i = BIO_read(in, &(b->data[len]), chunk);
-						if (i <= 0) {
-							ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
-							    ASN1_R_NOT_ENOUGH_DATA);
-							goto err;
-						}
-						/*
-						 * This can't overflow because |len+want|
-						 * didn't overflow.
-						 */
-						len += i;
-						chunk -= i;
-					}
-					if (chunk_max < INT_MAX/2)
-						chunk_max *= 2;
-				}
-			}
-			if (off + c.slen < off) {
-				ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-				goto err;
-			}
-			off += c.slen;
-			if (eos <= 0) {
-				break;
-			} else
-				want = HEADER_SIZE;
-		}
-	}
-
-	if (off > INT_MAX) {
-		ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
-		goto err;
-	}
-
-	*pb = b;
-	return off;
-
-err:
-	if (b != NULL)
-		BUF_MEM_free(b);
-	return -1;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_digest.c b/lib/libssl/src/crypto/asn1/a_digest.c
deleted file mode 100644
index 085a57d8111..00000000000
--- a/lib/libssl/src/crypto/asn1/a_digest.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/* $OpenBSD: a_digest.c,v 1.15 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-int
-ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
-    unsigned char *md, unsigned int *len)
-{
-	int i;
-	unsigned char *str = NULL;
-
-	i = ASN1_item_i2d(asn, &str, it);
-	if (!str)
-		return (0);
-
-	if (!EVP_Digest(str, i, md, len, type, NULL))
-		return 0;
-	free(str);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_dup.c b/lib/libssl/src/crypto/asn1/a_dup.c
deleted file mode 100644
index 79cd1d45862..00000000000
--- a/lib/libssl/src/crypto/asn1/a_dup.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: a_dup.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-#ifndef NO_OLD_ASN1
-
-void *
-ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
-{
-	unsigned char *b, *p;
-	const unsigned char *p2;
-	int i;
-	char *ret;
-
-	if (x == NULL)
-		return (NULL);
-
-	i = i2d(x, NULL);
-	b = malloc(i + 10);
-	if (b == NULL) {
-		ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	p = b;
-	i = i2d(x, &p);
-	p2 = b;
-	ret = d2i(NULL, &p2, i);
-	free(b);
-	return (ret);
-}
-
-#endif
-
-/* ASN1_ITEM version of dup: this follows the model above except we don't need
- * to allocate the buffer. At some point this could be rewritten to directly dup
- * the underlying structure instead of doing and encode and decode.
- */
-
-void *
-ASN1_item_dup(const ASN1_ITEM *it, void *x)
-{
-	unsigned char *b = NULL;
-	const unsigned char *p;
-	long i;
-	void *ret;
-
-	if (x == NULL)
-		return (NULL);
-
-	i = ASN1_item_i2d(x, &b, it);
-	if (b == NULL) {
-		ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	p = b;
-	ret = ASN1_item_d2i(NULL, &p, i, it);
-	free(b);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_enum.c b/lib/libssl/src/crypto/asn1/a_enum.c
deleted file mode 100644
index 142f6ed5751..00000000000
--- a/lib/libssl/src/crypto/asn1/a_enum.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* $OpenBSD: a_enum.c,v 1.17 2015/09/30 18:45:56 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-/*
- * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
- * for comments on encoding see a_int.c
- */
-
-int
-ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
-{
-	int j, k;
-	unsigned int i;
-	unsigned char buf[sizeof(long) + 1];
-	long d;
-
-	a->type = V_ASN1_ENUMERATED;
-	if (a->length < (int)(sizeof(long) + 1)) {
-		free(a->data);
-		a->data = calloc(1, sizeof(long) + 1);
-	}
-	if (a->data == NULL) {
-		ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	d = v;
-	if (d < 0) {
-		d = -d;
-		a->type = V_ASN1_NEG_ENUMERATED;
-	}
-
-	for (i = 0; i < sizeof(long); i++) {
-		if (d == 0)
-			break;
-		buf[i] = (int)d & 0xff;
-		d >>= 8;
-	}
-	j = 0;
-	for (k = i - 1; k >= 0; k--)
-		a->data[j++] = buf[k];
-	a->length = j;
-	return (1);
-}
-
-long
-ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
-{
-	int neg = 0, i;
-	long r = 0;
-
-	if (a == NULL)
-		return (0L);
-	i = a->type;
-	if (i == V_ASN1_NEG_ENUMERATED)
-		neg = 1;
-	else if (i != V_ASN1_ENUMERATED)
-		return -1;
-
-	if (a->length > (int)sizeof(long)) {
-		/* hmm... a bit ugly */
-		return -1;
-	}
-	if (a->data == NULL)
-		return 0;
-
-	for (i = 0; i < a->length; i++) {
-		r <<= 8;
-		r |= (unsigned char)a->data[i];
-	}
-	if (neg)
-		r = -r;
-	return (r);
-}
-
-ASN1_ENUMERATED *
-BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
-{
-	ASN1_ENUMERATED *ret;
-	int len, j;
-
-	if (ai == NULL)
-		ret = ASN1_ENUMERATED_new();
-	else
-		ret = ai;
-	if (ret == NULL) {
-		ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	if (BN_is_negative(bn))
-		ret->type = V_ASN1_NEG_ENUMERATED;
-	else
-		ret->type = V_ASN1_ENUMERATED;
-	j = BN_num_bits(bn);
-	len = ((j == 0) ? 0 : ((j / 8) + 1));
-	if (ret->length < len + 4) {
-		unsigned char *new_data = realloc(ret->data, len + 4);
-		if (!new_data) {
-			ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ret->data = new_data;
-	}
-	ret->length = BN_bn2bin(bn, ret->data);
-
-	/* Correct zero case */
-	if (!ret->length) {
-		ret->data[0] = 0;
-		ret->length = 1;
-	}
-	return (ret);
-
-err:
-	if (ret != ai)
-		ASN1_ENUMERATED_free(ret);
-	return (NULL);
-}
-
-BIGNUM *
-ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
-{
-	BIGNUM *ret;
-
-	if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
-		ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
-	else if (ai->type == V_ASN1_NEG_ENUMERATED)
-		BN_set_negative(ret, 1);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_i2d_fp.c b/lib/libssl/src/crypto/asn1/a_i2d_fp.c
deleted file mode 100644
index 424068d7846..00000000000
--- a/lib/libssl/src/crypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: a_i2d_fp.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#ifndef NO_OLD_ASN1
-
-int
-ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, out, BIO_NOCLOSE);
-	ret = ASN1_i2d_bio(i2d, b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
-{
-	char *b;
-	unsigned char *p;
-	int i, j = 0, n, ret = 1;
-
-	n = i2d(x, NULL);
-	b = malloc(n);
-	if (b == NULL) {
-		ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	p = (unsigned char *)b;
-	i2d(x, &p);
-
-	for (;;) {
-		i = BIO_write(out, &(b[j]), n);
-		if (i == n)
-			break;
-		if (i <= 0) {
-			ret = 0;
-			break;
-		}
-		j += i;
-		n -= i;
-	}
-	free(b);
-	return (ret);
-}
-
-#endif
-
-int
-ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, out, BIO_NOCLOSE);
-	ret = ASN1_item_i2d_bio(it, b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
-{
-	unsigned char *b = NULL;
-	int i, j = 0, n, ret = 1;
-
-	n = ASN1_item_i2d(x, &b, it);
-	if (b == NULL) {
-		ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	for (;;) {
-		i = BIO_write(out, &(b[j]), n);
-		if (i == n)
-			break;
-		if (i <= 0) {
-			ret = 0;
-			break;
-		}
-		j += i;
-		n -= i;
-	}
-	free(b);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_int.c b/lib/libssl/src/crypto/asn1/a_int.c
deleted file mode 100644
index 5c0103ba36f..00000000000
--- a/lib/libssl/src/crypto/asn1/a_int.c
+++ /dev/null
@@ -1,461 +0,0 @@
-/* $OpenBSD: a_int.c,v 1.30 2015/09/30 17:30:15 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-ASN1_INTEGER *
-ASN1_INTEGER_dup(const ASN1_INTEGER *x)
-{
-	return ASN1_STRING_dup(x);
-}
-
-int
-ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
-{
-	int neg, ret;
-
-	/* Compare signs */
-	neg = x->type & V_ASN1_NEG;
-	if (neg != (y->type & V_ASN1_NEG)) {
-		if (neg)
-			return -1;
-		else
-			return 1;
-	}
-
-	ret = ASN1_STRING_cmp(x, y);
-
-	if (neg)
-		return -ret;
-	else
-		return ret;
-}
-
-
-/*
- * This converts an ASN1 INTEGER into its content encoding.
- * The internal representation is an ASN1_STRING whose data is a big endian
- * representation of the value, ignoring the sign. The sign is determined by
- * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
- *
- * Positive integers are no problem: they are almost the same as the DER
- * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
- *
- * Negative integers are a bit trickier...
- * The DER representation of negative integers is in 2s complement form.
- * The internal form is converted by complementing each octet and finally
- * adding one to the result. This can be done less messily with a little trick.
- * If the internal form has trailing zeroes then they will become FF by the
- * complement and 0 by the add one (due to carry) so just copy as many trailing
- * zeros to the destination as there are in the source. The carry will add one
- * to the last none zero octet: so complement this octet and add one and finally
- * complement any left over until you get to the start of the string.
- *
- * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
- * with 0xff. However if the first byte is 0x80 and one of the following bytes
- * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
- * followed by optional zeros isn't padded.
- */
-
-int
-i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-{
-	int pad = 0, ret, i, neg;
-	unsigned char *p, *n, pb = 0;
-
-	if (a == NULL)
-		return (0);
-	neg = a->type & V_ASN1_NEG;
-	if (a->length == 0)
-		ret = 1;
-	else {
-		ret = a->length;
-		i = a->data[0];
-		if (!neg && (i > 127)) {
-			pad = 1;
-			pb = 0;
-		} else if (neg) {
-			if (i > 128) {
-				pad = 1;
-				pb = 0xFF;
-			} else if (i == 128) {
-				/*
-				 * Special case: if any other bytes non zero we pad:
-				 * otherwise we don't.
-				 */
-				for (i = 1; i < a->length; i++) if (a->data[i]) {
-					pad = 1;
-					pb = 0xFF;
-					break;
-				}
-			}
-		}
-		ret += pad;
-	}
-	if (pp == NULL)
-		return (ret);
-	p= *pp;
-
-	if (pad)
-		*(p++) = pb;
-	if (a->length == 0)
-		*(p++) = 0;
-	else if (!neg)
-		memcpy(p, a->data, a->length);
-	else {
-		/* Begin at the end of the encoding */
-		n = a->data + a->length - 1;
-		p += a->length - 1;
-		i = a->length;
-		/* Copy zeros to destination as long as source is zero */
-		while (!*n) {
-			*(p--) = 0;
-			n--;
-			i--;
-		}
-		/* Complement and increment next octet */
-		*(p--) = ((*(n--)) ^ 0xff) + 1;
-		i--;
-		/* Complement any octets left */
-		for (; i > 0; i--)
-			*(p--) = *(n--) ^ 0xff;
-	}
-
-	*pp += ret;
-	return (ret);
-}
-
-/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
-
-ASN1_INTEGER *
-c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len)
-{
-	ASN1_INTEGER *ret = NULL;
-	const unsigned char *p, *pend;
-	unsigned char *to, *s;
-	int i;
-
-	if ((a == NULL) || ((*a) == NULL)) {
-		if ((ret = ASN1_INTEGER_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	p = *pp;
-	pend = p + len;
-
-	/* We must malloc stuff, even for 0 bytes otherwise it
-	 * signifies a missing NULL parameter. */
-	s = malloc(len + 1);
-	if (s == NULL) {
-		i = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-	to = s;
-	if (!len) {
-		/* Strictly speaking this is an illegal INTEGER but we
-		 * tolerate it.
-		 */
-		ret->type = V_ASN1_INTEGER;
-	} else if (*p & 0x80) /* a negative number */ {
-		ret->type = V_ASN1_NEG_INTEGER;
-		if ((*p == 0xff) && (len != 1)) {
-			p++;
-			len--;
-		}
-		i = len;
-		p += i - 1;
-		to += i - 1;
-		while((!*p) && i) {
-			*(to--) = 0;
-			i--;
-			p--;
-		}
-		/* Special case: if all zeros then the number will be of
-		 * the form FF followed by n zero bytes: this corresponds to
-		 * 1 followed by n zero bytes. We've already written n zeros
-		 * so we just append an extra one and set the first byte to
-		 * a 1. This is treated separately because it is the only case
-		 * where the number of bytes is larger than len.
-		 */
-		if (!i) {
-			*s = 1;
-			s[len] = 0;
-			len++;
-		} else {
-			*(to--) = (*(p--) ^ 0xff) + 1;
-			i--;
-			for (; i > 0; i--)
-				*(to--) = *(p--) ^ 0xff;
-		}
-	} else {
-		ret->type = V_ASN1_INTEGER;
-		if ((*p == 0) && (len != 1)) {
-			p++;
-			len--;
-		}
-		memcpy(s, p, len);
-	}
-
-	free(ret->data);
-	ret->data = s;
-	ret->length = (int)len;
-	if (a != NULL)
-		(*a) = ret;
-	*pp = pend;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
-	if (a == NULL || *a != ret)
-		ASN1_INTEGER_free(ret);
-	return (NULL);
-}
-
-
-/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
- * ASN1 integers: some broken software can encode a positive INTEGER
- * with its MSB set as negative (it doesn't add a padding zero).
- */
-
-ASN1_INTEGER *
-d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length)
-{
-	ASN1_INTEGER *ret = NULL;
-	const unsigned char *p;
-	unsigned char *s;
-	long len;
-	int inf, tag, xclass;
-	int i;
-
-	if ((a == NULL) || ((*a) == NULL)) {
-		if ((ret = ASN1_INTEGER_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	p = *pp;
-	inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-	if (inf & 0x80) {
-		i = ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-	}
-
-	if (tag != V_ASN1_INTEGER) {
-		i = ASN1_R_EXPECTING_AN_INTEGER;
-		goto err;
-	}
-
-	/* We must malloc stuff, even for 0 bytes otherwise it
-	 * signifies a missing NULL parameter. */
-	s = malloc(len + 1);
-	if (s == NULL) {
-		i = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-	ret->type = V_ASN1_INTEGER;
-	if (len) {
-		if ((*p == 0) && (len != 1)) {
-			p++;
-			len--;
-		}
-		memcpy(s, p, len);
-		p += len;
-	}
-
-	free(ret->data);
-	ret->data = s;
-	ret->length = (int)len;
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i);
-	if (a == NULL || *a != ret)
-		ASN1_INTEGER_free(ret);
-	return (NULL);
-}
-
-int
-ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
-{
-	int j, k;
-	unsigned int i;
-	unsigned char buf[sizeof(long) + 1];
-	long d;
-
-	a->type = V_ASN1_INTEGER;
-	/* XXX ssl/ssl_asn1.c:i2d_SSL_SESSION() depends upon this bound vae */
-	if (a->length < (int)(sizeof(long) + 1)) {
-		free(a->data);
-		a->data = calloc(1, sizeof(long) + 1);
-	}
-	if (a->data == NULL) {
-		ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	d = v;
-	if (d < 0) {
-		d = -d;
-		a->type = V_ASN1_NEG_INTEGER;
-	}
-
-	for (i = 0; i < sizeof(long); i++) {
-		if (d == 0)
-			break;
-		buf[i] = (int)d & 0xff;
-		d >>= 8;
-	}
-	j = 0;
-	for (k = i - 1; k >= 0; k--)
-		a->data[j++] = buf[k];
-	a->length = j;
-	return (1);
-}
-
-long
-ASN1_INTEGER_get(const ASN1_INTEGER *a)
-{
-	int neg = 0, i;
-	long r = 0;
-
-	if (a == NULL)
-		return (0L);
-	i = a->type;
-	if (i == V_ASN1_NEG_INTEGER)
-		neg = 1;
-	else if (i != V_ASN1_INTEGER)
-		return -1;
-
-	if (a->length > (int)sizeof(long)) {
-		/* hmm... a bit ugly, return all ones */
-		return -1;
-	}
-	if (a->data == NULL)
-		return 0;
-
-	for (i = 0; i < a->length; i++) {
-		r <<= 8;
-		r |= (unsigned char)a->data[i];
-	}
-	if (neg)
-		r = -r;
-	return (r);
-}
-
-ASN1_INTEGER *
-BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
-{
-	ASN1_INTEGER *ret;
-	int len, j;
-
-	if (ai == NULL)
-		ret = ASN1_INTEGER_new();
-	else
-		ret = ai;
-	if (ret == NULL) {
-		ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	if (BN_is_negative(bn))
-		ret->type = V_ASN1_NEG_INTEGER;
-	else
-		ret->type = V_ASN1_INTEGER;
-	j = BN_num_bits(bn);
-	len = ((j == 0) ? 0 : ((j / 8) + 1));
-	if (ret->length < len + 4) {
-		unsigned char *new_data = realloc(ret->data, len + 4);
-		if (!new_data) {
-			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ret->data = new_data;
-	}
-	ret->length = BN_bn2bin(bn, ret->data);
-
-	/* Correct zero case */
-	if (!ret->length) {
-		ret->data[0] = 0;
-		ret->length = 1;
-	}
-	return (ret);
-
-err:
-	if (ret != ai)
-		ASN1_INTEGER_free(ret);
-	return (NULL);
-}
-
-BIGNUM *
-ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
-{
-	BIGNUM *ret;
-
-	if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
-		ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
-	else if (ai->type == V_ASN1_NEG_INTEGER)
-		BN_set_negative(ret, 1);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_mbstr.c b/lib/libssl/src/crypto/asn1/a_mbstr.c
deleted file mode 100644
index e715fe73483..00000000000
--- a/lib/libssl/src/crypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/* $OpenBSD: a_mbstr.c,v 1.22 2015/07/16 02:18:58 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-#include "asn1_locl.h"
-
-static int traverse_string(const unsigned char *p, int len, int inform,
-    int (*rfunc)(unsigned long value, void *in), void *arg);
-static int in_utf8(unsigned long value, void *arg);
-static int out_utf8(unsigned long value, void *arg);
-static int type_str(unsigned long value, void *arg);
-static int cpy_asc(unsigned long value, void *arg);
-static int cpy_bmp(unsigned long value, void *arg);
-static int cpy_univ(unsigned long value, void *arg);
-static int cpy_utf8(unsigned long value, void *arg);
-static int is_printable(unsigned long value);
-
-/* These functions take a string in UTF8, ASCII or multibyte form and
- * a mask of permissible ASN1 string types. It then works out the minimal
- * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
- * and creates a string of the correct type with the supplied data.
- * Yes this is horrible: it has to be :-(
- * The 'ncopy' form checks minimum and maximum size limits too.
- */
-
-int
-ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-    int inform, unsigned long mask)
-{
-	return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
-}
-
-int
-ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-    int inform, unsigned long mask, long minsize, long maxsize)
-{
-	int str_type;
-	int ret;
-	char free_out;
-	int outform, outlen = 0;
-	ASN1_STRING *dest;
-	unsigned char *p;
-	int nchar;
-	int (*cpyfunc)(unsigned long, void *) = NULL;
-
-	if (len < 0)
-		len = strlen((const char *)in);
-	if (!mask)
-		mask = DIRSTRING_TYPE;
-
-	/* First do a string check and work out the number of characters */
-	switch (inform) {
-	case MBSTRING_BMP:
-		if (len & 1) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ASN1_R_INVALID_BMPSTRING_LENGTH);
-			return -1;
-		}
-		nchar = len >> 1;
-		break;
-
-	case MBSTRING_UNIV:
-		if (len & 3) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
-			return -1;
-		}
-		nchar = len >> 2;
-		break;
-
-	case MBSTRING_UTF8:
-		nchar = 0;
-		/* This counts the characters and does utf8 syntax checking */
-		ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
-		if (ret < 0) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ASN1_R_INVALID_UTF8STRING);
-			return -1;
-		}
-		break;
-
-	case MBSTRING_ASC:
-		nchar = len;
-		break;
-
-	default:
-		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
-		return -1;
-	}
-
-	if ((minsize > 0) && (nchar < minsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
-		ERR_asprintf_error_data("minsize=%ld", minsize);
-		return -1;
-	}
-
-	if ((maxsize > 0) && (nchar > maxsize)) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
-		ERR_asprintf_error_data("maxsize=%ld", maxsize);
-		return -1;
-	}
-
-	/* Now work out minimal type (if any) */
-	if (traverse_string(in, len, inform, type_str, &mask) < 0) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
-		return -1;
-	}
-
-
-	/* Now work out output format and string type */
-	outform = MBSTRING_ASC;
-	if (mask & B_ASN1_PRINTABLESTRING)
-		str_type = V_ASN1_PRINTABLESTRING;
-	else if (mask & B_ASN1_IA5STRING)
-		str_type = V_ASN1_IA5STRING;
-	else if (mask & B_ASN1_T61STRING)
-		str_type = V_ASN1_T61STRING;
-	else if (mask & B_ASN1_BMPSTRING) {
-		str_type = V_ASN1_BMPSTRING;
-		outform = MBSTRING_BMP;
-	} else if (mask & B_ASN1_UNIVERSALSTRING) {
-		str_type = V_ASN1_UNIVERSALSTRING;
-		outform = MBSTRING_UNIV;
-	} else {
-		str_type = V_ASN1_UTF8STRING;
-		outform = MBSTRING_UTF8;
-	}
-	if (!out)
-		return str_type;
-	if (*out) {
-		free_out = 0;
-		dest = *out;
-		if (dest->data) {
-			dest->length = 0;
-			free(dest->data);
-			dest->data = NULL;
-		}
-		dest->type = str_type;
-	} else {
-		free_out = 1;
-		dest = ASN1_STRING_type_new(str_type);
-		if (!dest) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-		*out = dest;
-	}
-	/* If both the same type just copy across */
-	if (inform == outform) {
-		if (!ASN1_STRING_set(dest, in, len)) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		return str_type;
-	}
-
-	/* Work out how much space the destination will need */
-	switch (outform) {
-	case MBSTRING_ASC:
-		outlen = nchar;
-		cpyfunc = cpy_asc;
-		break;
-
-	case MBSTRING_BMP:
-		outlen = nchar << 1;
-		cpyfunc = cpy_bmp;
-		break;
-
-	case MBSTRING_UNIV:
-		outlen = nchar << 2;
-		cpyfunc = cpy_univ;
-		break;
-
-	case MBSTRING_UTF8:
-		outlen = 0;
-		if (traverse_string(in, len, inform, out_utf8, &outlen) < 0) {
-			ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
-			    ASN1_R_ILLEGAL_CHARACTERS);
-			goto err;
-		}
-		cpyfunc = cpy_utf8;
-		break;
-	}
-	if (!(p = malloc(outlen + 1))) {
-		ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	dest->length = outlen;
-	dest->data = p;
-	p[outlen] = 0;
-	traverse_string(in, len, inform, cpyfunc, &p);
-	return str_type;
-
-err:
-	if (free_out) {
-		ASN1_STRING_free(dest);
-		*out = NULL;
-	}
-	return -1;
-}
-
-/* This function traverses a string and passes the value of each character
- * to an optional function along with a void * argument.
- */
-
-static int
-traverse_string(const unsigned char *p, int len, int inform,
-    int (*rfunc)(unsigned long value, void *in), void *arg)
-{
-	unsigned long value;
-	int ret;
-
-	while (len) {
-		switch (inform) {
-		case MBSTRING_ASC:
-			value = *p++;
-			len--;
-			break;
-		case MBSTRING_BMP:
-			value = *p++ << 8;
-			value |= *p++;
-			/* BMP is explictly defined to not support surrogates */
-			if (UNICODE_IS_SURROGATE(value))
-				return -1;
-			len -= 2;
-			break;
-		case MBSTRING_UNIV:
-			value = (unsigned long)*p++ << 24;
-			value |= *p++ << 16;
-			value |= *p++ << 8;
-			value |= *p++;
-			if (value > UNICODE_MAX || UNICODE_IS_SURROGATE(value))
-				return -1;
-			len -= 4;
-			break;
-		default:
-			ret = UTF8_getc(p, len, &value);
-			if (ret < 0)
-				return -1;
-			len -= ret;
-			p += ret;
-			break;
-		}
-		if (rfunc) {
-			ret = rfunc(value, arg);
-			if (ret <= 0)
-				return ret;
-		}
-	}
-	return 1;
-}
-
-/* Various utility functions for traverse_string */
-
-/* Just count number of characters */
-
-static int
-in_utf8(unsigned long value, void *arg)
-{
-	int *nchar;
-
-	nchar = arg;
-	(*nchar)++;
-	return 1;
-}
-
-/* Determine size of output as a UTF8 String */
-
-static int
-out_utf8(unsigned long value, void *arg)
-{
-	int *outlen;
-	int ret;
-
-	outlen = arg;
-	ret = UTF8_putc(NULL, -1, value);
-	if (ret < 0)
-		return ret;
-	*outlen += ret;
-	return 1;
-}
-
-/* Determine the "type" of a string: check each character against a
- * supplied "mask".
- */
-
-static int
-type_str(unsigned long value, void *arg)
-{
-	unsigned long types;
-
-	types = *((unsigned long *)arg);
-	if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
-		types &= ~B_ASN1_PRINTABLESTRING;
-	if ((types & B_ASN1_IA5STRING) && (value > 127))
-		types &= ~B_ASN1_IA5STRING;
-	if ((types & B_ASN1_T61STRING) && (value > 0xff))
-		types &= ~B_ASN1_T61STRING;
-	if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
-		types &= ~B_ASN1_BMPSTRING;
-	if (!types)
-		return -1;
-	*((unsigned long *)arg) = types;
-	return 1;
-}
-
-/* Copy one byte per character ASCII like strings */
-
-static int
-cpy_asc(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-
-	p = arg;
-	q = *p;
-	*q = value;
-	(*p)++;
-	return 1;
-}
-
-/* Copy two byte per character BMPStrings */
-
-static int
-cpy_bmp(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-
-	p = arg;
-	q = *p;
-	*q++ = (value >> 8) & 0xff;
-	*q = value & 0xff;
-	*p += 2;
-	return 1;
-}
-
-/* Copy four byte per character UniversalStrings */
-
-static int
-cpy_univ(unsigned long value, void *arg)
-{
-	unsigned char **p, *q;
-
-	p = arg;
-	q = *p;
-	*q++ = (value >> 24) & 0xff;
-	*q++ = (value >> 16) & 0xff;
-	*q++ = (value >> 8) & 0xff;
-	*q = value & 0xff;
-	*p += 4;
-	return 1;
-}
-
-/* Copy to a UTF8String */
-
-static int
-cpy_utf8(unsigned long value, void *arg)
-{
-	unsigned char **p;
-
-	int ret;
-	p = arg;
-	/* We already know there is enough room so pass 0xff as the length */
-	ret = UTF8_putc(*p, 0xff, value);
-	*p += ret;
-	return 1;
-}
-
-/* Return 1 if the character is permitted in a PrintableString */
-static int
-is_printable(unsigned long value)
-{
-	int ch;
-
-	if (value > 0x7f)
-		return 0;
-	ch = (int)value;
-
-	/* Note: we can't use 'isalnum' because certain accented
-	 * characters may count as alphanumeric in some environments.
-	 */
-	if ((ch >= 'a') && (ch <= 'z'))
-		return 1;
-	if ((ch >= 'A') && (ch <= 'Z'))
-		return 1;
-	if ((ch >= '0') && (ch <= '9'))
-		return 1;
-	if ((ch == ' ') || strchr("'()+,-./:=?", ch))
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_object.c b/lib/libssl/src/crypto/asn1/a_object.c
deleted file mode 100644
index 5bf450d0e18..00000000000
--- a/lib/libssl/src/crypto/asn1/a_object.c
+++ /dev/null
@@ -1,410 +0,0 @@
-/* $OpenBSD: a_object.c,v 1.26 2016/03/17 03:51:49 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-
-int
-i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
-{
-	unsigned char *p;
-	int objsize;
-
-	if ((a == NULL) || (a->data == NULL))
-		return (0);
-
-	objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
-	if (pp == NULL)
-		return objsize;
-
-	p = *pp;
-	ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
-	memcpy(p, a->data, a->length);
-	p += a->length;
-
-	*pp = p;
-	return (objsize);
-}
-
-int
-a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
-{
-	int i, first, len = 0, c, use_bn;
-	char ftmp[24], *tmp = ftmp;
-	int tmpsize = sizeof ftmp;
-	const char *p;
-	unsigned long l;
-	BIGNUM *bl = NULL;
-
-	if (num == 0)
-		return (0);
-	else if (num == -1)
-		num = strlen(buf);
-
-	p = buf;
-	c = *(p++);
-	num--;
-	if ((c >= '0') && (c <= '2')) {
-		first= c-'0';
-	} else {
-		ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
-		goto err;
-	}
-
-	if (num <= 0) {
-		ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
-		goto err;
-	}
-	c = *(p++);
-	num--;
-	for (;;) {
-		if (num <= 0)
-			break;
-		if ((c != '.') && (c != ' ')) {
-			ASN1err(ASN1_F_A2D_ASN1_OBJECT,
-			    ASN1_R_INVALID_SEPARATOR);
-			goto err;
-		}
-		l = 0;
-		use_bn = 0;
-		for (;;) {
-			if (num <= 0)
-				break;
-			num--;
-			c = *(p++);
-			if ((c == ' ') || (c == '.'))
-				break;
-			if ((c < '0') || (c > '9')) {
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,
-				    ASN1_R_INVALID_DIGIT);
-				goto err;
-			}
-			if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
-				use_bn = 1;
-				if (!bl)
-					bl = BN_new();
-				if (!bl || !BN_set_word(bl, l))
-					goto err;
-			}
-			if (use_bn) {
-				if (!BN_mul_word(bl, 10L) ||
-				    !BN_add_word(bl, c-'0'))
-					goto err;
-			} else
-				l = l * 10L + (long)(c - '0');
-		}
-		if (len == 0) {
-			if ((first < 2) && (l >= 40)) {
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,
-				    ASN1_R_SECOND_NUMBER_TOO_LARGE);
-				goto err;
-			}
-			if (use_bn) {
-				if (!BN_add_word(bl, first * 40))
-					goto err;
-			} else
-				l += (long)first * 40;
-		}
-		i = 0;
-		if (use_bn) {
-			int blsize;
-			blsize = BN_num_bits(bl);
-			blsize = (blsize + 6) / 7;
-			if (blsize > tmpsize) {
-				if (tmp != ftmp)
-					free(tmp);
-				tmpsize = blsize + 32;
-				tmp = malloc(tmpsize);
-				if (!tmp)
-					goto err;
-			}
-			while (blsize--)
-				tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
-		} else {
-
-			for (;;) {
-				tmp[i++] = (unsigned char)l & 0x7f;
-				l >>= 7L;
-				if (l == 0L)
-					break;
-			}
-
-		}
-		if (out != NULL) {
-			if (len + i > olen) {
-				ASN1err(ASN1_F_A2D_ASN1_OBJECT,
-				    ASN1_R_BUFFER_TOO_SMALL);
-				goto err;
-			}
-			while (--i > 0)
-				out[len++] = tmp[i]|0x80;
-			out[len++] = tmp[0];
-		} else
-			len += i;
-	}
-	if (tmp != ftmp)
-		free(tmp);
-	BN_free(bl);
-	return (len);
-
-err:
-	if (tmp != ftmp)
-		free(tmp);
-	BN_free(bl);
-	return (0);
-}
-
-int
-i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
-{
-	return OBJ_obj2txt(buf, buf_len, a, 0);
-}
-
-int
-i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
-{
-	char *tmp = NULL;
-	size_t tlen = 256;
-	int i = -1;
-
-	if ((a == NULL) || (a->data == NULL))
-		return(BIO_write(bp, "NULL", 4));
-	if ((tmp = malloc(tlen)) == NULL)
-		return -1;
-	i = i2t_ASN1_OBJECT(tmp, tlen, a);
-	if (i > (int)(tlen - 1)) {
-		explicit_bzero(tmp, tlen);
-		free(tmp);
-		if ((tmp = malloc(i + 1)) == NULL)
-			return -1;
-		tlen = i + 1;
-		i = i2t_ASN1_OBJECT(tmp, tlen, a);
-	}
-	if (i <= 0)
-		i = BIO_write(bp, "<INVALID>", 9);
-	else
-		i = BIO_write(bp, tmp, i);
-	explicit_bzero(tmp, tlen);
-	free(tmp);
-	return (i);
-}
-
-ASN1_OBJECT *
-d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length)
-{
-	const unsigned char *p;
-	long len;
-	int tag, xclass;
-	int inf, i;
-	ASN1_OBJECT *ret = NULL;
-
-	p = *pp;
-	inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
-	if (inf & 0x80) {
-		i = ASN1_R_BAD_OBJECT_HEADER;
-		goto err;
-	}
-
-	if (tag != V_ASN1_OBJECT) {
-		i = ASN1_R_EXPECTING_AN_OBJECT;
-		goto err;
-	}
-	ret = c2i_ASN1_OBJECT(a, &p, len);
-	if (ret)
-		*pp = p;
-	return ret;
-
-err:
-	ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
-	return (NULL);
-}
-
-ASN1_OBJECT *
-c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len)
-{
-	ASN1_OBJECT *ret = NULL;
-	const unsigned char *p;
-	unsigned char *data;
-	int i, length;
-
-	/*
-	 * Sanity check OID encoding:
-	 * - need at least one content octet
-	 * - MSB must be clear in the last octet
-	 * - can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
-	 */
-	if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
-	    p[len - 1] & 0x80) {
-		ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
-		return (NULL);
-	}
-
-	/* Now 0 < len <= INT_MAX, so the cast is safe. */
-	length = (int)len;
-	for (i = 0; i < length; i++, p++) {
-		if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
-			ASN1err(ASN1_F_C2I_ASN1_OBJECT,
-			    ASN1_R_INVALID_OBJECT_ENCODING);
-			return NULL;
-		}
-	}
-
-	/* only the ASN1_OBJECTs from the 'table' will have values
-	 * for ->sn or ->ln */
-	if ((a == NULL) || ((*a) == NULL) ||
-	    !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
-		if ((ret = ASN1_OBJECT_new()) == NULL)
-			return (NULL);
-	} else
-		ret = (*a);
-
-	p = *pp;
-	/* detach data from object */
-	data = (unsigned char *)ret->data;
-	if (data != NULL)
-		explicit_bzero(data, ret->length);
-	free(data);
-	data = malloc(length);
-	if (data == NULL) {
-		i = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-	ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-	memcpy(data, p, length);
-	/* reattach data to object, after which it remains const */
-	ret->data = data;
-	ret->length = length;
-	ret->sn = NULL;
-	ret->ln = NULL;
-	/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
-	p += length;
-
-	if (a != NULL)
-		(*a) = ret;
-	*pp = p;
-	return (ret);
-
-err:
-	ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
-	if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-		ASN1_OBJECT_free(ret);
-	return (NULL);
-}
-
-ASN1_OBJECT *
-ASN1_OBJECT_new(void)
-{
-	ASN1_OBJECT *ret;
-
-	ret = malloc(sizeof(ASN1_OBJECT));
-	if (ret == NULL) {
-		ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->length = 0;
-	ret->data = NULL;
-	ret->nid = 0;
-	ret->sn = NULL;
-	ret->ln = NULL;
-	ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
-	return (ret);
-}
-
-void
-ASN1_OBJECT_free(ASN1_OBJECT *a)
-{
-	if (a == NULL)
-		return;
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
-		free((void *)a->sn);
-		free((void *)a->ln);
-		a->sn = a->ln = NULL;
-	}
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
-		if (a->data != NULL)
-			explicit_bzero((void *)a->data, a->length);
-		free((void *)a->data);
-		a->data = NULL;
-		a->length = 0;
-	}
-	if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
-		free(a);
-}
-
-ASN1_OBJECT *
-ASN1_OBJECT_create(int nid, unsigned char *data, int len,
-    const char *sn, const char *ln)
-{
-	ASN1_OBJECT o;
-
-	o.sn = sn;
-	o.ln = ln;
-	o.data = data;
-	o.nid = nid;
-	o.length = len;
-	o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-	    ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-	return (OBJ_dup(&o));
-}
diff --git a/lib/libssl/src/crypto/asn1/a_octet.c b/lib/libssl/src/crypto/asn1/a_octet.c
deleted file mode 100644
index d998675d3f2..00000000000
--- a/lib/libssl/src/crypto/asn1/a_octet.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* $OpenBSD: a_octet.c,v 1.10 2015/07/29 14:58:34 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-
-ASN1_OCTET_STRING *
-ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
-{
-	return ASN1_STRING_dup(x);
-}
-
-int
-ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b)
-{
-	return ASN1_STRING_cmp(a, b);
-}
-
-int
-ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len)
-{
-	return ASN1_STRING_set(x, d, len);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_print.c b/lib/libssl/src/crypto/asn1/a_print.c
deleted file mode 100644
index ddcee54c7d8..00000000000
--- a/lib/libssl/src/crypto/asn1/a_print.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: a_print.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-
-int
-ASN1_PRINTABLE_type(const unsigned char *s, int len)
-{
-	int c;
-	int ia5 = 0;
-	int t61 = 0;
-
-	if (len <= 0)
-		len = -1;
-	if (s == NULL)
-		return (V_ASN1_PRINTABLESTRING);
-
-	while ((*s) && (len-- != 0)) {
-		c= *(s++);
-		if (!(((c >= 'a') && (c <= 'z')) ||
-		    ((c >= 'A') && (c <= 'Z')) ||
-		    (c == ' ') ||
-		    ((c >= '0') && (c <= '9')) ||
-		    (c == ' ') || (c == '\'') ||
-		    (c == '(') || (c == ')') ||
-		    (c == '+') || (c == ',') ||
-		    (c == '-') || (c == '.') ||
-		    (c == '/') || (c == ':') ||
-		    (c == '=') || (c == '?')))
-			ia5 = 1;
-		if (c & 0x80)
-			t61 = 1;
-	}
-	if (t61)
-		return (V_ASN1_T61STRING);
-	if (ia5)
-		return (V_ASN1_IA5STRING);
-	return (V_ASN1_PRINTABLESTRING);
-}
-
-int
-ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
-{
-	int i;
-	unsigned char *p;
-
-	if (s->type != V_ASN1_UNIVERSALSTRING)
-		return (0);
-	if ((s->length % 4) != 0)
-		return (0);
-	p = s->data;
-	for (i = 0; i < s->length; i += 4) {
-		if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
-			break;
-		else
-			p += 4;
-	}
-	if (i < s->length)
-		return (0);
-	p = s->data;
-	for (i = 3; i < s->length; i += 4) {
-		*(p++) = s->data[i];
-	}
-	*(p) = '\0';
-	s->length /= 4;
-	s->type = ASN1_PRINTABLE_type(s->data, s->length);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_set.c b/lib/libssl/src/crypto/asn1/a_set.c
deleted file mode 100644
index 63d55c3714c..00000000000
--- a/lib/libssl/src/crypto/asn1/a_set.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/* $OpenBSD: a_set.c,v 1.17 2015/03/19 14:00:22 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1_mac.h>
-#include <openssl/err.h>
-
-#ifndef NO_ASN1_OLD
-
-typedef struct {
-	unsigned char *pbData;
-	int cbData;
-} MYBLOB;
-
-/* SetBlobCmp
- * This function compares two elements of SET_OF block
- */
-static int
-SetBlobCmp(const void *elem1, const void *elem2)
-{
-	const MYBLOB *b1 = (const MYBLOB *)elem1;
-	const MYBLOB *b2 = (const MYBLOB *)elem2;
-	int r;
-
-	r = memcmp(b1->pbData, b2->pbData,
-	    b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
-	if (r != 0)
-		return r;
-	return b1->cbData - b2->cbData;
-}
-
-/* int is_set:  if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
-int
-i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d,
-    int ex_tag, int ex_class, int is_set)
-{
-	int ret = 0, r;
-	int i;
-	unsigned char *p;
-	unsigned char *pStart, *pTempMem;
-	MYBLOB *rgSetBlob;
-	int totSize;
-
-	if (a == NULL)
-		return 0;
-	for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
-		ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
-	r = ASN1_object_size(1, ret, ex_tag);
-	if (pp == NULL)
-		return r;
-
-	p = *pp;
-	ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
-
-	/* Modified by gp@nsj.co.jp */
-	/* And then again by Ben */
-	/* And again by Steve */
-
-	if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
-		for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
-			i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
-
-		*pp = p;
-		return r;
-	}
-
-	pStart  = p;	/* Catch the beg of Setblobs*/
-	/* In this array we will store the SET blobs */
-	rgSetBlob = reallocarray(NULL, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB));
-	if (rgSetBlob == NULL) {
-		ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
-		rgSetBlob[i].pbData = p;	/* catch each set encode blob */
-		i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
-		/* Length of this SetBlob */
-		rgSetBlob[i].cbData = p - rgSetBlob[i].pbData;
-	}
-	*pp = p;
-	totSize = p - pStart;	/* This is the total size of all set blobs */
-
-	/* Now we have to sort the blobs. I am using a simple algo.
-	 * Sort ptrs
-	 * Copy to temp-mem
-	 * Copy from temp-mem to user-mem
-	 */
-	qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
-	if ((pTempMem = malloc(totSize)) == NULL) {
-		free(rgSetBlob);
-		ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	/* Copy to temp mem */
-	p = pTempMem;
-	for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
-		memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
-		p += rgSetBlob[i].cbData;
-	}
-
-	/* Copy back to user mem*/
-	memcpy(pStart, pTempMem, totSize);
-	free(pTempMem);
-	free(rgSetBlob);
-
-	return r;
-}
-
-STACK_OF(OPENSSL_BLOCK) *
-d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, const unsigned char **pp, long length,
-    d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK), int ex_tag,
-    int ex_class)
-{
-	ASN1_const_CTX c;
-	STACK_OF(OPENSSL_BLOCK) *ret = NULL;
-
-	if (a == NULL || (*a) == NULL) {
-		if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
-			ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	} else
-		ret = *a;
-
-	c.p = *pp;
-	c.max = (length == 0) ? 0 : (c.p + length);
-
-	c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
-	if (c.inf & 0x80)
-		goto err;
-	if (ex_class != c.xclass) {
-		ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
-		goto err;
-	}
-	if (ex_tag != c.tag) {
-		ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
-		goto err;
-	}
-	if (c.slen + c.p > c.max) {
-		ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
-		goto err;
-	}
-	/* check for infinite constructed - it can be as long
-	 * as the amount of data passed to us */
-	if (c.inf == (V_ASN1_CONSTRUCTED + 1))
-		c.slen = length + *pp - c.p;
-	c.max = c.p + c.slen;
-
-	while (c.p < c.max) {
-		char *s;
-
-		if (M_ASN1_D2I_end_sequence())
-			break;
-		if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
-			ASN1err(ASN1_F_D2I_ASN1_SET,
-			    ASN1_R_ERROR_PARSING_SET_ELEMENT);
-			asn1_add_error(*pp, (int)(c.p - *pp));
-			goto err;
-		}
-		if (!sk_OPENSSL_BLOCK_push(ret, s))
-			goto err;
-	}
-	if (a != NULL)
-		*a = ret;
-	*pp = c.p;
-	return ret;
-
-err:
-	if (a == NULL || *a != ret) {
-		if (free_func != NULL)
-			sk_OPENSSL_BLOCK_pop_free(ret, free_func);
-		else
-			sk_OPENSSL_BLOCK_free(ret);
-	}
-	return NULL;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/asn1/a_sign.c b/lib/libssl/src/crypto/asn1/a_sign.c
deleted file mode 100644
index 195daa3b9f2..00000000000
--- a/lib/libssl/src/crypto/asn1/a_sign.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* $OpenBSD: a_sign.c,v 1.21 2015/09/10 15:56:24 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-int
-ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
-    ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type)
-{
-	EVP_MD_CTX ctx;
-	EVP_MD_CTX_init(&ctx);
-	if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
-		EVP_MD_CTX_cleanup(&ctx);
-		return 0;
-	}
-	return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
-}
-
-
-int
-ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
-    ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
-{
-	const EVP_MD *type;
-	EVP_PKEY *pkey;
-	unsigned char *buf_in = NULL, *buf_out = NULL;
-	size_t inl = 0, outl = 0, outll = 0;
-	int signid, paramtype;
-	int rv;
-
-	type = EVP_MD_CTX_md(ctx);
-	pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
-
-	if (!type || !pkey) {
-		ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
-		    ASN1_R_CONTEXT_NOT_INITIALISED);
-		return 0;
-	}
-
-	if (pkey->ameth->item_sign) {
-		rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
-		    signature);
-		if (rv == 1)
-			outl = signature->length;
-		/* Return value meanings:
-		 * <=0: error.
-		 *   1: method does everything.
-		 *   2: carry on as normal.
-		 *   3: ASN1 method sets algorithm identifiers: just sign.
-		 */
-		if (rv <= 0)
-			ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
-		if (rv <= 1)
-			goto err;
-	} else
-		rv = 2;
-
-	if (rv == 2) {
-		if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-			if (!pkey->ameth ||
-			    !OBJ_find_sigid_by_algs(&signid,
-				EVP_MD_nid(type), pkey->ameth->pkey_id)) {
-				ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
-				    ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
-				return 0;
-			}
-		} else
-			signid = type->pkey_type;
-
-		if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
-			paramtype = V_ASN1_NULL;
-		else
-			paramtype = V_ASN1_UNDEF;
-
-		if (algor1)
-			X509_ALGOR_set0(algor1,
-			    OBJ_nid2obj(signid), paramtype, NULL);
-		if (algor2)
-			X509_ALGOR_set0(algor2,
-			    OBJ_nid2obj(signid), paramtype, NULL);
-
-	}
-
-	inl = ASN1_item_i2d(asn, &buf_in, it);
-	outll = outl = EVP_PKEY_size(pkey);
-	buf_out = malloc(outl);
-	if ((buf_in == NULL) || (buf_out == NULL)) {
-		outl = 0;
-		ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EVP_DigestSignUpdate(ctx, buf_in, inl) ||
-	    !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
-		outl = 0;
-		ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
-		goto err;
-	}
-	free(signature->data);
-	signature->data = buf_out;
-	buf_out = NULL;
-	signature->length = outl;
-	/* In the interests of compatibility, I'll make sure that
-	 * the bit string has a 'not-used bits' value of 0
-	 */
-	signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-	signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-
-err:
-	EVP_MD_CTX_cleanup(ctx);
-	if (buf_in != NULL) {
-		explicit_bzero((char *)buf_in, inl);
-		free(buf_in);
-	}
-	if (buf_out != NULL) {
-		explicit_bzero((char *)buf_out, outll);
-		free(buf_out);
-	}
-	return (outl);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_strex.c b/lib/libssl/src/crypto/asn1/a_strex.c
deleted file mode 100644
index f60a70d94dc..00000000000
--- a/lib/libssl/src/crypto/asn1/a_strex.c
+++ /dev/null
@@ -1,646 +0,0 @@
-/* $OpenBSD: a_strex.c,v 1.25 2015/02/07 13:19:15 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-#include "charmap.h"
-
-/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
- * Enhanced string and name printing routines handling
- * multibyte characters, RFC2253 and a host of other
- * options.
- */
-
-#define CHARTYPE_BS_ESC		(ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
-
-#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
-		  ASN1_STRFLGS_ESC_QUOTE | \
-		  ASN1_STRFLGS_ESC_CTRL | \
-		  ASN1_STRFLGS_ESC_MSB)
-
-
-/* Three IO functions for sending data to memory, a BIO and
- * and a FILE pointer.
- */
-static int
-send_bio_chars(void *arg, const void *buf, int len)
-{
-	if (!arg)
-		return 1;
-	if (BIO_write(arg, buf, len) != len)
-		return 0;
-	return 1;
-}
-
-static int
-send_fp_chars(void *arg, const void *buf, int len)
-{
-	if (!arg)
-		return 1;
-	if (fwrite(buf, 1, (size_t)len, arg) != (size_t)len)
-		return 0;
-	return 1;
-}
-
-typedef int char_io(void *arg, const void *buf, int len);
-
-/* This function handles display of
- * strings, one character at a time.
- * It is passed an unsigned long for each
- * character because it could come from 2 or even
- * 4 byte forms.
- */
-
-static int
-do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
-    char_io *io_ch, void *arg)
-{
-	unsigned char chflgs, chtmp;
-	char tmphex[sizeof(long) * 2 + 3];
-
-	if (c > 0xffffffffL)
-		return -1;
-	if (c > 0xffff) {
-		snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
-		if (!io_ch(arg, tmphex, 10))
-			return -1;
-		return 10;
-	}
-	if (c > 0xff) {
-		snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
-		if (!io_ch(arg, tmphex, 6))
-			return -1;
-		return 6;
-	}
-	chtmp = (unsigned char)c;
-	if (chtmp > 0x7f)
-		chflgs = flags & ASN1_STRFLGS_ESC_MSB;
-	else
-		chflgs = char_type[chtmp] & flags;
-	if (chflgs & CHARTYPE_BS_ESC) {
-		/* If we don't escape with quotes, signal we need quotes */
-		if (chflgs & ASN1_STRFLGS_ESC_QUOTE) {
-			if (do_quotes)
-				*do_quotes = 1;
-			if (!io_ch(arg, &chtmp, 1))
-				return -1;
-			return 1;
-		}
-		if (!io_ch(arg, "\\", 1))
-			return -1;
-		if (!io_ch(arg, &chtmp, 1))
-			return -1;
-		return 2;
-	}
-	if (chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
-		snprintf(tmphex, sizeof tmphex, "\\%02X", chtmp);
-		if (!io_ch(arg, tmphex, 3))
-			return -1;
-		return 3;
-	}
-	/* If we get this far and do any escaping at all must escape
-	 * the escape character itself: backslash.
-	 */
-	if (chtmp == '\\' && flags & ESC_FLAGS) {
-		if (!io_ch(arg, "\\\\", 2))
-			return -1;
-		return 2;
-	}
-	if (!io_ch(arg, &chtmp, 1))
-		return -1;
-	return 1;
-}
-
-#define BUF_TYPE_WIDTH_MASK	0x7
-#define BUF_TYPE_CONVUTF8	0x8
-
-/* This function sends each character in a buffer to
- * do_esc_char(). It interprets the content formats
- * and converts to or from UTF8 as appropriate.
- */
-
-static int
-do_buf(unsigned char *buf, int buflen, int type, unsigned char flags,
-    char *quotes, char_io *io_ch, void *arg)
-{
-	int i, outlen, len;
-	unsigned char orflags, *p, *q;
-	unsigned long c;
-
-	p = buf;
-	q = buf + buflen;
-	outlen = 0;
-	while (p != q) {
-		if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
-			orflags = CHARTYPE_FIRST_ESC_2253;
-		else
-			orflags = 0;
-		switch (type & BUF_TYPE_WIDTH_MASK) {
-		case 4:
-			c = ((unsigned long)*p++) << 24;
-			c |= ((unsigned long)*p++) << 16;
-			c |= ((unsigned long)*p++) << 8;
-			c |= *p++;
-			if (c > UNICODE_MAX || UNICODE_IS_SURROGATE(c))
-				return -1;
-			break;
-
-		case 2:
-			c = ((unsigned long)*p++) << 8;
-			c |= *p++;
-			if (UNICODE_IS_SURROGATE(c))
-				return -1;
-			break;
-
-		case 1:
-			c = *p++;
-			break;
-
-		case 0:
-			i = UTF8_getc(p, q - p, &c);
-			if (i < 0)
-				return -1;	/* Invalid UTF8String */
-			p += i;
-			break;
-		default:
-			return -1;		/* invalid width */
-		}
-		if (p == q && flags & ASN1_STRFLGS_ESC_2253)
-			orflags = CHARTYPE_LAST_ESC_2253;
-		if (type & BUF_TYPE_CONVUTF8) {
-			unsigned char utfbuf[6];
-			int utflen;
-
-			utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
-			if (utflen < 0)
-				return -1;
-			for (i = 0; i < utflen; i++) {
-				/* We don't need to worry about setting orflags correctly
-				 * because if utflen==1 its value will be correct anyway
-				 * otherwise each character will be > 0x7f and so the
-				 * character will never be escaped on first and last.
-				 */
-				len = do_esc_char(utfbuf[i],
-				    (unsigned char)(flags | orflags), quotes,
-				    io_ch, arg);
-				if (len < 0)
-					return -1;
-				outlen += len;
-			}
-		} else {
-			len = do_esc_char(c, (unsigned char)(flags | orflags),
-			    quotes, io_ch, arg);
-			if (len < 0)
-				return -1;
-			outlen += len;
-		}
-	}
-	return outlen;
-}
-
-/* This function hex dumps a buffer of characters */
-
-static int
-do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
-{
-	static const char hexdig[] = "0123456789ABCDEF";
-	unsigned char *p, *q;
-	char hextmp[2];
-	if (arg) {
-		p = buf;
-		q = buf + buflen;
-		while (p != q) {
-			hextmp[0] = hexdig[*p >> 4];
-			hextmp[1] = hexdig[*p & 0xf];
-			if (!io_ch(arg, hextmp, 2))
-				return -1;
-			p++;
-		}
-	}
-	return buflen << 1;
-}
-
-/* "dump" a string. This is done when the type is unknown,
- * or the flags request it. We can either dump the content
- * octets or the entire DER encoding. This uses the RFC2253
- * #01234 format.
- */
-
-static int
-do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
-{
-	/* Placing the ASN1_STRING in a temp ASN1_TYPE allows
-	 * the DER encoding to readily obtained
-	 */
-	ASN1_TYPE t;
-	unsigned char *der_buf, *p;
-	int outlen, der_len;
-
-	if (!io_ch(arg, "#", 1))
-		return -1;
-	/* If we don't dump DER encoding just dump content octets */
-	if (!(lflags & ASN1_STRFLGS_DUMP_DER)) {
-		outlen = do_hex_dump(io_ch, arg, str->data, str->length);
-		if (outlen < 0)
-			return -1;
-		return outlen + 1;
-	}
-	t.type = str->type;
-	t.value.ptr = (char *)str;
-	der_len = i2d_ASN1_TYPE(&t, NULL);
-	der_buf = malloc(der_len);
-	if (!der_buf)
-		return -1;
-	p = der_buf;
-	i2d_ASN1_TYPE(&t, &p);
-	outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
-	free(der_buf);
-	if (outlen < 0)
-		return -1;
-	return outlen + 1;
-}
-
-/* Lookup table to convert tags to character widths,
- * 0 = UTF8 encoded, -1 is used for non string types
- * otherwise it is the number of bytes per character
- */
-
-static const signed char tag2nbyte[] = {
-	-1, -1, -1, -1, -1,	/* 0-4 */
-	-1, -1, -1, -1, -1,	/* 5-9 */
-	-1, -1, 0, -1,		/* 10-13 */
-	-1, -1, -1, -1,		/* 15-17 */
-	-1, 1, 1,		/* 18-20 */
-	-1, 1, 1, 1,		/* 21-24 */
-	-1, 1, -1,		/* 25-27 */
-	4, -1, 2		/* 28-30 */
-};
-
-/* This is the main function, print out an
- * ASN1_STRING taking note of various escape
- * and display options. Returns number of
- * characters written or -1 if an error
- * occurred.
- */
-
-static int
-do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
-{
-	int outlen, len;
-	int type;
-	char quotes;
-	unsigned char flags;
-
-	quotes = 0;
-	/* Keep a copy of escape flags */
-	flags = (unsigned char)(lflags & ESC_FLAGS);
-	type = str->type;
-	outlen = 0;
-
-	if (lflags & ASN1_STRFLGS_SHOW_TYPE) {
-		const char *tagname;
-		tagname = ASN1_tag2str(type);
-		outlen += strlen(tagname);
-		if (!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1))
-			return -1;
-		outlen++;
-	}
-
-	/* Decide what to do with type, either dump content or display it */
-
-	/* Dump everything */
-	if (lflags & ASN1_STRFLGS_DUMP_ALL)
-		type = -1;
-	/* Ignore the string type */
-	else if (lflags & ASN1_STRFLGS_IGNORE_TYPE)
-		type = 1;
-	else {
-		/* Else determine width based on type */
-		if ((type > 0) && (type < 31))
-			type = tag2nbyte[type];
-		else
-			type = -1;
-		if ((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN))
-			type = 1;
-	}
-
-	if (type == -1) {
-		len = do_dump(lflags, io_ch, arg, str);
-		if (len < 0)
-			return -1;
-		outlen += len;
-		return outlen;
-	}
-
-	if (lflags & ASN1_STRFLGS_UTF8_CONVERT) {
-		/* Note: if string is UTF8 and we want
-		 * to convert to UTF8 then we just interpret
-		 * it as 1 byte per character to avoid converting
-		 * twice.
-		 */
-		if (!type)
-			type = 1;
-		else
-			type |= BUF_TYPE_CONVUTF8;
-	}
-
-	len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
-	if (len < 0)
-		return -1;
-	outlen += len;
-	if (quotes)
-		outlen += 2;
-	if (!arg)
-		return outlen;
-	if (quotes && !io_ch(arg, "\"", 1))
-		return -1;
-	if (do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
-		return -1;
-	if (quotes && !io_ch(arg, "\"", 1))
-		return -1;
-	return outlen;
-}
-
-/* Used for line indenting: print 'indent' spaces */
-
-static int
-do_indent(char_io *io_ch, void *arg, int indent)
-{
-	int i;
-	for (i = 0; i < indent; i++)
-		if (!io_ch(arg, " ", 1))
-			return 0;
-	return 1;
-}
-
-#define FN_WIDTH_LN	25
-#define FN_WIDTH_SN	10
-
-static int
-do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, int indent,
-    unsigned long flags)
-{
-	int i, prev = -1, orflags, cnt;
-	int fn_opt, fn_nid;
-	ASN1_OBJECT *fn;
-	ASN1_STRING *val;
-	X509_NAME_ENTRY *ent;
-	char objtmp[80];
-	const char *objbuf;
-	int outlen, len;
-	char *sep_dn, *sep_mv, *sep_eq;
-	int sep_dn_len, sep_mv_len, sep_eq_len;
-
-	if (indent < 0)
-		indent = 0;
-	outlen = indent;
-	if (!do_indent(io_ch, arg, indent))
-		return -1;
-
-	switch (flags & XN_FLAG_SEP_MASK) {
-	case XN_FLAG_SEP_MULTILINE:
-		sep_dn = "\n";
-		sep_dn_len = 1;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		break;
-
-	case XN_FLAG_SEP_COMMA_PLUS:
-		sep_dn = ",";
-		sep_dn_len = 1;
-		sep_mv = "+";
-		sep_mv_len = 1;
-		indent = 0;
-		break;
-
-	case XN_FLAG_SEP_CPLUS_SPC:
-		sep_dn = ", ";
-		sep_dn_len = 2;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		indent = 0;
-		break;
-
-	case XN_FLAG_SEP_SPLUS_SPC:
-		sep_dn = "; ";
-		sep_dn_len = 2;
-		sep_mv = " + ";
-		sep_mv_len = 3;
-		indent = 0;
-		break;
-
-	default:
-		return -1;
-	}
-
-	if (flags & XN_FLAG_SPC_EQ) {
-		sep_eq = " = ";
-		sep_eq_len = 3;
-	} else {
-		sep_eq = "=";
-		sep_eq_len = 1;
-	}
-
-	fn_opt = flags & XN_FLAG_FN_MASK;
-
-	cnt = X509_NAME_entry_count(n);
-	for (i = 0; i < cnt; i++) {
-		if (flags & XN_FLAG_DN_REV)
-			ent = X509_NAME_get_entry(n, cnt - i - 1);
-		else
-			ent = X509_NAME_get_entry(n, i);
-		if (prev != -1) {
-			if (prev == ent->set) {
-				if (!io_ch(arg, sep_mv, sep_mv_len))
-					return -1;
-				outlen += sep_mv_len;
-			} else {
-				if (!io_ch(arg, sep_dn, sep_dn_len))
-					return -1;
-				outlen += sep_dn_len;
-				if (!do_indent(io_ch, arg, indent))
-					return -1;
-				outlen += indent;
-			}
-		}
-		prev = ent->set;
-		fn = X509_NAME_ENTRY_get_object(ent);
-		val = X509_NAME_ENTRY_get_data(ent);
-		fn_nid = OBJ_obj2nid(fn);
-		if (fn_opt != XN_FLAG_FN_NONE) {
-			int objlen, fld_len;
-			if ((fn_opt == XN_FLAG_FN_OID) ||
-			    (fn_nid == NID_undef)) {
-				OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
-				fld_len = 0; /* XXX: what should this be? */
-				objbuf = objtmp;
-			} else {
-				if (fn_opt == XN_FLAG_FN_SN) {
-					fld_len = FN_WIDTH_SN;
-					objbuf = OBJ_nid2sn(fn_nid);
-				} else if (fn_opt == XN_FLAG_FN_LN) {
-					fld_len = FN_WIDTH_LN;
-					objbuf = OBJ_nid2ln(fn_nid);
-				} else {
-					fld_len = 0; /* XXX: what should this be? */
-					objbuf = "";
-				}
-			}
-			objlen = strlen(objbuf);
-			if (!io_ch(arg, objbuf, objlen))
-				return -1;
-			if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
-				if (!do_indent(io_ch, arg, fld_len - objlen))
-					return -1;
-				outlen += fld_len - objlen;
-			}
-			if (!io_ch(arg, sep_eq, sep_eq_len))
-				return -1;
-			outlen += objlen + sep_eq_len;
-		}
-		/* If the field name is unknown then fix up the DER dump
-		 * flag. We might want to limit this further so it will
- 		 * DER dump on anything other than a few 'standard' fields.
-		 */
-		if ((fn_nid == NID_undef) &&
-		    (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
-			orflags = ASN1_STRFLGS_DUMP_ALL;
-		else
-			orflags = 0;
-
-		len = do_print_ex(io_ch, arg, flags | orflags, val);
-		if (len < 0)
-			return -1;
-		outlen += len;
-	}
-	return outlen;
-}
-
-/* Wrappers round the main functions */
-
-int
-X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
-{
-	if (flags == XN_FLAG_COMPAT)
-		return X509_NAME_print(out, nm, indent);
-	return do_name_ex(send_bio_chars, out, nm, indent, flags);
-}
-
-int
-X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
-{
-	if (flags == XN_FLAG_COMPAT) {
-		BIO *btmp;
-		int ret;
-		btmp = BIO_new_fp(fp, BIO_NOCLOSE);
-		if (!btmp)
-			return -1;
-		ret = X509_NAME_print(btmp, nm, indent);
-		BIO_free(btmp);
-		return ret;
-	}
-	return do_name_ex(send_fp_chars, fp, nm, indent, flags);
-}
-
-int
-ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
-{
-	return do_print_ex(send_bio_chars, out, flags, str);
-}
-
-int
-ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
-{
-	return do_print_ex(send_fp_chars, fp, flags, str);
-}
-
-/* Utility function: convert any string type to UTF8, returns number of bytes
- * in output string or a negative error code
- */
-
-int
-ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
-{
-	ASN1_STRING stmp, *str = &stmp;
-	int mbflag, type, ret;
-
-	if (!in)
-		return -1;
-	type = in->type;
-	if ((type < 0) || (type > 30))
-		return -1;
-	mbflag = tag2nbyte[type];
-	if (mbflag == -1)
-		return -1;
-	mbflag |= MBSTRING_FLAG;
-	stmp.data = NULL;
-	stmp.length = 0;
-	ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
-	    B_ASN1_UTF8STRING);
-	if (ret < 0)
-		return ret;
-	*out = stmp.data;
-	return stmp.length;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_strnid.c b/lib/libssl/src/crypto/asn1/a_strnid.c
deleted file mode 100644
index 0744ffb228f..00000000000
--- a/lib/libssl/src/crypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,292 +0,0 @@
-/* $OpenBSD: a_strnid.c,v 1.19 2015/02/10 11:22:21 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-
-static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
-static void st_free(ASN1_STRING_TABLE *tbl);
-static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
-    const ASN1_STRING_TABLE * const *b);
-
-
-/* This is the global mask for the mbstring functions: this is use to
- * mask out certain types (such as BMPString and UTF8String) because
- * certain software (e.g. Netscape) has problems with them.
- */
-
-static unsigned long global_mask = B_ASN1_UTF8STRING;
-
-void
-ASN1_STRING_set_default_mask(unsigned long mask)
-{
-	global_mask = mask;
-}
-
-unsigned long
-ASN1_STRING_get_default_mask(void)
-{
-	return global_mask;
-}
-
-/* This function sets the default to various "flavours" of configuration.
- * based on an ASCII string. Currently this is:
- * MASK:XXXX : a numerical mask value.
- * nobmp : Don't use BMPStrings (just Printable, T61).
- * pkix : PKIX recommendation in RFC2459.
- * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
- * default:   the default value, Printable, T61, BMP.
- */
-
-int
-ASN1_STRING_set_default_mask_asc(const char *p)
-{
-	unsigned long mask;
-	char *end;
-
-	if (!strncmp(p, "MASK:", 5)) {
-		if (!p[5])
-			return 0;
-		mask = strtoul(p + 5, &end, 0);
-		if (*end)
-			return 0;
-	} else if (!strcmp(p, "nombstr"))
-		mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING));
-	else if (!strcmp(p, "pkix"))
-		mask = ~((unsigned long)B_ASN1_T61STRING);
-	else if (!strcmp(p, "utf8only"))
-		mask = B_ASN1_UTF8STRING;
-	else if (!strcmp(p, "default"))
-		mask = 0xFFFFFFFFL;
-	else
-		return 0;
-	ASN1_STRING_set_default_mask(mask);
-	return 1;
-}
-
-/* The following function generates an ASN1_STRING based on limits in a table.
- * Frequently the types and length of an ASN1_STRING are restricted by a
- * corresponding OID. For example certificates and certificate requests.
- */
-
-ASN1_STRING *
-ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen,
-    int inform, int nid)
-{
-	ASN1_STRING_TABLE *tbl;
-	ASN1_STRING *str = NULL;
-	unsigned long mask;
-	int ret;
-	if (!out)
-		out = &str;
-	tbl = ASN1_STRING_TABLE_get(nid);
-	if (tbl) {
-		mask = tbl->mask;
-		if (!(tbl->flags & STABLE_NO_MASK))
-			mask &= global_mask;
-		ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
-		    tbl->minsize, tbl->maxsize);
-	} else
-		ret = ASN1_mbstring_copy(out, in, inlen, inform,
-		    DIRSTRING_TYPE & global_mask);
-	if (ret <= 0)
-		return NULL;
-	return *out;
-}
-
-/* Now the tables and helper functions for the string table:
- */
-
-/* size limits: this stuff is taken straight from RFC3280 */
-
-#define ub_name				32768
-#define ub_common_name			64
-#define ub_locality_name		128
-#define ub_state_name			128
-#define ub_organization_name		64
-#define ub_organization_unit_name	64
-#define ub_title			64
-#define ub_email_address		128
-#define ub_serial_number		64
-
-
-/* This table must be kept in NID order */
-
-static const ASN1_STRING_TABLE tbl_standard[] = {
-	{NID_commonName,		1, ub_common_name, DIRSTRING_TYPE, 0},
-	{NID_countryName,		2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-	{NID_localityName,		1, ub_locality_name, DIRSTRING_TYPE, 0},
-	{NID_stateOrProvinceName,	1, ub_state_name, DIRSTRING_TYPE, 0},
-	{NID_organizationName,		1, ub_organization_name, DIRSTRING_TYPE, 0},
-	{NID_organizationalUnitName,	1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
-	{NID_pkcs9_emailAddress,	1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
-	{NID_pkcs9_unstructuredName,	1, -1, PKCS9STRING_TYPE, 0},
-	{NID_pkcs9_challengePassword,	1, -1, PKCS9STRING_TYPE, 0},
-	{NID_pkcs9_unstructuredAddress,	1, -1, DIRSTRING_TYPE, 0},
-	{NID_givenName,			1, ub_name, DIRSTRING_TYPE, 0},
-	{NID_surname,			1, ub_name, DIRSTRING_TYPE, 0},
-	{NID_initials,			1, ub_name, DIRSTRING_TYPE, 0},
-	{NID_serialNumber,		1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-	{NID_friendlyName,		-1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
-	{NID_name,			1, ub_name, DIRSTRING_TYPE, 0},
-	{NID_dnQualifier,		-1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
-	{NID_domainComponent,		1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
-	{NID_ms_csp_name,		-1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
-};
-
-static int
-sk_table_cmp(const ASN1_STRING_TABLE * const *a,
-    const ASN1_STRING_TABLE * const *b)
-{
-	return (*a)->nid - (*b)->nid;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
-
-static int
-table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
-{
-	return a->nid - b->nid;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
-
-ASN1_STRING_TABLE *
-ASN1_STRING_TABLE_get(int nid)
-{
-	int idx;
-	ASN1_STRING_TABLE *ttmp;
-	ASN1_STRING_TABLE fnd;
-
-	fnd.nid = nid;
-	ttmp = OBJ_bsearch_table(&fnd, tbl_standard,
-	    sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE));
-	if (ttmp)
-		return ttmp;
-	if (!stable)
-		return NULL;
-	idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
-	if (idx < 0)
-		return NULL;
-	return sk_ASN1_STRING_TABLE_value(stable, idx);
-}
-
-int
-ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask,
-    unsigned long flags)
-{
-	ASN1_STRING_TABLE *tmp;
-	char new_nid = 0;
-
-	flags &= ~STABLE_FLAGS_MALLOC;
-	if (!stable)
-		stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
-	if (!stable) {
-		ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!(tmp = ASN1_STRING_TABLE_get(nid))) {
-		tmp = malloc(sizeof(ASN1_STRING_TABLE));
-		if (!tmp) {
-			ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		tmp->flags = flags | STABLE_FLAGS_MALLOC;
-		tmp->nid = nid;
-		new_nid = 1;
-	} else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
-		if (minsize != -1)
-		tmp->minsize = minsize;
-	if (maxsize != -1)
-		tmp->maxsize = maxsize;
-	tmp->mask = mask;
-	if (new_nid) {
-		if (sk_ASN1_STRING_TABLE_push(stable, tmp) == 0) {
-			free(tmp);
-			ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-void
-ASN1_STRING_TABLE_cleanup(void)
-{
-	STACK_OF(ASN1_STRING_TABLE) *tmp;
-
-	tmp = stable;
-	if (!tmp)
-		return;
-	stable = NULL;
-	sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
-}
-
-static void
-st_free(ASN1_STRING_TABLE *tbl)
-{
-	if (tbl->flags & STABLE_FLAGS_MALLOC)
-		free(tbl);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_time.c b/lib/libssl/src/crypto/asn1/a_time.c
deleted file mode 100644
index 7a3742fd70b..00000000000
--- a/lib/libssl/src/crypto/asn1/a_time.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* $OpenBSD: a_time.c,v 1.27 2015/10/19 16:32:37 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This is an implementation of the ASN1 Time structure which is:
- *    Time ::= CHOICE {
- *      utcTime        UTCTime,
- *      generalTime    GeneralizedTime }
- * written by Steve Henson.
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-
-#include "o_time.h"
-#include "asn1_locl.h"
-
-const ASN1_ITEM ASN1_TIME_it = {
-	.itype = ASN1_ITYPE_MSTRING,
-	.utype = B_ASN1_TIME,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = sizeof(ASN1_STRING),
-	.sname = "ASN1_TIME",
-};
-
-
-ASN1_TIME *
-d2i_ASN1_TIME(ASN1_TIME **a, const unsigned char **in, long len)
-{
-	return (ASN1_TIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_TIME_it);
-}
-
-int
-i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_TIME_it);
-}
-
-ASN1_TIME *
-ASN1_TIME_new(void)
-{
-	return (ASN1_TIME *)ASN1_item_new(&ASN1_TIME_it);
-}
-
-void
-ASN1_TIME_free(ASN1_TIME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_TIME_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/a_time_tm.c b/lib/libssl/src/crypto/asn1/a_time_tm.c
deleted file mode 100644
index aa3cb9994cb..00000000000
--- a/lib/libssl/src/crypto/asn1/a_time_tm.c
+++ /dev/null
@@ -1,446 +0,0 @@
-/* $OpenBSD: a_time_tm.c,v 1.9 2015/12/12 21:02:59 beck Exp $ */
-/*
- * Copyright (c) 2015 Bob Beck <beck@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include <ctype.h>
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-
-#include "o_time.h"
-
-#define RFC5280 0
-#define GENTIME_LENGTH 15
-#define UTCTIME_LENGTH 13
-
-int
-asn1_tm_cmp(struct tm *tm1, struct tm *tm2) {
-	if (tm1->tm_year < tm2->tm_year)
-		return (-1);
-	if (tm1->tm_year > tm2->tm_year)
-		return (1);
-	if (tm1->tm_mon < tm2->tm_mon)
-		return (-1);
-	if (tm1->tm_mon > tm2->tm_mon)
-		return (1);
-	if (tm1->tm_mday < tm2->tm_mday)
-		return (-1);
-	if (tm1->tm_mday > tm2->tm_mday)
-		return (1);
-	if (tm1->tm_hour < tm2->tm_hour)
-		return (-1);
-	if (tm1->tm_hour > tm2->tm_hour)
-		return (1);
-	if (tm1->tm_min < tm2->tm_min)
-		return (-1);
-	if (tm1->tm_min > tm2->tm_min)
-		return (1);
-	if (tm1->tm_sec < tm2->tm_sec)
-		return (-1);
-	if (tm1->tm_sec > tm2->tm_sec)
-		return (1);
-	return 0;
-}
-
-/* Format a time as an RFC 5280 format Generalized time */
-char *
-gentime_string_from_tm(struct tm *tm)
-{
-	char *ret = NULL;
-	int year;
-
-	year = tm->tm_year + 1900;
-	if (year < 0 || year > 9999)
-		return (NULL);
-
-	if (asprintf(&ret, "%04u%02u%02u%02u%02u%02uZ", year,
-	    tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
-	    tm->tm_sec) == -1)
-		ret = NULL;
-
-	return (ret);
-}
-
-/* Format a time as an RFC 5280 format UTC time */
-char *
-utctime_string_from_tm(struct tm *tm)
-{
-	char *ret = NULL;
-
-	if (tm->tm_year >= 150 || tm->tm_year < 50)
-		return (NULL);
-
-	if (asprintf(&ret, "%02u%02u%02u%02u%02u%02uZ",
-	    tm->tm_year % 100,  tm->tm_mon + 1, tm->tm_mday,
-	    tm->tm_hour, tm->tm_min, tm->tm_sec) == -1)
-		ret = NULL;
-
-	return (ret);
-}
-
-/* Format a time correctly for an X509 object as per RFC 5280 */
-char *
-rfc5280_string_from_tm(struct tm *tm)
-{
-	char *ret = NULL;
-	int year;
-
-	year = tm->tm_year + 1900;
-	if (year < 1950 || year > 9999)
-		return (NULL);
-
-	if (year < 2050)
-		ret = utctime_string_from_tm(tm);
-	else
-		ret = gentime_string_from_tm(tm);
-
-	return (ret);
-}
-
-/*
- * Parse an RFC 5280 format ASN.1 time string.
- *
- * mode must be:
- * 0 if we expect to parse a time as specified in RFC 5280 from an X509 object.
- * V_ASN1_UTCTIME if we wish to parse on RFC5280 format UTC time.
- * V_ASN1_GENERALIZEDTIME if we wish to parse an RFC5280 format Generalized time.
- *
- * Returns:
- * -1 if the string was invalid.
- * V_ASN1_UTCTIME if the string validated as a UTC time string.
- * V_ASN1_GENERALIZEDTIME if the string validated as a Generalized time string.
- *
- * Fills in *tm with the corresponding time if tm is non NULL.
- */
-#define	ATOI2(ar)	((ar) += 2, ((ar)[-2] - '0') * 10 + ((ar)[-1] - '0'))
-int
-asn1_time_parse(const char *bytes, size_t len, struct tm *tm, int mode)
-{
-	size_t i;
-	int type = 0;
-	struct tm ltm;
-	struct tm *lt;
-	const char *p;
-
-	if (bytes == NULL)
-		return (-1);
-
-	/* Constrain to valid lengths. */
-	if (len != UTCTIME_LENGTH && len != GENTIME_LENGTH)
-		return (-1);
-
-	lt = tm;
-	if (lt == NULL) {
-		memset(&ltm, 0, sizeof(ltm));
-		lt = &ltm;
-	}
-
-	/* Timezone is required and must be GMT (Zulu). */
-	if (bytes[len - 1] != 'Z')
-		return (-1);
-
-	/* Make sure everything else is digits. */
-	for (i = 0; i < len - 1; i++) {
-		if (isdigit((unsigned char)bytes[i]))
-			continue;
-		return (-1);
-	}
-
-	/*
-	 * Validate and convert the time
-	 */
-	p = bytes;
-	switch (len) {
-	case GENTIME_LENGTH:
-		if (mode == V_ASN1_UTCTIME)
-			return (-1);
-		lt->tm_year = (ATOI2(p) * 100) - 1900;	/* cc */
-		type = V_ASN1_GENERALIZEDTIME;
-		/* FALLTHROUGH */
-	case UTCTIME_LENGTH:
-		if (type == 0) {
-			if (mode == V_ASN1_GENERALIZEDTIME)
-				return (-1);
-			type = V_ASN1_UTCTIME;
-		}
-		lt->tm_year += ATOI2(p);		/* yy */
-		if (type == V_ASN1_UTCTIME) {
-			if (lt->tm_year < 50)
-				lt->tm_year += 100;
-		}
-		lt->tm_mon = ATOI2(p) - 1;		/* mm */
-		if (lt->tm_mon < 0 || lt->tm_mon > 11)
-			return (-1);
-		lt->tm_mday = ATOI2(p);			/* dd */
-		if (lt->tm_mday < 1 || lt->tm_mday > 31)
-			return (-1);
-		lt->tm_hour = ATOI2(p);			/* HH */
-		if (lt->tm_hour < 0 || lt->tm_hour > 23)
-			return (-1);
-		lt->tm_min = ATOI2(p);			/* MM */
-		if (lt->tm_min < 0 || lt->tm_min > 59)
-			return (-1);
-		lt->tm_sec = ATOI2(p);			/* SS */
-		/* Leap second 60 is not accepted. Reconsider later? */
-		if (lt->tm_sec < 0 || lt->tm_sec > 59)
-			return (-1);
-		break;
-	default:
-		return (-1);
-	}
-
-	return (type);
-}
-
-/*
- * ASN1_TIME generic functions.
- */
-
-static int
-ASN1_TIME_set_string_internal(ASN1_TIME *s, const char *str, int mode)
-{
-	int type;
-	char *tmp;
-
-	if ((type = asn1_time_parse(str, strlen(str), NULL, mode)) == -1)
-		return (0);
-	if (mode != 0 && mode != type)
-		return (0);
-
-	if (s == NULL)
-		return (1);
-
-	if ((tmp = strdup(str)) == NULL)
-		return (0);
-	free(s->data);
-	s->data = tmp;
-	s->length = strlen(tmp);
-	s->type = type;
-
-	return (1);
-}
-
-static ASN1_TIME *
-ASN1_TIME_adj_internal(ASN1_TIME *s, time_t t, int offset_day, long offset_sec,
-    int mode)
-{
-	int allocated = 0;
-	struct tm tm;
-	size_t len;
-	char * p;
-
- 	if (gmtime_r(&t, &tm) == NULL)
- 		return (NULL);
-
-	if (offset_day || offset_sec) {
-		if (!OPENSSL_gmtime_adj(&tm, offset_day, offset_sec))
-			return (NULL);
-	}
-
-	switch (mode) {
-	case V_ASN1_UTCTIME:
-		p = utctime_string_from_tm(&tm);
-		break;
-	case V_ASN1_GENERALIZEDTIME:
-		p = gentime_string_from_tm(&tm);
-		break;
-	case RFC5280:
-		p = rfc5280_string_from_tm(&tm);
-		break;
-	default:
-		return (NULL);
-	}
-	if (p == NULL) {
-		ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ,
-		    ASN1_R_ILLEGAL_TIME_VALUE);
-		return (NULL);
-	}
-
-	if (s == NULL) {
-		if ((s = ASN1_TIME_new()) == NULL)
-			return (NULL);
-		allocated = 1;
-	}
-
-	len = strlen(p);
-	switch (len) {
-	case GENTIME_LENGTH:
-		s->type = V_ASN1_GENERALIZEDTIME;
-		break;
- 	case UTCTIME_LENGTH:
-		s->type = V_ASN1_UTCTIME;
-		break;
-	default:
-		if (allocated)
-			ASN1_TIME_free(s);
-		free(p);
-		return (NULL);
-	}
-	free(s->data);
-	s->data = p;
-	s->length = len;
-	return (s);
-}
-
-ASN1_TIME *
-ASN1_TIME_set(ASN1_TIME *s, time_t t)
-{
-	return (ASN1_TIME_adj(s, t, 0, 0));
-}
-
-ASN1_TIME *
-ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
-{
-	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec, RFC5280));
-}
-
-int
-ASN1_TIME_check(ASN1_TIME *t)
-{
-	if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
-		return (0);
-	return (t->type == asn1_time_parse(t->data, t->length, NULL, t->type));
-}
-
-ASN1_GENERALIZEDTIME *
-ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
-{
-	ASN1_GENERALIZEDTIME *tmp = NULL;
-	struct tm tm;
-	char *str;
-
-	if (t->type != V_ASN1_GENERALIZEDTIME && t->type != V_ASN1_UTCTIME)
-		return (NULL);
-
-	memset(&tm, 0, sizeof(tm));
-	if (t->type != asn1_time_parse(t->data, t->length, &tm, t->type))
-		return (NULL);
-	if ((str = gentime_string_from_tm(&tm)) == NULL)
-		return (NULL);
-
-	if (out != NULL)
-		tmp = *out;
-	if (tmp == NULL && (tmp = ASN1_GENERALIZEDTIME_new()) == NULL) {
-		free(str);
-		return (NULL);
-	}
-	if (out != NULL)
-		*out = tmp;
-
-	free(tmp->data);
-	tmp->data = str;
-	tmp->length = strlen(str);
-	return (tmp);
-}
-
-int
-ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
-{
-	return (ASN1_TIME_set_string_internal(s, str, 0));
-}
-
-/*
- * ASN1_UTCTIME wrappers
- */
-
-int
-ASN1_UTCTIME_check(ASN1_UTCTIME *d)
-{
-	if (d->type != V_ASN1_UTCTIME)
-		return (0);
-	return (d->type == asn1_time_parse(d->data, d->length, NULL, d->type));
-}
-
-int
-ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
-{
-	if (s != NULL && s->type != V_ASN1_UTCTIME)
-		return (0);
-	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_UTCTIME));
-}
-
-ASN1_UTCTIME *
-ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
-{
-	return (ASN1_UTCTIME_adj(s, t, 0, 0));
-}
-
-ASN1_UTCTIME *
-ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec)
-{
-	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
-	    V_ASN1_UTCTIME));
-}
-
-int
-ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t2)
-{
-	struct tm tm1, tm2;
-
-	/*
-	 * This function has never handled failure conditions properly
-	 * and should be deprecated. The OpenSSL version used to
-	 * simply follow NULL pointers on failure. BoringSSL and
-	 * OpenSSL now make it return -2 on failure.
-	 *
-	 * The danger is that users of this function will not
-	 * differentiate the -2 failure case from t1 < t2.
-	 */
-	if (asn1_time_parse(s->data, s->length, &tm1, V_ASN1_UTCTIME) == -1)
-		return (-2); /* XXX */
-
-	if (gmtime_r(&t2, &tm2) == NULL)
-		return (-2); /* XXX */
-
-	return asn1_tm_cmp(&tm1, &tm2);
-}
-
-/*
- * ASN1_GENERALIZEDTIME wrappers
- */
-
-int
-ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
-{
-	if (d->type != V_ASN1_GENERALIZEDTIME)
-		return (0);
-	return (d->type == asn1_time_parse(d->data, d->length, NULL, d->type));
-}
-
-int
-ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
-{
-	if (s != NULL && s->type != V_ASN1_GENERALIZEDTIME)
-		return (0);
-	return (ASN1_TIME_set_string_internal(s, str, V_ASN1_GENERALIZEDTIME));
-}
-
-ASN1_GENERALIZEDTIME *
-ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, time_t t)
-{
-	return (ASN1_GENERALIZEDTIME_adj(s, t, 0, 0));
-}
-
-ASN1_GENERALIZEDTIME *
-ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day,
-    long offset_sec)
-{
-	return (ASN1_TIME_adj_internal(s, t, offset_day, offset_sec,
-	    V_ASN1_GENERALIZEDTIME));
-}
diff --git a/lib/libssl/src/crypto/asn1/a_type.c b/lib/libssl/src/crypto/asn1/a_type.c
deleted file mode 100644
index ed1dec0671c..00000000000
--- a/lib/libssl/src/crypto/asn1/a_type.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* $OpenBSD: a_type.c,v 1.19 2016/05/04 15:00:24 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-int
-ASN1_TYPE_get(ASN1_TYPE *a)
-{
-	if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
-		return (a->type);
-	else
-		return (0);
-}
-
-void
-ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
-{
-	if (a->value.ptr != NULL) {
-		ASN1_TYPE **tmp_a = &a;
-		ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
-	}
-	a->type = type;
-	if (type == V_ASN1_BOOLEAN)
-		a->value.boolean = value ? 0xff : 0;
-	else
-		a->value.ptr = value;
-}
-
-int
-ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
-{
-	if (!value || (type == V_ASN1_BOOLEAN)) {
-		void *p = (void *)value;
-		ASN1_TYPE_set(a, type, p);
-	} else if (type == V_ASN1_OBJECT) {
-		ASN1_OBJECT *odup;
-		odup = OBJ_dup(value);
-		if (!odup)
-			return 0;
-		ASN1_TYPE_set(a, type, odup);
-	} else {
-		ASN1_STRING *sdup;
-		sdup = ASN1_STRING_dup(value);
-		if (!sdup)
-			return 0;
-		ASN1_TYPE_set(a, type, sdup);
-	}
-	return 1;
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int
-ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
-{
-	int result = -1;
-
-	if (!a || !b || a->type != b->type)
-		return -1;
-
-	switch (a->type) {
-	case V_ASN1_OBJECT:
-		result = OBJ_cmp(a->value.object, b->value.object);
-		break;
-	case V_ASN1_BOOLEAN:
-		result = a->value.boolean - b->value.boolean;
-		break;
-	case V_ASN1_NULL:
-		result = 0;	/* They do not have content. */
-		break;
-
-	case V_ASN1_INTEGER:
-	case V_ASN1_ENUMERATED:
-	case V_ASN1_BIT_STRING:
-	case V_ASN1_OCTET_STRING:
-	case V_ASN1_SEQUENCE:
-	case V_ASN1_SET:
-	case V_ASN1_NUMERICSTRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_T61STRING:
-	case V_ASN1_VIDEOTEXSTRING:
-	case V_ASN1_IA5STRING:
-	case V_ASN1_UTCTIME:
-	case V_ASN1_GENERALIZEDTIME:
-	case V_ASN1_GRAPHICSTRING:
-	case V_ASN1_VISIBLESTRING:
-	case V_ASN1_GENERALSTRING:
-	case V_ASN1_UNIVERSALSTRING:
-	case V_ASN1_BMPSTRING:
-	case V_ASN1_UTF8STRING:
-	case V_ASN1_OTHER:
-	default:
-		result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
-		    (ASN1_STRING *)b->value.ptr);
-		break;
-	}
-
-	return result;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_utf8.c b/lib/libssl/src/crypto/asn1/a_utf8.c
deleted file mode 100644
index 113a3a2e369..00000000000
--- a/lib/libssl/src/crypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* $OpenBSD: a_utf8.c,v 1.8 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-
-#include "asn1_locl.h"
-
-/* UTF8 utilities */
-
-/*
- * This parses a UTF8 string one character at a time. It is passed a pointer
- * to the string and the length of the string. It sets 'value' to the value of
- * the current character. It returns the number of characters read or a
- * negative error code:
- * -1 = string too short
- * -2 = illegal character
- * -3 = subsequent characters not of the form 10xxxxxx
- * -4 = character encoded incorrectly (not minimal length).
- */
-
-int
-UTF8_getc(const unsigned char *str, int len, unsigned long *val)
-{
-	const unsigned char *p;
-	unsigned long value;
-	int ret;
-	if (len <= 0)
-		return 0;
-	p = str;
-
-	/* Check syntax and work out the encoded value (if correct) */
-	if ((*p & 0x80) == 0) {
-		value = *p++ & 0x7f;
-		ret = 1;
-	} else if ((*p & 0xe0) == 0xc0) {
-		if (*p < 0xc2)
-			return -2;
-		if (len < 2)
-			return -1;
-		if ((p[1] & 0xc0) != 0x80)
-			return -3;
-		value = (*p++ & 0x1f) << 6;
-		value |= *p++ & 0x3f;
-		if (value < 0x80)
-			return -4;
-		ret = 2;
-	} else if ((*p & 0xf0) == 0xe0) {
-		if (len < 3)
-			return -1;
-		if (((p[1] & 0xc0) != 0x80) ||
-		    ((p[2] & 0xc0) != 0x80))
-			return -3;
-		value = (*p++ & 0xf) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if (value < 0x800)
-			return -4;
-		/* surrogate pair code points are not valid */
-		if (value >= 0xd800 && value < 0xe000)
-			return -2;
-		ret = 3;
-	} else if ((*p & 0xf8) == 0xf0 && (*p < 0xf5)) {
-		if (len < 4)
-			return -1;
-		if (((p[1] & 0xc0) != 0x80) ||
-		    ((p[2] & 0xc0) != 0x80) ||
-		    ((p[3] & 0xc0) != 0x80))
-			return -3;
-		value = ((unsigned long)(*p++ & 0x7)) << 18;
-		value |= (*p++ & 0x3f) << 12;
-		value |= (*p++ & 0x3f) << 6;
-		value |= *p++ & 0x3f;
-		if (value < 0x10000)
-			return -4;
-		if (value > UNICODE_MAX)
-			return -2;
-		ret = 4;
-	} else
-		return -2;
-	*val = value;
-	return ret;
-}
-
-/* This takes a Unicode code point 'value' and writes its UTF-8 encoded form
- * in 'str' where 'str' is a buffer of at least length 'len'.  If 'str'
- * is NULL, then nothing is written and just the return code is determined.
-
- * Returns less than zero on error:
- *  -1 if 'str' is not NULL and 'len' is too small
- *  -2 if 'value' is an invalid character (surrogate or out-of-range)
- *
- * Otherwise, returns the number of bytes in 'value's encoded form
- * (i.e., the number of bytes written to 'str' when it's not NULL).
- *
- * It will need at most 4 characters.
- */
-
-int
-UTF8_putc(unsigned char *str, int len, unsigned long value)
-{
-	if (value < 0x80) {
-		if (str != NULL) {
-			if (len < 1)
-				return -1;
-			str[0] = (unsigned char)value;
-		}
-		return 1;
-	}
-	if (value < 0x800) {
-		if (str != NULL) {
-			if (len < 2)
-				return -1;
-			str[0] = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
-			str[1] = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 2;
-	}
-	if (value < 0x10000) {
-		if (UNICODE_IS_SURROGATE(value))
-			return -2;
-		if (str != NULL) {
-			if (len < 3)
-				return -1;
-			str[0] = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
-			str[1] = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-			str[2] = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 3;
-	}
-	if (value <= UNICODE_MAX) {
-		if (str != NULL) {
-			if (len < 4)
-				return -1;
-			str[0] = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
-			str[1] = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
-			str[2] = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
-			str[3] = (unsigned char)((value & 0x3f) | 0x80);
-		}
-		return 4;
-	}
-	return -2;
-}
diff --git a/lib/libssl/src/crypto/asn1/a_verify.c b/lib/libssl/src/crypto/asn1/a_verify.c
deleted file mode 100644
index 12b76501e0f..00000000000
--- a/lib/libssl/src/crypto/asn1/a_verify.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* $OpenBSD: a_verify.c,v 1.22 2015/09/10 15:56:24 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/types.h>
-
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-int
-ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
-    ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
-{
-	EVP_MD_CTX ctx;
-	unsigned char *buf_in = NULL;
-	int ret = -1, inl;
-
-	int mdnid, pknid;
-
-	if (!pkey) {
-		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
-		return -1;
-	}
-
-	if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
-	{
-		ASN1err(ASN1_F_ASN1_VERIFY,
-		    ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
-		return -1;
-	}
-
-	EVP_MD_CTX_init(&ctx);
-
-	/* Convert signature OID into digest and public key OIDs */
-	if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
-		ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-		    ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
-		goto err;
-	}
-	if (mdnid == NID_undef) {
-		if (!pkey->ameth || !pkey->ameth->item_verify) {
-			ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-			    ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
-			goto err;
-		}
-		ret = pkey->ameth->item_verify(&ctx, it, asn, a,
-		    signature, pkey);
-		/* Return value of 2 means carry on, anything else means we
-		 * exit straight away: either a fatal error of the underlying
-		 * verification routine handles all verification.
-		 */
-		if (ret != 2)
-			goto err;
-		ret = -1;
-	} else {
-		const EVP_MD *type;
-		type = EVP_get_digestbynid(mdnid);
-		if (type == NULL) {
-			ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-			    ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
-			goto err;
-		}
-
-		/* Check public key OID matches public key type */
-		if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
-			ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
-			    ASN1_R_WRONG_PUBLIC_KEY_TYPE);
-			goto err;
-		}
-
-		if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
-			ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-			ret = 0;
-			goto err;
-		}
-
-	}
-
-	inl = ASN1_item_i2d(asn, &buf_in, it);
-
-	if (buf_in == NULL) {
-		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
-		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-		ret = 0;
-		goto err;
-	}
-
-	explicit_bzero(buf_in, (unsigned int)inl);
-	free(buf_in);
-
-	if (EVP_DigestVerifyFinal(&ctx, signature->data,
-	    (size_t)signature->length) <= 0) {
-		ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
-		ret = 0;
-		goto err;
-	}
-	/* we don't need to zero the 'ctx' because we just checked
-	 * public information */
-	/* memset(&ctx,0,sizeof(ctx)); */
-	ret = 1;
-
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/ameth_lib.c b/lib/libssl/src/crypto/asn1/ameth_lib.c
deleted file mode 100644
index 168321618cb..00000000000
--- a/lib/libssl/src/crypto/asn1/ameth_lib.c
+++ /dev/null
@@ -1,457 +0,0 @@
-/* $OpenBSD: ameth_lib.c,v 1.15 2014/11/09 19:17:13 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
-extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
-extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meths[];
-extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
-extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
-
-/* Keep this sorted in type order !! */
-static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
-#ifndef OPENSSL_NO_RSA
-	&rsa_asn1_meths[0],
-	&rsa_asn1_meths[1],
-#endif
-#ifndef OPENSSL_NO_DH
-	&dh_asn1_meth,
-#endif
-#ifndef OPENSSL_NO_DSA
-	&dsa_asn1_meths[0],
-	&dsa_asn1_meths[1],
-	&dsa_asn1_meths[2],
-	&dsa_asn1_meths[3],
-	&dsa_asn1_meths[4],
-#endif
-#ifndef OPENSSL_NO_EC
-	&eckey_asn1_meth,
-#endif
-#ifndef OPENSSL_NO_GOST
-	&gostr01_asn1_meths[0],
-	&gostimit_asn1_meth,
-#endif
-	&hmac_asn1_meth,
-	&cmac_asn1_meth,
-#ifndef OPENSSL_NO_GOST
-	&gostr01_asn1_meths[1],
-	&gostr01_asn1_meths[2],
-#endif
-};
-
-typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
-DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
-static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
-    const EVP_PKEY_ASN1_METHOD *, ameth);
-
-static int
-ameth_cmp(const EVP_PKEY_ASN1_METHOD * const *a,
-    const EVP_PKEY_ASN1_METHOD * const *b)
-{
-	return ((*a)->pkey_id - (*b)->pkey_id);
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
-    const EVP_PKEY_ASN1_METHOD *, ameth);
-
-int
-EVP_PKEY_asn1_get_count(void)
-{
-	int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
-	if (app_methods)
-		num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
-	return num;
-}
-
-const EVP_PKEY_ASN1_METHOD *
-EVP_PKEY_asn1_get0(int idx)
-{
-	int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
-	if (idx < 0)
-		return NULL;
-	if (idx < num)
-		return standard_methods[idx];
-	idx -= num;
-	return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
-}
-
-static const EVP_PKEY_ASN1_METHOD *
-pkey_asn1_find(int type)
-{
-	EVP_PKEY_ASN1_METHOD tmp;
-	const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
-	tmp.pkey_id = type;
-	if (app_methods) {
-		int idx;
-		idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
-		if (idx >= 0)
-			return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
-	}
-	ret = OBJ_bsearch_ameth(&t, standard_methods,
-	    sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *));
-	if (!ret || !*ret)
-		return NULL;
-	return *ret;
-}
-
-/* Find an implementation of an ASN1 algorithm. If 'pe' is not NULL
- * also search through engines and set *pe to a functional reference
- * to the engine implementing 'type' or NULL if no engine implements
- * it.
- */
-
-const EVP_PKEY_ASN1_METHOD *
-EVP_PKEY_asn1_find(ENGINE **pe, int type)
-{
-	const EVP_PKEY_ASN1_METHOD *t;
-
-	for (;;) {
-		t = pkey_asn1_find(type);
-		if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
-			break;
-		type = t->pkey_base_id;
-	}
-	if (pe) {
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE *e;
-		/* type will contain the final unaliased type */
-		e = ENGINE_get_pkey_asn1_meth_engine(type);
-		if (e) {
-			*pe = e;
-			return ENGINE_get_pkey_asn1_meth(e, type);
-		}
-#endif
-		*pe = NULL;
-	}
-	return t;
-}
-
-const EVP_PKEY_ASN1_METHOD *
-EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len)
-{
-	int i;
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	if (len == -1)
-		len = strlen(str);
-	if (pe) {
-#ifndef OPENSSL_NO_ENGINE
-		ENGINE *e;
-		ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
-		if (ameth) {
-			/* Convert structural into
-			 * functional reference
-			 */
-			if (!ENGINE_init(e))
-				ameth = NULL;
-			ENGINE_free(e);
-			*pe = e;
-			return ameth;
-		}
-#endif
-		*pe = NULL;
-	}
-	for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
-		ameth = EVP_PKEY_asn1_get0(i);
-		if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
-			continue;
-		if (((int)strlen(ameth->pem_str) == len) &&
-		    !strncasecmp(ameth->pem_str, str, len))
-			return ameth;
-	}
-	return NULL;
-}
-
-int
-EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
-{
-	if (app_methods == NULL) {
-		app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
-		if (!app_methods)
-			return 0;
-	}
-	if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
-		return 0;
-	sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
-	return 1;
-}
-
-int
-EVP_PKEY_asn1_add_alias(int to, int from)
-{
-	EVP_PKEY_ASN1_METHOD *ameth;
-
-	ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
-	if (!ameth)
-		return 0;
-	ameth->pkey_base_id = to;
-	if (!EVP_PKEY_asn1_add0(ameth)) {
-		EVP_PKEY_asn1_free(ameth);
-		return 0;
-	}
-	return 1;
-}
-
-int
-EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags,
-    const char **pinfo, const char **ppem_str,
-    const EVP_PKEY_ASN1_METHOD *ameth)
-{
-	if (!ameth)
-		return 0;
-	if (ppkey_id)
-		*ppkey_id = ameth->pkey_id;
-	if (ppkey_base_id)
-		*ppkey_base_id = ameth->pkey_base_id;
-	if (ppkey_flags)
-		*ppkey_flags = ameth->pkey_flags;
-	if (pinfo)
-		*pinfo = ameth->info;
-	if (ppem_str)
-		*ppem_str = ameth->pem_str;
-	return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD*
-EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
-{
-	return pkey->ameth;
-}
-
-EVP_PKEY_ASN1_METHOD*
-EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info)
-{
-	EVP_PKEY_ASN1_METHOD *ameth;
-
-	ameth = calloc(1, sizeof(EVP_PKEY_ASN1_METHOD));
-	if (!ameth)
-		return NULL;
-
-	ameth->pkey_id = id;
-	ameth->pkey_base_id = id;
-	ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
-
-	if (info) {
-		ameth->info = strdup(info);
-		if (!ameth->info)
-			goto err;
-	} else
-		ameth->info = NULL;
-
-	if (pem_str) {
-		ameth->pem_str = strdup(pem_str);
-		if (!ameth->pem_str)
-			goto err;
-	} else
-		ameth->pem_str = NULL;
-
-	ameth->pub_decode = 0;
-	ameth->pub_encode = 0;
-	ameth->pub_cmp = 0;
-	ameth->pub_print = 0;
-
-	ameth->priv_decode = 0;
-	ameth->priv_encode = 0;
-	ameth->priv_print = 0;
-
-	ameth->old_priv_encode = 0;
-	ameth->old_priv_decode = 0;
-
-	ameth->item_verify = 0;
-	ameth->item_sign = 0;
-
-	ameth->pkey_size = 0;
-	ameth->pkey_bits = 0;
-
-	ameth->param_decode = 0;
-	ameth->param_encode = 0;
-	ameth->param_missing = 0;
-	ameth->param_copy = 0;
-	ameth->param_cmp = 0;
-	ameth->param_print = 0;
-
-	ameth->pkey_free = 0;
-	ameth->pkey_ctrl = 0;
-
-	return ameth;
-
-err:
-	EVP_PKEY_asn1_free(ameth);
-	return NULL;
-}
-
-void
-EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, const EVP_PKEY_ASN1_METHOD *src)
-{
-	dst->pub_decode = src->pub_decode;
-	dst->pub_encode = src->pub_encode;
-	dst->pub_cmp = src->pub_cmp;
-	dst->pub_print = src->pub_print;
-
-	dst->priv_decode = src->priv_decode;
-	dst->priv_encode = src->priv_encode;
-	dst->priv_print = src->priv_print;
-
-	dst->old_priv_encode = src->old_priv_encode;
-	dst->old_priv_decode = src->old_priv_decode;
-
-	dst->pkey_size = src->pkey_size;
-	dst->pkey_bits = src->pkey_bits;
-
-	dst->param_decode = src->param_decode;
-	dst->param_encode = src->param_encode;
-	dst->param_missing = src->param_missing;
-	dst->param_copy = src->param_copy;
-	dst->param_cmp = src->param_cmp;
-	dst->param_print = src->param_print;
-
-	dst->pkey_free = src->pkey_free;
-	dst->pkey_ctrl = src->pkey_ctrl;
-
-	dst->item_sign = src->item_sign;
-	dst->item_verify = src->item_verify;
-}
-
-void
-EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
-{
-	if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
-		free(ameth->pem_str);
-		free(ameth->info);
-		free(ameth);
-	}
-}
-
-void
-EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
-    int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
-    int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
-    int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	ASN1_PCTX *pctx),
-    int (*pkey_size)(const EVP_PKEY *pk),
-    int (*pkey_bits)(const EVP_PKEY *pk))
-{
-	ameth->pub_decode = pub_decode;
-	ameth->pub_encode = pub_encode;
-	ameth->pub_cmp = pub_cmp;
-	ameth->pub_print = pub_print;
-	ameth->pkey_size = pkey_size;
-	ameth->pkey_bits = pkey_bits;
-}
-
-void
-EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
-    int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
-    int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	ASN1_PCTX *pctx))
-{
-	ameth->priv_decode = priv_decode;
-	ameth->priv_encode = priv_encode;
-	ameth->priv_print = priv_print;
-}
-
-void
-EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
-    int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
-    int (*param_missing)(const EVP_PKEY *pk),
-    int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
-    int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
-    int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	ASN1_PCTX *pctx))
-{
-	ameth->param_decode = param_decode;
-	ameth->param_encode = param_encode;
-	ameth->param_missing = param_missing;
-	ameth->param_copy = param_copy;
-	ameth->param_cmp = param_cmp;
-	ameth->param_print = param_print;
-}
-
-void
-EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
-    void (*pkey_free)(EVP_PKEY *pkey))
-{
-	ameth->pkey_free = pkey_free;
-}
-
-void
-EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2))
-{
-	ameth->pkey_ctrl = pkey_ctrl;
-}
diff --git a/lib/libssl/src/crypto/asn1/asn1.h b/lib/libssl/src/crypto/asn1/asn1.h
deleted file mode 100644
index c5d9b55e400..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1.h
+++ /dev/null
@@ -1,1363 +0,0 @@
-/* $OpenBSD: asn1.h,v 1.34 2015/10/13 16:31:08 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_H
-#define HEADER_ASN1_H
-
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define V_ASN1_UNIVERSAL		0x00
-#define	V_ASN1_APPLICATION		0x40
-#define V_ASN1_CONTEXT_SPECIFIC		0x80
-#define V_ASN1_PRIVATE			0xc0
-
-#define V_ASN1_CONSTRUCTED		0x20
-#define V_ASN1_PRIMITIVE_TAG		0x1f
-#define V_ASN1_PRIMATIVE_TAG		0x1f
-
-#define V_ASN1_APP_CHOOSE		-2	/* let the recipient choose */
-#define V_ASN1_OTHER			-3	/* used in ASN1_TYPE */
-#define V_ASN1_ANY			-4	/* used in ASN1 template code */
-
-#define V_ASN1_NEG			0x100	/* negative flag */
-
-#define V_ASN1_UNDEF			-1
-#define V_ASN1_EOC			0
-#define V_ASN1_BOOLEAN			1	/**/
-#define V_ASN1_INTEGER			2
-#define V_ASN1_NEG_INTEGER		(2 | V_ASN1_NEG)
-#define V_ASN1_BIT_STRING		3
-#define V_ASN1_OCTET_STRING		4
-#define V_ASN1_NULL			5
-#define V_ASN1_OBJECT			6
-#define V_ASN1_OBJECT_DESCRIPTOR	7
-#define V_ASN1_EXTERNAL			8
-#define V_ASN1_REAL			9
-#define V_ASN1_ENUMERATED		10
-#define V_ASN1_NEG_ENUMERATED		(10 | V_ASN1_NEG)
-#define V_ASN1_UTF8STRING		12
-#define V_ASN1_SEQUENCE			16
-#define V_ASN1_SET			17
-#define V_ASN1_NUMERICSTRING		18	/**/
-#define V_ASN1_PRINTABLESTRING		19
-#define V_ASN1_T61STRING		20
-#define V_ASN1_TELETEXSTRING		20	/* alias */
-#define V_ASN1_VIDEOTEXSTRING		21	/**/
-#define V_ASN1_IA5STRING		22
-#define V_ASN1_UTCTIME			23
-#define V_ASN1_GENERALIZEDTIME		24	/**/
-#define V_ASN1_GRAPHICSTRING		25	/**/
-#define V_ASN1_ISO64STRING		26	/**/
-#define V_ASN1_VISIBLESTRING		26	/* alias */
-#define V_ASN1_GENERALSTRING		27	/**/
-#define V_ASN1_UNIVERSALSTRING		28	/**/
-#define V_ASN1_BMPSTRING		30
-
-/* For use with d2i_ASN1_type_bytes() */
-#define B_ASN1_NUMERICSTRING	0x0001
-#define B_ASN1_PRINTABLESTRING	0x0002
-#define B_ASN1_T61STRING	0x0004
-#define B_ASN1_TELETEXSTRING	0x0004
-#define B_ASN1_VIDEOTEXSTRING	0x0008
-#define B_ASN1_IA5STRING	0x0010
-#define B_ASN1_GRAPHICSTRING	0x0020
-#define B_ASN1_ISO64STRING	0x0040
-#define B_ASN1_VISIBLESTRING	0x0040
-#define B_ASN1_GENERALSTRING	0x0080
-#define B_ASN1_UNIVERSALSTRING	0x0100
-#define B_ASN1_OCTET_STRING	0x0200
-#define B_ASN1_BIT_STRING	0x0400
-#define B_ASN1_BMPSTRING	0x0800
-#define B_ASN1_UNKNOWN		0x1000
-#define B_ASN1_UTF8STRING	0x2000
-#define B_ASN1_UTCTIME		0x4000
-#define B_ASN1_GENERALIZEDTIME	0x8000
-#define B_ASN1_SEQUENCE		0x10000
-
-/* For use with ASN1_mbstring_copy() */
-#define MBSTRING_FLAG		0x1000
-#define MBSTRING_UTF8		(MBSTRING_FLAG)
-#define MBSTRING_ASC		(MBSTRING_FLAG|1)
-#define MBSTRING_BMP		(MBSTRING_FLAG|2)
-#define MBSTRING_UNIV		(MBSTRING_FLAG|4)
-
-#define SMIME_OLDMIME		0x400
-#define SMIME_CRLFEOL		0x800
-#define SMIME_STREAM		0x1000
-
-struct X509_algor_st;
-DECLARE_STACK_OF(X509_ALGOR)
-
-#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
-#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
-
-/* We MUST make sure that, except for constness, asn1_ctx_st and
-   asn1_const_ctx are exactly the same.  Fortunately, as soon as
-   the old ASN1 parsing macros are gone, we can throw this away
-   as well... */
-typedef struct asn1_ctx_st {
-	unsigned char *p;/* work char pointer */
-	int eos;	/* end of sequence read for indefinite encoding */
-	int error;	/* error code to use when returning an error */
-	int inf;	/* constructed if 0x20, indefinite is 0x21 */
-	int tag;	/* tag from last 'get object' */
-	int xclass;	/* class from last 'get object' */
-	long slen;	/* length of last 'get object' */
-	unsigned char *max; /* largest value of p allowed */
-	unsigned char *q;/* temporary variable */
-	unsigned char **pp;/* variable */
-	int line;	/* used in error processing */
-} ASN1_CTX;
-
-typedef struct asn1_const_ctx_st {
-	const unsigned char *p;/* work char pointer */
-	int eos;	/* end of sequence read for indefinite encoding */
-	int error;	/* error code to use when returning an error */
-	int inf;	/* constructed if 0x20, indefinite is 0x21 */
-	int tag;	/* tag from last 'get object' */
-	int xclass;	/* class from last 'get object' */
-	long slen;	/* length of last 'get object' */
-	const unsigned char *max; /* largest value of p allowed */
-	const unsigned char *q;/* temporary variable */
-	const unsigned char **pp;/* variable */
-	int line;	/* used in error processing */
-} ASN1_const_CTX;
-
-/* These are used internally in the ASN1_OBJECT to keep track of
- * whether the names and data need to be free()ed */
-#define ASN1_OBJECT_FLAG_DYNAMIC	 0x01	/* internal use */
-#define ASN1_OBJECT_FLAG_CRITICAL	 0x02	/* critical x509v3 object id */
-#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04	/* internal use */
-#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 	 0x08	/* internal use */
-typedef struct asn1_object_st {
-	const char *sn, *ln;
-	int nid;
-	int length;
-	const unsigned char *data;	/* data remains const after init */
-	int flags;	/* Should we free this one */
-} ASN1_OBJECT;
-
-#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
-/* This indicates that the ASN1_STRING is not a real value but just a place
- * holder for the location where indefinite length constructed data should
- * be inserted in the memory buffer
- */
-#define ASN1_STRING_FLAG_NDEF 0x010
-
-/* This flag is used by the CMS code to indicate that a string is not
- * complete and is a place holder for content when it had all been
- * accessed. The flag will be reset when content has been written to it.
- */
-
-#define ASN1_STRING_FLAG_CONT 0x020
-/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
- * type.
- */
-#define ASN1_STRING_FLAG_MSTRING 0x040
-/* This is the base type that holds just about everything :-) */
-struct asn1_string_st {
-	int length;
-	int type;
-	unsigned char *data;
-	/* The value of the following field depends on the type being
-	 * held.  It is mostly being used for BIT_STRING so if the
-	 * input data has a non-zero 'unused bits' value, it will be
-	 * handled correctly */
-	long flags;
-};
-
-/* ASN1_ENCODING structure: this is used to save the received
- * encoding of an ASN1 type. This is useful to get round
- * problems with invalid encodings which can break signatures.
- */
-
-typedef struct ASN1_ENCODING_st {
-	unsigned char *enc;	/* DER encoding */
-	long len;		/* Length of encoding */
-	int modified;		 /* set to 1 if 'enc' is invalid */
-} ASN1_ENCODING;
-
-/* Used with ASN1 LONG type: if a long is set to this it is omitted */
-#define ASN1_LONG_UNDEF	0x7fffffffL
-
-#define STABLE_FLAGS_MALLOC	0x01
-#define STABLE_NO_MASK		0x02
-#define DIRSTRING_TYPE	\
- (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
-#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
-
-typedef struct asn1_string_table_st {
-	int nid;
-	long minsize;
-	long maxsize;
-	unsigned long mask;
-	unsigned long flags;
-} ASN1_STRING_TABLE;
-
-DECLARE_STACK_OF(ASN1_STRING_TABLE)
-
-/* size limits: this stuff is taken straight from RFC2459 */
-
-#define ub_name				32768
-#define ub_common_name			64
-#define ub_locality_name		128
-#define ub_state_name			128
-#define ub_organization_name		64
-#define ub_organization_unit_name	64
-#define ub_title			64
-#define ub_email_address		128
-
-/* Declarations for template structures: for full definitions
- * see asn1t.h
- */
-typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
-typedef struct ASN1_TLC_st ASN1_TLC;
-/* This is just an opaque pointer */
-typedef struct ASN1_VALUE_st ASN1_VALUE;
-
-/* Declare ASN1 functions: the implement macro in in asn1t.h */
-
-#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
-
-#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
-	DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
-
-#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
-	DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-	DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
-
-#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
-	DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-	DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
-
-#define	DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
-	type *d2i_##name(type **a, const unsigned char **in, long len); \
-	int i2d_##name(type *a, unsigned char **out); \
-	DECLARE_ASN1_ITEM(itname)
-
-#define	DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
-	type *d2i_##name(type **a, const unsigned char **in, long len); \
-	int i2d_##name(const type *a, unsigned char **out); \
-	DECLARE_ASN1_ITEM(name)
-
-#define	DECLARE_ASN1_NDEF_FUNCTION(name) \
-	int i2d_##name##_NDEF(name *a, unsigned char **out);
-
-#define DECLARE_ASN1_FUNCTIONS_const(name) \
-	DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
-	DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
-
-#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
-	type *name##_new(void); \
-	void name##_free(type *a);
-
-#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
-	DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
-
-#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
-	int fname##_print_ctx(BIO *out, stname *x, int indent, \
-					 const ASN1_PCTX *pctx);
-
-#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
-#define I2D_OF(type) int (*)(type *,unsigned char **)
-#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
-
-#define CHECKED_D2I_OF(type, d2i) \
-    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
-#define CHECKED_I2D_OF(type, i2d) \
-    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
-#define CHECKED_NEW_OF(type, xnew) \
-    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
-#define CHECKED_PTR_OF(type, p) \
-    ((void*) (1 ? p : (type*)0))
-#define CHECKED_PPTR_OF(type, p) \
-    ((void**) (1 ? p : (type**)0))
-
-#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
-#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
-#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
-
-TYPEDEF_D2I2D_OF(void);
-
-/* The following macros and typedefs allow an ASN1_ITEM
- * to be embedded in a structure and referenced. Since
- * the ASN1_ITEM pointers need to be globally accessible
- * (possibly from shared libraries) they may exist in
- * different forms. On platforms that support it the
- * ASN1_ITEM structure itself will be globally exported.
- * Other platforms will export a function that returns
- * an ASN1_ITEM pointer.
- *
- * To handle both cases transparently the macros below
- * should be used instead of hard coding an ASN1_ITEM
- * pointer in a structure.
- *
- * The structure will look like this:
- *
- * typedef struct SOMETHING_st {
- *      ...
- *      ASN1_ITEM_EXP *iptr;
- *      ...
- * } SOMETHING;
- *
- * It would be initialised as e.g.:
- *
- * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
- *
- * and the actual pointer extracted with:
- *
- * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
- *
- * Finally an ASN1_ITEM pointer can be extracted from an
- * appropriate reference with: ASN1_ITEM_rptr(X509). This
- * would be used when a function takes an ASN1_ITEM * argument.
- *
- */
-
-
-/* ASN1_ITEM pointer exported type */
-typedef const ASN1_ITEM ASN1_ITEM_EXP;
-
-/* Macro to obtain ASN1_ITEM pointer from exported type */
-#define ASN1_ITEM_ptr(iptr) (iptr)
-
-/* Macro to include ASN1_ITEM pointer from base type */
-#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
-
-#define ASN1_ITEM_rptr(ref) (&(ref##_it))
-
-#define DECLARE_ASN1_ITEM(name) \
-	extern const ASN1_ITEM name##_it;
-
-
-/* Parameters used by ASN1_STRING_print_ex() */
-
-/* These determine which characters to escape:
- * RFC2253 special characters, control characters and
- * MSB set characters
- */
-
-#define ASN1_STRFLGS_ESC_2253		1
-#define ASN1_STRFLGS_ESC_CTRL		2
-#define ASN1_STRFLGS_ESC_MSB		4
-
-
-/* This flag determines how we do escaping: normally
- * RC2253 backslash only, set this to use backslash and
- * quote.
- */
-
-#define ASN1_STRFLGS_ESC_QUOTE		8
-
-
-/* These three flags are internal use only. */
-
-/* Character is a valid PrintableString character */
-#define CHARTYPE_PRINTABLESTRING	0x10
-/* Character needs escaping if it is the first character */
-#define CHARTYPE_FIRST_ESC_2253		0x20
-/* Character needs escaping if it is the last character */
-#define CHARTYPE_LAST_ESC_2253		0x40
-
-/* NB the internal flags are safely reused below by flags
- * handled at the top level.
- */
-
-/* If this is set we convert all character strings
- * to UTF8 first
- */
-
-#define ASN1_STRFLGS_UTF8_CONVERT	0x10
-
-/* If this is set we don't attempt to interpret content:
- * just assume all strings are 1 byte per character. This
- * will produce some pretty odd looking output!
- */
-
-#define ASN1_STRFLGS_IGNORE_TYPE	0x20
-
-/* If this is set we include the string type in the output */
-#define ASN1_STRFLGS_SHOW_TYPE		0x40
-
-/* This determines which strings to display and which to
- * 'dump' (hex dump of content octets or DER encoding). We can
- * only dump non character strings or everything. If we
- * don't dump 'unknown' they are interpreted as character
- * strings with 1 octet per character and are subject to
- * the usual escaping options.
- */
-
-#define ASN1_STRFLGS_DUMP_ALL		0x80
-#define ASN1_STRFLGS_DUMP_UNKNOWN	0x100
-
-/* These determine what 'dumping' does, we can dump the
- * content octets or the DER encoding: both use the
- * RFC2253 #NNNNN notation.
- */
-
-#define ASN1_STRFLGS_DUMP_DER		0x200
-
-/* All the string flags consistent with RFC2253,
- * escaping control characters isn't essential in
- * RFC2253 but it is advisable anyway.
- */
-
-#define ASN1_STRFLGS_RFC2253	(ASN1_STRFLGS_ESC_2253 | \
-				ASN1_STRFLGS_ESC_CTRL | \
-				ASN1_STRFLGS_ESC_MSB | \
-				ASN1_STRFLGS_UTF8_CONVERT | \
-				ASN1_STRFLGS_DUMP_UNKNOWN | \
-				ASN1_STRFLGS_DUMP_DER)
-
-DECLARE_STACK_OF(ASN1_INTEGER)
-DECLARE_ASN1_SET_OF(ASN1_INTEGER)
-
-DECLARE_STACK_OF(ASN1_GENERALSTRING)
-
-typedef struct asn1_type_st {
-	int type;
-	union {
-		char *ptr;
-		ASN1_BOOLEAN		boolean;
-		ASN1_STRING *		asn1_string;
-		ASN1_OBJECT *		object;
-		ASN1_INTEGER *		integer;
-		ASN1_ENUMERATED *	enumerated;
-		ASN1_BIT_STRING *	bit_string;
-		ASN1_OCTET_STRING *	octet_string;
-		ASN1_PRINTABLESTRING *	printablestring;
-		ASN1_T61STRING *	t61string;
-		ASN1_IA5STRING *	ia5string;
-		ASN1_GENERALSTRING *	generalstring;
-		ASN1_BMPSTRING *	bmpstring;
-		ASN1_UNIVERSALSTRING *	universalstring;
-		ASN1_UTCTIME *		utctime;
-		ASN1_GENERALIZEDTIME *	generalizedtime;
-		ASN1_VISIBLESTRING *	visiblestring;
-		ASN1_UTF8STRING *	utf8string;
-		/* set and sequence are left complete and still
-		 * contain the set or sequence bytes */
-		ASN1_STRING *		set;
-		ASN1_STRING *		sequence;
-		ASN1_VALUE *		asn1_value;
-	} value;
-} ASN1_TYPE;
-
-DECLARE_STACK_OF(ASN1_TYPE)
-DECLARE_ASN1_SET_OF(ASN1_TYPE)
-
-typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
-
-typedef struct NETSCAPE_X509_st {
-	ASN1_OCTET_STRING *header;
-	X509 *cert;
-} NETSCAPE_X509;
-
-/* This is used to contain a list of bit names */
-typedef struct BIT_STRING_BITNAME_st {
-	int bitnum;
-	const char *lname;
-	const char *sname;
-} BIT_STRING_BITNAME;
-
-#ifndef LIBRESSL_INTERNAL
-
-#define M_ASN1_STRING_length(x)	((x)->length)
-#define M_ASN1_STRING_length_set(x, n)	((x)->length = (n))
-#define M_ASN1_STRING_type(x)	((x)->type)
-#define M_ASN1_STRING_data(x)	((x)->data)
-
-/* Macros for string operations */
-#define M_ASN1_BIT_STRING_new()	(ASN1_BIT_STRING *)\
-		ASN1_STRING_type_new(V_ASN1_BIT_STRING)
-#define M_ASN1_BIT_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
-		ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
-#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
-
-#define M_ASN1_INTEGER_new()	(ASN1_INTEGER *)\
-		ASN1_STRING_type_new(V_ASN1_INTEGER)
-#define M_ASN1_INTEGER_free(a)		ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
-		ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_INTEGER_cmp(a,b)	ASN1_STRING_cmp(\
-		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
-
-#define M_ASN1_ENUMERATED_new()	(ASN1_ENUMERATED *)\
-		ASN1_STRING_type_new(V_ASN1_ENUMERATED)
-#define M_ASN1_ENUMERATED_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
-		ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_ENUMERATED_cmp(a,b)	ASN1_STRING_cmp(\
-		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
-
-#define M_ASN1_OCTET_STRING_new()	(ASN1_OCTET_STRING *)\
-		ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
-#define M_ASN1_OCTET_STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
-		ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
-		(const ASN1_STRING *)a,(const ASN1_STRING *)b)
-#define M_ASN1_OCTET_STRING_set(a,b,c)	ASN1_STRING_set((ASN1_STRING *)a,b,c)
-#define M_ASN1_OCTET_STRING_print(a,b)	ASN1_STRING_print(a,(ASN1_STRING *)b)
-#define M_i2d_ASN1_OCTET_STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
-		V_ASN1_UNIVERSAL)
-
-#define M_ASN1_PRINTABLE_new()	ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-		pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_PRINTABLE)
-
-#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_DIRECTORYSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-						pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DIRECTORYSTRING(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_DIRECTORYSTRING)
-
-#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
-						pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_DISPLAYTEXT(a,pp,l) \
-		d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
-			B_ASN1_DISPLAYTEXT)
-
-#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
-		ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
-#define M_ASN1_PRINTABLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
-		V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
-		(ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
-
-#define M_ASN1_T61STRING_new()	(ASN1_T61STRING *)\
-		ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_T61STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_T61STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
-		V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_T61STRING(a,pp,l) \
-		(ASN1_T61STRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
-
-#define M_ASN1_IA5STRING_new()	(ASN1_IA5STRING *)\
-		ASN1_STRING_type_new(V_ASN1_IA5STRING)
-#define M_ASN1_IA5STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_IA5STRING_dup(a)	\
-		(ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
-#define M_i2d_ASN1_IA5STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_IA5STRING(a,pp,l) \
-		(ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
-			B_ASN1_IA5STRING)
-
-#define M_ASN1_UTCTIME_new()	(ASN1_UTCTIME *)\
-		ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_UTCTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
-		ASN1_STRING_dup((const ASN1_STRING *)a)
-
-#define M_ASN1_GENERALIZEDTIME_new()	(ASN1_GENERALIZEDTIME *)\
-		ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
-#define M_ASN1_GENERALIZEDTIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
-	(const ASN1_STRING *)a)
-
-#define M_ASN1_TIME_new()	(ASN1_TIME *)\
-		ASN1_STRING_type_new(V_ASN1_UTCTIME)
-#define M_ASN1_TIME_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
-	ASN1_STRING_dup((const ASN1_STRING *)a)
-
-#define M_ASN1_GENERALSTRING_new()	(ASN1_GENERALSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
-#define M_ASN1_GENERALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_GENERALSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
-		(ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
-
-#define M_ASN1_UNIVERSALSTRING_new()	(ASN1_UNIVERSALSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
-#define M_ASN1_UNIVERSALSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
-		(ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
-
-#define M_ASN1_BMPSTRING_new()	(ASN1_BMPSTRING *)\
-		ASN1_STRING_type_new(V_ASN1_BMPSTRING)
-#define M_ASN1_BMPSTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_BMPSTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
-		(ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
-
-#define M_ASN1_VISIBLESTRING_new()	(ASN1_VISIBLESTRING *)\
-		ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
-#define M_ASN1_VISIBLESTRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
-		(ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
-
-#define M_ASN1_UTF8STRING_new()	(ASN1_UTF8STRING *)\
-		ASN1_STRING_type_new(V_ASN1_UTF8STRING)
-#define M_ASN1_UTF8STRING_free(a)	ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_UTF8STRING(a,pp) \
-		i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
-			V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
-		(ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
-		((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
-
-#endif
-
-#define B_ASN1_TIME \
-			B_ASN1_UTCTIME | \
-			B_ASN1_GENERALIZEDTIME
-
-#define B_ASN1_PRINTABLE \
-			B_ASN1_NUMERICSTRING| \
-			B_ASN1_PRINTABLESTRING| \
-			B_ASN1_T61STRING| \
-			B_ASN1_IA5STRING| \
-			B_ASN1_BIT_STRING| \
-			B_ASN1_UNIVERSALSTRING|\
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UTF8STRING|\
-			B_ASN1_SEQUENCE|\
-			B_ASN1_UNKNOWN
-
-#define B_ASN1_DIRECTORYSTRING \
-			B_ASN1_PRINTABLESTRING| \
-			B_ASN1_TELETEXSTRING|\
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UNIVERSALSTRING|\
-			B_ASN1_UTF8STRING
-
-#define B_ASN1_DISPLAYTEXT \
-			B_ASN1_IA5STRING| \
-			B_ASN1_VISIBLESTRING| \
-			B_ASN1_BMPSTRING|\
-			B_ASN1_UTF8STRING
-
-/* for the is_set parameter to i2d_ASN1_SET */
-#define IS_SEQUENCE	0
-#define IS_SET		1
-
-DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
-
-int ASN1_TYPE_get(ASN1_TYPE *a);
-void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
-int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
-int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
-
-ASN1_OBJECT *ASN1_OBJECT_new(void );
-void ASN1_OBJECT_free(ASN1_OBJECT *a);
-int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
-ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-    long length);
-ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
-    long length);
-
-DECLARE_ASN1_ITEM(ASN1_OBJECT)
-
-DECLARE_STACK_OF(ASN1_OBJECT)
-DECLARE_ASN1_SET_OF(ASN1_OBJECT)
-
-ASN1_STRING *ASN1_STRING_new(void);
-void ASN1_STRING_free(ASN1_STRING *a);
-int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
-ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
-ASN1_STRING *ASN1_STRING_type_new(int type );
-int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
-  /* Since this is used to store all sorts of things, via macros, for now, make
-     its data void * */
-int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
-void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
-int ASN1_STRING_length(const ASN1_STRING *x);
-void ASN1_STRING_length_set(ASN1_STRING *x, int n);
-int ASN1_STRING_type(ASN1_STRING *x);
-unsigned char * ASN1_STRING_data(ASN1_STRING *x);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
-int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
-ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
-    const unsigned char **pp, long length);
-int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length );
-int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
-int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
-    unsigned char *flags, int flags_len);
-
-#ifndef OPENSSL_NO_BIO
-int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-    BIT_STRING_BITNAME *tbl, int indent);
-#endif
-int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
-int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-    BIT_STRING_BITNAME *tbl);
-
-int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
-int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
-int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
-ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-    long length);
-ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
-    long length);
-ASN1_INTEGER *	ASN1_INTEGER_dup(const ASN1_INTEGER *x);
-int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
-
-int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
-ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
-ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
-    int offset_day, long offset_sec);
-int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
-#ifndef LIBRESSL_INTERNAL
-int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
-#endif
-int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
-    time_t t);
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
-    time_t t, int offset_day, long offset_sec);
-int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
-int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
-    const ASN1_OCTET_STRING *b);
-int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
-    int len);
-
-DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
-DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
-DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
-DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
-DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
-
-DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
-
-ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
-ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
-    long offset_sec);
-int ASN1_TIME_check(ASN1_TIME *t);
-ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
-    ASN1_GENERALIZEDTIME **out);
-int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
-
-int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
-    i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
-STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
-    const unsigned char **pp, long length, d2i_of_void *d2i,
-    void (*free_func)(OPENSSL_BLOCK), int ex_tag, int ex_class);
-
-#ifndef OPENSSL_NO_BIO
-int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
-int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
-int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
-int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
-int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
-int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
-int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
-#endif
-int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
-
-int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
-ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
-    const char *sn, const char *ln);
-
-int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
-long ASN1_INTEGER_get(const ASN1_INTEGER *a);
-ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
-BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
-
-int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
-long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
-ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
-BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
-
-/* General */
-/* given a string, return the correct type, max is the maximum length */
-int ASN1_PRINTABLE_type(const unsigned char *s, int max);
-
-int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
-ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
-    long length, int Ptag, int Pclass);
-unsigned long ASN1_tag2bit(int tag);
-/* type is one or more of the B_ASN1_ values. */
-ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
-    long length, int type);
-
-/* PARSING */
-int asn1_Finish(ASN1_CTX *c);
-int asn1_const_Finish(ASN1_const_CTX *c);
-
-/* SPECIALS */
-int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
-    int *pclass, long omax);
-int ASN1_check_infinite_end(unsigned char **p, long len);
-int ASN1_const_check_infinite_end(const unsigned char **p, long len);
-void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
-    int xclass);
-int ASN1_put_eoc(unsigned char **pp);
-int ASN1_object_size(int constructed, int length, int tag);
-
-void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
-
-#ifndef LIBRESSL_INTERNAL
-
-/* Used to implement other functions */
-void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
-
-#define ASN1_dup_of(type,i2d,d2i,x) \
-    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
-		     CHECKED_D2I_OF(type, d2i), \
-		     CHECKED_PTR_OF(type, x)))
-
-#define ASN1_dup_of_const(type,i2d,d2i,x) \
-    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
-		     CHECKED_D2I_OF(type, d2i), \
-		     CHECKED_PTR_OF(const type, x)))
-
-/* ASN1 alloc/free macros for when a type is only used internally */
-
-#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
-#define M_ASN1_free_of(x, type) \
-		ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
-
-#endif
-
-void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
-
-#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
-    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
-			CHECKED_D2I_OF(type, d2i), \
-			in, \
-			CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
-int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
-
-#define ASN1_i2d_fp_of(type,i2d,out,x) \
-    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
-		 out, \
-		 CHECKED_PTR_OF(type, x)))
-
-#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
-    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
-		 out, \
-		 CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
-
-int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
-
-#ifndef OPENSSL_NO_BIO
-void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
-
-#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
-    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
-			  CHECKED_D2I_OF(type, d2i), \
-			  in, \
-			  CHECKED_PPTR_OF(type, x)))
-
-void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
-int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
-
-#define ASN1_i2d_bio_of(type,i2d,out,x) \
-    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
-		  out, \
-		  CHECKED_PTR_OF(type, x)))
-
-#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
-    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
-		  out, \
-		  CHECKED_PTR_OF(const type, x)))
-
-int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
-int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
-int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
-int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
-int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
-int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
-    unsigned char *buf, int off);
-int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
-int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump);
-#endif
-const char *ASN1_tag2str(int tag);
-
-/* Used to load and write netscape format cert */
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
-
-int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
-
-int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
-int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
-int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
-    int len);
-int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
-    int max_len);
-
-STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
-    d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
-unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
-    unsigned char **buf, int *len );
-void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
-void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
-ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
-    ASN1_OCTET_STRING **oct);
-
-ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
-    ASN1_OCTET_STRING **oct);
-
-void ASN1_STRING_set_default_mask(unsigned long mask);
-int ASN1_STRING_set_default_mask_asc(const char *p);
-unsigned long ASN1_STRING_get_default_mask(void);
-int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
-    int inform, unsigned long mask);
-int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
-    int inform, unsigned long mask, long minsize, long maxsize);
-
-ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
-    const unsigned char *in, int inlen, int inform, int nid);
-ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
-int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
-void ASN1_STRING_TABLE_cleanup(void);
-
-/* ASN1 template functions */
-
-/* Old API compatible functions */
-ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
-void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
-ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
-    long len, const ASN1_ITEM *it);
-int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
-
-void ASN1_add_oid_module(void);
-
-ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
-ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
-
-/* ASN1 Print flags */
-
-/* Indicate missing OPTIONAL fields */
-#define ASN1_PCTX_FLAGS_SHOW_ABSENT		0x001
-/* Mark start and end of SEQUENCE */
-#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE		0x002
-/* Mark start and end of SEQUENCE/SET OF */
-#define ASN1_PCTX_FLAGS_SHOW_SSOF		0x004
-/* Show the ASN1 type of primitives */
-#define ASN1_PCTX_FLAGS_SHOW_TYPE		0x008
-/* Don't show ASN1 type of ANY */
-#define ASN1_PCTX_FLAGS_NO_ANY_TYPE		0x010
-/* Don't show ASN1 type of MSTRINGs */
-#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE		0x020
-/* Don't show field names in SEQUENCE */
-#define ASN1_PCTX_FLAGS_NO_FIELD_NAME		0x040
-/* Show structure names of each SEQUENCE field */
-#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME	0x080
-/* Don't show structure name even at top level */
-#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME		0x100
-
-int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
-    const ASN1_ITEM *it, const ASN1_PCTX *pctx);
-ASN1_PCTX *ASN1_PCTX_new(void);
-void ASN1_PCTX_free(ASN1_PCTX *p);
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
-void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
-
-BIO_METHOD *BIO_f_asn1(void);
-
-BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
-
-int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-    const ASN1_ITEM *it);
-int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-    const char *hdr, const ASN1_ITEM *it);
-int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
-    int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs,
-    const ASN1_ITEM *it);
-ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
-int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
-int SMIME_text(BIO *in, BIO *out);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ASN1_strings(void);
-
-/* Error codes for the ASN1 functions. */
-
-/* Function codes. */
-#define ASN1_F_A2D_ASN1_OBJECT				 100
-#define ASN1_F_A2I_ASN1_ENUMERATED			 101
-#define ASN1_F_A2I_ASN1_INTEGER				 102
-#define ASN1_F_A2I_ASN1_STRING				 103
-#define ASN1_F_APPEND_EXP				 176
-#define ASN1_F_ASN1_BIT_STRING_SET_BIT			 183
-#define ASN1_F_ASN1_CB					 177
-#define ASN1_F_ASN1_CHECK_TLEN				 104
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE			 105
-#define ASN1_F_ASN1_COLLECT				 106
-#define ASN1_F_ASN1_D2I_EX_PRIMITIVE			 108
-#define ASN1_F_ASN1_D2I_FP				 109
-#define ASN1_F_ASN1_D2I_READ_BIO			 107
-#define ASN1_F_ASN1_DIGEST				 184
-#define ASN1_F_ASN1_DO_ADB				 110
-#define ASN1_F_ASN1_DUP					 111
-#define ASN1_F_ASN1_ENUMERATED_SET			 112
-#define ASN1_F_ASN1_ENUMERATED_TO_BN			 113
-#define ASN1_F_ASN1_EX_C2I				 204
-#define ASN1_F_ASN1_FIND_END				 190
-#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ			 216
-#define ASN1_F_ASN1_GENERALIZEDTIME_SET			 185
-#define ASN1_F_ASN1_GENERATE_V3				 178
-#define ASN1_F_ASN1_GET_OBJECT				 114
-#define ASN1_F_ASN1_HEADER_NEW				 115
-#define ASN1_F_ASN1_I2D_BIO				 116
-#define ASN1_F_ASN1_I2D_FP				 117
-#define ASN1_F_ASN1_INTEGER_SET				 118
-#define ASN1_F_ASN1_INTEGER_TO_BN			 119
-#define ASN1_F_ASN1_ITEM_D2I_FP				 206
-#define ASN1_F_ASN1_ITEM_DUP				 191
-#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW			 121
-#define ASN1_F_ASN1_ITEM_EX_D2I				 120
-#define ASN1_F_ASN1_ITEM_I2D_BIO			 192
-#define ASN1_F_ASN1_ITEM_I2D_FP				 193
-#define ASN1_F_ASN1_ITEM_PACK				 198
-#define ASN1_F_ASN1_ITEM_SIGN				 195
-#define ASN1_F_ASN1_ITEM_SIGN_CTX			 220
-#define ASN1_F_ASN1_ITEM_UNPACK				 199
-#define ASN1_F_ASN1_ITEM_VERIFY				 197
-#define ASN1_F_ASN1_MBSTRING_NCOPY			 122
-#define ASN1_F_ASN1_OBJECT_NEW				 123
-#define ASN1_F_ASN1_OUTPUT_DATA				 214
-#define ASN1_F_ASN1_PACK_STRING				 124
-#define ASN1_F_ASN1_PCTX_NEW				 205
-#define ASN1_F_ASN1_PKCS5_PBE_SET			 125
-#define ASN1_F_ASN1_SEQ_PACK				 126
-#define ASN1_F_ASN1_SEQ_UNPACK				 127
-#define ASN1_F_ASN1_SIGN				 128
-#define ASN1_F_ASN1_STR2TYPE				 179
-#define ASN1_F_ASN1_STRING_SET				 186
-#define ASN1_F_ASN1_STRING_TABLE_ADD			 129
-#define ASN1_F_ASN1_STRING_TYPE_NEW			 130
-#define ASN1_F_ASN1_TEMPLATE_EX_D2I			 132
-#define ASN1_F_ASN1_TEMPLATE_NEW			 133
-#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I			 131
-#define ASN1_F_ASN1_TIME_ADJ				 217
-#define ASN1_F_ASN1_TIME_SET				 175
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING		 134
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING		 135
-#define ASN1_F_ASN1_UNPACK_STRING			 136
-#define ASN1_F_ASN1_UTCTIME_ADJ				 218
-#define ASN1_F_ASN1_UTCTIME_SET				 187
-#define ASN1_F_ASN1_VERIFY				 137
-#define ASN1_F_B64_READ_ASN1				 209
-#define ASN1_F_B64_WRITE_ASN1				 210
-#define ASN1_F_BIO_NEW_NDEF				 208
-#define ASN1_F_BITSTR_CB				 180
-#define ASN1_F_BN_TO_ASN1_ENUMERATED			 138
-#define ASN1_F_BN_TO_ASN1_INTEGER			 139
-#define ASN1_F_C2I_ASN1_BIT_STRING			 189
-#define ASN1_F_C2I_ASN1_INTEGER				 194
-#define ASN1_F_C2I_ASN1_OBJECT				 196
-#define ASN1_F_COLLECT_DATA				 140
-#define ASN1_F_D2I_ASN1_BIT_STRING			 141
-#define ASN1_F_D2I_ASN1_BOOLEAN				 142
-#define ASN1_F_D2I_ASN1_BYTES				 143
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME			 144
-#define ASN1_F_D2I_ASN1_HEADER				 145
-#define ASN1_F_D2I_ASN1_INTEGER				 146
-#define ASN1_F_D2I_ASN1_OBJECT				 147
-#define ASN1_F_D2I_ASN1_SET				 148
-#define ASN1_F_D2I_ASN1_TYPE_BYTES			 149
-#define ASN1_F_D2I_ASN1_UINTEGER			 150
-#define ASN1_F_D2I_ASN1_UTCTIME				 151
-#define ASN1_F_D2I_AUTOPRIVATEKEY			 207
-#define ASN1_F_D2I_NETSCAPE_RSA				 152
-#define ASN1_F_D2I_NETSCAPE_RSA_2			 153
-#define ASN1_F_D2I_PRIVATEKEY				 154
-#define ASN1_F_D2I_PUBLICKEY				 155
-#define ASN1_F_D2I_RSA_NET				 200
-#define ASN1_F_D2I_RSA_NET_2				 201
-#define ASN1_F_D2I_X509					 156
-#define ASN1_F_D2I_X509_CINF				 157
-#define ASN1_F_D2I_X509_PKEY				 159
-#define ASN1_F_I2D_ASN1_BIO_STREAM			 211
-#define ASN1_F_I2D_ASN1_SET				 188
-#define ASN1_F_I2D_ASN1_TIME				 160
-#define ASN1_F_I2D_DSA_PUBKEY				 161
-#define ASN1_F_I2D_EC_PUBKEY				 181
-#define ASN1_F_I2D_PRIVATEKEY				 163
-#define ASN1_F_I2D_PUBLICKEY				 164
-#define ASN1_F_I2D_RSA_NET				 162
-#define ASN1_F_I2D_RSA_PUBKEY				 165
-#define ASN1_F_LONG_C2I					 166
-#define ASN1_F_OID_MODULE_INIT				 174
-#define ASN1_F_PARSE_TAGGING				 182
-#define ASN1_F_PKCS5_PBE2_SET_IV			 167
-#define ASN1_F_PKCS5_PBE_SET				 202
-#define ASN1_F_PKCS5_PBE_SET0_ALGOR			 215
-#define ASN1_F_PKCS5_PBKDF2_SET				 219
-#define ASN1_F_SMIME_READ_ASN1				 212
-#define ASN1_F_SMIME_TEXT				 213
-#define ASN1_F_X509_CINF_NEW				 168
-#define ASN1_F_X509_CRL_ADD0_REVOKED			 169
-#define ASN1_F_X509_INFO_NEW				 170
-#define ASN1_F_X509_NAME_ENCODE				 203
-#define ASN1_F_X509_NAME_EX_D2I				 158
-#define ASN1_F_X509_NAME_EX_NEW				 171
-#define ASN1_F_X509_NEW					 172
-#define ASN1_F_X509_PKEY_NEW				 173
-
-/* Reason codes. */
-#define ASN1_R_ADDING_OBJECT				 171
-#define ASN1_R_ASN1_PARSE_ERROR				 203
-#define ASN1_R_ASN1_SIG_PARSE_ERROR			 204
-#define ASN1_R_AUX_ERROR				 100
-#define ASN1_R_BAD_CLASS				 101
-#define ASN1_R_BAD_OBJECT_HEADER			 102
-#define ASN1_R_BAD_PASSWORD_READ			 103
-#define ASN1_R_BAD_TAG					 104
-#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH		 214
-#define ASN1_R_BN_LIB					 105
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 106
-#define ASN1_R_BUFFER_TOO_SMALL				 107
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER		 108
-#define ASN1_R_CONTEXT_NOT_INITIALISED			 217
-#define ASN1_R_DATA_IS_WRONG				 109
-#define ASN1_R_DECODE_ERROR				 110
-#define ASN1_R_DECODING_ERROR				 111
-#define ASN1_R_DEPTH_EXCEEDED				 174
-#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED	 198
-#define ASN1_R_ENCODE_ERROR				 112
-#define ASN1_R_ERROR_GETTING_TIME			 173
-#define ASN1_R_ERROR_LOADING_SECTION			 172
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT		 113
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS		 114
-#define ASN1_R_EXPECTING_AN_INTEGER			 115
-#define ASN1_R_EXPECTING_AN_OBJECT			 116
-#define ASN1_R_EXPECTING_A_BOOLEAN			 117
-#define ASN1_R_EXPECTING_A_TIME				 118
-#define ASN1_R_EXPLICIT_LENGTH_MISMATCH			 119
-#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED		 120
-#define ASN1_R_FIELD_MISSING				 121
-#define ASN1_R_FIRST_NUM_TOO_LARGE			 122
-#define ASN1_R_HEADER_TOO_LONG				 123
-#define ASN1_R_ILLEGAL_BITSTRING_FORMAT			 175
-#define ASN1_R_ILLEGAL_BOOLEAN				 176
-#define ASN1_R_ILLEGAL_CHARACTERS			 124
-#define ASN1_R_ILLEGAL_FORMAT				 177
-#define ASN1_R_ILLEGAL_HEX				 178
-#define ASN1_R_ILLEGAL_IMPLICIT_TAG			 179
-#define ASN1_R_ILLEGAL_INTEGER				 180
-#define ASN1_R_ILLEGAL_NESTED_TAGGING			 181
-#define ASN1_R_ILLEGAL_NULL				 125
-#define ASN1_R_ILLEGAL_NULL_VALUE			 182
-#define ASN1_R_ILLEGAL_OBJECT				 183
-#define ASN1_R_ILLEGAL_OPTIONAL_ANY			 126
-#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE		 170
-#define ASN1_R_ILLEGAL_TAGGED_ANY			 127
-#define ASN1_R_ILLEGAL_TIME_VALUE			 184
-#define ASN1_R_INTEGER_NOT_ASCII_FORMAT			 185
-#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG		 128
-#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT		 220
-#define ASN1_R_INVALID_BMPSTRING_LENGTH			 129
-#define ASN1_R_INVALID_DIGIT				 130
-#define ASN1_R_INVALID_MIME_TYPE			 205
-#define ASN1_R_INVALID_MODIFIER				 186
-#define ASN1_R_INVALID_NUMBER				 187
-#define ASN1_R_INVALID_OBJECT_ENCODING			 216
-#define ASN1_R_INVALID_SEPARATOR			 131
-#define ASN1_R_INVALID_TIME_FORMAT			 132
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH		 133
-#define ASN1_R_INVALID_UTF8STRING			 134
-#define ASN1_R_IV_TOO_LARGE				 135
-#define ASN1_R_LENGTH_ERROR				 136
-#define ASN1_R_LIST_ERROR				 188
-#define ASN1_R_MIME_NO_CONTENT_TYPE			 206
-#define ASN1_R_MIME_PARSE_ERROR				 207
-#define ASN1_R_MIME_SIG_PARSE_ERROR			 208
-#define ASN1_R_MISSING_EOC				 137
-#define ASN1_R_MISSING_SECOND_NUMBER			 138
-#define ASN1_R_MISSING_VALUE				 189
-#define ASN1_R_MSTRING_NOT_UNIVERSAL			 139
-#define ASN1_R_MSTRING_WRONG_TAG			 140
-#define ASN1_R_NESTED_ASN1_STRING			 197
-#define ASN1_R_NON_HEX_CHARACTERS			 141
-#define ASN1_R_NOT_ASCII_FORMAT				 190
-#define ASN1_R_NOT_ENOUGH_DATA				 142
-#define ASN1_R_NO_CONTENT_TYPE				 209
-#define ASN1_R_NO_DEFAULT_DIGEST			 201
-#define ASN1_R_NO_MATCHING_CHOICE_TYPE			 143
-#define ASN1_R_NO_MULTIPART_BODY_FAILURE		 210
-#define ASN1_R_NO_MULTIPART_BOUNDARY			 211
-#define ASN1_R_NO_SIG_CONTENT_TYPE			 212
-#define ASN1_R_NULL_IS_WRONG_LENGTH			 144
-#define ASN1_R_OBJECT_NOT_ASCII_FORMAT			 191
-#define ASN1_R_ODD_NUMBER_OF_CHARS			 145
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING		 146
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE			 147
-#define ASN1_R_SEQUENCE_LENGTH_MISMATCH			 148
-#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED			 149
-#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG		 192
-#define ASN1_R_SHORT_LINE				 150
-#define ASN1_R_SIG_INVALID_MIME_TYPE			 213
-#define ASN1_R_STREAMING_NOT_SUPPORTED			 202
-#define ASN1_R_STRING_TOO_LONG				 151
-#define ASN1_R_STRING_TOO_SHORT				 152
-#define ASN1_R_TAG_VALUE_TOO_HIGH			 153
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
-#define ASN1_R_TIME_NOT_ASCII_FORMAT			 193
-#define ASN1_R_TOO_LONG					 155
-#define ASN1_R_TYPE_NOT_CONSTRUCTED			 156
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 158
-#define ASN1_R_UNEXPECTED_EOC				 159
-#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH		 215
-#define ASN1_R_UNKNOWN_FORMAT				 160
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161
-#define ASN1_R_UNKNOWN_OBJECT_TYPE			 162
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE			 163
-#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM		 199
-#define ASN1_R_UNKNOWN_TAG				 194
-#define ASN1_R_UNKOWN_FORMAT				 195
-#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE		 164
-#define ASN1_R_UNSUPPORTED_CIPHER			 165
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM		 166
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE		 167
-#define ASN1_R_UNSUPPORTED_TYPE				 196
-#define ASN1_R_WRONG_PUBLIC_KEY_TYPE			 200
-#define ASN1_R_WRONG_TAG				 168
-#define ASN1_R_WRONG_TYPE				 169
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/asn1/asn1_err.c b/lib/libssl/src/crypto/asn1/asn1_err.c
deleted file mode 100644
index 8fd5cf67656..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,333 +0,0 @@
-/* $OpenBSD: asn1_err.c,v 1.19 2015/02/15 14:35:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/asn1.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
-
-static ERR_STRING_DATA ASN1_str_functs[] = {
-	{ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
-	{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
-	{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
-	{ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
-	{ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"},
-	{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
-	{ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"},
-	{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
-	{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
-	{ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
-	{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
-	{ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
-	{ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"},
-	{ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
-	{ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
-	{ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
-	{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
-	{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
-	{ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
-	{ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
-	{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
-	{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
-	{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
-	{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
-	{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
-	{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
-	{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
-	{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
-	{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
-	{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
-	{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
-	{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
-	{ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
-	{ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
-	{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
-	{ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
-	{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
-	{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
-	{ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
-	{ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
-	{ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
-	{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
-	{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
-	{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
-	{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
-	{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
-	{ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
-	{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
-	{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
-	{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
-	{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
-	{ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
-	{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
-	{ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
-	{ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
-	{ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
-	{ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
-	{ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
-	{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
-	{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
-	{ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
-	{ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
-	{ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
-	{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
-	{ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
-	{ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
-	{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
-	{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
-	{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
-	{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
-	{ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"},
-	{ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"},
-	{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
-	{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
-	{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
-	{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
-	{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
-	{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
-	{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
-	{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
-	{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
-	{ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
-	{ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"},
-	{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
-	{ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
-	{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
-	{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
-	{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
-	{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
-	{ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
-	{ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
-	{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
-	{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
-	{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
-	{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
-	{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
-	{ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
-	{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
-	{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
-	{ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
-	{ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA ASN1_str_reasons[] = {
-	{ERR_REASON(ASN1_R_ADDING_OBJECT)        , "adding object"},
-	{ERR_REASON(ASN1_R_ASN1_PARSE_ERROR)     , "asn1 parse error"},
-	{ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) , "asn1 sig parse error"},
-	{ERR_REASON(ASN1_R_AUX_ERROR)            , "aux error"},
-	{ERR_REASON(ASN1_R_BAD_CLASS)            , "bad class"},
-	{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    , "bad object header"},
-	{ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    , "bad password read"},
-	{ERR_REASON(ASN1_R_BAD_TAG)              , "bad tag"},
-	{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"},
-	{ERR_REASON(ASN1_R_BN_LIB)               , "bn lib"},
-	{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
-	{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL)     , "buffer too small"},
-	{ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"},
-	{ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
-	{ERR_REASON(ASN1_R_DATA_IS_WRONG)        , "data is wrong"},
-	{ERR_REASON(ASN1_R_DECODE_ERROR)         , "decode error"},
-	{ERR_REASON(ASN1_R_DECODING_ERROR)       , "decoding error"},
-	{ERR_REASON(ASN1_R_DEPTH_EXCEEDED)       , "depth exceeded"},
-	{ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "digest and key type not supported"},
-	{ERR_REASON(ASN1_R_ENCODE_ERROR)         , "encode error"},
-	{ERR_REASON(ASN1_R_ERROR_GETTING_TIME)   , "error getting time"},
-	{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
-	{ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT), "error parsing set element"},
-	{ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS), "error setting cipher params"},
-	{ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) , "expecting an integer"},
-	{ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT)  , "expecting an object"},
-	{ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN)  , "expecting a boolean"},
-	{ERR_REASON(ASN1_R_EXPECTING_A_TIME)     , "expecting a time"},
-	{ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
-	{ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), "explicit tag not constructed"},
-	{ERR_REASON(ASN1_R_FIELD_MISSING)        , "field missing"},
-	{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE)  , "first num too large"},
-	{ERR_REASON(ASN1_R_HEADER_TOO_LONG)      , "header too long"},
-	{ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"},
-	{ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN)      , "illegal boolean"},
-	{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS)   , "illegal characters"},
-	{ERR_REASON(ASN1_R_ILLEGAL_FORMAT)       , "illegal format"},
-	{ERR_REASON(ASN1_R_ILLEGAL_HEX)          , "illegal hex"},
-	{ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) , "illegal implicit tag"},
-	{ERR_REASON(ASN1_R_ILLEGAL_INTEGER)      , "illegal integer"},
-	{ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"},
-	{ERR_REASON(ASN1_R_ILLEGAL_NULL)         , "illegal null"},
-	{ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE)   , "illegal null value"},
-	{ERR_REASON(ASN1_R_ILLEGAL_OBJECT)       , "illegal object"},
-	{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) , "illegal optional any"},
-	{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), "illegal options on item template"},
-	{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY)   , "illegal tagged any"},
-	{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE)   , "illegal time value"},
-	{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
-	{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), "integer too large for long"},
-	{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT), "invalid bit string bits left"},
-	{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"},
-	{ERR_REASON(ASN1_R_INVALID_DIGIT)        , "invalid digit"},
-	{ERR_REASON(ASN1_R_INVALID_MIME_TYPE)    , "invalid mime type"},
-	{ERR_REASON(ASN1_R_INVALID_MODIFIER)     , "invalid modifier"},
-	{ERR_REASON(ASN1_R_INVALID_NUMBER)       , "invalid number"},
-	{ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"},
-	{ERR_REASON(ASN1_R_INVALID_SEPARATOR)    , "invalid separator"},
-	{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT)  , "invalid time format"},
-	{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), "invalid universalstring length"},
-	{ERR_REASON(ASN1_R_INVALID_UTF8STRING)   , "invalid utf8string"},
-	{ERR_REASON(ASN1_R_IV_TOO_LARGE)         , "iv too large"},
-	{ERR_REASON(ASN1_R_LENGTH_ERROR)         , "length error"},
-	{ERR_REASON(ASN1_R_LIST_ERROR)           , "list error"},
-	{ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) , "mime no content type"},
-	{ERR_REASON(ASN1_R_MIME_PARSE_ERROR)     , "mime parse error"},
-	{ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) , "mime sig parse error"},
-	{ERR_REASON(ASN1_R_MISSING_EOC)          , "missing eoc"},
-	{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"},
-	{ERR_REASON(ASN1_R_MISSING_VALUE)        , "missing value"},
-	{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
-	{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG)    , "mstring wrong tag"},
-	{ERR_REASON(ASN1_R_NESTED_ASN1_STRING)   , "nested asn1 string"},
-	{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS)   , "non hex characters"},
-	{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT)     , "not ascii format"},
-	{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA)      , "not enough data"},
-	{ERR_REASON(ASN1_R_NO_CONTENT_TYPE)      , "no content type"},
-	{ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST)    , "no default digest"},
-	{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
-	{ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"},
-	{ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
-	{ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE)  , "no sig content type"},
-	{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) , "null is wrong length"},
-	{ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
-	{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS)  , "odd number of chars"},
-	{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING), "private key header missing"},
-	{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
-	{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
-	{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
-	{ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), "sequence or set needs config"},
-	{ERR_REASON(ASN1_R_SHORT_LINE)           , "short line"},
-	{ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
-	{ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
-	{ERR_REASON(ASN1_R_STRING_TOO_LONG)      , "string too long"},
-	{ERR_REASON(ASN1_R_STRING_TOO_SHORT)     , "string too short"},
-	{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH)   , "tag value too high"},
-	{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"},
-	{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
-	{ERR_REASON(ASN1_R_TOO_LONG)             , "too long"},
-	{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) , "type not constructed"},
-	{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
-	{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY), "unable to decode rsa private key"},
-	{ERR_REASON(ASN1_R_UNEXPECTED_EOC)       , "unexpected eoc"},
-	{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "universalstring is wrong length"},
-	{ERR_REASON(ASN1_R_UNKNOWN_FORMAT)       , "unknown format"},
-	{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "unknown message digest algorithm"},
-	{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE)  , "unknown object type"},
-	{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
-	{ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), "unknown signature algorithm"},
-	{ERR_REASON(ASN1_R_UNKNOWN_TAG)          , "unknown tag"},
-	{ERR_REASON(ASN1_R_UNKOWN_FORMAT)        , "unknown format"},
-	{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), "unsupported any defined by type"},
-	{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER)   , "unsupported cipher"},
-	{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), "unsupported encryption algorithm"},
-	{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "unsupported public key type"},
-	{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE)     , "unsupported type"},
-	{ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
-	{ERR_REASON(ASN1_R_WRONG_TAG)            , "wrong tag"},
-	{ERR_REASON(ASN1_R_WRONG_TYPE)           , "wrong type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ASN1_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, ASN1_str_functs);
-		ERR_load_strings(0, ASN1_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/asn1/asn1_gen.c b/lib/libssl/src/crypto/asn1/asn1_gen.c
deleted file mode 100644
index e899337b6fd..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_gen.c
+++ /dev/null
@@ -1,811 +0,0 @@
-/* $OpenBSD: asn1_gen.c,v 1.15 2015/12/12 21:03:52 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-#define ASN1_GEN_FLAG		0x10000
-#define ASN1_GEN_FLAG_IMP	(ASN1_GEN_FLAG|1)
-#define ASN1_GEN_FLAG_EXP	(ASN1_GEN_FLAG|2)
-#define ASN1_GEN_FLAG_TAG	(ASN1_GEN_FLAG|3)
-#define ASN1_GEN_FLAG_BITWRAP	(ASN1_GEN_FLAG|4)
-#define ASN1_GEN_FLAG_OCTWRAP	(ASN1_GEN_FLAG|5)
-#define ASN1_GEN_FLAG_SEQWRAP	(ASN1_GEN_FLAG|6)
-#define ASN1_GEN_FLAG_SETWRAP	(ASN1_GEN_FLAG|7)
-#define ASN1_GEN_FLAG_FORMAT	(ASN1_GEN_FLAG|8)
-
-#define ASN1_GEN_STR(str,val){str, sizeof(str) - 1, val}
-
-#define ASN1_FLAG_EXP_MAX	20
-
-/* Input formats */
-
-/* ASCII: default */
-#define ASN1_GEN_FORMAT_ASCII	1
-/* UTF8 */
-#define ASN1_GEN_FORMAT_UTF8	2
-/* Hex */
-#define ASN1_GEN_FORMAT_HEX	3
-/* List of bits */
-#define ASN1_GEN_FORMAT_BITLIST	4
-
-struct tag_name_st {
-	const char *strnam;
-	int len;
-	int tag;
-};
-
-typedef struct {
-	int exp_tag;
-	int exp_class;
-	int exp_constructed;
-	int exp_pad;
-	long exp_len;
-} tag_exp_type;
-
-typedef struct {
-	int imp_tag;
-	int imp_class;
-	int utype;
-	int format;
-	const char *str;
-	tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
-	int exp_count;
-} tag_exp_arg;
-
-static int bitstr_cb(const char *elem, int len, void *bitstr);
-static int asn1_cb(const char *elem, int len, void *bitstr);
-static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
-    int exp_constructed, int exp_pad, int imp_ok);
-static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass);
-static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf);
-static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
-static int asn1_str2tag(const char *tagstr, int len);
-
-ASN1_TYPE *
-ASN1_generate_nconf(char *str, CONF *nconf)
-{
-	X509V3_CTX cnf;
-
-	if (!nconf)
-		return ASN1_generate_v3(str, NULL);
-
-	X509V3_set_nconf(&cnf, nconf);
-	return ASN1_generate_v3(str, &cnf);
-}
-
-ASN1_TYPE *
-ASN1_generate_v3(char *str, X509V3_CTX *cnf)
-{
-	ASN1_TYPE *ret;
-	tag_exp_arg asn1_tags;
-	tag_exp_type *etmp;
-
-	int i, len;
-
-	unsigned char *orig_der = NULL, *new_der = NULL;
-	const unsigned char *cpy_start;
-	unsigned char *p;
-	const unsigned char *cp;
-	int cpy_len;
-	long hdr_len = 0;
-	int hdr_constructed = 0, hdr_tag, hdr_class;
-	int r;
-
-	asn1_tags.imp_tag = -1;
-	asn1_tags.imp_class = -1;
-	asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
-	asn1_tags.exp_count = 0;
-	if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
-		return NULL;
-
-	if ((asn1_tags.utype == V_ASN1_SEQUENCE) ||
-	    (asn1_tags.utype == V_ASN1_SET)) {
-		if (!cnf) {
-			ASN1err(ASN1_F_ASN1_GENERATE_V3,
-			    ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
-			return NULL;
-		}
-		ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf);
-	} else
-		ret = asn1_str2type(asn1_tags.str, asn1_tags.format,
-		    asn1_tags.utype);
-
-	if (!ret)
-		return NULL;
-
-	/* If no tagging return base type */
-	if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
-		return ret;
-
-	/* Generate the encoding */
-	cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
-	ASN1_TYPE_free(ret);
-	ret = NULL;
-	/* Set point to start copying for modified encoding */
-	cpy_start = orig_der;
-
-	/* Do we need IMPLICIT tagging? */
-	if (asn1_tags.imp_tag != -1) {
-		/* If IMPLICIT we will replace the underlying tag */
-		/* Skip existing tag+len */
-		r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag,
-		    &hdr_class, cpy_len);
-		if (r & 0x80)
-			goto err;
-		/* Update copy length */
-		cpy_len -= cpy_start - orig_der;
-		/* For IMPLICIT tagging the length should match the
-		 * original length and constructed flag should be
-		 * consistent.
-		 */
-		if (r & 0x1) {
-			/* Indefinite length constructed */
-			hdr_constructed = 2;
-			hdr_len = 0;
-		} else
-			/* Just retain constructed flag */
-			hdr_constructed = r & V_ASN1_CONSTRUCTED;
-		/* Work out new length with IMPLICIT tag: ignore constructed
-		 * because it will mess up if indefinite length
-		 */
-		len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
-	} else
-		len = cpy_len;
-
-	/* Work out length in any EXPLICIT, starting from end */
-
-	for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;
-	    i < asn1_tags.exp_count; i++, etmp--) {
-		/* Content length: number of content octets + any padding */
-		len += etmp->exp_pad;
-		etmp->exp_len = len;
-		/* Total object length: length including new header */
-		len = ASN1_object_size(0, len, etmp->exp_tag);
-	}
-
-	/* Allocate buffer for new encoding */
-
-	new_der = malloc(len);
-	if (!new_der)
-		goto err;
-
-	/* Generate tagged encoding */
-	p = new_der;
-
-	/* Output explicit tags first */
-	for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;
-	    i++, etmp++) {
-		ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
-		    etmp->exp_tag, etmp->exp_class);
-		if (etmp->exp_pad)
-			*p++ = 0;
-	}
-
-	/* If IMPLICIT, output tag */
-
-	if (asn1_tags.imp_tag != -1) {
-		if (asn1_tags.imp_class == V_ASN1_UNIVERSAL &&
-		    (asn1_tags.imp_tag == V_ASN1_SEQUENCE ||
-		    asn1_tags.imp_tag == V_ASN1_SET))
-			hdr_constructed = V_ASN1_CONSTRUCTED;
-		ASN1_put_object(&p, hdr_constructed, hdr_len,
-		    asn1_tags.imp_tag, asn1_tags.imp_class);
-	}
-
-	/* Copy across original encoding */
-	memcpy(p, cpy_start, cpy_len);
-
-	cp = new_der;
-
-	/* Obtain new ASN1_TYPE structure */
-	ret = d2i_ASN1_TYPE(NULL, &cp, len);
-
-err:
-	free(orig_der);
-	free(new_der);
-
-	return ret;
-}
-
-static int
-asn1_cb(const char *elem, int len, void *bitstr)
-{
-	tag_exp_arg *arg = bitstr;
-	int i;
-	int utype;
-	int vlen = 0;
-	const char *p, *vstart = NULL;
-
-	int tmp_tag, tmp_class;
-
-	for (i = 0, p = elem; i < len; p++, i++) {
-		/* Look for the ':' in name value pairs */
-		if (*p == ':') {
-			vstart = p + 1;
-			vlen = len - (vstart - elem);
-			len = p - elem;
-			break;
-		}
-	}
-
-	utype = asn1_str2tag(elem, len);
-
-	if (utype == -1) {
-		ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
-		ERR_asprintf_error_data("tag=%s", elem);
-		return -1;
-	}
-
-	/* If this is not a modifier mark end of string and exit */
-	if (!(utype & ASN1_GEN_FLAG)) {
-		arg->utype = utype;
-		arg->str = vstart;
-		/* If no value and not end of string, error */
-		if (!vstart && elem[len]) {
-			ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
-			return -1;
-		}
-		return 0;
-	}
-
-	switch (utype) {
-
-	case ASN1_GEN_FLAG_IMP:
-		/* Check for illegal multiple IMPLICIT tagging */
-		if (arg->imp_tag != -1) {
-			ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
-			return -1;
-		}
-		if (!parse_tagging(vstart, vlen, &arg->imp_tag,
-		    &arg->imp_class))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_EXP:
-		if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
-			return -1;
-		if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_SEQWRAP:
-		if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_SETWRAP:
-		if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_BITWRAP:
-		if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_OCTWRAP:
-		if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
-			return -1;
-		break;
-
-	case ASN1_GEN_FLAG_FORMAT:
-		if (vstart == NULL) {
-			ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_FORMAT);
-			return -1;
-		}
-		if (!strncmp(vstart, "ASCII", 5))
-			arg->format = ASN1_GEN_FORMAT_ASCII;
-		else if (!strncmp(vstart, "UTF8", 4))
-			arg->format = ASN1_GEN_FORMAT_UTF8;
-		else if (!strncmp(vstart, "HEX", 3))
-			arg->format = ASN1_GEN_FORMAT_HEX;
-		else if (!strncmp(vstart, "BITLIST", 7))
-			arg->format = ASN1_GEN_FORMAT_BITLIST;
-		else {
-			ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
-			return -1;
-		}
-		break;
-
-	}
-
-	return 1;
-}
-
-static int
-parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
-{
-	long tag_num;
-	char *eptr;
-
-	if (!vstart)
-		return 0;
-	tag_num = strtoul(vstart, &eptr, 10);
-	/* Check we haven't gone past max length: should be impossible */
-	if (eptr && *eptr && (eptr > vstart + vlen))
-		return 0;
-	if (tag_num < 0) {
-		ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
-		return 0;
-	}
-	*ptag = tag_num;
-	/* If we have non numeric characters, parse them */
-	if (eptr)
-		vlen -= eptr - vstart;
-	else
-		vlen = 0;
-	if (vlen) {
-		switch (*eptr) {
-
-		case 'U':
-			*pclass = V_ASN1_UNIVERSAL;
-			break;
-
-		case 'A':
-			*pclass = V_ASN1_APPLICATION;
-			break;
-
-		case 'P':
-			*pclass = V_ASN1_PRIVATE;
-			break;
-
-		case 'C':
-			*pclass = V_ASN1_CONTEXT_SPECIFIC;
-			break;
-
-		default:
-			ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
-			ERR_asprintf_error_data("Char=%c", *eptr);
-			return 0;
-			break;
-
-		}
-	} else
-		*pclass = V_ASN1_CONTEXT_SPECIFIC;
-
-	return 1;
-
-}
-
-/* Handle multiple types: SET and SEQUENCE */
-
-static ASN1_TYPE *
-asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
-{
-	ASN1_TYPE *ret = NULL;
-	STACK_OF(ASN1_TYPE) *sk = NULL;
-	STACK_OF(CONF_VALUE) *sect = NULL;
-	unsigned char *der = NULL;
-	int derlen;
-	int i;
-	sk = sk_ASN1_TYPE_new_null();
-	if (!sk)
-		goto bad;
-	if (section) {
-		if (!cnf)
-			goto bad;
-		sect = X509V3_get_section(cnf, (char *)section);
-		if (!sect)
-			goto bad;
-		for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
-			ASN1_TYPE *typ = ASN1_generate_v3(
-			    sk_CONF_VALUE_value(sect, i)->value, cnf);
-			if (!typ)
-				goto bad;
-			if (!sk_ASN1_TYPE_push(sk, typ))
-				goto bad;
-		}
-	}
-
-	/* Now we has a STACK of the components, convert to the correct form */
-
-	if (utype == V_ASN1_SET)
-		derlen = i2d_ASN1_SET_ANY(sk, &der);
-	else
-		derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
-
-	if (derlen < 0)
-		goto bad;
-
-	if (!(ret = ASN1_TYPE_new()))
-		goto bad;
-
-	if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
-		goto bad;
-
-	ret->type = utype;
-
-	ret->value.asn1_string->data = der;
-	ret->value.asn1_string->length = derlen;
-
-	der = NULL;
-
-bad:
-	free(der);
-	if (sk)
-		sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
-	if (sect)
-		X509V3_section_free(cnf, sect);
-
-	return ret;
-}
-
-static int
-append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_constructed,
-    int exp_pad, int imp_ok)
-{
-	tag_exp_type *exp_tmp;
-
-	/* Can only have IMPLICIT if permitted */
-	if ((arg->imp_tag != -1) && !imp_ok) {
-		ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
-		return 0;
-	}
-
-	if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
-		ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
-		return 0;
-	}
-
-	exp_tmp = &arg->exp_list[arg->exp_count++];
-
-	/* If IMPLICIT set tag to implicit value then
-	 * reset implicit tag since it has been used.
-	 */
-	if (arg->imp_tag != -1) {
-		exp_tmp->exp_tag = arg->imp_tag;
-		exp_tmp->exp_class = arg->imp_class;
-		arg->imp_tag = -1;
-		arg->imp_class = -1;
-	} else {
-		exp_tmp->exp_tag = exp_tag;
-		exp_tmp->exp_class = exp_class;
-	}
-	exp_tmp->exp_constructed = exp_constructed;
-	exp_tmp->exp_pad = exp_pad;
-
-	return 1;
-}
-
-static int
-asn1_str2tag(const char *tagstr, int len)
-{
-	unsigned int i;
-	static const struct tag_name_st *tntmp, tnst [] = {
-		ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
-		ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
-		ASN1_GEN_STR("NULL", V_ASN1_NULL),
-		ASN1_GEN_STR("INT", V_ASN1_INTEGER),
-		ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
-		ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
-		ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
-		ASN1_GEN_STR("OID", V_ASN1_OBJECT),
-		ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
-		ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
-		ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
-		ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
-		ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
-		ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
-		ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
-		ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
-		ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
-		ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
-		ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
-		ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
-		ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
-		ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
-		ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
-		ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
-		ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
-		ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
-		ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
-		ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
-		ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
-		ASN1_GEN_STR("T61", V_ASN1_T61STRING),
-		ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
-		ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
-		ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
-		ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
-		ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
-		ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
-
-		/* Special cases */
-		ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
-		ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
-		ASN1_GEN_STR("SET", V_ASN1_SET),
-		/* type modifiers */
-		/* Explicit tag */
-		ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
-		ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
-		/* Implicit tag */
-		ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
-		ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
-		/* OCTET STRING wrapper */
-		ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
-		/* SEQUENCE wrapper */
-		ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
-		/* SET wrapper */
-		ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
-		/* BIT STRING wrapper */
-		ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
-		ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
-		ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
-	};
-
-	if (len == -1)
-		len = strlen(tagstr);
-
-	tntmp = tnst;
-	for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st);
-	    i++, tntmp++) {
-		if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
-			return tntmp->tag;
-	}
-
-	return -1;
-}
-
-static ASN1_TYPE *
-asn1_str2type(const char *str, int format, int utype)
-{
-	ASN1_TYPE *atmp = NULL;
-	CONF_VALUE vtmp;
-	unsigned char *rdata;
-	long rdlen;
-	int no_unused = 1;
-
-	if (!(atmp = ASN1_TYPE_new())) {
-		ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (!str)
-		str = "";
-
-	switch (utype) {
-
-	case V_ASN1_NULL:
-		if (str && *str) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_ILLEGAL_NULL_VALUE);
-			goto bad_form;
-		}
-		break;
-
-	case V_ASN1_BOOLEAN:
-		if (format != ASN1_GEN_FORMAT_ASCII) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
-			goto bad_form;
-		}
-		vtmp.name = NULL;
-		vtmp.section = NULL;
-		vtmp.value = (char *)str;
-		if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
-			goto bad_str;
-		}
-		break;
-
-	case V_ASN1_INTEGER:
-	case V_ASN1_ENUMERATED:
-		if (format != ASN1_GEN_FORMAT_ASCII) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_INTEGER_NOT_ASCII_FORMAT);
-			goto bad_form;
-		}
-		if (!(atmp->value.integer =
-		    s2i_ASN1_INTEGER(NULL, (char *)str))) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
-			goto bad_str;
-		}
-		break;
-
-	case V_ASN1_OBJECT:
-		if (format != ASN1_GEN_FORMAT_ASCII) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_OBJECT_NOT_ASCII_FORMAT);
-			goto bad_form;
-		}
-		if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
-			goto bad_str;
-		}
-		break;
-
-	case V_ASN1_UTCTIME:
-	case V_ASN1_GENERALIZEDTIME:
-		if (format != ASN1_GEN_FORMAT_ASCII) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_TIME_NOT_ASCII_FORMAT);
-			goto bad_form;
-		}
-		if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-			goto bad_str;
-		}
-		if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-			goto bad_str;
-		}
-		atmp->value.asn1_string->type = utype;
-		if (!ASN1_TIME_check(atmp->value.asn1_string)) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_ILLEGAL_TIME_VALUE);
-			goto bad_str;
-		}
-		break;
-
-	case V_ASN1_BMPSTRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_IA5STRING:
-	case V_ASN1_T61STRING:
-	case V_ASN1_UTF8STRING:
-	case V_ASN1_VISIBLESTRING:
-	case V_ASN1_UNIVERSALSTRING:
-	case V_ASN1_GENERALSTRING:
-	case V_ASN1_NUMERICSTRING:
-
-		if (format == ASN1_GEN_FORMAT_ASCII)
-			format = MBSTRING_ASC;
-		else if (format == ASN1_GEN_FORMAT_UTF8)
-			format = MBSTRING_UTF8;
-		else {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
-			goto bad_form;
-		}
-
-		if (ASN1_mbstring_copy(&atmp->value.asn1_string,
-		    (unsigned char *)str, -1, format,
-		    ASN1_tag2bit(utype)) <= 0) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-			goto bad_str;
-		}
-		break;
-
-	case V_ASN1_BIT_STRING:
-	case V_ASN1_OCTET_STRING:
-		if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
-			ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
-			goto bad_form;
-		}
-
-		if (format == ASN1_GEN_FORMAT_HEX) {
-
-			if (!(rdata = string_to_hex((char *)str, &rdlen))) {
-				ASN1err(ASN1_F_ASN1_STR2TYPE,
-				    ASN1_R_ILLEGAL_HEX);
-				goto bad_str;
-			}
-
-			atmp->value.asn1_string->data = rdata;
-			atmp->value.asn1_string->length = rdlen;
-			atmp->value.asn1_string->type = utype;
-
-		} else if (format == ASN1_GEN_FORMAT_ASCII) {
-			if (ASN1_STRING_set(atmp->value.asn1_string, str,
-			    -1) == 0) {
-				ASN1err(ASN1_F_ASN1_STR2TYPE,
-				    ERR_R_MALLOC_FAILURE);
-				goto bad_str;
-			}
-		} else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
-		    (utype == V_ASN1_BIT_STRING)) {
-			if (!CONF_parse_list(str, ',', 1, bitstr_cb,
-			    atmp->value.bit_string)) {
-				ASN1err(ASN1_F_ASN1_STR2TYPE,
-				    ASN1_R_LIST_ERROR);
-				goto bad_str;
-			}
-			no_unused = 0;
-
-		} else {
-			ASN1err(ASN1_F_ASN1_STR2TYPE,
-			    ASN1_R_ILLEGAL_BITSTRING_FORMAT);
-			goto bad_form;
-		}
-
-		if ((utype == V_ASN1_BIT_STRING) && no_unused) {
-			atmp->value.asn1_string->flags &=
-			    ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-			atmp->value.asn1_string->flags |=
-			    ASN1_STRING_FLAG_BITS_LEFT;
-		}
-
-		break;
-
-	default:
-		ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
-		goto bad_str;
-		break;
-	}
-
-	atmp->type = utype;
-	return atmp;
-
-bad_str:
-	ERR_asprintf_error_data("string=%s", str);
-bad_form:
-	ASN1_TYPE_free(atmp);
-	return NULL;
-}
-
-static int
-bitstr_cb(const char *elem, int len, void *bitstr)
-{
-	long bitnum;
-	char *eptr;
-
-	if (!elem)
-		return 0;
-	bitnum = strtoul(elem, &eptr, 10);
-	if (eptr && *eptr && (eptr != elem + len))
-		return 0;
-	if (bitnum < 0) {
-		ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
-		return 0;
-	}
-	if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
-		ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/asn1_lib.c b/lib/libssl/src/crypto/asn1/asn1_lib.c
deleted file mode 100644
index 444a34c0725..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,490 +0,0 @@
-/* $OpenBSD: asn1_lib.c,v 1.37 2016/03/06 18:05:00 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max);
-static void asn1_put_length(unsigned char **pp, int length);
-
-static int
-_asn1_check_infinite_end(const unsigned char **p, long len)
-{
-	/* If there is 0 or 1 byte left, the length check should pick
-	 * things up */
-	if (len <= 0)
-		return (1);
-	else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
-		(*p) += 2;
-		return (1);
-	}
-	return (0);
-}
-
-int
-ASN1_check_infinite_end(unsigned char **p, long len)
-{
-	return _asn1_check_infinite_end((const unsigned char **)p, len);
-}
-
-int
-ASN1_const_check_infinite_end(const unsigned char **p, long len)
-{
-	return _asn1_check_infinite_end(p, len);
-}
-
-int
-ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
-    int *pclass, long omax)
-{
-	int i, ret;
-	long l;
-	const unsigned char *p= *pp;
-	int tag, xclass, inf;
-	long max = omax;
-
-	if (!max)
-		goto err;
-	ret = (*p & V_ASN1_CONSTRUCTED);
-	xclass = (*p & V_ASN1_PRIVATE);
-	i= *p & V_ASN1_PRIMITIVE_TAG;
-	if (i == V_ASN1_PRIMITIVE_TAG) {		/* high-tag */
-		p++;
-		if (--max == 0)
-			goto err;
-		l = 0;
-		while (*p & 0x80) {
-			l <<= 7L;
-			l |= *(p++) & 0x7f;
-			if (--max == 0)
-				goto err;
-			if (l > (INT_MAX >> 7L))
-				goto err;
-		}
-		l <<= 7L;
-		l |= *(p++) & 0x7f;
-		tag = (int)l;
-		if (--max == 0)
-			goto err;
-	} else {
-		tag = i;
-		p++;
-		if (--max == 0)
-			goto err;
-	}
-	*ptag = tag;
-	*pclass = xclass;
-	if (!asn1_get_length(&p, &inf, plength, (int)max))
-		goto err;
-
-	if (inf && !(ret & V_ASN1_CONSTRUCTED))
-		goto err;
-
-	if (*plength > (omax - (p - *pp))) {
-		ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
-		/* Set this so that even if things are not long enough
-		 * the values are set correctly */
-		ret |= 0x80;
-	}
-	*pp = p;
-	return (ret | inf);
-
-err:
-	ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
-	return (0x80);
-}
-
-static int
-asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max)
-{
-	const unsigned char *p= *pp;
-	unsigned long ret = 0;
-	unsigned int i;
-
-	if (max-- < 1)
-		return (0);
-	if (*p == 0x80) {
-		*inf = 1;
-		ret = 0;
-		p++;
-	} else {
-		*inf = 0;
-		i= *p & 0x7f;
-		if (*(p++) & 0x80) {
-			if (max < (int)i)
-				return (0);
-			/* skip leading zeroes */
-			while (i && *p == 0) {
-				p++;
-				i--;
-			}
-			if (i > sizeof(long))
-				return 0;
-			while (i-- > 0) {
-				ret <<= 8L;
-				ret |= *(p++);
-			}
-		} else
-			ret = i;
-	}
-	if (ret > LONG_MAX)
-		return 0;
-	*pp = p;
-	*rl = (long)ret;
-	return (1);
-}
-
-/* class 0 is constructed
- * constructed == 2 for indefinite length constructed */
-void
-ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
-    int xclass)
-{
-	unsigned char *p= *pp;
-	int i, ttag;
-
-	i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
-	i |= (xclass & V_ASN1_PRIVATE);
-	if (tag < 31)
-		*(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
-	else {
-		*(p++) = i | V_ASN1_PRIMITIVE_TAG;
-		for(i = 0, ttag = tag; ttag > 0; i++)
-			ttag >>= 7;
-		ttag = i;
-		while (i-- > 0) {
-			p[i] = tag & 0x7f;
-			if (i != (ttag - 1))
-				p[i] |= 0x80;
-			tag >>= 7;
-		}
-		p += ttag;
-	}
-	if (constructed == 2)
-		*(p++) = 0x80;
-	else
-		asn1_put_length(&p, length);
-	*pp = p;
-}
-
-int
-ASN1_put_eoc(unsigned char **pp)
-{
-	unsigned char *p = *pp;
-
-	*p++ = 0;
-	*p++ = 0;
-	*pp = p;
-	return 2;
-}
-
-static void
-asn1_put_length(unsigned char **pp, int length)
-{
-	unsigned char *p= *pp;
-
-	int i, l;
-	if (length <= 127)
-		*(p++) = (unsigned char)length;
-	else {
-		l = length;
-		for (i = 0; l > 0; i++)
-			l >>= 8;
-		*(p++) = i | 0x80;
-		l = i;
-		while (i-- > 0) {
-			p[i] = length & 0xff;
-			length >>= 8;
-		}
-		p += l;
-	}
-	*pp = p;
-}
-
-int
-ASN1_object_size(int constructed, int length, int tag)
-{
-	int ret;
-
-	ret = length;
-	ret++;
-	if (tag >= 31) {
-		while (tag > 0) {
-			tag >>= 7;
-			ret++;
-		}
-	}
-	if (constructed == 2)
-		return ret + 3;
-	ret++;
-	if (length > 127) {
-		while (length > 0) {
-			length >>= 8;
-			ret++;
-		}
-	}
-	return (ret);
-}
-
-static int
-_asn1_Finish(ASN1_const_CTX *c)
-{
-	if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) {
-		if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
-			c->error = ERR_R_MISSING_ASN1_EOS;
-			return (0);
-		}
-	}
-	if (((c->slen != 0) && !(c->inf & 1)) ||
-	    ((c->slen < 0) && (c->inf & 1))) {
-		c->error = ERR_R_ASN1_LENGTH_MISMATCH;
-		return (0);
-	}
-	return (1);
-}
-
-int
-asn1_Finish(ASN1_CTX *c)
-{
-	return _asn1_Finish((ASN1_const_CTX *)c);
-}
-
-int
-asn1_const_Finish(ASN1_const_CTX *c)
-{
-	return _asn1_Finish(c);
-}
-
-int
-asn1_GetSequence(ASN1_const_CTX *c, long *length)
-{
-	const unsigned char *q;
-
-	q = c->p;
-	c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
-	    *length);
-	if (c->inf & 0x80) {
-		c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
-		return (0);
-	}
-	if (c->tag != V_ASN1_SEQUENCE) {
-		c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
-		return (0);
-	}
-	(*length) -= (c->p - q);
-	if (c->max && (*length < 0)) {
-		c->error = ERR_R_ASN1_LENGTH_MISMATCH;
-		return (0);
-	}
-	if (c->inf == (1|V_ASN1_CONSTRUCTED))
-		c->slen= *length+ *(c->pp) - c->p;
-	c->eos = 0;
-	return (1);
-}
-
-int
-ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
-{
-	if (str == NULL)
-		return 0;
-	dst->type = str->type;
-	if (!ASN1_STRING_set(dst, str->data, str->length))
-		return 0;
-	dst->flags = str->flags;
-	return 1;
-}
-
-ASN1_STRING *
-ASN1_STRING_dup(const ASN1_STRING *str)
-{
-	ASN1_STRING *ret;
-
-	if (!str)
-		return NULL;
-	ret = ASN1_STRING_new();
-	if (!ret)
-		return NULL;
-	if (!ASN1_STRING_copy(ret, str)) {
-		ASN1_STRING_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-int
-ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
-{
-	const char *data = _data;
-
-	if (len < 0) {
-		if (data == NULL)
-			return (0);
-		else
-			len = strlen(data);
-	}
-	if ((str->length < len) || (str->data == NULL)) {
-		unsigned char *tmp;
-		tmp = realloc(str->data, len + 1);
-		if (tmp == NULL) {
-			ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-		str->data = tmp;
-	}
-	str->length = len;
-	if (data != NULL) {
-		memmove(str->data, data, len);
-	}
-	str->data[str->length]='\0';
-	return (1);
-}
-
-void
-ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
-{
-	if (str->data != NULL)
-		explicit_bzero(str->data, str->length);
-	free(str->data);
-	str->data = data;
-	str->length = len;
-}
-
-ASN1_STRING *
-ASN1_STRING_new(void)
-{
-	return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
-}
-
-ASN1_STRING *
-ASN1_STRING_type_new(int type)
-{
-	ASN1_STRING *ret;
-
-	ret = malloc(sizeof(ASN1_STRING));
-	if (ret == NULL) {
-		ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->length = 0;
-	ret->type = type;
-	ret->data = NULL;
-	ret->flags = 0;
-	return (ret);
-}
-
-void
-ASN1_STRING_free(ASN1_STRING *a)
-{
-	if (a == NULL)
-		return;
-	if (a->data != NULL && !(a->flags & ASN1_STRING_FLAG_NDEF)) {
-		explicit_bzero(a->data, a->length);
-		free(a->data);
-	}
-	free(a);
-}
-
-int
-ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
-{
-	int i;
-
-	i = (a->length - b->length);
-	if (i == 0) {
-		i = memcmp(a->data, b->data, a->length);
-		if (i == 0)
-			return (a->type - b->type);
-		else
-			return (i);
-	} else
-		return (i);
-}
-
-void
-asn1_add_error(const unsigned char *address, int offset)
-{
-	ERR_asprintf_error_data("offset=%d", offset);
-}
-
-int
-ASN1_STRING_length(const ASN1_STRING *x)
-{
-	return (x->length);
-}
-
-void
-ASN1_STRING_length_set(ASN1_STRING *x, int len)
-{
-	x->length = len;
-}
-
-int
-ASN1_STRING_type(ASN1_STRING *x)
-{
-	return (x->type);
-}
-
-unsigned char *
-ASN1_STRING_data(ASN1_STRING *x)
-{
-	return (x->data);
-}
diff --git a/lib/libssl/src/crypto/asn1/asn1_locl.h b/lib/libssl/src/crypto/asn1/asn1_locl.h
deleted file mode 100644
index 9b612c81832..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_locl.h
+++ /dev/null
@@ -1,151 +0,0 @@
-/* $OpenBSD: asn1_locl.h,v 1.7 2015/10/19 16:32:37 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Internal ASN1 structures and functions: not for application use */
-
-/* ASN1 print context structure */
-
-struct asn1_pctx_st {
-	unsigned long flags;
-	unsigned long nm_flags;
-	unsigned long cert_flags;
-	unsigned long oid_flags;
-	unsigned long str_flags;
-} /* ASN1_PCTX */;
-
-/* ASN1 public key method structure */
-
-struct evp_pkey_asn1_method_st {
-	int pkey_id;
-	int pkey_base_id;
-	unsigned long pkey_flags;
-
-	char *pem_str;
-	char *info;
-
-	int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub);
-	int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk);
-	int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
-	int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	    ASN1_PCTX *pctx);
-
-	int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
-	int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
-	int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	    ASN1_PCTX *pctx);
-
-	int (*pkey_size)(const EVP_PKEY *pk);
-	int (*pkey_bits)(const EVP_PKEY *pk);
-
-	int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder,
-	    int derlen);
-	int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);
-	int (*param_missing)(const EVP_PKEY *pk);
-	int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from);
-	int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
-	int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-	    ASN1_PCTX *pctx);
-	int (*sig_print)(BIO *out, const X509_ALGOR *sigalg,
-	    const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx);
-
-	void (*pkey_free)(EVP_PKEY *pkey);
-	int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
-
-	/* Legacy functions for old PEM */
-
-	int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder,
-	    int derlen);
-	int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
-	/* Custom ASN1 signature verification */
-	int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-	    X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
-	int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-	    X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig);
-
-} /* EVP_PKEY_ASN1_METHOD */;
-
-/* Method to handle CRL access.
- * In general a CRL could be very large (several Mb) and can consume large
- * amounts of resources if stored in memory by multiple processes.
- * This method allows general CRL operations to be redirected to more
- * efficient callbacks: for example a CRL entry database.
- */
-
-#define X509_CRL_METHOD_DYNAMIC		1
-
-struct x509_crl_method_st {
-	int flags;
-	int (*crl_init)(X509_CRL *crl);
-	int (*crl_free)(X509_CRL *crl);
-	int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
-	    ASN1_INTEGER *ser, X509_NAME *issuer);
-	int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
-};
-
-/*
- * Unicode codepoint constants
- */
-#define	UNICODE_MAX		0x10FFFF
-#define	UNICODE_SURROGATE_MIN	0x00D800
-#define	UNICODE_SURROGATE_MAX	0x00DFFF
-
-#define	UNICODE_IS_SURROGATE(x) \
-	((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX)
-
-int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
-int UTF8_putc(unsigned char *str, int len, unsigned long value);
diff --git a/lib/libssl/src/crypto/asn1/asn1_mac.h b/lib/libssl/src/crypto/asn1/asn1_mac.h
deleted file mode 100644
index fd524dc21cc..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_mac.h
+++ /dev/null
@@ -1,426 +0,0 @@
-/* $OpenBSD: asn1_mac.h,v 1.14 2014/06/27 04:41:09 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ASN1_MAC_H
-#define HEADER_ASN1_MAC_H
-
-#include <openssl/asn1.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifndef ASN1_MAC_ERR_LIB
-#define ASN1_MAC_ERR_LIB	ERR_LIB_ASN1
-#endif
-
-#define ASN1_MAC_H_err(f,r,line) \
-	ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
-
-#define M_ASN1_D2I_vars(a,type,func) \
-	ASN1_const_CTX c; \
-	type ret=NULL; \
-	\
-	c.pp=(const unsigned char **)pp; \
-	c.q= *(const unsigned char **)pp; \
-	c.error=ERR_R_NESTED_ASN1_ERROR; \
-	if ((a == NULL) || ((*a) == NULL)) \
-		{ if ((ret=(type)func()) == NULL) \
-			{ c.line=__LINE__; goto err; } } \
-	else	ret=(*a);
-
-#define M_ASN1_D2I_Init() \
-	c.p= *(const unsigned char **)pp; \
-	c.max=(length == 0)?0:(c.p+length);
-
-#define M_ASN1_D2I_Finish_2(a) \
-	if (!asn1_const_Finish(&c)) \
-		{ c.line=__LINE__; goto err; } \
-	*(const unsigned char **)pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret);
-
-#define M_ASN1_D2I_Finish(a,func,e) \
-	M_ASN1_D2I_Finish_2(a); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_start_sequence() \
-	if (!asn1_GetSequence(&c,&length)) \
-		{ c.line=__LINE__; goto err; }
-/* Begin reading ASN1 without a surrounding sequence */
-#define M_ASN1_D2I_begin() \
-	c.slen = length;
-
-/* End reading ASN1 with no check on length */
-#define M_ASN1_D2I_Finish_nolen(a, func, e) \
-	*pp=c.p; \
-	if (a != NULL) (*a)=ret; \
-	return(ret); \
-err:\
-	ASN1_MAC_H_err((e),c.error,c.line); \
-	asn1_add_error(*pp,(int)(c.q- *pp)); \
-	if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
-	return(NULL)
-
-#define M_ASN1_D2I_end_sequence() \
-	(((c.inf&1) == 0)?(c.slen <= 0): \
-		(c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get(b, func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-/* Don't use this with d2i_ASN1_BOOLEAN() */
-#define M_ASN1_D2I_get_x(type,b,func) \
-	c.q=c.p; \
-	if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-/* use this instead () */
-#define M_ASN1_D2I_get_int(b,func) \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) < 0) \
-		{c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_opt(b,func,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-		== (V_ASN1_UNIVERSAL|(type)))) \
-		{ \
-		M_ASN1_D2I_get(b,func); \
-		}
-
-#define M_ASN1_D2I_get_int_opt(b,func,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
-		== (V_ASN1_UNIVERSAL|(type)))) \
-		{ \
-		M_ASN1_D2I_get_int(b,func); \
-		}
-
-#define M_ASN1_D2I_get_imp(b,func, type) \
-	M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
-	c.q=c.p; \
-	if (func(&(b),&c.p,c.slen) == NULL) \
-		{c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
-	c.slen-=(c.p-c.q);\
-	M_ASN1_next_prev=_tmp;
-
-#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
-	if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
-		(V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
-		{ \
-		unsigned char _tmp = M_ASN1_next; \
-		M_ASN1_D2I_get_imp(b,func, type);\
-		}
-
-#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
-			V_ASN1_SET,V_ASN1_UNIVERSAL);
-
-#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
-		{ M_ASN1_D2I_get_set_type(type,r,func,free_func); }
-
-#define M_ASN1_I2D_len_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_len_SET(a,f);
-
-#define M_ASN1_I2D_put_SET_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SET(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-	if ((a != NULL) && (sk_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
-	if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-		M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
-	if ((c.slen != 0) && \
-		(M_ASN1_next == \
-		(V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
-		{ \
-		M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
-			tag,V_ASN1_CONTEXT_SPECIFIC); \
-		}
-
-#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-					    V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
-	if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
-		V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
-		{ M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
-
-#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
-		M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
-			x,V_ASN1_CONTEXT_SPECIFIC);
-
-#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
-				   free_func,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
-	c.q=c.p; \
-	if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
-		{ c.line=__LINE__; goto err; } \
-	c.slen-=(c.p-c.q);
-
-#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
-	if ((c.slen != 0L) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (func(&(r),&c.p,Tlen) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
-	if ((c.slen != 0) && (M_ASN1_next == \
-		(V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
-		{ \
-		int Tinf,Ttag,Tclass; \
-		long Tlen; \
-		\
-		c.q=c.p; \
-		Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
-		if (Tinf & 0x80) \
-			{ c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
-			c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
-					Tlen = c.slen - (c.p - c.q) - 2; \
-		if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
-			free_func,b,V_ASN1_UNIVERSAL) == NULL) \
-			{ c.line=__LINE__; goto err; } \
-		if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
-			Tlen = c.slen - (c.p - c.q); \
-			if(!ASN1_check_infinite_end(&c.p, Tlen)) \
-				{ c.error=ERR_R_MISSING_ASN1_EOS; \
-				c.line=__LINE__; goto err; } \
-		}\
-		c.slen-=(c.p-c.q); \
-		}
-
-/* BIG UGLY WARNING!  This is so damn ugly I wanna puke.  Unfortunately,
-   some macros that use ASN1_const_CTX still insist on writing in the input
-   stream.  ARGH!  ARGH!  ARGH!  Let's get rid of this macro package.
-   Please?						-- Richard Levitte */
-#define M_ASN1_next		(*((unsigned char *)(c.p)))
-#define M_ASN1_next_prev	(*((unsigned char *)(c.q)))
-
-/*************************************************/
-
-#define M_ASN1_I2D_vars(a)	int r=0,ret=0; \
-				unsigned char *p; \
-				if (a == NULL) return(0)
-
-/* Length Macros */
-#define M_ASN1_I2D_len(a,f)	ret+=f(a,NULL)
-#define M_ASN1_I2D_len_IMP_opt(a,f)	if (a != NULL) M_ASN1_I2D_len(a,f)
-
-#define M_ASN1_I2D_len_SET_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
-					    V_ASN1_UNIVERSAL,IS_SET);
-
-#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
-					    V_ASN1_UNIVERSAL,IS_SEQUENCE)
-
-#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
-
-#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
-		ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					    V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-					       V_ASN1_CONTEXT_SPECIFIC,IS_SET);
-
-#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
-						    V_ASN1_CONTEXT_SPECIFIC, \
-						    IS_SEQUENCE);
-
-#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
-		if (a != NULL)\
-			{ \
-			v=f(a,NULL); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0))\
-			{ \
-			v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
-						 V_ASN1_UNIVERSAL, \
-						 IS_SEQUENCE); \
-			ret+=ASN1_object_size(1,v,mtag); \
-			}
-
-/* Put Macros */
-#define M_ASN1_I2D_put(a,f)	f(a,&p)
-
-#define M_ASN1_I2D_put_IMP_opt(a,f,t)	\
-		if (a != NULL) \
-			{ \
-			unsigned char *q=p; \
-			f(a,&p); \
-			*q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
-			}
-
-#define M_ASN1_I2D_put_SET_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
-#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
-
-#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
-     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
-			    IS_SEQUENCE)
-
-#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
-		if ((a != NULL) && (sk_num(a) != 0)) \
-			M_ASN1_I2D_put_SEQUENCE(a,f);
-
-#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SET); }
-
-#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ i2d_ASN1_SET_OF_##type(a,&p,f,x, \
-						 V_ASN1_CONTEXT_SPECIFIC, \
-						 IS_SEQUENCE); }
-
-#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
-		if (a != NULL) \
-			{ \
-			ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
-			f(a,&p); \
-			}
-
-#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
-		if ((a != NULL) && (sk_##type##_num(a) != 0)) \
-			{ \
-			ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
-			i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
-					       IS_SEQUENCE); \
-			}
-
-#define M_ASN1_I2D_seq_total() \
-		r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
-		if (pp == NULL) return(r); \
-		p= *pp; \
-		ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
-
-#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
-		*(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
-		*(p++)=0x80
-
-#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
-
-#define M_ASN1_I2D_finish()	*pp=p; \
-				return(r);
-
-int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address, int offset);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/asn1/asn1_par.c b/lib/libssl/src/crypto/asn1/asn1_par.c
deleted file mode 100644
index 72326a9cc13..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* $OpenBSD: asn1_par.c,v 1.25 2015/09/30 19:01:14 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-
-static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
-    int indent);
-static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
-    int offset, int depth, int indent, int dump);
-
-static int
-asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
-    int indent)
-{
-	char str[128];
-	const char *p;
-
-	if (constructed & V_ASN1_CONSTRUCTED)
-		p="cons: ";
-	else
-		p="prim: ";
-	if (BIO_write(bp, p, 6) < 6)
-		goto err;
-	BIO_indent(bp, indent, 128);
-
-	p = str;
-	if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
-		snprintf(str, sizeof str, "priv [ %d ] ", tag);
-	else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
-		snprintf(str, sizeof str, "cont [ %d ]", tag);
-	else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
-		snprintf(str, sizeof str, "appl [ %d ]", tag);
-	else if (tag > 30)
-		snprintf(str, sizeof str, "<ASN1 %d>", tag);
-	else
-		p = ASN1_tag2str(tag);
-
-	if (BIO_printf(bp, "%-18s", p) <= 0)
-		goto err;
-	return (1);
-err:
-	return (0);
-}
-
-int
-ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
-{
-	return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
-}
-
-int
-ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump)
-{
-	return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
-}
-
-static int
-asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
-    int depth, int indent, int dump)
-{
-	const unsigned char *p, *ep, *tot, *op, *opp;
-	long len;
-	int tag, xclass, ret = 0;
-	int nl, hl, j, r;
-	ASN1_OBJECT *o = NULL;
-	ASN1_OCTET_STRING *os = NULL;
-	/* ASN1_BMPSTRING *bmp=NULL;*/
-	int dump_indent;
-
-	dump_indent = 6;	/* Because we know BIO_dump_indent() */
-	p = *pp;
-	tot = p + length;
-	op = p - 1;
-	while ((p < tot) && (op < p)) {
-		op = p;
-		j = ASN1_get_object(&p, &len, &tag, &xclass, length);
-
-		if (j & 0x80) {
-			if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
-				goto end;
-			ret = 0;
-			goto end;
-		}
-		hl = (p - op);
-		length -= hl;
-		/* if j == 0x21 it is a constructed indefinite length object */
-		if (BIO_printf(bp, "%5ld:", (long)offset +
-		    (long)(op - *pp)) <= 0)
-		    goto end;
-
-		if (j != (V_ASN1_CONSTRUCTED | 1)) {
-			if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
-			    depth, (long)hl, len) <= 0)
-				goto end;
-		} else {
-			if (BIO_printf(bp, "d=%-2d hl=%ld l=inf  ",
-			    depth, (long)hl) <= 0)
-				goto end;
-		}
-		if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
-			goto end;
-		if (j & V_ASN1_CONSTRUCTED) {
-			ep = p + len;
-			if (BIO_write(bp, "\n", 1) <= 0)
-				goto end;
-			if (len > length) {
-				BIO_printf(bp, "length is greater than %ld\n",
-				    length);
-				ret = 0;
-				goto end;
-			}
-			if ((j == 0x21) && (len == 0)) {
-				for (;;) {
-					r = asn1_parse2(bp, &p, (long)(tot - p),
-					    offset + (p - *pp), depth + 1,
-					    indent, dump);
-					if (r == 0) {
-						ret = 0;
-						goto end;
-					}
-					if ((r == 2) || (p >= tot))
-						break;
-				}
-			} else
-				while (p < ep) {
-					r = asn1_parse2(bp, &p, (long)len,
-					    offset + (p - *pp), depth + 1,
-					    indent, dump);
-					if (r == 0) {
-						ret = 0;
-						goto end;
-					}
-				}
-		} else if (xclass != 0) {
-			p += len;
-			if (BIO_write(bp, "\n", 1) <= 0)
-				goto end;
-		} else {
-			nl = 0;
-			if ((tag == V_ASN1_PRINTABLESTRING) ||
-			    (tag == V_ASN1_T61STRING) ||
-			    (tag == V_ASN1_IA5STRING) ||
-			    (tag == V_ASN1_VISIBLESTRING) ||
-			    (tag == V_ASN1_NUMERICSTRING) ||
-			    (tag == V_ASN1_UTF8STRING) ||
-			    (tag == V_ASN1_UTCTIME) ||
-			    (tag == V_ASN1_GENERALIZEDTIME)) {
-				if (BIO_write(bp, ":", 1) <= 0)
-					goto end;
-				if ((len > 0) &&
-				    BIO_write(bp, (const char *)p, (int)len) !=
-				    (int)len)
-					goto end;
-			} else if (tag == V_ASN1_OBJECT) {
-				opp = op;
-				if (d2i_ASN1_OBJECT(&o, &opp, len + hl) !=
-				    NULL) {
-					if (BIO_write(bp, ":", 1) <= 0)
-						goto end;
-					i2a_ASN1_OBJECT(bp, o);
-				} else {
-					if (BIO_write(bp, ":BAD OBJECT",
-					    11) <= 0)
-						goto end;
-				}
-			} else if (tag == V_ASN1_BOOLEAN) {
-				int ii;
-
-				opp = op;
-				ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
-				if (ii < 0) {
-					if (BIO_write(bp, "Bad boolean\n",
-					    12) <= 0)
-						goto end;
-				}
-				BIO_printf(bp, ":%d", ii);
-			} else if (tag == V_ASN1_BMPSTRING) {
-				/* do the BMP thang */
-			} else if (tag == V_ASN1_OCTET_STRING) {
-				int i, printable = 1;
-
-				opp = op;
-				os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
-				if (os != NULL && os->length > 0) {
-					opp = os->data;
-					/* testing whether the octet string is
-					 * printable */
-					for (i = 0; i < os->length; i++) {
-						if (((opp[i] < ' ') &&
-						    (opp[i] != '\n') &&
-						    (opp[i] != '\r') &&
-						    (opp[i] != '\t')) ||
-						    (opp[i] > '~')) {
-							printable = 0;
-							break;
-						}
-					}
-					if (printable) {
-						/* printable string */
-						if (BIO_write(bp, ":", 1) <= 0)
-							goto end;
-						if (BIO_write(bp, (const char *)opp,
-							    os->length) <= 0)
-							goto end;
-					} else if (!dump) {
-						/* not printable => print octet string
-						 * as hex dump */
-						if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
-							goto end;
-						for (i = 0; i < os->length; i++) {
-							if (BIO_printf(bp,
-							    "%02X", opp[i]) <= 0)
-								goto end;
-						}
-					} else {
-						/* print the normal dump */
-						if (!nl) {
-							if (BIO_write(bp, "\n", 1) <= 0)
-								goto end;
-						}
-						if (BIO_dump_indent(bp,
-						    (const char *)opp,
-						    ((dump == -1 || dump >
-						    os->length) ? os->length : dump),
-						    dump_indent) <= 0)
-							goto end;
-						nl = 1;
-					}
-				}
-				ASN1_OCTET_STRING_free(os);
-				os = NULL;
-			} else if (tag == V_ASN1_INTEGER) {
-				ASN1_INTEGER *bs;
-				int i;
-
-				opp = op;
-				bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
-				if (bs != NULL) {
-					if (BIO_write(bp, ":", 1) <= 0)
-						goto end;
-					if (bs->type == V_ASN1_NEG_INTEGER)
-						if (BIO_write(bp, "-", 1) <= 0)
-							goto end;
-					for (i = 0; i < bs->length; i++) {
-						if (BIO_printf(bp, "%02X",
-						    bs->data[i]) <= 0)
-							goto end;
-					}
-					if (bs->length == 0) {
-						if (BIO_write(bp, "00", 2) <= 0)
-							goto end;
-					}
-				} else {
-					if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
-						goto end;
-				}
-				ASN1_INTEGER_free(bs);
-			} else if (tag == V_ASN1_ENUMERATED) {
-				ASN1_ENUMERATED *bs;
-				int i;
-
-				opp = op;
-				bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
-				if (bs != NULL) {
-					if (BIO_write(bp, ":", 1) <= 0)
-						goto end;
-					if (bs->type == V_ASN1_NEG_ENUMERATED)
-						if (BIO_write(bp, "-", 1) <= 0)
-							goto end;
-					for (i = 0; i < bs->length; i++) {
-						if (BIO_printf(bp, "%02X",
-						    bs->data[i]) <= 0)
-							goto end;
-					}
-					if (bs->length == 0) {
-						if (BIO_write(bp, "00", 2) <= 0)
-							goto end;
-					}
-				} else {
-					if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
-						goto end;
-				}
-				ASN1_ENUMERATED_free(bs);
-			} else if (len > 0 && dump) {
-				if (!nl) {
-					if (BIO_write(bp, "\n", 1) <= 0)
-						goto end;
-				}
-				if (BIO_dump_indent(bp, (const char *)p,
-				    ((dump == -1 || dump > len) ? len : dump),
-				    dump_indent) <= 0)
-					goto end;
-				nl = 1;
-			}
-
-			if (!nl) {
-				if (BIO_write(bp, "\n", 1) <= 0)
-					goto end;
-			}
-			p += len;
-			if ((tag == V_ASN1_EOC) && (xclass == 0)) {
-				ret = 2; /* End of sequence */
-				goto end;
-			}
-		}
-		length -= len;
-	}
-	ret = 1;
-
-end:
-	if (o != NULL)
-		ASN1_OBJECT_free(o);
-	ASN1_OCTET_STRING_free(os);
-	*pp = p;
-	return (ret);
-}
-
-const char *
-ASN1_tag2str(int tag)
-{
-	static const char * const tag2str[] = {
-		"EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
-		"NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
-		"ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", 	    /* 10-13 */
-		"<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", 		    /* 15-17 */
-		"NUMERICSTRING", "PRINTABLESTRING", "T61STRING",	    /* 18-20 */
-		"VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME", /* 21-24 */
-		"GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",	    /* 25-27 */
-		"UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"		    /* 28-30 */
-	};
-
-	if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
-		tag &= ~0x100;
-
-	if (tag < 0 || tag > 30)
-		return "(unknown)";
-	return tag2str[tag];
-}
diff --git a/lib/libssl/src/crypto/asn1/asn1t.h b/lib/libssl/src/crypto/asn1/asn1t.h
deleted file mode 100644
index 27f591c464e..00000000000
--- a/lib/libssl/src/crypto/asn1/asn1t.h
+++ /dev/null
@@ -1,880 +0,0 @@
-/* $OpenBSD: asn1t.h,v 1.13 2015/07/25 17:20:02 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ASN1T_H
-#define HEADER_ASN1T_H
-
-#include <stddef.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-
-/* ASN1 template defines, structures and functions */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifndef LIBRESSL_INTERNAL
-
-/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
-#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
-
-
-/* Macros for start and end of ASN1_ITEM definition */
-
-#define ASN1_ITEM_start(itname) \
-	const ASN1_ITEM itname##_it = {
-
-#define ASN1_ITEM_end(itname) \
-		};
-
-
-
-/* Macros to aid ASN1 template writing */
-
-#define ASN1_ITEM_TEMPLATE(tname) \
-	static const ASN1_TEMPLATE tname##_item_tt 
-
-#define ASN1_ITEM_TEMPLATE_END(tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_PRIMITIVE,\
-		-1,\
-		&tname##_item_tt,\
-		0,\
-		NULL,\
-		0,\
-		#tname \
-	ASN1_ITEM_end(tname)
-
-
-/* This is a ASN1 type which just embeds a template */
- 
-/* This pair helps declare a SEQUENCE. We can do:
- *
- * 	ASN1_SEQUENCE(stname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END(stname)
- *
- * 	This will produce an ASN1_ITEM called stname_it
- *	for a structure called stname.
- *
- * 	If you want the same structure but a different
- *	name then use:
- *
- * 	ASN1_SEQUENCE(itname) = {
- * 		... SEQUENCE components ...
- * 	} ASN1_SEQUENCE_END_name(stname, itname)
- *
- *	This will create an item called itname_it using
- *	a structure called stname.
- */
-
-#define ASN1_SEQUENCE(tname) \
-	static const ASN1_TEMPLATE tname##_seq_tt[] 
-
-#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
-
-#define ASN1_SEQUENCE_END_name(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_NDEF_SEQUENCE(tname) \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
-	ASN1_SEQUENCE_cb(tname, cb)
-
-#define ASN1_SEQUENCE_cb(tname, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_BROKEN_SEQUENCE(tname) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_ref(tname, cb, lck) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_SEQUENCE_enc(tname, enc, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
-	ASN1_SEQUENCE(tname)
-
-#define ASN1_NDEF_SEQUENCE_END(tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_NDEF_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(tname),\
-		#tname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
-
-#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
-
-#define ASN1_SEQUENCE_END_ref(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_NDEF_SEQUENCE,\
-		V_ASN1_SEQUENCE,\
-		tname##_seq_tt,\
-		sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-
-/* This pair helps declare a CHOICE type. We can do:
- *
- * 	ASN1_CHOICE(chname) = {
- * 		... CHOICE options ...
- * 	ASN1_CHOICE_END(chname)
- *
- * 	This will produce an ASN1_ITEM called chname_it
- *	for a structure called chname. The structure
- *	definition must look like this:
- *	typedef struct {
- *		int type;
- *		union {
- *			ASN1_SOMETHING *opt1;
- *			ASN1_SOMEOTHER *opt2;
- *		} value;
- *	} chname;
- *	
- *	the name of the selector must be 'type'.
- * 	to use an alternative selector name use the
- *      ASN1_CHOICE_END_selector() version.
- */
-
-#define ASN1_CHOICE(tname) \
-	static const ASN1_TEMPLATE tname##_ch_tt[] 
-
-#define ASN1_CHOICE_cb(tname, cb) \
-	static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
-	ASN1_CHOICE(tname)
-
-#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
-
-#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
-
-#define ASN1_CHOICE_END_selector(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		NULL,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-#define ASN1_CHOICE_END_cb(stname, tname, selname) \
-	;\
-	ASN1_ITEM_start(tname) \
-		ASN1_ITYPE_CHOICE,\
-		offsetof(stname,selname) ,\
-		tname##_ch_tt,\
-		sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
-		&tname##_aux,\
-		sizeof(stname),\
-		#stname \
-	ASN1_ITEM_end(tname)
-
-/* This helps with the template wrapper form of ASN1_ITEM */
-
-#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
-	(flags), (tag), 0,\
-	#name, ASN1_ITEM_ref(type) }
-
-/* These help with SEQUENCE or CHOICE components */
-
-/* used to declare other types */
-
-#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
-	(flags), (tag), offsetof(stname, field),\
-	#field, ASN1_ITEM_ref(type) }
-
-/* used when the structure is combined with the parent */
-
-#define ASN1_EX_COMBINE(flags, tag, type) { \
-	(flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
-
-/* implicit and explicit helper macros */
-
-#define ASN1_IMP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
-
-#define ASN1_EXP_EX(stname, field, type, tag, ex) \
-		ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
-
-/* Any defined by macros: the field used is in the table itself */
-
-#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
-/* Plain simple type */
-#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
-
-/* OPTIONAL simple type */
-#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* IMPLICIT tagged simple type */
-#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
-
-/* IMPLICIT tagged OPTIONAL simple type */
-#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* Same as above but EXPLICIT */
-
-#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
-#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
-
-/* SEQUENCE OF type */
-#define ASN1_SEQUENCE_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
-
-/* OPTIONAL SEQUENCE OF */
-#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Same as above but for SET OF */
-
-#define ASN1_SET_OF(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
-
-#define ASN1_SET_OF_OPT(stname, field, type) \
-		ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
-
-/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
-
-#define ASN1_IMP_SET_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_EXP_SET_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
-
-#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
-
-#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
-
-/* EXPLICIT using indefinite length constructed form */
-#define ASN1_NDEF_EXP(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
-
-/* EXPLICIT OPTIONAL using indefinite length constructed form */
-#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
-			ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
-
-/* Macros for the ASN1_ADB structure */
-
-#define ASN1_ADB(name) \
-	static const ASN1_ADB_TABLE name##_adbtbl[] 
-
-
-#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
-	;\
-	static const ASN1_ADB name##_adb = {\
-		flags,\
-		offsetof(name, field),\
-		app_table,\
-		name##_adbtbl,\
-		sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
-		def,\
-		none\
-	}
-
-
-#define ADB_ENTRY(val, template) {val, template}
-
-#define ASN1_ADB_TEMPLATE(name) \
-	static const ASN1_TEMPLATE name##_tt 
-
-#endif /* !LIBRESSL_INTERNAL */
-
-/* This is the ASN1 template structure that defines
- * a wrapper round the actual type. It determines the
- * actual position of the field in the value structure,
- * various flags such as OPTIONAL and the field name.
- */
-
-struct ASN1_TEMPLATE_st {
-unsigned long flags;		/* Various flags */
-long tag;			/* tag, not used if no tagging */
-unsigned long offset;		/* Offset of this field in structure */
-#ifndef NO_ASN1_FIELD_NAMES
-const char *field_name;		/* Field name */
-#endif
-ASN1_ITEM_EXP *item;		/* Relevant ASN1_ITEM or ASN1_ADB */
-};
-
-/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
-
-#define ASN1_TEMPLATE_item(t) (t->item_ptr)
-#define ASN1_TEMPLATE_adb(t) (t->item_ptr)
-
-typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
-typedef struct ASN1_ADB_st ASN1_ADB;
-
-struct ASN1_ADB_st {
-	unsigned long flags;	/* Various flags */
-	unsigned long offset;	/* Offset of selector field */
-	STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
-	const ASN1_ADB_TABLE *tbl;	/* Table of possible types */
-	long tblcount;		/* Number of entries in tbl */
-	const ASN1_TEMPLATE *default_tt;  /* Type to use if no match */
-	const ASN1_TEMPLATE *null_tt;  /* Type to use if selector is NULL */
-};
-
-struct ASN1_ADB_TABLE_st {
-	long value;		/* NID for an object or value for an int */
-	const ASN1_TEMPLATE tt;		/* item for this value */
-};
-
-/* template flags */
-
-/* Field is optional */
-#define ASN1_TFLG_OPTIONAL	(0x1)
-
-/* Field is a SET OF */
-#define ASN1_TFLG_SET_OF	(0x1 << 1)
-
-/* Field is a SEQUENCE OF */
-#define ASN1_TFLG_SEQUENCE_OF	(0x2 << 1)
-
-/* Special case: this refers to a SET OF that
- * will be sorted into DER order when encoded *and*
- * the corresponding STACK will be modified to match
- * the new order.
- */
-#define ASN1_TFLG_SET_ORDER	(0x3 << 1)
-
-/* Mask for SET OF or SEQUENCE OF */
-#define ASN1_TFLG_SK_MASK	(0x3 << 1)
-
-/* These flags mean the tag should be taken from the
- * tag field. If EXPLICIT then the underlying type
- * is used for the inner tag.
- */
-
-/* IMPLICIT tagging */
-#define ASN1_TFLG_IMPTAG	(0x1 << 3)
-
-
-/* EXPLICIT tagging, inner tag from underlying type */
-#define ASN1_TFLG_EXPTAG	(0x2 << 3)
-
-#define ASN1_TFLG_TAG_MASK	(0x3 << 3)
-
-/* context specific IMPLICIT */
-#define ASN1_TFLG_IMPLICIT	ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
-
-/* context specific EXPLICIT */
-#define ASN1_TFLG_EXPLICIT	ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
-
-/* If tagging is in force these determine the
- * type of tag to use. Otherwise the tag is
- * determined by the underlying type. These 
- * values reflect the actual octet format.
- */
-
-/* Universal tag */ 
-#define ASN1_TFLG_UNIVERSAL	(0x0<<6)
-/* Application tag */ 
-#define ASN1_TFLG_APPLICATION	(0x1<<6)
-/* Context specific tag */ 
-#define ASN1_TFLG_CONTEXT	(0x2<<6)
-/* Private tag */ 
-#define ASN1_TFLG_PRIVATE	(0x3<<6)
-
-#define ASN1_TFLG_TAG_CLASS	(0x3<<6)
-
-/* These are for ANY DEFINED BY type. In this case
- * the 'item' field points to an ASN1_ADB structure
- * which contains a table of values to decode the
- * relevant type
- */
-
-#define ASN1_TFLG_ADB_MASK	(0x3<<8)
-
-#define ASN1_TFLG_ADB_OID	(0x1<<8)
-
-#define ASN1_TFLG_ADB_INT	(0x1<<9)
-
-/* This flag means a parent structure is passed
- * instead of the field: this is useful is a
- * SEQUENCE is being combined with a CHOICE for
- * example. Since this means the structure and
- * item name will differ we need to use the
- * ASN1_CHOICE_END_name() macro for example.
- */
-
-#define ASN1_TFLG_COMBINE	(0x1<<10)
-
-/* This flag when present in a SEQUENCE OF, SET OF
- * or EXPLICIT causes indefinite length constructed
- * encoding to be used if required.
- */
-
-#define ASN1_TFLG_NDEF		(0x1<<11)
-
-/* This is the actual ASN1 item itself */
-
-struct ASN1_ITEM_st {
-char itype;			/* The item type, primitive, SEQUENCE, CHOICE or extern */
-long utype;			/* underlying type */
-const ASN1_TEMPLATE *templates;	/* If SEQUENCE or CHOICE this contains the contents */
-long tcount;			/* Number of templates if SEQUENCE or CHOICE */
-const void *funcs;		/* functions that handle this type */
-long size;			/* Structure size (usually)*/
-#ifndef NO_ASN1_FIELD_NAMES
-const char *sname;		/* Structure name */
-#endif
-};
-
-/* These are values for the itype field and
- * determine how the type is interpreted.
- *
- * For PRIMITIVE types the underlying type
- * determines the behaviour if items is NULL.
- *
- * Otherwise templates must contain a single 
- * template and the type is treated in the
- * same way as the type specified in the template.
- *
- * For SEQUENCE types the templates field points
- * to the members, the size field is the
- * structure size.
- *
- * For CHOICE types the templates field points
- * to each possible member (typically a union)
- * and the 'size' field is the offset of the
- * selector.
- *
- * The 'funcs' field is used for application
- * specific functions. 
- *
- * The EXTERN type uses a new style d2i/i2d.
- * The new style should be used where possible
- * because it avoids things like the d2i IMPLICIT
- * hack.
- *
- * MSTRING is a multiple string type, it is used
- * for a CHOICE of character strings where the
- * actual strings all occupy an ASN1_STRING
- * structure. In this case the 'utype' field
- * has a special meaning, it is used as a mask
- * of acceptable types using the B_ASN1 constants.
- *
- * NDEF_SEQUENCE is the same as SEQUENCE except
- * that it will use indefinite length constructed
- * encoding if requested.
- *
- */
-
-#define ASN1_ITYPE_PRIMITIVE		0x0
-
-#define ASN1_ITYPE_SEQUENCE		0x1
-
-#define ASN1_ITYPE_CHOICE		0x2
-
-#define ASN1_ITYPE_EXTERN		0x4
-
-#define ASN1_ITYPE_MSTRING		0x5
-
-#define ASN1_ITYPE_NDEF_SEQUENCE	0x6
-
-/* Cache for ASN1 tag and length, so we
- * don't keep re-reading it for things
- * like CHOICE
- */
-
-struct ASN1_TLC_st{
-	char valid;	/* Values below are valid */
-	int ret;	/* return value */
-	long plen;	/* length */
-	int ptag;	/* class value */
-	int pclass;	/* class value */
-	int hdrlen;	/* header length */
-};
-
-/* Typedefs for ASN1 function pointers */
-
-typedef ASN1_VALUE * ASN1_new_func(void);
-typedef void ASN1_free_func(ASN1_VALUE *a);
-typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
-typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
-
-typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
-					int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, 
-						int indent, const char *fname, 
-						const ASN1_PCTX *pctx);
-
-typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-
-typedef struct ASN1_EXTERN_FUNCS_st {
-	void *app_data;
-	ASN1_ex_new_func *asn1_ex_new;
-	ASN1_ex_free_func *asn1_ex_free;
-	ASN1_ex_free_func *asn1_ex_clear;
-	ASN1_ex_d2i *asn1_ex_d2i;
-	ASN1_ex_i2d *asn1_ex_i2d;
-	ASN1_ex_print_func *asn1_ex_print;
-} ASN1_EXTERN_FUNCS;
-
-typedef struct ASN1_PRIMITIVE_FUNCS_st {
-	void *app_data;
-	unsigned long flags;
-	ASN1_ex_new_func *prim_new;
-	ASN1_ex_free_func *prim_free;
-	ASN1_ex_free_func *prim_clear;
-	ASN1_primitive_c2i *prim_c2i;
-	ASN1_primitive_i2c *prim_i2c;
-	ASN1_primitive_print *prim_print;
-} ASN1_PRIMITIVE_FUNCS;
-
-/* This is the ASN1_AUX structure: it handles various
- * miscellaneous requirements. For example the use of
- * reference counts and an informational callback.
- *
- * The "informational callback" is called at various
- * points during the ASN1 encoding and decoding. It can
- * be used to provide minor customisation of the structures
- * used. This is most useful where the supplied routines
- * *almost* do the right thing but need some extra help
- * at a few points. If the callback returns zero then
- * it is assumed a fatal error has occurred and the 
- * main operation should be abandoned.
- *
- * If major changes in the default behaviour are required
- * then an external type is more appropriate.
- */
-
-typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
-				void *exarg);
-
-typedef struct ASN1_AUX_st {
-	void *app_data;
-	int flags;
-	int ref_offset;		/* Offset of reference value */
-	int ref_lock;		/* Lock type to use */
-	ASN1_aux_cb *asn1_cb;
-	int enc_offset;		/* Offset of ASN1_ENCODING structure */
-} ASN1_AUX;
-
-/* For print related callbacks exarg points to this structure */
-typedef struct ASN1_PRINT_ARG_st {
-	BIO *out;
-	int indent;
-	const ASN1_PCTX *pctx;
-} ASN1_PRINT_ARG;
-
-/* For streaming related callbacks exarg points to this structure */
-typedef struct ASN1_STREAM_ARG_st {
-	/* BIO to stream through */
-	BIO *out;
-	/* BIO with filters appended */
-	BIO *ndef_bio;
-	/* Streaming I/O boundary */
-	unsigned char **boundary;
-} ASN1_STREAM_ARG;
-
-/* Flags in ASN1_AUX */
-
-/* Use a reference count */
-#define ASN1_AFLG_REFCOUNT	1
-/* Save the encoding of structure (useful for signatures) */
-#define ASN1_AFLG_ENCODING	2
-/* The Sequence length is invalid */
-#define ASN1_AFLG_BROKEN	4
-
-/* operation values for asn1_cb */
-
-#define ASN1_OP_NEW_PRE		0
-#define ASN1_OP_NEW_POST	1
-#define ASN1_OP_FREE_PRE	2
-#define ASN1_OP_FREE_POST	3
-#define ASN1_OP_D2I_PRE		4
-#define ASN1_OP_D2I_POST	5
-#define ASN1_OP_I2D_PRE		6
-#define ASN1_OP_I2D_POST	7
-#define ASN1_OP_PRINT_PRE	8
-#define ASN1_OP_PRINT_POST	9
-#define ASN1_OP_STREAM_PRE	10
-#define ASN1_OP_STREAM_POST	11
-#define ASN1_OP_DETACHED_PRE	12
-#define ASN1_OP_DETACHED_POST	13
-
-#ifndef LIBRESSL_INTERNAL
-
-/* Macro to implement a primitive type */
-#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
-#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
-				ASN1_ITEM_end(itname)
-
-/* Macro to implement a multi string type */
-#define IMPLEMENT_ASN1_MSTRING(itname, mask) \
-				ASN1_ITEM_start(itname) \
-					ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
-				ASN1_ITEM_end(itname)
-#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
-	ASN1_ITEM_start(sname) \
-		ASN1_ITYPE_EXTERN, \
-		tag, \
-		NULL, \
-		0, \
-		&fptrs, \
-		0, \
-		#sname \
-	ASN1_ITEM_end(sname)
-
-/* Macro to implement standard functions in terms of ASN1_ITEM structures */
-
-#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
-			IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
-
-#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
-		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
-		IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
-	pre stname *fname##_new(void) \
-	{ \
-		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-	} \
-	pre void fname##_free(stname *a) \
-	{ \
-		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-	}
-
-#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
-	stname *fname##_new(void) \
-	{ \
-		return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
-	} \
-	void fname##_free(stname *a) \
-	{ \
-		ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
-	}
-
-#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
-	int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
-	} 
-
-/* This includes evil casts to remove const: they will go away when full
- * ASN1 constification is done.
- */
-#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
-	{ \
-		return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
-	} \
-	int i2d_##fname(const stname *a, unsigned char **out) \
-	{ \
-		return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
-	} 
-
-#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
-	stname * stname##_dup(stname *x) \
-        { \
-        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
-        }
-
-#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
-	IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
-
-#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
-	int fname##_print_ctx(BIO *out, stname *x, int indent, \
-						const ASN1_PCTX *pctx) \
-	{ \
-		return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
-			ASN1_ITEM_rptr(itname), pctx); \
-	} 
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
-		IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
-
-#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
-	IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
-
-#endif /* !LIBRESSL_INTERNAL */
-
-/* external definitions for primitive types */
-
-DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
-DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
-DECLARE_ASN1_ITEM(CBIGNUM)
-DECLARE_ASN1_ITEM(BIGNUM)
-DECLARE_ASN1_ITEM(LONG)
-DECLARE_ASN1_ITEM(ZLONG)
-
-DECLARE_STACK_OF(ASN1_VALUE)
-
-/* Functions used internally by the ASN1 code */
-
-int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
-int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
-				int tag, int aclass, char opt, ASN1_TLC *ctx);
-
-int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
-int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
-void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-
-int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
-
-ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-
-const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
-
-int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
-
-void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
-void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
-int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/asn1/asn_mime.c b/lib/libssl/src/crypto/asn1/asn_mime.c
deleted file mode 100644
index 1d82f1a76fd..00000000000
--- a/lib/libssl/src/crypto/asn1/asn_mime.c
+++ /dev/null
@@ -1,1019 +0,0 @@
-/* $OpenBSD: asn_mime.c,v 1.26 2015/02/22 15:19:56 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-/* Generalised MIME like utilities for streaming ASN1. Although many
- * have a PKCS7/CMS like flavour others are more general purpose.
- */
-
-/* MIME format structures
- * Note that all are translated to lower case apart from
- * parameter values. Quotes are stripped off
- */
-
-typedef struct {
-	char *param_name;		/* Param name e.g. "micalg" */
-	char *param_value;		/* Param value e.g. "sha1" */
-} MIME_PARAM;
-
-DECLARE_STACK_OF(MIME_PARAM)
-
-typedef struct {
-	char *name;			/* Name of line e.g. "content-type" */
-	char *value;			/* Value of line e.g. "text/plain" */
-	STACK_OF(MIME_PARAM) *params;	/* Zero or more parameters */
-} MIME_HEADER;
-
-DECLARE_STACK_OF(MIME_HEADER)
-
-static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
-    const ASN1_ITEM *it);
-static char * strip_ends(char *name);
-static char * strip_start(char *name);
-static char * strip_end(char *name);
-static MIME_HEADER *mime_hdr_new(char *name, char *value);
-static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
-static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
-static int mime_hdr_cmp(const MIME_HEADER * const *a,
-    const MIME_HEADER * const *b);
-static int mime_param_cmp(const MIME_PARAM * const *a,
-    const MIME_PARAM * const *b);
-static void mime_param_free(MIME_PARAM *param);
-static int mime_bound_check(char *line, int linelen, char *bound, int blen);
-static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
-static int strip_eol(char *linebuf, int *plen);
-static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
-static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
-static void mime_hdr_free(MIME_HEADER *hdr);
-
-#define MAX_SMLEN 1024
-#define mime_debug(x) /* x */
-
-/* Output an ASN1 structure in BER format streaming if necessary */
-
-int
-i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-    const ASN1_ITEM *it)
-{
-	/* If streaming create stream BIO and copy all content through it */
-	if (flags & SMIME_STREAM) {
-		BIO *bio, *tbio;
-		bio = BIO_new_NDEF(out, val, it);
-		if (!bio) {
-			ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		SMIME_crlf_copy(in, bio, flags);
-		(void)BIO_flush(bio);
-		/* Free up successive BIOs until we hit the old output BIO */
-		do {
-			tbio = BIO_pop(bio);
-			BIO_free(bio);
-			bio = tbio;
-		} while (bio != out);
-	}
-	/* else just write out ASN1 structure which will have all content
-	 * stored internally
-	 */
-	else
-		ASN1_item_i2d_bio(it, out, val);
-	return 1;
-}
-
-/* Base 64 read and write of ASN1 structure */
-
-static int
-B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-    const ASN1_ITEM *it)
-{
-	BIO *b64;
-	int r;
-
-	b64 = BIO_new(BIO_f_base64());
-	if (!b64) {
-		ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	/* prepend the b64 BIO so all data is base64 encoded.
-	 */
-	out = BIO_push(b64, out);
-	r = i2d_ASN1_bio_stream(out, val, in, flags, it);
-	(void)BIO_flush(out);
-	BIO_pop(out);
-	BIO_free(b64);
-	return r;
-}
-
-/* Streaming ASN1 PEM write */
-
-int
-PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
-    const char *hdr, const ASN1_ITEM *it)
-{
-	int r;
-
-	BIO_printf(out, "-----BEGIN %s-----\n", hdr);
-	r = B64_write_ASN1(out, val, in, flags, it);
-	BIO_printf(out, "-----END %s-----\n", hdr);
-	return r;
-}
-
-static ASN1_VALUE *
-b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
-{
-	BIO *b64;
-	ASN1_VALUE *val;
-	if (!(b64 = BIO_new(BIO_f_base64()))) {
-		ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	bio = BIO_push(b64, bio);
-	val = ASN1_item_d2i_bio(it, bio, NULL);
-	if (!val)
-		ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
-	(void)BIO_flush(bio);
-	bio = BIO_pop(bio);
-	BIO_free(b64);
-	return val;
-}
-
-/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
-
-static int
-asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
-{
-	const EVP_MD *md;
-	int i, have_unknown = 0, write_comma, ret = 0, md_nid;
-
-	have_unknown = 0;
-	write_comma = 0;
-	for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
-		if (write_comma)
-			BIO_write(out, ",", 1);
-		write_comma = 1;
-		md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
-		md = EVP_get_digestbynid(md_nid);
-		if (md && md->md_ctrl) {
-			int rv;
-			char *micstr;
-			rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
-			if (rv > 0) {
-				BIO_puts(out, micstr);
-				free(micstr);
-				continue;
-			}
-			if (rv != -2)
-				goto err;
-		}
-		switch (md_nid) {
-		case NID_sha1:
-			BIO_puts(out, "sha1");
-			break;
-
-		case NID_md5:
-			BIO_puts(out, "md5");
-			break;
-
-		case NID_sha256:
-			BIO_puts(out, "sha-256");
-			break;
-
-		case NID_sha384:
-			BIO_puts(out, "sha-384");
-			break;
-
-		case NID_sha512:
-			BIO_puts(out, "sha-512");
-			break;
-
-		case NID_id_GostR3411_94:
-			BIO_puts(out, "gostr3411-94");
-			goto err;
-			break;
-
-		default:
-			if (have_unknown)
-				write_comma = 0;
-			else {
-				BIO_puts(out, "unknown");
-				have_unknown = 1;
-			}
-			break;
-
-		}
-	}
-
-	ret = 1;
-
-err:
-	return ret;
-}
-
-/* SMIME sender */
-
-int
-SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
-    int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs,
-    const ASN1_ITEM *it)
-{
-	char bound[33], c;
-	int i;
-	const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
-	const char *msg_type = NULL;
-
-	if (flags & SMIME_OLDMIME)
-		mime_prefix = "application/x-pkcs7-";
-	else
-		mime_prefix = "application/pkcs7-";
-
-	if (flags & SMIME_CRLFEOL)
-		mime_eol = "\r\n";
-	else
-		mime_eol = "\n";
-	if ((flags & SMIME_DETACHED) && data) {
-		/* We want multipart/signed */
-		/* Generate a random boundary */
-		arc4random_buf(bound, 32);
-		for (i = 0; i < 32; i++) {
-			c = bound[i] & 0xf;
-			if (c < 10)
-				c += '0';
-			else
-				c += 'A' - 10;
-			bound[i] = c;
-		}
-		bound[32] = 0;
-		BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-		BIO_printf(bio, "Content-Type: multipart/signed;");
-		BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
-		BIO_puts(bio, " micalg=\"");
-		asn1_write_micalg(bio, mdalgs);
-		BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
-		    bound, mime_eol, mime_eol);
-		BIO_printf(bio, "This is an S/MIME signed message%s%s",
-		    mime_eol, mime_eol);
-		/* Now write out the first part */
-		BIO_printf(bio, "------%s%s", bound, mime_eol);
-		if (!asn1_output_data(bio, data, val, flags, it))
-			return 0;
-		BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
-
-		/* Headers for signature */
-
-		BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
-		BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
-		BIO_printf(bio, "Content-Transfer-Encoding: base64%s",
-		    mime_eol);
-		BIO_printf(bio, "Content-Disposition: attachment;");
-		BIO_printf(bio, " filename=\"smime.p7s\"%s%s",
-		    mime_eol, mime_eol);
-		B64_write_ASN1(bio, val, NULL, 0, it);
-		BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
-		    mime_eol, mime_eol);
-		return 1;
-	}
-
-	/* Determine smime-type header */
-
-	if (ctype_nid == NID_pkcs7_enveloped)
-		msg_type = "enveloped-data";
-	else if (ctype_nid == NID_pkcs7_signed) {
-		if (econt_nid == NID_id_smime_ct_receipt)
-			msg_type = "signed-receipt";
-		else if (sk_X509_ALGOR_num(mdalgs) >= 0)
-			msg_type = "signed-data";
-		else
-			msg_type = "certs-only";
-	} else if (ctype_nid == NID_id_smime_ct_compressedData) {
-		msg_type = "compressed-data";
-		cname = "smime.p7z";
-	}
-	/* MIME headers */
-	BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
-	BIO_printf(bio, "Content-Disposition: attachment;");
-	BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
-	BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
-	if (msg_type)
-		BIO_printf(bio, " smime-type=%s;", msg_type);
-	BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
-	BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
-	    mime_eol, mime_eol);
-	if (!B64_write_ASN1(bio, val, data, flags, it))
-		return 0;
-	BIO_printf(bio, "%s", mime_eol);
-	return 1;
-}
-
-/* Handle output of ASN1 data */
-
-
-static int
-asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
-    const ASN1_ITEM *it)
-{
-	BIO *tmpbio;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_STREAM_ARG sarg;
-	int rv = 1;
-
-	/* If data is not deteched or resigning then the output BIO is
-	 * already set up to finalise when it is written through.
-	 */
-	if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
-		SMIME_crlf_copy(data, out, flags);
-		return 1;
-	}
-
-	if (!aux || !aux->asn1_cb) {
-		ASN1err(ASN1_F_ASN1_OUTPUT_DATA,
-		    ASN1_R_STREAMING_NOT_SUPPORTED);
-		return 0;
-	}
-
-	sarg.out = out;
-	sarg.ndef_bio = NULL;
-	sarg.boundary = NULL;
-
-	/* Let ASN1 code prepend any needed BIOs */
-
-	if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
-		return 0;
-
-	/* Copy data across, passing through filter BIOs for processing */
-	SMIME_crlf_copy(data, sarg.ndef_bio, flags);
-
-	/* Finalize structure */
-	if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
-		rv = 0;
-
-	/* Now remove any digests prepended to the BIO */
-
-	while (sarg.ndef_bio != out) {
-		tmpbio = BIO_pop(sarg.ndef_bio);
-		BIO_free(sarg.ndef_bio);
-		sarg.ndef_bio = tmpbio;
-	}
-
-	return rv;
-}
-
-/* SMIME reader: handle multipart/signed and opaque signing.
- * in multipart case the content is placed in a memory BIO
- * pointed to by "bcont". In opaque this is set to NULL
- */
-
-ASN1_VALUE *
-SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
-{
-	BIO *asnin;
-	STACK_OF(MIME_HEADER) *headers = NULL;
-	STACK_OF(BIO) *parts = NULL;
-	MIME_HEADER *hdr;
-	MIME_PARAM *prm;
-	ASN1_VALUE *val;
-	int ret;
-
-	if (bcont)
-		*bcont = NULL;
-
-	if (!(headers = mime_parse_hdr(bio))) {
-		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
-		return NULL;
-	}
-
-	if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
-		return NULL;
-	}
-
-	/* Handle multipart/signed */
-
-	if (!strcmp(hdr->value, "multipart/signed")) {
-		/* Split into two parts */
-		prm = mime_param_find(hdr, "boundary");
-		if (!prm || !prm->param_value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_NO_MULTIPART_BOUNDARY);
-			return NULL;
-		}
-		ret = multi_split(bio, prm->param_value, &parts);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		if (!ret || (sk_BIO_num(parts) != 2) ) {
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_NO_MULTIPART_BODY_FAILURE);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Parse the signature piece */
-		asnin = sk_BIO_value(parts, 1);
-
-		if (!(headers = mime_parse_hdr(asnin))) {
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_MIME_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		/* Get content type */
-
-		if (!(hdr = mime_hdr_find(headers, "content-type")) ||
-		    !hdr->value) {
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_NO_SIG_CONTENT_TYPE);
-			return NULL;
-		}
-
-		if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
-		    strcmp(hdr->value, "application/pkcs7-signature")) {
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_SIG_INVALID_MIME_TYPE);
-			ERR_asprintf_error_data("type: %s", hdr->value);
-			sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		/* Read in ASN1 */
-		if (!(val = b64_read_asn1(asnin, it))) {
-			ASN1err(ASN1_F_SMIME_READ_ASN1,
-			    ASN1_R_ASN1_SIG_PARSE_ERROR);
-			sk_BIO_pop_free(parts, BIO_vfree);
-			return NULL;
-		}
-
-		if (bcont) {
-			*bcont = sk_BIO_value(parts, 0);
-			BIO_free(asnin);
-			sk_BIO_free(parts);
-		} else sk_BIO_pop_free(parts, BIO_vfree);
-			return val;
-	}
-
-	/* OK, if not multipart/signed try opaque signature */
-
-	if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
-	    strcmp (hdr->value, "application/pkcs7-mime")) {
-		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
-		ERR_asprintf_error_data("type: %s", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return NULL;
-	}
-
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-
-	if (!(val = b64_read_asn1(bio, it))) {
-		ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
-		return NULL;
-	}
-	return val;
-}
-
-/* Copy text from one BIO to another making the output CRLF at EOL */
-int
-SMIME_crlf_copy(BIO *in, BIO *out, int flags)
-{
-	BIO *bf;
-	char eol;
-	int len;
-	char linebuf[MAX_SMLEN];
-
-	/* Buffer output so we don't write one line at a time. This is
-	 * useful when streaming as we don't end up with one OCTET STRING
-	 * per line.
-	 */
-	bf = BIO_new(BIO_f_buffer());
-	if (!bf)
-		return 0;
-	out = BIO_push(bf, out);
-	if (flags & SMIME_BINARY) {
-		while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
-			BIO_write(out, linebuf, len);
-	} else {
-		if (flags & SMIME_TEXT)
-			BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
-		while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
-			eol = strip_eol(linebuf, &len);
-			if (len)
-				BIO_write(out, linebuf, len);
-			if (eol)
-				BIO_write(out, "\r\n", 2);
-		}
-	}
-	(void)BIO_flush(out);
-	BIO_pop(out);
-	BIO_free(bf);
-	return 1;
-}
-
-/* Strip off headers if they are text/plain */
-int
-SMIME_text(BIO *in, BIO *out)
-{
-	char iobuf[4096];
-	int len;
-	STACK_OF(MIME_HEADER) *headers;
-	MIME_HEADER *hdr;
-
-	if (!(headers = mime_parse_hdr(in))) {
-		ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
-		return 0;
-	}
-	if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
-		ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	if (strcmp (hdr->value, "text/plain")) {
-		ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
-		ERR_asprintf_error_data("type: %s", hdr->value);
-		sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-		return 0;
-	}
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
-		BIO_write(out, iobuf, len);
-	if (len < 0)
-		return 0;
-	return 1;
-}
-
-/*
- * Split a multipart/XXX message body into component parts: result is
- * canonical parts in a STACK of bios
- */
-static int
-multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
-{
-	char linebuf[MAX_SMLEN];
-	int len, blen;
-	int eol = 0, next_eol = 0;
-	BIO *bpart = NULL;
-	STACK_OF(BIO) *parts;
-	char state, part, first;
-
-	blen = strlen(bound);
-	part = 0;
-	state = 0;
-	first = 1;
-	parts = sk_BIO_new_null();
-	*ret = parts;
-	if (parts == NULL)
-		return 0;
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-		state = mime_bound_check(linebuf, len, bound, blen);
-		if (state == 1) {
-			first = 1;
-			part++;
-		} else if (state == 2) {
-			if (sk_BIO_push(parts, bpart) == 0)
-				return 0;
-			return 1;
-		} else if (part) {
-			/* Strip CR+LF from linebuf */
-			next_eol = strip_eol(linebuf, &len);
-			if (first) {
-				first = 0;
-				if (bpart != NULL) {
-					if (sk_BIO_push(parts, bpart) == 0)
-						return 0;
-				}
-				bpart = BIO_new(BIO_s_mem());
-				if (bpart == NULL)
-					return 0;
-				BIO_set_mem_eof_return(bpart, 0);
-			} else if (eol)
-				BIO_write(bpart, "\r\n", 2);
-			eol = next_eol;
-			if (len)
-				BIO_write(bpart, linebuf, len);
-		}
-	}
-	BIO_free(bpart);
-	return 0;
-}
-
-/* This is the big one: parse MIME header lines up to message body */
-
-#define MIME_INVALID	0
-#define MIME_START	1
-#define MIME_TYPE	2
-#define MIME_NAME	3
-#define MIME_VALUE	4
-#define MIME_QUOTE	5
-#define MIME_COMMENT	6
-
-
-static
-STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
-{
-	char *p, *q, c;
-	char *ntmp;
-	char linebuf[MAX_SMLEN];
-	MIME_HEADER *mhdr = NULL;
-	STACK_OF(MIME_HEADER) *headers;
-	int len, state, save_state = 0;
-
-	headers = sk_MIME_HEADER_new(mime_hdr_cmp);
-	if (!headers)
-		return NULL;
-	while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
-		/* If whitespace at line start then continuation line */
-		if (mhdr && isspace((unsigned char)linebuf[0]))
-			state = MIME_NAME;
-		else
-			state = MIME_START;
-		ntmp = NULL;
-
-		/* Go through all characters */
-		for (p = linebuf, q = linebuf;
-		    (c = *p) && (c != '\r') && (c != '\n'); p++) {
-
-			/* State machine to handle MIME headers
-			 * if this looks horrible that's because it *is*
-			 */
-
-			switch (state) {
-			case MIME_START:
-				if (c == ':') {
-					state = MIME_TYPE;
-					*p = 0;
-					ntmp = strip_ends(q);
-					q = p + 1;
-				}
-				break;
-
-			case MIME_TYPE:
-				if (c == ';') {
-					mime_debug("Found End Value\n");
-					*p = 0;
-					mhdr = mime_hdr_new(ntmp,
-					    strip_ends(q));
-					if (mhdr == NULL)
-						goto merr;
-					if (sk_MIME_HEADER_push(headers,
-					    mhdr) == 0)
-						goto merr;
-					ntmp = NULL;
-					q = p + 1;
-					state = MIME_NAME;
-				} else if (c == '(') {
-					save_state = state;
-					state = MIME_COMMENT;
-				}
-				break;
-
-			case MIME_COMMENT:
-				if (c == ')') {
-					state = save_state;
-				}
-				break;
-
-			case MIME_NAME:
-				if (c == '=') {
-					state = MIME_VALUE;
-					*p = 0;
-					ntmp = strip_ends(q);
-					q = p + 1;
-				}
-				break;
-
-			case MIME_VALUE:
-				if (c == ';') {
-					state = MIME_NAME;
-					*p = 0;
-					mime_hdr_addparam(mhdr, ntmp,
-					    strip_ends(q));
-					ntmp = NULL;
-					q = p + 1;
-				} else if (c == '"') {
-					mime_debug("Found Quote\n");
-					state = MIME_QUOTE;
-				} else if (c == '(') {
-					save_state = state;
-					state = MIME_COMMENT;
-				}
-				break;
-
-			case MIME_QUOTE:
-				if (c == '"') {
-					mime_debug("Found Match Quote\n");
-					state = MIME_VALUE;
-				}
-				break;
-			}
-		}
-
-		if (state == MIME_TYPE) {
-			mhdr = mime_hdr_new(ntmp, strip_ends(q));
-			if (mhdr == NULL)
-				goto merr;
-			if (sk_MIME_HEADER_push(headers, mhdr) == 0)
-				goto merr;
-		} else if (state == MIME_VALUE)
-			mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
-
-		if (p == linebuf)
-			break;	/* Blank line means end of headers */
-	}
-
-	return headers;
-
-merr:
-	if (mhdr != NULL)
-		mime_hdr_free(mhdr);
-	sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
-	return NULL;
-}
-
-static char *
-strip_ends(char *name)
-{
-	return strip_end(strip_start(name));
-}
-
-/* Strip a parameter of whitespace from start of param */
-static char *
-strip_start(char *name)
-{
-	char *p, c;
-
-	/* Look for first non white space or quote */
-	for (p = name; (c = *p); p++) {
-		if (c == '"') {
-			/* Next char is start of string if non null */
-			if (p[1])
-				return p + 1;
-			/* Else null string */
-			return NULL;
-		}
-		if (!isspace((unsigned char)c))
-			return p;
-	}
-	return NULL;
-}
-
-/* As above but strip from end of string : maybe should handle brackets? */
-static char *
-strip_end(char *name)
-{
-	char *p, c;
-
-	if (!name)
-		return NULL;
-
-	/* Look for first non white space or quote */
-	for (p = name + strlen(name) - 1; p >= name; p--) {
-		c = *p;
-		if (c == '"') {
-			if (p - 1 == name)
-				return NULL;
-			*p = 0;
-			return name;
-		}
-		if (isspace((unsigned char)c))
-			*p = 0;
-		else
-			return name;
-	}
-	return NULL;
-}
-
-static MIME_HEADER *
-mime_hdr_new(char *name, char *value)
-{
-	MIME_HEADER *mhdr;
-	char *tmpname = NULL, *tmpval = NULL, *p;
-
-	if (name) {
-		if (!(tmpname = strdup(name)))
-			goto err;
-		for (p = tmpname; *p; p++)
-			*p = tolower((unsigned char)*p);
-	}
-	if (value) {
-		if (!(tmpval = strdup(value)))
-			goto err;
-		for (p = tmpval; *p; p++)
-			*p = tolower((unsigned char)*p);
-	}
-	mhdr = malloc(sizeof(MIME_HEADER));
-	if (!mhdr)
-		goto err;
-	mhdr->name = tmpname;
-	mhdr->value = tmpval;
-	if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) {
-		free(mhdr);
-		goto err;
-	}
-	return mhdr;
-err:
-	free(tmpname);
-	free(tmpval);
-	return NULL;
-}
-
-static int
-mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
-{
-	char *tmpname = NULL, *tmpval = NULL, *p;
-	MIME_PARAM *mparam;
-
-	if (name) {
-		tmpname = strdup(name);
-		if (!tmpname)
-			goto err;
-		for (p = tmpname; *p; p++)
-			*p = tolower((unsigned char)*p);
-	}
-	if (value) {
-		tmpval = strdup(value);
-		if (!tmpval)
-			goto err;
-	}
-	/* Parameter values are case sensitive so leave as is */
-	mparam = malloc(sizeof(MIME_PARAM));
-	if (!mparam)
-		goto err;
-	mparam->param_name = tmpname;
-	mparam->param_value = tmpval;
-	if (sk_MIME_PARAM_push(mhdr->params, mparam) == 0) {
-		free(mparam);
-		goto err;
-	}
-	return 1;
-err:
-	free(tmpname);
-	free(tmpval);
-	return 0;
-}
-
-static int
-mime_hdr_cmp(const MIME_HEADER * const *a, const MIME_HEADER * const *b)
-{
-	if (!(*a)->name || !(*b)->name)
-		return !!(*a)->name - !!(*b)->name;
-	return (strcmp((*a)->name, (*b)->name));
-}
-
-static int
-mime_param_cmp(const MIME_PARAM * const *a, const MIME_PARAM * const *b)
-{
-	if (!(*a)->param_name || !(*b)->param_name)
-		return !!(*a)->param_name - !!(*b)->param_name;
-	return (strcmp((*a)->param_name, (*b)->param_name));
-}
-
-/* Find a header with a given name (if possible) */
-
-static MIME_HEADER *
-mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
-{
-	MIME_HEADER htmp;
-	int idx;
-	htmp.name = name;
-	idx = sk_MIME_HEADER_find(hdrs, &htmp);
-	if (idx < 0)
-		return NULL;
-	return sk_MIME_HEADER_value(hdrs, idx);
-}
-
-static MIME_PARAM *
-mime_param_find(MIME_HEADER *hdr, char *name)
-{
-	MIME_PARAM param;
-	int idx;
-	param.param_name = name;
-	idx = sk_MIME_PARAM_find(hdr->params, &param);
-	if (idx < 0)
-		return NULL;
-	return sk_MIME_PARAM_value(hdr->params, idx);
-}
-
-static void
-mime_hdr_free(MIME_HEADER *hdr)
-{
-	free(hdr->name);
-	free(hdr->value);
-	if (hdr->params)
-		sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
-	free(hdr);
-}
-
-static void
-mime_param_free(MIME_PARAM *param)
-{
-	free(param->param_name);
-	free(param->param_value);
-	free(param);
-}
-
-/* Check for a multipart boundary. Returns:
- * 0 : no boundary
- * 1 : part boundary
- * 2 : final boundary
- */
-static int
-mime_bound_check(char *line, int linelen, char *bound, int blen)
-{
-	if (linelen == -1)
-		linelen = strlen(line);
-	if (blen == -1)
-		blen = strlen(bound);
-	/* Quickly eliminate if line length too short */
-	if (blen + 2 > linelen)
-		return 0;
-	/* Check for part boundary */
-	if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
-		if (!strncmp(line + blen + 2, "--", 2))
-			return 2;
-		else
-			return 1;
-	}
-	return 0;
-}
-
-static int
-strip_eol(char *linebuf, int *plen)
-{
-	int len = *plen;
-	char *p, c;
-	int is_eol = 0;
-
-	for (p = linebuf + len - 1; len > 0; len--, p--) {
-		c = *p;
-		if (c == '\n')
-			is_eol = 1;
-		else if (c != '\r')
-			break;
-	}
-	*plen = len;
-	return is_eol;
-}
diff --git a/lib/libssl/src/crypto/asn1/asn_moid.c b/lib/libssl/src/crypto/asn1/asn_moid.c
deleted file mode 100644
index 76b64052129..00000000000
--- a/lib/libssl/src/crypto/asn1/asn_moid.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: asn_moid.c,v 1.12 2014/07/11 08:44:47 jsing Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/conf.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-/* Simple ASN1 OID module: add all objects in a given section */
-
-static int do_create(char *value, char *name);
-
-static int
-oid_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
-	int i;
-	const char *oid_section;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *oval;
-
-	oid_section = CONF_imodule_get_value(md);
-	if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
-		ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
-		return 0;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		oval = sk_CONF_VALUE_value(sktmp, i);
-		if (!do_create(oval->value, oval->name)) {
-			ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void
-oid_module_finish(CONF_IMODULE *md)
-{
-	OBJ_cleanup();
-}
-
-void
-ASN1_add_oid_module(void)
-{
-	CONF_module_add("oid_section", oid_module_init, oid_module_finish);
-}
-
-/* Create an OID based on a name value pair. Accept two formats.
- * shortname = 1.2.3.4
- * shortname = some long name, 1.2.3.4
- */
-
-static int
-do_create(char *value, char *name)
-{
-	int nid;
-	ASN1_OBJECT *oid;
-	char *ln, *ostr, *p, *lntmp;
-
-	p = strrchr(value, ',');
-	if (!p) {
-		ln = name;
-		ostr = value;
-	} else {
-		ln = NULL;
-		ostr = p + 1;
-		if (!*ostr)
-			return 0;
-		while (isspace((unsigned char)*ostr))
-			ostr++;
-	}
-
-	nid = OBJ_create(ostr, name, ln);
-
-	if (nid == NID_undef)
-		return 0;
-
-	if (p) {
-		ln = value;
-		while (isspace((unsigned char)*ln))
-			ln++;
-		p--;
-		while (isspace((unsigned char)*p)) {
-			if (p == ln)
-				return 0;
-			p--;
-		}
-		p++;
-		lntmp = malloc((p - ln) + 1);
-		if (lntmp == NULL)
-			return 0;
-		memcpy(lntmp, ln, p - ln);
-		lntmp[p - ln] = 0;
-		oid = OBJ_nid2obj(nid);
-		oid->ln = lntmp;
-	}
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/asn_pack.c b/lib/libssl/src/crypto/asn1/asn_pack.c
deleted file mode 100644
index 65f4b9bf97c..00000000000
--- a/lib/libssl/src/crypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* $OpenBSD: asn_pack.c,v 1.15 2015/12/23 20:37:23 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-
-#ifndef NO_ASN1_OLD
-
-/* ASN1 packing and unpacking functions */
-
-/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
-
-STACK_OF(OPENSSL_BLOCK) *
-ASN1_seq_unpack(const unsigned char *buf, int len, d2i_of_void *d2i,
-    void (*free_func)(OPENSSL_BLOCK))
-{
-	STACK_OF(OPENSSL_BLOCK) *sk;
-	const unsigned char *pbuf;
-
-	pbuf = buf;
-	if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
-					V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
-		ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR);
-	return sk;
-}
-
-/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
- * OPENSSL_malloc'ed buffer
- */
-
-unsigned char *
-ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
-    unsigned char **buf, int *len)
-{
-	int safelen;
-	unsigned char *safe, *p;
-
-	if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
-					      V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
-		ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
-		return NULL;
-	}
-	if (!(safe = malloc(safelen))) {
-		ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p = safe;
-	i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
-								 IS_SEQUENCE);
-	if (len)
-		*len = safelen;
-	if (buf)
-		*buf = safe;
-	return safe;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *
-ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
-{
-	const unsigned char *p;
-	char *ret;
-
-	p = oct->data;
-	if (!(ret = d2i(NULL, &p, oct->length)))
-		ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
-	return ret;
-}
-
-/* Pack an ASN1 object into an ASN1_STRING */
-
-ASN1_STRING *
-ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
-{
-	unsigned char *p;
-	ASN1_STRING *octmp;
-
-	if (!oct || !*oct) {
-		if (!(octmp = ASN1_STRING_new())) {
-			ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	} else
-		octmp = *oct;
-		
-	if (!(octmp->length = i2d(obj, NULL))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
-		goto err;
-	}
-	if (!(p = malloc (octmp->length))) {
-		ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	octmp->data = p;
-	i2d (obj, &p);
-	if (oct)
-		*oct = octmp;
-	return octmp;
-err:
-	if (!oct || octmp != *oct) {
-		ASN1_STRING_free(octmp);
-		if (oct)
-			*oct = NULL;
-	}
-	return NULL;
-}
-
-#endif
-
-/* ASN1_ITEM versions of the above */
-
-ASN1_STRING *
-ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
-{
-	ASN1_STRING *octmp;
-
-	if (!oct || !*oct) {
-		if (!(octmp = ASN1_STRING_new ())) {
-			ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	} else
-		octmp = *oct;
-
-	free(octmp->data);
-	octmp->data = NULL;
-
-	if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
-		ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
-		goto err;
-	}
-	if (!octmp->data) {
-		ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (oct)
-		*oct = octmp;
-	return octmp;
-err:
-	if (!oct || octmp != *oct)
-		ASN1_STRING_free(octmp);
-	return NULL;
-}
-
-/* Extract an ASN1 object from an ASN1_STRING */
-
-void *
-ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
-{
-	const unsigned char *p;
-	void *ret;
-
-	p = oct->data;
-	if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
-		ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/asn1/bio_asn1.c b/lib/libssl/src/crypto/asn1/bio_asn1.c
deleted file mode 100644
index 02ad3106392..00000000000
--- a/lib/libssl/src/crypto/asn1/bio_asn1.c
+++ /dev/null
@@ -1,496 +0,0 @@
-/* $OpenBSD: bio_asn1.c,v 1.12 2015/12/23 01:46:33 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Experimental ASN1 BIO. When written through the data is converted
- * to an ASN1 string type: default is OCTET STRING. Additional functions
- * can be provided to add prefix and suffix data.
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-
-/* Must be large enough for biggest tag+length */
-#define DEFAULT_ASN1_BUF_SIZE 20
-
-typedef enum {
-	ASN1_STATE_START,
-	ASN1_STATE_PRE_COPY,
-	ASN1_STATE_HEADER,
-	ASN1_STATE_HEADER_COPY,
-	ASN1_STATE_DATA_COPY,
-	ASN1_STATE_POST_COPY,
-	ASN1_STATE_DONE
-} asn1_bio_state_t;
-
-typedef struct BIO_ASN1_EX_FUNCS_st {
-	asn1_ps_func	*ex_func;
-	asn1_ps_func	*ex_free_func;
-} BIO_ASN1_EX_FUNCS;
-
-typedef struct BIO_ASN1_BUF_CTX_t {
-	/* Internal state */
-	asn1_bio_state_t state;
-	/* Internal buffer */
-	unsigned char *buf;
-	/* Size of buffer */
-	int bufsize;
-	/* Current position in buffer */
-	int bufpos;
-	/* Current buffer length */
-	int buflen;
-	/* Amount of data to copy */
-	int copylen;
-	/* Class and tag to use */
-	int asn1_class, asn1_tag;
-	asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
-	/* Extra buffer for prefix and suffix data */
-	unsigned char *ex_buf;
-	int ex_len;
-	int ex_pos;
-	void *ex_arg;
-} BIO_ASN1_BUF_CTX;
-
-
-static int asn1_bio_write(BIO *h, const char *buf, int num);
-static int asn1_bio_read(BIO *h, char *buf, int size);
-static int asn1_bio_puts(BIO *h, const char *str);
-static int asn1_bio_gets(BIO *h, char *str, int size);
-static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int asn1_bio_new(BIO *h);
-static int asn1_bio_free(BIO *data);
-static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
-static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-    asn1_ps_func *cleanup, asn1_bio_state_t next);
-static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
-    asn1_ps_func *setup, asn1_bio_state_t ex_state,
-    asn1_bio_state_t other_state);
-
-static BIO_METHOD methods_asn1 = {
-	.type = BIO_TYPE_ASN1,
-	.name = "asn1",
-	.bwrite = asn1_bio_write,
-	.bread = asn1_bio_read,
-	.bputs = asn1_bio_puts,
-	.bgets = asn1_bio_gets,
-	.ctrl = asn1_bio_ctrl,
-	.create = asn1_bio_new,
-	.destroy = asn1_bio_free,
-	.callback_ctrl = asn1_bio_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_asn1(void)
-{
-	return (&methods_asn1);
-}
-
-static int
-asn1_bio_new(BIO *b)
-{
-	BIO_ASN1_BUF_CTX *ctx;
-	ctx = malloc(sizeof(BIO_ASN1_BUF_CTX));
-	if (!ctx)
-		return 0;
-	if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
-		free(ctx);
-		return 0;
-	}
-	b->init = 1;
-	b->ptr = (char *)ctx;
-	b->flags = 0;
-	return 1;
-}
-
-static int
-asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
-{
-	ctx->buf = malloc(size);
-	if (!ctx->buf)
-		return 0;
-	ctx->bufsize = size;
-	ctx->bufpos = 0;
-	ctx->buflen = 0;
-	ctx->copylen = 0;
-	ctx->asn1_class = V_ASN1_UNIVERSAL;
-	ctx->asn1_tag = V_ASN1_OCTET_STRING;
-	ctx->ex_buf = NULL;
-	ctx->ex_pos = 0;
-	ctx->ex_len = 0;
-	ctx->state = ASN1_STATE_START;
-	return 1;
-}
-
-static int
-asn1_bio_free(BIO *b)
-{
-	BIO_ASN1_BUF_CTX *ctx;
-
-	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
-	if (ctx == NULL)
-		return 0;
-	free(ctx->buf);
-	free(ctx);
-	b->init = 0;
-	b->ptr = NULL;
-	b->flags = 0;
-	return 1;
-}
-
-static int
-asn1_bio_write(BIO *b, const char *in , int inl)
-{
-	BIO_ASN1_BUF_CTX *ctx;
-	int wrmax, wrlen, ret, buflen;
-	unsigned char *p;
-
-	if (!in || (inl < 0) || (b->next_bio == NULL))
-		return 0;
-	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
-	if (ctx == NULL)
-		return 0;
-
-	wrlen = 0;
-	ret = -1;
-
-	for (;;) {
-		switch (ctx->state) {
-
-			/* Setup prefix data, call it */
-		case ASN1_STATE_START:
-			if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
-				    ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
-				return 0;
-			break;
-
-			/* Copy any pre data first */
-		case ASN1_STATE_PRE_COPY:
-			ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
-			    ASN1_STATE_HEADER);
-			if (ret <= 0)
-				goto done;
-			break;
-
-		case ASN1_STATE_HEADER:
-			buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
-			if (buflen <= 0 || buflen > ctx->bufsize)
-				return -1;
-			ctx->buflen = buflen;
-			p = ctx->buf;
-			ASN1_put_object(&p, 0, inl,
-			    ctx->asn1_tag, ctx->asn1_class);
-			ctx->copylen = inl;
-			ctx->state = ASN1_STATE_HEADER_COPY;
-			break;
-
-		case ASN1_STATE_HEADER_COPY:
-			ret = BIO_write(b->next_bio,
-			    ctx->buf + ctx->bufpos, ctx->buflen);
-			if (ret <= 0)
-				goto done;
-
-			ctx->buflen -= ret;
-			if (ctx->buflen)
-				ctx->bufpos += ret;
-			else {
-				ctx->bufpos = 0;
-				ctx->state = ASN1_STATE_DATA_COPY;
-			}
-			break;
-
-		case ASN1_STATE_DATA_COPY:
-
-			if (inl > ctx->copylen)
-				wrmax = ctx->copylen;
-			else
-				wrmax = inl;
-			ret = BIO_write(b->next_bio, in, wrmax);
-			if (ret <= 0)
-				break;
-			wrlen += ret;
-			ctx->copylen -= ret;
-			in += ret;
-			inl -= ret;
-
-			if (ctx->copylen == 0)
-				ctx->state = ASN1_STATE_HEADER;
-			if (inl == 0)
-				goto done;
-			break;
-
-		default:
-			BIO_clear_retry_flags(b);
-			return 0;
-		}
-
-	}
-
-done:
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-
-	return (wrlen > 0) ? wrlen : ret;
-}
-
-static int
-asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *cleanup,
-    asn1_bio_state_t next)
-{
-	int ret;
-
-	if (ctx->ex_len <= 0)
-		return 1;
-	for (;;) {
-		ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos,
-		    ctx->ex_len);
-		if (ret <= 0)
-			break;
-		ctx->ex_len -= ret;
-		if (ctx->ex_len > 0)
-			ctx->ex_pos += ret;
-		else {
-			if (cleanup)
-				cleanup(b, &ctx->ex_buf, &ctx->ex_len,
-				    &ctx->ex_arg);
-			ctx->state = next;
-			ctx->ex_pos = 0;
-			break;
-		}
-	}
-	return ret;
-}
-
-static int
-asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *setup,
-    asn1_bio_state_t ex_state, asn1_bio_state_t other_state)
-{
-	if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
-		BIO_clear_retry_flags(b);
-		return 0;
-	}
-	if (ctx->ex_len > 0)
-		ctx->state = ex_state;
-	else
-		ctx->state = other_state;
-	return 1;
-}
-
-static int
-asn1_bio_read(BIO *b, char *in , int inl)
-{
-	if (!b->next_bio)
-		return 0;
-	return BIO_read(b->next_bio, in , inl);
-}
-
-static int
-asn1_bio_puts(BIO *b, const char *str)
-{
-	return asn1_bio_write(b, str, strlen(str));
-}
-
-static int
-asn1_bio_gets(BIO *b, char *str, int size)
-{
-	if (!b->next_bio)
-		return 0;
-	return BIO_gets(b->next_bio, str , size);
-}
-
-static long
-asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	if (b->next_bio == NULL)
-		return (0);
-	return BIO_callback_ctrl(b->next_bio, cmd, fp);
-}
-
-static long
-asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
-{
-	BIO_ASN1_BUF_CTX *ctx;
-	BIO_ASN1_EX_FUNCS *ex_func;
-	long ret = 1;
-
-	ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
-	if (ctx == NULL)
-		return 0;
-	switch (cmd) {
-
-	case BIO_C_SET_PREFIX:
-		ex_func = arg2;
-		ctx->prefix = ex_func->ex_func;
-		ctx->prefix_free = ex_func->ex_free_func;
-		break;
-
-	case BIO_C_GET_PREFIX:
-		ex_func = arg2;
-		ex_func->ex_func = ctx->prefix;
-		ex_func->ex_free_func = ctx->prefix_free;
-		break;
-
-	case BIO_C_SET_SUFFIX:
-		ex_func = arg2;
-		ctx->suffix = ex_func->ex_func;
-		ctx->suffix_free = ex_func->ex_free_func;
-		break;
-
-	case BIO_C_GET_SUFFIX:
-		ex_func = arg2;
-		ex_func->ex_func = ctx->suffix;
-		ex_func->ex_free_func = ctx->suffix_free;
-		break;
-
-	case BIO_C_SET_EX_ARG:
-		ctx->ex_arg = arg2;
-		break;
-
-	case BIO_C_GET_EX_ARG:
-		*(void **)arg2 = ctx->ex_arg;
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (!b->next_bio)
-			return 0;
-
-		/* Call post function if possible */
-		if (ctx->state == ASN1_STATE_HEADER) {
-			if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
-			    ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
-				return 0;
-		}
-
-		if (ctx->state == ASN1_STATE_POST_COPY) {
-			ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
-			    ASN1_STATE_DONE);
-			if (ret <= 0)
-				return ret;
-		}
-
-		if (ctx->state == ASN1_STATE_DONE)
-			return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
-		else {
-			BIO_clear_retry_flags(b);
-			return 0;
-		}
-		break;
-
-
-	default:
-		if (!b->next_bio)
-			return 0;
-		return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
-
-	}
-
-	return ret;
-}
-
-static int
-asn1_bio_set_ex(BIO *b, int cmd, asn1_ps_func *ex_func, asn1_ps_func
-    *ex_free_func)
-{
-	BIO_ASN1_EX_FUNCS extmp;
-
-	extmp.ex_func = ex_func;
-	extmp.ex_free_func = ex_free_func;
-	return BIO_ctrl(b, cmd, 0, &extmp);
-}
-
-static int
-asn1_bio_get_ex(BIO *b, int cmd, asn1_ps_func **ex_func,
-    asn1_ps_func **ex_free_func)
-{
-	BIO_ASN1_EX_FUNCS extmp;
-	int ret;
-
-	ret = BIO_ctrl(b, cmd, 0, &extmp);
-	if (ret > 0) {
-		*ex_func = extmp.ex_func;
-		*ex_free_func = extmp.ex_free_func;
-	}
-	return ret;
-}
-
-int
-BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free)
-{
-	return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
-}
-
-int
-BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free)
-{
-	return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
-}
-
-int
-BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free)
-{
-	return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
-}
-
-int
-BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free)
-{
-	return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
-}
diff --git a/lib/libssl/src/crypto/asn1/bio_ndef.c b/lib/libssl/src/crypto/asn1/bio_ndef.c
deleted file mode 100644
index 1a23c27d041..00000000000
--- a/lib/libssl/src/crypto/asn1/bio_ndef.c
+++ /dev/null
@@ -1,243 +0,0 @@
-/* $OpenBSD: bio_ndef.c,v 1.9 2014/07/25 06:05:32 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-#include <stdio.h>
-
-/* Experimental NDEF ASN1 BIO support routines */
-
-/* The usage is quite simple, initialize an ASN1 structure,
- * get a BIO from it then any data written through the BIO
- * will end up translated to approptiate format on the fly.
- * The data is streamed out and does *not* need to be
- * all held in memory at once.
- *
- * When the BIO is flushed the output is finalized and any
- * signatures etc written out.
- *
- * The BIO is a 'proper' BIO and can handle non blocking I/O
- * correctly.
- *
- * The usage is simple. The implementation is *not*...
- */
-
-/* BIO support data stored in the ASN1 BIO ex_arg */
-
-typedef struct ndef_aux_st {
-	/* ASN1 structure this BIO refers to */
-	ASN1_VALUE *val;
-	const ASN1_ITEM *it;
-	/* Top of the BIO chain */
-	BIO *ndef_bio;
-	/* Output BIO */
-	BIO *out;
-	/* Boundary where content is inserted */
-	unsigned char **boundary;
-	/* DER buffer start */
-	unsigned char *derbuf;
-} NDEF_SUPPORT;
-
-static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-
-BIO *
-BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
-{
-	NDEF_SUPPORT *ndef_aux = NULL;
-	BIO *asn_bio = NULL;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_STREAM_ARG sarg;
-
-	if (!aux || !aux->asn1_cb) {
-		ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
-		return NULL;
-	}
-	ndef_aux = malloc(sizeof(NDEF_SUPPORT));
-	asn_bio = BIO_new(BIO_f_asn1());
-
-	/* ASN1 bio needs to be next to output BIO */
-
-	out = BIO_push(asn_bio, out);
-
-	if (!ndef_aux || !asn_bio || !out)
-		goto err;
-
-	BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
-	BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
-
-	/* Now let callback prepend any digest, cipher etc BIOs
-	 * ASN1 structure needs.
-	 */
-
-	sarg.out = out;
-	sarg.ndef_bio = NULL;
-	sarg.boundary = NULL;
-
-	if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
-		goto err;
-
-	ndef_aux->val = val;
-	ndef_aux->it = it;
-	ndef_aux->ndef_bio = sarg.ndef_bio;
-	ndef_aux->boundary = sarg.boundary;
-	ndef_aux->out = out;
-
-	BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
-
-	return sarg.ndef_bio;
-
-err:
-	BIO_free(asn_bio);
-	free(ndef_aux);
-	return NULL;
-}
-
-static int
-ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-	NDEF_SUPPORT *ndef_aux;
-	unsigned char *p;
-	int derlen;
-
-	if (!parg)
-		return 0;
-
-	ndef_aux = *(NDEF_SUPPORT **)parg;
-
-	derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
-	p = malloc(derlen);
-	ndef_aux->derbuf = p;
-	*pbuf = p;
-	derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
-
-	if (!*ndef_aux->boundary)
-		return 0;
-
-	*plen = *ndef_aux->boundary - *pbuf;
-
-	return 1;
-}
-
-static int
-ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-	NDEF_SUPPORT *ndef_aux;
-
-	if (!parg)
-		return 0;
-
-	ndef_aux = *(NDEF_SUPPORT **)parg;
-
-	free(ndef_aux->derbuf);
-
-	ndef_aux->derbuf = NULL;
-	*pbuf = NULL;
-	*plen = 0;
-	return 1;
-}
-
-static int
-ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-	NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
-	if (!ndef_prefix_free(b, pbuf, plen, parg))
-		return 0;
-	free(*pndef_aux);
-	*pndef_aux = NULL;
-	return 1;
-}
-
-static int
-ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
-{
-	NDEF_SUPPORT *ndef_aux;
-	unsigned char *p;
-	int derlen;
-	const ASN1_AUX *aux;
-	ASN1_STREAM_ARG sarg;
-
-	if (!parg)
-		return 0;
-
-	ndef_aux = *(NDEF_SUPPORT **)parg;
-
-	aux = ndef_aux->it->funcs;
-
-	/* Finalize structures */
-	sarg.ndef_bio = ndef_aux->ndef_bio;
-	sarg.out = ndef_aux->out;
-	sarg.boundary = ndef_aux->boundary;
-	if (aux->asn1_cb(ASN1_OP_STREAM_POST,
-	    &ndef_aux->val, ndef_aux->it, &sarg) <= 0)
-		return 0;
-
-	derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
-	p = malloc(derlen);
-	ndef_aux->derbuf = p;
-	*pbuf = p;
-	derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
-
-	if (!*ndef_aux->boundary)
-		return 0;
-	*pbuf = *ndef_aux->boundary;
-	*plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/charmap.h b/lib/libssl/src/crypto/asn1/charmap.h
deleted file mode 100644
index d9397bf826c..00000000000
--- a/lib/libssl/src/crypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* $OpenBSD: charmap.h,v 1.4 2014/06/12 15:49:27 deraadt Exp $ */
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static const unsigned char char_type[] = {
-	2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-	2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
-	120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
-	16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
-	0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-	16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
-	0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
-	16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
-};
diff --git a/lib/libssl/src/crypto/asn1/charmap.pl b/lib/libssl/src/crypto/asn1/charmap.pl
deleted file mode 100644
index 2875c598672..00000000000
--- a/lib/libssl/src/crypto/asn1/charmap.pl
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/local/bin/perl -w
-
-use strict;
-
-my ($i, @arr);
-
-# Set up an array with the type of ASCII characters
-# Each set bit represents a character property.
-
-# RFC2253 character properties
-my $RFC2253_ESC = 1;	# Character escaped with \
-my $ESC_CTRL	= 2;	# Escaped control character
-# These are used with RFC1779 quoting using "
-my $NOESC_QUOTE	= 8;	# Not escaped if quoted
-my $PSTRING_CHAR = 0x10;	# Valid PrintableString character
-my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
-my $RFC2253_LAST_ESC = 0x40;  # Escaped with \ if last character
-
-for($i = 0; $i < 128; $i++) {
-	# Set the RFC2253 escape characters (control)
-	$arr[$i] = 0;
-	if(($i < 32) || ($i > 126)) {
-		$arr[$i] |= $ESC_CTRL;
-	}
-
-	# Some PrintableString characters
-	if(		   ( ( $i >= ord("a")) && ( $i <= ord("z")) )
-			|| (  ( $i >= ord("A")) && ( $i <= ord("Z")) )
-			|| (  ( $i >= ord("0")) && ( $i <= ord("9")) )  ) {
-		$arr[$i] |= $PSTRING_CHAR;
-	}
-}
-
-# Now setup the rest
-
-# Remaining RFC2253 escaped characters
-
-$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
-$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
-
-$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord("\"")] |= $RFC2253_ESC;
-$arr[ord("\\")] |= $RFC2253_ESC;
-$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
-$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
-
-# Remaining PrintableString characters
-
-$arr[ord(" ")] |= $PSTRING_CHAR;
-$arr[ord("'")] |= $PSTRING_CHAR;
-$arr[ord("(")] |= $PSTRING_CHAR;
-$arr[ord(")")] |= $PSTRING_CHAR;
-$arr[ord("+")] |= $PSTRING_CHAR;
-$arr[ord(",")] |= $PSTRING_CHAR;
-$arr[ord("-")] |= $PSTRING_CHAR;
-$arr[ord(".")] |= $PSTRING_CHAR;
-$arr[ord("/")] |= $PSTRING_CHAR;
-$arr[ord(":")] |= $PSTRING_CHAR;
-$arr[ord("=")] |= $PSTRING_CHAR;
-$arr[ord("?")] |= $PSTRING_CHAR;
-
-# Now generate the C code
-
-print <<EOF;
-/* Auto generated with chartype.pl script.
- * Mask of various character properties
- */
-
-static unsigned char char_type[] = {
-EOF
-
-for($i = 0; $i < 128; $i++) {
-	print("\n") if($i && (($i % 16) == 0));
-	printf("%2d", $arr[$i]);
-	print(",") if ($i != 127);
-}
-print("\n};\n\n");
-
diff --git a/lib/libssl/src/crypto/asn1/d2i_pr.c b/lib/libssl/src/crypto/asn1/d2i_pr.c
deleted file mode 100644
index 68d02177c42..00000000000
--- a/lib/libssl/src/crypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,170 +0,0 @@
-/* $OpenBSD: d2i_pr.c,v 1.14 2015/03/19 14:00:22 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-EVP_PKEY *
-d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
-{
-	EVP_PKEY *ret;
-
-	if ((a == NULL) || (*a == NULL)) {
-		if ((ret = EVP_PKEY_new()) == NULL) {
-			ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
-			return (NULL);
-		}
-	} else {
-		ret = *a;
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine) {
-			ENGINE_finish(ret->engine);
-			ret->engine = NULL;
-		}
-#endif
-	}
-
-	if (!EVP_PKEY_set_type(ret, type)) {
-		ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-	}
-
-	if (!ret->ameth->old_priv_decode ||
-	    !ret->ameth->old_priv_decode(ret, pp, length)) {
-		if (ret->ameth->priv_decode) {
-			PKCS8_PRIV_KEY_INFO *p8 = NULL;
-			p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
-			if (!p8)
-				goto err;
-			EVP_PKEY_free(ret);
-			ret = EVP_PKCS82PKEY(p8);
-			PKCS8_PRIV_KEY_INFO_free(p8);
-		} else {
-			ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
-			goto err;
-		}
-	}
-	if (a != NULL)
-		(*a) = ret;
-	return (ret);
-
-err:
-	if (a == NULL || *a != ret)
-		EVP_PKEY_free(ret);
-	return (NULL);
-}
-
-/* This works like d2i_PrivateKey() except it automatically works out the type */
-
-EVP_PKEY *
-d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length)
-{
-	STACK_OF(ASN1_TYPE) *inkey;
-	const unsigned char *p;
-	int keytype;
-
-	p = *pp;
-	/* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
-	 * by analyzing it we can determine the passed structure: this
-	 * assumes the input is surrounded by an ASN1 SEQUENCE.
-	 */
-	inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
-	/* Since we only need to discern "traditional format" RSA and DSA
-	 * keys we can just count the elements.
-         */
-	if (sk_ASN1_TYPE_num(inkey) == 6)
-		keytype = EVP_PKEY_DSA;
-	else if (sk_ASN1_TYPE_num(inkey) == 4)
-		keytype = EVP_PKEY_EC;
-	else if (sk_ASN1_TYPE_num(inkey) == 3)  {
-		/* This seems to be PKCS8, not traditional format */
-		PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(
-		    NULL, pp, length);
-		EVP_PKEY *ret;
-
-		sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-		if (!p8) {
-			ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
-			    ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-			return NULL;
-		}
-		ret = EVP_PKCS82PKEY(p8);
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		if (a) {
-			*a = ret;
-		}
-		return ret;
-	} else
-		keytype = EVP_PKEY_RSA;
-	sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
-	return d2i_PrivateKey(keytype, a, pp, length);
-}
diff --git a/lib/libssl/src/crypto/asn1/d2i_pu.c b/lib/libssl/src/crypto/asn1/d2i_pu.c
deleted file mode 100644
index e917356254a..00000000000
--- a/lib/libssl/src/crypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,136 +0,0 @@
-/* $OpenBSD: d2i_pu.c,v 1.13 2015/03/19 14:00:22 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-EVP_PKEY *
-d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
-{
-	EVP_PKEY *ret;
-
-	if ((a == NULL) || (*a == NULL)) {
-		if ((ret = EVP_PKEY_new()) == NULL) {
-			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
-			return (NULL);
-		}
-	} else
-		ret = *a;
-
-	if (!EVP_PKEY_set_type(ret, type)) {
-		ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
-		goto err;
-	}
-
-	switch (EVP_PKEY_id(ret)) {
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) ==
-		    NULL) {
-			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		if (!d2i_DSAPublicKey(&(ret->pkey.dsa), pp, length)) {
-			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		break;
-#endif
-#ifndef OPENSSL_NO_EC
-	case EVP_PKEY_EC:
-		if (!o2i_ECPublicKey(&(ret->pkey.ec), pp, length)) {
-			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		break;
-#endif
-	default:
-		ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
-		goto err;
-		/* break; */
-	}
-	if (a != NULL)
-		(*a) = ret;
-	return (ret);
-
-err:
-	if (a == NULL || *a != ret)
-		EVP_PKEY_free(ret);
-	return (NULL);
-}
diff --git a/lib/libssl/src/crypto/asn1/evp_asn1.c b/lib/libssl/src/crypto/asn1/evp_asn1.c
deleted file mode 100644
index 1f36cebad70..00000000000
--- a/lib/libssl/src/crypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: evp_asn1.c,v 1.18 2015/09/30 19:07:08 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/err.h>
-
-int
-ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
-{
-	ASN1_STRING *os;
-
-	if ((os = ASN1_OCTET_STRING_new()) == NULL)
-		return (0);
-	if (!ASN1_STRING_set(os, data, len)) {
-		ASN1_OCTET_STRING_free(os);
-		return (0);
-	}
-	ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
-	return (1);
-}
-
-/* int max_len:  for returned value    */
-int
-ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len)
-{
-	int ret, num;
-	unsigned char *p;
-
-	if ((a->type != V_ASN1_OCTET_STRING) ||
-	    (a->value.octet_string == NULL)) {
-		ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
-		return (-1);
-	}
-	p = ASN1_STRING_data(a->value.octet_string);
-	ret = ASN1_STRING_length(a->value.octet_string);
-	if (ret < max_len)
-		num = ret;
-	else
-		num = max_len;
-	memcpy(data, p, num);
-	return (ret);
-}
-
-int
-ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
-    int len)
-{
-	int n, size;
-	ASN1_OCTET_STRING os, *osp;
-	ASN1_INTEGER in;
-	unsigned char *p;
-	unsigned char buf[32]; /* when they have 256bit longs,
-				* I'll be in trouble */
-	in.data = buf;
-	in.length = 32;
-	os.data = data;
-	os.type = V_ASN1_OCTET_STRING;
-	os.length = len;
-	ASN1_INTEGER_set(&in, num);
-	n = i2d_ASN1_INTEGER(&in, NULL);
-	n += i2d_ASN1_bytes((ASN1_STRING *)&os, NULL, V_ASN1_OCTET_STRING,
-	    V_ASN1_UNIVERSAL);
-
-	size = ASN1_object_size(1, n, V_ASN1_SEQUENCE);
-
-	if ((osp = ASN1_STRING_new()) == NULL)
-		return (0);
-	/* Grow the 'string' */
-	if (!ASN1_STRING_set(osp, NULL, size)) {
-		ASN1_STRING_free(osp);
-		return (0);
-	}
-
-	ASN1_STRING_length_set(osp, size);
-	p = ASN1_STRING_data(osp);
-
-	ASN1_put_object(&p, 1,n, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-	i2d_ASN1_INTEGER(&in, &p);
-	i2d_ASN1_bytes((ASN1_STRING *)&os, &p, V_ASN1_OCTET_STRING,
-	    V_ASN1_UNIVERSAL);
-
-	ASN1_TYPE_set(a, V_ASN1_SEQUENCE, osp);
-	return (1);
-}
-
-/* we return the actual length..., num may be missing, in which
- * case, set it to zero */
-/* int max_len:  for returned value    */
-int
-ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
-    int max_len)
-{
-	int ret = -1, n;
-	ASN1_INTEGER *ai = NULL;
-	ASN1_OCTET_STRING *os = NULL;
-	const unsigned char *p;
-	long length;
-	ASN1_const_CTX c;
-
-	if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
-		goto err;
-	}
-	p = ASN1_STRING_data(a->value.sequence);
-	length = ASN1_STRING_length(a->value.sequence);
-
-	c.pp = &p;
-	c.p = p;
-	c.max = p + length;
-	c.error = ASN1_R_DATA_IS_WRONG;
-
-	M_ASN1_D2I_start_sequence();
-	c.q = c.p;
-	if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL)
-		goto err;
-	c.slen -= (c.p - c.q);
-	c.q = c.p;
-	if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL)
-		goto err;
-	c.slen -= (c.p - c.q);
-	if (!M_ASN1_D2I_end_sequence())
-		goto err;
-
-	if (num != NULL)
-		*num = ASN1_INTEGER_get(ai);
-
-	ret = ASN1_STRING_length(os);
-	if (max_len > ret)
-		n = ret;
-	else
-		n = max_len;
-
-	if (data != NULL)
-		memcpy(data, ASN1_STRING_data(os), n);
-	if (0) {
-err:
-		ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,
-		    ASN1_R_DATA_IS_WRONG);
-	}
-	ASN1_OCTET_STRING_free(os);
-	ASN1_INTEGER_free(ai);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/f_enum.c b/lib/libssl/src/crypto/asn1/f_enum.c
deleted file mode 100644
index 7f064edb04c..00000000000
--- a/lib/libssl/src/crypto/asn1/f_enum.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: f_enum.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-/* Based on a_int.c: equivalent ENUMERATED functions */
-
-int
-i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
-{
-	int i, n = 0;
-	static const char h[] = "0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL)
-		return (0);
-
-	if (a->length == 0) {
-		if (BIO_write(bp, "00", 2) != 2)
-			goto err;
-		n = 2;
-	} else {
-		for (i = 0; i < a->length; i++) {
-			if ((i != 0) && (i % 35 == 0)) {
-				if (BIO_write(bp, "\\\n", 2) != 2)
-					goto err;
-				n += 2;
-			}
-			buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-			buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-			if (BIO_write(bp, buf, 2) != 2)
-				goto err;
-			n += 2;
-		}
-	}
-	return (n);
-
-err:
-	return (-1);
-}
-
-int
-a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
-{
-	int ret = 0;
-	int i, j,k, m,n, again, bufsize;
-	unsigned char *s = NULL, *sp;
-	unsigned char *bufp;
-	int first = 1;
-	size_t num = 0, slen = 0;
-
-	bs->type = V_ASN1_ENUMERATED;
-
-	bufsize = BIO_gets(bp, buf, size);
-	for (;;) {
-		if (bufsize < 1)
-			goto err_sl;
-		i = bufsize;
-		if (buf[i-1] == '\n')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		if (buf[i-1] == '\r')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		again = (buf[i - 1] == '\\');
-
-		for (j = 0; j < i; j++) {
-			if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-			    ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-			    ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
-				i = j;
-				break;
-			}
-		}
-		buf[i] = '\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2)
-			goto err_sl;
-
-		bufp = (unsigned char *)buf;
-		if (first) {
-			first = 0;
-			if ((bufp[0] == '0') && (buf[1] == '0')) {
-				bufp += 2;
-				i -= 2;
-			}
-		}
-		k = 0;
-		i -= again;
-		if (i % 2 != 0) {
-			ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
-			    ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-		}
-		i /= 2;
-		if (num + i > slen) {
-			sp = realloc(s, num + i);
-			if (sp == NULL) {
-				ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			s = sp;
-			slen = num + i;
-		}
-		for (j = 0; j < i; j++, k += 2) {
-			for (n = 0; n < 2; n++) {
-				m = bufp[k + n];
-				if ((m >= '0') && (m <= '9'))
-					m -= '0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m = m - 'a' + 10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m = m - 'A' + 10;
-				else {
-					ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
-					    ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-				}
-				s[num + j] <<= 4;
-				s[num + j] |= m;
-			}
-		}
-		num += i;
-		if (again)
-			bufsize = BIO_gets(bp, buf, size);
-		else
-			break;
-	}
-	bs->length = num;
-	bs->data = s;
-	return (1);
-
-err_sl:
-	ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
-err:
-	free(s);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/f_int.c b/lib/libssl/src/crypto/asn1/f_int.c
deleted file mode 100644
index 0ec29f5769e..00000000000
--- a/lib/libssl/src/crypto/asn1/f_int.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/* $OpenBSD: f_int.c,v 1.17 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-int
-i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
-{
-	int i, n = 0;
-	static const char h[] = "0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL)
-		return (0);
-
-	if (a->type & V_ASN1_NEG) {
-		if (BIO_write(bp, "-", 1) != 1)
-			goto err;
-		n = 1;
-	}
-
-	if (a->length == 0) {
-		if (BIO_write(bp, "00", 2) != 2)
-			goto err;
-		n += 2;
-	} else {
-		for (i = 0; i < a->length; i++) {
-			if ((i != 0) && (i % 35 == 0)) {
-				if (BIO_write(bp, "\\\n", 2) != 2)
-					goto err;
-				n += 2;
-			}
-			buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-			buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-			if (BIO_write(bp, buf, 2) != 2)
-				goto err;
-			n += 2;
-		}
-	}
-	return (n);
-
-err:
-	return (-1);
-}
-
-int
-a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
-{
-	int ret = 0;
-	int i, j,k, m,n, again, bufsize;
-	unsigned char *s = NULL, *sp;
-	unsigned char *bufp;
-	int num = 0, slen = 0, first = 1;
-
-	bs->type = V_ASN1_INTEGER;
-
-	bufsize = BIO_gets(bp, buf, size);
-	for (;;) {
-		if (bufsize < 1)
-			goto err_sl;
-		i = bufsize;
-		if (buf[i - 1] == '\n')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		if (buf[i - 1] == '\r')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		again = (buf[i - 1] == '\\');
-
-		for (j = 0; j < i; j++) {
-			if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-			    ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-			    ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
-				i = j;
-				break;
-			}
-		}
-		buf[i] = '\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2)
-			goto err_sl;
-
-		bufp = (unsigned char *)buf;
-		if (first) {
-			first = 0;
-			if ((bufp[0] == '0') && (buf[1] == '0')) {
-				bufp += 2;
-				i -= 2;
-			}
-		}
-		k = 0;
-		i -= again;
-		if (i % 2 != 0) {
-			ASN1err(ASN1_F_A2I_ASN1_INTEGER,
-			    ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-		}
-		i /= 2;
-		if (num + i > slen) {
-			sp = OPENSSL_realloc_clean(s, slen, num + i);
-			if (sp == NULL) {
-				ASN1err(ASN1_F_A2I_ASN1_INTEGER,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			s = sp;
-			slen = num + i;
-		}
-		for (j = 0; j < i; j++, k += 2) {
-			for (n = 0; n < 2; n++) {
-				m = bufp[k + n];
-				if ((m >= '0') && (m <= '9'))
-					m -= '0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m = m - 'a' + 10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m = m - 'A' + 10;
-				else {
-					ASN1err(ASN1_F_A2I_ASN1_INTEGER,
-					    ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-				}
-				s[num + j] <<= 4;
-				s[num + j] |= m;
-			}
-		}
-		num += i;
-		if (again)
-			bufsize = BIO_gets(bp, buf, size);
-		else
-			break;
-	}
-	bs->length = num;
-	bs->data = s;
-	return (1);
-
-err_sl:
-	ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
-err:
-	free(s);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/f_string.c b/lib/libssl/src/crypto/asn1/f_string.c
deleted file mode 100644
index 14cd1a906a7..00000000000
--- a/lib/libssl/src/crypto/asn1/f_string.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* $OpenBSD: f_string.c,v 1.16 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-int
-i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
-{
-	int i, n = 0;
-	static const char h[] = "0123456789ABCDEF";
-	char buf[2];
-
-	if (a == NULL)
-		return (0);
-
-	if (a->length == 0) {
-		if (BIO_write(bp, "0", 1) != 1)
-			goto err;
-		n = 1;
-	} else {
-		for (i = 0; i < a->length; i++) {
-			if ((i != 0) && (i % 35 == 0)) {
-				if (BIO_write(bp, "\\\n", 2) != 2)
-					goto err;
-				n += 2;
-			}
-			buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
-			buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
-			if (BIO_write(bp, buf, 2) != 2)
-				goto err;
-			n += 2;
-		}
-	}
-	return (n);
-
-err:
-	return (-1);
-}
-
-int
-a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
-{
-	int ret = 0;
-	int i, j, k, m, n, again, bufsize;
-	unsigned char *s = NULL, *sp;
-	unsigned char *bufp;
-	int first = 1;
-	size_t num = 0, slen = 0;
-
-	bufsize = BIO_gets(bp, buf, size);
-	for (;;) {
-		if (bufsize < 1) {
-			if (first)
-				break;
-			else
-				goto err_sl;
-		}
-		first = 0;
-
-		i = bufsize;
-		if (buf[i-1] == '\n')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		if (buf[i-1] == '\r')
-			buf[--i] = '\0';
-		if (i == 0)
-			goto err_sl;
-		again = (buf[i - 1] == '\\');
-
-		for (j = i - 1; j > 0; j--) {
-			if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
-			    ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
-			    ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
-				i = j;
-				break;
-			}
-		}
-		buf[i] = '\0';
-		/* We have now cleared all the crap off the end of the
-		 * line */
-		if (i < 2)
-			goto err_sl;
-
-		bufp = (unsigned char *)buf;
-
-		k = 0;
-		i -= again;
-		if (i % 2 != 0) {
-			ASN1err(ASN1_F_A2I_ASN1_STRING,
-			    ASN1_R_ODD_NUMBER_OF_CHARS);
-			goto err;
-		}
-		i /= 2;
-		if (num + i > slen) {
-			sp = realloc(s, num + i);
-			if (sp == NULL) {
-				ASN1err(ASN1_F_A2I_ASN1_STRING,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			s = sp;
-			slen = num + i;
-		}
-		for (j = 0; j < i; j++, k += 2) {
-			for (n = 0; n < 2; n++) {
-				m = bufp[k + n];
-				if ((m >= '0') && (m <= '9'))
-					m -= '0';
-				else if ((m >= 'a') && (m <= 'f'))
-					m = m - 'a' + 10;
-				else if ((m >= 'A') && (m <= 'F'))
-					m = m - 'A' + 10;
-				else {
-					ASN1err(ASN1_F_A2I_ASN1_STRING,
-					    ASN1_R_NON_HEX_CHARACTERS);
-					goto err;
-				}
-				s[num + j] <<= 4;
-				s[num + j] |= m;
-			}
-		}
-		num += i;
-		if (again)
-			bufsize = BIO_gets(bp, buf, size);
-		else
-			break;
-	}
-	bs->length = num;
-	bs->data = s;
-	return (1);
-
-err_sl:
-	ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
-err:
-	free(s);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/i2d_pr.c b/lib/libssl/src/crypto/asn1/i2d_pr.c
deleted file mode 100644
index 5fa34678b69..00000000000
--- a/lib/libssl/src/crypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* $OpenBSD: i2d_pr.c,v 1.10 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-int
-i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
-{
-	if (a->ameth && a->ameth->old_priv_encode) {
-		return a->ameth->old_priv_encode(a, pp);
-	}
-	if (a->ameth && a->ameth->priv_encode) {
-		PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
-		int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		return ret;
-	}
-	ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-	return (-1);
-}
diff --git a/lib/libssl/src/crypto/asn1/i2d_pu.c b/lib/libssl/src/crypto/asn1/i2d_pu.c
deleted file mode 100644
index 6e485ea3254..00000000000
--- a/lib/libssl/src/crypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* $OpenBSD: i2d_pu.c,v 1.10 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-int
-i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
-{
-	switch (a->type) {
-#ifndef OPENSSL_NO_RSA
-	case EVP_PKEY_RSA:
-		return (i2d_RSAPublicKey(a->pkey.rsa, pp));
-#endif
-#ifndef OPENSSL_NO_DSA
-	case EVP_PKEY_DSA:
-		return (i2d_DSAPublicKey(a->pkey.dsa, pp));
-#endif
-#ifndef OPENSSL_NO_EC
-	case EVP_PKEY_EC:
-		return (i2o_ECPublicKey(a->pkey.ec, pp));
-#endif
-	default:
-		ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
-		return (-1);
-	}
-}
diff --git a/lib/libssl/src/crypto/asn1/n_pkey.c b/lib/libssl/src/crypto/asn1/n_pkey.c
deleted file mode 100644
index 1e73c82d09e..00000000000
--- a/lib/libssl/src/crypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,434 +0,0 @@
-/* $OpenBSD: n_pkey.c,v 1.30 2015/10/16 15:15:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RC4
-
-typedef struct netscape_pkey_st {
-	long version;
-	X509_ALGOR *algor;
-	ASN1_OCTET_STRING *private_key;
-} NETSCAPE_PKEY;
-
-typedef struct netscape_encrypted_pkey_st {
-	ASN1_OCTET_STRING *os;
-	/* This is the same structure as DigestInfo so use it:
-	 * although this isn't really anything to do with
-	 * digests.
-	 */
-	X509_SIG *enckey;
-} NETSCAPE_ENCRYPTED_PKEY;
-
-
-static const ASN1_AUX NETSCAPE_ENCRYPTED_PKEY_aux = {
-	.flags = ASN1_AFLG_BROKEN,
-};
-static const ASN1_TEMPLATE NETSCAPE_ENCRYPTED_PKEY_seq_tt[] = {
-	{
-		.offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, os),
-		.field_name = "os",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, enckey),
-		.field_name = "enckey",
-		.item = &X509_SIG_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_ENCRYPTED_PKEY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_ENCRYPTED_PKEY_seq_tt,
-	.tcount = sizeof(NETSCAPE_ENCRYPTED_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &NETSCAPE_ENCRYPTED_PKEY_aux,
-	.size = sizeof(NETSCAPE_ENCRYPTED_PKEY),
-	.sname = "NETSCAPE_ENCRYPTED_PKEY",
-};
-
-NETSCAPE_ENCRYPTED_PKEY *NETSCAPE_ENCRYPTED_PKEY_new(void);
-void NETSCAPE_ENCRYPTED_PKEY_free(NETSCAPE_ENCRYPTED_PKEY *a);
-NETSCAPE_ENCRYPTED_PKEY *d2i_NETSCAPE_ENCRYPTED_PKEY(NETSCAPE_ENCRYPTED_PKEY **a, const unsigned char **in, long len);
-int i2d_NETSCAPE_ENCRYPTED_PKEY(const NETSCAPE_ENCRYPTED_PKEY *a, unsigned char **out);
-
-NETSCAPE_ENCRYPTED_PKEY *
-d2i_NETSCAPE_ENCRYPTED_PKEY(NETSCAPE_ENCRYPTED_PKEY **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_ENCRYPTED_PKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_ENCRYPTED_PKEY_it);
-}
-
-int
-i2d_NETSCAPE_ENCRYPTED_PKEY(const NETSCAPE_ENCRYPTED_PKEY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_ENCRYPTED_PKEY_it);
-}
-
-NETSCAPE_ENCRYPTED_PKEY *
-NETSCAPE_ENCRYPTED_PKEY_new(void)
-{
-	return (NETSCAPE_ENCRYPTED_PKEY *)ASN1_item_new(&NETSCAPE_ENCRYPTED_PKEY_it);
-}
-
-void
-NETSCAPE_ENCRYPTED_PKEY_free(NETSCAPE_ENCRYPTED_PKEY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_ENCRYPTED_PKEY_it);
-}
-
-static const ASN1_TEMPLATE NETSCAPE_PKEY_seq_tt[] = {
-	{
-		.offset = offsetof(NETSCAPE_PKEY, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.offset = offsetof(NETSCAPE_PKEY, algor),
-		.field_name = "algor",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(NETSCAPE_PKEY, private_key),
-		.field_name = "private_key",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_PKEY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_PKEY_seq_tt,
-	.tcount = sizeof(NETSCAPE_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(NETSCAPE_PKEY),
-	.sname = "NETSCAPE_PKEY",
-};
-
-NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
-void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a);
-NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, const unsigned char **in, long len);
-int i2d_NETSCAPE_PKEY(const NETSCAPE_PKEY *a, unsigned char **out);
-
-NETSCAPE_PKEY *
-d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_PKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_PKEY_it);
-}
-
-int
-i2d_NETSCAPE_PKEY(const NETSCAPE_PKEY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_PKEY_it);
-}
-
-NETSCAPE_PKEY *
-NETSCAPE_PKEY_new(void)
-{
-	return (NETSCAPE_PKEY *)ASN1_item_new(&NETSCAPE_PKEY_it);
-}
-
-void
-NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_PKEY_it);
-}
-
-static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey);
-
-int
-i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
-    int (*cb)(char *buf, int len, const char *prompt, int verify))
-{
-	return i2d_RSA_NET(a, pp, cb, 0);
-}
-
-int
-i2d_RSA_NET(const RSA *a, unsigned char **pp,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
-{
-	int i, j, ret = 0;
-	int rsalen, pkeylen, olen;
-	NETSCAPE_PKEY *pkey = NULL;
-	NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-	unsigned char buf[256], *zz;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	EVP_CIPHER_CTX ctx;
-	EVP_CIPHER_CTX_init(&ctx);
-
-	if (a == NULL)
-		return (0);
-
-	if ((pkey = NETSCAPE_PKEY_new()) == NULL)
-		goto err;
-	if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL)
-		goto err;
-	pkey->version = 0;
-
-	pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
-	if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL)
-		goto err;
-	pkey->algor->parameter->type = V_ASN1_NULL;
-
-	rsalen = i2d_RSAPrivateKey(a, NULL);
-
-	/* Fake some octet strings just for the initial length
-	 * calculation.
- 	 */
-	pkey->private_key->length = rsalen;
-	pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL);
-	enckey->enckey->digest->length = pkeylen;
-	enckey->os->length = 11;	/* "private-key" */
-	enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4);
-	if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL)
-		goto err;
-	enckey->enckey->algor->parameter->type = V_ASN1_NULL;
-
-	if (pp == NULL) {
-		olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
-		NETSCAPE_PKEY_free(pkey);
-		NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-		return olen;
-	}
-
-	/* Since its RC4 encrypted length is actual length */
-	if ((zz = malloc(rsalen)) == NULL) {
-		ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	pkey->private_key->data = zz;
-	/* Write out private key encoding */
-	i2d_RSAPrivateKey(a, &zz);
-
-	if ((zz = malloc(pkeylen)) == NULL) {
-		ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
-		ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	enckey->enckey->digest->data = zz;
-	i2d_NETSCAPE_PKEY(pkey, &zz);
-
-	/* Wipe the private key encoding */
-	explicit_bzero(pkey->private_key->data, rsalen);
-
-	if (cb == NULL)
-		cb = EVP_read_pw_string;
-	i = cb((char *)buf, sizeof(buf), "Enter Private Key password:", 1);
-	if (i != 0) {
-		ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
-		goto err;
-	}
-	i = strlen((char *)buf);
-	/* If the key is used for SGC the algorithm is modified a little. */
-	if (sgckey) {
-		if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
-			goto err;
-		memcpy(buf + 16, "SGCKEYSALT", 10);
-		i = 26;
-	}
-
-	if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
-		goto err;
-	explicit_bzero(buf, sizeof(buf));
-
-	/* Encrypt private key in place */
-	zz = enckey->enckey->digest->data;
-	if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
-		goto err;
-	if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen))
-		goto err;
-	if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j))
-		goto err;
-
-	ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
-err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-	NETSCAPE_PKEY_free(pkey);
-	return (ret);
-}
-
-
-RSA *
-d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
-    int (*cb)(char *buf, int len, const char *prompt, int verify))
-{
-	return d2i_RSA_NET(a, pp, length, cb, 0);
-}
-
-RSA *
-d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
-{
-	RSA *ret = NULL;
-	const unsigned char *p;
-	NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
-
-	p = *pp;
-
-	enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
-	if (!enckey) {
-		ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR);
-		return NULL;
-	}
-
-	/* XXX 11 == strlen("private-key") */
-	if (enckey->os->length != 11 ||
-	    memcmp("private-key", enckey->os->data, 11) != 0) {
-		ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING);
-		goto err;
-	}
-	if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
-		ASN1err(ASN1_F_D2I_RSA_NET,
-		    ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
-		goto err;
-	}
-	if (cb == NULL)
-		cb = EVP_read_pw_string;
-	if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb,
-	    sgckey)) == NULL)
-		goto err;
-
-	*pp = p;
-
-err:
-	NETSCAPE_ENCRYPTED_PKEY_free(enckey);
-	return ret;
-
-}
-
-static RSA *
-d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
-{
-	NETSCAPE_PKEY *pkey = NULL;
-	RSA *ret = NULL;
-	int i, j;
-	unsigned char buf[256];
-	const unsigned char *zz;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	EVP_CIPHER_CTX ctx;
-	EVP_CIPHER_CTX_init(&ctx);
-
-	i=cb((char *)buf, sizeof(buf), "Enter Private Key password:",0);
-	if (i != 0) {
-		ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
-		goto err;
-	}
-
-	i = strlen((char *)buf);
-	if (sgckey){
-		if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
-			goto err;
-		memcpy(buf + 16, "SGCKEYSALT", 10);
-		i = 26;
-	}
-
-	if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
-		goto err;
-	explicit_bzero(buf, sizeof(buf));
-
-	if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
-		goto err;
-	if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length))
-		goto err;
-	if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j))
-		goto err;
-	os->length = i + j;
-
-	zz = os->data;
-
-	if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) {
-		ASN1err(ASN1_F_D2I_RSA_NET_2,
-		    ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
-		goto err;
-	}
-
-	zz = pkey->private_key->data;
-	if ((ret = d2i_RSAPrivateKey(a, &zz,
-	    pkey->private_key->length)) == NULL) {
-		ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
-		goto err;
-	}
-
-err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	NETSCAPE_PKEY_free(pkey);
-	return (ret);
-}
-
-#endif /* OPENSSL_NO_RC4 */
-
-#endif
diff --git a/lib/libssl/src/crypto/asn1/nsseq.c b/lib/libssl/src/crypto/asn1/nsseq.c
deleted file mode 100644
index 8b39278692d..00000000000
--- a/lib/libssl/src/crypto/asn1/nsseq.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* $OpenBSD: nsseq.c,v 1.10 2015/02/11 04:00:39 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-static int
-nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_NEW_POST) {
-		NETSCAPE_CERT_SEQUENCE *nsseq;
-		nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
-		nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
-	}
-	return 1;
-}
-
-/* Netscape certificate sequence structure */
-
-static const ASN1_AUX NETSCAPE_CERT_SEQUENCE_aux = {
-	.asn1_cb = nsseq_cb,
-};
-static const ASN1_TEMPLATE NETSCAPE_CERT_SEQUENCE_seq_tt[] = {
-	{
-		.offset = offsetof(NETSCAPE_CERT_SEQUENCE, type),
-		.field_name = "type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(NETSCAPE_CERT_SEQUENCE, certs),
-		.field_name = "certs",
-		.item = &X509_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_CERT_SEQUENCE_seq_tt,
-	.tcount = sizeof(NETSCAPE_CERT_SEQUENCE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &NETSCAPE_CERT_SEQUENCE_aux,
-	.size = sizeof(NETSCAPE_CERT_SEQUENCE),
-	.sname = "NETSCAPE_CERT_SEQUENCE",
-};
-
-
-NETSCAPE_CERT_SEQUENCE *
-d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_CERT_SEQUENCE_it);
-}
-
-int
-i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_CERT_SEQUENCE_it);
-}
-
-NETSCAPE_CERT_SEQUENCE *
-NETSCAPE_CERT_SEQUENCE_new(void)
-{
-	return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_new(&NETSCAPE_CERT_SEQUENCE_it);
-}
-
-void
-NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_CERT_SEQUENCE_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/p5_pbe.c b/lib/libssl/src/crypto/asn1/p5_pbe.c
deleted file mode 100644
index 3e7057bb246..00000000000
--- a/lib/libssl/src/crypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,186 +0,0 @@
-/* $OpenBSD: p5_pbe.c,v 1.20 2015/02/11 04:00:39 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* PKCS#5 password based encryption structure */
-
-static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = {
-	{
-		.offset = offsetof(PBEPARAM, salt),
-		.field_name = "salt",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.offset = offsetof(PBEPARAM, iter),
-		.field_name = "iter",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM PBEPARAM_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PBEPARAM_seq_tt,
-	.tcount = sizeof(PBEPARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(PBEPARAM),
-	.sname = "PBEPARAM",
-};
-
-
-PBEPARAM *
-d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len)
-{
-	return (PBEPARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PBEPARAM_it);
-}
-
-int
-i2d_PBEPARAM(PBEPARAM *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBEPARAM_it);
-}
-
-PBEPARAM *
-PBEPARAM_new(void)
-{
-	return (PBEPARAM *)ASN1_item_new(&PBEPARAM_it);
-}
-
-void
-PBEPARAM_free(PBEPARAM *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PBEPARAM_it);
-}
-
-
-/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
-
-int
-PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
-    const unsigned char *salt, int saltlen)
-{
-	PBEPARAM *pbe = NULL;
-	ASN1_STRING *pbe_str = NULL;
-	unsigned char *sstr;
-
-	pbe = PBEPARAM_new();
-	if (!pbe) {
-		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (iter <= 0)
-		iter = PKCS5_DEFAULT_ITER;
-	if (!ASN1_INTEGER_set(pbe->iter, iter)) {
-		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!saltlen)
-		saltlen = PKCS5_SALT_LEN;
-	if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
-		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	sstr = ASN1_STRING_data(pbe->salt);
-	if (salt)
-		memcpy(sstr, salt, saltlen);
-	else
-		arc4random_buf(sstr, saltlen);
-
-	if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
-		ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	PBEPARAM_free(pbe);
-	pbe = NULL;
-
-	if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
-		return 1;
-
-err:
-	if (pbe != NULL)
-		PBEPARAM_free(pbe);
-	ASN1_STRING_free(pbe_str);
-	return 0;
-}
-
-/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
-
-X509_ALGOR *
-PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen)
-{
-	X509_ALGOR *ret;
-	ret = X509_ALGOR_new();
-	if (!ret) {
-		ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
-		return ret;
-
-	X509_ALGOR_free(ret);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/asn1/p5_pbev2.c b/lib/libssl/src/crypto/asn1/p5_pbev2.c
deleted file mode 100644
index 9be7e0205c5..00000000000
--- a/lib/libssl/src/crypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/* $OpenBSD: p5_pbev2.c,v 1.23 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999-2004.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* PKCS#5 v2.0 password based encryption structures */
-
-static const ASN1_TEMPLATE PBE2PARAM_seq_tt[] = {
-	{
-		.offset = offsetof(PBE2PARAM, keyfunc),
-		.field_name = "keyfunc",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(PBE2PARAM, encryption),
-		.field_name = "encryption",
-		.item = &X509_ALGOR_it,
-	},
-};
-
-const ASN1_ITEM PBE2PARAM_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PBE2PARAM_seq_tt,
-	.tcount = sizeof(PBE2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(PBE2PARAM),
-	.sname = "PBE2PARAM",
-};
-
-
-PBE2PARAM *
-d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len)
-{
-	return (PBE2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PBE2PARAM_it);
-}
-
-int
-i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBE2PARAM_it);
-}
-
-PBE2PARAM *
-PBE2PARAM_new(void)
-{
-	return (PBE2PARAM *)ASN1_item_new(&PBE2PARAM_it);
-}
-
-void
-PBE2PARAM_free(PBE2PARAM *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PBE2PARAM_it);
-}
-
-static const ASN1_TEMPLATE PBKDF2PARAM_seq_tt[] = {
-	{
-		.offset = offsetof(PBKDF2PARAM, salt),
-		.field_name = "salt",
-		.item = &ASN1_ANY_it,
-	},
-	{
-		.offset = offsetof(PBKDF2PARAM, iter),
-		.field_name = "iter",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(PBKDF2PARAM, keylength),
-		.field_name = "keylength",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(PBKDF2PARAM, prf),
-		.field_name = "prf",
-		.item = &X509_ALGOR_it,
-	},
-};
-
-const ASN1_ITEM PBKDF2PARAM_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PBKDF2PARAM_seq_tt,
-	.tcount = sizeof(PBKDF2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(PBKDF2PARAM),
-	.sname = "PBKDF2PARAM",
-};
-
-
-PBKDF2PARAM *
-d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len)
-{
-	return (PBKDF2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PBKDF2PARAM_it);
-}
-
-int
-i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBKDF2PARAM_it);
-}
-
-PBKDF2PARAM *
-PBKDF2PARAM_new(void)
-{
-	return (PBKDF2PARAM *)ASN1_item_new(&PBKDF2PARAM_it);
-}
-
-void
-PBKDF2PARAM_free(PBKDF2PARAM *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PBKDF2PARAM_it);
-}
-
-/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
- * yes I know this is horrible!
- *
- * Extended version to allow application supplied PRF NID and IV.
- */
-
-X509_ALGOR *
-PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
-    int saltlen, unsigned char *aiv, int prf_nid)
-{
-	X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
-	int alg_nid, keylen;
-	EVP_CIPHER_CTX ctx;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-	PBE2PARAM *pbe2 = NULL;
-	ASN1_OBJECT *obj;
-
-	alg_nid = EVP_CIPHER_type(cipher);
-	if (alg_nid == NID_undef) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
-		ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-		goto err;
-	}
-	obj = OBJ_nid2obj(alg_nid);
-
-	if (!(pbe2 = PBE2PARAM_new()))
-		goto merr;
-
-	/* Setup the AlgorithmIdentifier for the encryption scheme */
-	scheme = pbe2->encryption;
-
-	scheme->algorithm = obj;
-	if (!(scheme->parameter = ASN1_TYPE_new()))
-		goto merr;
-
-	/* Create random IV */
-	if (EVP_CIPHER_iv_length(cipher)) {
-		if (aiv)
-			memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
-		else
-			arc4random_buf(iv, EVP_CIPHER_iv_length(cipher));
-	}
-
-	EVP_CIPHER_CTX_init(&ctx);
-
-	/* Dummy cipherinit to just setup the IV, and PRF */
-	if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
-		goto err;
-	if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
-		ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
-		ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		goto err;
-	}
-	/* If prf NID unspecified see if cipher has a preference.
-	 * An error is OK here: just means use default PRF.
-	 */
-	if ((prf_nid == -1) &&
-	    EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
-		ERR_clear_error();
-		prf_nid = NID_hmacWithSHA1;
-	}
-	EVP_CIPHER_CTX_cleanup(&ctx);
-
-	/* If its RC2 then we'd better setup the key length */
-
-	if (alg_nid == NID_rc2_cbc)
-		keylen = EVP_CIPHER_key_length(cipher);
-	else
-		keylen = -1;
-
-	/* Setup keyfunc */
-
-	X509_ALGOR_free(pbe2->keyfunc);
-
-	pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
-
-	if (!pbe2->keyfunc)
-		goto merr;
-
-	/* Now set up top level AlgorithmIdentifier */
-
-	if (!(ret = X509_ALGOR_new()))
-		goto merr;
-	if (!(ret->parameter = ASN1_TYPE_new()))
-		goto merr;
-
-	ret->algorithm = OBJ_nid2obj(NID_pbes2);
-
-	/* Encode PBE2PARAM into parameter */
-
-	if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
-		&ret->parameter->value.sequence)) goto merr;
-	ret->parameter->type = V_ASN1_SEQUENCE;
-
-	PBE2PARAM_free(pbe2);
-	pbe2 = NULL;
-
-	return ret;
-
-merr:
-	ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
-
-err:
-	PBE2PARAM_free(pbe2);
-	/* Note 'scheme' is freed as part of pbe2 */
-	X509_ALGOR_free(kalg);
-	X509_ALGOR_free(ret);
-
-	return NULL;
-}
-
-X509_ALGOR *
-PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
-    int saltlen)
-{
-	return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
-}
-
-X509_ALGOR *
-PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid,
-    int keylen)
-{
-	X509_ALGOR *keyfunc = NULL;
-	PBKDF2PARAM *kdf = NULL;
-	ASN1_OCTET_STRING *osalt = NULL;
-
-	if (!(kdf = PBKDF2PARAM_new()))
-		goto merr;
-	if (!(osalt = ASN1_OCTET_STRING_new()))
-		goto merr;
-
-	kdf->salt->value.octet_string = osalt;
-	kdf->salt->type = V_ASN1_OCTET_STRING;
-
-	if (!saltlen)
-		saltlen = PKCS5_SALT_LEN;
-	if (!(osalt->data = malloc (saltlen)))
-		goto merr;
-
-	osalt->length = saltlen;
-
-	if (salt)
-		memcpy (osalt->data, salt, saltlen);
-	else
-		arc4random_buf(osalt->data, saltlen);
-
-	if (iter <= 0)
-		iter = PKCS5_DEFAULT_ITER;
-
-	if (!ASN1_INTEGER_set(kdf->iter, iter))
-		goto merr;
-
-	/* If have a key len set it up */
-
-	if (keylen > 0) {
-		if (!(kdf->keylength = ASN1_INTEGER_new()))
-			goto merr;
-		if (!ASN1_INTEGER_set(kdf->keylength, keylen))
-			goto merr;
-	}
-
-	/* prf can stay NULL if we are using hmacWithSHA1 */
-	if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
-		kdf->prf = X509_ALGOR_new();
-		if (!kdf->prf)
-			goto merr;
-		X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
-		V_ASN1_NULL, NULL);
-	}
-
-	/* Finally setup the keyfunc structure */
-
-	keyfunc = X509_ALGOR_new();
-	if (!keyfunc)
-		goto merr;
-
-	keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
-
-	/* Encode PBKDF2PARAM into parameter of pbe2 */
-
-	if (!(keyfunc->parameter = ASN1_TYPE_new()))
-		goto merr;
-
-	if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
-		&keyfunc->parameter->value.sequence))
-		goto merr;
-	keyfunc->parameter->type = V_ASN1_SEQUENCE;
-
-	PBKDF2PARAM_free(kdf);
-	return keyfunc;
-
-merr:
-	ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
-	PBKDF2PARAM_free(kdf);
-	X509_ALGOR_free(keyfunc);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/asn1/p8_pkey.c b/lib/libssl/src/crypto/asn1/p8_pkey.c
deleted file mode 100644
index 71d579456af..00000000000
--- a/lib/libssl/src/crypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: p8_pkey.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* Minor tweak to operation: zero private key data */
-static int
-pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	/* Since the structure must still be valid use ASN1_OP_FREE_PRE */
-	if (operation == ASN1_OP_FREE_PRE) {
-		PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
-		if (key->pkey != NULL &&
-		    key->pkey->type == V_ASN1_OCTET_STRING &&
-		    key->pkey->value.octet_string != NULL)
-			explicit_bzero(key->pkey->value.octet_string->data,
-			    key->pkey->value.octet_string->length);
-	}
-	return 1;
-}
-
-static const ASN1_AUX PKCS8_PRIV_KEY_INFO_aux = {
-	.asn1_cb = pkey_cb,
-};
-static const ASN1_TEMPLATE PKCS8_PRIV_KEY_INFO_seq_tt[] = {
-	{
-		.offset = offsetof(PKCS8_PRIV_KEY_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(PKCS8_PRIV_KEY_INFO, pkeyalg),
-		.field_name = "pkeyalg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(PKCS8_PRIV_KEY_INFO, pkey),
-		.field_name = "pkey",
-		.item = &ASN1_ANY_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(PKCS8_PRIV_KEY_INFO, attributes),
-		.field_name = "attributes",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS8_PRIV_KEY_INFO_seq_tt,
-	.tcount = sizeof(PKCS8_PRIV_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &PKCS8_PRIV_KEY_INFO_aux,
-	.size = sizeof(PKCS8_PRIV_KEY_INFO),
-	.sname = "PKCS8_PRIV_KEY_INFO",
-};
-
-
-PKCS8_PRIV_KEY_INFO *
-d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, const unsigned char **in, long len)
-{
-	return (PKCS8_PRIV_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS8_PRIV_KEY_INFO_it);
-}
-
-int
-i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS8_PRIV_KEY_INFO_it);
-}
-
-PKCS8_PRIV_KEY_INFO *
-PKCS8_PRIV_KEY_INFO_new(void)
-{
-	return (PKCS8_PRIV_KEY_INFO *)ASN1_item_new(&PKCS8_PRIV_KEY_INFO_it);
-}
-
-void
-PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS8_PRIV_KEY_INFO_it);
-}
-
-int
-PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version,
-    int ptype, void *pval, unsigned char *penc, int penclen)
-{
-	unsigned char **ppenc = NULL;
-
-	if (version >= 0) {
-		if (!ASN1_INTEGER_set(priv->version, version))
-			return 0;
-	}
-	if (penc) {
-		int pmtype;
-		ASN1_OCTET_STRING *oct;
-		oct = ASN1_OCTET_STRING_new();
-		if (!oct)
-			return 0;
-		oct->data = penc;
-		ppenc = &oct->data;
-		oct->length = penclen;
-		if (priv->broken == PKCS8_NO_OCTET)
-			pmtype = V_ASN1_SEQUENCE;
-		else
-			pmtype = V_ASN1_OCTET_STRING;
-		ASN1_TYPE_set(priv->pkey, pmtype, oct);
-	}
-	if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
-		/* If call fails do not swallow 'enc' */
-		if (ppenc)
-			*ppenc = NULL;
-		return 0;
-	}
-	return 1;
-}
-
-int
-PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen,
-    X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8)
-{
-	if (ppkalg)
-		*ppkalg = p8->pkeyalg->algorithm;
-	if (p8->pkey->type == V_ASN1_OCTET_STRING) {
-		p8->broken = PKCS8_OK;
-		if (pk) {
-			*pk = p8->pkey->value.octet_string->data;
-			*ppklen = p8->pkey->value.octet_string->length;
-		}
-	} else if (p8->pkey->type == V_ASN1_SEQUENCE) {
-		p8->broken = PKCS8_NO_OCTET;
-		if (pk) {
-			*pk = p8->pkey->value.sequence->data;
-			*ppklen = p8->pkey->value.sequence->length;
-		}
-	} else
-		return 0;
-	if (pa)
-		*pa = p8->pkeyalg;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/t_bitst.c b/lib/libssl/src/crypto/asn1/t_bitst.c
deleted file mode 100644
index ea4138e0fbc..00000000000
--- a/lib/libssl/src/crypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: t_bitst.c,v 1.7 2014/07/11 08:44:47 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-int
-ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
-    BIT_STRING_BITNAME *tbl, int indent)
-{
-	BIT_STRING_BITNAME *bnam;
-	char first = 1;
-
-	BIO_printf(out, "%*s", indent, "");
-	for (bnam = tbl; bnam->lname; bnam++) {
-		if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
-			if (!first)
-				BIO_puts(out, ", ");
-			BIO_puts(out, bnam->lname);
-			first = 0;
-		}
-	}
-	BIO_puts(out, "\n");
-	return 1;
-}
-
-int
-ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
-    BIT_STRING_BITNAME *tbl)
-{
-	int bitnum;
-
-	bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
-	if (bitnum < 0)
-		return 0;
-	if (bs) {
-		if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
-			return 0;
-	}
-	return 1;
-}
-
-int
-ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
-{
-	BIT_STRING_BITNAME *bnam;
-
-	for (bnam = tbl; bnam->lname; bnam++) {
-		if (!strcmp(bnam->sname, name) ||
-		    !strcmp(bnam->lname, name))
-			return bnam->bitnum;
-	}
-	return -1;
-}
diff --git a/lib/libssl/src/crypto/asn1/t_crl.c b/lib/libssl/src/crypto/asn1/t_crl.c
deleted file mode 100644
index 67116361a54..00000000000
--- a/lib/libssl/src/crypto/asn1/t_crl.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* $OpenBSD: t_crl.c,v 1.16 2014/07/12 16:33:25 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int
-X509_CRL_print_fp(FILE *fp, X509_CRL *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		X509err(X509_F_X509_CRL_PRINT_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = X509_CRL_print(b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-X509_CRL_print(BIO *out, X509_CRL *x)
-{
-	STACK_OF(X509_REVOKED) *rev;
-	X509_REVOKED *r;
-	long l;
-	int i;
-	char *p;
-
-	BIO_printf(out, "Certificate Revocation List (CRL):\n");
-	l = X509_CRL_get_version(x);
-	BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
-	i = OBJ_obj2nid(x->sig_alg->algorithm);
-	if (X509_signature_print(out, x->sig_alg, NULL) == 0)
-		goto err;
-	p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
-	if (p == NULL)
-		goto err;
-	BIO_printf(out, "%8sIssuer: %s\n", "", p);
-	free(p);
-	BIO_printf(out, "%8sLast Update: ", "");
-	ASN1_TIME_print(out, X509_CRL_get_lastUpdate(x));
-	BIO_printf(out, "\n%8sNext Update: ", "");
-	if (X509_CRL_get_nextUpdate(x))
-		ASN1_TIME_print(out, X509_CRL_get_nextUpdate(x));
-	else
-		BIO_printf(out, "NONE");
-	BIO_printf(out, "\n");
-
-	X509V3_extensions_print(out, "CRL extensions",
-	    x->crl->extensions, 0, 8);
-
-	rev = X509_CRL_get_REVOKED(x);
-
-	if (sk_X509_REVOKED_num(rev) > 0)
-		BIO_printf(out, "Revoked Certificates:\n");
-	else
-		BIO_printf(out, "No Revoked Certificates.\n");
-
-	for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
-		r = sk_X509_REVOKED_value(rev, i);
-		BIO_printf(out, "    Serial Number: ");
-		i2a_ASN1_INTEGER(out, r->serialNumber);
-		BIO_printf(out, "\n        Revocation Date: ");
-		ASN1_TIME_print(out, r->revocationDate);
-		BIO_printf(out, "\n");
-		X509V3_extensions_print(out, "CRL entry extensions",
-		    r->extensions, 0, 8);
-	}
-	if (X509_signature_print(out, x->sig_alg, x->signature) == 0)
-		goto err;
-
-	return 1;
-
-err:
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/asn1/t_pkey.c b/lib/libssl/src/crypto/asn1/t_pkey.c
deleted file mode 100644
index b3f7d084c54..00000000000
--- a/lib/libssl/src/crypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* $OpenBSD: t_pkey.c,v 1.16 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/objects.h>
-
-int
-ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
-    unsigned char *buf, int off)
-{
-	int n, i;
-	const char *neg;
-
-	if (num == NULL)
-		return (1);
-	neg = (BN_is_negative(num)) ? "-" : "";
-	if (!BIO_indent(bp, off, 128))
-		return 0;
-	if (BN_is_zero(num)) {
-		if (BIO_printf(bp, "%s 0\n", number) <= 0)
-			return 0;
-		return 1;
-	}
-
-	if (BN_num_bytes(num) <= BN_BYTES) {
-		if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg,
-		    (unsigned long)num->d[0], neg,
-		    (unsigned long)num->d[0]) <= 0)
-			return (0);
-	} else {
-		buf[0] = 0;
-		if (BIO_printf(bp, "%s%s", number,
-		    (neg[0] == '-') ? " (Negative)" : "") <= 0)
-			return (0);
-		n = BN_bn2bin(num, &buf[1]);
-
-		if (buf[1] & 0x80)
-			n++;
-		else
-			buf++;
-
-		for (i = 0; i < n; i++) {
-			if ((i % 15) == 0) {
-				if (BIO_puts(bp, "\n") <= 0 ||
-				    !BIO_indent(bp, off + 4, 128))
-					return 0;
-			}
-			if (BIO_printf(bp, "%02x%s", buf[i],
-			    ((i + 1) == n) ? "" : ":") <= 0)
-				return (0);
-		}
-		if (BIO_write(bp, "\n", 1) <= 0)
-			return (0);
-	}
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/asn1/t_req.c b/lib/libssl/src/crypto/asn1/t_req.c
deleted file mode 100644
index 8db456708ae..00000000000
--- a/lib/libssl/src/crypto/asn1/t_req.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: t_req.c,v 1.18 2015/07/29 14:58:34 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-int
-X509_REQ_print_fp(FILE *fp, X509_REQ *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = X509_REQ_print(b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
-    unsigned long cflag)
-{
-	unsigned long l;
-	int i;
-	const char *neg;
-	X509_REQ_INFO *ri;
-	EVP_PKEY *pkey;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	STACK_OF(X509_EXTENSION) *exts;
-	char mlch = ' ';
-	int nmindent = 0;
-
-	if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-		mlch = '\n';
-		nmindent = 12;
-	}
-
-	if (nmflags == X509_FLAG_COMPAT)
-		nmindent = 16;
-
-	ri = x->req_info;
-	if (!(cflag & X509_FLAG_NO_HEADER)) {
-		if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
-			goto err;
-		if (BIO_write(bp, "    Data:\n", 10) <= 0)
-
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_VERSION)) {
-		neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : "";
-		l = 0;
-		for (i = 0; i < ri->version->length; i++) {
-			l <<= 8;
-			l += ri->version->data[i];
-		}
-		if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg,
-		    l, neg, l) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_SUBJECT)) {
-		if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
-			goto err;
-		if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0)
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_PUBKEY)) {
-		if (BIO_write(bp, "        Subject Public Key Info:\n",
-		    33) <= 0)
-			goto err;
-		if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, "\n") <= 0)
-			goto err;
-
-		pkey = X509_REQ_get_pubkey(x);
-		if (pkey == NULL) {
-			BIO_printf(bp, "%12sUnable to load Public Key\n", "");
-			ERR_print_errors(bp);
-		} else {
-			EVP_PKEY_print_public(bp, pkey, 16, NULL);
-			EVP_PKEY_free(pkey);
-		}
-	}
-
-	if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
-		/* may not be */
-		if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
-			goto err;
-
-		sk = x->req_info->attributes;
-		if (sk_X509_ATTRIBUTE_num(sk) == 0) {
-			if (BIO_printf(bp, "%12sa0:00\n", "") <= 0)
-				goto err;
-		} else {
-			for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-				ASN1_TYPE *at;
-				X509_ATTRIBUTE *a;
-				ASN1_BIT_STRING *bs = NULL;
-				ASN1_TYPE *t;
-				int j, type = 0, count = 1, ii = 0;
-
-				a = sk_X509_ATTRIBUTE_value(sk, i);
-				if (X509_REQ_extension_nid(
-				    OBJ_obj2nid(a->object)))
-					continue;
-				if (BIO_printf(bp, "%12s", "") <= 0)
-					goto err;
-				if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
-					if (a->single) {
-						t = a->value.single;
-						type = t->type;
-						bs = t->value.bit_string;
-					} else {
-						ii = 0;
-						count = sk_ASN1_TYPE_num(
-						    a->value.set);
-get_next:
-						at = sk_ASN1_TYPE_value(
-						    a->value.set, ii);
-						type = at->type;
-						bs = at->value.asn1_string;
-					}
-				}
-				for (j = 25 - j; j > 0; j--)
-					if (BIO_write(bp, " ", 1) != 1)
-						goto err;
-				if (BIO_puts(bp, ":") <= 0)
-					goto err;
-				if ((type == V_ASN1_PRINTABLESTRING) ||
-				    (type == V_ASN1_T61STRING) ||
-				    (type == V_ASN1_IA5STRING)) {
-					if (BIO_write(bp, (char *)bs->data,
-					    bs->length) != bs->length)
-						goto err;
-					BIO_puts(bp, "\n");
-				} else {
-					BIO_puts(bp,
-					    "unable to print attribute\n");
-				}
-				if (++ii < count)
-					goto get_next;
-			}
-		}
-	}
-	if (!(cflag & X509_FLAG_NO_EXTENSIONS)) {
-		exts = X509_REQ_get_extensions(x);
-		if (exts) {
-			BIO_printf(bp, "%8sRequested Extensions:\n", "");
-			for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-				ASN1_OBJECT *obj;
-				X509_EXTENSION *ex;
-				int j;
-				ex = sk_X509_EXTENSION_value(exts, i);
-				if (BIO_printf(bp, "%12s", "") <= 0)
-					goto err;
-				obj = X509_EXTENSION_get_object(ex);
-				i2a_ASN1_OBJECT(bp, obj);
-				j = X509_EXTENSION_get_critical(ex);
-				if (BIO_printf(bp, ": %s\n",
-				    j ? "critical" : "") <= 0)
-					goto err;
-				if (!X509V3_EXT_print(bp, ex, cflag, 16)) {
-					BIO_printf(bp, "%16s", "");
-					ASN1_STRING_print(bp, ex->value);
-				}
-				if (BIO_write(bp, "\n", 1) <= 0)
-					goto err;
-			}
-			sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-		}
-	}
-
-	if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
-		if (!X509_signature_print(bp, x->sig_alg, x->signature))
-			goto err;
-	}
-
-	return (1);
-
-err:
-	X509err(X509_F_X509_REQ_PRINT_EX, ERR_R_BUF_LIB);
-	return (0);
-}
-
-int
-X509_REQ_print(BIO *bp, X509_REQ *x)
-{
-	return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
diff --git a/lib/libssl/src/crypto/asn1/t_spki.c b/lib/libssl/src/crypto/asn1/t_spki.c
deleted file mode 100644
index 39ff0670b6d..00000000000
--- a/lib/libssl/src/crypto/asn1/t_spki.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: t_spki.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-/* Print out an SPKI */
-
-int
-NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
-{
-	EVP_PKEY *pkey;
-	ASN1_IA5STRING *chal;
-	int i, n;
-	char *s;
-
-	BIO_printf(out, "Netscape SPKI:\n");
-	i = OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
-	BIO_printf(out, "  Public Key Algorithm: %s\n",
-	    (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-	pkey = X509_PUBKEY_get(spki->spkac->pubkey);
-	if (!pkey)
-		BIO_printf(out, "  Unable to load public key\n");
-	else {
-		EVP_PKEY_print_public(out, pkey, 4, NULL);
-		EVP_PKEY_free(pkey);
-	}
-	chal = spki->spkac->challenge;
-	if (chal->length)
-		BIO_printf(out, "  Challenge String: %s\n", chal->data);
-	i = OBJ_obj2nid(spki->sig_algor->algorithm);
-	BIO_printf(out, "  Signature Algorithm: %s",
-	    (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-
-	n = spki->signature->length;
-	s = (char *)spki->signature->data;
-	for (i = 0; i < n; i++) {
-		if ((i % 18) == 0)
-			BIO_write(out, "\n      ", 7);
-		BIO_printf(out, "%02x%s", (unsigned char)s[i],
-		    ((i + 1) == n) ? "" : ":");
-	}
-	BIO_write(out, "\n", 1);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/t_x509.c b/lib/libssl/src/crypto/asn1/t_x509.c
deleted file mode 100644
index 1c83fc56086..00000000000
--- a/lib/libssl/src/crypto/asn1/t_x509.c
+++ /dev/null
@@ -1,537 +0,0 @@
-/* $OpenBSD: t_x509.c,v 1.26 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#include "asn1_locl.h"
-
-int
-X509_print_fp(FILE *fp, X509 *x)
-{
-	return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int
-X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = X509_print_ex(b, x, nmflag, cflag);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-X509_print(BIO *bp, X509 *x)
-{
-	return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
-}
-
-int
-X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
-{
-	long l;
-	int ret = 0, i;
-	char *m = NULL, mlch = ' ';
-	int nmindent = 0;
-	X509_CINF *ci;
-	ASN1_INTEGER *bs;
-	EVP_PKEY *pkey = NULL;
-	const char *neg;
-
-	if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
-		mlch = '\n';
-		nmindent = 12;
-	}
-
-	if (nmflags == X509_FLAG_COMPAT)
-		nmindent = 16;
-
-	ci = x->cert_info;
-	if (!(cflag & X509_FLAG_NO_HEADER)) {
-		if (BIO_write(bp, "Certificate:\n", 13) <= 0)
-			goto err;
-		if (BIO_write(bp, "    Data:\n", 10) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_VERSION)) {
-		l = X509_get_version(x);
-		if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n",
-		    "", l + 1, l) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_SERIAL)) {
-		if (BIO_write(bp, "        Serial Number:", 22) <= 0)
-			goto err;
-
-		bs = X509_get_serialNumber(x);
-		if (bs->length <= (int)sizeof(long)) {
-			l = ASN1_INTEGER_get(bs);
-			if (bs->type == V_ASN1_NEG_INTEGER) {
-				l = -l;
-				neg = "-";
-			} else
-				neg = "";
-			if (BIO_printf(bp, " %s%lu (%s0x%lx)\n",
-			    neg, l, neg, l) <= 0)
-				goto err;
-		} else {
-			neg = (bs->type == V_ASN1_NEG_INTEGER) ?
-			    " (Negative)" : "";
-			if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
-				goto err;
-			for (i = 0; i < bs->length; i++) {
-				if (BIO_printf(bp, "%02x%c", bs->data[i],
-				    ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
-					goto err;
-			}
-		}
-
-	}
-
-	if (!(cflag & X509_FLAG_NO_SIGNAME)) {
-		if (X509_signature_print(bp, x->sig_alg, NULL) <= 0)
-			goto err;
-	}
-
-	if (!(cflag & X509_FLAG_NO_ISSUER)) {
-		if (BIO_printf(bp, "        Issuer:%c", mlch) <= 0)
-			goto err;
-		if (X509_NAME_print_ex(bp, X509_get_issuer_name(x),
-		    nmindent, nmflags) < 0)
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_VALIDITY)) {
-		if (BIO_write(bp, "        Validity\n", 17) <= 0)
-			goto err;
-		if (BIO_write(bp, "            Not Before: ", 24) <= 0)
-			goto err;
-		if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
-			goto err;
-		if (BIO_write(bp, "\n            Not After : ", 25) <= 0)
-			goto err;
-		if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_SUBJECT)) {
-		if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
-			goto err;
-		if (X509_NAME_print_ex(bp, X509_get_subject_name(x),
-		    nmindent, nmflags) < 0)
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_PUBKEY)) {
-		if (BIO_write(bp, "        Subject Public Key Info:\n",
-		    33) <= 0)
-			goto err;
-		if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, "\n") <= 0)
-			goto err;
-
-		pkey = X509_get_pubkey(x);
-		if (pkey == NULL) {
-			BIO_printf(bp, "%12sUnable to load Public Key\n", "");
-			ERR_print_errors(bp);
-		} else {
-			EVP_PKEY_print_public(bp, pkey, 16, NULL);
-			EVP_PKEY_free(pkey);
-		}
-	}
-
-	if (!(cflag & X509_FLAG_NO_EXTENSIONS))
-		X509V3_extensions_print(bp, "X509v3 extensions",
-		    ci->extensions, cflag, 8);
-
-	if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
-		if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
-			goto err;
-	}
-	if (!(cflag & X509_FLAG_NO_AUX)) {
-		if (!X509_CERT_AUX_print(bp, x->aux, 0))
-			goto err;
-	}
-	ret = 1;
-
-err:
-	free(m);
-	return (ret);
-}
-
-int X509_ocspid_print (BIO *bp, X509 *x)
-{
-	unsigned char *der = NULL;
-	unsigned char *dertmp;
-	int derlen;
-	int i;
-	unsigned char SHA1md[SHA_DIGEST_LENGTH];
-
-	/* display the hash of the subject as it would appear
-	   in OCSP requests */
-	if (BIO_printf(bp, "        Subject OCSP hash: ") <= 0)
-		goto err;
-	derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
-	if ((der = dertmp = malloc(derlen)) == NULL)
-		goto err;
-	i2d_X509_NAME(x->cert_info->subject, &dertmp);
-
-	if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
-		goto err;
-	for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
-		if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
-			goto err;
-	}
-	free (der);
-	der = NULL;
-
-	/* display the hash of the public key as it would appear
-	   in OCSP requests */
-	if (BIO_printf(bp, "\n        Public key OCSP hash: ") <= 0)
-		goto err;
-
-	if (!EVP_Digest(x->cert_info->key->public_key->data,
-	    x->cert_info->key->public_key->length,
-	    SHA1md, NULL, EVP_sha1(), NULL))
-		goto err;
-	for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
-		if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
-			goto err;
-	}
-	BIO_printf(bp, "\n");
-
-	return (1);
-
-err:
-	free(der);
-	return (0);
-}
-
-int
-X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
-{
-	const unsigned char *s;
-	int i, n;
-
-	n = sig->length;
-	s = sig->data;
-	for (i = 0; i < n; i++) {
-		if ((i % 18) == 0) {
-			if (BIO_write(bp, "\n", 1) <= 0)
-				return 0;
-			if (BIO_indent(bp, indent, indent) <= 0)
-				return 0;
-		}
-		if (BIO_printf(bp, "%02x%s", s[i],
-		    ((i + 1) == n) ? "" : ":") <= 0)
-			return 0;
-	}
-	if (BIO_write(bp, "\n", 1) != 1)
-		return 0;
-
-	return 1;
-}
-
-int
-X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
-{
-	int sig_nid;
-	if (BIO_puts(bp, "    Signature Algorithm: ") <= 0)
-		return 0;
-	if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
-		return 0;
-
-	sig_nid = OBJ_obj2nid(sigalg->algorithm);
-	if (sig_nid != NID_undef) {
-		int pkey_nid, dig_nid;
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
-			ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
-			if (ameth && ameth->sig_print)
-				return ameth->sig_print(bp, sigalg, sig, 9, 0);
-		}
-	}
-	if (sig)
-		return X509_signature_dump(bp, sig, 9);
-	else if (BIO_puts(bp, "\n") <= 0)
-		return 0;
-	return 1;
-}
-
-int
-ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
-{
-	int i, n;
-	char buf[80];
-	const char *p;
-
-	if (v == NULL)
-		return (0);
-	n = 0;
-	p = (const char *)v->data;
-	for (i = 0; i < v->length; i++) {
-		if ((p[i] > '~') || ((p[i] < ' ') &&
-		    (p[i] != '\n') && (p[i] != '\r')))
-			buf[n] = '.';
-		else
-			buf[n] = p[i];
-		n++;
-		if (n >= 80) {
-			if (BIO_write(bp, buf, n) <= 0)
-				return (0);
-			n = 0;
-		}
-	}
-	if (n > 0)
-		if (BIO_write(bp, buf, n) <= 0)
-			return (0);
-	return (1);
-}
-
-int
-ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
-{
-	if (tm->type == V_ASN1_UTCTIME)
-		return ASN1_UTCTIME_print(bp, tm);
-	if (tm->type == V_ASN1_GENERALIZEDTIME)
-		return ASN1_GENERALIZEDTIME_print(bp, tm);
-	BIO_write(bp, "Bad time value", 14);
-	return (0);
-}
-
-static const char *mon[12] = {
-	"Jan", "Feb", "Mar", "Apr", "May", "Jun", 
-	"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
-};
-
-int
-ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
-{
-	char *v;
-	int gmt = 0;
-	int i;
-	int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
-	char *f = NULL;
-	int f_len = 0;
-
-	i = tm->length;
-	v = (char *)tm->data;
-
-	if (i < 12)
-		goto err;
-	if (v[i-1] == 'Z')
-		gmt = 1;
-	for (i = 0; i < 12; i++)
-		if ((v[i] > '9') || (v[i] < '0'))
-			goto err;
-	y = (v[0] - '0') * 1000 + (v[1] - '0') * 100 +
-	    (v[2] - '0') * 10 + (v[3] - '0');
-	M = (v[4] - '0') * 10 + (v[5] - '0');
-	if ((M > 12) || (M < 1))
-		goto err;
-	d = (v[6] - '0') * 10 + (v[7] - '0');
-	h = (v[8] - '0') * 10 + (v[9] - '0');
-	m = (v[10] - '0') * 10 + (v[11] - '0');
-	if (tm->length >= 14 &&
-	    (v[12] >= '0') && (v[12] <= '9') &&
-	    (v[13] >= '0') && (v[13] <= '9')) {
-		s =  (v[12] - '0') * 10 + (v[13] - '0');
-		/* Check for fractions of seconds. */
-		if (tm->length >= 15 && v[14] == '.') {
-			int l = tm->length;
-			f = &v[14];	/* The decimal point. */
-			f_len = 1;
-			while (14 + f_len < l && f[f_len] >= '0' &&
-			    f[f_len] <= '9')
-				++f_len;
-		}
-	}
-
-	if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
-	    mon[M - 1], d, h, m, s, f_len, f, y, (gmt) ? " GMT" : "") <= 0)
-		return (0);
-	else
-		return (1);
-
-err:
-	BIO_write(bp, "Bad time value", 14);
-	return (0);
-}
-
-int
-ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
-{
-	const char *v;
-	int gmt = 0;
-	int i;
-	int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
-
-	i = tm->length;
-	v = (const char *)tm->data;
-
-	if (i < 10)
-		goto err;
-	if (v[i-1] == 'Z')
-		gmt = 1;
-	for (i = 0; i < 10; i++)
-		if ((v[i] > '9') || (v[i] < '0'))
-			goto err;
-	y = (v[0] - '0') * 10 + (v[1] - '0');
-	if (y < 50)
-		y += 100;
-	M = (v[2] - '0') * 10 + (v[3] - '0');
-	if ((M > 12) || (M < 1))
-		goto err;
-	d = (v[4] - '0') * 10 + (v[5] - '0');
-	h = (v[6] - '0') * 10 + (v[7] - '0');
-	m = (v[8] - '0') * 10 + (v[9] - '0');
-	if (tm->length >=12 &&
-	    (v[10] >= '0') && (v[10] <= '9') &&
-	    (v[11] >= '0') && (v[11] <= '9'))
-		s = (v[10] - '0') * 10 + (v[11] - '0');
-
-	if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
-	    mon[M - 1], d, h, m, s, y + 1900, (gmt) ? " GMT" : "") <= 0)
-		return (0);
-	else
-		return (1);
-
-err:
-	BIO_write(bp, "Bad time value", 14);
-	return (0);
-}
-
-int
-X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
-{
-	char *s, *c, *b;
-	int ret = 0, l, i;
-
-	l = 80 - 2 - obase;
-
-	b = X509_NAME_oneline(name, NULL, 0);
-	if (b == NULL)
-		return 0;
-	if (*b == '\0') {
-		free(b);
-		return 1;
-	}
-	s = b + 1; /* skip the first slash */
-
-	c = s;
-	for (;;) {
-		if (((*s == '/') &&
-		    ((s[1] >= 'A') && (s[1] <= 'Z') &&
-		    ((s[2] == '=') || ((s[2] >= 'A') && (s[2] <= 'Z') &&
-		    (s[3] == '='))))) || (*s == '\0')) {
-			i = s - c;
-			if (BIO_write(bp, c, i) != i)
-				goto err;
-			c = s + 1;	/* skip following slash */
-			if (*s != '\0') {
-				if (BIO_write(bp, ", ", 2) != 2)
-					goto err;
-			}
-			l--;
-		}
-		if (*s == '\0')
-			break;
-		s++;
-		l--;
-	}
-
-	ret = 1;
-	if (0) {
-err:
-		X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
-	}
-	free(b);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/asn1/t_x509a.c b/lib/libssl/src/crypto/asn1/t_x509a.c
deleted file mode 100644
index fd68211b849..00000000000
--- a/lib/libssl/src/crypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: t_x509a.c,v 1.8 2014/07/11 08:44:47 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX and string set routines
- */
-
-int
-X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
-{
-	char oidstr[80], first;
-	int i;
-	if (!aux)
-		return 1;
-	if (aux->trust) {
-		first = 1;
-		BIO_printf(out, "%*sTrusted Uses:\n%*s",
-		    indent, "", indent + 2, "");
-		for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
-			if (!first)
-				BIO_puts(out, ", ");
-			else
-				first = 0;
-			OBJ_obj2txt(oidstr, sizeof oidstr,
-			    sk_ASN1_OBJECT_value(aux->trust, i), 0);
-			BIO_puts(out, oidstr);
-		}
-		BIO_puts(out, "\n");
-	} else
-		BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
-	if (aux->reject) {
-		first = 1;
-		BIO_printf(out, "%*sRejected Uses:\n%*s",
-		    indent, "", indent + 2, "");
-		for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
-			if (!first)
-				BIO_puts(out, ", ");
-			else
-				first = 0;
-			OBJ_obj2txt(oidstr, sizeof oidstr,
-			    sk_ASN1_OBJECT_value(aux->reject, i), 0);
-			BIO_puts(out, oidstr);
-		}
-		BIO_puts(out, "\n");
-	} else
-		BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
-	if (aux->alias)
-		BIO_printf(out, "%*sAlias: %s\n", indent, "",
-		    aux->alias->data);
-	if (aux->keyid) {
-		BIO_printf(out, "%*sKey Id: ", indent, "");
-		for (i = 0; i < aux->keyid->length; i++)
-			BIO_printf(out, "%s%02X", i ? ":" : "",
-			    aux->keyid->data[i]);
-		BIO_write(out, "\n", 1);
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_dec.c b/lib/libssl/src/crypto/asn1/tasn_dec.c
deleted file mode 100644
index e75fe536338..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ /dev/null
@@ -1,1188 +0,0 @@
-/* $OpenBSD: tasn_dec.c,v 1.32 2016/05/04 15:00:24 tedu Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-static int asn1_check_eoc(const unsigned char **in, long len);
-static int asn1_find_end(const unsigned char **in, long len, char inf);
-
-static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-    char inf, int tag, int aclass, int depth);
-
-static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
-
-static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
-    char *inf, char *cst, const unsigned char **in, long len, int exptag,
-    int expclass, char opt, ASN1_TLC *ctx);
-
-static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
-    long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in,
-    long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
-static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in,
-    long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
-    ASN1_TLC *ctx);
-
-/* Table to convert tags to bit values, used for MSTRING type */
-static const unsigned long tag2bit[32] = {
-	0,	0,	0,	B_ASN1_BIT_STRING,	/* tags  0 -  3 */
-	B_ASN1_OCTET_STRING,	0,	0,		B_ASN1_UNKNOWN,/* tags  4- 7 */
-	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,	B_ASN1_UNKNOWN,/* tags  8-11 */
-	B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-	B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
-	B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,       /* tags 20-22 */
-	B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,			       /* tags 23-24 */
-	B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,  /* tags 25-27 */
-	B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */
-};
-
-unsigned long
-ASN1_tag2bit(int tag)
-{
-	if ((tag < 0) || (tag > 30))
-		return 0;
-	return tag2bit[tag];
-}
-
-/* Macro to initialize and invalidate the cache */
-
-#define asn1_tlc_clear(c)	if (c) (c)->valid = 0
-/* Version to avoid compiler warning about 'c' always non-NULL */
-#define asn1_tlc_clear_nc(c)	(c)->valid = 0
-
-/* Decode an ASN1 item, this currently behaves just
- * like a standard 'd2i' function. 'in' points to
- * a buffer to read the data from, in future we will
- * have more advanced versions that can input data
- * a piece at a time and this will simply be a special
- * case.
- */
-
-ASN1_VALUE *
-ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-    const ASN1_ITEM *it)
-{
-	ASN1_TLC c;
-	ASN1_VALUE *ptmpval = NULL;
-
-	if (!pval)
-		pval = &ptmpval;
-	asn1_tlc_clear_nc(&c);
-	if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
-		return *pval;
-	return NULL;
-}
-
-int
-ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-    const ASN1_TEMPLATE *tt)
-{
-	ASN1_TLC c;
-
-	asn1_tlc_clear_nc(&c);
-	return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
-}
-
-
-/* Decode an item, taking care of IMPLICIT tagging, if any.
- * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
- */
-
-int
-ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
-    const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	const ASN1_TEMPLATE *tt, *errtt = NULL;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	const unsigned char *p = NULL, *q;
-	unsigned char oclass;
-	char seq_eoc, seq_nolen, cst, isopt;
-	long tmplen;
-	int i;
-	int otag;
-	int ret = 0;
-	ASN1_VALUE **pchptr;
-	int combine;
-
-	combine = aclass & ASN1_TFLG_COMBINE;
-	aclass &= ~ASN1_TFLG_COMBINE;
-
-	if (!pval)
-		return 0;
-
-	if (aux && aux->asn1_cb)
-		asn1_cb = aux->asn1_cb;
-	else
-		asn1_cb = 0;
-
-	switch (it->itype) {
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates) {
-			/* tagging or OPTIONAL is currently illegal on an item
-			 * template because the flags can't get passed down.
-			 * In practice this isn't a problem: we include the
-			 * relevant flags from the item template in the
-			 * template itself.
-			 */
-			if ((tag != -1) || opt) {
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-				    ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
-				goto err;
-			}
-			return asn1_template_ex_d2i(pval, in, len,
-			    it->templates, opt, ctx);
-		}
-		return asn1_d2i_ex_primitive(pval, in, len, it,
-		    tag, aclass, opt, ctx);
-		break;
-
-	case ASN1_ITYPE_MSTRING:
-		p = *in;
-		/* Just read in tag and class */
-		ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
-		    &p, len, -1, 0, 1, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-
-		/* Must be UNIVERSAL class */
-		if (oclass != V_ASN1_UNIVERSAL) {
-			/* If OPTIONAL, assume this is OK */
-			if (opt)
-				return -1;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ASN1_R_MSTRING_NOT_UNIVERSAL);
-			goto err;
-		}
-		/* Check tag matches bit map */
-		if (!(ASN1_tag2bit(otag) & it->utype)) {
-			/* If OPTIONAL, assume this is OK */
-			if (opt)
-				return -1;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ASN1_R_MSTRING_WRONG_TAG);
-			goto err;
-		}
-		return asn1_d2i_ex_primitive(pval, in, len,
-		    it, otag, 0, 0, ctx);
-
-	case ASN1_ITYPE_EXTERN:
-		/* Use new style d2i */
-		ef = it->funcs;
-		return ef->asn1_ex_d2i(pval, in, len,
-		    it, tag, aclass, opt, ctx);
-
-	case ASN1_ITYPE_CHOICE:
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-			goto auxerr;
-
-		if (*pval) {
-			/* Free up and zero CHOICE value if initialised */
-			i = asn1_get_choice_selector(pval, it);
-			if ((i >= 0) && (i < it->tcount)) {
-				tt = it->templates + i;
-				pchptr = asn1_get_field_ptr(pval, tt);
-				ASN1_template_free(pchptr, tt);
-				asn1_set_choice_selector(pval, -1, it);
-			}
-		} else if (!ASN1_item_ex_new(pval, it)) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		/* CHOICE type, try each possibility in turn */
-		p = *in;
-		for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			pchptr = asn1_get_field_ptr(pval, tt);
-			/* We mark field as OPTIONAL so its absence
-			 * can be recognised.
-			 */
-			ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
-			/* If field not present, try the next one */
-			if (ret == -1)
-				continue;
-			/* If positive return, read OK, break loop */
-			if (ret > 0)
-				break;
-			/* Otherwise must be an ASN1 parsing error */
-			errtt = tt;
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-
-		/* Did we fall off the end without reading anything? */
-		if (i == it->tcount) {
-			/* If OPTIONAL, this is OK */
-			if (opt) {
-				/* Free and zero it */
-				ASN1_item_ex_free(pval, it);
-				return -1;
-			}
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ASN1_R_NO_MATCHING_CHOICE_TYPE);
-			goto err;
-		}
-
-		asn1_set_choice_selector(pval, i, it);
-		*in = p;
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
-			goto auxerr;
-		return 1;
-
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-	case ASN1_ITYPE_SEQUENCE:
-		p = *in;
-		tmplen = len;
-
-		/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-		if (tag == -1) {
-			tag = V_ASN1_SEQUENCE;
-			aclass = V_ASN1_UNIVERSAL;
-		}
-		/* Get SEQUENCE length and update len, p */
-		ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
-		    &p, len, tag, aclass, opt, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if (ret == -1)
-			return -1;
-		if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
-			len = tmplen - (p - *in);
-			seq_nolen = 1;
-		}
-		/* If indefinite we don't do a length check */
-		else
-			seq_nolen = seq_eoc;
-		if (!cst) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
-			goto err;
-		}
-
-		if (!*pval && !ASN1_item_ex_new(pval, it)) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
-			goto auxerr;
-
-		/* Free up and zero any ADB found */
-		for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			if (tt->flags & ASN1_TFLG_ADB_MASK) {
-				const ASN1_TEMPLATE *seqtt;
-				ASN1_VALUE **pseqval;
-				seqtt = asn1_do_adb(pval, tt, 1);
-				if (!seqtt)
-					goto err;
-				pseqval = asn1_get_field_ptr(pval, seqtt);
-				ASN1_template_free(pseqval, seqtt);
-			}
-		}
-
-		/* Get each field entry */
-		for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if (!seqtt)
-				goto err;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* Have we ran out of data? */
-			if (!len)
-				break;
-			q = p;
-			if (asn1_check_eoc(&p, len)) {
-				if (!seq_eoc) {
-					ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-					    ASN1_R_UNEXPECTED_EOC);
-					goto err;
-				}
-				len -= p - q;
-				seq_eoc = 0;
-				q = p;
-				break;
-			}
-			/* This determines the OPTIONAL flag value. The field
-			 * cannot be omitted if it is the last of a SEQUENCE
-			 * and there is still data to be read. This isn't
-			 * strictly necessary but it increases efficiency in
-			 * some cases.
-			 */
-			if (i == (it->tcount - 1))
-				isopt = 0;
-			else
-				isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
-			/* attempt to read in field, allowing each to be
-			 * OPTIONAL */
-
-			ret = asn1_template_ex_d2i(pseqval, &p, len,
-			    seqtt, isopt, ctx);
-			if (!ret) {
-				errtt = seqtt;
-				goto err;
-			} else if (ret == -1) {
-				/* OPTIONAL component absent.
-				 * Free and zero the field.
-				 */
-				ASN1_template_free(pseqval, seqtt);
-				continue;
-			}
-			/* Update length */
-			len -= p - q;
-		}
-
-		/* Check for EOC if expecting one */
-		if (seq_eoc && !asn1_check_eoc(&p, len)) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
-			goto err;
-		}
-		/* Check all data read */
-		if (!seq_nolen && len) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-			    ASN1_R_SEQUENCE_LENGTH_MISMATCH);
-			goto err;
-		}
-
-		/* If we get here we've got no more data in the SEQUENCE,
-		 * however we may not have read all fields so check all
-		 * remaining are OPTIONAL and clear any that are.
-		 */
-		for (; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if (!seqtt)
-				goto err;
-			if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
-				ASN1_VALUE **pseqval;
-				pseqval = asn1_get_field_ptr(pval, seqtt);
-				ASN1_template_free(pseqval, seqtt);
-			} else {
-				errtt = seqtt;
-				ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-				    ASN1_R_FIELD_MISSING);
-				goto err;
-			}
-		}
-		/* Save encoding */
-		if (!asn1_enc_save(pval, *in, p - *in, it)) {
-			ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_MALLOC_FAILURE);
-			goto auxerr;
-		}
-		*in = p;
-		if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
-			goto auxerr;
-		return 1;
-
-	default:
-		return 0;
-	}
-
-auxerr:
-	ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
-err:
-	if (combine == 0)
-		ASN1_item_ex_free(pval, it);
-	if (errtt)
-		ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name,
-		    it->sname);
-	else
-		ERR_asprintf_error_data("Type=%s", it->sname);
-	return 0;
-}
-
-/* Templates are handled with two separate functions.
- * One handles any EXPLICIT tag and the other handles the rest.
- */
-
-static int
-asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long inlen,
-    const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
-	int flags, aclass;
-	int ret;
-	long len;
-	const unsigned char *p, *q;
-	char exp_eoc;
-
-	if (!val)
-		return 0;
-	flags = tt->flags;
-	aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-	p = *in;
-
-	/* Check if EXPLICIT tag expected */
-	if (flags & ASN1_TFLG_EXPTAG) {
-		char cst;
-		/* Need to work out amount of data available to the inner
-		 * content and where it starts: so read in EXPLICIT header to
-		 * get the info.
-		 */
-		ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
-		    &p, inlen, tt->tag, aclass, opt, ctx);
-		q = p;
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		} else if (ret == -1)
-			return -1;
-		if (!cst) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-			    ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
-			return 0;
-		}
-		/* We've found the field so it can't be OPTIONAL now */
-		ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		/* We read the field in OK so update length */
-		len -= p - q;
-		if (exp_eoc) {
-			/* If NDEF we must have an EOC here */
-			if (!asn1_check_eoc(&p, len)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-				    ASN1_R_MISSING_EOC);
-				goto err;
-			}
-		} else {
-			/* Otherwise we must hit the EXPLICIT tag end or its
-			 * an error */
-			if (len) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
-				    ASN1_R_EXPLICIT_LENGTH_MISMATCH);
-				goto err;
-			}
-		}
-	} else
-		return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
-
-	*in = p;
-	return 1;
-
-err:
-	ASN1_template_free(val, tt);
-	return 0;
-}
-
-static int
-asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
-    const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
-{
-	int flags, aclass;
-	int ret;
-	const unsigned char *p, *q;
-
-	if (!val)
-		return 0;
-	flags = tt->flags;
-	aclass = flags & ASN1_TFLG_TAG_CLASS;
-
-	p = *in;
-	q = p;
-
-	if (flags & ASN1_TFLG_SK_MASK) {
-		/* SET OF, SEQUENCE OF */
-		int sktag, skaclass;
-		char sk_eoc;
-		/* First work out expected inner tag value */
-		if (flags & ASN1_TFLG_IMPTAG) {
-			sktag = tt->tag;
-			skaclass = aclass;
-		} else {
-			skaclass = V_ASN1_UNIVERSAL;
-			if (flags & ASN1_TFLG_SET_OF)
-				sktag = V_ASN1_SET;
-			else
-				sktag = V_ASN1_SEQUENCE;
-		}
-		/* Get the tag */
-		ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
-		    &p, len, sktag, skaclass, opt, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		} else if (ret == -1)
-			return -1;
-		if (!*val)
-			*val = (ASN1_VALUE *)sk_new_null();
-		else {
-			/* We've got a valid STACK: free up any items present */
-			STACK_OF(ASN1_VALUE) *sktmp =
-			    (STACK_OF(ASN1_VALUE) *)*val;
-			ASN1_VALUE *vtmp;
-			while (sk_ASN1_VALUE_num(sktmp) > 0) {
-				vtmp = sk_ASN1_VALUE_pop(sktmp);
-				ASN1_item_ex_free(&vtmp,
-				    ASN1_ITEM_ptr(tt->item));
-			}
-		}
-
-		if (!*val) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		/* Read as many items as we can */
-		while (len > 0) {
-			ASN1_VALUE *skfield;
-			q = p;
-			/* See if EOC found */
-			if (asn1_check_eoc(&p, len)) {
-				if (!sk_eoc) {
-					ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-					    ASN1_R_UNEXPECTED_EOC);
-					goto err;
-				}
-				len -= p - q;
-				sk_eoc = 0;
-				break;
-			}
-			skfield = NULL;
-			if (!ASN1_item_ex_d2i(&skfield, &p, len,
-			    ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-				    ERR_R_NESTED_ASN1_ERROR);
-				goto err;
-			}
-			len -= p - q;
-			if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val,
-			    skfield)) {
-				ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-		if (sk_eoc) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-			    ASN1_R_MISSING_EOC);
-			goto err;
-		}
-	} else if (flags & ASN1_TFLG_IMPTAG) {
-		/* IMPLICIT tagging */
-		ret = ASN1_item_ex_d2i(val, &p, len,
-		    ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if (ret == -1)
-			return -1;
-	} else {
-		/* Nothing special */
-		ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-		    -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
-			    ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		} else if (ret == -1)
-			return -1;
-	}
-
-	*in = p;
-	return 1;
-
-err:
-	ASN1_template_free(val, tt);
-	return 0;
-}
-
-static int
-asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long inlen,
-    const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	int ret = 0, utype;
-	long plen;
-	char cst, inf, free_cont = 0;
-	const unsigned char *p;
-	BUF_MEM buf;
-	const unsigned char *cont = NULL;
-	long len;
-
-	buf.length = 0;
-	buf.max = 0;
-	buf.data = NULL;
-
-	if (!pval) {
-		ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
-		return 0; /* Should never happen */
-	}
-
-	if (it->itype == ASN1_ITYPE_MSTRING) {
-		utype = tag;
-		tag = -1;
-	} else
-		utype = it->utype;
-
-	if (utype == V_ASN1_ANY) {
-		/* If type is ANY need to figure out type from tag */
-		unsigned char oclass;
-		if (tag >= 0) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-			    ASN1_R_ILLEGAL_TAGGED_ANY);
-			return 0;
-		}
-		if (opt) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-			    ASN1_R_ILLEGAL_OPTIONAL_ANY);
-			return 0;
-		}
-		p = *in;
-		ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
-		    &p, inlen, -1, 0, 0, ctx);
-		if (!ret) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-			    ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		if (oclass != V_ASN1_UNIVERSAL)
-			utype = V_ASN1_OTHER;
-	}
-	if (tag == -1) {
-		tag = utype;
-		aclass = V_ASN1_UNIVERSAL;
-	}
-	p = *in;
-	/* Check header */
-	ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
-	    &p, inlen, tag, aclass, opt, ctx);
-	if (!ret) {
-		ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
-		return 0;
-	} else if (ret == -1)
-		return -1;
-	ret = 0;
-	/* SEQUENCE, SET and "OTHER" are left in encoded form */
-	if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
-	    (utype == V_ASN1_OTHER)) {
-		/* Clear context cache for type OTHER because the auto clear
-		 * when we have a exact match wont work
-		 */
-		if (utype == V_ASN1_OTHER) {
-			asn1_tlc_clear(ctx);
-		}
-		/* SEQUENCE and SET must be constructed */
-		else if (!cst) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-			    ASN1_R_TYPE_NOT_CONSTRUCTED);
-			return 0;
-		}
-
-		cont = *in;
-		/* If indefinite length constructed find the real end */
-		if (inf) {
-			if (!asn1_find_end(&p, plen, inf))
-				goto err;
-			len = p - cont;
-		} else {
-			len = p - cont + plen;
-			p += plen;
-			buf.data = NULL;
-		}
-	} else if (cst) {
-		/* Should really check the internal tags are correct but
-		 * some things may get this wrong. The relevant specs
-		 * say that constructed string types should be OCTET STRINGs
-		 * internally irrespective of the type. So instead just check
-		 * for UNIVERSAL class and ignore the tag.
-		 */
-		if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
-			free_cont = 1;
-			goto err;
-		}
-		len = buf.length;
-		/* Append a final null to string */
-		if (!BUF_MEM_grow_clean(&buf, len + 1)) {
-			ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		buf.data[len] = 0;
-		cont = (const unsigned char *)buf.data;
-		free_cont = 1;
-	} else {
-		cont = p;
-		len = plen;
-		p += plen;
-	}
-
-	/* We now have content length and type: translate into a structure */
-	if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
-		goto err;
-
-	*in = p;
-	ret = 1;
-
-err:
-	if (free_cont && buf.data)
-		free(buf.data);
-	return ret;
-}
-
-/* Translate ASN1 content octets into a structure */
-
-int
-asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
-    char *free_cont, const ASN1_ITEM *it)
-{
-	ASN1_VALUE **opval = NULL;
-	ASN1_STRING *stmp;
-	ASN1_TYPE *typ = NULL;
-	int ret = 0;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-	ASN1_INTEGER **tint;
-
-	pf = it->funcs;
-
-	if (pf && pf->prim_c2i)
-		return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
-	/* If ANY type clear type and set pointer to internal value */
-	if (it->utype == V_ASN1_ANY) {
-		if (!*pval) {
-			typ = ASN1_TYPE_new();
-			if (typ == NULL)
-				goto err;
-			*pval = (ASN1_VALUE *)typ;
-		} else
-			typ = (ASN1_TYPE *)*pval;
-
-		if (utype != typ->type)
-			ASN1_TYPE_set(typ, utype, NULL);
-		opval = pval;
-		pval = &typ->value.asn1_value;
-	}
-	switch (utype) {
-	case V_ASN1_OBJECT:
-		if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
-			goto err;
-		break;
-
-	case V_ASN1_NULL:
-		if (len) {
-			ASN1err(ASN1_F_ASN1_EX_C2I,
-			    ASN1_R_NULL_IS_WRONG_LENGTH);
-			goto err;
-		}
-		*pval = (ASN1_VALUE *)1;
-		break;
-
-	case V_ASN1_BOOLEAN:
-		if (len != 1) {
-			ASN1err(ASN1_F_ASN1_EX_C2I,
-			    ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
-			goto err;
-		} else {
-			ASN1_BOOLEAN *tbool;
-			tbool = (ASN1_BOOLEAN *)pval;
-			*tbool = *cont;
-		}
-		break;
-
-	case V_ASN1_BIT_STRING:
-		if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
-			goto err;
-		break;
-
-	case V_ASN1_INTEGER:
-	case V_ASN1_ENUMERATED:
-		tint = (ASN1_INTEGER **)pval;
-		if (!c2i_ASN1_INTEGER(tint, &cont, len))
-			goto err;
-		/* Fixup type to match the expected form */
-		(*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
-		break;
-
-	case V_ASN1_OCTET_STRING:
-	case V_ASN1_NUMERICSTRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_T61STRING:
-	case V_ASN1_VIDEOTEXSTRING:
-	case V_ASN1_IA5STRING:
-	case V_ASN1_UTCTIME:
-	case V_ASN1_GENERALIZEDTIME:
-	case V_ASN1_GRAPHICSTRING:
-	case V_ASN1_VISIBLESTRING:
-	case V_ASN1_GENERALSTRING:
-	case V_ASN1_UNIVERSALSTRING:
-	case V_ASN1_BMPSTRING:
-	case V_ASN1_UTF8STRING:
-	case V_ASN1_OTHER:
-	case V_ASN1_SET:
-	case V_ASN1_SEQUENCE:
-	default:
-		if (utype == V_ASN1_BMPSTRING && (len & 1)) {
-			ASN1err(ASN1_F_ASN1_EX_C2I,
-			    ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
-			goto err;
-		}
-		if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
-			ASN1err(ASN1_F_ASN1_EX_C2I,
-			    ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
-			goto err;
-		}
-		/* All based on ASN1_STRING and handled the same */
-		if (!*pval) {
-			stmp = ASN1_STRING_type_new(utype);
-			if (!stmp) {
-				ASN1err(ASN1_F_ASN1_EX_C2I,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			*pval = (ASN1_VALUE *)stmp;
-		} else {
-			stmp = (ASN1_STRING *)*pval;
-			stmp->type = utype;
-		}
-		/* If we've already allocated a buffer use it */
-		if (*free_cont) {
-			free(stmp->data);
-			stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
-			stmp->length = len;
-			*free_cont = 0;
-		} else {
-			if (!ASN1_STRING_set(stmp, cont, len)) {
-				ASN1err(ASN1_F_ASN1_EX_C2I,
-				    ERR_R_MALLOC_FAILURE);
-				ASN1_STRING_free(stmp);
-				*pval = NULL;
-				goto err;
-			}
-		}
-		break;
-	}
-	/* If ASN1_ANY and NULL type fix up value */
-	if (typ && (utype == V_ASN1_NULL))
-		typ->value.ptr = NULL;
-
-	ret = 1;
-
-err:
-	if (!ret) {
-		ASN1_TYPE_free(typ);
-		if (opval)
-			*opval = NULL;
-	}
-	return ret;
-}
-
-
-/* This function finds the end of an ASN1 structure when passed its maximum
- * length, whether it is indefinite length and a pointer to the content.
- * This is more efficient than calling asn1_collect because it does not
- * recurse on each indefinite length header.
- */
-
-static int
-asn1_find_end(const unsigned char **in, long len, char inf)
-{
-	int expected_eoc;
-	long plen;
-	const unsigned char *p = *in, *q;
-
-	/* If not indefinite length constructed just add length */
-	if (inf == 0) {
-		*in += len;
-		return 1;
-	}
-	expected_eoc = 1;
-	/* Indefinite length constructed form. Find the end when enough EOCs
-	 * are found. If more indefinite length constructed headers
-	 * are encountered increment the expected eoc count otherwise just
-	 * skip to the end of the data.
-	 */
-	while (len > 0) {
-		if (asn1_check_eoc(&p, len)) {
-			expected_eoc--;
-			if (expected_eoc == 0)
-				break;
-			len -= 2;
-			continue;
-		}
-		q = p;
-		/* Just read in a header: only care about the length */
-		if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
-		    -1, 0, 0, NULL)) {
-			ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-		if (inf)
-			expected_eoc++;
-		else
-			p += plen;
-		len -= p - q;
-	}
-	if (expected_eoc) {
-		ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
-		return 0;
-	}
-	*in = p;
-	return 1;
-}
-/* This function collects the asn1 data from a constructred string
- * type into a buffer. The values of 'in' and 'len' should refer
- * to the contents of the constructed type and 'inf' should be set
- * if it is indefinite length.
- */
-
-#ifndef ASN1_MAX_STRING_NEST
-/* This determines how many levels of recursion are permitted in ASN1
- * string types. If it is not limited stack overflows can occur. If set
- * to zero no recursion is allowed at all. Although zero should be adequate
- * examples exist that require a value of 1. So 5 should be more than enough.
- */
-#define ASN1_MAX_STRING_NEST 5
-#endif
-
-static int
-asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf,
-    int tag, int aclass, int depth)
-{
-	const unsigned char *p, *q;
-	long plen;
-	char cst, ininf;
-
-	p = *in;
-	inf &= 1;
-	/* If no buffer and not indefinite length constructed just pass over
-	 * the encoded data */
-	if (!buf && !inf) {
-		*in += len;
-		return 1;
-	}
-	while (len > 0) {
-		q = p;
-		/* Check for EOC */
-		if (asn1_check_eoc(&p, len)) {
-			/* EOC is illegal outside indefinite length
-			 * constructed form */
-			if (!inf) {
-				ASN1err(ASN1_F_ASN1_COLLECT,
-				    ASN1_R_UNEXPECTED_EOC);
-				return 0;
-			}
-			inf = 0;
-			break;
-		}
-
-		if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
-		    len, tag, aclass, 0, NULL)) {
-			ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
-			return 0;
-		}
-
-		/* If indefinite length constructed update max length */
-		if (cst) {
-			if (depth >= ASN1_MAX_STRING_NEST) {
-				ASN1err(ASN1_F_ASN1_COLLECT,
-				    ASN1_R_NESTED_ASN1_STRING);
-				return 0;
-			}
-			if (!asn1_collect(buf, &p, plen, ininf, tag, aclass,
-			    depth + 1))
-				return 0;
-		} else if (plen && !collect_data(buf, &p, plen))
-			return 0;
-		len -= p - q;
-	}
-	if (inf) {
-		ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
-		return 0;
-	}
-	*in = p;
-	return 1;
-}
-
-static int
-collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
-{
-	int len;
-	if (buf) {
-		len = buf->length;
-		if (!BUF_MEM_grow_clean(buf, len + plen)) {
-			ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		memcpy(buf->data + len, *p, plen);
-	}
-	*p += plen;
-	return 1;
-}
-
-/* Check for ASN1 EOC and swallow it if found */
-
-static int
-asn1_check_eoc(const unsigned char **in, long len)
-{
-	const unsigned char *p;
-
-	if (len < 2)
-		return 0;
-	p = *in;
-	if (!p[0] && !p[1]) {
-		*in += 2;
-		return 1;
-	}
-	return 0;
-}
-
-/* Check an ASN1 tag and length: a bit like ASN1_get_object
- * but it sets the length for indefinite length constructed
- * form, we don't know the exact length but we can set an
- * upper bound to the amount of data available minus the
- * header length just read.
- */
-
-static int
-asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf,
-    char *cst, const unsigned char **in, long len, int exptag, int expclass,
-    char opt, ASN1_TLC *ctx)
-{
-	int i;
-	int ptag, pclass;
-	long plen;
-	const unsigned char *p, *q;
-
-	p = *in;
-	q = p;
-
-	if (ctx && ctx->valid) {
-		i = ctx->ret;
-		plen = ctx->plen;
-		pclass = ctx->pclass;
-		ptag = ctx->ptag;
-		p += ctx->hdrlen;
-	} else {
-		i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
-		if (ctx) {
-			ctx->ret = i;
-			ctx->plen = plen;
-			ctx->pclass = pclass;
-			ctx->ptag = ptag;
-			ctx->hdrlen = p - q;
-			ctx->valid = 1;
-			/* If definite length, and no error, length +
-			 * header can't exceed total amount of data available.
-			 */
-			if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
-				ASN1err(ASN1_F_ASN1_CHECK_TLEN,
-				    ASN1_R_TOO_LONG);
-				asn1_tlc_clear(ctx);
-				return 0;
-			}
-		}
-	}
-
-	if (i & 0x80) {
-		ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
-		asn1_tlc_clear(ctx);
-		return 0;
-	}
-	if (exptag >= 0) {
-		if ((exptag != ptag) || (expclass != pclass)) {
-			/* If type is OPTIONAL, not an error:
-			 * indicate missing type.
-			 */
-			if (opt)
-				return -1;
-			asn1_tlc_clear(ctx);
-			ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
-			return 0;
-		}
-		/* We have a tag and class match:
-		 * assume we are going to do something with it */
-		asn1_tlc_clear(ctx);
-	}
-
-	if (i & 1)
-		plen = len - (p - q);
-	if (inf)
-		*inf = i & 1;
-	if (cst)
-		*cst = i & V_ASN1_CONSTRUCTED;
-	if (olen)
-		*olen = plen;
-	if (oclass)
-		*oclass = pclass;
-	if (otag)
-		*otag = ptag;
-
-	*in = p;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_enc.c b/lib/libssl/src/crypto/asn1/tasn_enc.c
deleted file mode 100644
index 7d90c68c85e..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ /dev/null
@@ -1,652 +0,0 @@
-/* $OpenBSD: tasn_enc.c,v 1.20 2016/05/04 15:00:24 tedu Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
-    const ASN1_ITEM *it, int tag, int aclass);
-static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
-    int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass);
-static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-    const ASN1_TEMPLATE *tt, int tag, int aclass);
-static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
-    const ASN1_ITEM *it, int flags);
-static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
-    const ASN1_ITEM *it);
-
-/* Top level i2d equivalents: the 'ndef' variant instructs the encoder
- * to use indefinite length constructed encoding, where appropriate
- */
-
-int
-ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
-{
-	return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
-}
-
-int
-ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
-{
-	return asn1_item_flags_i2d(val, out, it, 0);
-}
-
-/* Encode an ASN1 item, this is use by the
- * standard 'i2d' function. 'out' points to
- * a buffer to output the data to.
- *
- * The new i2d has one additional feature. If the output
- * buffer is NULL (i.e. *out == NULL) then a buffer is
- * allocated and populated with the encoding.
- */
-
-static int
-asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it,
-    int flags)
-{
-	if (out && !*out) {
-		unsigned char *p, *buf;
-		int len;
-		len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
-		if (len <= 0)
-			return len;
-		buf = malloc(len);
-		if (!buf)
-			return -1;
-		p = buf;
-		ASN1_item_ex_i2d(&val, &p, it, -1, flags);
-		*out = buf;
-		return len;
-	}
-
-	return ASN1_item_ex_i2d(&val, out, it, -1, flags);
-}
-
-/* Encode an item, taking care of IMPLICIT tagging (if any).
- * This function performs the normal item handling: it can be
- * used in external types.
- */
-
-int
-ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
-    int tag, int aclass)
-{
-	const ASN1_TEMPLATE *tt = NULL;
-	int i, seqcontlen, seqlen, ndef = 1;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb = NULL;
-
-	if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
-		return 0;
-
-	if (aux && aux->asn1_cb)
-		asn1_cb = aux->asn1_cb;
-
-	switch (it->itype) {
-
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates)
-			return asn1_template_ex_i2d(pval, out, it->templates,
-			    tag, aclass);
-		return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
-		break;
-
-	case ASN1_ITYPE_MSTRING:
-		return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
-
-	case ASN1_ITYPE_CHOICE:
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-			return 0;
-		i = asn1_get_choice_selector(pval, it);
-		if ((i >= 0) && (i < it->tcount)) {
-			ASN1_VALUE **pchval;
-			const ASN1_TEMPLATE *chtt;
-			chtt = it->templates + i;
-			pchval = asn1_get_field_ptr(pval, chtt);
-			return asn1_template_ex_i2d(pchval, out, chtt,
-			    -1, aclass);
-		}
-		/* Fixme: error condition if selector out of range */
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
-			return 0;
-		break;
-
-	case ASN1_ITYPE_EXTERN:
-		/* If new style i2d it does all the work */
-		ef = it->funcs;
-		return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-		/* Use indefinite length constructed if requested */
-		if (aclass & ASN1_TFLG_NDEF)
-			ndef = 2;
-		/* fall through */
-
-	case ASN1_ITYPE_SEQUENCE:
-		i = asn1_enc_restore(&seqcontlen, out, pval, it);
-		/* An error occurred */
-		if (i < 0)
-			return 0;
-		/* We have a valid cached encoding... */
-		if (i > 0)
-			return seqcontlen;
-		/* Otherwise carry on */
-		seqcontlen = 0;
-		/* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
-		if (tag == -1) {
-			tag = V_ASN1_SEQUENCE;
-			/* Retain any other flags in aclass */
-			aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) |
-			    V_ASN1_UNIVERSAL;
-		}
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
-			return 0;
-		/* First work out sequence content length */
-		for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if (!seqtt)
-				return 0;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* FIXME: check for errors in enhanced version */
-			seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
-			    -1, aclass);
-		}
-
-		seqlen = ASN1_object_size(ndef, seqcontlen, tag);
-		if (!out)
-			return seqlen;
-		/* Output SEQUENCE header */
-		ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
-		for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			const ASN1_TEMPLATE *seqtt;
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 1);
-			if (!seqtt)
-				return 0;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			/* FIXME: check for errors in enhanced version */
-			asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
-		}
-		if (ndef == 2)
-			ASN1_put_eoc(out);
-		if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
-			return 0;
-		return seqlen;
-
-	default:
-		return 0;
-
-	}
-	return 0;
-}
-
-int
-ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
-    const ASN1_TEMPLATE *tt)
-{
-	return asn1_template_ex_i2d(pval, out, tt, -1, 0);
-}
-
-static int
-asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
-    const ASN1_TEMPLATE *tt, int tag, int iclass)
-{
-	int i, ret, flags, ttag, tclass, ndef;
-	flags = tt->flags;
-	/* Work out tag and class to use: tagging may come
-	 * either from the template or the arguments, not both
-	 * because this would create ambiguity. Additionally
-	 * the iclass argument may contain some additional flags
-	 * which should be noted and passed down to other levels.
-	 */
-	if (flags & ASN1_TFLG_TAG_MASK) {
-		/* Error if argument and template tagging */
-		if (tag != -1)
-			/* FIXME: error code here */
-			return -1;
-		/* Get tagging from template */
-		ttag = tt->tag;
-		tclass = flags & ASN1_TFLG_TAG_CLASS;
-	} else if (tag != -1) {
-		/* No template tagging, get from arguments */
-		ttag = tag;
-		tclass = iclass & ASN1_TFLG_TAG_CLASS;
-	} else {
-		ttag = -1;
-		tclass = 0;
-	}
-	/*
-	 * Remove any class mask from iflag.
-	 */
-	iclass &= ~ASN1_TFLG_TAG_CLASS;
-
-	/* At this point 'ttag' contains the outer tag to use,
-	 * 'tclass' is the class and iclass is any flags passed
-	 * to this function.
-	 */
-
-	/* if template and arguments require ndef, use it */
-	if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
-		ndef = 2;
-	else
-		ndef = 1;
-
-	if (flags & ASN1_TFLG_SK_MASK) {
-		/* SET OF, SEQUENCE OF */
-		STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-		int isset, sktag, skaclass;
-		int skcontlen, sklen;
-		ASN1_VALUE *skitem;
-
-		if (!*pval)
-			return 0;
-
-		if (flags & ASN1_TFLG_SET_OF) {
-			isset = 1;
-			/* 2 means we reorder */
-			if (flags & ASN1_TFLG_SEQUENCE_OF)
-				isset = 2;
-		} else
-			isset = 0;
-
-		/* Work out inner tag value: if EXPLICIT
-		 * or no tagging use underlying type.
-		 */
-		if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
-			sktag = ttag;
-			skaclass = tclass;
-		} else {
-			skaclass = V_ASN1_UNIVERSAL;
-			if (isset)
-				sktag = V_ASN1_SET;
-			else
-				sktag = V_ASN1_SEQUENCE;
-		}
-
-		/* Determine total length of items */
-		skcontlen = 0;
-		for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			skitem = sk_ASN1_VALUE_value(sk, i);
-			skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
-			    ASN1_ITEM_ptr(tt->item), -1, iclass);
-		}
-		sklen = ASN1_object_size(ndef, skcontlen, sktag);
-		/* If EXPLICIT need length of surrounding tag */
-		if (flags & ASN1_TFLG_EXPTAG)
-			ret = ASN1_object_size(ndef, sklen, ttag);
-		else
-			ret = sklen;
-
-		if (!out)
-			return ret;
-
-		/* Now encode this lot... */
-		/* EXPLICIT tag */
-		if (flags & ASN1_TFLG_EXPTAG)
-			ASN1_put_object(out, ndef, sklen, ttag, tclass);
-		/* SET or SEQUENCE and IMPLICIT tag */
-		ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
-		/* And the stuff itself */
-		asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
-		    isset, iclass);
-		if (ndef == 2) {
-			ASN1_put_eoc(out);
-			if (flags & ASN1_TFLG_EXPTAG)
-				ASN1_put_eoc(out);
-		}
-
-		return ret;
-	}
-
-	if (flags & ASN1_TFLG_EXPTAG) {
-		/* EXPLICIT tagging */
-		/* Find length of tagged item */
-		i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item),
-		    -1, iclass);
-		if (!i)
-			return 0;
-		/* Find length of EXPLICIT tag */
-		ret = ASN1_object_size(ndef, i, ttag);
-		if (out) {
-			/* Output tag and item */
-			ASN1_put_object(out, ndef, i, ttag, tclass);
-			ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
-			    -1, iclass);
-			if (ndef == 2)
-				ASN1_put_eoc(out);
-		}
-		return ret;
-	}
-
-	/* Either normal or IMPLICIT tagging: combine class and flags */
-	return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
-	    ttag, tclass | iclass);
-}
-
-/* Temporary structure used to hold DER encoding of items for SET OF */
-
-typedef	struct {
-	unsigned char *data;
-	int length;
-	ASN1_VALUE *field;
-} DER_ENC;
-
-static int
-der_cmp(const void *a, const void *b)
-{
-	const DER_ENC *d1 = a, *d2 = b;
-	int cmplen, i;
-
-	cmplen = (d1->length < d2->length) ? d1->length : d2->length;
-	i = memcmp(d1->data, d2->data, cmplen);
-	if (i)
-		return i;
-	return d1->length - d2->length;
-}
-
-/* Output the content octets of SET OF or SEQUENCE OF */
-
-static int
-asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen,
-    const ASN1_ITEM *item, int do_sort, int iclass)
-{
-	int i;
-	ASN1_VALUE *skitem;
-	unsigned char *tmpdat = NULL, *p = NULL;
-	DER_ENC *derlst = NULL, *tder;
-
-	if (do_sort) {
-		/* Don't need to sort less than 2 items */
-		if (sk_ASN1_VALUE_num(sk) < 2)
-			do_sort = 0;
-		else {
-			derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk),
-			    sizeof(*derlst));
-			tmpdat = malloc(skcontlen);
-			if (!derlst || !tmpdat) {
-				free(derlst);
-				free(tmpdat);
-				return 0;
-			}
-		}
-	}
-	/* If not sorting just output each item */
-	if (!do_sort) {
-		for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			skitem = sk_ASN1_VALUE_value(sk, i);
-			ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
-		}
-		return 1;
-	}
-	p = tmpdat;
-
-	/* Doing sort: build up a list of each member's DER encoding */
-	for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-		skitem = sk_ASN1_VALUE_value(sk, i);
-		tder->data = p;
-		tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
-		tder->field = skitem;
-	}
-
-	/* Now sort them */
-	qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
-	/* Output sorted DER encoding */
-	p = *out;
-	for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
-		memcpy(p, tder->data, tder->length);
-		p += tder->length;
-	}
-	*out = p;
-	/* If do_sort is 2 then reorder the STACK */
-	if (do_sort == 2) {
-		for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
-			(void)sk_ASN1_VALUE_set(sk, i, tder->field);
-	}
-	free(derlst);
-	free(tmpdat);
-	return 1;
-}
-
-static int
-asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
-    const ASN1_ITEM *it, int tag, int aclass)
-{
-	int len;
-	int utype;
-	int usetag;
-	int ndef = 0;
-
-	utype = it->utype;
-
-	/* Get length of content octets and maybe find
-	 * out the underlying type.
-	 */
-
-	len = asn1_ex_i2c(pval, NULL, &utype, it);
-
-	/* If SEQUENCE, SET or OTHER then header is
-	 * included in pseudo content octets so don't
-	 * include tag+length. We need to check here
-	 * because the call to asn1_ex_i2c() could change
-	 * utype.
-	 */
-	if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
-	    (utype == V_ASN1_OTHER))
-		usetag = 0;
-	else
-		usetag = 1;
-
-	/* -1 means omit type */
-	if (len == -1)
-		return 0;
-
-	/* -2 return is special meaning use ndef */
-	if (len == -2) {
-		ndef = 2;
-		len = 0;
-	}
-
-	/* If not implicitly tagged get tag from underlying type */
-	if (tag == -1)
-		tag = utype;
-
-	/* Output tag+length followed by content octets */
-	if (out) {
-		if (usetag)
-			ASN1_put_object(out, ndef, len, tag, aclass);
-		asn1_ex_i2c(pval, *out, &utype, it);
-		if (ndef)
-			ASN1_put_eoc(out);
-		else
-			*out += len;
-	}
-
-	if (usetag)
-		return ASN1_object_size(ndef, len, tag);
-	return len;
-}
-
-/* Produce content octets from a structure */
-
-static int
-asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
-    const ASN1_ITEM *it)
-{
-	ASN1_BOOLEAN *tbool = NULL;
-	ASN1_STRING *strtmp;
-	ASN1_OBJECT *otmp;
-	int utype;
-	const unsigned char *cont;
-	unsigned char c;
-	int len;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-
-	pf = it->funcs;
-	if (pf && pf->prim_i2c)
-		return pf->prim_i2c(pval, cout, putype, it);
-
-	/* Should type be omitted? */
-	if ((it->itype != ASN1_ITYPE_PRIMITIVE) ||
-	    (it->utype != V_ASN1_BOOLEAN)) {
-		if (!*pval)
-			return -1;
-	}
-
-	if (it->itype == ASN1_ITYPE_MSTRING) {
-		/* If MSTRING type set the underlying type */
-		strtmp = (ASN1_STRING *)*pval;
-		utype = strtmp->type;
-		*putype = utype;
-	} else if (it->utype == V_ASN1_ANY) {
-		/* If ANY set type and pointer to value */
-		ASN1_TYPE *typ;
-		typ = (ASN1_TYPE *)*pval;
-		utype = typ->type;
-		*putype = utype;
-		pval = &typ->value.asn1_value;
-	} else
-		utype = *putype;
-
-	switch (utype) {
-	case V_ASN1_OBJECT:
-		otmp = (ASN1_OBJECT *)*pval;
-		cont = otmp->data;
-		len = otmp->length;
-		break;
-
-	case V_ASN1_NULL:
-		cont = NULL;
-		len = 0;
-		break;
-
-	case V_ASN1_BOOLEAN:
-		tbool = (ASN1_BOOLEAN *)pval;
-		if (*tbool == -1)
-			return -1;
-		if (it->utype != V_ASN1_ANY) {
-			/* Default handling if value == size field then omit */
-			if (*tbool && (it->size > 0))
-				return -1;
-			if (!*tbool && !it->size)
-				return -1;
-		}
-		c = (unsigned char)*tbool;
-		cont = &c;
-		len = 1;
-		break;
-
-	case V_ASN1_BIT_STRING:
-		return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
-		    cout ? &cout : NULL);
-		break;
-
-	case V_ASN1_INTEGER:
-	case V_ASN1_ENUMERATED:
-		/* These are all have the same content format
-		 * as ASN1_INTEGER
-		 */
-		return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval,
-		    cout ? &cout : NULL);
-		break;
-
-	case V_ASN1_OCTET_STRING:
-	case V_ASN1_NUMERICSTRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_T61STRING:
-	case V_ASN1_VIDEOTEXSTRING:
-	case V_ASN1_IA5STRING:
-	case V_ASN1_UTCTIME:
-	case V_ASN1_GENERALIZEDTIME:
-	case V_ASN1_GRAPHICSTRING:
-	case V_ASN1_VISIBLESTRING:
-	case V_ASN1_GENERALSTRING:
-	case V_ASN1_UNIVERSALSTRING:
-	case V_ASN1_BMPSTRING:
-	case V_ASN1_UTF8STRING:
-	case V_ASN1_SEQUENCE:
-	case V_ASN1_SET:
-	default:
-		/* All based on ASN1_STRING and handled the same */
-		strtmp = (ASN1_STRING *)*pval;
-		/* Special handling for NDEF */
-		if ((it->size == ASN1_TFLG_NDEF) &&
-		    (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
-			if (cout) {
-				strtmp->data = cout;
-				strtmp->length = 0;
-			}
-			/* Special return code */
-			return -2;
-		}
-		cont = strtmp->data;
-		len = strtmp->length;
-
-		break;
-
-	}
-	if (cout && len)
-		memcpy(cout, cont, len);
-	return len;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_fre.c b/lib/libssl/src/crypto/asn1/tasn_fre.c
deleted file mode 100644
index 30d68786b19..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_fre.c
+++ /dev/null
@@ -1,243 +0,0 @@
-/* $OpenBSD: tasn_fre.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
-    int combine);
-
-/* Free up an ASN1 structure */
-
-void
-ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
-{
-	asn1_item_combine_free(&val, it, 0);
-}
-
-void
-ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	asn1_item_combine_free(pval, it, 0);
-}
-
-static void
-asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
-{
-	const ASN1_TEMPLATE *tt = NULL, *seqtt;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb = NULL;
-	int i;
-
-	if (pval == NULL || *pval == NULL)
-		return;
-
-	if (aux != NULL && aux->asn1_cb != NULL)
-		asn1_cb = aux->asn1_cb;
-
-	switch (it->itype) {
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates)
-			ASN1_template_free(pval, it->templates);
-		else
-			ASN1_primitive_free(pval, it);
-		break;
-
-	case ASN1_ITYPE_MSTRING:
-		ASN1_primitive_free(pval, it);
-		break;
-
-	case ASN1_ITYPE_CHOICE:
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
-			if (i == 2)
-				return;
-		}
-		i = asn1_get_choice_selector(pval, it);
-		if ((i >= 0) && (i < it->tcount)) {
-			ASN1_VALUE **pchval;
-			tt = it->templates + i;
-			pchval = asn1_get_field_ptr(pval, tt);
-			ASN1_template_free(pchval, tt);
-		}
-		if (asn1_cb)
-			asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
-		if (!combine) {
-			free(*pval);
-			*pval = NULL;
-		}
-		break;
-
-	case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if (ef && ef->asn1_ex_free)
-			ef->asn1_ex_free(pval, it);
-		break;
-
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-	case ASN1_ITYPE_SEQUENCE:
-		if (asn1_do_lock(pval, -1, it) > 0)
-			return;
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
-			if (i == 2)
-				return;
-		}
-		asn1_enc_free(pval, it);
-		/* If we free up as normal we will invalidate any
-		 * ANY DEFINED BY field and we wont be able to
-		 * determine the type of the field it defines. So
-		 * free up in reverse order.
-		 */
-		tt = it->templates + it->tcount - 1;
-		for (i = 0; i < it->tcount; tt--, i++) {
-			ASN1_VALUE **pseqval;
-			seqtt = asn1_do_adb(pval, tt, 0);
-			if (!seqtt)
-				continue;
-			pseqval = asn1_get_field_ptr(pval, seqtt);
-			ASN1_template_free(pseqval, seqtt);
-		}
-		if (asn1_cb)
-			asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
-		if (!combine) {
-			free(*pval);
-			*pval = NULL;
-		}
-		break;
-	}
-}
-
-void
-ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	int i;
-	if (tt->flags & ASN1_TFLG_SK_MASK) {
-		STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
-		for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
-			ASN1_VALUE *vtmp;
-			vtmp = sk_ASN1_VALUE_value(sk, i);
-			asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item),
-			    0);
-		}
-		sk_ASN1_VALUE_free(sk);
-		*pval = NULL;
-	} else
-		asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
-		    tt->flags & ASN1_TFLG_COMBINE);
-}
-
-void
-ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int utype;
-	if (it) {
-		const ASN1_PRIMITIVE_FUNCS *pf;
-		pf = it->funcs;
-		if (pf && pf->prim_free) {
-			pf->prim_free(pval, it);
-			return;
-		}
-	}
-	/* Special case: if 'it' is NULL free contents of ASN1_TYPE */
-	if (!it) {
-		ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
-		utype = typ->type;
-		pval = &typ->value.asn1_value;
-		if (!*pval)
-			return;
-	} else if (it->itype == ASN1_ITYPE_MSTRING) {
-		utype = -1;
-		if (!*pval)
-			return;
-	} else {
-		utype = it->utype;
-		if ((utype != V_ASN1_BOOLEAN) && !*pval)
-			return;
-	}
-
-	switch (utype) {
-	case V_ASN1_OBJECT:
-		ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
-		break;
-
-	case V_ASN1_BOOLEAN:
-		if (it)
-			*(ASN1_BOOLEAN *)pval = it->size;
-		else
-			*(ASN1_BOOLEAN *)pval = -1;
-		return;
-
-	case V_ASN1_NULL:
-		break;
-
-	case V_ASN1_ANY:
-		ASN1_primitive_free(pval, NULL);
-		free(*pval);
-		break;
-
-	default:
-		ASN1_STRING_free((ASN1_STRING *)*pval);
-		break;
-	}
-	*pval = NULL;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_new.c b/lib/libssl/src/crypto/asn1/tasn_new.c
deleted file mode 100644
index 986e5811b6c..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_new.c
+++ /dev/null
@@ -1,374 +0,0 @@
-/* $OpenBSD: tasn_new.c,v 1.15 2015/07/20 15:43:23 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stddef.h>
-#include <openssl/asn1.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-#include <string.h>
-
-static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
-    int combine);
-static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
-static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-ASN1_VALUE *
-ASN1_item_new(const ASN1_ITEM *it)
-{
-	ASN1_VALUE *ret = NULL;
-	if (ASN1_item_ex_new(&ret, it) > 0)
-		return ret;
-	return NULL;
-}
-
-/* Allocate an ASN1 structure */
-
-int
-ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	return asn1_item_ex_combine_new(pval, it, 0);
-}
-
-static int
-asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
-{
-	const ASN1_TEMPLATE *tt = NULL;
-	const ASN1_EXTERN_FUNCS *ef;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb = NULL;
-	ASN1_VALUE **pseqval;
-	int i;
-
-	if (aux != NULL && aux->asn1_cb != NULL)
-		asn1_cb = aux->asn1_cb;
-
-	if (!combine)
-		*pval = NULL;
-
-#ifdef CRYPTO_MDEBUG
-	if (it->sname)
-		CRYPTO_push_info(it->sname);
-#endif
-
-	switch (it->itype) {
-	case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if (ef && ef->asn1_ex_new) {
-			if (!ef->asn1_ex_new(pval, it))
-				goto memerr;
-		}
-		break;
-
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates) {
-			if (!ASN1_template_new(pval, it->templates))
-				goto memerr;
-		} else if (!ASN1_primitive_new(pval, it))
-			goto memerr;
-		break;
-
-	case ASN1_ITYPE_MSTRING:
-		if (!ASN1_primitive_new(pval, it))
-			goto memerr;
-		break;
-
-	case ASN1_ITYPE_CHOICE:
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
-			if (!i)
-				goto auxerr;
-			if (i == 2) {
-#ifdef CRYPTO_MDEBUG
-				if (it->sname)
-					CRYPTO_pop_info();
-#endif
-				return 1;
-			}
-		}
-		if (!combine) {
-			*pval = calloc(1, it->size);
-			if (!*pval)
-				goto memerr;
-		}
-		asn1_set_choice_selector(pval, -1, it);
-		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-			goto auxerr;
-		break;
-
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-	case ASN1_ITYPE_SEQUENCE:
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
-			if (!i)
-				goto auxerr;
-			if (i == 2) {
-#ifdef CRYPTO_MDEBUG
-				if (it->sname)
-					CRYPTO_pop_info();
-#endif
-				return 1;
-			}
-		}
-		if (!combine) {
-			*pval = calloc(1, it->size);
-			if (!*pval)
-				goto memerr;
-			asn1_do_lock(pval, 0, it);
-			asn1_enc_init(pval, it);
-		}
-		for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
-			pseqval = asn1_get_field_ptr(pval, tt);
-			if (!ASN1_template_new(pseqval, tt))
-				goto memerr;
-		}
-		if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
-			goto auxerr;
-		break;
-	}
-#ifdef CRYPTO_MDEBUG
-	if (it->sname)
-		CRYPTO_pop_info();
-#endif
-	return 1;
-
-memerr:
-	ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
-#ifdef CRYPTO_MDEBUG
-	if (it->sname)
-		CRYPTO_pop_info();
-#endif
-	return 0;
-
-auxerr:
-	ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
-	ASN1_item_ex_free(pval, it);
-#ifdef CRYPTO_MDEBUG
-	if (it->sname)
-		CRYPTO_pop_info();
-#endif
-	return 0;
-
-}
-
-static void
-asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	const ASN1_EXTERN_FUNCS *ef;
-
-	switch (it->itype) {
-	case ASN1_ITYPE_EXTERN:
-		ef = it->funcs;
-		if (ef && ef->asn1_ex_clear)
-			ef->asn1_ex_clear(pval, it);
-		else
-			*pval = NULL;
-		break;
-
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates)
-			asn1_template_clear(pval, it->templates);
-		else
-			asn1_primitive_clear(pval, it);
-		break;
-
-	case ASN1_ITYPE_MSTRING:
-		asn1_primitive_clear(pval, it);
-		break;
-
-	case ASN1_ITYPE_CHOICE:
-	case ASN1_ITYPE_SEQUENCE:
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-		*pval = NULL;
-		break;
-	}
-}
-
-int
-ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
-	int ret;
-
-	if (tt->flags & ASN1_TFLG_OPTIONAL) {
-		asn1_template_clear(pval, tt);
-		return 1;
-	}
-	/* If ANY DEFINED BY nothing to do */
-
-	if (tt->flags & ASN1_TFLG_ADB_MASK) {
-		*pval = NULL;
-		return 1;
-	}
-#ifdef CRYPTO_MDEBUG
-	if (tt->field_name)
-		CRYPTO_push_info(tt->field_name);
-#endif
-	/* If SET OF or SEQUENCE OF, its a STACK */
-	if (tt->flags & ASN1_TFLG_SK_MASK) {
-		STACK_OF(ASN1_VALUE) *skval;
-		skval = sk_ASN1_VALUE_new_null();
-		if (!skval) {
-			ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
-			ret = 0;
-			goto done;
-		}
-		*pval = (ASN1_VALUE *)skval;
-		ret = 1;
-		goto done;
-	}
-	/* Otherwise pass it back to the item routine */
-	ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
-done:
-#ifdef CRYPTO_MDEBUG
-	if (it->sname)
-		CRYPTO_pop_info();
-#endif
-	return ret;
-}
-
-static void
-asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	/* If ADB or STACK just NULL the field */
-	if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK))
-		*pval = NULL;
-	else
-		asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
-}
-
-
-/* NB: could probably combine most of the real XXX_new() behaviour and junk
- * all the old functions.
- */
-
-int
-ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_TYPE *typ;
-	ASN1_STRING *str;
-	int utype;
-
-	if (it && it->funcs) {
-		const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
-		if (pf->prim_new)
-			return pf->prim_new(pval, it);
-	}
-
-	if (!it || (it->itype == ASN1_ITYPE_MSTRING))
-		utype = V_ASN1_UNDEF;
-	else
-		utype = it->utype;
-	switch (utype) {
-	case V_ASN1_OBJECT:
-		*pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
-		return 1;
-
-	case V_ASN1_BOOLEAN:
-		*(ASN1_BOOLEAN *)pval = it->size;
-		return 1;
-
-	case V_ASN1_NULL:
-		*pval = (ASN1_VALUE *)1;
-		return 1;
-
-	case V_ASN1_ANY:
-		typ = malloc(sizeof(ASN1_TYPE));
-		if (typ != NULL) {
-			typ->value.ptr = NULL;
-			typ->type = V_ASN1_UNDEF;
-		}
-		*pval = (ASN1_VALUE *)typ;
-		break;
-
-	default:
-		str = ASN1_STRING_type_new(utype);
-		if (it != NULL && it->itype == ASN1_ITYPE_MSTRING &&
-		    str != NULL)
-			str->flags |= ASN1_STRING_FLAG_MSTRING;
-		*pval = (ASN1_VALUE *)str;
-		break;
-	}
-	if (*pval)
-		return 1;
-	return 0;
-}
-
-static void
-asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int utype;
-	if (it && it->funcs) {
-		const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
-		if (pf->prim_clear)
-			pf->prim_clear(pval, it);
-		else
-			*pval = NULL;
-		return;
-	}
-	if (!it || (it->itype == ASN1_ITYPE_MSTRING))
-		utype = V_ASN1_UNDEF;
-	else
-		utype = it->utype;
-	if (utype == V_ASN1_BOOLEAN)
-		*(ASN1_BOOLEAN *)pval = it->size;
-	else
-		*pval = NULL;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_prn.c b/lib/libssl/src/crypto/asn1/tasn_prn.c
deleted file mode 100644
index c8601a1a895..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_prn.c
+++ /dev/null
@@ -1,596 +0,0 @@
-/* $OpenBSD: tasn_prn.c,v 1.14 2015/12/23 01:50:26 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000,2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509v3.h>
-
-#include "asn1_locl.h"
-
-/* Print routines.
- */
-
-/* ASN1_PCTX routines */
-
-ASN1_PCTX default_pctx = {
-	ASN1_PCTX_FLAGS_SHOW_ABSENT,	/* flags */
-	0,				/* nm_flags */
-	0,				/* cert_flags */
-	0,				/* oid_flags */
-	0				/* str_flags */
-};
-
-
-ASN1_PCTX *
-ASN1_PCTX_new(void)
-{
-	ASN1_PCTX *ret;
-	ret = malloc(sizeof(ASN1_PCTX));
-	if (ret == NULL) {
-		ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->flags = 0;
-	ret->nm_flags = 0;
-	ret->cert_flags = 0;
-	ret->oid_flags = 0;
-	ret->str_flags = 0;
-	return ret;
-}
-
-void
-ASN1_PCTX_free(ASN1_PCTX *p)
-{
-	free(p);
-}
-
-unsigned long
-ASN1_PCTX_get_flags(ASN1_PCTX *p)
-{
-	return p->flags;
-}
-
-void
-ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
-{
-	p->flags = flags;
-}
-
-unsigned long
-ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
-{
-	return p->nm_flags;
-}
-
-void
-ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
-{
-	p->nm_flags = flags;
-}
-
-unsigned long
-ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
-{
-	return p->cert_flags;
-}
-
-void
-ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
-{
-	p->cert_flags = flags;
-}
-
-unsigned long
-ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
-{
-	return p->oid_flags;
-}
-
-void
-ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
-{
-	p->oid_flags = flags;
-}
-
-unsigned long
-ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
-{
-	return p->str_flags;
-}
-
-void
-ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
-{
-	p->str_flags = flags;
-}
-
-/* Main print routines */
-
-static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-    const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr,
-    const ASN1_PCTX *pctx);
-
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-    const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
-
-static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
-    const ASN1_ITEM *it, int indent, const char *fname, const char *sname,
-    const ASN1_PCTX *pctx);
-
-static int asn1_print_fsname(BIO *out, int indent, const char *fname,
-    const char *sname, const ASN1_PCTX *pctx);
-
-int
-ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it,
-    const ASN1_PCTX *pctx)
-{
-	const char *sname;
-
-	if (pctx == NULL)
-		pctx = &default_pctx;
-	if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
-		sname = NULL;
-	else
-		sname = it->sname;
-	return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname,
-	    0, pctx);
-}
-
-static int
-asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it,
-    const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx)
-{
-	const ASN1_TEMPLATE *tt;
-	const ASN1_EXTERN_FUNCS *ef;
-	ASN1_VALUE **tmpfld;
-	const ASN1_AUX *aux = it->funcs;
-	ASN1_aux_cb *asn1_cb;
-	ASN1_PRINT_ARG parg;
-	int i;
-
-	if (aux && aux->asn1_cb) {
-		parg.out = out;
-		parg.indent = indent;
-		parg.pctx = pctx;
-		asn1_cb = aux->asn1_cb;
-	} else
-		asn1_cb = NULL;
-
-	if (*fld == NULL) {
-		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
-			if (!nohdr &&
-			    !asn1_print_fsname(out, indent, fname, sname, pctx))
-				return 0;
-			if (BIO_puts(out, "<ABSENT>\n") <= 0)
-				return 0;
-		}
-		return 1;
-	}
-
-	switch (it->itype) {
-	case ASN1_ITYPE_PRIMITIVE:
-		if (it->templates) {
-			if (!asn1_template_print_ctx(out, fld, indent,
-			    it->templates, pctx))
-				return 0;
-		}
-		/* fall thru */
-	case ASN1_ITYPE_MSTRING:
-		if (!asn1_primitive_print(out, fld, it,
-		    indent, fname, sname, pctx))
-			return 0;
-		break;
-
-	case ASN1_ITYPE_EXTERN:
-		if (!nohdr &&
-		    !asn1_print_fsname(out, indent, fname, sname, pctx))
-			return 0;
-		/* Use new style print routine if possible */
-		ef = it->funcs;
-		if (ef && ef->asn1_ex_print) {
-			i = ef->asn1_ex_print(out, fld, indent, "", pctx);
-			if (!i)
-				return 0;
-			if ((i == 2) && (BIO_puts(out, "\n") <= 0))
-				return 0;
-			return 1;
-		} else if (sname &&
-		    BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
-			return 0;
-		break;
-
-	case ASN1_ITYPE_CHOICE:
-		/* CHOICE type, get selector */
-		i = asn1_get_choice_selector(fld, it);
-		/* This should never happen... */
-		if ((i < 0) || (i >= it->tcount)) {
-			if (BIO_printf(out,
-			    "ERROR: selector [%d] invalid\n", i) <= 0)
-				return 0;
-			return 1;
-		}
-		tt = it->templates + i;
-		tmpfld = asn1_get_field_ptr(fld, tt);
-		if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
-			return 0;
-		break;
-
-	case ASN1_ITYPE_SEQUENCE:
-	case ASN1_ITYPE_NDEF_SEQUENCE:
-		if (!nohdr &&
-		    !asn1_print_fsname(out, indent, fname, sname, pctx))
-			return 0;
-		if (fname || sname) {
-			if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-				if (BIO_puts(out, " {\n") <= 0)
-					return 0;
-			} else {
-				if (BIO_puts(out, "\n") <= 0)
-					return 0;
-			}
-		}
-
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
-			if (i == 0)
-				return 0;
-			if (i == 2)
-				return 1;
-		}
-
-		/* Print each field entry */
-		for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
-			const ASN1_TEMPLATE *seqtt;
-
-			seqtt = asn1_do_adb(fld, tt, 1);
-			if (seqtt == NULL)
-				return 0;
-			tmpfld = asn1_get_field_ptr(fld, seqtt);
-			if (!asn1_template_print_ctx(out, tmpfld, indent + 2,
-			    seqtt, pctx))
-				return 0;
-		}
-		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-			if (BIO_printf(out, "%*s}\n", indent, "") < 0)
-				return 0;
-		}
-
-		if (asn1_cb) {
-			i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
-			if (i == 0)
-				return 0;
-		}
-		break;
-
-	default:
-		BIO_printf(out, "Unprocessed type %d\n", it->itype);
-		return 0;
-	}
-
-	return 1;
-}
-
-int
-asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
-    const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
-{
-	int i, flags;
-	const char *sname, *fname;
-
-	flags = tt->flags;
-	if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
-		sname = ASN1_ITEM_ptr(tt->item)->sname;
-	else
-		sname = NULL;
-	if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
-		fname = NULL;
-	else
-		fname = tt->field_name;
-	if (flags & ASN1_TFLG_SK_MASK) {
-		char *tname;
-		ASN1_VALUE *skitem;
-		STACK_OF(ASN1_VALUE) *stack;
-
-		/* SET OF, SEQUENCE OF */
-		if (fname) {
-			if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
-				if (flags & ASN1_TFLG_SET_OF)
-					tname = "SET";
-				else
-					tname = "SEQUENCE";
-				if (BIO_printf(out, "%*s%s OF %s {\n",
-				    indent, "", tname, tt->field_name) <= 0)
-					return 0;
-			} else if (BIO_printf(out, "%*s%s:\n", indent, "",
-			    fname) <= 0)
-				return 0;
-		}
-		stack = (STACK_OF(ASN1_VALUE) *)*fld;
-		for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
-			if ((i > 0) && (BIO_puts(out, "\n") <= 0))
-				return 0;
-			skitem = sk_ASN1_VALUE_value(stack, i);
-			if (!asn1_item_print_ctx(out, &skitem, indent + 2,
-			    ASN1_ITEM_ptr(tt->item), NULL, NULL, 1, pctx))
-				return 0;
-		}
-		if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
-			return 0;
-		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
-			if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
-				return 0;
-		}
-		return 1;
-	}
-	return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
-	    fname, sname, 0, pctx);
-}
-
-static int
-asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname,
-    const ASN1_PCTX *pctx)
-{
-	static char spaces[] = "                    ";
-	const int nspaces = sizeof(spaces) - 1;
-
-	while (indent > nspaces) {
-		if (BIO_write(out, spaces, nspaces) != nspaces)
-			return 0;
-		indent -= nspaces;
-	}
-	if (BIO_write(out, spaces, indent) != indent)
-		return 0;
-	if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
-		sname = NULL;
-	if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
-		fname = NULL;
-	if (!sname && !fname)
-		return 1;
-	if (fname) {
-		if (BIO_puts(out, fname) <= 0)
-			return 0;
-	}
-	if (sname) {
-		if (fname) {
-			if (BIO_printf(out, " (%s)", sname) <= 0)
-				return 0;
-		} else {
-			if (BIO_puts(out, sname) <= 0)
-				return 0;
-		}
-	}
-	if (BIO_write(out, ": ", 2) != 2)
-		return 0;
-	return 1;
-}
-
-static int
-asn1_print_boolean_ctx(BIO *out, int boolval, const ASN1_PCTX *pctx)
-{
-	const char *str;
-	switch (boolval) {
-	case -1:
-		str = "BOOL ABSENT";
-		break;
-
-	case 0:
-		str = "FALSE";
-		break;
-
-	default:
-		str = "TRUE";
-		break;
-
-	}
-
-	if (BIO_puts(out, str) <= 0)
-		return 0;
-	return 1;
-
-}
-
-static int
-asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str, const ASN1_PCTX *pctx)
-{
-	char *s;
-	int ret = 1;
-	s = i2s_ASN1_INTEGER(NULL, str);
-	if (BIO_puts(out, s) <= 0)
-		ret = 0;
-	free(s);
-	return ret;
-}
-
-static int
-asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid, const ASN1_PCTX *pctx)
-{
-	char objbuf[80];
-	const char *ln;
-	ln = OBJ_nid2ln(OBJ_obj2nid(oid));
-	if (!ln)
-		ln = "";
-	OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
-	if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
-		return 0;
-	return 1;
-}
-
-static int
-asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
-    const ASN1_PCTX *pctx)
-{
-	if (str->type == V_ASN1_BIT_STRING) {
-		if (BIO_printf(out, " (%ld unused bits)\n",
-		    str->flags & 0x7) <= 0)
-			return 0;
-	} else if (BIO_puts(out, "\n") <= 0)
-		return 0;
-	if ((str->length > 0) &&
-	    BIO_dump_indent(out, (char *)str->data, str->length,
-	    indent + 2) <= 0)
-		return 0;
-	return 1;
-}
-
-static int
-asn1_primitive_print(BIO *out, ASN1_VALUE **fld, const ASN1_ITEM *it,
-    int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx)
-{
-	long utype;
-	ASN1_STRING *str;
-	int ret = 1, needlf = 1;
-	const char *pname;
-	const ASN1_PRIMITIVE_FUNCS *pf;
-
-	pf = it->funcs;
-	if (!asn1_print_fsname(out, indent, fname, sname, pctx))
-		return 0;
-	if (pf && pf->prim_print)
-		return pf->prim_print(out, fld, it, indent, pctx);
-	str = (ASN1_STRING *)*fld;
-	if (it->itype == ASN1_ITYPE_MSTRING)
-		utype = str->type & ~V_ASN1_NEG;
-	else
-		utype = it->utype;
-	if (utype == V_ASN1_ANY) {
-		ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
-		utype = atype->type;
-		fld = &atype->value.asn1_value;
-		str = (ASN1_STRING *)*fld;
-		if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
-			pname = NULL;
-		else
-			pname = ASN1_tag2str(utype);
-	} else {
-		if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
-			pname = ASN1_tag2str(utype);
-		else
-			pname = NULL;
-	}
-
-	if (utype == V_ASN1_NULL) {
-		if (BIO_puts(out, "NULL\n") <= 0)
-			return 0;
-		return 1;
-	}
-
-	if (pname) {
-		if (BIO_puts(out, pname) <= 0)
-			return 0;
-		if (BIO_puts(out, ":") <= 0)
-			return 0;
-	}
-
-	switch (utype) {
-	case V_ASN1_BOOLEAN:
-		{
-			int boolval = *(int *)fld;
-			if (boolval == -1)
-				boolval = it->size;
-			ret = asn1_print_boolean_ctx(out, boolval, pctx);
-		}
-		break;
-
-	case V_ASN1_INTEGER:
-	case V_ASN1_ENUMERATED:
-		ret = asn1_print_integer_ctx(out, str, pctx);
-		break;
-
-	case V_ASN1_UTCTIME:
-		ret = ASN1_UTCTIME_print(out, str);
-		break;
-
-	case V_ASN1_GENERALIZEDTIME:
-		ret = ASN1_GENERALIZEDTIME_print(out, str);
-		break;
-
-	case V_ASN1_OBJECT:
-		ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
-		break;
-
-	case V_ASN1_OCTET_STRING:
-	case V_ASN1_BIT_STRING:
-		ret = asn1_print_obstring_ctx(out, str, indent, pctx);
-		needlf = 0;
-		break;
-
-	case V_ASN1_SEQUENCE:
-	case V_ASN1_SET:
-	case V_ASN1_OTHER:
-		if (BIO_puts(out, "\n") <= 0)
-			return 0;
-		if (ASN1_parse_dump(out, str->data, str->length,
-		    indent, 0) <= 0)
-			ret = 0;
-		needlf = 0;
-		break;
-
-	default:
-		ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
-	}
-	if (!ret)
-		return 0;
-	if (needlf && BIO_puts(out, "\n") <= 0)
-		return 0;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_typ.c b/lib/libssl/src/crypto/asn1/tasn_typ.c
deleted file mode 100644
index 542713aa097..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_typ.c
+++ /dev/null
@@ -1,799 +0,0 @@
-/* $OpenBSD: tasn_typ.c,v 1.13 2015/07/24 15:09:52 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Declarations for string types */
-
-const ASN1_ITEM ASN1_INTEGER_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_INTEGER,
-	.sname = "ASN1_INTEGER",
-};
-
-ASN1_INTEGER *
-d2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **in, long len)
-{
-	return (ASN1_INTEGER *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_INTEGER_it);
-}
-
-int
-i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_INTEGER_it);
-}
-
-ASN1_INTEGER *
-ASN1_INTEGER_new(void)
-{
-	return (ASN1_INTEGER *)ASN1_item_new(&ASN1_INTEGER_it);
-}
-
-void
-ASN1_INTEGER_free(ASN1_INTEGER *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_INTEGER_it);
-}
-
-
-const ASN1_ITEM ASN1_ENUMERATED_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_ENUMERATED,
-	.sname = "ASN1_ENUMERATED",
-};
-
-ASN1_ENUMERATED *
-d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, const unsigned char **in, long len)
-{
-	return (ASN1_ENUMERATED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_ENUMERATED_it);
-}
-
-int
-i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ENUMERATED_it);
-}
-
-ASN1_ENUMERATED *
-ASN1_ENUMERATED_new(void)
-{
-	return (ASN1_ENUMERATED *)ASN1_item_new(&ASN1_ENUMERATED_it);
-}
-
-void
-ASN1_ENUMERATED_free(ASN1_ENUMERATED *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_ENUMERATED_it);
-}
-
-
-const ASN1_ITEM ASN1_BIT_STRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_BIT_STRING,
-	.sname = "ASN1_BIT_STRING",
-};
-
-ASN1_BIT_STRING *
-d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_BIT_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_BIT_STRING_it);
-}
-
-int
-i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BIT_STRING_it);
-}
-
-ASN1_BIT_STRING *
-ASN1_BIT_STRING_new(void)
-{
-	return (ASN1_BIT_STRING *)ASN1_item_new(&ASN1_BIT_STRING_it);
-}
-
-void
-ASN1_BIT_STRING_free(ASN1_BIT_STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_BIT_STRING_it);
-}
-
-
-const ASN1_ITEM ASN1_OCTET_STRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_OCTET_STRING,
-	.sname = "ASN1_OCTET_STRING",
-};
-
-ASN1_OCTET_STRING *
-d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_OCTET_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_OCTET_STRING_it);
-}
-
-int
-i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_OCTET_STRING_it);
-}
-
-ASN1_OCTET_STRING *
-ASN1_OCTET_STRING_new(void)
-{
-	return (ASN1_OCTET_STRING *)ASN1_item_new(&ASN1_OCTET_STRING_it);
-}
-
-void
-ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_OCTET_STRING_it);
-}
-
-
-const ASN1_ITEM ASN1_NULL_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_NULL,
-	.sname = "ASN1_NULL",
-};
-
-ASN1_NULL *
-d2i_ASN1_NULL(ASN1_NULL **a, const unsigned char **in, long len)
-{
-	return (ASN1_NULL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_NULL_it);
-}
-
-int
-i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_NULL_it);
-}
-
-ASN1_NULL *
-ASN1_NULL_new(void)
-{
-	return (ASN1_NULL *)ASN1_item_new(&ASN1_NULL_it);
-}
-
-void
-ASN1_NULL_free(ASN1_NULL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_NULL_it);
-}
-
-
-const ASN1_ITEM ASN1_OBJECT_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_OBJECT,
-	.sname = "ASN1_OBJECT",
-};
-
-
-const ASN1_ITEM ASN1_UTF8STRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_UTF8STRING,
-	.sname = "ASN1_UTF8STRING",
-};
-
-ASN1_UTF8STRING *
-d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_UTF8STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_UTF8STRING_it);
-}
-
-int
-i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTF8STRING_it);
-}
-
-ASN1_UTF8STRING *
-ASN1_UTF8STRING_new(void)
-{
-	return (ASN1_UTF8STRING *)ASN1_item_new(&ASN1_UTF8STRING_it);
-}
-
-void
-ASN1_UTF8STRING_free(ASN1_UTF8STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTF8STRING_it);
-}
-
-
-const ASN1_ITEM ASN1_PRINTABLESTRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_PRINTABLESTRING,
-	.sname = "ASN1_PRINTABLESTRING",
-};
-
-ASN1_PRINTABLESTRING *
-d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, const unsigned char **in,
-    long len)
-{
-	return (ASN1_PRINTABLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_PRINTABLESTRING_it);
-}
-
-int
-i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLESTRING_it);
-}
-
-ASN1_PRINTABLESTRING *
-ASN1_PRINTABLESTRING_new(void)
-{
-	return (ASN1_PRINTABLESTRING *)ASN1_item_new(&ASN1_PRINTABLESTRING_it);
-}
-
-void
-ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLESTRING_it);
-}
-
-
-const ASN1_ITEM ASN1_T61STRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_T61STRING,
-	.sname = "ASN1_T61STRING",
-};
-
-ASN1_T61STRING *
-d2i_ASN1_T61STRING(ASN1_T61STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_T61STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_T61STRING_it);
-}
-
-int
-i2d_ASN1_T61STRING(ASN1_T61STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_T61STRING_it);
-}
-
-ASN1_T61STRING *
-ASN1_T61STRING_new(void)
-{
-	return (ASN1_T61STRING *)ASN1_item_new(&ASN1_T61STRING_it);
-}
-
-void
-ASN1_T61STRING_free(ASN1_T61STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_T61STRING_it);
-}
-
-
-const ASN1_ITEM ASN1_IA5STRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_IA5STRING,
-	.sname = "ASN1_IA5STRING",
-};
-
-ASN1_IA5STRING *
-d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_IA5STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_IA5STRING_it);
-}
-
-int
-i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_IA5STRING_it);
-}
-
-ASN1_IA5STRING *
-ASN1_IA5STRING_new(void)
-{
-	return (ASN1_IA5STRING *)ASN1_item_new(&ASN1_IA5STRING_it);
-}
-
-void
-ASN1_IA5STRING_free(ASN1_IA5STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_IA5STRING_it);
-}
-
-
-const ASN1_ITEM ASN1_GENERALSTRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_GENERALSTRING,
-	.sname = "ASN1_GENERALSTRING",
-};
-
-ASN1_GENERALSTRING *
-d2i_ASN1_GENERALSTRING(ASN1_GENERALSTRING **a, const unsigned char **in,
-    long len)
-{
-	return (ASN1_GENERALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_GENERALSTRING_it);
-}
-
-int
-i2d_ASN1_GENERALSTRING(ASN1_GENERALSTRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALSTRING_it);
-}
-
-ASN1_GENERALSTRING *
-ASN1_GENERALSTRING_new(void)
-{
-	return (ASN1_GENERALSTRING *)ASN1_item_new(&ASN1_GENERALSTRING_it);
-}
-
-void
-ASN1_GENERALSTRING_free(ASN1_GENERALSTRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALSTRING_it);
-}
-
-
-const ASN1_ITEM ASN1_UTCTIME_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_UTCTIME,
-	.sname = "ASN1_UTCTIME",
-};
-
-ASN1_UTCTIME *
-d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, const unsigned char **in, long len)
-{
-	return (ASN1_UTCTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_UTCTIME_it);
-}
-
-int
-i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTCTIME_it);
-}
-
-ASN1_UTCTIME *
-ASN1_UTCTIME_new(void)
-{
-	return (ASN1_UTCTIME *)ASN1_item_new(&ASN1_UTCTIME_it);
-}
-
-void
-ASN1_UTCTIME_free(ASN1_UTCTIME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTCTIME_it);
-}
-
-
-const ASN1_ITEM ASN1_GENERALIZEDTIME_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_GENERALIZEDTIME,
-	.sname = "ASN1_GENERALIZEDTIME",
-};
-
-ASN1_GENERALIZEDTIME *
-d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, const unsigned char **in,
-    long len)
-{
-	return (ASN1_GENERALIZEDTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_GENERALIZEDTIME_it);
-}
-
-int
-i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALIZEDTIME_it);
-}
-
-ASN1_GENERALIZEDTIME *
-ASN1_GENERALIZEDTIME_new(void)
-{
-	return (ASN1_GENERALIZEDTIME *)ASN1_item_new(&ASN1_GENERALIZEDTIME_it);
-}
-
-void
-ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALIZEDTIME_it);
-}
-
-
-const ASN1_ITEM ASN1_VISIBLESTRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_VISIBLESTRING,
-	.sname = "ASN1_VISIBLESTRING",
-};
-
-ASN1_VISIBLESTRING *
-d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, const unsigned char **in,
-    long len)
-{
-	return (ASN1_VISIBLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_VISIBLESTRING_it);
-}
-
-int
-i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_VISIBLESTRING_it);
-}
-
-ASN1_VISIBLESTRING *
-ASN1_VISIBLESTRING_new(void)
-{
-	return (ASN1_VISIBLESTRING *)ASN1_item_new(&ASN1_VISIBLESTRING_it);
-}
-
-void
-ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_VISIBLESTRING_it);
-}
-
-
-const ASN1_ITEM ASN1_UNIVERSALSTRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_UNIVERSALSTRING,
-	.sname = "ASN1_UNIVERSALSTRING",
-};
-
-ASN1_UNIVERSALSTRING *
-d2i_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING **a, const unsigned char **in,
-    long len)
-{
-	return (ASN1_UNIVERSALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_UNIVERSALSTRING_it);
-}
-
-int
-i2d_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UNIVERSALSTRING_it);
-}
-
-ASN1_UNIVERSALSTRING *
-ASN1_UNIVERSALSTRING_new(void)
-{
-	return (ASN1_UNIVERSALSTRING *)ASN1_item_new(&ASN1_UNIVERSALSTRING_it);
-}
-
-void
-ASN1_UNIVERSALSTRING_free(ASN1_UNIVERSALSTRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_UNIVERSALSTRING_it);
-}
-
-
-const ASN1_ITEM ASN1_BMPSTRING_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_BMPSTRING,
-	.sname = "ASN1_BMPSTRING",
-};
-
-ASN1_BMPSTRING *
-d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_BMPSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_BMPSTRING_it);
-}
-
-int
-i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BMPSTRING_it);
-}
-
-ASN1_BMPSTRING *
-ASN1_BMPSTRING_new(void)
-{
-	return (ASN1_BMPSTRING *)ASN1_item_new(&ASN1_BMPSTRING_it);
-}
-
-void
-ASN1_BMPSTRING_free(ASN1_BMPSTRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_BMPSTRING_it);
-}
-
-
-const ASN1_ITEM ASN1_ANY_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_ANY,
-	.sname = "ASN1_ANY",
-};
-
-/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
-
-const ASN1_ITEM ASN1_SEQUENCE_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_SEQUENCE,
-	.sname = "ASN1_SEQUENCE",
-};
-
-
-ASN1_TYPE *
-d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len)
-{
-	return (ASN1_TYPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_ANY_it);
-}
-
-int
-i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ANY_it);
-}
-
-ASN1_TYPE *
-ASN1_TYPE_new(void)
-{
-	return (ASN1_TYPE *)ASN1_item_new(&ASN1_ANY_it);
-}
-
-void
-ASN1_TYPE_free(ASN1_TYPE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_ANY_it);
-}
-
-/* Multistring types */
-
-
-const ASN1_ITEM ASN1_PRINTABLE_it = {
-	.itype = ASN1_ITYPE_MSTRING,
-	.utype = B_ASN1_PRINTABLE,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = sizeof(ASN1_STRING),
-	.sname = "ASN1_PRINTABLE",
-};
-
-ASN1_STRING *
-d2i_ASN1_PRINTABLE(ASN1_STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_PRINTABLE_it);
-}
-
-int
-i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLE_it);
-}
-
-ASN1_STRING *
-ASN1_PRINTABLE_new(void)
-{
-	return (ASN1_STRING *)ASN1_item_new(&ASN1_PRINTABLE_it);
-}
-
-void
-ASN1_PRINTABLE_free(ASN1_STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLE_it);
-}
-
-
-const ASN1_ITEM DISPLAYTEXT_it = {
-	.itype = ASN1_ITYPE_MSTRING,
-	.utype = B_ASN1_DISPLAYTEXT,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = sizeof(ASN1_STRING),
-	.sname = "DISPLAYTEXT",
-};
-
-ASN1_STRING *
-d2i_DISPLAYTEXT(ASN1_STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DISPLAYTEXT_it);
-}
-
-int
-i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DISPLAYTEXT_it);
-}
-
-ASN1_STRING *
-DISPLAYTEXT_new(void)
-{
-	return (ASN1_STRING *)ASN1_item_new(&DISPLAYTEXT_it);
-}
-
-void
-DISPLAYTEXT_free(ASN1_STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &DISPLAYTEXT_it);
-}
-
-
-const ASN1_ITEM DIRECTORYSTRING_it = {
-	.itype = ASN1_ITYPE_MSTRING,
-	.utype = B_ASN1_DIRECTORYSTRING,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = sizeof(ASN1_STRING),
-	.sname = "DIRECTORYSTRING",
-};
-
-ASN1_STRING *
-d2i_DIRECTORYSTRING(ASN1_STRING **a, const unsigned char **in, long len)
-{
-	return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DIRECTORYSTRING_it);
-}
-
-int
-i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIRECTORYSTRING_it);
-}
-
-ASN1_STRING *
-DIRECTORYSTRING_new(void)
-{
-	return (ASN1_STRING *)ASN1_item_new(&DIRECTORYSTRING_it);
-}
-
-void
-DIRECTORYSTRING_free(ASN1_STRING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &DIRECTORYSTRING_it);
-}
-
-/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
-
-const ASN1_ITEM ASN1_BOOLEAN_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_BOOLEAN,
-	.size = -1,
-	.sname = "ASN1_BOOLEAN",
-};
-
-const ASN1_ITEM ASN1_TBOOLEAN_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_BOOLEAN,
-	.size = 1,
-	.sname = "ASN1_TBOOLEAN",
-};
-
-const ASN1_ITEM ASN1_FBOOLEAN_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_BOOLEAN,
-	.size = 0,
-	.sname = "ASN1_FBOOLEAN",
-};
-
-/* Special, OCTET STRING with indefinite length constructed support */
-
-const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_OCTET_STRING,
-	.size = ASN1_TFLG_NDEF,
-	.sname = "ASN1_OCTET_STRING_NDEF",
-};
-
-static const ASN1_TEMPLATE ASN1_SEQUENCE_ANY_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "ASN1_SEQUENCE_ANY",
-	.item = &ASN1_ANY_it,
-};
-
-const ASN1_ITEM ASN1_SEQUENCE_ANY_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &ASN1_SEQUENCE_ANY_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "ASN1_SEQUENCE_ANY",
-};
-
-static const ASN1_TEMPLATE ASN1_SET_ANY_item_tt = {
-	.flags = ASN1_TFLG_SET_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "ASN1_SET_ANY",
-	.item = &ASN1_ANY_it,
-};
-
-const ASN1_ITEM ASN1_SET_ANY_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &ASN1_SET_ANY_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "ASN1_SET_ANY",
-};
-
-
-ASN1_SEQUENCE_ANY *
-d2i_ASN1_SEQUENCE_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len)
-{
-	return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_SEQUENCE_ANY_it);
-}
-
-int
-i2d_ASN1_SEQUENCE_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SEQUENCE_ANY_it);
-}
-
-ASN1_SEQUENCE_ANY *
-d2i_ASN1_SET_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len)
-{
-	return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ASN1_SET_ANY_it);
-}
-
-int
-i2d_ASN1_SET_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SET_ANY_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/tasn_utl.c b/lib/libssl/src/crypto/asn1/tasn_utl.c
deleted file mode 100644
index 529aaf61168..00000000000
--- a/lib/libssl/src/crypto/asn1/tasn_utl.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* $OpenBSD: tasn_utl.c,v 1.11 2015/07/25 17:07:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/err.h>
-
-/* Utility functions for manipulating fields and offsets */
-
-/* Add 'offset' to 'addr' */
-#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
-
-/* Given an ASN1_ITEM CHOICE type return
- * the selector value
- */
-
-int
-asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	int *sel = offset2ptr(*pval, it->utype);
-	return *sel;
-}
-
-/* Given an ASN1_ITEM CHOICE type set
- * the selector value, return old value.
- */
-
-int
-asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
-{
-	int *sel, ret;
-	sel = offset2ptr(*pval, it->utype);
-	ret = *sel;
-	*sel = value;
-	return ret;
-}
-
-/* Do reference counting. The value 'op' decides what to do.
- * if it is +1 then the count is incremented. If op is 0 count is
- * set to 1. If op is -1 count is decremented and the return value
- * is the current refrence count or 0 if no reference count exists.
- */
-
-int
-asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
-{
-	const ASN1_AUX *aux;
-	int *lck, ret;
-
-	if ((it->itype != ASN1_ITYPE_SEQUENCE) &&
-	    (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
-		return 0;
-	aux = it->funcs;
-	if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
-		return 0;
-	lck = offset2ptr(*pval, aux->ref_offset);
-	if (op == 0) {
-		*lck = 1;
-		return 1;
-	}
-	ret = CRYPTO_add(lck, op, aux->ref_lock);
-	return ret;
-}
-
-static ASN1_ENCODING *
-asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	const ASN1_AUX *aux;
-
-	if (!pval || !*pval)
-		return NULL;
-	aux = it->funcs;
-	if (!aux || !(aux->flags & ASN1_AFLG_ENCODING))
-		return NULL;
-	return offset2ptr(*pval, aux->enc_offset);
-}
-
-void
-asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-
-	enc = asn1_get_enc_ptr(pval, it);
-	if (enc) {
-		enc->enc = NULL;
-		enc->len = 0;
-		enc->modified = 1;
-	}
-}
-
-void
-asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-
-	enc = asn1_get_enc_ptr(pval, it);
-	if (enc) {
-		free(enc->enc);
-		enc->enc = NULL;
-		enc->len = 0;
-		enc->modified = 1;
-	}
-}
-
-int
-asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
-    const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-
-	enc = asn1_get_enc_ptr(pval, it);
-	if (!enc)
-		return 1;
-
-	free(enc->enc);
-	enc->enc = malloc(inlen);
-	if (!enc->enc)
-		return 0;
-	memcpy(enc->enc, in, inlen);
-	enc->len = inlen;
-	enc->modified = 0;
-
-	return 1;
-}
-
-int
-asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
-    const ASN1_ITEM *it)
-{
-	ASN1_ENCODING *enc;
-
-	enc = asn1_get_enc_ptr(pval, it);
-	if (!enc || enc->modified)
-		return 0;
-	if (out) {
-		memcpy(*out, enc->enc, enc->len);
-		*out += enc->len;
-	}
-	if (len)
-		*len = enc->len;
-	return 1;
-}
-
-/* Given an ASN1_TEMPLATE get a pointer to a field */
-ASN1_VALUE **
-asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
-{
-	ASN1_VALUE **pvaltmp;
-
-	if (tt->flags & ASN1_TFLG_COMBINE)
-		return pval;
-	pvaltmp = offset2ptr(*pval, tt->offset);
-	/* NOTE for BOOLEAN types the field is just a plain
- 	 * int so we can't return int **, so settle for
-	 * (int *).
-	 */
-	return pvaltmp;
-}
-
-/* Handle ANY DEFINED BY template, find the selector, look up
- * the relevant ASN1_TEMPLATE in the table and return it.
- */
-
-const ASN1_TEMPLATE *
-asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr)
-{
-	const ASN1_ADB *adb;
-	const ASN1_ADB_TABLE *atbl;
-	long selector;
-	ASN1_VALUE **sfld;
-	int i;
-
-	if (!(tt->flags & ASN1_TFLG_ADB_MASK))
-		return tt;
-
-	/* Else ANY DEFINED BY ... get the table */
-	adb = (const ASN1_ADB *)tt->item;
-
-	/* Get the selector field */
-	sfld = offset2ptr(*pval, adb->offset);
-
-	/* Check if NULL */
-	if (!sfld) {
-		if (!adb->null_tt)
-			goto err;
-		return adb->null_tt;
-	}
-
-	/* Convert type to a long:
-	 * NB: don't check for NID_undef here because it
-	 * might be a legitimate value in the table
-	 */
-	if (tt->flags & ASN1_TFLG_ADB_OID)
-		selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
-	else
-		selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
-
-	/* Try to find matching entry in table
-	 * Maybe should check application types first to
-	 * allow application override? Might also be useful
-	 * to have a flag which indicates table is sorted and
-	 * we can do a binary search. For now stick to a
-	 * linear search.
-	 */
-
-	for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
-		if (atbl->value == selector)
-			return &atbl->tt;
-
-	/* FIXME: need to search application table too */
-
-	/* No match, return default type */
-	if (!adb->default_tt)
-		goto err;
-	return adb->default_tt;
-
-err:
-	/* FIXME: should log the value or OID of unsupported type */
-	if (nullerr)
-		ASN1err(ASN1_F_ASN1_DO_ADB,
-		    ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/asn1/x_algor.c b/lib/libssl/src/crypto/asn1/x_algor.c
deleted file mode 100644
index 27405a2bfb9..00000000000
--- a/lib/libssl/src/crypto/asn1/x_algor.c
+++ /dev/null
@@ -1,222 +0,0 @@
-/* $OpenBSD: x_algor.c,v 1.21 2015/07/24 15:09:52 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = {
-	{
-		.offset = offsetof(X509_ALGOR, algorithm),
-		.field_name = "algorithm",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_ALGOR, parameter),
-		.field_name = "parameter",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM X509_ALGOR_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_ALGOR_seq_tt,
-	.tcount = sizeof(X509_ALGOR_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_ALGOR),
-	.sname = "X509_ALGOR",
-};
-
-static const ASN1_TEMPLATE X509_ALGORS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "algorithms",
-	.item = &X509_ALGOR_it,
-};
-
-const ASN1_ITEM X509_ALGORS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &X509_ALGORS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "X509_ALGORS",
-};
-
-
-X509_ALGOR *
-d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len)
-{
-	return (X509_ALGOR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_ALGOR_it);
-}
-
-int
-i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGOR_it);
-}
-
-X509_ALGOR *
-X509_ALGOR_new(void)
-{
-	return (X509_ALGOR *)ASN1_item_new(&X509_ALGOR_it);
-}
-
-void
-X509_ALGOR_free(X509_ALGOR *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_ALGOR_it);
-}
-
-X509_ALGORS *
-d2i_X509_ALGORS(X509_ALGORS **a, const unsigned char **in, long len)
-{
-	return (X509_ALGORS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_ALGORS_it);
-}
-
-int
-i2d_X509_ALGORS(X509_ALGORS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGORS_it);
-}
-
-X509_ALGOR *
-X509_ALGOR_dup(X509_ALGOR *x)
-{
-	return ASN1_item_dup(&X509_ALGOR_it, x);
-}
-
-int
-X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
-{
-	if (!alg)
-		return 0;
-	if (ptype != V_ASN1_UNDEF) {
-		if (alg->parameter == NULL)
-			alg->parameter = ASN1_TYPE_new();
-		if (alg->parameter == NULL)
-			return 0;
-	}
-	if (alg) {
-		if (alg->algorithm)
-			ASN1_OBJECT_free(alg->algorithm);
-		alg->algorithm = aobj;
-	}
-	if (ptype == 0)
-		return 1;
-	if (ptype == V_ASN1_UNDEF) {
-		if (alg->parameter) {
-			ASN1_TYPE_free(alg->parameter);
-			alg->parameter = NULL;
-		}
-	} else
-		ASN1_TYPE_set(alg->parameter, ptype, pval);
-	return 1;
-}
-
-void
-X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
-    X509_ALGOR *algor)
-{
-	if (paobj)
-		*paobj = algor->algorithm;
-	if (pptype) {
-		if (algor->parameter == NULL) {
-			*pptype = V_ASN1_UNDEF;
-			return;
-		} else
-			*pptype = algor->parameter->type;
-		if (ppval)
-			*ppval = algor->parameter->value.ptr;
-	}
-}
-
-/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-
-void
-X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
-{
-	int param_type;
-
-	if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
-		param_type = V_ASN1_UNDEF;
-	else
-		param_type = V_ASN1_NULL;
-
-	X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int
-X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
-{
-	int rv = OBJ_cmp(a->algorithm, b->algorithm);
-	if (!rv) {
-		if (!a->parameter && !b->parameter)
-			rv = 0;
-		else
-			rv = ASN1_TYPE_cmp(a->parameter, b->parameter);
-	}
-	return(rv);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_attrib.c b/lib/libssl/src/crypto/asn1/x_attrib.c
deleted file mode 100644
index bb74a1b6c71..00000000000
--- a/lib/libssl/src/crypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,198 +0,0 @@
-/* $OpenBSD: x_attrib.c,v 1.13 2015/02/14 14:56:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-/* X509_ATTRIBUTE: this has the following form:
- *
- * typedef struct x509_attributes_st
- *	{
- *	ASN1_OBJECT *object;
- *	int single;
- *	union	{
- *		char		*ptr;
- * 		STACK_OF(ASN1_TYPE) *set;
- * 		ASN1_TYPE	*single;
- *		} value;
- *	} X509_ATTRIBUTE;
- *
- * this needs some extra thought because the CHOICE type is
- * merged with the main structure and because the value can
- * be anything at all we *must* try the SET OF first because
- * the ASN1_ANY type will swallow anything including the whole
- * SET OF structure.
- */
-
-static const ASN1_TEMPLATE X509_ATTRIBUTE_SET_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(X509_ATTRIBUTE, value.set),
-		.field_name = "value.set",
-		.item = &ASN1_ANY_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X509_ATTRIBUTE, value.single),
-		.field_name = "value.single",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM X509_ATTRIBUTE_SET_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(X509_ATTRIBUTE, single),
-	.templates = X509_ATTRIBUTE_SET_ch_tt,
-	.tcount = sizeof(X509_ATTRIBUTE_SET_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X509_ATTRIBUTE),
-	.sname = "X509_ATTRIBUTE",
-};
-
-static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X509_ATTRIBUTE, object),
-		.field_name = "object",
-		.item = &ASN1_OBJECT_it,
-	},
-	/* CHOICE type merged with parent */
-	{
-		.flags = 0 | ASN1_TFLG_COMBINE,
-		.tag = 0,
-		.offset = 0,
-		.field_name = NULL,
-		.item = &X509_ATTRIBUTE_SET_it,
-	},
-};
-
-const ASN1_ITEM X509_ATTRIBUTE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_ATTRIBUTE_seq_tt,
-	.tcount = sizeof(X509_ATTRIBUTE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X509_ATTRIBUTE),
-	.sname = "X509_ATTRIBUTE",
-};
-
-
-X509_ATTRIBUTE *
-d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, const unsigned char **in, long len)
-{
-	return (X509_ATTRIBUTE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_ATTRIBUTE_it);
-}
-
-int
-i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ATTRIBUTE_it);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_new(void)
-{
-	return (X509_ATTRIBUTE *)ASN1_item_new(&X509_ATTRIBUTE_it);
-}
-
-void
-X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_ATTRIBUTE_it);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_dup(X509_ATTRIBUTE *x)
-{
-	return ASN1_item_dup(&X509_ATTRIBUTE_it, x);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
-{
-	X509_ATTRIBUTE *ret = NULL;
-	ASN1_TYPE *val = NULL;
-
-	if ((ret = X509_ATTRIBUTE_new()) == NULL)
-		return (NULL);
-	ret->object = OBJ_nid2obj(nid);
-	ret->single = 0;
-	if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
-		goto err;
-	if ((val = ASN1_TYPE_new()) == NULL)
-		goto err;
-	if (!sk_ASN1_TYPE_push(ret->value.set, val))
-		goto err;
-
-	ASN1_TYPE_set(val, atrtype, value);
-	return (ret);
-
-err:
-	if (ret != NULL)
-		X509_ATTRIBUTE_free(ret);
-	if (val != NULL)
-		ASN1_TYPE_free(val);
-	return (NULL);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_bignum.c b/lib/libssl/src/crypto/asn1/x_bignum.c
deleted file mode 100644
index 73f0f73c1c6..00000000000
--- a/lib/libssl/src/crypto/asn1/x_bignum.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* $OpenBSD: x_bignum.c,v 1.8 2015/07/25 17:07:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-
-/*
- * Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
- * BIGNUM directly. Currently it ignores the sign which isn't a problem since
- * all BIGNUMs used are non negative and anything that looks negative is
- * normally due to an encoding error.
- */
-
-static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-    const ASN1_ITEM *it);
-static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
-    int utype, char *free_cont, const ASN1_ITEM *it);
-
-static ASN1_PRIMITIVE_FUNCS bignum_pf = {
-	NULL,
-	0,
-	bn_new,
-	bn_free,
-	0,
-	bn_c2i,
-	bn_i2c
-};
-
-const ASN1_ITEM BIGNUM_it = {
-        .itype = ASN1_ITYPE_PRIMITIVE,
-        .utype = V_ASN1_INTEGER,
-        .templates = NULL,
-        .tcount = 0,
-        .funcs = &bignum_pf,
-        .size = 0,
-        .sname = "BIGNUM",
-};
-
-const ASN1_ITEM CBIGNUM_it = {
-        .itype = ASN1_ITYPE_PRIMITIVE,
-        .utype = V_ASN1_INTEGER,
-        .templates = NULL,
-        .tcount = 0,
-        .funcs = &bignum_pf,
-        .size = 0,
-        .sname = "BIGNUM",
-};
-
-static int
-bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*pval = (ASN1_VALUE *)BN_new();
-	if (*pval)
-		return 1;
-	else
-		return 0;
-}
-
-static void
-bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if (*pval == NULL)
-		return;
-	BN_clear_free((BIGNUM *)*pval);
-	*pval = NULL;
-}
-
-static int
-bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
-{
-	BIGNUM *bn;
-	int pad, len;
-
-	if (*pval == NULL)
-		return -1;
-	bn = (BIGNUM *)*pval;
-	/* If MSB set in an octet we need a padding byte */
-	if (BN_num_bits(bn) & 0x7)
-		pad = 0;
-	else
-		pad = 1;
-	if (cont) {
-		if (pad)
-			*cont++ = 0;
-		len = BN_bn2bin(bn, cont);
-	} else
-		len = BN_num_bytes(bn);
-	return pad + len;
-}
-
-static int
-bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
-    char *free_cont, const ASN1_ITEM *it)
-{
-	BIGNUM *bn;
-
-	if (*pval == NULL) {
-		if (bn_new(pval, it) == 0)
-			return 0;
-	}
-	bn = (BIGNUM *)*pval;
-	if (!BN_bin2bn(cont, len, bn)) {
-		bn_free(pval, it);
-		return 0;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/x_crl.c b/lib/libssl/src/crypto/asn1/x_crl.c
deleted file mode 100644
index 6062587ed46..00000000000
--- a/lib/libssl/src/crypto/asn1/x_crl.c
+++ /dev/null
@@ -1,687 +0,0 @@
-/* $OpenBSD: x_crl.c,v 1.25 2015/07/20 15:29:13 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "asn1_locl.h"
-
-static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
-    const X509_REVOKED * const *b);
-static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
-
-static const ASN1_TEMPLATE X509_REVOKED_seq_tt[] = {
-	{
-		.offset = offsetof(X509_REVOKED, serialNumber),
-		.field_name = "serialNumber",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(X509_REVOKED, revocationDate),
-		.field_name = "revocationDate",
-		.item = &ASN1_TIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_REVOKED, extensions),
-		.field_name = "extensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM X509_REVOKED_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_REVOKED_seq_tt,
-	.tcount = sizeof(X509_REVOKED_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_REVOKED),
-	.sname = "X509_REVOKED",
-};
-
-static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
-static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret,
-    ASN1_INTEGER *serial, X509_NAME *issuer);
-
-static X509_CRL_METHOD int_crl_meth = {
-	.crl_lookup = def_crl_lookup,
-	.crl_verify = def_crl_verify
-};
-
-static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
-
-/* The X509_CRL_INFO structure needs a bit of customisation.
- * Since we cache the original encoding the signature wont be affected by
- * reordering of the revoked field.
- */
-static int
-crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
-
-	if (!a || !a->revoked)
-		return 1;
-	switch (operation) {
-		/* Just set cmp function here. We don't sort because that
-		 * would affect the output of X509_CRL_print().
-		 */
-	case ASN1_OP_D2I_POST:
-		(void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
-		break;
-	}
-	return 1;
-}
-
-
-static const ASN1_AUX X509_CRL_INFO_aux = {
-	.flags = ASN1_AFLG_ENCODING,
-	.asn1_cb = crl_inf_cb,
-	.enc_offset = offsetof(X509_CRL_INFO, enc),
-};
-static const ASN1_TEMPLATE X509_CRL_INFO_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CRL_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(X509_CRL_INFO, sig_alg),
-		.field_name = "sig_alg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_CRL_INFO, issuer),
-		.field_name = "issuer",
-		.item = &X509_NAME_it,
-	},
-	{
-		.offset = offsetof(X509_CRL_INFO, lastUpdate),
-		.field_name = "lastUpdate",
-		.item = &ASN1_TIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CRL_INFO, nextUpdate),
-		.field_name = "nextUpdate",
-		.item = &ASN1_TIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CRL_INFO, revoked),
-		.field_name = "revoked",
-		.item = &X509_REVOKED_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CRL_INFO, extensions),
-		.field_name = "extensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM X509_CRL_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_CRL_INFO_seq_tt,
-	.tcount = sizeof(X509_CRL_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_CRL_INFO_aux,
-	.size = sizeof(X509_CRL_INFO),
-	.sname = "X509_CRL_INFO",
-};
-
-/* Set CRL entry issuer according to CRL certificate issuer extension.
- * Check for unhandled critical CRL entry extensions.
- */
-
-static int
-crl_set_issuers(X509_CRL *crl)
-{
-	int i, j;
-	GENERAL_NAMES *gens, *gtmp;
-	STACK_OF(X509_REVOKED) *revoked;
-
-	revoked = X509_CRL_get_REVOKED(crl);
-
-	gens = NULL;
-	for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
-		X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
-		STACK_OF(X509_EXTENSION) *exts;
-		ASN1_ENUMERATED *reason;
-		X509_EXTENSION *ext;
-		gtmp = X509_REVOKED_get_ext_d2i(rev, NID_certificate_issuer,
-		    &j, NULL);
-		if (!gtmp && (j != -1)) {
-			crl->flags |= EXFLAG_INVALID;
-			return 1;
-		}
-
-		if (gtmp) {
-			gens = gtmp;
-			if (!crl->issuers) {
-				crl->issuers = sk_GENERAL_NAMES_new_null();
-				if (!crl->issuers)
-					return 0;
-			}
-			if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
-				return 0;
-		}
-		rev->issuer = gens;
-
-		reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
-		    &j, NULL);
-		if (!reason && (j != -1)) {
-			crl->flags |= EXFLAG_INVALID;
-			return 1;
-		}
-
-		if (reason) {
-			rev->reason = ASN1_ENUMERATED_get(reason);
-			ASN1_ENUMERATED_free(reason);
-		} else
-			rev->reason = CRL_REASON_NONE;
-
-		/* Check for critical CRL entry extensions */
-
-		exts = rev->extensions;
-
-		for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
-			ext = sk_X509_EXTENSION_value(exts, j);
-			if (ext->critical > 0) {
-				if (OBJ_obj2nid(ext->object) ==
-				    NID_certificate_issuer)
-					continue;
-				crl->flags |= EXFLAG_CRITICAL;
-				break;
-			}
-		}
-	}
-
-	return 1;
-}
-
-/* The X509_CRL structure needs a bit of customisation. Cache some extensions
- * and hash of the whole CRL.
- */
-static int
-crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	X509_CRL *crl = (X509_CRL *)*pval;
-	STACK_OF(X509_EXTENSION) *exts;
-	X509_EXTENSION *ext;
-	int idx;
-	int rc = 1;
-
-	switch (operation) {
-	case ASN1_OP_NEW_POST:
-		crl->idp = NULL;
-		crl->akid = NULL;
-		crl->flags = 0;
-		crl->idp_flags = 0;
-		crl->idp_reasons = CRLDP_ALL_REASONS;
-		crl->meth = default_crl_method;
-		crl->meth_data = NULL;
-		crl->issuers = NULL;
-		crl->crl_number = NULL;
-		crl->base_crl_number = NULL;
-		break;
-
-	case ASN1_OP_D2I_POST:
-#ifndef OPENSSL_NO_SHA
-		X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
-#endif
-		crl->idp = X509_CRL_get_ext_d2i(crl,
-		    NID_issuing_distribution_point, NULL, NULL);
-		if (crl->idp)
-			setup_idp(crl, crl->idp);
-
-		crl->akid = X509_CRL_get_ext_d2i(crl,
-		    NID_authority_key_identifier, NULL, NULL);
-
-		crl->crl_number = X509_CRL_get_ext_d2i(crl,
-		    NID_crl_number, NULL, NULL);
-
-		crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
-		    NID_delta_crl, NULL, NULL);
-		/* Delta CRLs must have CRL number */
-		if (crl->base_crl_number && !crl->crl_number)
-			crl->flags |= EXFLAG_INVALID;
-
-		/* See if we have any unhandled critical CRL extensions and
-		 * indicate this in a flag. We only currently handle IDP,
-		 * AKID and deltas, so anything else critical sets the flag.
-		 *
-		 * This code accesses the X509_CRL structure directly:
-		 * applications shouldn't do this.
-		 */
-
-		exts = crl->crl->extensions;
-
-		for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
-			int nid;
-			ext = sk_X509_EXTENSION_value(exts, idx);
-			nid = OBJ_obj2nid(ext->object);
-			if (nid == NID_freshest_crl)
-				crl->flags |= EXFLAG_FRESHEST;
-			if (ext->critical > 0) {
-				/* We handle IDP, AKID and deltas */
-				if (nid == NID_issuing_distribution_point ||
-				    nid == NID_authority_key_identifier ||
-				    nid == NID_delta_crl)
-					break;
-				crl->flags |= EXFLAG_CRITICAL;
-				break;
-			}
-		}
-
-		if (!crl_set_issuers(crl))
-			return 0;
-
-		if (crl->meth->crl_init) {
-			if (crl->meth->crl_init(crl) == 0)
-				return 0;
-		}
-		break;
-
-	case ASN1_OP_FREE_POST:
-		if (crl->meth->crl_free) {
-			if (!crl->meth->crl_free(crl))
-				rc = 0;
-		}
-		if (crl->akid)
-			AUTHORITY_KEYID_free(crl->akid);
-		if (crl->idp)
-			ISSUING_DIST_POINT_free(crl->idp);
-		ASN1_INTEGER_free(crl->crl_number);
-		ASN1_INTEGER_free(crl->base_crl_number);
-		sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
-		break;
-	}
-	return rc;
-}
-
-/* Convert IDP into a more convenient form */
-
-static void
-setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
-{
-	int idp_only = 0;
-
-	/* Set various flags according to IDP */
-	crl->idp_flags |= IDP_PRESENT;
-	if (idp->onlyuser > 0) {
-		idp_only++;
-		crl->idp_flags |= IDP_ONLYUSER;
-	}
-	if (idp->onlyCA > 0) {
-		idp_only++;
-		crl->idp_flags |= IDP_ONLYCA;
-	}
-	if (idp->onlyattr > 0) {
-		idp_only++;
-		crl->idp_flags |= IDP_ONLYATTR;
-	}
-
-	if (idp_only > 1)
-		crl->idp_flags |= IDP_INVALID;
-
-	if (idp->indirectCRL > 0)
-		crl->idp_flags |= IDP_INDIRECT;
-
-	if (idp->onlysomereasons) {
-		crl->idp_flags |= IDP_REASONS;
-		if (idp->onlysomereasons->length > 0)
-			crl->idp_reasons = idp->onlysomereasons->data[0];
-		if (idp->onlysomereasons->length > 1)
-			crl->idp_reasons |=
-			    (idp->onlysomereasons->data[1] << 8);
-		crl->idp_reasons &= CRLDP_ALL_REASONS;
-	}
-
-	DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
-}
-
-static const ASN1_AUX X509_CRL_aux = {
-	.app_data = NULL,
-	.flags = ASN1_AFLG_REFCOUNT,
-	.ref_offset = offsetof(X509_CRL, references),
-	.ref_lock = CRYPTO_LOCK_X509_CRL,
-	.asn1_cb = crl_cb,
-};
-static const ASN1_TEMPLATE X509_CRL_seq_tt[] = {
-	{
-		.offset = offsetof(X509_CRL, crl),
-		.field_name = "crl",
-		.item = &X509_CRL_INFO_it,
-	},
-	{
-		.offset = offsetof(X509_CRL, sig_alg),
-		.field_name = "sig_alg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_CRL, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_CRL_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_CRL_seq_tt,
-	.tcount = sizeof(X509_CRL_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_CRL_aux,
-	.size = sizeof(X509_CRL),
-	.sname = "X509_CRL",
-};
-
-
-X509_REVOKED *
-d2i_X509_REVOKED(X509_REVOKED **a, const unsigned char **in, long len)
-{
-	return (X509_REVOKED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_REVOKED_it);
-}
-
-int
-i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REVOKED_it);
-}
-
-X509_REVOKED *
-X509_REVOKED_new(void)
-{
-	return (X509_REVOKED *)ASN1_item_new(&X509_REVOKED_it);
-}
-
-void
-X509_REVOKED_free(X509_REVOKED *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_REVOKED_it);
-}
-
-X509_CRL_INFO *
-d2i_X509_CRL_INFO(X509_CRL_INFO **a, const unsigned char **in, long len)
-{
-	return (X509_CRL_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_CRL_INFO_it);
-}
-
-int
-i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_INFO_it);
-}
-
-X509_CRL_INFO *
-X509_CRL_INFO_new(void)
-{
-	return (X509_CRL_INFO *)ASN1_item_new(&X509_CRL_INFO_it);
-}
-
-void
-X509_CRL_INFO_free(X509_CRL_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_INFO_it);
-}
-
-X509_CRL *
-d2i_X509_CRL(X509_CRL **a, const unsigned char **in, long len)
-{
-	return (X509_CRL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_CRL_it);
-}
-
-int
-i2d_X509_CRL(X509_CRL *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_it);
-}
-
-X509_CRL *
-X509_CRL_new(void)
-{
-	return (X509_CRL *)ASN1_item_new(&X509_CRL_it);
-}
-
-void
-X509_CRL_free(X509_CRL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_it);
-}
-
-X509_CRL *
-X509_CRL_dup(X509_CRL *x)
-{
-	return ASN1_item_dup(&X509_CRL_it, x);
-}
-
-static int
-X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
-{
-	return(ASN1_STRING_cmp(
-	    (ASN1_STRING *)(*a)->serialNumber,
-	    (ASN1_STRING *)(*b)->serialNumber));
-}
-
-int
-X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
-{
-	X509_CRL_INFO *inf;
-
-	inf = crl->crl;
-	if (!inf->revoked)
-		inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
-	if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
-		ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	inf->enc.modified = 1;
-	return 1;
-}
-
-int
-X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
-{
-	if (crl->meth->crl_verify)
-		return crl->meth->crl_verify(crl, r);
-	return 0;
-}
-
-int
-X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
-    ASN1_INTEGER *serial)
-{
-	if (crl->meth->crl_lookup)
-		return crl->meth->crl_lookup(crl, ret, serial, NULL);
-	return 0;
-}
-
-int
-X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
-{
-	if (crl->meth->crl_lookup)
-		return crl->meth->crl_lookup(crl, ret,
-		    X509_get_serialNumber(x), X509_get_issuer_name(x));
-	return 0;
-}
-
-static int
-def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
-{
-	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
-	    crl->sig_alg, crl->signature, crl->crl, r));
-}
-
-static int
-crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev)
-{
-	int i;
-
-	if (!rev->issuer) {
-		if (!nm)
-			return 1;
-		if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
-			return 1;
-		return 0;
-	}
-
-	if (!nm)
-		nm = X509_CRL_get_issuer(crl);
-
-	for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
-		GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
-		if (gen->type != GEN_DIRNAME)
-			continue;
-		if (!X509_NAME_cmp(nm, gen->d.directoryName))
-			return 1;
-	}
-	return 0;
-
-}
-
-static int
-def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
-    X509_NAME *issuer)
-{
-	X509_REVOKED rtmp, *rev;
-	int idx;
-
-	rtmp.serialNumber = serial;
-	/* Sort revoked into serial number order if not already sorted.
-	 * Do this under a lock to avoid race condition.
- 	 */
-	if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
-		CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
-		sk_X509_REVOKED_sort(crl->crl->revoked);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
-	}
-	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
-	if (idx < 0)
-		return 0;
-	/* Need to look for matching name */
-	for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
-		rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
-		if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
-			return 0;
-		if (crl_revoked_issuer_match(crl, issuer, rev)) {
-			if (ret)
-				*ret = rev;
-			if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
-				return 2;
-			return 1;
-		}
-	}
-	return 0;
-}
-
-void
-X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
-{
-	if (meth == NULL)
-		default_crl_method = &int_crl_meth;
-	else
-		default_crl_method = meth;
-}
-
-X509_CRL_METHOD *
-X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl),
-    int (*crl_free)(X509_CRL *crl),
-    int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
-    ASN1_INTEGER *ser, X509_NAME *issuer),
-    int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
-{
-	X509_CRL_METHOD *m;
-
-	m = malloc(sizeof(X509_CRL_METHOD));
-	if (!m)
-		return NULL;
-	m->crl_init = crl_init;
-	m->crl_free = crl_free;
-	m->crl_lookup = crl_lookup;
-	m->crl_verify = crl_verify;
-	m->flags = X509_CRL_METHOD_DYNAMIC;
-	return m;
-}
-
-void
-X509_CRL_METHOD_free(X509_CRL_METHOD *m)
-{
-	if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
-		return;
-	free(m);
-}
-
-void
-X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
-{
-	crl->meth_data = dat;
-}
-
-void *
-X509_CRL_get_meth_data(X509_CRL *crl)
-{
-	return crl->meth_data;
-}
diff --git a/lib/libssl/src/crypto/asn1/x_exten.c b/lib/libssl/src/crypto/asn1/x_exten.c
deleted file mode 100644
index bb3dffc8218..00000000000
--- a/lib/libssl/src/crypto/asn1/x_exten.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* $OpenBSD: x_exten.c,v 1.16 2015/07/24 15:09:52 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-static const ASN1_TEMPLATE X509_EXTENSION_seq_tt[] = {
-	{
-		.offset = offsetof(X509_EXTENSION, object),
-		.field_name = "object",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_EXTENSION, critical),
-		.field_name = "critical",
-		.item = &ASN1_BOOLEAN_it,
-	},
-	{
-		.offset = offsetof(X509_EXTENSION, value),
-		.field_name = "value",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_EXTENSION_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_EXTENSION_seq_tt,
-	.tcount = sizeof(X509_EXTENSION_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_EXTENSION),
-	.sname = "X509_EXTENSION",
-};
-
-static const ASN1_TEMPLATE X509_EXTENSIONS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "Extension",
-	.item = &X509_EXTENSION_it,
-};
-
-const ASN1_ITEM X509_EXTENSIONS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &X509_EXTENSIONS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "X509_EXTENSIONS",
-};
-
-
-X509_EXTENSION *
-d2i_X509_EXTENSION(X509_EXTENSION **a, const unsigned char **in, long len)
-{
-	return (X509_EXTENSION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_EXTENSION_it);
-}
-
-int
-i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSION_it);
-}
-
-X509_EXTENSION *
-X509_EXTENSION_new(void)
-{
-	return (X509_EXTENSION *)ASN1_item_new(&X509_EXTENSION_it);
-}
-
-void
-X509_EXTENSION_free(X509_EXTENSION *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_EXTENSION_it);
-}
-
-X509_EXTENSIONS *
-d2i_X509_EXTENSIONS(X509_EXTENSIONS **a, const unsigned char **in, long len)
-{
-	return (X509_EXTENSIONS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_EXTENSIONS_it);
-}
-
-int
-i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSIONS_it);
-}
-
-X509_EXTENSION *
-X509_EXTENSION_dup(X509_EXTENSION *x)
-{
-	return ASN1_item_dup(&X509_EXTENSION_it, x);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_info.c b/lib/libssl/src/crypto/asn1/x_info.c
deleted file mode 100644
index 05ac364fa73..00000000000
--- a/lib/libssl/src/crypto/asn1/x_info.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* $OpenBSD: x_info.c,v 1.16 2016/03/11 07:08:44 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-X509_INFO *
-X509_INFO_new(void)
-{
-	X509_INFO *ret = NULL;
-
-	ret = malloc(sizeof(X509_INFO));
-	if (ret == NULL) {
-		ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-
-	ret->enc_cipher.cipher = NULL;
-	ret->enc_len = 0;
-	ret->enc_data = NULL;
-
-	ret->references = 1;
-	ret->x509 = NULL;
-	ret->crl = NULL;
-	ret->x_pkey = NULL;
-	return (ret);
-}
-
-void
-X509_INFO_free(X509_INFO *x)
-{
-	int i;
-
-	if (x == NULL)
-		return;
-
-	i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
-	if (i > 0)
-		return;
-
-	X509_free(x->x509);
-	if (x->crl != NULL)
-		X509_CRL_free(x->crl);
-	if (x->x_pkey != NULL)
-		X509_PKEY_free(x->x_pkey);
-	free(x->enc_data);
-	free(x);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_long.c b/lib/libssl/src/crypto/asn1/x_long.c
deleted file mode 100644
index 90a41129bc3..00000000000
--- a/lib/libssl/src/crypto/asn1/x_long.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* $OpenBSD: x_long.c,v 1.10 2015/07/25 17:07:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
- * and a long directly.
- */
-
-
-static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
-static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
-
-static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
-static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-
-static ASN1_PRIMITIVE_FUNCS long_pf = {
-	NULL, 0,
-	long_new,
-	long_free,
-	long_free,	/* Clear should set to initial value */
-	long_c2i,
-	long_i2c,
-	long_print
-};
-
-const ASN1_ITEM LONG_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_INTEGER,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = &long_pf,
-	.size = ASN1_LONG_UNDEF,
-	.sname = "LONG",
-};
-
-const ASN1_ITEM ZLONG_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = V_ASN1_INTEGER,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = &long_pf,
-	.size = 0,
-	.sname = "ZLONG",
-};
-
-static int
-long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*(long *)pval = it->size;
-	return 1;
-}
-
-static void
-long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	*(long *)pval = it->size;
-}
-
-static int
-long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
-    const ASN1_ITEM *it)
-{
-	long ltmp;
-	unsigned long utmp;
-	int clen, pad, i;
-	/* this exists to bypass broken gcc optimization */
-	char *cp = (char *)pval;
-
-	/* use memcpy, because we may not be long aligned */
-	memcpy(&ltmp, cp, sizeof(long));
-
-	if (ltmp == it->size)
-		return -1;
-	/* Convert the long to positive: we subtract one if negative so
-	 * we can cleanly handle the padding if only the MSB of the leading
-	 * octet is set.
-	 */
-	if (ltmp < 0)
-		utmp = -ltmp - 1;
-	else
-		utmp = ltmp;
-	clen = BN_num_bits_word(utmp);
-	/* If MSB of leading octet set we need to pad */
-	if (!(clen & 0x7))
-		pad = 1;
-	else
-		pad = 0;
-
-	/* Convert number of bits to number of octets */
-	clen = (clen + 7) >> 3;
-
-	if (cont) {
-		if (pad)
-			*cont++ = (ltmp < 0) ? 0xff : 0;
-		for (i = clen - 1; i >= 0; i--) {
-			cont[i] = (unsigned char)(utmp & 0xff);
-			if (ltmp < 0)
-				cont[i] ^= 0xff;
-			utmp >>= 8;
-		}
-	}
-	return clen + pad;
-}
-
-static int
-long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
-    char *free_cont, const ASN1_ITEM *it)
-{
-	int neg, i;
-	long ltmp;
-	unsigned long utmp = 0;
-	char *cp = (char *)pval;
-	if (len > (int)sizeof(long)) {
-		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-		return 0;
-	}
-	/* Is it negative? */
-	if (len && (cont[0] & 0x80))
-		neg = 1;
-	else
-		neg = 0;
-	utmp = 0;
-	for (i = 0; i < len; i++) {
-		utmp <<= 8;
-		if (neg)
-			utmp |= cont[i] ^ 0xff;
-		else
-			utmp |= cont[i];
-	}
-	ltmp = (long)utmp;
-	if (neg) {
-		ltmp++;
-		ltmp = -ltmp;
-	}
-	if (ltmp == it->size) {
-		ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
-		return 0;
-	}
-	memcpy(cp, &ltmp, sizeof(long));
-	return 1;
-}
-
-static int
-long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent,
-    const ASN1_PCTX *pctx)
-{
-	return BIO_printf(out, "%ld\n", *(long *)pval);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_name.c b/lib/libssl/src/crypto/asn1/x_name.c
deleted file mode 100644
index be936318d86..00000000000
--- a/lib/libssl/src/crypto/asn1/x_name.c
+++ /dev/null
@@ -1,642 +0,0 @@
-/* $OpenBSD: x_name.c,v 1.31 2015/07/24 15:09:52 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
-DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
-
-static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
-    long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
-    ASN1_TLC *ctx);
-
-static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
-    const ASN1_ITEM *it, int tag, int aclass);
-static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
-static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
-
-static int x509_name_encode(X509_NAME *a);
-static int x509_name_canon(X509_NAME *a);
-static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
-static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
-    unsigned char **in);
-
-static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent,
-    const char *fname, const ASN1_PCTX *pctx);
-
-static const ASN1_TEMPLATE X509_NAME_ENTRY_seq_tt[] = {
-	{
-		.offset = offsetof(X509_NAME_ENTRY, object),
-		.field_name = "object",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.offset = offsetof(X509_NAME_ENTRY, value),
-		.field_name = "value",
-		.item = &ASN1_PRINTABLE_it,
-	},
-};
-
-const ASN1_ITEM X509_NAME_ENTRY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_NAME_ENTRY_seq_tt,
-	.tcount = sizeof(X509_NAME_ENTRY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_NAME_ENTRY),
-	.sname = "X509_NAME_ENTRY",
-};
-
-
-X509_NAME_ENTRY *
-d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, const unsigned char **in, long len)
-{
-	return (X509_NAME_ENTRY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_NAME_ENTRY_it);
-}
-
-int
-i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_ENTRY_it);
-}
-
-X509_NAME_ENTRY *
-X509_NAME_ENTRY_new(void)
-{
-	return (X509_NAME_ENTRY *)ASN1_item_new(&X509_NAME_ENTRY_it);
-}
-
-void
-X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_ENTRY_it);
-}
-
-X509_NAME_ENTRY *
-X509_NAME_ENTRY_dup(X509_NAME_ENTRY *x)
-{
-	return ASN1_item_dup(&X509_NAME_ENTRY_it, x);
-}
-
-/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
- * so declare two template wrappers for this
- */
-
-static const ASN1_TEMPLATE X509_NAME_ENTRIES_item_tt = {
-	.flags = ASN1_TFLG_SET_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "RDNS",
-	.item = &X509_NAME_ENTRY_it,
-};
-
-const ASN1_ITEM X509_NAME_ENTRIES_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &X509_NAME_ENTRIES_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "X509_NAME_ENTRIES",
-};
-
-static const ASN1_TEMPLATE X509_NAME_INTERNAL_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "Name",
-	.item = &X509_NAME_ENTRIES_it,
-};
-
-const ASN1_ITEM X509_NAME_INTERNAL_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &X509_NAME_INTERNAL_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "X509_NAME_INTERNAL",
-};
-
-/* Normally that's where it would end: we'd have two nested STACK structures
- * representing the ASN1. Unfortunately X509_NAME uses a completely different
- * form and caches encodings so we have to process the internal form and convert
- * to the external form.
- */
-
-const ASN1_EXTERN_FUNCS x509_name_ff = {
-	NULL,
-	x509_name_ex_new,
-	x509_name_ex_free,
-	0,	/* Default clear behaviour is OK */
-	x509_name_ex_d2i,
-	x509_name_ex_i2d,
-	x509_name_ex_print
-};
-
-const ASN1_ITEM X509_NAME_it = {
-	.itype = ASN1_ITYPE_EXTERN,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NULL,
-	.tcount = 0,
-	.funcs = &x509_name_ff,
-	.size = 0,
-	.sname = "X509_NAME",
-};
-
-X509_NAME *
-d2i_X509_NAME(X509_NAME **a, const unsigned char **in, long len)
-{
-	return (X509_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_NAME_it);
-}
-
-int
-i2d_X509_NAME(X509_NAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_it);
-}
-
-X509_NAME *
-X509_NAME_new(void)
-{
-	return (X509_NAME *)ASN1_item_new(&X509_NAME_it);
-}
-
-void
-X509_NAME_free(X509_NAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_it);
-}
-
-X509_NAME *
-X509_NAME_dup(X509_NAME *x)
-{
-	return ASN1_item_dup(&X509_NAME_it, x);
-}
-
-static int
-x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
-{
-	X509_NAME *ret = NULL;
-
-	ret = malloc(sizeof(X509_NAME));
-	if (!ret)
-		goto memerr;
-	if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
-		goto memerr;
-	if ((ret->bytes = BUF_MEM_new()) == NULL)
-		goto memerr;
-	ret->canon_enc = NULL;
-	ret->canon_enclen = 0;
-	ret->modified = 1;
-	*val = (ASN1_VALUE *)ret;
-	return 1;
-
-memerr:
-	ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
-	if (ret) {
-		if (ret->entries)
-			sk_X509_NAME_ENTRY_free(ret->entries);
-		free(ret);
-	}
-	return 0;
-}
-
-static void
-x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	X509_NAME *a;
-
-	if (!pval || !*pval)
-		return;
-	a = (X509_NAME *)*pval;
-
-	BUF_MEM_free(a->bytes);
-	sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
-	free(a->canon_enc);
-	free(a);
-	*pval = NULL;
-}
-
-static int
-x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
-    const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
-{
-	const unsigned char *p = *in, *q;
-	union {
-		STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
-		ASN1_VALUE *a;
-	} intname = {NULL};
-	union {
-		X509_NAME *x;
-		ASN1_VALUE *a;
-	} nm = {NULL};
-	int i, j, ret;
-	STACK_OF(X509_NAME_ENTRY) *entries;
-	X509_NAME_ENTRY *entry;
-	q = p;
-
-	/* Get internal representation of Name */
-	ret = ASN1_item_ex_d2i(&intname.a, &p, len,
-	    ASN1_ITEM_rptr(X509_NAME_INTERNAL), tag, aclass, opt, ctx);
-
-	if (ret <= 0)
-		return ret;
-
-	if (*val)
-		x509_name_ex_free(val, NULL);
-	if (!x509_name_ex_new(&nm.a, NULL))
-		goto err;
-	/* We've decoded it: now cache encoding */
-	if (!BUF_MEM_grow(nm.x->bytes, p - q))
-		goto err;
-	memcpy(nm.x->bytes->data, q, p - q);
-
-	/* Convert internal representation to X509_NAME structure */
-	for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
-		entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
-		for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
-			entry = sk_X509_NAME_ENTRY_value(entries, j);
-			entry->set = i;
-			if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
-				goto err;
-		}
-		sk_X509_NAME_ENTRY_free(entries);
-	}
-	sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
-	ret = x509_name_canon(nm.x);
-	if (!ret)
-		goto err;
-	nm.x->modified = 0;
-	*val = nm.a;
-	*in = p;
-	return ret;
-
-err:
-	if (nm.x != NULL)
-		X509_NAME_free(nm.x);
-	ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-	return 0;
-}
-
-static int
-x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it,
-    int tag, int aclass)
-{
-	int ret;
-	X509_NAME *a = (X509_NAME *)*val;
-
-	if (a->modified) {
-		ret = x509_name_encode(a);
-		if (ret < 0)
-			return ret;
-		ret = x509_name_canon(a);
-		if (ret < 0)
-			return ret;
-	}
-	ret = a->bytes->length;
-	if (out != NULL) {
-		memcpy(*out, a->bytes->data, ret);
-		*out += ret;
-	}
-	return ret;
-}
-
-static void
-local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-	sk_X509_NAME_ENTRY_free(ne);
-}
-
-static void
-local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
-	sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
-}
-
-static int
-x509_name_encode(X509_NAME *a)
-{
-	union {
-		STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
-		ASN1_VALUE *a;
-	} intname = {NULL};
-	int len;
-	unsigned char *p;
-	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
-	X509_NAME_ENTRY *entry;
-	int i, set = -1;
-
-	intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
-	if (!intname.s)
-		goto memerr;
-	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
-		if (entry->set != set) {
-			entries = sk_X509_NAME_ENTRY_new_null();
-			if (!entries)
-				goto memerr;
-			if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
-			    entries))
-				goto memerr;
-			set = entry->set;
-		}
-		if (entries == NULL /* if entry->set is bogusly -1 */ ||
-		    !sk_X509_NAME_ENTRY_push(entries, entry))
-			goto memerr;
-	}
-	len = ASN1_item_ex_i2d(&intname.a, NULL,
-	    ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
-	if (!BUF_MEM_grow(a->bytes, len))
-		goto memerr;
-	p = (unsigned char *)a->bytes->data;
-	ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
-	    -1, -1);
-	sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-	    local_sk_X509_NAME_ENTRY_free);
-	a->modified = 0;
-	return len;
-
-memerr:
-	sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
-	    local_sk_X509_NAME_ENTRY_free);
-	ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
-	return -1;
-}
-
-static int
-x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname,
-    const ASN1_PCTX *pctx)
-{
-	if (X509_NAME_print_ex(out, (X509_NAME *)*pval, indent,
-	    pctx->nm_flags) <= 0)
-		return 0;
-	return 2;
-}
-
-/* This function generates the canonical encoding of the Name structure.
- * In it all strings are converted to UTF8, leading, trailing and
- * multiple spaces collapsed, converted to lower case and the leading
- * SEQUENCE header removed.
- *
- * In future we could also normalize the UTF8 too.
- *
- * By doing this comparison of Name structures can be rapidly
- * performed by just using memcmp() of the canonical encoding.
- * By omitting the leading SEQUENCE name constraints of type
- * dirName can also be checked with a simple memcmp().
- */
-
-static int
-x509_name_canon(X509_NAME *a)
-{
-	unsigned char *p;
-	STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
-	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
-	X509_NAME_ENTRY *entry, *tmpentry = NULL;
-	int i, len, set = -1, ret = 0;
-
-	if (a->canon_enc) {
-		free(a->canon_enc);
-		a->canon_enc = NULL;
-	}
-	/* Special case: empty X509_NAME => null encoding */
-	if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
-		a->canon_enclen = 0;
-		return 1;
-	}
-	intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
-	if (!intname)
-		goto err;
-	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-		entry = sk_X509_NAME_ENTRY_value(a->entries, i);
-		if (entry->set != set) {
-			entries = sk_X509_NAME_ENTRY_new_null();
-			if (!entries)
-				goto err;
-			if (sk_STACK_OF_X509_NAME_ENTRY_push(intname,
-			    entries) == 0) {
-				sk_X509_NAME_ENTRY_free(entries);
-				goto err;
-			}
-			set = entry->set;
-		}
-		tmpentry = X509_NAME_ENTRY_new();
-		if (tmpentry == NULL)
-			goto err;
-		tmpentry->object = OBJ_dup(entry->object);
-		if (tmpentry->object == NULL)
-			goto err;
-		if (!asn1_string_canon(tmpentry->value, entry->value))
-			goto err;
-		if (entries == NULL /* if entry->set is bogusly -1 */ ||
-		    !sk_X509_NAME_ENTRY_push(entries, tmpentry))
-			goto err;
-		tmpentry = NULL;
-	}
-
-	/* Finally generate encoding */
-	len = i2d_name_canon(intname, NULL);
-	if (len < 0)
-		goto err;
-	p = malloc(len);
-	if (p == NULL)
-		goto err;
-	a->canon_enc = p;
-	a->canon_enclen = len;
-	i2d_name_canon(intname, &p);
-	ret = 1;
-
-err:
-	if (tmpentry)
-		X509_NAME_ENTRY_free(tmpentry);
-	if (intname)
-		sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
-		    local_sk_X509_NAME_ENTRY_pop_free);
-	return ret;
-}
-
-/* Bitmap of all the types of string that will be canonicalized. */
-
-#define ASN1_MASK_CANON	\
-	(B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
-	| B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
-	| B_ASN1_VISIBLESTRING)
-
-
-static int
-asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
-{
-	unsigned char *to, *from;
-	int len, i;
-
-	/* If type not in bitmask just copy string across */
-	if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
-		if (!ASN1_STRING_copy(out, in))
-			return 0;
-		return 1;
-	}
-
-	out->type = V_ASN1_UTF8STRING;
-	out->length = ASN1_STRING_to_UTF8(&out->data, in);
-	if (out->length == -1)
-		return 0;
-
-	to = out->data;
-	from = to;
-
-	len = out->length;
-
-	/* Convert string in place to canonical form.
-	 * Ultimately we may need to handle a wider range of characters
-	 * but for now ignore anything with MSB set and rely on the
-	 * isspace() and tolower() functions.
-	 */
-
-	/* Ignore leading spaces */
-	while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
-		from++;
-		len--;
-	}
-
-	to = from + len - 1;
-
-	/* Ignore trailing spaces */
-	while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
-		to--;
-		len--;
-	}
-
-	to = out->data;
-
-	i = 0;
-	while (i < len) {
-		/* If MSB set just copy across */
-		if (*from & 0x80) {
-			*to++ = *from++;
-			i++;
-		}
-		/* Collapse multiple spaces */
-		else if (isspace(*from)) {
-			/* Copy one space across */
-			*to++ = ' ';
-			/* Ignore subsequent spaces. Note: don't need to
-			 * check len here because we know the last
-			 * character is a non-space so we can't overflow.
-			 */
-			do {
-				from++;
-				i++;
-			} while (!(*from & 0x80) && isspace(*from));
-		} else {
-			*to++ = tolower(*from);
-			from++;
-			i++;
-		}
-	}
-
-	out->length = to - out->data;
-
-	return 1;
-}
-
-static int
-i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in)
-{
-	int i, len, ltmp;
-	ASN1_VALUE *v;
-	STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
-
-	len = 0;
-	for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
-		v = sk_ASN1_VALUE_value(intname, i);
-		ltmp = ASN1_item_ex_i2d(&v, in,
-		    ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
-		if (ltmp < 0)
-			return ltmp;
-		len += ltmp;
-	}
-	return len;
-}
-
-int
-X509_NAME_set(X509_NAME **xn, X509_NAME *name)
-{
-	X509_NAME *in;
-
-	if (!xn || !name)
-		return (0);
-
-	if (*xn != name) {
-		in = X509_NAME_dup(name);
-		if (in != NULL) {
-			X509_NAME_free(*xn);
-			*xn = in;
-		}
-	}
-	return (*xn != NULL);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_nx509.c b/lib/libssl/src/crypto/asn1/x_nx509.c
deleted file mode 100644
index 7e18be8c796..00000000000
--- a/lib/libssl/src/crypto/asn1/x_nx509.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* $OpenBSD: x_nx509.c,v 1.6 2015/02/11 04:00:39 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stddef.h>
-#include <openssl/x509.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-
-/* Old netscape certificate wrapper format */
-
-static const ASN1_TEMPLATE NETSCAPE_X509_seq_tt[] = {
-	{
-		.offset = offsetof(NETSCAPE_X509, header),
-		.field_name = "header",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(NETSCAPE_X509, cert),
-		.field_name = "cert",
-		.item = &X509_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_X509_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_X509_seq_tt,
-	.tcount = sizeof(NETSCAPE_X509_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(NETSCAPE_X509),
-	.sname = "NETSCAPE_X509",
-};
-
-
-NETSCAPE_X509 *
-d2i_NETSCAPE_X509(NETSCAPE_X509 **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_X509_it);
-}
-
-int
-i2d_NETSCAPE_X509(NETSCAPE_X509 *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_X509_it);
-}
-
-NETSCAPE_X509 *
-NETSCAPE_X509_new(void)
-{
-	return (NETSCAPE_X509 *)ASN1_item_new(&NETSCAPE_X509_it);
-}
-
-void
-NETSCAPE_X509_free(NETSCAPE_X509 *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_X509_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_pkey.c b/lib/libssl/src/crypto/asn1/x_pkey.c
deleted file mode 100644
index 701db0fc6d1..00000000000
--- a/lib/libssl/src/crypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* $OpenBSD: x_pkey.c,v 1.19 2015/09/30 18:41:06 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-X509_PKEY *
-X509_PKEY_new(void)
-{
-	X509_PKEY *ret = NULL;
-
-	if ((ret = malloc(sizeof(X509_PKEY))) == NULL) {
-		ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	ret->version = 0;
-	if ((ret->enc_algor = X509_ALGOR_new()) == NULL) {
-		ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if ((ret->enc_pkey = ASN1_OCTET_STRING_new()) == NULL) {
-		ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	ret->dec_pkey = NULL;
-	ret->key_length = 0;
-	ret->key_data = NULL;
-	ret->key_free = 0;
-	ret->cipher.cipher = NULL;
-	memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
-	ret->references = 1;
-	return (ret);
-
-err:
-	if (ret) {
-		X509_ALGOR_free(ret->enc_algor);
-		free(ret);
-	}
-	return NULL;
-}
-
-void
-X509_PKEY_free(X509_PKEY *x)
-{
-	int i;
-
-	if (x == NULL)
-		return;
-
-	i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
-	if (i > 0)
-		return;
-
-	if (x->enc_algor != NULL)
-		X509_ALGOR_free(x->enc_algor);
-	ASN1_OCTET_STRING_free(x->enc_pkey);
-	EVP_PKEY_free(x->dec_pkey);
-	if ((x->key_data != NULL) && (x->key_free))
-		free(x->key_data);
-	free(x);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_pubkey.c b/lib/libssl/src/crypto/asn1/x_pubkey.c
deleted file mode 100644
index 3bdbb5a5369..00000000000
--- a/lib/libssl/src/crypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,430 +0,0 @@
-/* $OpenBSD: x_pubkey.c,v 1.25 2015/02/11 04:00:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#include "asn1_locl.h"
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int
-pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_FREE_POST) {
-		X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
-		EVP_PKEY_free(pubkey->pkey);
-	}
-	return 1;
-}
-
-static const ASN1_AUX X509_PUBKEY_aux = {
-	.asn1_cb = pubkey_cb,
-};
-static const ASN1_TEMPLATE X509_PUBKEY_seq_tt[] = {
-	{
-		.offset = offsetof(X509_PUBKEY, algor),
-		.field_name = "algor",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_PUBKEY, public_key),
-		.field_name = "public_key",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_PUBKEY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_PUBKEY_seq_tt,
-	.tcount = sizeof(X509_PUBKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_PUBKEY_aux,
-	.size = sizeof(X509_PUBKEY),
-	.sname = "X509_PUBKEY",
-};
-
-
-X509_PUBKEY *
-d2i_X509_PUBKEY(X509_PUBKEY **a, const unsigned char **in, long len)
-{
-	return (X509_PUBKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_PUBKEY_it);
-}
-
-int
-i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_PUBKEY_it);
-}
-
-X509_PUBKEY *
-X509_PUBKEY_new(void)
-{
-	return (X509_PUBKEY *)ASN1_item_new(&X509_PUBKEY_it);
-}
-
-void
-X509_PUBKEY_free(X509_PUBKEY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_PUBKEY_it);
-}
-
-int
-X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
-{
-	X509_PUBKEY *pk = NULL;
-
-	if (x == NULL)
-		return (0);
-	if ((pk = X509_PUBKEY_new()) == NULL)
-		goto error;
-
-	if (pkey->ameth) {
-		if (pkey->ameth->pub_encode) {
-			if (!pkey->ameth->pub_encode(pk, pkey)) {
-				X509err(X509_F_X509_PUBKEY_SET,
-				    X509_R_PUBLIC_KEY_ENCODE_ERROR);
-				goto error;
-			}
-		} else {
-			X509err(X509_F_X509_PUBKEY_SET,
-			    X509_R_METHOD_NOT_SUPPORTED);
-			goto error;
-		}
-	} else {
-		X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
-		goto error;
-	}
-
-	if (*x != NULL)
-		X509_PUBKEY_free(*x);
-
-	*x = pk;
-
-	return 1;
-
-error:
-	if (pk != NULL)
-		X509_PUBKEY_free(pk);
-	return 0;
-}
-
-EVP_PKEY *
-X509_PUBKEY_get(X509_PUBKEY *key)
-{
-	EVP_PKEY *ret = NULL;
-
-	if (key == NULL)
-		goto error;
-
-	if (key->pkey != NULL) {
-		CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-		return key->pkey;
-	}
-
-	if (key->public_key == NULL)
-		goto error;
-
-	if ((ret = EVP_PKEY_new()) == NULL) {
-		X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
-		goto error;
-	}
-
-	if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
-		X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
-		goto error;
-	}
-
-	if (ret->ameth->pub_decode) {
-		if (!ret->ameth->pub_decode(ret, key)) {
-			X509err(X509_F_X509_PUBKEY_GET,
-			    X509_R_PUBLIC_KEY_DECODE_ERROR);
-			goto error;
-		}
-	} else {
-		X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
-		goto error;
-	}
-
-	/* Check to see if another thread set key->pkey first */
-	CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
-	if (key->pkey) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
-		EVP_PKEY_free(ret);
-		ret = key->pkey;
-	} else {
-		key->pkey = ret;
-		CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
-	}
-	CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-	return ret;
-
-error:
-	EVP_PKEY_free(ret);
-	return (NULL);
-}
-
-/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
- * and encode or decode as X509_PUBKEY
- */
-
-EVP_PKEY *
-d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
-{
-	X509_PUBKEY *xpk;
-	EVP_PKEY *pktmp;
-	xpk = d2i_X509_PUBKEY(NULL, pp, length);
-	if (!xpk)
-		return NULL;
-	pktmp = X509_PUBKEY_get(xpk);
-	X509_PUBKEY_free(xpk);
-	if (!pktmp)
-		return NULL;
-	if (a) {
-		EVP_PKEY_free(*a);
-		*a = pktmp;
-	}
-	return pktmp;
-}
-
-int
-i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
-{
-	X509_PUBKEY *xpk = NULL;
-	int ret;
-	if (!a)
-		return 0;
-	if (!X509_PUBKEY_set(&xpk, a))
-		return 0;
-	ret = i2d_X509_PUBKEY(xpk, pp);
-	X509_PUBKEY_free(xpk);
-	return ret;
-}
-
-/* The following are equivalents but which return RSA and DSA
- * keys
- */
-#ifndef OPENSSL_NO_RSA
-RSA *
-d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
-{
-	EVP_PKEY *pkey;
-	RSA *key;
-	const unsigned char *q;
-	q = *pp;
-	pkey = d2i_PUBKEY(NULL, &q, length);
-	if (!pkey)
-		return NULL;
-	key = EVP_PKEY_get1_RSA(pkey);
-	EVP_PKEY_free(pkey);
-	if (!key)
-		return NULL;
-	*pp = q;
-	if (a) {
-		RSA_free(*a);
-		*a = key;
-	}
-	return key;
-}
-
-int
-i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
-{
-	EVP_PKEY *pktmp;
-	int ret;
-	if (!a)
-		return 0;
-	pktmp = EVP_PKEY_new();
-	if (!pktmp) {
-		ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	EVP_PKEY_set1_RSA(pktmp, a);
-	ret = i2d_PUBKEY(pktmp, pp);
-	EVP_PKEY_free(pktmp);
-	return ret;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-DSA *
-d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
-{
-	EVP_PKEY *pkey;
-	DSA *key;
-	const unsigned char *q;
-	q = *pp;
-	pkey = d2i_PUBKEY(NULL, &q, length);
-	if (!pkey)
-		return NULL;
-	key = EVP_PKEY_get1_DSA(pkey);
-	EVP_PKEY_free(pkey);
-	if (!key)
-		return NULL;
-	*pp = q;
-	if (a) {
-		DSA_free(*a);
-		*a = key;
-	}
-	return key;
-}
-
-int
-i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
-{
-	EVP_PKEY *pktmp;
-	int ret;
-	if (!a)
-		return 0;
-	pktmp = EVP_PKEY_new();
-	if (!pktmp) {
-		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	EVP_PKEY_set1_DSA(pktmp, a);
-	ret = i2d_PUBKEY(pktmp, pp);
-	EVP_PKEY_free(pktmp);
-	return ret;
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-EC_KEY *
-d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
-{
-	EVP_PKEY *pkey;
-	EC_KEY *key;
-	const unsigned char *q;
-	q = *pp;
-	pkey = d2i_PUBKEY(NULL, &q, length);
-	if (!pkey)
-		return (NULL);
-	key = EVP_PKEY_get1_EC_KEY(pkey);
-	EVP_PKEY_free(pkey);
-	if (!key)
-		return (NULL);
-	*pp = q;
-	if (a) {
-		EC_KEY_free(*a);
-		*a = key;
-	}
-	return (key);
-}
-
-int
-i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
-{
-	EVP_PKEY *pktmp;
-	int ret;
-	if (!a)
-		return (0);
-	if ((pktmp = EVP_PKEY_new()) == NULL) {
-		ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	EVP_PKEY_set1_EC_KEY(pktmp, a);
-	ret = i2d_PUBKEY(pktmp, pp);
-	EVP_PKEY_free(pktmp);
-	return (ret);
-}
-#endif
-
-int
-X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
-    void *pval, unsigned char *penc, int penclen)
-{
-	if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
-		return 0;
-	if (penc) {
-		free(pub->public_key->data);
-		pub->public_key->data = penc;
-		pub->public_key->length = penclen;
-		/* Set number of unused bits to zero */
-		pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
-		pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-	}
-	return 1;
-}
-
-int
-X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
-    int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
-{
-	if (ppkalg)
-		*ppkalg = pub->algor->algorithm;
-	if (pk) {
-		*pk = pub->public_key->data;
-		*ppklen = pub->public_key->length;
-	}
-	if (pa)
-		*pa = pub->algor;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/asn1/x_req.c b/lib/libssl/src/crypto/asn1/x_req.c
deleted file mode 100644
index 5ffa11e2ddf..00000000000
--- a/lib/libssl/src/crypto/asn1/x_req.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* $OpenBSD: x_req.c,v 1.15 2015/02/11 04:00:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-/* X509_REQ_INFO is handled in an unusual way to get round
- * invalid encodings. Some broken certificate requests don't
- * encode the attributes field if it is empty. This is in
- * violation of PKCS#10 but we need to tolerate it. We do
- * this by making the attributes field OPTIONAL then using
- * the callback to initialise it to an empty STACK.
- *
- * This means that the field will be correctly encoded unless
- * we NULL out the field.
- *
- * As a result we no longer need the req_kludge field because
- * the information is now contained in the attributes field:
- * 1. If it is NULL then it's the invalid omission.
- * 2. If it is empty it is the correct encoding.
- * 3. If it is not empty then some attributes are present.
- *
- */
-
-static int
-rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
-
-	if (operation == ASN1_OP_NEW_POST) {
-		rinf->attributes = sk_X509_ATTRIBUTE_new_null();
-		if (!rinf->attributes)
-			return 0;
-	}
-	return 1;
-}
-
-static const ASN1_AUX X509_REQ_INFO_aux = {
-	.flags = ASN1_AFLG_ENCODING,
-	.asn1_cb = rinf_cb,
-	.enc_offset = offsetof(X509_REQ_INFO, enc),
-};
-static const ASN1_TEMPLATE X509_REQ_INFO_seq_tt[] = {
-	{
-		.offset = offsetof(X509_REQ_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(X509_REQ_INFO, subject),
-		.field_name = "subject",
-		.item = &X509_NAME_it,
-	},
-	{
-		.offset = offsetof(X509_REQ_INFO, pubkey),
-		.field_name = "pubkey",
-		.item = &X509_PUBKEY_it,
-	},
-	/* This isn't really OPTIONAL but it gets round invalid
-	 * encodings
-	 */
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_REQ_INFO, attributes),
-		.field_name = "attributes",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM X509_REQ_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_REQ_INFO_seq_tt,
-	.tcount = sizeof(X509_REQ_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_REQ_INFO_aux,
-	.size = sizeof(X509_REQ_INFO),
-	.sname = "X509_REQ_INFO",
-};
-
-
-X509_REQ_INFO *
-d2i_X509_REQ_INFO(X509_REQ_INFO **a, const unsigned char **in, long len)
-{
-	return (X509_REQ_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_REQ_INFO_it);
-}
-
-int
-i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_INFO_it);
-}
-
-X509_REQ_INFO *
-X509_REQ_INFO_new(void)
-{
-	return (X509_REQ_INFO *)ASN1_item_new(&X509_REQ_INFO_it);
-}
-
-void
-X509_REQ_INFO_free(X509_REQ_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_INFO_it);
-}
-
-static const ASN1_AUX X509_REQ_aux = {
-	.app_data = NULL,
-	.flags = ASN1_AFLG_REFCOUNT,
-	.ref_offset = offsetof(X509_REQ, references),
-	.ref_lock = CRYPTO_LOCK_X509_REQ,
-};
-static const ASN1_TEMPLATE X509_REQ_seq_tt[] = {
-	{
-		.offset = offsetof(X509_REQ, req_info),
-		.field_name = "req_info",
-		.item = &X509_REQ_INFO_it,
-	},
-	{
-		.offset = offsetof(X509_REQ, sig_alg),
-		.field_name = "sig_alg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_REQ, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_REQ_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_REQ_seq_tt,
-	.tcount = sizeof(X509_REQ_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_REQ_aux,
-	.size = sizeof(X509_REQ),
-	.sname = "X509_REQ",
-};
-
-
-X509_REQ *
-d2i_X509_REQ(X509_REQ **a, const unsigned char **in, long len)
-{
-	return (X509_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_REQ_it);
-}
-
-int
-i2d_X509_REQ(X509_REQ *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_it);
-}
-
-X509_REQ *
-X509_REQ_new(void)
-{
-	return (X509_REQ *)ASN1_item_new(&X509_REQ_it);
-}
-
-void
-X509_REQ_free(X509_REQ *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_it);
-}
-
-X509_REQ *
-X509_REQ_dup(X509_REQ *x)
-{
-	return ASN1_item_dup(&X509_REQ_it, x);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_sig.c b/lib/libssl/src/crypto/asn1/x_sig.c
deleted file mode 100644
index 702bc40e558..00000000000
--- a/lib/libssl/src/crypto/asn1/x_sig.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: x_sig.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-static const ASN1_TEMPLATE X509_SIG_seq_tt[] = {
-	{
-		.offset = offsetof(X509_SIG, algor),
-		.field_name = "algor",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_SIG, digest),
-		.field_name = "digest",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_SIG_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_SIG_seq_tt,
-	.tcount = sizeof(X509_SIG_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_SIG),
-	.sname = "X509_SIG",
-};
-
-
-X509_SIG *
-d2i_X509_SIG(X509_SIG **a, const unsigned char **in, long len)
-{
-	return (X509_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_SIG_it);
-}
-
-int
-i2d_X509_SIG(X509_SIG *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_SIG_it);
-}
-
-X509_SIG *
-X509_SIG_new(void)
-{
-	return (X509_SIG *)ASN1_item_new(&X509_SIG_it);
-}
-
-void
-X509_SIG_free(X509_SIG *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_SIG_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_spki.c b/lib/libssl/src/crypto/asn1/x_spki.c
deleted file mode 100644
index 2aa860feb91..00000000000
--- a/lib/libssl/src/crypto/asn1/x_spki.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* $OpenBSD: x_spki.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
- /* This module was send to me my Pat Richards <patr@x509.com> who
-  * wrote it.  It is under my Copyright with his permission
-  */
-
-#include <stdio.h>
-
-#include <openssl/x509.h>
-#include <openssl/asn1t.h>
-
-static const ASN1_TEMPLATE NETSCAPE_SPKAC_seq_tt[] = {
-	{
-		.offset = offsetof(NETSCAPE_SPKAC, pubkey),
-		.field_name = "pubkey",
-		.item = &X509_PUBKEY_it,
-	},
-	{
-		.offset = offsetof(NETSCAPE_SPKAC, challenge),
-		.field_name = "challenge",
-		.item = &ASN1_IA5STRING_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_SPKAC_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_SPKAC_seq_tt,
-	.tcount = sizeof(NETSCAPE_SPKAC_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(NETSCAPE_SPKAC),
-	.sname = "NETSCAPE_SPKAC",
-};
-
-
-NETSCAPE_SPKAC *
-d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_SPKAC *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_SPKAC_it);
-}
-
-int
-i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKAC_it);
-}
-
-NETSCAPE_SPKAC *
-NETSCAPE_SPKAC_new(void)
-{
-	return (NETSCAPE_SPKAC *)ASN1_item_new(&NETSCAPE_SPKAC_it);
-}
-
-void
-NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it);
-}
-
-static const ASN1_TEMPLATE NETSCAPE_SPKI_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(NETSCAPE_SPKI, spkac),
-		.field_name = "spkac",
-		.item = &NETSCAPE_SPKAC_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(NETSCAPE_SPKI, sig_algor),
-		.field_name = "sig_algor",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(NETSCAPE_SPKI, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM NETSCAPE_SPKI_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NETSCAPE_SPKI_seq_tt,
-	.tcount = sizeof(NETSCAPE_SPKI_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(NETSCAPE_SPKI),
-	.sname = "NETSCAPE_SPKI",
-};
-
-
-NETSCAPE_SPKI *
-d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, const unsigned char **in, long len)
-{
-	return (NETSCAPE_SPKI *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NETSCAPE_SPKI_it);
-}
-
-int
-i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKI_it);
-}
-
-NETSCAPE_SPKI *
-NETSCAPE_SPKI_new(void)
-{
-	return (NETSCAPE_SPKI *)ASN1_item_new(&NETSCAPE_SPKI_it);
-}
-
-void
-NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKI_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_val.c b/lib/libssl/src/crypto/asn1/x_val.c
deleted file mode 100644
index eb2ba783bb1..00000000000
--- a/lib/libssl/src/crypto/asn1/x_val.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: x_val.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-
-static const ASN1_TEMPLATE X509_VAL_seq_tt[] = {
-	{
-		.offset = offsetof(X509_VAL, notBefore),
-		.field_name = "notBefore",
-		.item = &ASN1_TIME_it,
-	},
-	{
-		.offset = offsetof(X509_VAL, notAfter),
-		.field_name = "notAfter",
-		.item = &ASN1_TIME_it,
-	},
-};
-
-const ASN1_ITEM X509_VAL_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_VAL_seq_tt,
-	.tcount = sizeof(X509_VAL_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_VAL),
-	.sname = "X509_VAL",
-};
-
-
-X509_VAL *
-d2i_X509_VAL(X509_VAL **a, const unsigned char **in, long len)
-{
-	return (X509_VAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_VAL_it);
-}
-
-int
-i2d_X509_VAL(X509_VAL *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_VAL_it);
-}
-
-X509_VAL *
-X509_VAL_new(void)
-{
-	return (X509_VAL *)ASN1_item_new(&X509_VAL_it);
-}
-
-void
-X509_VAL_free(X509_VAL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_VAL_it);
-}
diff --git a/lib/libssl/src/crypto/asn1/x_x509.c b/lib/libssl/src/crypto/asn1/x_x509.c
deleted file mode 100644
index 168c2c0fcd5..00000000000
--- a/lib/libssl/src/crypto/asn1/x_x509.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* $OpenBSD: x_x509.c,v 1.24 2015/03/19 14:00:22 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static const ASN1_AUX X509_CINF_aux = {
-	.flags = ASN1_AFLG_ENCODING,
-	.enc_offset = offsetof(X509_CINF, enc),
-};
-static const ASN1_TEMPLATE X509_CINF_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CINF, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, serialNumber),
-		.field_name = "serialNumber",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, signature),
-		.field_name = "signature",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, issuer),
-		.field_name = "issuer",
-		.item = &X509_NAME_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, validity),
-		.field_name = "validity",
-		.item = &X509_VAL_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, subject),
-		.field_name = "subject",
-		.item = &X509_NAME_it,
-	},
-	{
-		.offset = offsetof(X509_CINF, key),
-		.field_name = "key",
-		.item = &X509_PUBKEY_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(X509_CINF, issuerUID),
-		.field_name = "issuerUID",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(X509_CINF, subjectUID),
-		.field_name = "subjectUID",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF |
-		    ASN1_TFLG_OPTIONAL,
-		.tag = 3,
-		.offset = offsetof(X509_CINF, extensions),
-		.field_name = "extensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM X509_CINF_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_CINF_seq_tt,
-	.tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_CINF_aux,
-	.size = sizeof(X509_CINF),
-	.sname = "X509_CINF",
-};
-
-
-X509_CINF *
-d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len)
-{
-	return (X509_CINF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_CINF_it);
-}
-
-int
-i2d_X509_CINF(X509_CINF *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CINF_it);
-}
-
-X509_CINF *
-X509_CINF_new(void)
-{
-	return (X509_CINF *)ASN1_item_new(&X509_CINF_it);
-}
-
-void
-X509_CINF_free(X509_CINF *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it);
-}
-/* X509 top level structure needs a bit of customisation */
-
-extern void policy_cache_free(X509_POLICY_CACHE *cache);
-
-static int
-x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	X509 *ret = (X509 *)*pval;
-
-	switch (operation) {
-
-	case ASN1_OP_NEW_POST:
-		ret->valid = 0;
-		ret->name = NULL;
-		ret->ex_flags = 0;
-		ret->ex_pathlen = -1;
-		ret->skid = NULL;
-		ret->akid = NULL;
-		ret->aux = NULL;
-		ret->crldp = NULL;
-		CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-		break;
-
-	case ASN1_OP_D2I_POST:
-		free(ret->name);
-		ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
-		break;
-
-	case ASN1_OP_FREE_POST:
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-		X509_CERT_AUX_free(ret->aux);
-		ASN1_OCTET_STRING_free(ret->skid);
-		AUTHORITY_KEYID_free(ret->akid);
-		CRL_DIST_POINTS_free(ret->crldp);
-		policy_cache_free(ret->policy_cache);
-		GENERAL_NAMES_free(ret->altname);
-		NAME_CONSTRAINTS_free(ret->nc);
-		free(ret->name);
-		ret->name = NULL;
-		break;
-	}
-
-	return 1;
-}
-
-static const ASN1_AUX X509_aux = {
-	.app_data = NULL,
-	.flags = ASN1_AFLG_REFCOUNT,
-	.ref_offset = offsetof(X509, references),
-	.ref_lock = CRYPTO_LOCK_X509,
-	.asn1_cb = x509_cb,
-};
-static const ASN1_TEMPLATE X509_seq_tt[] = {
-	{
-		.offset = offsetof(X509, cert_info),
-		.field_name = "cert_info",
-		.item = &X509_CINF_it,
-	},
-	{
-		.offset = offsetof(X509, sig_alg),
-		.field_name = "sig_alg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.offset = offsetof(X509, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM X509_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_seq_tt,
-	.tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &X509_aux,
-	.size = sizeof(X509),
-	.sname = "X509",
-};
-
-
-X509 *
-d2i_X509(X509 **a, const unsigned char **in, long len)
-{
-	return (X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_it);
-}
-
-int
-i2d_X509(X509 *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_it);
-}
-
-X509 *
-X509_new(void)
-{
-	return (X509 *)ASN1_item_new(&X509_it);
-}
-
-void
-X509_free(X509 *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_it);
-}
-
-X509 *
-X509_dup(X509 *x)
-{
-	return ASN1_item_dup(&X509_it, x);
-}
-
-int
-X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-X509_set_ex_data(X509 *r, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *
-X509_get_ex_data(X509 *r, int idx)
-{
-	return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-/* X509_AUX ASN1 routines. X509_AUX is the name given to
- * a certificate with extra info tagged on the end. Since these
- * functions set how a certificate is trusted they should only
- * be used when the certificate comes from a reliable source
- * such as local storage.
- *
- */
-
-X509 *
-d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
-{
-	const unsigned char *q;
-	X509 *ret;
-
-	/* Save start position */
-	q = *pp;
-	ret = d2i_X509(NULL, pp, length);
-	/* If certificate unreadable then forget it */
-	if (!ret)
-		return NULL;
-	/* update length */
-	length -= *pp - q;
-	if (length > 0) {
-		if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
-			goto err;
-	}
-	if (a != NULL) {
-		X509_free(*a);
-		*a = ret;
-	}
-	return ret;
-
-err:
-	X509_free(ret);
-	return NULL;
-}
-
-int
-i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
-	int length;
-
-	length = i2d_X509(a, pp);
-	if (a)
-		length += i2d_X509_CERT_AUX(a->aux, pp);
-	return length;
-}
diff --git a/lib/libssl/src/crypto/asn1/x_x509a.c b/lib/libssl/src/crypto/asn1/x_x509a.c
deleted file mode 100644
index 29817915b61..00000000000
--- a/lib/libssl/src/crypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,325 +0,0 @@
-/* $OpenBSD: x_x509a.c,v 1.14 2015/02/14 15:28:39 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/* X509_CERT_AUX routines. These are used to encode additional
- * user modifiable data about a certificate. This data is
- * appended to the X509 encoding when the *_X509_AUX routines
- * are used. This means that the "traditional" X509 routines
- * will simply ignore the extra data.
- */
-
-static X509_CERT_AUX *aux_get(X509 *x);
-
-static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CERT_AUX, trust),
-		.field_name = "trust",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
-		    ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(X509_CERT_AUX, reject),
-		.field_name = "reject",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CERT_AUX, alias),
-		.field_name = "alias",
-		.item = &ASN1_UTF8STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.offset = offsetof(X509_CERT_AUX, keyid),
-		.field_name = "keyid",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
-		    ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(X509_CERT_AUX, other),
-		.field_name = "other",
-		.item = &X509_ALGOR_it,
-	},
-};
-
-const ASN1_ITEM X509_CERT_AUX_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_CERT_AUX_seq_tt,
-	.tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.size = sizeof(X509_CERT_AUX),
-	.sname = "X509_CERT_AUX",
-};
-
-
-X509_CERT_AUX *
-d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len)
-{
-	return (X509_CERT_AUX *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_CERT_AUX_it);
-}
-
-int
-i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_AUX_it);
-}
-
-X509_CERT_AUX *
-X509_CERT_AUX_new(void)
-{
-	return (X509_CERT_AUX *)ASN1_item_new(&X509_CERT_AUX_it);
-}
-
-void
-X509_CERT_AUX_free(X509_CERT_AUX *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_AUX_it);
-}
-
-static X509_CERT_AUX *
-aux_get(X509 *x)
-{
-	if (!x)
-		return NULL;
-	if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
-		return NULL;
-	return x->aux;
-}
-
-int
-X509_alias_set1(X509 *x, unsigned char *name, int len)
-{
-	X509_CERT_AUX *aux;
-	if (!name) {
-		if (!x || !x->aux || !x->aux->alias)
-			return 1;
-		ASN1_UTF8STRING_free(x->aux->alias);
-		x->aux->alias = NULL;
-		return 1;
-	}
-	if (!(aux = aux_get(x)))
-		return 0;
-	if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
-		return 0;
-	return ASN1_STRING_set(aux->alias, name, len);
-}
-
-int
-X509_keyid_set1(X509 *x, unsigned char *id, int len)
-{
-	X509_CERT_AUX *aux;
-	if (!id) {
-		if (!x || !x->aux || !x->aux->keyid)
-			return 1;
-		ASN1_OCTET_STRING_free(x->aux->keyid);
-		x->aux->keyid = NULL;
-		return 1;
-	}
-	if (!(aux = aux_get(x)))
-		return 0;
-	if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
-		return 0;
-	return ASN1_STRING_set(aux->keyid, id, len);
-}
-
-unsigned char *
-X509_alias_get0(X509 *x, int *len)
-{
-	if (!x->aux || !x->aux->alias)
-		return NULL;
-	if (len)
-		*len = x->aux->alias->length;
-	return x->aux->alias->data;
-}
-
-unsigned char *
-X509_keyid_get0(X509 *x, int *len)
-{
-	if (!x->aux || !x->aux->keyid)
-		return NULL;
-	if (len)
-		*len = x->aux->keyid->length;
-	return x->aux->keyid->data;
-}
-
-int
-X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
-{
-	X509_CERT_AUX *aux;
-	ASN1_OBJECT *objtmp;
-	int rc;
-
-	if (!(objtmp = OBJ_dup(obj)))
-		return 0;
-	if (!(aux = aux_get(x)))
-		goto err;
-	if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
-		goto err;
-	rc = sk_ASN1_OBJECT_push(aux->trust, objtmp);
-	if (rc != 0)
-		return rc;
-
-err:
-	ASN1_OBJECT_free(objtmp);
-	return 0;
-}
-
-int
-X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
-{
-	X509_CERT_AUX *aux;
-	ASN1_OBJECT *objtmp;
-	int rc;
-
-	if (!(objtmp = OBJ_dup(obj)))
-		return 0;
-	if (!(aux = aux_get(x)))
-		goto err;
-	if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
-		goto err;
-	rc = sk_ASN1_OBJECT_push(aux->reject, objtmp);
-	if (rc != 0)
-		return rc;
-
-err:
-	ASN1_OBJECT_free(objtmp);
-	return 0;
-}
-
-void
-X509_trust_clear(X509 *x)
-{
-	if (x->aux && x->aux->trust) {
-		sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
-		x->aux->trust = NULL;
-	}
-}
-
-void
-X509_reject_clear(X509 *x)
-{
-	if (x->aux && x->aux->reject) {
-		sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
-		x->aux->reject = NULL;
-	}
-}
-
-static const ASN1_TEMPLATE X509_CERT_PAIR_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(X509_CERT_PAIR, forward),
-		.field_name = "forward",
-		.item = &X509_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(X509_CERT_PAIR, reverse),
-		.field_name = "reverse",
-		.item = &X509_it,
-	},
-};
-
-const ASN1_ITEM X509_CERT_PAIR_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X509_CERT_PAIR_seq_tt,
-	.tcount = sizeof(X509_CERT_PAIR_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X509_CERT_PAIR),
-	.sname = "X509_CERT_PAIR",
-};
-
-
-X509_CERT_PAIR *
-d2i_X509_CERT_PAIR(X509_CERT_PAIR **a, const unsigned char **in, long len)
-{
-	return (X509_CERT_PAIR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &X509_CERT_PAIR_it);
-}
-
-int
-i2d_X509_CERT_PAIR(X509_CERT_PAIR *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_PAIR_it);
-}
-
-X509_CERT_PAIR *
-X509_CERT_PAIR_new(void)
-{
-	return (X509_CERT_PAIR *)ASN1_item_new(&X509_CERT_PAIR_it);
-}
-
-void
-X509_CERT_PAIR_free(X509_CERT_PAIR *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_PAIR_it);
-}
diff --git a/lib/libssl/src/crypto/bf/COPYRIGHT b/lib/libssl/src/crypto/bf/COPYRIGHT
deleted file mode 100644
index 6857223506d..00000000000
--- a/lib/libssl/src/crypto/bf/COPYRIGHT
+++ /dev/null
@@ -1,46 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an Blowfish implementation written
-by Eric Young (eay@cryptsoft.com).
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/lib/libssl/src/crypto/bf/INSTALL b/lib/libssl/src/crypto/bf/INSTALL
deleted file mode 100644
index 3b259235326..00000000000
--- a/lib/libssl/src/crypto/bf/INSTALL
+++ /dev/null
@@ -1,14 +0,0 @@
-This Eric Young's blowfish implementation, taken from his SSLeay library
-and made available as a separate library.
- 
-The version number (0.7.2m) is the SSLeay version that this library was
-taken from.
- 
-To build, just unpack and type make.
-If you are not using gcc, edit the Makefile.
-If you are compiling for an x86 box, try the assembler (it needs improving).
-There are also some compile time options that can improve performance,
-these are documented in the Makefile.
- 
-eric 15-Apr-1997
- 
diff --git a/lib/libssl/src/crypto/bf/README b/lib/libssl/src/crypto/bf/README
deleted file mode 100644
index f2712fd0e7d..00000000000
--- a/lib/libssl/src/crypto/bf/README
+++ /dev/null
@@ -1,8 +0,0 @@
-This is a quick packaging up of my blowfish code into a library.
-It has been lifted from SSLeay.
-The copyright notices seem a little harsh because I have not spent the
-time to rewrite the conditions from the normal SSLeay ones.
-
-Basically if you just want to play with the library, not a problem.
-
-eric 15-Apr-1997
diff --git a/lib/libssl/src/crypto/bf/VERSION b/lib/libssl/src/crypto/bf/VERSION
deleted file mode 100644
index be995855e43..00000000000
--- a/lib/libssl/src/crypto/bf/VERSION
+++ /dev/null
@@ -1,6 +0,0 @@
-The version numbers will follow my SSL implementation
-
-0.7.2r - Some reasonable default compiler options from 
-	Peter Gutman <pgut001@cs.auckland.ac.nz>
-
-0.7.2m - the first release
diff --git a/lib/libssl/src/crypto/bf/asm/bf-586.pl b/lib/libssl/src/crypto/bf/asm/bf-586.pl
deleted file mode 100644
index 1f9b345aeed..00000000000
--- a/lib/libssl/src/crypto/bf/asm/bf-586.pl
+++ /dev/null
@@ -1,137 +0,0 @@
-#!/usr/local/bin/perl
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
-
-$BF_ROUNDS=16;
-$BF_OFF=($BF_ROUNDS+2)*4;
-$L="edi";
-$R="esi";
-$P="ebp";
-$tmp1="eax";
-$tmp2="ebx";
-$tmp3="ecx";
-$tmp4="edx";
-
-&BF_encrypt("BF_encrypt",1);
-&BF_encrypt("BF_decrypt",0);
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1) unless $main'openbsd;
-&asm_finish();
-
-sub BF_encrypt
-	{
-	local($name,$enc)=@_;
-
-	&function_begin_B($name,"");
-
-	&comment("");
-
-	&push("ebp");
-	&push("ebx");
-	&mov($tmp2,&wparam(0));
-	&mov($P,&wparam(1));
-	&push("esi");
-	&push("edi");
-
-	&comment("Load the 2 words");
-	&mov($L,&DWP(0,$tmp2,"",0));
-	&mov($R,&DWP(4,$tmp2,"",0));
-
-	&xor(	$tmp1,	$tmp1);
-
-	# encrypting part
-
-	if ($enc)
-		{
-		 &mov($tmp2,&DWP(0,$P,"",0));
-		&xor(	$tmp3,	$tmp3);
-
-		&xor($L,$tmp2);
-		for ($i=0; $i<$BF_ROUNDS; $i+=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
-
-			&comment("");
-			&comment("Round ".sprintf("%d",$i+1));
-			&BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
-			}
-		# &mov($tmp1,&wparam(0)); In last loop
-		&mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-		}
-	else
-		{
-		 &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
-		&xor(	$tmp3,	$tmp3);
-
-		&xor($L,$tmp2);
-		for ($i=$BF_ROUNDS; $i>0; $i-=2)
-			{
-			&comment("");
-			&comment("Round $i");
-			&BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
-			&comment("");
-			&comment("Round ".sprintf("%d",$i-1));
-			&BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
-			}
-		# &mov($tmp1,&wparam(0)); In last loop
-		&mov($tmp4,&DWP(0,$P,"",0));
-		}
-
-	&xor($R,$tmp4);
-	&mov(&DWP(4,$tmp1,"",0),$L);
-
-	&mov(&DWP(0,$tmp1,"",0),$R);
-	&function_end($name);
-	}
-
-sub BF_ENCRYPT
-	{
-	local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
-
-	&mov(	$tmp4,		&DWP(&n2a($i*4),$P,"",0)); # for next round
-
-	&mov(	$tmp2,		$R);
-	&xor(	$L,		$tmp4);
-
-	&shr(	$tmp2,		16);
-	&mov(	$tmp4,		$R);
-
-	&movb(	&LB($tmp1),	&HB($tmp2));	# A
-	&and(	$tmp2,		0xff);		# B
-
-	&movb(	&LB($tmp3),	&HB($tmp4));	# C
-	&and(	$tmp4,		0xff);		# D
-
-	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
-	&mov(	$tmp2,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
-
-	&add(	$tmp2,		$tmp1);
-	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
-
-	&xor(	$tmp2,		$tmp1);
-	&mov(	$tmp4,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
-
-	&add(	$tmp2,		$tmp4);
-	if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
-		{ &xor(	$tmp1,		$tmp1); }
-	else
-		{
-		&comment("Load parameter 0 ($i) enc=$enc");
-		&mov($tmp1,&wparam(0));
-		} # In last loop
-
-	&xor(	$L,		$tmp2);
-	# delay
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
diff --git a/lib/libssl/src/crypto/bf/bf_cbc.c b/lib/libssl/src/crypto/bf/bf_cbc.c
deleted file mode 100644
index 6f45f9ae4c3..00000000000
--- a/lib/libssl/src/crypto/bf/bf_cbc.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* $OpenBSD: bf_cbc.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-	{
-	BF_LONG tin0,tin1;
-	BF_LONG tout0,tout1,xor0,xor1;
-	long l=length;
-	BF_LONG tin[2];
-
-	if (encrypt)
-		{
-		n2l(ivec,tout0);
-		n2l(ivec,tout1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,ivec);
-		l2n(tout1,ivec);
-		}
-	else
-		{
-		n2l(ivec,xor0);
-		n2l(ivec,xor1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,ivec);
-		l2n(xor1,ivec);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/bf/bf_cfb64.c b/lib/libssl/src/crypto/bf/bf_cfb64.c
deleted file mode 100644
index 6cc0bb999bd..00000000000
--- a/lib/libssl/src/crypto/bf/bf_cfb64.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* $OpenBSD: bf_cfb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt)
-	{
-	BF_LONG v0,v1,t;
-	int n= *num;
-	long l=length;
-	BF_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				BF_encrypt((BF_LONG *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/bf/bf_ecb.c b/lib/libssl/src/crypto/bf/bf_ecb.c
deleted file mode 100644
index 305bd78260b..00000000000
--- a/lib/libssl/src/crypto/bf/bf_ecb.c
+++ /dev/null
@@ -1,94 +0,0 @@
-/* $OpenBSD: bf_ecb.c,v 1.6 2014/07/09 11:10:50 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include <openssl/opensslv.h>
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-const char *BF_options(void)
-	{
-#ifdef BF_PTR
-	return("blowfish(ptr)");
-#elif defined(BF_PTR2)
-	return("blowfish(ptr2)");
-#else
-	return("blowfish(idx)");
-#endif
-	}
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	     const BF_KEY *key, int encrypt)
-	{
-	BF_LONG l,d[2];
-
-	n2l(in,l); d[0]=l;
-	n2l(in,l); d[1]=l;
-	if (encrypt)
-		BF_encrypt(d,key);
-	else
-		BF_decrypt(d,key);
-	l=d[0]; l2n(l,out);
-	l=d[1]; l2n(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/bf/bf_enc.c b/lib/libssl/src/crypto/bf/bf_enc.c
deleted file mode 100644
index 2cf1c860630..00000000000
--- a/lib/libssl/src/crypto/bf/bf_enc.c
+++ /dev/null
@@ -1,306 +0,0 @@
-/* $OpenBSD: bf_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
- * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
- * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
- */
-
-#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
-#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
-to modify the code.
-#endif
-
-void BF_encrypt(BF_LONG *data, const BF_KEY *key)
-	{
-#ifndef BF_PTR2
-	BF_LONG l,r;
-	const BF_LONG *p,*s;
-
-	p=key->P;
-	s= &(key->S[0]);
-	l=data[0];
-	r=data[1];
-
-	l^=p[0];
-	BF_ENC(r,l,s,p[ 1]);
-	BF_ENC(l,r,s,p[ 2]);
-	BF_ENC(r,l,s,p[ 3]);
-	BF_ENC(l,r,s,p[ 4]);
-	BF_ENC(r,l,s,p[ 5]);
-	BF_ENC(l,r,s,p[ 6]);
-	BF_ENC(r,l,s,p[ 7]);
-	BF_ENC(l,r,s,p[ 8]);
-	BF_ENC(r,l,s,p[ 9]);
-	BF_ENC(l,r,s,p[10]);
-	BF_ENC(r,l,s,p[11]);
-	BF_ENC(l,r,s,p[12]);
-	BF_ENC(r,l,s,p[13]);
-	BF_ENC(l,r,s,p[14]);
-	BF_ENC(r,l,s,p[15]);
-	BF_ENC(l,r,s,p[16]);
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,s,p[17]);
-	BF_ENC(l,r,s,p[18]);
-	BF_ENC(r,l,s,p[19]);
-	BF_ENC(l,r,s,p[20]);
-#endif
-	r^=p[BF_ROUNDS+1];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#else
-	BF_LONG l,r,t,*k;
-
-	l=data[0];
-	r=data[1];
-	k=(BF_LONG*)key;
-
-	l^=k[0];
-	BF_ENC(r,l,k, 1);
-	BF_ENC(l,r,k, 2);
-	BF_ENC(r,l,k, 3);
-	BF_ENC(l,r,k, 4);
-	BF_ENC(r,l,k, 5);
-	BF_ENC(l,r,k, 6);
-	BF_ENC(r,l,k, 7);
-	BF_ENC(l,r,k, 8);
-	BF_ENC(r,l,k, 9);
-	BF_ENC(l,r,k,10);
-	BF_ENC(r,l,k,11);
-	BF_ENC(l,r,k,12);
-	BF_ENC(r,l,k,13);
-	BF_ENC(l,r,k,14);
-	BF_ENC(r,l,k,15);
-	BF_ENC(l,r,k,16);
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,k,17);
-	BF_ENC(l,r,k,18);
-	BF_ENC(r,l,k,19);
-	BF_ENC(l,r,k,20);
-#endif
-	r^=k[BF_ROUNDS+1];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#endif
-	}
-
-#ifndef BF_DEFAULT_OPTIONS
-
-void BF_decrypt(BF_LONG *data, const BF_KEY *key)
-	{
-#ifndef BF_PTR2
-	BF_LONG l,r;
-	const BF_LONG *p,*s;
-
-	p=key->P;
-	s= &(key->S[0]);
-	l=data[0];
-	r=data[1];
-
-	l^=p[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,s,p[20]);
-	BF_ENC(l,r,s,p[19]);
-	BF_ENC(r,l,s,p[18]);
-	BF_ENC(l,r,s,p[17]);
-#endif
-	BF_ENC(r,l,s,p[16]);
-	BF_ENC(l,r,s,p[15]);
-	BF_ENC(r,l,s,p[14]);
-	BF_ENC(l,r,s,p[13]);
-	BF_ENC(r,l,s,p[12]);
-	BF_ENC(l,r,s,p[11]);
-	BF_ENC(r,l,s,p[10]);
-	BF_ENC(l,r,s,p[ 9]);
-	BF_ENC(r,l,s,p[ 8]);
-	BF_ENC(l,r,s,p[ 7]);
-	BF_ENC(r,l,s,p[ 6]);
-	BF_ENC(l,r,s,p[ 5]);
-	BF_ENC(r,l,s,p[ 4]);
-	BF_ENC(l,r,s,p[ 3]);
-	BF_ENC(r,l,s,p[ 2]);
-	BF_ENC(l,r,s,p[ 1]);
-	r^=p[0];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#else
-	BF_LONG l,r,t,*k;
-
-	l=data[0];
-	r=data[1];
-	k=(BF_LONG *)key;
-
-	l^=k[BF_ROUNDS+1];
-#if BF_ROUNDS == 20
-	BF_ENC(r,l,k,20);
-	BF_ENC(l,r,k,19);
-	BF_ENC(r,l,k,18);
-	BF_ENC(l,r,k,17);
-#endif
-	BF_ENC(r,l,k,16);
-	BF_ENC(l,r,k,15);
-	BF_ENC(r,l,k,14);
-	BF_ENC(l,r,k,13);
-	BF_ENC(r,l,k,12);
-	BF_ENC(l,r,k,11);
-	BF_ENC(r,l,k,10);
-	BF_ENC(l,r,k, 9);
-	BF_ENC(r,l,k, 8);
-	BF_ENC(l,r,k, 7);
-	BF_ENC(r,l,k, 6);
-	BF_ENC(l,r,k, 5);
-	BF_ENC(r,l,k, 4);
-	BF_ENC(l,r,k, 3);
-	BF_ENC(r,l,k, 2);
-	BF_ENC(l,r,k, 1);
-	r^=k[0];
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-#endif
-	}
-
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int encrypt)
-	{
-	BF_LONG tin0,tin1;
-	BF_LONG tout0,tout1,xor0,xor1;
-	long l=length;
-	BF_LONG tin[2];
-
-	if (encrypt)
-		{
-		n2l(ivec,tout0);
-		n2l(ivec,tout1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_encrypt(tin,schedule);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,ivec);
-		l2n(tout1,ivec);
-		}
-	else
-		{
-		n2l(ivec,xor0);
-		n2l(ivec,xor1);
-		ivec-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			BF_decrypt(tin,schedule);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,ivec);
-		l2n(xor1,ivec);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-#endif
diff --git a/lib/libssl/src/crypto/bf/bf_locl.h b/lib/libssl/src/crypto/bf/bf_locl.h
deleted file mode 100644
index 0b663622d82..00000000000
--- a/lib/libssl/src/crypto/bf/bf_locl.h
+++ /dev/null
@@ -1,219 +0,0 @@
-/* $OpenBSD: bf_locl.h,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BF_LOCL_H
-#define HEADER_BF_LOCL_H
-#include <openssl/opensslconf.h> /* BF_PTR, BF_PTR2 */
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* This is actually a big endian algorithm, the most significant byte
- * is used to lookup array 0 */
-
-#if defined(BF_PTR2)
-
-/*
- * This is basically a special Intel version. Point is that Intel
- * doesn't have many registers, but offers a reach choice of addressing
- * modes. So we spare some registers by directly traversing BF_KEY
- * structure and hiring the most decorated addressing mode. The code
- * generated by EGCS is *perfectly* competitive with assembler
- * implementation!
- */
-#define BF_ENC(LL,R,KEY,Pi) (\
-	LL^=KEY[Pi], \
-	t=  KEY[BF_ROUNDS+2 +   0 + ((R>>24)&0xFF)], \
-	t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
-	t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
-	t+= KEY[BF_ROUNDS+2 + 768 + ((R    )&0xFF)], \
-	LL^=t \
-	)
-
-#elif defined(BF_PTR)
-
-#ifndef BF_LONG_LOG2
-#define BF_LONG_LOG2  2       /* default to BF_LONG being 32 bits */
-#endif
-#define BF_M  (0xFF<<BF_LONG_LOG2)
-#define BF_0  (24-BF_LONG_LOG2)
-#define BF_1  (16-BF_LONG_LOG2)
-#define BF_2  ( 8-BF_LONG_LOG2)
-#define BF_3  BF_LONG_LOG2 /* left shift */
-
-/*
- * This is normally very good on RISC platforms where normally you
- * have to explicitly "multiply" array index by sizeof(BF_LONG)
- * in order to calculate the effective address. This implementation
- * excuses CPU from this extra work. Power[PC] uses should have most
- * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
- * rlwinm. So let'em double-check if their compiler does it.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
-	LL^=P, \
-	LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
-		*(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
-		*(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
-		*(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
-	)
-#else
-
-/*
- * This is a *generic* version. Seem to perform best on platforms that
- * offer explicit support for extraction of 8-bit nibbles preferably
- * complemented with "multiplying" of array index by sizeof(BF_LONG).
- * For the moment of this writing the list comprises Alpha CPU featuring
- * extbl and s[48]addq instructions.
- */
-
-#define BF_ENC(LL,R,S,P) ( \
-	LL^=P, \
-	LL^=(((	S[       ((int)(R>>24)&0xff)] + \
-		S[0x0100+((int)(R>>16)&0xff)])^ \
-		S[0x0200+((int)(R>> 8)&0xff)])+ \
-		S[0x0300+((int)(R    )&0xff)])&0xffffffffL \
-	)
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/bf/bf_ofb64.c b/lib/libssl/src/crypto/bf/bf_ofb64.c
deleted file mode 100644
index 9e33162aab3..00000000000
--- a/lib/libssl/src/crypto/bf/bf_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: bf_ofb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const BF_KEY *schedule, unsigned char *ivec, int *num)
-	{
-	BF_LONG v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned char d[8];
-	char *dp;
-	BF_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			BF_encrypt((BF_LONG *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/bf/bf_pi.h b/lib/libssl/src/crypto/bf/bf_pi.h
deleted file mode 100644
index fe9b9e8a4bf..00000000000
--- a/lib/libssl/src/crypto/bf/bf_pi.h
+++ /dev/null
@@ -1,325 +0,0 @@
-/* $OpenBSD: bf_pi.h,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-static const BF_KEY bf_init= {
-	{
-	0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
-	0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
-	0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
-	0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
-	0x9216d5d9L, 0x8979fb1b
-	},{
-	0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, 
-	0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, 
-	0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, 
-	0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, 
-	0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, 
-	0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, 
-	0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, 
-	0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, 
-	0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, 
-	0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, 
-	0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, 
-	0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, 
-	0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, 
-	0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, 
-	0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, 
-	0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, 
-	0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, 
-	0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, 
-	0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, 
-	0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, 
-	0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, 
-	0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, 
-	0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, 
-	0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, 
-	0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, 
-	0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, 
-	0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, 
-	0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, 
-	0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, 
-	0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, 
-	0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, 
-	0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, 
-	0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, 
-	0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, 
-	0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, 
-	0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, 
-	0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, 
-	0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, 
-	0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, 
-	0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, 
-	0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, 
-	0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, 
-	0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, 
-	0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, 
-	0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, 
-	0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, 
-	0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, 
-	0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, 
-	0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, 
-	0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, 
-	0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, 
-	0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, 
-	0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, 
-	0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, 
-	0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, 
-	0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, 
-	0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, 
-	0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, 
-	0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, 
-	0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, 
-	0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, 
-	0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, 
-	0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, 
-	0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, 
-	0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, 
-	0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, 
-	0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, 
-	0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, 
-	0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, 
-	0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, 
-	0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, 
-	0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, 
-	0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, 
-	0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, 
-	0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, 
-	0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, 
-	0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, 
-	0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, 
-	0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, 
-	0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, 
-	0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, 
-	0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, 
-	0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, 
-	0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, 
-	0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, 
-	0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, 
-	0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, 
-	0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, 
-	0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, 
-	0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, 
-	0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, 
-	0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, 
-	0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, 
-	0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, 
-	0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, 
-	0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, 
-	0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, 
-	0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, 
-	0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, 
-	0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, 
-	0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, 
-	0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, 
-	0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, 
-	0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, 
-	0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, 
-	0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, 
-	0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, 
-	0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, 
-	0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, 
-	0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, 
-	0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, 
-	0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, 
-	0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, 
-	0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, 
-	0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, 
-	0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, 
-	0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, 
-	0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, 
-	0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, 
-	0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, 
-	0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, 
-	0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, 
-	0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, 
-	0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, 
-	0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, 
-	0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, 
-	0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, 
-	0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, 
-	0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, 
-	0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, 
-	0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, 
-	0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, 
-	0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, 
-	0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, 
-	0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, 
-	0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, 
-	0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, 
-	0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, 
-	0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, 
-	0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, 
-	0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, 
-	0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, 
-	0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, 
-	0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, 
-	0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, 
-	0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, 
-	0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, 
-	0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, 
-	0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, 
-	0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, 
-	0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, 
-	0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, 
-	0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, 
-	0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, 
-	0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, 
-	0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, 
-	0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, 
-	0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, 
-	0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, 
-	0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, 
-	0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, 
-	0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, 
-	0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, 
-	0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, 
-	0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, 
-	0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, 
-	0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, 
-	0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, 
-	0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, 
-	0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, 
-	0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, 
-	0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, 
-	0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, 
-	0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, 
-	0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, 
-	0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, 
-	0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, 
-	0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, 
-	0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, 
-	0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, 
-	0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, 
-	0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, 
-	0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, 
-	0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, 
-	0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, 
-	0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, 
-	0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, 
-	0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, 
-	0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, 
-	0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, 
-	0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, 
-	0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, 
-	0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, 
-	0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, 
-	0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, 
-	0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, 
-	0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, 
-	0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, 
-	0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, 
-	0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, 
-	0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, 
-	0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, 
-	0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, 
-	0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, 
-	0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, 
-	0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, 
-	0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, 
-	0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, 
-	0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, 
-	0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, 
-	0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, 
-	0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, 
-	0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, 
-	0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, 
-	0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, 
-	0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, 
-	0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, 
-	0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, 
-	0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, 
-	0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, 
-	0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, 
-	0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, 
-	0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, 
-	0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, 
-	0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, 
-	0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, 
-	0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, 
-	0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, 
-	0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, 
-	0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, 
-	0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, 
-	0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, 
-	0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, 
-	0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, 
-	0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, 
-	0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, 
-	0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, 
-	0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, 
-	0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, 
-	0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, 
-	0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, 
-	0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, 
-	0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, 
-	0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, 
-	0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, 
-	0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, 
-	0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, 
-	0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, 
-	0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, 
-	0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, 
-	0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, 
-	0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, 
-	0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, 
-	0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, 
-	0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, 
-	0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, 
-	}
-	};
-
diff --git a/lib/libssl/src/crypto/bf/bf_skey.c b/lib/libssl/src/crypto/bf/bf_skey.c
deleted file mode 100644
index 8191d17d8e3..00000000000
--- a/lib/libssl/src/crypto/bf/bf_skey.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: bf_skey.c,v 1.12 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/crypto.h>
-#include <openssl/blowfish.h>
-#include "bf_locl.h"
-#include "bf_pi.h"
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
-	{
-	int i;
-	BF_LONG *p,ri,in[2];
-	const unsigned char *d,*end;
-
-
-	memcpy(key,&bf_init,sizeof(BF_KEY));
-	p=key->P;
-
-	if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
-
-	d=data;
-	end= &(data[len]);
-	for (i=0; i<(BF_ROUNDS+2); i++)
-		{
-		ri= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		ri<<=8;
-		ri|= *(d++);
-		if (d >= end) d=data;
-
-		p[i]^=ri;
-		}
-
-	in[0]=0L;
-	in[1]=0L;
-	for (i=0; i<(BF_ROUNDS+2); i+=2)
-		{
-		BF_encrypt(in,key);
-		p[i  ]=in[0];
-		p[i+1]=in[1];
-		}
-
-	p=key->S;
-	for (i=0; i<4*256; i+=2)
-		{
-		BF_encrypt(in,key);
-		p[i  ]=in[0];
-		p[i+1]=in[1];
-		}
-	}
-
diff --git a/lib/libssl/src/crypto/bf/blowfish.h b/lib/libssl/src/crypto/bf/blowfish.h
deleted file mode 100644
index 4d2db80552c..00000000000
--- a/lib/libssl/src/crypto/bf/blowfish.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: blowfish.h,v 1.14 2014/07/10 09:01:04 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BLOWFISH_H
-#define HEADER_BLOWFISH_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_BF
-#error BF is disabled.
-#endif
-
-#define BF_ENCRYPT	1
-#define BF_DECRYPT	0
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
- * ! BF_LONG_LOG2 has to be defined along.                        !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#define BF_LONG unsigned int
-
-#define BF_ROUNDS	16
-#define BF_BLOCK	8
-
-typedef struct bf_key_st
-	{
-	BF_LONG P[BF_ROUNDS+2];
-	BF_LONG S[4*256];
-	} BF_KEY;
-
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
-
-void BF_encrypt(BF_LONG *data,const BF_KEY *key);
-void BF_decrypt(BF_LONG *data,const BF_KEY *key);
-
-void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const BF_KEY *key, int enc);
-void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int enc);
-void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
-void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length,
-	const BF_KEY *schedule, unsigned char *ivec, int *num);
-const char *BF_options(void);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/bio/b_dump.c b/lib/libssl/src/crypto/bio/b_dump.c
deleted file mode 100644
index 0214addc8be..00000000000
--- a/lib/libssl/src/crypto/bio/b_dump.c
+++ /dev/null
@@ -1,182 +0,0 @@
-/* $OpenBSD: b_dump.c,v 1.21 2015/04/23 06:11:19 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Stolen from tjh's ssl/ssl_trc.c stuff.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-
-#define TRUNCATE
-#define DUMP_WIDTH	16
-#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH - ((i - (i > 6 ? 6 : i) + 3) / 4))
-
-int
-BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
-    void *u, const char *s, int len)
-{
-	return BIO_dump_indent_cb(cb, u, s, len, 0);
-}
-
-int
-BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
-    void *u, const char *s, int len, int indent)
-{
-	int ret = 0;
-	char buf[288 + 1], tmp[20], str[128 + 1];
-	int i, j, rows, trc;
-	unsigned char ch;
-	int dump_width;
-
-	trc = 0;
-
-#ifdef TRUNCATE
-	for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
-		trc++;
-#endif
-
-	if (indent < 0)
-		indent = 0;
-	if (indent) {
-		if (indent > 128)
-			indent = 128;
-		memset(str, ' ', indent);
-	}
-	str[indent] = '\0';
-
-	dump_width = DUMP_WIDTH_LESS_INDENT(indent);
-	rows = (len / dump_width);
-	if ((rows * dump_width) < len)
-		rows++;
-	for (i = 0; i < rows; i++) {
-		strlcpy(buf, str, sizeof buf);
-		snprintf(tmp, sizeof tmp, "%04x - ", i*dump_width);
-		strlcat(buf, tmp, sizeof buf);
-		for (j = 0; j < dump_width; j++) {
-			if (((i*dump_width) + j) >= len) {
-				strlcat(buf, "   ", sizeof buf);
-			} else {
-				ch = ((unsigned char)*(s + i*dump_width + j)) & 0xff;
-				snprintf(tmp, sizeof tmp, "%02x%c", ch,
-				    j == 7 ? '-' : ' ');
-				strlcat(buf, tmp, sizeof buf);
-			}
-		}
-		strlcat(buf, "  ", sizeof buf);
-		for (j = 0; j < dump_width; j++) {
-			if (((i*dump_width) + j) >= len)
-				break;
-			ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
-			snprintf(tmp, sizeof tmp, "%c",
-			    ((ch >= ' ') && (ch <= '~')) ? ch : '.');
-			strlcat(buf, tmp, sizeof buf);
-		}
-		strlcat(buf, "\n", sizeof buf);
-		/* if this is the last call then update the ddt_dump thing so
-		 * that we will move the selection point in the debug window
-		 */
-		ret += cb((void *)buf, strlen(buf), u);
-	}
-#ifdef TRUNCATE
-	if (trc > 0) {
-		snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n",
-		    str, len + trc);
-		ret += cb((void *)buf, strlen(buf), u);
-	}
-#endif
-	return (ret);
-}
-
-static int
-write_fp(const void *data, size_t len, void *fp)
-{
-	return fwrite(data, 1, len, fp);
-}
-
-int
-BIO_dump_fp(FILE *fp, const char *s, int len)
-{
-	return BIO_dump_cb(write_fp, fp, s, len);
-}
-
-int
-BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent)
-{
-	return BIO_dump_indent_cb(write_fp, fp, s, len, indent);
-}
-
-static int
-write_bio(const void *data, size_t len, void *bp)
-{
-	return BIO_write((BIO *)bp, (const char *)data, len);
-}
-
-int
-BIO_dump(BIO *bp, const char *s, int len)
-{
-	return BIO_dump_cb(write_bio, bp, s, len);
-}
-
-int
-BIO_dump_indent(BIO *bp, const char *s, int len, int indent)
-{
-	return BIO_dump_indent_cb(write_bio, bp, s, len, indent);
-}
diff --git a/lib/libssl/src/crypto/bio/b_posix.c b/lib/libssl/src/crypto/bio/b_posix.c
deleted file mode 100644
index a850bc6aead..00000000000
--- a/lib/libssl/src/crypto/bio/b_posix.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* $OpenBSD: b_posix.c,v 1.1 2014/12/03 22:14:38 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * Functions that need to be overridden by non-POSIX operating systems.
- */
-
-#include <fcntl.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-
-int
-BIO_sock_init(void)
-{
-	return (1);
-}
-
-void
-BIO_sock_cleanup(void)
-{
-}
-
-int
-BIO_socket_nbio(int s, int mode)
-{
-	int flags = fcntl(s, F_GETFD);
-	if (mode && !(flags & O_NONBLOCK))
-		return (fcntl(s, F_SETFL, flags | O_NONBLOCK) != -1);
-	else if (!mode && (flags & O_NONBLOCK))
-		return (fcntl(s, F_SETFL, flags & ~O_NONBLOCK) != -1);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/bio/b_print.c b/lib/libssl/src/crypto/bio/b_print.c
deleted file mode 100644
index 09747767dde..00000000000
--- a/lib/libssl/src/crypto/bio/b_print.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* $OpenBSD: b_print.c,v 1.25 2014/06/12 15:49:28 deraadt Exp $ */
-
-/* Theo de Raadt places this file in the public domain. */
-
-#include <openssl/bio.h>
-
-int
-BIO_printf(BIO *bio, const char *format, ...)
-{
-	va_list args;
-	int ret;
-
-	va_start(args, format);
-	ret = BIO_vprintf(bio, format, args);
-	va_end(args);
-	return (ret);
-}
-
-#ifdef HAVE_FUNOPEN
-static int
-_BIO_write(void *cookie, const char *buf, int nbytes)
-{
-	return BIO_write(cookie, buf, nbytes);
-}
-
-int
-BIO_vprintf(BIO *bio, const char *format, va_list args)
-{
-	int ret;
-	FILE *fp;
-
-	fp = funopen(bio, NULL, &_BIO_write, NULL, NULL);
-	if (fp == NULL) {
-		ret = -1;
-		goto fail;
-	}
-	ret = vfprintf(fp, format, args);
-	fclose(fp);
-fail:
-	return (ret);
-}
-
-#else /* !HAVE_FUNOPEN */
-
-int
-BIO_vprintf(BIO *bio, const char *format, va_list args)
-{
-	int ret;
-	char *buf = NULL;
-
-	ret = vasprintf(&buf, format, args);
-	if (buf == NULL) {
-		ret = -1;
-		goto fail;
-	}
-	BIO_write(bio, buf, ret);
-	free(buf);
-fail:
-	return (ret);
-}
-
-#endif /* HAVE_FUNOPEN */
-
-/*
- * BIO_snprintf and BIO_vsnprintf return -1 for overflow,
- * due to the history of this API.  Justification:
- *
- * Traditional snprintf surfaced in 4.4BSD, and returned
- * "number of bytes wanted". Solaris and Windows opted to
- * return -1.  A draft standard was written which returned -1.
- * Due to the large volume of code already using the first
- * semantics, the draft was repaired before standardization to
- * specify "number of bytes wanted" plus "-1 for character conversion
- * style errors".  Solaris adapted to this rule, but Windows stuck
- * with -1.
- *
- * Original OpenSSL comment which is full of lies:
- *
- * "In case of truncation, return -1 like traditional snprintf.
- * (Current drafts for ISO/IEC 9899 say snprintf should return
- * the number of characters that would have been written,
- * had the buffer been large enough.)"
- */
-int
-BIO_snprintf(char *buf, size_t n, const char *format, ...)
-{
-	va_list args;
-	int ret;
-
-	va_start(args, format);
-	ret = vsnprintf(buf, n, format, args);
-	va_end(args);
-
-	if (ret >= n || ret == -1)
-		return (-1);
-	return (ret);
-}
-
-int
-BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-{
-	int ret;
-
-	ret = vsnprintf(buf, n, format, args);
-
-	if (ret >= n || ret == -1)
-		return (-1);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bio/b_sock.c b/lib/libssl/src/crypto/bio/b_sock.c
deleted file mode 100644
index ece88277df7..00000000000
--- a/lib/libssl/src/crypto/bio/b_sock.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/* $OpenBSD: b_sock.c,v 1.61 2014/12/03 22:14:38 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/ioctl.h>
-#include <sys/socket.h>
-#include <string.h>
-
-#include <arpa/inet.h>
-#include <netinet/in.h>
-#include <netinet/tcp.h>
-
-#include <errno.h>
-#include <limits.h>
-#include <netdb.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-int
-BIO_get_host_ip(const char *str, unsigned char *ip)
-{
-	int i;
-	int err = 1;
-	struct hostent *he;
-
-	if (inet_pton(AF_INET, str, ip) == 1)
-		return (1);
-
-	/* do a gethostbyname */
-	CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
-	he = BIO_gethostbyname(str);
-	if (he == NULL) {
-		BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
-		goto err;
-	}
-
-	if (he->h_addrtype != AF_INET) {
-		BIOerr(BIO_F_BIO_GET_HOST_IP,
-		    BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
-		goto err;
-	}
-	for (i = 0; i < 4; i++)
-		ip[i] = he->h_addr_list[0][i];
-	err = 0;
-
-err:
-	CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
-	if (err) {
-		ERR_asprintf_error_data("host=%s", str);
-		return 0;
-	} else
-		return 1;
-}
-
-int
-BIO_get_port(const char *str, unsigned short *port_ptr)
-{
-	struct addrinfo *res = NULL;
-	struct addrinfo hints = {
-		.ai_family = AF_UNSPEC,
-		.ai_socktype = SOCK_STREAM,
-		.ai_flags = AI_PASSIVE,
-	};
-	long port;
-	char *ep;
-
-	if (str == NULL) {
-		BIOerr(BIO_F_BIO_GET_PORT, BIO_R_NO_PORT_SPECIFIED);
-		return (0);
-	}
-
-	errno = 0;
-	port = strtol(str, &ep, 10);
-	if (str[0] != '\0' && *ep == '\0') {
-		if (errno == ERANGE && (port == LONG_MAX || port == LONG_MIN)) {
-			BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER);
-			return (0);
-		}
-		if (port < 0 || port > 65535) {
-			BIOerr(BIO_F_BIO_GET_PORT, BIO_R_INVALID_PORT_NUMBER);
-			return (0);
-		}
-		goto done;
-	}
-
-	if (getaddrinfo(NULL, str, &hints, &res) == 0) {
-		port = ntohs(((struct sockaddr_in *)(res->ai_addr))->sin_port);
-		goto done;
-	}
-
-	if (strcmp(str, "http") == 0)
-		port = 80;
-	else if (strcmp(str, "telnet") == 0)
-		port = 23;
-	else if (strcmp(str, "socks") == 0)
-		port = 1080;
-	else if (strcmp(str, "https") == 0)
-		port = 443;
-	else if (strcmp(str, "ssl") == 0)
-		port = 443;
-	else if (strcmp(str, "ftp") == 0)
-		port = 21;
-	else if (strcmp(str, "gopher") == 0)
-		port = 70;
-	else {
-		SYSerr(SYS_F_GETSERVBYNAME, errno);
-		ERR_asprintf_error_data("service='%s'", str);
-		return (0);
-	}
-
-done:
-	if (res)
-		freeaddrinfo(res);
-	*port_ptr = (unsigned short)port;
-	return (1);
-}
-
-int
-BIO_sock_error(int sock)
-{
-	socklen_t len;
-	int err;
-
-	len = sizeof(err);
-	if (getsockopt(sock, SOL_SOCKET, SO_ERROR, &err, &len) != 0)
-		return (1);
-	return (err);
-}
-
-struct hostent *
-BIO_gethostbyname(const char *name)
-{
-	return gethostbyname(name);
-}
-
-int
-BIO_socket_ioctl(int fd, long type, void *arg)
-{
-	int ret;
-
-	ret = ioctl(fd, type, arg);
-	if (ret < 0)
-		SYSerr(SYS_F_IOCTLSOCKET, errno);
-	return (ret);
-}
-
-int
-BIO_get_accept_socket(char *host, int bind_mode)
-{
-	int ret = 0;
-	union {
-		struct sockaddr sa;
-		struct sockaddr_in sa_in;
-		struct sockaddr_in6 sa_in6;
-	} server, client;
-	int s = -1, cs, addrlen;
-	unsigned char ip[4];
-	unsigned short port;
-	char *str = NULL, *e;
-	char *h, *p;
-	unsigned long l;
-	int err_num;
-
-	if (host == NULL || (str = strdup(host)) == NULL)
-		return (-1);
-
-	h = p = NULL;
-	h = str;
-	for (e = str; *e; e++) {
-		if (*e == ':') {
-			p = e;
-		} else if (*e == '/') {
-			*e = '\0';
-			break;
-		}
-	}
-	/* points at last ':', '::port' is special [see below] */
-	if (p)
-		*p++ = '\0';
-	else
-		p = h, h = NULL;
-
-	do {
-		struct addrinfo *res, hint;
-
-		/*
-		 * '::port' enforces IPv6 wildcard listener. Some OSes,
-		 * e.g. Solaris, default to IPv6 without any hint. Also
-		 * note that commonly IPv6 wildchard socket can service
-		 * IPv4 connections just as well...
-		 */
-		memset(&hint, 0, sizeof(hint));
-		hint.ai_flags = AI_PASSIVE;
-		if (h) {
-			if (strchr(h, ':')) {
-				if (h[1] == '\0')
-					h = NULL;
-				hint.ai_family = AF_INET6;
-			} else if (h[0] == '*' && h[1] == '\0') {
-				hint.ai_family = AF_INET;
-				h = NULL;
-			}
-		}
-
-		if (getaddrinfo(h, p, &hint, &res))
-			break;
-
-		addrlen = res->ai_addrlen <= sizeof(server) ?
-		    res->ai_addrlen : sizeof(server);
-		memcpy(&server, res->ai_addr, addrlen);
-
-		freeaddrinfo(res);
-		goto again;
-	} while (0);
-
-	if (!BIO_get_port(p, &port))
-		goto err;
-
-	memset((char *)&server, 0, sizeof(server));
-	server.sa_in.sin_family = AF_INET;
-	server.sa_in.sin_port = htons(port);
-	addrlen = sizeof(server.sa_in);
-
-	if (h == NULL || strcmp(h, "*") == 0)
-		server.sa_in.sin_addr.s_addr = INADDR_ANY;
-	else {
-		if (!BIO_get_host_ip(h, &(ip[0])))
-			goto err;
-		l = (unsigned long)((unsigned long)ip[0]<<24L)|
-		    ((unsigned long)ip[1]<<16L)|
-		    ((unsigned long)ip[2]<< 8L)|
-		    ((unsigned long)ip[3]);
-		server.sa_in.sin_addr.s_addr = htonl(l);
-	}
-
-again:
-	s = socket(server.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
-	if (s == -1) {
-		SYSerr(SYS_F_SOCKET, errno);
-		ERR_asprintf_error_data("port='%s'", host);
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,
-		    BIO_R_UNABLE_TO_CREATE_SOCKET);
-		goto err;
-	}
-
-	if (bind_mode == BIO_BIND_REUSEADDR) {
-		int i = 1;
-
-		ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &i, sizeof(i));
-		bind_mode = BIO_BIND_NORMAL;
-	}
-	if (bind(s, &server.sa, addrlen) == -1) {
-		err_num = errno;
-		if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
-		    (err_num == EADDRINUSE)) {
-			client = server;
-			if (h == NULL || strcmp(h, "*") == 0) {
-				if (client.sa.sa_family == AF_INET6) {
-					memset(&client.sa_in6.sin6_addr, 0,
-					    sizeof(client.sa_in6.sin6_addr));
-					client.sa_in6.sin6_addr.s6_addr[15] = 1;
-				} else if (client.sa.sa_family == AF_INET) {
-					client.sa_in.sin_addr.s_addr =
-					    htonl(0x7F000001);
-				} else
-					goto err;
-			}
-			cs = socket(client.sa.sa_family, SOCK_STREAM, IPPROTO_TCP);
-			if (cs != -1) {
-				int ii;
-				ii = connect(cs, &client.sa, addrlen);
-				close(cs);
-				if (ii == -1) {
-					bind_mode = BIO_BIND_REUSEADDR;
-					close(s);
-					goto again;
-				}
-				/* else error */
-			}
-			/* else error */
-		}
-		SYSerr(SYS_F_BIND, err_num);
-		ERR_asprintf_error_data("port='%s'", host);
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,
-		    BIO_R_UNABLE_TO_BIND_SOCKET);
-		goto err;
-	}
-	if (listen(s, SOMAXCONN) == -1) {
-		SYSerr(SYS_F_BIND, errno);
-		ERR_asprintf_error_data("port='%s'", host);
-		BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,
-		    BIO_R_UNABLE_TO_LISTEN_SOCKET);
-		goto err;
-	}
-	ret = 1;
-err:
-	free(str);
-	if ((ret == 0) && (s != -1)) {
-		close(s);
-		s = -1;
-	}
-	return (s);
-}
-
-int
-BIO_accept(int sock, char **addr)
-{
-	int ret = -1;
-	unsigned long l;
-	unsigned short port;
-	char *p, *tmp;
-
-	struct {
-		socklen_t len;
-		union {
-			struct sockaddr sa;
-			struct sockaddr_in sa_in;
-			struct sockaddr_in6 sa_in6;
-		} from;
-	} sa;
-
-	sa.len = sizeof(sa.from);
-	memset(&sa.from, 0, sizeof(sa.from));
-	ret = accept(sock, &sa.from.sa, &sa.len);
-	if (ret == -1) {
-		if (BIO_sock_should_retry(ret))
-			return -2;
-		SYSerr(SYS_F_ACCEPT, errno);
-		BIOerr(BIO_F_BIO_ACCEPT, BIO_R_ACCEPT_ERROR);
-		goto end;
-	}
-
-	if (addr == NULL)
-		goto end;
-
-	do {
-		char   h[NI_MAXHOST], s[NI_MAXSERV];
-		size_t nl;
-
-		if (getnameinfo(&sa.from.sa, sa.len, h, sizeof(h),
-		    s, sizeof(s), NI_NUMERICHOST|NI_NUMERICSERV))
-			break;
-		nl = strlen(h) + strlen(s) + 2;
-		p = *addr;
-		if (p)
-			*p = '\0';
-		if (!(tmp = realloc(p, nl))) {
-			close(ret);
-			ret = -1;
-			free(p);
-			*addr = NULL;
-			BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
-			goto end;
-		}
-		p = tmp;
-		*addr = p;
-		snprintf(*addr, nl, "%s:%s", h, s);
-		goto end;
-	} while (0);
-	if (sa.from.sa.sa_family != AF_INET)
-		goto end;
-	l = ntohl(sa.from.sa_in.sin_addr.s_addr);
-	port = ntohs(sa.from.sa_in.sin_port);
-	if (*addr == NULL) {
-		if ((p = malloc(24)) == NULL) {
-			close(ret);
-			ret = -1;
-			BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
-			goto end;
-		}
-		*addr = p;
-	}
-	snprintf(*addr, 24, "%d.%d.%d.%d:%d",
-	    (unsigned char)(l >> 24L) & 0xff, (unsigned char)(l >> 16L) & 0xff,
-	    (unsigned char)(l >> 8L) & 0xff, (unsigned char)(l) & 0xff, port);
-
-end:
-	return (ret);
-}
-
-int
-BIO_set_tcp_ndelay(int s, int on)
-{
-	return (setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == 0);
-}
diff --git a/lib/libssl/src/crypto/bio/bf_buff.c b/lib/libssl/src/crypto/bio/bf_buff.c
deleted file mode 100644
index 588cc48a28c..00000000000
--- a/lib/libssl/src/crypto/bio/bf_buff.c
+++ /dev/null
@@ -1,520 +0,0 @@
-/* $OpenBSD: bf_buff.c,v 1.23 2015/07/19 18:29:31 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-static int buffer_write(BIO *h, const char *buf, int num);
-static int buffer_read(BIO *h, char *buf, int size);
-static int buffer_puts(BIO *h, const char *str);
-static int buffer_gets(BIO *h, char *str, int size);
-static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int buffer_new(BIO *h);
-static int buffer_free(BIO *data);
-static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define DEFAULT_BUFFER_SIZE	4096
-
-static BIO_METHOD methods_buffer = {
-	.type = BIO_TYPE_BUFFER,
-	.name = "buffer",
-	.bwrite = buffer_write,
-	.bread = buffer_read,
-	.bputs = buffer_puts,
-	.bgets = buffer_gets,
-	.ctrl = buffer_ctrl,
-	.create = buffer_new,
-	.destroy = buffer_free,
-	.callback_ctrl = buffer_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_buffer(void)
-{
-	return (&methods_buffer);
-}
-
-static int
-buffer_new(BIO *bi)
-{
-	BIO_F_BUFFER_CTX *ctx;
-
-	ctx = malloc(sizeof(BIO_F_BUFFER_CTX));
-	if (ctx == NULL)
-		return (0);
-	ctx->ibuf = malloc(DEFAULT_BUFFER_SIZE);
-	if (ctx->ibuf == NULL) {
-		free(ctx);
-		return (0);
-	}
-	ctx->obuf = malloc(DEFAULT_BUFFER_SIZE);
-	if (ctx->obuf == NULL) {
-		free(ctx->ibuf);
-		free(ctx);
-		return (0);
-	}
-	ctx->ibuf_size = DEFAULT_BUFFER_SIZE;
-	ctx->obuf_size = DEFAULT_BUFFER_SIZE;
-	ctx->ibuf_len = 0;
-	ctx->ibuf_off = 0;
-	ctx->obuf_len = 0;
-	ctx->obuf_off = 0;
-
-	bi->init = 1;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-buffer_free(BIO *a)
-{
-	BIO_F_BUFFER_CTX *b;
-
-	if (a == NULL)
-		return (0);
-	b = (BIO_F_BUFFER_CTX *)a->ptr;
-	free(b->ibuf);
-	free(b->obuf);
-	free(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-buffer_read(BIO *b, char *out, int outl)
-{
-	int i, num = 0;
-	BIO_F_BUFFER_CTX *ctx;
-
-	if (out == NULL)
-		return (0);
-	ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-	num = 0;
-	BIO_clear_retry_flags(b);
-
-start:
-	i = ctx->ibuf_len;
-	/* If there is stuff left over, grab it */
-	if (i != 0) {
-		if (i > outl)
-			i = outl;
-		memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i);
-		ctx->ibuf_off += i;
-		ctx->ibuf_len -= i;
-		num += i;
-		if (outl == i)
-			return (num);
-		outl -= i;
-		out += i;
-	}
-
-	/* We may have done a partial read. try to do more.
-	 * We have nothing in the buffer.
-	 * If we get an error and have read some data, just return it
-	 * and let them retry to get the error again.
-	 * copy direct to parent address space */
-	if (outl > ctx->ibuf_size) {
-		for (;;) {
-			i = BIO_read(b->next_bio, out, outl);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-				if (i < 0)
-					return ((num > 0) ? num : i);
-				if (i == 0)
-					return (num);
-			}
-			num += i;
-			if (outl == i)
-				return (num);
-			out += i;
-			outl -= i;
-		}
-	}
-	/* else */
-
-	/* we are going to be doing some buffering */
-	i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
-	if (i <= 0) {
-		BIO_copy_next_retry(b);
-		if (i < 0)
-			return ((num > 0) ? num : i);
-		if (i == 0)
-			return (num);
-	}
-	ctx->ibuf_off = 0;
-	ctx->ibuf_len = i;
-
-	/* Lets re-read using ourselves :-) */
-	goto start;
-}
-
-static int
-buffer_write(BIO *b, const char *in, int inl)
-{
-	int i, num = 0;
-	BIO_F_BUFFER_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-	ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-
-	BIO_clear_retry_flags(b);
-start:
-	i = ctx->obuf_size - (ctx->obuf_len + ctx->obuf_off);
-	/* add to buffer and return */
-	if (i >= inl) {
-		memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, inl);
-		ctx->obuf_len += inl;
-		return (num + inl);
-	}
-	/* else */
-	/* stuff already in buffer, so add to it first, then flush */
-	if (ctx->obuf_len != 0) {
-		if (i > 0) /* lets fill it up if we can */
-		{
-			memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, i);
-			in += i;
-			inl -= i;
-			num += i;
-			ctx->obuf_len += i;
-		}
-		/* we now have a full buffer needing flushing */
-		for (;;) {
-			i = BIO_write(b->next_bio, &(ctx->obuf[ctx->obuf_off]),
-			    ctx->obuf_len);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-
-				if (i < 0)
-					return ((num > 0) ? num : i);
-				if (i == 0)
-					return (num);
-			}
-			ctx->obuf_off += i;
-			ctx->obuf_len -= i;
-			if (ctx->obuf_len == 0)
-				break;
-		}
-	}
-	/* we only get here if the buffer has been flushed and we
-	 * still have stuff to write */
-	ctx->obuf_off = 0;
-
-	/* we now have inl bytes to write */
-	while (inl >= ctx->obuf_size) {
-		i = BIO_write(b->next_bio, in, inl);
-		if (i <= 0) {
-			BIO_copy_next_retry(b);
-			if (i < 0)
-				return ((num > 0) ? num : i);
-			if (i == 0)
-				return (num);
-		}
-		num += i;
-		in += i;
-		inl -= i;
-		if (inl == 0)
-			return (num);
-	}
-
-	/* copy the rest into the buffer since we have only a small
-	 * amount left */
-	goto start;
-}
-
-static long
-buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO *dbio;
-	BIO_F_BUFFER_CTX *ctx;
-	long ret = 1;
-	char *p1, *p2;
-	int r, i, *ip;
-	int ibs, obs;
-
-	ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ctx->ibuf_off = 0;
-		ctx->ibuf_len = 0;
-		ctx->obuf_off = 0;
-		ctx->obuf_len = 0;
-		if (b->next_bio == NULL)
-			return (0);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_INFO:
-		ret = (long)ctx->obuf_len;
-		break;
-	case BIO_C_GET_BUFF_NUM_LINES:
-		ret = 0;
-		p1 = ctx->ibuf;
-		for (i = 0; i < ctx->ibuf_len; i++) {
-			if (p1[ctx->ibuf_off + i] == '\n')
-				ret++;
-		}
-		break;
-	case BIO_CTRL_WPENDING:
-		ret = (long)ctx->obuf_len;
-		if (ret == 0) {
-			if (b->next_bio == NULL)
-				return (0);
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		}
-		break;
-	case BIO_CTRL_PENDING:
-		ret = (long)ctx->ibuf_len;
-		if (ret == 0) {
-			if (b->next_bio == NULL)
-				return (0);
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		}
-		break;
-	case BIO_C_SET_BUFF_READ_DATA:
-		if (num > ctx->ibuf_size) {
-			p1 = malloc(num);
-			if (p1 == NULL)
-				goto malloc_error;
-			free(ctx->ibuf);
-			ctx->ibuf = p1;
-		}
-		ctx->ibuf_off = 0;
-		ctx->ibuf_len = (int)num;
-		memcpy(ctx->ibuf, ptr, num);
-		ret = 1;
-		break;
-	case BIO_C_SET_BUFF_SIZE:
-		if (ptr != NULL) {
-			ip = (int *)ptr;
-			if (*ip == 0) {
-				ibs = (int)num;
-				obs = ctx->obuf_size;
-			}
-			else /* if (*ip == 1) */
-			{
-				ibs = ctx->ibuf_size;
-				obs = (int)num;
-			}
-		} else {
-			ibs = (int)num;
-			obs = (int)num;
-		}
-		p1 = ctx->ibuf;
-		p2 = ctx->obuf;
-		if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) {
-			p1 = malloc(num);
-			if (p1 == NULL)
-				goto malloc_error;
-		}
-		if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) {
-			p2 = malloc(num);
-			if (p2 == NULL) {
-				if (p1 != ctx->ibuf)
-					free(p1);
-				goto malloc_error;
-			}
-		}
-		if (ctx->ibuf != p1) {
-			free(ctx->ibuf);
-			ctx->ibuf = p1;
-			ctx->ibuf_off = 0;
-			ctx->ibuf_len = 0;
-			ctx->ibuf_size = ibs;
-		}
-		if (ctx->obuf != p2) {
-			free(ctx->obuf);
-			ctx->obuf = p2;
-			ctx->obuf_off = 0;
-			ctx->obuf_len = 0;
-			ctx->obuf_size = obs;
-		}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		if (b->next_bio == NULL)
-			return (0);
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (b->next_bio == NULL)
-			return (0);
-		if (ctx->obuf_len <= 0) {
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-			break;
-		}
-
-		for (;;) {
-			BIO_clear_retry_flags(b);
-			if (ctx->obuf_len > 0) {
-				r = BIO_write(b->next_bio,
-				    &(ctx->obuf[ctx->obuf_off]),
-				    ctx->obuf_len);
-				BIO_copy_next_retry(b);
-				if (r <= 0)
-					return ((long)r);
-				ctx->obuf_off += r;
-				ctx->obuf_len -= r;
-			} else {
-				ctx->obuf_len = 0;
-				ctx->obuf_off = 0;
-				break;
-			}
-		}
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_DUP:
-		dbio = (BIO *)ptr;
-		if (!BIO_set_read_buffer_size(dbio, ctx->ibuf_size) ||
-		    !BIO_set_write_buffer_size(dbio, ctx->obuf_size))
-			ret = 0;
-		break;
-	default:
-		if (b->next_bio == NULL)
-			return (0);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-malloc_error:
-	BIOerr(BIO_F_BUFFER_CTRL, ERR_R_MALLOC_FAILURE);
-	return (0);
-}
-
-static long
-buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-buffer_gets(BIO *b, char *buf, int size)
-{
-	BIO_F_BUFFER_CTX *ctx;
-	int num = 0, i, flag;
-	char *p;
-
-	ctx = (BIO_F_BUFFER_CTX *)b->ptr;
-	size--; /* reserve space for a '\0' */
-	BIO_clear_retry_flags(b);
-
-	for (;;) {
-		if (ctx->ibuf_len > 0) {
-			p = &(ctx->ibuf[ctx->ibuf_off]);
-			flag = 0;
-			for (i = 0; (i < ctx->ibuf_len) && (i < size); i++) {
-				*(buf++) = p[i];
-				if (p[i] == '\n') {
-					flag = 1;
-					i++;
-					break;
-				}
-			}
-			num += i;
-			size -= i;
-			ctx->ibuf_len -= i;
-			ctx->ibuf_off += i;
-			if (flag || size == 0) {
-				*buf = '\0';
-				return (num);
-			}
-		}
-		else	/* read another chunk */
-		{
-			i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-				*buf = '\0';
-				if (i < 0)
-					return ((num > 0) ? num : i);
-				if (i == 0)
-					return (num);
-			}
-			ctx->ibuf_len = i;
-			ctx->ibuf_off = 0;
-		}
-	}
-}
-
-static int
-buffer_puts(BIO *b, const char *str)
-{
-	return (buffer_write(b, str, strlen(str)));
-}
diff --git a/lib/libssl/src/crypto/bio/bf_lbuf.c b/lib/libssl/src/crypto/bio/bf_lbuf.c
deleted file mode 100644
index 7978fdb347a..00000000000
--- a/lib/libssl/src/crypto/bio/bf_lbuf.c
+++ /dev/null
@@ -1,377 +0,0 @@
-/* $OpenBSD: bf_lbuf.c,v 1.13 2015/07/19 18:29:31 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-
-static int linebuffer_write(BIO *h, const char *buf, int num);
-static int linebuffer_read(BIO *h, char *buf, int size);
-static int linebuffer_puts(BIO *h, const char *str);
-static int linebuffer_gets(BIO *h, char *str, int size);
-static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int linebuffer_new(BIO *h);
-static int linebuffer_free(BIO *data);
-static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-/* A 10k maximum should be enough for most purposes */
-#define DEFAULT_LINEBUFFER_SIZE	1024*10
-
-/* #define DEBUG */
-
-static BIO_METHOD methods_linebuffer = {
-	.type = BIO_TYPE_LINEBUFFER,
-	.name = "linebuffer",
-	.bwrite = linebuffer_write,
-	.bread = linebuffer_read,
-	.bputs = linebuffer_puts,
-	.bgets = linebuffer_gets,
-	.ctrl = linebuffer_ctrl,
-	.create = linebuffer_new,
-	.destroy = linebuffer_free,
-	.callback_ctrl = linebuffer_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_linebuffer(void)
-{
-	return (&methods_linebuffer);
-}
-
-typedef struct bio_linebuffer_ctx_struct {
-	char *obuf;		/* the output char array */
-	int obuf_size;		/* how big is the output buffer */
-	int obuf_len;		/* how many bytes are in it */
-} BIO_LINEBUFFER_CTX;
-
-static int
-linebuffer_new(BIO *bi)
-{
-	BIO_LINEBUFFER_CTX *ctx;
-
-	ctx = malloc(sizeof(BIO_LINEBUFFER_CTX));
-	if (ctx == NULL)
-		return (0);
-	ctx->obuf = malloc(DEFAULT_LINEBUFFER_SIZE);
-	if (ctx->obuf == NULL) {
-		free(ctx);
-		return (0);
-	}
-	ctx->obuf_size = DEFAULT_LINEBUFFER_SIZE;
-	ctx->obuf_len = 0;
-
-	bi->init = 1;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-linebuffer_free(BIO *a)
-{
-	BIO_LINEBUFFER_CTX *b;
-
-	if (a == NULL)
-		return (0);
-	b = (BIO_LINEBUFFER_CTX *)a->ptr;
-	free(b->obuf);
-	free(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-linebuffer_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-
-	if (out == NULL)
-		return (0);
-	if (b->next_bio == NULL)
-		return (0);
-	ret = BIO_read(b->next_bio, out, outl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static int
-linebuffer_write(BIO *b, const char *in, int inl)
-{
-	int i, num = 0, foundnl;
-	BIO_LINEBUFFER_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-	ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-
-	BIO_clear_retry_flags(b);
-
-	do {
-		const char *p;
-
-		for (p = in; p < in + inl && *p != '\n'; p++)
-			;
-		if (*p == '\n') {
-			p++;
-			foundnl = 1;
-		} else
-			foundnl = 0;
-
-		/* If a NL was found and we already have text in the save
-		   buffer, concatenate them and write */
-		while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len) &&
-		    ctx->obuf_len > 0) {
-			int orig_olen = ctx->obuf_len;
-
-			i = ctx->obuf_size - ctx->obuf_len;
-			if (p - in > 0) {
-				if (i >= p - in) {
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-					    in, p - in);
-					ctx->obuf_len += p - in;
-					inl -= p - in;
-					num += p - in;
-					in = p;
-				} else {
-					memcpy(&(ctx->obuf[ctx->obuf_len]),
-					    in, i);
-					ctx->obuf_len += i;
-					inl -= i;
-					in += i;
-					num += i;
-				}
-			}
-
-			i = BIO_write(b->next_bio, ctx->obuf, ctx->obuf_len);
-			if (i <= 0) {
-				ctx->obuf_len = orig_olen;
-				BIO_copy_next_retry(b);
-				if (i < 0)
-					return ((num > 0) ? num : i);
-				if (i == 0)
-					return (num);
-			}
-			if (i < ctx->obuf_len)
-				memmove(ctx->obuf, ctx->obuf + i,
-				    ctx->obuf_len - i);
-			ctx->obuf_len -= i;
-		}
-
-		/* Now that the save buffer is emptied, let's write the input
-		   buffer if a NL was found and there is anything to write. */
-		if ((foundnl || p - in > ctx->obuf_size) && p - in > 0) {
-			i = BIO_write(b->next_bio, in, p - in);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-				if (i < 0)
-					return ((num > 0) ? num : i);
-				if (i == 0)
-					return (num);
-			}
-			num += i;
-			in += i;
-			inl -= i;
-		}
-	} while (foundnl && inl > 0);
-	/* We've written as much as we can.  The rest of the input buffer, if
-	   any, is text that doesn't and with a NL and therefore needs to be
-	   saved for the next trip. */
-	if (inl > 0) {
-		memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
-		ctx->obuf_len += inl;
-		num += inl;
-	}
-	return num;
-}
-
-static long
-linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO *dbio;
-	BIO_LINEBUFFER_CTX *ctx;
-	long ret = 1;
-	char *p;
-	int r;
-	int obs;
-
-	ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ctx->obuf_len = 0;
-		if (b->next_bio == NULL)
-			return (0);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_INFO:
-		ret = (long)ctx->obuf_len;
-		break;
-	case BIO_CTRL_WPENDING:
-		ret = (long)ctx->obuf_len;
-		if (ret == 0) {
-			if (b->next_bio == NULL)
-				return (0);
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		}
-		break;
-	case BIO_C_SET_BUFF_SIZE:
-		obs = (int)num;
-		p = ctx->obuf;
-		if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) {
-			p = malloc(num);
-			if (p == NULL)
-				goto malloc_error;
-		}
-		if (ctx->obuf != p) {
-			if (ctx->obuf_len > obs) {
-				ctx->obuf_len = obs;
-			}
-			memcpy(p, ctx->obuf, ctx->obuf_len);
-			free(ctx->obuf);
-			ctx->obuf = p;
-			ctx->obuf_size = obs;
-		}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		if (b->next_bio == NULL)
-			return (0);
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_FLUSH:
-		if (b->next_bio == NULL)
-			return (0);
-		if (ctx->obuf_len <= 0) {
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-			break;
-		}
-
-		for (;;) {
-			BIO_clear_retry_flags(b);
-			if (ctx->obuf_len > 0) {
-				r = BIO_write(b->next_bio,
-				    ctx->obuf, ctx->obuf_len);
-				BIO_copy_next_retry(b);
-				if (r <= 0)
-					return ((long)r);
-				if (r < ctx->obuf_len)
-					memmove(ctx->obuf, ctx->obuf + r,
-					    ctx->obuf_len - r);
-				ctx->obuf_len -= r;
-			} else {
-				ctx->obuf_len = 0;
-				ret = 1;
-				break;
-			}
-		}
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_DUP:
-		dbio = (BIO *)ptr;
-		if (!BIO_set_write_buffer_size(dbio, ctx->obuf_size))
-			ret = 0;
-		break;
-	default:
-		if (b->next_bio == NULL)
-			return (0);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-malloc_error:
-	BIOerr(BIO_F_LINEBUFFER_CTRL, ERR_R_MALLOC_FAILURE);
-	return (0);
-}
-
-static long
-linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-linebuffer_gets(BIO *b, char *buf, int size)
-{
-	if (b->next_bio == NULL)
-		return (0);
-	return (BIO_gets(b->next_bio, buf, size));
-}
-
-static int
-linebuffer_puts(BIO *b, const char *str)
-{
-	return (linebuffer_write(b, str, strlen(str)));
-}
diff --git a/lib/libssl/src/crypto/bio/bf_nbio.c b/lib/libssl/src/crypto/bio/bf_nbio.c
deleted file mode 100644
index 24e2e7e8b99..00000000000
--- a/lib/libssl/src/crypto/bio/bf_nbio.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/* $OpenBSD: bf_nbio.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/bio.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nbiof_write(BIO *h, const char *buf, int num);
-static int nbiof_read(BIO *h, char *buf, int size);
-static int nbiof_puts(BIO *h, const char *str);
-static int nbiof_gets(BIO *h, char *str, int size);
-static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nbiof_new(BIO *h);
-static int nbiof_free(BIO *data);
-static long nbiof_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-typedef struct nbio_test_st {
-	/* only set if we sent a 'should retry' error */
-	int lrn;
-	int lwn;
-} NBIO_TEST;
-
-static BIO_METHOD methods_nbiof = {
-	.type = BIO_TYPE_NBIO_TEST,
-	.name = "non-blocking IO test filter",
-	.bwrite = nbiof_write,
-	.bread = nbiof_read,
-	.bputs = nbiof_puts,
-	.bgets = nbiof_gets,
-	.ctrl = nbiof_ctrl,
-	.create = nbiof_new,
-	.destroy = nbiof_free,
-	.callback_ctrl = nbiof_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_nbio_test(void)
-{
-	return (&methods_nbiof);
-}
-
-static int
-nbiof_new(BIO *bi)
-{
-	NBIO_TEST *nt;
-
-	if (!(nt = malloc(sizeof(NBIO_TEST))))
-		return (0);
-	nt->lrn = -1;
-	nt->lwn = -1;
-	bi->ptr = (char *)nt;
-	bi->init = 1;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-nbiof_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	free(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-nbiof_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-	int num;
-	unsigned char n;
-
-	if (out == NULL)
-		return (0);
-	if (b->next_bio == NULL)
-		return (0);
-
-	BIO_clear_retry_flags(b);
-
-	arc4random_buf(&n, 1);
-	num = (n & 0x07);
-
-	if (outl > num)
-		outl = num;
-
-	if (num == 0) {
-		ret = -1;
-		BIO_set_retry_read(b);
-	} else {
-		ret = BIO_read(b->next_bio, out, outl);
-		if (ret < 0)
-			BIO_copy_next_retry(b);
-	}
-	return (ret);
-}
-
-static int
-nbiof_write(BIO *b, const char *in, int inl)
-{
-	NBIO_TEST *nt;
-	int ret = 0;
-	int num;
-	unsigned char n;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-	if (b->next_bio == NULL)
-		return (0);
-	nt = (NBIO_TEST *)b->ptr;
-
-	BIO_clear_retry_flags(b);
-
-	if (nt->lwn > 0) {
-		num = nt->lwn;
-		nt->lwn = 0;
-	} else {
-		arc4random_buf(&n, 1);
-		num = (n&7);
-	}
-
-	if (inl > num)
-		inl = num;
-
-	if (num == 0) {
-		ret = -1;
-		BIO_set_retry_write(b);
-	} else {
-		ret = BIO_write(b->next_bio, in, inl);
-		if (ret < 0) {
-			BIO_copy_next_retry(b);
-			nt->lwn = inl;
-		}
-	}
-	return (ret);
-}
-
-static long
-nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_DUP:
-		ret = 0L;
-		break;
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-}
-
-static long
-nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-nbiof_gets(BIO *bp, char *buf, int size)
-{
-	if (bp->next_bio == NULL)
-		return (0);
-	return (BIO_gets(bp->next_bio, buf, size));
-}
-
-static int
-nbiof_puts(BIO *bp, const char *str)
-{
-	if (bp->next_bio == NULL)
-		return (0);
-	return (BIO_puts(bp->next_bio, str));
-}
diff --git a/lib/libssl/src/crypto/bio/bf_null.c b/lib/libssl/src/crypto/bio/bf_null.c
deleted file mode 100644
index 09d54b6b219..00000000000
--- a/lib/libssl/src/crypto/bio/bf_null.c
+++ /dev/null
@@ -1,196 +0,0 @@
-/* $OpenBSD: bf_null.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include <openssl/bio.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int nullf_write(BIO *h, const char *buf, int num);
-static int nullf_read(BIO *h, char *buf, int size);
-static int nullf_puts(BIO *h, const char *str);
-static int nullf_gets(BIO *h, char *str, int size);
-static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int nullf_new(BIO *h);
-static int nullf_free(BIO *data);
-static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static BIO_METHOD methods_nullf = {
-	.type = BIO_TYPE_NULL_FILTER,
-	.name = "NULL filter",
-	.bwrite = nullf_write,
-	.bread = nullf_read,
-	.bputs = nullf_puts,
-	.bgets = nullf_gets,
-	.ctrl = nullf_ctrl,
-	.create = nullf_new,
-	.destroy = nullf_free,
-	.callback_ctrl = nullf_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_null(void)
-{
-	return (&methods_nullf);
-}
-
-static int
-nullf_new(BIO *bi)
-{
-	bi->init = 1;
-	bi->ptr = NULL;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-nullf_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-/*	a->ptr=NULL;
-	a->init=0;
-	a->flags=0;*/
-	return (1);
-}
-
-static int
-nullf_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-
-	if (out == NULL)
-		return (0);
-	if (b->next_bio == NULL)
-		return (0);
-	ret = BIO_read(b->next_bio, out, outl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static int
-nullf_write(BIO *b, const char *in, int inl)
-{
-	int ret = 0;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-	if (b->next_bio == NULL)
-		return (0);
-	ret = BIO_write(b->next_bio, in, inl);
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static long
-nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_DUP:
-		ret = 0L;
-		break;
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-	}
-	return (ret);
-}
-
-static long
-nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-nullf_gets(BIO *bp, char *buf, int size)
-{
-	if (bp->next_bio == NULL)
-		return (0);
-	return (BIO_gets(bp->next_bio, buf, size));
-}
-
-static int
-nullf_puts(BIO *bp, const char *str)
-{
-	if (bp->next_bio == NULL)
-		return (0);
-	return (BIO_puts(bp->next_bio, str));
-}
diff --git a/lib/libssl/src/crypto/bio/bio.h b/lib/libssl/src/crypto/bio/bio.h
deleted file mode 100644
index 52433670732..00000000000
--- a/lib/libssl/src/crypto/bio/bio.h
+++ /dev/null
@@ -1,774 +0,0 @@
-/* $OpenBSD: bio.h,v 1.29 2015/06/20 01:17:27 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BIO_H
-#define HEADER_BIO_H
-#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
-#define __bounded__(x, y, z)
-#endif
-#include <openssl/opensslconf.h>
-
-# include <stdio.h>
-#include <stdarg.h>
-
-#include <openssl/crypto.h>
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These are the 'types' of BIOs */
-#define BIO_TYPE_NONE		0
-#define BIO_TYPE_MEM		(1|0x0400)
-#define BIO_TYPE_FILE		(2|0x0400)
-
-#define BIO_TYPE_FD		(4|0x0400|0x0100)
-#define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
-#define BIO_TYPE_NULL		(6|0x0400)
-#define BIO_TYPE_SSL		(7|0x0200)
-#define BIO_TYPE_MD		(8|0x0200)		/* passive filter */
-#define BIO_TYPE_BUFFER		(9|0x0200)		/* filter */
-#define BIO_TYPE_CIPHER		(10|0x0200)		/* filter */
-#define BIO_TYPE_BASE64		(11|0x0200)		/* filter */
-#define BIO_TYPE_CONNECT	(12|0x0400|0x0100)	/* socket - connect */
-#define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)	/* socket for accept */
-#define BIO_TYPE_PROXY_CLIENT	(14|0x0200)		/* client proxy BIO */
-#define BIO_TYPE_PROXY_SERVER	(15|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NBIO_TEST	(16|0x0200)		/* server proxy BIO */
-#define BIO_TYPE_NULL_FILTER	(17|0x0200)
-#define BIO_TYPE_BER		(18|0x0200)		/* BER -> bin filter */
-#define BIO_TYPE_BIO		(19|0x0400)		/* (half a) BIO pair */
-#define BIO_TYPE_LINEBUFFER	(20|0x0200)		/* filter */
-#define BIO_TYPE_DGRAM		(21|0x0400|0x0100)
-#define BIO_TYPE_ASN1 		(22|0x0200)		/* filter */
-#define BIO_TYPE_COMP 		(23|0x0200)		/* filter */
-
-#define BIO_TYPE_DESCRIPTOR	0x0100	/* socket, fd, connect or accept */
-#define BIO_TYPE_FILTER		0x0200
-#define BIO_TYPE_SOURCE_SINK	0x0400
-
-/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
- * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
-#define BIO_NOCLOSE		0x00
-#define BIO_CLOSE		0x01
-
-/* These are used in the following macros and are passed to
- * BIO_ctrl() */
-#define BIO_CTRL_RESET		1  /* opt - rewind/zero etc */
-#define BIO_CTRL_EOF		2  /* opt - are we at the eof */
-#define BIO_CTRL_INFO		3  /* opt - extra tit-bits */
-#define BIO_CTRL_SET		4  /* man - set the 'IO' type */
-#define BIO_CTRL_GET		5  /* man - get the 'IO' type */
-#define BIO_CTRL_PUSH		6  /* opt - internal, used to signify change */
-#define BIO_CTRL_POP		7  /* opt - internal, used to signify change */
-#define BIO_CTRL_GET_CLOSE	8  /* man - set the 'close' on free */
-#define BIO_CTRL_SET_CLOSE	9  /* man - set the 'close' on free */
-#define BIO_CTRL_PENDING	10  /* opt - is their more data buffered */
-#define BIO_CTRL_FLUSH		11  /* opt - 'flush' buffered output */
-#define BIO_CTRL_DUP		12  /* man - extra stuff for 'duped' BIO */
-#define BIO_CTRL_WPENDING	13  /* opt - number of bytes still to write */
-/* callback is int cb(BIO *bio,state,ret); */
-#define BIO_CTRL_SET_CALLBACK	14  /* opt - set callback function */
-#define BIO_CTRL_GET_CALLBACK	15  /* opt - set callback function */
-
-#define BIO_CTRL_SET_FILENAME	30	/* BIO_s_file special */
-
-/* dgram BIO stuff */
-#define BIO_CTRL_DGRAM_CONNECT       31  /* BIO dgram special */
-#define BIO_CTRL_DGRAM_SET_CONNECTED 32  /* allow for an externally
-					  * connected socket to be
-					  * passed in */ 
-#define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34 /* getsockopt, essentially */
-#define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35 /* setsockopt, essentially */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36 /* getsockopt, essentially */
-
-#define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37 /* flag whether the last */
-#define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38 /* I/O operation tiemd out */
-
-/* #ifdef IP_MTU_DISCOVER */
-#define BIO_CTRL_DGRAM_MTU_DISCOVER       39 /* set DF bit on egress packets */
-/* #endif */
-
-#define BIO_CTRL_DGRAM_QUERY_MTU          40 /* as kernel for current MTU */
-#define BIO_CTRL_DGRAM_GET_FALLBACK_MTU   47
-#define BIO_CTRL_DGRAM_GET_MTU            41 /* get cached value for MTU */
-#define BIO_CTRL_DGRAM_SET_MTU            42 /* set cached value for
-					      * MTU. want to use this
-					      * if asking the kernel
-					      * fails */
-
-#define BIO_CTRL_DGRAM_MTU_EXCEEDED       43 /* check whether the MTU
-					      * was exceed in the
-					      * previous write
-					      * operation */
-
-#define BIO_CTRL_DGRAM_GET_PEER           46
-#define BIO_CTRL_DGRAM_SET_PEER           44 /* Destination for the data */
-
-#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT   45 /* Next DTLS handshake timeout to
-                                              * adjust socket timeouts */
-
-
-/* modifiers */
-#define BIO_FP_READ		0x02
-#define BIO_FP_WRITE		0x04
-#define BIO_FP_APPEND		0x08
-#define BIO_FP_TEXT		0x10
-
-#define BIO_FLAGS_READ		0x01
-#define BIO_FLAGS_WRITE		0x02
-#define BIO_FLAGS_IO_SPECIAL	0x04
-#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
-#define BIO_FLAGS_SHOULD_RETRY	0x08
-
-/* Used in BIO_gethostbyname() */
-#define BIO_GHBN_CTRL_HITS		1
-#define BIO_GHBN_CTRL_MISSES		2
-#define BIO_GHBN_CTRL_CACHE_SIZE	3
-#define BIO_GHBN_CTRL_GET_ENTRY		4
-#define BIO_GHBN_CTRL_FLUSH		5
-
-/* Mostly used in the SSL BIO */
-/* Not used anymore
- * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
- * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
- * #define BIO_FLAGS_PROTOCOL_STARTUP	0x40
- */
-
-#define BIO_FLAGS_BASE64_NO_NL	0x100
-
-/* This is used with memory BIOs: it means we shouldn't free up or change the
- * data in any way.
- */
-#define BIO_FLAGS_MEM_RDONLY	0x200
-
-typedef struct bio_st BIO;
-
-void BIO_set_flags(BIO *b, int flags);
-int  BIO_test_flags(const BIO *b, int flags);
-void BIO_clear_flags(BIO *b, int flags);
-
-#define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
-#define BIO_set_retry_special(b) \
-		BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_read(b) \
-		BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_set_retry_write(b) \
-		BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
-
-/* These are normally used internally in BIOs */
-#define BIO_clear_retry_flags(b) \
-		BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-#define BIO_get_retry_flags(b) \
-		BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
-
-/* These should be used by the application to tell why we should retry */
-#define BIO_should_read(a)		BIO_test_flags(a, BIO_FLAGS_READ)
-#define BIO_should_write(a)		BIO_test_flags(a, BIO_FLAGS_WRITE)
-#define BIO_should_io_special(a)	BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
-#define BIO_retry_type(a)		BIO_test_flags(a, BIO_FLAGS_RWS)
-#define BIO_should_retry(a)		BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
-
-/* The next three are used in conjunction with the
- * BIO_should_io_special() condition.  After this returns true,
- * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO 
- * stack and return the 'reason' for the special and the offending BIO.
- * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
-/* Returned from the SSL bio when the certificate retrieval code had an error */
-#define BIO_RR_SSL_X509_LOOKUP		0x01
-/* Returned from the connect BIO when a connect would have blocked */
-#define BIO_RR_CONNECT			0x02
-/* Returned from the accept BIO when an accept would have blocked */
-#define BIO_RR_ACCEPT			0x03
-
-/* These are passed by the BIO callback */
-#define BIO_CB_FREE	0x01
-#define BIO_CB_READ	0x02
-#define BIO_CB_WRITE	0x03
-#define BIO_CB_PUTS	0x04
-#define BIO_CB_GETS	0x05
-#define BIO_CB_CTRL	0x06
-
-/* The callback is called before and after the underling operation,
- * The BIO_CB_RETURN flag indicates if it is after the call */
-#define BIO_CB_RETURN	0x80
-#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
-#define BIO_cb_pre(a)	(!((a)&BIO_CB_RETURN))
-#define BIO_cb_post(a)	((a)&BIO_CB_RETURN)
-
-long (*BIO_get_callback(const BIO *b))(struct bio_st *, int, const char *,
-    int, long, long);
-void BIO_set_callback(BIO *b,
-    long (*callback)(struct bio_st *, int, const char *, int, long, long));
-char *BIO_get_callback_arg(const BIO *b);
-void BIO_set_callback_arg(BIO *b, char *arg);
-
-const char * BIO_method_name(const BIO *b);
-int BIO_method_type(const BIO *b);
-
-typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
-
-typedef struct bio_method_st {
-	int type;
-	const char *name;
-	int (*bwrite)(BIO *, const char *, int);
-	int (*bread)(BIO *, char *, int);
-	int (*bputs)(BIO *, const char *);
-	int (*bgets)(BIO *, char *, int);
-	long (*ctrl)(BIO *, int, long, void *);
-	int (*create)(BIO *);
-	int (*destroy)(BIO *);
-	long (*callback_ctrl)(BIO *, int, bio_info_cb *);
-} BIO_METHOD;
-
-struct bio_st {
-	BIO_METHOD *method;
-	/* bio, mode, argp, argi, argl, ret */
-	long (*callback)(struct bio_st *, int, const char *, int, long, long);
-	char *cb_arg; /* first argument for the callback */
-
-	int init;
-	int shutdown;
-	int flags;	/* extra storage */
-	int retry_reason;
-	int num;
-	void *ptr;
-	struct bio_st *next_bio;	/* used by filter BIOs */
-	struct bio_st *prev_bio;	/* used by filter BIOs */
-	int references;
-	unsigned long num_read;
-	unsigned long num_write;
-
-	CRYPTO_EX_DATA ex_data;
-};
-
-DECLARE_STACK_OF(BIO)
-
-typedef struct bio_f_buffer_ctx_struct {
-	/* Buffers are setup like this:
-	 *
-	 * <---------------------- size ----------------------->
-	 * +---------------------------------------------------+
-	 * | consumed | remaining          | free space        |
-	 * +---------------------------------------------------+
-	 * <-- off --><------- len ------->
-	 */
-
-	/* BIO *bio; */ /* this is now in the BIO struct */
-	int ibuf_size;	/* how big is the input buffer */
-	int obuf_size;	/* how big is the output buffer */
-
-	char *ibuf;	/* the char array */
-	int ibuf_len;	/* how many bytes are in it */
-	int ibuf_off;	/* write/read offset */
-
-	char *obuf;	/* the char array */
-	int obuf_len;	/* how many bytes are in it */
-	int obuf_off;	/* write/read offset */
-} BIO_F_BUFFER_CTX;
-
-/* Prefix and suffix callback in ASN1 BIO */
-typedef int asn1_ps_func(BIO *b, unsigned char **pbuf, int *plen, void *parg);
-
-
-/* connect BIO stuff */
-#define BIO_CONN_S_BEFORE		1
-#define BIO_CONN_S_GET_IP		2
-#define BIO_CONN_S_GET_PORT		3
-#define BIO_CONN_S_CREATE_SOCKET	4
-#define BIO_CONN_S_CONNECT		5
-#define BIO_CONN_S_OK			6
-#define BIO_CONN_S_BLOCKED_CONNECT	7
-#define BIO_CONN_S_NBIO			8
-/*#define BIO_CONN_get_param_hostname	BIO_ctrl */
-
-#define BIO_C_SET_CONNECT			100
-#define BIO_C_DO_STATE_MACHINE			101
-#define BIO_C_SET_NBIO				102
-#define BIO_C_SET_PROXY_PARAM			103
-#define BIO_C_SET_FD				104
-#define BIO_C_GET_FD				105
-#define BIO_C_SET_FILE_PTR			106
-#define BIO_C_GET_FILE_PTR			107
-#define BIO_C_SET_FILENAME			108
-#define BIO_C_SET_SSL				109
-#define BIO_C_GET_SSL				110
-#define BIO_C_SET_MD				111
-#define BIO_C_GET_MD				112
-#define BIO_C_GET_CIPHER_STATUS			113
-#define BIO_C_SET_BUF_MEM			114
-#define BIO_C_GET_BUF_MEM_PTR			115
-#define BIO_C_GET_BUFF_NUM_LINES		116
-#define BIO_C_SET_BUFF_SIZE			117
-#define BIO_C_SET_ACCEPT			118
-#define BIO_C_SSL_MODE				119
-#define BIO_C_GET_MD_CTX			120
-#define BIO_C_GET_PROXY_PARAM			121
-#define BIO_C_SET_BUFF_READ_DATA		122 /* data to read first */
-#define BIO_C_GET_CONNECT			123
-#define BIO_C_GET_ACCEPT			124
-#define BIO_C_SET_SSL_RENEGOTIATE_BYTES		125
-#define BIO_C_GET_SSL_NUM_RENEGOTIATES		126
-#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT	127
-#define BIO_C_FILE_SEEK				128
-#define BIO_C_GET_CIPHER_CTX			129
-#define BIO_C_SET_BUF_MEM_EOF_RETURN		130/*return end of input value*/
-#define BIO_C_SET_BIND_MODE			131
-#define BIO_C_GET_BIND_MODE			132
-#define BIO_C_FILE_TELL				133
-#define BIO_C_GET_SOCKS				134
-#define BIO_C_SET_SOCKS				135
-
-#define BIO_C_SET_WRITE_BUF_SIZE		136/* for BIO_s_bio */
-#define BIO_C_GET_WRITE_BUF_SIZE		137
-#define BIO_C_MAKE_BIO_PAIR			138
-#define BIO_C_DESTROY_BIO_PAIR			139
-#define BIO_C_GET_WRITE_GUARANTEE		140
-#define BIO_C_GET_READ_REQUEST			141
-#define BIO_C_SHUTDOWN_WR			142
-#define BIO_C_NREAD0				143
-#define BIO_C_NREAD				144
-#define BIO_C_NWRITE0				145
-#define BIO_C_NWRITE				146
-#define BIO_C_RESET_READ_REQUEST		147
-#define BIO_C_SET_MD_CTX			148
-
-#define BIO_C_SET_PREFIX			149
-#define BIO_C_GET_PREFIX			150
-#define BIO_C_SET_SUFFIX			151
-#define BIO_C_GET_SUFFIX			152
-
-#define BIO_C_SET_EX_ARG			153
-#define BIO_C_GET_EX_ARG			154
-
-#define BIO_set_app_data(s,arg)		BIO_set_ex_data(s,0,arg)
-#define BIO_get_app_data(s)		BIO_get_ex_data(s,0)
-
-/* BIO_s_connect() and BIO_s_socks4a_connect() */
-#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
-#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
-#define BIO_set_conn_ip(b,ip)	  BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
-#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
-#define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
-#define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
-#define BIO_get_conn_ip(b) 		 BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
-#define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
-
-
-#define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
-
-/* BIO_s_accept_socket() */
-#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
-#define BIO_get_accept_port(b)	BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
-/* #define BIO_set_nbio(b,n)	BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
-#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
-#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
-
-#define BIO_BIND_NORMAL			0
-#define BIO_BIND_REUSEADDR_IF_UNUSED	1
-#define BIO_BIND_REUSEADDR		2
-#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
-#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
-
-#define BIO_do_connect(b)	BIO_do_handshake(b)
-#define BIO_do_accept(b)	BIO_do_handshake(b)
-#define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-
-/* BIO_s_proxy_client() */
-#define BIO_set_url(b,url)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
-#define BIO_set_proxies(b,p)	BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
-/* BIO_set_nbio(b,n) */
-#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
-/* BIO *BIO_get_filter_bio(BIO *bio); */
-#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
-#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
-#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
-
-#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
-#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
-#define BIO_get_url(b,url)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
-#define BIO_get_no_connect_return(b)	BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
-
-#define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
-#define BIO_get_fd(b,c)		BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
-
-#define BIO_set_fp(b,fp,c)	BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
-#define BIO_get_fp(b,fpp)	BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
-
-#define BIO_seek(b,ofs)	(int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
-#define BIO_tell(b)	(int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
-
-/* name is cast to lose const, but might be better to route through a function
-   so we can do it safely */
-#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ,(char *)name)
-#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_WRITE,name)
-#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_APPEND,name)
-#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
-		BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
-
-/* WARNING WARNING, this ups the reference count on the read bio of the
- * SSL structure.  This is because the ssl read BIO is now pointed to by
- * the next_bio field in the bio.  So when you free the BIO, make sure
- * you are doing a BIO_free_all() to catch the underlying BIO. */
-#define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-#define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-#define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-#define BIO_set_ssl_renegotiate_bytes(b,num) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
-#define BIO_get_num_renegotiates(b) \
-	BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
-#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
-
-/* defined in evp.h */
-/* #define BIO_set_md(b,md)	BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
-
-#define BIO_get_mem_data(b,pp)	BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
-#define BIO_set_mem_buf(b,bm,c)	BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
-#define BIO_get_mem_ptr(b,pp)	BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
-#define BIO_set_mem_eof_return(b,v) \
-				BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
-
-/* For the BIO_f_buffer() type */
-#define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
-#define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
-#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
-#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
-#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
-
-/* Don't use the next one unless you know what you are doing :-) */
-#define BIO_dup_state(b,ret)	BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
-
-#define BIO_reset(b)		(int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
-#define BIO_eof(b)		(int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
-#define BIO_set_close(b,c)	(int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
-#define BIO_get_close(b)	(int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
-#define BIO_pending(b)		(int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
-#define BIO_wpending(b)		(int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
-/* ...pending macros have inappropriate return type */
-size_t BIO_ctrl_pending(BIO *b);
-size_t BIO_ctrl_wpending(BIO *b);
-#define BIO_flush(b)		(int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
-#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
-						   cbp)
-#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
-
-/* For the BIO_f_buffer() type */
-#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
-
-/* For BIO_s_bio() */
-#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
-#define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
-#define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
-#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
-/* macros with inappropriate type -- but ...pending macros use int too: */
-#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
-#define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
-size_t BIO_ctrl_get_write_guarantee(BIO *b);
-size_t BIO_ctrl_get_read_request(BIO *b);
-int BIO_ctrl_reset_read_request(BIO *b);
-
-/* ctrl macros for dgram */
-#define BIO_ctrl_dgram_connect(b,peer)  \
-                     (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
-#define BIO_ctrl_set_connected(b, state, peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
-#define BIO_dgram_recv_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
-#define BIO_dgram_send_timedout(b) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
-#define BIO_dgram_get_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
-#define BIO_dgram_set_peer(b,peer) \
-         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
-
-/* These two aren't currently implemented */
-/* int BIO_get_ex_num(BIO *bio); */
-/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
-int BIO_set_ex_data(BIO *bio, int idx, void *data);
-void *BIO_get_ex_data(BIO *bio, int idx);
-int
-BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-unsigned long BIO_number_read(BIO *bio);
-unsigned long BIO_number_written(BIO *bio);
-
-/* For BIO_f_asn1() */
-int
-BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
-asn1_ps_func *prefix_free);
-int
-BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
-asn1_ps_func **pprefix_free);
-int
-BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
-asn1_ps_func *suffix_free);
-int
-BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
-asn1_ps_func **psuffix_free);
-
-BIO_METHOD *BIO_s_file(void );
-BIO *BIO_new_file(const char *filename, const char *mode);
-BIO *BIO_new_fp(FILE *stream, int close_flag);
-# define BIO_s_file_internal	BIO_s_file
-BIO *	BIO_new(BIO_METHOD *type);
-int	BIO_set(BIO *a, BIO_METHOD *type);
-int	BIO_free(BIO *a);
-void	BIO_vfree(BIO *a);
-int	BIO_read(BIO *b, void *data, int len)
-		__attribute__((__bounded__(__buffer__,2,3)));
-int	BIO_gets(BIO *bp, char *buf, int size)
-		__attribute__((__bounded__ (__string__,2,3)));
-int	BIO_write(BIO *b, const void *data, int len)
-		__attribute__((__bounded__(__buffer__,2,3)));
-int	BIO_puts(BIO *bp, const char *buf);
-int	BIO_indent(BIO *b, int indent, int max);
-long	BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
-long	BIO_callback_ctrl(BIO *b, int cmd,
-	    void (*fp)(struct bio_st *, int, const char *, int, long, long));
-char *	BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
-long	BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
-BIO *	BIO_push(BIO *b, BIO *append);
-BIO *	BIO_pop(BIO *b);
-void	BIO_free_all(BIO *a);
-BIO *	BIO_find_type(BIO *b, int bio_type);
-BIO *	BIO_next(BIO *b);
-BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
-int	BIO_get_retry_reason(BIO *bio);
-BIO *	BIO_dup_chain(BIO *in);
-
-int BIO_nread0(BIO *bio, char **buf);
-int BIO_nread(BIO *bio, char **buf, int num);
-int BIO_nwrite0(BIO *bio, char **buf);
-int BIO_nwrite(BIO *bio, char **buf, int num);
-
-long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
-    long argl, long ret);
-
-BIO_METHOD *BIO_s_mem(void);
-BIO *BIO_new_mem_buf(void *buf, int len);
-BIO_METHOD *BIO_s_socket(void);
-BIO_METHOD *BIO_s_connect(void);
-BIO_METHOD *BIO_s_accept(void);
-BIO_METHOD *BIO_s_fd(void);
-BIO_METHOD *BIO_s_log(void);
-BIO_METHOD *BIO_s_bio(void);
-BIO_METHOD *BIO_s_null(void);
-BIO_METHOD *BIO_f_null(void);
-BIO_METHOD *BIO_f_buffer(void);
-BIO_METHOD *BIO_f_nbio_test(void);
-#ifndef OPENSSL_NO_DGRAM
-BIO_METHOD *BIO_s_datagram(void);
-#endif
-
-/* BIO_METHOD *BIO_f_ber(void); */
-
-int BIO_sock_should_retry(int i);
-int BIO_sock_non_fatal_error(int _error);
-int BIO_dgram_non_fatal_error(int _error);
-
-int BIO_fd_should_retry(int i);
-int BIO_fd_non_fatal_error(int _error);
-int
-BIO_dump_cb(int (*cb)(const void *data, size_t len, void *u),
-void *u, const char *s, int len);
-int
-BIO_dump_indent_cb(int (*cb)(const void *data, size_t len, void *u),
-void *u, const char *s, int len, int indent);
-int BIO_dump(BIO *b, const char *bytes, int len);
-int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
-int BIO_dump_fp(FILE *fp, const char *s, int len);
-int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
-struct hostent *BIO_gethostbyname(const char *name);
-/* We might want a thread-safe interface too:
- * struct hostent *BIO_gethostbyname_r(const char *name,
- *     struct hostent *result, void *buffer, size_t buflen);
- * or something similar (caller allocates a struct hostent,
- * pointed to by "result", and additional buffer space for the various
- * substructures; if the buffer does not suffice, NULL is returned
- * and an appropriate error code is set).
- */
-int BIO_sock_error(int sock);
-int BIO_socket_ioctl(int fd, long type, void *arg);
-int BIO_socket_nbio(int fd, int mode);
-int BIO_get_port(const char *str, unsigned short *port_ptr);
-int BIO_get_host_ip(const char *str, unsigned char *ip);
-int BIO_get_accept_socket(char *host_port, int mode);
-int BIO_accept(int sock, char **ip_port);
-int BIO_sock_init(void );
-void BIO_sock_cleanup(void);
-int BIO_set_tcp_ndelay(int sock, int turn_on);
-
-BIO *BIO_new_socket(int sock, int close_flag);
-BIO *BIO_new_dgram(int fd, int close_flag);
-BIO *BIO_new_fd(int fd, int close_flag);
-BIO *BIO_new_connect(char *host_port);
-BIO *BIO_new_accept(char *host_port);
-
-int
-BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
-BIO **bio2, size_t writebuf2);
-/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
- * Otherwise returns 0 and sets *bio1 and *bio2 to NULL.
- * Size 0 uses default value.
- */
-
-void BIO_copy_next_retry(BIO *b);
-
-/*long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);*/
-
-int
-BIO_printf(BIO *bio, const char *format, ...)
-	__attribute__((__format__(__printf__, 2, 3), __nonnull__(2)));
-int
-BIO_vprintf(BIO *bio, const char *format, va_list args)
-	__attribute__((__format__(__printf__, 2, 0), __nonnull__(2)));
-int
-BIO_snprintf(char *buf, size_t n, const char *format, ...)
-	__attribute__((__deprecated__, __format__(__printf__, 3, 4),
-	    __nonnull__(3)));
-int
-BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
-	__attribute__((__deprecated__, __format__(__printf__, 3, 0),
-	    __nonnull__(3)));
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BIO_strings(void);
-
-/* Error codes for the BIO functions. */
-
-/* Function codes. */
-#define BIO_F_ACPT_STATE				 100
-#define BIO_F_BIO_ACCEPT				 101
-#define BIO_F_BIO_BER_GET_HEADER			 102
-#define BIO_F_BIO_CALLBACK_CTRL				 131
-#define BIO_F_BIO_CTRL					 103
-#define BIO_F_BIO_GETHOSTBYNAME				 120
-#define BIO_F_BIO_GETS					 104
-#define BIO_F_BIO_GET_ACCEPT_SOCKET			 105
-#define BIO_F_BIO_GET_HOST_IP				 106
-#define BIO_F_BIO_GET_PORT				 107
-#define BIO_F_BIO_MAKE_PAIR				 121
-#define BIO_F_BIO_NEW					 108
-#define BIO_F_BIO_NEW_FILE				 109
-#define BIO_F_BIO_NEW_MEM_BUF				 126
-#define BIO_F_BIO_NREAD					 123
-#define BIO_F_BIO_NREAD0				 124
-#define BIO_F_BIO_NWRITE				 125
-#define BIO_F_BIO_NWRITE0				 122
-#define BIO_F_BIO_PUTS					 110
-#define BIO_F_BIO_READ					 111
-#define BIO_F_BIO_SOCK_INIT				 112
-#define BIO_F_BIO_WRITE					 113
-#define BIO_F_BUFFER_CTRL				 114
-#define BIO_F_CONN_CTRL					 127
-#define BIO_F_CONN_STATE				 115
-#define BIO_F_DGRAM_SCTP_READ				 132
-#define BIO_F_FILE_CTRL					 116
-#define BIO_F_FILE_READ					 130
-#define BIO_F_LINEBUFFER_CTRL				 129
-#define BIO_F_MEM_READ					 128
-#define BIO_F_MEM_WRITE					 117
-#define BIO_F_SSL_NEW					 118
-#define BIO_F_WSASTARTUP				 119
-
-/* Reason codes. */
-#define BIO_R_ACCEPT_ERROR				 100
-#define BIO_R_BAD_FOPEN_MODE				 101
-#define BIO_R_BAD_HOSTNAME_LOOKUP			 102
-#define BIO_R_BROKEN_PIPE				 124
-#define BIO_R_CONNECT_ERROR				 103
-#define BIO_R_EOF_ON_MEMORY_BIO				 127
-#define BIO_R_ERROR_SETTING_NBIO			 104
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET	 105
-#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET	 106
-#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET		 107
-#define BIO_R_INVALID_ARGUMENT				 125
-#define BIO_R_INVALID_IP_ADDRESS			 108
-#define BIO_R_INVALID_PORT_NUMBER			 129
-#define BIO_R_IN_USE					 123
-#define BIO_R_KEEPALIVE					 109
-#define BIO_R_NBIO_CONNECT_ERROR			 110
-#define BIO_R_NO_ACCEPT_PORT_SPECIFIED			 111
-#define BIO_R_NO_HOSTNAME_SPECIFIED			 112
-#define BIO_R_NO_PORT_DEFINED				 113
-#define BIO_R_NO_PORT_SPECIFIED				 114
-#define BIO_R_NO_SUCH_FILE				 128
-#define BIO_R_NULL_PARAMETER				 115
-#define BIO_R_TAG_MISMATCH				 116
-#define BIO_R_UNABLE_TO_BIND_SOCKET			 117
-#define BIO_R_UNABLE_TO_CREATE_SOCKET			 118
-#define BIO_R_UNABLE_TO_LISTEN_SOCKET			 119
-#define BIO_R_UNINITIALIZED				 120
-#define BIO_R_UNSUPPORTED_METHOD			 121
-#define BIO_R_WRITE_TO_READ_ONLY_BIO			 126
-#define BIO_R_WSASTARTUP				 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/bio/bio_cb.c b/lib/libssl/src/crypto/bio/bio_cb.c
deleted file mode 100644
index ab0e3a92cee..00000000000
--- a/lib/libssl/src/crypto/bio/bio_cb.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* $OpenBSD: bio_cb.c,v 1.16 2014/12/08 03:54:19 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-long
-BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi, long argl,
-    long ret)
-{
-	BIO *b;
-	char buf[256];
-	char *p;
-	long r = 1;
-	size_t p_maxlen;
-
-	if (BIO_CB_RETURN & cmd)
-		r = ret;
-
-	snprintf(buf, sizeof buf, "BIO[%p]:", bio);
-	p = &(buf[14]);
-	p_maxlen = sizeof buf - 14;
-	switch (cmd) {
-	case BIO_CB_FREE:
-		snprintf(p, p_maxlen, "Free - %s\n", bio->method->name);
-		break;
-	case BIO_CB_READ:
-		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			snprintf(p, p_maxlen,
-			    "read(%d,%lu) - %s fd=%d\n",
-			    bio->num, (unsigned long)argi,
-			    bio->method->name, bio->num);
-		else
-			snprintf(p, p_maxlen, "read(%d,%lu) - %s\n",
-			    bio->num, (unsigned long)argi, bio->method->name);
-		break;
-	case BIO_CB_WRITE:
-		if (bio->method->type & BIO_TYPE_DESCRIPTOR)
-			snprintf(p, p_maxlen,
-			    "write(%d,%lu) - %s fd=%d\n",
-			    bio->num, (unsigned long)argi,
-			    bio->method->name, bio->num);
-		else
-			snprintf(p, p_maxlen, "write(%d,%lu) - %s\n",
-			    bio->num, (unsigned long)argi, bio->method->name);
-		break;
-	case BIO_CB_PUTS:
-		snprintf(p, p_maxlen,
-		    "puts() - %s\n", bio->method->name);
-		break;
-	case BIO_CB_GETS:
-		snprintf(p, p_maxlen, "gets(%lu) - %s\n",
-		    (unsigned long)argi, bio->method->name);
-		break;
-	case BIO_CB_CTRL:
-		snprintf(p, p_maxlen, "ctrl(%lu) - %s\n",
-		    (unsigned long)argi, bio->method->name);
-		break;
-	case BIO_CB_RETURN|BIO_CB_READ:
-		snprintf(p, p_maxlen, "read return %ld\n", ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_WRITE:
-		snprintf(p, p_maxlen, "write return %ld\n", ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_GETS:
-		snprintf(p, p_maxlen, "gets return %ld\n", ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_PUTS:
-		snprintf(p, p_maxlen, "puts return %ld\n", ret);
-		break;
-	case BIO_CB_RETURN|BIO_CB_CTRL:
-		snprintf(p, p_maxlen, "ctrl return %ld\n", ret);
-		break;
-	default:
-		snprintf(p, p_maxlen,
-		    "bio callback - unknown type (%d)\n", cmd);
-		break;
-	}
-
-	b = (BIO *)bio->cb_arg;
-	if (b != NULL)
-		BIO_write(b, buf, strlen(buf));
-	else
-		fputs(buf, stderr);
-	return (r);
-}
diff --git a/lib/libssl/src/crypto/bio/bio_err.c b/lib/libssl/src/crypto/bio/bio_err.c
deleted file mode 100644
index 80788585ba1..00000000000
--- a/lib/libssl/src/crypto/bio/bio_err.c
+++ /dev/null
@@ -1,156 +0,0 @@
-/* $OpenBSD: bio_err.c,v 1.16 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/bio.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
-
-static ERR_STRING_DATA BIO_str_functs[] = {
-	{ERR_FUNC(BIO_F_ACPT_STATE),	"ACPT_STATE"},
-	{ERR_FUNC(BIO_F_BIO_ACCEPT),	"BIO_accept"},
-	{ERR_FUNC(BIO_F_BIO_BER_GET_HEADER),	"BIO_BER_GET_HEADER"},
-	{ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL),	"BIO_callback_ctrl"},
-	{ERR_FUNC(BIO_F_BIO_CTRL),	"BIO_ctrl"},
-	{ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME),	"BIO_gethostbyname"},
-	{ERR_FUNC(BIO_F_BIO_GETS),	"BIO_gets"},
-	{ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET),	"BIO_get_accept_socket"},
-	{ERR_FUNC(BIO_F_BIO_GET_HOST_IP),	"BIO_get_host_ip"},
-	{ERR_FUNC(BIO_F_BIO_GET_PORT),	"BIO_get_port"},
-	{ERR_FUNC(BIO_F_BIO_MAKE_PAIR),	"BIO_MAKE_PAIR"},
-	{ERR_FUNC(BIO_F_BIO_NEW),	"BIO_new"},
-	{ERR_FUNC(BIO_F_BIO_NEW_FILE),	"BIO_new_file"},
-	{ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF),	"BIO_new_mem_buf"},
-	{ERR_FUNC(BIO_F_BIO_NREAD),	"BIO_nread"},
-	{ERR_FUNC(BIO_F_BIO_NREAD0),	"BIO_nread0"},
-	{ERR_FUNC(BIO_F_BIO_NWRITE),	"BIO_nwrite"},
-	{ERR_FUNC(BIO_F_BIO_NWRITE0),	"BIO_nwrite0"},
-	{ERR_FUNC(BIO_F_BIO_PUTS),	"BIO_puts"},
-	{ERR_FUNC(BIO_F_BIO_READ),	"BIO_read"},
-	{ERR_FUNC(BIO_F_BIO_SOCK_INIT),	"BIO_sock_init"},
-	{ERR_FUNC(BIO_F_BIO_WRITE),	"BIO_write"},
-	{ERR_FUNC(BIO_F_BUFFER_CTRL),	"BUFFER_CTRL"},
-	{ERR_FUNC(BIO_F_CONN_CTRL),	"CONN_CTRL"},
-	{ERR_FUNC(BIO_F_CONN_STATE),	"CONN_STATE"},
-	{ERR_FUNC(BIO_F_DGRAM_SCTP_READ),	"DGRAM_SCTP_READ"},
-	{ERR_FUNC(BIO_F_FILE_CTRL),	"FILE_CTRL"},
-	{ERR_FUNC(BIO_F_FILE_READ),	"FILE_READ"},
-	{ERR_FUNC(BIO_F_LINEBUFFER_CTRL),	"LINEBUFFER_CTRL"},
-	{ERR_FUNC(BIO_F_MEM_READ),	"MEM_READ"},
-	{ERR_FUNC(BIO_F_MEM_WRITE),	"MEM_WRITE"},
-	{ERR_FUNC(BIO_F_SSL_NEW),	"SSL_new"},
-	{ERR_FUNC(BIO_F_WSASTARTUP),	"WSASTARTUP"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA BIO_str_reasons[] = {
-	{ERR_REASON(BIO_R_ACCEPT_ERROR)          , "accept error"},
-	{ERR_REASON(BIO_R_BAD_FOPEN_MODE)        , "bad fopen mode"},
-	{ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP)   , "bad hostname lookup"},
-	{ERR_REASON(BIO_R_BROKEN_PIPE)           , "broken pipe"},
-	{ERR_REASON(BIO_R_CONNECT_ERROR)         , "connect error"},
-	{ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO)     , "EOF on memory BIO"},
-	{ERR_REASON(BIO_R_ERROR_SETTING_NBIO)    , "error setting nbio"},
-	{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET), "error setting nbio on accepted socket"},
-	{ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET), "error setting nbio on accept socket"},
-	{ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET), "gethostbyname addr is not af inet"},
-	{ERR_REASON(BIO_R_INVALID_ARGUMENT)      , "invalid argument"},
-	{ERR_REASON(BIO_R_INVALID_IP_ADDRESS)    , "invalid ip address"},
-	{ERR_REASON(BIO_R_INVALID_PORT_NUMBER)   , "invalid port number"},
-	{ERR_REASON(BIO_R_IN_USE)                , "in use"},
-	{ERR_REASON(BIO_R_KEEPALIVE)             , "keepalive"},
-	{ERR_REASON(BIO_R_NBIO_CONNECT_ERROR)    , "nbio connect error"},
-	{ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
-	{ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED) , "no hostname specified"},
-	{ERR_REASON(BIO_R_NO_PORT_DEFINED)       , "no port defined"},
-	{ERR_REASON(BIO_R_NO_PORT_SPECIFIED)     , "no port specified"},
-	{ERR_REASON(BIO_R_NO_SUCH_FILE)          , "no such file"},
-	{ERR_REASON(BIO_R_NULL_PARAMETER)        , "null parameter"},
-	{ERR_REASON(BIO_R_TAG_MISMATCH)          , "tag mismatch"},
-	{ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET) , "unable to bind socket"},
-	{ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
-	{ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"},
-	{ERR_REASON(BIO_R_UNINITIALIZED)         , "uninitialized"},
-	{ERR_REASON(BIO_R_UNSUPPORTED_METHOD)    , "unsupported method"},
-	{ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO), "write to read only BIO"},
-	{ERR_REASON(BIO_R_WSASTARTUP)            , "WSAStartup"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_BIO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, BIO_str_functs);
-		ERR_load_strings(0, BIO_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/bio/bio_lib.c b/lib/libssl/src/crypto/bio/bio_lib.c
deleted file mode 100644
index 0be56aacdee..00000000000
--- a/lib/libssl/src/crypto/bio/bio_lib.c
+++ /dev/null
@@ -1,624 +0,0 @@
-/* $OpenBSD: bio_lib.c,v 1.22 2015/02/10 11:22:21 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/stack.h>
-
-BIO *
-BIO_new(BIO_METHOD *method)
-{
-	BIO *ret = NULL;
-
-	ret = malloc(sizeof(BIO));
-	if (ret == NULL) {
-		BIOerr(BIO_F_BIO_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	if (!BIO_set(ret, method)) {
-		free(ret);
-		ret = NULL;
-	}
-	return (ret);
-}
-
-int
-BIO_set(BIO *bio, BIO_METHOD *method)
-{
-	bio->method = method;
-	bio->callback = NULL;
-	bio->cb_arg = NULL;
-	bio->init = 0;
-	bio->shutdown = 1;
-	bio->flags = 0;
-	bio->retry_reason = 0;
-	bio->num = 0;
-	bio->ptr = NULL;
-	bio->prev_bio = NULL;
-	bio->next_bio = NULL;
-	bio->references = 1;
-	bio->num_read = 0L;
-	bio->num_write = 0L;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
-	if (method->create != NULL)
-		if (!method->create(bio)) {
-			CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio,
-			    &bio->ex_data);
-			return (0);
-		}
-	return (1);
-}
-
-int
-BIO_free(BIO *a)
-{
-	int i;
-
-	if (a == NULL)
-		return (0);
-
-	i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_BIO);
-	if (i > 0)
-		return (1);
-	if ((a->callback != NULL) &&
-	    ((i = (int)a->callback(a, BIO_CB_FREE, NULL, 0, 0L, 1L)) <= 0))
-		return (i);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
-
-	if (a->method != NULL && a->method->destroy != NULL)
-		a->method->destroy(a);
-	free(a);
-	return (1);
-}
-
-void
-BIO_vfree(BIO *a)
-{
-	BIO_free(a);
-}
-
-void
-BIO_clear_flags(BIO *b, int flags)
-{
-	b->flags &= ~flags;
-}
-
-int
-BIO_test_flags(const BIO *b, int flags)
-{
-	return (b->flags & flags);
-}
-
-void
-BIO_set_flags(BIO *b, int flags)
-{
-	b->flags |= flags;
-}
-
-long
-(*BIO_get_callback(const BIO *b))(struct bio_st *, int, const char *, int,
-    long, long)
-{
-	return b->callback;
-}
-
-void
-BIO_set_callback(BIO *b, long (*cb)(struct bio_st *, int, const char *, int,
-    long, long))
-{
-	b->callback = cb;
-}
-
-void
-BIO_set_callback_arg(BIO *b, char *arg)
-{
-	b->cb_arg = arg;
-}
-
-char *
-BIO_get_callback_arg(const BIO *b)
-{
-	return b->cb_arg;
-}
-
-const char *
-BIO_method_name(const BIO *b)
-{
-	return b->method->name;
-}
-
-int
-BIO_method_type(const BIO *b)
-{
-	return b->method->type;
-}
-
-int
-BIO_read(BIO *b, void *out, int outl)
-{
-	int i;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) {
-		BIOerr(BIO_F_BIO_READ, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	cb = b->callback;
-	if ((cb != NULL) &&
-	    ((i = (int)cb(b, BIO_CB_READ, out, outl, 0L, 1L)) <= 0))
-		return (i);
-
-	if (!b->init) {
-		BIOerr(BIO_F_BIO_READ, BIO_R_UNINITIALIZED);
-		return (-2);
-	}
-
-	i = b->method->bread(b, out, outl);
-
-	if (i > 0)
-		b->num_read += (unsigned long)i;
-
-	if (cb != NULL)
-		i = (int)cb(b, BIO_CB_READ|BIO_CB_RETURN, out, outl,
-		    0L, (long)i);
-	return (i);
-}
-
-int
-BIO_write(BIO *b, const void *in, int inl)
-{
-	int i;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if (b == NULL)
-		return (0);
-
-	cb = b->callback;
-	if ((b->method == NULL) || (b->method->bwrite == NULL)) {
-		BIOerr(BIO_F_BIO_WRITE, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	if ((cb != NULL) &&
-	    ((i = (int)cb(b, BIO_CB_WRITE, in, inl, 0L, 1L)) <= 0))
-		return (i);
-
-	if (!b->init) {
-		BIOerr(BIO_F_BIO_WRITE, BIO_R_UNINITIALIZED);
-		return (-2);
-	}
-
-	i = b->method->bwrite(b, in, inl);
-
-	if (i > 0)
-		b->num_write += (unsigned long)i;
-
-	if (cb != NULL)
-		i = (int)cb(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl,
-		    0L, (long)i);
-	return (i);
-}
-
-int
-BIO_puts(BIO *b, const char *in)
-{
-	int i;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) {
-		BIOerr(BIO_F_BIO_PUTS, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	cb = b->callback;
-
-	if ((cb != NULL) &&
-	    ((i = (int)cb(b, BIO_CB_PUTS, in, 0, 0L, 1L)) <= 0))
-		return (i);
-
-	if (!b->init) {
-		BIOerr(BIO_F_BIO_PUTS, BIO_R_UNINITIALIZED);
-		return (-2);
-	}
-
-	i = b->method->bputs(b, in);
-
-	if (i > 0)
-		b->num_write += (unsigned long)i;
-
-	if (cb != NULL)
-		i = (int)cb(b, BIO_CB_PUTS|BIO_CB_RETURN, in, 0, 0L, (long)i);
-	return (i);
-}
-
-int
-BIO_gets(BIO *b, char *in, int inl)
-{
-	int i;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) {
-		BIOerr(BIO_F_BIO_GETS, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	cb = b->callback;
-
-	if ((cb != NULL) &&
-	    ((i = (int)cb(b, BIO_CB_GETS, in, inl, 0L, 1L)) <= 0))
-		return (i);
-
-	if (!b->init) {
-		BIOerr(BIO_F_BIO_GETS, BIO_R_UNINITIALIZED);
-		return (-2);
-	}
-
-	i = b->method->bgets(b, in, inl);
-
-	if (cb != NULL)
-		i = (int)cb(b, BIO_CB_GETS|BIO_CB_RETURN, in, inl, 0L, (long)i);
-	return (i);
-}
-
-int
-BIO_indent(BIO *b, int indent, int max)
-{
-	if (indent < 0)
-		indent = 0;
-	if (indent > max)
-		indent = max;
-	while (indent--)
-		if (BIO_puts(b, " ") != 1)
-			return 0;
-	return 1;
-}
-
-long
-BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
-{
-	int i;
-
-	i = iarg;
-	return (BIO_ctrl(b, cmd, larg, (char *)&i));
-}
-
-char *
-BIO_ptr_ctrl(BIO *b, int cmd, long larg)
-{
-	char *p = NULL;
-
-	if (BIO_ctrl(b, cmd, larg, (char *)&p) <= 0)
-		return (NULL);
-	else
-		return (p);
-}
-
-long
-BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
-{
-	long ret;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if (b == NULL)
-		return (0);
-
-	if ((b->method == NULL) || (b->method->ctrl == NULL)) {
-		BIOerr(BIO_F_BIO_CTRL, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	cb = b->callback;
-
-	if ((cb != NULL) &&
-	    ((ret = cb(b, BIO_CB_CTRL, parg, cmd, larg, 1L)) <= 0))
-		return (ret);
-
-	ret = b->method->ctrl(b, cmd, larg, parg);
-
-	if (cb != NULL)
-		ret = cb(b, BIO_CB_CTRL|BIO_CB_RETURN, parg, cmd, larg, ret);
-	return (ret);
-}
-
-long
-BIO_callback_ctrl(BIO *b, int cmd,
-    void (*fp)(struct bio_st *, int, const char *, int, long, long))
-{
-	long ret;
-	long (*cb)(BIO *, int, const char *, int, long, long);
-
-	if (b == NULL)
-		return (0);
-
-	if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) {
-		BIOerr(BIO_F_BIO_CALLBACK_CTRL, BIO_R_UNSUPPORTED_METHOD);
-		return (-2);
-	}
-
-	cb = b->callback;
-
-	if ((cb != NULL) &&
-	    ((ret = cb(b, BIO_CB_CTRL, (void *)&fp, cmd, 0, 1L)) <= 0))
-		return (ret);
-
-	ret = b->method->callback_ctrl(b, cmd, fp);
-
-	if (cb != NULL)
-		ret = cb(b, BIO_CB_CTRL|BIO_CB_RETURN, (void *)&fp, cmd, 0, ret);
-	return (ret);
-}
-
-/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros
- * do; but those macros have inappropriate return type, and for interfacing
- * from other programming languages, C macros aren't much of a help anyway. */
-size_t
-BIO_ctrl_pending(BIO *bio)
-{
-	return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
-}
-
-size_t
-BIO_ctrl_wpending(BIO *bio)
-{
-	return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
-}
-
-
-/* put the 'bio' on the end of b's list of operators */
-BIO *
-BIO_push(BIO *b, BIO *bio)
-{
-	BIO *lb;
-
-	if (b == NULL)
-		return (bio);
-	lb = b;
-	while (lb->next_bio != NULL)
-		lb = lb->next_bio;
-	lb->next_bio = bio;
-	if (bio != NULL)
-		bio->prev_bio = lb;
-	/* called to do internal processing */
-	BIO_ctrl(b, BIO_CTRL_PUSH, 0, lb);
-	return (b);
-}
-
-/* Remove the first and return the rest */
-BIO *
-BIO_pop(BIO *b)
-{
-	BIO *ret;
-
-	if (b == NULL)
-		return (NULL);
-	ret = b->next_bio;
-
-	BIO_ctrl(b, BIO_CTRL_POP, 0, b);
-
-	if (b->prev_bio != NULL)
-		b->prev_bio->next_bio = b->next_bio;
-	if (b->next_bio != NULL)
-		b->next_bio->prev_bio = b->prev_bio;
-
-	b->next_bio = NULL;
-	b->prev_bio = NULL;
-	return (ret);
-}
-
-BIO *
-BIO_get_retry_BIO(BIO *bio, int *reason)
-{
-	BIO *b, *last;
-
-	b = last = bio;
-	for (;;) {
-		if (!BIO_should_retry(b))
-			break;
-		last = b;
-		b = b->next_bio;
-		if (b == NULL)
-			break;
-	}
-	if (reason != NULL)
-		*reason = last->retry_reason;
-	return (last);
-}
-
-int
-BIO_get_retry_reason(BIO *bio)
-{
-	return (bio->retry_reason);
-}
-
-BIO *
-BIO_find_type(BIO *bio, int type)
-{
-	int mt, mask;
-
-	if (!bio)
-		return NULL;
-	mask = type & 0xff;
-	do {
-		if (bio->method != NULL) {
-			mt = bio->method->type;
-			if (!mask) {
-				if (mt & type)
-					return (bio);
-			} else if (mt == type)
-				return (bio);
-		}
-		bio = bio->next_bio;
-	} while (bio != NULL);
-	return (NULL);
-}
-
-BIO *
-BIO_next(BIO *b)
-{
-	if (!b)
-		return NULL;
-	return b->next_bio;
-}
-
-void
-BIO_free_all(BIO *bio)
-{
-	BIO *b;
-	int ref;
-
-	while (bio != NULL) {
-		b = bio;
-		ref = b->references;
-		bio = bio->next_bio;
-		BIO_free(b);
-		/* Since ref count > 1, don't free anyone else. */
-		if (ref > 1)
-			break;
-	}
-}
-
-BIO *
-BIO_dup_chain(BIO *in)
-{
-	BIO *ret = NULL, *eoc = NULL, *bio, *new_bio;
-
-	for (bio = in; bio != NULL; bio = bio->next_bio) {
-		if ((new_bio = BIO_new(bio->method)) == NULL)
-			goto err;
-		new_bio->callback = bio->callback;
-		new_bio->cb_arg = bio->cb_arg;
-		new_bio->init = bio->init;
-		new_bio->shutdown = bio->shutdown;
-		new_bio->flags = bio->flags;
-
-		/* This will let SSL_s_sock() work with stdin/stdout */
-		new_bio->num = bio->num;
-
-		if (!BIO_dup_state(bio, (char *)new_bio)) {
-			BIO_free(new_bio);
-			goto err;
-		}
-
-		/* copy app data */
-		if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO,
-		    &new_bio->ex_data, &bio->ex_data))
-			goto err;
-
-		if (ret == NULL) {
-			eoc = new_bio;
-			ret = eoc;
-		} else {
-			BIO_push(eoc, new_bio);
-			eoc = new_bio;
-		}
-	}
-	return (ret);
-err:
-	BIO_free(ret);
-	return (NULL);
-
-}
-
-void
-BIO_copy_next_retry(BIO *b)
-{
-	BIO_set_flags(b, BIO_get_retry_flags(b->next_bio));
-	b->retry_reason = b->next_bio->retry_reason;
-}
-
-int
-BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-BIO_set_ex_data(BIO *bio, int idx, void *data)
-{
-	return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data));
-}
-
-void *
-BIO_get_ex_data(BIO *bio, int idx)
-{
-	return (CRYPTO_get_ex_data(&(bio->ex_data), idx));
-}
-
-unsigned long
-BIO_number_read(BIO *bio)
-{
-	if (bio)
-		return bio->num_read;
-	return 0;
-}
-
-unsigned long
-BIO_number_written(BIO *bio)
-{
-	if (bio)
-		return bio->num_write;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/bio/bss_acpt.c b/lib/libssl/src/crypto/bio/bss_acpt.c
deleted file mode 100644
index 4e3c982c2d3..00000000000
--- a/lib/libssl/src/crypto/bio/bss_acpt.c
+++ /dev/null
@@ -1,453 +0,0 @@
-/* $OpenBSD: bss_acpt.c,v 1.26 2015/07/18 22:09:30 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/socket.h>
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#define SOCKET_PROTOCOL IPPROTO_TCP
-
-typedef struct bio_accept_st {
-	int state;
-	char *param_addr;
-
-	int accept_sock;
-	int accept_nbio;
-
-	char *addr;
-	int nbio;
-	/* If 0, it means normal, if 1, do a connect on bind failure,
-	 * and if there is no-one listening, bind with SO_REUSEADDR.
-	 * If 2, always use SO_REUSEADDR. */
-	int bind_mode;
-	BIO *bio_chain;
-} BIO_ACCEPT;
-
-static int acpt_write(BIO *h, const char *buf, int num);
-static int acpt_read(BIO *h, char *buf, int size);
-static int acpt_puts(BIO *h, const char *str);
-static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int acpt_new(BIO *h);
-static int acpt_free(BIO *data);
-static int acpt_state(BIO *b, BIO_ACCEPT *c);
-static void acpt_close_socket(BIO *data);
-static BIO_ACCEPT *BIO_ACCEPT_new(void );
-static void BIO_ACCEPT_free(BIO_ACCEPT *a);
-
-#define ACPT_S_BEFORE			1
-#define ACPT_S_GET_ACCEPT_SOCKET	2
-#define ACPT_S_OK			3
-
-static BIO_METHOD methods_acceptp = {
-	.type = BIO_TYPE_ACCEPT,
-	.name = "socket accept",
-	.bwrite = acpt_write,
-	.bread = acpt_read,
-	.bputs = acpt_puts,
-	.ctrl = acpt_ctrl,
-	.create = acpt_new,
-	.destroy = acpt_free
-};
-
-BIO_METHOD *
-BIO_s_accept(void)
-{
-	return (&methods_acceptp);
-}
-
-static int
-acpt_new(BIO *bi)
-{
-	BIO_ACCEPT *ba;
-
-	bi->init = 0;
-	bi->num = -1;
-	bi->flags = 0;
-	if ((ba = BIO_ACCEPT_new()) == NULL)
-		return (0);
-	bi->ptr = (char *)ba;
-	ba->state = ACPT_S_BEFORE;
-	bi->shutdown = 1;
-	return (1);
-}
-
-static BIO_ACCEPT *
-BIO_ACCEPT_new(void)
-{
-	BIO_ACCEPT *ret;
-
-	if ((ret = calloc(1, sizeof(BIO_ACCEPT))) == NULL)
-		return (NULL);
-	ret->accept_sock = -1;
-	ret->bind_mode = BIO_BIND_NORMAL;
-	return (ret);
-}
-
-static void
-BIO_ACCEPT_free(BIO_ACCEPT *a)
-{
-	if (a == NULL)
-		return;
-
-	free(a->param_addr);
-	free(a->addr);
-	BIO_free(a->bio_chain);
-	free(a);
-}
-
-static void
-acpt_close_socket(BIO *bio)
-{
-	BIO_ACCEPT *c;
-
-	c = (BIO_ACCEPT *)bio->ptr;
-	if (c->accept_sock != -1) {
-		shutdown(c->accept_sock, SHUT_RDWR);
-		close(c->accept_sock);
-		c->accept_sock = -1;
-		bio->num = -1;
-	}
-}
-
-static int
-acpt_free(BIO *a)
-{
-	BIO_ACCEPT *data;
-
-	if (a == NULL)
-		return (0);
-	data = (BIO_ACCEPT *)a->ptr;
-
-	if (a->shutdown) {
-		acpt_close_socket(a);
-		BIO_ACCEPT_free(data);
-		a->ptr = NULL;
-		a->flags = 0;
-		a->init = 0;
-	}
-	return (1);
-}
-
-static int
-acpt_state(BIO *b, BIO_ACCEPT *c)
-{
-	BIO *bio = NULL, *dbio;
-	int s = -1;
-	int i;
-
-again:
-	switch (c->state) {
-	case ACPT_S_BEFORE:
-		if (c->param_addr == NULL) {
-			BIOerr(BIO_F_ACPT_STATE, BIO_R_NO_ACCEPT_PORT_SPECIFIED);
-			return (-1);
-		}
-		s = BIO_get_accept_socket(c->param_addr, c->bind_mode);
-		if (s == -1)
-			return (-1);
-
-		if (c->accept_nbio) {
-			if (!BIO_socket_nbio(s, 1)) {
-				close(s);
-				BIOerr(BIO_F_ACPT_STATE, BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
-				return (-1);
-			}
-		}
-		c->accept_sock = s;
-		b->num = s;
-		c->state = ACPT_S_GET_ACCEPT_SOCKET;
-		return (1);
-		/* break; */
-	case ACPT_S_GET_ACCEPT_SOCKET:
-		if (b->next_bio != NULL) {
-			c->state = ACPT_S_OK;
-			goto again;
-		}
-		BIO_clear_retry_flags(b);
-		b->retry_reason = 0;
-		i = BIO_accept(c->accept_sock, &(c->addr));
-
-		/* -2 return means we should retry */
-		if (i == -2) {
-			BIO_set_retry_special(b);
-			b->retry_reason = BIO_RR_ACCEPT;
-			return -1;
-		}
-
-		if (i < 0)
-			return (i);
-
-		bio = BIO_new_socket(i, BIO_CLOSE);
-		if (bio == NULL)
-			goto err;
-
-		BIO_set_callback(bio, BIO_get_callback(b));
-		BIO_set_callback_arg(bio, BIO_get_callback_arg(b));
-
-		if (c->nbio) {
-			if (!BIO_socket_nbio(i, 1)) {
-				BIOerr(BIO_F_ACPT_STATE, BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
-				goto err;
-			}
-		}
-
-		/* If the accept BIO has an bio_chain, we dup it and
-		 * put the new socket at the end. */
-		if (c->bio_chain != NULL) {
-			if ((dbio = BIO_dup_chain(c->bio_chain)) == NULL)
-				goto err;
-			if (!BIO_push(dbio, bio)) goto err;
-				bio = dbio;
-		}
-		if (BIO_push(b, bio)
-			== NULL) goto err;
-
-		c->state = ACPT_S_OK;
-		return (1);
-
-err:
-		if (bio != NULL)
-			BIO_free(bio);
-		return (0);
-		/* break; */
-	case ACPT_S_OK:
-		if (b->next_bio == NULL) {
-			c->state = ACPT_S_GET_ACCEPT_SOCKET;
-			goto again;
-		}
-		return (1);
-		/* break; */
-	default:
-		return (0);
-		/* break; */
-	}
-}
-
-static int
-acpt_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-	BIO_ACCEPT *data;
-
-	BIO_clear_retry_flags(b);
-	data = (BIO_ACCEPT *)b->ptr;
-
-	while (b->next_bio == NULL) {
-		ret = acpt_state(b, data);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	ret = BIO_read(b->next_bio, out, outl);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static int
-acpt_write(BIO *b, const char *in, int inl)
-{
-	int ret;
-	BIO_ACCEPT *data;
-
-	BIO_clear_retry_flags(b);
-	data = (BIO_ACCEPT *)b->ptr;
-
-	while (b->next_bio == NULL) {
-		ret = acpt_state(b, data);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	ret = BIO_write(b->next_bio, in, inl);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static long
-acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	int *ip;
-	long ret = 1;
-	BIO_ACCEPT *data;
-	char **pp;
-
-	data = (BIO_ACCEPT *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ret = 0;
-		data->state = ACPT_S_BEFORE;
-		acpt_close_socket(b);
-		b->flags = 0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		/* use this one to start the connection */
-		ret = (long)acpt_state(b, data);
-		break;
-	case BIO_C_SET_ACCEPT:
-		if (ptr != NULL) {
-			if (num == 0) {
-				b->init = 1;
-				free(data->param_addr);
-				data->param_addr = strdup(ptr);
-			} else if (num == 1) {
-				data->accept_nbio = (ptr != NULL);
-			} else if (num == 2) {
-				BIO_free(data->bio_chain);
-				data->bio_chain = (BIO *)ptr;
-			}
-		}
-		break;
-	case BIO_C_SET_NBIO:
-		data->nbio = (int)num;
-		break;
-	case BIO_C_SET_FD:
-		b->init = 1;
-		b->num= *((int *)ptr);
-		data->accept_sock = b->num;
-		data->state = ACPT_S_GET_ACCEPT_SOCKET;
-		b->shutdown = (int)num;
-		b->init = 1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init) {
-			ip = (int *)ptr;
-			if (ip != NULL)
-				*ip = data->accept_sock;
-			ret = data->accept_sock;
-		} else
-			ret = -1;
-		break;
-	case BIO_C_GET_ACCEPT:
-		if (b->init) {
-			if (ptr != NULL) {
-				pp = (char **)ptr;
-				*pp = data->param_addr;
-			} else
-				ret = -1;
-		} else
-			ret = -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret = 0;
-		break;
-	case BIO_CTRL_FLUSH:
-		break;
-	case BIO_C_SET_BIND_MODE:
-		data->bind_mode = (int)num;
-		break;
-	case BIO_C_GET_BIND_MODE:
-		ret = (long)data->bind_mode;
-		break;
-	case BIO_CTRL_DUP:
-/*		dbio=(BIO *)ptr;
-		if (data->param_port) EAY EAY
-			BIO_set_port(dbio,data->param_port);
-		if (data->param_hostname)
-			BIO_set_hostname(dbio,data->param_hostname);
-		BIO_set_nbio(dbio,data->nbio);
-*/
-		break;
-
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-acpt_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = acpt_write(bp, str, n);
-	return (ret);
-}
-
-BIO *
-BIO_new_accept(char *str)
-{
-	BIO *ret;
-
-	ret = BIO_new(BIO_s_accept());
-	if (ret == NULL)
-		return (NULL);
-	if (BIO_set_accept_port(ret, str))
-		return (ret);
-	else {
-		BIO_free(ret);
-		return (NULL);
-	}
-}
-
diff --git a/lib/libssl/src/crypto/bio/bss_bio.c b/lib/libssl/src/crypto/bio/bss_bio.c
deleted file mode 100644
index c817910d937..00000000000
--- a/lib/libssl/src/crypto/bio/bss_bio.c
+++ /dev/null
@@ -1,883 +0,0 @@
-/* $OpenBSD: bss_bio.c,v 1.22 2015/12/23 20:37:23 mmcc Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Special method for a BIO where the other endpoint is also a BIO
- * of this kind, handled by the same thread (i.e. the "peer" is actually
- * ourselves, wearing a different hat).
- * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces
- * for which no specific BIO method is available.
- * See ssl/ssltest.c for some hints on how this can be used. */
-
-/* BIO_DEBUG implies BIO_PAIR_DEBUG */
-#ifdef BIO_DEBUG
-# ifndef BIO_PAIR_DEBUG
-#  define BIO_PAIR_DEBUG
-# endif
-#endif
-
-/* disable assert() unless BIO_PAIR_DEBUG has been defined */
-#ifndef BIO_PAIR_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-static int bio_new(BIO *bio);
-static int bio_free(BIO *bio);
-static int bio_read(BIO *bio, char *buf, int size);
-static int bio_write(BIO *bio, const char *buf, int num);
-static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
-static int bio_puts(BIO *bio, const char *str);
-
-static int bio_make_pair(BIO *bio1, BIO *bio2);
-static void bio_destroy_pair(BIO *bio);
-
-static BIO_METHOD methods_biop = {
-	.type = BIO_TYPE_BIO,
-	.name = "BIO pair",
-	.bwrite = bio_write,
-	.bread = bio_read,
-	.bputs = bio_puts,
-	.ctrl = bio_ctrl,
-	.create = bio_new,
-	.destroy = bio_free
-};
-
-BIO_METHOD *
-BIO_s_bio(void)
-{
-	return &methods_biop;
-}
-
-struct bio_bio_st {
-	BIO *peer;	/* NULL if buf == NULL.
-			 * If peer != NULL, then peer->ptr is also a bio_bio_st,
-			 * and its "peer" member points back to us.
-			 * peer != NULL iff init != 0 in the BIO. */
-
-	/* This is for what we write (i.e. reading uses peer's struct): */
-	int closed;	/* valid iff peer != NULL */
-	size_t len;	/* valid iff buf != NULL; 0 if peer == NULL */
-	size_t offset;	/* valid iff buf != NULL; 0 if len == 0 */
-	size_t size;
-	char *buf;      /* "size" elements (if != NULL) */
-
-	size_t request; /* valid iff peer != NULL; 0 if len != 0,
-			 * otherwise set by peer to number of bytes
-			 * it (unsuccessfully) tried to read,
-	                 * never more than buffer space (size-len) warrants. */
-};
-
-static int
-bio_new(BIO *bio)
-{
-	struct bio_bio_st *b;
-
-	b = malloc(sizeof *b);
-	if (b == NULL)
-		return 0;
-
-	b->peer = NULL;
-	b->size = 17 * 1024; /* enough for one TLS record (just a default) */
-	b->buf = NULL;
-
-	bio->ptr = b;
-	return 1;
-}
-
-static int
-bio_free(BIO *bio)
-{
-	struct bio_bio_st *b;
-
-	if (bio == NULL)
-		return 0;
-	b = bio->ptr;
-
-	assert(b != NULL);
-
-	if (b->peer)
-		bio_destroy_pair(bio);
-
-	free(b->buf);
-	free(b);
-	return 1;
-}
-
-
-
-static int
-bio_read(BIO *bio, char *buf, int size_)
-{
-	size_t size = size_;
-	size_t rest;
-	struct bio_bio_st *b, *peer_b;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-
-	b = bio->ptr;
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	peer_b = b->peer->ptr;
-	assert(peer_b != NULL);
-	assert(peer_b->buf != NULL);
-
-	peer_b->request = 0; /* will be set in "retry_read" situation */
-
-	if (buf == NULL || size == 0)
-		return 0;
-
-	if (peer_b->len == 0) {
-		if (peer_b->closed)
-			return 0; /* writer has closed, and no data is left */
-		else {
-			BIO_set_retry_read(bio); /* buffer is empty */
-			if (size <= peer_b->size)
-				peer_b->request = size;
-			else
-				/* don't ask for more than the peer can
-				 * deliver in one write */
-				peer_b->request = peer_b->size;
-			return -1;
-		}
-	}
-
-	/* we can read */
-	if (peer_b->len < size)
-		size = peer_b->len;
-
-	/* now read "size" bytes */
-
-	rest = size;
-
-	assert(rest > 0);
-	do /* one or two iterations */
-	{
-		size_t chunk;
-
-		assert(rest <= peer_b->len);
-		if (peer_b->offset + rest <= peer_b->size)
-			chunk = rest;
-		else
-			/* wrap around ring buffer */
-			chunk = peer_b->size - peer_b->offset;
-		assert(peer_b->offset + chunk <= peer_b->size);
-
-		memcpy(buf, peer_b->buf + peer_b->offset, chunk);
-
-		peer_b->len -= chunk;
-		if (peer_b->len) {
-			peer_b->offset += chunk;
-			assert(peer_b->offset <= peer_b->size);
-			if (peer_b->offset == peer_b->size)
-				peer_b->offset = 0;
-			buf += chunk;
-		} else {
-			/* buffer now empty, no need to advance "buf" */
-			assert(chunk == rest);
-			peer_b->offset = 0;
-		}
-		rest -= chunk;
-	} while (rest);
-
-	return size;
-}
-
-/* non-copying interface: provide pointer to available data in buffer
- *    bio_nread0:  return number of available bytes
- *    bio_nread:   also advance index
- * (example usage:  bio_nread0(), read from buffer, bio_nread()
- *  or just         bio_nread(), read from buffer)
- */
-/* WARNING: The non-copying interface is largely untested as of yet
- * and may contain bugs. */
-static ssize_t
-bio_nread0(BIO *bio, char **buf)
-{
-	struct bio_bio_st *b, *peer_b;
-	ssize_t num;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-
-	b = bio->ptr;
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	peer_b = b->peer->ptr;
-	assert(peer_b != NULL);
-	assert(peer_b->buf != NULL);
-
-	peer_b->request = 0;
-
-	if (peer_b->len == 0) {
-		char dummy;
-
-		/* avoid code duplication -- nothing available for reading */
-		return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
-	}
-
-	num = peer_b->len;
-	if (peer_b->size < peer_b->offset + num)
-		/* no ring buffer wrap-around for non-copying interface */
-		num = peer_b->size - peer_b->offset;
-	assert(num > 0);
-
-	if (buf != NULL)
-		*buf = peer_b->buf + peer_b->offset;
-	return num;
-}
-
-static ssize_t
-bio_nread(BIO *bio, char **buf, size_t num_)
-{
-	struct bio_bio_st *b, *peer_b;
-	ssize_t num, available;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
-
-	available = bio_nread0(bio, buf);
-	if (num > available)
-		num = available;
-	if (num <= 0)
-		return num;
-
-	b = bio->ptr;
-	peer_b = b->peer->ptr;
-
-	peer_b->len -= num;
-	if (peer_b->len) {
-		peer_b->offset += num;
-		assert(peer_b->offset <= peer_b->size);
-		if (peer_b->offset == peer_b->size)
-			peer_b->offset = 0;
-	} else
-		peer_b->offset = 0;
-
-	return num;
-}
-
-
-static int
-bio_write(BIO *bio, const char *buf, int num_)
-{
-	size_t num = num_;
-	size_t rest;
-	struct bio_bio_st *b;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init || buf == NULL || num == 0)
-		return 0;
-
-	b = bio->ptr;
-
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	assert(b->buf != NULL);
-
-	b->request = 0;
-	if (b->closed) {
-		/* we already closed */
-		BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
-		return -1;
-	}
-
-	assert(b->len <= b->size);
-
-	if (b->len == b->size) {
-		BIO_set_retry_write(bio); /* buffer is full */
-		return -1;
-	}
-
-	/* we can write */
-	if (num > b->size - b->len)
-		num = b->size - b->len;
-
-	/* now write "num" bytes */
-
-	rest = num;
-
-	assert(rest > 0);
-	do /* one or two iterations */
-	{
-		size_t write_offset;
-		size_t chunk;
-
-		assert(b->len + rest <= b->size);
-
-		write_offset = b->offset + b->len;
-		if (write_offset >= b->size)
-			write_offset -= b->size;
-		/* b->buf[write_offset] is the first byte we can write to. */
-
-		if (write_offset + rest <= b->size)
-			chunk = rest;
-		else
-			/* wrap around ring buffer */
-			chunk = b->size - write_offset;
-
-		memcpy(b->buf + write_offset, buf, chunk);
-
-		b->len += chunk;
-
-		assert(b->len <= b->size);
-
-		rest -= chunk;
-		buf += chunk;
-	} while (rest);
-
-	return num;
-}
-
-/* non-copying interface: provide pointer to region to write to
- *   bio_nwrite0:  check how much space is available
- *   bio_nwrite:   also increase length
- * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
- *  or just         bio_nwrite(), write to buffer)
- */
-static ssize_t
-bio_nwrite0(BIO *bio, char **buf)
-{
-	struct bio_bio_st *b;
-	size_t num;
-	size_t write_offset;
-
-	BIO_clear_retry_flags(bio);
-
-	if (!bio->init)
-		return 0;
-
-	b = bio->ptr;
-
-	assert(b != NULL);
-	assert(b->peer != NULL);
-	assert(b->buf != NULL);
-
-	b->request = 0;
-	if (b->closed) {
-		BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
-		return -1;
-	}
-
-	assert(b->len <= b->size);
-
-	if (b->len == b->size) {
-		BIO_set_retry_write(bio);
-		return -1;
-	}
-
-	num = b->size - b->len;
-	write_offset = b->offset + b->len;
-	if (write_offset >= b->size)
-		write_offset -= b->size;
-	if (write_offset + num > b->size)
-		/* no ring buffer wrap-around for non-copying interface
-		 * (to fulfil the promise by BIO_ctrl_get_write_guarantee,
-		 * BIO_nwrite may have to be called twice) */
-		num = b->size - write_offset;
-
-	if (buf != NULL)
-		*buf = b->buf + write_offset;
-	assert(write_offset + num <= b->size);
-
-	return num;
-}
-
-static ssize_t
-bio_nwrite(BIO *bio, char **buf, size_t num_)
-{
-	struct bio_bio_st *b;
-	ssize_t num, space;
-
-	if (num_ > SSIZE_MAX)
-		num = SSIZE_MAX;
-	else
-		num = (ssize_t)num_;
-
-	space = bio_nwrite0(bio, buf);
-	if (num > space)
-		num = space;
-	if (num <= 0)
-		return num;
-	b = bio->ptr;
-	assert(b != NULL);
-	b->len += num;
-	assert(b->len <= b->size);
-
-	return num;
-}
-
-
-static long
-bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
-{
-	long ret;
-	struct bio_bio_st *b = bio->ptr;
-
-	assert(b != NULL);
-
-	switch (cmd) {
-		/* specific CTRL codes */
-
-	case BIO_C_SET_WRITE_BUF_SIZE:
-		if (b->peer) {
-			BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
-			ret = 0;
-		} else if (num == 0) {
-			BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
-			ret = 0;
-		} else {
-			size_t new_size = num;
-
-			if (b->size != new_size) {
-				free(b->buf);
-				b->buf = NULL;
-				b->size = new_size;
-			}
-			ret = 1;
-		}
-		break;
-
-	case BIO_C_GET_WRITE_BUF_SIZE:
-		ret = (long) b->size;
-		break;
-
-	case BIO_C_MAKE_BIO_PAIR:
-		{
-			BIO *other_bio = ptr;
-
-			if (bio_make_pair(bio, other_bio))
-				ret = 1;
-			else
-				ret = 0;
-		}
-		break;
-
-	case BIO_C_DESTROY_BIO_PAIR:
-		/* Affects both BIOs in the pair -- call just once!
-		 * Or let BIO_free(bio1); BIO_free(bio2); do the job. */
-		bio_destroy_pair(bio);
-		ret = 1;
-		break;
-
-	case BIO_C_GET_WRITE_GUARANTEE:
-		/* How many bytes can the caller feed to the next write
-		 * without having to keep any? */
-		if (b->peer == NULL || b->closed)
-			ret = 0;
-		else
-			ret = (long) b->size - b->len;
-		break;
-
-	case BIO_C_GET_READ_REQUEST:
-		/* If the peer unsuccessfully tried to read, how many bytes
-		 * were requested?  (As with BIO_CTRL_PENDING, that number
-		 * can usually be treated as boolean.) */
-		ret = (long) b->request;
-		break;
-
-	case BIO_C_RESET_READ_REQUEST:
-		/* Reset request.  (Can be useful after read attempts
-		 * at the other side that are meant to be non-blocking,
-		 * e.g. when probing SSL_read to see if any data is
-		 * available.) */
-		b->request = 0;
-		ret = 1;
-		break;
-
-	case BIO_C_SHUTDOWN_WR:
-		/* similar to shutdown(..., SHUT_WR) */
-		b->closed = 1;
-		ret = 1;
-		break;
-
-	case BIO_C_NREAD0:
-		/* prepare for non-copying read */
-		ret = (long) bio_nread0(bio, ptr);
-		break;
-
-	case BIO_C_NREAD:
-		/* non-copying read */
-		ret = (long) bio_nread(bio, ptr, (size_t) num);
-		break;
-
-	case BIO_C_NWRITE0:
-		/* prepare for non-copying write */
-		ret = (long) bio_nwrite0(bio, ptr);
-		break;
-
-	case BIO_C_NWRITE:
-		/* non-copying write */
-		ret = (long) bio_nwrite(bio, ptr, (size_t) num);
-		break;
-
-
-		/* standard CTRL codes follow */
-
-	case BIO_CTRL_RESET:
-		if (b->buf != NULL) {
-			b->len = 0;
-			b->offset = 0;
-		}
-		ret = 0;
-		break;
-
-
-	case BIO_CTRL_GET_CLOSE:
-		ret = bio->shutdown;
-		break;
-
-	case BIO_CTRL_SET_CLOSE:
-		bio->shutdown = (int) num;
-		ret = 1;
-		break;
-
-	case BIO_CTRL_PENDING:
-		if (b->peer != NULL) {
-			struct bio_bio_st *peer_b = b->peer->ptr;
-
-			ret = (long) peer_b->len;
-		} else
-			ret = 0;
-		break;
-
-	case BIO_CTRL_WPENDING:
-		if (b->buf != NULL)
-			ret = (long) b->len;
-		else
-			ret = 0;
-		break;
-
-	case BIO_CTRL_DUP:
-		/* See BIO_dup_chain for circumstances we have to expect. */
-		{
-			BIO *other_bio = ptr;
-			struct bio_bio_st *other_b;
-
-			assert(other_bio != NULL);
-			other_b = other_bio->ptr;
-			assert(other_b != NULL);
-
-			assert(other_b->buf == NULL); /* other_bio is always fresh */
-
-			other_b->size = b->size;
-		}
-
-		ret = 1;
-		break;
-
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-
-	case BIO_CTRL_EOF:
-		{
-			BIO *other_bio = ptr;
-
-			if (other_bio) {
-				struct bio_bio_st *other_b = other_bio->ptr;
-
-				assert(other_b != NULL);
-				ret = other_b->len == 0 && other_b->closed;
-			} else
-				ret = 1;
-		}
-		break;
-
-	default:
-		ret = 0;
-	}
-	return ret;
-}
-
-static int
-bio_puts(BIO *bio, const char *str)
-{
-	return bio_write(bio, str, strlen(str));
-}
-
-
-static int
-bio_make_pair(BIO *bio1, BIO *bio2)
-{
-	struct bio_bio_st *b1, *b2;
-
-	assert(bio1 != NULL);
-	assert(bio2 != NULL);
-
-	b1 = bio1->ptr;
-	b2 = bio2->ptr;
-
-	if (b1->peer != NULL || b2->peer != NULL) {
-		BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
-		return 0;
-	}
-
-	if (b1->buf == NULL) {
-		b1->buf = malloc(b1->size);
-		if (b1->buf == NULL) {
-			BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		b1->len = 0;
-		b1->offset = 0;
-	}
-
-	if (b2->buf == NULL) {
-		b2->buf = malloc(b2->size);
-		if (b2->buf == NULL) {
-			BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		b2->len = 0;
-		b2->offset = 0;
-	}
-
-	b1->peer = bio2;
-	b1->closed = 0;
-	b1->request = 0;
-	b2->peer = bio1;
-	b2->closed = 0;
-	b2->request = 0;
-
-	bio1->init = 1;
-	bio2->init = 1;
-
-	return 1;
-}
-
-static void
-bio_destroy_pair(BIO *bio)
-{
-	struct bio_bio_st *b = bio->ptr;
-
-	if (b != NULL) {
-		BIO *peer_bio = b->peer;
-
-		if (peer_bio != NULL) {
-			struct bio_bio_st *peer_b = peer_bio->ptr;
-
-			assert(peer_b != NULL);
-			assert(peer_b->peer == bio);
-
-			peer_b->peer = NULL;
-			peer_bio->init = 0;
-			assert(peer_b->buf != NULL);
-			peer_b->len = 0;
-			peer_b->offset = 0;
-
-			b->peer = NULL;
-			bio->init = 0;
-			assert(b->buf != NULL);
-			b->len = 0;
-			b->offset = 0;
-		}
-	}
-}
-
-
-/* Exported convenience functions */
-int
-BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1, BIO **bio2_p, size_t writebuf2)
-{
-	BIO *bio1 = NULL, *bio2 = NULL;
-	long r;
-	int ret = 0;
-
-	bio1 = BIO_new(BIO_s_bio());
-	if (bio1 == NULL)
-		goto err;
-	bio2 = BIO_new(BIO_s_bio());
-	if (bio2 == NULL)
-		goto err;
-
-	if (writebuf1) {
-		r = BIO_set_write_buf_size(bio1, writebuf1);
-		if (!r)
-			goto err;
-	}
-	if (writebuf2) {
-		r = BIO_set_write_buf_size(bio2, writebuf2);
-		if (!r)
-			goto err;
-	}
-
-	r = BIO_make_bio_pair(bio1, bio2);
-	if (!r)
-		goto err;
-	ret = 1;
-
-	err:
-	if (ret == 0) {
-		if (bio1) {
-			BIO_free(bio1);
-			bio1 = NULL;
-		}
-		if (bio2) {
-			BIO_free(bio2);
-			bio2 = NULL;
-		}
-	}
-
-	*bio1_p = bio1;
-	*bio2_p = bio2;
-	return ret;
-}
-
-size_t
-BIO_ctrl_get_write_guarantee(BIO *bio)
-{
-	return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
-}
-
-size_t
-BIO_ctrl_get_read_request(BIO *bio)
-{
-	return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
-}
-
-int
-BIO_ctrl_reset_read_request(BIO *bio)
-{
-	return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
-}
-
-
-/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
- * (conceivably some other BIOs could allow non-copying reads and writes too.)
- */
-int
-BIO_nread0(BIO *bio, char **buf)
-{
-	long ret;
-
-	if (!bio->init) {
-		BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
-		return -2;
-	}
-
-	ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
-	if (ret > INT_MAX)
-		return INT_MAX;
-	else
-		return (int) ret;
-}
-
-int
-BIO_nread(BIO *bio, char **buf, int num)
-{
-	int ret;
-
-	if (!bio->init) {
-		BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
-		return -2;
-	}
-
-	ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf);
-	if (ret > 0)
-		bio->num_read += ret;
-	return ret;
-}
-
-int
-BIO_nwrite0(BIO *bio, char **buf)
-{
-	long ret;
-
-	if (!bio->init) {
-		BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
-		return -2;
-	}
-
-	ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
-	if (ret > INT_MAX)
-		return INT_MAX;
-	else
-		return (int) ret;
-}
-
-int
-BIO_nwrite(BIO *bio, char **buf, int num)
-{
-	int ret;
-
-	if (!bio->init) {
-		BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
-		return -2;
-	}
-
-	ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
-	if (ret > 0)
-		bio->num_write += ret;
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/bio/bss_conn.c b/lib/libssl/src/crypto/bio/bss_conn.c
deleted file mode 100644
index 7f509366775..00000000000
--- a/lib/libssl/src/crypto/bio/bss_conn.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/* $OpenBSD: bss_conn.c,v 1.32 2014/11/26 05:37:26 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/socket.h>
-
-#include <netinet/in.h>
-
-#include <errno.h>
-#include <netdb.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#define SOCKET_PROTOCOL IPPROTO_TCP
-
-typedef struct bio_connect_st {
-	int state;
-
-	char *param_hostname;
-	char *param_port;
-	int nbio;
-
-	unsigned char ip[4];
-	unsigned short port;
-
-	struct sockaddr_in them;
-
-	/* int socket; this will be kept in bio->num so that it is
-	 * compatible with the bss_sock bio */ 
-
-	/* called when the connection is initially made
-	 *  callback(BIO,state,ret);  The callback should return
-	 * 'ret'.  state is for compatibility with the ssl info_callback */
-	int (*info_callback)(const BIO *bio, int state, int ret);
-} BIO_CONNECT;
-
-static int conn_write(BIO *h, const char *buf, int num);
-static int conn_read(BIO *h, char *buf, int size);
-static int conn_puts(BIO *h, const char *str);
-static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int conn_new(BIO *h);
-static int conn_free(BIO *data);
-static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
-
-static int conn_state(BIO *b, BIO_CONNECT *c);
-static void conn_close_socket(BIO *data);
-BIO_CONNECT *BIO_CONNECT_new(void);
-void BIO_CONNECT_free(BIO_CONNECT *a);
-
-static BIO_METHOD methods_connectp = {
-	.type = BIO_TYPE_CONNECT,
-	.name = "socket connect",
-	.bwrite = conn_write,
-	.bread = conn_read,
-	.bputs = conn_puts,
-	.ctrl = conn_ctrl,
-	.create = conn_new,
-	.destroy = conn_free,
-	.callback_ctrl = conn_callback_ctrl
-};
-
-static int
-conn_state(BIO *b, BIO_CONNECT *c)
-{
-	int ret = -1, i;
-	unsigned long l;
-	char *p, *q;
-	int (*cb)(const BIO *, int, int) = NULL;
-
-	if (c->info_callback != NULL)
-		cb = c->info_callback;
-
-	for (;;) {
-		switch (c->state) {
-		case BIO_CONN_S_BEFORE:
-			p = c->param_hostname;
-			if (p == NULL) {
-				BIOerr(BIO_F_CONN_STATE, BIO_R_NO_HOSTNAME_SPECIFIED);
-				goto exit_loop;
-			}
-			for (; *p != '\0'; p++) {
-				if ((*p == ':') || (*p == '/'))
-				break;
-			}
-
-			i= *p;
-			if ((i == ':') || (i == '/')) {
-				*(p++) = '\0';
-				if (i == ':') {
-					for (q = p; *q; q++)
-						if (*q == '/') {
-							*q = '\0';
-							break;
-						}
-					free(c->param_port);
-					c->param_port = strdup(p);
-				}
-			}
-
-			if (c->param_port == NULL) {
-				BIOerr(BIO_F_CONN_STATE, BIO_R_NO_PORT_SPECIFIED);
-				ERR_asprintf_error_data("host=%s",
-				    c->param_hostname);
-				goto exit_loop;
-			}
-			c->state = BIO_CONN_S_GET_IP;
-			break;
-
-		case BIO_CONN_S_GET_IP:
-			if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0)
-				goto exit_loop;
-			c->state = BIO_CONN_S_GET_PORT;
-			break;
-
-		case BIO_CONN_S_GET_PORT:
-			if (c->param_port == NULL) {
-				/* abort(); */
-				goto exit_loop;
-			} else if (BIO_get_port(c->param_port, &c->port) <= 0)
-				goto exit_loop;
-			c->state = BIO_CONN_S_CREATE_SOCKET;
-			break;
-
-		case BIO_CONN_S_CREATE_SOCKET:
-			/* now setup address */
-			memset((char *)&c->them, 0, sizeof(c->them));
-			c->them.sin_family = AF_INET;
-			c->them.sin_port = htons((unsigned short)c->port);
-			l = (unsigned long)
-			    ((unsigned long)c->ip[0] << 24L)|
-			    ((unsigned long)c->ip[1] << 16L)|
-			    ((unsigned long)c->ip[2] << 8L)|
-			    ((unsigned long)c->ip[3]);
-			c->them.sin_addr.s_addr = htonl(l);
-			c->state = BIO_CONN_S_CREATE_SOCKET;
-
-			ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
-			if (ret == -1) {
-				SYSerr(SYS_F_SOCKET, errno);
-				ERR_asprintf_error_data("host=%s:%s",
-				    c->param_hostname, c->param_port);
-				BIOerr(BIO_F_CONN_STATE,
-				    BIO_R_UNABLE_TO_CREATE_SOCKET);
-				goto exit_loop;
-			}
-			b->num = ret;
-			c->state = BIO_CONN_S_NBIO;
-			break;
-
-		case BIO_CONN_S_NBIO:
-			if (c->nbio) {
-				if (!BIO_socket_nbio(b->num, 1)) {
-					BIOerr(BIO_F_CONN_STATE,
-					    BIO_R_ERROR_SETTING_NBIO);
-					ERR_asprintf_error_data("host=%s:%s",
-					    c->param_hostname, c->param_port);
-					goto exit_loop;
-				}
-			}
-			c->state = BIO_CONN_S_CONNECT;
-
-#if defined(SO_KEEPALIVE)
-			i = 1;
-			i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, &i, sizeof(i));
-			if (i < 0) {
-				SYSerr(SYS_F_SOCKET, errno);
-				ERR_asprintf_error_data("host=%s:%s",
-				    c->param_hostname, c->param_port);
-				BIOerr(BIO_F_CONN_STATE, BIO_R_KEEPALIVE);
-				goto exit_loop;
-			}
-#endif
-			break;
-
-		case BIO_CONN_S_CONNECT:
-			BIO_clear_retry_flags(b);
-			ret = connect(b->num,
-			(struct sockaddr *)&c->them,
-			sizeof(c->them));
-			b->retry_reason = 0;
-			if (ret < 0) {
-				if (BIO_sock_should_retry(ret)) {
-					BIO_set_retry_special(b);
-					c->state = BIO_CONN_S_BLOCKED_CONNECT;
-					b->retry_reason = BIO_RR_CONNECT;
-				} else {
-					SYSerr(SYS_F_CONNECT, errno);
-					ERR_asprintf_error_data("host=%s:%s",
-					    c->param_hostname, c->param_port);
-					BIOerr(BIO_F_CONN_STATE,
-					    BIO_R_CONNECT_ERROR);
-				}
-				goto exit_loop;
-			} else
-				c->state = BIO_CONN_S_OK;
-			break;
-
-		case BIO_CONN_S_BLOCKED_CONNECT:
-			i = BIO_sock_error(b->num);
-			if (i) {
-				BIO_clear_retry_flags(b);
-				SYSerr(SYS_F_CONNECT, i);
-				ERR_asprintf_error_data("host=%s:%s",
-				    c->param_hostname, c->param_port);
-				BIOerr(BIO_F_CONN_STATE,
-				    BIO_R_NBIO_CONNECT_ERROR);
-				ret = 0;
-				goto exit_loop;
-			} else
-				c->state = BIO_CONN_S_OK;
-			break;
-
-		case BIO_CONN_S_OK:
-			ret = 1;
-			goto exit_loop;
-		default:
-			/* abort(); */
-			goto exit_loop;
-		}
-
-		if (cb != NULL) {
-			if (!(ret = cb((BIO *)b, c->state, ret)))
-				goto end;
-		}
-	}
-
-	/* Loop does not exit */
-exit_loop:
-	if (cb != NULL)
-		ret = cb((BIO *)b, c->state, ret);
-end:
-	return (ret);
-}
-
-BIO_CONNECT *
-BIO_CONNECT_new(void)
-{
-	BIO_CONNECT *ret;
-
-	if ((ret = malloc(sizeof(BIO_CONNECT))) == NULL)
-		return (NULL);
-	ret->state = BIO_CONN_S_BEFORE;
-	ret->param_hostname = NULL;
-	ret->param_port = NULL;
-	ret->info_callback = NULL;
-	ret->nbio = 0;
-	ret->ip[0] = 0;
-	ret->ip[1] = 0;
-	ret->ip[2] = 0;
-	ret->ip[3] = 0;
-	ret->port = 0;
-	memset((char *)&ret->them, 0, sizeof(ret->them));
-	return (ret);
-}
-
-void
-BIO_CONNECT_free(BIO_CONNECT *a)
-{
-	if (a == NULL)
-		return;
-
-	free(a->param_hostname);
-	free(a->param_port);
-	free(a);
-}
-
-BIO_METHOD *
-BIO_s_connect(void)
-{
-	return (&methods_connectp);
-}
-
-static int
-conn_new(BIO *bi)
-{
-	bi->init = 0;
-	bi->num = -1;
-	bi->flags = 0;
-	if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
-		return (0);
-	else
-		return (1);
-}
-
-static void
-conn_close_socket(BIO *bio)
-{
-	BIO_CONNECT *c;
-
-	c = (BIO_CONNECT *)bio->ptr;
-	if (bio->num != -1) {
-		/* Only do a shutdown if things were established */
-		if (c->state == BIO_CONN_S_OK)
-			shutdown(bio->num, SHUT_RDWR);
-		close(bio->num);
-		bio->num = -1;
-	}
-}
-
-static int
-conn_free(BIO *a)
-{
-	BIO_CONNECT *data;
-
-	if (a == NULL)
-		return (0);
-	data = (BIO_CONNECT *)a->ptr;
-
-	if (a->shutdown) {
-		conn_close_socket(a);
-		BIO_CONNECT_free(data);
-		a->ptr = NULL;
-		a->flags = 0;
-		a->init = 0;
-	}
-	return (1);
-}
-
-static int
-conn_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-	BIO_CONNECT *data;
-
-	data = (BIO_CONNECT *)b->ptr;
-	if (data->state != BIO_CONN_S_OK) {
-		ret = conn_state(b, data);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	if (out != NULL) {
-		errno = 0;
-		ret = read(b->num, out, outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0) {
-			if (BIO_sock_should_retry(ret))
-				BIO_set_retry_read(b);
-		}
-	}
-	return (ret);
-}
-
-static int
-conn_write(BIO *b, const char *in, int inl)
-{
-	int ret;
-	BIO_CONNECT *data;
-
-	data = (BIO_CONNECT *)b->ptr;
-	if (data->state != BIO_CONN_S_OK) {
-		ret = conn_state(b, data);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	errno = 0;
-	ret = write(b->num, in, inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0) {
-		if (BIO_sock_should_retry(ret))
-			BIO_set_retry_write(b);
-	}
-	return (ret);
-}
-
-static long
-conn_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO *dbio;
-	int *ip;
-	const char **pptr;
-	long ret = 1;
-	BIO_CONNECT *data;
-
-	data = (BIO_CONNECT *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ret = 0;
-		data->state = BIO_CONN_S_BEFORE;
-		conn_close_socket(b);
-		b->flags = 0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		/* use this one to start the connection */
-		if (data->state != BIO_CONN_S_OK)
-			ret = (long)conn_state(b, data);
-		else
-			ret = 1;
-		break;
-	case BIO_C_GET_CONNECT:
-		if (ptr != NULL) {
-			pptr = (const char **)ptr;
-			if (num == 0) {
-				*pptr = data->param_hostname;
-
-			} else if (num == 1) {
-				*pptr = data->param_port;
-			} else if (num == 2) {
-				*pptr = (char *)&(data->ip[0]);
-			} else if (num == 3) {
-				*((int *)ptr) = data->port;
-			}
-			if ((!b->init) || (ptr == NULL))
-				*pptr = "not initialized";
-			ret = 1;
-		}
-		break;
-	case BIO_C_SET_CONNECT:
-		if (ptr != NULL) {
-			b->init = 1;
-			if (num == 0) {
-				free(data->param_hostname);
-				data->param_hostname = strdup(ptr);
-			} else if (num == 1) {
-				free(data->param_port);
-				data->param_port = strdup(ptr);
-			} else if (num == 2) {
-				unsigned char *p = ptr;
-				free(data->param_hostname);
-				if (asprintf(&data->param_hostname,
-					"%u.%u.%u.%u", p[0], p[1],
-					p[2], p[3]) == -1)
-					data->param_hostname = NULL;
-				memcpy(&(data->ip[0]), ptr, 4);
-			} else if (num == 3) {
-				free(data->param_port);
-				data->port= *(int *)ptr;
-				if (asprintf(&data->param_port, "%d",
-					data->port) == -1)
-					data->param_port = NULL;
-			}
-		}
-		break;
-	case BIO_C_SET_NBIO:
-		data->nbio = (int)num;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init) {
-			ip = (int *)ptr;
-			if (ip != NULL)
-				*ip = b->num;
-			ret = b->num;
-		} else
-			ret = -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret = 0;
-		break;
-	case BIO_CTRL_FLUSH:
-		break;
-	case BIO_CTRL_DUP:
-		{
-			dbio = (BIO *)ptr;
-			if (data->param_port)
-				BIO_set_conn_port(dbio, data->param_port);
-			if (data->param_hostname)
-				BIO_set_conn_hostname(dbio,
-				    data->param_hostname);
-			BIO_set_nbio(dbio, data->nbio);
-			/* FIXME: the cast of the function seems unlikely to be a good idea */
-			(void)BIO_set_info_callback(dbio,
-			    (bio_info_cb *)data->info_callback);
-		}
-		break;
-	case BIO_CTRL_SET_CALLBACK:
-		{
-#if 0 /* FIXME: Should this be used?  -- Richard Levitte */
-			BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-			ret = -1;
-#else
-			ret = 0;
-#endif
-		}
-		break;
-	case BIO_CTRL_GET_CALLBACK:
-		{
-			int (**fptr)(const BIO *bio, int state, int xret);
-
-			fptr = (int (**)(const BIO *bio, int state, int xret))ptr;
-			*fptr = data->info_callback;
-		}
-		break;
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static long
-conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-	BIO_CONNECT *data;
-
-	data = (BIO_CONNECT *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_SET_CALLBACK:
-		{
-			data->info_callback = (int (*)(const struct bio_st *, int, int))fp;
-		}
-		break;
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-conn_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = conn_write(bp, str, n);
-	return (ret);
-}
-
-BIO *
-BIO_new_connect(char *str)
-{
-	BIO *ret;
-
-	ret = BIO_new(BIO_s_connect());
-	if (ret == NULL)
-		return (NULL);
-	if (BIO_set_conn_hostname(ret, str))
-		return (ret);
-	else {
-		BIO_free(ret);
-		return (NULL);
-	}
-}
-
diff --git a/lib/libssl/src/crypto/bio/bss_dgram.c b/lib/libssl/src/crypto/bio/bss_dgram.c
deleted file mode 100644
index a9657402ce6..00000000000
--- a/lib/libssl/src/crypto/bio/bss_dgram.c
+++ /dev/null
@@ -1,658 +0,0 @@
-/* $OpenBSD: bss_dgram.c,v 1.41 2015/07/20 23:15:28 doug Exp $ */
-/* 
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <sys/socket.h>
-#include <sys/time.h>
-
-#include <netinet/in.h>
-
-#include <errno.h>
-#include <netdb.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-
-#ifndef OPENSSL_NO_DGRAM
-
-
-static int dgram_write(BIO *h, const char *buf, int num);
-static int dgram_read(BIO *h, char *buf, int size);
-static int dgram_puts(BIO *h, const char *str);
-static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int dgram_new(BIO *h);
-static int dgram_free(BIO *data);
-static int dgram_clear(BIO *bio);
-
-
-static int BIO_dgram_should_retry(int s);
-
-static BIO_METHOD methods_dgramp = {
-	.type = BIO_TYPE_DGRAM,
-	.name = "datagram socket",
-	.bwrite = dgram_write,
-	.bread = dgram_read,
-	.bputs = dgram_puts,
-	.ctrl = dgram_ctrl,
-	.create = dgram_new,
-	.destroy = dgram_free
-};
-
-
-typedef struct bio_dgram_data_st {
-	union {
-		struct sockaddr sa;
-		struct sockaddr_in sa_in;
-		struct sockaddr_in6 sa_in6;
-	} peer;
-	unsigned int connected;
-	unsigned int _errno;
-	unsigned int mtu;
-	struct timeval next_timeout;
-	struct timeval socket_timeout;
-} bio_dgram_data;
-
-
-BIO_METHOD *
-BIO_s_datagram(void)
-{
-	return (&methods_dgramp);
-}
-
-BIO *
-BIO_new_dgram(int fd, int close_flag)
-{
-	BIO *ret;
-
-	ret = BIO_new(BIO_s_datagram());
-	if (ret == NULL)
-		return (NULL);
-	BIO_set_fd(ret, fd, close_flag);
-	return (ret);
-}
-
-static int
-dgram_new(BIO *bi)
-{
-	bio_dgram_data *data = NULL;
-
-	bi->init = 0;
-	bi->num = 0;
-	data = calloc(1, sizeof(bio_dgram_data));
-	if (data == NULL)
-		return 0;
-	bi->ptr = data;
-
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-dgram_free(BIO *a)
-{
-	bio_dgram_data *data;
-
-	if (a == NULL)
-		return (0);
-	if (!dgram_clear(a))
-		return 0;
-
-	data = (bio_dgram_data *)a->ptr;
-	free(data);
-
-	return (1);
-}
-
-static int
-dgram_clear(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	if (a->shutdown) {
-		if (a->init) {
-			shutdown(a->num, SHUT_RDWR);
-			close(a->num);
-		}
-		a->init = 0;
-		a->flags = 0;
-	}
-	return (1);
-}
-
-static void
-dgram_adjust_rcv_timeout(BIO *b)
-{
-#if defined(SO_RCVTIMEO)
-	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
-	/* Is a timer active? */
-	if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
-		struct timeval timenow, timeleft;
-
-		/* Read current socket timeout */
-		socklen_t sz = sizeof(data->socket_timeout);
-		if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-		    &(data->socket_timeout), &sz) < 0) {
-			perror("getsockopt");
-		}
-
-		/* Get current time */
-		gettimeofday(&timenow, NULL);
-
-		/* Calculate time left until timer expires */
-		memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
-		timeleft.tv_sec -= timenow.tv_sec;
-		timeleft.tv_usec -= timenow.tv_usec;
-		if (timeleft.tv_usec < 0) {
-			timeleft.tv_sec--;
-			timeleft.tv_usec += 1000000;
-		}
-
-		if (timeleft.tv_sec < 0) {
-			timeleft.tv_sec = 0;
-			timeleft.tv_usec = 1;
-		}
-
-		/* Adjust socket timeout if next handhake message timer
-		 * will expire earlier.
-		 */
-		if ((data->socket_timeout.tv_sec == 0 &&
-		    data->socket_timeout.tv_usec == 0) ||
-		    (data->socket_timeout.tv_sec > timeleft.tv_sec) ||
-		    (data->socket_timeout.tv_sec == timeleft.tv_sec &&
-		    data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
-			if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-			    &timeleft, sizeof(struct timeval)) < 0) {
-				perror("setsockopt");
-			}
-		}
-	}
-#endif
-}
-
-static void
-dgram_reset_rcv_timeout(BIO *b)
-{
-#if defined(SO_RCVTIMEO)
-	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
-	/* Is a timer active? */
-	if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
-		if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-		    &(data->socket_timeout), sizeof(struct timeval)) < 0) {
-			perror("setsockopt");
-		}
-	}
-#endif
-}
-
-static int
-dgram_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-
-	struct	{
-		socklen_t len;
-		union	{
-			struct sockaddr sa;
-			struct sockaddr_in sa_in;
-			struct sockaddr_in6 sa_in6;
-		} peer;
-	} sa;
-
-	sa.len = sizeof(sa.peer);
-
-	if (out != NULL) {
-		errno = 0;
-		memset(&sa.peer, 0, sizeof(sa.peer));
-		dgram_adjust_rcv_timeout(b);
-		ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, &sa.len);
-
-		if (! data->connected  && ret >= 0)
-			BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
-
-		BIO_clear_retry_flags(b);
-		if (ret < 0) {
-			if (BIO_dgram_should_retry(ret)) {
-				BIO_set_retry_read(b);
-				data->_errno = errno;
-			}
-		}
-
-		dgram_reset_rcv_timeout(b);
-	}
-	return (ret);
-}
-
-static int
-dgram_write(BIO *b, const char *in, int inl)
-{
-	int ret;
-	bio_dgram_data *data = (bio_dgram_data *)b->ptr;
-	errno = 0;
-
-	if (data->connected)
-		ret = write(b->num, in, inl);
-	else {
-		int peerlen = sizeof(data->peer);
-
-		if (data->peer.sa.sa_family == AF_INET)
-			peerlen = sizeof(data->peer.sa_in);
-		else if (data->peer.sa.sa_family == AF_INET6)
-			peerlen = sizeof(data->peer.sa_in6);
-		ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
-	}
-
-	BIO_clear_retry_flags(b);
-	if (ret <= 0) {
-		if (BIO_dgram_should_retry(ret)) {
-			BIO_set_retry_write(b);
-
-			data->_errno = errno;
-			/*
-			 * higher layers are responsible for querying MTU,
-			 * if necessary
-			 */
-		}
-	}
-	return (ret);
-}
-
-static long
-dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-	int *ip;
-	struct sockaddr *to = NULL;
-	bio_dgram_data *data = NULL;
-#if (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
-	int sockopt_val = 0;
-	socklen_t sockopt_len;	/* assume that system supporting IP_MTU is
-				 * modern enough to define socklen_t */
-	socklen_t addr_len;
-	union	{
-		struct sockaddr	sa;
-		struct sockaddr_in s4;
-		struct sockaddr_in6 s6;
-	} addr;
-#endif
-
-	data = (bio_dgram_data *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		num = 0;
-	case BIO_C_FILE_SEEK:
-		ret = 0;
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret = 0;
-		break;
-	case BIO_C_SET_FD:
-		dgram_clear(b);
-		b->num= *((int *)ptr);
-		b->shutdown = (int)num;
-		b->init = 1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init) {
-			ip = (int *)ptr;
-			if (ip != NULL)
-				*ip = b->num;
-			ret = b->num;
-		} else
-			ret = -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret = 0;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-	case BIO_CTRL_DGRAM_CONNECT:
-		to = (struct sockaddr *)ptr;
-		switch (to->sa_family) {
-		case AF_INET:
-			memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-			break;
-		case AF_INET6:
-			memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-			break;
-		default:
-			memcpy(&data->peer, to, sizeof(data->peer.sa));
-			break;
-		}
-		break;
-		/* (Linux)kernel sets DF bit on outgoing IP packets */
-	case BIO_CTRL_DGRAM_MTU_DISCOVER:
-#if defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
-		addr_len = (socklen_t)sizeof(addr);
-		memset((void *)&addr, 0, sizeof(addr));
-		if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
-			ret = 0;
-			break;
-		}
-		switch (addr.sa.sa_family) {
-		case AF_INET:
-			sockopt_val = IP_PMTUDISC_DO;
-			ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
-			    &sockopt_val, sizeof(sockopt_val));
-			if (ret < 0)
-				perror("setsockopt");
-			break;
-#if defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
-		case AF_INET6:
-			sockopt_val = IPV6_PMTUDISC_DO;
-			ret = setsockopt(b->num, IPPROTO_IPV6,
-			    IPV6_MTU_DISCOVER, &sockopt_val,
-			    sizeof(sockopt_val));
-			if (ret < 0)
-				perror("setsockopt");
-			break;
-#endif
-		default:
-			ret = -1;
-			break;
-		}
-#else
-		ret = -1;
-#endif
-		break;
-	case BIO_CTRL_DGRAM_QUERY_MTU:
-#if defined(IP_MTU)
-		addr_len = (socklen_t)sizeof(addr);
-		memset((void *)&addr, 0, sizeof(addr));
-		if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
-			ret = 0;
-			break;
-		}
-		sockopt_len = sizeof(sockopt_val);
-		switch (addr.sa.sa_family) {
-		case AF_INET:
-			ret = getsockopt(b->num, IPPROTO_IP, IP_MTU,
-			    &sockopt_val, &sockopt_len);
-			if (ret < 0 || sockopt_val < 0) {
-				ret = 0;
-			} else {
-				/* we assume that the transport protocol is UDP and no
-				 * IP options are used.
-				 */
-				data->mtu = sockopt_val - 8 - 20;
-				ret = data->mtu;
-			}
-			break;
-#if defined(IPV6_MTU)
-		case AF_INET6:
-			ret = getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
-			    &sockopt_val, &sockopt_len);
-			if (ret < 0 || sockopt_val < 0) {
-				ret = 0;
-			} else {
-				/* we assume that the transport protocol is UDP and no
-				 * IPV6 options are used.
-				 */
-				data->mtu = sockopt_val - 8 - 40;
-				ret = data->mtu;
-			}
-			break;
-#endif
-default:
-			ret = 0;
-			break;
-		}
-#else
-		ret = 0;
-#endif
-		break;
-	case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
-		switch (data->peer.sa.sa_family) {
-		case AF_INET:
-			ret = 576 - 20 - 8;
-			break;
-		case AF_INET6:
-#ifdef IN6_IS_ADDR_V4MAPPED
-			if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
-				ret = 576 - 20 - 8;
-			else
-#endif
-				ret = 1280 - 40 - 8;
-			break;
-		default:
-			ret = 576 - 20 - 8;
-			break;
-		}
-		break;
-	case BIO_CTRL_DGRAM_GET_MTU:
-		return data->mtu;
-		break;
-	case BIO_CTRL_DGRAM_SET_MTU:
-		data->mtu = num;
-		ret = num;
-		break;
-	case BIO_CTRL_DGRAM_SET_CONNECTED:
-		to = (struct sockaddr *)ptr;
-
-		if (to != NULL) {
-			data->connected = 1;
-			switch (to->sa_family) {
-			case AF_INET:
-				memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-				break;
-			case AF_INET6:
-				memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-				break;
-			default:
-				memcpy(&data->peer, to, sizeof(data->peer.sa));
-				break;
-			}
-		} else {
-			data->connected = 0;
-			memset(&(data->peer), 0, sizeof(data->peer));
-		}
-		break;
-	case BIO_CTRL_DGRAM_GET_PEER:
-		switch (data->peer.sa.sa_family) {
-		case AF_INET:
-			ret = sizeof(data->peer.sa_in);
-			break;
-		case AF_INET6:
-			ret = sizeof(data->peer.sa_in6);
-			break;
-		default:
-			ret = sizeof(data->peer.sa);
-			break;
-		}
-		if (num == 0 || num > ret)
-			num = ret;
-		memcpy(ptr, &data->peer, (ret = num));
-		break;
-	case BIO_CTRL_DGRAM_SET_PEER:
-		to = (struct sockaddr *) ptr;
-		switch (to->sa_family) {
-		case AF_INET:
-			memcpy(&data->peer, to, sizeof(data->peer.sa_in));
-			break;
-		case AF_INET6:
-			memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
-			break;
-		default:
-			memcpy(&data->peer, to, sizeof(data->peer.sa));
-			break;
-		}
-		break;
-	case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
-		memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
-		break;
-#if defined(SO_RCVTIMEO)
-	case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
-		if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
-		    sizeof(struct timeval)) < 0) {
-			perror("setsockopt");
-			ret = -1;
-		}
-		break;
-	case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
-		{
-			socklen_t sz = sizeof(struct timeval);
-			if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
-			    ptr, &sz) < 0) {
-				perror("getsockopt");
-				ret = -1;
-			} else
-				ret = sz;
-		}
-		break;
-#endif
-#if defined(SO_SNDTIMEO)
-	case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
-		if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
-		    sizeof(struct timeval)) < 0) {
-			perror("setsockopt");
-			ret = -1;
-		}
-		break;
-	case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
-		{
-			socklen_t sz = sizeof(struct timeval);
-			if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
-			    ptr, &sz) < 0) {
-				perror("getsockopt");
-				ret = -1;
-			} else
-				ret = sz;
-		}
-		break;
-#endif
-	case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
-		/* fall-through */
-	case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
-		if (data->_errno == EAGAIN) {
-			ret = 1;
-			data->_errno = 0;
-		} else
-			ret = 0;
-		break;
-#ifdef EMSGSIZE
-	case BIO_CTRL_DGRAM_MTU_EXCEEDED:
-		if (data->_errno == EMSGSIZE) {
-			ret = 1;
-			data->_errno = 0;
-		} else
-			ret = 0;
-		break;
-#endif
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-dgram_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = dgram_write(bp, str, n);
-	return (ret);
-}
-
-
-static int
-BIO_dgram_should_retry(int i)
-{
-	int err;
-
-	if ((i == 0) || (i == -1)) {
-		err = errno;
-		return (BIO_dgram_non_fatal_error(err));
-	}
-	return (0);
-}
-
-int
-BIO_dgram_non_fatal_error(int err)
-{
-	switch (err) {
-	case EINTR:
-	case EAGAIN:
-	case EINPROGRESS:
-	case EALREADY:
-		return (1);
-	default:
-		break;
-	}
-	return (0);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/bio/bss_fd.c b/lib/libssl/src/crypto/bio/bss_fd.c
deleted file mode 100644
index b21dbd92ed9..00000000000
--- a/lib/libssl/src/crypto/bio/bss_fd.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: bss_fd.c,v 1.18 2015/02/12 03:54:07 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-
-static int fd_write(BIO *h, const char *buf, int num);
-static int fd_read(BIO *h, char *buf, int size);
-static int fd_puts(BIO *h, const char *str);
-static int fd_gets(BIO *h, char *buf, int size);
-static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int fd_new(BIO *h);
-static int fd_free(BIO *data);
-int BIO_fd_should_retry(int s);
-
-static BIO_METHOD methods_fdp = {
-	.type = BIO_TYPE_FD,
-	.name = "file descriptor",
-	.bwrite = fd_write,
-	.bread = fd_read,
-	.bputs = fd_puts,
-	.bgets = fd_gets,
-	.ctrl = fd_ctrl,
-	.create = fd_new,
-	.destroy = fd_free
-};
-
-BIO_METHOD *
-BIO_s_fd(void)
-{
-	return (&methods_fdp);
-}
-
-BIO *
-BIO_new_fd(int fd, int close_flag)
-{
-	BIO *ret;
-	ret = BIO_new(BIO_s_fd());
-	if (ret == NULL)
-		return (NULL);
-	BIO_set_fd(ret, fd, close_flag);
-	return (ret);
-}
-
-static int
-fd_new(BIO *bi)
-{
-	bi->init = 0;
-	bi->num = -1;
-	bi->ptr = NULL;
-	bi->flags=0;
-	return (1);
-}
-
-static int
-fd_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	if (a->shutdown) {
-		if (a->init) {
-			close(a->num);
-		}
-		a->init = 0;
-		a->flags = 0;
-	}
-	return (1);
-}
-
-static int
-fd_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-
-	if (out != NULL) {
-		errno = 0;
-		ret = read(b->num, out, outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0) {
-			if (BIO_fd_should_retry(ret))
-				BIO_set_retry_read(b);
-		}
-	}
-	return (ret);
-}
-
-static int
-fd_write(BIO *b, const char *in, int inl)
-{
-	int ret;
-	errno = 0;
-	ret = write(b->num, in, inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0) {
-		if (BIO_fd_should_retry(ret))
-			BIO_set_retry_write(b);
-	}
-	return (ret);
-}
-
-static long
-fd_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-	int *ip;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		num = 0;
-	case BIO_C_FILE_SEEK:
-		ret = (long)lseek(b->num, num, 0);
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret = (long)lseek(b->num, 0, 1);
-		break;
-	case BIO_C_SET_FD:
-		fd_free(b);
-		b->num= *((int *)ptr);
-		b->shutdown = (int)num;
-		b->init = 1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init) {
-			ip = (int *)ptr;
-			if (ip != NULL)
-				*ip = b->num;
-			ret = b->num;
-		} else
-			ret = -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-		ret = 0;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-fd_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = fd_write(bp, str, n);
-	return (ret);
-}
-
-static int
-fd_gets(BIO *bp, char *buf, int size)
-{
-	int ret = 0;
-	char *ptr = buf;
-	char *end = buf + size - 1;
-
-	while ((ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n'))
-		ptr++;
-
-	ptr[0] = '\0';
-
-	if (buf[0] != '\0')
-		ret = strlen(buf);
-	return (ret);
-}
-
-int
-BIO_fd_should_retry(int i)
-{
-	int err;
-
-	if ((i == 0) || (i == -1)) {
-		err = errno;
-		return (BIO_fd_non_fatal_error(err));
-	}
-	return (0);
-}
-
-int
-BIO_fd_non_fatal_error(int err)
-{
-	switch (err) {
-	case ENOTCONN:
-	case EINTR:
-	case EAGAIN:
-	case EINPROGRESS:
-	case EALREADY:
-		return (1);
-	default:
-		break;
-	}
-	return (0);
-}
diff --git a/lib/libssl/src/crypto/bio/bss_file.c b/lib/libssl/src/crypto/bio/bss_file.c
deleted file mode 100644
index c710076fea2..00000000000
--- a/lib/libssl/src/crypto/bio/bss_file.c
+++ /dev/null
@@ -1,320 +0,0 @@
-/* $OpenBSD: bss_file.c,v 1.31 2014/11/11 19:26:12 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * 03-Dec-1997	rdenny@dc3.com  Fix bug preventing use of stdin/stdout
- *		with binary data (e.g. asn1parse -inform DER < xxx) under
- *		Windows
- */
-
-#ifndef HEADER_BSS_FILE_C
-#define HEADER_BSS_FILE_C
-
-#if defined(__linux) || defined(__sun) || defined(__hpux)
-/* Following definition aliases fopen to fopen64 on above mentioned
- * platforms. This makes it possible to open and sequentially access
- * files larger than 2GB from 32-bit application. It does not allow to
- * traverse them beyond 2GB with fseek/ftell, but on the other hand *no*
- * 32-bit platform permits that, not with fseek/ftell. Not to mention
- * that breaking 2GB limit for seeking would require surgery to *our*
- * API. But sequential access suffices for practical cases when you
- * can run into large files, such as fingerprinting, so we can let API
- * alone. For reference, the list of 32-bit platforms which allow for
- * sequential access of large files without extra "magic" comprise *BSD,
- * Darwin, IRIX...
- */
-#ifndef _FILE_OFFSET_BITS
-#define _FILE_OFFSET_BITS 64
-#endif
-#endif
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-
-static int file_write(BIO *h, const char *buf, int num);
-static int file_read(BIO *h, char *buf, int size);
-static int file_puts(BIO *h, const char *str);
-static int file_gets(BIO *h, char *str, int size);
-static long file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int file_new(BIO *h);
-static int file_free(BIO *data);
-
-static BIO_METHOD methods_filep = {
-	.type = BIO_TYPE_FILE,
-	.name = "FILE pointer",
-	.bwrite = file_write,
-	.bread = file_read,
-	.bputs = file_puts,
-	.bgets = file_gets,
-	.ctrl = file_ctrl,
-	.create = file_new,
-	.destroy = file_free
-};
-
-BIO *
-BIO_new_file(const char *filename, const char *mode)
-{
-	BIO  *ret;
-	FILE *file = NULL;
-
-	file = fopen(filename, mode);
-
-	if (file == NULL) {
-		SYSerr(SYS_F_FOPEN, errno);
-		ERR_asprintf_error_data("fopen('%s', '%s')", filename, mode);
-		if (errno == ENOENT)
-			BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
-		else
-			BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
-		return (NULL);
-	}
-	if ((ret = BIO_new(BIO_s_file())) == NULL) {
-		fclose(file);
-		return (NULL);
-	}
-
-	BIO_set_fp(ret, file, BIO_CLOSE);
-	return (ret);
-}
-
-BIO *
-BIO_new_fp(FILE *stream, int close_flag)
-{
-	BIO *ret;
-
-	if ((ret = BIO_new(BIO_s_file())) == NULL)
-		return (NULL);
-
-	BIO_set_fp(ret, stream, close_flag);
-	return (ret);
-}
-
-BIO_METHOD *
-BIO_s_file(void)
-{
-	return (&methods_filep);
-}
-
-static int
-file_new(BIO *bi)
-{
-	bi->init = 0;
-	bi->num = 0;
-	bi->ptr = NULL;
-	bi->flags=0;
-	return (1);
-}
-
-static int
-file_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	if (a->shutdown) {
-		if ((a->init) && (a->ptr != NULL)) {
-			fclose (a->ptr);
-			a->ptr = NULL;
-			a->flags = 0;
-		}
-		a->init = 0;
-	}
-	return (1);
-}
-
-static int
-file_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-
-	if (b->init && out != NULL) {
-		ret = fread(out, 1, outl, (FILE *)b->ptr);
-		if (ret == 0 && ferror((FILE *)b->ptr)) {
-			SYSerr(SYS_F_FREAD, errno);
-			BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB);
-			ret = -1;
-		}
-	}
-	return (ret);
-}
-
-static int
-file_write(BIO *b, const char *in, int inl)
-{
-	int ret = 0;
-
-	if (b->init && in != NULL)
-		ret = fwrite(in, 1, inl, (FILE *)b->ptr);
-	return (ret);
-}
-
-static long
-file_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-	FILE *fp = (FILE *)b->ptr;
-	FILE **fpp;
-	char p[4];
-
-	switch (cmd) {
-	case BIO_C_FILE_SEEK:
-	case BIO_CTRL_RESET:
-		ret = (long)fseek(fp, num, 0);
-		break;
-	case BIO_CTRL_EOF:
-		ret = (long)feof(fp);
-		break;
-	case BIO_C_FILE_TELL:
-	case BIO_CTRL_INFO:
-		ret = ftell(fp);
-		break;
-	case BIO_C_SET_FILE_PTR:
-		file_free(b);
-		b->shutdown = (int)num&BIO_CLOSE;
-		b->ptr = ptr;
-		b->init = 1;
-		break;
-	case BIO_C_SET_FILENAME:
-		file_free(b);
-		b->shutdown = (int)num&BIO_CLOSE;
-		if (num & BIO_FP_APPEND) {
-			if (num & BIO_FP_READ)
-				strlcpy(p, "a+", sizeof p);
-			else	strlcpy(p, "a", sizeof p);
-		} else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
-			strlcpy(p, "r+", sizeof p);
-		else if (num & BIO_FP_WRITE)
-			strlcpy(p, "w", sizeof p);
-		else if (num & BIO_FP_READ)
-			strlcpy(p, "r", sizeof p);
-		else {
-			BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
-			ret = 0;
-			break;
-		}
-		fp = fopen(ptr, p);
-		if (fp == NULL) {
-			SYSerr(SYS_F_FOPEN, errno);
-			ERR_asprintf_error_data("fopen('%s', '%s')", ptr, p);
-			BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
-			ret = 0;
-			break;
-		}
-		b->ptr = fp;
-		b->init = 1;
-		break;
-	case BIO_C_GET_FILE_PTR:
-		/* the ptr parameter is actually a FILE ** in this case. */
-		if (ptr != NULL) {
-			fpp = (FILE **)ptr;
-			*fpp = (FILE *)b->ptr;
-		}
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = (long)b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_FLUSH:
-		fflush((FILE *)b->ptr);
-		break;
-	case BIO_CTRL_DUP:
-		ret = 1;
-		break;
-
-	case BIO_CTRL_WPENDING:
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_PUSH:
-	case BIO_CTRL_POP:
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-file_gets(BIO *bp, char *buf, int size)
-{
-	int ret = 0;
-
-	buf[0] = '\0';
-	if (!fgets(buf, size,(FILE *)bp->ptr))
-		goto err;
-	if (buf[0] != '\0')
-		ret = strlen(buf);
-err:
-	return (ret);
-}
-
-static int
-file_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = file_write(bp, str, n);
-	return (ret);
-}
-
-
-#endif /* HEADER_BSS_FILE_C */
diff --git a/lib/libssl/src/crypto/bio/bss_log.c b/lib/libssl/src/crypto/bio/bss_log.c
deleted file mode 100644
index fcaa985aa08..00000000000
--- a/lib/libssl/src/crypto/bio/bss_log.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* $OpenBSD: bss_log.c,v 1.21 2014/07/11 08:44:47 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-	Why BIO_s_log?
-
-	BIO_s_log is useful for system daemons (or services under NT).
-	It is one-way BIO, it sends all stuff to syslogd (on system that
-	commonly use that), or event log (on NT), or OPCOM (on OpenVMS).
-
-*/
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <syslog.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#ifndef NO_SYSLOG
-
-static int slg_write(BIO *h, const char *buf, int num);
-static int slg_puts(BIO *h, const char *str);
-static long slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int slg_new(BIO *h);
-static int slg_free(BIO *data);
-static void xopenlog(BIO* bp, char* name, int level);
-static void xsyslog(BIO* bp, int priority, const char* string);
-static void xcloselog(BIO* bp);
-
-static BIO_METHOD methods_slg = {
-	.type = BIO_TYPE_MEM,
-	.name = "syslog",
-	.bwrite = slg_write,
-	.bputs = slg_puts,
-	.ctrl = slg_ctrl,
-	.create = slg_new,
-	.destroy = slg_free
-};
-
-BIO_METHOD *
-BIO_s_log(void)
-{
-	return (&methods_slg);
-}
-
-static int
-slg_new(BIO *bi)
-{
-	bi->init = 1;
-	bi->num = 0;
-	bi->ptr = NULL;
-	xopenlog(bi, "application", LOG_DAEMON);
-	return (1);
-}
-
-static int
-slg_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	xcloselog(a);
-	return (1);
-}
-
-static int
-slg_write(BIO *b, const char *in, int inl)
-{
-	int ret = inl;
-	char* buf;
-	char* pp;
-	int priority, i;
-	static const struct {
-		int strl;
-		char str[10];
-		int log_level;
-	}
-	mapping[] = {
-		{ 6, "PANIC ", LOG_EMERG },
-		{ 6, "EMERG ", LOG_EMERG },
-		{ 4, "EMR ", LOG_EMERG },
-		{ 6, "ALERT ", LOG_ALERT },
-		{ 4, "ALR ", LOG_ALERT },
-		{ 5, "CRIT ", LOG_CRIT },
-		{ 4, "CRI ", LOG_CRIT },
-		{ 6, "ERROR ", LOG_ERR },
-		{ 4, "ERR ", LOG_ERR },
-		{ 8, "WARNING ", LOG_WARNING },
-		{ 5, "WARN ", LOG_WARNING },
-		{ 4, "WAR ", LOG_WARNING },
-		{ 7, "NOTICE ", LOG_NOTICE },
-		{ 5, "NOTE ", LOG_NOTICE },
-		{ 4, "NOT ", LOG_NOTICE },
-		{ 5, "INFO ", LOG_INFO },
-		{ 4, "INF ", LOG_INFO },
-		{ 6, "DEBUG ", LOG_DEBUG },
-		{ 4, "DBG ", LOG_DEBUG },
-		{ 0, "", LOG_ERR } /* The default */
-	};
-
-	if ((buf = malloc(inl + 1)) == NULL) {
-		return (0);
-	}
-	strlcpy(buf, in, inl + 1);
-	i = 0;
-	while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0)
-		i++;
-	priority = mapping[i].log_level;
-	pp = buf + mapping[i].strl;
-
-	xsyslog(b, priority, pp);
-
-	free(buf);
-	return (ret);
-}
-
-static long
-slg_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	switch (cmd) {
-	case BIO_CTRL_SET:
-		xcloselog(b);
-		xopenlog(b, ptr, num);
-		break;
-	default:
-		break;
-	}
-	return (0);
-}
-
-static int
-slg_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = slg_write(bp, str, n);
-	return (ret);
-}
-
-
-static void
-xopenlog(BIO* bp, char* name, int level)
-{
-	openlog(name, LOG_PID|LOG_CONS, level);
-}
-
-static void
-xsyslog(BIO *bp, int priority, const char *string)
-{
-	syslog(priority, "%s", string);
-}
-
-static void
-xcloselog(BIO* bp)
-{
-	closelog();
-}
-
-#endif /* NO_SYSLOG */
diff --git a/lib/libssl/src/crypto/bio/bss_mem.c b/lib/libssl/src/crypto/bio/bss_mem.c
deleted file mode 100644
index 119bd672f66..00000000000
--- a/lib/libssl/src/crypto/bio/bss_mem.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/* $OpenBSD: bss_mem.c,v 1.14 2015/03/21 08:05:20 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-static int mem_write(BIO *h, const char *buf, int num);
-static int mem_read(BIO *h, char *buf, int size);
-static int mem_puts(BIO *h, const char *str);
-static int mem_gets(BIO *h, char *str, int size);
-static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int mem_new(BIO *h);
-static int mem_free(BIO *data);
-
-static BIO_METHOD mem_method = {
-	.type = BIO_TYPE_MEM,
-	.name = "memory buffer",
-	.bwrite = mem_write,
-	.bread = mem_read,
-	.bputs = mem_puts,
-	.bgets = mem_gets,
-	.ctrl = mem_ctrl,
-	.create = mem_new,
-	.destroy = mem_free
-};
-
-/* bio->num is used to hold the value to return on 'empty', if it is
- * 0, should_retry is not set */
-
-BIO_METHOD *
-BIO_s_mem(void)
-{
-	return (&mem_method);
-}
-
-BIO *
-BIO_new_mem_buf(void *buf, int len)
-{
-	BIO *ret;
-	BUF_MEM *b;
-	size_t sz;
-
-	if (!buf) {
-		BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
-		return NULL;
-	}
-	sz = (len < 0) ? strlen(buf) : (size_t)len;
-	if (!(ret = BIO_new(BIO_s_mem())))
-		return NULL;
-	b = (BUF_MEM *)ret->ptr;
-	b->data = buf;
-	b->length = sz;
-	b->max = sz;
-	ret->flags |= BIO_FLAGS_MEM_RDONLY;
-	/* Since this is static data retrying wont help */
-	ret->num = 0;
-	return ret;
-}
-
-static int
-mem_new(BIO *bi)
-{
-	BUF_MEM *b;
-
-	if ((b = BUF_MEM_new()) == NULL)
-		return (0);
-	bi->shutdown = 1;
-	bi->init = 1;
-	bi->num = -1;
-	bi->ptr = (char *)b;
-	return (1);
-}
-
-static int
-mem_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	if (a->shutdown) {
-		if ((a->init) && (a->ptr != NULL)) {
-			BUF_MEM *b;
-			b = (BUF_MEM *)a->ptr;
-			if (a->flags & BIO_FLAGS_MEM_RDONLY)
-				b->data = NULL;
-			BUF_MEM_free(b);
-			a->ptr = NULL;
-		}
-	}
-	return (1);
-}
-
-static int
-mem_read(BIO *b, char *out, int outl)
-{
-	int ret = -1;
-	BUF_MEM *bm;
-
-	bm = (BUF_MEM *)b->ptr;
-	BIO_clear_retry_flags(b);
-	ret = (outl >=0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
-	if ((out != NULL) && (ret > 0)) {
-		memcpy(out, bm->data, ret);
-		bm->length -= ret;
-		if (b->flags & BIO_FLAGS_MEM_RDONLY)
-			bm->data += ret;
-		else {
-			memmove(&(bm->data[0]), &(bm->data[ret]), bm->length);
-		}
-	} else if (bm->length == 0) {
-		ret = b->num;
-		if (ret != 0)
-			BIO_set_retry_read(b);
-	}
-	return (ret);
-}
-
-static int
-mem_write(BIO *b, const char *in, int inl)
-{
-	int ret = -1;
-	int blen;
-	BUF_MEM *bm;
-
-	bm = (BUF_MEM *)b->ptr;
-	if (in == NULL) {
-		BIOerr(BIO_F_MEM_WRITE, BIO_R_NULL_PARAMETER);
-		goto end;
-	}
-
-	if (b->flags & BIO_FLAGS_MEM_RDONLY) {
-		BIOerr(BIO_F_MEM_WRITE, BIO_R_WRITE_TO_READ_ONLY_BIO);
-		goto end;
-	}
-
-	BIO_clear_retry_flags(b);
-	blen = bm->length;
-	if (BUF_MEM_grow_clean(bm, blen + inl) != (blen + inl))
-		goto end;
-	memcpy(&(bm->data[blen]), in, inl);
-	ret = inl;
-end:
-	return (ret);
-}
-
-static long
-mem_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-	char **pptr;
-
-	BUF_MEM *bm = (BUF_MEM *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		if (bm->data != NULL) {
-			/* For read only case reset to the start again */
-			if (b->flags & BIO_FLAGS_MEM_RDONLY) {
-				bm->data -= bm->max - bm->length;
-				bm->length = bm->max;
-			} else {
-				memset(bm->data, 0, bm->max);
-				bm->length = 0;
-			}
-		}
-		break;
-	case BIO_CTRL_EOF:
-		ret = (long)(bm->length == 0);
-		break;
-	case BIO_C_SET_BUF_MEM_EOF_RETURN:
-		b->num = (int)num;
-		break;
-	case BIO_CTRL_INFO:
-		ret = (long)bm->length;
-		if (ptr != NULL) {
-			pptr = (char **)ptr;
-			*pptr = (char *)&(bm->data[0]);
-		}
-		break;
-	case BIO_C_SET_BUF_MEM:
-		mem_free(b);
-		b->shutdown = (int)num;
-		b->ptr = ptr;
-		break;
-	case BIO_C_GET_BUF_MEM_PTR:
-		if (ptr != NULL) {
-			pptr = (char **)ptr;
-			*pptr = (char *)bm;
-		}
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = (long)b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-
-	case BIO_CTRL_WPENDING:
-		ret = 0L;
-		break;
-	case BIO_CTRL_PENDING:
-		ret = (long)bm->length;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-	case BIO_CTRL_PUSH:
-	case BIO_CTRL_POP:
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-mem_gets(BIO *bp, char *buf, int size)
-{
-	int i, j;
-	int ret = -1;
-	char *p;
-	BUF_MEM *bm = (BUF_MEM *)bp->ptr;
-
-	BIO_clear_retry_flags(bp);
-	j = bm->length;
-	if ((size - 1) < j)
-		j = size - 1;
-	if (j <= 0) {
-		*buf = '\0';
-		return 0;
-	}
-	p = bm->data;
-	for (i = 0; i < j; i++) {
-		if (p[i] == '\n') {
-			i++;
-			break;
-		}
-	}
-
-	/*
-	 * i is now the max num of bytes to copy, either j or up to
-	 * and including the first newline
-	 */ 
-
-	i = mem_read(bp, buf, i);
-	if (i > 0)
-		buf[i] = '\0';
-	ret = i;
-	return (ret);
-}
-
-static int
-mem_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = mem_write(bp, str, n);
-	/* memory semantics is that it will always work */
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bio/bss_null.c b/lib/libssl/src/crypto/bio/bss_null.c
deleted file mode 100644
index 42ee626b130..00000000000
--- a/lib/libssl/src/crypto/bio/bss_null.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: bss_null.c,v 1.10 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-
-static int null_write(BIO *h, const char *buf, int num);
-static int null_read(BIO *h, char *buf, int size);
-static int null_puts(BIO *h, const char *str);
-static int null_gets(BIO *h, char *str, int size);
-static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int null_new(BIO *h);
-static int null_free(BIO *data);
-
-static BIO_METHOD null_method = {
-	.type = BIO_TYPE_NULL,
-	.name = "NULL",
-	.bwrite = null_write,
-	.bread = null_read,
-	.bputs = null_puts,
-	.bgets = null_gets,
-	.ctrl = null_ctrl,
-	.create = null_new,
-	.destroy = null_free
-};
-
-BIO_METHOD *
-BIO_s_null(void)
-{
-	return (&null_method);
-}
-
-static int
-null_new(BIO *bi)
-{
-	bi->init = 1;
-	bi->num = 0;
-	bi->ptr = (NULL);
-	return (1);
-}
-
-static int
-null_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	return (1);
-}
-
-static int
-null_read(BIO *b, char *out, int outl)
-{
-	return (0);
-}
-
-static int
-null_write(BIO *b, const char *in, int inl)
-{
-	return (inl);
-}
-
-static long
-null_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-	case BIO_CTRL_EOF:
-	case BIO_CTRL_SET:
-	case BIO_CTRL_SET_CLOSE:
-	case BIO_CTRL_FLUSH:
-	case BIO_CTRL_DUP:
-		ret = 1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-	case BIO_CTRL_INFO:
-	case BIO_CTRL_GET:
-	case BIO_CTRL_PENDING:
-	case BIO_CTRL_WPENDING:
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-null_gets(BIO *bp, char *buf, int size)
-{
-	return (0);
-}
-
-static int
-null_puts(BIO *bp, const char *str)
-{
-	if (str == NULL)
-		return (0);
-	return (strlen(str));
-}
diff --git a/lib/libssl/src/crypto/bio/bss_sock.c b/lib/libssl/src/crypto/bio/bss_sock.c
deleted file mode 100644
index dd470eb65eb..00000000000
--- a/lib/libssl/src/crypto/bio/bss_sock.c
+++ /dev/null
@@ -1,239 +0,0 @@
-/* $OpenBSD: bss_sock.c,v 1.23 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/socket.h>
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-
-static int sock_write(BIO *h, const char *buf, int num);
-static int sock_read(BIO *h, char *buf, int size);
-static int sock_puts(BIO *h, const char *str);
-static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int sock_new(BIO *h);
-static int sock_free(BIO *data);
-int BIO_sock_should_retry(int s);
-
-static BIO_METHOD methods_sockp = {
-	.type = BIO_TYPE_SOCKET,
-	.name = "socket",
-	.bwrite = sock_write,
-	.bread = sock_read,
-	.bputs = sock_puts,
-	.ctrl = sock_ctrl,
-	.create = sock_new,
-	.destroy = sock_free
-};
-
-BIO_METHOD *
-BIO_s_socket(void)
-{
-	return (&methods_sockp);
-}
-
-BIO *
-BIO_new_socket(int fd, int close_flag)
-{
-	BIO *ret;
-
-	ret = BIO_new(BIO_s_socket());
-	if (ret == NULL)
-		return (NULL);
-	BIO_set_fd(ret, fd, close_flag);
-	return (ret);
-}
-
-static int
-sock_new(BIO *bi)
-{
-	bi->init = 0;
-	bi->num = 0;
-	bi->ptr = NULL;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-sock_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	if (a->shutdown) {
-		if (a->init) {
-			shutdown(a->num, SHUT_RDWR);
-			close(a->num);
-		}
-		a->init = 0;
-		a->flags = 0;
-	}
-	return (1);
-}
-
-static int
-sock_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-
-	if (out != NULL) {
-		errno = 0;
-		ret = read(b->num, out, outl);
-		BIO_clear_retry_flags(b);
-		if (ret <= 0) {
-			if (BIO_sock_should_retry(ret))
-				BIO_set_retry_read(b);
-		}
-	}
-	return (ret);
-}
-
-static int
-sock_write(BIO *b, const char *in, int inl)
-{
-	int ret;
-
-	errno = 0;
-	ret = write(b->num, in, inl);
-	BIO_clear_retry_flags(b);
-	if (ret <= 0) {
-		if (BIO_sock_should_retry(ret))
-			BIO_set_retry_write(b);
-	}
-	return (ret);
-}
-
-static long
-sock_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	long ret = 1;
-	int *ip;
-
-	switch (cmd) {
-	case BIO_C_SET_FD:
-		sock_free(b);
-		b->num= *((int *)ptr);
-		b->shutdown = (int)num;
-		b->init = 1;
-		break;
-	case BIO_C_GET_FD:
-		if (b->init) {
-			ip = (int *)ptr;
-			if (ip != NULL)
-				*ip = b->num;
-			ret = b->num;
-		} else
-			ret = -1;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_DUP:
-	case BIO_CTRL_FLUSH:
-		ret = 1;
-		break;
-	default:
-		ret = 0;
-		break;
-	}
-	return (ret);
-}
-
-static int
-sock_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = sock_write(bp, str, n);
-	return (ret);
-}
-
-int
-BIO_sock_should_retry(int i)
-{
-	int err;
-
-	if ((i == 0) || (i == -1)) {
-		err = errno;
-		return (BIO_sock_non_fatal_error(err));
-	}
-	return (0);
-}
-
-int
-BIO_sock_non_fatal_error(int err)
-{
-	switch (err) {
-	case ENOTCONN:
-	case EINTR:
-	case EAGAIN:
-	case EINPROGRESS:
-	case EALREADY:
-		return (1);
-	default:
-		break;
-	}
-	return (0);
-}
-
diff --git a/lib/libssl/src/crypto/bn/asm/alpha-mont.pl b/lib/libssl/src/crypto/bn/asm/alpha-mont.pl
deleted file mode 100644
index 41700d5bd58..00000000000
--- a/lib/libssl/src/crypto/bn/asm/alpha-mont.pl
+++ /dev/null
@@ -1,316 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# On 21264 RSA sign performance improves by 70/35/20/15 percent for
-# 512/1024/2048/4096 bit key lengths. This is against vendor compiler
-# instructed to '-tune host' code with in-line assembler. Other
-# benchmarks improve by 15-20%. To anchor it to something else, the
-# code provides approximately the same performance per GHz as AMD64.
-# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x
-# difference.
-
-# int bn_mul_mont(
-$rp="a0";	# BN_ULONG *rp,
-$ap="a1";	# const BN_ULONG *ap,
-$bp="a2";	# const BN_ULONG *bp,
-$np="a3";	# const BN_ULONG *np,
-$n0="a4";	# const BN_ULONG *n0,
-$num="a5";	# int num);
-
-$lo0="t0";
-$hi0="t1";
-$lo1="t2";
-$hi1="t3";
-$aj="t4";
-$bi="t5";
-$nj="t6";
-$tp="t7";
-$alo="t8";
-$ahi="t9";
-$nlo="t10";
-$nhi="t11";
-$tj="t12";
-$i="s3";
-$j="s4";
-$m1="s5";
-
-$code=<<___;
-#include <machine/asm.h>
-
-.text
-
-.set	noat
-.set	noreorder
-
-.globl	bn_mul_mont
-.align	5
-.ent	bn_mul_mont
-bn_mul_mont:
-	lda	sp,-48(sp)
-	stq	ra,0(sp)
-	stq	s3,8(sp)
-	stq	s4,16(sp)
-	stq	s5,24(sp)
-	stq	fp,32(sp)
-	mov	sp,fp
-	.mask	0x0400f000,-48
-	.frame	fp,48,ra
-	.prologue 0
-
-	.align	4
-	.set	reorder
-	sextl	$num,$num
-	mov	0,v0
-	cmplt	$num,4,AT
-	bne	AT,.Lexit
-
-	ldq	$hi0,0($ap)	# ap[0]
-	s8addq	$num,16,AT
-	ldq	$aj,8($ap)
-	subq	sp,AT,sp
-	ldq	$bi,0($bp)	# bp[0]
-	lda	AT,-4096(zero)	# mov	-4096,AT
-	ldq	$n0,0($n0)
-	and	sp,AT,sp
-
-	mulq	$hi0,$bi,$lo0
-	ldq	$hi1,0($np)	# np[0]
-	umulh	$hi0,$bi,$hi0
-	ldq	$nj,8($np)
-
-	mulq	$lo0,$n0,$m1
-
-	mulq	$hi1,$m1,$lo1
-	umulh	$hi1,$m1,$hi1
-
-	addq	$lo1,$lo0,$lo1
-	cmpult	$lo1,$lo0,AT
-	addq	$hi1,AT,$hi1
-
-	mulq	$aj,$bi,$alo
-	mov	2,$j
-	umulh	$aj,$bi,$ahi
-	mov	sp,$tp
-
-	mulq	$nj,$m1,$nlo
-	s8addq	$j,$ap,$aj
-	umulh	$nj,$m1,$nhi
-	s8addq	$j,$np,$nj
-.align	4
-.L1st:
-	.set	noreorder
-	ldq	$aj,0($aj)
-	addl	$j,1,$j
-	ldq	$nj,0($nj)
-	lda	$tp,8($tp)
-
-	addq	$alo,$hi0,$lo0
-	mulq	$aj,$bi,$alo
-	cmpult	$lo0,$hi0,AT
-	addq	$nlo,$hi1,$lo1
-
-	mulq	$nj,$m1,$nlo
-	addq	$ahi,AT,$hi0
-	cmpult	$lo1,$hi1,v0
-	cmplt	$j,$num,$tj
-
-	umulh	$aj,$bi,$ahi
-	addq	$nhi,v0,$hi1
-	addq	$lo1,$lo0,$lo1
-	s8addq	$j,$ap,$aj
-
-	umulh	$nj,$m1,$nhi
-	cmpult	$lo1,$lo0,v0
-	addq	$hi1,v0,$hi1
-	s8addq	$j,$np,$nj
-
-	stq	$lo1,-8($tp)
-	nop
-	unop
-	bne	$tj,.L1st
-	.set	reorder
-
-	addq	$alo,$hi0,$lo0
-	addq	$nlo,$hi1,$lo1
-	cmpult	$lo0,$hi0,AT
-	cmpult	$lo1,$hi1,v0
-	addq	$ahi,AT,$hi0
-	addq	$nhi,v0,$hi1
-
-	addq	$lo1,$lo0,$lo1
-	cmpult	$lo1,$lo0,v0
-	addq	$hi1,v0,$hi1
-
-	stq	$lo1,0($tp)
-
-	addq	$hi1,$hi0,$hi1
-	cmpult	$hi1,$hi0,AT
-	stq	$hi1,8($tp)
-	stq	AT,16($tp)
-
-	mov	1,$i
-.align	4
-.Louter:
-	s8addq	$i,$bp,$bi
-	ldq	$hi0,0($ap)
-	ldq	$aj,8($ap)
-	ldq	$bi,0($bi)
-	ldq	$hi1,0($np)
-	ldq	$nj,8($np)
-	ldq	$tj,0(sp)
-
-	mulq	$hi0,$bi,$lo0
-	umulh	$hi0,$bi,$hi0
-
-	addq	$lo0,$tj,$lo0
-	cmpult	$lo0,$tj,AT
-	addq	$hi0,AT,$hi0
-
-	mulq	$lo0,$n0,$m1
-
-	mulq	$hi1,$m1,$lo1
-	umulh	$hi1,$m1,$hi1
-
-	addq	$lo1,$lo0,$lo1
-	cmpult	$lo1,$lo0,AT
-	mov	2,$j
-	addq	$hi1,AT,$hi1
-
-	mulq	$aj,$bi,$alo
-	mov	sp,$tp
-	umulh	$aj,$bi,$ahi
-
-	mulq	$nj,$m1,$nlo
-	s8addq	$j,$ap,$aj
-	umulh	$nj,$m1,$nhi
-.align	4
-.Linner:
-	.set	noreorder
-	ldq	$tj,8($tp)	#L0
-	nop			#U1
-	ldq	$aj,0($aj)	#L1
-	s8addq	$j,$np,$nj	#U0
-
-	ldq	$nj,0($nj)	#L0
-	nop			#U1
-	addq	$alo,$hi0,$lo0	#L1
-	lda	$tp,8($tp)
-
-	mulq	$aj,$bi,$alo	#U1
-	cmpult	$lo0,$hi0,AT	#L0
-	addq	$nlo,$hi1,$lo1	#L1
-	addl	$j,1,$j
-
-	mulq	$nj,$m1,$nlo	#U1
-	addq	$ahi,AT,$hi0	#L0
-	addq	$lo0,$tj,$lo0	#L1
-	cmpult	$lo1,$hi1,v0	#U0
-
-	umulh	$aj,$bi,$ahi	#U1
-	cmpult	$lo0,$tj,AT	#L0
-	addq	$lo1,$lo0,$lo1	#L1
-	addq	$nhi,v0,$hi1	#U0
-
-	umulh	$nj,$m1,$nhi	#U1
-	s8addq	$j,$ap,$aj	#L0
-	cmpult	$lo1,$lo0,v0	#L1
-	cmplt	$j,$num,$tj	#U0	# borrow $tj
-
-	addq	$hi0,AT,$hi0	#L0
-	addq	$hi1,v0,$hi1	#U1
-	stq	$lo1,-8($tp)	#L1
-	bne	$tj,.Linner	#U0
-	.set	reorder
-
-	ldq	$tj,8($tp)
-	addq	$alo,$hi0,$lo0
-	addq	$nlo,$hi1,$lo1
-	cmpult	$lo0,$hi0,AT
-	cmpult	$lo1,$hi1,v0
-	addq	$ahi,AT,$hi0
-	addq	$nhi,v0,$hi1
-
-	addq	$lo0,$tj,$lo0
-	cmpult	$lo0,$tj,AT
-	addq	$hi0,AT,$hi0
-
-	ldq	$tj,16($tp)
-	addq	$lo1,$lo0,$j
-	cmpult	$j,$lo0,v0
-	addq	$hi1,v0,$hi1
-
-	addq	$hi1,$hi0,$lo1
-	stq	$j,0($tp)
-	cmpult	$lo1,$hi0,$hi1
-	addq	$lo1,$tj,$lo1
-	cmpult	$lo1,$tj,AT
-	addl	$i,1,$i
-	addq	$hi1,AT,$hi1
-	stq	$lo1,8($tp)
-	cmplt	$i,$num,$tj	# borrow $tj
-	stq	$hi1,16($tp)
-	bne	$tj,.Louter
-
-	s8addq	$num,sp,$tj	# &tp[num]
-	mov	$rp,$bp		# put rp aside
-	mov	sp,$tp
-	mov	sp,$ap
-	mov	0,$hi0		# clear borrow bit
-
-.align	4
-.Lsub:	ldq	$lo0,0($tp)
-	ldq	$lo1,0($np)
-	lda	$tp,8($tp)
-	lda	$np,8($np)
-	subq	$lo0,$lo1,$lo1	# tp[i]-np[i]
-	cmpult	$lo0,$lo1,AT
-	subq	$lo1,$hi0,$lo0
-	cmpult	$lo1,$lo0,$hi0
-	or	$hi0,AT,$hi0
-	stq	$lo0,0($rp)
-	cmpult	$tp,$tj,v0
-	lda	$rp,8($rp)
-	bne	v0,.Lsub
-
-	subq	$hi1,$hi0,$hi0	# handle upmost overflow bit
-	mov	sp,$tp
-	mov	$bp,$rp		# restore rp
-
-	and	sp,$hi0,$ap
-	bic	$bp,$hi0,$bp
-	bis	$bp,$ap,$ap	# ap=borrow?tp:rp
-
-.align	4
-.Lcopy:	ldq	$aj,0($ap)	# copy or in-place refresh
-	lda	$tp,8($tp)
-	lda	$rp,8($rp)
-	lda	$ap,8($ap)
-	stq	zero,-8($tp)	# zap tp
-	cmpult	$tp,$tj,AT
-	stq	$aj,-8($rp)
-	bne	AT,.Lcopy
-	mov	1,v0
-
-.Lexit:
-	.set	noreorder
-	mov	fp,sp
-	/*ldq	ra,0(sp)*/
-	ldq	s3,8(sp)
-	ldq	s4,16(sp)
-	ldq	s5,24(sp)
-	ldq	fp,32(sp)
-	lda	sp,48(sp)
-	ret	(ra)
-.end	bn_mul_mont
-.ascii	"Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/armv4-gf2m.pl b/lib/libssl/src/crypto/bn/asm/armv4-gf2m.pl
deleted file mode 100644
index c52e0b75b5b..00000000000
--- a/lib/libssl/src/crypto/bn/asm/armv4-gf2m.pl
+++ /dev/null
@@ -1,278 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# May 2011
-#
-# The module implements bn_GF2m_mul_2x2 polynomial multiplication
-# used in bn_gf2m.c. It's kind of low-hanging mechanical port from
-# C for the time being... Except that it has two code paths: pure
-# integer code suitable for any ARMv4 and later CPU and NEON code
-# suitable for ARMv7. Pure integer 1x1 multiplication subroutine runs
-# in ~45 cycles on dual-issue core such as Cortex A8, which is ~50%
-# faster than compiler-generated code. For ECDH and ECDSA verify (but
-# not for ECDSA sign) it means 25%-45% improvement depending on key
-# length, more for longer keys. Even though NEON 1x1 multiplication
-# runs in even less cycles, ~30, improvement is measurable only on
-# longer keys. One has to optimize code elsewhere to get NEON glow...
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-sub Dlo()   { shift=~m|q([1]?[0-9])|?"d".($1*2):"";     }
-sub Dhi()   { shift=~m|q([1]?[0-9])|?"d".($1*2+1):"";   }
-sub Q()     { shift=~m|d([1-3]?[02468])|?"q".($1/2):""; }
-
-$code=<<___;
-#include "arm_arch.h"
-
-.text
-.code	32
-
-#if __ARM_ARCH__>=7
-.fpu	neon
-
-.type	mul_1x1_neon,%function
-.align	5
-mul_1x1_neon:
-	vshl.u64	`&Dlo("q1")`,d16,#8	@ q1-q3 are slided $a
-	vmull.p8	`&Q("d0")`,d16,d17	@ a�bb
-	vshl.u64	`&Dlo("q2")`,d16,#16
-	vmull.p8	q1,`&Dlo("q1")`,d17	@ a<<8�bb
-	vshl.u64	`&Dlo("q3")`,d16,#24
-	vmull.p8	q2,`&Dlo("q2")`,d17	@ a<<16�bb
-	vshr.u64	`&Dlo("q1")`,#8
-	vmull.p8	q3,`&Dlo("q3")`,d17	@ a<<24�bb
-	vshl.u64	`&Dhi("q1")`,#24
-	veor		d0,`&Dlo("q1")`
-	vshr.u64	`&Dlo("q2")`,#16
-	veor		d0,`&Dhi("q1")`
-	vshl.u64	`&Dhi("q2")`,#16
-	veor		d0,`&Dlo("q2")`
-	vshr.u64	`&Dlo("q3")`,#24
-	veor		d0,`&Dhi("q2")`
-	vshl.u64	`&Dhi("q3")`,#8
-	veor		d0,`&Dlo("q3")`
-	veor		d0,`&Dhi("q3")`
-	bx	lr
-.size	mul_1x1_neon,.-mul_1x1_neon
-#endif
-___
-################
-# private interface to mul_1x1_ialu
-#
-$a="r1";
-$b="r0";
-
-($a0,$a1,$a2,$a12,$a4,$a14)=
-($hi,$lo,$t0,$t1, $i0,$i1 )=map("r$_",(4..9),12);
-
-$mask="r12";
-
-$code.=<<___;
-.type	mul_1x1_ialu,%function
-.align	5
-mul_1x1_ialu:
-	mov	$a0,#0
-	bic	$a1,$a,#3<<30		@ a1=a&0x3fffffff
-	str	$a0,[sp,#0]		@ tab[0]=0
-	add	$a2,$a1,$a1		@ a2=a1<<1
-	str	$a1,[sp,#4]		@ tab[1]=a1
-	eor	$a12,$a1,$a2		@ a1^a2
-	str	$a2,[sp,#8]		@ tab[2]=a2
-	mov	$a4,$a1,lsl#2		@ a4=a1<<2
-	str	$a12,[sp,#12]		@ tab[3]=a1^a2
-	eor	$a14,$a1,$a4		@ a1^a4
-	str	$a4,[sp,#16]		@ tab[4]=a4
-	eor	$a0,$a2,$a4		@ a2^a4
-	str	$a14,[sp,#20]		@ tab[5]=a1^a4
-	eor	$a12,$a12,$a4		@ a1^a2^a4
-	str	$a0,[sp,#24]		@ tab[6]=a2^a4
-	and	$i0,$mask,$b,lsl#2
-	str	$a12,[sp,#28]		@ tab[7]=a1^a2^a4
-
-	and	$i1,$mask,$b,lsr#1
-	ldr	$lo,[sp,$i0]		@ tab[b       & 0x7]
-	and	$i0,$mask,$b,lsr#4
-	ldr	$t1,[sp,$i1]		@ tab[b >>  3 & 0x7]
-	and	$i1,$mask,$b,lsr#7
-	ldr	$t0,[sp,$i0]		@ tab[b >>  6 & 0x7]
-	eor	$lo,$lo,$t1,lsl#3	@ stall
-	mov	$hi,$t1,lsr#29
-	ldr	$t1,[sp,$i1]		@ tab[b >>  9 & 0x7]
-
-	and	$i0,$mask,$b,lsr#10
-	eor	$lo,$lo,$t0,lsl#6
-	eor	$hi,$hi,$t0,lsr#26
-	ldr	$t0,[sp,$i0]		@ tab[b >> 12 & 0x7]
-
-	and	$i1,$mask,$b,lsr#13
-	eor	$lo,$lo,$t1,lsl#9
-	eor	$hi,$hi,$t1,lsr#23
-	ldr	$t1,[sp,$i1]		@ tab[b >> 15 & 0x7]
-
-	and	$i0,$mask,$b,lsr#16
-	eor	$lo,$lo,$t0,lsl#12
-	eor	$hi,$hi,$t0,lsr#20
-	ldr	$t0,[sp,$i0]		@ tab[b >> 18 & 0x7]
-
-	and	$i1,$mask,$b,lsr#19
-	eor	$lo,$lo,$t1,lsl#15
-	eor	$hi,$hi,$t1,lsr#17
-	ldr	$t1,[sp,$i1]		@ tab[b >> 21 & 0x7]
-
-	and	$i0,$mask,$b,lsr#22
-	eor	$lo,$lo,$t0,lsl#18
-	eor	$hi,$hi,$t0,lsr#14
-	ldr	$t0,[sp,$i0]		@ tab[b >> 24 & 0x7]
-
-	and	$i1,$mask,$b,lsr#25
-	eor	$lo,$lo,$t1,lsl#21
-	eor	$hi,$hi,$t1,lsr#11
-	ldr	$t1,[sp,$i1]		@ tab[b >> 27 & 0x7]
-
-	tst	$a,#1<<30
-	and	$i0,$mask,$b,lsr#28
-	eor	$lo,$lo,$t0,lsl#24
-	eor	$hi,$hi,$t0,lsr#8
-	ldr	$t0,[sp,$i0]		@ tab[b >> 30      ]
-
-	eorne	$lo,$lo,$b,lsl#30
-	eorne	$hi,$hi,$b,lsr#2
-	tst	$a,#1<<31
-	eor	$lo,$lo,$t1,lsl#27
-	eor	$hi,$hi,$t1,lsr#5
-	eorne	$lo,$lo,$b,lsl#31
-	eorne	$hi,$hi,$b,lsr#1
-	eor	$lo,$lo,$t0,lsl#30
-	eor	$hi,$hi,$t0,lsr#2
-
-	mov	pc,lr
-.size	mul_1x1_ialu,.-mul_1x1_ialu
-___
-################
-# void	bn_GF2m_mul_2x2(BN_ULONG *r,
-#	BN_ULONG a1,BN_ULONG a0,
-#	BN_ULONG b1,BN_ULONG b0);	# r[3..0]=a1a0�b1b0
-
-($A1,$B1,$A0,$B0,$A1B1,$A0B0)=map("d$_",(18..23));
-
-$code.=<<___;
-.global	bn_GF2m_mul_2x2
-.type	bn_GF2m_mul_2x2,%function
-.align	5
-bn_GF2m_mul_2x2:
-#if __ARM_ARCH__>=7
-	ldr	r12,.LOPENSSL_armcap
-.Lpic:	ldr	r12,[pc,r12]
-	tst	r12,#1
-	beq	.Lialu
-
-	veor	$A1,$A1
-	vmov.32	$B1,r3,r3		@ two copies of b1
-	vmov.32	${A1}[0],r1		@ a1
-
-	veor	$A0,$A0
-	vld1.32	${B0}[],[sp,:32]	@ two copies of b0
-	vmov.32	${A0}[0],r2		@ a0
-	mov	r12,lr
-
-	vmov	d16,$A1
-	vmov	d17,$B1
-	bl	mul_1x1_neon		@ a1�b1
-	vmov	$A1B1,d0
-
-	vmov	d16,$A0
-	vmov	d17,$B0
-	bl	mul_1x1_neon		@ a0�b0
-	vmov	$A0B0,d0
-
-	veor	d16,$A0,$A1
-	veor	d17,$B0,$B1
-	veor	$A0,$A0B0,$A1B1
-	bl	mul_1x1_neon		@ (a0+a1)�(b0+b1)
-
-	veor	d0,$A0			@ (a0+a1)�(b0+b1)-a0�b0-a1�b1
-	vshl.u64 d1,d0,#32
-	vshr.u64 d0,d0,#32
-	veor	$A0B0,d1
-	veor	$A1B1,d0
-	vst1.32	{${A0B0}[0]},[r0,:32]!
-	vst1.32	{${A0B0}[1]},[r0,:32]!
-	vst1.32	{${A1B1}[0]},[r0,:32]!
-	vst1.32	{${A1B1}[1]},[r0,:32]
-	bx	r12
-.align	4
-.Lialu:
-#endif
-___
-$ret="r10";	# reassigned 1st argument
-$code.=<<___;
-	stmdb	sp!,{r4-r10,lr}
-	mov	$ret,r0			@ reassign 1st argument
-	mov	$b,r3			@ $b=b1
-	ldr	r3,[sp,#32]		@ load b0
-	mov	$mask,#7<<2
-	sub	sp,sp,#32		@ allocate tab[8]
-
-	bl	mul_1x1_ialu		@ a1�b1
-	str	$lo,[$ret,#8]
-	str	$hi,[$ret,#12]
-
-	eor	$b,$b,r3		@ flip b0 and b1
-	 eor	$a,$a,r2		@ flip a0 and a1
-	eor	r3,r3,$b
-	 eor	r2,r2,$a
-	eor	$b,$b,r3
-	 eor	$a,$a,r2
-	bl	mul_1x1_ialu		@ a0�b0
-	str	$lo,[$ret]
-	str	$hi,[$ret,#4]
-
-	eor	$a,$a,r2
-	eor	$b,$b,r3
-	bl	mul_1x1_ialu		@ (a1+a0)�(b1+b0)
-___
-@r=map("r$_",(6..9));
-$code.=<<___;
-	ldmia	$ret,{@r[0]-@r[3]}
-	eor	$lo,$lo,$hi
-	eor	$hi,$hi,@r[1]
-	eor	$lo,$lo,@r[0]
-	eor	$hi,$hi,@r[2]
-	eor	$lo,$lo,@r[3]
-	eor	$hi,$hi,@r[3]
-	str	$hi,[$ret,#8]
-	eor	$lo,$lo,$hi
-	add	sp,sp,#32		@ destroy tab[8]
-	str	$lo,[$ret,#4]
-
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r10,pc}
-#else
-	ldmia	sp!,{r4-r10,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
-#if __ARM_ARCH__>=7
-.align	5
-.LOPENSSL_armcap:
-.word	OPENSSL_armcap_P-(.Lpic+8)
-#endif
-.asciz	"GF(2^m) Multiplication for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
-.align	5
-
-.comm	OPENSSL_armcap_P,4,4
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;    # make it possible to compile with -march=armv4
-print $code;
-close STDOUT;   # enforce flush
diff --git a/lib/libssl/src/crypto/bn/asm/armv4-mont.pl b/lib/libssl/src/crypto/bn/asm/armv4-mont.pl
deleted file mode 100644
index f78a8b5f0f5..00000000000
--- a/lib/libssl/src/crypto/bn/asm/armv4-mont.pl
+++ /dev/null
@@ -1,204 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# January 2007.
-
-# Montgomery multiplication for ARMv4.
-#
-# Performance improvement naturally varies among CPU implementations
-# and compilers. The code was observed to provide +65-35% improvement
-# [depending on key length, less for longer keys] on ARM920T, and
-# +115-80% on Intel IXP425. This is compared to pre-bn_mul_mont code
-# base and compiler generated code with in-lined umull and even umlal
-# instructions. The latter means that this code didn't really have an 
-# "advantage" of utilizing some "secret" instruction.
-#
-# The code is interoperable with Thumb ISA and is rather compact, less
-# than 1/2KB. Windows CE port would be trivial, as it's exclusively
-# about decorations, ABI and instruction syntax are identical.
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$num="r0";	# starts as num argument, but holds &tp[num-1]
-$ap="r1";
-$bp="r2"; $bi="r2"; $rp="r2";
-$np="r3";
-$tp="r4";
-$aj="r5";
-$nj="r6";
-$tj="r7";
-$n0="r8";
-###########	# r9 is reserved by ELF as platform specific, e.g. TLS pointer
-$alo="r10";	# sl, gcc uses it to keep @GOT
-$ahi="r11";	# fp
-$nlo="r12";	# ip
-###########	# r13 is stack pointer
-$nhi="r14";	# lr
-###########	# r15 is program counter
-
-#### argument block layout relative to &tp[num-1], a.k.a. $num
-$_rp="$num,#12*4";
-# ap permanently resides in r1
-$_bp="$num,#13*4";
-# np permanently resides in r3
-$_n0="$num,#14*4";
-$_num="$num,#15*4";	$_bpend=$_num;
-
-$code=<<___;
-.text
-
-.global	bn_mul_mont
-.type	bn_mul_mont,%function
-
-.align	2
-bn_mul_mont:
-	stmdb	sp!,{r0,r2}		@ sp points at argument block
-	ldr	$num,[sp,#3*4]		@ load num
-	cmp	$num,#2
-	movlt	r0,#0
-	addlt	sp,sp,#2*4
-	blt	.Labrt
-
-	stmdb	sp!,{r4-r12,lr}		@ save 10 registers
-
-	mov	$num,$num,lsl#2		@ rescale $num for byte count
-	sub	sp,sp,$num		@ alloca(4*num)
-	sub	sp,sp,#4		@ +extra dword
-	sub	$num,$num,#4		@ "num=num-1"
-	add	$tp,$bp,$num		@ &bp[num-1]
-
-	add	$num,sp,$num		@ $num to point at &tp[num-1]
-	ldr	$n0,[$_n0]		@ &n0
-	ldr	$bi,[$bp]		@ bp[0]
-	ldr	$aj,[$ap],#4		@ ap[0],ap++
-	ldr	$nj,[$np],#4		@ np[0],np++
-	ldr	$n0,[$n0]		@ *n0
-	str	$tp,[$_bpend]		@ save &bp[num]
-
-	umull	$alo,$ahi,$aj,$bi	@ ap[0]*bp[0]
-	str	$n0,[$_n0]		@ save n0 value
-	mul	$n0,$alo,$n0		@ "tp[0]"*n0
-	mov	$nlo,#0
-	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"t[0]"
-	mov	$tp,sp
-
-.L1st:
-	ldr	$aj,[$ap],#4		@ ap[j],ap++
-	mov	$alo,$ahi
-	ldr	$nj,[$np],#4		@ np[j],np++
-	mov	$ahi,#0
-	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[0]
-	mov	$nhi,#0
-	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
-	adds	$nlo,$nlo,$alo
-	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
-	adc	$nlo,$nhi,#0
-	cmp	$tp,$num
-	bne	.L1st
-
-	adds	$nlo,$nlo,$ahi
-	ldr	$tp,[$_bp]		@ restore bp
-	mov	$nhi,#0
-	ldr	$n0,[$_n0]		@ restore n0
-	adc	$nhi,$nhi,#0
-	str	$nlo,[$num]		@ tp[num-1]=
-	str	$nhi,[$num,#4]		@ tp[num]=
-
-.Louter:
-	sub	$tj,$num,sp		@ "original" $num-1 value
-	sub	$ap,$ap,$tj		@ "rewind" ap to &ap[1]
-	ldr	$bi,[$tp,#4]!		@ *(++bp)
-	sub	$np,$np,$tj		@ "rewind" np to &np[1]
-	ldr	$aj,[$ap,#-4]		@ ap[0]
-	ldr	$alo,[sp]		@ tp[0]
-	ldr	$nj,[$np,#-4]		@ np[0]
-	ldr	$tj,[sp,#4]		@ tp[1]
-
-	mov	$ahi,#0
-	umlal	$alo,$ahi,$aj,$bi	@ ap[0]*bp[i]+tp[0]
-	str	$tp,[$_bp]		@ save bp
-	mul	$n0,$alo,$n0
-	mov	$nlo,#0
-	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"tp[0]"
-	mov	$tp,sp
-
-.Linner:
-	ldr	$aj,[$ap],#4		@ ap[j],ap++
-	adds	$alo,$ahi,$tj		@ +=tp[j]
-	ldr	$nj,[$np],#4		@ np[j],np++
-	mov	$ahi,#0
-	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[i]
-	mov	$nhi,#0
-	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
-	adc	$ahi,$ahi,#0
-	ldr	$tj,[$tp,#8]		@ tp[j+1]
-	adds	$nlo,$nlo,$alo
-	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
-	adc	$nlo,$nhi,#0
-	cmp	$tp,$num
-	bne	.Linner
-
-	adds	$nlo,$nlo,$ahi
-	mov	$nhi,#0
-	ldr	$tp,[$_bp]		@ restore bp
-	adc	$nhi,$nhi,#0
-	ldr	$n0,[$_n0]		@ restore n0
-	adds	$nlo,$nlo,$tj
-	ldr	$tj,[$_bpend]		@ restore &bp[num]
-	adc	$nhi,$nhi,#0
-	str	$nlo,[$num]		@ tp[num-1]=
-	str	$nhi,[$num,#4]		@ tp[num]=
-
-	cmp	$tp,$tj
-	bne	.Louter
-
-	ldr	$rp,[$_rp]		@ pull rp
-	add	$num,$num,#4		@ $num to point at &tp[num]
-	sub	$aj,$num,sp		@ "original" num value
-	mov	$tp,sp			@ "rewind" $tp
-	mov	$ap,$tp			@ "borrow" $ap
-	sub	$np,$np,$aj		@ "rewind" $np to &np[0]
-
-	subs	$tj,$tj,$tj		@ "clear" carry flag
-.Lsub:	ldr	$tj,[$tp],#4
-	ldr	$nj,[$np],#4
-	sbcs	$tj,$tj,$nj		@ tp[j]-np[j]
-	str	$tj,[$rp],#4		@ rp[j]=
-	teq	$tp,$num		@ preserve carry
-	bne	.Lsub
-	sbcs	$nhi,$nhi,#0		@ upmost carry
-	mov	$tp,sp			@ "rewind" $tp
-	sub	$rp,$rp,$aj		@ "rewind" $rp
-
-	and	$ap,$tp,$nhi
-	bic	$np,$rp,$nhi
-	orr	$ap,$ap,$np		@ ap=borrow?tp:rp
-
-.Lcopy:	ldr	$tj,[$ap],#4		@ copy or in-place refresh
-	str	sp,[$tp],#4		@ zap tp
-	str	$tj,[$rp],#4
-	cmp	$tp,$num
-	bne	.Lcopy
-
-	add	sp,$num,#4		@ skip over tp[num+1]
-	ldmia	sp!,{r4-r12,lr}		@ restore registers
-	add	sp,sp,#2*4		@ skip over {r0,r2}
-	mov	r0,#1
-.Labrt:	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-.size	bn_mul_mont,.-bn_mul_mont
-.asciz	"Montgomery multiplication for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/bn-586.pl b/lib/libssl/src/crypto/bn/asm/bn-586.pl
deleted file mode 100644
index 332ef3e91d6..00000000000
--- a/lib/libssl/src/crypto/bn/asm/bn-586.pl
+++ /dev/null
@@ -1,774 +0,0 @@
-#!/usr/local/bin/perl
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_sub_part_words("bn_sub_part_words");
-
-&asm_finish();
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
-
-	$r="eax";
-	$a="edx";
-	$c="ecx";
-
-	if ($sse2) {
-		&picmeup("eax","OPENSSL_ia32cap_P");
-		&bt(&DWP(0,"eax"),26);
-		&jnc(&label("maw_non_sse2"));
-
-		&mov($r,&wparam(0));
-		&mov($a,&wparam(1));
-		&mov($c,&wparam(2));
-		&movd("mm0",&wparam(3));	# mm0 = w
-		&pxor("mm1","mm1");		# mm1 = carry_in
-		&jmp(&label("maw_sse2_entry"));
-		
-	&set_label("maw_sse2_unrolled",16);
-		&movd("mm3",&DWP(0,$r,"",0));	# mm3 = r[0]
-		&paddq("mm1","mm3");		# mm1 = carry_in + r[0]
-		&movd("mm2",&DWP(0,$a,"",0));	# mm2 = a[0]
-		&pmuludq("mm2","mm0");		# mm2 = w*a[0]
-		&movd("mm4",&DWP(4,$a,"",0));	# mm4 = a[1]
-		&pmuludq("mm4","mm0");		# mm4 = w*a[1]
-		&movd("mm6",&DWP(8,$a,"",0));	# mm6 = a[2]
-		&pmuludq("mm6","mm0");		# mm6 = w*a[2]
-		&movd("mm7",&DWP(12,$a,"",0));	# mm7 = a[3]
-		&pmuludq("mm7","mm0");		# mm7 = w*a[3]
-		&paddq("mm1","mm2");		# mm1 = carry_in + r[0] + w*a[0]
-		&movd("mm3",&DWP(4,$r,"",0));	# mm3 = r[1]
-		&paddq("mm3","mm4");		# mm3 = r[1] + w*a[1]
-		&movd("mm5",&DWP(8,$r,"",0));	# mm5 = r[2]
-		&paddq("mm5","mm6");		# mm5 = r[2] + w*a[2]
-		&movd("mm4",&DWP(12,$r,"",0));	# mm4 = r[3]
-		&paddq("mm7","mm4");		# mm7 = r[3] + w*a[3]
-		&movd(&DWP(0,$r,"",0),"mm1");
-		&movd("mm2",&DWP(16,$a,"",0));	# mm2 = a[4]
-		&pmuludq("mm2","mm0");		# mm2 = w*a[4]
-		&psrlq("mm1",32);		# mm1 = carry0
-		&movd("mm4",&DWP(20,$a,"",0));	# mm4 = a[5]
-		&pmuludq("mm4","mm0");		# mm4 = w*a[5]
-		&paddq("mm1","mm3");		# mm1 = carry0 + r[1] + w*a[1]
-		&movd("mm6",&DWP(24,$a,"",0));	# mm6 = a[6]
-		&pmuludq("mm6","mm0");		# mm6 = w*a[6]
-		&movd(&DWP(4,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry1
-		&movd("mm3",&DWP(28,$a,"",0));	# mm3 = a[7]
-		&add($a,32);
-		&pmuludq("mm3","mm0");		# mm3 = w*a[7]
-		&paddq("mm1","mm5");		# mm1 = carry1 + r[2] + w*a[2]
-		&movd("mm5",&DWP(16,$r,"",0));	# mm5 = r[4]
-		&paddq("mm2","mm5");		# mm2 = r[4] + w*a[4]
-		&movd(&DWP(8,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry2
-		&paddq("mm1","mm7");		# mm1 = carry2 + r[3] + w*a[3]
-		&movd("mm5",&DWP(20,$r,"",0));	# mm5 = r[5]
-		&paddq("mm4","mm5");		# mm4 = r[5] + w*a[5]
-		&movd(&DWP(12,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry3
-		&paddq("mm1","mm2");		# mm1 = carry3 + r[4] + w*a[4]
-		&movd("mm5",&DWP(24,$r,"",0));	# mm5 = r[6]
-		&paddq("mm6","mm5");		# mm6 = r[6] + w*a[6]
-		&movd(&DWP(16,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry4
-		&paddq("mm1","mm4");		# mm1 = carry4 + r[5] + w*a[5]
-		&movd("mm5",&DWP(28,$r,"",0));	# mm5 = r[7]
-		&paddq("mm3","mm5");		# mm3 = r[7] + w*a[7]
-		&movd(&DWP(20,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry5
-		&paddq("mm1","mm6");		# mm1 = carry5 + r[6] + w*a[6]
-		&movd(&DWP(24,$r,"",0),"mm1");
-		&psrlq("mm1",32);		# mm1 = carry6
-		&paddq("mm1","mm3");		# mm1 = carry6 + r[7] + w*a[7]
-		&movd(&DWP(28,$r,"",0),"mm1");
-		&lea($r,&DWP(32,$r));
-		&psrlq("mm1",32);		# mm1 = carry_out
-
-		&sub($c,8);
-		&jz(&label("maw_sse2_exit"));
-	&set_label("maw_sse2_entry");
-		&test($c,0xfffffff8);
-		&jnz(&label("maw_sse2_unrolled"));
-
-	&set_label("maw_sse2_loop",4);
-		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
-		&movd("mm3",&DWP(0,$r));	# mm3 = r[i]
-		&pmuludq("mm2","mm0");		# a[i] *= w
-		&lea($a,&DWP(4,$a));
-		&paddq("mm1","mm3");		# carry += r[i]
-		&paddq("mm1","mm2");		# carry += a[i]*w
-		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
-		&sub($c,1);
-		&psrlq("mm1",32);		# carry = carry_high
-		&lea($r,&DWP(4,$r));
-		&jnz(&label("maw_sse2_loop"));
-	&set_label("maw_sse2_exit");
-		&movd("eax","mm1");		# c = carry_out
-		&emms();
-		&ret();
-
-	&set_label("maw_non_sse2",16);
-	}
-
-	# function_begin prologue
-	&push("ebp");
-	&push("ebx");
-	&push("esi");
-	&push("edi");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ebp";
-	$r="edi";
-	$c="esi";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-
-	&mov("ecx",&wparam(2));	#
-	&mov($a,&wparam(1));	#
-
-	&and("ecx",0xfffffff8);	# num / 8
-	&mov($w,&wparam(3));	#
-
-	&push("ecx");		# Up the stack for a tmp variable
-
-	&jz(&label("maw_finish"));
-
-	&set_label("maw_loop",16);
-
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+= c
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",&DWP($i,$r));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r),"eax");	# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&sub("ecx",8);
-	&lea($a,&DWP(32,$a));
-	&lea($r,&DWP(32,$r));
-	&jnz(&label("maw_loop"));
-
-	&set_label("maw_finish",0);
-	&mov("ecx",&wparam(2));	# get num
-	&and("ecx",7);
-	&jnz(&label("maw_finish2"));	# helps branch prediction
-	&jmp(&label("maw_end"));
-
-	&set_label("maw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a));	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",&DWP($i*4,$r));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &dec("ecx") if ($i != 7-1);
-		&mov(&DWP($i*4,$r),"eax");	# *r= L(t);
-		 &mov($c,"edx");		# c=  H(t);
-		&jz(&label("maw_end")) if ($i != 7-1);
-		}
-	&set_label("maw_end",0);
-	&mov("eax",$c);
-
-	&pop("ecx");	# clear variable from
-
-	&function_end($name);
-	}
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
-
-	$r="eax";
-	$a="edx";
-	$c="ecx";
-
-	if ($sse2) {
-		&picmeup("eax","OPENSSL_ia32cap_P");
-		&bt(&DWP(0,"eax"),26);
-		&jnc(&label("mw_non_sse2"));
-
-		&mov($r,&wparam(0));
-		&mov($a,&wparam(1));
-		&mov($c,&wparam(2));
-		&movd("mm0",&wparam(3));	# mm0 = w
-		&pxor("mm1","mm1");		# mm1 = carry = 0
-
-	&set_label("mw_sse2_loop",16);
-		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
-		&pmuludq("mm2","mm0");		# a[i] *= w
-		&lea($a,&DWP(4,$a));
-		&paddq("mm1","mm2");		# carry += a[i]*w
-		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
-		&sub($c,1);
-		&psrlq("mm1",32);		# carry = carry_high
-		&lea($r,&DWP(4,$r));
-		&jnz(&label("mw_sse2_loop"));
-
-		&movd("eax","mm1");		# return carry
-		&emms();
-		&ret();
-	&set_label("mw_non_sse2",16);
-	}
-
-	# function_begin prologue
-	&push("ebp");
-	&push("ebx");
-	&push("esi");
-	&push("edi");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ecx";
-	$r="edi";
-	$c="esi";
-	$num="ebp";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-	&mov($w,&wparam(3));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("mw_finish"));
-
-	&set_label("mw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jz(&label("mw_finish"));
-	&jmp(&label("mw_loop"));
-
-	&set_label("mw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jnz(&label("mw_finish2"));
-	&jmp(&label("mw_end"));
-
-	&set_label("mw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		 &dec($num) if ($i != 7-1);
-		&jz(&label("mw_end")) if ($i != 7-1);
-		}
-	&set_label("mw_end",0);
-	&mov("eax",$c);
-
-	&function_end($name);
-	}
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
-
-	$r="eax";
-	$a="edx";
-	$c="ecx";
-
-	if ($sse2) {
-		&picmeup("eax","OPENSSL_ia32cap_P");
-		&bt(&DWP(0,"eax"),26);
-		&jnc(&label("sqr_non_sse2"));
-
-		&mov($r,&wparam(0));
-		&mov($a,&wparam(1));
-		&mov($c,&wparam(2));
-
-	&set_label("sqr_sse2_loop",16);
-		&movd("mm0",&DWP(0,$a));	# mm0 = a[i]
-		&pmuludq("mm0","mm0");		# a[i] *= a[i]
-		&lea($a,&DWP(4,$a));		# a++
-		&movq(&QWP(0,$r),"mm0");	# r[i] = a[i]*a[i]
-		&sub($c,1);
-		&lea($r,&DWP(8,$r));		# r += 2
-		&jnz(&label("sqr_sse2_loop"));
-
-		&emms();
-		&ret();
-	&set_label("sqr_non_sse2",16);
-	}
-
-	# function_begin prologue
-	&push("ebp");
-	&push("ebx");
-	&push("esi");
-	&push("edi");
-
-	&comment("");
-	$r="esi";
-	$a="edi";
-	$num="ebx";
-
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("sw_finish"));
-
-	&set_label("sw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-		&mov("eax",&DWP($i,$a,"",0)); 	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*2,$r,"",0),"eax");	#
-		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,64);
-	&sub($num,8);
-	&jnz(&label("sw_loop"));
-
-	&set_label("sw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jz(&label("sw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov("eax",&DWP($i*4,$a,"",0));	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*8,$r,"",0),"eax");	#
-		 &dec($num) if ($i != 7-1);
-		&mov(&DWP($i*8+4,$r,"",0),"edx");
-		 &jz(&label("sw_end")) if ($i != 7-1);
-		}
-	&set_label("sw_end",0);
-
-	&function_end($name);
-	}
-
-sub bn_div_words
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"");
-	&mov("edx",&wparam(0));	#
-	&mov("eax",&wparam(1));	#
-	&mov("ecx",&wparam(2));	#
-	&div("ecx");
-	&ret();
-	&function_end_B($name);
-	}
-
-sub bn_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-sub bn_sub_part_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP(0,$a,"",0));	# *a
-		 &mov($tmp2,&DWP(0,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		&mov(&DWP(0,$r,"",0),$tmp1);	# *r
-		&add($a, 4);
-		&add($b, 4);
-		&add($r, 4);
-		 &dec($num) if ($i != 6);
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-	&cmp(&wparam(4),0);
-	&je(&label("pw_end"));
-
-	&mov($num,&wparam(4));	# get dl
-	&cmp($num,0);
-	&je(&label("pw_end"));
-	&jge(&label("pw_pos"));
-
-	&comment("pw_neg");
-	&mov($tmp2,0);
-	&sub($tmp2,$num);
-	&mov($num,$tmp2);
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("pw_neg_finish"));
-
-	&set_label("pw_neg_loop",0);
-	for ($i=0; $i<8; $i++)
-	{
-	    &comment("dl<0 Round $i");
-
-	    &mov($tmp1,0);
-	    &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-	    &sub($tmp1,$c);
-	    &mov($c,0);
-	    &adc($c,$c);
-	    &sub($tmp1,$tmp2);
-	    &adc($c,0);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-	}
-	    
-	&comment("");
-	&add($b,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_neg_loop"));
-	    
-	&set_label("pw_neg_finish",0);
-	&mov($tmp2,&wparam(4));	# get dl
-	&mov($num,0);
-	&sub($num,$tmp2);
-	&and($num,7);
-	&jz(&label("pw_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &comment("dl<0 Tail Round $i");
-	    &mov($tmp1,0);
-	    &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-	    &sub($tmp1,$c);
-	    &mov($c,0);
-	    &adc($c,$c);
-	    &sub($tmp1,$tmp2);
-	    &adc($c,0);
-	    &dec($num) if ($i != 6);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jz(&label("pw_end")) if ($i != 6);
-	}
-
-	&jmp(&label("pw_end"));
-	
-	&set_label("pw_pos",0);
-	
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("pw_pos_finish"));
-
-	&set_label("pw_pos_loop",0);
-
-	for ($i=0; $i<8; $i++)
-	{
-	    &comment("dl>0 Round $i");
-
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &sub($tmp1,$c);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jnc(&label("pw_nc".$i));
-	}
-	    
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_pos_loop"));
-	    
-	&set_label("pw_pos_finish",0);
-	&mov($num,&wparam(4));	# get dl
-	&and($num,7);
-	&jz(&label("pw_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &comment("dl>0 Tail Round $i");
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &sub($tmp1,$c);
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &jnc(&label("pw_tail_nc".$i));
-	    &dec($num) if ($i != 6);
-	    &jz(&label("pw_end")) if ($i != 6);
-	}
-	&mov($c,1);
-	&jmp(&label("pw_end"));
-
-	&set_label("pw_nc_loop",0);
-	for ($i=0; $i<8; $i++)
-	{
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &set_label("pw_nc".$i,0);
-	}
-	    
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jnz(&label("pw_nc_loop"));
-	    
-	&mov($num,&wparam(4));	# get dl
-	&and($num,7);
-	&jz(&label("pw_nc_end"));
-	    
-	for ($i=0; $i<7; $i++)
-	{
-	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
-	    &set_label("pw_tail_nc".$i,0);
-	    &dec($num) if ($i != 6);
-	    &jz(&label("pw_nc_end")) if ($i != 6);
-	}
-
-	&set_label("pw_nc_end",0);
-	&mov($c,0);
-
-	&set_label("pw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
diff --git a/lib/libssl/src/crypto/bn/asm/co-586.pl b/lib/libssl/src/crypto/bn/asm/co-586.pl
deleted file mode 100644
index 57101a6bd77..00000000000
--- a/lib/libssl/src/crypto/bn/asm/co-586.pl
+++ /dev/null
@@ -1,287 +0,0 @@
-#!/usr/local/bin/perl
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
-sub mul_add_c
-	{
-	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("mul a[$ai]*b[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	&mul("edx");
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
-	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
-	}
-
-sub sqr_add_c
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
-	}
-
-sub sqr_add_c2
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$a,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add("eax","eax");
-	 ###
-	&adc("edx","edx");
-	 ###
-	&adc($c2,0);
-	 &add($c0,"eax");
-	&adc($c1,"edx");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
-	&adc($c2,0);
-	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
-	 ###
-	}
-
-sub bn_mul_comba
-	{
-	local($name,$num)=@_;
-	local($a,$b,$c0,$c1,$c2);
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$b="edi";
-	
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	&push("esi");
-	 &mov($a,&wparam(1));
-	&push("edi");
-	 &mov($b,&wparam(2));
-	&push("ebp");
-	 &push("ebx");
-
-	&xor($c0,$c0);
-	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
-	&xor($c1,$c1);
-	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("################## Calculate word $i"); 
-
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($j+1) == $end)
-				{
-				$v=1;
-				$v=2 if (($i+1) == $tot);
-				}
-			else
-				{ $v=0; }
-			if (($j+1) != $end)
-				{
-				$na=($ai-1);
-				$nb=($bi+1);
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
-			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				# &mov("eax",&wparam(0));
-				# &mov(&DWP($i*4,"eax","",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&comment("save r[$i]");
-	# &mov("eax",&wparam(0));
-	&mov(&DWP($i*4,"eax","",0),$c0);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-sub bn_sqr_comba
-	{
-	local($name,$num)=@_;
-	local($r,$a,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$r="edi";
-
-	&push("esi");
-	 &push("edi");
-	&push("ebp");
-	 &push("ebx");
-	&mov($r,&wparam(0));
-	 &mov($a,&wparam(1));
-	&xor($c0,$c0);
-	 &xor($c1,$c1);
-	&mov("eax",&DWP(0,$a,"",0)); # load the first word
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("############### Calculate word $i");
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($ai-1) < ($bi+1))
-				{
-				$v=1;
-				$v=2 if ($i+1) == $tot;
-				}
-			else
-				{ $v=0; }
-			if (!$v)
-				{
-				$na=$ai-1;
-				$nb=$bi+1;
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-			if ($ai == $bi)
-				{
-				&sqr_add_c($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			else
-				{
-				&sqr_add_c2($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				#&mov(&DWP($i*4,$r,"",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				last;
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&mov(&DWP($i*4,$r,"",0),$c0);
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
diff --git a/lib/libssl/src/crypto/bn/asm/ia64-mont.pl b/lib/libssl/src/crypto/bn/asm/ia64-mont.pl
deleted file mode 100644
index e258658428a..00000000000
--- a/lib/libssl/src/crypto/bn/asm/ia64-mont.pl
+++ /dev/null
@@ -1,851 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# January 2010
-#
-# "Teaser" Montgomery multiplication module for IA-64. There are
-# several possibilities for improvement:
-#
-# - modulo-scheduling outer loop would eliminate quite a number of
-#   stalls after ldf8, xma and getf.sig outside inner loop and
-#   improve shorter key performance;
-# - shorter vector support [with input vectors being fetched only
-#   once] should be added;
-# - 2x unroll with help of n0[1] would make the code scalable on
-#   "wider" IA-64, "wider" than Itanium 2 that is, which is not of
-#   acute interest, because upcoming Tukwila's individual cores are
-#   reportedly based on Itanium 2 design;
-# - dedicated squaring procedure(?);
-#
-# January 2010
-#
-# Shorter vector support is implemented by zero-padding ap and np
-# vectors up to 8 elements, or 512 bits. This means that 256-bit
-# inputs will be processed only 2 times faster than 512-bit inputs,
-# not 4 [as one would expect, because algorithm complexity is n^2].
-# The reason for padding is that inputs shorter than 512 bits won't
-# be processed faster anyway, because minimal critical path of the
-# core loop happens to match 512-bit timing. Either way, it resulted
-# in >100% improvement of 512-bit RSA sign benchmark and 50% - of
-# 1024-bit one [in comparison to original version of *this* module].
-#
-# So far 'openssl speed rsa dsa' output on 900MHz Itanium 2 *with*
-# this module is:
-#                   sign    verify    sign/s verify/s
-# rsa  512 bits 0.000290s 0.000024s   3452.8  42031.4
-# rsa 1024 bits 0.000793s 0.000058s   1261.7  17172.0
-# rsa 2048 bits 0.005908s 0.000148s    169.3   6754.0
-# rsa 4096 bits 0.033456s 0.000469s     29.9   2133.6
-# dsa  512 bits 0.000253s 0.000198s   3949.9   5057.0
-# dsa 1024 bits 0.000585s 0.000607s   1708.4   1647.4
-# dsa 2048 bits 0.001453s 0.001703s    688.1    587.4
-#
-# ... and *without* (but still with ia64.S):
-#
-# rsa  512 bits 0.000670s 0.000041s   1491.8  24145.5
-# rsa 1024 bits 0.001988s 0.000080s    502.9  12499.3
-# rsa 2048 bits 0.008702s 0.000189s    114.9   5293.9
-# rsa 4096 bits 0.043860s 0.000533s     22.8   1875.9
-# dsa  512 bits 0.000441s 0.000427s   2265.3   2340.6
-# dsa 1024 bits 0.000823s 0.000867s   1215.6   1153.2
-# dsa 2048 bits 0.001894s 0.002179s    528.1    458.9
-#
-# As it can be seen, RSA sign performance improves by 130-30%,
-# hereafter less for longer keys, while verify - by 74-13%.
-# DSA performance improves by 115-30%.
-
-if ($^O eq "hpux") {
-    $ADDP="addp4";
-    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
-} else { $ADDP="add"; }
-
-$code=<<___;
-.explicit
-.text
-
-// int bn_mul_mont (BN_ULONG *rp,const BN_ULONG *ap,
-//		    const BN_ULONG *bp,const BN_ULONG *np,
-//		    const BN_ULONG *n0p,int num);			
-.align	64
-.global	bn_mul_mont#
-.proc	bn_mul_mont#
-bn_mul_mont:
-	.prologue
-	.body
-{ .mmi;	cmp4.le		p6,p7=2,r37;;
-(p6)	cmp4.lt.unc	p8,p9=8,r37
-	mov		ret0=r0		};;
-{ .bbb;
-(p9)	br.cond.dptk.many	bn_mul_mont_8
-(p8)	br.cond.dpnt.many	bn_mul_mont_general
-(p7)	br.ret.spnt.many	b0	};;
-.endp	bn_mul_mont#
-
-prevfs=r2;	prevpr=r3;	prevlc=r10;	prevsp=r11;
-
-rptr=r8;	aptr=r9;	bptr=r14;	nptr=r15;
-tptr=r16;	// &tp[0]
-tp_1=r17;	// &tp[-1]
-num=r18;	len=r19;	lc=r20;
-topbit=r21;	// carry bit from tmp[num]
-
-n0=f6;
-m0=f7;
-bi=f8;
-
-.align	64
-.local	bn_mul_mont_general#
-.proc	bn_mul_mont_general#
-bn_mul_mont_general:
-	.prologue
-{ .mmi;	.save	ar.pfs,prevfs
-	alloc	prevfs=ar.pfs,6,2,0,8
-	$ADDP	aptr=0,in1
-	.save	ar.lc,prevlc
-	mov	prevlc=ar.lc		}
-{ .mmi;	.vframe	prevsp
-	mov	prevsp=sp
-	$ADDP	bptr=0,in2
-	.save	pr,prevpr
-	mov	prevpr=pr		};;
-
-	.body
-	.rotf		alo[6],nlo[4],ahi[8],nhi[6]
-	.rotr		a[3],n[3],t[2]
-
-{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
-	ldf8		alo[4]=[aptr],16	// ap[0]
-	$ADDP		r30=8,in1	};;
-{ .mmi;	ldf8		alo[3]=[r30],16		// ap[1]
-	ldf8		alo[2]=[aptr],16	// ap[2]
-	$ADDP		in4=0,in4	};;
-{ .mmi;	ldf8		alo[1]=[r30]		// ap[3]
-	ldf8		n0=[in4]		// n0
-	$ADDP		rptr=0,in0		}
-{ .mmi;	$ADDP		nptr=0,in3
-	mov		r31=16
-	zxt4		num=in5		};;
-{ .mmi;	ldf8		nlo[2]=[nptr],8		// np[0]
-	shladd		len=num,3,r0
-	shladd		r31=num,3,r31	};;
-{ .mmi;	ldf8		nlo[1]=[nptr],8		// np[1]
-	add		lc=-5,num
-	sub		r31=sp,r31	};;
-{ .mfb;	and		sp=-16,r31		// alloca
-	xmpy.hu		ahi[2]=alo[4],bi	// ap[0]*bp[0]
-	nop.b		0		}
-{ .mfb;	nop.m		0
-	xmpy.lu		alo[4]=alo[4],bi
-	brp.loop.imp	.L1st_ctop,.L1st_cend-16
-					};;
-{ .mfi;	nop.m		0
-	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[0]
-	add		tp_1=8,sp	}
-{ .mfi;	nop.m		0
-	xma.lu		alo[3]=alo[3],bi,ahi[2]
-	mov		pr.rot=0x20001f<<16
-			// ------^----- (p40) at first (p23)
-			// ----------^^ p[16:20]=1
-					};;
-{ .mfi;	nop.m		0
-	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[0])*n0
-	mov		ar.lc=lc	}
-{ .mfi;	nop.m		0
-	fcvt.fxu.s1	nhi[1]=f0
-	mov		ar.ec=8		};;
-
-.align	32
-.L1st_ctop:
-.pred.rel	"mutex",p40,p42
-{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
-	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
-	(p40)	add		n[2]=n[2],a[2]		}   // (p23)					}
-{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)(p16)
-	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
-	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
-{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
-	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
-	(p42)	cmp.leu		p41,p39=n[2],a[2]   	}   // (p23)
-{ .mfi;	(p23)	st8		[tp_1]=n[2],8
-	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
-	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
-{ .mmb;	(p21)	getf.sig	n[0]=nlo[3]
-	(p16)	nop.m		0
-	br.ctop.sptk	.L1st_ctop			};;
-.L1st_cend:
-
-{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
-	getf.sig	n[0]=nhi[4]
-	add		num=-1,num	};;	// num--
-{ .mmi;	.pred.rel	"mutex",p40,p42
-(p40)	add		n[0]=n[0],a[0]
-(p42)	add		n[0]=n[0],a[0],1
-	sub		aptr=aptr,len	};;	// rewind
-{ .mmi;	.pred.rel	"mutex",p40,p42
-(p40)	cmp.ltu		p41,p39=n[0],a[0]
-(p42)	cmp.leu		p41,p39=n[0],a[0]
-	sub		nptr=nptr,len	};;
-{ .mmi;	.pred.rel	"mutex",p39,p41
-(p39)	add		topbit=r0,r0
-(p41)	add		topbit=r0,r0,1
-	nop.i		0		}	
-{ .mmi;	st8		[tp_1]=n[0]
-	add		tptr=16,sp
-	add		tp_1=8,sp	};;
-
-.Louter:
-{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
-	ldf8		ahi[3]=[tptr]		// tp[0]
-	add		r30=8,aptr	};;
-{ .mmi;	ldf8		alo[4]=[aptr],16	// ap[0]
-	ldf8		alo[3]=[r30],16		// ap[1]
-	add		r31=8,nptr	};;
-{ .mfb;	ldf8		alo[2]=[aptr],16	// ap[2]
-	xma.hu		ahi[2]=alo[4],bi,ahi[3]	// ap[0]*bp[i]+tp[0]
-	brp.loop.imp	.Linner_ctop,.Linner_cend-16
-					}
-{ .mfb;	ldf8		alo[1]=[r30]		// ap[3]
-	xma.lu		alo[4]=alo[4],bi,ahi[3]
-	clrrrb.pr			};;
-{ .mfi;	ldf8		nlo[2]=[nptr],16	// np[0]
-	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[i]
-	nop.i		0		}
-{ .mfi;	ldf8		nlo[1]=[r31]		// np[1]
-	xma.lu		alo[3]=alo[3],bi,ahi[2]
-	mov		pr.rot=0x20101f<<16
-			// ------^----- (p40) at first (p23)
-			// --------^--- (p30) at first (p22)
-			// ----------^^ p[16:20]=1
-					};;
-{ .mfi;	st8		[tptr]=r0		// tp[0] is already accounted
-	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[i]+tp[0])*n0
-	mov		ar.lc=lc	}
-{ .mfi;
-	fcvt.fxu.s1	nhi[1]=f0
-	mov		ar.ec=8		};;
-
-// This loop spins in 4*(n+7) ticks on Itanium 2 and should spin in
-// 7*(n+7) ticks on Itanium (the one codenamed Merced). Factor of 7
-// in latter case accounts for two-tick pipeline stall, which means
-// that its performance would be ~20% lower than optimal one. No
-// attempt was made to address this, because original Itanium is
-// hardly represented out in the wild...
-.align	32
-.Linner_ctop:
-.pred.rel	"mutex",p40,p42
-.pred.rel	"mutex",p30,p32
-{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
-	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
-	(p40)	add		n[2]=n[2],a[2]		}   // (p23)
-{ .mfi;	(p16)	nop.m		0
-	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
-	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
-{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
-	(p16)	nop.f		0
-	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
-{ .mfi;	(p21)	ld8		t[0]=[tptr],8
-	(p16)	nop.f		0
-	(p42)	cmp.leu		p41,p39=n[2],a[2]	};; // (p23)
-{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)
-	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
-	(p30)	add		a[1]=a[1],t[1]		}   // (p22)
-{ .mfi;	(p16)	nop.m		0
-	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
-	(p32)	add		a[1]=a[1],t[1],1	};; // (p22)
-{ .mmi;	(p21)	getf.sig	n[0]=nlo[3]
-	(p16)	nop.m		0
-	(p30)	cmp.ltu		p31,p29=a[1],t[1]	}   // (p22)
-{ .mmb;	(p23)	st8		[tp_1]=n[2],8
-	(p32)	cmp.leu		p31,p29=a[1],t[1]	    // (p22)
-	br.ctop.sptk	.Linner_ctop			};;
-.Linner_cend:
-
-{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
-	getf.sig	n[0]=nhi[4]
-	nop.i		0		};;
-
-{ .mmi;	.pred.rel	"mutex",p31,p33
-(p31)	add		a[0]=a[0],topbit
-(p33)	add		a[0]=a[0],topbit,1
-	mov		topbit=r0	};;
-{ .mfi; .pred.rel	"mutex",p31,p33
-(p31)	cmp.ltu		p32,p30=a[0],topbit
-(p33)	cmp.leu		p32,p30=a[0],topbit
-					}
-{ .mfi;	.pred.rel	"mutex",p40,p42
-(p40)	add		n[0]=n[0],a[0]
-(p42)	add		n[0]=n[0],a[0],1
-					};;
-{ .mmi;	.pred.rel	"mutex",p44,p46
-(p40)	cmp.ltu		p41,p39=n[0],a[0]
-(p42)	cmp.leu		p41,p39=n[0],a[0]
-(p32)	add		topbit=r0,r0,1	}
-
-{ .mmi;	st8		[tp_1]=n[0],8
-	cmp4.ne		p6,p0=1,num
-	sub		aptr=aptr,len	};;	// rewind
-{ .mmi;	sub		nptr=nptr,len
-(p41)	add		topbit=r0,r0,1
-	add		tptr=16,sp	}
-{ .mmb;	add		tp_1=8,sp
-	add		num=-1,num		// num--
-(p6)	br.cond.sptk.many	.Louter	};;
-
-{ .mbb;	add		lc=4,lc
-	brp.loop.imp	.Lsub_ctop,.Lsub_cend-16
-	clrrrb.pr			};;
-{ .mii;	nop.m		0
-	mov		pr.rot=0x10001<<16
-			// ------^---- (p33) at first (p17)
-	mov		ar.lc=lc	}
-{ .mii;	nop.m		0
-	mov		ar.ec=3
-	nop.i		0		};;
-
-.Lsub_ctop:
-.pred.rel	"mutex",p33,p35
-{ .mfi;	(p16)	ld8		t[0]=[tptr],8		    // t=*(tp++)
-	(p16)	nop.f		0
-	(p33)	sub		n[1]=t[1],n[1]		}   // (p17)
-{ .mfi;	(p16)	ld8		n[0]=[nptr],8		    // n=*(np++)
-	(p16)	nop.f		0
-	(p35)	sub		n[1]=t[1],n[1],1	};; // (p17)
-{ .mib;	(p18)	st8		[rptr]=n[2],8		    // *(rp++)=r
-	(p33)	cmp.gtu		p34,p32=n[1],t[1]	    // (p17)
-	(p18)	nop.b		0			}
-{ .mib;	(p18)	nop.m		0
-	(p35)	cmp.geu		p34,p32=n[1],t[1]	    // (p17)
-	br.ctop.sptk	.Lsub_ctop			};;
-.Lsub_cend:
-
-{ .mmb;	.pred.rel	"mutex",p34,p36
-(p34)	sub	topbit=topbit,r0	// (p19)
-(p36)	sub	topbit=topbit,r0,1
-	brp.loop.imp	.Lcopy_ctop,.Lcopy_cend-16
-					}
-{ .mmb;	sub	rptr=rptr,len		// rewind
-	sub	tptr=tptr,len
-	clrrrb.pr			};;
-{ .mmi;	and	aptr=tptr,topbit
-	andcm	bptr=rptr,topbit
-	mov	pr.rot=1<<16		};;
-{ .mii;	or	nptr=aptr,bptr
-	mov	ar.lc=lc
-	mov	ar.ec=3			};;
-
-.Lcopy_ctop:
-{ .mmb;	(p16)	ld8	n[0]=[nptr],8
-	(p18)	st8	[tptr]=r0,8
-	(p16)	nop.b	0		}
-{ .mmb;	(p16)	nop.m	0
-	(p18)	st8	[rptr]=n[2],8
-	br.ctop.sptk	.Lcopy_ctop	};;
-.Lcopy_cend:
-
-{ .mmi;	mov		ret0=1			// signal "handled"
-	rum		1<<5			// clear um.mfh
-	mov		ar.lc=prevlc	}
-{ .mib;	.restore	sp
-	mov		sp=prevsp
-	mov		pr=prevpr,0x1ffff
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_mont_general#
-
-a1=r16;  a2=r17;  a3=r18;  a4=r19;  a5=r20;  a6=r21;  a7=r22;  a8=r23;
-n1=r24;  n2=r25;  n3=r26;  n4=r27;  n5=r28;  n6=r29;  n7=r30;  n8=r31;
-t0=r15;
-
-ai0=f8;  ai1=f9;  ai2=f10; ai3=f11; ai4=f12; ai5=f13; ai6=f14; ai7=f15;
-ni0=f16; ni1=f17; ni2=f18; ni3=f19; ni4=f20; ni5=f21; ni6=f22; ni7=f23;
-
-.align	64
-.skip	48		// aligns loop body
-.local	bn_mul_mont_8#
-.proc	bn_mul_mont_8#
-bn_mul_mont_8:
-	.prologue
-{ .mmi;	.save		ar.pfs,prevfs
-	alloc		prevfs=ar.pfs,6,2,0,8
-	.vframe		prevsp
-	mov		prevsp=sp
-	.save		ar.lc,prevlc
-	mov		prevlc=ar.lc	}
-{ .mmi;	add		r17=-6*16,sp
-	add		sp=-7*16,sp
-	.save		pr,prevpr
-	mov		prevpr=pr	};;
-
-{ .mmi;	.save.gf	0,0x10
-	stf.spill	[sp]=f16,-16
-	.save.gf	0,0x20
-	stf.spill	[r17]=f17,32
-	add		r16=-5*16,prevsp};;
-{ .mmi;	.save.gf	0,0x40
-	stf.spill	[r16]=f18,32
-	.save.gf	0,0x80
-	stf.spill	[r17]=f19,32
-	$ADDP		aptr=0,in1	};;
-{ .mmi;	.save.gf	0,0x100
-	stf.spill	[r16]=f20,32
-	.save.gf	0,0x200
-	stf.spill	[r17]=f21,32
-	$ADDP		r29=8,in1	};;
-{ .mmi;	.save.gf	0,0x400
-	stf.spill	[r16]=f22
-	.save.gf	0,0x800
-	stf.spill	[r17]=f23
-	$ADDP		rptr=0,in0	};;
-
-	.body
-	.rotf		bj[8],mj[2],tf[2],alo[10],ahi[10],nlo[10],nhi[10]
-	.rotr		t[8]
-
-// load input vectors padding them to 8 elements
-{ .mmi;	ldf8		ai0=[aptr],16		// ap[0]
-	ldf8		ai1=[r29],16		// ap[1]
-	$ADDP		bptr=0,in2	}
-{ .mmi;	$ADDP		r30=8,in2
-	$ADDP		nptr=0,in3
-	$ADDP		r31=8,in3	};;
-{ .mmi;	ldf8		bj[7]=[bptr],16		// bp[0]
-	ldf8		bj[6]=[r30],16		// bp[1]
-	cmp4.le		p4,p5=3,in5	}
-{ .mmi;	ldf8		ni0=[nptr],16		// np[0]
-	ldf8		ni1=[r31],16		// np[1]
-	cmp4.le		p6,p7=4,in5	};;
-
-{ .mfi;	(p4)ldf8	ai2=[aptr],16		// ap[2]
-	(p5)fcvt.fxu	ai2=f0
-	cmp4.le		p8,p9=5,in5	}
-{ .mfi;	(p6)ldf8	ai3=[r29],16		// ap[3]
-	(p7)fcvt.fxu	ai3=f0
-	cmp4.le		p10,p11=6,in5	}
-{ .mfi;	(p4)ldf8	bj[5]=[bptr],16		// bp[2]
-	(p5)fcvt.fxu	bj[5]=f0
-	cmp4.le		p12,p13=7,in5	}
-{ .mfi;	(p6)ldf8	bj[4]=[r30],16		// bp[3]
-	(p7)fcvt.fxu	bj[4]=f0
-	cmp4.le		p14,p15=8,in5	}
-{ .mfi;	(p4)ldf8	ni2=[nptr],16		// np[2]
-	(p5)fcvt.fxu	ni2=f0
-	addp4		r28=-1,in5	}
-{ .mfi;	(p6)ldf8	ni3=[r31],16		// np[3]
-	(p7)fcvt.fxu	ni3=f0
-	$ADDP		in4=0,in4	};;
-
-{ .mfi;	ldf8		n0=[in4]
-	fcvt.fxu	tf[1]=f0
-	nop.i		0		}
-
-{ .mfi;	(p8)ldf8	ai4=[aptr],16		// ap[4]
-	(p9)fcvt.fxu	ai4=f0
-	mov		t[0]=r0		}
-{ .mfi;	(p10)ldf8	ai5=[r29],16		// ap[5]
-	(p11)fcvt.fxu	ai5=f0
-	mov		t[1]=r0		}
-{ .mfi;	(p8)ldf8	bj[3]=[bptr],16		// bp[4]
-	(p9)fcvt.fxu	bj[3]=f0
-	mov		t[2]=r0		}
-{ .mfi;	(p10)ldf8	bj[2]=[r30],16		// bp[5]
-	(p11)fcvt.fxu	bj[2]=f0
-	mov		t[3]=r0		}
-{ .mfi;	(p8)ldf8	ni4=[nptr],16		// np[4]
-	(p9)fcvt.fxu	ni4=f0
-	mov		t[4]=r0		}
-{ .mfi;	(p10)ldf8	ni5=[r31],16		// np[5]
-	(p11)fcvt.fxu	ni5=f0
-	mov		t[5]=r0		};;
-
-{ .mfi;	(p12)ldf8	ai6=[aptr],16		// ap[6]
-	(p13)fcvt.fxu	ai6=f0
-	mov		t[6]=r0		}
-{ .mfi;	(p14)ldf8	ai7=[r29],16		// ap[7]
-	(p15)fcvt.fxu	ai7=f0
-	mov		t[7]=r0		}
-{ .mfi;	(p12)ldf8	bj[1]=[bptr],16		// bp[6]
-	(p13)fcvt.fxu	bj[1]=f0
-	mov		ar.lc=r28	}
-{ .mfi;	(p14)ldf8	bj[0]=[r30],16		// bp[7]
-	(p15)fcvt.fxu	bj[0]=f0
-	mov		ar.ec=1		}
-{ .mfi;	(p12)ldf8	ni6=[nptr],16		// np[6]
-	(p13)fcvt.fxu	ni6=f0
-	mov		pr.rot=1<<16	}
-{ .mfb;	(p14)ldf8	ni7=[r31],16		// np[7]
-	(p15)fcvt.fxu	ni7=f0
-	brp.loop.imp	.Louter_8_ctop,.Louter_8_cend-16
-					};;
-
-// The loop is scheduled for 32*n ticks on Itanium 2. Actual attempt
-// to measure with help of Interval Time Counter indicated that the
-// factor is a tad higher: 33 or 34, if not 35. Exact measurement and
-// addressing the issue is problematic, because I don't have access
-// to platform-specific instruction-level profiler. On Itanium it
-// should run in 56*n ticks, because of higher xma latency...
-.Louter_8_ctop:
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mfi;	(p16)	nop.m		0			// 0:
-	(p16)	xma.hu		ahi[0]=ai0,bj[7],tf[1]	//	ap[0]*b[i]+t[0]
-	(p40)	add		a3=a3,n3	}	//	(p17) a3+=n3
-{ .mfi;	(p42)	add		a3=a3,n3,1
-	(p16)	xma.lu		alo[0]=ai0,bj[7],tf[1]
-	(p16)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	a7=alo[8]		// 1:
-	(p48)	add		t[6]=t[6],a3		//	(p17) t[6]+=a3
-	(p50)	add		t[6]=t[6],a3,1	};;
-{ .mfi;	(p17)	getf.sig	a8=ahi[8]		// 2:
-	(p17)	xma.hu		nhi[7]=ni6,mj[1],nhi[6]	//	np[6]*m0
-	(p40)	cmp.ltu		p43,p41=a3,n3	}
-{ .mfi;	(p42)	cmp.leu		p43,p41=a3,n3
-	(p17)	xma.lu		nlo[7]=ni6,mj[1],nhi[6]
-	(p16)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	n5=nlo[6]		// 3:
-	(p48)	cmp.ltu		p51,p49=t[6],a3
-	(p50)	cmp.leu		p51,p49=t[6],a3	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mfi;	(p16)	nop.m		0			// 4:
-	(p16)	xma.hu		ahi[1]=ai1,bj[7],ahi[0]	//	ap[1]*b[i]
-	(p41)	add		a4=a4,n4	}	//	(p17) a4+=n4
-{ .mfi;	(p43)	add		a4=a4,n4,1
-	(p16)	xma.lu		alo[1]=ai1,bj[7],ahi[0]
-	(p16)	nop.i		0		};;
-{ .mfi;	(p49)	add		t[5]=t[5],a4		// 5:	(p17) t[5]+=a4
-	(p16)	xmpy.lu		mj[0]=alo[0],n0		//	(ap[0]*b[i]+t[0])*n0
-	(p51)	add		t[5]=t[5],a4,1	};;
-{ .mfi;	(p16)	nop.m		0			// 6:
-	(p17)	xma.hu		nhi[8]=ni7,mj[1],nhi[7]	//	np[7]*m0
-	(p41)	cmp.ltu		p42,p40=a4,n4	}
-{ .mfi;	(p43)	cmp.leu		p42,p40=a4,n4
-	(p17)	xma.lu		nlo[8]=ni7,mj[1],nhi[7]
-	(p16)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	n6=nlo[7]		// 7:
-	(p49)	cmp.ltu		p50,p48=t[5],a4
-	(p51)	cmp.leu		p50,p48=t[5],a4	};;
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mfi;	(p16)	nop.m		0			// 8:
-	(p16)	xma.hu		ahi[2]=ai2,bj[7],ahi[1]	//	ap[2]*b[i]
-	(p40)	add		a5=a5,n5	}	//	(p17) a5+=n5
-{ .mfi;	(p42)	add		a5=a5,n5,1
-	(p16)	xma.lu		alo[2]=ai2,bj[7],ahi[1]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	a1=alo[1]		// 9:
-	(p48)	add		t[4]=t[4],a5		//	p(17) t[4]+=a5
-	(p50)	add		t[4]=t[4],a5,1	};;
-{ .mfi;	(p16)	nop.m		0			// 10:
-	(p16)	xma.hu		nhi[0]=ni0,mj[0],alo[0]	//	np[0]*m0
-	(p40)	cmp.ltu		p43,p41=a5,n5	}
-{ .mfi;	(p42)	cmp.leu		p43,p41=a5,n5
-	(p16)	xma.lu		nlo[0]=ni0,mj[0],alo[0]
-	(p16)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	n7=nlo[8]		// 11:
-	(p48)	cmp.ltu		p51,p49=t[4],a5
-	(p50)	cmp.leu		p51,p49=t[4],a5	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mfi;	(p17)	getf.sig	n8=nhi[8]		// 12:
-	(p16)	xma.hu		ahi[3]=ai3,bj[7],ahi[2]	//	ap[3]*b[i]
-	(p41)	add		a6=a6,n6	}	//	(p17) a6+=n6
-{ .mfi;	(p43)	add		a6=a6,n6,1
-	(p16)	xma.lu		alo[3]=ai3,bj[7],ahi[2]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	a2=alo[2]		// 13:
-	(p49)	add		t[3]=t[3],a6		//	(p17) t[3]+=a6
-	(p51)	add		t[3]=t[3],a6,1	};;
-{ .mfi;	(p16)	nop.m		0			// 14:
-	(p16)	xma.hu		nhi[1]=ni1,mj[0],nhi[0]	//	np[1]*m0
-	(p41)	cmp.ltu		p42,p40=a6,n6	}
-{ .mfi;	(p43)	cmp.leu		p42,p40=a6,n6
-	(p16)	xma.lu		nlo[1]=ni1,mj[0],nhi[0]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	nop.m		0			// 15:
-	(p49)	cmp.ltu		p50,p48=t[3],a6
-	(p51)	cmp.leu		p50,p48=t[3],a6	};;
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mfi;	(p16)	nop.m		0			// 16:
-	(p16)	xma.hu		ahi[4]=ai4,bj[7],ahi[3]	//	ap[4]*b[i]
-	(p40)	add		a7=a7,n7	}	//	(p17) a7+=n7
-{ .mfi;	(p42)	add		a7=a7,n7,1
-	(p16)	xma.lu		alo[4]=ai4,bj[7],ahi[3]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	a3=alo[3]		// 17:
-	(p48)	add		t[2]=t[2],a7		//	(p17) t[2]+=a7
-	(p50)	add		t[2]=t[2],a7,1	};;
-{ .mfi;	(p16)	nop.m		0			// 18:
-	(p16)	xma.hu		nhi[2]=ni2,mj[0],nhi[1]	//	np[2]*m0
-	(p40)	cmp.ltu		p43,p41=a7,n7	}
-{ .mfi;	(p42)	cmp.leu		p43,p41=a7,n7
-	(p16)	xma.lu		nlo[2]=ni2,mj[0],nhi[1]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	n1=nlo[1]		// 19:
-	(p48)	cmp.ltu		p51,p49=t[2],a7
-	(p50)	cmp.leu		p51,p49=t[2],a7	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mfi;	(p16)	nop.m		0			// 20:
-	(p16)	xma.hu		ahi[5]=ai5,bj[7],ahi[4]	//	ap[5]*b[i]
-	(p41)	add		a8=a8,n8	}	//	(p17) a8+=n8
-{ .mfi;	(p43)	add		a8=a8,n8,1
-	(p16)	xma.lu		alo[5]=ai5,bj[7],ahi[4]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	a4=alo[4]		// 21:
-	(p49)	add		t[1]=t[1],a8		//	(p17) t[1]+=a8
-	(p51)	add		t[1]=t[1],a8,1	};;
-{ .mfi;	(p16)	nop.m		0			// 22:
-	(p16)	xma.hu		nhi[3]=ni3,mj[0],nhi[2]	//	np[3]*m0
-	(p41)	cmp.ltu		p42,p40=a8,n8	}
-{ .mfi;	(p43)	cmp.leu		p42,p40=a8,n8
-	(p16)	xma.lu		nlo[3]=ni3,mj[0],nhi[2]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	n2=nlo[2]		// 23:
-	(p49)	cmp.ltu		p50,p48=t[1],a8
-	(p51)	cmp.leu		p50,p48=t[1],a8	};;
-{ .mfi;	(p16)	nop.m		0			// 24:
-	(p16)	xma.hu		ahi[6]=ai6,bj[7],ahi[5]	//	ap[6]*b[i]
-	(p16)	add		a1=a1,n1	}	//	(p16) a1+=n1
-{ .mfi;	(p16)	nop.m		0
-	(p16)	xma.lu		alo[6]=ai6,bj[7],ahi[5]
-	(p17)	mov		t[0]=r0		};;
-{ .mii;	(p16)	getf.sig	a5=alo[5]		// 25:
-	(p16)	add		t0=t[7],a1		//	(p16) t[7]+=a1
-	(p42)	add		t[0]=t[0],r0,1	};;
-{ .mfi;	(p16)	setf.sig	tf[0]=t0		// 26:
-	(p16)	xma.hu		nhi[4]=ni4,mj[0],nhi[3]	//	np[4]*m0
-	(p50)	add		t[0]=t[0],r0,1	}
-{ .mfi;	(p16)	cmp.ltu.unc	p42,p40=a1,n1
-	(p16)	xma.lu		nlo[4]=ni4,mj[0],nhi[3]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	n3=nlo[3]		// 27:
-	(p16)	cmp.ltu.unc	p50,p48=t0,a1
-	(p16)	nop.i		0		};;
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mfi;	(p16)	nop.m		0			// 28:
-	(p16)	xma.hu		ahi[7]=ai7,bj[7],ahi[6]	//	ap[7]*b[i]
-	(p40)	add		a2=a2,n2	}	//	(p16) a2+=n2
-{ .mfi;	(p42)	add		a2=a2,n2,1
-	(p16)	xma.lu		alo[7]=ai7,bj[7],ahi[6]
-	(p16)	nop.i		0		};;
-{ .mii;	(p16)	getf.sig	a6=alo[6]		// 29:
-	(p48)	add		t[6]=t[6],a2		//	(p16) t[6]+=a2
-	(p50)	add		t[6]=t[6],a2,1	};;
-{ .mfi;	(p16)	nop.m		0			// 30:
-	(p16)	xma.hu		nhi[5]=ni5,mj[0],nhi[4]	//	np[5]*m0
-	(p40)	cmp.ltu		p41,p39=a2,n2	}
-{ .mfi;	(p42)	cmp.leu		p41,p39=a2,n2
-	(p16)	xma.lu		nlo[5]=ni5,mj[0],nhi[4]
-	(p16)	nop.i		0		};;
-{ .mfi;	(p16)	getf.sig	n4=nlo[4]		// 31:
-	(p16)	nop.f		0
-	(p48)	cmp.ltu		p49,p47=t[6],a2	}
-{ .mfb;	(p50)	cmp.leu		p49,p47=t[6],a2
-	(p16)	nop.f		0
-	br.ctop.sptk.many	.Louter_8_ctop	};;
-.Louter_8_cend:
-
-// above loop has to execute one more time, without (p16), which is
-// replaced with merged move of np[8] to GPR bank
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mmi;	(p0)	getf.sig	n1=ni0			// 0:
-	(p40)	add		a3=a3,n3		//	(p17) a3+=n3
-	(p42)	add		a3=a3,n3,1	};;
-{ .mii;	(p17)	getf.sig	a7=alo[8]		// 1:
-	(p48)	add		t[6]=t[6],a3		//	(p17) t[6]+=a3
-	(p50)	add		t[6]=t[6],a3,1	};;
-{ .mfi;	(p17)	getf.sig	a8=ahi[8]		// 2:
-	(p17)	xma.hu		nhi[7]=ni6,mj[1],nhi[6]	//	np[6]*m0
-	(p40)	cmp.ltu		p43,p41=a3,n3	}
-{ .mfi;	(p42)	cmp.leu		p43,p41=a3,n3
-	(p17)	xma.lu		nlo[7]=ni6,mj[1],nhi[6]
-	(p0)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	n5=nlo[6]		// 3:
-	(p48)	cmp.ltu		p51,p49=t[6],a3
-	(p50)	cmp.leu		p51,p49=t[6],a3	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mmi;	(p0)	getf.sig	n2=ni1			// 4:
-	(p41)	add		a4=a4,n4		//	(p17) a4+=n4
-	(p43)	add		a4=a4,n4,1	};;
-{ .mfi;	(p49)	add		t[5]=t[5],a4		// 5:	(p17) t[5]+=a4
-	(p0)	nop.f		0
-	(p51)	add		t[5]=t[5],a4,1	};;
-{ .mfi;	(p0)	getf.sig	n3=ni2			// 6:
-	(p17)	xma.hu		nhi[8]=ni7,mj[1],nhi[7]	//	np[7]*m0
-	(p41)	cmp.ltu		p42,p40=a4,n4	}
-{ .mfi;	(p43)	cmp.leu		p42,p40=a4,n4
-	(p17)	xma.lu		nlo[8]=ni7,mj[1],nhi[7]
-	(p0)	nop.i		0		};;
-{ .mii;	(p17)	getf.sig	n6=nlo[7]		// 7:
-	(p49)	cmp.ltu		p50,p48=t[5],a4
-	(p51)	cmp.leu		p50,p48=t[5],a4	};;
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mii;	(p0)	getf.sig	n4=ni3			// 8:
-	(p40)	add		a5=a5,n5		//	(p17) a5+=n5
-	(p42)	add		a5=a5,n5,1	};;
-{ .mii;	(p0)	nop.m		0			// 9:
-	(p48)	add		t[4]=t[4],a5		//	p(17) t[4]+=a5
-	(p50)	add		t[4]=t[4],a5,1	};;
-{ .mii;	(p0)	nop.m		0			// 10:
-	(p40)	cmp.ltu		p43,p41=a5,n5
-	(p42)	cmp.leu		p43,p41=a5,n5	};;
-{ .mii;	(p17)	getf.sig	n7=nlo[8]		// 11:
-	(p48)	cmp.ltu		p51,p49=t[4],a5
-	(p50)	cmp.leu		p51,p49=t[4],a5	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mii;	(p17)	getf.sig	n8=nhi[8]		// 12:
-	(p41)	add		a6=a6,n6		//	(p17) a6+=n6
-	(p43)	add		a6=a6,n6,1	};;
-{ .mii;	(p0)	getf.sig	n5=ni4			// 13:
-	(p49)	add		t[3]=t[3],a6		//	(p17) t[3]+=a6
-	(p51)	add		t[3]=t[3],a6,1	};;
-{ .mii;	(p0)	nop.m		0			// 14:
-	(p41)	cmp.ltu		p42,p40=a6,n6
-	(p43)	cmp.leu		p42,p40=a6,n6	};;
-{ .mii;	(p0)	getf.sig	n6=ni5			// 15:
-	(p49)	cmp.ltu		p50,p48=t[3],a6
-	(p51)	cmp.leu		p50,p48=t[3],a6	};;
-	.pred.rel		"mutex",p40,p42
-	.pred.rel		"mutex",p48,p50
-{ .mii;	(p0)	nop.m		0			// 16:
-	(p40)	add		a7=a7,n7		//	(p17) a7+=n7
-	(p42)	add		a7=a7,n7,1	};;
-{ .mii;	(p0)	nop.m		0			// 17:
-	(p48)	add		t[2]=t[2],a7		//	(p17) t[2]+=a7
-	(p50)	add		t[2]=t[2],a7,1	};;
-{ .mii;	(p0)	nop.m		0			// 18:
-	(p40)	cmp.ltu		p43,p41=a7,n7
-	(p42)	cmp.leu		p43,p41=a7,n7	};;
-{ .mii;	(p0)	getf.sig	n7=ni6			// 19:
-	(p48)	cmp.ltu		p51,p49=t[2],a7
-	(p50)	cmp.leu		p51,p49=t[2],a7	};;
-	.pred.rel		"mutex",p41,p43
-	.pred.rel		"mutex",p49,p51
-{ .mii;	(p0)	nop.m		0			// 20:
-	(p41)	add		a8=a8,n8		//	(p17) a8+=n8
-	(p43)	add		a8=a8,n8,1	};;
-{ .mmi;	(p0)	nop.m		0			// 21:
-	(p49)	add		t[1]=t[1],a8		//	(p17) t[1]+=a8
-	(p51)	add		t[1]=t[1],a8,1	}
-{ .mmi;	(p17)	mov		t[0]=r0
-	(p41)	cmp.ltu		p42,p40=a8,n8
-	(p43)	cmp.leu		p42,p40=a8,n8	};;
-{ .mmi;	(p0)	getf.sig	n8=ni7			// 22:
-	(p49)	cmp.ltu		p50,p48=t[1],a8
-	(p51)	cmp.leu		p50,p48=t[1],a8	}
-{ .mmi;	(p42)	add		t[0]=t[0],r0,1
-	(p0)	add		r16=-7*16,prevsp
-	(p0)	add		r17=-6*16,prevsp	};;
-
-// subtract np[8] from carrybit|tmp[8]
-// carrybit|tmp[8] layout upon exit from above loop is:
-//	t[0]|t[1]|t[2]|t[3]|t[4]|t[5]|t[6]|t[7]|t0 (least significant)
-{ .mmi;	(p50)add	t[0]=t[0],r0,1
-	add		r18=-5*16,prevsp
-	sub		n1=t0,n1	};;
-{ .mmi;	cmp.gtu		p34,p32=n1,t0;;
-	.pred.rel	"mutex",p32,p34
-	(p32)sub	n2=t[7],n2
-	(p34)sub	n2=t[7],n2,1	};;
-{ .mii;	(p32)cmp.gtu	p35,p33=n2,t[7]
-	(p34)cmp.geu	p35,p33=n2,t[7];;
-	.pred.rel	"mutex",p33,p35
-	(p33)sub	n3=t[6],n3	}
-{ .mmi;	(p35)sub	n3=t[6],n3,1;;
-	(p33)cmp.gtu	p34,p32=n3,t[6]
-	(p35)cmp.geu	p34,p32=n3,t[6]	};;
-	.pred.rel	"mutex",p32,p34
-{ .mii;	(p32)sub	n4=t[5],n4
-	(p34)sub	n4=t[5],n4,1;;
-	(p32)cmp.gtu	p35,p33=n4,t[5]	}
-{ .mmi;	(p34)cmp.geu	p35,p33=n4,t[5];;
-	.pred.rel	"mutex",p33,p35
-	(p33)sub	n5=t[4],n5
-	(p35)sub	n5=t[4],n5,1	};;
-{ .mii;	(p33)cmp.gtu	p34,p32=n5,t[4]
-	(p35)cmp.geu	p34,p32=n5,t[4];;
-	.pred.rel	"mutex",p32,p34
-	(p32)sub	n6=t[3],n6	}
-{ .mmi;	(p34)sub	n6=t[3],n6,1;;
-	(p32)cmp.gtu	p35,p33=n6,t[3]
-	(p34)cmp.geu	p35,p33=n6,t[3]	};;
-	.pred.rel	"mutex",p33,p35
-{ .mii;	(p33)sub	n7=t[2],n7
-	(p35)sub	n7=t[2],n7,1;;
-	(p33)cmp.gtu	p34,p32=n7,t[2]	}
-{ .mmi;	(p35)cmp.geu	p34,p32=n7,t[2];;
-	.pred.rel	"mutex",p32,p34
-	(p32)sub	n8=t[1],n8
-	(p34)sub	n8=t[1],n8,1	};;
-{ .mii;	(p32)cmp.gtu	p35,p33=n8,t[1]
-	(p34)cmp.geu	p35,p33=n8,t[1];;
-	.pred.rel	"mutex",p33,p35
-	(p33)sub	a8=t[0],r0	}
-{ .mmi;	(p35)sub	a8=t[0],r0,1;;
-	(p33)cmp.gtu	p34,p32=a8,t[0]
-	(p35)cmp.geu	p34,p32=a8,t[0]	};;
-
-// save the result, either tmp[num] or tmp[num]-np[num]
-	.pred.rel	"mutex",p32,p34
-{ .mmi;	(p32)st8	[rptr]=n1,8
-	(p34)st8	[rptr]=t0,8
-	add		r19=-4*16,prevsp};;
-{ .mmb;	(p32)st8	[rptr]=n2,8
-	(p34)st8	[rptr]=t[7],8
-	(p5)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n3,8
-	(p34)st8	[rptr]=t[6],8
-	(p7)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n4,8
-	(p34)st8	[rptr]=t[5],8
-	(p9)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n5,8
-	(p34)st8	[rptr]=t[4],8
-	(p11)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n6,8
-	(p34)st8	[rptr]=t[3],8
-	(p13)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n7,8
-	(p34)st8	[rptr]=t[2],8
-	(p15)br.cond.dpnt.few	.Ldone	};;
-{ .mmb;	(p32)st8	[rptr]=n8,8
-	(p34)st8	[rptr]=t[1],8
-	nop.b		0		};;
-.Ldone:						// epilogue
-{ .mmi;	ldf.fill	f16=[r16],64
-	ldf.fill	f17=[r17],64
-	nop.i		0		}
-{ .mmi;	ldf.fill	f18=[r18],64
-	ldf.fill	f19=[r19],64
-	mov		pr=prevpr,0x1ffff	};;
-{ .mmi;	ldf.fill	f20=[r16]
-	ldf.fill	f21=[r17]
-	mov		ar.lc=prevlc	}
-{ .mmi;	ldf.fill	f22=[r18]
-	ldf.fill	f23=[r19]
-	mov		ret0=1		}	// signal "handled"
-{ .mib;	rum		1<<5
-	.restore	sp
-	mov		sp=prevsp
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_mont_8#
-
-.type	copyright#,\@object
-copyright:
-stringz	"Montgomery multiplication for IA-64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$output=shift and open STDOUT,">$output";
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/ia64.S b/lib/libssl/src/crypto/bn/asm/ia64.S
deleted file mode 100644
index 0cf805ddc47..00000000000
--- a/lib/libssl/src/crypto/bn/asm/ia64.S
+++ /dev/null
@@ -1,1555 +0,0 @@
-.explicit
-.text
-.ident	"ia64.S, Version 2.1"
-.ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-//
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project.
-//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
-// ====================================================================
-//
-// Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is
-// different from Itanium to this module viewpoint. Most notably, is it
-// "wider" than Itanium? Can you experience loop scalability as
-// discussed in commentary sections? Not really:-( Itanium2 has 6
-// integer ALU ports, i.e. it's 2 ports wider, but it's not enough to
-// spin twice as fast, as I need 8 IALU ports. Amount of floating point
-// ports is the same, i.e. 2, while I need 4. In other words, to this
-// module Itanium2 remains effectively as "wide" as Itanium. Yet it's
-// essentially different in respect to this module, and a re-tune was
-// required. Well, because some intruction latencies has changed. Most
-// noticeably those intensively used:
-//
-//			Itanium	Itanium2
-//	ldf8		9	6		L2 hit
-//	ld8		2	1		L1 hit
-//	getf		2	5
-//	xma[->getf]	7[+1]	4[+0]
-//	add[->st8]	1[+1]	1[+0]
-//
-// What does it mean? You might ratiocinate that the original code
-// should run just faster... Because sum of latencies is smaller...
-// Wrong! Note that getf latency increased. This means that if a loop is
-// scheduled for lower latency (as they were), then it will suffer from
-// stall condition and the code will therefore turn anti-scalable, e.g.
-// original bn_mul_words spun at 5*n or 2.5 times slower than expected
-// on Itanium2! What to do? Reschedule loops for Itanium2? But then
-// Itanium would exhibit anti-scalability. So I've chosen to reschedule
-// for worst latency for every instruction aiming for best *all-round*
-// performance.  
-
-// Q.	How much faster does it get?
-// A.	Here is the output from 'openssl speed rsa dsa' for vanilla
-//	0.9.6a compiled with gcc version 2.96 20000731 (Red Hat
-//	Linux 7.1 2.96-81):
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0036s   0.0003s    275.3   2999.2
-//	rsa 1024 bits   0.0203s   0.0011s     49.3    894.1
-//	rsa 2048 bits   0.1331s   0.0040s      7.5    250.9
-//	rsa 4096 bits   0.9270s   0.0147s      1.1     68.1
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0035s   0.0043s    288.3    234.8
-//	dsa 1024 bits   0.0111s   0.0135s     90.0     74.2
-//
-//	And here is similar output but for this assembler
-//	implementation:-)
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0021s   0.0001s    549.4   9638.5
-//	rsa 1024 bits   0.0055s   0.0002s    183.8   4481.1
-//	rsa 2048 bits   0.0244s   0.0006s     41.4   1726.3
-//	rsa 4096 bits   0.1295s   0.0018s      7.7    561.5
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0012s   0.0013s    891.9    756.6
-//	dsa 1024 bits   0.0023s   0.0028s    440.4    376.2
-//	
-//	Yes, you may argue that it's not fair comparison as it's
-//	possible to craft the C implementation with BN_UMULT_HIGH
-//	inline assembler macro. But of course! Here is the output
-//	with the macro:
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0020s   0.0002s    495.0   6561.0
-//	rsa 1024 bits   0.0086s   0.0004s    116.2   2235.7
-//	rsa 2048 bits   0.0519s   0.0015s     19.3    667.3
-//	rsa 4096 bits   0.3464s   0.0053s      2.9    187.7
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0016s   0.0020s    613.1    510.5
-//	dsa 1024 bits   0.0045s   0.0054s    221.0    183.9
-//
-//	My code is still way faster, huh:-) And I believe that even
-//	higher performance can be achieved. Note that as keys get
-//	longer, performance gain is larger. Why? According to the
-//	profiler there is another player in the field, namely
-//	BN_from_montgomery consuming larger and larger portion of CPU
-//	time as keysize decreases. I therefore consider putting effort
-//	to assembler implementation of the following routine:
-//
-//	void bn_mul_add_mont (BN_ULONG *rp,BN_ULONG *np,int nl,BN_ULONG n0)
-//	{
-//	int      i,j;
-//	BN_ULONG v;
-//
-//	for (i=0; i<nl; i++)
-//		{
-//		v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
-//		nrp++;
-//		rp++;
-//		if (((nrp[-1]+=v)&BN_MASK2) < v)
-//			for (j=0; ((++nrp[j])&BN_MASK2) == 0; j++) ;
-//		}
-//	}
-//
-//	It might as well be beneficial to implement even combaX
-//	variants, as it appears as it can literally unleash the
-//	performance (see comment section to bn_mul_comba8 below).
-//
-//	And finally for your reference the output for 0.9.6a compiled
-//	with SGIcc version 0.01.0-12 (keep in mind that for the moment
-//	of this writing it's not possible to convince SGIcc to use
-//	BN_UMULT_HIGH inline assembler macro, yet the code is fast,
-//	i.e. for a compiler generated one:-):
-//
-//	                  sign    verify    sign/s verify/s
-//	rsa  512 bits   0.0022s   0.0002s    452.7   5894.3
-//	rsa 1024 bits   0.0097s   0.0005s    102.7   2002.9
-//	rsa 2048 bits   0.0578s   0.0017s     17.3    600.2
-//	rsa 4096 bits   0.3838s   0.0061s      2.6    164.5
-//	                  sign    verify    sign/s verify/s
-//	dsa  512 bits   0.0018s   0.0022s    547.3    459.6
-//	dsa 1024 bits   0.0051s   0.0062s    196.6    161.3
-//
-//	Oh! Benchmarks were performed on 733MHz Lion-class Itanium
-//	system running Redhat Linux 7.1 (very special thanks to Ray
-//	McCaffity of Williams Communications for providing an account).
-//
-// Q.	What's the heck with 'rum 1<<5' at the end of every function?
-// A.	Well, by clearing the "upper FP registers written" bit of the
-//	User Mask I want to excuse the kernel from preserving upper
-//	(f32-f128) FP register bank over process context switch, thus
-//	minimizing bus bandwidth consumption during the switch (i.e.
-//	after PKI opration completes and the program is off doing
-//	something else like bulk symmetric encryption). Having said
-//	this, I also want to point out that it might be good idea
-//	to compile the whole toolkit (as well as majority of the
-//	programs for that matter) with -mfixed-range=f32-f127 command
-//	line option. No, it doesn't prevent the compiler from writing
-//	to upper bank, but at least discourages to do so. If you don't
-//	like the idea you have the option to compile the module with
-//	-Drum=nop.m in command line.
-//
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-#define	ADDP	addp4
-#else
-#define	ADDP	add
-#endif
-
-#if 1
-//
-// bn_[add|sub]_words routines.
-//
-// Loops are spinning in 2*(n+5) ticks on Itanuim (provided that the
-// data reside in L1 cache, i.e. 2 ticks away). It's possible to
-// compress the epilogue and get down to 2*n+6, but at the cost of
-// scalability (the neat feature of this implementation is that it
-// shall automagically spin in n+5 on "wider" IA-64 implementations:-)
-// I consider that the epilogue is short enough as it is to trade tiny
-// performance loss on Itanium for scalability.
-//
-// BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
-//
-.global	bn_add_words#
-.proc	bn_add_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_add_words:
-	.prologue
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,4,12,0,16
-	cmp4.le		p6,p0=r35,r0	};;
-{ .mfb;	mov		r8=r0			// return value
-(p6)	br.ret.spnt.many	b0	};;
-
-{ .mib;	sub		r10=r35,r0,1
-	.save	ar.lc,r3
-	mov		r3=ar.lc
-	brp.loop.imp	.L_bn_add_words_ctop,.L_bn_add_words_cend-16
-					}
-{ .mib;	ADDP		r14=0,r32		// rp
-	.save	pr,r9
-	mov		r9=pr		};;
-	.body
-{ .mii;	ADDP		r15=0,r33		// ap
-	mov		ar.lc=r10
-	mov		ar.ec=6		}
-{ .mib;	ADDP		r16=0,r34		// bp
-	mov		pr.rot=1<<16	};;
-
-.L_bn_add_words_ctop:
-{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
-	(p18)	add		r39=r37,r34
-	(p19)	cmp.ltu.unc	p56,p0=r40,r38	}
-{ .mfb;	(p0)	nop.m		0x0
-	(p0)	nop.f		0x0
-	(p0)	nop.b		0x0		}
-{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
-	(p58)	cmp.eq.or	p57,p0=-1,r41	  // (p20)
-	(p58)	add		r41=1,r41	} // (p20)
-{ .mfb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
-	(p0)	nop.f		0x0
-	br.ctop.sptk	.L_bn_add_words_ctop	};;
-.L_bn_add_words_cend:
-
-{ .mii;
-(p59)	add		r8=1,r8		// return value
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mbb;	nop.b		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_add_words#
-
-//
-// BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
-//
-.global	bn_sub_words#
-.proc	bn_sub_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_sub_words:
-	.prologue
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,4,12,0,16
-	cmp4.le		p6,p0=r35,r0	};;
-{ .mfb;	mov		r8=r0			// return value
-(p6)	br.ret.spnt.many	b0	};;
-
-{ .mib;	sub		r10=r35,r0,1
-	.save	ar.lc,r3
-	mov		r3=ar.lc
-	brp.loop.imp	.L_bn_sub_words_ctop,.L_bn_sub_words_cend-16
-					}
-{ .mib;	ADDP		r14=0,r32		// rp
-	.save	pr,r9
-	mov		r9=pr		};;
-	.body
-{ .mii;	ADDP		r15=0,r33		// ap
-	mov		ar.lc=r10
-	mov		ar.ec=6		}
-{ .mib;	ADDP		r16=0,r34		// bp
-	mov		pr.rot=1<<16	};;
-
-.L_bn_sub_words_ctop:
-{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
-	(p18)	sub		r39=r37,r34
-	(p19)	cmp.gtu.unc	p56,p0=r40,r38	}
-{ .mfb;	(p0)	nop.m		0x0
-	(p0)	nop.f		0x0
-	(p0)	nop.b		0x0		}
-{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
-	(p58)	cmp.eq.or	p57,p0=0,r41	  // (p20)
-	(p58)	add		r41=-1,r41	} // (p20)
-{ .mbb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
-	(p0)	nop.b		0x0
-	br.ctop.sptk	.L_bn_sub_words_ctop	};;
-.L_bn_sub_words_cend:
-
-{ .mii;
-(p59)	add		r8=1,r8		// return value
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mbb;	nop.b		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_sub_words#
-#endif
-
-#if 0
-#define XMA_TEMPTATION
-#endif
-
-#if 1
-//
-// BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-//
-.global	bn_mul_words#
-.proc	bn_mul_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary
-bn_mul_words:
-	.prologue
-	.save	ar.pfs,r2
-#ifdef XMA_TEMPTATION
-{ .mfi;	alloc		r2=ar.pfs,4,0,0,0	};;
-#else
-{ .mfi;	alloc		r2=ar.pfs,4,12,0,16	};;
-#endif
-{ .mib;	mov		r8=r0			// return value
-	cmp4.le		p6,p0=r34,r0
-(p6)	br.ret.spnt.many	b0		};;
-
-{ .mii;	sub	r10=r34,r0,1
-	.save	ar.lc,r3
-	mov	r3=ar.lc
-	.save	pr,r9
-	mov	r9=pr			};;
-
-	.body
-{ .mib;	setf.sig	f8=r35	// w
-	mov		pr.rot=0x800001<<16
-			// ------^----- serves as (p50) at first (p27)
-	brp.loop.imp	.L_bn_mul_words_ctop,.L_bn_mul_words_cend-16
-					}
-
-#ifndef XMA_TEMPTATION
-
-{ .mmi;	ADDP		r14=0,r32	// rp
-	ADDP		r15=0,r33	// ap
-	mov		ar.lc=r10	}
-{ .mmi;	mov		r40=0		// serves as r35 at first (p27)
-	mov		ar.ec=13	};;
-
-// This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium
-// L2 cache (i.e. 9 ticks away) as floating point load/store instructions
-// bypass L1 cache and L2 latency is actually best-case scenario for
-// ldf8. The loop is not scalable and shall run in 2*(n+12) even on
-// "wider" IA-64 implementations. It's a trade-off here. n+24 loop
-// would give us ~5% in *overall* performance improvement on "wider"
-// IA-64, but would hurt Itanium for about same because of longer
-// epilogue. As it's a matter of few percents in either case I've
-// chosen to trade the scalability for development time (you can see
-// this very instruction sequence in bn_mul_add_words loop which in
-// turn is scalable).
-.L_bn_mul_words_ctop:
-{ .mfi;	(p25)	getf.sig	r36=f52			// low
-	(p21)	xmpy.lu		f48=f37,f8
-	(p28)	cmp.ltu		p54,p50=r41,r39	}
-{ .mfi;	(p16)	ldf8		f32=[r15],8
-	(p21)	xmpy.hu		f40=f37,f8
-	(p0)	nop.i		0x0		};;
-{ .mii;	(p25)	getf.sig	r32=f44			// high
-	.pred.rel	"mutex",p50,p54
-	(p50)	add		r40=r38,r35		// (p27)
-	(p54)	add		r40=r38,r35,1	}	// (p27)
-{ .mfb;	(p28)	st8		[r14]=r41,8
-	(p0)	nop.f		0x0
-	br.ctop.sptk	.L_bn_mul_words_ctop	};;
-.L_bn_mul_words_cend:
-
-{ .mii;	nop.m		0x0
-.pred.rel	"mutex",p51,p55
-(p51)	add		r8=r36,r0
-(p55)	add		r8=r36,r0,1	}
-{ .mfb;	nop.m	0x0
-	nop.f	0x0
-	nop.b	0x0			}
-
-#else	// XMA_TEMPTATION
-
-	setf.sig	f37=r0	// serves as carry at (p18) tick
-	mov		ar.lc=r10
-	mov		ar.ec=5;;
-
-// Most of you examining this code very likely wonder why in the name
-// of Intel the following loop is commented out? Indeed, it looks so
-// neat that you find it hard to believe that it's something wrong
-// with it, right? The catch is that every iteration depends on the
-// result from previous one and the latter isn't available instantly.
-// The loop therefore spins at the latency of xma minus 1, or in other
-// words at 6*(n+4) ticks:-( Compare to the "production" loop above
-// that runs in 2*(n+11) where the low latency problem is worked around
-// by moving the dependency to one-tick latent interger ALU. Note that
-// "distance" between ldf8 and xma is not latency of ldf8, but the
-// *difference* between xma and ldf8 latencies.
-.L_bn_mul_words_ctop:
-{ .mfi;	(p16)	ldf8		f32=[r33],8
-	(p18)	xma.hu		f38=f34,f8,f39	}
-{ .mfb;	(p20)	stf8		[r32]=f37,8
-	(p18)	xma.lu		f35=f34,f8,f39
-	br.ctop.sptk	.L_bn_mul_words_ctop	};;
-.L_bn_mul_words_cend:
-
-	getf.sig	r8=f41		// the return value
-
-#endif	// XMA_TEMPTATION
-
-{ .mii;	nop.m		0x0
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mfb;	rum		1<<5		// clear um.mfh
-	nop.f		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_words#
-#endif
-
-#if 1
-//
-// BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-//
-.global	bn_mul_add_words#
-.proc	bn_mul_add_words#
-.align	64
-.skip	48	// makes the loop body aligned at 64-byte boundary
-bn_mul_add_words:
-	.prologue
-	.save	ar.pfs,r2
-{ .mmi;	alloc		r2=ar.pfs,4,4,0,8
-	cmp4.le		p6,p0=r34,r0
-	.save	ar.lc,r3
-	mov		r3=ar.lc	};;
-{ .mib;	mov		r8=r0		// return value
-	sub		r10=r34,r0,1
-(p6)	br.ret.spnt.many	b0	};;
-
-{ .mib;	setf.sig	f8=r35		// w
-	.save	pr,r9
-	mov		r9=pr
-	brp.loop.imp	.L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16
-					}
-	.body
-{ .mmi;	ADDP		r14=0,r32	// rp
-	ADDP		r15=0,r33	// ap
-	mov		ar.lc=r10	}
-{ .mii;	ADDP		r16=0,r32	// rp copy
-	mov		pr.rot=0x2001<<16
-			// ------^----- serves as (p40) at first (p27)
-	mov		ar.ec=11	};;
-
-// This loop spins in 3*(n+10) ticks on Itanium and in 2*(n+10) on
-// Itanium 2. Yes, unlike previous versions it scales:-) Previous
-// version was performing *all* additions in IALU and was starving
-// for those even on Itanium 2. In this version one addition is
-// moved to FPU and is folded with multiplication. This is at cost
-// of propogating the result from previous call to this subroutine
-// to L2 cache... In other words negligible even for shorter keys.
-// *Overall* performance improvement [over previous version] varies
-// from 11 to 22 percent depending on key length.
-.L_bn_mul_add_words_ctop:
-.pred.rel	"mutex",p40,p42
-{ .mfi;	(p23)	getf.sig	r36=f45			// low
-	(p20)	xma.lu		f42=f36,f8,f50		// low
-	(p40)	add		r39=r39,r35	}	// (p27)
-{ .mfi;	(p16)	ldf8		f32=[r15],8		// *(ap++)
-	(p20)	xma.hu		f36=f36,f8,f50		// high
-	(p42)	add		r39=r39,r35,1	};;	// (p27)
-{ .mmi;	(p24)	getf.sig	r32=f40			// high
-	(p16)	ldf8		f46=[r16],8		// *(rp1++)
-	(p40)	cmp.ltu		p41,p39=r39,r35	}	// (p27)
-{ .mib;	(p26)	st8		[r14]=r39,8		// *(rp2++)
-	(p42)	cmp.leu		p41,p39=r39,r35		// (p27)
-	br.ctop.sptk	.L_bn_mul_add_words_ctop};;
-.L_bn_mul_add_words_cend:
-
-{ .mmi;	.pred.rel	"mutex",p40,p42
-(p40)	add		r8=r35,r0
-(p42)	add		r8=r35,r0,1
-	mov		pr=r9,0x1ffff	}
-{ .mib;	rum		1<<5		// clear um.mfh
-	mov		ar.lc=r3
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_add_words#
-#endif
-
-#if 1
-//
-// void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-//
-.global	bn_sqr_words#
-.proc	bn_sqr_words#
-.align	64
-.skip	32	// makes the loop body aligned at 64-byte boundary 
-bn_sqr_words:
-	.prologue
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,3,0,0,0
-	sxt4		r34=r34		};;
-{ .mii;	cmp.le		p6,p0=r34,r0
-	mov		r8=r0		}	// return value
-{ .mfb;	ADDP		r32=0,r32
-	nop.f		0x0
-(p6)	br.ret.spnt.many	b0	};;
-
-{ .mii;	sub	r10=r34,r0,1
-	.save	ar.lc,r3
-	mov	r3=ar.lc
-	.save	pr,r9
-	mov	r9=pr			};;
-
-	.body
-{ .mib;	ADDP		r33=0,r33
-	mov		pr.rot=1<<16
-	brp.loop.imp	.L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16
-					}
-{ .mii;	add		r34=8,r32
-	mov		ar.lc=r10
-	mov		ar.ec=18	};;
-
-// 2*(n+17) on Itanium, (n+17) on "wider" IA-64 implementations. It's
-// possible to compress the epilogue (I'm getting tired to write this
-// comment over and over) and get down to 2*n+16 at the cost of
-// scalability. The decision will very likely be reconsidered after the
-// benchmark program is profiled. I.e. if performance gain on Itanium
-// will appear larger than loss on "wider" IA-64, then the loop should
-// be explicitely split and the epilogue compressed.
-.L_bn_sqr_words_ctop:
-{ .mfi;	(p16)	ldf8		f32=[r33],8
-	(p25)	xmpy.lu		f42=f41,f41
-	(p0)	nop.i		0x0		}
-{ .mib;	(p33)	stf8		[r32]=f50,16
-	(p0)	nop.i		0x0
-	(p0)	nop.b		0x0		}
-{ .mfi;	(p0)	nop.m		0x0
-	(p25)	xmpy.hu		f52=f41,f41
-	(p0)	nop.i		0x0		}
-{ .mib;	(p33)	stf8		[r34]=f60,16
-	(p0)	nop.i		0x0
-	br.ctop.sptk	.L_bn_sqr_words_ctop	};;
-.L_bn_sqr_words_cend:
-
-{ .mii;	nop.m		0x0
-	mov		pr=r9,0x1ffff
-	mov		ar.lc=r3	}
-{ .mfb;	rum		1<<5		// clear um.mfh
-	nop.f		0x0
-	br.ret.sptk.many	b0	};;
-.endp	bn_sqr_words#
-#endif
-
-#if 1
-// Apparently we win nothing by implementing special bn_sqr_comba8.
-// Yes, it is possible to reduce the number of multiplications by
-// almost factor of two, but then the amount of additions would
-// increase by factor of two (as we would have to perform those
-// otherwise performed by xma ourselves). Normally we would trade
-// anyway as multiplications are way more expensive, but not this
-// time... Multiplication kernel is fully pipelined and as we drain
-// one 128-bit multiplication result per clock cycle multiplications
-// are effectively as inexpensive as additions. Special implementation
-// might become of interest for "wider" IA-64 implementation as you'll
-// be able to get through the multiplication phase faster (there won't
-// be any stall issues as discussed in the commentary section below and
-// you therefore will be able to employ all 4 FP units)... But these
-// Itanium days it's simply too hard to justify the effort so I just
-// drop down to bn_mul_comba8 code:-)
-//
-// void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-//
-.global	bn_sqr_comba8#
-.proc	bn_sqr_comba8#
-.align	64
-bn_sqr_comba8:
-	.prologue
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-	addp4	r33=0,r33
-	addp4	r32=0,r32		};;
-{ .mii;
-#else
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-#endif
-	mov	r34=r33
-	add	r14=8,r33		};;
-	.body
-{ .mii;	add	r17=8,r34
-	add	r15=16,r33
-	add	r18=16,r34		}
-{ .mfb;	add	r16=24,r33
-	br	.L_cheat_entry_point8	};;
-.endp	bn_sqr_comba8#
-#endif
-
-#if 1
-// I've estimated this routine to run in ~120 ticks, but in reality
-// (i.e. according to ar.itc) it takes ~160 ticks. Are those extra
-// cycles consumed for instructions fetch? Or did I misinterpret some
-// clause in Itanium �-architecture manual? Comments are welcomed and
-// highly appreciated.
-//
-// On Itanium 2 it takes ~190 ticks. This is because of stalls on
-// result from getf.sig. I do nothing about it at this point for
-// reasons depicted below.
-//
-// However! It should be noted that even 160 ticks is darn good result
-// as it's over 10 (yes, ten, spelled as t-e-n) times faster than the
-// C version (compiled with gcc with inline assembler). I really
-// kicked compiler's butt here, didn't I? Yeah! This brings us to the
-// following statement. It's damn shame that this routine isn't called
-// very often nowadays! According to the profiler most CPU time is
-// consumed by bn_mul_add_words called from BN_from_montgomery. In
-// order to estimate what we're missing, I've compared the performance
-// of this routine against "traditional" implementation, i.e. against
-// following routine:
-//
-// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-// {	r[ 8]=bn_mul_words(    &(r[0]),a,8,b[0]);
-//	r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
-//	r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
-//	r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
-//	r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
-//	r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
-//	r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
-//	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
-// }
-//
-// The one below is over 8 times faster than the one above:-( Even
-// more reasons to "combafy" bn_mul_add_mont...
-//
-// And yes, this routine really made me wish there were an optimizing
-// assembler! It also feels like it deserves a dedication.
-//
-//	To my wife for being there and to my kids...
-//
-// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-//
-#define	carry1	r14
-#define	carry2	r15
-#define	carry3	r34
-.global	bn_mul_comba8#
-.proc	bn_mul_comba8#
-.align	64
-bn_mul_comba8:
-	.prologue
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-{ .mii;	alloc	r2=ar.pfs,3,0,0,0
-	addp4	r33=0,r33
-	addp4	r34=0,r34		};;
-{ .mii;	addp4	r32=0,r32
-#else
-{ .mii;	alloc   r2=ar.pfs,3,0,0,0
-#endif
-	add	r14=8,r33
-	add	r17=8,r34		}
-	.body
-{ .mii;	add	r15=16,r33
-	add	r18=16,r34
-	add	r16=24,r33		}
-.L_cheat_entry_point8:
-{ .mmi;	add	r19=24,r34
-
-	ldf8	f32=[r33],32		};;
-
-{ .mmi;	ldf8	f120=[r34],32
-	ldf8	f121=[r17],32		}
-{ .mmi;	ldf8	f122=[r18],32
-	ldf8	f123=[r19],32		};;
-{ .mmi;	ldf8	f124=[r34]
-	ldf8	f125=[r17]		}
-{ .mmi;	ldf8	f126=[r18]
-	ldf8	f127=[r19]		}
-
-{ .mmi;	ldf8	f33=[r14],32
-	ldf8	f34=[r15],32		}
-{ .mmi;	ldf8	f35=[r16],32;;
-	ldf8	f36=[r33]		}
-{ .mmi;	ldf8	f37=[r14]
-	ldf8	f38=[r15]		}
-{ .mfi;	ldf8	f39=[r16]
-// -------\ Entering multiplier's heaven /-------
-// ------------\                    /------------
-// -----------------\          /-----------------
-// ----------------------\/----------------------
-		xma.hu	f41=f32,f120,f0		}
-{ .mfi;		xma.lu	f40=f32,f120,f0		};; // (*)
-{ .mfi;		xma.hu	f51=f32,f121,f0		}
-{ .mfi;		xma.lu	f50=f32,f121,f0		};;
-{ .mfi;		xma.hu	f61=f32,f122,f0		}
-{ .mfi;		xma.lu	f60=f32,f122,f0		};;
-{ .mfi;		xma.hu	f71=f32,f123,f0		}
-{ .mfi;		xma.lu	f70=f32,f123,f0		};;
-{ .mfi;		xma.hu	f81=f32,f124,f0		}
-{ .mfi;		xma.lu	f80=f32,f124,f0		};;
-{ .mfi;		xma.hu	f91=f32,f125,f0		}
-{ .mfi;		xma.lu	f90=f32,f125,f0		};;
-{ .mfi;		xma.hu	f101=f32,f126,f0	}
-{ .mfi;		xma.lu	f100=f32,f126,f0	};;
-{ .mfi;		xma.hu	f111=f32,f127,f0	}
-{ .mfi;		xma.lu	f110=f32,f127,f0	};;//
-// (*)	You can argue that splitting at every second bundle would
-//	prevent "wider" IA-64 implementations from achieving the peak
-//	performance. Well, not really... The catch is that if you
-//	intend to keep 4 FP units busy by splitting at every fourth
-//	bundle and thus perform these 16 multiplications in 4 ticks,
-//	the first bundle *below* would stall because the result from
-//	the first xma bundle *above* won't be available for another 3
-//	ticks (if not more, being an optimist, I assume that "wider"
-//	implementation will have same latency:-). This stall will hold
-//	you back and the performance would be as if every second bundle
-//	were split *anyway*...
-{ .mfi;	getf.sig	r16=f40
-		xma.hu	f42=f33,f120,f41
-	add		r33=8,r32		}
-{ .mfi;		xma.lu	f41=f33,f120,f41	};;
-{ .mfi;	getf.sig	r24=f50
-		xma.hu	f52=f33,f121,f51	}
-{ .mfi;		xma.lu	f51=f33,f121,f51	};;
-{ .mfi;	st8		[r32]=r16,16
-		xma.hu	f62=f33,f122,f61	}
-{ .mfi;		xma.lu	f61=f33,f122,f61	};;
-{ .mfi;		xma.hu	f72=f33,f123,f71	}
-{ .mfi;		xma.lu	f71=f33,f123,f71	};;
-{ .mfi;		xma.hu	f82=f33,f124,f81	}
-{ .mfi;		xma.lu	f81=f33,f124,f81	};;
-{ .mfi;		xma.hu	f92=f33,f125,f91	}
-{ .mfi;		xma.lu	f91=f33,f125,f91	};;
-{ .mfi;		xma.hu	f102=f33,f126,f101	}
-{ .mfi;		xma.lu	f101=f33,f126,f101	};;
-{ .mfi;		xma.hu	f112=f33,f127,f111	}
-{ .mfi;		xma.lu	f111=f33,f127,f111	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r25=f41
-		xma.hu	f43=f34,f120,f42	}
-{ .mfi;		xma.lu	f42=f34,f120,f42	};;
-{ .mfi;	getf.sig	r16=f60
-		xma.hu	f53=f34,f121,f52	}
-{ .mfi;		xma.lu	f52=f34,f121,f52	};;
-{ .mfi;	getf.sig	r17=f51
-		xma.hu	f63=f34,f122,f62
-	add		r25=r25,r24		}
-{ .mfi;		xma.lu	f62=f34,f122,f62
-	mov		carry1=0		};;
-{ .mfi;	cmp.ltu		p6,p0=r25,r24
-		xma.hu	f73=f34,f123,f72	}
-{ .mfi;		xma.lu	f72=f34,f123,f72	};;
-{ .mfi;	st8		[r33]=r25,16
-		xma.hu	f83=f34,f124,f82
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f82=f34,f124,f82	};;
-{ .mfi;		xma.hu	f93=f34,f125,f92	}
-{ .mfi;		xma.lu	f92=f34,f125,f92	};;
-{ .mfi;		xma.hu	f103=f34,f126,f102	}
-{ .mfi;		xma.lu	f102=f34,f126,f102	};;
-{ .mfi;		xma.hu	f113=f34,f127,f112	}
-{ .mfi;		xma.lu	f112=f34,f127,f112	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r18=f42
-		xma.hu	f44=f35,f120,f43
-	add		r17=r17,r16		}
-{ .mfi;		xma.lu	f43=f35,f120,f43	};;
-{ .mfi;	getf.sig	r24=f70
-		xma.hu	f54=f35,f121,f53	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f53=f35,f121,f53	};;
-{ .mfi;	getf.sig	r25=f61
-		xma.hu	f64=f35,f122,f63
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;	add		r18=r18,r17
-		xma.lu	f63=f35,f122,f63	};;
-{ .mfi;	getf.sig	r26=f52
-		xma.hu	f74=f35,f123,f73
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f73=f35,f123,f73
-	add		r18=r18,carry1		};;
-{ .mfi;
-		xma.hu	f84=f35,f124,f83
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,carry1
-		xma.lu	f83=f35,f124,f83	};;
-{ .mfi;	st8		[r32]=r18,16
-		xma.hu	f94=f35,f125,f93
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f93=f35,f125,f93	};;
-{ .mfi;		xma.hu	f104=f35,f126,f103	}
-{ .mfi;		xma.lu	f103=f35,f126,f103	};;
-{ .mfi;		xma.hu	f114=f35,f127,f113	}
-{ .mfi;	mov		carry1=0
-		xma.lu	f113=f35,f127,f113
-	add		r25=r25,r24		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r27=f43
-		xma.hu	f45=f36,f120,f44
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f44=f36,f120,f44	
-	add		r26=r26,r25		};;
-{ .mfi;	getf.sig	r16=f80
-		xma.hu	f55=f36,f121,f54
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f54=f36,f121,f54	};;
-{ .mfi;	getf.sig	r17=f71
-		xma.hu	f65=f36,f122,f64
-	cmp.ltu		p6,p0=r26,r25		}
-{ .mfi;		xma.lu	f64=f36,f122,f64
-	add		r27=r27,r26		};;
-{ .mfi;	getf.sig	r18=f62
-		xma.hu	f75=f36,f123,f74
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r27,r26
-		xma.lu	f74=f36,f123,f74
-	add		r27=r27,carry2		};;
-{ .mfi;	getf.sig	r19=f53
-		xma.hu	f85=f36,f124,f84
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f84=f36,f124,f84
-	cmp.ltu		p6,p0=r27,carry2	};;
-{ .mfi;	st8		[r33]=r27,16
-		xma.hu	f95=f36,f125,f94
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f94=f36,f125,f94	};;
-{ .mfi;		xma.hu	f105=f36,f126,f104	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f104=f36,f126,f104
-	add		r17=r17,r16		};;
-{ .mfi;		xma.hu	f115=f36,f127,f114
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f114=f36,f127,f114
-	add		r18=r18,r17		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r20=f44
-		xma.hu	f46=f37,f120,f45
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f45=f37,f120,f45
-	add		r19=r19,r18		};;
-{ .mfi;	getf.sig	r24=f90
-		xma.hu	f56=f37,f121,f55	}
-{ .mfi;		xma.lu	f55=f37,f121,f55	};;
-{ .mfi;	getf.sig	r25=f81
-		xma.hu	f66=f37,f122,f65
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r19,r18
-		xma.lu	f65=f37,f122,f65
-	add		r20=r20,r19		};;
-{ .mfi;	getf.sig	r26=f72
-		xma.hu	f76=f37,f123,f75
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r20,r19
-		xma.lu	f75=f37,f123,f75
-	add		r20=r20,carry1		};;
-{ .mfi;	getf.sig	r27=f63
-		xma.hu	f86=f37,f124,f85
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f85=f37,f124,f85
-	cmp.ltu		p7,p0=r20,carry1	};;
-{ .mfi;	getf.sig	r28=f54
-		xma.hu	f96=f37,f125,f95
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	st8		[r32]=r20,16
-		xma.lu	f95=f37,f125,f95	};;
-{ .mfi;		xma.hu	f106=f37,f126,f105	}
-{ .mfi;	mov		carry1=0
-		xma.lu	f105=f37,f126,f105
-	add		r25=r25,r24		};;
-{ .mfi;		xma.hu	f116=f37,f127,f115
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f115=f37,f127,f115
-	add		r26=r26,r25		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r29=f45
-		xma.hu	f47=f38,f120,f46
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r26,r25
-		xma.lu	f46=f38,f120,f46
-	add		r27=r27,r26		};;
-{ .mfi;	getf.sig	r16=f100
-		xma.hu	f57=f38,f121,f56
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r27,r26
-		xma.lu	f56=f38,f121,f56
-	add		r28=r28,r27		};;
-{ .mfi;	getf.sig	r17=f91
-		xma.hu	f67=f38,f122,f66
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r28,r27
-		xma.lu	f66=f38,f122,f66
-	add		r29=r29,r28		};;
-{ .mfi;	getf.sig	r18=f82
-		xma.hu	f77=f38,f123,f76
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	cmp.ltu		p6,p0=r29,r28
-		xma.lu	f76=f38,f123,f76
-	add		r29=r29,carry2		};;
-{ .mfi;	getf.sig	r19=f73
-		xma.hu	f87=f38,f124,f86
-(p6)	add		carry1=1,carry1		}
-{ .mfi;		xma.lu	f86=f38,f124,f86
-	cmp.ltu		p6,p0=r29,carry2	};;
-{ .mfi;	getf.sig	r20=f64
-		xma.hu	f97=f38,f125,f96
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	st8		[r33]=r29,16
-		xma.lu	f96=f38,f125,f96	};;
-{ .mfi;	getf.sig	r21=f55
-		xma.hu	f107=f38,f126,f106	}
-{ .mfi;	mov		carry2=0
-		xma.lu	f106=f38,f126,f106
-	add		r17=r17,r16		};;
-{ .mfi;		xma.hu	f117=f38,f127,f116
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f116=f38,f127,f116
-	add		r18=r18,r17		};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r22=f46
-		xma.hu	f48=f39,f120,f47
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r18,r17
-		xma.lu	f47=f39,f120,f47
-	add		r19=r19,r18		};;
-{ .mfi;	getf.sig	r24=f110
-		xma.hu	f58=f39,f121,f57
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r19,r18
-		xma.lu	f57=f39,f121,f57
-	add		r20=r20,r19		};;
-{ .mfi;	getf.sig	r25=f101
-		xma.hu	f68=f39,f122,f67
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r20,r19
-		xma.lu	f67=f39,f122,f67
-	add		r21=r21,r20		};;
-{ .mfi;	getf.sig	r26=f92
-		xma.hu	f78=f39,f123,f77
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r21,r20
-		xma.lu	f77=f39,f123,f77
-	add		r22=r22,r21		};;
-{ .mfi;	getf.sig	r27=f83
-		xma.hu	f88=f39,f124,f87
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	cmp.ltu		p7,p0=r22,r21
-		xma.lu	f87=f39,f124,f87
-	add		r22=r22,carry1		};;
-{ .mfi;	getf.sig	r28=f74
-		xma.hu	f98=f39,f125,f97
-(p7)	add		carry2=1,carry2		}
-{ .mfi;		xma.lu	f97=f39,f125,f97
-	cmp.ltu		p7,p0=r22,carry1	};;
-{ .mfi;	getf.sig	r29=f65
-		xma.hu	f108=f39,f126,f107
-(p7)	add		carry2=1,carry2		}
-{ .mfi;	st8		[r32]=r22,16
-		xma.lu	f107=f39,f126,f107	};;
-{ .mfi;	getf.sig	r30=f56
-		xma.hu	f118=f39,f127,f117	}
-{ .mfi;		xma.lu	f117=f39,f127,f117	};;//
-//-------------------------------------------------//
-// Leaving muliplier's heaven... Quite a ride, huh?
-
-{ .mii;	getf.sig	r31=f47
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r16=f111
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r17=f102	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mii;		getf.sig	r18=f93
-		add		r17=r17,r16
-		mov		carry3=0	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r29=r29,r28		};;
-{ .mii;		getf.sig	r19=f84
-		cmp.ltu		p7,p0=r17,r16	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r29,r28
-	add		r30=r30,r29		};;
-{ .mii;		getf.sig	r20=f75
-		add		r18=r18,r17	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,r29
-	add		r31=r31,r30		};;
-{ .mfb;		getf.sig	r21=f66		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	}
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r31,r30
-	add		r31=r31,carry2		};;
-{ .mfb;		getf.sig	r22=f57		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r19,r18
-		add		r20=r20,r19	}
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r31,carry2	};;
-{ .mfb;		getf.sig	r23=f48		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r20,r19
-		add		r21=r21,r20	}
-{ .mii;
-(p6)	add		carry1=1,carry1		}
-{ .mfb;	st8		[r33]=r31,16		};;
-
-{ .mfb;	getf.sig	r24=f112		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r21,r20
-		add		r22=r22,r21	};;
-{ .mfb;	getf.sig	r25=f103		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r22,r21
-		add		r23=r23,r22	};;
-{ .mfb;	getf.sig	r26=f94			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r23,r22
-		add		r23=r23,carry1	};;
-{ .mfb;	getf.sig	r27=f85			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p8=r23,carry1};;
-{ .mii;	getf.sig	r28=f76
-	add		r25=r25,r24
-	mov		carry1=0		}
-{ .mii;		st8		[r32]=r23,16
-	(p7)	add		carry2=1,carry3
-	(p8)	add		carry2=0,carry3	};;
-
-{ .mfb;	nop.m	0x0				}
-{ .mii;	getf.sig	r29=f67
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;	getf.sig	r30=f58			}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;		getf.sig	r16=f113	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mfb;		getf.sig	r17=f104	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r29=r29,r28		};;
-{ .mfb;		getf.sig	r18=f95		}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r29,r28
-	add		r30=r30,r29		};;
-{ .mii;		getf.sig	r19=f86
-		add		r17=r17,r16
-		mov		carry3=0	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,r29
-	add		r30=r30,carry2		};;
-{ .mii;		getf.sig	r20=f77
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r30,carry2	};;
-{ .mfb;		getf.sig	r21=f68		}
-{ .mii;	st8		[r33]=r30,16
-(p6)	add		carry1=1,carry1		};;
-
-{ .mfb;	getf.sig	r24=f114		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mfb;	getf.sig	r25=f105		}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r19,r18
-		add		r20=r20,r19	};;
-{ .mfb;	getf.sig	r26=f96			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r20,r19
-		add		r21=r21,r20	};;
-{ .mfb;	getf.sig	r27=f87			}
-{ .mii;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p0=r21,r20
-		add		r21=r21,carry1	};;
-{ .mib;	getf.sig	r28=f78			
-	add		r25=r25,r24		}
-{ .mib;	(p7)	add		carry3=1,carry3
-		cmp.ltu		p7,p8=r21,carry1};;
-{ .mii;		st8		[r32]=r21,16
-	(p7)	add		carry2=1,carry3
-	(p8)	add		carry2=0,carry3	}
-
-{ .mii;	mov		carry1=0
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r16=f115	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mfb;		getf.sig	r17=f106	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r28=r28,r27		};;
-{ .mfb;		getf.sig	r18=f97		}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,r27
-	add		r28=r28,carry2		};;
-{ .mib;		getf.sig	r19=f88
-		add		r17=r17,r16	}
-{ .mib;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r28,carry2	};;
-{ .mii;	st8		[r33]=r28,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;		mov		carry2=0
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	};;
-{ .mfb;	getf.sig	r24=f116		}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mfb;	getf.sig	r25=f107		}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,r18
-		add		r19=r19,carry1	};;
-{ .mfb;	getf.sig	r26=f98			}
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,carry1};;
-{ .mii;		st8		[r32]=r19,16
-	(p7)	add		carry2=1,carry2	}
-
-{ .mfb;	add		r25=r25,r24		};;
-
-{ .mfb;		getf.sig	r16=f117	}
-{ .mii;	mov		carry1=0
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mfb;		getf.sig	r17=f108	}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r26=r26,carry2		};;
-{ .mfb;	nop.m	0x0				}
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,carry2	};;
-{ .mii;	st8		[r33]=r26,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mfb;		add		r17=r17,r16	};;
-{ .mfb;	getf.sig	r24=f118		}
-{ .mii;		mov		carry2=0
-		cmp.ltu		p7,p0=r17,r16
-		add		r17=r17,carry1	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r17,carry1};;
-{ .mii;		st8		[r32]=r17
-	(p7)	add		carry2=1,carry2	};;
-{ .mfb;	add		r24=r24,carry2		};;
-{ .mib;	st8		[r33]=r24		}
-
-{ .mib;	rum		1<<5		// clear um.mfh
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_comba8#
-#undef	carry3
-#undef	carry2
-#undef	carry1
-#endif
-
-#if 1
-// It's possible to make it faster (see comment to bn_sqr_comba8), but
-// I reckon it doesn't worth the effort. Basically because the routine
-// (actually both of them) practically never called... So I just play
-// same trick as with bn_sqr_comba8.
-//
-// void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-//
-.global	bn_sqr_comba4#
-.proc	bn_sqr_comba4#
-.align	64
-bn_sqr_comba4:
-	.prologue
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-{ .mii;	alloc   r2=ar.pfs,2,1,0,0
-	addp4	r32=0,r32
-	addp4	r33=0,r33		};;
-{ .mii;
-#else
-{ .mii;	alloc	r2=ar.pfs,2,1,0,0
-#endif
-	mov	r34=r33
-	add	r14=8,r33		};;
-	.body
-{ .mii;	add	r17=8,r34
-	add	r15=16,r33
-	add	r18=16,r34		}
-{ .mfb;	add	r16=24,r33
-	br	.L_cheat_entry_point4	};;
-.endp	bn_sqr_comba4#
-#endif
-
-#if 1
-// Runs in ~115 cycles and ~4.5 times faster than C. Well, whatever...
-//
-// void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-//
-#define	carry1	r14
-#define	carry2	r15
-.global	bn_mul_comba4#
-.proc	bn_mul_comba4#
-.align	64
-bn_mul_comba4:
-	.prologue
-	.save	ar.pfs,r2
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-{ .mii;	alloc   r2=ar.pfs,3,0,0,0
-	addp4	r33=0,r33
-	addp4	r34=0,r34		};;
-{ .mii;	addp4	r32=0,r32
-#else
-{ .mii;	alloc	r2=ar.pfs,3,0,0,0
-#endif
-	add	r14=8,r33
-	add	r17=8,r34		}
-	.body
-{ .mii;	add	r15=16,r33
-	add	r18=16,r34
-	add	r16=24,r33		};;
-.L_cheat_entry_point4:
-{ .mmi;	add	r19=24,r34
-
-	ldf8	f32=[r33]		}
-
-{ .mmi;	ldf8	f120=[r34]
-	ldf8	f121=[r17]		};;
-{ .mmi;	ldf8	f122=[r18]
-	ldf8	f123=[r19]		}
-
-{ .mmi;	ldf8	f33=[r14]
-	ldf8	f34=[r15]		}
-{ .mfi;	ldf8	f35=[r16]
-
-		xma.hu	f41=f32,f120,f0		}
-{ .mfi;		xma.lu	f40=f32,f120,f0		};;
-{ .mfi;		xma.hu	f51=f32,f121,f0		}
-{ .mfi;		xma.lu	f50=f32,f121,f0		};;
-{ .mfi;		xma.hu	f61=f32,f122,f0		}
-{ .mfi;		xma.lu	f60=f32,f122,f0		};;
-{ .mfi;		xma.hu	f71=f32,f123,f0		}
-{ .mfi;		xma.lu	f70=f32,f123,f0		};;//
-// Major stall takes place here, and 3 more places below. Result from
-// first xma is not available for another 3 ticks.
-{ .mfi;	getf.sig	r16=f40
-		xma.hu	f42=f33,f120,f41
-	add		r33=8,r32		}
-{ .mfi;		xma.lu	f41=f33,f120,f41	};;
-{ .mfi;	getf.sig	r24=f50
-		xma.hu	f52=f33,f121,f51	}
-{ .mfi;		xma.lu	f51=f33,f121,f51	};;
-{ .mfi;	st8		[r32]=r16,16
-		xma.hu	f62=f33,f122,f61	}
-{ .mfi;		xma.lu	f61=f33,f122,f61	};;
-{ .mfi;		xma.hu	f72=f33,f123,f71	}
-{ .mfi;		xma.lu	f71=f33,f123,f71	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r25=f41
-		xma.hu	f43=f34,f120,f42	}
-{ .mfi;		xma.lu	f42=f34,f120,f42	};;
-{ .mfi;	getf.sig	r16=f60
-		xma.hu	f53=f34,f121,f52	}
-{ .mfi;		xma.lu	f52=f34,f121,f52	};;
-{ .mfi;	getf.sig	r17=f51
-		xma.hu	f63=f34,f122,f62
-	add		r25=r25,r24		}
-{ .mfi;	mov		carry1=0
-		xma.lu	f62=f34,f122,f62	};;
-{ .mfi;	st8		[r33]=r25,16
-		xma.hu	f73=f34,f123,f72
-	cmp.ltu		p6,p0=r25,r24		}
-{ .mfi;		xma.lu	f72=f34,f123,f72	};;//
-//-------------------------------------------------//
-{ .mfi;	getf.sig	r18=f42
-		xma.hu	f44=f35,f120,f43
-(p6)	add		carry1=1,carry1		}
-{ .mfi;	add		r17=r17,r16
-		xma.lu	f43=f35,f120,f43
-	mov		carry2=0		};;
-{ .mfi;	getf.sig	r24=f70
-		xma.hu	f54=f35,f121,f53
-	cmp.ltu		p7,p0=r17,r16		}
-{ .mfi;		xma.lu	f53=f35,f121,f53	};;
-{ .mfi;	getf.sig	r25=f61
-		xma.hu	f64=f35,f122,f63
-	add		r18=r18,r17		}
-{ .mfi;		xma.lu	f63=f35,f122,f63
-(p7)	add		carry2=1,carry2		};;
-{ .mfi;	getf.sig	r26=f52
-		xma.hu	f74=f35,f123,f73
-	cmp.ltu		p7,p0=r18,r17		}
-{ .mfi;		xma.lu	f73=f35,f123,f73
-	add		r18=r18,carry1		};;
-//-------------------------------------------------//
-{ .mii;	st8		[r32]=r18,16
-(p7)	add		carry2=1,carry2
-	cmp.ltu		p7,p0=r18,carry1	};;
-
-{ .mfi;	getf.sig	r27=f43	// last major stall
-(p7)	add		carry2=1,carry2		};;
-{ .mii;		getf.sig	r16=f71
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r17=f62	
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r27=r27,r26		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,r26
-	add		r27=r27,carry2		};;
-{ .mii;		getf.sig	r18=f53
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r27,carry2	};;
-{ .mfi;	st8		[r33]=r27,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;		getf.sig	r19=f44
-		add		r17=r17,r16
-		mov		carry2=0	};;
-{ .mii;	getf.sig	r24=f72
-		cmp.ltu		p7,p0=r17,r16
-		add		r18=r18,r17	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r18,r17
-		add		r19=r19,r18	};;
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,r18
-		add		r19=r19,carry1	};;
-{ .mii;	getf.sig	r25=f63
-	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r19,carry1};;
-{ .mii;		st8		[r32]=r19,16
-	(p7)	add		carry2=1,carry2	}
-
-{ .mii;	getf.sig	r26=f54
-	add		r25=r25,r24
-	mov		carry1=0		};;
-{ .mii;		getf.sig	r16=f73
-	cmp.ltu		p6,p0=r25,r24
-	add		r26=r26,r25		};;
-{ .mii;
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,r25
-	add		r26=r26,carry2		};;
-{ .mii;		getf.sig	r17=f64
-(p6)	add		carry1=1,carry1
-	cmp.ltu		p6,p0=r26,carry2	};;
-{ .mii;	st8		[r33]=r26,16
-(p6)	add		carry1=1,carry1		}
-
-{ .mii;	getf.sig	r24=f74
-		add		r17=r17,r16	
-		mov		carry2=0	};;
-{ .mii;		cmp.ltu		p7,p0=r17,r16
-		add		r17=r17,carry1	};;
-
-{ .mii;	(p7)	add		carry2=1,carry2
-		cmp.ltu		p7,p0=r17,carry1};;
-{ .mii;		st8		[r32]=r17,16
-	(p7)	add		carry2=1,carry2	};;
-
-{ .mii;	add		r24=r24,carry2		};;
-{ .mii;	st8		[r33]=r24		}
-
-{ .mib;	rum		1<<5		// clear um.mfh
-	br.ret.sptk.many	b0	};;
-.endp	bn_mul_comba4#
-#undef	carry2
-#undef	carry1
-#endif
-
-#if 1
-//
-// BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-//
-// In the nutshell it's a port of my MIPS III/IV implementation.
-//
-#define	AT	r14
-#define	H	r16
-#define	HH	r20
-#define	L	r17
-#define	D	r18
-#define	DH	r22
-#define	I	r21
-
-#if 0
-// Some preprocessors (most notably HP-UX) appear to be allergic to
-// macros enclosed to parenthesis [as these three were].
-#define	cont	p16
-#define	break	p0	// p20
-#define	equ	p24
-#else
-cont=p16
-break=p0
-equ=p24
-#endif
-
-.global	abort#
-.global	bn_div_words#
-.proc	bn_div_words#
-.align	64
-bn_div_words:
-	.prologue
-	.save	ar.pfs,r2
-{ .mii;	alloc		r2=ar.pfs,3,5,0,8
-	.save	b0,r3
-	mov		r3=b0
-	.save	pr,r10
-	mov		r10=pr		};;
-{ .mmb;	cmp.eq		p6,p0=r34,r0
-	mov		r8=-1
-(p6)	br.ret.spnt.many	b0	};;
-
-	.body
-{ .mii;	mov		H=r32		// save h
-	mov		ar.ec=0		// don't rotate at exit
-	mov		pr.rot=0	}
-{ .mii;	mov		L=r33		// save l
-	mov		r36=r0		};;
-
-.L_divw_shift:	// -vv- note signed comparison
-{ .mfi;	(p0)	cmp.lt		p16,p0=r0,r34	// d
-	(p0)	shladd		r33=r34,1,r0	}
-{ .mfb;	(p0)	add		r35=1,r36
-	(p0)	nop.f		0x0
-(p16)	br.wtop.dpnt		.L_divw_shift	};;
-
-{ .mii;	mov		D=r34
-	shr.u		DH=r34,32
-	sub		r35=64,r36		};;
-{ .mii;	setf.sig	f7=DH
-	shr.u		AT=H,r35
-	mov		I=r36			};;
-{ .mib;	cmp.ne		p6,p0=r0,AT
-	shl		H=H,r36
-(p6)	br.call.spnt.clr	b0=abort	};;	// overflow, die...
-
-{ .mfi;	fcvt.xuf.s1	f7=f7
-	shr.u		AT=L,r35		};;
-{ .mii;	shl		L=L,r36
-	or		H=H,AT			};;
-
-{ .mii;	nop.m		0x0
-	cmp.leu		p6,p0=D,H;;
-(p6)	sub		H=H,D			}
-
-{ .mlx;	setf.sig	f14=D
-	movl		AT=0xffffffff		};;
-///////////////////////////////////////////////////////////
-{ .mii;	setf.sig	f6=H
-	shr.u		HH=H,32;;
-	cmp.eq		p6,p7=HH,DH		};;
-{ .mfb;
-(p6)	setf.sig	f8=AT
-(p7)	fcvt.xuf.s1	f6=f6
-(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
-
-{ .mfi;	getf.sig	r33=f8				// q
-	xmpy.lu		f9=f8,f14		}
-{ .mfi;	xmpy.hu		f10=f8,f14
-	shrp		H=H,L,32		};;
-
-{ .mmi;	getf.sig	r35=f9				// tl
-	getf.sig	r31=f10			};;	// th
-
-.L_divw_1st_iter:
-{ .mii;	(p0)	add		r32=-1,r33
-	(p0)	cmp.eq		equ,cont=HH,r31		};;
-{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
-	(p0)	sub		r34=r35,D
-	(equ)	cmp.leu		break,cont=r35,H	};;
-{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
-	(p8)	add		r31=-1,r31
-(cont)	br.wtop.spnt		.L_divw_1st_iter	};;
-///////////////////////////////////////////////////////////
-{ .mii;	sub		H=H,r35
-	shl		r8=r33,32
-	shl		L=L,32			};;
-///////////////////////////////////////////////////////////
-{ .mii;	setf.sig	f6=H
-	shr.u		HH=H,32;;
-	cmp.eq		p6,p7=HH,DH		};;
-{ .mfb;
-(p6)	setf.sig	f8=AT
-(p7)	fcvt.xuf.s1	f6=f6
-(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
-
-{ .mfi;	getf.sig	r33=f8				// q
-	xmpy.lu		f9=f8,f14		}
-{ .mfi;	xmpy.hu		f10=f8,f14
-	shrp		H=H,L,32		};;
-
-{ .mmi;	getf.sig	r35=f9				// tl
-	getf.sig	r31=f10			};;	// th
-
-.L_divw_2nd_iter:
-{ .mii;	(p0)	add		r32=-1,r33
-	(p0)	cmp.eq		equ,cont=HH,r31		};;
-{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
-	(p0)	sub		r34=r35,D
-	(equ)	cmp.leu		break,cont=r35,H	};;
-{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
-	(p8)	add		r31=-1,r31
-(cont)	br.wtop.spnt		.L_divw_2nd_iter	};;
-///////////////////////////////////////////////////////////
-{ .mii;	sub	H=H,r35
-	or	r8=r8,r33
-	mov	ar.pfs=r2		};;
-{ .mii;	shr.u	r9=H,I			// remainder if anybody wants it
-	mov	pr=r10,0x1ffff		}
-{ .mfb;	br.ret.sptk.many	b0	};;
-
-// Unsigned 64 by 32 (well, by 64 for the moment) bit integer division
-// procedure.
-//
-// inputs:	f6 = (double)a, f7 = (double)b
-// output:	f8 = (int)(a/b)
-// clobbered:	f8,f9,f10,f11,pred
-pred=p15
-// One can argue that this snippet is copyrighted to Intel
-// Corporation, as it's essentially identical to one of those
-// found in "Divide, Square Root and Remainder" section at
-// http://www.intel.com/software/products/opensource/libraries/num.htm.
-// Yes, I admit that the referred code was used as template,
-// but after I realized that there hardly is any other instruction
-// sequence which would perform this operation. I mean I figure that
-// any independent attempt to implement high-performance division
-// will result in code virtually identical to the Intel code. It
-// should be noted though that below division kernel is 1 cycle
-// faster than Intel one (note commented splits:-), not to mention
-// original prologue (rather lack of one) and epilogue.
-.align	32
-.skip	16
-.L_udiv64_32_b6:
-	frcpa.s1	f8,pred=f6,f7;;		// [0]  y0 = 1 / b
-
-(pred)	fnma.s1		f9=f7,f8,f1		// [5]  e0 = 1 - b * y0
-(pred)	fmpy.s1		f10=f6,f8;;		// [5]  q0 = a * y0
-(pred)	fmpy.s1		f11=f9,f9		// [10] e1 = e0 * e0
-(pred)	fma.s1		f10=f9,f10,f10;;	// [10] q1 = q0 + e0 * q0
-(pred)	fma.s1		f8=f9,f8,f8	//;;	// [15] y1 = y0 + e0 * y0
-(pred)	fma.s1		f9=f11,f10,f10;;	// [15] q2 = q1 + e1 * q1
-(pred)	fma.s1		f8=f11,f8,f8	//;;	// [20] y2 = y1 + e1 * y1
-(pred)	fnma.s1		f10=f7,f9,f6;;		// [20] r2 = a - b * q2
-(pred)	fma.s1		f8=f10,f8,f9;;		// [25] q3 = q2 + r2 * y2
-
-	fcvt.fxu.trunc.s1	f8=f8		// [30] q = trunc(q3)
-	br.ret.sptk.many	b6;;
-.endp	bn_div_words#
-#endif
diff --git a/lib/libssl/src/crypto/bn/asm/mips-mont.pl b/lib/libssl/src/crypto/bn/asm/mips-mont.pl
deleted file mode 100644
index caae04ed3a8..00000000000
--- a/lib/libssl/src/crypto/bn/asm/mips-mont.pl
+++ /dev/null
@@ -1,426 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# This module doesn't present direct interest for OpenSSL, because it
-# doesn't provide better performance for longer keys, at least not on
-# in-order-execution cores. While 512-bit RSA sign operations can be
-# 65% faster in 64-bit mode, 1024-bit ones are only 15% faster, and
-# 4096-bit ones are up to 15% slower. In 32-bit mode it varies from
-# 16% improvement for 512-bit RSA sign to -33% for 4096-bit RSA
-# verify:-( All comparisons are against bn_mul_mont-free assembler.
-# The module might be of interest to embedded system developers, as
-# the code is smaller than 1KB, yet offers >3x improvement on MIPS64
-# and 75-30% [less for longer keys] on MIPS32 over compiler-generated
-# code.
-
-######################################################################
-# There is a number of MIPS ABI in use, O32 and N32/64 are most
-# widely used. Then there is a new contender: NUBI. It appears that if
-# one picks the latter, it's possible to arrange code in ABI neutral
-# manner. Therefore let's stick to NUBI register layout:
-#
-($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
-($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
-($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
-#
-# The return value is placed in $a0. Following coding rules facilitate
-# interoperability:
-#
-# - never ever touch $tp, "thread pointer", former $gp;
-# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
-#   old code];
-# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
-#
-# For reference here is register layout for N32/64 MIPS ABIs:
-#
-# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
-# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
-# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
-# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
-#
-$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
-
-if ($flavour =~ /64|n32/i) {
-	$PTR_ADD="dadd";	# incidentally works even on n32
-	$PTR_SUB="dsub";	# incidentally works even on n32
-	$REG_S="sd";
-	$REG_L="ld";
-	$SZREG=8;
-} else {
-	$PTR_ADD="add";
-	$PTR_SUB="sub";
-	$REG_S="sw";
-	$REG_L="lw";
-	$SZREG=4;
-}
-$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0x00fff000 : 0x00ff0000;
-#
-# <appro@openssl.org>
-#
-######################################################################
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-if ($flavour =~ /64|n32/i) {
-	$LD="ld";
-	$ST="sd";
-	$MULTU="dmultu";
-	$ADDU="daddu";
-	$SUBU="dsubu";
-	$BNSZ=8;
-} else {
-	$LD="lw";
-	$ST="sw";
-	$MULTU="multu";
-	$ADDU="addu";
-	$SUBU="subu";
-	$BNSZ=4;
-}
-
-# int bn_mul_mont(
-$rp=$a0;	# BN_ULONG *rp,
-$ap=$a1;	# const BN_ULONG *ap,
-$bp=$a2;	# const BN_ULONG *bp,
-$np=$a3;	# const BN_ULONG *np,
-$n0=$a4;	# const BN_ULONG *n0,
-$num=$a5;	# int num);
-
-$lo0=$a6;
-$hi0=$a7;
-$lo1=$t1;
-$hi1=$t2;
-$aj=$s0;
-$bi=$s1;
-$nj=$s2;
-$tp=$s3;
-$alo=$s4;
-$ahi=$s5;
-$nlo=$s6;
-$nhi=$s7;
-$tj=$s8;
-$i=$s9;
-$j=$s10;
-$m1=$s11;
-
-$FRAMESIZE=14;
-
-$code=<<___;
-.text
-
-.set	noat
-.set	noreorder
-
-.align	5
-.globl	bn_mul_mont
-.ent	bn_mul_mont
-bn_mul_mont:
-___
-$code.=<<___ if ($flavour =~ /o32/i);
-	lw	$n0,16($sp)
-	lw	$num,20($sp)
-___
-$code.=<<___;
-	slt	$at,$num,4
-	bnez	$at,1f
-	li	$t0,0
-	slt	$at,$num,17	# on in-order CPU
-	bnez	$at,bn_mul_mont_internal
-	nop
-1:	jr	$ra
-	li	$a0,0
-.end	bn_mul_mont
-
-.align	5
-.ent	bn_mul_mont_internal
-bn_mul_mont_internal:
-	.frame	$fp,$FRAMESIZE*$SZREG,$ra
-	.mask	0x40000000|$SAVED_REGS_MASK,-$SZREG
-	$PTR_SUB $sp,$FRAMESIZE*$SZREG
-	$REG_S	$fp,($FRAMESIZE-1)*$SZREG($sp)
-	$REG_S	$s11,($FRAMESIZE-2)*$SZREG($sp)
-	$REG_S	$s10,($FRAMESIZE-3)*$SZREG($sp)
-	$REG_S	$s9,($FRAMESIZE-4)*$SZREG($sp)
-	$REG_S	$s8,($FRAMESIZE-5)*$SZREG($sp)
-	$REG_S	$s7,($FRAMESIZE-6)*$SZREG($sp)
-	$REG_S	$s6,($FRAMESIZE-7)*$SZREG($sp)
-	$REG_S	$s5,($FRAMESIZE-8)*$SZREG($sp)
-	$REG_S	$s4,($FRAMESIZE-9)*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_S	$s3,($FRAMESIZE-10)*$SZREG($sp)
-	$REG_S	$s2,($FRAMESIZE-11)*$SZREG($sp)
-	$REG_S	$s1,($FRAMESIZE-12)*$SZREG($sp)
-	$REG_S	$s0,($FRAMESIZE-13)*$SZREG($sp)
-___
-$code.=<<___;
-	move	$fp,$sp
-
-	.set	reorder
-	$LD	$n0,0($n0)
-	$LD	$bi,0($bp)	# bp[0]
-	$LD	$aj,0($ap)	# ap[0]
-	$LD	$nj,0($np)	# np[0]
-
-	$PTR_SUB $sp,2*$BNSZ	# place for two extra words
-	sll	$num,`log($BNSZ)/log(2)`
-	li	$at,-4096
-	$PTR_SUB $sp,$num
-	and	$sp,$at
-
-	$MULTU	$aj,$bi
-	$LD	$alo,$BNSZ($ap)
-	$LD	$nlo,$BNSZ($np)
-	mflo	$lo0
-	mfhi	$hi0
-	$MULTU	$lo0,$n0
-	mflo	$m1
-
-	$MULTU	$alo,$bi
-	mflo	$alo
-	mfhi	$ahi
-
-	$MULTU	$nj,$m1
-	mflo	$lo1
-	mfhi	$hi1
-	$MULTU	$nlo,$m1
-	$ADDU	$lo1,$lo0
-	sltu	$at,$lo1,$lo0
-	$ADDU	$hi1,$at
-	mflo	$nlo
-	mfhi	$nhi
-
-	move	$tp,$sp
-	li	$j,2*$BNSZ
-.align	4
-.L1st:
-	.set	noreorder
-	$PTR_ADD $aj,$ap,$j
-	$PTR_ADD $nj,$np,$j
-	$LD	$aj,($aj)
-	$LD	$nj,($nj)
-
-	$MULTU	$aj,$bi
-	$ADDU	$lo0,$alo,$hi0
-	$ADDU	$lo1,$nlo,$hi1
-	sltu	$at,$lo0,$hi0
-	sltu	$t0,$lo1,$hi1
-	$ADDU	$hi0,$ahi,$at
-	$ADDU	$hi1,$nhi,$t0
-	mflo	$alo
-	mfhi	$ahi
-
-	$ADDU	$lo1,$lo0
-	sltu	$at,$lo1,$lo0
-	$MULTU	$nj,$m1
-	$ADDU	$hi1,$at
-	addu	$j,$BNSZ
-	$ST	$lo1,($tp)
-	sltu	$t0,$j,$num
-	mflo	$nlo
-	mfhi	$nhi
-
-	bnez	$t0,.L1st
-	$PTR_ADD $tp,$BNSZ
-	.set	reorder
-
-	$ADDU	$lo0,$alo,$hi0
-	sltu	$at,$lo0,$hi0
-	$ADDU	$hi0,$ahi,$at
-
-	$ADDU	$lo1,$nlo,$hi1
-	sltu	$t0,$lo1,$hi1
-	$ADDU	$hi1,$nhi,$t0
-	$ADDU	$lo1,$lo0
-	sltu	$at,$lo1,$lo0
-	$ADDU	$hi1,$at
-
-	$ST	$lo1,($tp)
-
-	$ADDU	$hi1,$hi0
-	sltu	$at,$hi1,$hi0
-	$ST	$hi1,$BNSZ($tp)
-	$ST	$at,2*$BNSZ($tp)
-
-	li	$i,$BNSZ
-.align	4
-.Louter:
-	$PTR_ADD $bi,$bp,$i
-	$LD	$bi,($bi)
-	$LD	$aj,($ap)
-	$LD	$alo,$BNSZ($ap)
-	$LD	$tj,($sp)
-
-	$MULTU	$aj,$bi
-	$LD	$nj,($np)
-	$LD	$nlo,$BNSZ($np)
-	mflo	$lo0
-	mfhi	$hi0
-	$ADDU	$lo0,$tj
-	$MULTU	$lo0,$n0
-	sltu	$at,$lo0,$tj
-	$ADDU	$hi0,$at
-	mflo	$m1
-
-	$MULTU	$alo,$bi
-	mflo	$alo
-	mfhi	$ahi
-
-	$MULTU	$nj,$m1
-	mflo	$lo1
-	mfhi	$hi1
-
-	$MULTU	$nlo,$m1
-	$ADDU	$lo1,$lo0
-	sltu	$at,$lo1,$lo0
-	$ADDU	$hi1,$at
-	mflo	$nlo
-	mfhi	$nhi
-
-	move	$tp,$sp
-	li	$j,2*$BNSZ
-	$LD	$tj,$BNSZ($tp)
-.align	4
-.Linner:
-	.set	noreorder
-	$PTR_ADD $aj,$ap,$j
-	$PTR_ADD $nj,$np,$j
-	$LD	$aj,($aj)
-	$LD	$nj,($nj)
-
-	$MULTU	$aj,$bi
-	$ADDU	$lo0,$alo,$hi0
-	$ADDU	$lo1,$nlo,$hi1
-	sltu	$at,$lo0,$hi0
-	sltu	$t0,$lo1,$hi1
-	$ADDU	$hi0,$ahi,$at
-	$ADDU	$hi1,$nhi,$t0
-	mflo	$alo
-	mfhi	$ahi
-
-	$ADDU	$lo0,$tj
-	addu	$j,$BNSZ
-	$MULTU	$nj,$m1
-	sltu	$at,$lo0,$tj
-	$ADDU	$lo1,$lo0
-	$ADDU	$hi0,$at
-	sltu	$t0,$lo1,$lo0
-	$LD	$tj,2*$BNSZ($tp)
-	$ADDU	$hi1,$t0
-	sltu	$at,$j,$num
-	mflo	$nlo
-	mfhi	$nhi
-	$ST	$lo1,($tp)
-	bnez	$at,.Linner
-	$PTR_ADD $tp,$BNSZ
-	.set	reorder
-
-	$ADDU	$lo0,$alo,$hi0
-	sltu	$at,$lo0,$hi0
-	$ADDU	$hi0,$ahi,$at
-	$ADDU	$lo0,$tj
-	sltu	$t0,$lo0,$tj
-	$ADDU	$hi0,$t0
-
-	$LD	$tj,2*$BNSZ($tp)
-	$ADDU	$lo1,$nlo,$hi1
-	sltu	$at,$lo1,$hi1
-	$ADDU	$hi1,$nhi,$at
-	$ADDU	$lo1,$lo0
-	sltu	$t0,$lo1,$lo0
-	$ADDU	$hi1,$t0
-	$ST	$lo1,($tp)
-
-	$ADDU	$lo1,$hi1,$hi0
-	sltu	$hi1,$lo1,$hi0
-	$ADDU	$lo1,$tj
-	sltu	$at,$lo1,$tj
-	$ADDU	$hi1,$at
-	$ST	$lo1,$BNSZ($tp)
-	$ST	$hi1,2*$BNSZ($tp)
-
-	addu	$i,$BNSZ
-	sltu	$t0,$i,$num
-	bnez	$t0,.Louter
-
-	.set	noreorder
-	$PTR_ADD $tj,$sp,$num	# &tp[num]
-	move	$tp,$sp
-	move	$ap,$sp
-	li	$hi0,0		# clear borrow bit
-
-.align	4
-.Lsub:	$LD	$lo0,($tp)
-	$LD	$lo1,($np)
-	$PTR_ADD $tp,$BNSZ
-	$PTR_ADD $np,$BNSZ
-	$SUBU	$lo1,$lo0,$lo1	# tp[i]-np[i]
-	sgtu	$at,$lo1,$lo0
-	$SUBU	$lo0,$lo1,$hi0
-	sgtu	$hi0,$lo0,$lo1
-	$ST	$lo0,($rp)
-	or	$hi0,$at
-	sltu	$at,$tp,$tj
-	bnez	$at,.Lsub
-	$PTR_ADD $rp,$BNSZ
-
-	$SUBU	$hi0,$hi1,$hi0	# handle upmost overflow bit
-	move	$tp,$sp
-	$PTR_SUB $rp,$num	# restore rp
-	not	$hi1,$hi0
-
-	and	$ap,$hi0,$sp
-	and	$bp,$hi1,$rp
-	or	$ap,$ap,$bp	# ap=borrow?tp:rp
-
-.align	4
-.Lcopy:	$LD	$aj,($ap)
-	$PTR_ADD $ap,$BNSZ
-	$ST	$zero,($tp)
-	$PTR_ADD $tp,$BNSZ
-	sltu	$at,$tp,$tj
-	$ST	$aj,($rp)
-	bnez	$at,.Lcopy
-	$PTR_ADD $rp,$BNSZ
-
-	li	$a0,1
-	li	$t0,1
-
-	.set	noreorder
-	move	$sp,$fp
-	$REG_L	$fp,($FRAMESIZE-1)*$SZREG($sp)
-	$REG_L	$s11,($FRAMESIZE-2)*$SZREG($sp)
-	$REG_L	$s10,($FRAMESIZE-3)*$SZREG($sp)
-	$REG_L	$s9,($FRAMESIZE-4)*$SZREG($sp)
-	$REG_L	$s8,($FRAMESIZE-5)*$SZREG($sp)
-	$REG_L	$s7,($FRAMESIZE-6)*$SZREG($sp)
-	$REG_L	$s6,($FRAMESIZE-7)*$SZREG($sp)
-	$REG_L	$s5,($FRAMESIZE-8)*$SZREG($sp)
-	$REG_L	$s4,($FRAMESIZE-9)*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s3,($FRAMESIZE-10)*$SZREG($sp)
-	$REG_L	$s2,($FRAMESIZE-11)*$SZREG($sp)
-	$REG_L	$s1,($FRAMESIZE-12)*$SZREG($sp)
-	$REG_L	$s0,($FRAMESIZE-13)*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE*$SZREG
-.end	bn_mul_mont_internal
-.rdata
-.asciiz	"Montgomery Multiplication for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/mips.pl b/lib/libssl/src/crypto/bn/asm/mips.pl
deleted file mode 100644
index 215c9a74832..00000000000
--- a/lib/libssl/src/crypto/bn/asm/mips.pl
+++ /dev/null
@@ -1,2234 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project.
-#
-# Rights for redistribution and usage in source and binary forms are
-# granted according to the OpenSSL license. Warranty of any kind is
-# disclaimed.
-# ====================================================================
-
-
-# July 1999
-#
-# This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c.
-#
-# The module is designed to work with either of the "new" MIPS ABI(5),
-# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
-# IRIX 5.x not only because it doesn't support new ABIs but also
-# because 5.x kernels put R4x00 CPU into 32-bit mode and all those
-# 64-bit instructions (daddu, dmultu, etc.) found below gonna only
-# cause illegal instruction exception:-(
-#
-# In addition the code depends on preprocessor flags set up by MIPSpro
-# compiler driver (either as or cc) and therefore (probably?) can't be
-# compiled by the GNU assembler. GNU C driver manages fine though...
-# I mean as long as -mmips-as is specified or is the default option,
-# because then it simply invokes /usr/bin/as which in turn takes
-# perfect care of the preprocessor definitions. Another neat feature
-# offered by the MIPSpro assembler is an optimization pass. This gave
-# me the opportunity to have the code looking more regular as all those
-# architecture dependent instruction rescheduling details were left to
-# the assembler. Cool, huh?
-#
-# Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
-# goes way over 3 times faster!
-#
-#					<appro@fy.chalmers.se>
-
-# October 2010
-#
-# Adapt the module even for 32-bit ABIs and other OSes. The former was
-# achieved by mechanical replacement of 64-bit arithmetic instructions
-# such as dmultu, daddu, etc. with their 32-bit counterparts and
-# adjusting offsets denoting multiples of BN_ULONG. Above mentioned
-# >3x performance improvement naturally does not apply to 32-bit code
-# [because there is no instruction 32-bit compiler can't use], one
-# has to content with 40-85% improvement depending on benchmark and
-# key length, more for longer keys.
-
-$flavour = shift;
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-if ($flavour =~ /64|n32/i) {
-	$LD="ld";
-	$ST="sd";
-	$MULTU="dmultu";
-	$DIVU="ddivu";
-	$ADDU="daddu";
-	$SUBU="dsubu";
-	$SRL="dsrl";
-	$SLL="dsll";
-	$BNSZ=8;
-	$PTR_ADD="daddu";
-	$PTR_SUB="dsubu";
-	$SZREG=8;
-	$REG_S="sd";
-	$REG_L="ld";
-} else {
-	$LD="lw";
-	$ST="sw";
-	$MULTU="multu";
-	$DIVU="divu";
-	$ADDU="addu";
-	$SUBU="subu";
-	$SRL="srl";
-	$SLL="sll";
-	$BNSZ=4;
-	$PTR_ADD="addu";
-	$PTR_SUB="subu";
-	$SZREG=4;
-	$REG_S="sw";
-	$REG_L="lw";
-	$code=".set	mips2\n";
-}
-
-# Below is N32/64 register layout used in the original module.
-#
-($zero,$at,$v0,$v1)=map("\$$_",(0..3));
-($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
-($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
-($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
-($ta0,$ta1,$ta2,$ta3)=($a4,$a5,$a6,$a7);
-#
-# No special adaptation is required for O32. NUBI on the other hand
-# is treated by saving/restoring ($v1,$t0..$t3).
-
-$gp=$v1 if ($flavour =~ /nubi/i);
-
-$minus4=$v1;
-
-$code.=<<___;
-.rdata
-.asciiz	"mips3.s, Version 1.2"
-.asciiz	"MIPS II/III/IV ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>"
-
-.text
-.set	noat
-
-.align	5
-.globl	bn_mul_add_words
-.ent	bn_mul_add_words
-bn_mul_add_words:
-	.set	noreorder
-	bgtz	$a2,bn_mul_add_words_internal
-	move	$v0,$zero
-	jr	$ra
-	move	$a0,$v0
-.end	bn_mul_add_words
-
-.align	5
-.ent	bn_mul_add_words_internal
-bn_mul_add_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	li	$minus4,-4
-	and	$ta0,$a2,$minus4
-	beqz	$ta0,.L_bn_mul_add_words_tail
-
-.L_bn_mul_add_words_loop:
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$a3
-	$LD	$t1,0($a0)
-	$LD	$t2,$BNSZ($a1)
-	$LD	$t3,$BNSZ($a0)
-	$LD	$ta0,2*$BNSZ($a1)
-	$LD	$ta1,2*$BNSZ($a0)
-	$ADDU	$t1,$v0
-	sltu	$v0,$t1,$v0	# All manuals say it "compares 32-bit
-				# values", but it seems to work fine
-				# even on 64-bit registers.
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$t1,$at
-	$ADDU	$v0,$t0
-	 $MULTU	$t2,$a3
-	sltu	$at,$t1,$at
-	$ST	$t1,0($a0)
-	$ADDU	$v0,$at
-
-	$LD	$ta2,3*$BNSZ($a1)
-	$LD	$ta3,3*$BNSZ($a0)
-	$ADDU	$t3,$v0
-	sltu	$v0,$t3,$v0
-	mflo	$at
-	mfhi	$t2
-	$ADDU	$t3,$at
-	$ADDU	$v0,$t2
-	 $MULTU	$ta0,$a3
-	sltu	$at,$t3,$at
-	$ST	$t3,$BNSZ($a0)
-	$ADDU	$v0,$at
-
-	subu	$a2,4
-	$PTR_ADD $a0,4*$BNSZ
-	$PTR_ADD $a1,4*$BNSZ
-	$ADDU	$ta1,$v0
-	sltu	$v0,$ta1,$v0
-	mflo	$at
-	mfhi	$ta0
-	$ADDU	$ta1,$at
-	$ADDU	$v0,$ta0
-	 $MULTU	$ta2,$a3
-	sltu	$at,$ta1,$at
-	$ST	$ta1,-2*$BNSZ($a0)
-	$ADDU	$v0,$at
-
-
-	and	$ta0,$a2,$minus4
-	$ADDU	$ta3,$v0
-	sltu	$v0,$ta3,$v0
-	mflo	$at
-	mfhi	$ta2
-	$ADDU	$ta3,$at
-	$ADDU	$v0,$ta2
-	sltu	$at,$ta3,$at
-	$ST	$ta3,-$BNSZ($a0)
-	.set	noreorder
-	bgtz	$ta0,.L_bn_mul_add_words_loop
-	$ADDU	$v0,$at
-
-	beqz	$a2,.L_bn_mul_add_words_return
-	nop
-
-.L_bn_mul_add_words_tail:
-	.set	reorder
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$a3
-	$LD	$t1,0($a0)
-	subu	$a2,1
-	$ADDU	$t1,$v0
-	sltu	$v0,$t1,$v0
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$t1,$at
-	$ADDU	$v0,$t0
-	sltu	$at,$t1,$at
-	$ST	$t1,0($a0)
-	$ADDU	$v0,$at
-	beqz	$a2,.L_bn_mul_add_words_return
-
-	$LD	$t0,$BNSZ($a1)
-	$MULTU	$t0,$a3
-	$LD	$t1,$BNSZ($a0)
-	subu	$a2,1
-	$ADDU	$t1,$v0
-	sltu	$v0,$t1,$v0
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$t1,$at
-	$ADDU	$v0,$t0
-	sltu	$at,$t1,$at
-	$ST	$t1,$BNSZ($a0)
-	$ADDU	$v0,$at
-	beqz	$a2,.L_bn_mul_add_words_return
-
-	$LD	$t0,2*$BNSZ($a1)
-	$MULTU	$t0,$a3
-	$LD	$t1,2*$BNSZ($a0)
-	$ADDU	$t1,$v0
-	sltu	$v0,$t1,$v0
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$t1,$at
-	$ADDU	$v0,$t0
-	sltu	$at,$t1,$at
-	$ST	$t1,2*$BNSZ($a0)
-	$ADDU	$v0,$at
-
-.L_bn_mul_add_words_return:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-.end	bn_mul_add_words_internal
-
-.align	5
-.globl	bn_mul_words
-.ent	bn_mul_words
-bn_mul_words:
-	.set	noreorder
-	bgtz	$a2,bn_mul_words_internal
-	move	$v0,$zero
-	jr	$ra
-	move	$a0,$v0
-.end	bn_mul_words
-
-.align	5
-.ent	bn_mul_words_internal
-bn_mul_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	li	$minus4,-4
-	and	$ta0,$a2,$minus4
-	beqz	$ta0,.L_bn_mul_words_tail
-
-.L_bn_mul_words_loop:
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$a3
-	$LD	$t2,$BNSZ($a1)
-	$LD	$ta0,2*$BNSZ($a1)
-	$LD	$ta2,3*$BNSZ($a1)
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$v0,$at
-	sltu	$t1,$v0,$at
-	 $MULTU	$t2,$a3
-	$ST	$v0,0($a0)
-	$ADDU	$v0,$t1,$t0
-
-	subu	$a2,4
-	$PTR_ADD $a0,4*$BNSZ
-	$PTR_ADD $a1,4*$BNSZ
-	mflo	$at
-	mfhi	$t2
-	$ADDU	$v0,$at
-	sltu	$t3,$v0,$at
-	 $MULTU	$ta0,$a3
-	$ST	$v0,-3*$BNSZ($a0)
-	$ADDU	$v0,$t3,$t2
-
-	mflo	$at
-	mfhi	$ta0
-	$ADDU	$v0,$at
-	sltu	$ta1,$v0,$at
-	 $MULTU	$ta2,$a3
-	$ST	$v0,-2*$BNSZ($a0)
-	$ADDU	$v0,$ta1,$ta0
-
-	and	$ta0,$a2,$minus4
-	mflo	$at
-	mfhi	$ta2
-	$ADDU	$v0,$at
-	sltu	$ta3,$v0,$at
-	$ST	$v0,-$BNSZ($a0)
-	.set	noreorder
-	bgtz	$ta0,.L_bn_mul_words_loop
-	$ADDU	$v0,$ta3,$ta2
-
-	beqz	$a2,.L_bn_mul_words_return
-	nop
-
-.L_bn_mul_words_tail:
-	.set	reorder
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$a3
-	subu	$a2,1
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$v0,$at
-	sltu	$t1,$v0,$at
-	$ST	$v0,0($a0)
-	$ADDU	$v0,$t1,$t0
-	beqz	$a2,.L_bn_mul_words_return
-
-	$LD	$t0,$BNSZ($a1)
-	$MULTU	$t0,$a3
-	subu	$a2,1
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$v0,$at
-	sltu	$t1,$v0,$at
-	$ST	$v0,$BNSZ($a0)
-	$ADDU	$v0,$t1,$t0
-	beqz	$a2,.L_bn_mul_words_return
-
-	$LD	$t0,2*$BNSZ($a1)
-	$MULTU	$t0,$a3
-	mflo	$at
-	mfhi	$t0
-	$ADDU	$v0,$at
-	sltu	$t1,$v0,$at
-	$ST	$v0,2*$BNSZ($a0)
-	$ADDU	$v0,$t1,$t0
-
-.L_bn_mul_words_return:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-.end	bn_mul_words_internal
-
-.align	5
-.globl	bn_sqr_words
-.ent	bn_sqr_words
-bn_sqr_words:
-	.set	noreorder
-	bgtz	$a2,bn_sqr_words_internal
-	move	$v0,$zero
-	jr	$ra
-	move	$a0,$v0
-.end	bn_sqr_words
-
-.align	5
-.ent	bn_sqr_words_internal
-bn_sqr_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	li	$minus4,-4
-	and	$ta0,$a2,$minus4
-	beqz	$ta0,.L_bn_sqr_words_tail
-
-.L_bn_sqr_words_loop:
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$t0
-	$LD	$t2,$BNSZ($a1)
-	$LD	$ta0,2*$BNSZ($a1)
-	$LD	$ta2,3*$BNSZ($a1)
-	mflo	$t1
-	mfhi	$t0
-	$ST	$t1,0($a0)
-	$ST	$t0,$BNSZ($a0)
-
-	$MULTU	$t2,$t2
-	subu	$a2,4
-	$PTR_ADD $a0,8*$BNSZ
-	$PTR_ADD $a1,4*$BNSZ
-	mflo	$t3
-	mfhi	$t2
-	$ST	$t3,-6*$BNSZ($a0)
-	$ST	$t2,-5*$BNSZ($a0)
-
-	$MULTU	$ta0,$ta0
-	mflo	$ta1
-	mfhi	$ta0
-	$ST	$ta1,-4*$BNSZ($a0)
-	$ST	$ta0,-3*$BNSZ($a0)
-
-
-	$MULTU	$ta2,$ta2
-	and	$ta0,$a2,$minus4
-	mflo	$ta3
-	mfhi	$ta2
-	$ST	$ta3,-2*$BNSZ($a0)
-
-	.set	noreorder
-	bgtz	$ta0,.L_bn_sqr_words_loop
-	$ST	$ta2,-$BNSZ($a0)
-
-	beqz	$a2,.L_bn_sqr_words_return
-	nop
-
-.L_bn_sqr_words_tail:
-	.set	reorder
-	$LD	$t0,0($a1)
-	$MULTU	$t0,$t0
-	subu	$a2,1
-	mflo	$t1
-	mfhi	$t0
-	$ST	$t1,0($a0)
-	$ST	$t0,$BNSZ($a0)
-	beqz	$a2,.L_bn_sqr_words_return
-
-	$LD	$t0,$BNSZ($a1)
-	$MULTU	$t0,$t0
-	subu	$a2,1
-	mflo	$t1
-	mfhi	$t0
-	$ST	$t1,2*$BNSZ($a0)
-	$ST	$t0,3*$BNSZ($a0)
-	beqz	$a2,.L_bn_sqr_words_return
-
-	$LD	$t0,2*$BNSZ($a1)
-	$MULTU	$t0,$t0
-	mflo	$t1
-	mfhi	$t0
-	$ST	$t1,4*$BNSZ($a0)
-	$ST	$t0,5*$BNSZ($a0)
-
-.L_bn_sqr_words_return:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-
-.end	bn_sqr_words_internal
-
-.align	5
-.globl	bn_add_words
-.ent	bn_add_words
-bn_add_words:
-	.set	noreorder
-	bgtz	$a3,bn_add_words_internal
-	move	$v0,$zero
-	jr	$ra
-	move	$a0,$v0
-.end	bn_add_words
-
-.align	5
-.ent	bn_add_words_internal
-bn_add_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	li	$minus4,-4
-	and	$at,$a3,$minus4
-	beqz	$at,.L_bn_add_words_tail
-
-.L_bn_add_words_loop:
-	$LD	$t0,0($a1)
-	$LD	$ta0,0($a2)
-	subu	$a3,4
-	$LD	$t1,$BNSZ($a1)
-	and	$at,$a3,$minus4
-	$LD	$t2,2*$BNSZ($a1)
-	$PTR_ADD $a2,4*$BNSZ
-	$LD	$t3,3*$BNSZ($a1)
-	$PTR_ADD $a0,4*$BNSZ
-	$LD	$ta1,-3*$BNSZ($a2)
-	$PTR_ADD $a1,4*$BNSZ
-	$LD	$ta2,-2*$BNSZ($a2)
-	$LD	$ta3,-$BNSZ($a2)
-	$ADDU	$ta0,$t0
-	sltu	$t8,$ta0,$t0
-	$ADDU	$t0,$ta0,$v0
-	sltu	$v0,$t0,$ta0
-	$ST	$t0,-4*$BNSZ($a0)
-	$ADDU	$v0,$t8
-
-	$ADDU	$ta1,$t1
-	sltu	$t9,$ta1,$t1
-	$ADDU	$t1,$ta1,$v0
-	sltu	$v0,$t1,$ta1
-	$ST	$t1,-3*$BNSZ($a0)
-	$ADDU	$v0,$t9
-
-	$ADDU	$ta2,$t2
-	sltu	$t8,$ta2,$t2
-	$ADDU	$t2,$ta2,$v0
-	sltu	$v0,$t2,$ta2
-	$ST	$t2,-2*$BNSZ($a0)
-	$ADDU	$v0,$t8
-	
-	$ADDU	$ta3,$t3
-	sltu	$t9,$ta3,$t3
-	$ADDU	$t3,$ta3,$v0
-	sltu	$v0,$t3,$ta3
-	$ST	$t3,-$BNSZ($a0)
-	
-	.set	noreorder
-	bgtz	$at,.L_bn_add_words_loop
-	$ADDU	$v0,$t9
-
-	beqz	$a3,.L_bn_add_words_return
-	nop
-
-.L_bn_add_words_tail:
-	.set	reorder
-	$LD	$t0,0($a1)
-	$LD	$ta0,0($a2)
-	$ADDU	$ta0,$t0
-	subu	$a3,1
-	sltu	$t8,$ta0,$t0
-	$ADDU	$t0,$ta0,$v0
-	sltu	$v0,$t0,$ta0
-	$ST	$t0,0($a0)
-	$ADDU	$v0,$t8
-	beqz	$a3,.L_bn_add_words_return
-
-	$LD	$t1,$BNSZ($a1)
-	$LD	$ta1,$BNSZ($a2)
-	$ADDU	$ta1,$t1
-	subu	$a3,1
-	sltu	$t9,$ta1,$t1
-	$ADDU	$t1,$ta1,$v0
-	sltu	$v0,$t1,$ta1
-	$ST	$t1,$BNSZ($a0)
-	$ADDU	$v0,$t9
-	beqz	$a3,.L_bn_add_words_return
-
-	$LD	$t2,2*$BNSZ($a1)
-	$LD	$ta2,2*$BNSZ($a2)
-	$ADDU	$ta2,$t2
-	sltu	$t8,$ta2,$t2
-	$ADDU	$t2,$ta2,$v0
-	sltu	$v0,$t2,$ta2
-	$ST	$t2,2*$BNSZ($a0)
-	$ADDU	$v0,$t8
-
-.L_bn_add_words_return:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-
-.end	bn_add_words_internal
-
-.align	5
-.globl	bn_sub_words
-.ent	bn_sub_words
-bn_sub_words:
-	.set	noreorder
-	bgtz	$a3,bn_sub_words_internal
-	move	$v0,$zero
-	jr	$ra
-	move	$a0,$zero
-.end	bn_sub_words
-
-.align	5
-.ent	bn_sub_words_internal
-bn_sub_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	li	$minus4,-4
-	and	$at,$a3,$minus4
-	beqz	$at,.L_bn_sub_words_tail
-
-.L_bn_sub_words_loop:
-	$LD	$t0,0($a1)
-	$LD	$ta0,0($a2)
-	subu	$a3,4
-	$LD	$t1,$BNSZ($a1)
-	and	$at,$a3,$minus4
-	$LD	$t2,2*$BNSZ($a1)
-	$PTR_ADD $a2,4*$BNSZ
-	$LD	$t3,3*$BNSZ($a1)
-	$PTR_ADD $a0,4*$BNSZ
-	$LD	$ta1,-3*$BNSZ($a2)
-	$PTR_ADD $a1,4*$BNSZ
-	$LD	$ta2,-2*$BNSZ($a2)
-	$LD	$ta3,-$BNSZ($a2)
-	sltu	$t8,$t0,$ta0
-	$SUBU	$ta0,$t0,$ta0
-	$SUBU	$t0,$ta0,$v0
-	sgtu	$v0,$t0,$ta0
-	$ST	$t0,-4*$BNSZ($a0)
-	$ADDU	$v0,$t8
-
-	sltu	$t9,$t1,$ta1
-	$SUBU	$ta1,$t1,$ta1
-	$SUBU	$t1,$ta1,$v0
-	sgtu	$v0,$t1,$ta1
-	$ST	$t1,-3*$BNSZ($a0)
-	$ADDU	$v0,$t9
-
-
-	sltu	$t8,$t2,$ta2
-	$SUBU	$ta2,$t2,$ta2
-	$SUBU	$t2,$ta2,$v0
-	sgtu	$v0,$t2,$ta2
-	$ST	$t2,-2*$BNSZ($a0)
-	$ADDU	$v0,$t8
-
-	sltu	$t9,$t3,$ta3
-	$SUBU	$ta3,$t3,$ta3
-	$SUBU	$t3,$ta3,$v0
-	sgtu	$v0,$t3,$ta3
-	$ST	$t3,-$BNSZ($a0)
-
-	.set	noreorder
-	bgtz	$at,.L_bn_sub_words_loop
-	$ADDU	$v0,$t9
-
-	beqz	$a3,.L_bn_sub_words_return
-	nop
-
-.L_bn_sub_words_tail:
-	.set	reorder
-	$LD	$t0,0($a1)
-	$LD	$ta0,0($a2)
-	subu	$a3,1
-	sltu	$t8,$t0,$ta0
-	$SUBU	$ta0,$t0,$ta0
-	$SUBU	$t0,$ta0,$v0
-	sgtu	$v0,$t0,$ta0
-	$ST	$t0,0($a0)
-	$ADDU	$v0,$t8
-	beqz	$a3,.L_bn_sub_words_return
-
-	$LD	$t1,$BNSZ($a1)
-	subu	$a3,1
-	$LD	$ta1,$BNSZ($a2)
-	sltu	$t9,$t1,$ta1
-	$SUBU	$ta1,$t1,$ta1
-	$SUBU	$t1,$ta1,$v0
-	sgtu	$v0,$t1,$ta1
-	$ST	$t1,$BNSZ($a0)
-	$ADDU	$v0,$t9
-	beqz	$a3,.L_bn_sub_words_return
-
-	$LD	$t2,2*$BNSZ($a1)
-	$LD	$ta2,2*$BNSZ($a2)
-	sltu	$t8,$t2,$ta2
-	$SUBU	$ta2,$t2,$ta2
-	$SUBU	$t2,$ta2,$v0
-	sgtu	$v0,$t2,$ta2
-	$ST	$t2,2*$BNSZ($a0)
-	$ADDU	$v0,$t8
-
-.L_bn_sub_words_return:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-.end	bn_sub_words_internal
-
-.align 5
-.globl	bn_div_3_words
-.ent	bn_div_3_words
-bn_div_3_words:
-	.set	noreorder
-	move	$a3,$a0		# we know that bn_div_words does not
-				# touch $a3, $ta2, $ta3 and preserves $a2
-				# so that we can save two arguments
-				# and return address in registers
-				# instead of stack:-)
-				
-	$LD	$a0,($a3)
-	move	$ta2,$a1
-	bne	$a0,$a2,bn_div_3_words_internal
-	$LD	$a1,-$BNSZ($a3)
-	li	$v0,-1
-	jr	$ra
-	move	$a0,$v0
-.end	bn_div_3_words
-
-.align	5
-.ent	bn_div_3_words_internal
-bn_div_3_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	move	$ta3,$ra
-	bal	bn_div_words_internal
-	move	$ra,$ta3
-	$MULTU	$ta2,$v0
-	$LD	$t2,-2*$BNSZ($a3)
-	move	$ta0,$zero
-	mfhi	$t1
-	mflo	$t0
-	sltu	$t8,$t1,$a1
-.L_bn_div_3_words_inner_loop:
-	bnez	$t8,.L_bn_div_3_words_inner_loop_done
-	sgeu	$at,$t2,$t0
-	seq	$t9,$t1,$a1
-	and	$at,$t9
-	sltu	$t3,$t0,$ta2
-	$ADDU	$a1,$a2
-	$SUBU	$t1,$t3
-	$SUBU	$t0,$ta2
-	sltu	$t8,$t1,$a1
-	sltu	$ta0,$a1,$a2
-	or	$t8,$ta0
-	.set	noreorder
-	beqz	$at,.L_bn_div_3_words_inner_loop
-	$SUBU	$v0,1
-	$ADDU	$v0,1
-	.set	reorder
-.L_bn_div_3_words_inner_loop_done:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-.end	bn_div_3_words_internal
-
-.align	5
-.globl	bn_div_words
-.ent	bn_div_words
-bn_div_words:
-	.set	noreorder
-	bnez	$a2,bn_div_words_internal
-	li	$v0,-1		# I would rather signal div-by-zero
-				# which can be done with 'break 7'
-	jr	$ra
-	move	$a0,$v0
-.end	bn_div_words
-
-.align	5
-.ent	bn_div_words_internal
-bn_div_words_internal:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	move	$v1,$zero
-	bltz	$a2,.L_bn_div_words_body
-	move	$t9,$v1
-	$SLL	$a2,1
-	bgtz	$a2,.-4
-	addu	$t9,1
-
-	.set	reorder
-	negu	$t1,$t9
-	li	$t2,-1
-	$SLL	$t2,$t1
-	and	$t2,$a0
-	$SRL	$at,$a1,$t1
-	.set	noreorder
-	beqz	$t2,.+12
-	nop
-	break	6		# signal overflow
-	.set	reorder
-	$SLL	$a0,$t9
-	$SLL	$a1,$t9
-	or	$a0,$at
-___
-$QT=$ta0;
-$HH=$ta1;
-$DH=$v1;
-$code.=<<___;
-.L_bn_div_words_body:
-	$SRL	$DH,$a2,4*$BNSZ	# bits
-	sgeu	$at,$a0,$a2
-	.set	noreorder
-	beqz	$at,.+12
-	nop
-	$SUBU	$a0,$a2
-	.set	reorder
-
-	li	$QT,-1
-	$SRL	$HH,$a0,4*$BNSZ	# bits
-	$SRL	$QT,4*$BNSZ	# q=0xffffffff
-	beq	$DH,$HH,.L_bn_div_words_skip_div1
-	$DIVU	$zero,$a0,$DH
-	mflo	$QT
-.L_bn_div_words_skip_div1:
-	$MULTU	$a2,$QT
-	$SLL	$t3,$a0,4*$BNSZ	# bits
-	$SRL	$at,$a1,4*$BNSZ	# bits
-	or	$t3,$at
-	mflo	$t0
-	mfhi	$t1
-.L_bn_div_words_inner_loop1:
-	sltu	$t2,$t3,$t0
-	seq	$t8,$HH,$t1
-	sltu	$at,$HH,$t1
-	and	$t2,$t8
-	sltu	$v0,$t0,$a2
-	or	$at,$t2
-	.set	noreorder
-	beqz	$at,.L_bn_div_words_inner_loop1_done
-	$SUBU	$t1,$v0
-	$SUBU	$t0,$a2
-	b	.L_bn_div_words_inner_loop1
-	$SUBU	$QT,1
-	.set	reorder
-.L_bn_div_words_inner_loop1_done:
-
-	$SLL	$a1,4*$BNSZ	# bits
-	$SUBU	$a0,$t3,$t0
-	$SLL	$v0,$QT,4*$BNSZ	# bits
-
-	li	$QT,-1
-	$SRL	$HH,$a0,4*$BNSZ	# bits
-	$SRL	$QT,4*$BNSZ	# q=0xffffffff
-	beq	$DH,$HH,.L_bn_div_words_skip_div2
-	$DIVU	$zero,$a0,$DH
-	mflo	$QT
-.L_bn_div_words_skip_div2:
-	$MULTU	$a2,$QT
-	$SLL	$t3,$a0,4*$BNSZ	# bits
-	$SRL	$at,$a1,4*$BNSZ	# bits
-	or	$t3,$at
-	mflo	$t0
-	mfhi	$t1
-.L_bn_div_words_inner_loop2:
-	sltu	$t2,$t3,$t0
-	seq	$t8,$HH,$t1
-	sltu	$at,$HH,$t1
-	and	$t2,$t8
-	sltu	$v1,$t0,$a2
-	or	$at,$t2
-	.set	noreorder
-	beqz	$at,.L_bn_div_words_inner_loop2_done
-	$SUBU	$t1,$v1
-	$SUBU	$t0,$a2
-	b	.L_bn_div_words_inner_loop2
-	$SUBU	$QT,1
-	.set	reorder
-.L_bn_div_words_inner_loop2_done:
-
-	$SUBU	$a0,$t3,$t0
-	or	$v0,$QT
-	$SRL	$v1,$a0,$t9	# $v1 contains remainder if anybody wants it
-	$SRL	$a2,$t9		# restore $a2
-
-	.set	noreorder
-	move	$a1,$v1
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	move	$a0,$v0
-.end	bn_div_words_internal
-___
-undef $HH; undef $QT; undef $DH;
-
-($a_0,$a_1,$a_2,$a_3)=($t0,$t1,$t2,$t3);
-($b_0,$b_1,$b_2,$b_3)=($ta0,$ta1,$ta2,$ta3);
-
-($a_4,$a_5,$a_6,$a_7)=($s0,$s2,$s4,$a1); # once we load a[7], no use for $a1
-($b_4,$b_5,$b_6,$b_7)=($s1,$s3,$s5,$a2); # once we load b[7], no use for $a2
-
-($t_1,$t_2,$c_1,$c_2,$c_3)=($t8,$t9,$v0,$v1,$a3);
-
-$code.=<<___;
-
-.align	5
-.globl	bn_mul_comba8
-.ent	bn_mul_comba8
-bn_mul_comba8:
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,12*$SZREG,$ra
-	.mask	0x803ff008,-$SZREG
-	$PTR_SUB $sp,12*$SZREG
-	$REG_S	$ra,11*$SZREG($sp)
-	$REG_S	$s5,10*$SZREG($sp)
-	$REG_S	$s4,9*$SZREG($sp)
-	$REG_S	$s3,8*$SZREG($sp)
-	$REG_S	$s2,7*$SZREG($sp)
-	$REG_S	$s1,6*$SZREG($sp)
-	$REG_S	$s0,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___ if ($flavour !~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x003f0000,-$SZREG
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$s5,5*$SZREG($sp)
-	$REG_S	$s4,4*$SZREG($sp)
-	$REG_S	$s3,3*$SZREG($sp)
-	$REG_S	$s2,2*$SZREG($sp)
-	$REG_S	$s1,1*$SZREG($sp)
-	$REG_S	$s0,0*$SZREG($sp)
-___
-$code.=<<___;
-
-	.set	reorder
-	$LD	$a_0,0($a1)	# If compiled with -mips3 option on
-				# R5000 box assembler barks on this
-				# 1ine with "should not have mult/div
-				# as last instruction in bb (R10K
-				# bug)" warning. If anybody out there
-				# has a clue about how to circumvent
-				# this do send me a note.
-				#		<appro\@fy.chalmers.se>
-
-	$LD	$b_0,0($a2)
-	$LD	$a_1,$BNSZ($a1)
-	$LD	$a_2,2*$BNSZ($a1)
-	$MULTU	$a_0,$b_0		# mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	$a_3,3*$BNSZ($a1)
-	$LD	$b_1,$BNSZ($a2)
-	$LD	$b_2,2*$BNSZ($a2)
-	$LD	$b_3,3*$BNSZ($a2)
-	mflo	$c_1
-	mfhi	$c_2
-
-	$LD	$a_4,4*$BNSZ($a1)
-	$LD	$a_5,5*$BNSZ($a1)
-	$MULTU	$a_0,$b_1		# mul_add_c(a[0],b[1],c2,c3,c1);
-	$LD	$a_6,6*$BNSZ($a1)
-	$LD	$a_7,7*$BNSZ($a1)
-	$LD	$b_4,4*$BNSZ($a2)
-	$LD	$b_5,5*$BNSZ($a2)
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_1,$b_0		# mul_add_c(a[1],b[0],c2,c3,c1);
-	$ADDU	$c_3,$t_2,$at
-	$LD	$b_6,6*$BNSZ($a2)
-	$LD	$b_7,7*$BNSZ($a2)
-	$ST	$c_1,0($a0)	# r[0]=c1;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_2,$b_0		# mul_add_c(a[2],b[0],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	$ST	$c_2,$BNSZ($a0)	# r[1]=c2;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_1,$b_1		# mul_add_c(a[1],b[1],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_0,$b_2		# mul_add_c(a[0],b[2],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_0,$b_3		# mul_add_c(a[0],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,2*$BNSZ($a0)	# r[2]=c3;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_1,$b_2		# mul_add_c(a[1],b[2],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$c_3,$c_2,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_2,$b_1		# mul_add_c(a[2],b[1],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_3,$b_0		# mul_add_c(a[3],b[0],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_4,$b_0		# mul_add_c(a[4],b[0],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,3*$BNSZ($a0)	# r[3]=c1;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_3,$b_1		# mul_add_c(a[3],b[1],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_2,$b_2		# mul_add_c(a[2],b[2],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_1,$b_3		# mul_add_c(a[1],b[3],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_0,$b_4		# mul_add_c(a[0],b[4],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_0,$b_5		# mul_add_c(a[0],b[5],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,4*$BNSZ($a0)	# r[4]=c2;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_1,$b_4		# mul_add_c(a[1],b[4],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_2,$b_3		# mul_add_c(a[2],b[3],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_3,$b_2		# mul_add_c(a[3],b[2],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_4,$b_1		# mul_add_c(a[4],b[1],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_5,$b_0		# mul_add_c(a[5],b[0],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_6,$b_0		# mul_add_c(a[6],b[0],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,5*$BNSZ($a0)	# r[5]=c3;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_5,$b_1		# mul_add_c(a[5],b[1],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$c_3,$c_2,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_4,$b_2		# mul_add_c(a[4],b[2],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_3,$b_3		# mul_add_c(a[3],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_2,$b_4		# mul_add_c(a[2],b[4],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_1,$b_5		# mul_add_c(a[1],b[5],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_0,$b_6		# mul_add_c(a[0],b[6],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_0,$b_7		# mul_add_c(a[0],b[7],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,6*$BNSZ($a0)	# r[6]=c1;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_1,$b_6		# mul_add_c(a[1],b[6],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_2,$b_5		# mul_add_c(a[2],b[5],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_3,$b_4		# mul_add_c(a[3],b[4],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_4,$b_3		# mul_add_c(a[4],b[3],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_5,$b_2		# mul_add_c(a[5],b[2],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_6,$b_1		# mul_add_c(a[6],b[1],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_7,$b_0		# mul_add_c(a[7],b[0],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_7,$b_1		# mul_add_c(a[7],b[1],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,7*$BNSZ($a0)	# r[7]=c2;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_6,$b_2		# mul_add_c(a[6],b[2],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_5,$b_3		# mul_add_c(a[5],b[3],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_4,$b_4		# mul_add_c(a[4],b[4],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_3,$b_5		# mul_add_c(a[3],b[5],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_2,$b_6		# mul_add_c(a[2],b[6],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_1,$b_7		# mul_add_c(a[1],b[7],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_2,$b_7		# mul_add_c(a[2],b[7],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,8*$BNSZ($a0)	# r[8]=c3;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_3,$b_6		# mul_add_c(a[3],b[6],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$c_3,$c_2,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_4,$b_5		# mul_add_c(a[4],b[5],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_5,$b_4		# mul_add_c(a[5],b[4],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_6,$b_3		# mul_add_c(a[6],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_7,$b_2		# mul_add_c(a[7],b[2],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_7,$b_3		# mul_add_c(a[7],b[3],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,9*$BNSZ($a0)	# r[9]=c1;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_6,$b_4		# mul_add_c(a[6],b[4],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_5,$b_5		# mul_add_c(a[5],b[5],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_4,$b_6		# mul_add_c(a[4],b[6],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_3,$b_7		# mul_add_c(a[3],b[7],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_4,$b_7		# mul_add_c(a[4],b[7],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,10*$BNSZ($a0)	# r[10]=c2;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_5,$b_6		# mul_add_c(a[5],b[6],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_6,$b_5		# mul_add_c(a[6],b[5],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_7,$b_4		# mul_add_c(a[7],b[4],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_7,$b_5		# mul_add_c(a[7],b[5],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,11*$BNSZ($a0)	# r[11]=c3;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_6,$b_6		# mul_add_c(a[6],b[6],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$c_3,$c_2,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_5,$b_7		# mul_add_c(a[5],b[7],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_6,$b_7		# mul_add_c(a[6],b[7],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,12*$BNSZ($a0)	# r[12]=c1;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_7,$b_6		# mul_add_c(a[7],b[6],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_7,$b_7		# mul_add_c(a[7],b[7],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,13*$BNSZ($a0)	# r[13]=c2;
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	$ST	$c_3,14*$BNSZ($a0)	# r[14]=c3;
-	$ST	$c_1,15*$BNSZ($a0)	# r[15]=c1;
-
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s5,10*$SZREG($sp)
-	$REG_L	$s4,9*$SZREG($sp)
-	$REG_L	$s3,8*$SZREG($sp)
-	$REG_L	$s2,7*$SZREG($sp)
-	$REG_L	$s1,6*$SZREG($sp)
-	$REG_L	$s0,5*$SZREG($sp)
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	jr	$ra
-	$PTR_ADD $sp,12*$SZREG
-___
-$code.=<<___ if ($flavour !~ /nubi/i);
-	$REG_L	$s5,5*$SZREG($sp)
-	$REG_L	$s4,4*$SZREG($sp)
-	$REG_L	$s3,3*$SZREG($sp)
-	$REG_L	$s2,2*$SZREG($sp)
-	$REG_L	$s1,1*$SZREG($sp)
-	$REG_L	$s0,0*$SZREG($sp)
-	jr	$ra
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-.end	bn_mul_comba8
-
-.align	5
-.globl	bn_mul_comba4
-.ent	bn_mul_comba4
-bn_mul_comba4:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	$LD	$a_0,0($a1)
-	$LD	$b_0,0($a2)
-	$LD	$a_1,$BNSZ($a1)
-	$LD	$a_2,2*$BNSZ($a1)
-	$MULTU	$a_0,$b_0		# mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	$a_3,3*$BNSZ($a1)
-	$LD	$b_1,$BNSZ($a2)
-	$LD	$b_2,2*$BNSZ($a2)
-	$LD	$b_3,3*$BNSZ($a2)
-	mflo	$c_1
-	mfhi	$c_2
-	$ST	$c_1,0($a0)
-
-	$MULTU	$a_0,$b_1		# mul_add_c(a[0],b[1],c2,c3,c1);
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_1,$b_0		# mul_add_c(a[1],b[0],c2,c3,c1);
-	$ADDU	$c_3,$t_2,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_2,$b_0		# mul_add_c(a[2],b[0],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	$ST	$c_2,$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_1,$b_1		# mul_add_c(a[1],b[1],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_0,$b_2		# mul_add_c(a[0],b[2],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_0,$b_3		# mul_add_c(a[0],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,2*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_1,$b_2		# mul_add_c(a[1],b[2],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$c_3,$c_2,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_2,$b_1		# mul_add_c(a[2],b[1],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$MULTU	$a_3,$b_0		# mul_add_c(a[3],b[0],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_3,$b_1		# mul_add_c(a[3],b[1],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,3*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_2,$b_2		# mul_add_c(a[2],b[2],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$c_1,$c_3,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$MULTU	$a_1,$b_3		# mul_add_c(a[1],b[3],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_2,$b_3		# mul_add_c(a[2],b[3],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,4*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$MULTU	$a_3,$b_2		# mul_add_c(a[3],b[2],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$c_2,$c_1,$t_2
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_3,$b_3		# mul_add_c(a[3],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,5*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	$ST	$c_1,6*$BNSZ($a0)
-	$ST	$c_2,7*$BNSZ($a0)
-
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	nop
-.end	bn_mul_comba4
-___
-
-($a_4,$a_5,$a_6,$a_7)=($b_0,$b_1,$b_2,$b_3);
-
-sub add_c2 () {
-my ($hi,$lo,$c0,$c1,$c2,
-    $warm,      # !$warm denotes first call with specific sequence of
-                # $c_[XYZ] when there is no Z-carry to accumulate yet;
-    $an,$bn     # these two are arguments for multiplication which
-                # result is used in *next* step [which is why it's
-                # commented as "forward multiplication" below];
-    )=@_;
-$code.=<<___;
-	mflo	$lo
-	mfhi	$hi
-	$ADDU	$c0,$lo
-	sltu	$at,$c0,$lo
-	 $MULTU	$an,$bn			# forward multiplication
-	$ADDU	$c0,$lo
-	$ADDU	$at,$hi
-	sltu	$lo,$c0,$lo
-	$ADDU	$c1,$at
-	$ADDU	$hi,$lo
-___
-$code.=<<___	if (!$warm);
-	sltu	$c2,$c1,$at
-	$ADDU	$c1,$hi
-	sltu	$hi,$c1,$hi
-	$ADDU	$c2,$hi
-___
-$code.=<<___	if ($warm);
-	sltu	$at,$c1,$at
-	$ADDU	$c1,$hi
-	$ADDU	$c2,$at
-	sltu	$hi,$c1,$hi
-	$ADDU	$c2,$hi
-___
-}
-
-$code.=<<___;
-
-.align	5
-.globl	bn_sqr_comba8
-.ent	bn_sqr_comba8
-bn_sqr_comba8:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	$LD	$a_0,0($a1)
-	$LD	$a_1,$BNSZ($a1)
-	$LD	$a_2,2*$BNSZ($a1)
-	$LD	$a_3,3*$BNSZ($a1)
-
-	$MULTU	$a_0,$a_0		# mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	$a_4,4*$BNSZ($a1)
-	$LD	$a_5,5*$BNSZ($a1)
-	$LD	$a_6,6*$BNSZ($a1)
-	$LD	$a_7,7*$BNSZ($a1)
-	mflo	$c_1
-	mfhi	$c_2
-	$ST	$c_1,0($a0)
-
-	$MULTU	$a_0,$a_1		# mul_add_c2(a[0],b[1],c2,c3,c1);
-	mflo	$t_1
-	mfhi	$t_2
-	slt	$c_1,$t_2,$zero
-	$SLL	$t_2,1
-	 $MULTU	$a_2,$a_0		# mul_add_c2(a[2],b[0],c3,c1,c2);
-	slt	$a2,$t_1,$zero
-	$ADDU	$t_2,$a2
-	$SLL	$t_1,1
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$ADDU	$c_3,$t_2,$at
-	$ST	$c_2,$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_1,$a_1);		# mul_add_c(a[1],b[1],c3,c1,c2);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_0,$a_3		# mul_add_c2(a[0],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,2*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
-		$a_1,$a_2);		# mul_add_c2(a[1],b[2],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_4,$a_0);		# mul_add_c2(a[4],b[0],c2,c3,c1);
-$code.=<<___;
-	$ST	$c_1,3*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
-		$a_3,$a_1);		# mul_add_c2(a[3],b[1],c2,c3,c1);
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
-		$a_2,$a_2);		# mul_add_c(a[2],b[2],c2,c3,c1);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_0,$a_5		# mul_add_c2(a[0],b[5],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,4*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_1,$a_4);		# mul_add_c2(a[1],b[4],c3,c1,c2);
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
-		$a_2,$a_3);		# mul_add_c2(a[2],b[3],c3,c1,c2);
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
-		$a_6,$a_0);		# mul_add_c2(a[6],b[0],c1,c2,c3);
-$code.=<<___;
-	$ST	$c_3,5*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
-		$a_5,$a_1);		# mul_add_c2(a[5],b[1],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_4,$a_2);		# mul_add_c2(a[4],b[2],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_3,$a_3);		# mul_add_c(a[3],b[3],c1,c2,c3);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_0,$a_7		# mul_add_c2(a[0],b[7],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,6*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
-		$a_1,$a_6);		# mul_add_c2(a[1],b[6],c2,c3,c1);
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
-		$a_2,$a_5);		# mul_add_c2(a[2],b[5],c2,c3,c1);
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
-		$a_3,$a_4);		# mul_add_c2(a[3],b[4],c2,c3,c1);
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
-		$a_7,$a_1);		# mul_add_c2(a[7],b[1],c3,c1,c2);
-$code.=<<___;
-	$ST	$c_2,7*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_6,$a_2);		# mul_add_c2(a[6],b[2],c3,c1,c2);
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
-		$a_5,$a_3);		# mul_add_c2(a[5],b[3],c3,c1,c2);
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
-		$a_4,$a_4);		# mul_add_c(a[4],b[4],c3,c1,c2);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_2,$a_7		# mul_add_c2(a[2],b[7],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,8*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
-		$a_3,$a_6);		# mul_add_c2(a[3],b[6],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_4,$a_5);		# mul_add_c2(a[4],b[5],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_7,$a_3);		# mul_add_c2(a[7],b[3],c2,c3,c1);
-$code.=<<___;
-	$ST	$c_1,9*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
-		$a_6,$a_4);		# mul_add_c2(a[6],b[4],c2,c3,c1);
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
-		$a_5,$a_5);		# mul_add_c(a[5],b[5],c2,c3,c1);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_4,$a_7		# mul_add_c2(a[4],b[7],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,10*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_5,$a_6);		# mul_add_c2(a[5],b[6],c3,c1,c2);
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
-		$a_7,$a_5);		# mul_add_c2(a[7],b[5],c1,c2,c3);
-$code.=<<___;
-	$ST	$c_3,11*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
-		$a_6,$a_6);		# mul_add_c(a[6],b[6],c1,c2,c3);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	 $MULTU	$a_6,$a_7		# mul_add_c2(a[6],b[7],c2,c3,c1);
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	sltu	$at,$c_2,$t_2
-	$ADDU	$c_3,$at
-	$ST	$c_1,12*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
-		$a_7,$a_7);		# mul_add_c(a[7],b[7],c3,c1,c2);
-$code.=<<___;
-	$ST	$c_2,13*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	$ST	$c_3,14*$BNSZ($a0)
-	$ST	$c_1,15*$BNSZ($a0)
-
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	nop
-.end	bn_sqr_comba8
-
-.align	5
-.globl	bn_sqr_comba4
-.ent	bn_sqr_comba4
-bn_sqr_comba4:
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	.frame	$sp,6*$SZREG,$ra
-	.mask	0x8000f008,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,6*$SZREG
-	$REG_S	$ra,5*$SZREG($sp)
-	$REG_S	$t3,4*$SZREG($sp)
-	$REG_S	$t2,3*$SZREG($sp)
-	$REG_S	$t1,2*$SZREG($sp)
-	$REG_S	$t0,1*$SZREG($sp)
-	$REG_S	$gp,0*$SZREG($sp)
-___
-$code.=<<___;
-	.set	reorder
-	$LD	$a_0,0($a1)
-	$LD	$a_1,$BNSZ($a1)
-	$MULTU	$a_0,$a_0		# mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	$a_2,2*$BNSZ($a1)
-	$LD	$a_3,3*$BNSZ($a1)
-	mflo	$c_1
-	mfhi	$c_2
-	$ST	$c_1,0($a0)
-
-	$MULTU	$a_0,$a_1		# mul_add_c2(a[0],b[1],c2,c3,c1);
-	mflo	$t_1
-	mfhi	$t_2
-	slt	$c_1,$t_2,$zero
-	$SLL	$t_2,1
-	 $MULTU	$a_2,$a_0		# mul_add_c2(a[2],b[0],c3,c1,c2);
-	slt	$a2,$t_1,$zero
-	$ADDU	$t_2,$a2
-	$SLL	$t_1,1
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	$ADDU	$c_3,$t_2,$at
-	$ST	$c_2,$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_1,$a_1);		# mul_add_c(a[1],b[1],c3,c1,c2);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_3,$t_1
-	sltu	$at,$c_3,$t_1
-	 $MULTU	$a_0,$a_3		# mul_add_c2(a[0],b[3],c1,c2,c3);
-	$ADDU	$t_2,$at
-	$ADDU	$c_1,$t_2
-	sltu	$at,$c_1,$t_2
-	$ADDU	$c_2,$at
-	$ST	$c_3,2*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
-		$a_1,$a_2);		# mul_add_c2(a2[1],b[2],c1,c2,c3);
-	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
-		$a_3,$a_1);		# mul_add_c2(a[3],b[1],c2,c3,c1);
-$code.=<<___;
-	$ST	$c_1,3*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
-		$a_2,$a_2);		# mul_add_c(a[2],b[2],c2,c3,c1);
-$code.=<<___;
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_2,$t_1
-	sltu	$at,$c_2,$t_1
-	 $MULTU	$a_2,$a_3		# mul_add_c2(a[2],b[3],c3,c1,c2);
-	$ADDU	$t_2,$at
-	$ADDU	$c_3,$t_2
-	sltu	$at,$c_3,$t_2
-	$ADDU	$c_1,$at
-	$ST	$c_2,4*$BNSZ($a0)
-___
-	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
-		$a_3,$a_3);		# mul_add_c(a[3],b[3],c1,c2,c3);
-$code.=<<___;
-	$ST	$c_3,5*$BNSZ($a0)
-
-	mflo	$t_1
-	mfhi	$t_2
-	$ADDU	$c_1,$t_1
-	sltu	$at,$c_1,$t_1
-	$ADDU	$t_2,$at
-	$ADDU	$c_2,$t_2
-	$ST	$c_1,6*$BNSZ($a0)
-	$ST	$c_2,7*$BNSZ($a0)
-
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$t3,4*$SZREG($sp)
-	$REG_L	$t2,3*$SZREG($sp)
-	$REG_L	$t1,2*$SZREG($sp)
-	$REG_L	$t0,1*$SZREG($sp)
-	$REG_L	$gp,0*$SZREG($sp)
-	$PTR_ADD $sp,6*$SZREG
-___
-$code.=<<___;
-	jr	$ra
-	nop
-.end	bn_sqr_comba4
-___
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/modexp512-x86_64.pl b/lib/libssl/src/crypto/bn/asm/modexp512-x86_64.pl
deleted file mode 100644
index 43172828353..00000000000
--- a/lib/libssl/src/crypto/bn/asm/modexp512-x86_64.pl
+++ /dev/null
@@ -1,1388 +0,0 @@
-#!/usr/bin/env perl
-#
-# Copyright (c) 2010-2011 Intel Corp.
-#   Author: Vinodh.Gopal@intel.com
-#           Jim Guilford
-#           Erdinc.Ozturk@intel.com
-#           Maxim.Perminov@intel.com
-#
-# More information about algorithm used can be found at:
-#   http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
-#
-# ====================================================================
-# Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-use strict;
-my $code=".text\n\n";
-my $m=0;
-
-#
-# Define x512 macros
-#
-
-#MULSTEP_512_ADD	MACRO	x7, x6, x5, x4, x3, x2, x1, x0, dst, src1, src2, add_src, tmp1, tmp2
-#
-# uses rax, rdx, and args
-sub MULSTEP_512_ADD
-{
- my ($x, $DST, $SRC2, $ASRC, $OP, $TMP)=@_;
- my @X=@$x;	# make a copy
-$code.=<<___;
-	 mov	(+8*0)($SRC2), %rax
-	 mul	$OP			# rdx:rax = %OP * [0]
-	 mov	($ASRC), $X[0]
-	 add	%rax, $X[0]
-	 adc	\$0, %rdx
-	 mov	$X[0], $DST
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
-	 mov	%rdx, $TMP
-
-	 mov	(+8*$i)($SRC2), %rax
-	 mul	$OP			# rdx:rax = %OP * [$i]
-	 mov	(+8*$i)($ASRC), $X[$i]
-	 add	%rax, $X[$i]
-	 adc	\$0, %rdx
-	 add	$TMP, $X[$i]
-	 adc	\$0, %rdx
-___
-}
-$code.=<<___;
-	 mov	%rdx, $X[0]
-___
-}
-
-#MULSTEP_512	MACRO	x7, x6, x5, x4, x3, x2, x1, x0, dst, src2, src1_val, tmp
-#
-# uses rax, rdx, and args
-sub MULSTEP_512
-{
- my ($x, $DST, $SRC2, $OP, $TMP)=@_;
- my @X=@$x;	# make a copy
-$code.=<<___;
-	 mov	(+8*0)($SRC2), %rax
-	 mul	$OP			# rdx:rax = %OP * [0]
-	 add	%rax, $X[0]
-	 adc	\$0, %rdx
-	 mov	$X[0], $DST
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
-	 mov	%rdx, $TMP
-
-	 mov	(+8*$i)($SRC2), %rax
-	 mul	$OP			# rdx:rax = %OP * [$i]
-	 add	%rax, $X[$i]
-	 adc	\$0, %rdx
-	 add	$TMP, $X[$i]
-	 adc	\$0, %rdx
-___
-}
-$code.=<<___;
-	 mov	%rdx, $X[0]
-___
-}
-
-#
-# Swizzle Macros
-#
-
-# macro to copy data from flat space to swizzled table
-#MACRO swizzle	pDst, pSrc, tmp1, tmp2
-# pDst and pSrc are modified
-sub swizzle
-{
- my ($pDst, $pSrc, $cnt, $d0)=@_;
-$code.=<<___;
-	 mov	\$8, $cnt
-loop_$m:
-	 mov	($pSrc), $d0
-	 mov	$d0#w, ($pDst)
-	 shr	\$16, $d0
-	 mov	$d0#w, (+64*1)($pDst)
-	 shr	\$16, $d0
-	 mov	$d0#w, (+64*2)($pDst)
-	 shr	\$16, $d0
-	 mov	$d0#w, (+64*3)($pDst)
-	 lea	8($pSrc), $pSrc
-	 lea	64*4($pDst), $pDst
-	 dec	$cnt
-	 jnz	loop_$m
-___
-
- $m++;
-}
-
-# macro to copy data from swizzled table to  flat space
-#MACRO unswizzle	pDst, pSrc, tmp*3
-sub unswizzle
-{
- my ($pDst, $pSrc, $cnt, $d0, $d1)=@_;
-$code.=<<___;
-	 mov	\$4, $cnt
-loop_$m:
-	 movzxw	(+64*3+256*0)($pSrc), $d0
-	 movzxw	(+64*3+256*1)($pSrc), $d1
-	 shl	\$16, $d0
-	 shl	\$16, $d1
-	 mov	(+64*2+256*0)($pSrc), $d0#w
-	 mov	(+64*2+256*1)($pSrc), $d1#w
-	 shl	\$16, $d0
-	 shl	\$16, $d1
-	 mov	(+64*1+256*0)($pSrc), $d0#w
-	 mov	(+64*1+256*1)($pSrc), $d1#w
-	 shl	\$16, $d0
-	 shl	\$16, $d1
-	 mov	(+64*0+256*0)($pSrc), $d0#w
-	 mov	(+64*0+256*1)($pSrc), $d1#w
-	 mov	$d0, (+8*0)($pDst)
-	 mov	$d1, (+8*1)($pDst)
-	 lea	256*2($pSrc), $pSrc
-	 lea	8*2($pDst), $pDst
-	 sub	\$1, $cnt
-	 jnz	loop_$m
-___
-
- $m++;
-}
-
-#
-# Data Structures
-#
-
-# Reduce Data
-#
-#
-# Offset  Value
-# 0C0     Carries
-# 0B8     X2[10]
-# 0B0     X2[9]
-# 0A8     X2[8]
-# 0A0     X2[7]
-# 098     X2[6]
-# 090     X2[5]
-# 088     X2[4]
-# 080     X2[3]
-# 078     X2[2]
-# 070     X2[1]
-# 068     X2[0]
-# 060     X1[12]  P[10]
-# 058     X1[11]  P[9]  Z[8]
-# 050     X1[10]  P[8]  Z[7]
-# 048     X1[9]   P[7]  Z[6]
-# 040     X1[8]   P[6]  Z[5]
-# 038     X1[7]   P[5]  Z[4]
-# 030     X1[6]   P[4]  Z[3]
-# 028     X1[5]   P[3]  Z[2]
-# 020     X1[4]   P[2]  Z[1]
-# 018     X1[3]   P[1]  Z[0]
-# 010     X1[2]   P[0]  Y[2]
-# 008     X1[1]   Q[1]  Y[1]
-# 000     X1[0]   Q[0]  Y[0]
-
-my $X1_offset           =  0;			# 13 qwords
-my $X2_offset           =  $X1_offset + 13*8;			# 11 qwords
-my $Carries_offset      =  $X2_offset + 11*8;			# 1 qword
-my $Q_offset            =  0;			# 2 qwords
-my $P_offset            =  $Q_offset + 2*8;			# 11 qwords
-my $Y_offset            =  0;			# 3 qwords
-my $Z_offset            =  $Y_offset + 3*8;			# 9 qwords
-
-my $Red_Data_Size       =  $Carries_offset + 1*8;			# (25 qwords)
-
-#
-# Stack Frame
-#
-#
-# offset	value
-# ...		<old stack contents>
-# ...
-# 280		Garray
-
-# 278		tmp16[15]
-# ...		...
-# 200		tmp16[0]
-
-# 1F8		tmp[7]
-# ...		...
-# 1C0		tmp[0]
-
-# 1B8		GT[7]
-# ...		...
-# 180		GT[0]
-
-# 178		Reduce Data
-# ...		...
-# 0B8		Reduce Data
-# 0B0		reserved
-# 0A8		reserved
-# 0A0		reserved
-# 098		reserved
-# 090		reserved
-# 088		reduce result addr
-# 080		exp[8]
-
-# ...
-# 048		exp[1]
-# 040		exp[0]
-
-# 038		reserved
-# 030		loop_idx
-# 028		pg
-# 020		i
-# 018		pData	; arg 4
-# 010		pG	; arg 2
-# 008		pResult	; arg 1
-# 000		rsp	; stack pointer before subtract
-
-my $rsp_offset          =  0;
-my $pResult_offset      =  8*1 + $rsp_offset;
-my $pG_offset           =  8*1 + $pResult_offset;
-my $pData_offset        =  8*1 + $pG_offset;
-my $i_offset            =  8*1 + $pData_offset;
-my $pg_offset           =  8*1 + $i_offset;
-my $loop_idx_offset     =  8*1 + $pg_offset;
-my $reserved1_offset    =  8*1 + $loop_idx_offset;
-my $exp_offset          =  8*1 + $reserved1_offset;
-my $red_result_addr_offset=  8*9 + $exp_offset;
-my $reserved2_offset    =  8*1 + $red_result_addr_offset;
-my $Reduce_Data_offset  =  8*5 + $reserved2_offset;
-my $GT_offset           =  $Red_Data_Size + $Reduce_Data_offset;
-my $tmp_offset          =  8*8 + $GT_offset;
-my $tmp16_offset        =  8*8 + $tmp_offset;
-my $garray_offset       =  8*16 + $tmp16_offset;
-my $mem_size            =  8*8*32 + $garray_offset;
-
-#
-# Offsets within Reduce Data
-#
-#
-#	struct MODF_2FOLD_MONT_512_C1_DATA {
-#	UINT64 t[8][8];
-#	UINT64 m[8];
-#	UINT64 m1[8]; /* 2^768 % m */
-#	UINT64 m2[8]; /* 2^640 % m */
-#	UINT64 k1[2]; /* (- 1/m) % 2^128 */
-#	};
-
-my $T                   =  0;
-my $M                   =  512;			# = 8 * 8 * 8
-my $M1                  =  576;			# = 8 * 8 * 9 /* += 8 * 8 */
-my $M2                  =  640;			# = 8 * 8 * 10 /* += 8 * 8 */
-my $K1                  =  704;			# = 8 * 8 * 11 /* += 8 * 8 */
-
-#
-#   FUNCTIONS
-#
-
-{{{
-#
-# MULADD_128x512 : Function to multiply 128-bits (2 qwords) by 512-bits (8 qwords)
-#                       and add 512-bits (8 qwords)
-#                       to get 640 bits (10 qwords)
-# Input: 128-bit mul source: [rdi+8*1], rbp
-#        512-bit mul source: [rsi+8*n]
-#        512-bit add source: r15, r14, ..., r9, r8
-# Output: r9, r8, r15, r14, r13, r12, r11, r10, [rcx+8*1], [rcx+8*0]
-# Clobbers all regs except: rcx, rsi, rdi
-$code.=<<___;
-.type	MULADD_128x512,\@abi-omnipotent
-.align	16
-MULADD_128x512:
-___
-	&MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx");
-$code.=<<___;
-	 mov	(+8*1)(%rdi), %rbp
-___
-	&MULSTEP_512([map("%r$_",(9..15,8))], "(+8*1)(%rcx)", "%rsi", "%rbp", "%rbx");
-$code.=<<___;
-	 ret
-.size	MULADD_128x512,.-MULADD_128x512
-___
-}}}
-
-{{{
-#MULADD_256x512	MACRO	pDst, pA, pB, OP, TMP, X7, X6, X5, X4, X3, X2, X1, X0
-#
-# Inputs: pDst: Destination  (768 bits, 12 qwords)
-#         pA:   Multiplicand (1024 bits, 16 qwords)
-#         pB:   Multiplicand (512 bits, 8 qwords)
-# Dst = Ah * B + Al
-# where Ah is (in qwords) A[15:12] (256 bits) and Al is A[7:0] (512 bits)
-# Results in X3 X2 X1 X0 X7 X6 X5 X4 Dst[3:0]
-# Uses registers: arguments, RAX, RDX
-sub MULADD_256x512
-{
- my ($pDst, $pA, $pB, $OP, $TMP, $X)=@_;
-$code.=<<___;
-	mov	(+8*12)($pA), $OP
-___
-	&MULSTEP_512_ADD($X, "(+8*0)($pDst)", $pB, $pA, $OP, $TMP);
-	push(@$X,shift(@$X));
-
-$code.=<<___;
-	 mov	(+8*13)($pA), $OP
-___
-	&MULSTEP_512($X, "(+8*1)($pDst)", $pB, $OP, $TMP);
-	push(@$X,shift(@$X));
-
-$code.=<<___;
-	 mov	(+8*14)($pA), $OP
-___
-	&MULSTEP_512($X, "(+8*2)($pDst)", $pB, $OP, $TMP);
-	push(@$X,shift(@$X));
-
-$code.=<<___;
-	 mov	(+8*15)($pA), $OP
-___
-	&MULSTEP_512($X, "(+8*3)($pDst)", $pB, $OP, $TMP);
-	push(@$X,shift(@$X));
-}
-
-#
-# mont_reduce(UINT64 *x,  /* 1024 bits, 16 qwords */
-#	       UINT64 *m,  /*  512 bits,  8 qwords */
-#	       MODF_2FOLD_MONT_512_C1_DATA *data,
-#             UINT64 *r)  /*  512 bits,  8 qwords */
-# Input:  x (number to be reduced): tmp16 (Implicit)
-#         m (modulus):              [pM]  (Implicit)
-#         data (reduce data):       [pData] (Implicit)
-# Output: r (result):		     Address in [red_res_addr]
-#         result also in: r9, r8, r15, r14, r13, r12, r11, r10
-
-my @X=map("%r$_",(8..15));
-
-$code.=<<___;
-.type	mont_reduce,\@abi-omnipotent
-.align	16
-mont_reduce:
-___
-
-my $STACK_DEPTH         =  8;
-	#
-	# X1 = Xh * M1 + Xl
-$code.=<<___;
-	 lea	(+$Reduce_Data_offset+$X1_offset+$STACK_DEPTH)(%rsp), %rdi			# pX1 (Dst) 769 bits, 13 qwords
-	 mov	(+$pData_offset+$STACK_DEPTH)(%rsp), %rsi			# pM1 (Bsrc) 512 bits, 8 qwords
-	 add	\$$M1, %rsi
-	 lea	(+$tmp16_offset+$STACK_DEPTH)(%rsp), %rcx			# X (Asrc) 1024 bits, 16 qwords
-
-___
-
-	&MULADD_256x512("%rdi", "%rcx", "%rsi", "%rbp", "%rbx", \@X);	# rotates @X 4 times
-	# results in r11, r10, r9, r8, r15, r14, r13, r12, X1[3:0]
-
-$code.=<<___;
-	 xor	%rax, %rax
-	# X1 += xl
-	 add	(+8*8)(%rcx), $X[4]
-	 adc	(+8*9)(%rcx), $X[5]
-	 adc	(+8*10)(%rcx), $X[6]
-	 adc	(+8*11)(%rcx), $X[7]
-	 adc	\$0, %rax
-	# X1 is now rax, r11-r8, r15-r12, tmp16[3:0]
-
-	#
-	# check for carry ;; carry stored in rax
-	 mov	$X[4], (+8*8)(%rdi)			# rdi points to X1
-	 mov	$X[5], (+8*9)(%rdi)
-	 mov	$X[6], %rbp
-	 mov	$X[7], (+8*11)(%rdi)
-
-	 mov	%rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
-
-	 mov	(+8*0)(%rdi), $X[4]
-	 mov	(+8*1)(%rdi), $X[5]
-	 mov	(+8*2)(%rdi), $X[6]
-	 mov	(+8*3)(%rdi), $X[7]
-
-	# X1 is now stored in: X1[11], rbp, X1[9:8], r15-r8
-	# rdi -> X1
-	# rsi -> M1
-
-	#
-	# X2 = Xh * M2 + Xl
-	# do first part (X2 = Xh * M2)
-	 add	\$8*10, %rdi			# rdi -> pXh ; 128 bits, 2 qwords
-				#        Xh is actually { [rdi+8*1], rbp }
-	 add	\$`$M2-$M1`, %rsi			# rsi -> M2
-	 lea	(+$Reduce_Data_offset+$X2_offset+$STACK_DEPTH)(%rsp), %rcx			# rcx -> pX2 ; 641 bits, 11 qwords
-___
-	unshift(@X,pop(@X));	unshift(@X,pop(@X));
-$code.=<<___;
-
-	 call	MULADD_128x512			# args in rcx, rdi / rbp, rsi, r15-r8
-	# result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
-	 mov	(+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rax
-
-	# X2 += Xl
-	 add	(+8*8-8*10)(%rdi), $X[6]		# (-8*10) is to adjust rdi -> Xh to Xl
-	 adc	(+8*9-8*10)(%rdi), $X[7]
-	 mov	$X[6], (+8*8)(%rcx)
-	 mov	$X[7], (+8*9)(%rcx)
-
-	 adc	%rax, %rax
-	 mov	%rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
-
-	 lea	(+$Reduce_Data_offset+$Q_offset+$STACK_DEPTH)(%rsp), %rdi			# rdi -> pQ ; 128 bits, 2 qwords
-	 add	\$`$K1-$M2`, %rsi			# rsi -> pK1 ; 128 bits, 2 qwords
-
-	# MUL_128x128t128	rdi, rcx, rsi	; Q = X2 * K1 (bottom half)
-	# B1:B0 = rsi[1:0] = K1[1:0]
-	# A1:A0 = rcx[1:0] = X2[1:0]
-	# Result = rdi[1],rbp = Q[1],rbp
-	 mov	(%rsi), %r8			# B0
-	 mov	(+8*1)(%rsi), %rbx			# B1
-
-	 mov	(%rcx), %rax			# A0
-	 mul	%r8			# B0
-	 mov	%rax, %rbp
-	 mov	%rdx, %r9
-
-	 mov	(+8*1)(%rcx), %rax			# A1
-	 mul	%r8			# B0
-	 add	%rax, %r9
-
-	 mov	(%rcx), %rax			# A0
-	 mul	%rbx			# B1
-	 add	%rax, %r9
-
-	 mov	%r9, (+8*1)(%rdi)
-	# end MUL_128x128t128
-
-	 sub	\$`$K1-$M`, %rsi
-
-	 mov	(%rcx), $X[6]
-	 mov	(+8*1)(%rcx), $X[7]			# r9:r8 = X2[1:0]
-
-	 call	MULADD_128x512			# args in rcx, rdi / rbp, rsi, r15-r8
-	# result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
-
-	# load first half of m to rdx, rdi, rbx, rax
-	# moved this here for efficiency
-	 mov	(+8*0)(%rsi), %rax
-	 mov	(+8*1)(%rsi), %rbx
-	 mov	(+8*2)(%rsi), %rdi
-	 mov	(+8*3)(%rsi), %rdx
-
-	# continue with reduction
-	 mov	(+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rbp
-
-	 add	(+8*8)(%rcx), $X[6]
-	 adc	(+8*9)(%rcx), $X[7]
-
-	#accumulate the final carry to rbp
-	 adc	%rbp, %rbp
-
-	# Add in overflow corrections: R = (X2>>128) += T[overflow]
-	# R = {r9, r8, r15, r14, ..., r10}
-	 shl	\$3, %rbp
-	 mov	(+$pData_offset+$STACK_DEPTH)(%rsp), %rcx			# rsi -> Data (and points to T)
-	 add	%rcx, %rbp			# pT ; 512 bits, 8 qwords, spread out
-
-	# rsi will be used to generate a mask after the addition
-	 xor	%rsi, %rsi
-
-	 add	(+8*8*0)(%rbp), $X[0]
-	 adc	(+8*8*1)(%rbp), $X[1]
-	 adc	(+8*8*2)(%rbp), $X[2]
-	 adc	(+8*8*3)(%rbp), $X[3]
-	 adc	(+8*8*4)(%rbp), $X[4]
-	 adc	(+8*8*5)(%rbp), $X[5]
-	 adc	(+8*8*6)(%rbp), $X[6]
-	 adc	(+8*8*7)(%rbp), $X[7]
-
-	# if there is a carry:	rsi = 0xFFFFFFFFFFFFFFFF
-	# if carry is clear:	rsi = 0x0000000000000000
-	 sbb	\$0, %rsi
-
-	# if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
-	 and	%rsi, %rax
-	 and	%rsi, %rbx
-	 and	%rsi, %rdi
-	 and	%rsi, %rdx
-
-	 mov	\$1, %rbp
-	 sub	%rax, $X[0]
-	 sbb	%rbx, $X[1]
-	 sbb	%rdi, $X[2]
-	 sbb	%rdx, $X[3]
-
-	# if there is a borrow:		rbp = 0
-	# if there is no borrow:	rbp = 1
-	# this is used to save the borrows in between the first half and the 2nd half of the subtraction of m
-	 sbb	\$0, %rbp
-
-	#load second half of m to rdx, rdi, rbx, rax
-
-	 add	\$$M, %rcx
-	 mov	(+8*4)(%rcx), %rax
-	 mov	(+8*5)(%rcx), %rbx
-	 mov	(+8*6)(%rcx), %rdi
-	 mov	(+8*7)(%rcx), %rdx
-
-	# use the rsi mask as before
-	# if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
-	 and	%rsi, %rax
-	 and	%rsi, %rbx
-	 and	%rsi, %rdi
-	 and	%rsi, %rdx
-
-	# if rbp = 0, there was a borrow before, it is moved to the carry flag
-	# if rbp = 1, there was not a borrow before, carry flag is cleared
-	 sub	\$1, %rbp
-
-	 sbb	%rax, $X[4]
-	 sbb	%rbx, $X[5]
-	 sbb	%rdi, $X[6]
-	 sbb	%rdx, $X[7]
-
-	# write R back to memory
-
-	 mov	(+$red_result_addr_offset+$STACK_DEPTH)(%rsp), %rsi
-	 mov	$X[0], (+8*0)(%rsi)
-	 mov	$X[1], (+8*1)(%rsi)
-	 mov	$X[2], (+8*2)(%rsi)
-	 mov	$X[3], (+8*3)(%rsi)
-	 mov	$X[4], (+8*4)(%rsi)
-	 mov	$X[5], (+8*5)(%rsi)
-	 mov	$X[6], (+8*6)(%rsi)
-	 mov	$X[7], (+8*7)(%rsi)
-
-	 ret
-.size	mont_reduce,.-mont_reduce
-___
-}}}
-
-{{{
-#MUL_512x512	MACRO	pDst, pA, pB, x7, x6, x5, x4, x3, x2, x1, x0, tmp*2
-#
-# Inputs: pDst: Destination  (1024 bits, 16 qwords)
-#         pA:   Multiplicand (512 bits, 8 qwords)
-#         pB:   Multiplicand (512 bits, 8 qwords)
-# Uses registers rax, rdx, args
-#   B operand in [pB] and also in x7...x0
-sub MUL_512x512
-{
- my ($pDst, $pA, $pB, $x, $OP, $TMP, $pDst_o)=@_;
- my ($pDst,  $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
- my @X=@$x;	# make a copy
-
-$code.=<<___;
-	 mov	(+8*0)($pA), $OP
-
-	 mov	$X[0], %rax
-	 mul	$OP			# rdx:rax = %OP * [0]
-	 mov	%rax, (+$pDst_o+8*0)($pDst)
-	 mov	%rdx, $X[0]
-___
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
-	 mov	$X[$i], %rax
-	 mul	$OP			# rdx:rax = %OP * [$i]
-	 add	%rax, $X[$i-1]
-	 adc	\$0, %rdx
-	 mov	%rdx, $X[$i]
-___
-}
-
-for(my $i=1;$i<8;$i++) {
-$code.=<<___;
-	 mov	(+8*$i)($pA), $OP
-___
-
-	&MULSTEP_512(\@X, "(+$pDst_o+8*$i)($pDst)", $pB, $OP, $TMP);
-	push(@X,shift(@X));
-}
-
-$code.=<<___;
-	 mov	$X[0], (+$pDst_o+8*8)($pDst)
-	 mov	$X[1], (+$pDst_o+8*9)($pDst)
-	 mov	$X[2], (+$pDst_o+8*10)($pDst)
-	 mov	$X[3], (+$pDst_o+8*11)($pDst)
-	 mov	$X[4], (+$pDst_o+8*12)($pDst)
-	 mov	$X[5], (+$pDst_o+8*13)($pDst)
-	 mov	$X[6], (+$pDst_o+8*14)($pDst)
-	 mov	$X[7], (+$pDst_o+8*15)($pDst)
-___
-}
-
-#
-# mont_mul_a3b : subroutine to compute (Src1 * Src2) % M (all 512-bits)
-# Input:  src1: Address of source 1: rdi
-#         src2: Address of source 2: rsi
-# Output: dst:  Address of destination: [red_res_addr]
-#    src2 and result also in: r9, r8, r15, r14, r13, r12, r11, r10
-# Temp:   Clobbers [tmp16], all registers
-$code.=<<___;
-.type	mont_mul_a3b,\@abi-omnipotent
-.align	16
-mont_mul_a3b:
-	#
-	# multiply tmp = src1 * src2
-	# For multiply: dst = rcx, src1 = rdi, src2 = rsi
-	# stack depth is extra 8 from call
-___
-	&MUL_512x512("%rsp+$tmp16_offset+8", "%rdi", "%rsi", [map("%r$_",(10..15,8..9))], "%rbp", "%rbx");
-$code.=<<___;
-	#
-	# Dst = tmp % m
-	# Call reduce(tmp, m, data, dst)
-
-	# tail recursion optimization: jmp to mont_reduce and return from there
-	 jmp	mont_reduce
-	# call	mont_reduce
-	# ret
-.size	mont_mul_a3b,.-mont_mul_a3b
-___
-}}}
-
-{{{
-#SQR_512 MACRO pDest, pA, x7, x6, x5, x4, x3, x2, x1, x0, tmp*4
-#
-# Input in memory [pA] and also in x7...x0
-# Uses all argument registers plus rax and rdx
-#
-# This version computes all of the off-diagonal terms into memory,
-# and then it adds in the diagonal terms
-
-sub SQR_512
-{
- my ($pDst, $pA, $x, $A, $tmp, $x7, $x6, $pDst_o)=@_;
- my ($pDst,  $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
- my @X=@$x;	# make a copy
-$code.=<<___;
-	# ------------------
-	# first pass 01...07
-	# ------------------
-	 mov	$X[0], $A
-
-	 mov	$X[1],%rax
-	 mul	$A
-	 mov	%rax, (+$pDst_o+8*1)($pDst)
-___
-for(my $i=2;$i<8;$i++) {
-$code.=<<___;
-	 mov	%rdx, $X[$i-2]
-	 mov	$X[$i],%rax
-	 mul	$A
-	 add	%rax, $X[$i-2]
-	 adc	\$0, %rdx
-___
-}
-$code.=<<___;
-	 mov	%rdx, $x7
-
-	 mov	$X[0], (+$pDst_o+8*2)($pDst)
-
-	# ------------------
-	# second pass 12...17
-	# ------------------
-
-	 mov	(+8*1)($pA), $A
-
-	 mov	(+8*2)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[1]
-	 adc	\$0, %rdx
-	 mov	$X[1], (+$pDst_o+8*3)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*3)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[2]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[2]
-	 adc	\$0, %rdx
-	 mov	$X[2], (+$pDst_o+8*4)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*4)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[3]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[3]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*5)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[4]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[4]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	$X[6],%rax
-	 mul	$A
-	 add	%rax, $X[5]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[5]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $x7
-	 adc	\$0, %rdx
-	 add	$X[0], $x7
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[1]
-
-	# ------------------
-	# third pass 23...27
-	# ------------------
-	 mov	(+8*2)($pA), $A
-
-	 mov	(+8*3)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[3]
-	 adc	\$0, %rdx
-	 mov	$X[3], (+$pDst_o+8*5)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*4)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[4]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[4]
-	 adc	\$0, %rdx
-	 mov	$X[4], (+$pDst_o+8*6)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*5)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[5]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[5]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	$X[6],%rax
-	 mul	$A
-	 add	%rax, $x7
-	 adc	\$0, %rdx
-	 add	$X[0], $x7
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $X[1]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[1]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[2]
-
-	# ------------------
-	# fourth pass 34...37
-	# ------------------
-
-	 mov	(+8*3)($pA), $A
-
-	 mov	(+8*4)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[5]
-	 adc	\$0, %rdx
-	 mov	$X[5], (+$pDst_o+8*7)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	(+8*5)($pA),%rax
-	 mul	$A
-	 add	%rax, $x7
-	 adc	\$0, %rdx
-	 add	$X[0], $x7
-	 adc	\$0, %rdx
-	 mov	$x7, (+$pDst_o+8*8)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	$X[6],%rax
-	 mul	$A
-	 add	%rax, $X[1]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[1]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[0]
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $X[2]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[2]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[5]
-
-	# ------------------
-	# fifth pass 45...47
-	# ------------------
-	 mov	(+8*4)($pA), $A
-
-	 mov	(+8*5)($pA),%rax
-	 mul	$A
-	 add	%rax, $X[1]
-	 adc	\$0, %rdx
-	 mov	$X[1], (+$pDst_o+8*9)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	$X[6],%rax
-	 mul	$A
-	 add	%rax, $X[2]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[2]
-	 adc	\$0, %rdx
-	 mov	$X[2], (+$pDst_o+8*10)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $X[5]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[5]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $X[1]
-
-	# ------------------
-	# sixth pass 56...57
-	# ------------------
-	 mov	(+8*5)($pA), $A
-
-	 mov	$X[6],%rax
-	 mul	$A
-	 add	%rax, $X[5]
-	 adc	\$0, %rdx
-	 mov	$X[5], (+$pDst_o+8*11)($pDst)
-
-	 mov	%rdx, $X[0]
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $X[1]
-	 adc	\$0, %rdx
-	 add	$X[0], $X[1]
-	 adc	\$0, %rdx
-	 mov	$X[1], (+$pDst_o+8*12)($pDst)
-
-	 mov	%rdx, $X[2]
-
-	# ------------------
-	# seventh pass 67
-	# ------------------
-	 mov	$X[6], $A
-
-	 mov	$X[7],%rax
-	 mul	$A
-	 add	%rax, $X[2]
-	 adc	\$0, %rdx
-	 mov	$X[2], (+$pDst_o+8*13)($pDst)
-
-	 mov	%rdx, (+$pDst_o+8*14)($pDst)
-
-	# start finalize (add	in squares, and double off-terms)
-	 mov	(+$pDst_o+8*1)($pDst), $X[0]
-	 mov	(+$pDst_o+8*2)($pDst), $X[1]
-	 mov	(+$pDst_o+8*3)($pDst), $X[2]
-	 mov	(+$pDst_o+8*4)($pDst), $X[3]
-	 mov	(+$pDst_o+8*5)($pDst), $X[4]
-	 mov	(+$pDst_o+8*6)($pDst), $X[5]
-
-	 mov	(+8*3)($pA), %rax
-	 mul	%rax
-	 mov	%rax, $x6
-	 mov	%rdx, $X[6]
-
-	 add	$X[0], $X[0]
-	 adc	$X[1], $X[1]
-	 adc	$X[2], $X[2]
-	 adc	$X[3], $X[3]
-	 adc	$X[4], $X[4]
-	 adc	$X[5], $X[5]
-	 adc	\$0, $X[6]
-
-	 mov	(+8*0)($pA), %rax
-	 mul	%rax
-	 mov	%rax, (+$pDst_o+8*0)($pDst)
-	 mov	%rdx, $A
-
-	 mov	(+8*1)($pA), %rax
-	 mul	%rax
-
-	 add	$A, $X[0]
-	 adc	%rax, $X[1]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $A
-	 mov	$X[0], (+$pDst_o+8*1)($pDst)
-	 mov	$X[1], (+$pDst_o+8*2)($pDst)
-
-	 mov	(+8*2)($pA), %rax
-	 mul	%rax
-
-	 add	$A, $X[2]
-	 adc	%rax, $X[3]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $A
-
-	 mov	$X[2], (+$pDst_o+8*3)($pDst)
-	 mov	$X[3], (+$pDst_o+8*4)($pDst)
-
-	 xor	$tmp, $tmp
-	 add	$A, $X[4]
-	 adc	$x6, $X[5]
-	 adc	\$0, $tmp
-
-	 mov	$X[4], (+$pDst_o+8*5)($pDst)
-	 mov	$X[5], (+$pDst_o+8*6)($pDst)
-
-	# %%tmp has 0/1 in column 7
-	# %%A6 has a full value in column 7
-
-	 mov	(+$pDst_o+8*7)($pDst), $X[0]
-	 mov	(+$pDst_o+8*8)($pDst), $X[1]
-	 mov	(+$pDst_o+8*9)($pDst), $X[2]
-	 mov	(+$pDst_o+8*10)($pDst), $X[3]
-	 mov	(+$pDst_o+8*11)($pDst), $X[4]
-	 mov	(+$pDst_o+8*12)($pDst), $X[5]
-	 mov	(+$pDst_o+8*13)($pDst), $x6
-	 mov	(+$pDst_o+8*14)($pDst), $x7
-
-	 mov	$X[7], %rax
-	 mul	%rax
-	 mov	%rax, $X[7]
-	 mov	%rdx, $A
-
-	 add	$X[0], $X[0]
-	 adc	$X[1], $X[1]
-	 adc	$X[2], $X[2]
-	 adc	$X[3], $X[3]
-	 adc	$X[4], $X[4]
-	 adc	$X[5], $X[5]
-	 adc	$x6, $x6
-	 adc	$x7, $x7
-	 adc	\$0, $A
-
-	 add	$tmp, $X[0]
-
-	 mov	(+8*4)($pA), %rax
-	 mul	%rax
-
-	 add	$X[6], $X[0]
-	 adc	%rax, $X[1]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $tmp
-
-	 mov	$X[0], (+$pDst_o+8*7)($pDst)
-	 mov	$X[1], (+$pDst_o+8*8)($pDst)
-
-	 mov	(+8*5)($pA), %rax
-	 mul	%rax
-
-	 add	$tmp, $X[2]
-	 adc	%rax, $X[3]
-	 adc	\$0, %rdx
-
-	 mov	%rdx, $tmp
-
-	 mov	$X[2], (+$pDst_o+8*9)($pDst)
-	 mov	$X[3], (+$pDst_o+8*10)($pDst)
-
-	 mov	(+8*6)($pA), %rax
-	 mul	%rax
-
-	 add	$tmp, $X[4]
-	 adc	%rax, $X[5]
-	 adc	\$0, %rdx
-
-	 mov	$X[4], (+$pDst_o+8*11)($pDst)
-	 mov	$X[5], (+$pDst_o+8*12)($pDst)
-
-	 add	%rdx, $x6
-	 adc	$X[7], $x7
-	 adc	\$0, $A
-
-	 mov	$x6, (+$pDst_o+8*13)($pDst)
-	 mov	$x7, (+$pDst_o+8*14)($pDst)
-	 mov	$A, (+$pDst_o+8*15)($pDst)
-___
-}
-
-#
-# sqr_reduce: subroutine to compute Result = reduce(Result * Result)
-#
-# input and result also in: r9, r8, r15, r14, r13, r12, r11, r10
-#
-$code.=<<___;
-.type	sqr_reduce,\@abi-omnipotent
-.align	16
-sqr_reduce:
-	 mov	(+$pResult_offset+8)(%rsp), %rcx
-___
-	&SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi");
-$code.=<<___;
-	# tail recursion optimization: jmp to mont_reduce and return from there
-	 jmp	mont_reduce
-	# call	mont_reduce
-	# ret
-.size	sqr_reduce,.-sqr_reduce
-___
-}}}
-
-#
-# MAIN FUNCTION
-#
-
-#mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
-#           UINT64 *g,   /* 512 bits, 8 qwords */
-#           UINT64 *exp, /* 512 bits, 8 qwords */
-#           struct mod_ctx_512 *data)
-
-# window size = 5
-# table size = 2^5 = 32
-#table_entries	equ	32
-#table_size	equ	table_entries * 8
-$code.=<<___;
-.globl	mod_exp_512
-.type	mod_exp_512,\@function,4
-mod_exp_512:
-	 push	%rbp
-	 push	%rbx
-	 push	%r12
-	 push	%r13
-	 push	%r14
-	 push	%r15
-
-	# adjust stack down and then align it with cache boundary
-	 mov	%rsp, %r8
-	 sub	\$$mem_size, %rsp
-	 and	\$-64, %rsp
-
-	# store previous stack pointer and arguments
-	 mov	%r8, (+$rsp_offset)(%rsp)
-	 mov	%rdi, (+$pResult_offset)(%rsp)
-	 mov	%rsi, (+$pG_offset)(%rsp)
-	 mov	%rcx, (+$pData_offset)(%rsp)
-.Lbody:
-	# transform g into montgomery space
-	# GT = reduce(g * C2) = reduce(g * (2^256))
-	# reduce expects to have the input in [tmp16]
-	 pxor	%xmm4, %xmm4
-	 movdqu	(+16*0)(%rsi), %xmm0
-	 movdqu	(+16*1)(%rsi), %xmm1
-	 movdqu	(+16*2)(%rsi), %xmm2
-	 movdqu	(+16*3)(%rsi), %xmm3
-	 movdqa	%xmm4, (+$tmp16_offset+16*0)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*1)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*6)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*7)(%rsp)
-	 movdqa	%xmm0, (+$tmp16_offset+16*2)(%rsp)
-	 movdqa	%xmm1, (+$tmp16_offset+16*3)(%rsp)
-	 movdqa	%xmm2, (+$tmp16_offset+16*4)(%rsp)
-	 movdqa	%xmm3, (+$tmp16_offset+16*5)(%rsp)
-
-	# load pExp before rdx gets blown away
-	 movdqu	(+16*0)(%rdx), %xmm0
-	 movdqu	(+16*1)(%rdx), %xmm1
-	 movdqu	(+16*2)(%rdx), %xmm2
-	 movdqu	(+16*3)(%rdx), %xmm3
-
-	 lea	(+$GT_offset)(%rsp), %rbx
-	 mov	%rbx, (+$red_result_addr_offset)(%rsp)
-	 call	mont_reduce
-
-	# Initialize tmp = C
-	 lea	(+$tmp_offset)(%rsp), %rcx
-	 xor	%rax, %rax
-	 mov	%rax, (+8*0)(%rcx)
-	 mov	%rax, (+8*1)(%rcx)
-	 mov	%rax, (+8*3)(%rcx)
-	 mov	%rax, (+8*4)(%rcx)
-	 mov	%rax, (+8*5)(%rcx)
-	 mov	%rax, (+8*6)(%rcx)
-	 mov	%rax, (+8*7)(%rcx)
-	 mov	%rax, (+$exp_offset+8*8)(%rsp)
-	 movq	\$1, (+8*2)(%rcx)
-
-	 lea	(+$garray_offset)(%rsp), %rbp
-	 mov	%rcx, %rsi			# pTmp
-	 mov	%rbp, %rdi			# Garray[][0]
-___
-
-	&swizzle("%rdi", "%rcx", "%rax", "%rbx");
-
-	# for (rax = 31; rax != 0; rax--) {
-	#     tmp = reduce(tmp * G)
-	#     swizzle(pg, tmp);
-	#     pg += 2; }
-$code.=<<___;
-	 mov	\$31, %rax
-	 mov	%rax, (+$i_offset)(%rsp)
-	 mov	%rbp, (+$pg_offset)(%rsp)
-	# rsi -> pTmp
-	 mov	%rsi, (+$red_result_addr_offset)(%rsp)
-	 mov	(+8*0)(%rsi), %r10
-	 mov	(+8*1)(%rsi), %r11
-	 mov	(+8*2)(%rsi), %r12
-	 mov	(+8*3)(%rsi), %r13
-	 mov	(+8*4)(%rsi), %r14
-	 mov	(+8*5)(%rsi), %r15
-	 mov	(+8*6)(%rsi), %r8
-	 mov	(+8*7)(%rsi), %r9
-init_loop:
-	 lea	(+$GT_offset)(%rsp), %rdi
-	 call	mont_mul_a3b
-	 lea	(+$tmp_offset)(%rsp), %rsi
-	 mov	(+$pg_offset)(%rsp), %rbp
-	 add	\$2, %rbp
-	 mov	%rbp, (+$pg_offset)(%rsp)
-	 mov	%rsi, %rcx			# rcx = rsi = addr of tmp
-___
-
-	&swizzle("%rbp", "%rcx", "%rax", "%rbx");
-$code.=<<___;
-	 mov	(+$i_offset)(%rsp), %rax
-	 sub	\$1, %rax
-	 mov	%rax, (+$i_offset)(%rsp)
-	 jne	init_loop
-
-	#
-	# Copy exponent onto stack
-	 movdqa	%xmm0, (+$exp_offset+16*0)(%rsp)
-	 movdqa	%xmm1, (+$exp_offset+16*1)(%rsp)
-	 movdqa	%xmm2, (+$exp_offset+16*2)(%rsp)
-	 movdqa	%xmm3, (+$exp_offset+16*3)(%rsp)
-
-
-	#
-	# Do exponentiation
-	# Initialize result to G[exp{511:507}]
-	 mov	(+$exp_offset+62)(%rsp), %eax
-	 mov	%rax, %rdx
-	 shr	\$11, %rax
-	 and	\$0x07FF, %edx
-	 mov	%edx, (+$exp_offset+62)(%rsp)
-	 lea	(+$garray_offset)(%rsp,%rax,2), %rsi
-	 mov	(+$pResult_offset)(%rsp), %rdx
-___
-
-	&unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
-
-	#
-	# Loop variables
-	# rcx = [loop_idx] = index: 510-5 to 0 by 5
-$code.=<<___;
-	 movq	\$505, (+$loop_idx_offset)(%rsp)
-
-	 mov	(+$pResult_offset)(%rsp), %rcx
-	 mov	%rcx, (+$red_result_addr_offset)(%rsp)
-	 mov	(+8*0)(%rcx), %r10
-	 mov	(+8*1)(%rcx), %r11
-	 mov	(+8*2)(%rcx), %r12
-	 mov	(+8*3)(%rcx), %r13
-	 mov	(+8*4)(%rcx), %r14
-	 mov	(+8*5)(%rcx), %r15
-	 mov	(+8*6)(%rcx), %r8
-	 mov	(+8*7)(%rcx), %r9
-	 jmp	sqr_2
-
-main_loop_a3b:
-	 call	sqr_reduce
-	 call	sqr_reduce
-	 call	sqr_reduce
-sqr_2:
-	 call	sqr_reduce
-	 call	sqr_reduce
-
-	#
-	# Do multiply, first look up proper value in Garray
-	 mov	(+$loop_idx_offset)(%rsp), %rcx			# bit index
-	 mov	%rcx, %rax
-	 shr	\$4, %rax			# rax is word pointer
-	 mov	(+$exp_offset)(%rsp,%rax,2), %edx
-	 and	\$15, %rcx
-	 shrq	%cl, %rdx
-	 and	\$0x1F, %rdx
-
-	 lea	(+$garray_offset)(%rsp,%rdx,2), %rsi
-	 lea	(+$tmp_offset)(%rsp), %rdx
-	 mov	%rdx, %rdi
-___
-
-	&unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
-	# rdi = tmp = pG
-
-	#
-	# Call mod_mul_a1(pDst,  pSrc1, pSrc2, pM, pData)
-	#                 result result pG     M   Data
-$code.=<<___;
-	 mov	(+$pResult_offset)(%rsp), %rsi
-	 call	mont_mul_a3b
-
-	#
-	# finish loop
-	 mov	(+$loop_idx_offset)(%rsp), %rcx
-	 sub	\$5, %rcx
-	 mov	%rcx, (+$loop_idx_offset)(%rsp)
-	 jge	main_loop_a3b
-
-	#
-
-end_main_loop_a3b:
-	# transform result out of Montgomery space
-	# result = reduce(result)
-	 mov	(+$pResult_offset)(%rsp), %rdx
-	 pxor	%xmm4, %xmm4
-	 movdqu	(+16*0)(%rdx), %xmm0
-	 movdqu	(+16*1)(%rdx), %xmm1
-	 movdqu	(+16*2)(%rdx), %xmm2
-	 movdqu	(+16*3)(%rdx), %xmm3
-	 movdqa	%xmm4, (+$tmp16_offset+16*4)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*5)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*6)(%rsp)
-	 movdqa	%xmm4, (+$tmp16_offset+16*7)(%rsp)
-	 movdqa	%xmm0, (+$tmp16_offset+16*0)(%rsp)
-	 movdqa	%xmm1, (+$tmp16_offset+16*1)(%rsp)
-	 movdqa	%xmm2, (+$tmp16_offset+16*2)(%rsp)
-	 movdqa	%xmm3, (+$tmp16_offset+16*3)(%rsp)
-	 call	mont_reduce
-
-	# If result > m, subract m
-	# load result into r15:r8
-	 mov	(+$pResult_offset)(%rsp), %rax
-	 mov	(+8*0)(%rax), %r8
-	 mov	(+8*1)(%rax), %r9
-	 mov	(+8*2)(%rax), %r10
-	 mov	(+8*3)(%rax), %r11
-	 mov	(+8*4)(%rax), %r12
-	 mov	(+8*5)(%rax), %r13
-	 mov	(+8*6)(%rax), %r14
-	 mov	(+8*7)(%rax), %r15
-
-	# subtract m
-	 mov	(+$pData_offset)(%rsp), %rbx
-	 add	\$$M, %rbx
-
-	 sub	(+8*0)(%rbx), %r8
-	 sbb	(+8*1)(%rbx), %r9
-	 sbb	(+8*2)(%rbx), %r10
-	 sbb	(+8*3)(%rbx), %r11
-	 sbb	(+8*4)(%rbx), %r12
-	 sbb	(+8*5)(%rbx), %r13
-	 sbb	(+8*6)(%rbx), %r14
-	 sbb	(+8*7)(%rbx), %r15
-
-	# if Carry is clear, replace result with difference
-	 mov	(+8*0)(%rax), %rsi
-	 mov	(+8*1)(%rax), %rdi
-	 mov	(+8*2)(%rax), %rcx
-	 mov	(+8*3)(%rax), %rdx
-	 cmovnc	%r8, %rsi
-	 cmovnc	%r9, %rdi
-	 cmovnc	%r10, %rcx
-	 cmovnc	%r11, %rdx
-	 mov	%rsi, (+8*0)(%rax)
-	 mov	%rdi, (+8*1)(%rax)
-	 mov	%rcx, (+8*2)(%rax)
-	 mov	%rdx, (+8*3)(%rax)
-
-	 mov	(+8*4)(%rax), %rsi
-	 mov	(+8*5)(%rax), %rdi
-	 mov	(+8*6)(%rax), %rcx
-	 mov	(+8*7)(%rax), %rdx
-	 cmovnc	%r12, %rsi
-	 cmovnc	%r13, %rdi
-	 cmovnc	%r14, %rcx
-	 cmovnc	%r15, %rdx
-	 mov	%rsi, (+8*4)(%rax)
-	 mov	%rdi, (+8*5)(%rax)
-	 mov	%rcx, (+8*6)(%rax)
-	 mov	%rdx, (+8*7)(%rax)
-
-	 mov	(+$rsp_offset)(%rsp), %rsi
-	 mov	0(%rsi),%r15
-	 mov	8(%rsi),%r14
-	 mov	16(%rsi),%r13
-	 mov	24(%rsi),%r12
-	 mov	32(%rsi),%rbx
-	 mov	40(%rsi),%rbp
-	 lea	48(%rsi),%rsp
-.Lepilogue:
-	 ret
-.size mod_exp_512, . - mod_exp_512
-___
-
-sub reg_part {
-my ($reg,$conv)=@_;
-    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
-    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
-    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
-    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
-    return $reg;
-}
-
-$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/(\(\+[^)]+\))/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/pa-risc2.s b/lib/libssl/src/crypto/bn/asm/pa-risc2.s
deleted file mode 100644
index f3b16290eb0..00000000000
--- a/lib/libssl/src/crypto/bn/asm/pa-risc2.s
+++ /dev/null
@@ -1,1618 +0,0 @@
-;
-; PA-RISC 2.0 implementation of bn_asm code, based on the
-; 64-bit version of the code.  This code is effectively the
-; same as the 64-bit version except the register model is
-; slightly different given all values must be 32-bit between
-; function calls.  Thus the 64-bit return values are returned
-; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit
-;
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/  for more details on the PA-RISC
-; architecture.  Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
-	.level	2.0N
-	.space	$TEXT$
-	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 32-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers 
-;
-;    "caller save" registers: fr4-fr11, fr22-fr31
-;    "callee save" registers: fr12-fr21
-;    "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-;     value zero             :  r0
-;     "caller save" registers: r1,r19-r26
-;     "callee save" registers: r3-r18
-;     return register        :  r2  (rp)
-;     return values          ; r28,r29  (ret0,ret1)
-;     Stack pointer          ; r30  (sp) 
-;     millicode return ptr   ; r31  (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr       .reg %r26
-a_ptr       .reg %r25
-b_ptr       .reg %r24
-num         .reg %r24
-n           .reg %r23
-
-;
-; Note that the "w" argument for bn_mul_add_words and bn_mul_words
-; is passed on the stack at a delta of -56 from the top of stack
-; as the routine is entered.
-;
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r23
-high_mask    .reg %r22    ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
-;								int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg3 = num
-; -56(sp) =  w
-;
-; Local register definitions
-;
-
-fm1          .reg %fr22
-fm           .reg %fr23
-ht_temp      .reg %fr24
-ht_temp_1    .reg %fr25
-lt_temp      .reg %fr26
-lt_temp_1    .reg %fr27
-fm1_1        .reg %fr28
-fm_1         .reg %fr29
-
-fw_h         .reg %fr7L
-fw_l         .reg %fr7R
-fw           .reg %fr7
-
-fht_0        .reg %fr8L
-flt_0        .reg %fr8R
-t_float_0    .reg %fr8
-
-fht_1        .reg %fr9L
-flt_1        .reg %fr9R
-t_float_1    .reg %fr9
-
-tmp_0        .reg %r31
-tmp_1        .reg %r21
-m_0          .reg %r20 
-m_1          .reg %r19 
-ht_0         .reg %r1  
-ht_1         .reg %r3
-lt_0         .reg %r4
-lt_1         .reg %r5
-m1_0         .reg %r6 
-m1_1         .reg %r7 
-rp_val       .reg %r8
-rp_val_1     .reg %r9
-
-bn_mul_add_words
-	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
-	.proc
-	.callinfo frame=128
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP                         ; Needed to make the loop 16-byte aligned
-	NOP                         ; needed to make the loop 16-byte aligned
-
-    STD     %r5,16(%sp)         ; save r5  
-	NOP
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-
-    STD     %r8,40(%sp)         ; save r8  
-    STD     %r9,48(%sp)         ; save r9  
-    COPY    %r0,%ret1           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-
-    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
-	LDO     128(%sp),%sp        ; bump stack
-
-	;
-	; The loop is unrolled twice, so if there is only 1 number
-    ; then go straight to the cleanup code.
-	;
-	CMPIB,= 1,num,bn_mul_add_words_single_top
-	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_add_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val          ; rp[0]
-    LDD     8(r_ptr),rp_val_1        ; rp[1]
-
-    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
-    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
-    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
-
-    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
-    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
-    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
-    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
-
-    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
-    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
-    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
-
-    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
-    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
-
-    LDD     -8(%sp),m_0              ; m[0] 
-    LDD     -40(%sp),m_1             ; m[1]
-    LDD     -16(%sp),m1_0            ; m1[0]
-    LDD     -48(%sp),m1_1            ; m1[1]
-
-    LDD     -24(%sp),ht_0            ; ht[0]
-    LDD     -56(%sp),ht_1            ; ht[1]
-    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
-    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
-
-    LDD     -32(%sp),lt_0            
-    LDD     -64(%sp),lt_1            
-    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
-    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
-
-    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
-    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
-    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
-    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
-
-    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
-    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
-    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
-    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
-
-    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-
-    ADD    %ret1,lt_0,lt_0           ; lt[0] = lt[0] + c;
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
-    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-
-	LDO    -2(num),num               ; num = num - 2;
-    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
-
-    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
-    ADD,DC  ht_1,%r0,%ret1           ; ht[1]++
-    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
-
-    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
-	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
-    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
-
-    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_add_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val           ; rp[0]
-    LDO     8(a_ptr),a_ptr            ; a_ptr++
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              ; m1 = temp1 
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     %ret1,tmp_0,lt_0          ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
-    ADD,DC  ht_0,%r0,%ret1            ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_add_words_exit
-    .EXIT
-	
-    EXTRD,U %ret1,31,32,%ret0         ; for 32-bit, return in ret0/ret1
-    LDD     -80(%sp),%r9              ; restore r9  
-    LDD     -88(%sp),%r8              ; restore r8  
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg3 = num
-; w on stack at -56(sp)
-
-bn_mul_words
-	.proc
-	.callinfo frame=128
-    .entry
-	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-    COPY    %r0,%ret1           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-
-    CMPIB,>= 0,num,bn_mul_words_exit
-	LDO     128(%sp),%sp    ; bump stack
-
-	;
-	; See if only 1 word to do, thus just do cleanup
-	;
-	CMPIB,= 1,num,bn_mul_words_single_top
-	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
-
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
-
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
-
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
-
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
-    LDD     -8(%sp),m_0               
-    LDD     -40(%sp),m_1              
-
-    LDD    -16(%sp),m1_0              
-    LDD    -48(%sp),m1_1              
-    LDD     -24(%sp),ht_0             
-    LDD     -56(%sp),ht_1             
-
-    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
-    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
-    LDD     -32(%sp),lt_0             
-    LDD     -64(%sp),lt_1             
-
-    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
-    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
-    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    ADD    %ret1,lt_0,lt_0            ; lt = lt + c (ret1);
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     lt_1,8(r_ptr)             ; rp[1] = lt
-
-	COPY    ht_1,%ret1                ; carry = ht
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_mul_words_unroll2
-    LDO     16(r_ptr),r_ptr           ; rp++
-
-    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     %ret1,lt_0,lt_0           ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    COPY    ht_0,%ret1                ; copy carry
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_words_exit
-    .EXIT
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    CMPIB,>= 0,num,bn_sqr_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; If only 1, the goto straight to cleanup
-	;
-	CMPIB,= 1,num,bn_sqr_words_single_top
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-
-bn_sqr_words_unroll2
-    FLDD    0(a_ptr),t_float_0        ; a[0]
-    FLDD    8(a_ptr),t_float_1        ; a[1]
-    XMPYU   fht_0,flt_0,fm            ; m[0]
-    XMPYU   fht_1,flt_1,fm_1          ; m[1]
-
-    FSTD    fm,-24(%sp)               ; store m[0]
-    FSTD    fm_1,-56(%sp)             ; store m[1]
-    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
-    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
-
-    FSTD    lt_temp,-16(%sp)          ; store lt[0]
-    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
-    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
-    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
-
-    FSTD    ht_temp,-8(%sp)           ; store ht[0]
-    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
-    LDD     -24(%sp),m_0             
-    LDD     -56(%sp),m_1              
-
-    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
-    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
-    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
-
-    LDD     -16(%sp),lt_0        
-    LDD     -48(%sp),lt_1        
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
-    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
-
-    LDD     -8(%sp),ht_0            
-    LDD     -40(%sp),ht_1           
-    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
-    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
-
-    ADD     lt_0,m_0,lt_0             ; lt = lt+m
-    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
-
-    ADD     lt_1,m_1,lt_1             ; lt = lt+m
-    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
-    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
-    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
-
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_sqr_words_unroll2
-    LDO     32(r_ptr),r_ptr           ; rp += 4
-
-    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_sqr_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,flt_0,fm            ; m
-    FSTD    fm,-24(%sp)               ; store m
-
-    XMPYU   flt_0,flt_0,lt_temp       ; lt
-    FSTD    lt_temp,-16(%sp)          ; store lt
-
-    XMPYU   fht_0,fht_0,ht_temp       ; ht
-    FSTD    ht_temp,-8(%sp)           ; store ht
-
-    LDD     -24(%sp),m_0              ; load m
-    AND     m_0,high_mask,tmp_0       ; m & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
-    LDD     -16(%sp),lt_0             ; lt
-
-    LDD     -8(%sp),ht_0              ; ht
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
-    ADD     m_0,lt_0,lt_0             ; lt = lt+m
-    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht
-
-bn_sqr_words_exit
-    .EXIT
-    LDD     -112(%sp),%r5       ; restore r5  
-    LDD     -120(%sp),%r4       ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3 
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t  .reg %r22
-b  .reg %r21
-l  .reg %r20
-
-bn_add_words
-	.proc
-    .entry
-	.callinfo
-	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    CMPIB,>= 0,n,bn_add_words_exit
-    COPY    %r0,%ret1           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_add_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_add_words_unroll2
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-	ADD     t,%ret1,t                    ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1                ; set c to carry
-	ADD     t,b,l                        ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1              ; c+= carry
-	STD     l,0(r_ptr)
-
-	LDD     8(a_ptr),t
-	LDD     8(b_ptr),b
-	ADD     t,%ret1,t                     ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1                 ; set c to carry
-	ADD     t,b,l                         ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1               ; c+= carry
-	STD     l,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_add_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-
-	ADD     t,%ret1,t                 ; t = t+c;
-	ADD,DC  %r0,%r0,%ret1             ; set c to carry (could use CMPCLR??)
-	ADD     t,b,l                     ; l = t + b[0]
-	ADD,DC  %ret1,%r0,%ret1           ; c+= carry
-	STD     l,0(r_ptr)
-
-bn_add_words_exit
-    .EXIT
-    BVE     (%rp)
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t1       .reg %r22
-t2       .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
-	.proc
-	.callinfo 
-	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    CMPIB,>=  0,n,bn_sub_words_exit
-    COPY    %r0,%ret1           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_sub_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_sub_words_unroll2
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1  ; t3 = t3- c; 
-
-	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-	STD     sub_tmp1,0(r_ptr)
-
-	LDD     8(a_ptr),t1
-	LDD     8(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-	STD     sub_tmp1,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_sub_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret1
-
-	STD     sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
-    .EXIT
-    BVE     (%rp)
-    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just output from the HP C compiler.  
-;
-;------------------------------------------------------------------------------
-bn_div_words
-	.PROC
-	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
-	.IMPORT	BN_num_bits_word,CODE
-	;--- not PIC	.IMPORT	__iob,DATA
-	;--- not PIC	.IMPORT	fprintf,CODE
-	.IMPORT	abort,CODE
-	.IMPORT	$$div2U,MILLICODE
-	.CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
-        .ENTRY
-        STW     %r2,-20(%r30)   ;offset 0x8ec
-        STW,MA  %r3,192(%r30)   ;offset 0x8f0
-        STW     %r4,-188(%r30)  ;offset 0x8f4
-        DEPD    %r5,31,32,%r6   ;offset 0x8f8
-        STD     %r6,-184(%r30)  ;offset 0x8fc
-        DEPD    %r7,31,32,%r8   ;offset 0x900
-        STD     %r8,-176(%r30)  ;offset 0x904
-        STW     %r9,-168(%r30)  ;offset 0x908
-        LDD     -248(%r30),%r3  ;offset 0x90c
-        COPY    %r26,%r4        ;offset 0x910
-        COPY    %r24,%r5        ;offset 0x914
-        DEPD    %r25,31,32,%r4  ;offset 0x918
-        CMPB,*<>        %r3,%r0,$0006000C       ;offset 0x91c
-        DEPD    %r23,31,32,%r5  ;offset 0x920
-        MOVIB,TR        -1,%r29,$00060002       ;offset 0x924
-        EXTRD,U %r29,31,32,%r28 ;offset 0x928
-$0006002A
-        LDO     -1(%r29),%r29   ;offset 0x92c
-        SUB     %r23,%r7,%r23   ;offset 0x930
-$00060024
-        SUB     %r4,%r31,%r25   ;offset 0x934
-        AND     %r25,%r19,%r26  ;offset 0x938
-        CMPB,*<>,N      %r0,%r26,$00060046      ;offset 0x93c
-        DEPD,Z  %r25,31,32,%r20 ;offset 0x940
-        OR      %r20,%r24,%r21  ;offset 0x944
-        CMPB,*<<,N      %r21,%r23,$0006002A     ;offset 0x948
-        SUB     %r31,%r2,%r31   ;offset 0x94c
-$00060046
-$0006002E
-        DEPD,Z  %r23,31,32,%r25 ;offset 0x950
-        EXTRD,U %r23,31,32,%r26 ;offset 0x954
-        AND     %r25,%r19,%r24  ;offset 0x958
-        ADD,L   %r31,%r26,%r31  ;offset 0x95c
-        CMPCLR,*>>=     %r5,%r24,%r0    ;offset 0x960
-        LDO     1(%r31),%r31    ;offset 0x964
-$00060032
-        CMPB,*<<=,N     %r31,%r4,$00060036      ;offset 0x968
-        LDO     -1(%r29),%r29   ;offset 0x96c
-        ADD,L   %r4,%r3,%r4     ;offset 0x970
-$00060036
-        ADDIB,=,N       -1,%r8,$D0      ;offset 0x974
-        SUB     %r5,%r24,%r28   ;offset 0x978
-$0006003A
-        SUB     %r4,%r31,%r24   ;offset 0x97c
-        SHRPD   %r24,%r28,32,%r4        ;offset 0x980
-        DEPD,Z  %r29,31,32,%r9  ;offset 0x984
-        DEPD,Z  %r28,31,32,%r5  ;offset 0x988
-$0006001C
-        EXTRD,U %r4,31,32,%r31  ;offset 0x98c
-        CMPB,*<>,N      %r31,%r2,$00060020      ;offset 0x990
-        MOVB,TR %r6,%r29,$D1    ;offset 0x994
-        STD     %r29,-152(%r30) ;offset 0x998
-$0006000C
-        EXTRD,U %r3,31,32,%r25  ;offset 0x99c
-        COPY    %r3,%r26        ;offset 0x9a0
-        EXTRD,U %r3,31,32,%r9   ;offset 0x9a4
-        EXTRD,U %r4,31,32,%r8   ;offset 0x9a8
-        .CALL   ARGW0=GR,ARGW1=GR,RTNVAL=GR     ;in=25,26;out=28;
-        B,L     BN_num_bits_word,%r2    ;offset 0x9ac
-        EXTRD,U %r5,31,32,%r7   ;offset 0x9b0
-        LDI     64,%r20 ;offset 0x9b4
-        DEPD    %r7,31,32,%r5   ;offset 0x9b8
-        DEPD    %r8,31,32,%r4   ;offset 0x9bc
-        DEPD    %r9,31,32,%r3   ;offset 0x9c0
-        CMPB,=  %r28,%r20,$00060012     ;offset 0x9c4
-        COPY    %r28,%r24       ;offset 0x9c8
-        MTSARCM %r24    ;offset 0x9cc
-        DEPDI,Z -1,%sar,1,%r19  ;offset 0x9d0
-        CMPB,*>>,N      %r4,%r19,$D2    ;offset 0x9d4
-$00060012
-        SUBI    64,%r24,%r31    ;offset 0x9d8
-        CMPCLR,*<<      %r4,%r3,%r0     ;offset 0x9dc
-        SUB     %r4,%r3,%r4     ;offset 0x9e0
-$00060016
-        CMPB,=  %r31,%r0,$0006001A      ;offset 0x9e4
-        COPY    %r0,%r9 ;offset 0x9e8
-        MTSARCM %r31    ;offset 0x9ec
-        DEPD,Z  %r3,%sar,64,%r3 ;offset 0x9f0
-        SUBI    64,%r31,%r26    ;offset 0x9f4
-        MTSAR   %r26    ;offset 0x9f8
-        SHRPD   %r4,%r5,%sar,%r4        ;offset 0x9fc
-        MTSARCM %r31    ;offset 0xa00
-        DEPD,Z  %r5,%sar,64,%r5 ;offset 0xa04
-$0006001A
-        DEPDI,Z -1,31,32,%r19   ;offset 0xa08
-        AND     %r3,%r19,%r29   ;offset 0xa0c
-        EXTRD,U %r29,31,32,%r2  ;offset 0xa10
-        DEPDI,Z -1,63,32,%r6    ;offset 0xa14
-        MOVIB,TR        2,%r8,$0006001C ;offset 0xa18
-        EXTRD,U %r3,63,32,%r7   ;offset 0xa1c
-$D2
-        ;--- not PIC	ADDIL   LR'__iob-$global$,%r27,%r1      ;offset 0xa20
-        ;--- not PIC	LDIL    LR'C$7,%r21     ;offset 0xa24
-        ;--- not PIC	LDO     RR'__iob-$global$+32(%r1),%r26  ;offset 0xa28
-        ;--- not PIC	.CALL   ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR    ;in=24,25,26;out=28;
-        ;--- not PIC	B,L     fprintf,%r2     ;offset 0xa2c
-        ;--- not PIC	LDO     RR'C$7(%r21),%r25       ;offset 0xa30
-        .CALL           ;
-        B,L     abort,%r2       ;offset 0xa34
-        NOP             ;offset 0xa38
-        B       $D3     ;offset 0xa3c
-        LDW     -212(%r30),%r2  ;offset 0xa40
-$00060020
-        COPY    %r4,%r26        ;offset 0xa44
-        EXTRD,U %r4,31,32,%r25  ;offset 0xa48
-        COPY    %r2,%r24        ;offset 0xa4c
-        .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
-        B,L     $$div2U,%r31    ;offset 0xa50
-        EXTRD,U %r2,31,32,%r23  ;offset 0xa54
-        DEPD    %r28,31,32,%r29 ;offset 0xa58
-$00060022
-        STD     %r29,-152(%r30) ;offset 0xa5c
-$D1
-        AND     %r5,%r19,%r24   ;offset 0xa60
-        EXTRD,U %r24,31,32,%r24 ;offset 0xa64
-        STW     %r2,-160(%r30)  ;offset 0xa68
-        STW     %r7,-128(%r30)  ;offset 0xa6c
-        FLDD    -152(%r30),%fr4 ;offset 0xa70
-        FLDD    -152(%r30),%fr7 ;offset 0xa74
-        FLDW    -160(%r30),%fr8L        ;offset 0xa78
-        FLDW    -128(%r30),%fr5L        ;offset 0xa7c
-        XMPYU   %fr8L,%fr7L,%fr10       ;offset 0xa80
-        FSTD    %fr10,-136(%r30)        ;offset 0xa84
-        XMPYU   %fr8L,%fr7R,%fr22       ;offset 0xa88
-        FSTD    %fr22,-144(%r30)        ;offset 0xa8c
-        XMPYU   %fr5L,%fr4L,%fr11       ;offset 0xa90
-        XMPYU   %fr5L,%fr4R,%fr23       ;offset 0xa94
-        FSTD    %fr11,-112(%r30)        ;offset 0xa98
-        FSTD    %fr23,-120(%r30)        ;offset 0xa9c
-        LDD     -136(%r30),%r28 ;offset 0xaa0
-        DEPD,Z  %r28,31,32,%r31 ;offset 0xaa4
-        LDD     -144(%r30),%r20 ;offset 0xaa8
-        ADD,L   %r20,%r31,%r31  ;offset 0xaac
-        LDD     -112(%r30),%r22 ;offset 0xab0
-        DEPD,Z  %r22,31,32,%r22 ;offset 0xab4
-        LDD     -120(%r30),%r21 ;offset 0xab8
-        B       $00060024       ;offset 0xabc
-        ADD,L   %r21,%r22,%r23  ;offset 0xac0
-$D0
-        OR      %r9,%r29,%r29   ;offset 0xac4
-$00060040
-        EXTRD,U %r29,31,32,%r28 ;offset 0xac8
-$00060002
-$L2
-        LDW     -212(%r30),%r2  ;offset 0xacc
-$D3
-        LDW     -168(%r30),%r9  ;offset 0xad0
-        LDD     -176(%r30),%r8  ;offset 0xad4
-        EXTRD,U %r8,31,32,%r7   ;offset 0xad8
-        LDD     -184(%r30),%r6  ;offset 0xadc
-        EXTRD,U %r6,31,32,%r5   ;offset 0xae0
-        LDW     -188(%r30),%r4  ;offset 0xae4
-        BVE     (%r2)   ;offset 0xae8
-        .EXIT
-        LDW,MB  -192(%r30),%r3  ;offset 0xaec
-	.PROCEND	;in=23,25;out=28,29;fpin=105,107;
-
-
-
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate.  The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-; 
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers 
-; 
-;
-; Floating point registers to use to save values that
-; are manipulated.  These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0        .reg %fr22
-a0L       .reg %fr22L
-a0R       .reg %fr22R
-
-a1        .reg %fr23
-a1L       .reg %fr23L
-a1R       .reg %fr23R
-
-a2        .reg %fr24
-a2L       .reg %fr24L
-a2R       .reg %fr24R
-
-a3        .reg %fr25
-a3L       .reg %fr25L
-a3R       .reg %fr25R
-
-a4        .reg %fr26
-a4L       .reg %fr26L
-a4R       .reg %fr26R
-
-a5        .reg %fr27
-a5L       .reg %fr27L
-a5R       .reg %fr27R
-
-a6        .reg %fr28
-a6L       .reg %fr28L
-a6R       .reg %fr28R
-
-a7        .reg %fr29
-a7L       .reg %fr29L
-a7R       .reg %fr29R
-
-b0        .reg %fr30
-b0L       .reg %fr30L
-b0R       .reg %fr30R
-
-b1        .reg %fr31
-b1L       .reg %fr31L
-b1R       .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1    .reg %fr4
-ftemp2    .reg %fr5
-ftemp3    .reg %fr6
-ftemp4    .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2        .reg %fr8
-b2L       .reg %fr8L
-b2R       .reg %fr8R
-
-b3        .reg %fr9
-b3L       .reg %fr9L
-b3R       .reg %fr9R
-
-b4        .reg %fr10
-b4L       .reg %fr10L
-b4R       .reg %fr10R
-
-b5        .reg %fr11
-b5L       .reg %fr11L
-b5R       .reg %fr11R
-
-b6        .reg %fr12
-b6L       .reg %fr12L
-b6R       .reg %fr12R
-
-b7        .reg %fr13
-b7L       .reg %fr13L
-b7R       .reg %fr13R
-
-c1           .reg %r21   ; only reg
-temp1        .reg %r20   ; only reg
-temp2        .reg %r19   ; only reg
-temp3        .reg %r31   ; only reg
-
-m1           .reg %r28   
-c2           .reg %r23   
-high_one     .reg %r1
-ht           .reg %r6
-lt           .reg %r5
-m            .reg %r4
-c3           .reg %r3
-
-SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
-    XMPYU   A0L,A0R,ftemp1       ; m
-    FSTD    ftemp1,-24(%sp)      ; store m
-
-    XMPYU   A0R,A0R,ftemp2       ; lt
-    FSTD    ftemp2,-16(%sp)      ; store lt
-
-    XMPYU   A0L,A0L,ftemp3       ; ht
-    FSTD    ftemp3,-8(%sp)       ; store ht
-
-    LDD     -24(%sp),m           ; load m
-    AND     m,high_mask,temp2    ; m & Mask
-    DEPD,Z  m,30,31,temp3        ; m << 32+1
-    LDD     -16(%sp),lt          ; lt
-
-    LDD     -8(%sp),ht           ; ht
-    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
-    ADD     temp3,lt,lt          ; lt = lt+m
-    ADD,L   ht,temp1,ht          ; ht += temp1
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C1,lt,C1             ; c1=c1+lt
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C2,ht,C2             ; c2=c2+ht
-    ADD,DC  C3,%r0,C3            ; c3++
-.endm
-
-SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
-    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)         ;
-    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)          ;
-    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)         ;
-
-    LDD     -8(%sp),m               ; r21 = m
-    LDD     -16(%sp),m1             ; r19 = m1
-    ADD,L   m,m1,m                  ; m+m1
-
-    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
-    LDD     -24(%sp),ht             ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
-    ADD,L   ht,high_one,ht          ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1           ; m >> 32
-    LDD     -32(%sp),lt             ; lt
-    ADD,L   ht,temp1,ht             ; ht+= m>>32
-    ADD     lt,temp3,lt             ; lt = lt+m1
-    ADD,DC  ht,%r0,ht               ; ht++
-
-    ADD     ht,ht,ht                ; ht=ht+ht;
-    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
-
-    ADD     lt,lt,lt                ; lt=lt+lt;
-    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
-
-    ADD     C1,lt,C1                ; c1=c1+lt
-    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
-    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2                ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
-	.PROC
-	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .ENTRY
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
-	STD     c2,32(r_ptr)          ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
-	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)          ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
-	STD     c1,48(r_ptr)          ; r[6] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
-	STD     c2,56(r_ptr)          ; r[7] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
-	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
-	STD     c3,64(r_ptr)          ; r[8] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
-	STD     c1,72(r_ptr)          ; r[9] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a5L,a5R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
-	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
-	STD     c2,80(r_ptr)          ; r[10] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
-	STD     c3,88(r_ptr)          ; r[11] = c3;
-	COPY    %r0,c3
-	
-	SQR_ADD_C a6L,a6R,c1,c2,c3
-	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
-	STD     c1,96(r_ptr)          ; r[12] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
-	STD     c2,104(r_ptr)         ; r[13] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a7L,a7R,c3,c1,c2
-	STD     c3, 112(r_ptr)       ; r[14] = c3
-	STD     c1, 120(r_ptr)       ; r[15] = c1
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
-	STD     c2,32(r_ptr)           ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)           ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	STD     c1,48(r_ptr)           ; r[6] = c1;
-	STD     c2,56(r_ptr)           ; r[7] = c2;
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
-    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)       ;
-    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)        ;
-    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)       ;
-
-    LDD     -8(%sp),m             ; r21 = m
-    LDD     -16(%sp),m1           ; r19 = m1
-    ADD,L   m,m1,m                ; m+m1
-
-    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
-    LDD     -24(%sp),ht           ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
-    ADD,L   ht,high_one,ht        ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1         ; m >> 32
-    LDD     -32(%sp),lt           ; lt
-    ADD,L   ht,temp1,ht           ; ht+= m>>32
-    ADD     lt,temp3,lt           ; lt = lt+m1
-    ADD,DC  ht,%r0,ht             ; ht++
-
-    ADD     C1,lt,C1              ; c1=c1+lt
-    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2              ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-    FLDD     32(a_ptr),a4       
-    FLDD     40(a_ptr),a5       
-    FLDD     48(a_ptr),a6       
-    FLDD     56(a_ptr),a7       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-    FLDD     32(b_ptr),b4       
-    FLDD     40(b_ptr),b5       
-    FLDD     48(b_ptr),b6       
-    FLDD     56(b_ptr),b7       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	COPY      %r0,c1
-	
-	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
-	STD       c2,56(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
-	STD       c3,64(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
-	STD       c1,72(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
-	STD       c2,80(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
-	STD       c3,88(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
-	STD       c1,96(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
-	STD       c2,104(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
-	STD       c3,112(r_ptr)
-	STD       c1,120(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	STD       c2,56(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;--- not PIC	.SPACE	$TEXT$
-;--- not PIC	.SUBSPA	$CODE$
-;--- not PIC	.SPACE	$PRIVATE$,SORT=16
-;--- not PIC	.IMPORT	$global$,DATA
-;--- not PIC	.SPACE	$TEXT$
-;--- not PIC	.SUBSPA	$CODE$
-;--- not PIC	.SUBSPA	$LIT$,ACCESS=0x2c
-;--- not PIC	C$7
-;--- not PIC	.ALIGN	8
-;--- not PIC	.STRINGZ	"Division would overflow (%d)\n"
-	.END
diff --git a/lib/libssl/src/crypto/bn/asm/pa-risc2W.s b/lib/libssl/src/crypto/bn/asm/pa-risc2W.s
deleted file mode 100644
index a99545754d1..00000000000
--- a/lib/libssl/src/crypto/bn/asm/pa-risc2W.s
+++ /dev/null
@@ -1,1605 +0,0 @@
-;
-; PA-RISC 64-bit implementation of bn_asm code
-;
-; This code is approximately 2x faster than the C version
-; for RSA/DSA.
-;
-; See http://devresource.hp.com/  for more details on the PA-RISC
-; architecture.  Also see the book "PA-RISC 2.0 Architecture"
-; by Gerry Kane for information on the instruction set architecture.
-;
-; Code written by Chris Ruemmler (with some help from the HP C
-; compiler).
-;
-; The code compiles with HP's assembler
-;
-
-	.level	2.0W
-	.space	$TEXT$
-	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
-
-;
-; Global Register definitions used for the routines.
-;
-; Some information about HP's runtime architecture for 64-bits.
-;
-; "Caller save" means the calling function must save the register
-; if it wants the register to be preserved.
-; "Callee save" means if a function uses the register, it must save
-; the value before using it.
-;
-; For the floating point registers 
-;
-;    "caller save" registers: fr4-fr11, fr22-fr31
-;    "callee save" registers: fr12-fr21
-;    "special" registers: fr0-fr3 (status and exception registers)
-;
-; For the integer registers
-;     value zero             :  r0
-;     "caller save" registers: r1,r19-r26
-;     "callee save" registers: r3-r18
-;     return register        :  r2  (rp)
-;     return values          ; r28  (ret0,ret1)
-;     Stack pointer          ; r30  (sp) 
-;     global data pointer    ; r27  (dp)
-;     argument pointer       ; r29  (ap)
-;     millicode return ptr   ; r31  (also a caller save register)
-
-
-;
-; Arguments to the routines
-;
-r_ptr       .reg %r26
-a_ptr       .reg %r25
-b_ptr       .reg %r24
-num         .reg %r24
-w           .reg %r23
-n           .reg %r23
-
-
-;
-; Globals used in some routines
-;
-
-top_overflow .reg %r29
-high_mask    .reg %r22    ; value 0xffffffff80000000L
-
-
-;------------------------------------------------------------------------------
-;
-; bn_mul_add_words
-;
-;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
-;								int num, BN_ULONG w)
-;
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = num
-; arg3 = w
-;
-; Local register definitions
-;
-
-fm1          .reg %fr22
-fm           .reg %fr23
-ht_temp      .reg %fr24
-ht_temp_1    .reg %fr25
-lt_temp      .reg %fr26
-lt_temp_1    .reg %fr27
-fm1_1        .reg %fr28
-fm_1         .reg %fr29
-
-fw_h         .reg %fr7L
-fw_l         .reg %fr7R
-fw           .reg %fr7
-
-fht_0        .reg %fr8L
-flt_0        .reg %fr8R
-t_float_0    .reg %fr8
-
-fht_1        .reg %fr9L
-flt_1        .reg %fr9R
-t_float_1    .reg %fr9
-
-tmp_0        .reg %r31
-tmp_1        .reg %r21
-m_0          .reg %r20 
-m_1          .reg %r19 
-ht_0         .reg %r1  
-ht_1         .reg %r3
-lt_0         .reg %r4
-lt_1         .reg %r5
-m1_0         .reg %r6 
-m1_1         .reg %r7 
-rp_val       .reg %r8
-rp_val_1     .reg %r9
-
-bn_mul_add_words
-	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
-	.proc
-	.callinfo frame=128
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP                         ; Needed to make the loop 16-byte aligned
-	NOP                         ; Needed to make the loop 16-byte aligned
-
-    STD     %r5,16(%sp)         ; save r5  
-    STD     %r6,24(%sp)         ; save r6  
-    STD     %r7,32(%sp)         ; save r7  
-    STD     %r8,40(%sp)         ; save r8  
-
-    STD     %r9,48(%sp)         ; save r9  
-    COPY    %r0,%ret0           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-	STD     w,56(%sp)           ; store w on stack
-
-    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; The loop is unrolled twice, so if there is only 1 number
-    ; then go straight to the cleanup code.
-	;
-	CMPIB,= 1,num,bn_mul_add_words_single_top
-	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_add_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val          ; rp[0]
-    LDD     8(r_ptr),rp_val_1        ; rp[1]
-
-    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
-    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
-    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
-
-    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
-    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
-    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
-    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
-
-    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
-    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
-    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
-
-    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
-    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
-
-    LDD     -8(%sp),m_0              ; m[0] 
-    LDD     -40(%sp),m_1             ; m[1]
-    LDD     -16(%sp),m1_0            ; m1[0]
-    LDD     -48(%sp),m1_1            ; m1[1]
-
-    LDD     -24(%sp),ht_0            ; ht[0]
-    LDD     -56(%sp),ht_1            ; ht[1]
-    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
-    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
-
-    LDD     -32(%sp),lt_0            
-    LDD     -64(%sp),lt_1            
-    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
-    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
-
-    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
-    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
-    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
-    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
-
-    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
-    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
-    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
-    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
-
-    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-
-    ADD    %ret0,lt_0,lt_0           ; lt[0] = lt[0] + c;
-	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
-    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
-
-	LDO    -2(num),num               ; num = num - 2;
-    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
-    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
-    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
-
-    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
-    ADD,DC  ht_1,%r0,%ret0           ; ht[1]++
-    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
-
-    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
-	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
-    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
-
-    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_add_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    LDD     0(r_ptr),rp_val           ; rp[0]
-    LDO     8(a_ptr),a_ptr            ; a_ptr++
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              ; m1 = temp1 
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     %ret0,tmp_0,lt_0          ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
-    ADD,DC  ht_0,%r0,%ret0            ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_add_words_exit
-    .EXIT
-    LDD     -80(%sp),%r9              ; restore r9  
-    LDD     -88(%sp),%r8              ; restore r8  
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-; arg3 = w
-
-bn_mul_words
-	.proc
-	.callinfo frame=128
-    .entry
-	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-    STD     %r5,16(%sp)         ; save r5  
-    STD     %r6,24(%sp)         ; save r6  
-
-    STD     %r7,32(%sp)         ; save r7  
-    COPY    %r0,%ret0           ; return 0 by default
-    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
-	STD     w,56(%sp)           ; w on stack
-
-    CMPIB,>= 0,num,bn_mul_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; See if only 1 word to do, thus just do cleanup
-	;
-	CMPIB,= 1,num,bn_mul_words_single_top
-	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
-    ; two 32-bit mutiplies can be issued per cycle.
-    ; 
-bn_mul_words_unroll2
-
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
-    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
-
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
-
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
-    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
-
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
-
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
-    LDD     -8(%sp),m_0               
-    LDD     -40(%sp),m_1              
-
-    LDD    -16(%sp),m1_0              
-    LDD    -48(%sp),m1_1              
-    LDD     -24(%sp),ht_0             
-    LDD     -56(%sp),ht_1             
-
-    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
-    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
-    LDD     -32(%sp),lt_0             
-    LDD     -64(%sp),lt_1             
-
-    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
-    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
-    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    ADD    %ret0,lt_0,lt_0            ; lt = lt + c (ret0);
-	ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
-    ADD,DC  ht_1,%r0,ht_1             ; ht++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     lt_1,8(r_ptr)             ; rp[1] = lt
-
-	COPY    ht_1,%ret0                ; carry = ht
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_mul_words_unroll2
-    LDO     16(r_ptr),r_ptr           ; rp++
-
-    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_mul_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
-    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
-    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
-    FSTD    fm,-8(%sp)                ; -8(sp) = m
-    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
-    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
-    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
-    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
-
-    LDD     -8(%sp),m_0               
-    LDD    -16(%sp),m1_0              
-    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
-    LDD     -24(%sp),ht_0             
-    LDD     -32(%sp),lt_0             
-
-    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
-    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
-
-    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
-    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
-
-    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
-    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    ADD     %ret0,lt_0,lt_0           ; lt = lt + c;
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    COPY    ht_0,%ret0                ; copy carry
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-
-bn_mul_words_exit
-    .EXIT
-    LDD     -96(%sp),%r7              ; restore r7  
-    LDD     -104(%sp),%r6             ; restore r6  
-    LDD     -112(%sp),%r5             ; restore r5  
-    LDD     -120(%sp),%r4             ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3             ; restore r3
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
-;
-; arg0 = rp
-; arg1 = ap
-; arg2 = num
-;
-
-bn_sqr_words
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3  
-    STD     %r4,8(%sp)          ; save r4  
-	NOP
-    STD     %r5,16(%sp)         ; save r5  
-
-    CMPIB,>= 0,num,bn_sqr_words_exit
-	LDO     128(%sp),%sp       ; bump stack
-
-	;
-	; If only 1, the goto straight to cleanup
-	;
-	CMPIB,= 1,num,bn_sqr_words_single_top
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-
-bn_sqr_words_unroll2
-    FLDD    0(a_ptr),t_float_0        ; a[0]
-    FLDD    8(a_ptr),t_float_1        ; a[1]
-    XMPYU   fht_0,flt_0,fm            ; m[0]
-    XMPYU   fht_1,flt_1,fm_1          ; m[1]
-
-    FSTD    fm,-24(%sp)               ; store m[0]
-    FSTD    fm_1,-56(%sp)             ; store m[1]
-    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
-    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
-
-    FSTD    lt_temp,-16(%sp)          ; store lt[0]
-    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
-    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
-    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
-
-    FSTD    ht_temp,-8(%sp)           ; store ht[0]
-    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
-    LDD     -24(%sp),m_0             
-    LDD     -56(%sp),m_1              
-
-    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
-    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
-    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
-
-    LDD     -16(%sp),lt_0        
-    LDD     -48(%sp),lt_1        
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
-    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
-
-    LDD     -8(%sp),ht_0            
-    LDD     -40(%sp),ht_1           
-    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
-    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
-
-    ADD     lt_0,m_0,lt_0             ; lt = lt+m
-    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
-
-    ADD     lt_1,m_1,lt_1             ; lt = lt+m
-    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
-    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
-    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
-
-	LDO    -2(num),num                ; num = num - 2;
-    LDO     16(a_ptr),a_ptr           ; ap += 2
-	CMPIB,<= 2,num,bn_sqr_words_unroll2
-    LDO     32(r_ptr),r_ptr           ; rp += 4
-
-    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
-
-	;
-	; Top of loop aligned on 64-byte boundary
-	;
-bn_sqr_words_single_top
-    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
-
-    XMPYU   fht_0,flt_0,fm            ; m
-    FSTD    fm,-24(%sp)               ; store m
-
-    XMPYU   flt_0,flt_0,lt_temp       ; lt
-    FSTD    lt_temp,-16(%sp)          ; store lt
-
-    XMPYU   fht_0,fht_0,ht_temp       ; ht
-    FSTD    ht_temp,-8(%sp)           ; store ht
-
-    LDD     -24(%sp),m_0              ; load m
-    AND     m_0,high_mask,tmp_0       ; m & Mask
-    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
-    LDD     -16(%sp),lt_0             ; lt
-
-    LDD     -8(%sp),ht_0              ; ht
-    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
-    ADD     m_0,lt_0,lt_0             ; lt = lt+m
-    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
-    ADD,DC  ht_0,%r0,ht_0             ; ht++
-
-    STD     lt_0,0(r_ptr)             ; rp[0] = lt
-    STD     ht_0,8(r_ptr)             ; rp[1] = ht
-
-bn_sqr_words_exit
-    .EXIT
-    LDD     -112(%sp),%r5       ; restore r5  
-    LDD     -120(%sp),%r4       ; restore r4  
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3 
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t  .reg %r22
-b  .reg %r21
-l  .reg %r20
-
-bn_add_words
-	.proc
-    .entry
-	.callinfo
-	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.align 64
-
-    CMPIB,>= 0,n,bn_add_words_exit
-    COPY    %r0,%ret0           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_add_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_add_words_unroll2
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-	ADD     t,%ret0,t                    ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0                ; set c to carry
-	ADD     t,b,l                        ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0              ; c+= carry
-	STD     l,0(r_ptr)
-
-	LDD     8(a_ptr),t
-	LDD     8(b_ptr),b
-	ADD     t,%ret0,t                     ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0                 ; set c to carry
-	ADD     t,b,l                         ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0               ; c+= carry
-	STD     l,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_add_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
-
-bn_add_words_single_top
-	LDD     0(a_ptr),t
-	LDD     0(b_ptr),b
-
-	ADD     t,%ret0,t                 ; t = t+c;
-	ADD,DC  %r0,%r0,%ret0             ; set c to carry (could use CMPCLR??)
-	ADD     t,b,l                     ; l = t + b[0]
-	ADD,DC  %ret0,%r0,%ret0           ; c+= carry
-	STD     l,0(r_ptr)
-
-bn_add_words_exit
-    .EXIT
-    BVE     (%rp)
-	NOP
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-;
-; arg0 = rp 
-; arg1 = ap
-; arg2 = bp 
-; arg3 = n
-
-t1       .reg %r22
-t2       .reg %r21
-sub_tmp1 .reg %r20
-sub_tmp2 .reg %r19
-
-
-bn_sub_words
-	.proc
-	.callinfo 
-	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    CMPIB,>=  0,n,bn_sub_words_exit
-    COPY    %r0,%ret0           ; return 0 by default
-
-	;
-	; If 2 or more numbers do the loop
-	;
-	CMPIB,= 1,n,bn_sub_words_single_top
-	NOP
-
-	;
-	; This loop is unrolled 2 times (64-byte aligned as well)
-	;
-bn_sub_words_unroll2
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1  ; t3 = t3- c; 
-
-	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-	STD     sub_tmp1,0(r_ptr)
-
-	LDD     8(a_ptr),t1
-	LDD     8(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-	STD     sub_tmp1,8(r_ptr)
-
-	LDO     -2(n),n
-	LDO     16(a_ptr),a_ptr
-	LDO     16(b_ptr),b_ptr
-
-	CMPIB,<= 2,n,bn_sub_words_unroll2
-	LDO     16(r_ptr),r_ptr
-
-    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
-
-bn_sub_words_single_top
-	LDD     0(a_ptr),t1
-	LDD     0(b_ptr),t2
-	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
-	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
-	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
-	LDO      1(%r0),sub_tmp2
-	
-	CMPCLR,*= t1,t2,%r0
-	COPY    sub_tmp2,%ret0
-
-	STD     sub_tmp1,0(r_ptr)
-
-bn_sub_words_exit
-    .EXIT
-    BVE     (%rp)
-	NOP
-	.PROCEND	;in=23,24,25,26,29;out=28;
-
-;------------------------------------------------------------------------------
-;
-; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
-;
-; arg0 = h
-; arg1 = l
-; arg2 = d
-;
-; This is mainly just modified assembly from the compiler, thus the
-; lack of variable names.
-;
-;------------------------------------------------------------------------------
-bn_div_words
-	.proc
-	.callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-	.IMPORT	BN_num_bits_word,CODE,NO_RELOCATION
-	.IMPORT	__iob,DATA
-	.IMPORT	fprintf,CODE,NO_RELOCATION
-	.IMPORT	abort,CODE,NO_RELOCATION
-	.IMPORT	$$div2U,MILLICODE
-    .entry
-    STD     %r2,-16(%r30)   
-    STD,MA  %r3,352(%r30)   
-    STD     %r4,-344(%r30)  
-    STD     %r5,-336(%r30)  
-    STD     %r6,-328(%r30)  
-    STD     %r7,-320(%r30)  
-    STD     %r8,-312(%r30)  
-    STD     %r9,-304(%r30)  
-    STD     %r10,-296(%r30)
-
-    STD     %r27,-288(%r30)             ; save gp
-
-    COPY    %r24,%r3           ; save d 
-    COPY    %r26,%r4           ; save h (high 64-bits)
-    LDO      -1(%r0),%ret0     ; return -1 by default	
-
-    CMPB,*=  %r0,%arg2,$D3     ; if (d == 0)
-    COPY    %r25,%r5           ; save l (low 64-bits)
-
-    LDO     -48(%r30),%r29     ; create ap 
-    .CALL   ;in=26,29;out=28;
-    B,L     BN_num_bits_word,%r2 
-    COPY    %r3,%r26        
-    LDD     -288(%r30),%r27    ; restore gp 
-    LDI     64,%r21 
-
-    CMPB,=  %r21,%ret0,$00000012   ;if (i == 64) (forward) 
-    COPY    %ret0,%r24             ; i   
-    MTSARCM %r24    
-    DEPDI,Z -1,%sar,1,%r29  
-    CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<<i) (forward) 
-
-$00000012
-    SUBI    64,%r24,%r31                       ; i = 64 - i;
-    CMPCLR,*<< %r4,%r3,%r0                     ; if (h >= d)
-    SUB     %r4,%r3,%r4                        ; h -= d
-    CMPB,=  %r31,%r0,$0000001A                 ; if (i)
-    COPY    %r0,%r10                           ; ret = 0
-    MTSARCM %r31                               ; i to shift
-    DEPD,Z  %r3,%sar,64,%r3                    ; d <<= i;
-    SUBI    64,%r31,%r19                       ; 64 - i; redundent
-    MTSAR   %r19                               ; (64 -i) to shift
-    SHRPD   %r4,%r5,%sar,%r4                   ; l>> (64-i)
-    MTSARCM %r31                               ; i to shift
-    DEPD,Z  %r5,%sar,64,%r5                    ; l <<= i;
-
-$0000001A
-    DEPDI,Z -1,31,32,%r19                      
-    EXTRD,U %r3,31,32,%r6                      ; dh=(d&0xfff)>>32
-    EXTRD,U %r3,63,32,%r8                      ; dl = d&0xffffff
-    LDO     2(%r0),%r9
-    STD    %r3,-280(%r30)                      ; "d" to stack
-
-$0000001C
-    DEPDI,Z -1,63,32,%r29                      ; 
-    EXTRD,U %r4,31,32,%r31                     ; h >> 32
-    CMPB,*=,N  %r31,%r6,$D2     	       ; if ((h>>32) != dh)(forward) div
-    COPY    %r4,%r26       
-    EXTRD,U %r4,31,32,%r25 
-    COPY    %r6,%r24      
-    .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
-    B,L     $$div2U,%r2     
-    EXTRD,U %r6,31,32,%r23  
-    DEPD    %r28,31,32,%r29 
-$D2
-    STD     %r29,-272(%r30)                   ; q
-    AND     %r5,%r19,%r24                   ; t & 0xffffffff00000000;
-    EXTRD,U %r24,31,32,%r24                 ; ??? 
-    FLDD    -272(%r30),%fr7                 ; q
-    FLDD    -280(%r30),%fr8                 ; d
-    XMPYU   %fr8L,%fr7L,%fr10  
-    FSTD    %fr10,-256(%r30)   
-    XMPYU   %fr8L,%fr7R,%fr22  
-    FSTD    %fr22,-264(%r30)   
-    XMPYU   %fr8R,%fr7L,%fr11 
-    XMPYU   %fr8R,%fr7R,%fr23
-    FSTD    %fr11,-232(%r30)
-    FSTD    %fr23,-240(%r30)
-    LDD     -256(%r30),%r28
-    DEPD,Z  %r28,31,32,%r2 
-    LDD     -264(%r30),%r20
-    ADD,L   %r20,%r2,%r31   
-    LDD     -232(%r30),%r22 
-    DEPD,Z  %r22,31,32,%r22 
-    LDD     -240(%r30),%r21 
-    B       $00000024       ; enter loop  
-    ADD,L   %r21,%r22,%r23 
-
-$0000002A
-    LDO     -1(%r29),%r29   
-    SUB     %r23,%r8,%r23   
-$00000024
-    SUB     %r4,%r31,%r25   
-    AND     %r25,%r19,%r26  
-    CMPB,*<>,N      %r0,%r26,$00000046  ; (forward)
-    DEPD,Z  %r25,31,32,%r20 
-    OR      %r20,%r24,%r21  
-    CMPB,*<<,N  %r21,%r23,$0000002A ;(backward) 
-    SUB     %r31,%r6,%r31   
-;-------------Break path---------------------
-
-$00000046
-    DEPD,Z  %r23,31,32,%r25              ;tl
-    EXTRD,U %r23,31,32,%r26              ;t
-    AND     %r25,%r19,%r24               ;tl = (tl<<32)&0xfffffff0000000L
-    ADD,L   %r31,%r26,%r31               ;th += t; 
-    CMPCLR,*>>=     %r5,%r24,%r0         ;if (l<tl)
-    LDO     1(%r31),%r31                 ; th++;
-    CMPB,*<<=,N     %r31,%r4,$00000036   ;if (n < th) (forward)
-    LDO     -1(%r29),%r29                ;q--; 
-    ADD,L   %r4,%r3,%r4                  ;h += d;
-$00000036
-    ADDIB,=,N       -1,%r9,$D1 ;if (--count == 0) break (forward) 
-    SUB     %r5,%r24,%r28                ; l -= tl;
-    SUB     %r4,%r31,%r24                ; h -= th;
-    SHRPD   %r24,%r28,32,%r4             ; h = ((h<<32)|(l>>32));
-    DEPD,Z  %r29,31,32,%r10              ; ret = q<<32
-    b      $0000001C
-    DEPD,Z  %r28,31,32,%r5               ; l = l << 32 
-
-$D1
-    OR      %r10,%r29,%r28           ; ret |= q
-$D3
-    LDD     -368(%r30),%r2  
-$D0
-    LDD     -296(%r30),%r10 
-    LDD     -304(%r30),%r9  
-    LDD     -312(%r30),%r8  
-    LDD     -320(%r30),%r7  
-    LDD     -328(%r30),%r6  
-    LDD     -336(%r30),%r5  
-    LDD     -344(%r30),%r4  
-    BVE     (%r2)   
-        .EXIT
-    LDD,MB  -352(%r30),%r3 
-
-bn_div_err_case
-    MFIA    %r6     
-    ADDIL   L'bn_div_words-bn_div_err_case,%r6,%r1 
-    LDO     R'bn_div_words-bn_div_err_case(%r1),%r6  
-    ADDIL   LT'__iob,%r27,%r1       
-    LDD     RT'__iob(%r1),%r26      
-    ADDIL   L'C$4-bn_div_words,%r6,%r1    
-    LDO     R'C$4-bn_div_words(%r1),%r25  
-    LDO     64(%r26),%r26   
-    .CALL           ;in=24,25,26,29;out=28;
-    B,L     fprintf,%r2    
-    LDO     -48(%r30),%r29 
-    LDD     -288(%r30),%r27
-    .CALL           ;in=29;
-    B,L     abort,%r2      
-    LDO     -48(%r30),%r29 
-    LDD     -288(%r30),%r27
-    B       $D0         
-    LDD     -368(%r30),%r2  
-	.PROCEND	;in=24,25,26,29;out=28;
-
-;----------------------------------------------------------------------------
-;
-; Registers to hold 64-bit values to manipulate.  The "L" part
-; of the register corresponds to the upper 32-bits, while the "R"
-; part corresponds to the lower 32-bits
-; 
-; Note, that when using b6 and b7, the code must save these before
-; using them because they are callee save registers 
-; 
-;
-; Floating point registers to use to save values that
-; are manipulated.  These don't collide with ftemp1-6 and
-; are all caller save registers
-;
-a0        .reg %fr22
-a0L       .reg %fr22L
-a0R       .reg %fr22R
-
-a1        .reg %fr23
-a1L       .reg %fr23L
-a1R       .reg %fr23R
-
-a2        .reg %fr24
-a2L       .reg %fr24L
-a2R       .reg %fr24R
-
-a3        .reg %fr25
-a3L       .reg %fr25L
-a3R       .reg %fr25R
-
-a4        .reg %fr26
-a4L       .reg %fr26L
-a4R       .reg %fr26R
-
-a5        .reg %fr27
-a5L       .reg %fr27L
-a5R       .reg %fr27R
-
-a6        .reg %fr28
-a6L       .reg %fr28L
-a6R       .reg %fr28R
-
-a7        .reg %fr29
-a7L       .reg %fr29L
-a7R       .reg %fr29R
-
-b0        .reg %fr30
-b0L       .reg %fr30L
-b0R       .reg %fr30R
-
-b1        .reg %fr31
-b1L       .reg %fr31L
-b1R       .reg %fr31R
-
-;
-; Temporary floating point variables, these are all caller save
-; registers
-;
-ftemp1    .reg %fr4
-ftemp2    .reg %fr5
-ftemp3    .reg %fr6
-ftemp4    .reg %fr7
-
-;
-; The B set of registers when used.
-;
-
-b2        .reg %fr8
-b2L       .reg %fr8L
-b2R       .reg %fr8R
-
-b3        .reg %fr9
-b3L       .reg %fr9L
-b3R       .reg %fr9R
-
-b4        .reg %fr10
-b4L       .reg %fr10L
-b4R       .reg %fr10R
-
-b5        .reg %fr11
-b5L       .reg %fr11L
-b5R       .reg %fr11R
-
-b6        .reg %fr12
-b6L       .reg %fr12L
-b6R       .reg %fr12R
-
-b7        .reg %fr13
-b7L       .reg %fr13L
-b7R       .reg %fr13R
-
-c1           .reg %r21   ; only reg
-temp1        .reg %r20   ; only reg
-temp2        .reg %r19   ; only reg
-temp3        .reg %r31   ; only reg
-
-m1           .reg %r28   
-c2           .reg %r23   
-high_one     .reg %r1
-ht           .reg %r6
-lt           .reg %r5
-m            .reg %r4
-c3           .reg %r3
-
-SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
-    XMPYU   A0L,A0R,ftemp1       ; m
-    FSTD    ftemp1,-24(%sp)      ; store m
-
-    XMPYU   A0R,A0R,ftemp2       ; lt
-    FSTD    ftemp2,-16(%sp)      ; store lt
-
-    XMPYU   A0L,A0L,ftemp3       ; ht
-    FSTD    ftemp3,-8(%sp)       ; store ht
-
-    LDD     -24(%sp),m           ; load m
-    AND     m,high_mask,temp2    ; m & Mask
-    DEPD,Z  m,30,31,temp3        ; m << 32+1
-    LDD     -16(%sp),lt          ; lt
-
-    LDD     -8(%sp),ht           ; ht
-    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
-    ADD     temp3,lt,lt          ; lt = lt+m
-    ADD,L   ht,temp1,ht          ; ht += temp1
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C1,lt,C1             ; c1=c1+lt
-    ADD,DC  ht,%r0,ht            ; ht++
-
-    ADD     C2,ht,C2             ; c2=c2+ht
-    ADD,DC  C3,%r0,C3            ; c3++
-.endm
-
-SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
-    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)         ;
-    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)          ;
-    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)         ;
-
-    LDD     -8(%sp),m               ; r21 = m
-    LDD     -16(%sp),m1             ; r19 = m1
-    ADD,L   m,m1,m                  ; m+m1
-
-    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
-    LDD     -24(%sp),ht             ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
-    ADD,L   ht,high_one,ht          ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1           ; m >> 32
-    LDD     -32(%sp),lt             ; lt
-    ADD,L   ht,temp1,ht             ; ht+= m>>32
-    ADD     lt,temp3,lt             ; lt = lt+m1
-    ADD,DC  ht,%r0,ht               ; ht++
-
-    ADD     ht,ht,ht                ; ht=ht+ht;
-    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
-
-    ADD     lt,lt,lt                ; lt=lt+lt;
-    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
-
-    ADD     C1,lt,C1                ; c1=c1+lt
-    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
-    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2                ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-;
-;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba8
-	.PROC
-	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .ENTRY
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
-	STD     c2,32(r_ptr)          ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
-	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)          ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
-	STD     c1,48(r_ptr)          ; r[6] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
-	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
-	STD     c2,56(r_ptr)          ; r[7] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
-	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
-	STD     c3,64(r_ptr)          ; r[8] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
-	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
-	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
-	STD     c1,72(r_ptr)          ; r[9] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a5L,a5R,c2,c3,c1
-	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
-	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
-	STD     c2,80(r_ptr)          ; r[10] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
-	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
-	STD     c3,88(r_ptr)          ; r[11] = c3;
-	COPY    %r0,c3
-	
-	SQR_ADD_C a6L,a6R,c1,c2,c3
-	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
-	STD     c1,96(r_ptr)          ; r[12] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
-	STD     c2,104(r_ptr)         ; r[13] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a7L,a7R,c3,c1,c2
-	STD     c3, 112(r_ptr)       ; r[14] = c3
-	STD     c1, 120(r_ptr)       ; r[15] = c1
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-; arg0 = r_ptr
-; arg1 = a_ptr
-;
-
-bn_sqr_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD     0(a_ptr),a0       
-    FLDD     8(a_ptr),a1       
-    FLDD    16(a_ptr),a2       
-    FLDD    24(a_ptr),a3       
-    FLDD    32(a_ptr),a4       
-    FLDD    40(a_ptr),a5       
-    FLDD    48(a_ptr),a6       
-    FLDD    56(a_ptr),a7       
-
-	SQR_ADD_C a0L,a0R,c1,c2,c3
-
-	STD     c1,0(r_ptr)          ; r[0] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
-
-	STD     c2,8(r_ptr)          ; r[1] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C a1L,a1R,c3,c1,c2
-	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
-
-	STD     c3,16(r_ptr)            ; r[2] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
-	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
-
-	STD     c1,24(r_ptr)           ; r[3] = c1;
-	COPY    %r0,c1
-
-	SQR_ADD_C a2L,a2R,c2,c3,c1
-	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
-
-	STD     c2,32(r_ptr)           ; r[4] = c2;
-	COPY    %r0,c2
-
-	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
-	STD     c3,40(r_ptr)           ; r[5] = c3;
-	COPY    %r0,c3
-
-	SQR_ADD_C a3L,a3R,c1,c2,c3
-	STD     c1,48(r_ptr)           ; r[6] = c1;
-	STD     c2,56(r_ptr)           ; r[7] = c2;
-
-    .EXIT
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-;---------------------------------------------------------------------------
-
-MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
-    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
-    FSTD    ftemp1,-16(%sp)       ;
-    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
-    FSTD    ftemp2,-8(%sp)        ;
-    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
-    FSTD    ftemp3,-32(%sp)
-    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
-    FSTD    ftemp4,-24(%sp)       ;
-
-    LDD     -8(%sp),m             ; r21 = m
-    LDD     -16(%sp),m1           ; r19 = m1
-    ADD,L   m,m1,m                ; m+m1
-
-    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
-    LDD     -24(%sp),ht           ; r24 = ht
-
-    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
-    ADD,L   ht,high_one,ht        ; ht+=high_one
-
-    EXTRD,U m,31,32,temp1         ; m >> 32
-    LDD     -32(%sp),lt           ; lt
-    ADD,L   ht,temp1,ht           ; ht+= m>>32
-    ADD     lt,temp3,lt           ; lt = lt+m1
-    ADD,DC  ht,%r0,ht             ; ht++
-
-    ADD     C1,lt,C1              ; c1=c1+lt
-    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
-
-    ADD     C2,ht,C2              ; c2 = c2 + ht
-    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
-.endm
-
-
-;
-;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba8
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-    FLDD     32(a_ptr),a4       
-    FLDD     40(a_ptr),a5       
-    FLDD     48(a_ptr),a6       
-    FLDD     56(a_ptr),a7       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-    FLDD     32(b_ptr),b4       
-    FLDD     40(b_ptr),b5       
-    FLDD     48(b_ptr),b6       
-    FLDD     56(b_ptr),b7       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	COPY      %r0,c1
-	
-	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
-	STD       c2,56(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
-	STD       c3,64(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
-	STD       c1,72(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
-	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
-	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
-	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
-	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
-	STD       c2,80(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
-	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
-	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
-	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
-	STD       c3,88(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
-	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
-	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
-	STD       c1,96(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
-	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
-	STD       c2,104(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
-	STD       c3,112(r_ptr)
-	STD       c1,120(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-;-----------------------------------------------------------------------------
-;
-;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-; arg0 = r_ptr
-; arg1 = a_ptr
-; arg2 = b_ptr
-;
-
-bn_mul_comba4
-	.proc
-	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
-	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
-    .entry
-	.align 64
-
-    STD     %r3,0(%sp)          ; save r3
-    STD     %r4,8(%sp)          ; save r4
-    STD     %r5,16(%sp)         ; save r5
-    STD     %r6,24(%sp)         ; save r6
-    FSTD    %fr12,32(%sp)       ; save r6
-    FSTD    %fr13,40(%sp)       ; save r7
-
-	;
-	; Zero out carries
-	;
-	COPY     %r0,c1
-	COPY     %r0,c2
-	COPY     %r0,c3
-
-	LDO      128(%sp),%sp       ; bump stack
-    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
-
-	;
-	; Load up all of the values we are going to use
-	;
-    FLDD      0(a_ptr),a0       
-    FLDD      8(a_ptr),a1       
-    FLDD     16(a_ptr),a2       
-    FLDD     24(a_ptr),a3       
-
-    FLDD      0(b_ptr),b0       
-    FLDD      8(b_ptr),b1       
-    FLDD     16(b_ptr),b2       
-    FLDD     24(b_ptr),b3       
-
-	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
-	STD       c1,0(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
-	STD       c2,8(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
-	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
-	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
-	STD       c3,16(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
-	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
-	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
-	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
-	STD       c1,24(r_ptr)
-	COPY      %r0,c1
-
-	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
-	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
-	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
-	STD       c2,32(r_ptr)
-	COPY      %r0,c2
-
-	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
-	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
-	STD       c3,40(r_ptr)
-	COPY      %r0,c3
-
-	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
-	STD       c1,48(r_ptr)
-	STD       c2,56(r_ptr)
-
-    .EXIT
-    FLDD    -88(%sp),%fr13 
-    FLDD    -96(%sp),%fr12 
-    LDD     -104(%sp),%r6        ; restore r6
-    LDD     -112(%sp),%r5        ; restore r5
-    LDD     -120(%sp),%r4        ; restore r4
-    BVE     (%rp)
-    LDD,MB  -128(%sp),%r3
-
-	.PROCEND	
-
-
-	.SPACE	$TEXT$
-	.SUBSPA	$CODE$
-	.SPACE	$PRIVATE$,SORT=16
-	.IMPORT	$global$,DATA
-	.SPACE	$TEXT$
-	.SUBSPA	$CODE$
-	.SUBSPA	$LIT$,ACCESS=0x2c
-C$4
-	.ALIGN	8
-	.STRINGZ	"Division would overflow (%d)\n"
-	.END
diff --git a/lib/libssl/src/crypto/bn/asm/parisc-mont.pl b/lib/libssl/src/crypto/bn/asm/parisc-mont.pl
deleted file mode 100644
index fcfdee1f1f8..00000000000
--- a/lib/libssl/src/crypto/bn/asm/parisc-mont.pl
+++ /dev/null
@@ -1,993 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# On PA-7100LC this module performs ~90-50% better, less for longer
-# keys, than code generated by gcc 3.2 for PA-RISC 1.1. Latter means
-# that compiler utilized xmpyu instruction to perform 32x32=64-bit
-# multiplication, which in turn means that "baseline" performance was
-# optimal in respect to instruction set capabilities. Fair comparison
-# with vendor compiler is problematic, because OpenSSL doesn't define
-# BN_LLONG [presumably] for historical reasons, which drives compiler
-# toward 4 times 16x16=32-bit multiplicatons [plus complementary
-# shifts and additions] instead. This means that you should observe
-# several times improvement over code generated by vendor compiler
-# for PA-RISC 1.1, but the "baseline" is far from optimal. The actual
-# improvement coefficient was never collected on PA-7100LC, or any
-# other 1.1 CPU, because I don't have access to such machine with
-# vendor compiler. But to give you a taste, PA-RISC 1.1 code path
-# reportedly outperformed code generated by cc +DA1.1 +O3 by factor
-# of ~5x on PA-8600.
-#
-# On PA-RISC 2.0 it has to compete with pa-risc2[W].s, which is
-# reportedly ~2x faster than vendor compiler generated code [according
-# to comment in pa-risc2[W].s]. Here comes a catch. Execution core of
-# this implementation is actually 32-bit one, in the sense that it
-# operates on 32-bit values. But pa-risc2[W].s operates on arrays of
-# 64-bit BN_LONGs... How do they interoperate then? No problem. This
-# module picks halves of 64-bit values in reverse order and pretends
-# they were 32-bit BN_LONGs. But can 32-bit core compete with "pure"
-# 64-bit code such as pa-risc2[W].s then? Well, the thing is that
-# 32x32=64-bit multiplication is the best even PA-RISC 2.0 can do,
-# i.e. there is no "wider" multiplication like on most other 64-bit
-# platforms. This means that even being effectively 32-bit, this
-# implementation performs "64-bit" computational task in same amount
-# of arithmetic operations, most notably multiplications. It requires
-# more memory references, most notably to tp[num], but this doesn't
-# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
-# 2.0 code path provides virtually same performance as pa-risc2[W].s:
-# it's ~10% better for shortest key length and ~10% worse for longest
-# one.
-#
-# In case it wasn't clear. The module has two distinct code paths:
-# PA-RISC 1.1 and PA-RISC 2.0 ones. Latter features carry-free 64-bit
-# additions and 64-bit integer loads, not to mention specific
-# instruction scheduling. In 64-bit build naturally only 2.0 code path
-# is assembled. In 32-bit application context both code paths are
-# assembled, PA-RISC 2.0 CPU is detected at run-time and proper path
-# is taken automatically. Also, in 32-bit build the module imposes
-# couple of limitations: vector lengths has to be even and vector
-# addresses has to be 64-bit aligned. Normally neither is a problem:
-# most common key lengths are even and vectors are commonly malloc-ed,
-# which ensures alignment.
-#
-# Special thanks to polarhome.com for providing HP-UX account on
-# PA-RISC 1.1 machine, and to correspondent who chose to remain
-# anonymous for testing the code on PA-RISC 2.0 machine.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-
-$flavour = shift;
-$output = shift;
-
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-	$BN_SZ		=$SIZE_T;
-} else {
-	$LEVEL		="1.1";	#$LEVEL.="\n\t.ALLOW\t2.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-	$BN_SZ		=$SIZE_T;
-}
-
-$FRAME=8*$SIZE_T+$FRAME_MARKER;	# 8 saved regs + frame marker
-				#                [+ argument transfer]
-$LOCALS=$FRAME-$FRAME_MARKER;
-$FRAME+=32;			# local variables
-
-$tp="%r31";
-$ti1="%r29";
-$ti0="%r28";
-
-$rp="%r26";
-$ap="%r25";
-$bp="%r24";
-$np="%r23";
-$n0="%r22";	# passed through stack in 32-bit
-$num="%r21";	# passed through stack in 32-bit
-$idx="%r20";
-$arrsz="%r19";
-
-$nm1="%r7";
-$nm0="%r6";
-$ab1="%r5";
-$ab0="%r4";
-
-$fp="%r3";
-$hi1="%r2";
-$hi0="%r1";
-
-$xfer=$n0;	# accomodates [-16..15] offset in fld[dw]s
-
-$fm0="%fr4";	$fti=$fm0;
-$fbi="%fr5L";
-$fn0="%fr5R";
-$fai="%fr6";	$fab0="%fr7";	$fab1="%fr8";
-$fni="%fr9";	$fnm0="%fr10";	$fnm1="%fr11";
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	bn_mul_mont,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
-	.ALIGN	64
-bn_mul_mont
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-8*$SIZE_T`,NO_CALLS,SAVE_RP,SAVE_SP,ENTRY_GR=6
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)		; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	ldo	-$FRAME(%sp),$fp
-___
-$code.=<<___ if ($SIZE_T==4);
-	ldw	`-$FRAME_MARKER-4`($fp),$n0
-	ldw	`-$FRAME_MARKER-8`($fp),$num
-	nop
-	nop					; alignment
-___
-$code.=<<___ if ($BN_SZ==4);
-	comiclr,<=	6,$num,%r0		; are vectors long enough?
-	b		L\$abort
-	ldi		0,%r28			; signal "unhandled"
-	add,ev		%r0,$num,$num		; is $num even?
-	b		L\$abort
-	nop
-	or		$ap,$np,$ti1
-	extru,=		$ti1,31,3,%r0		; are ap and np 64-bit aligned?
-	b		L\$abort
-	nop
-	nop					; alignment
-	nop
-
-	fldws		0($n0),${fn0}
-	fldws,ma	4($bp),${fbi}		; bp[0]
-___
-$code.=<<___ if ($BN_SZ==8);
-	comib,>		3,$num,L\$abort		; are vectors long enough?
-	ldi		0,%r28			; signal "unhandled"
-	addl		$num,$num,$num		; I operate on 32-bit values
-
-	fldws		4($n0),${fn0}		; only low part of n0
-	fldws		4($bp),${fbi}		; bp[0] in flipped word order
-___
-$code.=<<___;
-	fldds		0($ap),${fai}		; ap[0,1]
-	fldds		0($np),${fni}		; np[0,1]
-
-	sh2addl		$num,%r0,$arrsz
-	ldi		31,$hi0
-	ldo		36($arrsz),$hi1		; space for tp[num+1]
-	andcm		$hi1,$hi0,$hi1		; align
-	addl		$hi1,%sp,%sp
-	$PUSH		$fp,-$SIZE_T(%sp)
-
-	ldo		`$LOCALS+16`($fp),$xfer
-	ldo		`$LOCALS+32+4`($fp),$tp
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[0]
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[0]
-	xmpyu		${fn0},${fab0}R,${fm0}
-
-	addl		$arrsz,$ap,$ap		; point at the end
-	addl		$arrsz,$np,$np
-	subi		0,$arrsz,$idx		; j=0
-	ldo		8($idx),$idx		; j++++
-
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
-	fstds		${fab0},-16($xfer)
-	fstds		${fnm0},-8($xfer)
-	fstds		${fab1},0($xfer)
-	fstds		${fnm1},8($xfer)
-	 flddx		$idx($ap),${fai}	; ap[2,3]
-	 flddx		$idx($np),${fni}	; np[2,3]
-___
-$code.=<<___ if ($BN_SZ==4);
-#ifndef __OpenBSD__
-	mtctl		$hi0,%cr11		; $hi0 still holds 31
-	extrd,u,*=	$hi0,%sar,1,$hi0	; executes on PA-RISC 1.0
-	b		L\$parisc11
-	nop
-___
-$code.=<<___;					# PA-RISC 2.0 code-path
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldd		-16($xfer),$ab0
-	fstds		${fab0},-16($xfer)
-
-	extrd,u		$ab0,31,32,$hi0
-	extrd,u		$ab0,63,32,$ab0
-	ldd		-8($xfer),$nm0
-	fstds		${fnm0},-8($xfer)
-	 ldo		8($idx),$idx		; j++++
-	 addl		$ab0,$nm0,$nm0		; low part is discarded
-	 extrd,u	$nm0,31,32,$hi1
-
-L\$1st
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
-	ldd		0($xfer),$ab1
-	fstds		${fab1},0($xfer)
-	 addl		$hi0,$ab1,$ab1
-	 extrd,u	$ab1,31,32,$hi0
-	ldd		8($xfer),$nm1
-	fstds		${fnm1},8($xfer)
-	 extrd,u	$ab1,63,32,$ab1
-	 addl		$hi1,$nm1,$nm1
-	flddx		$idx($ap),${fai}	; ap[j,j+1]
-	flddx		$idx($np),${fni}	; np[j,j+1]
-	 addl		$ab1,$nm1,$nm1
-	 extrd,u	$nm1,31,32,$hi1
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldd		-16($xfer),$ab0
-	fstds		${fab0},-16($xfer)
-	 addl		$hi0,$ab0,$ab0
-	 extrd,u	$ab0,31,32,$hi0
-	ldd		-8($xfer),$nm0
-	fstds		${fnm0},-8($xfer)
-	 extrd,u	$ab0,63,32,$ab0
-	 addl		$hi1,$nm0,$nm0
-	stw		$nm1,-4($tp)		; tp[j-1]
-	 addl		$ab0,$nm0,$nm0
-	 stw,ma		$nm0,8($tp)		; tp[j-1]
-	addib,<>	8,$idx,L\$1st		; j++++
-	 extrd,u	$nm0,31,32,$hi1
-
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
-	ldd		0($xfer),$ab1
-	fstds		${fab1},0($xfer)
-	 addl		$hi0,$ab1,$ab1
-	 extrd,u	$ab1,31,32,$hi0
-	ldd		8($xfer),$nm1
-	fstds		${fnm1},8($xfer)
-	 extrd,u	$ab1,63,32,$ab1
-	 addl		$hi1,$nm1,$nm1
-	ldd		-16($xfer),$ab0
-	 addl		$ab1,$nm1,$nm1
-	ldd		-8($xfer),$nm0
-	 extrd,u	$nm1,31,32,$hi1
-
-	 addl		$hi0,$ab0,$ab0
-	 extrd,u	$ab0,31,32,$hi0
-	stw		$nm1,-4($tp)		; tp[j-1]
-	 extrd,u	$ab0,63,32,$ab0
-	 addl		$hi1,$nm0,$nm0
-	ldd		0($xfer),$ab1
-	 addl		$ab0,$nm0,$nm0
-	ldd,mb		8($xfer),$nm1
-	 extrd,u	$nm0,31,32,$hi1
-	stw,ma		$nm0,8($tp)		; tp[j-1]
-
-	ldo		-1($num),$num		; i--
-	subi		0,$arrsz,$idx		; j=0
-___
-$code.=<<___ if ($BN_SZ==4);
-	fldws,ma	4($bp),${fbi}		; bp[1]
-___
-$code.=<<___ if ($BN_SZ==8);
-	fldws		0($bp),${fbi}		; bp[1] in flipped word order
-___
-$code.=<<___;
-	 flddx		$idx($ap),${fai}	; ap[0,1]
-	 flddx		$idx($np),${fni}	; np[0,1]
-	 fldws		8($xfer),${fti}R	; tp[0]
-	addl		$hi0,$ab1,$ab1
-	 extrd,u	$ab1,31,32,$hi0
-	 extrd,u	$ab1,63,32,$ab1
-	 ldo		8($idx),$idx		; j++++
-	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
-	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
-	addl		$hi1,$nm1,$nm1
-	addl		$ab1,$nm1,$nm1
-	extrd,u		$nm1,31,32,$hi1
-	 fstws,mb	${fab0}L,-8($xfer)	; save high part
-	stw		$nm1,-4($tp)		; tp[j-1]
-
-	 fcpy,sgl	%fr0,${fti}L		; zero high part
-	 fcpy,sgl	%fr0,${fab0}L
-	addl		$hi1,$hi0,$hi0
-	extrd,u		$hi0,31,32,$hi1
-	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
-	 fcnvxf,dbl,dbl	${fab0},${fab0}
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-
-	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
-	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
-	xmpyu		${fn0},${fab0}R,${fm0}
-	ldo		`$LOCALS+32+4`($fp),$tp
-L\$outer
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
-	fstds		${fab0},-16($xfer)	; 33-bit value
-	fstds		${fnm0},-8($xfer)
-	 flddx		$idx($ap),${fai}	; ap[2]
-	 flddx		$idx($np),${fni}	; np[2]
-	 ldo		8($idx),$idx		; j++++
-	ldd		-16($xfer),$ab0		; 33-bit value
-	ldd		-8($xfer),$nm0
-	ldw		0($xfer),$hi0		; high part
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	 extrd,u	$ab0,31,32,$ti0		; carry bit
-	 extrd,u	$ab0,63,32,$ab0
-	fstds		${fab1},0($xfer)
-	 addl		$ti0,$hi0,$hi0		; account carry bit
-	fstds		${fnm1},8($xfer)
-	 addl		$ab0,$nm0,$nm0		; low part is discarded
-	ldw		0($tp),$ti1		; tp[1]
-	 extrd,u	$nm0,31,32,$hi1
-	fstds		${fab0},-16($xfer)
-	fstds		${fnm0},-8($xfer)
-
-L\$inner
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
-	ldd		0($xfer),$ab1
-	fstds		${fab1},0($xfer)
-	 addl		$hi0,$ti1,$ti1
-	 addl		$ti1,$ab1,$ab1
-	ldd		8($xfer),$nm1
-	fstds		${fnm1},8($xfer)
-	 extrd,u	$ab1,31,32,$hi0
-	 extrd,u	$ab1,63,32,$ab1
-	flddx		$idx($ap),${fai}	; ap[j,j+1]
-	flddx		$idx($np),${fni}	; np[j,j+1]
-	 addl		$hi1,$nm1,$nm1
-	 addl		$ab1,$nm1,$nm1
-	ldw		4($tp),$ti0		; tp[j]
-	stw		$nm1,-4($tp)		; tp[j-1]
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldd		-16($xfer),$ab0
-	fstds		${fab0},-16($xfer)
-	 addl		$hi0,$ti0,$ti0
-	 addl		$ti0,$ab0,$ab0
-	ldd		-8($xfer),$nm0
-	fstds		${fnm0},-8($xfer)
-	 extrd,u	$ab0,31,32,$hi0
-	 extrd,u	$nm1,31,32,$hi1
-	ldw		8($tp),$ti1		; tp[j]
-	 extrd,u	$ab0,63,32,$ab0
-	 addl		$hi1,$nm0,$nm0
-	 addl		$ab0,$nm0,$nm0
-	 stw,ma		$nm0,8($tp)		; tp[j-1]
-	addib,<>	8,$idx,L\$inner		; j++++
-	 extrd,u	$nm0,31,32,$hi1
-
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
-	ldd		0($xfer),$ab1
-	fstds		${fab1},0($xfer)
-	 addl		$hi0,$ti1,$ti1
-	 addl		$ti1,$ab1,$ab1
-	ldd		8($xfer),$nm1
-	fstds		${fnm1},8($xfer)
-	 extrd,u	$ab1,31,32,$hi0
-	 extrd,u	$ab1,63,32,$ab1
-	ldw		4($tp),$ti0		; tp[j]
-	 addl		$hi1,$nm1,$nm1
-	 addl		$ab1,$nm1,$nm1
-	ldd		-16($xfer),$ab0
-	ldd		-8($xfer),$nm0
-	 extrd,u	$nm1,31,32,$hi1
-
-	addl		$hi0,$ab0,$ab0
-	 addl		$ti0,$ab0,$ab0
-	 stw		$nm1,-4($tp)		; tp[j-1]
-	 extrd,u	$ab0,31,32,$hi0
-	ldw		8($tp),$ti1		; tp[j]
-	 extrd,u	$ab0,63,32,$ab0
-	 addl		$hi1,$nm0,$nm0
-	ldd		0($xfer),$ab1
-	 addl		$ab0,$nm0,$nm0
-	ldd,mb		8($xfer),$nm1
-	 extrd,u	$nm0,31,32,$hi1
-	 stw,ma		$nm0,8($tp)		; tp[j-1]
-
-	addib,=		-1,$num,L\$outerdone	; i--
-	subi		0,$arrsz,$idx		; j=0
-___
-$code.=<<___ if ($BN_SZ==4);
-	fldws,ma	4($bp),${fbi}		; bp[i]
-___
-$code.=<<___ if ($BN_SZ==8);
-	ldi		12,$ti0			; bp[i] in flipped word order
-	addl,ev		%r0,$num,$num
-	ldi		-4,$ti0
-	addl		$ti0,$bp,$bp
-	fldws		0($bp),${fbi}
-___
-$code.=<<___;
-	 flddx		$idx($ap),${fai}	; ap[0]
-	addl		$hi0,$ab1,$ab1
-	 flddx		$idx($np),${fni}	; np[0]
-	 fldws		8($xfer),${fti}R	; tp[0]
-	addl		$ti1,$ab1,$ab1
-	extrd,u		$ab1,31,32,$hi0
-	extrd,u		$ab1,63,32,$ab1
-
-	 ldo		8($idx),$idx		; j++++
-	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
-	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
-	ldw		4($tp),$ti0		; tp[j]
-
-	addl		$hi1,$nm1,$nm1
-	 fstws,mb	${fab0}L,-8($xfer)	; save high part
-	addl		$ab1,$nm1,$nm1
-	extrd,u		$nm1,31,32,$hi1
-	 fcpy,sgl	%fr0,${fti}L		; zero high part
-	 fcpy,sgl	%fr0,${fab0}L
-	stw		$nm1,-4($tp)		; tp[j-1]
-
-	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
-	 fcnvxf,dbl,dbl	${fab0},${fab0}
-	addl		$hi1,$hi0,$hi0
-	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
-	addl		$ti0,$hi0,$hi0
-	extrd,u		$hi0,31,32,$hi1
-	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-	 xmpyu		${fn0},${fab0}R,${fm0}
-
-	b		L\$outer
-	ldo		`$LOCALS+32+4`($fp),$tp
-
-L\$outerdone
-	addl		$hi0,$ab1,$ab1
-	addl		$ti1,$ab1,$ab1
-	extrd,u		$ab1,31,32,$hi0
-	extrd,u		$ab1,63,32,$ab1
-
-	ldw		4($tp),$ti0		; tp[j]
-
-	addl		$hi1,$nm1,$nm1
-	addl		$ab1,$nm1,$nm1
-	extrd,u		$nm1,31,32,$hi1
-	stw		$nm1,-4($tp)		; tp[j-1]
-
-	addl		$hi1,$hi0,$hi0
-	addl		$ti0,$hi0,$hi0
-	extrd,u		$hi0,31,32,$hi1
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-
-	ldo		`$LOCALS+32`($fp),$tp
-	sub		%r0,%r0,%r0		; clear borrow
-___
-$code.=<<___ if ($BN_SZ==4);
-	ldws,ma		4($tp),$ti0
-	extru,=		$rp,31,3,%r0		; is rp 64-bit aligned?
-	b		L\$sub_pa11
-	addl		$tp,$arrsz,$tp
-L\$sub
-	ldwx		$idx($np),$hi0
-	subb		$ti0,$hi0,$hi1
-	ldwx		$idx($tp),$ti0
-	addib,<>	4,$idx,L\$sub
-	stws,ma		$hi1,4($rp)
-
-	subb		$ti0,%r0,$hi1
-	ldo		-4($tp),$tp
-___
-$code.=<<___ if ($BN_SZ==8);
-	ldd,ma		8($tp),$ti0
-L\$sub
-	ldd		$idx($np),$hi0
-	shrpd		$ti0,$ti0,32,$ti0	; flip word order
-	std		$ti0,-8($tp)		; save flipped value
-	sub,db		$ti0,$hi0,$hi1
-	ldd,ma		8($tp),$ti0
-	addib,<>	8,$idx,L\$sub
-	std,ma		$hi1,8($rp)
-
-	extrd,u		$ti0,31,32,$ti0		; carry in flipped word order
-	sub,db		$ti0,%r0,$hi1
-	ldo		-8($tp),$tp
-___
-$code.=<<___;
-	and		$tp,$hi1,$ap
-	andcm		$rp,$hi1,$bp
-	or		$ap,$bp,$np
-
-	sub		$rp,$arrsz,$rp		; rewind rp
-	subi		0,$arrsz,$idx
-	ldo		`$LOCALS+32`($fp),$tp
-L\$copy
-	ldd		$idx($np),$hi0
-	std,ma		%r0,8($tp)
-	addib,<>	8,$idx,.-8		; L\$copy
-	std,ma		$hi0,8($rp)	
-___
-
-if ($BN_SZ==4) {				# PA-RISC 1.1 code-path
-$ablo=$ab0;
-$abhi=$ab1;
-$nmlo0=$nm0;
-$nmhi0=$nm1;
-$nmlo1="%r9";
-$nmhi1="%r8";
-
-$code.=<<___;
-	b		L\$done
-	nop
-
-	.ALIGN		8
-L\$parisc11
-#endif
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldw		-12($xfer),$ablo
-	ldw		-16($xfer),$hi0
-	ldw		-4($xfer),$nmlo0
-	ldw		-8($xfer),$nmhi0
-	fstds		${fab0},-16($xfer)
-	fstds		${fnm0},-8($xfer)
-
-	 ldo		8($idx),$idx		; j++++
-	 add		$ablo,$nmlo0,$nmlo0	; discarded
-	 addc		%r0,$nmhi0,$hi1
-	ldw		4($xfer),$ablo
-	ldw		0($xfer),$abhi
-	nop
-
-L\$1st_pa11
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
-	flddx		$idx($ap),${fai}	; ap[j,j+1]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
-	flddx		$idx($np),${fni}	; np[j,j+1]
-	 add		$hi0,$ablo,$ablo
-	ldw		12($xfer),$nmlo1
-	 addc		%r0,$abhi,$hi0
-	ldw		8($xfer),$nmhi1
-	 add		$ablo,$nmlo1,$nmlo1
-	fstds		${fab1},0($xfer)
-	 addc		%r0,$nmhi1,$nmhi1
-	fstds		${fnm1},8($xfer)
-	 add		$hi1,$nmlo1,$nmlo1
-	ldw		-12($xfer),$ablo
-	 addc		%r0,$nmhi1,$hi1
-	ldw		-16($xfer),$abhi
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
-	ldw		-4($xfer),$nmlo0
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldw		-8($xfer),$nmhi0
-	 add		$hi0,$ablo,$ablo
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-	 addc		%r0,$abhi,$hi0
-	fstds		${fab0},-16($xfer)
-	 add		$ablo,$nmlo0,$nmlo0
-	fstds		${fnm0},-8($xfer)
-	 addc		%r0,$nmhi0,$nmhi0
-	ldw		0($xfer),$abhi
-	 add		$hi1,$nmlo0,$nmlo0
-	ldw		4($xfer),$ablo
-	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
-	addib,<>	8,$idx,L\$1st_pa11	; j++++
-	 addc		%r0,$nmhi0,$hi1
-
-	 ldw		8($xfer),$nmhi1
-	 ldw		12($xfer),$nmlo1
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
-	 add		$hi0,$ablo,$ablo
-	fstds		${fab1},0($xfer)
-	 addc		%r0,$abhi,$hi0
-	fstds		${fnm1},8($xfer)
-	 add		$ablo,$nmlo1,$nmlo1
-	ldw		-16($xfer),$abhi
-	 addc		%r0,$nmhi1,$nmhi1
-	ldw		-12($xfer),$ablo
-	 add		$hi1,$nmlo1,$nmlo1
-	ldw		-8($xfer),$nmhi0
-	 addc		%r0,$nmhi1,$hi1
-	ldw		-4($xfer),$nmlo0
-
-	 add		$hi0,$ablo,$ablo
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-	 addc		%r0,$abhi,$hi0
-	ldw		0($xfer),$abhi
-	 add		$ablo,$nmlo0,$nmlo0
-	ldw		4($xfer),$ablo
-	 addc		%r0,$nmhi0,$nmhi0
-	ldws,mb		8($xfer),$nmhi1
-	 add		$hi1,$nmlo0,$nmlo0
-	ldw		4($xfer),$nmlo1
-	 addc		%r0,$nmhi0,$hi1
-	stws,ma		$nmlo0,8($tp)		; tp[j-1]
-
-	ldo		-1($num),$num		; i--
-	subi		0,$arrsz,$idx		; j=0
-
-	 fldws,ma	4($bp),${fbi}		; bp[1]
-	 flddx		$idx($ap),${fai}	; ap[0,1]
-	 flddx		$idx($np),${fni}	; np[0,1]
-	 fldws		8($xfer),${fti}R	; tp[0]
-	add		$hi0,$ablo,$ablo
-	addc		%r0,$abhi,$hi0
-	 ldo		8($idx),$idx		; j++++
-	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
-	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
-	add		$hi1,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$nmhi1
-	add		$ablo,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$hi1
-	 fstws,mb	${fab0}L,-8($xfer)	; save high part
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-
-	 fcpy,sgl	%fr0,${fti}L		; zero high part
-	 fcpy,sgl	%fr0,${fab0}L
-	add		$hi1,$hi0,$hi0
-	addc		%r0,%r0,$hi1
-	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
-	 fcnvxf,dbl,dbl	${fab0},${fab0}
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-
-	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
-	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
-	xmpyu		${fn0},${fab0}R,${fm0}
-	ldo		`$LOCALS+32+4`($fp),$tp
-L\$outer_pa11
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
-	fstds		${fab0},-16($xfer)	; 33-bit value
-	fstds		${fnm0},-8($xfer)
-	 flddx		$idx($ap),${fai}	; ap[2,3]
-	 flddx		$idx($np),${fni}	; np[2,3]
-	ldw		-16($xfer),$abhi	; carry bit actually
-	 ldo		8($idx),$idx		; j++++
-	ldw		-12($xfer),$ablo
-	ldw		-8($xfer),$nmhi0
-	ldw		-4($xfer),$nmlo0
-	ldw		0($xfer),$hi0		; high part
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	fstds		${fab1},0($xfer)
-	 addl		$abhi,$hi0,$hi0		; account carry bit
-	fstds		${fnm1},8($xfer)
-	 add		$ablo,$nmlo0,$nmlo0	; discarded
-	ldw		0($tp),$ti1		; tp[1]
-	 addc		%r0,$nmhi0,$hi1
-	fstds		${fab0},-16($xfer)
-	fstds		${fnm0},-8($xfer)
-	ldw		4($xfer),$ablo
-	ldw		0($xfer),$abhi
-
-L\$inner_pa11
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
-	flddx		$idx($ap),${fai}	; ap[j,j+1]
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
-	flddx		$idx($np),${fni}	; np[j,j+1]
-	 add		$hi0,$ablo,$ablo
-	ldw		4($tp),$ti0		; tp[j]
-	 addc		%r0,$abhi,$abhi
-	ldw		12($xfer),$nmlo1
-	 add		$ti1,$ablo,$ablo
-	ldw		8($xfer),$nmhi1
-	 addc		%r0,$abhi,$hi0
-	fstds		${fab1},0($xfer)
-	 add		$ablo,$nmlo1,$nmlo1
-	fstds		${fnm1},8($xfer)
-	 addc		%r0,$nmhi1,$nmhi1
-	ldw		-12($xfer),$ablo
-	 add		$hi1,$nmlo1,$nmlo1
-	ldw		-16($xfer),$abhi
-	 addc		%r0,$nmhi1,$hi1
-
-	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
-	ldw		8($tp),$ti1		; tp[j]
-	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
-	ldw		-4($xfer),$nmlo0
-	 add		$hi0,$ablo,$ablo
-	ldw		-8($xfer),$nmhi0
-	 addc		%r0,$abhi,$abhi
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-	 add		$ti0,$ablo,$ablo
-	fstds		${fab0},-16($xfer)
-	 addc		%r0,$abhi,$hi0
-	fstds		${fnm0},-8($xfer)
-	 add		$ablo,$nmlo0,$nmlo0
-	ldw		4($xfer),$ablo
-	 addc		%r0,$nmhi0,$nmhi0
-	ldw		0($xfer),$abhi
-	 add		$hi1,$nmlo0,$nmlo0
-	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
-	addib,<>	8,$idx,L\$inner_pa11	; j++++
-	 addc		%r0,$nmhi0,$hi1
-
-	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
-	ldw		12($xfer),$nmlo1
-	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
-	ldw		8($xfer),$nmhi1
-	 add		$hi0,$ablo,$ablo
-	ldw		4($tp),$ti0		; tp[j]
-	 addc		%r0,$abhi,$abhi
-	fstds		${fab1},0($xfer)
-	 add		$ti1,$ablo,$ablo
-	fstds		${fnm1},8($xfer)
-	 addc		%r0,$abhi,$hi0
-	ldw		-16($xfer),$abhi
-	 add		$ablo,$nmlo1,$nmlo1
-	ldw		-12($xfer),$ablo
-	 addc		%r0,$nmhi1,$nmhi1
-	ldw		-8($xfer),$nmhi0
-	 add		$hi1,$nmlo1,$nmlo1
-	ldw		-4($xfer),$nmlo0
-	 addc		%r0,$nmhi1,$hi1
-
-	add		$hi0,$ablo,$ablo
-	 stw		$nmlo1,-4($tp)		; tp[j-1]
-	addc		%r0,$abhi,$abhi
-	 add		$ti0,$ablo,$ablo
-	ldw		8($tp),$ti1		; tp[j]
-	 addc		%r0,$abhi,$hi0
-	ldw		0($xfer),$abhi
-	 add		$ablo,$nmlo0,$nmlo0
-	ldw		4($xfer),$ablo
-	 addc		%r0,$nmhi0,$nmhi0
-	ldws,mb		8($xfer),$nmhi1
-	 add		$hi1,$nmlo0,$nmlo0
-	ldw		4($xfer),$nmlo1
-	 addc		%r0,$nmhi0,$hi1
-	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
-
-	addib,=		-1,$num,L\$outerdone_pa11; i--
-	subi		0,$arrsz,$idx		; j=0
-
-	 fldws,ma	4($bp),${fbi}		; bp[i]
-	 flddx		$idx($ap),${fai}	; ap[0]
-	add		$hi0,$ablo,$ablo
-	addc		%r0,$abhi,$abhi
-	 flddx		$idx($np),${fni}	; np[0]
-	 fldws		8($xfer),${fti}R	; tp[0]
-	add		$ti1,$ablo,$ablo
-	addc		%r0,$abhi,$hi0
-
-	 ldo		8($idx),$idx		; j++++
-	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
-	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
-	ldw		4($tp),$ti0		; tp[j]
-
-	add		$hi1,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$nmhi1
-	 fstws,mb	${fab0}L,-8($xfer)	; save high part
-	add		$ablo,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$hi1
-	 fcpy,sgl	%fr0,${fti}L		; zero high part
-	 fcpy,sgl	%fr0,${fab0}L
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-
-	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
-	 fcnvxf,dbl,dbl	${fab0},${fab0}
-	add		$hi1,$hi0,$hi0
-	addc		%r0,%r0,$hi1
-	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
-	add		$ti0,$hi0,$hi0
-	addc		%r0,$hi1,$hi1
-	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-	 xmpyu		${fn0},${fab0}R,${fm0}
-
-	b		L\$outer_pa11
-	ldo		`$LOCALS+32+4`($fp),$tp
-
-L\$outerdone_pa11
-	add		$hi0,$ablo,$ablo
-	addc		%r0,$abhi,$abhi
-	add		$ti1,$ablo,$ablo
-	addc		%r0,$abhi,$hi0
-
-	ldw		4($tp),$ti0		; tp[j]
-
-	add		$hi1,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$nmhi1
-	add		$ablo,$nmlo1,$nmlo1
-	addc		%r0,$nmhi1,$hi1
-	stw		$nmlo1,-4($tp)		; tp[j-1]
-
-	add		$hi1,$hi0,$hi0
-	addc		%r0,%r0,$hi1
-	add		$ti0,$hi0,$hi0
-	addc		%r0,$hi1,$hi1
-	stw		$hi0,0($tp)
-	stw		$hi1,4($tp)
-
-	ldo		`$LOCALS+32+4`($fp),$tp
-	sub		%r0,%r0,%r0		; clear borrow
-	ldw		-4($tp),$ti0
-	addl		$tp,$arrsz,$tp
-L\$sub_pa11
-	ldwx		$idx($np),$hi0
-	subb		$ti0,$hi0,$hi1
-	ldwx		$idx($tp),$ti0
-	addib,<>	4,$idx,L\$sub_pa11
-	stws,ma		$hi1,4($rp)
-
-	subb		$ti0,%r0,$hi1
-	ldo		-4($tp),$tp
-	and		$tp,$hi1,$ap
-	andcm		$rp,$hi1,$bp
-	or		$ap,$bp,$np
-
-	sub		$rp,$arrsz,$rp		; rewind rp
-	subi		0,$arrsz,$idx
-	ldo		`$LOCALS+32`($fp),$tp
-L\$copy_pa11
-	ldwx		$idx($np),$hi0
-	stws,ma		%r0,4($tp)
-	addib,<>	4,$idx,L\$copy_pa11
-	stws,ma		$hi0,4($rp)	
-
-	nop					; alignment
-L\$done
-___
-}
-
-$code.=<<___;
-	ldi		1,%r28			; signal "handled"
-	ldo		$FRAME($fp),%sp		; destroy tp[num+1]
-
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-L\$abort
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.data
-	.STRINGZ "Montgomery Multiplication for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-# Explicitly encode PA-RISC 2.0 instructions used in this module, so
-# that it can be compiled with .LEVEL 1.0. It should be noted that I
-# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
-# directive...
-
-my $ldd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "ldd$mod\t$args";
-
-    if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)		# format 4
-    {	my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)	# format 5
-    {	my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
-	$opcode|=(($1&0xF)<<17)|(($1&0x10)<<12);		# encode offset
-	$opcode|=(1<<5)  if ($mod =~ /^,m/);
-	$opcode|=(1<<13) if ($mod =~ /^,mb/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $std = sub {
-  my ($mod,$args) = @_;
-  my $orig = "std$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/)	# format 6
-    {	my $opcode=(0x03<<26)|($3<<21)|($1<<16)|(1<<12)|(0xB<<6);
-	$opcode|=(($2&0xF)<<1)|(($2&0x10)>>4);			# encode offset
-	$opcode|=(1<<5)  if ($mod =~ /^,m/);
-	$opcode|=(1<<13) if ($mod =~ /^,mb/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $extrd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "extrd$mod\t$args";
-
-    # I only have ",u" completer, it's implicitly encoded...
-    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
-    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
-	my $len=32-$3;
-	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
-	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
-    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
-	my $len=32-$2;
-	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
-	$opcode |= (1<<13) if ($mod =~ /,\**=/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $shrpd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "shrpd$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
-    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
-	my $cpos=63-$3;
-	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $sub = sub {
-  my ($mod,$args) = @_;
-  my $orig = "sub$mod\t$args";
-
-    if ($mod eq ",db" && $args =~ /%r([0-9]+),%r([0-9]+),%r([0-9]+)/) {
-	my $opcode=(0x02<<26)|($2<<21)|($1<<16)|$3;
-	$opcode|=(1<<10);	# e1
-	$opcode|=(1<<8);	# e2
-	$opcode|=(1<<5);	# d
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig
-    }
-    else { "\t".$orig; }
-};
-
-sub assemble {
-  my ($mnemonic,$mod,$args)=@_;
-  my $opcode = eval("\$$mnemonic");
-
-    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
-}
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-	# flip word order in 64-bit mode...
-	s/(xmpyu\s+)($fai|$fni)([LR])/$1.$2.($3 eq "L"?"R":"L")/e if ($BN_SZ==8);
-	# assemble 2.0 instructions in 32-bit mode...
-	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
-
-	s/\bbv\b/bve/gm	if ($SIZE_T==8);
-
-	print $_,"\n";
-}
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/ppc-mont.pl b/lib/libssl/src/crypto/bn/asm/ppc-mont.pl
deleted file mode 100644
index f9b6992ccc8..00000000000
--- a/lib/libssl/src/crypto/bn/asm/ppc-mont.pl
+++ /dev/null
@@ -1,334 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# April 2006
-
-# "Teaser" Montgomery multiplication module for PowerPC. It's possible
-# to gain a bit more by modulo-scheduling outer loop, then dedicated
-# squaring procedure should give further 20% and code can be adapted
-# for 32-bit application running on 64-bit CPU. As for the latter.
-# It won't be able to achieve "native" 64-bit performance, because in
-# 32-bit application context every addc instruction will have to be
-# expanded as addc, twice right shift by 32 and finally adde, etc.
-# So far RSA *sign* performance improvement over pre-bn_mul_mont asm
-# for 64-bit application running on PPC970/G5 is:
-#
-# 512-bit	+65%	
-# 1024-bit	+35%
-# 2048-bit	+18%
-# 4096-bit	+4%
-
-$flavour = shift;
-
-if ($flavour =~ /32/) {
-	$BITS=	32;
-	$BNSZ=	$BITS/8;
-	$SIZE_T=4;
-	$RZONE=	224;
-
-	$LD=	"lwz";		# load
-	$LDU=	"lwzu";		# load and update
-	$LDX=	"lwzx";		# load indexed
-	$ST=	"stw";		# store
-	$STU=	"stwu";		# store and update
-	$STX=	"stwx";		# store indexed
-	$STUX=	"stwux";	# store indexed and update
-	$UMULL=	"mullw";	# unsigned multiply low
-	$UMULH=	"mulhwu";	# unsigned multiply high
-	$UCMP=	"cmplw";	# unsigned compare
-	$SHRI=	"srwi";		# unsigned shift right by immediate	
-	$PUSH=	$ST;
-	$POP=	$LD;
-} elsif ($flavour =~ /64/) {
-	$BITS=	64;
-	$BNSZ=	$BITS/8;
-	$SIZE_T=8;
-	$RZONE=	288;
-
-	# same as above, but 64-bit mnemonics...
-	$LD=	"ld";		# load
-	$LDU=	"ldu";		# load and update
-	$LDX=	"ldx";		# load indexed
-	$ST=	"std";		# store
-	$STU=	"stdu";		# store and update
-	$STX=	"stdx";		# store indexed
-	$STUX=	"stdux";	# store indexed and update
-	$UMULL=	"mulld";	# unsigned multiply low
-	$UMULH=	"mulhdu";	# unsigned multiply high
-	$UCMP=	"cmpld";	# unsigned compare
-	$SHRI=	"srdi";		# unsigned shift right by immediate	
-	$PUSH=	$ST;
-	$POP=	$LD;
-} else { die "nonsense $flavour"; }
-
-$FRAME=8*$SIZE_T+$RZONE;
-$LOCALS=8*$SIZE_T;
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-$sp="r1";
-$toc="r2";
-$rp="r3";	$ovf="r3";
-$ap="r4";
-$bp="r5";
-$np="r6";
-$n0="r7";
-$num="r8";
-$rp="r9";	# $rp is reassigned
-$aj="r10";
-$nj="r11";
-$tj="r12";
-# non-volatile registers
-$i="r20";
-$j="r21";
-$tp="r22";
-$m0="r23";
-$m1="r24";
-$lo0="r25";
-$hi0="r26";
-$lo1="r27";
-$hi1="r28";
-$alo="r29";
-$ahi="r30";
-$nlo="r31";
-#
-$nhi="r0";
-
-$code=<<___;
-.machine "any"
-.text
-
-.globl	.bn_mul_mont_int
-.align	4
-.bn_mul_mont_int:
-	cmpwi	$num,4
-	mr	$rp,r3		; $rp is reassigned
-	li	r3,0
-	bltlr
-___
-$code.=<<___ if ($BNSZ==4);
-	cmpwi	$num,32		; longer key performance is not better
-	bgelr
-___
-$code.=<<___;
-	slwi	$num,$num,`log($BNSZ)/log(2)`
-	li	$tj,-4096
-	addi	$ovf,$num,$FRAME
-	subf	$ovf,$ovf,$sp	; $sp-$ovf
-	and	$ovf,$ovf,$tj	; minimize TLB usage
-	subf	$ovf,$sp,$ovf	; $ovf-$sp
-	mr	$tj,$sp
-	srwi	$num,$num,`log($BNSZ)/log(2)`
-	$STUX	$sp,$sp,$ovf
-
-	$PUSH	r20,`-12*$SIZE_T`($tj)
-	$PUSH	r21,`-11*$SIZE_T`($tj)
-	$PUSH	r22,`-10*$SIZE_T`($tj)
-	$PUSH	r23,`-9*$SIZE_T`($tj)
-	$PUSH	r24,`-8*$SIZE_T`($tj)
-	$PUSH	r25,`-7*$SIZE_T`($tj)
-	$PUSH	r26,`-6*$SIZE_T`($tj)
-	$PUSH	r27,`-5*$SIZE_T`($tj)
-	$PUSH	r28,`-4*$SIZE_T`($tj)
-	$PUSH	r29,`-3*$SIZE_T`($tj)
-	$PUSH	r30,`-2*$SIZE_T`($tj)
-	$PUSH	r31,`-1*$SIZE_T`($tj)
-
-	$LD	$n0,0($n0)	; pull n0[0] value
-	addi	$num,$num,-2	; adjust $num for counter register
-
-	$LD	$m0,0($bp)	; m0=bp[0]
-	$LD	$aj,0($ap)	; ap[0]
-	addi	$tp,$sp,$LOCALS
-	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[0]
-	$UMULH	$hi0,$aj,$m0
-
-	$LD	$aj,$BNSZ($ap)	; ap[1]
-	$LD	$nj,0($np)	; np[0]
-
-	$UMULL	$m1,$lo0,$n0	; "tp[0]"*n0
-
-	$UMULL	$alo,$aj,$m0	; ap[1]*bp[0]
-	$UMULH	$ahi,$aj,$m0
-
-	$UMULL	$lo1,$nj,$m1	; np[0]*m1
-	$UMULH	$hi1,$nj,$m1
-	$LD	$nj,$BNSZ($np)	; np[1]
-	addc	$lo1,$lo1,$lo0
-	addze	$hi1,$hi1
-
-	$UMULL	$nlo,$nj,$m1	; np[1]*m1
-	$UMULH	$nhi,$nj,$m1
-
-	mtctr	$num
-	li	$j,`2*$BNSZ`
-.align	4
-L1st:
-	$LDX	$aj,$ap,$j	; ap[j]
-	addc	$lo0,$alo,$hi0
-	$LDX	$nj,$np,$j	; np[j]
-	addze	$hi0,$ahi
-	$UMULL	$alo,$aj,$m0	; ap[j]*bp[0]
-	addc	$lo1,$nlo,$hi1
-	$UMULH	$ahi,$aj,$m0
-	addze	$hi1,$nhi
-	$UMULL	$nlo,$nj,$m1	; np[j]*m1
-	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
-	$UMULH	$nhi,$nj,$m1
-	addze	$hi1,$hi1
-	$ST	$lo1,0($tp)	; tp[j-1]
-
-	addi	$j,$j,$BNSZ	; j++
-	addi	$tp,$tp,$BNSZ	; tp++
-	bdnz-	L1st
-;L1st
-	addc	$lo0,$alo,$hi0
-	addze	$hi0,$ahi
-
-	addc	$lo1,$nlo,$hi1
-	addze	$hi1,$nhi
-	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
-	addze	$hi1,$hi1
-	$ST	$lo1,0($tp)	; tp[j-1]
-
-	li	$ovf,0
-	addc	$hi1,$hi1,$hi0
-	addze	$ovf,$ovf	; upmost overflow bit
-	$ST	$hi1,$BNSZ($tp)
-
-	li	$i,$BNSZ
-.align	4
-Louter:
-	$LDX	$m0,$bp,$i	; m0=bp[i]
-	$LD	$aj,0($ap)	; ap[0]
-	addi	$tp,$sp,$LOCALS
-	$LD	$tj,$LOCALS($sp); tp[0]
-	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[i]
-	$UMULH	$hi0,$aj,$m0
-	$LD	$aj,$BNSZ($ap)	; ap[1]
-	$LD	$nj,0($np)	; np[0]
-	addc	$lo0,$lo0,$tj	; ap[0]*bp[i]+tp[0]
-	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
-	addze	$hi0,$hi0
-	$UMULL	$m1,$lo0,$n0	; tp[0]*n0
-	$UMULH	$ahi,$aj,$m0
-	$UMULL	$lo1,$nj,$m1	; np[0]*m1
-	$UMULH	$hi1,$nj,$m1
-	$LD	$nj,$BNSZ($np)	; np[1]
-	addc	$lo1,$lo1,$lo0
-	$UMULL	$nlo,$nj,$m1	; np[1]*m1
-	addze	$hi1,$hi1
-	$UMULH	$nhi,$nj,$m1
-
-	mtctr	$num
-	li	$j,`2*$BNSZ`
-.align	4
-Linner:
-	$LDX	$aj,$ap,$j	; ap[j]
-	addc	$lo0,$alo,$hi0
-	$LD	$tj,$BNSZ($tp)	; tp[j]
-	addze	$hi0,$ahi
-	$LDX	$nj,$np,$j	; np[j]
-	addc	$lo1,$nlo,$hi1
-	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
-	addze	$hi1,$nhi
-	$UMULH	$ahi,$aj,$m0
-	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
-	$UMULL	$nlo,$nj,$m1	; np[j]*m1
-	addze	$hi0,$hi0
-	$UMULH	$nhi,$nj,$m1
-	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
-	addi	$j,$j,$BNSZ	; j++
-	addze	$hi1,$hi1
-	$ST	$lo1,0($tp)	; tp[j-1]
-	addi	$tp,$tp,$BNSZ	; tp++
-	bdnz-	Linner
-;Linner
-	$LD	$tj,$BNSZ($tp)	; tp[j]
-	addc	$lo0,$alo,$hi0
-	addze	$hi0,$ahi
-	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
-	addze	$hi0,$hi0
-
-	addc	$lo1,$nlo,$hi1
-	addze	$hi1,$nhi
-	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
-	addze	$hi1,$hi1
-	$ST	$lo1,0($tp)	; tp[j-1]
-
-	addic	$ovf,$ovf,-1	; move upmost overflow to XER[CA]
-	li	$ovf,0
-	adde	$hi1,$hi1,$hi0
-	addze	$ovf,$ovf
-	$ST	$hi1,$BNSZ($tp)
-;
-	slwi	$tj,$num,`log($BNSZ)/log(2)`
-	$UCMP	$i,$tj
-	addi	$i,$i,$BNSZ
-	ble-	Louter
-
-	addi	$num,$num,2	; restore $num
-	subfc	$j,$j,$j	; j=0 and "clear" XER[CA]
-	addi	$tp,$sp,$LOCALS
-	mtctr	$num
-
-.align	4
-Lsub:	$LDX	$tj,$tp,$j
-	$LDX	$nj,$np,$j
-	subfe	$aj,$nj,$tj	; tp[j]-np[j]
-	$STX	$aj,$rp,$j
-	addi	$j,$j,$BNSZ
-	bdnz-	Lsub
-
-	li	$j,0
-	mtctr	$num
-	subfe	$ovf,$j,$ovf	; handle upmost overflow bit
-	and	$ap,$tp,$ovf
-	andc	$np,$rp,$ovf
-	or	$ap,$ap,$np	; ap=borrow?tp:rp
-
-.align	4
-Lcopy:				; copy or in-place refresh
-	$LDX	$tj,$ap,$j
-	$STX	$tj,$rp,$j
-	$STX	$j,$tp,$j	; zap at once
-	addi	$j,$j,$BNSZ
-	bdnz-	Lcopy
-
-	$POP	$tj,0($sp)
-	li	r3,1
-	$POP	r20,`-12*$SIZE_T`($tj)
-	$POP	r21,`-11*$SIZE_T`($tj)
-	$POP	r22,`-10*$SIZE_T`($tj)
-	$POP	r23,`-9*$SIZE_T`($tj)
-	$POP	r24,`-8*$SIZE_T`($tj)
-	$POP	r25,`-7*$SIZE_T`($tj)
-	$POP	r26,`-6*$SIZE_T`($tj)
-	$POP	r27,`-5*$SIZE_T`($tj)
-	$POP	r28,`-4*$SIZE_T`($tj)
-	$POP	r29,`-3*$SIZE_T`($tj)
-	$POP	r30,`-2*$SIZE_T`($tj)
-	$POP	r31,`-1*$SIZE_T`($tj)
-	mr	$sp,$tj
-	blr
-	.long	0
-	.byte	0,12,4,0,0x80,12,6,0
-	.long	0
-
-.asciz  "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/ppc.pl b/lib/libssl/src/crypto/bn/asm/ppc.pl
deleted file mode 100644
index 1249ce22998..00000000000
--- a/lib/libssl/src/crypto/bn/asm/ppc.pl
+++ /dev/null
@@ -1,1998 +0,0 @@
-#!/usr/bin/env perl
-#
-# Implemented as a Perl wrapper as we want to support several different
-# architectures with single file. We pick up the target based on the
-# file name we are asked to generate.
-#
-# It should be noted though that this perl code is nothing like
-# <openssl>/crypto/perlasm/x86*. In this case perl is used pretty much
-# as pre-processor to cover for platform differences in name decoration,
-# linker tables, 32-/64-bit instruction sets...
-#
-# As you might know there're several PowerPC ABI in use. Most notably
-# Linux and AIX use different 32-bit ABIs. Good news are that these ABIs
-# are similar enough to implement leaf(!) functions, which would be ABI
-# neutral. And that's what you find here: ABI neutral leaf functions.
-# In case you wonder what that is...
-#
-#       AIX performance
-#
-#	MEASUREMENTS WITH cc ON a 200 MhZ PowerPC 604e.
-#
-#	The following is the performance of 32-bit compiler
-#	generated code:
-#
-#	OpenSSL 0.9.6c 21 dec 2001
-#	built on: Tue Jun 11 11:06:51 EDT 2002
-#	options:bn(64,32) ...
-#compiler: cc -DTHREADS  -DAIX -DB_ENDIAN -DBN_LLONG -O3
-#                  sign    verify    sign/s verify/s
-#rsa  512 bits   0.0098s   0.0009s    102.0   1170.6
-#rsa 1024 bits   0.0507s   0.0026s     19.7    387.5
-#rsa 2048 bits   0.3036s   0.0085s      3.3    117.1
-#rsa 4096 bits   2.0040s   0.0299s      0.5     33.4
-#dsa  512 bits   0.0087s   0.0106s    114.3     94.5
-#dsa 1024 bits   0.0256s   0.0313s     39.0     32.0	
-#
-#	Same bechmark with this assembler code:
-#
-#rsa  512 bits   0.0056s   0.0005s    178.6   2049.2
-#rsa 1024 bits   0.0283s   0.0015s     35.3    674.1
-#rsa 2048 bits   0.1744s   0.0050s      5.7    201.2
-#rsa 4096 bits   1.1644s   0.0179s      0.9     55.7
-#dsa  512 bits   0.0052s   0.0062s    191.6    162.0
-#dsa 1024 bits   0.0149s   0.0180s     67.0     55.5
-#
-#	Number of operations increases by at almost 75%
-#
-#	Here are performance numbers for 64-bit compiler
-#	generated code:
-#
-#	OpenSSL 0.9.6g [engine] 9 Aug 2002
-#	built on: Fri Apr 18 16:59:20 EDT 2003
-#	options:bn(64,64) ...
-#	compiler: cc -DTHREADS -D_REENTRANT -q64 -DB_ENDIAN -O3
-#                  sign    verify    sign/s verify/s
-#rsa  512 bits   0.0028s   0.0003s    357.1   3844.4
-#rsa 1024 bits   0.0148s   0.0008s     67.5   1239.7
-#rsa 2048 bits   0.0963s   0.0028s     10.4    353.0
-#rsa 4096 bits   0.6538s   0.0102s      1.5     98.1
-#dsa  512 bits   0.0026s   0.0032s    382.5    313.7
-#dsa 1024 bits   0.0081s   0.0099s    122.8    100.6
-#
-#	Same benchmark with this assembler code:
-#
-#rsa  512 bits   0.0020s   0.0002s    510.4   6273.7
-#rsa 1024 bits   0.0088s   0.0005s    114.1   2128.3
-#rsa 2048 bits   0.0540s   0.0016s     18.5    622.5
-#rsa 4096 bits   0.3700s   0.0058s      2.7    171.0
-#dsa  512 bits   0.0016s   0.0020s    610.7    507.1
-#dsa 1024 bits   0.0047s   0.0058s    212.5    173.2
-#	
-#	Again, performance increases by at about 75%
-#
-#       Mac OS X, Apple G5 1.8GHz (Note this is 32 bit code)
-#       OpenSSL 0.9.7c 30 Sep 2003
-#
-#       Original code.
-#
-#rsa  512 bits   0.0011s   0.0001s    906.1  11012.5
-#rsa 1024 bits   0.0060s   0.0003s    166.6   3363.1
-#rsa 2048 bits   0.0370s   0.0010s     27.1    982.4
-#rsa 4096 bits   0.2426s   0.0036s      4.1    280.4
-#dsa  512 bits   0.0010s   0.0012s   1038.1    841.5
-#dsa 1024 bits   0.0030s   0.0037s    329.6    269.7
-#dsa 2048 bits   0.0101s   0.0127s     98.9     78.6
-#
-#       Same benchmark with this assembler code:
-#
-#rsa  512 bits   0.0007s   0.0001s   1416.2  16645.9
-#rsa 1024 bits   0.0036s   0.0002s    274.4   5380.6
-#rsa 2048 bits   0.0222s   0.0006s     45.1   1589.5
-#rsa 4096 bits   0.1469s   0.0022s      6.8    449.6
-#dsa  512 bits   0.0006s   0.0007s   1664.2   1376.2
-#dsa 1024 bits   0.0018s   0.0023s    545.0    442.2
-#dsa 2048 bits   0.0061s   0.0075s    163.5    132.8
-#
-#        Performance increase of ~60%
-#
-#	If you have comments or suggestions to improve code send
-#	me a note at schari@us.ibm.com
-#
-
-$flavour = shift;
-
-if ($flavour =~ /32/) {
-	$BITS=	32;
-	$BNSZ=	$BITS/8;
-	$ISA=	"\"ppc\"";
-
-	$LD=	"lwz";		# load
-	$LDU=	"lwzu";		# load and update
-	$ST=	"stw";		# store
-	$STU=	"stwu";		# store and update
-	$UMULL=	"mullw";	# unsigned multiply low
-	$UMULH=	"mulhwu";	# unsigned multiply high
-	$UDIV=	"divwu";	# unsigned divide
-	$UCMPI=	"cmplwi";	# unsigned compare with immediate
-	$UCMP=	"cmplw";	# unsigned compare
-	$CNTLZ=	"cntlzw";	# count leading zeros
-	$SHL=	"slw";		# shift left
-	$SHR=	"srw";		# unsigned shift right
-	$SHRI=	"srwi";		# unsigned shift right by immediate	
-	$SHLI=	"slwi";		# shift left by immediate
-	$CLRU=	"clrlwi";	# clear upper bits
-	$INSR=	"insrwi";	# insert right
-	$ROTL=	"rotlwi";	# rotate left by immediate
-	$TR=	"tw";		# conditional trap
-} elsif ($flavour =~ /64/) {
-	$BITS=	64;
-	$BNSZ=	$BITS/8;
-	$ISA=	"\"ppc64\"";
-
-	# same as above, but 64-bit mnemonics...
-	$LD=	"ld";		# load
-	$LDU=	"ldu";		# load and update
-	$ST=	"std";		# store
-	$STU=	"stdu";		# store and update
-	$UMULL=	"mulld";	# unsigned multiply low
-	$UMULH=	"mulhdu";	# unsigned multiply high
-	$UDIV=	"divdu";	# unsigned divide
-	$UCMPI=	"cmpldi";	# unsigned compare with immediate
-	$UCMP=	"cmpld";	# unsigned compare
-	$CNTLZ=	"cntlzd";	# count leading zeros
-	$SHL=	"sld";		# shift left
-	$SHR=	"srd";		# unsigned shift right
-	$SHRI=	"srdi";		# unsigned shift right by immediate	
-	$SHLI=	"sldi";		# shift left by immediate
-	$CLRU=	"clrldi";	# clear upper bits
-	$INSR=	"insrdi";	# insert right 
-	$ROTL=	"rotldi";	# rotate left by immediate
-	$TR=	"td";		# conditional trap
-} else { die "nonsense $flavour"; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-$data=<<EOF;
-#--------------------------------------------------------------------
-#
-#
-#
-#
-#	File:		ppc32.s
-#
-#	Created by:	Suresh Chari
-#			IBM Thomas J. Watson Research Library
-#			Hawthorne, NY
-#
-#
-#	Description:	Optimized assembly routines for OpenSSL crypto
-#			on the 32 bitPowerPC platform.
-#
-#
-#	Version History
-#
-#	2. Fixed bn_add,bn_sub and bn_div_words, added comments,
-#	   cleaned up code. Also made a single version which can
-#	   be used for both the AIX and Linux compilers. See NOTE
-#	   below.
-#				12/05/03		Suresh Chari
-#			(with lots of help from)        Andy Polyakov
-##	
-#	1. Initial version	10/20/02		Suresh Chari
-#
-#
-#	The following file works for the xlc,cc
-#	and gcc compilers.
-#
-#	NOTE:	To get the file to link correctly with the gcc compiler
-#	        you have to change the names of the routines and remove
-#		the first .(dot) character. This should automatically
-#		be done in the build process.
-#
-#	Hand optimized assembly code for the following routines
-#	
-#	bn_sqr_comba4
-#	bn_sqr_comba8
-#	bn_mul_comba4
-#	bn_mul_comba8
-#	bn_sub_words
-#	bn_add_words
-#	bn_div_words
-#	bn_sqr_words
-#	bn_mul_words
-#	bn_mul_add_words
-#
-#	NOTE:	It is possible to optimize this code more for
-#	specific PowerPC or Power architectures. On the Northstar
-#	architecture the optimizations in this file do
-#	 NOT provide much improvement.
-#
-#	If you have comments or suggestions to improve code send
-#	me a note at schari\@us.ibm.com
-#
-#--------------------------------------------------------------------------
-#
-#	Defines to be used in the assembly code.
-#	
-#.set r0,0	# we use it as storage for value of 0
-#.set SP,1	# preserved
-#.set RTOC,2	# preserved 
-#.set r3,3	# 1st argument/return value
-#.set r4,4	# 2nd argument/volatile register
-#.set r5,5	# 3rd argument/volatile register
-#.set r6,6	# ...
-#.set r7,7
-#.set r8,8
-#.set r9,9
-#.set r10,10
-#.set r11,11
-#.set r12,12
-#.set r13,13	# not used, nor any other "below" it...
-
-#	Declare function names to be global
-#	NOTE:	For gcc these names MUST be changed to remove
-#	        the first . i.e. for example change ".bn_sqr_comba4"
-#		to "bn_sqr_comba4". This should be automatically done
-#		in the build.
-	
-	.globl	.bn_sqr_comba4
-	.globl	.bn_sqr_comba8
-	.globl	.bn_mul_comba4
-	.globl	.bn_mul_comba8
-	.globl	.bn_sub_words
-	.globl	.bn_add_words
-	.globl	.bn_div_words
-	.globl	.bn_sqr_words
-	.globl	.bn_mul_words
-	.globl	.bn_mul_add_words
-	
-# .text section
-	
-	.machine	"any"
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_sqr_comba4" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4
-.bn_sqr_comba4:
-#
-# Optimized version of bn_sqr_comba4.
-#
-# void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
-# r3 contains r
-# r4 contains a
-#
-# Freely use registers r5,r6,r7,r8,r9,r10,r11 as follows:	
-# 
-# r5,r6 are the two BN_ULONGs being multiplied.
-# r7,r8 are the results of the 32x32 giving 64 bit multiply.
-# r9,r10, r11 are the equivalents of c1,c2, c3.
-# Here's the assembly
-#
-#
-	xor		r0,r0,r0		# set r0 = 0. Used in the addze
-						# instructions below
-	
-						#sqr_add_c(a,0,c1,c2,c3)
-	$LD		r5,`0*$BNSZ`(r4)		
-	$UMULL		r9,r5,r5		
-	$UMULH		r10,r5,r5		#in first iteration. No need
-						#to add since c1=c2=c3=0.
-						# Note c3(r11) is NOT set to 0
-						# but will be.
-
-	$ST		r9,`0*$BNSZ`(r3)	# r[0]=c1;
-						# sqr_add_c2(a,1,0,c2,c3,c1);
-	$LD		r6,`1*$BNSZ`(r4)		
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-					
-	addc		r7,r7,r7		# compute (r7,r8)=2*(r7,r8)
-	adde		r8,r8,r8
-	addze		r9,r0			# catch carry if any.
-						# r9= r0(=0) and carry 
-	
-	addc		r10,r7,r10		# now add to temp result.
-	addze		r11,r8                  # r8 added to r11 which is 0 
-	addze		r9,r9
-	
-	$ST		r10,`1*$BNSZ`(r3)	#r[1]=c2; 
-						#sqr_add_c(a,1,c3,c1,c2)
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r0
-						#sqr_add_c2(a,2,0,c3,c1,c2)
-	$LD		r6,`2*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r7,r7,r7
-	adde		r8,r8,r8
-	addze		r10,r10
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	$ST		r11,`2*$BNSZ`(r3)	#r[2]=c3 
-						#sqr_add_c2(a,3,0,c1,c2,c3);
-	$LD		r6,`3*$BNSZ`(r4)		
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r7,r7,r7
-	adde		r8,r8,r8
-	addze		r11,r0
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,2,1,c1,c2,c3);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`2*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r7,r7,r7
-	adde		r8,r8,r8
-	addze		r11,r11
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	$ST		r9,`3*$BNSZ`(r3)	#r[3]=c1
-						#sqr_add_c(a,2,c2,c3,c1);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r0
-						#sqr_add_c2(a,3,1,c2,c3,c1);
-	$LD		r6,`3*$BNSZ`(r4)		
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r7,r7,r7
-	adde		r8,r8,r8
-	addze		r9,r9
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	$ST		r10,`4*$BNSZ`(r3)	#r[4]=c2
-						#sqr_add_c2(a,3,2,c3,c1,c2);
-	$LD		r5,`2*$BNSZ`(r4)		
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r7,r7,r7
-	adde		r8,r8,r8
-	addze		r10,r0
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	$ST		r11,`5*$BNSZ`(r3)	#r[5] = c3
-						#sqr_add_c(a,3,c1,c2,c3);
-	$UMULL		r7,r6,r6		
-	$UMULH		r8,r6,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-
-	$ST		r9,`6*$BNSZ`(r3)	#r[6]=c1
-	$ST		r10,`7*$BNSZ`(r3)	#r[7]=c2
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,2,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_sqr_comba8" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-	
-.align	4
-.bn_sqr_comba8:
-#
-# This is an optimized version of the bn_sqr_comba8 routine.
-# Tightly uses the adde instruction
-#
-#
-# void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
-# r3 contains r
-# r4 contains a
-#
-# Freely use registers r5,r6,r7,r8,r9,r10,r11 as follows:	
-# 
-# r5,r6 are the two BN_ULONGs being multiplied.
-# r7,r8 are the results of the 32x32 giving 64 bit multiply.
-# r9,r10, r11 are the equivalents of c1,c2, c3.
-#
-# Possible optimization of loading all 8 longs of a into registers
-# doesnt provide any speedup
-# 
-
-	xor		r0,r0,r0		#set r0 = 0.Used in addze
-						#instructions below.
-
-						#sqr_add_c(a,0,c1,c2,c3);
-	$LD		r5,`0*$BNSZ`(r4)
-	$UMULL		r9,r5,r5		#1st iteration:	no carries.
-	$UMULH		r10,r5,r5
-	$ST		r9,`0*$BNSZ`(r3)	# r[0]=c1;
-						#sqr_add_c2(a,1,0,c2,c3,c1);
-	$LD		r6,`1*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6	
-	
-	addc		r10,r7,r10		#add the two register number
-	adde		r11,r8,r0 		# (r8,r7) to the three register
-	addze		r9,r0			# number (r9,r11,r10).NOTE:r0=0
-	
-	addc		r10,r7,r10		#add the two register number
-	adde		r11,r8,r11 		# (r8,r7) to the three register
-	addze		r9,r9			# number (r9,r11,r10).
-	
-	$ST		r10,`1*$BNSZ`(r3)	# r[1]=c2
-				
-						#sqr_add_c(a,1,c3,c1,c2);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r0
-						#sqr_add_c2(a,2,0,c3,c1,c2);
-	$LD		r6,`2*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	
-	$ST		r11,`2*$BNSZ`(r3)	#r[2]=c3
-						#sqr_add_c2(a,3,0,c1,c2,c3);
-	$LD		r6,`3*$BNSZ`(r4)	#r6 = a[3]. r5 is already a[0].
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r0
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,2,1,c1,c2,c3);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`2*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	
-	$ST		r9,`3*$BNSZ`(r3)	#r[3]=c1;
-						#sqr_add_c(a,2,c2,c3,c1);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r0
-						#sqr_add_c2(a,3,1,c2,c3,c1);
-	$LD		r6,`3*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-						#sqr_add_c2(a,4,0,c2,c3,c1);
-	$LD		r5,`0*$BNSZ`(r4)
-	$LD		r6,`4*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	$ST		r10,`4*$BNSZ`(r3)	#r[4]=c2;
-						#sqr_add_c2(a,5,0,c3,c1,c2);
-	$LD		r6,`5*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r0
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-						#sqr_add_c2(a,4,1,c3,c1,c2);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`4*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-						#sqr_add_c2(a,3,2,c3,c1,c2);
-	$LD		r5,`2*$BNSZ`(r4)
-	$LD		r6,`3*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	$ST		r11,`5*$BNSZ`(r3)	#r[5]=c3;
-						#sqr_add_c(a,3,c1,c2,c3);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r0
-						#sqr_add_c2(a,4,2,c1,c2,c3);
-	$LD		r6,`4*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,5,1,c1,c2,c3);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`5*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,6,0,c1,c2,c3);
-	$LD		r5,`0*$BNSZ`(r4)
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	$ST		r9,`6*$BNSZ`(r3)	#r[6]=c1;
-						#sqr_add_c2(a,7,0,c2,c3,c1);
-	$LD		r6,`7*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r0
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-						#sqr_add_c2(a,6,1,c2,c3,c1);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-						#sqr_add_c2(a,5,2,c2,c3,c1);
-	$LD		r5,`2*$BNSZ`(r4)
-	$LD		r6,`5*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-						#sqr_add_c2(a,4,3,c2,c3,c1);
-	$LD		r5,`3*$BNSZ`(r4)
-	$LD		r6,`4*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	$ST		r10,`7*$BNSZ`(r3)	#r[7]=c2;
-						#sqr_add_c(a,4,c3,c1,c2);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r0
-						#sqr_add_c2(a,5,3,c3,c1,c2);
-	$LD		r6,`5*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-						#sqr_add_c2(a,6,2,c3,c1,c2);
-	$LD		r5,`2*$BNSZ`(r4)
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-						#sqr_add_c2(a,7,1,c3,c1,c2);
-	$LD		r5,`1*$BNSZ`(r4)
-	$LD		r6,`7*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	$ST		r11,`8*$BNSZ`(r3)	#r[8]=c3;
-						#sqr_add_c2(a,7,2,c1,c2,c3);
-	$LD		r5,`2*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r0
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,6,3,c1,c2,c3);
-	$LD		r5,`3*$BNSZ`(r4)
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-						#sqr_add_c2(a,5,4,c1,c2,c3);
-	$LD		r5,`4*$BNSZ`(r4)
-	$LD		r6,`5*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	$ST		r9,`9*$BNSZ`(r3)	#r[9]=c1;
-						#sqr_add_c(a,5,c2,c3,c1);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r0
-						#sqr_add_c2(a,6,4,c2,c3,c1);
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-						#sqr_add_c2(a,7,3,c2,c3,c1);
-	$LD		r5,`3*$BNSZ`(r4)
-	$LD		r6,`7*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	$ST		r10,`10*$BNSZ`(r3)	#r[10]=c2;
-						#sqr_add_c2(a,7,4,c3,c1,c2);
-	$LD		r5,`4*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r0
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-						#sqr_add_c2(a,6,5,c3,c1,c2);
-	$LD		r5,`5*$BNSZ`(r4)
-	$LD		r6,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	addze		r10,r10
-	$ST		r11,`11*$BNSZ`(r3)	#r[11]=c3;
-						#sqr_add_c(a,6,c1,c2,c3);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r0
-						#sqr_add_c2(a,7,5,c1,c2,c3)
-	$LD		r6,`7*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	addc		r9,r7,r9
-	adde		r10,r8,r10
-	addze		r11,r11
-	$ST		r9,`12*$BNSZ`(r3)	#r[12]=c1;
-	
-						#sqr_add_c2(a,7,6,c2,c3,c1)
-	$LD		r5,`6*$BNSZ`(r4)
-	$UMULL		r7,r5,r6
-	$UMULH		r8,r5,r6
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r0
-	addc		r10,r7,r10
-	adde		r11,r8,r11
-	addze		r9,r9
-	$ST		r10,`13*$BNSZ`(r3)	#r[13]=c2;
-						#sqr_add_c(a,7,c3,c1,c2);
-	$UMULL		r7,r6,r6
-	$UMULH		r8,r6,r6
-	addc		r11,r7,r11
-	adde		r9,r8,r9
-	$ST		r11,`14*$BNSZ`(r3)	#r[14]=c3;
-	$ST		r9, `15*$BNSZ`(r3)	#r[15]=c1;
-
-
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,2,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_mul_comba4" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4
-.bn_mul_comba4:
-#
-# This is an optimized version of the bn_mul_comba4 routine.
-#
-# void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-# r3 contains r
-# r4 contains a
-# r5 contains b
-# r6, r7 are the 2 BN_ULONGs being multiplied.
-# r8, r9 are the results of the 32x32 giving 64 multiply.
-# r10, r11, r12 are the equivalents of c1, c2, and c3.
-#
-	xor	r0,r0,r0		#r0=0. Used in addze below.
-					#mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	r6,`0*$BNSZ`(r4)		
-	$LD	r7,`0*$BNSZ`(r5)		
-	$UMULL	r10,r6,r7		
-	$UMULH	r11,r6,r7		
-	$ST	r10,`0*$BNSZ`(r3)	#r[0]=c1
-					#mul_add_c(a[0],b[1],c2,c3,c1);
-	$LD	r7,`1*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r8,r11
-	adde	r12,r9,r0
-	addze	r10,r0
-					#mul_add_c(a[1],b[0],c2,c3,c1);
-	$LD	r6, `1*$BNSZ`(r4)		
-	$LD	r7, `0*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r8,r11
-	adde	r12,r9,r12
-	addze	r10,r10
-	$ST	r11,`1*$BNSZ`(r3)	#r[1]=c2
-					#mul_add_c(a[2],b[0],c3,c1,c2);
-	$LD	r6,`2*$BNSZ`(r4)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r8,r12
-	adde	r10,r9,r10
-	addze	r11,r0
-					#mul_add_c(a[1],b[1],c3,c1,c2);
-	$LD	r6,`1*$BNSZ`(r4)		
-	$LD	r7,`1*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r8,r12
-	adde	r10,r9,r10
-	addze	r11,r11
-					#mul_add_c(a[0],b[2],c3,c1,c2);
-	$LD	r6,`0*$BNSZ`(r4)		
-	$LD	r7,`2*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r8,r12
-	adde	r10,r9,r10
-	addze	r11,r11
-	$ST	r12,`2*$BNSZ`(r3)	#r[2]=c3
-					#mul_add_c(a[0],b[3],c1,c2,c3);
-	$LD	r7,`3*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r8,r10
-	adde	r11,r9,r11
-	addze	r12,r0
-					#mul_add_c(a[1],b[2],c1,c2,c3);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r8,r10
-	adde	r11,r9,r11
-	addze	r12,r12
-					#mul_add_c(a[2],b[1],c1,c2,c3);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r8,r10
-	adde	r11,r9,r11
-	addze	r12,r12
-					#mul_add_c(a[3],b[0],c1,c2,c3);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`0*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r8,r10
-	adde	r11,r9,r11
-	addze	r12,r12
-	$ST	r10,`3*$BNSZ`(r3)	#r[3]=c1
-					#mul_add_c(a[3],b[1],c2,c3,c1);
-	$LD	r7,`1*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r8,r11
-	adde	r12,r9,r12
-	addze	r10,r0
-					#mul_add_c(a[2],b[2],c2,c3,c1);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r8,r11
-	adde	r12,r9,r12
-	addze	r10,r10
-					#mul_add_c(a[1],b[3],c2,c3,c1);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r8,r11
-	adde	r12,r9,r12
-	addze	r10,r10
-	$ST	r11,`4*$BNSZ`(r3)	#r[4]=c2
-					#mul_add_c(a[2],b[3],c3,c1,c2);
-	$LD	r6,`2*$BNSZ`(r4)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r8,r12
-	adde	r10,r9,r10
-	addze	r11,r0
-					#mul_add_c(a[3],b[2],c3,c1,c2);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r8,r12
-	adde	r10,r9,r10
-	addze	r11,r11
-	$ST	r12,`5*$BNSZ`(r3)	#r[5]=c3
-					#mul_add_c(a[3],b[3],c1,c2,c3);
-	$LD	r7,`3*$BNSZ`(r5)		
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r8,r10
-	adde	r11,r9,r11
-
-	$ST	r10,`6*$BNSZ`(r3)	#r[6]=c1
-	$ST	r11,`7*$BNSZ`(r3)	#r[7]=c2
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,3,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_mul_comba8" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-	
-.align	4
-.bn_mul_comba8:
-#
-# Optimized version of the bn_mul_comba8 routine.
-#
-# void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-# r3 contains r
-# r4 contains a
-# r5 contains b
-# r6, r7 are the 2 BN_ULONGs being multiplied.
-# r8, r9 are the results of the 32x32 giving 64 multiply.
-# r10, r11, r12 are the equivalents of c1, c2, and c3.
-#
-	xor	r0,r0,r0		#r0=0. Used in addze below.
-	
-					#mul_add_c(a[0],b[0],c1,c2,c3);
-	$LD	r6,`0*$BNSZ`(r4)	#a[0]
-	$LD	r7,`0*$BNSZ`(r5)	#b[0]
-	$UMULL	r10,r6,r7
-	$UMULH	r11,r6,r7
-	$ST	r10,`0*$BNSZ`(r3)	#r[0]=c1;
-					#mul_add_c(a[0],b[1],c2,c3,c1);
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	addze	r12,r9			# since we didnt set r12 to zero before.
-	addze	r10,r0
-					#mul_add_c(a[1],b[0],c2,c3,c1);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`0*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-	$ST	r11,`1*$BNSZ`(r3)	#r[1]=c2;
-					#mul_add_c(a[2],b[0],c3,c1,c2);
-	$LD	r6,`2*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r0
-					#mul_add_c(a[1],b[1],c3,c1,c2);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[0],b[2],c3,c1,c2);
-	$LD	r6,`0*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-	$ST	r12,`2*$BNSZ`(r3)	#r[2]=c3;
-					#mul_add_c(a[0],b[3],c1,c2,c3);
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r0
-					#mul_add_c(a[1],b[2],c1,c2,c3);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-		
-					#mul_add_c(a[2],b[1],c1,c2,c3);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[3],b[0],c1,c2,c3);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`0*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-	$ST	r10,`3*$BNSZ`(r3)	#r[3]=c1;
-					#mul_add_c(a[4],b[0],c2,c3,c1);
-	$LD	r6,`4*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r0
-					#mul_add_c(a[3],b[1],c2,c3,c1);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[2],b[2],c2,c3,c1);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[1],b[3],c2,c3,c1);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[0],b[4],c2,c3,c1);
-	$LD	r6,`0*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-	$ST	r11,`4*$BNSZ`(r3)	#r[4]=c2;
-					#mul_add_c(a[0],b[5],c3,c1,c2);
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r0
-					#mul_add_c(a[1],b[4],c3,c1,c2);
-	$LD	r6,`1*$BNSZ`(r4)		
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[2],b[3],c3,c1,c2);
-	$LD	r6,`2*$BNSZ`(r4)		
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[3],b[2],c3,c1,c2);
-	$LD	r6,`3*$BNSZ`(r4)		
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[4],b[1],c3,c1,c2);
-	$LD	r6,`4*$BNSZ`(r4)		
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[5],b[0],c3,c1,c2);
-	$LD	r6,`5*$BNSZ`(r4)		
-	$LD	r7,`0*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-	$ST	r12,`5*$BNSZ`(r3)	#r[5]=c3;
-					#mul_add_c(a[6],b[0],c1,c2,c3);
-	$LD	r6,`6*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r0
-					#mul_add_c(a[5],b[1],c1,c2,c3);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[4],b[2],c1,c2,c3);
-	$LD	r6,`4*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[3],b[3],c1,c2,c3);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[2],b[4],c1,c2,c3);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[1],b[5],c1,c2,c3);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[0],b[6],c1,c2,c3);
-	$LD	r6,`0*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-	$ST	r10,`6*$BNSZ`(r3)	#r[6]=c1;
-					#mul_add_c(a[0],b[7],c2,c3,c1);
-	$LD	r7,`7*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r0
-					#mul_add_c(a[1],b[6],c2,c3,c1);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[2],b[5],c2,c3,c1);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[3],b[4],c2,c3,c1);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[4],b[3],c2,c3,c1);
-	$LD	r6,`4*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[5],b[2],c2,c3,c1);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[6],b[1],c2,c3,c1);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[7],b[0],c2,c3,c1);
-	$LD	r6,`7*$BNSZ`(r4)
-	$LD	r7,`0*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-	$ST	r11,`7*$BNSZ`(r3)	#r[7]=c2;
-					#mul_add_c(a[7],b[1],c3,c1,c2);
-	$LD	r7,`1*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r0
-					#mul_add_c(a[6],b[2],c3,c1,c2);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[5],b[3],c3,c1,c2);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[4],b[4],c3,c1,c2);
-	$LD	r6,`4*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[3],b[5],c3,c1,c2);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[2],b[6],c3,c1,c2);
-	$LD	r6,`2*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[1],b[7],c3,c1,c2);
-	$LD	r6,`1*$BNSZ`(r4)
-	$LD	r7,`7*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-	$ST	r12,`8*$BNSZ`(r3)	#r[8]=c3;
-					#mul_add_c(a[2],b[7],c1,c2,c3);
-	$LD	r6,`2*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r0
-					#mul_add_c(a[3],b[6],c1,c2,c3);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[4],b[5],c1,c2,c3);
-	$LD	r6,`4*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[5],b[4],c1,c2,c3);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[6],b[3],c1,c2,c3);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[7],b[2],c1,c2,c3);
-	$LD	r6,`7*$BNSZ`(r4)
-	$LD	r7,`2*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-	$ST	r10,`9*$BNSZ`(r3)	#r[9]=c1;
-					#mul_add_c(a[7],b[3],c2,c3,c1);
-	$LD	r7,`3*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r0
-					#mul_add_c(a[6],b[4],c2,c3,c1);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[5],b[5],c2,c3,c1);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[4],b[6],c2,c3,c1);
-	$LD	r6,`4*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-					#mul_add_c(a[3],b[7],c2,c3,c1);
-	$LD	r6,`3*$BNSZ`(r4)
-	$LD	r7,`7*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-	$ST	r11,`10*$BNSZ`(r3)	#r[10]=c2;
-					#mul_add_c(a[4],b[7],c3,c1,c2);
-	$LD	r6,`4*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r0
-					#mul_add_c(a[5],b[6],c3,c1,c2);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[6],b[5],c3,c1,c2);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-					#mul_add_c(a[7],b[4],c3,c1,c2);
-	$LD	r6,`7*$BNSZ`(r4)
-	$LD	r7,`4*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	addze	r11,r11
-	$ST	r12,`11*$BNSZ`(r3)	#r[11]=c3;
-					#mul_add_c(a[7],b[5],c1,c2,c3);
-	$LD	r7,`5*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r0
-					#mul_add_c(a[6],b[6],c1,c2,c3);
-	$LD	r6,`6*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-					#mul_add_c(a[5],b[7],c1,c2,c3);
-	$LD	r6,`5*$BNSZ`(r4)
-	$LD	r7,`7*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r10,r10,r8
-	adde	r11,r11,r9
-	addze	r12,r12
-	$ST	r10,`12*$BNSZ`(r3)	#r[12]=c1;
-					#mul_add_c(a[6],b[7],c2,c3,c1);
-	$LD	r6,`6*$BNSZ`(r4)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r0
-					#mul_add_c(a[7],b[6],c2,c3,c1);
-	$LD	r6,`7*$BNSZ`(r4)
-	$LD	r7,`6*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r11,r11,r8
-	adde	r12,r12,r9
-	addze	r10,r10
-	$ST	r11,`13*$BNSZ`(r3)	#r[13]=c2;
-					#mul_add_c(a[7],b[7],c3,c1,c2);
-	$LD	r7,`7*$BNSZ`(r5)
-	$UMULL	r8,r6,r7
-	$UMULH	r9,r6,r7
-	addc	r12,r12,r8
-	adde	r10,r10,r9
-	$ST	r12,`14*$BNSZ`(r3)	#r[14]=c3;
-	$ST	r10,`15*$BNSZ`(r3)	#r[15]=c1;
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,3,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_sub_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-#
-.align	4
-.bn_sub_words:
-#
-#	Handcoded version of bn_sub_words
-#
-#BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-#
-#	r3 = r
-#	r4 = a
-#	r5 = b
-#	r6 = n
-#
-#       Note:	No loop unrolling done since this is not a performance
-#               critical loop.
-
-	xor	r0,r0,r0	#set r0 = 0
-#
-#	check for r6 = 0 AND set carry bit.
-#
-	subfc.	r7,r0,r6        # If r6 is 0 then result is 0.
-				# if r6 > 0 then result !=0
-				# In either case carry bit is set.
-	beq	Lppcasm_sub_adios
-	addi	r4,r4,-$BNSZ
-	addi	r3,r3,-$BNSZ
-	addi	r5,r5,-$BNSZ
-	mtctr	r6
-Lppcasm_sub_mainloop:	
-	$LDU	r7,$BNSZ(r4)
-	$LDU	r8,$BNSZ(r5)
-	subfe	r6,r8,r7	# r6 = r7+carry bit + onescomplement(r8)
-				# if carry = 1 this is r7-r8. Else it
-				# is r7-r8 -1 as we need.
-	$STU	r6,$BNSZ(r3)
-	bdnz-	Lppcasm_sub_mainloop
-Lppcasm_sub_adios:	
-	subfze	r3,r0		# if carry bit is set then r3 = 0 else -1
-	andi.	r3,r3,1         # keep only last bit.
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,4,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_add_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4
-.bn_add_words:
-#
-#	Handcoded version of bn_add_words
-#
-#BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-#
-#	r3 = r
-#	r4 = a
-#	r5 = b
-#	r6 = n
-#
-#       Note:	No loop unrolling done since this is not a performance
-#               critical loop.
-
-	xor	r0,r0,r0
-#
-#	check for r6 = 0. Is this needed?
-#
-	addic.	r6,r6,0		#test r6 and clear carry bit.
-	beq	Lppcasm_add_adios
-	addi	r4,r4,-$BNSZ
-	addi	r3,r3,-$BNSZ
-	addi	r5,r5,-$BNSZ
-	mtctr	r6
-Lppcasm_add_mainloop:	
-	$LDU	r7,$BNSZ(r4)
-	$LDU	r8,$BNSZ(r5)
-	adde	r8,r7,r8
-	$STU	r8,$BNSZ(r3)
-	bdnz-	Lppcasm_add_mainloop
-Lppcasm_add_adios:	
-	addze	r3,r0			#return carry bit.
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,4,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_div_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4
-.bn_div_words:
-#
-#	This is a cleaned up version of code generated by
-#	the AIX compiler. The only optimization is to use
-#	the PPC instruction to count leading zeros instead
-#	of call to num_bits_word. Since this was compiled
-#	only at level -O2 we can possibly squeeze it more?
-#	
-#	r3 = h
-#	r4 = l
-#	r5 = d
-	
-	$UCMPI	0,r5,0			# compare r5 and 0
-	bne	Lppcasm_div1		# proceed if d!=0
-	li	r3,-1			# d=0 return -1
-	blr
-Lppcasm_div1:
-	xor	r0,r0,r0		#r0=0
-	li	r8,$BITS
-	$CNTLZ.	r7,r5			#r7 = num leading 0s in d.
-	beq	Lppcasm_div2		#proceed if no leading zeros
-	subf	r8,r7,r8		#r8 = BN_num_bits_word(d)
-	$SHR.	r9,r3,r8		#are there any bits above r8'th?
-	$TR	16,r9,r0		#if there're, signal to dump core...
-Lppcasm_div2:
-	$UCMP	0,r3,r5			#h>=d?
-	blt	Lppcasm_div3		#goto Lppcasm_div3 if not
-	subf	r3,r5,r3		#h-=d ; 
-Lppcasm_div3:				#r7 = BN_BITS2-i. so r7=i
-	cmpi	0,0,r7,0		# is (i == 0)?
-	beq	Lppcasm_div4
-	$SHL	r3,r3,r7		# h = (h<< i)
-	$SHR	r8,r4,r8		# r8 = (l >> BN_BITS2 -i)
-	$SHL	r5,r5,r7		# d<<=i
-	or	r3,r3,r8		# h = (h<<i)|(l>>(BN_BITS2-i))
-	$SHL	r4,r4,r7		# l <<=i
-Lppcasm_div4:
-	$SHRI	r9,r5,`$BITS/2`		# r9 = dh
-					# dl will be computed when needed
-					# as it saves registers.
-	li	r6,2			#r6=2
-	mtctr	r6			#counter will be in count.
-Lppcasm_divouterloop: 
-	$SHRI	r8,r3,`$BITS/2`		#r8 = (h>>BN_BITS4)
-	$SHRI	r11,r4,`$BITS/2`	#r11= (l&BN_MASK2h)>>BN_BITS4
-					# compute here for innerloop.
-	$UCMP	0,r8,r9			# is (h>>BN_BITS4)==dh
-	bne	Lppcasm_div5		# goto Lppcasm_div5 if not
-
-	li	r8,-1
-	$CLRU	r8,r8,`$BITS/2`		#q = BN_MASK2l 
-	b	Lppcasm_div6
-Lppcasm_div5:
-	$UDIV	r8,r3,r9		#q = h/dh
-Lppcasm_div6:
-	$UMULL	r12,r9,r8		#th = q*dh
-	$CLRU	r10,r5,`$BITS/2`	#r10=dl
-	$UMULL	r6,r8,r10		#tl = q*dl
-	
-Lppcasm_divinnerloop:
-	subf	r10,r12,r3		#t = h -th
-	$SHRI	r7,r10,`$BITS/2`	#r7= (t &BN_MASK2H), sort of...
-	addic.	r7,r7,0			#test if r7 == 0. used below.
-					# now want to compute
-					# r7 = (t<<BN_BITS4)|((l&BN_MASK2h)>>BN_BITS4)
-					# the following 2 instructions do that
-	$SHLI	r7,r10,`$BITS/2`	# r7 = (t<<BN_BITS4)
-	or	r7,r7,r11		# r7|=((l&BN_MASK2h)>>BN_BITS4)
-	$UCMP	cr1,r6,r7		# compare (tl <= r7)
-	bne	Lppcasm_divinnerexit
-	ble	cr1,Lppcasm_divinnerexit
-	addi	r8,r8,-1		#q--
-	subf	r12,r9,r12		#th -=dh
-	$CLRU	r10,r5,`$BITS/2`	#r10=dl. t is no longer needed in loop.
-	subf	r6,r10,r6		#tl -=dl
-	b	Lppcasm_divinnerloop
-Lppcasm_divinnerexit:
-	$SHRI	r10,r6,`$BITS/2`	#t=(tl>>BN_BITS4)
-	$SHLI	r11,r6,`$BITS/2`	#tl=(tl<<BN_BITS4)&BN_MASK2h;
-	$UCMP	cr1,r4,r11		# compare l and tl
-	add	r12,r12,r10		# th+=t
-	bge	cr1,Lppcasm_div7	# if (l>=tl) goto Lppcasm_div7
-	addi	r12,r12,1		# th++
-Lppcasm_div7:
-	subf	r11,r11,r4		#r11=l-tl
-	$UCMP	cr1,r3,r12		#compare h and th
-	bge	cr1,Lppcasm_div8	#if (h>=th) goto Lppcasm_div8
-	addi	r8,r8,-1		# q--
-	add	r3,r5,r3		# h+=d
-Lppcasm_div8:
-	subf	r12,r12,r3		#r12 = h-th
-	$SHLI	r4,r11,`$BITS/2`	#l=(l&BN_MASK2l)<<BN_BITS4
-					# want to compute
-					# h = ((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2
-					# the following 2 instructions will do this.
-	$INSR	r11,r12,`$BITS/2`,`$BITS/2`	# r11 is the value we want rotated $BITS/2.
-	$ROTL	r3,r11,`$BITS/2`	# rotate by $BITS/2 and store in r3
-	bdz	Lppcasm_div9		#if (count==0) break ;
-	$SHLI	r0,r8,`$BITS/2`		#ret =q<<BN_BITS4
-	b	Lppcasm_divouterloop
-Lppcasm_div9:
-	or	r3,r8,r0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,3,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_sqr_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-.align	4
-.bn_sqr_words:
-#
-#	Optimized version of bn_sqr_words
-#
-#	void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
-#
-#	r3 = r
-#	r4 = a
-#	r5 = n
-#
-#	r6 = a[i].
-#	r7,r8 = product.
-#
-#	No unrolling done here. Not performance critical.
-
-	addic.	r5,r5,0			#test r5.
-	beq	Lppcasm_sqr_adios
-	addi	r4,r4,-$BNSZ
-	addi	r3,r3,-$BNSZ
-	mtctr	r5
-Lppcasm_sqr_mainloop:	
-					#sqr(r[0],r[1],a[0]);
-	$LDU	r6,$BNSZ(r4)
-	$UMULL	r7,r6,r6
-	$UMULH  r8,r6,r6
-	$STU	r7,$BNSZ(r3)
-	$STU	r8,$BNSZ(r3)
-	bdnz-	Lppcasm_sqr_mainloop
-Lppcasm_sqr_adios:	
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,3,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_mul_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4	
-.bn_mul_words:
-#
-# BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-#
-# r3 = rp
-# r4 = ap
-# r5 = num
-# r6 = w
-	xor	r0,r0,r0
-	xor	r12,r12,r12		# used for carry
-	rlwinm.	r7,r5,30,2,31		# num >> 2
-	beq	Lppcasm_mw_REM
-	mtctr	r7
-Lppcasm_mw_LOOP:	
-					#mul(rp[0],ap[0],w,c1);
-	$LD	r8,`0*$BNSZ`(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	addc	r9,r9,r12
-	#addze	r10,r10			#carry is NOT ignored.
-					#will be taken care of
-					#in second spin below
-					#using adde.
-	$ST	r9,`0*$BNSZ`(r3)
-					#mul(rp[1],ap[1],w,c1);
-	$LD	r8,`1*$BNSZ`(r4)	
-	$UMULL	r11,r6,r8
-	$UMULH  r12,r6,r8
-	adde	r11,r11,r10
-	#addze	r12,r12
-	$ST	r11,`1*$BNSZ`(r3)
-					#mul(rp[2],ap[2],w,c1);
-	$LD	r8,`2*$BNSZ`(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	adde	r9,r9,r12
-	#addze	r10,r10
-	$ST	r9,`2*$BNSZ`(r3)
-					#mul_add(rp[3],ap[3],w,c1);
-	$LD	r8,`3*$BNSZ`(r4)
-	$UMULL	r11,r6,r8
-	$UMULH  r12,r6,r8
-	adde	r11,r11,r10
-	addze	r12,r12			#this spin we collect carry into
-					#r12
-	$ST	r11,`3*$BNSZ`(r3)
-	
-	addi	r3,r3,`4*$BNSZ`
-	addi	r4,r4,`4*$BNSZ`
-	bdnz-	Lppcasm_mw_LOOP
-
-Lppcasm_mw_REM:
-	andi.	r5,r5,0x3
-	beq	Lppcasm_mw_OVER
-					#mul(rp[0],ap[0],w,c1);
-	$LD	r8,`0*$BNSZ`(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	addc	r9,r9,r12
-	addze	r10,r10
-	$ST	r9,`0*$BNSZ`(r3)
-	addi	r12,r10,0
-	
-	addi	r5,r5,-1
-	cmpli	0,0,r5,0
-	beq	Lppcasm_mw_OVER
-
-	
-					#mul(rp[1],ap[1],w,c1);
-	$LD	r8,`1*$BNSZ`(r4)	
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	addc	r9,r9,r12
-	addze	r10,r10
-	$ST	r9,`1*$BNSZ`(r3)
-	addi	r12,r10,0
-	
-	addi	r5,r5,-1
-	cmpli	0,0,r5,0
-	beq	Lppcasm_mw_OVER
-	
-					#mul_add(rp[2],ap[2],w,c1);
-	$LD	r8,`2*$BNSZ`(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	addc	r9,r9,r12
-	addze	r10,r10
-	$ST	r9,`2*$BNSZ`(r3)
-	addi	r12,r10,0
-		
-Lppcasm_mw_OVER:	
-	addi	r3,r12,0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,4,0
-	.long	0
-
-#
-#	NOTE:	The following label name should be changed to
-#		"bn_mul_add_words" i.e. remove the first dot
-#		for the gcc compiler. This should be automatically
-#		done in the build
-#
-
-.align	4
-.bn_mul_add_words:
-#
-# BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
-#
-# r3 = rp
-# r4 = ap
-# r5 = num
-# r6 = w
-#
-# empirical evidence suggests that unrolled version performs best!!
-#
-	xor	r0,r0,r0		#r0 = 0
-	xor	r12,r12,r12  		#r12 = 0 . used for carry		
-	rlwinm.	r7,r5,30,2,31		# num >> 2
-	beq	Lppcasm_maw_leftover	# if (num < 4) go LPPCASM_maw_leftover
-	mtctr	r7
-Lppcasm_maw_mainloop:	
-					#mul_add(rp[0],ap[0],w,c1);
-	$LD	r8,`0*$BNSZ`(r4)
-	$LD	r11,`0*$BNSZ`(r3)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	addc	r9,r9,r12		#r12 is carry.
-	addze	r10,r10
-	addc	r9,r9,r11
-	#addze	r10,r10
-					#the above instruction addze
-					#is NOT needed. Carry will NOT
-					#be ignored. It's not affected
-					#by multiply and will be collected
-					#in the next spin
-	$ST	r9,`0*$BNSZ`(r3)
-	
-					#mul_add(rp[1],ap[1],w,c1);
-	$LD	r8,`1*$BNSZ`(r4)	
-	$LD	r9,`1*$BNSZ`(r3)
-	$UMULL	r11,r6,r8
-	$UMULH  r12,r6,r8
-	adde	r11,r11,r10		#r10 is carry.
-	addze	r12,r12
-	addc	r11,r11,r9
-	#addze	r12,r12
-	$ST	r11,`1*$BNSZ`(r3)
-	
-					#mul_add(rp[2],ap[2],w,c1);
-	$LD	r8,`2*$BNSZ`(r4)
-	$UMULL	r9,r6,r8
-	$LD	r11,`2*$BNSZ`(r3)
-	$UMULH  r10,r6,r8
-	adde	r9,r9,r12
-	addze	r10,r10
-	addc	r9,r9,r11
-	#addze	r10,r10
-	$ST	r9,`2*$BNSZ`(r3)
-	
-					#mul_add(rp[3],ap[3],w,c1);
-	$LD	r8,`3*$BNSZ`(r4)
-	$UMULL	r11,r6,r8
-	$LD	r9,`3*$BNSZ`(r3)
-	$UMULH  r12,r6,r8
-	adde	r11,r11,r10
-	addze	r12,r12
-	addc	r11,r11,r9
-	addze	r12,r12
-	$ST	r11,`3*$BNSZ`(r3)
-	addi	r3,r3,`4*$BNSZ`
-	addi	r4,r4,`4*$BNSZ`
-	bdnz-	Lppcasm_maw_mainloop
-	
-Lppcasm_maw_leftover:
-	andi.	r5,r5,0x3
-	beq	Lppcasm_maw_adios
-	addi	r3,r3,-$BNSZ
-	addi	r4,r4,-$BNSZ
-					#mul_add(rp[0],ap[0],w,c1);
-	mtctr	r5
-	$LDU	r8,$BNSZ(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	$LDU	r11,$BNSZ(r3)
-	addc	r9,r9,r11
-	addze	r10,r10
-	addc	r9,r9,r12
-	addze	r12,r10
-	$ST	r9,0(r3)
-	
-	bdz	Lppcasm_maw_adios
-					#mul_add(rp[1],ap[1],w,c1);
-	$LDU	r8,$BNSZ(r4)	
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	$LDU	r11,$BNSZ(r3)
-	addc	r9,r9,r11
-	addze	r10,r10
-	addc	r9,r9,r12
-	addze	r12,r10
-	$ST	r9,0(r3)
-	
-	bdz	Lppcasm_maw_adios
-					#mul_add(rp[2],ap[2],w,c1);
-	$LDU	r8,$BNSZ(r4)
-	$UMULL	r9,r6,r8
-	$UMULH  r10,r6,r8
-	$LDU	r11,$BNSZ(r3)
-	addc	r9,r9,r11
-	addze	r10,r10
-	addc	r9,r9,r12
-	addze	r12,r10
-	$ST	r9,0(r3)
-		
-Lppcasm_maw_adios:	
-	addi	r3,r12,0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,4,0
-	.long	0
-	.align	4
-EOF
-$data =~ s/\`([^\`]*)\`/eval $1/gem;
-print $data;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/ppc64-mont.pl b/lib/libssl/src/crypto/bn/asm/ppc64-mont.pl
deleted file mode 100644
index a14e769ad05..00000000000
--- a/lib/libssl/src/crypto/bn/asm/ppc64-mont.pl
+++ /dev/null
@@ -1,1088 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# December 2007
-
-# The reason for undertaken effort is basically following. Even though
-# Power 6 CPU operates at incredible 4.7GHz clock frequency, its PKI
-# performance was observed to be less than impressive, essentially as
-# fast as 1.8GHz PPC970, or 2.6 times(!) slower than one would hope.
-# Well, it's not surprising that IBM had to make some sacrifices to
-# boost the clock frequency that much, but no overall improvement?
-# Having observed how much difference did switching to FPU make on
-# UltraSPARC, playing same stunt on Power 6 appeared appropriate...
-# Unfortunately the resulting performance improvement is not as
-# impressive, ~30%, and in absolute terms is still very far from what
-# one would expect from 4.7GHz CPU. There is a chance that I'm doing
-# something wrong, but in the lack of assembler level micro-profiling
-# data or at least decent platform guide I can't tell... Or better
-# results might be achieved with VMX... Anyway, this module provides
-# *worse* performance on other PowerPC implementations, ~40-15% slower
-# on PPC970 depending on key length and ~40% slower on Power 5 for all
-# key lengths. As it's obviously inappropriate as "best all-round"
-# alternative, it has to be complemented with run-time CPU family
-# detection. Oh! It should also be noted that unlike other PowerPC
-# implementation IALU ppc-mont.pl module performs *suboptimaly* on
-# >=1024-bit key lengths on Power 6. It should also be noted that
-# *everything* said so far applies to 64-bit builds! As far as 32-bit
-# application executed on 64-bit CPU goes, this module is likely to
-# become preferred choice, because it's easy to adapt it for such
-# case and *is* faster than 32-bit ppc-mont.pl on *all* processors.
-
-# February 2008
-
-# Micro-profiling assisted optimization results in ~15% improvement
-# over original ppc64-mont.pl version, or overall ~50% improvement
-# over ppc.pl module on Power 6. If compared to ppc-mont.pl on same
-# Power 6 CPU, this module is 5-150% faster depending on key length,
-# [hereafter] more for longer keys. But if compared to ppc-mont.pl
-# on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive
-# in absolute terms, but it's apparently the way Power 6 is...
-
-# December 2009
-
-# Adapted for 32-bit build this module delivers 25-120%, yes, more
-# than *twice* for longer keys, performance improvement over 32-bit
-# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes
-# even 64-bit integer operations and the trouble is that most PPC
-# operating systems don't preserve upper halves of general purpose
-# registers upon 32-bit signal delivery. They do preserve them upon
-# context switch, but not signalling:-( This means that asynchronous
-# signals have to be blocked upon entry to this subroutine. Signal
-# masking (and of course complementary unmasking) has quite an impact
-# on performance, naturally larger for shorter keys. It's so severe
-# that 512-bit key performance can be as low as 1/3 of expected one.
-# This is why this routine can be engaged for longer key operations
-# only on these OSes, see crypto/ppccap.c for further details. MacOS X
-# is an exception from this and doesn't require signal masking, and
-# that's where above improvement coefficients were collected. For
-# others alternative would be to break dependence on upper halves of
-# GPRs by sticking to 32-bit integer operations...
-
-$flavour = shift;
-
-if ($flavour =~ /32/) {
-	$SIZE_T=4;
-	$RZONE=	224;
-	$fname=	"bn_mul_mont_fpu64";
-
-	$STUX=	"stwux";	# store indexed and update
-	$PUSH=	"stw";
-	$POP=	"lwz";
-} elsif ($flavour =~ /64/) {
-	$SIZE_T=8;
-	$RZONE=	288;
-	$fname=	"bn_mul_mont_fpu64";
-
-	# same as above, but 64-bit mnemonics...
-	$STUX=	"stdux";	# store indexed and update
-	$PUSH=	"std";
-	$POP=	"ld";
-} else { die "nonsense $flavour"; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-$FRAME=64;	# padded frame header
-$TRANSFER=16*8;
-
-$carry="r0";
-$sp="r1";
-$toc="r2";
-$rp="r3";	$ovf="r3";
-$ap="r4";
-$bp="r5";
-$np="r6";
-$n0="r7";
-$num="r8";
-$rp="r9";	# $rp is reassigned
-$tp="r10";
-$j="r11";
-$i="r12";
-# non-volatile registers
-$nap_d="r22";	# interleaved ap and np in double format
-$a0="r23";	# ap[0]
-$t0="r24";	# temporary registers
-$t1="r25";
-$t2="r26";
-$t3="r27";
-$t4="r28";
-$t5="r29";
-$t6="r30";
-$t7="r31";
-
-# PPC offers enough register bank capacity to unroll inner loops twice
-#
-#     ..A3A2A1A0
-#           dcba
-#    -----------
-#            A0a
-#           A0b
-#          A0c
-#         A0d
-#          A1a
-#         A1b
-#        A1c
-#       A1d
-#        A2a
-#       A2b
-#      A2c
-#     A2d
-#      A3a
-#     A3b
-#    A3c
-#   A3d
-#    ..a
-#   ..b
-#
-$ba="f0";	$bb="f1";	$bc="f2";	$bd="f3";
-$na="f4";	$nb="f5";	$nc="f6";	$nd="f7";
-$dota="f8";	$dotb="f9";
-$A0="f10";	$A1="f11";	$A2="f12";	$A3="f13";
-$N0="f20";	$N1="f21";	$N2="f22";	$N3="f23";
-$T0a="f24";	$T0b="f25";
-$T1a="f26";	$T1b="f27";
-$T2a="f28";	$T2b="f29";
-$T3a="f30";	$T3b="f31";
-
-# sp----------->+-------------------------------+
-#		| saved sp			|
-#		+-------------------------------+
-#		.				.
-#   +64		+-------------------------------+
-#		| 16 gpr<->fpr transfer zone	|
-#		.				.
-#		.				.
-#   +16*8	+-------------------------------+
-#		| __int64 tmp[-1]		|
-#		+-------------------------------+
-#		| __int64 tmp[num]		|
-#		.				.
-#		.				.
-#		.				.
-#   +(num+1)*8	+-------------------------------+
-#		| padding to 64 byte boundary	|
-#		.				.
-#   +X		+-------------------------------+
-#		| double nap_d[4*num]		|
-#		.				.
-#		.				.
-#		.				.
-#		+-------------------------------+
-#		.				.
-#   -12*size_t	+-------------------------------+
-#		| 10 saved gpr, r22-r31		|
-#		.				.
-#		.				.
-#   -12*8	+-------------------------------+
-#		| 12 saved fpr, f20-f31		|
-#		.				.
-#		.				.
-#		+-------------------------------+
-
-$code=<<___;
-.machine "any"
-.text
-
-.globl	.$fname
-.align	5
-.$fname:
-	cmpwi	$num,`3*8/$SIZE_T`
-	mr	$rp,r3		; $rp is reassigned
-	li	r3,0		; possible "not handled" return code
-	bltlr-
-	andi.	r0,$num,`16/$SIZE_T-1`		; $num has to be "even"
-	bnelr-
-
-	slwi	$num,$num,`log($SIZE_T)/log(2)`	; num*=sizeof(BN_LONG)
-	li	$i,-4096
-	slwi	$tp,$num,2	; place for {an}p_{lh}[num], i.e. 4*num
-	add	$tp,$tp,$num	; place for tp[num+1]
-	addi	$tp,$tp,`$FRAME+$TRANSFER+8+64+$RZONE`
-	subf	$tp,$tp,$sp	; $sp-$tp
-	and	$tp,$tp,$i	; minimize TLB usage
-	subf	$tp,$sp,$tp	; $tp-$sp
-	mr	$i,$sp
-	$STUX	$sp,$sp,$tp	; alloca
-
-	$PUSH	r22,`-12*8-10*$SIZE_T`($i)
-	$PUSH	r23,`-12*8-9*$SIZE_T`($i)
-	$PUSH	r24,`-12*8-8*$SIZE_T`($i)
-	$PUSH	r25,`-12*8-7*$SIZE_T`($i)
-	$PUSH	r26,`-12*8-6*$SIZE_T`($i)
-	$PUSH	r27,`-12*8-5*$SIZE_T`($i)
-	$PUSH	r28,`-12*8-4*$SIZE_T`($i)
-	$PUSH	r29,`-12*8-3*$SIZE_T`($i)
-	$PUSH	r30,`-12*8-2*$SIZE_T`($i)
-	$PUSH	r31,`-12*8-1*$SIZE_T`($i)
-	stfd	f20,`-12*8`($i)
-	stfd	f21,`-11*8`($i)
-	stfd	f22,`-10*8`($i)
-	stfd	f23,`-9*8`($i)
-	stfd	f24,`-8*8`($i)
-	stfd	f25,`-7*8`($i)
-	stfd	f26,`-6*8`($i)
-	stfd	f27,`-5*8`($i)
-	stfd	f28,`-4*8`($i)
-	stfd	f29,`-3*8`($i)
-	stfd	f30,`-2*8`($i)
-	stfd	f31,`-1*8`($i)
-___
-$code.=<<___ if ($SIZE_T==8);
-	ld	$a0,0($ap)	; pull ap[0] value
-	ld	$n0,0($n0)	; pull n0[0] value
-	ld	$t3,0($bp)	; bp[0]
-___
-$code.=<<___ if ($SIZE_T==4);
-	mr	$t1,$n0
-	lwz	$a0,0($ap)	; pull ap[0,1] value
-	lwz	$t0,4($ap)
-	lwz	$n0,0($t1)	; pull n0[0,1] value
-	lwz	$t1,4($t1)
-	lwz	$t3,0($bp)	; bp[0,1]
-	lwz	$t2,4($bp)
-	insrdi	$a0,$t0,32,0
-	insrdi	$n0,$t1,32,0
-	insrdi	$t3,$t2,32,0
-___
-$code.=<<___;
-	addi	$tp,$sp,`$FRAME+$TRANSFER+8+64`
-	li	$i,-64
-	add	$nap_d,$tp,$num
-	and	$nap_d,$nap_d,$i	; align to 64 bytes
-
-	mulld	$t7,$a0,$t3	; ap[0]*bp[0]
-	; nap_d is off by 1, because it's used with stfdu/lfdu
-	addi	$nap_d,$nap_d,-8
-	srwi	$j,$num,`3+1`	; counter register, num/2
-	mulld	$t7,$t7,$n0	; tp[0]*n0
-	addi	$j,$j,-1
-	addi	$tp,$sp,`$FRAME+$TRANSFER-8`
-	li	$carry,0
-	mtctr	$j
-
-	; transfer bp[0] to FPU as 4x16-bit values
-	extrdi	$t0,$t3,16,48
-	extrdi	$t1,$t3,16,32
-	extrdi	$t2,$t3,16,16
-	extrdi	$t3,$t3,16,0
-	std	$t0,`$FRAME+0`($sp)
-	std	$t1,`$FRAME+8`($sp)
-	std	$t2,`$FRAME+16`($sp)
-	std	$t3,`$FRAME+24`($sp)
-	; transfer (ap[0]*bp[0])*n0 to FPU as 4x16-bit values
-	extrdi	$t4,$t7,16,48
-	extrdi	$t5,$t7,16,32
-	extrdi	$t6,$t7,16,16
-	extrdi	$t7,$t7,16,0
-	std	$t4,`$FRAME+32`($sp)
-	std	$t5,`$FRAME+40`($sp)
-	std	$t6,`$FRAME+48`($sp)
-	std	$t7,`$FRAME+56`($sp)
-___
-$code.=<<___ if ($SIZE_T==8);
-	lwz	$t0,4($ap)		; load a[j] as 32-bit word pair
-	lwz	$t1,0($ap)
-	lwz	$t2,12($ap)		; load a[j+1] as 32-bit word pair
-	lwz	$t3,8($ap)
-	lwz	$t4,4($np)		; load n[j] as 32-bit word pair
-	lwz	$t5,0($np)
-	lwz	$t6,12($np)		; load n[j+1] as 32-bit word pair
-	lwz	$t7,8($np)
-___
-$code.=<<___ if ($SIZE_T==4);
-	lwz	$t0,0($ap)		; load a[j..j+3] as 32-bit word pairs
-	lwz	$t1,4($ap)
-	lwz	$t2,8($ap)
-	lwz	$t3,12($ap)
-	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
-	lwz	$t5,4($np)
-	lwz	$t6,8($np)
-	lwz	$t7,12($np)
-___
-$code.=<<___;
-	lfd	$ba,`$FRAME+0`($sp)
-	lfd	$bb,`$FRAME+8`($sp)
-	lfd	$bc,`$FRAME+16`($sp)
-	lfd	$bd,`$FRAME+24`($sp)
-	lfd	$na,`$FRAME+32`($sp)
-	lfd	$nb,`$FRAME+40`($sp)
-	lfd	$nc,`$FRAME+48`($sp)
-	lfd	$nd,`$FRAME+56`($sp)
-	std	$t0,`$FRAME+64`($sp)
-	std	$t1,`$FRAME+72`($sp)
-	std	$t2,`$FRAME+80`($sp)
-	std	$t3,`$FRAME+88`($sp)
-	std	$t4,`$FRAME+96`($sp)
-	std	$t5,`$FRAME+104`($sp)
-	std	$t6,`$FRAME+112`($sp)
-	std	$t7,`$FRAME+120`($sp)
-	fcfid	$ba,$ba
-	fcfid	$bb,$bb
-	fcfid	$bc,$bc
-	fcfid	$bd,$bd
-	fcfid	$na,$na
-	fcfid	$nb,$nb
-	fcfid	$nc,$nc
-	fcfid	$nd,$nd
-
-	lfd	$A0,`$FRAME+64`($sp)
-	lfd	$A1,`$FRAME+72`($sp)
-	lfd	$A2,`$FRAME+80`($sp)
-	lfd	$A3,`$FRAME+88`($sp)
-	lfd	$N0,`$FRAME+96`($sp)
-	lfd	$N1,`$FRAME+104`($sp)
-	lfd	$N2,`$FRAME+112`($sp)
-	lfd	$N3,`$FRAME+120`($sp)
-	fcfid	$A0,$A0
-	fcfid	$A1,$A1
-	fcfid	$A2,$A2
-	fcfid	$A3,$A3
-	fcfid	$N0,$N0
-	fcfid	$N1,$N1
-	fcfid	$N2,$N2
-	fcfid	$N3,$N3
-	addi	$ap,$ap,16
-	addi	$np,$np,16
-
-	fmul	$T1a,$A1,$ba
-	fmul	$T1b,$A1,$bb
-	stfd	$A0,8($nap_d)		; save a[j] in double format
-	stfd	$A1,16($nap_d)
-	fmul	$T2a,$A2,$ba
-	fmul	$T2b,$A2,$bb
-	stfd	$A2,24($nap_d)		; save a[j+1] in double format
-	stfd	$A3,32($nap_d)
-	fmul	$T3a,$A3,$ba
-	fmul	$T3b,$A3,$bb
-	stfd	$N0,40($nap_d)		; save n[j] in double format
-	stfd	$N1,48($nap_d)
-	fmul	$T0a,$A0,$ba
-	fmul	$T0b,$A0,$bb
-	stfd	$N2,56($nap_d)		; save n[j+1] in double format
-	stfdu	$N3,64($nap_d)
-
-	fmadd	$T1a,$A0,$bc,$T1a
-	fmadd	$T1b,$A0,$bd,$T1b
-	fmadd	$T2a,$A1,$bc,$T2a
-	fmadd	$T2b,$A1,$bd,$T2b
-	fmadd	$T3a,$A2,$bc,$T3a
-	fmadd	$T3b,$A2,$bd,$T3b
-	fmul	$dota,$A3,$bc
-	fmul	$dotb,$A3,$bd
-
-	fmadd	$T1a,$N1,$na,$T1a
-	fmadd	$T1b,$N1,$nb,$T1b
-	fmadd	$T2a,$N2,$na,$T2a
-	fmadd	$T2b,$N2,$nb,$T2b
-	fmadd	$T3a,$N3,$na,$T3a
-	fmadd	$T3b,$N3,$nb,$T3b
-	fmadd	$T0a,$N0,$na,$T0a
-	fmadd	$T0b,$N0,$nb,$T0b
-
-	fmadd	$T1a,$N0,$nc,$T1a
-	fmadd	$T1b,$N0,$nd,$T1b
-	fmadd	$T2a,$N1,$nc,$T2a
-	fmadd	$T2b,$N1,$nd,$T2b
-	fmadd	$T3a,$N2,$nc,$T3a
-	fmadd	$T3b,$N2,$nd,$T3b
-	fmadd	$dota,$N3,$nc,$dota
-	fmadd	$dotb,$N3,$nd,$dotb
-
-	fctid	$T0a,$T0a
-	fctid	$T0b,$T0b
-	fctid	$T1a,$T1a
-	fctid	$T1b,$T1b
-	fctid	$T2a,$T2a
-	fctid	$T2b,$T2b
-	fctid	$T3a,$T3a
-	fctid	$T3b,$T3b
-
-	stfd	$T0a,`$FRAME+0`($sp)
-	stfd	$T0b,`$FRAME+8`($sp)
-	stfd	$T1a,`$FRAME+16`($sp)
-	stfd	$T1b,`$FRAME+24`($sp)
-	stfd	$T2a,`$FRAME+32`($sp)
-	stfd	$T2b,`$FRAME+40`($sp)
-	stfd	$T3a,`$FRAME+48`($sp)
-	stfd	$T3b,`$FRAME+56`($sp)
-
-.align	5
-L1st:
-___
-$code.=<<___ if ($SIZE_T==8);
-	lwz	$t0,4($ap)		; load a[j] as 32-bit word pair
-	lwz	$t1,0($ap)
-	lwz	$t2,12($ap)		; load a[j+1] as 32-bit word pair
-	lwz	$t3,8($ap)
-	lwz	$t4,4($np)		; load n[j] as 32-bit word pair
-	lwz	$t5,0($np)
-	lwz	$t6,12($np)		; load n[j+1] as 32-bit word pair
-	lwz	$t7,8($np)
-___
-$code.=<<___ if ($SIZE_T==4);
-	lwz	$t0,0($ap)		; load a[j..j+3] as 32-bit word pairs
-	lwz	$t1,4($ap)
-	lwz	$t2,8($ap)
-	lwz	$t3,12($ap)
-	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
-	lwz	$t5,4($np)
-	lwz	$t6,8($np)
-	lwz	$t7,12($np)
-___
-$code.=<<___;
-	std	$t0,`$FRAME+64`($sp)
-	std	$t1,`$FRAME+72`($sp)
-	std	$t2,`$FRAME+80`($sp)
-	std	$t3,`$FRAME+88`($sp)
-	std	$t4,`$FRAME+96`($sp)
-	std	$t5,`$FRAME+104`($sp)
-	std	$t6,`$FRAME+112`($sp)
-	std	$t7,`$FRAME+120`($sp)
-	ld	$t0,`$FRAME+0`($sp)
-	ld	$t1,`$FRAME+8`($sp)
-	ld	$t2,`$FRAME+16`($sp)
-	ld	$t3,`$FRAME+24`($sp)
-	ld	$t4,`$FRAME+32`($sp)
-	ld	$t5,`$FRAME+40`($sp)
-	ld	$t6,`$FRAME+48`($sp)
-	ld	$t7,`$FRAME+56`($sp)
-	lfd	$A0,`$FRAME+64`($sp)
-	lfd	$A1,`$FRAME+72`($sp)
-	lfd	$A2,`$FRAME+80`($sp)
-	lfd	$A3,`$FRAME+88`($sp)
-	lfd	$N0,`$FRAME+96`($sp)
-	lfd	$N1,`$FRAME+104`($sp)
-	lfd	$N2,`$FRAME+112`($sp)
-	lfd	$N3,`$FRAME+120`($sp)
-	fcfid	$A0,$A0
-	fcfid	$A1,$A1
-	fcfid	$A2,$A2
-	fcfid	$A3,$A3
-	fcfid	$N0,$N0
-	fcfid	$N1,$N1
-	fcfid	$N2,$N2
-	fcfid	$N3,$N3
-	addi	$ap,$ap,16
-	addi	$np,$np,16
-
-	fmul	$T1a,$A1,$ba
-	fmul	$T1b,$A1,$bb
-	fmul	$T2a,$A2,$ba
-	fmul	$T2b,$A2,$bb
-	stfd	$A0,8($nap_d)		; save a[j] in double format
-	stfd	$A1,16($nap_d)
-	fmul	$T3a,$A3,$ba
-	fmul	$T3b,$A3,$bb
-	fmadd	$T0a,$A0,$ba,$dota
-	fmadd	$T0b,$A0,$bb,$dotb
-	stfd	$A2,24($nap_d)		; save a[j+1] in double format
-	stfd	$A3,32($nap_d)
-
-	fmadd	$T1a,$A0,$bc,$T1a
-	fmadd	$T1b,$A0,$bd,$T1b
-	fmadd	$T2a,$A1,$bc,$T2a
-	fmadd	$T2b,$A1,$bd,$T2b
-	stfd	$N0,40($nap_d)		; save n[j] in double format
-	stfd	$N1,48($nap_d)
-	fmadd	$T3a,$A2,$bc,$T3a
-	fmadd	$T3b,$A2,$bd,$T3b
-	 add	$t0,$t0,$carry		; can not overflow
-	fmul	$dota,$A3,$bc
-	fmul	$dotb,$A3,$bd
-	stfd	$N2,56($nap_d)		; save n[j+1] in double format
-	stfdu	$N3,64($nap_d)
-	 srdi	$carry,$t0,16
-	 add	$t1,$t1,$carry
-	 srdi	$carry,$t1,16
-
-	fmadd	$T1a,$N1,$na,$T1a
-	fmadd	$T1b,$N1,$nb,$T1b
-	 insrdi	$t0,$t1,16,32
-	fmadd	$T2a,$N2,$na,$T2a
-	fmadd	$T2b,$N2,$nb,$T2b
-	 add	$t2,$t2,$carry
-	fmadd	$T3a,$N3,$na,$T3a
-	fmadd	$T3b,$N3,$nb,$T3b
-	 srdi	$carry,$t2,16
-	fmadd	$T0a,$N0,$na,$T0a
-	fmadd	$T0b,$N0,$nb,$T0b
-	 insrdi	$t0,$t2,16,16
-	 add	$t3,$t3,$carry
-	 srdi	$carry,$t3,16
-
-	fmadd	$T1a,$N0,$nc,$T1a
-	fmadd	$T1b,$N0,$nd,$T1b
-	 insrdi	$t0,$t3,16,0		; 0..63 bits
-	fmadd	$T2a,$N1,$nc,$T2a
-	fmadd	$T2b,$N1,$nd,$T2b
-	 add	$t4,$t4,$carry
-	fmadd	$T3a,$N2,$nc,$T3a
-	fmadd	$T3b,$N2,$nd,$T3b
-	 srdi	$carry,$t4,16
-	fmadd	$dota,$N3,$nc,$dota
-	fmadd	$dotb,$N3,$nd,$dotb
-	 add	$t5,$t5,$carry
-	 srdi	$carry,$t5,16
-	 insrdi	$t4,$t5,16,32
-
-	fctid	$T0a,$T0a
-	fctid	$T0b,$T0b
-	 add	$t6,$t6,$carry
-	fctid	$T1a,$T1a
-	fctid	$T1b,$T1b
-	 srdi	$carry,$t6,16
-	fctid	$T2a,$T2a
-	fctid	$T2b,$T2b
-	 insrdi	$t4,$t6,16,16
-	fctid	$T3a,$T3a
-	fctid	$T3b,$T3b
-	 add	$t7,$t7,$carry
-	 insrdi	$t4,$t7,16,0		; 64..127 bits
-	 srdi	$carry,$t7,16		; upper 33 bits
-
-	stfd	$T0a,`$FRAME+0`($sp)
-	stfd	$T0b,`$FRAME+8`($sp)
-	stfd	$T1a,`$FRAME+16`($sp)
-	stfd	$T1b,`$FRAME+24`($sp)
-	stfd	$T2a,`$FRAME+32`($sp)
-	stfd	$T2b,`$FRAME+40`($sp)
-	stfd	$T3a,`$FRAME+48`($sp)
-	stfd	$T3b,`$FRAME+56`($sp)
-	 std	$t0,8($tp)		; tp[j-1]
-	 stdu	$t4,16($tp)		; tp[j]
-	bdnz-	L1st
-
-	fctid	$dota,$dota
-	fctid	$dotb,$dotb
-
-	ld	$t0,`$FRAME+0`($sp)
-	ld	$t1,`$FRAME+8`($sp)
-	ld	$t2,`$FRAME+16`($sp)
-	ld	$t3,`$FRAME+24`($sp)
-	ld	$t4,`$FRAME+32`($sp)
-	ld	$t5,`$FRAME+40`($sp)
-	ld	$t6,`$FRAME+48`($sp)
-	ld	$t7,`$FRAME+56`($sp)
-	stfd	$dota,`$FRAME+64`($sp)
-	stfd	$dotb,`$FRAME+72`($sp)
-
-	add	$t0,$t0,$carry		; can not overflow
-	srdi	$carry,$t0,16
-	add	$t1,$t1,$carry
-	srdi	$carry,$t1,16
-	insrdi	$t0,$t1,16,32
-	add	$t2,$t2,$carry
-	srdi	$carry,$t2,16
-	insrdi	$t0,$t2,16,16
-	add	$t3,$t3,$carry
-	srdi	$carry,$t3,16
-	insrdi	$t0,$t3,16,0		; 0..63 bits
-	add	$t4,$t4,$carry
-	srdi	$carry,$t4,16
-	add	$t5,$t5,$carry
-	srdi	$carry,$t5,16
-	insrdi	$t4,$t5,16,32
-	add	$t6,$t6,$carry
-	srdi	$carry,$t6,16
-	insrdi	$t4,$t6,16,16
-	add	$t7,$t7,$carry
-	insrdi	$t4,$t7,16,0		; 64..127 bits
-	srdi	$carry,$t7,16		; upper 33 bits
-	ld	$t6,`$FRAME+64`($sp)
-	ld	$t7,`$FRAME+72`($sp)
-
-	std	$t0,8($tp)		; tp[j-1]
-	stdu	$t4,16($tp)		; tp[j]
-
-	add	$t6,$t6,$carry		; can not overflow
-	srdi	$carry,$t6,16
-	add	$t7,$t7,$carry
-	insrdi	$t6,$t7,48,0
-	srdi	$ovf,$t7,48
-	std	$t6,8($tp)		; tp[num-1]
-
-	slwi	$t7,$num,2
-	subf	$nap_d,$t7,$nap_d	; rewind pointer
-
-	li	$i,8			; i=1
-.align	5
-Louter:
-___
-$code.=<<___ if ($SIZE_T==8);
-	ldx	$t3,$bp,$i	; bp[i]
-___
-$code.=<<___ if ($SIZE_T==4);
-	add	$t0,$bp,$i
-	lwz	$t3,0($t0)		; bp[i,i+1]
-	lwz	$t0,4($t0)
-	insrdi	$t3,$t0,32,0
-___
-$code.=<<___;
-	ld	$t6,`$FRAME+$TRANSFER+8`($sp)	; tp[0]
-	mulld	$t7,$a0,$t3	; ap[0]*bp[i]
-
-	addi	$tp,$sp,`$FRAME+$TRANSFER`
-	add	$t7,$t7,$t6	; ap[0]*bp[i]+tp[0]
-	li	$carry,0
-	mulld	$t7,$t7,$n0	; tp[0]*n0
-	mtctr	$j
-
-	; transfer bp[i] to FPU as 4x16-bit values
-	extrdi	$t0,$t3,16,48
-	extrdi	$t1,$t3,16,32
-	extrdi	$t2,$t3,16,16
-	extrdi	$t3,$t3,16,0
-	std	$t0,`$FRAME+0`($sp)
-	std	$t1,`$FRAME+8`($sp)
-	std	$t2,`$FRAME+16`($sp)
-	std	$t3,`$FRAME+24`($sp)
-	; transfer (ap[0]*bp[i]+tp[0])*n0 to FPU as 4x16-bit values
-	extrdi	$t4,$t7,16,48
-	extrdi	$t5,$t7,16,32
-	extrdi	$t6,$t7,16,16
-	extrdi	$t7,$t7,16,0
-	std	$t4,`$FRAME+32`($sp)
-	std	$t5,`$FRAME+40`($sp)
-	std	$t6,`$FRAME+48`($sp)
-	std	$t7,`$FRAME+56`($sp)
-
-	lfd	$A0,8($nap_d)		; load a[j] in double format
-	lfd	$A1,16($nap_d)
-	lfd	$A2,24($nap_d)		; load a[j+1] in double format
-	lfd	$A3,32($nap_d)
-	lfd	$N0,40($nap_d)		; load n[j] in double format
-	lfd	$N1,48($nap_d)
-	lfd	$N2,56($nap_d)		; load n[j+1] in double format
-	lfdu	$N3,64($nap_d)
-
-	lfd	$ba,`$FRAME+0`($sp)
-	lfd	$bb,`$FRAME+8`($sp)
-	lfd	$bc,`$FRAME+16`($sp)
-	lfd	$bd,`$FRAME+24`($sp)
-	lfd	$na,`$FRAME+32`($sp)
-	lfd	$nb,`$FRAME+40`($sp)
-	lfd	$nc,`$FRAME+48`($sp)
-	lfd	$nd,`$FRAME+56`($sp)
-
-	fcfid	$ba,$ba
-	fcfid	$bb,$bb
-	fcfid	$bc,$bc
-	fcfid	$bd,$bd
-	fcfid	$na,$na
-	fcfid	$nb,$nb
-	fcfid	$nc,$nc
-	fcfid	$nd,$nd
-
-	fmul	$T1a,$A1,$ba
-	fmul	$T1b,$A1,$bb
-	fmul	$T2a,$A2,$ba
-	fmul	$T2b,$A2,$bb
-	fmul	$T3a,$A3,$ba
-	fmul	$T3b,$A3,$bb
-	fmul	$T0a,$A0,$ba
-	fmul	$T0b,$A0,$bb
-
-	fmadd	$T1a,$A0,$bc,$T1a
-	fmadd	$T1b,$A0,$bd,$T1b
-	fmadd	$T2a,$A1,$bc,$T2a
-	fmadd	$T2b,$A1,$bd,$T2b
-	fmadd	$T3a,$A2,$bc,$T3a
-	fmadd	$T3b,$A2,$bd,$T3b
-	fmul	$dota,$A3,$bc
-	fmul	$dotb,$A3,$bd
-
-	fmadd	$T1a,$N1,$na,$T1a
-	fmadd	$T1b,$N1,$nb,$T1b
-	 lfd	$A0,8($nap_d)		; load a[j] in double format
-	 lfd	$A1,16($nap_d)
-	fmadd	$T2a,$N2,$na,$T2a
-	fmadd	$T2b,$N2,$nb,$T2b
-	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
-	 lfd	$A3,32($nap_d)
-	fmadd	$T3a,$N3,$na,$T3a
-	fmadd	$T3b,$N3,$nb,$T3b
-	fmadd	$T0a,$N0,$na,$T0a
-	fmadd	$T0b,$N0,$nb,$T0b
-
-	fmadd	$T1a,$N0,$nc,$T1a
-	fmadd	$T1b,$N0,$nd,$T1b
-	fmadd	$T2a,$N1,$nc,$T2a
-	fmadd	$T2b,$N1,$nd,$T2b
-	fmadd	$T3a,$N2,$nc,$T3a
-	fmadd	$T3b,$N2,$nd,$T3b
-	fmadd	$dota,$N3,$nc,$dota
-	fmadd	$dotb,$N3,$nd,$dotb
-
-	fctid	$T0a,$T0a
-	fctid	$T0b,$T0b
-	fctid	$T1a,$T1a
-	fctid	$T1b,$T1b
-	fctid	$T2a,$T2a
-	fctid	$T2b,$T2b
-	fctid	$T3a,$T3a
-	fctid	$T3b,$T3b
-
-	stfd	$T0a,`$FRAME+0`($sp)
-	stfd	$T0b,`$FRAME+8`($sp)
-	stfd	$T1a,`$FRAME+16`($sp)
-	stfd	$T1b,`$FRAME+24`($sp)
-	stfd	$T2a,`$FRAME+32`($sp)
-	stfd	$T2b,`$FRAME+40`($sp)
-	stfd	$T3a,`$FRAME+48`($sp)
-	stfd	$T3b,`$FRAME+56`($sp)
-
-.align	5
-Linner:
-	fmul	$T1a,$A1,$ba
-	fmul	$T1b,$A1,$bb
-	fmul	$T2a,$A2,$ba
-	fmul	$T2b,$A2,$bb
-	lfd	$N0,40($nap_d)		; load n[j] in double format
-	lfd	$N1,48($nap_d)
-	fmul	$T3a,$A3,$ba
-	fmul	$T3b,$A3,$bb
-	fmadd	$T0a,$A0,$ba,$dota
-	fmadd	$T0b,$A0,$bb,$dotb
-	lfd	$N2,56($nap_d)		; load n[j+1] in double format
-	lfdu	$N3,64($nap_d)
-
-	fmadd	$T1a,$A0,$bc,$T1a
-	fmadd	$T1b,$A0,$bd,$T1b
-	fmadd	$T2a,$A1,$bc,$T2a
-	fmadd	$T2b,$A1,$bd,$T2b
-	 lfd	$A0,8($nap_d)		; load a[j] in double format
-	 lfd	$A1,16($nap_d)
-	fmadd	$T3a,$A2,$bc,$T3a
-	fmadd	$T3b,$A2,$bd,$T3b
-	fmul	$dota,$A3,$bc
-	fmul	$dotb,$A3,$bd
-	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
-	 lfd	$A3,32($nap_d)
-
-	fmadd	$T1a,$N1,$na,$T1a
-	fmadd	$T1b,$N1,$nb,$T1b
-	 ld	$t0,`$FRAME+0`($sp)
-	 ld	$t1,`$FRAME+8`($sp)
-	fmadd	$T2a,$N2,$na,$T2a
-	fmadd	$T2b,$N2,$nb,$T2b
-	 ld	$t2,`$FRAME+16`($sp)
-	 ld	$t3,`$FRAME+24`($sp)
-	fmadd	$T3a,$N3,$na,$T3a
-	fmadd	$T3b,$N3,$nb,$T3b
-	 add	$t0,$t0,$carry		; can not overflow
-	 ld	$t4,`$FRAME+32`($sp)
-	 ld	$t5,`$FRAME+40`($sp)
-	fmadd	$T0a,$N0,$na,$T0a
-	fmadd	$T0b,$N0,$nb,$T0b
-	 srdi	$carry,$t0,16
-	 add	$t1,$t1,$carry
-	 srdi	$carry,$t1,16
-	 ld	$t6,`$FRAME+48`($sp)
-	 ld	$t7,`$FRAME+56`($sp)
-
-	fmadd	$T1a,$N0,$nc,$T1a
-	fmadd	$T1b,$N0,$nd,$T1b
-	 insrdi	$t0,$t1,16,32
-	 ld	$t1,8($tp)		; tp[j]
-	fmadd	$T2a,$N1,$nc,$T2a
-	fmadd	$T2b,$N1,$nd,$T2b
-	 add	$t2,$t2,$carry
-	fmadd	$T3a,$N2,$nc,$T3a
-	fmadd	$T3b,$N2,$nd,$T3b
-	 srdi	$carry,$t2,16
-	 insrdi	$t0,$t2,16,16
-	fmadd	$dota,$N3,$nc,$dota
-	fmadd	$dotb,$N3,$nd,$dotb
-	 add	$t3,$t3,$carry
-	 ldu	$t2,16($tp)		; tp[j+1]
-	 srdi	$carry,$t3,16
-	 insrdi	$t0,$t3,16,0		; 0..63 bits
-	 add	$t4,$t4,$carry
-
-	fctid	$T0a,$T0a
-	fctid	$T0b,$T0b
-	 srdi	$carry,$t4,16
-	fctid	$T1a,$T1a
-	fctid	$T1b,$T1b
-	 add	$t5,$t5,$carry
-	fctid	$T2a,$T2a
-	fctid	$T2b,$T2b
-	 srdi	$carry,$t5,16
-	 insrdi	$t4,$t5,16,32
-	fctid	$T3a,$T3a
-	fctid	$T3b,$T3b
-	 add	$t6,$t6,$carry
-	 srdi	$carry,$t6,16
-	 insrdi	$t4,$t6,16,16
-
-	stfd	$T0a,`$FRAME+0`($sp)
-	stfd	$T0b,`$FRAME+8`($sp)
-	 add	$t7,$t7,$carry
-	 addc	$t3,$t0,$t1
-___
-$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
-	extrdi	$t0,$t0,32,0
-	extrdi	$t1,$t1,32,0
-	adde	$t0,$t0,$t1
-___
-$code.=<<___;
-	stfd	$T1a,`$FRAME+16`($sp)
-	stfd	$T1b,`$FRAME+24`($sp)
-	 insrdi	$t4,$t7,16,0		; 64..127 bits
-	 srdi	$carry,$t7,16		; upper 33 bits
-	stfd	$T2a,`$FRAME+32`($sp)
-	stfd	$T2b,`$FRAME+40`($sp)
-	 adde	$t5,$t4,$t2
-___
-$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
-	extrdi	$t4,$t4,32,0
-	extrdi	$t2,$t2,32,0
-	adde	$t4,$t4,$t2
-___
-$code.=<<___;
-	stfd	$T3a,`$FRAME+48`($sp)
-	stfd	$T3b,`$FRAME+56`($sp)
-	 addze	$carry,$carry
-	 std	$t3,-16($tp)		; tp[j-1]
-	 std	$t5,-8($tp)		; tp[j]
-	bdnz-	Linner
-
-	fctid	$dota,$dota
-	fctid	$dotb,$dotb
-	ld	$t0,`$FRAME+0`($sp)
-	ld	$t1,`$FRAME+8`($sp)
-	ld	$t2,`$FRAME+16`($sp)
-	ld	$t3,`$FRAME+24`($sp)
-	ld	$t4,`$FRAME+32`($sp)
-	ld	$t5,`$FRAME+40`($sp)
-	ld	$t6,`$FRAME+48`($sp)
-	ld	$t7,`$FRAME+56`($sp)
-	stfd	$dota,`$FRAME+64`($sp)
-	stfd	$dotb,`$FRAME+72`($sp)
-
-	add	$t0,$t0,$carry		; can not overflow
-	srdi	$carry,$t0,16
-	add	$t1,$t1,$carry
-	srdi	$carry,$t1,16
-	insrdi	$t0,$t1,16,32
-	add	$t2,$t2,$carry
-	ld	$t1,8($tp)		; tp[j]
-	srdi	$carry,$t2,16
-	insrdi	$t0,$t2,16,16
-	add	$t3,$t3,$carry
-	ldu	$t2,16($tp)		; tp[j+1]
-	srdi	$carry,$t3,16
-	insrdi	$t0,$t3,16,0		; 0..63 bits
-	add	$t4,$t4,$carry
-	srdi	$carry,$t4,16
-	add	$t5,$t5,$carry
-	srdi	$carry,$t5,16
-	insrdi	$t4,$t5,16,32
-	add	$t6,$t6,$carry
-	srdi	$carry,$t6,16
-	insrdi	$t4,$t6,16,16
-	add	$t7,$t7,$carry
-	insrdi	$t4,$t7,16,0		; 64..127 bits
-	srdi	$carry,$t7,16		; upper 33 bits
-	ld	$t6,`$FRAME+64`($sp)
-	ld	$t7,`$FRAME+72`($sp)
-
-	addc	$t3,$t0,$t1
-___
-$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
-	extrdi	$t0,$t0,32,0
-	extrdi	$t1,$t1,32,0
-	adde	$t0,$t0,$t1
-___
-$code.=<<___;
-	adde	$t5,$t4,$t2
-___
-$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
-	extrdi	$t4,$t4,32,0
-	extrdi	$t2,$t2,32,0
-	adde	$t4,$t4,$t2
-___
-$code.=<<___;
-	addze	$carry,$carry
-
-	std	$t3,-16($tp)		; tp[j-1]
-	std	$t5,-8($tp)		; tp[j]
-
-	add	$carry,$carry,$ovf	; comsume upmost overflow
-	add	$t6,$t6,$carry		; can not overflow
-	srdi	$carry,$t6,16
-	add	$t7,$t7,$carry
-	insrdi	$t6,$t7,48,0
-	srdi	$ovf,$t7,48
-	std	$t6,0($tp)		; tp[num-1]
-
-	slwi	$t7,$num,2
-	addi	$i,$i,8
-	subf	$nap_d,$t7,$nap_d	; rewind pointer
-	cmpw	$i,$num
-	blt-	Louter
-___
-
-$code.=<<___ if ($SIZE_T==8);
-	subf	$np,$num,$np	; rewind np
-	addi	$j,$j,1		; restore counter
-	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
-	addi	$tp,$sp,`$FRAME+$TRANSFER+8`
-	addi	$t4,$sp,`$FRAME+$TRANSFER+16`
-	addi	$t5,$np,8
-	addi	$t6,$rp,8
-	mtctr	$j
-
-.align	4
-Lsub:	ldx	$t0,$tp,$i
-	ldx	$t1,$np,$i
-	ldx	$t2,$t4,$i
-	ldx	$t3,$t5,$i
-	subfe	$t0,$t1,$t0	; tp[j]-np[j]
-	subfe	$t2,$t3,$t2	; tp[j+1]-np[j+1]
-	stdx	$t0,$rp,$i
-	stdx	$t2,$t6,$i
-	addi	$i,$i,16
-	bdnz-	Lsub
-
-	li	$i,0
-	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
-	and	$ap,$tp,$ovf
-	andc	$np,$rp,$ovf
-	or	$ap,$ap,$np	; ap=borrow?tp:rp
-	addi	$t7,$ap,8
-	mtctr	$j
-
-.align	4
-Lcopy:				; copy or in-place refresh
-	ldx	$t0,$ap,$i
-	ldx	$t1,$t7,$i
-	std	$i,8($nap_d)	; zap nap_d
-	std	$i,16($nap_d)
-	std	$i,24($nap_d)
-	std	$i,32($nap_d)
-	std	$i,40($nap_d)
-	std	$i,48($nap_d)
-	std	$i,56($nap_d)
-	stdu	$i,64($nap_d)
-	stdx	$t0,$rp,$i
-	stdx	$t1,$t6,$i
-	stdx	$i,$tp,$i	; zap tp at once
-	stdx	$i,$t4,$i
-	addi	$i,$i,16
-	bdnz-	Lcopy
-___
-$code.=<<___ if ($SIZE_T==4);
-	subf	$np,$num,$np	; rewind np
-	addi	$j,$j,1		; restore counter
-	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
-	addi	$tp,$sp,`$FRAME+$TRANSFER`
-	addi	$np,$np,-4
-	addi	$rp,$rp,-4
-	addi	$ap,$sp,`$FRAME+$TRANSFER+4`
-	mtctr	$j
-
-.align	4
-Lsub:	ld	$t0,8($tp)	; load tp[j..j+3] in 64-bit word order
-	ldu	$t2,16($tp)
-	lwz	$t4,4($np)	; load np[j..j+3] in 32-bit word order
-	lwz	$t5,8($np)
-	lwz	$t6,12($np)
-	lwzu	$t7,16($np)
-	extrdi	$t1,$t0,32,0
-	extrdi	$t3,$t2,32,0
-	subfe	$t4,$t4,$t0	; tp[j]-np[j]
-	 stw	$t0,4($ap)	; save tp[j..j+3] in 32-bit word order
-	subfe	$t5,$t5,$t1	; tp[j+1]-np[j+1]
-	 stw	$t1,8($ap)
-	subfe	$t6,$t6,$t2	; tp[j+2]-np[j+2]
-	 stw	$t2,12($ap)
-	subfe	$t7,$t7,$t3	; tp[j+3]-np[j+3]
-	 stwu	$t3,16($ap)
-	stw	$t4,4($rp)
-	stw	$t5,8($rp)
-	stw	$t6,12($rp)
-	stwu	$t7,16($rp)
-	bdnz-	Lsub
-
-	li	$i,0
-	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
-	addi	$tp,$sp,`$FRAME+$TRANSFER+4`
-	subf	$rp,$num,$rp	; rewind rp
-	and	$ap,$tp,$ovf
-	andc	$np,$rp,$ovf
-	or	$ap,$ap,$np	; ap=borrow?tp:rp
-	addi	$tp,$sp,`$FRAME+$TRANSFER`
-	mtctr	$j
-
-.align	4
-Lcopy:				; copy or in-place refresh
-	lwz	$t0,4($ap)
-	lwz	$t1,8($ap)
-	lwz	$t2,12($ap)
-	lwzu	$t3,16($ap)
-	std	$i,8($nap_d)	; zap nap_d
-	std	$i,16($nap_d)
-	std	$i,24($nap_d)
-	std	$i,32($nap_d)
-	std	$i,40($nap_d)
-	std	$i,48($nap_d)
-	std	$i,56($nap_d)
-	stdu	$i,64($nap_d)
-	stw	$t0,4($rp)
-	stw	$t1,8($rp)
-	stw	$t2,12($rp)
-	stwu	$t3,16($rp)
-	std	$i,8($tp)	; zap tp at once
-	stdu	$i,16($tp)
-	bdnz-	Lcopy
-___
-
-$code.=<<___;
-	$POP	$i,0($sp)
-	li	r3,1	; signal "handled"
-	$POP	r22,`-12*8-10*$SIZE_T`($i)
-	$POP	r23,`-12*8-9*$SIZE_T`($i)
-	$POP	r24,`-12*8-8*$SIZE_T`($i)
-	$POP	r25,`-12*8-7*$SIZE_T`($i)
-	$POP	r26,`-12*8-6*$SIZE_T`($i)
-	$POP	r27,`-12*8-5*$SIZE_T`($i)
-	$POP	r28,`-12*8-4*$SIZE_T`($i)
-	$POP	r29,`-12*8-3*$SIZE_T`($i)
-	$POP	r30,`-12*8-2*$SIZE_T`($i)
-	$POP	r31,`-12*8-1*$SIZE_T`($i)
-	lfd	f20,`-12*8`($i)
-	lfd	f21,`-11*8`($i)
-	lfd	f22,`-10*8`($i)
-	lfd	f23,`-9*8`($i)
-	lfd	f24,`-8*8`($i)
-	lfd	f25,`-7*8`($i)
-	lfd	f26,`-6*8`($i)
-	lfd	f27,`-5*8`($i)
-	lfd	f28,`-4*8`($i)
-	lfd	f29,`-3*8`($i)
-	lfd	f30,`-2*8`($i)
-	lfd	f31,`-1*8`($i)
-	mr	$sp,$i
-	blr
-	.long	0
-	.byte	0,12,4,0,0x8c,10,6,0
-	.long	0
-
-.asciz  "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/s390x-gf2m.pl b/lib/libssl/src/crypto/bn/asm/s390x-gf2m.pl
deleted file mode 100644
index cd9f13eca29..00000000000
--- a/lib/libssl/src/crypto/bn/asm/s390x-gf2m.pl
+++ /dev/null
@@ -1,221 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# May 2011
-#
-# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
-# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
-# the time being... gcc 4.3 appeared to generate poor code, therefore
-# the effort. And indeed, the module delivers 55%-90%(*) improvement
-# on haviest ECDSA verify and ECDH benchmarks for 163- and 571-bit
-# key lengths on z990, 30%-55%(*) - on z10, and 70%-110%(*) - on z196.
-# This is for 64-bit build. In 32-bit "highgprs" case improvement is
-# even higher, for example on z990 it was measured 80%-150%. ECDSA
-# sign is modest 9%-12% faster. Keep in mind that these coefficients
-# are not ones for bn_GF2m_mul_2x2 itself, as not all CPU time is
-# burnt in it...
-#
-# (*)	gcc 4.1 was observed to deliver better results than gcc 4.3,
-#	so that improvement coefficients can vary from one specific
-#	setup to another.
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-        $SIZE_T=4;
-        $g="";
-} else {
-        $SIZE_T=8;
-        $g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$stdframe=16*$SIZE_T+4*8;
-
-$rp="%r2";
-$a1="%r3";
-$a0="%r4";
-$b1="%r5";
-$b0="%r6";
-
-$ra="%r14";
-$sp="%r15";
-
-@T=("%r0","%r1");
-@i=("%r12","%r13");
-
-($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(6..11));
-($lo,$hi,$b)=map("%r$_",(3..5)); $a=$lo; $mask=$a8;
-
-$code.=<<___;
-.text
-
-.type	_mul_1x1,\@function
-.align	16
-_mul_1x1:
-	lgr	$a1,$a
-	sllg	$a2,$a,1
-	sllg	$a4,$a,2
-	sllg	$a8,$a,3
-
-	srag	$lo,$a1,63			# broadcast 63rd bit
-	nihh	$a1,0x1fff
-	srag	@i[0],$a2,63			# broadcast 62nd bit
-	nihh	$a2,0x3fff
-	srag	@i[1],$a4,63			# broadcast 61st bit
-	nihh	$a4,0x7fff
-	ngr	$lo,$b
-	ngr	@i[0],$b
-	ngr	@i[1],$b
-
-	lghi	@T[0],0
-	lgr	$a12,$a1
-	stg	@T[0],`$stdframe+0*8`($sp)	# tab[0]=0
-	xgr	$a12,$a2
-	stg	$a1,`$stdframe+1*8`($sp)	# tab[1]=a1
-	 lgr	$a48,$a4
-	stg	$a2,`$stdframe+2*8`($sp)	# tab[2]=a2
-	 xgr	$a48,$a8
-	stg	$a12,`$stdframe+3*8`($sp)	# tab[3]=a1^a2
-	 xgr	$a1,$a4
-
-	stg	$a4,`$stdframe+4*8`($sp)	# tab[4]=a4
-	xgr	$a2,$a4
-	stg	$a1,`$stdframe+5*8`($sp)	# tab[5]=a1^a4
-	xgr	$a12,$a4
-	stg	$a2,`$stdframe+6*8`($sp)	# tab[6]=a2^a4
-	 xgr	$a1,$a48
-	stg	$a12,`$stdframe+7*8`($sp)	# tab[7]=a1^a2^a4
-	 xgr	$a2,$a48
-
-	stg	$a8,`$stdframe+8*8`($sp)	# tab[8]=a8
-	xgr	$a12,$a48
-	stg	$a1,`$stdframe+9*8`($sp)	# tab[9]=a1^a8
-	 xgr	$a1,$a4
-	stg	$a2,`$stdframe+10*8`($sp)	# tab[10]=a2^a8
-	 xgr	$a2,$a4
-	stg	$a12,`$stdframe+11*8`($sp)	# tab[11]=a1^a2^a8
-
-	xgr	$a12,$a4
-	stg	$a48,`$stdframe+12*8`($sp)	# tab[12]=a4^a8
-	 srlg	$hi,$lo,1
-	stg	$a1,`$stdframe+13*8`($sp)	# tab[13]=a1^a4^a8
-	 sllg	$lo,$lo,63
-	stg	$a2,`$stdframe+14*8`($sp)	# tab[14]=a2^a4^a8
-	 srlg	@T[0],@i[0],2
-	stg	$a12,`$stdframe+15*8`($sp)	# tab[15]=a1^a2^a4^a8
-
-	lghi	$mask,`0xf<<3`
-	sllg	$a1,@i[0],62
-	 sllg	@i[0],$b,3
-	srlg	@T[1],@i[1],3
-	 ngr	@i[0],$mask
-	sllg	$a2,@i[1],61
-	 srlg	@i[1],$b,4-3
-	xgr	$hi,@T[0]
-	 ngr	@i[1],$mask
-	xgr	$lo,$a1
-	xgr	$hi,@T[1]
-	xgr	$lo,$a2
-
-	xg	$lo,$stdframe(@i[0],$sp)
-	srlg	@i[0],$b,8-3
-	ngr	@i[0],$mask
-___
-for($n=1;$n<14;$n++) {
-$code.=<<___;
-	lg	@T[1],$stdframe(@i[1],$sp)
-	srlg	@i[1],$b,`($n+2)*4`-3
-	sllg	@T[0],@T[1],`$n*4`
-	ngr	@i[1],$mask
-	srlg	@T[1],@T[1],`64-$n*4`
-	xgr	$lo,@T[0]
-	xgr	$hi,@T[1]
-___
-	push(@i,shift(@i)); push(@T,shift(@T));
-}
-$code.=<<___;
-	lg	@T[1],$stdframe(@i[1],$sp)
-	sllg	@T[0],@T[1],`$n*4`
-	srlg	@T[1],@T[1],`64-$n*4`
-	xgr	$lo,@T[0]
-	xgr	$hi,@T[1]
-
-	lg	@T[0],$stdframe(@i[0],$sp)
-	sllg	@T[1],@T[0],`($n+1)*4`
-	srlg	@T[0],@T[0],`64-($n+1)*4`
-	xgr	$lo,@T[1]
-	xgr	$hi,@T[0]
-
-	br	$ra
-.size	_mul_1x1,.-_mul_1x1
-
-.globl	bn_GF2m_mul_2x2
-.type	bn_GF2m_mul_2x2,\@function
-.align	16
-bn_GF2m_mul_2x2:
-	stm${g}	%r3,%r15,3*$SIZE_T($sp)
-
-	lghi	%r1,-$stdframe-128
-	la	%r0,0($sp)
-	la	$sp,0(%r1,$sp)			# alloca
-	st${g}	%r0,0($sp)			# back chain
-___
-if ($SIZE_T==8) {
-my @r=map("%r$_",(6..9));
-$code.=<<___;
-	bras	$ra,_mul_1x1			# a1�b1
-	stmg	$lo,$hi,16($rp)
-
-	lg	$a,`$stdframe+128+4*$SIZE_T`($sp)
-	lg	$b,`$stdframe+128+6*$SIZE_T`($sp)
-	bras	$ra,_mul_1x1			# a0�b0
-	stmg	$lo,$hi,0($rp)
-
-	lg	$a,`$stdframe+128+3*$SIZE_T`($sp)
-	lg	$b,`$stdframe+128+5*$SIZE_T`($sp)
-	xg	$a,`$stdframe+128+4*$SIZE_T`($sp)
-	xg	$b,`$stdframe+128+6*$SIZE_T`($sp)
-	bras	$ra,_mul_1x1			# (a0+a1)�(b0+b1)
-	lmg	@r[0],@r[3],0($rp)
-
-	xgr	$lo,$hi
-	xgr	$hi,@r[1]
-	xgr	$lo,@r[0]
-	xgr	$hi,@r[2]
-	xgr	$lo,@r[3]	
-	xgr	$hi,@r[3]
-	xgr	$lo,$hi
-	stg	$hi,16($rp)
-	stg	$lo,8($rp)
-___
-} else {
-$code.=<<___;
-	sllg	%r3,%r3,32
-	sllg	%r5,%r5,32
-	or	%r3,%r4
-	or	%r5,%r6
-	bras	$ra,_mul_1x1
-	rllg	$lo,$lo,32
-	rllg	$hi,$hi,32
-	stmg	$lo,$hi,0($rp)
-___
-}
-$code.=<<___;
-	lm${g}	%r6,%r15,`$stdframe+128+6*$SIZE_T`($sp)
-	br	$ra
-.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
-.string	"GF(2^m) Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/s390x-mont.pl b/lib/libssl/src/crypto/bn/asm/s390x-mont.pl
deleted file mode 100644
index 9fd64e81eef..00000000000
--- a/lib/libssl/src/crypto/bn/asm/s390x-mont.pl
+++ /dev/null
@@ -1,277 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# April 2007.
-#
-# Performance improvement over vanilla C code varies from 85% to 45%
-# depending on key length and benchmark. Unfortunately in this context
-# these are not very impressive results [for code that utilizes "wide"
-# 64x64=128-bit multiplication, which is not commonly available to C
-# programmers], at least hand-coded bn_asm.c replacement is known to
-# provide 30-40% better results for longest keys. Well, on a second
-# thought it's not very surprising, because z-CPUs are single-issue
-# and _strictly_ in-order execution, while bn_mul_mont is more or less
-# dependent on CPU ability to pipe-line instructions and have several
-# of them "in-flight" at the same time. I mean while other methods,
-# for example Karatsuba, aim to minimize amount of multiplications at
-# the cost of other operations increase, bn_mul_mont aim to neatly
-# "overlap" multiplications and the other operations [and on most
-# platforms even minimize the amount of the other operations, in
-# particular references to memory]. But it's possible to improve this
-# module performance by implementing dedicated squaring code-path and
-# possibly by unrolling loops...
-
-# January 2009.
-#
-# Reschedule to minimize/avoid Address Generation Interlock hazard,
-# make inner loops counter-based.
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific. Compatibility with 32-bit BN_ULONG
-# is achieved by swapping words after 64-bit loads, follow _dswap-s.
-# On z990 it was measured to perform 2.6-2.2 times better than
-# compiler-generated code, less for longer keys...
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$stdframe=16*$SIZE_T+4*8;
-
-$mn0="%r0";
-$num="%r1";
-
-# int bn_mul_mont(
-$rp="%r2";		# BN_ULONG *rp,
-$ap="%r3";		# const BN_ULONG *ap,
-$bp="%r4";		# const BN_ULONG *bp,
-$np="%r5";		# const BN_ULONG *np,
-$n0="%r6";		# const BN_ULONG *n0,
-#$num="160(%r15)"	# int num);
-
-$bi="%r2";	# zaps rp
-$j="%r7";
-
-$ahi="%r8";
-$alo="%r9";
-$nhi="%r10";
-$nlo="%r11";
-$AHI="%r12";
-$NHI="%r13";
-$count="%r14";
-$sp="%r15";
-
-$code.=<<___;
-.text
-.globl	bn_mul_mont
-.type	bn_mul_mont,\@function
-bn_mul_mont:
-	lgf	$num,`$stdframe+$SIZE_T-4`($sp)	# pull $num
-	sla	$num,`log($SIZE_T)/log(2)`	# $num to enumerate bytes
-	la	$bp,0($num,$bp)
-
-	st${g}	%r2,2*$SIZE_T($sp)
-
-	cghi	$num,16		#
-	lghi	%r2,0		#
-	blr	%r14		# if($num<16) return 0;
-___
-$code.=<<___ if ($flavour =~ /3[12]/);
-	tmll	$num,4
-	bnzr	%r14		# if ($num&1) return 0;
-___
-$code.=<<___ if ($flavour !~ /3[12]/);
-	cghi	$num,96		#
-	bhr	%r14		# if($num>96) return 0;
-___
-$code.=<<___;
-	stm${g}	%r3,%r15,3*$SIZE_T($sp)
-
-	lghi	$rp,-$stdframe-8	# leave room for carry bit
-	lcgr	$j,$num		# -$num
-	lgr	%r0,$sp
-	la	$rp,0($rp,$sp)
-	la	$sp,0($j,$rp)	# alloca
-	st${g}	%r0,0($sp)	# back chain
-
-	sra	$num,3		# restore $num
-	la	$bp,0($j,$bp)	# restore $bp
-	ahi	$num,-1		# adjust $num for inner loop
-	lg	$n0,0($n0)	# pull n0
-	_dswap	$n0
-
-	lg	$bi,0($bp)
-	_dswap	$bi
-	lg	$alo,0($ap)
-	_dswap	$alo
-	mlgr	$ahi,$bi	# ap[0]*bp[0]
-	lgr	$AHI,$ahi
-
-	lgr	$mn0,$alo	# "tp[0]"*n0
-	msgr	$mn0,$n0
-
-	lg	$nlo,0($np)	#
-	_dswap	$nlo
-	mlgr	$nhi,$mn0	# np[0]*m1
-	algr	$nlo,$alo	# +="tp[0]"
-	lghi	$NHI,0
-	alcgr	$NHI,$nhi
-
-	la	$j,8(%r0)	# j=1
-	lr	$count,$num
-
-.align	16
-.L1st:
-	lg	$alo,0($j,$ap)
-	_dswap	$alo
-	mlgr	$ahi,$bi	# ap[j]*bp[0]
-	algr	$alo,$AHI
-	lghi	$AHI,0
-	alcgr	$AHI,$ahi
-
-	lg	$nlo,0($j,$np)
-	_dswap	$nlo
-	mlgr	$nhi,$mn0	# np[j]*m1
-	algr	$nlo,$NHI
-	lghi	$NHI,0
-	alcgr	$nhi,$NHI	# +="tp[j]"
-	algr	$nlo,$alo
-	alcgr	$NHI,$nhi
-
-	stg	$nlo,$stdframe-8($j,$sp)	# tp[j-1]=
-	la	$j,8($j)	# j++
-	brct	$count,.L1st
-
-	algr	$NHI,$AHI
-	lghi	$AHI,0
-	alcgr	$AHI,$AHI	# upmost overflow bit
-	stg	$NHI,$stdframe-8($j,$sp)
-	stg	$AHI,$stdframe($j,$sp)
-	la	$bp,8($bp)	# bp++
-
-.Louter:
-	lg	$bi,0($bp)	# bp[i]
-	_dswap	$bi
-	lg	$alo,0($ap)
-	_dswap	$alo
-	mlgr	$ahi,$bi	# ap[0]*bp[i]
-	alg	$alo,$stdframe($sp)	# +=tp[0]
-	lghi	$AHI,0
-	alcgr	$AHI,$ahi
-
-	lgr	$mn0,$alo
-	msgr	$mn0,$n0	# tp[0]*n0
-
-	lg	$nlo,0($np)	# np[0]
-	_dswap	$nlo
-	mlgr	$nhi,$mn0	# np[0]*m1
-	algr	$nlo,$alo	# +="tp[0]"
-	lghi	$NHI,0
-	alcgr	$NHI,$nhi
-
-	la	$j,8(%r0)	# j=1
-	lr	$count,$num
-
-.align	16
-.Linner:
-	lg	$alo,0($j,$ap)
-	_dswap	$alo
-	mlgr	$ahi,$bi	# ap[j]*bp[i]
-	algr	$alo,$AHI
-	lghi	$AHI,0
-	alcgr	$ahi,$AHI
-	alg	$alo,$stdframe($j,$sp)# +=tp[j]
-	alcgr	$AHI,$ahi
-
-	lg	$nlo,0($j,$np)
-	_dswap	$nlo
-	mlgr	$nhi,$mn0	# np[j]*m1
-	algr	$nlo,$NHI
-	lghi	$NHI,0
-	alcgr	$nhi,$NHI
-	algr	$nlo,$alo	# +="tp[j]"
-	alcgr	$NHI,$nhi
-
-	stg	$nlo,$stdframe-8($j,$sp)	# tp[j-1]=
-	la	$j,8($j)	# j++
-	brct	$count,.Linner
-
-	algr	$NHI,$AHI
-	lghi	$AHI,0
-	alcgr	$AHI,$AHI
-	alg	$NHI,$stdframe($j,$sp)# accumulate previous upmost overflow bit
-	lghi	$ahi,0
-	alcgr	$AHI,$ahi	# new upmost overflow bit
-	stg	$NHI,$stdframe-8($j,$sp)
-	stg	$AHI,$stdframe($j,$sp)
-
-	la	$bp,8($bp)	# bp++
-	cl${g}	$bp,`$stdframe+8+4*$SIZE_T`($j,$sp)	# compare to &bp[num]
-	jne	.Louter
-
-	l${g}	$rp,`$stdframe+8+2*$SIZE_T`($j,$sp)	# reincarnate rp
-	la	$ap,$stdframe($sp)
-	ahi	$num,1		# restore $num, incidentally clears "borrow"
-
-	la	$j,0(%r0)
-	lr	$count,$num
-.Lsub:	lg	$alo,0($j,$ap)
-	lg	$nlo,0($j,$np)
-	_dswap	$nlo
-	slbgr	$alo,$nlo
-	stg	$alo,0($j,$rp)
-	la	$j,8($j)
-	brct	$count,.Lsub
-	lghi	$ahi,0
-	slbgr	$AHI,$ahi	# handle upmost carry
-
-	ngr	$ap,$AHI
-	lghi	$np,-1
-	xgr	$np,$AHI
-	ngr	$np,$rp
-	ogr	$ap,$np		# ap=borrow?tp:rp
-
-	la	$j,0(%r0)
-	lgr	$count,$num
-.Lcopy:	lg	$alo,0($j,$ap)		# copy or in-place refresh
-	_dswap	$alo
-	stg	$j,$stdframe($j,$sp)	# zap tp
-	stg	$alo,0($j,$rp)
-	la	$j,8($j)
-	brct	$count,.Lcopy
-
-	la	%r1,`$stdframe+8+6*$SIZE_T`($j,$sp)
-	lm${g}	%r6,%r15,0(%r1)
-	lghi	%r2,1		# signal "processed"
-	br	%r14
-.size	bn_mul_mont,.-bn_mul_mont
-.string	"Montgomery Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-	s/_dswap\s+(%r[0-9]+)/sprintf("rllg\t%s,%s,32",$1,$1) if($SIZE_T==4)/e;
-	print $_,"\n";
-}
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/s390x.S b/lib/libssl/src/crypto/bn/asm/s390x.S
deleted file mode 100755
index 43fcb79bc01..00000000000
--- a/lib/libssl/src/crypto/bn/asm/s390x.S
+++ /dev/null
@@ -1,678 +0,0 @@
-.ident "s390x.S, version 1.1"
-// ====================================================================
-// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-// project.
-//
-// Rights for redistribution and usage in source and binary forms are
-// granted according to the OpenSSL license. Warranty of any kind is
-// disclaimed.
-// ====================================================================
-
-.text
-
-#define zero	%r0
-
-// BN_ULONG bn_mul_add_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
-.globl	bn_mul_add_words
-.type	bn_mul_add_words,@function
-.align	4
-bn_mul_add_words:
-	lghi	zero,0		// zero = 0
-	la	%r1,0(%r2)	// put rp aside
-	lghi	%r2,0		// i=0;
-	ltgfr	%r4,%r4
-	bler	%r14		// if (len<=0) return 0;
-
-	stmg	%r6,%r10,48(%r15)
-	lghi	%r10,3
-	lghi	%r8,0		// carry = 0
-	nr	%r10,%r4	// len%4
-	sra	%r4,2		// cnt=len/4
-	jz	.Loop1_madd	// carry is incidentally cleared if branch taken
-	algr	zero,zero	// clear carry
-
-.Loop4_madd:
-	lg	%r7,0(%r2,%r3)	// ap[i]
-	mlgr	%r6,%r5		// *=w
-	alcgr	%r7,%r8		// +=carry
-	alcgr	%r6,zero
-	alg	%r7,0(%r2,%r1)	// +=rp[i]
-	stg	%r7,0(%r2,%r1)	// rp[i]=
-
-	lg	%r9,8(%r2,%r3)
-	mlgr	%r8,%r5
-	alcgr	%r9,%r6
-	alcgr	%r8,zero
-	alg	%r9,8(%r2,%r1)
-	stg	%r9,8(%r2,%r1)
-
-	lg	%r7,16(%r2,%r3)
-	mlgr	%r6,%r5
-	alcgr	%r7,%r8
-	alcgr	%r6,zero
-	alg	%r7,16(%r2,%r1)
-	stg	%r7,16(%r2,%r1)
-
-	lg	%r9,24(%r2,%r3)
-	mlgr	%r8,%r5
-	alcgr	%r9,%r6
-	alcgr	%r8,zero
-	alg	%r9,24(%r2,%r1)
-	stg	%r9,24(%r2,%r1)
-
-	la	%r2,32(%r2)	// i+=4
-	brct	%r4,.Loop4_madd
-
-	la	%r10,1(%r10)		// see if len%4 is zero ...
-	brct	%r10,.Loop1_madd	// without touching condition code:-)
-
-.Lend_madd:
-	alcgr	%r8,zero	// collect carry bit
-	lgr	%r2,%r8
-	lmg	%r6,%r10,48(%r15)
-	br	%r14
-
-.Loop1_madd:
-	lg	%r7,0(%r2,%r3)	// ap[i]
-	mlgr	%r6,%r5		// *=w
-	alcgr	%r7,%r8		// +=carry
-	alcgr	%r6,zero
-	alg	%r7,0(%r2,%r1)	// +=rp[i]
-	stg	%r7,0(%r2,%r1)	// rp[i]=
-
-	lgr	%r8,%r6
-	la	%r2,8(%r2)	// i++
-	brct	%r10,.Loop1_madd
-
-	j	.Lend_madd
-.size	bn_mul_add_words,.-bn_mul_add_words
-
-// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
-.globl	bn_mul_words
-.type	bn_mul_words,@function
-.align	4
-bn_mul_words:
-	lghi	zero,0		// zero = 0
-	la	%r1,0(%r2)	// put rp aside
-	lghi	%r2,0		// i=0;
-	ltgfr	%r4,%r4
-	bler	%r14		// if (len<=0) return 0;
-
-	stmg	%r6,%r10,48(%r15)
-	lghi	%r10,3
-	lghi	%r8,0		// carry = 0
-	nr	%r10,%r4	// len%4
-	sra	%r4,2		// cnt=len/4
-	jz	.Loop1_mul	// carry is incidentally cleared if branch taken
-	algr	zero,zero	// clear carry
-
-.Loop4_mul:
-	lg	%r7,0(%r2,%r3)	// ap[i]
-	mlgr	%r6,%r5		// *=w
-	alcgr	%r7,%r8		// +=carry
-	stg	%r7,0(%r2,%r1)	// rp[i]=
-
-	lg	%r9,8(%r2,%r3)
-	mlgr	%r8,%r5
-	alcgr	%r9,%r6
-	stg	%r9,8(%r2,%r1)
-
-	lg	%r7,16(%r2,%r3)
-	mlgr	%r6,%r5
-	alcgr	%r7,%r8
-	stg	%r7,16(%r2,%r1)
-
-	lg	%r9,24(%r2,%r3)
-	mlgr	%r8,%r5
-	alcgr	%r9,%r6
-	stg	%r9,24(%r2,%r1)
-
-	la	%r2,32(%r2)	// i+=4
-	brct	%r4,.Loop4_mul
-
-	la	%r10,1(%r10)		// see if len%4 is zero ...
-	brct	%r10,.Loop1_mul		// without touching condition code:-)
-
-.Lend_mul:
-	alcgr	%r8,zero	// collect carry bit
-	lgr	%r2,%r8
-	lmg	%r6,%r10,48(%r15)
-	br	%r14
-
-.Loop1_mul:
-	lg	%r7,0(%r2,%r3)	// ap[i]
-	mlgr	%r6,%r5		// *=w
-	alcgr	%r7,%r8		// +=carry
-	stg	%r7,0(%r2,%r1)	// rp[i]=
-
-	lgr	%r8,%r6
-	la	%r2,8(%r2)	// i++
-	brct	%r10,.Loop1_mul
-
-	j	.Lend_mul
-.size	bn_mul_words,.-bn_mul_words
-
-// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
-.globl	bn_sqr_words
-.type	bn_sqr_words,@function
-.align	4
-bn_sqr_words:
-	ltgfr	%r4,%r4
-	bler	%r14
-
-	stmg	%r6,%r7,48(%r15)
-	srag	%r1,%r4,2	// cnt=len/4
-	jz	.Loop1_sqr
-
-.Loop4_sqr:
-	lg	%r7,0(%r3)
-	mlgr	%r6,%r7
-	stg	%r7,0(%r2)
-	stg	%r6,8(%r2)
-
-	lg	%r7,8(%r3)
-	mlgr	%r6,%r7
-	stg	%r7,16(%r2)
-	stg	%r6,24(%r2)
-
-	lg	%r7,16(%r3)
-	mlgr	%r6,%r7
-	stg	%r7,32(%r2)
-	stg	%r6,40(%r2)
-
-	lg	%r7,24(%r3)
-	mlgr	%r6,%r7
-	stg	%r7,48(%r2)
-	stg	%r6,56(%r2)
-
-	la	%r3,32(%r3)
-	la	%r2,64(%r2)
-	brct	%r1,.Loop4_sqr
-
-	lghi	%r1,3
-	nr	%r4,%r1		// cnt=len%4
-	jz	.Lend_sqr
-
-.Loop1_sqr:
-	lg	%r7,0(%r3)
-	mlgr	%r6,%r7
-	stg	%r7,0(%r2)
-	stg	%r6,8(%r2)
-
-	la	%r3,8(%r3)
-	la	%r2,16(%r2)
-	brct	%r4,.Loop1_sqr
-
-.Lend_sqr:
-	lmg	%r6,%r7,48(%r15)
-	br	%r14
-.size	bn_sqr_words,.-bn_sqr_words
-
-// BN_ULONG bn_div_words(BN_ULONG h,BN_ULONG l,BN_ULONG d);
-.globl	bn_div_words
-.type	bn_div_words,@function
-.align	4
-bn_div_words:
-	dlgr	%r2,%r4
-	lgr	%r2,%r3
-	br	%r14
-.size	bn_div_words,.-bn_div_words
-
-// BN_ULONG bn_add_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
-.globl	bn_add_words
-.type	bn_add_words,@function
-.align	4
-bn_add_words:
-	la	%r1,0(%r2)	// put rp aside
-	lghi	%r2,0		// i=0
-	ltgfr	%r5,%r5
-	bler	%r14		// if (len<=0) return 0;
-
-	stg	%r6,48(%r15)
-	lghi	%r6,3
-	nr	%r6,%r5		// len%4
-	sra	%r5,2		// len/4, use sra because it sets condition code
-	jz	.Loop1_add	// carry is incidentally cleared if branch taken
-	algr	%r2,%r2		// clear carry
-
-.Loop4_add:
-	lg	%r0,0(%r2,%r3)
-	alcg	%r0,0(%r2,%r4)
-	stg	%r0,0(%r2,%r1)
-	lg	%r0,8(%r2,%r3)
-	alcg	%r0,8(%r2,%r4)
-	stg	%r0,8(%r2,%r1)
-	lg	%r0,16(%r2,%r3)
-	alcg	%r0,16(%r2,%r4)
-	stg	%r0,16(%r2,%r1)
-	lg	%r0,24(%r2,%r3)
-	alcg	%r0,24(%r2,%r4)
-	stg	%r0,24(%r2,%r1)
-
-	la	%r2,32(%r2)	// i+=4
-	brct	%r5,.Loop4_add
-
-	la	%r6,1(%r6)	// see if len%4 is zero ...
-	brct	%r6,.Loop1_add	// without touching condition code:-)
-
-.Lexit_add:
-	lghi	%r2,0
-	alcgr	%r2,%r2
-	lg	%r6,48(%r15)
-	br	%r14
-
-.Loop1_add:
-	lg	%r0,0(%r2,%r3)
-	alcg	%r0,0(%r2,%r4)
-	stg	%r0,0(%r2,%r1)
-
-	la	%r2,8(%r2)	// i++
-	brct	%r6,.Loop1_add
-
-	j	.Lexit_add
-.size	bn_add_words,.-bn_add_words
-
-// BN_ULONG bn_sub_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
-.globl	bn_sub_words
-.type	bn_sub_words,@function
-.align	4
-bn_sub_words:
-	la	%r1,0(%r2)	// put rp aside
-	lghi	%r2,0		// i=0
-	ltgfr	%r5,%r5
-	bler	%r14		// if (len<=0) return 0;
-
-	stg	%r6,48(%r15)
-	lghi	%r6,3
-	nr	%r6,%r5		// len%4
-	sra	%r5,2		// len/4, use sra because it sets condition code
-	jnz	.Loop4_sub	// borrow is incidentally cleared if branch taken
-	slgr	%r2,%r2		// clear borrow
-
-.Loop1_sub:
-	lg	%r0,0(%r2,%r3)
-	slbg	%r0,0(%r2,%r4)
-	stg	%r0,0(%r2,%r1)
-
-	la	%r2,8(%r2)	// i++
-	brct	%r6,.Loop1_sub
-	j	.Lexit_sub
-
-.Loop4_sub:
-	lg	%r0,0(%r2,%r3)
-	slbg	%r0,0(%r2,%r4)
-	stg	%r0,0(%r2,%r1)
-	lg	%r0,8(%r2,%r3)
-	slbg	%r0,8(%r2,%r4)
-	stg	%r0,8(%r2,%r1)
-	lg	%r0,16(%r2,%r3)
-	slbg	%r0,16(%r2,%r4)
-	stg	%r0,16(%r2,%r1)
-	lg	%r0,24(%r2,%r3)
-	slbg	%r0,24(%r2,%r4)
-	stg	%r0,24(%r2,%r1)
-
-	la	%r2,32(%r2)	// i+=4
-	brct	%r5,.Loop4_sub
-
-	la	%r6,1(%r6)	// see if len%4 is zero ...
-	brct	%r6,.Loop1_sub	// without touching condition code:-)
-
-.Lexit_sub:
-	lghi	%r2,0
-	slbgr	%r2,%r2
-	lcgr	%r2,%r2
-	lg	%r6,48(%r15)
-	br	%r14
-.size	bn_sub_words,.-bn_sub_words
-
-#define c1	%r1
-#define c2	%r5
-#define c3	%r8
-
-#define mul_add_c(ai,bi,c1,c2,c3)	\
-	lg	%r7,ai*8(%r3);		\
-	mlg	%r6,bi*8(%r4);		\
-	algr	c1,%r7;			\
-	alcgr	c2,%r6;			\
-	alcgr	c3,zero
-
-// void bn_mul_comba8(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
-.globl	bn_mul_comba8
-.type	bn_mul_comba8,@function
-.align	4
-bn_mul_comba8:
-	stmg	%r6,%r8,48(%r15)
-
-	lghi	c1,0
-	lghi	c2,0
-	lghi	c3,0
-	lghi	zero,0
-
-	mul_add_c(0,0,c1,c2,c3);
-	stg	c1,0*8(%r2)
-	lghi	c1,0
-
-	mul_add_c(0,1,c2,c3,c1);
-	mul_add_c(1,0,c2,c3,c1);
-	stg	c2,1*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(2,0,c3,c1,c2);
-	mul_add_c(1,1,c3,c1,c2);
-	mul_add_c(0,2,c3,c1,c2);
-	stg	c3,2*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(0,3,c1,c2,c3);
-	mul_add_c(1,2,c1,c2,c3);
-	mul_add_c(2,1,c1,c2,c3);
-	mul_add_c(3,0,c1,c2,c3);
-	stg	c1,3*8(%r2)
-	lghi	c1,0
-
-	mul_add_c(4,0,c2,c3,c1);
-	mul_add_c(3,1,c2,c3,c1);
-	mul_add_c(2,2,c2,c3,c1);
-	mul_add_c(1,3,c2,c3,c1);
-	mul_add_c(0,4,c2,c3,c1);
-	stg	c2,4*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(0,5,c3,c1,c2);
-	mul_add_c(1,4,c3,c1,c2);
-	mul_add_c(2,3,c3,c1,c2);
-	mul_add_c(3,2,c3,c1,c2);
-	mul_add_c(4,1,c3,c1,c2);
-	mul_add_c(5,0,c3,c1,c2);
-	stg	c3,5*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(6,0,c1,c2,c3);
-	mul_add_c(5,1,c1,c2,c3);
-	mul_add_c(4,2,c1,c2,c3);
-	mul_add_c(3,3,c1,c2,c3);
-	mul_add_c(2,4,c1,c2,c3);
-	mul_add_c(1,5,c1,c2,c3);
-	mul_add_c(0,6,c1,c2,c3);
-	stg	c1,6*8(%r2)
-	lghi	c1,0
-
-	mul_add_c(0,7,c2,c3,c1);
-	mul_add_c(1,6,c2,c3,c1);
-	mul_add_c(2,5,c2,c3,c1);
-	mul_add_c(3,4,c2,c3,c1);
-	mul_add_c(4,3,c2,c3,c1);
-	mul_add_c(5,2,c2,c3,c1);
-	mul_add_c(6,1,c2,c3,c1);
-	mul_add_c(7,0,c2,c3,c1);
-	stg	c2,7*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(7,1,c3,c1,c2);
-	mul_add_c(6,2,c3,c1,c2);
-	mul_add_c(5,3,c3,c1,c2);
-	mul_add_c(4,4,c3,c1,c2);
-	mul_add_c(3,5,c3,c1,c2);
-	mul_add_c(2,6,c3,c1,c2);
-	mul_add_c(1,7,c3,c1,c2);
-	stg	c3,8*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(2,7,c1,c2,c3);
-	mul_add_c(3,6,c1,c2,c3);
-	mul_add_c(4,5,c1,c2,c3);
-	mul_add_c(5,4,c1,c2,c3);
-	mul_add_c(6,3,c1,c2,c3);
-	mul_add_c(7,2,c1,c2,c3);
-	stg	c1,9*8(%r2)
-	lghi	c1,0
-
-	mul_add_c(7,3,c2,c3,c1);
-	mul_add_c(6,4,c2,c3,c1);
-	mul_add_c(5,5,c2,c3,c1);
-	mul_add_c(4,6,c2,c3,c1);
-	mul_add_c(3,7,c2,c3,c1);
-	stg	c2,10*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(4,7,c3,c1,c2);
-	mul_add_c(5,6,c3,c1,c2);
-	mul_add_c(6,5,c3,c1,c2);
-	mul_add_c(7,4,c3,c1,c2);
-	stg	c3,11*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(7,5,c1,c2,c3);
-	mul_add_c(6,6,c1,c2,c3);
-	mul_add_c(5,7,c1,c2,c3);
-	stg	c1,12*8(%r2)
-	lghi	c1,0
-
-
-	mul_add_c(6,7,c2,c3,c1);
-	mul_add_c(7,6,c2,c3,c1);
-	stg	c2,13*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(7,7,c3,c1,c2);
-	stg	c3,14*8(%r2)
-	stg	c1,15*8(%r2)
-
-	lmg	%r6,%r8,48(%r15)
-	br	%r14
-.size	bn_mul_comba8,.-bn_mul_comba8
-
-// void bn_mul_comba4(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
-.globl	bn_mul_comba4
-.type	bn_mul_comba4,@function
-.align	4
-bn_mul_comba4:
-	stmg	%r6,%r8,48(%r15)
-
-	lghi	c1,0
-	lghi	c2,0
-	lghi	c3,0
-	lghi	zero,0
-
-	mul_add_c(0,0,c1,c2,c3);
-	stg	c1,0*8(%r3)
-	lghi	c1,0
-
-	mul_add_c(0,1,c2,c3,c1);
-	mul_add_c(1,0,c2,c3,c1);
-	stg	c2,1*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(2,0,c3,c1,c2);
-	mul_add_c(1,1,c3,c1,c2);
-	mul_add_c(0,2,c3,c1,c2);
-	stg	c3,2*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(0,3,c1,c2,c3);
-	mul_add_c(1,2,c1,c2,c3);
-	mul_add_c(2,1,c1,c2,c3);
-	mul_add_c(3,0,c1,c2,c3);
-	stg	c1,3*8(%r2)
-	lghi	c1,0
-
-	mul_add_c(3,1,c2,c3,c1);
-	mul_add_c(2,2,c2,c3,c1);
-	mul_add_c(1,3,c2,c3,c1);
-	stg	c2,4*8(%r2)
-	lghi	c2,0
-
-	mul_add_c(2,3,c3,c1,c2);
-	mul_add_c(3,2,c3,c1,c2);
-	stg	c3,5*8(%r2)
-	lghi	c3,0
-
-	mul_add_c(3,3,c1,c2,c3);
-	stg	c1,6*8(%r2)
-	stg	c2,7*8(%r2)
-
-	stmg	%r6,%r8,48(%r15)
-	br	%r14
-.size	bn_mul_comba4,.-bn_mul_comba4
-
-#define sqr_add_c(ai,c1,c2,c3)		\
-	lg	%r7,ai*8(%r3);		\
-	mlgr	%r6,%r7;		\
-	algr	c1,%r7;			\
-	alcgr	c2,%r6;			\
-	alcgr	c3,zero
-
-#define sqr_add_c2(ai,aj,c1,c2,c3)	\
-	lg	%r7,ai*8(%r3);		\
-	mlg	%r6,aj*8(%r3);		\
-	algr	c1,%r7;			\
-	alcgr	c2,%r6;			\
-	alcgr	c3,zero;		\
-	algr	c1,%r7;			\
-	alcgr	c2,%r6;			\
-	alcgr	c3,zero
-
-// void bn_sqr_comba8(BN_ULONG *r2,BN_ULONG *r3);
-.globl	bn_sqr_comba8
-.type	bn_sqr_comba8,@function
-.align	4
-bn_sqr_comba8:
-	stmg	%r6,%r8,48(%r15)
-
-	lghi	c1,0
-	lghi	c2,0
-	lghi	c3,0
-	lghi	zero,0
-
-	sqr_add_c(0,c1,c2,c3);
-	stg	c1,0*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c2(1,0,c2,c3,c1);
-	stg	c2,1*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c(1,c3,c1,c2);
-	sqr_add_c2(2,0,c3,c1,c2);
-	stg	c3,2*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c2(3,0,c1,c2,c3);
-	sqr_add_c2(2,1,c1,c2,c3);
-	stg	c1,3*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c(2,c2,c3,c1);
-	sqr_add_c2(3,1,c2,c3,c1);
-	sqr_add_c2(4,0,c2,c3,c1);
-	stg	c2,4*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c2(5,0,c3,c1,c2);
-	sqr_add_c2(4,1,c3,c1,c2);
-	sqr_add_c2(3,2,c3,c1,c2);
-	stg	c3,5*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c(3,c1,c2,c3);
-	sqr_add_c2(4,2,c1,c2,c3);
-	sqr_add_c2(5,1,c1,c2,c3);
-	sqr_add_c2(6,0,c1,c2,c3);
-	stg	c1,6*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c2(7,0,c2,c3,c1);
-	sqr_add_c2(6,1,c2,c3,c1);
-	sqr_add_c2(5,2,c2,c3,c1);
-	sqr_add_c2(4,3,c2,c3,c1);
-	stg	c2,7*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c(4,c3,c1,c2);
-	sqr_add_c2(5,3,c3,c1,c2);
-	sqr_add_c2(6,2,c3,c1,c2);
-	sqr_add_c2(7,1,c3,c1,c2);
-	stg	c3,8*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c2(7,2,c1,c2,c3);
-	sqr_add_c2(6,3,c1,c2,c3);
-	sqr_add_c2(5,4,c1,c2,c3);
-	stg	c1,9*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c(5,c2,c3,c1);
-	sqr_add_c2(6,4,c2,c3,c1);
-	sqr_add_c2(7,3,c2,c3,c1);
-	stg	c2,10*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c2(7,4,c3,c1,c2);
-	sqr_add_c2(6,5,c3,c1,c2);
-	stg	c3,11*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c(6,c1,c2,c3);
-	sqr_add_c2(7,5,c1,c2,c3);
-	stg	c1,12*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c2(7,6,c2,c3,c1);
-	stg	c2,13*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c(7,c3,c1,c2);
-	stg	c3,14*8(%r2)
-	stg	c1,15*8(%r2)
-
-	lmg	%r6,%r8,48(%r15)
-	br	%r14
-.size	bn_sqr_comba8,.-bn_sqr_comba8
-
-// void bn_sqr_comba4(BN_ULONG *r2,BN_ULONG *r3);
-.globl bn_sqr_comba4
-.type	bn_sqr_comba4,@function
-.align	4
-bn_sqr_comba4:
-	stmg	%r6,%r8,48(%r15)
-
-	lghi	c1,0
-	lghi	c2,0
-	lghi	c3,0
-	lghi	zero,0
-
-	sqr_add_c(0,c1,c2,c3);
-	stg	c1,0*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c2(1,0,c2,c3,c1);
-	stg	c2,1*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c(1,c3,c1,c2);
-	sqr_add_c2(2,0,c3,c1,c2);
-	stg	c3,2*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c2(3,0,c1,c2,c3);
-	sqr_add_c2(2,1,c1,c2,c3);
-	stg	c1,3*8(%r2)
-	lghi	c1,0
-
-	sqr_add_c(2,c2,c3,c1);
-	sqr_add_c2(3,1,c2,c3,c1);
-	stg	c2,4*8(%r2)
-	lghi	c2,0
-
-	sqr_add_c2(3,2,c3,c1,c2);
-	stg	c3,5*8(%r2)
-	lghi	c3,0
-
-	sqr_add_c(3,c1,c2,c3);
-	stg	c1,6*8(%r2)
-	stg	c2,7*8(%r2)
-
-	lmg	%r6,%r8,48(%r15)
-	br	%r14
-.size	bn_sqr_comba4,.-bn_sqr_comba4
diff --git a/lib/libssl/src/crypto/bn/asm/sparcv8.S b/lib/libssl/src/crypto/bn/asm/sparcv8.S
deleted file mode 100644
index 88c5dc480a7..00000000000
--- a/lib/libssl/src/crypto/bn/asm/sparcv8.S
+++ /dev/null
@@ -1,1458 +0,0 @@
-.ident	"sparcv8.s, Version 1.4"
-.ident	"SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contributon to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * See bn_asm.sparc.v8plus.S for more details.
- */
-
-/*
- * Revision history.
- *
- * 1.1	- new loop unrolling model(*);
- * 1.2	- made gas friendly;
- * 1.3	- fixed problem with /usr/ccs/lib/cpp;
- * 1.4	- some retunes;
- *
- * (*)	see bn_asm.sparc.v8plus.S for details
- */
-
-.section	".text",#alloc,#execinstr
-.file		"bn_asm.sparc.v8.S"
-
-.align	32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
-	cmp	%o2,0
-	bg,a	.L_bn_mul_add_words_proceed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_add_words_proceed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_mul_add_words_tail
-	clr	%o5
-
-.L_bn_mul_add_words_loop:
-	ld	[%o0],%o4
-	ld	[%o1+4],%g3
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0]
-	addx	%g1,0,%o5
-
-	ld	[%o0+4],%o4
-	ld	[%o1+8],%g2
-	umul	%o3,%g3,%g3
-	dec	4,%o2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g3,%o4
-	st	%o4,[%o0+4]
-	addx	%g1,0,%o5
-
-	ld	[%o0+8],%o4
-	ld	[%o1+12],%g3
-	umul	%o3,%g2,%g2
-	inc	16,%o1
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0+8]
-	addx	%g1,0,%o5
-
-	ld	[%o0+12],%o4
-	umul	%o3,%g3,%g3
-	inc	16,%o0
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g3,%o4
-	st	%o4,[%o0-4]
-	addx	%g1,0,%o5
-	andcc	%o2,-4,%g0
-	bnz,a	.L_bn_mul_add_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	bnz,a	.L_bn_mul_add_words_tail
-	ld	[%o1],%g2
-.L_bn_mul_add_words_return:
-	retl
-	mov	%o5,%o0
-	nop
-
-.L_bn_mul_add_words_tail:
-	ld	[%o0],%o4
-	umul	%o3,%g2,%g2
-	addcc	%o4,%o5,%o4
-	rd	%y,%g1
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_add_words_return
-	st	%o4,[%o0]
-
-	ld	[%o1+4],%g2
-	ld	[%o0+4],%o4
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_add_words_return
-	st	%o4,[%o0+4]
-
-	ld	[%o1+8],%g2
-	ld	[%o0+8],%o4
-	umul	%o3,%g2,%g2
-	rd	%y,%g1
-	addcc	%o4,%o5,%o4
-	addx	%g1,0,%g1
-	addcc	%o4,%g2,%o4
-	st	%o4,[%o0+8]
-	retl
-	addx	%g1,0,%o0
-
-.type	bn_mul_add_words,#function
-.size	bn_mul_add_words,(.-bn_mul_add_words)
-
-.align	32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
-	cmp	%o2,0
-	bg,a	.L_bn_mul_words_proceeed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_mul_words_proceeed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_mul_words_tail
-	clr	%o5
-
-.L_bn_mul_words_loop:
-	ld	[%o1+4],%g3
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	st	%g2,[%o0]
-
-	ld	[%o1+8],%g2
-	umul	%o3,%g3,%g3
-	addcc	%g3,%o5,%g3
-	rd	%y,%g1
-	dec	4,%o2
-	addx	%g1,0,%o5
-	st	%g3,[%o0+4]
-
-	ld	[%o1+12],%g3
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	inc	16,%o1
-	st	%g2,[%o0+8]
-	addx	%g1,0,%o5
-
-	umul	%o3,%g3,%g3
-	addcc	%g3,%o5,%g3
-	rd	%y,%g1
-	inc	16,%o0
-	addx	%g1,0,%o5
-	st	%g3,[%o0-4]
-	andcc	%o2,-4,%g0
-	nop
-	bnz,a	.L_bn_mul_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	bnz,a	.L_bn_mul_words_tail
-	ld	[%o1],%g2
-.L_bn_mul_words_return:
-	retl
-	mov	%o5,%o0
-	nop
-
-.L_bn_mul_words_tail:
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_words_return
-	st	%g2,[%o0]
-	nop
-
-	ld	[%o1+4],%g2
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	addx	%g1,0,%o5
-	deccc	%o2
-	bz	.L_bn_mul_words_return
-	st	%g2,[%o0+4]
-
-	ld	[%o1+8],%g2
-	umul	%o3,%g2,%g2
-	addcc	%g2,%o5,%g2
-	rd	%y,%g1
-	st	%g2,[%o0+8]
-	retl
-	addx	%g1,0,%o0
-
-.type	bn_mul_words,#function
-.size	bn_mul_words,(.-bn_mul_words)
-
-.align  32
-.global	bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
-	cmp	%o2,0
-	bg,a	.L_bn_sqr_words_proceeed
-	ld	[%o1],%g2
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_proceeed:
-	andcc	%o2,-4,%g0
-	bz	.L_bn_sqr_words_tail
-	clr	%o5
-
-.L_bn_sqr_words_loop:
-	ld	[%o1+4],%g3
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0]
-	rd	%y,%o5
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%g2
-	umul	%g3,%g3,%o4
-	dec	4,%o2
-	st	%o4,[%o0+8]
-	rd	%y,%o5
-	st	%o5,[%o0+12]
-	nop
-
-	ld	[%o1+12],%g3
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+16]
-	rd	%y,%o5
-	inc	16,%o1
-	st	%o5,[%o0+20]
-
-	umul	%g3,%g3,%o4
-	inc	32,%o0
-	st	%o4,[%o0-8]
-	rd	%y,%o5
-	st	%o5,[%o0-4]
-	andcc	%o2,-4,%g2
-	bnz,a	.L_bn_sqr_words_loop
-	ld	[%o1],%g2
-
-	tst	%o2
-	nop
-	bnz,a	.L_bn_sqr_words_tail
-	ld	[%o1],%g2
-.L_bn_sqr_words_return:
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_tail:
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0]
-	deccc	%o2
-	rd	%y,%o5
-	bz	.L_bn_sqr_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+4],%g2
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+8]
-	deccc	%o2
-	rd	%y,%o5
-	nop
-	bz	.L_bn_sqr_words_return
-	st	%o5,[%o0+12]
-
-	ld	[%o1+8],%g2
-	umul	%g2,%g2,%o4
-	st	%o4,[%o0+16]
-	rd	%y,%o5
-	st	%o5,[%o0+20]
-	retl
-	clr	%o0
-
-.type	bn_sqr_words,#function
-.size	bn_sqr_words,(.-bn_sqr_words)
-
-.align	32
-
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
-	wr	%o0,%y
-	udiv	%o1,%o2,%o0
-	retl
-	nop
-
-.type	bn_div_words,#function
-.size	bn_div_words,(.-bn_div_words)
-
-.align	32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
-	cmp	%o3,0
-	bg,a	.L_bn_add_words_proceed
-	ld	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_add_words_proceed:
-	andcc	%o3,-4,%g0
-	bz	.L_bn_add_words_tail
-	clr	%g1
-	ba	.L_bn_add_words_warn_loop
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_add_words_loop:
-	ld	[%o1],%o4
-.L_bn_add_words_warn_loop:
-	ld	[%o2],%o5
-	ld	[%o1+4],%g3
-	ld	[%o2+4],%g4
-	dec	4,%o3
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0]
-
-	ld	[%o1+8],%o4
-	ld	[%o2+8],%o5
-	inc	16,%o1
-	addxcc	%g3,%g4,%g3
-	st	%g3,[%o0+4]
-	
-	ld	[%o1-4],%g3
-	ld	[%o2+12],%g4
-	inc	16,%o2
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0+8]
-
-	inc	16,%o0
-	addxcc	%g3,%g4,%g3
-	st	%g3,[%o0-4]
-	addx	%g0,0,%g1
-	andcc	%o3,-4,%g0
-	bnz,a	.L_bn_add_words_loop
-	addcc	%g1,-1,%g0
-
-	tst	%o3
-	bnz,a	.L_bn_add_words_tail
-	ld	[%o1],%o4
-.L_bn_add_words_return:
-	retl
-	mov	%g1,%o0
-
-.L_bn_add_words_tail:
-	addcc	%g1,-1,%g0
-	ld	[%o2],%o5
-	addxcc	%o5,%o4,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_add_words_return
-	st	%o5,[%o0]
-
-	ld	[%o1+4],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+4],%o5
-	addxcc	%o5,%o4,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_add_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+8],%o5
-	addxcc	%o5,%o4,%o5
-	st	%o5,[%o0+8]
-	retl
-	addx	%g0,0,%o0
-
-.type	bn_add_words,#function
-.size	bn_add_words,(.-bn_add_words)
-
-.align	32
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
-	cmp	%o3,0
-	bg,a	.L_bn_sub_words_proceed
-	ld	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_sub_words_proceed:
-	andcc	%o3,-4,%g0
-	bz	.L_bn_sub_words_tail
-	clr	%g1
-	ba	.L_bn_sub_words_warm_loop
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_sub_words_loop:
-	ld	[%o1],%o4
-.L_bn_sub_words_warm_loop:
-	ld	[%o2],%o5
-	ld	[%o1+4],%g3
-	ld	[%o2+4],%g4
-	dec	4,%o3
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0]
-
-	ld	[%o1+8],%o4
-	ld	[%o2+8],%o5
-	inc	16,%o1
-	subxcc	%g3,%g4,%g4
-	st	%g4,[%o0+4]
-	
-	ld	[%o1-4],%g3
-	ld	[%o2+12],%g4
-	inc	16,%o2
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0+8]
-
-	inc	16,%o0
-	subxcc	%g3,%g4,%g4
-	st	%g4,[%o0-4]
-	addx	%g0,0,%g1
-	andcc	%o3,-4,%g0
-	bnz,a	.L_bn_sub_words_loop
-	addcc	%g1,-1,%g0
-
-	tst	%o3
-	nop
-	bnz,a	.L_bn_sub_words_tail
-	ld	[%o1],%o4
-.L_bn_sub_words_return:
-	retl
-	mov	%g1,%o0
-
-.L_bn_sub_words_tail:
-	addcc	%g1,-1,%g0
-	ld	[%o2],%o5
-	subxcc	%o4,%o5,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_sub_words_return
-	st	%o5,[%o0]
-	nop
-
-	ld	[%o1+4],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+4],%o5
-	subxcc	%o4,%o5,%o5
-	addx	%g0,0,%g1
-	deccc	%o3
-	bz	.L_bn_sub_words_return
-	st	%o5,[%o0+4]
-
-	ld	[%o1+8],%o4
-	addcc	%g1,-1,%g0
-	ld	[%o2+8],%o5
-	subxcc	%o4,%o5,%o5
-	st	%o5,[%o0+8]
-	retl
-	addx	%g0,0,%o0
-
-.type	bn_sub_words,#function
-.size	bn_sub_words,(.-bn_sub_words)
-
-#define FRAME_SIZE	-96
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1	%o0
-#define	t_2	%o1
-#define c_1	%o2
-#define c_2	%o3
-#define c_3	%o4
-
-#define ap(I)	[%i1+4*I]
-#define bp(I)	[%i2+4*I]
-#define rp(I)	[%i0+4*I]
-
-#define	a_0	%l0
-#define	a_1	%l1
-#define	a_2	%l2
-#define	a_3	%l3
-#define	a_4	%l4
-#define	a_5	%l5
-#define	a_6	%l6
-#define	a_7	%l7
-
-#define	b_0	%i3
-#define	b_1	%i4
-#define	b_2	%i5
-#define	b_3	%o5
-#define	b_4	%g1
-#define	b_5	%g2
-#define	b_6	%g3
-#define	b_7	%g4
-
-.align	32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	bp(0),b_0
-	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
-	ld	bp(1),b_1
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
-	ld	ap(1),a_1
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	ld	ap(2),a_2
-	umul	a_1,b_0,t_1	!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(1)	!r[1]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	ld	bp(2),b_2
-	umul	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	ld	bp(3),b_3
-	addx	c_2,%g0,c_2	!=
-	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	ld	ap(3),a_3
-	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	ld	ap(4),a_4
-	umul	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	ld	bp(4),b_4
-	umul	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	ld	bp(5),b_5
-	umul	a_0,b_4,t_1	!=!mul_add_c(a[0],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_2,b_3,t_1	!=!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	ld	ap(5),a_5
-	umul	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	ld	ap(6),a_6
-	addx	c_2,%g0,c_2	!=
-	umul	a_5,b_0,t_1	!mul_add_c(a[5],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(5)	!r[5]=c3;
-
-	umul	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,b_2,t_1	!mul_add_c(a[4],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_2,b_4,t_1	!mul_add_c(a[2],b[4],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	ld	bp(6),b_6
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	ld	bp(7),b_7
-	umul	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	st	c_1,rp(6)	!r[6]=c1;
-	addx	c_3,%g0,c_3	!=
-
-	umul	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	umul	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_3,b_4,t_1	!=!mul_add_c(a[3],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	ld	ap(7),a_7
-	umul	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_7,b_0,t_1	!mul_add_c(a[7],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	st	c_2,rp(7)	!r[7]=c2;
-
-	umul	a_7,b_1,t_1	!mul_add_c(a[7],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_6,b_2,t_1	!=!mul_add_c(a[6],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	umul	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_2,b_6,t_1	!=!mul_add_c(a[2],b[6],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!
-	addx	c_2,%g0,c_2
-	st	c_3,rp(8)	!r[8]=c3;
-
-	umul	a_2,b_7,t_1	!mul_add_c(a[2],b[7],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	umul	a_3,b_6,t_1	!=!mul_add_c(a[3],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	umul	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_7,b_2,t_1	!=!mul_add_c(a[7],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(9)	!r[9]=c1;
-
-	umul	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_5,b_5,t_1	!=!mul_add_c(a[5],b[5],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	umul	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(10)	!r[10]=c2;
-
-	umul	a_4,b_7,t_1	!=!mul_add_c(a[4],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	umul	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	umul	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(11)	!r[11]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	umul	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2		!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	st	c_1,rp(12)	!r[12]=c1;
-	addx	c_3,%g0,c_3	!=
-
-	umul	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	%g0,%g0,c_1
-	umul	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(13)	!r[13]=c2;
-
-	umul	a_7,b_7,t_1	!=!mul_add_c(a[7],b[7],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	nop			!=
-	st	c_3,rp(14)	!r[14]=c3;
-	st	c_1,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba8,#function
-.size	bn_mul_comba8,(.-bn_mul_comba8)
-
-.align	32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	bp(0),b_0
-	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
-	ld	bp(1),b_1
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
-	ld	ap(1),a_1
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1
-	ld	ap(2),a_2
-	umul	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(1)	!r[1]=c2;
-
-	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	ld	bp(2),b_2
-	umul	a_1,b_1,t_1	!=!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	bp(3),b_3
-	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,b_3,t_1	!=!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3	!=
-	umul	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	ld	ap(3),a_3
-	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	umul	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	umul	a_1,b_3,t_1	!=!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(5)	!r[5]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	st	c_1,rp(6)	!r[6]=c1;
-	st	c_2,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba4,#function
-.size	bn_mul_comba4,(.-bn_mul_comba4)
-
-.align	32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	ld	ap(1),a_1
-	umul	a_0,a_0,c_1	!=!sqr_add_c(a,0,c1,c2,c3);
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	ld	ap(2),a_2
-	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1	!=
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(1)	!r[1]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	ap(3),a_3
-	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	st	c_3,rp(2)	!r[2]=c3;
-
-	umul	a_0,a_3,t_1	!=!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3	!=
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	ld	ap(4),a_4
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	ld	ap(5),a_5
-	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(4)	!r[4]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	umul	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	ld	ap(6),a_6
-	umul	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	st	c_3,rp(5)	!r[5]=c3;
-
-	umul	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	umul	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
-	addcc	c_1,t_1,c_1	!=
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1	!=
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3
-	ld	ap(7),a_7
-	umul	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(6)	!r[6]=c1;
-
-	umul	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	st	c_2,rp(7)	!r[7]=c2;
-
-	umul	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	addcc	c_3,t_1,c_3	!=
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(8)	!r[8]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(9)	!r[9]=c1;
-
-	umul	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(10)	!r[10]=c2;
-
-	umul	a_4,a_7,t_1	!=!sqr_add_c2(a,7,4,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2
-	umul	a_5,a_6,t_1	!=!sqr_add_c2(a,6,5,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	c_2,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(11)	!r[11]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	st	c_1,rp(12)	!r[12]=c1;
-
-	umul	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
-	addcc	c_2,t_1,c_2	!=
-	rd	%y,t_2
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2	!=
-	addxcc	c_3,t_2,c_3
-	st	c_2,rp(13)	!r[13]=c2;
-	addx	c_1,%g0,c_1	!=
-
-	umul	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1	!=
-	st	c_3,rp(14)	!r[14]=c3;
-	st	c_1,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba8,#function
-.size	bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align	32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	ld	ap(0),a_0
-	umul	a_0,a_0,c_1	!sqr_add_c(a,0,c1,c2,c3);
-	ld	ap(1),a_1	!=
-	rd	%y,c_2
-	st	c_1,rp(0)	!r[0]=c1;
-
-	ld	ap(2),a_2
-	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2
-	addxcc	%g0,t_2,c_3
-	addx	%g0,%g0,c_1	!=
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1	!=
-	st	c_2,rp(1)	!r[1]=c2;
-
-	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2		!=
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1	!=
-	addx	c_2,%g0,c_2
-	ld	ap(3),a_3
-	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_3,t_1,c_3	!=
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(2)	!r[2]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	%g0,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	addx	c_3,%g0,c_3
-	addcc	c_1,t_1,c_1
-	addxcc	c_2,t_2,c_2
-	addx	c_3,%g0,c_3	!=
-	st	c_1,rp(3)	!r[3]=c1;
-
-	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	%g0,%g0,c_1
-	addcc	c_2,t_1,c_2
-	addxcc	c_3,t_2,c_3	!=
-	addx	c_1,%g0,c_1
-	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_2,t_1,c_2
-	rd	%y,t_2		!=
-	addxcc	c_3,t_2,c_3
-	addx	c_1,%g0,c_1
-	st	c_2,rp(4)	!r[4]=c2;
-
-	umul	a_2,a_3,t_1	!=!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_3,t_1,c_3
-	rd	%y,t_2
-	addxcc	c_1,t_2,c_1
-	addx	%g0,%g0,c_2	!=
-	addcc	c_3,t_1,c_3
-	addxcc	c_1,t_2,c_1
-	st	c_3,rp(5)	!r[5]=c3;
-	addx	c_2,%g0,c_2	!=
-
-	umul	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_1,t_1,c_1
-	rd	%y,t_2
-	addxcc	c_2,t_2,c_2	!=
-	st	c_1,rp(6)	!r[6]=c1;
-	st	c_2,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba4,#function
-.size	bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align	32
diff --git a/lib/libssl/src/crypto/bn/asm/sparcv8plus.S b/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
deleted file mode 100644
index 02ad6069c2c..00000000000
--- a/lib/libssl/src/crypto/bn/asm/sparcv8plus.S
+++ /dev/null
@@ -1,1558 +0,0 @@
-.ident	"sparcv8plus.s, Version 1.4"
-.ident	"SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
-
-/*
- * ====================================================================
- * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- * ====================================================================
- */
-
-/*
- * This is my modest contribution to OpenSSL project (see
- * http://www.openssl.org/ for more information about it) and is
- * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
- * module. For updates see http://fy.chalmers.se/~appro/hpe/.
- *
- * Questions-n-answers.
- *
- * Q. How to compile?
- * A. With SC4.x/SC5.x:
- *
- *	cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- *    and with gcc:
- *
- *	gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *
- *    or if above fails (it does if you have gas installed):
- *
- *	gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
- *
- *    Quick-n-dirty way to fuse the module into the library.
- *    Provided that the library is already configured and built
- *    (in 0.9.2 case with no-asm option):
- *
- *	# cd crypto/bn
- *	# cp /some/place/bn_asm.sparc.v8plus.S .
- *	# cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
- *	# make
- *	# cd ../..
- *	# make; make test
- *
- *    Quick-n-dirty way to get rid of it:
- *
- *	# cd crypto/bn
- *	# touch bn_asm.c
- *	# make
- *	# cd ../..
- *	# make; make test
- *
- * Q. V8plus architecture? What kind of beast is that?
- * A. Well, it's rather a programming model than an architecture...
- *    It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
- *    special conditions, namely when kernel doesn't preserve upper
- *    32 bits of otherwise 64-bit registers during a context switch.
- *
- * Q. Why just UltraSPARC? What about SuperSPARC?
- * A. Original release did target UltraSPARC only. Now SuperSPARC
- *    version is provided along. Both version share bn_*comba[48]
- *    implementations (see comment later in code for explanation).
- *    But what's so special about this UltraSPARC implementation?
- *    Why didn't I let compiler do the job? Trouble is that most of
- *    available compilers (well, SC5.0 is the only exception) don't
- *    attempt to take advantage of UltraSPARC's 64-bitness under
- *    32-bit kernels even though it's perfectly possible (see next
- *    question).
- *
- * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
- *    doesn't work?
- * A. You can't address *all* registers as 64-bit wide:-( The catch is
- *    that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
- *    preserved if you're in a leaf function, i.e. such never calling
- *    any other functions. All functions in this module are leaf and
- *    10 registers is a handful. And as a matter of fact none-"comba"
- *    routines don't require even that much and I could even afford to
- *    not allocate own stack frame for 'em:-)
- *
- * Q. What about 64-bit kernels?
- * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
- *    under evaluation and development...
- *
- * Q. What about shared libraries?
- * A. What about 'em? Kidding again:-) Code does *not* contain any
- *    code position dependencies and it's safe to include it into
- *    shared library as is.
- *
- * Q. How much faster does it go?
- * A. Do you have a good benchmark? In either case below is what I
- *    experience with crypto/bn/expspeed.c test program:
- *
- *	v8plus module on U10/300MHz against bn_asm.c compiled with:
- *
- *	cc-5.0 -xarch=v8plus -xO5 -xdepend	+7-12%
- *	cc-4.2 -xarch=v8plus -xO5 -xdepend	+25-35%
- *	egcs-1.1.2 -mcpu=ultrasparc -O3		+35-45%
- *
- *	v8 module on SS10/60MHz against bn_asm.c compiled with:
- *
- *	cc-5.0 -xarch=v8 -xO5 -xdepend		+7-10%
- *	cc-4.2 -xarch=v8 -xO5 -xdepend		+10%
- *	egcs-1.1.2 -mv8 -O3			+35-45%
- *
- *    As you can see it's damn hard to beat the new Sun C compiler
- *    and it's in first place GNU C users who will appreciate this
- *    assembler implementation:-)	
- */
-
-/*
- * Revision history.
- *
- * 1.0	- initial release;
- * 1.1	- new loop unrolling model(*);
- *	- some more fine tuning;
- * 1.2	- made gas friendly;
- *	- updates to documentation concerning v9;
- *	- new performance comparison matrix;
- * 1.3	- fixed problem with /usr/ccs/lib/cpp;
- * 1.4	- native V9 bn_*_comba[48] implementation (15% more efficient)
- *	  resulting in slight overall performance kick;
- *	- some retunes;
- *	- support for GNU as added;
- *
- * (*)	Originally unrolled loop looked like this:
- *	    for (;;) {
- *		op(p+0); if (--n==0) break;
- *		op(p+1); if (--n==0) break;
- *		op(p+2); if (--n==0) break;
- *		op(p+3); if (--n==0) break;
- *		p+=4;
- *	    }
- *	I unroll according to following:
- *	    while (n&~3) {
- *		op(p+0); op(p+1); op(p+2); op(p+3);
- *		p+=4; n=-4;
- *	    }
- *	    if (n) {
- *		op(p+0); if (--n==0) return;
- *		op(p+2); if (--n==0) return;
- *		op(p+3); return;
- *	    }
- */
-
-#if defined(__SUNPRO_C) && defined(__sparcv9)
-  /* They've said -xarch=v9 at command line */
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME_SIZE	-192
-#elif defined(__GNUC__) && defined(__arch64__)
-  /* They've said -m64 at command line */
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME_SIZE	-192
-#else 
-# define	FRAME_SIZE	-96
-#endif 
-/*
- * GNU assembler can't stand stuw:-(
- */
-#define stuw st
-
-.section	".text",#alloc,#execinstr
-.file		"bn_asm.sparc.v8plus.S"
-
-.align	32
-
-.global bn_mul_add_words
-/*
- * BN_ULONG bn_mul_add_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_add_words:
-	sra	%o2,%g0,%o2	! signx %o2
-	brgz,a	%o2,.L_bn_mul_add_words_proceed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-	nop
-	nop
-	nop
-
-.L_bn_mul_add_words_proceed:
-	srl	%o3,%g0,%o3	! clruw	%o3
-	andcc	%o2,-4,%g0
-	bz,pn	%icc,.L_bn_mul_add_words_tail
-	clr	%o5
-
-.L_bn_mul_add_words_loop:	! wow! 32 aligned!
-	lduw	[%o0],%g1
-	lduw	[%o1+4],%g3
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	nop
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+4],%g1
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g3,%g3
-	add	%g1,%o5,%o4
-	dec	4,%o2
-	add	%o4,%g3,%o4
-	stuw	%o4,[%o0+4]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+8],%g1
-	lduw	[%o1+12],%g3
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	inc	16,%o1
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-
-	lduw	[%o0+12],%g1
-	mulx	%o3,%g3,%g3
-	add	%g1,%o5,%o4
-	inc	16,%o0
-	add	%o4,%g3,%o4
-	andcc	%o2,-4,%g0
-	stuw	%o4,[%o0-4]
-	srlx	%o4,32,%o5
-	bnz,a,pt	%icc,.L_bn_mul_add_words_loop
-	lduw	[%o1],%g2
-
-	brnz,a,pn	%o2,.L_bn_mul_add_words_tail
-	lduw	[%o1],%g2
-.L_bn_mul_add_words_return:
-	retl
-	mov	%o5,%o0
-
-.L_bn_mul_add_words_tail:
-	lduw	[%o0],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	dec	%o2
-	add	%o4,%g2,%o4
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_add_words_return
-	stuw	%o4,[%o0]
-
-	lduw	[%o1+4],%g2
-	lduw	[%o0+4],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	dec	%o2
-	add	%o4,%g2,%o4
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_add_words_return
-	stuw	%o4,[%o0+4]
-
-	lduw	[%o1+8],%g2
-	lduw	[%o0+8],%g1
-	mulx	%o3,%g2,%g2
-	add	%g1,%o5,%o4
-	add	%o4,%g2,%o4
-	stuw	%o4,[%o0+8]
-	retl
-	srlx	%o4,32,%o0
-
-.type	bn_mul_add_words,#function
-.size	bn_mul_add_words,(.-bn_mul_add_words)
-
-.align	32
-
-.global bn_mul_words
-/*
- * BN_ULONG bn_mul_words(rp,ap,num,w)
- * BN_ULONG *rp,*ap;
- * int num;
- * BN_ULONG w;
- */
-bn_mul_words:
-	sra	%o2,%g0,%o2	! signx %o2
-	brgz,a	%o2,.L_bn_mul_words_proceeed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-	nop
-	nop
-	nop
-
-.L_bn_mul_words_proceeed:
-	srl	%o3,%g0,%o3	! clruw	%o3
-	andcc	%o2,-4,%g0
-	bz,pn	%icc,.L_bn_mul_words_tail
-	clr	%o5
-
-.L_bn_mul_words_loop:		! wow! 32 aligned!
-	lduw	[%o1+4],%g3
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	nop
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g3,%g3
-	add	%g3,%o5,%o4
-	dec	4,%o2
-	stuw	%o4,[%o0+4]
-	srlx	%o4,32,%o5
-
-	lduw	[%o1+12],%g3
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	inc	16,%o1
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-
-	mulx	%o3,%g3,%g3
-	add	%g3,%o5,%o4
-	inc	16,%o0
-	stuw	%o4,[%o0-4]
-	srlx	%o4,32,%o5
-	andcc	%o2,-4,%g0
-	bnz,a,pt	%icc,.L_bn_mul_words_loop
-	lduw	[%o1],%g2
-	nop
-	nop
-
-	brnz,a,pn	%o2,.L_bn_mul_words_tail
-	lduw	[%o1],%g2
-.L_bn_mul_words_return:
-	retl
-	mov	%o5,%o0
-
-.L_bn_mul_words_tail:
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	dec	%o2
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_words_return
-	stuw	%o4,[%o0]
-
-	lduw	[%o1+4],%g2
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	dec	%o2
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_mul_words_return
-	stuw	%o4,[%o0+4]
-
-	lduw	[%o1+8],%g2
-	mulx	%o3,%g2,%g2
-	add	%g2,%o5,%o4
-	stuw	%o4,[%o0+8]
-	retl
-	srlx	%o4,32,%o0
-
-.type	bn_mul_words,#function
-.size	bn_mul_words,(.-bn_mul_words)
-
-.align  32
-.global	bn_sqr_words
-/*
- * void bn_sqr_words(r,a,n)
- * BN_ULONG *r,*a;
- * int n;
- */
-bn_sqr_words:
-	sra	%o2,%g0,%o2	! signx %o2
-	brgz,a	%o2,.L_bn_sqr_words_proceeed
-	lduw	[%o1],%g2
-	retl
-	clr	%o0
-	nop
-	nop
-	nop
-
-.L_bn_sqr_words_proceeed:
-	andcc	%o2,-4,%g0
-	nop
-	bz,pn	%icc,.L_bn_sqr_words_tail
-	nop
-
-.L_bn_sqr_words_loop:		! wow! 32 aligned!
-	lduw	[%o1+4],%g3
-	mulx	%g2,%g2,%o4
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-	stuw	%o5,[%o0+4]
-	nop
-
-	lduw	[%o1+8],%g2
-	mulx	%g3,%g3,%o4
-	dec	4,%o2
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-	stuw	%o5,[%o0+12]
-
-	lduw	[%o1+12],%g3
-	mulx	%g2,%g2,%o4
-	srlx	%o4,32,%o5
-	stuw	%o4,[%o0+16]
-	inc	16,%o1
-	stuw	%o5,[%o0+20]
-
-	mulx	%g3,%g3,%o4
-	inc	32,%o0
-	stuw	%o4,[%o0-8]
-	srlx	%o4,32,%o5
-	andcc	%o2,-4,%g2
-	stuw	%o5,[%o0-4]
-	bnz,a,pt	%icc,.L_bn_sqr_words_loop
-	lduw	[%o1],%g2
-	nop
-
-	brnz,a,pn	%o2,.L_bn_sqr_words_tail
-	lduw	[%o1],%g2
-.L_bn_sqr_words_return:
-	retl
-	clr	%o0
-
-.L_bn_sqr_words_tail:
-	mulx	%g2,%g2,%o4
-	dec	%o2
-	stuw	%o4,[%o0]
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_sqr_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+4],%g2
-	mulx	%g2,%g2,%o4
-	dec	%o2
-	stuw	%o4,[%o0+8]
-	srlx	%o4,32,%o5
-	brz,pt	%o2,.L_bn_sqr_words_return
-	stuw	%o5,[%o0+12]
-
-	lduw	[%o1+8],%g2
-	mulx	%g2,%g2,%o4
-	srlx	%o4,32,%o5
-	stuw	%o4,[%o0+16]
-	stuw	%o5,[%o0+20]
-	retl
-	clr	%o0
-
-.type	bn_sqr_words,#function
-.size	bn_sqr_words,(.-bn_sqr_words)
-
-.align	32
-.global bn_div_words
-/*
- * BN_ULONG bn_div_words(h,l,d)
- * BN_ULONG h,l,d;
- */
-bn_div_words:
-	sllx	%o0,32,%o0
-	or	%o0,%o1,%o0
-	udivx	%o0,%o2,%o0
-	retl
-	srl	%o0,%g0,%o0	! clruw	%o0
-
-.type	bn_div_words,#function
-.size	bn_div_words,(.-bn_div_words)
-
-.align	32
-
-.global bn_add_words
-/*
- * BN_ULONG bn_add_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_add_words:
-	sra	%o3,%g0,%o3	! signx %o3
-	brgz,a	%o3,.L_bn_add_words_proceed
-	lduw	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_add_words_proceed:
-	andcc	%o3,-4,%g0
-	bz,pn	%icc,.L_bn_add_words_tail
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_add_words_loop:		! wow! 32 aligned!
-	dec	4,%o3
-	lduw	[%o2],%o5
-	lduw	[%o1+4],%g1
-	lduw	[%o2+4],%g2
-	lduw	[%o1+8],%g3
-	lduw	[%o2+8],%g4
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+12],%o4
-	lduw	[%o2+12],%o5
-	inc	16,%o1
-	addccc	%g1,%g2,%g1
-	stuw	%g1,[%o0+4]
-	
-	inc	16,%o2
-	addccc	%g3,%g4,%g3
-	stuw	%g3,[%o0+8]
-
-	inc	16,%o0
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0-4]
-	and	%o3,-4,%g1
-	brnz,a,pt	%g1,.L_bn_add_words_loop
-	lduw	[%o1],%o4
-
-	brnz,a,pn	%o3,.L_bn_add_words_tail
-	lduw	[%o1],%o4
-.L_bn_add_words_return:
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-	nop
-
-.L_bn_add_words_tail:
-	lduw	[%o2],%o5
-	dec	%o3
-	addccc	%o5,%o4,%o5
-	brz,pt	%o3,.L_bn_add_words_return
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+4],%o4
-	lduw	[%o2+4],%o5
-	dec	%o3
-	addccc	%o5,%o4,%o5
-	brz,pt	%o3,.L_bn_add_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+8],%o4
-	lduw	[%o2+8],%o5
-	addccc	%o5,%o4,%o5
-	stuw	%o5,[%o0+8]
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-
-.type	bn_add_words,#function
-.size	bn_add_words,(.-bn_add_words)
-
-.global bn_sub_words
-/*
- * BN_ULONG bn_sub_words(rp,ap,bp,n)
- * BN_ULONG *rp,*ap,*bp;
- * int n;
- */
-bn_sub_words:
-	sra	%o3,%g0,%o3	! signx %o3
-	brgz,a	%o3,.L_bn_sub_words_proceed
-	lduw	[%o1],%o4
-	retl
-	clr	%o0
-
-.L_bn_sub_words_proceed:
-	andcc	%o3,-4,%g0
-	bz,pn	%icc,.L_bn_sub_words_tail
-	addcc	%g0,0,%g0	! clear carry flag
-
-.L_bn_sub_words_loop:		! wow! 32 aligned!
-	dec	4,%o3
-	lduw	[%o2],%o5
-	lduw	[%o1+4],%g1
-	lduw	[%o2+4],%g2
-	lduw	[%o1+8],%g3
-	lduw	[%o2+8],%g4
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+12],%o4
-	lduw	[%o2+12],%o5
-	inc	16,%o1
-	subccc	%g1,%g2,%g2
-	stuw	%g2,[%o0+4]
-
-	inc	16,%o2
-	subccc	%g3,%g4,%g4
-	stuw	%g4,[%o0+8]
-
-	inc	16,%o0
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0-4]
-	and	%o3,-4,%g1
-	brnz,a,pt	%g1,.L_bn_sub_words_loop
-	lduw	[%o1],%o4
-
-	brnz,a,pn	%o3,.L_bn_sub_words_tail
-	lduw	[%o1],%o4
-.L_bn_sub_words_return:
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-	nop
-
-.L_bn_sub_words_tail:		! wow! 32 aligned!
-	lduw	[%o2],%o5
-	dec	%o3
-	subccc	%o4,%o5,%o5
-	brz,pt	%o3,.L_bn_sub_words_return
-	stuw	%o5,[%o0]
-
-	lduw	[%o1+4],%o4
-	lduw	[%o2+4],%o5
-	dec	%o3
-	subccc	%o4,%o5,%o5
-	brz,pt	%o3,.L_bn_sub_words_return
-	stuw	%o5,[%o0+4]
-
-	lduw	[%o1+8],%o4
-	lduw	[%o2+8],%o5
-	subccc	%o4,%o5,%o5
-	stuw	%o5,[%o0+8]
-	clr	%o0
-	retl
-	movcs	%icc,1,%o0
-
-.type	bn_sub_words,#function
-.size	bn_sub_words,(.-bn_sub_words)
-
-/*
- * Code below depends on the fact that upper parts of the %l0-%l7
- * and %i0-%i7 are zeroed by kernel after context switch. In
- * previous versions this comment stated that "the trouble is that
- * it's not feasible to implement the mumbo-jumbo in less V9
- * instructions:-(" which apparently isn't true thanks to
- * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
- * results not from the shorter code, but from elimination of
- * multicycle none-pairable 'rd %y,%rd' instructions.
- *
- *							Andy.
- */
-
-/*
- * Here is register usage map for *all* routines below.
- */
-#define t_1	%o0
-#define	t_2	%o1
-#define c_12	%o2
-#define c_3	%o3
-
-#define ap(I)	[%i1+4*I]
-#define bp(I)	[%i2+4*I]
-#define rp(I)	[%i0+4*I]
-
-#define	a_0	%l0
-#define	a_1	%l1
-#define	a_2	%l2
-#define	a_3	%l3
-#define	a_4	%l4
-#define	a_5	%l5
-#define	a_6	%l6
-#define	a_7	%l7
-
-#define	b_0	%i3
-#define	b_1	%i4
-#define	b_2	%i5
-#define	b_3	%o4
-#define	b_4	%o5
-#define	b_5	%o7
-#define	b_6	%g1
-#define	b_7	%g4
-
-.align	32
-.global bn_mul_comba8
-/*
- * void bn_mul_comba8(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	bp(0),b_0	!=
-	lduw	bp(1),b_1
-	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!=!r[0]=c1;
-
-	lduw	ap(1),a_1
-	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(2),a_2
-	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(2),b_2	!=
-	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(3),b_3
-	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(4),a_4
-	mulx	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_1,t_1	!=!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(4),b_4	!=
-	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(5),b_5
-	mulx	a_0,b_4,t_1	!mul_add_c(a[0],b[4],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(5),a_5
-	mulx	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(6),a_6
-	mulx	a_5,b_0,t_1	!=!mul_add_c(a[5],b[0],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,b_2,t_1	!=!mul_add_c(a[4],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_3,t_1	!=!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_4,t_1	!=!mul_add_c(a[2],b[4],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(6),b_6	!=
-	mulx	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(7),b_7
-	mulx	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_4,t_1	!mul_add_c(a[3],b[4],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(7),a_7
-	mulx	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_7,b_0,t_1	!=!mul_add_c(a[7],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(7)	!r[7]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,b_1,t_1	!=!mul_add_c(a[7],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_6,b_2,t_1	!mul_add_c(a[6],b[2],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_2,b_6,t_1	!mul_add_c(a[2],b[6],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(8)	!r[8]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_7,t_1	!=!mul_add_c(a[2],b[7],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	mulx	a_3,b_6,t_1	!mul_add_c(a[3],b[6],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_2,t_1	!mul_add_c(a[7],b[2],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(9)	!r[9]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_5,t_1	!mul_add_c(a[5],b[5],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(10)	!r[10]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_4,b_7,t_1	!mul_add_c(a[4],b[7],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(11)	!r[11]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(12)	!r[12]=c1;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	st	t_1,rp(13)	!r[13]=c2;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_7,b_7,t_1	!mul_add_c(a[7],b[7],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(14)	!r[14]=c3;
-	stuw	c_12,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0	!=
-
-.type	bn_mul_comba8,#function
-.size	bn_mul_comba8,(.-bn_mul_comba8)
-
-.align	32
-
-.global bn_mul_comba4
-/*
- * void bn_mul_comba4(r,a,b)
- * BN_ULONG *r,*a,*b;
- */
-bn_mul_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	lduw	ap(0),a_0
-	mov	1,t_2
-	lduw	bp(0),b_0
-	sllx	t_2,32,t_2	!=
-	lduw	bp(1),b_1
-	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!=!r[0]=c1;
-
-	lduw	ap(1),a_1
-	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(2),a_2
-	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
-	addcc	c_12,t_1,c_12	!=
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	bp(2),b_2	!=
-	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3	!=
-	lduw	bp(3),b_3
-	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12	!=
-
-	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	mulx	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8	!=
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(3)	!=!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
-	addcc	c_12,t_1,c_12	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!=!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3		!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
-	addcc	c_12,t_1,t_1	!=
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!=!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12	!=
-	stuw	t_1,rp(6)	!r[6]=c1;
-	stuw	c_12,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_mul_comba4,#function
-.size	bn_mul_comba4,(.-bn_mul_comba4)
-
-.align	32
-
-.global bn_sqr_comba8
-bn_sqr_comba8:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	ap(1),a_1
-	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!r[0]=c1;
-
-	lduw	ap(2),a_2
-	mulx	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(4),a_4
-	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	st	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(5),a_5
-	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(6),a_6
-	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(7),a_7
-	mulx	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(7)	!r[7]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(8)	!r[8]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(9)	!r[9]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(10)	!r[10]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_4,a_7,t_1	!sqr_add_c2(a,7,4,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_5,a_6,t_1	!sqr_add_c2(a,6,5,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(11)	!r[11]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(12)	!r[12]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(13)	!r[13]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(14)	!r[14]=c3;
-	stuw	c_12,rp(15)	!r[15]=c1;
-
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba8,#function
-.size	bn_sqr_comba8,(.-bn_sqr_comba8)
-
-.align	32
-
-.global bn_sqr_comba4
-/*
- * void bn_sqr_comba4(r,a)
- * BN_ULONG *r,*a;
- */
-bn_sqr_comba4:
-	save	%sp,FRAME_SIZE,%sp
-	mov	1,t_2
-	lduw	ap(0),a_0
-	sllx	t_2,32,t_2
-	lduw	ap(1),a_1
-	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(0)	!r[0]=c1;
-
-	lduw	ap(2),a_2
-	mulx	a_0,a_1,t_1	!sqr_add_c2(a,1,0,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(1)	!r[1]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	lduw	ap(3),a_3
-	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(2)	!r[2]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(3)	!r[3]=c1;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,c_12
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(4)	!r[4]=c2;
-	or	c_12,c_3,c_12
-
-	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
-	addcc	c_12,t_1,c_12
-	clr	c_3
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	addcc	c_12,t_1,t_1
-	bcs,a	%xcc,.+8
-	add	c_3,t_2,c_3
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(5)	!r[5]=c3;
-	or	c_12,c_3,c_12
-
-	mulx	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
-	addcc	c_12,t_1,t_1
-	srlx	t_1,32,c_12
-	stuw	t_1,rp(6)	!r[6]=c1;
-	stuw	c_12,rp(7)	!r[7]=c2;
-	
-	ret
-	restore	%g0,%g0,%o0
-
-.type	bn_sqr_comba4,#function
-.size	bn_sqr_comba4,(.-bn_sqr_comba4)
-
-.align	32
diff --git a/lib/libssl/src/crypto/bn/asm/sparcv9-mont.pl b/lib/libssl/src/crypto/bn/asm/sparcv9-mont.pl
deleted file mode 100644
index b8fb1e8a25d..00000000000
--- a/lib/libssl/src/crypto/bn/asm/sparcv9-mont.pl
+++ /dev/null
@@ -1,606 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# December 2005
-#
-# Pure SPARCv9/8+ and IALU-only bn_mul_mont implementation. The reasons
-# for undertaken effort are multiple. First of all, UltraSPARC is not
-# the whole SPARCv9 universe and other VIS-free implementations deserve
-# optimized code as much. Secondly, newly introduced UltraSPARC T1,
-# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
-# such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
-# several integrated RSA/DSA accelerator circuits accessible through
-# kernel driver [only(*)], but having decent user-land software
-# implementation is important too. Finally, reasons like desire to
-# experiment with dedicated squaring procedure. Yes, this module
-# implements one, because it was easiest to draft it in SPARCv9
-# instructions...
-
-# (*)	Engine accessing the driver in question is on my TODO list.
-#	For reference, acceleator is estimated to give 6 to 10 times
-#	improvement on single-threaded RSA sign. It should be noted
-#	that 6-10x improvement coefficient does not actually mean
-#	something extraordinary in terms of absolute [single-threaded]
-#	performance, as SPARCv9 instruction set is by all means least
-#	suitable for high performance crypto among other 64 bit
-#	platforms. 6-10x factor simply places T1 in same performance
-#	domain as say AMD64 and IA-64. Improvement of RSA verify don't
-#	appear impressive at all, but it's the sign operation which is
-#	far more critical/interesting.
-
-# You might notice that inner loops are modulo-scheduled:-) This has
-# essentially negligible impact on UltraSPARC performance, it's
-# Fujitsu SPARC64 V users who should notice and hopefully appreciate
-# the advantage... Currently this module surpasses sparcv9a-mont.pl
-# by ~20% on UltraSPARC-III and later cores, but recall that sparcv9a
-# module still have hidden potential [see TODO list there], which is
-# estimated to be larger than 20%...
-
-# int bn_mul_mont(
-$rp="%i0";	# BN_ULONG *rp,
-$ap="%i1";	# const BN_ULONG *ap,
-$bp="%i2";	# const BN_ULONG *bp,
-$np="%i3";	# const BN_ULONG *np,
-$n0="%i4";	# const BN_ULONG *n0,
-$num="%i5";	# int num);
-
-$bits=32;
-for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)	{ $bias=2047; $frame=192; }
-else		{ $bias=0;    $frame=128; }
-
-$car0="%o0";
-$car1="%o1";
-$car2="%o2";	# 1 bit
-$acc0="%o3";
-$acc1="%o4";
-$mask="%g1";	# 32 bits, what a waste...
-$tmp0="%g4";
-$tmp1="%g5";
-
-$i="%l0";
-$j="%l1";
-$mul0="%l2";
-$mul1="%l3";
-$tp="%l4";
-$apj="%l5";
-$npj="%l6";
-$tpj="%l7";
-
-$fname="bn_mul_mont_int";
-
-$code=<<___;
-.section	".text",#alloc,#execinstr
-
-.global	$fname
-.align	32
-$fname:
-	cmp	%o5,4			! 128 bits minimum
-	bge,pt	%icc,.Lenter
-	sethi	%hi(0xffffffff),$mask
-	retl
-	clr	%o0
-.align	32
-.Lenter:
-	save	%sp,-$frame,%sp
-	sll	$num,2,$num		! num*=4
-	or	$mask,%lo(0xffffffff),$mask
-	ld	[$n0],$n0
-	cmp	$ap,$bp
-	and	$num,$mask,$num
-	ld	[$bp],$mul0		! bp[0]
-	nop
-
-	add	%sp,$bias,%o7		! real top of stack
-	ld	[$ap],$car0		! ap[0] ! redundant in squaring context
-	sub	%o7,$num,%o7
-	ld	[$ap+4],$apj		! ap[1]
-	and	%o7,-1024,%o7
-	ld	[$np],$car1		! np[0]
-	sub	%o7,$bias,%sp		! alloca
-	ld	[$np+4],$npj		! np[1]
-	be,pt	`$bits==32?"%icc":"%xcc"`,.Lbn_sqr_mont
-	mov	12,$j
-
-	mulx	$car0,$mul0,$car0	! ap[0]*bp[0]
-	mulx	$apj,$mul0,$tmp0	!prologue! ap[1]*bp[0]
-	and	$car0,$mask,$acc0
-	add	%sp,$bias+$frame,$tp
-	ld	[$ap+8],$apj		!prologue!
-
-	mulx	$n0,$acc0,$mul1		! "t[0]"*n0
-	and	$mul1,$mask,$mul1
-
-	mulx	$car1,$mul1,$car1	! np[0]*"t[0]"*n0
-	mulx	$npj,$mul1,$acc1	!prologue! np[1]*"t[0]"*n0
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	ld	[$np+8],$npj		!prologue!
-	srlx	$car1,32,$car1
-	mov	$tmp0,$acc0		!prologue!
-
-.L1st:
-	mulx	$apj,$mul0,$tmp0
-	mulx	$npj,$mul1,$tmp1
-	add	$acc0,$car0,$car0
-	ld	[$ap+$j],$apj		! ap[j]
-	and	$car0,$mask,$acc0
-	add	$acc1,$car1,$car1
-	ld	[$np+$j],$npj		! np[j]
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	add	$j,4,$j			! j++
-	mov	$tmp0,$acc0
-	st	$car1,[$tp]
-	cmp	$j,$num
-	mov	$tmp1,$acc1
-	srlx	$car1,32,$car1
-	bl	%icc,.L1st
-	add	$tp,4,$tp		! tp++
-!.L1st
-
-	mulx	$apj,$mul0,$tmp0	!epilogue!
-	mulx	$npj,$mul1,$tmp1
-	add	$acc0,$car0,$car0
-	and	$car0,$mask,$acc0
-	add	$acc1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-
-	add	$tmp0,$car0,$car0
-	and	$car0,$mask,$acc0
-	add	$tmp1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp+4]
-	srlx	$car1,32,$car1
-
-	add	$car0,$car1,$car1
-	st	$car1,[$tp+8]
-	srlx	$car1,32,$car2
-
-	mov	4,$i			! i++
-	ld	[$bp+4],$mul0		! bp[1]
-.Louter:
-	add	%sp,$bias+$frame,$tp
-	ld	[$ap],$car0		! ap[0]
-	ld	[$ap+4],$apj		! ap[1]
-	ld	[$np],$car1		! np[0]
-	ld	[$np+4],$npj		! np[1]
-	ld	[$tp],$tmp1		! tp[0]
-	ld	[$tp+4],$tpj		! tp[1]
-	mov	12,$j
-
-	mulx	$car0,$mul0,$car0
-	mulx	$apj,$mul0,$tmp0	!prologue!
-	add	$tmp1,$car0,$car0
-	ld	[$ap+8],$apj		!prologue!
-	and	$car0,$mask,$acc0
-
-	mulx	$n0,$acc0,$mul1
-	and	$mul1,$mask,$mul1
-
-	mulx	$car1,$mul1,$car1
-	mulx	$npj,$mul1,$acc1	!prologue!
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	ld	[$np+8],$npj		!prologue!
-	srlx	$car1,32,$car1
-	mov	$tmp0,$acc0		!prologue!
-
-.Linner:
-	mulx	$apj,$mul0,$tmp0
-	mulx	$npj,$mul1,$tmp1
-	add	$tpj,$car0,$car0
-	ld	[$ap+$j],$apj		! ap[j]
-	add	$acc0,$car0,$car0
-	add	$acc1,$car1,$car1
-	ld	[$np+$j],$npj		! np[j]
-	and	$car0,$mask,$acc0
-	ld	[$tp+8],$tpj		! tp[j]
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	add	$j,4,$j			! j++
-	mov	$tmp0,$acc0
-	st	$car1,[$tp]		! tp[j-1]
-	srlx	$car1,32,$car1
-	mov	$tmp1,$acc1
-	cmp	$j,$num
-	bl	%icc,.Linner
-	add	$tp,4,$tp		! tp++
-!.Linner
-
-	mulx	$apj,$mul0,$tmp0	!epilogue!
-	mulx	$npj,$mul1,$tmp1
-	add	$tpj,$car0,$car0
-	add	$acc0,$car0,$car0
-	ld	[$tp+8],$tpj		! tp[j]
-	and	$car0,$mask,$acc0
-	add	$acc1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]		! tp[j-1]
-	srlx	$car1,32,$car1
-
-	add	$tpj,$car0,$car0
-	add	$tmp0,$car0,$car0
-	and	$car0,$mask,$acc0
-	add	$tmp1,$car1,$car1
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp+4]		! tp[j-1]
-	srlx	$car0,32,$car0
-	add	$i,4,$i			! i++
-	srlx	$car1,32,$car1
-
-	add	$car0,$car1,$car1
-	cmp	$i,$num
-	add	$car2,$car1,$car1
-	st	$car1,[$tp+8]
-
-	srlx	$car1,32,$car2
-	bl,a	%icc,.Louter
-	ld	[$bp+$i],$mul0		! bp[i]
-!.Louter
-
-	add	$tp,12,$tp
-
-.Ltail:
-	add	$np,$num,$np
-	add	$rp,$num,$rp
-	mov	$tp,$ap
-	sub	%g0,$num,%o7		! k=-num
-	ba	.Lsub
-	subcc	%g0,%g0,%g0		! clear %icc.c
-.align	16
-.Lsub:
-	ld	[$tp+%o7],%o0
-	ld	[$np+%o7],%o1
-	subccc	%o0,%o1,%o1		! tp[j]-np[j]
-	add	$rp,%o7,$i
-	add	%o7,4,%o7
-	brnz	%o7,.Lsub
-	st	%o1,[$i]
-	subc	$car2,0,$car2		! handle upmost overflow bit
-	and	$tp,$car2,$ap
-	andn	$rp,$car2,$np
-	or	$ap,$np,$ap
-	sub	%g0,$num,%o7
-
-.Lcopy:
-	ld	[$ap+%o7],%o0		! copy or in-place refresh
-	st	%g0,[$tp+%o7]		! zap tp
-	st	%o0,[$rp+%o7]
-	add	%o7,4,%o7
-	brnz	%o7,.Lcopy
-	nop
-	mov	1,%i0
-	ret
-	restore
-___
-
-########
-######## .Lbn_sqr_mont gives up to 20% *overall* improvement over
-######## code without following dedicated squaring procedure.
-########
-$sbit="%i2";		# re-use $bp!
-
-$code.=<<___;
-.align	32
-.Lbn_sqr_mont:
-	mulx	$mul0,$mul0,$car0		! ap[0]*ap[0]
-	mulx	$apj,$mul0,$tmp0		!prologue!
-	and	$car0,$mask,$acc0
-	add	%sp,$bias+$frame,$tp
-	ld	[$ap+8],$apj			!prologue!
-
-	mulx	$n0,$acc0,$mul1			! "t[0]"*n0
-	srlx	$car0,32,$car0
-	and	$mul1,$mask,$mul1
-
-	mulx	$car1,$mul1,$car1		! np[0]*"t[0]"*n0
-	mulx	$npj,$mul1,$acc1		!prologue!
-	and	$car0,1,$sbit
-	ld	[$np+8],$npj			!prologue!
-	srlx	$car0,1,$car0
-	add	$acc0,$car1,$car1
-	srlx	$car1,32,$car1
-	mov	$tmp0,$acc0			!prologue!
-
-.Lsqr_1st:
-	mulx	$apj,$mul0,$tmp0
-	mulx	$npj,$mul1,$tmp1
-	add	$acc0,$car0,$car0		! ap[j]*a0+c0
-	add	$acc1,$car1,$car1
-	ld	[$ap+$j],$apj			! ap[j]
-	and	$car0,$mask,$acc0
-	ld	[$np+$j],$npj			! np[j]
-	srlx	$car0,32,$car0
-	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
-	mov	$tmp1,$acc1
-	srlx	$acc0,32,$sbit
-	add	$j,4,$j				! j++
-	and	$acc0,$mask,$acc0
-	cmp	$j,$num
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]
-	mov	$tmp0,$acc0
-	srlx	$car1,32,$car1
-	bl	%icc,.Lsqr_1st
-	add	$tp,4,$tp			! tp++
-!.Lsqr_1st
-
-	mulx	$apj,$mul0,$tmp0		! epilogue
-	mulx	$npj,$mul1,$tmp1
-	add	$acc0,$car0,$car0		! ap[j]*a0+c0
-	add	$acc1,$car1,$car1
-	and	$car0,$mask,$acc0
-	srlx	$car0,32,$car0
-	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-
-	add	$tmp0,$car0,$car0		! ap[j]*a0+c0
-	add	$tmp1,$car1,$car1
-	and	$car0,$mask,$acc0
-	srlx	$car0,32,$car0
-	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp+4]
-	srlx	$car1,32,$car1
-
-	add	$car0,$car0,$car0
-	or	$sbit,$car0,$car0
-	add	$car0,$car1,$car1
-	st	$car1,[$tp+8]
-	srlx	$car1,32,$car2
-
-	ld	[%sp+$bias+$frame],$tmp0	! tp[0]
-	ld	[%sp+$bias+$frame+4],$tmp1	! tp[1]
-	ld	[%sp+$bias+$frame+8],$tpj	! tp[2]
-	ld	[$ap+4],$mul0			! ap[1]
-	ld	[$ap+8],$apj			! ap[2]
-	ld	[$np],$car1			! np[0]
-	ld	[$np+4],$npj			! np[1]
-	mulx	$n0,$tmp0,$mul1
-
-	mulx	$mul0,$mul0,$car0
-	and	$mul1,$mask,$mul1
-
-	mulx	$car1,$mul1,$car1
-	mulx	$npj,$mul1,$acc1
-	add	$tmp0,$car1,$car1
-	and	$car0,$mask,$acc0
-	ld	[$np+8],$npj			! np[2]
-	srlx	$car1,32,$car1
-	add	$tmp1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	$acc0,$car1,$car1
-	and	$car0,1,$sbit
-	add	$acc1,$car1,$car1
-	srlx	$car0,1,$car0
-	mov	12,$j
-	st	$car1,[%sp+$bias+$frame]	! tp[0]=
-	srlx	$car1,32,$car1
-	add	%sp,$bias+$frame+4,$tp
-
-.Lsqr_2nd:
-	mulx	$apj,$mul0,$acc0
-	mulx	$npj,$mul1,$acc1
-	add	$acc0,$car0,$car0
-	add	$tpj,$car1,$car1
-	ld	[$ap+$j],$apj			! ap[j]
-	and	$car0,$mask,$acc0
-	ld	[$np+$j],$npj			! np[j]
-	srlx	$car0,32,$car0
-	add	$acc1,$car1,$car1
-	ld	[$tp+8],$tpj			! tp[j]
-	add	$acc0,$acc0,$acc0
-	add	$j,4,$j				! j++
-	or	$sbit,$acc0,$acc0
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	cmp	$j,$num
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]			! tp[j-1]
-	srlx	$car1,32,$car1
-	bl	%icc,.Lsqr_2nd
-	add	$tp,4,$tp			! tp++
-!.Lsqr_2nd
-
-	mulx	$apj,$mul0,$acc0
-	mulx	$npj,$mul1,$acc1
-	add	$acc0,$car0,$car0
-	add	$tpj,$car1,$car1
-	and	$car0,$mask,$acc0
-	srlx	$car0,32,$car0
-	add	$acc1,$car1,$car1
-	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	add	$acc0,$car1,$car1
-	st	$car1,[$tp]			! tp[j-1]
-	srlx	$car1,32,$car1
-
-	add	$car0,$car0,$car0
-	or	$sbit,$car0,$car0
-	add	$car0,$car1,$car1
-	add	$car2,$car1,$car1
-	st	$car1,[$tp+4]
-	srlx	$car1,32,$car2
-
-	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
-	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
-	ld	[$ap+8],$mul0			! ap[2]
-	ld	[$np],$car1			! np[0]
-	ld	[$np+4],$npj			! np[1]
-	mulx	$n0,$tmp1,$mul1
-	and	$mul1,$mask,$mul1
-	mov	8,$i
-
-	mulx	$mul0,$mul0,$car0
-	mulx	$car1,$mul1,$car1
-	and	$car0,$mask,$acc0
-	add	$tmp1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	%sp,$bias+$frame,$tp
-	srlx	$car1,32,$car1
-	and	$car0,1,$sbit
-	srlx	$car0,1,$car0
-	mov	4,$j
-
-.Lsqr_outer:
-.Lsqr_inner1:
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	add	$j,4,$j
-	ld	[$tp+8],$tpj
-	cmp	$j,$i
-	add	$acc1,$car1,$car1
-	ld	[$np+$j],$npj
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-	bl	%icc,.Lsqr_inner1
-	add	$tp,4,$tp
-!.Lsqr_inner1
-
-	add	$j,4,$j
-	ld	[$ap+$j],$apj			! ap[j]
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	ld	[$np+$j],$npj			! np[j]
-	add	$acc0,$car1,$car1
-	ld	[$tp+8],$tpj			! tp[j]
-	add	$acc1,$car1,$car1
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-
-	add	$j,4,$j
-	cmp	$j,$num
-	be,pn	%icc,.Lsqr_no_inner2
-	add	$tp,4,$tp
-
-.Lsqr_inner2:
-	mulx	$apj,$mul0,$acc0
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	add	$acc0,$car0,$car0
-	ld	[$ap+$j],$apj			! ap[j]
-	and	$car0,$mask,$acc0
-	ld	[$np+$j],$npj			! np[j]
-	srlx	$car0,32,$car0
-	add	$acc0,$acc0,$acc0
-	ld	[$tp+8],$tpj			! tp[j]
-	or	$sbit,$acc0,$acc0
-	add	$j,4,$j				! j++
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	cmp	$j,$num
-	add	$acc0,$car1,$car1
-	add	$acc1,$car1,$car1
-	st	$car1,[$tp]			! tp[j-1]
-	srlx	$car1,32,$car1
-	bl	%icc,.Lsqr_inner2
-	add	$tp,4,$tp			! tp++
-
-.Lsqr_no_inner2:
-	mulx	$apj,$mul0,$acc0
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	add	$acc0,$car0,$car0
-	and	$car0,$mask,$acc0
-	srlx	$car0,32,$car0
-	add	$acc0,$acc0,$acc0
-	or	$sbit,$acc0,$acc0
-	srlx	$acc0,32,$sbit
-	and	$acc0,$mask,$acc0
-	add	$acc0,$car1,$car1
-	add	$acc1,$car1,$car1
-	st	$car1,[$tp]			! tp[j-1]
-	srlx	$car1,32,$car1
-
-	add	$car0,$car0,$car0
-	or	$sbit,$car0,$car0
-	add	$car0,$car1,$car1
-	add	$car2,$car1,$car1
-	st	$car1,[$tp+4]
-	srlx	$car1,32,$car2
-
-	add	$i,4,$i				! i++
-	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
-	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
-	ld	[$ap+$i],$mul0			! ap[j]
-	ld	[$np],$car1			! np[0]
-	ld	[$np+4],$npj			! np[1]
-	mulx	$n0,$tmp1,$mul1
-	and	$mul1,$mask,$mul1
-	add	$i,4,$tmp0
-
-	mulx	$mul0,$mul0,$car0
-	mulx	$car1,$mul1,$car1
-	and	$car0,$mask,$acc0
-	add	$tmp1,$car1,$car1
-	srlx	$car0,32,$car0
-	add	%sp,$bias+$frame,$tp
-	srlx	$car1,32,$car1
-	and	$car0,1,$sbit
-	srlx	$car0,1,$car0
-
-	cmp	$tmp0,$num			! i<num-1
-	bl	%icc,.Lsqr_outer
-	mov	4,$j
-
-.Lsqr_last:
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	add	$j,4,$j
-	ld	[$tp+8],$tpj
-	cmp	$j,$i
-	add	$acc1,$car1,$car1
-	ld	[$np+$j],$npj
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-	bl	%icc,.Lsqr_last
-	add	$tp,4,$tp
-!.Lsqr_last
-
-	mulx	$npj,$mul1,$acc1
-	add	$tpj,$car1,$car1
-	add	$acc0,$car1,$car1
-	add	$acc1,$car1,$car1
-	st	$car1,[$tp]
-	srlx	$car1,32,$car1
-
-	add	$car0,$car0,$car0		! recover $car0
-	or	$sbit,$car0,$car0
-	add	$car0,$car1,$car1
-	add	$car2,$car1,$car1
-	st	$car1,[$tp+4]
-	srlx	$car1,32,$car2
-
-	ba	.Ltail
-	add	$tp,8,$tp
-.type	$fname,#function
-.size	$fname,(.-$fname)
-.asciz	"Montgomery Multipltication for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
-.align	32
-___
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/sparcv9a-mont.pl b/lib/libssl/src/crypto/bn/asm/sparcv9a-mont.pl
deleted file mode 100755
index a14205f2f00..00000000000
--- a/lib/libssl/src/crypto/bn/asm/sparcv9a-mont.pl
+++ /dev/null
@@ -1,882 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# October 2005
-#
-# "Teaser" Montgomery multiplication module for UltraSPARC. Why FPU?
-# Because unlike integer multiplier, which simply stalls whole CPU,
-# FPU is fully pipelined and can effectively emit 48 bit partial
-# product every cycle. Why not blended SPARC v9? One can argue that
-# making this module dependent on UltraSPARC VIS extension limits its
-# binary compatibility. Well yes, it does exclude SPARC64 prior-V(!)
-# implementations from compatibility matrix. But the rest, whole Sun
-# UltraSPARC family and brand new Fujitsu's SPARC64 V, all support
-# VIS extension instructions used in this module. This is considered
-# good enough to not care about HAL SPARC64 users [if any] who have
-# integer-only pure SPARCv9 module to "fall down" to.
-
-# USI&II cores currently exhibit uniform 2x improvement [over pre-
-# bn_mul_mont codebase] for all key lengths and benchmarks. On USIII
-# performance improves few percents for shorter keys and worsens few
-# percents for longer keys. This is because USIII integer multiplier
-# is >3x faster than USI&II one, which is harder to match [but see
-# TODO list below]. It should also be noted that SPARC64 V features
-# out-of-order execution, which *might* mean that integer multiplier
-# is pipelined, which in turn *might* be impossible to match... On
-# additional note, SPARC64 V implements FP Multiply-Add instruction,
-# which is perfectly usable in this context... In other words, as far
-# as Fujitsu SPARC64 V goes, talk to the author:-)
-
-# The implementation implies following "non-natural" limitations on
-# input arguments:
-# - num may not be less than 4;
-# - num has to be even;
-# Failure to meet either condition has no fatal effects, simply
-# doesn't give any performance gain.
-
-# TODO:
-# - modulo-schedule inner loop for better performance (on in-order
-#   execution core such as UltraSPARC this shall result in further
-#   noticeable(!) improvement);
-# - dedicated squaring procedure[?];
-
-######################################################################
-# November 2006
-#
-# Modulo-scheduled inner loops allow to interleave floating point and
-# integer instructions and minimize Read-After-Write penalties. This
-# results in *further* 20-50% perfromance improvement [depending on
-# key length, more for longer keys] on USI&II cores and 30-80% - on
-# USIII&IV.
-
-$fname="bn_mul_mont_fpu";
-$bits=32;
-for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-
-if ($bits==64) {
-	$bias=2047;
-	$frame=192;
-} else {
-	$bias=0;
-	$frame=128;	# 96 rounded up to largest known cache-line
-}
-$locals=64;
-
-# In order to provide for 32-/64-bit ABI duality, I keep integers wider
-# than 32 bit in %g1-%g4 and %o0-%o5. %l0-%l7 and %i0-%i5 are used
-# exclusively for pointers, indexes and other small values...
-# int bn_mul_mont(
-$rp="%i0";	# BN_ULONG *rp,
-$ap="%i1";	# const BN_ULONG *ap,
-$bp="%i2";	# const BN_ULONG *bp,
-$np="%i3";	# const BN_ULONG *np,
-$n0="%i4";	# const BN_ULONG *n0,
-$num="%i5";	# int num);
-
-$tp="%l0";	# t[num]
-$ap_l="%l1";	# a[num],n[num] are smashed to 32-bit words and saved
-$ap_h="%l2";	# to these four vectors as double-precision FP values.
-$np_l="%l3";	# This way a bunch of fxtods are eliminated in second
-$np_h="%l4";	# loop and L1-cache aliasing is minimized...
-$i="%l5";
-$j="%l6";
-$mask="%l7";	# 16-bit mask, 0xffff
-
-$n0="%g4";	# reassigned(!) to "64-bit" register
-$carry="%i4";	# %i4 reused(!) for a carry bit
-
-# FP register naming chart
-#
-#     ..HILO
-#       dcba
-#   --------
-#        LOa
-#       LOb
-#      LOc
-#     LOd
-#      HIa
-#     HIb
-#    HIc
-#   HId
-#    ..a
-#   ..b
-$ba="%f0";    $bb="%f2";    $bc="%f4";    $bd="%f6";
-$na="%f8";    $nb="%f10";   $nc="%f12";   $nd="%f14";
-$alo="%f16";  $alo_="%f17"; $ahi="%f18";  $ahi_="%f19";
-$nlo="%f20";  $nlo_="%f21"; $nhi="%f22";  $nhi_="%f23";
-
-$dota="%f24"; $dotb="%f26";
-
-$aloa="%f32"; $alob="%f34"; $aloc="%f36"; $alod="%f38";
-$ahia="%f40"; $ahib="%f42"; $ahic="%f44"; $ahid="%f46";
-$nloa="%f48"; $nlob="%f50"; $nloc="%f52"; $nlod="%f54";
-$nhia="%f56"; $nhib="%f58"; $nhic="%f60"; $nhid="%f62";
-
-$ASI_FL16_P=0xD2;	# magic ASI value to engage 16-bit FP load
-
-$code=<<___;
-.section	".text",#alloc,#execinstr
-
-.global $fname
-.align  32
-$fname:
-	save	%sp,-$frame-$locals,%sp
-
-	cmp	$num,4
-	bl,a,pn %icc,.Lret
-	clr	%i0
-	andcc	$num,1,%g0		! $num has to be even...
-	bnz,a,pn %icc,.Lret
-	clr	%i0			! signal "unsupported input value"
-
-	srl	$num,1,$num
-	sethi	%hi(0xffff),$mask
-	ld	[%i4+0],$n0		! $n0 reassigned, remember?
-	or	$mask,%lo(0xffff),$mask
-	ld	[%i4+4],%o0
-	sllx	%o0,32,%o0
-	or	%o0,$n0,$n0		! $n0=n0[1].n0[0]
-
-	sll	$num,3,$num		! num*=8
-
-	add	%sp,$bias,%o0		! real top of stack
-	sll	$num,2,%o1
-	add	%o1,$num,%o1		! %o1=num*5
-	sub	%o0,%o1,%o0
-	and	%o0,-2048,%o0		! optimize TLB utilization
-	sub	%o0,$bias,%sp		! alloca(5*num*8)
-
-	rd	%asi,%o7		! save %asi
-	add	%sp,$bias+$frame+$locals,$tp
-	add	$tp,$num,$ap_l
-	add	$ap_l,$num,$ap_l	! [an]p_[lh] point at the vectors' ends !
-	add	$ap_l,$num,$ap_h
-	add	$ap_h,$num,$np_l
-	add	$np_l,$num,$np_h
-
-	wr	%g0,$ASI_FL16_P,%asi	! setup %asi for 16-bit FP loads
-
-	add	$rp,$num,$rp		! readjust input pointers to point
-	add	$ap,$num,$ap		! at the ends too...
-	add	$bp,$num,$bp
-	add	$np,$num,$np
-
-	stx	%o7,[%sp+$bias+$frame+48]	! save %asi
-
-	sub	%g0,$num,$i		! i=-num
-	sub	%g0,$num,$j		! j=-num
-
-	add	$ap,$j,%o3
-	add	$bp,$i,%o4
-
-	ld	[%o3+4],%g1		! bp[0]
-	ld	[%o3+0],%o0
-	ld	[%o4+4],%g5		! ap[0]
-	sllx	%g1,32,%g1
-	ld	[%o4+0],%o1
-	sllx	%g5,32,%g5
-	or	%g1,%o0,%o0
-	or	%g5,%o1,%o1
-
-	add	$np,$j,%o5
-
-	mulx	%o1,%o0,%o0		! ap[0]*bp[0]
-	mulx	$n0,%o0,%o0		! ap[0]*bp[0]*n0
-	stx	%o0,[%sp+$bias+$frame+0]
-
-	ld	[%o3+0],$alo_	! load a[j] as pair of 32-bit words
-	fzeros	$alo
-	ld	[%o3+4],$ahi_
-	fzeros	$ahi
-	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
-	fzeros	$nlo
-	ld	[%o5+4],$nhi_
-	fzeros	$nhi
-
-	! transfer b[i] to FPU as 4x16-bit values
-	ldda	[%o4+2]%asi,$ba
-	fxtod	$alo,$alo
-	ldda	[%o4+0]%asi,$bb
-	fxtod	$ahi,$ahi
-	ldda	[%o4+6]%asi,$bc
-	fxtod	$nlo,$nlo
-	ldda	[%o4+4]%asi,$bd
-	fxtod	$nhi,$nhi
-
-	! transfer ap[0]*b[0]*n0 to FPU as 4x16-bit values
-	ldda	[%sp+$bias+$frame+6]%asi,$na
-	fxtod	$ba,$ba
-	ldda	[%sp+$bias+$frame+4]%asi,$nb
-	fxtod	$bb,$bb
-	ldda	[%sp+$bias+$frame+2]%asi,$nc
-	fxtod	$bc,$bc
-	ldda	[%sp+$bias+$frame+0]%asi,$nd
-	fxtod	$bd,$bd
-
-	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
-	fxtod	$na,$na
-	std	$ahi,[$ap_h+$j]
-	fxtod	$nb,$nb
-	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
-	fxtod	$nc,$nc
-	std	$nhi,[$np_h+$j]
-	fxtod	$nd,$nd
-
-		fmuld	$alo,$ba,$aloa
-		fmuld	$nlo,$na,$nloa
-		fmuld	$alo,$bb,$alob
-		fmuld	$nlo,$nb,$nlob
-		fmuld	$alo,$bc,$aloc
-	faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-		fmuld	$alo,$bd,$alod
-	faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-		fmuld	$ahi,$ba,$ahia
-	faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-		fmuld	$ahi,$bb,$ahib
-	faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-		fmuld	$ahi,$bc,$ahic
-	faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-		fmuld	$ahi,$bd,$ahid
-	faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-
-	faddd	$ahic,$nhic,$dota	! $nhic
-	faddd	$ahid,$nhid,$dotb	! $nhid
-
-	faddd	$nloc,$nhia,$nloc
-	faddd	$nlod,$nhib,$nlod
-
-	fdtox	$nloa,$nloa
-	fdtox	$nlob,$nlob
-	fdtox	$nloc,$nloc
-	fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	add	$j,8,$j
-	std	$nlob,[%sp+$bias+$frame+8]
-	add	$ap,$j,%o4
-	std	$nloc,[%sp+$bias+$frame+16]
-	add	$np,$j,%o5
-	std	$nlod,[%sp+$bias+$frame+24]
-
-	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
-	fzeros	$alo
-	ld	[%o4+4],$ahi_
-	fzeros	$ahi
-	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
-	fzeros	$nlo
-	ld	[%o5+4],$nhi_
-	fzeros	$nhi
-
-	fxtod	$alo,$alo
-	fxtod	$ahi,$ahi
-	fxtod	$nlo,$nlo
-	fxtod	$nhi,$nhi
-
-	ldx	[%sp+$bias+$frame+0],%o0
-		fmuld	$alo,$ba,$aloa
-	ldx	[%sp+$bias+$frame+8],%o1
-		fmuld	$nlo,$na,$nloa
-	ldx	[%sp+$bias+$frame+16],%o2
-		fmuld	$alo,$bb,$alob
-	ldx	[%sp+$bias+$frame+24],%o3
-		fmuld	$nlo,$nb,$nlob
-
-	srlx	%o0,16,%o7
-	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
-		fmuld	$alo,$bc,$aloc
-	add	%o7,%o1,%o1
-	std	$ahi,[$ap_h+$j]
-		faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-	srlx	%o1,16,%o7
-	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
-		fmuld	$alo,$bd,$alod
-	add	%o7,%o2,%o2
-	std	$nhi,[$np_h+$j]
-		faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-	srlx	%o2,16,%o7
-		fmuld	$ahi,$ba,$ahia
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-		faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-	!and	%o0,$mask,%o0
-	!and	%o1,$mask,%o1
-	!and	%o2,$mask,%o2
-	!sllx	%o1,16,%o1
-	!sllx	%o2,32,%o2
-	!sllx	%o3,48,%o7
-	!or	%o1,%o0,%o0
-	!or	%o2,%o0,%o0
-	!or	%o7,%o0,%o0		! 64-bit result
-	srlx	%o3,16,%g1		! 34-bit carry
-		fmuld	$ahi,$bb,$ahib
-
-	faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-		fmuld	$ahi,$bc,$ahic
-	faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-		fmuld	$ahi,$bd,$ahid
-	faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-
-	faddd	$dota,$nloa,$nloa
-	faddd	$dotb,$nlob,$nlob
-	faddd	$ahic,$nhic,$dota	! $nhic
-	faddd	$ahid,$nhid,$dotb	! $nhid
-
-	faddd	$nloc,$nhia,$nloc
-	faddd	$nlod,$nhib,$nlod
-
-	fdtox	$nloa,$nloa
-	fdtox	$nlob,$nlob
-	fdtox	$nloc,$nloc
-	fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	std	$nlob,[%sp+$bias+$frame+8]
-	addcc	$j,8,$j
-	std	$nloc,[%sp+$bias+$frame+16]
-	bz,pn	%icc,.L1stskip
-	std	$nlod,[%sp+$bias+$frame+24]
-
-.align	32			! incidentally already aligned !
-.L1st:
-	add	$ap,$j,%o4
-	add	$np,$j,%o5
-	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
-	fzeros	$alo
-	ld	[%o4+4],$ahi_
-	fzeros	$ahi
-	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
-	fzeros	$nlo
-	ld	[%o5+4],$nhi_
-	fzeros	$nhi
-
-	fxtod	$alo,$alo
-	fxtod	$ahi,$ahi
-	fxtod	$nlo,$nlo
-	fxtod	$nhi,$nhi
-
-	ldx	[%sp+$bias+$frame+0],%o0
-		fmuld	$alo,$ba,$aloa
-	ldx	[%sp+$bias+$frame+8],%o1
-		fmuld	$nlo,$na,$nloa
-	ldx	[%sp+$bias+$frame+16],%o2
-		fmuld	$alo,$bb,$alob
-	ldx	[%sp+$bias+$frame+24],%o3
-		fmuld	$nlo,$nb,$nlob
-
-	srlx	%o0,16,%o7
-	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
-		fmuld	$alo,$bc,$aloc
-	add	%o7,%o1,%o1
-	std	$ahi,[$ap_h+$j]
-		faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-	srlx	%o1,16,%o7
-	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
-		fmuld	$alo,$bd,$alod
-	add	%o7,%o2,%o2
-	std	$nhi,[$np_h+$j]
-		faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-	srlx	%o2,16,%o7
-		fmuld	$ahi,$ba,$ahia
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-	and	%o0,$mask,%o0
-		faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-	and	%o1,$mask,%o1
-	and	%o2,$mask,%o2
-		fmuld	$ahi,$bb,$ahib
-	sllx	%o1,16,%o1
-		faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-	sllx	%o2,32,%o2
-		fmuld	$ahi,$bc,$ahic
-	sllx	%o3,48,%o7
-	or	%o1,%o0,%o0
-		faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-	or	%o2,%o0,%o0
-		fmuld	$ahi,$bd,$ahid
-	or	%o7,%o0,%o0		! 64-bit result
-		faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-	addcc	%g1,%o0,%o0
-		faddd	$dota,$nloa,$nloa
-	srlx	%o3,16,%g1		! 34-bit carry
-		faddd	$dotb,$nlob,$nlob
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	stx	%o0,[$tp]		! tp[j-1]=
-
-	faddd	$ahic,$nhic,$dota	! $nhic
-	faddd	$ahid,$nhid,$dotb	! $nhid
-
-	faddd	$nloc,$nhia,$nloc
-	faddd	$nlod,$nhib,$nlod
-
-	fdtox	$nloa,$nloa
-	fdtox	$nlob,$nlob
-	fdtox	$nloc,$nloc
-	fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	std	$nlob,[%sp+$bias+$frame+8]
-	std	$nloc,[%sp+$bias+$frame+16]
-	std	$nlod,[%sp+$bias+$frame+24]
-
-	addcc	$j,8,$j
-	bnz,pt	%icc,.L1st
-	add	$tp,8,$tp
-
-.L1stskip:
-	fdtox	$dota,$dota
-	fdtox	$dotb,$dotb
-
-	ldx	[%sp+$bias+$frame+0],%o0
-	ldx	[%sp+$bias+$frame+8],%o1
-	ldx	[%sp+$bias+$frame+16],%o2
-	ldx	[%sp+$bias+$frame+24],%o3
-
-	srlx	%o0,16,%o7
-	std	$dota,[%sp+$bias+$frame+32]
-	add	%o7,%o1,%o1
-	std	$dotb,[%sp+$bias+$frame+40]
-	srlx	%o1,16,%o7
-	add	%o7,%o2,%o2
-	srlx	%o2,16,%o7
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-	and	%o0,$mask,%o0
-	and	%o1,$mask,%o1
-	and	%o2,$mask,%o2
-	sllx	%o1,16,%o1
-	sllx	%o2,32,%o2
-	sllx	%o3,48,%o7
-	or	%o1,%o0,%o0
-	or	%o2,%o0,%o0
-	or	%o7,%o0,%o0		! 64-bit result
-	ldx	[%sp+$bias+$frame+32],%o4
-	addcc	%g1,%o0,%o0
-	ldx	[%sp+$bias+$frame+40],%o5
-	srlx	%o3,16,%g1		! 34-bit carry
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	stx	%o0,[$tp]		! tp[j-1]=
-	add	$tp,8,$tp
-
-	srlx	%o4,16,%o7
-	add	%o7,%o5,%o5
-	and	%o4,$mask,%o4
-	sllx	%o5,16,%o7
-	or	%o7,%o4,%o4
-	addcc	%g1,%o4,%o4
-	srlx	%o5,48,%g1
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	mov	%g1,$carry
-	stx	%o4,[$tp]		! tp[num-1]=
-
-	ba	.Louter
-	add	$i,8,$i
-.align	32
-.Louter:
-	sub	%g0,$num,$j		! j=-num
-	add	%sp,$bias+$frame+$locals,$tp
-
-	add	$ap,$j,%o3
-	add	$bp,$i,%o4
-
-	ld	[%o3+4],%g1		! bp[i]
-	ld	[%o3+0],%o0
-	ld	[%o4+4],%g5		! ap[0]
-	sllx	%g1,32,%g1
-	ld	[%o4+0],%o1
-	sllx	%g5,32,%g5
-	or	%g1,%o0,%o0
-	or	%g5,%o1,%o1
-
-	ldx	[$tp],%o2		! tp[0]
-	mulx	%o1,%o0,%o0
-	addcc	%o2,%o0,%o0
-	mulx	$n0,%o0,%o0		! (ap[0]*bp[i]+t[0])*n0
-	stx	%o0,[%sp+$bias+$frame+0]
-
-	! transfer b[i] to FPU as 4x16-bit values
-	ldda	[%o4+2]%asi,$ba
-	ldda	[%o4+0]%asi,$bb
-	ldda	[%o4+6]%asi,$bc
-	ldda	[%o4+4]%asi,$bd
-
-	! transfer (ap[0]*b[i]+t[0])*n0 to FPU as 4x16-bit values
-	ldda	[%sp+$bias+$frame+6]%asi,$na
-	fxtod	$ba,$ba
-	ldda	[%sp+$bias+$frame+4]%asi,$nb
-	fxtod	$bb,$bb
-	ldda	[%sp+$bias+$frame+2]%asi,$nc
-	fxtod	$bc,$bc
-	ldda	[%sp+$bias+$frame+0]%asi,$nd
-	fxtod	$bd,$bd
-	ldd	[$ap_l+$j],$alo		! load a[j] in double format
-	fxtod	$na,$na
-	ldd	[$ap_h+$j],$ahi
-	fxtod	$nb,$nb
-	ldd	[$np_l+$j],$nlo		! load n[j] in double format
-	fxtod	$nc,$nc
-	ldd	[$np_h+$j],$nhi
-	fxtod	$nd,$nd
-
-		fmuld	$alo,$ba,$aloa
-		fmuld	$nlo,$na,$nloa
-		fmuld	$alo,$bb,$alob
-		fmuld	$nlo,$nb,$nlob
-		fmuld	$alo,$bc,$aloc
-	faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-		fmuld	$alo,$bd,$alod
-	faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-		fmuld	$ahi,$ba,$ahia
-	faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-		fmuld	$ahi,$bb,$ahib
-	faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-		fmuld	$ahi,$bc,$ahic
-	faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-		fmuld	$ahi,$bd,$ahid
-	faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-
-	faddd	$ahic,$nhic,$dota	! $nhic
-	faddd	$ahid,$nhid,$dotb	! $nhid
-
-	faddd	$nloc,$nhia,$nloc
-	faddd	$nlod,$nhib,$nlod
-
-	fdtox	$nloa,$nloa
-	fdtox	$nlob,$nlob
-	fdtox	$nloc,$nloc
-	fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	std	$nlob,[%sp+$bias+$frame+8]
-	std	$nloc,[%sp+$bias+$frame+16]
-	add	$j,8,$j
-	std	$nlod,[%sp+$bias+$frame+24]
-
-	ldd	[$ap_l+$j],$alo		! load a[j] in double format
-	ldd	[$ap_h+$j],$ahi
-	ldd	[$np_l+$j],$nlo		! load n[j] in double format
-	ldd	[$np_h+$j],$nhi
-
-		fmuld	$alo,$ba,$aloa
-		fmuld	$nlo,$na,$nloa
-		fmuld	$alo,$bb,$alob
-		fmuld	$nlo,$nb,$nlob
-		fmuld	$alo,$bc,$aloc
-	ldx	[%sp+$bias+$frame+0],%o0
-		faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-	ldx	[%sp+$bias+$frame+8],%o1
-		fmuld	$alo,$bd,$alod
-	ldx	[%sp+$bias+$frame+16],%o2
-		faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-	ldx	[%sp+$bias+$frame+24],%o3
-		fmuld	$ahi,$ba,$ahia
-
-	srlx	%o0,16,%o7
-		faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-	add	%o7,%o1,%o1
-		fmuld	$ahi,$bb,$ahib
-	srlx	%o1,16,%o7
-		faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-	add	%o7,%o2,%o2
-		fmuld	$ahi,$bc,$ahic
-	srlx	%o2,16,%o7
-		faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-	! why?
-	and	%o0,$mask,%o0
-		fmuld	$ahi,$bd,$ahid
-	and	%o1,$mask,%o1
-	and	%o2,$mask,%o2
-		faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-	sllx	%o1,16,%o1
-		faddd	$dota,$nloa,$nloa
-	sllx	%o2,32,%o2
-		faddd	$dotb,$nlob,$nlob
-	sllx	%o3,48,%o7
-	or	%o1,%o0,%o0
-		faddd	$ahic,$nhic,$dota	! $nhic
-	or	%o2,%o0,%o0
-		faddd	$ahid,$nhid,$dotb	! $nhid
-	or	%o7,%o0,%o0		! 64-bit result
-	ldx	[$tp],%o7
-		faddd	$nloc,$nhia,$nloc
-	addcc	%o7,%o0,%o0
-	! end-of-why?
-		faddd	$nlod,$nhib,$nlod
-	srlx	%o3,16,%g1		! 34-bit carry
-		fdtox	$nloa,$nloa
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	fdtox	$nlob,$nlob
-	fdtox	$nloc,$nloc
-	fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	std	$nlob,[%sp+$bias+$frame+8]
-	addcc	$j,8,$j
-	std	$nloc,[%sp+$bias+$frame+16]
-	bz,pn	%icc,.Linnerskip
-	std	$nlod,[%sp+$bias+$frame+24]
-
-	ba	.Linner
-	nop
-.align	32
-.Linner:
-	ldd	[$ap_l+$j],$alo		! load a[j] in double format
-	ldd	[$ap_h+$j],$ahi
-	ldd	[$np_l+$j],$nlo		! load n[j] in double format
-	ldd	[$np_h+$j],$nhi
-
-		fmuld	$alo,$ba,$aloa
-		fmuld	$nlo,$na,$nloa
-		fmuld	$alo,$bb,$alob
-		fmuld	$nlo,$nb,$nlob
-		fmuld	$alo,$bc,$aloc
-	ldx	[%sp+$bias+$frame+0],%o0
-		faddd	$aloa,$nloa,$nloa
-		fmuld	$nlo,$nc,$nloc
-	ldx	[%sp+$bias+$frame+8],%o1
-		fmuld	$alo,$bd,$alod
-	ldx	[%sp+$bias+$frame+16],%o2
-		faddd	$alob,$nlob,$nlob
-		fmuld	$nlo,$nd,$nlod
-	ldx	[%sp+$bias+$frame+24],%o3
-		fmuld	$ahi,$ba,$ahia
-
-	srlx	%o0,16,%o7
-		faddd	$aloc,$nloc,$nloc
-		fmuld	$nhi,$na,$nhia
-	add	%o7,%o1,%o1
-		fmuld	$ahi,$bb,$ahib
-	srlx	%o1,16,%o7
-		faddd	$alod,$nlod,$nlod
-		fmuld	$nhi,$nb,$nhib
-	add	%o7,%o2,%o2
-		fmuld	$ahi,$bc,$ahic
-	srlx	%o2,16,%o7
-		faddd	$ahia,$nhia,$nhia
-		fmuld	$nhi,$nc,$nhic
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-	and	%o0,$mask,%o0
-		fmuld	$ahi,$bd,$ahid
-	and	%o1,$mask,%o1
-	and	%o2,$mask,%o2
-		faddd	$ahib,$nhib,$nhib
-		fmuld	$nhi,$nd,$nhid
-	sllx	%o1,16,%o1
-		faddd	$dota,$nloa,$nloa
-	sllx	%o2,32,%o2
-		faddd	$dotb,$nlob,$nlob
-	sllx	%o3,48,%o7
-	or	%o1,%o0,%o0
-		faddd	$ahic,$nhic,$dota	! $nhic
-	or	%o2,%o0,%o0
-		faddd	$ahid,$nhid,$dotb	! $nhid
-	or	%o7,%o0,%o0		! 64-bit result
-		faddd	$nloc,$nhia,$nloc
-	addcc	%g1,%o0,%o0
-	ldx	[$tp+8],%o7		! tp[j]
-		faddd	$nlod,$nhib,$nlod
-	srlx	%o3,16,%g1		! 34-bit carry
-		fdtox	$nloa,$nloa
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-		fdtox	$nlob,$nlob
-	addcc	%o7,%o0,%o0
-		fdtox	$nloc,$nloc
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	stx	%o0,[$tp]		! tp[j-1]
-		fdtox	$nlod,$nlod
-
-	std	$nloa,[%sp+$bias+$frame+0]
-	std	$nlob,[%sp+$bias+$frame+8]
-	std	$nloc,[%sp+$bias+$frame+16]
-	addcc	$j,8,$j
-	std	$nlod,[%sp+$bias+$frame+24]
-	bnz,pt	%icc,.Linner
-	add	$tp,8,$tp
-
-.Linnerskip:
-	fdtox	$dota,$dota
-	fdtox	$dotb,$dotb
-
-	ldx	[%sp+$bias+$frame+0],%o0
-	ldx	[%sp+$bias+$frame+8],%o1
-	ldx	[%sp+$bias+$frame+16],%o2
-	ldx	[%sp+$bias+$frame+24],%o3
-
-	srlx	%o0,16,%o7
-	std	$dota,[%sp+$bias+$frame+32]
-	add	%o7,%o1,%o1
-	std	$dotb,[%sp+$bias+$frame+40]
-	srlx	%o1,16,%o7
-	add	%o7,%o2,%o2
-	srlx	%o2,16,%o7
-	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
-	and	%o0,$mask,%o0
-	and	%o1,$mask,%o1
-	and	%o2,$mask,%o2
-	sllx	%o1,16,%o1
-	sllx	%o2,32,%o2
-	sllx	%o3,48,%o7
-	or	%o1,%o0,%o0
-	or	%o2,%o0,%o0
-	ldx	[%sp+$bias+$frame+32],%o4
-	or	%o7,%o0,%o0		! 64-bit result
-	ldx	[%sp+$bias+$frame+40],%o5
-	addcc	%g1,%o0,%o0
-	ldx	[$tp+8],%o7		! tp[j]
-	srlx	%o3,16,%g1		! 34-bit carry
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	addcc	%o7,%o0,%o0
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	stx	%o0,[$tp]		! tp[j-1]
-	add	$tp,8,$tp
-
-	srlx	%o4,16,%o7
-	add	%o7,%o5,%o5
-	and	%o4,$mask,%o4
-	sllx	%o5,16,%o7
-	or	%o7,%o4,%o4
-	addcc	%g1,%o4,%o4
-	srlx	%o5,48,%g1
-	bcs,a	%xcc,.+8
-	add	%g1,1,%g1
-
-	addcc	$carry,%o4,%o4
-	stx	%o4,[$tp]		! tp[num-1]
-	mov	%g1,$carry
-	bcs,a	%xcc,.+8
-	add	$carry,1,$carry
-
-	addcc	$i,8,$i
-	bnz	%icc,.Louter
-	nop
-
-	add	$tp,8,$tp		! adjust tp to point at the end
-	orn	%g0,%g0,%g4
-	sub	%g0,$num,%o7		! n=-num
-	ba	.Lsub
-	subcc	%g0,%g0,%g0		! clear %icc.c
-
-.align	32
-.Lsub:
-	ldx	[$tp+%o7],%o0
-	add	$np,%o7,%g1
-	ld	[%g1+0],%o2
-	ld	[%g1+4],%o3
-	srlx	%o0,32,%o1
-	subccc	%o0,%o2,%o2
-	add	$rp,%o7,%g1
-	subccc	%o1,%o3,%o3
-	st	%o2,[%g1+0]
-	add	%o7,8,%o7
-	brnz,pt	%o7,.Lsub
-	st	%o3,[%g1+4]
-	subc	$carry,0,%g4
-	sub	%g0,$num,%o7		! n=-num
-	ba	.Lcopy
-	nop
-
-.align	32
-.Lcopy:
-	ldx	[$tp+%o7],%o0
-	add	$rp,%o7,%g1
-	ld	[%g1+0],%o2
-	ld	[%g1+4],%o3
-	stx	%g0,[$tp+%o7]
-	and	%o0,%g4,%o0
-	srlx	%o0,32,%o1
-	andn	%o2,%g4,%o2
-	andn	%o3,%g4,%o3
-	or	%o2,%o0,%o0
-	or	%o3,%o1,%o1
-	st	%o0,[%g1+0]
-	add	%o7,8,%o7
-	brnz,pt	%o7,.Lcopy
-	st	%o1,[%g1+4]
-	sub	%g0,$num,%o7		! n=-num
-
-.Lzap:
-	stx	%g0,[$ap_l+%o7]
-	stx	%g0,[$ap_h+%o7]
-	stx	%g0,[$np_l+%o7]
-	stx	%g0,[$np_h+%o7]
-	add	%o7,8,%o7
-	brnz,pt	%o7,.Lzap
-	nop
-
-	ldx	[%sp+$bias+$frame+48],%o7
-	wr	%g0,%o7,%asi		! restore %asi
-
-	mov	1,%i0
-.Lret:
-	ret
-	restore
-.type   $fname,#function
-.size	$fname,(.-$fname)
-.asciz	"Montgomery Multipltication for UltraSPARC, CRYPTOGAMS by <appro\@openssl.org>"
-.align	32
-___
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-# Below substitution makes it possible to compile without demanding
-# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
-# dare to do this, because VIS capability is detected at run-time now
-# and this routine is not called on CPU not capable to execute it. Do
-# note that fzeros is not the only VIS dependency! Another dependency
-# is implicit and is just _a_ numerical value loaded to %asi register,
-# which assembler can't recognize as VIS specific...
-$code =~ s/fzeros\s+%f([0-9]+)/
-	   sprintf(".word\t0x%x\t! fzeros %%f%d",0x81b00c20|($1<<25),$1)
-	  /gem;
-
-print $code;
-# flush
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/via-mont.pl b/lib/libssl/src/crypto/bn/asm/via-mont.pl
deleted file mode 100644
index c046a514c87..00000000000
--- a/lib/libssl/src/crypto/bn/asm/via-mont.pl
+++ /dev/null
@@ -1,242 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Wrapper around 'rep montmul', VIA-specific instruction accessing
-# PadLock Montgomery Multiplier. The wrapper is designed as drop-in
-# replacement for OpenSSL bn_mul_mont [first implemented in 0.9.9].
-#
-# Below are interleaved outputs from 'openssl speed rsa dsa' for 4
-# different software configurations on 1.5GHz VIA Esther processor.
-# Lines marked with "software integer" denote performance of hand-
-# coded integer-only assembler found in OpenSSL 0.9.7. "Software SSE2"
-# refers to hand-coded SSE2 Montgomery multiplication procedure found
-# OpenSSL 0.9.9. "Hardware VIA SDK" refers to padlock_pmm routine from
-# Padlock SDK 2.0.1 available for download from VIA, which naturally
-# utilizes the magic 'repz montmul' instruction. And finally "hardware
-# this" refers to *this* implementation which also uses 'repz montmul'
-#
-#                   sign    verify    sign/s verify/s
-# rsa  512 bits 0.001720s 0.000140s    581.4   7149.7	software integer
-# rsa  512 bits 0.000690s 0.000086s   1450.3  11606.0	software SSE2
-# rsa  512 bits 0.006136s 0.000201s    163.0   4974.5	hardware VIA SDK
-# rsa  512 bits 0.000712s 0.000050s   1404.9  19858.5	hardware this
-#
-# rsa 1024 bits 0.008518s 0.000413s    117.4   2420.8	software integer
-# rsa 1024 bits 0.004275s 0.000277s    233.9   3609.7	software SSE2
-# rsa 1024 bits 0.012136s 0.000260s     82.4   3844.5	hardware VIA SDK
-# rsa 1024 bits 0.002522s 0.000116s    396.5   8650.9	hardware this
-#
-# rsa 2048 bits 0.050101s 0.001371s     20.0    729.6	software integer
-# rsa 2048 bits 0.030273s 0.001008s     33.0    991.9	software SSE2
-# rsa 2048 bits 0.030833s 0.000976s     32.4   1025.1	hardware VIA SDK
-# rsa 2048 bits 0.011879s 0.000342s     84.2   2921.7	hardware this
-#
-# rsa 4096 bits 0.327097s 0.004859s      3.1    205.8	software integer
-# rsa 4096 bits 0.229318s 0.003859s      4.4    259.2	software SSE2
-# rsa 4096 bits 0.233953s 0.003274s      4.3    305.4	hardware VIA SDK
-# rsa 4096 bits 0.070493s 0.001166s     14.2    857.6	hardware this
-#
-# dsa  512 bits 0.001342s 0.001651s    745.2    605.7	software integer
-# dsa  512 bits 0.000844s 0.000987s   1185.3   1013.1	software SSE2
-# dsa  512 bits 0.001902s 0.002247s    525.6    444.9	hardware VIA SDK
-# dsa  512 bits 0.000458s 0.000524s   2182.2   1909.1	hardware this
-#
-# dsa 1024 bits 0.003964s 0.004926s    252.3    203.0	software integer
-# dsa 1024 bits 0.002686s 0.003166s    372.3    315.8	software SSE2
-# dsa 1024 bits 0.002397s 0.002823s    417.1    354.3	hardware VIA SDK
-# dsa 1024 bits 0.000978s 0.001170s   1022.2    855.0	hardware this
-#
-# dsa 2048 bits 0.013280s 0.016518s     75.3     60.5	software integer
-# dsa 2048 bits 0.009911s 0.011522s    100.9     86.8	software SSE2
-# dsa 2048 bits 0.009542s 0.011763s    104.8     85.0	hardware VIA SDK
-# dsa 2048 bits 0.002884s 0.003352s    346.8    298.3	hardware this
-#
-# To give you some other reference point here is output for 2.4GHz P4
-# running hand-coded SSE2 bn_mul_mont found in 0.9.9, i.e. "software
-# SSE2" in above terms.
-#
-# rsa  512 bits 0.000407s 0.000047s   2454.2  21137.0
-# rsa 1024 bits 0.002426s 0.000141s    412.1   7100.0
-# rsa 2048 bits 0.015046s 0.000491s     66.5   2034.9
-# rsa 4096 bits 0.109770s 0.002379s      9.1    420.3
-# dsa  512 bits 0.000438s 0.000525s   2281.1   1904.1
-# dsa 1024 bits 0.001346s 0.001595s    742.7    627.0
-# dsa 2048 bits 0.004745s 0.005582s    210.7    179.1
-#
-# Conclusions: 
-# - VIA SDK leaves a *lot* of room for improvement (which this
-#   implementation successfully fills:-);
-# - 'rep montmul' gives up to >3x performance improvement depending on
-#   key length;
-# - in terms of absolute performance it delivers approximately as much
-#   as modern out-of-order 32-bit cores [again, for longer keys].
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"via-mont.pl");
-
-# int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
-$func="bn_mul_mont_padlock";
-
-$pad=16*1;	# amount of reserved bytes on top of every vector
-
-# stack layout
-$mZeroPrime=&DWP(0,"esp");		# these are specified by VIA
-$A=&DWP(4,"esp");
-$B=&DWP(8,"esp");
-$T=&DWP(12,"esp");
-$M=&DWP(16,"esp");
-$scratch=&DWP(20,"esp");
-$rp=&DWP(24,"esp");			# these are mine
-$sp=&DWP(28,"esp");
-# &DWP(32,"esp")			# 32 byte scratch area
-# &DWP(64+(4*$num+$pad)*0,"esp")	# padded tp[num]
-# &DWP(64+(4*$num+$pad)*1,"esp")	# padded copy of ap[num]
-# &DWP(64+(4*$num+$pad)*2,"esp")	# padded copy of bp[num]
-# &DWP(64+(4*$num+$pad)*3,"esp")	# padded copy of np[num]
-# Note that SDK suggests to unconditionally allocate 2K per vector. This
-# has quite an impact on performance. It naturally depends on key length,
-# but to give an example 1024 bit private RSA key operations suffer >30%
-# penalty. I allocate only as much as actually required...
-
-&function_begin($func);
-	&xor	("eax","eax");
-	&mov	("ecx",&wparam(5));	# num
-	# meet VIA's limitations for num [note that the specification
-	# expresses them in bits, while we work with amount of 32-bit words]
-	&test	("ecx",3);
-	&jnz	(&label("leave"));	# num % 4 != 0
-	&cmp	("ecx",8);
-	&jb	(&label("leave"));	# num < 8
-	&cmp	("ecx",1024);
-	&ja	(&label("leave"));	# num > 1024
-
-	&pushf	();
-	&cld	();
-
-	&mov	("edi",&wparam(0));	# rp
-	&mov	("eax",&wparam(1));	# ap
-	&mov	("ebx",&wparam(2));	# bp
-	&mov	("edx",&wparam(3));	# np
-	&mov	("esi",&wparam(4));	# n0
-	&mov	("esi",&DWP(0,"esi"));	# *n0
-
-	&lea	("ecx",&DWP($pad,"","ecx",4));	# ecx becomes vector size in bytes
-	&lea	("ebp",&DWP(64,"","ecx",4));	# allocate 4 vectors + 64 bytes
-	&neg	("ebp");
-	&add	("ebp","esp");
-	&and	("ebp",-64);		# align to cache-line
-	&xchg	("ebp","esp");		# alloca
-
-	&mov	($rp,"edi");		# save rp
-	&mov	($sp,"ebp");		# save esp
-
-	&mov	($mZeroPrime,"esi");
-	&lea	("esi",&DWP(64,"esp"));	# tp
-	&mov	($T,"esi");
-	&lea	("edi",&DWP(32,"esp"));	# scratch area
-	&mov	($scratch,"edi");
-	&mov	("esi","eax");
-
-	&lea	("ebp",&DWP(-$pad,"ecx"));
-	&shr	("ebp",2);		# restore original num value in ebp
-
-	&xor	("eax","eax");
-
-	&mov	("ecx","ebp");
-	&lea	("ecx",&DWP((32+$pad)/4,"ecx"));# padded tp + scratch
-	&data_byte(0xf3,0xab);		# rep stosl, bzero
-
-	&mov	("ecx","ebp");
-	&lea	("edi",&DWP(64+$pad,"esp","ecx",4));# pointer to ap copy
-	&mov	($A,"edi");
-	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
-	&mov	("ecx",$pad/4);
-	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
-	# edi points at the end of padded ap copy...
-
-	&mov	("ecx","ebp");
-	&mov	("esi","ebx");
-	&mov	($B,"edi");
-	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
-	&mov	("ecx",$pad/4);
-	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
-	# edi points at the end of padded bp copy...
-
-	&mov	("ecx","ebp");
-	&mov	("esi","edx");
-	&mov	($M,"edi");
-	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
-	&mov	("ecx",$pad/4);
-	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
-	# edi points at the end of padded np copy...
-
-	# let magic happen...
-	&mov	("ecx","ebp");
-	&mov	("esi","esp");
-	&shl	("ecx",5);		# convert word counter to bit counter
-	&align	(4);
-	&data_byte(0xf3,0x0f,0xa6,0xc0);# rep montmul
-
-	&mov	("ecx","ebp");
-	&lea	("esi",&DWP(64,"esp"));		# tp
-	# edi still points at the end of padded np copy...
-	&neg	("ebp");
-	&lea	("ebp",&DWP(-$pad,"edi","ebp",4));	# so just "rewind"
-	&mov	("edi",$rp);			# restore rp
-	&xor	("edx","edx");			# i=0 and clear CF
-
-&set_label("sub",8);
-	&mov	("eax",&DWP(0,"esi","edx",4));
-	&sbb	("eax",&DWP(0,"ebp","edx",4));
-	&mov	(&DWP(0,"edi","edx",4),"eax");	# rp[i]=tp[i]-np[i]
-	&lea	("edx",&DWP(1,"edx"));		# i++
-	&loop	(&label("sub"));		# doesn't affect CF!
-
-	&mov	("eax",&DWP(0,"esi","edx",4));	# upmost overflow bit
-	&sbb	("eax",0);
-	&and	("esi","eax");
-	&not	("eax");
-	&mov	("ebp","edi");
-	&and	("ebp","eax");
-	&or	("esi","ebp");			# tp=carry?tp:rp
-
-	&mov	("ecx","edx");			# num
-	&xor	("edx","edx");			# i=0
-
-&set_label("copy",8);
-	&mov	("eax",&DWP(0,"esi","edx",4));
-	&mov	(&DWP(64,"esp","edx",4),"ecx");	# zap tp
-	&mov	(&DWP(0,"edi","edx",4),"eax");
-	&lea	("edx",&DWP(1,"edx"));		# i++
-	&loop	(&label("copy"));
-
-	&mov	("ebp",$sp);
-	&xor	("eax","eax");
-
-	&mov	("ecx",64/4);
-	&mov	("edi","esp");		# zap frame including scratch area
-	&data_byte(0xf3,0xab);		# rep stosl, bzero
-
-	# zap copies of ap, bp and np
-	&lea	("edi",&DWP(64+$pad,"esp","edx",4));# pointer to ap
-	&lea	("ecx",&DWP(3*$pad/4,"edx","edx",2));
-	&data_byte(0xf3,0xab);		# rep stosl, bzero
-
-	&mov	("esp","ebp");
-	&inc	("eax");		# signal "done"
-	&popf	();
-&set_label("leave");
-&function_end($func);
-
-&asciz("Padlock Montgomery Multiplication, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/bn/asm/x86-gf2m.pl b/lib/libssl/src/crypto/bn/asm/x86-gf2m.pl
deleted file mode 100644
index 808a1e59691..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86-gf2m.pl
+++ /dev/null
@@ -1,313 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# May 2011
-#
-# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
-# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
-# the time being... Except that it has three code paths: pure integer
-# code suitable for any x86 CPU, MMX code suitable for PIII and later
-# and PCLMULQDQ suitable for Westmere and later. Improvement varies
-# from one benchmark and �-arch to another. Below are interval values
-# for 163- and 571-bit ECDH benchmarks relative to compiler-generated
-# code:
-#
-# PIII		16%-30%
-# P4		12%-12%
-# Opteron	18%-40%
-# Core2		19%-44%
-# Atom		38%-64%
-# Westmere	53%-121%(PCLMULQDQ)/20%-32%(MMX)
-# Sandy Bridge	72%-127%(PCLMULQDQ)/27%-23%(MMX)
-#
-# Note that above improvement coefficients are not coefficients for
-# bn_GF2m_mul_2x2 itself. For example 120% ECDH improvement is result
-# of bn_GF2m_mul_2x2 being >4x faster. As it gets faster, benchmark
-# is more and more dominated by other subroutines, most notably by
-# BN_GF2m_mod[_mul]_arr...
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0,$x86only = $ARGV[$#ARGV] eq "386");
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
-
-$a="eax";
-$b="ebx";
-($a1,$a2,$a4)=("ecx","edx","ebp");
-
-$R="mm0";
-@T=("mm1","mm2");
-($A,$B,$B30,$B31)=("mm2","mm3","mm4","mm5");
-@i=("esi","edi");
-
-					if (!$x86only) {
-&function_begin_B("_mul_1x1_mmx");
-	&sub	("esp",32+4);
-	 &mov	($a1,$a);
-	 &lea	($a2,&DWP(0,$a,$a));
-	 &and	($a1,0x3fffffff);
-	 &lea	($a4,&DWP(0,$a2,$a2));
-	 &mov	(&DWP(0*4,"esp"),0);
-	 &and	($a2,0x7fffffff);
-	&movd	($A,$a);
-	&movd	($B,$b);
-	 &mov	(&DWP(1*4,"esp"),$a1);	# a1
-	 &xor	($a1,$a2);		# a1^a2
-	&pxor	($B31,$B31);
-	&pxor	($B30,$B30);
-	 &mov	(&DWP(2*4,"esp"),$a2);	# a2
-	 &xor	($a2,$a4);		# a2^a4
-	 &mov	(&DWP(3*4,"esp"),$a1);	# a1^a2
-	&pcmpgtd($B31,$A);		# broadcast 31st bit
-	&paddd	($A,$A);		# $A<<=1
-	 &xor	($a1,$a2);		# a1^a4=a1^a2^a2^a4
-	 &mov	(&DWP(4*4,"esp"),$a4);	# a4
-	 &xor	($a4,$a2);		# a2=a4^a2^a4
-	&pand	($B31,$B);
-	&pcmpgtd($B30,$A);		# broadcast 30th bit
-	 &mov	(&DWP(5*4,"esp"),$a1);	# a1^a4
-	 &xor	($a4,$a1);		# a1^a2^a4
-	&psllq	($B31,31);
-	&pand	($B30,$B);
-	 &mov	(&DWP(6*4,"esp"),$a2);	# a2^a4
-	&mov	(@i[0],0x7);
-	 &mov	(&DWP(7*4,"esp"),$a4);	# a1^a2^a4
-	 &mov	($a4,@i[0]);
-	&and	(@i[0],$b);
-	&shr	($b,3);
-	&mov	(@i[1],$a4);
-	&psllq	($B30,30);
-	&and	(@i[1],$b);
-	&shr	($b,3);
-	&movd	($R,&DWP(0,"esp",@i[0],4));
-	&mov	(@i[0],$a4);
-	&and	(@i[0],$b);
-	&shr	($b,3);
-	for($n=1;$n<9;$n++) {
-		&movd	(@T[1],&DWP(0,"esp",@i[1],4));
-		&mov	(@i[1],$a4);
-		&psllq	(@T[1],3*$n);
-		&and	(@i[1],$b);
-		&shr	($b,3);
-		&pxor	($R,@T[1]);
-
-		push(@i,shift(@i)); push(@T,shift(@T));
-	}
-	&movd	(@T[1],&DWP(0,"esp",@i[1],4));
-	&pxor	($R,$B30);
-	&psllq	(@T[1],3*$n++);
-	&pxor	($R,@T[1]);
-
-	&movd	(@T[0],&DWP(0,"esp",@i[0],4));
-	&pxor	($R,$B31);
-	&psllq	(@T[0],3*$n);
-	&add	("esp",32+4);
-	&pxor	($R,@T[0]);
-	&ret	();
-&function_end_B("_mul_1x1_mmx");
-					}
-
-($lo,$hi)=("eax","edx");
-@T=("ecx","ebp");
-
-&function_begin_B("_mul_1x1_ialu");
-	&sub	("esp",32+4);
-	 &mov	($a1,$a);
-	 &lea	($a2,&DWP(0,$a,$a));
-	 &lea	($a4,&DWP(0,"",$a,4));
-	 &and	($a1,0x3fffffff);
-	&lea	(@i[1],&DWP(0,$lo,$lo));
-	&sar	($lo,31);		# broadcast 31st bit
-	 &mov	(&DWP(0*4,"esp"),0);
-	 &and	($a2,0x7fffffff);
-	 &mov	(&DWP(1*4,"esp"),$a1);	# a1
-	 &xor	($a1,$a2);		# a1^a2
-	 &mov	(&DWP(2*4,"esp"),$a2);	# a2
-	 &xor	($a2,$a4);		# a2^a4
-	 &mov	(&DWP(3*4,"esp"),$a1);	# a1^a2
-	 &xor	($a1,$a2);		# a1^a4=a1^a2^a2^a4
-	 &mov	(&DWP(4*4,"esp"),$a4);	# a4
-	 &xor	($a4,$a2);		# a2=a4^a2^a4
-	 &mov	(&DWP(5*4,"esp"),$a1);	# a1^a4
-	 &xor	($a4,$a1);		# a1^a2^a4
-	&sar	(@i[1],31);		# broardcast 30th bit
-	&and	($lo,$b);
-	 &mov	(&DWP(6*4,"esp"),$a2);	# a2^a4
-	&and	(@i[1],$b);
-	 &mov	(&DWP(7*4,"esp"),$a4);	# a1^a2^a4
-	&mov	($hi,$lo);
-	&shl	($lo,31);
-	&mov	(@T[0],@i[1]);
-	&shr	($hi,1);
-
-	 &mov	(@i[0],0x7);
-	&shl	(@i[1],30);
-	 &and	(@i[0],$b);
-	&shr	(@T[0],2);
-	&xor	($lo,@i[1]);
-
-	&shr	($b,3);
-	&mov	(@i[1],0x7);		# 5-byte instruction!?
-	&and	(@i[1],$b);
-	&shr	($b,3);
-	 &xor	($hi,@T[0]);
-	&xor	($lo,&DWP(0,"esp",@i[0],4));
-	&mov	(@i[0],0x7);
-	&and	(@i[0],$b);
-	&shr	($b,3);
-	for($n=1;$n<9;$n++) {
-		&mov	(@T[1],&DWP(0,"esp",@i[1],4));
-		&mov	(@i[1],0x7);
-		&mov	(@T[0],@T[1]);
-		&shl	(@T[1],3*$n);
-		&and	(@i[1],$b);
-		&shr	(@T[0],32-3*$n);
-		&xor	($lo,@T[1]);
-		&shr	($b,3);
-		&xor	($hi,@T[0]);
-
-		push(@i,shift(@i)); push(@T,shift(@T));
-	}
-	&mov	(@T[1],&DWP(0,"esp",@i[1],4));
-	&mov	(@T[0],@T[1]);
-	&shl	(@T[1],3*$n);
-	&mov	(@i[1],&DWP(0,"esp",@i[0],4));
-	&shr	(@T[0],32-3*$n);	$n++;
-	&mov	(@i[0],@i[1]);
-	&xor	($lo,@T[1]);
-	&shl	(@i[1],3*$n);
-	&xor	($hi,@T[0]);
-	&shr	(@i[0],32-3*$n);
-	&xor	($lo,@i[1]);
-	&xor	($hi,@i[0]);
-
-	&add	("esp",32+4);
-	&ret	();
-&function_end_B("_mul_1x1_ialu");
-
-# void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1, BN_ULONG b0);
-&function_begin_B("bn_GF2m_mul_2x2");
-if (!$x86only) {
-	&picmeup("edx","OPENSSL_ia32cap_P");
-	&mov	("eax",&DWP(0,"edx"));
-	&mov	("edx",&DWP(4,"edx"));
-	&test	("eax",1<<23);		# check MMX bit
-	&jz	(&label("ialu"));
-if ($sse2) {
-	&test	("eax",1<<24);		# check FXSR bit
-	&jz	(&label("mmx"));
-	&test	("edx",1<<1);		# check PCLMULQDQ bit
-	&jz	(&label("mmx"));
-
-	&movups		("xmm0",&QWP(8,"esp"));
-	&shufps		("xmm0","xmm0",0b10110001);
-	&pclmulqdq	("xmm0","xmm0",1);
-	&mov		("eax",&DWP(4,"esp"));
-	&movups		(&QWP(0,"eax"),"xmm0");
-	&ret	();
-
-&set_label("mmx",16);
-}
-	&push	("ebp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-	&mov	($a,&wparam(1));
-	&mov	($b,&wparam(3));
-	&call	("_mul_1x1_mmx");	# a1�b1
-	&movq	("mm7",$R);
-
-	&mov	($a,&wparam(2));
-	&mov	($b,&wparam(4));
-	&call	("_mul_1x1_mmx");	# a0�b0
-	&movq	("mm6",$R);
-
-	&mov	($a,&wparam(1));
-	&mov	($b,&wparam(3));
-	&xor	($a,&wparam(2));
-	&xor	($b,&wparam(4));
-	&call	("_mul_1x1_mmx");	# (a0+a1)�(b0+b1)
-	&pxor	($R,"mm7");
-	&mov	($a,&wparam(0));
-	&pxor	($R,"mm6");		# (a0+a1)�(b0+b1)-a1�b1-a0�b0
-
-	&movq	($A,$R);
-	&psllq	($R,32);
-	&pop	("edi");
-	&psrlq	($A,32);
-	&pop	("esi");
-	&pxor	($R,"mm6");
-	&pop	("ebx");
-	&pxor	($A,"mm7");
-	&movq	(&QWP(0,$a),$R);
-	&pop	("ebp");
-	&movq	(&QWP(8,$a),$A);
-	&emms	();
-	&ret	();
-&set_label("ialu",16);
-}
-	&push	("ebp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-	&stack_push(4+1);
-
-	&mov	($a,&wparam(1));
-	&mov	($b,&wparam(3));
-	&call	("_mul_1x1_ialu");	# a1�b1
-	&mov	(&DWP(8,"esp"),$lo);
-	&mov	(&DWP(12,"esp"),$hi);
-
-	&mov	($a,&wparam(2));
-	&mov	($b,&wparam(4));
-	&call	("_mul_1x1_ialu");	# a0�b0
-	&mov	(&DWP(0,"esp"),$lo);
-	&mov	(&DWP(4,"esp"),$hi);
-
-	&mov	($a,&wparam(1));
-	&mov	($b,&wparam(3));
-	&xor	($a,&wparam(2));
-	&xor	($b,&wparam(4));
-	&call	("_mul_1x1_ialu");	# (a0+a1)�(b0+b1)
-
-	&mov	("ebp",&wparam(0));
-		 @r=("ebx","ecx","edi","esi");
-	&mov	(@r[0],&DWP(0,"esp"));
-	&mov	(@r[1],&DWP(4,"esp"));
-	&mov	(@r[2],&DWP(8,"esp"));
-	&mov	(@r[3],&DWP(12,"esp"));
-
-	&xor	($lo,$hi);
-	&xor	($hi,@r[1]);
-	&xor	($lo,@r[0]);
-	&mov	(&DWP(0,"ebp"),@r[0]);
-	&xor	($hi,@r[2]);
-	&mov	(&DWP(12,"ebp"),@r[3]);
-	&xor	($lo,@r[3]);
-	&stack_pop(4+1);
-	&xor	($hi,@r[3]);
-	&pop	("edi");
-	&xor	($lo,$hi);
-	&pop	("esi");
-	&mov	(&DWP(8,"ebp"),$hi);
-	&pop	("ebx");
-	&mov	(&DWP(4,"ebp"),$lo);
-	&pop	("ebp");
-	&ret	();
-&function_end_B("bn_GF2m_mul_2x2");
-
-&asciz	("GF(2^m) Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/bn/asm/x86-mont.pl b/lib/libssl/src/crypto/bn/asm/x86-mont.pl
deleted file mode 100755
index e8f6b050842..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86-mont.pl
+++ /dev/null
@@ -1,593 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# October 2005
-#
-# This is a "teaser" code, as it can be improved in several ways...
-# First of all non-SSE2 path should be implemented (yes, for now it
-# performs Montgomery multiplication/convolution only on SSE2-capable
-# CPUs such as P4, others fall down to original code). Then inner loop
-# can be unrolled and modulo-scheduled to improve ILP and possibly
-# moved to 128-bit XMM register bank (though it would require input
-# rearrangement and/or increase bus bandwidth utilization). Dedicated
-# squaring procedure should give further performance improvement...
-# Yet, for being draft, the code improves rsa512 *sign* benchmark by
-# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
-
-# December 2006
-#
-# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
-# Integer-only code [being equipped with dedicated squaring procedure]
-# gives ~40% on rsa512 sign benchmark...
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
-
-&function_begin("bn_mul_mont");
-
-$i="edx";
-$j="ecx";
-$ap="esi";	$tp="esi";		# overlapping variables!!!
-$rp="edi";	$bp="edi";		# overlapping variables!!!
-$np="ebp";
-$num="ebx";
-
-$_num=&DWP(4*0,"esp");			# stack top layout
-$_rp=&DWP(4*1,"esp");
-$_ap=&DWP(4*2,"esp");
-$_bp=&DWP(4*3,"esp");
-$_np=&DWP(4*4,"esp");
-$_n0=&DWP(4*5,"esp");	$_n0q=&QWP(4*5,"esp");
-$_sp=&DWP(4*6,"esp");
-$_bpend=&DWP(4*7,"esp");
-$frame=32;				# size of above frame rounded up to 16n
-
-	&xor	("eax","eax");
-	&mov	("edi",&wparam(5));	# int num
-	&cmp	("edi",4);
-	&jl	(&label("just_leave"));
-
-	&lea	("esi",&wparam(0));	# put aside pointer to argument block
-	&lea	("edx",&wparam(1));	# load ap
-	&mov	("ebp","esp");		# saved stack pointer!
-	&add	("edi",2);		# extra two words on top of tp
-	&neg	("edi");
-	&lea	("esp",&DWP(-$frame,"esp","edi",4));	# alloca($frame+4*(num+2))
-	&neg	("edi");
-
-	# minimize cache contention by arraning 2K window between stack
-	# pointer and ap argument [np is also position sensitive vector,
-	# but it's assumed to be near ap, as it's allocated at ~same
-	# time].
-	&mov	("eax","esp");
-	&sub	("eax","edx");
-	&and	("eax",2047);
-	&sub	("esp","eax");		# this aligns sp and ap modulo 2048
-
-	&xor	("edx","esp");
-	&and	("edx",2048);
-	&xor	("edx",2048);
-	&sub	("esp","edx");		# this splits them apart modulo 4096
-
-	&and	("esp",-64);		# align to cache line
-
-	################################# load argument block...
-	&mov	("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
-	&mov	("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
-	&mov	("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
-	&mov	("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
-	&mov	("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
-	#&mov	("edi",&DWP(5*4,"esi"));# int num
-
-	&mov	("esi",&DWP(0,"esi"));	# pull n0[0]
-	&mov	($_rp,"eax");		# ... save a copy of argument block
-	&mov	($_ap,"ebx");
-	&mov	($_bp,"ecx");
-	&mov	($_np,"edx");
-	&mov	($_n0,"esi");
-	&lea	($num,&DWP(-3,"edi"));	# num=num-1 to assist modulo-scheduling
-	#&mov	($_num,$num);		# redundant as $num is not reused
-	&mov	($_sp,"ebp");		# saved stack pointer!
-
-if($sse2) {
-$acc0="mm0";	# mmx register bank layout
-$acc1="mm1";
-$car0="mm2";
-$car1="mm3";
-$mul0="mm4";
-$mul1="mm5";
-$temp="mm6";
-$mask="mm7";
-
-	&picmeup("eax","OPENSSL_ia32cap_P");
-	&bt	(&DWP(0,"eax"),26);
-	&jnc	(&label("non_sse2"));
-
-	&mov	("eax",-1);
-	&movd	($mask,"eax");		# mask 32 lower bits
-
-	&mov	($ap,$_ap);		# load input pointers
-	&mov	($bp,$_bp);
-	&mov	($np,$_np);
-
-	&xor	($i,$i);		# i=0
-	&xor	($j,$j);		# j=0
-
-	&movd	($mul0,&DWP(0,$bp));		# bp[0]
-	&movd	($mul1,&DWP(0,$ap));		# ap[0]
-	&movd	($car1,&DWP(0,$np));		# np[0]
-
-	&pmuludq($mul1,$mul0);			# ap[0]*bp[0]
-	&movq	($car0,$mul1);
-	&movq	($acc0,$mul1);			# I wish movd worked for
-	&pand	($acc0,$mask);			# inter-register transfers
-
-	&pmuludq($mul1,$_n0q);			# *=n0
-
-	&pmuludq($car1,$mul1);			# "t[0]"*np[0]*n0
-	&paddq	($car1,$acc0);
-
-	&movd	($acc1,&DWP(4,$np));		# np[1]
-	&movd	($acc0,&DWP(4,$ap));		# ap[1]
-
-	&psrlq	($car0,32);
-	&psrlq	($car1,32);
-
-	&inc	($j);				# j++
-&set_label("1st",16);
-	&pmuludq($acc0,$mul0);			# ap[j]*bp[0]
-	&pmuludq($acc1,$mul1);			# np[j]*m1
-	&paddq	($car0,$acc0);			# +=c0
-	&paddq	($car1,$acc1);			# +=c1
-
-	&movq	($acc0,$car0);
-	&pand	($acc0,$mask);
-	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
-	&paddq	($car1,$acc0);			# +=ap[j]*bp[0];
-	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
-	&psrlq	($car0,32);
-	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[j-1]=
-	&psrlq	($car1,32);
-
-	&lea	($j,&DWP(1,$j));
-	&cmp	($j,$num);
-	&jl	(&label("1st"));
-
-	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[0]
-	&pmuludq($acc1,$mul1);			# np[num-1]*m1
-	&paddq	($car0,$acc0);			# +=c0
-	&paddq	($car1,$acc1);			# +=c1
-
-	&movq	($acc0,$car0);
-	&pand	($acc0,$mask);
-	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[0];
-	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
-
-	&psrlq	($car0,32);
-	&psrlq	($car1,32);
-
-	&paddq	($car1,$car0);
-	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
-
-	&inc	($i);				# i++
-&set_label("outer");
-	&xor	($j,$j);			# j=0
-
-	&movd	($mul0,&DWP(0,$bp,$i,4));	# bp[i]
-	&movd	($mul1,&DWP(0,$ap));		# ap[0]
-	&movd	($temp,&DWP($frame,"esp"));	# tp[0]
-	&movd	($car1,&DWP(0,$np));		# np[0]
-	&pmuludq($mul1,$mul0);			# ap[0]*bp[i]
-
-	&paddq	($mul1,$temp);			# +=tp[0]
-	&movq	($acc0,$mul1);
-	&movq	($car0,$mul1);
-	&pand	($acc0,$mask);
-
-	&pmuludq($mul1,$_n0q);			# *=n0
-
-	&pmuludq($car1,$mul1);
-	&paddq	($car1,$acc0);
-
-	&movd	($temp,&DWP($frame+4,"esp"));	# tp[1]
-	&movd	($acc1,&DWP(4,$np));		# np[1]
-	&movd	($acc0,&DWP(4,$ap));		# ap[1]
-
-	&psrlq	($car0,32);
-	&psrlq	($car1,32);
-	&paddq	($car0,$temp);			# +=tp[1]
-
-	&inc	($j);				# j++
-	&dec	($num);
-&set_label("inner");
-	&pmuludq($acc0,$mul0);			# ap[j]*bp[i]
-	&pmuludq($acc1,$mul1);			# np[j]*m1
-	&paddq	($car0,$acc0);			# +=c0
-	&paddq	($car1,$acc1);			# +=c1
-
-	&movq	($acc0,$car0);
-	&movd	($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
-	&pand	($acc0,$mask);
-	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
-	&paddq	($car1,$acc0);			# +=ap[j]*bp[i]+tp[j]
-	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
-	&psrlq	($car0,32);
-	&movd	(&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
-	&psrlq	($car1,32);
-	&paddq	($car0,$temp);			# +=tp[j+1]
-
-	&dec	($num);
-	&lea	($j,&DWP(1,$j));		# j++
-	&jnz	(&label("inner"));
-
-	&mov	($num,$j);
-	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[i]
-	&pmuludq($acc1,$mul1);			# np[num-1]*m1
-	&paddq	($car0,$acc0);			# +=c0
-	&paddq	($car1,$acc1);			# +=c1
-
-	&movq	($acc0,$car0);
-	&pand	($acc0,$mask);
-	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[i]+tp[num-1]
-	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
-	&psrlq	($car0,32);
-	&psrlq	($car1,32);
-
-	&movd	($temp,&DWP($frame+4,"esp",$num,4));	# += tp[num]
-	&paddq	($car1,$car0);
-	&paddq	($car1,$temp);
-	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
-
-	&lea	($i,&DWP(1,$i));		# i++
-	&cmp	($i,$num);
-	&jle	(&label("outer"));
-
-	&emms	();				# done with mmx bank
-	&jmp	(&label("common_tail"));
-
-&set_label("non_sse2",16);
-}
-
-if (0) {
-	&mov	("esp",$_sp);
-	&xor	("eax","eax");	# signal "not fast enough [yet]"
-	&jmp	(&label("just_leave"));
-	# While the below code provides competitive performance for
-	# all key lengthes on modern Intel cores, it's still more
-	# than 10% slower for 4096-bit key elsewhere:-( "Competitive"
-	# means compared to the original integer-only assembler.
-	# 512-bit RSA sign is better by ~40%, but that's about all
-	# one can say about all CPUs...
-} else {
-$inp="esi";	# integer path uses these registers differently
-$word="edi";
-$carry="ebp";
-
-	&mov	($inp,$_ap);
-	&lea	($carry,&DWP(1,$num));
-	&mov	($word,$_bp);
-	&xor	($j,$j);				# j=0
-	&mov	("edx",$inp);
-	&and	($carry,1);				# see if num is even
-	&sub	("edx",$word);				# see if ap==bp
-	&lea	("eax",&DWP(4,$word,$num,4));		# &bp[num]
-	&or	($carry,"edx");
-	&mov	($word,&DWP(0,$word));			# bp[0]
-	&jz	(&label("bn_sqr_mont"));
-	&mov	($_bpend,"eax");
-	&mov	("eax",&DWP(0,$inp));
-	&xor	("edx","edx");
-
-&set_label("mull",16);
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[j]*bp[0]
-	&add	($carry,"eax");
-	&lea	($j,&DWP(1,$j));
-	&adc	("edx",0);
-	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
-	&cmp	($j,$num);
-	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
-	&jl	(&label("mull"));
-
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[num-1]*bp[0]
-	 &mov	($word,$_n0);
-	&add	("eax",$carry);
-	 &mov	($inp,$_np);
-	&adc	("edx",0);
-	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
-
-	&mov	(&DWP($frame,"esp",$num,4),"eax");	# tp[num-1]=
-	&xor	($j,$j);
-	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
-	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
-
-	&mov	("eax",&DWP(0,$inp));			# np[0]
-	&mul	($word);				# np[0]*m
-	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
-	&mov	("eax",&DWP(4,$inp));			# np[1]
-	&adc	("edx",0);
-	&inc	($j);
-
-	&jmp	(&label("2ndmadd"));
-
-&set_label("1stmadd",16);
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[j]*bp[i]
-	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
-	&lea	($j,&DWP(1,$j));
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
-	&adc	("edx",0);
-	&cmp	($j,$num);
-	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
-	&jl	(&label("1stmadd"));
-
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[num-1]*bp[i]
-	&add	("eax",&DWP($frame,"esp",$num,4));	# +=tp[num-1]
-	 &mov	($word,$_n0);
-	&adc	("edx",0);
-	 &mov	($inp,$_np);
-	&add	($carry,"eax");
-	&adc	("edx",0);
-	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
-
-	&xor	($j,$j);
-	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
-	&mov	(&DWP($frame,"esp",$num,4),$carry);	# tp[num-1]=
-	&adc	($j,0);
-	 &mov	("eax",&DWP(0,$inp));			# np[0]
-	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
-	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
-
-	&mul	($word);				# np[0]*m
-	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
-	&mov	("eax",&DWP(4,$inp));			# np[1]
-	&adc	("edx",0);
-	&mov	($j,1);
-
-&set_label("2ndmadd",16);
-	&mov	($carry,"edx");
-	&mul	($word);				# np[j]*m
-	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
-	&lea	($j,&DWP(1,$j));
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+1]
-	&adc	("edx",0);
-	&cmp	($j,$num);
-	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j-1]=
-	&jl	(&label("2ndmadd"));
-
-	&mov	($carry,"edx");
-	&mul	($word);				# np[j]*m
-	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&adc	("edx",0);
-	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
-
-	&xor	("eax","eax");
-	 &mov	($j,$_bp);				# &bp[i]
-	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
-	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
-	 &lea	($j,&DWP(4,$j));
-	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
-	 &cmp	($j,$_bpend);
-	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
-	&je	(&label("common_tail"));
-
-	&mov	($word,&DWP(0,$j));			# bp[i+1]
-	&mov	($inp,$_ap);
-	&mov	($_bp,$j);				# &bp[++i]
-	&xor	($j,$j);
-	&xor	("edx","edx");
-	&mov	("eax",&DWP(0,$inp));
-	&jmp	(&label("1stmadd"));
-
-&set_label("bn_sqr_mont",16);
-$sbit=$num;
-	&mov	($_num,$num);
-	&mov	($_bp,$j);				# i=0
-
-	&mov	("eax",$word);				# ap[0]
-	&mul	($word);				# ap[0]*ap[0]
-	&mov	(&DWP($frame,"esp"),"eax");		# tp[0]=
-	&mov	($sbit,"edx");
-	&shr	("edx",1);
-	&and	($sbit,1);
-	&inc	($j);
-&set_label("sqr",16);
-	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[j]*ap[0]
-	&add	("eax",$carry);
-	&lea	($j,&DWP(1,$j));
-	&adc	("edx",0);
-	&lea	($carry,&DWP(0,$sbit,"eax",2));
-	&shr	("eax",31);
-	&cmp	($j,$_num);
-	&mov	($sbit,"eax");
-	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
-	&jl	(&label("sqr"));
-
-	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[num-1]
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[num-1]*ap[0]
-	&add	("eax",$carry);
-	 &mov	($word,$_n0);
-	&adc	("edx",0);
-	 &mov	($inp,$_np);
-	&lea	($carry,&DWP(0,$sbit,"eax",2));
-	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
-	&shr	("eax",31);
-	&mov	(&DWP($frame,"esp",$j,4),$carry);	# tp[num-1]=
-
-	&lea	($carry,&DWP(0,"eax","edx",2));
-	 &mov	("eax",&DWP(0,$inp));			# np[0]
-	&shr	("edx",31);
-	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num]=
-	&mov	(&DWP($frame+8,"esp",$j,4),"edx");	# tp[num+1]=
-
-	&mul	($word);				# np[0]*m
-	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
-	&mov	($num,$j);
-	&adc	("edx",0);
-	&mov	("eax",&DWP(4,$inp));			# np[1]
-	&mov	($j,1);
-
-&set_label("3rdmadd",16);
-	&mov	($carry,"edx");
-	&mul	($word);				# np[j]*m
-	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&mov	("eax",&DWP(4,$inp,$j,4));		# np[j+1]
-	&adc	("edx",0);
-	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j-1]=
-
-	&mov	($carry,"edx");
-	&mul	($word);				# np[j+1]*m
-	&add	($carry,&DWP($frame+4,"esp",$j,4));	# +=tp[j+1]
-	&lea	($j,&DWP(2,$j));
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+2]
-	&adc	("edx",0);
-	&cmp	($j,$num);
-	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j]=
-	&jl	(&label("3rdmadd"));
-
-	&mov	($carry,"edx");
-	&mul	($word);				# np[j]*m
-	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
-	&adc	("edx",0);
-	&add	($carry,"eax");
-	&adc	("edx",0);
-	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
-
-	&mov	($j,$_bp);				# i
-	&xor	("eax","eax");
-	&mov	($inp,$_ap);
-	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
-	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
-	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
-	&cmp	($j,$num);
-	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
-	&je	(&label("common_tail"));
-
-	&mov	($word,&DWP(4,$inp,$j,4));		# ap[i]
-	&lea	($j,&DWP(1,$j));
-	&mov	("eax",$word);
-	&mov	($_bp,$j);				# ++i
-	&mul	($word);				# ap[i]*ap[i]
-	&add	("eax",&DWP($frame,"esp",$j,4));	# +=tp[i]
-	&adc	("edx",0);
-	&mov	(&DWP($frame,"esp",$j,4),"eax");	# tp[i]=
-	&xor	($carry,$carry);
-	&cmp	($j,$num);
-	&lea	($j,&DWP(1,$j));
-	&je	(&label("sqrlast"));
-
-	&mov	($sbit,"edx");				# zaps $num
-	&shr	("edx",1);
-	&and	($sbit,1);
-&set_label("sqradd",16);
-	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
-	&mov	($carry,"edx");
-	&mul	($word);				# ap[j]*ap[i]
-	&add	("eax",$carry);
-	&lea	($carry,&DWP(0,"eax","eax"));
-	&adc	("edx",0);
-	&shr	("eax",31);
-	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
-	&lea	($j,&DWP(1,$j));
-	&adc	("eax",0);
-	&add	($carry,$sbit);
-	&adc	("eax",0);
-	&cmp	($j,$_num);
-	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
-	&mov	($sbit,"eax");
-	&jle	(&label("sqradd"));
-
-	&mov	($carry,"edx");
-	&add	("edx","edx");
-	&shr	($carry,31);
-	&add	("edx",$sbit);
-	&adc	($carry,0);
-&set_label("sqrlast");
-	&mov	($word,$_n0);
-	&mov	($inp,$_np);
-	&imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
-
-	&add	("edx",&DWP($frame,"esp",$j,4));	# +=tp[num]
-	&mov	("eax",&DWP(0,$inp));			# np[0]
-	&adc	($carry,0);
-	&mov	(&DWP($frame,"esp",$j,4),"edx");	# tp[num]=
-	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num+1]=
-
-	&mul	($word);				# np[0]*m
-	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
-	&lea	($num,&DWP(-1,$j));
-	&adc	("edx",0);
-	&mov	($j,1);
-	&mov	("eax",&DWP(4,$inp));			# np[1]
-
-	&jmp	(&label("3rdmadd"));
-}
-
-&set_label("common_tail",16);
-	&mov	($np,$_np);			# load modulus pointer
-	&mov	($rp,$_rp);			# load result pointer
-	&lea	($tp,&DWP($frame,"esp"));	# [$ap and $bp are zapped]
-
-	&mov	("eax",&DWP(0,$tp));		# tp[0]
-	&mov	($j,$num);			# j=num-1
-	&xor	($i,$i);			# i=0 and clear CF!
-
-&set_label("sub",16);
-	&sbb	("eax",&DWP(0,$np,$i,4));
-	&mov	(&DWP(0,$rp,$i,4),"eax");	# rp[i]=tp[i]-np[i]
-	&dec	($j);				# doesn't affect CF!
-	&mov	("eax",&DWP(4,$tp,$i,4));	# tp[i+1]
-	&lea	($i,&DWP(1,$i));		# i++
-	&jge	(&label("sub"));
-
-	&sbb	("eax",0);			# handle upmost overflow bit
-	&and	($tp,"eax");
-	&not	("eax");
-	&mov	($np,$rp);
-	&and	($np,"eax");
-	&or	($tp,$np);			# tp=carry?tp:rp
-
-&set_label("copy",16);				# copy or in-place refresh
-	&mov	("eax",&DWP(0,$tp,$num,4));
-	&mov	(&DWP(0,$rp,$num,4),"eax");	# rp[i]=tp[i]
-	&mov	(&DWP($frame,"esp",$num,4),$j);	# zap temporary vector
-	&dec	($num);
-	&jge	(&label("copy"));
-
-	&mov	("esp",$_sp);		# pull saved stack pointer
-	&mov	("eax",1);
-&set_label("just_leave");
-&function_end("bn_mul_mont");
-
-&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/bn/asm/x86.pl b/lib/libssl/src/crypto/bn/asm/x86.pl
deleted file mode 100644
index 1bc4f1bb274..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/local/bin/perl
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
diff --git a/lib/libssl/src/crypto/bn/asm/x86/add.pl b/lib/libssl/src/crypto/bn/asm/x86/add.pl
deleted file mode 100644
index 3bb00809220..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/add.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&add($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &add($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/comba.pl b/lib/libssl/src/crypto/bn/asm/x86/comba.pl
deleted file mode 100644
index dc4ec97ff57..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/comba.pl
+++ /dev/null
@@ -1,277 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub mul_add_c
-	{
-	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("mul a[$ai]*b[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	&mul("edx");
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
-	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
-	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
-	}
-
-sub sqr_add_c
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$b,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add($c0,"eax");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 ###
-	&adc($c1,"edx");
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
-	 ###
-	&adc($c2,0);
-	 # is pos > 1, it means it is the last loop 
-	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
-	}
-
-sub sqr_add_c2
-	{
-	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
-
-	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
-	# words, and 1 if load return value
-
-	&comment("sqr a[$ai]*a[$bi]");
-
-	# "eax" and "edx" will always be pre-loaded.
-	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
-	# &mov("edx",&DWP($bi*4,$a,"",0));
-
-	if ($ai == $bi)
-		{ &mul("eax");}
-	else
-		{ &mul("edx");}
-	&add("eax","eax");
-	 ###
-	&adc("edx","edx");
-	 ###
-	&adc($c2,0);
-	 &add($c0,"eax");
-	&adc($c1,"edx");
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
-	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
-	&adc($c2,0);
-	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
-	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
-	 ###
-	}
-
-sub bn_mul_comba
-	{
-	local($name,$num)=@_;
-	local($a,$b,$c0,$c1,$c2);
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($tot,$end);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$b="edi";
-	
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	&push("esi");
-	 &mov($a,&wparam(1));
-	&push("edi");
-	 &mov($b,&wparam(2));
-	&push("ebp");
-	 &push("ebx");
-
-	&xor($c0,$c0);
-	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
-	&xor($c1,$c1);
-	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("################## Calculate word $i"); 
-
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($j+1) == $end)
-				{
-				$v=1;
-				$v=2 if (($i+1) == $tot);
-				}
-			else
-				{ $v=0; }
-			if (($j+1) != $end)
-				{
-				$na=($ai-1);
-				$nb=($bi+1);
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
-			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				# &mov("eax",&wparam(0));
-				# &mov(&DWP($i*4,"eax","",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&comment("save r[$i]");
-	# &mov("eax",&wparam(0));
-	&mov(&DWP($i*4,"eax","",0),$c0);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-sub bn_sqr_comba
-	{
-	local($name,$num)=@_;
-	local($r,$a,$c0,$c1,$c2)=@_;
-	local($i,$as,$ae,$bs,$be,$ai,$bi);
-	local($b,$tot,$end,$half);
-
-	&function_begin_B($name,"");
-
-	$c0="ebx";
-	$c1="ecx";
-	$c2="ebp";
-	$a="esi";
-	$r="edi";
-
-	&push("esi");
-	 &push("edi");
-	&push("ebp");
-	 &push("ebx");
-	&mov($r,&wparam(0));
-	 &mov($a,&wparam(1));
-	&xor($c0,$c0);
-	 &xor($c1,$c1);
-	&mov("eax",&DWP(0,$a,"",0)); # load the first word
-
-	$as=0;
-	$ae=0;
-	$bs=0;
-	$be=0;
-	$tot=$num+$num-1;
-
-	for ($i=0; $i<$tot; $i++)
-		{
-		$ai=$as;
-		$bi=$bs;
-		$end=$be+1;
-
-		&comment("############### Calculate word $i");
-		for ($j=$bs; $j<$end; $j++)
-			{
-			&xor($c2,$c2) if ($j == $bs);
-			if (($ai-1) < ($bi+1))
-				{
-				$v=1;
-				$v=2 if ($i+1) == $tot;
-				}
-			else
-				{ $v=0; }
-			if (!$v)
-				{
-				$na=$ai-1;
-				$nb=$bi+1;
-				}
-			else
-				{
-				$na=$as+($i < ($num-1));
-				$nb=$bs+($i >= ($num-1));
-				}
-			if ($ai == $bi)
-				{
-				&sqr_add_c($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			else
-				{
-				&sqr_add_c2($r,$a,$ai,$bi,
-					$c0,$c1,$c2,$v,$i,$na,$nb);
-				}
-			if ($v)
-				{
-				&comment("saved r[$i]");
-				#&mov(&DWP($i*4,$r,"",0),$c0);
-				($c0,$c1,$c2)=($c1,$c2,$c0);
-				last;
-				}
-			$ai--;
-			$bi++;
-			}
-		$as++ if ($i < ($num-1));
-		$ae++ if ($i >= ($num-1));
-
-		$bs++ if ($i >= ($num-1));
-		$be++ if ($i < ($num-1));
-		}
-	&mov(&DWP($i*4,$r,"",0),$c0);
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/div.pl b/lib/libssl/src/crypto/bn/asm/x86/div.pl
deleted file mode 100644
index e771eda82fd..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/div.pl
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_div_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-	&mov("edx",&wparam(0));	#
-	&mov("eax",&wparam(1));	#
-	&mov("ebx",&wparam(2));	#
-	&div("ebx");
-	&function_end($name);
-	}
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/mul.pl b/lib/libssl/src/crypto/bn/asm/x86/mul.pl
deleted file mode 100644
index 92b5542dacb..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/mul.pl
+++ /dev/null
@@ -1,77 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_mul_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ecx";
-	$r="edi";
-	$c="esi";
-	$num="ebp";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-	&mov($w,&wparam(3));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("mw_finish"));
-
-	&set_label("mw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,32);
-	&sub($num,8);
-	&jz(&label("mw_finish"));
-	&jmp(&label("mw_loop"));
-
-	&set_label("mw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jnz(&label("mw_finish2"));
-	&jmp(&label("mw_end"));
-
-	&set_label("mw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 # XXX
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		 &dec($num) if ($i != 7-1);
-		&jz(&label("mw_end")) if ($i != 7-1);
-		}
-	&set_label("mw_end",0);
-	&mov("eax",$c);
-
-	&function_end($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/mul_add.pl b/lib/libssl/src/crypto/bn/asm/x86/mul_add.pl
deleted file mode 100644
index 9803dbdad07..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/mul_add.pl
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_mul_add_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$Low="eax";
-	$High="edx";
-	$a="ebx";
-	$w="ebp";
-	$r="edi";
-	$c="esi";
-
-	&xor($c,$c);		# clear carry
-	&mov($r,&wparam(0));	#
-
-	&mov("ecx",&wparam(2));	#
-	&mov($a,&wparam(1));	#
-
-	&and("ecx",0xfffffff8);	# num / 8
-	&mov($w,&wparam(3));	#
-
-	&push("ecx");		# Up the stack for a tmp variable
-
-	&jz(&label("maw_finish"));
-
-	&set_label("maw_loop",0);
-
-	&mov(&swtmp(0),"ecx");	#
-
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-
-		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);		# L(t)+= *r
-		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);		# L(t)+=c
-		&adc("edx",0);			# H(t)+=carry
-		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
-		&mov($c,"edx");			# c=  H(t);
-		}
-
-	&comment("");
-	&mov("ecx",&swtmp(0));	#
-	&add($a,32);
-	&add($r,32);
-	&sub("ecx",8);
-	&jnz(&label("maw_loop"));
-
-	&set_label("maw_finish",0);
-	&mov("ecx",&wparam(2));	# get num
-	&and("ecx",7);
-	&jnz(&label("maw_finish2"));	# helps branch prediction
-	&jmp(&label("maw_end"));
-
-	&set_label("maw_finish2",1);
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		 &mov("eax",&DWP($i*4,$a,"",0));# *a
-		&mul($w);			# *a * w
-		&add("eax",$c);			# L(t)+=c
-		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
-		&adc("edx",0);			# H(t)+=carry
-		 &add("eax",$c);
-		&adc("edx",0);			# H(t)+=carry
-		 &dec("ecx") if ($i != 7-1);
-		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
-		 &mov($c,"edx");			# c=  H(t);
-		&jz(&label("maw_end")) if ($i != 7-1);
-		}
-	&set_label("maw_end",0);
-	&mov("eax",$c);
-
-	&pop("ecx");	# clear variable from
-
-	&function_end($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/sqr.pl b/lib/libssl/src/crypto/bn/asm/x86/sqr.pl
deleted file mode 100644
index 6cf75a76e25..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/sqr.pl
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_sqr_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$r="esi";
-	$a="edi";
-	$num="ebx";
-
-	&mov($r,&wparam(0));	#
-	&mov($a,&wparam(1));	#
-	&mov($num,&wparam(2));	#
-
-	&and($num,0xfffffff8);	# num / 8
-	&jz(&label("sw_finish"));
-
-	&set_label("sw_loop",0);
-	for ($i=0; $i<32; $i+=4)
-		{
-		&comment("Round $i");
-		&mov("eax",&DWP($i,$a,"",0)); 	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*2,$r,"",0),"eax");	#
-		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
-		}
-
-	&comment("");
-	&add($a,32);
-	&add($r,64);
-	&sub($num,8);
-	&jnz(&label("sw_loop"));
-
-	&set_label("sw_finish",0);
-	&mov($num,&wparam(2));	# get num
-	&and($num,7);
-	&jz(&label("sw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov("eax",&DWP($i*4,$a,"",0));	# *a
-		 # XXX
-		&mul("eax");			# *a * *a
-		&mov(&DWP($i*8,$r,"",0),"eax");	#
-		 &dec($num) if ($i != 7-1);
-		&mov(&DWP($i*8+4,$r,"",0),"edx");
-		 &jz(&label("sw_end")) if ($i != 7-1);
-		}
-	&set_label("sw_end",0);
-
-	&function_end($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86/sub.pl b/lib/libssl/src/crypto/bn/asm/x86/sub.pl
deleted file mode 100644
index 0c5364cce5b..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86/sub.pl
+++ /dev/null
@@ -1,76 +0,0 @@
-#!/usr/local/bin/perl
-# x86 assembler
-
-sub bn_sub_words
-	{
-	local($name)=@_;
-
-	&function_begin($name,"");
-
-	&comment("");
-	$a="esi";
-	$b="edi";
-	$c="eax";
-	$r="ebx";
-	$tmp1="ecx";
-	$tmp2="edx";
-	$num="ebp";
-
-	&mov($r,&wparam(0));	# get r
-	 &mov($a,&wparam(1));	# get a
-	&mov($b,&wparam(2));	# get b
-	 &mov($num,&wparam(3));	# get num
-	&xor($c,$c);		# clear carry
-	 &and($num,0xfffffff8);	# num / 8
-
-	&jz(&label("aw_finish"));
-
-	&set_label("aw_loop",0);
-	for ($i=0; $i<8; $i++)
-		{
-		&comment("Round $i");
-
-		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
-		}
-
-	&comment("");
-	&add($a,32);
-	 &add($b,32);
-	&add($r,32);
-	 &sub($num,8);
-	&jnz(&label("aw_loop"));
-
-	&set_label("aw_finish",0);
-	&mov($num,&wparam(3));	# get num
-	&and($num,7);
-	 &jz(&label("aw_end"));
-
-	for ($i=0; $i<7; $i++)
-		{
-		&comment("Tail Round $i");
-		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
-		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
-		&sub($tmp1,$c);
-		 &mov($c,0);
-		&adc($c,$c);
-		 &sub($tmp1,$tmp2);
-		&adc($c,0);
-		 &dec($num) if ($i != 6);
-		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
-		 &jz(&label("aw_end")) if ($i != 6);
-		}
-	&set_label("aw_end",0);
-
-#	&mov("eax",$c);		# $c is "eax"
-
-	&function_end($name);
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c b/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c
deleted file mode 100644
index bd068cfb514..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86_64-gcc.c
+++ /dev/null
@@ -1,554 +0,0 @@
-/* $OpenBSD: x86_64-gcc.c,v 1.6 2015/09/12 09:04:12 miod Exp $ */
-#include "../bn_lcl.h"
-/*
- * x86_64 BIGNUM accelerator version 0.1, December 2002.
- *
- * Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
- * project.
- *
- * Rights for redistribution and usage in source and binary forms are
- * granted according to the OpenSSL license. Warranty of any kind is
- * disclaimed.
- *
- * Q. Version 0.1? It doesn't sound like Andy, he used to assign real
- *    versions, like 1.0...
- * A. Well, that's because this code is basically a quick-n-dirty
- *    proof-of-concept hack. As you can see it's implemented with
- *    inline assembler, which means that you're bound to GCC and that
- *    there might be enough room for further improvement.
- *
- * Q. Why inline assembler?
- * A. x86_64 features own ABI which I'm not familiar with. This is
- *    why I decided to let the compiler take care of subroutine
- *    prologue/epilogue as well as register allocation. For reference.
- *    Win64 implements different ABI for AMD64, different from Linux.
- *
- * Q. How much faster does it get?
- * A. 'apps/openssl speed rsa dsa' output with no-asm:
- *
- *	                  sign    verify    sign/s verify/s
- *	rsa  512 bits   0.0006s   0.0001s   1683.8  18456.2
- *	rsa 1024 bits   0.0028s   0.0002s    356.0   6407.0
- *	rsa 2048 bits   0.0172s   0.0005s     58.0   1957.8
- *	rsa 4096 bits   0.1155s   0.0018s      8.7    555.6
- *	                  sign    verify    sign/s verify/s
- *	dsa  512 bits   0.0005s   0.0006s   2100.8   1768.3
- *	dsa 1024 bits   0.0014s   0.0018s    692.3    559.2
- *	dsa 2048 bits   0.0049s   0.0061s    204.7    165.0
- *
- *    'apps/openssl speed rsa dsa' output with this module:
- *
- *	                  sign    verify    sign/s verify/s
- *	rsa  512 bits   0.0004s   0.0000s   2767.1  33297.9
- *	rsa 1024 bits   0.0012s   0.0001s    867.4  14674.7
- *	rsa 2048 bits   0.0061s   0.0002s    164.0   5270.0
- *	rsa 4096 bits   0.0384s   0.0006s     26.1   1650.8
- *	                  sign    verify    sign/s verify/s
- *	dsa  512 bits   0.0002s   0.0003s   4442.2   3786.3
- *	dsa 1024 bits   0.0005s   0.0007s   1835.1   1497.4
- *	dsa 2048 bits   0.0016s   0.0020s    620.4    504.6
- *
- *    For the reference. IA-32 assembler implementation performs
- *    very much like 64-bit code compiled with no-asm on the same
- *    machine.
- */
-
-#define BN_ULONG unsigned long
-
-#undef mul
-#undef mul_add
-#undef sqr
-
-/*
- * "m"(a), "+m"(r)	is the way to favor DirectPath �-code;
- * "g"(0)		let the compiler to decide where does it
- *			want to keep the value of zero;
- */
-#define mul_add(r,a,word,carry) do {	\
-	BN_ULONG high,low;	\
-	asm ("mulq %3"			\
-		: "=a"(low),"=d"(high)	\
-		: "a"(word),"m"(a)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(carry),"+d"(high)\
-		: "a"(low),"g"(0)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+m"(r),"+d"(high)	\
-		: "r"(carry),"g"(0)	\
-		: "cc");		\
-	carry=high;			\
-	} while (0)
-
-#define mul(r,a,word,carry) do {	\
-	BN_ULONG high,low;	\
-	asm ("mulq %3"			\
-		: "=a"(low),"=d"(high)	\
-		: "a"(word),"g"(a)	\
-		: "cc");		\
-	asm ("addq %2,%0; adcq %3,%1"	\
-		: "+r"(carry),"+d"(high)\
-		: "a"(low),"g"(0)	\
-		: "cc");		\
-	(r)=carry, carry=high;		\
-	} while (0)
-
-#define sqr(r0,r1,a)			\
-	asm ("mulq %2"			\
-		: "=a"(r0),"=d"(r1)	\
-		: "a"(a)		\
-		: "cc");
-
-BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul_add(rp[0],ap[0],w,c1);
-		mul_add(rp[1],ap[1],w,c1);
-		mul_add(rp[2],ap[2],w,c1);
-		mul_add(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1;
-		mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1;
-		mul_add(rp[2],ap[2],w,c1); return c1;
-		}
-	
-	return(c1);
-	} 
-
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-	{
-	BN_ULONG c1=0;
-
-	if (num <= 0) return(c1);
-
-	while (num&~3)
-		{
-		mul(rp[0],ap[0],w,c1);
-		mul(rp[1],ap[1],w,c1);
-		mul(rp[2],ap[2],w,c1);
-		mul(rp[3],ap[3],w,c1);
-		ap+=4; rp+=4; num-=4;
-		}
-	if (num)
-		{
-		mul(rp[0],ap[0],w,c1); if (--num == 0) return c1;
-		mul(rp[1],ap[1],w,c1); if (--num == 0) return c1;
-		mul(rp[2],ap[2],w,c1);
-		}
-	return(c1);
-	} 
-
-void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-        {
-	if (n <= 0) return;
-
-	while (n&~3)
-		{
-		sqr(r[0],r[1],a[0]);
-		sqr(r[2],r[3],a[1]);
-		sqr(r[4],r[5],a[2]);
-		sqr(r[6],r[7],a[3]);
-		a+=4; r+=8; n-=4;
-		}
-	if (n)
-		{
-		sqr(r[0],r[1],a[0]); if (--n == 0) return;
-		sqr(r[2],r[3],a[1]); if (--n == 0) return;
-		sqr(r[4],r[5],a[2]);
-		}
-	}
-
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{	BN_ULONG ret,waste;
-
-	asm ("divq	%4"
-		: "=a"(ret),"=d"(waste)
-		: "a"(l),"d"(h),"g"(d)
-		: "cc");
-
-	return ret;
-}
-
-BN_ULONG bn_add_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int n)
-{ BN_ULONG ret=0,i=0;
-
-	if (n <= 0) return 0;
-
-	asm (
-	"	subq	%2,%2		\n"
-	".p2align 4			\n"
-	"1:	movq	(%4,%2,8),%0	\n"
-	"	adcq	(%5,%2,8),%0	\n"
-	"	movq	%0,(%3,%2,8)	\n"
-	"	leaq	1(%2),%2	\n"
-	"	loop	1b		\n"
-	"	sbbq	%0,%0		\n"
-		: "=&a"(ret),"+c"(n),"=&r"(i)
-		: "r"(rp),"r"(ap),"r"(bp)
-		: "cc"
-	);
-
-  return ret&1;
-}
-
-BN_ULONG bn_sub_words (BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,int n)
-{ BN_ULONG ret=0,i=0;
-
-	if (n <= 0) return 0;
-
-	asm (
-	"	subq	%2,%2		\n"
-	".p2align 4			\n"
-	"1:	movq	(%4,%2,8),%0	\n"
-	"	sbbq	(%5,%2,8),%0	\n"
-	"	movq	%0,(%3,%2,8)	\n"
-	"	leaq	1(%2),%2	\n"
-	"	loop	1b		\n"
-	"	sbbq	%0,%0		\n"
-		: "=&a"(ret),"+c"(n),"=&r"(i)
-		: "r"(rp),"r"(ap),"r"(bp)
-		: "cc"
-	);
-
-  return ret&1;
-}
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
-
-/*
- * Keep in mind that carrying into high part of multiplication result
- * can not overflow, because it cannot be all-ones.
- */
-#if 0
-/* original macros are kept for reference purposes */
-#define mul_add_c(a,b,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a), tb = (b);		\
-	BN_ULONG lo, hi;			\
-	BN_UMULT_LOHI(lo,hi,ta,tb);		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define mul_add_c2(a,b,c0,c1,c2)	do {	\
-	BN_ULONG ta = (a), tb = (b);		\
-	BN_ULONG lo, hi, tt;			\
-	BN_UMULT_LOHI(lo,hi,ta,tb);		\
-	c0 += lo; tt = hi+((c0<lo)?1:0);	\
-	c1 += tt; c2 += (c1<tt)?1:0;		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define sqr_add_c(a,i,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a)[i];			\
-	BN_ULONG lo, hi;			\
-	BN_UMULT_LOHI(lo,hi,ta,ta);		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-#else
-#define mul_add_c(a,b,c0,c1,c2)	do {	\
-	BN_ULONG t1,t2;			\
-	asm ("mulq %3"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a),"m"(b)		\
-		: "cc");		\
-	asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"	\
-		: "+r"(c0),"+r"(c1),"+r"(c2)		\
-		: "r"(t1),"r"(t2),"g"(0)		\
-		: "cc");				\
-	} while (0)
-
-#define sqr_add_c(a,i,c0,c1,c2)	do {	\
-	BN_ULONG t1,t2;			\
-	asm ("mulq %2"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a[i])		\
-		: "cc");		\
-	asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"	\
-		: "+r"(c0),"+r"(c1),"+r"(c2)		\
-		: "r"(t1),"r"(t2),"g"(0)		\
-		: "cc");				\
-	} while (0)
-
-#define mul_add_c2(a,b,c0,c1,c2) do {	\
-	BN_ULONG t1,t2;			\
-	asm ("mulq %3"			\
-		: "=a"(t1),"=d"(t2)	\
-		: "a"(a),"m"(b)		\
-		: "cc");		\
-	asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"	\
-		: "+r"(c0),"+r"(c1),"+r"(c2)		\
-		: "r"(t1),"r"(t2),"g"(0)		\
-		: "cc");				\
-	asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"	\
-		: "+r"(c0),"+r"(c1),"+r"(c2)		\
-		: "r"(t1),"r"(t2),"g"(0)		\
-		: "cc");				\
-	} while (0)
-#endif
-
-#define sqr_add_c2(a,i,j,c0,c1,c2)	\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[4],b[0],c2,c3,c1);
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	mul_add_c(a[0],b[4],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[0],b[5],c3,c1,c2);
-	mul_add_c(a[1],b[4],c3,c1,c2);
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	mul_add_c(a[4],b[1],c3,c1,c2);
-	mul_add_c(a[5],b[0],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[6],b[0],c1,c2,c3);
-	mul_add_c(a[5],b[1],c1,c2,c3);
-	mul_add_c(a[4],b[2],c1,c2,c3);
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	mul_add_c(a[2],b[4],c1,c2,c3);
-	mul_add_c(a[1],b[5],c1,c2,c3);
-	mul_add_c(a[0],b[6],c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	mul_add_c(a[0],b[7],c2,c3,c1);
-	mul_add_c(a[1],b[6],c2,c3,c1);
-	mul_add_c(a[2],b[5],c2,c3,c1);
-	mul_add_c(a[3],b[4],c2,c3,c1);
-	mul_add_c(a[4],b[3],c2,c3,c1);
-	mul_add_c(a[5],b[2],c2,c3,c1);
-	mul_add_c(a[6],b[1],c2,c3,c1);
-	mul_add_c(a[7],b[0],c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	mul_add_c(a[7],b[1],c3,c1,c2);
-	mul_add_c(a[6],b[2],c3,c1,c2);
-	mul_add_c(a[5],b[3],c3,c1,c2);
-	mul_add_c(a[4],b[4],c3,c1,c2);
-	mul_add_c(a[3],b[5],c3,c1,c2);
-	mul_add_c(a[2],b[6],c3,c1,c2);
-	mul_add_c(a[1],b[7],c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	mul_add_c(a[2],b[7],c1,c2,c3);
-	mul_add_c(a[3],b[6],c1,c2,c3);
-	mul_add_c(a[4],b[5],c1,c2,c3);
-	mul_add_c(a[5],b[4],c1,c2,c3);
-	mul_add_c(a[6],b[3],c1,c2,c3);
-	mul_add_c(a[7],b[2],c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	mul_add_c(a[7],b[3],c2,c3,c1);
-	mul_add_c(a[6],b[4],c2,c3,c1);
-	mul_add_c(a[5],b[5],c2,c3,c1);
-	mul_add_c(a[4],b[6],c2,c3,c1);
-	mul_add_c(a[3],b[7],c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	mul_add_c(a[4],b[7],c3,c1,c2);
-	mul_add_c(a[5],b[6],c3,c1,c2);
-	mul_add_c(a[6],b[5],c3,c1,c2);
-	mul_add_c(a[7],b[4],c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	mul_add_c(a[7],b[5],c1,c2,c3);
-	mul_add_c(a[6],b[6],c1,c2,c3);
-	mul_add_c(a[5],b[7],c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	mul_add_c(a[6],b[7],c2,c3,c1);
-	mul_add_c(a[7],b[6],c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	mul_add_c(a[7],b[7],c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-	{
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	mul_add_c(a[0],b[0],c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	mul_add_c(a[0],b[1],c2,c3,c1);
-	mul_add_c(a[1],b[0],c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	mul_add_c(a[2],b[0],c3,c1,c2);
-	mul_add_c(a[1],b[1],c3,c1,c2);
-	mul_add_c(a[0],b[2],c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	mul_add_c(a[0],b[3],c1,c2,c3);
-	mul_add_c(a[1],b[2],c1,c2,c3);
-	mul_add_c(a[2],b[1],c1,c2,c3);
-	mul_add_c(a[3],b[0],c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	mul_add_c(a[3],b[1],c2,c3,c1);
-	mul_add_c(a[2],b[2],c2,c3,c1);
-	mul_add_c(a[1],b[3],c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	mul_add_c(a[2],b[3],c3,c1,c2);
-	mul_add_c(a[3],b[2],c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	mul_add_c(a[3],b[3],c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
-
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-	{
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	sqr_add_c2(a,4,0,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,5,0,c3,c1,c2);
-	sqr_add_c2(a,4,1,c3,c1,c2);
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	sqr_add_c2(a,4,2,c1,c2,c3);
-	sqr_add_c2(a,5,1,c1,c2,c3);
-	sqr_add_c2(a,6,0,c1,c2,c3);
-	r[6]=c1;
-	c1=0;
-	sqr_add_c2(a,7,0,c2,c3,c1);
-	sqr_add_c2(a,6,1,c2,c3,c1);
-	sqr_add_c2(a,5,2,c2,c3,c1);
-	sqr_add_c2(a,4,3,c2,c3,c1);
-	r[7]=c2;
-	c2=0;
-	sqr_add_c(a,4,c3,c1,c2);
-	sqr_add_c2(a,5,3,c3,c1,c2);
-	sqr_add_c2(a,6,2,c3,c1,c2);
-	sqr_add_c2(a,7,1,c3,c1,c2);
-	r[8]=c3;
-	c3=0;
-	sqr_add_c2(a,7,2,c1,c2,c3);
-	sqr_add_c2(a,6,3,c1,c2,c3);
-	sqr_add_c2(a,5,4,c1,c2,c3);
-	r[9]=c1;
-	c1=0;
-	sqr_add_c(a,5,c2,c3,c1);
-	sqr_add_c2(a,6,4,c2,c3,c1);
-	sqr_add_c2(a,7,3,c2,c3,c1);
-	r[10]=c2;
-	c2=0;
-	sqr_add_c2(a,7,4,c3,c1,c2);
-	sqr_add_c2(a,6,5,c3,c1,c2);
-	r[11]=c3;
-	c3=0;
-	sqr_add_c(a,6,c1,c2,c3);
-	sqr_add_c2(a,7,5,c1,c2,c3);
-	r[12]=c1;
-	c1=0;
-	sqr_add_c2(a,7,6,c2,c3,c1);
-	r[13]=c2;
-	c2=0;
-	sqr_add_c(a,7,c3,c1,c2);
-	r[14]=c3;
-	r[15]=c1;
-	}
-
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-	{
-	BN_ULONG c1,c2,c3;
-
-	c1=0;
-	c2=0;
-	c3=0;
-	sqr_add_c(a,0,c1,c2,c3);
-	r[0]=c1;
-	c1=0;
-	sqr_add_c2(a,1,0,c2,c3,c1);
-	r[1]=c2;
-	c2=0;
-	sqr_add_c(a,1,c3,c1,c2);
-	sqr_add_c2(a,2,0,c3,c1,c2);
-	r[2]=c3;
-	c3=0;
-	sqr_add_c2(a,3,0,c1,c2,c3);
-	sqr_add_c2(a,2,1,c1,c2,c3);
-	r[3]=c1;
-	c1=0;
-	sqr_add_c(a,2,c2,c3,c1);
-	sqr_add_c2(a,3,1,c2,c3,c1);
-	r[4]=c2;
-	c2=0;
-	sqr_add_c2(a,3,2,c3,c1,c2);
-	r[5]=c3;
-	c3=0;
-	sqr_add_c(a,3,c1,c2,c3);
-	r[6]=c1;
-	r[7]=c2;
-	}
diff --git a/lib/libssl/src/crypto/bn/asm/x86_64-gf2m.pl b/lib/libssl/src/crypto/bn/asm/x86_64-gf2m.pl
deleted file mode 100644
index 8e45c7479b3..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86_64-gf2m.pl
+++ /dev/null
@@ -1,390 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# May 2011
-#
-# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
-# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
-# the time being... Except that it has two code paths: code suitable
-# for any x86_64 CPU and PCLMULQDQ one suitable for Westmere and
-# later. Improvement varies from one benchmark and �-arch to another.
-# Vanilla code path is at most 20% faster than compiler-generated code
-# [not very impressive], while PCLMULQDQ - whole 85%-160% better on
-# 163- and 571-bit ECDH benchmarks on Intel CPUs. Keep in mind that
-# these coefficients are not ones for bn_GF2m_mul_2x2 itself, as not
-# all CPU time is burnt in it...
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-($lo,$hi)=("%rax","%rdx");	$a=$lo;
-($i0,$i1)=("%rsi","%rdi");
-($t0,$t1)=("%rbx","%rcx");
-($b,$mask)=("%rbp","%r8");
-($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(9..15));
-($R,$Tx)=("%xmm0","%xmm1");
-
-$code.=<<___;
-.text
-
-.type	_mul_1x1,\@abi-omnipotent
-.align	16
-_mul_1x1:
-	sub	\$128+8,%rsp
-	mov	\$-1,$a1
-	lea	($a,$a),$i0
-	shr	\$3,$a1
-	lea	(,$a,4),$i1
-	and	$a,$a1			# a1=a&0x1fffffffffffffff
-	lea	(,$a,8),$a8
-	sar	\$63,$a			# broadcast 63rd bit
-	lea	($a1,$a1),$a2
-	sar	\$63,$i0		# broadcast 62nd bit
-	lea	(,$a1,4),$a4
-	and	$b,$a
-	sar	\$63,$i1		# boardcast 61st bit
-	mov	$a,$hi			# $a is $lo
-	shl	\$63,$lo
-	and	$b,$i0
-	shr	\$1,$hi
-	mov	$i0,$t1
-	shl	\$62,$i0
-	and	$b,$i1
-	shr	\$2,$t1
-	xor	$i0,$lo
-	mov	$i1,$t0
-	shl	\$61,$i1
-	xor	$t1,$hi
-	shr	\$3,$t0
-	xor	$i1,$lo
-	xor	$t0,$hi
-
-	mov	$a1,$a12
-	movq	\$0,0(%rsp)		# tab[0]=0
-	xor	$a2,$a12		# a1^a2
-	mov	$a1,8(%rsp)		# tab[1]=a1
-	 mov	$a4,$a48
-	mov	$a2,16(%rsp)		# tab[2]=a2
-	 xor	$a8,$a48		# a4^a8
-	mov	$a12,24(%rsp)		# tab[3]=a1^a2
-
-	xor	$a4,$a1
-	mov	$a4,32(%rsp)		# tab[4]=a4
-	xor	$a4,$a2
-	mov	$a1,40(%rsp)		# tab[5]=a1^a4
-	xor	$a4,$a12
-	mov	$a2,48(%rsp)		# tab[6]=a2^a4
-	 xor	$a48,$a1		# a1^a4^a4^a8=a1^a8
-	mov	$a12,56(%rsp)		# tab[7]=a1^a2^a4
-	 xor	$a48,$a2		# a2^a4^a4^a8=a1^a8
-
-	mov	$a8,64(%rsp)		# tab[8]=a8
-	xor	$a48,$a12		# a1^a2^a4^a4^a8=a1^a2^a8
-	mov	$a1,72(%rsp)		# tab[9]=a1^a8
-	 xor	$a4,$a1			# a1^a8^a4
-	mov	$a2,80(%rsp)		# tab[10]=a2^a8
-	 xor	$a4,$a2			# a2^a8^a4
-	mov	$a12,88(%rsp)		# tab[11]=a1^a2^a8
-
-	xor	$a4,$a12		# a1^a2^a8^a4
-	mov	$a48,96(%rsp)		# tab[12]=a4^a8
-	 mov	$mask,$i0
-	mov	$a1,104(%rsp)		# tab[13]=a1^a4^a8
-	 and	$b,$i0
-	mov	$a2,112(%rsp)		# tab[14]=a2^a4^a8
-	 shr	\$4,$b
-	mov	$a12,120(%rsp)		# tab[15]=a1^a2^a4^a8
-	 mov	$mask,$i1
-	 and	$b,$i1
-	 shr	\$4,$b
-
-	movq	(%rsp,$i0,8),$R		# half of calculations is done in SSE2
-	mov	$mask,$i0
-	and	$b,$i0
-	shr	\$4,$b
-___
-    for ($n=1;$n<8;$n++) {
-	$code.=<<___;
-	mov	(%rsp,$i1,8),$t1
-	mov	$mask,$i1
-	mov	$t1,$t0
-	shl	\$`8*$n-4`,$t1
-	and	$b,$i1
-	 movq	(%rsp,$i0,8),$Tx
-	shr	\$`64-(8*$n-4)`,$t0
-	xor	$t1,$lo
-	 pslldq	\$$n,$Tx
-	 mov	$mask,$i0
-	shr	\$4,$b
-	xor	$t0,$hi
-	 and	$b,$i0
-	 shr	\$4,$b
-	 pxor	$Tx,$R
-___
-    }
-$code.=<<___;
-	mov	(%rsp,$i1,8),$t1
-	mov	$t1,$t0
-	shl	\$`8*$n-4`,$t1
-	movd	$R,$i0
-	shr	\$`64-(8*$n-4)`,$t0
-	xor	$t1,$lo
-	psrldq	\$8,$R
-	xor	$t0,$hi
-	movd	$R,$i1
-	xor	$i0,$lo
-	xor	$i1,$hi
-
-	add	\$128+8,%rsp
-	ret
-.Lend_mul_1x1:
-.size	_mul_1x1,.-_mul_1x1
-___
-
-($rp,$a1,$a0,$b1,$b0) = $win64?	("%rcx","%rdx","%r8", "%r9","%r10") :	# Win64 order
-				("%rdi","%rsi","%rdx","%rcx","%r8");	# Unix order
-
-$code.=<<___;
-.extern	OPENSSL_ia32cap_P
-.globl	bn_GF2m_mul_2x2
-.type	bn_GF2m_mul_2x2,\@abi-omnipotent
-.align	16
-bn_GF2m_mul_2x2:
-	mov	OPENSSL_ia32cap_P(%rip),%rax
-	bt	\$33,%rax
-	jnc	.Lvanilla_mul_2x2
-
-	movd		$a1,%xmm0
-	movd		$b1,%xmm1
-	movd		$a0,%xmm2
-___
-$code.=<<___ if ($win64);
-	movq		40(%rsp),%xmm3
-___
-$code.=<<___ if (!$win64);
-	movd		$b0,%xmm3
-___
-$code.=<<___;
-	movdqa		%xmm0,%xmm4
-	movdqa		%xmm1,%xmm5
-	pclmulqdq	\$0,%xmm1,%xmm0	# a1�b1
-	pxor		%xmm2,%xmm4
-	pxor		%xmm3,%xmm5
-	pclmulqdq	\$0,%xmm3,%xmm2	# a0�b0
-	pclmulqdq	\$0,%xmm5,%xmm4	# (a0+a1)�(b0+b1)
-	xorps		%xmm0,%xmm4
-	xorps		%xmm2,%xmm4	# (a0+a1)�(b0+b1)-a0�b0-a1�b1
-	movdqa		%xmm4,%xmm5
-	pslldq		\$8,%xmm4
-	psrldq		\$8,%xmm5
-	pxor		%xmm4,%xmm2
-	pxor		%xmm5,%xmm0
-	movdqu		%xmm2,0($rp)
-	movdqu		%xmm0,16($rp)
-	ret
-
-.align	16
-.Lvanilla_mul_2x2:
-	lea	-8*17(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	mov	`8*17+40`(%rsp),$b0
-	mov	%rdi,8*15(%rsp)
-	mov	%rsi,8*16(%rsp)
-___
-$code.=<<___;
-	mov	%r14,8*10(%rsp)
-	mov	%r13,8*11(%rsp)
-	mov	%r12,8*12(%rsp)
-	mov	%rbp,8*13(%rsp)
-	mov	%rbx,8*14(%rsp)
-.Lbody_mul_2x2:
-	mov	$rp,32(%rsp)		# save the arguments
-	mov	$a1,40(%rsp)
-	mov	$a0,48(%rsp)
-	mov	$b1,56(%rsp)
-	mov	$b0,64(%rsp)
-
-	mov	\$0xf,$mask
-	mov	$a1,$a
-	mov	$b1,$b
-	call	_mul_1x1		# a1�b1
-	mov	$lo,16(%rsp)
-	mov	$hi,24(%rsp)
-
-	mov	48(%rsp),$a
-	mov	64(%rsp),$b
-	call	_mul_1x1		# a0�b0
-	mov	$lo,0(%rsp)
-	mov	$hi,8(%rsp)
-
-	mov	40(%rsp),$a
-	mov	56(%rsp),$b
-	xor	48(%rsp),$a
-	xor	64(%rsp),$b
-	call	_mul_1x1		# (a0+a1)�(b0+b1)
-___
-	@r=("%rbx","%rcx","%rdi","%rsi");
-$code.=<<___;
-	mov	0(%rsp),@r[0]
-	mov	8(%rsp),@r[1]
-	mov	16(%rsp),@r[2]
-	mov	24(%rsp),@r[3]
-	mov	32(%rsp),%rbp
-
-	xor	$hi,$lo
-	xor	@r[1],$hi
-	xor	@r[0],$lo
-	mov	@r[0],0(%rbp)
-	xor	@r[2],$hi
-	mov	@r[3],24(%rbp)
-	xor	@r[3],$lo
-	xor	@r[3],$hi
-	xor	$hi,$lo
-	mov	$hi,16(%rbp)
-	mov	$lo,8(%rbp)
-
-	mov	8*10(%rsp),%r14
-	mov	8*11(%rsp),%r13
-	mov	8*12(%rsp),%r12
-	mov	8*13(%rsp),%rbp
-	mov	8*14(%rsp),%rbx
-___
-$code.=<<___ if ($win64);
-	mov	8*15(%rsp),%rdi
-	mov	8*16(%rsp),%rsi
-___
-$code.=<<___;
-	lea	8*17(%rsp),%rsp
-	ret
-.Lend_mul_2x2:
-.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
-.asciz	"GF(2^m) Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	16
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#               CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern __imp_RtlVirtualUnwind
-
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	152($context),%rax	# pull context->Rsp
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lbody_mul_2x2(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<"prologue" label
-	jb	.Lin_prologue
-
-	mov	8*10(%rax),%r14		# mimic epilogue
-	mov	8*11(%rax),%r13
-	mov	8*12(%rax),%r12
-	mov	8*13(%rax),%rbp
-	mov	8*14(%rax),%rbx
-	mov	8*15(%rax),%rdi
-	mov	8*16(%rax),%rsi
-
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-
-.Lin_prologue:
-	lea	8*17(%rax),%rax
-	mov	%rax,152($context)	# restore context->Rsp
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	se_handler,.-se_handler
-
-.section	.pdata
-.align	4
-	.rva	_mul_1x1
-	.rva	.Lend_mul_1x1
-	.rva	.LSEH_info_1x1
-
-	.rva	.Lvanilla_mul_2x2
-	.rva	.Lend_mul_2x2
-	.rva	.LSEH_info_2x2
-.section	.xdata
-.align	8
-.LSEH_info_1x1:
-	.byte	0x01,0x07,0x02,0x00
-	.byte	0x07,0x01,0x11,0x00	# sub rsp,128+8
-.LSEH_info_2x2:
-	.byte	9,0,0,0
-	.rva	se_handler
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/x86_64-mont.pl b/lib/libssl/src/crypto/bn/asm/x86_64-mont.pl
deleted file mode 100755
index c35493e80ad..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86_64-mont.pl
+++ /dev/null
@@ -1,1504 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# October 2005.
-#
-# Montgomery multiplication routine for x86_64. While it gives modest
-# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
-# than twice, >2x, as fast. Most common rsa1024 sign is improved by
-# respectful 50%. It remains to be seen if loop unrolling and
-# dedicated squaring routine can provide further improvement...
-
-# July 2011.
-#
-# Add dedicated squaring procedure. Performance improvement varies
-# from platform to platform, but in average it's ~5%/15%/25%/33%
-# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
-
-# August 2011.
-#
-# Unroll and modulo-schedule inner loops in such manner that they
-# are "fallen through" for input lengths of 8, which is critical for
-# 1024-bit RSA *sign*. Average performance improvement in comparison
-# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
-# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# int bn_mul_mont(
-$rp="%rdi";	# BN_ULONG *rp,
-$ap="%rsi";	# const BN_ULONG *ap,
-$bp="%rdx";	# const BN_ULONG *bp,
-$np="%rcx";	# const BN_ULONG *np,
-$n0="%r8";	# const BN_ULONG *n0,
-$num="%r9";	# int num);
-$lo0="%r10";
-$hi0="%r11";
-$hi1="%r13";
-$i="%r14";
-$j="%r15";
-$m0="%rbx";
-$m1="%rbp";
-
-$code=<<___;
-.text
-
-.globl	bn_mul_mont
-.type	bn_mul_mont,\@function,6
-.align	16
-bn_mul_mont:
-	test	\$3,${num}d
-	jnz	.Lmul_enter
-	cmp	\$8,${num}d
-	jb	.Lmul_enter
-	cmp	$ap,$bp
-	jne	.Lmul4x_enter
-	jmp	.Lsqr4x_enter
-
-.align	16
-.Lmul_enter:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	mov	${num}d,${num}d
-	lea	2($num),%r10
-	mov	%rsp,%r11
-	neg	%r10
-	lea	(%rsp,%r10,8),%rsp	# tp=alloca(8*(num+2))
-	and	\$-1024,%rsp		# minimize TLB usage
-
-	mov	%r11,8(%rsp,$num,8)	# tp[num+1]=%rsp
-.Lmul_body:
-	mov	$bp,%r12		# reassign $bp
-___
-		$bp="%r12";
-$code.=<<___;
-	mov	($n0),$n0		# pull n0[0] value
-	mov	($bp),$m0		# m0=bp[0]
-	mov	($ap),%rax
-
-	xor	$i,$i			# i=0
-	xor	$j,$j			# j=0
-
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[0]
-	mov	%rax,$lo0
-	mov	($np),%rax
-
-	imulq	$lo0,$m1		# "tp[0]"*n0
-	mov	%rdx,$hi0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$lo0		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$hi1
-
-	lea	1($j),$j		# j++
-	jmp	.L1st_enter
-
-.align	16
-.L1st:
-	add	%rax,$hi1
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
-	mov	$lo0,$hi0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-.L1st_enter:
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$hi0
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	lea	1($j),$j		# j++
-	mov	%rdx,$lo0
-
-	mulq	$m1			# np[j]*m1
-	cmp	$num,$j
-	jl	.L1st
-
-	add	%rax,$hi1
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-	mov	$lo0,$hi0
-
-	xor	%rdx,%rdx
-	add	$hi0,$hi1
-	adc	\$0,%rdx
-	mov	$hi1,-8(%rsp,$num,8)
-	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-	jmp	.Louter
-.align	16
-.Louter:
-	mov	($bp,$i,8),$m0		# m0=bp[i]
-	xor	$j,$j			# j=0
-	mov	$n0,$m1
-	mov	(%rsp),$lo0
-	mulq	$m0			# ap[0]*bp[i]
-	add	%rax,$lo0		# ap[0]*bp[i]+tp[0]
-	mov	($np),%rax
-	adc	\$0,%rdx
-
-	imulq	$lo0,$m1		# tp[0]*n0
-	mov	%rdx,$hi0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$lo0		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	8(%rsp),$lo0		# tp[1]
-	mov	%rdx,$hi1
-
-	lea	1($j),$j		# j++
-	jmp	.Linner_enter
-
-.align	16
-.Linner:
-	add	%rax,$hi1
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	mov	(%rsp,$j,8),$lo0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-.Linner_enter:
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$hi0
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	$hi0,$lo0		# ap[j]*bp[i]+tp[j]
-	mov	%rdx,$hi0
-	adc	\$0,$hi0
-	lea	1($j),$j		# j++
-
-	mulq	$m1			# np[j]*m1
-	cmp	$num,$j
-	jl	.Linner
-
-	add	%rax,$hi1
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	mov	(%rsp,$j,8),$lo0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-	xor	%rdx,%rdx
-	add	$hi0,$hi1
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# pull upmost overflow bit
-	adc	\$0,%rdx
-	mov	$hi1,-8(%rsp,$num,8)
-	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-	cmp	$num,$i
-	jl	.Louter
-
-	xor	$i,$i			# i=0 and clear CF!
-	mov	(%rsp),%rax		# tp[0]
-	lea	(%rsp),$ap		# borrow ap for tp
-	mov	$num,$j			# j=num
-	jmp	.Lsub
-.align	16
-.Lsub:	sbb	($np,$i,8),%rax
-	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
-	mov	8($ap,$i,8),%rax	# tp[i+1]
-	lea	1($i),$i		# i++
-	dec	$j			# doesnn't affect CF!
-	jnz	.Lsub
-
-	sbb	\$0,%rax		# handle upmost overflow bit
-	xor	$i,$i
-	and	%rax,$ap
-	not	%rax
-	mov	$rp,$np
-	and	%rax,$np
-	mov	$num,$j			# j=num
-	or	$np,$ap			# ap=borrow?tp:rp
-.align	16
-.Lcopy:					# copy or in-place refresh
-	mov	($ap,$i,8),%rax
-	mov	$i,(%rsp,$i,8)		# zap temporary vector
-	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]
-	lea	1($i),$i
-	sub	\$1,$j
-	jnz	.Lcopy
-
-	mov	8(%rsp,$num,8),%rsi	# restore %rsp
-	mov	\$1,%rax
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lmul_epilogue:
-	ret
-.size	bn_mul_mont,.-bn_mul_mont
-___
-{{{
-my @A=("%r10","%r11");
-my @N=("%r13","%rdi");
-$code.=<<___;
-.type	bn_mul4x_mont,\@function,6
-.align	16
-bn_mul4x_mont:
-.Lmul4x_enter:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	mov	${num}d,${num}d
-	lea	4($num),%r10
-	mov	%rsp,%r11
-	neg	%r10
-	lea	(%rsp,%r10,8),%rsp	# tp=alloca(8*(num+4))
-	and	\$-1024,%rsp		# minimize TLB usage
-
-	mov	%r11,8(%rsp,$num,8)	# tp[num+1]=%rsp
-.Lmul4x_body:
-	mov	$rp,16(%rsp,$num,8)	# tp[num+2]=$rp
-	mov	%rdx,%r12		# reassign $bp
-___
-		$bp="%r12";
-$code.=<<___;
-	mov	($n0),$n0		# pull n0[0] value
-	mov	($bp),$m0		# m0=bp[0]
-	mov	($ap),%rax
-
-	xor	$i,$i			# i=0
-	xor	$j,$j			# j=0
-
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[0]
-	mov	%rax,$A[0]
-	mov	($np),%rax
-
-	imulq	$A[0],$m1		# "tp[0]"*n0
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$A[0]		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$N[1]
-
-	mulq	$m0
-	add	%rax,$A[1]
-	mov	8($np),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1
-	add	%rax,$N[1]
-	mov	16($ap),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	lea	4($j),$j		# j++
-	adc	\$0,%rdx
-	mov	$N[1],(%rsp)
-	mov	%rdx,$N[0]
-	jmp	.L1st4x
-.align	16
-.L1st4x:
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-8(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	8($np,$j,8),%rax
-	adc	\$0,%rdx
-	lea	4($j),$j		# j++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	-16($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-	cmp	$num,$j
-	jl	.L1st4x
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	xor	$N[1],$N[1]
-	add	$A[0],$N[0]
-	adc	\$0,$N[1]
-	mov	$N[0],-8(%rsp,$j,8)
-	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-.align	4
-.Louter4x:
-	mov	($bp,$i,8),$m0		# m0=bp[i]
-	xor	$j,$j			# j=0
-	mov	(%rsp),$A[0]
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[i]
-	add	%rax,$A[0]		# ap[0]*bp[i]+tp[0]
-	mov	($np),%rax
-	adc	\$0,%rdx
-
-	imulq	$A[0],$m1		# tp[0]*n0
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$A[0]		# "$N[0]", discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	8($np),%rax
-	adc	\$0,%rdx
-	add	8(%rsp),$A[1]		# +tp[1]
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	16($ap),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	lea	4($j),$j		# j+=2
-	adc	\$0,%rdx
-	mov	$N[1],(%rsp)		# tp[j-1]
-	mov	%rdx,$N[0]
-	jmp	.Linner4x
-.align	16
-.Linner4x:
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[0],-8(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	lea	4($j),$j		# j++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	-16($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-	cmp	$num,$j
-	jl	.Linner4x
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	lea	1($i),$i		# i++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	xor	$N[1],$N[1]
-	add	$A[0],$N[0]
-	adc	\$0,$N[1]
-	add	(%rsp,$num,8),$N[0]	# pull upmost overflow bit
-	adc	\$0,$N[1]
-	mov	$N[0],-8(%rsp,$j,8)
-	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
-
-	cmp	$num,$i
-	jl	.Louter4x
-___
-{
-my @ri=("%rax","%rdx",$m0,$m1);
-$code.=<<___;
-	mov	16(%rsp,$num,8),$rp	# restore $rp
-	mov	0(%rsp),@ri[0]		# tp[0]
-	pxor	%xmm0,%xmm0
-	mov	8(%rsp),@ri[1]		# tp[1]
-	shr	\$2,$num		# num/=4
-	lea	(%rsp),$ap		# borrow ap for tp
-	xor	$i,$i			# i=0 and clear CF!
-
-	sub	0($np),@ri[0]
-	mov	16($ap),@ri[2]		# tp[2]
-	mov	24($ap),@ri[3]		# tp[3]
-	sbb	8($np),@ri[1]
-	lea	-1($num),$j		# j=num/4-1
-	jmp	.Lsub4x
-.align	16
-.Lsub4x:
-	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	16($np,$i,8),@ri[2]
-	mov	32($ap,$i,8),@ri[0]	# tp[i+1]
-	mov	40($ap,$i,8),@ri[1]
-	sbb	24($np,$i,8),@ri[3]
-	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	32($np,$i,8),@ri[0]
-	mov	48($ap,$i,8),@ri[2]
-	mov	56($ap,$i,8),@ri[3]
-	sbb	40($np,$i,8),@ri[1]
-	lea	4($i),$i		# i++
-	dec	$j			# doesnn't affect CF!
-	jnz	.Lsub4x
-
-	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	32($ap,$i,8),@ri[0]	# load overflow bit
-	sbb	16($np,$i,8),@ri[2]
-	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	24($np,$i,8),@ri[3]
-	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
-
-	sbb	\$0,@ri[0]		# handle upmost overflow bit
-	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	xor	$i,$i			# i=0
-	and	@ri[0],$ap
-	not	@ri[0]
-	mov	$rp,$np
-	and	@ri[0],$np
-	lea	-1($num),$j
-	or	$np,$ap			# ap=borrow?tp:rp
-
-	movdqu	($ap),%xmm1
-	movdqa	%xmm0,(%rsp)
-	movdqu	%xmm1,($rp)
-	jmp	.Lcopy4x
-.align	16
-.Lcopy4x:					# copy or in-place refresh
-	movdqu	16($ap,$i),%xmm2
-	movdqu	32($ap,$i),%xmm1
-	movdqa	%xmm0,16(%rsp,$i)
-	movdqu	%xmm2,16($rp,$i)
-	movdqa	%xmm0,32(%rsp,$i)
-	movdqu	%xmm1,32($rp,$i)
-	lea	32($i),$i
-	dec	$j
-	jnz	.Lcopy4x
-
-	shl	\$2,$num
-	movdqu	16($ap,$i),%xmm2
-	movdqa	%xmm0,16(%rsp,$i)
-	movdqu	%xmm2,16($rp,$i)
-___
-}
-$code.=<<___;
-	mov	8(%rsp,$num,8),%rsi	# restore %rsp
-	mov	\$1,%rax
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lmul4x_epilogue:
-	ret
-.size	bn_mul4x_mont,.-bn_mul4x_mont
-___
-}}}
-{{{
-######################################################################
-# void bn_sqr4x_mont(
-my $rptr="%rdi";	# const BN_ULONG *rptr,
-my $aptr="%rsi";	# const BN_ULONG *aptr,
-my $bptr="%rdx";	# not used
-my $nptr="%rcx";	# const BN_ULONG *nptr,
-my $n0  ="%r8";		# const BN_ULONG *n0);
-my $num ="%r9";		# int num, has to be divisible by 4 and
-			# not less than 8
-
-my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
-my @A0=("%r10","%r11");
-my @A1=("%r12","%r13");
-my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
-
-$code.=<<___;
-.type	bn_sqr4x_mont,\@function,6
-.align	16
-bn_sqr4x_mont:
-.Lsqr4x_enter:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	shl	\$3,${num}d		# convert $num to bytes
-	xor	%r10,%r10
-	mov	%rsp,%r11		# put aside %rsp
-	sub	$num,%r10		# -$num
-	mov	($n0),$n0		# *n0
-	lea	-72(%rsp,%r10,2),%rsp	# alloca(frame+2*$num)
-	and	\$-1024,%rsp		# minimize TLB usage
-	##############################################################
-	# Stack layout
-	#
-	# +0	saved $num, used in reduction section
-	# +8	&t[2*$num], used in reduction section
-	# +32	saved $rptr
-	# +40	saved $nptr
-	# +48	saved *n0
-	# +56	saved %rsp
-	# +64	t[2*$num]
-	#
-	mov	$rptr,32(%rsp)		# save $rptr
-	mov	$nptr,40(%rsp)
-	mov	$n0,  48(%rsp)
-	mov	%r11, 56(%rsp)		# save original %rsp
-.Lsqr4x_body:
-	##############################################################
-	# Squaring part:
-	#
-	# a) multiply-n-add everything but a[i]*a[i];
-	# b) shift result of a) by 1 to the left and accumulate
-	#    a[i]*a[i] products;
-	#
-	lea	32(%r10),$i		# $i=-($num-32)
-	lea	($aptr,$num),$aptr	# end of a[] buffer, ($aptr,$i)=&ap[2]
-
-	mov	$num,$j			# $j=$num
-
-					# comments apply to $num==8 case
-	mov	-32($aptr,$i),$a0	# a[0]
-	lea	64(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
-	mov	-24($aptr,$i),%rax	# a[1]
-	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
-	mov	-16($aptr,$i),$ai	# a[2]
-	mov	%rax,$a1
-
-	mul	$a0			# a[1]*a[0]
-	mov	%rax,$A0[0]		# a[1]*a[0]
-	 mov	$ai,%rax		# a[2]
-	mov	%rdx,$A0[1]
-	mov	$A0[0],-24($tptr,$i)	# t[1]
-
-	xor	$A0[0],$A0[0]
-	mul	$a0			# a[2]*a[0]
-	add	%rax,$A0[1]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[0]
-	mov	$A0[1],-16($tptr,$i)	# t[2]
-
-	lea	-16($i),$j		# j=-16
-
-
-	 mov	8($aptr,$j),$ai		# a[3]
-	mul	$a1			# a[2]*a[1]
-	mov	%rax,$A1[0]		# a[2]*a[1]+t[3]
-	 mov	$ai,%rax
-	mov	%rdx,$A1[1]
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	 lea	16($j),$j
-	adc	\$0,$A0[1]
-	mul	$a0			# a[3]*a[0]
-	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-8($tptr,$j)	# t[3]
-	jmp	.Lsqr4x_1st
-
-.align	16
-.Lsqr4x_1st:
-	 mov	($aptr,$j),$ai		# a[4]
-	xor	$A1[0],$A1[0]
-	mul	$a1			# a[3]*a[1]
-	add	%rax,$A1[1]		# a[3]*a[1]+t[4]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[0]
-
-	xor	$A0[0],$A0[0]
-	add	$A1[1],$A0[1]
-	adc	\$0,$A0[0]
-	mul	$a0			# a[4]*a[0]
-	add	%rax,$A0[1]		# a[4]*a[0]+a[3]*a[1]+t[4]
-	 mov	$ai,%rax		# a[3]
-	adc	%rdx,$A0[0]
-	mov	$A0[1],($tptr,$j)	# t[4]
-
-
-	 mov	8($aptr,$j),$ai		# a[5]
-	xor	$A1[1],$A1[1]
-	mul	$a1			# a[4]*a[3]
-	add	%rax,$A1[0]		# a[4]*a[3]+t[5]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[1]
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	adc	\$0,$A0[1]
-	mul	$a0			# a[5]*a[2]
-	add	%rax,$A0[0]		# a[5]*a[2]+a[4]*a[3]+t[5]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],8($tptr,$j)	# t[5]
-
-	 mov	16($aptr,$j),$ai	# a[6]
-	xor	$A1[0],$A1[0]
-	mul	$a1			# a[5]*a[3]
-	add	%rax,$A1[1]		# a[5]*a[3]+t[6]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[0]
-
-	xor	$A0[0],$A0[0]
-	add	$A1[1],$A0[1]
-	adc	\$0,$A0[0]
-	mul	$a0			# a[6]*a[2]
-	add	%rax,$A0[1]		# a[6]*a[2]+a[5]*a[3]+t[6]
-	 mov	$ai,%rax		# a[3]
-	adc	%rdx,$A0[0]
-	mov	$A0[1],16($tptr,$j)	# t[6]
-
-
-	 mov	24($aptr,$j),$ai	# a[7]
-	xor	$A1[1],$A1[1]
-	mul	$a1			# a[6]*a[5]
-	add	%rax,$A1[0]		# a[6]*a[5]+t[7]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[1]
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	 lea	32($j),$j
-	adc	\$0,$A0[1]
-	mul	$a0			# a[7]*a[4]
-	add	%rax,$A0[0]		# a[7]*a[4]+a[6]*a[5]+t[6]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-8($tptr,$j)	# t[7]
-
-	cmp	\$0,$j
-	jne	.Lsqr4x_1st
-
-	xor	$A1[0],$A1[0]
-	add	$A0[1],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$a1			# a[7]*a[5]
-	add	%rax,$A1[1]
-	adc	%rdx,$A1[0]
-
-	mov	$A1[1],($tptr)		# t[8]
-	lea	16($i),$i
-	mov	$A1[0],8($tptr)		# t[9]
-	jmp	.Lsqr4x_outer
-
-.align	16
-.Lsqr4x_outer:				# comments apply to $num==6 case
-	mov	-32($aptr,$i),$a0	# a[0]
-	lea	64(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
-	mov	-24($aptr,$i),%rax	# a[1]
-	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
-	mov	-16($aptr,$i),$ai	# a[2]
-	mov	%rax,$a1
-
-	mov	-24($tptr,$i),$A0[0]	# t[1]
-	xor	$A0[1],$A0[1]
-	mul	$a0			# a[1]*a[0]
-	add	%rax,$A0[0]		# a[1]*a[0]+t[1]
-	 mov	$ai,%rax		# a[2]
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-24($tptr,$i)	# t[1]
-
-	xor	$A0[0],$A0[0]
-	add	-16($tptr,$i),$A0[1]	# a[2]*a[0]+t[2]
-	adc	\$0,$A0[0]
-	mul	$a0			# a[2]*a[0]
-	add	%rax,$A0[1]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[0]
-	mov	$A0[1],-16($tptr,$i)	# t[2]
-
-	lea	-16($i),$j		# j=-16
-	xor	$A1[0],$A1[0]
-
-
-	 mov	8($aptr,$j),$ai		# a[3]
-	xor	$A1[1],$A1[1]
-	add	8($tptr,$j),$A1[0]
-	adc	\$0,$A1[1]
-	mul	$a1			# a[2]*a[1]
-	add	%rax,$A1[0]		# a[2]*a[1]+t[3]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[1]
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	adc	\$0,$A0[1]
-	mul	$a0			# a[3]*a[0]
-	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],8($tptr,$j)	# t[3]
-
-	lea	16($j),$j
-	jmp	.Lsqr4x_inner
-
-.align	16
-.Lsqr4x_inner:
-	 mov	($aptr,$j),$ai		# a[4]
-	xor	$A1[0],$A1[0]
-	add	($tptr,$j),$A1[1]
-	adc	\$0,$A1[0]
-	mul	$a1			# a[3]*a[1]
-	add	%rax,$A1[1]		# a[3]*a[1]+t[4]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[0]
-
-	xor	$A0[0],$A0[0]
-	add	$A1[1],$A0[1]
-	adc	\$0,$A0[0]
-	mul	$a0			# a[4]*a[0]
-	add	%rax,$A0[1]		# a[4]*a[0]+a[3]*a[1]+t[4]
-	 mov	$ai,%rax		# a[3]
-	adc	%rdx,$A0[0]
-	mov	$A0[1],($tptr,$j)	# t[4]
-
-	 mov	8($aptr,$j),$ai		# a[5]
-	xor	$A1[1],$A1[1]
-	add	8($tptr,$j),$A1[0]
-	adc	\$0,$A1[1]
-	mul	$a1			# a[4]*a[3]
-	add	%rax,$A1[0]		# a[4]*a[3]+t[5]
-	 mov	$ai,%rax
-	adc	%rdx,$A1[1]
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	lea	16($j),$j		# j++
-	adc	\$0,$A0[1]
-	mul	$a0			# a[5]*a[2]
-	add	%rax,$A0[0]		# a[5]*a[2]+a[4]*a[3]+t[5]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-8($tptr,$j)	# t[5], "preloaded t[1]" below
-
-	cmp	\$0,$j
-	jne	.Lsqr4x_inner
-
-	xor	$A1[0],$A1[0]
-	add	$A0[1],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$a1			# a[5]*a[3]
-	add	%rax,$A1[1]
-	adc	%rdx,$A1[0]
-
-	mov	$A1[1],($tptr)		# t[6], "preloaded t[2]" below
-	mov	$A1[0],8($tptr)		# t[7], "preloaded t[3]" below
-
-	add	\$16,$i
-	jnz	.Lsqr4x_outer
-
-					# comments apply to $num==4 case
-	mov	-32($aptr),$a0		# a[0]
-	lea	64(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
-	mov	-24($aptr),%rax		# a[1]
-	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
-	mov	-16($aptr),$ai		# a[2]
-	mov	%rax,$a1
-
-	xor	$A0[1],$A0[1]
-	mul	$a0			# a[1]*a[0]
-	add	%rax,$A0[0]		# a[1]*a[0]+t[1], preloaded t[1]
-	 mov	$ai,%rax		# a[2]
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-24($tptr)	# t[1]
-
-	xor	$A0[0],$A0[0]
-	add	$A1[1],$A0[1]		# a[2]*a[0]+t[2], preloaded t[2]
-	adc	\$0,$A0[0]
-	mul	$a0			# a[2]*a[0]
-	add	%rax,$A0[1]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[0]
-	mov	$A0[1],-16($tptr)	# t[2]
-
-	 mov	-8($aptr),$ai		# a[3]
-	mul	$a1			# a[2]*a[1]
-	add	%rax,$A1[0]		# a[2]*a[1]+t[3], preloaded t[3]
-	 mov	$ai,%rax
-	adc	\$0,%rdx
-
-	xor	$A0[1],$A0[1]
-	add	$A1[0],$A0[0]
-	 mov	%rdx,$A1[1]
-	adc	\$0,$A0[1]
-	mul	$a0			# a[3]*a[0]
-	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
-	 mov	$ai,%rax
-	adc	%rdx,$A0[1]
-	mov	$A0[0],-8($tptr)	# t[3]
-
-	xor	$A1[0],$A1[0]
-	add	$A0[1],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$a1			# a[3]*a[1]
-	add	%rax,$A1[1]
-	 mov	-16($aptr),%rax		# a[2]
-	adc	%rdx,$A1[0]
-
-	mov	$A1[1],($tptr)		# t[4]
-	mov	$A1[0],8($tptr)		# t[5]
-
-	mul	$ai			# a[2]*a[3]
-___
-{
-my ($shift,$carry)=($a0,$a1);
-my @S=(@A1,$ai,$n0);
-$code.=<<___;
-	 add	\$16,$i
-	 xor	$shift,$shift
-	 sub	$num,$i			# $i=16-$num
-	 xor	$carry,$carry
-
-	add	$A1[0],%rax		# t[5]
-	adc	\$0,%rdx
-	mov	%rax,8($tptr)		# t[5]
-	mov	%rdx,16($tptr)		# t[6]
-	mov	$carry,24($tptr)	# t[7]
-
-	 mov	-16($aptr,$i),%rax	# a[0]
-	lea	64(%rsp,$num,2),$tptr
-	 xor	$A0[0],$A0[0]		# t[0]
-	 mov	-24($tptr,$i,2),$A0[1]	# t[1]
-
-	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[1]		# | t[2*i]>>63
-	 mov	-16($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	-8($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[0]
-	 mov	-8($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[0],-32($tptr,$i,2)
-	adc	%rdx,$S[1]
-
-	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
-	 mov	$S[1],-24($tptr,$i,2)
-	 sbb	$carry,$carry		# mov cf,$carry
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[3]		# | t[2*i]>>63
-	 mov	0($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	8($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[2]
-	 mov	0($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[2],-16($tptr,$i,2)
-	adc	%rdx,$S[3]
-	lea	16($i),$i
-	mov	$S[3],-40($tptr,$i,2)
-	sbb	$carry,$carry		# mov cf,$carry
-	jmp	.Lsqr4x_shift_n_add
-
-.align	16
-.Lsqr4x_shift_n_add:
-	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[1]		# | t[2*i]>>63
-	 mov	-16($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	-8($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[0]
-	 mov	-8($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[0],-32($tptr,$i,2)
-	adc	%rdx,$S[1]
-
-	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
-	 mov	$S[1],-24($tptr,$i,2)
-	 sbb	$carry,$carry		# mov cf,$carry
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[3]		# | t[2*i]>>63
-	 mov	0($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	8($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[2]
-	 mov	0($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[2],-16($tptr,$i,2)
-	adc	%rdx,$S[3]
-
-	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
-	 mov	$S[3],-8($tptr,$i,2)
-	 sbb	$carry,$carry		# mov cf,$carry
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[1]		# | t[2*i]>>63
-	 mov	16($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	24($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[0]
-	 mov	8($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[0],0($tptr,$i,2)
-	adc	%rdx,$S[1]
-
-	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
-	 mov	$S[1],8($tptr,$i,2)
-	 sbb	$carry,$carry		# mov cf,$carry
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[3]		# | t[2*i]>>63
-	 mov	32($tptr,$i,2),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	40($tptr,$i,2),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[2]
-	 mov	16($aptr,$i),%rax	# a[i+1]	# prefetch
-	mov	$S[2],16($tptr,$i,2)
-	adc	%rdx,$S[3]
-	mov	$S[3],24($tptr,$i,2)
-	sbb	$carry,$carry		# mov cf,$carry
-	add	\$32,$i
-	jnz	.Lsqr4x_shift_n_add
-
-	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[1]		# | t[2*i]>>63
-	 mov	-16($tptr),$A0[0]	# t[2*i+2]	# prefetch
-	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	 mov	-8($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
-	adc	%rax,$S[0]
-	 mov	-8($aptr),%rax		# a[i+1]	# prefetch
-	mov	$S[0],-32($tptr)
-	adc	%rdx,$S[1]
-
-	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1|shift
-	 mov	$S[1],-24($tptr)
-	 sbb	$carry,$carry		# mov cf,$carry
-	shr	\$63,$A0[0]
-	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
-	shr	\$63,$A0[1]
-	or	$A0[0],$S[3]		# | t[2*i]>>63
-	mul	%rax			# a[i]*a[i]
-	neg	$carry			# mov $carry,cf
-	adc	%rax,$S[2]
-	adc	%rdx,$S[3]
-	mov	$S[2],-16($tptr)
-	mov	$S[3],-8($tptr)
-___
-}
-##############################################################
-# Montgomery reduction part, "word-by-word" algorithm.
-#
-{
-my ($topbit,$nptr)=("%rbp",$aptr);
-my ($m0,$m1)=($a0,$a1);
-my @Ni=("%rbx","%r9");
-$code.=<<___;
-	mov	40(%rsp),$nptr		# restore $nptr
-	mov	48(%rsp),$n0		# restore *n0
-	xor	$j,$j
-	mov	$num,0(%rsp)		# save $num
-	sub	$num,$j			# $j=-$num
-	 mov	64(%rsp),$A0[0]		# t[0]		# modsched #
-	 mov	$n0,$m0			#		# modsched #
-	lea	64(%rsp,$num,2),%rax	# end of t[] buffer
-	lea	64(%rsp,$num),$tptr	# end of t[] window
-	mov	%rax,8(%rsp)		# save end of t[] buffer
-	lea	($nptr,$num),$nptr	# end of n[] buffer
-	xor	$topbit,$topbit		# $topbit=0
-
-	mov	0($nptr,$j),%rax	# n[0]		# modsched #
-	mov	8($nptr,$j),$Ni[1]	# n[1]		# modsched #
-	 imulq	$A0[0],$m0		# m0=t[0]*n0	# modsched #
-	 mov	%rax,$Ni[0]		#		# modsched #
-	jmp	.Lsqr4x_mont_outer
-
-.align	16
-.Lsqr4x_mont_outer:
-	xor	$A0[1],$A0[1]
-	mul	$m0			# n[0]*m0
-	add	%rax,$A0[0]		# n[0]*m0+t[0]
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A0[1]
-	mov	$n0,$m1
-
-	xor	$A0[0],$A0[0]
-	add	8($tptr,$j),$A0[1]
-	adc	\$0,$A0[0]
-	mul	$m0			# n[1]*m0
-	add	%rax,$A0[1]		# n[1]*m0+t[1]
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A0[0]
-
-	imulq	$A0[1],$m1
-
-	mov	16($nptr,$j),$Ni[0]	# n[2]
-	xor	$A1[1],$A1[1]
-	add	$A0[1],$A1[0]
-	adc	\$0,$A1[1]
-	mul	$m1			# n[0]*m1
-	add	%rax,$A1[0]		# n[0]*m1+"t[1]"
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A1[1]
-	mov	$A1[0],8($tptr,$j)	# "t[1]"
-
-	xor	$A0[1],$A0[1]
-	add	16($tptr,$j),$A0[0]
-	adc	\$0,$A0[1]
-	mul	$m0			# n[2]*m0
-	add	%rax,$A0[0]		# n[2]*m0+t[2]
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A0[1]
-
-	mov	24($nptr,$j),$Ni[1]	# n[3]
-	xor	$A1[0],$A1[0]
-	add	$A0[0],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$m1			# n[1]*m1
-	add	%rax,$A1[1]		# n[1]*m1+"t[2]"
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A1[0]
-	mov	$A1[1],16($tptr,$j)	# "t[2]"
-
-	xor	$A0[0],$A0[0]
-	add	24($tptr,$j),$A0[1]
-	lea	32($j),$j
-	adc	\$0,$A0[0]
-	mul	$m0			# n[3]*m0
-	add	%rax,$A0[1]		# n[3]*m0+t[3]
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A0[0]
-	jmp	.Lsqr4x_mont_inner
-
-.align	16
-.Lsqr4x_mont_inner:
-	mov	($nptr,$j),$Ni[0]	# n[4]
-	xor	$A1[1],$A1[1]
-	add	$A0[1],$A1[0]
-	adc	\$0,$A1[1]
-	mul	$m1			# n[2]*m1
-	add	%rax,$A1[0]		# n[2]*m1+"t[3]"
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A1[1]
-	mov	$A1[0],-8($tptr,$j)	# "t[3]"
-
-	xor	$A0[1],$A0[1]
-	add	($tptr,$j),$A0[0]
-	adc	\$0,$A0[1]
-	mul	$m0			# n[4]*m0
-	add	%rax,$A0[0]		# n[4]*m0+t[4]
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A0[1]
-
-	mov	8($nptr,$j),$Ni[1]	# n[5]
-	xor	$A1[0],$A1[0]
-	add	$A0[0],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$m1			# n[3]*m1
-	add	%rax,$A1[1]		# n[3]*m1+"t[4]"
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A1[0]
-	mov	$A1[1],($tptr,$j)	# "t[4]"
-
-	xor	$A0[0],$A0[0]
-	add	8($tptr,$j),$A0[1]
-	adc	\$0,$A0[0]
-	mul	$m0			# n[5]*m0
-	add	%rax,$A0[1]		# n[5]*m0+t[5]
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A0[0]
-
-
-	mov	16($nptr,$j),$Ni[0]	# n[6]
-	xor	$A1[1],$A1[1]
-	add	$A0[1],$A1[0]
-	adc	\$0,$A1[1]
-	mul	$m1			# n[4]*m1
-	add	%rax,$A1[0]		# n[4]*m1+"t[5]"
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A1[1]
-	mov	$A1[0],8($tptr,$j)	# "t[5]"
-
-	xor	$A0[1],$A0[1]
-	add	16($tptr,$j),$A0[0]
-	adc	\$0,$A0[1]
-	mul	$m0			# n[6]*m0
-	add	%rax,$A0[0]		# n[6]*m0+t[6]
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A0[1]
-
-	mov	24($nptr,$j),$Ni[1]	# n[7]
-	xor	$A1[0],$A1[0]
-	add	$A0[0],$A1[1]
-	adc	\$0,$A1[0]
-	mul	$m1			# n[5]*m1
-	add	%rax,$A1[1]		# n[5]*m1+"t[6]"
-	 mov	$Ni[1],%rax
-	adc	%rdx,$A1[0]
-	mov	$A1[1],16($tptr,$j)	# "t[6]"
-
-	xor	$A0[0],$A0[0]
-	add	24($tptr,$j),$A0[1]
-	lea	32($j),$j
-	adc	\$0,$A0[0]
-	mul	$m0			# n[7]*m0
-	add	%rax,$A0[1]		# n[7]*m0+t[7]
-	 mov	$Ni[0],%rax
-	adc	%rdx,$A0[0]
-	cmp	\$0,$j
-	jne	.Lsqr4x_mont_inner
-
-	 sub	0(%rsp),$j		# $j=-$num	# modsched #
-	 mov	$n0,$m0			#		# modsched #
-
-	xor	$A1[1],$A1[1]
-	add	$A0[1],$A1[0]
-	adc	\$0,$A1[1]
-	mul	$m1			# n[6]*m1
-	add	%rax,$A1[0]		# n[6]*m1+"t[7]"
-	mov	$Ni[1],%rax
-	adc	%rdx,$A1[1]
-	mov	$A1[0],-8($tptr)	# "t[7]"
-
-	xor	$A0[1],$A0[1]
-	add	($tptr),$A0[0]		# +t[8]
-	adc	\$0,$A0[1]
-	 mov	0($nptr,$j),$Ni[0]	# n[0]		# modsched #
-	add	$topbit,$A0[0]
-	adc	\$0,$A0[1]
-
-	 imulq	16($tptr,$j),$m0	# m0=t[0]*n0	# modsched #
-	xor	$A1[0],$A1[0]
-	 mov	8($nptr,$j),$Ni[1]	# n[1]		# modsched #
-	add	$A0[0],$A1[1]
-	 mov	16($tptr,$j),$A0[0]	# t[0]		# modsched #
-	adc	\$0,$A1[0]
-	mul	$m1			# n[7]*m1
-	add	%rax,$A1[1]		# n[7]*m1+"t[8]"
-	 mov	$Ni[0],%rax		#		# modsched #
-	adc	%rdx,$A1[0]
-	mov	$A1[1],($tptr)		# "t[8]"
-
-	xor	$topbit,$topbit
-	add	8($tptr),$A1[0]		# +t[9]
-	adc	$topbit,$topbit
-	add	$A0[1],$A1[0]
-	lea	16($tptr),$tptr		# "t[$num]>>128"
-	adc	\$0,$topbit
-	mov	$A1[0],-8($tptr)	# "t[9]"
-	cmp	8(%rsp),$tptr		# are we done?
-	jb	.Lsqr4x_mont_outer
-
-	mov	0(%rsp),$num		# restore $num
-	mov	$topbit,($tptr)		# save $topbit
-___
-}
-##############################################################
-# Post-condition, 4x unrolled copy from bn_mul_mont
-#
-{
-my ($tptr,$nptr)=("%rbx",$aptr);
-my @ri=("%rax","%rdx","%r10","%r11");
-$code.=<<___;
-	mov	64(%rsp,$num),@ri[0]	# tp[0]
-	lea	64(%rsp,$num),$tptr	# upper half of t[2*$num] holds result
-	mov	40(%rsp),$nptr		# restore $nptr
-	shr	\$5,$num		# num/4
-	mov	8($tptr),@ri[1]		# t[1]
-	xor	$i,$i			# i=0 and clear CF!
-
-	mov	32(%rsp),$rptr		# restore $rptr
-	sub	0($nptr),@ri[0]
-	mov	16($tptr),@ri[2]	# t[2]
-	mov	24($tptr),@ri[3]	# t[3]
-	sbb	8($nptr),@ri[1]
-	lea	-1($num),$j		# j=num/4-1
-	jmp	.Lsqr4x_sub
-.align	16
-.Lsqr4x_sub:
-	mov	@ri[0],0($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[1],8($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	16($nptr,$i,8),@ri[2]
-	mov	32($tptr,$i,8),@ri[0]	# tp[i+1]
-	mov	40($tptr,$i,8),@ri[1]
-	sbb	24($nptr,$i,8),@ri[3]
-	mov	@ri[2],16($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[3],24($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	32($nptr,$i,8),@ri[0]
-	mov	48($tptr,$i,8),@ri[2]
-	mov	56($tptr,$i,8),@ri[3]
-	sbb	40($nptr,$i,8),@ri[1]
-	lea	4($i),$i		# i++
-	dec	$j			# doesn't affect CF!
-	jnz	.Lsqr4x_sub
-
-	mov	@ri[0],0($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	32($tptr,$i,8),@ri[0]	# load overflow bit
-	sbb	16($nptr,$i,8),@ri[2]
-	mov	@ri[1],8($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	24($nptr,$i,8),@ri[3]
-	mov	@ri[2],16($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-
-	sbb	\$0,@ri[0]		# handle upmost overflow bit
-	mov	@ri[3],24($rptr,$i,8)	# rp[i]=tp[i]-np[i]
-	xor	$i,$i			# i=0
-	and	@ri[0],$tptr
-	not	@ri[0]
-	mov	$rptr,$nptr
-	and	@ri[0],$nptr
-	lea	-1($num),$j
-	or	$nptr,$tptr		# tp=borrow?tp:rp
-
-	pxor	%xmm0,%xmm0
-	lea	64(%rsp,$num,8),$nptr
-	movdqu	($tptr),%xmm1
-	lea	($nptr,$num,8),$nptr
-	movdqa	%xmm0,64(%rsp)		# zap lower half of temporary vector
-	movdqa	%xmm0,($nptr)		# zap upper half of temporary vector
-	movdqu	%xmm1,($rptr)
-	jmp	.Lsqr4x_copy
-.align	16
-.Lsqr4x_copy:				# copy or in-place refresh
-	movdqu	16($tptr,$i),%xmm2
-	movdqu	32($tptr,$i),%xmm1
-	movdqa	%xmm0,80(%rsp,$i)	# zap lower half of temporary vector
-	movdqa	%xmm0,96(%rsp,$i)	# zap lower half of temporary vector
-	movdqa	%xmm0,16($nptr,$i)	# zap upper half of temporary vector
-	movdqa	%xmm0,32($nptr,$i)	# zap upper half of temporary vector
-	movdqu	%xmm2,16($rptr,$i)
-	movdqu	%xmm1,32($rptr,$i)
-	lea	32($i),$i
-	dec	$j
-	jnz	.Lsqr4x_copy
-
-	movdqu	16($tptr,$i),%xmm2
-	movdqa	%xmm0,80(%rsp,$i)	# zap lower half of temporary vector
-	movdqa	%xmm0,16($nptr,$i)	# zap upper half of temporary vector
-	movdqu	%xmm2,16($rptr,$i)
-___
-}
-$code.=<<___;
-	mov	56(%rsp),%rsi		# restore %rsp
-	mov	\$1,%rax
-	mov	0(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lsqr4x_epilogue:
-	ret
-.size	bn_sqr4x_mont,.-bn_sqr4x_mont
-___
-}}}
-$code.=<<___;
-.asciz	"Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	16
-___
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/asm/x86_64-mont5.pl b/lib/libssl/src/crypto/bn/asm/x86_64-mont5.pl
deleted file mode 100755
index 81e5c53728d..00000000000
--- a/lib/libssl/src/crypto/bn/asm/x86_64-mont5.pl
+++ /dev/null
@@ -1,1071 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# August 2011.
-#
-# Companion to x86_64-mont.pl that optimizes cache-timing attack
-# countermeasures. The subroutines are produced by replacing bp[i]
-# references in their x86_64-mont.pl counterparts with cache-neutral
-# references to powers table computed in BN_mod_exp_mont_consttime.
-# In addition subroutine that scatters elements of the powers table
-# is implemented, so that scatter-/gathering can be tuned without
-# bn_exp.c modifications.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# int bn_mul_mont_gather5(
-$rp="%rdi";	# BN_ULONG *rp,
-$ap="%rsi";	# const BN_ULONG *ap,
-$bp="%rdx";	# const BN_ULONG *bp,
-$np="%rcx";	# const BN_ULONG *np,
-$n0="%r8";	# const BN_ULONG *n0,
-$num="%r9";	# int num,
-		# int idx);	# 0 to 2^5-1, "index" in $bp holding
-				# pre-computed powers of a', interlaced
-				# in such manner that b[0] is $bp[idx],
-				# b[1] is [2^5+idx], etc.
-$lo0="%r10";
-$hi0="%r11";
-$hi1="%r13";
-$i="%r14";
-$j="%r15";
-$m0="%rbx";
-$m1="%rbp";
-
-$code=<<___;
-.text
-
-.globl	bn_mul_mont_gather5
-.type	bn_mul_mont_gather5,\@function,6
-.align	64
-bn_mul_mont_gather5:
-	test	\$3,${num}d
-	jnz	.Lmul_enter
-	cmp	\$8,${num}d
-	jb	.Lmul_enter
-	jmp	.Lmul4x_enter
-
-.align	16
-.Lmul_enter:
-	mov	${num}d,${num}d
-	mov	`($win64?56:8)`(%rsp),%r10d	# load 7th argument
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-___
-$code.=<<___ if ($win64);
-	lea	-0x28(%rsp),%rsp
-	movaps	%xmm6,(%rsp)
-	movaps	%xmm7,0x10(%rsp)
-.Lmul_alloca:
-___
-$code.=<<___;
-	mov	%rsp,%rax
-	lea	2($num),%r11
-	neg	%r11
-	lea	(%rsp,%r11,8),%rsp	# tp=alloca(8*(num+2))
-	and	\$-1024,%rsp		# minimize TLB usage
-
-	mov	%rax,8(%rsp,$num,8)	# tp[num+1]=%rsp
-.Lmul_body:
-	mov	$bp,%r12		# reassign $bp
-___
-		$bp="%r12";
-		$STRIDE=2**5*8;		# 5 is "window size"
-		$N=$STRIDE/4;		# should match cache line size
-$code.=<<___;
-	mov	%r10,%r11
-	shr	\$`log($N/8)/log(2)`,%r10
-	and	\$`$N/8-1`,%r11
-	not	%r10
-	lea	.Lmagic_masks(%rip),%rax
-	and	\$`2**5/($N/8)-1`,%r10	# 5 is "window size"
-	lea	96($bp,%r11,8),$bp	# pointer within 1st cache line
-	movq	0(%rax,%r10,8),%xmm4	# set of masks denoting which
-	movq	8(%rax,%r10,8),%xmm5	# cache line contains element
-	movq	16(%rax,%r10,8),%xmm6	# denoted by 7th argument
-	movq	24(%rax,%r10,8),%xmm7
-
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	movd	%xmm0,$m0		# m0=bp[0]
-
-	mov	($n0),$n0		# pull n0[0] value
-	mov	($ap),%rax
-
-	xor	$i,$i			# i=0
-	xor	$j,$j			# j=0
-
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[0]
-	mov	%rax,$lo0
-	mov	($np),%rax
-
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-
-	imulq	$lo0,$m1		# "tp[0]"*n0
-	mov	%rdx,$hi0
-
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$lo0		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$hi1
-
-	lea	1($j),$j		# j++
-	jmp	.L1st_enter
-
-.align	16
-.L1st:
-	add	%rax,$hi1
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
-	mov	$lo0,$hi0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-.L1st_enter:
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$hi0
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	lea	1($j),$j		# j++
-	mov	%rdx,$lo0
-
-	mulq	$m1			# np[j]*m1
-	cmp	$num,$j
-	jl	.L1st
-
-	movd	%xmm0,$m0		# bp[1]
-
-	add	%rax,$hi1
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-	mov	$lo0,$hi0
-
-	xor	%rdx,%rdx
-	add	$hi0,$hi1
-	adc	\$0,%rdx
-	mov	$hi1,-8(%rsp,$num,8)
-	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-	jmp	.Louter
-.align	16
-.Louter:
-	xor	$j,$j			# j=0
-	mov	$n0,$m1
-	mov	(%rsp),$lo0
-
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-
-	mulq	$m0			# ap[0]*bp[i]
-	add	%rax,$lo0		# ap[0]*bp[i]+tp[0]
-	mov	($np),%rax
-	adc	\$0,%rdx
-
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-
-	imulq	$lo0,$m1		# tp[0]*n0
-	mov	%rdx,$hi0
-
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$lo0		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	8(%rsp),$lo0		# tp[1]
-	mov	%rdx,$hi1
-
-	lea	1($j),$j		# j++
-	jmp	.Linner_enter
-
-.align	16
-.Linner:
-	add	%rax,$hi1
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	mov	(%rsp,$j,8),$lo0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-.Linner_enter:
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$hi0
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	$hi0,$lo0		# ap[j]*bp[i]+tp[j]
-	mov	%rdx,$hi0
-	adc	\$0,$hi0
-	lea	1($j),$j		# j++
-
-	mulq	$m1			# np[j]*m1
-	cmp	$num,$j
-	jl	.Linner
-
-	movd	%xmm0,$m0		# bp[i+1]
-
-	add	%rax,$hi1
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	mov	(%rsp,$j,8),$lo0
-	adc	\$0,%rdx
-	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$hi1
-
-	xor	%rdx,%rdx
-	add	$hi0,$hi1
-	adc	\$0,%rdx
-	add	$lo0,$hi1		# pull upmost overflow bit
-	adc	\$0,%rdx
-	mov	$hi1,-8(%rsp,$num,8)
-	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-	cmp	$num,$i
-	jl	.Louter
-
-	xor	$i,$i			# i=0 and clear CF!
-	mov	(%rsp),%rax		# tp[0]
-	lea	(%rsp),$ap		# borrow ap for tp
-	mov	$num,$j			# j=num
-	jmp	.Lsub
-.align	16
-.Lsub:	sbb	($np,$i,8),%rax
-	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
-	mov	8($ap,$i,8),%rax	# tp[i+1]
-	lea	1($i),$i		# i++
-	dec	$j			# doesnn't affect CF!
-	jnz	.Lsub
-
-	sbb	\$0,%rax		# handle upmost overflow bit
-	xor	$i,$i
-	and	%rax,$ap
-	not	%rax
-	mov	$rp,$np
-	and	%rax,$np
-	mov	$num,$j			# j=num
-	or	$np,$ap			# ap=borrow?tp:rp
-.align	16
-.Lcopy:					# copy or in-place refresh
-	mov	($ap,$i,8),%rax
-	mov	$i,(%rsp,$i,8)		# zap temporary vector
-	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]
-	lea	1($i),$i
-	sub	\$1,$j
-	jnz	.Lcopy
-
-	mov	8(%rsp,$num,8),%rsi	# restore %rsp
-	mov	\$1,%rax
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsi),%xmm6
-	movaps	0x10(%rsi),%xmm7
-	lea	0x28(%rsi),%rsi
-___
-$code.=<<___;
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lmul_epilogue:
-	ret
-.size	bn_mul_mont_gather5,.-bn_mul_mont_gather5
-___
-{{{
-my @A=("%r10","%r11");
-my @N=("%r13","%rdi");
-$code.=<<___;
-.type	bn_mul4x_mont_gather5,\@function,6
-.align	16
-bn_mul4x_mont_gather5:
-.Lmul4x_enter:
-	mov	${num}d,${num}d
-	mov	`($win64?56:8)`(%rsp),%r10d	# load 7th argument
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-___
-$code.=<<___ if ($win64);
-	lea	-0x28(%rsp),%rsp
-	movaps	%xmm6,(%rsp)
-	movaps	%xmm7,0x10(%rsp)
-.Lmul4x_alloca:
-___
-$code.=<<___;
-	mov	%rsp,%rax
-	lea	4($num),%r11
-	neg	%r11
-	lea	(%rsp,%r11,8),%rsp	# tp=alloca(8*(num+4))
-	and	\$-1024,%rsp		# minimize TLB usage
-
-	mov	%rax,8(%rsp,$num,8)	# tp[num+1]=%rsp
-.Lmul4x_body:
-	mov	$rp,16(%rsp,$num,8)	# tp[num+2]=$rp
-	mov	%rdx,%r12		# reassign $bp
-___
-		$bp="%r12";
-		$STRIDE=2**5*8;		# 5 is "window size"
-		$N=$STRIDE/4;		# should match cache line size
-$code.=<<___;
-	mov	%r10,%r11
-	shr	\$`log($N/8)/log(2)`,%r10
-	and	\$`$N/8-1`,%r11
-	not	%r10
-	lea	.Lmagic_masks(%rip),%rax
-	and	\$`2**5/($N/8)-1`,%r10	# 5 is "window size"
-	lea	96($bp,%r11,8),$bp	# pointer within 1st cache line
-	movq	0(%rax,%r10,8),%xmm4	# set of masks denoting which
-	movq	8(%rax,%r10,8),%xmm5	# cache line contains element
-	movq	16(%rax,%r10,8),%xmm6	# denoted by 7th argument
-	movq	24(%rax,%r10,8),%xmm7
-
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	movd	%xmm0,$m0		# m0=bp[0]
-	mov	($n0),$n0		# pull n0[0] value
-	mov	($ap),%rax
-
-	xor	$i,$i			# i=0
-	xor	$j,$j			# j=0
-
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[0]
-	mov	%rax,$A[0]
-	mov	($np),%rax
-
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-
-	imulq	$A[0],$m1		# "tp[0]"*n0
-	mov	%rdx,$A[1]
-
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$A[0]		# discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$N[1]
-
-	mulq	$m0
-	add	%rax,$A[1]
-	mov	8($np),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1
-	add	%rax,$N[1]
-	mov	16($ap),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	lea	4($j),$j		# j++
-	adc	\$0,%rdx
-	mov	$N[1],(%rsp)
-	mov	%rdx,$N[0]
-	jmp	.L1st4x
-.align	16
-.L1st4x:
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-8(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	8($np,$j,8),%rax
-	adc	\$0,%rdx
-	lea	4($j),$j		# j++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	-16($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-	cmp	$num,$j
-	jl	.L1st4x
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[0]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	movd	%xmm0,$m0		# bp[1]
-
-	xor	$N[1],$N[1]
-	add	$A[0],$N[0]
-	adc	\$0,$N[1]
-	mov	$N[0],-8(%rsp,$j,8)
-	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
-
-	lea	1($i),$i		# i++
-.align	4
-.Louter4x:
-	xor	$j,$j			# j=0
-	movq	`0*$STRIDE/4-96`($bp),%xmm0
-	movq	`1*$STRIDE/4-96`($bp),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($bp),%xmm2
-	pand	%xmm5,%xmm1
-
-	mov	(%rsp),$A[0]
-	mov	$n0,$m1
-	mulq	$m0			# ap[0]*bp[i]
-	add	%rax,$A[0]		# ap[0]*bp[i]+tp[0]
-	mov	($np),%rax
-	adc	\$0,%rdx
-
-	movq	`3*$STRIDE/4-96`($bp),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-
-	imulq	$A[0],$m1		# tp[0]*n0
-	mov	%rdx,$A[1]
-
-	por	%xmm2,%xmm0
-	lea	$STRIDE($bp),$bp
-	por	%xmm3,%xmm0
-
-	mulq	$m1			# np[0]*m1
-	add	%rax,$A[0]		# "$N[0]", discarded
-	mov	8($ap),%rax
-	adc	\$0,%rdx
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	8($np),%rax
-	adc	\$0,%rdx
-	add	8(%rsp),$A[1]		# +tp[1]
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	16($ap),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[i]+tp[j]
-	lea	4($j),$j		# j+=2
-	adc	\$0,%rdx
-	mov	%rdx,$N[0]
-	jmp	.Linner4x
-.align	16
-.Linner4x:
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	lea	4($j),$j		# j++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	-16($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[0],-40(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-	cmp	$num,$j
-	jl	.Linner4x
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[0]
-	mov	-16($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
-	adc	\$0,%rdx
-	mov	%rdx,$A[1]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[0]
-	mov	-8($ap,$j,8),%rax
-	adc	\$0,%rdx
-	add	$A[0],$N[0]
-	adc	\$0,%rdx
-	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[1]
-
-	mulq	$m0			# ap[j]*bp[i]
-	add	%rax,$A[1]
-	mov	-8($np,$j,8),%rax
-	adc	\$0,%rdx
-	add	-8(%rsp,$j,8),$A[1]
-	adc	\$0,%rdx
-	lea	1($i),$i		# i++
-	mov	%rdx,$A[0]
-
-	mulq	$m1			# np[j]*m1
-	add	%rax,$N[1]
-	mov	($ap),%rax		# ap[0]
-	adc	\$0,%rdx
-	add	$A[1],$N[1]
-	adc	\$0,%rdx
-	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
-	mov	%rdx,$N[0]
-
-	movd	%xmm0,$m0		# bp[i+1]
-	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
-
-	xor	$N[1],$N[1]
-	add	$A[0],$N[0]
-	adc	\$0,$N[1]
-	add	(%rsp,$num,8),$N[0]	# pull upmost overflow bit
-	adc	\$0,$N[1]
-	mov	$N[0],-8(%rsp,$j,8)
-	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
-
-	cmp	$num,$i
-	jl	.Louter4x
-___
-{
-my @ri=("%rax","%rdx",$m0,$m1);
-$code.=<<___;
-	mov	16(%rsp,$num,8),$rp	# restore $rp
-	mov	0(%rsp),@ri[0]		# tp[0]
-	pxor	%xmm0,%xmm0
-	mov	8(%rsp),@ri[1]		# tp[1]
-	shr	\$2,$num		# num/=4
-	lea	(%rsp),$ap		# borrow ap for tp
-	xor	$i,$i			# i=0 and clear CF!
-
-	sub	0($np),@ri[0]
-	mov	16($ap),@ri[2]		# tp[2]
-	mov	24($ap),@ri[3]		# tp[3]
-	sbb	8($np),@ri[1]
-	lea	-1($num),$j		# j=num/4-1
-	jmp	.Lsub4x
-.align	16
-.Lsub4x:
-	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	16($np,$i,8),@ri[2]
-	mov	32($ap,$i,8),@ri[0]	# tp[i+1]
-	mov	40($ap,$i,8),@ri[1]
-	sbb	24($np,$i,8),@ri[3]
-	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	32($np,$i,8),@ri[0]
-	mov	48($ap,$i,8),@ri[2]
-	mov	56($ap,$i,8),@ri[3]
-	sbb	40($np,$i,8),@ri[1]
-	lea	4($i),$i		# i++
-	dec	$j			# doesnn't affect CF!
-	jnz	.Lsub4x
-
-	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	mov	32($ap,$i,8),@ri[0]	# load overflow bit
-	sbb	16($np,$i,8),@ri[2]
-	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	sbb	24($np,$i,8),@ri[3]
-	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
-
-	sbb	\$0,@ri[0]		# handle upmost overflow bit
-	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
-	xor	$i,$i			# i=0
-	and	@ri[0],$ap
-	not	@ri[0]
-	mov	$rp,$np
-	and	@ri[0],$np
-	lea	-1($num),$j
-	or	$np,$ap			# ap=borrow?tp:rp
-
-	movdqu	($ap),%xmm1
-	movdqa	%xmm0,(%rsp)
-	movdqu	%xmm1,($rp)
-	jmp	.Lcopy4x
-.align	16
-.Lcopy4x:					# copy or in-place refresh
-	movdqu	16($ap,$i),%xmm2
-	movdqu	32($ap,$i),%xmm1
-	movdqa	%xmm0,16(%rsp,$i)
-	movdqu	%xmm2,16($rp,$i)
-	movdqa	%xmm0,32(%rsp,$i)
-	movdqu	%xmm1,32($rp,$i)
-	lea	32($i),$i
-	dec	$j
-	jnz	.Lcopy4x
-
-	shl	\$2,$num
-	movdqu	16($ap,$i),%xmm2
-	movdqa	%xmm0,16(%rsp,$i)
-	movdqu	%xmm2,16($rp,$i)
-___
-}
-$code.=<<___;
-	mov	8(%rsp,$num,8),%rsi	# restore %rsp
-	mov	\$1,%rax
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsi),%xmm6
-	movaps	0x10(%rsi),%xmm7
-	lea	0x28(%rsi),%rsi
-___
-$code.=<<___;
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lmul4x_epilogue:
-	ret
-.size	bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5
-___
-}}}
-
-{
-my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%rdx","%r8", "%r9") : # Win64 order
-				("%rdi","%rsi","%rdx","%rcx"); # Unix order
-my $out=$inp;
-my $STRIDE=2**5*8;
-my $N=$STRIDE/4;
-
-$code.=<<___;
-.globl	bn_scatter5
-.type	bn_scatter5,\@abi-omnipotent
-.align	16
-bn_scatter5:
-	cmp	\$0, $num
-	jz	.Lscatter_epilogue
-	lea	($tbl,$idx,8),$tbl
-.Lscatter:
-	mov	($inp),%rax
-	lea	8($inp),$inp
-	mov	%rax,($tbl)
-	lea	32*8($tbl),$tbl
-	sub	\$1,$num
-	jnz	.Lscatter
-.Lscatter_epilogue:
-	ret
-.size	bn_scatter5,.-bn_scatter5
-
-.globl	bn_gather5
-.type	bn_gather5,\@abi-omnipotent
-.align	16
-bn_gather5:
-___
-$code.=<<___ if ($win64);
-.LSEH_begin_bn_gather5:
-	# I can't trust assembler to use specific encoding:-(
-	.byte	0x48,0x83,0xec,0x28		#sub	\$0x28,%rsp
-	.byte	0x0f,0x29,0x34,0x24		#movaps	%xmm6,(%rsp)
-	.byte	0x0f,0x29,0x7c,0x24,0x10	#movdqa	%xmm7,0x10(%rsp)
-___
-$code.=<<___;
-	mov	$idx,%r11
-	shr	\$`log($N/8)/log(2)`,$idx
-	and	\$`$N/8-1`,%r11
-	not	$idx
-	lea	.Lmagic_masks(%rip),%rax
-	and	\$`2**5/($N/8)-1`,$idx	# 5 is "window size"
-	lea	96($tbl,%r11,8),$tbl	# pointer within 1st cache line
-	movq	0(%rax,$idx,8),%xmm4	# set of masks denoting which
-	movq	8(%rax,$idx,8),%xmm5	# cache line contains element
-	movq	16(%rax,$idx,8),%xmm6	# denoted by 7th argument
-	movq	24(%rax,$idx,8),%xmm7
-	jmp	.Lgather
-.align	16
-.Lgather:
-	movq	`0*$STRIDE/4-96`($tbl),%xmm0
-	movq	`1*$STRIDE/4-96`($tbl),%xmm1
-	pand	%xmm4,%xmm0
-	movq	`2*$STRIDE/4-96`($tbl),%xmm2
-	pand	%xmm5,%xmm1
-	movq	`3*$STRIDE/4-96`($tbl),%xmm3
-	pand	%xmm6,%xmm2
-	por	%xmm1,%xmm0
-	pand	%xmm7,%xmm3
-	por	%xmm2,%xmm0
-	lea	$STRIDE($tbl),$tbl
-	por	%xmm3,%xmm0
-
-	movq	%xmm0,($out)		# m0=bp[0]
-	lea	8($out),$out
-	sub	\$1,$num
-	jnz	.Lgather
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsp),%xmm6
-	movaps	0x10(%rsp),%xmm7
-	lea	0x28(%rsp),%rsp
-___
-$code.=<<___;
-	ret
-.LSEH_end_bn_gather5:
-.size	bn_gather5,.-bn_gather5
-___
-}
-$code.=<<___;
-.align	64
-.Lmagic_masks:
-	.long	0,0, 0,0, 0,0, -1,-1
-	.long	0,0, 0,0, 0,0,  0,0
-.asciz	"Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	mul_handler,\@abi-omnipotent
-.align	16
-mul_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# end of prologue label
-	cmp	%r10,%rbx		# context->Rip<end of prologue label
-	jb	.Lcommon_seh_tail
-
-	lea	`40+48`(%rax),%rax
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# end of alloca label
-	cmp	%r10,%rbx		# context->Rip<end of alloca label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	8(%r11),%r10d		# HandlerData[2]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lcommon_seh_tail
-
-	mov	192($context),%r10	# pull $num
-	mov	8(%rax,%r10,8),%rax	# pull saved stack pointer
-
-	movaps	(%rax),%xmm0
-	movaps	16(%rax),%xmm1
-	lea	`40+48`(%rax),%rax
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-	movups	%xmm0,512($context)	# restore context->Xmm6
-	movups	%xmm1,528($context)	# restore context->Xmm7
-
-.Lcommon_seh_tail:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	mul_handler,.-mul_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_bn_mul_mont_gather5
-	.rva	.LSEH_end_bn_mul_mont_gather5
-	.rva	.LSEH_info_bn_mul_mont_gather5
-
-	.rva	.LSEH_begin_bn_mul4x_mont_gather5
-	.rva	.LSEH_end_bn_mul4x_mont_gather5
-	.rva	.LSEH_info_bn_mul4x_mont_gather5
-
-	.rva	.LSEH_begin_bn_gather5
-	.rva	.LSEH_end_bn_gather5
-	.rva	.LSEH_info_bn_gather5
-
-.section	.xdata
-.align	8
-.LSEH_info_bn_mul_mont_gather5:
-	.byte	9,0,0,0
-	.rva	mul_handler
-	.rva	.Lmul_alloca,.Lmul_body,.Lmul_epilogue		# HandlerData[]
-.align	8
-.LSEH_info_bn_mul4x_mont_gather5:
-	.byte	9,0,0,0
-	.rva	mul_handler
-	.rva	.Lmul4x_alloca,.Lmul4x_body,.Lmul4x_epilogue	# HandlerData[]
-.align	8
-.LSEH_info_bn_gather5:
-        .byte   0x01,0x0d,0x05,0x00
-        .byte   0x0d,0x78,0x01,0x00	#movaps	0x10(rsp),xmm7
-        .byte   0x08,0x68,0x00,0x00	#movaps	(rsp),xmm6
-        .byte   0x04,0x42,0x00,0x00	#sub	rsp,0x28
-.align	8
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/bn/bn.h b/lib/libssl/src/crypto/bn/bn.h
deleted file mode 100644
index 4ae6a8195da..00000000000
--- a/lib/libssl/src/crypto/bn/bn.h
+++ /dev/null
@@ -1,820 +0,0 @@
-/* $OpenBSD: bn.h,v 1.31 2016/03/04 16:23:30 deraadt Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the Eric Young open source
- * license provided above.
- *
- * The binary polynomial arithmetic software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_BN_H
-#define HEADER_BN_H
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/ossl_typ.h>
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These preprocessor symbols control various aspects of the bignum headers and
- * library code. They're not defined by any "normal" configuration, as they are
- * intended for development and testing purposes. NB: defining all three can be
- * useful for debugging application code as well as openssl itself.
- *
- * BN_DEBUG - turn on various debugging alterations to the bignum code
- * BN_DEBUG_RAND - uses random poisoning of unused words to trip up
- * mismanagement of bignum internals. You must also define BN_DEBUG.
- */
-/* #define BN_DEBUG */
-/* #define BN_DEBUG_RAND */
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-#define BN_MUL_COMBA
-#define BN_SQR_COMBA
-#define BN_RECURSION
-#endif
-
-/* This next option uses the C libraries (2 word)/(1 word) function.
- * If it is not defined, I use my C version (which is slower).
- * The reason for this flag is that when the particular C compiler
- * library routine is used, and the library is linked with a different
- * compiler, the library is missing.  This mostly happens when the
- * library is built with gcc and then linked using normal cc.  This would
- * be a common occurrence because gcc normally produces code that is
- * 2 times faster than system compilers for the big number stuff.
- * For machines with only one compiler (or shared libraries), this should
- * be on.  Again this in only really a problem on machines
- * using "long long's", are 32bit, and are not using my assembler code. */
-/* #define BN_DIV2W */
-
-#ifdef _LP64
-#undef	BN_LLONG
-#define BN_ULONG	unsigned long
-#define BN_LONG		long
-#define BN_BITS		128
-#define BN_BYTES	8
-#define BN_BITS2	64
-#define BN_BITS4	32
-#define BN_MASK2	(0xffffffffffffffffL)
-#define BN_MASK2l	(0xffffffffL)
-#define BN_MASK2h	(0xffffffff00000000L)
-#define BN_MASK2h1	(0xffffffff80000000L)
-#define BN_TBIT		(0x8000000000000000L)
-#define BN_DEC_CONV	(10000000000000000000UL)
-#define BN_DEC_FMT1	"%lu"
-#define BN_DEC_FMT2	"%019lu"
-#define BN_DEC_NUM	19
-#define BN_HEX_FMT1	"%lX"
-#define BN_HEX_FMT2	"%016lX"
-#else
-#define BN_ULLONG	unsigned long long
-#define	BN_LLONG
-#define BN_ULONG	unsigned int
-#define BN_LONG		int
-#define BN_BITS		64
-#define BN_BYTES	4
-#define BN_BITS2	32
-#define BN_BITS4	16
-#define BN_MASK		(0xffffffffffffffffLL)
-#define BN_MASK2	(0xffffffffL)
-#define BN_MASK2l	(0xffff)
-#define BN_MASK2h1	(0xffff8000L)
-#define BN_MASK2h	(0xffff0000L)
-#define BN_TBIT		(0x80000000L)
-#define BN_DEC_CONV	(1000000000L)
-#define BN_DEC_FMT1	"%u"
-#define BN_DEC_FMT2	"%09u"
-#define BN_DEC_NUM	9
-#define BN_HEX_FMT1	"%X"
-#define BN_HEX_FMT2	"%08X"
-#endif
-
-#define BN_FLG_MALLOCED		0x01
-#define BN_FLG_STATIC_DATA	0x02
-#define BN_FLG_CONSTTIME	0x04 /* avoid leaking exponent information through timing,
-                                      * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
-                                      * BN_div() will call BN_div_no_branch,
-                                      * BN_mod_inverse() will call BN_mod_inverse_no_branch.
-                                      */
-
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
-                                      /* avoid leaking exponent information through timings
-                                      * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#define BN_FLG_FREE		0x8000	/* used for debuging */
-#endif
-#define BN_set_flags(b,n)	((b)->flags|=(n))
-#define BN_get_flags(b,n)	((b)->flags&(n))
-
-/* get a clone of a BIGNUM with changed flags, for *temporary* use only
- * (the two BIGNUMs cannot not be used in parallel!) */
-#define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
-                                  (dest)->top=(b)->top, \
-                                  (dest)->dmax=(b)->dmax, \
-                                  (dest)->neg=(b)->neg, \
-                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
-                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
-                                                 |  BN_FLG_STATIC_DATA \
-                                                 |  (n)))
-
-struct bignum_st {
-	BN_ULONG *d;	/* Pointer to an array of 'BN_BITS2' bit chunks. */
-	int top;	/* Index of last used d +1. */
-	/* The next are internal book keeping for bn_expand. */
-	int dmax;	/* Size of the d array. */
-	int neg;	/* one if the number is negative */
-	int flags;
-};
-
-/* Used for montgomery multiplication */
-struct bn_mont_ctx_st {
-	int ri;        /* number of bits in R */
-	BIGNUM RR;     /* used to convert to montgomery form */
-	BIGNUM N;      /* The modulus */
-	BIGNUM Ni;     /* R*(1/R mod N) - N*Ni = 1
-	                * (Ni is only stored for bignum algorithm) */
-	BN_ULONG n0[2];/* least significant word(s) of Ni;
-	                  (type changed with 0.9.9, was "BN_ULONG n0;" before) */
-	int flags;
-};
-
-/* Used for reciprocal division/mod functions
- * It cannot be shared between threads
- */
-struct bn_recp_ctx_st {
-	BIGNUM N;	/* the divisor */
-	BIGNUM Nr;	/* the reciprocal */
-	int num_bits;
-	int shift;
-	int flags;
-};
-
-/* Used for slow "generation" functions. */
-struct bn_gencb_st {
-	unsigned int ver;	/* To handle binary (in)compatibility */
-	void *arg;		/* callback-specific data */
-	union {
-		/* if(ver==1) - handles old style callbacks */
-		void (*cb_1)(int, int, void *);
-		/* if(ver==2) - new callback style */
-		int (*cb_2)(int, int, BN_GENCB *);
-	} cb;
-};
-/* Wrapper function to make using BN_GENCB easier,  */
-int BN_GENCB_call(BN_GENCB *cb, int a, int b);
-/* Macro to populate a BN_GENCB structure with an "old"-style callback */
-#define BN_GENCB_set_old(gencb, callback, cb_arg) { \
-		BN_GENCB *tmp_gencb = (gencb); \
-		tmp_gencb->ver = 1; \
-		tmp_gencb->arg = (cb_arg); \
-		tmp_gencb->cb.cb_1 = (callback); }
-/* Macro to populate a BN_GENCB structure with a "new"-style callback */
-#define BN_GENCB_set(gencb, callback, cb_arg) { \
-		BN_GENCB *tmp_gencb = (gencb); \
-		tmp_gencb->ver = 2; \
-		tmp_gencb->arg = (cb_arg); \
-		tmp_gencb->cb.cb_2 = (callback); }
-
-#define BN_prime_checks 0 /* default: select number of iterations
-			     based on the size of the number */
-
-/* number of Miller-Rabin iterations for an error rate  of less than 2^-80
- * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook
- * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
- * original paper: Damgaard, Landrock, Pomerance: Average case error estimates
- * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */
-#define BN_prime_checks_for_size(b) ((b) >= 1300 ?  2 : \
-                                (b) >=  850 ?  3 : \
-                                (b) >=  650 ?  4 : \
-                                (b) >=  550 ?  5 : \
-                                (b) >=  450 ?  6 : \
-                                (b) >=  400 ?  7 : \
-                                (b) >=  350 ?  8 : \
-                                (b) >=  300 ?  9 : \
-                                (b) >=  250 ? 12 : \
-                                (b) >=  200 ? 15 : \
-                                (b) >=  150 ? 18 : \
-                                /* b >= 100 */ 27)
-
-#define BN_num_bytes(a)	((BN_num_bits(a)+7)/8)
-
-/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
-#define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
-				(((w) == 0) && ((a)->top == 0)))
-#define BN_is_zero(a)       ((a)->top == 0)
-#define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
-#define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
-#define BN_is_odd(a)	    (((a)->top > 0) && ((a)->d[0] & 1))
-
-#define BN_one(a)	(BN_set_word((a),1))
-#define BN_zero_ex(a) \
-	do { \
-		BIGNUM *_tmp_bn = (a); \
-		_tmp_bn->top = 0; \
-		_tmp_bn->neg = 0; \
-	} while(0)
-
-#ifdef OPENSSL_NO_DEPRECATED
-#define BN_zero(a)	BN_zero_ex(a)
-#else
-#define BN_zero(a)	(BN_set_word((a),0))
-#endif
-
-const BIGNUM *BN_value_one(void);
-char *	BN_options(void);
-BN_CTX *BN_CTX_new(void);
-#ifndef OPENSSL_NO_DEPRECATED
-void	BN_CTX_init(BN_CTX *c);
-#endif
-void	BN_CTX_free(BN_CTX *c);
-void	BN_CTX_start(BN_CTX *ctx);
-BIGNUM *BN_CTX_get(BN_CTX *ctx);
-void	BN_CTX_end(BN_CTX *ctx);
-int     BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int     BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int	BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int	BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
-int	BN_num_bits(const BIGNUM *a);
-int	BN_num_bits_word(BN_ULONG);
-BIGNUM *BN_new(void);
-void	BN_init(BIGNUM *);
-void	BN_clear_free(BIGNUM *a);
-BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
-void	BN_swap(BIGNUM *a, BIGNUM *b);
-BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
-int	BN_bn2bin(const BIGNUM *a, unsigned char *to);
-BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
-int	BN_bn2mpi(const BIGNUM *a, unsigned char *to);
-int	BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
-int	BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int	BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
-/** BN_set_negative sets sign of a BIGNUM
- * \param  b  pointer to the BIGNUM object
- * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
- */
-void	BN_set_negative(BIGNUM *b, int n);
-/** BN_is_negative returns 1 if the BIGNUM is negative
- * \param  a  pointer to the BIGNUM object
- * \return 1 if a < 0 and 0 otherwise
- */
-#define BN_is_negative(a) ((a)->neg != 0)
-
-int	BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
-    BN_CTX *ctx);
-#define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
-int	BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
-int	BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m);
-int	BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-    const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
-int	BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
-
-BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
-int	BN_mul_word(BIGNUM *a, BN_ULONG w);
-int	BN_add_word(BIGNUM *a, BN_ULONG w);
-int	BN_sub_word(BIGNUM *a, BN_ULONG w);
-int	BN_set_word(BIGNUM *a, BN_ULONG w);
-BN_ULONG BN_get_word(const BIGNUM *a);
-
-int	BN_cmp(const BIGNUM *a, const BIGNUM *b);
-void	BN_free(BIGNUM *a);
-int	BN_is_bit_set(const BIGNUM *a, int n);
-int	BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_lshift1(BIGNUM *r, const BIGNUM *a);
-int	BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-int	BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx);
-int	BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont);
-int	BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int	BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
-    const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
-    BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-int	BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx);
-
-int	BN_mask_bits(BIGNUM *a, int n);
-int	BN_print_fp(FILE *fp, const BIGNUM *a);
-int	BN_print(BIO *fp, const BIGNUM *a);
-int	BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
-int	BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
-int	BN_rshift1(BIGNUM *r, const BIGNUM *a);
-void	BN_clear(BIGNUM *a);
-BIGNUM *BN_dup(const BIGNUM *a);
-int	BN_ucmp(const BIGNUM *a, const BIGNUM *b);
-int	BN_set_bit(BIGNUM *a, int n);
-int	BN_clear_bit(BIGNUM *a, int n);
-char *	BN_bn2hex(const BIGNUM *a);
-char *	BN_bn2dec(const BIGNUM *a);
-int 	BN_hex2bn(BIGNUM **a, const char *str);
-int 	BN_dec2bn(BIGNUM **a, const char *str);
-int	BN_asc2bn(BIGNUM **a, const char *str);
-int	BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-int	BN_kronecker(const BIGNUM *a,const BIGNUM *b,BN_CTX *ctx); /* returns -2 for error */
-BIGNUM *BN_mod_inverse(BIGNUM *ret,
-    const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-BIGNUM *BN_mod_sqrt(BIGNUM *ret,
-    const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
-
-void	BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
-
-/* Deprecated versions */
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
-    const BIGNUM *add, const BIGNUM *rem,
-    void (*callback)(int, int, void *), void *cb_arg);
-int	BN_is_prime(const BIGNUM *p, int nchecks,
-    void (*callback)(int, int, void *),
-    BN_CTX *ctx, void *cb_arg);
-int	BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
-    void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
-    int do_trial_division);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* Newer versions */
-int	BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
-    const BIGNUM *rem, BN_GENCB *cb);
-int	BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
-int	BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
-    int do_trial_division, BN_GENCB *cb);
-
-int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
-
-int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-    const BIGNUM *Xp, const BIGNUM *Xp1, const BIGNUM *Xp2,
-    const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
-int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
-    BIGNUM *Xp1, BIGNUM *Xp2,
-    const BIGNUM *Xp,
-    const BIGNUM *e, BN_CTX *ctx,
-    BN_GENCB *cb);
-
-BN_MONT_CTX *BN_MONT_CTX_new(void );
-void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
-int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-    BN_MONT_CTX *mont, BN_CTX *ctx);
-#define BN_to_montgomery(r,a,mont,ctx)	BN_mod_mul_montgomery(\
-	(r),(a),&((mont)->RR),(mont),(ctx))
-int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
-    BN_MONT_CTX *mont, BN_CTX *ctx);
-void BN_MONT_CTX_free(BN_MONT_CTX *mont);
-int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
-BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
-BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
-    const BIGNUM *mod, BN_CTX *ctx);
-
-/* BN_BLINDING flags */
-#define	BN_BLINDING_NO_UPDATE	0x00000001
-#define	BN_BLINDING_NO_RECREATE	0x00000002
-
-BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
-void BN_BLINDING_free(BN_BLINDING *b);
-int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
-void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
-#endif
-CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
-BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-    const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
-    int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
-    BN_MONT_CTX *m_ctx);
-
-#ifndef OPENSSL_NO_DEPRECATED
-void BN_set_params(int mul, int high, int low, int mont);
-int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */
-#endif
-
-void	BN_RECP_CTX_init(BN_RECP_CTX *recp);
-BN_RECP_CTX *BN_RECP_CTX_new(void);
-void	BN_RECP_CTX_free(BN_RECP_CTX *recp);
-int	BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
-int	BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-    BN_RECP_CTX *recp, BN_CTX *ctx);
-int	BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx);
-int	BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
-    BN_RECP_CTX *recp, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_EC2M
-
-/* Functions for arithmetic over binary polynomials represented by BIGNUMs.
- *
- * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
- * ignored.
- *
- * Note that input arguments are not const so that their bit arrays can
- * be expanded to the appropriate size if needed.
- */
-
-int	BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/
-#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-int	BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/
-int
-BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */
-int
-BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r = (a * a) mod p */
-int
-BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p,
-	BN_CTX *ctx); /* r = (1 / b) mod p */
-int
-BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */
-int
-BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */
-int
-BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r = sqrt(a) mod p */
-int	BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	BN_CTX *ctx); /* r^2 + r = a mod p */
-#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
-/* Some functions allow for representation of the irreducible polynomials
- * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
- *     t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-int	BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
-/* r = a mod p */
-int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a * b) mod p */
-int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
-	BN_CTX *ctx); /* r = (a * a) mod p */
-int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
-	BN_CTX *ctx); /* r = (1 / b) mod p */
-int	BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a / b) mod p */
-int	BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-	const int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
-int	BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
-	const int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
-int	BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
-	const int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
-int	BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
-int	BN_GF2m_arr2poly(const int p[], BIGNUM *a);
-
-#endif
-
-/* faster mod functions for the 'NIST primes'
- * 0 <= a < p^2 */
-int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
-
-const BIGNUM *BN_get0_nist_prime_192(void);
-const BIGNUM *BN_get0_nist_prime_224(void);
-const BIGNUM *BN_get0_nist_prime_256(void);
-const BIGNUM *BN_get0_nist_prime_384(void);
-const BIGNUM *BN_get0_nist_prime_521(void);
-
-/* library internal functions */
-
-#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
-BIGNUM *bn_expand2(BIGNUM *a, int words);
-BIGNUM *bn_expand(BIGNUM *a, int bits);
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
-#endif
-
-/* Bignum consistency macros
- * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
- * bignum data after direct manipulations on the data. There is also an
- * "internal" macro, bn_check_top(), for verifying that there are no leading
- * zeroes. Unfortunately, some auditing is required due to the fact that
- * bn_fix_top() has become an overabused duct-tape because bignum data is
- * occasionally passed around in an inconsistent state. So the following
- * changes have been made to sort this out;
- * - bn_fix_top()s implementation has been moved to bn_correct_top()
- * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
- *   bn_check_top() is as before.
- * - if BN_DEBUG *is* defined;
- *   - bn_check_top() tries to pollute unused words even if the bignum 'top' is
- *     consistent. (ed: only if BN_DEBUG_RAND is defined)
- *   - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
- * The idea is to have debug builds flag up inconsistent bignums when they
- * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
- * the use of bn_fix_top() was appropriate (ie. it follows directly after code
- * that manipulates the bignum) it is converted to bn_correct_top(), and if it
- * was not appropriate, we convert it permanently to bn_check_top() and track
- * down the cause of the bug. Eventually, no internal code should be using the
- * bn_fix_top() macro. External applications and libraries should try this with
- * their own code too, both in terms of building against the openssl headers
- * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
- * defined. This not only improves external code, it provides more test
- * coverage for openssl's own code.
- */
-
-#ifdef BN_DEBUG
-
-/* We only need assert() when debugging */
-#include <assert.h>
-
-#ifdef BN_DEBUG_RAND
-#define bn_pollute(a) \
-	do { \
-		const BIGNUM *_bnum1 = (a); \
-		if(_bnum1->top < _bnum1->dmax) { \
-			unsigned char _tmp_char; \
-			/* We cast away const without the compiler knowing, any \
-			 * *genuinely* constant variables that aren't mutable \
-			 * wouldn't be constructed with top!=dmax. */ \
-			BN_ULONG *_not_const; \
-			memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
-			arc4random_buf(&_tmp_char, 1); \
-			memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
-				(_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
-		} \
-	} while(0)
-#else
-#define bn_pollute(a)
-#endif
-
-#define bn_check_top(a) \
-	do { \
-		const BIGNUM *_bnum2 = (a); \
-		if (_bnum2 != NULL) { \
-			assert((_bnum2->top == 0) || \
-				(_bnum2->d[_bnum2->top - 1] != 0)); \
-			bn_pollute(_bnum2); \
-		} \
-	} while(0)
-
-#define bn_fix_top(a)		bn_check_top(a)
-
-#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
-#define bn_wcheck_size(bn, words) \
-	do { \
-		const BIGNUM *_bnum2 = (bn); \
-		assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \
-	} while(0)
-
-#else /* !BN_DEBUG */
-
-#define bn_pollute(a)
-#define bn_check_top(a)
-#define bn_fix_top(a)		bn_correct_top(a)
-#define bn_check_size(bn, bits)
-#define bn_wcheck_size(bn, words)
-
-#endif
-
-#define bn_correct_top(a) \
-        { \
-        BN_ULONG *ftl; \
-	int tmp_top = (a)->top; \
-	if (tmp_top > 0) \
-		{ \
-		for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
-			if (*(ftl--)) break; \
-		(a)->top = tmp_top; \
-		} \
-	bn_pollute(a); \
-	}
-
-			BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
-void     bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
-BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
-BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
-BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, int num);
-
-/* Primes from RFC 2409 */
-BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
-BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
-
-/* Primes from RFC 3526 */
-BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
-BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
-
-int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BN_strings(void);
-
-/* Error codes for the BN functions. */
-
-/* Function codes. */
-#define BN_F_BNRAND					 127
-#define BN_F_BN_BLINDING_CONVERT_EX			 100
-#define BN_F_BN_BLINDING_CREATE_PARAM			 128
-#define BN_F_BN_BLINDING_INVERT_EX			 101
-#define BN_F_BN_BLINDING_NEW				 102
-#define BN_F_BN_BLINDING_UPDATE				 103
-#define BN_F_BN_BN2DEC					 104
-#define BN_F_BN_BN2HEX					 105
-#define BN_F_BN_CTX_GET					 116
-#define BN_F_BN_CTX_NEW					 106
-#define BN_F_BN_CTX_START				 129
-#define BN_F_BN_DIV					 107
-#define BN_F_BN_DIV_NO_BRANCH				 138
-#define BN_F_BN_DIV_RECP				 130
-#define BN_F_BN_EXP					 123
-#define BN_F_BN_EXPAND2					 108
-#define BN_F_BN_GENERATE_PRIME_EX			 140
-#define BN_F_BN_EXPAND_INTERNAL				 120
-#define BN_F_BN_GF2M_MOD				 131
-#define BN_F_BN_GF2M_MOD_EXP				 132
-#define BN_F_BN_GF2M_MOD_MUL				 133
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD			 134
-#define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR			 135
-#define BN_F_BN_GF2M_MOD_SQR				 136
-#define BN_F_BN_GF2M_MOD_SQRT				 137
-#define BN_F_BN_MOD_EXP2_MONT				 118
-#define BN_F_BN_MOD_EXP_MONT				 109
-#define BN_F_BN_MOD_EXP_MONT_CONSTTIME			 124
-#define BN_F_BN_MOD_EXP_MONT_WORD			 117
-#define BN_F_BN_MOD_EXP_RECP				 125
-#define BN_F_BN_MOD_EXP_SIMPLE				 126
-#define BN_F_BN_MOD_INVERSE				 110
-#define BN_F_BN_MOD_INVERSE_NO_BRANCH			 139
-#define BN_F_BN_MOD_LSHIFT_QUICK			 119
-#define BN_F_BN_MOD_MUL_RECIPROCAL			 111
-#define BN_F_BN_MOD_SQRT				 121
-#define BN_F_BN_MPI2BN					 112
-#define BN_F_BN_NEW					 113
-#define BN_F_BN_RAND					 114
-#define BN_F_BN_RAND_RANGE				 122
-#define BN_F_BN_USUB					 115
-
-/* Reason codes. */
-#define BN_R_ARG2_LT_ARG3				 100
-#define BN_R_BAD_RECIPROCAL				 101
-#define BN_R_BIGNUM_TOO_LONG				 114
-#define BN_R_BITS_TOO_SMALL				 117
-#define BN_R_CALLED_WITH_EVEN_MODULUS			 102
-#define BN_R_DIV_BY_ZERO				 103
-#define BN_R_ENCODING_ERROR				 104
-#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA		 105
-#define BN_R_INPUT_NOT_REDUCED				 110
-#define BN_R_INVALID_LENGTH				 106
-#define BN_R_INVALID_RANGE				 115
-#define BN_R_NOT_A_SQUARE				 111
-#define BN_R_NOT_INITIALIZED				 107
-#define BN_R_NO_INVERSE					 108
-#define BN_R_NO_SOLUTION				 116
-#define BN_R_P_IS_NOT_PRIME				 112
-#define BN_R_TOO_MANY_ITERATIONS			 113
-#define BN_R_TOO_MANY_TEMPORARY_VARIABLES		 109
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/bn/bn_add.c b/lib/libssl/src/crypto/bn/bn_add.c
deleted file mode 100644
index ebc9b9b56bf..00000000000
--- a/lib/libssl/src/crypto/bn/bn_add.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* $OpenBSD: bn_add.c,v 1.10 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-/* r can == a or b */
-int
-BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-	const BIGNUM *tmp;
-	int a_neg = a->neg, ret;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/*  a +  b	a+b
-	 *  a + -b	a-b
-	 * -a +  b	b-a
-	 * -a + -b	-(a+b)
-	 */
-	if (a_neg ^ b->neg) {
-		/* only one is negative */
-		if (a_neg)
-				{ tmp = a;
-			a = b;
-			b = tmp;
-		}
-
-		/* we are now a - b */
-
-		if (BN_ucmp(a, b) < 0) {
-			if (!BN_usub(r, b, a))
-				return (0);
-			r->neg = 1;
-		} else {
-			if (!BN_usub(r, a, b))
-				return (0);
-			r->neg = 0;
-		}
-		return (1);
-	}
-
-	ret = BN_uadd(r, a, b);
-	r->neg = a_neg;
-	bn_check_top(r);
-	return ret;
-}
-
-/* unsigned add of b to a */
-int
-BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-	int max, min, dif;
-	BN_ULONG *ap, *bp, *rp, carry, t1, t2;
-	const BIGNUM *tmp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->top < b->top) {
-		tmp = a;
-		a = b;
-		b = tmp;
-	}
-	max = a->top;
-	min = b->top;
-	dif = max - min;
-
-	if (bn_wexpand(r, max + 1) == NULL)
-		return 0;
-
-	r->top = max;
-
-	ap = a->d;
-	bp = b->d;
-	rp = r->d;
-
-	carry = bn_add_words(rp, ap, bp, min);
-	rp += min;
-	ap += min;
-	bp += min;
-
-	if (carry) {
-		while (dif) {
-			dif--;
-			t1 = *(ap++);
-			t2 = (t1 + 1) & BN_MASK2;
-			*(rp++) = t2;
-			if (t2) {
-				carry = 0;
-				break;
-			}
-		}
-		if (carry) {
-			/* carry != 0 => dif == 0 */
-			*rp = 1;
-			r->top++;
-		}
-	}
-	if (dif && rp != ap)
-		while (dif--)
-			/* copy remaining words if ap != rp */
-			*(rp++) = *(ap++);
-	r->neg = 0;
-	bn_check_top(r);
-	return 1;
-}
-
-/* unsigned subtraction of b from a, a must be larger than b. */
-int
-BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-	int max, min, dif;
-	BN_ULONG t1, t2, *ap, *bp, *rp;
-	int i, carry;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	max = a->top;
-	min = b->top;
-	dif = max - min;
-
-	if (dif < 0)	/* hmm... should not be happening */
-	{
-		BNerr(BN_F_BN_USUB, BN_R_ARG2_LT_ARG3);
-		return (0);
-	}
-
-	if (bn_wexpand(r, max) == NULL)
-		return (0);
-
-	ap = a->d;
-	bp = b->d;
-	rp = r->d;
-
-#if 1
-	carry = 0;
-	for (i = min; i != 0; i--) {
-		t1= *(ap++);
-		t2= *(bp++);
-		if (carry) {
-			carry = (t1 <= t2);
-			t1 = (t1 - t2 - 1)&BN_MASK2;
-		} else {
-			carry = (t1 < t2);
-			t1 = (t1 - t2)&BN_MASK2;
-		}
-		*(rp++) = t1&BN_MASK2;
-	}
-#else
-	carry = bn_sub_words(rp, ap, bp, min);
-	ap += min;
-	bp += min;
-	rp += min;
-#endif
-	if (carry) /* subtracted */
-	{
-		if (!dif)
-			/* error: a < b */
-			return 0;
-		while (dif) {
-			dif--;
-			t1 = *(ap++);
-			t2 = (t1 - 1)&BN_MASK2;
-			*(rp++) = t2;
-			if (t1)
-				break;
-		}
-	}
-#if 0
-	memcpy(rp, ap, sizeof(*rp)*(max - i));
-#else
-	if (rp != ap) {
-		for (;;) {
-			if (!dif--)
-				break;
-			rp[0] = ap[0];
-			if (!dif--)
-				break;
-			rp[1] = ap[1];
-			if (!dif--)
-				break;
-			rp[2] = ap[2];
-			if (!dif--)
-				break;
-			rp[3] = ap[3];
-			rp += 4;
-			ap += 4;
-		}
-	}
-#endif
-
-	r->top = max;
-	r->neg = 0;
-	bn_correct_top(r);
-	return (1);
-}
-
-int
-BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-	int max;
-	int add = 0, neg = 0;
-	const BIGNUM *tmp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/*  a -  b	a-b
-	 *  a - -b	a+b
-	 * -a -  b	-(a+b)
-	 * -a - -b	b-a
-	 */
-	if (a->neg) {
-		if (b->neg) {
-			tmp = a;
-			a = b;
-			b = tmp;
-		} else {
-			add = 1;
-			neg = 1;
-		}
-	} else {
-		if (b->neg) {
-			add = 1;
-			neg = 0;
-		}
-	}
-
-	if (add) {
-		if (!BN_uadd(r, a, b))
-			return (0);
-		r->neg = neg;
-		return (1);
-	}
-
-	/* We are actually doing a - b :-) */
-
-	max = (a->top > b->top) ? a->top : b->top;
-	if (bn_wexpand(r, max) == NULL)
-		return (0);
-	if (BN_ucmp(a, b) < 0) {
-		if (!BN_usub(r, b, a))
-			return (0);
-		r->neg = 1;
-	} else {
-		if (!BN_usub(r, a, b))
-			return (0);
-		r->neg = 0;
-	}
-	bn_check_top(r);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_asm.c b/lib/libssl/src/crypto/bn/bn_asm.c
deleted file mode 100644
index 49f0ba5d7b5..00000000000
--- a/lib/libssl/src/crypto/bn/bn_asm.c
+++ /dev/null
@@ -1,1098 +0,0 @@
-/* $OpenBSD: bn_asm.c,v 1.14 2015/02/25 15:39:49 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include "bn_lcl.h"
-
-#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
-
-BN_ULONG
-bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-	BN_ULONG c1 = 0;
-
-	assert(num >= 0);
-	if (num <= 0)
-		return (c1);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (num & ~3) {
-		mul_add(rp[0], ap[0], w, c1);
-		mul_add(rp[1], ap[1], w, c1);
-		mul_add(rp[2], ap[2], w, c1);
-		mul_add(rp[3], ap[3], w, c1);
-		ap += 4;
-		rp += 4;
-		num -= 4;
-	}
-#endif
-	while (num) {
-		mul_add(rp[0], ap[0], w, c1);
-		ap++;
-		rp++;
-		num--;
-	}
-
-	return (c1);
-}
-
-BN_ULONG
-bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-	BN_ULONG c1 = 0;
-
-	assert(num >= 0);
-	if (num <= 0)
-		return (c1);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (num & ~3) {
-		mul(rp[0], ap[0], w, c1);
-		mul(rp[1], ap[1], w, c1);
-		mul(rp[2], ap[2], w, c1);
-		mul(rp[3], ap[3], w, c1);
-		ap += 4;
-		rp += 4;
-		num -= 4;
-	}
-#endif
-	while (num) {
-		mul(rp[0], ap[0], w, c1);
-		ap++;
-		rp++;
-		num--;
-	}
-	return (c1);
-}
-
-void
-bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-{
-	assert(n >= 0);
-	if (n <= 0)
-		return;
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (n & ~3) {
-		sqr(r[0], r[1], a[0]);
-		sqr(r[2], r[3], a[1]);
-		sqr(r[4], r[5], a[2]);
-		sqr(r[6], r[7], a[3]);
-		a += 4;
-		r += 8;
-		n -= 4;
-	}
-#endif
-	while (n) {
-		sqr(r[0], r[1], a[0]);
-		a++;
-		r += 2;
-		n--;
-	}
-}
-
-#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-BN_ULONG
-bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-	BN_ULONG c = 0;
-	BN_ULONG bl, bh;
-
-	assert(num >= 0);
-	if (num <= 0)
-		return ((BN_ULONG)0);
-
-	bl = LBITS(w);
-	bh = HBITS(w);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (num & ~3) {
-		mul_add(rp[0], ap[0], bl, bh, c);
-		mul_add(rp[1], ap[1], bl, bh, c);
-		mul_add(rp[2], ap[2], bl, bh, c);
-		mul_add(rp[3], ap[3], bl, bh, c);
-		ap += 4;
-		rp += 4;
-		num -= 4;
-	}
-#endif
-	while (num) {
-		mul_add(rp[0], ap[0], bl, bh, c);
-		ap++;
-		rp++;
-		num--;
-	}
-	return (c);
-}
-
-BN_ULONG
-bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
-{
-	BN_ULONG carry = 0;
-	BN_ULONG bl, bh;
-
-	assert(num >= 0);
-	if (num <= 0)
-		return ((BN_ULONG)0);
-
-	bl = LBITS(w);
-	bh = HBITS(w);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (num & ~3) {
-		mul(rp[0], ap[0], bl, bh, carry);
-		mul(rp[1], ap[1], bl, bh, carry);
-		mul(rp[2], ap[2], bl, bh, carry);
-		mul(rp[3], ap[3], bl, bh, carry);
-		ap += 4;
-		rp += 4;
-		num -= 4;
-	}
-#endif
-	while (num) {
-		mul(rp[0], ap[0], bl, bh, carry);
-		ap++;
-		rp++;
-		num--;
-	}
-	return (carry);
-}
-
-void
-bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
-{
-	assert(n >= 0);
-	if (n <= 0)
-		return;
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (n & ~3) {
-		sqr64(r[0], r[1], a[0]);
-		sqr64(r[2], r[3], a[1]);
-		sqr64(r[4], r[5], a[2]);
-		sqr64(r[6], r[7], a[3]);
-		a += 4;
-		r += 8;
-		n -= 4;
-	}
-#endif
-	while (n) {
-		sqr64(r[0], r[1], a[0]);
-		a++;
-		r += 2;
-		n--;
-	}
-}
-
-#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */
-
-#if defined(BN_LLONG) && defined(BN_DIV2W)
-
-BN_ULONG
-bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{
-	return ((BN_ULONG)(((((BN_ULLONG)h) << BN_BITS2)|l)/(BN_ULLONG)d));
-}
-
-#else
-
-/* Divide h,l by d and return the result. */
-/* I need to test this some more :-( */
-BN_ULONG
-bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
-{
-	BN_ULONG dh, dl, q,ret = 0, th, tl, t;
-	int i, count = 2;
-
-	if (d == 0)
-		return (BN_MASK2);
-
-	i = BN_num_bits_word(d);
-	assert((i == BN_BITS2) || (h <= (BN_ULONG)1 << i));
-
-	i = BN_BITS2 - i;
-	if (h >= d)
-		h -= d;
-
-	if (i) {
-		d <<= i;
-		h = (h << i) | (l >> (BN_BITS2 - i));
-		l <<= i;
-	}
-	dh = (d & BN_MASK2h) >> BN_BITS4;
-	dl = (d & BN_MASK2l);
-	for (;;) {
-		if ((h >> BN_BITS4) == dh)
-			q = BN_MASK2l;
-		else
-			q = h / dh;
-
-		th = q * dh;
-		tl = dl * q;
-		for (;;) {
-			t = h - th;
-			if ((t & BN_MASK2h) ||
-			    ((tl) <= (
-			    (t << BN_BITS4) |
-			    ((l & BN_MASK2h) >> BN_BITS4))))
-				break;
-			q--;
-			th -= dh;
-			tl -= dl;
-		}
-		t = (tl >> BN_BITS4);
-		tl = (tl << BN_BITS4) & BN_MASK2h;
-		th += t;
-
-		if (l < tl)
-			th++;
-		l -= tl;
-		if (h < th) {
-			h += d;
-			q--;
-		}
-		h -= th;
-
-		if (--count == 0)
-			break;
-
-		ret = q << BN_BITS4;
-		h = ((h << BN_BITS4) | (l >> BN_BITS4)) & BN_MASK2;
-		l = (l & BN_MASK2l) << BN_BITS4;
-	}
-	ret |= q;
-	return (ret);
-}
-#endif /* !defined(BN_LLONG) && defined(BN_DIV2W) */
-
-#ifdef BN_LLONG
-BN_ULONG
-bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-{
-	BN_ULLONG ll = 0;
-
-	assert(n >= 0);
-	if (n <= 0)
-		return ((BN_ULONG)0);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (n & ~3) {
-		ll += (BN_ULLONG)a[0] + b[0];
-		r[0] = (BN_ULONG)ll & BN_MASK2;
-		ll >>= BN_BITS2;
-		ll += (BN_ULLONG)a[1] + b[1];
-		r[1] = (BN_ULONG)ll & BN_MASK2;
-		ll >>= BN_BITS2;
-		ll += (BN_ULLONG)a[2] + b[2];
-		r[2] = (BN_ULONG)ll & BN_MASK2;
-		ll >>= BN_BITS2;
-		ll += (BN_ULLONG)a[3] + b[3];
-		r[3] = (BN_ULONG)ll & BN_MASK2;
-		ll >>= BN_BITS2;
-		a += 4;
-		b += 4;
-		r += 4;
-		n -= 4;
-	}
-#endif
-	while (n) {
-		ll += (BN_ULLONG)a[0] + b[0];
-		r[0] = (BN_ULONG)ll & BN_MASK2;
-		ll >>= BN_BITS2;
-		a++;
-		b++;
-		r++;
-		n--;
-	}
-	return ((BN_ULONG)ll);
-}
-#else /* !BN_LLONG */
-BN_ULONG
-bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-{
-	BN_ULONG c, l, t;
-
-	assert(n >= 0);
-	if (n <= 0)
-		return ((BN_ULONG)0);
-
-	c = 0;
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (n & ~3) {
-		t = a[0];
-		t = (t + c) & BN_MASK2;
-		c = (t < c);
-		l = (t + b[0]) & BN_MASK2;
-		c += (l < t);
-		r[0] = l;
-		t = a[1];
-		t = (t + c) & BN_MASK2;
-		c = (t < c);
-		l = (t + b[1]) & BN_MASK2;
-		c += (l < t);
-		r[1] = l;
-		t = a[2];
-		t = (t + c) & BN_MASK2;
-		c = (t < c);
-		l = (t + b[2]) & BN_MASK2;
-		c += (l < t);
-		r[2] = l;
-		t = a[3];
-		t = (t + c) & BN_MASK2;
-		c = (t < c);
-		l = (t + b[3]) & BN_MASK2;
-		c += (l < t);
-		r[3] = l;
-		a += 4;
-		b += 4;
-		r += 4;
-		n -= 4;
-	}
-#endif
-	while (n) {
-		t = a[0];
-		t = (t + c) & BN_MASK2;
-		c = (t < c);
-		l = (t + b[0]) & BN_MASK2;
-		c += (l < t);
-		r[0] = l;
-		a++;
-		b++;
-		r++;
-		n--;
-	}
-	return ((BN_ULONG)c);
-}
-#endif /* !BN_LLONG */
-
-BN_ULONG
-bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int n)
-{
-	BN_ULONG t1, t2;
-	int c = 0;
-
-	assert(n >= 0);
-	if (n <= 0)
-		return ((BN_ULONG)0);
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	while (n&~3) {
-		t1 = a[0];
-		t2 = b[0];
-		r[0] = (t1 - t2 - c) & BN_MASK2;
-		if (t1 != t2)
-			c = (t1 < t2);
-		t1 = a[1];
-		t2 = b[1];
-		r[1] = (t1 - t2 - c) & BN_MASK2;
-		if (t1 != t2)
-			c = (t1 < t2);
-		t1 = a[2];
-		t2 = b[2];
-		r[2] = (t1 - t2 - c) & BN_MASK2;
-		if (t1 != t2)
-			c = (t1 < t2);
-		t1 = a[3];
-		t2 = b[3];
-		r[3] = (t1 - t2 - c) & BN_MASK2;
-		if (t1 != t2)
-			c = (t1 < t2);
-		a += 4;
-		b += 4;
-		r += 4;
-		n -= 4;
-	}
-#endif
-	while (n) {
-		t1 = a[0];
-		t2 = b[0];
-		r[0] = (t1 - t2 - c) & BN_MASK2;
-		if (t1 != t2)
-			c = (t1 < t2);
-		a++;
-		b++;
-		r++;
-		n--;
-	}
-	return (c);
-}
-
-#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT)
-
-#undef bn_mul_comba8
-#undef bn_mul_comba4
-#undef bn_sqr_comba8
-#undef bn_sqr_comba4
-
-/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
-/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
-/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
-/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */
-
-#ifdef BN_LLONG
-/*
- * Keep in mind that additions to multiplication result can not
- * overflow, because its high half cannot be all-ones.
- */
-#define mul_add_c(a,b,c0,c1,c2)		do {	\
-	BN_ULONG hi;				\
-	BN_ULLONG t = (BN_ULLONG)(a)*(b);	\
-	t += c0;		/* no carry */	\
-	c0 = (BN_ULONG)Lw(t);			\
-	hi = (BN_ULONG)Hw(t);			\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define mul_add_c2(a,b,c0,c1,c2)	do {	\
-	BN_ULONG hi;				\
-	BN_ULLONG t = (BN_ULLONG)(a)*(b);	\
-	BN_ULLONG tt = t+c0;	/* no carry */	\
-	c0 = (BN_ULONG)Lw(tt);			\
-	hi = (BN_ULONG)Hw(tt);			\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	t += c0;		/* no carry */	\
-	c0 = (BN_ULONG)Lw(t);			\
-	hi = (BN_ULONG)Hw(t);			\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define sqr_add_c(a,i,c0,c1,c2)		do {	\
-	BN_ULONG hi;				\
-	BN_ULLONG t = (BN_ULLONG)a[i]*a[i];	\
-	t += c0;		/* no carry */	\
-	c0 = (BN_ULONG)Lw(t);			\
-	hi = (BN_ULONG)Hw(t);			\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#elif defined(BN_UMULT_LOHI)
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#define mul_add_c(a,b,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a), tb = (b);		\
-	BN_ULONG lo, hi;			\
-	BN_UMULT_LOHI(lo,hi,ta,tb);		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define mul_add_c2(a,b,c0,c1,c2)	do {	\
-	BN_ULONG ta = (a), tb = (b);		\
-	BN_ULONG lo, hi, tt;			\
-	BN_UMULT_LOHI(lo,hi,ta,tb);		\
-	c0 += lo; tt = hi+((c0<lo)?1:0);	\
-	c1 += tt; c2 += (c1<tt)?1:0;		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define sqr_add_c(a,i,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a)[i];			\
-	BN_ULONG lo, hi;			\
-	BN_UMULT_LOHI(lo,hi,ta,ta);		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define sqr_add_c2(a,i,j,c0,c1,c2)	\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#elif defined(BN_UMULT_HIGH)
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#define mul_add_c(a,b,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a), tb = (b);		\
-	BN_ULONG lo = ta * tb;			\
-	BN_ULONG hi = BN_UMULT_HIGH(ta,tb);	\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define mul_add_c2(a,b,c0,c1,c2)	do {	\
-	BN_ULONG ta = (a), tb = (b), tt;	\
-	BN_ULONG lo = ta * tb;			\
-	BN_ULONG hi = BN_UMULT_HIGH(ta,tb);	\
-	c0 += lo; tt = hi + ((c0<lo)?1:0);	\
-	c1 += tt; c2 += (c1<tt)?1:0;		\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define sqr_add_c(a,i,c0,c1,c2)		do {	\
-	BN_ULONG ta = (a)[i];			\
-	BN_ULONG lo = ta * ta;			\
-	BN_ULONG hi = BN_UMULT_HIGH(ta,ta);	\
-	c0 += lo; hi += (c0<lo)?1:0;		\
-	c1 += hi; c2 += (c1<hi)?1:0;		\
-	} while(0)
-
-#define sqr_add_c2(a,i,j,c0,c1,c2)	\
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-
-#else /* !BN_LLONG */
-/*
- * Keep in mind that additions to hi can not overflow, because
- * the high word of a multiplication result cannot be all-ones.
- */
-#define mul_add_c(a,b,c0,c1,c2)		do {	\
-	BN_ULONG lo = LBITS(a), hi = HBITS(a);	\
-	BN_ULONG bl = LBITS(b), bh = HBITS(b);	\
-	mul64(lo,hi,bl,bh);			\
-	c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++;	\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define mul_add_c2(a,b,c0,c1,c2)	do {	\
-	BN_ULONG tt;				\
-	BN_ULONG lo = LBITS(a), hi = HBITS(a);	\
-	BN_ULONG bl = LBITS(b), bh = HBITS(b);	\
-	mul64(lo,hi,bl,bh);			\
-	tt = hi;				\
-	c0 = (c0+lo)&BN_MASK2; if (c0<lo) tt++;	\
-	c1 = (c1+tt)&BN_MASK2; if (c1<tt) c2++;	\
-	c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++;	\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define sqr_add_c(a,i,c0,c1,c2)		do {	\
-	BN_ULONG lo, hi;			\
-	sqr64(lo,hi,(a)[i]);			\
-	c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++;	\
-	c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++;	\
-	} while(0)
-
-#define sqr_add_c2(a,i,j,c0,c1,c2) \
-	mul_add_c2((a)[i],(a)[j],c0,c1,c2)
-#endif /* !BN_LLONG */
-
-void
-bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-	BN_ULONG c1, c2, c3;
-
-	c1 = 0;
-	c2 = 0;
-	c3 = 0;
-	mul_add_c(a[0], b[0], c1, c2, c3);
-	r[0] = c1;
-	c1 = 0;
-	mul_add_c(a[0], b[1], c2, c3, c1);
-	mul_add_c(a[1], b[0], c2, c3, c1);
-	r[1] = c2;
-	c2 = 0;
-	mul_add_c(a[2], b[0], c3, c1, c2);
-	mul_add_c(a[1], b[1], c3, c1, c2);
-	mul_add_c(a[0], b[2], c3, c1, c2);
-	r[2] = c3;
-	c3 = 0;
-	mul_add_c(a[0], b[3], c1, c2, c3);
-	mul_add_c(a[1], b[2], c1, c2, c3);
-	mul_add_c(a[2], b[1], c1, c2, c3);
-	mul_add_c(a[3], b[0], c1, c2, c3);
-	r[3] = c1;
-	c1 = 0;
-	mul_add_c(a[4], b[0], c2, c3, c1);
-	mul_add_c(a[3], b[1], c2, c3, c1);
-	mul_add_c(a[2], b[2], c2, c3, c1);
-	mul_add_c(a[1], b[3], c2, c3, c1);
-	mul_add_c(a[0], b[4], c2, c3, c1);
-	r[4] = c2;
-	c2 = 0;
-	mul_add_c(a[0], b[5], c3, c1, c2);
-	mul_add_c(a[1], b[4], c3, c1, c2);
-	mul_add_c(a[2], b[3], c3, c1, c2);
-	mul_add_c(a[3], b[2], c3, c1, c2);
-	mul_add_c(a[4], b[1], c3, c1, c2);
-	mul_add_c(a[5], b[0], c3, c1, c2);
-	r[5] = c3;
-	c3 = 0;
-	mul_add_c(a[6], b[0], c1, c2, c3);
-	mul_add_c(a[5], b[1], c1, c2, c3);
-	mul_add_c(a[4], b[2], c1, c2, c3);
-	mul_add_c(a[3], b[3], c1, c2, c3);
-	mul_add_c(a[2], b[4], c1, c2, c3);
-	mul_add_c(a[1], b[5], c1, c2, c3);
-	mul_add_c(a[0], b[6], c1, c2, c3);
-	r[6] = c1;
-	c1 = 0;
-	mul_add_c(a[0], b[7], c2, c3, c1);
-	mul_add_c(a[1], b[6], c2, c3, c1);
-	mul_add_c(a[2], b[5], c2, c3, c1);
-	mul_add_c(a[3], b[4], c2, c3, c1);
-	mul_add_c(a[4], b[3], c2, c3, c1);
-	mul_add_c(a[5], b[2], c2, c3, c1);
-	mul_add_c(a[6], b[1], c2, c3, c1);
-	mul_add_c(a[7], b[0], c2, c3, c1);
-	r[7] = c2;
-	c2 = 0;
-	mul_add_c(a[7], b[1], c3, c1, c2);
-	mul_add_c(a[6], b[2], c3, c1, c2);
-	mul_add_c(a[5], b[3], c3, c1, c2);
-	mul_add_c(a[4], b[4], c3, c1, c2);
-	mul_add_c(a[3], b[5], c3, c1, c2);
-	mul_add_c(a[2], b[6], c3, c1, c2);
-	mul_add_c(a[1], b[7], c3, c1, c2);
-	r[8] = c3;
-	c3 = 0;
-	mul_add_c(a[2], b[7], c1, c2, c3);
-	mul_add_c(a[3], b[6], c1, c2, c3);
-	mul_add_c(a[4], b[5], c1, c2, c3);
-	mul_add_c(a[5], b[4], c1, c2, c3);
-	mul_add_c(a[6], b[3], c1, c2, c3);
-	mul_add_c(a[7], b[2], c1, c2, c3);
-	r[9] = c1;
-	c1 = 0;
-	mul_add_c(a[7], b[3], c2, c3, c1);
-	mul_add_c(a[6], b[4], c2, c3, c1);
-	mul_add_c(a[5], b[5], c2, c3, c1);
-	mul_add_c(a[4], b[6], c2, c3, c1);
-	mul_add_c(a[3], b[7], c2, c3, c1);
-	r[10] = c2;
-	c2 = 0;
-	mul_add_c(a[4], b[7], c3, c1, c2);
-	mul_add_c(a[5], b[6], c3, c1, c2);
-	mul_add_c(a[6], b[5], c3, c1, c2);
-	mul_add_c(a[7], b[4], c3, c1, c2);
-	r[11] = c3;
-	c3 = 0;
-	mul_add_c(a[7], b[5], c1, c2, c3);
-	mul_add_c(a[6], b[6], c1, c2, c3);
-	mul_add_c(a[5], b[7], c1, c2, c3);
-	r[12] = c1;
-	c1 = 0;
-	mul_add_c(a[6], b[7], c2, c3, c1);
-	mul_add_c(a[7], b[6], c2, c3, c1);
-	r[13] = c2;
-	c2 = 0;
-	mul_add_c(a[7], b[7], c3, c1, c2);
-	r[14] = c3;
-	r[15] = c1;
-}
-
-void
-bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-	BN_ULONG c1, c2, c3;
-
-	c1 = 0;
-	c2 = 0;
-	c3 = 0;
-	mul_add_c(a[0], b[0], c1, c2, c3);
-	r[0] = c1;
-	c1 = 0;
-	mul_add_c(a[0], b[1], c2, c3, c1);
-	mul_add_c(a[1], b[0], c2, c3, c1);
-	r[1] = c2;
-	c2 = 0;
-	mul_add_c(a[2], b[0], c3, c1, c2);
-	mul_add_c(a[1], b[1], c3, c1, c2);
-	mul_add_c(a[0], b[2], c3, c1, c2);
-	r[2] = c3;
-	c3 = 0;
-	mul_add_c(a[0], b[3], c1, c2, c3);
-	mul_add_c(a[1], b[2], c1, c2, c3);
-	mul_add_c(a[2], b[1], c1, c2, c3);
-	mul_add_c(a[3], b[0], c1, c2, c3);
-	r[3] = c1;
-	c1 = 0;
-	mul_add_c(a[3], b[1], c2, c3, c1);
-	mul_add_c(a[2], b[2], c2, c3, c1);
-	mul_add_c(a[1], b[3], c2, c3, c1);
-	r[4] = c2;
-	c2 = 0;
-	mul_add_c(a[2], b[3], c3, c1, c2);
-	mul_add_c(a[3], b[2], c3, c1, c2);
-	r[5] = c3;
-	c3 = 0;
-	mul_add_c(a[3], b[3], c1, c2, c3);
-	r[6] = c1;
-	r[7] = c2;
-}
-
-void
-bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-{
-	BN_ULONG c1, c2, c3;
-
-	c1 = 0;
-	c2 = 0;
-	c3 = 0;
-	sqr_add_c(a, 0, c1, c2, c3);
-	r[0] = c1;
-	c1 = 0;
-	sqr_add_c2(a, 1, 0, c2, c3, c1);
-	r[1] = c2;
-	c2 = 0;
-	sqr_add_c(a, 1, c3, c1, c2);
-	sqr_add_c2(a, 2, 0, c3, c1, c2);
-	r[2] = c3;
-	c3 = 0;
-	sqr_add_c2(a, 3, 0, c1, c2, c3);
-	sqr_add_c2(a, 2, 1, c1, c2, c3);
-	r[3] = c1;
-	c1 = 0;
-	sqr_add_c(a, 2, c2, c3, c1);
-	sqr_add_c2(a, 3, 1, c2, c3, c1);
-	sqr_add_c2(a, 4, 0, c2, c3, c1);
-	r[4] = c2;
-	c2 = 0;
-	sqr_add_c2(a, 5, 0, c3, c1, c2);
-	sqr_add_c2(a, 4, 1, c3, c1, c2);
-	sqr_add_c2(a, 3, 2, c3, c1, c2);
-	r[5] = c3;
-	c3 = 0;
-	sqr_add_c(a, 3, c1, c2, c3);
-	sqr_add_c2(a, 4, 2, c1, c2, c3);
-	sqr_add_c2(a, 5, 1, c1, c2, c3);
-	sqr_add_c2(a, 6, 0, c1, c2, c3);
-	r[6] = c1;
-	c1 = 0;
-	sqr_add_c2(a, 7, 0, c2, c3, c1);
-	sqr_add_c2(a, 6, 1, c2, c3, c1);
-	sqr_add_c2(a, 5, 2, c2, c3, c1);
-	sqr_add_c2(a, 4, 3, c2, c3, c1);
-	r[7] = c2;
-	c2 = 0;
-	sqr_add_c(a, 4, c3, c1, c2);
-	sqr_add_c2(a, 5, 3, c3, c1, c2);
-	sqr_add_c2(a, 6, 2, c3, c1, c2);
-	sqr_add_c2(a, 7, 1, c3, c1, c2);
-	r[8] = c3;
-	c3 = 0;
-	sqr_add_c2(a, 7, 2, c1, c2, c3);
-	sqr_add_c2(a, 6, 3, c1, c2, c3);
-	sqr_add_c2(a, 5, 4, c1, c2, c3);
-	r[9] = c1;
-	c1 = 0;
-	sqr_add_c(a, 5, c2, c3, c1);
-	sqr_add_c2(a, 6, 4, c2, c3, c1);
-	sqr_add_c2(a, 7, 3, c2, c3, c1);
-	r[10] = c2;
-	c2 = 0;
-	sqr_add_c2(a, 7, 4, c3, c1, c2);
-	sqr_add_c2(a, 6, 5, c3, c1, c2);
-	r[11] = c3;
-	c3 = 0;
-	sqr_add_c(a, 6, c1, c2, c3);
-	sqr_add_c2(a, 7, 5, c1, c2, c3);
-	r[12] = c1;
-	c1 = 0;
-	sqr_add_c2(a, 7, 6, c2, c3, c1);
-	r[13] = c2;
-	c2 = 0;
-	sqr_add_c(a, 7, c3, c1, c2);
-	r[14] = c3;
-	r[15] = c1;
-}
-
-void
-bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-{
-	BN_ULONG c1, c2, c3;
-
-	c1 = 0;
-	c2 = 0;
-	c3 = 0;
-	sqr_add_c(a, 0, c1, c2, c3);
-	r[0] = c1;
-	c1 = 0;
-	sqr_add_c2(a, 1, 0, c2, c3, c1);
-	r[1] = c2;
-	c2 = 0;
-	sqr_add_c(a, 1, c3, c1, c2);
-	sqr_add_c2(a, 2, 0, c3, c1, c2);
-	r[2] = c3;
-	c3 = 0;
-	sqr_add_c2(a, 3, 0, c1, c2, c3);
-	sqr_add_c2(a, 2, 1, c1, c2, c3);
-	r[3] = c1;
-	c1 = 0;
-	sqr_add_c(a, 2, c2, c3, c1);
-	sqr_add_c2(a, 3, 1, c2, c3, c1);
-	r[4] = c2;
-	c2 = 0;
-	sqr_add_c2(a, 3, 2, c3, c1, c2);
-	r[5] = c3;
-	c3 = 0;
-	sqr_add_c(a, 3, c1, c2, c3);
-	r[6] = c1;
-	r[7] = c2;
-}
-
-#ifdef OPENSSL_NO_ASM
-#ifdef OPENSSL_BN_ASM_MONT
-/*
- * This is essentially reference implementation, which may or may not
- * result in performance improvement. E.g. on IA-32 this routine was
- * observed to give 40% faster rsa1024 private key operations and 10%
- * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only
- * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a
- * reference implementation, one to be used as starting point for
- * platform-specific assembler. Mentioned numbers apply to compiler
- * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and
- * can vary not only from platform to platform, but even for compiler
- * versions. Assembler vs. assembler improvement coefficients can
- * [and are known to] differ and are to be documented elsewhere.
- */
-int
-bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0p, int num)
-{
-	BN_ULONG c0, c1, ml, *tp, n0;
-#ifdef mul64
-	BN_ULONG mh;
-#endif
-	int i = 0, j;
-
-#if 0	/* template for platform-specific implementation */
-	if (ap == bp)
-		return bn_sqr_mont(rp, ap, np, n0p, num);
-#endif
-	tp = reallocarray(NULL, num + 2, sizeof(BN_ULONG));
-	if (tp == NULL)
-		return 0;
-
-	n0 = *n0p;
-
-	c0 = 0;
-	ml = bp[0];
-#ifdef mul64
-	mh = HBITS(ml);
-	ml = LBITS(ml);
-	for (j = 0; j < num; ++j)
-		mul(tp[j], ap[j], ml, mh, c0);
-#else
-	for (j = 0; j < num; ++j)
-		mul(tp[j], ap[j], ml, c0);
-#endif
-
-	tp[num] = c0;
-	tp[num + 1] = 0;
-	goto enter;
-
-	for (i = 0; i < num; i++) {
-		c0 = 0;
-		ml = bp[i];
-#ifdef mul64
-		mh = HBITS(ml);
-		ml = LBITS(ml);
-		for (j = 0; j < num; ++j)
-			mul_add(tp[j], ap[j], ml, mh, c0);
-#else
-		for (j = 0; j < num; ++j)
-			mul_add(tp[j], ap[j], ml, c0);
-#endif
-		c1 = (tp[num] + c0) & BN_MASK2;
-		tp[num] = c1;
-		tp[num + 1] = (c1 < c0 ? 1 : 0);
-enter:
-		c1 = tp[0];
-		ml = (c1 * n0) & BN_MASK2;
-		c0 = 0;
-#ifdef mul64
-		mh = HBITS(ml);
-		ml = LBITS(ml);
-		mul_add(c1, np[0], ml, mh, c0);
-#else
-		mul_add(c1, ml, np[0], c0);
-#endif
-		for (j = 1; j < num; j++) {
-			c1 = tp[j];
-#ifdef mul64
-			mul_add(c1, np[j], ml, mh, c0);
-#else
-			mul_add(c1, ml, np[j], c0);
-#endif
-			tp[j - 1] = c1 & BN_MASK2;
-		}
-		c1 = (tp[num] + c0) & BN_MASK2;
-		tp[num - 1] = c1;
-		tp[num] = tp[num + 1] + (c1 < c0 ? 1 : 0);
-	}
-
-	if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
-		c0 = bn_sub_words(rp, tp, np, num);
-		if (tp[num] != 0 || c0 == 0) {
-			goto out;
-		}
-	}
-	memcpy(rp, tp, num * sizeof(BN_ULONG));
-out:
-	explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG));
-	free(tp);
-	return 1;
-}
-#else
-/*
- * Return value of 0 indicates that multiplication/convolution was not
- * performed to signal the caller to fall down to alternative/original
- * code-path.
- */
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num)
-	{	return 0;
-}
-#endif /* OPENSSL_BN_ASM_MONT */
-#endif
-
-#else /* !BN_MUL_COMBA */
-
-/* hmm... is it faster just to do a multiply? */
-#undef bn_sqr_comba4
-void
-bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
-{
-	BN_ULONG t[8];
-	bn_sqr_normal(r, a, 4, t);
-}
-
-#undef bn_sqr_comba8
-void
-bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
-{
-	BN_ULONG t[16];
-	bn_sqr_normal(r, a, 8, t);
-}
-
-void
-bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-	r[4] = bn_mul_words(&(r[0]), a, 4, b[0]);
-	r[5] = bn_mul_add_words(&(r[1]), a, 4, b[1]);
-	r[6] = bn_mul_add_words(&(r[2]), a, 4, b[2]);
-	r[7] = bn_mul_add_words(&(r[3]), a, 4, b[3]);
-}
-
-void
-bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
-{
-	r[8] = bn_mul_words(&(r[0]), a, 8, b[0]);
-	r[9] = bn_mul_add_words(&(r[1]), a, 8, b[1]);
-	r[10] = bn_mul_add_words(&(r[2]), a, 8, b[2]);
-	r[11] = bn_mul_add_words(&(r[3]), a, 8, b[3]);
-	r[12] = bn_mul_add_words(&(r[4]), a, 8, b[4]);
-	r[13] = bn_mul_add_words(&(r[5]), a, 8, b[5]);
-	r[14] = bn_mul_add_words(&(r[6]), a, 8, b[6]);
-	r[15] = bn_mul_add_words(&(r[7]), a, 8, b[7]);
-}
-
-#ifdef OPENSSL_NO_ASM
-#ifdef OPENSSL_BN_ASM_MONT
-int
-bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-    const BN_ULONG *np, const BN_ULONG *n0p, int num)
-{
-	BN_ULONG c0, c1, *tp, n0 = *n0p;
-	int i = 0, j;
-
-	tp = calloc(NULL, num + 2, sizeof(BN_ULONG));
-	if (tp == NULL)
-		return 0;
-
-	for (i = 0; i < num; i++) {
-		c0 = bn_mul_add_words(tp, ap, num, bp[i]);
-		c1 = (tp[num] + c0) & BN_MASK2;
-		tp[num] = c1;
-		tp[num + 1] = (c1 < c0 ? 1 : 0);
-
-		c0 = bn_mul_add_words(tp, np, num, tp[0] * n0);
-		c1 = (tp[num] + c0) & BN_MASK2;
-		tp[num] = c1;
-		tp[num + 1] += (c1 < c0 ? 1 : 0);
-		for (j = 0; j <= num; j++)
-			tp[j] = tp[j + 1];
-	}
-
-	if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
-		c0 = bn_sub_words(rp, tp, np, num);
-		if (tp[num] != 0 || c0 == 0) {
-			goto out;
-		}
-	}
-	memcpy(rp, tp, num * sizeof(BN_ULONG));
-out:
-	explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG));
-	free(tp);
-	return 1;
-}
-#else
-int
-bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-    const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-	return 0;
-}
-#endif /* OPENSSL_BN_ASM_MONT */
-#endif
-
-#endif /* !BN_MUL_COMBA */
diff --git a/lib/libssl/src/crypto/bn/bn_blind.c b/lib/libssl/src/crypto/bn/bn_blind.c
deleted file mode 100644
index c842f76c6ff..00000000000
--- a/lib/libssl/src/crypto/bn/bn_blind.c
+++ /dev/null
@@ -1,388 +0,0 @@
-/* $OpenBSD: bn_blind.c,v 1.14 2014/07/12 16:03:36 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-#define BN_BLINDING_COUNTER	32
-
-struct bn_blinding_st {
-	BIGNUM *A;
-	BIGNUM *Ai;
-	BIGNUM *e;
-	BIGNUM *mod; /* just a reference */
-#ifndef OPENSSL_NO_DEPRECATED
-	unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b;
-				  * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */
-#endif
-	CRYPTO_THREADID tid;
-	int counter;
-	unsigned long flags;
-	BN_MONT_CTX *m_ctx;
-	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-};
-
-BN_BLINDING *
-BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
-{
-	BN_BLINDING *ret = NULL;
-
-	bn_check_top(mod);
-
-	if ((ret = calloc(1, sizeof(BN_BLINDING))) == NULL) {
-		BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	if (A != NULL) {
-		if ((ret->A = BN_dup(A))  == NULL)
-			goto err;
-	}
-	if (Ai != NULL) {
-		if ((ret->Ai = BN_dup(Ai)) == NULL)
-			goto err;
-	}
-
-	/* save a copy of mod in the BN_BLINDING structure */
-	if ((ret->mod = BN_dup(mod)) == NULL)
-		goto err;
-	if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
-		BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
-
-	/* Set the counter to the special value -1
-	 * to indicate that this is never-used fresh blinding
-	 * that does not need updating before first use. */
-	ret->counter = -1;
-	CRYPTO_THREADID_current(&ret->tid);
-	return (ret);
-
-err:
-	if (ret != NULL)
-		BN_BLINDING_free(ret);
-	return (NULL);
-}
-
-void
-BN_BLINDING_free(BN_BLINDING *r)
-{
-	if (r == NULL)
-		return;
-
-	BN_clear_free(r->A);
-	BN_clear_free(r->Ai);
-	BN_clear_free(r->e);
-	BN_clear_free(r->mod);
-	free(r);
-}
-
-int
-BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
-{
-	int ret = 0;
-
-	if ((b->A == NULL) || (b->Ai == NULL)) {
-		BNerr(BN_F_BN_BLINDING_UPDATE, BN_R_NOT_INITIALIZED);
-		goto err;
-	}
-
-	if (b->counter == -1)
-		b->counter = 0;
-
-	if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL &&
-	    !(b->flags & BN_BLINDING_NO_RECREATE)) {
-		/* re-create blinding parameters */
-		if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
-			goto err;
-	} else if (!(b->flags & BN_BLINDING_NO_UPDATE)) {
-		if (!BN_mod_mul(b->A, b->A, b->A, b->mod, ctx))
-			goto err;
-		if (!BN_mod_mul(b->Ai, b->Ai, b->Ai, b->mod, ctx))
-			goto err;
-	}
-
-	ret = 1;
-
-err:
-	if (b->counter == BN_BLINDING_COUNTER)
-		b->counter = 0;
-	return (ret);
-}
-
-int
-BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-{
-	return BN_BLINDING_convert_ex(n, NULL, b, ctx);
-}
-
-int
-BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
-{
-	int ret = 1;
-
-	bn_check_top(n);
-
-	if ((b->A == NULL) || (b->Ai == NULL)) {
-		BNerr(BN_F_BN_BLINDING_CONVERT_EX, BN_R_NOT_INITIALIZED);
-		return (0);
-	}
-
-	if (b->counter == -1)
-		/* Fresh blinding, doesn't need updating. */
-		b->counter = 0;
-	else if (!BN_BLINDING_update(b, ctx))
-		return (0);
-
-	if (r != NULL) {
-		if (!BN_copy(r, b->Ai))
-			ret = 0;
-	}
-
-	if (!BN_mod_mul(n, n,b->A, b->mod, ctx))
-		ret = 0;
-
-	return ret;
-}
-
-int
-BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
-{
-	return BN_BLINDING_invert_ex(n, NULL, b, ctx);
-}
-
-int
-BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
-{
-	int ret;
-
-	bn_check_top(n);
-
-	if (r != NULL)
-		ret = BN_mod_mul(n, n, r, b->mod, ctx);
-	else {
-		if (b->Ai == NULL) {
-			BNerr(BN_F_BN_BLINDING_INVERT_EX, BN_R_NOT_INITIALIZED);
-			return (0);
-		}
-		ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
-	}
-
-	bn_check_top(n);
-	return (ret);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long
-BN_BLINDING_get_thread_id(const BN_BLINDING *b)
-{
-	return b->thread_id;
-}
-
-void
-BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
-{
-	b->thread_id = n;
-}
-#endif
-
-CRYPTO_THREADID *
-BN_BLINDING_thread_id(BN_BLINDING *b)
-{
-	return &b->tid;
-}
-
-unsigned long
-BN_BLINDING_get_flags(const BN_BLINDING *b)
-{
-	return b->flags;
-}
-
-void
-BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
-{
-	b->flags = flags;
-}
-
-BN_BLINDING *
-BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m,
-    BN_CTX *ctx, int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), BN_MONT_CTX *m_ctx)
-{
-	int    retry_counter = 32;
-	BN_BLINDING *ret = NULL;
-
-	if (b == NULL)
-		ret = BN_BLINDING_new(NULL, NULL, m);
-	else
-		ret = b;
-
-	if (ret == NULL)
-		goto err;
-
-	if (ret->A  == NULL && (ret->A = BN_new()) == NULL)
-		goto err;
-	if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL)
-		goto err;
-
-	if (e != NULL) {
-		BN_free(ret->e);
-		ret->e = BN_dup(e);
-	}
-	if (ret->e == NULL)
-		goto err;
-
-	if (bn_mod_exp != NULL)
-		ret->bn_mod_exp = bn_mod_exp;
-	if (m_ctx != NULL)
-		ret->m_ctx = m_ctx;
-
-	do {
-		if (!BN_rand_range(ret->A, ret->mod))
-			goto err;
-		if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) {
-			/* this should almost never happen for good RSA keys */
-			unsigned long error = ERR_peek_last_error();
-			if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
-				if (retry_counter-- == 0) {
-					BNerr(BN_F_BN_BLINDING_CREATE_PARAM,
-					    BN_R_TOO_MANY_ITERATIONS);
-					goto err;
-				}
-				ERR_clear_error();
-			} else
-				goto err;
-		} else
-			break;
-	} while (1);
-
-	if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) {
-		if (!ret->bn_mod_exp(ret->A, ret->A, ret->e, ret->mod,
-		    ctx, ret->m_ctx))
-			goto err;
-	} else {
-		if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx))
-			goto err;
-	}
-
-	return ret;
-
-err:
-	if (b == NULL && ret != NULL) {
-		BN_BLINDING_free(ret);
-		ret = NULL;
-	}
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_const.c b/lib/libssl/src/crypto/bn/bn_const.c
deleted file mode 100644
index 4be9f4f7911..00000000000
--- a/lib/libssl/src/crypto/bn/bn_const.c
+++ /dev/null
@@ -1,409 +0,0 @@
-/* $OpenBSD: bn_const.c,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */
-/* Insert boilerplate */
-
-#include <openssl/bn.h>
-
-/* "First Oakley Default Group" from RFC2409, section 6.1.
- *
- * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
- *
- * RFC2409 specifies a generator of 2.
- * RFC2412 specifies a generator of of 22.
- */
-
-BIGNUM *
-get_rfc2409_prime_768(BIGNUM *bn)
-{
-	static const unsigned char RFC2409_PRIME_768[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x3A, 0x36, 0x20, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
-}
-
-/* "Second Oakley Default Group" from RFC2409, section 6.2.
- *
- * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
- *
- * RFC2409 specifies a generator of 2.
- * RFC2412 specifies a generator of 22.
- */
-
-BIGNUM *
-get_rfc2409_prime_1024(BIGNUM *bn)
-{
-	static const unsigned char RFC2409_PRIME_1024[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
-}
-
-/* "1536-bit MODP Group" from RFC3526, Section 2.
- *
- * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
- *
- * RFC3526 specifies a generator of 2.
- * RFC2312 specifies a generator of 22.
- */
-
-BIGNUM *
-get_rfc3526_prime_1536(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_1536[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x23, 0x73, 0x27, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
-}
-
-/* "2048-bit MODP Group" from RFC3526, Section 3.
- *
- * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *
-get_rfc3526_prime_2048(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_2048[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-		0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-		0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-		0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-		0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
-}
-
-/* "3072-bit MODP Group" from RFC3526, Section 4.
- *
- * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *
-get_rfc3526_prime_3072(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_3072[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-		0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-		0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-		0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-		0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
-		0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-		0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
-		0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-		0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
-		0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-		0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
-		0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-		0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
-		0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-		0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
-		0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
-}
-
-/* "4096-bit MODP Group" from RFC3526, Section 5.
- *
- * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *
-get_rfc3526_prime_4096(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_4096[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-		0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-		0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-		0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-		0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
-		0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-		0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
-		0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-		0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
-		0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-		0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
-		0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-		0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
-		0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-		0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
-		0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-		0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
-		0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-		0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
-		0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-		0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
-		0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-		0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
-		0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-		0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
-		0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
-}
-
-/* "6144-bit MODP Group" from RFC3526, Section 6.
- *
- * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *
-get_rfc3526_prime_6144(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_6144[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-		0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-		0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-		0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-		0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
-		0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-		0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
-		0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-		0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
-		0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-		0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
-		0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-		0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
-		0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-		0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
-		0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-		0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
-		0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-		0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
-		0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-		0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
-		0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-		0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
-		0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-		0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
-		0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
-		0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
-		0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
-		0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
-		0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
-		0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
-		0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
-		0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
-		0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
-		0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
-		0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
-		0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
-		0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
-		0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
-		0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
-		0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
-		0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
-		0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
-		0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
-		0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
-		0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
-		0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
-		0x6D, 0xCC, 0x40, 0x24, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
-}
-
-/* "8192-bit MODP Group" from RFC3526, Section 7.
- *
- * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
- *
- * RFC3526 specifies a generator of 2.
- */
-
-BIGNUM *
-get_rfc3526_prime_8192(BIGNUM *bn)
-{
-	static const unsigned char RFC3526_PRIME_8192[] = {
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
-		0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
-		0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
-		0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
-		0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
-		0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
-		0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
-		0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
-		0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
-		0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
-		0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
-		0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
-		0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
-		0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
-		0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
-		0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
-		0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
-		0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
-		0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
-		0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
-		0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
-		0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
-		0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
-		0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
-		0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
-		0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
-		0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
-		0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
-		0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
-		0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
-		0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
-		0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
-		0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18,
-		0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
-		0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB,
-		0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
-		0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F,
-		0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
-		0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76,
-		0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
-		0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC,
-		0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
-		0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26, 0xC1, 0xD4, 0xDC, 0xB2,
-		0x60, 0x26, 0x46, 0xDE, 0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
-		0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E, 0xE5, 0xDB, 0x38, 0x2F,
-		0x41, 0x30, 0x01, 0xAE, 0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
-		0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18, 0xDA, 0x3E, 0xDB, 0xEB,
-		0xCF, 0x9B, 0x14, 0xED, 0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
-		0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B, 0x33, 0x20, 0x51, 0x51,
-		0x2B, 0xD7, 0xAF, 0x42, 0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
-		0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC, 0xF0, 0x32, 0xEA, 0x15,
-		0xD1, 0x72, 0x1D, 0x03, 0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
-		0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82, 0xB5, 0xA8, 0x40, 0x31,
-		0x90, 0x0B, 0x1C, 0x9E, 0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
-		0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE, 0x0F, 0x1D, 0x45, 0xB7,
-		0xFF, 0x58, 0x5A, 0xC5, 0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
-		0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8, 0x14, 0xCC, 0x5E, 0xD2,
-		0x0F, 0x80, 0x37, 0xE0, 0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
-		0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76, 0xF5, 0x50, 0xAA, 0x3D,
-		0x8A, 0x1F, 0xBF, 0xF0, 0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
-		0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32, 0x38, 0x7F, 0xE8, 0xD7,
-		0x6E, 0x3C, 0x04, 0x68, 0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
-		0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6, 0xE6, 0x94, 0xF9, 0x1E,
-		0x6D, 0xBE, 0x11, 0x59, 0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
-		0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C, 0xD8, 0xBE, 0xC4, 0xD0,
-		0x73, 0xB9, 0x31, 0xBA, 0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
-		0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED, 0x25, 0x76, 0xF6, 0x93,
-		0x6B, 0xA4, 0x24, 0x66, 0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
-		0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78, 0x23, 0x8F, 0x16, 0xCB,
-		0xE3, 0x9D, 0x65, 0x2D, 0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
-		0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07, 0x13, 0xEB, 0x57, 0xA8,
-		0x1A, 0x23, 0xF0, 0xC7, 0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
-		0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD, 0xFA, 0x9D, 0x4B, 0x7F,
-		0xA2, 0xC0, 0x87, 0xE8, 0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
-		0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6, 0x6D, 0x2A, 0x13, 0xF8,
-		0x3F, 0x44, 0xF8, 0x2D, 0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
-		0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1, 0x64, 0xF3, 0x1C, 0xC5,
-		0x08, 0x46, 0x85, 0x1D, 0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
-		0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73, 0xFA, 0xF3, 0x6B, 0xC3,
-		0x1E, 0xCF, 0xA2, 0x68, 0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
-		0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7, 0x88, 0x9A, 0x00, 0x2E,
-		0xD5, 0xEE, 0x38, 0x2B, 0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
-		0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA, 0x9E, 0x30, 0x50, 0xE2,
-		0x76, 0x56, 0x94, 0xDF, 0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
-		0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF,
-	};
-	return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_ctx.c b/lib/libssl/src/crypto/bn/bn_ctx.c
deleted file mode 100644
index eb2d6a43b38..00000000000
--- a/lib/libssl/src/crypto/bn/bn_ctx.c
+++ /dev/null
@@ -1,478 +0,0 @@
-/* $OpenBSD: bn_ctx.c,v 1.14 2015/02/10 09:50:12 miod Exp $ */
-/* Written by Ulf Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
-#ifndef NDEBUG
-#define NDEBUG
-#endif
-#endif
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-/* TODO list
- *
- * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
- * check they can be safely removed.
- *  - Check +1 and other ugliness in BN_from_montgomery()
- *
- * 2. Consider allowing a BN_new_ex() that, at least, lets you specify an
- * appropriate 'block' size that will be honoured by bn_expand_internal() to
- * prevent piddly little reallocations. OTOH, profiling bignum expansions in
- * BN_CTX doesn't show this to be a big issue.
- */
-
-/* How many bignums are in each "pool item"; */
-#define BN_CTX_POOL_SIZE	16
-/* The stack frame info is resizing, set a first-time expansion size; */
-#define BN_CTX_START_FRAMES	32
-
-/***********/
-/* BN_POOL */
-/***********/
-
-/* A bundle of bignums that can be linked with other bundles */
-typedef struct bignum_pool_item {
-	/* The bignum values */
-	BIGNUM vals[BN_CTX_POOL_SIZE];
-	/* Linked-list admin */
-	struct bignum_pool_item *prev, *next;
-} BN_POOL_ITEM;
-
-/* A linked-list of bignums grouped in bundles */
-typedef struct bignum_pool {
-	/* Linked-list admin */
-	BN_POOL_ITEM *head, *current, *tail;
-	/* Stack depth and allocation size */
-	unsigned used, size;
-} BN_POOL;
-
-static void		BN_POOL_init(BN_POOL *);
-static void		BN_POOL_finish(BN_POOL *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void		BN_POOL_reset(BN_POOL *);
-#endif
-static BIGNUM *		BN_POOL_get(BN_POOL *);
-static void		BN_POOL_release(BN_POOL *, unsigned int);
-
-/************/
-/* BN_STACK */
-/************/
-
-/* A wrapper to manage the "stack frames" */
-typedef struct bignum_ctx_stack {
-	/* Array of indexes into the bignum stack */
-	unsigned int *indexes;
-	/* Number of stack frames, and the size of the allocated array */
-	unsigned int depth, size;
-} BN_STACK;
-
-static void		BN_STACK_init(BN_STACK *);
-static void		BN_STACK_finish(BN_STACK *);
-#ifndef OPENSSL_NO_DEPRECATED
-static void		BN_STACK_reset(BN_STACK *);
-#endif
-static int		BN_STACK_push(BN_STACK *, unsigned int);
-static unsigned int	BN_STACK_pop(BN_STACK *);
-
-/**********/
-/* BN_CTX */
-/**********/
-
-/* The opaque BN_CTX type */
-struct bignum_ctx {
-	/* The bignum bundles */
-	BN_POOL pool;
-	/* The "stack frames", if you will */
-	BN_STACK stack;
-	/* The number of bignums currently assigned */
-	unsigned int used;
-	/* Depth of stack overflow */
-	int err_stack;
-	/* Block "gets" until an "end" (compatibility behaviour) */
-	int too_many;
-};
-
-/* Enable this to find BN_CTX bugs */
-#ifdef BN_CTX_DEBUG
-static const char *ctxdbg_cur = NULL;
-
-static void
-ctxdbg(BN_CTX *ctx)
-{
-	unsigned int bnidx = 0, fpidx = 0;
-	BN_POOL_ITEM *item = ctx->pool.head;
-	BN_STACK *stack = &ctx->stack;
-
-	fprintf(stderr, "(%08x): ", (unsigned int)ctx);
-	while (bnidx < ctx->used) {
-		fprintf(stderr, "%03x ",
-		    item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
-		if (!(bnidx % BN_CTX_POOL_SIZE))
-			item = item->next;
-	}
-	fprintf(stderr, "\n");
-	bnidx = 0;
-	fprintf(stderr, "          : ");
-	while (fpidx < stack->depth) {
-		while (bnidx++ < stack->indexes[fpidx])
-			fprintf(stderr, "    ");
-		fprintf(stderr, "^^^ ");
-		bnidx++;
-		fpidx++;
-	}
-	fprintf(stderr, "\n");
-}
-#define CTXDBG_ENTRY(str, ctx) \
-	do { \
-		ctxdbg_cur = (str); \
-		fprintf(stderr, "Starting %s\n", ctxdbg_cur); \
-		ctxdbg(ctx); \
-	} while(0)
-
-#define CTXDBG_EXIT(ctx) \
-	do { \
-		fprintf(stderr, "Ending %s\n", ctxdbg_cur); \
-		ctxdbg(ctx); \
-	} while(0)
-
-#define CTXDBG_RET(ctx,ret)
-#else
-#define CTXDBG_ENTRY(str, ctx)
-#define CTXDBG_EXIT(ctx)
-#define CTXDBG_RET(ctx,ret)
-#endif
-
-/* This function is an evil legacy and should not be used. This implementation
- * is WYSIWYG, though I've done my best. */
-#ifndef OPENSSL_NO_DEPRECATED
-void
-BN_CTX_init(BN_CTX *ctx)
-{
-	/* Assume the caller obtained the context via BN_CTX_new() and so is
-	 * trying to reset it for use. Nothing else makes sense, least of all
-	 * binary compatibility from a time when they could declare a static
-	 * variable. */
-	BN_POOL_reset(&ctx->pool);
-	BN_STACK_reset(&ctx->stack);
-	ctx->used = 0;
-	ctx->err_stack = 0;
-	ctx->too_many = 0;
-}
-#endif
-
-BN_CTX *
-BN_CTX_new(void)
-{
-	BN_CTX *ret = malloc(sizeof(BN_CTX));
-	if (!ret) {
-		BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	/* Initialise the structure */
-	BN_POOL_init(&ret->pool);
-	BN_STACK_init(&ret->stack);
-	ret->used = 0;
-	ret->err_stack = 0;
-	ret->too_many = 0;
-	return ret;
-}
-
-void
-BN_CTX_free(BN_CTX *ctx)
-{
-	if (ctx == NULL)
-		return;
-#ifdef BN_CTX_DEBUG
-	{
-		BN_POOL_ITEM *pool = ctx->pool.head;
-		fprintf(stderr, "BN_CTX_free, stack-size=%d, pool-bignums=%d\n",
-		    ctx->stack.size, ctx->pool.size);
-		fprintf(stderr, "dmaxs: ");
-		while (pool) {
-			unsigned loop = 0;
-			while (loop < BN_CTX_POOL_SIZE)
-				fprintf(stderr, "%02x ",
-				    pool->vals[loop++].dmax);
-			pool = pool->next;
-		}
-		fprintf(stderr, "\n");
-	}
-#endif
-	BN_STACK_finish(&ctx->stack);
-	BN_POOL_finish(&ctx->pool);
-	free(ctx);
-}
-
-void
-BN_CTX_start(BN_CTX *ctx)
-{
-	CTXDBG_ENTRY("BN_CTX_start", ctx);
-
-	/* If we're already overflowing ... */
-	if (ctx->err_stack || ctx->too_many)
-		ctx->err_stack++;
-	/* (Try to) get a new frame pointer */
-	else if (!BN_STACK_push(&ctx->stack, ctx->used)) {
-		BNerr(BN_F_BN_CTX_START, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-		ctx->err_stack++;
-	}
-	CTXDBG_EXIT(ctx);
-}
-
-void
-BN_CTX_end(BN_CTX *ctx)
-{
-	CTXDBG_ENTRY("BN_CTX_end", ctx);
-
-	if (ctx->err_stack)
-		ctx->err_stack--;
-	else {
-		unsigned int fp = BN_STACK_pop(&ctx->stack);
-		/* Does this stack frame have anything to release? */
-		if (fp < ctx->used)
-			BN_POOL_release(&ctx->pool, ctx->used - fp);
-		ctx->used = fp;
-		/* Unjam "too_many" in case "get" had failed */
-		ctx->too_many = 0;
-	}
-	CTXDBG_EXIT(ctx);
-}
-
-BIGNUM *
-BN_CTX_get(BN_CTX *ctx)
-{
-	BIGNUM *ret;
-
-	CTXDBG_ENTRY("BN_CTX_get", ctx);
-
-	if (ctx->err_stack || ctx->too_many)
-		return NULL;
-	if ((ret = BN_POOL_get(&ctx->pool)) == NULL) {
-		/* Setting too_many prevents repeated "get" attempts from
-		 * cluttering the error stack. */
-		ctx->too_many = 1;
-		BNerr(BN_F_BN_CTX_GET, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-		return NULL;
-	}
-	/* OK, make sure the returned bignum is "zero" */
-	BN_zero(ret);
-	ctx->used++;
-	CTXDBG_RET(ctx, ret);
-	return ret;
-}
-
-/************/
-/* BN_STACK */
-/************/
-
-static void
-BN_STACK_init(BN_STACK *st)
-{
-	st->indexes = NULL;
-	st->depth = st->size = 0;
-}
-
-static void
-BN_STACK_finish(BN_STACK *st)
-{
-	if (st->size)
-		free(st->indexes);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-static void
-BN_STACK_reset(BN_STACK *st)
-{
-	st->depth = 0;
-}
-#endif
-
-static int
-BN_STACK_push(BN_STACK *st, unsigned int idx)
-{
-	if (st->depth == st->size)
-		/* Need to expand */
-	{
-		unsigned int newsize = (st->size ?
-		    (st->size * 3 / 2) : BN_CTX_START_FRAMES);
-		unsigned int *newitems = reallocarray(NULL,
-		    newsize, sizeof(unsigned int));
-		if (!newitems)
-			return 0;
-		if (st->depth)
-			memcpy(newitems, st->indexes, st->depth *
-			    sizeof(unsigned int));
-		if (st->size)
-			free(st->indexes);
-		st->indexes = newitems;
-		st->size = newsize;
-	}
-	st->indexes[(st->depth)++] = idx;
-	return 1;
-}
-
-static unsigned int
-BN_STACK_pop(BN_STACK *st)
-{
-	return st->indexes[--(st->depth)];
-}
-
-/***********/
-/* BN_POOL */
-/***********/
-
-static void
-BN_POOL_init(BN_POOL *p)
-{
-	p->head = p->current = p->tail = NULL;
-	p->used = p->size = 0;
-}
-
-static void
-BN_POOL_finish(BN_POOL *p)
-{
-	while (p->head) {
-		unsigned int loop = 0;
-		BIGNUM *bn = p->head->vals;
-		while (loop++ < BN_CTX_POOL_SIZE) {
-			if (bn->d)
-				BN_clear_free(bn);
-			bn++;
-		}
-		p->current = p->head->next;
-		free(p->head);
-		p->head = p->current;
-	}
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-static void
-BN_POOL_reset(BN_POOL *p)
-{
-	BN_POOL_ITEM *item = p->head;
-	while (item) {
-		unsigned int loop = 0;
-		BIGNUM *bn = item->vals;
-		while (loop++ < BN_CTX_POOL_SIZE) {
-			if (bn->d)
-				BN_clear(bn);
-			bn++;
-		}
-		item = item->next;
-	}
-	p->current = p->head;
-	p->used = 0;
-}
-#endif
-
-static BIGNUM *
-BN_POOL_get(BN_POOL *p)
-{
-	if (p->used == p->size) {
-		BIGNUM *bn;
-		unsigned int loop = 0;
-		BN_POOL_ITEM *item = malloc(sizeof(BN_POOL_ITEM));
-		if (!item)
-			return NULL;
-		/* Initialise the structure */
-		bn = item->vals;
-		while (loop++ < BN_CTX_POOL_SIZE)
-			BN_init(bn++);
-		item->prev = p->tail;
-		item->next = NULL;
-		/* Link it in */
-		if (!p->head)
-			p->head = p->current = p->tail = item;
-		else {
-			p->tail->next = item;
-			p->tail = item;
-			p->current = item;
-		}
-		p->size += BN_CTX_POOL_SIZE;
-		p->used++;
-		/* Return the first bignum from the new pool */
-		return item->vals;
-	}
-	if (!p->used)
-		p->current = p->head;
-	else if ((p->used % BN_CTX_POOL_SIZE) == 0)
-		p->current = p->current->next;
-	return p->current->vals + ((p->used++) % BN_CTX_POOL_SIZE);
-}
-
-static void
-BN_POOL_release(BN_POOL *p, unsigned int num)
-{
-	unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE;
-
-	p->used -= num;
-	while (num--) {
-		bn_check_top(p->current->vals + offset);
-		if (!offset) {
-			offset = BN_CTX_POOL_SIZE - 1;
-			p->current = p->current->prev;
-		} else
-			offset--;
-	}
-}
diff --git a/lib/libssl/src/crypto/bn/bn_depr.c b/lib/libssl/src/crypto/bn/bn_depr.c
deleted file mode 100644
index dc5c2abee0c..00000000000
--- a/lib/libssl/src/crypto/bn/bn_depr.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: bn_depr.c,v 1.7 2014/10/18 17:20:40 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Support for deprecated functions goes here - static linkage will only slurp
- * this code if applications are using them directly. */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#include "bn_lcl.h"
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *
-BN_generate_prime(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
-    const BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg)
-{
-	BN_GENCB cb;
-	BIGNUM *rnd = NULL;
-	int found = 0;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-
-	if (ret == NULL) {
-		if ((rnd = BN_new()) == NULL)
-			goto err;
-	} else
-		rnd = ret;
-	if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb))
-		goto err;
-
-	/* we have a prime :-) */
-	found = 1;
-
-err:
-	if (!found && (ret == NULL) && (rnd != NULL))
-		BN_free(rnd);
-	return (found ? rnd : NULL);
-}
-
-int
-BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, void *),
-    BN_CTX *ctx_passed, void *cb_arg)
-{
-	BN_GENCB cb;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-	return BN_is_prime_ex(a, checks, ctx_passed, &cb);
-}
-
-int
-BN_is_prime_fasttest(const BIGNUM *a, int checks,
-    void (*callback)(int, int, void *), BN_CTX *ctx_passed, void *cb_arg,
-    int do_trial_division)
-{
-	BN_GENCB cb;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-	return BN_is_prime_fasttest_ex(a, checks, ctx_passed,
-	    do_trial_division, &cb);
-}
-#endif
diff --git a/lib/libssl/src/crypto/bn/bn_div.c b/lib/libssl/src/crypto/bn/bn_div.c
deleted file mode 100644
index fefc53f9fad..00000000000
--- a/lib/libssl/src/crypto/bn/bn_div.c
+++ /dev/null
@@ -1,381 +0,0 @@
-/* $OpenBSD: bn_div.c,v 1.23 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) \
-    && !defined(BN_DIV3W)
-# if defined(__GNUC__) && __GNUC__>=2
-#  if defined(__i386) || defined (__i386__)
-   /*
-    * There were two reasons for implementing this template:
-    * - GNU C generates a call to a function (__udivdi3 to be exact)
-    *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
-    *   understand why...);
-    * - divl doesn't only calculate quotient, but also leaves
-    *   remainder in %edx which we can definitely use here:-)
-    *
-    *					<appro@fy.chalmers.se>
-    */
-#undef bn_div_words
-#  define bn_div_words(n0,n1,d0)		\
-	({  asm volatile (			\
-		"divl	%4"			\
-		: "=a"(q), "=d"(rem)		\
-		: "a"(n1), "d"(n0), "g"(d0)	\
-		: "cc");			\
-	    q;					\
-	})
-#  define REMAINDER_IS_ALREADY_CALCULATED
-#  elif defined(__x86_64)
-   /*
-    * Same story here, but it's 128-bit by 64-bit division. Wow!
-    *					<appro@fy.chalmers.se>
-    */
-#  undef bn_div_words
-#  define bn_div_words(n0,n1,d0)		\
-	({  asm volatile (			\
-		"divq	%4"			\
-		: "=a"(q), "=d"(rem)		\
-		: "a"(n1), "d"(n0), "g"(d0)	\
-		: "cc");			\
-	    q;					\
-	})
-#  define REMAINDER_IS_ALREADY_CALCULATED
-#  endif /* __<cpu> */
-# endif /* __GNUC__ */
-#endif /* OPENSSL_NO_ASM */
-
-
-/* BN_div computes  dv := num / divisor,  rounding towards
- * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
- * Thus:
- *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
- *     rm->neg == num->neg                 (unless the remainder is zero)
- * If 'dv' or 'rm' is NULL, the respective value is not returned.
- */
-int
-BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
-    BN_CTX *ctx)
-{
-	int norm_shift, i, loop;
-	BIGNUM *tmp, wnum, *snum, *sdiv, *res;
-	BN_ULONG *resp, *wnump;
-	BN_ULONG d0, d1;
-	int num_n, div_n;
-	int no_branch = 0;
-
-	/* Invalid zero-padding would have particularly bad consequences
-	 * in the case of 'num', so don't just rely on bn_check_top() for this one
-	 * (bn_check_top() works only for BN_DEBUG builds) */
-	if (num->top > 0 && num->d[num->top - 1] == 0) {
-		BNerr(BN_F_BN_DIV, BN_R_NOT_INITIALIZED);
-		return 0;
-	}
-
-	bn_check_top(num);
-
-	if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0) ||
-	    (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) {
-		no_branch = 1;
-	}
-
-	bn_check_top(dv);
-	bn_check_top(rm);
-	/* bn_check_top(num); */ /* 'num' has been checked already */
-	bn_check_top(divisor);
-
-	if (BN_is_zero(divisor)) {
-		BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
-		return (0);
-	}
-
-	if (!no_branch && BN_ucmp(num, divisor) < 0) {
-		if (rm != NULL) {
-			if (BN_copy(rm, num) == NULL)
-				return (0);
-		}
-		if (dv != NULL)
-			BN_zero(dv);
-		return (1);
-	}
-
-	BN_CTX_start(ctx);
-	tmp = BN_CTX_get(ctx);
-	snum = BN_CTX_get(ctx);
-	sdiv = BN_CTX_get(ctx);
-	if (dv == NULL)
-		res = BN_CTX_get(ctx);
-	else
-		res = dv;
-	if (tmp == NULL || snum == NULL || sdiv == NULL || res == NULL)
-		goto err;
-
-	/* First we normalise the numbers */
-	norm_shift = BN_BITS2 - ((BN_num_bits(divisor)) % BN_BITS2);
-	if (!(BN_lshift(sdiv, divisor, norm_shift)))
-		goto err;
-	sdiv->neg = 0;
-	norm_shift += BN_BITS2;
-	if (!(BN_lshift(snum, num, norm_shift)))
-		goto err;
-	snum->neg = 0;
-
-	if (no_branch) {
-		/* Since we don't know whether snum is larger than sdiv,
-		 * we pad snum with enough zeroes without changing its
-		 * value.
-		 */
-		if (snum->top <= sdiv->top + 1) {
-			if (bn_wexpand(snum, sdiv->top + 2) == NULL)
-				goto err;
-			for (i = snum->top; i < sdiv->top + 2; i++)
-				snum->d[i] = 0;
-			snum->top = sdiv->top + 2;
-		} else {
-			if (bn_wexpand(snum, snum->top + 1) == NULL)
-				goto err;
-			snum->d[snum->top] = 0;
-			snum->top ++;
-		}
-	}
-
-	div_n = sdiv->top;
-	num_n = snum->top;
-	loop = num_n - div_n;
-	/* Lets setup a 'window' into snum
-	 * This is the part that corresponds to the current
-	 * 'area' being divided */
-	wnum.neg = 0;
-	wnum.d = &(snum->d[loop]);
-	wnum.top = div_n;
-	/* only needed when BN_ucmp messes up the values between top and max */
-	wnum.dmax  = snum->dmax - loop; /* so we don't step out of bounds */
-	wnum.flags = snum->flags | BN_FLG_STATIC_DATA;
-
-	/* Get the top 2 words of sdiv */
-	/* div_n=sdiv->top; */
-	d0 = sdiv->d[div_n - 1];
-	d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
-
-	/* pointer to the 'top' of snum */
-	wnump = &(snum->d[num_n - 1]);
-
-	/* Setup to 'res' */
-	res->neg = (num->neg ^ divisor->neg);
-	if (!bn_wexpand(res, (loop + 1)))
-		goto err;
-	res->top = loop - no_branch;
-	resp = &(res->d[loop - 1]);
-
-	/* space for temp */
-	if (!bn_wexpand(tmp, (div_n + 1)))
-		goto err;
-
-	if (!no_branch) {
-		if (BN_ucmp(&wnum, sdiv) >= 0) {
-			/* If BN_DEBUG_RAND is defined BN_ucmp changes (via
-			 * bn_pollute) the const bignum arguments =>
-			 * clean the values between top and max again */
-			bn_clear_top2max(&wnum);
-			bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
-			*resp = 1;
-		} else
-			res->top--;
-	}
-
-	/* if res->top == 0 then clear the neg value otherwise decrease
-	 * the resp pointer */
-	if (res->top == 0)
-		res->neg = 0;
-	else
-		resp--;
-
-	for (i = 0; i < loop - 1; i++, wnump--, resp--) {
-		BN_ULONG q, l0;
-		/* the first part of the loop uses the top two words of
-		 * snum and sdiv to calculate a BN_ULONG q such that
-		 * | wnum - sdiv * q | < sdiv */
-#if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
-		BN_ULONG bn_div_3_words(BN_ULONG*, BN_ULONG, BN_ULONG);
-		q = bn_div_3_words(wnump, d1, d0);
-#else
-		BN_ULONG n0, n1, rem = 0;
-
-		n0 = wnump[0];
-		n1 = wnump[-1];
-		if (n0 == d0)
-			q = BN_MASK2;
-		else 			/* n0 < d0 */
-		{
-#ifdef BN_LLONG
-			BN_ULLONG t2;
-
-#if defined(BN_DIV2W) && !defined(bn_div_words)
-			q = (BN_ULONG)(((((BN_ULLONG)n0) << BN_BITS2)|n1)/d0);
-#else
-			q = bn_div_words(n0, n1, d0);
-#endif
-
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
-			/*
-			 * rem doesn't have to be BN_ULLONG. The least we
-			 * know it's less that d0, isn't it?
-			 */
-			rem = (n1 - q * d0) & BN_MASK2;
-#endif
-			t2 = (BN_ULLONG)d1*q;
-
-			for (;;) {
-				if (t2 <= ((((BN_ULLONG)rem) << BN_BITS2) |
-				    wnump[-2]))
-					break;
-				q--;
-				rem += d0;
-				if (rem < d0) break; /* don't let rem overflow */
-					t2 -= d1;
-			}
-#else /* !BN_LLONG */
-			BN_ULONG t2l, t2h;
-
-			q = bn_div_words(n0, n1, d0);
-#ifndef REMAINDER_IS_ALREADY_CALCULATED
-			rem = (n1 - q*d0)&BN_MASK2;
-#endif
-
-#if defined(BN_UMULT_LOHI)
-			BN_UMULT_LOHI(t2l, t2h, d1, q);
-#elif defined(BN_UMULT_HIGH)
-			t2l = d1 * q;
-			t2h = BN_UMULT_HIGH(d1, q);
-#else
-			{
-				BN_ULONG ql, qh;
-				t2l = LBITS(d1);
-				t2h = HBITS(d1);
-				ql = LBITS(q);
-				qh = HBITS(q);
-				mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
-			}
-#endif
-
-			for (;;) {
-				if ((t2h < rem) ||
-				    ((t2h == rem) && (t2l <= wnump[-2])))
-					break;
-				q--;
-				rem += d0;
-				if (rem < d0)
-					break; /* don't let rem overflow */
-				if (t2l < d1)
-					t2h--;
-				t2l -= d1;
-			}
-#endif /* !BN_LLONG */
-		}
-#endif /* !BN_DIV3W */
-
-		l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q);
-		tmp->d[div_n] = l0;
-		wnum.d--;
-		/* ingore top values of the bignums just sub the two
-		 * BN_ULONG arrays with bn_sub_words */
-		if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) {
-			/* Note: As we have considered only the leading
-			 * two BN_ULONGs in the calculation of q, sdiv * q
-			 * might be greater than wnum (but then (q-1) * sdiv
-			 * is less or equal than wnum)
-			 */
-			q--;
-			if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
-				/* we can't have an overflow here (assuming
-				 * that q != 0, but if q == 0 then tmp is
-				 * zero anyway) */
-				(*wnump)++;
-		}
-		/* store part of the result */
-		*resp = q;
-	}
-	bn_correct_top(snum);
-	if (rm != NULL) {
-		/* Keep a copy of the neg flag in num because if rm==num
-		 * BN_rshift() will overwrite it.
-		 */
-		int neg = num->neg;
-		BN_rshift(rm, snum, norm_shift);
-		if (!BN_is_zero(rm))
-			rm->neg = neg;
-		bn_check_top(rm);
-	}
-	if (no_branch)
-		bn_correct_top(res);
-	BN_CTX_end(ctx);
-	return (1);
-
-err:
-	bn_check_top(rm);
-	BN_CTX_end(ctx);
-	return (0);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_err.c b/lib/libssl/src/crypto/bn/bn_err.c
deleted file mode 100644
index 149e58eafcb..00000000000
--- a/lib/libssl/src/crypto/bn/bn_err.c
+++ /dev/null
@@ -1,152 +0,0 @@
-/* $OpenBSD: bn_err.c,v 1.13 2015/10/21 19:02:22 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
-
-static ERR_STRING_DATA BN_str_functs[]= {
-	{ERR_FUNC(BN_F_BNRAND),	"BNRAND"},
-	{ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX),	"BN_BLINDING_convert_ex"},
-	{ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM),	"BN_BLINDING_create_param"},
-	{ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX),	"BN_BLINDING_invert_ex"},
-	{ERR_FUNC(BN_F_BN_BLINDING_NEW),	"BN_BLINDING_new"},
-	{ERR_FUNC(BN_F_BN_BLINDING_UPDATE),	"BN_BLINDING_update"},
-	{ERR_FUNC(BN_F_BN_BN2DEC),	"BN_bn2dec"},
-	{ERR_FUNC(BN_F_BN_BN2HEX),	"BN_bn2hex"},
-	{ERR_FUNC(BN_F_BN_CTX_GET),	"BN_CTX_get"},
-	{ERR_FUNC(BN_F_BN_CTX_NEW),	"BN_CTX_new"},
-	{ERR_FUNC(BN_F_BN_CTX_START),	"BN_CTX_start"},
-	{ERR_FUNC(BN_F_BN_DIV),	"BN_div"},
-	{ERR_FUNC(BN_F_BN_DIV_NO_BRANCH),	"BN_div_no_branch"},
-	{ERR_FUNC(BN_F_BN_DIV_RECP),	"BN_div_recp"},
-	{ERR_FUNC(BN_F_BN_EXP),	"BN_exp"},
-	{ERR_FUNC(BN_F_BN_EXPAND2),	"bn_expand2"},
-	{ERR_FUNC(BN_F_BN_EXPAND_INTERNAL),	"BN_EXPAND_INTERNAL"},
-	{ERR_FUNC(BN_F_BN_GENERATE_PRIME_EX),	"BN_generate_prime_ex"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD),	"BN_GF2m_mod"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_EXP),	"BN_GF2m_mod_exp"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_MUL),	"BN_GF2m_mod_mul"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD),	"BN_GF2m_mod_solve_quad"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR),	"BN_GF2m_mod_solve_quad_arr"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_SQR),	"BN_GF2m_mod_sqr"},
-	{ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT),	"BN_GF2m_mod_sqrt"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP2_MONT),	"BN_mod_exp2_mont"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP_MONT),	"BN_mod_exp_mont"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME),	"BN_mod_exp_mont_consttime"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD),	"BN_mod_exp_mont_word"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP_RECP),	"BN_mod_exp_recp"},
-	{ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE),	"BN_mod_exp_simple"},
-	{ERR_FUNC(BN_F_BN_MOD_INVERSE),	"BN_mod_inverse"},
-	{ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH),	"BN_mod_inverse_no_branch"},
-	{ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK),	"BN_mod_lshift_quick"},
-	{ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL),	"BN_mod_mul_reciprocal"},
-	{ERR_FUNC(BN_F_BN_MOD_SQRT),	"BN_mod_sqrt"},
-	{ERR_FUNC(BN_F_BN_MPI2BN),	"BN_mpi2bn"},
-	{ERR_FUNC(BN_F_BN_NEW),	"BN_new"},
-	{ERR_FUNC(BN_F_BN_RAND),	"BN_rand"},
-	{ERR_FUNC(BN_F_BN_RAND_RANGE),	"BN_rand_range"},
-	{ERR_FUNC(BN_F_BN_USUB),	"BN_usub"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA BN_str_reasons[]= {
-	{ERR_REASON(BN_R_ARG2_LT_ARG3)           , "arg2 lt arg3"},
-	{ERR_REASON(BN_R_BAD_RECIPROCAL)         , "bad reciprocal"},
-	{ERR_REASON(BN_R_BIGNUM_TOO_LONG)        , "bignum too long"},
-	{ERR_REASON(BN_R_BITS_TOO_SMALL)         , "bits too small"},
-	{ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
-	{ERR_REASON(BN_R_DIV_BY_ZERO)            , "div by zero"},
-	{ERR_REASON(BN_R_ENCODING_ERROR)         , "encoding error"},
-	{ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA), "expand on static bignum data"},
-	{ERR_REASON(BN_R_INPUT_NOT_REDUCED)      , "input not reduced"},
-	{ERR_REASON(BN_R_INVALID_LENGTH)         , "invalid length"},
-	{ERR_REASON(BN_R_INVALID_RANGE)          , "invalid range"},
-	{ERR_REASON(BN_R_NOT_A_SQUARE)           , "not a square"},
-	{ERR_REASON(BN_R_NOT_INITIALIZED)        , "not initialized"},
-	{ERR_REASON(BN_R_NO_INVERSE)             , "no inverse"},
-	{ERR_REASON(BN_R_NO_SOLUTION)            , "no solution"},
-	{ERR_REASON(BN_R_P_IS_NOT_PRIME)         , "p is not prime"},
-	{ERR_REASON(BN_R_TOO_MANY_ITERATIONS)    , "too many iterations"},
-	{ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES), "too many temporary variables"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_BN_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(BN_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, BN_str_functs);
-		ERR_load_strings(0, BN_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/bn/bn_exp.c b/lib/libssl/src/crypto/bn/bn_exp.c
deleted file mode 100644
index c4ca36d1365..00000000000
--- a/lib/libssl/src/crypto/bn/bn_exp.c
+++ /dev/null
@@ -1,1097 +0,0 @@
-/* $OpenBSD: bn_exp.c,v 1.23 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-/* maximum precomputation table size for *variable* sliding windows */
-#define TABLE_SIZE	32
-
-/* this one works - simple but works */
-int
-BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-	int i, bits, ret = 0;
-	BIGNUM *v, *rr;
-
-	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-		BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return -1;
-	}
-
-	BN_CTX_start(ctx);
-	if ((r == a) || (r == p))
-		rr = BN_CTX_get(ctx);
-	else
-		rr = r;
-	v = BN_CTX_get(ctx);
-	if (rr == NULL || v == NULL)
-		goto err;
-
-	if (BN_copy(v, a) == NULL)
-		goto err;
-	bits = BN_num_bits(p);
-
-	if (BN_is_odd(p)) {
-		if (BN_copy(rr, a) == NULL)
-			goto err;
-	} else {
-		if (!BN_one(rr))
-			goto err;
-	}
-
-	for (i = 1; i < bits; i++) {
-		if (!BN_sqr(v, v, ctx))
-			goto err;
-		if (BN_is_bit_set(p, i)) {
-			if (!BN_mul(rr, rr, v, ctx))
-				goto err;
-		}
-	}
-	ret = 1;
-
-err:
-	if (r != rr && rr != NULL)
-		BN_copy(r, rr);
-	BN_CTX_end(ctx);
-	bn_check_top(r);
-	return (ret);
-}
-
-int
-BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	int ret;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	bn_check_top(m);
-
-	/* For even modulus  m = 2^k*m_odd,  it might make sense to compute
-	 * a^p mod m_odd  and  a^p mod 2^k  separately (with Montgomery
-	 * exponentiation for the odd part), using appropriate exponent
-	 * reductions, and combine the results using the CRT.
-	 *
-	 * For now, we use Montgomery only if the modulus is odd; otherwise,
-	 * exponentiation using the reciprocal-based quick remaindering
-	 * algorithm is used.
-	 *
-	 * (Timing obtained with expspeed.c [computations  a^p mod m
-	 * where  a, p, m  are of the same length: 256, 512, 1024, 2048,
-	 * 4096, 8192 bits], compared to the running time of the
-	 * standard algorithm:
-	 *
-	 *   BN_mod_exp_mont   33 .. 40 %  [AMD K6-2, Linux, debug configuration]
-         *                     55 .. 77 %  [UltraSparc processor, but
-	 *                                  debug-solaris-sparcv8-gcc conf.]
-	 *
-	 *   BN_mod_exp_recp   50 .. 70 %  [AMD K6-2, Linux, debug configuration]
-	 *                     62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
-	 *
-	 * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
-	 * at 2048 and more bits, but at 512 and 1024 bits, it was
-	 * slower even than the standard algorithm!
-	 *
-	 * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
-	 * should be obtained when the new Montgomery reduction code
-	 * has been integrated into OpenSSL.)
-	 */
-
-#define MONT_MUL_MOD
-#define MONT_EXP_WORD
-#define RECP_MUL_MOD
-
-#ifdef MONT_MUL_MOD
-	/* I have finally been able to take out this pre-condition of
-	 * the top bit being set.  It was caused by an error in BN_div
-	 * with negatives.  There was also another problem when for a^b%m
-	 * a >= m.  eay 07-May-97 */
-/*	if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
-
-	if (BN_is_odd(m)) {
-#  ifdef MONT_EXP_WORD
-		if (a->top == 1 && !a->neg &&
-		    (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
-			BN_ULONG A = a->d[0];
-			ret = BN_mod_exp_mont_word(r, A,p, m,ctx, NULL);
-		} else
-#  endif
-			ret = BN_mod_exp_mont(r, a,p, m,ctx, NULL);
-	} else
-#endif
-#ifdef RECP_MUL_MOD
-	{
-		ret = BN_mod_exp_recp(r, a,p, m, ctx);
-	}
-#else
-	{
-		ret = BN_mod_exp_simple(r, a,p, m, ctx);
-	}
-#endif
-
-	bn_check_top(r);
-	return (ret);
-}
-
-int
-BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	int i, j, bits, ret = 0, wstart, wend, window, wvalue;
-	int start = 1;
-	BIGNUM *aa;
-	/* Table of variables obtained from 'ctx' */
-	BIGNUM *val[TABLE_SIZE];
-	BN_RECP_CTX recp;
-
-	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-		BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return -1;
-	}
-
-	bits = BN_num_bits(p);
-
-	if (bits == 0) {
-		ret = BN_one(r);
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-	if ((aa = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((val[0] = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	BN_RECP_CTX_init(&recp);
-	if (m->neg) {
-		/* ignore sign of 'm' */
-		if (!BN_copy(aa, m))
-			goto err;
-		aa->neg = 0;
-		if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0)
-			goto err;
-	} else {
-		if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
-			goto err;
-	}
-
-	if (!BN_nnmod(val[0], a, m, ctx))
-		goto err;		/* 1 */
-	if (BN_is_zero(val[0])) {
-		BN_zero(r);
-		ret = 1;
-		goto err;
-	}
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1) {
-		if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
-			goto err;				/* 2 */
-		j = 1 << (window - 1);
-		for (i = 1; i < j; i++) {
-			if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-			    !BN_mod_mul_reciprocal(val[i], val[i - 1],
-			    aa, &recp, ctx))
-				goto err;
-		}
-	}
-
-	start = 1;		/* This is used to avoid multiplication etc
-				 * when there is only the value '1' in the
-				 * buffer. */
-	wvalue = 0;		/* The 'value' of the window */
-	wstart = bits - 1;	/* The top bit of the window */
-	wend = 0;		/* The bottom bit of the window */
-
-	if (!BN_one(r))
-		goto err;
-
-	for (;;) {
-		if (BN_is_bit_set(p, wstart) == 0) {
-			if (!start)
-				if (!BN_mod_mul_reciprocal(r, r,r, &recp, ctx))
-					goto err;
-			if (wstart == 0)
-				break;
-			wstart--;
-			continue;
-		}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j = wstart;
-		wvalue = 1;
-		wend = 0;
-		for (i = 1; i < window; i++) {
-			if (wstart - i < 0)
-				break;
-			if (BN_is_bit_set(p, wstart - i)) {
-				wvalue <<= (i - wend);
-				wvalue |= 1;
-				wend = i;
-			}
-		}
-
-		/* wend is the size of the current window */
-		j = wend + 1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i = 0; i < j; i++) {
-				if (!BN_mod_mul_reciprocal(r, r,r, &recp, ctx))
-					goto err;
-			}
-
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul_reciprocal(r, r,val[wvalue >> 1], &recp, ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart -= wend + 1;
-		wvalue = 0;
-		start = 0;
-		if (wstart < 0)
-			break;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_RECP_CTX_free(&recp);
-	bn_check_top(r);
-	return (ret);
-}
-
-int
-BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-    BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-	int i, j, bits, ret = 0, wstart, wend, window, wvalue;
-	int start = 1;
-	BIGNUM *d, *r;
-	const BIGNUM *aa;
-	/* Table of variables obtained from 'ctx' */
-	BIGNUM *val[TABLE_SIZE];
-	BN_MONT_CTX *mont = NULL;
-
-	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-		return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
-	}
-
-	bn_check_top(a);
-	bn_check_top(p);
-	bn_check_top(m);
-
-	if (!BN_is_odd(m)) {
-		BNerr(BN_F_BN_MOD_EXP_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
-		return (0);
-	}
-	bits = BN_num_bits(p);
-	if (bits == 0) {
-		ret = BN_one(rr);
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-	if ((d = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((val[0] = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* If this is not done, things will break in the montgomery
-	 * part */
-
-	if (in_mont != NULL)
-		mont = in_mont;
-	else {
-		if ((mont = BN_MONT_CTX_new()) == NULL)
-			goto err;
-		if (!BN_MONT_CTX_set(mont, m, ctx))
-			goto err;
-	}
-
-	if (a->neg || BN_ucmp(a, m) >= 0) {
-		if (!BN_nnmod(val[0], a,m, ctx))
-			goto err;
-		aa = val[0];
-	} else
-		aa = a;
-	if (BN_is_zero(aa)) {
-		BN_zero(rr);
-		ret = 1;
-		goto err;
-	}
-	if (!BN_to_montgomery(val[0], aa, mont, ctx))
-		goto err; /* 1 */
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1) {
-		if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
-			goto err; /* 2 */
-		j = 1 << (window - 1);
-		for (i = 1; i < j; i++) {
-			if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-			    !BN_mod_mul_montgomery(val[i], val[i - 1],
-			    d, mont, ctx))
-				goto err;
-		}
-	}
-
-	start = 1;		/* This is used to avoid multiplication etc
-				 * when there is only the value '1' in the
-				 * buffer. */
-	wvalue = 0;		/* The 'value' of the window */
-	wstart = bits - 1;	/* The top bit of the window */
-	wend = 0;		/* The bottom bit of the window */
-
-	if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
-		goto err;
-	for (;;) {
-		if (BN_is_bit_set(p, wstart) == 0) {
-			if (!start) {
-				if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-					goto err;
-			}
-			if (wstart == 0)
-				break;
-			wstart--;
-			continue;
-		}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j = wstart;
-		wvalue = 1;
-		wend = 0;
-		for (i = 1; i < window; i++) {
-			if (wstart - i < 0)
-				break;
-			if (BN_is_bit_set(p, wstart - i)) {
-				wvalue <<= (i - wend);
-				wvalue |= 1;
-				wend = i;
-			}
-		}
-
-		/* wend is the size of the current window */
-		j = wend + 1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i = 0; i < j; i++) {
-				if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-					goto err;
-			}
-
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart -= wend + 1;
-		wvalue = 0;
-		start = 0;
-		if (wstart < 0)
-			break;
-	}
-	if (!BN_from_montgomery(rr, r,mont, ctx))
-		goto err;
-	ret = 1;
-
-err:
-	if ((in_mont == NULL) && (mont != NULL))
-		BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	bn_check_top(rr);
-	return (ret);
-}
-
-
-/* BN_mod_exp_mont_consttime() stores the precomputed powers in a specific layout
- * so that accessing any of these table values shows the same access pattern as far
- * as cache lines are concerned.  The following functions are used to transfer a BIGNUM
- * from/to that table. */
-
-static int
-MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top, unsigned char *buf,
-    int idx, int width)
-{
-	size_t i, j;
-
-	if (top > b->top)
-		top = b->top; /* this works because 'buf' is explicitly zeroed */
-	for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
-		buf[j] = ((unsigned char*)b->d)[i];
-	}
-
-	return 1;
-}
-
-static int
-MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, unsigned char *buf, int idx,
-    int width)
-{
-	size_t i, j;
-
-	if (bn_wexpand(b, top) == NULL)
-		return 0;
-
-	for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
-		((unsigned char*)b->d)[i] = buf[j];
-	}
-
-	b->top = top;
-	bn_correct_top(b);
-	return 1;
-}
-
-/* Given a pointer value, compute the next address that is a cache line multiple. */
-#define MOD_EXP_CTIME_ALIGN(x_) \
-	((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
-
-/* This variant of BN_mod_exp_mont() uses fixed windows and the special
- * precomputation memory layout to limit data-dependency to a minimum
- * to protect secret exponents (cf. the hyper-threading timing attacks
- * pointed out by Colin Percival,
- * http://www.daemonology.net/hyperthreading-considered-harmful/)
- */
-int
-BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-	int i, bits, ret = 0, window, wvalue;
-	int top;
-	BN_MONT_CTX *mont = NULL;
-	int numPowers;
-	unsigned char *powerbufFree = NULL;
-	int powerbufLen = 0;
-	unsigned char *powerbuf = NULL;
-	BIGNUM tmp, am;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	bn_check_top(m);
-
-	top = m->top;
-
-	if (!(m->d[0] & 1)) {
-		BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME,
-		    BN_R_CALLED_WITH_EVEN_MODULUS);
-		return (0);
-	}
-	bits = BN_num_bits(p);
-	if (bits == 0) {
-		ret = BN_one(rr);
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-
-	/* Allocate a montgomery context if it was not supplied by the caller.
-	 * If this is not done, things will break in the montgomery part.
- 	 */
-	if (in_mont != NULL)
-		mont = in_mont;
-	else {
-		if ((mont = BN_MONT_CTX_new()) == NULL)
-			goto err;
-		if (!BN_MONT_CTX_set(mont, m, ctx))
-			goto err;
-	}
-
-	/* Get the window size to use with size of p. */
-	window = BN_window_bits_for_ctime_exponent_size(bits);
-#if defined(OPENSSL_BN_ASM_MONT5)
-	if (window == 6 && bits <= 1024)
-		window = 5;	/* ~5% improvement of 2048-bit RSA sign */
-#endif
-
-	/* Allocate a buffer large enough to hold all of the pre-computed
-	 * powers of am, am itself and tmp.
-	 */
-	numPowers = 1 << window;
-	powerbufLen = sizeof(m->d[0]) * (top * numPowers +
-	    ((2*top) > numPowers ? (2*top) : numPowers));
-	if ((powerbufFree = malloc(powerbufLen +
-	    MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
-		goto err;
-
-	powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
-	memset(powerbuf, 0, powerbufLen);
-
-	/* lay down tmp and am right after powers table */
-	tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
-	am.d = tmp.d + top;
-	tmp.top = am.top = 0;
-	tmp.dmax = am.dmax = top;
-	tmp.neg = am.neg = 0;
-	tmp.flags = am.flags = BN_FLG_STATIC_DATA;
-
-	/* prepare a^0 in Montgomery domain */
-#if 1
-	if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
-		goto err;
-#else
-	tmp.d[0] = (0 - m - >d[0]) & BN_MASK2;	/* 2^(top*BN_BITS2) - m */
-	for (i = 1; i < top; i++)
-		tmp.d[i] = (~m->d[i]) & BN_MASK2;
-	tmp.top = top;
-#endif
-
-	/* prepare a^1 in Montgomery domain */
-	if (a->neg || BN_ucmp(a, m) >= 0) {
-		if (!BN_mod(&am, a,m, ctx))
-			goto err;
-		if (!BN_to_montgomery(&am, &am, mont, ctx))
-			goto err;
-	} else if (!BN_to_montgomery(&am, a,mont, ctx))
-		goto err;
-
-#if defined(OPENSSL_BN_ASM_MONT5)
-	/* This optimization uses ideas from http://eprint.iacr.org/2011/239,
-	 * specifically optimization of cache-timing attack countermeasures
-	 * and pre-computation optimization. */
-
-	/* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
-	 * 512-bit RSA is hardly relevant, we omit it to spare size... */
-	if (window == 5 && top > 1) {
-		void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
-		    const void *table, const BN_ULONG *np,
-		    const BN_ULONG *n0, int num, int power);
-		void bn_scatter5(const BN_ULONG *inp, size_t num,
-		    void *table, size_t power);
-		void bn_gather5(BN_ULONG *out, size_t num,
-		    void *table, size_t power);
-
-		BN_ULONG *np = mont->N.d, *n0 = mont->n0;
-
-		/* BN_to_montgomery can contaminate words above .top
-		 * [in BN_DEBUG[_DEBUG] build]... */
-		for (i = am.top; i < top; i++)
-			am.d[i] = 0;
-		for (i = tmp.top; i < top; i++)
-			tmp.d[i] = 0;
-
-		bn_scatter5(tmp.d, top, powerbuf, 0);
-		bn_scatter5(am.d, am.top, powerbuf, 1);
-		bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
-		bn_scatter5(tmp.d, top, powerbuf, 2);
-
-#if 0
-		for (i = 3; i < 32; i++) {
-			/* Calculate a^i = a^(i-1) * a */
-			bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np,
-			    n0, top, i - 1);
-			bn_scatter5(tmp.d, top, powerbuf, i);
-		}
-#else
-		/* same as above, but uses squaring for 1/2 of operations */
-		for (i = 4; i < 32; i*=2) {
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_scatter5(tmp.d, top, powerbuf, i);
-		}
-		for (i = 3; i < 8; i += 2) {
-			int j;
-			bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np,
-			    n0, top, i - 1);
-			bn_scatter5(tmp.d, top, powerbuf, i);
-			for (j = 2 * i; j < 32; j *= 2) {
-				bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-				bn_scatter5(tmp.d, top, powerbuf, j);
-			}
-		}
-		for (; i < 16; i += 2) {
-			bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np,
-			    n0, top, i - 1);
-			bn_scatter5(tmp.d, top, powerbuf, i);
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_scatter5(tmp.d, top, powerbuf, 2*i);
-		}
-		for (; i < 32; i += 2) {
-			bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np,
-			    n0, top, i - 1);
-			bn_scatter5(tmp.d, top, powerbuf, i);
-		}
-#endif
-		bits--;
-		for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
-			wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-		bn_gather5(tmp.d, top, powerbuf, wvalue);
-
-		/* Scan the exponent one window at a time starting from the most
-		 * significant bits.
-		 */
-		while (bits >= 0) {
-			for (wvalue = 0, i = 0; i < 5; i++, bits--)
-				wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
-			bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top, wvalue);
-		}
-
-		tmp.top = top;
-		bn_correct_top(&tmp);
-	} else
-#endif
-	{
-		if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0,
-		    numPowers))
-			goto err;
-		if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am,  top, powerbuf, 1,
-		    numPowers))
-			goto err;
-
-		/* If the window size is greater than 1, then calculate
-		 * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
-		 * (even powers could instead be computed as (a^(i/2))^2
-		 * to use the slight performance advantage of sqr over mul).
-		 */
-		if (window > 1) {
-			if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
-				goto err;
-			if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf,
-			    2, numPowers))
-				goto err;
-			for (i = 3; i < numPowers; i++) {
-				/* Calculate a^i = a^(i-1) * a */
-				if (!BN_mod_mul_montgomery(&tmp, &am, &tmp,
-				    mont, ctx))
-					goto err;
-				if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top,
-				    powerbuf, i, numPowers))
-					goto err;
-			}
-		}
-
-		bits--;
-		for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
-			wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-		if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&tmp, top, powerbuf,
-		    wvalue, numPowers))
-			goto err;
-
-		/* Scan the exponent one window at a time starting from the most
-		 * significant bits.
-		 */
-		while (bits >= 0) {
-			wvalue = 0; /* The 'value' of the window */
-
-			/* Scan the window, squaring the result as we go */
-			for (i = 0; i < window; i++, bits--) {
-				if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp,
-				    mont, ctx))
-					goto err;
-				wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
-			}
-
-			/* Fetch the appropriate pre-computed value from the pre-buf */
-			if (!MOD_EXP_CTIME_COPY_FROM_PREBUF(&am, top, powerbuf,
-			    wvalue, numPowers))
-				goto err;
-
-			/* Multiply the result into the intermediate result */
-			if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
-				goto err;
-		}
-	}
-
-	/* Convert the final result from montgomery to standard format */
-	if (!BN_from_montgomery(rr, &tmp, mont, ctx))
-		goto err;
-	ret = 1;
-
-err:
-	if ((in_mont == NULL) && (mont != NULL))
-		BN_MONT_CTX_free(mont);
-	if (powerbuf != NULL) {
-		explicit_bzero(powerbuf, powerbufLen);
-		free(powerbufFree);
-	}
-	BN_CTX_end(ctx);
-	return (ret);
-}
-
-int
-BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m,
-    BN_CTX *ctx, BN_MONT_CTX *in_mont)
-{
-	BN_MONT_CTX *mont = NULL;
-	int b, bits, ret = 0;
-	int r_is_one;
-	BN_ULONG w, next_w;
-	BIGNUM *d, *r, *t;
-	BIGNUM *swap_tmp;
-
-#define BN_MOD_MUL_WORD(r, w, m) \
-		(BN_mul_word(r, (w)) && \
-		(/* BN_ucmp(r, (m)) < 0 ? 1 :*/  \
-			(BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
-		/* BN_MOD_MUL_WORD is only used with 'w' large,
-		 * so the BN_ucmp test is probably more overhead
-		 * than always using BN_mod (which uses BN_copy if
-		 * a similar test returns true). */
-		/* We can use BN_mod and do not need BN_nnmod because our
-		 * accumulator is never negative (the result of BN_mod does
-		 * not depend on the sign of the modulus).
-		 */
-#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
-		(BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
-
-	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-		BNerr(BN_F_BN_MOD_EXP_MONT_WORD,
-		    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return -1;
-	}
-
-	bn_check_top(p);
-	bn_check_top(m);
-
-	if (!BN_is_odd(m)) {
-		BNerr(BN_F_BN_MOD_EXP_MONT_WORD, BN_R_CALLED_WITH_EVEN_MODULUS);
-		return (0);
-	}
-	if (m->top == 1)
-		a %= m->d[0]; /* make sure that 'a' is reduced */
-
-	bits = BN_num_bits(p);
-	if (bits == 0) {
-		ret = BN_one(rr);
-		return ret;
-	}
-	if (a == 0) {
-		BN_zero(rr);
-		ret = 1;
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-	if ((d = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (in_mont != NULL)
-		mont = in_mont;
-	else {
-		if ((mont = BN_MONT_CTX_new()) == NULL)
-			goto err;
-		if (!BN_MONT_CTX_set(mont, m, ctx))
-			goto err;
-	}
-
-	r_is_one = 1; /* except for Montgomery factor */
-
-	/* bits-1 >= 0 */
-
-	/* The result is accumulated in the product r*w. */
-	w = a; /* bit 'bits-1' of 'p' is always set */
-	for (b = bits - 2; b >= 0; b--) {
-		/* First, square r*w. */
-		next_w = w * w;
-		if ((next_w / w) != w) /* overflow */
-		{
-			if (r_is_one) {
-				if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-					goto err;
-				r_is_one = 0;
-			} else {
-				if (!BN_MOD_MUL_WORD(r, w, m))
-					goto err;
-			}
-			next_w = 1;
-		}
-		w = next_w;
-		if (!r_is_one) {
-			if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
-				goto err;
-		}
-
-		/* Second, multiply r*w by 'a' if exponent bit is set. */
-		if (BN_is_bit_set(p, b)) {
-			next_w = w * a;
-			if ((next_w / a) != w) /* overflow */
-			{
-				if (r_is_one) {
-					if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-						goto err;
-					r_is_one = 0;
-				} else {
-					if (!BN_MOD_MUL_WORD(r, w, m))
-						goto err;
-				}
-				next_w = a;
-			}
-			w = next_w;
-		}
-	}
-
-	/* Finally, set r:=r*w. */
-	if (w != 1) {
-		if (r_is_one) {
-			if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
-				goto err;
-			r_is_one = 0;
-		} else {
-			if (!BN_MOD_MUL_WORD(r, w, m))
-				goto err;
-		}
-	}
-
-	if (r_is_one) /* can happen only if a == 1*/
-	{
-		if (!BN_one(rr))
-			goto err;
-	} else {
-		if (!BN_from_montgomery(rr, r, mont, ctx))
-			goto err;
-	}
-	ret = 1;
-
-err:
-	if ((in_mont == NULL) && (mont != NULL))
-		BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	bn_check_top(rr);
-	return (ret);
-}
-
-
-/* The old fallback, simple version :-) */
-int
-BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	int i, j,bits, ret = 0, wstart, wend, window, wvalue;
-	int start = 1;
-	BIGNUM *d;
-	/* Table of variables obtained from 'ctx' */
-	BIGNUM *val[TABLE_SIZE];
-
-	if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
-		/* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
-		BNerr(BN_F_BN_MOD_EXP_SIMPLE,
-		    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return -1;
-	}
-
-	bits = BN_num_bits(p);
-
-	if (bits == 0) {
-		ret = BN_one(r);
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-	if ((d = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((val[0] = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_nnmod(val[0],a,m,ctx))
-		goto err;		/* 1 */
-	if (BN_is_zero(val[0])) {
-		BN_zero(r);
-		ret = 1;
-		goto err;
-	}
-
-	window = BN_window_bits_for_exponent_size(bits);
-	if (window > 1) {
-		if (!BN_mod_mul(d, val[0], val[0], m, ctx))
-			goto err;				/* 2 */
-		j = 1 << (window - 1);
-		for (i = 1; i < j; i++) {
-			if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
-			    !BN_mod_mul(val[i], val[i - 1], d,m, ctx))
-				goto err;
-		}
-	}
-
-	start = 1;		/* This is used to avoid multiplication etc
-				 * when there is only the value '1' in the
-				 * buffer. */
-	wvalue = 0;		/* The 'value' of the window */
-	wstart = bits - 1;	/* The top bit of the window */
-	wend = 0;		/* The bottom bit of the window */
-
-	if (!BN_one(r))
-		goto err;
-
-	for (;;) {
-		if (BN_is_bit_set(p, wstart) == 0) {
-			if (!start)
-				if (!BN_mod_mul(r, r, r, m, ctx))
-					goto err;
-			if (wstart == 0)
-				break;
-			wstart--;
-			continue;
-		}
-		/* We now have wstart on a 'set' bit, we now need to work out
-		 * how bit a window to do.  To do this we need to scan
-		 * forward until the last set bit before the end of the
-		 * window */
-		j = wstart;
-		wvalue = 1;
-		wend = 0;
-		for (i = 1; i < window; i++) {
-			if (wstart - i < 0)
-				break;
-			if (BN_is_bit_set(p, wstart - i)) {
-				wvalue <<= (i - wend);
-				wvalue |= 1;
-				wend = i;
-			}
-		}
-
-		/* wend is the size of the current window */
-		j = wend + 1;
-		/* add the 'bytes above' */
-		if (!start)
-			for (i = 0; i < j; i++) {
-				if (!BN_mod_mul(r, r, r, m, ctx))
-					goto err;
-			}
-
-		/* wvalue will be an odd number < 2^window */
-		if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx))
-			goto err;
-
-		/* move the 'window' down further */
-		wstart -= wend + 1;
-		wvalue = 0;
-		start = 0;
-		if (wstart < 0)
-			break;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(r);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_exp2.c b/lib/libssl/src/crypto/bn/bn_exp2.c
deleted file mode 100644
index 38bf467a38d..00000000000
--- a/lib/libssl/src/crypto/bn/bn_exp2.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* $OpenBSD: bn_exp2.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-#define TABLE_SIZE	32
-
-int
-BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
-    const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m, BN_CTX *ctx,
-    BN_MONT_CTX *in_mont)
-{
-	int i, j, bits, b, bits1, bits2, ret = 0, wpos1, wpos2, window1, window2, wvalue1, wvalue2;
-	int r_is_one = 1;
-	BIGNUM *d, *r;
-	const BIGNUM *a_mod_m;
-	/* Tables of variables obtained from 'ctx' */
-	BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE];
-	BN_MONT_CTX *mont = NULL;
-
-	bn_check_top(a1);
-	bn_check_top(p1);
-	bn_check_top(a2);
-	bn_check_top(p2);
-	bn_check_top(m);
-
-	if (!(m->d[0] & 1)) {
-		BNerr(BN_F_BN_MOD_EXP2_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
-		return (0);
-	}
-	bits1 = BN_num_bits(p1);
-	bits2 = BN_num_bits(p2);
-	if ((bits1 == 0) && (bits2 == 0)) {
-		ret = BN_one(rr);
-		return ret;
-	}
-
-	bits = (bits1 > bits2) ? bits1 : bits2;
-
-	BN_CTX_start(ctx);
-	if ((d = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((val1[0] = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((val2[0] = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (in_mont != NULL)
-		mont = in_mont;
-	else {
-		if ((mont = BN_MONT_CTX_new()) == NULL)
-			goto err;
-		if (!BN_MONT_CTX_set(mont, m, ctx))
-			goto err;
-	}
-
-	window1 = BN_window_bits_for_exponent_size(bits1);
-	window2 = BN_window_bits_for_exponent_size(bits2);
-
-	/*
-	 * Build table for a1:   val1[i] := a1^(2*i + 1) mod m  for i = 0 .. 2^(window1-1)
-	 */
-	if (a1->neg || BN_ucmp(a1, m) >= 0) {
-		if (!BN_mod(val1[0], a1, m, ctx))
-			goto err;
-		a_mod_m = val1[0];
-	} else
-		a_mod_m = a1;
-	if (BN_is_zero(a_mod_m)) {
-		BN_zero(rr);
-		ret = 1;
-		goto err;
-	}
-
-	if (!BN_to_montgomery(val1[0], a_mod_m, mont, ctx))
-		goto err;
-	if (window1 > 1) {
-		if (!BN_mod_mul_montgomery(d, val1[0], val1[0], mont, ctx))
-			goto err;
-
-		j = 1 << (window1 - 1);
-		for (i = 1; i < j; i++) {
-			if (((val1[i] = BN_CTX_get(ctx)) == NULL) ||
-			    !BN_mod_mul_montgomery(val1[i], val1[i - 1],
-			    d, mont, ctx))
-				goto err;
-		}
-	}
-
-
-	/*
-	 * Build table for a2:   val2[i] := a2^(2*i + 1) mod m  for i = 0 .. 2^(window2-1)
-	 */
-	if (a2->neg || BN_ucmp(a2, m) >= 0) {
-		if (!BN_mod(val2[0], a2, m, ctx))
-			goto err;
-		a_mod_m = val2[0];
-	} else
-		a_mod_m = a2;
-	if (BN_is_zero(a_mod_m)) {
-		BN_zero(rr);
-		ret = 1;
-		goto err;
-	}
-	if (!BN_to_montgomery(val2[0], a_mod_m, mont, ctx))
-		goto err;
-	if (window2 > 1) {
-		if (!BN_mod_mul_montgomery(d, val2[0], val2[0], mont, ctx))
-			goto err;
-
-		j = 1 << (window2 - 1);
-		for (i = 1; i < j; i++) {
-			if (((val2[i] = BN_CTX_get(ctx)) == NULL) ||
-			    !BN_mod_mul_montgomery(val2[i], val2[i - 1],
-			    d, mont, ctx))
-				goto err;
-		}
-	}
-
-
-	/* Now compute the power product, using independent windows. */
-	r_is_one = 1;
-	wvalue1 = 0;  /* The 'value' of the first window */
-	wvalue2 = 0;  /* The 'value' of the second window */
-	wpos1 = 0;    /* If wvalue1 > 0, the bottom bit of the first window */
-	wpos2 = 0;    /* If wvalue2 > 0, the bottom bit of the second window */
-
-	if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
-		goto err;
-	for (b = bits - 1; b >= 0; b--) {
-		if (!r_is_one) {
-			if (!BN_mod_mul_montgomery(r, r,r, mont, ctx))
-				goto err;
-		}
-
-		if (!wvalue1)
-			if (BN_is_bit_set(p1, b)) {
-			/* consider bits b-window1+1 .. b for this window */
-			i = b - window1 + 1;
-			while (!BN_is_bit_set(p1, i)) /* works for i<0 */
-				i++;
-			wpos1 = i;
-			wvalue1 = 1;
-			for (i = b - 1; i >= wpos1; i--) {
-				wvalue1 <<= 1;
-				if (BN_is_bit_set(p1, i))
-					wvalue1++;
-			}
-		}
-
-		if (!wvalue2)
-			if (BN_is_bit_set(p2, b)) {
-			/* consider bits b-window2+1 .. b for this window */
-			i = b - window2 + 1;
-			while (!BN_is_bit_set(p2, i))
-				i++;
-			wpos2 = i;
-			wvalue2 = 1;
-			for (i = b - 1; i >= wpos2; i--) {
-				wvalue2 <<= 1;
-				if (BN_is_bit_set(p2, i))
-					wvalue2++;
-			}
-		}
-
-		if (wvalue1 && b == wpos1) {
-			/* wvalue1 is odd and < 2^window1 */
-			if (!BN_mod_mul_montgomery(r, r, val1[wvalue1 >> 1],
-			    mont, ctx))
-				goto err;
-			wvalue1 = 0;
-			r_is_one = 0;
-		}
-
-		if (wvalue2 && b == wpos2) {
-			/* wvalue2 is odd and < 2^window2 */
-			if (!BN_mod_mul_montgomery(r, r, val2[wvalue2 >> 1],
-			    mont, ctx))
-				goto err;
-			wvalue2 = 0;
-			r_is_one = 0;
-		}
-	}
-	if (!BN_from_montgomery(rr, r,mont, ctx))
-		goto err;
-	ret = 1;
-
-err:
-	if ((in_mont == NULL) && (mont != NULL))
-		BN_MONT_CTX_free(mont);
-	BN_CTX_end(ctx);
-	bn_check_top(rr);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_gcd.c b/lib/libssl/src/crypto/bn/bn_gcd.c
deleted file mode 100644
index da9c29a8e56..00000000000
--- a/lib/libssl/src/crypto/bn/bn_gcd.c
+++ /dev/null
@@ -1,688 +0,0 @@
-/* $OpenBSD: bn_gcd.c,v 1.10 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
-
-int
-BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
-{
-	BIGNUM *a, *b, *t;
-	int ret = 0;
-
-	bn_check_top(in_a);
-	bn_check_top(in_b);
-
-	BN_CTX_start(ctx);
-	if ((a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (BN_copy(a, in_a) == NULL)
-		goto err;
-	if (BN_copy(b, in_b) == NULL)
-		goto err;
-	a->neg = 0;
-	b->neg = 0;
-
-	if (BN_cmp(a, b) < 0) {
-		t = a;
-		a = b;
-		b = t;
-	}
-	t = euclid(a, b);
-	if (t == NULL)
-		goto err;
-
-	if (BN_copy(r, t) == NULL)
-		goto err;
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(r);
-	return (ret);
-}
-
-static BIGNUM *
-euclid(BIGNUM *a, BIGNUM *b)
-{
-	BIGNUM *t;
-	int shifts = 0;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	/* 0 <= b <= a */
-	while (!BN_is_zero(b)) {
-		/* 0 < b <= a */
-
-		if (BN_is_odd(a)) {
-			if (BN_is_odd(b)) {
-				if (!BN_sub(a, a, b))
-					goto err;
-				if (!BN_rshift1(a, a))
-					goto err;
-				if (BN_cmp(a, b) < 0) {
-					t = a;
-					a = b;
-					b = t;
-				}
-			}
-			else		/* a odd - b even */
-			{
-				if (!BN_rshift1(b, b))
-					goto err;
-				if (BN_cmp(a, b) < 0) {
-					t = a;
-					a = b;
-					b = t;
-				}
-			}
-		}
-		else			/* a is even */
-		{
-			if (BN_is_odd(b)) {
-				if (!BN_rshift1(a, a))
-					goto err;
-				if (BN_cmp(a, b) < 0) {
-					t = a;
-					a = b;
-					b = t;
-				}
-			}
-			else		/* a even - b even */
-			{
-				if (!BN_rshift1(a, a))
-					goto err;
-				if (!BN_rshift1(b, b))
-					goto err;
-				shifts++;
-			}
-		}
-		/* 0 <= b <= a */
-	}
-
-	if (shifts) {
-		if (!BN_lshift(a, a, shifts))
-			goto err;
-	}
-	bn_check_top(a);
-	return (a);
-
-err:
-	return (NULL);
-}
-
-
-/* solves ax == 1 (mod n) */
-static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a,
-    const BIGNUM *n, BN_CTX *ctx);
-
-BIGNUM *
-BN_mod_inverse(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
-{
-	BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
-	BIGNUM *ret = NULL;
-	int sign;
-
-	if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) ||
-	    (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
-		return BN_mod_inverse_no_branch(in, a, n, ctx);
-	}
-
-	bn_check_top(a);
-	bn_check_top(n);
-
-	BN_CTX_start(ctx);
-	if ((A = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((B = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((D = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((M = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((T = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (in == NULL)
-		R = BN_new();
-	else
-		R = in;
-	if (R == NULL)
-		goto err;
-
-	BN_one(X);
-	BN_zero(Y);
-	if (BN_copy(B, a) == NULL)
-		goto err;
-	if (BN_copy(A, n) == NULL)
-		goto err;
-	A->neg = 0;
-	if (B->neg || (BN_ucmp(B, A) >= 0)) {
-		if (!BN_nnmod(B, B, A, ctx))
-			goto err;
-	}
-	sign = -1;
-	/* From  B = a mod |n|,  A = |n|  it follows that
-	 *
-	 *      0 <= B < A,
-	 *     -sign*X*a  ==  B   (mod |n|),
-	 *      sign*Y*a  ==  A   (mod |n|).
-	 */
-
-	if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) {
-		/* Binary inversion algorithm; requires odd modulus.
-		 * This is faster than the general algorithm if the modulus
-		 * is sufficiently small (about 400 .. 500 bits on 32-bit
-		 * sytems, but much more on 64-bit systems) */
-		int shift;
-
-		while (!BN_is_zero(B)) {
-			/*
-			 *      0 < B < |n|,
-			 *      0 < A <= |n|,
-			 * (1) -sign*X*a  ==  B   (mod |n|),
-			 * (2)  sign*Y*a  ==  A   (mod |n|)
-			 */
-
-			/* Now divide  B  by the maximum possible power of two in the integers,
-			 * and divide  X  by the same value mod |n|.
-			 * When we're done, (1) still holds. */
-			shift = 0;
-			while (!BN_is_bit_set(B, shift)) /* note that 0 < B */
-			{
-				shift++;
-
-				if (BN_is_odd(X)) {
-					if (!BN_uadd(X, X, n))
-						goto err;
-				}
-				/* now X is even, so we can easily divide it by two */
-				if (!BN_rshift1(X, X))
-					goto err;
-			}
-			if (shift > 0) {
-				if (!BN_rshift(B, B, shift))
-					goto err;
-			}
-
-
-			/* Same for  A  and  Y.  Afterwards, (2) still holds. */
-			shift = 0;
-			while (!BN_is_bit_set(A, shift)) /* note that 0 < A */
-			{
-				shift++;
-
-				if (BN_is_odd(Y)) {
-					if (!BN_uadd(Y, Y, n))
-						goto err;
-				}
-				/* now Y is even */
-				if (!BN_rshift1(Y, Y))
-					goto err;
-			}
-			if (shift > 0) {
-				if (!BN_rshift(A, A, shift))
-					goto err;
-			}
-
-
-			/* We still have (1) and (2).
-			 * Both  A  and  B  are odd.
-			 * The following computations ensure that
-			 *
-			 *     0 <= B < |n|,
-			 *      0 < A < |n|,
-			 * (1) -sign*X*a  ==  B   (mod |n|),
-			 * (2)  sign*Y*a  ==  A   (mod |n|),
-			 *
-			 * and that either  A  or  B  is even in the next iteration.
-			 */
-			if (BN_ucmp(B, A) >= 0) {
-				/* -sign*(X + Y)*a == B - A  (mod |n|) */
-				if (!BN_uadd(X, X, Y))
-					goto err;
-				/* NB: we could use BN_mod_add_quick(X, X, Y, n), but that
-				 * actually makes the algorithm slower */
-				if (!BN_usub(B, B, A))
-					goto err;
-			} else {
-				/*  sign*(X + Y)*a == A - B  (mod |n|) */
-				if (!BN_uadd(Y, Y, X))
-					goto err;
-				/* as above, BN_mod_add_quick(Y, Y, X, n) would slow things down */
-				if (!BN_usub(A, A, B))
-					goto err;
-			}
-		}
-	} else {
-		/* general inversion algorithm */
-
-		while (!BN_is_zero(B)) {
-			BIGNUM *tmp;
-
-			/*
-			 *      0 < B < A,
-			 * (*) -sign*X*a  ==  B   (mod |n|),
-			 *      sign*Y*a  ==  A   (mod |n|)
-			 */
-
-			/* (D, M) := (A/B, A%B) ... */
-			if (BN_num_bits(A) == BN_num_bits(B)) {
-				if (!BN_one(D))
-					goto err;
-				if (!BN_sub(M, A, B))
-					goto err;
-			} else if (BN_num_bits(A) == BN_num_bits(B) + 1) {
-				/* A/B is 1, 2, or 3 */
-				if (!BN_lshift1(T, B))
-					goto err;
-				if (BN_ucmp(A, T) < 0) {
-					/* A < 2*B, so D=1 */
-					if (!BN_one(D))
-						goto err;
-					if (!BN_sub(M, A, B))
-						goto err;
-				} else {
-					/* A >= 2*B, so D=2 or D=3 */
-					if (!BN_sub(M, A, T))
-						goto err;
-					if (!BN_add(D,T,B)) goto err; /* use D (:= 3*B) as temp */
-						if (BN_ucmp(A, D) < 0) {
-						/* A < 3*B, so D=2 */
-						if (!BN_set_word(D, 2))
-							goto err;
-						/* M (= A - 2*B) already has the correct value */
-					} else {
-						/* only D=3 remains */
-						if (!BN_set_word(D, 3))
-							goto err;
-						/* currently  M = A - 2*B,  but we need  M = A - 3*B */
-						if (!BN_sub(M, M, B))
-							goto err;
-					}
-				}
-			} else {
-				if (!BN_div(D, M, A, B, ctx))
-					goto err;
-			}
-
-			/* Now
-			 *      A = D*B + M;
-			 * thus we have
-			 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
-			 */
-			tmp = A; /* keep the BIGNUM object, the value does not matter */
-
-			/* (A, B) := (B, A mod B) ... */
-			A = B;
-			B = M;
-			/* ... so we have  0 <= B < A  again */
-
-			/* Since the former  M  is now  B  and the former  B  is now  A,
-			 * (**) translates into
-			 *       sign*Y*a  ==  D*A + B    (mod |n|),
-			 * i.e.
-			 *       sign*Y*a - D*A  ==  B    (mod |n|).
-			 * Similarly, (*) translates into
-			 *      -sign*X*a  ==  A          (mod |n|).
-			 *
-			 * Thus,
-			 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
-			 * i.e.
-			 *        sign*(Y + D*X)*a  ==  B  (mod |n|).
-			 *
-			 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
-			 *      -sign*X*a  ==  B   (mod |n|),
-			 *       sign*Y*a  ==  A   (mod |n|).
-			 * Note that  X  and  Y  stay non-negative all the time.
-			 */
-
-			/* most of the time D is very small, so we can optimize tmp := D*X+Y */
-			if (BN_is_one(D)) {
-				if (!BN_add(tmp, X, Y))
-					goto err;
-			} else {
-				if (BN_is_word(D, 2)) {
-					if (!BN_lshift1(tmp, X))
-						goto err;
-				} else if (BN_is_word(D, 4)) {
-					if (!BN_lshift(tmp, X, 2))
-						goto err;
-				} else if (D->top == 1) {
-					if (!BN_copy(tmp, X))
-						goto err;
-					if (!BN_mul_word(tmp, D->d[0]))
-						goto err;
-				} else {
-					if (!BN_mul(tmp, D,X, ctx))
-						goto err;
-				}
-				if (!BN_add(tmp, tmp, Y))
-					goto err;
-			}
-
-			M = Y; /* keep the BIGNUM object, the value does not matter */
-			Y = X;
-			X = tmp;
-			sign = -sign;
-		}
-	}
-
-	/*
-	 * The while loop (Euclid's algorithm) ends when
-	 *      A == gcd(a,n);
-	 * we have
-	 *       sign*Y*a  ==  A  (mod |n|),
-	 * where  Y  is non-negative.
-	 */
-
-	if (sign < 0) {
-		if (!BN_sub(Y, n, Y))
-			goto err;
-	}
-	/* Now  Y*a  ==  A  (mod |n|).  */
-
-	if (BN_is_one(A)) {
-		/* Y*a == 1  (mod |n|) */
-		if (!Y->neg && BN_ucmp(Y, n) < 0) {
-			if (!BN_copy(R, Y))
-				goto err;
-		} else {
-			if (!BN_nnmod(R, Y,n, ctx))
-				goto err;
-		}
-	} else {
-		BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
-		goto err;
-	}
-	ret = R;
-
-err:
-	if ((ret == NULL) && (in == NULL))
-		BN_free(R);
-	BN_CTX_end(ctx);
-	bn_check_top(ret);
-	return (ret);
-}
-
-
-/* BN_mod_inverse_no_branch is a special version of BN_mod_inverse.
- * It does not contain branches that may leak sensitive information.
- */
-static BIGNUM *
-BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n,
-    BN_CTX *ctx)
-{
-	BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
-	BIGNUM local_A, local_B;
-	BIGNUM *pA, *pB;
-	BIGNUM *ret = NULL;
-	int sign;
-
-	bn_check_top(a);
-	bn_check_top(n);
-
-	BN_CTX_start(ctx);
-	if ((A = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((B = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((D = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((M = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((T = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (in == NULL)
-		R = BN_new();
-	else
-		R = in;
-	if (R == NULL)
-		goto err;
-
-	BN_one(X);
-	BN_zero(Y);
-	if (BN_copy(B, a) == NULL)
-		goto err;
-	if (BN_copy(A, n) == NULL)
-		goto err;
-	A->neg = 0;
-
-	if (B->neg || (BN_ucmp(B, A) >= 0)) {
-		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
-	 	 * BN_div_no_branch will be called eventually.
-	 	 */
-		pB = &local_B;
-		BN_with_flags(pB, B, BN_FLG_CONSTTIME);
-		if (!BN_nnmod(B, pB, A, ctx))
-			goto err;
-	}
-	sign = -1;
-	/* From  B = a mod |n|,  A = |n|  it follows that
-	 *
-	 *      0 <= B < A,
-	 *     -sign*X*a  ==  B   (mod |n|),
-	 *      sign*Y*a  ==  A   (mod |n|).
-	 */
-
-	while (!BN_is_zero(B)) {
-		BIGNUM *tmp;
-
-		/*
-		 *      0 < B < A,
-		 * (*) -sign*X*a  ==  B   (mod |n|),
-		 *      sign*Y*a  ==  A   (mod |n|)
-		 */
-
-		/* Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
-	 	 * BN_div_no_branch will be called eventually.
-	 	 */
-		pA = &local_A;
-		BN_with_flags(pA, A, BN_FLG_CONSTTIME);
-
-		/* (D, M) := (A/B, A%B) ... */
-		if (!BN_div(D, M, pA, B, ctx))
-			goto err;
-
-		/* Now
-		 *      A = D*B + M;
-		 * thus we have
-		 * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
-		 */
-		tmp = A; /* keep the BIGNUM object, the value does not matter */
-
-		/* (A, B) := (B, A mod B) ... */
-		A = B;
-		B = M;
-		/* ... so we have  0 <= B < A  again */
-
-		/* Since the former  M  is now  B  and the former  B  is now  A,
-		 * (**) translates into
-		 *       sign*Y*a  ==  D*A + B    (mod |n|),
-		 * i.e.
-		 *       sign*Y*a - D*A  ==  B    (mod |n|).
-		 * Similarly, (*) translates into
-		 *      -sign*X*a  ==  A          (mod |n|).
-		 *
-		 * Thus,
-		 *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
-		 * i.e.
-		 *        sign*(Y + D*X)*a  ==  B  (mod |n|).
-		 *
-		 * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
-		 *      -sign*X*a  ==  B   (mod |n|),
-		 *       sign*Y*a  ==  A   (mod |n|).
-		 * Note that  X  and  Y  stay non-negative all the time.
-		 */
-
-		if (!BN_mul(tmp, D, X, ctx))
-			goto err;
-		if (!BN_add(tmp, tmp, Y))
-			goto err;
-
-		M = Y; /* keep the BIGNUM object, the value does not matter */
-		Y = X;
-		X = tmp;
-		sign = -sign;
-	}
-
-	/*
-	 * The while loop (Euclid's algorithm) ends when
-	 *      A == gcd(a,n);
-	 * we have
-	 *       sign*Y*a  ==  A  (mod |n|),
-	 * where  Y  is non-negative.
-	 */
-
-	if (sign < 0) {
-		if (!BN_sub(Y, n, Y))
-			goto err;
-	}
-	/* Now  Y*a  ==  A  (mod |n|).  */
-
-	if (BN_is_one(A)) {
-		/* Y*a == 1  (mod |n|) */
-		if (!Y->neg && BN_ucmp(Y, n) < 0) {
-			if (!BN_copy(R, Y))
-				goto err;
-		} else {
-			if (!BN_nnmod(R, Y, n, ctx))
-				goto err;
-		}
-	} else {
-		BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);
-		goto err;
-	}
-	ret = R;
-
-err:
-	if ((ret == NULL) && (in == NULL))
-		BN_free(R);
-	BN_CTX_end(ctx);
-	bn_check_top(ret);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_gf2m.c b/lib/libssl/src/crypto/bn/bn_gf2m.c
deleted file mode 100644
index d83ae291ec9..00000000000
--- a/lib/libssl/src/crypto/bn/bn_gf2m.c
+++ /dev/null
@@ -1,1323 +0,0 @@
-/* $OpenBSD: bn_gf2m.c,v 1.21 2016/03/12 21:44:11 bcook Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * In addition, Sun covenants to all licensees who provide a reciprocal
- * covenant with respect to their own patents if any, not to sue under
- * current and future patent claims necessarily infringed by the making,
- * using, practicing, selling, offering for sale and/or otherwise
- * disposing of the ECC Code as delivered hereunder (or portions thereof),
- * provided that such covenant shall not apply:
- *  1) for code that a licensee deletes from the ECC Code;
- *  2) separates from the ECC Code; or
- *  3) for infringements caused by:
- *       i) the modification of the ECC Code or
- *      ii) the combination of the ECC Code with other software or
- *          devices where such combination causes the infringement.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-/* NOTE: This file is licensed pursuant to the OpenSSL license below
- * and may be modified; but after modifications, the above covenant
- * may no longer apply!  In such cases, the corresponding paragraph
- * ["In addition, Sun covenants ... causes the infringement."] and
- * this note can be edited out; but please keep the Sun copyright
- * notice and attribution. */
-
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-/* Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should fail. */
-#define MAX_ITERATIONS 50
-
-static const BN_ULONG SQR_tb[16] =
-	{     0,     1,     4,     5,    16,    17,    20,    21,
-64,    65,    68,    69,    80,    81,    84,    85 };
-/* Platform-specific macros to accelerate squaring. */
-#ifdef _LP64
-#define SQR1(w) \
-    SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
-    SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
-    SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
-    SQR_tb[(w) >> 36 & 0xF] <<  8 | SQR_tb[(w) >> 32 & 0xF]
-#define SQR0(w) \
-    SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
-    SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
-    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
-    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
-#else
-#define SQR1(w) \
-    SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
-    SQR_tb[(w) >> 20 & 0xF] <<  8 | SQR_tb[(w) >> 16 & 0xF]
-#define SQR0(w) \
-    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
-    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
-#endif
-
-#if !defined(OPENSSL_BN_ASM_GF2m)
-/* Product of two polynomials a, b each with degree < BN_BITS2 - 1,
- * result is a polynomial r with degree < 2 * BN_BITS - 1
- * The caller MUST ensure that the variables have the right amount
- * of space allocated.
- */
-static void
-bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a, const BN_ULONG b)
-{
-#ifndef _LP64
-	BN_ULONG h, l, s;
-	BN_ULONG tab[8], top2b = a >> 30;
-	BN_ULONG a1, a2, a4;
-
-	a1 = a & (0x3FFFFFFF);
-	a2 = a1 << 1;
-	a4 = a2 << 1;
-
-	tab[0] = 0;
-	tab[1] = a1;
-	tab[2] = a2;
-	tab[3] = a1 ^ a2;
-	tab[4] = a4;
-	tab[5] = a1 ^ a4;
-	tab[6] = a2 ^ a4;
-	tab[7] = a1 ^ a2 ^ a4;
-
-	s = tab[b & 0x7];
-	l = s;
-	s = tab[b >> 3 & 0x7];
-	l ^= s << 3;
-	h = s >> 29;
-	s = tab[b >> 6 & 0x7];
-	l ^= s <<  6;
-	h ^= s >> 26;
-	s = tab[b >> 9 & 0x7];
-	l ^= s <<  9;
-	h ^= s >> 23;
-	s = tab[b >> 12 & 0x7];
-	l ^= s << 12;
-	h ^= s >> 20;
-	s = tab[b >> 15 & 0x7];
-	l ^= s << 15;
-	h ^= s >> 17;
-	s = tab[b >> 18 & 0x7];
-	l ^= s << 18;
-	h ^= s >> 14;
-	s = tab[b >> 21 & 0x7];
-	l ^= s << 21;
-	h ^= s >> 11;
-	s = tab[b >> 24 & 0x7];
-	l ^= s << 24;
-	h ^= s >>  8;
-	s = tab[b >> 27 & 0x7];
-	l ^= s << 27;
-	h ^= s >>  5;
-	s = tab[b >> 30];
-	l ^= s << 30;
-	h ^= s >> 2;
-
-	/* compensate for the top two bits of a */
-	if (top2b & 01) {
-		l ^= b << 30;
-		h ^= b >> 2;
-	}
-	if (top2b & 02) {
-		l ^= b << 31;
-		h ^= b >> 1;
-	}
-
-	*r1 = h;
-	*r0 = l;
-#else
-	BN_ULONG h, l, s;
-	BN_ULONG tab[16], top3b = a >> 61;
-	BN_ULONG a1, a2, a4, a8;
-
-	a1 = a & (0x1FFFFFFFFFFFFFFFULL);
-	a2 = a1 << 1;
-	a4 = a2 << 1;
-	a8 = a4 << 1;
-
-	tab[0] = 0;
-	tab[1] = a1;
-	tab[2] = a2;
-	tab[3] = a1 ^ a2;
-	tab[4] = a4;
-	tab[5] = a1 ^ a4;
-	tab[6] = a2 ^ a4;
-	tab[7] = a1 ^ a2 ^ a4;
-	tab[8] = a8;
-	tab[9] = a1 ^ a8;
-	tab[10] = a2 ^ a8;
-	tab[11] = a1 ^ a2 ^ a8;
-	tab[12] = a4 ^ a8;
-	tab[13] = a1 ^ a4 ^ a8;
-	tab[14] = a2 ^ a4 ^ a8;
-	tab[15] = a1 ^ a2 ^ a4 ^ a8;
-
-	s = tab[b & 0xF];
-	l = s;
-	s = tab[b >> 4 & 0xF];
-	l ^= s << 4;
-	h = s >> 60;
-	s = tab[b >> 8 & 0xF];
-	l ^= s << 8;
-	h ^= s >> 56;
-	s = tab[b >> 12 & 0xF];
-	l ^= s << 12;
-	h ^= s >> 52;
-	s = tab[b >> 16 & 0xF];
-	l ^= s << 16;
-	h ^= s >> 48;
-	s = tab[b >> 20 & 0xF];
-	l ^= s << 20;
-	h ^= s >> 44;
-	s = tab[b >> 24 & 0xF];
-	l ^= s << 24;
-	h ^= s >> 40;
-	s = tab[b >> 28 & 0xF];
-	l ^= s << 28;
-	h ^= s >> 36;
-	s = tab[b >> 32 & 0xF];
-	l ^= s << 32;
-	h ^= s >> 32;
-	s = tab[b >> 36 & 0xF];
-	l ^= s << 36;
-	h ^= s >> 28;
-	s = tab[b >> 40 & 0xF];
-	l ^= s << 40;
-	h ^= s >> 24;
-	s = tab[b >> 44 & 0xF];
-	l ^= s << 44;
-	h ^= s >> 20;
-	s = tab[b >> 48 & 0xF];
-	l ^= s << 48;
-	h ^= s >> 16;
-	s = tab[b >> 52 & 0xF];
-	l ^= s << 52;
-	h ^= s >> 12;
-	s = tab[b >> 56 & 0xF];
-	l ^= s << 56;
-	h ^= s >>  8;
-	s = tab[b >> 60];
-	l ^= s << 60;
-	h ^= s >>  4;
-
-	/* compensate for the top three bits of a */
-	if (top3b & 01) {
-		l ^= b << 61;
-		h ^= b >> 3;
-	}
-	if (top3b & 02) {
-		l ^= b << 62;
-		h ^= b >> 2;
-	}
-	if (top3b & 04) {
-		l ^= b << 63;
-		h ^= b >> 1;
-	}
-
-	*r1 = h;
-	*r0 = l;
-#endif
-}
-
-/* Product of two polynomials a, b each with degree < 2 * BN_BITS2 - 1,
- * result is a polynomial r with degree < 4 * BN_BITS2 - 1
- * The caller MUST ensure that the variables have the right amount
- * of space allocated.
- */
-static void
-bn_GF2m_mul_2x2(BN_ULONG *r, const BN_ULONG a1, const BN_ULONG a0,
-    const BN_ULONG b1, const BN_ULONG b0)
-{
-	BN_ULONG m1, m0;
-
-	/* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */
-	bn_GF2m_mul_1x1(r + 3, r + 2, a1, b1);
-	bn_GF2m_mul_1x1(r + 1, r, a0, b0);
-	bn_GF2m_mul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1);
-	/* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */
-	r[2] ^= m1 ^ r[1] ^ r[3];  /* h0 ^= m1 ^ l1 ^ h1; */
-	r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0;  /* l1 ^= l0 ^ h0 ^ m0; */
-}
-#else
-void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1,
-    BN_ULONG b0);
-#endif
-
-/* Add polynomials a and b and store result in r; r could be a or b, a and b
- * could be equal; r is the bitwise XOR of a and b.
- */
-int
-BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
-{
-	int i;
-	const BIGNUM *at, *bt;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->top < b->top) {
-		at = b;
-		bt = a;
-	} else {
-		at = a;
-		bt = b;
-	}
-
-	if (bn_wexpand(r, at->top) == NULL)
-		return 0;
-
-	for (i = 0; i < bt->top; i++) {
-		r->d[i] = at->d[i] ^ bt->d[i];
-	}
-	for (; i < at->top; i++) {
-		r->d[i] = at->d[i];
-	}
-
-	r->top = at->top;
-	bn_correct_top(r);
-
-	return 1;
-}
-
-
-/* Some functions allow for representation of the irreducible polynomials
- * as an int[], say p.  The irreducible f(t) is then of the form:
- *     t^p[0] + t^p[1] + ... + t^p[k]
- * where m = p[0] > p[1] > ... > p[k] = 0.
- */
-
-
-/* Performs modular reduction of a and store result in r.  r could be a. */
-int
-BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
-{
-	int j, k;
-	int n, dN, d0, d1;
-	BN_ULONG zz, *z;
-
-	bn_check_top(a);
-
-	if (!p[0]) {
-		/* reduction mod 1 => return 0 */
-		BN_zero(r);
-		return 1;
-	}
-
-	/* Since the algorithm does reduction in the r value, if a != r, copy
-	 * the contents of a into r so we can do reduction in r.
-	 */
-	if (a != r) {
-		if (!bn_wexpand(r, a->top))
-			return 0;
-		for (j = 0; j < a->top; j++) {
-			r->d[j] = a->d[j];
-		}
-		r->top = a->top;
-	}
-	z = r->d;
-
-	/* start reduction */
-	dN = p[0] / BN_BITS2;
-	for (j = r->top - 1; j > dN; ) {
-		zz = z[j];
-		if (z[j] == 0) {
-			j--;
-			continue;
-		}
-		z[j] = 0;
-
-		for (k = 1; p[k] != 0; k++) {
-			/* reducing component t^p[k] */
-			n = p[0] - p[k];
-			d0 = n % BN_BITS2;
-			d1 = BN_BITS2 - d0;
-			n /= BN_BITS2;
-			z[j - n] ^= (zz >> d0);
-			if (d0)
-				z[j - n - 1] ^= (zz << d1);
-		}
-
-		/* reducing component t^0 */
-		n = dN;
-		d0 = p[0] % BN_BITS2;
-		d1 = BN_BITS2 - d0;
-		z[j - n] ^= (zz >> d0);
-		if (d0)
-			z[j - n - 1] ^= (zz << d1);
-	}
-
-	/* final round of reduction */
-	while (j == dN) {
-
-		d0 = p[0] % BN_BITS2;
-		zz = z[dN] >> d0;
-		if (zz == 0)
-			break;
-		d1 = BN_BITS2 - d0;
-
-		/* clear up the top d1 bits */
-		if (d0)
-			z[dN] = (z[dN] << d1) >> d1;
-		else
-			z[dN] = 0;
-		z[0] ^= zz; /* reduction t^0 component */
-
-		for (k = 1; p[k] != 0; k++) {
-			BN_ULONG tmp_ulong;
-
-			/* reducing component t^p[k]*/
-			n = p[k] / BN_BITS2;
-			d0 = p[k] % BN_BITS2;
-			d1 = BN_BITS2 - d0;
-			z[n] ^= (zz << d0);
-			tmp_ulong = zz >> d1;
-			if (d0 && tmp_ulong)
-				z[n + 1] ^= tmp_ulong;
-		}
-
-
-	}
-
-	bn_correct_top(r);
-	return 1;
-}
-
-/* Performs modular reduction of a by p and store result in r.  r could be a.
- *
- * This function calls down to the BN_GF2m_mod_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_arr function.
- */
-int
-BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
-{
-	int ret = 0;
-	int arr[6];
-
-	bn_check_top(a);
-	bn_check_top(p);
-	ret = BN_GF2m_poly2arr(p, arr, sizeof(arr) / sizeof(arr[0]));
-	if (!ret || ret > (int)(sizeof(arr) / sizeof(arr[0]))) {
-		BNerr(BN_F_BN_GF2M_MOD, BN_R_INVALID_LENGTH);
-		return 0;
-	}
-	ret = BN_GF2m_mod_arr(r, a, arr);
-	bn_check_top(r);
-	return ret;
-}
-
-
-/* Compute the product of two polynomials a and b, reduce modulo p, and store
- * the result in r.  r could be a or b; a could be b.
- */
-int
-BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[],
-    BN_CTX *ctx)
-{
-	int zlen, i, j, k, ret = 0;
-	BIGNUM *s;
-	BN_ULONG x1, x0, y1, y0, zz[4];
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a == b) {
-		return BN_GF2m_mod_sqr_arr(r, a, p, ctx);
-	}
-
-	BN_CTX_start(ctx);
-	if ((s = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	zlen = a->top + b->top + 4;
-	if (!bn_wexpand(s, zlen))
-		goto err;
-	s->top = zlen;
-
-	for (i = 0; i < zlen; i++)
-		s->d[i] = 0;
-
-	for (j = 0; j < b->top; j += 2) {
-		y0 = b->d[j];
-		y1 = ((j + 1) == b->top) ? 0 : b->d[j + 1];
-		for (i = 0; i < a->top; i += 2) {
-			x0 = a->d[i];
-			x1 = ((i + 1) == a->top) ? 0 : a->d[i + 1];
-			bn_GF2m_mul_2x2(zz, x1, x0, y1, y0);
-			for (k = 0; k < 4; k++)
-				s->d[i + j + k] ^= zz[k];
-		}
-	}
-
-	bn_correct_top(s);
-	if (BN_GF2m_mod_arr(r, s, p))
-		ret = 1;
-	bn_check_top(r);
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Compute the product of two polynomials a and b, reduce modulo p, and store
- * the result in r.  r could be a or b; a could equal b.
- *
- * This function calls down to the BN_GF2m_mod_mul_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_mul_arr function.
- */
-int
-BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
-    BN_CTX *ctx)
-{
-	int ret = 0;
-	const int max = BN_num_bits(p) + 1;
-	int *arr = NULL;
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(p);
-	if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL)
-		goto err;
-	ret = BN_GF2m_poly2arr(p, arr, max);
-	if (!ret || ret > max) {
-		BNerr(BN_F_BN_GF2M_MOD_MUL, BN_R_INVALID_LENGTH);
-		goto err;
-	}
-	ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
-	bn_check_top(r);
-
-err:
-	free(arr);
-	return ret;
-}
-
-
-/* Square a, reduce the result mod p, and store it in a.  r could be a. */
-int
-BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx)
-{
-	int i, ret = 0;
-	BIGNUM *s;
-
-	bn_check_top(a);
-	BN_CTX_start(ctx);
-	if ((s = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (!bn_wexpand(s, 2 * a->top))
-		goto err;
-
-	for (i = a->top - 1; i >= 0; i--) {
-		s->d[2 * i + 1] = SQR1(a->d[i]);
-		s->d[2 * i] = SQR0(a->d[i]);
-	}
-
-	s->top = 2 * a->top;
-	bn_correct_top(s);
-	if (!BN_GF2m_mod_arr(r, s, p))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Square a, reduce the result mod p, and store it in a.  r could be a.
- *
- * This function calls down to the BN_GF2m_mod_sqr_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_sqr_arr function.
- */
-int
-BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-	int ret = 0;
-	const int max = BN_num_bits(p) + 1;
-	int *arr = NULL;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL)
-		goto err;
-	ret = BN_GF2m_poly2arr(p, arr, max);
-	if (!ret || ret > max) {
-		BNerr(BN_F_BN_GF2M_MOD_SQR, BN_R_INVALID_LENGTH);
-		goto err;
-	}
-	ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
-	bn_check_top(r);
-
-err:
-	free(arr);
-	return ret;
-}
-
-
-/* Invert a, reduce modulo p, and store the result in r. r could be a.
- * Uses Modified Almost Inverse Algorithm (Algorithm 10) from
- *     Hankerson, D., Hernandez, J.L., and Menezes, A.  "Software Implementation
- *     of Elliptic Curve Cryptography Over Binary Fields".
- */
-int
-BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-	BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp;
-	int ret = 0;
-
-	bn_check_top(a);
-	bn_check_top(p);
-
-	BN_CTX_start(ctx);
-
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((c = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((u = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((v = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod(u, a, p))
-		goto err;
-	if (BN_is_zero(u))
-		goto err;
-
-	if (!BN_copy(v, p))
-		goto err;
-#if 0
-	if (!BN_one(b))
-		goto err;
-
-	while (1) {
-		while (!BN_is_odd(u)) {
-			if (BN_is_zero(u))
-				goto err;
-			if (!BN_rshift1(u, u))
-				goto err;
-			if (BN_is_odd(b)) {
-				if (!BN_GF2m_add(b, b, p))
-					goto err;
-			}
-			if (!BN_rshift1(b, b))
-				goto err;
-		}
-
-		if (BN_abs_is_word(u, 1))
-			break;
-
-		if (BN_num_bits(u) < BN_num_bits(v)) {
-			tmp = u;
-			u = v;
-			v = tmp;
-			tmp = b;
-			b = c;
-			c = tmp;
-		}
-
-		if (!BN_GF2m_add(u, u, v))
-			goto err;
-		if (!BN_GF2m_add(b, b, c))
-			goto err;
-	}
-#else
-	{
-		int i,	ubits = BN_num_bits(u),
-		vbits = BN_num_bits(v),	/* v is copy of p */
-		top = p->top;
-		BN_ULONG *udp, *bdp, *vdp, *cdp;
-
-		if (!bn_wexpand(u, top))
-                        goto err;
-		udp = u->d;
-		for (i = u->top; i < top; i++)
-			udp[i] = 0;
-		u->top = top;
-		if (!bn_wexpand(b, top))
-                        goto err;
-		bdp = b->d;
-		bdp[0] = 1;
-		for (i = 1; i < top; i++)
-			bdp[i] = 0;
-		b->top = top;
-		if (!bn_wexpand(c, top))
-                        goto err;
-		cdp = c->d;
-		for (i = 0; i < top; i++)
-			cdp[i] = 0;
-		c->top = top;
-		vdp = v->d;	/* It pays off to "cache" *->d pointers, because
-				 * it allows optimizer to be more aggressive.
-				 * But we don't have to "cache" p->d, because *p
-				 * is declared 'const'... */
-		while (1) {
-			while (ubits && !(udp[0]&1)) {
-				BN_ULONG u0, u1, b0, b1, mask;
-
-				u0 = udp[0];
-				b0 = bdp[0];
-				mask = (BN_ULONG)0 - (b0 & 1);
-				b0  ^= p->d[0] & mask;
-				for (i = 0; i < top - 1; i++) {
-					u1 = udp[i + 1];
-					udp[i] = ((u0 >> 1) |
-					    (u1 << (BN_BITS2 - 1))) & BN_MASK2;
-					u0 = u1;
-					b1 = bdp[i + 1] ^ (p->d[i + 1] & mask);
-					bdp[i] = ((b0 >> 1) |
-					    (b1 << (BN_BITS2 - 1))) & BN_MASK2;
-					b0 = b1;
-				}
-				udp[i] = u0 >> 1;
-				bdp[i] = b0 >> 1;
-				ubits--;
-			}
-
-			if (ubits <= BN_BITS2) {
-				/* See if poly was reducible. */
-				if (udp[0] == 0)
-					goto err;
-				if (udp[0] == 1)
-					break;
-			}
-
-			if (ubits < vbits) {
-				i = ubits;
-				ubits = vbits;
-				vbits = i;
-				tmp = u;
-				u = v;
-				v = tmp;
-				tmp = b;
-				b = c;
-				c = tmp;
-				udp = vdp;
-				vdp = v->d;
-				bdp = cdp;
-				cdp = c->d;
-			}
-			for (i = 0; i < top; i++) {
-				udp[i] ^= vdp[i];
-				bdp[i] ^= cdp[i];
-			}
-			if (ubits == vbits) {
-				BN_ULONG ul;
-				int utop = (ubits - 1) / BN_BITS2;
-
-				while ((ul = udp[utop]) == 0 && utop)
-					utop--;
-				ubits = utop*BN_BITS2 + BN_num_bits_word(ul);
-			}
-		}
-		bn_correct_top(b);
-	}
-#endif
-
-	if (!BN_copy(r, b))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-#ifdef BN_DEBUG /* BN_CTX_end would complain about the expanded form */
-	bn_correct_top(c);
-	bn_correct_top(u);
-	bn_correct_top(v);
-#endif
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Invert xx, reduce modulo p, and store the result in r. r could be xx.
- *
- * This function calls down to the BN_GF2m_mod_inv implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_inv function.
- */
-int
-BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[], BN_CTX *ctx)
-{
-	BIGNUM *field;
-	int ret = 0;
-
-	bn_check_top(xx);
-	BN_CTX_start(ctx);
-	if ((field = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (!BN_GF2m_arr2poly(p, field))
-		goto err;
-
-	ret = BN_GF2m_mod_inv(r, xx, field, ctx);
-	bn_check_top(r);
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-
-#ifndef OPENSSL_SUN_GF2M_DIV
-/* Divide y by x, reduce modulo p, and store the result in r. r could be x
- * or y, x could equal y.
- */
-int
-BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
-    BN_CTX *ctx)
-{
-	BIGNUM *xinv = NULL;
-	int ret = 0;
-
-	bn_check_top(y);
-	bn_check_top(x);
-	bn_check_top(p);
-
-	BN_CTX_start(ctx);
-	if ((xinv = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod_inv(xinv, x, p, ctx))
-		goto err;
-	if (!BN_GF2m_mod_mul(r, y, xinv, p, ctx))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-#else
-/* Divide y by x, reduce modulo p, and store the result in r. r could be x
- * or y, x could equal y.
- * Uses algorithm Modular_Division_GF(2^m) from
- *     Chang-Shantz, S.  "From Euclid's GCD to Montgomery Multiplication to
- *     the Great Divide".
- */
-int
-BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p,
-    BN_CTX *ctx)
-{
-	BIGNUM *a, *b, *u, *v;
-	int ret = 0;
-
-	bn_check_top(y);
-	bn_check_top(x);
-	bn_check_top(p);
-
-	BN_CTX_start(ctx);
-
-	if ((a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((u = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((v = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* reduce x and y mod p */
-	if (!BN_GF2m_mod(u, y, p))
-		goto err;
-	if (!BN_GF2m_mod(a, x, p))
-		goto err;
-	if (!BN_copy(b, p))
-		goto err;
-
-	while (!BN_is_odd(a)) {
-		if (!BN_rshift1(a, a))
-			goto err;
-		if (BN_is_odd(u))
-			if (!BN_GF2m_add(u, u, p))
-				goto err;
-		if (!BN_rshift1(u, u))
-			goto err;
-	}
-
-	do {
-		if (BN_GF2m_cmp(b, a) > 0) {
-			if (!BN_GF2m_add(b, b, a))
-				goto err;
-			if (!BN_GF2m_add(v, v, u))
-				goto err;
-			do {
-				if (!BN_rshift1(b, b))
-					goto err;
-				if (BN_is_odd(v))
-					if (!BN_GF2m_add(v, v, p))
-						goto err;
-				if (!BN_rshift1(v, v))
-					goto err;
-			} while (!BN_is_odd(b));
-		} else if (BN_abs_is_word(a, 1))
-			break;
-		else {
-			if (!BN_GF2m_add(a, a, b))
-				goto err;
-			if (!BN_GF2m_add(u, u, v))
-				goto err;
-			do {
-				if (!BN_rshift1(a, a))
-					goto err;
-				if (BN_is_odd(u))
-					if (!BN_GF2m_add(u, u, p))
-						goto err;
-				if (!BN_rshift1(u, u))
-					goto err;
-			} while (!BN_is_odd(a));
-		}
-	} while (1);
-
-	if (!BN_copy(r, u))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-#endif
-
-/* Divide yy by xx, reduce modulo p, and store the result in r. r could be xx
- * or yy, xx could equal yy.
- *
- * This function calls down to the BN_GF2m_mod_div implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_div function.
- */
-int
-BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx,
-    const int p[], BN_CTX *ctx)
-{
-	BIGNUM *field;
-	int ret = 0;
-
-	bn_check_top(yy);
-	bn_check_top(xx);
-
-	BN_CTX_start(ctx);
-	if ((field = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (!BN_GF2m_arr2poly(p, field))
-		goto err;
-
-	ret = BN_GF2m_mod_div(r, yy, xx, field, ctx);
-	bn_check_top(r);
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-
-/* Compute the bth power of a, reduce modulo p, and store
- * the result in r.  r could be a.
- * Uses simple square-and-multiply algorithm A.5.1 from IEEE P1363.
- */
-int
-BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[],
-    BN_CTX *ctx)
-{
-	int ret = 0, i, n;
-	BIGNUM *u;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (BN_is_zero(b))
-		return (BN_one(r));
-
-	if (BN_abs_is_word(b, 1))
-		return (BN_copy(r, a) != NULL);
-
-	BN_CTX_start(ctx);
-	if ((u = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod_arr(u, a, p))
-		goto err;
-
-	n = BN_num_bits(b) - 1;
-	for (i = n - 1; i >= 0; i--) {
-		if (!BN_GF2m_mod_sqr_arr(u, u, p, ctx))
-			goto err;
-		if (BN_is_bit_set(b, i)) {
-			if (!BN_GF2m_mod_mul_arr(u, u, a, p, ctx))
-				goto err;
-		}
-	}
-	if (!BN_copy(r, u))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Compute the bth power of a, reduce modulo p, and store
- * the result in r.  r could be a.
- *
- * This function calls down to the BN_GF2m_mod_exp_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_exp_arr function.
- */
-int
-BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p,
-    BN_CTX *ctx)
-{
-	int ret = 0;
-	const int max = BN_num_bits(p) + 1;
-	int *arr = NULL;
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(p);
-	if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL)
-		goto err;
-	ret = BN_GF2m_poly2arr(p, arr, max);
-	if (!ret || ret > max) {
-		BNerr(BN_F_BN_GF2M_MOD_EXP, BN_R_INVALID_LENGTH);
-		goto err;
-	}
-	ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
-	bn_check_top(r);
-
-err:
-	free(arr);
-	return ret;
-}
-
-/* Compute the square root of a, reduce modulo p, and store
- * the result in r.  r could be a.
- * Uses exponentiation as in algorithm A.4.1 from IEEE P1363.
- */
-int
-BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx)
-{
-	int ret = 0;
-	BIGNUM *u;
-
-	bn_check_top(a);
-
-	if (!p[0]) {
-		/* reduction mod 1 => return 0 */
-		BN_zero(r);
-		return 1;
-	}
-
-	BN_CTX_start(ctx);
-	if ((u = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_set_bit(u, p[0] - 1))
-		goto err;
-	ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx);
-	bn_check_top(r);
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Compute the square root of a, reduce modulo p, and store
- * the result in r.  r could be a.
- *
- * This function calls down to the BN_GF2m_mod_sqrt_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_sqrt_arr function.
- */
-int
-BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-	int ret = 0;
-	const int max = BN_num_bits(p) + 1;
-	int *arr = NULL;
-	bn_check_top(a);
-	bn_check_top(p);
-	if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL)
-		goto err;
-	ret = BN_GF2m_poly2arr(p, arr, max);
-	if (!ret || ret > max) {
-		BNerr(BN_F_BN_GF2M_MOD_SQRT, BN_R_INVALID_LENGTH);
-		goto err;
-	}
-	ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
-	bn_check_top(r);
-
-err:
-	free(arr);
-	return ret;
-}
-
-/* Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns 0.
- * Uses algorithms A.4.7 and A.4.6 from IEEE P1363.
- */
-int
-BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
-    BN_CTX *ctx)
-{
-	int ret = 0, count = 0, j;
-	BIGNUM *a, *z, *rho, *w, *w2, *tmp;
-
-	bn_check_top(a_);
-
-	if (!p[0]) {
-		/* reduction mod 1 => return 0 */
-		BN_zero(r);
-		return 1;
-	}
-
-	BN_CTX_start(ctx);
-	if ((a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((z = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((w = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod_arr(a, a_, p))
-		goto err;
-
-	if (BN_is_zero(a)) {
-		BN_zero(r);
-		ret = 1;
-		goto err;
-	}
-
-	if (p[0] & 0x1) /* m is odd */
-	{
-		/* compute half-trace of a */
-		if (!BN_copy(z, a))
-			goto err;
-		for (j = 1; j <= (p[0] - 1) / 2; j++) {
-			if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-				goto err;
-			if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-				goto err;
-			if (!BN_GF2m_add(z, z, a))
-				goto err;
-		}
-
-	}
-	else /* m is even */
-	{
-		if ((rho = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		if ((w2 = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		if ((tmp = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		do {
-			if (!BN_rand(rho, p[0], 0, 0))
-				goto err;
-			if (!BN_GF2m_mod_arr(rho, rho, p))
-				goto err;
-			BN_zero(z);
-			if (!BN_copy(w, rho))
-				goto err;
-			for (j = 1; j <= p[0] - 1; j++) {
-				if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
-					goto err;
-				if (!BN_GF2m_mod_sqr_arr(w2, w, p, ctx))
-					goto err;
-				if (!BN_GF2m_mod_mul_arr(tmp, w2, a, p, ctx))
-					goto err;
-				if (!BN_GF2m_add(z, z, tmp))
-					goto err;
-				if (!BN_GF2m_add(w, w2, rho))
-					goto err;
-			}
-			count++;
-		} while (BN_is_zero(w) && (count < MAX_ITERATIONS));
-		if (BN_is_zero(w)) {
-			BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR,
-			    BN_R_TOO_MANY_ITERATIONS);
-			goto err;
-		}
-	}
-
-	if (!BN_GF2m_mod_sqr_arr(w, z, p, ctx))
-		goto err;
-	if (!BN_GF2m_add(w, z, w))
-		goto err;
-	if (BN_GF2m_cmp(w, a)) {
-		BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, BN_R_NO_SOLUTION);
-		goto err;
-	}
-
-	if (!BN_copy(r, z))
-		goto err;
-	bn_check_top(r);
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns 0.
- *
- * This function calls down to the BN_GF2m_mod_solve_quad_arr implementation; this wrapper
- * function is only provided for convenience; for best performance, use the
- * BN_GF2m_mod_solve_quad_arr function.
- */
-int
-BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-{
-	int ret = 0;
-	const int max = BN_num_bits(p) + 1;
-	int *arr = NULL;
-
-	bn_check_top(a);
-	bn_check_top(p);
-	if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL)
-		goto err;
-	ret = BN_GF2m_poly2arr(p, arr, max);
-	if (!ret || ret > max) {
-		BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD, BN_R_INVALID_LENGTH);
-		goto err;
-	}
-	ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
-	bn_check_top(r);
-
-err:
-	free(arr);
-	return ret;
-}
-
-/* Convert the bit-string representation of a polynomial
- * ( \sum_{i=0}^n a_i * x^i) into an array of integers corresponding
- * to the bits with non-zero coefficient.  Array is terminated with -1.
- * Up to max elements of the array will be filled.  Return value is total
- * number of array elements that would be filled if array was large enough.
- */
-int
-BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
-{
-	int i, j, k = 0;
-	BN_ULONG mask;
-
-	if (BN_is_zero(a))
-		return 0;
-
-	for (i = a->top - 1; i >= 0; i--) {
-		if (!a->d[i])
-			/* skip word if a->d[i] == 0 */
-			continue;
-		mask = BN_TBIT;
-		for (j = BN_BITS2 - 1; j >= 0; j--) {
-			if (a->d[i] & mask) {
-				if (k < max)
-					p[k] = BN_BITS2 * i + j;
-				k++;
-			}
-			mask >>= 1;
-		}
-	}
-
-	if (k < max) {
-		p[k] = -1;
-		k++;
-	}
-
-	return k;
-}
-
-/* Convert the coefficient array representation of a polynomial to a
- * bit-string.  The array must be terminated by -1.
- */
-int
-BN_GF2m_arr2poly(const int p[], BIGNUM *a)
-{
-	int i;
-
-	bn_check_top(a);
-	BN_zero(a);
-	for (i = 0; p[i] != -1; i++) {
-		if (BN_set_bit(a, p[i]) == 0)
-			return 0;
-	}
-	bn_check_top(a);
-
-	return 1;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/bn/bn_kron.c b/lib/libssl/src/crypto/bn/bn_kron.c
deleted file mode 100644
index 274da5d1868..00000000000
--- a/lib/libssl/src/crypto/bn/bn_kron.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* $OpenBSD: bn_kron.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "bn_lcl.h"
-
-/* least significant word */
-#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
-
-/* Returns -2 for errors because both -1 and 0 are valid results. */
-int
-BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-	int i;
-	int ret = -2; /* avoid 'uninitialized' warning */
-	int err = 0;
-	BIGNUM *A, *B, *tmp;
-
-	/* In 'tab', only odd-indexed entries are relevant:
-	 * For any odd BIGNUM n,
-	 *     tab[BN_lsw(n) & 7]
-	 * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
-	 * Note that the sign of n does not matter.
-	 */
-	static const int tab[8] = {0, 1, 0, -1, 0, -1, 0, 1};
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	BN_CTX_start(ctx);
-	if ((A = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((B = BN_CTX_get(ctx)) == NULL)
-		goto end;
-
-	err = !BN_copy(A, a);
-	if (err)
-		goto end;
-	err = !BN_copy(B, b);
-	if (err)
-		goto end;
-
-	/*
-	 * Kronecker symbol, imlemented according to Henri Cohen,
-	 * "A Course in Computational Algebraic Number Theory"
-	 * (algorithm 1.4.10).
-	 */
-
-	/* Cohen's step 1: */
-
-	if (BN_is_zero(B)) {
-		ret = BN_abs_is_word(A, 1);
-		goto end;
-	}
-
-	/* Cohen's step 2: */
-
-	if (!BN_is_odd(A) && !BN_is_odd(B)) {
-		ret = 0;
-		goto end;
-	}
-
-	/* now  B  is non-zero */
-	i = 0;
-	while (!BN_is_bit_set(B, i))
-		i++;
-	err = !BN_rshift(B, B, i);
-	if (err)
-		goto end;
-	if (i & 1) {
-		/* i is odd */
-		/* (thus  B  was even, thus  A  must be odd!)  */
-
-		/* set 'ret' to $(-1)^{(A^2-1)/8}$ */
-		ret = tab[BN_lsw(A) & 7];
-	} else {
-		/* i is even */
-		ret = 1;
-	}
-
-	if (B->neg) {
-		B->neg = 0;
-		if (A->neg)
-			ret = -ret;
-	}
-
-	/* now  B  is positive and odd, so what remains to be done is
-	 * to compute the Jacobi symbol  (A/B)  and multiply it by 'ret' */
-
-	while (1) {
-		/* Cohen's step 3: */
-
-		/*  B  is positive and odd */
-
-		if (BN_is_zero(A)) {
-			ret = BN_is_one(B) ? ret : 0;
-			goto end;
-		}
-
-		/* now  A  is non-zero */
-		i = 0;
-		while (!BN_is_bit_set(A, i))
-			i++;
-		err = !BN_rshift(A, A, i);
-		if (err)
-			goto end;
-		if (i & 1) {
-			/* i is odd */
-			/* multiply 'ret' by  $(-1)^{(B^2-1)/8}$ */
-			ret = ret * tab[BN_lsw(B) & 7];
-		}
-
-		/* Cohen's step 4: */
-		/* multiply 'ret' by  $(-1)^{(A-1)(B-1)/4}$ */
-		if ((A->neg ? ~BN_lsw(A) : BN_lsw(A)) & BN_lsw(B) & 2)
-			ret = -ret;
-
-		/* (A, B) := (B mod |A|, |A|) */
-		err = !BN_nnmod(B, B, A, ctx);
-		if (err)
-			goto end;
-		tmp = A;
-		A = B;
-		B = tmp;
-		tmp->neg = 0;
-	}
-
-end:
-	BN_CTX_end(ctx);
-	if (err)
-		return -2;
-	else
-		return ret;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_lcl.h b/lib/libssl/src/crypto/bn/bn_lcl.h
deleted file mode 100644
index eb4af1b75b5..00000000000
--- a/lib/libssl/src/crypto/bn/bn_lcl.h
+++ /dev/null
@@ -1,484 +0,0 @@
-/* $OpenBSD: bn_lcl.h,v 1.22 2015/11/06 21:42:32 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_BN_LCL_H
-#define HEADER_BN_LCL_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-/*
- * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
- *
- *
- * For window size 'w' (w >= 2) and a random 'b' bits exponent,
- * the number of multiplications is a constant plus on average
- *
- *    2^(w-1) + (b-w)/(w+1);
- *
- * here  2^(w-1)  is for precomputing the table (we actually need
- * entries only for windows that have the lowest bit set), and
- * (b-w)/(w+1)  is an approximation for the expected number of
- * w-bit windows, not counting the first one.
- *
- * Thus we should use
- *
- *    w >= 6  if        b > 671
- *     w = 5  if  671 > b > 239
- *     w = 4  if  239 > b >  79
- *     w = 3  if   79 > b >  23
- *    w <= 2  if   23 > b
- *
- * (with draws in between).  Very small exponents are often selected
- * with low Hamming weight, so we use  w = 1  for b <= 23.
- */
-#define BN_window_bits_for_exponent_size(b) \
-		((b) > 671 ? 6 : \
-		 (b) > 239 ? 5 : \
-		 (b) >  79 ? 4 : \
-		 (b) >  23 ? 3 : 1)
-
-
-/* BN_mod_exp_mont_consttime is based on the assumption that the
- * L1 data cache line width of the target processor is at least
- * the following value.
- */
-#define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH	( 64 )
-#define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK	(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
-
-/* Window sizes optimized for fixed window size modular exponentiation
- * algorithm (BN_mod_exp_mont_consttime).
- *
- * To achieve the security goals of BN_mode_exp_mont_consttime, the
- * maximum size of the window must not exceed
- * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH).
- *
- * Window size thresholds are defined for cache line sizes of 32 and 64,
- * cache line sizes where log_2(32)=5 and log_2(64)=6 respectively. A
- * window size of 7 should only be used on processors that have a 128
- * byte or greater cache line size.
- */
-#if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-		((b) > 937 ? 6 : \
-		 (b) > 306 ? 5 : \
-		 (b) >  89 ? 4 : \
-		 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(6)
-
-#elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
-
-#  define BN_window_bits_for_ctime_exponent_size(b) \
-		((b) > 306 ? 5 : \
-		 (b) >  89 ? 4 : \
-		 (b) >  22 ? 3 : 1)
-#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE	(5)
-
-#endif
-
-
-/* Pentium pro 16,16,16,32,64 */
-/* Alpha       16,16,16,16.64 */
-#define BN_MULL_SIZE_NORMAL			(16) /* 32 */
-#define BN_MUL_RECURSIVE_SIZE_NORMAL		(16) /* 32 less than */
-#define BN_SQR_RECURSIVE_SIZE_NORMAL		(16) /* 32 */
-#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL	(32) /* 32 */
-#define BN_MONT_CTX_SET_SIZE_WORD		(64) /* 32 */
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-/*
- * BN_UMULT_HIGH section.
- *
- * No, I'm not trying to overwhelm you when stating that the
- * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
- * you to be impressed when I say that if the compiler doesn't
- * support 2*N integer type, then you have to replace every N*N
- * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
- * and additions which unavoidably results in severe performance
- * penalties. Of course provided that the hardware is capable of
- * producing 2*N result... That's when you normally start
- * considering assembler implementation. However! It should be
- * pointed out that some CPUs (most notably Alpha, PowerPC and
- * upcoming IA-64 family:-) provide *separate* instruction
- * calculating the upper half of the product placing the result
- * into a general purpose register. Now *if* the compiler supports
- * inline assembler, then it's not impossible to implement the
- * "bignum" routines (and have the compiler optimize 'em)
- * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
- * macro is about:-)
- *
- *					<appro@fy.chalmers.se>
- */
-# if defined(__alpha)
-#  if defined(__GNUC__) && __GNUC__>=2
-#   define BN_UMULT_HIGH(a,b)	({	\
-	BN_ULONG ret;		\
-	asm ("umulh	%1,%2,%0"	\
-	     : "=r"(ret)		\
-	     : "r"(a), "r"(b));		\
-	ret;			})
-#  endif	/* compiler */
-# elif defined(_ARCH_PPC) && defined(_LP64)
-#  if defined(__GNUC__) && __GNUC__>=2
-#   define BN_UMULT_HIGH(a,b)	({	\
-	BN_ULONG ret;		\
-	asm ("mulhdu	%0,%1,%2"	\
-	     : "=r"(ret)		\
-	     : "r"(a), "r"(b));		\
-	ret;			})
-#  endif	/* compiler */
-# elif defined(__x86_64) || defined(__x86_64__)
-#  if defined(__GNUC__) && __GNUC__>=2
-#   define BN_UMULT_HIGH(a,b)	({	\
-	BN_ULONG ret,discard;	\
-	asm ("mulq	%3"		\
-	     : "=a"(discard),"=d"(ret)	\
-	     : "a"(a), "g"(b)		\
-	     : "cc");			\
-	ret;			})
-#   define BN_UMULT_LOHI(low,high,a,b)	\
-	asm ("mulq	%3"		\
-		: "=a"(low),"=d"(high)	\
-		: "a"(a),"g"(b)		\
-		: "cc");
-#  endif
-# elif defined(__mips) && defined(_LP64)
-#  if defined(__GNUC__) && __GNUC__>=2
-#   if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) /* "h" constraint is no more since 4.4 */
-#     define BN_UMULT_HIGH(a,b)		 (((__uint128_t)(a)*(b))>>64)
-#     define BN_UMULT_LOHI(low,high,a,b) ({	\
-	__uint128_t ret=(__uint128_t)(a)*(b);	\
-	(high)=ret>>64; (low)=ret;	 })
-#   else
-#     define BN_UMULT_HIGH(a,b)	({	\
-	BN_ULONG ret;		\
-	asm ("dmultu	%1,%2"		\
-	     : "=h"(ret)		\
-	     : "r"(a), "r"(b) : "l");	\
-	ret;			})
-#     define BN_UMULT_LOHI(low,high,a,b)\
-	asm ("dmultu	%2,%3"		\
-	     : "=l"(low),"=h"(high)	\
-	     : "r"(a), "r"(b));
-#    endif
-#  endif
-# endif		/* cpu */
-#endif		/* OPENSSL_NO_ASM */
-
-/*************************************************************
- * Using the long long type
- */
-#define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
-#define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
-
-#ifdef BN_DEBUG_RAND
-#define bn_clear_top2max(a) \
-	{ \
-	int      ind = (a)->dmax - (a)->top; \
-	BN_ULONG *ftl = &(a)->d[(a)->top-1]; \
-	for (; ind != 0; ind--) \
-		*(++ftl) = 0x0; \
-	}
-#else
-#define bn_clear_top2max(a)
-#endif
-
-#ifdef BN_LLONG
-#define mul_add(r,a,w,c) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)w * (a) + (r) + (c); \
-	(r)= Lw(t); \
-	(c)= Hw(t); \
-	}
-
-#define mul(r,a,w,c) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)w * (a) + (c); \
-	(r)= Lw(t); \
-	(c)= Hw(t); \
-	}
-
-#define sqr(r0,r1,a) { \
-	BN_ULLONG t; \
-	t=(BN_ULLONG)(a)*(a); \
-	(r0)=Lw(t); \
-	(r1)=Hw(t); \
-	}
-
-#elif defined(BN_UMULT_LOHI)
-#define mul_add(r,a,w,c) {		\
-	BN_ULONG high,low,ret,tmp=(a);	\
-	ret =  (r);			\
-	BN_UMULT_LOHI(low,high,w,tmp);	\
-	ret += (c);			\
-	(c) =  (ret<(c))?1:0;		\
-	(c) += high;			\
-	ret += low;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define mul(r,a,w,c)	{		\
-	BN_ULONG high,low,ret,ta=(a);	\
-	BN_UMULT_LOHI(low,high,w,ta);	\
-	ret =  low + (c);		\
-	(c) =  high;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define sqr(r0,r1,a)	{		\
-	BN_ULONG tmp=(a);		\
-	BN_UMULT_LOHI(r0,r1,tmp,tmp);	\
-	}
-
-#elif defined(BN_UMULT_HIGH)
-#define mul_add(r,a,w,c) {		\
-	BN_ULONG high,low,ret,tmp=(a);	\
-	ret =  (r);			\
-	high=  BN_UMULT_HIGH(w,tmp);	\
-	ret += (c);			\
-	low =  (w) * tmp;		\
-	(c) =  (ret<(c))?1:0;		\
-	(c) += high;			\
-	ret += low;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define mul(r,a,w,c)	{		\
-	BN_ULONG high,low,ret,ta=(a);	\
-	low =  (w) * ta;		\
-	high=  BN_UMULT_HIGH(w,ta);	\
-	ret =  low + (c);		\
-	(c) =  high;			\
-	(c) += (ret<low)?1:0;		\
-	(r) =  ret;			\
-	}
-
-#define sqr(r0,r1,a)	{		\
-	BN_ULONG tmp=(a);		\
-	(r0) = tmp * tmp;		\
-	(r1) = BN_UMULT_HIGH(tmp,tmp);	\
-	}
-
-#else
-/*************************************************************
- * No long long type
- */
-
-#define LBITS(a)	((a)&BN_MASK2l)
-#define HBITS(a)	(((a)>>BN_BITS4)&BN_MASK2l)
-#define	L2HBITS(a)	(((a)<<BN_BITS4)&BN_MASK2)
-
-#define mul64(l,h,bl,bh) \
-	{ \
-	BN_ULONG m,m1,lt,ht; \
- \
-	lt=l; \
-	ht=h; \
-	m =(bh)*(lt); \
-	lt=(bl)*(lt); \
-	m1=(bl)*(ht); \
-	ht =(bh)*(ht); \
-	m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
-	ht+=HBITS(m); \
-	m1=L2HBITS(m); \
-	lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
-	(l)=lt; \
-	(h)=ht; \
-	}
-
-#define sqr64(lo,ho,in) \
-	{ \
-	BN_ULONG l,h,m; \
- \
-	h=(in); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	m =(l)*(h); \
-	l*=l; \
-	h*=h; \
-	h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
-	m =(m&BN_MASK2l)<<(BN_BITS4+1); \
-	l=(l+m)&BN_MASK2; if (l < m) h++; \
-	(lo)=l; \
-	(ho)=h; \
-	}
-
-#define mul_add(r,a,bl,bh,c) { \
-	BN_ULONG l,h; \
- \
-	h= (a); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	mul64(l,h,(bl),(bh)); \
- \
-	/* non-multiply part */ \
-	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-	(c)=(r); \
-	l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
-	(c)=h&BN_MASK2; \
-	(r)=l; \
-	}
-
-#define mul(r,a,bl,bh,c) { \
-	BN_ULONG l,h; \
- \
-	h= (a); \
-	l=LBITS(h); \
-	h=HBITS(h); \
-	mul64(l,h,(bl),(bh)); \
- \
-	/* non-multiply part */ \
-	l+=(c); if ((l&BN_MASK2) < (c)) h++; \
-	(c)=h&BN_MASK2; \
-	(r)=l&BN_MASK2; \
-	}
-#endif /* !BN_LLONG */
-
-	void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
-void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
-void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
-void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
-void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);
-void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
-int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n);
-int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b,
-    int cl, int dl);
-void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-    int dna, int dnb, BN_ULONG *t);
-void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
-    int n, int tna, int tnb, BN_ULONG *t);
-void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t);
-void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
-void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
-    BN_ULONG *t);
-void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-    BN_ULONG *t);
-BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-    int cl, int dl);
-BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
-    int cl, int dl);
-int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/bn/bn_lib.c b/lib/libssl/src/crypto/bn/bn_lib.c
deleted file mode 100644
index 17f4ae89daf..00000000000
--- a/lib/libssl/src/crypto/bn/bn_lib.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/* $OpenBSD: bn_lib.c,v 1.36 2016/03/15 20:50:22 krw Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-/* This stuff appears to be completely unused, so is deprecated */
-#ifndef OPENSSL_NO_DEPRECATED
-/* For a 32 bit machine
- * 2 -   4 ==  128
- * 3 -   8 ==  256
- * 4 -  16 ==  512
- * 5 -  32 == 1024
- * 6 -  64 == 2048
- * 7 - 128 == 4096
- * 8 - 256 == 8192
- */
-static int bn_limit_bits = 0;
-static int bn_limit_num = 8;        /* (1<<bn_limit_bits) */
-static int bn_limit_bits_low = 0;
-static int bn_limit_num_low = 8;    /* (1<<bn_limit_bits_low) */
-static int bn_limit_bits_high = 0;
-static int bn_limit_num_high = 8;   /* (1<<bn_limit_bits_high) */
-static int bn_limit_bits_mont = 0;
-static int bn_limit_num_mont = 8;   /* (1<<bn_limit_bits_mont) */
-
-void
-BN_set_params(int mult, int high, int low, int mont)
-{
-	if (mult >= 0) {
-		if (mult > (int)(sizeof(int) * 8) - 1)
-			mult = sizeof(int) * 8 - 1;
-		bn_limit_bits = mult;
-		bn_limit_num = 1 << mult;
-	}
-	if (high >= 0) {
-		if (high > (int)(sizeof(int) * 8) - 1)
-			high = sizeof(int) * 8 - 1;
-		bn_limit_bits_high = high;
-		bn_limit_num_high = 1 << high;
-	}
-	if (low >= 0) {
-		if (low > (int)(sizeof(int) * 8) - 1)
-			low = sizeof(int) * 8 - 1;
-		bn_limit_bits_low = low;
-		bn_limit_num_low = 1 << low;
-	}
-	if (mont >= 0) {
-		if (mont > (int)(sizeof(int) * 8) - 1)
-			mont = sizeof(int) * 8 - 1;
-		bn_limit_bits_mont = mont;
-		bn_limit_num_mont = 1 << mont;
-	}
-}
-
-int
-BN_get_params(int which)
-{
-	if (which == 0)
-		return (bn_limit_bits);
-	else if (which == 1)
-		return (bn_limit_bits_high);
-	else if (which == 2)
-		return (bn_limit_bits_low);
-	else if (which == 3)
-		return (bn_limit_bits_mont);
-	else
-		return (0);
-}
-#endif
-
-const BIGNUM *
-BN_value_one(void)
-{
-	static const BN_ULONG data_one = 1L;
-	static const BIGNUM const_one = {
-		(BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA
-	};
-
-	return (&const_one);
-}
-
-int
-BN_num_bits_word(BN_ULONG l)
-{
-	static const unsigned char bits[256] = {
-		0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
-		5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
-		6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-		6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
-		7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-		7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-		7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-		7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,  8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-		8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
-	};
-
-#ifdef _LP64
-	if (l & 0xffffffff00000000L) {
-		if (l & 0xffff000000000000L) {
-			if (l & 0xff00000000000000L) {
-				return (bits[(int)(l >> 56)] + 56);
-			} else
-				return (bits[(int)(l >> 48)] + 48);
-		} else {
-			if (l & 0x0000ff0000000000L) {
-				return (bits[(int)(l >> 40)] + 40);
-			} else
-				return (bits[(int)(l >> 32)] + 32);
-		}
-	} else
-#endif
-	{
-		if (l & 0xffff0000L) {
-			if (l & 0xff000000L)
-				return (bits[(int)(l >> 24L)] + 24);
-			else
-				return (bits[(int)(l >> 16L)] + 16);
-		} else {
-			if (l & 0xff00L)
-				return (bits[(int)(l >> 8)] + 8);
-			else
-				return (bits[(int)(l)]);
-		}
-	}
-}
-
-int
-BN_num_bits(const BIGNUM *a)
-{
-	int i = a->top - 1;
-
-	bn_check_top(a);
-
-	if (BN_is_zero(a))
-		return 0;
-	return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
-}
-
-void
-BN_clear_free(BIGNUM *a)
-{
-	int i;
-
-	if (a == NULL)
-		return;
-	bn_check_top(a);
-	if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) {
-		explicit_bzero(a->d, a->dmax * sizeof(a->d[0]));
-		free(a->d);
-	}
-	i = BN_get_flags(a, BN_FLG_MALLOCED);
-	explicit_bzero(a, sizeof(BIGNUM));
-	if (i)
-		free(a);
-}
-
-void
-BN_free(BIGNUM *a)
-{
-	BN_clear_free(a);
-}
-
-void
-BN_init(BIGNUM *a)
-{
-	memset(a, 0, sizeof(BIGNUM));
-	bn_check_top(a);
-}
-
-BIGNUM *
-BN_new(void)
-{
-	BIGNUM *ret;
-
-	if ((ret = malloc(sizeof(BIGNUM))) == NULL) {
-		BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->flags = BN_FLG_MALLOCED;
-	ret->top = 0;
-	ret->neg = 0;
-	ret->dmax = 0;
-	ret->d = NULL;
-	bn_check_top(ret);
-	return (ret);
-}
-
-/* This is used both by bn_expand2() and bn_dup_expand() */
-/* The caller MUST check that words > b->dmax before calling this */
-static BN_ULONG *
-bn_expand_internal(const BIGNUM *b, int words)
-{
-	BN_ULONG *A, *a = NULL;
-	const BN_ULONG *B;
-	int i;
-
-	bn_check_top(b);
-
-	if (words > (INT_MAX/(4*BN_BITS2))) {
-		BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
-		return NULL;
-	}
-	if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
-		BNerr(BN_F_BN_EXPAND_INTERNAL,
-		    BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
-		return (NULL);
-	}
-	a = A = reallocarray(NULL, words, sizeof(BN_ULONG));
-	if (A == NULL) {
-		BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-#if 1
-	B = b->d;
-	/* Check if the previous number needs to be copied */
-	if (B != NULL) {
-		for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
-			/*
-			 * The fact that the loop is unrolled
-			 * 4-wise is a tribute to Intel. It's
-			 * the one that doesn't have enough
-			 * registers to accommodate more data.
-			 * I'd unroll it 8-wise otherwise:-)
-			 *
-			 *		<appro@fy.chalmers.se>
-			 */
-			BN_ULONG a0, a1, a2, a3;
-			a0 = B[0];
-			a1 = B[1];
-			a2 = B[2];
-			a3 = B[3];
-			A[0] = a0;
-			A[1] = a1;
-			A[2] = a2;
-			A[3] = a3;
-		}
-		switch (b->top & 3) {
-		case 3:
-			A[2] = B[2];
-		case 2:
-			A[1] = B[1];
-		case 1:
-			A[0] = B[0];
-		}
-	}
-
-#else
-	memset(A, 0, sizeof(BN_ULONG) * words);
-	memcpy(A, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
-	return (a);
-}
-
-/* This is an internal function that can be used instead of bn_expand2()
- * when there is a need to copy BIGNUMs instead of only expanding the
- * data part, while still expanding them.
- * Especially useful when needing to expand BIGNUMs that are declared
- * 'const' and should therefore not be changed.
- * The reason to use this instead of a BN_dup() followed by a bn_expand2()
- * is memory allocation overhead.  A BN_dup() followed by a bn_expand2()
- * will allocate new memory for the BIGNUM data twice, and free it once,
- * while bn_dup_expand() makes sure allocation is made only once.
- */
-
-#ifndef OPENSSL_NO_DEPRECATED
-BIGNUM *
-bn_dup_expand(const BIGNUM *b, int words)
-{
-	BIGNUM *r = NULL;
-
-	bn_check_top(b);
-
-	/* This function does not work if
-	 *      words <= b->dmax && top < words
-	 * because BN_dup() does not preserve 'dmax'!
-	 * (But bn_dup_expand() is not used anywhere yet.)
-	 */
-
-	if (words > b->dmax) {
-		BN_ULONG *a = bn_expand_internal(b, words);
-
-		if (a) {
-			r = BN_new();
-			if (r) {
-				r->top = b->top;
-				r->dmax = words;
-				r->neg = b->neg;
-				r->d = a;
-			} else {
-				/* r == NULL, BN_new failure */
-				free(a);
-			}
-		}
-		/* If a == NULL, there was an error in allocation in
-		   bn_expand_internal(), and NULL should be returned */
-	} else {
-		r = BN_dup(b);
-	}
-
-	bn_check_top(r);
-	return r;
-}
-#endif
-
-/* This is an internal function that should not be used in applications.
- * It ensures that 'b' has enough room for a 'words' word number
- * and initialises any unused part of b->d with leading zeros.
- * It is mostly used by the various BIGNUM routines. If there is an error,
- * NULL is returned. If not, 'b' is returned. */
-
-BIGNUM *
-bn_expand2(BIGNUM *b, int words)
-{
-	bn_check_top(b);
-
-	if (words > b->dmax) {
-		BN_ULONG *a = bn_expand_internal(b, words);
-		if (!a)
-			return NULL;
-		if (b->d) {
-			explicit_bzero(b->d, b->dmax * sizeof(b->d[0]));
-			free(b->d);
-		}
-		b->d = a;
-		b->dmax = words;
-	}
-
-/* None of this should be necessary because of what b->top means! */
-#if 0
-	/* NB: bn_wexpand() calls this only if the BIGNUM really has to grow */
-	if (b->top < b->dmax) {
-		int i;
-		BN_ULONG *A = &(b->d[b->top]);
-		for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
-			A[0] = 0;
-			A[1] = 0;
-			A[2] = 0;
-			A[3] = 0;
-			A[4] = 0;
-			A[5] = 0;
-			A[6] = 0;
-			A[7] = 0;
-		}
-		for (i = (b->dmax - b->top)&7; i > 0; i--, A++)
-			A[0] = 0;
-		assert(A == &(b->d[b->dmax]));
-	}
-#endif
-	bn_check_top(b);
-	return b;
-}
-
-BIGNUM *
-BN_dup(const BIGNUM *a)
-{
-	BIGNUM *t;
-
-	if (a == NULL)
-		return NULL;
-	bn_check_top(a);
-
-	t = BN_new();
-	if (t == NULL)
-		return NULL;
-	if (!BN_copy(t, a)) {
-		BN_free(t);
-		return NULL;
-	}
-	bn_check_top(t);
-	return t;
-}
-
-BIGNUM *
-BN_copy(BIGNUM *a, const BIGNUM *b)
-{
-	int i;
-	BN_ULONG *A;
-	const BN_ULONG *B;
-
-	bn_check_top(b);
-
-	if (a == b)
-		return (a);
-	if (bn_wexpand(a, b->top) == NULL)
-		return (NULL);
-
-#if 1
-	A = a->d;
-	B = b->d;
-	for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
-		BN_ULONG a0, a1, a2, a3;
-		a0 = B[0];
-		a1 = B[1];
-		a2 = B[2];
-		a3 = B[3];
-		A[0] = a0;
-		A[1] = a1;
-		A[2] = a2;
-		A[3] = a3;
-	}
-	switch (b->top & 3) {
-	case 3:
-		A[2] = B[2];
-	case 2:
-		A[1] = B[1];
-	case 1:
-		A[0] = B[0];
-	}
-#else
-	memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
-#endif
-
-	a->top = b->top;
-	a->neg = b->neg;
-	bn_check_top(a);
-	return (a);
-}
-
-void
-BN_swap(BIGNUM *a, BIGNUM *b)
-{
-	int flags_old_a, flags_old_b;
-	BN_ULONG *tmp_d;
-	int tmp_top, tmp_dmax, tmp_neg;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	flags_old_a = a->flags;
-	flags_old_b = b->flags;
-
-	tmp_d = a->d;
-	tmp_top = a->top;
-	tmp_dmax = a->dmax;
-	tmp_neg = a->neg;
-
-	a->d = b->d;
-	a->top = b->top;
-	a->dmax = b->dmax;
-	a->neg = b->neg;
-
-	b->d = tmp_d;
-	b->top = tmp_top;
-	b->dmax = tmp_dmax;
-	b->neg = tmp_neg;
-
-	a->flags = (flags_old_a & BN_FLG_MALLOCED) |
-	    (flags_old_b & BN_FLG_STATIC_DATA);
-	b->flags = (flags_old_b & BN_FLG_MALLOCED) |
-	    (flags_old_a & BN_FLG_STATIC_DATA);
-	bn_check_top(a);
-	bn_check_top(b);
-}
-
-void
-BN_clear(BIGNUM *a)
-{
-	bn_check_top(a);
-	if (a->d != NULL)
-		memset(a->d, 0, a->dmax * sizeof(a->d[0]));
-	a->top = 0;
-	a->neg = 0;
-}
-
-BN_ULONG
-BN_get_word(const BIGNUM *a)
-{
-	if (a->top > 1)
-		return BN_MASK2;
-	else if (a->top == 1)
-		return a->d[0];
-	/* a->top == 0 */
-	return 0;
-}
-
-BIGNUM *
-bn_expand(BIGNUM *a, int bits)
-{
-	if (bits > (INT_MAX - BN_BITS2 + 1))
-		return (NULL);
-
-	if (((bits + BN_BITS2 - 1) / BN_BITS2) <= a->dmax)
-		return (a);
-
-	return bn_expand2(a, (bits + BN_BITS2 - 1) / BN_BITS2);
-}
-
-int
-BN_set_word(BIGNUM *a, BN_ULONG w)
-{
-	bn_check_top(a);
-	if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
-		return (0);
-	a->neg = 0;
-	a->d[0] = w;
-	a->top = (w ? 1 : 0);
-	bn_check_top(a);
-	return (1);
-}
-
-BIGNUM *
-BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
-{
-	unsigned int i, m;
-	unsigned int n;
-	BN_ULONG l;
-	BIGNUM *bn = NULL;
-
-	if (ret == NULL)
-		ret = bn = BN_new();
-	if (ret == NULL)
-		return (NULL);
-	bn_check_top(ret);
-	l = 0;
-	n = len;
-	if (n == 0) {
-		ret->top = 0;
-		return (ret);
-	}
-	i = ((n - 1) / BN_BYTES) + 1;
-	m = ((n - 1) % (BN_BYTES));
-	if (bn_wexpand(ret, (int)i) == NULL) {
-		BN_free(bn);
-		return NULL;
-	}
-	ret->top = i;
-	ret->neg = 0;
-	while (n--) {
-		l = (l << 8L) | *(s++);
-		if (m-- == 0) {
-			ret->d[--i] = l;
-			l = 0;
-			m = BN_BYTES - 1;
-		}
-	}
-	/* need to call this due to clear byte at top if avoiding
-	 * having the top bit set (-ve number) */
-	bn_correct_top(ret);
-	return (ret);
-}
-
-/* ignore negative */
-int
-BN_bn2bin(const BIGNUM *a, unsigned char *to)
-{
-	int n, i;
-	BN_ULONG l;
-
-	bn_check_top(a);
-	n = i=BN_num_bytes(a);
-	while (i--) {
-		l = a->d[i / BN_BYTES];
-		*(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
-	}
-	return (n);
-}
-
-int
-BN_ucmp(const BIGNUM *a, const BIGNUM *b)
-{
-	int i;
-	BN_ULONG t1, t2, *ap, *bp;
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	i = a->top - b->top;
-	if (i != 0)
-		return (i);
-	ap = a->d;
-	bp = b->d;
-	for (i = a->top - 1; i >= 0; i--) {
-		t1 = ap[i];
-		t2 = bp[i];
-		if (t1 != t2)
-			return ((t1 > t2) ? 1 : -1);
-	}
-	return (0);
-}
-
-int
-BN_cmp(const BIGNUM *a, const BIGNUM *b)
-{
-	int i;
-	int gt, lt;
-	BN_ULONG t1, t2;
-
-	if ((a == NULL) || (b == NULL)) {
-		if (a != NULL)
-			return (-1);
-		else if (b != NULL)
-			return (1);
-		else
-			return (0);
-	}
-
-	bn_check_top(a);
-	bn_check_top(b);
-
-	if (a->neg != b->neg) {
-		if (a->neg)
-			return (-1);
-		else
-			return (1);
-	}
-	if (a->neg == 0) {
-		gt = 1;
-		lt = -1;
-	} else {
-		gt = -1;
-		lt = 1;
-	}
-
-	if (a->top > b->top)
-		return (gt);
-	if (a->top < b->top)
-		return (lt);
-	for (i = a->top - 1; i >= 0; i--) {
-		t1 = a->d[i];
-		t2 = b->d[i];
-		if (t1 > t2)
-			return (gt);
-		if (t1 < t2)
-			return (lt);
-	}
-	return (0);
-}
-
-int
-BN_set_bit(BIGNUM *a, int n)
-{
-	int i, j, k;
-
-	if (n < 0)
-		return 0;
-
-	i = n / BN_BITS2;
-	j = n % BN_BITS2;
-	if (a->top <= i) {
-		if (bn_wexpand(a, i + 1) == NULL)
-			return (0);
-		for (k = a->top; k < i + 1; k++)
-			a->d[k] = 0;
-		a->top = i + 1;
-	}
-
-	a->d[i] |= (((BN_ULONG)1) << j);
-	bn_check_top(a);
-	return (1);
-}
-
-int
-BN_clear_bit(BIGNUM *a, int n)
-{
-	int i, j;
-
-	bn_check_top(a);
-	if (n < 0)
-		return 0;
-
-	i = n / BN_BITS2;
-	j = n % BN_BITS2;
-	if (a->top <= i)
-		return (0);
-
-	a->d[i] &= (~(((BN_ULONG)1) << j));
-	bn_correct_top(a);
-	return (1);
-}
-
-int
-BN_is_bit_set(const BIGNUM *a, int n)
-{
-	int i, j;
-
-	bn_check_top(a);
-	if (n < 0)
-		return 0;
-	i = n / BN_BITS2;
-	j = n % BN_BITS2;
-	if (a->top <= i)
-		return 0;
-	return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
-}
-
-int
-BN_mask_bits(BIGNUM *a, int n)
-{
-	int b, w;
-
-	bn_check_top(a);
-	if (n < 0)
-		return 0;
-
-	w = n / BN_BITS2;
-	b = n % BN_BITS2;
-	if (w >= a->top)
-		return 0;
-	if (b == 0)
-		a->top = w;
-	else {
-		a->top = w + 1;
-		a->d[w] &= ~(BN_MASK2 << b);
-	}
-	bn_correct_top(a);
-	return (1);
-}
-
-void
-BN_set_negative(BIGNUM *a, int b)
-{
-	if (b && !BN_is_zero(a))
-		a->neg = 1;
-	else
-		a->neg = 0;
-}
-
-int
-bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
-{
-	int i;
-	BN_ULONG aa, bb;
-
-	aa = a[n - 1];
-	bb = b[n - 1];
-	if (aa != bb)
-		return ((aa > bb) ? 1 : -1);
-	for (i = n - 2; i >= 0; i--) {
-		aa = a[i];
-		bb = b[i];
-		if (aa != bb)
-			return ((aa > bb) ? 1 : -1);
-	}
-	return (0);
-}
-
-/* Here follows a specialised variants of bn_cmp_words().  It has the
-   property of performing the operation on arrays of different sizes.
-   The sizes of those arrays is expressed through cl, which is the
-   common length ( basicall, min(len(a),len(b)) ), and dl, which is the
-   delta between the two lengths, calculated as len(a)-len(b).
-   All lengths are the number of BN_ULONGs...  */
-
-int
-bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
-{
-	int n, i;
-
-	n = cl - 1;
-
-	if (dl < 0) {
-		for (i = dl; i < 0; i++) {
-			if (b[n - i] != 0)
-				return -1; /* a < b */
-		}
-	}
-	if (dl > 0) {
-		for (i = dl; i > 0; i--) {
-			if (a[n + i] != 0)
-				return 1; /* a > b */
-		}
-	}
-	return bn_cmp_words(a, b, cl);
-}
-
-/*
- * Constant-time conditional swap of a and b.
- * a and b are swapped if condition is not 0.  The code assumes that at most one bit of condition is set.
- * nwords is the number of words to swap.  The code assumes that at least nwords are allocated in both a and b,
- * and that no more than nwords are used by either a or b.
- * a and b cannot be the same number
- */
-void
-BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
-{
-	BN_ULONG t;
-	int i;
-
-	bn_wcheck_size(a, nwords);
-	bn_wcheck_size(b, nwords);
-
-	assert(a != b);
-	assert((condition & (condition - 1)) == 0);
-	assert(sizeof(BN_ULONG) >= sizeof(int));
-
-	condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-
-	t = (a->top^b->top) & condition;
-	a->top ^= t;
-	b->top ^= t;
-
-#define BN_CONSTTIME_SWAP(ind) \
-	do { \
-		t = (a->d[ind] ^ b->d[ind]) & condition; \
-		a->d[ind] ^= t; \
-		b->d[ind] ^= t; \
-	} while (0)
-
-
-	switch (nwords) {
-	default:
-		for (i = 10; i < nwords; i++)
-			BN_CONSTTIME_SWAP(i);
-		/* Fallthrough */
-	case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */
-	case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */
-	case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */
-	case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */
-	case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */
-	case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */
-	case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */
-	case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */
-	case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */
-	case 1:
-		BN_CONSTTIME_SWAP(0);
-	}
-#undef BN_CONSTTIME_SWAP
-}
diff --git a/lib/libssl/src/crypto/bn/bn_mod.c b/lib/libssl/src/crypto/bn/bn_mod.c
deleted file mode 100644
index 67bd3541b0c..00000000000
--- a/lib/libssl/src/crypto/bn/bn_mod.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/* $OpenBSD: bn_mod.c,v 1.9 2014/07/12 16:03:36 miod Exp $ */
-/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-int
-BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
-{
-	/* like BN_mod, but returns non-negative remainder
-	 * (i.e.,  0 <= r < |d|  always holds) */
-
-	if (!(BN_mod(r, m,d, ctx)))
-		return 0;
-	if (!r->neg)
-		return 1;
-	/* now   -|d| < r < 0,  so we have to set  r := r + |d| */
-	return (d->neg ? BN_sub : BN_add)(r, r, d);
-}
-
-int
-BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	if (!BN_add(r, a, b))
-		return 0;
-	return BN_nnmod(r, r, m, ctx);
-}
-
-/* BN_mod_add variant that may be used if both  a  and  b  are non-negative
- * and less than  m */
-int
-BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m)
-{
-	if (!BN_uadd(r, a, b))
-		return 0;
-	if (BN_ucmp(r, m) >= 0)
-		return BN_usub(r, r, m);
-	return 1;
-}
-
-int
-BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	if (!BN_sub(r, a, b))
-		return 0;
-	return BN_nnmod(r, r, m, ctx);
-}
-
-/* BN_mod_sub variant that may be used if both  a  and  b  are non-negative
- * and less than  m */
-int
-BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m)
-{
-	if (!BN_sub(r, a, b))
-		return 0;
-	if (r->neg)
-		return BN_add(r, r, m);
-	return 1;
-}
-
-/* slow but works */
-int
-BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
-    BN_CTX *ctx)
-{
-	BIGNUM *t;
-	int ret = 0;
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(m);
-
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (a == b) {
-		if (!BN_sqr(t, a, ctx))
-			goto err;
-	} else {
-		if (!BN_mul(t, a,b, ctx))
-			goto err;
-	}
-	if (!BN_nnmod(r, t,m, ctx))
-		goto err;
-	bn_check_top(r);
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return (ret);
-}
-
-int
-BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-{
-	if (!BN_sqr(r, a, ctx))
-		return 0;
-	/* r->neg == 0,  thus we don't need BN_nnmod */
-	return BN_mod(r, r, m, ctx);
-}
-
-int
-BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
-{
-	if (!BN_lshift1(r, a))
-		return 0;
-	bn_check_top(r);
-	return BN_nnmod(r, r, m, ctx);
-}
-
-/* BN_mod_lshift1 variant that may be used if  a  is non-negative
- * and less than  m */
-int
-BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m)
-{
-	if (!BN_lshift1(r, a))
-		return 0;
-	bn_check_top(r);
-	if (BN_cmp(r, m) >= 0)
-		return BN_sub(r, r, m);
-	return 1;
-}
-
-int
-BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx)
-{
-	BIGNUM *abs_m = NULL;
-	int ret;
-
-	if (!BN_nnmod(r, a, m, ctx))
-		return 0;
-
-	if (m->neg) {
-		abs_m = BN_dup(m);
-		if (abs_m == NULL)
-			return 0;
-		abs_m->neg = 0;
-	}
-
-	ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
-	bn_check_top(r);
-
-	BN_free(abs_m);
-	return ret;
-}
-
-/* BN_mod_lshift variant that may be used if  a  is non-negative
- * and less than  m */
-int
-BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m)
-{
-	if (r != a) {
-		if (BN_copy(r, a) == NULL)
-			return 0;
-	}
-
-	while (n > 0) {
-		int max_shift;
-
-		/* 0 < r < m */
-		max_shift = BN_num_bits(m) - BN_num_bits(r);
-		/* max_shift >= 0 */
-
-		if (max_shift < 0) {
-			BNerr(BN_F_BN_MOD_LSHIFT_QUICK, BN_R_INPUT_NOT_REDUCED);
-			return 0;
-		}
-
-		if (max_shift > n)
-			max_shift = n;
-
-		if (max_shift) {
-			if (!BN_lshift(r, r, max_shift))
-				return 0;
-			n -= max_shift;
-		} else {
-			if (!BN_lshift1(r, r))
-				return 0;
-			--n;
-		}
-
-		/* BN_num_bits(r) <= BN_num_bits(m) */
-
-		if (BN_cmp(r, m) >= 0) {
-			if (!BN_sub(r, r, m))
-				return 0;
-		}
-	}
-	bn_check_top(r);
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_mont.c b/lib/libssl/src/crypto/bn/bn_mont.c
deleted file mode 100644
index 3eb9913a9ed..00000000000
--- a/lib/libssl/src/crypto/bn/bn_mont.c
+++ /dev/null
@@ -1,538 +0,0 @@
-/* $OpenBSD: bn_mont.c,v 1.24 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * Details about Montgomery multiplication algorithms can be found at
- * http://security.ece.orst.edu/publications.html, e.g.
- * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
- * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
- */
-
-#include <stdio.h>
-#include <stdint.h>
-
-#include "bn_lcl.h"
-
-#define MONT_WORD /* use the faster word-based algorithm */
-
-#ifdef MONT_WORD
-static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
-#endif
-
-int
-BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
-    BN_MONT_CTX *mont, BN_CTX *ctx)
-{
-	BIGNUM *tmp;
-	int ret = 0;
-#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
-	int num = mont->N.top;
-
-	if (num > 1 && a->top == num && b->top == num) {
-		if (bn_wexpand(r, num) == NULL)
-			return (0);
-		if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
-			r->neg = a->neg^b->neg;
-			r->top = num;
-			bn_correct_top(r);
-			return (1);
-		}
-	}
-#endif
-
-	BN_CTX_start(ctx);
-	if ((tmp = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	bn_check_top(tmp);
-	if (a == b) {
-		if (!BN_sqr(tmp, a, ctx))
-			goto err;
-	} else {
-		if (!BN_mul(tmp, a,b, ctx))
-			goto err;
-	}
-	/* reduce from aRR to aR */
-#ifdef MONT_WORD
-	if (!BN_from_montgomery_word(r, tmp, mont))
-		goto err;
-#else
-	if (!BN_from_montgomery(r, tmp, mont, ctx))
-		goto err;
-#endif
-	bn_check_top(r);
-	ret = 1;
-err:
-	BN_CTX_end(ctx);
-	return (ret);
-}
-
-#ifdef MONT_WORD
-static int
-BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
-{
-	BIGNUM *n;
-	BN_ULONG *ap, *np, *rp, n0, v, carry;
-	int nl, max, i;
-
-	n = &(mont->N);
-	nl = n->top;
-	if (nl == 0) {
-		ret->top = 0;
-		return (1);
-	}
-
-	max = (2 * nl); /* carry is stored separately */
-	if (bn_wexpand(r, max) == NULL)
-		return (0);
-
-	r->neg ^= n->neg;
-	np = n->d;
-	rp = r->d;
-
-	/* clear the top words of T */
-#if 1
-	for (i=r->top; i<max; i++) /* memset? XXX */
-		rp[i] = 0;
-#else
-	memset(&(rp[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
-#endif
-
-	r->top = max;
-	n0 = mont->n0[0];
-
-#ifdef BN_COUNT
-	fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
-#endif
-	for (carry = 0, i = 0; i < nl; i++, rp++) {
-		v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-		v = (v + carry + rp[nl]) & BN_MASK2;
-		carry |= (v != rp[nl]);
-		carry &= (v <= rp[nl]);
-		rp[nl] = v;
-	}
-
-	if (bn_wexpand(ret, nl) == NULL)
-		return (0);
-	ret->top = nl;
-	ret->neg = r->neg;
-
-	rp = ret->d;
-	ap = &(r->d[nl]);
-
-#define BRANCH_FREE 1
-#if BRANCH_FREE
-	{
-		BN_ULONG *nrp;
-		size_t m;
-
-		v = bn_sub_words(rp, ap, np, nl) - carry;
-		/* if subtraction result is real, then
-		 * trick unconditional memcpy below to perform in-place
-		 * "refresh" instead of actual copy. */
-		m = (0 - (size_t)v);
-		nrp = (BN_ULONG *)(((uintptr_t)rp & ~m)|((uintptr_t)ap & m));
-
-		for (i = 0, nl -= 4; i < nl; i += 4) {
-			BN_ULONG t1, t2, t3, t4;
-
-			t1 = nrp[i + 0];
-			t2 = nrp[i + 1];
-			t3 = nrp[i + 2];
-			ap[i + 0] = 0;
-			t4 = nrp[i + 3];
-			ap[i + 1] = 0;
-			rp[i + 0] = t1;
-			ap[i + 2] = 0;
-			rp[i + 1] = t2;
-			ap[i + 3] = 0;
-			rp[i + 2] = t3;
-			rp[i + 3] = t4;
-		}
-		for (nl += 4; i < nl; i++)
-			rp[i] = nrp[i], ap[i] = 0;
-	}
-#else
-	if (bn_sub_words (rp, ap, np, nl) - carry)
-		memcpy(rp, ap, nl*sizeof(BN_ULONG));
-#endif
-	bn_correct_top(r);
-	bn_correct_top(ret);
-	bn_check_top(ret);
-
-	return (1);
-}
-#endif	/* MONT_WORD */
-
-int
-BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx)
-{
-	int retn = 0;
-#ifdef MONT_WORD
-	BIGNUM *t;
-
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
-		retn = BN_from_montgomery_word(ret, t, mont);
-	BN_CTX_end(ctx);
-#else /* !MONT_WORD */
-	BIGNUM *t1, *t2;
-
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_copy(t1, a))
-		goto err;
-	BN_mask_bits(t1, mont->ri);
-
-	if (!BN_mul(t2, t1, &mont->Ni, ctx))
-		goto err;
-	BN_mask_bits(t2, mont->ri);
-
-	if (!BN_mul(t1, t2, &mont->N, ctx))
-		goto err;
-	if (!BN_add(t2, a, t1))
-		goto err;
-	if (!BN_rshift(ret, t2, mont->ri))
-		goto err;
-
-	if (BN_ucmp(ret, &(mont->N)) >= 0) {
-		if (!BN_usub(ret, ret, &(mont->N)))
-			goto err;
-	}
-	retn = 1;
-	bn_check_top(ret);
-
-err:
-	BN_CTX_end(ctx);
-#endif /* MONT_WORD */
-	return (retn);
-}
-
-BN_MONT_CTX *
-BN_MONT_CTX_new(void)
-{
-	BN_MONT_CTX *ret;
-
-	if ((ret = malloc(sizeof(BN_MONT_CTX))) == NULL)
-		return (NULL);
-
-	BN_MONT_CTX_init(ret);
-	ret->flags = BN_FLG_MALLOCED;
-	return (ret);
-}
-
-void
-BN_MONT_CTX_init(BN_MONT_CTX *ctx)
-{
-	ctx->ri = 0;
-	BN_init(&(ctx->RR));
-	BN_init(&(ctx->N));
-	BN_init(&(ctx->Ni));
-	ctx->n0[0] = ctx->n0[1] = 0;
-	ctx->flags = 0;
-}
-
-void
-BN_MONT_CTX_free(BN_MONT_CTX *mont)
-{
-	if (mont == NULL)
-		return;
-
-	BN_clear_free(&(mont->RR));
-	BN_clear_free(&(mont->N));
-	BN_clear_free(&(mont->Ni));
-	if (mont->flags & BN_FLG_MALLOCED)
-		free(mont);
-}
-
-int
-BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
-{
-	int ret = 0;
-	BIGNUM *Ri, *R;
-
-	BN_CTX_start(ctx);
-	if ((Ri = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	R = &(mont->RR);				/* grab RR as a temp */
-	if (!BN_copy(&(mont->N), mod))
-		 goto err;				/* Set N */
-	mont->N.neg = 0;
-
-#ifdef MONT_WORD
-	{
-		BIGNUM tmod;
-		BN_ULONG buf[2];
-
-		BN_init(&tmod);
-		tmod.d = buf;
-		tmod.dmax = 2;
-		tmod.neg = 0;
-
-		mont->ri = (BN_num_bits(mod) +
-		    (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
-
-#if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
-		/* Only certain BN_BITS2<=32 platforms actually make use of
-		 * n0[1], and we could use the #else case (with a shorter R
-		 * value) for the others.  However, currently only the assembler
-		 * files do know which is which. */
-
-		BN_zero(R);
-		if (!(BN_set_bit(R, 2 * BN_BITS2)))
-			goto err;
-
-		tmod.top = 0;
-		if ((buf[0] = mod->d[0]))
-			tmod.top = 1;
-		if ((buf[1] = mod->top > 1 ? mod->d[1] : 0))
-			tmod.top = 2;
-
-		if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
-			goto err;
-		if (!BN_lshift(Ri, Ri, 2 * BN_BITS2))
-			goto err; /* R*Ri */
-		if (!BN_is_zero(Ri)) {
-			if (!BN_sub_word(Ri, 1))
-				goto err;
-		}
-		else /* if N mod word size == 1 */
-		{
-			if (bn_expand(Ri, (int)sizeof(BN_ULONG) * 2) == NULL)
-				goto err;
-			/* Ri-- (mod double word size) */
-			Ri->neg = 0;
-			Ri->d[0] = BN_MASK2;
-			Ri->d[1] = BN_MASK2;
-			Ri->top = 2;
-		}
-		if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
-			goto err;
-		/* Ni = (R*Ri-1)/N,
-		 * keep only couple of least significant words: */
-		mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
-		mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0;
-#else
-		BN_zero(R);
-		if (!(BN_set_bit(R, BN_BITS2)))
-			goto err;	/* R */
-
-		buf[0] = mod->d[0]; /* tmod = N mod word size */
-		buf[1] = 0;
-		tmod.top = buf[0] != 0 ? 1 : 0;
-		/* Ri = R^-1 mod N*/
-		if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
-			goto err;
-		if (!BN_lshift(Ri, Ri, BN_BITS2))
-			goto err; /* R*Ri */
-		if (!BN_is_zero(Ri)) {
-			if (!BN_sub_word(Ri, 1))
-				goto err;
-		}
-		else /* if N mod word size == 1 */
-		{
-			if (!BN_set_word(Ri, BN_MASK2))
-				goto err;  /* Ri-- (mod word size) */
-		}
-		if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
-			goto err;
-		/* Ni = (R*Ri-1)/N,
-		 * keep only least significant word: */
-		mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
-		mont->n0[1] = 0;
-#endif
-	}
-#else /* !MONT_WORD */
-	{ /* bignum version */
-		mont->ri = BN_num_bits(&mont->N);
-		BN_zero(R);
-		if (!BN_set_bit(R, mont->ri))
-			goto err;  /* R = 2^ri */
-		/* Ri = R^-1 mod N*/
-		if ((BN_mod_inverse(Ri, R, &mont->N, ctx)) == NULL)
-			goto err;
-		if (!BN_lshift(Ri, Ri, mont->ri))
-			goto err; /* R*Ri */
-		if (!BN_sub_word(Ri, 1))
-			goto err;
-		/* Ni = (R*Ri-1) / N */
-		if (!BN_div(&(mont->Ni), NULL, Ri, &mont->N, ctx))
-			goto err;
-	}
-#endif
-
-	/* setup RR for conversions */
-	BN_zero(&(mont->RR));
-	if (!BN_set_bit(&(mont->RR), mont->ri*2))
-		goto err;
-	if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-BN_MONT_CTX *
-BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
-{
-	if (to == from)
-		return (to);
-
-	if (!BN_copy(&(to->RR), &(from->RR)))
-		return NULL;
-	if (!BN_copy(&(to->N), &(from->N)))
-		return NULL;
-	if (!BN_copy(&(to->Ni), &(from->Ni)))
-		return NULL;
-	to->ri = from->ri;
-	to->n0[0] = from->n0[0];
-	to->n0[1] = from->n0[1];
-	return (to);
-}
-
-BN_MONT_CTX *
-BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod,
-    BN_CTX *ctx)
-{
-	int got_write_lock = 0;
-	BN_MONT_CTX *ret;
-
-	CRYPTO_r_lock(lock);
-	if (!*pmont) {
-		CRYPTO_r_unlock(lock);
-		CRYPTO_w_lock(lock);
-		got_write_lock = 1;
-
-		if (!*pmont) {
-			ret = BN_MONT_CTX_new();
-			if (ret && !BN_MONT_CTX_set(ret, mod, ctx))
-				BN_MONT_CTX_free(ret);
-			else
-				*pmont = ret;
-		}
-	}
-
-	ret = *pmont;
-
-	if (got_write_lock)
-		CRYPTO_w_unlock(lock);
-	else
-		CRYPTO_r_unlock(lock);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_mpi.c b/lib/libssl/src/crypto/bn/bn_mpi.c
deleted file mode 100644
index cf4c7d8d244..00000000000
--- a/lib/libssl/src/crypto/bn/bn_mpi.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* $OpenBSD: bn_mpi.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-int
-BN_bn2mpi(const BIGNUM *a, unsigned char *d)
-{
-	int bits;
-	int num = 0;
-	int ext = 0;
-	long l;
-
-	bits = BN_num_bits(a);
-	num = (bits + 7) / 8;
-	if (bits > 0) {
-		ext = ((bits & 0x07) == 0);
-	}
-	if (d == NULL)
-		return (num + 4 + ext);
-
-	l = num + ext;
-	d[0] = (unsigned char)(l >> 24) & 0xff;
-	d[1] = (unsigned char)(l >> 16) & 0xff;
-	d[2] = (unsigned char)(l >> 8) & 0xff;
-	d[3] = (unsigned char)(l) & 0xff;
-	if (ext)
-		d[4] = 0;
-	num = BN_bn2bin(a, &(d[4 + ext]));
-	if (a->neg)
-		d[4] |= 0x80;
-	return (num + 4 + ext);
-}
-
-BIGNUM *
-BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
-{
-	long len;
-	int neg = 0;
-
-	if (n < 4) {
-		BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
-		return (NULL);
-	}
-	len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) |
-	    (int)d[3];
-	if ((len + 4) != n) {
-		BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
-		return (NULL);
-	}
-
-	if (a == NULL)
-		a = BN_new();
-	if (a == NULL)
-		return (NULL);
-
-	if (len == 0) {
-		a->neg = 0;
-		a->top = 0;
-		return (a);
-	}
-	d += 4;
-	if ((*d) & 0x80)
-		neg = 1;
-	if (BN_bin2bn(d, (int)len, a) == NULL)
-		return (NULL);
-	a->neg = neg;
-	if (neg) {
-		BN_clear_bit(a, BN_num_bits(a) - 1);
-	}
-	bn_check_top(a);
-	return (a);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_mul.c b/lib/libssl/src/crypto/bn/bn_mul.c
deleted file mode 100644
index 7794d597077..00000000000
--- a/lib/libssl/src/crypto/bn/bn_mul.c
+++ /dev/null
@@ -1,1171 +0,0 @@
-/* $OpenBSD: bn_mul.c,v 1.20 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef BN_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "bn_lcl.h"
-
-#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
-/* Here follows specialised variants of bn_add_words() and
-   bn_sub_words().  They have the property performing operations on
-   arrays of different sizes.  The sizes of those arrays is expressed through
-   cl, which is the common length ( basicall, min(len(a),len(b)) ), and dl,
-   which is the delta between the two lengths, calculated as len(a)-len(b).
-   All lengths are the number of BN_ULONGs...  For the operations that require
-   a result array as parameter, it must have the length cl+abs(dl).
-   These functions should probably end up in bn_asm.c as soon as there are
-   assembler counterparts for the systems that use assembler files.  */
-
-BN_ULONG
-bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int cl,
-    int dl)
-{
-	BN_ULONG c, t;
-
-	assert(cl >= 0);
-	c = bn_sub_words(r, a, b, cl);
-
-	if (dl == 0)
-		return c;
-
-	r += cl;
-	a += cl;
-	b += cl;
-
-	if (dl < 0) {
-#ifdef BN_COUNT
-		fprintf(stderr,
-		    "  bn_sub_part_words %d + %d (dl < 0, c = %d)\n",
-		    cl, dl, c);
-#endif
-		for (;;) {
-			t = b[0];
-			r[0] = (0 - t - c) & BN_MASK2;
-			if (t != 0)
-				c = 1;
-			if (++dl >= 0)
-				break;
-
-			t = b[1];
-			r[1] = (0 - t - c) & BN_MASK2;
-			if (t != 0)
-				c = 1;
-			if (++dl >= 0)
-				break;
-
-			t = b[2];
-			r[2] = (0 - t - c) & BN_MASK2;
-			if (t != 0)
-				c = 1;
-			if (++dl >= 0)
-				break;
-
-			t = b[3];
-			r[3] = (0 - t - c) & BN_MASK2;
-			if (t != 0)
-				c = 1;
-			if (++dl >= 0)
-				break;
-
-			b += 4;
-			r += 4;
-		}
-	} else {
-		int save_dl = dl;
-#ifdef BN_COUNT
-		fprintf(stderr,
-		    "  bn_sub_part_words %d + %d (dl > 0, c = %d)\n",
-		    cl, dl, c);
-#endif
-		while (c) {
-			t = a[0];
-			r[0] = (t - c) & BN_MASK2;
-			if (t != 0)
-				c = 0;
-			if (--dl <= 0)
-				break;
-
-			t = a[1];
-			r[1] = (t - c) & BN_MASK2;
-			if (t != 0)
-				c = 0;
-			if (--dl <= 0)
-				break;
-
-			t = a[2];
-			r[2] = (t - c) & BN_MASK2;
-			if (t != 0)
-				c = 0;
-			if (--dl <= 0)
-				break;
-
-			t = a[3];
-			r[3] = (t - c) & BN_MASK2;
-			if (t != 0)
-				c = 0;
-			if (--dl <= 0)
-				break;
-
-			save_dl = dl;
-			a += 4;
-			r += 4;
-		}
-		if (dl > 0) {
-#ifdef BN_COUNT
-			fprintf(stderr,
-			    "  bn_sub_part_words %d + %d (dl > 0, c == 0)\n",
-			    cl, dl);
-#endif
-			if (save_dl > dl) {
-				switch (save_dl - dl) {
-				case 1:
-					r[1] = a[1];
-					if (--dl <= 0)
-						break;
-				case 2:
-					r[2] = a[2];
-					if (--dl <= 0)
-						break;
-				case 3:
-					r[3] = a[3];
-					if (--dl <= 0)
-						break;
-				}
-				a += 4;
-				r += 4;
-			}
-		}
-		if (dl > 0) {
-#ifdef BN_COUNT
-			fprintf(stderr,
-			    "  bn_sub_part_words %d + %d (dl > 0, copy)\n",
-			    cl, dl);
-#endif
-			for (;;) {
-				r[0] = a[0];
-				if (--dl <= 0)
-					break;
-				r[1] = a[1];
-				if (--dl <= 0)
-					break;
-				r[2] = a[2];
-				if (--dl <= 0)
-					break;
-				r[3] = a[3];
-				if (--dl <= 0)
-					break;
-
-				a += 4;
-				r += 4;
-			}
-		}
-	}
-	return c;
-}
-#endif
-
-BN_ULONG
-bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b, int cl,
-    int dl)
-{
-	BN_ULONG c, l, t;
-
-	assert(cl >= 0);
-	c = bn_add_words(r, a, b, cl);
-
-	if (dl == 0)
-		return c;
-
-	r += cl;
-	a += cl;
-	b += cl;
-
-	if (dl < 0) {
-		int save_dl = dl;
-#ifdef BN_COUNT
-		fprintf(stderr,
-		    "  bn_add_part_words %d + %d (dl < 0, c = %d)\n",
-		    cl, dl, c);
-#endif
-		while (c) {
-			l = (c + b[0]) & BN_MASK2;
-			c = (l < c);
-			r[0] = l;
-			if (++dl >= 0)
-				break;
-
-			l = (c + b[1]) & BN_MASK2;
-			c = (l < c);
-			r[1] = l;
-			if (++dl >= 0)
-				break;
-
-			l = (c + b[2]) & BN_MASK2;
-			c = (l < c);
-			r[2] = l;
-			if (++dl >= 0)
-				break;
-
-			l = (c + b[3]) & BN_MASK2;
-			c = (l < c);
-			r[3] = l;
-			if (++dl >= 0)
-				break;
-
-			save_dl = dl;
-			b += 4;
-			r += 4;
-		}
-		if (dl < 0) {
-#ifdef BN_COUNT
-			fprintf(stderr,
-			    "  bn_add_part_words %d + %d (dl < 0, c == 0)\n",
-			    cl, dl);
-#endif
-			if (save_dl < dl) {
-				switch (dl - save_dl) {
-				case 1:
-					r[1] = b[1];
-					if (++dl >= 0)
-						break;
-				case 2:
-					r[2] = b[2];
-					if (++dl >= 0)
-						break;
-				case 3:
-					r[3] = b[3];
-					if (++dl >= 0)
-						break;
-				}
-				b += 4;
-				r += 4;
-			}
-		}
-		if (dl < 0) {
-#ifdef BN_COUNT
-			fprintf(stderr,
-			    "  bn_add_part_words %d + %d (dl < 0, copy)\n",
-			    cl, dl);
-#endif
-			for (;;) {
-				r[0] = b[0];
-				if (++dl >= 0)
-					break;
-				r[1] = b[1];
-				if (++dl >= 0)
-					break;
-				r[2] = b[2];
-				if (++dl >= 0)
-					break;
-				r[3] = b[3];
-				if (++dl >= 0)
-					break;
-
-				b += 4;
-				r += 4;
-			}
-		}
-	} else {
-		int save_dl = dl;
-#ifdef BN_COUNT
-		fprintf(stderr,
-		    "  bn_add_part_words %d + %d (dl > 0)\n", cl, dl);
-#endif
-		while (c) {
-			t = (a[0] + c) & BN_MASK2;
-			c = (t < c);
-			r[0] = t;
-			if (--dl <= 0)
-				break;
-
-			t = (a[1] + c) & BN_MASK2;
-			c = (t < c);
-			r[1] = t;
-			if (--dl <= 0)
-				break;
-
-			t = (a[2] + c) & BN_MASK2;
-			c = (t < c);
-			r[2] = t;
-			if (--dl <= 0)
-				break;
-
-			t = (a[3] + c) & BN_MASK2;
-			c = (t < c);
-			r[3] = t;
-			if (--dl <= 0)
-				break;
-
-			save_dl = dl;
-			a += 4;
-			r += 4;
-		}
-#ifdef BN_COUNT
-		fprintf(stderr,
-		    "  bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl, dl);
-#endif
-		if (dl > 0) {
-			if (save_dl > dl) {
-				switch (save_dl - dl) {
-				case 1:
-					r[1] = a[1];
-					if (--dl <= 0)
-						break;
-				case 2:
-					r[2] = a[2];
-					if (--dl <= 0)
-						break;
-				case 3:
-					r[3] = a[3];
-					if (--dl <= 0)
-						break;
-				}
-				a += 4;
-				r += 4;
-			}
-		}
-		if (dl > 0) {
-#ifdef BN_COUNT
-			fprintf(stderr,
-			    "  bn_add_part_words %d + %d (dl > 0, copy)\n",
-			    cl, dl);
-#endif
-			for (;;) {
-				r[0] = a[0];
-				if (--dl <= 0)
-					break;
-				r[1] = a[1];
-				if (--dl <= 0)
-					break;
-				r[2] = a[2];
-				if (--dl <= 0)
-					break;
-				r[3] = a[3];
-				if (--dl <= 0)
-					break;
-
-				a += 4;
-				r += 4;
-			}
-		}
-	}
-	return c;
-}
-
-#ifdef BN_RECURSION
-/* Karatsuba recursive multiplication algorithm
- * (cf. Knuth, The Art of Computer Programming, Vol. 2) */
-
-/* r is 2*n2 words in size,
- * a and b are both n2 words in size.
- * n2 must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n2 words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-/* dnX may not be positive, but n2/2+dnX has to be */
-void
-bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, int dna,
-    int dnb, BN_ULONG *t)
-{
-	int n = n2 / 2, c1, c2;
-	int tna = n + dna, tnb = n + dnb;
-	unsigned int neg, zero;
-	BN_ULONG ln, lo, *p;
-
-# ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_recursive %d%+d * %d%+d\n",n2,dna,n2,dnb);
-# endif
-# ifdef BN_MUL_COMBA
-#  if 0
-	if (n2 == 4) {
-		bn_mul_comba4(r, a, b);
-		return;
-	}
-#  endif
-	/* Only call bn_mul_comba 8 if n2 == 8 and the
-	 * two arrays are complete [steve]
-	 */
-	if (n2 == 8 && dna == 0 && dnb == 0) {
-		bn_mul_comba8(r, a, b);
-		return;
-	}
-# endif /* BN_MUL_COMBA */
-	/* Else do normal multiply */
-	if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
-		bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
-		if ((dna + dnb) < 0)
-			memset(&r[2*n2 + dna + dnb], 0,
-			    sizeof(BN_ULONG) * -(dna + dnb));
-		return;
-	}
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
-	c2 = bn_cmp_part_words(&(b[n]), b,tnb, tnb - n);
-	zero = neg = 0;
-	switch (c1 * 3 + c2) {
-	case -4:
-		bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-		bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-		break;
-	case -3:
-		zero = 1;
-		break;
-	case -2:
-		bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-		bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
-		neg = 1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero = 1;
-		break;
-	case 2:
-		bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
-		bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-		neg = 1;
-		break;
-	case 3:
-		zero = 1;
-		break;
-	case 4:
-		bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
-		bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
-		break;
-	}
-
-# ifdef BN_MUL_COMBA
-	if (n == 4 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba4 could take
-					       extra args to do this well */
-	{
-		if (!zero)
-			bn_mul_comba4(&(t[n2]), t, &(t[n]));
-		else
-			memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
-
-		bn_mul_comba4(r, a, b);
-		bn_mul_comba4(&(r[n2]), &(a[n]), &(b[n]));
-	} else if (n == 8 && dna == 0 && dnb == 0) /* XXX: bn_mul_comba8 could
-						    take extra args to do this
-						    well */
-	{
-		if (!zero)
-			bn_mul_comba8(&(t[n2]), t, &(t[n]));
-		else
-			memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
-
-		bn_mul_comba8(r, a, b);
-		bn_mul_comba8(&(r[n2]), &(a[n]), &(b[n]));
-	} else
-# endif /* BN_MUL_COMBA */
-	{
-		p = &(t[n2 * 2]);
-		if (!zero)
-			bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
-		else
-			memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
-		bn_mul_recursive(r, a, b, n, 0, 0, p);
-		bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
-	}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
-
-	if (neg) /* if t[32] is negative */
-	{
-		c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
-	} else {
-		/* Might have a carry */
-		c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
-	}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-	if (c1) {
-		p = &(r[n + n2]);
-		lo= *p;
-		ln = (lo + c1) & BN_MASK2;
-		*p = ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < (BN_ULONG)c1) {
-			do {
-				p++;
-				lo= *p;
-				ln = (lo + 1) & BN_MASK2;
-				*p = ln;
-			} while (ln == 0);
-		}
-	}
-}
-
-/* n+tn is the word length
- * t needs to be n*4 is size, as does r */
-/* tnX may not be negative but less than n */
-void
-bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n, int tna,
-    int tnb, BN_ULONG *t)
-{
-	int i, j, n2 = n * 2;
-	int c1, c2, neg;
-	BN_ULONG ln, lo, *p;
-
-# ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
-	    n, tna, n, tnb);
-# endif
-	if (n < 8) {
-		bn_mul_normal(r, a, n + tna, b, n + tnb);
-		return;
-	}
-
-	/* r=(a[0]-a[1])*(b[1]-b[0]) */
-	c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
-	c2 = bn_cmp_part_words(&(b[n]), b, tnb, tnb - n);
-	neg = 0;
-	switch (c1 * 3 + c2) {
-	case -4:
-		bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-		bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-		break;
-	case -3:
-		/* break; */
-	case -2:
-		bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
-		bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
-		neg = 1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		/* break; */
-	case 2:
-		bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
-		bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
-		neg = 1;
-		break;
-	case 3:
-		/* break; */
-	case 4:
-		bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
-		bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
-		break;
-	}
-		/* The zero case isn't yet implemented here. The speedup
-		   would probably be negligible. */
-# if 0
-	if (n == 4) {
-		bn_mul_comba4(&(t[n2]), t, &(t[n]));
-		bn_mul_comba4(r, a, b);
-		bn_mul_normal(&(r[n2]), &(a[n]), tn, &(b[n]), tn);
-		memset(&(r[n2 + tn * 2]), 0, sizeof(BN_ULONG) * (n2 - tn * 2));
-	} else
-# endif
-		if (n == 8) {
-		bn_mul_comba8(&(t[n2]), t, &(t[n]));
-		bn_mul_comba8(r, a, b);
-		bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
-		memset(&(r[n2 + tna + tnb]), 0,
-		    sizeof(BN_ULONG) * (n2 - tna - tnb));
-	} else {
-		p = &(t[n2*2]);
-		bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
-		bn_mul_recursive(r, a, b, n, 0, 0, p);
-		i = n / 2;
-		/* If there is only a bottom half to the number,
-		 * just do it */
-		if (tna > tnb)
-			j = tna - i;
-		else
-			j = tnb - i;
-		if (j == 0) {
-			bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]),
-			    i, tna - i, tnb - i, p);
-			memset(&(r[n2 + i * 2]), 0,
-			    sizeof(BN_ULONG) * (n2 - i * 2));
-		}
-		else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */
-		{
-			bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]),
-			    i, tna - i, tnb - i, p);
-			memset(&(r[n2 + tna + tnb]), 0,
-			    sizeof(BN_ULONG) * (n2 - tna - tnb));
-		}
-		else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
-		{
-			memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
-			if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL &&
-			    tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
-				bn_mul_normal(&(r[n2]), &(a[n]), tna,
-				    &(b[n]), tnb);
-			} else {
-				for (;;) {
-					i /= 2;
-					/* these simplified conditions work
-					 * exclusively because difference
-					 * between tna and tnb is 1 or 0 */
-					if (i < tna || i < tnb) {
-						bn_mul_part_recursive(&(r[n2]),
-						    &(a[n]), &(b[n]), i,
-						    tna - i, tnb - i, p);
-						break;
-					} else if (i == tna || i == tnb) {
-						bn_mul_recursive(&(r[n2]),
-						    &(a[n]), &(b[n]), i,
-						    tna - i, tnb - i, p);
-						break;
-					}
-				}
-			}
-		}
-	}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1 = (int)(bn_add_words(t, r,&(r[n2]), n2));
-
-	if (neg) /* if t[32] is negative */
-	{
-		c1 -= (int)(bn_sub_words(&(t[n2]), t,&(t[n2]), n2));
-	} else {
-		/* Might have a carry */
-		c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
-	}
-
-	/* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 * c1 holds the carry bits
-	 */
-	c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-	if (c1) {
-		p = &(r[n + n2]);
-		lo= *p;
-		ln = (lo + c1)&BN_MASK2;
-		*p = ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < (BN_ULONG)c1) {
-			do {
-				p++;
-				lo= *p;
-				ln = (lo + 1) & BN_MASK2;
-				*p = ln;
-			} while (ln == 0);
-		}
-	}
-}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- */
-void
-bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, BN_ULONG *t)
-{
-	int n = n2 / 2;
-
-# ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_low_recursive %d * %d\n",n2,n2);
-# endif
-
-	bn_mul_recursive(r, a, b, n, 0, 0, &(t[0]));
-	if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) {
-		bn_mul_low_recursive(&(t[0]), &(a[0]), &(b[n]), n, &(t[n2]));
-		bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-		bn_mul_low_recursive(&(t[0]), &(a[n]), &(b[0]), n, &(t[n2]));
-		bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-	} else {
-		bn_mul_low_normal(&(t[0]), &(a[0]), &(b[n]), n);
-		bn_mul_low_normal(&(t[n]), &(a[n]), &(b[0]), n);
-		bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
-		bn_add_words(&(r[n]), &(r[n]), &(t[n]), n);
-	}
-}
-
-/* a and b must be the same size, which is n2.
- * r needs to be n2 words and t needs to be n2*2
- * l is the low words of the output.
- * t needs to be n2*3
- */
-void
-bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
-    BN_ULONG *t)
-{
-	int i, n;
-	int c1, c2;
-	int neg, oneg, zero;
-	BN_ULONG ll, lc, *lp, *mp;
-
-# ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_high %d * %d\n",n2,n2);
-# endif
-	n = n2 / 2;
-
-	/* Calculate (al-ah)*(bh-bl) */
-	neg = zero = 0;
-	c1 = bn_cmp_words(&(a[0]), &(a[n]), n);
-	c2 = bn_cmp_words(&(b[n]), &(b[0]), n);
-	switch (c1 * 3 + c2) {
-	case -4:
-		bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
-		bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
-		break;
-	case -3:
-		zero = 1;
-		break;
-	case -2:
-		bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
-		bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
-		neg = 1;
-		break;
-	case -1:
-	case 0:
-	case 1:
-		zero = 1;
-		break;
-	case 2:
-		bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
-		bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
-		neg = 1;
-		break;
-	case 3:
-		zero = 1;
-		break;
-	case 4:
-		bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
-		bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
-		break;
-	}
-
-	oneg = neg;
-	/* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
-	/* r[10] = (a[1]*b[1]) */
-# ifdef BN_MUL_COMBA
-	if (n == 8) {
-		bn_mul_comba8(&(t[0]), &(r[0]), &(r[n]));
-		bn_mul_comba8(r, &(a[n]), &(b[n]));
-	} else
-# endif
-	{
-		bn_mul_recursive(&(t[0]), &(r[0]), &(r[n]), n, 0, 0, &(t[n2]));
-		bn_mul_recursive(r, &(a[n]), &(b[n]), n, 0, 0, &(t[n2]));
-	}
-
-	/* s0 == low(al*bl)
-	 * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
-	 * We know s0 and s1 so the only unknown is high(al*bl)
-	 * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
-	 * high(al*bl) == s1 - (r[0]+l[0]+t[0])
-	 */
-	if (l != NULL) {
-		lp = &(t[n2 + n]);
-		c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n));
-	} else {
-		c1 = 0;
-		lp = &(r[0]);
-	}
-
-	if (neg)
-		neg = (int)(bn_sub_words(&(t[n2]), lp, &(t[0]), n));
-	else {
-		bn_add_words(&(t[n2]), lp, &(t[0]), n);
-		neg = 0;
-	}
-
-	if (l != NULL) {
-		bn_sub_words(&(t[n2 + n]), &(l[n]), &(t[n2]), n);
-	} else {
-		lp = &(t[n2 + n]);
-		mp = &(t[n2]);
-		for (i = 0; i < n; i++)
-			lp[i] = ((~mp[i]) + 1) & BN_MASK2;
-	}
-
-	/* s[0] = low(al*bl)
-	 * t[3] = high(al*bl)
-	 * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
-	 * r[10] = (a[1]*b[1])
-	 */
-	/* R[10] = al*bl
-	 * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
-	 * R[32] = ah*bh
-	 */
-	/* R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
-	 * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
-	 * R[3]=r[1]+(carry/borrow)
-	 */
-	if (l != NULL) {
-		lp = &(t[n2]);
-		c1 = (int)(bn_add_words(lp, &(t[n2 + n]), &(l[0]), n));
-	} else {
-		lp = &(t[n2 + n]);
-		c1 = 0;
-	}
-	c1 += (int)(bn_add_words(&(t[n2]), lp, &(r[0]), n));
-	if (oneg)
-		c1 -= (int)(bn_sub_words(&(t[n2]), &(t[n2]), &(t[0]), n));
-	else
-		c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), &(t[0]), n));
-
-	c2 = (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n2 + n]), n));
-	c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(r[n]), n));
-	if (oneg)
-		c2 -= (int)(bn_sub_words(&(r[0]), &(r[0]), &(t[n]), n));
-	else
-		c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n]), n));
-
-	if (c1 != 0) /* Add starting at r[0], could be +ve or -ve */
-	{
-		i = 0;
-		if (c1 > 0) {
-			lc = c1;
-			do {
-				ll = (r[i] + lc) & BN_MASK2;
-				r[i++] = ll;
-				lc = (lc > ll);
-			} while (lc);
-		} else {
-			lc = -c1;
-			do {
-				ll = r[i];
-				r[i++] = (ll - lc) & BN_MASK2;
-				lc = (lc > ll);
-			} while (lc);
-		}
-	}
-	if (c2 != 0) /* Add starting at r[1] */
-	{
-		i = n;
-		if (c2 > 0) {
-			lc = c2;
-			do {
-				ll = (r[i] + lc) & BN_MASK2;
-				r[i++] = ll;
-				lc = (lc > ll);
-			} while (lc);
-		} else {
-			lc = -c2;
-			do {
-				ll = r[i];
-				r[i++] = (ll - lc) & BN_MASK2;
-				lc = (lc > ll);
-			} while (lc);
-		}
-	}
-}
-#endif /* BN_RECURSION */
-
-int
-BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-	int ret = 0;
-	int top, al, bl;
-	BIGNUM *rr;
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-	int i;
-#endif
-#ifdef BN_RECURSION
-	BIGNUM *t = NULL;
-	int j = 0, k;
-#endif
-
-#ifdef BN_COUNT
-	fprintf(stderr, "BN_mul %d * %d\n",a->top,b->top);
-#endif
-
-	bn_check_top(a);
-	bn_check_top(b);
-	bn_check_top(r);
-
-	al = a->top;
-	bl = b->top;
-
-	if ((al == 0) || (bl == 0)) {
-		BN_zero(r);
-		return (1);
-	}
-	top = al + bl;
-
-	BN_CTX_start(ctx);
-	if ((r == a) || (r == b)) {
-		if ((rr = BN_CTX_get(ctx)) == NULL)
-			goto err;
-	} else
-		rr = r;
-	rr->neg = a->neg ^ b->neg;
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-	i = al - bl;
-#endif
-#ifdef BN_MUL_COMBA
-	if (i == 0) {
-# if 0
-		if (al == 4) {
-			if (bn_wexpand(rr, 8) == NULL)
-				goto err;
-			rr->top = 8;
-			bn_mul_comba4(rr->d, a->d, b->d);
-			goto end;
-		}
-# endif
-		if (al == 8) {
-			if (bn_wexpand(rr, 16) == NULL)
-				goto err;
-			rr->top = 16;
-			bn_mul_comba8(rr->d, a->d, b->d);
-			goto end;
-		}
-	}
-#endif /* BN_MUL_COMBA */
-#ifdef BN_RECURSION
-	if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {
-		if (i >= -1 && i <= 1) {
-			/* Find out the power of two lower or equal
-			   to the longest of the two numbers */
-			if (i >= 0) {
-				j = BN_num_bits_word((BN_ULONG)al);
-			}
-			if (i == -1) {
-				j = BN_num_bits_word((BN_ULONG)bl);
-			}
-			j = 1 << (j - 1);
-			assert(j <= al || j <= bl);
-			k = j + j;
-			if ((t = BN_CTX_get(ctx)) == NULL)
-				goto err;
-			if (al > j || bl > j) {
-				if (bn_wexpand(t, k * 4) == NULL)
-					goto err;
-				if (bn_wexpand(rr, k * 4) == NULL)
-					goto err;
-				bn_mul_part_recursive(rr->d, a->d, b->d,
-				    j, al - j, bl - j, t->d);
-			}
-			else	/* al <= j || bl <= j */
-			{
-				if (bn_wexpand(t, k * 2) == NULL)
-					goto err;
-				if (bn_wexpand(rr, k * 2) == NULL)
-					goto err;
-				bn_mul_recursive(rr->d, a->d, b->d,
-				    j, al - j, bl - j, t->d);
-			}
-			rr->top = top;
-			goto end;
-		}
-#if 0
-		if (i == 1 && !BN_get_flags(b, BN_FLG_STATIC_DATA)) {
-			BIGNUM *tmp_bn = (BIGNUM *)b;
-			if (bn_wexpand(tmp_bn, al) == NULL)
-				goto err;
-			tmp_bn->d[bl] = 0;
-			bl++;
-			i--;
-		} else if (i == -1 && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
-			BIGNUM *tmp_bn = (BIGNUM *)a;
-			if (bn_wexpand(tmp_bn, bl) == NULL)
-				goto err;
-			tmp_bn->d[al] = 0;
-			al++;
-			i++;
-		}
-		if (i == 0) {
-			/* symmetric and > 4 */
-			/* 16 or larger */
-			j = BN_num_bits_word((BN_ULONG)al);
-			j = 1 << (j - 1);
-			k = j + j;
-			if ((t = BN_CTX_get(ctx)) == NULL)
-				goto err;
-			if (al == j) /* exact multiple */
-			{
-				if (bn_wexpand(t, k * 2) == NULL)
-					goto err;
-				if (bn_wexpand(rr, k * 2) == NULL)
-					goto err;
-				bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
-			} else {
-				if (bn_wexpand(t, k * 4) == NULL)
-					goto err;
-				if (bn_wexpand(rr, k * 4) == NULL)
-					goto err;
-				bn_mul_part_recursive(rr->d, a->d, b->d,
-				    al - j, j, t->d);
-			}
-			rr->top = top;
-			goto end;
-		}
-#endif
-	}
-#endif /* BN_RECURSION */
-	if (bn_wexpand(rr, top) == NULL)
-		goto err;
-	rr->top = top;
-	bn_mul_normal(rr->d, a->d, al, b->d, bl);
-
-#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
-end:
-#endif
-	bn_correct_top(rr);
-	if (r != rr)
-		BN_copy(r, rr);
-	ret = 1;
-err:
-	bn_check_top(r);
-	BN_CTX_end(ctx);
-	return (ret);
-}
-
-void
-bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
-{
-	BN_ULONG *rr;
-
-#ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_normal %d * %d\n", na, nb);
-#endif
-
-	if (na < nb) {
-		int itmp;
-		BN_ULONG *ltmp;
-
-		itmp = na;
-		na = nb;
-		nb = itmp;
-		ltmp = a;
-		a = b;
-		b = ltmp;
-
-	}
-	rr = &(r[na]);
-	if (nb <= 0) {
-		(void)bn_mul_words(r, a, na, 0);
-		return;
-	} else
-		rr[0] = bn_mul_words(r, a, na, b[0]);
-
-	for (;;) {
-		if (--nb <= 0)
-			return;
-		rr[1] = bn_mul_add_words(&(r[1]), a, na, b[1]);
-		if (--nb <= 0)
-			return;
-		rr[2] = bn_mul_add_words(&(r[2]), a, na, b[2]);
-		if (--nb <= 0)
-			return;
-		rr[3] = bn_mul_add_words(&(r[3]), a, na, b[3]);
-		if (--nb <= 0)
-			return;
-		rr[4] = bn_mul_add_words(&(r[4]), a, na, b[4]);
-		rr += 4;
-		r += 4;
-		b += 4;
-	}
-}
-
-void
-bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
-{
-#ifdef BN_COUNT
-	fprintf(stderr, " bn_mul_low_normal %d * %d\n", n, n);
-#endif
-	bn_mul_words(r, a, n, b[0]);
-
-	for (;;) {
-		if (--n <= 0)
-			return;
-		bn_mul_add_words(&(r[1]), a, n, b[1]);
-		if (--n <= 0)
-			return;
-		bn_mul_add_words(&(r[2]), a, n, b[2]);
-		if (--n <= 0)
-			return;
-		bn_mul_add_words(&(r[3]), a, n, b[3]);
-		if (--n <= 0)
-			return;
-		bn_mul_add_words(&(r[4]), a, n, b[4]);
-		r += 4;
-		b += 4;
-	}
-}
diff --git a/lib/libssl/src/crypto/bn/bn_nist.c b/lib/libssl/src/crypto/bn/bn_nist.c
deleted file mode 100644
index b16584d6b97..00000000000
--- a/lib/libssl/src/crypto/bn/bn_nist.c
+++ /dev/null
@@ -1,1273 +0,0 @@
-/* $OpenBSD: bn_nist.c,v 1.18 2016/07/18 01:04:52 bcook Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <machine/endian.h>
-
-#include <stdint.h>
-#include <string.h>
-
-#include "bn_lcl.h"
-
-#define BN_NIST_192_TOP	(192+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_224_TOP	(224+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_256_TOP	(256+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_384_TOP	(384+BN_BITS2-1)/BN_BITS2
-#define BN_NIST_521_TOP	(521+BN_BITS2-1)/BN_BITS2
-
-/* pre-computed tables are "carry-less" values of modulus*(i+1) */
-#if BN_BITS2 == 64
-static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
-	{0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL},
-	{0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL},
-	{0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL}
-};
-static const BN_ULONG _nist_p_192_sqr[] = {
-	0x0000000000000001ULL, 0x0000000000000002ULL, 0x0000000000000001ULL,
-	0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL
-};
-static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
-	{
-		0x0000000000000001ULL, 0xFFFFFFFF00000000ULL,
-		0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL
-	},
-	{
-		0x0000000000000002ULL, 0xFFFFFFFE00000000ULL,
-		0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFFULL
-	} /* this one is "carry-full" */
-};
-static const BN_ULONG _nist_p_224_sqr[] = {
-	0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
-	0xFFFFFFFFFFFFFFFFULL, 0x0000000200000000ULL,
-	0x0000000000000000ULL, 0xFFFFFFFFFFFFFFFEULL,
-	0xFFFFFFFFFFFFFFFFULL
-};
-static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
-	{
-		0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL,
-		0x0000000000000000ULL, 0xFFFFFFFF00000001ULL
-	},
-	{
-		0xFFFFFFFFFFFFFFFEULL, 0x00000001FFFFFFFFULL,
-		0x0000000000000000ULL, 0xFFFFFFFE00000002ULL
-	},
-	{
-		0xFFFFFFFFFFFFFFFDULL, 0x00000002FFFFFFFFULL,
-		0x0000000000000000ULL, 0xFFFFFFFD00000003ULL
-	},
-	{
-		0xFFFFFFFFFFFFFFFCULL, 0x00000003FFFFFFFFULL,
-		0x0000000000000000ULL, 0xFFFFFFFC00000004ULL
-	},
-	{
-		0xFFFFFFFFFFFFFFFBULL, 0x00000004FFFFFFFFULL,
-		0x0000000000000000ULL, 0xFFFFFFFB00000005ULL
-	},
-};
-static const BN_ULONG _nist_p_256_sqr[] = {
-	0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
-	0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFEULL,
-	0x00000001FFFFFFFEULL, 0x00000001FFFFFFFEULL,
-	0xFFFFFFFE00000001ULL, 0xFFFFFFFE00000002ULL
-};
-static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
-	{
-		0x00000000FFFFFFFFULL, 0xFFFFFFFF00000000ULL,
-		0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL,
-		0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-	},
-	{
-		0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL,
-		0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL,
-		0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-	},
-	{
-		0x00000002FFFFFFFDULL, 0xFFFFFFFD00000000ULL,
-		0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL,
-		0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-	},
-	{
-		0x00000003FFFFFFFCULL, 0xFFFFFFFC00000000ULL,
-		0xFFFFFFFFFFFFFFFBULL, 0xFFFFFFFFFFFFFFFFULL,
-		0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-	},
-	{
-		0x00000004FFFFFFFBULL, 0xFFFFFFFB00000000ULL,
-		0xFFFFFFFFFFFFFFFAULL, 0xFFFFFFFFFFFFFFFFULL,
-		0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-	},
-};
-static const BN_ULONG _nist_p_384_sqr[] = {
-	0xFFFFFFFE00000001ULL, 0x0000000200000000ULL, 0xFFFFFFFE00000000ULL,
-	0x0000000200000000ULL, 0x0000000000000001ULL, 0x0000000000000000ULL,
-	0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
-};
-static const BN_ULONG _nist_p_521[] = {
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0x00000000000001FFULL
-};
-static const BN_ULONG _nist_p_521_sqr[] = {
-	0x0000000000000001ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
-	0x0000000000000000ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
-	0x0000000000000000ULL, 0x0000000000000000ULL, 0xFFFFFFFFFFFFFC00ULL,
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-	0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
-	0xFFFFFFFFFFFFFFFFULL, 0x000000000003FFFFULL
-};
-#elif BN_BITS2 == 32
-static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
-	{
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFC, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF
-	}
-};
-static const BN_ULONG _nist_p_192_sqr[] = {
-	0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001, 0x00000000,
-	0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-};
-static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
-	{
-		0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	}
-};
-static const BN_ULONG _nist_p_224_sqr[] = {
-	0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
-	0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000002,
-	0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF
-};
-static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
-	{
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
-		0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001,
-		0x00000000, 0x00000000, 0x00000002, 0xFFFFFFFE
-	},
-	{
-		0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000002,
-		0x00000000, 0x00000000, 0x00000003, 0xFFFFFFFD
-	},
-	{
-		0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000003,
-		0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFC
-	},
-	{
-		0xFFFFFFFB, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000004,
-		0x00000000, 0x00000000, 0x00000005, 0xFFFFFFFB
-	},
-};
-static const BN_ULONG _nist_p_256_sqr[] = {
-	0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001,
-	0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001,
-	0x00000001, 0xFFFFFFFE, 0x00000002, 0xFFFFFFFE
-};
-static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
-	{
-		0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF,
-		0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE,
-		0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFD, 0x00000002, 0x00000000, 0xFFFFFFFD,
-		0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFC, 0x00000003, 0x00000000, 0xFFFFFFFC,
-		0xFFFFFFFB, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-	{
-		0xFFFFFFFB, 0x00000004, 0x00000000, 0xFFFFFFFB,
-		0xFFFFFFFA, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-		0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-	},
-};
-static const BN_ULONG _nist_p_384_sqr[] = {
-	0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, 0xFFFFFFFE,
-	0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000,
-	0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
-};
-static const BN_ULONG _nist_p_521[] = {
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-	0xFFFFFFFF, 0x000001FF
-};
-static const BN_ULONG _nist_p_521_sqr[] = {
-	0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-	0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-	0x00000000, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFC00, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-	0xFFFFFFFF, 0xFFFFFFFF, 0x0003FFFF
-};
-#else
-#error "unsupported BN_BITS2"
-#endif
-
-static const BIGNUM _bignum_nist_p_192 = {
-	(BN_ULONG *)_nist_p_192[0],
-	BN_NIST_192_TOP,
-	BN_NIST_192_TOP,
-	0,
-	BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_224 = {
-	(BN_ULONG *)_nist_p_224[0],
-	BN_NIST_224_TOP,
-	BN_NIST_224_TOP,
-	0,
-	BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_256 = {
-	(BN_ULONG *)_nist_p_256[0],
-	BN_NIST_256_TOP,
-	BN_NIST_256_TOP,
-	0,
-	BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_384 = {
-	(BN_ULONG *)_nist_p_384[0],
-	BN_NIST_384_TOP,
-	BN_NIST_384_TOP,
-	0,
-	BN_FLG_STATIC_DATA
-};
-
-static const BIGNUM _bignum_nist_p_521 = {
-	(BN_ULONG *)_nist_p_521,
-	BN_NIST_521_TOP,
-	BN_NIST_521_TOP,
-	0,
-	BN_FLG_STATIC_DATA
-};
-
-
-const BIGNUM *
-BN_get0_nist_prime_192(void)
-{
-	return &_bignum_nist_p_192;
-}
-
-const BIGNUM *
-BN_get0_nist_prime_224(void)
-{
-	return &_bignum_nist_p_224;
-}
-
-const BIGNUM *
-BN_get0_nist_prime_256(void)
-{
-	return &_bignum_nist_p_256;
-}
-
-const BIGNUM *
-BN_get0_nist_prime_384(void)
-{
-	return &_bignum_nist_p_384;
-}
-
-const BIGNUM *
-BN_get0_nist_prime_521(void)
-{
-	return &_bignum_nist_p_521;
-}
-
-static void
-nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
-{
-	int i;
-
-#ifdef BN_DEBUG
-	OPENSSL_assert(top <= max);
-#endif
-	for (i = 0; i < top; i++)
-		dst[i] = src[i];
-	for (; i < max; i++)
-		dst[i] = 0;
-}
-
-static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
-{
-	int i;
-
-	for (i = 0; i < top; i++)
-		dst[i] = src[i];
-}
-
-#if BN_BITS2 == 64
-#define bn_cp_64(to, n, from, m)	(to)[n] = (m>=0)?((from)[m]):0;
-#define bn_64_set_0(to, n)		(to)[n] = (BN_ULONG)0;
-/*
- * two following macros are implemented under assumption that they
- * are called in a sequence with *ascending* n, i.e. as they are...
- */
-#define bn_cp_32_naked(to, n, from, m)	(((n)&1)?(to[(n)/2]|=((m)&1)?(from[(m)/2]&BN_MASK2h):(from[(m)/2]<<32))\
-						:(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
-#define bn_32_set_0(to, n)		(((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
-#define bn_cp_32(to,n,from,m)		((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
-# if BYTE_ORDER == LITTLE_ENDIAN
-#  if defined(_LP64)
-#   define NIST_INT64 long
-#  else
-#   define NIST_INT64 long long
-#  endif
-# endif
-#else
-#define bn_cp_64(to, n, from, m) \
-	{ \
-	bn_cp_32(to, (n)*2, from, (m)*2); \
-	bn_cp_32(to, (n)*2+1, from, (m)*2+1); \
-	}
-#define bn_64_set_0(to, n) \
-	{ \
-	bn_32_set_0(to, (n)*2); \
-	bn_32_set_0(to, (n)*2+1); \
-	}
-#define bn_cp_32(to, n, from, m)	(to)[n] = (m>=0)?((from)[m]):0;
-#define bn_32_set_0(to, n)		(to)[n] = (BN_ULONG)0;
-# if defined(BN_LLONG)
-#  define NIST_INT64 long long
-# endif
-#endif /* BN_BITS2 != 64 */
-
-#define nist_set_192(to, from, a1, a2, a3) \
-	{ \
-	bn_cp_64(to, 0, from, (a3) - 3) \
-	bn_cp_64(to, 1, from, (a2) - 3) \
-	bn_cp_64(to, 2, from, (a1) - 3) \
-	}
-
-int
-BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)
-{
-	int top = a->top, i;
-	int carry;
-	BN_ULONG *r_d, *a_d = a->d;
-	union {
-		BN_ULONG bn[BN_NIST_192_TOP];
-		unsigned int ui[BN_NIST_192_TOP *
-		    sizeof(BN_ULONG) / sizeof(unsigned int)];
-	} buf;
-	BN_ULONG c_d[BN_NIST_192_TOP], *res;
-	uintptr_t mask;
-	static const BIGNUM _bignum_nist_p_192_sqr = {
-		(BN_ULONG *)_nist_p_192_sqr,
-		sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
-		sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
-		0,
-		BN_FLG_STATIC_DATA
-	};
-
-	field = &_bignum_nist_p_192; /* just to make sure */
-
-	if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_192_sqr) >= 0)
-		return BN_nnmod(r, a, field, ctx);
-
-	i = BN_ucmp(field, a);
-	if (i == 0) {
-		BN_zero(r);
-		return 1;
-	} else if (i > 0)
-		return (r == a) ? 1 : (BN_copy(r , a) != NULL);
-
-	if (r != a) {
-		if (!bn_wexpand(r, BN_NIST_192_TOP))
-			return 0;
-		r_d = r->d;
-		nist_cp_bn(r_d, a_d, BN_NIST_192_TOP);
-	} else
-		r_d = a_d;
-
-	nist_cp_bn_0(buf.bn, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP,
-	    BN_NIST_192_TOP);
-
-#if defined(NIST_INT64)
-	{
-		NIST_INT64 acc;	/* accumulator */
-		unsigned int *rp = (unsigned int *)r_d;
-		const unsigned int *bp = (const unsigned int *)buf.ui;
-
-		acc = rp[0];
-		acc += bp[3 * 2 - 6];
-		acc += bp[5 * 2 - 6];
-		rp[0] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[1];
-		acc += bp[3 * 2 - 5];
-		acc += bp[5 * 2 - 5];
-		rp[1] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[2];
-		acc += bp[3 * 2 - 6];
-		acc += bp[4 * 2 - 6];
-		acc += bp[5 * 2 - 6];
-		rp[2] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[3];
-		acc += bp[3 * 2 - 5];
-		acc += bp[4 * 2 - 5];
-		acc += bp[5 * 2 - 5];
-		rp[3] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[4];
-		acc += bp[4 * 2 - 6];
-		acc += bp[5 * 2 - 6];
-		rp[4] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[5];
-		acc += bp[4 * 2 - 5];
-		acc += bp[5 * 2 - 5];
-		rp[5] = (unsigned int)acc;
-
-		carry = (int)(acc >> 32);
-	}
-#else
-	{
-		BN_ULONG t_d[BN_NIST_192_TOP] = {0};
-
-		nist_set_192(t_d, buf.bn, 0, 3, 3);
-		carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-		nist_set_192(t_d, buf.bn, 4, 4, 0);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-		nist_set_192(t_d, buf.bn, 5, 5, 5)
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
-	}
-#endif
-	if (carry > 0)
-		carry = (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
-		    BN_NIST_192_TOP);
-	else
-		carry = 1;
-
-	/*
-	 * we need 'if (carry==0 || result>=modulus) result-=modulus;'
-	 * as comparison implies subtraction, we can write
-	 * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
-	 * this is what happens below, but without explicit if:-) a.
-	 */
-	mask = 0 - (uintptr_t)bn_sub_words(c_d, r_d, _nist_p_192[0],
-	    BN_NIST_192_TOP);
-	mask &= 0 - (uintptr_t)carry;
-	res = c_d;
-	res = (BN_ULONG *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));
-	nist_cp_bn(r_d, res, BN_NIST_192_TOP);
-	r->top = BN_NIST_192_TOP;
-	bn_correct_top(r);
-
-	return 1;
-}
-
-typedef BN_ULONG (*bn_addsub_f)(BN_ULONG *, const BN_ULONG *,
-    const BN_ULONG *, int);
-
-#define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \
-	{ \
-	bn_cp_32(to, 0, from, (a7) - 7) \
-	bn_cp_32(to, 1, from, (a6) - 7) \
-	bn_cp_32(to, 2, from, (a5) - 7) \
-	bn_cp_32(to, 3, from, (a4) - 7) \
-	bn_cp_32(to, 4, from, (a3) - 7) \
-	bn_cp_32(to, 5, from, (a2) - 7) \
-	bn_cp_32(to, 6, from, (a1) - 7) \
-	}
-
-int
-BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)
-{
-	int top = a->top, i;
-	int carry;
-	BN_ULONG *r_d, *a_d = a->d;
-	union {
-		BN_ULONG bn[BN_NIST_224_TOP];
-		unsigned int ui[BN_NIST_224_TOP *
-		    sizeof(BN_ULONG) / sizeof(unsigned int)];
-	} buf;
-	BN_ULONG c_d[BN_NIST_224_TOP], *res;
-	uintptr_t mask;
-	union {
-		bn_addsub_f f;
-		uintptr_t p;
-	} u;
-	static const BIGNUM _bignum_nist_p_224_sqr = {
-		(BN_ULONG *)_nist_p_224_sqr,
-		sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
-		sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
-		0,
-		BN_FLG_STATIC_DATA
-	};
-
-	field = &_bignum_nist_p_224; /* just to make sure */
-
-	if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_224_sqr) >= 0)
-		return BN_nnmod(r, a, field, ctx);
-
-	i = BN_ucmp(field, a);
-	if (i == 0) {
-		BN_zero(r);
-		return 1;
-	} else if (i > 0)
-		return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-	if (r != a) {
-		if (!bn_wexpand(r, BN_NIST_224_TOP))
-			return 0;
-		r_d = r->d;
-		nist_cp_bn(r_d, a_d, BN_NIST_224_TOP);
-	} else
-		r_d = a_d;
-
-	memset(&buf, 0, sizeof(buf));
-
-#if BN_BITS2==64
-	/* copy upper 256 bits of 448 bit number ... */
-	nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP - 1),
-	    top - (BN_NIST_224_TOP - 1), BN_NIST_224_TOP);
-	/* ... and right shift by 32 to obtain upper 224 bits */
-	nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
-	/* truncate lower part to 224 bits too */
-	r_d[BN_NIST_224_TOP - 1] &= BN_MASK2l;
-#else
-	nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP,
-	    top - BN_NIST_224_TOP, BN_NIST_224_TOP);
-#endif
-
-#if defined(NIST_INT64) && BN_BITS2!=64
-	{
-		NIST_INT64 acc;	/* accumulator */
-		unsigned int *rp = (unsigned int *)r_d;
-		const unsigned int *bp = (const unsigned int *)buf.ui;
-
-		acc = rp[0];
-		acc -= bp[7 - 7];
-		acc -= bp[11 - 7];
-		rp[0] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[1];
-		acc -= bp[8 - 7];
-		acc -= bp[12 - 7];
-		rp[1] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[2];
-		acc -= bp[9 - 7];
-		acc -= bp[13 - 7];
-		rp[2] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[3];
-		acc += bp[7 - 7];
-		acc += bp[11 - 7];
-		acc -= bp[10 - 7];
-		rp[3] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[4];
-		acc += bp[8 - 7];
-		acc += bp[12 - 7];
-		acc -= bp[11 - 7];
-		rp[4] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[5];
-		acc += bp[9 - 7];
-		acc += bp[13 - 7];
-		acc -= bp[12 - 7];
-		rp[5] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[6];
-		acc += bp[10 - 7];
-		acc -= bp[13 - 7];
-		rp[6] = (unsigned int)acc;
-
-		carry = (int)(acc >> 32);
-# if BN_BITS2==64
-		rp[7] = carry;
-# endif
-	}
-#else
-	{
-		BN_ULONG t_d[BN_NIST_224_TOP] = {0};
-
-		nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
-		carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-		nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-		nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-		nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
-
-#if BN_BITS2==64
-		carry = (int)(r_d[BN_NIST_224_TOP - 1] >> 32);
-#endif
-	}
-#endif
-	u.f = bn_sub_words;
-	if (carry > 0) {
-		carry = (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],
-		    BN_NIST_224_TOP);
-#if BN_BITS2==64
-		carry = (int)(~(r_d[BN_NIST_224_TOP - 1] >> 32)) & 1;
-#endif
-	} else if (carry < 0) {
-		/* it's a bit more complicated logic in this case.
-		 * if bn_add_words yields no carry, then result
-		 * has to be adjusted by unconditionally *adding*
-		 * the modulus. but if it does, then result has
-		 * to be compared to the modulus and conditionally
-		 * adjusted by *subtracting* the latter. */
-		carry = (int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],
-		    BN_NIST_224_TOP);
-		mask = 0 - (uintptr_t)carry;
-		u.p = ((uintptr_t)bn_sub_words & mask) |
-		    ((uintptr_t)bn_add_words & ~mask);
-	} else
-		carry = 1;
-
-	/* otherwise it's effectively same as in BN_nist_mod_192... */
-	mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_224[0], BN_NIST_224_TOP);
-	mask &= 0 - (uintptr_t)carry;
-	res = c_d;
-	res = (BN_ULONG *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));
-	nist_cp_bn(r_d, res, BN_NIST_224_TOP);
-	r->top = BN_NIST_224_TOP;
-	bn_correct_top(r);
-
-	return 1;
-}
-
-#define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \
-	{ \
-	bn_cp_32(to, 0, from, (a8) - 8) \
-	bn_cp_32(to, 1, from, (a7) - 8) \
-	bn_cp_32(to, 2, from, (a6) - 8) \
-	bn_cp_32(to, 3, from, (a5) - 8) \
-	bn_cp_32(to, 4, from, (a4) - 8) \
-	bn_cp_32(to, 5, from, (a3) - 8) \
-	bn_cp_32(to, 6, from, (a2) - 8) \
-	bn_cp_32(to, 7, from, (a1) - 8) \
-	}
-
-int
-BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)
-{
-	int i, top = a->top;
-	int carry = 0;
-	BN_ULONG *a_d = a->d, *r_d;
-	union {
-		BN_ULONG bn[BN_NIST_256_TOP];
-		unsigned int ui[BN_NIST_256_TOP *
-		    sizeof(BN_ULONG) / sizeof(unsigned int)];
-	} buf;
-	BN_ULONG c_d[BN_NIST_256_TOP] = {0}, *res;
-	uintptr_t mask;
-	union {
-		bn_addsub_f f;
-		uintptr_t p;
-	} u;
-	static const BIGNUM _bignum_nist_p_256_sqr = {
-		(BN_ULONG *)_nist_p_256_sqr,
-		sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
-		sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
-		0,
-		BN_FLG_STATIC_DATA
-	};
-
-	field = &_bignum_nist_p_256; /* just to make sure */
-
-	if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_256_sqr) >= 0)
-		return BN_nnmod(r, a, field, ctx);
-
-	i = BN_ucmp(field, a);
-	if (i == 0) {
-		BN_zero(r);
-		return 1;
-	} else if (i > 0)
-		return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-	if (r != a) {
-		if (!bn_wexpand(r, BN_NIST_256_TOP))
-			return 0;
-		r_d = r->d;
-		nist_cp_bn(r_d, a_d, BN_NIST_256_TOP);
-	} else
-		r_d = a_d;
-
-	nist_cp_bn_0(buf.bn, a_d + BN_NIST_256_TOP,
-	    top - BN_NIST_256_TOP, BN_NIST_256_TOP);
-
-#if defined(NIST_INT64)
-	{
-		NIST_INT64 acc;	/* accumulator */
-		unsigned int *rp = (unsigned int *)r_d;
-		const unsigned int *bp = (const unsigned int *)buf.ui;
-
-		acc = rp[0];
-		acc += bp[8 - 8];
-		acc += bp[9 - 8];
-		acc -= bp[11 - 8];
-		acc -= bp[12 - 8];
-		acc -= bp[13 - 8];
-		acc -= bp[14 - 8];
-		rp[0] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[1];
-		acc += bp[9 - 8];
-		acc += bp[10 - 8];
-		acc -= bp[12 - 8];
-		acc -= bp[13 - 8];
-		acc -= bp[14 - 8];
-		acc -= bp[15 - 8];
-		rp[1] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[2];
-		acc += bp[10 - 8];
-		acc += bp[11 - 8];
-		acc -= bp[13 - 8];
-		acc -= bp[14 - 8];
-		acc -= bp[15 - 8];
-		rp[2] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[3];
-		acc += bp[11 - 8];
-		acc += bp[11 - 8];
-		acc += bp[12 - 8];
-		acc += bp[12 - 8];
-		acc += bp[13 - 8];
-		acc -= bp[15 - 8];
-		acc -= bp[8 - 8];
-		acc -= bp[9 - 8];
-		rp[3] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[4];
-		acc += bp[12 - 8];
-		acc += bp[12 - 8];
-		acc += bp[13 - 8];
-		acc += bp[13 - 8];
-		acc += bp[14 - 8];
-		acc -= bp[9 - 8];
-		acc -= bp[10 - 8];
-		rp[4] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[5];
-		acc += bp[13 - 8];
-		acc += bp[13 - 8];
-		acc += bp[14 - 8];
-		acc += bp[14 - 8];
-		acc += bp[15 - 8];
-		acc -= bp[10 - 8];
-		acc -= bp[11 - 8];
-		rp[5] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[6];
-		acc += bp[14 - 8];
-		acc += bp[14 - 8];
-		acc += bp[15 - 8];
-		acc += bp[15 - 8];
-		acc += bp[14 - 8];
-		acc += bp[13 - 8];
-		acc -= bp[8 - 8];
-		acc -= bp[9 - 8];
-		rp[6] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[7];
-		acc += bp[15 - 8];
-		acc += bp[15 - 8];
-		acc += bp[15 - 8];
-		acc += bp[8 - 8];
-		acc -= bp[10 - 8];
-		acc -= bp[11 - 8];
-		acc -= bp[12 - 8];
-		acc -= bp[13 - 8];
-		rp[7] = (unsigned int)acc;
-
-		carry = (int)(acc >> 32);
-	}
-#else
-	{
-		BN_ULONG t_d[BN_NIST_256_TOP] = {0};
-
-		/*S1*/
-		nist_set_256(t_d, buf.bn, 15, 14, 13, 12, 11, 0, 0, 0);
-		/*S2*/
-		nist_set_256(c_d, buf.bn, 0, 15, 14, 13, 12, 0, 0, 0);
-		carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
-		/* left shift */
-		{
-			BN_ULONG *ap, t, c;
-			ap = t_d;
-			c = 0;
-			for (i = BN_NIST_256_TOP; i != 0; --i) {
-				t = *ap;
-				*(ap++) = ((t << 1) | c) & BN_MASK2;
-				c = (t & BN_TBIT) ? 1 : 0;
-			}
-			carry <<= 1;
-			carry |= c;
-		}
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*S3*/
-		nist_set_256(t_d, buf.bn, 15, 14, 0, 0, 0, 10, 9, 8);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*S4*/
-		nist_set_256(t_d, buf.bn, 8, 13, 15, 14, 13, 11, 10, 9);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*D1*/
-		nist_set_256(t_d, buf.bn, 10, 8, 0, 0, 0, 13, 12, 11);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*D2*/
-		nist_set_256(t_d, buf.bn, 11, 9, 0, 0, 15, 14, 13, 12);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*D3*/
-		nist_set_256(t_d, buf.bn, 12, 0, 10, 9, 8, 15, 14, 13);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-		/*D4*/
-		nist_set_256(t_d, buf.bn, 13, 0, 11, 10, 9, 0, 15, 14);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
-
-	}
-#endif
-	/* see BN_nist_mod_224 for explanation */
-	u.f = bn_sub_words;
-	if (carry > 0)
-		carry = (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1],
-		    BN_NIST_256_TOP);
-	else if (carry < 0) {
-		carry = (int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],
-		    BN_NIST_256_TOP);
-		mask = 0 - (uintptr_t)carry;
-		u.p = ((uintptr_t)bn_sub_words & mask) |
-		    ((uintptr_t)bn_add_words & ~mask);
-	} else
-		carry = 1;
-
-	mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_256[0], BN_NIST_256_TOP);
-	mask &= 0 - (uintptr_t)carry;
-	res = c_d;
-	res = (BN_ULONG *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));
-	nist_cp_bn(r_d, res, BN_NIST_256_TOP);
-	r->top = BN_NIST_256_TOP;
-	bn_correct_top(r);
-
-	return 1;
-}
-
-#define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \
-	{ \
-	bn_cp_32(to, 0, from,  (a12) - 12) \
-	bn_cp_32(to, 1, from,  (a11) - 12) \
-	bn_cp_32(to, 2, from,  (a10) - 12) \
-	bn_cp_32(to, 3, from,  (a9) - 12)  \
-	bn_cp_32(to, 4, from,  (a8) - 12)  \
-	bn_cp_32(to, 5, from,  (a7) - 12)  \
-	bn_cp_32(to, 6, from,  (a6) - 12)  \
-	bn_cp_32(to, 7, from,  (a5) - 12)  \
-	bn_cp_32(to, 8, from,  (a4) - 12)  \
-	bn_cp_32(to, 9, from,  (a3) - 12)  \
-	bn_cp_32(to, 10, from, (a2) - 12)  \
-	bn_cp_32(to, 11, from, (a1) - 12)  \
-	}
-
-int
-BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)
-{
-	int i, top = a->top;
-	int carry = 0;
-	BN_ULONG *r_d, *a_d = a->d;
-	union {
-		BN_ULONG bn[BN_NIST_384_TOP];
-		unsigned int ui[BN_NIST_384_TOP *
-		    sizeof(BN_ULONG) / sizeof(unsigned int)];
-	} buf;
-	BN_ULONG c_d[BN_NIST_384_TOP], *res;
-	uintptr_t mask;
-	union {
-		bn_addsub_f f;
-		uintptr_t p;
-	} u;
-	static const BIGNUM _bignum_nist_p_384_sqr = {
-		(BN_ULONG *)_nist_p_384_sqr,
-		sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
-		sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
-		0,
-		BN_FLG_STATIC_DATA
-	};
-
-	field = &_bignum_nist_p_384; /* just to make sure */
-
-	if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_384_sqr) >= 0)
-		return BN_nnmod(r, a, field, ctx);
-
-	i = BN_ucmp(field, a);
-	if (i == 0) {
-		BN_zero(r);
-		return 1;
-	} else if (i > 0)
-		return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-	if (r != a) {
-		if (!bn_wexpand(r, BN_NIST_384_TOP))
-			return 0;
-		r_d = r->d;
-		nist_cp_bn(r_d, a_d, BN_NIST_384_TOP);
-	} else
-		r_d = a_d;
-
-	nist_cp_bn_0(buf.bn, a_d + BN_NIST_384_TOP,
-	    top - BN_NIST_384_TOP, BN_NIST_384_TOP);
-
-#if defined(NIST_INT64)
-	{
-		NIST_INT64 acc;	/* accumulator */
-		unsigned int *rp = (unsigned int *)r_d;
-		const unsigned int *bp = (const unsigned int *)buf.ui;
-
-		acc = rp[0];
-		acc += bp[12 - 12];
-		acc += bp[21 - 12];
-		acc += bp[20 - 12];
-		acc -= bp[23 - 12];
-		rp[0] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[1];
-		acc += bp[13 - 12];
-		acc += bp[22 - 12];
-		acc += bp[23 - 12];
-		acc -= bp[12 - 12];
-		acc -= bp[20 - 12];
-		rp[1] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[2];
-		acc += bp[14 - 12];
-		acc += bp[23 - 12];
-		acc -= bp[13 - 12];
-		acc -= bp[21 - 12];
-		rp[2] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[3];
-		acc += bp[15 - 12];
-		acc += bp[12 - 12];
-		acc += bp[20 - 12];
-		acc += bp[21 - 12];
-		acc -= bp[14 - 12];
-		acc -= bp[22 - 12];
-		acc -= bp[23 - 12];
-		rp[3] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[4];
-		acc += bp[21 - 12];
-		acc += bp[21 - 12];
-		acc += bp[16 - 12];
-		acc += bp[13 - 12];
-		acc += bp[12 - 12];
-		acc += bp[20 - 12];
-		acc += bp[22 - 12];
-		acc -= bp[15 - 12];
-		acc -= bp[23 - 12];
-		acc -= bp[23 - 12];
-		rp[4] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[5];
-		acc += bp[22 - 12];
-		acc += bp[22 - 12];
-		acc += bp[17 - 12];
-		acc += bp[14 - 12];
-		acc += bp[13 - 12];
-		acc += bp[21 - 12];
-		acc += bp[23 - 12];
-		acc -= bp[16 - 12];
-		rp[5] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[6];
-		acc += bp[23 - 12];
-		acc += bp[23 - 12];
-		acc += bp[18 - 12];
-		acc += bp[15 - 12];
-		acc += bp[14 - 12];
-		acc += bp[22 - 12];
-		acc -= bp[17 - 12];
-		rp[6] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[7];
-		acc += bp[19 - 12];
-		acc += bp[16 - 12];
-		acc += bp[15 - 12];
-		acc += bp[23 - 12];
-		acc -= bp[18 - 12];
-		rp[7] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[8];
-		acc += bp[20 - 12];
-		acc += bp[17 - 12];
-		acc += bp[16 - 12];
-		acc -= bp[19 - 12];
-		rp[8] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[9];
-		acc += bp[21 - 12];
-		acc += bp[18 - 12];
-		acc += bp[17 - 12];
-		acc -= bp[20 - 12];
-		rp[9] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[10];
-		acc += bp[22 - 12];
-		acc += bp[19 - 12];
-		acc += bp[18 - 12];
-		acc -= bp[21 - 12];
-		rp[10] = (unsigned int)acc;
-		acc >>= 32;
-
-		acc += rp[11];
-		acc += bp[23 - 12];
-		acc += bp[20 - 12];
-		acc += bp[19 - 12];
-		acc -= bp[22 - 12];
-		rp[11] = (unsigned int)acc;
-
-		carry = (int)(acc >> 32);
-	}
-#else
-	{
-		BN_ULONG t_d[BN_NIST_384_TOP] = {0};
-
-		/*S1*/
-		nist_set_256(t_d, buf.bn, 0, 0, 0, 0, 0, 23 - 4, 22 - 4,
-		    21 - 4);
-		/* left shift */
-		{
-			BN_ULONG *ap, t, c;
-			ap = t_d;
-			c = 0;
-			for (i = 3; i != 0; --i) {
-				t= *ap;
-				*(ap++) = ((t << 1)|c) & BN_MASK2;
-				c = (t & BN_TBIT) ? 1 : 0;
-			}
-			*ap = c;
-		}
-		carry = (int)bn_add_words(r_d + (128 / BN_BITS2),
-		    r_d + (128 / BN_BITS2), t_d, BN_NIST_256_TOP);
-		/*S2 */
-		carry += (int)bn_add_words(r_d, r_d, buf.bn, BN_NIST_384_TOP);
-		/*S3*/
-		nist_set_384(t_d, buf.bn, 20, 19, 18, 17, 16, 15, 14, 13, 12,
-		    23, 22, 21);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*S4*/
-		nist_set_384(t_d, buf.bn, 19, 18, 17, 16, 15, 14, 13, 12, 20,
-		    0, 23, 0);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*S5*/
-		nist_set_384(t_d, buf.bn, 0,0, 0,0, 23, 22, 21, 20, 0,0, 0, 0);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*S6*/
-		nist_set_384(t_d, buf.bn, 0,0, 0,0, 0,0, 23, 22, 21, 0,0, 20);
-		carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*D1*/
-		nist_set_384(t_d, buf.bn, 22, 21, 20, 19, 18, 17, 16, 15, 14,
-		    13, 12, 23);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*D2*/
-		nist_set_384(t_d, buf.bn, 0,0, 0,0, 0,0, 0,23, 22, 21, 20, 0);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-		/*D3*/
-		nist_set_384(t_d, buf.bn, 0,0, 0,0, 0,0, 0,23, 23, 0,0, 0);
-		carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
-
-	}
-#endif
-	/* see BN_nist_mod_224 for explanation */
-	u.f = bn_sub_words;
-	if (carry > 0)
-		carry = (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1],
-		    BN_NIST_384_TOP);
-	else if (carry < 0) {
-		carry = (int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],
-		    BN_NIST_384_TOP);
-		mask = 0 - (uintptr_t)carry;
-		u.p = ((uintptr_t)bn_sub_words & mask) |
-		    ((uintptr_t)bn_add_words & ~mask);
-	} else
-		carry = 1;
-
-	mask = 0 - (uintptr_t)(*u.f)(c_d, r_d, _nist_p_384[0], BN_NIST_384_TOP);
-	mask &= 0 - (uintptr_t)carry;
-	res = c_d;
-	res = (BN_ULONG *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));
-	nist_cp_bn(r_d, res, BN_NIST_384_TOP);
-	r->top = BN_NIST_384_TOP;
-	bn_correct_top(r);
-
-	return 1;
-}
-
-#define BN_NIST_521_RSHIFT	(521%BN_BITS2)
-#define BN_NIST_521_LSHIFT	(BN_BITS2-BN_NIST_521_RSHIFT)
-#define BN_NIST_521_TOP_MASK	((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT)
-
-int
-BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field, BN_CTX *ctx)
-{
-	int top = a->top, i;
-	BN_ULONG *r_d, *a_d = a->d, t_d[BN_NIST_521_TOP], val, tmp, *res;
-	uintptr_t mask;
-	static const BIGNUM _bignum_nist_p_521_sqr = {
-		(BN_ULONG *)_nist_p_521_sqr,
-		sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
-		sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
-		0,
-		BN_FLG_STATIC_DATA
-	};
-
-	field = &_bignum_nist_p_521; /* just to make sure */
-
-	if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_521_sqr) >= 0)
-		return BN_nnmod(r, a, field, ctx);
-
-	i = BN_ucmp(field, a);
-	if (i == 0) {
-		BN_zero(r);
-		return 1;
-	} else if (i > 0)
-		return (r == a) ? 1 : (BN_copy(r, a) != NULL);
-
-	if (r != a) {
-		if (!bn_wexpand(r, BN_NIST_521_TOP))
-			return 0;
-		r_d = r->d;
-		nist_cp_bn(r_d, a_d, BN_NIST_521_TOP);
-	} else
-		r_d = a_d;
-
-	/* upper 521 bits, copy ... */
-	nist_cp_bn_0(t_d, a_d + (BN_NIST_521_TOP - 1),
-	    top - (BN_NIST_521_TOP - 1), BN_NIST_521_TOP);
-	/* ... and right shift */
-	for (val = t_d[0], i = 0; i < BN_NIST_521_TOP - 1; i++) {
-		tmp = val >> BN_NIST_521_RSHIFT;
-		val = t_d[i + 1];
-		t_d[i] = (tmp | val << BN_NIST_521_LSHIFT) & BN_MASK2;
-	}
-	t_d[i] = val >> BN_NIST_521_RSHIFT;
-	/* lower 521 bits */
-	r_d[i] &= BN_NIST_521_TOP_MASK;
-
-	bn_add_words(r_d, r_d, t_d, BN_NIST_521_TOP);
-	mask = 0 - (uintptr_t)bn_sub_words(t_d, r_d, _nist_p_521,
-	    BN_NIST_521_TOP);
-	res = t_d;
-	res = (BN_ULONG *)(((uintptr_t)res & ~mask) | ((uintptr_t)r_d & mask));
-	nist_cp_bn(r_d, res, BN_NIST_521_TOP);
-	r->top = BN_NIST_521_TOP;
-	bn_correct_top(r);
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_prime.c b/lib/libssl/src/crypto/bn/bn_prime.c
deleted file mode 100644
index fb39756de24..00000000000
--- a/lib/libssl/src/crypto/bn/bn_prime.c
+++ /dev/null
@@ -1,546 +0,0 @@
-/* $OpenBSD: bn_prime.c,v 1.15 2016/07/05 02:54:35 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-/* NB: these functions have been "upgraded", the deprecated versions (which are
- * compatibility wrappers using these functions) are in bn_depr.c.
- * - Geoff
- */
-
-/* The quick sieve algorithm approach to weeding out primes is
- * Philip Zimmermann's, as implemented in PGP.  I have had a read of
- * his comments and implemented my own version.
- */
-#include "bn_prime.h"
-
-static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
-    const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont);
-static int probable_prime(BIGNUM *rnd, int bits);
-static int probable_prime_dh(BIGNUM *rnd, int bits,
-    const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
-static int probable_prime_dh_safe(BIGNUM *rnd, int bits,
-    const BIGNUM *add, const BIGNUM *rem, BN_CTX *ctx);
-
-int
-BN_GENCB_call(BN_GENCB *cb, int a, int b)
-{
-	/* No callback means continue */
-	if (!cb)
-		return 1;
-	switch (cb->ver) {
-	case 1:
-		/* Deprecated-style callbacks */
-		if (!cb->cb.cb_1)
-			return 1;
-		cb->cb.cb_1(a, b, cb->arg);
-		return 1;
-	case 2:
-		/* New-style callbacks */
-		return cb->cb.cb_2(a, b, cb);
-	default:
-		break;
-	}
-	/* Unrecognised callback type */
-	return 0;
-}
-
-int
-BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
-    const BIGNUM *rem, BN_GENCB *cb)
-{
-	BIGNUM *t;
-	int found = 0;
-	int i, j, c1 = 0;
-	BN_CTX *ctx;
-	int checks;
-
-	if (bits < 2 || (bits == 2 && safe)) {
-		/*
-		 * There are no prime numbers smaller than 2, and the smallest
-		 * safe prime (7) spans three bits.
-		 */
-		BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
-		return 0;
-	}
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	checks = BN_prime_checks_for_size(bits);
-
-loop:
-	/* make a random number and set the top and bottom bits */
-	if (add == NULL) {
-		if (!probable_prime(ret, bits))
-			goto err;
-	} else {
-		if (safe) {
-			if (!probable_prime_dh_safe(ret, bits, add, rem, ctx))
-				goto err;
-		} else {
-			if (!probable_prime_dh(ret, bits, add, rem, ctx))
-				goto err;
-		}
-	}
-	/* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */
-	if (!BN_GENCB_call(cb, 0, c1++))
-		/* aborted */
-		goto err;
-
-	if (!safe) {
-		i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);
-		if (i == -1)
-			goto err;
-		if (i == 0)
-			goto loop;
-	} else {
-		/* for "safe prime" generation,
-		 * check that (p-1)/2 is prime.
-		 * Since a prime is odd, We just
-		 * need to divide by 2 */
-		if (!BN_rshift1(t, ret))
-			goto err;
-
-		for (i = 0; i < checks; i++) {
-			j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
-			if (j == -1)
-				goto err;
-			if (j == 0)
-				goto loop;
-
-			j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
-			if (j == -1)
-				goto err;
-			if (j == 0)
-				goto loop;
-
-			if (!BN_GENCB_call(cb, 2, c1 - 1))
-				goto err;
-			/* We have a safe prime test pass */
-		}
-	}
-	/* we have a prime :-) */
-	found = 1;
-
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	bn_check_top(ret);
-	return found;
-}
-
-int
-BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, BN_GENCB *cb)
-{
-	return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb);
-}
-
-int
-BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
-    int do_trial_division, BN_GENCB *cb)
-{
-	int i, j, ret = -1;
-	int k;
-	BN_CTX *ctx = NULL;
-	BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
-	BN_MONT_CTX *mont = NULL;
-	const BIGNUM *A = NULL;
-
-	if (BN_cmp(a, BN_value_one()) <= 0)
-		return 0;
-
-	if (checks == BN_prime_checks)
-		checks = BN_prime_checks_for_size(BN_num_bits(a));
-
-	/* first look for small factors */
-	if (!BN_is_odd(a))
-		/* a is even => a is prime if and only if a == 2 */
-		return BN_is_word(a, 2);
-	if (do_trial_division) {
-		for (i = 1; i < NUMPRIMES; i++) {
-			BN_ULONG mod = BN_mod_word(a, primes[i]);
-			if (mod == (BN_ULONG)-1)
-				goto err;
-			if (mod == 0)
-				return 0;
-		}
-		if (!BN_GENCB_call(cb, 1, -1))
-			goto err;
-	}
-
-	if (ctx_passed != NULL)
-		ctx = ctx_passed;
-	else if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-
-	/* A := abs(a) */
-	if (a->neg) {
-		BIGNUM *t;
-		if ((t = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		BN_copy(t, a);
-		t->neg = 0;
-		A = t;
-	} else
-		A = a;
-	if ((A1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((A1_odd = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((check = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* compute A1 := A - 1 */
-	if (!BN_copy(A1, A))
-		goto err;
-	if (!BN_sub_word(A1, 1))
-		goto err;
-	if (BN_is_zero(A1)) {
-		ret = 0;
-		goto err;
-	}
-
-	/* write  A1  as  A1_odd * 2^k */
-	k = 1;
-	while (!BN_is_bit_set(A1, k))
-		k++;
-	if (!BN_rshift(A1_odd, A1, k))
-		goto err;
-
-	/* Montgomery setup for computations mod A */
-	mont = BN_MONT_CTX_new();
-	if (mont == NULL)
-		goto err;
-	if (!BN_MONT_CTX_set(mont, A, ctx))
-		goto err;
-
-	for (i = 0; i < checks; i++) {
-		if (!BN_pseudo_rand_range(check, A1))
-			goto err;
-		if (!BN_add_word(check, 1))
-			goto err;
-		/* now 1 <= check < A */
-
-		j = witness(check, A, A1, A1_odd, k, ctx, mont);
-		if (j == -1)
-			goto err;
-		if (j) {
-			ret = 0;
-			goto err;
-		}
-		if (!BN_GENCB_call(cb, 1, i))
-			goto err;
-	}
-	ret = 1;
-
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		if (ctx_passed == NULL)
-			BN_CTX_free(ctx);
-	}
-	BN_MONT_CTX_free(mont);
-
-	return (ret);
-}
-
-static int
-witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, const BIGNUM *a1_odd,
-    int k, BN_CTX *ctx, BN_MONT_CTX *mont)
-{
-	if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont))
-		/* w := w^a1_odd mod a */
-		return -1;
-	if (BN_is_one(w))
-		return 0; /* probably prime */
-	if (BN_cmp(w, a1) == 0)
-		return 0; /* w == -1 (mod a),  'a' is probably prime */
-	while (--k) {
-		if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
-			return -1;
-		if (BN_is_one(w))
-			return 1; /* 'a' is composite, otherwise a previous 'w' would
-			           * have been == -1 (mod 'a') */
-		if (BN_cmp(w, a1) == 0)
-			return 0; /* w == -1 (mod a), 'a' is probably prime */
-	}
-	/* If we get here, 'w' is the (a-1)/2-th power of the original 'w',
-	 * and it is neither -1 nor +1 -- so 'a' cannot be prime */
-	bn_check_top(w);
-	return 1;
-}
-
-static int
-probable_prime(BIGNUM *rnd, int bits)
-{
-	int i;
-	prime_t mods[NUMPRIMES];
-	BN_ULONG delta, maxdelta;
-
-again:
-	if (!BN_rand(rnd, bits, 1, 1))
-		return (0);
-	/* we now have a random number 'rand' to test. */
-	for (i = 1; i < NUMPRIMES; i++) {
-		BN_ULONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
-		if (mod == (BN_ULONG)-1)
-			return (0);
-		mods[i] = (prime_t)mod;
-	}
-	maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
-	delta = 0;
-loop:
-	for (i = 1; i < NUMPRIMES; i++) {
-		/* check that rnd is not a prime and also
-		 * that gcd(rnd-1,primes) == 1 (except for 2) */
-		if (((mods[i] + delta) % primes[i]) <= 1) {
-			delta += 2;
-			if (delta > maxdelta)
-				goto again;
-			goto loop;
-		}
-	}
-	if (!BN_add_word(rnd, delta))
-		return (0);
-	bn_check_top(rnd);
-	return (1);
-}
-
-static int
-probable_prime_dh(BIGNUM *rnd, int bits, const BIGNUM *add, const BIGNUM *rem,
-    BN_CTX *ctx)
-{
-	int i, ret = 0;
-	BIGNUM *t1;
-
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_rand(rnd, bits, 0, 1))
-		goto err;
-
-	/* we need ((rnd-rem) % add) == 0 */
-
-	if (!BN_mod(t1, rnd, add, ctx))
-		goto err;
-	if (!BN_sub(rnd, rnd, t1))
-		goto err;
-	if (rem == NULL) {
-		if (!BN_add_word(rnd, 1))
-			goto err;
-	} else {
-		if (!BN_add(rnd, rnd, rem))
-			goto err;
-	}
-
-	/* we now have a random number 'rand' to test. */
-
-loop:
-	for (i = 1; i < NUMPRIMES; i++) {
-		/* check that rnd is a prime */
-		BN_LONG mod = BN_mod_word(rnd, (BN_ULONG)primes[i]);
-		if (mod == (BN_ULONG)-1)
-			goto err;
-		if (mod <= 1) {
-			if (!BN_add(rnd, rnd, add))
-				goto err;
-			goto loop;
-		}
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(rnd);
-	return (ret);
-}
-
-static int
-probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
-    const BIGNUM *rem, BN_CTX *ctx)
-{
-	int i, ret = 0;
-	BIGNUM *t1, *qadd, *q;
-
-	bits--;
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((q = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((qadd = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_rshift1(qadd, padd))
-		goto err;
-
-	if (!BN_rand(q, bits, 0, 1))
-		goto err;
-
-	/* we need ((rnd-rem) % add) == 0 */
-	if (!BN_mod(t1, q,qadd, ctx))
-		goto err;
-	if (!BN_sub(q, q, t1))
-		goto err;
-	if (rem == NULL) {
-		if (!BN_add_word(q, 1))
-			goto err;
-	} else {
-		if (!BN_rshift1(t1, rem))
-			goto err;
-		if (!BN_add(q, q, t1))
-			goto err;
-	}
-
-	/* we now have a random number 'rand' to test. */
-	if (!BN_lshift1(p, q))
-		goto err;
-	if (!BN_add_word(p, 1))
-		goto err;
-
-loop:
-	for (i = 1; i < NUMPRIMES; i++) {
-		/* check that p and q are prime */
-		/* check that for p and q
-		 * gcd(p-1,primes) == 1 (except for 2) */
-		BN_ULONG pmod = BN_mod_word(p, (BN_ULONG)primes[i]);
-		BN_ULONG qmod = BN_mod_word(q, (BN_ULONG)primes[i]);
-		if (pmod == (BN_ULONG)-1 || qmod == (BN_ULONG)-1)
-			goto err;
-		if (pmod == 0 || qmod == 0) {
-			if (!BN_add(p, p, padd))
-				goto err;
-			if (!BN_add(q, q, qadd))
-				goto err;
-			goto loop;
-		}
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(p);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_prime.h b/lib/libssl/src/crypto/bn/bn_prime.h
deleted file mode 100644
index 3102d8eb417..00000000000
--- a/lib/libssl/src/crypto/bn/bn_prime.h
+++ /dev/null
@@ -1,319 +0,0 @@
-/* $OpenBSD: bn_prime.h,v 1.6 2014/06/12 15:49:28 deraadt Exp $ */
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define NUMPRIMES 2048
-typedef unsigned short prime_t;
-static const prime_t primes[NUMPRIMES] = {
-	2,   3,   5,   7,  11,  13,  17,  19,
-	23,  29,  31,  37,  41,  43,  47,  53,
-	59,  61,  67,  71,  73,  79,  83,  89,
-	97, 101, 103, 107, 109, 113, 127, 131,
-	137, 139, 149, 151, 157, 163, 167, 173,
-	179, 181, 191, 193, 197, 199, 211, 223,
-	227, 229, 233, 239, 241, 251, 257, 263,
-	269, 271, 277, 281, 283, 293, 307, 311,
-	313, 317, 331, 337, 347, 349, 353, 359,
-	367, 373, 379, 383, 389, 397, 401, 409,
-	419, 421, 431, 433, 439, 443, 449, 457,
-	461, 463, 467, 479, 487, 491, 499, 503,
-	509, 521, 523, 541, 547, 557, 563, 569,
-	571, 577, 587, 593, 599, 601, 607, 613,
-	617, 619, 631, 641, 643, 647, 653, 659,
-	661, 673, 677, 683, 691, 701, 709, 719,
-	727, 733, 739, 743, 751, 757, 761, 769,
-	773, 787, 797, 809, 811, 821, 823, 827,
-	829, 839, 853, 857, 859, 863, 877, 881,
-	883, 887, 907, 911, 919, 929, 937, 941,
-	947, 953, 967, 971, 977, 983, 991, 997,
-	1009, 1013, 1019, 1021, 1031, 1033, 1039, 1049,
-	1051, 1061, 1063, 1069, 1087, 1091, 1093, 1097,
-	1103, 1109, 1117, 1123, 1129, 1151, 1153, 1163,
-	1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223,
-	1229, 1231, 1237, 1249, 1259, 1277, 1279, 1283,
-	1289, 1291, 1297, 1301, 1303, 1307, 1319, 1321,
-	1327, 1361, 1367, 1373, 1381, 1399, 1409, 1423,
-	1427, 1429, 1433, 1439, 1447, 1451, 1453, 1459,
-	1471, 1481, 1483, 1487, 1489, 1493, 1499, 1511,
-	1523, 1531, 1543, 1549, 1553, 1559, 1567, 1571,
-	1579, 1583, 1597, 1601, 1607, 1609, 1613, 1619,
-	1621, 1627, 1637, 1657, 1663, 1667, 1669, 1693,
-	1697, 1699, 1709, 1721, 1723, 1733, 1741, 1747,
-	1753, 1759, 1777, 1783, 1787, 1789, 1801, 1811,
-	1823, 1831, 1847, 1861, 1867, 1871, 1873, 1877,
-	1879, 1889, 1901, 1907, 1913, 1931, 1933, 1949,
-	1951, 1973, 1979, 1987, 1993, 1997, 1999, 2003,
-	2011, 2017, 2027, 2029, 2039, 2053, 2063, 2069,
-	2081, 2083, 2087, 2089, 2099, 2111, 2113, 2129,
-	2131, 2137, 2141, 2143, 2153, 2161, 2179, 2203,
-	2207, 2213, 2221, 2237, 2239, 2243, 2251, 2267,
-	2269, 2273, 2281, 2287, 2293, 2297, 2309, 2311,
-	2333, 2339, 2341, 2347, 2351, 2357, 2371, 2377,
-	2381, 2383, 2389, 2393, 2399, 2411, 2417, 2423,
-	2437, 2441, 2447, 2459, 2467, 2473, 2477, 2503,
-	2521, 2531, 2539, 2543, 2549, 2551, 2557, 2579,
-	2591, 2593, 2609, 2617, 2621, 2633, 2647, 2657,
-	2659, 2663, 2671, 2677, 2683, 2687, 2689, 2693,
-	2699, 2707, 2711, 2713, 2719, 2729, 2731, 2741,
-	2749, 2753, 2767, 2777, 2789, 2791, 2797, 2801,
-	2803, 2819, 2833, 2837, 2843, 2851, 2857, 2861,
-	2879, 2887, 2897, 2903, 2909, 2917, 2927, 2939,
-	2953, 2957, 2963, 2969, 2971, 2999, 3001, 3011,
-	3019, 3023, 3037, 3041, 3049, 3061, 3067, 3079,
-	3083, 3089, 3109, 3119, 3121, 3137, 3163, 3167,
-	3169, 3181, 3187, 3191, 3203, 3209, 3217, 3221,
-	3229, 3251, 3253, 3257, 3259, 3271, 3299, 3301,
-	3307, 3313, 3319, 3323, 3329, 3331, 3343, 3347,
-	3359, 3361, 3371, 3373, 3389, 3391, 3407, 3413,
-	3433, 3449, 3457, 3461, 3463, 3467, 3469, 3491,
-	3499, 3511, 3517, 3527, 3529, 3533, 3539, 3541,
-	3547, 3557, 3559, 3571, 3581, 3583, 3593, 3607,
-	3613, 3617, 3623, 3631, 3637, 3643, 3659, 3671,
-	3673, 3677, 3691, 3697, 3701, 3709, 3719, 3727,
-	3733, 3739, 3761, 3767, 3769, 3779, 3793, 3797,
-	3803, 3821, 3823, 3833, 3847, 3851, 3853, 3863,
-	3877, 3881, 3889, 3907, 3911, 3917, 3919, 3923,
-	3929, 3931, 3943, 3947, 3967, 3989, 4001, 4003,
-	4007, 4013, 4019, 4021, 4027, 4049, 4051, 4057,
-	4073, 4079, 4091, 4093, 4099, 4111, 4127, 4129,
-	4133, 4139, 4153, 4157, 4159, 4177, 4201, 4211,
-	4217, 4219, 4229, 4231, 4241, 4243, 4253, 4259,
-	4261, 4271, 4273, 4283, 4289, 4297, 4327, 4337,
-	4339, 4349, 4357, 4363, 4373, 4391, 4397, 4409,
-	4421, 4423, 4441, 4447, 4451, 4457, 4463, 4481,
-	4483, 4493, 4507, 4513, 4517, 4519, 4523, 4547,
-	4549, 4561, 4567, 4583, 4591, 4597, 4603, 4621,
-	4637, 4639, 4643, 4649, 4651, 4657, 4663, 4673,
-	4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751,
-	4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813,
-	4817, 4831, 4861, 4871, 4877, 4889, 4903, 4909,
-	4919, 4931, 4933, 4937, 4943, 4951, 4957, 4967,
-	4969, 4973, 4987, 4993, 4999, 5003, 5009, 5011,
-	5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087,
-	5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167,
-	5171, 5179, 5189, 5197, 5209, 5227, 5231, 5233,
-	5237, 5261, 5273, 5279, 5281, 5297, 5303, 5309,
-	5323, 5333, 5347, 5351, 5381, 5387, 5393, 5399,
-	5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443,
-	5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507,
-	5519, 5521, 5527, 5531, 5557, 5563, 5569, 5573,
-	5581, 5591, 5623, 5639, 5641, 5647, 5651, 5653,
-	5657, 5659, 5669, 5683, 5689, 5693, 5701, 5711,
-	5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
-	5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849,
-	5851, 5857, 5861, 5867, 5869, 5879, 5881, 5897,
-	5903, 5923, 5927, 5939, 5953, 5981, 5987, 6007,
-	6011, 6029, 6037, 6043, 6047, 6053, 6067, 6073,
-	6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133,
-	6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211,
-	6217, 6221, 6229, 6247, 6257, 6263, 6269, 6271,
-	6277, 6287, 6299, 6301, 6311, 6317, 6323, 6329,
-	6337, 6343, 6353, 6359, 6361, 6367, 6373, 6379,
-	6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473,
-	6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563,
-	6569, 6571, 6577, 6581, 6599, 6607, 6619, 6637,
-	6653, 6659, 6661, 6673, 6679, 6689, 6691, 6701,
-	6703, 6709, 6719, 6733, 6737, 6761, 6763, 6779,
-	6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
-	6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907,
-	6911, 6917, 6947, 6949, 6959, 6961, 6967, 6971,
-	6977, 6983, 6991, 6997, 7001, 7013, 7019, 7027,
-	7039, 7043, 7057, 7069, 7079, 7103, 7109, 7121,
-	7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207,
-	7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253,
-	7283, 7297, 7307, 7309, 7321, 7331, 7333, 7349,
-	7351, 7369, 7393, 7411, 7417, 7433, 7451, 7457,
-	7459, 7477, 7481, 7487, 7489, 7499, 7507, 7517,
-	7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561,
-	7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621,
-	7639, 7643, 7649, 7669, 7673, 7681, 7687, 7691,
-	7699, 7703, 7717, 7723, 7727, 7741, 7753, 7757,
-	7759, 7789, 7793, 7817, 7823, 7829, 7841, 7853,
-	7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919,
-	7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009,
-	8011, 8017, 8039, 8053, 8059, 8069, 8081, 8087,
-	8089, 8093, 8101, 8111, 8117, 8123, 8147, 8161,
-	8167, 8171, 8179, 8191, 8209, 8219, 8221, 8231,
-	8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291,
-	8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369,
-	8377, 8387, 8389, 8419, 8423, 8429, 8431, 8443,
-	8447, 8461, 8467, 8501, 8513, 8521, 8527, 8537,
-	8539, 8543, 8563, 8573, 8581, 8597, 8599, 8609,
-	8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677,
-	8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731,
-	8737, 8741, 8747, 8753, 8761, 8779, 8783, 8803,
-	8807, 8819, 8821, 8831, 8837, 8839, 8849, 8861,
-	8863, 8867, 8887, 8893, 8923, 8929, 8933, 8941,
-	8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011,
-	9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091,
-	9103, 9109, 9127, 9133, 9137, 9151, 9157, 9161,
-	9173, 9181, 9187, 9199, 9203, 9209, 9221, 9227,
-	9239, 9241, 9257, 9277, 9281, 9283, 9293, 9311,
-	9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377,
-	9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433,
-	9437, 9439, 9461, 9463, 9467, 9473, 9479, 9491,
-	9497, 9511, 9521, 9533, 9539, 9547, 9551, 9587,
-	9601, 9613, 9619, 9623, 9629, 9631, 9643, 9649,
-	9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733,
-	9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791,
-	9803, 9811, 9817, 9829, 9833, 9839, 9851, 9857,
-	9859, 9871, 9883, 9887, 9901, 9907, 9923, 9929,
-	9931, 9941, 9949, 9967, 9973, 10007, 10009, 10037,
-	10039, 10061, 10067, 10069, 10079, 10091, 10093, 10099,
-	10103, 10111, 10133, 10139, 10141, 10151, 10159, 10163,
-	10169, 10177, 10181, 10193, 10211, 10223, 10243, 10247,
-	10253, 10259, 10267, 10271, 10273, 10289, 10301, 10303,
-	10313, 10321, 10331, 10333, 10337, 10343, 10357, 10369,
-	10391, 10399, 10427, 10429, 10433, 10453, 10457, 10459,
-	10463, 10477, 10487, 10499, 10501, 10513, 10529, 10531,
-	10559, 10567, 10589, 10597, 10601, 10607, 10613, 10627,
-	10631, 10639, 10651, 10657, 10663, 10667, 10687, 10691,
-	10709, 10711, 10723, 10729, 10733, 10739, 10753, 10771,
-	10781, 10789, 10799, 10831, 10837, 10847, 10853, 10859,
-	10861, 10867, 10883, 10889, 10891, 10903, 10909, 10937,
-	10939, 10949, 10957, 10973, 10979, 10987, 10993, 11003,
-	11027, 11047, 11057, 11059, 11069, 11071, 11083, 11087,
-	11093, 11113, 11117, 11119, 11131, 11149, 11159, 11161,
-	11171, 11173, 11177, 11197, 11213, 11239, 11243, 11251,
-	11257, 11261, 11273, 11279, 11287, 11299, 11311, 11317,
-	11321, 11329, 11351, 11353, 11369, 11383, 11393, 11399,
-	11411, 11423, 11437, 11443, 11447, 11467, 11471, 11483,
-	11489, 11491, 11497, 11503, 11519, 11527, 11549, 11551,
-	11579, 11587, 11593, 11597, 11617, 11621, 11633, 11657,
-	11677, 11681, 11689, 11699, 11701, 11717, 11719, 11731,
-	11743, 11777, 11779, 11783, 11789, 11801, 11807, 11813,
-	11821, 11827, 11831, 11833, 11839, 11863, 11867, 11887,
-	11897, 11903, 11909, 11923, 11927, 11933, 11939, 11941,
-	11953, 11959, 11969, 11971, 11981, 11987, 12007, 12011,
-	12037, 12041, 12043, 12049, 12071, 12073, 12097, 12101,
-	12107, 12109, 12113, 12119, 12143, 12149, 12157, 12161,
-	12163, 12197, 12203, 12211, 12227, 12239, 12241, 12251,
-	12253, 12263, 12269, 12277, 12281, 12289, 12301, 12323,
-	12329, 12343, 12347, 12373, 12377, 12379, 12391, 12401,
-	12409, 12413, 12421, 12433, 12437, 12451, 12457, 12473,
-	12479, 12487, 12491, 12497, 12503, 12511, 12517, 12527,
-	12539, 12541, 12547, 12553, 12569, 12577, 12583, 12589,
-	12601, 12611, 12613, 12619, 12637, 12641, 12647, 12653,
-	12659, 12671, 12689, 12697, 12703, 12713, 12721, 12739,
-	12743, 12757, 12763, 12781, 12791, 12799, 12809, 12821,
-	12823, 12829, 12841, 12853, 12889, 12893, 12899, 12907,
-	12911, 12917, 12919, 12923, 12941, 12953, 12959, 12967,
-	12973, 12979, 12983, 13001, 13003, 13007, 13009, 13033,
-	13037, 13043, 13049, 13063, 13093, 13099, 13103, 13109,
-	13121, 13127, 13147, 13151, 13159, 13163, 13171, 13177,
-	13183, 13187, 13217, 13219, 13229, 13241, 13249, 13259,
-	13267, 13291, 13297, 13309, 13313, 13327, 13331, 13337,
-	13339, 13367, 13381, 13397, 13399, 13411, 13417, 13421,
-	13441, 13451, 13457, 13463, 13469, 13477, 13487, 13499,
-	13513, 13523, 13537, 13553, 13567, 13577, 13591, 13597,
-	13613, 13619, 13627, 13633, 13649, 13669, 13679, 13681,
-	13687, 13691, 13693, 13697, 13709, 13711, 13721, 13723,
-	13729, 13751, 13757, 13759, 13763, 13781, 13789, 13799,
-	13807, 13829, 13831, 13841, 13859, 13873, 13877, 13879,
-	13883, 13901, 13903, 13907, 13913, 13921, 13931, 13933,
-	13963, 13967, 13997, 13999, 14009, 14011, 14029, 14033,
-	14051, 14057, 14071, 14081, 14083, 14087, 14107, 14143,
-	14149, 14153, 14159, 14173, 14177, 14197, 14207, 14221,
-	14243, 14249, 14251, 14281, 14293, 14303, 14321, 14323,
-	14327, 14341, 14347, 14369, 14387, 14389, 14401, 14407,
-	14411, 14419, 14423, 14431, 14437, 14447, 14449, 14461,
-	14479, 14489, 14503, 14519, 14533, 14537, 14543, 14549,
-	14551, 14557, 14561, 14563, 14591, 14593, 14621, 14627,
-	14629, 14633, 14639, 14653, 14657, 14669, 14683, 14699,
-	14713, 14717, 14723, 14731, 14737, 14741, 14747, 14753,
-	14759, 14767, 14771, 14779, 14783, 14797, 14813, 14821,
-	14827, 14831, 14843, 14851, 14867, 14869, 14879, 14887,
-	14891, 14897, 14923, 14929, 14939, 14947, 14951, 14957,
-	14969, 14983, 15013, 15017, 15031, 15053, 15061, 15073,
-	15077, 15083, 15091, 15101, 15107, 15121, 15131, 15137,
-	15139, 15149, 15161, 15173, 15187, 15193, 15199, 15217,
-	15227, 15233, 15241, 15259, 15263, 15269, 15271, 15277,
-	15287, 15289, 15299, 15307, 15313, 15319, 15329, 15331,
-	15349, 15359, 15361, 15373, 15377, 15383, 15391, 15401,
-	15413, 15427, 15439, 15443, 15451, 15461, 15467, 15473,
-	15493, 15497, 15511, 15527, 15541, 15551, 15559, 15569,
-	15581, 15583, 15601, 15607, 15619, 15629, 15641, 15643,
-	15647, 15649, 15661, 15667, 15671, 15679, 15683, 15727,
-	15731, 15733, 15737, 15739, 15749, 15761, 15767, 15773,
-	15787, 15791, 15797, 15803, 15809, 15817, 15823, 15859,
-	15877, 15881, 15887, 15889, 15901, 15907, 15913, 15919,
-	15923, 15937, 15959, 15971, 15973, 15991, 16001, 16007,
-	16033, 16057, 16061, 16063, 16067, 16069, 16073, 16087,
-	16091, 16097, 16103, 16111, 16127, 16139, 16141, 16183,
-	16187, 16189, 16193, 16217, 16223, 16229, 16231, 16249,
-	16253, 16267, 16273, 16301, 16319, 16333, 16339, 16349,
-	16361, 16363, 16369, 16381, 16411, 16417, 16421, 16427,
-	16433, 16447, 16451, 16453, 16477, 16481, 16487, 16493,
-	16519, 16529, 16547, 16553, 16561, 16567, 16573, 16603,
-	16607, 16619, 16631, 16633, 16649, 16651, 16657, 16661,
-	16673, 16691, 16693, 16699, 16703, 16729, 16741, 16747,
-	16759, 16763, 16787, 16811, 16823, 16829, 16831, 16843,
-	16871, 16879, 16883, 16889, 16901, 16903, 16921, 16927,
-	16931, 16937, 16943, 16963, 16979, 16981, 16987, 16993,
-	17011, 17021, 17027, 17029, 17033, 17041, 17047, 17053,
-	17077, 17093, 17099, 17107, 17117, 17123, 17137, 17159,
-	17167, 17183, 17189, 17191, 17203, 17207, 17209, 17231,
-	17239, 17257, 17291, 17293, 17299, 17317, 17321, 17327,
-	17333, 17341, 17351, 17359, 17377, 17383, 17387, 17389,
-	17393, 17401, 17417, 17419, 17431, 17443, 17449, 17467,
-	17471, 17477, 17483, 17489, 17491, 17497, 17509, 17519,
-	17539, 17551, 17569, 17573, 17579, 17581, 17597, 17599,
-	17609, 17623, 17627, 17657, 17659, 17669, 17681, 17683,
-	17707, 17713, 17729, 17737, 17747, 17749, 17761, 17783,
-	17789, 17791, 17807, 17827, 17837, 17839, 17851, 17863,
-};
diff --git a/lib/libssl/src/crypto/bn/bn_prime.pl b/lib/libssl/src/crypto/bn/bn_prime.pl
deleted file mode 100644
index eb73f0bfa6f..00000000000
--- a/lib/libssl/src/crypto/bn/bn_prime.pl
+++ /dev/null
@@ -1,103 +0,0 @@
-#!/usr/local/bin/perl
-# bn_prime.pl
-
-$num=2048;
-$num=$ARGV[0] if ($#ARGV >= 0);
-
-push(@primes,2);
-$p=1;
-loop: while ($#primes < $num-1)
-	{
-	$p+=2;
-	$s=int(sqrt($p));
-
-	for ($i=0; defined($primes[$i]) && $primes[$i]<=$s; $i++)
-		{
-		next loop if (($p%$primes[$i]) == 0);
-		}
-	push(@primes,$p);
-	}
-
-# print <<"EOF";
-# /* Auto generated by bn_prime.pl */
-# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
-#  * All rights reserved.
-#  * Copyright remains Eric Young's, and as such any Copyright notices in
-#  * the code are not to be removed.
-#  * See the COPYRIGHT file in the SSLeay distribution for more details.
-#  */
-# 
-# EOF
-
-print <<\EOF;
-/* Auto generated by bn_prime.pl */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-EOF
-
-printf "#define NUMPRIMES %d\n",$num;
-printf "typedef unsigned short prime_t;\n";
-print "static const prime_t primes[NUMPRIMES]=\n{\n\t";
-for ($i=0; $i <= $#primes; $i++)
-	{
-	printf("\n\t") if (($i%8) == 0) && ($i != 0);
-	printf("%4d,",$primes[$i]);
-	}
-print "\n};\n";
-
-
diff --git a/lib/libssl/src/crypto/bn/bn_print.c b/lib/libssl/src/crypto/bn/bn_print.c
deleted file mode 100644
index 2c1681a2c04..00000000000
--- a/lib/libssl/src/crypto/bn/bn_print.c
+++ /dev/null
@@ -1,407 +0,0 @@
-/* $OpenBSD: bn_print.c,v 1.29 2016/03/02 06:16:11 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <ctype.h>
-#include <limits.h>
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-static const char Hex[]="0123456789ABCDEF";
-
-/* Must 'free' the returned data */
-char *
-BN_bn2hex(const BIGNUM *a)
-{
-	int i, j, v, z = 0;
-	char *buf;
-	char *p;
-
-	buf = malloc(BN_is_negative(a) + a->top * BN_BYTES * 2 + 2);
-	if (buf == NULL) {
-		BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	p = buf;
-	if (BN_is_negative(a))
-		*p++ = '-';
-	if (BN_is_zero(a))
-		*p++ = '0';
-	for (i = a->top - 1; i >=0; i--) {
-		for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
-			/* strip leading zeros */
-			v = ((int)(a->d[i] >> (long)j)) & 0xff;
-			if (z || (v != 0)) {
-				*p++ = Hex[v >> 4];
-				*p++ = Hex[v & 0x0f];
-				z = 1;
-			}
-		}
-	}
-	*p = '\0';
-
-err:
-	return (buf);
-}
-
-/* Must 'free' the returned data */
-char *
-BN_bn2dec(const BIGNUM *a)
-{
-	int i = 0, num, ok = 0;
-	char *buf = NULL;
-	char *p;
-	BIGNUM *t = NULL;
-	BN_ULONG *bn_data = NULL, *lp;
-
-	if (BN_is_zero(a)) {
-		buf = malloc(BN_is_negative(a) + 2);
-		if (buf == NULL) {
-			BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		p = buf;
-		if (BN_is_negative(a))
-			*p++ = '-';
-		*p++ = '0';
-		*p++ = '\0';
-		return (buf);
-	}
-
-	/* get an upper bound for the length of the decimal integer
-	 * num <= (BN_num_bits(a) + 1) * log(2)
-	 *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
-	 *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
-	 */
-	i = BN_num_bits(a) * 3;
-	num = (i / 10 + i / 1000 + 1) + 1;
-	bn_data = reallocarray(NULL, num / BN_DEC_NUM + 1, sizeof(BN_ULONG));
-	buf = malloc(num + 3);
-	if ((buf == NULL) || (bn_data == NULL)) {
-		BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if ((t = BN_dup(a)) == NULL)
-		goto err;
-
-#define BUF_REMAIN (num+3 - (size_t)(p - buf))
-	p = buf;
-	lp = bn_data;
-	if (BN_is_negative(t))
-		*p++ = '-';
-
-	i = 0;
-	while (!BN_is_zero(t)) {
-		*lp = BN_div_word(t, BN_DEC_CONV);
-		lp++;
-	}
-	lp--;
-	/* We now have a series of blocks, BN_DEC_NUM chars
-	 * in length, where the last one needs truncation.
-	 * The blocks need to be reversed in order. */
-	snprintf(p, BUF_REMAIN, BN_DEC_FMT1, *lp);
-	while (*p)
-		p++;
-	while (lp != bn_data) {
-		lp--;
-		snprintf(p, BUF_REMAIN, BN_DEC_FMT2, *lp);
-		while (*p)
-			p++;
-	}
-	ok = 1;
-
-err:
-	free(bn_data);
-	BN_free(t);
-	if (!ok && buf) {
-		free(buf);
-		buf = NULL;
-	}
-
-	return (buf);
-}
-
-int
-BN_hex2bn(BIGNUM **bn, const char *a)
-{
-	BIGNUM *ret = NULL;
-	BN_ULONG l = 0;
-	int neg = 0, h, m, i,j, k, c;
-	int num;
-
-	if ((a == NULL) || (*a == '\0'))
-		return (0);
-
-	if (*a == '-') {
-		neg = 1;
-		a++;
-	}
-
-	for (i = 0; i <= (INT_MAX / 4) && isxdigit((unsigned char)a[i]); i++)
-		;
-	if (i > INT_MAX / 4)
-		goto err;
-
-	num = i + neg;
-	if (bn == NULL)
-		return (num);
-
-	/* a is the start of the hex digits, and it is 'i' long */
-	if (*bn == NULL) {
-		if ((ret = BN_new()) == NULL)
-			return (0);
-	} else {
-		ret= *bn;
-		BN_zero(ret);
-	}
-
-	/* i is the number of hex digits */
-	if (bn_expand(ret, i * 4) == NULL)
-		goto err;
-
-	j = i; /* least significant 'hex' */
-	m = 0;
-	h = 0;
-	while (j > 0) {
-		m = ((BN_BYTES*2) <= j) ? (BN_BYTES * 2) : j;
-		l = 0;
-		for (;;) {
-			c = a[j - m];
-			if ((c >= '0') && (c <= '9'))
-				k = c - '0';
-			else if ((c >= 'a') && (c <= 'f'))
-				k = c - 'a' + 10;
-			else if ((c >= 'A') && (c <= 'F'))
-				k = c - 'A' + 10;
-			else
-				k = 0; /* paranoia */
-			l = (l << 4) | k;
-
-			if (--m <= 0) {
-				ret->d[h++] = l;
-				break;
-			}
-		}
-		j -= (BN_BYTES * 2);
-	}
-	ret->top = h;
-	bn_correct_top(ret);
-	ret->neg = neg;
-
-	*bn = ret;
-	bn_check_top(ret);
-	return (num);
-
-err:
-	if (*bn == NULL)
-		BN_free(ret);
-	return (0);
-}
-
-int
-BN_dec2bn(BIGNUM **bn, const char *a)
-{
-	BIGNUM *ret = NULL;
-	BN_ULONG l = 0;
-	int neg = 0, i, j;
-	int num;
-
-	if ((a == NULL) || (*a == '\0'))
-		return (0);
-	if (*a == '-') {
-		neg = 1;
-		a++;
-	}
-
-	for (i = 0; i <= (INT_MAX / 4) && isdigit((unsigned char)a[i]); i++)
-		;
-	if (i > INT_MAX / 4)
-		goto err;
-
-	num = i + neg;
-	if (bn == NULL)
-		return (num);
-
-	/* a is the start of the digits, and it is 'i' long.
-	 * We chop it into BN_DEC_NUM digits at a time */
-	if (*bn == NULL) {
-		if ((ret = BN_new()) == NULL)
-			return (0);
-	} else {
-		ret = *bn;
-		BN_zero(ret);
-	}
-
-	/* i is the number of digits, a bit of an over expand */
-	if (bn_expand(ret, i * 4) == NULL)
-		goto err;
-
-	j = BN_DEC_NUM - (i % BN_DEC_NUM);
-	if (j == BN_DEC_NUM)
-		j = 0;
-	l = 0;
-	while (*a) {
-		l *= 10;
-		l += *a - '0';
-		a++;
-		if (++j == BN_DEC_NUM) {
-			BN_mul_word(ret, BN_DEC_CONV);
-			BN_add_word(ret, l);
-			l = 0;
-			j = 0;
-		}
-	}
-	ret->neg = neg;
-
-	bn_correct_top(ret);
-	*bn = ret;
-	bn_check_top(ret);
-	return (num);
-
-err:
-	if (*bn == NULL)
-		BN_free(ret);
-	return (0);
-}
-
-int
-BN_asc2bn(BIGNUM **bn, const char *a)
-{
-	const char *p = a;
-	if (*p == '-')
-		p++;
-
-	if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
-		if (!BN_hex2bn(bn, p + 2))
-			return 0;
-	} else {
-		if (!BN_dec2bn(bn, p))
-			return 0;
-	}
-	if (*a == '-')
-		(*bn)->neg = 1;
-	return 1;
-}
-
-#ifndef OPENSSL_NO_BIO
-int
-BN_print_fp(FILE *fp, const BIGNUM *a)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL)
-		return (0);
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = BN_print(b, a);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-BN_print(BIO *bp, const BIGNUM *a)
-{
-	int i, j, v, z = 0;
-	int ret = 0;
-
-	if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
-		goto end;
-	if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
-		goto end;
-	for (i = a->top - 1; i >= 0; i--) {
-		for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
-			/* strip leading zeros */
-			v = ((int)(a->d[i] >> (long)j)) & 0x0f;
-			if (z || (v != 0)) {
-				if (BIO_write(bp, &(Hex[v]), 1) != 1)
-					goto end;
-				z = 1;
-			}
-		}
-	}
-	ret = 1;
-
-end:
-	return (ret);
-}
-#endif
-
-char *
-BN_options(void)
-{
-	static int init = 0;
-	static char data[16];
-
-	if (!init) {
-		init++;
-#ifdef BN_LLONG
-		snprintf(data,sizeof data, "bn(%d,%d)",
-		    (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#else
-		snprintf(data,sizeof data, "bn(%d,%d)",
-		    (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
-#endif
-	}
-	return (data);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_rand.c b/lib/libssl/src/crypto/bn/bn_rand.c
deleted file mode 100644
index 783f6c22f80..00000000000
--- a/lib/libssl/src/crypto/bn/bn_rand.c
+++ /dev/null
@@ -1,291 +0,0 @@
-/* $OpenBSD: bn_rand.c,v 1.18 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-static int
-bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
-{
-	unsigned char *buf = NULL;
-	int ret = 0, bit, bytes, mask;
-
-	if (rnd == NULL) {
-		BNerr(BN_F_BNRAND, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-
-	if (bits == 0) {
-		BN_zero(rnd);
-		return (1);
-	}
-
-	bytes = (bits + 7) / 8;
-	bit = (bits - 1) % 8;
-	mask = 0xff << (bit + 1);
-
-	buf = malloc(bytes);
-	if (buf == NULL) {
-		BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* make a random number and set the top and bottom bits */
-	arc4random_buf(buf, bytes);
-
-#if 1
-	if (pseudorand == 2) {
-		/* generate patterns that are more likely to trigger BN
-		   library bugs */
-		int i;
-		unsigned char c;
-
-		for (i = 0; i < bytes; i++) {
-			arc4random_buf(&c, 1);
-			if (c >= 128 && i > 0)
-				buf[i] = buf[i - 1];
-			else if (c < 42)
-				buf[i] = 0;
-			else if (c < 84)
-				buf[i] = 255;
-		}
-	}
-#endif
-
-	if (top != -1) {
-		if (top) {
-			if (bit == 0) {
-				buf[0] = 1;
-				buf[1] |= 0x80;
-			} else {
-				buf[0] |= (3 << (bit - 1));
-			}
-		} else {
-			buf[0] |= (1 << bit);
-		}
-	}
-	buf[0] &= ~mask;
-	if (bottom) /* set bottom bit if requested */
-		buf[bytes - 1] |= 1;
-	if (BN_bin2bn(buf, bytes, rnd) == NULL)
-		goto err;
-	ret = 1;
-
-err:
-	if (buf != NULL) {
-		explicit_bzero(buf, bytes);
-		free(buf);
-	}
-	bn_check_top(rnd);
-	return (ret);
-}
-
-int    
-BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-	return bnrand(0, rnd, bits, top, bottom);
-}
-
-int    
-BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-	return bnrand(1, rnd, bits, top, bottom);
-}
-
-#if 1
-int    
-BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
-{
-	return bnrand(2, rnd, bits, top, bottom);
-}
-#endif
-
-
-/* random number r:  0 <= r < range */
-static int
-bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
-{
-	int (*bn_rand)(BIGNUM *, int, int, int) = pseudo ? BN_pseudo_rand : BN_rand;
-	int n;
-	int count = 100;
-
-	if (range->neg || BN_is_zero(range)) {
-		BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
-		return 0;
-	}
-
-	n = BN_num_bits(range); /* n > 0 */
-
-	/* BN_is_bit_set(range, n - 1) always holds */
-
-	if (n == 1)
-		BN_zero(r);
-	else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
-		/* range = 100..._2,
-		 * so  3*range (= 11..._2)  is exactly one bit longer than  range */
-		do {
-			if (!bn_rand(r, n + 1, -1, 0))
-				return 0;
-			/* If  r < 3*range,  use  r := r MOD range
-			 * (which is either  r, r - range,  or  r - 2*range).
-			 * Otherwise, iterate once more.
-			 * Since  3*range = 11..._2, each iteration succeeds with
-			 * probability >= .75. */
-			if (BN_cmp(r, range) >= 0) {
-				if (!BN_sub(r, r, range))
-					return 0;
-				if (BN_cmp(r, range) >= 0)
-					if (!BN_sub(r, r, range))
-						return 0;
-			}
-
-			if (!--count) {
-				BNerr(BN_F_BN_RAND_RANGE,
-				    BN_R_TOO_MANY_ITERATIONS);
-				return 0;
-			}
-
-		} while (BN_cmp(r, range) >= 0);
-	} else {
-		do {
-			/* range = 11..._2  or  range = 101..._2 */
-			if (!bn_rand(r, n, -1, 0))
-				return 0;
-
-			if (!--count) {
-				BNerr(BN_F_BN_RAND_RANGE,
-				    BN_R_TOO_MANY_ITERATIONS);
-				return 0;
-			}
-		} while (BN_cmp(r, range) >= 0);
-	}
-
-	bn_check_top(r);
-	return 1;
-}
-
-int
-BN_rand_range(BIGNUM *r, const BIGNUM *range)
-{
-	return bn_rand_range(0, r, range);
-}
-
-int
-BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
-{
-	return bn_rand_range(1, r, range);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_recp.c b/lib/libssl/src/crypto/bn/bn_recp.c
deleted file mode 100644
index b0bd0aa4dfe..00000000000
--- a/lib/libssl/src/crypto/bn/bn_recp.c
+++ /dev/null
@@ -1,263 +0,0 @@
-/* $OpenBSD: bn_recp.c,v 1.13 2015/04/29 00:11:12 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-void
-BN_RECP_CTX_init(BN_RECP_CTX *recp)
-{
-	BN_init(&(recp->N));
-	BN_init(&(recp->Nr));
-	recp->num_bits = 0;
-	recp->flags = 0;
-}
-
-BN_RECP_CTX *
-BN_RECP_CTX_new(void)
-{
-	BN_RECP_CTX *ret;
-
-	if ((ret = malloc(sizeof(BN_RECP_CTX))) == NULL)
-		return (NULL);
-
-	BN_RECP_CTX_init(ret);
-	ret->flags = BN_FLG_MALLOCED;
-	return (ret);
-}
-
-void
-BN_RECP_CTX_free(BN_RECP_CTX *recp)
-{
-	if (recp == NULL)
-		return;
-
-	BN_free(&(recp->N));
-	BN_free(&(recp->Nr));
-	if (recp->flags & BN_FLG_MALLOCED)
-		free(recp);
-}
-
-int
-BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
-{
-	if (!BN_copy(&(recp->N), d))
-		return 0;
-	BN_zero(&(recp->Nr));
-	recp->num_bits = BN_num_bits(d);
-	recp->shift = 0;
-	return (1);
-}
-
-int
-BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
-    BN_RECP_CTX *recp, BN_CTX *ctx)
-{
-	int ret = 0;
-	BIGNUM *a;
-	const BIGNUM *ca;
-
-	BN_CTX_start(ctx);
-	if ((a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (y != NULL) {
-		if (x == y) {
-			if (!BN_sqr(a, x, ctx))
-				goto err;
-		} else {
-			if (!BN_mul(a, x, y, ctx))
-				goto err;
-		}
-		ca = a;
-	} else
-		ca = x; /* Just do the mod */
-
-	ret = BN_div_recp(NULL, r, ca, recp, ctx);
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(r);
-	return (ret);
-}
-
-int
-BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp,
-    BN_CTX *ctx)
-{
-	int i, j, ret = 0;
-	BIGNUM *a, *b, *d, *r;
-
-	BN_CTX_start(ctx);
-	a = BN_CTX_get(ctx);
-	b = BN_CTX_get(ctx);
-	if (dv != NULL)
-		d = dv;
-	else
-		d = BN_CTX_get(ctx);
-	if (rem != NULL)
-		r = rem;
-	else
-		r = BN_CTX_get(ctx);
-	if (a == NULL || b == NULL || d == NULL || r == NULL)
-		goto err;
-
-	if (BN_ucmp(m, &(recp->N)) < 0) {
-		BN_zero(d);
-		if (!BN_copy(r, m)) {
-			BN_CTX_end(ctx);
-			return 0;
-		}
-		BN_CTX_end(ctx);
-		return (1);
-	}
-
-	/* We want the remainder
-	 * Given input of ABCDEF / ab
-	 * we need multiply ABCDEF by 3 digests of the reciprocal of ab
-	 *
-	 */
-
-	/* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
-	i = BN_num_bits(m);
-	j = recp->num_bits << 1;
-	if (j > i)
-		i = j;
-
-	/* Nr := round(2^i / N) */
-	if (i != recp->shift)
-		recp->shift = BN_reciprocal(&(recp->Nr), &(recp->N), i, ctx);
-
-	/* BN_reciprocal returns i, or -1 for an error */
-	if (recp->shift == -1)
-		goto err;
-
-	/* d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
-	 *    = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
-	 *   <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
-	 *    = |m/N|
-	 */
-	if (!BN_rshift(a, m, recp->num_bits))
-		goto err;
-	if (!BN_mul(b, a,&(recp->Nr), ctx))
-		goto err;
-	if (!BN_rshift(d, b, i - recp->num_bits))
-		goto err;
-	d->neg = 0;
-
-	if (!BN_mul(b, &(recp->N), d, ctx))
-		goto err;
-	if (!BN_usub(r, m, b))
-		goto err;
-	r->neg = 0;
-
-#if 1
-	j = 0;
-	while (BN_ucmp(r, &(recp->N)) >= 0) {
-		if (j++ > 2) {
-			BNerr(BN_F_BN_DIV_RECP, BN_R_BAD_RECIPROCAL);
-			goto err;
-		}
-		if (!BN_usub(r, r, &(recp->N)))
-			goto err;
-		if (!BN_add_word(d, 1))
-			goto err;
-	}
-#endif
-
-	r->neg = BN_is_zero(r) ? 0 : m->neg;
-	d->neg = m->neg^recp->N.neg;
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	bn_check_top(dv);
-	bn_check_top(rem);
-	return (ret);
-}
-
-/* len is the expected size of the result
- * We actually calculate with an extra word of precision, so
- * we can do faster division if the remainder is not required.
- */
-/* r := 2^len / m */
-int
-BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
-{
-	int ret = -1;
-	BIGNUM *t;
-
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_set_bit(t, len))
-		goto err;
-
-	if (!BN_div(r, NULL, t,m, ctx))
-		goto err;
-
-	ret = len;
-
-err:
-	bn_check_top(r);
-	BN_CTX_end(ctx);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_shift.c b/lib/libssl/src/crypto/bn/bn_shift.c
deleted file mode 100644
index 0e8211e3d60..00000000000
--- a/lib/libssl/src/crypto/bn/bn_shift.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* $OpenBSD: bn_shift.c,v 1.13 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "bn_lcl.h"
-
-int
-BN_lshift1(BIGNUM *r, const BIGNUM *a)
-{
-	BN_ULONG *ap, *rp, t, c;
-	int i;
-
-	bn_check_top(r);
-	bn_check_top(a);
-
-	if (r != a) {
-		r->neg = a->neg;
-		if (bn_wexpand(r, a->top + 1) == NULL)
-			return (0);
-		r->top = a->top;
-	} else {
-		if (bn_wexpand(r, a->top + 1) == NULL)
-			return (0);
-	}
-	ap = a->d;
-	rp = r->d;
-	c = 0;
-	for (i = 0; i < a->top; i++) {
-		t= *(ap++);
-		*(rp++) = ((t << 1) | c) & BN_MASK2;
-		c = (t & BN_TBIT) ? 1 : 0;
-	}
-	if (c) {
-		*rp = 1;
-		r->top++;
-	}
-	bn_check_top(r);
-	return (1);
-}
-
-int
-BN_rshift1(BIGNUM *r, const BIGNUM *a)
-{
-	BN_ULONG *ap, *rp, t, c;
-	int i, j;
-
-	bn_check_top(r);
-	bn_check_top(a);
-
-	if (BN_is_zero(a)) {
-		BN_zero(r);
-		return (1);
-	}
-	i = a->top;
-	ap = a->d;
-	j = i - (ap[i - 1]==1);
-	if (a != r) {
-		if (bn_wexpand(r, j) == NULL)
-			return (0);
-		r->neg = a->neg;
-	}
-	rp = r->d;
-	t = ap[--i];
-	c = (t & 1) ? BN_TBIT : 0;
-	if (t >>= 1)
-		rp[i] = t;
-	while (i > 0) {
-		t = ap[--i];
-		rp[i] = ((t >> 1) & BN_MASK2) | c;
-		c = (t & 1) ? BN_TBIT : 0;
-	}
-	r->top = j;
-	bn_check_top(r);
-	return (1);
-}
-
-int
-BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
-{
-	int i, nw, lb, rb;
-	BN_ULONG *t, *f;
-	BN_ULONG l;
-
-	bn_check_top(r);
-	bn_check_top(a);
-
-	r->neg = a->neg;
-	nw = n / BN_BITS2;
-	if (bn_wexpand(r, a->top + nw + 1) == NULL)
-		return (0);
-	lb = n % BN_BITS2;
-	rb = BN_BITS2 - lb;
-	f = a->d;
-	t = r->d;
-	t[a->top + nw] = 0;
-	if (lb == 0)
-		for (i = a->top - 1; i >= 0; i--)
-			t[nw + i] = f[i];
-	else
-		for (i = a->top - 1; i >= 0; i--) {
-			l = f[i];
-			t[nw + i + 1] |= (l >> rb) & BN_MASK2;
-			t[nw + i] = (l << lb) & BN_MASK2;
-		}
-	memset(t, 0, nw * sizeof(t[0]));
-/*	for (i=0; i<nw; i++)
-		t[i]=0;*/
-	r->top = a->top + nw + 1;
-	bn_correct_top(r);
-	bn_check_top(r);
-	return (1);
-}
-
-int
-BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
-{
-	int i, j, nw, lb, rb;
-	BN_ULONG *t, *f;
-	BN_ULONG l, tmp;
-
-	bn_check_top(r);
-	bn_check_top(a);
-
-	nw = n / BN_BITS2;
-	rb = n % BN_BITS2;
-	lb = BN_BITS2 - rb;
-	if (nw >= a->top || a->top == 0) {
-		BN_zero(r);
-		return (1);
-	}
-	i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
-	if (r != a) {
-		r->neg = a->neg;
-		if (bn_wexpand(r, i) == NULL)
-			return (0);
-	} else {
-		if (n == 0)
-			return 1; /* or the copying loop will go berserk */
-	}
-
-	f = &(a->d[nw]);
-	t = r->d;
-	j = a->top - nw;
-	r->top = i;
-
-	if (rb == 0) {
-		for (i = j; i != 0; i--)
-			*(t++) = *(f++);
-	} else {
-		l = *(f++);
-		for (i = j - 1; i != 0; i--) {
-			tmp = (l >> rb) & BN_MASK2;
-			l = *(f++);
-			*(t++) = (tmp|(l << lb)) & BN_MASK2;
-		}
-		if ((l = (l >> rb) & BN_MASK2))
-			*(t) = l;
-	}
-	bn_check_top(r);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_sqr.c b/lib/libssl/src/crypto/bn/bn_sqr.c
deleted file mode 100644
index a0dce6ea817..00000000000
--- a/lib/libssl/src/crypto/bn/bn_sqr.c
+++ /dev/null
@@ -1,286 +0,0 @@
-/* $OpenBSD: bn_sqr.c,v 1.12 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "bn_lcl.h"
-
-/* r must not be a */
-/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
-int
-BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
-{
-	int max, al;
-	int ret = 0;
-	BIGNUM *tmp, *rr;
-
-#ifdef BN_COUNT
-	fprintf(stderr, "BN_sqr %d * %d\n", a->top, a->top);
-#endif
-	bn_check_top(a);
-
-	al = a->top;
-	if (al <= 0) {
-		r->top = 0;
-		r->neg = 0;
-		return 1;
-	}
-
-	BN_CTX_start(ctx);
-	rr = (a != r) ? r : BN_CTX_get(ctx);
-	tmp = BN_CTX_get(ctx);
-	if (rr == NULL || tmp == NULL)
-		goto err;
-
-	max = 2 * al; /* Non-zero (from above) */
-	if (bn_wexpand(rr, max) == NULL)
-		goto err;
-
-	if (al == 4) {
-#ifndef BN_SQR_COMBA
-		BN_ULONG t[8];
-		bn_sqr_normal(rr->d, a->d, 4, t);
-#else
-		bn_sqr_comba4(rr->d, a->d);
-#endif
-	} else if (al == 8) {
-#ifndef BN_SQR_COMBA
-		BN_ULONG t[16];
-		bn_sqr_normal(rr->d, a->d, 8, t);
-#else
-		bn_sqr_comba8(rr->d, a->d);
-#endif
-	} else {
-#if defined(BN_RECURSION)
-		if (al < BN_SQR_RECURSIVE_SIZE_NORMAL) {
-			BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2];
-			bn_sqr_normal(rr->d, a->d, al, t);
-		} else {
-			int j, k;
-
-			j = BN_num_bits_word((BN_ULONG)al);
-			j = 1 << (j - 1);
-			k = j + j;
-			if (al == j) {
-				if (bn_wexpand(tmp, k * 2) == NULL)
-					goto err;
-				bn_sqr_recursive(rr->d, a->d, al, tmp->d);
-			} else {
-				if (bn_wexpand(tmp, max) == NULL)
-					goto err;
-				bn_sqr_normal(rr->d, a->d, al, tmp->d);
-			}
-		}
-#else
-		if (bn_wexpand(tmp, max) == NULL)
-			goto err;
-		bn_sqr_normal(rr->d, a->d, al, tmp->d);
-#endif
-	}
-
-	rr->neg = 0;
-	/* If the most-significant half of the top word of 'a' is zero, then
-	 * the square of 'a' will max-1 words. */
-	if (a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
-		rr->top = max - 1;
-	else
-		rr->top = max;
-	if (rr != r)
-		BN_copy(r, rr);
-	ret = 1;
-
-err:
-	bn_check_top(rr);
-	bn_check_top(tmp);
-	BN_CTX_end(ctx);
-	return (ret);
-}
-
-/* tmp must have 2*n words */
-void
-bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
-{
-	int i, j, max;
-	const BN_ULONG *ap;
-	BN_ULONG *rp;
-
-	max = n * 2;
-	ap = a;
-	rp = r;
-	rp[0] = rp[max - 1] = 0;
-	rp++;
-	j = n;
-
-	if (--j > 0) {
-		ap++;
-		rp[j] = bn_mul_words(rp, ap, j, ap[-1]);
-		rp += 2;
-	}
-
-	for (i = n - 2; i > 0; i--) {
-		j--;
-		ap++;
-		rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);
-		rp += 2;
-	}
-
-	bn_add_words(r, r, r, max);
-
-	/* There will not be a carry */
-
-	bn_sqr_words(tmp, a, n);
-
-	bn_add_words(r, r, tmp, max);
-}
-
-#ifdef BN_RECURSION
-/* r is 2*n words in size,
- * a and b are both n words in size.    (There's not actually a 'b' here ...)
- * n must be a power of 2.
- * We multiply and return the result.
- * t must be 2*n words in size
- * We calculate
- * a[0]*b[0]
- * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
- * a[1]*b[1]
- */
-void
-bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
-{
-	int n = n2 / 2;
-	int zero, c1;
-	BN_ULONG ln, lo, *p;
-
-#ifdef BN_COUNT
-	fprintf(stderr, " bn_sqr_recursive %d * %d\n", n2, n2);
-#endif
-	if (n2 == 4) {
-#ifndef BN_SQR_COMBA
-		bn_sqr_normal(r, a, 4, t);
-#else
-		bn_sqr_comba4(r, a);
-#endif
-		return;
-	} else if (n2 == 8) {
-#ifndef BN_SQR_COMBA
-		bn_sqr_normal(r, a, 8, t);
-#else
-		bn_sqr_comba8(r, a);
-#endif
-		return;
-	}
-	if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL) {
-		bn_sqr_normal(r, a, n2, t);
-		return;
-	}
-	/* r=(a[0]-a[1])*(a[1]-a[0]) */
-	c1 = bn_cmp_words(a, &(a[n]), n);
-	zero = 0;
-	if (c1 > 0)
-		bn_sub_words(t, a, &(a[n]), n);
-	else if (c1 < 0)
-		bn_sub_words(t, &(a[n]), a, n);
-	else
-		zero = 1;
-
-	/* The result will always be negative unless it is zero */
-	p = &(t[n2*2]);
-
-	if (!zero)
-		bn_sqr_recursive(&(t[n2]), t, n, p);
-	else
-		memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
-	bn_sqr_recursive(r, a, n, p);
-	bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
-	 * r[10] holds (a[0]*b[0])
-	 * r[32] holds (b[1]*b[1])
-	 */
-
-	c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
-
-	/* t[32] is negative */
-	c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
-
-	/* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
-	 * r[10] holds (a[0]*a[0])
-	 * r[32] holds (a[1]*a[1])
-	 * c1 holds the carry bits
-	 */
-	c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
-	if (c1) {
-		p = &(r[n + n2]);
-		lo= *p;
-		ln = (lo + c1) & BN_MASK2;
-		*p = ln;
-
-		/* The overflow will stop before we over write
-		 * words we should not overwrite */
-		if (ln < (BN_ULONG)c1) {
-			do {
-				p++;
-				lo= *p;
-				ln = (lo + 1) & BN_MASK2;
-				*p = ln;
-			} while (ln == 0);
-		}
-	}
-}
-#endif
diff --git a/lib/libssl/src/crypto/bn/bn_sqrt.c b/lib/libssl/src/crypto/bn/bn_sqrt.c
deleted file mode 100644
index f94fa410941..00000000000
--- a/lib/libssl/src/crypto/bn/bn_sqrt.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/* $OpenBSD: bn_sqrt.c,v 1.6 2015/02/09 15:49:22 jsing Exp $ */
-/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * and Bodo Moeller for the OpenSSL project. */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "bn_lcl.h"
-
-BIGNUM *
-BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
-/* Returns 'ret' such that
- *      ret^2 == a (mod p),
- * using the Tonelli/Shanks algorithm (cf. Henri Cohen, "A Course
- * in Algebraic Computational Number Theory", algorithm 1.5.1).
- * 'p' must be prime!
- */
-{
-	BIGNUM *ret = in;
-	int err = 1;
-	int r;
-	BIGNUM *A, *b, *q, *t, *x, *y;
-	int e, i, j;
-
-	if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) {
-		if (BN_abs_is_word(p, 2)) {
-			if (ret == NULL)
-				ret = BN_new();
-			if (ret == NULL)
-				goto end;
-			if (!BN_set_word(ret, BN_is_bit_set(a, 0))) {
-				if (ret != in)
-					BN_free(ret);
-				return NULL;
-			}
-			bn_check_top(ret);
-			return ret;
-		}
-
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-		return (NULL);
-	}
-
-	if (BN_is_zero(a) || BN_is_one(a)) {
-		if (ret == NULL)
-			ret = BN_new();
-		if (ret == NULL)
-			goto end;
-		if (!BN_set_word(ret, BN_is_one(a))) {
-			if (ret != in)
-				BN_free(ret);
-			return NULL;
-		}
-		bn_check_top(ret);
-		return ret;
-	}
-
-	BN_CTX_start(ctx);
-	if ((A = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((q = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto end;
-
-	if (ret == NULL)
-		ret = BN_new();
-	if (ret == NULL)
-		goto end;
-
-	/* A = a mod p */
-	if (!BN_nnmod(A, a, p, ctx))
-		goto end;
-
-	/* now write  |p| - 1  as  2^e*q  where  q  is odd */
-	e = 1;
-	while (!BN_is_bit_set(p, e))
-		e++;
-	/* we'll set  q  later (if needed) */
-
-	if (e == 1) {
-		/* The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
-		 * modulo  (|p|-1)/2,  and square roots can be computed
-		 * directly by modular exponentiation.
-		 * We have
-		 *     2 * (|p|+1)/4 == 1   (mod (|p|-1)/2),
-		 * so we can use exponent  (|p|+1)/4,  i.e.  (|p|-3)/4 + 1.
-		 */
-		if (!BN_rshift(q, p, 2))
-			goto end;
-		q->neg = 0;
-		if (!BN_add_word(q, 1))
-			goto end;
-		if (!BN_mod_exp(ret, A, q, p, ctx))
-			goto end;
-		err = 0;
-		goto vrfy;
-	}
-
-	if (e == 2) {
-		/* |p| == 5  (mod 8)
-		 *
-		 * In this case  2  is always a non-square since
-		 * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
-		 * So if  a  really is a square, then  2*a  is a non-square.
-		 * Thus for
-		 *      b := (2*a)^((|p|-5)/8),
-		 *      i := (2*a)*b^2
-		 * we have
-		 *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
-		 *         = (2*a)^((p-1)/2)
-		 *         = -1;
-		 * so if we set
-		 *      x := a*b*(i-1),
-		 * then
-		 *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
-		 *         = a^2 * b^2 * (-2*i)
-		 *         = a*(-i)*(2*a*b^2)
-		 *         = a*(-i)*i
-		 *         = a.
-		 *
-		 * (This is due to A.O.L. Atkin,
-		 * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
-		 * November 1992.)
-		 */
-
-		/* t := 2*a */
-		if (!BN_mod_lshift1_quick(t, A, p))
-			goto end;
-
-		/* b := (2*a)^((|p|-5)/8) */
-		if (!BN_rshift(q, p, 3))
-			goto end;
-		q->neg = 0;
-		if (!BN_mod_exp(b, t, q, p, ctx))
-			goto end;
-
-		/* y := b^2 */
-		if (!BN_mod_sqr(y, b, p, ctx))
-			goto end;
-
-		/* t := (2*a)*b^2 - 1*/
-		if (!BN_mod_mul(t, t, y, p, ctx))
-			goto end;
-		if (!BN_sub_word(t, 1))
-			goto end;
-
-		/* x = a*b*t */
-		if (!BN_mod_mul(x, A, b, p, ctx))
-			goto end;
-		if (!BN_mod_mul(x, x, t, p, ctx))
-			goto end;
-
-		if (!BN_copy(ret, x))
-			goto end;
-		err = 0;
-		goto vrfy;
-	}
-
-	/* e > 2, so we really have to use the Tonelli/Shanks algorithm.
-	 * First, find some  y  that is not a square. */
-	if (!BN_copy(q, p)) goto end; /* use 'q' as temp */
-		q->neg = 0;
-	i = 2;
-	do {
-		/* For efficiency, try small numbers first;
-		 * if this fails, try random numbers.
-		 */
-		if (i < 22) {
-			if (!BN_set_word(y, i))
-				goto end;
-		} else {
-			if (!BN_pseudo_rand(y, BN_num_bits(p), 0, 0))
-				goto end;
-			if (BN_ucmp(y, p) >= 0) {
-				if (!(p->neg ? BN_add : BN_sub)(y, y, p))
-					goto end;
-			}
-			/* now 0 <= y < |p| */
-			if (BN_is_zero(y))
-				if (!BN_set_word(y, i))
-					goto end;
-		}
-
-		r = BN_kronecker(y, q, ctx); /* here 'q' is |p| */
-		if (r < -1)
-			goto end;
-		if (r == 0) {
-			/* m divides p */
-			BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-			goto end;
-		}
-	}
-	while (r == 1 && ++i < 82);
-
-		if (r != -1) {
-		/* Many rounds and still no non-square -- this is more likely
-		 * a bug than just bad luck.
-		 * Even if  p  is not prime, we should have found some  y
-		 * such that r == -1.
-		 */
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_TOO_MANY_ITERATIONS);
-		goto end;
-	}
-
-	/* Here's our actual 'q': */
-	if (!BN_rshift(q, q, e))
-		goto end;
-
-	/* Now that we have some non-square, we can find an element
-	 * of order  2^e  by computing its q'th power. */
-	if (!BN_mod_exp(y, y, q, p, ctx))
-		goto end;
-	if (BN_is_one(y)) {
-		BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
-		goto end;
-	}
-
-	/* Now we know that (if  p  is indeed prime) there is an integer
-	 * k,  0 <= k < 2^e,  such that
-	 *
-	 *      a^q * y^k == 1   (mod p).
-	 *
-	 * As  a^q  is a square and  y  is not,  k  must be even.
-	 * q+1  is even, too, so there is an element
-	 *
-	 *     X := a^((q+1)/2) * y^(k/2),
-	 *
-	 * and it satisfies
-	 *
-	 *     X^2 = a^q * a     * y^k
-	 *         = a,
-	 *
-	 * so it is the square root that we are looking for.
-	 */
-
-	/* t := (q-1)/2  (note that  q  is odd) */
-	if (!BN_rshift1(t, q))
-		goto end;
-
-	/* x := a^((q-1)/2) */
-	if (BN_is_zero(t)) /* special case: p = 2^e + 1 */
-	{
-		if (!BN_nnmod(t, A, p, ctx))
-			goto end;
-		if (BN_is_zero(t)) {
-			/* special case: a == 0  (mod p) */
-			BN_zero(ret);
-			err = 0;
-			goto end;
-		} else if (!BN_one(x))
-			goto end;
-	} else {
-		if (!BN_mod_exp(x, A, t, p, ctx))
-			goto end;
-		if (BN_is_zero(x)) {
-			/* special case: a == 0  (mod p) */
-			BN_zero(ret);
-			err = 0;
-			goto end;
-		}
-	}
-
-	/* b := a*x^2  (= a^q) */
-	if (!BN_mod_sqr(b, x, p, ctx))
-		goto end;
-	if (!BN_mod_mul(b, b, A, p, ctx))
-		goto end;
-
-	/* x := a*x    (= a^((q+1)/2)) */
-	if (!BN_mod_mul(x, x, A, p, ctx))
-		goto end;
-
-	while (1) {
-		/* Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
-		 * where  E  refers to the original value of  e,  which we
-		 * don't keep in a variable),  and  x  is  a^((q+1)/2) * y^(k/2).
-		 *
-		 * We have  a*b = x^2,
-		 *    y^2^(e-1) = -1,
-		 *    b^2^(e-1) = 1.
-		 */
-
-		if (BN_is_one(b)) {
-			if (!BN_copy(ret, x))
-				goto end;
-			err = 0;
-			goto vrfy;
-		}
-
-
-		/* find smallest  i  such that  b^(2^i) = 1 */
-		i = 1;
-		if (!BN_mod_sqr(t, b, p, ctx))
-			goto end;
-		while (!BN_is_one(t)) {
-			i++;
-			if (i == e) {
-				BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-				goto end;
-			}
-			if (!BN_mod_mul(t, t, t, p, ctx))
-				goto end;
-		}
-
-
-		/* t := y^2^(e - i - 1) */
-		if (!BN_copy(t, y))
-			goto end;
-		for (j = e - i - 1; j > 0; j--) {
-			if (!BN_mod_sqr(t, t, p, ctx))
-				goto end;
-		}
-		if (!BN_mod_mul(y, t, t, p, ctx))
-			goto end;
-		if (!BN_mod_mul(x, x, t, p, ctx))
-			goto end;
-		if (!BN_mod_mul(b, b, y, p, ctx))
-			goto end;
-		e = i;
-	}
-
-vrfy:
-	if (!err) {
-		/* verify the result -- the input might have been not a square
-		 * (test added in 0.9.8) */
-
-		if (!BN_mod_sqr(x, ret, p, ctx))
-			err = 1;
-
-		if (!err && 0 != BN_cmp(x, A)) {
-			BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
-			err = 1;
-		}
-	}
-
-end:
-	if (err) {
-		if (ret != NULL && ret != in) {
-			BN_clear_free(ret);
-		}
-		ret = NULL;
-	}
-	BN_CTX_end(ctx);
-	bn_check_top(ret);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/bn/bn_word.c b/lib/libssl/src/crypto/bn/bn_word.c
deleted file mode 100644
index 71654586a1b..00000000000
--- a/lib/libssl/src/crypto/bn/bn_word.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* $OpenBSD: bn_word.c,v 1.13 2016/07/05 02:54:35 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "bn_lcl.h"
-
-BN_ULONG
-BN_mod_word(const BIGNUM *a, BN_ULONG w)
-{
-#ifndef BN_LLONG
-	BN_ULONG ret = 0;
-#else
-	BN_ULLONG ret = 0;
-#endif
-	int i;
-
-	if (w == 0)
-		return (BN_ULONG) - 1;
-
-#ifndef BN_ULLONG
-	/* If |w| is too long and we don't have |BN_ULLONG| then we need to fall back
-	* to using |BN_div_word|. */
-	if (w > ((BN_ULONG)1 << BN_BITS4)) {
-		BIGNUM *tmp = BN_dup(a);
-		if (tmp == NULL) {
-			return (BN_ULONG)-1;
-		}
-		ret = BN_div_word(tmp, w);
-		BN_free(tmp);
-		return ret;
-	}
-#endif
-
-	bn_check_top(a);
-	w &= BN_MASK2;
-	for (i = a->top - 1; i >= 0; i--) {
-#ifndef BN_LLONG
-		ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) &
-		    BN_MASK2l)) % w;
-		ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
-#else
-		ret = (BN_ULLONG)(((ret << (BN_ULLONG)BN_BITS2) |
-		    a->d[i]) % (BN_ULLONG)w);
-#endif
-	}
-	return ((BN_ULONG)ret);
-}
-
-BN_ULONG
-BN_div_word(BIGNUM *a, BN_ULONG w)
-{
-	BN_ULONG ret = 0;
-	int i, j;
-
-	bn_check_top(a);
-	w &= BN_MASK2;
-
-	if (!w)
-		/* actually this an error (division by zero) */
-		return (BN_ULONG) - 1;
-	if (a->top == 0)
-		return 0;
-
-	/* normalize input (so bn_div_words doesn't complain) */
-	j = BN_BITS2 - BN_num_bits_word(w);
-	w <<= j;
-	if (!BN_lshift(a, a, j))
-		return (BN_ULONG) - 1;
-
-	for (i = a->top - 1; i >= 0; i--) {
-		BN_ULONG l, d;
-
-		l = a->d[i];
-		d = bn_div_words(ret, l, w);
-		ret = (l - ((d*w)&BN_MASK2))&BN_MASK2;
-		a->d[i] = d;
-	}
-	if ((a->top > 0) && (a->d[a->top - 1] == 0))
-		a->top--;
-	ret >>= j;
-	bn_check_top(a);
-	return (ret);
-}
-
-int
-BN_add_word(BIGNUM *a, BN_ULONG w)
-{
-	BN_ULONG l;
-	int i;
-
-	bn_check_top(a);
-	w &= BN_MASK2;
-
-	/* degenerate case: w is zero */
-	if (!w)
-		return 1;
-	/* degenerate case: a is zero */
-	if (BN_is_zero(a))
-		return BN_set_word(a, w);
-	/* handle 'a' when negative */
-	if (a->neg) {
-		a->neg = 0;
-		i = BN_sub_word(a, w);
-		if (!BN_is_zero(a))
-			a->neg=!(a->neg);
-		return (i);
-	}
-	for (i = 0; w != 0 && i < a->top; i++) {
-		a->d[i] = l = (a->d[i] + w) & BN_MASK2;
-		w = (w > l) ? 1 : 0;
-	}
-	if (w && i == a->top) {
-		if (bn_wexpand(a, a->top + 1) == NULL)
-			return 0;
-		a->top++;
-		a->d[i] = w;
-	}
-	bn_check_top(a);
-	return (1);
-}
-
-int
-BN_sub_word(BIGNUM *a, BN_ULONG w)
-{
-	int i;
-
-	bn_check_top(a);
-	w &= BN_MASK2;
-
-	/* degenerate case: w is zero */
-	if (!w)
-		return 1;
-	/* degenerate case: a is zero */
-	if (BN_is_zero(a)) {
-		i = BN_set_word(a, w);
-		if (i != 0)
-			BN_set_negative(a, 1);
-		return i;
-	}
-	/* handle 'a' when negative */
-	if (a->neg) {
-		a->neg = 0;
-		i = BN_add_word(a, w);
-		a->neg = 1;
-		return (i);
-	}
-
-	if ((a->top == 1) && (a->d[0] < w)) {
-		a->d[0] = w - a->d[0];
-		a->neg = 1;
-		return (1);
-	}
-	i = 0;
-	for (;;) {
-		if (a->d[i] >= w) {
-			a->d[i] -= w;
-			break;
-		} else {
-			a->d[i] = (a->d[i] - w) & BN_MASK2;
-			i++;
-			w = 1;
-		}
-	}
-	if ((a->d[i] == 0) && (i == (a->top - 1)))
-		a->top--;
-	bn_check_top(a);
-	return (1);
-}
-
-int
-BN_mul_word(BIGNUM *a, BN_ULONG w)
-{
-	BN_ULONG ll;
-
-	bn_check_top(a);
-	w &= BN_MASK2;
-	if (a->top) {
-		if (w == 0)
-			BN_zero(a);
-		else {
-			ll = bn_mul_words(a->d, a->d, a->top, w);
-			if (ll) {
-				if (bn_wexpand(a, a->top + 1) == NULL)
-					return (0);
-				a->d[a->top++] = ll;
-			}
-		}
-	}
-	bn_check_top(a);
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/bn/bn_x931p.c b/lib/libssl/src/crypto/bn/bn_x931p.c
deleted file mode 100644
index 1948bc8e717..00000000000
--- a/lib/libssl/src/crypto/bn/bn_x931p.c
+++ /dev/null
@@ -1,279 +0,0 @@
-/* $OpenBSD: bn_x931p.c,v 1.8 2015/04/29 00:11:12 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/bn.h>
-
-/* X9.31 routines for prime derivation */
-
-/* X9.31 prime derivation. This is used to generate the primes pi
- * (p1, p2, q1, q2) from a parameter Xpi by checking successive odd
- * integers.
- */
-
-static int
-bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx, BN_GENCB *cb)
-{
-	int i = 0;
-
-	if (!BN_copy(pi, Xpi))
-		return 0;
-	if (!BN_is_odd(pi) && !BN_add_word(pi, 1))
-		return 0;
-	for (;;) {
-		i++;
-		BN_GENCB_call(cb, 0, i);
-		/* NB 27 MR is specificed in X9.31 */
-		if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb))
-			break;
-		if (!BN_add_word(pi, 2))
-			return 0;
-	}
-	BN_GENCB_call(cb, 2, i);
-	return 1;
-}
-
-/* This is the main X9.31 prime derivation function. From parameters
- * Xp1, Xp2 and Xp derive the prime p. If the parameters p1 or p2 are
- * not NULL they will be returned too: this is needed for testing.
- */
-
-int
-BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, const BIGNUM *Xp,
-    const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
-    BN_GENCB *cb)
-{
-	int ret = 0;
-
-	BIGNUM *t, *p1p2, *pm1;
-
-	/* Only even e supported */
-	if (!BN_is_odd(e))
-		return 0;
-
-	BN_CTX_start(ctx);
-	if (p1 == NULL) {
-		if ((p1 = BN_CTX_get(ctx)) == NULL)
-			goto err;
-	}
-	if (p2 == NULL) {
-		if ((p2 = BN_CTX_get(ctx)) == NULL)
-			goto err;
-	}
-
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((p1p2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((pm1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
-		goto err;
-
-	if (!bn_x931_derive_pi(p2, Xp2, ctx, cb))
-		goto err;
-
-	if (!BN_mul(p1p2, p1, p2, ctx))
-		goto err;
-
-	/* First set p to value of Rp */
-
-	if (!BN_mod_inverse(p, p2, p1, ctx))
-		goto err;
-
-	if (!BN_mul(p, p, p2, ctx))
-		goto err;
-
-	if (!BN_mod_inverse(t, p1, p2, ctx))
-		goto err;
-
-	if (!BN_mul(t, t, p1, ctx))
-		goto err;
-
-	if (!BN_sub(p, p, t))
-		goto err;
-
-	if (p->neg && !BN_add(p, p, p1p2))
-		goto err;
-
-	/* p now equals Rp */
-
-	if (!BN_mod_sub(p, p, Xp, p1p2, ctx))
-		goto err;
-
-	if (!BN_add(p, p, Xp))
-		goto err;
-
-	/* p now equals Yp0 */
-
-	for (;;) {
-		int i = 1;
-		BN_GENCB_call(cb, 0, i++);
-		if (!BN_copy(pm1, p))
-			goto err;
-		if (!BN_sub_word(pm1, 1))
-			goto err;
-		if (!BN_gcd(t, pm1, e, ctx))
-			goto err;
-		if (BN_is_one(t)
-		/* X9.31 specifies 8 MR and 1 Lucas test or any prime test
-		 * offering similar or better guarantees 50 MR is considerably
-		 * better.
-		 */
-		    && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb))
-			break;
-		if (!BN_add(p, p, p1p2))
-			goto err;
-	}
-
-	BN_GENCB_call(cb, 3, 0);
-
-	ret = 1;
-
-err:
-
-	BN_CTX_end(ctx);
-
-	return ret;
-}
-
-/* Generate pair of paramters Xp, Xq for X9.31 prime generation.
- * Note: nbits paramter is sum of number of bits in both.
- */
-
-int
-BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
-{
-	BIGNUM *t;
-	int i;
-	int ret = 0;
-
-	/* Number of bits for each prime is of the form
-	 * 512+128s for s = 0, 1, ...
-	 */
-	if ((nbits < 1024) || (nbits & 0xff))
-		return 0;
-	nbits >>= 1;
-	/* The random value Xp must be between sqrt(2) * 2^(nbits-1) and
-	 * 2^nbits - 1. By setting the top two bits we ensure that the lower
-	 * bound is exceeded.
-	 */
-	if (!BN_rand(Xp, nbits, 1, 0))
-		return 0;
-
-	BN_CTX_start(ctx);
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	for (i = 0; i < 1000; i++) {
-		if (!BN_rand(Xq, nbits, 1, 0))
-			goto err;
-		/* Check that |Xp - Xq| > 2^(nbits - 100) */
-		BN_sub(t, Xp, Xq);
-		if (BN_num_bits(t) > (nbits - 100))
-			break;
-	}
-
-	if (i < 1000)
-		ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-
-	return ret;
-}
-
-/* Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1
- * and Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL
- * the relevant parameter will be stored in it.
- *
- * Due to the fact that |Xp - Xq| > 2^(nbits - 100) must be satisfied Xp and Xq
- * are generated using the previous function and supplied as input.
- */
-
-int
-BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
-    BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb)
-{
-	int ret = 0;
-
-	BN_CTX_start(ctx);
-	if (Xp1 == NULL) {
-		if ((Xp1 = BN_CTX_get(ctx)) == NULL)
-			goto error;
-	}
-	if (Xp2 == NULL) {
-		if ((Xp2 = BN_CTX_get(ctx)) == NULL)
-			goto error;
-	}
-
-	if (!BN_rand(Xp1, 101, 0, 0))
-		goto error;
-	if (!BN_rand(Xp2, 101, 0, 0))
-		goto error;
-	if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
-		goto error;
-
-	ret = 1;
-
-error:
-	BN_CTX_end(ctx);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/buffer/buf_err.c b/lib/libssl/src/crypto/buffer/buf_err.c
deleted file mode 100644
index 8256e89843a..00000000000
--- a/lib/libssl/src/crypto/buffer/buf_err.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* $OpenBSD: buf_err.c,v 1.10 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
-
-static ERR_STRING_DATA BUF_str_functs[] = {
-	{ERR_FUNC(BUF_F_BUF_MEMDUP),	"BUF_memdup"},
-	{ERR_FUNC(BUF_F_BUF_MEM_GROW),	"BUF_MEM_grow"},
-	{ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN),	"BUF_MEM_grow_clean"},
-	{ERR_FUNC(BUF_F_BUF_MEM_NEW),	"BUF_MEM_new"},
-	{ERR_FUNC(BUF_F_BUF_STRDUP),	"BUF_strdup"},
-	{ERR_FUNC(BUF_F_BUF_STRNDUP),	"BUF_strndup"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA BUF_str_reasons[] = {
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_BUF_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, BUF_str_functs);
-		ERR_load_strings(0, BUF_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/buffer/buf_str.c b/lib/libssl/src/crypto/buffer/buf_str.c
deleted file mode 100644
index f7e4c0b966d..00000000000
--- a/lib/libssl/src/crypto/buffer/buf_str.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* $OpenBSD: buf_str.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
-/*
- * Copyright (c) 2014 Bob Beck
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-/*
- * XXX these functions accept a NULL arg and return NULL
- * when the standard ones do not. we should at an appropriate
- * time change these to find the bad callers
- */
-
-char *
-BUF_strdup(const char *str)
-{
-	char *ret = NULL;
-
-	if (str != NULL) {
-		if (!(ret = strdup(str)))
-			BUFerr(BUF_F_BUF_STRDUP, ERR_R_MALLOC_FAILURE);
-	}
-	return ret;
-}
-
-char *
-BUF_strndup(const char *str, size_t siz)
-{
-	char *ret = NULL;
-
-	if (str != NULL) {
-		if (!(ret = strndup(str, siz)))
-			BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE);
-	}
-	return ret;
-}
-
-void *
-BUF_memdup(const void *data, size_t siz)
-{
-	void *ret = NULL;
-
-	if (data != NULL) {
-		if (!(ret = malloc(siz)))
-			BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE);
-		else
-			(void) memcpy(ret, data, siz);
-	}
-	return ret;
-}
-
-size_t
-BUF_strlcpy(char *dst, const char *src, size_t size)
-{
-	return strlcpy(dst, src, size);
-}
-
-size_t
-BUF_strlcat(char *dst, const char *src, size_t size)
-{
-	return strlcat(dst, src, size);
-}
diff --git a/lib/libssl/src/crypto/buffer/buffer.c b/lib/libssl/src/crypto/buffer/buffer.c
deleted file mode 100644
index ac3729d52b5..00000000000
--- a/lib/libssl/src/crypto/buffer/buffer.c
+++ /dev/null
@@ -1,194 +0,0 @@
-/* $OpenBSD: buffer.c,v 1.21 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-
-/* LIMIT_BEFORE_EXPANSION is the maximum n such that (n+3)/3*4 < 2**31. That
- * function is applied in several functions in this file and this limit ensures
- * that the result fits in an int. */
-#define LIMIT_BEFORE_EXPANSION 0x5ffffffc
-
-BUF_MEM *
-BUF_MEM_new(void)
-{
-	BUF_MEM *ret;
-
-	ret = malloc(sizeof(BUF_MEM));
-	if (ret == NULL) {
-		BUFerr(BUF_F_BUF_MEM_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->length = 0;
-	ret->max = 0;
-	ret->data = NULL;
-	return (ret);
-}
-
-void
-BUF_MEM_free(BUF_MEM *a)
-{
-	if (a == NULL)
-		return;
-
-	if (a->data != NULL) {
-		explicit_bzero(a->data, a->max);
-		free(a->data);
-	}
-	free(a);
-}
-
-int
-BUF_MEM_grow(BUF_MEM *str, size_t len)
-{
-	char *ret;
-	size_t n;
-
-	if (str->length >= len) {
-		str->length = len;
-		return (len);
-	}
-	if (str->max >= len) {
-		memset(&str->data[str->length], 0, len - str->length);
-		str->length = len;
-		return (len);
-	}
-	/* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
-	if (len > LIMIT_BEFORE_EXPANSION) {
-		BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	n = (len + 3) / 3 * 4;
-	ret = realloc(str->data, n);
-	if (ret == NULL) {
-		BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
-		len = 0;
-	} else {
-		str->data = ret;
-		str->max = n;
-		memset(&str->data[str->length], 0, len - str->length);
-		str->length = len;
-	}
-	return (len);
-}
-
-int
-BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
-{
-	char *ret;
-	size_t n;
-
-	if (str->length >= len) {
-		memset(&str->data[len], 0, str->length - len);
-		str->length = len;
-		return (len);
-	}
-	if (str->max >= len) {
-		memset(&str->data[str->length], 0, len - str->length);
-		str->length = len;
-		return (len);
-	}
-	/* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
-	if (len > LIMIT_BEFORE_EXPANSION) {
-		BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	n = (len + 3) / 3 * 4;
-	ret = malloc(n);
-	/* we're not shrinking - that case returns above */
-	if ((ret != NULL)  && (str->data != NULL)) {
-		memcpy(ret, str->data, str->max);
-		explicit_bzero(str->data, str->max);
-		free(str->data);
-	}
-	if (ret == NULL) {
-		BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
-		len = 0;
-	} else {
-		str->data = ret;
-		str->max = n;
-		memset(&str->data[str->length], 0, len - str->length);
-		str->length = len;
-	}
-	return (len);
-}
-
-void
-BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
-{
-	size_t i;
-
-	if (in) {
-		out += size - 1;
-		for (i = 0; i < size; i++)
-			*out-- = *in++;
-	} else {
-		unsigned char *q;
-		char c;
-		q = out + size - 1;
-		for (i = 0; i < size / 2; i++) {
-			c = *q;
-			*q-- = *out;
-			*out++ = c;
-		}
-	}
-}
diff --git a/lib/libssl/src/crypto/buffer/buffer.h b/lib/libssl/src/crypto/buffer/buffer.h
deleted file mode 100644
index ed6dac0e69f..00000000000
--- a/lib/libssl/src/crypto/buffer/buffer.h
+++ /dev/null
@@ -1,122 +0,0 @@
-/* $OpenBSD: buffer.h,v 1.15 2015/06/24 10:05:14 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_BUFFER_H
-#define HEADER_BUFFER_H
-#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
-#define __bounded__(x, y, z)
-#endif
-
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#include <stddef.h>
-#include <sys/types.h>
-
-/* Already declared in ossl_typ.h */
-/* typedef struct buf_mem_st BUF_MEM; */
-
-struct buf_mem_st {
-	size_t length;	/* current number of bytes */
-	char *data;
-	size_t max;	/* size of buffer */
-};
-
-BUF_MEM *BUF_MEM_new(void);
-void	BUF_MEM_free(BUF_MEM *a);
-int	BUF_MEM_grow(BUF_MEM *str, size_t len);
-int	BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
-
-#ifndef LIBRESSL_INTERNAL
-char *	BUF_strdup(const char *str);
-char *	BUF_strndup(const char *str, size_t siz);
-void *	BUF_memdup(const void *data, size_t siz);
-void	BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
-
-/* safe string functions */
-size_t BUF_strlcpy(char *dst, const char *src, size_t siz)
-	__attribute__ ((__bounded__(__string__,1,3)));
-size_t BUF_strlcat(char *dst, const char *src, size_t siz)
-	__attribute__ ((__bounded__(__string__,1,3)));
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_BUF_strings(void);
-
-/* Error codes for the BUF functions. */
-
-/* Function codes. */
-#define BUF_F_BUF_MEMDUP				 103
-#define BUF_F_BUF_MEM_GROW				 100
-#define BUF_F_BUF_MEM_GROW_CLEAN			 105
-#define BUF_F_BUF_MEM_NEW				 101
-#define BUF_F_BUF_STRDUP				 102
-#define BUF_F_BUF_STRNDUP				 104
-
-/* Reason codes. */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/camellia/asm/cmll-x86.pl b/lib/libssl/src/crypto/camellia/asm/cmll-x86.pl
deleted file mode 100644
index 027302ac869..00000000000
--- a/lib/libssl/src/crypto/camellia/asm/cmll-x86.pl
+++ /dev/null
@@ -1,1138 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
-#
-# This module may be used under the terms of either the GNU General
-# Public License version 2 or later, the GNU Lesser General Public
-# License version 2.1 or later, the Mozilla Public License version
-# 1.1 or the BSD License. The exact terms of either license are
-# distributed along with this module. For further details see
-# http://www.openssl.org/~appro/camellia/.
-# ====================================================================
-
-# Performance in cycles per processed byte (less is better) in
-# 'openssl speed ...' benchmark:
-#
-#			AMD K8	Core2	PIII	P4
-# -evp camellia-128-ecb	21.5	22.8	27.0	28.9
-# + over gcc 3.4.6	+90/11% +70/10%	+53/4%	+160/64%
-# + over icc 8.0	+48/19% +21/15%	+21/17%	+55/37%
-#
-# camellia-128-cbc	17.3	21.1	23.9	25.9
-#
-# 128-bit key setup	196	280	256	240	cycles/key
-# + over gcc 3.4.6	+30/0%	+17/11%	+11/0%	+63/40%
-# + over icc 8.0	+18/3%	+10/0%	+10/3%	+21/10%
-#
-# Pairs of numbers in "+" rows represent performance improvement over
-# compiler generated position-independent code, PIC, and non-PIC
-# respectively. PIC results are of greater relevance, as this module
-# is position-independent, i.e. suitable for a shared library or PIE.
-# Position independence "costs" one register, which is why compilers
-# are so close with non-PIC results, they have an extra register to
-# spare. CBC results are better than ECB ones thanks to "zero-copy"
-# private _x86_* interface, and are ~30-40% better than with compiler
-# generated cmll_cbc.o, and reach ~80-90% of x86_64 performance on
-# same CPU (where applicable).
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-$OPENSSL=1;
-
-&asm_init($ARGV[0],"cmll-586.pl",$ARGV[$#ARGV] eq "386");
-
-@T=("eax","ebx","ecx","edx");
-$idx="esi";
-$key="edi";
-$Tbl="ebp";
-
-# stack frame layout in _x86_Camellia_* routines, frame is allocated
-# by caller
-$__ra=&DWP(0,"esp");	# return address
-$__s0=&DWP(4,"esp");	# s0 backing store
-$__s1=&DWP(8,"esp");	# s1 backing store
-$__s2=&DWP(12,"esp");	# s2 backing store
-$__s3=&DWP(16,"esp");	# s3 backing store
-$__end=&DWP(20,"esp");	# pointer to end/start of key schedule
-
-# stack frame layout in Camellia_[en|crypt] routines, which differs from
-# above by 4 and overlaps by pointer to end/start of key schedule
-$_end=&DWP(16,"esp");
-$_esp=&DWP(20,"esp");
-
-# const unsigned int Camellia_SBOX[4][256];
-# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
-# and [2][] - with [3][]. This is done to optimize code size.
-$SBOX1_1110=0;		# Camellia_SBOX[0]
-$SBOX4_4404=4;		# Camellia_SBOX[1]
-$SBOX2_0222=2048;	# Camellia_SBOX[2]
-$SBOX3_3033=2052;	# Camellia_SBOX[3]
-&static_label("Camellia_SIGMA");
-&static_label("Camellia_SBOX");
-
-sub Camellia_Feistel {
-my $i=@_[0];
-my $seed=defined(@_[1])?@_[1]:0;
-my $scale=$seed<0?-8:8;
-my $frame=defined(@_[2])?@_[2]:0;
-my $j=($i&1)*2;
-my $t0=@T[($j)%4],$t1=@T[($j+1)%4],$t2=@T[($j+2)%4],$t3=@T[($j+3)%4];
-
-	&xor	($t0,$idx);				# t0^=key[0]
-	&xor	($t1,&DWP($seed+$i*$scale+4,$key));	# t1^=key[1]
-	&movz	($idx,&HB($t0));			# (t0>>8)&0xff
-	&mov	($t3,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t3=SBOX3_3033[0]
-	&movz	($idx,&LB($t0));			# (t0>>0)&0xff
-	&xor	($t3,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t3^=SBOX4_4404[0]
-	&shr	($t0,16);
-	&movz	($idx,&LB($t1));			# (t1>>0)&0xff
-	&mov	($t2,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t2=SBOX1_1110[1]
-	&movz	($idx,&HB($t0));			# (t0>>24)&0xff
-	&xor	($t3,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t3^=SBOX1_1110[0]
-	&movz	($idx,&HB($t1));			# (t1>>8)&0xff
-	&xor	($t2,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t2^=SBOX4_4404[1]
-	&shr	($t1,16);
-	&movz	($t0,&LB($t0));				# (t0>>16)&0xff
-	&xor	($t3,&DWP($SBOX2_0222,$Tbl,$t0,8));	# t3^=SBOX2_0222[0]
-	&movz	($idx,&HB($t1));			# (t1>>24)&0xff
-	&mov	($t0,&DWP($frame+4*(($j+3)%4),"esp"));	# prefetch "s3"
-	&xor	($t2,$t3);				# t2^=t3
-	&rotr	($t3,8);				# t3=RightRotate(t3,8)
-	&xor	($t2,&DWP($SBOX2_0222,$Tbl,$idx,8));	# t2^=SBOX2_0222[1]
-	&movz	($idx,&LB($t1));			# (t1>>16)&0xff
-	&mov	($t1,&DWP($frame+4*(($j+2)%4),"esp"));	# prefetch "s2"
-	&xor	($t3,$t0);				# t3^=s3
-	&xor	($t2,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t2^=SBOX3_3033[1]
-	&mov	($idx,&DWP($seed+($i+1)*$scale,$key));	# prefetch key[i+1]
-	&xor	($t3,$t2);				# t3^=t2
-	&mov	(&DWP($frame+4*(($j+3)%4),"esp"),$t3);	# s3=t3
-	&xor	($t2,$t1);				# t2^=s2
-	&mov	(&DWP($frame+4*(($j+2)%4),"esp"),$t2);	# s2=t2
-}
-
-# void Camellia_EncryptBlock_Rounds(
-#		int grandRounds,
-#		const Byte plaintext[],
-#		const KEY_TABLE_TYPE keyTable,
-#		Byte ciphertext[])
-&function_begin("Camellia_EncryptBlock_Rounds");
-	&mov	("eax",&wparam(0));	# load grandRounds
-	&mov	($idx,&wparam(1));	# load plaintext pointer
-	&mov	($key,&wparam(2));	# load key schedule pointer
-
-	&mov	("ebx","esp");
-	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
-	&and	("esp",-64);
-
-	# place stack frame just "above mod 1024" the key schedule
-	# this ensures that cache associativity of 2 suffices
-	&lea	("ecx",&DWP(-64-63,$key));
-	&sub	("ecx","esp");
-	&neg	("ecx");
-	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp","ecx");
-	&add	("esp",4);	# 4 is reserved for callee's return address
-
-	&shl	("eax",6);
-	&lea	("eax",&DWP(0,$key,"eax"));
-	&mov	($_esp,"ebx");	# save %esp
-	&mov	($_end,"eax");	# save keyEnd
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-
-	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
-	&mov	(@T[1],&DWP(4,$idx));
-	&mov	(@T[2],&DWP(8,$idx));
-	&bswap	(@T[0]);
-	&mov	(@T[3],&DWP(12,$idx));
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&call	("_x86_Camellia_encrypt");
-
-	&mov	("esp",$_esp);
-	&bswap	(@T[0]);
-	&mov	($idx,&wparam(3));	# load ciphertext pointer
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
-	&mov	(&DWP(4,$idx),@T[1]);
-	&mov	(&DWP(8,$idx),@T[2]);
-	&mov	(&DWP(12,$idx),@T[3]);
-&function_end("Camellia_EncryptBlock_Rounds");
-# V1.x API
-&function_begin_B("Camellia_EncryptBlock");
-	&mov	("eax",128);
-	&sub	("eax",&wparam(0));	# load keyBitLength
-	&mov	("eax",3);
-	&adc	("eax",0);		# keyBitLength==128?3:4
-	&mov	(&wparam(0),"eax");
-	&jmp	(&label("Camellia_EncryptBlock_Rounds"));
-&function_end_B("Camellia_EncryptBlock");
-
-if ($OPENSSL) {
-# void Camellia_encrypt(
-#		const unsigned char *in,
-#		unsigned char *out,
-#		const CAMELLIA_KEY *key)
-&function_begin("Camellia_encrypt");
-	&mov	($idx,&wparam(0));	# load plaintext pointer
-	&mov	($key,&wparam(2));	# load key schedule pointer
-
-	&mov	("ebx","esp");
-	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
-	&and	("esp",-64);
-	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
-
-	# place stack frame just "above mod 1024" the key schedule
-	# this ensures that cache associativity of 2 suffices
-	&lea	("ecx",&DWP(-64-63,$key));
-	&sub	("ecx","esp");
-	&neg	("ecx");
-	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp","ecx");
-	&add	("esp",4);	# 4 is reserved for callee's return address
-
-	&shl	("eax",6);
-	&lea	("eax",&DWP(0,$key,"eax"));
-	&mov	($_esp,"ebx");	# save %esp
-	&mov	($_end,"eax");	# save keyEnd
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-
-	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
-	&mov	(@T[1],&DWP(4,$idx));
-	&mov	(@T[2],&DWP(8,$idx));
-	&bswap	(@T[0]);
-	&mov	(@T[3],&DWP(12,$idx));
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&call	("_x86_Camellia_encrypt");
-
-	&mov	("esp",$_esp);
-	&bswap	(@T[0]);
-	&mov	($idx,&wparam(1));	# load ciphertext pointer
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
-	&mov	(&DWP(4,$idx),@T[1]);
-	&mov	(&DWP(8,$idx),@T[2]);
-	&mov	(&DWP(12,$idx),@T[3]);
-&function_end("Camellia_encrypt");
-}
-
-&function_begin_B("_x86_Camellia_encrypt");
-	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
-	&xor	(@T[1],&DWP(4,$key));
-	&xor	(@T[2],&DWP(8,$key));
-	&xor	(@T[3],&DWP(12,$key));
-	&mov	($idx,&DWP(16,$key));	# prefetch key[4]
-
-	&mov	($__s0,@T[0]);		# save s[0-3]
-	&mov	($__s1,@T[1]);
-	&mov	($__s2,@T[2]);
-	&mov	($__s3,@T[3]);
-
-&set_label("loop",16);
-	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16,4); }
-
-	&add	($key,16*4);
-	&cmp	($key,$__end);
-	&je	(&label("done"));
-
-	# @T[0-1] are preloaded, $idx is preloaded with key[0]
-	&and	($idx,@T[0]);
-	 &mov	 (@T[3],$__s3);
-	&rotl	($idx,1);
-	 &mov	 (@T[2],@T[3]);
-	&xor	(@T[1],$idx);
-	 &or	 (@T[2],&DWP(12,$key));
-	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
-	 &xor	 (@T[2],$__s2);
-
-	&mov	($idx,&DWP(4,$key));
-	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
-	&or	($idx,@T[1]);
-	 &and	 (@T[2],&DWP(8,$key));
-	&xor	(@T[0],$idx);
-	 &rotl	 (@T[2],1);
-	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
-	 &xor	 (@T[3],@T[2]);
-	&mov	($idx,&DWP(16,$key));		# prefetch key[4]
-	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
-	&jmp	(&label("loop"));
-
-&set_label("done",8);
-	&mov	(@T[2],@T[0]);		# SwapHalf
-	&mov	(@T[3],@T[1]);
-	&mov	(@T[0],$__s2);
-	&mov	(@T[1],$__s3);
-	&xor	(@T[0],$idx);		# $idx is preloaded with key[0]
-	&xor	(@T[1],&DWP(4,$key));
-	&xor	(@T[2],&DWP(8,$key));
-	&xor	(@T[3],&DWP(12,$key));
-	&ret	();
-&function_end_B("_x86_Camellia_encrypt");
-
-# void Camellia_DecryptBlock_Rounds(
-#		int grandRounds,
-#		const Byte ciphertext[],
-#		const KEY_TABLE_TYPE keyTable,
-#		Byte plaintext[])
-&function_begin("Camellia_DecryptBlock_Rounds");
-	&mov	("eax",&wparam(0));	# load grandRounds
-	&mov	($idx,&wparam(1));	# load ciphertext pointer
-	&mov	($key,&wparam(2));	# load key schedule pointer
-
-	&mov	("ebx","esp");
-	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
-	&and	("esp",-64);
-
-	# place stack frame just "above mod 1024" the key schedule
-	# this ensures that cache associativity of 2 suffices
-	&lea	("ecx",&DWP(-64-63,$key));
-	&sub	("ecx","esp");
-	&neg	("ecx");
-	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp","ecx");
-	&add	("esp",4);	# 4 is reserved for callee's return address
-
-	&shl	("eax",6);
-	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
-	&lea	($key,&DWP(0,$key,"eax"));
-	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-
-	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
-	&mov	(@T[1],&DWP(4,$idx));
-	&mov	(@T[2],&DWP(8,$idx));
-	&bswap	(@T[0]);
-	&mov	(@T[3],&DWP(12,$idx));
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&call	("_x86_Camellia_decrypt");
-
-	&mov	("esp",&DWP(5*4,"esp"));
-	&bswap	(@T[0]);
-	&mov	($idx,&wparam(3));	# load plaintext pointer
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
-	&mov	(&DWP(4,$idx),@T[1]);
-	&mov	(&DWP(8,$idx),@T[2]);
-	&mov	(&DWP(12,$idx),@T[3]);
-&function_end("Camellia_DecryptBlock_Rounds");
-# V1.x API
-&function_begin_B("Camellia_DecryptBlock");
-	&mov	("eax",128);
-	&sub	("eax",&wparam(0));	# load keyBitLength
-	&mov	("eax",3);
-	&adc	("eax",0);		# keyBitLength==128?3:4
-	&mov	(&wparam(0),"eax");
-	&jmp	(&label("Camellia_DecryptBlock_Rounds"));
-&function_end_B("Camellia_DecryptBlock");
-
-if ($OPENSSL) {
-# void Camellia_decrypt(
-#		const unsigned char *in,
-#		unsigned char *out,
-#		const CAMELLIA_KEY *key)
-&function_begin("Camellia_decrypt");
-	&mov	($idx,&wparam(0));	# load ciphertext pointer
-	&mov	($key,&wparam(2));	# load key schedule pointer
-
-	&mov	("ebx","esp");
-	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
-	&and	("esp",-64);
-	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
-
-	# place stack frame just "above mod 1024" the key schedule
-	# this ensures that cache associativity of 2 suffices
-	&lea	("ecx",&DWP(-64-63,$key));
-	&sub	("ecx","esp");
-	&neg	("ecx");
-	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp","ecx");
-	&add	("esp",4);	# 4 is reserved for callee's return address
-
-	&shl	("eax",6);
-	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
-	&lea	($key,&DWP(0,$key,"eax"));
-	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-
-	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
-	&mov	(@T[1],&DWP(4,$idx));
-	&mov	(@T[2],&DWP(8,$idx));
-	&bswap	(@T[0]);
-	&mov	(@T[3],&DWP(12,$idx));
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&call	("_x86_Camellia_decrypt");
-
-	&mov	("esp",&DWP(5*4,"esp"));
-	&bswap	(@T[0]);
-	&mov	($idx,&wparam(1));	# load plaintext pointer
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
-	&mov	(&DWP(4,$idx),@T[1]);
-	&mov	(&DWP(8,$idx),@T[2]);
-	&mov	(&DWP(12,$idx),@T[3]);
-&function_end("Camellia_decrypt");
-}
-
-&function_begin_B("_x86_Camellia_decrypt");
-	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
-	&xor	(@T[1],&DWP(4,$key));
-	&xor	(@T[2],&DWP(8,$key));
-	&xor	(@T[3],&DWP(12,$key));
-	&mov	($idx,&DWP(-8,$key));	# prefetch key[-2]
-
-	&mov	($__s0,@T[0]);		# save s[0-3]
-	&mov	($__s1,@T[1]);
-	&mov	($__s2,@T[2]);
-	&mov	($__s3,@T[3]);
-
-&set_label("loop",16);
-	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8,4); }
-
-	&sub	($key,16*4);
-	&cmp	($key,$__end);
-	&je	(&label("done"));
-
-	# @T[0-1] are preloaded, $idx is preloaded with key[2]
-	&and	($idx,@T[0]);
-	 &mov	 (@T[3],$__s3);
-	&rotl	($idx,1);
-	 &mov	 (@T[2],@T[3]);
-	&xor	(@T[1],$idx);
-	 &or	 (@T[2],&DWP(4,$key));
-	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
-	 &xor	 (@T[2],$__s2);
-
-	&mov	($idx,&DWP(12,$key));
-	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
-	&or	($idx,@T[1]);
-	 &and	 (@T[2],&DWP(0,$key));
-	&xor	(@T[0],$idx);
-	 &rotl	 (@T[2],1);
-	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
-	 &xor	 (@T[3],@T[2]);
-	&mov	($idx,&DWP(-8,$key));	# prefetch key[4]
-	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
-	&jmp	(&label("loop"));
-
-&set_label("done",8);
-	&mov	(@T[2],@T[0]);		# SwapHalf
-	&mov	(@T[3],@T[1]);
-	&mov	(@T[0],$__s2);
-	&mov	(@T[1],$__s3);
-	&xor	(@T[2],$idx);		# $idx is preloaded with key[2]
-	&xor	(@T[3],&DWP(12,$key));
-	&xor	(@T[0],&DWP(0,$key));
-	&xor	(@T[1],&DWP(4,$key));
-	&ret	();
-&function_end_B("_x86_Camellia_decrypt");
-
-# shld is very slow on Intel P4 family. Even on AMD it limits
-# instruction decode rate [because it's VectorPath] and consequently
-# performance. PIII, PM and Core[2] seem to be the only ones which
-# execute this code ~7% faster...
-sub __rotl128 {
-  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
-
-    $rnd *= 2;
-    if ($rot) {
-	&mov	($idx,$i0);
-	&shld	($i0,$i1,$rot);
-	&shld	($i1,$i2,$rot);
-	&shld	($i2,$i3,$rot);
-	&shld	($i3,$idx,$rot);
-    }
-    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
-    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
-    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
-    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
-}
-
-# ... Implementing 128-bit rotate without shld gives >3x performance
-# improvement on P4, only ~7% degradation on other Intel CPUs and
-# not worse performance on AMD. This is therefore preferred.
-sub _rotl128 {
-  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
-
-    $rnd *= 2;
-    if ($rot) {
-	&mov	($Tbl,$i0);
-	&shl	($i0,$rot);
-	&mov	($idx,$i1);
-	&shr	($idx,32-$rot);
-	&shl	($i1,$rot);
-	&or	($i0,$idx);
-	&mov	($idx,$i2);
-	&shl	($i2,$rot);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
-	&shr	($idx,32-$rot);
-	&or	($i1,$idx);
-	&shr	($Tbl,32-$rot);
-	&mov	($idx,$i3);
-	&shr	($idx,32-$rot);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
-	&shl	($i3,$rot);
-	&or	($i2,$idx);
-	&or	($i3,$Tbl);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
-    } else {
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
-	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
-    }
-}
-
-sub _saveround {
-my ($rnd,$key,@T)=@_;
-my $bias=int(@T[0])?shift(@T):0;
-
-	&mov	(&DWP($bias+$rnd*8+0,$key),@T[0]);
-	&mov	(&DWP($bias+$rnd*8+4,$key),@T[1])	if ($#T>=1);
-	&mov	(&DWP($bias+$rnd*8+8,$key),@T[2])	if ($#T>=2);
-	&mov	(&DWP($bias+$rnd*8+12,$key),@T[3])	if ($#T>=3);
-}
-
-sub _loadround {
-my ($rnd,$key,@T)=@_;
-my $bias=int(@T[0])?shift(@T):0;
-
-	&mov	(@T[0],&DWP($bias+$rnd*8+0,$key));
-	&mov	(@T[1],&DWP($bias+$rnd*8+4,$key))	if ($#T>=1);
-	&mov	(@T[2],&DWP($bias+$rnd*8+8,$key))	if ($#T>=2);
-	&mov	(@T[3],&DWP($bias+$rnd*8+12,$key))	if ($#T>=3);
-}
-
-# void Camellia_Ekeygen(
-#		const int keyBitLength,
-#		const Byte *rawKey,
-#		KEY_TABLE_TYPE keyTable)
-&function_begin("Camellia_Ekeygen");
-{ my $step=0;
-
-	&stack_push(4);				# place for s[0-3]
-
-	&mov	($Tbl,&wparam(0));		# load arguments
-	&mov	($idx,&wparam(1));
-	&mov	($key,&wparam(2));
-
-	&mov	(@T[0],&DWP(0,$idx));		# load 0-127 bits
-	&mov	(@T[1],&DWP(4,$idx));
-	&mov	(@T[2],&DWP(8,$idx));
-	&mov	(@T[3],&DWP(12,$idx));
-
-	&bswap	(@T[0]);
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&_saveround	(0,$key,@T);		# KL<<<0
-
-	&cmp	($Tbl,128);
-	&je	(&label("1st128"));
-
-	&mov	(@T[0],&DWP(16,$idx));		# load 128-191 bits
-	&mov	(@T[1],&DWP(20,$idx));
-	&cmp	($Tbl,192);
-	&je	(&label("1st192"));
-	&mov	(@T[2],&DWP(24,$idx));		# load 192-255 bits
-	&mov	(@T[3],&DWP(28,$idx));
-	&jmp	(&label("1st256"));
-&set_label("1st192",4);
-	&mov	(@T[2],@T[0]);
-	&mov	(@T[3],@T[1]);
-	&not	(@T[2]);
-	&not	(@T[3]);
-&set_label("1st256",4);
-	&bswap	(@T[0]);
-	&bswap	(@T[1]);
-	&bswap	(@T[2]);
-	&bswap	(@T[3]);
-
-	&_saveround	(4,$key,@T);		# temporary storage for KR!
-
-	&xor	(@T[0],&DWP(0*8+0,$key));	# KR^KL
-	&xor	(@T[1],&DWP(0*8+4,$key));
-	&xor	(@T[2],&DWP(1*8+0,$key));
-	&xor	(@T[3],&DWP(1*8+4,$key));
-
-&set_label("1st128",4);
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-	&lea	($key,&DWP(&label("Camellia_SIGMA")."-".&label("Camellia_SBOX"),$Tbl));
-
-	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[0]
-	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
-	&mov	(&swtmp(1),@T[1]);
-	&mov	(&swtmp(2),@T[2]);
-	&mov	(&swtmp(3),@T[3]);
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-	&mov	(@T[2],&swtmp(2));
-	&mov	(@T[3],&swtmp(3));
-
-	&mov	($idx,&wparam(2));
-	&xor	(@T[0],&DWP(0*8+0,$idx));	# ^KL
-	&xor	(@T[1],&DWP(0*8+4,$idx));
-	&xor	(@T[2],&DWP(1*8+0,$idx));
-	&xor	(@T[3],&DWP(1*8+4,$idx));
-
-	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[4]
-	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
-	&mov	(&swtmp(1),@T[1]);
-	&mov	(&swtmp(2),@T[2]);
-	&mov	(&swtmp(3),@T[3]);
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-	&mov	(@T[2],&swtmp(2));
-	&mov	(@T[3],&swtmp(3));
-
-	&mov	($idx,&wparam(0));
-	&cmp	($idx,128);
-	&jne	(&label("2nd256"));
-
-	&mov	($key,&wparam(2));
-	&lea	($key,&DWP(128,$key));		# size optimization
-
-	####### process KA
-	&_saveround	(2,$key,-128,@T);	# KA<<<0
-	&_rotl128	(@T,15,6,@T);		# KA<<<15
-	&_rotl128	(@T,15,8,@T);		# KA<<<(15+15=30)
-	&_rotl128	(@T,15,12,@T[0],@T[1]);	# KA<<<(30+15=45)
-	&_rotl128	(@T,15,14,@T);		# KA<<<(45+15=60)
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,2,20,@T);		# KA<<<(60+32+2=94)
-	&_rotl128	(@T,17,24,@T);		# KA<<<(94+17=111)
-
-	####### process KL
-	&_loadround	(0,$key,-128,@T);	# load KL
-	&_rotl128	(@T,15,4,@T);		# KL<<<15
-	&_rotl128	(@T,30,10,@T);		# KL<<<(15+30=45)
-	&_rotl128	(@T,15,13,@T[2],@T[3]);	# KL<<<(45+15=60)
-	&_rotl128	(@T,17,16,@T);		# KL<<<(60+17=77)
-	&_rotl128	(@T,17,18,@T);		# KL<<<(77+17=94)
-	&_rotl128	(@T,17,22,@T);		# KL<<<(94+17=111)
-
-	while (@T[0] ne "eax")			# restore order
-	{   unshift	(@T,pop(@T));   }
-
-	&mov	("eax",3);			# 3 grandRounds
-	&jmp	(&label("done"));
-
-&set_label("2nd256",16);
-	&mov	($idx,&wparam(2));
-	&_saveround	(6,$idx,@T);		# temporary storage for KA!
-
-	&xor	(@T[0],&DWP(4*8+0,$idx));	# KA^KR
-	&xor	(@T[1],&DWP(4*8+4,$idx));
-	&xor	(@T[2],&DWP(5*8+0,$idx));
-	&xor	(@T[3],&DWP(5*8+4,$idx));
-
-	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[8]
-	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
-	&mov	(&swtmp(1),@T[1]);
-	&mov	(&swtmp(2),@T[2]);
-	&mov	(&swtmp(3),@T[3]);
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-	&mov	(@T[2],&swtmp(2));
-	&mov	(@T[3],&swtmp(3));
-
-	&mov	($key,&wparam(2));
-	&lea	($key,&DWP(128,$key));		# size optimization
-
-	####### process KB
-	&_saveround	(2,$key,-128,@T);	# KB<<<0
-	&_rotl128	(@T,30,10,@T);		# KB<<<30
-	&_rotl128	(@T,30,20,@T);		# KB<<<(30+30=60)
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,19,32,@T);		# KB<<<(60+32+19=111)
-
-	####### process KR
-	&_loadround	(4,$key,-128,@T);	# load KR
-	&_rotl128	(@T,15,4,@T);		# KR<<<15
-	&_rotl128	(@T,15,8,@T);		# KR<<<(15+15=30)
-	&_rotl128	(@T,30,18,@T);		# KR<<<(30+30=60)
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,2,26,@T);		# KR<<<(60+32+2=94)
-
-	####### process KA
-	&_loadround	(6,$key,-128,@T);	# load KA
-	&_rotl128	(@T,15,6,@T);		# KA<<<15
-	&_rotl128	(@T,30,14,@T);		# KA<<<(15+30=45)
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,0,24,@T);		# KA<<<(45+32+0=77)
-	&_rotl128	(@T,17,28,@T);		# KA<<<(77+17=94)
-
-	####### process KL
-	&_loadround	(0,$key,-128,@T);	# load KL
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,13,12,@T);		# KL<<<(32+13=45)
-	&_rotl128	(@T,15,16,@T);		# KL<<<(45+15=60)
-	&_rotl128	(@T,17,22,@T);		# KL<<<(60+17=77)
-	push		(@T,shift(@T));		# rotl128(@T,32);
-	&_rotl128	(@T,2,30,@T);		# KL<<<(77+32+2=111)
-
-	while (@T[0] ne "eax")			# restore order
-	{   unshift	(@T,pop(@T));   }
-
-	&mov	("eax",4);			# 4 grandRounds
-&set_label("done");
-	&lea	("edx",&DWP(272-128,$key));	# end of key schedule
-	&stack_pop(4);
-}
-&function_end("Camellia_Ekeygen");
-
-if ($OPENSSL) {
-# int Camellia_set_key (
-#		const unsigned char *userKey,
-#		int bits,
-#		CAMELLIA_KEY *key)
-&function_begin_B("Camellia_set_key");
-	&push	("ebx");
-	&mov	("ecx",&wparam(0));	# pull arguments
-	&mov	("ebx",&wparam(1));
-	&mov	("edx",&wparam(2));
-
-	&mov	("eax",-1);
-	&test	("ecx","ecx");
-	&jz	(&label("done"));	# userKey==NULL?
-	&test	("edx","edx");
-	&jz	(&label("done"));	# key==NULL?
-
-	&mov	("eax",-2);
-	&cmp	("ebx",256);
-	&je	(&label("arg_ok"));	# bits==256?
-	&cmp	("ebx",192);
-	&je	(&label("arg_ok"));	# bits==192?
-	&cmp	("ebx",128);
-	&jne	(&label("done"));	# bits!=128?
-&set_label("arg_ok",4);
-
-	&push	("edx");		# push arguments
-	&push	("ecx");
-	&push	("ebx");
-	&call	("Camellia_Ekeygen");
-	&stack_pop(3);
-
-	# eax holds grandRounds and edx points at where to put it
-	&mov	(&DWP(0,"edx"),"eax");
-	&xor	("eax","eax");
-&set_label("done",4);
-	&pop	("ebx");
-	&ret	();
-&function_end_B("Camellia_set_key");
-}
-
-@SBOX=(
-112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
- 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
-134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
-166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
-139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
-223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
- 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
-254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
-170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
- 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
-135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
- 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
-233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
-120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
-114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
- 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
-
-sub S1110 { my $i=shift; $i=@SBOX[$i]; return $i<<24|$i<<16|$i<<8; }
-sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; return $i<<24|$i<<16|$i; }	
-sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; return $i<<16|$i<<8|$i; }	
-sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; return $i<<24|$i<<8|$i; }	
-
-&set_label("Camellia_SIGMA",64);
-&data_word(
-    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2,
-    0xc6ef372f, 0xe94f82be, 0x54ff53a5, 0xf1d36f1c,
-    0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd,
-    0,          0,          0,          0);
-&set_label("Camellia_SBOX",64);
-# tables are interleaved, remember?
-for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
-for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
-
-# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const CAMELLIA_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-# stack frame layout
-#             -4(%esp)		# return address	 0(%esp)
-#              0(%esp)		# s0			 4(%esp)
-#              4(%esp)		# s1			 8(%esp)
-#              8(%esp)		# s2			12(%esp)
-#             12(%esp)		# s3			16(%esp)
-#             16(%esp)		# end of key schedule	20(%esp)
-#             20(%esp)		# %esp backup
-my $_inp=&DWP(24,"esp");	#copy of wparam(0)
-my $_out=&DWP(28,"esp");	#copy of wparam(1)
-my $_len=&DWP(32,"esp");	#copy of wparam(2)
-my $_key=&DWP(36,"esp");	#copy of wparam(3)
-my $_ivp=&DWP(40,"esp");	#copy of wparam(4)
-my $ivec=&DWP(44,"esp");	#ivec[16]
-my $_tmp=&DWP(44,"esp");	#volatile variable [yes, aliases with ivec]
-my ($s0,$s1,$s2,$s3) = @T;
-
-&function_begin("Camellia_cbc_encrypt");
-	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
-	&cmp	($s2,0);
-	&je	(&label("enc_out"));
-
-	&pushf	();
-	&cld	();
-
-	&mov	($s0,&wparam(0));	# load inp
-	&mov	($s1,&wparam(1));	# load out
-	#&mov	($s2,&wparam(2));	# load len
-	&mov	($s3,&wparam(3));	# load key
-	&mov	($Tbl,&wparam(4));	# load ivp
-
-	# allocate aligned stack frame...
-	&lea	($idx,&DWP(-64,"esp"));
-	&and	($idx,-64);
-
-	# place stack frame just "above mod 1024" the key schedule
-	# this ensures that cache associativity of 2 suffices
-	&lea	($key,&DWP(-64-63,$s3));
-	&sub	($key,$idx);
-	&neg	($key);
-	&and	($key,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	($idx,$key);
-
-	&mov	($key,&wparam(5));	# load enc
-
-	&exch	("esp",$idx);
-	&add	("esp",4);		# reserve for return address!
-	&mov	($_esp,$idx);		# save %esp
-
-	&mov	($_inp,$s0);		# save copy of inp
-	&mov	($_out,$s1);		# save copy of out
-	&mov	($_len,$s2);		# save copy of len
-	&mov	($_key,$s3);		# save copy of key
-	&mov	($_ivp,$Tbl);		# save copy of ivp
-
-	&call   (&label("pic_point"));	# make it PIC!
-	&set_label("pic_point");
-	&blindpop($Tbl);
-	&lea    ($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
-
-	&mov	($idx,32);
-	&set_label("prefetch_sbox",4);
-		&mov	($s0,&DWP(0,$Tbl));
-		&mov	($s1,&DWP(32,$Tbl));
-		&mov	($s2,&DWP(64,$Tbl));
-		&mov	($s3,&DWP(96,$Tbl));
-		&lea	($Tbl,&DWP(128,$Tbl));
-		&dec	($idx);
-	&jnz	(&label("prefetch_sbox"));
-	&mov	($s0,$_key);
-	&sub	($Tbl,4096);
-	&mov	($idx,$_inp);
-	&mov	($s3,&DWP(272,$s0));		# load grandRounds
-
-	&cmp	($key,0);
-	&je	(&label("DECRYPT"));
-
-	&mov	($s2,$_len);
-	&mov	($key,$_ivp);
-	&shl	($s3,6);
-	&lea	($s3,&DWP(0,$s0,$s3));
-	&mov	($_end,$s3);
-
-	&test	($s2,0xFFFFFFF0);
-	&jz	(&label("enc_tail"));		# short input...
-
-	&mov	($s0,&DWP(0,$key));		# load iv
-	&mov	($s1,&DWP(4,$key));
-
-	&set_label("enc_loop",4);
-		&mov	($s2,&DWP(8,$key));
-		&mov	($s3,&DWP(12,$key));
-
-		&xor	($s0,&DWP(0,$idx));	# xor input data
-		&xor	($s1,&DWP(4,$idx));
-		&xor	($s2,&DWP(8,$idx));
-		&bswap	($s0);
-		&xor	($s3,&DWP(12,$idx));
-		&bswap	($s1);
-		&mov	($key,$_key);		# load key
-		&bswap	($s2);
-		&bswap	($s3);
-
-		&call	("_x86_Camellia_encrypt");
-
-		&mov	($idx,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&bswap	($s0);
-		&bswap	($s1);
-		&bswap	($s2);
-		&mov	(&DWP(0,$key),$s0);	# save output data
-		&bswap	($s3);
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($s2,$_len);		# load len
-
-		&lea	($idx,&DWP(16,$idx));
-		&mov	($_inp,$idx);		# save inp
-
-		&lea	($s3,&DWP(16,$key));
-		&mov	($_out,$s3);		# save out
-
-		&sub	($s2,16);
-		&test	($s2,0xFFFFFFF0);
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("enc_loop"));
-	&test	($s2,15);
-	&jnz	(&label("enc_tail"));
-	&mov	($idx,$_ivp);		# load ivp
-	&mov	($s2,&DWP(8,$key));	# restore last dwords
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$idx),$s0);	# save ivec
-	&mov	(&DWP(4,$idx),$s1);
-	&mov	(&DWP(8,$idx),$s2);
-	&mov	(&DWP(12,$idx),$s3);
-
-	&mov	("esp",$_esp);
-	&popf	();
-    &set_label("enc_out");
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("enc_tail",4);
-	&mov	($s0,$key eq "edi" ? $key : "");
-	&mov	($key,$_out);			# load out
-	&push	($s0);				# push ivp
-	&mov	($s1,16);
-	&sub	($s1,$s2);
-	&cmp	($key,$idx);			# compare with inp
-	&je	(&label("enc_in_place"));
-	&align	(4);
-	&data_word(0xA4F3F689);	# rep movsb	# copy input
-	&jmp	(&label("enc_skip_in_place"));
-    &set_label("enc_in_place");
-	&lea	($key,&DWP(0,$key,$s2));
-    &set_label("enc_skip_in_place");
-	&mov	($s2,$s1);
-	&xor	($s0,$s0);
-	&align	(4);
-	&data_word(0xAAF3F689);	# rep stosb	# zero tail
-	&pop	($key);				# pop ivp
-
-	&mov	($idx,$_out);			# output as input
-	&mov	($s0,&DWP(0,$key));
-	&mov	($s1,&DWP(4,$key));
-	&mov	($_len,16);			# len=16
-	&jmp	(&label("enc_loop"));		# one more spin...
-
-#----------------------------- DECRYPT -----------------------------#
-&set_label("DECRYPT",16);
-	&shl	($s3,6);
-	&lea	($s3,&DWP(0,$s0,$s3));
-	&mov	($_end,$s0);
-	&mov	($_key,$s3);
-
-	&cmp	($idx,$_out);
-	&je	(&label("dec_in_place"));	# in-place processing...
-
-	&mov	($key,$_ivp);			# load ivp
-	&mov	($_tmp,$key);
-
-	&set_label("dec_loop",4);
-		&mov	($s0,&DWP(0,$idx));	# read input
-		&mov	($s1,&DWP(4,$idx));
-		&mov	($s2,&DWP(8,$idx));
-		&bswap	($s0);
-		&mov	($s3,&DWP(12,$idx));
-		&bswap	($s1);
-		&mov	($key,$_key);		# load key
-		&bswap	($s2);
-		&bswap	($s3);
-
-		&call	("_x86_Camellia_decrypt");
-
-		&mov	($key,$_tmp);		# load ivp
-		&mov	($idx,$_len);		# load len
-
-		&bswap	($s0);
-		&bswap	($s1);
-		&bswap	($s2);
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&bswap	($s3);
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&sub	($idx,16);
-		&jc	(&label("dec_partial"));
-		&mov	($_len,$idx);		# save len
-		&mov	($idx,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&mov	(&DWP(0,$key),$s0);	# write output
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($_tmp,$idx);		# save ivp
-		&lea	($idx,&DWP(16,$idx));
-		&mov	($_inp,$idx);		# save inp
-
-		&lea	($key,&DWP(16,$key));
-		&mov	($_out,$key);		# save out
-
-	&jnz	(&label("dec_loop"));
-	&mov	($key,$_tmp);		# load temp ivp
-    &set_label("dec_end");
-	&mov	($idx,$_ivp);		# load user ivp
-	&mov	($s0,&DWP(0,$key));	# load iv
-	&mov	($s1,&DWP(4,$key));
-	&mov	($s2,&DWP(8,$key));
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$idx),$s0);	# copy back to user
-	&mov	(&DWP(4,$idx),$s1);
-	&mov	(&DWP(8,$idx),$s2);
-	&mov	(&DWP(12,$idx),$s3);
-	&jmp	(&label("dec_out"));
-
-    &set_label("dec_partial",4);
-	&lea	($key,$ivec);
-	&mov	(&DWP(0,$key),$s0);	# dump output to stack
-	&mov	(&DWP(4,$key),$s1);
-	&mov	(&DWP(8,$key),$s2);
-	&mov	(&DWP(12,$key),$s3);
-	&lea	($s2 eq "ecx" ? $s2 : "",&DWP(16,$idx));
-	&mov	($idx eq "esi" ? $idx : "",$key);
-	&mov	($key eq "edi" ? $key : "",$_out);	# load out
-	&data_word(0xA4F3F689);	# rep movsb		# copy output
-	&mov	($key,$_inp);				# use inp as temp ivp
-	&jmp	(&label("dec_end"));
-
-    &set_label("dec_in_place",4);
-	&set_label("dec_in_place_loop");
-		&lea	($key,$ivec);
-		&mov	($s0,&DWP(0,$idx));	# read input
-		&mov	($s1,&DWP(4,$idx));
-		&mov	($s2,&DWP(8,$idx));
-		&mov	($s3,&DWP(12,$idx));
-
-		&mov	(&DWP(0,$key),$s0);	# copy to temp
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&bswap	($s0);
-		&mov	(&DWP(12,$key),$s3);
-		&bswap	($s1);
-		&mov	($key,$_key);		# load key
-		&bswap	($s2);
-		&bswap	($s3);
-
-		&call	("_x86_Camellia_decrypt");
-
-		&mov	($key,$_ivp);		# load ivp
-		&mov	($idx,$_out);		# load out
-
-		&bswap	($s0);
-		&bswap	($s1);
-		&bswap	($s2);
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&bswap	($s3);
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&mov	(&DWP(0,$idx),$s0);	# write output
-		&mov	(&DWP(4,$idx),$s1);
-		&mov	(&DWP(8,$idx),$s2);
-		&mov	(&DWP(12,$idx),$s3);
-
-		&lea	($idx,&DWP(16,$idx));
-		&mov	($_out,$idx);		# save out
-
-		&lea	($idx,$ivec);
-		&mov	($s0,&DWP(0,$idx));	# read temp
-		&mov	($s1,&DWP(4,$idx));
-		&mov	($s2,&DWP(8,$idx));
-		&mov	($s3,&DWP(12,$idx));
-
-		&mov	(&DWP(0,$key),$s0);	# copy iv
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($idx,$_inp);		# load inp
-
-		&lea	($idx,&DWP(16,$idx));
-		&mov	($_inp,$idx);		# save inp
-
-		&mov	($s2,$_len);		# load len
-		&sub	($s2,16);
-		&jc	(&label("dec_in_place_partial"));
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("dec_in_place_loop"));
-	&jmp	(&label("dec_out"));
-
-    &set_label("dec_in_place_partial",4);
-	# one can argue if this is actually required...
-	&mov	($key eq "edi" ? $key : "",$_out);
-	&lea	($idx eq "esi" ? $idx : "",$ivec);
-	&lea	($key,&DWP(0,$key,$s2));
-	&lea	($idx,&DWP(16,$idx,$s2));
-	&neg	($s2 eq "ecx" ? $s2 : "");
-	&data_word(0xA4F3F689);	# rep movsb	# restore tail
-
-    &set_label("dec_out",4);
-    &mov	("esp",$_esp);
-    &popf	();
-&function_end("Camellia_cbc_encrypt");
-}
-
-&asciz("Camellia for x86 by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/camellia/asm/cmll-x86_64.pl b/lib/libssl/src/crypto/camellia/asm/cmll-x86_64.pl
deleted file mode 100644
index a171c654b2d..00000000000
--- a/lib/libssl/src/crypto/camellia/asm/cmll-x86_64.pl
+++ /dev/null
@@ -1,867 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
-#
-# This module may be used under the terms of either the GNU General
-# Public License version 2 or later, the GNU Lesser General Public
-# License version 2.1 or later, the Mozilla Public License version
-# 1.1 or the BSD License. The exact terms of either license are
-# distributed along with this module. For further details see
-# http://www.openssl.org/~appro/camellia/.
-# ====================================================================
-
-# Performance in cycles per processed byte (less is better) in
-# 'openssl speed ...' benchmark:
-#
-#			AMD64	Core2	EM64T
-# -evp camellia-128-ecb	16.7	21.0	22.7
-# + over gcc 3.4.6	+25%	+5%	0%
-#
-# camellia-128-cbc	15.7	20.4	21.1
-#
-# 128-bit key setup	128	216	205	cycles/key
-# + over gcc 3.4.6	+54%	+39%	+15%
-#
-# Numbers in "+" rows represent performance improvement over compiler
-# generated code. Key setup timings are impressive on AMD and Core2
-# thanks to 64-bit operations being covertly deployed. Improvement on
-# EM64T, pre-Core2 Intel x86_64 CPU, is not as impressive, because it
-# apparently emulates some of 64-bit operations in [32-bit] microcode.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/;    $r; }
-sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
-                        $r =~ s/%[er]([sd]i)/%\1l/;
-                        $r =~ s/%(r[0-9]+)[d]?/%\1b/;   $r; }
-
-$t0="%eax";$t1="%ebx";$t2="%ecx";$t3="%edx";
-@S=("%r8d","%r9d","%r10d","%r11d");
-$i0="%esi";
-$i1="%edi";
-$Tbl="%rbp";	# size optimization
-$inp="%r12";
-$out="%r13";
-$key="%r14";
-$keyend="%r15";
-$arg0d="%edi";
-
-# const unsigned int Camellia_SBOX[4][256];
-# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
-# and [2][] - with [3][]. This is done to minimize code size.
-$SBOX1_1110=0;		# Camellia_SBOX[0]
-$SBOX4_4404=4;		# Camellia_SBOX[1]
-$SBOX2_0222=2048;	# Camellia_SBOX[2]
-$SBOX3_3033=2052;	# Camellia_SBOX[3]
-
-sub Camellia_Feistel {
-my $i=@_[0];
-my $seed=defined(@_[1])?@_[1]:0;
-my $scale=$seed<0?-8:8;
-my $j=($i&1)*2;
-my $s0=@S[($j)%4],$s1=@S[($j+1)%4],$s2=@S[($j+2)%4],$s3=@S[($j+3)%4];
-
-$code.=<<___;
-	xor	$s0,$t0				# t0^=key[0]
-	xor	$s1,$t1				# t1^=key[1]
-	movz	`&hi("$t0")`,$i0		# (t0>>8)&0xff
-	movz	`&lo("$t1")`,$i1		# (t1>>0)&0xff
-	mov	$SBOX3_3033($Tbl,$i0,8),$t3	# t3=SBOX3_3033[0]
-	mov	$SBOX1_1110($Tbl,$i1,8),$t2	# t2=SBOX1_1110[1]
-	movz	`&lo("$t0")`,$i0		# (t0>>0)&0xff
-	shr	\$16,$t0
-	movz	`&hi("$t1")`,$i1		# (t1>>8)&0xff
-	xor	$SBOX4_4404($Tbl,$i0,8),$t3	# t3^=SBOX4_4404[0]
-	shr	\$16,$t1
-	xor	$SBOX4_4404($Tbl,$i1,8),$t2	# t2^=SBOX4_4404[1]
-	movz	`&hi("$t0")`,$i0		# (t0>>24)&0xff
-	movz	`&lo("$t1")`,$i1		# (t1>>16)&0xff
-	xor	$SBOX1_1110($Tbl,$i0,8),$t3	# t3^=SBOX1_1110[0]
-	xor	$SBOX3_3033($Tbl,$i1,8),$t2	# t2^=SBOX3_3033[1]
-	movz	`&lo("$t0")`,$i0		# (t0>>16)&0xff
-	movz	`&hi("$t1")`,$i1		# (t1>>24)&0xff
-	xor	$SBOX2_0222($Tbl,$i0,8),$t3	# t3^=SBOX2_0222[0]
-	xor	$SBOX2_0222($Tbl,$i1,8),$t2	# t2^=SBOX2_0222[1]
-	mov	`$seed+($i+1)*$scale`($key),$t1	# prefetch key[i+1]
-	mov	`$seed+($i+1)*$scale+4`($key),$t0
-	xor	$t3,$t2				# t2^=t3
-	ror	\$8,$t3				# t3=RightRotate(t3,8)
-	xor	$t2,$s2
-	xor	$t2,$s3
-	xor	$t3,$s3
-___
-}
-
-# void Camellia_EncryptBlock_Rounds(
-#		int grandRounds,
-#		const Byte plaintext[],
-#		const KEY_TABLE_TYPE keyTable,
-#		Byte ciphertext[])
-$code=<<___;
-.text
-
-# V1.x API
-.globl	Camellia_EncryptBlock
-.type	Camellia_EncryptBlock,\@abi-omnipotent
-.align	16
-Camellia_EncryptBlock:
-	movl	\$128,%eax
-	subl	$arg0d,%eax
-	movl	\$3,$arg0d
-	adcl	\$0,$arg0d	# keyBitLength==128?3:4
-	jmp	.Lenc_rounds
-.size	Camellia_EncryptBlock,.-Camellia_EncryptBlock
-# V2
-.globl	Camellia_EncryptBlock_Rounds
-.type	Camellia_EncryptBlock_Rounds,\@function,4
-.align	16
-.Lenc_rounds:
-Camellia_EncryptBlock_Rounds:
-	push	%rbx
-	push	%rbp
-	push	%r13
-	push	%r14
-	push	%r15
-.Lenc_prologue:
-
-	#mov	%rsi,$inp		# put away arguments
-	mov	%rcx,$out
-	mov	%rdx,$key
-
-	shl	\$6,%edi		# process grandRounds
-	lea	.LCamellia_SBOX(%rip),$Tbl
-	lea	($key,%rdi),$keyend
-
-	mov	0(%rsi),@S[0]		# load plaintext
-	mov	4(%rsi),@S[1]
-	mov	8(%rsi),@S[2]
-	bswap	@S[0]
-	mov	12(%rsi),@S[3]
-	bswap	@S[1]
-	bswap	@S[2]
-	bswap	@S[3]
-
-	call	_x86_64_Camellia_encrypt
-
-	bswap	@S[0]
-	bswap	@S[1]
-	bswap	@S[2]
-	mov	@S[0],0($out)
-	bswap	@S[3]
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	mov	@S[3],12($out)
-
-	mov	0(%rsp),%r15
-	mov	8(%rsp),%r14
-	mov	16(%rsp),%r13
-	mov	24(%rsp),%rbp
-	mov	32(%rsp),%rbx
-	lea	40(%rsp),%rsp
-.Lenc_epilogue:
-	ret
-.size	Camellia_EncryptBlock_Rounds,.-Camellia_EncryptBlock_Rounds
-
-.type	_x86_64_Camellia_encrypt,\@abi-omnipotent
-.align	16
-_x86_64_Camellia_encrypt:
-	xor	0($key),@S[1]
-	xor	4($key),@S[0]		# ^=key[0-3]
-	xor	8($key),@S[3]
-	xor	12($key),@S[2]
-.align	16
-.Leloop:
-	mov	16($key),$t1		# prefetch key[4-5]
-	mov	20($key),$t0
-
-___
-	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16); }
-$code.=<<___;
-	lea	16*4($key),$key
-	cmp	$keyend,$key
-	mov	8($key),$t3		# prefetch key[2-3]
-	mov	12($key),$t2
-	je	.Ledone
-
-	and	@S[0],$t0
-	or	@S[3],$t3
-	rol	\$1,$t0
-	xor	$t3,@S[2]		# s2^=s3|key[3];
-	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
-	and	@S[2],$t2
-	or	@S[1],$t1
-	rol	\$1,$t2
-	xor	$t1,@S[0]		# s0^=s1|key[1];
-	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
-	jmp	.Leloop
-
-.align	16
-.Ledone:
-	xor	@S[2],$t0		# SwapHalf
-	xor	@S[3],$t1
-	xor	@S[0],$t2
-	xor	@S[1],$t3
-
-	mov	$t0,@S[0]
-	mov	$t1,@S[1]
-	mov	$t2,@S[2]
-	mov	$t3,@S[3]
-
-	.byte	0xf3,0xc3		# rep ret
-.size	_x86_64_Camellia_encrypt,.-_x86_64_Camellia_encrypt
-
-# V1.x API
-.globl	Camellia_DecryptBlock
-.type	Camellia_DecryptBlock,\@abi-omnipotent
-.align	16
-Camellia_DecryptBlock:
-	movl	\$128,%eax
-	subl	$arg0d,%eax
-	movl	\$3,$arg0d
-	adcl	\$0,$arg0d	# keyBitLength==128?3:4
-	jmp	.Ldec_rounds
-.size	Camellia_DecryptBlock,.-Camellia_DecryptBlock
-# V2
-.globl	Camellia_DecryptBlock_Rounds
-.type	Camellia_DecryptBlock_Rounds,\@function,4
-.align	16
-.Ldec_rounds:
-Camellia_DecryptBlock_Rounds:
-	push	%rbx
-	push	%rbp
-	push	%r13
-	push	%r14
-	push	%r15
-.Ldec_prologue:
-
-	#mov	%rsi,$inp		# put away arguments
-	mov	%rcx,$out
-	mov	%rdx,$keyend
-
-	shl	\$6,%edi		# process grandRounds
-	lea	.LCamellia_SBOX(%rip),$Tbl
-	lea	($keyend,%rdi),$key
-
-	mov	0(%rsi),@S[0]		# load plaintext
-	mov	4(%rsi),@S[1]
-	mov	8(%rsi),@S[2]
-	bswap	@S[0]
-	mov	12(%rsi),@S[3]
-	bswap	@S[1]
-	bswap	@S[2]
-	bswap	@S[3]
-
-	call	_x86_64_Camellia_decrypt
-
-	bswap	@S[0]
-	bswap	@S[1]
-	bswap	@S[2]
-	mov	@S[0],0($out)
-	bswap	@S[3]
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	mov	@S[3],12($out)
-
-	mov	0(%rsp),%r15
-	mov	8(%rsp),%r14
-	mov	16(%rsp),%r13
-	mov	24(%rsp),%rbp
-	mov	32(%rsp),%rbx
-	lea	40(%rsp),%rsp
-.Ldec_epilogue:
-	ret
-.size	Camellia_DecryptBlock_Rounds,.-Camellia_DecryptBlock_Rounds
-
-.type	_x86_64_Camellia_decrypt,\@abi-omnipotent
-.align	16
-_x86_64_Camellia_decrypt:
-	xor	0($key),@S[1]
-	xor	4($key),@S[0]		# ^=key[0-3]
-	xor	8($key),@S[3]
-	xor	12($key),@S[2]
-.align	16
-.Ldloop:
-	mov	-8($key),$t1		# prefetch key[4-5]
-	mov	-4($key),$t0
-
-___
-	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8); }
-$code.=<<___;
-	lea	-16*4($key),$key
-	cmp	$keyend,$key
-	mov	0($key),$t3		# prefetch key[2-3]
-	mov	4($key),$t2
-	je	.Lddone
-
-	and	@S[0],$t0
-	or	@S[3],$t3
-	rol	\$1,$t0
-	xor	$t3,@S[2]		# s2^=s3|key[3];
-	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
-	and	@S[2],$t2
-	or	@S[1],$t1
-	rol	\$1,$t2
-	xor	$t1,@S[0]		# s0^=s1|key[1];
-	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
-
-	jmp	.Ldloop
-
-.align	16
-.Lddone:
-	xor	@S[2],$t2
-	xor	@S[3],$t3
-	xor	@S[0],$t0
-	xor	@S[1],$t1
-
-	mov	$t2,@S[0]		# SwapHalf
-	mov	$t3,@S[1]
-	mov	$t0,@S[2]
-	mov	$t1,@S[3]
-
-	.byte	0xf3,0xc3		# rep ret
-.size	_x86_64_Camellia_decrypt,.-_x86_64_Camellia_decrypt
-___
-
-sub _saveround {
-my ($rnd,$key,@T)=@_;
-my $bias=int(@T[0])?shift(@T):0;
-
-    if ($#T==3) {
-	$code.=<<___;
-	mov	@T[1],`$bias+$rnd*8+0`($key)
-	mov	@T[0],`$bias+$rnd*8+4`($key)
-	mov	@T[3],`$bias+$rnd*8+8`($key)
-	mov	@T[2],`$bias+$rnd*8+12`($key)
-___
-    } else {
-	$code.="	mov	@T[0],`$bias+$rnd*8+0`($key)\n";
-	$code.="	mov	@T[1],`$bias+$rnd*8+8`($key)\n"	if ($#T>=1);
-    }
-}
-
-sub _loadround {
-my ($rnd,$key,@T)=@_;
-my $bias=int(@T[0])?shift(@T):0;
-
-$code.="	mov	`$bias+$rnd*8+0`($key),@T[0]\n";
-$code.="	mov	`$bias+$rnd*8+8`($key),@T[1]\n"	if ($#T>=1);
-}
-
-# shld is very slow on Intel EM64T family. Even on AMD it limits
-# instruction decode rate [because it's VectorPath] and consequently
-# performance...
-sub __rotl128 {
-my ($i0,$i1,$rot)=@_;
-
-    if ($rot) {
-	$code.=<<___;
-	mov	$i0,%r11
-	shld	\$$rot,$i1,$i0
-	shld	\$$rot,%r11,$i1
-___
-    }
-}
-
-# ... Implementing 128-bit rotate without shld gives 80% better
-# performance EM64T, +15% on AMD64 and only ~7% degradation on
-# Core2. This is therefore preferred.
-sub _rotl128 {
-my ($i0,$i1,$rot)=@_;
-
-    if ($rot) {
-	$code.=<<___;
-	mov	$i0,%r11
-	shl	\$$rot,$i0
-	mov	$i1,%r9
-	shr	\$`64-$rot`,%r9
-	shr	\$`64-$rot`,%r11
-	or	%r9,$i0
-	shl	\$$rot,$i1
-	or	%r11,$i1
-___
-    }
-}
-
-{ my $step=0;
-
-$code.=<<___;
-.globl	Camellia_Ekeygen
-.type	Camellia_Ekeygen,\@function,3
-.align	16
-Camellia_Ekeygen:
-	push	%rbx
-	push	%rbp
-	push	%r13
-	push	%r14
-	push	%r15
-.Lkey_prologue:
-
-	mov	%rdi,$keyend		# put away arguments, keyBitLength
-	mov	%rdx,$out		# keyTable
-
-	mov	0(%rsi),@S[0]		# load 0-127 bits
-	mov	4(%rsi),@S[1]
-	mov	8(%rsi),@S[2]
-	mov	12(%rsi),@S[3]
-
-	bswap	@S[0]
-	bswap	@S[1]
-	bswap	@S[2]
-	bswap	@S[3]
-___
-	&_saveround	(0,$out,@S);	# KL<<<0
-$code.=<<___;
-	cmp	\$128,$keyend		# check keyBitLength
-	je	.L1st128
-
-	mov	16(%rsi),@S[0]		# load 128-191 bits
-	mov	20(%rsi),@S[1]
-	cmp	\$192,$keyend
-	je	.L1st192
-	mov	24(%rsi),@S[2]		# load 192-255 bits
-	mov	28(%rsi),@S[3]
-	jmp	.L1st256
-.L1st192:
-	mov	@S[0],@S[2]
-	mov	@S[1],@S[3]
-	not	@S[2]
-	not	@S[3]
-.L1st256:
-	bswap	@S[0]
-	bswap	@S[1]
-	bswap	@S[2]
-	bswap	@S[3]
-___
-	&_saveround	(4,$out,@S);	# temp storage for KR!
-$code.=<<___;
-	xor	0($out),@S[1]		# KR^KL
-	xor	4($out),@S[0]
-	xor	8($out),@S[3]
-	xor	12($out),@S[2]
-
-.L1st128:
-	lea	.LCamellia_SIGMA(%rip),$key
-	lea	.LCamellia_SBOX(%rip),$Tbl
-
-	mov	0($key),$t1
-	mov	4($key),$t0
-___
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-$code.=<<___;
-	xor	0($out),@S[1]		# ^KL
-	xor	4($out),@S[0]
-	xor	8($out),@S[3]
-	xor	12($out),@S[2]
-___
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-$code.=<<___;
-	cmp	\$128,$keyend
-	jne	.L2nd256
-
-	lea	128($out),$out		# size optimization
-	shl	\$32,%r8		# @S[0]||
-	shl	\$32,%r10		# @S[2]||
-	or	%r9,%r8			# ||@S[1]
-	or	%r11,%r10		# ||@S[3]
-___
-	&_loadround	(0,$out,-128,"%rax","%rbx");	# KL
-	&_saveround	(2,$out,-128,"%r8","%r10");	# KA<<<0
-	&_rotl128	("%rax","%rbx",15);
-	&_saveround	(4,$out,-128,"%rax","%rbx");	# KL<<<15
-	&_rotl128	("%r8","%r10",15);
-	&_saveround	(6,$out,-128,"%r8","%r10");	# KA<<<15
-	&_rotl128	("%r8","%r10",15);		# 15+15=30
-	&_saveround	(8,$out,-128,"%r8","%r10");	# KA<<<30
-	&_rotl128	("%rax","%rbx",30);		# 15+30=45
-	&_saveround	(10,$out,-128,"%rax","%rbx");	# KL<<<45
-	&_rotl128	("%r8","%r10",15);		# 30+15=45
-	&_saveround	(12,$out,-128,"%r8");		# KA<<<45
-	&_rotl128	("%rax","%rbx",15);		# 45+15=60
-	&_saveround	(13,$out,-128,"%rbx");		# KL<<<60
-	&_rotl128	("%r8","%r10",15);		# 45+15=60
-	&_saveround	(14,$out,-128,"%r8","%r10");	# KA<<<60
-	&_rotl128	("%rax","%rbx",17);		# 60+17=77
-	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<77
-	&_rotl128	("%rax","%rbx",17);		# 77+17=94
-	&_saveround	(18,$out,-128,"%rax","%rbx");	# KL<<<94
-	&_rotl128	("%r8","%r10",34);		# 60+34=94
-	&_saveround	(20,$out,-128,"%r8","%r10");	# KA<<<94
-	&_rotl128	("%rax","%rbx",17);		# 94+17=111
-	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<111
-	&_rotl128	("%r8","%r10",17);		# 94+17=111
-	&_saveround	(24,$out,-128,"%r8","%r10");	# KA<<<111
-$code.=<<___;
-	mov	\$3,%eax
-	jmp	.Ldone
-.align	16
-.L2nd256:
-___
-	&_saveround	(6,$out,@S);	# temp storage for KA!
-$code.=<<___;
-	xor	`4*8+0`($out),@S[1]	# KA^KR
-	xor	`4*8+4`($out),@S[0]
-	xor	`5*8+0`($out),@S[3]
-	xor	`5*8+4`($out),@S[2]
-___
-	&Camellia_Feistel($step++);
-	&Camellia_Feistel($step++);
-
-	&_loadround	(0,$out,"%rax","%rbx");	# KL
-	&_loadround	(4,$out,"%rcx","%rdx");	# KR
-	&_loadround	(6,$out,"%r14","%r15");	# KA
-$code.=<<___;
-	lea	128($out),$out		# size optimization
-	shl	\$32,%r8		# @S[0]||
-	shl	\$32,%r10		# @S[2]||
-	or	%r9,%r8			# ||@S[1]
-	or	%r11,%r10		# ||@S[3]
-___
-	&_saveround	(2,$out,-128,"%r8","%r10");	# KB<<<0
-	&_rotl128	("%rcx","%rdx",15);
-	&_saveround	(4,$out,-128,"%rcx","%rdx");	# KR<<<15
-	&_rotl128	("%r14","%r15",15);
-	&_saveround	(6,$out,-128,"%r14","%r15");	# KA<<<15
-	&_rotl128	("%rcx","%rdx",15);		# 15+15=30
-	&_saveround	(8,$out,-128,"%rcx","%rdx");	# KR<<<30
-	&_rotl128	("%r8","%r10",30);
-	&_saveround	(10,$out,-128,"%r8","%r10");	# KB<<<30
-	&_rotl128	("%rax","%rbx",45);
-	&_saveround	(12,$out,-128,"%rax","%rbx");	# KL<<<45
-	&_rotl128	("%r14","%r15",30);		# 15+30=45
-	&_saveround	(14,$out,-128,"%r14","%r15");	# KA<<<45
-	&_rotl128	("%rax","%rbx",15);		# 45+15=60
-	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<60
-	&_rotl128	("%rcx","%rdx",30);		# 30+30=60
-	&_saveround	(18,$out,-128,"%rcx","%rdx");	# KR<<<60
-	&_rotl128	("%r8","%r10",30);		# 30+30=60
-	&_saveround	(20,$out,-128,"%r8","%r10");	# KB<<<60
-	&_rotl128	("%rax","%rbx",17);		# 60+17=77
-	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<77
-	&_rotl128	("%r14","%r15",32);		# 45+32=77
-	&_saveround	(24,$out,-128,"%r14","%r15");	# KA<<<77
-	&_rotl128	("%rcx","%rdx",34);		# 60+34=94
-	&_saveround	(26,$out,-128,"%rcx","%rdx");	# KR<<<94
-	&_rotl128	("%r14","%r15",17);		# 77+17=94
-	&_saveround	(28,$out,-128,"%r14","%r15");	# KA<<<77
-	&_rotl128	("%rax","%rbx",34);		# 77+34=111
-	&_saveround	(30,$out,-128,"%rax","%rbx");	# KL<<<111
-	&_rotl128	("%r8","%r10",51);		# 60+51=111
-	&_saveround	(32,$out,-128,"%r8","%r10");	# KB<<<111
-$code.=<<___;
-	mov	\$4,%eax
-.Ldone:
-	mov	0(%rsp),%r15
-	mov	8(%rsp),%r14
-	mov	16(%rsp),%r13
-	mov	24(%rsp),%rbp
-	mov	32(%rsp),%rbx
-	lea	40(%rsp),%rsp
-.Lkey_epilogue:
-	ret
-.size	Camellia_Ekeygen,.-Camellia_Ekeygen
-___
-}
-
-@SBOX=(
-112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
- 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
-134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
-166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
-139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
-223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
- 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
-254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
-170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
- 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
-135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
- 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
-233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
-120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
-114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
- 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
-
-sub S1110 { my $i=shift; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i<<8; sprintf("0x%08x",$i); }
-sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i; sprintf("0x%08x",$i); }
-sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; $i=$i<<16|$i<<8|$i; sprintf("0x%08x",$i); }
-sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; $i=$i<<24|$i<<8|$i; sprintf("0x%08x",$i); }
-
-$code.=<<___;
-.align	64
-.LCamellia_SIGMA:
-.long	0x3bcc908b, 0xa09e667f, 0x4caa73b2, 0xb67ae858
-.long	0xe94f82be, 0xc6ef372f, 0xf1d36f1c, 0x54ff53a5
-.long	0xde682d1d, 0x10e527fa, 0xb3e6c1fd, 0xb05688c2
-.long	0,          0,          0,          0
-.LCamellia_SBOX:
-___
-# tables are interleaved, remember?
-sub data_word { $code.=".long\t".join(',',@_)."\n"; }
-for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
-for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
-
-# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const CAMELLIA_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-$_key="0(%rsp)";
-$_end="8(%rsp)";	# inp+len&~15
-$_res="16(%rsp)";	# len&15
-$ivec="24(%rsp)";
-$_ivp="40(%rsp)";
-$_rsp="48(%rsp)";
-
-$code.=<<___;
-.globl	Camellia_cbc_encrypt
-.type	Camellia_cbc_encrypt,\@function,6
-.align	16
-Camellia_cbc_encrypt:
-	cmp	\$0,%rdx
-	je	.Lcbc_abort
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-.Lcbc_prologue:
-
-	mov	%rsp,%rbp
-	sub	\$64,%rsp
-	and	\$-64,%rsp
-
-	# place stack frame just "above mod 1024" the key schedule,
-	# this ensures that cache associativity suffices
-	lea	-64-63(%rcx),%r10
-	sub	%rsp,%r10
-	neg	%r10
-	and	\$0x3C0,%r10
-	sub	%r10,%rsp
-	#add	\$8,%rsp		# 8 is reserved for callee's ra
-
-	mov	%rdi,$inp		# inp argument
-	mov	%rsi,$out		# out argument
-	mov	%r8,%rbx		# ivp argument
-	mov	%rcx,$key		# key argument
-	mov	272(%rcx),${keyend}d	# grandRounds
-
-	mov	%r8,$_ivp
-	mov	%rbp,$_rsp
-
-.Lcbc_body:
-	lea	.LCamellia_SBOX(%rip),$Tbl
-
-	mov	\$32,%ecx
-.align	4
-.Lcbc_prefetch_sbox:
-	mov	0($Tbl),%rax
-	mov	32($Tbl),%rsi
-	mov	64($Tbl),%rdi
-	mov	96($Tbl),%r11
-	lea	128($Tbl),$Tbl
-	loop	.Lcbc_prefetch_sbox
-	sub	\$4096,$Tbl
-	shl	\$6,$keyend
-	mov	%rdx,%rcx		# len argument
-	lea	($key,$keyend),$keyend
-
-	cmp	\$0,%r9d		# enc argument
-	je	.LCBC_DECRYPT
-
-	and	\$-16,%rdx
-	and	\$15,%rcx		# length residue
-	lea	($inp,%rdx),%rdx
-	mov	$key,$_key
-	mov	%rdx,$_end
-	mov	%rcx,$_res
-
-	cmp	$inp,%rdx
-	mov	0(%rbx),@S[0]		# load IV
-	mov	4(%rbx),@S[1]
-	mov	8(%rbx),@S[2]
-	mov	12(%rbx),@S[3]
-	je	.Lcbc_enc_tail
-	jmp	.Lcbc_eloop
-
-.align	16
-.Lcbc_eloop:
-	xor	0($inp),@S[0]
-	xor	4($inp),@S[1]
-	xor	8($inp),@S[2]
-	bswap	@S[0]
-	xor	12($inp),@S[3]
-	bswap	@S[1]
-	bswap	@S[2]
-	bswap	@S[3]
-
-	call	_x86_64_Camellia_encrypt
-
-	mov	$_key,$key		# "rewind" the key
-	bswap	@S[0]
-	mov	$_end,%rdx
-	bswap	@S[1]
-	mov	$_res,%rcx
-	bswap	@S[2]
-	mov	@S[0],0($out)
-	bswap	@S[3]
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	lea	16($inp),$inp
-	mov	@S[3],12($out)
-	cmp	%rdx,$inp
-	lea	16($out),$out
-	jne	.Lcbc_eloop
-
-	cmp	\$0,%rcx
-	jne	.Lcbc_enc_tail
-
-	mov	$_ivp,$out
-	mov	@S[0],0($out)		# write out IV residue
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	mov	@S[3],12($out)
-	jmp	.Lcbc_done
-
-.align	16
-.Lcbc_enc_tail:
-	xor	%rax,%rax
-	mov	%rax,0+$ivec
-	mov	%rax,8+$ivec
-	mov	%rax,$_res
-
-.Lcbc_enc_pushf:
-	pushfq
-	cld
-	mov	$inp,%rsi
-	lea	8+$ivec,%rdi
-	.long	0x9066A4F3		# rep movsb
-	popfq
-.Lcbc_enc_popf:
-
-	lea	$ivec,$inp
-	lea	16+$ivec,%rax
-	mov	%rax,$_end
-	jmp	.Lcbc_eloop		# one more time
-
-.align	16
-.LCBC_DECRYPT:
-	xchg	$key,$keyend
-	add	\$15,%rdx
-	and	\$15,%rcx		# length residue
-	and	\$-16,%rdx
-	mov	$key,$_key
-	lea	($inp,%rdx),%rdx
-	mov	%rdx,$_end
-	mov	%rcx,$_res
-
-	mov	(%rbx),%rax		# load IV
-	mov	8(%rbx),%rbx
-	jmp	.Lcbc_dloop
-.align	16
-.Lcbc_dloop:
-	mov	0($inp),@S[0]
-	mov	4($inp),@S[1]
-	mov	8($inp),@S[2]
-	bswap	@S[0]
-	mov	12($inp),@S[3]
-	bswap	@S[1]
-	mov	%rax,0+$ivec		# save IV to temporary storage
-	bswap	@S[2]
-	mov	%rbx,8+$ivec
-	bswap	@S[3]
-
-	call	_x86_64_Camellia_decrypt
-
-	mov	$_key,$key		# "rewind" the key
-	mov	$_end,%rdx
-	mov	$_res,%rcx
-
-	bswap	@S[0]
-	mov	($inp),%rax		# load IV for next iteration
-	bswap	@S[1]
-	mov	8($inp),%rbx
-	bswap	@S[2]
-	xor	0+$ivec,@S[0]
-	bswap	@S[3]
-	xor	4+$ivec,@S[1]
-	xor	8+$ivec,@S[2]
-	lea	16($inp),$inp
-	xor	12+$ivec,@S[3]
-	cmp	%rdx,$inp
-	je	.Lcbc_ddone
-
-	mov	@S[0],0($out)
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	mov	@S[3],12($out)
-
-	lea	16($out),$out
-	jmp	.Lcbc_dloop
-
-.align	16
-.Lcbc_ddone:
-	mov	$_ivp,%rdx
-	cmp	\$0,%rcx
-	jne	.Lcbc_dec_tail
-
-	mov	@S[0],0($out)
-	mov	@S[1],4($out)
-	mov	@S[2],8($out)
-	mov	@S[3],12($out)
-
-	mov	%rax,(%rdx)		# write out IV residue
-	mov	%rbx,8(%rdx)
-	jmp	.Lcbc_done
-.align	16
-.Lcbc_dec_tail:
-	mov	@S[0],0+$ivec
-	mov	@S[1],4+$ivec
-	mov	@S[2],8+$ivec
-	mov	@S[3],12+$ivec
-
-.Lcbc_dec_pushf:
-	pushfq
-	cld
-	lea	8+$ivec,%rsi
-	lea	($out),%rdi
-	.long	0x9066A4F3		# rep movsb
-	popfq
-.Lcbc_dec_popf:
-
-	mov	%rax,(%rdx)		# write out IV residue
-	mov	%rbx,8(%rdx)
-	jmp	.Lcbc_done
-
-.align	16
-.Lcbc_done:
-	mov	$_rsp,%rcx
-	mov	0(%rcx),%r15
-	mov	8(%rcx),%r14
-	mov	16(%rcx),%r13
-	mov	24(%rcx),%r12
-	mov	32(%rcx),%rbp
-	mov	40(%rcx),%rbx
-	lea	48(%rcx),%rsp
-.Lcbc_abort:
-	ret
-.size	Camellia_cbc_encrypt,.-Camellia_cbc_encrypt
-
-.asciz	"Camellia for x86_64 by <appro\@openssl.org>"
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/camellia/camellia.c b/lib/libssl/src/crypto/camellia/camellia.c
deleted file mode 100644
index cb577798a88..00000000000
--- a/lib/libssl/src/crypto/camellia/camellia.c
+++ /dev/null
@@ -1,571 +0,0 @@
-/* $OpenBSD: camellia.c,v 1.10 2014/11/19 11:37:52 bcook Exp $ */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . 
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-/*
- * Algorithm Specification
- * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
- */
-
-/*
- * This release balances code size and performance. In particular key
- * schedule setup is fully unrolled, because doing so *significantly*
- * reduces amount of instructions per setup round and code increase is
- * justifiable. In block functions on the other hand only inner loops
- * are unrolled, as full unroll gives only nominal performance boost,
- * while code size grows 4 or 7 times. Also, unlike previous versions
- * this one "encourages" compiler to keep intermediate variables in
- * registers, which should give better "all round" results, in other
- * words reasonable performance even with not so modern compilers.
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/camellia.h>
-#include <openssl/opensslconf.h>
-
-#include "cmll_locl.h"
-
-/* 32-bit rotations */
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__GNUC__) && __GNUC__>=2
-#  if defined(__i386) || defined(__x86_64)
-#   define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-#   define LeftRotate(x,s)  ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
-#   define GETU32(p)   ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
-#   define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
-#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
-        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
-#   define LeftRotate(x,s)  ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
-#   define RightRotate(x,s) LeftRotate(x,(32-s))
-#  elif defined(__s390x__)
-#   define LeftRotate(x,s)  ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
-#   define RightRotate(x,s) LeftRotate(x,(32-s))
-#   define GETU32(p)   (*(u32 *)(p))
-#   define PUTU32(p,v) (*(u32 *)(p)=(v))
-#  endif
-# endif
-#endif
-
-#if !defined(RightRotate) && !defined(LeftRotate)
-# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
-# define LeftRotate(x, s)  ( ((x) << (s)) + ((x) >> (32 - s)) )
-#endif
-
-#if !defined(GETU32) && !defined(PUTU32)
-# define GETU32(p)   (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] <<  8) ^ ((u32)(p)[3]))
-# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >>  8), (p)[3] = (u8)(v))
-#endif
-
-/* S-box data */
-#define SBOX1_1110 Camellia_SBOX[0]
-#define SBOX4_4404 Camellia_SBOX[1]
-#define SBOX2_0222 Camellia_SBOX[2]
-#define SBOX3_3033 Camellia_SBOX[3]
-static const u32 Camellia_SBOX[][256] = {
-{   0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
-    0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
-    0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
-    0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
-    0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
-    0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
-    0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
-    0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
-    0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
-    0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
-    0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
-    0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
-    0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
-    0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
-    0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
-    0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
-    0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
-    0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
-    0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
-    0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
-    0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
-    0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
-    0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
-    0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
-    0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
-    0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
-    0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
-    0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
-    0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
-    0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
-    0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
-    0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
-    0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
-    0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
-    0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
-    0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
-    0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
-    0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
-    0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
-    0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
-    0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
-    0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
-    0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00 },
-{   0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
-    0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
-    0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
-    0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
-    0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
-    0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
-    0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
-    0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
-    0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
-    0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
-    0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
-    0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
-    0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
-    0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
-    0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
-    0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
-    0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
-    0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
-    0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
-    0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
-    0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
-    0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
-    0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
-    0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
-    0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
-    0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
-    0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
-    0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
-    0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
-    0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
-    0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
-    0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
-    0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
-    0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
-    0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
-    0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
-    0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
-    0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
-    0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
-    0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
-    0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
-    0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
-    0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e },
-{   0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
-    0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
-    0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
-    0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
-    0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
-    0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
-    0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
-    0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
-    0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
-    0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
-    0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
-    0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
-    0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
-    0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
-    0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
-    0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
-    0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
-    0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
-    0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
-    0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
-    0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
-    0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
-    0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
-    0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
-    0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
-    0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
-    0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
-    0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
-    0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
-    0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
-    0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
-    0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
-    0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
-    0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
-    0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
-    0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
-    0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
-    0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
-    0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
-    0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
-    0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
-    0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
-    0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d },
-{   0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
-    0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
-    0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
-    0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
-    0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
-    0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
-    0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
-    0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
-    0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
-    0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
-    0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
-    0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
-    0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
-    0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
-    0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
-    0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
-    0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
-    0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
-    0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
-    0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
-    0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
-    0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
-    0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
-    0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
-    0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
-    0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
-    0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
-    0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
-    0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
-    0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
-    0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
-    0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
-    0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
-    0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
-    0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
-    0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
-    0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
-    0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
-    0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
-    0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
-    0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
-    0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
-    0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f }
-};
-
-/* Key generation constants */
-static const u32 SIGMA[] = {
-    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
-    0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
-};
-
-/* The phi algorithm given in C.2.7 of the Camellia spec document. */
-/*
- * This version does not attempt to minimize amount of temporary
- * variables, but instead explicitly exposes algorithm's parallelism.
- * It is therefore most appropriate for platforms with not less than
- * ~16 registers. For platforms with fewer registers [well, x86 to be
- * specific] assembler version should be/is provided anyway...
- */
-#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) \
-do { \
-	u32 _t0, _t1, _t2, _t3; \
-	_t0 = _s0 ^ (_key)[0]; \
-	_t3 = SBOX4_4404[_t0 & 0xff]; \
-	_t1 = _s1 ^ (_key)[1]; \
-	_t3 ^= SBOX3_3033[(_t0 >> 8) & 0xff]; \
-	_t2 = SBOX1_1110[_t1 & 0xff]; \
-	_t3 ^= SBOX2_0222[(_t0 >> 16) & 0xff]; \
-	_t2 ^= SBOX4_4404[(_t1 >> 8) & 0xff]; \
-	_t3 ^= SBOX1_1110[(_t0 >> 24)]; \
-	_t2 ^= _t3; \
-	_t3 = RightRotate(_t3, 8); \
-	_t2 ^= SBOX3_3033[(_t1 >> 16) & 0xff]; \
-	_s3 ^= _t3; \
-	_t2 ^= SBOX2_0222[(_t1 >> 24)]; \
-	_s2 ^= _t2; \
-	_s3 ^= _t2; \
-} while(0)
-
-/*
- * Note that n has to be less than 32. Rotations for larger amount
- * of bits are achieved by "rotating" order of s-elements and
- * adjusting n accordingly, e.g. RotLeft128(s1, s2, s3, s0, n - 32).
- */
-#define RotLeft128(_s0, _s1, _s2, _s3, _n) \
-do { \
-	u32 _t0 = _s0 >> (32 - _n); \
-	_s0 = (_s0 << _n) | (_s1 >> (32 - _n)); \
-	_s1 = (_s1 << _n) | (_s2 >> (32 - _n)); \
-	_s2 = (_s2 << _n) | (_s3 >> (32 - _n)); \
-	_s3 = (_s3 << _n) | _t0; \
-} while (0)
-
-int
-Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
-{
-	u32 s0, s1, s2, s3;
-
-	k[0] = s0 = GETU32(rawKey);
-	k[1] = s1 = GETU32(rawKey + 4);
-	k[2] = s2 = GETU32(rawKey + 8);
-	k[3] = s3 = GETU32(rawKey + 12);
-
-	if (keyBitLength != 128) {
-		k[8] = s0 = GETU32(rawKey + 16);
-		k[9] = s1 = GETU32(rawKey + 20);
-		if (keyBitLength == 192) {
-			k[10] = s2 = ~s0;
-			k[11] = s3 = ~s1;
-		} else {
-			k[10] = s2 = GETU32(rawKey + 24);
-			k[11] = s3 = GETU32(rawKey + 28);
-		}
-		s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
-	}
-
-	/* Use the Feistel routine to scramble the key material */
-	Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
-	Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
-
-	s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
-	Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
-	Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
-
-	/* Fill the keyTable. Requires many block rotations. */
-	if (keyBitLength == 128) {
-		k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KA <<< 15 */
-		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KA <<< 30 */
-		k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KA <<< 45 */
-		k[24] = s0, k[25] = s1;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KA <<< 60 */
-		k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
-		RotLeft128(s1, s2, s3, s0, 2);	/* KA <<< 94 */
-		k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
-		RotLeft128(s1, s2, s3, s0, 17);	/* KA <<<111 */
-		k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
-
-		s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3];
-		RotLeft128(s0, s1, s2, s3, 15);	/* KL <<< 15 */
-		k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3;
-		RotLeft128(s0, s1, s2, s3, 30);	/* KL <<< 45 */
-		k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KL <<< 60 */
-		k[26] = s2, k[27] = s3;
-		RotLeft128(s0, s1, s2, s3, 17);	/* KL <<< 77 */
-		k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
-		RotLeft128(s0, s1, s2, s3, 17);	/* KL <<< 94 */
-		k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
-		RotLeft128(s0, s1, s2, s3, 17);	/* KL <<<111 */
-		k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
-
-		return 3;	/* grand rounds */
-	} else {
-		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-		s0 ^= k[8], s1 ^= k[9], s2 ^=k[10], s3 ^=k[11];
-		Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
-		Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
-
-		k[ 4] = s0, k[ 5] = s1, k[ 6] = s2, k[ 7] = s3;
-		RotLeft128(s0, s1, s2, s3, 30);	/* KB <<< 30 */
-		k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
-		RotLeft128(s0, s1, s2, s3, 30);	/* KB <<< 60 */
-		k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
-		RotLeft128(s1, s2, s3, s0, 19);	/* KB <<<111 */
-		k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
-
-		s0 = k[ 8], s1 = k[ 9], s2 = k[10], s3 = k[11];
-		RotLeft128(s0, s1, s2, s3, 15);	/* KR <<< 15 */
-		k[ 8] = s0, k[ 9] = s1, k[10] = s2, k[11] = s3;
-		RotLeft128(s0, s1, s2, s3, 15);	/* KR <<< 30 */
-		k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
-		RotLeft128(s0, s1, s2, s3, 30);	/* KR <<< 60 */
-		k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
-		RotLeft128(s1, s2, s3, s0, 2);	/* KR <<< 94 */
-		k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
-
-		s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
-		RotLeft128(s0, s1, s2, s3, 15);	/* KA <<< 15 */
-		k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
-		RotLeft128(s0, s1, s2, s3, 30);	/* KA <<< 45 */
-		k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
-						/* KA <<< 77 */
-		k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
-		RotLeft128(s1, s2, s3, s0, 17);	/* KA <<< 94 */
-		k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
-
-		s0 = k[ 0], s1 = k[ 1], s2 = k[ 2], s3 = k[ 3];
-		RotLeft128(s1, s2, s3, s0, 13);	/* KL <<< 45 */
-		k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
-		RotLeft128(s1, s2, s3, s0, 15);	/* KL <<< 60 */
-		k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
-		RotLeft128(s1, s2, s3, s0, 17);	/* KL <<< 77 */
-		k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
-		RotLeft128(s2, s3, s0, s1, 2);	/* KL <<<111 */
-		k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
-
-		return 4;	/* grand rounds */
-	}
-	/*
-	 * It is possible to perform certain precalculations, which
-	 * would spare few cycles in block procedure. It's not done,
-	 * because it upsets the performance balance between key
-	 * setup and block procedures, negatively affecting overall
-	 * throughput in applications operating on short messages
-	 * and volatile keys.
-	 */
-}
-
-void
-Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
-    const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
-	u32 s0, s1, s2, s3;
-	const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
-
-	s0 = GETU32(plaintext) ^ k[0];
-	s1 = GETU32(plaintext + 4) ^ k[1];
-	s2 = GETU32(plaintext + 8) ^ k[2];
-	s3 = GETU32(plaintext + 12) ^ k[3];
-	k += 4;
-
-	while (1) {
-		/* Camellia makes 6 Feistel rounds */
-		Camellia_Feistel(s0, s1, s2, s3, k + 0);
-		Camellia_Feistel(s2, s3, s0, s1, k + 2);
-		Camellia_Feistel(s0, s1, s2, s3, k + 4);
-		Camellia_Feistel(s2, s3, s0, s1, k + 6);
-		Camellia_Feistel(s0, s1, s2, s3, k + 8);
-		Camellia_Feistel(s2, s3, s0, s1, k + 10);
-		k += 12;
-
-		if (k == kend)
-			break;
-
-		/* This is the same function as the diffusion function D
-		 * of the accompanying documentation. See section 3.2
-		 * for properties of the FLlayer function. */
-		s1 ^= LeftRotate(s0 & k[0], 1);
-		s2 ^= s3 | k[3];
-		s0 ^= s1 | k[1];
-		s3 ^= LeftRotate(s2 & k[2], 1);
-		k += 4;
-	}
-
-	s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
-	PUTU32(ciphertext, s2);
-	PUTU32(ciphertext + 4, s3);
-	PUTU32(ciphertext + 8, s0);
-	PUTU32(ciphertext + 12, s1);
-}
-
-void
-Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
-    const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
-	Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
-	    plaintext, keyTable, ciphertext);
-}
-
-void
-Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
-    const KEY_TABLE_TYPE keyTable, u8 plaintext[])
-{
-	u32 s0, s1, s2, s3;
-	const u32 *k = keyTable+grandRounds * 16, *kend = keyTable+4;
-
-	s0 = GETU32(ciphertext) ^ k[0];
-	s1 = GETU32(ciphertext+4) ^ k[1];
-	s2 = GETU32(ciphertext+8) ^ k[2];
-	s3 = GETU32(ciphertext+12) ^ k[3];
-
-	while (1) {
-		/* Camellia makes 6 Feistel rounds */
-		k -= 12;
-		Camellia_Feistel(s0, s1, s2, s3, k+10);
-		Camellia_Feistel(s2, s3, s0, s1, k+8);
-		Camellia_Feistel(s0, s1, s2, s3, k+6);
-		Camellia_Feistel(s2, s3, s0, s1, k+4);
-		Camellia_Feistel(s0, s1, s2, s3, k+2);
-		Camellia_Feistel(s2, s3, s0, s1, k+0);
-
-		if (k == kend)
-			break;
-
-		/* This is the same function as the diffusion function D
-		 * of the accompanying documentation. See section 3.2
-		 * for properties of the FLlayer function. */
-		k -= 4;
-		s1 ^= LeftRotate(s0 & k[2], 1);
-		s2 ^= s3 | k[1];
-		s0 ^= s1 | k[3];
-		s3 ^= LeftRotate(s2 & k[0], 1);
-	}
-
-	k -= 4;
-	s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
-
-	PUTU32(plaintext, s2);
-	PUTU32(plaintext+4, s3);
-	PUTU32(plaintext+8, s0);
-	PUTU32(plaintext+12, s1);
-}
-
-void
-Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
-    const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
-{
-	Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
-	    plaintext, keyTable, ciphertext);
-}
diff --git a/lib/libssl/src/crypto/camellia/camellia.h b/lib/libssl/src/crypto/camellia/camellia.h
deleted file mode 100644
index b9b5f792b1e..00000000000
--- a/lib/libssl/src/crypto/camellia/camellia.h
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: camellia.h,v 1.5 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#ifndef HEADER_CAMELLIA_H
-#define HEADER_CAMELLIA_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_CAMELLIA
-#error CAMELLIA is disabled.
-#endif
-
-#include <stddef.h>
-
-#define CAMELLIA_ENCRYPT	1
-#define CAMELLIA_DECRYPT	0
-
-/* Because array size can't be a const in C, the following two are macros.
-   Both sizes are in bytes. */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* This should be a hidden type, but EVP requires that the size be known */
-
-#define CAMELLIA_BLOCK_SIZE 16
-#define CAMELLIA_TABLE_BYTE_LEN 272
-#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
-
-typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match with WORD */
-
-struct camellia_key_st {
-	union {
-		double d;	/* ensures 64-bit align */
-		KEY_TABLE_TYPE rd_key;
-	} u;
-	int grand_rounds;
-};
-typedef struct camellia_key_st CAMELLIA_KEY;
-
-int Camellia_set_key(const unsigned char *userKey, const int bits,
-	CAMELLIA_KEY *key);
-
-void Camellia_encrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key);
-void Camellia_decrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key);
-
-void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	const CAMELLIA_KEY *key, const int enc);
-void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, const int enc);
-void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char *ivec, int *num);
-void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, const CAMELLIA_KEY *key,
-	unsigned char ivec[CAMELLIA_BLOCK_SIZE],
-	unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
-	unsigned int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* !HEADER_Camellia_H */
diff --git a/lib/libssl/src/crypto/camellia/cmll_cbc.c b/lib/libssl/src/crypto/camellia/cmll_cbc.c
deleted file mode 100644
index 6567e5deb6c..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_cbc.c
+++ /dev/null
@@ -1,65 +0,0 @@
-/* $OpenBSD: cmll_cbc.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void
-Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
-    const CAMELLIA_KEY *key, unsigned char *ivec, const int enc)
-{
-	if (enc)
-		CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
-		    (block128_f)Camellia_encrypt);
-	else
-		CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
-		   (block128_f)Camellia_decrypt);
-}
diff --git a/lib/libssl/src/crypto/camellia/cmll_cfb.c b/lib/libssl/src/crypto/camellia/cmll_cfb.c
deleted file mode 100644
index 755ab9f8bf2..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_cfb.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* $OpenBSD: cmll_cfb.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-
-/*
- * The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-
-void
-Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num,
-    const int enc)
-{
-	CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)Camellia_encrypt);
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void
-Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num,
-    const int enc)
-{
-	CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)Camellia_encrypt);
-}
-
-void
-Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num,
-    const int enc)
-{
-	CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
-	    (block128_f)Camellia_encrypt);
-}
diff --git a/lib/libssl/src/crypto/camellia/cmll_ctr.c b/lib/libssl/src/crypto/camellia/cmll_ctr.c
deleted file mode 100644
index 59a351ee1b8..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_ctr.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* $OpenBSD: cmll_ctr.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-void
-Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const CAMELLIA_KEY *key,
-    unsigned char ivec[CAMELLIA_BLOCK_SIZE],
-    unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE], unsigned int *num)
-{
-	CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
-	    (block128_f)Camellia_encrypt);
-}
diff --git a/lib/libssl/src/crypto/camellia/cmll_ecb.c b/lib/libssl/src/crypto/camellia/cmll_ecb.c
deleted file mode 100644
index 1a654452027..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_ecb.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/* $OpenBSD: cmll_ecb.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-void
-Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    const CAMELLIA_KEY *key, const int enc)
-{
-	if (CAMELLIA_ENCRYPT == enc)
-		Camellia_encrypt(in, out, key);
-	else
-		Camellia_decrypt(in, out, key);
-}
diff --git a/lib/libssl/src/crypto/camellia/cmll_locl.h b/lib/libssl/src/crypto/camellia/cmll_locl.h
deleted file mode 100644
index 8a4f540fbc0..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_locl.h
+++ /dev/null
@@ -1,85 +0,0 @@
-/* $OpenBSD: cmll_locl.h,v 1.5 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) . 
- * ALL RIGHTS RESERVED.
- *
- * Intellectual Property information for Camellia:
- *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
- *
- * News Release for Announcement of Camellia open source:
- *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
- *
- * The Camellia Code included herein is developed by
- * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
- * to the OpenSSL project.
- *
- * The Camellia Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CAMELLIA_LOCL_H
-#define HEADER_CAMELLIA_LOCL_H
-
-typedef unsigned int  u32;
-typedef unsigned char u8;
-
-int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
-	    KEY_TABLE_TYPE keyTable);
-void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
-	    const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
-	    const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
-	    const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
-void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
-	    const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
-
-#endif /* #ifndef HEADER_CAMELLIA_LOCL_H */
diff --git a/lib/libssl/src/crypto/camellia/cmll_misc.c b/lib/libssl/src/crypto/camellia/cmll_misc.c
deleted file mode 100644
index 2fa61dc6378..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_misc.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* $OpenBSD: cmll_misc.c,v 1.6 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include <openssl/camellia.h>
-#include "cmll_locl.h"
-
-int
-Camellia_set_key(const unsigned char *userKey, const int bits,
-    CAMELLIA_KEY *key)
-{
-	if (userKey == NULL || key == NULL)
-		return -1;
-	if (bits != 128 && bits != 192 && bits != 256)
-		return -2;
-	key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
-	return 0;
-}
-
-void
-Camellia_encrypt(const unsigned char *in, unsigned char *out,
-    const CAMELLIA_KEY *key)
-{
-	Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
-
-void
-Camellia_decrypt(const unsigned char *in, unsigned char *out,
-    const CAMELLIA_KEY *key)
-{
-	Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
-}
diff --git a/lib/libssl/src/crypto/camellia/cmll_ofb.c b/lib/libssl/src/crypto/camellia/cmll_ofb.c
deleted file mode 100644
index cd3a65e2fad..00000000000
--- a/lib/libssl/src/crypto/camellia/cmll_ofb.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* $OpenBSD: cmll_ofb.c,v 1.4 2014/11/13 20:01:58 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/camellia.h>
-#include <openssl/modes.h>
-
-/*
- * The input and output encrypted as though 128bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-void
-Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const CAMELLIA_KEY *key, unsigned char *ivec, int *num)
-{
-	CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
-	    (block128_f)Camellia_encrypt);
-}
diff --git a/lib/libssl/src/crypto/cast/asm/cast-586.pl b/lib/libssl/src/crypto/cast/asm/cast-586.pl
deleted file mode 100644
index 7a0083ecb82..00000000000
--- a/lib/libssl/src/crypto/cast/asm/cast-586.pl
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/local/bin/perl
-
-# define for pentium pro friendly version
-$ppro=1;
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-
-&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386");
-
-$CAST_ROUNDS=16;
-$L="edi";
-$R="esi";
-$K="ebp";
-$tmp1="ecx";
-$tmp2="ebx";
-$tmp3="eax";
-$tmp4="edx";
-$S1="CAST_S_table0";
-$S2="CAST_S_table1";
-$S3="CAST_S_table2";
-$S4="CAST_S_table3";
-
-@F1=("add","xor","sub");
-@F2=("xor","sub","add");
-@F3=("sub","add","xor");
-
-&CAST_encrypt("CAST_encrypt",1);
-&CAST_encrypt("CAST_decrypt",0);
-&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1) unless $main'openbsd;
-
-&asm_finish();
-
-sub CAST_encrypt {
-    local($name,$enc)=@_;
-
-    local($win_ex)=<<"EOF";
-EXTERN	_CAST_S_table0:DWORD
-EXTERN	_CAST_S_table1:DWORD
-EXTERN	_CAST_S_table2:DWORD
-EXTERN	_CAST_S_table3:DWORD
-EOF
-    &main::external_label(
-			  "CAST_S_table0",
-			  "CAST_S_table1",
-			  "CAST_S_table2",
-			  "CAST_S_table3",
-			  );
-
-    &function_begin_B($name,$win_ex);
-
-    &comment("");
-
-    &push("ebp");
-    &push("ebx");
-    &mov($tmp2,&wparam(0));
-    &mov($K,&wparam(1));
-    &push("esi");
-    &push("edi");
-
-    &comment("Load the 2 words");
-    &mov($L,&DWP(0,$tmp2,"",0));
-    &mov($R,&DWP(4,$tmp2,"",0));
-
-    &comment('Get short key flag');
-    &mov($tmp3,&DWP(128,$K,"",0));
-    if($enc) {
-	&push($tmp3);
-    } else {
-	&or($tmp3,$tmp3);
-	&jnz(&label('cast_dec_skip'));
-    }
-
-    &xor($tmp3,	$tmp3);
-
-    # encrypting part
-
-    if ($enc) {
-	&E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&comment('test short key flag');
-	&pop($tmp4);
-	&or($tmp4,$tmp4);
-	&jnz(&label('cast_enc_done'));
-	&E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-    } else {
-	&E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&set_label('cast_dec_skip');
-	&E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
-	&E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
-    }
-
-    &set_label('cast_enc_done') if $enc;
-# Why the nop? - Ben 17/1/99
-    &nop();
-    &mov($tmp3,&wparam(0));
-    &mov(&DWP(4,$tmp3,"",0),$L);
-    &mov(&DWP(0,$tmp3,"",0),$R);
-    &function_end($name);
-}
-
-sub E_CAST {
-    local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_;
-    # Ri needs to have 16 pre added.
-
-    &comment("round $i");
-    &mov(	$tmp4,		&DWP($i*8,$K,"",1));
-
-    &mov(	$tmp1,		&DWP($i*8+4,$K,"",1));
-    &$OP1(	$tmp4,		$R);
-
-    &rotl(	$tmp4,		&LB($tmp1));
-
-    if ($ppro) {
-	&mov(	$tmp2,		$tmp4);		# B
-	&xor(	$tmp1,		$tmp1);
-	
-	&movb(	&LB($tmp1),	&HB($tmp4));	# A
-	&and(	$tmp2,		0xff);
-
-	&shr(	$tmp4,		16); 		#
-	&xor(	$tmp3,		$tmp3);
-    } else {
-	&mov(	$tmp2,		$tmp4);		# B
-	&movb(	&LB($tmp1),	&HB($tmp4));	# A	# BAD BAD BAD
-	
-	&shr(	$tmp4,		16); 		#
-	&and(	$tmp2,		0xff);
-    }
-
-    &movb(	&LB($tmp3),	&HB($tmp4));	# C	# BAD BAD BAD
-    &and(	$tmp4,		0xff);		# D
-
-    &mov(	$tmp1,		&DWP($S1,"",$tmp1,4));
-    &mov(	$tmp2,		&DWP($S2,"",$tmp2,4));
-
-    &$OP2(	$tmp1,		$tmp2);
-    &mov(	$tmp2,		&DWP($S3,"",$tmp3,4));
-
-    &$OP3(	$tmp1,		$tmp2);
-    &mov(	$tmp2,		&DWP($S4,"",$tmp4,4));
-
-    &$OP1(	$tmp1,		$tmp2);
-    # XXX
-
-    &xor(	$L,		$tmp1);
-    # XXX
-}
-
diff --git a/lib/libssl/src/crypto/cast/c_cfb64.c b/lib/libssl/src/crypto/cast/c_cfb64.c
deleted file mode 100644
index 726d19e0053..00000000000
--- a/lib/libssl/src/crypto/cast/c_cfb64.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* $OpenBSD: c_cfb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num, int enc)
-	{
-	CAST_LONG v0,v1,t;
-	int n= *num;
-	long l=length;
-	CAST_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=ivec;
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				CAST_encrypt((CAST_LONG *)ti,schedule);
-				iv=ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				CAST_encrypt((CAST_LONG *)ti,schedule);
-				iv=ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
diff --git a/lib/libssl/src/crypto/cast/c_ecb.c b/lib/libssl/src/crypto/cast/c_ecb.c
deleted file mode 100644
index c3a01b71ae1..00000000000
--- a/lib/libssl/src/crypto/cast/c_ecb.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: c_ecb.c,v 1.7 2014/07/09 11:10:50 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include <openssl/opensslv.h>
-
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
-		      const CAST_KEY *ks, int enc)
-	{
-	CAST_LONG l,d[2];
-
-	n2l(in,l); d[0]=l;
-	n2l(in,l); d[1]=l;
-	if (enc)
-		CAST_encrypt(d,ks);
-	else
-		CAST_decrypt(d,ks);
-	l=d[0]; l2n(l,out);
-	l=d[1]; l2n(l,out);
-	l=d[0]=d[1]=0;
-	}
diff --git a/lib/libssl/src/crypto/cast/c_enc.c b/lib/libssl/src/crypto/cast/c_enc.c
deleted file mode 100644
index 5999a590317..00000000000
--- a/lib/libssl/src/crypto/cast/c_enc.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* $OpenBSD: c_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-#ifndef OPENBSD_CAST_ASM
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
-	{
-	CAST_LONG l,r,t;
-	const CAST_LONG *k;
-
-	k= &(key->data[0]);
-	l=data[0];
-	r=data[1];
-
-	E_CAST( 0,k,l,r,+,^,-);
-	E_CAST( 1,k,r,l,^,-,+);
-	E_CAST( 2,k,l,r,-,+,^);
-	E_CAST( 3,k,r,l,+,^,-);
-	E_CAST( 4,k,l,r,^,-,+);
-	E_CAST( 5,k,r,l,-,+,^);
-	E_CAST( 6,k,l,r,+,^,-);
-	E_CAST( 7,k,r,l,^,-,+);
-	E_CAST( 8,k,l,r,-,+,^);
-	E_CAST( 9,k,r,l,+,^,-);
-	E_CAST(10,k,l,r,^,-,+);
-	E_CAST(11,k,r,l,-,+,^);
-	if(!key->short_key)
-	    {
-	    E_CAST(12,k,l,r,+,^,-);
-	    E_CAST(13,k,r,l,^,-,+);
-	    E_CAST(14,k,l,r,-,+,^);
-	    E_CAST(15,k,r,l,+,^,-);
-	    }
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-	}
-
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key)
-	{
-	CAST_LONG l,r,t;
-	const CAST_LONG *k;
-
-	k= &(key->data[0]);
-	l=data[0];
-	r=data[1];
-
-	if(!key->short_key)
-	    {
-	    E_CAST(15,k,l,r,+,^,-);
-	    E_CAST(14,k,r,l,-,+,^);
-	    E_CAST(13,k,l,r,^,-,+);
-	    E_CAST(12,k,r,l,+,^,-);
-	    }
-	E_CAST(11,k,l,r,-,+,^);
-	E_CAST(10,k,r,l,^,-,+);
-	E_CAST( 9,k,l,r,+,^,-);
-	E_CAST( 8,k,r,l,-,+,^);
-	E_CAST( 7,k,l,r,^,-,+);
-	E_CAST( 6,k,r,l,+,^,-);
-	E_CAST( 5,k,l,r,-,+,^);
-	E_CAST( 4,k,r,l,^,-,+);
-	E_CAST( 3,k,l,r,+,^,-);
-	E_CAST( 2,k,r,l,-,+,^);
-	E_CAST( 1,k,l,r,^,-,+);
-	E_CAST( 0,k,r,l,+,^,-);
-
-	data[1]=l&0xffffffffL;
-	data[0]=r&0xffffffffL;
-	}
-#endif
-
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     const CAST_KEY *ks, unsigned char *iv, int enc)
-	{
-	CAST_LONG tin0,tin1;
-	CAST_LONG tout0,tout1,xor0,xor1;
-	long l=length;
-	CAST_LONG tin[2];
-
-	if (enc)
-		{
-		n2l(iv,tout0);
-		n2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_encrypt(tin,ks);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_encrypt(tin,ks);
-			tout0=tin[0];
-			tout1=tin[1];
-			l2n(tout0,out);
-			l2n(tout1,out);
-			}
-		l2n(tout0,iv);
-		l2n(tout1,iv);
-		}
-	else
-		{
-		n2l(iv,xor0);
-		n2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin[0]=tin0;
-			tin[1]=tin1;
-			CAST_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,iv);
-		l2n(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
diff --git a/lib/libssl/src/crypto/cast/c_ofb64.c b/lib/libssl/src/crypto/cast/c_ofb64.c
deleted file mode 100644
index 611425a6682..00000000000
--- a/lib/libssl/src/crypto/cast/c_ofb64.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: c_ofb64.c,v 1.5 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num)
-	{
-	CAST_LONG v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned char d[8];
-	char *dp;
-	CAST_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			CAST_encrypt((CAST_LONG *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
diff --git a/lib/libssl/src/crypto/cast/c_skey.c b/lib/libssl/src/crypto/cast/c_skey.c
deleted file mode 100644
index 1cea8c8ab06..00000000000
--- a/lib/libssl/src/crypto/cast/c_skey.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* $OpenBSD: c_skey.c,v 1.11 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/cast.h>
-#include "cast_lcl.h"
-#include "cast_s.h"
-
-#define CAST_exp(l,A,a,n) \
-	A[n/4]=l; \
-	a[n+3]=(l    )&0xff; \
-	a[n+2]=(l>> 8)&0xff; \
-	a[n+1]=(l>>16)&0xff; \
-	a[n+0]=(l>>24)&0xff;
-
-#define S4 CAST_S_table4
-#define S5 CAST_S_table5
-#define S6 CAST_S_table6
-#define S7 CAST_S_table7
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
-	{
-	CAST_LONG x[16];
-	CAST_LONG z[16];
-	CAST_LONG k[32];
-	CAST_LONG X[4],Z[4];
-	CAST_LONG l,*K;
-	int i;
-
-	for (i=0; i<16; i++) x[i]=0;
-	if (len > 16) len=16;
-	for (i=0; i<len; i++)
-		x[i]=data[i];
-	if(len <= 10)
-	    key->short_key=1;
-	else
-	    key->short_key=0;
-
-	K= &k[0];
-	X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
-	X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
-	X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
-	X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
-
-	for (;;)
-		{
-	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
-	CAST_exp(l,Z,z, 0);
-	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
-	CAST_exp(l,Z,z, 4);
-	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
-	CAST_exp(l,Z,z, 8);
-	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
-	CAST_exp(l,Z,z,12);
-
-	K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
-	K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
-	K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
-	K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
-
-	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
-	CAST_exp(l,X,x, 0);
-	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
-	CAST_exp(l,X,x, 4);
-	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
-	CAST_exp(l,X,x, 8);
-	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
-	CAST_exp(l,X,x,12);
-
-	K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
-	K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
-	K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
-	K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
-
-	l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
-	CAST_exp(l,Z,z, 0);
-	l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
-	CAST_exp(l,Z,z, 4);
-	l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
-	CAST_exp(l,Z,z, 8);
-	l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
-	CAST_exp(l,Z,z,12);
-
-	K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
-	K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
-	K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
-	K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
-
-	l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
-	CAST_exp(l,X,x, 0);
-	l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
-	CAST_exp(l,X,x, 4);
-	l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
-	CAST_exp(l,X,x, 8);
-	l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
-	CAST_exp(l,X,x,12);
-
-	K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
-	K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
-	K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
-	K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
-	if (K != k)  break;
-	K+=16;
-		}
-
-	for (i=0; i<16; i++)
-		{
-		key->data[i*2]=k[i];
-		key->data[i*2+1]=((k[i+16])+16)&0x1f;
-		}
-	}
-
diff --git a/lib/libssl/src/crypto/cast/cast.h b/lib/libssl/src/crypto/cast/cast.h
deleted file mode 100644
index 1043c7f24f4..00000000000
--- a/lib/libssl/src/crypto/cast/cast.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/* $OpenBSD: cast.h,v 1.12 2014/07/10 22:45:56 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CAST_H
-#define HEADER_CAST_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_CAST
-#error CAST is disabled.
-#endif
-
-#define CAST_ENCRYPT	1
-#define CAST_DECRYPT	0
-
-#define CAST_LONG unsigned int
-
-#define CAST_BLOCK	8
-#define CAST_KEY_LENGTH	16
-
-typedef struct cast_key_st
-	{
-	CAST_LONG data[32];
-	int short_key;	/* Use reduced rounds for short key */
-	} CAST_KEY;
-
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
-void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, const CAST_KEY *key,
-		      int enc);
-void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
-void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		      const CAST_KEY *ks, unsigned char *iv, int enc);
-void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num, int enc);
-void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
-			long length, const CAST_KEY *schedule, unsigned char *ivec,
-			int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/cast/cast_lcl.h b/lib/libssl/src/crypto/cast/cast_lcl.h
deleted file mode 100644
index ad4e2fede9f..00000000000
--- a/lib/libssl/src/crypto/cast/cast_lcl.h
+++ /dev/null
@@ -1,216 +0,0 @@
-/* $OpenBSD: cast_lcl.h,v 1.11 2015/11/05 21:46:51 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* only invoked with 0 <= n <= 31 */
-#define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
-
-#define C_M    0x3fc
-#define C_0    22L
-#define C_1    14L
-#define C_2     6L
-#define C_3     2L /* left shift */
-
-/* The rotate has an extra 16 added to it to help the x86 asm */
-#if defined(CAST_PTR)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	int i; \
-	t=(key[n*2] OP1 R)&0xffffffffL; \
-	i=key[n*2+1]; \
-	t=ROTL(t,i); \
-	L^= (((((*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table0+((t>>C_2)&C_M)) OP2 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
-		*(CAST_LONG *)((unsigned char *) \
-			CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
-	}
-#elif defined(CAST_PTR2)
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	int i; \
-	CAST_LONG u,v,w; \
-	w=(key[n*2] OP1 R)&0xffffffffL; \
-	i=key[n*2+1]; \
-	w=ROTL(w,i); \
-	u=w>>C_2; \
-	v=w<<C_3; \
-	u&=C_M; \
-	v&=C_M; \
-	t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
-	u=w>>C_0; \
-	t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
-	v=w>>C_1; \
-	u&=C_M; \
-	v&=C_M; \
-	t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
-	t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
-	L^=(t&0xffffffff); \
-	}
-#else
-#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
-	{ \
-	CAST_LONG a,b,c,d; \
-	t=(key[n*2] OP1 R)&0xffffffff; \
-	t=ROTL(t,(key[n*2+1])); \
-	a=CAST_S_table0[(t>> 8)&0xff]; \
-	b=CAST_S_table1[(t    )&0xff]; \
-	c=CAST_S_table2[(t>>24)&0xff]; \
-	d=CAST_S_table3[(t>>16)&0xff]; \
-	L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
-	}
-#endif
-
-extern const CAST_LONG CAST_S_table0[256];
-extern const CAST_LONG CAST_S_table1[256];
-extern const CAST_LONG CAST_S_table2[256];
-extern const CAST_LONG CAST_S_table3[256];
-extern const CAST_LONG CAST_S_table4[256];
-extern const CAST_LONG CAST_S_table5[256];
-extern const CAST_LONG CAST_S_table6[256];
-extern const CAST_LONG CAST_S_table7[256];
diff --git a/lib/libssl/src/crypto/cast/cast_s.h b/lib/libssl/src/crypto/cast/cast_s.h
deleted file mode 100644
index 7d4e220e322..00000000000
--- a/lib/libssl/src/crypto/cast/cast_s.h
+++ /dev/null
@@ -1,585 +0,0 @@
-/* $OpenBSD: cast_s.h,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-const CAST_LONG CAST_S_table0[256]={
-	0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
-	0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
-	0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
-	0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
-	0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
-	0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
-	0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
-	0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
-	0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
-	0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
-	0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
-	0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
-	0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
-	0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
-	0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
-	0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
-	0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
-	0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
-	0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
-	0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
-	0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
-	0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
-	0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
-	0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
-	0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
-	0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
-	0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
-	0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
-	0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
-	0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
-	0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
-	0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
-	0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
-	0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
-	0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
-	0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
-	0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
-	0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
-	0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
-	0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
-	0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
-	0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
-	0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
-	0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
-	0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
-	0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
-	0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
-	0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
-	0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
-	0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
-	0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
-	0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
-	0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
-	0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
-	0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
-	0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
-	0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
-	0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
-	0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
-	0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
-	0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
-	0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
-	0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
-	0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
-	};
-const CAST_LONG CAST_S_table1[256]={
-	0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
-	0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
-	0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
-	0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
-	0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
-	0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
-	0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
-	0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
-	0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
-	0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
-	0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
-	0x62143154,0x0d554b63,0x5d681121,0xc866c359,
-	0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
-	0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
-	0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
-	0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
-	0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
-	0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
-	0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
-	0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
-	0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
-	0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
-	0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
-	0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
-	0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
-	0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
-	0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
-	0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
-	0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
-	0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
-	0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
-	0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
-	0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
-	0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
-	0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
-	0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
-	0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
-	0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
-	0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
-	0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
-	0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
-	0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
-	0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
-	0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
-	0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
-	0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
-	0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
-	0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
-	0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
-	0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
-	0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
-	0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
-	0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
-	0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
-	0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
-	0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
-	0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
-	0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
-	0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
-	0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
-	0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
-	0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
-	0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
-	0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
-	};
-const CAST_LONG CAST_S_table2[256]={
-	0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
-	0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
-	0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
-	0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
-	0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
-	0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
-	0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
-	0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
-	0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
-	0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
-	0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
-	0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
-	0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
-	0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
-	0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
-	0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
-	0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
-	0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
-	0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
-	0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
-	0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
-	0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
-	0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
-	0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
-	0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
-	0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
-	0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
-	0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
-	0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
-	0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
-	0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
-	0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
-	0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
-	0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
-	0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
-	0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
-	0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
-	0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
-	0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
-	0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
-	0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
-	0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
-	0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
-	0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
-	0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
-	0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
-	0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
-	0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
-	0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
-	0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
-	0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
-	0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
-	0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
-	0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
-	0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
-	0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
-	0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
-	0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
-	0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
-	0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
-	0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
-	0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
-	0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
-	0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
-	};
-const CAST_LONG CAST_S_table3[256]={
-	0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
-	0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
-	0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
-	0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
-	0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
-	0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
-	0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
-	0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
-	0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
-	0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
-	0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
-	0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
-	0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
-	0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
-	0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
-	0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
-	0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
-	0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
-	0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
-	0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
-	0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
-	0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
-	0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
-	0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
-	0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
-	0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
-	0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
-	0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
-	0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
-	0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
-	0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
-	0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
-	0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
-	0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
-	0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
-	0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
-	0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
-	0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
-	0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
-	0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
-	0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
-	0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
-	0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
-	0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
-	0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
-	0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
-	0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
-	0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
-	0x109873f6,0x00613096,0xc32d9521,0xada121ff,
-	0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
-	0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
-	0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
-	0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
-	0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
-	0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
-	0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
-	0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
-	0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
-	0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
-	0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
-	0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
-	0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
-	0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
-	0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
-	};
-const CAST_LONG CAST_S_table4[256]={
-	0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
-	0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
-	0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
-	0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
-	0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
-	0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
-	0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
-	0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
-	0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
-	0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
-	0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
-	0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
-	0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
-	0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
-	0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
-	0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
-	0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
-	0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
-	0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
-	0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
-	0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
-	0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
-	0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
-	0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
-	0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
-	0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
-	0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
-	0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
-	0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
-	0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
-	0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
-	0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
-	0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
-	0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
-	0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
-	0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
-	0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
-	0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
-	0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
-	0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
-	0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
-	0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
-	0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
-	0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
-	0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
-	0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
-	0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
-	0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
-	0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
-	0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
-	0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
-	0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
-	0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
-	0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
-	0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
-	0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
-	0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
-	0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
-	0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
-	0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
-	0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
-	0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
-	0xe822fe15,0x88570983,0x750e6249,0xda627e55,
-	0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
-	};
-const CAST_LONG CAST_S_table5[256]={
-	0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
-	0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
-	0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
-	0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
-	0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
-	0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
-	0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
-	0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
-	0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
-	0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
-	0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
-	0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
-	0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
-	0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
-	0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
-	0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
-	0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
-	0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
-	0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
-	0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
-	0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
-	0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
-	0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
-	0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
-	0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
-	0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
-	0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
-	0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
-	0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
-	0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
-	0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
-	0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
-	0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
-	0x20951063,0x4576698d,0xb6fad407,0x592af950,
-	0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
-	0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
-	0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
-	0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
-	0x7dede786,0xc39a3373,0x42410005,0x6a091751,
-	0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
-	0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
-	0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
-	0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
-	0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
-	0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
-	0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
-	0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
-	0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
-	0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
-	0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
-	0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
-	0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
-	0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
-	0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
-	0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
-	0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
-	0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
-	0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
-	0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
-	0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
-	0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
-	0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
-	0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
-	0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
-	};
-const CAST_LONG CAST_S_table6[256]={
-	0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
-	0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
-	0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
-	0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
-	0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
-	0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
-	0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
-	0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
-	0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
-	0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
-	0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
-	0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
-	0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
-	0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
-	0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
-	0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
-	0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
-	0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
-	0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
-	0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
-	0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
-	0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
-	0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
-	0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
-	0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
-	0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
-	0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
-	0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
-	0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
-	0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
-	0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
-	0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
-	0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
-	0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
-	0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
-	0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
-	0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
-	0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
-	0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
-	0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
-	0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
-	0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
-	0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
-	0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
-	0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
-	0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
-	0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
-	0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
-	0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
-	0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
-	0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
-	0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
-	0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
-	0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
-	0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
-	0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
-	0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
-	0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
-	0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
-	0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
-	0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
-	0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
-	0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
-	0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
-	};
-const CAST_LONG CAST_S_table7[256]={
-	0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
-	0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
-	0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
-	0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
-	0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
-	0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
-	0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
-	0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
-	0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
-	0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
-	0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
-	0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
-	0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
-	0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
-	0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
-	0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
-	0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
-	0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
-	0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
-	0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
-	0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
-	0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
-	0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
-	0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
-	0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
-	0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
-	0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
-	0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
-	0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
-	0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
-	0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
-	0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
-	0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
-	0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
-	0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
-	0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
-	0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
-	0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
-	0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
-	0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
-	0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
-	0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
-	0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
-	0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
-	0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
-	0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
-	0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
-	0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
-	0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
-	0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
-	0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
-	0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
-	0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
-	0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
-	0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
-	0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
-	0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
-	0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
-	0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
-	0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
-	0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
-	0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
-	0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
-	0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
-	};
diff --git a/lib/libssl/src/crypto/chacha/chacha-merged.c b/lib/libssl/src/crypto/chacha/chacha-merged.c
deleted file mode 100644
index 557dfd5b568..00000000000
--- a/lib/libssl/src/crypto/chacha/chacha-merged.c
+++ /dev/null
@@ -1,270 +0,0 @@
-/* $OpenBSD: chacha-merged.c,v 1.7 2014/07/11 08:47:47 bcook Exp $ */
-/*
-chacha-merged.c version 20080118
-D. J. Bernstein
-Public domain.
-*/
-
-#include <sys/types.h>
-
-#include <stdint.h>
-
-#define CHACHA_MINKEYLEN 	16
-#define CHACHA_NONCELEN		8
-#define CHACHA_CTRLEN		8
-#define CHACHA_STATELEN		(CHACHA_NONCELEN+CHACHA_CTRLEN)
-#define CHACHA_BLOCKLEN		64
-
-struct chacha_ctx {
-	u_int input[16];
-	uint8_t ks[CHACHA_BLOCKLEN];
-	uint8_t unused;
-};
-
-static inline void chacha_keysetup(struct chacha_ctx *x, const u_char *k,
-    u_int kbits)
-    __attribute__((__bounded__(__minbytes__, 2, CHACHA_MINKEYLEN)));
-static inline void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv,
-    const u_char *ctr)
-    __attribute__((__bounded__(__minbytes__, 2, CHACHA_NONCELEN)))
-    __attribute__((__bounded__(__minbytes__, 3, CHACHA_CTRLEN)));
-static inline void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m,
-    u_char *c, u_int bytes)
-    __attribute__((__bounded__(__buffer__, 2, 4)))
-    __attribute__((__bounded__(__buffer__, 3, 4)));
-
-typedef unsigned char u8;
-typedef unsigned int u32;
-
-typedef struct chacha_ctx chacha_ctx;
-
-#define U8C(v) (v##U)
-#define U32C(v) (v##U)
-
-#define U8V(v) ((u8)(v) & U8C(0xFF))
-#define U32V(v) ((u32)(v) & U32C(0xFFFFFFFF))
-
-#define ROTL32(v, n) \
-  (U32V((v) << (n)) | ((v) >> (32 - (n))))
-
-#define U8TO32_LITTLE(p) \
-  (((u32)((p)[0])) | \
-   ((u32)((p)[1]) <<  8) | \
-   ((u32)((p)[2]) << 16) | \
-   ((u32)((p)[3]) << 24))
-
-#define U32TO8_LITTLE(p, v) \
-  do { \
-    (p)[0] = U8V((v)); \
-    (p)[1] = U8V((v) >>  8); \
-    (p)[2] = U8V((v) >> 16); \
-    (p)[3] = U8V((v) >> 24); \
-  } while (0)
-
-#define ROTATE(v,c) (ROTL32(v,c))
-#define XOR(v,w) ((v) ^ (w))
-#define PLUS(v,w) (U32V((v) + (w)))
-#define PLUSONE(v) (PLUS((v),1))
-
-#define QUARTERROUND(a,b,c,d) \
-  a = PLUS(a,b); d = ROTATE(XOR(d,a),16); \
-  c = PLUS(c,d); b = ROTATE(XOR(b,c),12); \
-  a = PLUS(a,b); d = ROTATE(XOR(d,a), 8); \
-  c = PLUS(c,d); b = ROTATE(XOR(b,c), 7);
-
-static const char sigma[16] = "expand 32-byte k";
-static const char tau[16] = "expand 16-byte k";
-
-static inline void
-chacha_keysetup(chacha_ctx *x, const u8 *k, u32 kbits)
-{
-	const char *constants;
-
-	x->input[4] = U8TO32_LITTLE(k + 0);
-	x->input[5] = U8TO32_LITTLE(k + 4);
-	x->input[6] = U8TO32_LITTLE(k + 8);
-	x->input[7] = U8TO32_LITTLE(k + 12);
-	if (kbits == 256) { /* recommended */
-		k += 16;
-		constants = sigma;
-	} else { /* kbits == 128 */
-		constants = tau;
-	}
-	x->input[8] = U8TO32_LITTLE(k + 0);
-	x->input[9] = U8TO32_LITTLE(k + 4);
-	x->input[10] = U8TO32_LITTLE(k + 8);
-	x->input[11] = U8TO32_LITTLE(k + 12);
-	x->input[0] = U8TO32_LITTLE(constants + 0);
-	x->input[1] = U8TO32_LITTLE(constants + 4);
-	x->input[2] = U8TO32_LITTLE(constants + 8);
-	x->input[3] = U8TO32_LITTLE(constants + 12);
-}
-
-static inline void
-chacha_ivsetup(chacha_ctx *x, const u8 *iv, const u8 *counter)
-{
-	x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0);
-	x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4);
-	x->input[14] = U8TO32_LITTLE(iv + 0);
-	x->input[15] = U8TO32_LITTLE(iv + 4);
-}
-
-static inline void
-chacha_encrypt_bytes(chacha_ctx *x, const u8 *m, u8 *c, u32 bytes)
-{
-	u32 x0, x1, x2, x3, x4, x5, x6, x7;
-	u32 x8, x9, x10, x11, x12, x13, x14, x15;
-	u32 j0, j1, j2, j3, j4, j5, j6, j7;
-	u32 j8, j9, j10, j11, j12, j13, j14, j15;
-	u8 *ctarget = NULL;
-	u8 tmp[64];
-	u_int i;
-
-	if (!bytes)
-		return;
-
-	j0 = x->input[0];
-	j1 = x->input[1];
-	j2 = x->input[2];
-	j3 = x->input[3];
-	j4 = x->input[4];
-	j5 = x->input[5];
-	j6 = x->input[6];
-	j7 = x->input[7];
-	j8 = x->input[8];
-	j9 = x->input[9];
-	j10 = x->input[10];
-	j11 = x->input[11];
-	j12 = x->input[12];
-	j13 = x->input[13];
-	j14 = x->input[14];
-	j15 = x->input[15];
-
-	for (;;) {
-		if (bytes < 64) {
-			for (i = 0; i < bytes; ++i)
-				tmp[i] = m[i];
-			m = tmp;
-			ctarget = c;
-			c = tmp;
-		}
-		x0 = j0;
-		x1 = j1;
-		x2 = j2;
-		x3 = j3;
-		x4 = j4;
-		x5 = j5;
-		x6 = j6;
-		x7 = j7;
-		x8 = j8;
-		x9 = j9;
-		x10 = j10;
-		x11 = j11;
-		x12 = j12;
-		x13 = j13;
-		x14 = j14;
-		x15 = j15;
-		for (i = 20; i > 0; i -= 2) {
-			QUARTERROUND(x0, x4, x8, x12)
-			QUARTERROUND(x1, x5, x9, x13)
-			QUARTERROUND(x2, x6, x10, x14)
-			QUARTERROUND(x3, x7, x11, x15)
-			QUARTERROUND(x0, x5, x10, x15)
-			QUARTERROUND(x1, x6, x11, x12)
-			QUARTERROUND(x2, x7, x8, x13)
-			QUARTERROUND(x3, x4, x9, x14)
-		}
-		x0 = PLUS(x0, j0);
-		x1 = PLUS(x1, j1);
-		x2 = PLUS(x2, j2);
-		x3 = PLUS(x3, j3);
-		x4 = PLUS(x4, j4);
-		x5 = PLUS(x5, j5);
-		x6 = PLUS(x6, j6);
-		x7 = PLUS(x7, j7);
-		x8 = PLUS(x8, j8);
-		x9 = PLUS(x9, j9);
-		x10 = PLUS(x10, j10);
-		x11 = PLUS(x11, j11);
-		x12 = PLUS(x12, j12);
-		x13 = PLUS(x13, j13);
-		x14 = PLUS(x14, j14);
-		x15 = PLUS(x15, j15);
-
-		if (bytes < 64) {
-			U32TO8_LITTLE(x->ks + 0, x0);
-			U32TO8_LITTLE(x->ks + 4, x1);
-			U32TO8_LITTLE(x->ks + 8, x2);
-			U32TO8_LITTLE(x->ks + 12, x3);
-			U32TO8_LITTLE(x->ks + 16, x4);
-			U32TO8_LITTLE(x->ks + 20, x5);
-			U32TO8_LITTLE(x->ks + 24, x6);
-			U32TO8_LITTLE(x->ks + 28, x7);
-			U32TO8_LITTLE(x->ks + 32, x8);
-			U32TO8_LITTLE(x->ks + 36, x9);
-			U32TO8_LITTLE(x->ks + 40, x10);
-			U32TO8_LITTLE(x->ks + 44, x11);
-			U32TO8_LITTLE(x->ks + 48, x12);
-			U32TO8_LITTLE(x->ks + 52, x13);
-			U32TO8_LITTLE(x->ks + 56, x14);
-			U32TO8_LITTLE(x->ks + 60, x15);
-		}
-
-		x0 = XOR(x0, U8TO32_LITTLE(m + 0));
-		x1 = XOR(x1, U8TO32_LITTLE(m + 4));
-		x2 = XOR(x2, U8TO32_LITTLE(m + 8));
-		x3 = XOR(x3, U8TO32_LITTLE(m + 12));
-		x4 = XOR(x4, U8TO32_LITTLE(m + 16));
-		x5 = XOR(x5, U8TO32_LITTLE(m + 20));
-		x6 = XOR(x6, U8TO32_LITTLE(m + 24));
-		x7 = XOR(x7, U8TO32_LITTLE(m + 28));
-		x8 = XOR(x8, U8TO32_LITTLE(m + 32));
-		x9 = XOR(x9, U8TO32_LITTLE(m + 36));
-		x10 = XOR(x10, U8TO32_LITTLE(m + 40));
-		x11 = XOR(x11, U8TO32_LITTLE(m + 44));
-		x12 = XOR(x12, U8TO32_LITTLE(m + 48));
-		x13 = XOR(x13, U8TO32_LITTLE(m + 52));
-		x14 = XOR(x14, U8TO32_LITTLE(m + 56));
-		x15 = XOR(x15, U8TO32_LITTLE(m + 60));
-
-		j12 = PLUSONE(j12);
-		if (!j12) {
-			j13 = PLUSONE(j13);
-			/*
-			 * Stopping at 2^70 bytes per nonce is the user's
-			 * responsibility.
-			 */
-		}
-
-		U32TO8_LITTLE(c + 0, x0);
-		U32TO8_LITTLE(c + 4, x1);
-		U32TO8_LITTLE(c + 8, x2);
-		U32TO8_LITTLE(c + 12, x3);
-		U32TO8_LITTLE(c + 16, x4);
-		U32TO8_LITTLE(c + 20, x5);
-		U32TO8_LITTLE(c + 24, x6);
-		U32TO8_LITTLE(c + 28, x7);
-		U32TO8_LITTLE(c + 32, x8);
-		U32TO8_LITTLE(c + 36, x9);
-		U32TO8_LITTLE(c + 40, x10);
-		U32TO8_LITTLE(c + 44, x11);
-		U32TO8_LITTLE(c + 48, x12);
-		U32TO8_LITTLE(c + 52, x13);
-		U32TO8_LITTLE(c + 56, x14);
-		U32TO8_LITTLE(c + 60, x15);
-
-		if (bytes <= 64) {
-			if (bytes < 64) {
-				for (i = 0; i < bytes; ++i)
-					ctarget[i] = c[i];
-			}
-			x->input[12] = j12;
-			x->input[13] = j13;
-			x->unused = 64 - bytes;
-			return;
-		}
-		bytes -= 64;
-		c += 64;
-		m += 64;
-	}
-}
diff --git a/lib/libssl/src/crypto/chacha/chacha.c b/lib/libssl/src/crypto/chacha/chacha.c
deleted file mode 100644
index 0c384ab88af..00000000000
--- a/lib/libssl/src/crypto/chacha/chacha.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: chacha.c,v 1.7 2015/12/09 14:07:55 bcook Exp $ */
-/*
- * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <stdint.h>
-
-#include <openssl/chacha.h>
-
-#include "chacha-merged.c"
-
-void
-ChaCha_set_key(ChaCha_ctx *ctx, const unsigned char *key, uint32_t keybits)
-{
-	chacha_keysetup((chacha_ctx *)ctx, key, keybits);
-	ctx->unused = 0;
-}
-
-void
-ChaCha_set_iv(ChaCha_ctx *ctx, const unsigned char *iv,
-    const unsigned char *counter)
-{
-	chacha_ivsetup((chacha_ctx *)ctx, iv, counter);
-	ctx->unused = 0;
-}
-
-void
-ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in, size_t len)
-{
-	unsigned char *k;
-	int i, l;
-
-	/* Consume remaining keystream, if any exists. */
-	if (ctx->unused > 0) {
-		k = ctx->ks + 64 - ctx->unused;
-		l = (len > ctx->unused) ? ctx->unused : len;
-		for (i = 0; i < l; i++)
-			*(out++) = *(in++) ^ *(k++);
-		ctx->unused -= l;
-		len -= l;
-	}
-
-	chacha_encrypt_bytes((chacha_ctx *)ctx, in, out, (uint32_t)len);
-}
-
-void
-CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len,
-    const unsigned char key[32], const unsigned char iv[8], uint64_t counter)
-{
-	struct chacha_ctx ctx;
-
-	/*
-	 * chacha_ivsetup expects the counter to be in u8. Rather than
-	 * converting size_t to u8 and then back again, pass a counter of
-	 * NULL and manually assign it afterwards.
-	 */
-	chacha_keysetup(&ctx, key, 256);
-	chacha_ivsetup(&ctx, iv, NULL);
-	if (counter != 0) {
-		ctx.input[12] = (uint32_t)counter;
-		ctx.input[13] = (uint32_t)(counter >> 32);
-	}
-
-	chacha_encrypt_bytes(&ctx, in, out, (uint32_t)len);
-}
diff --git a/lib/libssl/src/crypto/chacha/chacha.h b/lib/libssl/src/crypto/chacha/chacha.h
deleted file mode 100644
index 8d94e626f8c..00000000000
--- a/lib/libssl/src/crypto/chacha/chacha.h
+++ /dev/null
@@ -1,54 +0,0 @@
-/* $OpenBSD: chacha.h,v 1.7 2015/12/09 14:07:55 bcook Exp $ */
-/*
- * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#ifndef HEADER_CHACHA_H
-#define HEADER_CHACHA_H
-
-#include <openssl/opensslconf.h>
-
-#if defined(OPENSSL_NO_CHACHA)
-#error ChaCha is disabled.
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct {
-	unsigned int input[16];
-	unsigned char ks[64];
-	unsigned char unused;
-} ChaCha_ctx;
-
-void ChaCha_set_key(ChaCha_ctx *ctx, const unsigned char *key,
-    unsigned int keybits);
-void ChaCha_set_iv(ChaCha_ctx *ctx, const unsigned char *iv,
-    const unsigned char *counter);
-void ChaCha(ChaCha_ctx *ctx, unsigned char *out, const unsigned char *in,
-    size_t len);
-
-void CRYPTO_chacha_20(unsigned char *out, const unsigned char *in, size_t len,
-    const unsigned char key[32], const unsigned char iv[8], uint64_t counter);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_CHACHA_H */
diff --git a/lib/libssl/src/crypto/cmac/cm_ameth.c b/lib/libssl/src/crypto/cmac/cm_ameth.c
deleted file mode 100644
index e7e7fe0f804..00000000000
--- a/lib/libssl/src/crypto/cmac/cm_ameth.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $OpenBSD: cm_ameth.c,v 1.7 2014/07/12 16:03:37 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2010.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-
-#include <openssl/cmac.h>
-#include <openssl/evp.h>
-
-#include "asn1_locl.h"
-
-/* CMAC "ASN1" method. This is just here to indicate the
- * maximum CMAC output length and to free up a CMAC
- * key.
- */
-
-static int
-cmac_size(const EVP_PKEY *pkey)
-{
-	return EVP_MAX_BLOCK_LENGTH;
-}
-
-static void
-cmac_key_free(EVP_PKEY *pkey)
-{
-	CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
-
-	CMAC_CTX_free(cmctx);
-}
-
-const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
-	.pkey_id = EVP_PKEY_CMAC,
-	.pkey_base_id = EVP_PKEY_CMAC,
-
-	.pem_str = "CMAC",
-	.info = "OpenSSL CMAC method",
-
-	.pkey_size = cmac_size,
-	.pkey_free = cmac_key_free
-};
diff --git a/lib/libssl/src/crypto/cmac/cm_pmeth.c b/lib/libssl/src/crypto/cmac/cm_pmeth.c
deleted file mode 100644
index d9059ca4a88..00000000000
--- a/lib/libssl/src/crypto/cmac/cm_pmeth.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* $OpenBSD: cm_pmeth.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2010.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/cmac.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "evp_locl.h"
-
-/* The context structure and "key" is simply a CMAC_CTX */
-
-static int
-pkey_cmac_init(EVP_PKEY_CTX *ctx)
-{
-	ctx->data = CMAC_CTX_new();
-	if (!ctx->data)
-		return 0;
-	ctx->keygen_info_count = 0;
-	return 1;
-}
-
-static int
-pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	if (!pkey_cmac_init(dst))
-		return 0;
-	if (!CMAC_CTX_copy(dst->data, src->data))
-		return 0;
-	return 1;
-}
-
-static void
-pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
-{
-	CMAC_CTX_free(ctx->data);
-}
-
-static int
-pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	CMAC_CTX *cmkey = CMAC_CTX_new();
-	CMAC_CTX *cmctx = ctx->data;
-
-	if (!cmkey)
-		return 0;
-	if (!CMAC_CTX_copy(cmkey, cmctx)) {
-		CMAC_CTX_free(cmkey);
-		return 0;
-	}
-	EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
-
-	return 1;
-}
-
-static int
-int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	if (!CMAC_Update(ctx->pctx->data, data, count))
-		return 0;
-	return 1;
-}
-
-static int
-cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-	mctx->update = int_update;
-	return 1;
-}
-
-static int
-cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    EVP_MD_CTX *mctx)
-{
-	return CMAC_Final(ctx->data, sig, siglen);
-}
-
-static int
-pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	CMAC_CTX *cmctx = ctx->data;
-
-	switch (type) {
-	case EVP_PKEY_CTRL_SET_MAC_KEY:
-		if (!p2 || p1 < 0)
-			return 0;
-		if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
-			return 0;
-		break;
-
-	case EVP_PKEY_CTRL_CIPHER:
-		if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
-			return 0;
-		break;
-
-	case EVP_PKEY_CTRL_MD:
-		if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
-		    (CMAC_CTX *)ctx->pkey->pkey.ptr))
-			return 0;
-		if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
-			return 0;
-		break;
-
-	default:
-		return -2;
-	}
-	return 1;
-}
-
-static int
-pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
-	if (!value)
-		return 0;
-	if (!strcmp(type, "key")) {
-		void *p = (void *)value;
-		return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
-		    strlen(p), p);
-	}
-	if (!strcmp(type, "cipher")) {
-		const EVP_CIPHER *c;
-
-		c = EVP_get_cipherbyname(value);
-		if (!c)
-			return 0;
-		return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
-	}
-	if (!strcmp(type, "hexkey")) {
-		unsigned char *key;
-		int r;
-		long keylen;
-
-		key = string_to_hex(value, &keylen);
-		if (!key)
-			return 0;
-		r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
-		free(key);
-		return r;
-	}
-
-	return -2;
-}
-
-const EVP_PKEY_METHOD cmac_pkey_meth = {
-	.pkey_id = EVP_PKEY_CMAC,
-	.flags = EVP_PKEY_FLAG_SIGCTX_CUSTOM,
-
-	.init = pkey_cmac_init,
-	.copy = pkey_cmac_copy,
-	.cleanup = pkey_cmac_cleanup,
-
-	.keygen = pkey_cmac_keygen,
-
-	.signctx_init = cmac_signctx_init,
-	.signctx = cmac_signctx,
-
-	.ctrl = pkey_cmac_ctrl,
-	.ctrl_str = pkey_cmac_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/cmac/cmac.c b/lib/libssl/src/crypto/cmac/cmac.c
deleted file mode 100644
index d01ae0f3aee..00000000000
--- a/lib/libssl/src/crypto/cmac/cmac.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* $OpenBSD: cmac.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/cmac.h>
-
-struct CMAC_CTX_st {
-	/* Cipher context to use */
-	EVP_CIPHER_CTX cctx;
-	/* Keys k1 and k2 */
-	unsigned char k1[EVP_MAX_BLOCK_LENGTH];
-	unsigned char k2[EVP_MAX_BLOCK_LENGTH];
-	/* Temporary block */
-	unsigned char tbl[EVP_MAX_BLOCK_LENGTH];
-	/* Last (possibly partial) block */
-	unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
-	/* Number of bytes in last block: -1 means context not initialised */
-	int nlast_block;
-};
-
-
-/* Make temporary keys K1 and K2 */
-
-static void
-make_kn(unsigned char *k1, unsigned char *l, int bl)
-{
-	int i;
-
-	/* Shift block to left, including carry */
-	for (i = 0; i < bl; i++) {
-		k1[i] = l[i] << 1;
-		if (i < bl - 1 && l[i + 1] & 0x80)
-			k1[i] |= 1;
-	}
-	/* If MSB set fixup with R */
-	if (l[0] & 0x80)
-		k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
-}
-
-CMAC_CTX *
-CMAC_CTX_new(void)
-{
-	CMAC_CTX *ctx;
-
-	ctx = malloc(sizeof(CMAC_CTX));
-	if (!ctx)
-		return NULL;
-	EVP_CIPHER_CTX_init(&ctx->cctx);
-	ctx->nlast_block = -1;
-	return ctx;
-}
-
-void
-CMAC_CTX_cleanup(CMAC_CTX *ctx)
-{
-	EVP_CIPHER_CTX_cleanup(&ctx->cctx);
-	explicit_bzero(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
-	explicit_bzero(ctx->k1, EVP_MAX_BLOCK_LENGTH);
-	explicit_bzero(ctx->k2, EVP_MAX_BLOCK_LENGTH);
-	explicit_bzero(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
-	ctx->nlast_block = -1;
-}
-
-EVP_CIPHER_CTX *
-CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
-{
-	return &ctx->cctx;
-}
-
-void
-CMAC_CTX_free(CMAC_CTX *ctx)
-{
-	if (ctx == NULL)
-		return;
-
-	CMAC_CTX_cleanup(ctx);
-	free(ctx);
-}
-
-int
-CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
-{
-	int bl;
-
-	if (in->nlast_block == -1)
-		return 0;
-	if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
-		return 0;
-	bl = EVP_CIPHER_CTX_block_size(&in->cctx);
-	memcpy(out->k1, in->k1, bl);
-	memcpy(out->k2, in->k2, bl);
-	memcpy(out->tbl, in->tbl, bl);
-	memcpy(out->last_block, in->last_block, bl);
-	out->nlast_block = in->nlast_block;
-	return 1;
-}
-
-int
-CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
-    const EVP_CIPHER *cipher, ENGINE *impl)
-{
-	static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
-
-	/* All zeros means restart */
-	if (!key && !cipher && !impl && keylen == 0) {
-		/* Not initialised */
-		if (ctx->nlast_block == -1)
-			return 0;
-		if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
-			return 0;
-		memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
-		ctx->nlast_block = 0;
-		return 1;
-	}
-	/* Initialiase context */
-	if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
-		return 0;
-	/* Non-NULL key means initialisation complete */
-	if (key) {
-		int bl;
-
-		if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
-			return 0;
-		if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
-			return 0;
-		if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
-			return 0;
-		bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-		if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
-			return 0;
-		make_kn(ctx->k1, ctx->tbl, bl);
-		make_kn(ctx->k2, ctx->k1, bl);
-		explicit_bzero(ctx->tbl, bl);
-		/* Reset context again ready for first data block */
-		if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
-			return 0;
-		/* Zero tbl so resume works */
-		memset(ctx->tbl, 0, bl);
-		ctx->nlast_block = 0;
-	}
-	return 1;
-}
-
-int
-CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
-{
-	const unsigned char *data = in;
-	size_t bl;
-
-	if (ctx->nlast_block == -1)
-		return 0;
-	if (dlen == 0)
-		return 1;
-	bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-	/* Copy into partial block if we need to */
-	if (ctx->nlast_block > 0) {
-		size_t nleft;
-
-		nleft = bl - ctx->nlast_block;
-		if (dlen < nleft)
-			nleft = dlen;
-		memcpy(ctx->last_block + ctx->nlast_block, data, nleft);
-		dlen -= nleft;
-		ctx->nlast_block += nleft;
-		/* If no more to process return */
-		if (dlen == 0)
-			return 1;
-		data += nleft;
-		/* Else not final block so encrypt it */
-		if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block, bl))
-			return 0;
-	}
-	/* Encrypt all but one of the complete blocks left */
-	while (dlen > bl) {
-		if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl))
-			return 0;
-		dlen -= bl;
-		data += bl;
-	}
-	/* Copy any data left to last block buffer */
-	memcpy(ctx->last_block, data, dlen);
-	ctx->nlast_block = dlen;
-	return 1;
-}
-
-int
-CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
-{
-	int i, bl, lb;
-
-	if (ctx->nlast_block == -1)
-		return 0;
-	bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
-	*poutlen = (size_t)bl;
-	if (!out)
-		return 1;
-	lb = ctx->nlast_block;
-	/* Is last block complete? */
-	if (lb == bl) {
-		for (i = 0; i < bl; i++)
-			out[i] = ctx->last_block[i] ^ ctx->k1[i];
-	} else {
-		ctx->last_block[lb] = 0x80;
-		if (bl - lb > 1)
-			memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
-		for (i = 0; i < bl; i++)
-			out[i] = ctx->last_block[i] ^ ctx->k2[i];
-	}
-	if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
-		explicit_bzero(out, bl);
-		return 0;
-	}
-	return 1;
-}
-
-int
-CMAC_resume(CMAC_CTX *ctx)
-{
-	if (ctx->nlast_block == -1)
-		return 0;
-	/* The buffer "tbl" containes the last fully encrypted block
-	 * which is the last IV (or all zeroes if no last encrypted block).
-	 * The last block has not been modified since CMAC_final().
-	 * So reinitialising using the last decrypted block will allow
-	 * CMAC to continue after calling CMAC_Final().
-	 */
-	return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
-}
diff --git a/lib/libssl/src/crypto/cmac/cmac.h b/lib/libssl/src/crypto/cmac/cmac.h
deleted file mode 100644
index cb6d64b02f4..00000000000
--- a/lib/libssl/src/crypto/cmac/cmac.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: cmac.h,v 1.3 2014/06/21 13:42:14 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-
-#ifndef HEADER_CMAC_H
-#define HEADER_CMAC_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <openssl/evp.h>
-
-/* Opaque */
-typedef struct CMAC_CTX_st CMAC_CTX;
-
-CMAC_CTX *CMAC_CTX_new(void);
-void CMAC_CTX_cleanup(CMAC_CTX *ctx);
-void CMAC_CTX_free(CMAC_CTX *ctx);
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
-    const EVP_CIPHER *cipher, ENGINE *impl);
-int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
-int CMAC_resume(CMAC_CTX *ctx);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/cms/cms.h b/lib/libssl/src/crypto/cms/cms.h
deleted file mode 100644
index 9a5aae52996..00000000000
--- a/lib/libssl/src/crypto/cms/cms.h
+++ /dev/null
@@ -1,473 +0,0 @@
-/* $OpenBSD: cms.h,v 1.7 2015/02/11 04:05:14 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_H
-#define HEADER_CMS_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/x509.h>
-
-#ifdef OPENSSL_NO_CMS
-#error CMS is disabled.
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct CMS_ContentInfo_st CMS_ContentInfo;
-typedef struct CMS_SignerInfo_st CMS_SignerInfo;
-typedef struct CMS_CertificateChoices CMS_CertificateChoices;
-typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
-typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
-typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
-typedef struct CMS_Receipt_st CMS_Receipt;
-
-DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-#define CMS_SIGNERINFO_ISSUER_SERIAL	0
-#define CMS_SIGNERINFO_KEYIDENTIFIER	1
-
-#define CMS_RECIPINFO_TRANS		0
-#define CMS_RECIPINFO_AGREE		1
-#define CMS_RECIPINFO_KEK		2
-#define CMS_RECIPINFO_PASS		3
-#define CMS_RECIPINFO_OTHER		4
-
-/* S/MIME related flags */
-
-#define CMS_TEXT			0x1
-#define CMS_NOCERTS			0x2
-#define CMS_NO_CONTENT_VERIFY		0x4
-#define CMS_NO_ATTR_VERIFY		0x8
-#define CMS_NOSIGS			\
-			(CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
-#define CMS_NOINTERN			0x10
-#define CMS_NO_SIGNER_CERT_VERIFY	0x20
-#define CMS_NOVERIFY			0x20
-#define CMS_DETACHED			0x40
-#define CMS_BINARY			0x80
-#define CMS_NOATTR			0x100
-#define	CMS_NOSMIMECAP			0x200
-#define CMS_NOOLDMIMETYPE		0x400
-#define CMS_CRLFEOL			0x800
-#define CMS_STREAM			0x1000
-#define CMS_NOCRL			0x2000
-#define CMS_PARTIAL			0x4000
-#define CMS_REUSE_DIGEST		0x8000
-#define CMS_USE_KEYID			0x10000
-#define CMS_DEBUG_DECRYPT		0x20000
-
-const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
-
-BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
-int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
-int CMS_is_detached(CMS_ContentInfo *cms);
-int CMS_set_detached(CMS_ContentInfo *cms, int detached);
-
-#ifdef HEADER_PEM_H
-DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
-#endif
-
-int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
-CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
-int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
-
-BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
-int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
-int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
-    int flags);
-CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
-int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
-
-int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
-
-CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
-    STACK_OF(X509) *certs, BIO *data, unsigned int flags);
-
-CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert,
-    EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags);
-
-int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
-CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-
-int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-    unsigned int flags);
-CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
-    unsigned int flags);
-
-int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key,
-    size_t keylen, BIO *dcont, BIO *out, unsigned int flags);
-
-CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-    const unsigned char *key, size_t keylen, unsigned int flags);
-
-int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-    const unsigned char *key, size_t keylen);
-
-int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-    X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
-
-int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
-    STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags);
-
-STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
-    const EVP_CIPHER *cipher, unsigned int flags);
-
-int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont,
-    BIO *out, unsigned int flags);
-
-int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
-int CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key,
-    size_t keylen, unsigned char *id, size_t idlen);
-int CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass,
-    ssize_t passlen);
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
-int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
-CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip,
-    unsigned int flags);
-int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
-int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
-int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk,
-    X509 **recip, X509_ALGOR **palg);
-int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
-    ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
-
-CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
-    unsigned char *key, size_t keylen, unsigned char *id, size_t idlen,
-    ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId,
-    ASN1_TYPE *otherType);
-
-int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
-    ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate,
-    ASN1_OBJECT **potherid, ASN1_TYPE **pothertype);
-
-int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key,
-    size_t keylen);
-
-int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
-    const unsigned char *id, size_t idlen);
-
-int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass,
-    ssize_t passlen);
-
-CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter,
-    int wrap_nid, int pbe_nid, unsigned char *pass, ssize_t passlen,
-    const EVP_CIPHER *kekciph);
-
-int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
-
-int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-    unsigned int flags);
-CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
-
-int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
-const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
-
-CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
-int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
-int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
-
-CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
-int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
-
-int CMS_SignedData_init(CMS_ContentInfo *cms);
-CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer,
-    EVP_PKEY *pk, const EVP_MD *md, unsigned int flags);
-STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
-
-void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
-int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
-    ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
-int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
-int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
-    unsigned int flags);
-void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
-    X509_ALGOR **pdig, X509_ALGOR **psig);
-int CMS_SignerInfo_sign(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify(CMS_SignerInfo *si);
-int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
-
-int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
-int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, int algnid,
-    int keysize);
-int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
-
-int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
-int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos);
-int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-    int lastpos);
-X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj,
-    int type, const void *bytes, int len);
-int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type,
-    const void *bytes, int len);
-int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname,
-    int type, const void *bytes, int len);
-void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-    int lastpos, int type);
-
-int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
-int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
-    int lastpos);
-int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-    int lastpos);
-X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
-X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
-int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
-int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj,
-    int type, const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type,
-    const void *bytes, int len);
-int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname,
-    int type, const void *bytes, int len);
-void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-    int lastpos, int type);
-
-#ifdef HEADER_X509V3_H
-
-int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
-    int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList,
-    STACK_OF(GENERAL_NAMES) *receiptsTo);
-int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
-void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
-    int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist,
-    STACK_OF(GENERAL_NAMES) **prto);
-
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CMS_strings(void);
-
-/* Error codes for the CMS functions. */
-
-/* Function codes. */
-#define CMS_F_CHECK_CONTENT				 99
-#define CMS_F_CMS_ADD0_CERT				 164
-#define CMS_F_CMS_ADD0_RECIPIENT_KEY			 100
-#define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD		 165
-#define CMS_F_CMS_ADD1_RECEIPTREQUEST			 158
-#define CMS_F_CMS_ADD1_RECIPIENT_CERT			 101
-#define CMS_F_CMS_ADD1_SIGNER				 102
-#define CMS_F_CMS_ADD1_SIGNINGTIME			 103
-#define CMS_F_CMS_COMPRESS				 104
-#define CMS_F_CMS_COMPRESSEDDATA_CREATE			 105
-#define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO		 106
-#define CMS_F_CMS_COPY_CONTENT				 107
-#define CMS_F_CMS_COPY_MESSAGEDIGEST			 108
-#define CMS_F_CMS_DATA					 109
-#define CMS_F_CMS_DATAFINAL				 110
-#define CMS_F_CMS_DATAINIT				 111
-#define CMS_F_CMS_DECRYPT				 112
-#define CMS_F_CMS_DECRYPT_SET1_KEY			 113
-#define CMS_F_CMS_DECRYPT_SET1_PASSWORD			 166
-#define CMS_F_CMS_DECRYPT_SET1_PKEY			 114
-#define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX		 115
-#define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO		 116
-#define CMS_F_CMS_DIGESTEDDATA_DO_FINAL			 117
-#define CMS_F_CMS_DIGEST_VERIFY				 118
-#define CMS_F_CMS_ENCODE_RECEIPT			 161
-#define CMS_F_CMS_ENCRYPT				 119
-#define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO		 120
-#define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT			 121
-#define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT			 122
-#define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY		 123
-#define CMS_F_CMS_ENVELOPEDDATA_CREATE			 124
-#define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO		 125
-#define CMS_F_CMS_ENVELOPED_DATA_INIT			 126
-#define CMS_F_CMS_FINAL					 127
-#define CMS_F_CMS_GET0_CERTIFICATE_CHOICES		 128
-#define CMS_F_CMS_GET0_CONTENT				 129
-#define CMS_F_CMS_GET0_ECONTENT_TYPE			 130
-#define CMS_F_CMS_GET0_ENVELOPED			 131
-#define CMS_F_CMS_GET0_REVOCATION_CHOICES		 132
-#define CMS_F_CMS_GET0_SIGNED				 133
-#define CMS_F_CMS_MSGSIGDIGEST_ADD1			 162
-#define CMS_F_CMS_RECEIPTREQUEST_CREATE0		 159
-#define CMS_F_CMS_RECEIPT_VERIFY			 160
-#define CMS_F_CMS_RECIPIENTINFO_DECRYPT			 134
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT		 135
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT		 136
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID		 137
-#define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP		 138
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP		 139
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT		 140
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT		 141
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS		 142
-#define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID	 143
-#define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT		 167
-#define CMS_F_CMS_RECIPIENTINFO_SET0_KEY		 144
-#define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD		 168
-#define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY		 145
-#define CMS_F_CMS_SET1_SIGNERIDENTIFIER			 146
-#define CMS_F_CMS_SET_DETACHED				 147
-#define CMS_F_CMS_SIGN					 148
-#define CMS_F_CMS_SIGNED_DATA_INIT			 149
-#define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN		 150
-#define CMS_F_CMS_SIGNERINFO_SIGN			 151
-#define CMS_F_CMS_SIGNERINFO_VERIFY			 152
-#define CMS_F_CMS_SIGNERINFO_VERIFY_CERT		 153
-#define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT		 154
-#define CMS_F_CMS_SIGN_RECEIPT				 163
-#define CMS_F_CMS_STREAM				 155
-#define CMS_F_CMS_UNCOMPRESS				 156
-#define CMS_F_CMS_VERIFY				 157
-
-/* Reason codes. */
-#define CMS_R_ADD_SIGNER_ERROR				 99
-#define CMS_R_CERTIFICATE_ALREADY_PRESENT		 175
-#define CMS_R_CERTIFICATE_HAS_NO_KEYID			 160
-#define CMS_R_CERTIFICATE_VERIFY_ERROR			 100
-#define CMS_R_CIPHER_INITIALISATION_ERROR		 101
-#define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR	 102
-#define CMS_R_CMS_DATAFINAL_ERROR			 103
-#define CMS_R_CMS_LIB					 104
-#define CMS_R_CONTENTIDENTIFIER_MISMATCH		 170
-#define CMS_R_CONTENT_NOT_FOUND				 105
-#define CMS_R_CONTENT_TYPE_MISMATCH			 171
-#define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA		 106
-#define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA		 107
-#define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA		 108
-#define CMS_R_CONTENT_VERIFY_ERROR			 109
-#define CMS_R_CTRL_ERROR				 110
-#define CMS_R_CTRL_FAILURE				 111
-#define CMS_R_DECRYPT_ERROR				 112
-#define CMS_R_DIGEST_ERROR				 161
-#define CMS_R_ERROR_GETTING_PUBLIC_KEY			 113
-#define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE	 114
-#define CMS_R_ERROR_SETTING_KEY				 115
-#define CMS_R_ERROR_SETTING_RECIPIENTINFO		 116
-#define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH		 117
-#define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER		 176
-#define CMS_R_INVALID_KEY_LENGTH			 118
-#define CMS_R_MD_BIO_INIT_ERROR				 119
-#define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH	 120
-#define CMS_R_MESSAGEDIGEST_WRONG_LENGTH		 121
-#define CMS_R_MSGSIGDIGEST_ERROR			 172
-#define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE		 162
-#define CMS_R_MSGSIGDIGEST_WRONG_LENGTH			 163
-#define CMS_R_NEED_ONE_SIGNER				 164
-#define CMS_R_NOT_A_SIGNED_RECEIPT			 165
-#define CMS_R_NOT_ENCRYPTED_DATA			 122
-#define CMS_R_NOT_KEK					 123
-#define CMS_R_NOT_KEY_TRANSPORT				 124
-#define CMS_R_NOT_PWRI					 177
-#define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE		 125
-#define CMS_R_NO_CIPHER					 126
-#define CMS_R_NO_CONTENT				 127
-#define CMS_R_NO_CONTENT_TYPE				 173
-#define CMS_R_NO_DEFAULT_DIGEST				 128
-#define CMS_R_NO_DIGEST_SET				 129
-#define CMS_R_NO_KEY					 130
-#define CMS_R_NO_KEY_OR_CERT				 174
-#define CMS_R_NO_MATCHING_DIGEST			 131
-#define CMS_R_NO_MATCHING_RECIPIENT			 132
-#define CMS_R_NO_MATCHING_SIGNATURE			 166
-#define CMS_R_NO_MSGSIGDIGEST				 167
-#define CMS_R_NO_PASSWORD				 178
-#define CMS_R_NO_PRIVATE_KEY				 133
-#define CMS_R_NO_PUBLIC_KEY				 134
-#define CMS_R_NO_RECEIPT_REQUEST			 168
-#define CMS_R_NO_SIGNERS				 135
-#define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 136
-#define CMS_R_RECEIPT_DECODE_ERROR			 169
-#define CMS_R_RECIPIENT_ERROR				 137
-#define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND		 138
-#define CMS_R_SIGNFINAL_ERROR				 139
-#define CMS_R_SMIME_TEXT_ERROR				 140
-#define CMS_R_STORE_INIT_ERROR				 141
-#define CMS_R_TYPE_NOT_COMPRESSED_DATA			 142
-#define CMS_R_TYPE_NOT_DATA				 143
-#define CMS_R_TYPE_NOT_DIGESTED_DATA			 144
-#define CMS_R_TYPE_NOT_ENCRYPTED_DATA			 145
-#define CMS_R_TYPE_NOT_ENVELOPED_DATA			 146
-#define CMS_R_UNABLE_TO_FINALIZE_CONTEXT		 147
-#define CMS_R_UNKNOWN_CIPHER				 148
-#define CMS_R_UNKNOWN_DIGEST_ALGORIHM			 149
-#define CMS_R_UNKNOWN_ID				 150
-#define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 151
-#define CMS_R_UNSUPPORTED_CONTENT_TYPE			 152
-#define CMS_R_UNSUPPORTED_KEK_ALGORITHM			 153
-#define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM	 179
-#define CMS_R_UNSUPPORTED_RECIPIENT_TYPE		 154
-#define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE		 155
-#define CMS_R_UNSUPPORTED_TYPE				 156
-#define CMS_R_UNWRAP_ERROR				 157
-#define CMS_R_UNWRAP_FAILURE				 180
-#define CMS_R_VERIFICATION_FAILURE			 158
-#define CMS_R_WRAP_ERROR				 159
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/cms/cms_asn1.c b/lib/libssl/src/crypto/cms/cms_asn1.c
deleted file mode 100644
index 42e33d5b461..00000000000
--- a/lib/libssl/src/crypto/cms/cms_asn1.c
+++ /dev/null
@@ -1,1503 +0,0 @@
-/* $OpenBSD: cms_asn1.c,v 1.8 2016/03/11 07:08:44 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-static const ASN1_TEMPLATE CMS_IssuerAndSerialNumber_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_IssuerAndSerialNumber, issuer),
-		.field_name = "issuer",
-		.item = &X509_NAME_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_IssuerAndSerialNumber, serialNumber),
-		.field_name = "serialNumber",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM CMS_IssuerAndSerialNumber_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_IssuerAndSerialNumber_seq_tt,
-	.tcount = sizeof(CMS_IssuerAndSerialNumber_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_IssuerAndSerialNumber),
-	.sname = "CMS_IssuerAndSerialNumber",
-};
-
-static const ASN1_TEMPLATE CMS_OtherCertificateFormat_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherCertificateFormat, otherCertFormat),
-		.field_name = "otherCertFormat",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherCertificateFormat, otherCert),
-		.field_name = "otherCert",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM CMS_OtherCertificateFormat_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OtherCertificateFormat_seq_tt,
-	.tcount = sizeof(CMS_OtherCertificateFormat_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OtherCertificateFormat),
-	.sname = "CMS_OtherCertificateFormat",
-};
-
-static const ASN1_TEMPLATE CMS_CertificateChoices_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_CertificateChoices, d.certificate),
-		.field_name = "d.certificate",
-		.item = &X509_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_CertificateChoices, d.extendedCertificate),
-		.field_name = "d.extendedCertificate",
-		.item = &ASN1_SEQUENCE_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(CMS_CertificateChoices, d.v1AttrCert),
-		.field_name = "d.v1AttrCert",
-		.item = &ASN1_SEQUENCE_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 2,
-		.offset = offsetof(CMS_CertificateChoices, d.v2AttrCert),
-		.field_name = "d.v2AttrCert",
-		.item = &ASN1_SEQUENCE_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 3,
-		.offset = offsetof(CMS_CertificateChoices, d.other),
-		.field_name = "d.other",
-		.item = &CMS_OtherCertificateFormat_it,
-	},
-};
-
-const ASN1_ITEM CMS_CertificateChoices_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_CertificateChoices, type),
-	.templates = CMS_CertificateChoices_ch_tt,
-	.tcount = sizeof(CMS_CertificateChoices_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_CertificateChoices),
-	.sname = "CMS_CertificateChoices",
-};
-
-static const ASN1_TEMPLATE CMS_SignerIdentifier_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerIdentifier, d.issuerAndSerialNumber),
-		.field_name = "d.issuerAndSerialNumber",
-		.item = &CMS_IssuerAndSerialNumber_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerIdentifier, d.subjectKeyIdentifier),
-		.field_name = "d.subjectKeyIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_SignerIdentifier_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_SignerIdentifier, type),
-	.templates = CMS_SignerIdentifier_ch_tt,
-	.tcount = sizeof(CMS_SignerIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_SignerIdentifier),
-	.sname = "CMS_SignerIdentifier",
-};
-
-static const ASN1_TEMPLATE CMS_EncapsulatedContentInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EncapsulatedContentInfo, eContentType),
-		.field_name = "eContentType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-		.tag = 0,
-		.offset = offsetof(CMS_EncapsulatedContentInfo, eContent),
-		.field_name = "eContent",
-		.item = &ASN1_OCTET_STRING_NDEF_it,
-	},
-};
-
-const ASN1_ITEM CMS_EncapsulatedContentInfo_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_EncapsulatedContentInfo_seq_tt,
-	.tcount = sizeof(CMS_EncapsulatedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_EncapsulatedContentInfo),
-	.sname = "CMS_EncapsulatedContentInfo",
-};
-
-/* Minor tweak to operation: free up signer key, cert */
-static int
-cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_FREE_POST) {
-		CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
-		EVP_PKEY_free(si->pkey);
-		X509_free(si->signer);
-	}
-	return 1;
-}
-
-static const ASN1_AUX CMS_SignerInfo_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = cms_si_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE CMS_SignerInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, sid),
-		.field_name = "sid",
-		.item = &CMS_SignerIdentifier_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, digestAlgorithm),
-		.field_name = "digestAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, signedAttrs),
-		.field_name = "signedAttrs",
-		.item = &X509_ATTRIBUTE_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, signatureAlgorithm),
-		.field_name = "signatureAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignerInfo, signature),
-		.field_name = "signature",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_SignerInfo, unsignedAttrs),
-		.field_name = "unsignedAttrs",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM CMS_SignerInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_SignerInfo_seq_tt,
-	.tcount = sizeof(CMS_SignerInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &CMS_SignerInfo_aux,
-	.size = sizeof(CMS_SignerInfo),
-	.sname = "CMS_SignerInfo",
-};
-
-static const ASN1_TEMPLATE CMS_OtherRevocationInfoFormat_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfoFormat),
-		.field_name = "otherRevInfoFormat",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfo),
-		.field_name = "otherRevInfo",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM CMS_OtherRevocationInfoFormat_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OtherRevocationInfoFormat_seq_tt,
-	.tcount = sizeof(CMS_OtherRevocationInfoFormat_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OtherRevocationInfoFormat),
-	.sname = "CMS_OtherRevocationInfoFormat",
-};
-
-static const ASN1_TEMPLATE CMS_RevocationInfoChoice_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_RevocationInfoChoice, d.crl),
-		.field_name = "d.crl",
-		.item = &X509_CRL_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(CMS_RevocationInfoChoice, d.other),
-		.field_name = "d.other",
-		.item = &CMS_OtherRevocationInfoFormat_it,
-	},
-};
-
-const ASN1_ITEM CMS_RevocationInfoChoice_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_RevocationInfoChoice, type),
-	.templates = CMS_RevocationInfoChoice_ch_tt,
-	.tcount = sizeof(CMS_RevocationInfoChoice_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_RevocationInfoChoice),
-	.sname = "CMS_RevocationInfoChoice",
-};
-
-static const ASN1_TEMPLATE CMS_SignedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_SignedData, digestAlgorithms),
-		.field_name = "digestAlgorithms",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_SignedData, encapContentInfo),
-		.field_name = "encapContentInfo",
-		.item = &CMS_EncapsulatedContentInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_SignedData, certificates),
-		.field_name = "certificates",
-		.item = &CMS_CertificateChoices_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_SignedData, crls),
-		.field_name = "crls",
-		.item = &CMS_RevocationInfoChoice_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_SignedData, signerInfos),
-		.field_name = "signerInfos",
-		.item = &CMS_SignerInfo_it,
-	},
-};
-
-const ASN1_ITEM CMS_SignedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_SignedData_seq_tt,
-	.tcount = sizeof(CMS_SignedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_SignedData),
-	.sname = "CMS_SignedData",
-};
-
-static const ASN1_TEMPLATE CMS_OriginatorInfo_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_OriginatorInfo, certificates),
-		.field_name = "certificates",
-		.item = &CMS_CertificateChoices_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_OriginatorInfo, crls),
-		.field_name = "crls",
-		.item = &CMS_RevocationInfoChoice_it,
-	},
-};
-
-const ASN1_ITEM CMS_OriginatorInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OriginatorInfo_seq_tt,
-	.tcount = sizeof(CMS_OriginatorInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OriginatorInfo),
-	.sname = "CMS_OriginatorInfo",
-};
-
-static const ASN1_TEMPLATE CMS_EncryptedContentInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EncryptedContentInfo, contentType),
-		.field_name = "contentType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EncryptedContentInfo, contentEncryptionAlgorithm),
-		.field_name = "contentEncryptionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_EncryptedContentInfo, encryptedContent),
-		.field_name = "encryptedContent",
-		.item = &ASN1_OCTET_STRING_NDEF_it,
-	},
-};
-
-const ASN1_ITEM CMS_EncryptedContentInfo_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_EncryptedContentInfo_seq_tt,
-	.tcount = sizeof(CMS_EncryptedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_EncryptedContentInfo),
-	.sname = "CMS_EncryptedContentInfo",
-};
-
-static const ASN1_TEMPLATE CMS_KeyTransRecipientInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyTransRecipientInfo, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyTransRecipientInfo, rid),
-		.field_name = "rid",
-		.item = &CMS_SignerIdentifier_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm),
-		.field_name = "keyEncryptionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyTransRecipientInfo, encryptedKey),
-		.field_name = "encryptedKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_KeyTransRecipientInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_KeyTransRecipientInfo_seq_tt,
-	.tcount = sizeof(CMS_KeyTransRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_KeyTransRecipientInfo),
-	.sname = "CMS_KeyTransRecipientInfo",
-};
-
-static const ASN1_TEMPLATE CMS_OtherKeyAttribute_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherKeyAttribute, keyAttrId),
-		.field_name = "keyAttrId",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherKeyAttribute, keyAttr),
-		.field_name = "keyAttr",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM CMS_OtherKeyAttribute_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OtherKeyAttribute_seq_tt,
-	.tcount = sizeof(CMS_OtherKeyAttribute_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OtherKeyAttribute),
-	.sname = "CMS_OtherKeyAttribute",
-};
-
-static const ASN1_TEMPLATE CMS_RecipientKeyIdentifier_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientKeyIdentifier, subjectKeyIdentifier),
-		.field_name = "subjectKeyIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientKeyIdentifier, date),
-		.field_name = "date",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientKeyIdentifier, other),
-		.field_name = "other",
-		.item = &CMS_OtherKeyAttribute_it,
-	},
-};
-
-const ASN1_ITEM CMS_RecipientKeyIdentifier_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_RecipientKeyIdentifier_seq_tt,
-	.tcount = sizeof(CMS_RecipientKeyIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_RecipientKeyIdentifier),
-	.sname = "CMS_RecipientKeyIdentifier",
-};
-
-static const ASN1_TEMPLATE CMS_KeyAgreeRecipientIdentifier_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber),
-		.field_name = "d.issuerAndSerialNumber",
-		.item = &CMS_IssuerAndSerialNumber_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.rKeyId),
-		.field_name = "d.rKeyId",
-		.item = &CMS_RecipientKeyIdentifier_it,
-	},
-};
-
-const ASN1_ITEM CMS_KeyAgreeRecipientIdentifier_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_KeyAgreeRecipientIdentifier, type),
-	.templates = CMS_KeyAgreeRecipientIdentifier_ch_tt,
-	.tcount = sizeof(CMS_KeyAgreeRecipientIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_KeyAgreeRecipientIdentifier),
-	.sname = "CMS_KeyAgreeRecipientIdentifier",
-};
-
-static const ASN1_TEMPLATE CMS_RecipientEncryptedKey_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientEncryptedKey, rid),
-		.field_name = "rid",
-		.item = &CMS_KeyAgreeRecipientIdentifier_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientEncryptedKey, encryptedKey),
-		.field_name = "encryptedKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_RecipientEncryptedKey_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_RecipientEncryptedKey_seq_tt,
-	.tcount = sizeof(CMS_RecipientEncryptedKey_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_RecipientEncryptedKey),
-	.sname = "CMS_RecipientEncryptedKey",
-};
-
-static const ASN1_TEMPLATE CMS_OriginatorPublicKey_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OriginatorPublicKey, algorithm),
-		.field_name = "algorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OriginatorPublicKey, publicKey),
-		.field_name = "publicKey",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_OriginatorPublicKey_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OriginatorPublicKey_seq_tt,
-	.tcount = sizeof(CMS_OriginatorPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OriginatorPublicKey),
-	.sname = "CMS_OriginatorPublicKey",
-};
-
-static const ASN1_TEMPLATE CMS_OriginatorIdentifierOrKey_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber),
-		.field_name = "d.issuerAndSerialNumber",
-		.item = &CMS_IssuerAndSerialNumber_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier),
-		.field_name = "d.subjectKeyIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(CMS_OriginatorIdentifierOrKey, d.originatorKey),
-		.field_name = "d.originatorKey",
-		.item = &CMS_OriginatorPublicKey_it,
-	},
-};
-
-const ASN1_ITEM CMS_OriginatorIdentifierOrKey_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_OriginatorIdentifierOrKey, type),
-	.templates = CMS_OriginatorIdentifierOrKey_ch_tt,
-	.tcount = sizeof(CMS_OriginatorIdentifierOrKey_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OriginatorIdentifierOrKey),
-	.sname = "CMS_OriginatorIdentifierOrKey",
-};
-
-static const ASN1_TEMPLATE CMS_KeyAgreeRecipientInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientInfo, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientInfo, originator),
-		.field_name = "originator",
-		.item = &CMS_OriginatorIdentifierOrKey_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_KeyAgreeRecipientInfo, ukm),
-		.field_name = "ukm",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm),
-		.field_name = "keyEncryptionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys),
-		.field_name = "recipientEncryptedKeys",
-		.item = &CMS_RecipientEncryptedKey_it,
-	},
-};
-
-const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_KeyAgreeRecipientInfo_seq_tt,
-	.tcount = sizeof(CMS_KeyAgreeRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_KeyAgreeRecipientInfo),
-	.sname = "CMS_KeyAgreeRecipientInfo",
-};
-
-static const ASN1_TEMPLATE CMS_KEKIdentifier_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKIdentifier, keyIdentifier),
-		.field_name = "keyIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKIdentifier, date),
-		.field_name = "date",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKIdentifier, other),
-		.field_name = "other",
-		.item = &CMS_OtherKeyAttribute_it,
-	},
-};
-
-const ASN1_ITEM CMS_KEKIdentifier_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_KEKIdentifier_seq_tt,
-	.tcount = sizeof(CMS_KEKIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_KEKIdentifier),
-	.sname = "CMS_KEKIdentifier",
-};
-
-static const ASN1_TEMPLATE CMS_KEKRecipientInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKRecipientInfo, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKRecipientInfo, kekid),
-		.field_name = "kekid",
-		.item = &CMS_KEKIdentifier_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKRecipientInfo, keyEncryptionAlgorithm),
-		.field_name = "keyEncryptionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_KEKRecipientInfo, encryptedKey),
-		.field_name = "encryptedKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_KEKRecipientInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_KEKRecipientInfo_seq_tt,
-	.tcount = sizeof(CMS_KEKRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_KEKRecipientInfo),
-	.sname = "CMS_KEKRecipientInfo",
-};
-
-static const ASN1_TEMPLATE CMS_PasswordRecipientInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_PasswordRecipientInfo, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_PasswordRecipientInfo, keyDerivationAlgorithm),
-		.field_name = "keyDerivationAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm),
-		.field_name = "keyEncryptionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_PasswordRecipientInfo, encryptedKey),
-		.field_name = "encryptedKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_PasswordRecipientInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_PasswordRecipientInfo_seq_tt,
-	.tcount = sizeof(CMS_PasswordRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_PasswordRecipientInfo),
-	.sname = "CMS_PasswordRecipientInfo",
-};
-
-static const ASN1_TEMPLATE CMS_OtherRecipientInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherRecipientInfo, oriType),
-		.field_name = "oriType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_OtherRecipientInfo, oriValue),
-		.field_name = "oriValue",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM CMS_OtherRecipientInfo_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_OtherRecipientInfo_seq_tt,
-	.tcount = sizeof(CMS_OtherRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_OtherRecipientInfo),
-	.sname = "CMS_OtherRecipientInfo",
-};
-
-/* Free up RecipientInfo additional data */
-static int
-cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_FREE_PRE) {
-		CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
-		if (ri->type == CMS_RECIPINFO_TRANS) {
-			CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
-			EVP_PKEY_free(ktri->pkey);
-			X509_free(ktri->recip);
-		} else if (ri->type == CMS_RECIPINFO_KEK) {
-			CMS_KEKRecipientInfo *kekri = ri->d.kekri;
-			if (kekri->key) {
-				explicit_bzero(kekri->key, kekri->keylen);
-				free(kekri->key);
-			}
-		} else if (ri->type == CMS_RECIPINFO_PASS) {
-			CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
-			if (pwri->pass) {
-				explicit_bzero(pwri->pass, pwri->passlen);
-				free(pwri->pass);
-			}
-		}
-	}
-	return 1;
-}
-
-static const ASN1_AUX CMS_RecipientInfo_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = cms_ri_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE CMS_RecipientInfo_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_RecipientInfo, d.ktri),
-		.field_name = "d.ktri",
-		.item = &CMS_KeyTransRecipientInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(CMS_RecipientInfo, d.kari),
-		.field_name = "d.kari",
-		.item = &CMS_KeyAgreeRecipientInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 2,
-		.offset = offsetof(CMS_RecipientInfo, d.kekri),
-		.field_name = "d.kekri",
-		.item = &CMS_KEKRecipientInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 3,
-		.offset = offsetof(CMS_RecipientInfo, d.pwri),
-		.field_name = "d.pwri",
-		.item = &CMS_PasswordRecipientInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 4,
-		.offset = offsetof(CMS_RecipientInfo, d.ori),
-		.field_name = "d.ori",
-		.item = &CMS_OtherRecipientInfo_it,
-	},
-};
-
-const ASN1_ITEM CMS_RecipientInfo_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_RecipientInfo, type),
-	.templates = CMS_RecipientInfo_ch_tt,
-	.tcount = sizeof(CMS_RecipientInfo_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &CMS_RecipientInfo_aux,
-	.size = sizeof(CMS_RecipientInfo),
-	.sname = "CMS_RecipientInfo",
-};
-
-static const ASN1_TEMPLATE CMS_EnvelopedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EnvelopedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_EnvelopedData, originatorInfo),
-		.field_name = "originatorInfo",
-		.item = &CMS_OriginatorInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_EnvelopedData, recipientInfos),
-		.field_name = "recipientInfos",
-		.item = &CMS_RecipientInfo_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EnvelopedData, encryptedContentInfo),
-		.field_name = "encryptedContentInfo",
-		.item = &CMS_EncryptedContentInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_EnvelopedData, unprotectedAttrs),
-		.field_name = "unprotectedAttrs",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM CMS_EnvelopedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_EnvelopedData_seq_tt,
-	.tcount = sizeof(CMS_EnvelopedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_EnvelopedData),
-	.sname = "CMS_EnvelopedData",
-};
-
-static const ASN1_TEMPLATE CMS_DigestedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_DigestedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_DigestedData, digestAlgorithm),
-		.field_name = "digestAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_DigestedData, encapContentInfo),
-		.field_name = "encapContentInfo",
-		.item = &CMS_EncapsulatedContentInfo_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_DigestedData, digest),
-		.field_name = "digest",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_DigestedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_DigestedData_seq_tt,
-	.tcount = sizeof(CMS_DigestedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_DigestedData),
-	.sname = "CMS_DigestedData",
-};
-
-static const ASN1_TEMPLATE CMS_EncryptedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EncryptedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_EncryptedData, encryptedContentInfo),
-		.field_name = "encryptedContentInfo",
-		.item = &CMS_EncryptedContentInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(CMS_EncryptedData, unprotectedAttrs),
-		.field_name = "unprotectedAttrs",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM CMS_EncryptedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_EncryptedData_seq_tt,
-	.tcount = sizeof(CMS_EncryptedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_EncryptedData),
-	.sname = "CMS_EncryptedData",
-};
-
-static const ASN1_TEMPLATE CMS_AuthenticatedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, originatorInfo),
-		.field_name = "originatorInfo",
-		.item = &CMS_OriginatorInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, recipientInfos),
-		.field_name = "recipientInfos",
-		.item = &CMS_RecipientInfo_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, macAlgorithm),
-		.field_name = "macAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(CMS_AuthenticatedData, digestAlgorithm),
-		.field_name = "digestAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, encapContentInfo),
-		.field_name = "encapContentInfo",
-		.item = &CMS_EncapsulatedContentInfo_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(CMS_AuthenticatedData, authAttrs),
-		.field_name = "authAttrs",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_AuthenticatedData, mac),
-		.field_name = "mac",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 3,
-		.offset = offsetof(CMS_AuthenticatedData, unauthAttrs),
-		.field_name = "unauthAttrs",
-		.item = &X509_ALGOR_it,
-	},
-};
-
-const ASN1_ITEM CMS_AuthenticatedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_AuthenticatedData_seq_tt,
-	.tcount = sizeof(CMS_AuthenticatedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_AuthenticatedData),
-	.sname = "CMS_AuthenticatedData",
-};
-
-static const ASN1_TEMPLATE CMS_CompressedData_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_CompressedData, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_CompressedData, compressionAlgorithm),
-		.field_name = "compressionAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_CompressedData, encapContentInfo),
-		.field_name = "encapContentInfo",
-		.item = &CMS_EncapsulatedContentInfo_it,
-	},
-};
-
-const ASN1_ITEM CMS_CompressedData_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_CompressedData_seq_tt,
-	.tcount = sizeof(CMS_CompressedData_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_CompressedData),
-	.sname = "CMS_CompressedData",
-};
-
-/* This is the ANY DEFINED BY table for the top level ContentInfo structure */
-
-static const ASN1_TEMPLATE cms_default_tt = {
-	.flags = ASN1_TFLG_EXPLICIT,
-	.tag = 0,
-	.offset = offsetof(CMS_ContentInfo, d.other),
-	.field_name = "d.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE CMS_ContentInfo_adbtbl[] = {
-	{
-		.value = NID_pkcs7_data,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.data),
-			.field_name = "d.data",
-			.item = &ASN1_OCTET_STRING_NDEF_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_signed,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.signedData),
-			.field_name = "d.signedData",
-			.item = &CMS_SignedData_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_enveloped,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.envelopedData),
-			.field_name = "d.envelopedData",
-			.item = &CMS_EnvelopedData_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_digest,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.digestedData),
-			.field_name = "d.digestedData",
-			.item = &CMS_DigestedData_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_encrypted,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.encryptedData),
-			.field_name = "d.encryptedData",
-			.item = &CMS_EncryptedData_it,
-		},
-	
-	},
-	{
-		.value = NID_id_smime_ct_authData,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.authenticatedData),
-			.field_name = "d.authenticatedData",
-			.item = &CMS_AuthenticatedData_it,
-		},
-	
-	},
-	{
-		.value = NID_id_smime_ct_compressedData,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(CMS_ContentInfo, d.compressedData),
-			.field_name = "d.compressedData",
-			.item = &CMS_CompressedData_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB CMS_ContentInfo_adb = {
-	.flags = 0,
-	.offset = offsetof(CMS_ContentInfo, contentType),
-	.app_items = 0,
-	.tbl = CMS_ContentInfo_adbtbl,
-	.tblcount = sizeof(CMS_ContentInfo_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &cms_default_tt,
-	.null_tt = NULL,
-};
-
-/* CMS streaming support */
-static int
-cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	ASN1_STREAM_ARG *sarg = exarg;
-	CMS_ContentInfo *cms = NULL;
-
-	if (pval)
-		cms = (CMS_ContentInfo *)*pval;
-	else
-		return 1;
-
-	switch (operation) {
-	case ASN1_OP_STREAM_PRE:
-		if (CMS_stream(&sarg->boundary, cms) <= 0)
-			return 0;
-	case ASN1_OP_DETACHED_PRE:
-		sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
-		if (!sarg->ndef_bio)
-			return 0;
-		break;
-	case ASN1_OP_STREAM_POST:
-	case ASN1_OP_DETACHED_POST:
-		if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
-			return 0;
-		break;
-	}
-	return 1;
-}
-
-static const ASN1_AUX CMS_ContentInfo_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = cms_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE CMS_ContentInfo_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_ContentInfo, contentType),
-		.field_name = "contentType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "CMS_ContentInfo",
-		.item = (const ASN1_ITEM *)&CMS_ContentInfo_adb,
-	},
-};
-
-const ASN1_ITEM CMS_ContentInfo_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_ContentInfo_seq_tt,
-	.tcount = sizeof(CMS_ContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &CMS_ContentInfo_aux,
-	.size = sizeof(CMS_ContentInfo),
-	.sname = "CMS_ContentInfo",
-};
-
-/* Specials for signed attributes */
-
-/* When signing attributes we want to reorder them to match the sorted
- * encoding.
- */
-
-static const ASN1_TEMPLATE CMS_Attributes_Sign_item_tt = {
-	.flags = ASN1_TFLG_SET_ORDER,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "CMS_ATTRIBUTES",
-	.item = &X509_ATTRIBUTE_it,
-};
-
-const ASN1_ITEM CMS_Attributes_Sign_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &CMS_Attributes_Sign_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "CMS_Attributes_Sign",
-};
-
-/* When verifying attributes we need to use the received order. So
- * we use SEQUENCE OF and tag it to SET OF
- */
-
-static const ASN1_TEMPLATE CMS_Attributes_Verify_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-	.tag = V_ASN1_SET,
-	.offset = 0,
-	.field_name = "CMS_ATTRIBUTES",
-	.item = &X509_ATTRIBUTE_it,
-};
-
-const ASN1_ITEM CMS_Attributes_Verify_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &CMS_Attributes_Verify_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "CMS_Attributes_Verify",
-};
-
-static const ASN1_TEMPLATE CMS_ReceiptsFrom_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(CMS_ReceiptsFrom, d.allOrFirstTier),
-		.field_name = "d.allOrFirstTier",
-		.item = &LONG_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF,
-		.tag = 1,
-		.offset = offsetof(CMS_ReceiptsFrom, d.receiptList),
-		.field_name = "d.receiptList",
-		.item = &GENERAL_NAMES_it,
-	},
-};
-
-const ASN1_ITEM CMS_ReceiptsFrom_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(CMS_ReceiptsFrom, type),
-	.templates = CMS_ReceiptsFrom_ch_tt,
-	.tcount = sizeof(CMS_ReceiptsFrom_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_ReceiptsFrom),
-	.sname = "CMS_ReceiptsFrom",
-};
-
-static const ASN1_TEMPLATE CMS_ReceiptRequest_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_ReceiptRequest, signedContentIdentifier),
-		.field_name = "signedContentIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_ReceiptRequest, receiptsFrom),
-		.field_name = "receiptsFrom",
-		.item = &CMS_ReceiptsFrom_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(CMS_ReceiptRequest, receiptsTo),
-		.field_name = "receiptsTo",
-		.item = &GENERAL_NAMES_it,
-	},
-};
-
-const ASN1_ITEM CMS_ReceiptRequest_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_ReceiptRequest_seq_tt,
-	.tcount = sizeof(CMS_ReceiptRequest_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_ReceiptRequest),
-	.sname = "CMS_ReceiptRequest",
-};
-
-static const ASN1_TEMPLATE CMS_Receipt_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_Receipt, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_Receipt, contentType),
-		.field_name = "contentType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_Receipt, signedContentIdentifier),
-		.field_name = "signedContentIdentifier",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(CMS_Receipt, originatorSignatureValue),
-		.field_name = "originatorSignatureValue",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM CMS_Receipt_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = CMS_Receipt_seq_tt,
-	.tcount = sizeof(CMS_Receipt_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(CMS_Receipt),
-	.sname = "CMS_Receipt",
-};
diff --git a/lib/libssl/src/crypto/cms/cms_att.c b/lib/libssl/src/crypto/cms/cms_att.c
deleted file mode 100644
index b38c7c4699f..00000000000
--- a/lib/libssl/src/crypto/cms/cms_att.c
+++ /dev/null
@@ -1,211 +0,0 @@
-/* $OpenBSD: cms_att.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-#include <openssl/err.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-/* CMS SignedData Attribute utilities */
-
-int
-CMS_signed_get_attr_count(const CMS_SignerInfo *si)
-{
-	return X509at_get_attr_count(si->signedAttrs);
-}
-
-int
-CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
-{
-	return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
-}
-
-int
-CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-    int lastpos)
-{
-	return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
-}
-
-X509_ATTRIBUTE *
-CMS_signed_get_attr(const CMS_SignerInfo *si, int loc)
-{
-	return X509at_get_attr(si->signedAttrs, loc);
-}
-
-X509_ATTRIBUTE *
-CMS_signed_delete_attr(CMS_SignerInfo *si, int loc)
-{
-	return X509at_delete_attr(si->signedAttrs, loc);
-}
-
-int
-CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
-{
-	if (X509at_add1_attr(&si->signedAttrs, attr))
-		return 1;
-	return 0;
-}
-
-int
-CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj,
-    int type, const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_OBJ(&si->signedAttrs, obj, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type,
-    const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_NID(&si->signedAttrs, nid, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname, int type,
-    const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_txt(&si->signedAttrs, attrname, type,
-	    bytes, len))
-		return 1;
-	return 0;
-}
-
-void *
-CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, int lastpos,
-    int type)
-{
-	return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
-}
-
-int
-CMS_unsigned_get_attr_count(const CMS_SignerInfo *si)
-{
-	return X509at_get_attr_count(si->unsignedAttrs);
-}
-
-int
-CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
-{
-	return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
-}
-
-int
-CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
-    int lastpos)
-{
-	return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
-}
-
-X509_ATTRIBUTE *
-CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc)
-{
-	return X509at_get_attr(si->unsignedAttrs, loc);
-}
-
-X509_ATTRIBUTE *
-CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc)
-{
-	return X509at_delete_attr(si->unsignedAttrs, loc);
-}
-
-int
-CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
-{
-	if (X509at_add1_attr(&si->unsignedAttrs, attr))
-		return 1;
-	return 0;
-}
-
-int
-CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *obj,
-    int type, const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, int nid, int type,
-    const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_NID(&si->unsignedAttrs, nid, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, const char *attrname,
-    int type, const void *bytes, int len)
-{
-	if (X509at_add1_attr_by_txt(&si->unsignedAttrs, attrname, type,
-	    bytes, len))
-		return 1;
-	return 0;
-}
-
-void *
-CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
-    int lastpos, int type)
-{
-	return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
-}
-
-/* Specific attribute cases */
diff --git a/lib/libssl/src/crypto/cms/cms_cd.c b/lib/libssl/src/crypto/cms/cms_cd.c
deleted file mode 100644
index 0489a3d8a3d..00000000000
--- a/lib/libssl/src/crypto/cms/cms_cd.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* $OpenBSD: cms_cd.c,v 1.6 2015/02/11 03:55:00 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bio.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_CompressedData)
-
-#ifdef ZLIB
-
-/* CMS CompressedData Utilities */
-
-CMS_ContentInfo *
-cms_CompressedData_create(int comp_nid)
-{
-	CMS_ContentInfo *cms;
-	CMS_CompressedData *cd;
-
-	/* Will need something cleverer if there is ever more than one
-	 * compression algorithm or parameters have some meaning...
-	 */
-	if (comp_nid != NID_zlib_compression) {
-		CMSerr(CMS_F_CMS_COMPRESSEDDATA_CREATE,
-		    CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-		return NULL;
-	}
-	cms = CMS_ContentInfo_new();
-	if (!cms)
-		return NULL;
-
-	cd = M_ASN1_new_of(CMS_CompressedData);
-
-	if (!cd)
-		goto err;
-
-	cms->contentType = OBJ_nid2obj(NID_id_smime_ct_compressedData);
-	cms->d.compressedData = cd;
-
-	cd->version = 0;
-
-	X509_ALGOR_set0(cd->compressionAlgorithm,
-	    OBJ_nid2obj(NID_zlib_compression),
-	    V_ASN1_UNDEF, NULL);
-
-	cd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
-
-	return cms;
-
-err:
-	if (cms)
-		CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-BIO *
-cms_CompressedData_init_bio(CMS_ContentInfo *cms)
-{
-	CMS_CompressedData *cd;
-	ASN1_OBJECT *compoid;
-
-	if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
-		CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
-		    CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
-		return NULL;
-	}
-	cd = cms->d.compressedData;
-	X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm);
-	if (OBJ_obj2nid(compoid) != NID_zlib_compression) {
-		CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
-		    CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-		return NULL;
-	}
-	return BIO_new(BIO_f_zlib());
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/cms/cms_dd.c b/lib/libssl/src/crypto/cms/cms_dd.c
deleted file mode 100644
index eee25f5f07e..00000000000
--- a/lib/libssl/src/crypto/cms/cms_dd.c
+++ /dev/null
@@ -1,147 +0,0 @@
-/* $OpenBSD: cms_dd.c,v 1.4 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_DigestedData)
-
-/* CMS DigestedData Utilities */
-
-CMS_ContentInfo *
-cms_DigestedData_create(const EVP_MD *md)
-{
-	CMS_ContentInfo *cms;
-	CMS_DigestedData *dd;
-
-	cms = CMS_ContentInfo_new();
-	if (!cms)
-		return NULL;
-
-	dd = M_ASN1_new_of(CMS_DigestedData);
-
-	if (!dd)
-		goto err;
-
-	cms->contentType = OBJ_nid2obj(NID_pkcs7_digest);
-	cms->d.digestedData = dd;
-
-	dd->version = 0;
-	dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
-
-	cms_DigestAlgorithm_set(dd->digestAlgorithm, md);
-
-	return cms;
-
-err:
-	if (cms)
-		CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-BIO *
-cms_DigestedData_init_bio(CMS_ContentInfo *cms)
-{
-	CMS_DigestedData *dd;
-
-	dd = cms->d.digestedData;
-	return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm);
-}
-
-int
-cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
-{
-	EVP_MD_CTX mctx;
-	unsigned char md[EVP_MAX_MD_SIZE];
-	unsigned int mdlen;
-	int r = 0;
-	CMS_DigestedData *dd;
-
-	EVP_MD_CTX_init(&mctx);
-
-	dd = cms->d.digestedData;
-
-	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
-		goto err;
-
-	if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
-		goto err;
-
-	if (verify) {
-		if (mdlen != (unsigned int)dd->digest->length) {
-			CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
-			    CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
-			goto err;
-		}
-
-		if (memcmp(md, dd->digest->data, mdlen))
-			CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
-			    CMS_R_VERIFICATION_FAILURE);
-		else
-			r = 1;
-	} else {
-		if (!ASN1_STRING_set(dd->digest, md, mdlen))
-			goto err;
-		r = 1;
-	}
-
-err:
-	EVP_MD_CTX_cleanup(&mctx);
-
-	return r;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_enc.c b/lib/libssl/src/crypto/cms/cms_enc.c
deleted file mode 100644
index c967a18a3c3..00000000000
--- a/lib/libssl/src/crypto/cms/cms_enc.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: cms_enc.c,v 1.7 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdlib.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "cms_lcl.h"
-
-/* CMS EncryptedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_EncryptedData)
-
-/* Return BIO based on EncryptedContentInfo and key */
-
-BIO *
-cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
-{
-	BIO *b;
-	EVP_CIPHER_CTX *ctx;
-	const EVP_CIPHER *ciph;
-	X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
-	unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
-	unsigned char *tkey = NULL;
-	size_t tkeylen = 0;
-	int ok = 0;
-	int enc, keep_key = 0;
-
-	enc = ec->cipher ? 1 : 0;
-
-	b = BIO_new(BIO_f_cipher());
-	if (!b) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	BIO_get_cipher_ctx(b, &ctx);
-
-	if (enc) {
-		ciph = ec->cipher;
-		/* If not keeping key set cipher to NULL so subsequent calls
-		 * decrypt.
-		 */
-		if (ec->key)
-			ec->cipher = NULL;
-	} else {
-		ciph = EVP_get_cipherbyobj(calg->algorithm);
-
-		if (!ciph) {
-			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-			    CMS_R_UNKNOWN_CIPHER);
-			goto err;
-		}
-	}
-
-	if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-		    CMS_R_CIPHER_INITIALISATION_ERROR);
-		goto err;
-	}
-
-	if (enc) {
-		int ivlen;
-		calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
-		/* Generate a random IV if we need one */
-		ivlen = EVP_CIPHER_CTX_iv_length(ctx);
-		if (ivlen > 0) {
-			arc4random_buf(iv, ivlen);
-			piv = iv;
-		}
-	} else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-		    CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-		goto err;
-	}
-	tkeylen = EVP_CIPHER_CTX_key_length(ctx);
-	/* Generate random session key */
-	if (!enc || !ec->key) {
-		tkey = malloc(tkeylen);
-		if (!tkey) {
-			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
-			goto err;
-	}
-
-	if (!ec->key) {
-		ec->key = tkey;
-		ec->keylen = tkeylen;
-		tkey = NULL;
-		if (enc)
-			keep_key = 1;
-		else
-			ERR_clear_error();
-
-	}
-
-	if (ec->keylen != tkeylen) {
-		/* If necessary set key length */
-		if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
-			/* Only reveal failure if debugging so we don't
-			 * leak information which may be useful in MMA.
-			 */
-			if (enc || ec->debug) {
-				CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-				    CMS_R_INVALID_KEY_LENGTH);
-				goto err;
-			} else {
-				/* Use random key */
-				explicit_bzero(ec->key, ec->keylen);
-				free(ec->key);
-				ec->key = tkey;
-				ec->keylen = tkeylen;
-				tkey = NULL;
-				ERR_clear_error();
-			}
-		}
-	}
-
-	if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-		    CMS_R_CIPHER_INITIALISATION_ERROR);
-		goto err;
-	}
-
-	if (piv) {
-		calg->parameter = ASN1_TYPE_new();
-		if (!calg->parameter) {
-			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
-			CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
-			    CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-			goto err;
-		}
-	}
-	ok = 1;
-
-err:
-	if (ec->key && !keep_key) {
-		explicit_bzero(ec->key, ec->keylen);
-		free(ec->key);
-		ec->key = NULL;
-	}
-	if (tkey) {
-		explicit_bzero(tkey, tkeylen);
-		free(tkey);
-	}
-	if (ok)
-		return b;
-	BIO_free(b);
-	return NULL;
-}
-
-int
-cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
-    const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen)
-{
-	ec->cipher = cipher;
-	if (key) {
-		ec->key = malloc(keylen);
-		if (!ec->key)
-			return 0;
-		memcpy(ec->key, key, keylen);
-	}
-	ec->keylen = keylen;
-	if (cipher)
-		ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
-	return 1;
-}
-
-int
-CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
-    const unsigned char *key, size_t keylen)
-{
-	CMS_EncryptedContentInfo *ec;
-
-	if (!key || !keylen) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
-		return 0;
-	}
-	if (ciph) {
-		cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
-		if (!cms->d.encryptedData) {
-			CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
-		cms->d.encryptedData->version = 0;
-	} else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY,
-		    CMS_R_NOT_ENCRYPTED_DATA);
-		return 0;
-	}
-	ec = cms->d.encryptedData->encryptedContentInfo;
-	return cms_EncryptedContent_init(ec, ciph, key, keylen);
-}
-
-BIO *
-cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
-{
-	CMS_EncryptedData *enc = cms->d.encryptedData;
-
-	if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
-		enc->version = 2;
-	return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
-}
diff --git a/lib/libssl/src/crypto/cms/cms_env.c b/lib/libssl/src/crypto/cms/cms_env.c
deleted file mode 100644
index e483c4539fc..00000000000
--- a/lib/libssl/src/crypto/cms/cms_env.c
+++ /dev/null
@@ -1,818 +0,0 @@
-/* $OpenBSD: cms_env.c,v 1.9 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/aes.h>
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "cms_lcl.h"
-#include "asn1_locl.h"
-
-/* CMS EnvelopedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_EnvelopedData)
-DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
-DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
-
-DECLARE_STACK_OF(CMS_RecipientInfo)
-
-CMS_EnvelopedData *
-cms_get0_enveloped(CMS_ContentInfo *cms)
-{
-	if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
-		CMSerr(CMS_F_CMS_GET0_ENVELOPED,
-		    CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
-		return NULL;
-	}
-	return cms->d.envelopedData;
-}
-
-static CMS_EnvelopedData *
-cms_enveloped_data_init(CMS_ContentInfo *cms)
-{
-	if (cms->d.other == NULL) {
-		cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
-		if (!cms->d.envelopedData) {
-			CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		cms->d.envelopedData->version = 0;
-		cms->d.envelopedData->encryptedContentInfo->contentType =
-		    OBJ_nid2obj(NID_pkcs7_data);
-		ASN1_OBJECT_free(cms->contentType);
-		cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
-		return cms->d.envelopedData;
-	}
-	return cms_get0_enveloped(cms);
-}
-
-STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
-{
-	CMS_EnvelopedData *env;
-
-	env = cms_get0_enveloped(cms);
-	if (!env)
-		return NULL;
-	return env->recipientInfos;
-}
-
-int
-CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
-{
-	return ri->type;
-}
-
-CMS_ContentInfo *
-CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
-{
-	CMS_ContentInfo *cms;
-	CMS_EnvelopedData *env;
-
-	cms = CMS_ContentInfo_new();
-	if (!cms)
-		goto merr;
-	env = cms_enveloped_data_init(cms);
-	if (!env)
-		goto merr;
-	if (!cms_EncryptedContent_init(env->encryptedContentInfo,
-	    cipher, NULL, 0))
-		goto merr;
-	return cms;
-
-merr:
-	if (cms)
-		CMS_ContentInfo_free(cms);
-	CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-/* Key Transport Recipient Info (KTRI) routines */
-
-/* Add a recipient certificate. For now only handle key transport.
- * If we ever handle key agreement will need updating.
- */
-
-CMS_RecipientInfo *
-CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags)
-{
-	CMS_RecipientInfo *ri = NULL;
-	CMS_KeyTransRecipientInfo *ktri;
-	CMS_EnvelopedData *env;
-	EVP_PKEY *pk = NULL;
-	int i, type;
-
-	env = cms_get0_enveloped(cms);
-	if (!env)
-		goto err;
-
-	/* Initialize recipient info */
-	ri = M_ASN1_new_of(CMS_RecipientInfo);
-	if (!ri)
-		goto merr;
-
-	/* Initialize and add key transport recipient info */
-
-	ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo);
-	if (!ri->d.ktri)
-		goto merr;
-	ri->type = CMS_RECIPINFO_TRANS;
-
-	ktri = ri->d.ktri;
-
-	X509_check_purpose(recip, -1, -1);
-	pk = X509_get_pubkey(recip);
-	if (!pk) {
-		CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
-		    CMS_R_ERROR_GETTING_PUBLIC_KEY);
-		goto err;
-	}
-	CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
-	ktri->pkey = pk;
-	ktri->recip = recip;
-
-	if (flags & CMS_USE_KEYID) {
-		ktri->version = 2;
-		type = CMS_RECIPINFO_KEYIDENTIFIER;
-	} else {
-		ktri->version = 0;
-		type = CMS_RECIPINFO_ISSUER_SERIAL;
-	}
-
-	/* Not a typo: RecipientIdentifier and SignerIdentifier are the
-	 * same structure.
-	 */
-
-	if (!cms_set1_SignerIdentifier(ktri->rid, recip, type))
-		goto err;
-
-	if (pk->ameth && pk->ameth->pkey_ctrl) {
-		i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_ENVELOPE,
-		    0, ri);
-		if (i == -2) {
-			CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
-			    CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-			goto err;
-		}
-		if (i <= 0) {
-			CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
-			    CMS_R_CTRL_FAILURE);
-			goto err;
-		}
-	}
-
-	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-		goto merr;
-
-	return ri;
-
-merr:
-	CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
-err:
-	if (ri)
-		M_ASN1_free_of(ri, CMS_RecipientInfo);
-	return NULL;
-}
-
-int
-CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, EVP_PKEY **pk,
-    X509 **recip, X509_ALGOR **palg)
-{
-	CMS_KeyTransRecipientInfo *ktri;
-
-	if (ri->type != CMS_RECIPINFO_TRANS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS,
-		    CMS_R_NOT_KEY_TRANSPORT);
-		return 0;
-	}
-
-	ktri = ri->d.ktri;
-
-	if (pk)
-		*pk = ktri->pkey;
-	if (recip)
-		*recip = ktri->recip;
-	if (palg)
-		*palg = ktri->keyEncryptionAlgorithm;
-	return 1;
-}
-
-int
-CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
-    ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno)
-{
-	CMS_KeyTransRecipientInfo *ktri;
-
-	if (ri->type != CMS_RECIPINFO_TRANS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID,
-		    CMS_R_NOT_KEY_TRANSPORT);
-		return 0;
-	}
-	ktri = ri->d.ktri;
-
-	return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid,
-	    issuer, sno);
-}
-
-int
-CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
-{
-	if (ri->type != CMS_RECIPINFO_TRANS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP,
-		    CMS_R_NOT_KEY_TRANSPORT);
-		return -2;
-	}
-	return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
-}
-
-int
-CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
-{
-	if (ri->type != CMS_RECIPINFO_TRANS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY,
-		    CMS_R_NOT_KEY_TRANSPORT);
-		return 0;
-	}
-	ri->d.ktri->pkey = pkey;
-	return 1;
-}
-
-/* Encrypt content key in key transport recipient info */
-
-static int
-cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-	CMS_KeyTransRecipientInfo *ktri;
-	CMS_EncryptedContentInfo *ec;
-	EVP_PKEY_CTX *pctx = NULL;
-	unsigned char *ek = NULL;
-	size_t eklen;
-
-	int ret = 0;
-
-	if (ri->type != CMS_RECIPINFO_TRANS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT,
-		    CMS_R_NOT_KEY_TRANSPORT);
-		return 0;
-	}
-	ktri = ri->d.ktri;
-	ec = cms->d.envelopedData->encryptedContentInfo;
-
-	pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
-	if (!pctx)
-		return 0;
-
-	if (EVP_PKEY_encrypt_init(pctx) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
-	    EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
-		goto err;
-	}
-
-	if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
-		goto err;
-
-	ek = malloc(eklen);
-
-	if (ek == NULL) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
-		goto err;
-
-	ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
-	ek = NULL;
-
-	ret = 1;
-
-err:
-	EVP_PKEY_CTX_free(pctx);
-	free(ek);
-	return ret;
-}
-
-/* Decrypt content key from KTRI */
-
-static int
-cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-	CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
-	EVP_PKEY_CTX *pctx = NULL;
-	unsigned char *ek = NULL;
-	size_t eklen;
-	int ret = 0;
-	CMS_EncryptedContentInfo *ec;
-
-	ec = cms->d.envelopedData->encryptedContentInfo;
-
-	if (ktri->pkey == NULL) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT,
-		    CMS_R_NO_PRIVATE_KEY);
-		return 0;
-	}
-
-	pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
-	if (!pctx)
-		return 0;
-
-	if (EVP_PKEY_decrypt_init(pctx) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
-	    EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
-		goto err;
-	}
-
-	if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
-	    ktri->encryptedKey->data,
-	    ktri->encryptedKey->length) <= 0)
-		goto err;
-
-	ek = malloc(eklen);
-
-	if (ek == NULL) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EVP_PKEY_decrypt(pctx, ek, &eklen,
-	    ktri->encryptedKey->data,
-	    ktri->encryptedKey->length) <= 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
-		goto err;
-	}
-
-	ret = 1;
-
-	if (ec->key) {
-		explicit_bzero(ec->key, ec->keylen);
-		free(ec->key);
-	}
-
-	ec->key = ek;
-	ec->keylen = eklen;
-
-err:
-	EVP_PKEY_CTX_free(pctx);
-	if (!ret && ek)
-		free(ek);
-
-	return ret;
-}
-
-/* Key Encrypted Key (KEK) RecipientInfo routines */
-
-int
-CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id,
-    size_t idlen)
-{
-	ASN1_OCTET_STRING tmp_os;
-	CMS_KEKRecipientInfo *kekri;
-
-	if (ri->type != CMS_RECIPINFO_KEK) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK);
-		return -2;
-	}
-	kekri = ri->d.kekri;
-	tmp_os.type = V_ASN1_OCTET_STRING;
-	tmp_os.flags = 0;
-	tmp_os.data = (unsigned char *)id;
-	tmp_os.length = (int)idlen;
-	return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier);
-}
-
-/* For now hard code AES key wrap info */
-
-static size_t
-aes_wrap_keylen(int nid)
-{
-	switch (nid) {
-	case NID_id_aes128_wrap:
-		return 16;
-	case NID_id_aes192_wrap:
-		return 24;
-	case NID_id_aes256_wrap:
-		return 32;
-	default:
-		return 0;
-	}
-}
-
-CMS_RecipientInfo *
-CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key,
-    size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date,
-    ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType)
-{
-	CMS_RecipientInfo *ri = NULL;
-	CMS_EnvelopedData *env;
-	CMS_KEKRecipientInfo *kekri;
-
-	env = cms_get0_enveloped(cms);
-	if (!env)
-		goto err;
-
-	if (nid == NID_undef) {
-		switch (keylen) {
-		case 16:
-			nid = NID_id_aes128_wrap;
-			break;
-		case  24:
-			nid = NID_id_aes192_wrap;
-			break;
-		case  32:
-			nid = NID_id_aes256_wrap;
-			break;
-		default:
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
-			    CMS_R_INVALID_KEY_LENGTH);
-			goto err;
-		}
-	} else {
-		size_t exp_keylen = aes_wrap_keylen(nid);
-
-		if (!exp_keylen) {
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
-			    CMS_R_UNSUPPORTED_KEK_ALGORITHM);
-			goto err;
-		}
-
-		if (keylen != exp_keylen) {
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
-			    CMS_R_INVALID_KEY_LENGTH);
-			goto err;
-		}
-
-	}
-
-	/* Initialize recipient info */
-	ri = M_ASN1_new_of(CMS_RecipientInfo);
-	if (!ri)
-		goto merr;
-
-	ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
-	if (!ri->d.kekri)
-		goto merr;
-	ri->type = CMS_RECIPINFO_KEK;
-
-	kekri = ri->d.kekri;
-
-	if (otherTypeId) {
-		kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
-		if (kekri->kekid->other == NULL)
-			goto merr;
-	}
-
-	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-		goto merr;
-
-	/* After this point no calls can fail */
-
-	kekri->version = 4;
-
-	kekri->key = key;
-	kekri->keylen = keylen;
-
-	ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
-
-	kekri->kekid->date = date;
-
-	if (kekri->kekid->other) {
-		kekri->kekid->other->keyAttrId = otherTypeId;
-		kekri->kekid->other->keyAttr = otherType;
-	}
-
-	X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
-	    OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
-
-	return ri;
-
-merr:
-	CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
-err:
-	if (ri)
-		M_ASN1_free_of(ri, CMS_RecipientInfo);
-	return NULL;
-}
-
-int
-CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg,
-    ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate,
-    ASN1_OBJECT **potherid, ASN1_TYPE **pothertype)
-{
-	CMS_KEKIdentifier *rkid;
-
-	if (ri->type != CMS_RECIPINFO_KEK) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
-		return 0;
-	}
-	rkid = ri->d.kekri->kekid;
-	if (palg)
-		*palg = ri->d.kekri->keyEncryptionAlgorithm;
-	if (pid)
-		*pid = rkid->keyIdentifier;
-	if (pdate)
-		*pdate = rkid->date;
-	if (potherid) {
-		if (rkid->other)
-			*potherid = rkid->other->keyAttrId;
-		else
-			*potherid = NULL;
-	}
-	if (pothertype) {
-		if (rkid->other)
-			*pothertype = rkid->other->keyAttr;
-		else
-			*pothertype = NULL;
-	}
-	return 1;
-}
-
-int
-CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key,
-    size_t keylen)
-{
-	CMS_KEKRecipientInfo *kekri;
-
-	if (ri->type != CMS_RECIPINFO_KEK) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK);
-		return 0;
-	}
-
-	kekri = ri->d.kekri;
-	kekri->key = key;
-	kekri->keylen = keylen;
-	return 1;
-}
-
-/* Encrypt content key in KEK recipient info */
-
-static int
-cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-	CMS_EncryptedContentInfo *ec;
-	CMS_KEKRecipientInfo *kekri;
-	AES_KEY actx;
-	unsigned char *wkey = NULL;
-	int wkeylen;
-	int r = 0;
-
-	ec = cms->d.envelopedData->encryptedContentInfo;
-
-	kekri = ri->d.kekri;
-
-	if (!kekri->key) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY);
-		return 0;
-	}
-
-	if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
-		    CMS_R_ERROR_SETTING_KEY);
-		goto err;
-	}
-
-	wkey = malloc(ec->keylen + 8);
-
-	if (!wkey) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
-
-	if (wkeylen <= 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR);
-		goto err;
-	}
-
-	ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen);
-
-	r = 1;
-
-err:
-	if (!r && wkey)
-		free(wkey);
-	explicit_bzero(&actx, sizeof(actx));
-
-	return r;
-}
-
-/* Decrypt content key in KEK recipient info */
-
-static int
-cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-	CMS_EncryptedContentInfo *ec;
-	CMS_KEKRecipientInfo *kekri;
-	AES_KEY actx;
-	unsigned char *ukey = NULL;
-	int ukeylen;
-	int r = 0, wrap_nid;
-
-	ec = cms->d.envelopedData->encryptedContentInfo;
-
-	kekri = ri->d.kekri;
-
-	if (!kekri->key) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY);
-		return 0;
-	}
-
-	wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
-	if (aes_wrap_keylen(wrap_nid) != kekri->keylen) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-		    CMS_R_INVALID_KEY_LENGTH);
-		return 0;
-	}
-
-	/* If encrypted key length is invalid don't bother */
-
-	if (kekri->encryptedKey->length < 16) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-		    CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
-		goto err;
-	}
-
-	if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-		    CMS_R_ERROR_SETTING_KEY);
-		goto err;
-	}
-
-	ukey = malloc(kekri->encryptedKey->length - 8);
-
-	if (!ukey) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	ukeylen = AES_unwrap_key(&actx, NULL, ukey,
-	    kekri->encryptedKey->data,
-	    kekri->encryptedKey->length);
-
-	if (ukeylen <= 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
-		    CMS_R_UNWRAP_ERROR);
-		goto err;
-	}
-
-	ec->key = ukey;
-	ec->keylen = ukeylen;
-
-	r = 1;
-
-err:
-	if (!r && ukey)
-		free(ukey);
-	explicit_bzero(&actx, sizeof(actx));
-
-	return r;
-}
-
-int
-CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
-{
-	switch (ri->type) {
-	case CMS_RECIPINFO_TRANS:
-		return cms_RecipientInfo_ktri_decrypt(cms, ri);
-	case CMS_RECIPINFO_KEK:
-		return cms_RecipientInfo_kekri_decrypt(cms, ri);
-	case CMS_RECIPINFO_PASS:
-		return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
-	default:
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
-		    CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
-		return 0;
-	}
-}
-
-BIO *
-cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
-{
-	CMS_EncryptedContentInfo *ec;
-	STACK_OF(CMS_RecipientInfo) *rinfos;
-	CMS_RecipientInfo *ri;
-	int i, r, ok = 0;
-	BIO *ret;
-
-	/* Get BIO first to set up key */
-
-	ec = cms->d.envelopedData->encryptedContentInfo;
-	ret = cms_EncryptedContent_init_bio(ec);
-
-	/* If error or no cipher end of processing */
-
-	if (!ret || !ec->cipher)
-		return ret;
-
-	/* Now encrypt content key according to each RecipientInfo type */
-
-	rinfos = cms->d.envelopedData->recipientInfos;
-
-	for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
-		ri = sk_CMS_RecipientInfo_value(rinfos, i);
-
-		switch (ri->type) {
-		case CMS_RECIPINFO_TRANS:
-			r = cms_RecipientInfo_ktri_encrypt(cms, ri);
-			break;
-
-		case CMS_RECIPINFO_KEK:
-			r = cms_RecipientInfo_kekri_encrypt(cms, ri);
-			break;
-
-		case CMS_RECIPINFO_PASS:
-			r = cms_RecipientInfo_pwri_crypt(cms, ri, 1);
-			break;
-
-		default:
-			CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
-			    CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
-			goto err;
-		}
-
-		if (r <= 0) {
-			CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
-			    CMS_R_ERROR_SETTING_RECIPIENTINFO);
-			goto err;
-		}
-	}
-
-	ok = 1;
-
-err:
-	ec->cipher = NULL;
-	if (ec->key) {
-		explicit_bzero(ec->key, ec->keylen);
-		free(ec->key);
-		ec->key = NULL;
-		ec->keylen = 0;
-	}
-	if (ok)
-		return ret;
-	BIO_free(ret);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_err.c b/lib/libssl/src/crypto/cms/cms_err.c
deleted file mode 100644
index 4eb9188fd29..00000000000
--- a/lib/libssl/src/crypto/cms/cms_err.c
+++ /dev/null
@@ -1,245 +0,0 @@
-/* $OpenBSD: cms_err.c,v 1.4 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/cms.h>
-#include <openssl/err.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
-
-static ERR_STRING_DATA CMS_str_functs[]= {
-	{ERR_FUNC(CMS_F_CHECK_CONTENT),	"CHECK_CONTENT"},
-	{ERR_FUNC(CMS_F_CMS_ADD0_CERT),	"CMS_add0_cert"},
-	{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY),	"CMS_add0_recipient_key"},
-	{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),	"CMS_add0_recipient_password"},
-	{ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST),	"CMS_add1_ReceiptRequest"},
-	{ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT),	"CMS_add1_recipient_cert"},
-	{ERR_FUNC(CMS_F_CMS_ADD1_SIGNER),	"CMS_add1_signer"},
-	{ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME),	"CMS_ADD1_SIGNINGTIME"},
-	{ERR_FUNC(CMS_F_CMS_COMPRESS),	"CMS_compress"},
-	{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE),	"cms_CompressedData_create"},
-	{ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),	"cms_CompressedData_init_bio"},
-	{ERR_FUNC(CMS_F_CMS_COPY_CONTENT),	"CMS_COPY_CONTENT"},
-	{ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST),	"CMS_COPY_MESSAGEDIGEST"},
-	{ERR_FUNC(CMS_F_CMS_DATA),	"CMS_data"},
-	{ERR_FUNC(CMS_F_CMS_DATAFINAL),	"CMS_dataFinal"},
-	{ERR_FUNC(CMS_F_CMS_DATAINIT),	"CMS_dataInit"},
-	{ERR_FUNC(CMS_F_CMS_DECRYPT),	"CMS_decrypt"},
-	{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY),	"CMS_decrypt_set1_key"},
-	{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD),	"CMS_decrypt_set1_password"},
-	{ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY),	"CMS_decrypt_set1_pkey"},
-	{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),	"cms_DigestAlgorithm_find_ctx"},
-	{ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),	"cms_DigestAlgorithm_init_bio"},
-	{ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL),	"cms_DigestedData_do_final"},
-	{ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY),	"CMS_digest_verify"},
-	{ERR_FUNC(CMS_F_CMS_ENCODE_RECEIPT),	"cms_encode_Receipt"},
-	{ERR_FUNC(CMS_F_CMS_ENCRYPT),	"CMS_encrypt"},
-	{ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),	"cms_EncryptedContent_init_bio"},
-	{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT),	"CMS_EncryptedData_decrypt"},
-	{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT),	"CMS_EncryptedData_encrypt"},
-	{ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),	"CMS_EncryptedData_set1_key"},
-	{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE),	"CMS_EnvelopedData_create"},
-	{ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),	"cms_EnvelopedData_init_bio"},
-	{ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT),	"CMS_ENVELOPED_DATA_INIT"},
-	{ERR_FUNC(CMS_F_CMS_FINAL),	"CMS_final"},
-	{ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),	"CMS_GET0_CERTIFICATE_CHOICES"},
-	{ERR_FUNC(CMS_F_CMS_GET0_CONTENT),	"CMS_get0_content"},
-	{ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE),	"CMS_GET0_ECONTENT_TYPE"},
-	{ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED),	"cms_get0_enveloped"},
-	{ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),	"CMS_GET0_REVOCATION_CHOICES"},
-	{ERR_FUNC(CMS_F_CMS_GET0_SIGNED),	"CMS_GET0_SIGNED"},
-	{ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1),	"cms_msgSigDigest_add1"},
-	{ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),	"CMS_ReceiptRequest_create0"},
-	{ERR_FUNC(CMS_F_CMS_RECEIPT_VERIFY),	"cms_Receipt_verify"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT),	"CMS_RecipientInfo_decrypt"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),	"CMS_RECIPIENTINFO_KEKRI_DECRYPT"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),	"CMS_RECIPIENTINFO_KEKRI_ENCRYPT"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),	"CMS_RecipientInfo_kekri_get0_id"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),	"CMS_RecipientInfo_kekri_id_cmp"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),	"CMS_RecipientInfo_ktri_cert_cmp"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),	"CMS_RECIPIENTINFO_KTRI_DECRYPT"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),	"CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),	"CMS_RecipientInfo_ktri_get0_algs"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),	"CMS_RecipientInfo_ktri_get0_signer_id"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),	"cms_RecipientInfo_pwri_crypt"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),	"CMS_RecipientInfo_set0_key"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),	"CMS_RecipientInfo_set0_password"},
-	{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),	"CMS_RecipientInfo_set0_pkey"},
-	{ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER),	"cms_set1_SignerIdentifier"},
-	{ERR_FUNC(CMS_F_CMS_SET_DETACHED),	"CMS_set_detached"},
-	{ERR_FUNC(CMS_F_CMS_SIGN),	"CMS_sign"},
-	{ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT),	"CMS_SIGNED_DATA_INIT"},
-	{ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),	"CMS_SIGNERINFO_CONTENT_SIGN"},
-	{ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN),	"CMS_SignerInfo_sign"},
-	{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY),	"CMS_SignerInfo_verify"},
-	{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),	"CMS_SIGNERINFO_VERIFY_CERT"},
-	{ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),	"CMS_SignerInfo_verify_content"},
-	{ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT),	"CMS_sign_receipt"},
-	{ERR_FUNC(CMS_F_CMS_STREAM),	"CMS_stream"},
-	{ERR_FUNC(CMS_F_CMS_UNCOMPRESS),	"CMS_uncompress"},
-	{ERR_FUNC(CMS_F_CMS_VERIFY),	"CMS_verify"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA CMS_str_reasons[]= {
-	{ERR_REASON(CMS_R_ADD_SIGNER_ERROR)      , "add signer error"},
-	{ERR_REASON(CMS_R_CERTIFICATE_ALREADY_PRESENT), "certificate already present"},
-	{ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID), "certificate has no keyid"},
-	{ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-	{ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR), "cipher initialisation error"},
-	{ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR), "cipher parameter initialisation error"},
-	{ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR)   , "cms datafinal error"},
-	{ERR_REASON(CMS_R_CMS_LIB)               , "cms lib"},
-	{ERR_REASON(CMS_R_CONTENTIDENTIFIER_MISMATCH), "contentidentifier mismatch"},
-	{ERR_REASON(CMS_R_CONTENT_NOT_FOUND)     , "content not found"},
-	{ERR_REASON(CMS_R_CONTENT_TYPE_MISMATCH) , "content type mismatch"},
-	{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA), "content type not compressed data"},
-	{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA), "content type not enveloped data"},
-	{ERR_REASON(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA), "content type not signed data"},
-	{ERR_REASON(CMS_R_CONTENT_VERIFY_ERROR)  , "content verify error"},
-	{ERR_REASON(CMS_R_CTRL_ERROR)            , "ctrl error"},
-	{ERR_REASON(CMS_R_CTRL_FAILURE)          , "ctrl failure"},
-	{ERR_REASON(CMS_R_DECRYPT_ERROR)         , "decrypt error"},
-	{ERR_REASON(CMS_R_DIGEST_ERROR)          , "digest error"},
-	{ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
-	{ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE), "error reading messagedigest attribute"},
-	{ERR_REASON(CMS_R_ERROR_SETTING_KEY)     , "error setting key"},
-	{ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO), "error setting recipientinfo"},
-	{ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH), "invalid encrypted key length"},
-	{ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER), "invalid key encryption parameter"},
-	{ERR_REASON(CMS_R_INVALID_KEY_LENGTH)    , "invalid key length"},
-	{ERR_REASON(CMS_R_MD_BIO_INIT_ERROR)     , "md bio init error"},
-	{ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH), "messagedigest attribute wrong length"},
-	{ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH), "messagedigest wrong length"},
-	{ERR_REASON(CMS_R_MSGSIGDIGEST_ERROR)    , "msgsigdigest error"},
-	{ERR_REASON(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE), "msgsigdigest verification failure"},
-	{ERR_REASON(CMS_R_MSGSIGDIGEST_WRONG_LENGTH), "msgsigdigest wrong length"},
-	{ERR_REASON(CMS_R_NEED_ONE_SIGNER)       , "need one signer"},
-	{ERR_REASON(CMS_R_NOT_A_SIGNED_RECEIPT)  , "not a signed receipt"},
-	{ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA)    , "not encrypted data"},
-	{ERR_REASON(CMS_R_NOT_KEK)               , "not kek"},
-	{ERR_REASON(CMS_R_NOT_KEY_TRANSPORT)     , "not key transport"},
-	{ERR_REASON(CMS_R_NOT_PWRI)              , "not pwri"},
-	{ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "not supported for this key type"},
-	{ERR_REASON(CMS_R_NO_CIPHER)             , "no cipher"},
-	{ERR_REASON(CMS_R_NO_CONTENT)            , "no content"},
-	{ERR_REASON(CMS_R_NO_CONTENT_TYPE)       , "no content type"},
-	{ERR_REASON(CMS_R_NO_DEFAULT_DIGEST)     , "no default digest"},
-	{ERR_REASON(CMS_R_NO_DIGEST_SET)         , "no digest set"},
-	{ERR_REASON(CMS_R_NO_KEY)                , "no key"},
-	{ERR_REASON(CMS_R_NO_KEY_OR_CERT)        , "no key or cert"},
-	{ERR_REASON(CMS_R_NO_MATCHING_DIGEST)    , "no matching digest"},
-	{ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT) , "no matching recipient"},
-	{ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE) , "no matching signature"},
-	{ERR_REASON(CMS_R_NO_MSGSIGDIGEST)       , "no msgsigdigest"},
-	{ERR_REASON(CMS_R_NO_PASSWORD)           , "no password"},
-	{ERR_REASON(CMS_R_NO_PRIVATE_KEY)        , "no private key"},
-	{ERR_REASON(CMS_R_NO_PUBLIC_KEY)         , "no public key"},
-	{ERR_REASON(CMS_R_NO_RECEIPT_REQUEST)    , "no receipt request"},
-	{ERR_REASON(CMS_R_NO_SIGNERS)            , "no signers"},
-	{ERR_REASON(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"},
-	{ERR_REASON(CMS_R_RECEIPT_DECODE_ERROR)  , "receipt decode error"},
-	{ERR_REASON(CMS_R_RECIPIENT_ERROR)       , "recipient error"},
-	{ERR_REASON(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"},
-	{ERR_REASON(CMS_R_SIGNFINAL_ERROR)       , "signfinal error"},
-	{ERR_REASON(CMS_R_SMIME_TEXT_ERROR)      , "smime text error"},
-	{ERR_REASON(CMS_R_STORE_INIT_ERROR)      , "store init error"},
-	{ERR_REASON(CMS_R_TYPE_NOT_COMPRESSED_DATA), "type not compressed data"},
-	{ERR_REASON(CMS_R_TYPE_NOT_DATA)         , "type not data"},
-	{ERR_REASON(CMS_R_TYPE_NOT_DIGESTED_DATA), "type not digested data"},
-	{ERR_REASON(CMS_R_TYPE_NOT_ENCRYPTED_DATA), "type not encrypted data"},
-	{ERR_REASON(CMS_R_TYPE_NOT_ENVELOPED_DATA), "type not enveloped data"},
-	{ERR_REASON(CMS_R_UNABLE_TO_FINALIZE_CONTEXT), "unable to finalize context"},
-	{ERR_REASON(CMS_R_UNKNOWN_CIPHER)        , "unknown cipher"},
-	{ERR_REASON(CMS_R_UNKNOWN_DIGEST_ALGORIHM), "unknown digest algorihm"},
-	{ERR_REASON(CMS_R_UNKNOWN_ID)            , "unknown id"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM), "unsupported kek algorithm"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM), "unsupported key encryption algorithm"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE), "unsupported recipient type"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE), "unsupported recpientinfo type"},
-	{ERR_REASON(CMS_R_UNSUPPORTED_TYPE)      , "unsupported type"},
-	{ERR_REASON(CMS_R_UNWRAP_ERROR)          , "unwrap error"},
-	{ERR_REASON(CMS_R_UNWRAP_FAILURE)        , "unwrap failure"},
-	{ERR_REASON(CMS_R_VERIFICATION_FAILURE)  , "verification failure"},
-	{ERR_REASON(CMS_R_WRAP_ERROR)            , "wrap error"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_CMS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, CMS_str_functs);
-		ERR_load_strings(0, CMS_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/cms/cms_ess.c b/lib/libssl/src/crypto/cms/cms_ess.c
deleted file mode 100644
index fca62e06271..00000000000
--- a/lib/libssl/src/crypto/cms/cms_ess.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* $OpenBSD: cms_ess.c,v 1.7 2014/10/22 13:02:04 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdlib.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "cms_lcl.h"
-
-DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
-DECLARE_ASN1_ITEM(CMS_Receipt)
-
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
-
-/* ESS services: for now just Signed Receipt related */
-
-int
-CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
-{
-	ASN1_STRING *str;
-	CMS_ReceiptRequest *rr = NULL;
-
-	if (prr)
-		*prr = NULL;
-	str = CMS_signed_get0_data_by_OBJ(si,
-	    OBJ_nid2obj(NID_id_smime_aa_receiptRequest),
-	    -3, V_ASN1_SEQUENCE);
-	if (!str)
-		return 0;
-
-	rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
-	if (!rr)
-		return -1;
-	if (prr)
-		*prr = rr;
-	else
-		CMS_ReceiptRequest_free(rr);
-	return 1;
-}
-
-CMS_ReceiptRequest *
-CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst,
-    STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo)
-{
-	CMS_ReceiptRequest *rr = NULL;
-
-	rr = CMS_ReceiptRequest_new();
-	if (!rr)
-		goto merr;
-	if (id)
-		ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
-	else {
-		if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
-			goto merr;
-		arc4random_buf(rr->signedContentIdentifier->data, 32);
-	}
-
-	sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
-	rr->receiptsTo = receiptsTo;
-
-	if (receiptList) {
-		rr->receiptsFrom->type = 1;
-		rr->receiptsFrom->d.receiptList = receiptList;
-	} else {
-		rr->receiptsFrom->type = 0;
-		rr->receiptsFrom->d.allOrFirstTier = allorfirst;
-	}
-
-	return rr;
-
-merr:
-	CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
-err:
-	if (rr)
-		CMS_ReceiptRequest_free(rr);
-	return NULL;
-}
-
-int
-CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
-{
-	unsigned char *rrder = NULL;
-	int rrderlen, r = 0;
-
-	rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
-	if (rrderlen < 0)
-		goto merr;
-
-	if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
-	    V_ASN1_SEQUENCE, rrder, rrderlen))
-		goto merr;
-
-	r = 1;
-
-merr:
-	if (!r)
-		CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
-	free(rrder);
-	return r;
-}
-
-void
-CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid,
-    int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist,
-    STACK_OF(GENERAL_NAMES) **prto)
-{
-	if (pcid)
-		*pcid = rr->signedContentIdentifier;
-	if (rr->receiptsFrom->type == 0) {
-		if (pallorfirst)
-			*pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
-		if (plist)
-			*plist = NULL;
-	} else {
-		if (pallorfirst)
-			*pallorfirst = -1;
-		if (plist)
-			*plist = rr->receiptsFrom->d.receiptList;
-	}
-	if (prto)
-		*prto = rr->receiptsTo;
-}
-
-/* Digest a SignerInfo structure for msgSigDigest attribute processing */
-
-static int
-cms_msgSigDigest(CMS_SignerInfo *si, unsigned char *dig, unsigned int *diglen)
-{
-	const EVP_MD *md;
-
-	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-	if (md == NULL)
-		return 0;
-	if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
-	    si->signedAttrs, dig, diglen))
-		return 0;
-	return 1;
-}
-
-/* Add a msgSigDigest attribute to a SignerInfo */
-
-int
-cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
-{
-	unsigned char dig[EVP_MAX_MD_SIZE];
-	unsigned int diglen;
-
-	if (!cms_msgSigDigest(src, dig, &diglen)) {
-		CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
-		return 0;
-	}
-	if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
-	    V_ASN1_OCTET_STRING, dig, diglen)) {
-		CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-/* Verify signed receipt after it has already passed normal CMS verify */
-
-int
-cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
-{
-	int r = 0, i;
-	CMS_ReceiptRequest *rr = NULL;
-	CMS_Receipt *rct = NULL;
-	STACK_OF(CMS_SignerInfo) *sis, *osis;
-	CMS_SignerInfo *si, *osi = NULL;
-	ASN1_OCTET_STRING *msig, **pcont;
-	ASN1_OBJECT *octype;
-	unsigned char dig[EVP_MAX_MD_SIZE];
-	unsigned int diglen;
-
-	/* Get SignerInfos, also checks SignedData content type */
-	osis = CMS_get0_SignerInfos(req_cms);
-	sis = CMS_get0_SignerInfos(cms);
-	if (!osis || !sis)
-		goto err;
-
-	if (sk_CMS_SignerInfo_num(sis) != 1) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
-		goto err;
-	}
-
-	/* Check receipt content type */
-	if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
-		goto err;
-	}
-
-	/* Extract and decode receipt content */
-	pcont = CMS_get0_content(cms);
-	if (!pcont || !*pcont) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
-		goto err;
-	}
-
-	rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
-
-	if (!rct) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
-		goto err;
-	}
-
-	/* Locate original request */
-
-	for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
-		osi = sk_CMS_SignerInfo_value(osis, i);
-		if (!ASN1_STRING_cmp(osi->signature,
-		    rct->originatorSignatureValue))
-			break;
-	}
-
-	if (i == sk_CMS_SignerInfo_num(osis)) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
-		goto err;
-	}
-
-	si = sk_CMS_SignerInfo_value(sis, 0);
-
-	/* Get msgSigDigest value and compare */
-
-	msig = CMS_signed_get0_data_by_OBJ(si,
-	    OBJ_nid2obj(NID_id_smime_aa_msgSigDigest), -3, V_ASN1_OCTET_STRING);
-
-	if (!msig) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
-		goto err;
-	}
-
-	if (!cms_msgSigDigest(osi, dig, &diglen)) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
-		goto err;
-	}
-
-	if (diglen != (unsigned int)msig->length) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-		    CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
-		goto err;
-	}
-
-	if (memcmp(dig, msig->data, diglen)) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-		    CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
-		goto err;
-	}
-
-	/* Compare content types */
-
-	octype = CMS_signed_get0_data_by_OBJ(osi,
-	    OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
-	if (!octype) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
-		goto err;
-	}
-
-	/* Compare details in receipt request */
-
-	if (OBJ_cmp(octype, rct->contentType)) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
-		goto err;
-	}
-
-	/* Get original receipt request details */
-
-	if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
-		goto err;
-	}
-
-	if (ASN1_STRING_cmp(rr->signedContentIdentifier,
-	    rct->signedContentIdentifier)) {
-		CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
-		    CMS_R_CONTENTIDENTIFIER_MISMATCH);
-		goto err;
-	}
-
-	r = 1;
-
-err:
-	if (rr)
-		CMS_ReceiptRequest_free(rr);
-	if (rct)
-		M_ASN1_free_of(rct, CMS_Receipt);
-
-	return r;
-}
-
-/* Encode a Receipt into an OCTET STRING read for including into content of
- * a SignedData ContentInfo.
- */
-
-ASN1_OCTET_STRING *
-cms_encode_Receipt(CMS_SignerInfo *si)
-{
-	CMS_Receipt rct;
-	CMS_ReceiptRequest *rr = NULL;
-	ASN1_OBJECT *ctype;
-	ASN1_OCTET_STRING *os = NULL;
-
-	/* Get original receipt request */
-
-	/* Get original receipt request details */
-
-	if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
-		CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
-		goto err;
-	}
-
-	/* Get original content type */
-
-	ctype = CMS_signed_get0_data_by_OBJ(si,
-	    OBJ_nid2obj(NID_pkcs9_contentType), -3, V_ASN1_OBJECT);
-	if (!ctype) {
-		CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
-		goto err;
-	}
-
-	rct.version = 1;
-	rct.contentType = ctype;
-	rct.signedContentIdentifier = rr->signedContentIdentifier;
-	rct.originatorSignatureValue = si->signature;
-
-	os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
-
-err:
-	if (rr)
-		CMS_ReceiptRequest_free(rr);
-	return os;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_io.c b/lib/libssl/src/crypto/cms/cms_io.c
deleted file mode 100644
index c26def099c9..00000000000
--- a/lib/libssl/src/crypto/cms/cms_io.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* $OpenBSD: cms_io.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-int
-CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
-{
-	ASN1_OCTET_STRING **pos;
-
-	pos = CMS_get0_content(cms);
-	if (!pos)
-		return 0;
-	if (!*pos)
-		*pos = ASN1_OCTET_STRING_new();
-	if (*pos) {
-		(*pos)->flags |= ASN1_STRING_FLAG_NDEF;
-		(*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
-		*boundary = &(*pos)->data;
-		return 1;
-	}
-	CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-CMS_ContentInfo *
-d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
-}
-
-int
-i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
-}
-
-IMPLEMENT_PEM_rw_const(CMS, CMS_ContentInfo, PEM_STRING_CMS, CMS_ContentInfo)
-
-BIO *
-BIO_new_CMS(BIO *out, CMS_ContentInfo *cms)
-{
-	return BIO_new_NDEF(out, (ASN1_VALUE *)cms,
-	    ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-/* CMS wrappers round generalised stream and MIME routines */
-
-int
-i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
-{
-	return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags,
-	    ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-int
-PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
-{
-	return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) cms, in, flags,
-	    "CMS", ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-int
-SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
-{
-	STACK_OF(X509_ALGOR) *mdalgs;
-	int ctype_nid = OBJ_obj2nid(cms->contentType);
-	int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
-
-	if (ctype_nid == NID_pkcs7_signed)
-		mdalgs = cms->d.signedData->digestAlgorithms;
-	else
-		mdalgs = NULL;
-
-	return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
-	    ctype_nid, econt_nid, mdalgs, ASN1_ITEM_rptr(CMS_ContentInfo));
-}
-
-CMS_ContentInfo *
-SMIME_read_CMS(BIO *bio, BIO **bcont)
-{
-	return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont,
-	    ASN1_ITEM_rptr(CMS_ContentInfo));
-}
diff --git a/lib/libssl/src/crypto/cms/cms_lcl.h b/lib/libssl/src/crypto/cms/cms_lcl.h
deleted file mode 100644
index d5feec0969d..00000000000
--- a/lib/libssl/src/crypto/cms/cms_lcl.h
+++ /dev/null
@@ -1,438 +0,0 @@
-/* $OpenBSD: cms_lcl.h,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_CMS_LCL_H
-#define HEADER_CMS_LCL_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <openssl/x509.h>
-
-/* Cryptographic message syntax (CMS) structures: taken
- * from RFC3852
- */
-
-/* Forward references */
-
-typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
-typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
-typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
-typedef struct CMS_SignedData_st CMS_SignedData;
-typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
-typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
-typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
-typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
-typedef struct CMS_DigestedData_st CMS_DigestedData;
-typedef struct CMS_EncryptedData_st CMS_EncryptedData;
-typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
-typedef struct CMS_CompressedData_st CMS_CompressedData;
-typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
-typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
-typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
-typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
-typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
-typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
-typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
-typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
-typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
-typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
-typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
-typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
-typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
-typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
-
-struct CMS_ContentInfo_st {
-	ASN1_OBJECT *contentType;
-	union {
-		ASN1_OCTET_STRING *data;
-		CMS_SignedData *signedData;
-		CMS_EnvelopedData *envelopedData;
-		CMS_DigestedData *digestedData;
-		CMS_EncryptedData *encryptedData;
-		CMS_AuthenticatedData *authenticatedData;
-		CMS_CompressedData *compressedData;
-		ASN1_TYPE *other;
-		/* Other types ... */
-		void *otherData;
-	} d;
-};
-
-struct CMS_SignedData_st {
-	long version;
-	STACK_OF(X509_ALGOR) *digestAlgorithms;
-	CMS_EncapsulatedContentInfo *encapContentInfo;
-	STACK_OF(CMS_CertificateChoices) *certificates;
-	STACK_OF(CMS_RevocationInfoChoice) *crls;
-	STACK_OF(CMS_SignerInfo) *signerInfos;
-};
-
-struct CMS_EncapsulatedContentInfo_st {
-	ASN1_OBJECT *eContentType;
-	ASN1_OCTET_STRING *eContent;
-	/* Set to 1 if incomplete structure only part set up */
-	int partial;
-};
-
-struct CMS_SignerInfo_st {
-	long version;
-	CMS_SignerIdentifier *sid;
-	X509_ALGOR *digestAlgorithm;
-	STACK_OF(X509_ATTRIBUTE) *signedAttrs;
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_OCTET_STRING *signature;
-	STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
-	/* Signing certificate and key */
-	X509 *signer;
-	EVP_PKEY *pkey;
-};
-
-struct CMS_SignerIdentifier_st {
-	int type;
-	union {
-		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-		ASN1_OCTET_STRING *subjectKeyIdentifier;
-	} d;
-};
-
-struct CMS_EnvelopedData_st {
-	long version;
-	CMS_OriginatorInfo *originatorInfo;
-	STACK_OF(CMS_RecipientInfo) *recipientInfos;
-	CMS_EncryptedContentInfo *encryptedContentInfo;
-	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_OriginatorInfo_st {
-	STACK_OF(CMS_CertificateChoices) *certificates;
-	STACK_OF(CMS_RevocationInfoChoice) *crls;
-};
-
-struct CMS_EncryptedContentInfo_st {
-	ASN1_OBJECT *contentType;
-	X509_ALGOR *contentEncryptionAlgorithm;
-	ASN1_OCTET_STRING *encryptedContent;
-	/* Content encryption algorithm and key */
-	const EVP_CIPHER *cipher;
-	unsigned char *key;
-	size_t keylen;
-	/* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
-	int debug;
-};
-
-struct CMS_RecipientInfo_st {
-	int type;
-	union {
-		CMS_KeyTransRecipientInfo *ktri;
-		CMS_KeyAgreeRecipientInfo *kari;
-		CMS_KEKRecipientInfo *kekri;
-		CMS_PasswordRecipientInfo *pwri;
-		CMS_OtherRecipientInfo *ori;
-	} d;
-};
-
-typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
-
-struct CMS_KeyTransRecipientInfo_st {
-	long version;
-	CMS_RecipientIdentifier *rid;
-	X509_ALGOR *keyEncryptionAlgorithm;
-	ASN1_OCTET_STRING *encryptedKey;
-	/* Recipient Key and cert */
-	X509 *recip;
-	EVP_PKEY *pkey;
-};
-
-struct CMS_KeyAgreeRecipientInfo_st {
-	long version;
-	CMS_OriginatorIdentifierOrKey *originator;
-	ASN1_OCTET_STRING *ukm;
-	X509_ALGOR *keyEncryptionAlgorithm;
-	STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
-};
-
-struct CMS_OriginatorIdentifierOrKey_st {
-	int type;
-	union {
-		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-		ASN1_OCTET_STRING *subjectKeyIdentifier;
-		CMS_OriginatorPublicKey *originatorKey;
-	} d;
-};
-
-struct CMS_OriginatorPublicKey_st {
-	X509_ALGOR *algorithm;
-	ASN1_BIT_STRING *publicKey;
-};
-
-struct CMS_RecipientEncryptedKey_st {
-	CMS_KeyAgreeRecipientIdentifier *rid;
-	ASN1_OCTET_STRING *encryptedKey;
-};
-
-struct CMS_KeyAgreeRecipientIdentifier_st {
-	int type;
-	union {
-		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
-		CMS_RecipientKeyIdentifier *rKeyId;
-	} d;
-};
-
-struct CMS_RecipientKeyIdentifier_st {
-	ASN1_OCTET_STRING *subjectKeyIdentifier;
-	ASN1_GENERALIZEDTIME *date;
-	CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_KEKRecipientInfo_st {
-	long version;
-	CMS_KEKIdentifier *kekid;
-	X509_ALGOR *keyEncryptionAlgorithm;
-	ASN1_OCTET_STRING *encryptedKey;
-	/* Extra info: symmetric key to use */
-	unsigned char *key;
-	size_t keylen;
-};
-
-struct CMS_KEKIdentifier_st {
-	ASN1_OCTET_STRING *keyIdentifier;
-	ASN1_GENERALIZEDTIME *date;
-	CMS_OtherKeyAttribute *other;
-};
-
-struct CMS_PasswordRecipientInfo_st {
-	long version;
-	X509_ALGOR *keyDerivationAlgorithm;
-	X509_ALGOR *keyEncryptionAlgorithm;
-	ASN1_OCTET_STRING *encryptedKey;
-	/* Extra info: password to use */
-	unsigned char *pass;
-	size_t passlen;
-};
-
-struct CMS_OtherRecipientInfo_st {
-	ASN1_OBJECT *oriType;
-	ASN1_TYPE *oriValue;
-};
-
-struct CMS_DigestedData_st {
-	long version;
-	X509_ALGOR *digestAlgorithm;
-	CMS_EncapsulatedContentInfo *encapContentInfo;
-	ASN1_OCTET_STRING *digest;
-};
-
-struct CMS_EncryptedData_st {
-	long version;
-	CMS_EncryptedContentInfo *encryptedContentInfo;
-	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
-};
-
-struct CMS_AuthenticatedData_st {
-	long version;
-	CMS_OriginatorInfo *originatorInfo;
-	STACK_OF(CMS_RecipientInfo) *recipientInfos;
-	X509_ALGOR *macAlgorithm;
-	X509_ALGOR *digestAlgorithm;
-	CMS_EncapsulatedContentInfo *encapContentInfo;
-	STACK_OF(X509_ATTRIBUTE) *authAttrs;
-	ASN1_OCTET_STRING *mac;
-	STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
-};
-
-struct CMS_CompressedData_st {
-	long version;
-	X509_ALGOR *compressionAlgorithm;
-	STACK_OF(CMS_RecipientInfo) *recipientInfos;
-	CMS_EncapsulatedContentInfo *encapContentInfo;
-};
-
-struct CMS_RevocationInfoChoice_st {
-	int type;
-	union {
-		X509_CRL *crl;
-		CMS_OtherRevocationInfoFormat *other;
-	} d;
-};
-
-#define CMS_REVCHOICE_CRL		0
-#define CMS_REVCHOICE_OTHER		1
-
-struct CMS_OtherRevocationInfoFormat_st {
-	ASN1_OBJECT *otherRevInfoFormat;
-	ASN1_TYPE *otherRevInfo;
-};
-
-struct CMS_CertificateChoices {
-	int type;
-	union {
-		X509 *certificate;
-		ASN1_STRING *extendedCertificate;	/* Obsolete */
-		ASN1_STRING *v1AttrCert;	/* Left encoded for now */
-		ASN1_STRING *v2AttrCert;	/* Left encoded for now */
-		CMS_OtherCertificateFormat *other;
-	} d;
-};
-
-#define CMS_CERTCHOICE_CERT		0
-#define CMS_CERTCHOICE_EXCERT		1
-#define CMS_CERTCHOICE_V1ACERT		2
-#define CMS_CERTCHOICE_V2ACERT		3
-#define CMS_CERTCHOICE_OTHER		4
-
-struct CMS_OtherCertificateFormat_st {
-	ASN1_OBJECT *otherCertFormat;
-	ASN1_TYPE *otherCert;
-};
-
-/* This is also defined in pkcs7.h but we duplicate it
- * to allow the CMS code to be independent of PKCS#7
- */
-
-struct CMS_IssuerAndSerialNumber_st {
-	X509_NAME *issuer;
-	ASN1_INTEGER *serialNumber;
-};
-
-struct CMS_OtherKeyAttribute_st {
-	ASN1_OBJECT *keyAttrId;
-	ASN1_TYPE *keyAttr;
-};
-
-/* ESS structures */
-
-#ifdef HEADER_X509V3_H
-
-struct CMS_ReceiptRequest_st {
-	ASN1_OCTET_STRING *signedContentIdentifier;
-	CMS_ReceiptsFrom *receiptsFrom;
-	STACK_OF(GENERAL_NAMES) *receiptsTo;
-};
-
-
-struct CMS_ReceiptsFrom_st {
-	int type;
-	union
-	{
-		long allOrFirstTier;
-		STACK_OF(GENERAL_NAMES) *receiptList;
-	} d;
-};
-#endif
-
-struct CMS_Receipt_st {
-	long version;
-	ASN1_OBJECT *contentType;
-	ASN1_OCTET_STRING *signedContentIdentifier;
-	ASN1_OCTET_STRING *originatorSignatureValue;
-};
-
-DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
-DECLARE_ASN1_ITEM(CMS_SignerInfo)
-DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
-DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
-DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
-DECLARE_ASN1_ITEM(CMS_RecipientInfo)
-DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
-DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
-
-#define CMS_SIGNERINFO_ISSUER_SERIAL	0
-#define CMS_SIGNERINFO_KEYIDENTIFIER	1
-
-#define CMS_RECIPINFO_ISSUER_SERIAL	0
-#define CMS_RECIPINFO_KEYIDENTIFIER	1
-
-BIO *cms_content_bio(CMS_ContentInfo *cms);
-
-CMS_ContentInfo *cms_Data_create(void);
-
-CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
-BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
-int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
-
-BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
-int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
-int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
-int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
-    ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
-int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
-
-CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
-BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
-
-void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
-BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
-int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
-    X509_ALGOR *mdalg);
-
-BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
-BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
-int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
-    const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen);
-
-int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
-int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
-ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
-
-BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
-CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
-
-/* PWRI routines */
-int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-    int en_de);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/cms/cms_lib.c b/lib/libssl/src/crypto/cms/cms_lib.c
deleted file mode 100644
index 4ca38e24288..00000000000
--- a/lib/libssl/src/crypto/cms/cms_lib.c
+++ /dev/null
@@ -1,594 +0,0 @@
-/* $OpenBSD: cms_lib.c,v 1.4 2014/07/25 06:05:32 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include "cms.h"
-#include "cms_lcl.h"
-
-IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
-IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-
-DECLARE_ASN1_ITEM(CMS_CertificateChoices)
-DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
-DECLARE_STACK_OF(CMS_CertificateChoices)
-DECLARE_STACK_OF(CMS_RevocationInfoChoice)
-
-const ASN1_OBJECT *
-CMS_get0_type(CMS_ContentInfo *cms)
-{
-	return cms->contentType;
-}
-
-CMS_ContentInfo *
-cms_Data_create(void)
-{
-	CMS_ContentInfo *cms;
-
-	cms = CMS_ContentInfo_new();
-	if (cms) {
-		cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
-		/* Never detached */
-		CMS_set_detached(cms, 0);
-	}
-	return cms;
-}
-
-BIO *
-cms_content_bio(CMS_ContentInfo *cms)
-{
-	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-
-	if (!pos)
-		return NULL;
-	/* If content detached data goes nowhere: create NULL BIO */
-	if (!*pos)
-		return BIO_new(BIO_s_null());
-	/* If content not detached and created return memory BIO
-	 */
-	if (!*pos || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
-		return BIO_new(BIO_s_mem());
-	/* Else content was read in: return read only BIO for it */
-	return BIO_new_mem_buf((*pos)->data, (*pos)->length);
-}
-
-BIO *
-CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
-{
-	BIO *cmsbio, *cont;
-
-	if (icont)
-		cont = icont;
-	else
-		cont = cms_content_bio(cms);
-	if (!cont) {
-		CMSerr(CMS_F_CMS_DATAINIT, CMS_R_NO_CONTENT);
-		return NULL;
-	}
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_data:
-		return cont;
-	case NID_pkcs7_signed:
-		cmsbio = cms_SignedData_init_bio(cms);
-		break;
-	case NID_pkcs7_digest:
-		cmsbio = cms_DigestedData_init_bio(cms);
-		break;
-#ifdef ZLIB
-	case NID_id_smime_ct_compressedData:
-		cmsbio = cms_CompressedData_init_bio(cms);
-		break;
-#endif
-	case NID_pkcs7_encrypted:
-		cmsbio = cms_EncryptedData_init_bio(cms);
-		break;
-	case NID_pkcs7_enveloped:
-		cmsbio = cms_EnvelopedData_init_bio(cms);
-		break;
-	default:
-		CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
-		return NULL;
-	}
-
-	if (cmsbio)
-		return BIO_push(cmsbio, cont);
-
-	if (!icont)
-		BIO_free(cont);
-	return NULL;
-}
-
-int
-CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
-{
-	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-
-	if (!pos)
-		return 0;
-	/* If ebmedded content find memory BIO and set content */
-	if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
-		BIO *mbio;
-		unsigned char *cont;
-		long contlen;
-		mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM);
-		if (!mbio) {
-			CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_CONTENT_NOT_FOUND);
-			return 0;
-		}
-		contlen = BIO_get_mem_data(mbio, &cont);
-		/* Set bio as read only so its content can't be clobbered */
-		BIO_set_flags(mbio, BIO_FLAGS_MEM_RDONLY);
-		BIO_set_mem_eof_return(mbio, 0);
-		ASN1_STRING_set0(*pos, cont, contlen);
-		(*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
-	}
-
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_data:
-	case NID_pkcs7_enveloped:
-	case NID_pkcs7_encrypted:
-	case NID_id_smime_ct_compressedData:
-		/* Nothing to do */
-		return 1;
-	case NID_pkcs7_signed:
-		return cms_SignedData_final(cms, cmsbio);
-	case NID_pkcs7_digest:
-		return cms_DigestedData_do_final(cms, cmsbio, 0);
-	default:
-		CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_UNSUPPORTED_TYPE);
-		return 0;
-	}
-}
-
-/* Return an OCTET STRING pointer to content. This allows it to
- * be accessed or set later.
- */
-
-ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms)
-{
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_data:
-		return &cms->d.data;
-	case NID_pkcs7_signed:
-		return &cms->d.signedData->encapContentInfo->eContent;
-	case NID_pkcs7_enveloped:
-		return &cms->d.envelopedData->encryptedContentInfo->encryptedContent;
-	case NID_pkcs7_digest:
-		return &cms->d.digestedData->encapContentInfo->eContent;
-	case NID_pkcs7_encrypted:
-		return &cms->d.encryptedData->encryptedContentInfo->encryptedContent;
-	case NID_id_smime_ct_authData:
-		return &cms->d.authenticatedData->encapContentInfo->eContent;
-	case NID_id_smime_ct_compressedData:
-		return &cms->d.compressedData->encapContentInfo->eContent;
-	default:
-		if (cms->d.other->type == V_ASN1_OCTET_STRING)
-			return &cms->d.other->value.octet_string;
-		CMSerr(CMS_F_CMS_GET0_CONTENT, CMS_R_UNSUPPORTED_CONTENT_TYPE);
-		return NULL;
-	}
-}
-
-/* Return an ASN1_OBJECT pointer to content type. This allows it to
- * be accessed or set later.
- */
-
-static ASN1_OBJECT **cms_get0_econtent_type(CMS_ContentInfo *cms)
-{
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_signed:
-		return &cms->d.signedData->encapContentInfo->eContentType;
-	case NID_pkcs7_enveloped:
-		return &cms->d.envelopedData->encryptedContentInfo->contentType;
-	case NID_pkcs7_digest:
-		return &cms->d.digestedData->encapContentInfo->eContentType;
-	case NID_pkcs7_encrypted:
-		return &cms->d.encryptedData->encryptedContentInfo->contentType;
-	case NID_id_smime_ct_authData:
-		return &cms->d.authenticatedData->encapContentInfo->eContentType;
-	case NID_id_smime_ct_compressedData:
-		return &cms->d.compressedData->encapContentInfo->eContentType;
-	default:
-		CMSerr(CMS_F_CMS_GET0_ECONTENT_TYPE,
-		    CMS_R_UNSUPPORTED_CONTENT_TYPE);
-		return NULL;
-	}
-}
-
-const ASN1_OBJECT *
-CMS_get0_eContentType(CMS_ContentInfo *cms)
-{
-	ASN1_OBJECT **petype;
-
-	petype = cms_get0_econtent_type(cms);
-	if (petype)
-		return *petype;
-	return NULL;
-}
-
-int
-CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid)
-{
-	ASN1_OBJECT **petype, *etype;
-
-	petype = cms_get0_econtent_type(cms);
-	if (!petype)
-		return 0;
-	if (!oid)
-		return 1;
-	etype = OBJ_dup(oid);
-	if (!etype)
-		return 0;
-	ASN1_OBJECT_free(*petype);
-	*petype = etype;
-	return 1;
-}
-
-int
-CMS_is_detached(CMS_ContentInfo *cms)
-{
-	ASN1_OCTET_STRING **pos;
-
-	pos = CMS_get0_content(cms);
-	if (!pos)
-		return -1;
-	if (*pos)
-		return 0;
-	return 1;
-}
-
-int
-CMS_set_detached(CMS_ContentInfo *cms, int detached)
-{
-	ASN1_OCTET_STRING **pos;
-
-	pos = CMS_get0_content(cms);
-	if (!pos)
-		return 0;
-	if (detached) {
-		if (*pos) {
-			ASN1_OCTET_STRING_free(*pos);
-			*pos = NULL;
-		}
-		return 1;
-	}
-	if (!*pos)
-		*pos = ASN1_OCTET_STRING_new();
-	if (*pos) {
-		/* NB: special flag to show content is created and not
-		 * read in.
-		 */
-		(*pos)->flags |= ASN1_STRING_FLAG_CONT;
-		return 1;
-	}
-	CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
-
-void
-cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md)
-{
-	int param_type;
-
-	if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
-		param_type = V_ASN1_UNDEF;
-	else
-		param_type = V_ASN1_NULL;
-
-	X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
-
-}
-
-/* Create a digest BIO from an X509_ALGOR structure */
-
-BIO *
-cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
-{
-	BIO *mdbio = NULL;
-	ASN1_OBJECT *digestoid;
-	const EVP_MD *digest;
-
-	X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
-	digest = EVP_get_digestbyobj(digestoid);
-	if (!digest) {
-		CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
-		    CMS_R_UNKNOWN_DIGEST_ALGORIHM);
-		goto err;
-	}
-	mdbio = BIO_new(BIO_f_md());
-	if (!mdbio || !BIO_set_md(mdbio, digest)) {
-		CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
-		    CMS_R_MD_BIO_INIT_ERROR);
-		goto err;
-	}
-	return mdbio;
-
-err:
-	BIO_free(mdbio);
-	return NULL;
-}
-
-/* Locate a message digest content from a BIO chain based on SignerInfo */
-
-int
-cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg)
-{
-	int nid;
-	ASN1_OBJECT *mdoid;
-
-	X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
-	nid = OBJ_obj2nid(mdoid);
-
-	/* Look for digest type to match signature */
-	for (;;) {
-		EVP_MD_CTX *mtmp;
-		chain = BIO_find_type(chain, BIO_TYPE_MD);
-		if (chain == NULL) {
-			CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX,
-			    CMS_R_NO_MATCHING_DIGEST);
-			return 0;
-		}
-		BIO_get_md_ctx(chain, &mtmp);
-		if (EVP_MD_CTX_type(mtmp) == nid
-		/* Workaround for broken implementations that use signature
-		 * algorithm  OID instead of digest.
-		 */ ||
-		    EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
-			return EVP_MD_CTX_copy_ex(mctx, mtmp);
-		chain = BIO_next(chain);
-	}
-}
-
-static STACK_OF(CMS_CertificateChoices) **
-cms_get0_certificate_choices(CMS_ContentInfo *cms)
-{
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_signed:
-		return &cms->d.signedData->certificates;
-	case NID_pkcs7_enveloped:
-		return &cms->d.envelopedData->originatorInfo->certificates;
-	default:
-		CMSerr(CMS_F_CMS_GET0_CERTIFICATE_CHOICES,
-		    CMS_R_UNSUPPORTED_CONTENT_TYPE);
-		return NULL;
-	}
-}
-
-CMS_CertificateChoices *
-CMS_add0_CertificateChoices(CMS_ContentInfo *cms)
-{
-	STACK_OF(CMS_CertificateChoices) **pcerts;
-	CMS_CertificateChoices *cch;
-
-	pcerts = cms_get0_certificate_choices(cms);
-	if (!pcerts)
-		return NULL;
-	if (!*pcerts)
-		*pcerts = sk_CMS_CertificateChoices_new_null();
-	if (!*pcerts)
-		return NULL;
-	cch = M_ASN1_new_of(CMS_CertificateChoices);
-	if (!cch)
-		return NULL;
-	if (!sk_CMS_CertificateChoices_push(*pcerts, cch)) {
-		M_ASN1_free_of(cch, CMS_CertificateChoices);
-		return NULL;
-	}
-	return cch;
-}
-
-int
-CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
-{
-	CMS_CertificateChoices *cch;
-	STACK_OF(CMS_CertificateChoices) **pcerts;
-	int i;
-
-	pcerts = cms_get0_certificate_choices(cms);
-	if (!pcerts)
-		return 0;
-	for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
-		cch = sk_CMS_CertificateChoices_value(*pcerts, i);
-		if (cch->type == CMS_CERTCHOICE_CERT) {
-			if (!X509_cmp(cch->d.certificate, cert)) {
-				CMSerr(CMS_F_CMS_ADD0_CERT,
-				    CMS_R_CERTIFICATE_ALREADY_PRESENT);
-				return 0;
-			}
-		}
-	}
-	cch = CMS_add0_CertificateChoices(cms);
-	if (!cch)
-		return 0;
-	cch->type = CMS_CERTCHOICE_CERT;
-	cch->d.certificate = cert;
-	return 1;
-}
-
-int
-CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
-{
-	int r;
-
-	r = CMS_add0_cert(cms, cert);
-	if (r > 0)
-		CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-	return r;
-}
-
-static STACK_OF(CMS_RevocationInfoChoice) **
-cms_get0_revocation_choices(CMS_ContentInfo *cms)
-{
-	switch (OBJ_obj2nid(cms->contentType)) {
-	case NID_pkcs7_signed:
-		return &cms->d.signedData->crls;
-	case NID_pkcs7_enveloped:
-		return &cms->d.envelopedData->originatorInfo->crls;
-	default:
-		CMSerr(CMS_F_CMS_GET0_REVOCATION_CHOICES,
-		    CMS_R_UNSUPPORTED_CONTENT_TYPE);
-		return NULL;
-	}
-}
-
-CMS_RevocationInfoChoice *
-CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms)
-{
-	STACK_OF(CMS_RevocationInfoChoice) **pcrls;
-	CMS_RevocationInfoChoice *rch;
-
-	pcrls = cms_get0_revocation_choices(cms);
-	if (!pcrls)
-		return NULL;
-	if (!*pcrls)
-		*pcrls = sk_CMS_RevocationInfoChoice_new_null();
-	if (!*pcrls)
-		return NULL;
-	rch = M_ASN1_new_of(CMS_RevocationInfoChoice);
-	if (!rch)
-		return NULL;
-	if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch)) {
-		M_ASN1_free_of(rch, CMS_RevocationInfoChoice);
-		return NULL;
-	}
-	return rch;
-}
-
-int
-CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl)
-{
-	CMS_RevocationInfoChoice *rch;
-
-	rch = CMS_add0_RevocationInfoChoice(cms);
-	if (!rch)
-		return 0;
-	rch->type = CMS_REVCHOICE_CRL;
-	rch->d.crl = crl;
-	return 1;
-}
-
-int
-CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
-{
-	int r;
-
-	r = CMS_add0_crl(cms, crl);
-	if (r > 0)
-		CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
-	return r;
-}
-
-STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
-{
-	STACK_OF(X509) *certs = NULL;
-	CMS_CertificateChoices *cch;
-	STACK_OF(CMS_CertificateChoices) **pcerts;
-	int i;
-
-	pcerts = cms_get0_certificate_choices(cms);
-	if (!pcerts)
-		return NULL;
-	for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
-		cch = sk_CMS_CertificateChoices_value(*pcerts, i);
-		if (cch->type == 0) {
-			if (!certs) {
-				certs = sk_X509_new_null();
-				if (!certs)
-					return NULL;
-			}
-			if (!sk_X509_push(certs, cch->d.certificate)) {
-				sk_X509_pop_free(certs, X509_free);
-				return NULL;
-			}
-			CRYPTO_add(&cch->d.certificate->references,
-			    1, CRYPTO_LOCK_X509);
-		}
-	}
-	return certs;
-
-}
-
-STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
-{
-	STACK_OF(X509_CRL) *crls = NULL;
-	STACK_OF(CMS_RevocationInfoChoice) **pcrls;
-	CMS_RevocationInfoChoice *rch;
-	int i;
-
-	pcrls = cms_get0_revocation_choices(cms);
-	if (!pcrls)
-		return NULL;
-	for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++) {
-		rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i);
-		if (rch->type == 0) {
-			if (!crls) {
-				crls = sk_X509_CRL_new_null();
-				if (!crls)
-					return NULL;
-			}
-			if (!sk_X509_CRL_push(crls, rch->d.crl)) {
-				sk_X509_CRL_pop_free(crls, X509_CRL_free);
-				return NULL;
-			}
-			CRYPTO_add(&rch->d.crl->references,
-			    1, CRYPTO_LOCK_X509_CRL);
-		}
-	}
-	return crls;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_pwri.c b/lib/libssl/src/crypto/cms/cms_pwri.c
deleted file mode 100644
index 7055ba5d3b6..00000000000
--- a/lib/libssl/src/crypto/cms/cms_pwri.c
+++ /dev/null
@@ -1,431 +0,0 @@
-/* $OpenBSD: cms_pwri.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2009 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdlib.h>
-
-#include <openssl/aes.h>
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "asn1_locl.h"
-#include "cms_lcl.h"
-
-int
-CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, unsigned char *pass,
-    ssize_t passlen)
-{
-	CMS_PasswordRecipientInfo *pwri;
-
-	if (ri->type != CMS_RECIPINFO_PASS) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
-		return 0;
-	}
-
-	pwri = ri->d.pwri;
-	pwri->pass = pass;
-	if (pass && passlen < 0)
-		passlen = strlen((char *)pass);
-	pwri->passlen = passlen;
-	return 1;
-}
-
-CMS_RecipientInfo *
-CMS_add0_recipient_password(CMS_ContentInfo *cms, int iter, int wrap_nid,
-    int pbe_nid, unsigned char *pass, ssize_t passlen,
-    const EVP_CIPHER *kekciph)
-{
-	CMS_RecipientInfo *ri = NULL;
-	CMS_EnvelopedData *env;
-	CMS_PasswordRecipientInfo *pwri;
-	EVP_CIPHER_CTX ctx;
-	X509_ALGOR *encalg = NULL;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-	int ivlen;
-
-	env = cms_get0_enveloped(cms);
-	if (!env)
-		return NULL;
-
-	if (wrap_nid <= 0)
-		wrap_nid = NID_id_alg_PWRI_KEK;
-
-	if (pbe_nid <= 0)
-		pbe_nid = NID_id_pbkdf2;
-
-	/* Get from enveloped data */
-	if (kekciph == NULL)
-		kekciph = env->encryptedContentInfo->cipher;
-
-	if (kekciph == NULL) {
-		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
-		return NULL;
-	}
-	if (wrap_nid != NID_id_alg_PWRI_KEK) {
-		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-		    CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
-		return NULL;
-	}
-
-	/* Setup algorithm identifier for cipher */
-	encalg = X509_ALGOR_new();
-	EVP_CIPHER_CTX_init(&ctx);
-
-	if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
-		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
-		goto err;
-	}
-
-	ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
-
-	if (ivlen > 0) {
-		arc4random_buf(iv, ivlen);
-		if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-			    ERR_R_EVP_LIB);
-			goto err;
-		}
-		encalg->parameter = ASN1_TYPE_new();
-		if (!encalg->parameter) {
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
-			CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
-			    CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-			goto err;
-		}
-	}
-
-
-	encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
-
-	EVP_CIPHER_CTX_cleanup(&ctx);
-
-	/* Initialize recipient info */
-	ri = M_ASN1_new_of(CMS_RecipientInfo);
-	if (!ri)
-		goto merr;
-
-	ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
-	if (!ri->d.pwri)
-		goto merr;
-	ri->type = CMS_RECIPINFO_PASS;
-
-	pwri = ri->d.pwri;
-	/* Since this is overwritten, free up empty structure already there */
-	X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
-	pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
-	if (!pwri->keyEncryptionAlgorithm)
-		goto merr;
-	pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
-	pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
-	if (!pwri->keyEncryptionAlgorithm->parameter)
-		goto merr;
-
-	if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
-	    &pwri->keyEncryptionAlgorithm->parameter->value.sequence))
-		goto merr;
-	pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
-
-	X509_ALGOR_free(encalg);
-	encalg = NULL;
-
-	/* Setup PBE algorithm */
-
-	pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
-
-	if (!pwri->keyDerivationAlgorithm)
-		goto err;
-
-	CMS_RecipientInfo_set0_password(ri, pass, passlen);
-	pwri->version = 0;
-
-	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
-		goto merr;
-
-	return ri;
-
-merr:
-	CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
-err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	if (ri)
-		M_ASN1_free_of(ri, CMS_RecipientInfo);
-	if (encalg)
-		X509_ALGOR_free(encalg);
-	return NULL;
-}
-
-/* This is an implementation of the key wrapping mechanism in RFC3211,
- * at some point this should go into EVP.
- */
-
-static int
-kek_unwrap_key(unsigned char *out, size_t *outlen, const unsigned char *in,
-    size_t inlen, EVP_CIPHER_CTX *ctx)
-{
-	size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
-	unsigned char *tmp;
-	int outl, rv = 0;
-
-	if (inlen < 2 * blocklen) {
-		/* too small */
-		return 0;
-	}
-	if (inlen % blocklen) {
-		/* Invalid size */
-		return 0;
-	}
-	tmp = malloc(inlen);
-	/* setup IV by decrypting last two blocks */
-	EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
-	    in  + inlen - 2 * blocklen, blocklen * 2);
-	/* Do a decrypt of last decrypted block to set IV to correct value
-	 * output it to start of buffer so we don't corrupt decrypted block
-	 * this works because buffer is at least two block lengths long.
-	 */
-	EVP_DecryptUpdate(ctx, tmp, &outl,
-	    tmp  + inlen - blocklen, blocklen);
-	/* Can now decrypt first n - 1 blocks */
-	EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
-
-	/* Reset IV to original value */
-	EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-	/* Decrypt again */
-	EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
-	/* Check check bytes */
-	if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) &
-	    (tmp[3] ^ tmp[6])) != 0xff) {
-		/* Check byte failure */
-		goto err;
-	}
-	if (inlen < (size_t)(tmp[0] - 4 )) {
-		/* Invalid length value */
-		goto err;
-	}
-	*outlen = (size_t)tmp[0];
-	memcpy(out, tmp + 4, *outlen);
-	rv = 1;
-
-err:
-	explicit_bzero(tmp, inlen);
-	free(tmp);
-	return rv;
-}
-
-static int
-kek_wrap_key(unsigned char *out, size_t *outlen, const unsigned char *in,
-    size_t inlen, EVP_CIPHER_CTX *ctx)
-{
-	size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
-	size_t olen;
-	int dummy;
-
-	/* First decide length of output buffer: need header and round up to
-	 * multiple of block length.
-	 */
-	olen = (inlen + 4 + blocklen - 1)/blocklen;
-	olen *= blocklen;
-	if (olen < 2 * blocklen) {
-		/* Key too small */
-		return 0;
-	}
-	if (inlen > 0xFF) {
-		/* Key too large */
-		return 0;
-	}
-	if (out) {
-		/* Set header */
-		out[0] = (unsigned char)inlen;
-		out[1] = in[0] ^ 0xFF;
-		out[2] = in[1] ^ 0xFF;
-		out[3] = in[2] ^ 0xFF;
-		memcpy(out + 4, in, inlen);
-		/* Add random padding to end */
-		if (olen > inlen + 4)
-			arc4random_buf(out + 4 + inlen, olen - 4 - inlen);
-		/* Encrypt twice */
-		EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
-		EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
-	}
-
-	*outlen = olen;
-
-	return 1;
-}
-
-/* Encrypt/Decrypt content key in PWRI recipient info */
-
-int
-cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
-    int en_de)
-{
-	CMS_EncryptedContentInfo *ec;
-	CMS_PasswordRecipientInfo *pwri;
-	const unsigned char *p = NULL;
-	int plen;
-	int r = 0;
-	X509_ALGOR *algtmp, *kekalg = NULL;
-	EVP_CIPHER_CTX kekctx;
-	const EVP_CIPHER *kekcipher;
-	unsigned char *key = NULL;
-	size_t keylen;
-
-	ec = cms->d.envelopedData->encryptedContentInfo;
-
-	pwri = ri->d.pwri;
-	EVP_CIPHER_CTX_init(&kekctx);
-
-	if (!pwri->pass) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
-		goto err;
-	}
-	algtmp = pwri->keyEncryptionAlgorithm;
-
-	if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-		    CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
-		goto err;
-	}
-
-	if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
-		p = algtmp->parameter->value.sequence->data;
-		plen = algtmp->parameter->value.sequence->length;
-		kekalg = d2i_X509_ALGOR(NULL, &p, plen);
-	}
-	if (kekalg == NULL) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-		    CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
-		goto err;
-	}
-
-	kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
-
-	if (!kekcipher) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-		    CMS_R_UNKNOWN_CIPHER);
-		goto err;
-	}
-
-	/* Fixup cipher based on AlgorithmIdentifier to set IV etc */
-	if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
-		goto err;
-	EVP_CIPHER_CTX_set_padding(&kekctx, 0);
-	if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-		    CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
-		goto err;
-	}
-
-	algtmp = pwri->keyDerivationAlgorithm;
-
-	/* Finish password based key derivation to setup key in "ctx" */
-
-	if (EVP_PBE_CipherInit(algtmp->algorithm,
-	    (char *)pwri->pass, pwri->passlen,
-	    algtmp->parameter, &kekctx, en_de) < 0) {
-		CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
-		goto err;
-	}
-
-	/* Finally wrap/unwrap the key */
-
-	if (en_de) {
-
-		if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
-			goto err;
-
-		key = malloc(keylen);
-
-		if (!key)
-			goto err;
-
-		if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
-			goto err;
-		pwri->encryptedKey->data = key;
-		pwri->encryptedKey->length = keylen;
-	} else {
-		key = malloc(pwri->encryptedKey->length);
-
-		if (!key) {
-			CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!kek_unwrap_key(key, &keylen,
-		    pwri->encryptedKey->data,
-		    pwri->encryptedKey->length, &kekctx)) {
-			CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
-			    CMS_R_UNWRAP_FAILURE);
-			goto err;
-		}
-
-		ec->key = key;
-		ec->keylen = keylen;
-
-	}
-
-	r = 1;
-
-err:
-	EVP_CIPHER_CTX_cleanup(&kekctx);
-	if (!r && key)
-		free(key);
-	X509_ALGOR_free(kekalg);
-
-	return r;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_sd.c b/lib/libssl/src/crypto/cms/cms_sd.c
deleted file mode 100644
index 1623126e774..00000000000
--- a/lib/libssl/src/crypto/cms/cms_sd.c
+++ /dev/null
@@ -1,934 +0,0 @@
-/* $OpenBSD: cms_sd.c,v 1.10 2016/03/11 07:08:44 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "asn1_locl.h"
-#include "cms_lcl.h"
-
-/* CMS SignedData Utilities */
-
-DECLARE_ASN1_ITEM(CMS_SignedData)
-
-static CMS_SignedData *
-cms_get0_signed(CMS_ContentInfo *cms)
-{
-	if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) {
-		CMSerr(CMS_F_CMS_GET0_SIGNED,
-		    CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA);
-		return NULL;
-	}
-	return cms->d.signedData;
-}
-
-static CMS_SignedData *
-cms_signed_data_init(CMS_ContentInfo *cms)
-{
-	if (cms->d.other == NULL) {
-		cms->d.signedData = M_ASN1_new_of(CMS_SignedData);
-		if (!cms->d.signedData) {
-			CMSerr(CMS_F_CMS_SIGNED_DATA_INIT,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		cms->d.signedData->version = 1;
-		cms->d.signedData->encapContentInfo->eContentType =
-		    OBJ_nid2obj(NID_pkcs7_data);
-		cms->d.signedData->encapContentInfo->partial = 1;
-		ASN1_OBJECT_free(cms->contentType);
-		cms->contentType = OBJ_nid2obj(NID_pkcs7_signed);
-		return cms->d.signedData;
-	}
-	return cms_get0_signed(cms);
-}
-
-/* Just initialize SignedData e.g. for certs only structure */
-
-int
-CMS_SignedData_init(CMS_ContentInfo *cms)
-{
-	if (cms_signed_data_init(cms))
-		return 1;
-	else
-		return 0;
-}
-
-/* Check structures and fixup version numbers (if necessary) */
-
-static void
-cms_sd_set_version(CMS_SignedData *sd)
-{
-	int i;
-	CMS_CertificateChoices *cch;
-	CMS_RevocationInfoChoice *rch;
-	CMS_SignerInfo *si;
-
-	for (i = 0; i < sk_CMS_CertificateChoices_num(sd->certificates); i++) {
-		cch = sk_CMS_CertificateChoices_value(sd->certificates, i);
-		if (cch->type == CMS_CERTCHOICE_OTHER) {
-			if (sd->version < 5)
-				sd->version = 5;
-		} else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
-			if (sd->version < 4)
-				sd->version = 4;
-		} else if (cch->type == CMS_CERTCHOICE_V1ACERT) {
-			if (sd->version < 3)
-				sd->version = 3;
-		}
-	}
-
-	for (i = 0; i < sk_CMS_RevocationInfoChoice_num(sd->crls); i++) {
-		rch = sk_CMS_RevocationInfoChoice_value(sd->crls, i);
-		if (rch->type == CMS_REVCHOICE_OTHER) {
-			if (sd->version < 5)
-				sd->version = 5;
-		}
-	}
-
-	if ((OBJ_obj2nid(sd->encapContentInfo->eContentType) !=
-	    NID_pkcs7_data) && (sd->version < 3))
-		sd->version = 3;
-
-	for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
-		si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
-		if (si->sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
-			if (si->version < 3)
-				si->version = 3;
-			if (sd->version < 3)
-				sd->version = 3;
-		} else if (si->version < 1)
-			si->version = 1;
-	}
-
-	if (sd->version < 1)
-		sd->version = 1;
-}
-
-/* Copy an existing messageDigest value */
-
-static int
-cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
-{
-	STACK_OF(CMS_SignerInfo) *sinfos;
-	CMS_SignerInfo *sitmp;
-	int i;
-
-	sinfos = CMS_get0_SignerInfos(cms);
-	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-		ASN1_OCTET_STRING *messageDigest;
-		sitmp = sk_CMS_SignerInfo_value(sinfos, i);
-		if (sitmp == si)
-			continue;
-		if (CMS_signed_get_attr_count(sitmp) < 0)
-			continue;
-		if (OBJ_cmp(si->digestAlgorithm->algorithm,
-		    sitmp->digestAlgorithm->algorithm))
-			continue;
-		messageDigest = CMS_signed_get0_data_by_OBJ(sitmp,
-		    OBJ_nid2obj(NID_pkcs9_messageDigest),
-		    -3, V_ASN1_OCTET_STRING);
-		if (!messageDigest) {
-			CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST,
-			    CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
-			return 0;
-		}
-
-		if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
-		    V_ASN1_OCTET_STRING,
-		    messageDigest, -1))
-			return 1;
-		else
-			return 0;
-	}
-	CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, CMS_R_NO_MATCHING_DIGEST);
-	return 0;
-}
-
-int
-cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
-{
-	switch (type) {
-	case CMS_SIGNERINFO_ISSUER_SERIAL:
-		sid->d.issuerAndSerialNumber =
-		    M_ASN1_new_of(CMS_IssuerAndSerialNumber);
-		if (!sid->d.issuerAndSerialNumber)
-			goto merr;
-		if (!X509_NAME_set(&sid->d.issuerAndSerialNumber->issuer,
-		    X509_get_issuer_name(cert)))
-			goto merr;
-		if (!ASN1_STRING_copy(
-		    sid->d.issuerAndSerialNumber->serialNumber,
-		    X509_get_serialNumber(cert)))
-			goto merr;
-		break;
-
-	case CMS_SIGNERINFO_KEYIDENTIFIER:
-		if (!cert->skid) {
-			CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER,
-			    CMS_R_CERTIFICATE_HAS_NO_KEYID);
-			return 0;
-		}
-		sid->d.subjectKeyIdentifier = ASN1_STRING_dup(cert->skid);
-		if (!sid->d.subjectKeyIdentifier)
-			goto merr;
-		break;
-
-	default:
-		CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, CMS_R_UNKNOWN_ID);
-		return 0;
-	}
-
-	sid->type = type;
-
-	return 1;
-
-merr:
-	CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int
-cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
-    ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno)
-{
-	if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
-		if (issuer)
-			*issuer = sid->d.issuerAndSerialNumber->issuer;
-		if (sno)
-			*sno = sid->d.issuerAndSerialNumber->serialNumber;
-	} else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
-		if (keyid)
-			*keyid = sid->d.subjectKeyIdentifier;
-	} else
-		return 0;
-	return 1;
-}
-
-int
-cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
-{
-	int ret;
-
-	if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
-		ret = X509_NAME_cmp(sid->d.issuerAndSerialNumber->issuer,
-		    X509_get_issuer_name(cert));
-		if (ret)
-			return ret;
-		return ASN1_INTEGER_cmp(sid->d.issuerAndSerialNumber->serialNumber,
-		    X509_get_serialNumber(cert));
-	} else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
-		X509_check_purpose(cert, -1, -1);
-		if (!cert->skid)
-			return -1;
-		return ASN1_OCTET_STRING_cmp(sid->d.subjectKeyIdentifier,
-		    cert->skid);
-	} else
-		return -1;
-}
-
-CMS_SignerInfo *
-CMS_add1_signer(CMS_ContentInfo *cms, X509 *signer, EVP_PKEY *pk,
-    const EVP_MD *md, unsigned int flags)
-{
-	CMS_SignedData *sd;
-	CMS_SignerInfo *si = NULL;
-	X509_ALGOR *alg;
-	int i, type;
-
-	if (!X509_check_private_key(signer, pk)) {
-		CMSerr(CMS_F_CMS_ADD1_SIGNER,
-		    CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		return NULL;
-	}
-	sd = cms_signed_data_init(cms);
-	if (!sd)
-		goto err;
-	si = M_ASN1_new_of(CMS_SignerInfo);
-	if (!si)
-		goto merr;
-	X509_check_purpose(signer, -1, -1);
-
-	CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-
-	si->pkey = pk;
-	si->signer = signer;
-
-	if (flags & CMS_USE_KEYID) {
-		si->version = 3;
-		if (sd->version < 3)
-			sd->version = 3;
-		type = CMS_SIGNERINFO_KEYIDENTIFIER;
-	} else {
-		type = CMS_SIGNERINFO_ISSUER_SERIAL;
-		si->version = 1;
-	}
-
-	if (!cms_set1_SignerIdentifier(si->sid, signer, type))
-		goto err;
-
-	if (md == NULL) {
-		int def_nid;
-		if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
-			goto err;
-		md = EVP_get_digestbynid(def_nid);
-		if (md == NULL) {
-			CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST);
-			goto err;
-		}
-	}
-
-	if (!md) {
-		CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
-		goto err;
-	}
-
-	cms_DigestAlgorithm_set(si->digestAlgorithm, md);
-
-	/* See if digest is present in digestAlgorithms */
-	for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
-		ASN1_OBJECT *aoid;
-		alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
-		X509_ALGOR_get0(&aoid, NULL, NULL, alg);
-		if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
-			break;
-	}
-
-	if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) {
-		alg = X509_ALGOR_new();
-		if (!alg)
-			goto merr;
-		cms_DigestAlgorithm_set(alg, md);
-		if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) {
-			X509_ALGOR_free(alg);
-			goto merr;
-		}
-	}
-
-	if (pk->ameth && pk->ameth->pkey_ctrl) {
-		i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_SIGN,
-		    0, si);
-		if (i == -2) {
-			CMSerr(CMS_F_CMS_ADD1_SIGNER,
-			    CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-			goto err;
-		}
-		if (i <= 0) {
-			CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_CTRL_FAILURE);
-			goto err;
-		}
-	}
-
-	if (!(flags & CMS_NOATTR)) {
-		/* Initialialize signed attributes strutucture so other
-		 * attributes such as signing time etc are added later
-		 * even if we add none here.
-		 */
-		if (!si->signedAttrs) {
-			si->signedAttrs = sk_X509_ATTRIBUTE_new_null();
-			if (!si->signedAttrs)
-				goto merr;
-		}
-
-		if (!(flags & CMS_NOSMIMECAP)) {
-			STACK_OF(X509_ALGOR) *smcap = NULL;
-			i = CMS_add_standard_smimecap(&smcap);
-			if (i)
-				i = CMS_add_smimecap(si, smcap);
-			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-			if (!i)
-				goto merr;
-		}
-		if (flags & CMS_REUSE_DIGEST) {
-			if (!cms_copy_messageDigest(cms, si))
-				goto err;
-			if (!(flags & CMS_PARTIAL) &&
-			    !CMS_SignerInfo_sign(si))
-				goto err;
-		}
-	}
-
-	if (!(flags & CMS_NOCERTS)) {
-		/* NB ignore -1 return for duplicate cert */
-		if (!CMS_add1_cert(cms, signer))
-			goto merr;
-	}
-
-	if (!sd->signerInfos)
-		sd->signerInfos = sk_CMS_SignerInfo_new_null();
-	if (!sd->signerInfos ||
-	    !sk_CMS_SignerInfo_push(sd->signerInfos, si))
-		goto merr;
-
-	return si;
-
-merr:
-	CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
-err:
-	if (si)
-		M_ASN1_free_of(si, CMS_SignerInfo);
-	return NULL;
-}
-
-static int
-cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
-{
-	ASN1_TIME *tt;
-	int r = 0;
-
-	if (t)
-		tt = t;
-	else
-		tt = X509_gmtime_adj(NULL, 0);
-
-	if (!tt)
-		goto merr;
-
-	if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime,
-	    tt->type, tt, -1) <= 0)
-		goto merr;
-
-	r = 1;
-
-merr:
-	if (!t)
-		ASN1_TIME_free(tt);
-	if (!r)
-		CMSerr(CMS_F_CMS_ADD1_SIGNINGTIME, ERR_R_MALLOC_FAILURE);
-
-	return r;
-}
-
-STACK_OF(CMS_SignerInfo) *
-CMS_get0_SignerInfos(CMS_ContentInfo *cms)
-{
-	CMS_SignedData *sd;
-
-	sd = cms_get0_signed(cms);
-	if (!sd)
-		return NULL;
-	return sd->signerInfos;
-}
-
-STACK_OF(X509) *
-CMS_get0_signers(CMS_ContentInfo *cms)
-{
-	STACK_OF(X509) *signers = NULL;
-	STACK_OF(CMS_SignerInfo) *sinfos;
-	CMS_SignerInfo *si;
-	int i;
-
-	sinfos = CMS_get0_SignerInfos(cms);
-	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-		si = sk_CMS_SignerInfo_value(sinfos, i);
-		if (si->signer) {
-			if (!signers) {
-				signers = sk_X509_new_null();
-				if (!signers)
-					return NULL;
-			}
-			if (!sk_X509_push(signers, si->signer)) {
-				sk_X509_free(signers);
-				return NULL;
-			}
-		}
-	}
-	return signers;
-}
-
-void
-CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
-{
-	if (signer) {
-		CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-		EVP_PKEY_free(si->pkey);
-		si->pkey = X509_get_pubkey(signer);
-	}
-	X509_free(si->signer);
-	si->signer = signer;
-}
-
-int
-CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid,
-    X509_NAME **issuer, ASN1_INTEGER **sno)
-{
-	return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
-}
-
-int
-CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
-{
-	return cms_SignerIdentifier_cert_cmp(si->sid, cert);
-}
-
-int
-CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
-    unsigned int flags)
-{
-	CMS_SignedData *sd;
-	CMS_SignerInfo *si;
-	CMS_CertificateChoices *cch;
-	STACK_OF(CMS_CertificateChoices) *certs;
-	X509 *x;
-	int i, j;
-	int ret = 0;
-
-	sd = cms_get0_signed(cms);
-	if (!sd)
-		return -1;
-	certs = sd->certificates;
-	for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
-		si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
-		if (si->signer)
-			continue;
-
-		for (j = 0; j < sk_X509_num(scerts); j++) {
-			x = sk_X509_value(scerts, j);
-			if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
-				CMS_SignerInfo_set1_signer_cert(si, x);
-				ret++;
-				break;
-			}
-		}
-
-		if (si->signer || (flags & CMS_NOINTERN))
-			continue;
-
-		for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++) {
-			cch = sk_CMS_CertificateChoices_value(certs, j);
-			if (cch->type != 0)
-				continue;
-			x = cch->d.certificate;
-			if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
-				CMS_SignerInfo_set1_signer_cert(si, x);
-				ret++;
-				break;
-			}
-		}
-	}
-	return ret;
-}
-
-void
-CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, X509 **signer,
-    X509_ALGOR **pdig, X509_ALGOR **psig)
-{
-	if (pk)
-		*pk = si->pkey;
-	if (signer)
-		*signer = si->signer;
-	if (pdig)
-		*pdig = si->digestAlgorithm;
-	if (psig)
-		*psig = si->signatureAlgorithm;
-}
-
-static int
-cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMS_SignerInfo *si,
-    BIO *chain)
-{
-	EVP_MD_CTX mctx;
-	int r = 0;
-	EVP_MD_CTX_init(&mctx);
-
-	if (!si->pkey) {
-		CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
-		return 0;
-	}
-
-	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
-		goto err;
-
-	/* If any signed attributes calculate and add messageDigest attribute */
-
-	if (CMS_signed_get_attr_count(si) >= 0) {
-		ASN1_OBJECT *ctype =
-		    cms->d.signedData->encapContentInfo->eContentType;
-		unsigned char md[EVP_MAX_MD_SIZE];
-		unsigned int mdlen;
-		if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
-			goto err;
-		if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
-		    V_ASN1_OCTET_STRING,
-		    md, mdlen))
-			goto err;
-		/* Copy content type across */
-		if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
-		    V_ASN1_OBJECT, ctype, -1) <= 0)
-			goto err;
-		if (!CMS_SignerInfo_sign(si))
-			goto err;
-	} else {
-		unsigned char *sig;
-		unsigned int siglen;
-		sig = malloc(EVP_PKEY_size(si->pkey));
-		if (!sig) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN,
-			    CMS_R_SIGNFINAL_ERROR);
-			free(sig);
-			goto err;
-		}
-		ASN1_STRING_set0(si->signature, sig, siglen);
-	}
-
-	r = 1;
-
-err:
-	EVP_MD_CTX_cleanup(&mctx);
-	return r;
-}
-
-int
-cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
-{
-	STACK_OF(CMS_SignerInfo) *sinfos;
-	CMS_SignerInfo *si;
-	int i;
-
-	sinfos = CMS_get0_SignerInfos(cms);
-	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-		si = sk_CMS_SignerInfo_value(sinfos, i);
-		if (!cms_SignerInfo_content_sign(cms, si, chain))
-			return 0;
-	}
-	cms->d.signedData->encapContentInfo->partial = 0;
-	return 1;
-}
-
-int
-CMS_SignerInfo_sign(CMS_SignerInfo *si)
-{
-	EVP_MD_CTX mctx;
-	EVP_PKEY_CTX *pctx;
-	unsigned char *abuf = NULL;
-	int alen;
-	size_t siglen;
-	const EVP_MD *md = NULL;
-
-	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-	if (md == NULL)
-		return 0;
-
-	EVP_MD_CTX_init(&mctx);
-
-	if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) {
-		if (!cms_add1_signingTime(si, NULL))
-			goto err;
-	}
-
-	if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-	    EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) {
-		CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
-		goto err;
-	}
-
-	alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
-	    ASN1_ITEM_rptr(CMS_Attributes_Sign));
-	if (!abuf)
-		goto err;
-	if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
-		goto err;
-	if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
-		goto err;
-	free(abuf);
-	abuf = malloc(siglen);
-	if (!abuf)
-		goto err;
-	if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-	    EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) {
-		CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
-		goto err;
-	}
-
-	EVP_MD_CTX_cleanup(&mctx);
-
-	ASN1_STRING_set0(si->signature, abuf, siglen);
-
-	return 1;
-
-err:
-	free(abuf);
-	EVP_MD_CTX_cleanup(&mctx);
-	return 0;
-}
-
-int
-CMS_SignerInfo_verify(CMS_SignerInfo *si)
-{
-	EVP_MD_CTX mctx;
-	EVP_PKEY_CTX *pctx;
-	unsigned char *abuf = NULL;
-	int alen, r = -1;
-	const EVP_MD *md = NULL;
-
-	if (!si->pkey) {
-		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY);
-		return -1;
-	}
-
-	md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
-	if (md == NULL)
-		return -1;
-	EVP_MD_CTX_init(&mctx);
-	if (EVP_DigestVerifyInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
-		goto err;
-
-	alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
-	    ASN1_ITEM_rptr(CMS_Attributes_Verify));
-	if (!abuf)
-		goto err;
-	r = EVP_DigestVerifyUpdate(&mctx, abuf, alen);
-	free(abuf);
-	if (r <= 0) {
-		r = -1;
-		goto err;
-	}
-	r = EVP_DigestVerifyFinal(&mctx,
-	    si->signature->data, si->signature->length);
-	if (r <= 0)
-		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
-
-err:
-	EVP_MD_CTX_cleanup(&mctx);
-	return r;
-}
-
-/* Create a chain of digest BIOs from a CMS ContentInfo */
-
-BIO *
-cms_SignedData_init_bio(CMS_ContentInfo *cms)
-{
-	int i;
-	CMS_SignedData *sd;
-	BIO *chain = NULL;
-
-	sd = cms_get0_signed(cms);
-	if (!sd)
-		return NULL;
-	if (cms->d.signedData->encapContentInfo->partial)
-		cms_sd_set_version(sd);
-	for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
-		X509_ALGOR *digestAlgorithm;
-		BIO *mdbio;
-		digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
-		mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm);
-		if (!mdbio)
-			goto err;
-		if (chain)
-			BIO_push(chain, mdbio);
-		else
-			chain = mdbio;
-	}
-	return chain;
-
-err:
-	if (chain)
-		BIO_free_all(chain);
-	return NULL;
-}
-
-int
-CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
-{
-	ASN1_OCTET_STRING *os = NULL;
-	EVP_MD_CTX mctx;
-	int r = -1;
-
-	EVP_MD_CTX_init(&mctx);
-	/* If we have any signed attributes look for messageDigest value */
-	if (CMS_signed_get_attr_count(si) >= 0) {
-		os = CMS_signed_get0_data_by_OBJ(si,
-		    OBJ_nid2obj(NID_pkcs9_messageDigest),
-		    -3, V_ASN1_OCTET_STRING);
-		if (!os) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-			    CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
-			goto err;
-		}
-	}
-
-	if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
-		goto err;
-
-	/* If messageDigest found compare it */
-
-	if (os) {
-		unsigned char mval[EVP_MAX_MD_SIZE];
-		unsigned int mlen;
-		if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-			    CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
-			goto err;
-		}
-		if (mlen != (unsigned int)os->length) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-			    CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
-			goto err;
-		}
-
-		if (memcmp(mval, os->data, mlen)) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-			    CMS_R_VERIFICATION_FAILURE);
-			r = 0;
-		} else
-			r = 1;
-	} else {
-		r = EVP_VerifyFinal(&mctx, si->signature->data,
-		    si->signature->length, si->pkey);
-		if (r <= 0) {
-			CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
-			    CMS_R_VERIFICATION_FAILURE);
-			r = 0;
-		}
-	}
-
-err:
-	EVP_MD_CTX_cleanup(&mctx);
-	return r;
-}
-
-int
-CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs)
-{
-	unsigned char *smder = NULL;
-	int smderlen, r;
-
-	smderlen = i2d_X509_ALGORS(algs, &smder);
-	if (smderlen <= 0)
-		return 0;
-	r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities,
-	    V_ASN1_SEQUENCE, smder, smderlen);
-	free(smder);
-	return r;
-}
-
-int
-CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, int algnid, int keysize)
-{
-	X509_ALGOR *alg;
-	ASN1_INTEGER *key = NULL;
-
-	if (keysize > 0) {
-		key = ASN1_INTEGER_new();
-		if (!key || !ASN1_INTEGER_set(key, keysize))
-			return 0;
-	}
-	alg = X509_ALGOR_new();
-	if (!alg) {
-		if (key)
-			ASN1_INTEGER_free(key);
-		return 0;
-	}
-
-	X509_ALGOR_set0(alg, OBJ_nid2obj(algnid),
-	    key ? V_ASN1_INTEGER : V_ASN1_UNDEF, key);
-	if (!*algs)
-		*algs = sk_X509_ALGOR_new_null();
-	if (!*algs || !sk_X509_ALGOR_push(*algs, alg)) {
-		X509_ALGOR_free(alg);
-		return 0;
-	}
-	return 1;
-}
-
-/* Check to see if a cipher exists and if so add S/MIME capabilities */
-
-static int
-cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
-{
-	if (EVP_get_cipherbynid(nid))
-		return CMS_add_simple_smimecap(sk, nid, arg);
-	return 1;
-}
-
-static int
-cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
-{
-	if (EVP_get_digestbynid(nid))
-		return CMS_add_simple_smimecap(sk, nid, arg);
-	return 1;
-}
-
-int
-CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
-{
-	if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1) ||
-	    !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1) ||
-	    !cms_add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_256, -1) ||
-	    !cms_add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_512, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 128) ||
-	    !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 64) ||
-	    !cms_add_cipher_smcap(smcap, NID_des_cbc, -1) ||
-	    !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 40))
-		return 0;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/cms/cms_smime.c b/lib/libssl/src/crypto/cms/cms_smime.c
deleted file mode 100644
index 030cf74d21d..00000000000
--- a/lib/libssl/src/crypto/cms/cms_smime.c
+++ /dev/null
@@ -1,821 +0,0 @@
-/* $OpenBSD: cms_smime.c,v 1.13 2015/06/11 16:02:05 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/asn1t.h>
-#include <openssl/cms.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "cms_lcl.h"
-
-static int
-cms_copy_content(BIO *out, BIO *in, unsigned int flags)
-{
-	unsigned char buf[4096];
-	int r = 0, i;
-	BIO *tmpout = NULL;
-
-	if (out == NULL)
-		tmpout = BIO_new(BIO_s_null());
-	else if (flags & CMS_TEXT) {
-		tmpout = BIO_new(BIO_s_mem());
-		BIO_set_mem_eof_return(tmpout, 0);
-	} else
-		tmpout = out;
-
-	if (!tmpout) {
-		CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* Read all content through chain to process digest, decrypt etc */
-	for (;;) {
-		i = BIO_read(in, buf, sizeof(buf));
-		if (i <= 0) {
-			if (BIO_method_type(in) == BIO_TYPE_CIPHER) {
-				if (!BIO_get_cipher_status(in))
-					goto err;
-			}
-			if (i < 0)
-				goto err;
-			break;
-		}
-
-		if (tmpout && (BIO_write(tmpout, buf, i) != i))
-			goto err;
-	}
-
-	if (flags & CMS_TEXT) {
-		if (!SMIME_text(tmpout, out)) {
-			CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR);
-			goto err;
-		}
-	}
-
-	r = 1;
-
-err:
-	if (tmpout && (tmpout != out))
-		BIO_free(tmpout);
-	return r;
-}
-
-static int
-check_content(CMS_ContentInfo *cms)
-{
-	ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
-
-	if (!pos || !*pos) {
-		CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
-		return 0;
-	}
-	return 1;
-}
-
-static void
-do_free_upto(BIO *f, BIO *upto)
-{
-	if (upto) {
-		BIO *tbio;
-		do {
-			tbio = BIO_pop(f);
-			BIO_free(f);
-			f = tbio;
-		} while (f != NULL && f != upto);
-	} else
-		BIO_free_all(f);
-}
-
-int
-CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
-{
-	BIO *cont;
-	int r;
-
-	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
-		CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
-		return 0;
-	}
-	cont = CMS_dataInit(cms, NULL);
-	if (!cont)
-		return 0;
-	r = cms_copy_content(out, cont, flags);
-	BIO_free_all(cont);
-	return r;
-}
-
-CMS_ContentInfo *
-CMS_data_create(BIO *in, unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-
-	cms = cms_Data_create();
-	if (!cms)
-		return NULL;
-
-	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-		return cms;
-
-	CMS_ContentInfo_free(cms);
-
-	return NULL;
-}
-
-int
-CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
-    unsigned int flags)
-{
-	BIO *cont;
-	int r;
-
-	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
-		CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
-		return 0;
-	}
-
-	if (!dcont && !check_content(cms))
-		return 0;
-
-	cont = CMS_dataInit(cms, dcont);
-	if (!cont)
-		return 0;
-	r = cms_copy_content(out, cont, flags);
-	if (r)
-		r = cms_DigestedData_do_final(cms, cont, 1);
-	do_free_upto(cont, dcont);
-	return r;
-}
-
-CMS_ContentInfo *
-CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-
-	if (!md)
-		md = EVP_sha1();
-	cms = cms_DigestedData_create(md);
-	if (!cms)
-		return NULL;
-
-	if (!(flags & CMS_DETACHED))
-		CMS_set_detached(cms, 0);
-
-	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-		return cms;
-
-	CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-int
-CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key,
-    size_t keylen, BIO *dcont, BIO *out, unsigned int flags)
-{
-	BIO *cont;
-	int r;
-
-	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
-		    CMS_R_TYPE_NOT_ENCRYPTED_DATA);
-		return 0;
-	}
-
-	if (!dcont && !check_content(cms))
-		return 0;
-
-	if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
-		return 0;
-	cont = CMS_dataInit(cms, dcont);
-	if (!cont)
-		return 0;
-	r = cms_copy_content(out, cont, flags);
-	do_free_upto(cont, dcont);
-	return r;
-}
-
-CMS_ContentInfo *
-CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
-    const unsigned char *key, size_t keylen, unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-
-	if (!cipher) {
-		CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
-		return NULL;
-	}
-	cms = CMS_ContentInfo_new();
-	if (!cms)
-		return NULL;
-	if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
-		return NULL;
-
-	if (!(flags & CMS_DETACHED))
-		CMS_set_detached(cms, 0);
-
-	if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
-	    CMS_final(cms, in, NULL, flags))
-		return cms;
-
-	CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-static int
-cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509_STORE *store,
-    STACK_OF(X509) *certs, STACK_OF(X509_CRL) *crls, unsigned int flags)
-{
-	X509_STORE_CTX ctx;
-	X509 *signer;
-	int i, j, r = 0;
-
-	CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
-	if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) {
-		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
-		    CMS_R_STORE_INIT_ERROR);
-		goto err;
-	}
-	X509_STORE_CTX_set_default(&ctx, "smime_sign");
-	if (crls)
-		X509_STORE_CTX_set0_crls(&ctx, crls);
-
-	i = X509_verify_cert(&ctx);
-	if (i <= 0) {
-		j = X509_STORE_CTX_get_error(&ctx);
-		CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
-		    CMS_R_CERTIFICATE_VERIFY_ERROR);
-		ERR_asprintf_error_data("Verify error:%s",
-		    X509_verify_cert_error_string(j));
-		goto err;
-	}
-	r = 1;
-
-err:
-	X509_STORE_CTX_cleanup(&ctx);
-	return r;
-}
-
-int
-CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store,
-    BIO *dcont, BIO *out, unsigned int flags)
-{
-	CMS_SignerInfo *si;
-	STACK_OF(CMS_SignerInfo) *sinfos;
-	STACK_OF(X509) *cms_certs = NULL;
-	STACK_OF(X509_CRL) *crls = NULL;
-	X509 *signer;
-	int i, scount = 0, ret = 0;
-	BIO *cmsbio = NULL, *tmpin = NULL;
-
-	if (!dcont && !check_content(cms))
-		return 0;
-
-	/* Attempt to find all signer certificates */
-
-	sinfos = CMS_get0_SignerInfos(cms);
-
-	if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
-		CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
-		goto err;
-	}
-
-	for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-		si = sk_CMS_SignerInfo_value(sinfos, i);
-		CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
-		if (signer)
-			scount++;
-	}
-
-	if (scount != sk_CMS_SignerInfo_num(sinfos))
-		scount += CMS_set1_signers_certs(cms, certs, flags);
-
-	if (scount != sk_CMS_SignerInfo_num(sinfos)) {
-		CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
-		goto err;
-	}
-
-	/* Attempt to verify all signers certs */
-
-	if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) {
-		cms_certs = CMS_get1_certs(cms);
-		if (!(flags & CMS_NOCRL))
-			crls = CMS_get1_crls(cms);
-		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-			si = sk_CMS_SignerInfo_value(sinfos, i);
-			if (!cms_signerinfo_verify_cert(si, store,
-			    cms_certs, crls, flags))
-				goto err;
-		}
-	}
-
-	/* Attempt to verify all SignerInfo signed attribute signatures */
-
-	if (!(flags & CMS_NO_ATTR_VERIFY)) {
-		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-			si = sk_CMS_SignerInfo_value(sinfos, i);
-			if (CMS_signed_get_attr_count(si) < 0)
-				continue;
-			if (CMS_SignerInfo_verify(si) <= 0)
-				goto err;
-		}
-	}
-
-	/* Performance optimization: if the content is a memory BIO then
-	 * store its contents in a temporary read only memory BIO. This
-	 * avoids potentially large numbers of slow copies of data which will
-	 * occur when reading from a read write memory BIO when signatures
-	 * are calculated.
-	 */
-
-	if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
-		char *ptr;
-		long len;
-		len = BIO_get_mem_data(dcont, &ptr);
-		tmpin = BIO_new_mem_buf(ptr, len);
-		if (tmpin == NULL) {
-			CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	} else
-		tmpin = dcont;
-
-
-	cmsbio = CMS_dataInit(cms, tmpin);
-	if (!cmsbio)
-		goto err;
-
-	if (!cms_copy_content(out, cmsbio, flags))
-		goto err;
-
-	if (!(flags & CMS_NO_CONTENT_VERIFY)) {
-		for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
-			si = sk_CMS_SignerInfo_value(sinfos, i);
-			if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
-				CMSerr(CMS_F_CMS_VERIFY,
-				    CMS_R_CONTENT_VERIFY_ERROR);
-				goto err;
-			}
-		}
-	}
-
-	ret = 1;
-
-err:
-	if (dcont && (tmpin == dcont))
-		do_free_upto(cmsbio, dcont);
-	else
-		BIO_free_all(cmsbio);
-
-	if (cms_certs)
-		sk_X509_pop_free(cms_certs, X509_free);
-	if (crls)
-		sk_X509_CRL_pop_free(crls, X509_CRL_free);
-
-	return ret;
-}
-
-int
-CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
-    STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags)
-{
-	int r;
-
-	flags &= ~(CMS_DETACHED|CMS_TEXT);
-	r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
-	if (r <= 0)
-		return r;
-	return cms_Receipt_verify(rcms, ocms);
-}
-
-CMS_ContentInfo *
-CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
-    unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-	int i;
-
-	cms = CMS_ContentInfo_new();
-	if (!cms || !CMS_SignedData_init(cms))
-		goto merr;
-
-	if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
-		CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
-		goto err;
-	}
-
-	for (i = 0; i < sk_X509_num(certs); i++) {
-		X509 *x = sk_X509_value(certs, i);
-		if (!CMS_add1_cert(cms, x))
-			goto merr;
-	}
-
-	if (!(flags & CMS_DETACHED))
-		CMS_set_detached(cms, 0);
-
-	if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
-	    CMS_final(cms, data, NULL, flags))
-		return cms;
-	else
-		goto err;
-
-merr:
-	CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
-err:
-	if (cms)
-		CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-CMS_ContentInfo *
-CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey,
-    STACK_OF(X509) *certs, unsigned int flags)
-{
-	CMS_SignerInfo *rct_si;
-	CMS_ContentInfo *cms = NULL;
-	ASN1_OCTET_STRING **pos, *os;
-	BIO *rct_cont = NULL;
-	int r = 0;
-
-	flags &= ~(CMS_STREAM|CMS_TEXT);
-	/* Not really detached but avoids content being allocated */
-	flags |= CMS_PARTIAL|CMS_BINARY|CMS_DETACHED;
-	if (!pkey || !signcert) {
-		CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
-		return NULL;
-	}
-
-	/* Initialize signed data */
-
-	cms = CMS_sign(NULL, NULL, certs, NULL, flags);
-	if (!cms)
-		goto err;
-
-	/* Set inner content type to signed receipt */
-	if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt)))
-		goto err;
-
-	rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
-	if (!rct_si) {
-		CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
-		goto err;
-	}
-
-	os = cms_encode_Receipt(si);
-
-	if (!os)
-		goto err;
-
-	/* Set content to digest */
-	rct_cont = BIO_new_mem_buf(os->data, os->length);
-	if (!rct_cont)
-		goto err;
-
-	/* Add msgSigDigest attribute */
-
-	if (!cms_msgSigDigest_add1(rct_si, si))
-		goto err;
-
-	/* Finalize structure */
-	if (!CMS_final(cms, rct_cont, NULL, flags))
-		goto err;
-
-	/* Set embedded content */
-	pos = CMS_get0_content(cms);
-	*pos = os;
-
-	r = 1;
-
-err:
-	if (rct_cont)
-		BIO_free(rct_cont);
-	if (r)
-		return cms;
-	CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-CMS_ContentInfo *
-CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher,
-    unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-	int i;
-	X509 *recip;
-
-	cms = CMS_EnvelopedData_create(cipher);
-	if (!cms)
-		goto merr;
-	for (i = 0; i < sk_X509_num(certs); i++) {
-		recip = sk_X509_value(certs, i);
-		if (!CMS_add1_recipient_cert(cms, recip, flags)) {
-			CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
-			goto err;
-		}
-	}
-
-	if (!(flags & CMS_DETACHED))
-		CMS_set_detached(cms, 0);
-
-	if ((flags & (CMS_STREAM|CMS_PARTIAL)) ||
-	    CMS_final(cms, data, NULL, flags))
-		return cms;
-	else
-		goto err;
-
-merr:
-	CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
-err:
-	if (cms)
-		CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-int
-CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
-{
-	STACK_OF(CMS_RecipientInfo) *ris;
-	CMS_RecipientInfo *ri;
-	int i, r;
-	int debug = 0, match_ri = 0;
-
-	ris = CMS_get0_RecipientInfos(cms);
-	if (ris)
-		debug = cms->d.envelopedData->encryptedContentInfo->debug;
-	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-		ri = sk_CMS_RecipientInfo_value(ris, i);
-		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_TRANS)
-			continue;
-		match_ri = 1;
-		/* If we have a cert try matching RecipientInfo
-		 * otherwise try them all.
-		 */
-		if (!cert || (CMS_RecipientInfo_ktri_cert_cmp(ri, cert) == 0)) {
-			CMS_RecipientInfo_set0_pkey(ri, pk);
-			r = CMS_RecipientInfo_decrypt(cms, ri);
-			CMS_RecipientInfo_set0_pkey(ri, NULL);
-			if (cert) {
-				/* If not debugging clear any error and
-				 * return success to avoid leaking of
-				 * information useful to MMA
-				 */
-				if (!debug) {
-					ERR_clear_error();
-					return 1;
-				}
-				if (r > 0)
-					return 1;
-				CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
-				    CMS_R_DECRYPT_ERROR);
-				return 0;
-			}
-			/* If no cert and not debugging don't leave loop
-			 * after first successful decrypt. Always attempt
-			 * to decrypt all recipients to avoid leaking timing
-			 * of a successful decrypt.
-			 */
-			else if (r > 0 && debug)
-				return 1;
-		}
-	}
-	/* If no cert and not debugging always return success */
-	if (match_ri && !cert && !debug) {
-		ERR_clear_error();
-		return 1;
-	}
-
-	CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
-	return 0;
-}
-
-int
-CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, size_t keylen,
-    unsigned char *id, size_t idlen)
-{
-	STACK_OF(CMS_RecipientInfo) *ris;
-	CMS_RecipientInfo *ri;
-	int i, r;
-
-	ris = CMS_get0_RecipientInfos(cms);
-	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-		ri = sk_CMS_RecipientInfo_value(ris, i);
-		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
-			continue;
-
-		/* If we have an id try matching RecipientInfo
-		 * otherwise try them all.
-		 */
-		if (!id ||
-		    (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
-			CMS_RecipientInfo_set0_key(ri, key, keylen);
-			r = CMS_RecipientInfo_decrypt(cms, ri);
-			CMS_RecipientInfo_set0_key(ri, NULL, 0);
-			if (r > 0)
-				return 1;
-			if (id) {
-				CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY,
-				    CMS_R_DECRYPT_ERROR);
-				return 0;
-			}
-			ERR_clear_error();
-		}
-	}
-
-	CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
-	return 0;
-}
-
-int
-CMS_decrypt_set1_password(CMS_ContentInfo *cms, unsigned char *pass,
-    ssize_t passlen)
-{
-	STACK_OF(CMS_RecipientInfo) *ris;
-	CMS_RecipientInfo *ri;
-	int i, r;
-
-	ris = CMS_get0_RecipientInfos(cms);
-	for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
-		ri = sk_CMS_RecipientInfo_value(ris, i);
-		if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
-			continue;
-		CMS_RecipientInfo_set0_password(ri, pass, passlen);
-		r = CMS_RecipientInfo_decrypt(cms, ri);
-		CMS_RecipientInfo_set0_password(ri, NULL, 0);
-		if (r > 0)
-			return 1;
-	}
-
-	CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
-	return 0;
-}
-
-int
-CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, BIO *dcont,
-    BIO *out, unsigned int flags)
-{
-	int r;
-	BIO *cont;
-
-	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
-		CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
-		return 0;
-	}
-	if (!dcont && !check_content(cms))
-		return 0;
-	if (flags & CMS_DEBUG_DECRYPT)
-		cms->d.envelopedData->encryptedContentInfo->debug = 1;
-	else
-		cms->d.envelopedData->encryptedContentInfo->debug = 0;
-	if (!pk && !cert && !dcont && !out)
-		return 1;
-	if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
-		return 0;
-	cont = CMS_dataInit(cms, dcont);
-	if (!cont)
-		return 0;
-	r = cms_copy_content(out, cont, flags);
-	do_free_upto(cont, dcont);
-	return r;
-}
-
-int
-CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
-{
-	BIO *cmsbio;
-	int ret = 0;
-
-	if (!(cmsbio = CMS_dataInit(cms, dcont))) {
-		CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	SMIME_crlf_copy(data, cmsbio, flags);
-
-	(void)BIO_flush(cmsbio);
-
-
-	if (!CMS_dataFinal(cms, cmsbio)) {
-		CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
-		goto err;
-	}
-
-	ret = 1;
-
-err:
-	do_free_upto(cmsbio, dcont);
-
-	return ret;
-}
-
-#ifdef ZLIB
-
-int
-CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
-{
-	BIO *cont;
-	int r;
-
-	if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
-		CMSerr(CMS_F_CMS_UNCOMPRESS,
-		    CMS_R_TYPE_NOT_COMPRESSED_DATA);
-		return 0;
-	}
-
-	if (!dcont && !check_content(cms))
-		return 0;
-
-	cont = CMS_dataInit(cms, dcont);
-	if (!cont)
-		return 0;
-	r = cms_copy_content(out, cont, flags);
-	do_free_upto(cont, dcont);
-	return r;
-}
-
-CMS_ContentInfo *
-CMS_compress(BIO *in, int comp_nid, unsigned int flags)
-{
-	CMS_ContentInfo *cms;
-
-	if (comp_nid <= 0)
-		comp_nid = NID_zlib_compression;
-	cms = cms_CompressedData_create(comp_nid);
-	if (!cms)
-		return NULL;
-
-	if (!(flags & CMS_DETACHED))
-		CMS_set_detached(cms, 0);
-
-	if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
-		return cms;
-
-	CMS_ContentInfo_free(cms);
-	return NULL;
-}
-
-#else
-
-int
-CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags)
-{
-	CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-	return 0;
-}
-
-CMS_ContentInfo *
-CMS_compress(BIO *in, int comp_nid, unsigned int flags)
-{
-	CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-	return NULL;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/comp/c_rle.c b/lib/libssl/src/crypto/comp/c_rle.c
deleted file mode 100644
index 7004c350299..00000000000
--- a/lib/libssl/src/crypto/comp/c_rle.c
+++ /dev/null
@@ -1,55 +0,0 @@
-/* $OpenBSD: c_rle.c,v 1.8 2014/11/03 16:58:28 tedu Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen);
-static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen);
-
-static COMP_METHOD rle_method = {
-	.type = NID_rle_compression,
-	.name = LN_rle_compression,
-	.compress = rle_compress_block,
-	.expand = rle_expand_block
-};
-
-COMP_METHOD *
-COMP_rle(void)
-{
-	return (&rle_method);
-}
-
-static int
-rle_compress_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
-    unsigned char *in, unsigned int ilen)
-{
-
-	if (ilen == 0 || olen < (ilen - 1)) {
-		return (-1);
-	}
-
-	*(out++) = 0;
-	memcpy(out, in, ilen);
-	return (ilen + 1);
-}
-
-static int
-rle_expand_block(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
-    unsigned char *in, unsigned int ilen)
-{
-	int i;
-
-	if (olen < (ilen - 1)) {
-		return (-1);
-	}
-
-	i= *(in++);
-	if (i == 0) {
-		memcpy(out, in, ilen - 1);
-	}
-	return (ilen - 1);
-}
diff --git a/lib/libssl/src/crypto/comp/c_zlib.c b/lib/libssl/src/crypto/comp/c_zlib.c
deleted file mode 100644
index d9a3359313c..00000000000
--- a/lib/libssl/src/crypto/comp/c_zlib.c
+++ /dev/null
@@ -1,564 +0,0 @@
-/* $OpenBSD: c_zlib.c,v 1.18 2015/12/23 20:37:23 mmcc Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-#include <openssl/err.h>
-
-COMP_METHOD *COMP_zlib(void );
-
-static COMP_METHOD zlib_method_nozlib = {
-	.type = NID_undef,
-	.name = "(undef)"
-};
-
-#ifdef ZLIB
-
-#include <zlib.h>
-
-static int zlib_stateful_init(COMP_CTX *ctx);
-static void zlib_stateful_finish(COMP_CTX *ctx);
-static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen);
-static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen);
-
-
-/* memory allocations functions for zlib intialization */
-static void*
-zlib_zalloc(void* opaque, unsigned int no, unsigned int size)
-{
-	return calloc(no, size);
-}
-
-static void
-zlib_zfree(void* opaque, void* address)
-{
-	free(address);
-}
-
-static COMP_METHOD zlib_stateful_method = {
-	.type = NID_zlib_compression,
-	.name = LN_zlib_compression,
-	.init = zlib_stateful_init,
-	.finish = zlib_stateful_finish,
-	.compress = zlib_stateful_compress_block,
-	.expand = zlib_stateful_expand_block
-};
-
-struct zlib_state {
-	z_stream istream;
-	z_stream ostream;
-};
-
-static int zlib_stateful_ex_idx = -1;
-
-static int
-zlib_stateful_init(COMP_CTX *ctx)
-{
-	int err;
-	struct zlib_state *state = malloc(sizeof(struct zlib_state));
-
-	if (state == NULL)
-		goto err;
-
-	state->istream.zalloc = zlib_zalloc;
-	state->istream.zfree = zlib_zfree;
-	state->istream.opaque = Z_NULL;
-	state->istream.next_in = Z_NULL;
-	state->istream.next_out = Z_NULL;
-	state->istream.avail_in = 0;
-	state->istream.avail_out = 0;
-	err = inflateInit_(&state->istream, ZLIB_VERSION, sizeof(z_stream));
-	if (err != Z_OK)
-		goto err;
-
-	state->ostream.zalloc = zlib_zalloc;
-	state->ostream.zfree = zlib_zfree;
-	state->ostream.opaque = Z_NULL;
-	state->ostream.next_in = Z_NULL;
-	state->ostream.next_out = Z_NULL;
-	state->ostream.avail_in = 0;
-	state->ostream.avail_out = 0;
-	err = deflateInit_(&state->ostream, Z_DEFAULT_COMPRESSION,
-	    ZLIB_VERSION, sizeof(z_stream));
-	if (err != Z_OK)
-		goto err;
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
-	CRYPTO_set_ex_data(&ctx->ex_data, zlib_stateful_ex_idx, state);
-	return 1;
-
-err:
-	free(state);
-	return 0;
-}
-
-static void
-zlib_stateful_finish(COMP_CTX *ctx)
-{
-	struct zlib_state *state =
-	    (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-	    zlib_stateful_ex_idx);
-
-	inflateEnd(&state->istream);
-	deflateEnd(&state->ostream);
-	free(state);
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
-}
-
-static int
-zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen)
-{
-	int err = Z_OK;
-	struct zlib_state *state =
-	    (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-	    zlib_stateful_ex_idx);
-
-	if (state == NULL)
-		return -1;
-
-	state->ostream.next_in = in;
-	state->ostream.avail_in = ilen;
-	state->ostream.next_out = out;
-	state->ostream.avail_out = olen;
-	if (ilen > 0)
-		err = deflate(&state->ostream, Z_SYNC_FLUSH);
-	if (err != Z_OK)
-		return -1;
-
-#ifdef DEBUG_ZLIB
-	fprintf(stderr, "compress(%4d)->%4d %s\n",
-	    ilen, olen - state->ostream.avail_out,
-	    (ilen != olen - state->ostream.avail_out)?"zlib":"clear");
-#endif
-
-	return olen - state->ostream.avail_out;
-}
-
-static int
-zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
-    unsigned int olen, unsigned char *in, unsigned int ilen)
-{
-	int err = Z_OK;
-
-	struct zlib_state *state =
-	    (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
-	    zlib_stateful_ex_idx);
-
-	if (state == NULL)
-		return 0;
-
-	state->istream.next_in = in;
-	state->istream.avail_in = ilen;
-	state->istream.next_out = out;
-	state->istream.avail_out = olen;
-	if (ilen > 0)
-		err = inflate(&state->istream, Z_SYNC_FLUSH);
-	if (err != Z_OK)
-		return -1;
-
-#ifdef DEBUG_ZLIB
-	fprintf(stderr, "expand(%4d)->%4d %s\n",
-	    ilen, olen - state->istream.avail_out,
-	    (ilen != olen - state->istream.avail_out)?"zlib":"clear");
-#endif
-
-	return olen - state->istream.avail_out;
-}
-
-#endif
-
-COMP_METHOD *
-COMP_zlib(void)
-{
-	COMP_METHOD *meth = &zlib_method_nozlib;
-
-#ifdef ZLIB
-	{
-		/* init zlib_stateful_ex_idx here so that in a multi-process
-		 * application it's enough to intialize openssl before forking
-		 * (idx will be inherited in all the children) */
-		if (zlib_stateful_ex_idx == -1) {
-			CRYPTO_w_lock(CRYPTO_LOCK_COMP);
-			if (zlib_stateful_ex_idx == -1)
-				zlib_stateful_ex_idx =
-			    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
-			    0, NULL, NULL, NULL, NULL);
-			CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
-			if (zlib_stateful_ex_idx == -1)
-				goto err;
-		}
-
-		meth = &zlib_stateful_method;
-	}
-
-err:
-#endif
-
-	return (meth);
-}
-
-void
-COMP_zlib_cleanup(void)
-{
-}
-
-#ifdef ZLIB
-
-/* Zlib based compression/decompression filter BIO */
-
-typedef struct {
-	unsigned char *ibuf;	/* Input buffer */
-	int ibufsize;		/* Buffer size */
-	z_stream zin;		/* Input decompress context */
-	unsigned char *obuf;	/* Output buffer */
-	int obufsize;		/* Output buffer size */
-	unsigned char *optr;	/* Position in output buffer */
-	int ocount;		/* Amount of data in output buffer */
-	int odone;		/* deflate EOF */
-	int comp_level;		/* Compression level to use */
-	z_stream zout;		/* Output compression context */
-} BIO_ZLIB_CTX;
-
-#define ZLIB_DEFAULT_BUFSIZE 1024
-
-static int bio_zlib_new(BIO *bi);
-static int bio_zlib_free(BIO *bi);
-static int bio_zlib_read(BIO *b, char *out, int outl);
-static int bio_zlib_write(BIO *b, const char *in, int inl);
-static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr);
-static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp);
-
-static BIO_METHOD bio_meth_zlib = {
-	.type = BIO_TYPE_COMP,
-	.name = "zlib",
-	.bwrite = bio_zlib_write,
-	.bread = bio_zlib_read,
-	.ctrl = bio_zlib_ctrl,
-	.create = bio_zlib_new,
-	.destroy = bio_zlib_free,
-	.callback_ctrl = bio_zlib_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_zlib(void)
-{
-	return &bio_meth_zlib;
-}
-
-
-static int
-bio_zlib_new(BIO *bi)
-{
-	BIO_ZLIB_CTX *ctx;
-
-	ctx = malloc(sizeof(BIO_ZLIB_CTX));
-	if (!ctx) {
-		COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ctx->ibuf = NULL;
-	ctx->obuf = NULL;
-	ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE;
-	ctx->obufsize = ZLIB_DEFAULT_BUFSIZE;
-	ctx->zin.zalloc = Z_NULL;
-	ctx->zin.zfree = Z_NULL;
-	ctx->zin.next_in = NULL;
-	ctx->zin.avail_in = 0;
-	ctx->zin.next_out = NULL;
-	ctx->zin.avail_out = 0;
-	ctx->zout.zalloc = Z_NULL;
-	ctx->zout.zfree = Z_NULL;
-	ctx->zout.next_in = NULL;
-	ctx->zout.avail_in = 0;
-	ctx->zout.next_out = NULL;
-	ctx->zout.avail_out = 0;
-	ctx->odone = 0;
-	ctx->comp_level = Z_DEFAULT_COMPRESSION;
-	bi->init = 1;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	return 1;
-}
-
-static int
-bio_zlib_free(BIO *bi)
-{
-	BIO_ZLIB_CTX *ctx;
-
-	if (!bi)
-		return 0;
-	ctx = (BIO_ZLIB_CTX *)bi->ptr;
-	if (ctx->ibuf) {
-		/* Destroy decompress context */
-		inflateEnd(&ctx->zin);
-		free(ctx->ibuf);
-	}
-	if (ctx->obuf) {
-		/* Destroy compress context */
-		deflateEnd(&ctx->zout);
-		free(ctx->obuf);
-	}
-	free(ctx);
-	bi->ptr = NULL;
-	bi->init = 0;
-	bi->flags = 0;
-	return 1;
-}
-
-static int
-bio_zlib_read(BIO *b, char *out, int outl)
-{
-	BIO_ZLIB_CTX *ctx;
-	int ret;
-	z_stream *zin;
-
-	if (!out || !outl)
-		return 0;
-	ctx = (BIO_ZLIB_CTX *)b->ptr;
-	zin = &ctx->zin;
-	BIO_clear_retry_flags(b);
-	if (!ctx->ibuf) {
-		ctx->ibuf = malloc(ctx->ibufsize);
-		if (!ctx->ibuf) {
-			COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		inflateInit(zin);
-		zin->next_in = ctx->ibuf;
-		zin->avail_in = 0;
-	}
-
-	/* Copy output data directly to supplied buffer */
-	zin->next_out = (unsigned char *)out;
-	zin->avail_out = (unsigned int)outl;
-	for (;;) {
-		/* Decompress while data available */
-		while (zin->avail_in) {
-			ret = inflate(zin, 0);
-			if ((ret != Z_OK) && (ret != Z_STREAM_END)) {
-				COMPerr(COMP_F_BIO_ZLIB_READ,
-				    COMP_R_ZLIB_INFLATE_ERROR);
-				ERR_asprintf_error_data("zlib error:%s",
-				    zError(ret));
-				return 0;
-			}
-			/* If EOF or we've read everything then return */
-			if ((ret == Z_STREAM_END) || !zin->avail_out)
-				return outl - zin->avail_out;
-		}
-
-		/* No data in input buffer try to read some in,
-		 * if an error then return the total data read.
-		 */
-		ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize);
-		if (ret <= 0) {
-			/* Total data read */
-			int tot = outl - zin->avail_out;
-			BIO_copy_next_retry(b);
-			if (ret < 0)
-				return (tot > 0) ? tot : ret;
-			return tot;
-		}
-		zin->avail_in = ret;
-		zin->next_in = ctx->ibuf;
-	}
-}
-
-static int
-bio_zlib_write(BIO *b, const char *in, int inl)
-{
-	BIO_ZLIB_CTX *ctx;
-	int ret;
-	z_stream *zout;
-
-	if (!in || !inl)
-		return 0;
-	ctx = (BIO_ZLIB_CTX *)b->ptr;
-	if (ctx->odone)
-		return 0;
-	zout = &ctx->zout;
-	BIO_clear_retry_flags(b);
-	if (!ctx->obuf) {
-		ctx->obuf = malloc(ctx->obufsize);
-		/* Need error here */
-		if (!ctx->obuf) {
-			COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		ctx->optr = ctx->obuf;
-		ctx->ocount = 0;
-		deflateInit(zout, ctx->comp_level);
-		zout->next_out = ctx->obuf;
-		zout->avail_out = ctx->obufsize;
-	}
-	/* Obtain input data directly from supplied buffer */
-	zout->next_in = (void *)in;
-	zout->avail_in = inl;
-	for (;;) {
-		/* If data in output buffer write it first */
-		while (ctx->ocount) {
-			ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
-			if (ret <= 0) {
-				/* Total data written */
-				int tot = inl - zout->avail_in;
-				BIO_copy_next_retry(b);
-				if (ret < 0)
-					return (tot > 0) ? tot : ret;
-				return tot;
-			}
-			ctx->optr += ret;
-			ctx->ocount -= ret;
-		}
-
-		/* Have we consumed all supplied data? */
-		if (!zout->avail_in)
-			return inl;
-
-		/* Compress some more */
-
-		/* Reset buffer */
-		ctx->optr = ctx->obuf;
-		zout->next_out = ctx->obuf;
-		zout->avail_out = ctx->obufsize;
-		/* Compress some more */
-		ret = deflate(zout, 0);
-		if (ret != Z_OK) {
-			COMPerr(COMP_F_BIO_ZLIB_WRITE,
-			    COMP_R_ZLIB_DEFLATE_ERROR);
-			ERR_asprintf_error_data("zlib error:%s", zError(ret));
-			return 0;
-		}
-		ctx->ocount = ctx->obufsize - zout->avail_out;
-	}
-}
-
-static int
-bio_zlib_flush(BIO *b)
-{
-	BIO_ZLIB_CTX *ctx;
-	int ret;
-	z_stream *zout;
-
-	ctx = (BIO_ZLIB_CTX *)b->ptr;
-	/* If no data written or already flush show success */
-	if (!ctx->obuf || (ctx->odone && !ctx->ocount))
-		return 1;
-	zout = &ctx->zout;
-	BIO_clear_retry_flags(b);
-	/* No more input data */
-	zout->next_in = NULL;
-	zout->avail_in = 0;
-	for (;;) {
-		/* If data in output buffer write it first */
-		while (ctx->ocount) {
-			ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
-			if (ret <= 0) {
-				BIO_copy_next_retry(b);
-				return ret;
-			}
-			ctx->optr += ret;
-			ctx->ocount -= ret;
-		}
-		if (ctx->odone)
-			return 1;
-
-		/* Compress some more */
-
-		/* Reset buffer */
-		ctx->optr = ctx->obuf;
-		zout->next_out = ctx->obuf;
-		zout->avail_out = ctx->obufsize;
-		/* Compress some more */
-		ret = deflate(zout, Z_FINISH);
-		if (ret == Z_STREAM_END)
-			ctx->odone = 1;
-		else if (ret != Z_OK) {
-			COMPerr(COMP_F_BIO_ZLIB_FLUSH,
-			    COMP_R_ZLIB_DEFLATE_ERROR);
-			ERR_asprintf_error_data("zlib error:%s", zError(ret));
-			return 0;
-		}
-		ctx->ocount = ctx->obufsize - zout->avail_out;
-	}
-}
-
-static long
-bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO_ZLIB_CTX *ctx;
-	int ret, *ip;
-	int ibs, obs;
-	if (!b->next_bio)
-		return 0;
-	ctx = (BIO_ZLIB_CTX *)b->ptr;
-	switch (cmd) {
-
-	case BIO_CTRL_RESET:
-		ctx->ocount = 0;
-		ctx->odone = 0;
-		ret = 1;
-		break;
-
-	case BIO_CTRL_FLUSH:
-		ret = bio_zlib_flush(b);
-		if (ret > 0)
-			ret = BIO_flush(b->next_bio);
-		break;
-
-	case BIO_C_SET_BUFF_SIZE:
-		ibs = -1;
-		obs = -1;
-		if (ptr != NULL) {
-			ip = ptr;
-			if (*ip == 0)
-				ibs = (int) num;
-			else
-				obs = (int) num;
-		} else {
-			ibs = (int)num;
-			obs = ibs;
-		}
-
-		if (ibs != -1) {
-			free(ctx->ibuf);
-			ctx->ibuf = NULL;
-			ctx->ibufsize = ibs;
-		}
-
-		if (obs != -1) {
-			free(ctx->obuf);
-			ctx->obuf = NULL;
-			ctx->obufsize = obs;
-		}
-		ret = 1;
-		break;
-
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-
-	}
-
-	return ret;
-}
-
-
-static long
-bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	if (!b->next_bio)
-		return 0;
-	return BIO_callback_ctrl(b->next_bio, cmd, fp);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/comp/comp.h b/lib/libssl/src/crypto/comp/comp.h
deleted file mode 100644
index fe7397f8ea4..00000000000
--- a/lib/libssl/src/crypto/comp/comp.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/* $OpenBSD: comp.h,v 1.8 2014/11/03 16:58:28 tedu Exp $ */
-
-#ifndef HEADER_COMP_H
-#define HEADER_COMP_H
-
-#include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct comp_ctx_st COMP_CTX;
-
-typedef struct comp_method_st {
-	int type;		/* NID for compression library */
-	const char *name;	/* A text string to identify the library */
-	int (*init)(COMP_CTX *ctx);
-	void (*finish)(COMP_CTX *ctx);
-	int (*compress)(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
-	    unsigned char *in, unsigned int ilen);
-	int (*expand)(COMP_CTX *ctx, unsigned char *out, unsigned int olen,
-	    unsigned char *in, unsigned int ilen);
-	/* The following two do NOTHING, but are kept for backward compatibility */
-	long (*ctrl)(void);
-	long (*callback_ctrl)(void);
-} COMP_METHOD;
-
-struct comp_ctx_st {
-	COMP_METHOD *meth;
-	unsigned long compress_in;
-	unsigned long compress_out;
-	unsigned long expand_in;
-	unsigned long expand_out;
-
-	CRYPTO_EX_DATA	ex_data;
-};
-
-
-COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
-void COMP_CTX_free(COMP_CTX *ctx);
-int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-    unsigned char *in, int ilen);
-int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-    unsigned char *in, int ilen);
-COMP_METHOD *COMP_rle(void );
-COMP_METHOD *COMP_zlib(void );
-void COMP_zlib_cleanup(void);
-
-#ifdef HEADER_BIO_H
-#ifdef ZLIB
-BIO_METHOD *BIO_f_zlib(void);
-#endif
-#endif
-
-void ERR_load_COMP_strings(void);
-
-/* Error codes for the COMP functions. */
-
-/* Function codes. */
-#define COMP_F_BIO_ZLIB_FLUSH				 99
-#define COMP_F_BIO_ZLIB_NEW				 100
-#define COMP_F_BIO_ZLIB_READ				 101
-#define COMP_F_BIO_ZLIB_WRITE				 102
-
-/* Reason codes. */
-#define COMP_R_ZLIB_DEFLATE_ERROR			 99
-#define COMP_R_ZLIB_INFLATE_ERROR			 100
-#define COMP_R_ZLIB_NOT_SUPPORTED			 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/comp/comp_err.c b/lib/libssl/src/crypto/comp/comp_err.c
deleted file mode 100644
index 3f796d4069b..00000000000
--- a/lib/libssl/src/crypto/comp/comp_err.c
+++ /dev/null
@@ -1,95 +0,0 @@
-/* $OpenBSD: comp_err.c,v 1.9 2014/11/03 16:58:28 tedu Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/comp.h>
-#include <openssl/err.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
-
-static ERR_STRING_DATA COMP_str_functs[] = {
-	{ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH),	"BIO_ZLIB_FLUSH"},
-	{ERR_FUNC(COMP_F_BIO_ZLIB_NEW),	"BIO_ZLIB_NEW"},
-	{ERR_FUNC(COMP_F_BIO_ZLIB_READ),	"BIO_ZLIB_READ"},
-	{ERR_FUNC(COMP_F_BIO_ZLIB_WRITE),	"BIO_ZLIB_WRITE"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA COMP_str_reasons[] = {
-	{ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR)   , "zlib deflate error"},
-	{ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR)   , "zlib inflate error"},
-	{ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED)   , "zlib not supported"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_COMP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, COMP_str_functs);
-		ERR_load_strings(0, COMP_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/comp/comp_lib.c b/lib/libssl/src/crypto/comp/comp_lib.c
deleted file mode 100644
index dde238ef728..00000000000
--- a/lib/libssl/src/crypto/comp/comp_lib.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* $OpenBSD: comp_lib.c,v 1.8 2014/11/03 16:58:28 tedu Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/objects.h>
-#include <openssl/comp.h>
-
-COMP_CTX *
-COMP_CTX_new(COMP_METHOD *meth)
-{
-	COMP_CTX *ret;
-
-	if ((ret = calloc(1, sizeof(COMP_CTX))) == NULL) {
-		return (NULL);
-	}
-	ret->meth = meth;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-		free(ret);
-		ret = NULL;
-	}
-	return (ret);
-}
-
-void
-COMP_CTX_free(COMP_CTX *ctx)
-{
-	if (ctx == NULL)
-		return;
-
-	if (ctx->meth->finish != NULL)
-		ctx->meth->finish(ctx);
-
-	free(ctx);
-}
-
-int
-COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
-    unsigned char *in, int ilen)
-{
-	int ret;
-
-	if (ctx->meth->compress == NULL) {
-		return (-1);
-	}
-	ret = ctx->meth->compress(ctx, out, olen, in, ilen);
-	if (ret > 0) {
-		ctx->compress_in += ilen;
-		ctx->compress_out += ret;
-	}
-	return (ret);
-}
-
-int
-COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
-    unsigned char *in, int ilen)
-{
-	int ret;
-
-	if (ctx->meth->expand == NULL) {
-		return (-1);
-	}
-	ret = ctx->meth->expand(ctx, out, olen, in, ilen);
-	if (ret > 0) {
-		ctx->expand_in += ilen;
-		ctx->expand_out += ret;
-	}
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/conf/README b/lib/libssl/src/crypto/conf/README
deleted file mode 100644
index 96e53b34ed8..00000000000
--- a/lib/libssl/src/crypto/conf/README
+++ /dev/null
@@ -1,73 +0,0 @@
-Configuration modules. These are a set of modules which can perform
-various configuration functions.
-
-Currently the routines should be called at most once when an application
-starts up: that is before it starts any threads.
-
-The routines read a configuration file set up like this:
-
------
-#default section
-openssl_conf=init_section
-
-[init_section]
-
-module1=value1
-#Second instance of module1
-module1.1=valueX
-module2=value2
-module3=dso_literal
-module4=dso_section
-
-[dso_section]
-
-path=/some/path/to/some/dso.so
-other_stuff=other_value
-----
-
-When this file is loaded a configuration module with the specified string
-(module* in the above example) is looked up and its init function called as:
-
-int conf_init_func(CONF_IMODULE *md, CONF *cnf);
-
-The function can then take whatever action is appropriate, for example further
-lookups based on the value. Multiple instances of the same config module can be
-loaded.
-
-When the application closes down the modules are cleaned up by calling an
-optional finish function:
-
-void conf_finish_func(CONF_IMODULE *md);
-
-The finish functions are called in reverse order: that is the last module
-loaded is the first one cleaned up.
-
-If no module exists with a given name then an attempt is made to load a DSO
-with the supplied name. This might mean that "module3" attempts to load a DSO
-called libmodule3.so or module3.dll for example. An explicit DSO name can be
-given by including a separate section as in the module4 example above.
-
-The DSO is expected to at least contain an initialization function:
-
-int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);
-
-and may also include a finish function:
-
-void OPENSSL_finish(CONF_IMODULE *md);
-
-Static modules can also be added using,
-
-int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
-*ffunc);
-
-where "name" is the name in the configuration file this function corresponds
-to.
-
-A set of builtin modules (currently only an ASN1 non functional test module)
-can be added by calling OPENSSL_load_builtin_modules(). 
-
-The function OPENSSL_config() is intended as a simple configuration function
-that any application can call to perform various default configuration tasks.
-It uses the file openssl.cnf in the usual locations.
-
-
diff --git a/lib/libssl/src/crypto/conf/conf.h b/lib/libssl/src/crypto/conf/conf.h
deleted file mode 100644
index 095066d31bb..00000000000
--- a/lib/libssl/src/crypto/conf/conf.h
+++ /dev/null
@@ -1,249 +0,0 @@
-/* $OpenBSD: conf.h,v 1.14 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_H
-#define HEADER_CONF_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct {
-	char *section;
-	char *name;
-	char *value;
-} CONF_VALUE;
-
-DECLARE_STACK_OF(CONF_VALUE)
-DECLARE_LHASH_OF(CONF_VALUE);
-
-struct conf_st;
-struct conf_method_st;
-typedef struct conf_method_st CONF_METHOD;
-
-struct conf_method_st {
-	const char *name;
-	CONF *(*create)(CONF_METHOD *meth);
-	int (*init)(CONF *conf);
-	int (*destroy)(CONF *conf);
-	int (*destroy_data)(CONF *conf);
-	int (*load_bio)(CONF *conf, BIO *bp, long *eline);
-	int (*dump)(const CONF *conf, BIO *bp);
-	int (*is_number)(const CONF *conf, char c);
-	int (*to_int)(const CONF *conf, char c);
-	int (*load)(CONF *conf, const char *name, long *eline);
-};
-
-/* Module definitions */
-
-typedef struct conf_imodule_st CONF_IMODULE;
-typedef struct conf_module_st CONF_MODULE;
-
-DECLARE_STACK_OF(CONF_MODULE)
-DECLARE_STACK_OF(CONF_IMODULE)
-
-/* DSO module function typedefs */
-typedef int conf_init_func(CONF_IMODULE *md, const CONF *cnf);
-typedef void conf_finish_func(CONF_IMODULE *md);
-
-#define	CONF_MFLAGS_IGNORE_ERRORS	0x1
-#define CONF_MFLAGS_IGNORE_RETURN_CODES	0x2
-#define CONF_MFLAGS_SILENT		0x4
-#define CONF_MFLAGS_NO_DSO		0x8
-#define CONF_MFLAGS_IGNORE_MISSING_FILE	0x10
-#define CONF_MFLAGS_DEFAULT_SECTION	0x20
-
-int CONF_set_default_method(CONF_METHOD *meth);
-void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
-    long *eline);
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
-    long *eline);
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp, long *eline);
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
-    const char *section);
-char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
-    const char *name);
-long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
-    const char *name);
-void CONF_free(LHASH_OF(CONF_VALUE) *conf);
-int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
-int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
-
-void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
-
-/* New conf code.  The semantics are different from the functions above.
-   If that wasn't the case, the above functions would have been replaced */
-
-struct conf_st {
-	CONF_METHOD *meth;
-	void *meth_data;
-	LHASH_OF(CONF_VALUE) *data;
-};
-
-CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
-void NCONF_free(CONF *conf);
-void NCONF_free_data(CONF *conf);
-
-int NCONF_load(CONF *conf, const char *file, long *eline);
-int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
-int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
-STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section);
-char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
-int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
-    long *result);
-int NCONF_dump_fp(const CONF *conf, FILE *out);
-int NCONF_dump_bio(const CONF *conf, BIO *out);
-
-#define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
-
-/* Module functions */
-
-int CONF_modules_load(const CONF *cnf, const char *appname,
-    unsigned long flags);
-int CONF_modules_load_file(const char *filename, const char *appname,
-    unsigned long flags);
-void CONF_modules_unload(int all);
-void CONF_modules_finish(void);
-void CONF_modules_free(void);
-int CONF_module_add(const char *name, conf_init_func *ifunc,
-    conf_finish_func *ffunc);
-
-const char *CONF_imodule_get_name(const CONF_IMODULE *md);
-const char *CONF_imodule_get_value(const CONF_IMODULE *md);
-void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
-void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
-CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
-unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
-void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
-void *CONF_module_get_usr_data(CONF_MODULE *pmod);
-void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
-
-char *CONF_get1_default_config_file(void);
-
-int CONF_parse_list(const char *list, int sep, int nospc,
-    int (*list_cb)(const char *elem, int len, void *usr), void *arg);
-
-void OPENSSL_load_builtin_modules(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CONF_strings(void);
-
-/* Error codes for the CONF functions. */
-
-/* Function codes. */
-#define CONF_F_CONF_DUMP_FP				 104
-#define CONF_F_CONF_LOAD				 100
-#define CONF_F_CONF_LOAD_BIO				 102
-#define CONF_F_CONF_LOAD_FP				 103
-#define CONF_F_CONF_MODULES_LOAD			 116
-#define CONF_F_CONF_PARSE_LIST				 119
-#define CONF_F_DEF_LOAD					 120
-#define CONF_F_DEF_LOAD_BIO				 121
-#define CONF_F_MODULE_INIT				 115
-#define CONF_F_MODULE_LOAD_DSO				 117
-#define CONF_F_MODULE_RUN				 118
-#define CONF_F_NCONF_DUMP_BIO				 105
-#define CONF_F_NCONF_DUMP_FP				 106
-#define CONF_F_NCONF_GET_NUMBER				 107
-#define CONF_F_NCONF_GET_NUMBER_E			 112
-#define CONF_F_NCONF_GET_SECTION			 108
-#define CONF_F_NCONF_GET_STRING				 109
-#define CONF_F_NCONF_LOAD				 113
-#define CONF_F_NCONF_LOAD_BIO				 110
-#define CONF_F_NCONF_LOAD_FP				 114
-#define CONF_F_NCONF_NEW				 111
-#define CONF_F_STR_COPY					 101
-
-/* Reason codes. */
-#define CONF_R_ERROR_LOADING_DSO			 110
-#define CONF_R_LIST_CANNOT_BE_NULL			 115
-#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET		 100
-#define CONF_R_MISSING_EQUAL_SIGN			 101
-#define CONF_R_MISSING_FINISH_FUNCTION			 111
-#define CONF_R_MISSING_INIT_FUNCTION			 112
-#define CONF_R_MODULE_INITIALIZATION_ERROR		 109
-#define CONF_R_NO_CLOSE_BRACE				 102
-#define CONF_R_NO_CONF					 105
-#define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE		 106
-#define CONF_R_NO_SECTION				 107
-#define CONF_R_NO_SUCH_FILE				 114
-#define CONF_R_NO_VALUE					 108
-#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION		 103
-#define CONF_R_UNKNOWN_MODULE_NAME			 113
-#define CONF_R_VARIABLE_HAS_NO_VALUE			 104
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/conf/conf_api.c b/lib/libssl/src/crypto/conf/conf_api.c
deleted file mode 100644
index f296e6a9629..00000000000
--- a/lib/libssl/src/crypto/conf/conf_api.c
+++ /dev/null
@@ -1,279 +0,0 @@
-/* $OpenBSD: conf_api.c,v 1.15 2015/04/11 16:03:21 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#ifndef CONF_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
-#endif
-
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-
-static void value_free_hash_doall_arg(CONF_VALUE *a,
-    LHASH_OF(CONF_VALUE) *conf);
-static void value_free_stack_doall(CONF_VALUE *a);
-static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE,
-    LHASH_OF(CONF_VALUE))
-static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE)
-
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *
-_CONF_get_section(const CONF *conf, const char *section)
-{
-	CONF_VALUE *v, vv;
-
-	if ((conf == NULL) || (section == NULL))
-		return (NULL);
-	vv.name = NULL;
-	vv.section = (char *)section;
-	v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-	return (v);
-}
-
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *
-_CONF_get_section_values(const CONF *conf, const char *section)
-{
-	CONF_VALUE *v;
-
-	v = _CONF_get_section(conf, section);
-	if (v != NULL)
-		return ((STACK_OF(CONF_VALUE) *)v->value);
-	else
-		return (NULL);
-}
-
-int
-_CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
-{
-	CONF_VALUE *v = NULL;
-	STACK_OF(CONF_VALUE) *ts;
-
-	ts = (STACK_OF(CONF_VALUE) *)section->value;
-
-	value->section = section->section;
-	if (!sk_CONF_VALUE_push(ts, value)) {
-		return 0;
-	}
-
-	v = lh_CONF_VALUE_insert(conf->data, value);
-	if (v != NULL) {
-		(void)sk_CONF_VALUE_delete_ptr(ts, v);
-		free(v->name);
-		free(v->value);
-		free(v);
-	}
-	return 1;
-}
-
-char *
-_CONF_get_string(const CONF *conf, const char *section, const char *name)
-{
-	CONF_VALUE *v, vv;
-
-	if (name == NULL)
-		return (NULL);
-	if (conf != NULL) {
-		if (section != NULL) {
-			vv.name = (char *)name;
-			vv.section = (char *)section;
-			v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-			if (v != NULL)
-				return (v->value);
-		}
-		vv.section = "default";
-		vv.name = (char *)name;
-		v = lh_CONF_VALUE_retrieve(conf->data, &vv);
-		if (v != NULL)
-			return (v->value);
-		else
-			return (NULL);
-	} else
-		return (NULL);
-}
-
-static unsigned long
-conf_value_hash(const CONF_VALUE *v)
-{
-	return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name);
-}
-
-static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE)
-
-static int
-conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
-{
-	int i;
-
-	if (a->section != b->section) {
-		i = strcmp(a->section, b->section);
-		if (i)
-			return (i);
-	}
-	if ((a->name != NULL) && (b->name != NULL)) {
-		i = strcmp(a->name, b->name);
-		return (i);
-	} else if (a->name == b->name)
-		return (0);
-	else
-		return ((a->name == NULL)?-1 : 1);
-}
-
-static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE)
-
-int
-_CONF_new_data(CONF *conf)
-{
-	if (conf == NULL) {
-		return 0;
-	}
-	if (conf->data == NULL)
-		if ((conf->data = lh_CONF_VALUE_new()) == NULL) {
-			return 0;
-		}
-	return 1;
-}
-
-void
-_CONF_free_data(CONF *conf)
-{
-	if (conf == NULL || conf->data == NULL)
-		return;
-
-	lh_CONF_VALUE_down_load(conf->data) = 0; /* evil thing to make
-						  * sure the 'free()' works as
-						  * expected */
-	lh_CONF_VALUE_doall_arg(conf->data,
-	    LHASH_DOALL_ARG_FN(value_free_hash),
-	    LHASH_OF(CONF_VALUE), conf->data);
-
-	/* We now have only 'section' entries in the hash table.
-	 * Due to problems with */
-
-	lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack));
-	lh_CONF_VALUE_free(conf->data);
-}
-
-static void
-value_free_hash_doall_arg(CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf)
-{
-	if (a->name != NULL)
-		(void)lh_CONF_VALUE_delete(conf, a);
-}
-
-static void
-value_free_stack_doall(CONF_VALUE *a)
-{
-	CONF_VALUE *vv;
-	STACK_OF(CONF_VALUE) *sk;
-	int i;
-
-	if (a->name != NULL)
-		return;
-
-	sk = (STACK_OF(CONF_VALUE) *)a->value;
-	for (i = sk_CONF_VALUE_num(sk) - 1; i >= 0; i--) {
-		vv = sk_CONF_VALUE_value(sk, i);
-		free(vv->value);
-		free(vv->name);
-		free(vv);
-	}
-	if (sk != NULL)
-		sk_CONF_VALUE_free(sk);
-	free(a->section);
-	free(a);
-}
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *
-_CONF_new_section(CONF *conf, const char *section)
-{
-	STACK_OF(CONF_VALUE) *sk = NULL;
-	int ok = 0, i;
-	CONF_VALUE *v = NULL, *vv;
-
-	if ((sk = sk_CONF_VALUE_new_null()) == NULL)
-		goto err;
-	if ((v = malloc(sizeof(CONF_VALUE))) == NULL)
-		goto err;
-	i = strlen(section) + 1;
-	if ((v->section = malloc(i)) == NULL)
-		goto err;
-
-	memcpy(v->section, section, i);
-	v->name = NULL;
-	v->value = (char *)sk;
-
-	vv = lh_CONF_VALUE_insert(conf->data, v);
-	OPENSSL_assert(vv == NULL);
-	ok = 1;
-
-err:
-	if (!ok) {
-		if (sk != NULL)
-			sk_CONF_VALUE_free(sk);
-		free(v);
-		v = NULL;
-	}
-	return (v);
-}
diff --git a/lib/libssl/src/crypto/conf/conf_api.h b/lib/libssl/src/crypto/conf/conf_api.h
deleted file mode 100644
index 95f9386226a..00000000000
--- a/lib/libssl/src/crypto/conf/conf_api.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* $OpenBSD: conf_api.h,v 1.4 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef  HEADER_CONF_API_H
-#define HEADER_CONF_API_H
-
-#include <openssl/lhash.h>
-#include <openssl/conf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Up until OpenSSL 0.9.5a, this was new_section */
-CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was get_section */
-CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
-/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
-STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
-    const char *section);
-
-int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
-char *_CONF_get_string(const CONF *conf, const char *section,
-    const char *name);
-long _CONF_get_number(const CONF *conf, const char *section, const char *name);
-
-int _CONF_new_data(CONF *conf);
-void _CONF_free_data(CONF *conf);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/conf/conf_def.c b/lib/libssl/src/crypto/conf/conf_def.c
deleted file mode 100644
index e11ef95e437..00000000000
--- a/lib/libssl/src/crypto/conf/conf_def.c
+++ /dev/null
@@ -1,702 +0,0 @@
-/* $OpenBSD: conf_def.c,v 1.31 2015/07/18 22:42:09 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Part of the code in here was originally in conf.c, which is now removed */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/stack.h>
-
-#include "conf_def.h"
-
-static char *eat_ws(CONF *conf, char *p);
-static char *eat_alpha_numeric(CONF *conf, char *p);
-static void clear_comments(CONF *conf, char *p);
-static int str_copy(CONF *conf, char *section, char **to, char *from);
-static char *scan_quote(CONF *conf, char *p);
-static char *scan_dquote(CONF *conf, char *p);
-#define scan_esc(conf,p)	(((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
-
-static CONF *def_create(CONF_METHOD *meth);
-static int def_init_default(CONF *conf);
-static int def_init_WIN32(CONF *conf);
-static int def_destroy(CONF *conf);
-static int def_destroy_data(CONF *conf);
-static int def_load(CONF *conf, const char *name, long *eline);
-static int def_load_bio(CONF *conf, BIO *bp, long *eline);
-static int def_dump(const CONF *conf, BIO *bp);
-static int def_is_number(const CONF *conf, char c);
-static int def_to_int(const CONF *conf, char c);
-
-static CONF_METHOD default_method = {
-	.name = "OpenSSL default",
-	.create = def_create,
-	.init = def_init_default,
-	.destroy = def_destroy,
-	.destroy_data = def_destroy_data,
-	.load_bio = def_load_bio,
-	.dump = def_dump,
-	.is_number = def_is_number,
-	.to_int = def_to_int,
-	.load = def_load
-};
-
-static CONF_METHOD WIN32_method = {
-	"WIN32",
-	def_create,
-	def_init_WIN32,
-	def_destroy,
-	def_destroy_data,
-	def_load_bio,
-	def_dump,
-	def_is_number,
-	def_to_int,
-	def_load
-};
-
-CONF_METHOD *
-NCONF_default(void)
-{
-	return &default_method;
-}
-
-CONF_METHOD *
-NCONF_WIN32(void)
-{
-	return &WIN32_method;
-}
-
-static CONF *
-def_create(CONF_METHOD *meth)
-{
-	CONF *ret;
-
-	ret = malloc(sizeof(CONF) + sizeof(unsigned short *));
-	if (ret)
-		if (meth->init(ret) == 0) {
-			free(ret);
-			ret = NULL;
-		}
-	return ret;
-}
-
-static int
-def_init_default(CONF *conf)
-{
-	if (conf == NULL)
-		return 0;
-
-	conf->meth = &default_method;
-	conf->meth_data = CONF_type_default;
-	conf->data = NULL;
-
-	return 1;
-}
-
-static int
-def_init_WIN32(CONF *conf)
-{
-	if (conf == NULL)
-		return 0;
-
-	conf->meth = &WIN32_method;
-	conf->meth_data = (void *)CONF_type_win32;
-	conf->data = NULL;
-
-	return 1;
-}
-
-static int
-def_destroy(CONF *conf)
-{
-	if (def_destroy_data(conf)) {
-		free(conf);
-		return 1;
-	}
-	return 0;
-}
-
-static int
-def_destroy_data(CONF *conf)
-{
-	if (conf == NULL)
-		return 0;
-	_CONF_free_data(conf);
-	return 1;
-}
-
-static int
-def_load(CONF *conf, const char *name, long *line)
-{
-	int ret;
-	BIO *in = NULL;
-
-	in = BIO_new_file(name, "rb");
-	if (in == NULL) {
-		if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
-			CONFerr(CONF_F_DEF_LOAD, CONF_R_NO_SUCH_FILE);
-		else
-			CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB);
-		return 0;
-	}
-
-	ret = def_load_bio(conf, in, line);
-	BIO_free(in);
-
-	return ret;
-}
-
-static int
-def_load_bio(CONF *conf, BIO *in, long *line)
-{
-/* The macro BUFSIZE conflicts with a system macro in VxWorks */
-#define CONFBUFSIZE	512
-	int bufnum = 0, i, ii;
-	BUF_MEM *buff = NULL;
-	char *s, *p, *end;
-	int again;
-	long eline = 0;
-	CONF_VALUE *v = NULL, *tv;
-	CONF_VALUE *sv = NULL;
-	char *section = NULL, *buf;
-	char *start, *psection, *pname;
-	void *h = (void *)(conf->data);
-
-	if ((buff = BUF_MEM_new()) == NULL) {
-		CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
-		goto err;
-	}
-
-	section = strdup("default");
-	if (section == NULL) {
-		CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (_CONF_new_data(conf) == 0) {
-		CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	sv = _CONF_new_section(conf, section);
-	if (sv == NULL) {
-		CONFerr(CONF_F_DEF_LOAD_BIO,
-		    CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-		goto err;
-	}
-
-	bufnum = 0;
-	again = 0;
-	for (;;) {
-		if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
-			CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
-			goto err;
-		}
-		p = &(buff->data[bufnum]);
-		*p = '\0';
-		BIO_gets(in, p, CONFBUFSIZE - 1);
-		p[CONFBUFSIZE - 1] = '\0';
-		ii = i = strlen(p);
-		if (i == 0 && !again)
-			break;
-		again = 0;
-		while (i > 0) {
-			if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
-				break;
-			else
-				i--;
-		}
-		/* we removed some trailing stuff so there is a new
-		 * line on the end. */
-		if (ii && i == ii)
-			again = 1; /* long line */
-		else {
-			p[i] = '\0';
-			eline++; /* another input line */
-		}
-
-		/* we now have a line with trailing \r\n removed */
-
-		/* i is the number of bytes */
-		bufnum += i;
-
-		v = NULL;
-		/* check for line continuation */
-		if (bufnum >= 1) {
-			/* If we have bytes and the last char '\\' and
-			 * second last char is not '\\' */
-			p = &(buff->data[bufnum - 1]);
-			if (IS_ESC(conf, p[0]) &&
-			    ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) {
-				bufnum--;
-				again = 1;
-			}
-		}
-		if (again)
-			continue;
-		bufnum = 0;
-		buf = buff->data;
-
-		clear_comments(conf, buf);
-		s = eat_ws(conf, buf);
-		if (IS_EOF(conf, *s))
-			continue; /* blank line */
-		if (*s == '[') {
-			char *ss;
-
-			s++;
-			start = eat_ws(conf, s);
-			ss = start;
-again:
-			end = eat_alpha_numeric(conf, ss);
-			p = eat_ws(conf, end);
-			if (*p != ']') {
-				if (*p != '\0' && ss != p) {
-					ss = p;
-					goto again;
-				}
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
-				goto err;
-			}
-			*end = '\0';
-			if (!str_copy(conf, NULL, &section, start))
-				goto err;
-			if ((sv = _CONF_get_section(conf, section)) == NULL)
-				sv = _CONF_new_section(conf, section);
-			if (sv == NULL) {
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-				goto err;
-			}
-			continue;
-		} else {
-			pname = s;
-			psection = NULL;
-			end = eat_alpha_numeric(conf, s);
-			if ((end[0] == ':') && (end[1] == ':')) {
-				*end = '\0';
-				end += 2;
-				psection = pname;
-				pname = end;
-				end = eat_alpha_numeric(conf, end);
-			}
-			p = eat_ws(conf, end);
-			if (*p != '=') {
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    CONF_R_MISSING_EQUAL_SIGN);
-				goto err;
-			}
-			*end = '\0';
-			p++;
-			start = eat_ws(conf, p);
-			while (!IS_EOF(conf, *p))
-				p++;
-			p--;
-			while ((p != start) && (IS_WS(conf, *p)))
-				p--;
-			p++;
-			*p = '\0';
-
-			if (!(v = malloc(sizeof(CONF_VALUE)))) {
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			if (psection == NULL)
-				psection = section;
-			v->name = strdup(pname);
-			v->value = NULL;
-			if (v->name == NULL) {
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			if (!str_copy(conf, psection, &(v->value), start))
-				goto err;
-
-			if (strcmp(psection, section) != 0) {
-				if ((tv = _CONF_get_section(conf, psection))
-					== NULL)
-					tv = _CONF_new_section(conf, psection);
-				if (tv == NULL) {
-					CONFerr(CONF_F_DEF_LOAD_BIO,
-					    CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
-					goto err;
-				}
-			} else
-				tv = sv;
-
-			if (_CONF_add_string(conf, tv, v) == 0) {
-				CONFerr(CONF_F_DEF_LOAD_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			v = NULL;
-		}
-	}
-	if (buff != NULL)
-		BUF_MEM_free(buff);
-	free(section);
-	return (1);
-
-err:
-	if (buff != NULL)
-		BUF_MEM_free(buff);
-	free(section);
-	if (line != NULL)
-		*line = eline;
-	ERR_asprintf_error_data("line %ld", eline);
-	if ((h != conf->data) && (conf->data != NULL)) {
-		CONF_free(conf->data);
-		conf->data = NULL;
-	}
-	if (v != NULL) {
-		free(v->name);
-		free(v->value);
-		free(v);
-	}
-	return (0);
-}
-
-static void
-clear_comments(CONF *conf, char *p)
-{
-	for (;;) {
-		if (IS_FCOMMENT(conf, *p)) {
-			*p = '\0';
-			return;
-		}
-		if (!IS_WS(conf, *p)) {
-			break;
-		}
-		p++;
-	}
-
-	for (;;) {
-		if (IS_COMMENT(conf, *p)) {
-			*p = '\0';
-			return;
-		}
-		if (IS_DQUOTE(conf, *p)) {
-			p = scan_dquote(conf, p);
-			continue;
-		}
-		if (IS_QUOTE(conf, *p)) {
-			p = scan_quote(conf, p);
-			continue;
-		}
-		if (IS_ESC(conf, *p)) {
-			p = scan_esc(conf, p);
-			continue;
-		}
-		if (IS_EOF(conf, *p))
-			return;
-		else
-			p++;
-	}
-}
-
-static int
-str_copy(CONF *conf, char *section, char **pto, char *from)
-{
-	int q, r,rr = 0, to = 0, len = 0;
-	char *s, *e, *rp, *p, *rrp, *np, *cp, v;
-	BUF_MEM *buf;
-
-	if ((buf = BUF_MEM_new()) == NULL)
-		return (0);
-
-	len = strlen(from) + 1;
-	if (!BUF_MEM_grow(buf, len))
-		goto err;
-
-	for (;;) {
-		if (IS_QUOTE(conf, *from)) {
-			q = *from;
-			from++;
-			while (!IS_EOF(conf, *from) && (*from != q)) {
-				if (IS_ESC(conf, *from)) {
-					from++;
-					if (IS_EOF(conf, *from))
-						break;
-				}
-				buf->data[to++] = *(from++);
-			}
-			if (*from == q)
-				from++;
-		} else if (IS_DQUOTE(conf, *from)) {
-			q = *from;
-			from++;
-			while (!IS_EOF(conf, *from)) {
-				if (*from == q) {
-					if (*(from + 1) == q) {
-						from++;
-					} else {
-						break;
-					}
-				}
-				buf->data[to++] = *(from++);
-			}
-			if (*from == q)
-				from++;
-		} else if (IS_ESC(conf, *from)) {
-			from++;
-			v = *(from++);
-			if (IS_EOF(conf, v))
-				break;
-			else if (v == 'r')
-				v = '\r';
-			else if (v == 'n')
-				v = '\n';
-			else if (v == 'b')
-				v = '\b';
-			else if (v == 't')
-				v = '\t';
-			buf->data[to++] = v;
-		} else if (IS_EOF(conf, *from))
-			break;
-		else if (*from == '$') {
-			/* try to expand it */
-			rrp = NULL;
-			s = &(from[1]);
-			if (*s == '{')
-				q = '}';
-			else if (*s == '(')
-				q = ')';
-			else
-				q = 0;
-
-			if (q)
-				s++;
-			cp = section;
-			e = np = s;
-			while (IS_ALPHA_NUMERIC(conf, *e))
-				e++;
-			if ((e[0] == ':') && (e[1] == ':')) {
-				cp = np;
-				rrp = e;
-				rr = *e;
-				*rrp = '\0';
-				e += 2;
-				np = e;
-				while (IS_ALPHA_NUMERIC(conf, *e))
-					e++;
-			}
-			r = *e;
-			*e = '\0';
-			rp = e;
-			if (q) {
-				if (r != q) {
-					CONFerr(CONF_F_STR_COPY,
-					    CONF_R_NO_CLOSE_BRACE);
-					goto err;
-				}
-				e++;
-			}
-			/* So at this point we have
-			 * np which is the start of the name string which is
-			 *   '\0' terminated.
-			 * cp which is the start of the section string which is
-			 *   '\0' terminated.
-			 * e is the 'next point after'.
-			 * r and rr are the chars replaced by the '\0'
-			 * rp and rrp is where 'r' and 'rr' came from.
-			 */
-			p = _CONF_get_string(conf, cp, np);
-			if (rrp != NULL)
-				*rrp = rr;
-			*rp = r;
-			if (p == NULL) {
-				CONFerr(CONF_F_STR_COPY,
-				    CONF_R_VARIABLE_HAS_NO_VALUE);
-				goto err;
-			}
-			if (!BUF_MEM_grow_clean(buf,
-				(strlen(p) + buf->length - (e - from)))) {
-				CONFerr(CONF_F_STR_COPY,
-				    CONF_R_MODULE_INITIALIZATION_ERROR);
-				goto err;
-			}
-			while (*p)
-				buf->data[to++] = *(p++);
-
-			/* Since we change the pointer 'from', we also have
-			   to change the perceived length of the string it
-			   points at.  /RL */
-			len -= e - from;
-			from = e;
-
-			/* In case there were no braces or parenthesis around
-			   the variable reference, we have to put back the
-			   character that was replaced with a '\0'.  /RL */
-			*rp = r;
-		} else
-			buf->data[to++] = *(from++);
-	}
-	buf->data[to]='\0';
-	free(*pto);
-	*pto = buf->data;
-	free(buf);
-	return (1);
-
-err:
-	if (buf != NULL)
-		BUF_MEM_free(buf);
-	return (0);
-}
-
-static char *
-eat_ws(CONF *conf, char *p)
-{
-	while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
-		p++;
-	return (p);
-}
-
-static char *
-eat_alpha_numeric(CONF *conf, char *p)
-{
-	for (;;) {
-		if (IS_ESC(conf, *p)) {
-			p = scan_esc(conf, p);
-			continue;
-		}
-		if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p))
-			return (p);
-		p++;
-	}
-}
-
-static char *
-scan_quote(CONF *conf, char *p)
-{
-	int q = *p;
-
-	p++;
-	while (!(IS_EOF(conf, *p)) && (*p != q)) {
-		if (IS_ESC(conf, *p)) {
-			p++;
-			if (IS_EOF(conf, *p))
-				return (p);
-		}
-		p++;
-	}
-	if (*p == q)
-		p++;
-	return (p);
-}
-
-
-static char *
-scan_dquote(CONF *conf, char *p)
-{
-	int q = *p;
-
-	p++;
-	while (!(IS_EOF(conf, *p))) {
-		if (*p == q) {
-			if (*(p + 1) == q) {
-				p++;
-			} else {
-				break;
-			}
-		}
-		p++;
-	}
-	if (*p == q)
-		p++;
-	return (p);
-}
-
-static void
-dump_value_doall_arg(CONF_VALUE *a, BIO *out)
-{
-	if (a->name)
-		BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
-	else
-		BIO_printf(out, "[[%s]]\n", a->section);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO)
-
-static int
-def_dump(const CONF *conf, BIO *out)
-{
-	lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value),
-	    BIO, out);
-	return 1;
-}
-
-static int
-def_is_number(const CONF *conf, char c)
-{
-	return IS_NUMBER(conf, c);
-}
-
-static int
-def_to_int(const CONF *conf, char c)
-{
-	return c - '0';
-}
diff --git a/lib/libssl/src/crypto/conf/conf_def.h b/lib/libssl/src/crypto/conf/conf_def.h
deleted file mode 100644
index 8f8c1fd961b..00000000000
--- a/lib/libssl/src/crypto/conf/conf_def.h
+++ /dev/null
@@ -1,162 +0,0 @@
-/* $OpenBSD: conf_def.h,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
-   Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER		1
-#define CONF_UPPER		2
-#define CONF_LOWER		4
-#define CONF_UNDER		256
-#define CONF_PUNCTUATION	512
-#define CONF_WS			16
-#define CONF_ESC		32
-#define CONF_QUOTE		64
-#define CONF_DQUOTE		1024
-#define CONF_COMMENT		128
-#define CONF_FCOMMENT		2048
-#define CONF_EOF		8
-#define CONF_HIGHBIT		4096
-#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
-					CONF_PUNCTUATION)
-
-#define KEYTYPES(c)		((unsigned short *)((c)->meth_data))
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \
-				(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-
-static unsigned short CONF_type_default[256] = {
-	0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
-	0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0010, 0x0200, 0x0040, 0x0080, 0x0000, 0x0200, 0x0200, 0x0040,
-	0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
-	0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
-	0x0001, 0x0001, 0x0000, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200,
-	0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0000, 0x0020, 0x0000, 0x0200, 0x0100,
-	0x0040, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-};
-
-static unsigned short CONF_type_win32[256] = {
-	0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
-	0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
-	0x0010, 0x0200, 0x0400, 0x0000, 0x0000, 0x0200, 0x0200, 0x0000,
-	0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
-	0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
-	0x0001, 0x0001, 0x0000, 0x0A00, 0x0000, 0x0000, 0x0000, 0x0200,
-	0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
-	0x0002, 0x0002, 0x0002, 0x0000, 0x0000, 0x0000, 0x0200, 0x0100,
-	0x0000, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
-	0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-	0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
-};
diff --git a/lib/libssl/src/crypto/conf/conf_err.c b/lib/libssl/src/crypto/conf/conf_err.c
deleted file mode 100644
index a1a7cbe42e1..00000000000
--- a/lib/libssl/src/crypto/conf/conf_err.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* $OpenBSD: conf_err.c,v 1.12 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
-
-static ERR_STRING_DATA CONF_str_functs[]= {
-	{ERR_FUNC(CONF_F_CONF_DUMP_FP),	"CONF_dump_fp"},
-	{ERR_FUNC(CONF_F_CONF_LOAD),	"CONF_load"},
-	{ERR_FUNC(CONF_F_CONF_LOAD_BIO),	"CONF_load_bio"},
-	{ERR_FUNC(CONF_F_CONF_LOAD_FP),	"CONF_load_fp"},
-	{ERR_FUNC(CONF_F_CONF_MODULES_LOAD),	"CONF_modules_load"},
-	{ERR_FUNC(CONF_F_CONF_PARSE_LIST),	"CONF_parse_list"},
-	{ERR_FUNC(CONF_F_DEF_LOAD),	"DEF_LOAD"},
-	{ERR_FUNC(CONF_F_DEF_LOAD_BIO),	"DEF_LOAD_BIO"},
-	{ERR_FUNC(CONF_F_MODULE_INIT),	"MODULE_INIT"},
-	{ERR_FUNC(CONF_F_MODULE_LOAD_DSO),	"MODULE_LOAD_DSO"},
-	{ERR_FUNC(CONF_F_MODULE_RUN),	"MODULE_RUN"},
-	{ERR_FUNC(CONF_F_NCONF_DUMP_BIO),	"NCONF_dump_bio"},
-	{ERR_FUNC(CONF_F_NCONF_DUMP_FP),	"NCONF_dump_fp"},
-	{ERR_FUNC(CONF_F_NCONF_GET_NUMBER),	"NCONF_get_number"},
-	{ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E),	"NCONF_get_number_e"},
-	{ERR_FUNC(CONF_F_NCONF_GET_SECTION),	"NCONF_get_section"},
-	{ERR_FUNC(CONF_F_NCONF_GET_STRING),	"NCONF_get_string"},
-	{ERR_FUNC(CONF_F_NCONF_LOAD),	"NCONF_load"},
-	{ERR_FUNC(CONF_F_NCONF_LOAD_BIO),	"NCONF_load_bio"},
-	{ERR_FUNC(CONF_F_NCONF_LOAD_FP),	"NCONF_load_fp"},
-	{ERR_FUNC(CONF_F_NCONF_NEW),	"NCONF_new"},
-	{ERR_FUNC(CONF_F_STR_COPY),	"STR_COPY"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA CONF_str_reasons[]= {
-	{ERR_REASON(CONF_R_ERROR_LOADING_DSO)    , "error loading dso"},
-	{ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL)  , "list cannot be null"},
-	{ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET), "missing close square bracket"},
-	{ERR_REASON(CONF_R_MISSING_EQUAL_SIGN)   , "missing equal sign"},
-	{ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"},
-	{ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
-	{ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR), "module initialization error"},
-	{ERR_REASON(CONF_R_NO_CLOSE_BRACE)       , "no close brace"},
-	{ERR_REASON(CONF_R_NO_CONF)              , "no conf"},
-	{ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE), "no conf or environment variable"},
-	{ERR_REASON(CONF_R_NO_SECTION)           , "no section"},
-	{ERR_REASON(CONF_R_NO_SUCH_FILE)         , "no such file"},
-	{ERR_REASON(CONF_R_NO_VALUE)             , "no value"},
-	{ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION), "unable to create new section"},
-	{ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME)  , "unknown module name"},
-	{ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_CONF_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, CONF_str_functs);
-		ERR_load_strings(0, CONF_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/conf/conf_lib.c b/lib/libssl/src/crypto/conf/conf_lib.c
deleted file mode 100644
index c7e026e7257..00000000000
--- a/lib/libssl/src/crypto/conf/conf_lib.c
+++ /dev/null
@@ -1,376 +0,0 @@
-/* $OpenBSD: conf_lib.c,v 1.14 2016/08/05 17:25:51 deraadt Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/conf.h>
-#include <openssl/conf_api.h>
-#include <openssl/lhash.h>
-
-static CONF_METHOD *default_CONF_method = NULL;
-
-/* Init a 'CONF' structure from an old LHASH */
-
-void
-CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash)
-{
-	if (default_CONF_method == NULL)
-		default_CONF_method = NCONF_default();
-	default_CONF_method->init(conf);
-	conf->data = hash;
-}
-
-/* The following section contains the "CONF classic" functions,
-   rewritten in terms of the new CONF interface. */
-
-int
-CONF_set_default_method(CONF_METHOD *meth)
-{
-	default_CONF_method = meth;
-	return 1;
-}
-
-LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
-    long *eline)
-{
-	LHASH_OF(CONF_VALUE) *ltmp;
-	BIO *in = NULL;
-
-	in = BIO_new_file(file, "rb");
-	if (in == NULL) {
-		CONFerr(CONF_F_CONF_LOAD, ERR_R_SYS_LIB);
-		return NULL;
-	}
-
-	ltmp = CONF_load_bio(conf, in, eline);
-	BIO_free(in);
-
-	return ltmp;
-}
-
-LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
-    long *eline)
-{
-	BIO *btmp;
-	LHASH_OF(CONF_VALUE) *ltmp;
-
-	if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
-		return NULL;
-	}
-	ltmp = CONF_load_bio(conf, btmp, eline);
-	BIO_free(btmp);
-	return ltmp;
-}
-
-LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
-    long *eline)
-{
-	CONF ctmp;
-	int ret;
-
-	CONF_set_nconf(&ctmp, conf);
-
-	ret = NCONF_load_bio(&ctmp, bp, eline);
-	if (ret)
-		return ctmp.data;
-	return NULL;
-}
-
-STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
-    const char *section)
-{
-	if (conf == NULL) {
-		return NULL;
-	} else {
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		return NCONF_get_section(&ctmp, section);
-	}
-}
-
-char *
-CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
-    const char *name)
-{
-	if (conf == NULL) {
-		return NCONF_get_string(NULL, group, name);
-	} else {
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		return NCONF_get_string(&ctmp, group, name);
-	}
-}
-
-long
-CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
-    const char *name)
-{
-	int status;
-	long result = 0;
-
-	if (conf == NULL) {
-		status = NCONF_get_number_e(NULL, group, name, &result);
-	} else {
-		CONF ctmp;
-		CONF_set_nconf(&ctmp, conf);
-		status = NCONF_get_number_e(&ctmp, group, name, &result);
-	}
-
-	if (status == 0) {
-		/* This function does not believe in errors... */
-		ERR_clear_error();
-	}
-	return result;
-}
-
-void
-CONF_free(LHASH_OF(CONF_VALUE) *conf)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	NCONF_free_data(&ctmp);
-}
-
-int
-CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
-{
-	BIO *btmp;
-	int ret;
-
-	if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_CONF_DUMP_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = CONF_dump_bio(conf, btmp);
-	BIO_free(btmp);
-	return ret;
-}
-
-int
-CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return NCONF_dump_bio(&ctmp, out);
-}
-
-/* The following section contains the "New CONF" functions.  They are
-   completely centralised around a new CONF structure that may contain
-   basically anything, but at least a method pointer and a table of data.
-   These functions are also written in terms of the bridge functions used
-   by the "CONF classic" functions, for consistency.  */
-
-CONF *
-NCONF_new(CONF_METHOD *meth)
-{
-	CONF *ret;
-
-	if (meth == NULL)
-		meth = NCONF_default();
-
-	ret = meth->create(meth);
-	if (ret == NULL) {
-		CONFerr(CONF_F_NCONF_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-
-	return ret;
-}
-
-void
-NCONF_free(CONF *conf)
-{
-	if (conf == NULL)
-		return;
-	conf->meth->destroy(conf);
-}
-
-void
-NCONF_free_data(CONF *conf)
-{
-	if (conf == NULL)
-		return;
-	conf->meth->destroy_data(conf);
-}
-
-int
-NCONF_load(CONF *conf, const char *file, long *eline)
-{
-	if (conf == NULL) {
-		CONFerr(CONF_F_NCONF_LOAD, CONF_R_NO_CONF);
-		return 0;
-	}
-
-	return conf->meth->load(conf, file, eline);
-}
-
-int
-NCONF_load_fp(CONF *conf, FILE *fp, long *eline)
-{
-	BIO *btmp;
-	int ret;
-
-	if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_NCONF_LOAD_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = NCONF_load_bio(conf, btmp, eline);
-	BIO_free(btmp);
-	return ret;
-}
-
-int
-NCONF_load_bio(CONF *conf, BIO *bp, long *eline)
-{
-	if (conf == NULL) {
-		CONFerr(CONF_F_NCONF_LOAD_BIO, CONF_R_NO_CONF);
-		return 0;
-	}
-
-	return conf->meth->load_bio(conf, bp, eline);
-}
-
-STACK_OF(CONF_VALUE) *
-NCONF_get_section(const CONF *conf, const char *section)
-{
-	if (conf == NULL) {
-		CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_CONF);
-		return NULL;
-	}
-
-	if (section == NULL) {
-		CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_SECTION);
-		return NULL;
-	}
-
-	return _CONF_get_section_values(conf, section);
-}
-
-char *
-NCONF_get_string(const CONF *conf, const char *group, const char *name)
-{
-	char *s = _CONF_get_string(conf, group, name);
-
-        /* Since we may get a value from an environment variable even
-           if conf is NULL, let's check the value first */
-	if (s)
-		return s;
-
-	if (conf == NULL) {
-		CONFerr(CONF_F_NCONF_GET_STRING,
-		    CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
-		return NULL;
-	}
-	CONFerr(CONF_F_NCONF_GET_STRING, CONF_R_NO_VALUE);
-	ERR_asprintf_error_data("group=%s name=%s",
-	    group ? group : "", name);
-	return NULL;
-}
-
-int
-NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
-    long *result)
-{
-	char *str;
-
-	if (result == NULL) {
-		CONFerr(CONF_F_NCONF_GET_NUMBER_E, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-
-	str = NCONF_get_string(conf, group, name);
-
-	if (str == NULL)
-		return 0;
-
-	for (*result = 0; conf->meth->is_number(conf, *str); ) {
-		*result = (*result) * 10 + conf->meth->to_int(conf, *str);
-		str++;
-	}
-
-	return 1;
-}
-
-int
-NCONF_dump_fp(const CONF *conf, FILE *out)
-{
-	BIO *btmp;
-	int ret;
-	if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
-		CONFerr(CONF_F_NCONF_DUMP_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = NCONF_dump_bio(conf, btmp);
-	BIO_free(btmp);
-	return ret;
-}
-
-int
-NCONF_dump_bio(const CONF *conf, BIO *out)
-{
-	if (conf == NULL) {
-		CONFerr(CONF_F_NCONF_DUMP_BIO, CONF_R_NO_CONF);
-		return 0;
-	}
-
-	return conf->meth->dump(conf, out);
-}
diff --git a/lib/libssl/src/crypto/conf/conf_mall.c b/lib/libssl/src/crypto/conf/conf_mall.c
deleted file mode 100644
index 18631b3ba81..00000000000
--- a/lib/libssl/src/crypto/conf/conf_mall.c
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: conf_mall.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* Load all OpenSSL builtin modules */
-
-void
-OPENSSL_load_builtin_modules(void)
-{
-	/* Add builtin modules here */
-	ASN1_add_oid_module();
-#ifndef OPENSSL_NO_ENGINE
-	ENGINE_add_conf_module();
-#endif
-}
diff --git a/lib/libssl/src/crypto/conf/conf_mod.c b/lib/libssl/src/crypto/conf/conf_mod.c
deleted file mode 100644
index cb54cc2a87a..00000000000
--- a/lib/libssl/src/crypto/conf/conf_mod.c
+++ /dev/null
@@ -1,599 +0,0 @@
-/* $OpenBSD: conf_mod.c,v 1.26 2015/04/11 16:03:21 deraadt Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/conf.h>
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#define DSO_mod_init_name "OPENSSL_init"
-#define DSO_mod_finish_name "OPENSSL_finish"
-
-/* This structure contains a data about supported modules.
- * entries in this table correspond to either dynamic or
- * static modules.
- */
-
-struct conf_module_st {
-	/* DSO of this module or NULL if static */
-	DSO *dso;
-	/* Name of the module */
-	char *name;
-	/* Init function */
-	conf_init_func *init;
-	/* Finish function */
-	conf_finish_func *finish;
-	/* Number of successfully initialized modules */
-	int links;
-	void *usr_data;
-};
-
-
-/* This structure contains information about modules that have been
- * successfully initialized. There may be more than one entry for a
- * given module.
- */
-
-struct conf_imodule_st {
-	CONF_MODULE *pmod;
-	char *name;
-	char *value;
-	unsigned long flags;
-	void *usr_data;
-};
-
-static STACK_OF(CONF_MODULE) *supported_modules = NULL;
-static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
-
-static void module_free(CONF_MODULE *md);
-static void module_finish(CONF_IMODULE *imod);
-static int module_run(const CONF *cnf, char *name, char *value,
-    unsigned long flags);
-static CONF_MODULE *module_add(DSO *dso, const char *name,
-    conf_init_func *ifunc, conf_finish_func *ffunc);
-static CONF_MODULE *module_find(char *name);
-static int module_init(CONF_MODULE *pmod, char *name, char *value,
-    const CONF *cnf);
-static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
-    unsigned long flags);
-
-/* Main function: load modules from a CONF structure */
-
-int
-CONF_modules_load(const CONF *cnf, const char *appname, unsigned long flags)
-{
-	STACK_OF(CONF_VALUE) *values;
-	CONF_VALUE *vl;
-	char *vsection = NULL;
-
-	int ret, i;
-
-	if (!cnf)
-		return 1;
-
-	if (appname)
-		vsection = NCONF_get_string(cnf, NULL, appname);
-
-	if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
-		vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
-
-	if (!vsection) {
-		ERR_clear_error();
-		return 1;
-	}
-
-	values = NCONF_get_section(cnf, vsection);
-
-	if (!values)
-		return 0;
-
-	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-		vl = sk_CONF_VALUE_value(values, i);
-		ret = module_run(cnf, vl->name, vl->value, flags);
-		if (ret <= 0)
-			if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
-				return ret;
-	}
-
-	return 1;
-}
-
-int
-CONF_modules_load_file(const char *filename, const char *appname,
-    unsigned long flags)
-{
-	char *file = NULL;
-	CONF *conf = NULL;
-	int ret = 0;
-	conf = NCONF_new(NULL);
-	if (!conf)
-		goto err;
-
-	if (filename == NULL) {
-		file = CONF_get1_default_config_file();
-		if (!file)
-			goto err;
-	} else
-		file = (char *)filename;
-
-	if (NCONF_load(conf, file, NULL) <= 0) {
-		if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
-		    (ERR_GET_REASON(ERR_peek_last_error()) ==
-		    CONF_R_NO_SUCH_FILE)) {
-			ERR_clear_error();
-			ret = 1;
-		}
-		goto err;
-	}
-
-	ret = CONF_modules_load(conf, appname, flags);
-
-err:
-	if (filename == NULL)
-		free(file);
-	NCONF_free(conf);
-
-	return ret;
-}
-
-static int
-module_run(const CONF *cnf, char *name, char *value, unsigned long flags)
-{
-	CONF_MODULE *md;
-	int ret;
-
-	md = module_find(name);
-
-	/* Module not found: try to load DSO */
-	if (!md && !(flags & CONF_MFLAGS_NO_DSO))
-		md = module_load_dso(cnf, name, value, flags);
-
-	if (!md) {
-		if (!(flags & CONF_MFLAGS_SILENT)) {
-			CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
-			ERR_asprintf_error_data("module=%s", name);
-		}
-		return -1;
-	}
-
-	ret = module_init(md, name, value, cnf);
-
-	if (ret <= 0) {
-		if (!(flags & CONF_MFLAGS_SILENT)) {
-			CONFerr(CONF_F_MODULE_RUN,
-			    CONF_R_MODULE_INITIALIZATION_ERROR);
-			ERR_asprintf_error_data
-			    ("module=%s, value=%s, retcode=%-8d",
-			    name, value, ret);
-		}
-	}
-
-	return ret;
-}
-
-/* Load a module from a DSO */
-static CONF_MODULE *
-module_load_dso(const CONF *cnf, char *name, char *value, unsigned long flags)
-{
-	DSO *dso = NULL;
-	conf_init_func *ifunc;
-	conf_finish_func *ffunc;
-	char *path = NULL;
-	int errcode = 0;
-	CONF_MODULE *md;
-
-	/* Look for alternative path in module section */
-	path = NCONF_get_string(cnf, value, "path");
-	if (!path) {
-		ERR_clear_error();
-		path = name;
-	}
-	dso = DSO_load(NULL, path, NULL, 0);
-	if (!dso) {
-		errcode = CONF_R_ERROR_LOADING_DSO;
-		goto err;
-	}
-	ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
-	if (!ifunc) {
-		errcode = CONF_R_MISSING_INIT_FUNCTION;
-		goto err;
-	}
-	ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
-	/* All OK, add module */
-	md = module_add(dso, name, ifunc, ffunc);
-
-	if (!md)
-		goto err;
-
-	return md;
-
-err:
-	if (dso)
-		DSO_free(dso);
-	CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
-	ERR_asprintf_error_data("module=%s, path=%s", name, path);
-	return NULL;
-}
-
-/* add module to list */
-static CONF_MODULE *
-module_add(DSO *dso, const char *name, conf_init_func *ifunc,
-    conf_finish_func *ffunc)
-{
-	CONF_MODULE *tmod = NULL;
-
-	if (name == NULL)
-		return NULL;
-	if (supported_modules == NULL)
-		supported_modules = sk_CONF_MODULE_new_null();
-	if (supported_modules == NULL)
-		return NULL;
-	tmod = malloc(sizeof(CONF_MODULE));
-	if (tmod == NULL)
-		return NULL;
-
-	tmod->dso = dso;
-	tmod->name = strdup(name);
-	tmod->init = ifunc;
-	tmod->finish = ffunc;
-	tmod->links = 0;
-
-	if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
-		free(tmod);
-		return NULL;
-	}
-
-	return tmod;
-}
-
-/* Find a module from the list. We allow module names of the
- * form modname.XXXX to just search for modname to allow the
- * same module to be initialized more than once.
- */
-
-static CONF_MODULE *
-module_find(char *name)
-{
-	CONF_MODULE *tmod;
-	int i, nchar;
-	char *p;
-
-	p = strrchr(name, '.');
-
-	if (p)
-		nchar = p - name;
-	else
-		nchar = strlen(name);
-
-	for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
-		tmod = sk_CONF_MODULE_value(supported_modules, i);
-		if (!strncmp(tmod->name, name, nchar))
-			return tmod;
-	}
-
-	return NULL;
-}
-
-/* initialize a module */
-static int
-module_init(CONF_MODULE *pmod, char *name, char *value, const CONF *cnf)
-{
-	int ret = 1;
-	int init_called = 0;
-	CONF_IMODULE *imod = NULL;
-
-	/* Otherwise add initialized module to list */
-	imod = malloc(sizeof(CONF_IMODULE));
-	if (!imod)
-		goto err;
-
-	imod->pmod = pmod;
-	imod->name = name ? strdup(name) : NULL;
-	imod->value = value ? strdup(value) : NULL;
-	imod->usr_data = NULL;
-
-	if (!imod->name || !imod->value)
-		goto memerr;
-
-	/* Try to initialize module */
-	if (pmod->init) {
-		ret = pmod->init(imod, cnf);
-		init_called = 1;
-		/* Error occurred, exit */
-		if (ret <= 0)
-			goto err;
-	}
-
-	if (initialized_modules == NULL) {
-		initialized_modules = sk_CONF_IMODULE_new_null();
-		if (!initialized_modules) {
-			CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-
-	if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
-		CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	pmod->links++;
-
-	return ret;
-
-err:
-	/* We've started the module so we'd better finish it */
-	if (pmod->finish && init_called)
-		pmod->finish(imod);
-
-memerr:
-	if (imod) {
-		free(imod->name);
-		free(imod->value);
-		free(imod);
-	}
-
-	return -1;
-}
-
-/* Unload any dynamic modules that have a link count of zero:
- * i.e. have no active initialized modules. If 'all' is set
- * then all modules are unloaded including static ones.
- */
-
-void
-CONF_modules_unload(int all)
-{
-	int i;
-	CONF_MODULE *md;
-
-	CONF_modules_finish();
-
-	/* unload modules in reverse order */
-	for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
-		md = sk_CONF_MODULE_value(supported_modules, i);
-		/* If static or in use and 'all' not set ignore it */
-		if (((md->links > 0) || !md->dso) && !all)
-			continue;
-		/* Since we're working in reverse this is OK */
-		(void)sk_CONF_MODULE_delete(supported_modules, i);
-		module_free(md);
-	}
-	if (sk_CONF_MODULE_num(supported_modules) == 0) {
-		sk_CONF_MODULE_free(supported_modules);
-		supported_modules = NULL;
-	}
-}
-
-/* unload a single module */
-static void
-module_free(CONF_MODULE *md)
-{
-	if (md->dso)
-		DSO_free(md->dso);
-	free(md->name);
-	free(md);
-}
-
-/* finish and free up all modules instances */
-
-void
-CONF_modules_finish(void)
-{
-	CONF_IMODULE *imod;
-
-	while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
-		imod = sk_CONF_IMODULE_pop(initialized_modules);
-		module_finish(imod);
-	}
-	sk_CONF_IMODULE_free(initialized_modules);
-	initialized_modules = NULL;
-}
-
-/* finish a module instance */
-
-static void
-module_finish(CONF_IMODULE *imod)
-{
-	if (imod->pmod->finish)
-		imod->pmod->finish(imod);
-	imod->pmod->links--;
-	free(imod->name);
-	free(imod->value);
-	free(imod);
-}
-
-/* Add a static module to OpenSSL */
-
-int
-CONF_module_add(const char *name, conf_init_func *ifunc,
-    conf_finish_func *ffunc)
-{
-	if (module_add(NULL, name, ifunc, ffunc))
-		return 1;
-	else
-		return 0;
-}
-
-void
-CONF_modules_free(void)
-{
-	CONF_modules_finish();
-	CONF_modules_unload(1);
-}
-
-/* Utility functions */
-
-const char *
-CONF_imodule_get_name(const CONF_IMODULE *md)
-{
-	return md->name;
-}
-
-const char *
-CONF_imodule_get_value(const CONF_IMODULE *md)
-{
-	return md->value;
-}
-
-void *
-CONF_imodule_get_usr_data(const CONF_IMODULE *md)
-{
-	return md->usr_data;
-}
-
-void
-CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
-{
-	md->usr_data = usr_data;
-}
-
-CONF_MODULE *
-CONF_imodule_get_module(const CONF_IMODULE *md)
-{
-	return md->pmod;
-}
-
-unsigned long
-CONF_imodule_get_flags(const CONF_IMODULE *md)
-{
-	return md->flags;
-}
-
-void
-CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
-{
-	md->flags = flags;
-}
-
-void *
-CONF_module_get_usr_data(CONF_MODULE *pmod)
-{
-	return pmod->usr_data;
-}
-
-void
-CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
-{
-	pmod->usr_data = usr_data;
-}
-
-/* Return default config file name */
-
-char *
-CONF_get1_default_config_file(void)
-{
-	char *file = NULL;
-
-	if (asprintf(&file, "%s/openssl.cnf",
-	    X509_get_default_cert_area()) == -1)
-		return (NULL);
-	return file;
-}
-
-/* This function takes a list separated by 'sep' and calls the
- * callback function giving the start and length of each member
- * optionally stripping leading and trailing whitespace. This can
- * be used to parse comma separated lists for example.
- */
-
-int
-CONF_parse_list(const char *list_, int sep, int nospc,
-    int (*list_cb)(const char *elem, int len, void *usr), void *arg)
-{
-	int ret;
-	const char *lstart, *tmpend, *p;
-
-	if (list_ == NULL) {
-		CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
-		return 0;
-	}
-
-	lstart = list_;
-	for (;;) {
-		if (nospc) {
-			while (*lstart && isspace((unsigned char)*lstart))
-				lstart++;
-		}
-		p = strchr(lstart, sep);
-		if (p == lstart || !*lstart)
-			ret = list_cb(NULL, 0, arg);
-		else {
-			if (p)
-				tmpend = p - 1;
-			else
-				tmpend = lstart + strlen(lstart) - 1;
-			if (nospc) {
-				while (isspace((unsigned char)*tmpend))
-					tmpend--;
-			}
-			ret = list_cb(lstart, tmpend - lstart + 1, arg);
-		}
-		if (ret <= 0)
-			return ret;
-		if (p == NULL)
-			return 1;
-		lstart = p + 1;
-	}
-}
diff --git a/lib/libssl/src/crypto/conf/conf_sap.c b/lib/libssl/src/crypto/conf/conf_sap.c
deleted file mode 100644
index a29acea7c1e..00000000000
--- a/lib/libssl/src/crypto/conf/conf_sap.c
+++ /dev/null
@@ -1,113 +0,0 @@
-/* $OpenBSD: conf_sap.c,v 1.11 2015/02/11 03:19:37 doug Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* This is the automatic configuration loader: it is called automatically by
- * OpenSSL when any of a number of standard initialisation functions are called,
- * unless this is overridden by calling OPENSSL_no_config()
- */
-
-static int openssl_configured = 0;
-
-void
-OPENSSL_config(const char *config_name)
-{
-	if (openssl_configured)
-		return;
-
-	OPENSSL_load_builtin_modules();
-#ifndef OPENSSL_NO_ENGINE
-	/* Need to load ENGINEs */
-	ENGINE_load_builtin_engines();
-#endif
-	/* Add others here? */
-
-	ERR_clear_error();
-	if (CONF_modules_load_file(NULL, config_name,
-	    CONF_MFLAGS_DEFAULT_SECTION|CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
-		BIO *bio_err;
-		ERR_load_crypto_strings();
-		if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) {
-			BIO_printf(bio_err, "Auto configuration failed\n");
-			ERR_print_errors(bio_err);
-			BIO_free(bio_err);
-		}
-		exit(1);
-	}
-
-	return;
-}
-
-void
-OPENSSL_no_config(void)
-{
-	openssl_configured = 1;
-}
diff --git a/lib/libssl/src/crypto/conf/keysets.pl b/lib/libssl/src/crypto/conf/keysets.pl
deleted file mode 100644
index fe17be57fea..00000000000
--- a/lib/libssl/src/crypto/conf/keysets.pl
+++ /dev/null
@@ -1,169 +0,0 @@
-#!/usr/local/bin/perl
-
-$NUMBER=0x01;
-$UPPER=0x02;
-$LOWER=0x04;
-$UNDER=0x100;
-$PUNCTUATION=0x200;
-$WS=0x10;
-$ESC=0x20;
-$QUOTE=0x40;
-$DQUOTE=0x400;
-$COMMENT=0x80;
-$FCOMMENT=0x800;
-$EOF=0x08;
-$HIGHBIT=0x1000;
-
-foreach (0 .. 255)
-	{
-	$v=0;
-	$c=sprintf("%c",$_);
-	$v|=$NUMBER	if ($c =~ /[0-9]/);
-	$v|=$UPPER	if ($c =~ /[A-Z]/);
-	$v|=$LOWER	if ($c =~ /[a-z]/);
-	$v|=$UNDER	if ($c =~ /_/);
-	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
-	$v|=$WS		if ($c =~ /[ \t\r\n]/);
-	$v|=$ESC	if ($c =~ /\\/);
-	$v|=$QUOTE	if ($c =~ /['`"]/); # for emacs: "`'}/)
-	$v|=$COMMENT	if ($c =~ /\#/);
-	$v|=$EOF	if ($c =~ /\0/);
-	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
-
-	push(@V_def,$v);
-	}
-
-foreach (0 .. 255)
-	{
-	$v=0;
-	$c=sprintf("%c",$_);
-	$v|=$NUMBER	if ($c =~ /[0-9]/);
-	$v|=$UPPER	if ($c =~ /[A-Z]/);
-	$v|=$LOWER	if ($c =~ /[a-z]/);
-	$v|=$UNDER	if ($c =~ /_/);
-	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
-	$v|=$WS		if ($c =~ /[ \t\r\n]/);
-	$v|=$DQUOTE	if ($c =~ /["]/); # for emacs: "}/)
-	$v|=$FCOMMENT	if ($c =~ /;/);
-	$v|=$EOF	if ($c =~ /\0/);
-	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
-
-	push(@V_w32,$v);
-	}
-
-print <<"EOF";
-/* crypto/conf/conf_def.h */
-/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay\@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay\@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* THIS FILE WAS AUTOMAGICALLY GENERATED!
-   Please modify and use keysets.pl to regenerate it. */
-
-#define CONF_NUMBER		$NUMBER
-#define CONF_UPPER		$UPPER
-#define CONF_LOWER		$LOWER
-#define CONF_UNDER		$UNDER
-#define CONF_PUNCTUATION	$PUNCTUATION
-#define CONF_WS			$WS
-#define CONF_ESC		$ESC
-#define CONF_QUOTE		$QUOTE
-#define CONF_DQUOTE		$DQUOTE
-#define CONF_COMMENT		$COMMENT
-#define CONF_FCOMMENT		$FCOMMENT
-#define CONF_EOF		$EOF
-#define CONF_HIGHBIT		$HIGHBIT
-#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
-#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
-#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
-					CONF_PUNCTUATION)
-
-#define KEYTYPES(c)		((unsigned short *)((c)->meth_data))
-#define IS_COMMENT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
-#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
-#define IS_EOF(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_EOF)
-#define IS_ESC(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_ESC)
-#define IS_NUMBER(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
-#define IS_WS(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_WS)
-#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
-#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
-				(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
-#define IS_QUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
-#define IS_DQUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
-#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-
-
-EOF
-
-print "static unsigned short CONF_type_default[256]={";
-
-for ($i=0; $i<256; $i++)
-	{
-	print "\n\t" if ($i % 8) == 0;
-	printf "0x%04X,",$V_def[$i];
-	}
-
-print "\n\t};\n\n";
-
-print "static unsigned short CONF_type_win32[256]={";
-
-for ($i=0; $i<256; $i++)
-	{
-	print "\n\t" if ($i % 8) == 0;
-	printf "0x%04X,",$V_w32[$i];
-	}
-
-print "\n\t};\n\n";
diff --git a/lib/libssl/src/crypto/conf/ssleay.cnf b/lib/libssl/src/crypto/conf/ssleay.cnf
deleted file mode 100644
index ed33af601e1..00000000000
--- a/lib/libssl/src/crypto/conf/ssleay.cnf
+++ /dev/null
@@ -1,78 +0,0 @@
-#
-# This is a test configuration file for use in SSLeay etc...
-#
-
-init = 5
-in\#it1 =10
-init2='10'
-init3='10\''
-init4="10'"
-init5='='10\'' again'
-
-SSLeay::version = 0.5.0
-
-[genrsa]
-default_bits	= 512
-SSLEAY::version = 0.5.0
-
-[gendh]
-default_bits	= 512
-def_generator	= 2
-
-[s_client]
-cipher1		= DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
-cipher2		= 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
-cipher3		= "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
-cipher4		= DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
-
-[ default ]
-cert_dir	= $ENV::HOME/.ca_certs
-
-HOME		= /tmp/eay
-
-tmp_cert_dir	= $HOME/.ca_certs
-tmp2_cert_dir	= thisis$(HOME)stuff
-
-LOGNAME	= Eric Young (home=$HOME)
-
-[ special ]
-
-H=$HOME
-H=$default::HOME
-H=$ENV::HOME
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= $HOME/.rand
-
-[ req ]
-default_bits		= 512
-default_keyfile 	= privkey.pem
-
-Attribute_type_1	= countryName
-Attribute_text_1	= Country Name (2 letter code)
-Attribute_default_1	= AU
-
-Attribute_type_2	= stateOrProvinceName
-Attribute_text_2	= State or Province Name (full name)
-Attribute_default_2	= Queensland
-
-Attribute_type_3	= localityName
-Attribute_text_3	= Locality Name (eg, city)
-
-Attribute_type_4	= organizationName
-Attribute_text_4	= Organization Name (eg, company)
-Attribute_default_4	= Mincom Pty Ltd
-
-Attribute_type_5	= organizationalUnitName
-Attribute_text_5	= Organizational Unit Name (eg, section)
-Attribute_default_5	= TR
-
-Attribute_type_6	= commonName
-Attribute_text_6	= Common Name (eg, YOUR name)
-
-Attribute_type_7	= emailAddress
-Attribute_text_7	= Email Address
-
diff --git a/lib/libssl/src/crypto/constant_time_locl.h b/lib/libssl/src/crypto/constant_time_locl.h
deleted file mode 100644
index f8f0eae7ea3..00000000000
--- a/lib/libssl/src/crypto/constant_time_locl.h
+++ /dev/null
@@ -1,209 +0,0 @@
-/* crypto/constant_time_locl.h */
-/*-
- * Utilities for constant-time cryptography.
- *
- * Author: Emilia Kasper (emilia@openssl.org)
- * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
- * (Google).
- * ====================================================================
- * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CONSTANT_TIME_LOCL_H
-# define HEADER_CONSTANT_TIME_LOCL_H
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*-
- * The boolean methods return a bitmask of all ones (0xff...f) for true
- * and 0 for false. This is useful for choosing a value based on the result
- * of a conditional in constant time. For example,
- *
- * if (a < b) {
- *   c = a;
- * } else {
- *   c = b;
- * }
- *
- * can be written as
- *
- * unsigned int lt = constant_time_lt(a, b);
- * c = constant_time_select(lt, a, b);
- */
-
-/*
- * Returns the given value with the MSB copied to all the other
- * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
- * However, this is not ensured by the C standard so you may need to
- * replace this with something else on odd CPUs.
- */
-static inline unsigned int constant_time_msb(unsigned int a);
-
-/*
- * Returns 0xff..f if a < b and 0 otherwise.
- */
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_lt_8(unsigned int a,
-                                               unsigned int b);
-
-/*
- * Returns 0xff..f if a >= b and 0 otherwise.
- */
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_ge_8(unsigned int a,
-                                               unsigned int b);
-
-/*
- * Returns 0xff..f if a == 0 and 0 otherwise.
- */
-static inline unsigned int constant_time_is_zero(unsigned int a);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_is_zero_8(unsigned int a);
-
-/*
- * Returns 0xff..f if a == b and 0 otherwise.
- */
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_8(unsigned int a,
-                                               unsigned int b);
-/* Signed integers. */
-static inline unsigned int constant_time_eq_int(int a, int b);
-/* Convenience method for getting an 8-bit mask. */
-static inline unsigned char constant_time_eq_int_8(int a, int b);
-
-/*-
- * Returns (mask & a) | (~mask & b).
- *
- * When |mask| is all 1s or all 0s (as returned by the methods above),
- * the select methods return either |a| (if |mask| is nonzero) or |b|
- * (if |mask| is zero).
- */
-static inline unsigned int constant_time_select(unsigned int mask,
-                                                unsigned int a,
-                                                unsigned int b);
-/* Convenience method for unsigned chars. */
-static inline unsigned char constant_time_select_8(unsigned char mask,
-                                                   unsigned char a,
-                                                   unsigned char b);
-/* Convenience method for signed integers. */
-static inline int constant_time_select_int(unsigned int mask, int a, int b);
-
-static inline unsigned int constant_time_msb(unsigned int a)
-{
-    return 0 - (a >> (sizeof(a) * 8 - 1));
-}
-
-static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
-{
-    return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
-}
-
-static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_lt(a, b));
-}
-
-static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
-{
-    return ~constant_time_lt(a, b);
-}
-
-static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_ge(a, b));
-}
-
-static inline unsigned int constant_time_is_zero(unsigned int a)
-{
-    return constant_time_msb(~a & (a - 1));
-}
-
-static inline unsigned char constant_time_is_zero_8(unsigned int a)
-{
-    return (unsigned char)(constant_time_is_zero(a));
-}
-
-static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
-{
-    return constant_time_is_zero(a ^ b);
-}
-
-static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
-{
-    return (unsigned char)(constant_time_eq(a, b));
-}
-
-static inline unsigned int constant_time_eq_int(int a, int b)
-{
-    return constant_time_eq((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned char constant_time_eq_int_8(int a, int b)
-{
-    return constant_time_eq_8((unsigned)(a), (unsigned)(b));
-}
-
-static inline unsigned int constant_time_select(unsigned int mask,
-                                                unsigned int a,
-                                                unsigned int b)
-{
-    return (mask & a) | (~mask & b);
-}
-
-static inline unsigned char constant_time_select_8(unsigned char mask,
-                                                   unsigned char a,
-                                                   unsigned char b)
-{
-    return (unsigned char)(constant_time_select(mask, a, b));
-}
-
-static inline int constant_time_select_int(unsigned int mask, int a, int b)
-{
-    return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
-}
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif                          /* HEADER_CONSTANT_TIME_LOCL_H */
diff --git a/lib/libssl/src/crypto/cpt_err.c b/lib/libssl/src/crypto/cpt_err.c
deleted file mode 100644
index 4ac32a28ec8..00000000000
--- a/lib/libssl/src/crypto/cpt_err.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* $OpenBSD: cpt_err.c,v 1.13 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/crypto.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
-
-static ERR_STRING_DATA CRYPTO_str_functs[] = {
-	{ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX),	"CRYPTO_get_ex_new_index"},
-	{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID),	"CRYPTO_get_new_dynlockid"},
-	{ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID),	"CRYPTO_get_new_lockid"},
-	{ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA),	"CRYPTO_set_ex_data"},
-	{ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX),	"DEF_ADD_INDEX"},
-	{ERR_FUNC(CRYPTO_F_DEF_GET_CLASS),	"DEF_GET_CLASS"},
-	{ERR_FUNC(CRYPTO_F_FIPS_MODE_SET),	"FIPS_mode_set"},
-	{ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA),	"INT_DUP_EX_DATA"},
-	{ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA),	"INT_FREE_EX_DATA"},
-	{ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA),	"INT_NEW_EX_DATA"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA CRYPTO_str_reasons[] = {
-	{ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-	{ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK), "no dynlock create callback"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_CRYPTO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, CRYPTO_str_functs);
-		ERR_load_strings(0, CRYPTO_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/cryptlib.c b/lib/libssl/src/crypto/cryptlib.c
deleted file mode 100644
index 0f2c5970bc9..00000000000
--- a/lib/libssl/src/crypto/cryptlib.c
+++ /dev/null
@@ -1,716 +0,0 @@
-/* $OpenBSD: cryptlib.c,v 1.37 2015/09/13 16:56:11 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-#include <stdarg.h>
-#include <stdint.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/safestack.h>
-#include <openssl/sha.h>
-
-DECLARE_STACK_OF(CRYPTO_dynlock)
-
-/* real #defines in crypto.h, keep these upto date */
-static const char* const lock_names[CRYPTO_NUM_LOCKS] = {
-	"<<ERROR>>",
-	"err",
-	"ex_data",
-	"x509",
-	"x509_info",
-	"x509_pkey",
-	"x509_crl",
-	"x509_req",
-	"dsa",
-	"rsa",
-	"evp_pkey",
-	"x509_store",
-	"ssl_ctx",
-	"ssl_cert",
-	"ssl_session",
-	"ssl_sess_cert",
-	"ssl",
-	"ssl_method",
-	"rand",
-	"rand2",
-	"debug_malloc",
-	"BIO",
-	"gethostbyname",
-	"getservbyname",
-	"readdir",
-	"RSA_blinding",
-	"dh",
-	"debug_malloc2",
-	"dso",
-	"dynlock",
-	"engine",
-	"ui",
-	"ecdsa",
-	"ec",
-	"ecdh",
-	"bn",
-	"ec_pre_comp",
-	"store",
-	"comp",
-	"fips",
-	"fips2",
-#if CRYPTO_NUM_LOCKS != 41
-# error "Inconsistency between crypto.h and cryptlib.c"
-#endif
-};
-
-/* This is for applications to allocate new type names in the non-dynamic
-   array of lock names.  These are numbered with positive numbers.  */
-static STACK_OF(OPENSSL_STRING) *app_locks = NULL;
-
-/* For applications that want a more dynamic way of handling threads, the
-   following stack is used.  These are externally numbered with negative
-   numbers.  */
-static STACK_OF(CRYPTO_dynlock) *dyn_locks = NULL;
-
-static void (*locking_callback)(int mode, int type,
-    const char *file, int line) = 0;
-static int (*add_lock_callback)(int *pointer, int amount,
-    int type, const char *file, int line) = 0;
-#ifndef OPENSSL_NO_DEPRECATED
-static unsigned long (*id_callback)(void) = 0;
-#endif
-static void (*threadid_callback)(CRYPTO_THREADID *) = 0;
-static struct CRYPTO_dynlock_value *(*dynlock_create_callback)(
-    const char *file, int line) = 0;
-static void (*dynlock_lock_callback)(int mode,
-    struct CRYPTO_dynlock_value *l, const char *file, int line) = 0;
-static void (*dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
-    const char *file, int line) = 0;
-
-int
-CRYPTO_get_new_lockid(char *name)
-{
-	char *str;
-	int i;
-
-	if ((app_locks == NULL) &&
-	    ((app_locks = sk_OPENSSL_STRING_new_null()) == NULL)) {
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	if (name == NULL || (str = strdup(name)) == NULL) {
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	i = sk_OPENSSL_STRING_push(app_locks, str);
-	if (!i)
-		free(str);
-	else
-		i += CRYPTO_NUM_LOCKS; /* gap of one :-) */
-	return (i);
-}
-
-int
-CRYPTO_num_locks(void)
-{
-	return CRYPTO_NUM_LOCKS;
-}
-
-int
-CRYPTO_get_new_dynlockid(void)
-{
-	int i = 0;
-	CRYPTO_dynlock *pointer = NULL;
-
-	if (dynlock_create_callback == NULL) {
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
-		    CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
-		return (0);
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-	if ((dyn_locks == NULL) &&
-	    ((dyn_locks = sk_CRYPTO_dynlock_new_null()) == NULL)) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
-		    ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	pointer = malloc(sizeof(CRYPTO_dynlock));
-	if (pointer == NULL) {
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
-		    ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	pointer->references = 1;
-	pointer->data = dynlock_create_callback(__FILE__, __LINE__);
-	if (pointer->data == NULL) {
-		free(pointer);
-		CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
-		    ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-	/* First, try to find an existing empty slot */
-	i = sk_CRYPTO_dynlock_find(dyn_locks, NULL);
-	/* If there was none, push, thereby creating a new one */
-	if (i == -1)
-		/* Since sk_push() returns the number of items on the
-		   stack, not the location of the pushed item, we need
-		   to transform the returned number into a position,
-		   by decreasing it.  */
-		i = sk_CRYPTO_dynlock_push(dyn_locks, pointer) - 1;
-	else
-		/* If we found a place with a NULL pointer, put our pointer
-		   in it.  */
-		(void)sk_CRYPTO_dynlock_set(dyn_locks, i, pointer);
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (i == -1) {
-		dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
-		free(pointer);
-	} else
-		i += 1; /* to avoid 0 */
-	return -i;
-}
-
-void
-CRYPTO_destroy_dynlockid(int i)
-{
-	CRYPTO_dynlock *pointer = NULL;
-
-	if (i)
-		i = -i - 1;
-	if (dynlock_destroy_callback == NULL)
-		return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-	if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-		return;
-	}
-	pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-	if (pointer != NULL) {
-		--pointer->references;
-		if (pointer->references <= 0) {
-			(void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
-		} else
-			pointer = NULL;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (pointer) {
-		dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
-		free(pointer);
-	}
-}
-
-struct CRYPTO_dynlock_value *
-CRYPTO_get_dynlock_value(int i)
-{
-	CRYPTO_dynlock *pointer = NULL;
-
-	if (i)
-		i = -i - 1;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
-
-	if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
-		pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
-	if (pointer)
-		pointer->references++;
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
-
-	if (pointer)
-		return pointer->data;
-	return NULL;
-}
-
-struct CRYPTO_dynlock_value *
-(*CRYPTO_get_dynlock_create_callback(void))(const char *file, int line)
-{
-	return (dynlock_create_callback);
-}
-
-void
-(*CRYPTO_get_dynlock_lock_callback(void))(int mode,
-    struct CRYPTO_dynlock_value *l, const char *file, int line)
-{
-	return (dynlock_lock_callback);
-}
-
-void
-(*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l,
-    const char *file, int line)
-{
-	return (dynlock_destroy_callback);
-}
-
-void
-CRYPTO_set_dynlock_create_callback(
-    struct CRYPTO_dynlock_value *(*func)(const char *file, int line))
-{
-	dynlock_create_callback = func;
-}
-
-void
-CRYPTO_set_dynlock_lock_callback(void (*func)(int mode,
-    struct CRYPTO_dynlock_value *l, const char *file, int line))
-{
-	dynlock_lock_callback = func;
-}
-
-void
-CRYPTO_set_dynlock_destroy_callback(
-    void (*func)(struct CRYPTO_dynlock_value *l, const char *file, int line))
-{
-	dynlock_destroy_callback = func;
-}
-
-void
-(*CRYPTO_get_locking_callback(void))(int mode, int type, const char *file,
-    int line)
-{
-	return (locking_callback);
-}
-
-int
-(*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int type,
-    const char *file, int line)
-{
-	return (add_lock_callback);
-}
-
-void
-CRYPTO_set_locking_callback(void (*func)(int mode, int type,
-    const char *file, int line))
-{
-	/* Calling this here ensures initialisation before any threads
-	 * are started.
-	 */
-	OPENSSL_init();
-	locking_callback = func;
-}
-
-void
-CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int type,
-    const char *file, int line))
-{
-	add_lock_callback = func;
-}
-
-/* the memset() here and in set_pointer() seem overkill, but for the sake of
- * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause two
- * "equal" THREADID structs to not be memcmp()-identical. */
-void
-CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val)
-{
-	memset(id, 0, sizeof(*id));
-	id->val = val;
-}
-
-void
-CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
-{
-	memset(id, 0, sizeof(*id));
-	id->ptr = ptr;
-#if ULONG_MAX >= UINTPTR_MAX
-	/*s u 'ptr' can be embedded in 'val' without loss of uniqueness */
-	id->val = (uintptr_t)id->ptr;
-#else
-	{
-		SHA256_CTX ctx;
-		uint8_t results[SHA256_DIGEST_LENGTH];
-
-		SHA256_Init(&ctx);
-		SHA256_Update(&ctx, (char *)(&id->ptr), sizeof(id->ptr));
-		SHA256_Final(results, &ctx);
-		memcpy(&id->val, results, sizeof(id->val));
-	}
-#endif
-}
-
-int
-CRYPTO_THREADID_set_callback(void (*func)(CRYPTO_THREADID *))
-{
-	if (threadid_callback)
-		return 0;
-	threadid_callback = func;
-	return 1;
-}
-
-void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *)
-{
-	return threadid_callback;
-}
-
-void
-CRYPTO_THREADID_current(CRYPTO_THREADID *id)
-{
-	if (threadid_callback) {
-		threadid_callback(id);
-		return;
-	}
-#ifndef OPENSSL_NO_DEPRECATED
-	/* If the deprecated callback was set, fall back to that */
-	if (id_callback) {
-		CRYPTO_THREADID_set_numeric(id, id_callback());
-		return;
-	}
-#endif
-	/* Else pick a backup */
-	/* For everything else, default to using the address of 'errno' */
-	CRYPTO_THREADID_set_pointer(id, (void*)&errno);
-}
-
-int
-CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b)
-{
-	return memcmp(a, b, sizeof(*a));
-}
-
-void
-CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src)
-{
-	memcpy(dest, src, sizeof(*src));
-}
-
-unsigned long
-CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
-{
-	return id->val;
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-unsigned long (*CRYPTO_get_id_callback(void))(void)
-{
-	return (id_callback);
-}
-
-void
-CRYPTO_set_id_callback(unsigned long (*func)(void))
-{
-	id_callback = func;
-}
-
-unsigned long
-CRYPTO_thread_id(void)
-{
-	unsigned long ret = 0;
-
-	if (id_callback == NULL) {
-		ret = (unsigned long)getpid();
-	} else
-		ret = id_callback();
-	return (ret);
-}
-#endif
-
-void
-CRYPTO_lock(int mode, int type, const char *file, int line)
-{
-#ifdef LOCK_DEBUG
-	{
-		CRYPTO_THREADID id;
-		char *rw_text, *operation_text;
-
-		if (mode & CRYPTO_LOCK)
-			operation_text = "lock  ";
-		else if (mode & CRYPTO_UNLOCK)
-			operation_text = "unlock";
-		else
-			operation_text = "ERROR ";
-
-		if (mode & CRYPTO_READ)
-			rw_text = "r";
-		else if (mode & CRYPTO_WRITE)
-			rw_text = "w";
-		else
-			rw_text = "ERROR";
-
-		CRYPTO_THREADID_current(&id);
-		fprintf(stderr, "lock:%08lx:(%s)%s %-18s %s:%d\n",
-		    CRYPTO_THREADID_hash(&id), rw_text, operation_text,
-		    CRYPTO_get_lock_name(type), file, line);
-	}
-#endif
-	if (type < 0) {
-		if (dynlock_lock_callback != NULL) {
-			struct CRYPTO_dynlock_value *pointer =
-			    CRYPTO_get_dynlock_value(type);
-
-			OPENSSL_assert(pointer != NULL);
-
-			dynlock_lock_callback(mode, pointer, file, line);
-
-			CRYPTO_destroy_dynlockid(type);
-		}
-	} else if (locking_callback != NULL)
-		locking_callback(mode, type, file, line);
-}
-
-int
-CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
-    int line)
-{
-	int ret = 0;
-
-	if (add_lock_callback != NULL) {
-#ifdef LOCK_DEBUG
-		int before= *pointer;
-#endif
-
-		ret = add_lock_callback(pointer, amount, type, file, line);
-#ifdef LOCK_DEBUG
-		{
-			CRYPTO_THREADID id;
-			CRYPTO_THREADID_current(&id);
-			fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			    CRYPTO_THREADID_hash(&id), before, amount, ret,
-			    CRYPTO_get_lock_name(type),
-			    file, line);
-		}
-#endif
-	} else {
-		CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE, type, file, line);
-
-		ret= *pointer + amount;
-#ifdef LOCK_DEBUG
-		{
-			CRYPTO_THREADID id;
-			CRYPTO_THREADID_current(&id);
-			fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
-			    CRYPTO_THREADID_hash(&id), *pointer, amount, ret,
-			    CRYPTO_get_lock_name(type), file, line);
-		}
-#endif
-		*pointer = ret;
-		CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE, type, file, line);
-	}
-	return (ret);
-}
-
-const char *
-CRYPTO_get_lock_name(int type)
-{
-	if (type < 0)
-		return("dynamic");
-	else if (type < CRYPTO_NUM_LOCKS)
-		return (lock_names[type]);
-	else if (type - CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks))
-		return("ERROR");
-	else
-		return (sk_OPENSSL_STRING_value(app_locks,
-		    type - CRYPTO_NUM_LOCKS));
-}
-
-#if	defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
-	defined(__INTEL__) || \
-	defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-
-unsigned int  OPENSSL_ia32cap_P[2];
-
-uint64_t
-OPENSSL_cpu_caps(void)
-{
-	return *(uint64_t *)OPENSSL_ia32cap_P;
-}
-
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
-#define OPENSSL_CPUID_SETUP
-typedef unsigned long long IA32CAP;
-void
-OPENSSL_cpuid_setup(void)
-{
-	static int trigger = 0;
-	IA32CAP OPENSSL_ia32_cpuid(void);
-	IA32CAP vec;
-
-	if (trigger)
-		return;
-	trigger = 1;
-
-	vec = OPENSSL_ia32_cpuid();
-
-	/*
-	 * |(1<<10) sets a reserved bit to signal that variable
-	 * was initialized already... This is to avoid interference
-	 * with cpuid snippets in ELF .init segment.
-	 */
-	OPENSSL_ia32cap_P[0] = (unsigned int)vec | (1 << 10);
-	OPENSSL_ia32cap_P[1] = (unsigned int)(vec >> 32);
-}
-#endif
-
-#else
-unsigned long *
-OPENSSL_ia32cap_loc(void)
-{
-	return NULL;
-}
-
-uint64_t
-OPENSSL_cpu_caps(void)
-{
-	return 0;
-}
-#endif
-
-#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
-void
-OPENSSL_cpuid_setup(void)
-{
-}
-#endif
-
-static void
-OPENSSL_showfatal(const char *fmta, ...)
-{
-	va_list ap;
-
-	va_start(ap, fmta);
-	vfprintf(stderr, fmta, ap);
-	va_end(ap);
-}
-
-void
-OpenSSLDie(const char *file, int line, const char *assertion)
-{
-	OPENSSL_showfatal(
-	    "%s(%d): OpenSSL internal error, assertion failed: %s\n",
-	    file, line, assertion);
-	abort();
-}
-
-int
-CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
-{
-	size_t i;
-	const unsigned char *a = in_a;
-	const unsigned char *b = in_b;
-	unsigned char x = 0;
-
-	for (i = 0; i < len; i++)
-		x |= a[i] ^ b[i];
-
-	return x;
-}
diff --git a/lib/libssl/src/crypto/cryptlib.h b/lib/libssl/src/crypto/cryptlib.h
deleted file mode 100644
index ad679dfa8d4..00000000000
--- a/lib/libssl/src/crypto/cryptlib.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: cryptlib.h,v 1.24 2014/07/11 08:44:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_CRYPTLIB_H
-#define HEADER_CRYPTLIB_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define X509_CERT_AREA		OPENSSLDIR
-#define X509_CERT_DIR		OPENSSLDIR "/certs"
-#define X509_CERT_FILE		OPENSSLDIR "/cert.pem"
-#define X509_PRIVATE_DIR	OPENSSLDIR "/private"
-#define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
-#define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
-
-void OPENSSL_cpuid_setup(void);
-extern unsigned int OPENSSL_ia32cap_P[];
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/crypto.h b/lib/libssl/src/crypto/crypto.h
deleted file mode 100644
index c1ee78fb2fd..00000000000
--- a/lib/libssl/src/crypto/crypto.h
+++ /dev/null
@@ -1,540 +0,0 @@
-/* $OpenBSD: crypto.h,v 1.40 2015/09/17 09:51:40 bcook Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#ifndef HEADER_CRYPTO_H
-#define HEADER_CRYPTO_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/stack.h>
-#include <openssl/safestack.h>
-#include <openssl/opensslv.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Backward compatibility to SSLeay */
-/* This is more to be used to check the correct DLL is being used
- * in the MS world. */
-#define SSLEAY_VERSION_NUMBER	OPENSSL_VERSION_NUMBER
-#define SSLEAY_VERSION		0
-/* #define SSLEAY_OPTIONS	1 no longer supported */
-#define SSLEAY_CFLAGS		2
-#define SSLEAY_BUILT_ON		3
-#define SSLEAY_PLATFORM		4
-#define SSLEAY_DIR		5
-
-/* A generic structure to pass assorted data in a expandable way */
-typedef struct openssl_item_st {
-	int code;
-	void *value;		/* Not used for flag attributes */
-	size_t value_size;	/* Max size of value for output, length for input */
-	size_t *value_length;	/* Returned length of value for output */
-} OPENSSL_ITEM;
-
-
-/* When changing the CRYPTO_LOCK_* list, be sure to maintain the text lock
- * names in cryptlib.c
- */
-
-#define	CRYPTO_LOCK_ERR			1
-#define	CRYPTO_LOCK_EX_DATA		2
-#define	CRYPTO_LOCK_X509		3
-#define	CRYPTO_LOCK_X509_INFO		4
-#define	CRYPTO_LOCK_X509_PKEY		5
-#define CRYPTO_LOCK_X509_CRL		6
-#define CRYPTO_LOCK_X509_REQ		7
-#define CRYPTO_LOCK_DSA			8
-#define CRYPTO_LOCK_RSA			9
-#define CRYPTO_LOCK_EVP_PKEY		10
-#define CRYPTO_LOCK_X509_STORE		11
-#define CRYPTO_LOCK_SSL_CTX		12
-#define CRYPTO_LOCK_SSL_CERT		13
-#define CRYPTO_LOCK_SSL_SESSION		14
-#define CRYPTO_LOCK_SSL_SESS_CERT	15
-#define CRYPTO_LOCK_SSL			16
-#define CRYPTO_LOCK_SSL_METHOD		17
-#define CRYPTO_LOCK_RAND		18
-#define CRYPTO_LOCK_RAND2		19
-#define CRYPTO_LOCK_MALLOC		20
-#define CRYPTO_LOCK_BIO			21
-#define CRYPTO_LOCK_GETHOSTBYNAME	22
-#define CRYPTO_LOCK_GETSERVBYNAME	23
-#define CRYPTO_LOCK_READDIR		24
-#define CRYPTO_LOCK_RSA_BLINDING	25
-#define CRYPTO_LOCK_DH			26
-#define CRYPTO_LOCK_MALLOC2		27
-#define CRYPTO_LOCK_DSO			28
-#define CRYPTO_LOCK_DYNLOCK		29
-#define CRYPTO_LOCK_ENGINE		30
-#define CRYPTO_LOCK_UI			31
-#define CRYPTO_LOCK_ECDSA               32
-#define CRYPTO_LOCK_EC			33
-#define CRYPTO_LOCK_ECDH		34
-#define CRYPTO_LOCK_BN  		35
-#define CRYPTO_LOCK_EC_PRE_COMP		36
-#define CRYPTO_LOCK_STORE		37
-#define CRYPTO_LOCK_COMP		38
-#define CRYPTO_LOCK_FIPS		39
-#define CRYPTO_LOCK_FIPS2		40
-#define CRYPTO_NUM_LOCKS		41
-
-#define CRYPTO_LOCK		1
-#define CRYPTO_UNLOCK		2
-#define CRYPTO_READ		4
-#define CRYPTO_WRITE		8
-
-#ifndef OPENSSL_NO_LOCKING
-#ifndef CRYPTO_w_lock
-#define CRYPTO_w_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_w_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
-#define CRYPTO_r_lock(type)	\
-	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_r_unlock(type)	\
-	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
-#define CRYPTO_add(addr,amount,type)	\
-	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
-#endif
-#else
-#define CRYPTO_w_lock(a)
-#define CRYPTO_w_unlock(a)
-#define CRYPTO_r_lock(a)
-#define CRYPTO_r_unlock(a)
-#define CRYPTO_add(a,b,c)	((*(a))+=(b))
-#endif
-
-/* Some applications as well as some parts of OpenSSL need to allocate
-   and deallocate locks in a dynamic fashion.  The following typedef
-   makes this possible in a type-safe manner.  */
-/* struct CRYPTO_dynlock_value has to be defined by the application. */
-typedef struct {
-	int references;
-	struct CRYPTO_dynlock_value *data;
-} CRYPTO_dynlock;
-
-
-/* The following can be used to detect memory leaks in the SSLeay library.
- * It used, it turns on malloc checking */
-
-#define CRYPTO_MEM_CHECK_OFF	0x0	/* an enume */
-#define CRYPTO_MEM_CHECK_ON	0x1	/* a bit */
-#define CRYPTO_MEM_CHECK_ENABLE	0x2	/* a bit */
-#define CRYPTO_MEM_CHECK_DISABLE 0x3	/* an enume */
-
-/* The following are bit values to turn on or off options connected to the
- * malloc checking functionality */
-
-/* Adds time to the memory checking information */
-#define V_CRYPTO_MDEBUG_TIME	0x1 /* a bit */
-/* Adds thread number to the memory checking information */
-#define V_CRYPTO_MDEBUG_THREAD	0x2 /* a bit */
-
-#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
-
-
-/* predec of the BIO type */
-typedef struct bio_st BIO_dummy;
-
-struct crypto_ex_data_st {
-	STACK_OF(void) *sk;
-};
-DECLARE_STACK_OF(void)
-
-/* This stuff is basically class callback functions
- * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */
-
-typedef struct crypto_ex_data_func_st {
-	long argl;	/* Arbitary long */
-	void *argp;	/* Arbitary void * */
-	CRYPTO_EX_new *new_func;
-	CRYPTO_EX_free *free_func;
-	CRYPTO_EX_dup *dup_func;
-} CRYPTO_EX_DATA_FUNCS;
-
-DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
-
-/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
- * entry.
- */
-
-#define CRYPTO_EX_INDEX_BIO		0
-#define CRYPTO_EX_INDEX_SSL		1
-#define CRYPTO_EX_INDEX_SSL_CTX		2
-#define CRYPTO_EX_INDEX_SSL_SESSION	3
-#define CRYPTO_EX_INDEX_X509_STORE	4
-#define CRYPTO_EX_INDEX_X509_STORE_CTX	5
-#define CRYPTO_EX_INDEX_RSA		6
-#define CRYPTO_EX_INDEX_DSA		7
-#define CRYPTO_EX_INDEX_DH		8
-#define CRYPTO_EX_INDEX_ENGINE		9
-#define CRYPTO_EX_INDEX_X509		10
-#define CRYPTO_EX_INDEX_UI		11
-#define CRYPTO_EX_INDEX_ECDSA		12
-#define CRYPTO_EX_INDEX_ECDH		13
-#define CRYPTO_EX_INDEX_COMP		14
-#define CRYPTO_EX_INDEX_STORE		15
-
-/* Dynamically assigned indexes start from this value (don't use directly, use
- * via CRYPTO_ex_data_new_class). */
-#define CRYPTO_EX_INDEX_USER		100
-
-#define CRYPTO_malloc_init()		(0)
-#define CRYPTO_malloc_debug_init()	(0)
-
-#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
-# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */
-#  define CRYPTO_MDEBUG
-# endif
-#endif
-
-int CRYPTO_mem_ctrl(int mode);
-int CRYPTO_is_mem_check_on(void);
-
-/* for applications */
-#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
-#define MemCheck_stop()	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
-
-#define OPENSSL_malloc(num)	CRYPTO_malloc((int)num,__FILE__,__LINE__)
-#define OPENSSL_strdup(str)	CRYPTO_strdup((str),__FILE__,__LINE__)
-#define OPENSSL_realloc(addr,num) \
-	CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_realloc_clean(addr,old_num,num) \
-	CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
-#define OPENSSL_remalloc(addr,num) \
-	CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
-#define OPENSSL_freeFunc	CRYPTO_free
-#define OPENSSL_free(addr)	CRYPTO_free(addr)
-
-#define OPENSSL_malloc_locked(num) \
-	CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
-#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
-
-
-const char *SSLeay_version(int type);
-unsigned long SSLeay(void);
-
-/* An opaque type representing an implementation of "ex_data" support */
-typedef struct st_CRYPTO_EX_DATA_IMPL	CRYPTO_EX_DATA_IMPL;
-/* Return an opaque pointer to the current "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
-/* Sets the "ex_data" implementation to be used (if it's not too late) */
-int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
-/* Get a new "ex_data" class, and return the corresponding "class_index" */
-int CRYPTO_ex_data_new_class(void);
-/* Within a given class, get/register a new index */
-int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-    CRYPTO_EX_free *free_func);
-/* Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a given
- * class (invokes whatever per-class callbacks are applicable) */
-int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-    CRYPTO_EX_DATA *from);
-void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
-/* Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular index
- * (relative to the class type involved) */
-int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
-void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
-/* This function cleans up all "ex_data" state. It mustn't be called under
- * potential race-conditions. */
-void CRYPTO_cleanup_all_ex_data(void);
-
-int CRYPTO_get_new_lockid(char *name);
-
-int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */
-void CRYPTO_lock(int mode, int type, const char *file, int line);
-void CRYPTO_set_locking_callback(void (*func)(int mode, int type,
-    const char *file, int line));
-void (*CRYPTO_get_locking_callback(void))(int mode, int type,
-    const char *file, int line);
-void CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int type,
-    const char *file, int line));
-int (*CRYPTO_get_add_lock_callback(void))(int *num, int mount, int type,
-    const char *file, int line);
-
-/* Don't use this structure directly. */
-typedef struct crypto_threadid_st {
-	void *ptr;
-	unsigned long val;
-} CRYPTO_THREADID;
-/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
-void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
-void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
-int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
-void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
-void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
-int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
-void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
-unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
-#ifndef OPENSSL_NO_DEPRECATED
-void CRYPTO_set_id_callback(unsigned long (*func)(void));
-unsigned long (*CRYPTO_get_id_callback(void))(void);
-unsigned long CRYPTO_thread_id(void);
-#endif
-
-const char *CRYPTO_get_lock_name(int type);
-int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
-    int line);
-
-int CRYPTO_get_new_dynlockid(void);
-void CRYPTO_destroy_dynlockid(int i);
-struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
-void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line));
-void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line));
-void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line));
-struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file, int line);
-void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line);
-void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file, int line);
-
-/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions --
- * call the latter last if you need different functions */
-int CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t), void (*f)(void *));
-int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *));
-int CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int),
-    void *(*r)(void *, size_t, const char *, int), void (*f)(void *));
-int CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int),
-    void (*free_func)(void *));
-int CRYPTO_set_mem_debug_functions(
-    void (*m)(void *, int, const char *, int, int),
-    void (*r)(void *, void *, int, const char *, int, int),
-    void (*f)(void *, int), void (*so)(long), long (*go)(void));
-void CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
-    void (**f)(void *));
-void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *));
-void CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int),
-    void *(**r)(void *, size_t, const char *, int), void (**f)(void *));
-void CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int),
-    void (**f)(void *));
-void CRYPTO_get_mem_debug_functions(
-    void (**m)(void *, int, const char *, int, int),
-    void (**r)(void *, void *, int, const char *, int, int),
-    void (**f)(void *, int), void (**so)(long), long (**go)(void));
-
-#ifndef LIBRESSL_INTERNAL
-void *CRYPTO_malloc_locked(int num, const char *file, int line);
-void CRYPTO_free_locked(void *ptr);
-void *CRYPTO_malloc(int num, const char *file, int line);
-char *CRYPTO_strdup(const char *str, const char *file, int line);
-void CRYPTO_free(void *ptr);
-void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
-#endif
-
-void *CRYPTO_realloc_clean(void *addr, int old_num, int num,
-    const char *file, int line);
-void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
-
-#ifndef LIBRESSL_INTERNAL
-void OPENSSL_cleanse(void *ptr, size_t len);
-#endif
-
-void CRYPTO_set_mem_debug_options(long bits);
-long CRYPTO_get_mem_debug_options(void);
-
-#define CRYPTO_push_info(info) \
-        CRYPTO_push_info_(info, __FILE__, __LINE__);
-int CRYPTO_push_info_(const char *info, const char *file, int line);
-int CRYPTO_pop_info(void);
-int CRYPTO_remove_all_info(void);
-
-
-/* Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
- * used as default in CRYPTO_MDEBUG compilations): */
-/* The last argument has the following significance:
- *
- * 0:	called before the actual memory allocation has taken place
- * 1:	called after the actual memory allocation has taken place
- */
-void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, int before_p)
-	__attribute__ ((deprecated));
-void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file, int line, int before_p)
-	__attribute__ ((deprecated));
-void CRYPTO_dbg_free(void *addr, int before_p)
-	__attribute__ ((deprecated));
-/* Tell the debugging code about options.  By default, the following values
- * apply:
- *
- * 0:                           Clear all options.
- * V_CRYPTO_MDEBUG_TIME (1):    Set the "Show Time" option.
- * V_CRYPTO_MDEBUG_THREAD (2):  Set the "Show Thread Number" option.
- * V_CRYPTO_MDEBUG_ALL (3):     1 + 2
- */
-void CRYPTO_dbg_set_options(long bits)
-	__attribute__ ((deprecated));
-long CRYPTO_dbg_get_options(void)
-	__attribute__ ((deprecated));
-
-
-void CRYPTO_mem_leaks_fp(FILE *);
-void CRYPTO_mem_leaks(struct bio_st *bio);
-/* unsigned long order, char *file, int line, int num_bytes, char *addr */
-typedef void *CRYPTO_MEM_LEAK_CB(unsigned long, const char *, int, int, void *);
-void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
-
-/* die if we have to */
-void OpenSSLDie(const char *file, int line, const char *assertion);
-#define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
-
-uint64_t OPENSSL_cpu_caps(void);
-
-int OPENSSL_isservice(void);
-
-void OPENSSL_init(void);
-
-#ifndef LIBRESSL_INTERNAL
-/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
- * takes an amount of time dependent on |len|, but independent of the contents
- * of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
- * defined order as the return value when a != b is undefined, other than to be
- * non-zero. */
-int CRYPTO_memcmp(const void *a, const void *b, size_t len);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_CRYPTO_strings(void);
-
-/* Error codes for the CRYPTO functions. */
-
-/* Function codes. */
-#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX		 100
-#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID		 103
-#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID			 101
-#define CRYPTO_F_CRYPTO_SET_EX_DATA			 102
-#define CRYPTO_F_DEF_ADD_INDEX				 104
-#define CRYPTO_F_DEF_GET_CLASS				 105
-#define CRYPTO_F_FIPS_MODE_SET				 109
-#define CRYPTO_F_INT_DUP_EX_DATA			 106
-#define CRYPTO_F_INT_FREE_EX_DATA			 107
-#define CRYPTO_F_INT_NEW_EX_DATA			 108
-
-/* Reason codes. */
-#define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED		 101
-#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK		 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/cversion.c b/lib/libssl/src/crypto/cversion.c
deleted file mode 100644
index 7ffa80ec264..00000000000
--- a/lib/libssl/src/crypto/cversion.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* $OpenBSD: cversion.c,v 1.15 2014/07/11 11:42:28 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslv.h>
-
-#include "cryptlib.h"
-
-const char *
-SSLeay_version(int t)
-{
-	switch (t) {
-	case SSLEAY_VERSION:
-		return OPENSSL_VERSION_TEXT;
-	case SSLEAY_BUILT_ON:
-		return("built on: date not available");
-	case SSLEAY_CFLAGS:
-		return("compiler: information not available");
-	case SSLEAY_PLATFORM:
-		return("platform: information not available");
-	case SSLEAY_DIR:
-		return "OPENSSLDIR: \"" OPENSSLDIR "\"";
-	}
-	return("not available");
-}
-
-unsigned long
-SSLeay(void)
-{
-	return (SSLEAY_VERSION_NUMBER);
-}
diff --git a/lib/libssl/src/crypto/des/COPYRIGHT b/lib/libssl/src/crypto/des/COPYRIGHT
deleted file mode 100644
index 5469e1e4699..00000000000
--- a/lib/libssl/src/crypto/des/COPYRIGHT
+++ /dev/null
@@ -1,50 +0,0 @@
-Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
-All rights reserved.
-
-This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
-The implementation was written so as to conform with MIT's libdes.
-
-This library is free for commercial and non-commercial use as long as
-the following conditions are aheared to.  The following conditions
-apply to all code found in this distribution.
-
-Copyright remains Eric Young's, and as such any Copyright notices in
-the code are not to be removed.
-If this package is used in a product, Eric Young should be given attribution
-as the author of that the SSL library.  This can be in the form of a textual
-message at program startup or in documentation (online or textual) provided
-with the package.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-1. Redistributions of source code must retain the copyright
-   notice, this list of conditions and the following disclaimer.
-2. Redistributions in binary form must reproduce the above copyright
-   notice, this list of conditions and the following disclaimer in the
-   documentation and/or other materials provided with the distribution.
-3. All advertising materials mentioning features or use of this software
-   must display the following acknowledgement:
-   This product includes software developed by Eric Young (eay@cryptsoft.com)
-
-THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
-
-The license and distribution terms for any publically available version or
-derivative of this code cannot be changed.  i.e. this code cannot simply be
-copied and put under another distrubution license
-[including the GNU Public License.]
-
-The reason behind this being stated in this direct manner is past
-experience in code simply being copied and the attribution removed
-from it and then being distributed as part of other packages. This
-implementation was a non-trivial and unpaid effort.
diff --git a/lib/libssl/src/crypto/des/asm/crypt586.pl b/lib/libssl/src/crypto/des/asm/crypt586.pl
deleted file mode 100644
index e36f7d44bd7..00000000000
--- a/lib/libssl/src/crypto/des/asm/crypt586.pl
+++ /dev/null
@@ -1,209 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-# I've added the stuff needed for crypt() but I've not worried about making
-# things perfect.
-#
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"crypt586.pl");
-
-$L="edi";
-$R="esi";
-
-&external_label("DES_SPtrans");
-&fcrypt_body("fcrypt_body");
-&asm_finish();
-
-sub fcrypt_body
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin($name);
-
-	&comment("");
-	&comment("Load the 2 words");
-	$trans="ebp";
-
-	&xor(	$L,	$L);
-	&xor(	$R,	$R);
-
-	# PIC-ification:-)
-	&picmeup("edx","DES_SPtrans");
-	#if ($cpp)	{ &picmeup("edx","DES_SPtrans");   }
-	#else		{ &lea("edx",&DWP("DES_SPtrans")); }
-	&push("edx");	# becomes &swtmp(1)
-	#
-	&mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT
-
-	&push(&DWC(25)); # add a variable
-
-	&set_label("start");
-	for ($i=0; $i<16; $i+=2)
-		{
-		&comment("");
-		&comment("Round $i");
-		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
-
-		&comment("");
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
-		}
-	 &mov("ebx",	&swtmp(0));
-	&mov("eax",	$L);
-	 &dec("ebx");
-	&mov($L,	$R);
-	 &mov($R,	"eax");
-	&mov(&swtmp(0),	"ebx");
-	 &jnz(&label("start"));
-
-	&comment("");
-	&comment("FP");
-	&mov("edx",&wparam(0));
-
-	&FP_new($R,$L,"eax",3);
-	&mov(&DWP(0,"edx","",0),"eax");
-	&mov(&DWP(4,"edx","",0),$L);
-
-	&add("esp",8);	# remove variables
-
-	&function_end($name);
-	}
-
-sub D_ENCRYPT
-	{
-	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
-
-	&mov(	$u,		&wparam(2));			# 2
-	&mov(	$t,		$R);
-	&shr(	$t,		16);				# 1
-	&mov(	$tmp2,		&wparam(3));			# 2
-	&xor(	$t,		$R);				# 1
-
-	&and(	$u,		$t);				# 2
-	&and(	$t,		$tmp2);				# 2
-
-	&mov(	$tmp1,		$u);
-	&shl(	$tmp1,		16); 				# 1
-	&mov(	$tmp2,		$t);
-	&shl(	$tmp2,		16); 				# 1
-	&xor(	$u,		$tmp1);				# 2
-	&xor(	$t,		$tmp2);				# 2
-	&mov(	$tmp1,		&DWP(&n2a($S*4),$trans,"",0));	# 2
-	&xor(	$u,		$tmp1);
-	&mov(	$tmp2,		&DWP(&n2a(($S+1)*4),$trans,"",0));	# 2
-	&xor(	$u,		$R);
-	&xor(	$t,		$R);
-	&xor(	$t,		$tmp2);
-
-	&and(	$u,		"0xfcfcfcfc"	);		# 2
-	&xor(	$tmp1,		$tmp1);				# 1
-	&and(	$t,		"0xcfcfcfcf"	);		# 2
-	&xor(	$tmp2,		$tmp2);	
-	&movb(	&LB($tmp1),	&LB($u)	);
-	&movb(	&LB($tmp2),	&HB($u)	);
-	&rotr(	$t,		4		);
-	&mov(	$trans,		&swtmp(1));
-	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
-	&movb(	&LB($tmp1),	&LB($t)	);
-	&xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	&shr(	$u,		16);
-	&xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
-	&movb(	&LB($tmp1),	&HB($u)	);
-	&shr(	$t,		16);
-	&xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	&and(	$u,		"0xff"	);
-	&and(	$t,		"0xff"	);
-	&mov(	$tmp1,		&DWP("0x600",$trans,$tmp1,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x700",$trans,$tmp2,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x400",$trans,$u,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$tmp1,		&DWP("0x500",$trans,$t,0));
-	&xor(	$L,		$tmp1);
-	&mov(	$trans,		&wparam(1));
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask,$last)=@_;
-
-	&rotl(	$a,		$shift		) if ($shift != 0);
-	&mov(	$tt,		$a		);
-	&xor(	$a,		$b		);
-	&and(	$a,		$mask		);
-	if ($notlast eq $b)
-		{
-		&xor(	$b,		$a		);
-		&xor(	$tt,		$a		);
-		}
-	else
-		{
-		&xor(	$tt,		$a		);
-		&xor(	$b,		$a		);
-		}
-	&comment("");
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-	
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotr($tt,	3-$lr); }
-		else	{ &rotl($tt,	$lr-3); }
-		}
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotr($r,	2-$lr); }
-		else	{ &rotl($r,	$lr-2); }
-		}
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotl($r,	2-$lr); }
-		else	{ &rotr($r,	$lr-2); }
-		}
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotl($l,	3-$lr); }
-		else	{ &rotr($l,	$lr-3); }
-		}
-
-	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-	&rotr($tt	, 4);
-	}
-
diff --git a/lib/libssl/src/crypto/des/asm/des-586.pl b/lib/libssl/src/crypto/des/asm/des-586.pl
deleted file mode 100644
index 5b5f39cebd1..00000000000
--- a/lib/libssl/src/crypto/des/asm/des-586.pl
+++ /dev/null
@@ -1,453 +0,0 @@
-#!/usr/local/bin/perl
-#
-# The inner loop instruction sequence and the IP/FP modifications are from
-# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
-#
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-require "cbc.pl";
-require "desboth.pl";
-
-# base code is in microsft
-# op dest, source
-# format.
-#
-
-&asm_init($ARGV[0],"des-586.pl");
-
-$L="edi";
-$R="esi";
-$trans="ebp";
-$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV));
-# one can discuss setting this variable to 1 unconditionally, as
-# the folded loop is only 3% slower than unrolled, but >7 times smaller
-
-&public_label("DES_SPtrans");
-
-&DES_encrypt_internal();
-&DES_decrypt_internal();
-&DES_encrypt("DES_encrypt1",1);
-&DES_encrypt("DES_encrypt2",0);
-&DES_encrypt3("DES_encrypt3",1);
-&DES_encrypt3("DES_decrypt3",0);
-&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
-&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
-&DES_SPtrans();
-
-&asm_finish();
-
-sub DES_encrypt_internal()
-	{
-	&function_begin_B("_x86_DES_encrypt");
-
-	if ($small_footprint)
-	    {
-	    &lea("edx",&DWP(128,"ecx"));
-	    &push("edx");
-	    &push("ecx");
-	    &set_label("eloop");
-		&D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("");
-		&D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("");
-		&add("ecx",16);
-		&cmp("ecx",&swtmp(1));
-		&mov(&swtmp(0),"ecx");
-		&jb(&label("eloop"));
-	    &add("esp",8);
-	    }
-	else
-	    {
-	    &push("ecx");
-	    for ($i=0; $i<16; $i+=2)
-		{
-		&comment("Round $i");
-		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("Round ".sprintf("%d",$i+1));
-		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		}
-	    &add("esp",4);
-	}
-	&ret();
-
-	&function_end_B("_x86_DES_encrypt");
-	}
-	
-sub DES_decrypt_internal()
-	{
-	&function_begin_B("_x86_DES_decrypt");
-
-	if ($small_footprint)
-	    {
-	    &push("ecx");
-	    &lea("ecx",&DWP(128,"ecx"));
-	    &push("ecx");
-	    &set_label("dloop");
-		&D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("");
-		&D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("");
-		&sub("ecx",16);
-		&cmp("ecx",&swtmp(1));
-		&mov(&swtmp(0),"ecx");
-		&ja(&label("dloop"));
-	    &add("esp",8);
-	    }
-	else
-	    {
-	    &push("ecx");
-	    for ($i=15; $i>0; $i-=2)
-		{
-		&comment("Round $i");
-		&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		&comment("Round ".sprintf("%d",$i-1));
-		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
-		}
-	    &add("esp",4);
-	    }
-	&ret();
-
-	&function_end_B("_x86_DES_decrypt");
-	}
-	
-sub DES_encrypt
-	{
-	local($name,$do_ip)=@_;
-
-	&function_begin_B($name);
-
-	&push("esi");
-	&push("edi");
-
-	&comment("");
-	&comment("Load the 2 words");
-
-	if ($do_ip)
-		{
-		&mov($R,&wparam(0));
-		 &xor(	"ecx",		"ecx"		);
-
-		&push("ebx");
-		&push("ebp");
-
-		&mov("eax",&DWP(0,$R,"",0));
-		 &mov("ebx",&wparam(2));	# get encrypt flag
-		&mov($L,&DWP(4,$R,"",0));
-		&comment("");
-		&comment("IP");
-		&IP_new("eax",$L,$R,3);
-		}
-	else
-		{
-		&mov("eax",&wparam(0));
-		 &xor(	"ecx",		"ecx"		);
-
-		&push("ebx");
-		&push("ebp");
-
-		&mov($R,&DWP(0,"eax","",0));
-		 &mov("ebx",&wparam(2));	# get encrypt flag
-		&rotl($R,3);
-		&mov($L,&DWP(4,"eax","",0));
-		&rotl($L,3);
-		}
-
-	# PIC-ification:-)
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($trans);
-	&lea	($trans,&DWP(&label("DES_SPtrans")."-".&label("pic_point"),$trans));
-
-	&mov(	"ecx",	&wparam(1)	);
-
-	&cmp("ebx","0");
-	&je(&label("decrypt"));
-	&call("_x86_DES_encrypt");
-	&jmp(&label("done"));
-	&set_label("decrypt");
-	&call("_x86_DES_decrypt");
-	&set_label("done");
-
-	if ($do_ip)
-		{
-		&comment("");
-		&comment("FP");
-		&mov("edx",&wparam(0));
-		&FP_new($L,$R,"eax",3);
-
-		&mov(&DWP(0,"edx","",0),"eax");
-		&mov(&DWP(4,"edx","",0),$R);
-		}
-	else
-		{
-		&comment("");
-		&comment("Fixup");
-		&rotr($L,3);		# r
-		 &mov("eax",&wparam(0));
-		&rotr($R,3);		# l
-		 &mov(&DWP(0,"eax","",0),$L);
-		 &mov(&DWP(4,"eax","",0),$R);
-		}
-
-	&pop("ebp");
-	&pop("ebx");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-
-	&function_end_B($name);
-	}
-
-sub D_ENCRYPT
-	{
-	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_;
-
-	 &mov(	$u,		&DWP(&n2a($S*4),$tmp2,"",0));
-	&xor(	$tmp1,		$tmp1);
-	 &mov(	$t,		&DWP(&n2a(($S+1)*4),$tmp2,"",0));
-	&xor(	$u,		$R);
-	&xor(	$tmp2,		$tmp2);
-	 &xor(	$t,		$R);
-	&and(	$u,		"0xfcfcfcfc"	);
-	 &and(	$t,		"0xcfcfcfcf"	);
-	&movb(	&LB($tmp1),	&LB($u)	);
-	 &movb(	&LB($tmp2),	&HB($u)	);
-	&rotr(	$t,		4		);
-	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
-	 &movb(	&LB($tmp1),	&LB($t)	);
-	 &xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
-	 &movb(	&LB($tmp2),	&HB($t)	);
-	&shr(	$u,		16);
-	 &xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
-	 &movb(	&LB($tmp1),	&HB($u)	);
-	&shr(	$t,		16);
-	 &xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
-	&movb(	&LB($tmp2),	&HB($t)	);
-	 &and(	$u,		"0xff"	);
-	&and(	$t,		"0xff"	);
-	 &xor(	$L,		&DWP("0x600",$trans,$tmp1,0));
-	 &xor(	$L,		&DWP("0x700",$trans,$tmp2,0));
-	&mov(	$tmp2,		$wp1	);
-	 &xor(	$L,		&DWP("0x400",$trans,$u,0));
-	 &xor(	$L,		&DWP("0x500",$trans,$t,0));
-	}
-
-sub n2a
-	{
-	sprintf("%d",$_[0]);
-	}
-
-# now has a side affect of rotating $a by $shift
-sub R_PERM_OP
-	{
-	local($a,$b,$tt,$shift,$mask,$last)=@_;
-
-	&rotl(	$a,		$shift		) if ($shift != 0);
-	&mov(	$tt,		$a		);
-	&xor(	$a,		$b		);
-	&and(	$a,		$mask		);
-	# This can never succeed, and besides it is difficult to see what the
-	# idea was - Ben 13 Feb 99
-	if (!$last eq $b)
-		{
-		&xor(	$b,		$a		);
-		&xor(	$tt,		$a		);
-		}
-	else
-		{
-		&xor(	$tt,		$a		);
-		&xor(	$b,		$a		);
-		}
-	&comment("");
-	}
-
-sub IP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
-	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
-	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
-	
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotr($tt,	3-$lr); }
-		else	{ &rotl($tt,	$lr-3); }
-		}
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotr($r,	2-$lr); }
-		else	{ &rotl($r,	$lr-2); }
-		}
-	}
-
-sub FP_new
-	{
-	local($l,$r,$tt,$lr)=@_;
-
-	if ($lr != 2)
-		{
-		if (($lr-2) < 0)
-			{ &rotl($r,	2-$lr); }
-		else	{ &rotr($r,	$lr-2); }
-		}
-	if ($lr != 3)
-		{
-		if (($lr-3) < 0)
-			{ &rotl($l,	3-$lr); }
-		else	{ &rotr($l,	$lr-3); }
-		}
-
-	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
-	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
-	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
-	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
-	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
-	&rotr($tt	, 4);
-	}
-
-sub DES_SPtrans
-	{
-	&set_label("DES_SPtrans",64);
-	&data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802);
-	&data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002);
-	&data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802);
-	&data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002);
-	&data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800);
-	&data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800);
-	&data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002);
-	&data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000);
-	&data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002);
-	&data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800);
-	&data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002);
-	&data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000);
-	&data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802);
-	&data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000);
-	&data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800);
-	&data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802);
-	# nibble 1
-	&data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000);
-	&data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000);
-	&data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000);
-	&data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010);
-	&data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000);
-	&data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010);
-	&data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010);
-	&data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010);
-	&data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010);
-	&data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000);
-	&data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010);
-	&data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010);
-	&data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010);
-	&data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000);
-	&data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000);
-	&data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000);
-	# nibble 2
-	&data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101);
-	&data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100);
-	&data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001);
-	&data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001);
-	&data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100);
-	&data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001);
-	&data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000);
-	&data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101);
-	&data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000);
-	&data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101);
-	&data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001);
-	&data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001);
-	&data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101);
-	&data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100);
-	&data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101);
-	&data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000);
-	# nibble 3
-	&data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008);
-	&data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008);
-	&data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008);
-	&data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000);
-	&data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008);
-	&data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000);
-	&data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000);
-	&data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000);
-	&data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008);
-	&data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000);
-	&data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008);
-	&data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000);
-	&data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000);
-	&data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008);
-	&data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008);
-	&data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000);
-	# nibble 4
-	&data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420);
-	&data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000);
-	&data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400);
-	&data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000);
-	&data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420);
-	&data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020);
-	&data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020);
-	&data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400);
-	&data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000);
-	&data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400);
-	&data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000);
-	&data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020);
-	&data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420);
-	&data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000);
-	&data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420);
-	&data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020);
-	# nibble 5
-	&data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000);
-	&data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000);
-	&data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000);
-	&data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040);
-	&data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000);
-	&data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040);
-	&data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040);
-	&data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000);
-	&data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040);
-	&data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000);
-	&data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000);
-	&data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040);
-	&data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040);
-	&data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000);
-	&data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000);
-	&data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040);
-	# nibble 6
-	&data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004);
-	&data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000);
-	&data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000);
-	&data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204);
-	&data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204);
-	&data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200);
-	&data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004);
-	&data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000);
-	&data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204);
-	&data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004);
-	&data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000);
-	&data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200);
-	&data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200);
-	&data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000);
-	&data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204);
-	&data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004);
-	# nibble 7
-	&data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000);
-	&data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080);
-	&data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080);
-	&data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000);
-	&data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000);
-	&data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000);
-	&data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080);
-	&data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080);
-	&data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080);
-	&data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000);
-	&data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080);
-	&data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000);
-	&data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080);
-	&data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000);
-	&data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000);
-	&data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080);
-	}
diff --git a/lib/libssl/src/crypto/des/asm/des_enc.m4 b/lib/libssl/src/crypto/des/asm/des_enc.m4
deleted file mode 100644
index b1177358287..00000000000
--- a/lib/libssl/src/crypto/des/asm/des_enc.m4
+++ /dev/null
@@ -1,2099 +0,0 @@
-!  des_enc.m4
-!  des_enc.S  (generated from des_enc.m4)
-!
-!  UltraSPARC assembler version of the LibDES/SSLeay/OpenSSL des_enc.c file.
-!
-!  Version 1.0. 32-bit version.
-!
-!  June 8, 2000.
-!
-!  Version 2.0. 32/64-bit, PIC-ification, blended CPU adaptation
-!		by Andy Polyakov.
-!
-!  January 1, 2003.
-!
-!  Assembler version: Copyright Svend Olaf Mikkelsen.
-!
-!  Original C code: Copyright Eric A. Young.
-!
-!  This code can be freely used by LibDES/SSLeay/OpenSSL users.
-!
-!  The LibDES/SSLeay/OpenSSL copyright notices must be respected.
-!
-!  This version can be redistributed.
-!
-!  To expand the m4 macros: m4 -B 8192 des_enc.m4 > des_enc.S
-!
-!  Global registers 1 to 5 are used. This is the same as done by the
-!  cc compiler. The UltraSPARC load/store little endian feature is used.
-!
-!  Instruction grouping often refers to one CPU cycle.
-!
-!  Assemble through gcc: gcc -c -mcpu=ultrasparc -o des_enc.o des_enc.S
-!
-!  Assemble through cc:  cc -c -xarch=v8plusa -o des_enc.o des_enc.S
-!
-!  Performance improvement according to './apps/openssl speed des'
-!
-!	32-bit build:
-!		23%  faster than cc-5.2 -xarch=v8plus -xO5
-!		115% faster than gcc-3.2.1 -m32 -mcpu=ultrasparc -O5
-!	64-bit build:
-!		50%  faster than cc-5.2 -xarch=v9 -xO5
-!		100% faster than gcc-3.2.1 -m64 -mcpu=ultrasparc -O5
-!
-
-.ident "des_enc.m4 2.1"
-.file  "des_enc-sparc.S"
-
-#if defined(__SUNPRO_C) && defined(__sparcv9)
-# define ABI64  /* They've said -xarch=v9 at command line */
-#elif defined(__GNUC__) && defined(__arch64__)
-# define ABI64  /* They've said -m64 at command line */
-#endif
-
-#ifdef ABI64
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME	-192
-# define	BIAS	2047
-# define	LDPTR	ldx
-# define	STPTR	stx
-# define	ARG0	128
-# define	ARGSZ	8
-# ifndef OPENSSL_SYSNAME_ULTRASPARC
-# define OPENSSL_SYSNAME_ULTRASPARC
-# endif
-#else
-# define	FRAME	-96
-# define	BIAS	0
-# define	LDPTR	ld
-# define	STPTR	st
-# define	ARG0	68
-# define	ARGSZ	4
-#endif
-
-#define LOOPS 7
-
-#define global0 %g0
-#define global1 %g1
-#define global2 %g2
-#define global3 %g3
-#define global4 %g4
-#define global5 %g5
-
-#define local0 %l0
-#define local1 %l1
-#define local2 %l2
-#define local3 %l3
-#define local4 %l4
-#define local5 %l5
-#define local7 %l6
-#define local6 %l7
-
-#define in0 %i0
-#define in1 %i1
-#define in2 %i2
-#define in3 %i3
-#define in4 %i4
-#define in5 %i5
-#define in6 %i6
-#define in7 %i7
-
-#define out0 %o0
-#define out1 %o1
-#define out2 %o2
-#define out3 %o3
-#define out4 %o4
-#define out5 %o5
-#define out6 %o6
-#define out7 %o7
-
-#define stub stb
-
-changequote({,})
-
-
-! Macro definitions:
-
-
-! {ip_macro}
-!
-! The logic used in initial and final permutations is the same as in
-! the C code. The permutations are done with a clever shift, xor, and
-! technique.
-!
-! The macro also loads address sbox 1 to 5 to global 1 to 5, address
-! sbox 6 to local6, and addres sbox 8 to out3.
-!
-! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
-!
-! Loads key first round from address in parameter 5 to out0, out1.
-!
-! After the original LibDES initial permutation, the resulting left
-! is in the variable initially used for right and vice versa. The macro
-! implements the possibility to keep the halfs in the original registers.
-!
-! parameter 1  left
-! parameter 2  right
-! parameter 3  result left (modify in first round)
-! parameter 4  result right (use in first round)
-! parameter 5  key address
-! parameter 6  1/2 for include encryption/decryption
-! parameter 7  1 for move in1 to in3
-! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
-! parameter 9  1 for load ks3 and ks2 to in4 and in3
-
-define(ip_macro, {
-
-! {ip_macro}
-! $1 $2 $4 $3 $5 $6 $7 $8 $9
-
-	ld	[out2+256], local1
-	srl	$2, 4, local4
-
-	xor	local4, $1, local4
-	ifelse($7,1,{mov in1, in3},{nop})
-
-	ld	[out2+260], local2
-	and	local4, local1, local4
-	ifelse($8,1,{mov in3, in4},{})
-	ifelse($8,2,{mov in4, in3},{})
-
-	ld	[out2+280], out4          ! loop counter
-	sll	local4, 4, local1
-	xor	$1, local4, $1
-
-	ld	[out2+264], local3
-	srl	$1, 16, local4
-	xor	$2, local1, $2
-
-	ifelse($9,1,{LDPTR	KS3, in4},{})
-	xor	local4, $2, local4
-	nop	!sethi	%hi(DES_SPtrans), global1 ! sbox addr
-
-	ifelse($9,1,{LDPTR	KS2, in3},{})
-	and	local4, local2, local4
-	nop	!or	global1, %lo(DES_SPtrans), global1   ! sbox addr
-
-	sll	local4, 16, local1
-	xor	$2, local4, $2
-
-	srl	$2, 2, local4
-	xor	$1, local1, $1
-
-	sethi	%hi(16711680), local5
-	xor	local4, $1, local4
-
-	and	local4, local3, local4
-	or	local5, 255, local5
-
-	sll	local4, 2, local2
-	xor	$1, local4, $1
-
-	srl	$1, 8, local4
-	xor	$2, local2, $2
-
-	xor	local4, $2, local4
-	add	global1, 768, global4
-
-	and	local4, local5, local4
-	add	global1, 1024, global5
-
-	ld	[out2+272], local7
-	sll	local4, 8, local1
-	xor	$2, local4, $2
-
-	srl	$2, 1, local4
-	xor	$1, local1, $1
-
-	ld	[$5], out0                ! key 7531
-	xor	local4, $1, local4
-	add	global1, 256, global2
-
-	ld	[$5+4], out1              ! key 8642
-	and	local4, local7, local4
-	add	global1, 512, global3
-
-	sll	local4, 1, local1
-	xor	$1, local4, $1
-
-	sll	$1, 3, local3
-	xor	$2, local1, $2
-
-	sll	$2, 3, local2
-	add	global1, 1280, local6     ! address sbox 8
-
-	srl	$1, 29, local4
-	add	global1, 1792, out3       ! address sbox 8
-
-	srl	$2, 29, local1
-	or	local4, local3, $4
-
-	or	local2, local1, $3
-
-	ifelse($6, 1, {
-
-		ld	[out2+284], local5     ! 0x0000FC00 used in the rounds
-		or	local2, local1, $3
-		xor	$4, out0, local1
-
-		call .des_enc.1
-		and	local1, 252, local1
-
-	},{})
-
-	ifelse($6, 2, {
-
-		ld	[out2+284], local5     ! 0x0000FC00 used in the rounds
-		or	local2, local1, $3
-		xor	$4, out0, local1
-
-		call .des_dec.1
-		and	local1, 252, local1
-
-	},{})
-})
-
-
-! {rounds_macro}
-!
-! The logic used in the DES rounds is the same as in the C code,
-! except that calculations for sbox 1 and sbox 5 begin before
-! the previous round is finished.
-!
-! In each round one half (work) is modified based on key and the
-! other half (use).
-!
-! In this version we do two rounds in a loop repeated 7 times
-! and two rounds seperately.
-!
-! One half has the bits for the sboxes in the following positions:
-!
-!	777777xx555555xx333333xx111111xx
-!
-!	88xx666666xx444444xx222222xx8888
-!
-! The bits for each sbox are xor-ed with the key bits for that box.
-! The above xx bits are cleared, and the result used for lookup in
-! the sbox table. Each sbox entry contains the 4 output bits permuted
-! into 32 bits according to the P permutation.
-!
-! In the description of DES, left and right are switched after
-! each round, except after last round. In this code the original
-! left and right are kept in the same register in all rounds, meaning
-! that after the 16 rounds the result for right is in the register
-! originally used for left.
-!
-! parameter 1  first work (left in first round)
-! parameter 2  first use (right in first round)
-! parameter 3  enc/dec  1/-1
-! parameter 4  loop label
-! parameter 5  key address register
-! parameter 6  optional address for key next encryption/decryption
-! parameter 7  not empty for include retl
-!
-! also compares in2 to 8
-
-define(rounds_macro, {
-
-! {rounds_macro}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	xor	$2, out0, local1
-
-	ld	[out2+284], local5        ! 0x0000FC00
-	ba	$4
-	and	local1, 252, local1
-
-	.align 32
-
-$4:
-	! local6 is address sbox 6
-	! out3   is address sbox 8
-	! out4   is loop counter
-
-	ld	[global1+local1], local1
-	xor	$2, out1, out1            ! 8642
-	xor	$2, out0, out0            ! 7531
-	! fmovs	%f0, %f0                  ! fxor used for alignment
-
-	srl	out1, 4, local0           ! rotate 4 right
-	and	out0, local5, local3      ! 3
-	! fmovs	%f0, %f0
-
-	ld	[$5+$3*8], local7         ! key 7531 next round
-	srl	local3, 8, local3         ! 3
-	and	local0, 252, local2       ! 2
-	! fmovs	%f0, %f0
-
-	ld	[global3+local3],local3   ! 3
-	sll	out1, 28, out1            ! rotate
-	xor	$1, local1, $1            ! 1 finished, local1 now sbox 7
-
-	ld	[global2+local2], local2  ! 2 
-	srl	out0, 24, local1          ! 7
-	or	out1, local0, out1        ! rotate
-
-	ldub	[out2+local1], local1     ! 7 (and 0xFC)
-	srl	out1, 24, local0          ! 8
-	and	out1, local5, local4      ! 4
-
-	ldub	[out2+local0], local0     ! 8 (and 0xFC)
-	srl	local4, 8, local4         ! 4
-	xor	$1, local2, $1            ! 2 finished local2 now sbox 6
-
-	ld	[global4+local4],local4   ! 4
-	srl	out1, 16, local2          ! 6
-	xor	$1, local3, $1            ! 3 finished local3 now sbox 5
-
-	ld	[out3+local0],local0      ! 8
-	and	local2, 252, local2       ! 6
-	add	global1, 1536, local5     ! address sbox 7
-
-	ld	[local6+local2], local2   ! 6
-	srl	out0, 16, local3          ! 5
-	xor	$1, local4, $1            ! 4 finished
-
-	ld	[local5+local1],local1    ! 7
-	and	local3, 252, local3       ! 5
-	xor	$1, local0, $1            ! 8 finished
-
-	ld	[global5+local3],local3   ! 5
-	xor	$1, local2, $1            ! 6 finished
-	subcc	out4, 1, out4
-
-	ld	[$5+$3*8+4], out0         ! key 8642 next round
-	xor	$1, local7, local2        ! sbox 5 next round
-	xor	$1, local1, $1            ! 7 finished
-
-	srl	local2, 16, local2        ! sbox 5 next round
-	xor	$1, local3, $1            ! 5 finished
-
-	ld	[$5+$3*16+4], out1        ! key 8642 next round again
-	and	local2, 252, local2       ! sbox5 next round
-! next round
-	xor	$1, local7, local7        ! 7531
-
-	ld	[global5+local2], local2  ! 5
-	srl	local7, 24, local3        ! 7
-	xor	$1, out0, out0            ! 8642
-
-	ldub	[out2+local3], local3     ! 7 (and 0xFC)
-	srl	out0, 4, local0           ! rotate 4 right
-	and	local7, 252, local1       ! 1
-
-	sll	out0, 28, out0            ! rotate
-	xor	$2, local2, $2            ! 5 finished local2 used
-
-	srl	local0, 8, local4         ! 4
-	and	local0, 252, local2       ! 2
-	ld	[local5+local3], local3   ! 7
-
-	srl	local0, 16, local5        ! 6
-	or	out0, local0, out0        ! rotate
-	ld	[global2+local2], local2  ! 2
-
-	srl	out0, 24, local0
-	ld	[$5+$3*16], out0          ! key 7531 next round
-	and	local4, 252, local4	  ! 4
-
-	and	local5, 252, local5       ! 6
-	ld	[global4+local4], local4  ! 4
-	xor	$2, local3, $2            ! 7 finished local3 used
-
-	and	local0, 252, local0       ! 8
-	ld	[local6+local5], local5   ! 6
-	xor	$2, local2, $2            ! 2 finished local2 now sbox 3
-
-	srl	local7, 8, local2         ! 3 start
-	ld	[out3+local0], local0     ! 8
-	xor	$2, local4, $2            ! 4 finished
-
-	and	local2, 252, local2       ! 3
-	ld	[global1+local1], local1  ! 1
-	xor	$2, local5, $2            ! 6 finished local5 used
-
-	ld	[global3+local2], local2  ! 3
-	xor	$2, local0, $2            ! 8 finished
-	add	$5, $3*16, $5             ! enc add 8, dec add -8 to key pointer
-
-	ld	[out2+284], local5        ! 0x0000FC00
-	xor	$2, out0, local4          ! sbox 1 next round
-	xor	$2, local1, $2            ! 1 finished
-
-	xor	$2, local2, $2            ! 3 finished
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bne,pt	%icc, $4
-#else
-	bne	$4
-#endif
-	and	local4, 252, local1       ! sbox 1 next round
-
-! two rounds more:
-
-	ld	[global1+local1], local1
-	xor	$2, out1, out1
-	xor	$2, out0, out0
-
-	srl	out1, 4, local0           ! rotate
-	and	out0, local5, local3
-
-	ld	[$5+$3*8], local7         ! key 7531
-	srl	local3, 8, local3
-	and	local0, 252, local2
-
-	ld	[global3+local3],local3
-	sll	out1, 28, out1            ! rotate
-	xor	$1, local1, $1            ! 1 finished, local1 now sbox 7
-
-	ld	[global2+local2], local2
-	srl	out0, 24, local1
-	or	out1, local0, out1        ! rotate
-
-	ldub	[out2+local1], local1
-	srl	out1, 24, local0
-	and	out1, local5, local4
-
-	ldub	[out2+local0], local0
-	srl	local4, 8, local4
-	xor	$1, local2, $1            ! 2 finished local2 now sbox 6
-
-	ld	[global4+local4],local4
-	srl	out1, 16, local2
-	xor	$1, local3, $1            ! 3 finished local3 now sbox 5
-
-	ld	[out3+local0],local0
-	and	local2, 252, local2
-	add	global1, 1536, local5     ! address sbox 7
-
-	ld	[local6+local2], local2
-	srl	out0, 16, local3
-	xor	$1, local4, $1            ! 4 finished
-
-	ld	[local5+local1],local1
-	and	local3, 252, local3
-	xor	$1, local0, $1
-
-	ld	[global5+local3],local3
-	xor	$1, local2, $1            ! 6 finished
-	cmp	in2, 8
-
-	ifelse($6,{}, {}, {ld	[out2+280], out4})  ! loop counter
-	xor	$1, local7, local2        ! sbox 5 next round
-	xor	$1, local1, $1            ! 7 finished
-
-	ld	[$5+$3*8+4], out0
-	srl	local2, 16, local2        ! sbox 5 next round
-	xor	$1, local3, $1            ! 5 finished
-
-	and	local2, 252, local2
-! next round (two rounds more)
-	xor	$1, local7, local7        ! 7531
-
-	ld	[global5+local2], local2
-	srl	local7, 24, local3
-	xor	$1, out0, out0            ! 8642
-
-	ldub	[out2+local3], local3
-	srl	out0, 4, local0           ! rotate
-	and	local7, 252, local1
-
-	sll	out0, 28, out0            ! rotate
-	xor	$2, local2, $2            ! 5 finished local2 used
-
-	srl	local0, 8, local4
-	and	local0, 252, local2
-	ld	[local5+local3], local3
-
-	srl	local0, 16, local5
-	or	out0, local0, out0        ! rotate
-	ld	[global2+local2], local2
-
-	srl	out0, 24, local0
-	ifelse($6,{}, {}, {ld	[$6], out0})   ! key next encryption/decryption
-	and	local4, 252, local4
-
-	and	local5, 252, local5
-	ld	[global4+local4], local4
-	xor	$2, local3, $2            ! 7 finished local3 used
-
-	and	local0, 252, local0
-	ld	[local6+local5], local5
-	xor	$2, local2, $2            ! 2 finished local2 now sbox 3
-
-	srl	local7, 8, local2         ! 3 start
-	ld	[out3+local0], local0
-	xor	$2, local4, $2
-
-	and	local2, 252, local2
-	ld	[global1+local1], local1
-	xor	$2, local5, $2            ! 6 finished local5 used
-
-	ld	[global3+local2], local2
-	srl	$1, 3, local3
-	xor	$2, local0, $2
-
-	ifelse($6,{}, {}, {ld	[$6+4], out1}) ! key next encryption/decryption
-	sll	$1, 29, local4
-	xor	$2, local1, $2
-
-	ifelse($7,{}, {}, {retl})
-	xor	$2, local2, $2
-})
-
-
-! {fp_macro}
-!
-!  parameter 1   right (original left)
-!  parameter 2   left (original right)
-!  parameter 3   1 for optional store to [in0]
-!  parameter 4   1 for load input/output address to local5/7
-!
-!  The final permutation logic switches the halfes, meaning that
-!  left and right ends up the the registers originally used.
-
-define(fp_macro, {
-
-! {fp_macro}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	! initially undo the rotate 3 left done after initial permutation
-	! original left is received shifted 3 right and 29 left in local3/4
-
-	sll	$2, 29, local1
-	or	local3, local4, $1
-
-	srl	$2, 3, $2
-	sethi	%hi(0x55555555), local2
-
-	or	$2, local1, $2
-	or	local2, %lo(0x55555555), local2
-
-	srl	$2, 1, local3
-	sethi	%hi(0x00ff00ff), local1
-	xor	local3, $1, local3
-	or	local1, %lo(0x00ff00ff), local1
-	and	local3, local2, local3
-	sethi	%hi(0x33333333), local4
-	sll	local3, 1, local2
-
-	xor	$1, local3, $1
-
-	srl	$1, 8, local3
-	xor	$2, local2, $2
-	xor	local3, $2, local3
-	or	local4, %lo(0x33333333), local4
-	and	local3, local1, local3
-	sethi	%hi(0x0000ffff), local1
-	sll	local3, 8, local2
-
-	xor	$2, local3, $2
-
-	srl	$2, 2, local3
-	xor	$1, local2, $1
-	xor	local3, $1, local3
-	or	local1, %lo(0x0000ffff), local1
-	and	local3, local4, local3
-	sethi	%hi(0x0f0f0f0f), local4
-	sll	local3, 2, local2
-
-	ifelse($4,1, {LDPTR INPUT, local5})
-	xor	$1, local3, $1
-
-	ifelse($4,1, {LDPTR OUTPUT, local7})
-	srl	$1, 16, local3
-	xor	$2, local2, $2
-	xor	local3, $2, local3
-	or	local4, %lo(0x0f0f0f0f), local4
-	and	local3, local1, local3
-	sll	local3, 16, local2
-
-	xor	$2, local3, local1
-
-	srl	local1, 4, local3
-	xor	$1, local2, $1
-	xor	local3, $1, local3
-	and	local3, local4, local3
-	sll	local3, 4, local2
-
-	xor	$1, local3, $1
-
-	! optional store:
-
-	ifelse($3,1, {st $1, [in0]})
-
-	xor	local1, local2, $2
-
-	ifelse($3,1, {st $2, [in0+4]})
-
-})
-
-
-! {fp_ip_macro}
-!
-! Does initial permutation for next block mixed with
-! final permutation for current block.
-!
-! parameter 1   original left
-! parameter 2   original right
-! parameter 3   left ip
-! parameter 4   right ip
-! parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
-!                2: mov in4 to in3
-!
-! also adds -8 to length in2 and loads loop counter to out4
-
-define(fp_ip_macro, {
-
-! {fp_ip_macro}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	define({temp1},{out4})
-	define({temp2},{local3})
-
-	define({ip1},{local1})
-	define({ip2},{local2})
-	define({ip4},{local4})
-	define({ip5},{local5})
-
-	! $1 in local3, local4
-
-	ld	[out2+256], ip1
-	sll	out5, 29, temp1
-	or	local3, local4, $1
-
-	srl	out5, 3, $2
-	ifelse($5,2,{mov in4, in3})
-
-	ld	[out2+272], ip5
-	srl	$4, 4, local0
-	or	$2, temp1, $2
-
-	srl	$2, 1, temp1
-	xor	temp1, $1, temp1
-
-	and	temp1, ip5, temp1
-	xor	local0, $3, local0
-
-	sll	temp1, 1, temp2
-	xor	$1, temp1, $1
-
-	and	local0, ip1, local0
-	add	in2, -8, in2
-
-	sll	local0, 4, local7
-	xor	$3, local0, $3
-
-	ld	[out2+268], ip4
-	srl	$1, 8, temp1
-	xor	$2, temp2, $2
-	ld	[out2+260], ip2
-	srl	$3, 16, local0
-	xor	$4, local7, $4
-	xor	temp1, $2, temp1
-	xor	local0, $4, local0
-	and	temp1, ip4, temp1
-	and	local0, ip2, local0
-	sll	temp1, 8, temp2
-	xor	$2, temp1, $2
-	sll	local0, 16, local7
-	xor	$4, local0, $4
-
-	srl	$2, 2, temp1
-	xor	$1, temp2, $1
-
-	ld	[out2+264], temp2         ! ip3
-	srl	$4, 2, local0
-	xor	$3, local7, $3
-	xor	temp1, $1, temp1
-	xor	local0, $3, local0
-	and	temp1, temp2, temp1
-	and	local0, temp2, local0
-	sll	temp1, 2, temp2
-	xor	$1, temp1, $1
-	sll	local0, 2, local7
-	xor	$3, local0, $3
-
-	srl	$1, 16, temp1
-	xor	$2, temp2, $2
-	srl	$3, 8, local0
-	xor	$4, local7, $4
-	xor	temp1, $2, temp1
-	xor	local0, $4, local0
-	and	temp1, ip2, temp1
-	and	local0, ip4, local0
-	sll	temp1, 16, temp2
-	xor	$2, temp1, local4
-	sll	local0, 8, local7
-	xor	$4, local0, $4
-
-	srl	$4, 1, local0
-	xor	$3, local7, $3
-
-	srl	local4, 4, temp1
-	xor	local0, $3, local0
-
-	xor	$1, temp2, $1
-	and	local0, ip5, local0
-
-	sll	local0, 1, local7
-	xor	temp1, $1, temp1
-
-	xor	$3, local0, $3
-	xor	$4, local7, $4
-
-	sll	$3, 3, local5
-	and	temp1, ip1, temp1
-
-	sll	temp1, 4, temp2
-	xor	$1, temp1, $1
-
-	ifelse($5,1,{LDPTR	KS2, in4})
-	sll	$4, 3, local2
-	xor	local4, temp2, $2
-
-	! reload since used as temporar:
-
-	ld	[out2+280], out4          ! loop counter
-
-	srl	$3, 29, local0
-	ifelse($5,1,{add in4, 120, in4})
-
-	ifelse($5,1,{LDPTR	KS1, in3})
-	srl	$4, 29, local7
-
-	or	local0, local5, $4
-	or	local2, local7, $3
-
-})
-
-
-
-! {load_little_endian}
-!
-! parameter 1  address
-! parameter 2  destination left
-! parameter 3  destination right
-! parameter 4  temporar
-! parameter 5  label
-
-define(load_little_endian, {
-
-! {load_little_endian}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	! first in memory to rightmost in register
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	andcc	$1, 3, global0
-	bne,pn	%icc, $5
-	nop
-
-	lda	[$1] 0x88, $2
-	add	$1, 4, $4
-
-	ba,pt	%icc, $5a
-	lda	[$4] 0x88, $3
-#endif
-
-$5:
-	ldub	[$1+3], $2
-
-	ldub	[$1+2], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-	ldub	[$1+1], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-	ldub	[$1+0], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-
-	ldub	[$1+3+4], $3
-
-	ldub	[$1+2+4], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-
-	ldub	[$1+1+4], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-
-	ldub	[$1+0+4], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-$5a:
-
-})
-
-
-! {load_little_endian_inc}
-!
-! parameter 1  address
-! parameter 2  destination left
-! parameter 3  destination right
-! parameter 4  temporar
-! parameter 4  label
-!
-! adds 8 to address
-
-define(load_little_endian_inc, {
-
-! {load_little_endian_inc}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	! first in memory to rightmost in register
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	andcc	$1, 3, global0
-	bne,pn	%icc, $5
-	nop
-
-	lda	[$1] 0x88, $2
-	add	$1, 4, $1
-
-	lda	[$1] 0x88, $3
-	ba,pt	%icc, $5a
-	add	$1, 4, $1
-#endif
-
-$5:
-	ldub	[$1+3], $2
-
-	ldub	[$1+2], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-	ldub	[$1+1], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-	ldub	[$1+0], $4
-	sll	$2, 8, $2
-	or	$2, $4, $2
-
-	ldub	[$1+3+4], $3
-	add	$1, 8, $1
-
-	ldub	[$1+2+4-8], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-
-	ldub	[$1+1+4-8], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-
-	ldub	[$1+0+4-8], $4
-	sll	$3, 8, $3
-	or	$3, $4, $3
-$5a:
-
-})
-
-
-! {load_n_bytes}
-!
-! Loads 1 to 7 bytes little endian
-! Remaining bytes are zeroed.
-!
-! parameter 1  address
-! parameter 2  length
-! parameter 3  destination register left
-! parameter 4  destination register right
-! parameter 5  temp
-! parameter 6  temp2
-! parameter 7  label
-! parameter 8  return label
-
-define(load_n_bytes, {
-
-! {load_n_bytes}
-! $1 $2 $5 $6 $7 $8 $7 $8 $9
-
-$7.0:	call	.+8
-	sll	$2, 2, $6
-
-	add	%o7,$7.jmp.table-$7.0,$5
-
-	add	$5, $6, $5
-	mov	0, $4
-
-	ld	[$5], $5
-
-	jmp	%o7+$5
-	mov	0, $3
-
-$7.7:
-	ldub	[$1+6], $5
-	sll	$5, 16, $5
-	or	$3, $5, $3
-$7.6:
-	ldub	[$1+5], $5
-	sll	$5, 8, $5
-	or	$3, $5, $3
-$7.5:
-	ldub	[$1+4], $5
-	or	$3, $5, $3
-$7.4:
-	ldub	[$1+3], $5
-	sll	$5, 24, $5
-	or	$4, $5, $4
-$7.3:
-	ldub	[$1+2], $5
-	sll	$5, 16, $5
-	or	$4, $5, $4
-$7.2:
-	ldub	[$1+1], $5
-	sll	$5, 8, $5
-	or	$4, $5, $4
-$7.1:
-	ldub	[$1+0], $5
-	ba	$8
-	or	$4, $5, $4
-
-	.align 4
-
-$7.jmp.table:
-	.word	0
-	.word	$7.1-$7.0
-	.word	$7.2-$7.0
-	.word	$7.3-$7.0
-	.word	$7.4-$7.0
-	.word	$7.5-$7.0
-	.word	$7.6-$7.0
-	.word	$7.7-$7.0
-})
-
-
-! {store_little_endian}
-!
-! parameter 1  address
-! parameter 2  source left
-! parameter 3  source right
-! parameter 4  temporar
-
-define(store_little_endian, {
-
-! {store_little_endian}
-! $1 $2 $3 $4 $5 $6 $7 $8 $9
-
-	! rightmost in register to first in memory
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	andcc	$1, 3, global0
-	bne,pn	%icc, $5
-	nop
-
-	sta	$2, [$1] 0x88
-	add	$1, 4, $4
-
-	ba,pt	%icc, $5a
-	sta	$3, [$4] 0x88
-#endif
-
-$5:
-	and	$2, 255, $4
-	stub	$4, [$1+0]
-
-	srl	$2, 8, $4
-	and	$4, 255, $4
-	stub	$4, [$1+1]
-
-	srl	$2, 16, $4
-	and	$4, 255, $4
-	stub	$4, [$1+2]
-
-	srl	$2, 24, $4
-	stub	$4, [$1+3]
-
-
-	and	$3, 255, $4
-	stub	$4, [$1+0+4]
-
-	srl	$3, 8, $4
-	and	$4, 255, $4
-	stub	$4, [$1+1+4]
-
-	srl	$3, 16, $4
-	and	$4, 255, $4
-	stub	$4, [$1+2+4]
-
-	srl	$3, 24, $4
-	stub	$4, [$1+3+4]
-
-$5a:
-
-})
-
-
-! {store_n_bytes}
-!
-! Stores 1 to 7 bytes little endian
-!
-! parameter 1  address
-! parameter 2  length
-! parameter 3  source register left
-! parameter 4  source register right
-! parameter 5  temp
-! parameter 6  temp2
-! parameter 7  label
-! parameter 8  return label
-
-define(store_n_bytes, {
-
-! {store_n_bytes}
-! $1 $2 $5 $6 $7 $8 $7 $8 $9
-
-$7.0:	call	.+8
-	sll	$2, 2, $6
-
-	add	%o7,$7.jmp.table-$7.0,$5
-
-	add	$5, $6, $5
-
-	ld	[$5], $5
-
-	jmp	%o7+$5
-	nop
-
-$7.7:
-	srl	$3, 16, $5
-	and	$5, 0xff, $5
-	stub	$5, [$1+6]
-$7.6:
-	srl	$3, 8, $5
-	and	$5, 0xff, $5
-	stub	$5, [$1+5]
-$7.5:
-	and	$3, 0xff, $5
-	stub	$5, [$1+4]
-$7.4:
-	srl	$4, 24, $5
-	stub	$5, [$1+3]
-$7.3:
-	srl	$4, 16, $5
-	and	$5, 0xff, $5
-	stub	$5, [$1+2]
-$7.2:
-	srl	$4, 8, $5
-	and	$5, 0xff, $5
-	stub	$5, [$1+1]
-$7.1:
-	and	$4, 0xff, $5
-
-
-	ba	$8
-	stub	$5, [$1]
-
-	.align 4
-
-$7.jmp.table:
-
-	.word	0
-	.word	$7.1-$7.0
-	.word	$7.2-$7.0
-	.word	$7.3-$7.0
-	.word	$7.4-$7.0
-	.word	$7.5-$7.0
-	.word	$7.6-$7.0
-	.word	$7.7-$7.0
-})
-
-
-define(testvalue,{1})
-
-define(register_init, {
-
-! For test purposes:
-
-	sethi	%hi(testvalue), local0
-	or	local0, %lo(testvalue), local0
-
-	ifelse($1,{},{}, {mov	local0, $1})
-	ifelse($2,{},{}, {mov	local0, $2})
-	ifelse($3,{},{}, {mov	local0, $3})
-	ifelse($4,{},{}, {mov	local0, $4})
-	ifelse($5,{},{}, {mov	local0, $5})
-	ifelse($6,{},{}, {mov	local0, $6})
-	ifelse($7,{},{}, {mov	local0, $7})
-	ifelse($8,{},{}, {mov	local0, $8})
-
-	mov	local0, local1
-	mov	local0, local2
-	mov	local0, local3
-	mov	local0, local4
-	mov	local0, local5
-	mov	local0, local7
-	mov	local0, local6
-	mov	local0, out0
-	mov	local0, out1
-	mov	local0, out2
-	mov	local0, out3
-	mov	local0, out4
-	mov	local0, out5
-	mov	local0, global1
-	mov	local0, global2
-	mov	local0, global3
-	mov	local0, global4
-	mov	local0, global5
-
-})
-
-.section	".text"
-
-	.align 32
-
-.des_enc:
-
-	! key address in3
-	! loads key next encryption/decryption first round from [in4]
-
-	rounds_macro(in5, out5, 1, .des_enc.1, in3, in4, retl)
-
-
-	.align 32
-
-.des_dec:
-
-	! implemented with out5 as first parameter to avoid
-	! register exchange in ede modes
-
-	! key address in4
-	! loads key next encryption/decryption first round from [in3]
-
-	rounds_macro(out5, in5, -1, .des_dec.1, in4, in3, retl)
-
-
-
-! void DES_encrypt1(data, ks, enc)
-! *******************************
-
-	.align 32
-	.global DES_encrypt1
-	.type	 DES_encrypt1,#function
-
-DES_encrypt1:
-
-	save	%sp, FRAME, %sp
-
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	ld	[in0], in5                ! left
-	cmp	in2, 0                    ! enc
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	be,pn	%icc, .encrypt.dec        ! enc/dec
-#else
-	be	.encrypt.dec
-#endif
-	ld	[in0+4], out5             ! right
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for move in1 to in3
-	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
-
-	ip_macro(in5, out5, in5, out5, in3, 0, 1, 1)
-
-	rounds_macro(in5, out5, 1, .des_encrypt1.1, in3, in4) ! in4 not used
-
-	fp_macro(in5, out5, 1)            ! 1 for store to [in0]
-
-	ret
-	restore
-
-.encrypt.dec:
-
-	add	in1, 120, in3             ! use last subkey for first round
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for move in1 to in3
-	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
-
-	ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include dec,  ks in4
-
-	fp_macro(out5, in5, 1)            ! 1 for store to [in0]
-
-	ret
-	restore
-
-.DES_encrypt1.end:
-	.size	 DES_encrypt1,.DES_encrypt1.end-DES_encrypt1
-
-
-! void DES_encrypt2(data, ks, enc)
-!*********************************
-
-	! encrypts/decrypts without initial/final permutation
-
-	.align 32
-	.global DES_encrypt2
-	.type	 DES_encrypt2,#function
-
-DES_encrypt2:
-
-	save	%sp, FRAME, %sp
-
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	! Set sbox address 1 to 6 and rotate halfs 3 left
-	! Errors caught by destest? Yes. Still? *NO*
-
-	!sethi	%hi(DES_SPtrans), global1 ! address sbox 1
-
-	!or	global1, %lo(DES_SPtrans), global1  ! sbox 1
-
-	add	global1, 256, global2     ! sbox 2
-	add	global1, 512, global3     ! sbox 3
-
-	ld	[in0], out5               ! right
-	add	global1, 768, global4     ! sbox 4
-	add	global1, 1024, global5    ! sbox 5
-
-	ld	[in0+4], in5              ! left
-	add	global1, 1280, local6     ! sbox 6
-	add	global1, 1792, out3       ! sbox 8
-
-	! rotate
-
-	sll	in5, 3, local5
-	mov	in1, in3                  ! key address to in3
-
-	sll	out5, 3, local7
-	srl	in5, 29, in5
-
-	srl	out5, 29, out5
-	add	in5, local5, in5
-
-	add	out5, local7, out5
-	cmp	in2, 0
-
-	! we use our own stackframe
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	be,pn	%icc, .encrypt2.dec       ! decryption
-#else
-	be	.encrypt2.dec
-#endif
-	STPTR	in0, [%sp+BIAS+ARG0+0*ARGSZ]
-
-	ld	[in3], out0               ! key 7531 first round
-	mov	LOOPS, out4               ! loop counter
-
-	ld	[in3+4], out1             ! key 8642 first round
-	sethi	%hi(0x0000FC00), local5
-
-	call .des_enc
-	mov	in3, in4
-
-	! rotate
-	sll	in5, 29, in0
-	srl	in5, 3, in5
-	sll	out5, 29, in1
-	add	in5, in0, in5
-	srl	out5, 3, out5
-	LDPTR	[%sp+BIAS+ARG0+0*ARGSZ], in0
-	add	out5, in1, out5
-	st	in5, [in0]
-	st	out5, [in0+4]
-
-	ret
-	restore
-
-
-.encrypt2.dec:
-
-	add in3, 120, in4
-
-	ld	[in4], out0               ! key 7531 first round
-	mov	LOOPS, out4               ! loop counter
-
-	ld	[in4+4], out1             ! key 8642 first round
-	sethi	%hi(0x0000FC00), local5
-
-	mov	in5, local1               ! left expected in out5
-	mov	out5, in5
-
-	call .des_dec
-	mov	local1, out5
-
-.encrypt2.finish:
-
-	! rotate
-	sll	in5, 29, in0
-	srl	in5, 3, in5
-	sll	out5, 29, in1
-	add	in5, in0, in5
-	srl	out5, 3, out5
-	LDPTR	[%sp+BIAS+ARG0+0*ARGSZ], in0
-	add	out5, in1, out5
-	st	out5, [in0]
-	st	in5, [in0+4]
-
-	ret
-	restore
-
-.DES_encrypt2.end:
-	.size	 DES_encrypt2, .DES_encrypt2.end-DES_encrypt2
-
-
-! void DES_encrypt3(data, ks1, ks2, ks3)
-! **************************************
-
-	.align 32
-	.global DES_encrypt3
-	.type	 DES_encrypt3,#function
-
-DES_encrypt3:
-
-	save	%sp, FRAME, %sp
-	
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	ld	[in0], in5                ! left
-	add	in2, 120, in4             ! ks2
-
-	ld	[in0+4], out5             ! right
-	mov	in3, in2                  ! save ks3
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for mov in1 to in3
-	! parameter 8  1 for mov in3 to in4
-	! parameter 9  1 for load ks3 and ks2 to in4 and in3
-
-	ip_macro(in5, out5, in5, out5, in3, 1, 1, 0, 0)
-
-	call	.des_dec
-	mov	in2, in3                  ! preload ks3
-
-	call	.des_enc
-	nop
-
-	fp_macro(in5, out5, 1)
-
-	ret
-	restore
-
-.DES_encrypt3.end:
-	.size	 DES_encrypt3,.DES_encrypt3.end-DES_encrypt3
-
-
-! void DES_decrypt3(data, ks1, ks2, ks3)
-! **************************************
-
-	.align 32
-	.global DES_decrypt3
-	.type	 DES_decrypt3,#function
-
-DES_decrypt3:
-
-	save	%sp, FRAME, %sp
-	
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	ld	[in0], in5                ! left
-	add	in3, 120, in4             ! ks3
-
-	ld	[in0+4], out5             ! right
-	mov	in2, in3                  ! ks2
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for mov in1 to in3
-	! parameter 8  1 for mov in3 to in4
-	! parameter 9  1 for load ks3 and ks2 to in4 and in3
-
-	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 0)
-
-	call	.des_enc
-	add	in1, 120, in4             ! preload ks1
-
-	call	.des_dec
-	nop
-
-	fp_macro(out5, in5, 1)
-
-	ret
-	restore
-
-.DES_decrypt3.end:
-	.size	 DES_decrypt3,.DES_decrypt3.end-DES_decrypt3
-
-! void DES_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-! *****************************************************************
-
-
-	.align 32
-	.global DES_ncbc_encrypt
-	.type	 DES_ncbc_encrypt,#function
-
-DES_ncbc_encrypt:
-
-	save	%sp, FRAME, %sp
-	
-	define({INPUT},  { [%sp+BIAS+ARG0+0*ARGSZ] })
-	define({OUTPUT}, { [%sp+BIAS+ARG0+1*ARGSZ] })
-	define({IVEC},   { [%sp+BIAS+ARG0+4*ARGSZ] })
-
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	cmp	in5, 0                    ! enc   
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	be,pn	%icc, .ncbc.dec
-#else
-	be	.ncbc.dec
-#endif
-	STPTR	in4, IVEC
-
-	! addr  left  right  temp  label
-	load_little_endian(in4, in5, out5, local3, .LLE1)  ! iv
-
-	addcc	in2, -8, in2              ! bytes missing when first block done
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc, .ncbc.enc.seven.or.less
-#else
-	bl	.ncbc.enc.seven.or.less
-#endif
-	mov	in3, in4                  ! schedule
-
-.ncbc.enc.next.block:
-
-	load_little_endian(in0, out4, global4, local3, .LLE2)  ! block
-
-.ncbc.enc.next.block_1:
-
-	xor	in5, out4, in5            ! iv xor
-	xor	out5, global4, out5       ! iv xor
-
-	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
-	ip_macro(in5, out5, in5, out5, in3, 0, 0, 2)
-
-.ncbc.enc.next.block_2:
-
-!//	call .des_enc                     ! compares in2 to 8
-!	rounds inlined for alignment purposes
-
-	add	global1, 768, global4     ! address sbox 4 since register used below
-
-	rounds_macro(in5, out5, 1, .ncbc.enc.1, in3, in4) ! include encryption  ks in3
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc, .ncbc.enc.next.block_fp
-#else
-	bl	.ncbc.enc.next.block_fp
-#endif
-	add	in0, 8, in0               ! input address
-
-	! If 8 or more bytes are to be encrypted after this block,
-	! we combine final permutation for this block with initial
-	! permutation for next block. Load next block:
-
-	load_little_endian(in0, global3, global4, local5, .LLE12)
-
-	!  parameter 1   original left
-	!  parameter 2   original right
-	!  parameter 3   left ip
-	!  parameter 4   right ip
-	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
-	!                2: mov in4 to in3
-	!
-	! also adds -8 to length in2 and loads loop counter to out4
-
-	fp_ip_macro(out0, out1, global3, global4, 2)
-
-	store_little_endian(in1, out0, out1, local3, .SLE10)  ! block
-
-	ld	[in3], out0               ! key 7531 first round next block
-	mov 	in5, local1
-	xor	global3, out5, in5        ! iv xor next block
-
-	ld	[in3+4], out1             ! key 8642
-	add	global1, 512, global3     ! address sbox 3 since register used
-	xor	global4, local1, out5     ! iv xor next block
-
-	ba	.ncbc.enc.next.block_2
-	add	in1, 8, in1               ! output address
-
-.ncbc.enc.next.block_fp:
-
-	fp_macro(in5, out5)
-
-	store_little_endian(in1, in5, out5, local3, .SLE1)  ! block
-
-	addcc   in2, -8, in2              ! bytes missing when next block done
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bpos,pt	%icc, .ncbc.enc.next.block  ! also jumps if 0
-#else
-	bpos	.ncbc.enc.next.block
-#endif
-	add	in1, 8, in1
-
-.ncbc.enc.seven.or.less:
-
-	cmp	in2, -8
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	ble,pt	%icc, .ncbc.enc.finish
-#else
-	ble	.ncbc.enc.finish
-#endif
-	nop
-
-	add	in2, 8, local1            ! bytes to load
-
-	! addr, length, dest left, dest right, temp, temp2, label, ret label
-	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB1, .ncbc.enc.next.block_1)
-
-	! Loads 1 to 7 bytes little endian to global4, out4
-
-
-.ncbc.enc.finish:
-
-	LDPTR	IVEC, local4
-	store_little_endian(local4, in5, out5, local5, .SLE2)  ! ivec
-
-	ret
-	restore
-
-
-.ncbc.dec:
-
-	STPTR	in0, INPUT
-	cmp	in2, 0                    ! length
-	add	in3, 120, in3
-
-	LDPTR	IVEC, local7              ! ivec
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	ble,pn	%icc, .ncbc.dec.finish
-#else
-	ble	.ncbc.dec.finish
-#endif
-	mov	in3, in4                  ! schedule
-
-	STPTR	in1, OUTPUT
-	mov	in0, local5               ! input
-
-	load_little_endian(local7, in0, in1, local3, .LLE3)   ! ivec
-
-.ncbc.dec.next.block:
-
-	load_little_endian(local5, in5, out5, local3, .LLE4)  ! block
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for mov in1 to in3
-	! parameter 8  1 for mov in3 to in4
-
-	ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include decryprion  ks in4
-
-	fp_macro(out5, in5, 0, 1) ! 1 for input and output address to local5/7
-
-	! in2 is bytes left to be stored
-	! in2 is compared to 8 in the rounds
-
-	xor	out5, in0, out4           ! iv xor
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc, .ncbc.dec.seven.or.less
-#else
-	bl	.ncbc.dec.seven.or.less
-#endif
-	xor	in5, in1, global4         ! iv xor
-
-	! Load ivec next block now, since input and output address might be the same.
-
-	load_little_endian_inc(local5, in0, in1, local3, .LLE5)  ! iv
-
-	store_little_endian(local7, out4, global4, local3, .SLE3)
-
-	STPTR	local5, INPUT
-	add	local7, 8, local7
-	addcc   in2, -8, in2
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bg,pt	%icc, .ncbc.dec.next.block
-#else
-	bg	.ncbc.dec.next.block
-#endif
-	STPTR	local7, OUTPUT
-
-
-.ncbc.dec.store.iv:
-
-	LDPTR	IVEC, local4              ! ivec
-	store_little_endian(local4, in0, in1, local5, .SLE4)
-
-.ncbc.dec.finish:
-
-	ret
-	restore
-
-.ncbc.dec.seven.or.less:
-
-	load_little_endian_inc(local5, in0, in1, local3, .LLE13)     ! ivec
-
-	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB1, .ncbc.dec.store.iv)
-
-
-.DES_ncbc_encrypt.end:
-	.size	 DES_ncbc_encrypt, .DES_ncbc_encrypt.end-DES_ncbc_encrypt
-
-
-! void DES_ede3_cbc_encrypt(input, output, lenght, ks1, ks2, ks3, ivec, enc)
-! **************************************************************************
-
-
-	.align 32
-	.global DES_ede3_cbc_encrypt
-	.type	 DES_ede3_cbc_encrypt,#function
-
-DES_ede3_cbc_encrypt:
-
-	save	%sp, FRAME, %sp
-
-	define({KS1}, { [%sp+BIAS+ARG0+3*ARGSZ] })
-	define({KS2}, { [%sp+BIAS+ARG0+4*ARGSZ] })
-	define({KS3}, { [%sp+BIAS+ARG0+5*ARGSZ] })
-
-	sethi	%hi(.PIC.DES_SPtrans-1f),global1
-	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
-1:	call	.+8
-	add	%o7,global1,global1
-	sub	global1,.PIC.DES_SPtrans-.des_and,out2
-
-	LDPTR	[%fp+BIAS+ARG0+7*ARGSZ], local3          ! enc
-	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
-	cmp	local3, 0                 ! enc
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	be,pn	%icc, .ede3.dec
-#else
-	be	.ede3.dec
-#endif
-	STPTR	in4, KS2
-
-	STPTR	in5, KS3
-
-	load_little_endian(local4, in5, out5, local3, .LLE6)  ! ivec
-
-	addcc	in2, -8, in2              ! bytes missing after next block
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc,  .ede3.enc.seven.or.less
-#else
-	bl	.ede3.enc.seven.or.less
-#endif
-	STPTR	in3, KS1
-
-.ede3.enc.next.block:
-
-	load_little_endian(in0, out4, global4, local3, .LLE7)
-
-.ede3.enc.next.block_1:
-
-	LDPTR	KS2, in4
-	xor	in5, out4, in5            ! iv xor
-	xor	out5, global4, out5       ! iv xor
-
-	LDPTR	KS1, in3
-	add	in4, 120, in4             ! for decryption we use last subkey first
-	nop
-
-	ip_macro(in5, out5, in5, out5, in3)
-
-.ede3.enc.next.block_2:
-
-	call .des_enc                     ! ks1 in3
-	nop
-
-	call .des_dec                     ! ks2 in4
-	LDPTR	KS3, in3
-
-	call .des_enc                     ! ks3 in3  compares in2 to 8
-	nop
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc, .ede3.enc.next.block_fp
-#else
-	bl	.ede3.enc.next.block_fp
-#endif
-	add	in0, 8, in0
-
-	! If 8 or more bytes are to be encrypted after this block,
-	! we combine final permutation for this block with initial
-	! permutation for next block. Load next block:
-
-	load_little_endian(in0, global3, global4, local5, .LLE11)
-
-	!  parameter 1   original left
-	!  parameter 2   original right
-	!  parameter 3   left ip
-	!  parameter 4   right ip
-	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
-	!                2: mov in4 to in3
-	!
-	! also adds -8 to length in2 and loads loop counter to out4
-
-	fp_ip_macro(out0, out1, global3, global4, 1)
-
-	store_little_endian(in1, out0, out1, local3, .SLE9)  ! block
-
-	mov 	in5, local1
-	xor	global3, out5, in5        ! iv xor next block
-
-	ld	[in3], out0               ! key 7531
-	add	global1, 512, global3     ! address sbox 3
-	xor	global4, local1, out5     ! iv xor next block
-
-	ld	[in3+4], out1             ! key 8642
-	add	global1, 768, global4     ! address sbox 4
-	ba	.ede3.enc.next.block_2
-	add	in1, 8, in1
-
-.ede3.enc.next.block_fp:
-
-	fp_macro(in5, out5)
-
-	store_little_endian(in1, in5, out5, local3, .SLE5)  ! block
-
-	addcc   in2, -8, in2              ! bytes missing when next block done
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bpos,pt	%icc, .ede3.enc.next.block
-#else
-	bpos	.ede3.enc.next.block
-#endif
-	add	in1, 8, in1
-
-.ede3.enc.seven.or.less:
-
-	cmp	in2, -8
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	ble,pt	%icc, .ede3.enc.finish
-#else
-	ble	.ede3.enc.finish
-#endif
-	nop
-
-	add	in2, 8, local1            ! bytes to load
-
-	! addr, length, dest left, dest right, temp, temp2, label, ret label
-	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB2, .ede3.enc.next.block_1)
-
-.ede3.enc.finish:
-
-	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
-	store_little_endian(local4, in5, out5, local5, .SLE6)  ! ivec
-
-	ret
-	restore
-
-.ede3.dec:
-
-	STPTR	in0, INPUT
-	add	in5, 120, in5
-
-	STPTR	in1, OUTPUT
-	mov	in0, local5
-	add	in3, 120, in3
-
-	STPTR	in3, KS1
-	cmp	in2, 0
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	ble	%icc, .ede3.dec.finish
-#else
-	ble	.ede3.dec.finish
-#endif
-	STPTR	in5, KS3
-
-	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local7          ! iv
-	load_little_endian(local7, in0, in1, local3, .LLE8)
-
-.ede3.dec.next.block:
-
-	load_little_endian(local5, in5, out5, local3, .LLE9)
-
-	! parameter 6  1/2 for include encryption/decryption
-	! parameter 7  1 for mov in1 to in3
-	! parameter 8  1 for mov in3 to in4
-	! parameter 9  1 for load ks3 and ks2 to in4 and in3
-
-	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 1) ! inc .des_dec ks3 in4
-
-	call .des_enc                     ! ks2 in3
-	LDPTR	KS1, in4
-
-	call .des_dec                     ! ks1 in4
-	nop
-
-	fp_macro(out5, in5, 0, 1)   ! 1 for input and output address local5/7
-
-	! in2 is bytes left to be stored
-	! in2 is compared to 8 in the rounds
-
-	xor	out5, in0, out4
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bl,pn	%icc, .ede3.dec.seven.or.less
-#else
-	bl	.ede3.dec.seven.or.less
-#endif
-	xor	in5, in1, global4
-
-	load_little_endian_inc(local5, in0, in1, local3, .LLE10)   ! iv next block
-
-	store_little_endian(local7, out4, global4, local3, .SLE7)  ! block
-
-	STPTR	local5, INPUT
-	addcc   in2, -8, in2
-	add	local7, 8, local7
-
-#ifdef OPENSSL_SYSNAME_ULTRASPARC
-	bg,pt	%icc, .ede3.dec.next.block
-#else
-	bg	.ede3.dec.next.block
-#endif
-	STPTR	local7, OUTPUT
-
-.ede3.dec.store.iv:
-
-	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
-	store_little_endian(local4, in0, in1, local5, .SLE8)  ! ivec
-
-.ede3.dec.finish:
-
-	ret
-	restore
-
-.ede3.dec.seven.or.less:
-
-	load_little_endian_inc(local5, in0, in1, local3, .LLE14)     ! iv
-
-	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB2, .ede3.dec.store.iv)
-
-
-.DES_ede3_cbc_encrypt.end:
-	.size	 DES_ede3_cbc_encrypt,.DES_ede3_cbc_encrypt.end-DES_ede3_cbc_encrypt
-
-	.align	256
-	.type	 .des_and,#object
-	.size	 .des_and,284
-
-.des_and:
-
-! This table is used for AND 0xFC when it is known that register
-! bits 8-31 are zero. Makes it possible to do three arithmetic
-! operations in one cycle.
-
-	.byte  0, 0, 0, 0, 4, 4, 4, 4
-	.byte  8, 8, 8, 8, 12, 12, 12, 12
-	.byte  16, 16, 16, 16, 20, 20, 20, 20
-	.byte  24, 24, 24, 24, 28, 28, 28, 28
-	.byte  32, 32, 32, 32, 36, 36, 36, 36
-	.byte  40, 40, 40, 40, 44, 44, 44, 44
-	.byte  48, 48, 48, 48, 52, 52, 52, 52
-	.byte  56, 56, 56, 56, 60, 60, 60, 60
-	.byte  64, 64, 64, 64, 68, 68, 68, 68
-	.byte  72, 72, 72, 72, 76, 76, 76, 76
-	.byte  80, 80, 80, 80, 84, 84, 84, 84
-	.byte  88, 88, 88, 88, 92, 92, 92, 92
-	.byte  96, 96, 96, 96, 100, 100, 100, 100
-	.byte  104, 104, 104, 104, 108, 108, 108, 108
-	.byte  112, 112, 112, 112, 116, 116, 116, 116
-	.byte  120, 120, 120, 120, 124, 124, 124, 124
-	.byte  128, 128, 128, 128, 132, 132, 132, 132
-	.byte  136, 136, 136, 136, 140, 140, 140, 140
-	.byte  144, 144, 144, 144, 148, 148, 148, 148
-	.byte  152, 152, 152, 152, 156, 156, 156, 156
-	.byte  160, 160, 160, 160, 164, 164, 164, 164
-	.byte  168, 168, 168, 168, 172, 172, 172, 172
-	.byte  176, 176, 176, 176, 180, 180, 180, 180
-	.byte  184, 184, 184, 184, 188, 188, 188, 188
-	.byte  192, 192, 192, 192, 196, 196, 196, 196
-	.byte  200, 200, 200, 200, 204, 204, 204, 204
-	.byte  208, 208, 208, 208, 212, 212, 212, 212
-	.byte  216, 216, 216, 216, 220, 220, 220, 220
-	.byte  224, 224, 224, 224, 228, 228, 228, 228
-	.byte  232, 232, 232, 232, 236, 236, 236, 236
-	.byte  240, 240, 240, 240, 244, 244, 244, 244
-	.byte  248, 248, 248, 248, 252, 252, 252, 252
-
-	! 5 numbers for initil/final permutation
-
-	.word   0x0f0f0f0f                ! offset 256
-	.word	0x0000ffff                ! 260
-	.word	0x33333333                ! 264
-	.word	0x00ff00ff                ! 268
-	.word	0x55555555                ! 272
-
-	.word	0                         ! 276
-	.word	LOOPS                     ! 280
-	.word	0x0000FC00                ! 284
-
-	.global	DES_SPtrans
-	.type	DES_SPtrans,#object
-	.size	DES_SPtrans,2048
-.align	64
-DES_SPtrans:
-.PIC.DES_SPtrans:
-	! nibble 0
-	.word	0x02080800, 0x00080000, 0x02000002, 0x02080802
-	.word	0x02000000, 0x00080802, 0x00080002, 0x02000002
-	.word	0x00080802, 0x02080800, 0x02080000, 0x00000802
-	.word	0x02000802, 0x02000000, 0x00000000, 0x00080002
-	.word	0x00080000, 0x00000002, 0x02000800, 0x00080800
-	.word	0x02080802, 0x02080000, 0x00000802, 0x02000800
-	.word	0x00000002, 0x00000800, 0x00080800, 0x02080002
-	.word	0x00000800, 0x02000802, 0x02080002, 0x00000000
-	.word	0x00000000, 0x02080802, 0x02000800, 0x00080002
-	.word	0x02080800, 0x00080000, 0x00000802, 0x02000800
-	.word	0x02080002, 0x00000800, 0x00080800, 0x02000002
-	.word	0x00080802, 0x00000002, 0x02000002, 0x02080000
-	.word	0x02080802, 0x00080800, 0x02080000, 0x02000802
-	.word	0x02000000, 0x00000802, 0x00080002, 0x00000000
-	.word	0x00080000, 0x02000000, 0x02000802, 0x02080800
-	.word	0x00000002, 0x02080002, 0x00000800, 0x00080802
-	! nibble 1
-	.word	0x40108010, 0x00000000, 0x00108000, 0x40100000
-	.word	0x40000010, 0x00008010, 0x40008000, 0x00108000
-	.word	0x00008000, 0x40100010, 0x00000010, 0x40008000
-	.word	0x00100010, 0x40108000, 0x40100000, 0x00000010
-	.word	0x00100000, 0x40008010, 0x40100010, 0x00008000
-	.word	0x00108010, 0x40000000, 0x00000000, 0x00100010
-	.word	0x40008010, 0x00108010, 0x40108000, 0x40000010
-	.word	0x40000000, 0x00100000, 0x00008010, 0x40108010
-	.word	0x00100010, 0x40108000, 0x40008000, 0x00108010
-	.word	0x40108010, 0x00100010, 0x40000010, 0x00000000
-	.word	0x40000000, 0x00008010, 0x00100000, 0x40100010
-	.word	0x00008000, 0x40000000, 0x00108010, 0x40008010
-	.word	0x40108000, 0x00008000, 0x00000000, 0x40000010
-	.word	0x00000010, 0x40108010, 0x00108000, 0x40100000
-	.word	0x40100010, 0x00100000, 0x00008010, 0x40008000
-	.word	0x40008010, 0x00000010, 0x40100000, 0x00108000
-	! nibble 2
-	.word	0x04000001, 0x04040100, 0x00000100, 0x04000101
-	.word	0x00040001, 0x04000000, 0x04000101, 0x00040100
-	.word	0x04000100, 0x00040000, 0x04040000, 0x00000001
-	.word	0x04040101, 0x00000101, 0x00000001, 0x04040001
-	.word	0x00000000, 0x00040001, 0x04040100, 0x00000100
-	.word	0x00000101, 0x04040101, 0x00040000, 0x04000001
-	.word	0x04040001, 0x04000100, 0x00040101, 0x04040000
-	.word	0x00040100, 0x00000000, 0x04000000, 0x00040101
-	.word	0x04040100, 0x00000100, 0x00000001, 0x00040000
-	.word	0x00000101, 0x00040001, 0x04040000, 0x04000101
-	.word	0x00000000, 0x04040100, 0x00040100, 0x04040001
-	.word	0x00040001, 0x04000000, 0x04040101, 0x00000001
-	.word	0x00040101, 0x04000001, 0x04000000, 0x04040101
-	.word	0x00040000, 0x04000100, 0x04000101, 0x00040100
-	.word	0x04000100, 0x00000000, 0x04040001, 0x00000101
-	.word	0x04000001, 0x00040101, 0x00000100, 0x04040000
-	! nibble 3
-	.word	0x00401008, 0x10001000, 0x00000008, 0x10401008
-	.word	0x00000000, 0x10400000, 0x10001008, 0x00400008
-	.word	0x10401000, 0x10000008, 0x10000000, 0x00001008
-	.word	0x10000008, 0x00401008, 0x00400000, 0x10000000
-	.word	0x10400008, 0x00401000, 0x00001000, 0x00000008
-	.word	0x00401000, 0x10001008, 0x10400000, 0x00001000
-	.word	0x00001008, 0x00000000, 0x00400008, 0x10401000
-	.word	0x10001000, 0x10400008, 0x10401008, 0x00400000
-	.word	0x10400008, 0x00001008, 0x00400000, 0x10000008
-	.word	0x00401000, 0x10001000, 0x00000008, 0x10400000
-	.word	0x10001008, 0x00000000, 0x00001000, 0x00400008
-	.word	0x00000000, 0x10400008, 0x10401000, 0x00001000
-	.word	0x10000000, 0x10401008, 0x00401008, 0x00400000
-	.word	0x10401008, 0x00000008, 0x10001000, 0x00401008
-	.word	0x00400008, 0x00401000, 0x10400000, 0x10001008
-	.word	0x00001008, 0x10000000, 0x10000008, 0x10401000
-	! nibble 4
-	.word	0x08000000, 0x00010000, 0x00000400, 0x08010420
-	.word	0x08010020, 0x08000400, 0x00010420, 0x08010000
-	.word	0x00010000, 0x00000020, 0x08000020, 0x00010400
-	.word	0x08000420, 0x08010020, 0x08010400, 0x00000000
-	.word	0x00010400, 0x08000000, 0x00010020, 0x00000420
-	.word	0x08000400, 0x00010420, 0x00000000, 0x08000020
-	.word	0x00000020, 0x08000420, 0x08010420, 0x00010020
-	.word	0x08010000, 0x00000400, 0x00000420, 0x08010400
-	.word	0x08010400, 0x08000420, 0x00010020, 0x08010000
-	.word	0x00010000, 0x00000020, 0x08000020, 0x08000400
-	.word	0x08000000, 0x00010400, 0x08010420, 0x00000000
-	.word	0x00010420, 0x08000000, 0x00000400, 0x00010020
-	.word	0x08000420, 0x00000400, 0x00000000, 0x08010420
-	.word	0x08010020, 0x08010400, 0x00000420, 0x00010000
-	.word	0x00010400, 0x08010020, 0x08000400, 0x00000420
-	.word	0x00000020, 0x00010420, 0x08010000, 0x08000020
-	! nibble 5
-	.word	0x80000040, 0x00200040, 0x00000000, 0x80202000
-	.word	0x00200040, 0x00002000, 0x80002040, 0x00200000
-	.word	0x00002040, 0x80202040, 0x00202000, 0x80000000
-	.word	0x80002000, 0x80000040, 0x80200000, 0x00202040
-	.word	0x00200000, 0x80002040, 0x80200040, 0x00000000
-	.word	0x00002000, 0x00000040, 0x80202000, 0x80200040
-	.word	0x80202040, 0x80200000, 0x80000000, 0x00002040
-	.word	0x00000040, 0x00202000, 0x00202040, 0x80002000
-	.word	0x00002040, 0x80000000, 0x80002000, 0x00202040
-	.word	0x80202000, 0x00200040, 0x00000000, 0x80002000
-	.word	0x80000000, 0x00002000, 0x80200040, 0x00200000
-	.word	0x00200040, 0x80202040, 0x00202000, 0x00000040
-	.word	0x80202040, 0x00202000, 0x00200000, 0x80002040
-	.word	0x80000040, 0x80200000, 0x00202040, 0x00000000
-	.word	0x00002000, 0x80000040, 0x80002040, 0x80202000
-	.word	0x80200000, 0x00002040, 0x00000040, 0x80200040
-	! nibble 6
-	.word	0x00004000, 0x00000200, 0x01000200, 0x01000004
-	.word	0x01004204, 0x00004004, 0x00004200, 0x00000000
-	.word	0x01000000, 0x01000204, 0x00000204, 0x01004000
-	.word	0x00000004, 0x01004200, 0x01004000, 0x00000204
-	.word	0x01000204, 0x00004000, 0x00004004, 0x01004204
-	.word	0x00000000, 0x01000200, 0x01000004, 0x00004200
-	.word	0x01004004, 0x00004204, 0x01004200, 0x00000004
-	.word	0x00004204, 0x01004004, 0x00000200, 0x01000000
-	.word	0x00004204, 0x01004000, 0x01004004, 0x00000204
-	.word	0x00004000, 0x00000200, 0x01000000, 0x01004004
-	.word	0x01000204, 0x00004204, 0x00004200, 0x00000000
-	.word	0x00000200, 0x01000004, 0x00000004, 0x01000200
-	.word	0x00000000, 0x01000204, 0x01000200, 0x00004200
-	.word	0x00000204, 0x00004000, 0x01004204, 0x01000000
-	.word	0x01004200, 0x00000004, 0x00004004, 0x01004204
-	.word	0x01000004, 0x01004200, 0x01004000, 0x00004004
-	! nibble 7
-	.word	0x20800080, 0x20820000, 0x00020080, 0x00000000
-	.word	0x20020000, 0x00800080, 0x20800000, 0x20820080
-	.word	0x00000080, 0x20000000, 0x00820000, 0x00020080
-	.word	0x00820080, 0x20020080, 0x20000080, 0x20800000
-	.word	0x00020000, 0x00820080, 0x00800080, 0x20020000
-	.word	0x20820080, 0x20000080, 0x00000000, 0x00820000
-	.word	0x20000000, 0x00800000, 0x20020080, 0x20800080
-	.word	0x00800000, 0x00020000, 0x20820000, 0x00000080
-	.word	0x00800000, 0x00020000, 0x20000080, 0x20820080
-	.word	0x00020080, 0x20000000, 0x00000000, 0x00820000
-	.word	0x20800080, 0x20020080, 0x20020000, 0x00800080
-	.word	0x20820000, 0x00000080, 0x00800080, 0x20020000
-	.word	0x20820080, 0x00800000, 0x20800000, 0x20000080
-	.word	0x00820000, 0x00020080, 0x20020080, 0x20800000
-	.word	0x00000080, 0x20820000, 0x00820080, 0x00000000
-	.word	0x20000000, 0x20800080, 0x00020000, 0x00820080
-
diff --git a/lib/libssl/src/crypto/des/asm/desboth.pl b/lib/libssl/src/crypto/des/asm/desboth.pl
deleted file mode 100644
index eec00886e4c..00000000000
--- a/lib/libssl/src/crypto/des/asm/desboth.pl
+++ /dev/null
@@ -1,79 +0,0 @@
-#!/usr/local/bin/perl
-
-$L="edi";
-$R="esi";
-
-sub DES_encrypt3
-	{
-	local($name,$enc)=@_;
-
-	&function_begin_B($name,"");
-	&push("ebx");
-	&mov("ebx",&wparam(0));
-
-	&push("ebp");
-	&push("esi");
-
-	&push("edi");
-
-	&comment("");
-	&comment("Load the data words");
-	&mov($L,&DWP(0,"ebx","",0));
-	&mov($R,&DWP(4,"ebx","",0));
-	&stack_push(3);
-
-	&comment("");
-	&comment("IP");
-	&IP_new($L,$R,"edx",0);
-
-	# put them back
-	
-	if ($enc)
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("eax",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("esi",&wparam(3));
-		}
-	else
-		{
-		&mov(&DWP(4,"ebx","",0),$R);
-		 &mov("esi",&wparam(1));
-		&mov(&DWP(0,"ebx","",0),"edx");
-		 &mov("edi",&wparam(2));
-		 &mov("eax",&wparam(3));
-		}
-	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
-	&mov(&swtmp(1),	"eax");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-	&mov(&swtmp(2),	(DWC(($enc)?"0":"1")));
-	&mov(&swtmp(1),	"edi");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
-	&mov(&swtmp(1),	"esi");
-	&mov(&swtmp(0),	"ebx");
-	&call("DES_encrypt2");
-
-	&stack_pop(3);
-	&mov($L,&DWP(0,"ebx","",0));
-	&mov($R,&DWP(4,"ebx","",0));
-
-	&comment("");
-	&comment("FP");
-	&FP_new($L,$R,"eax",0);
-
-	&mov(&DWP(0,"ebx","",0),"eax");
-	&mov(&DWP(4,"ebx","",0),$R);
-
-	&pop("edi");
-	&pop("esi");
-	&pop("ebp");
-	&pop("ebx");
-	&ret();
-	&function_end_B($name);
-	}
-
-
diff --git a/lib/libssl/src/crypto/des/cbc_cksm.c b/lib/libssl/src/crypto/des/cbc_cksm.c
deleted file mode 100644
index 20553ef09f2..00000000000
--- a/lib/libssl/src/crypto/des/cbc_cksm.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $OpenBSD: cbc_cksm.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
-		       long length, DES_key_schedule *schedule,
-		       const_DES_cblock *ivec)
-	{
-	DES_LONG tout0,tout1,tin0,tin1;
-	long l=length;
-	DES_LONG tin[2];
-	unsigned char *out = &(*output)[0];
-	const unsigned char *iv = &(*ivec)[0];
-
-	c2l(iv,tout0);
-	c2l(iv,tout1);
-	for (; l>0; l-=8)
-		{
-		if (l >= 8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			}
-		else
-			c2ln(in,tin0,tin1,l);
-			
-		tin0^=tout0; tin[0]=tin0;
-		tin1^=tout1; tin[1]=tin1;
-		DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
-		/* fix 15/10/91 eay - thanks to keithr@sco.COM */
-		tout0=tin[0];
-		tout1=tin[1];
-		}
-	if (out != NULL)
-		{
-		l2c(tout0,out);
-		l2c(tout1,out);
-		}
-	tout0=tin0=tin1=tin[0]=tin[1]=0;
-	/*
-	  Transform the data in tout1 so that it will
-	  match the return value that the MIT Kerberos
-	  mit_des_cbc_cksum API returns.
-	*/
-	tout1 = ((tout1 >> 24L) & 0x000000FF)
-	      | ((tout1 >> 8L)  & 0x0000FF00)
-	      | ((tout1 << 8L)  & 0x00FF0000)
-	      | ((tout1 << 24L) & 0xFF000000);
-	return(tout1);
-	}
diff --git a/lib/libssl/src/crypto/des/cbc_enc.c b/lib/libssl/src/crypto/des/cbc_enc.c
deleted file mode 100644
index 5db52809c08..00000000000
--- a/lib/libssl/src/crypto/des/cbc_enc.c
+++ /dev/null
@@ -1,61 +0,0 @@
-/* $OpenBSD: cbc_enc.c,v 1.3 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define CBC_ENC_C__DONT_UPDATE_IV
-
-#include "ncbc_enc.c" /* des_cbc_encrypt */
diff --git a/lib/libssl/src/crypto/des/cfb64ede.c b/lib/libssl/src/crypto/des/cfb64ede.c
deleted file mode 100644
index 6d4d2877751..00000000000
--- a/lib/libssl/src/crypto/des/cfb64ede.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/* $OpenBSD: cfb64ede.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			    long length, DES_key_schedule *ks1,
-			    DES_key_schedule *ks2, DES_key_schedule *ks3,
-			    DES_cblock *ivec, int *num, int enc)
-	{
-	DES_LONG v0,v1;
-	long l=length;
-	int n= *num;
-	DES_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=&(*ivec)[0];
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0);
-				c2l(iv,v1);
-
-				ti[0]=v0;
-				ti[1]=v1;
-				DES_encrypt3(ti,ks1,ks2,ks3);
-				v0=ti[0];
-				v1=ti[1];
-
-				iv = &(*ivec)[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				iv = &(*ivec)[0];
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0);
-				c2l(iv,v1);
-
-				ti[0]=v0;
-				ti[1]=v1;
-				DES_encrypt3(ti,ks1,ks2,ks3);
-				v0=ti[0];
-				v1=ti[1];
-
-				iv = &(*ivec)[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				iv = &(*ivec)[0];
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=c=cc=0;
-	*num=n;
-	}
-
-/* This is compatible with the single key CFB-r for DES, even thought that's
- * not what EVP needs.
- */
-
-void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
-			  int numbits,long length,DES_key_schedule *ks1,
-			  DES_key_schedule *ks2,DES_key_schedule *ks3,
-			  DES_cblock *ivec,int enc)
-	{
-	DES_LONG d0,d1,v0,v1;
-	unsigned long l=length,n=((unsigned int)numbits+7)/8;
-	int num=numbits,i;
-	DES_LONG ti[2];
-	unsigned char *iv;
-	unsigned char ovec[16];
-
-	if (num > 64) return;
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	if (enc)
-		{
-		while (l >= n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt3(ti,ks1,ks2,ks3);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			d0^=ti[0];
-			d1^=ti[1];
-			l2cn(d0,d1,out,n);
-			out+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (num == 32)
-				{ v0=v1; v1=d0; }
-			else if (num == 64)
-				{ v0=d0; v1=d1; }
-			else
-				{
-				iv=&ovec[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				l2c(d0,iv);
-				l2c(d1,iv);
-				/* shift ovec left most of the bits... */
-				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
-				/* now the remaining bits */
-				if(num%8 != 0)
-					for(i=0 ; i < 8 ; ++i)
-						{
-						ovec[i]<<=num%8;
-						ovec[i]|=ovec[i+1]>>(8-num%8);
-						}
-				iv=&ovec[0];
-				c2l(iv,v0);
-				c2l(iv,v1);
-				}
-			}
-		}
-	else
-		{
-		while (l >= n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt3(ti,ks1,ks2,ks3);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (num == 32)
-				{ v0=v1; v1=d0; }
-			else if (num == 64)
-				{ v0=d0; v1=d1; }
-			else
-				{
-				iv=&ovec[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				l2c(d0,iv);
-				l2c(d1,iv);
-				/* shift ovec left most of the bits... */
-				memmove(ovec,ovec+num/8,8+(num%8 ? 1 : 0));
-				/* now the remaining bits */
-				if(num%8 != 0)
-					for(i=0 ; i < 8 ; ++i)
-						{
-						ovec[i]<<=num%8;
-						ovec[i]|=ovec[i+1]>>(8-num%8);
-						}
-				iv=&ovec[0];
-				c2l(iv,v0);
-				c2l(iv,v1);
-				}
-			d0^=ti[0];
-			d1^=ti[1];
-			l2cn(d0,d1,out,n);
-			out+=n;
-			}
-		}
-	iv = &(*ivec)[0];
-	l2c(v0,iv);
-	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/des/cfb64enc.c b/lib/libssl/src/crypto/des/cfb64enc.c
deleted file mode 100644
index 6c8f99e841f..00000000000
--- a/lib/libssl/src/crypto/des/cfb64enc.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* $OpenBSD: cfb64enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, DES_key_schedule *schedule,
-		       DES_cblock *ivec, int *num, int enc)
-	{
-	DES_LONG v0,v1;
-	long l=length;
-	int n= *num;
-	DES_LONG ti[2];
-	unsigned char *iv,c,cc;
-
-	iv = &(*ivec)[0];
-	if (enc)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				DES_encrypt1(ti,schedule,DES_ENCRYPT);
-				iv = &(*ivec)[0];
-				v0=ti[0]; l2c(v0,iv);
-				v0=ti[1]; l2c(v0,iv);
-				iv = &(*ivec)[0];
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				DES_encrypt1(ti,schedule,DES_ENCRYPT);
-				iv = &(*ivec)[0];
-				v0=ti[0]; l2c(v0,iv);
-				v0=ti[1]; l2c(v0,iv);
-				iv = &(*ivec)[0];
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=c=cc=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/des/cfb_enc.c b/lib/libssl/src/crypto/des/cfb_enc.c
deleted file mode 100644
index 59a3e718622..00000000000
--- a/lib/libssl/src/crypto/des/cfb_enc.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* $OpenBSD: cfb_enc.c,v 1.13 2015/02/10 09:46:30 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include <machine/endian.h>
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second.  The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-/* Until Aug 1 2003 this function did not correctly implement CFB-r, so it
- * will not be compatible with any encryption prior to that date. Ben. */
-void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-		     long length, DES_key_schedule *schedule, DES_cblock *ivec,
-		     int enc)
-	{
-	DES_LONG d0,d1,v0,v1;
-	unsigned long l=length;
-	int num=numbits/8,n=(numbits+7)/8,i,rem=numbits%8;
-	DES_LONG ti[2];
-	unsigned char *iv;
-#if BYTE_ORDER != LITTLE_ENDIAN
-	unsigned char ovec[16];
-#else
-	unsigned int  sh[4];
-	unsigned char *ovec=(unsigned char *)sh;
-#endif
-
-	if (numbits<=0 || numbits > 64) return;
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	if (enc)
-		{
-		while (l >= (unsigned long)n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			d0^=ti[0];
-			d1^=ti[1];
-			l2cn(d0,d1,out,n);
-			out+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (numbits == 32)
-				{ v0=v1; v1=d0; }
-			else if (numbits == 64)
-				{ v0=d0; v1=d1; }
-			else
-				{
-#if BYTE_ORDER != LITTLE_ENDIAN
-				iv=&ovec[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				l2c(d0,iv);
-				l2c(d1,iv);
-#else
-				sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
-#endif
-				if (rem==0)
-					memmove(ovec,ovec+num,8);
-				else
-					for(i=0 ; i < 8 ; ++i)
-						ovec[i]=ovec[i+num]<<rem |
-							ovec[i+num+1]>>(8-rem);
-#if BYTE_ORDER == LITTLE_ENDIAN
-				v0=sh[0], v1=sh[1];
-#else
-				iv=&ovec[0];
-				c2l(iv,v0);
-				c2l(iv,v1);
-#endif
-				}
-			}
-		}
-	else
-		{
-		while (l >= (unsigned long)n)
-			{
-			l-=n;
-			ti[0]=v0;
-			ti[1]=v1;
-			DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-			c2ln(in,d0,d1,n);
-			in+=n;
-			/* 30-08-94 - eay - changed because l>>32 and
-			 * l<<32 are bad under gcc :-( */
-			if (numbits == 32)
-				{ v0=v1; v1=d0; }
-			else if (numbits == 64)
-				{ v0=d0; v1=d1; }
-			else
-				{
-#if BYTE_ORDER != LITTLE_ENDIAN
-				iv=&ovec[0];
-				l2c(v0,iv);
-				l2c(v1,iv);
-				l2c(d0,iv);
-				l2c(d1,iv);
-#else
-				sh[0]=v0, sh[1]=v1, sh[2]=d0, sh[3]=d1;
-#endif
-				if (rem==0)
-					memmove(ovec,ovec+num,8);
-				else
-					for(i=0 ; i < 8 ; ++i)
-						ovec[i]=ovec[i+num]<<rem |
-							ovec[i+num+1]>>(8-rem);
-#if BYTE_ORDER == LITTLE_ENDIAN
-				v0=sh[0], v1=sh[1];
-#else
-				iv=&ovec[0];
-				c2l(iv,v0);
-				c2l(iv,v1);
-#endif
-				}
-			d0^=ti[0];
-			d1^=ti[1];
-			l2cn(d0,d1,out,n);
-			out+=n;
-			}
-		}
-	iv = &(*ivec)[0];
-	l2c(v0,iv);
-	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/des/des.h b/lib/libssl/src/crypto/des/des.h
deleted file mode 100644
index e1331d3fa2c..00000000000
--- a/lib/libssl/src/crypto/des/des.h
+++ /dev/null
@@ -1,219 +0,0 @@
-/* $OpenBSD: des.h,v 1.19 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_NEW_DES_H
-#define HEADER_NEW_DES_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_DES
-#error DES is disabled.
-#endif
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef unsigned char DES_cblock[8];
-typedef /* const */ unsigned char const_DES_cblock[8];
-/* With "const", gcc 2.8.1 on Solaris thinks that DES_cblock *
- * and const_DES_cblock * are incompatible pointer types. */
-
-typedef struct DES_ks
-    {
-    union
-	{
-	DES_cblock cblock;
-	/* make sure things are correct size on machines with
-	 * 8 byte longs */
-	DES_LONG deslong[2];
-	} ks[16];
-    } DES_key_schedule;
-
-#define DES_KEY_SZ 	(sizeof(DES_cblock))
-#define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
-
-#define DES_ENCRYPT	1
-#define DES_DECRYPT	0
-
-#define DES_CBC_MODE	0
-#define DES_PCBC_MODE	1
-
-#define DES_ecb2_encrypt(i,o,k1,k2,e) \
-	DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
-
-#define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
-	DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
-
-#define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
-	DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
-
-#define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
-	DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
-
-extern int DES_check_key;	/* defaults to false */
-extern int DES_rw_mode;		/* defaults to DES_PCBC_MODE */
-
-const char *DES_options(void);
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-		      DES_key_schedule *ks1,DES_key_schedule *ks2,
-		      DES_key_schedule *ks3, int enc);
-DES_LONG DES_cbc_cksum(const unsigned char *input,DES_cblock *output,
-		       long length,DES_key_schedule *schedule,
-		       const_DES_cblock *ivec);
-/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
-void DES_cbc_encrypt(const unsigned char *input,unsigned char *output,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ncbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-void DES_xcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      const_DES_cblock *inw,const_DES_cblock *outw,int enc);
-void DES_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		     int enc);
-void DES_ecb_encrypt(const_DES_cblock *input,DES_cblock *output,
-		     DES_key_schedule *ks,int enc);
-
-/* 	This is the DES encryption function that gets called by just about
-	every other DES routine in the library.  You should not use this
-	function except to implement 'modes' of DES.  I say this because the
-	functions that call this routine do the conversion from 'char *' to
-	long, and this needs to be done to make sure 'non-aligned' memory
-	access do not occur.  The characters are loaded 'little endian'.
-	Data is a pointer to 2 unsigned long's and ks is the
-	DES_key_schedule to use.  enc, is non zero specifies encryption,
-	zero if decryption. */
-void DES_encrypt1(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-/* 	This functions is the same as DES_encrypt1() except that the DES
-	initial permutation (IP) and final permutation (FP) have been left
-	out.  As for DES_encrypt1(), you should not use this function.
-	It is used by the routines in the library that implement triple DES.
-	IP() DES_encrypt2() DES_encrypt2() DES_encrypt2() FP() is the same
-	as DES_encrypt1() DES_encrypt1() DES_encrypt1() except faster :-). */
-void DES_encrypt2(DES_LONG *data,DES_key_schedule *ks, int enc);
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3);
-void DES_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, 
-			  long length,
-			  DES_key_schedule *ks1,DES_key_schedule *ks2,
-			  DES_key_schedule *ks3,DES_cblock *ivec,int enc);
-void DES_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out,
-			   long length,
-			   DES_key_schedule *ks1,DES_key_schedule *ks2,
-			   DES_key_schedule *ks3,
-			   DES_cblock *ivec1,DES_cblock *ivec2,
-			   int enc);
-void DES_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num,int enc);
-void DES_ede3_cfb_encrypt(const unsigned char *in,unsigned char *out,
-			  int numbits,long length,DES_key_schedule *ks1,
-			  DES_key_schedule *ks2,DES_key_schedule *ks3,
-			  DES_cblock *ivec,int enc);
-void DES_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out,
-			    long length,DES_key_schedule *ks1,
-			    DES_key_schedule *ks2,DES_key_schedule *ks3,
-			    DES_cblock *ivec,int *num);
-int DES_enc_read(int fd,void *buf,int len,DES_key_schedule *sched,
-		 DES_cblock *iv);
-int DES_enc_write(int fd,const void *buf,int len,DES_key_schedule *sched,
-		  DES_cblock *iv);
-char *DES_fcrypt(const char *buf,const char *salt, char *ret);
-char *DES_crypt(const char *buf,const char *salt);
-void DES_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits,
-		     long length,DES_key_schedule *schedule,DES_cblock *ivec);
-void DES_pcbc_encrypt(const unsigned char *input,unsigned char *output,
-		      long length,DES_key_schedule *schedule,DES_cblock *ivec,
-		      int enc);
-DES_LONG DES_quad_cksum(const unsigned char *input,DES_cblock output[],
-			long length,int out_count,DES_cblock *seed);
-int DES_random_key(DES_cblock *ret);
-void DES_set_odd_parity(DES_cblock *key);
-int DES_check_key_parity(const_DES_cblock *key);
-int DES_is_weak_key(const_DES_cblock *key);
-/* DES_set_key (= set_key = DES_key_sched = key_sched) calls
- * DES_set_key_checked if global variable DES_check_key is set,
- * DES_set_key_unchecked otherwise. */
-int DES_set_key(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_key_sched(const_DES_cblock *key,DES_key_schedule *schedule);
-int DES_set_key_checked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_set_key_unchecked(const_DES_cblock *key,DES_key_schedule *schedule);
-void DES_string_to_key(const char *str,DES_cblock *key);
-void DES_string_to_2keys(const char *str,DES_cblock *key1,DES_cblock *key2);
-void DES_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num,
-		       int enc);
-void DES_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length,
-		       DES_key_schedule *schedule,DES_cblock *ivec,int *num);
-
-#define DES_fixup_key_parity DES_set_odd_parity
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/des/des_enc.c b/lib/libssl/src/crypto/des/des_enc.c
deleted file mode 100644
index 1de35e1e341..00000000000
--- a/lib/libssl/src/crypto/des/des_enc.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/* $OpenBSD: des_enc.c,v 1.12 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include "spr.h"
-
-#ifndef OPENBSD_DES_ASM
-
-void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
-	{
-	DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-	int i;
-#endif
-	DES_LONG *s;
-
-	r=data[0];
-	l=data[1];
-
-	IP(r,l);
-	/* Things have been modified so that the initial rotate is
-	 * done outside the loop.  This required the
-	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
-	 * One perl script later and things have a 5% speed up on a sparc2.
-	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	 * for pointing this out. */
-	/* clear the top bits on machines with 8byte longs */
-	/* shift left by 2 */
-	r=ROTATE(r,29)&0xffffffffL;
-	l=ROTATE(l,29)&0xffffffffL;
-
-	s=ks->ks->deslong;
-	/* I don't know if it is worth the effort of loop unrolling the
-	 * inner loop */
-	if (enc)
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#else
-		for (i=0; i<32; i+=4)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			}
-#endif
-		}
-	else
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r,30); /* 16 */
-		D_ENCRYPT(r,l,28); /* 15 */
-		D_ENCRYPT(l,r,26); /* 14 */
-		D_ENCRYPT(r,l,24); /* 13 */
-		D_ENCRYPT(l,r,22); /* 12 */
-		D_ENCRYPT(r,l,20); /* 11 */
-		D_ENCRYPT(l,r,18); /* 10 */
-		D_ENCRYPT(r,l,16); /*  9 */
-		D_ENCRYPT(l,r,14); /*  8 */
-		D_ENCRYPT(r,l,12); /*  7 */
-		D_ENCRYPT(l,r,10); /*  6 */
-		D_ENCRYPT(r,l, 8); /*  5 */
-		D_ENCRYPT(l,r, 6); /*  4 */
-		D_ENCRYPT(r,l, 4); /*  3 */
-		D_ENCRYPT(l,r, 2); /*  2 */
-		D_ENCRYPT(r,l, 0); /*  1 */
-#else
-		for (i=30; i>0; i-=4)
-			{
-			D_ENCRYPT(l,r,i-0); /* 16 */
-			D_ENCRYPT(r,l,i-2); /* 15 */
-			}
-#endif
-		}
-
-	/* rotate and clear the top bits on machines with 8byte longs */
-	l=ROTATE(l,3)&0xffffffffL;
-	r=ROTATE(r,3)&0xffffffffL;
-
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	l=r=t=u=0;
-	}
-
-void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
-	{
-	DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-#ifndef DES_UNROLL
-	int i;
-#endif
-	DES_LONG *s;
-
-	r=data[0];
-	l=data[1];
-
-	/* Things have been modified so that the initial rotate is
-	 * done outside the loop.  This required the
-	 * DES_SPtrans values in sp.h to be rotated 1 bit to the right.
-	 * One perl script later and things have a 5% speed up on a sparc2.
-	 * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
-	 * for pointing this out. */
-	/* clear the top bits on machines with 8byte longs */
-	r=ROTATE(r,29)&0xffffffffL;
-	l=ROTATE(l,29)&0xffffffffL;
-
-	s=ks->ks->deslong;
-	/* I don't know if it is worth the effort of loop unrolling the
-	 * inner loop */
-	if (enc)
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#else
-		for (i=0; i<32; i+=4)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			}
-#endif
-		}
-	else
-		{
-#ifdef DES_UNROLL
-		D_ENCRYPT(l,r,30); /* 16 */
-		D_ENCRYPT(r,l,28); /* 15 */
-		D_ENCRYPT(l,r,26); /* 14 */
-		D_ENCRYPT(r,l,24); /* 13 */
-		D_ENCRYPT(l,r,22); /* 12 */
-		D_ENCRYPT(r,l,20); /* 11 */
-		D_ENCRYPT(l,r,18); /* 10 */
-		D_ENCRYPT(r,l,16); /*  9 */
-		D_ENCRYPT(l,r,14); /*  8 */
-		D_ENCRYPT(r,l,12); /*  7 */
-		D_ENCRYPT(l,r,10); /*  6 */
-		D_ENCRYPT(r,l, 8); /*  5 */
-		D_ENCRYPT(l,r, 6); /*  4 */
-		D_ENCRYPT(r,l, 4); /*  3 */
-		D_ENCRYPT(l,r, 2); /*  2 */
-		D_ENCRYPT(r,l, 0); /*  1 */
-#else
-		for (i=30; i>0; i-=4)
-			{
-			D_ENCRYPT(l,r,i-0); /* 16 */
-			D_ENCRYPT(r,l,i-2); /* 15 */
-			}
-#endif
-		}
-	/* rotate and clear the top bits on machines with 8byte longs */
-	data[0]=ROTATE(l,3)&0xffffffffL;
-	data[1]=ROTATE(r,3)&0xffffffffL;
-	l=r=t=u=0;
-	}
-
-#endif /* OPENBSD_DES_ASM */
-
-void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3)
-	{
-	DES_LONG l,r;
-
-	l=data[0];
-	r=data[1];
-	IP(l,r);
-	data[0]=l;
-	data[1]=r;
-	DES_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
-	DES_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
-	DES_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
-	l=data[0];
-	r=data[1];
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	}
-
-void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
-		  DES_key_schedule *ks2, DES_key_schedule *ks3)
-	{
-	DES_LONG l,r;
-
-	l=data[0];
-	r=data[1];
-	IP(l,r);
-	data[0]=l;
-	data[1]=r;
-	DES_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
-	DES_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
-	DES_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
-	l=data[0];
-	r=data[1];
-	FP(r,l);
-	data[0]=l;
-	data[1]=r;
-	}
-
-#ifndef DES_DEFAULT_OPTIONS
-
-#undef CBC_ENC_C__DONT_UPDATE_IV
-#include "ncbc_enc.c" /* DES_ncbc_encrypt */
-
-void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
-			  long length, DES_key_schedule *ks1,
-			  DES_key_schedule *ks2, DES_key_schedule *ks3,
-			  DES_cblock *ivec, int enc)
-	{
-	DES_LONG tin0,tin1;
-	DES_LONG tout0,tout1,xor0,xor1;
-	const unsigned char *in;
-	unsigned char *out;
-	long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	in=input;
-	out=output;
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		DES_LONG t0,t1;
-
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-
-			t0=tin0;
-			t1=tin1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-
-			tout0^=xor0;
-			tout1^=xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=t0;
-			xor1=t1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			
-			t0=tin0;
-			t1=tin1;
-
-			tin[0]=tin0;
-			tin[1]=tin1;
-			DES_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
-			tout0=tin[0];
-			tout1=tin[1];
-		
-			tout0^=xor0;
-			tout1^=xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=t0;
-			xor1=t1;
-			}
-
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-#endif /* DES_DEFAULT_OPTIONS */
diff --git a/lib/libssl/src/crypto/des/des_locl.h b/lib/libssl/src/crypto/des/des_locl.h
deleted file mode 100644
index 38ac68a6e60..00000000000
--- a/lib/libssl/src/crypto/des/des_locl.h
+++ /dev/null
@@ -1,392 +0,0 @@
-/* $OpenBSD: des_locl.h,v 1.18 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DES_LOCL_H
-#define HEADER_DES_LOCL_H
-
-#include <math.h>
-#include <stdint.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/des.h>
-
-#define ITERATIONS 16
-#define HALF_ITERATIONS 8
-
-/* used in des_read and des_write */
-#define MAXWRITE	(1024*16)
-#define BSIZE		(MAXWRITE+4)
-
-#define c2l(c,l)	(l =((DES_LONG)(*((c)++)))    , \
-			 l|=((DES_LONG)(*((c)++)))<< 8L, \
-			 l|=((DES_LONG)(*((c)++)))<<16L, \
-			 l|=((DES_LONG)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
-			case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
-			case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
-			case 5: l2|=((DES_LONG)(*(--(c))));     \
-			case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
-			case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
-			case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
-			case 1: l1|=((DES_LONG)(*(--(c))));     \
-				} \
-			}
-
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* replacements for htonl and ntohl since I have no idea what to do
- * when faced with machines with 8 byte longs. */
-#define HDRSIZE 4
-
-#define n2l(c,l)	(l =((DES_LONG)(*((c)++)))<<24L, \
-			 l|=((DES_LONG)(*((c)++)))<<16L, \
-			 l|=((DES_LONG)(*((c)++)))<< 8L, \
-			 l|=((DES_LONG)(*((c)++))))
-
-#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)     )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-static inline uint32_t ROTATE(uint32_t a, uint32_t n)
-{
-	return (a>>n)+(a<<(32-n));
-}
-
-/* Don't worry about the LOAD_DATA() stuff, that is used by
- * fcrypt() to add it's little bit to the front */
-
-#ifdef DES_FCRYPT
-
-#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
-	{ DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
-
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-	t=R^(R>>16L); \
-	u=t&E0; t&=E1; \
-	tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
-	tmp=(t<<16); t^=R^s[S+1]; t^=tmp
-#else
-#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
-#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
-	u=R^s[S  ]; \
-	t=R^s[S+1]
-#endif
-
-/* The changes to this macro may help or hinder, depending on the
- * compiler and the architecture.  gcc2 always seems to do well :-).
- * Inspired by Dana How <how@isl.stanford.edu>
- * DO NOT use the alternative version on machines with 8 byte longs.
- * It does not seem to work on the Alpha, even when DES_LONG is 4
- * bytes, probably an issue of accessing non-word aligned objects :-( */
-#ifdef DES_PTR
-
-/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there
- * is no reason to not xor all the sub items together.  This potentially
- * saves a register since things can be xored directly into L */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) { \
-	unsigned int u1,u2,u3; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0xfc; \
-	u2&=0xfc; \
-	t=ROTATE(t,4); \
-	u>>=16L; \
-	LL^= *(const DES_LONG *)(des_SP      +u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-	u3=(int)(u>>8L); \
-	u1=(int)u&0xfc; \
-	u3&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
-	u2=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u2&=0xfc; \
-	t>>=16L; \
-	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-	u3=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u3&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) { \
-	unsigned int u1,u2,s1,s2; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0xfc; \
-	u2&=0xfc; \
-	t=ROTATE(t,4); \
-	LL^= *(const DES_LONG *)(des_SP      +u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
-	s1=(int)(u>>16L); \
-	s2=(int)(u>>24L); \
-	s1&=0xfc; \
-	s2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
-	LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
-	u2=(int)t>>8L; \
-	u1=(int)t&0xfc; \
-	u2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
-	LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
-	s1=(int)(t>>16L); \
-	s2=(int)(t>>24L); \
-	s1&=0xfc; \
-	s2&=0xfc; \
-	LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
-	LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
-#endif
-#else
-#define D_ENCRYPT(LL,R,S) { \
-	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-	t=ROTATE(t,4); \
-	LL^= \
-	*(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
-	*(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
-#endif
-
-#else /* original version */
-
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-#define D_ENCRYPT(LL,R,S) {\
-	unsigned int u1,u2,u3; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u>>=2L; \
-	t=ROTATE(t,6); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u2&=0x3f; \
-	u>>=16L; \
-	LL^=DES_SPtrans[0][u1]; \
-	LL^=DES_SPtrans[2][u2]; \
-	u3=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u3&=0x3f; \
-	LL^=DES_SPtrans[4][u1]; \
-	LL^=DES_SPtrans[6][u3]; \
-	u2=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u2&=0x3f; \
-	t>>=16L; \
-	LL^=DES_SPtrans[1][u1]; \
-	LL^=DES_SPtrans[3][u2]; \
-	u3=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u3&=0x3f; \
-	LL^=DES_SPtrans[5][u1]; \
-	LL^=DES_SPtrans[7][u3]; }
-#endif
-#ifdef DES_RISC2
-#define D_ENCRYPT(LL,R,S) {\
-	unsigned int u1,u2,s1,s2; \
-	LOAD_DATA(R,S,u,t,E0,E1,u1); \
-	u>>=2L; \
-	t=ROTATE(t,6); \
-	u2=(int)u>>8L; \
-	u1=(int)u&0x3f; \
-	u2&=0x3f; \
-	LL^=DES_SPtrans[0][u1]; \
-	LL^=DES_SPtrans[2][u2]; \
-	s1=(int)u>>16L; \
-	s2=(int)u>>24L; \
-	s1&=0x3f; \
-	s2&=0x3f; \
-	LL^=DES_SPtrans[4][s1]; \
-	LL^=DES_SPtrans[6][s2]; \
-	u2=(int)t>>8L; \
-	u1=(int)t&0x3f; \
-	u2&=0x3f; \
-	LL^=DES_SPtrans[1][u1]; \
-	LL^=DES_SPtrans[3][u2]; \
-	s1=(int)t>>16; \
-	s2=(int)t>>24L; \
-	s1&=0x3f; \
-	s2&=0x3f; \
-	LL^=DES_SPtrans[5][s1]; \
-	LL^=DES_SPtrans[7][s2]; }
-#endif
-
-#else
-
-#define D_ENCRYPT(LL,R,S) {\
-	LOAD_DATA_tmp(R,S,u,t,E0,E1); \
-	t=ROTATE(t,4); \
-	LL^=\
-		DES_SPtrans[0][(u>> 2L)&0x3f]^ \
-		DES_SPtrans[2][(u>>10L)&0x3f]^ \
-		DES_SPtrans[4][(u>>18L)&0x3f]^ \
-		DES_SPtrans[6][(u>>26L)&0x3f]^ \
-		DES_SPtrans[1][(t>> 2L)&0x3f]^ \
-		DES_SPtrans[3][(t>>10L)&0x3f]^ \
-		DES_SPtrans[5][(t>>18L)&0x3f]^ \
-		DES_SPtrans[7][(t>>26L)&0x3f]; }
-#endif
-#endif
-
-	/* IP and FP
-	 * The problem is more of a geometric problem that random bit fiddling.
-	 0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
-	 8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
-	16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
-	24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
-
-	32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
-	40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
-	48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
-	56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
-
-	The output has been subject to swaps of the form
-	0 1 -> 3 1 but the odd and even bits have been put into
-	2 3    2 0
-	different words.  The main trick is to remember that
-	t=((l>>size)^r)&(mask);
-	r^=t;
-	l^=(t<<size);
-	can be used to swap and move bits between words.
-
-	So l =  0  1  2  3  r = 16 17 18 19
-	        4  5  6  7      20 21 22 23
-	        8  9 10 11      24 25 26 27
-	       12 13 14 15      28 29 30 31
-	becomes (for size == 2 and mask == 0x3333)
-	   t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
-		 6^20  7^21 -- --        4  5 20 21       6  7 22 23
-		10^24 11^25 -- --        8  9 24 25      10 11 24 25
-		14^28 15^29 -- --       12 13 28 29      14 15 28 29
-
-	Thanks for hints from Richard Outerbridge - he told me IP&FP
-	could be done in 15 xor, 10 shifts and 5 ands.
-	When I finally started to think of the problem in 2D
-	I first got ~42 operations without xors.  When I remembered
-	how to use xors :-) I got it to its final state.
-	*/
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-	(b)^=(t),\
-	(a)^=((t)<<(n)))
-
-#define IP(l,r) \
-	{ \
-	DES_LONG tt; \
-	PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
-	PERM_OP(l,r,tt,16,0x0000ffffL); \
-	PERM_OP(r,l,tt, 2,0x33333333L); \
-	PERM_OP(l,r,tt, 8,0x00ff00ffL); \
-	PERM_OP(r,l,tt, 1,0x55555555L); \
-	}
-
-#define FP(l,r) \
-	{ \
-	DES_LONG tt; \
-	PERM_OP(l,r,tt, 1,0x55555555L); \
-	PERM_OP(r,l,tt, 8,0x00ff00ffL); \
-	PERM_OP(l,r,tt, 2,0x33333333L); \
-	PERM_OP(r,l,tt,16,0x0000ffffL); \
-	PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
-	}
-
-extern const DES_LONG DES_SPtrans[8][64];
-
-void fcrypt_body(DES_LONG *out,DES_key_schedule *ks,
-		 DES_LONG Eswap0, DES_LONG Eswap1);
-
-#ifdef OPENSSL_SMALL_FOOTPRINT
-#undef DES_UNROLL
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/des/ecb3_enc.c b/lib/libssl/src/crypto/des/ecb3_enc.c
deleted file mode 100644
index 97de804cfb0..00000000000
--- a/lib/libssl/src/crypto/des/ecb3_enc.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* $OpenBSD: ecb3_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-		      DES_key_schedule *ks1, DES_key_schedule *ks2,
-		      DES_key_schedule *ks3,
-	     int enc)
-	{
-	DES_LONG l0,l1;
-	DES_LONG ll[2];
-	const unsigned char *in = &(*input)[0];
-	unsigned char *out = &(*output)[0];
-
-	c2l(in,l0);
-	c2l(in,l1);
-	ll[0]=l0;
-	ll[1]=l1;
-	if (enc)
-		DES_encrypt3(ll,ks1,ks2,ks3);
-	else
-		DES_decrypt3(ll,ks1,ks2,ks3);
-	l0=ll[0];
-	l1=ll[1];
-	l2c(l0,out);
-	l2c(l1,out);
-	}
diff --git a/lib/libssl/src/crypto/des/ecb_enc.c b/lib/libssl/src/crypto/des/ecb_enc.c
deleted file mode 100644
index dac37de882a..00000000000
--- a/lib/libssl/src/crypto/des/ecb_enc.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: ecb_enc.c,v 1.16 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/bio.h>
-
-const char *DES_options(void)
-	{
-	static int init=1;
-	static char buf[32];
-
-	if (init)
-		{
-		const char *ptr,*unroll,*risc,*size;
-
-#ifdef DES_PTR
-		ptr="ptr";
-#else
-		ptr="idx";
-#endif
-#if defined(DES_RISC1) || defined(DES_RISC2)
-#ifdef DES_RISC1
-		risc="risc1";
-#endif
-#ifdef DES_RISC2
-		risc="risc2";
-#endif
-#else
-		risc="cisc";
-#endif
-#ifdef DES_UNROLL
-		unroll="16";
-#else
-		unroll="2";
-#endif
-		if (sizeof(DES_LONG) != sizeof(long))
-			size="int";
-		else
-			size="long";
-		snprintf(buf,sizeof buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,
-			     size);
-		init=0;
-		}
-	return(buf);
-	}
-		
-
-void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-		     DES_key_schedule *ks, int enc)
-	{
-	DES_LONG l;
-	DES_LONG ll[2];
-	const unsigned char *in = &(*input)[0];
-	unsigned char *out = &(*output)[0];
-
-	c2l(in,l); ll[0]=l;
-	c2l(in,l); ll[1]=l;
-	DES_encrypt1(ll,ks,enc);
-	l=ll[0]; l2c(l,out);
-	l=ll[1]; l2c(l,out);
-	l=ll[0]=ll[1]=0;
-	}
diff --git a/lib/libssl/src/crypto/des/ede_cbcm_enc.c b/lib/libssl/src/crypto/des/ede_cbcm_enc.c
deleted file mode 100644
index 9a9f51e3118..00000000000
--- a/lib/libssl/src/crypto/des/ede_cbcm_enc.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* $OpenBSD: ede_cbcm_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL
- * project 13 Feb 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
-
-This is an implementation of Triple DES Cipher Block Chaining with Output
-Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
-
-Note that there is a known attack on this by Biham and Knudsen but it takes
-a lot of work:
-
-http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
-
-*/
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
-
-#ifndef OPENSSL_NO_DESCBCM
-#include "des_locl.h"
-
-void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
-	     long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-	     DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
-	     int enc)
-    {
-    DES_LONG tin0,tin1;
-    DES_LONG tout0,tout1,xor0,xor1,m0,m1;
-    long l=length;
-    DES_LONG tin[2];
-    unsigned char *iv1,*iv2;
-
-    iv1 = &(*ivec1)[0];
-    iv2 = &(*ivec2)[0];
-
-    if (enc)
-	{
-	c2l(iv1,m0);
-	c2l(iv1,m1);
-	c2l(iv2,tout0);
-	c2l(iv2,tout1);
-	for (l-=8; l>=-7; l-=8)
-	    {
-	    tin[0]=m0;
-	    tin[1]=m1;
-	    DES_encrypt1(tin,ks3,1);
-	    m0=tin[0];
-	    m1=tin[1];
-
-	    if(l < 0)
-		{
-		c2ln(in,tin0,tin1,l+8);
-		}
-	    else
-		{
-		c2l(in,tin0);
-		c2l(in,tin1);
-		}
-	    tin0^=tout0;
-	    tin1^=tout1;
-
-	    tin[0]=tin0;
-	    tin[1]=tin1;
-	    DES_encrypt1(tin,ks1,1);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks2,0);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks1,1);
-	    tout0=tin[0];
-	    tout1=tin[1];
-
-	    l2c(tout0,out);
-	    l2c(tout1,out);
-	    }
-	iv1=&(*ivec1)[0];
-	l2c(m0,iv1);
-	l2c(m1,iv1);
-
-	iv2=&(*ivec2)[0];
-	l2c(tout0,iv2);
-	l2c(tout1,iv2);
-	}
-    else
-	{
-	DES_LONG t0,t1;
-
-	c2l(iv1,m0);
-	c2l(iv1,m1);
-	c2l(iv2,xor0);
-	c2l(iv2,xor1);
-	for (l-=8; l>=-7; l-=8)
-	    {
-	    tin[0]=m0;
-	    tin[1]=m1;
-	    DES_encrypt1(tin,ks3,1);
-	    m0=tin[0];
-	    m1=tin[1];
-
-	    c2l(in,tin0);
-	    c2l(in,tin1);
-
-	    t0=tin0;
-	    t1=tin1;
-
-	    tin[0]=tin0;
-	    tin[1]=tin1;
-	    DES_encrypt1(tin,ks1,0);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks2,1);
-	    tin[0]^=m0;
-	    tin[1]^=m1;
-	    DES_encrypt1(tin,ks1,0);
-	    tout0=tin[0];
-	    tout1=tin[1];
-
-	    tout0^=xor0;
-	    tout1^=xor1;
-	    if(l < 0)
-		{
-		l2cn(tout0,tout1,out,l+8);
-		}
-	    else
-		{
-		l2c(tout0,out);
-		l2c(tout1,out);
-		}
-	    xor0=t0;
-	    xor1=t1;
-	    }
-
-	iv1=&(*ivec1)[0];
-	l2c(m0,iv1);
-	l2c(m1,iv1);
-
-	iv2=&(*ivec2)[0];
-	l2c(xor0,iv2);
-	l2c(xor1,iv2);
-	}
-    tin0=tin1=tout0=tout1=xor0=xor1=0;
-    tin[0]=tin[1]=0;
-    }
-#endif
diff --git a/lib/libssl/src/crypto/des/enc_read.c b/lib/libssl/src/crypto/des/enc_read.c
deleted file mode 100644
index f5659150d3c..00000000000
--- a/lib/libssl/src/crypto/des/enc_read.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* $OpenBSD: enc_read.c,v 1.15 2015/02/12 03:54:07 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include "des_locl.h"
-
-/* This has some uglies in it but it works - even over sockets. */
-/*extern int errno;*/
-int DES_rw_mode = DES_PCBC_MODE;
-
-/*
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- *
- *  -  This function uses an internal state and thus cannot be
- *     used on multiple files.
- */
-
-
-int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-		 DES_cblock *iv)
-	{
-	/* data to be unencrypted */
-	int net_num=0;
-	static unsigned char *net=NULL;
-	/* extra unencrypted data 
-	 * for when a block of 100 comes in but is des_read one byte at
-	 * a time. */
-	static unsigned char *unnet=NULL;
-	static int unnet_start=0;
-	static int unnet_left=0;
-	static unsigned char *tmpbuf=NULL;
-	int i;
-	long num=0,rnum;
-	unsigned char *p;
-
-	if (tmpbuf == NULL)
-		{
-		tmpbuf=malloc(BSIZE);
-		if (tmpbuf == NULL) return(-1);
-		}
-	if (net == NULL)
-		{
-		net=malloc(BSIZE);
-		if (net == NULL) return(-1);
-		}
-	if (unnet == NULL)
-		{
-		unnet=malloc(BSIZE);
-		if (unnet == NULL) return(-1);
-		}
-	/* left over data from last decrypt */
-	if (unnet_left != 0)
-		{
-		if (unnet_left < len)
-			{
-			/* we still still need more data but will return
-			 * with the number of bytes we have - should always
-			 * check the return value */
-			memcpy(buf,&(unnet[unnet_start]),
-			       unnet_left);
-			/* eay 26/08/92 I had the next 2 lines
-			 * reversed :-( */
-			i=unnet_left;
-			unnet_start=unnet_left=0;
-			}
-		else
-			{
-			memcpy(buf,&(unnet[unnet_start]),len);
-			unnet_start+=len;
-			unnet_left-=len;
-			i=len;
-			}
-		return(i);
-		}
-
-	/* We need to get more data. */
-	if (len > MAXWRITE) len=MAXWRITE;
-
-	/* first - get the length */
-	while (net_num < HDRSIZE) 
-		{
-		i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num);
-#ifdef EINTR
-		if ((i == -1) && (errno == EINTR)) continue;
-#endif
-		if (i <= 0) return(0);
-		net_num+=i;
-		}
-
-	/* we now have at net_num bytes in net */
-	p=net;
-	/* num=0;  */
-	n2l(p,num);
-	/* num should be rounded up to the next group of eight
-	 * we make sure that we have read a multiple of 8 bytes from the net.
-	 */
-	if ((num > MAXWRITE) || (num < 0)) /* error */
-		return(-1);
-	rnum=(num < 8)?8:((num+7)/8*8);
-
-	net_num=0;
-	while (net_num < rnum)
-		{
-		i=read(fd,(void *)&(net[net_num]),rnum-net_num);
-#ifdef EINTR
-		if ((i == -1) && (errno == EINTR)) continue;
-#endif
-		if (i <= 0) return(0);
-		net_num+=i;
-		}
-
-	/* Check if there will be data left over. */
-	if (len < num)
-		{
-		if (DES_rw_mode & DES_PCBC_MODE)
-			DES_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
-		else
-			DES_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT);
-		memcpy(buf,unnet,len);
-		unnet_start=len;
-		unnet_left=num-len;
-
-		/* The following line is done because we return num
-		 * as the number of bytes read. */
-		num=len;
-		}
-	else
-		{
-		/* >output is a multiple of 8 byes, if len < rnum
-		 * >we must be careful.  The user must be aware that this
-		 * >routine will write more bytes than he asked for.
-		 * >The length of the buffer must be correct.
-		 * FIXED - Should be ok now 18-9-90 - eay */
-		if (len < rnum)
-			{
-
-			if (DES_rw_mode & DES_PCBC_MODE)
-				DES_pcbc_encrypt(net,tmpbuf,num,sched,iv,
-						 DES_DECRYPT);
-			else
-				DES_cbc_encrypt(net,tmpbuf,num,sched,iv,
-						DES_DECRYPT);
-
-			/* eay 26/08/92 fix a bug that returned more
-			 * bytes than you asked for (returned len bytes :-( */
-			memcpy(buf,tmpbuf,num);
-			}
-		else
-			{
-			if (DES_rw_mode & DES_PCBC_MODE)
-				DES_pcbc_encrypt(net,buf,num,sched,iv,
-						 DES_DECRYPT);
-			else
-				DES_cbc_encrypt(net,buf,num,sched,iv,
-						DES_DECRYPT);
-			}
-		}
-	return num;
-	}
-
diff --git a/lib/libssl/src/crypto/des/enc_writ.c b/lib/libssl/src/crypto/des/enc_writ.c
deleted file mode 100644
index 59f3878de92..00000000000
--- a/lib/libssl/src/crypto/des/enc_writ.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* $OpenBSD: enc_writ.c,v 1.14 2015/02/12 03:54:07 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#include "des_locl.h"
-
-/*
- * WARNINGS:
- *
- *  -  The data format used by DES_enc_write() and DES_enc_read()
- *     has a cryptographic weakness: When asked to write more
- *     than MAXWRITE bytes, DES_enc_write will split the data
- *     into several chunks that are all encrypted
- *     using the same IV.  So don't use these functions unless you
- *     are sure you know what you do (in which case you might
- *     not want to use them anyway).
- *
- *  -  This code cannot handle non-blocking sockets.
- */
-
-int DES_enc_write(int fd, const void *_buf, int len,
-		  DES_key_schedule *sched, DES_cblock *iv)
-	{
-#ifdef _LIBC
-	extern unsigned long time();
-	extern int write();
-#endif
-	const unsigned char *buf=_buf;
-	long rnum;
-	int i,j,k,outnum;
-	static unsigned char *outbuf=NULL;
-	unsigned char shortbuf[8];
-	unsigned char *p;
-	const unsigned char *cp;
-	static int start=1;
-
-	if (outbuf == NULL)
-		{
-		outbuf=malloc(BSIZE+HDRSIZE);
-		if (outbuf == NULL) return(-1);
-		}
-	/* If we are sending less than 8 bytes, the same char will look
-	 * the same if we don't pad it out with random bytes */
-	if (start)
-		{
-		start=0;
-		}
-
-	/* lets recurse if we want to send the data in small chunks */
-	if (len > MAXWRITE)
-		{
-		j=0;
-		for (i=0; i<len; i+=k)
-			{
-			k=DES_enc_write(fd,&(buf[i]),
-				((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
-			if (k < 0)
-				return(k);
-			else
-				j+=k;
-			}
-		return(j);
-		}
-
-	/* write length first */
-	p=outbuf;
-	l2n(len,p);
-
-	/* pad short strings */
-	if (len < 8)
-		{
-		cp=shortbuf;
-		memcpy(shortbuf,buf,len);
-		arc4random_buf(shortbuf+len, 8-len);
-		rnum=8;
-		}
-	else
-		{
-		cp=buf;
-		rnum=((len+7)/8*8); /* round up to nearest eight */
-		}
-
-	if (DES_rw_mode & DES_PCBC_MODE)
-		DES_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
-				 DES_ENCRYPT); 
-	else
-		DES_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv,
-				DES_ENCRYPT); 
-
-	/* output */
-	outnum=rnum+HDRSIZE;
-
-	for (j=0; j<outnum; j+=i)
-		{
-		/* eay 26/08/92 I was not doing writing from where we
-		 * got up to. */
-		i=write(fd,(void *)&(outbuf[j]),outnum-j);
-		if (i == -1)
-			{
-#ifdef EINTR
-			if (errno == EINTR)
-				i=0;
-			else
-#endif
-			        /* This is really a bad error - very bad
-				 * It will stuff-up both ends. */
-				return(-1);
-			}
-		}
-
-	return(len);
-	}
diff --git a/lib/libssl/src/crypto/des/fcrypt.c b/lib/libssl/src/crypto/des/fcrypt.c
deleted file mode 100644
index e2675fa4511..00000000000
--- a/lib/libssl/src/crypto/des/fcrypt.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: fcrypt.c,v 1.11 2014/06/12 15:49:28 deraadt Exp $ */
-
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * Eric Young (eay@cryptsoft.com)
- */
-
-/* Modification by Jens Kupferschmidt (Cu)
- * I have included directive PARA for shared memory computers.
- * I have included a directive LONGCRYPT to using this routine to cipher
- * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
- * definition is the maximum of length of password and can changed. I have
- * defined 24.
- */
-
-#include "des_locl.h"
-
-/* Added more values to handle illegal salt values the way normal
- * crypt() implementations do.  The patch was sent by 
- * Bjorn Gronvall <bg@sics.se>
- */
-static unsigned const char con_salt[128]={
-0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
-0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
-0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
-0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
-0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
-0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
-0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
-0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
-0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
-0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
-0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
-0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
-0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
-0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
-0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
-0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
-};
-
-static unsigned const char cov_2char[64]={
-0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
-0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
-0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
-0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
-0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
-0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
-0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
-0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
-};
-
-char *DES_crypt(const char *buf, const char *salt)
-	{
-	static char buff[14];
-
-	return(DES_fcrypt(buf,salt,buff));
-	}
-
-
-char *DES_fcrypt(const char *buf, const char *salt, char *ret)
-	{
-	unsigned int i,j,x,y;
-	DES_LONG Eswap0,Eswap1;
-	DES_LONG out[2],ll;
-	DES_cblock key;
-	DES_key_schedule ks;
-	unsigned char bb[9];
-	unsigned char *b=bb;
-	unsigned char c,u;
-
-	/* eay 25/08/92
-	 * If you call crypt("pwd","*") as often happens when you
-	 * have * as the pwd field in /etc/passwd, the function
-	 * returns *\0xxxxxxxxx
-	 * The \0 makes the string look like * so the pwd "*" would
-	 * crypt to "*".  This was found when replacing the crypt in
-	 * our shared libraries.  People found that the disabled
-	 * accounts effectively had no passwd :-(. */
-	x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
-	Eswap0=con_salt[x]<<2;
-	x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
-	Eswap1=con_salt[x]<<6;
-/* EAY
-r=strlen(buf);
-r=(r+7)/8;
-*/
-	for (i=0; i<8; i++)
-		{
-		c= *(buf++);
-		if (!c) break;
-		key[i]=(c<<1);
-		}
-	for (; i<8; i++)
-		key[i]=0;
-
-	DES_set_key_unchecked(&key,&ks);
-	fcrypt_body(&(out[0]),&ks,Eswap0,Eswap1);
-
-	ll=out[0]; l2c(ll,b);
-	ll=out[1]; l2c(ll,b);
-	y=0;
-	u=0x80;
-	bb[8]=0;
-	for (i=2; i<13; i++)
-		{
-		c=0;
-		for (j=0; j<6; j++)
-			{
-			c<<=1;
-			if (bb[y] & u) c|=1;
-			u>>=1;
-			if (!u)
-				{
-				y++;
-				u=0x80;
-				}
-			}
-		ret[i]=cov_2char[c];
-		}
-	ret[13]='\0';
-	return(ret);
-	}
-
diff --git a/lib/libssl/src/crypto/des/fcrypt_b.c b/lib/libssl/src/crypto/des/fcrypt_b.c
deleted file mode 100644
index ad11a47d881..00000000000
--- a/lib/libssl/src/crypto/des/fcrypt_b.c
+++ /dev/null
@@ -1,146 +0,0 @@
-/* $OpenBSD: fcrypt_b.c,v 1.9 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-/* This version of crypt has been developed from my MIT compatible
- * DES library.
- * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
- * Eric Young (eay@cryptsoft.com)
- */
-
-#define DES_FCRYPT
-#include "des_locl.h"
-#undef DES_FCRYPT
-
-#ifndef OPENBSD_DES_ASM
-
-#undef PERM_OP
-#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
-	(b)^=(t),\
-	(a)^=((t)<<(n)))
-
-#undef HPERM_OP
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-	(a)=(a)^(t)^(t>>(16-(n))))\
-
-void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
-		 DES_LONG Eswap1)
-	{
-	DES_LONG l,r,t,u;
-#ifdef DES_PTR
-	const unsigned char *des_SP=(const unsigned char *)DES_SPtrans;
-#endif
-	DES_LONG *s;
-	int j;
-	DES_LONG E0,E1;
-
-	l=0;
-	r=0;
-
-	s=(DES_LONG *)ks;
-	E0=Eswap0;
-	E1=Eswap1;
-
-	for (j=0; j<25; j++)
-		{
-#ifndef DES_UNROLL
-		int i;
-
-		for (i=0; i<32; i+=4)
-			{
-			D_ENCRYPT(l,r,i+0); /*  1 */
-			D_ENCRYPT(r,l,i+2); /*  2 */
-			}
-#else
-		D_ENCRYPT(l,r, 0); /*  1 */
-		D_ENCRYPT(r,l, 2); /*  2 */
-		D_ENCRYPT(l,r, 4); /*  3 */
-		D_ENCRYPT(r,l, 6); /*  4 */
-		D_ENCRYPT(l,r, 8); /*  5 */
-		D_ENCRYPT(r,l,10); /*  6 */
-		D_ENCRYPT(l,r,12); /*  7 */
-		D_ENCRYPT(r,l,14); /*  8 */
-		D_ENCRYPT(l,r,16); /*  9 */
-		D_ENCRYPT(r,l,18); /*  10 */
-		D_ENCRYPT(l,r,20); /*  11 */
-		D_ENCRYPT(r,l,22); /*  12 */
-		D_ENCRYPT(l,r,24); /*  13 */
-		D_ENCRYPT(r,l,26); /*  14 */
-		D_ENCRYPT(l,r,28); /*  15 */
-		D_ENCRYPT(r,l,30); /*  16 */
-#endif
-
-		t=l;
-		l=r;
-		r=t;
-		}
-	l=ROTATE(l,3)&0xffffffffL;
-	r=ROTATE(r,3)&0xffffffffL;
-
-	PERM_OP(l,r,t, 1,0x55555555L);
-	PERM_OP(r,l,t, 8,0x00ff00ffL);
-	PERM_OP(l,r,t, 2,0x33333333L);
-	PERM_OP(r,l,t,16,0x0000ffffL);
-	PERM_OP(l,r,t, 4,0x0f0f0f0fL);
-
-	out[0]=r;
-	out[1]=l;
-	}
-
-#endif /* OPENBSD_DES_ASM */
diff --git a/lib/libssl/src/crypto/des/ncbc_enc.c b/lib/libssl/src/crypto/des/ncbc_enc.c
deleted file mode 100644
index 212796237d5..00000000000
--- a/lib/libssl/src/crypto/des/ncbc_enc.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* $OpenBSD: ncbc_enc.c,v 1.7 2014/10/28 07:35:58 jsg Exp $ */
-/*
- * #included by:
- *    cbc_enc.c  (DES_cbc_encrypt)
- *    des_enc.c  (DES_ncbc_encrypt)
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-#ifdef CBC_ENC_C__DONT_UPDATE_IV
-void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-#else
-void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-		     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
-#endif
-	{
-	DES_LONG tin0,tin1;
-	DES_LONG tout0,tout1,xor0,xor1;
-	long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0; tin[0]=tin0;
-			tin1^=tout1; tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0; tin[0]=tin0;
-			tin1^=tout1; tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_ENCRYPT);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-#endif
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			DES_encrypt1((DES_LONG *)tin,_schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-#ifndef CBC_ENC_C__DONT_UPDATE_IV
-			xor0=tin0;
-			xor1=tin1;
-#endif
-			}
-#ifndef CBC_ENC_C__DONT_UPDATE_IV 
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-#endif
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
diff --git a/lib/libssl/src/crypto/des/ofb64ede.c b/lib/libssl/src/crypto/des/ofb64ede.c
deleted file mode 100644
index 474d38caaf7..00000000000
--- a/lib/libssl/src/crypto/des/ofb64ede.c
+++ /dev/null
@@ -1,114 +0,0 @@
-/* $OpenBSD: ofb64ede.c,v 1.6 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void DES_ede3_ofb64_encrypt(const unsigned char *in,
-			    unsigned char *out, long length,
-			    DES_key_schedule *k1, DES_key_schedule *k2,
-			    DES_key_schedule *k3, DES_cblock *ivec,
-			    int *num)
-	{
-	DES_LONG v0,v1;
-	int n= *num;
-	long l=length;
-	DES_cblock d;
-	char *dp;
-	DES_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			/* ti[0]=v0; */
-			/* ti[1]=v1; */
-			DES_encrypt3(ti,k1,k2,k3);
-			v0=ti[0];
-			v1=ti[1];
-
-			dp=(char *)d;
-			l2c(v0,dp);
-			l2c(v1,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		iv = &(*ivec)[0];
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
diff --git a/lib/libssl/src/crypto/des/ofb64enc.c b/lib/libssl/src/crypto/des/ofb64enc.c
deleted file mode 100644
index de1a26b99f7..00000000000
--- a/lib/libssl/src/crypto/des/ofb64enc.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: ofb64enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void DES_ofb64_encrypt(const unsigned char *in,
-		       unsigned char *out, long length,
-		       DES_key_schedule *schedule, DES_cblock *ivec, int *num)
-	{
-	DES_LONG v0,v1,t;
-	int n= *num;
-	long l=length;
-	DES_cblock d;
-	unsigned char *dp;
-	DES_LONG ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			DES_encrypt1(ti,schedule,DES_ENCRYPT);
-			dp=d;
-			t=ti[0]; l2c(t,dp);
-			t=ti[1]; l2c(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv = &(*ivec)[0];
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/des/ofb_enc.c b/lib/libssl/src/crypto/des/ofb_enc.c
deleted file mode 100644
index 8cc5bbcb1ea..00000000000
--- a/lib/libssl/src/crypto/des/ofb_enc.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* $OpenBSD: ofb_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* The input and output are loaded in multiples of 8 bits.
- * What this means is that if you hame numbits=12 and length=2
- * the first 12 bits will be retrieved from the first byte and half
- * the second.  The second 12 bits will come from the 3rd and half the 4th
- * byte.
- */
-void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
-		     long length, DES_key_schedule *schedule,
-		     DES_cblock *ivec)
-	{
-	DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
-	DES_LONG mask0,mask1;
-	long l=length;
-	int num=numbits;
-	DES_LONG ti[2];
-	unsigned char *iv;
-
-	if (num > 64) return;
-	if (num > 32)
-		{
-		mask0=0xffffffffL;
-		if (num >= 64)
-			mask1=mask0;
-		else
-			mask1=(1L<<(num-32))-1;
-		}
-	else
-		{
-		if (num == 32)
-			mask0=0xffffffffL;
-		else
-			mask0=(1L<<num)-1;
-		mask1=0x00000000L;
-		}
-
-	iv = &(*ivec)[0];
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	while (l-- > 0)
-		{
-		ti[0]=v0;
-		ti[1]=v1;
-		DES_encrypt1((DES_LONG *)ti,schedule,DES_ENCRYPT);
-		vv0=ti[0];
-		vv1=ti[1];
-		c2ln(in,d0,d1,n);
-		in+=n;
-		d0=(d0^vv0)&mask0;
-		d1=(d1^vv1)&mask1;
-		l2cn(d0,d1,out,n);
-		out+=n;
-
-		if (num == 32)
-			{ v0=v1; v1=vv0; }
-		else if (num == 64)
-				{ v0=vv0; v1=vv1; }
-		else if (num > 32) /* && num != 64 */
-			{
-			v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
-			v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
-			}
-		else /* num < 32 */
-			{
-			v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
-			v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
-			}
-		}
-	iv = &(*ivec)[0];
-	l2c(v0,iv);
-	l2c(v1,iv);
-	v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
-	}
-
diff --git a/lib/libssl/src/crypto/des/pcbc_enc.c b/lib/libssl/src/crypto/des/pcbc_enc.c
deleted file mode 100644
index fda18ba83d8..00000000000
--- a/lib/libssl/src/crypto/des/pcbc_enc.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* $OpenBSD: pcbc_enc.c,v 1.6 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-		      long length, DES_key_schedule *schedule,
-		      DES_cblock *ivec, int enc)
-	{
-	DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
-	DES_LONG tin[2];
-	const unsigned char *in;
-	unsigned char *out,*iv;
-
-	in=input;
-	out=output;
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (; length>0; length-=8)
-			{
-			if (length >= 8)
-				{
-				c2l(in,sin0);
-				c2l(in,sin1);
-				}
-			else
-				c2ln(in,sin0,sin1,length);
-			tin[0]=sin0^xor0;
-			tin[1]=sin1^xor1;
-			DES_encrypt1((DES_LONG *)tin,schedule,DES_ENCRYPT);
-			tout0=tin[0];
-			tout1=tin[1];
-			xor0=sin0^tout0;
-			xor1=sin1^tout1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			}
-		}
-	else
-		{
-		c2l(iv,xor0); c2l(iv,xor1);
-		for (; length>0; length-=8)
-			{
-			c2l(in,sin0);
-			c2l(in,sin1);
-			tin[0]=sin0;
-			tin[1]=sin1;
-			DES_encrypt1((DES_LONG *)tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			if (length >= 8)
-				{
-				l2c(tout0,out);
-				l2c(tout1,out);
-				}
-			else
-				l2cn(tout0,tout1,out,length);
-			xor0=tout0^sin0;
-			xor1=tout1^sin1;
-			}
-		}
-	tin[0]=tin[1]=0;
-	sin0=sin1=xor0=xor1=tout0=tout1=0;
-	}
diff --git a/lib/libssl/src/crypto/des/qud_cksm.c b/lib/libssl/src/crypto/des/qud_cksm.c
deleted file mode 100644
index e2409d8ba49..00000000000
--- a/lib/libssl/src/crypto/des/qud_cksm.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: qud_cksm.c,v 1.7 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* From "Message Authentication"  R.R. Jueneman, S.M. Matyas, C.H. Meyer
- * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
- * This module in only based on the code in this paper and is
- * almost definitely not the same as the MIT implementation.
- */
-#include "des_locl.h"
-
-/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
-#define Q_B0(a)	(((DES_LONG)(a)))
-#define Q_B1(a)	(((DES_LONG)(a))<<8)
-#define Q_B2(a)	(((DES_LONG)(a))<<16)
-#define Q_B3(a)	(((DES_LONG)(a))<<24)
-
-/* used to scramble things a bit */
-/* Got the value MIT uses via brute force :-) 2/10/90 eay */
-#define NOISE	((DES_LONG)83653421L)
-
-DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-	     long length, int out_count, DES_cblock *seed)
-	{
-	DES_LONG z0,z1,t0,t1;
-	int i;
-	long l;
-	const unsigned char *cp;
-	DES_LONG *lp;
-
-	if (out_count < 1) out_count=1;
-	lp = (DES_LONG *) &(output[0])[0];
-
-	z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
-	z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
-
-	for (i=0; ((i<4)&&(i<out_count)); i++)
-		{
-		cp=input;
-		l=length;
-		while (l > 0)
-			{
-			if (l > 1)
-				{
-				t0= (DES_LONG)(*(cp++));
-				t0|=(DES_LONG)Q_B1(*(cp++));
-				l--;
-				}
-			else
-				t0= (DES_LONG)(*(cp++));
-			l--;
-			/* add */
-			t0+=z0;
-			t0&=0xffffffffL;
-			t1=z1;
-			/* square, well sort of square */
-			z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
-				&0xffffffffL)%0x7fffffffL; 
-			z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
-			}
-		if (lp != NULL)
-			{
-			/* The MIT library assumes that the checksum is
-			 * composed of 2*out_count 32 bit ints */
-			*lp++ = z0;
-			*lp++ = z1;
-			}
-		}
-	return(z0);
-	}
-
diff --git a/lib/libssl/src/crypto/des/rand_key.c b/lib/libssl/src/crypto/des/rand_key.c
deleted file mode 100644
index 7abb811df4e..00000000000
--- a/lib/libssl/src/crypto/des/rand_key.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* $OpenBSD: rand_key.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdlib.h>
-
-#include <openssl/des.h>
-
-int
-DES_random_key(DES_cblock *ret)
-{
-	do {
-		arc4random_buf(ret, sizeof(DES_cblock));
-		DES_set_odd_parity(ret);
-	} while (DES_is_weak_key(ret));
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/des/set_key.c b/lib/libssl/src/crypto/des/set_key.c
deleted file mode 100644
index 59d6893a800..00000000000
--- a/lib/libssl/src/crypto/des/set_key.c
+++ /dev/null
@@ -1,400 +0,0 @@
-/* $OpenBSD: set_key.c,v 1.19 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* set_key.c v 1.4 eay 24/9/91
- * 1.4 Speed up by 400% :-)
- * 1.3 added register declarations.
- * 1.2 unrolled make_key_sched a bit more
- * 1.1 added norm_expand_bits
- * 1.0 First working version
- */
-#include <openssl/crypto.h>
-#include "des_locl.h"
-
-int DES_check_key = 0;	/* defaults to false */
-
-static const unsigned char odd_parity[256]={
-  1,  1,  2,  2,  4,  4,  7,  7,  8,  8, 11, 11, 13, 13, 14, 14,
- 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
- 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
- 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
- 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
- 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
- 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
-112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
-128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
-145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
-161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
-176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
-193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
-208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
-224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
-241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
-
-void DES_set_odd_parity(DES_cblock *key)
-	{
-	unsigned int i;
-
-	for (i=0; i<DES_KEY_SZ; i++)
-		(*key)[i]=odd_parity[(*key)[i]];
-	}
-
-int DES_check_key_parity(const_DES_cblock *key)
-	{
-	unsigned int i;
-
-	for (i=0; i<DES_KEY_SZ; i++)
-		{
-		if ((*key)[i] != odd_parity[(*key)[i]])
-			return(0);
-		}
-	return(1);
-	}
-
-/* Weak and semi week keys as take from
- * %A D.W. Davies
- * %A W.L. Price
- * %T Security for Computer Networks
- * %I John Wiley & Sons
- * %D 1984
- * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
- * (and actual cblock values).
- */
-#define NUM_WEAK_KEY	16
-static const DES_cblock weak_keys[NUM_WEAK_KEY]={
-	/* weak keys */
-	{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
-	{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
-	{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
-	{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
-	/* semi-weak keys */
-	{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
-	{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
-	{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
-	{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
-	{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
-	{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
-	{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
-	{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
-	{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
-	{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
-	{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
-	{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
-
-int
-DES_is_weak_key(const_DES_cblock *key)
-{
-	unsigned int i;
-
-	for (i = 0; i < NUM_WEAK_KEY; i++)
-		if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
-			return 1;
-	return 0;
-}
-
-/* NOW DEFINED IN des_local.h
- * See ecb_encrypt.c for a pseudo description of these macros. 
- * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
- * 	(b)^=(t),\
- * 	(a)=((a)^((t)<<(n))))
- */
-
-#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
-	(a)=(a)^(t)^(t>>(16-(n))))
-
-static const DES_LONG des_skb[8][64]={
-	{
-	/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-	0x00000000L,0x00000010L,0x20000000L,0x20000010L,
-	0x00010000L,0x00010010L,0x20010000L,0x20010010L,
-	0x00000800L,0x00000810L,0x20000800L,0x20000810L,
-	0x00010800L,0x00010810L,0x20010800L,0x20010810L,
-	0x00000020L,0x00000030L,0x20000020L,0x20000030L,
-	0x00010020L,0x00010030L,0x20010020L,0x20010030L,
-	0x00000820L,0x00000830L,0x20000820L,0x20000830L,
-	0x00010820L,0x00010830L,0x20010820L,0x20010830L,
-	0x00080000L,0x00080010L,0x20080000L,0x20080010L,
-	0x00090000L,0x00090010L,0x20090000L,0x20090010L,
-	0x00080800L,0x00080810L,0x20080800L,0x20080810L,
-	0x00090800L,0x00090810L,0x20090800L,0x20090810L,
-	0x00080020L,0x00080030L,0x20080020L,0x20080030L,
-	0x00090020L,0x00090030L,0x20090020L,0x20090030L,
-	0x00080820L,0x00080830L,0x20080820L,0x20080830L,
-	0x00090820L,0x00090830L,0x20090820L,0x20090830L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
-	0x00000000L,0x02000000L,0x00002000L,0x02002000L,
-	0x00200000L,0x02200000L,0x00202000L,0x02202000L,
-	0x00000004L,0x02000004L,0x00002004L,0x02002004L,
-	0x00200004L,0x02200004L,0x00202004L,0x02202004L,
-	0x00000400L,0x02000400L,0x00002400L,0x02002400L,
-	0x00200400L,0x02200400L,0x00202400L,0x02202400L,
-	0x00000404L,0x02000404L,0x00002404L,0x02002404L,
-	0x00200404L,0x02200404L,0x00202404L,0x02202404L,
-	0x10000000L,0x12000000L,0x10002000L,0x12002000L,
-	0x10200000L,0x12200000L,0x10202000L,0x12202000L,
-	0x10000004L,0x12000004L,0x10002004L,0x12002004L,
-	0x10200004L,0x12200004L,0x10202004L,0x12202004L,
-	0x10000400L,0x12000400L,0x10002400L,0x12002400L,
-	0x10200400L,0x12200400L,0x10202400L,0x12202400L,
-	0x10000404L,0x12000404L,0x10002404L,0x12002404L,
-	0x10200404L,0x12200404L,0x10202404L,0x12202404L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
-	0x00000000L,0x00000001L,0x00040000L,0x00040001L,
-	0x01000000L,0x01000001L,0x01040000L,0x01040001L,
-	0x00000002L,0x00000003L,0x00040002L,0x00040003L,
-	0x01000002L,0x01000003L,0x01040002L,0x01040003L,
-	0x00000200L,0x00000201L,0x00040200L,0x00040201L,
-	0x01000200L,0x01000201L,0x01040200L,0x01040201L,
-	0x00000202L,0x00000203L,0x00040202L,0x00040203L,
-	0x01000202L,0x01000203L,0x01040202L,0x01040203L,
-	0x08000000L,0x08000001L,0x08040000L,0x08040001L,
-	0x09000000L,0x09000001L,0x09040000L,0x09040001L,
-	0x08000002L,0x08000003L,0x08040002L,0x08040003L,
-	0x09000002L,0x09000003L,0x09040002L,0x09040003L,
-	0x08000200L,0x08000201L,0x08040200L,0x08040201L,
-	0x09000200L,0x09000201L,0x09040200L,0x09040201L,
-	0x08000202L,0x08000203L,0x08040202L,0x08040203L,
-	0x09000202L,0x09000203L,0x09040202L,0x09040203L,
-	},{
-	/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
-	0x00000000L,0x00100000L,0x00000100L,0x00100100L,
-	0x00000008L,0x00100008L,0x00000108L,0x00100108L,
-	0x00001000L,0x00101000L,0x00001100L,0x00101100L,
-	0x00001008L,0x00101008L,0x00001108L,0x00101108L,
-	0x04000000L,0x04100000L,0x04000100L,0x04100100L,
-	0x04000008L,0x04100008L,0x04000108L,0x04100108L,
-	0x04001000L,0x04101000L,0x04001100L,0x04101100L,
-	0x04001008L,0x04101008L,0x04001108L,0x04101108L,
-	0x00020000L,0x00120000L,0x00020100L,0x00120100L,
-	0x00020008L,0x00120008L,0x00020108L,0x00120108L,
-	0x00021000L,0x00121000L,0x00021100L,0x00121100L,
-	0x00021008L,0x00121008L,0x00021108L,0x00121108L,
-	0x04020000L,0x04120000L,0x04020100L,0x04120100L,
-	0x04020008L,0x04120008L,0x04020108L,0x04120108L,
-	0x04021000L,0x04121000L,0x04021100L,0x04121100L,
-	0x04021008L,0x04121008L,0x04021108L,0x04121108L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
-	0x00000000L,0x10000000L,0x00010000L,0x10010000L,
-	0x00000004L,0x10000004L,0x00010004L,0x10010004L,
-	0x20000000L,0x30000000L,0x20010000L,0x30010000L,
-	0x20000004L,0x30000004L,0x20010004L,0x30010004L,
-	0x00100000L,0x10100000L,0x00110000L,0x10110000L,
-	0x00100004L,0x10100004L,0x00110004L,0x10110004L,
-	0x20100000L,0x30100000L,0x20110000L,0x30110000L,
-	0x20100004L,0x30100004L,0x20110004L,0x30110004L,
-	0x00001000L,0x10001000L,0x00011000L,0x10011000L,
-	0x00001004L,0x10001004L,0x00011004L,0x10011004L,
-	0x20001000L,0x30001000L,0x20011000L,0x30011000L,
-	0x20001004L,0x30001004L,0x20011004L,0x30011004L,
-	0x00101000L,0x10101000L,0x00111000L,0x10111000L,
-	0x00101004L,0x10101004L,0x00111004L,0x10111004L,
-	0x20101000L,0x30101000L,0x20111000L,0x30111000L,
-	0x20101004L,0x30101004L,0x20111004L,0x30111004L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
-	0x00000000L,0x08000000L,0x00000008L,0x08000008L,
-	0x00000400L,0x08000400L,0x00000408L,0x08000408L,
-	0x00020000L,0x08020000L,0x00020008L,0x08020008L,
-	0x00020400L,0x08020400L,0x00020408L,0x08020408L,
-	0x00000001L,0x08000001L,0x00000009L,0x08000009L,
-	0x00000401L,0x08000401L,0x00000409L,0x08000409L,
-	0x00020001L,0x08020001L,0x00020009L,0x08020009L,
-	0x00020401L,0x08020401L,0x00020409L,0x08020409L,
-	0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
-	0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
-	0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
-	0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
-	0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
-	0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
-	0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
-	0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
-	0x00000000L,0x00000100L,0x00080000L,0x00080100L,
-	0x01000000L,0x01000100L,0x01080000L,0x01080100L,
-	0x00000010L,0x00000110L,0x00080010L,0x00080110L,
-	0x01000010L,0x01000110L,0x01080010L,0x01080110L,
-	0x00200000L,0x00200100L,0x00280000L,0x00280100L,
-	0x01200000L,0x01200100L,0x01280000L,0x01280100L,
-	0x00200010L,0x00200110L,0x00280010L,0x00280110L,
-	0x01200010L,0x01200110L,0x01280010L,0x01280110L,
-	0x00000200L,0x00000300L,0x00080200L,0x00080300L,
-	0x01000200L,0x01000300L,0x01080200L,0x01080300L,
-	0x00000210L,0x00000310L,0x00080210L,0x00080310L,
-	0x01000210L,0x01000310L,0x01080210L,0x01080310L,
-	0x00200200L,0x00200300L,0x00280200L,0x00280300L,
-	0x01200200L,0x01200300L,0x01280200L,0x01280300L,
-	0x00200210L,0x00200310L,0x00280210L,0x00280310L,
-	0x01200210L,0x01200310L,0x01280210L,0x01280310L,
-	},{
-	/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
-	0x00000000L,0x04000000L,0x00040000L,0x04040000L,
-	0x00000002L,0x04000002L,0x00040002L,0x04040002L,
-	0x00002000L,0x04002000L,0x00042000L,0x04042000L,
-	0x00002002L,0x04002002L,0x00042002L,0x04042002L,
-	0x00000020L,0x04000020L,0x00040020L,0x04040020L,
-	0x00000022L,0x04000022L,0x00040022L,0x04040022L,
-	0x00002020L,0x04002020L,0x00042020L,0x04042020L,
-	0x00002022L,0x04002022L,0x00042022L,0x04042022L,
-	0x00000800L,0x04000800L,0x00040800L,0x04040800L,
-	0x00000802L,0x04000802L,0x00040802L,0x04040802L,
-	0x00002800L,0x04002800L,0x00042800L,0x04042800L,
-	0x00002802L,0x04002802L,0x00042802L,0x04042802L,
-	0x00000820L,0x04000820L,0x00040820L,0x04040820L,
-	0x00000822L,0x04000822L,0x00040822L,0x04040822L,
-	0x00002820L,0x04002820L,0x00042820L,0x04042820L,
-	0x00002822L,0x04002822L,0x00042822L,0x04042822L,
-	}};
-
-int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	if (DES_check_key)
-		{
-		return DES_set_key_checked(key, schedule);
-		}
-	else
-		{
-		DES_set_key_unchecked(key, schedule);
-		return 0;
-		}
-	}
-
-/* return 0 if key parity is odd (correct),
- * return -1 if key parity error,
- * return -2 if illegal weak key.
- */
-int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	if (!DES_check_key_parity(key))
-		return(-1);
-	if (DES_is_weak_key(key))
-		return(-2);
-	DES_set_key_unchecked(key, schedule);
-	return 0;
-	}
-
-void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	static const int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
-	DES_LONG c,d,t,s,t2;
-	const unsigned char *in;
-	DES_LONG *k;
-	int i;
-
-	k = &schedule->ks->deslong[0];
-	in = &(*key)[0];
-
-	c2l(in,c);
-	c2l(in,d);
-
-	/* do PC1 in 47 simple operations :-)
-	 * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
-	 * for the inspiration. :-) */
-	PERM_OP (d,c,t,4,0x0f0f0f0fL);
-	HPERM_OP(c,t,-2,0xcccc0000L);
-	HPERM_OP(d,t,-2,0xcccc0000L);
-	PERM_OP (d,c,t,1,0x55555555L);
-	PERM_OP (c,d,t,8,0x00ff00ffL);
-	PERM_OP (d,c,t,1,0x55555555L);
-	d=	(((d&0x000000ffL)<<16L)| (d&0x0000ff00L)     |
-		 ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
-	c&=0x0fffffffL;
-
-	for (i=0; i<ITERATIONS; i++)
-		{
-		if (shifts2[i])
-			{ c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
-		else
-			{ c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
-		c&=0x0fffffffL;
-		d&=0x0fffffffL;
-		/* could be a few less shifts but I am to lazy at this
-		 * point in time to investigate */
-		s=	des_skb[0][ (c    )&0x3f                ]|
-			des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]|
-			des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]|
-			des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) |
-						  ((c>>22L)&0x38)];
-		t=	des_skb[4][ (d    )&0x3f                ]|
-			des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
-			des_skb[6][ (d>>15L)&0x3f                ]|
-			des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
-
-		/* table contained 0213 4657 */
-		t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
-		*(k++)=ROTATE(t2,30)&0xffffffffL;
-
-		t2=((s>>16L)|(t&0xffff0000L));
-		*(k++)=ROTATE(t2,26)&0xffffffffL;
-		}
-	}
-
-int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
-	{
-	return(DES_set_key(key,schedule));
-	}
-/*
-#undef des_fixup_key_parity
-void des_fixup_key_parity(des_cblock *key)
-	{
-	des_set_odd_parity(key);
-	}
-*/
diff --git a/lib/libssl/src/crypto/des/spr.h b/lib/libssl/src/crypto/des/spr.h
deleted file mode 100644
index eec6beb9f70..00000000000
--- a/lib/libssl/src/crypto/des/spr.h
+++ /dev/null
@@ -1,204 +0,0 @@
-/* $OpenBSD: spr.h,v 1.5 2014/06/12 15:49:28 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-const DES_LONG DES_SPtrans[8][64]={
-{
-/* nibble 0 */
-0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
-0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
-0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
-0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
-0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
-0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
-0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
-0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
-0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
-0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
-0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
-0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
-0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
-0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
-0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
-0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
-},{
-/* nibble 1 */
-0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
-0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
-0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
-0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
-0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
-0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
-0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
-0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
-0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
-0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
-0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
-0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
-0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
-0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
-0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
-0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
-},{
-/* nibble 2 */
-0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
-0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
-0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
-0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
-0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
-0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
-0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
-0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
-0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
-0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
-0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
-0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
-0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
-0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
-0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
-},{
-/* nibble 3 */
-0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
-0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
-0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
-0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
-0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
-0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
-0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
-0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
-0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
-0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
-0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
-0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
-0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
-0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
-0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
-0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
-},{
-/* nibble 4 */
-0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
-0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
-0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
-0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
-0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
-0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
-0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
-0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
-0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
-0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
-0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
-0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
-0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
-0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
-0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
-},{
-/* nibble 5 */
-0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
-0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
-0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
-0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
-0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
-0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
-0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
-0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
-0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
-0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
-0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
-0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
-0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
-0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
-0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
-0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
-},{
-/* nibble 6 */
-0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
-0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
-0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
-0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
-0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
-0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
-0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
-0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
-0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
-0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
-0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
-0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
-0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
-0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
-0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
-0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
-},{
-/* nibble 7 */
-0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
-0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
-0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
-0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
-0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
-0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
-0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
-0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
-0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
-0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
-0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
-0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
-0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
-0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
-0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
-}};
diff --git a/lib/libssl/src/crypto/des/str2key.c b/lib/libssl/src/crypto/des/str2key.c
deleted file mode 100644
index ce17e2659b3..00000000000
--- a/lib/libssl/src/crypto/des/str2key.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* $OpenBSD: str2key.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include "des_locl.h"
-
-void DES_string_to_key(const char *str, DES_cblock *key)
-	{
-	DES_key_schedule ks;
-	int i,length;
-	unsigned char j;
-
-	memset(key,0,8);
-	length=strlen(str);
-#ifdef OLD_STR_TO_KEY
-	for (i=0; i<length; i++)
-		(*key)[i%8]^=(str[i]<<1);
-#else /* MIT COMPATIBLE */
-	for (i=0; i<length; i++)
-		{
-		j=str[i];
-		if ((i%16) < 8)
-			(*key)[i%8]^=(j<<1);
-		else
-			{
-			/* Reverse the bit order 05/05/92 eay */
-			j=((j<<4)&0xf0)|((j>>4)&0x0f);
-			j=((j<<2)&0xcc)|((j>>2)&0x33);
-			j=((j<<1)&0xaa)|((j>>1)&0x55);
-			(*key)[7-(i%8)]^=j;
-			}
-		}
-#endif
-	DES_set_odd_parity(key);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key))
-	    (*key)[7] ^= 0xF0;
-	DES_set_key(key,&ks);
-#else
-	DES_set_key_unchecked(key,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key);
-	explicit_bzero(&ks,sizeof(ks));
-	DES_set_odd_parity(key);
-	}
-
-void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
-	{
-	DES_key_schedule ks;
-	int i,length;
-	unsigned char j;
-
-	memset(key1,0,8);
-	memset(key2,0,8);
-	length=strlen(str);
-#ifdef OLD_STR_TO_KEY
-	if (length <= 8)
-		{
-		for (i=0; i<length; i++)
-			{
-			(*key2)[i]=(*key1)[i]=(str[i]<<1);
-			}
-		}
-	else
-		{
-		for (i=0; i<length; i++)
-			{
-			if ((i/8)&1)
-				(*key2)[i%8]^=(str[i]<<1);
-			else
-				(*key1)[i%8]^=(str[i]<<1);
-			}
-		}
-#else /* MIT COMPATIBLE */
-	for (i=0; i<length; i++)
-		{
-		j=str[i];
-		if ((i%32) < 16)
-			{
-			if ((i%16) < 8)
-				(*key1)[i%8]^=(j<<1);
-			else
-				(*key2)[i%8]^=(j<<1);
-			}
-		else
-			{
-			j=((j<<4)&0xf0)|((j>>4)&0x0f);
-			j=((j<<2)&0xcc)|((j>>2)&0x33);
-			j=((j<<1)&0xaa)|((j>>1)&0x55);
-			if ((i%16) < 8)
-				(*key1)[7-(i%8)]^=j;
-			else
-				(*key2)[7-(i%8)]^=j;
-			}
-		}
-	if (length <= 8) memcpy(key2,key1,8);
-#endif
-	DES_set_odd_parity(key1);
-	DES_set_odd_parity(key2);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key1))
-	    (*key1)[7] ^= 0xF0;
-	DES_set_key(key1,&ks);
-#else
-	DES_set_key_unchecked(key1,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key1,length,&ks,key1);
-#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
-	if(DES_is_weak_key(key2))
-	    (*key2)[7] ^= 0xF0;
-	DES_set_key(key2,&ks);
-#else
-	DES_set_key_unchecked(key2,&ks);
-#endif
-	DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2);
-	explicit_bzero(&ks,sizeof(ks));
-	DES_set_odd_parity(key1);
-	DES_set_odd_parity(key2);
-	}
diff --git a/lib/libssl/src/crypto/des/xcbc_enc.c b/lib/libssl/src/crypto/des/xcbc_enc.c
deleted file mode 100644
index 4f7a0701039..00000000000
--- a/lib/libssl/src/crypto/des/xcbc_enc.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/* $OpenBSD: xcbc_enc.c,v 1.9 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include "des_locl.h"
-
-/* RSA's DESX */
-
-void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
-		      long length, DES_key_schedule *schedule,
-		      DES_cblock *ivec, const_DES_cblock *inw,
-		      const_DES_cblock *outw, int enc)
-	{
-	DES_LONG tin0,tin1;
-	DES_LONG tout0,tout1,xor0,xor1;
-	DES_LONG inW0,inW1,outW0,outW1;
-	const unsigned char *in2;
-	long l=length;
-	DES_LONG tin[2];
-	unsigned char *iv;
-
-	in2 = &(*inw)[0];
-	c2l(in2,inW0);
-	c2l(in2,inW1);
-	in2 = &(*outw)[0];
-	c2l(in2,outW0);
-	c2l(in2,outW1);
-
-	iv = &(*ivec)[0];
-
-	if (enc)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0^inW0; tin[0]=tin0;
-			tin1^=tout1^inW1; tin[1]=tin1;
-			DES_encrypt1(tin,schedule,DES_ENCRYPT);
-			tout0=tin[0]^outW0; l2c(tout0,out);
-			tout1=tin[1]^outW1; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0^inW0; tin[0]=tin0;
-			tin1^=tout1^inW1; tin[1]=tin1;
-			DES_encrypt1(tin,schedule,DES_ENCRYPT);
-			tout0=tin[0]^outW0; l2c(tout0,out);
-			tout1=tin[1]^outW1; l2c(tout1,out);
-			}
-		iv = &(*ivec)[0];
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		for (l-=8; l>0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0^outW0;
-			c2l(in,tin1); tin[1]=tin1^outW1;
-			DES_encrypt1(tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0^inW0;
-			tout1=tin[1]^xor1^inW1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0^outW0;
-			c2l(in,tin1); tin[1]=tin1^outW1;
-			DES_encrypt1(tin,schedule,DES_DECRYPT);
-			tout0=tin[0]^xor0^inW0;
-			tout1=tin[1]^xor1^inW1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-
-		iv = &(*ivec)[0];
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	inW0=inW1=outW0=outW1=0;
-	tin[0]=tin[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/dh/dh.h b/lib/libssl/src/crypto/dh/dh.h
deleted file mode 100644
index 631cd5c6859..00000000000
--- a/lib/libssl/src/crypto/dh/dh.h
+++ /dev/null
@@ -1,271 +0,0 @@
-/* $OpenBSD: dh.h,v 1.17 2016/06/30 02:02:06 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_DH_H
-#define HEADER_DH_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_DH
-#error DH is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-	
-#ifndef OPENSSL_DH_MAX_MODULUS_BITS
-# define OPENSSL_DH_MAX_MODULUS_BITS	10000
-#endif
-
-#define DH_FLAG_CACHE_MONT_P     0x01
-
-/* If this flag is set the DH method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its reposibility
- * to ensure the result is compliant.
- */
-
-#define DH_FLAG_FIPS_METHOD			0x0400
-
-/* If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-#define DH_FLAG_NON_FIPS_ALLOW			0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dh_st DH; */
-/* typedef struct dh_method DH_METHOD; */
-
-struct dh_method
-	{
-	const char *name;
-	/* Methods here */
-	int (*generate_key)(DH *dh);
-	int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-	int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
-				const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-
-	int (*init)(DH *dh);
-	int (*finish)(DH *dh);
-	int flags;
-	char *app_data;
-	/* If this is non-NULL, it will be used to generate parameters */
-	int (*generate_params)(DH *dh, int prime_len, int generator, BN_GENCB *cb);
-	};
-
-struct dh_st
-	{
-	/* This first argument is used to pick up errors when
-	 * a DH is passed instead of a EVP_PKEY */
-	int pad;
-	int version;
-	BIGNUM *p;
-	BIGNUM *g;
-	long length; /* optional */
-	BIGNUM *pub_key;	/* g^x */
-	BIGNUM *priv_key;	/* x */
-
-	int flags;
-	BN_MONT_CTX *method_mont_p;
-	/* Place holders if we want to do X9.42 DH */
-	BIGNUM *q;
-	BIGNUM *j;
-	unsigned char *seed;
-	int seedlen;
-	BIGNUM *counter;
-
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DH_METHOD *meth;
-	ENGINE *engine;
-	};
-
-#define DH_GENERATOR_2		2
-/* #define DH_GENERATOR_3	3 */
-#define DH_GENERATOR_5		5
-
-/* DH_check error codes */
-#define DH_CHECK_P_NOT_PRIME		0x01
-#define DH_CHECK_P_NOT_SAFE_PRIME	0x02
-#define DH_UNABLE_TO_CHECK_GENERATOR	0x04
-#define DH_NOT_SUITABLE_GENERATOR	0x08
-
-/* DH_check_pub_key error codes */
-#define DH_CHECK_PUBKEY_TOO_SMALL	0x01
-#define DH_CHECK_PUBKEY_TOO_LARGE	0x02
-
-/* primes p where (p-1)/2 is prime too are called "safe"; we define
-   this for backward compatibility: */
-#define DH_CHECK_P_NOT_STRONG_PRIME	DH_CHECK_P_NOT_SAFE_PRIME
-
-#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
-		(char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
-#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
-#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
-
-DH *DHparams_dup(DH *);
-
-const DH_METHOD *DH_OpenSSL(void);
-
-void DH_set_default_method(const DH_METHOD *meth);
-const DH_METHOD *DH_get_default_method(void);
-int DH_set_method(DH *dh, const DH_METHOD *meth);
-DH *DH_new_method(ENGINE *engine);
-
-DH *	DH_new(void);
-void	DH_free(DH *dh);
-int	DH_up_ref(DH *dh);
-int	DH_size(const DH *dh);
-int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DH_set_ex_data(DH *d, int idx, void *arg);
-void *DH_get_ex_data(DH *d, int idx);
-
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DH *	DH_generate_parameters(int prime_len,int generator,
-		void (*callback)(int,int,void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int	DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
-
-int	DH_check(const DH *dh,int *codes);
-int	DH_check_pub_key(const DH *dh,const BIGNUM *pub_key, int *codes);
-int	DH_generate_key(DH *dh);
-int	DH_compute_key(unsigned char *key,const BIGNUM *pub_key,DH *dh);
-DH *	d2i_DHparams(DH **a,const unsigned char **pp, long length);
-int	i2d_DHparams(const DH *a,unsigned char **pp);
-int	DHparams_print_fp(FILE *fp, const DH *x);
-#ifndef OPENSSL_NO_BIO
-int	DHparams_print(BIO *bp, const DH *x);
-#else
-int	DHparams_print(char *bp, const DH *x);
-#endif
-
-#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-			EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
-
-#define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
-			EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
-
-#define	EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN	(EVP_PKEY_ALG_CTRL + 1)
-#define	EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR	(EVP_PKEY_ALG_CTRL + 2)
-		
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DH_strings(void);
-
-/* Error codes for the DH functions. */
-
-/* Function codes. */
-#define DH_F_COMPUTE_KEY				 102
-#define DH_F_DHPARAMS_PRINT_FP				 101
-#define DH_F_DH_BUILTIN_GENPARAMS			 106
-#define DH_F_DH_COMPUTE_KEY				 114
-#define DH_F_DH_GENERATE_KEY				 115
-#define DH_F_DH_GENERATE_PARAMETERS_EX			 116
-#define DH_F_DH_NEW_METHOD				 105
-#define DH_F_DH_PARAM_DECODE				 107
-#define DH_F_DH_PRIV_DECODE				 110
-#define DH_F_DH_PRIV_ENCODE				 111
-#define DH_F_DH_PUB_DECODE				 108
-#define DH_F_DH_PUB_ENCODE				 109
-#define DH_F_DO_DH_PRINT				 100
-#define DH_F_GENERATE_KEY				 103
-#define DH_F_GENERATE_PARAMETERS			 104
-#define DH_F_PKEY_DH_DERIVE				 112
-#define DH_F_PKEY_DH_KEYGEN				 113
-
-/* Reason codes. */
-#define DH_R_BAD_GENERATOR				 101
-#define DH_R_BN_DECODE_ERROR				 109
-#define DH_R_BN_ERROR					 106
-#define DH_R_DECODE_ERROR				 104
-#define DH_R_INVALID_PUBKEY				 102
-#define DH_R_KEYS_NOT_SET				 108
-#define DH_R_KEY_SIZE_TOO_SMALL				 110
-#define DH_R_MODULUS_TOO_LARGE				 103
-#define DH_R_NON_FIPS_METHOD				 111
-#define DH_R_NO_PARAMETERS_SET				 107
-#define DH_R_NO_PRIVATE_VALUE				 100
-#define DH_R_PARAMETER_ENCODING_ERROR			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/dh/dh_ameth.c b/lib/libssl/src/crypto/dh/dh_ameth.c
deleted file mode 100644
index 24c8bb25ec0..00000000000
--- a/lib/libssl/src/crypto/dh/dh_ameth.c
+++ /dev/null
@@ -1,493 +0,0 @@
-/* $OpenBSD: dh_ameth.c,v 1.13 2015/01/08 01:44:29 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-static void
-int_dh_free(EVP_PKEY *pkey)
-{
-	DH_free(pkey->pkey.dh);
-}
-
-static int
-dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-	const unsigned char *p, *pm;
-	int pklen, pmlen;
-	int ptype;
-	void *pval;
-	ASN1_STRING *pstr;
-	X509_ALGOR *palg;
-	ASN1_INTEGER *public_key = NULL;
-	DH *dh = NULL;
-
-	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-		return 0;
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-	if (ptype != V_ASN1_SEQUENCE) {
-		DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
-		goto err;
-	}
-
-	pstr = pval;	
-	pm = pstr->data;
-	pmlen = pstr->length;
-
-	if (!(dh = d2i_DHparams(NULL, &pm, pmlen))) {
-		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-		goto err;
-	}
-
-	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) {
-		DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
-		goto err;
-	}
-
-	/* We have parameters now set public key */
-	if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-		DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
-		goto err;
-	}
-
-	ASN1_INTEGER_free(public_key);
-	EVP_PKEY_assign_DH(pkey, dh);
-	return 1;
-
-err:
-	if (public_key)
-		ASN1_INTEGER_free(public_key);
-	DH_free(dh);
-	return 0;
-}
-
-static int
-dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-	DH *dh;
-	int ptype;
-	unsigned char *penc = NULL;
-	int penclen;
-	ASN1_STRING *str;
-	ASN1_INTEGER *pub_key = NULL;
-
-	dh=pkey->pkey.dh;
-
-	str = ASN1_STRING_new();
-	if (str == NULL) {
-		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	str->length = i2d_DHparams(dh, &str->data);
-	if (str->length <= 0) {
-		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	ptype = V_ASN1_SEQUENCE;
-
-	pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
-	if (!pub_key)
-		goto err;
-
-	penclen = i2d_ASN1_INTEGER(pub_key, &penc);
-
-	ASN1_INTEGER_free(pub_key);
-
-	if (penclen <= 0) {
-		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
-
-	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DH), ptype,
-	    (void *)str, penc, penclen))
-		return 1;
-
-err:
-	free(penc);
-	ASN1_STRING_free(str);
-
-	return 0;
-}
-
-/*
- * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
- * that the AlgorithmIdentifier contains the paramaters, the private key
- * is explcitly included and the pubkey must be recalculated.
- */
-	
-static int
-dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-	const unsigned char *p, *pm;
-	int pklen, pmlen;
-	int ptype;
-	void *pval;
-	ASN1_STRING *pstr;
-	X509_ALGOR *palg;
-	ASN1_INTEGER *privkey = NULL;
-	DH *dh = NULL;
-
-	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-		return 0;
-
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-	if (ptype != V_ASN1_SEQUENCE)
-		goto decerr;
-
-	if (!(privkey=d2i_ASN1_INTEGER(NULL, &p, pklen)))
-		goto decerr;
-
-	pstr = pval;	
-	pm = pstr->data;
-	pmlen = pstr->length;
-	if (!(dh = d2i_DHparams(NULL, &pm, pmlen)))
-		goto decerr;
-	/* We have parameters now set private key */
-	if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-		DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
-		goto dherr;
-	}
-	/* Calculate public key */
-	if (!DH_generate_key(dh))
-		goto dherr;
-
-	EVP_PKEY_assign_DH(pkey, dh);
-
-	ASN1_INTEGER_free(privkey);
-
-	return 1;
-
-decerr:
-	DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
-dherr:
-	DH_free(dh);
-	return 0;
-}
-
-static int
-dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-	ASN1_STRING *params = NULL;
-	ASN1_INTEGER *prkey = NULL;
-	unsigned char *dp = NULL;
-	int dplen;
-
-	params = ASN1_STRING_new();
-
-	if (!params) {
-		DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	params->length = i2d_DHparams(pkey->pkey.dh, &params->data);
-	if (params->length <= 0) {
-		DHerr(DH_F_DH_PRIV_ENCODE,ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	params->type = V_ASN1_SEQUENCE;
-
-	/* Get private key into integer */
-	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
-
-	if (!prkey) {
-		DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
-		goto err;
-	}
-
-	dplen = i2d_ASN1_INTEGER(prkey, &dp);
-
-	ASN1_INTEGER_free(prkey);
-	prkey = NULL;
-
-	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0,
-	    V_ASN1_SEQUENCE, params, dp, dplen))
-		goto err;
-
-	return 1;
-
-err:
-	free(dp);
-	ASN1_STRING_free(params);
-	ASN1_INTEGER_free(prkey);
-	return 0;
-}
-
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-	size_t i;
-
-	if (!b)
-		return;
-	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-		*pbuflen = i;
-}
-
-static int
-dh_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	DH *dh;
-
-	if (!(dh = d2i_DHparams(NULL, pder, derlen))) {
-		DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
-		return 0;
-	}
-	EVP_PKEY_assign_DH(pkey, dh);
-	return 1;
-}
-
-static int
-dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	return i2d_DHparams(pkey->pkey.dh, pder);
-}
-
-static int
-do_dh_print(BIO *bp, const DH *x, int indent, ASN1_PCTX *ctx, int ptype)
-{
-	unsigned char *m = NULL;
-	int reason = ERR_R_BUF_LIB, ret = 0;
-	size_t buf_len = 0;
-	const char *ktype = NULL;
-	BIGNUM *priv_key, *pub_key;
-
-	if (ptype == 2)
-		priv_key = x->priv_key;
-	else
-		priv_key = NULL;
-
-	if (ptype > 0)
-		pub_key = x->pub_key;
-	else
-		pub_key = NULL;
-
-	update_buflen(x->p, &buf_len);
-
-	if (buf_len == 0) {
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-	}
-
-	update_buflen(x->g, &buf_len);
-	update_buflen(pub_key, &buf_len);
-	update_buflen(priv_key, &buf_len);
-
-	if (ptype == 2)
-		ktype = "PKCS#3 DH Private-Key";
-	else if (ptype == 1)
-		ktype = "PKCS#3 DH Public-Key";
-	else
-		ktype = "PKCS#3 DH Parameters";
-
-	m= malloc(buf_len + 10);
-	if (m == NULL) {
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-
-	BIO_indent(bp, indent, 128);
-	if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
-		goto err;
-	indent += 4;
-
-	if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
-		goto err;
-	if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
-		goto err;
-
-	if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
-		goto err;
-	if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
-		goto err;
-	if (x->length != 0) {
-		BIO_indent(bp, indent, 128);
-		if (BIO_printf(bp, "recommended-private-length: %d bits\n",
-		    (int)x->length) <= 0)
-			goto err;
-	}
-
-	ret = 1;
-	if (0) {
-err:
-		DHerr(DH_F_DO_DH_PRINT,reason);
-	}
-	free(m);
-	return(ret);
-}
-
-static int
-int_dh_size(const EVP_PKEY *pkey)
-{
-	return DH_size(pkey->pkey.dh);
-}
-
-static int
-dh_bits(const EVP_PKEY *pkey)
-{
-	return BN_num_bits(pkey->pkey.dh->p);
-}
-
-static int
-dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
-	    BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
-		return 0;
-	else
-		return 1;
-}
-
-static int
-dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-	BIGNUM *a;
-
-	if ((a = BN_dup(from->pkey.dh->p)) == NULL)
-		return 0;
-	BN_free(to->pkey.dh->p);
-	to->pkey.dh->p = a;
-
-	if ((a = BN_dup(from->pkey.dh->g)) == NULL)
-		return 0;
-	BN_free(to->pkey.dh->g);
-	to->pkey.dh->g = a;
-
-	return 1;
-}
-
-static int
-dh_missing_parameters(const EVP_PKEY *a)
-{
-	if (!a->pkey.dh->p || !a->pkey.dh->g)
-		return 1;
-	return 0;
-}
-
-static int
-dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (dh_cmp_parameters(a, b) == 0)
-		return 0;
-	if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
-		return 0;
-	else
-		return 1;
-}
-
-static int
-dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
-}
-
-static int
-dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
-}
-
-static int
-dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
-}
-
-int
-DHparams_print(BIO *bp, const DH *x)
-{
-	return do_dh_print(bp, x, 4, NULL, 0);
-}
-
-const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
-	.pkey_id = EVP_PKEY_DH,
-	.pkey_base_id = EVP_PKEY_DH,
-
-	.pem_str = "DH",
-	.info = "OpenSSL PKCS#3 DH method",
-
-	.pub_decode = dh_pub_decode,
-	.pub_encode = dh_pub_encode,
-	.pub_cmp = dh_pub_cmp,
-	.pub_print = dh_public_print,
-
-	.priv_decode = dh_priv_decode,
-	.priv_encode = dh_priv_encode,
-	.priv_print = dh_private_print,
-
-	.pkey_size = int_dh_size,
-	.pkey_bits = dh_bits,
-
-	.param_decode = dh_param_decode,
-	.param_encode = dh_param_encode,
-	.param_missing = dh_missing_parameters,
-	.param_copy = dh_copy_parameters,
-	.param_cmp = dh_cmp_parameters,
-	.param_print = dh_param_print,
-
-	.pkey_free = int_dh_free,
-};
diff --git a/lib/libssl/src/crypto/dh/dh_asn1.c b/lib/libssl/src/crypto/dh/dh_asn1.c
deleted file mode 100644
index 7060130ed86..00000000000
--- a/lib/libssl/src/crypto/dh/dh_asn1.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* $OpenBSD: dh_asn1.c,v 1.8 2015/02/14 15:06:55 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-
-/* Override the default free and new methods */
-static int
-dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)DH_new();
-		if (*pval)
-			return 2;
-		return 0;
-	} else if (operation == ASN1_OP_FREE_PRE) {
-		DH_free((DH *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-static const ASN1_AUX DHparams_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = dh_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DHparams_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DH, p),
-		.field_name = "p",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DH, g),
-		.field_name = "g",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(DH, length),
-		.field_name = "length",
-		.item = &ZLONG_it,
-	},
-};
-
-const ASN1_ITEM DHparams_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = DHparams_seq_tt,
-	.tcount = sizeof(DHparams_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DHparams_aux,
-	.size = sizeof(DH),
-	.sname = "DH",
-};
-
-
-DH *
-d2i_DHparams(DH **a, const unsigned char **in, long len)
-{
-	return (DH *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DHparams_it);
-}
-
-int
-i2d_DHparams(const DH *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DHparams_it);
-}
-
-DH *
-DHparams_dup(DH *dh)
-{
-	return ASN1_item_dup(ASN1_ITEM_rptr(DHparams), dh);
-}
diff --git a/lib/libssl/src/crypto/dh/dh_check.c b/lib/libssl/src/crypto/dh/dh_check.c
deleted file mode 100644
index a6010f0a6dc..00000000000
--- a/lib/libssl/src/crypto/dh/dh_check.c
+++ /dev/null
@@ -1,139 +0,0 @@
-/* $OpenBSD: dh_check.c,v 1.16 2016/07/05 02:54:35 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-/*
- * Check that p is a safe prime and
- * if g is 2, 3 or 5, check that it is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
- */
-
-int
-DH_check(const DH *dh, int *ret)
-{
-	int ok = 0;
-	BN_CTX *ctx = NULL;
-	BN_ULONG l;
-	BIGNUM *q = NULL;
-
-	*ret = 0;
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	q = BN_new();
-	if (q == NULL)
-		goto err;
-
-	if (BN_is_word(dh->g, DH_GENERATOR_2)) {
-		l = BN_mod_word(dh->p, 24);
-		if (l == (BN_ULONG)-1)
-			goto err;
-		if (l != 11)
-			*ret |= DH_NOT_SUITABLE_GENERATOR;
-	} else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
-		l = BN_mod_word(dh->p, 10);
-		if (l == (BN_ULONG)-1)
-			goto err;
-		if (l != 3 && l != 7)
-			*ret |= DH_NOT_SUITABLE_GENERATOR;
-	} else
-		*ret |= DH_UNABLE_TO_CHECK_GENERATOR;
-
-	if (!BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL))
-		*ret |= DH_CHECK_P_NOT_PRIME;
-	else {
-		if (!BN_rshift1(q, dh->p))
-			goto err;
-		if (!BN_is_prime_ex(q, BN_prime_checks, ctx, NULL))
-			*ret |= DH_CHECK_P_NOT_SAFE_PRIME;
-	}
-	ok = 1;
-err:
-	BN_CTX_free(ctx);
-	BN_free(q);
-	return ok;
-}
-
-int
-DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
-{
-	BIGNUM *q = NULL;
-
-	*ret = 0;
-	q = BN_new();
-	if (q == NULL)
-		return 0;
-	BN_set_word(q, 1);
-	if (BN_cmp(pub_key, q) <= 0)
-		*ret |= DH_CHECK_PUBKEY_TOO_SMALL;
-	BN_copy(q, dh->p);
-	BN_sub_word(q, 1);
-	if (BN_cmp(pub_key, q) >= 0)
-		*ret |= DH_CHECK_PUBKEY_TOO_LARGE;
-
-	BN_free(q);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/dh/dh_depr.c b/lib/libssl/src/crypto/dh/dh_depr.c
deleted file mode 100644
index 0b75b0be5e1..00000000000
--- a/lib/libssl/src/crypto/dh/dh_depr.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* $OpenBSD: dh_depr.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This file contains deprecated functions as wrappers to the new ones */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-DH *
-DH_generate_parameters(int prime_len, int generator,
-    void (*callback)(int, int, void *), void *cb_arg)
-{
-	BN_GENCB cb;
-	DH *ret = NULL;
-
-	if ((ret = DH_new()) == NULL)
-		return NULL;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-
-	if (DH_generate_parameters_ex(ret, prime_len, generator, &cb))
-		return ret;
-	DH_free(ret);
-	return NULL;
-}
-#endif
diff --git a/lib/libssl/src/crypto/dh/dh_err.c b/lib/libssl/src/crypto/dh/dh_err.c
deleted file mode 100644
index 3774ba3c45f..00000000000
--- a/lib/libssl/src/crypto/dh/dh_err.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: dh_err.c,v 1.15 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/dh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
-
-static ERR_STRING_DATA DH_str_functs[]=
-	{
-{ERR_FUNC(DH_F_COMPUTE_KEY),	"COMPUTE_KEY"},
-{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),	"DHparams_print_fp"},
-{ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS),	"DH_BUILTIN_GENPARAMS"},
-{ERR_FUNC(DH_F_DH_COMPUTE_KEY),	"DH_compute_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_KEY),	"DH_generate_key"},
-{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX),	"DH_generate_parameters_ex"},
-{ERR_FUNC(DH_F_DH_NEW_METHOD),	"DH_new_method"},
-{ERR_FUNC(DH_F_DH_PARAM_DECODE),	"DH_PARAM_DECODE"},
-{ERR_FUNC(DH_F_DH_PRIV_DECODE),	"DH_PRIV_DECODE"},
-{ERR_FUNC(DH_F_DH_PRIV_ENCODE),	"DH_PRIV_ENCODE"},
-{ERR_FUNC(DH_F_DH_PUB_DECODE),	"DH_PUB_DECODE"},
-{ERR_FUNC(DH_F_DH_PUB_ENCODE),	"DH_PUB_ENCODE"},
-{ERR_FUNC(DH_F_DO_DH_PRINT),	"DO_DH_PRINT"},
-{ERR_FUNC(DH_F_GENERATE_KEY),	"GENERATE_KEY"},
-{ERR_FUNC(DH_F_GENERATE_PARAMETERS),	"GENERATE_PARAMETERS"},
-{ERR_FUNC(DH_F_PKEY_DH_DERIVE),	"PKEY_DH_DERIVE"},
-{ERR_FUNC(DH_F_PKEY_DH_KEYGEN),	"PKEY_DH_KEYGEN"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA DH_str_reasons[]=
-	{
-{ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
-{ERR_REASON(DH_R_BN_DECODE_ERROR)        ,"bn decode error"},
-{ERR_REASON(DH_R_BN_ERROR)               ,"bn error"},
-{ERR_REASON(DH_R_DECODE_ERROR)           ,"decode error"},
-{ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
-{ERR_REASON(DH_R_KEYS_NOT_SET)           ,"keys not set"},
-{ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL)     ,"key size too small"},
-{ERR_REASON(DH_R_MODULUS_TOO_LARGE)      ,"modulus too large"},
-{ERR_REASON(DH_R_NON_FIPS_METHOD)        ,"non fips method"},
-{ERR_REASON(DH_R_NO_PARAMETERS_SET)      ,"no parameters set"},
-{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
-{ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_DH_strings(void)
-	{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(DH_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings(0,DH_str_functs);
-		ERR_load_strings(0,DH_str_reasons);
-		}
-#endif
-	}
diff --git a/lib/libssl/src/crypto/dh/dh_gen.c b/lib/libssl/src/crypto/dh/dh_gen.c
deleted file mode 100644
index de566802d32..00000000000
--- a/lib/libssl/src/crypto/dh/dh_gen.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* $OpenBSD: dh_gen.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* NB: These functions have been upgraded - the previous prototypes are in
- * dh_depr.c as wrappers to these ones.
- *  - Geoff
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-
-static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
-	    BN_GENCB *cb);
-
-int
-DH_generate_parameters_ex(DH *ret, int prime_len, int generator, BN_GENCB *cb)
-{
-	if (ret->meth->generate_params)
-		return ret->meth->generate_params(ret, prime_len, generator, cb);
-	return dh_builtin_genparams(ret, prime_len, generator, cb);
-}
-
-/*
- * We generate DH parameters as follows:
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
- *
- * Having said all that,
- * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
- *
- * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
- * special generators and for answering some of my questions.
- *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-/* Actually there is no reason to insist that 'generator' be a generator.
- * It's just as OK (and in some sense better) to use a generator of the
- * order-q subgroup.
- */
-static int
-dh_builtin_genparams(DH *ret, int prime_len, int generator, BN_GENCB *cb)
-{
-	BIGNUM *t1, *t2;
-	int g, ok = -1;
-	BN_CTX *ctx = NULL;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* Make sure 'ret' has the necessary elements */
-	if (!ret->p && ((ret->p = BN_new()) == NULL))
-		goto err;
-	if (!ret->g && ((ret->g = BN_new()) == NULL))
-		goto err;
-	
-	if (generator <= 1) {
-		DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
-		goto err;
-	}
-	if (generator == DH_GENERATOR_2) {
-		if (!BN_set_word(t1, 24))
-			goto err;
-		if (!BN_set_word(t2, 11))
-			goto err;
-		g = 2;
-	} else if (generator == DH_GENERATOR_5) {
-		if (!BN_set_word(t1, 10))
-			goto err;
-		if (!BN_set_word(t2, 3))
-			goto err;
-		/* BN_set_word(t3,7); just have to miss
-		 * out on these ones :-( */
-		g = 5;
-	} else {
-		/*
-		 * in the general case, don't worry if 'generator' is a
-		 * generator or not: since we are using safe primes,
-		 * it will generate either an order-q or an order-2q group,
-		 * which both is OK
-		 */
-		if (!BN_set_word(t1, 2))
-			goto err;
-		if (!BN_set_word(t2, 1))
-			goto err;
-		g = generator;
-	}
-	
-	if (!BN_generate_prime_ex(ret->p, prime_len, 1, t1, t2, cb))
-		goto err;
-	if (!BN_GENCB_call(cb, 3, 0))
-		goto err;
-	if (!BN_set_word(ret->g, g))
-		goto err;
-	ok = 1;
-err:
-	if (ok == -1) {
-		DHerr(DH_F_DH_BUILTIN_GENPARAMS, ERR_R_BN_LIB);
-		ok = 0;
-	}
-
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	return ok;
-}
diff --git a/lib/libssl/src/crypto/dh/dh_key.c b/lib/libssl/src/crypto/dh/dh_key.c
deleted file mode 100644
index 6eb1365bf64..00000000000
--- a/lib/libssl/src/crypto/dh/dh_key.c
+++ /dev/null
@@ -1,251 +0,0 @@
-/* $OpenBSD: dh_key.c,v 1.25 2016/07/07 11:53:12 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-
-static int generate_key(DH *dh);
-static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
-static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a,
-	    const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-static int dh_init(DH *dh);
-static int dh_finish(DH *dh);
-
-int
-DH_generate_key(DH *dh)
-{
-	return dh->meth->generate_key(dh);
-}
-
-int
-DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-	return dh->meth->compute_key(key, pub_key, dh);
-}
-
-static DH_METHOD dh_ossl = {
-	.name = "OpenSSL DH Method",
-	.generate_key = generate_key,
-	.compute_key = compute_key,
-	.bn_mod_exp = dh_bn_mod_exp,
-	.init = dh_init,
-	.finish = dh_finish,
-};
-
-const DH_METHOD *
-DH_OpenSSL(void)
-{
-	return &dh_ossl;
-}
-
-static int
-generate_key(DH *dh)
-{
-	int ok = 0;
-	int generate_new_key = 0;
-	unsigned l;
-	BN_CTX *ctx;
-	BN_MONT_CTX *mont = NULL;
-	BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-
-	if (dh->priv_key == NULL) {
-		priv_key = BN_new();
-		if (priv_key == NULL)
-			goto err;
-		generate_new_key = 1;
-	} else
-		priv_key = dh->priv_key;
-
-	if (dh->pub_key == NULL) {
-		pub_key = BN_new();
-		if (pub_key == NULL)
-			goto err;
-	} else
-		pub_key = dh->pub_key;
-
-	if (dh->flags & DH_FLAG_CACHE_MONT_P) {
-		mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-		    CRYPTO_LOCK_DH, dh->p, ctx);
-		if (!mont)
-			goto err;
-	}
-
-	if (generate_new_key) {
-		if (dh->q) {
-			do {
-				if (!BN_rand_range(priv_key, dh->q))
-					goto err;
-			} while (BN_is_zero(priv_key) || BN_is_one(priv_key));
-		} else {
-			/* secret exponent length */
-			l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
-			if (!BN_rand(priv_key, l, 0, 0))
-				goto err;
-		}
-	}
-
-	{
-		BIGNUM prk;
-
-		BN_init(&prk);
-		BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
-
-		if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx,
-		    mont)) {
-			goto err;
-		}
-	}
-
-	dh->pub_key = pub_key;
-	dh->priv_key = priv_key;
-	ok = 1;
-err:
-	if (ok != 1)
-		DHerr(DH_F_GENERATE_KEY, ERR_R_BN_LIB);
-
-	if (pub_key != NULL && dh->pub_key == NULL)
-		BN_free(pub_key);
-	if (priv_key != NULL && dh->priv_key == NULL)
-		BN_free(priv_key);
-	BN_CTX_free(ctx);
-	return ok;
-}
-
-static int
-compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
-{
-	BN_CTX *ctx = NULL;
-	BN_MONT_CTX *mont = NULL;
-	BIGNUM *tmp;
-	int ret = -1;
-        int check_result;
-
-	if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
-		DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE);
-		goto err;
-	}
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((tmp = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	
-	if (dh->priv_key == NULL) {
-		DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
-		goto err;
-	}
-
-	if (dh->flags & DH_FLAG_CACHE_MONT_P) {
-		mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
-		    CRYPTO_LOCK_DH, dh->p, ctx);
-
-		BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
-
-		if (!mont)
-			goto err;
-	}
-
-        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) {
-		DHerr(DH_F_COMPUTE_KEY, DH_R_INVALID_PUBKEY);
-		goto err;
-	}
-
-	if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key, dh->p, ctx,
-	    mont)) {
-		DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB);
-		goto err;
-	}
-
-	ret = BN_bn2bin(tmp, key);
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	return ret;
-}
-
-static int
-dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
-{
-	return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
-}
-
-static int
-dh_init(DH *dh)
-{
-	dh->flags |= DH_FLAG_CACHE_MONT_P;
-	return 1;
-}
-
-static int
-dh_finish(DH *dh)
-{
-	BN_MONT_CTX_free(dh->method_mont_p);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/dh/dh_lib.c b/lib/libssl/src/crypto/dh/dh_lib.c
deleted file mode 100644
index defe1c74b4f..00000000000
--- a/lib/libssl/src/crypto/dh/dh_lib.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* $OpenBSD: dh_lib.c,v 1.21 2015/02/11 03:19:37 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static const DH_METHOD *default_DH_method = NULL;
-
-void
-DH_set_default_method(const DH_METHOD *meth)
-{
-	default_DH_method = meth;
-}
-
-const DH_METHOD *
-DH_get_default_method(void)
-{
-	if (!default_DH_method)
-		default_DH_method = DH_OpenSSL();
-	return default_DH_method;
-}
-
-int
-DH_set_method(DH *dh, const DH_METHOD *meth)
-{
-	/*
-	 * NB: The caller is specifically setting a method, so it's not up to us
-	 * to deal with which ENGINE it comes from.
-	 */
-        const DH_METHOD *mtmp;
-
-        mtmp = dh->meth;
-        if (mtmp->finish)
-		mtmp->finish(dh);
-#ifndef OPENSSL_NO_ENGINE
-	if (dh->engine) {
-		ENGINE_finish(dh->engine);
-		dh->engine = NULL;
-	}
-#endif
-        dh->meth = meth;
-        if (meth->init)
-		meth->init(dh);
-        return 1;
-}
-
-DH *
-DH_new(void)
-{
-	return DH_new_method(NULL);
-}
-
-DH *
-DH_new_method(ENGINE *engine)
-{
-	DH *ret;
-
-	ret = malloc(sizeof(DH));
-	if (ret == NULL) {
-		DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	ret->meth = DH_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-	if (engine) {
-		if (!ENGINE_init(engine)) {
-			DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-			free(ret);
-			return NULL;
-		}
-		ret->engine = engine;
-	} else
-		ret->engine = ENGINE_get_default_DH();
-	if(ret->engine) {
-		ret->meth = ENGINE_get_DH(ret->engine);
-		if (!ret->meth) {
-			DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
-		}
-	}
-#endif
-
-	ret->pad = 0;
-	ret->version = 0;
-	ret->p = NULL;
-	ret->g = NULL;
-	ret->length = 0;
-	ret->pub_key = NULL;
-	ret->priv_key = NULL;
-	ret->q = NULL;
-	ret->j = NULL;
-	ret->seed = NULL;
-	ret->seedlen = 0;
-	ret->counter = NULL;
-	ret->method_mont_p=NULL;
-	ret->references = 1;
-	ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
-		free(ret);
-		ret = NULL;
-	}
-	return ret;
-}
-
-void
-DH_free(DH *r)
-{
-	int i;
-
-	if (r == NULL)
-		return;
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
-	if (i > 0)
-		return;
-
-	if (r->meth->finish)
-		r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
-
-	BN_clear_free(r->p);
-	BN_clear_free(r->g);
-	BN_clear_free(r->q);
-	BN_clear_free(r->j);
-	free(r->seed);
-	BN_clear_free(r->counter);
-	BN_clear_free(r->pub_key);
-	BN_clear_free(r->priv_key);
-	free(r);
-}
-
-int
-DH_up_ref(DH *r)
-{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
-
-	return i > 1 ? 1 : 0;
-}
-
-int
-DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp, new_func,
-	    dup_func, free_func);
-}
-
-int
-DH_set_ex_data(DH *d, int idx, void *arg)
-{
-	return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
-}
-
-void *
-DH_get_ex_data(DH *d, int idx)
-{
-	return CRYPTO_get_ex_data(&d->ex_data, idx);
-}
-
-int
-DH_size(const DH *dh)
-{
-	return BN_num_bytes(dh->p);
-}
diff --git a/lib/libssl/src/crypto/dh/dh_pmeth.c b/lib/libssl/src/crypto/dh/dh_pmeth.c
deleted file mode 100644
index 6d750eb30d9..00000000000
--- a/lib/libssl/src/crypto/dh/dh_pmeth.c
+++ /dev/null
@@ -1,264 +0,0 @@
-/* $OpenBSD: dh_pmeth.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-/* DH pkey context structure */
-
-typedef struct {
-	/* Parameter gen parameters */
-	int prime_len;
-	int generator;
-	int use_dsa;
-	/* Keygen callback info */
-	int gentmp[2];
-	/* message digest */
-} DH_PKEY_CTX;
-
-static int
-pkey_dh_init(EVP_PKEY_CTX *ctx)
-{
-	DH_PKEY_CTX *dctx;
-
-	dctx = malloc(sizeof(DH_PKEY_CTX));
-	if (!dctx)
-		return 0;
-	dctx->prime_len = 1024;
-	dctx->generator = 2;
-	dctx->use_dsa = 0;
-
-	ctx->data = dctx;
-	ctx->keygen_info = dctx->gentmp;
-	ctx->keygen_info_count = 2;
-	
-	return 1;
-}
-
-static int
-pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	DH_PKEY_CTX *dctx, *sctx;
-
-	if (!pkey_dh_init(dst))
-		return 0;
-       	sctx = src->data;
-	dctx = dst->data;
-	dctx->prime_len = sctx->prime_len;
-	dctx->generator = sctx->generator;
-	dctx->use_dsa = sctx->use_dsa;
-	return 1;
-}
-
-static void
-pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
-{
-	DH_PKEY_CTX *dctx = ctx->data;
-
-	free(dctx);
-}
-
-static int
-pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	DH_PKEY_CTX *dctx = ctx->data;
-
-	switch (type) {
-	case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
-		if (p1 < 256)
-			return -2;
-		dctx->prime_len = p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
-		dctx->generator = p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_PEER_KEY:
-		/* Default behaviour is OK */
-		return 1;
-
-	default:
-		return -2;
-	}
-}
-			
-static int
-pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
- 	long lval;
-	char *ep;
-	int len;
-
-	if (!strcmp(type, "dh_paramgen_prime_len")) {
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		len = lval;
-		return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
-	} else if (!strcmp(type, "dh_paramgen_generator")) {
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		len = lval;
-		return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
-	}
-
-not_a_number:
-out_of_range:
-	return -2;
-}
-
-static int
-pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	DH *dh = NULL;
-	DH_PKEY_CTX *dctx = ctx->data;
-	BN_GENCB *pcb, cb;
-	int ret;
-
-	if (ctx->pkey_gencb) {
-		pcb = &cb;
-		evp_pkey_set_cb_translate(pcb, ctx);
-	} else
-		pcb = NULL;
-	dh = DH_new();
-	if (!dh)
-		return 0;
-	ret = DH_generate_parameters_ex(dh, dctx->prime_len, dctx->generator,
-	    pcb);
-	if (ret)
-		EVP_PKEY_assign_DH(pkey, dh);
-	else
-		DH_free(dh);
-	return ret;
-}
-
-static int
-pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	DH *dh = NULL;
-
-	if (ctx->pkey == NULL) {
-		DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
-		return 0;
-	}
-	dh = DH_new();
-	if (!dh)
-		return 0;
-	EVP_PKEY_assign_DH(pkey, dh);
-	/* Note: if error return, pkey is freed by parent routine */
-	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-		return 0;
-	return DH_generate_key(pkey->pkey.dh);
-}
-
-static int
-pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
-{
-	int ret;
-
-	if (!ctx->pkey || !ctx->peerkey) {
-		DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
-		return 0;
-	}
-	ret = DH_compute_key(key, ctx->peerkey->pkey.dh->pub_key,
-	    ctx->pkey->pkey.dh);
-	if (ret < 0)
-		return ret;
-	*keylen = ret;
-	return 1;
-}
-
-const EVP_PKEY_METHOD dh_pkey_meth = {
-	.pkey_id = EVP_PKEY_DH,
-	.flags = EVP_PKEY_FLAG_AUTOARGLEN,
-
-	.init = pkey_dh_init,
-	.copy = pkey_dh_copy,
-	.cleanup = pkey_dh_cleanup,
-
-	.paramgen = pkey_dh_paramgen,
-
-	.keygen = pkey_dh_keygen,
-
-	.derive = pkey_dh_derive,
-
-	.ctrl = pkey_dh_ctrl,
-	.ctrl_str = pkey_dh_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/dh/dh_prn.c b/lib/libssl/src/crypto/dh/dh_prn.c
deleted file mode 100644
index 73d0476e210..00000000000
--- a/lib/libssl/src/crypto/dh/dh_prn.c
+++ /dev/null
@@ -1,79 +0,0 @@
-/* $OpenBSD: dh_prn.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/dh.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-int
-DHparams_print_fp(FILE *fp, const DH *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	BIO_set_fp(b,fp,BIO_NOCLOSE);
-	ret = DHparams_print(b, x);
-	BIO_free(b);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/dsa/dsa.h b/lib/libssl/src/crypto/dsa/dsa.h
deleted file mode 100644
index b4d7c1ff0f7..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa.h
+++ /dev/null
@@ -1,323 +0,0 @@
-/* $OpenBSD: dsa.h,v 1.21 2016/06/30 02:02:06 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/*
- * The DSS routines are based on patches supplied by
- * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
- * work and I have just tweaked them a little to fit into my
- * stylistic vision for SSLeay :-) */
-
-#ifndef HEADER_DSA_H
-#define HEADER_DSA_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_DSA
-#error DSA is disabled.
-#endif
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_DH
-# include <openssl/dh.h>
-#endif
-#endif
-
-#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
-# define OPENSSL_DSA_MAX_MODULUS_BITS	10000
-#endif
-
-#define DSA_FLAG_CACHE_MONT_P	0x01
-
-/* If this flag is set the DSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its reposibility
- * to ensure the result is compliant.
- */
-
-#define DSA_FLAG_FIPS_METHOD			0x0400
-
-/* If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-#define DSA_FLAG_NON_FIPS_ALLOW			0x0400
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct dsa_st DSA; */
-/* typedef struct dsa_method DSA_METHOD; */
-
-typedef struct DSA_SIG_st
-	{
-	BIGNUM *r;
-	BIGNUM *s;
-	} DSA_SIG;
-
-struct dsa_method
-	{
-	const char *name;
-	DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa);
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-								BIGNUM **rp);
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-			     DSA_SIG *sig, DSA *dsa);
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-			BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
-			BN_MONT_CTX *in_mont);
-	int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-				const BIGNUM *m, BN_CTX *ctx,
-				BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(DSA *dsa);
-	int (*finish)(DSA *dsa);
-	int flags;
-	char *app_data;
-	/* If this is non-NULL, it is used to generate DSA parameters */
-	int (*dsa_paramgen)(DSA *dsa, int bits,
-			const unsigned char *seed, int seed_len,
-			int *counter_ret, unsigned long *h_ret,
-			BN_GENCB *cb);
-	/* If this is non-NULL, it is used to generate DSA keys */
-	int (*dsa_keygen)(DSA *dsa);
-	};
-
-struct dsa_st
-	{
-	/* This first variable is used to pick up errors where
-	 * a DSA is passed instead of of a EVP_PKEY */
-	int pad;
-	long version;
-	int write_params;
-	BIGNUM *p;
-	BIGNUM *q;	/* == 20 */
-	BIGNUM *g;
-
-	BIGNUM *pub_key;  /* y public key */
-	BIGNUM *priv_key; /* x private key */
-
-	BIGNUM *kinv;	/* Signing pre-calc */
-	BIGNUM *r;	/* Signing pre-calc */
-
-	int flags;
-	/* Normally used to cache montgomery values */
-	BN_MONT_CTX *method_mont_p;
-	int references;
-	CRYPTO_EX_DATA ex_data;
-	const DSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	};
-
-#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
-		(char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
-#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
-		(unsigned char *)(x))
-#define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
-#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
-
-
-DSA *DSAparams_dup(DSA *x);
-DSA_SIG * DSA_SIG_new(void);
-void	DSA_SIG_free(DSA_SIG *a);
-int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
-
-DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa);
-int	DSA_do_verify(const unsigned char *dgst,int dgst_len,
-		      DSA_SIG *sig,DSA *dsa);
-
-const DSA_METHOD *DSA_OpenSSL(void);
-
-void	DSA_set_default_method(const DSA_METHOD *);
-const DSA_METHOD *DSA_get_default_method(void);
-int	DSA_set_method(DSA *dsa, const DSA_METHOD *);
-
-DSA *	DSA_new(void);
-DSA *	DSA_new_method(ENGINE *engine);
-void	DSA_free(DSA *r);
-/* "up" the DSA object's reference count */
-int	DSA_up_ref(DSA *r);
-int	DSA_size(const DSA *);
-	/* next 4 return -1 on error */
-int	DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
-int	DSA_sign(int type,const unsigned char *dgst,int dlen,
-		unsigned char *sig, unsigned int *siglen, DSA *dsa);
-int	DSA_verify(int type,const unsigned char *dgst,int dgst_len,
-		const unsigned char *sigbuf, int siglen, DSA *dsa);
-int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int DSA_set_ex_data(DSA *d, int idx, void *arg);
-void *DSA_get_ex_data(DSA *d, int idx);
-
-DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-extern const ASN1_ITEM DSAPublicKey_it;
-
-DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-extern const ASN1_ITEM DSAPrivateKey_it;
-
-DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-int i2d_DSAparams(const DSA *a,unsigned char **pp);
-extern const ASN1_ITEM DSAparams_it;
-
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-DSA *	DSA_generate_parameters(int bits,
-		unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret,void
-		(*callback)(int, int, void *),void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int	DSA_generate_parameters_ex(DSA *dsa, int bits,
-		const unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
-
-int	DSA_generate_key(DSA *a);
-
-#ifndef OPENSSL_NO_BIO
-int	DSAparams_print(BIO *bp, const DSA *x);
-int	DSA_print(BIO *bp, const DSA *x, int off);
-#endif
-int	DSAparams_print_fp(FILE *fp, const DSA *x);
-int	DSA_print_fp(FILE *bp, const DSA *x, int off);
-
-#define DSS_prime_checks 50
-/* Primality test according to FIPS PUB 186[-1], Appendix 2.1:
- * 50 rounds of Rabin-Miller */
-#define DSA_is_prime(n, callback, cb_arg) \
-	BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
-
-#ifndef OPENSSL_NO_DH
-/* Convert DSA structure (key or just parameters) into DH structure
- * (be careful to avoid small subgroup attacks when using this!) */
-DH *DSA_dup_DH(const DSA *r);
-#endif
-
-#define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
-				EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
-
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_BITS		(EVP_PKEY_ALG_CTRL + 1)
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS	(EVP_PKEY_ALG_CTRL + 2)
-#define	EVP_PKEY_CTRL_DSA_PARAMGEN_MD		(EVP_PKEY_ALG_CTRL + 3)
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSA_strings(void);
-
-/* Error codes for the DSA functions. */
-
-/* Function codes. */
-#define DSA_F_D2I_DSA_SIG				 110
-#define DSA_F_DO_DSA_PRINT				 104
-#define DSA_F_DSAPARAMS_PRINT				 100
-#define DSA_F_DSAPARAMS_PRINT_FP			 101
-#define DSA_F_DSA_DO_SIGN				 112
-#define DSA_F_DSA_DO_VERIFY				 113
-#define DSA_F_DSA_GENERATE_KEY				 124
-#define DSA_F_DSA_GENERATE_PARAMETERS_EX		 123
-#define DSA_F_DSA_NEW_METHOD				 103
-#define DSA_F_DSA_PARAM_DECODE				 119
-#define DSA_F_DSA_PRINT_FP				 105
-#define DSA_F_DSA_PRIV_DECODE				 115
-#define DSA_F_DSA_PRIV_ENCODE				 116
-#define DSA_F_DSA_PUB_DECODE				 117
-#define DSA_F_DSA_PUB_ENCODE				 118
-#define DSA_F_DSA_SIGN					 106
-#define DSA_F_DSA_SIGN_SETUP				 107
-#define DSA_F_DSA_SIG_NEW				 109
-#define DSA_F_DSA_SIG_PRINT				 125
-#define DSA_F_DSA_VERIFY				 108
-#define DSA_F_I2D_DSA_SIG				 111
-#define DSA_F_OLD_DSA_PRIV_DECODE			 122
-#define DSA_F_PKEY_DSA_CTRL				 120
-#define DSA_F_PKEY_DSA_KEYGEN				 121
-#define DSA_F_SIG_CB					 114
-
-/* Reason codes. */
-#define DSA_R_BAD_Q_VALUE				 102
-#define DSA_R_BN_DECODE_ERROR				 108
-#define DSA_R_BN_ERROR					 109
-#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 100
-#define DSA_R_DECODE_ERROR				 104
-#define DSA_R_INVALID_DIGEST_TYPE			 106
-#define DSA_R_MISSING_PARAMETERS			 101
-#define DSA_R_MODULUS_TOO_LARGE				 103
-#define DSA_R_NEED_NEW_SETUP_VALUES			 110
-#define DSA_R_NON_FIPS_DSA_METHOD			 111
-#define DSA_R_NO_PARAMETERS_SET				 107
-#define DSA_R_PARAMETER_ENCODING_ERROR			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_ameth.c b/lib/libssl/src/crypto/dsa/dsa_ameth.c
deleted file mode 100644
index a6e21a688ef..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_ameth.c
+++ /dev/null
@@ -1,698 +0,0 @@
-/* $OpenBSD: dsa_ameth.c,v 1.19 2016/03/01 07:04:41 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-
-#include "asn1_locl.h"
-
-static int
-dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-	const unsigned char *p, *pm;
-	int pklen, pmlen;
-	int ptype;
-	void *pval;
-	ASN1_STRING *pstr;
-	X509_ALGOR *palg;
-	ASN1_INTEGER *public_key = NULL;
-
-	DSA *dsa = NULL;
-
-	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-		return 0;
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-	if (ptype == V_ASN1_SEQUENCE) {
-		pstr = pval;	
-		pm = pstr->data;
-		pmlen = pstr->length;
-
-		if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
-			DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
-			goto err;
-		}
-	} else if (ptype == V_ASN1_NULL || ptype == V_ASN1_UNDEF) {
-		if (!(dsa = DSA_new())) {
-			DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-	} else {
-		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
-		goto err;
-	}
-
-	if (!(public_key=d2i_ASN1_INTEGER(NULL, &p, pklen))) {
-		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
-		goto err;
-	}
-
-	if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
-		DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
-		goto err;
-	}
-
-	ASN1_INTEGER_free(public_key);
-	EVP_PKEY_assign_DSA(pkey, dsa);
-	return 1;
-
-err:
-	if (public_key)
-		ASN1_INTEGER_free(public_key);
-	DSA_free(dsa);
-	return 0;
-}
-
-static int
-dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-	DSA *dsa;
-	void *pval = NULL;
-	int ptype;
-	unsigned char *penc = NULL;
-	int penclen;
-
-	dsa = pkey->pkey.dsa;
-	if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
-		ASN1_STRING *str;
-
-		str = ASN1_STRING_new();
-		if (str == NULL) {
-			DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		str->length = i2d_DSAparams(dsa, &str->data);
-		if (str->length <= 0) {
-			DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-			ASN1_STRING_free(str);
-			goto err;
-		}
-		pval = str;
-		ptype = V_ASN1_SEQUENCE;
-	} else
-		ptype = V_ASN1_UNDEF;
-
-	dsa->write_params = 0;
-
-	penclen = i2d_DSAPublicKey(dsa, &penc);
-
-	if (penclen <= 0) {
-		DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA), ptype, pval,
-	    penc, penclen))
-		return 1;
-
-err:
-	free(penc);
-	ASN1_STRING_free(pval);
-
-	return 0;
-}
-
-/* In PKCS#8 DSA: you just get a private key integer and parameters in the
- * AlgorithmIdentifier the pubkey must be recalculated.
- */
-static int
-dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-	const unsigned char *p, *pm;
-	int pklen, pmlen;
-	int ptype;
-	void *pval;
-	ASN1_STRING *pstr;
-	X509_ALGOR *palg;
-	ASN1_INTEGER *privkey = NULL;
-	BN_CTX *ctx = NULL;
-	DSA *dsa = NULL;
-
-	int ret = 0;
-
-	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-		return 0;
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-	if (ptype != V_ASN1_SEQUENCE)
-		goto decerr;
-
-	if ((privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)) == NULL)
-		goto decerr;
-	if (privkey->type == V_ASN1_NEG_INTEGER)
-		goto decerr;
-
-	pstr = pval;
-	pm = pstr->data;
-	pmlen = pstr->length;
-	if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
-		goto decerr;
-	/* We have parameters now set private key */
-	if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
-		DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
-		goto dsaerr;
-	}
-	/* Calculate public key */
-	if (!(dsa->pub_key = BN_new())) {
-		DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
-		goto dsaerr;
-	}
-	if (!(ctx = BN_CTX_new())) {
-		DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
-		goto dsaerr;
-	}
-
-	if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
-		DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
-		goto dsaerr;
-	}
-
-	if (!EVP_PKEY_assign_DSA(pkey, dsa))
-		goto decerr;
-
-	ret = 1;
-	goto done;
-
-decerr:
-	DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_DECODE_ERROR);
-dsaerr:
-	DSA_free(dsa);
-done:
-	BN_CTX_free(ctx);
-	ASN1_INTEGER_free(privkey);
-	return ret;
-}
-
-static int
-dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-	ASN1_STRING *params = NULL;
-	ASN1_INTEGER *prkey = NULL;
-	unsigned char *dp = NULL;
-	int dplen;
-
-	params = ASN1_STRING_new();
-	if (!params) {
-		DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
-	if (params->length <= 0) {
-		DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	params->type = V_ASN1_SEQUENCE;
-
-	/* Get private key into integer */
-	prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
-	if (!prkey) {
-		DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
-		goto err;
-	}
-
-	dplen = i2d_ASN1_INTEGER(prkey, &dp);
-
-	ASN1_INTEGER_free(prkey);
-	prkey = NULL;
-
-	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE,
-	    params, dp, dplen))
-		goto err;
-
-	return 1;
-
-err:
-	free(dp);
-	ASN1_STRING_free(params);
-	ASN1_INTEGER_free(prkey);
-	return 0;
-}
-
-static int
-int_dsa_size(const EVP_PKEY *pkey)
-{
-	return DSA_size(pkey->pkey.dsa);
-}
-
-static int
-dsa_bits(const EVP_PKEY *pkey)
-{
-	return BN_num_bits(pkey->pkey.dsa->p);
-}
-
-static int
-dsa_missing_parameters(const EVP_PKEY *pkey)
-{
-	DSA *dsa;
-
-	dsa = pkey->pkey.dsa;
-	if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL)
-		return 1;
-	return 0;
-}
-
-static int
-dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-	BIGNUM *a;
-
-	if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
-		return 0;
-	BN_free(to->pkey.dsa->p);
-	to->pkey.dsa->p = a;
-
-	if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
-		return 0;
-	BN_free(to->pkey.dsa->q);
-	to->pkey.dsa->q = a;
-
-	if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
-		return 0;
-	BN_free(to->pkey.dsa->g);
-	to->pkey.dsa->g = a;
-	return 1;
-}
-
-static int
-dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
-	    BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
-	    BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
-		return 0;
-	else
-		return 1;
-}
-
-static int
-dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
-		return 0;
-	else
-		return 1;
-}
-
-static void
-int_dsa_free(EVP_PKEY *pkey)
-{
-	DSA_free(pkey->pkey.dsa);
-}
-
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-	size_t i;
-
-	if (!b)
-		return;
-	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-		*pbuflen = i;
-}
-
-static int
-do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
-{
-	unsigned char *m = NULL;
-	int ret = 0;
-	size_t buf_len = 0;
-	const char *ktype = NULL;
-	const BIGNUM *priv_key, *pub_key;
-
-	if (ptype == 2)
-		priv_key = x->priv_key;
-	else
-		priv_key = NULL;
-
-	if (ptype > 0)
-		pub_key = x->pub_key;
-	else
-		pub_key = NULL;
-
-	if (ptype == 2)
-		ktype = "Private-Key";
-	else if (ptype == 1)
-		ktype = "Public-Key";
-	else
-		ktype = "DSA-Parameters";
-
-	update_buflen(x->p, &buf_len);
-	update_buflen(x->q, &buf_len);
-	update_buflen(x->g, &buf_len);
-	update_buflen(priv_key, &buf_len);
-	update_buflen(pub_key, &buf_len);
-
-	m = malloc(buf_len + 10);
-	if (m == NULL) {
-		DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (priv_key) {
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-		if (BIO_printf(bp, "%s: (%d bit)\n", ktype,
-		    BN_num_bits(x->p)) <= 0)
-			goto err;
-	}
-
-	if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
-		goto err;
-	if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
-		goto err;
-	if (!ASN1_bn_print(bp, "P:   ", x->p, m, off))
-		goto err;
-	if (!ASN1_bn_print(bp, "Q:   ", x->q, m, off))
-		goto err;
-	if (!ASN1_bn_print(bp, "G:   ", x->g, m, off))
-		goto err;
-	ret = 1;
-err:
-	free(m);
-	return(ret);
-}
-
-static int
-dsa_param_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	DSA *dsa;
-
-	if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
-		DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
-		return 0;
-	}
-	EVP_PKEY_assign_DSA(pkey, dsa);
-	return 1;
-}
-
-static int
-dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	return i2d_DSAparams(pkey->pkey.dsa, pder);
-}
-
-static int
-dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
-}
-
-static int
-dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
-}
-
-static int
-dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
-}
-
-static int
-old_dsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	DSA *dsa;
-	BN_CTX *ctx = NULL;
-	BIGNUM *j, *p1, *newp1;
-
-	if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
-		DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
-		return 0;
-	}
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-
-	/*
-	 * Check that p and q are consistent with each other.
-	 */
-
-	j = BN_CTX_get(ctx);
-	p1 = BN_CTX_get(ctx);
-	newp1 = BN_CTX_get(ctx);
-	if (j == NULL || p1 == NULL || newp1 == NULL)
-		goto err;
-	/* p1 = p - 1 */
-	if (BN_sub(p1, dsa->p, BN_value_one()) == 0)
-		goto err;
-	/* j = (p - 1) / q */
-	if (BN_div(j, NULL, p1, dsa->q, ctx) == 0)
-		goto err;
-	/* q * j should == p - 1 */
-	if (BN_mul(newp1, dsa->q, j, ctx) == 0)
-		goto err;
-	if (BN_cmp(newp1, p1) != 0) {
-		DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE);
-		goto err;
-	}
-
-	/*
-	 * Check that q is not a composite number.
-	 */
-
-	if (BN_is_prime_ex(dsa->q, BN_prime_checks, ctx, NULL) == 0) {
-		DSAerr(DSA_F_DSA_PARAM_DECODE, DSA_R_BAD_Q_VALUE);
-		goto err;
-	}
-
-	BN_CTX_free(ctx);
-
-	EVP_PKEY_assign_DSA(pkey, dsa);
-	return 1;
-
-err:
-	BN_CTX_free(ctx);
-	DSA_free(dsa);
-	return 0;
-}
-
-static int
-old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
-}
-
-static int
-dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig,
-    int indent, ASN1_PCTX *pctx)
-{
-	DSA_SIG *dsa_sig;
-	const unsigned char *p;
-
-	if (!sig) {
-		if (BIO_puts(bp, "\n") <= 0)
-			return 0;
-		else
-			return 1;
-	}
-	p = sig->data;
-	dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
-	if (dsa_sig) {
-		int rv = 0;
-		size_t buf_len = 0;
-		unsigned char *m = NULL;
-
-		update_buflen(dsa_sig->r, &buf_len);
-		update_buflen(dsa_sig->s, &buf_len);
-		m = malloc(buf_len + 10);
-		if (m == NULL) {
-			DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		if (BIO_write(bp, "\n", 1) != 1)
-			goto err;
-
-		if (!ASN1_bn_print(bp, "r:   ", dsa_sig->r, m, indent))
-			goto err;
-		if (!ASN1_bn_print(bp, "s:   ", dsa_sig->s, m, indent))
-			goto err;
-		rv = 1;
-err:
-		free(m);
-		DSA_SIG_free(dsa_sig);
-		return rv;
-	}
-	return X509_signature_dump(bp, sig, indent);
-}
-
-static int
-dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-	switch (op) {
-	case ASN1_PKEY_CTRL_PKCS7_SIGN:
-		if (arg1 == 0) {
-			int snid, hnid;
-			X509_ALGOR *alg1, *alg2;
-
-			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
-			if (alg1 == NULL || alg1->algorithm == NULL)
-				return -1;
-			hnid = OBJ_obj2nid(alg1->algorithm);
-			if (hnid == NID_undef)
-				return -1;
-			if (!OBJ_find_sigid_by_algs(&snid, hnid,
-			    EVP_PKEY_id(pkey)))
-				return -1; 
-			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
-			    0);
-		}
-		return 1;
-#ifndef OPENSSL_NO_CMS
-	case ASN1_PKEY_CTRL_CMS_SIGN:
-		if (arg1 == 0) {
-			int snid, hnid;
-			X509_ALGOR *alg1, *alg2;
-
-			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
-			if (alg1 == NULL || alg1->algorithm == NULL)
-				return -1;
-			hnid = OBJ_obj2nid(alg1->algorithm);
-			if (hnid == NID_undef)
-				return -1;
-			if (!OBJ_find_sigid_by_algs(&snid, hnid,
-			    EVP_PKEY_id(pkey)))
-				return -1; 
-			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF,
-			    0);
-		}
-		return 1;
-#endif
-
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *)arg2 = NID_sha1;
-		return 2;
-
-	default:
-		return -2;
-	}
-}
-
-/* NB these are sorted in pkey_id order, lowest first */
-
-const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
-	{
-		.pkey_id = EVP_PKEY_DSA2,
-		.pkey_base_id = EVP_PKEY_DSA,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-
-	{
-		.pkey_id = EVP_PKEY_DSA1,
-		.pkey_base_id = EVP_PKEY_DSA,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-
-	{
-		.pkey_id = EVP_PKEY_DSA4,
-		.pkey_base_id = EVP_PKEY_DSA,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-
-	{
-		.pkey_id = EVP_PKEY_DSA3,
-		.pkey_base_id = EVP_PKEY_DSA,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-
-	{
-		.pkey_id = EVP_PKEY_DSA,
-		.pkey_base_id = EVP_PKEY_DSA,
-
-		.pem_str = "DSA",
-		.info = "OpenSSL DSA method",
-
-		.pub_decode = dsa_pub_decode,
-		.pub_encode = dsa_pub_encode,
-		.pub_cmp = dsa_pub_cmp,
-		.pub_print = dsa_pub_print,
-
-		.priv_decode = dsa_priv_decode,
-		.priv_encode = dsa_priv_encode,
-		.priv_print = dsa_priv_print,
-
-		.pkey_size = int_dsa_size,
-		.pkey_bits = dsa_bits,
-
-		.param_decode = dsa_param_decode,
-		.param_encode = dsa_param_encode,
-		.param_missing = dsa_missing_parameters,
-		.param_copy = dsa_copy_parameters,
-		.param_cmp = dsa_cmp_parameters,
-		.param_print = dsa_param_print,
-		.sig_print = dsa_sig_print,
-
-		.pkey_free = int_dsa_free,
-		.pkey_ctrl = dsa_pkey_ctrl,
-		.old_priv_decode = old_dsa_priv_decode,
-		.old_priv_encode = old_dsa_priv_encode
-	}
-};
diff --git a/lib/libssl/src/crypto/dsa/dsa_asn1.c b/lib/libssl/src/crypto/dsa/dsa_asn1.c
deleted file mode 100644
index 8c5d93105ca..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_asn1.c
+++ /dev/null
@@ -1,439 +0,0 @@
-/* $OpenBSD: dsa_asn1.c,v 1.16 2015/02/14 15:06:55 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-
-/* Override the default new methods */
-static int
-sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_NEW_PRE) {
-		DSA_SIG *sig;
-
-		sig = malloc(sizeof(DSA_SIG));
-		if (!sig) {
-			DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		sig->r = NULL;
-		sig->s = NULL;
-		*pval = (ASN1_VALUE *)sig;
-		return 2;
-	}
-	return 1;
-}
-
-static const ASN1_AUX DSA_SIG_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = sig_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DSA_SIG_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA_SIG, r),
-		.field_name = "r",
-		.item = &CBIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA_SIG, s),
-		.field_name = "s",
-		.item = &CBIGNUM_it,
-	},
-};
-
-const ASN1_ITEM DSA_SIG_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = DSA_SIG_seq_tt,
-	.tcount = sizeof(DSA_SIG_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DSA_SIG_aux,
-	.size = sizeof(DSA_SIG),
-	.sname = "DSA_SIG",
-};
-
-
-DSA_SIG *
-d2i_DSA_SIG(DSA_SIG **a, const unsigned char **in, long len)
-{
-	return (DSA_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DSA_SIG_it);
-}
-
-int
-i2d_DSA_SIG(const DSA_SIG *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSA_SIG_it);
-}
-
-/* Override the default free and new methods */
-static int
-dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)DSA_new();
-		if (*pval)
-			return 2;
-		return 0;
-	} else if (operation == ASN1_OP_FREE_PRE) {
-		DSA_free((DSA *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-static const ASN1_AUX DSAPrivateKey_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = dsa_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DSAPrivateKey_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, p),
-		.field_name = "p",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, q),
-		.field_name = "q",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, g),
-		.field_name = "g",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, pub_key),
-		.field_name = "pub_key",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, priv_key),
-		.field_name = "priv_key",
-		.item = &BIGNUM_it,
-	},
-};
-
-const ASN1_ITEM DSAPrivateKey_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = DSAPrivateKey_seq_tt,
-	.tcount = sizeof(DSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DSAPrivateKey_aux,
-	.size = sizeof(DSA),
-	.sname = "DSA",
-};
-
-
-DSA *
-d2i_DSAPrivateKey(DSA **a, const unsigned char **in, long len)
-{
-	return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DSAPrivateKey_it);
-}
-
-int
-i2d_DSAPrivateKey(const DSA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPrivateKey_it);
-}
-
-static const ASN1_AUX DSAparams_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = dsa_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DSAparams_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, p),
-		.field_name = "p",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, q),
-		.field_name = "q",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, g),
-		.field_name = "g",
-		.item = &BIGNUM_it,
-	},
-};
-
-const ASN1_ITEM DSAparams_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = DSAparams_seq_tt,
-	.tcount = sizeof(DSAparams_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DSAparams_aux,
-	.size = sizeof(DSA),
-	.sname = "DSA",
-};
-
-
-DSA *
-d2i_DSAparams(DSA **a, const unsigned char **in, long len)
-{
-	return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DSAparams_it);
-}
-
-int
-i2d_DSAparams(const DSA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAparams_it);
-}
-
-/*
- * DSA public key is a bit trickier... its effectively a CHOICE type
- * decided by a field called write_params which can either write out
- * just the public key as an INTEGER or the parameters and public key
- * in a SEQUENCE
- */
-
-static const ASN1_TEMPLATE dsa_pub_internal_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, pub_key),
-		.field_name = "pub_key",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, p),
-		.field_name = "p",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, q),
-		.field_name = "q",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, g),
-		.field_name = "g",
-		.item = &BIGNUM_it,
-	},
-};
-
-const ASN1_ITEM dsa_pub_internal_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = dsa_pub_internal_seq_tt,
-	.tcount = sizeof(dsa_pub_internal_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(DSA),
-	.sname = "DSA",
-};
-
-static const ASN1_AUX DSAPublicKey_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = dsa_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DSAPublicKey_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(DSA, pub_key),
-		.field_name = "pub_key",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0 | ASN1_TFLG_COMBINE,
-		.tag = 0,
-		.offset = 0,
-		.field_name = NULL,
-		.item = &dsa_pub_internal_it,
-	},
-};
-
-const ASN1_ITEM DSAPublicKey_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(DSA, write_params),
-	.templates = DSAPublicKey_ch_tt,
-	.tcount = sizeof(DSAPublicKey_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DSAPublicKey_aux,
-	.size = sizeof(DSA),
-	.sname = "DSA",
-};
-
-
-DSA *
-d2i_DSAPublicKey(DSA **a, const unsigned char **in, long len)
-{
-	return (DSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DSAPublicKey_it);
-}
-
-int
-i2d_DSAPublicKey(const DSA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DSAPublicKey_it);
-}
-
-DSA *
-DSAparams_dup(DSA *dsa)
-{
-	return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
-}
-
-int
-DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-    unsigned int *siglen, DSA *dsa)
-{
-	DSA_SIG *s;
-
-	s = DSA_do_sign(dgst, dlen, dsa);
-	if (s == NULL) {
-		*siglen = 0;
-		return 0;
-	}
-	*siglen = i2d_DSA_SIG(s,&sig);
-	DSA_SIG_free(s);
-	return 1;
-}
-
-/*
- * data has already been hashed (probably with SHA or SHA-1).
- * returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int
-DSA_verify(int type, const unsigned char *dgst, int dgst_len,
-    const unsigned char *sigbuf, int siglen, DSA *dsa)
-{
-	DSA_SIG *s;
-	unsigned char *der = NULL;
-	const unsigned char *p = sigbuf;
-	int derlen = -1;
-	int ret = -1;
-
-	s = DSA_SIG_new();
-	if (s == NULL)
-		return ret;
-	if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
-		goto err;
-	/* Ensure signature uses DER and doesn't have trailing garbage */
-	derlen = i2d_DSA_SIG(s, &der);
-	if (derlen != siglen || memcmp(sigbuf, der, derlen))
-		goto err;
-	ret = DSA_do_verify(dgst, dgst_len, s, dsa);
-err:
-	if (derlen > 0) {
-		explicit_bzero(der, derlen);
-		free(der);
-	}
-	DSA_SIG_free(s);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/dsa/dsa_depr.c b/lib/libssl/src/crypto/dsa/dsa_depr.c
deleted file mode 100644
index 269cd634507..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_depr.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* $OpenBSD: dsa_depr.c,v 1.7 2014/10/18 17:20:40 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This file contains deprecated function(s) that are now wrappers to the new
- * version(s). */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_SHA
-
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-DSA *
-DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len,
-    int *counter_ret, unsigned long *h_ret, void (*callback)(int, int, void *),
-    void *cb_arg)
-{
-	BN_GENCB cb;
-	DSA *ret;
-
-	if ((ret = DSA_new()) == NULL)
-		return NULL;
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-
-	if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len,
-	    counter_ret, h_ret, &cb))
-		return ret;
-	DSA_free(ret);
-	return NULL;
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_err.c b/lib/libssl/src/crypto/dsa/dsa_err.c
deleted file mode 100644
index b116b643c3e..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_err.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* $OpenBSD: dsa_err.c,v 1.14 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/dsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
-
-static ERR_STRING_DATA DSA_str_functs[]=
-	{
-{ERR_FUNC(DSA_F_D2I_DSA_SIG),	"d2i_DSA_SIG"},
-{ERR_FUNC(DSA_F_DO_DSA_PRINT),	"DO_DSA_PRINT"},
-{ERR_FUNC(DSA_F_DSAPARAMS_PRINT),	"DSAparams_print"},
-{ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP),	"DSAparams_print_fp"},
-{ERR_FUNC(DSA_F_DSA_DO_SIGN),	"DSA_do_sign"},
-{ERR_FUNC(DSA_F_DSA_DO_VERIFY),	"DSA_do_verify"},
-{ERR_FUNC(DSA_F_DSA_GENERATE_KEY),	"DSA_generate_key"},
-{ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX),	"DSA_generate_parameters_ex"},
-{ERR_FUNC(DSA_F_DSA_NEW_METHOD),	"DSA_new_method"},
-{ERR_FUNC(DSA_F_DSA_PARAM_DECODE),	"DSA_PARAM_DECODE"},
-{ERR_FUNC(DSA_F_DSA_PRINT_FP),	"DSA_print_fp"},
-{ERR_FUNC(DSA_F_DSA_PRIV_DECODE),	"DSA_PRIV_DECODE"},
-{ERR_FUNC(DSA_F_DSA_PRIV_ENCODE),	"DSA_PRIV_ENCODE"},
-{ERR_FUNC(DSA_F_DSA_PUB_DECODE),	"DSA_PUB_DECODE"},
-{ERR_FUNC(DSA_F_DSA_PUB_ENCODE),	"DSA_PUB_ENCODE"},
-{ERR_FUNC(DSA_F_DSA_SIGN),	"DSA_sign"},
-{ERR_FUNC(DSA_F_DSA_SIGN_SETUP),	"DSA_sign_setup"},
-{ERR_FUNC(DSA_F_DSA_SIG_NEW),	"DSA_SIG_new"},
-{ERR_FUNC(DSA_F_DSA_SIG_PRINT),	"DSA_SIG_PRINT"},
-{ERR_FUNC(DSA_F_DSA_VERIFY),	"DSA_verify"},
-{ERR_FUNC(DSA_F_I2D_DSA_SIG),	"i2d_DSA_SIG"},
-{ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE),	"OLD_DSA_PRIV_DECODE"},
-{ERR_FUNC(DSA_F_PKEY_DSA_CTRL),	"PKEY_DSA_CTRL"},
-{ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN),	"PKEY_DSA_KEYGEN"},
-{ERR_FUNC(DSA_F_SIG_CB),	"SIG_CB"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA DSA_str_reasons[]=
-	{
-{ERR_REASON(DSA_R_BAD_Q_VALUE)           ,"bad q value"},
-{ERR_REASON(DSA_R_BN_DECODE_ERROR)       ,"bn decode error"},
-{ERR_REASON(DSA_R_BN_ERROR)              ,"bn error"},
-{ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),"data too large for key size"},
-{ERR_REASON(DSA_R_DECODE_ERROR)          ,"decode error"},
-{ERR_REASON(DSA_R_INVALID_DIGEST_TYPE)   ,"invalid digest type"},
-{ERR_REASON(DSA_R_MISSING_PARAMETERS)    ,"missing parameters"},
-{ERR_REASON(DSA_R_MODULUS_TOO_LARGE)     ,"modulus too large"},
-{ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"},
-{ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD)   ,"non fips dsa method"},
-{ERR_REASON(DSA_R_NO_PARAMETERS_SET)     ,"no parameters set"},
-{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_DSA_strings(void)
-	{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(DSA_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings(0,DSA_str_functs);
-		ERR_load_strings(0,DSA_str_reasons);
-		}
-#endif
-	}
diff --git a/lib/libssl/src/crypto/dsa/dsa_gen.c b/lib/libssl/src/crypto/dsa/dsa_gen.c
deleted file mode 100644
index 7ddb7fec5e4..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_gen.c
+++ /dev/null
@@ -1,357 +0,0 @@
-/* $OpenBSD: dsa_gen.c,v 1.22 2015/07/15 18:34:37 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
-
-#ifndef OPENSSL_NO_SHA
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/sha.h>
-
-#include "dsa_locl.h"
-
-int
-DSA_generate_parameters_ex(DSA *ret, int bits, const unsigned char *seed_in,
-    int seed_len, int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
-{
-	if (ret->meth->dsa_paramgen)
-		return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
-		    counter_ret, h_ret, cb);
-	else {
-		const EVP_MD *evpmd;
-		size_t qbits;
-
-		if (bits >= 2048) {
-			qbits = 256;
-			evpmd = EVP_sha256();
-		} else {
-			qbits = 160;
-			evpmd = EVP_sha1();
-		}
-
-		return dsa_builtin_paramgen(ret, bits, qbits, evpmd, seed_in,
-		    seed_len, NULL, counter_ret, h_ret, cb);
-	}
-}
-
-int
-dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, const EVP_MD *evpmd,
-    const unsigned char *seed_in, size_t seed_len, unsigned char *seed_out,
-    int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
-{
-	int ok = 0;
-	unsigned char seed[SHA256_DIGEST_LENGTH];
-	unsigned char md[SHA256_DIGEST_LENGTH];
-	unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
-	BIGNUM *r0, *W, *X, *c, *test;
-	BIGNUM *g = NULL, *q = NULL, *p = NULL;
-	BN_MONT_CTX *mont = NULL;
-	int i, k, n = 0, m = 0, qsize = qbits >> 3;
-	int counter = 0;
-	int r = 0;
-	BN_CTX *ctx = NULL;
-	unsigned int h = 2;
-
-	if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
-	    qsize != SHA256_DIGEST_LENGTH)
-		/* invalid q size */
-		return 0;
-
-	if (evpmd == NULL)
-		/* use SHA1 as default */
-		evpmd = EVP_sha1();
-
-	if (bits < 512)
-		bits = 512;
-
-	bits = (bits + 63) / 64 * 64;
-
-	if (seed_len < (size_t)qsize) {
-		seed_in = NULL;		/* seed buffer too small -- ignore */
-		seed_len = 0;
-	}
-	/*
-	 * App. 2.2 of FIPS PUB 186 allows larger SEED,
-	 * but our internal buffers are restricted to 160 bits
-	 */
-	if (seed_len > (size_t)qsize) 
-		seed_len = qsize;
-	if (seed_in != NULL)
-		memcpy(seed, seed_in, seed_len);
-	else if (seed_len != 0)
-		goto err;
-
-	if ((mont=BN_MONT_CTX_new()) == NULL)
-		goto err;
-
-	if ((ctx=BN_CTX_new()) == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-
-	if ((r0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((g = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((W = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((q = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((c = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((p = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((test = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_lshift(test, BN_value_one(), bits - 1))
-		goto err;
-
-	for (;;) {
-		for (;;) { /* find q */
-			int seed_is_random;
-
-			/* step 1 */
-			if (!BN_GENCB_call(cb, 0, m++))
-				goto err;
-
-			if (seed_len == 0) {
-				arc4random_buf(seed, qsize);
-				seed_is_random = 1;
-			} else {
-				seed_is_random = 0;
-				/* use random seed if 'seed_in' turns out
-				   to be bad */
-				seed_len = 0;
-			}
-			memcpy(buf, seed, qsize);
-			memcpy(buf2, seed, qsize);
-			/* precompute "SEED + 1" for step 7: */
-			for (i = qsize - 1; i >= 0; i--) {
-				buf[i]++;
-				if (buf[i] != 0)
-					break;
-			}
-
-			/* step 2 */
-			if (!EVP_Digest(seed, qsize, md,   NULL, evpmd, NULL))
-				goto err;
-			if (!EVP_Digest(buf,  qsize, buf2, NULL, evpmd, NULL))
-				goto err;
-			for (i = 0; i < qsize; i++)
-				md[i] ^= buf2[i];
-
-			/* step 3 */
-			md[0] |= 0x80;
-			md[qsize - 1] |= 0x01;
-			if (!BN_bin2bn(md, qsize, q))
-				goto err;
-
-			/* step 4 */
-			r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
-			    seed_is_random, cb);
-			if (r > 0)
-				break;
-			if (r != 0)
-				goto err;
-
-			/* do a callback call */
-			/* step 5 */
-		}
-
-		if (!BN_GENCB_call(cb, 2, 0))
-			goto err;
-		if (!BN_GENCB_call(cb, 3, 0))
-			goto err;
-
-		/* step 6 */
-		counter = 0;
-		/* "offset = 2" */
-
-		n = (bits - 1) / 160;
-
-		for (;;) {
-			if (counter != 0 && !BN_GENCB_call(cb, 0, counter))
-				goto err;
-
-			/* step 7 */
-			BN_zero(W);
-			/* now 'buf' contains "SEED + offset - 1" */
-			for (k = 0; k <= n; k++) {
-				/* obtain "SEED + offset + k" by incrementing: */
-				for (i = qsize - 1; i >= 0; i--) {
-					buf[i]++;
-					if (buf[i] != 0)
-						break;
-				}
-
-				if (!EVP_Digest(buf, qsize, md ,NULL, evpmd,
-				    NULL))
-					goto err;
-
-				/* step 8 */
-				if (!BN_bin2bn(md, qsize, r0))
-					goto err;
-				if (!BN_lshift(r0, r0, (qsize << 3) * k))
-					goto err;
-				if (!BN_add(W, W, r0))
-					goto err;
-			}
-
-			/* more of step 8 */
-			if (!BN_mask_bits(W, bits - 1))
-				goto err;
-			if (!BN_copy(X, W))
-				goto err;
-			if (!BN_add(X, X, test))
-				goto err;
-
-			/* step 9 */
-			if (!BN_lshift1(r0, q))
-				goto err;
-			if (!BN_mod(c, X, r0, ctx))
-				goto err;
-			if (!BN_sub(r0, c, BN_value_one()))
-				goto err;
-			if (!BN_sub(p, X, r0))
-				goto err;
-
-			/* step 10 */
-			if (BN_cmp(p, test) >= 0) {
-				/* step 11 */
-				r = BN_is_prime_fasttest_ex(p, DSS_prime_checks,
-				    ctx, 1, cb);
-				if (r > 0)
-					goto end; /* found it */
-				if (r != 0)
-					goto err;
-			}
-
-			/* step 13 */
-			counter++;
-			/* "offset = offset + n + 1" */
-
-			/* step 14 */
-			if (counter >= 4096)
-				break;
-		}
-	}
-end:
-	if (!BN_GENCB_call(cb, 2, 1))
-		goto err;
-
-	/* We now need to generate g */
-	/* Set r0=(p-1)/q */
-	if (!BN_sub(test, p, BN_value_one()))
-		goto err;
-	if (!BN_div(r0, NULL, test, q, ctx))
-		goto err;
-
-	if (!BN_set_word(test, h))
-		goto err;
-	if (!BN_MONT_CTX_set(mont, p, ctx))
-		goto err;
-
-	for (;;) {
-		/* g=test^r0%p */
-		if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
-			goto err;
-		if (!BN_is_one(g))
-			break;
-		if (!BN_add(test, test, BN_value_one()))
-			goto err;
-		h++;
-	}
-
-	if (!BN_GENCB_call(cb, 3, 1))
-		goto err;
-
-	ok = 1;
-err:
-	if (ok) {
-		BN_free(ret->p);
-		BN_free(ret->q);
-		BN_free(ret->g);
-		ret->p = BN_dup(p);
-		ret->q = BN_dup(q);
-		ret->g = BN_dup(g);
-		if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
-			ok = 0;
-			goto err;
-		}
-		if (counter_ret != NULL)
-			*counter_ret = counter;
-		if (h_ret != NULL)
-			*h_ret = h;
-		if (seed_out != NULL)
-			memcpy(seed_out, seed, qsize);
-	}
-	if (ctx) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	BN_MONT_CTX_free(mont);
-	return ok;
-}
-#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_key.c b/lib/libssl/src/crypto/dsa/dsa_key.c
deleted file mode 100644
index fc4eb9c4331..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_key.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: dsa_key.c,v 1.22 2016/06/30 02:02:06 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_SHA
-
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-
-static int dsa_builtin_keygen(DSA *dsa);
-
-int
-DSA_generate_key(DSA *dsa)
-{
-	if (dsa->meth->dsa_keygen)
-		return dsa->meth->dsa_keygen(dsa);
-	return dsa_builtin_keygen(dsa);
-}
-
-static int
-dsa_builtin_keygen(DSA *dsa)
-{
-	int ok = 0;
-	BN_CTX *ctx = NULL;
-	BIGNUM *pub_key = NULL, *priv_key = NULL;
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	if (dsa->priv_key == NULL) {
-		if ((priv_key = BN_new()) == NULL)
-			goto err;
-	} else
-		priv_key=dsa->priv_key;
-
-	do {
-		if (!BN_rand_range(priv_key, dsa->q))
-			goto err;
-	} while (BN_is_zero(priv_key));
-
-	if (dsa->pub_key == NULL) {
-		if ((pub_key = BN_new()) == NULL)
-			goto err;
-	} else
-		pub_key=dsa->pub_key;
-	
-	{
-		BIGNUM prk;
-
-		BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
-
-		if (!BN_mod_exp(pub_key, dsa->g, &prk, dsa->p, ctx))
-			goto err;
-	}
-
-	dsa->priv_key = priv_key;
-	dsa->pub_key = pub_key;
-	ok = 1;
-
-err:
-	if (pub_key != NULL && dsa->pub_key == NULL)
-		BN_free(pub_key);
-	if (priv_key != NULL && dsa->priv_key == NULL)
-		BN_free(priv_key);
-	BN_CTX_free(ctx);
-	return ok;
-}
-#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_lib.c b/lib/libssl/src/crypto/dsa/dsa_lib.c
deleted file mode 100644
index 8016f2f7cbd..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_lib.c
+++ /dev/null
@@ -1,305 +0,0 @@
-/* $OpenBSD: dsa_lib.c,v 1.22 2015/02/11 03:19:37 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static const DSA_METHOD *default_DSA_method = NULL;
-
-void
-DSA_set_default_method(const DSA_METHOD *meth)
-{
-	default_DSA_method = meth;
-}
-
-const DSA_METHOD *
-DSA_get_default_method(void)
-{
-	if (!default_DSA_method)
-		default_DSA_method = DSA_OpenSSL();
-	return default_DSA_method;
-}
-
-DSA *
-DSA_new(void)
-{
-	return DSA_new_method(NULL);
-}
-
-int
-DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
-{
-	/*
-	 * NB: The caller is specifically setting a method, so it's not up to us
-	 * to deal with which ENGINE it comes from.
-	 */
-        const DSA_METHOD *mtmp;
-        mtmp = dsa->meth;
-        if (mtmp->finish)
-		mtmp->finish(dsa);
-#ifndef OPENSSL_NO_ENGINE
-	if (dsa->engine) {
-		ENGINE_finish(dsa->engine);
-		dsa->engine = NULL;
-	}
-#endif
-        dsa->meth = meth;
-        if (meth->init)
-		meth->init(dsa);
-        return 1;
-}
-
-DSA *
-DSA_new_method(ENGINE *engine)
-{
-	DSA *ret;
-
-	ret = malloc(sizeof(DSA));
-	if (ret == NULL) {
-		DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->meth = DSA_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-	if (engine) {
-		if (!ENGINE_init(engine)) {
-			DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			free(ret);
-			return NULL;
-		}
-		ret->engine = engine;
-	} else
-		ret->engine = ENGINE_get_default_DSA();
-	if (ret->engine) {
-		ret->meth = ENGINE_get_DSA(ret->engine);
-		if (!ret->meth) {
-			DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
-		}
-	}
-#endif
-
-	ret->pad = 0;
-	ret->version = 0;
-	ret->write_params = 1;
-	ret->p = NULL;
-	ret->q = NULL;
-	ret->g = NULL;
-
-	ret->pub_key = NULL;
-	ret->priv_key = NULL;
-
-	ret->kinv = NULL;
-	ret->r = NULL;
-	ret->method_mont_p = NULL;
-
-	ret->references = 1;
-	ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
-		free(ret);
-		ret = NULL;
-	}
-	
-	return ret;
-}
-
-void
-DSA_free(DSA *r)
-{
-	int i;
-
-	if (r == NULL)
-		return;
-
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
-	if (i > 0)
-		return;
-
-	if (r->meth->finish)
-		r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
-
-	BN_clear_free(r->p);
-	BN_clear_free(r->q);
-	BN_clear_free(r->g);
-	BN_clear_free(r->pub_key);
-	BN_clear_free(r->priv_key);
-	BN_clear_free(r->kinv);
-	BN_clear_free(r->r);
-	free(r);
-}
-
-int
-DSA_up_ref(DSA *r)
-{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
-	return i > 1 ? 1 : 0;
-}
-
-int
-DSA_size(const DSA *r)
-{
-	int ret, i;
-	ASN1_INTEGER bs;
-	unsigned char buf[4];	/* 4 bytes looks really small.
-				   However, i2d_ASN1_INTEGER() will not look
-				   beyond the first byte, as long as the second
-				   parameter is NULL. */
-
-	i = BN_num_bits(r->q);
-	bs.length = (i + 7) / 8;
-	bs.data = buf;
-	bs.type = V_ASN1_INTEGER;
-	/* If the top bit is set the asn1 encoding is 1 larger. */
-	buf[0] = 0xff;
-
-	i = i2d_ASN1_INTEGER(&bs, NULL);
-	i += i; /* r and s */
-	ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
-	return ret;
-}
-
-int
-DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-DSA_set_ex_data(DSA *d, int idx, void *arg)
-{
-	return CRYPTO_set_ex_data(&d->ex_data, idx, arg);
-}
-
-void *
-DSA_get_ex_data(DSA *d, int idx)
-{
-	return CRYPTO_get_ex_data(&d->ex_data, idx);
-}
-
-#ifndef OPENSSL_NO_DH
-DH *
-DSA_dup_DH(const DSA *r)
-{
-	/*
-	 * DSA has p, q, g, optional pub_key, optional priv_key.
-	 * DH has p, optional length, g, optional pub_key, optional priv_key,
-	 * optional q.
-	 */ 
-	DH *ret = NULL;
-
-	if (r == NULL)
-		goto err;
-	ret = DH_new();
-	if (ret == NULL)
-		goto err;
-	if (r->p != NULL) 
-		if ((ret->p = BN_dup(r->p)) == NULL)
-			goto err;
-	if (r->q != NULL) {
-		ret->length = BN_num_bits(r->q);
-		if ((ret->q = BN_dup(r->q)) == NULL)
-			goto err;
-	}
-	if (r->g != NULL)
-		if ((ret->g = BN_dup(r->g)) == NULL)
-			goto err;
-	if (r->pub_key != NULL)
-		if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
-			goto err;
-	if (r->priv_key != NULL)
-		if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
-			goto err;
-
-	return ret;
-
-err:
-	DH_free(ret);
-	return NULL;
-}
-#endif
diff --git a/lib/libssl/src/crypto/dsa/dsa_locl.h b/lib/libssl/src/crypto/dsa/dsa_locl.h
deleted file mode 100644
index c65a2f20cfb..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_locl.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/* $OpenBSD: dsa_locl.h,v 1.2 2014/06/12 15:49:28 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/dsa.h>
-
-int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
-	const EVP_MD *evpmd, const unsigned char *seed_in, size_t seed_len,
-	unsigned char *seed_out,
-	int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
diff --git a/lib/libssl/src/crypto/dsa/dsa_ossl.c b/lib/libssl/src/crypto/dsa/dsa_ossl.c
deleted file mode 100644
index a28d3e9d1a4..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_ossl.c
+++ /dev/null
@@ -1,385 +0,0 @@
-/* $OpenBSD: dsa_ossl.c,v 1.26 2016/06/21 04:16:53 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/sha.h>
-
-static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-	    BIGNUM **rp);
-static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
-	    DSA *dsa);
-static int dsa_init(DSA *dsa);
-static int dsa_finish(DSA *dsa);
-
-static DSA_METHOD openssl_dsa_meth = {
-	.name = "OpenSSL DSA method",
-	.dsa_do_sign = dsa_do_sign,
-	.dsa_sign_setup = dsa_sign_setup,
-	.dsa_do_verify = dsa_do_verify,
-	.init = dsa_init,
-	.finish = dsa_finish
-};
-
-const DSA_METHOD *
-DSA_OpenSSL(void)
-{
-	return &openssl_dsa_meth;
-}
-
-static DSA_SIG *
-dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-	BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
-	BIGNUM m;
-	BIGNUM xr;
-	BN_CTX *ctx = NULL;
-	int reason = ERR_R_BN_LIB;
-	DSA_SIG *ret = NULL;
-	int noredo = 0;
-
-	BN_init(&m);
-	BN_init(&xr);
-
-	if (!dsa->p || !dsa->q || !dsa->g) {
-		reason = DSA_R_MISSING_PARAMETERS;
-		goto err;
-	}
-
-	s = BN_new();
-	if (s == NULL)
-		goto err;
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-redo:
-	if (dsa->kinv == NULL || dsa->r == NULL) {
-		if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
-			goto err;
-	} else {
-		kinv = dsa->kinv;
-		dsa->kinv = NULL;
-		r = dsa->r;
-		dsa->r = NULL;
-		noredo = 1;
-	}
-
-	
-	/*
-	 * If the digest length is greater than the size of q use the
-	 * BN_num_bits(dsa->q) leftmost bits of the digest, see
-	 * fips 186-3, 4.2
-	 */
-	if (dlen > BN_num_bytes(dsa->q))
-		dlen = BN_num_bytes(dsa->q);
-	if (BN_bin2bn(dgst,dlen,&m) == NULL)
-		goto err;
-
-	/* Compute  s = inv(k) (m + xr) mod q */
-	if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))	/* s = xr */
-		goto err;
-	if (!BN_add(s, &xr, &m))				/* s = m + xr */
-		goto err;
-	if (BN_cmp(s, dsa->q) > 0)
-		if (!BN_sub(s, s, dsa->q))
-			goto err;
-	if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
-		goto err;
-
-	ret = DSA_SIG_new();
-	if (ret == NULL)
-		goto err;
-	/*
-	 * Redo if r or s is zero as required by FIPS 186-3: this is
-	 * very unlikely.
-	 */
-	if (BN_is_zero(r) || BN_is_zero(s)) {
-		if (noredo) {
-			reason = DSA_R_NEED_NEW_SETUP_VALUES;
-			goto err;
-		}
-		goto redo;
-	}
-	ret->r = r;
-	ret->s = s;
-	
-err:
-	if (!ret) {
-		DSAerr(DSA_F_DSA_DO_SIGN, reason);
-		BN_free(r);
-		BN_free(s);
-	}
-	BN_CTX_free(ctx);
-	BN_clear_free(&m);
-	BN_clear_free(&xr);
-	BN_clear_free(kinv);
-	return ret;
-}
-
-static int
-dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-	BN_CTX *ctx;
-	BIGNUM k, *kinv = NULL, *r = NULL;
-	int ret = 0;
-
-	if (!dsa->p || !dsa->q || !dsa->g) {
-		DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
-		return 0;
-	}
-
-	BN_init(&k);
-
-	if (ctx_in == NULL) {
-		if ((ctx = BN_CTX_new()) == NULL)
-			goto err;
-	} else
-		ctx = ctx_in;
-
-	if ((r = BN_new()) == NULL)
-		goto err;
-
-	/* Get random k */
-	do {
-		if (!BN_rand_range(&k, dsa->q))
-			goto err;
-	} while (BN_is_zero(&k));
-
-	BN_set_flags(&k, BN_FLG_CONSTTIME);
-
-	if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
-		if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
-		    CRYPTO_LOCK_DSA, dsa->p, ctx))
-			goto err;
-	}
-
-	/* Compute r = (g^k mod p) mod q */
-
-	/*
-	 * We do not want timing information to leak the length of k,
-	 * so we compute g^k using an equivalent exponent of fixed
-	 * length.
-	 *
-	 * (This is a kludge that we need because the BN_mod_exp_mont()
-	 * does not let us specify the desired timing behaviour.)
-	 */
-
-	if (!BN_add(&k, &k, dsa->q))
-		goto err;
-	if (BN_num_bits(&k) <= BN_num_bits(dsa->q)) {
-		if (!BN_add(&k, &k, dsa->q))
-			goto err;
-	}
-
-	if (dsa->meth->bn_mod_exp != NULL) {
-		if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, &k, dsa->p, ctx,
-					dsa->method_mont_p))
-			goto err;
-	} else {
-		if (!BN_mod_exp_mont(r, dsa->g, &k, dsa->p, ctx, dsa->method_mont_p))
-			goto err;
-	}
-
-	if (!BN_mod(r,r,dsa->q,ctx))
-		goto err;
-
-	/* Compute  part of 's = inv(k) (m + xr) mod q' */
-	if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
-		goto err;
-
-	BN_clear_free(*kinvp);
-	*kinvp = kinv;
-	kinv = NULL;
-	BN_clear_free(*rp);
-	*rp = r;
-	ret = 1;
-err:
-	if (!ret) {
-		DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
-		BN_clear_free(r);
-	}
-	if (ctx_in == NULL)
-		BN_CTX_free(ctx);
-	BN_clear_free(&k);
-	return ret;
-}
-
-static int
-dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
-{
-	BN_CTX *ctx;
-	BIGNUM u1, u2, t1;
-	BN_MONT_CTX *mont = NULL;
-	int ret = -1, i;
-
-	if (!dsa->p || !dsa->q || !dsa->g) {
-		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
-		return -1;
-	}
-
-	i = BN_num_bits(dsa->q);
-	/* fips 186-3 allows only different sizes for q */
-	if (i != 160 && i != 224 && i != 256) {
-		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
-		return -1;
-	}
-
-	if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
-		DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
-		return -1;
-	}
-	BN_init(&u1);
-	BN_init(&u2);
-	BN_init(&t1);
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
-	    BN_ucmp(sig->r, dsa->q) >= 0) {
-		ret = 0;
-		goto err;
-	}
-	if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
-	    BN_ucmp(sig->s, dsa->q) >= 0) {
-		ret = 0;
-		goto err;
-	}
-
-	/* Calculate W = inv(S) mod Q
-	 * save W in u2 */
-	if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
-		goto err;
-
-	/* save M in u1 */
-	/*
-	 * If the digest length is greater than the size of q use the
-	 * BN_num_bits(dsa->q) leftmost bits of the digest, see
-	 * fips 186-3, 4.2
-	 */
-	if (dgst_len > (i >> 3))
-		dgst_len = (i >> 3);
-	if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
-		goto err;
-
-	/* u1 = M * w mod q */
-	if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
-		goto err;
-
-	/* u2 = r * w mod q */
-	if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
-		goto err;
-
-
-	if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
-		mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
-		    CRYPTO_LOCK_DSA, dsa->p, ctx);
-		if (!mont)
-			goto err;
-	}
-
-	if (dsa->meth->dsa_mod_exp != NULL) {
-		if (!dsa->meth->dsa_mod_exp(dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2,
-						dsa->p, ctx, mont))
-			goto err;
-	} else {
-		if (!BN_mod_exp2_mont(&t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx,
-						mont))
-			goto err;
-	}
-		
-	/* BN_copy(&u1,&t1); */
-	/* let u1 = u1 mod q */
-	if (!BN_mod(&u1, &t1, dsa->q, ctx))
-		goto err;
-
-	/* V is now in u1.  If the signature is correct, it will be
-	 * equal to R. */
-	ret = BN_ucmp(&u1, sig->r) == 0;
-
-err:
-	if (ret < 0)
-		DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
-	BN_CTX_free(ctx);
-	BN_free(&u1);
-	BN_free(&u2);
-	BN_free(&t1);
-	return ret;
-}
-
-static int
-dsa_init(DSA *dsa)
-{
-	dsa->flags |= DSA_FLAG_CACHE_MONT_P;
-	return 1;
-}
-
-static int
-dsa_finish(DSA *dsa)
-{
-	BN_MONT_CTX_free(dsa->method_mont_p);
-	return 1;
-}
-
diff --git a/lib/libssl/src/crypto/dsa/dsa_pmeth.c b/lib/libssl/src/crypto/dsa/dsa_pmeth.c
deleted file mode 100644
index c7a2edfc94a..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_pmeth.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/* $OpenBSD: dsa_pmeth.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#include "dsa_locl.h"
-#include "evp_locl.h"
-
-/* DSA pkey context structure */
-
-typedef struct {
-	/* Parameter gen parameters */
-	int nbits;		/* size of p in bits (default: 1024) */
-	int qbits;		/* size of q in bits (default: 160)  */
-	const EVP_MD *pmd;	/* MD for parameter generation */
-	/* Keygen callback info */
-	int gentmp[2];
-	/* message digest */
-	const EVP_MD *md;	/* MD for the signature */
-} DSA_PKEY_CTX;
-
-static int
-pkey_dsa_init(EVP_PKEY_CTX *ctx)
-{
-	DSA_PKEY_CTX *dctx;
-
-	dctx = malloc(sizeof(DSA_PKEY_CTX));
-	if (!dctx)
-		return 0;
-	dctx->nbits = 1024;
-	dctx->qbits = 160;
-	dctx->pmd = NULL;
-	dctx->md = NULL;
-
-	ctx->data = dctx;
-	ctx->keygen_info = dctx->gentmp;
-	ctx->keygen_info_count = 2;
-	
-	return 1;
-}
-
-static int
-pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	DSA_PKEY_CTX *dctx, *sctx;
-
-	if (!pkey_dsa_init(dst))
-		return 0;
-       	sctx = src->data;
-	dctx = dst->data;
-	dctx->nbits = sctx->nbits;
-	dctx->qbits = sctx->qbits;
-	dctx->pmd = sctx->pmd;
-	dctx->md  = sctx->md;
-	return 1;
-}
-
-static void
-pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
-{
-	DSA_PKEY_CTX *dctx = ctx->data;
-
-	free(dctx);
-}
-
-static int
-pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	int ret, type;
-	unsigned int sltmp;
-	DSA_PKEY_CTX *dctx = ctx->data;
-	DSA *dsa = ctx->pkey->pkey.dsa;
-
-	if (dctx->md)
-		type = EVP_MD_type(dctx->md);
-	else
-		type = NID_sha1;
-
-	ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
-
-	if (ret <= 0)
-		return ret;
-	*siglen = sltmp;
-	return 1;
-}
-
-static int
-pkey_dsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	int ret, type;
-	DSA_PKEY_CTX *dctx = ctx->data;
-	DSA *dsa = ctx->pkey->pkey.dsa;
-
-	if (dctx->md)
-		type = EVP_MD_type(dctx->md);
-	else
-		type = NID_sha1;
-
-	ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
-
-	return ret;
-}
-
-static int
-pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	DSA_PKEY_CTX *dctx = ctx->data;
-
-	switch (type) {
-	case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
-		if (p1 < 256)
-			return -2;
-		dctx->nbits = p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
-		if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
-			return -2;
-		dctx->qbits = p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
-		switch (EVP_MD_type((const EVP_MD *)p2)) {
-		case NID_sha1:
-		case NID_sha224:
-		case NID_sha256:
-			break;
-		default:
-			DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
-			return 0;
-		}
-		dctx->md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_MD:
-		switch (EVP_MD_type((const EVP_MD *)p2)) {
-		case NID_sha1:
-		case NID_dsa:
-		case NID_dsaWithSHA:
-		case NID_sha224:
-		case NID_sha256:
-		case NID_sha384:
-		case NID_sha512:
-			break;
-		default:
-			DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
-			return 0;
-		}
-		dctx->md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_DIGESTINIT:
-	case EVP_PKEY_CTRL_PKCS7_SIGN:
-	case EVP_PKEY_CTRL_CMS_SIGN:
-		return 1;
-		
-	case EVP_PKEY_CTRL_PEER_KEY:
-		DSAerr(DSA_F_PKEY_DSA_CTRL,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;	
-	default:
-		return -2;
-	}
-}
-			
-static int
-pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
- 	long lval;
-	char *ep;
-
-	if (!strcmp(type, "dsa_paramgen_bits")) {
-		int nbits;
-
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		nbits = lval;
-		return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
-	} else if (!strcmp(type, "dsa_paramgen_q_bits")) {
-		int qbits;
-
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		qbits = lval;
-		return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA,
-		    EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS,
-		    qbits, NULL);
-	} else if (!strcmp(type, "dsa_paramgen_md")) {
-		return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA,
-		    EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0, 
-		    (void *)EVP_get_digestbyname(value));
-	}
-not_a_number:
-out_of_range:
-	return -2;
-}
-
-static int
-pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	DSA *dsa = NULL;
-	DSA_PKEY_CTX *dctx = ctx->data;
-	BN_GENCB *pcb, cb;
-	int ret;
-
-	if (ctx->pkey_gencb) {
-		pcb = &cb;
-		evp_pkey_set_cb_translate(pcb, ctx);
-	} else
-		pcb = NULL;
-	dsa = DSA_new();
-	if (!dsa)
-		return 0;
-	ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
-	    NULL, 0, NULL, NULL, NULL, pcb);
-	if (ret)
-		EVP_PKEY_assign_DSA(pkey, dsa);
-	else
-		DSA_free(dsa);
-	return ret;
-}
-
-static int
-pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	DSA *dsa = NULL;
-
-	if (ctx->pkey == NULL) {
-		DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
-		return 0;
-	}
-	dsa = DSA_new();
-	if (!dsa)
-		return 0;
-	EVP_PKEY_assign_DSA(pkey, dsa);
-	/* Note: if error return, pkey is freed by parent routine */
-	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-		return 0;
-	return DSA_generate_key(pkey->pkey.dsa);
-}
-
-const EVP_PKEY_METHOD dsa_pkey_meth = {
-	.pkey_id = EVP_PKEY_DSA,
-	.flags = EVP_PKEY_FLAG_AUTOARGLEN,
-
-	.init = pkey_dsa_init,
-	.copy = pkey_dsa_copy,
-	.cleanup = pkey_dsa_cleanup,
-
-	.paramgen = pkey_dsa_paramgen,
-
-	.keygen = pkey_dsa_keygen,
-
-	.sign = pkey_dsa_sign,
-
-	.verify = pkey_dsa_verify,
-
-	.ctrl = pkey_dsa_ctrl,
-	.ctrl_str = pkey_dsa_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/dsa/dsa_prn.c b/lib/libssl/src/crypto/dsa/dsa_prn.c
deleted file mode 100644
index 60f4e6c7609..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_prn.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* $OpenBSD: dsa_prn.c,v 1.5 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-int
-DSA_print_fp(FILE *fp, const DSA *x, int off)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		DSAerr(DSA_F_DSA_PRINT_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = DSA_print(b, x, off);
-	BIO_free(b);
-	return ret;
-}
-
-int
-DSAparams_print_fp(FILE *fp, const DSA *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		DSAerr(DSA_F_DSAPARAMS_PRINT_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = DSAparams_print(b, x);
-	BIO_free(b);
-	return ret;
-}
-
-int
-DSA_print(BIO *bp, const DSA *x, int off)
-{
-	EVP_PKEY *pk;
-	int ret;
-
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
-		return 0;
-	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-	EVP_PKEY_free(pk);
-	return ret;
-}
-
-int
-DSAparams_print(BIO *bp, const DSA *x)
-{
-	EVP_PKEY *pk;
-	int ret;
-
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
-		return 0;
-	ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
-	EVP_PKEY_free(pk);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/dsa/dsa_sign.c b/lib/libssl/src/crypto/dsa/dsa_sign.c
deleted file mode 100644
index 355bdd20d6f..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_sign.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* $OpenBSD: dsa_sign.c,v 1.19 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-
-DSA_SIG *
-DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
-{
-	return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
-}
-
-int
-DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-	return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
-}
-
-DSA_SIG *
-DSA_SIG_new(void)
-{
-	DSA_SIG *sig;
-
-	sig = malloc(sizeof(DSA_SIG));
-	if (!sig)
-		return NULL;
-	sig->r = NULL;
-	sig->s = NULL;
-	return sig;
-}
-
-void
-DSA_SIG_free(DSA_SIG *sig)
-{
-	if (sig) {
-		BN_free(sig->r);
-		BN_free(sig->s);
-		free(sig);
-	}
-}
diff --git a/lib/libssl/src/crypto/dsa/dsa_vrf.c b/lib/libssl/src/crypto/dsa/dsa_vrf.c
deleted file mode 100644
index 1965338f1fa..00000000000
--- a/lib/libssl/src/crypto/dsa/dsa_vrf.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* $OpenBSD: dsa_vrf.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#include <openssl/dsa.h>
-
-int
-DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa)
-{
-	return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
-}
diff --git a/lib/libssl/src/crypto/dso/dso.h b/lib/libssl/src/crypto/dso/dso.h
deleted file mode 100644
index 6c982c9f97e..00000000000
--- a/lib/libssl/src/crypto/dso/dso.h
+++ /dev/null
@@ -1,386 +0,0 @@
-/* $OpenBSD: dso.h,v 1.12 2016/03/15 20:50:22 krw Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DSO_H
-#define HEADER_DSO_H
-
-#include <openssl/crypto.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* These values are used as commands to DSO_ctrl() */
-#define DSO_CTRL_GET_FLAGS	1
-#define DSO_CTRL_SET_FLAGS	2
-#define DSO_CTRL_OR_FLAGS	3
-
-/* By default, DSO_load() will translate the provided filename into a form
- * typical for the platform (more specifically the DSO_METHOD) using the
- * dso_name_converter function of the method. Eg. win32 will transform "blah"
- * into "blah.dll", and dlfcn will transform it into "libblah.so". The
- * behaviour can be overridden by setting the name_converter callback in the DSO
- * object (using DSO_set_name_converter()). This callback could even utilise
- * the DSO_METHOD's converter too if it only wants to override behaviour for
- * one or two possible DSO methods. However, the following flag can be set in a
- * DSO to prevent *any* native name-translation at all - eg. if the caller has
- * prompted the user for a path to a driver library so the filename should be
- * interpreted as-is. */
-#define DSO_FLAG_NO_NAME_TRANSLATION		0x01
-/* An extra flag to give if only the extension should be added as
- * translation.  This is obviously only of importance on Unix and
- * other operating systems where the translation also may prefix
- * the name with something, like 'lib', and ignored everywhere else.
- * This flag is also ignored if DSO_FLAG_NO_NAME_TRANSLATION is used
- * at the same time. */
-#define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY	0x02
-
-/* The following flag controls the translation of symbol names to upper
- * case.  This is currently only being implemented for OpenVMS.
- */
-#define DSO_FLAG_UPCASE_SYMBOL			0x10
-
-/* This flag loads the library with public symbols.
- * Meaning: The exported symbols of this library are public
- * to all libraries loaded after this library.
- * At the moment only implemented in unix.
- */
-#define DSO_FLAG_GLOBAL_SYMBOLS			0x20
-
-
-typedef void (*DSO_FUNC_TYPE)(void);
-
-typedef struct dso_st DSO;
-
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that transform filenames. They are passed a DSO structure pointer
- * (or NULL if they are to be used independantly of a DSO object) and a
- * filename to transform. They should either return NULL (if there is an error
- * condition) or a newly allocated string containing the transformed form that
- * the caller will need to free with free() when done. */
-typedef char* (*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
-/* The function prototype used for method functions (or caller-provided
- * callbacks) that merge two file specifications. They are passed a
- * DSO structure pointer (or NULL if they are to be used independantly of
- * a DSO object) and two file specifications to merge. They should
- * either return NULL (if there is an error condition) or a newly allocated
- * string containing the result of merging that the caller will need
- * to free with free() when done.
- * Here, merging means that bits and pieces are taken from each of the
- * file specifications and added together in whatever fashion that is
- * sensible for the DSO method in question.  The only rule that really
- * applies is that if the two specification contain pieces of the same
- * type, the copy from the first string takes priority.  One could see
- * it as the first specification is the one given by the user and the
- * second being a bunch of defaults to add on if they're missing in the
- * first. */
-typedef char* (*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
-
-typedef struct dso_meth_st {
-	const char *name;
-	/* Loads a shared library, NB: new DSO_METHODs must ensure that a
-	 * successful load populates the loaded_filename field, and likewise a
-	 * successful unload frees and NULLs it out. */
-	int (*dso_load)(DSO *dso);
-	/* Unloads a shared library */
-	int (*dso_unload)(DSO *dso);
-	/* Binds a variable */
-	void *(*dso_bind_var)(DSO *dso, const char *symname);
-	/* Binds a function - assumes a return type of DSO_FUNC_TYPE.
-	 * This should be cast to the real function prototype by the
-	 * caller. Platforms that don't have compatible representations
-	 * for different prototypes (this is possible within ANSI C)
-	 * are highly unlikely to have shared libraries at all, let
-	 * alone a DSO_METHOD implemented for them. */
-	DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname);
-
-	/* The generic (yuck) "ctrl()" function. NB: Negative return
-	 * values (rather than zero) indicate errors. */
-	long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg);
-	/* The default DSO_METHOD-specific function for converting filenames to
-	 * a canonical native form. */
-	DSO_NAME_CONVERTER_FUNC dso_name_converter;
-	/* The default DSO_METHOD-specific function for converting filenames to
-	 * a canonical native form. */
-	DSO_MERGER_FUNC dso_merger;
-
-	/* [De]Initialisation handlers. */
-	int (*init)(DSO *dso);
-	int (*finish)(DSO *dso);
-
-	/* Return pathname of the module containing location */
-	int (*pathbyaddr)(void *addr, char *path, int sz);
-	/* Perform global symbol lookup, i.e. among *all* modules */
-	void *(*globallookup)(const char *symname);
-} DSO_METHOD;
-
-/**********************************************************************/
-/* The low-level handle type used to refer to a loaded shared library */
-
-struct dso_st {
-	DSO_METHOD *meth;
-	/* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS
-	 * doesn't use anything but will need to cache the filename
-	 * for use in the dso_bind handler. All in all, let each
-	 * method control its own destiny. "Handles" and such go in
-	 * a STACK. */
-	STACK_OF(void) *meth_data;
-	int references;
-	int flags;
-	/* For use by applications etc ... use this for your bits'n'pieces,
-	 * don't touch meth_data! */
-	CRYPTO_EX_DATA ex_data;
-	/* If this callback function pointer is set to non-NULL, then it will
-	 * be used in DSO_load() in place of meth->dso_name_converter. NB: This
-	 * should normally set using DSO_set_name_converter(). */
-	DSO_NAME_CONVERTER_FUNC name_converter;
-	/* If this callback function pointer is set to non-NULL, then it will
-	 * be used in DSO_load() in place of meth->dso_merger. NB: This
-	 * should normally set using DSO_set_merger(). */
-	DSO_MERGER_FUNC merger;
-	/* This is populated with (a copy of) the platform-independant
-	 * filename used for this DSO. */
-	char *filename;
-	/* This is populated with (a copy of) the translated filename by which
-	 * the DSO was actually loaded. It is NULL iff the DSO is not currently
-	 * loaded. NB: This is here because the filename translation process
-	 * may involve a callback being invoked more than once not only to
-	 * convert to a platform-specific form, but also to try different
-	 * filenames in the process of trying to perform a load. As such, this
-	 * variable can be used to indicate (a) whether this DSO structure
-	 * corresponds to a loaded library or not, and (b) the filename with
-	 * which it was actually loaded. */
-	char *loaded_filename;
-};
-
-
-DSO *	DSO_new(void);
-DSO *	DSO_new_method(DSO_METHOD *method);
-int	DSO_free(DSO *dso);
-int	DSO_flags(DSO *dso);
-int	DSO_up_ref(DSO *dso);
-long	DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
-
-/* This function sets the DSO's name_converter callback. If it is non-NULL,
- * then it will be used instead of the associated DSO_METHOD's function. If
- * oldcb is non-NULL then it is set to the function pointer value being
- * replaced. Return value is non-zero for success. */
-int	DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-	    DSO_NAME_CONVERTER_FUNC *oldcb);
-/* These functions can be used to get/set the platform-independant filename
- * used for a DSO. NB: set will fail if the DSO is already loaded. */
-const char *DSO_get_filename(DSO *dso);
-int	DSO_set_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's name_converter callback to translate a
- * filename, or if the callback isn't set it will instead use the DSO_METHOD's
- * converter. If "filename" is NULL, the "filename" in the DSO itself will be
- * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
- * simply duplicated. NB: This function is usually called from within a
- * DSO_METHOD during the processing of a DSO_load() call, and is exposed so that
- * caller-created DSO_METHODs can do the same thing. A non-NULL return value
- * will need to be free()'d. */
-char	*DSO_convert_filename(DSO *dso, const char *filename);
-/* This function will invoke the DSO's merger callback to merge two file
- * specifications, or if the callback isn't set it will instead use the
- * DSO_METHOD's merger.  A non-NULL return value will need to be
- * free()'d. */
-char	*DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
-/* If the DSO is currently loaded, this returns the filename that it was loaded
- * under, otherwise it returns NULL. So it is also useful as a test as to
- * whether the DSO is currently loaded. NB: This will not necessarily return
- * the same value as DSO_convert_filename(dso, dso->filename), because the
- * DSO_METHOD's load function may have tried a variety of filenames (with
- * and/or without the aid of the converters) before settling on the one it
- * actually loaded. */
-const char *DSO_get_loaded_filename(DSO *dso);
-
-void	DSO_set_default_method(DSO_METHOD *meth);
-DSO_METHOD *DSO_get_default_method(void);
-DSO_METHOD *DSO_get_method(DSO *dso);
-DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
-
-/* The all-singing all-dancing load function, you normally pass NULL
- * for the first and third parameters. Use DSO_up and DSO_free for
- * subsequent reference count handling. Any flags passed in will be set
- * in the constructed DSO after its init() function but before the
- * load operation. If 'dso' is non-NULL, 'flags' is ignored. */
-DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
-
-/* This function binds to a variable inside a shared library. */
-void *DSO_bind_var(DSO *dso, const char *symname);
-
-/* This function binds to a function inside a shared library. */
-DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
-
-/* This method is the default, but will beg, borrow, or steal whatever
- * method should be the default on any particular platform (including
- * DSO_METH_null() if necessary). */
-DSO_METHOD *DSO_METHOD_openssl(void);
-
-/* This method is defined for all platforms - if a platform has no
- * DSO support then this will be the only method! */
-DSO_METHOD *DSO_METHOD_null(void);
-
-/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions
- * (dlopen, dlclose, dlsym, etc) will be used and incorporated into
- * this method. If not, this method will return NULL. */
-DSO_METHOD *DSO_METHOD_dlfcn(void);
-
-/* This function writes null-terminated pathname of DSO module
- * containing 'addr' into 'sz' large caller-provided 'path' and
- * returns the number of characters [including trailing zero]
- * written to it. If 'sz' is 0 or negative, 'path' is ignored and
- * required amount of charachers [including trailing zero] to
- * accommodate pathname is returned. If 'addr' is NULL, then
- * pathname of cryptolib itself is returned. Negative or zero
- * return value denotes error.
- */
-int DSO_pathbyaddr(void *addr, char *path, int sz);
-
-/* This function should be used with caution! It looks up symbols in
- * *all* loaded modules and if module gets unloaded by somebody else
- * attempt to dereference the pointer is doomed to have fatal
- * consequences. Primary usage for this function is to probe *core*
- * system functionality, e.g. check if getnameinfo(3) is available
- * at run-time without bothering about OS-specific details such as
- * libc.so.versioning or where does it actually reside: in libc
- * itself or libsocket. */
-void *DSO_global_lookup(const char *name);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_DSO_strings(void);
-
-/* Error codes for the DSO functions. */
-
-/* Function codes. */
-#define DSO_F_BEOS_BIND_FUNC				 144
-#define DSO_F_BEOS_BIND_VAR				 145
-#define DSO_F_BEOS_LOAD					 146
-#define DSO_F_BEOS_NAME_CONVERTER			 147
-#define DSO_F_BEOS_UNLOAD				 148
-#define DSO_F_DLFCN_BIND_FUNC				 100
-#define DSO_F_DLFCN_BIND_VAR				 101
-#define DSO_F_DLFCN_LOAD				 102
-#define DSO_F_DLFCN_MERGER				 130
-#define DSO_F_DLFCN_NAME_CONVERTER			 123
-#define DSO_F_DLFCN_UNLOAD				 103
-#define DSO_F_DL_BIND_FUNC				 104
-#define DSO_F_DL_BIND_VAR				 105
-#define DSO_F_DL_LOAD					 106
-#define DSO_F_DL_MERGER					 131
-#define DSO_F_DL_NAME_CONVERTER				 124
-#define DSO_F_DL_UNLOAD					 107
-#define DSO_F_DSO_BIND_FUNC				 108
-#define DSO_F_DSO_BIND_VAR				 109
-#define DSO_F_DSO_CONVERT_FILENAME			 126
-#define DSO_F_DSO_CTRL					 110
-#define DSO_F_DSO_FREE					 111
-#define DSO_F_DSO_GET_FILENAME				 127
-#define DSO_F_DSO_GET_LOADED_FILENAME			 128
-#define DSO_F_DSO_GLOBAL_LOOKUP				 139
-#define DSO_F_DSO_LOAD					 112
-#define DSO_F_DSO_MERGE					 132
-#define DSO_F_DSO_NEW_METHOD				 113
-#define DSO_F_DSO_PATHBYADDR				 140
-#define DSO_F_DSO_SET_FILENAME				 129
-#define DSO_F_DSO_SET_NAME_CONVERTER			 122
-#define DSO_F_DSO_UP_REF				 114
-#define DSO_F_GLOBAL_LOOKUP_FUNC			 138
-#define DSO_F_PATHBYADDR				 137
-#define DSO_F_VMS_BIND_SYM				 115
-#define DSO_F_VMS_LOAD					 116
-#define DSO_F_VMS_MERGER				 133
-#define DSO_F_VMS_UNLOAD				 117
-#define DSO_F_WIN32_BIND_FUNC				 118
-#define DSO_F_WIN32_BIND_VAR				 119
-#define DSO_F_WIN32_GLOBALLOOKUP			 142
-#define DSO_F_WIN32_GLOBALLOOKUP_FUNC			 143
-#define DSO_F_WIN32_JOINER				 135
-#define DSO_F_WIN32_LOAD				 120
-#define DSO_F_WIN32_MERGER				 134
-#define DSO_F_WIN32_NAME_CONVERTER			 125
-#define DSO_F_WIN32_PATHBYADDR				 141
-#define DSO_F_WIN32_SPLITTER				 136
-#define DSO_F_WIN32_UNLOAD				 121
-
-/* Reason codes. */
-#define DSO_R_CTRL_FAILED				 100
-#define DSO_R_DSO_ALREADY_LOADED			 110
-#define DSO_R_EMPTY_FILE_STRUCTURE			 113
-#define DSO_R_FAILURE					 114
-#define DSO_R_FILENAME_TOO_BIG				 101
-#define DSO_R_FINISH_FAILED				 102
-#define DSO_R_INCORRECT_FILE_SYNTAX			 115
-#define DSO_R_LOAD_FAILED				 103
-#define DSO_R_NAME_TRANSLATION_FAILED			 109
-#define DSO_R_NO_FILENAME				 111
-#define DSO_R_NO_FILE_SPECIFICATION			 116
-#define DSO_R_NULL_HANDLE				 104
-#define DSO_R_SET_FILENAME_FAILED			 112
-#define DSO_R_STACK_ERROR				 105
-#define DSO_R_SYM_FAILURE				 106
-#define DSO_R_UNLOAD_FAILED				 107
-#define DSO_R_UNSUPPORTED				 108
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/dso/dso_dlfcn.c b/lib/libssl/src/crypto/dso/dso_dlfcn.c
deleted file mode 100644
index f22e641babc..00000000000
--- a/lib/libssl/src/crypto/dso/dso_dlfcn.c
+++ /dev/null
@@ -1,355 +0,0 @@
-/* $OpenBSD: dso_dlfcn.c,v 1.28 2015/02/07 13:19:15 doug Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/dso.h>
-#include <openssl/err.h>
-
-#ifndef DSO_DLFCN
-DSO_METHOD *
-DSO_METHOD_dlfcn(void)
-{
-	return NULL;
-}
-#else
-
-#ifdef HAVE_DLFCN_H
-# include <dlfcn.h>
-# define HAVE_DLINFO 1
-#endif
-
-/* Part of the hack in "dlfcn_load" ... */
-#define DSO_MAX_TRANSLATED_SIZE 256
-
-static int dlfcn_load(DSO *dso);
-static int dlfcn_unload(DSO *dso);
-static void *dlfcn_bind_var(DSO *dso, const char *symname);
-static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
-static char *dlfcn_name_converter(DSO *dso, const char *filename);
-static char *dlfcn_merger(DSO *dso, const char *filespec1,
-    const char *filespec2);
-static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
-static void *dlfcn_globallookup(const char *name);
-
-static DSO_METHOD dso_meth_dlfcn = {
-	.name = "OpenSSL 'dlfcn' shared library method",
-	.dso_load = dlfcn_load,
-	.dso_unload = dlfcn_unload,
-	.dso_bind_var = dlfcn_bind_var,
-	.dso_bind_func = dlfcn_bind_func,
-	.dso_name_converter = dlfcn_name_converter,
-	.dso_merger = dlfcn_merger,
-	.pathbyaddr = dlfcn_pathbyaddr,
-	.globallookup = dlfcn_globallookup
-};
-
-DSO_METHOD *
-DSO_METHOD_dlfcn(void)
-{
-	return (&dso_meth_dlfcn);
-}
-
-/* For this DSO_METHOD, our meth_data STACK will contain;
- * (i) the handle (void*) returned from dlopen().
- */
-
-static int
-dlfcn_load(DSO *dso)
-{
-	void *ptr = NULL;
-	/* See applicable comments in dso_dl.c */
-	char *filename = DSO_convert_filename(dso, NULL);
-	int flags = RTLD_LAZY;
-
-	if (filename == NULL) {
-		DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
-		goto err;
-	}
-
-	if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
-		flags |= RTLD_GLOBAL;
-	ptr = dlopen(filename, flags);
-	if (ptr == NULL) {
-		DSOerr(DSO_F_DLFCN_LOAD, DSO_R_LOAD_FAILED);
-		ERR_asprintf_error_data("filename(%s): %s", filename,
-		    dlerror());
-		goto err;
-	}
-	if (!sk_void_push(dso->meth_data, (char *)ptr)) {
-		DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
-		goto err;
-	}
-	/* Success */
-	dso->loaded_filename = filename;
-	return (1);
-
-err:
-	/* Cleanup! */
-	free(filename);
-	if (ptr != NULL)
-		dlclose(ptr);
-	return (0);
-}
-
-static int
-dlfcn_unload(DSO *dso)
-{
-	void *ptr;
-	if (dso == NULL) {
-		DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (sk_void_num(dso->meth_data) < 1)
-		return (1);
-	ptr = sk_void_pop(dso->meth_data);
-	if (ptr == NULL) {
-		DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
-		/* Should push the value back onto the stack in
-		 * case of a retry. */
-		sk_void_push(dso->meth_data, ptr);
-		return (0);
-	}
-	/* For now I'm not aware of any errors associated with dlclose() */
-	dlclose(ptr);
-	return (1);
-}
-
-static void *
-dlfcn_bind_var(DSO *dso, const char *symname)
-{
-	void *ptr, *sym;
-
-	if ((dso == NULL) || (symname == NULL)) {
-		DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if (sk_void_num(dso->meth_data) < 1) {
-		DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
-		return (NULL);
-	}
-	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-	if (ptr == NULL) {
-		DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
-		return (NULL);
-	}
-	sym = dlsym(ptr, symname);
-	if (sym == NULL) {
-		DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
-		ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
-		return (NULL);
-	}
-	return (sym);
-}
-
-static DSO_FUNC_TYPE
-dlfcn_bind_func(DSO *dso, const char *symname)
-{
-	void *ptr;
-	union {
-		DSO_FUNC_TYPE sym;
-		void *dlret;
-	} u;
-
-	if ((dso == NULL) || (symname == NULL)) {
-		DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if (sk_void_num(dso->meth_data) < 1) {
-		DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
-		return (NULL);
-	}
-	ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
-	if (ptr == NULL) {
-		DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
-		return (NULL);
-	}
-	u.dlret = dlsym(ptr, symname);
-	if (u.dlret == NULL) {
-		DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
-		ERR_asprintf_error_data("symname(%s): %s", symname, dlerror());
-		return (NULL);
-	}
-	return u.sym;
-}
-
-static char *
-dlfcn_merger(DSO *dso, const char *filespec1, const char *filespec2)
-{
-	char *merged;
-
-	if (!filespec1 && !filespec2) {
-		DSOerr(DSO_F_DLFCN_MERGER,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	/* If the first file specification is a rooted path, it rules.
-	   same goes if the second file specification is missing. */
-	if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
-		merged = strdup(filespec1);
-		if (!merged) {
-			DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-	}
-	/* If the first file specification is missing, the second one rules. */
-	else if (!filespec1) {
-		merged = strdup(filespec2);
-		if (!merged) {
-			DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-	} else
-		/* This part isn't as trivial as it looks.  It assumes that
-		   the second file specification really is a directory, and
-		   makes no checks whatsoever.  Therefore, the result becomes
-		   the concatenation of filespec2 followed by a slash followed
-		   by filespec1. */
-	{
-		size_t spec2len, len;
-
-		spec2len = strlen(filespec2);
-		len = spec2len + (filespec1 ? strlen(filespec1) : 0);
-
-		if (filespec2 && filespec2[spec2len - 1] == '/') {
-			spec2len--;
-			len--;
-		}
-		merged = malloc(len + 2);
-		if (!merged) {
-			DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-		strlcpy(merged, filespec2, len + 2);
-		merged[spec2len] = '/';
-		strlcpy(&merged[spec2len + 1], filespec1, len + 1 - spec2len);
-	}
-	return (merged);
-}
-
-#define DSO_ext	".so"
-#define DSO_extlen 3
-
-static char *
-dlfcn_name_converter(DSO *dso, const char *filename)
-{
-	char *translated;
-	int ret;
-
-	if (strchr(filename, '/') == NULL) {
-		/* Bare name, so convert to "%s.so" or "lib%s.so" */
-		if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
-			ret = asprintf(&translated, "lib%s" DSO_ext, filename);
-		else
-			ret = asprintf(&translated, "%s" DSO_ext, filename);
-		if (ret == -1)
-			translated = NULL;
-	} else {
-		/* Full path, so just duplicate it */
-		translated = strdup(filename);
-	}
-
-	if (translated == NULL)
-		DSOerr(DSO_F_DLFCN_NAME_CONVERTER,
-		    DSO_R_NAME_TRANSLATION_FAILED);
-	return (translated);
-}
-
-static int
-dlfcn_pathbyaddr(void *addr, char *path, int sz)
-{
-	Dl_info dli;
-	int len;
-
-	if (addr == NULL) {
-		union{
-			int(*f)(void*, char*, int);
-			void *p;
-		} t = { dlfcn_pathbyaddr };
-		addr = t.p;
-	}
-
-	if (dladdr(addr, &dli)) {
-		len = (int)strlen(dli.dli_fname);
-		if (sz <= 0)
-			return len + 1;
-		if (len >= sz)
-			len = sz - 1;
-		memcpy(path, dli.dli_fname, len);
-		path[len++] = 0;
-		return len;
-	}
-
-	ERR_asprintf_error_data("dlfcn_pathbyaddr(): %s", dlerror());
-	return -1;
-}
-
-static void *
-dlfcn_globallookup(const char *name)
-{
-	void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
-
-	if (handle) {
-		ret = dlsym(handle, name);
-		dlclose(handle);
-	}
-
-	return ret;
-}
-#endif /* DSO_DLFCN */
diff --git a/lib/libssl/src/crypto/dso/dso_err.c b/lib/libssl/src/crypto/dso/dso_err.c
deleted file mode 100644
index b8514a4aefc..00000000000
--- a/lib/libssl/src/crypto/dso/dso_err.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* $OpenBSD: dso_err.c,v 1.8 2014/07/10 22:45:56 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/dso.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
-
-static ERR_STRING_DATA DSO_str_functs[]= {
-	{ERR_FUNC(DSO_F_BEOS_BIND_FUNC),	"BEOS_BIND_FUNC"},
-	{ERR_FUNC(DSO_F_BEOS_BIND_VAR),	"BEOS_BIND_VAR"},
-	{ERR_FUNC(DSO_F_BEOS_LOAD),	"BEOS_LOAD"},
-	{ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER),	"BEOS_NAME_CONVERTER"},
-	{ERR_FUNC(DSO_F_BEOS_UNLOAD),	"BEOS_UNLOAD"},
-	{ERR_FUNC(DSO_F_DLFCN_BIND_FUNC),	"DLFCN_BIND_FUNC"},
-	{ERR_FUNC(DSO_F_DLFCN_BIND_VAR),	"DLFCN_BIND_VAR"},
-	{ERR_FUNC(DSO_F_DLFCN_LOAD),	"DLFCN_LOAD"},
-	{ERR_FUNC(DSO_F_DLFCN_MERGER),	"DLFCN_MERGER"},
-	{ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER),	"DLFCN_NAME_CONVERTER"},
-	{ERR_FUNC(DSO_F_DLFCN_UNLOAD),	"DLFCN_UNLOAD"},
-	{ERR_FUNC(DSO_F_DL_BIND_FUNC),	"DL_BIND_FUNC"},
-	{ERR_FUNC(DSO_F_DL_BIND_VAR),	"DL_BIND_VAR"},
-	{ERR_FUNC(DSO_F_DL_LOAD),	"DL_LOAD"},
-	{ERR_FUNC(DSO_F_DL_MERGER),	"DL_MERGER"},
-	{ERR_FUNC(DSO_F_DL_NAME_CONVERTER),	"DL_NAME_CONVERTER"},
-	{ERR_FUNC(DSO_F_DL_UNLOAD),	"DL_UNLOAD"},
-	{ERR_FUNC(DSO_F_DSO_BIND_FUNC),	"DSO_bind_func"},
-	{ERR_FUNC(DSO_F_DSO_BIND_VAR),	"DSO_bind_var"},
-	{ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME),	"DSO_convert_filename"},
-	{ERR_FUNC(DSO_F_DSO_CTRL),	"DSO_ctrl"},
-	{ERR_FUNC(DSO_F_DSO_FREE),	"DSO_free"},
-	{ERR_FUNC(DSO_F_DSO_GET_FILENAME),	"DSO_get_filename"},
-	{ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME),	"DSO_get_loaded_filename"},
-	{ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP),	"DSO_global_lookup"},
-	{ERR_FUNC(DSO_F_DSO_LOAD),	"DSO_load"},
-	{ERR_FUNC(DSO_F_DSO_MERGE),	"DSO_merge"},
-	{ERR_FUNC(DSO_F_DSO_NEW_METHOD),	"DSO_new_method"},
-	{ERR_FUNC(DSO_F_DSO_PATHBYADDR),	"DSO_pathbyaddr"},
-	{ERR_FUNC(DSO_F_DSO_SET_FILENAME),	"DSO_set_filename"},
-	{ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER),	"DSO_set_name_converter"},
-	{ERR_FUNC(DSO_F_DSO_UP_REF),	"DSO_up_ref"},
-	{ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC),	"GLOBAL_LOOKUP_FUNC"},
-	{ERR_FUNC(DSO_F_PATHBYADDR),	"PATHBYADDR"},
-	{ERR_FUNC(DSO_F_VMS_BIND_SYM),	"VMS_BIND_SYM"},
-	{ERR_FUNC(DSO_F_VMS_LOAD),	"VMS_LOAD"},
-	{ERR_FUNC(DSO_F_VMS_MERGER),	"VMS_MERGER"},
-	{ERR_FUNC(DSO_F_VMS_UNLOAD),	"VMS_UNLOAD"},
-	{ERR_FUNC(DSO_F_WIN32_BIND_FUNC),	"WIN32_BIND_FUNC"},
-	{ERR_FUNC(DSO_F_WIN32_BIND_VAR),	"WIN32_BIND_VAR"},
-	{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP),	"WIN32_GLOBALLOOKUP"},
-	{ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC),	"WIN32_GLOBALLOOKUP_FUNC"},
-	{ERR_FUNC(DSO_F_WIN32_JOINER),	"WIN32_JOINER"},
-	{ERR_FUNC(DSO_F_WIN32_LOAD),	"WIN32_LOAD"},
-	{ERR_FUNC(DSO_F_WIN32_MERGER),	"WIN32_MERGER"},
-	{ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER),	"WIN32_NAME_CONVERTER"},
-	{ERR_FUNC(DSO_F_WIN32_PATHBYADDR),	"WIN32_PATHBYADDR"},
-	{ERR_FUNC(DSO_F_WIN32_SPLITTER),	"WIN32_SPLITTER"},
-	{ERR_FUNC(DSO_F_WIN32_UNLOAD),	"WIN32_UNLOAD"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA DSO_str_reasons[]= {
-	{ERR_REASON(DSO_R_CTRL_FAILED)           , "control command failed"},
-	{ERR_REASON(DSO_R_DSO_ALREADY_LOADED)    , "dso already loaded"},
-	{ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE)  , "empty file structure"},
-	{ERR_REASON(DSO_R_FAILURE)               , "failure"},
-	{ERR_REASON(DSO_R_FILENAME_TOO_BIG)      , "filename too big"},
-	{ERR_REASON(DSO_R_FINISH_FAILED)         , "cleanup method function failed"},
-	{ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX) , "incorrect file syntax"},
-	{ERR_REASON(DSO_R_LOAD_FAILED)           , "could not load the shared library"},
-	{ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"},
-	{ERR_REASON(DSO_R_NO_FILENAME)           , "no filename"},
-	{ERR_REASON(DSO_R_NO_FILE_SPECIFICATION) , "no file specification"},
-	{ERR_REASON(DSO_R_NULL_HANDLE)           , "a null shared library handle was used"},
-	{ERR_REASON(DSO_R_SET_FILENAME_FAILED)   , "set filename failed"},
-	{ERR_REASON(DSO_R_STACK_ERROR)           , "the meth_data stack is corrupt"},
-	{ERR_REASON(DSO_R_SYM_FAILURE)           , "could not bind to the requested symbol name"},
-	{ERR_REASON(DSO_R_UNLOAD_FAILED)         , "could not unload the shared library"},
-	{ERR_REASON(DSO_R_UNSUPPORTED)           , "functionality not supported"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_DSO_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, DSO_str_functs);
-		ERR_load_strings(0, DSO_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/dso/dso_lib.c b/lib/libssl/src/crypto/dso/dso_lib.c
deleted file mode 100644
index 3002e4d99cd..00000000000
--- a/lib/libssl/src/crypto/dso/dso_lib.c
+++ /dev/null
@@ -1,454 +0,0 @@
-/* $OpenBSD: dso_lib.c,v 1.18 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/err.h>
-
-static DSO_METHOD *default_DSO_meth = NULL;
-
-DSO *
-DSO_new(void)
-{
-	return (DSO_new_method(NULL));
-}
-
-void
-DSO_set_default_method(DSO_METHOD *meth)
-{
-	default_DSO_meth = meth;
-}
-
-DSO_METHOD *
-DSO_get_default_method(void)
-{
-	return (default_DSO_meth);
-}
-
-DSO_METHOD *
-DSO_get_method(DSO *dso)
-{
-	return (dso->meth);
-}
-
-DSO_METHOD *
-DSO_set_method(DSO *dso, DSO_METHOD *meth)
-{
-	DSO_METHOD *mtmp;
-
-	mtmp = dso->meth;
-	dso->meth = meth;
-	return (mtmp);
-}
-
-DSO *
-DSO_new_method(DSO_METHOD *meth)
-{
-	DSO *ret;
-
-	if (default_DSO_meth == NULL)
-		/* We default to DSO_METH_openssl() which in turn defaults
-		 * to stealing the "best available" method. Will fallback
-		 * to DSO_METH_null() in the worst case. */
-		default_DSO_meth = DSO_METHOD_openssl();
-	ret = calloc(1, sizeof(DSO));
-	if (ret == NULL) {
-		DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->meth_data = sk_void_new_null();
-	if (ret->meth_data == NULL) {
-		/* sk_new doesn't generate any errors so we do */
-		DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		free(ret);
-		return (NULL);
-	}
-	if (meth == NULL)
-		ret->meth = default_DSO_meth;
-	else
-		ret->meth = meth;
-	ret->references = 1;
-	if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-		free(ret);
-		ret = NULL;
-	}
-	return (ret);
-}
-
-int
-DSO_free(DSO *dso)
-{
-	int i;
-
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_FREE, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-
-	i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
-	if (i > 0)
-		return (1);
-
-	if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
-		DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
-		return (0);
-	}
-
-	if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
-		DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
-		return (0);
-	}
-
-	sk_void_free(dso->meth_data);
-	free(dso->filename);
-	free(dso->loaded_filename);
-	free(dso);
-	return (1);
-}
-
-int
-DSO_flags(DSO *dso)
-{
-	return ((dso == NULL) ? 0 : dso->flags);
-}
-
-
-int
-DSO_up_ref(DSO *dso)
-{
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-
-	CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
-	return (1);
-}
-
-DSO *
-DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
-{
-	DSO *ret;
-	int allocated = 0;
-
-	if (dso == NULL) {
-		ret = DSO_new_method(meth);
-		if (ret == NULL) {
-			DSOerr(DSO_F_DSO_LOAD, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		allocated = 1;
-		/* Pass the provided flags to the new DSO object */
-		if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
-			DSOerr(DSO_F_DSO_LOAD, DSO_R_CTRL_FAILED);
-			goto err;
-		}
-	} else
-		ret = dso;
-	/* Don't load if we're currently already loaded */
-	if (ret->filename != NULL) {
-		DSOerr(DSO_F_DSO_LOAD, DSO_R_DSO_ALREADY_LOADED);
-		goto err;
-	}
-	/* filename can only be NULL if we were passed a dso that already has
-	 * one set. */
-	if (filename != NULL)
-		if (!DSO_set_filename(ret, filename)) {
-		DSOerr(DSO_F_DSO_LOAD, DSO_R_SET_FILENAME_FAILED);
-		goto err;
-	}
-	filename = ret->filename;
-	if (filename == NULL) {
-		DSOerr(DSO_F_DSO_LOAD, DSO_R_NO_FILENAME);
-		goto err;
-	}
-	if (ret->meth->dso_load == NULL) {
-		DSOerr(DSO_F_DSO_LOAD, DSO_R_UNSUPPORTED);
-		goto err;
-	}
-	if (!ret->meth->dso_load(ret)) {
-		DSOerr(DSO_F_DSO_LOAD, DSO_R_LOAD_FAILED);
-		goto err;
-	}
-	/* Load succeeded */
-	return (ret);
-
-err:
-	if (allocated)
-		DSO_free(ret);
-	return (NULL);
-}
-
-void *
-DSO_bind_var(DSO *dso, const char *symname)
-{
-	void *ret = NULL;
-
-	if ((dso == NULL) || (symname == NULL)) {
-		DSOerr(DSO_F_DSO_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if (dso->meth->dso_bind_var == NULL) {
-		DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_UNSUPPORTED);
-		return (NULL);
-	}
-	if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
-		DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_SYM_FAILURE);
-		return (NULL);
-	}
-	/* Success */
-	return (ret);
-}
-
-DSO_FUNC_TYPE
-DSO_bind_func(DSO *dso, const char *symname)
-{
-	DSO_FUNC_TYPE ret = NULL;
-
-	if ((dso == NULL) || (symname == NULL)) {
-		DSOerr(DSO_F_DSO_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if (dso->meth->dso_bind_func == NULL) {
-		DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_UNSUPPORTED);
-		return (NULL);
-	}
-	if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
-		DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_SYM_FAILURE);
-		return (NULL);
-	}
-	/* Success */
-	return (ret);
-}
-
-/* I don't really like these *_ctrl functions very much to be perfectly
- * honest. For one thing, I think I have to return a negative value for
- * any error because possible DSO_ctrl() commands may return values
- * such as "size"s that can legitimately be zero (making the standard
- * "if(DSO_cmd(...))" form that works almost everywhere else fail at
- * odd times. I'd prefer "output" values to be passed by reference and
- * the return value as success/failure like usual ... but we conform
- * when we must... :-) */
-long
-DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
-{
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-		return (-1);
-	}
-	/* We should intercept certain generic commands and only pass control
-	 * to the method-specific ctrl() function if it's something we don't
-	 * handle. */
-	switch (cmd) {
-	case DSO_CTRL_GET_FLAGS:
-		return dso->flags;
-	case DSO_CTRL_SET_FLAGS:
-		dso->flags = (int)larg;
-		return (0);
-	case DSO_CTRL_OR_FLAGS:
-		dso->flags |= (int)larg;
-		return (0);
-	default:
-		break;
-	}
-	if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
-		DSOerr(DSO_F_DSO_CTRL, DSO_R_UNSUPPORTED);
-		return (-1);
-	}
-	return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
-}
-
-int
-DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
-    DSO_NAME_CONVERTER_FUNC *oldcb)
-{
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_SET_NAME_CONVERTER,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (oldcb)
-		*oldcb = dso->name_converter;
-	dso->name_converter = cb;
-	return (1);
-}
-
-const char *
-DSO_get_filename(DSO *dso)
-{
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_GET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	return (dso->filename);
-}
-
-int
-DSO_set_filename(DSO *dso, const char *filename)
-{
-	char *copied;
-
-	if ((dso == NULL) || (filename == NULL)) {
-		DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (dso->loaded_filename) {
-		DSOerr(DSO_F_DSO_SET_FILENAME, DSO_R_DSO_ALREADY_LOADED);
-		return (0);
-	}
-	/* We'll duplicate filename */
-	copied = strdup(filename);
-	if (copied == NULL) {
-		DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	free(dso->filename);
-	dso->filename = copied;
-	return (1);
-}
-
-char *
-DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
-{
-	char *result = NULL;
-
-	if (dso == NULL || filespec1 == NULL) {
-		DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
-		if (dso->merger != NULL)
-			result = dso->merger(dso, filespec1, filespec2);
-		else if (dso->meth->dso_merger != NULL)
-			result = dso->meth->dso_merger(dso,
-			    filespec1, filespec2);
-	}
-	return (result);
-}
-
-char *
-DSO_convert_filename(DSO *dso, const char *filename)
-{
-	char *result = NULL;
-
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	if (filename == NULL)
-		filename = dso->filename;
-	if (filename == NULL) {
-		DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
-		return (NULL);
-	}
-	if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
-		if (dso->name_converter != NULL)
-			result = dso->name_converter(dso, filename);
-		else if (dso->meth->dso_name_converter != NULL)
-			result = dso->meth->dso_name_converter(dso, filename);
-	}
-	if (result == NULL) {
-		result = strdup(filename);
-		if (result == NULL) {
-			DSOerr(DSO_F_DSO_CONVERT_FILENAME,
-			    ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-	}
-	return (result);
-}
-
-const char *
-DSO_get_loaded_filename(DSO *dso)
-{
-	if (dso == NULL) {
-		DSOerr(DSO_F_DSO_GET_LOADED_FILENAME,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-	return (dso->loaded_filename);
-}
-
-int
-DSO_pathbyaddr(void *addr, char *path, int sz)
-{
-	DSO_METHOD *meth = default_DSO_meth;
-	if (meth == NULL)
-		meth = DSO_METHOD_openssl();
-	if (meth->pathbyaddr == NULL) {
-		DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
-		return -1;
-	}
-	return (*meth->pathbyaddr)(addr, path, sz);
-}
-
-void *
-DSO_global_lookup(const char *name)
-{
-	DSO_METHOD *meth = default_DSO_meth;
-	if (meth == NULL)
-		meth = DSO_METHOD_openssl();
-	if (meth->globallookup == NULL) {
-		DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
-		return NULL;
-	}
-	return (*meth->globallookup)(name);
-}
diff --git a/lib/libssl/src/crypto/dso/dso_null.c b/lib/libssl/src/crypto/dso/dso_null.c
deleted file mode 100644
index a3dc0ec1ff4..00000000000
--- a/lib/libssl/src/crypto/dso/dso_null.c
+++ /dev/null
@@ -1,74 +0,0 @@
-/* $OpenBSD: dso_null.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* This "NULL" method is provided as the fallback for systems that have
- * no appropriate support for "shared-libraries". */
-
-#include <stdio.h>
-
-#include <openssl/dso.h>
-
-static DSO_METHOD dso_meth_null = {
-	.name = "NULL shared library method"
-};
-
-DSO_METHOD *
-DSO_METHOD_null(void)
-{
-	return (&dso_meth_null);
-}
diff --git a/lib/libssl/src/crypto/dso/dso_openssl.c b/lib/libssl/src/crypto/dso/dso_openssl.c
deleted file mode 100644
index 37d8d5805f9..00000000000
--- a/lib/libssl/src/crypto/dso/dso_openssl.c
+++ /dev/null
@@ -1,75 +0,0 @@
-/* $OpenBSD: dso_openssl.c,v 1.6 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/dso.h>
-
-/* We just pinch the method from an appropriate "default" method. */
-
-DSO_METHOD *
-DSO_METHOD_openssl(void)
-{
-#ifdef DEF_DSO_METHOD
-	return (DEF_DSO_METHOD());
-#elif defined(DSO_DLFCN)
-	return (DSO_METHOD_dlfcn());
-#else
-	return (DSO_METHOD_null());
-#endif
-}
diff --git a/lib/libssl/src/crypto/ec/ec.h b/lib/libssl/src/crypto/ec/ec.h
deleted file mode 100644
index a1ece2e0d56..00000000000
--- a/lib/libssl/src/crypto/ec/ec.h
+++ /dev/null
@@ -1,1163 +0,0 @@
-/* $OpenBSD: ec.h,v 1.11 2015/10/13 15:25:18 jsing Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/**
- * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
- * \author Originally written by Bodo Moeller for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by 
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#ifndef HEADER_EC_H
-#define HEADER_EC_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_EC
-#error EC is disabled.
-#endif
-
-#include <openssl/asn1.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#elif defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-#endif
-
-  
-#ifndef OPENSSL_ECC_MAX_FIELD_BITS
-# define OPENSSL_ECC_MAX_FIELD_BITS 661
-#endif
-
-/** Enum for the point conversion form as defined in X9.62 (ECDSA)
- *  for the encoding of a elliptic curve point (x,y) */
-typedef enum {
-	/** the point is encoded as z||x, where the octet z specifies 
-	 *  which solution of the quadratic equation y is  */
-	POINT_CONVERSION_COMPRESSED = 2,
-	/** the point is encoded as z||x||y, where z is the octet 0x02  */
-	POINT_CONVERSION_UNCOMPRESSED = 4,
-	/** the point is encoded as z||x||y, where the octet z specifies
-         *  which solution of the quadratic equation y is  */
-	POINT_CONVERSION_HYBRID = 6
-} point_conversion_form_t;
-
-
-typedef struct ec_method_st EC_METHOD;
-
-typedef struct ec_group_st
-	/*
-	 EC_METHOD *meth;
-	 -- field definition
-	 -- curve coefficients
-	 -- optional generator with associated information (order, cofactor)
-	 -- optional extra data (precomputed table for fast computation of multiples of generator)
-	 -- ASN1 stuff
-	*/
-	EC_GROUP;
-
-typedef struct ec_point_st EC_POINT;
-
-
-/********************************************************************/
-/*               EC_METHODs for curves over GF(p)                   */       
-/********************************************************************/
-
-/** Returns the basic GFp ec methods which provides the basis for the
- *  optimized methods. 
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_simple_method(void);
-
-/** Returns GFp methods using montgomery multiplication.
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_mont_method(void);
-
-/** Returns GFp methods using optimized methods for NIST recommended curves
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nist_method(void);
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-/** Returns 64-bit optimized methods for nistp224
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp224_method(void);
-
-/** Returns 64-bit optimized methods for nistp256
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp256_method(void);
-
-/** Returns 64-bit optimized methods for nistp521
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GFp_nistp521_method(void);
-#endif
-
-#ifndef OPENSSL_NO_EC2M
-/********************************************************************/ 
-/*           EC_METHOD for curves over GF(2^m)                      */
-/********************************************************************/
-
-/** Returns the basic GF2m ec method 
- *  \return  EC_METHOD object
- */
-const EC_METHOD *EC_GF2m_simple_method(void);
-
-#endif
-
-
-/********************************************************************/
-/*                   EC_GROUP functions                             */
-/********************************************************************/
-
-/** Creates a new EC_GROUP object
- *  \param   meth  EC_METHOD to use
- *  \return  newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
-
-/** Frees a EC_GROUP object
- *  \param  group  EC_GROUP object to be freed.
- */
-void EC_GROUP_free(EC_GROUP *group);
-
-/** Clears and frees a EC_GROUP object
- *  \param  group  EC_GROUP object to be cleared and freed.
- */
-void EC_GROUP_clear_free(EC_GROUP *group);
-
-/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
- *  \param  dst  destination EC_GROUP object
- *  \param  src  source EC_GROUP object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
-
-/** Creates a new EC_GROUP object and copies the copies the content
- *  form src to the newly created EC_KEY object
- *  \param  src  source EC_GROUP object
- *  \return newly created EC_GROUP object or NULL in case of an error.
- */
-EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-
-/** Returns the EC_METHOD of the EC_GROUP object.
- *  \param  group  EC_GROUP object 
- *  \return EC_METHOD used in this EC_GROUP object.
- */
-const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
-
-/** Returns the field type of the EC_METHOD.
- *  \param  meth  EC_METHOD object
- *  \return NID of the underlying field type OID.
- */
-int EC_METHOD_get_field_type(const EC_METHOD *meth);
-
-/** Sets the generator and it's order/cofactor of a EC_GROUP object.
- *  \param  group      EC_GROUP object 
- *  \param  generator  EC_POINT object with the generator.
- *  \param  order      the order of the group generated by the generator.
- *  \param  cofactor   the index of the sub-group generated by the generator
- *                     in the group of all points on the elliptic curve.
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-
-/** Returns the generator of a EC_GROUP object.
- *  \param  group  EC_GROUP object
- *  \return the currently used generator (possibly NULL).
- */
-const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
-
-/** Gets the order of a EC_GROUP
- *  \param  group  EC_GROUP object
- *  \param  order  BIGNUM to which the order is copied
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
-
-/** Gets the cofactor of a EC_GROUP
- *  \param  group     EC_GROUP object
- *  \param  cofactor  BIGNUM to which the cofactor is copied
- *  \param  ctx       BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
-
-/** Sets the name of a EC_GROUP object
- *  \param  group  EC_GROUP object
- *  \param  nid    NID of the curve name OID
- */
-void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
-
-/** Returns the curve name of a EC_GROUP object
- *  \param  group  EC_GROUP object
- *  \return NID of the curve name OID or 0 if not set.
- */
-int EC_GROUP_get_curve_name(const EC_GROUP *group);
-
-void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
-int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
-
-void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
-point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-
-unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
-size_t EC_GROUP_get_seed_len(const EC_GROUP *);
-size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-
-/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM with the prime number
- *  \param  a      BIGNUM with parameter a of the equation
- *  \param  b      BIGNUM with parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM for the prime number
- *  \param  a      BIGNUM for parameter a of the equation
- *  \param  b      BIGNUM for parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
-#ifndef OPENSSL_NO_EC2M
-/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM with the polynomial defining the underlying field
- *  \param  a      BIGNUM with parameter a of the equation
- *  \param  b      BIGNUM with parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-
-/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
- *  \param  group  EC_GROUP object
- *  \param  p      BIGNUM for the polynomial defining the underlying field
- *  \param  a      BIGNUM for parameter a of the equation
- *  \param  b      BIGNUM for parameter b of the equation
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-#endif
-/** Returns the number of bits needed to represent a field element 
- *  \param  group  EC_GROUP object
- *  \return number of bits needed to represent a field element
- */
-int EC_GROUP_get_degree(const EC_GROUP *group);
-
-/** Checks whether the parameter in the EC_GROUP define a valid ec group
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if group is a valid ec group and 0 otherwise
- */
-int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Checks whether the discriminant of the elliptic curve is zero or not
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if the discriminant is not zero and 0 otherwise
- */
-int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-
-/** Compares two EC_GROUP objects
- *  \param  a    first EC_GROUP object
- *  \param  b    second EC_GROUP object
- *  \param  ctx  BN_CTX object (optional)
- *  \return 0 if both groups are equal and 1 otherwise
- */
-int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
-
-/* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
- * after choosing an appropriate EC_METHOD */
-
-/** Creates a new EC_GROUP object with the specified parameters defined
- *  over GFp (defined by the equation y^2 = x^3 + a*x + b)
- *  \param  p    BIGNUM with the prime number
- *  \param  a    BIGNUM with the parameter a of the equation
- *  \param  b    BIGNUM with the parameter b of the equation
- *  \param  ctx  BN_CTX object (optional)
- *  \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-#ifndef OPENSSL_NO_EC2M
-/** Creates a new EC_GROUP object with the specified parameters defined
- *  over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
- *  \param  p    BIGNUM with the polynomial defining the underlying field
- *  \param  a    BIGNUM with the parameter a of the equation
- *  \param  b    BIGNUM with the parameter b of the equation
- *  \param  ctx  BN_CTX object (optional)
- *  \return newly created EC_GROUP object with the specified parameters
- */
-EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
-#endif
-/** Creates a EC_GROUP object with a curve specified by a NID
- *  \param  nid  NID of the OID of the curve name
- *  \return newly created EC_GROUP object with specified curve or NULL
- *          if an error occurred
- */
-EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-
-
-/********************************************************************/
-/*               handling of internal curves                        */
-/********************************************************************/
-
-typedef struct { 
-	int nid;
-	const char *comment;
-	} EC_builtin_curve;
-
-/* EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number 
- * of all available curves or zero if a error occurred. 
- * In case r ist not zero nitems EC_builtin_curve structures 
- * are filled with the data of the first nitems internal groups */
-size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-
-const char *EC_curve_nid2nist(int nid);
-int EC_curve_nist2nid(const char *name);
-
-/********************************************************************/
-/*                    EC_POINT functions                            */
-/********************************************************************/
-
-/** Creates a new EC_POINT object for the specified EC_GROUP
- *  \param  group  EC_GROUP the underlying EC_GROUP object
- *  \return newly created EC_POINT object or NULL if an error occurred
- */
-EC_POINT *EC_POINT_new(const EC_GROUP *group);
-
-/** Frees a EC_POINT object
- *  \param  point  EC_POINT object to be freed
- */
-void EC_POINT_free(EC_POINT *point);
-
-/** Clears and frees a EC_POINT object
- *  \param  point  EC_POINT object to be cleared and freed
- */
-void EC_POINT_clear_free(EC_POINT *point);
-
-/** Copies EC_POINT object
- *  \param  dst  destination EC_POINT object
- *  \param  src  source EC_POINT object
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
-
-/** Creates a new EC_POINT object and copies the content of the supplied
- *  EC_POINT
- *  \param  src    source EC_POINT object
- *  \param  group  underlying the EC_GROUP object
- *  \return newly created EC_POINT object or NULL if an error occurred 
- */
-EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
- 
-/** Returns the EC_METHOD used in EC_POINT object 
- *  \param  point  EC_POINT object
- *  \return the EC_METHOD used
- */
-const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
-
-/** Sets a point to infinity (neutral element)
- *  \param  group  underlying EC_GROUP object
- *  \param  point  EC_POINT to set to infinity
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
-
-/** Sets the jacobian projective coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  z      BIGNUM with the z-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
-
-/** Gets the jacobian projective coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  z      BIGNUM for the z-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
-
-/** Sets the affine coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with x-coordinate
- *  \param  y_bit  integer with the y-Bit (either 0 or 1)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
-#ifndef OPENSSL_NO_EC2M
-/** Sets the affine coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with the x-coordinate
- *  \param  y      BIGNUM with the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
-
-/** Gets the affine coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM for the x-coordinate
- *  \param  y      BIGNUM for the y-coordinate
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-
-/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  x      BIGNUM with x-coordinate
- *  \param  y_bit  integer with the y-Bit (either 0 or 1)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
-#endif
-/** Encodes a EC_POINT object to a octet string
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  form   point conversion form
- *  \param  buf    memory buffer for the result. If NULL the function returns
- *                 required buffer size.
- *  \param  len    length of the memory buffer
- *  \param  ctx    BN_CTX object (optional)
- *  \return the length of the encoded octet string or 0 if an error occurred
- */
-size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
-	point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/** Decodes a EC_POINT from a octet string
- *  \param  group  underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \param  buf    memory buffer with the encoded ec point
- *  \param  len    length of the encoded ec point
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
-        const unsigned char *buf, size_t len, BN_CTX *ctx);
-
-/* other interfaces to point2oct/oct2point: */
-BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BIGNUM *, BN_CTX *);
-EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
-	EC_POINT *, BN_CTX *);
-char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BN_CTX *);
-EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
-	EC_POINT *, BN_CTX *);
-
-
-/********************************************************************/
-/*         functions for doing EC_POINT arithmetic                  */
-/********************************************************************/
-
-/** Computes the sum of two EC_POINT 
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result (r = a + b)
- *  \param  a      EC_POINT object with the first summand
- *  \param  b      EC_POINT object with the second summand
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
-
-/** Computes the double of a EC_POINT
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result (r = 2 * a)
- *  \param  a      EC_POINT object 
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
-
-/** Computes the inverse of a EC_POINT
- *  \param  group  underlying EC_GROUP object
- *  \param  a      EC_POINT object to be inverted (it's used for the result as well)
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
-
-/** Checks whether the point is the neutral element of the group
- *  \param  group  the underlying EC_GROUP object
- *  \param  p      EC_POINT object
- *  \return 1 if the point is the neutral element and 0 otherwise
- */
-int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
-
-/** Checks whether the point is on the curve 
- *  \param  group  underlying EC_GROUP object
- *  \param  point  EC_POINT object to check
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 if point if on the curve and 0 otherwise
- */
-int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
-
-/** Compares two EC_POINTs 
- *  \param  group  underlying EC_GROUP object
- *  \param  a      first EC_POINT object
- *  \param  b      second EC_POINT object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 0 if both points are equal and a value != 0 otherwise
- */
-int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
-
-int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
-int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
-
-/** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result
- *  \param  n      BIGNUM with the multiplier for the group generator (optional)
- *  \param  num    number futher summands
- *  \param  p      array of size num of EC_POINT objects
- *  \param  m      array of size num of BIGNUM objects
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
-
-/** Computes r = generator * n + q * m
- *  \param  group  underlying EC_GROUP object
- *  \param  r      EC_POINT object for the result
- *  \param  n      BIGNUM with the multiplier for the group generator (optional)
- *  \param  q      EC_POINT object with the first factor of the second summand
- *  \param  m      BIGNUM with the second factor of the second summand
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
-
-/** Stores multiples of generator for faster point multiplication
- *  \param  group  EC_GROUP object
- *  \param  ctx    BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occured
- */
-int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-
-/** Reports whether a precomputation has been done
- *  \param  group  EC_GROUP object
- *  \return 1 if a pre-computation has been done and 0 otherwise
- */
-int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
-
-
-/********************************************************************/
-/*                       ASN1 stuff                                 */
-/********************************************************************/
-
-/* EC_GROUP_get_basis_type() returns the NID of the basis type
- * used to represent the field elements */
-int EC_GROUP_get_basis_type(const EC_GROUP *);
-#ifndef OPENSSL_NO_EC2M
-int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
-int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, 
-	unsigned int *k2, unsigned int *k3);
-#endif
-
-#define OPENSSL_EC_NAMED_CURVE	0x001
-
-typedef struct ecpk_parameters_st ECPKPARAMETERS;
-
-EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
-int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
-
-#define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
-#define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
-#define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
-                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
-#define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
-		(unsigned char *)(x))
-
-#ifndef OPENSSL_NO_BIO
-int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
-#endif
-int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-
-
-/********************************************************************/
-/*                      EC_KEY functions                            */
-/********************************************************************/
-
-typedef struct ec_key_st EC_KEY;
-
-/* some values for the encoding_flag */
-#define EC_PKEY_NO_PARAMETERS	0x001
-#define EC_PKEY_NO_PUBKEY	0x002
-
-/* some values for the flags field */
-#define EC_FLAG_NON_FIPS_ALLOW	0x1
-#define EC_FLAG_FIPS_CHECKED	0x2
-
-/** Creates a new EC_KEY object.
- *  \return EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_new(void);
-
-int EC_KEY_get_flags(const EC_KEY *key);
-
-void EC_KEY_set_flags(EC_KEY *key, int flags);
-
-void EC_KEY_clear_flags(EC_KEY *key, int flags);
-
-/** Creates a new EC_KEY object using a named curve as underlying
- *  EC_GROUP object.
- *  \param  nid  NID of the named curve.
- *  \return EC_KEY object or NULL if an error occurred. 
- */
-EC_KEY *EC_KEY_new_by_curve_name(int nid);
-
-/** Frees a EC_KEY object.
- *  \param  key  EC_KEY object to be freed.
- */
-void EC_KEY_free(EC_KEY *key);
-
-/** Copies a EC_KEY object.
- *  \param  dst  destination EC_KEY object
- *  \param  src  src EC_KEY object
- *  \return dst or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
-
-/** Creates a new EC_KEY object and copies the content from src to it.
- *  \param  src  the source EC_KEY object
- *  \return newly created EC_KEY object or NULL if an error occurred.
- */
-EC_KEY *EC_KEY_dup(const EC_KEY *src);
-
-/** Increases the internal reference count of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_up_ref(EC_KEY *key);
-
-/** Returns the EC_GROUP object of a EC_KEY object
- *  \param  key  EC_KEY object
- *  \return the EC_GROUP object (possibly NULL).
- */
-const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
-
-/** Sets the EC_GROUP of a EC_KEY object.
- *  \param  key    EC_KEY object
- *  \param  group  EC_GROUP to use in the EC_KEY object (note: the EC_KEY
- *                 object will use an own copy of the EC_GROUP).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
-
-/** Returns the private key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \return a BIGNUM with the private key (possibly NULL).
- */
-const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
-
-/** Sets the private key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \param  prv  BIGNUM with the private key (note: the EC_KEY object
- *               will use an own copy of the BIGNUM).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
-
-/** Returns the public key of a EC_KEY object.
- *  \param  key  the EC_KEY object
- *  \return a EC_POINT object with the public key (possibly NULL)
- */
-const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
-
-/** Sets the public key of a EC_KEY object.
- *  \param  key  EC_KEY object
- *  \param  pub  EC_POINT object with the public key (note: the EC_KEY object
- *               will use an own copy of the EC_POINT object).
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
-
-unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
-void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
-point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
-void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
-/* functions to set/get method specific data  */
-void *EC_KEY_get_key_method_data(EC_KEY *key, 
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-/** Sets the key method data of an EC_KEY object, if none has yet been set.
- *  \param  key              EC_KEY object
- *  \param  data             opaque data to install.
- *  \param  dup_func         a function that duplicates |data|.
- *  \param  free_func        a function that frees |data|.
- *  \param  clear_free_func  a function that wipes and frees |data|.
- *  \return the previously set data pointer, or NULL if |data| was inserted.
- */
-void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-/* wrapper functions for the underlying EC_GROUP object */
-void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
-
-/** Creates a table of pre-computed multiples of the generator to 
- *  accelerate further EC_KEY operations.
- *  \param  key  EC_KEY object
- *  \param  ctx  BN_CTX object (optional)
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
-
-/** Creates a new ec private (and optional a new public) key.
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred.
- */
-int EC_KEY_generate_key(EC_KEY *key);
-
-/** Verifies that a private and/or public key is valid.
- *  \param  key  the EC_KEY object
- *  \return 1 on success and 0 otherwise.
- */
-int EC_KEY_check_key(const EC_KEY *key);
-
-/** Sets a public key from affine coordindates performing
- *  neccessary NIST PKV tests.
- *  \param  key  the EC_KEY object
- *  \param  x    public key x coordinate
- *  \param  y    public key y coordinate
- *  \return 1 on success and 0 otherwise.
- */
-int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
-
-
-/********************************************************************/
-/*        de- and encoding functions for SEC1 ECPrivateKey          */
-/********************************************************************/
-
-/** Decodes a private key from a memory buffer.
- *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
- *  \param  in   pointer to memory with the DER encoded private key
- *  \param  len  length of the DER encoded private key
- *  \return the decoded private key or NULL if an error occurred.
- */
-EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a private key object and stores the result in a buffer.
- *  \param  key  the EC_KEY object to encode
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
-
-
-/********************************************************************/
-/*        de- and encoding functions for EC parameters              */
-/********************************************************************/
-
-/** Decodes ec parameter from a memory buffer.
- *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
- *  \param  in   pointer to memory with the DER encoded ec parameters
- *  \param  len  length of the DER encoded ec parameters
- *  \return a EC_KEY object with the decoded parameters or NULL if an error
- *          occurred.
- */
-EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes ec parameter and stores the result in a buffer.
- *  \param  key  the EC_KEY object with ec paramters to encode
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred.
- */
-int i2d_ECParameters(EC_KEY *key, unsigned char **out);
-
-
-/********************************************************************/
-/*         de- and encoding functions for EC public key             */
-/*         (octet string, not DER -- hence 'o2i' and 'i2o')         */
-/********************************************************************/
-
-/** Decodes a ec public key from a octet string.
- *  \param  key  a pointer to a EC_KEY object which should be used
- *  \param  in   memory buffer with the encoded public key
- *  \param  len  length of the encoded public key
- *  \return EC_KEY object with decoded public key or NULL if an error
- *          occurred.
- */
-EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
-
-/** Encodes a ec public key in an octet string.
- *  \param  key  the EC_KEY object with the public key
- *  \param  out  the buffer for the result (if NULL the function returns number
- *               of bytes needed).
- *  \return 1 on success and 0 if an error occurred
- */
-int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
-
-#ifndef OPENSSL_NO_BIO
-/** Prints out the ec parameters on human readable form.
- *  \param  bp   BIO object to which the information is printed
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred
- */
-int	ECParameters_print(BIO *bp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- *  \param  bp   BIO object to which the information is printed
- *  \param  key  EC_KEY object
- *  \param  off  line offset 
- *  \return 1 on success and 0 if an error occurred
- */
-int	EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
-
-#endif
-/** Prints out the ec parameters on human readable form.
- *  \param  fp   file descriptor to which the information is printed
- *  \param  key  EC_KEY object
- *  \return 1 on success and 0 if an error occurred
- */
-int	ECParameters_print_fp(FILE *fp, const EC_KEY *key);
-
-/** Prints out the contents of a EC_KEY object
- *  \param  fp   file descriptor to which the information is printed
- *  \param  key  EC_KEY object
- *  \param  off  line offset 
- *  \return 1 on success and 0 if an error occurred
- */
-int	EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
-
-EC_KEY *ECParameters_dup(EC_KEY *key);
-
-#ifndef __cplusplus
-#if defined(__SUNPRO_C)
-#  if __SUNPRO_C >= 0x520
-# pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-#  endif
-# endif
-#endif
-
-#define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
-				EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
-
-
-#define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID		(EVP_PKEY_ALG_CTRL + 1)
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EC_strings(void);
-
-/* Error codes for the EC functions. */
-
-/* Function codes. */
-#define EC_F_BN_TO_FELEM				 224
-#define EC_F_COMPUTE_WNAF				 143
-#define EC_F_D2I_ECPARAMETERS				 144
-#define EC_F_D2I_ECPKPARAMETERS				 145
-#define EC_F_D2I_ECPRIVATEKEY				 146
-#define EC_F_DO_EC_KEY_PRINT				 221
-#define EC_F_ECKEY_PARAM2TYPE				 223
-#define EC_F_ECKEY_PARAM_DECODE				 212
-#define EC_F_ECKEY_PRIV_DECODE				 213
-#define EC_F_ECKEY_PRIV_ENCODE				 214
-#define EC_F_ECKEY_PUB_DECODE				 215
-#define EC_F_ECKEY_PUB_ENCODE				 216
-#define EC_F_ECKEY_TYPE2PARAM				 220
-#define EC_F_ECPARAMETERS_PRINT				 147
-#define EC_F_ECPARAMETERS_PRINT_FP			 148
-#define EC_F_ECPKPARAMETERS_PRINT			 149
-#define EC_F_ECPKPARAMETERS_PRINT_FP			 150
-#define EC_F_ECP_NIST_MOD_192				 203
-#define EC_F_ECP_NIST_MOD_224				 204
-#define EC_F_ECP_NIST_MOD_256				 205
-#define EC_F_ECP_NIST_MOD_521				 206
-#define EC_F_EC_ASN1_GROUP2CURVE			 153
-#define EC_F_EC_ASN1_GROUP2FIELDID			 154
-#define EC_F_EC_ASN1_GROUP2PARAMETERS			 155
-#define EC_F_EC_ASN1_GROUP2PKPARAMETERS			 156
-#define EC_F_EC_ASN1_PARAMETERS2GROUP			 157
-#define EC_F_EC_ASN1_PKPARAMETERS2GROUP			 158
-#define EC_F_EC_EX_DATA_SET_DATA			 211
-#define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY		 208
-#define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT	 159
-#define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE		 195
-#define EC_F_EC_GF2M_SIMPLE_OCT2POINT			 160
-#define EC_F_EC_GF2M_SIMPLE_POINT2OCT			 161
-#define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-#define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-#define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES	 164
-#define EC_F_EC_GFP_MONT_FIELD_DECODE			 133
-#define EC_F_EC_GFP_MONT_FIELD_ENCODE			 134
-#define EC_F_EC_GFP_MONT_FIELD_MUL			 131
-#define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE		 209
-#define EC_F_EC_GFP_MONT_FIELD_SQR			 132
-#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE		 189
-#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP		 135
-#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE		 225
-#define EC_F_EC_GFP_NISTP224_POINTS_MUL			 228
-#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
-#define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE		 230
-#define EC_F_EC_GFP_NISTP256_POINTS_MUL			 231
-#define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
-#define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE		 233
-#define EC_F_EC_GFP_NISTP521_POINTS_MUL			 234
-#define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
-#define EC_F_EC_GFP_NIST_FIELD_MUL			 200
-#define EC_F_EC_GFP_NIST_FIELD_SQR			 201
-#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE		 202
-#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT	 165
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE		 166
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP		 100
-#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR		 101
-#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE			 102
-#define EC_F_EC_GFP_SIMPLE_OCT2POINT			 103
-#define EC_F_EC_GFP_SIMPLE_POINT2OCT			 104
-#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE		 137
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES	 167
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES	 168
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES	 169
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
-#define EC_F_EC_GROUP_CHECK				 170
-#define EC_F_EC_GROUP_CHECK_DISCRIMINANT		 171
-#define EC_F_EC_GROUP_COPY				 106
-#define EC_F_EC_GROUP_GET0_GENERATOR			 139
-#define EC_F_EC_GROUP_GET_COFACTOR			 140
-#define EC_F_EC_GROUP_GET_CURVE_GF2M			 172
-#define EC_F_EC_GROUP_GET_CURVE_GFP			 130
-#define EC_F_EC_GROUP_GET_DEGREE			 173
-#define EC_F_EC_GROUP_GET_ORDER				 141
-#define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS		 193
-#define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS		 194
-#define EC_F_EC_GROUP_NEW				 108
-#define EC_F_EC_GROUP_NEW_BY_CURVE_NAME			 174
-#define EC_F_EC_GROUP_NEW_FROM_DATA			 175
-#define EC_F_EC_GROUP_PRECOMPUTE_MULT			 142
-#define EC_F_EC_GROUP_SET_CURVE_GF2M			 176
-#define EC_F_EC_GROUP_SET_CURVE_GFP			 109
-#define EC_F_EC_GROUP_SET_EXTRA_DATA			 110
-#define EC_F_EC_GROUP_SET_GENERATOR			 111
-#define EC_F_EC_KEY_CHECK_KEY				 177
-#define EC_F_EC_KEY_COPY				 178
-#define EC_F_EC_KEY_GENERATE_KEY			 179
-#define EC_F_EC_KEY_NEW					 182
-#define EC_F_EC_KEY_PRINT				 180
-#define EC_F_EC_KEY_PRINT_FP				 181
-#define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES	 229
-#define EC_F_EC_POINTS_MAKE_AFFINE			 136
-#define EC_F_EC_POINT_ADD				 112
-#define EC_F_EC_POINT_CMP				 113
-#define EC_F_EC_POINT_COPY				 114
-#define EC_F_EC_POINT_DBL				 115
-#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M	 183
-#define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP	 116
-#define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP	 117
-#define EC_F_EC_POINT_INVERT				 210
-#define EC_F_EC_POINT_IS_AT_INFINITY			 118
-#define EC_F_EC_POINT_IS_ON_CURVE			 119
-#define EC_F_EC_POINT_MAKE_AFFINE			 120
-#define EC_F_EC_POINT_MUL				 184
-#define EC_F_EC_POINT_NEW				 121
-#define EC_F_EC_POINT_OCT2POINT				 122
-#define EC_F_EC_POINT_POINT2OCT				 123
-#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M	 185
-#define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP	 124
-#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M	 186
-#define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP	 125
-#define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP	 126
-#define EC_F_EC_POINT_SET_TO_INFINITY			 127
-#define EC_F_EC_PRE_COMP_DUP				 207
-#define EC_F_EC_PRE_COMP_NEW				 196
-#define EC_F_EC_WNAF_MUL				 187
-#define EC_F_EC_WNAF_PRECOMPUTE_MULT			 188
-#define EC_F_I2D_ECPARAMETERS				 190
-#define EC_F_I2D_ECPKPARAMETERS				 191
-#define EC_F_I2D_ECPRIVATEKEY				 192
-#define EC_F_I2O_ECPUBLICKEY				 151
-#define EC_F_NISTP224_PRE_COMP_NEW			 227
-#define EC_F_NISTP256_PRE_COMP_NEW			 236
-#define EC_F_NISTP521_PRE_COMP_NEW			 237
-#define EC_F_O2I_ECPUBLICKEY				 152
-#define EC_F_OLD_EC_PRIV_DECODE				 222
-#define EC_F_PKEY_EC_CTRL				 197
-#define EC_F_PKEY_EC_CTRL_STR				 198
-#define EC_F_PKEY_EC_DERIVE				 217
-#define EC_F_PKEY_EC_KEYGEN				 199
-#define EC_F_PKEY_EC_PARAMGEN				 219
-#define EC_F_PKEY_EC_SIGN				 218
-
-/* Reason codes. */
-#define EC_R_ASN1_ERROR					 115
-#define EC_R_ASN1_UNKNOWN_FIELD				 116
-#define EC_R_BIGNUM_OUT_OF_RANGE			 144
-#define EC_R_BUFFER_TOO_SMALL				 100
-#define EC_R_COORDINATES_OUT_OF_RANGE			 146
-#define EC_R_D2I_ECPKPARAMETERS_FAILURE			 117
-#define EC_R_DECODE_ERROR				 142
-#define EC_R_DISCRIMINANT_IS_ZERO			 118
-#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE		 119
-#define EC_R_FIELD_TOO_LARGE				 143
-#define EC_R_GF2M_NOT_SUPPORTED				 147
-#define EC_R_GROUP2PKPARAMETERS_FAILURE			 120
-#define EC_R_I2D_ECPKPARAMETERS_FAILURE			 121
-#define EC_R_INCOMPATIBLE_OBJECTS			 101
-#define EC_R_INVALID_ARGUMENT				 112
-#define EC_R_INVALID_COMPRESSED_POINT			 110
-#define EC_R_INVALID_COMPRESSION_BIT			 109
-#define EC_R_INVALID_CURVE				 141
-#define EC_R_INVALID_DIGEST_TYPE			 138
-#define EC_R_INVALID_ENCODING				 102
-#define EC_R_INVALID_FIELD				 103
-#define EC_R_INVALID_FORM				 104
-#define EC_R_INVALID_GROUP_ORDER			 122
-#define EC_R_INVALID_PENTANOMIAL_BASIS			 132
-#define EC_R_INVALID_PRIVATE_KEY			 123
-#define EC_R_INVALID_TRINOMIAL_BASIS			 137
-#define EC_R_KEYS_NOT_SET				 140
-#define EC_R_MISSING_PARAMETERS				 124
-#define EC_R_MISSING_PRIVATE_KEY			 125
-#define EC_R_NOT_A_NIST_PRIME				 135
-#define EC_R_NOT_A_SUPPORTED_NIST_PRIME			 136
-#define EC_R_NOT_IMPLEMENTED				 126
-#define EC_R_NOT_INITIALIZED				 111
-#define EC_R_NO_FIELD_MOD				 133
-#define EC_R_NO_PARAMETERS_SET				 139
-#define EC_R_PASSED_NULL_PARAMETER			 134
-#define EC_R_PKPARAMETERS2GROUP_FAILURE			 127
-#define EC_R_POINT_AT_INFINITY				 106
-#define EC_R_POINT_IS_NOT_ON_CURVE			 107
-#define EC_R_SLOT_FULL					 108
-#define EC_R_UNDEFINED_GENERATOR			 113
-#define EC_R_UNDEFINED_ORDER				 128
-#define EC_R_UNKNOWN_GROUP				 129
-#define EC_R_UNKNOWN_ORDER				 114
-#define EC_R_UNSUPPORTED_FIELD				 131
-#define EC_R_WRONG_CURVE_PARAMETERS			 145
-#define EC_R_WRONG_ORDER				 130
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec2_mult.c b/lib/libssl/src/crypto/ec/ec2_mult.c
deleted file mode 100644
index 3812611702b..00000000000
--- a/lib/libssl/src/crypto/ec/ec2_mult.c
+++ /dev/null
@@ -1,450 +0,0 @@
-/* $OpenBSD: ec2_mult.c,v 1.8 2016/03/12 21:44:11 bcook Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-
-/* Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective
- * coordinates.
- * Uses algorithm Mdouble in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- * modified to not require precomputation of c=b^{2^{m-1}}.
- */
-static int
-gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z, BN_CTX *ctx)
-{
-	BIGNUM *t1;
-	int ret = 0;
-
-	/* Since Mdouble is static we can guarantee that ctx != NULL. */
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!group->meth->field_sqr(group, x, x, ctx))
-		goto err;
-	if (!group->meth->field_sqr(group, t1, z, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, z, x, t1, ctx))
-		goto err;
-	if (!group->meth->field_sqr(group, x, x, ctx))
-		goto err;
-	if (!group->meth->field_sqr(group, t1, t1, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, t1, &group->b, t1, ctx))
-		goto err;
-	if (!BN_GF2m_add(x, x, t1))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery
- * projective coordinates.
- * Uses algorithm Madd in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- */
-static int
-gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1, BIGNUM *z1,
-    const BIGNUM *x2, const BIGNUM *z2, BN_CTX *ctx)
-{
-	BIGNUM *t1, *t2;
-	int ret = 0;
-
-	/* Since Madd is static we can guarantee that ctx != NULL. */
-	BN_CTX_start(ctx);
-	if ((t1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_copy(t1, x))
-		goto err;
-	if (!group->meth->field_mul(group, x1, x1, z2, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, z1, z1, x2, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, t2, x1, z1, ctx))
-		goto err;
-	if (!BN_GF2m_add(z1, z1, x1))
-		goto err;
-	if (!group->meth->field_sqr(group, z1, z1, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, x1, z1, t1, ctx))
-		goto err;
-	if (!BN_GF2m_add(x1, x1, t2))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-/* Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
- * using Montgomery point multiplication algorithm Mxy() in appendix of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- * Returns:
- *     0 on error
- *     1 if return value should be the point at infinity
- *     2 otherwise
- */
-static int
-gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y, BIGNUM *x1,
-    BIGNUM *z1, BIGNUM *x2, BIGNUM *z2, BN_CTX *ctx)
-{
-	BIGNUM *t3, *t4, *t5;
-	int ret = 0;
-
-	if (BN_is_zero(z1)) {
-		BN_zero(x2);
-		BN_zero(z2);
-		return 1;
-	}
-	if (BN_is_zero(z2)) {
-		if (!BN_copy(x2, x))
-			return 0;
-		if (!BN_GF2m_add(z2, x, y))
-			return 0;
-		return 2;
-	}
-	/* Since Mxy is static we can guarantee that ctx != NULL. */
-	BN_CTX_start(ctx);
-	if ((t3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t4 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t5 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_one(t5))
-		goto err;
-
-	if (!group->meth->field_mul(group, t3, z1, z2, ctx))
-		goto err;
-
-	if (!group->meth->field_mul(group, z1, z1, x, ctx))
-		goto err;
-	if (!BN_GF2m_add(z1, z1, x1))
-		goto err;
-	if (!group->meth->field_mul(group, z2, z2, x, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, x1, z2, x1, ctx))
-		goto err;
-	if (!BN_GF2m_add(z2, z2, x2))
-		goto err;
-
-	if (!group->meth->field_mul(group, z2, z2, z1, ctx))
-		goto err;
-	if (!group->meth->field_sqr(group, t4, x, ctx))
-		goto err;
-	if (!BN_GF2m_add(t4, t4, y))
-		goto err;
-	if (!group->meth->field_mul(group, t4, t4, t3, ctx))
-		goto err;
-	if (!BN_GF2m_add(t4, t4, z2))
-		goto err;
-
-	if (!group->meth->field_mul(group, t3, t3, x, ctx))
-		goto err;
-	if (!group->meth->field_div(group, t3, t5, t3, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, t4, t3, t4, ctx))
-		goto err;
-	if (!group->meth->field_mul(group, x2, x1, t3, ctx))
-		goto err;
-	if (!BN_GF2m_add(z2, x2, x))
-		goto err;
-
-	if (!group->meth->field_mul(group, z2, z2, t4, ctx))
-		goto err;
-	if (!BN_GF2m_add(z2, z2, y))
-		goto err;
-
-	ret = 2;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-
-/* Computes scalar*point and stores the result in r.
- * point can not equal r.
- * Uses a modified algorithm 2P of
- *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
- *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
- *
- * To protect against side-channel attack the function uses constant time swap,
- * avoiding conditional branches.
- */
-static int
-ec_GF2m_montgomery_point_multiply(const EC_GROUP *group, EC_POINT *r,
-    const BIGNUM *scalar, const EC_POINT *point, BN_CTX *ctx)
-{
-	BIGNUM *x1, *x2, *z1, *z2;
-	int ret = 0, i;
-	BN_ULONG mask, word;
-
-	if (r == point) {
-		ECerr(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, EC_R_INVALID_ARGUMENT);
-		return 0;
-	}
-	/* if result should be point at infinity */
-	if ((scalar == NULL) || BN_is_zero(scalar) || (point == NULL) ||
-	    EC_POINT_is_at_infinity(group, point) > 0) {
-		return EC_POINT_set_to_infinity(group, r);
-	}
-	/* only support affine coordinates */
-	if (!point->Z_is_one)
-		return 0;
-
-	/* Since point_multiply is static we can guarantee that ctx != NULL. */
-	BN_CTX_start(ctx);
-	if ((x1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((z1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	x2 = &r->X;
-	z2 = &r->Y;
-
-	if (!bn_wexpand(x1, group->field.top))
-                goto err;
-	if (!bn_wexpand(z1, group->field.top))
-                goto err;
-	if (!bn_wexpand(x2, group->field.top))
-                goto err;
-	if (!bn_wexpand(z2, group->field.top))
-                goto err;
-
-	if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
-		goto err;	/* x1 = x */
-	if (!BN_one(z1))
-		goto err;	/* z1 = 1 */
-	if (!group->meth->field_sqr(group, z2, x1, ctx))
-		goto err;	/* z2 = x1^2 = x^2 */
-	if (!group->meth->field_sqr(group, x2, z2, ctx))
-		goto err;
-	if (!BN_GF2m_add(x2, x2, &group->b))
-		goto err;	/* x2 = x^4 + b */
-
-	/* find top most bit and go one past it */
-	i = scalar->top - 1;
-	mask = BN_TBIT;
-	word = scalar->d[i];
-	while (!(word & mask))
-		mask >>= 1;
-	mask >>= 1;
-	/* if top most bit was at word break, go to next word */
-	if (!mask) {
-		i--;
-		mask = BN_TBIT;
-	}
-	for (; i >= 0; i--) {
-		word = scalar->d[i];
-		while (mask) {
-			BN_consttime_swap(word & mask, x1, x2, group->field.top);
-			BN_consttime_swap(word & mask, z1, z2, group->field.top);
-			if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
-				goto err;
-			if (!gf2m_Mdouble(group, x1, z1, ctx))
-				goto err;
-			BN_consttime_swap(word & mask, x1, x2, group->field.top);
-			BN_consttime_swap(word & mask, z1, z2, group->field.top);
-			mask >>= 1;
-		}
-		mask = BN_TBIT;
-	}
-
-	/* convert out of "projective" coordinates */
-	i = gf2m_Mxy(group, &point->X, &point->Y, x1, z1, x2, z2, ctx);
-	if (i == 0)
-		goto err;
-	else if (i == 1) {
-		if (!EC_POINT_set_to_infinity(group, r))
-			goto err;
-	} else {
-		if (!BN_one(&r->Z))
-			goto err;
-		r->Z_is_one = 1;
-	}
-
-	/* GF(2^m) field elements should always have BIGNUM::neg = 0 */
-	BN_set_negative(&r->X, 0);
-	BN_set_negative(&r->Y, 0);
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-
-/* Computes the sum
- *     scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
- * gracefully ignoring NULL scalar values.
- */
-int
-ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-    size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	int ret = 0;
-	size_t i;
-	EC_POINT *p = NULL;
-	EC_POINT *acc = NULL;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	/*
-	 * This implementation is more efficient than the wNAF implementation
-	 * for 2 or fewer points.  Use the ec_wNAF_mul implementation for 3
-	 * or more points, or if we can perform a fast multiplication based
-	 * on precomputation.
-	 */
-	if ((scalar && (num > 1)) || (num > 2) ||
-	    (num == 0 && EC_GROUP_have_precompute_mult(group))) {
-		ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-		goto err;
-	}
-	if ((p = EC_POINT_new(group)) == NULL)
-		goto err;
-	if ((acc = EC_POINT_new(group)) == NULL)
-		goto err;
-
-	if (!EC_POINT_set_to_infinity(group, acc))
-		goto err;
-
-	if (scalar) {
-		if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx))
-			goto err;
-		if (BN_is_negative(scalar))
-			if (!group->meth->invert(group, p, ctx))
-				goto err;
-		if (!group->meth->add(group, acc, acc, p, ctx))
-			goto err;
-	}
-	for (i = 0; i < num; i++) {
-		if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx))
-			goto err;
-		if (BN_is_negative(scalars[i]))
-			if (!group->meth->invert(group, p, ctx))
-				goto err;
-		if (!group->meth->add(group, acc, acc, p, ctx))
-			goto err;
-	}
-
-	if (!EC_POINT_copy(r, acc))
-		goto err;
-
-	ret = 1;
-
-err:
-	EC_POINT_free(p);
-	EC_POINT_free(acc);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Precomputation for point multiplication: fall back to wNAF methods
- * because ec_GF2m_simple_mul() uses ec_wNAF_mul() if appropriate */
-
-int
-ec_GF2m_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	return ec_wNAF_precompute_mult(group, ctx);
-}
-
-int
-ec_GF2m_have_precompute_mult(const EC_GROUP * group)
-{
-	return ec_wNAF_have_precompute_mult(group);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec2_oct.c b/lib/libssl/src/crypto/ec/ec2_oct.c
deleted file mode 100644
index 72690b1bc7f..00000000000
--- a/lib/libssl/src/crypto/ec/ec2_oct.c
+++ /dev/null
@@ -1,382 +0,0 @@
-/* $OpenBSD: ec2_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-/* Calculates and sets the affine coordinates of an EC_POINT from the given
- * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1.
- * Note that the simple implementation only uses affine coordinates.
- *
- * The method is from the following publication:
- *
- *     Harper, Menezes, Vanstone:
- *     "Public-Key Cryptosystems with Very Small Key Lengths",
- *     EUROCRYPT '92, Springer-Verlag LNCS 658,
- *     published February 1993
- *
- * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
- * the same method, but claim no priority date earlier than July 29, 1994
- * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
- */
-int 
-ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
-    const BIGNUM *x_, int y_bit, BN_CTX *ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp, *x, *y, *z;
-	int ret = 0, z0;
-
-	/* clear error queue */
-	ERR_clear_error();
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	y_bit = (y_bit != 0) ? 1 : 0;
-
-	BN_CTX_start(ctx);
-	if ((tmp = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((z = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod_arr(x, x_, group->poly))
-		goto err;
-	if (BN_is_zero(x)) {
-		if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx))
-			goto err;
-	} else {
-		if (!group->meth->field_sqr(group, tmp, x, ctx))
-			goto err;
-		if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx))
-			goto err;
-		if (!BN_GF2m_add(tmp, &group->a, tmp))
-			goto err;
-		if (!BN_GF2m_add(tmp, x, tmp))
-			goto err;
-		if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) {
-			unsigned long err = ERR_peek_last_error();
-
-			if (ERR_GET_LIB(err) == ERR_LIB_BN &&
-			    ERR_GET_REASON(err) == BN_R_NO_SOLUTION) {
-				ERR_clear_error();
-				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
-			} else
-				ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
-			goto err;
-		}
-		z0 = (BN_is_odd(z)) ? 1 : 0;
-		if (!group->meth->field_mul(group, y, x, z, ctx))
-			goto err;
-		if (z0 != y_bit) {
-			if (!BN_GF2m_add(y, y, x))
-				goto err;
-		}
-	}
-
-	if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Converts an EC_POINT to an octet string.
- * If buf is NULL, the encoded length will be returned.
- * If the length len of buf is smaller than required an error will be returned.
- */
-size_t 
-ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
-    point_conversion_form_t form,
-    unsigned char *buf, size_t len, BN_CTX * ctx)
-{
-	size_t ret;
-	BN_CTX *new_ctx = NULL;
-	int used_ctx = 0;
-	BIGNUM *x, *y, *yxi;
-	size_t field_len, i, skip;
-
-	if ((form != POINT_CONVERSION_COMPRESSED)
-	    && (form != POINT_CONVERSION_UNCOMPRESSED)
-	    && (form != POINT_CONVERSION_HYBRID)) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
-		goto err;
-	}
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		/* encodes to a single 0 octet */
-		if (buf != NULL) {
-			if (len < 1) {
-				ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-				return 0;
-			}
-			buf[0] = 0;
-		}
-		return 1;
-	}
-	/* ret := required output buffer length */
-	field_len = (EC_GROUP_get_degree(group) + 7) / 8;
-	ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len :
-	    1 + 2 * field_len;
-
-	/* if 'buf' is NULL, just return required length */
-	if (buf != NULL) {
-		if (len < ret) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-			goto err;
-		}
-		if (ctx == NULL) {
-			ctx = new_ctx = BN_CTX_new();
-			if (ctx == NULL)
-				return 0;
-		}
-		BN_CTX_start(ctx);
-		used_ctx = 1;
-		if ((x = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		if ((y = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		if ((yxi = BN_CTX_get(ctx)) == NULL)
-			goto err;
-
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
-			goto err;
-
-		buf[0] = form;
-		if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) {
-			if (!group->meth->field_div(group, yxi, y, x, ctx))
-				goto err;
-			if (BN_is_odd(yxi))
-				buf[0]++;
-		}
-		i = 1;
-
-		skip = field_len - BN_num_bytes(x);
-		if (skip > field_len) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		while (skip > 0) {
-			buf[i++] = 0;
-			skip--;
-		}
-		skip = BN_bn2bin(x, buf + i);
-		i += skip;
-		if (i != 1 + field_len) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		if (form == POINT_CONVERSION_UNCOMPRESSED ||
-		    form == POINT_CONVERSION_HYBRID) {
-			skip = field_len - BN_num_bytes(y);
-			if (skip > field_len) {
-				ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			while (skip > 0) {
-				buf[i++] = 0;
-				skip--;
-			}
-			skip = BN_bn2bin(y, buf + i);
-			i += skip;
-		}
-		if (i != ret) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-	}
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-
-err:
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return 0;
-}
-
-
-/* Converts an octet string representation to an EC_POINT.
- * Note that the simple implementation only uses affine coordinates.
- */
-int 
-ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
-    const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-	point_conversion_form_t form;
-	int y_bit;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y, *yxi;
-	size_t field_len, enc_len;
-	int ret = 0;
-
-	if (len == 0) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-	form = buf[0];
-	y_bit = form & 1;
-	form = form & ~1U;
-	if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) &&
-	    (form != POINT_CONVERSION_UNCOMPRESSED) &&
-	    (form != POINT_CONVERSION_HYBRID)) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if (form == 0) {
-		if (len != 1) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			return 0;
-		}
-		return EC_POINT_set_to_infinity(group, point);
-	}
-	field_len = (EC_GROUP_get_degree(group) + 7) / 8;
-	enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len :
-	    1 + 2 * field_len;
-
-	if (len != enc_len) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((yxi = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_bin2bn(buf + 1, field_len, x))
-		goto err;
-	if (BN_ucmp(x, &group->field) >= 0) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		goto err;
-	}
-	if (form == POINT_CONVERSION_COMPRESSED) {
-		if (!EC_POINT_set_compressed_coordinates_GF2m(group, point, x, y_bit, ctx))
-			goto err;
-	} else {
-		if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
-			goto err;
-		if (BN_ucmp(y, &group->field) >= 0) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			goto err;
-		}
-		if (form == POINT_CONVERSION_HYBRID) {
-			if (!group->meth->field_div(group, yxi, y, x, ctx))
-				goto err;
-			if (y_bit != BN_is_odd(yxi)) {
-				ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-				goto err;
-			}
-		}
-		if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
-			goto err;
-	}
-
-	/* test required by X9.62 */
-	if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec2_smpl.c b/lib/libssl/src/crypto/ec/ec2_smpl.c
deleted file mode 100644
index 43f0afd5ae9..00000000000
--- a/lib/libssl/src/crypto/ec/ec2_smpl.c
+++ /dev/null
@@ -1,787 +0,0 @@
-/* $OpenBSD: ec2_smpl.c,v 1.14 2015/02/09 15:49:22 jsing Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The software is originally written by Sheueling Chang Shantz and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-#ifndef OPENSSL_NO_EC2M
-
-const EC_METHOD *
-EC_GF2m_simple_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_characteristic_two_field,
-		.group_init = ec_GF2m_simple_group_init,
-		.group_finish = ec_GF2m_simple_group_finish,
-		.group_clear_finish = ec_GF2m_simple_group_clear_finish,
-		.group_copy = ec_GF2m_simple_group_copy,
-		.group_set_curve = ec_GF2m_simple_group_set_curve,
-		.group_get_curve = ec_GF2m_simple_group_get_curve,
-		.group_get_degree = ec_GF2m_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GF2m_simple_group_check_discriminant,
-		.point_init = ec_GF2m_simple_point_init,
-		.point_finish = ec_GF2m_simple_point_finish,
-		.point_clear_finish = ec_GF2m_simple_point_clear_finish,
-		.point_copy = ec_GF2m_simple_point_copy,
-		.point_set_to_infinity = ec_GF2m_simple_point_set_to_infinity,
-		.point_set_affine_coordinates =
-		ec_GF2m_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GF2m_simple_point_get_affine_coordinates,
-		.add = ec_GF2m_simple_add,
-		.dbl = ec_GF2m_simple_dbl,
-		.invert = ec_GF2m_simple_invert,
-		.is_at_infinity = ec_GF2m_simple_is_at_infinity,
-		.is_on_curve = ec_GF2m_simple_is_on_curve,
-		.point_cmp = ec_GF2m_simple_cmp,
-		.make_affine = ec_GF2m_simple_make_affine,
-		.points_make_affine = ec_GF2m_simple_points_make_affine,
-
-		/*
-		 * the following three method functions are defined in
-		 * ec2_mult.c
-		 */
-		.mul = ec_GF2m_simple_mul,
-		.precompute_mult = ec_GF2m_precompute_mult,
-		.have_precompute_mult = ec_GF2m_have_precompute_mult,
-
-		.field_mul = ec_GF2m_simple_field_mul,
-		.field_sqr = ec_GF2m_simple_field_sqr,
-		.field_div = ec_GF2m_simple_field_div,
-	};
-
-	return &ret;
-}
-
-
-/* Initialize a GF(2^m)-based EC_GROUP structure.
- * Note that all other members are handled by EC_GROUP_new.
- */
-int 
-ec_GF2m_simple_group_init(EC_GROUP * group)
-{
-	BN_init(&group->field);
-	BN_init(&group->a);
-	BN_init(&group->b);
-	return 1;
-}
-
-
-/* Free a GF(2^m)-based EC_GROUP structure.
- * Note that all other members are handled by EC_GROUP_free.
- */
-void 
-ec_GF2m_simple_group_finish(EC_GROUP * group)
-{
-	BN_free(&group->field);
-	BN_free(&group->a);
-	BN_free(&group->b);
-}
-
-
-/* Clear and free a GF(2^m)-based EC_GROUP structure.
- * Note that all other members are handled by EC_GROUP_clear_free.
- */
-void 
-ec_GF2m_simple_group_clear_finish(EC_GROUP * group)
-{
-	BN_clear_free(&group->field);
-	BN_clear_free(&group->a);
-	BN_clear_free(&group->b);
-	group->poly[0] = 0;
-	group->poly[1] = 0;
-	group->poly[2] = 0;
-	group->poly[3] = 0;
-	group->poly[4] = 0;
-	group->poly[5] = -1;
-}
-
-
-/* Copy a GF(2^m)-based EC_GROUP structure.
- * Note that all other members are handled by EC_GROUP_copy.
- */
-int 
-ec_GF2m_simple_group_copy(EC_GROUP * dest, const EC_GROUP * src)
-{
-	int i;
-
-	if (!BN_copy(&dest->field, &src->field))
-		return 0;
-	if (!BN_copy(&dest->a, &src->a))
-		return 0;
-	if (!BN_copy(&dest->b, &src->b))
-		return 0;
-	dest->poly[0] = src->poly[0];
-	dest->poly[1] = src->poly[1];
-	dest->poly[2] = src->poly[2];
-	dest->poly[3] = src->poly[3];
-	dest->poly[4] = src->poly[4];
-	dest->poly[5] = src->poly[5];
-	if (bn_wexpand(&dest->a, (int) (dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
-		return 0;
-	if (bn_wexpand(&dest->b, (int) (dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
-		return 0;
-	for (i = dest->a.top; i < dest->a.dmax; i++)
-		dest->a.d[i] = 0;
-	for (i = dest->b.top; i < dest->b.dmax; i++)
-		dest->b.d[i] = 0;
-	return 1;
-}
-
-
-/* Set the curve parameters of an EC_GROUP structure. */
-int 
-ec_GF2m_simple_group_set_curve(EC_GROUP * group,
-    const BIGNUM * p, const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0, i;
-
-	/* group->field */
-	if (!BN_copy(&group->field, p))
-		goto err;
-	i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
-	if ((i != 5) && (i != 3)) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
-		goto err;
-	}
-	/* group->a */
-	if (!BN_GF2m_mod_arr(&group->a, a, group->poly))
-		goto err;
-	if (bn_wexpand(&group->a, (int) (group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
-		goto err;
-	for (i = group->a.top; i < group->a.dmax; i++)
-		group->a.d[i] = 0;
-
-	/* group->b */
-	if (!BN_GF2m_mod_arr(&group->b, b, group->poly))
-		goto err;
-	if (bn_wexpand(&group->b, (int) (group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL)
-		goto err;
-	for (i = group->b.top; i < group->b.dmax; i++)
-		group->b.d[i] = 0;
-
-	ret = 1;
-err:
-	return ret;
-}
-
-
-/* Get the curve parameters of an EC_GROUP structure.
- * If p, a, or b are NULL then there values will not be set but the method will return with success.
- */
-int 
-ec_GF2m_simple_group_get_curve(const EC_GROUP *group,
-    BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
-{
-	int ret = 0;
-
-	if (p != NULL) {
-		if (!BN_copy(p, &group->field))
-			return 0;
-	}
-	if (a != NULL) {
-		if (!BN_copy(a, &group->a))
-			goto err;
-	}
-	if (b != NULL) {
-		if (!BN_copy(b, &group->b))
-			goto err;
-	}
-	ret = 1;
-
-err:
-	return ret;
-}
-
-
-/* Gets the degree of the field.  For a curve over GF(2^m) this is the value m. */
-int 
-ec_GF2m_simple_group_get_degree(const EC_GROUP * group)
-{
-	return BN_num_bits(&group->field) - 1;
-}
-
-
-/* Checks the discriminant of the curve.
- * y^2 + x*y = x^3 + a*x^2 + b is an elliptic curve <=> b != 0 (mod p)
- */
-int 
-ec_GF2m_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	BIGNUM *b;
-	BN_CTX *new_ctx = NULL;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL) {
-			ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	BN_CTX_start(ctx);
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
-		goto err;
-
-	/*
-	 * check the discriminant: y^2 + x*y = x^3 + a*x^2 + b is an elliptic
-	 * curve <=> b != 0 (mod p)
-	 */
-	if (BN_is_zero(b))
-		goto err;
-
-	ret = 1;
-
-err:
-	if (ctx != NULL)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Initializes an EC_POINT. */
-int 
-ec_GF2m_simple_point_init(EC_POINT * point)
-{
-	BN_init(&point->X);
-	BN_init(&point->Y);
-	BN_init(&point->Z);
-	return 1;
-}
-
-
-/* Frees an EC_POINT. */
-void 
-ec_GF2m_simple_point_finish(EC_POINT * point)
-{
-	BN_free(&point->X);
-	BN_free(&point->Y);
-	BN_free(&point->Z);
-}
-
-
-/* Clears and frees an EC_POINT. */
-void 
-ec_GF2m_simple_point_clear_finish(EC_POINT * point)
-{
-	BN_clear_free(&point->X);
-	BN_clear_free(&point->Y);
-	BN_clear_free(&point->Z);
-	point->Z_is_one = 0;
-}
-
-
-/* Copy the contents of one EC_POINT into another.  Assumes dest is initialized. */
-int 
-ec_GF2m_simple_point_copy(EC_POINT * dest, const EC_POINT * src)
-{
-	if (!BN_copy(&dest->X, &src->X))
-		return 0;
-	if (!BN_copy(&dest->Y, &src->Y))
-		return 0;
-	if (!BN_copy(&dest->Z, &src->Z))
-		return 0;
-	dest->Z_is_one = src->Z_is_one;
-
-	return 1;
-}
-
-
-/* Set an EC_POINT to the point at infinity.
- * A point at infinity is represented by having Z=0.
- */
-int 
-ec_GF2m_simple_point_set_to_infinity(const EC_GROUP * group, EC_POINT * point)
-{
-	point->Z_is_one = 0;
-	BN_zero(&point->Z);
-	return 1;
-}
-
-
-/* Set the coordinates of an EC_POINT using affine coordinates.
- * Note that the simple implementation only uses affine coordinates.
- */
-int 
-ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP * group, EC_POINT * point,
-    const BIGNUM * x, const BIGNUM * y, BN_CTX * ctx)
-{
-	int ret = 0;
-	if (x == NULL || y == NULL) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if (!BN_copy(&point->X, x))
-		goto err;
-	BN_set_negative(&point->X, 0);
-	if (!BN_copy(&point->Y, y))
-		goto err;
-	BN_set_negative(&point->Y, 0);
-	if (!BN_copy(&point->Z, BN_value_one()))
-		goto err;
-	BN_set_negative(&point->Z, 0);
-	point->Z_is_one = 1;
-	ret = 1;
-
-err:
-	return ret;
-}
-
-
-/* Gets the affine coordinates of an EC_POINT.
- * Note that the simple implementation only uses affine coordinates.
- */
-int 
-ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group,
-    const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-{
-	int ret = 0;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES, EC_R_POINT_AT_INFINITY);
-		return 0;
-	}
-	if (BN_cmp(&point->Z, BN_value_one())) {
-		ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (x != NULL) {
-		if (!BN_copy(x, &point->X))
-			goto err;
-		BN_set_negative(x, 0);
-	}
-	if (y != NULL) {
-		if (!BN_copy(y, &point->Y))
-			goto err;
-		BN_set_negative(y, 0);
-	}
-	ret = 1;
-
-err:
-	return ret;
-}
-
-/* Computes a + b and stores the result in r.  r could be a or b, a could be b.
- * Uses algorithm A.10.2 of IEEE P1363.
- */
-int 
-ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-    const EC_POINT *b, BN_CTX *ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x0, *y0, *x1, *y1, *x2, *y2, *s, *t;
-	int ret = 0;
-
-	if (EC_POINT_is_at_infinity(group, a) > 0) {
-		if (!EC_POINT_copy(r, b))
-			return 0;
-		return 1;
-	}
-	if (EC_POINT_is_at_infinity(group, b) > 0) {
-		if (!EC_POINT_copy(r, a))
-			return 0;
-		return 1;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((x0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((x1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((x2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((s = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((t = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (a->Z_is_one) {
-		if (!BN_copy(x0, &a->X))
-			goto err;
-		if (!BN_copy(y0, &a->Y))
-			goto err;
-	} else {
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x0, y0, ctx))
-			goto err;
-	}
-	if (b->Z_is_one) {
-		if (!BN_copy(x1, &b->X))
-			goto err;
-		if (!BN_copy(y1, &b->Y))
-			goto err;
-	} else {
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, b, x1, y1, ctx))
-			goto err;
-	}
-
-
-	if (BN_GF2m_cmp(x0, x1)) {
-		if (!BN_GF2m_add(t, x0, x1))
-			goto err;
-		if (!BN_GF2m_add(s, y0, y1))
-			goto err;
-		if (!group->meth->field_div(group, s, s, t, ctx))
-			goto err;
-		if (!group->meth->field_sqr(group, x2, s, ctx))
-			goto err;
-		if (!BN_GF2m_add(x2, x2, &group->a))
-			goto err;
-		if (!BN_GF2m_add(x2, x2, s))
-			goto err;
-		if (!BN_GF2m_add(x2, x2, t))
-			goto err;
-	} else {
-		if (BN_GF2m_cmp(y0, y1) || BN_is_zero(x1)) {
-			if (!EC_POINT_set_to_infinity(group, r))
-				goto err;
-			ret = 1;
-			goto err;
-		}
-		if (!group->meth->field_div(group, s, y1, x1, ctx))
-			goto err;
-		if (!BN_GF2m_add(s, s, x1))
-			goto err;
-
-		if (!group->meth->field_sqr(group, x2, s, ctx))
-			goto err;
-		if (!BN_GF2m_add(x2, x2, s))
-			goto err;
-		if (!BN_GF2m_add(x2, x2, &group->a))
-			goto err;
-	}
-
-	if (!BN_GF2m_add(y2, x1, x2))
-		goto err;
-	if (!group->meth->field_mul(group, y2, y2, s, ctx))
-		goto err;
-	if (!BN_GF2m_add(y2, y2, x2))
-		goto err;
-	if (!BN_GF2m_add(y2, y2, y1))
-		goto err;
-
-	if (!EC_POINT_set_affine_coordinates_GF2m(group, r, x2, y2, ctx))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Computes 2 * a and stores the result in r.  r could be a.
- * Uses algorithm A.10.2 of IEEE P1363.
- */
-int 
-ec_GF2m_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-    BN_CTX *ctx)
-{
-	return ec_GF2m_simple_add(group, r, a, a, ctx);
-}
-
-int 
-ec_GF2m_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-{
-	if (EC_POINT_is_at_infinity(group, point) > 0 || BN_is_zero(&point->Y))
-		/* point is its own inverse */
-		return 1;
-
-	if (!EC_POINT_make_affine(group, point, ctx))
-		return 0;
-	return BN_GF2m_add(&point->Y, &point->X, &point->Y);
-}
-
-
-/* Indicates whether the given point is the point at infinity. */
-int 
-ec_GF2m_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-{
-	return BN_is_zero(&point->Z);
-}
-
-
-/* Determines whether the given EC_POINT is an actual point on the curve defined
- * in the EC_GROUP.  A point is valid if it satisfies the Weierstrass equation:
- *      y^2 + x*y = x^3 + a*x^2 + b.
- */
-int 
-ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx)
-{
-	int ret = -1;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *lh, *y2;
-	int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-
-	if (EC_POINT_is_at_infinity(group, point) > 0)
-		return 1;
-
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-
-	/* only support affine coordinates */
-	if (!point->Z_is_one)
-		return -1;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-	}
-	BN_CTX_start(ctx);
-	if ((y2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((lh = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * We have a curve defined by a Weierstrass equation y^2 + x*y = x^3
-	 * + a*x^2 + b. <=> x^3 + a*x^2 + x*y + b + y^2 = 0 <=> ((x + a) * x
-	 * + y ) * x + b + y^2 = 0
-	 */
-	if (!BN_GF2m_add(lh, &point->X, &group->a))
-		goto err;
-	if (!field_mul(group, lh, lh, &point->X, ctx))
-		goto err;
-	if (!BN_GF2m_add(lh, lh, &point->Y))
-		goto err;
-	if (!field_mul(group, lh, lh, &point->X, ctx))
-		goto err;
-	if (!BN_GF2m_add(lh, lh, &group->b))
-		goto err;
-	if (!field_sqr(group, y2, &point->Y, ctx))
-		goto err;
-	if (!BN_GF2m_add(lh, lh, y2))
-		goto err;
-	ret = BN_is_zero(lh);
-err:
-	if (ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Indicates whether two points are equal.
- * Return values:
- *  -1   error
- *   0   equal (in affine coordinates)
- *   1   not equal
- */
-int 
-ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
-    const EC_POINT *b, BN_CTX *ctx)
-{
-	BIGNUM *aX, *aY, *bX, *bY;
-	BN_CTX *new_ctx = NULL;
-	int ret = -1;
-
-	if (EC_POINT_is_at_infinity(group, a) > 0) {
-		return EC_POINT_is_at_infinity(group, b) > 0 ? 0 : 1;
-	}
-	if (EC_POINT_is_at_infinity(group, b) > 0)
-		return 1;
-
-	if (a->Z_is_one && b->Z_is_one) {
-		return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-	}
-	BN_CTX_start(ctx);
-	if ((aX = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((aY = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((bX = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((bY = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
-		goto err;
-	if (!EC_POINT_get_affine_coordinates_GF2m(group, b, bX, bY, ctx))
-		goto err;
-	ret = ((BN_cmp(aX, bX) == 0) && BN_cmp(aY, bY) == 0) ? 0 : 1;
-
-err:
-	if (ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Forces the given EC_POINT to internally use affine coordinates. */
-int 
-ec_GF2m_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	int ret = 0;
-
-	if (point->Z_is_one || EC_POINT_is_at_infinity(group, point) > 0)
-		return 1;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
-		goto err;
-	if (!BN_copy(&point->X, x))
-		goto err;
-	if (!BN_copy(&point->Y, y))
-		goto err;
-	if (!BN_one(&point->Z))
-		goto err;
-
-	ret = 1;
-
-err:
-	if (ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-/* Forces each of the EC_POINTs in the given array to use affine coordinates. */
-int 
-ec_GF2m_simple_points_make_affine(const EC_GROUP *group, size_t num,
-    EC_POINT *points[], BN_CTX *ctx)
-{
-	size_t i;
-
-	for (i = 0; i < num; i++) {
-		if (!group->meth->make_affine(group, points[i], ctx))
-			return 0;
-	}
-
-	return 1;
-}
-
-
-/* Wrapper to simple binary polynomial field multiplication implementation. */
-int 
-ec_GF2m_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *b, BN_CTX *ctx)
-{
-	return BN_GF2m_mod_mul_arr(r, a, b, group->poly, ctx);
-}
-
-
-/* Wrapper to simple binary polynomial field squaring implementation. */
-int 
-ec_GF2m_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    BN_CTX *ctx)
-{
-	return BN_GF2m_mod_sqr_arr(r, a, group->poly, ctx);
-}
-
-
-/* Wrapper to simple binary polynomial field division implementation. */
-int 
-ec_GF2m_simple_field_div(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *b, BN_CTX *ctx)
-{
-	return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec_ameth.c b/lib/libssl/src/crypto/ec/ec_ameth.c
deleted file mode 100644
index dd1c31883e1..00000000000
--- a/lib/libssl/src/crypto/ec/ec_ameth.c
+++ /dev/null
@@ -1,636 +0,0 @@
-/* $OpenBSD: ec_ameth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-
-#include "asn1_locl.h"
-
-static int 
-eckey_param2type(int *pptype, void **ppval, EC_KEY * ec_key)
-{
-	const EC_GROUP *group;
-	int nid;
-	if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
-		ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
-		return 0;
-	}
-	if (EC_GROUP_get_asn1_flag(group) &&
-	    (nid = EC_GROUP_get_curve_name(group))) {
-		/* we have a 'named curve' => just set the OID */
-		*ppval = OBJ_nid2obj(nid);
-		*pptype = V_ASN1_OBJECT;
-	} else {
-		/* explicit parameters */
-		ASN1_STRING *pstr = NULL;
-		pstr = ASN1_STRING_new();
-		if (!pstr)
-			return 0;
-		pstr->length = i2d_ECParameters(ec_key, &pstr->data);
-		if (pstr->length <= 0) {
-			ASN1_STRING_free(pstr);
-			ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
-			return 0;
-		}
-		*ppval = pstr;
-		*pptype = V_ASN1_SEQUENCE;
-	}
-	return 1;
-}
-
-static int 
-eckey_pub_encode(X509_PUBKEY * pk, const EVP_PKEY * pkey)
-{
-	EC_KEY *ec_key = pkey->pkey.ec;
-	void *pval = NULL;
-	int ptype;
-	unsigned char *penc = NULL, *p;
-	int penclen;
-
-	if (!eckey_param2type(&ptype, &pval, ec_key)) {
-		ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
-		return 0;
-	}
-	penclen = i2o_ECPublicKey(ec_key, NULL);
-	if (penclen <= 0)
-		goto err;
-	penc = malloc(penclen);
-	if (!penc)
-		goto err;
-	p = penc;
-	penclen = i2o_ECPublicKey(ec_key, &p);
-	if (penclen <= 0)
-		goto err;
-	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
-		ptype, pval, penc, penclen))
-		return 1;
-err:
-	if (ptype == V_ASN1_OBJECT)
-		ASN1_OBJECT_free(pval);
-	else
-		ASN1_STRING_free(pval);
-	free(penc);
-	return 0;
-}
-
-static EC_KEY *
-eckey_type2param(int ptype, void *pval)
-{
-	EC_KEY *eckey = NULL;
-
-	if (ptype == V_ASN1_SEQUENCE) {
-		ASN1_STRING *pstr = pval;
-		const unsigned char *pm = NULL;
-		int pmlen;
-
-		pm = pstr->data;
-		pmlen = pstr->length;
-		if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) {
-			ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
-			goto ecerr;
-		}
-	} else if (ptype == V_ASN1_OBJECT) {
-		ASN1_OBJECT *poid = pval;
-		EC_GROUP *group;
-
-		/*
-		 * type == V_ASN1_OBJECT => the parameters are given by an
-		 * asn1 OID
-		 */
-		if ((eckey = EC_KEY_new()) == NULL) {
-			ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
-			goto ecerr;
-		}
-		group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
-		if (group == NULL)
-			goto ecerr;
-		EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
-		if (EC_KEY_set_group(eckey, group) == 0)
-			goto ecerr;
-		EC_GROUP_free(group);
-	} else {
-		ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
-		goto ecerr;
-	}
-
-	return eckey;
-
-ecerr:
-	if (eckey)
-		EC_KEY_free(eckey);
-	return NULL;
-}
-
-static int 
-eckey_pub_decode(EVP_PKEY * pkey, X509_PUBKEY * pubkey)
-{
-	const unsigned char *p = NULL;
-	void *pval;
-	int ptype, pklen;
-	EC_KEY *eckey = NULL;
-	X509_ALGOR *palg;
-
-	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
-		return 0;
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-	eckey = eckey_type2param(ptype, pval);
-
-	if (!eckey) {
-		ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
-		return 0;
-	}
-	/* We have parameters now set public key */
-	if (!o2i_ECPublicKey(&eckey, &p, pklen)) {
-		ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
-		goto ecerr;
-	}
-	EVP_PKEY_assign_EC_KEY(pkey, eckey);
-	return 1;
-
-ecerr:
-	if (eckey)
-		EC_KEY_free(eckey);
-	return 0;
-}
-
-static int 
-eckey_pub_cmp(const EVP_PKEY * a, const EVP_PKEY * b)
-{
-	int r;
-	const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
-	const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), *pb = EC_KEY_get0_public_key(b->pkey.ec);
-
-	r = EC_POINT_cmp(group, pa, pb, NULL);
-	if (r == 0)
-		return 1;
-	if (r == 1)
-		return 0;
-	return -2;
-}
-
-static int 
-eckey_priv_decode(EVP_PKEY * pkey, PKCS8_PRIV_KEY_INFO * p8)
-{
-	const unsigned char *p = NULL;
-	void *pval;
-	int ptype, pklen;
-	EC_KEY *eckey = NULL;
-	X509_ALGOR *palg;
-
-	if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
-		return 0;
-	X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
-	eckey = eckey_type2param(ptype, pval);
-
-	if (!eckey)
-		goto ecliberr;
-
-	/* We have parameters now set private key */
-	if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
-		ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
-		goto ecerr;
-	}
-	/* calculate public key (if necessary) */
-	if (EC_KEY_get0_public_key(eckey) == NULL) {
-		const BIGNUM *priv_key;
-		const EC_GROUP *group;
-		EC_POINT *pub_key;
-		/*
-		 * the public key was not included in the SEC1 private key =>
-		 * calculate the public key
-		 */
-		group = EC_KEY_get0_group(eckey);
-		pub_key = EC_POINT_new(group);
-		if (pub_key == NULL) {
-			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-			goto ecliberr;
-		}
-		if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
-			EC_POINT_free(pub_key);
-			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-			goto ecliberr;
-		}
-		priv_key = EC_KEY_get0_private_key(eckey);
-		if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) {
-			EC_POINT_free(pub_key);
-			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-			goto ecliberr;
-		}
-		if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
-			EC_POINT_free(pub_key);
-			ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-			goto ecliberr;
-		}
-		EC_POINT_free(pub_key);
-	}
-	EVP_PKEY_assign_EC_KEY(pkey, eckey);
-	return 1;
-
-ecliberr:
-	ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
-ecerr:
-	if (eckey)
-		EC_KEY_free(eckey);
-	return 0;
-}
-
-static int 
-eckey_priv_encode(PKCS8_PRIV_KEY_INFO * p8, const EVP_PKEY * pkey)
-{
-	EC_KEY *ec_key;
-	unsigned char *ep, *p;
-	int eplen, ptype;
-	void *pval;
-	unsigned int tmp_flags, old_flags;
-
-	ec_key = pkey->pkey.ec;
-
-	if (!eckey_param2type(&ptype, &pval, ec_key)) {
-		ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
-		return 0;
-	}
-	/* set the private key */
-
-	/*
-	 * do not include the parameters in the SEC1 private key see PKCS#11
-	 * 12.11
-	 */
-	old_flags = EC_KEY_get_enc_flags(ec_key);
-	tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
-	EC_KEY_set_enc_flags(ec_key, tmp_flags);
-	eplen = i2d_ECPrivateKey(ec_key, NULL);
-	if (!eplen) {
-		EC_KEY_set_enc_flags(ec_key, old_flags);
-		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
-		return 0;
-	}
-	ep = malloc(eplen);
-	if (!ep) {
-		EC_KEY_set_enc_flags(ec_key, old_flags);
-		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p = ep;
-	if (!i2d_ECPrivateKey(ec_key, &p)) {
-		EC_KEY_set_enc_flags(ec_key, old_flags);
-		free(ep);
-		ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
-		return 0;
-	}
-	/* restore old encoding flags */
-	EC_KEY_set_enc_flags(ec_key, old_flags);
-
-	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
-		ptype, pval, ep, eplen))
-		return 0;
-
-	return 1;
-}
-
-static int 
-int_ec_size(const EVP_PKEY * pkey)
-{
-	return ECDSA_size(pkey->pkey.ec);
-}
-
-static int 
-ec_bits(const EVP_PKEY * pkey)
-{
-	BIGNUM *order = BN_new();
-	const EC_GROUP *group;
-	int ret;
-
-	if (!order) {
-		ERR_clear_error();
-		return 0;
-	}
-	group = EC_KEY_get0_group(pkey->pkey.ec);
-	if (!EC_GROUP_get_order(group, order, NULL)) {
-		BN_free(order);
-		ERR_clear_error();
-		return 0;
-	}
-	ret = BN_num_bits(order);
-	BN_free(order);
-	return ret;
-}
-
-static int 
-ec_missing_parameters(const EVP_PKEY * pkey)
-{
-	if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
-		return 1;
-	return 0;
-}
-
-static int 
-ec_copy_parameters(EVP_PKEY * to, const EVP_PKEY * from)
-{
-	return EC_KEY_set_group(to->pkey.ec, EC_KEY_get0_group(from->pkey.ec));
-}
-
-static int 
-ec_cmp_parameters(const EVP_PKEY * a, const EVP_PKEY * b)
-{
-	const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), *group_b = EC_KEY_get0_group(b->pkey.ec);
-	if (EC_GROUP_cmp(group_a, group_b, NULL))
-		return 0;
-	else
-		return 1;
-}
-
-static void 
-int_ec_free(EVP_PKEY * pkey)
-{
-	EC_KEY_free(pkey->pkey.ec);
-}
-
-static int 
-do_EC_KEY_print(BIO * bp, const EC_KEY * x, int off, int ktype)
-{
-	unsigned char *buffer = NULL;
-	const char *ecstr;
-	size_t buf_len = 0, i;
-	int ret = 0, reason = ERR_R_BIO_LIB;
-	BIGNUM *pub_key = NULL, *order = NULL;
-	BN_CTX *ctx = NULL;
-	const EC_GROUP *group;
-	const EC_POINT *public_key;
-	const BIGNUM *priv_key;
-
-	if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-	}
-	ctx = BN_CTX_new();
-	if (ctx == NULL) {
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-	if (ktype > 0) {
-		public_key = EC_KEY_get0_public_key(x);
-		if ((pub_key = EC_POINT_point2bn(group, public_key,
-			    EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) {
-			reason = ERR_R_EC_LIB;
-			goto err;
-		}
-		if (pub_key)
-			buf_len = (size_t) BN_num_bytes(pub_key);
-	}
-	if (ktype == 2) {
-		priv_key = EC_KEY_get0_private_key(x);
-		if (priv_key && (i = (size_t) BN_num_bytes(priv_key)) > buf_len)
-			buf_len = i;
-	} else
-		priv_key = NULL;
-
-	if (ktype > 0) {
-		buf_len += 10;
-		if ((buffer = malloc(buf_len)) == NULL) {
-			reason = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-	}
-	if (ktype == 2)
-		ecstr = "Private-Key";
-	else if (ktype == 1)
-		ecstr = "Public-Key";
-	else
-		ecstr = "ECDSA-Parameters";
-
-	if (!BIO_indent(bp, off, 128))
-		goto err;
-	if ((order = BN_new()) == NULL)
-		goto err;
-	if (!EC_GROUP_get_order(group, order, NULL))
-		goto err;
-	if (BIO_printf(bp, "%s: (%d bit)\n", ecstr,
-		BN_num_bits(order)) <= 0)
-		goto err;
-
-	if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
-		buffer, off))
-		goto err;
-	if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
-		buffer, off))
-		goto err;
-	if (!ECPKParameters_print(bp, group, off))
-		goto err;
-	ret = 1;
-err:
-	if (!ret)
-		ECerr(EC_F_DO_EC_KEY_PRINT, reason);
-	BN_free(pub_key);
-	BN_free(order);
-	BN_CTX_free(ctx);
-	free(buffer);
-	return (ret);
-}
-
-static int 
-eckey_param_decode(EVP_PKEY * pkey,
-    const unsigned char **pder, int derlen)
-{
-	EC_KEY *eckey;
-	if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) {
-		ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
-		return 0;
-	}
-	EVP_PKEY_assign_EC_KEY(pkey, eckey);
-	return 1;
-}
-
-static int 
-eckey_param_encode(const EVP_PKEY * pkey, unsigned char **pder)
-{
-	return i2d_ECParameters(pkey->pkey.ec, pder);
-}
-
-static int 
-eckey_param_print(BIO * bp, const EVP_PKEY * pkey, int indent,
-    ASN1_PCTX * ctx)
-{
-	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
-}
-
-static int 
-eckey_pub_print(BIO * bp, const EVP_PKEY * pkey, int indent,
-    ASN1_PCTX * ctx)
-{
-	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
-}
-
-
-static int 
-eckey_priv_print(BIO * bp, const EVP_PKEY * pkey, int indent,
-    ASN1_PCTX * ctx)
-{
-	return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
-}
-
-static int 
-old_ec_priv_decode(EVP_PKEY * pkey,
-    const unsigned char **pder, int derlen)
-{
-	EC_KEY *ec;
-	if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) {
-		ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
-		return 0;
-	}
-	EVP_PKEY_assign_EC_KEY(pkey, ec);
-	return 1;
-}
-
-static int 
-old_ec_priv_encode(const EVP_PKEY * pkey, unsigned char **pder)
-{
-	return i2d_ECPrivateKey(pkey->pkey.ec, pder);
-}
-
-static int 
-ec_pkey_ctrl(EVP_PKEY * pkey, int op, long arg1, void *arg2)
-{
-	switch (op) {
-	case ASN1_PKEY_CTRL_PKCS7_SIGN:
-		if (arg1 == 0) {
-			int snid, hnid;
-			X509_ALGOR *alg1, *alg2;
-			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
-			if (alg1 == NULL || alg1->algorithm == NULL)
-				return -1;
-			hnid = OBJ_obj2nid(alg1->algorithm);
-			if (hnid == NID_undef)
-				return -1;
-			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-				return -1;
-			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-		}
-		return 1;
-#ifndef OPENSSL_NO_CMS
-	case ASN1_PKEY_CTRL_CMS_SIGN:
-		if (arg1 == 0) {
-			int snid, hnid;
-			X509_ALGOR *alg1, *alg2;
-			CMS_SignerInfo_get0_algs(arg2, NULL, NULL,
-			    &alg1, &alg2);
-			if (alg1 == NULL || alg1->algorithm == NULL)
-				return -1;
-			hnid = OBJ_obj2nid(alg1->algorithm);
-			if (hnid == NID_undef)
-				return -1;
-			if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
-				return -1;
-			X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
-		}
-		return 1;
-#endif
-
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *) arg2 = NID_sha1;
-		return 2;
-
-	default:
-		return -2;
-
-	}
-
-}
-
-const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
-	.pkey_id = EVP_PKEY_EC,
-	.pkey_base_id = EVP_PKEY_EC,
-
-	.pem_str = "EC",
-	.info = "OpenSSL EC algorithm",
-
-	.pub_decode = eckey_pub_decode,
-	.pub_encode = eckey_pub_encode,
-	.pub_cmp = eckey_pub_cmp,
-	.pub_print = eckey_pub_print,
-
-	.priv_decode = eckey_priv_decode,
-	.priv_encode = eckey_priv_encode,
-	.priv_print = eckey_priv_print,
-
-	.pkey_size = int_ec_size,
-	.pkey_bits = ec_bits,
-
-	.param_decode = eckey_param_decode,
-	.param_encode = eckey_param_encode,
-	.param_missing = ec_missing_parameters,
-	.param_copy = ec_copy_parameters,
-	.param_cmp = ec_cmp_parameters,
-	.param_print = eckey_param_print,
-
-	.pkey_free = int_ec_free,
-	.pkey_ctrl = ec_pkey_ctrl,
-	.old_priv_decode = old_ec_priv_decode,
-	.old_priv_encode = old_ec_priv_encode
-};
diff --git a/lib/libssl/src/crypto/ec/ec_asn1.c b/lib/libssl/src/crypto/ec/ec_asn1.c
deleted file mode 100644
index 3234e7a6f2b..00000000000
--- a/lib/libssl/src/crypto/ec/ec_asn1.c
+++ /dev/null
@@ -1,1618 +0,0 @@
-/* $OpenBSD: ec_asn1.c,v 1.22 2016/03/20 16:50:29 krw Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "ec_lcl.h"
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-#include <openssl/objects.h>
-
-int 
-EC_GROUP_get_basis_type(const EC_GROUP * group)
-{
-	int i = 0;
-
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-	    NID_X9_62_characteristic_two_field)
-		/* everything else is currently not supported */
-		return 0;
-
-	while (group->poly[i] != 0)
-		i++;
-
-	if (i == 4)
-		return NID_X9_62_ppBasis;
-	else if (i == 2)
-		return NID_X9_62_tpBasis;
-	else
-		/* everything else is currently not supported */
-		return 0;
-}
-#ifndef OPENSSL_NO_EC2M
-int 
-EC_GROUP_get_trinomial_basis(const EC_GROUP * group, unsigned int *k)
-{
-	if (group == NULL)
-		return 0;
-
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-	    NID_X9_62_characteristic_two_field
-	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) {
-		ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (k)
-		*k = group->poly[1];
-
-	return 1;
-}
-int 
-EC_GROUP_get_pentanomial_basis(const EC_GROUP * group, unsigned int *k1,
-    unsigned int *k2, unsigned int *k3)
-{
-	if (group == NULL)
-		return 0;
-
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
-	    NID_X9_62_characteristic_two_field
-	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) {
-		ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (k1)
-		*k1 = group->poly[3];
-	if (k2)
-		*k2 = group->poly[2];
-	if (k3)
-		*k3 = group->poly[1];
-
-	return 1;
-}
-#endif
-
-
-/* some structures needed for the asn1 encoding */
-typedef struct x9_62_pentanomial_st {
-	long k1;
-	long k2;
-	long k3;
-} X9_62_PENTANOMIAL;
-
-typedef struct x9_62_characteristic_two_st {
-	long m;
-	ASN1_OBJECT *type;
-	union {
-		char *ptr;
-		/* NID_X9_62_onBasis */
-		ASN1_NULL *onBasis;
-		/* NID_X9_62_tpBasis */
-		ASN1_INTEGER *tpBasis;
-		/* NID_X9_62_ppBasis */
-		X9_62_PENTANOMIAL *ppBasis;
-		/* anything else */
-		ASN1_TYPE *other;
-	} p;
-} X9_62_CHARACTERISTIC_TWO;
-
-typedef struct x9_62_fieldid_st {
-	ASN1_OBJECT *fieldType;
-	union {
-		char *ptr;
-		/* NID_X9_62_prime_field */
-		ASN1_INTEGER *prime;
-		/* NID_X9_62_characteristic_two_field */
-		X9_62_CHARACTERISTIC_TWO *char_two;
-		/* anything else */
-		ASN1_TYPE *other;
-	} p;
-} X9_62_FIELDID;
-
-typedef struct x9_62_curve_st {
-	ASN1_OCTET_STRING *a;
-	ASN1_OCTET_STRING *b;
-	ASN1_BIT_STRING *seed;
-} X9_62_CURVE;
-
-typedef struct ec_parameters_st {
-	long version;
-	X9_62_FIELDID *fieldID;
-	X9_62_CURVE *curve;
-	ASN1_OCTET_STRING *base;
-	ASN1_INTEGER *order;
-	ASN1_INTEGER *cofactor;
-} ECPARAMETERS;
-
-struct ecpk_parameters_st {
-	int type;
-	union {
-		ASN1_OBJECT *named_curve;
-		ECPARAMETERS *parameters;
-		ASN1_NULL *implicitlyCA;
-	} value;
-} /* ECPKPARAMETERS */ ;
-
-/* SEC1 ECPrivateKey */
-typedef struct ec_privatekey_st {
-	long version;
-	ASN1_OCTET_STRING *privateKey;
-	ECPKPARAMETERS *parameters;
-	ASN1_BIT_STRING *publicKey;
-} EC_PRIVATEKEY;
-
-/* the OpenSSL ASN.1 definitions */
-static const ASN1_TEMPLATE X9_62_PENTANOMIAL_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_PENTANOMIAL, k1),
-		.field_name = "k1",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_PENTANOMIAL, k2),
-		.field_name = "k2",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_PENTANOMIAL, k3),
-		.field_name = "k3",
-		.item = &LONG_it,
-	},
-};
-
-const ASN1_ITEM X9_62_PENTANOMIAL_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X9_62_PENTANOMIAL_seq_tt,
-	.tcount = sizeof(X9_62_PENTANOMIAL_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X9_62_PENTANOMIAL),
-	.sname = "X9_62_PENTANOMIAL",
-};
-
-X9_62_PENTANOMIAL *X9_62_PENTANOMIAL_new(void);
-void X9_62_PENTANOMIAL_free(X9_62_PENTANOMIAL *a);
-
-X9_62_PENTANOMIAL *
-X9_62_PENTANOMIAL_new(void)
-{
-	return (X9_62_PENTANOMIAL*)ASN1_item_new(&X9_62_PENTANOMIAL_it);
-}
-
-void
-X9_62_PENTANOMIAL_free(X9_62_PENTANOMIAL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X9_62_PENTANOMIAL_it);
-}
-
-static const ASN1_TEMPLATE char_two_def_tt = {
-	.flags = 0,
-	.tag = 0,
-	.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.other),
-	.field_name = "p.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE X9_62_CHARACTERISTIC_TWO_adbtbl[] = {
-	{
-		.value = NID_X9_62_onBasis,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.onBasis),
-			.field_name = "p.onBasis",
-			.item = &ASN1_NULL_it,
-		},
-	
-	},
-	{
-		.value = NID_X9_62_tpBasis,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.tpBasis),
-			.field_name = "p.tpBasis",
-			.item = &ASN1_INTEGER_it,
-		},
-	
-	},
-	{
-		.value = NID_X9_62_ppBasis,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.ppBasis),
-			.field_name = "p.ppBasis",
-			.item = &X9_62_PENTANOMIAL_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB X9_62_CHARACTERISTIC_TWO_adb = {
-	.flags = 0,
-	.offset = offsetof(X9_62_CHARACTERISTIC_TWO, type),
-	.app_items = 0,
-	.tbl = X9_62_CHARACTERISTIC_TWO_adbtbl,
-	.tblcount = sizeof(X9_62_CHARACTERISTIC_TWO_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &char_two_def_tt,
-	.null_tt = NULL,
-};
-
-static const ASN1_TEMPLATE X9_62_CHARACTERISTIC_TWO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_CHARACTERISTIC_TWO, m),
-		.field_name = "m",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_CHARACTERISTIC_TWO, type),
-		.field_name = "type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "X9_62_CHARACTERISTIC_TWO",
-		.item = (const ASN1_ITEM *)&X9_62_CHARACTERISTIC_TWO_adb,
-	},
-};
-
-const ASN1_ITEM X9_62_CHARACTERISTIC_TWO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X9_62_CHARACTERISTIC_TWO_seq_tt,
-	.tcount = sizeof(X9_62_CHARACTERISTIC_TWO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X9_62_CHARACTERISTIC_TWO),
-	.sname = "X9_62_CHARACTERISTIC_TWO",
-};
-X9_62_CHARACTERISTIC_TWO *X9_62_CHARACTERISTIC_TWO_new(void);
-void X9_62_CHARACTERISTIC_TWO_free(X9_62_CHARACTERISTIC_TWO *a);
-
-X9_62_CHARACTERISTIC_TWO *
-X9_62_CHARACTERISTIC_TWO_new(void)
-{
-	return (X9_62_CHARACTERISTIC_TWO*)ASN1_item_new(&X9_62_CHARACTERISTIC_TWO_it);
-}
-
-void
-X9_62_CHARACTERISTIC_TWO_free(X9_62_CHARACTERISTIC_TWO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &X9_62_CHARACTERISTIC_TWO_it);
-}
-static const ASN1_TEMPLATE fieldID_def_tt = {
-	.flags = 0,
-	.tag = 0,
-	.offset = offsetof(X9_62_FIELDID, p.other),
-	.field_name = "p.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE X9_62_FIELDID_adbtbl[] = {
-	{
-		.value = NID_X9_62_prime_field,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(X9_62_FIELDID, p.prime),
-			.field_name = "p.prime",
-			.item = &ASN1_INTEGER_it,
-		},
-	
-	},
-	{
-		.value = NID_X9_62_characteristic_two_field,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(X9_62_FIELDID, p.char_two),
-			.field_name = "p.char_two",
-			.item = &X9_62_CHARACTERISTIC_TWO_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB X9_62_FIELDID_adb = {
-	.flags = 0,
-	.offset = offsetof(X9_62_FIELDID, fieldType),
-	.app_items = 0,
-	.tbl = X9_62_FIELDID_adbtbl,
-	.tblcount = sizeof(X9_62_FIELDID_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &fieldID_def_tt,
-	.null_tt = NULL,
-};
-
-static const ASN1_TEMPLATE X9_62_FIELDID_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_FIELDID, fieldType),
-		.field_name = "fieldType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "X9_62_FIELDID",
-		.item = (const ASN1_ITEM *)&X9_62_FIELDID_adb,
-	},
-};
-
-const ASN1_ITEM X9_62_FIELDID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X9_62_FIELDID_seq_tt,
-	.tcount = sizeof(X9_62_FIELDID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X9_62_FIELDID),
-	.sname = "X9_62_FIELDID",
-};
-
-static const ASN1_TEMPLATE X9_62_CURVE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_CURVE, a),
-		.field_name = "a",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(X9_62_CURVE, b),
-		.field_name = "b",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(X9_62_CURVE, seed),
-		.field_name = "seed",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM X9_62_CURVE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = X9_62_CURVE_seq_tt,
-	.tcount = sizeof(X9_62_CURVE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(X9_62_CURVE),
-	.sname = "X9_62_CURVE",
-};
-
-static const ASN1_TEMPLATE ECPARAMETERS_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, fieldID),
-		.field_name = "fieldID",
-		.item = &X9_62_FIELDID_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, curve),
-		.field_name = "curve",
-		.item = &X9_62_CURVE_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, base),
-		.field_name = "base",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, order),
-		.field_name = "order",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(ECPARAMETERS, cofactor),
-		.field_name = "cofactor",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM ECPARAMETERS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ECPARAMETERS_seq_tt,
-	.tcount = sizeof(ECPARAMETERS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ECPARAMETERS),
-	.sname = "ECPARAMETERS",
-};
-ECPARAMETERS *ECPARAMETERS_new(void);
-void ECPARAMETERS_free(ECPARAMETERS *a);
-
-ECPARAMETERS *
-ECPARAMETERS_new(void)
-{
-	return (ECPARAMETERS*)ASN1_item_new(&ECPARAMETERS_it);
-}
-
-void
-ECPARAMETERS_free(ECPARAMETERS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ECPARAMETERS_it);
-}
-
-static const ASN1_TEMPLATE ECPKPARAMETERS_ch_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPKPARAMETERS, value.named_curve),
-		.field_name = "value.named_curve",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPKPARAMETERS, value.parameters),
-		.field_name = "value.parameters",
-		.item = &ECPARAMETERS_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECPKPARAMETERS, value.implicitlyCA),
-		.field_name = "value.implicitlyCA",
-		.item = &ASN1_NULL_it,
-	},
-};
-
-const ASN1_ITEM ECPKPARAMETERS_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(ECPKPARAMETERS, type),
-	.templates = ECPKPARAMETERS_ch_tt,
-	.tcount = sizeof(ECPKPARAMETERS_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ECPKPARAMETERS),
-	.sname = "ECPKPARAMETERS",
-};
-
-ECPKPARAMETERS *ECPKPARAMETERS_new(void);
-void ECPKPARAMETERS_free(ECPKPARAMETERS *a);
-ECPKPARAMETERS *d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len);
-int i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out);
-
-ECPKPARAMETERS *
-d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len)
-{
-	return (ECPKPARAMETERS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ECPKPARAMETERS_it);
-}
-
-int
-i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECPKPARAMETERS_it);
-}
-
-ECPKPARAMETERS *
-ECPKPARAMETERS_new(void)
-{
-	return (ECPKPARAMETERS *)ASN1_item_new(&ECPKPARAMETERS_it);
-}
-
-void
-ECPKPARAMETERS_free(ECPKPARAMETERS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ECPKPARAMETERS_it);
-}
-
-static const ASN1_TEMPLATE EC_PRIVATEKEY_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(EC_PRIVATEKEY, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(EC_PRIVATEKEY, privateKey),
-		.field_name = "privateKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(EC_PRIVATEKEY, parameters),
-		.field_name = "parameters",
-		.item = &ECPKPARAMETERS_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(EC_PRIVATEKEY, publicKey),
-		.field_name = "publicKey",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM EC_PRIVATEKEY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = EC_PRIVATEKEY_seq_tt,
-	.tcount = sizeof(EC_PRIVATEKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(EC_PRIVATEKEY),
-	.sname = "EC_PRIVATEKEY",
-};
-
-EC_PRIVATEKEY *EC_PRIVATEKEY_new(void);
-void EC_PRIVATEKEY_free(EC_PRIVATEKEY *a);
-EC_PRIVATEKEY *d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len);
-int i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out);
-
-EC_PRIVATEKEY *
-d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len)
-{
-	return (EC_PRIVATEKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &EC_PRIVATEKEY_it);
-}
-
-int
-i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &EC_PRIVATEKEY_it);
-}
-
-EC_PRIVATEKEY *
-EC_PRIVATEKEY_new(void)
-{
-	return (EC_PRIVATEKEY *)ASN1_item_new(&EC_PRIVATEKEY_it);
-}
-
-void
-EC_PRIVATEKEY_free(EC_PRIVATEKEY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &EC_PRIVATEKEY_it);
-}
-/* some declarations of internal function */
-
-/* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
-static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
-/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
-static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
-/* ec_asn1_parameters2group() creates a EC_GROUP object from a
- * ECPARAMETERS object */
-static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
-/* ec_asn1_group2parameters() creates a ECPARAMETERS object from a
- * EC_GROUP object */
-static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *, ECPARAMETERS *);
-/* ec_asn1_pkparameters2group() creates a EC_GROUP object from a
- * ECPKPARAMETERS object */
-static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
-/* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
- * EC_GROUP object */
-static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
-    ECPKPARAMETERS *);
-
-
-/* the function definitions */
-
-static int
-ec_asn1_group2fieldid(const EC_GROUP * group, X9_62_FIELDID * field)
-{
-	int ok = 0, nid;
-	BIGNUM *tmp = NULL;
-
-	if (group == NULL || field == NULL)
-		return 0;
-
-	/* clear the old values (if necessary) */
-	if (field->fieldType != NULL)
-		ASN1_OBJECT_free(field->fieldType);
-	if (field->p.other != NULL)
-		ASN1_TYPE_free(field->p.other);
-
-	nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
-	/* set OID for the field */
-	if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
-		goto err;
-	}
-	if (nid == NID_X9_62_prime_field) {
-		if ((tmp = BN_new()) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/* the parameters are specified by the prime number p */
-		if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
-			goto err;
-		}
-		/* set the prime number */
-		field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL);
-		if (field->p.prime == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
-			goto err;
-		}
-	} else			/* nid == NID_X9_62_characteristic_two_field */
-#ifdef OPENSSL_NO_EC2M
-	{
-		ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
-		goto err;
-	}
-#else
-	{
-		int field_type;
-		X9_62_CHARACTERISTIC_TWO *char_two;
-
-		field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
-		char_two = field->p.char_two;
-
-		if (char_two == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		char_two->m = (long) EC_GROUP_get_degree(group);
-
-		field_type = EC_GROUP_get_basis_type(group);
-
-		if (field_type == 0) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
-			goto err;
-		}
-		/* set base type OID */
-		if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
-			goto err;
-		}
-		if (field_type == NID_X9_62_tpBasis) {
-			unsigned int k;
-
-			if (!EC_GROUP_get_trinomial_basis(group, &k))
-				goto err;
-
-			char_two->p.tpBasis = ASN1_INTEGER_new();
-			if (!char_two->p.tpBasis) {
-				ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long) k)) {
-				ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
-				    ERR_R_ASN1_LIB);
-				goto err;
-			}
-		} else if (field_type == NID_X9_62_ppBasis) {
-			unsigned int k1, k2, k3;
-
-			if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
-				goto err;
-
-			char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
-			if (!char_two->p.ppBasis) {
-				ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			/* set k? values */
-			char_two->p.ppBasis->k1 = (long) k1;
-			char_two->p.ppBasis->k2 = (long) k2;
-			char_two->p.ppBasis->k3 = (long) k3;
-		} else {	/* field_type == NID_X9_62_onBasis */
-			/* for ONB the parameters are (asn1) NULL */
-			char_two->p.onBasis = ASN1_NULL_new();
-			if (!char_two->p.onBasis) {
-				ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-	}
-#endif
-
-	ok = 1;
-
-err:
-	BN_free(tmp);
-	return (ok);
-}
-
-static int 
-ec_asn1_group2curve(const EC_GROUP * group, X9_62_CURVE * curve)
-{
-	int ok = 0, nid;
-	BIGNUM *tmp_1 = NULL, *tmp_2 = NULL;
-	unsigned char *buffer_1 = NULL, *buffer_2 = NULL, *a_buf = NULL,
-	*b_buf = NULL;
-	size_t len_1, len_2;
-	unsigned char char_zero = 0;
-
-	if (!group || !curve || !curve->a || !curve->b)
-		return 0;
-
-	if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
-
-	/* get a and b */
-	if (nid == NID_X9_62_prime_field) {
-		if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#ifndef OPENSSL_NO_EC2M
-	else {			/* nid == NID_X9_62_characteristic_two_field */
-		if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#endif
-	len_1 = (size_t) BN_num_bytes(tmp_1);
-	len_2 = (size_t) BN_num_bytes(tmp_2);
-
-	if (len_1 == 0) {
-		/* len_1 == 0 => a == 0 */
-		a_buf = &char_zero;
-		len_1 = 1;
-	} else {
-		if ((buffer_1 = malloc(len_1)) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
-			goto err;
-		}
-		a_buf = buffer_1;
-	}
-
-	if (len_2 == 0) {
-		/* len_2 == 0 => b == 0 */
-		b_buf = &char_zero;
-		len_2 = 1;
-	} else {
-		if ((buffer_2 = malloc(len_2)) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
-			goto err;
-		}
-		b_buf = buffer_2;
-	}
-
-	/* set a and b */
-	if (!ASN1_STRING_set(curve->a, a_buf, len_1) ||
-	    !ASN1_STRING_set(curve->b, b_buf, len_2)) {
-		ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	/* set the seed (optional) */
-	if (group->seed) {
-		if (!curve->seed)
-			if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) {
-				ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-		curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-		if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
-			(int) group->seed_len)) {
-			ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
-			goto err;
-		}
-	} else {
-		if (curve->seed) {
-			ASN1_BIT_STRING_free(curve->seed);
-			curve->seed = NULL;
-		}
-	}
-
-	ok = 1;
-
-err:
-	free(buffer_1);
-	free(buffer_2);
-	BN_free(tmp_1);
-	BN_free(tmp_2);
-	return (ok);
-}
-
-static ECPARAMETERS *
-ec_asn1_group2parameters(const EC_GROUP * group, ECPARAMETERS * param)
-{
-	int ok = 0;
-	size_t len = 0;
-	ECPARAMETERS *ret = NULL;
-	BIGNUM *tmp = NULL;
-	unsigned char *buffer = NULL;
-	const EC_POINT *point = NULL;
-	point_conversion_form_t form;
-
-	if ((tmp = BN_new()) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (param == NULL) {
-		if ((ret = ECPARAMETERS_new()) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	} else
-		ret = param;
-
-	/* set the version (always one) */
-	ret->version = (long) 0x1;
-
-	/* set the fieldID */
-	if (!ec_asn1_group2fieldid(group, ret->fieldID)) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-		goto err;
-	}
-	/* set the curve */
-	if (!ec_asn1_group2curve(group, ret->curve)) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-		goto err;
-	}
-	/* set the base point */
-	if ((point = EC_GROUP_get0_generator(group)) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
-		goto err;
-	}
-	form = EC_GROUP_get_point_conversion_form(group);
-
-	len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
-	if (len == 0) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-		goto err;
-	}
-	if ((buffer = malloc(len)) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	/* set the order */
-	if (!EC_GROUP_get_order(group, tmp, NULL)) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
-		goto err;
-	}
-	ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
-	if (ret->order == NULL) {
-		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	/* set the cofactor (optional) */
-	if (EC_GROUP_get_cofactor(group, tmp, NULL)) {
-		ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
-		if (ret->cofactor == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
-			goto err;
-		}
-	}
-	ok = 1;
-
-err:	if (!ok) {
-		if (ret && !param)
-			ECPARAMETERS_free(ret);
-		ret = NULL;
-	}
-	BN_free(tmp);
-	free(buffer);
-	return (ret);
-}
-
-ECPKPARAMETERS *
-ec_asn1_group2pkparameters(const EC_GROUP * group, ECPKPARAMETERS * params)
-{
-	int ok = 1, tmp;
-	ECPKPARAMETERS *ret = params;
-
-	if (ret == NULL) {
-		if ((ret = ECPKPARAMETERS_new()) == NULL) {
-			ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	} else {
-		if (ret->type == 0 && ret->value.named_curve)
-			ASN1_OBJECT_free(ret->value.named_curve);
-		else if (ret->type == 1 && ret->value.parameters)
-			ECPARAMETERS_free(ret->value.parameters);
-	}
-
-	if (EC_GROUP_get_asn1_flag(group)) {
-		/*
-		 * use the asn1 OID to describe the elliptic curve
-		 * parameters
-		 */
-		tmp = EC_GROUP_get_curve_name(group);
-		if (tmp) {
-			ret->type = 0;
-			if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
-				ok = 0;
-		} else
-			/* we don't kmow the nid => ERROR */
-			ok = 0;
-	} else {
-		/* use the ECPARAMETERS structure */
-		ret->type = 1;
-		if ((ret->value.parameters = ec_asn1_group2parameters(
-			    group, NULL)) == NULL)
-			ok = 0;
-	}
-
-	if (!ok) {
-		ECPKPARAMETERS_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-static EC_GROUP *
-ec_asn1_parameters2group(const ECPARAMETERS * params)
-{
-	int ok = 0, tmp;
-	EC_GROUP *ret = NULL;
-	BIGNUM *p = NULL, *a = NULL, *b = NULL;
-	EC_POINT *point = NULL;
-	long field_bits;
-
-	if (!params->fieldID || !params->fieldID->fieldType ||
-	    !params->fieldID->p.ptr) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-		goto err;
-	}
-	/* now extract the curve parameters a and b */
-	if (!params->curve || !params->curve->a ||
-	    !params->curve->a->data || !params->curve->b ||
-	    !params->curve->b->data) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-		goto err;
-	}
-	a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
-	if (a == NULL) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
-		goto err;
-	}
-	b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
-	if (b == NULL) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* get the field parameters */
-	tmp = OBJ_obj2nid(params->fieldID->fieldType);
-	if (tmp == NID_X9_62_characteristic_two_field)
-#ifdef OPENSSL_NO_EC2M
-	{
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
-		goto err;
-	}
-#else
-	{
-		X9_62_CHARACTERISTIC_TWO *char_two;
-
-		char_two = params->fieldID->p.char_two;
-
-		field_bits = char_two->m;
-		if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
-			goto err;
-		}
-		if ((p = BN_new()) == NULL) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/* get the base type */
-		tmp = OBJ_obj2nid(char_two->type);
-
-		if (tmp == NID_X9_62_tpBasis) {
-			long tmp_long;
-
-			if (!char_two->p.tpBasis) {
-				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-				goto err;
-			}
-			tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
-
-			if (!(char_two->m > tmp_long && tmp_long > 0)) {
-				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
-				goto err;
-			}
-			/* create the polynomial */
-			if (!BN_set_bit(p, (int) char_two->m))
-				goto err;
-			if (!BN_set_bit(p, (int) tmp_long))
-				goto err;
-			if (!BN_set_bit(p, 0))
-				goto err;
-		} else if (tmp == NID_X9_62_ppBasis) {
-			X9_62_PENTANOMIAL *penta;
-
-			penta = char_two->p.ppBasis;
-			if (!penta) {
-				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-				goto err;
-			}
-			if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0)) {
-				ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
-				goto err;
-			}
-			/* create the polynomial */
-			if (!BN_set_bit(p, (int) char_two->m))
-				goto err;
-			if (!BN_set_bit(p, (int) penta->k1))
-				goto err;
-			if (!BN_set_bit(p, (int) penta->k2))
-				goto err;
-			if (!BN_set_bit(p, (int) penta->k3))
-				goto err;
-			if (!BN_set_bit(p, 0))
-				goto err;
-		} else if (tmp == NID_X9_62_onBasis) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
-			goto err;
-		} else {	/* error */
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-			goto err;
-		}
-
-		/* create the EC_GROUP structure */
-		ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
-	}
-#endif
-	else if (tmp == NID_X9_62_prime_field) {
-		/* we have a curve over a prime field */
-		/* extract the prime number */
-		if (!params->fieldID->p.prime) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-			goto err;
-		}
-		p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
-		if (p == NULL) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		if (BN_is_negative(p) || BN_is_zero(p)) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
-			goto err;
-		}
-		field_bits = BN_num_bits(p);
-		if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
-			goto err;
-		}
-		/* create the EC_GROUP structure */
-		ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
-	} else {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
-		goto err;
-	}
-
-	if (ret == NULL) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-		goto err;
-	}
-	/* extract seed (optional) */
-	if (params->curve->seed != NULL) {
-		free(ret->seed);
-		if (!(ret->seed = malloc(params->curve->seed->length))) {
-			ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		memcpy(ret->seed, params->curve->seed->data,
-		    params->curve->seed->length);
-		ret->seed_len = params->curve->seed->length;
-	}
-	if (!params->order || !params->base || !params->base->data) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
-		goto err;
-	}
-	if ((point = EC_POINT_new(ret)) == NULL)
-		goto err;
-
-	/* set the point conversion form */
-	EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
-	    (params->base->data[0] & ~0x01));
-
-	/* extract the ec point */
-	if (!EC_POINT_oct2point(ret, point, params->base->data,
-		params->base->length, NULL)) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-		goto err;
-	}
-	/* extract the order */
-	if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	if (BN_is_negative(a) || BN_is_zero(a)) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
-		goto err;
-	}
-	if (BN_num_bits(a) > (int) field_bits + 1) {	/* Hasse bound */
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
-		goto err;
-	}
-	/* extract the cofactor (optional) */
-	if (params->cofactor == NULL) {
-		BN_free(b);
-		b = NULL;
-	} else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	/* set the generator, order and cofactor (if present) */
-	if (!EC_GROUP_set_generator(ret, point, a, b)) {
-		ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-		goto err;
-	}
-	ok = 1;
-
-err:	if (!ok) {
-		EC_GROUP_clear_free(ret);
-		ret = NULL;
-	}
-	BN_free(p);
-	BN_free(a);
-	BN_free(b);
-	EC_POINT_free(point);
-	return (ret);
-}
-
-EC_GROUP *
-ec_asn1_pkparameters2group(const ECPKPARAMETERS * params)
-{
-	EC_GROUP *ret = NULL;
-	int tmp = 0;
-
-	if (params == NULL) {
-		ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
-		    EC_R_MISSING_PARAMETERS);
-		return NULL;
-	}
-	if (params->type == 0) {/* the curve is given by an OID */
-		tmp = OBJ_obj2nid(params->value.named_curve);
-		if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) {
-			ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
-			    EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
-			return NULL;
-		}
-		EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
-	} else if (params->type == 1) {	/* the parameters are given by a
-					 * ECPARAMETERS structure */
-		ret = ec_asn1_parameters2group(params->value.parameters);
-		if (!ret) {
-			ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
-			return NULL;
-		}
-		EC_GROUP_set_asn1_flag(ret, 0x0);
-	} else if (params->type == 2) {	/* implicitlyCA */
-		return NULL;
-	} else {
-		ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
-		return NULL;
-	}
-
-	return ret;
-}
-
-/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
-
-EC_GROUP *
-d2i_ECPKParameters(EC_GROUP ** a, const unsigned char **in, long len)
-{
-	EC_GROUP *group = NULL;
-	ECPKPARAMETERS *params = NULL;
-
-	if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) {
-		ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
-		goto err;
-	}
-	if ((group = ec_asn1_pkparameters2group(params)) == NULL) {
-		ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
-		goto err;
-	}
-
-	if (a != NULL) {
-		EC_GROUP_clear_free(*a);
-		*a = group;
-	}
-
-err:
-	ECPKPARAMETERS_free(params);
-	return (group);
-}
-
-int 
-i2d_ECPKParameters(const EC_GROUP * a, unsigned char **out)
-{
-	int ret = 0;
-	ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL);
-	if (tmp == NULL) {
-		ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
-		return 0;
-	}
-	if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) {
-		ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
-		ECPKPARAMETERS_free(tmp);
-		return 0;
-	}
-	ECPKPARAMETERS_free(tmp);
-	return (ret);
-}
-
-/* some EC_KEY functions */
-
-EC_KEY *
-d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
-{
-	EC_KEY *ret = NULL;
-	EC_PRIVATEKEY *priv_key = NULL;
-
-	if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
-		ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
-		ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-		EC_PRIVATEKEY_free(priv_key);
-		return NULL;
-	}
-	if (a == NULL || *a == NULL) {
-		if ((ret = EC_KEY_new()) == NULL) {
-			ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	} else
-		ret = *a;
-
-	if (priv_key->parameters) {
-		EC_GROUP_clear_free(ret->group);
-		ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
-	}
-	if (ret->group == NULL) {
-		ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-		goto err;
-	}
-	ret->version = priv_key->version;
-
-	if (priv_key->privateKey) {
-		ret->priv_key = BN_bin2bn(
-		    ASN1_STRING_data(priv_key->privateKey),
-		    ASN1_STRING_length(priv_key->privateKey),
-		    ret->priv_key);
-		if (ret->priv_key == NULL) {
-			ECerr(EC_F_D2I_ECPRIVATEKEY,
-			    ERR_R_BN_LIB);
-			goto err;
-		}
-	} else {
-		ECerr(EC_F_D2I_ECPRIVATEKEY,
-		    EC_R_MISSING_PRIVATE_KEY);
-		goto err;
-	}
-
-	if (priv_key->publicKey) {
-		const unsigned char *pub_oct;
-		size_t pub_oct_len;
-
-		EC_POINT_clear_free(ret->pub_key);
-		ret->pub_key = EC_POINT_new(ret->group);
-		if (ret->pub_key == NULL) {
-			ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-			goto err;
-		}
-		pub_oct = ASN1_STRING_data(priv_key->publicKey);
-		pub_oct_len = ASN1_STRING_length(priv_key->publicKey);
-		/* save the point conversion form */
-		ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01);
-		if (!EC_POINT_oct2point(ret->group, ret->pub_key,
-			pub_oct, pub_oct_len, NULL)) {
-			ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-
-	EC_PRIVATEKEY_free(priv_key);
-	if (a != NULL)
-		*a = ret;
-	return (ret);
-
-err:
-	if (a == NULL || *a != ret)
-		EC_KEY_free(ret);
-	if (priv_key)
-		EC_PRIVATEKEY_free(priv_key);
-
-	return (NULL);
-}
-
-int 
-i2d_ECPrivateKey(EC_KEY * a, unsigned char **out)
-{
-	int ret = 0, ok = 0;
-	unsigned char *buffer = NULL;
-	size_t buf_len = 0, tmp_len;
-	EC_PRIVATEKEY *priv_key = NULL;
-
-	if (a == NULL || a->group == NULL || a->priv_key == NULL) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		goto err;
-	}
-	if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	priv_key->version = a->version;
-
-	buf_len = (size_t) BN_num_bytes(a->priv_key);
-	buffer = malloc(buf_len);
-	if (buffer == NULL) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!BN_bn2bin(a->priv_key, buffer)) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
-		goto err;
-	}
-	if (!ASN1_STRING_set(priv_key->privateKey, buffer, buf_len)) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) {
-		if ((priv_key->parameters = ec_asn1_group2pkparameters(
-			    a->group, priv_key->parameters)) == NULL) {
-			ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-	if (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key != NULL) {
-		priv_key->publicKey = ASN1_BIT_STRING_new();
-		if (priv_key->publicKey == NULL) {
-			ECerr(EC_F_I2D_ECPRIVATEKEY,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
-		    a->conv_form, NULL, 0, NULL);
-
-		if (tmp_len > buf_len) {
-			unsigned char *tmp_buffer = realloc(buffer, tmp_len);
-			if (!tmp_buffer) {
-				ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			buffer = tmp_buffer;
-			buf_len = tmp_len;
-		}
-		if (!EC_POINT_point2oct(a->group, a->pub_key,
-			a->conv_form, buffer, buf_len, NULL)) {
-			ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-			goto err;
-		}
-		priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
-		priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
-		if (!ASN1_STRING_set(priv_key->publicKey, buffer,
-			buf_len)) {
-			ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
-			goto err;
-		}
-	}
-	if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) {
-		ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
-		goto err;
-	}
-	ok = 1;
-err:
-	free(buffer);
-	if (priv_key)
-		EC_PRIVATEKEY_free(priv_key);
-	return (ok ? ret : 0);
-}
-
-int 
-i2d_ECParameters(EC_KEY * a, unsigned char **out)
-{
-	if (a == NULL) {
-		ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	return i2d_ECPKParameters(a->group, out);
-}
-
-EC_KEY *
-d2i_ECParameters(EC_KEY ** a, const unsigned char **in, long len)
-{
-	EC_KEY *ret;
-
-	if (in == NULL || *in == NULL) {
-		ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-	}
-	if (a == NULL || *a == NULL) {
-		if ((ret = EC_KEY_new()) == NULL) {
-			ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	} else
-		ret = *a;
-
-	if (!d2i_ECPKParameters(&ret->group, in, len)) {
-		ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
-		if (a == NULL || *a != ret)
-			EC_KEY_free(ret);
-		return NULL;
-	}
-
-	if (a != NULL)
-		*a = ret;
-	return ret;
-}
-
-EC_KEY *
-o2i_ECPublicKey(EC_KEY ** a, const unsigned char **in, long len)
-{
-	EC_KEY *ret = NULL;
-
-	if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
-		/*
-		 * sorry, but a EC_GROUP-structur is necessary to set the
-		 * public key
-		 */
-		ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	ret = *a;
-	if (ret->pub_key == NULL &&
-	    (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {
-		ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) {
-		ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
-		return 0;
-	}
-	/* save the point conversion form */
-	ret->conv_form = (point_conversion_form_t) (*in[0] & ~0x01);
-	*in += len;
-	return ret;
-}
-
-int 
-i2o_ECPublicKey(EC_KEY * a, unsigned char **out)
-{
-	size_t buf_len = 0;
-	int new_buffer = 0;
-
-	if (a == NULL) {
-		ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	buf_len = EC_POINT_point2oct(a->group, a->pub_key,
-	    a->conv_form, NULL, 0, NULL);
-
-	if (out == NULL || buf_len == 0)
-		/* out == NULL => just return the length of the octet string */
-		return buf_len;
-
-	if (*out == NULL) {
-		if ((*out = malloc(buf_len)) == NULL) {
-			ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		new_buffer = 1;
-	}
-	if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
-		*out, buf_len, NULL)) {
-		ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
-		if (new_buffer) {
-			free(*out);
-			*out = NULL;
-		}
-		return 0;
-	}
-	if (!new_buffer)
-		*out += buf_len;
-	return buf_len;
-}
diff --git a/lib/libssl/src/crypto/ec/ec_check.c b/lib/libssl/src/crypto/ec/ec_check.c
deleted file mode 100644
index 21072305d5c..00000000000
--- a/lib/libssl/src/crypto/ec/ec_check.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: ec_check.c,v 1.5 2015/02/08 22:25:03 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ec_lcl.h"
-#include <openssl/err.h>
-
-int 
-EC_GROUP_check(const EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	BIGNUM *order;
-	BN_CTX *new_ctx = NULL;
-	EC_POINT *point = NULL;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL) {
-			ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	BN_CTX_start(ctx);
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* check the discriminant */
-	if (!EC_GROUP_check_discriminant(group, ctx)) {
-		ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
-		goto err;
-	}
-	/* check the generator */
-	if (group->generator == NULL) {
-		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
-		goto err;
-	}
-	if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) {
-		ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-	}
-	/* check the order of the generator */
-	if ((point = EC_POINT_new(group)) == NULL)
-		goto err;
-	if (!EC_GROUP_get_order(group, order, ctx))
-		goto err;
-	if (BN_is_zero(order)) {
-		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
-		goto err;
-	}
-	if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx))
-		goto err;
-	if (EC_POINT_is_at_infinity(group, point) <= 0) {
-		ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
-		goto err;
-	}
-	ret = 1;
-
-err:
-	if (ctx != NULL)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	EC_POINT_free(point);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ec/ec_curve.c b/lib/libssl/src/crypto/ec/ec_curve.c
deleted file mode 100644
index f852ccaee3e..00000000000
--- a/lib/libssl/src/crypto/ec/ec_curve.c
+++ /dev/null
@@ -1,3340 +0,0 @@
-/* $OpenBSD: ec_curve.c,v 1.13 2016/03/10 23:21:46 mmcc Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "ec_lcl.h"
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-
-typedef struct {
-	int field_type,		/* either NID_X9_62_prime_field or
-				 * NID_X9_62_characteristic_two_field */
-	 seed_len, param_len;
-	unsigned int cofactor;	/* promoted to BN_ULONG */
-} EC_CURVE_DATA;
-
-/* the nist prime curves */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_NIST_PRIME_192 = {
-	{
-		NID_X9_62_prime_field, 20, 24, 1
-	},
-	{
-		0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57,	/* seed */
-		0x95, 0x28, 0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFC,
-		0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7,	/* b */
-		0xE9, 0xAB, 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC,
-		0xC1, 0x46, 0xB9, 0xB1,
-		0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF,	/* x */
-		0x20, 0xEB, 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD,
-		0x82, 0xFF, 0x10, 0x12,
-		0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10,	/* y */
-		0x11, 0xed, 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1,
-		0x1e, 0x79, 0x48, 0x11,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1,
-		0xB4, 0xD2, 0x28, 0x31
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 28 * 6];
-}
- _EC_NIST_PRIME_224 = {
-	{
-		NID_X9_62_prime_field, 20, 28, 1
-	},
-	{
-		0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45,	/* seed */
-		0xB5, 0x9F, 0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-		0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41,	/* b */
-		0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA,
-		0x27, 0x0B, 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4,
-		0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13,	/* x */
-		0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22,
-		0x34, 0x32, 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21,
-		0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22,	/* y */
-		0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
-		0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E,
-		0x13, 0xDD, 0x29, 0x45, 0x5C, 0x5C, 0x2A, 0x3D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 48 * 6];
-}
- _EC_NIST_PRIME_384 = {
-	{
-		NID_X9_62_prime_field, 20, 48, 1
-	},
-	{
-		0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00,	/* seed */
-		0x89, 0x6A, 0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
-		0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E,	/* b */
-		0x05, 0x6B, 0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E,
-		0xFE, 0x81, 0x41, 0x12, 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13,
-		0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D, 0x8A, 0x2E, 0xD1, 0x9D,
-		0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
-		0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1,	/* x */
-		0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62,
-		0x8B, 0xA7, 0x9B, 0x98, 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54,
-		0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C,
-		0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
-		0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e,	/* y */
-		0x98, 0xbf, 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd,
-		0x28, 0x9a, 0x14, 0x7c, 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0,
-		0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce, 0x1d, 0x7e, 0x81, 0x9d,
-		0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37,
-		0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A,
-		0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 66 * 6];
-}
- _EC_NIST_PRIME_521 = {
-	{
-		NID_X9_62_prime_field, 20, 66, 1
-	},
-	{
-		0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC,	/* seed */
-		0x67, 0x17, 0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
-
-		0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-		0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F,	/* b */
-		0x92, 0x9A, 0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA,
-		0x72, 0x5B, 0x99, 0xB3, 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91,
-		0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19, 0x39, 0x51, 0xEC, 0x7E,
-		0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1, 0xBF, 0x07,
-		0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
-		0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
-		0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD,	/* x */
-		0x9E, 0x3E, 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64,
-		0x81, 0x39, 0x05, 0x3F, 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60,
-		0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, 0x5E, 0x77, 0xEF, 0xE7,
-		0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, 0xA8, 0xDE,
-		0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
-		0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
-		0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04,	/* y */
-		0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5,
-		0x44, 0x49, 0x57, 0x9b, 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17,
-		0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4,
-		0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, 0x07, 0x61,
-		0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
-		0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
-		0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86, 0x87, 0x83, 0xBF, 0x2F,
-		0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, 0xA5, 0xD0,
-		0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
-		0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
-	}
-};
-
-/* the x9.62 prime curves (minus the nist prime curves) */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_X9_62_PRIME_192V2 = {
-	{
-		NID_X9_62_prime_field, 20, 24, 1
-	},
-	{
-		0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B,	/* seed */
-		0x11, 0x3E, 0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFC,
-		0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C,	/* b */
-		0x0D, 0x63, 0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2,
-		0x16, 0x68, 0xD9, 0x53,
-		0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE,	/* x */
-		0x77, 0x69, 0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69,
-		0x6F, 0x48, 0x03, 0x4A,
-		0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b,	/* y */
-		0xb8, 0x2a, 0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9,
-		0x70, 0xb2, 0xde, 0x15,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFE, 0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86,
-		0x48, 0xD8, 0xDD, 0x31
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_X9_62_PRIME_192V3 = {
-	{
-		NID_X9_62_prime_field, 20, 24, 1
-	},
-	{
-		0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6,	/* seed */
-		0x5C, 0xA9, 0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFC,
-		0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42,	/* b */
-		0x3D, 0xAE, 0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25,
-		0x6B, 0xD5, 0x69, 0x16,
-		0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78,	/* x */
-		0x37, 0x16, 0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E,
-		0x22, 0x8F, 0x18, 0x96,
-		0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49,	/* y */
-		0xdc, 0xb6, 0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76,
-		0x48, 0xa9, 0x43, 0xb0,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94,
-		0xF6, 0x40, 0xEC, 0x13
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_PRIME_239V1 = {
-	{
-		NID_X9_62_prime_field, 20, 30, 1
-	},
-	{
-		0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0,	/* seed */
-		0x75, 0x79, 0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-
-		0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6,	/* b */
-		0x54, 0x92, 0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2,
-		0x7D, 0x1D, 0x37, 0x79, 0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A,
-
-		0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33,	/* x */
-		0xB8, 0x64, 0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57,
-		0x3D, 0x3F, 0x27, 0xFB, 0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF,
-
-		0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40,	/* y */
-		0x54, 0xca, 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18,
-		0xce, 0x22, 0x6b, 0x39, 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D,
-		0x90, 0x71, 0xFB, 0xD1, 0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_PRIME_239V2 = {
-	{
-		NID_X9_62_prime_field, 20, 30, 1
-	},
-	{
-		0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B,	/* seed */
-		0x80, 0x99, 0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-
-		0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5,	/* b */
-		0x0D, 0x99, 0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B,
-		0xA0, 0x03, 0x8C, 0x7A, 0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C,
-
-		0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9,	/* x */
-		0x21, 0xBB, 0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2,
-		0xF3, 0x57, 0x57, 0xA0, 0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7,
-
-		0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d,	/* y */
-		0xa0, 0xfc, 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55,
-		0xde, 0x6e, 0xf4, 0x60, 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43,
-		0x77, 0xD4, 0x14, 0xC0, 0x38, 0x21, 0xBC, 0x58, 0x20, 0x63
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_PRIME_239V3 = {
-	{
-		NID_X9_62_prime_field, 20, 30, 1
-	},
-	{
-		0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A,	/* seed */
-		0x85, 0x76, 0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-
-		0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4,	/* b */
-		0xCB, 0x03, 0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02,
-		0xD4, 0x98, 0x87, 0x17, 0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E,
-
-		0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00,	/* x */
-		0x5C, 0x94, 0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6,
-		0x60, 0xBB, 0xF8, 0x54, 0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A,
-
-		0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d,	/* y */
-		0x55, 0x2b, 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b,
-		0x6e, 0x81, 0x84, 0x99, 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3,
-
-		0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3,
-		0xA6, 0x05, 0x7C, 0x3C, 0x43, 0x21, 0x46, 0x52, 0x65, 0x51
-	}
-};
-
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 32 * 6];
-}
- _EC_X9_62_PRIME_256V1 = {
-	{
-		NID_X9_62_prime_field, 20, 32, 1
-	},
-	{
-		0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66,	/* seed */
-		0x78, 0xE1, 0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
-
-		0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFC,
-		0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB,	/* b */
-		0xBD, 0x55, 0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0,
-		0xCC, 0x53, 0xB0, 0xF6, 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2,
-		0x60, 0x4B,
-		0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC,	/* x */
-		0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81,
-		0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98,
-		0xC2, 0x96,
-		0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7,	/* y */
-		0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57,
-		0x6b, 0x31, 0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf,
-		0x51, 0xf5,
-		0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD,
-		0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63,
-		0x25, 0x51
-	}
-};
-
-/* the secg prime curves (minus the nist and x9.62 prime curves) */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 14 * 6];
-}
- _EC_SECG_PRIME_112R1 = {
-	{
-		NID_X9_62_prime_field, 20, 14, 1
-	},
-	{
-		0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68,	/* seed */
-		0x75, 0x61, 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1,
-
-		0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76,	/* p */
-		0xBE, 0xAD, 0x20, 0x8B,
-		0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76,	/* a */
-		0xBE, 0xAD, 0x20, 0x88,
-		0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89,	/* b */
-		0x11, 0x70, 0x2B, 0x22,
-		0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55,	/* x */
-		0xF9, 0xC2, 0xF0, 0x98,
-		0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e,	/* y */
-		0x0f, 0xf7, 0x75, 0x00,
-		0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF,	/* order */
-		0xAC, 0x65, 0x61, 0xC5
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 14 * 6];
-}
- _EC_SECG_PRIME_112R2 = {
-	{
-		NID_X9_62_prime_field, 20, 14, 4
-	},
-	{
-		0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68,	/* seed */
-		0x75, 0x61, 0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4,
-
-		0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76,	/* p */
-		0xBE, 0xAD, 0x20, 0x8B,
-		0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6,	/* a */
-		0x5C, 0x0E, 0xF0, 0x2C,
-		0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3,	/* b */
-		0x4C, 0x85, 0xD7, 0x09,
-		0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D,	/* x */
-		0xD0, 0x92, 0x86, 0x43,
-		0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3,	/* y */
-		0x6e, 0x95, 0x6e, 0x97,
-		0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1,	/* order */
-		0x05, 0x20, 0xD0, 0x4B
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 16 * 6];
-}
- _EC_SECG_PRIME_128R1 = {
-	{
-		NID_X9_62_prime_field, 20, 16, 1
-	},
-	{
-		0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,	/* seed */
-		0x51, 0x75, 0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79,
-
-		0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
-		0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24,	/* b */
-		0x99, 0x3C, 0x2C, 0xEE, 0x5E, 0xD3,
-		0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28,	/* x */
-		0x60, 0x7C, 0xA5, 0x2C, 0x5B, 0x86,
-		0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d,	/* y */
-		0xa2, 0x92, 0xdd, 0xed, 0x7a, 0x83,
-		0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3,	/* order */
-		0x0D, 0x1B, 0x90, 0x38, 0xA1, 0x15
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 16 * 6];
-}
- _EC_SECG_PRIME_128R2 = {
-	{
-		NID_X9_62_prime_field, 20, 16, 4
-	},
-	{
-		0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,	/* seed */
-		0x12, 0xD8, 0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4,
-
-		0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59,	/* a */
-		0xCC, 0x9B, 0xBF, 0xF9, 0xAE, 0xE1,
-		0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C,	/* b */
-		0x65, 0x58, 0xBB, 0x6D, 0x8A, 0x5D,
-		0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB,	/* x */
-		0x32, 0xA7, 0xCD, 0xEB, 0xC1, 0x40,
-		0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06,	/* y */
-		0xfe, 0x80, 0x5f, 0xc3, 0x4b, 0x44,
-		0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00,	/* order */
-		0x24, 0x72, 0x06, 0x13, 0xB5, 0xA3
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 21 * 6];
-}
- _EC_SECG_PRIME_160K1 = {
-	{
-		NID_X9_62_prime_field, 0, 21, 1
-	},
-	{			/* no seed */
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC,
-		0x73,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x07,
-		0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4,	/* x */
-		0x01, 0x9E, 0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E,
-		0xBB,
-		0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b,	/* y */
-		0xc2, 0x82, 0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f,
-		0xee,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x01, 0xB8, 0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6,
-		0xB3
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 21 * 6];
-}
- _EC_SECG_PRIME_160R1 = {
-	{
-		NID_X9_62_prime_field, 20, 21, 1
-	},
-	{
-		0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45,
-
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF,
-		0xFF,
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF,
-		0xFC,
-		0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65,	/* b */
-		0xAC, 0xF8, 0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA,
-		0x45,
-		0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46,	/* x */
-		0x64, 0x69, 0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC,
-		0x82,
-		0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59,	/* y */
-		0xdc, 0xc9, 0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb,
-		0x32,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x01, 0xF4, 0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22,
-		0x57
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 21 * 6];
-}
- _EC_SECG_PRIME_160R2 = {
-	{
-		NID_X9_62_prime_field, 20, 21, 1
-	},
-	{
-		0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09,	/* seed */
-		0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
-
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC,
-		0x73,
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC,
-		0x70,
-		0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB,	/* b */
-		0x57, 0x27, 0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88,
-		0xBA,
-		0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F,	/* x */
-		0x4F, 0xF1, 0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE,
-		0x6D,
-		0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0,	/* y */
-		0x71, 0xfa, 0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f,
-		0x2e,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x35, 0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1,
-		0x6B
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 24 * 6];
-}
- _EC_SECG_PRIME_192K1 = {
-	{
-		NID_X9_62_prime_field, 0, 24, 1
-	},
-	{			/* no seed */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-		0xFF, 0xFF, 0xEE, 0x37,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x03,
-		0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0,	/* x */
-		0x7D, 0x02, 0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1,
-		0xEA, 0xE0, 0x6C, 0x7D,
-		0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41,	/* y */
-		0x63, 0xd0, 0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88,
-		0xd9, 0x5e, 0x2f, 0x9d,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFE, 0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A,
-		0x74, 0xDE, 0xFD, 0x8D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 29 * 6];
-}
- _EC_SECG_PRIME_224K1 = {
-	{
-		NID_X9_62_prime_field, 0, 29, 1
-	},
-	{			/* no seed */
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xE5, 0x6D,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05,
-		0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30,	/* x */
-		0xFC, 0x28, 0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75,
-		0xA9, 0x0F, 0x7E, 0x65, 0x0E, 0xB6, 0xB7, 0xA4, 0x5C,
-		0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82,	/* y */
-		0xca, 0xfb, 0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd,
-		0x59, 0xe2, 0xca, 0x4b, 0xdb, 0x55, 0x6d, 0x61, 0xa5,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61,
-		0x84, 0xCA, 0xF0, 0xA9, 0x71, 0x76, 0x9F, 0xB1, 0xF7
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_SECG_PRIME_256K1 = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF,
-		0xFC, 0x2F,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x07,
-		0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0,	/* x */
-		0x62, 0x95, 0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB,
-		0x2D, 0xCE, 0x28, 0xD9, 0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8,
-		0x17, 0x98,
-		0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4,	/* y */
-		0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48,
-		0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10,
-		0xd4, 0xb8,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6,
-		0xAF, 0x48, 0xA0, 0x3B, 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36,
-		0x41, 0x41
-	}
-};
-
-/* some wap/wtls curves */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 15 * 6];
-}
- _EC_WTLS_8 = {
-	{
-		NID_X9_62_prime_field, 0, 15, 1
-	},
-	{			/* no seed */
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFD, 0xE7,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x03,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* y */
-		0x00, 0x00, 0x00, 0x00, 0x02,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA,	/* order */
-		0x55, 0x1A, 0xD8, 0x37, 0xE9
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 21 * 6];
-}
- _EC_WTLS_9 = {
-	{
-		NID_X9_62_prime_field, 0, 21, 1
-	},
-	{			/* no seed */
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80,
-		0x8F,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x03,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* y */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x02,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x01, 0xCD, 0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF,
-		0x33
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 28 * 6];
-}
- _EC_WTLS_12 = {
-	{
-		NID_X9_62_prime_field, 0, 28, 1
-	},
-	{			/* no seed */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-		0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41,	/* b */
-		0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA,
-		0x27, 0x0B, 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4,
-		0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13,	/* x */
-		0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22,
-		0x34, 0x32, 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21,
-		0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22,	/* y */
-		0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
-		0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E,
-		0x13, 0xDD, 0x29, 0x45, 0x5C, 0x5C, 0x2A, 0x3D
-	}
-};
-
-#ifndef OPENSSL_NO_EC2M
-
-/* characteristic two curves */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 15 * 6];
-}
- _EC_SECG_CHAR2_113R1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 15, 2
-	},
-	{
-		0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87,	/* seed */
-		0x56, 0x15, 0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x02, 0x01,
-		0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, 0xFE, 0x64,	/* a */
-		0x9C, 0xE8, 0x58, 0x20, 0xF7,
-		0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, 0x44, 0x18,	/* b */
-		0x8B, 0xE0, 0xE9, 0xC7, 0x23,
-		0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, 0x14, 0x07,	/* x */
-		0xD7, 0x35, 0x62, 0xC1, 0x0F,
-		0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, 0x84, 0xD1,	/* y */
-		0x31, 0x5E, 0xD3, 0x18, 0x86,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD9, 0xCC,	/* order */
-		0xEC, 0x8A, 0x39, 0xE5, 0x6F
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 15 * 6];
-}
- _EC_SECG_CHAR2_113R2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 15, 2
-	},
-	{
-		0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE,	/* seed */
-		0xF4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x02, 0x01,
-		0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, 0x0D, 0xD6,	/* a */
-		0xDF, 0xC0, 0xAA, 0x55, 0xC7,
-		0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, 0xD4, 0xBF,	/* b */
-		0x36, 0xE0, 0x59, 0x18, 0x4F,
-		0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, 0xF5, 0x2F,	/* x */
-		0xCD, 0xB8, 0x16, 0x47, 0x97,
-		0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, 0x4C, 0x06,	/* y */
-		0xE6, 0x95, 0xBA, 0xBA, 0x1D,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x08, 0x78,	/* order */
-		0x9B, 0x24, 0x96, 0xAF, 0x93
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 17 * 6];
-}
- _EC_SECG_CHAR2_131R1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 17, 2
-	},
-	{
-		0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98,	/* seed */
-		0x5B, 0xD3, 0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x0D,
-		0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, 0x44, 0x41,	/* a */
-		0x8F, 0xF3, 0xFF, 0x8C, 0x25, 0x70, 0xB8,
-		0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, 0xB9, 0xC6,	/* b */
-		0xC7, 0x29, 0x16, 0x78, 0xF9, 0xD3, 0x41,
-		0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, 0xC4, 0x0F,	/* x */
-		0x9C, 0x18, 0x13, 0x43, 0x63, 0x83, 0x99,
-		0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, 0x73, 0xC8,	/* y */
-		0x13, 0x4B, 0x1B, 0x4E, 0xF9, 0xE1, 0x50,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x31,	/* order */
-		0x23, 0x95, 0x3A, 0x94, 0x64, 0xB5, 0x4D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 17 * 6];
-}
- _EC_SECG_CHAR2_131R2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 17, 2
-	},
-	{
-		0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x0D,
-		0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, 0xBF, 0x41,	/* a */
-		0x5F, 0x07, 0xC2, 0x17, 0x65, 0x73, 0xB2,
-		0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, 0xAC, 0x73,	/* b */
-		0x4C, 0xE3, 0x8F, 0x01, 0x8F, 0x21, 0x92,
-		0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, 0xAD, 0x65,	/* x */
-		0x2D, 0x23, 0x95, 0x1B, 0xB3, 0x66, 0xA8,
-		0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, 0x36, 0x6D,	/* y */
-		0x9E, 0x26, 0x5D, 0xE9, 0xEB, 0x24, 0x0F,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x69,	/* order */
-		0x54, 0xA2, 0x33, 0x04, 0x9B, 0xA9, 0x8F
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 21 * 6];
-}
- _EC_NIST_CHAR2_163K = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 21, 2
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0xC9,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x01,
-		0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, 0xAC, 0xAA,	/* x */
-		0x07, 0xD7, 0x93, 0xDE, 0x4E, 0x6D, 0x5E, 0x5C, 0x94, 0xEE,
-		0xE8,
-		0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, 0x58, 0x32,	/* y */
-		0x1F, 0x2E, 0x80, 0x05, 0x36, 0xD5, 0x38, 0xCC, 0xDA, 0xA3,
-		0xD9,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x02, 0x01, 0x08, 0xA2, 0xE0, 0xCC, 0x0D, 0x99, 0xF8, 0xA5,
-		0xEF
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 21 * 6];
-}
- _EC_SECG_CHAR2_163R1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 21, 2
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0xC9,
-		0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, 0x95, 0x54,	/* a */
-		0xFF, 0x84, 0x28, 0xBD, 0x88, 0xE2, 0x46, 0xD2, 0x78, 0x2A,
-		0xE2,
-		0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, 0xAB, 0x94,	/* b */
-		0x6B, 0xDA, 0x29, 0xCA, 0x91, 0xF7, 0x3A, 0xF9, 0x58, 0xAF,
-		0xD9,
-		0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, 0x77, 0x89,	/* x */
-		0x56, 0x67, 0x89, 0x56, 0x7F, 0x78, 0x7A, 0x78, 0x76, 0xA6,
-		0x54,
-		0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, 0x98, 0x9D,	/* y */
-		0x51, 0xFE, 0xFC, 0xE3, 0xC8, 0x09, 0x88, 0xF4, 0x1F, 0xF8,
-		0x83,
-		0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0x48, 0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27,
-		0x9B
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 21 * 6];
-}
- _EC_NIST_CHAR2_163B = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 21, 2
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0xC9,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x01,
-		0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, 0xCA, 0x14,	/* b */
-		0x81, 0xEB, 0x10, 0x51, 0x2F, 0x78, 0x74, 0x4A, 0x32, 0x05,
-		0xFD,
-		0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, 0x7E, 0xA0,	/* x */
-		0x99, 0x11, 0x68, 0xD4, 0x99, 0x46, 0x37, 0xE8, 0x34, 0x3E,
-		0x36,
-		0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, 0x4F, 0xA2,	/* y */
-		0xCD, 0xD5, 0x45, 0xB1, 0x1C, 0x5C, 0x0C, 0x79, 0x73, 0x24,
-		0xF1,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x02, 0x92, 0xFE, 0x77, 0xE7, 0x0C, 0x12, 0xA4, 0x23, 0x4C,
-		0x33
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 25 * 6];
-}
- _EC_SECG_CHAR2_193R1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 25, 2
-	},
-	{
-		0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,	/* seed */
-		0x61, 0x51, 0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x80, 0x01,
-		0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, 0x51, 0x69,	/* a */
-		0xE1, 0x71, 0xF7, 0x7B, 0x40, 0x87, 0xDE, 0x09, 0x8A, 0xC8,
-		0xA9, 0x11, 0xDF, 0x7B, 0x01,
-		0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, 0x9F, 0xAC,	/* b */
-		0xAD, 0xAA, 0x7A, 0x1E, 0x5B, 0xBC, 0x7C, 0xC1, 0xC2, 0xE5,
-		0xD8, 0x31, 0x47, 0x88, 0x14,
-		0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, 0x74, 0xAD,	/* x */
-		0x6C, 0xDF, 0x6F, 0xDE, 0xF4, 0xBF, 0x61, 0x79, 0x62, 0x53,
-		0x72, 0xD8, 0xC0, 0xC5, 0xE1,
-		0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, 0xCC, 0xF3,	/* y */
-		0xEA, 0x9E, 0x3A, 0x1A, 0xD1, 0x7F, 0xB0, 0xB3, 0x20, 0x1B,
-		0x6A, 0xF7, 0xCE, 0x1B, 0x05,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0xC7, 0xF3, 0x4A, 0x77, 0x8F, 0x44, 0x3A,
-		0xCC, 0x92, 0x0E, 0xBA, 0x49
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 25 * 6];
-}
- _EC_SECG_CHAR2_193R2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 25, 2
-	},
-	{
-		0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15,	/* seed */
-		0x17, 0x51, 0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x80, 0x01,
-		0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, 0x3E, 0xA6,	/* a */
-		0xED, 0x86, 0x67, 0x19, 0x0B, 0x0B, 0xC4, 0x3E, 0xCD, 0x69,
-		0x97, 0x77, 0x02, 0x70, 0x9B,
-		0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, 0x4C, 0x37,	/* b */
-		0x7E, 0x2A, 0xB2, 0x85, 0x6A, 0x5B, 0x16, 0xE3, 0xEF, 0xB7,
-		0xF6, 0x1D, 0x43, 0x16, 0xAE,
-		0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, 0xC8, 0x03,	/* x */
-		0xF3, 0x9E, 0x1A, 0x7E, 0x82, 0xCA, 0x14, 0xA6, 0x51, 0x35,
-		0x0A, 0xAE, 0x61, 0x7E, 0x8F,
-		0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, 0xAC, 0x29,	/* y */
-		0xE7, 0xDE, 0xFB, 0xD9, 0xCA, 0x01, 0xF5, 0x96, 0xF9, 0x27,
-		0x22, 0x4C, 0xDE, 0xCF, 0x6C,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x01, 0x5A, 0xAB, 0x56, 0x1B, 0x00, 0x54, 0x13,
-		0xCC, 0xD4, 0xEE, 0x99, 0xD5
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 30 * 6];
-}
- _EC_NIST_CHAR2_233K = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 30, 4
-	},
-	{			/* no seed */
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1,	/* x */
-		0x29, 0xF2, 0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2,
-		0x6B, 0xF5, 0x0A, 0x4C, 0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
-
-		0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F,	/* y */
-		0x55, 0x5A, 0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A,
-		0xEB, 0x9B, 0x56, 0xE0, 0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3,
-
-		0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15,
-		0xBC, 0xD4, 0x6E, 0xFB, 0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_NIST_CHAR2_233B = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 30, 2
-	},
-	{
-		0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1,	/* seed */
-		0x4B, 0x34, 0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, 0x7F, 0x8C,	/* b */
-		0x09, 0x23, 0xBB, 0x58, 0x21, 0x3B, 0x33, 0x3B, 0x20, 0xE9,
-		0xCE, 0x42, 0x81, 0xFE, 0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD,
-
-		0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, 0xBB, 0x21,	/* x */
-		0x39, 0xF1, 0xBB, 0x75, 0x5F, 0xEF, 0x65, 0xBC, 0x39, 0x1F,
-		0x8B, 0x36, 0xF8, 0xF8, 0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B,
-
-		0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, 0x06, 0x78,	/* y */
-		0xE5, 0x85, 0x28, 0xBE, 0xBF, 0x8A, 0x0B, 0xEF, 0xF8, 0x67,
-		0xA7, 0xCA, 0x36, 0x71, 0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52,
-
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0xE9, 0x74, 0xE7, 0x2F,
-		0x8A, 0x69, 0x22, 0x03, 0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 30 * 6];
-}
- _EC_SECG_CHAR2_239K1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 30, 4
-	},
-	{			/* no seed */
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, 0x73, 0x09,	/* x */
-		0x88, 0xA6, 0x87, 0x27, 0xA8, 0xB2, 0xD1, 0x26, 0xC4, 0x4C,
-		0xC2, 0xCC, 0x7B, 0x2A, 0x65, 0x55, 0x19, 0x30, 0x35, 0xDC,
-
-		0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, 0xDB, 0x01,	/* y */
-		0x1C, 0x10, 0x30, 0x89, 0xE7, 0x35, 0x10, 0xAC, 0xB2, 0x75,
-		0xFC, 0x31, 0x2A, 0x5D, 0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA,
-
-		0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x5A, 0x79, 0xFE, 0xC6, 0x7C,
-		0xB6, 0xE9, 0x1F, 0x1C, 0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 36 * 6];
-}
- _EC_NIST_CHAR2_283K = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 36, 4
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, 0x3F, 0x1A,	/* x */
-		0x3B, 0x81, 0x62, 0xF1, 0x88, 0xE5, 0x53, 0xCD, 0x26, 0x5F,
-		0x23, 0xC1, 0x56, 0x7A, 0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2,
-		0xAC, 0x24, 0x58, 0x49, 0x28, 0x36,
-		0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, 0x8D, 0x90,	/* y */
-		0xF9, 0x5D, 0x07, 0xE5, 0x42, 0x6F, 0xE8, 0x7E, 0x45, 0xC0,
-		0xE8, 0x18, 0x46, 0x98, 0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34,
-		0x11, 0x61, 0x77, 0xDD, 0x22, 0x59,
-		0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE9, 0xAE,
-		0x2E, 0xD0, 0x75, 0x77, 0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45,
-		0x1E, 0x06, 0x1E, 0x16, 0x3C, 0x61
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 36 * 6];
-}
- _EC_NIST_CHAR2_283B = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 36, 2
-	},
-	{
-		0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D,	/* no seed */
-		0xD5, 0xB6, 0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, 0xA5, 0xA4,	/* b */
-		0xAF, 0x8A, 0x19, 0xA0, 0x30, 0x3F, 0xCA, 0x97, 0xFD, 0x76,
-		0x45, 0x30, 0x9F, 0xA2, 0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26,
-		0x3E, 0x31, 0x3B, 0x79, 0xA2, 0xF5,
-		0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, 0xE1, 0x93,	/* x */
-		0x4F, 0x8C, 0x70, 0xB0, 0xDF, 0xEC, 0x2E, 0xED, 0x25, 0xB8,
-		0x55, 0x7E, 0xAC, 0x9C, 0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD,
-		0xBE, 0xCD, 0x86, 0xB1, 0x20, 0x53,
-		0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, 0xB9, 0x8F,	/* y */
-		0xE6, 0xD4, 0xB2, 0x0D, 0x02, 0xB4, 0x51, 0x6F, 0xF7, 0x02,
-		0x35, 0x0E, 0xDD, 0xB0, 0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0,
-		0xDF, 0x45, 0xBE, 0x81, 0x12, 0xF4,
-		0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEF, 0x90,
-		0x39, 0x96, 0x60, 0xFC, 0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04,
-		0x2A, 0x7C, 0xEF, 0xAD, 0xB3, 0x07
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 52 * 6];
-}
- _EC_NIST_CHAR2_409K = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 52, 4
-	},
-	{			/* no seed */
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, 0xAD, 0x3A,	/* x */
-		0xB1, 0x89, 0x0F, 0x71, 0x84, 0x21, 0x0E, 0xFD, 0x09, 0x87,
-		0xE3, 0x07, 0xC8, 0x4C, 0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6,
-		0x7C, 0xC2, 0xC4, 0x60, 0x18, 0x9E, 0xB5, 0xAA, 0xAA, 0x62,
-		0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF, 0xE9, 0x02,
-		0x37, 0x46,
-		0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, 0xAC, 0xBA,	/* y */
-		0x1D, 0xAC, 0xBF, 0x04, 0x29, 0x9C, 0x34, 0x60, 0x78, 0x2F,
-		0x91, 0x8E, 0xA4, 0x27, 0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA,
-		0x10, 0xE3, 0xDA, 0x5F, 0x6C, 0x42, 0xE9, 0xC5, 0x52, 0x15,
-		0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48, 0xD8, 0xE0,
-		0x28, 0x6B,
-		0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2,
-		0xD4, 0xEA, 0x20, 0x40, 0x0E, 0xC4, 0x55, 0x7D, 0x5E, 0xD3,
-		0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8, 0xE0, 0x1E,
-		0x5F, 0xCF
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 52 * 6];
-}
- _EC_NIST_CHAR2_409B = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 52, 2
-	},
-	{
-		0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21,	/* seed */
-		0x3D, 0x09, 0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B,
-
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, 0x5C, 0x4B,	/* b */
-		0x9A, 0x75, 0x3B, 0x7B, 0x47, 0x6B, 0x7F, 0xD6, 0x42, 0x2E,
-		0xF1, 0xF3, 0xDD, 0x67, 0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC,
-		0x27, 0xC8, 0xA9, 0xA1, 0x97, 0xB2, 0x72, 0x82, 0x2F, 0x6C,
-		0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31, 0x7B, 0x13,
-		0x54, 0x5F,
-		0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, 0x49, 0x6B,	/* x */
-		0x0C, 0x60, 0x64, 0x75, 0x62, 0x60, 0x44, 0x1C, 0xDE, 0x4A,
-		0xF1, 0x77, 0x1D, 0x4D, 0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5,
-		0x97, 0x03, 0xDC, 0x25, 0x5A, 0x86, 0x8A, 0x11, 0x80, 0x51,
-		0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54, 0xBB, 0x79,
-		0x96, 0xA7,
-		0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, 0x2B, 0xBF,	/* y */
-		0xA7, 0x83, 0x24, 0xED, 0x10, 0x6A, 0x76, 0x36, 0xB9, 0xC5,
-		0xA7, 0xBD, 0x19, 0x8D, 0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88,
-		0xD0, 0x8F, 0x38, 0x51, 0x4F, 0x1F, 0xDF, 0x4B, 0x4F, 0x40,
-		0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA, 0x02, 0x73,
-		0xC7, 0x06,
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6,
-		0xA6, 0x12, 0xF3, 0x33, 0x07, 0xBE, 0x5F, 0xA4, 0x7C, 0x3C,
-		0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37, 0xD9, 0xA2,
-		0x11, 0x73
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 72 * 6];
-}
- _EC_NIST_CHAR2_571K = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 72, 4
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x04, 0x25,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, 0x82, 0x18,	/* x */
-		0x96, 0x31, 0xF8, 0x10, 0x3F, 0xE4, 0xAC, 0x9C, 0xA2, 0x97,
-		0x00, 0x12, 0xD5, 0xD4, 0x60, 0x24, 0x80, 0x48, 0x01, 0x84,
-		0x1C, 0xA4, 0x43, 0x70, 0x95, 0x84, 0x93, 0xB2, 0x05, 0xE6,
-		0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C, 0xBB, 0xD1,
-		0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, 0x98, 0x8B, 0x47, 0x17,
-		0x4D, 0xCA, 0x88, 0xC7, 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C,
-		0x89, 0x72,
-		0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, 0x4F, 0x4A,	/* y */
-		0xEA, 0xDE, 0x3B, 0xCA, 0x95, 0x31, 0x4D, 0xD5, 0x8C, 0xEC,
-		0x9F, 0x30, 0x7A, 0x54, 0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D,
-		0x8A, 0x2C, 0x9D, 0x49, 0x79, 0xC0, 0xAC, 0x44, 0xAE, 0xA7,
-		0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC, 0xB6, 0x20,
-		0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, 0x32, 0x04, 0x30, 0xC8,
-		0x59, 0x19, 0x84, 0xF6, 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1,
-		0xC7, 0xA3,
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x18, 0x50, 0xE1,
-		0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB, 0x91, 0x7F,
-		0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, 0xE5, 0xD6, 0x39, 0x38,
-		0x1E, 0x91, 0xDE, 0xB4, 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C,
-		0x10, 0x01
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 72 * 6];
-}
- _EC_NIST_CHAR2_571B = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 72, 2
-	},
-	{
-		0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B,	/* seed */
-		0x0F, 0x61, 0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x04, 0x25,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, 0xDE, 0x29,	/* b */
-		0x71, 0x17, 0xB7, 0xF3, 0xD6, 0x2F, 0x5C, 0x6A, 0x97, 0xFF,
-		0xCB, 0x8C, 0xEF, 0xF1, 0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A,
-		0x18, 0xAD, 0x84, 0xFF, 0xAB, 0xBD, 0x8E, 0xFA, 0x59, 0x33,
-		0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29, 0x4A, 0xFD,
-		0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, 0x52, 0x0E, 0x4D, 0xE7,
-		0x39, 0xBA, 0xCA, 0x0C, 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55,
-		0x72, 0x7A,
-		0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, 0x6C, 0x16,	/* x */
-		0xC0, 0xD4, 0x0D, 0x3C, 0xD7, 0x75, 0x0A, 0x93, 0xD1, 0xD2,
-		0x95, 0x5F, 0xA8, 0x0A, 0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B,
-		0x2A, 0xBD, 0xBD, 0xE5, 0x39, 0x50, 0xF4, 0xC0, 0xD2, 0x93,
-		0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14, 0x99, 0xAE,
-		0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, 0x4A, 0xBF, 0xA3, 0xB4,
-		0xC8, 0x50, 0xD9, 0x27, 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC,
-		0x2D, 0x19,
-		0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, 0x6D, 0xCC,	/* y */
-		0xFF, 0xFE, 0xB7, 0x3D, 0x69, 0xD7, 0x8C, 0x6C, 0x27, 0xA6,
-		0x00, 0x9C, 0xBB, 0xCA, 0x19, 0x80, 0xF8, 0x53, 0x39, 0x21,
-		0xE8, 0xA6, 0x84, 0x42, 0x3E, 0x43, 0xBA, 0xB0, 0x8A, 0x57,
-		0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8, 0xB3, 0x53,
-		0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, 0x16, 0xE2, 0xF1, 0x51,
-		0x6E, 0x23, 0xDD, 0x3C, 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A,
-		0xC1, 0x5B,
-		0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE6, 0x61, 0xCE, 0x18,
-		0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18, 0x68, 0x23,
-		0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, 0x16, 0x1D, 0xE9, 0x3D,
-		0x51, 0x74, 0xD6, 0x6E, 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8,
-		0x4E, 0x47
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 21 * 6];
-}
- _EC_X9_62_CHAR2_163V1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 21, 2
-	},
-	{
-		0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE,
-		0xF4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54,	/* seed */
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0x07,
-		0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, 0x22, 0xE0,	/* a */
-		0x78, 0x96, 0x75, 0xF4, 0x32, 0xC8, 0x94, 0x35, 0xDE, 0x52,
-		0x42,
-		0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, 0x3C, 0xFF,	/* b */
-		0x38, 0xC7, 0x4B, 0x20, 0xB6, 0xCD, 0x4D, 0x6F, 0x9D, 0xD4,
-		0xD9,
-		0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, 0x79, 0x32,	/* x */
-		0x9F, 0xCC, 0x3D, 0x74, 0x88, 0x0F, 0x33, 0xBB, 0xE8, 0x03,
-		0xCB,
-		0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, 0xEA, 0x1D,	/* y */
-		0x3F, 0x87, 0xF7, 0xEA, 0x58, 0x48, 0xAE, 0xF0, 0xB7, 0xCA,
-		0x9F,
-		0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x01, 0xE6, 0x0F, 0xC8, 0x82, 0x1C, 0xC7, 0x4D, 0xAE, 0xAF,
-		0xC1
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 21 * 6];
-}
- _EC_X9_62_CHAR2_163V2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 21, 2
-	},
-	{
-		0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0x07,
-		0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, 0xBE, 0xD9,	/* a */
-		0x81, 0xED, 0x0E, 0x89, 0x0E, 0x11, 0x7C, 0x51, 0x1C, 0xF0,
-		0x72,
-		0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, 0x8C, 0x40,	/* b */
-		0x74, 0x33, 0xFF, 0xAE, 0x4F, 0x1C, 0x81, 0x16, 0x38, 0xDF,
-		0x20,
-		0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, 0x0A, 0x96,	/* x */
-		0x4D, 0x92, 0xC4, 0x86, 0x0E, 0x26, 0x71, 0xDB, 0x9B, 0x6C,
-		0xC5,
-		0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, 0xCD, 0x25,	/* y */
-		0x8B, 0x38, 0x90, 0x02, 0x1B, 0x23, 0x86, 0xDF, 0xD1, 0x9F,
-		0xC5,
-		0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFD, 0xF6, 0x4D, 0xE1, 0x15, 0x1A, 0xDB, 0xB7, 0x8F, 0x10,
-		0xA7
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 21 * 6];
-}
- _EC_X9_62_CHAR2_163V3 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 21, 2
-	},
-	{
-		0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67,	/* seed */
-		0x68, 0x75, 0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8,
-
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-		0x07,
-		0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, 0x56, 0xA0,	/* a */
-		0x07, 0x69, 0x9F, 0x54, 0x47, 0xE3, 0x2A, 0xE4, 0x56, 0xB5,
-		0x0E,
-		0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, 0x38, 0xFD,	/* b */
-		0x6F, 0x1B, 0xF9, 0x5B, 0x48, 0xFE, 0xEB, 0x48, 0x54, 0x25,
-		0x2B,
-		0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, 0xDE, 0xCF,	/* x */
-		0x8A, 0x22, 0xE6, 0x52, 0x47, 0x75, 0xF9, 0x8C, 0xDE, 0xBD,
-		0xCB,
-		0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, 0xEA, 0x48,	/* y */
-		0xEB, 0x3F, 0xF3, 0x71, 0x8B, 0x89, 0x3D, 0xF5, 0x9A, 0x05,
-		0xD0,
-		0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFE, 0x1A, 0xEE, 0x14, 0x0F, 0x11, 0x0A, 0xFF, 0x96, 0x13,
-		0x09
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 23 * 6];
-}
- _EC_X9_62_CHAR2_176V1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 23, 0xFF6E
-	},
-	{			/* no seed */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00,
-		0x00, 0x00, 0x07,
-		0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, 0x40, 0x7D,	/* a */
-		0x9D, 0x39, 0xB8, 0xD0, 0x96, 0x7B, 0x96, 0x70, 0x4B, 0xA8,
-		0xE9, 0xC9, 0x0B,
-		0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, 0xDE, 0x8E,	/* b */
-		0xC1, 0x33, 0xAE, 0x28, 0xE9, 0xBB, 0xD7, 0xFC, 0xEC, 0x0A,
-		0xE0, 0xFF, 0xF2,
-		0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, 0x00, 0xF9,	/* x */
-		0xF0, 0x8B, 0xB4, 0xA8, 0xE8, 0x60, 0xF3, 0x29, 0x8C, 0xE0,
-		0x4A, 0x57, 0x98,
-		0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, 0xD6, 0xBA,	/* y */
-		0xB5, 0x16, 0x7D, 0x61, 0xB4, 0x36, 0xE1, 0xD9, 0x2B, 0xB1,
-		0x6A, 0x56, 0x2C,
-		0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, 0xEC, 0xA4,	/* order */
-		0xF6, 0x14, 0x57, 0x99, 0xD6, 0x2B, 0x0A, 0x19, 0xCE, 0x06,
-		0xFE, 0x26, 0xAD
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_X9_62_CHAR2_191V1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 24, 2
-	},
-	{
-		0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x02, 0x01,
-		0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, 0x6A, 0x68,	/* a */
-		0xF5, 0x65, 0x54, 0xE1, 0x26, 0x40, 0x27, 0x6B, 0x64, 0x9E,
-		0xF7, 0x52, 0x62, 0x67,
-		0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, 0x67, 0xB0,	/* b */
-		0x08, 0x1B, 0x94, 0x95, 0xA3, 0xD9, 0x54, 0x62, 0xF5, 0xDE,
-		0x0A, 0xA1, 0x85, 0xEC,
-		0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, 0xC4, 0xF2,	/* x */
-		0x99, 0xD7, 0xB2, 0x1A, 0x9C, 0x36, 0x91, 0x37, 0xF2, 0xC8,
-		0x4A, 0xE1, 0xAA, 0x0D,
-		0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, 0x33, 0x29,	/* y */
-		0x32, 0xE7, 0x0E, 0xA2, 0x45, 0xCA, 0x24, 0x18, 0xEA, 0x0E,
-		0xF9, 0x80, 0x18, 0xFB,
-		0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x04, 0xA2, 0x0E, 0x90, 0xC3, 0x90, 0x67, 0xC8,
-		0x93, 0xBB, 0xB9, 0xA5
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_X9_62_CHAR2_191V2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 24, 4
-	},
-	{
-		0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x02, 0x01,
-		0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, 0xB7, 0x66,	/* a */
-		0x6D, 0x13, 0x66, 0xEA, 0x43, 0x20, 0x71, 0x27, 0x4F, 0x89,
-		0xFF, 0x01, 0xE7, 0x18,
-		0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, 0xB6, 0x24,	/* b */
-		0x9C, 0x99, 0x18, 0x2B, 0x7C, 0x8C, 0xD1, 0x97, 0x00, 0xC3,
-		0x62, 0xC4, 0x6A, 0x01,
-		0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, 0x5A, 0x87,	/* x */
-		0x92, 0x6A, 0xAD, 0x83, 0xFD, 0x28, 0x78, 0x9E, 0x81, 0xE2,
-		0xC9, 0xE3, 0xBF, 0x10,
-		0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, 0xDB, 0xF0,	/* y */
-		0x17, 0x60, 0xD9, 0x21, 0x3A, 0x3E, 0x1C, 0xF3, 0x7A, 0xEC,
-		0x43, 0x7D, 0x66, 0x8A,
-		0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x50, 0x50, 0x8C, 0xB8, 0x9F, 0x65, 0x28, 0x24,
-		0xE0, 0x6B, 0x81, 0x73
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 24 * 6];
-}
- _EC_X9_62_CHAR2_191V3 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 24, 6
-	},
-	{
-		0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x02, 0x01,
-		0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, 0x22, 0x10,	/* a */
-		0x56, 0x91, 0x1C, 0x77, 0xD7, 0x7E, 0x77, 0xA7, 0x77, 0xE7,
-		0xE7, 0xE7, 0x7F, 0xCB,
-		0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, 0x89, 0xEF,	/* b */
-		0xEF, 0x8D, 0xB4, 0x59, 0xF6, 0x63, 0x94, 0xD9, 0x0F, 0x32,
-		0xAD, 0x3F, 0x15, 0xE8,
-		0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, 0x89, 0xDE,	/* x */
-		0x87, 0x46, 0xE7, 0x17, 0x86, 0x01, 0x50, 0x09, 0xE6, 0x6E,
-		0x38, 0xA9, 0x26, 0xDD,
-		0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, 0x98, 0x59,	/* y */
-		0x99, 0x36, 0x6E, 0x6A, 0xD3, 0x4C, 0xE0, 0xA7, 0x7C, 0xD7,
-		0x12, 0x7B, 0x06, 0xBE,
-		0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,	/* order */
-		0x55, 0x55, 0x61, 0x0C, 0x0B, 0x19, 0x68, 0x12, 0xBF, 0xB6,
-		0x28, 0x8A, 0x3E, 0xA3
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 27 * 6];
-}
- _EC_X9_62_CHAR2_208W1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 27, 0xFE48
-	},
-	{			/* no seed */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, 0x21, 0x2E,	/* b */
-		0x11, 0x60, 0x34, 0x9E, 0x2B, 0xFA, 0x84, 0x44, 0x39, 0xFA,
-		0xFC, 0x2A, 0x3F, 0xD1, 0x63, 0x8F, 0x9E,
-		0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, 0xDF, 0x95,	/* x */
-		0x59, 0xEC, 0xF0, 0x7A, 0xC0, 0xCE, 0x78, 0x55, 0x4E, 0x27,
-		0x84, 0xEB, 0x8C, 0x1E, 0xD1, 0xA5, 0x7A,
-		0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, 0x9A, 0xC3,	/* y */
-		0x8A, 0x03, 0x5F, 0xF5, 0x20, 0xD8, 0xB0, 0x17, 0x81, 0xBE,
-		0xB1, 0xA6, 0xBB, 0x08, 0x61, 0x7D, 0xE3,
-		0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, 0x23, 0xC5,	/* order */
-		0x7B, 0x6C, 0x21, 0xDA, 0x2E, 0xFF, 0x2D, 0x5E, 0xD5, 0x88,
-		0xBD, 0xD5, 0x71, 0x7E, 0x21, 0x2F, 0x9D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_CHAR2_239V1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 30, 4
-	},
-	{
-		0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,	/* seed */
-		0x51, 0x75, 0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-
-		0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, 0x12, 0x3A,	/* a */
-		0x46, 0xB8, 0x08, 0x90, 0x67, 0x56, 0xF5, 0x43, 0x42, 0x3E,
-		0x8D, 0x27, 0x87, 0x75, 0x78, 0x12, 0x57, 0x78, 0xAC, 0x76,
-
-		0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, 0xB0, 0x12,	/* b */
-		0xED, 0xEF, 0xB3, 0x39, 0x2F, 0x30, 0xF4, 0x32, 0x7C, 0x0C,
-		0xA3, 0xF3, 0x1F, 0xC3, 0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16,
-
-		0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, 0x0A, 0x96,	/* x */
-		0xD3, 0xFD, 0x5B, 0x70, 0x6E, 0xF7, 0xE5, 0xF5, 0xC1, 0x56,
-		0xE1, 0x6B, 0x7E, 0x7C, 0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D,
-
-		0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, 0xF6, 0xF1,	/* y */
-		0xA1, 0x6B, 0x26, 0x8D, 0xE4, 0x69, 0xC3, 0xC7, 0x74, 0x4E,
-		0xA9, 0xA9, 0x71, 0x64, 0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05,
-
-		0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x0F, 0x4D, 0x42, 0xFF, 0xE1,
-		0x49, 0x2A, 0x49, 0x93, 0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_CHAR2_239V2 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 30, 6
-	},
-	{
-		0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-
-		0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, 0xE4, 0x23,	/* a */
-		0x98, 0x56, 0x9B, 0x74, 0x63, 0x25, 0xD4, 0x53, 0x13, 0xAF,
-		0x07, 0x66, 0x26, 0x64, 0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F,
-
-		0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, 0xCD, 0x82,	/* b */
-		0xB2, 0xC1, 0x4A, 0x2F, 0xCF, 0x2E, 0x3F, 0xF8, 0x77, 0x52,
-		0x85, 0xB5, 0x45, 0x72, 0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B,
-
-		0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, 0xDC, 0x47,	/* x */
-		0xA0, 0x85, 0x34, 0xFE, 0x76, 0xD2, 0xB9, 0x00, 0xB7, 0xD7,
-		0xEF, 0x31, 0xF5, 0x70, 0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05,
-
-		0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, 0xA0, 0x3B,	/* y */
-		0xAD, 0x9D, 0xD7, 0x5E, 0x2C, 0x71, 0xA9, 0x93, 0x62, 0x56,
-		0x7D, 0x54, 0x53, 0xF7, 0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33,
-
-		0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,	/* order */
-		0x55, 0x55, 0x55, 0x55, 0x55, 0x3C, 0x6F, 0x28, 0x85, 0x25,
-		0x9C, 0x31, 0xE3, 0xFC, 0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 30 * 6];
-}
- _EC_X9_62_CHAR2_239V3 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 30, 0xA
-	},
-	{
-		0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,	/* seed */
-		0x51, 0x75, 0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
-
-		0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, 0x6D, 0x66,	/* a */
-		0x76, 0xF7, 0x78, 0xE6, 0x76, 0xB6, 0x69, 0x99, 0x17, 0x66,
-		0x66, 0xE6, 0x87, 0x66, 0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F,
-
-		0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, 0x51, 0x99,	/* b */
-		0xAC, 0xFC, 0x51, 0x06, 0x7E, 0xD5, 0x87, 0xF5, 0x19, 0xC5,
-		0xEC, 0xB5, 0x41, 0xB8, 0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40,
-
-		0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, 0x89, 0x91,	/* x */
-		0x3C, 0xE3, 0x53, 0x0B, 0xFD, 0xE9, 0x03, 0x97, 0x7D, 0x42,
-		0xB1, 0x46, 0xD5, 0x39, 0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92,
-
-		0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, 0xB9, 0x00,	/* y */
-		0x4D, 0xCE, 0x5C, 0x0E, 0xD7, 0xFE, 0x59, 0xA3, 0x56, 0x08,
-		0xF3, 0x38, 0x37, 0xC8, 0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61,
-
-		0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,	/* order */
-		0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xAC, 0x49, 0x12, 0xD2, 0xD9,
-		0xDF, 0x90, 0x3E, 0xF9, 0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 35 * 6];
-}
- _EC_X9_62_CHAR2_272W1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 35, 0xFF06
-	},
-	{			/* no seed */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x0B,
-		0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, 0x4A, 0xB2,	/* a */
-		0xCC, 0xF4, 0x9C, 0x4E, 0xDD, 0x22, 0x0F, 0xB0, 0x28, 0x71,
-		0x2D, 0x42, 0xBE, 0x75, 0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA,
-		0xCD, 0xB5, 0x86, 0xFB, 0x20,
-		0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, 0xCE, 0x7C,	/* b */
-		0x8A, 0xAA, 0xFF, 0x34, 0xE1, 0x2A, 0x9C, 0x55, 0x70, 0x03,
-		0xD7, 0xC7, 0x3A, 0x6F, 0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC,
-		0x84, 0x82, 0xE5, 0x40, 0xF7,
-		0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, 0xF7, 0x87,	/* x */
-		0x05, 0x8A, 0x05, 0x6C, 0xBE, 0x0C, 0xFE, 0x62, 0x2D, 0x77,
-		0x23, 0xA2, 0x89, 0xE0, 0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D,
-		0x10, 0xD1, 0x71, 0xDD, 0x8D,
-		0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, 0xEF, 0x6B,	/* y */
-		0xA7, 0xF6, 0x87, 0x2E, 0x61, 0x42, 0xFB, 0xD2, 0x41, 0xB8,
-		0x30, 0xFF, 0x5E, 0xFC, 0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02,
-		0x00, 0x5D, 0xDE, 0x9D, 0x23,
-		0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, 0xE0, 0xE3,	/* order */
-		0x9E, 0x48, 0x92, 0xDF, 0x6E, 0x31, 0x9C, 0x72, 0xC8, 0x16,
-		0x16, 0x03, 0xFA, 0x45, 0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B,
-		0x8F, 0x1E, 0x62, 0x95, 0x21
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 39 * 6];
-}
- _EC_X9_62_CHAR2_304W1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 39, 0xFE2E
-	},
-	{			/* no seed */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x07,
-		0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, 0xF6, 0x51,	/* a */
-		0xE6, 0xDC, 0xE6, 0x80, 0x20, 0x85, 0x37, 0x7E, 0x5F, 0x88,
-		0x2D, 0x1B, 0x51, 0x0B, 0x44, 0x16, 0x00, 0x74, 0xC1, 0x28,
-		0x80, 0x78, 0x36, 0x5A, 0x03, 0x96, 0xC8, 0xE6, 0x81,
-		0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, 0x90, 0x8E,	/* b */
-		0x43, 0xB0, 0x1C, 0x79, 0x8E, 0xA5, 0xDA, 0xA6, 0x78, 0x8F,
-		0x1E, 0xA2, 0x79, 0x4E, 0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1,
-		0x40, 0x39, 0x60, 0x1E, 0x55, 0x82, 0x73, 0x40, 0xBE,
-		0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, 0xD9, 0x6A,	/* x */
-		0xDB, 0x0F, 0x5F, 0x3C, 0x7F, 0x2C, 0xFF, 0xBD, 0x7A, 0x3E,
-		0xB8, 0xB6, 0xFE, 0xC3, 0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD,
-		0xF6, 0x28, 0x5A, 0x64, 0x4F, 0x74, 0x0A, 0x26, 0x14,
-		0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, 0x71, 0x51,	/* y */
-		0x7E, 0xCF, 0x40, 0x1B, 0x50, 0x28, 0x9B, 0xF0, 0x14, 0x10,
-		0x32, 0x88, 0x52, 0x7A, 0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80,
-		0x26, 0x0B, 0x54, 0x9F, 0xDC, 0x1B, 0x92, 0xC0, 0x3B,
-		0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC,	/* order */
-		0x80, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80,
-		0x01, 0x02, 0x2D, 0x5C, 0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5,
-		0x61, 0xDA, 0x68, 0x99, 0x16, 0x44, 0x43, 0x05, 0x1D
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[20 + 45 * 6];
-}
- _EC_X9_62_CHAR2_359V1 = {
-	{
-		NID_X9_62_characteristic_two_field, 20, 45, 0x4C
-	},
-	{
-		0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76,	/* seed */
-		0x87, 0x56, 0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6,
-
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x01,
-		0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, 0x4F, 0x35,	/* a */
-		0x6E, 0xA9, 0x20, 0x17, 0xD9, 0x46, 0x56, 0x7C, 0x46, 0x67,
-		0x55, 0x56, 0xF1, 0x95, 0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67,
-		0xD2, 0x23, 0xA5, 0xE0, 0x56, 0x56, 0xFB, 0x54, 0x90, 0x16,
-		0xA9, 0x66, 0x56, 0xA5, 0x57,
-		0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, 0x3F, 0x1F,	/* b */
-		0xE7, 0xF5, 0xB6, 0xDB, 0x07, 0x5D, 0x52, 0xB6, 0x94, 0x7D,
-		0x13, 0x5D, 0x8C, 0xA4, 0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34,
-		0x56, 0x26, 0x08, 0x96, 0x87, 0x74, 0x2B, 0x63, 0x29, 0xE7,
-		0x06, 0x80, 0x23, 0x19, 0x88,
-		0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, 0xED, 0xE0,	/* x */
-		0xF1, 0xFD, 0xAA, 0x79, 0xDA, 0xEE, 0x38, 0x41, 0x36, 0x6A,
-		0x13, 0x2E, 0x16, 0x3A, 0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF,
-		0x9C, 0x6B, 0xDC, 0xDE, 0x98, 0xE8, 0xE7, 0x07, 0xC0, 0x7A,
-		0x22, 0x39, 0xB1, 0xB0, 0x97,
-		0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, 0x12, 0x1E,	/* y */
-		0x9C, 0x95, 0xF3, 0x79, 0x1D, 0xD8, 0x04, 0x96, 0x39, 0x48,
-		0xF3, 0x4F, 0xAE, 0x7B, 0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC,
-		0x78, 0x68, 0xFE, 0x57, 0xE4, 0xAE, 0x2D, 0xE2, 0x11, 0x30,
-		0x5A, 0x40, 0x71, 0x04, 0xBD,
-		0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1,	/* order */
-		0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF,
-		0x28, 0x6B, 0xC9, 0xFB, 0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89,
-		0x2C, 0x20, 0xA7, 0xEB, 0x96, 0x4F, 0xE7, 0x71, 0x9E, 0x74,
-		0xF4, 0x90, 0x75, 0x8D, 0x3B
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 47 * 6];
-}
- _EC_X9_62_CHAR2_368W1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 47, 0xFF70
-	},
-	{			/* no seed */
-		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
-		0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, 0xF5, 0xE2,	/* a */
-		0xA4, 0xF9, 0xED, 0x22, 0x9F, 0x1F, 0x25, 0x6E, 0x79, 0xA0,
-		0xE2, 0xB4, 0x55, 0x97, 0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9,
-		0x47, 0x78, 0xC5, 0x76, 0xD6, 0x2F, 0x0A, 0xB7, 0x51, 0x9C,
-		0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D,
-		0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, 0x45, 0x2C,	/* b */
-		0x76, 0x0A, 0x58, 0xED, 0xCD, 0x30, 0xC8, 0xDD, 0x06, 0x9B,
-		0x3C, 0x34, 0x45, 0x38, 0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5,
-		0x49, 0x17, 0xE1, 0xC2, 0x11, 0x2D, 0x84, 0xD1, 0x64, 0xF4,
-		0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A,
-		0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, 0xCC, 0xE3,	/* x */
-		0xC1, 0x55, 0x7A, 0xFA, 0x10, 0xC2, 0xF0, 0xC0, 0xC2, 0x82,
-		0x56, 0x46, 0xC5, 0xB3, 0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B,
-		0xC1, 0x6B, 0x22, 0xE7, 0xE7, 0x89, 0xE9, 0x27, 0xBE, 0x21,
-		0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F,
-		0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, 0xD5, 0xD8,	/* y */
-		0xB2, 0x05, 0x9B, 0x52, 0x57, 0x97, 0xFC, 0x73, 0x82, 0x2C,
-		0x59, 0x05, 0x9C, 0x62, 0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE,
-		0xE8, 0xF8, 0x7C, 0xD1, 0x85, 0x5A, 0xDA, 0xA8, 0x1E, 0x2A,
-		0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10,
-		0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, 0xAF, 0x72,	/* order */
-		0xB0, 0x83, 0x49, 0xD9, 0x8A, 0x5D, 0xD4, 0xC7, 0xB0, 0x53,
-		0x2E, 0xCA, 0x51, 0xCE, 0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A,
-		0xC5, 0x79, 0xBD, 0x87, 0xE9, 0x09, 0xAE, 0x40, 0xA6, 0xF1,
-		0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 54 * 6];
-}
- _EC_X9_62_CHAR2_431R1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 54, 0x2760
-	},
-	{			/* no seed */
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x01,
-		0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, 0x23, 0x4C,	/* a */
-		0xAF, 0x04, 0x6C, 0x6A, 0x5D, 0x8A, 0x85, 0x39, 0x5B, 0x23,
-		0x6C, 0xC4, 0xAD, 0x2C, 0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9,
-		0xDD, 0xF6, 0x20, 0xB0, 0xEB, 0x99, 0x06, 0xD0, 0x95, 0x7F,
-		0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF, 0x10, 0x4D,
-		0xE2, 0x96, 0xCD, 0x8F,
-		0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, 0x15, 0x43,	/* b */
-		0x59, 0xAB, 0xFB, 0x1B, 0x7F, 0x54, 0x85, 0xB0, 0x4C, 0xEB,
-		0x86, 0x82, 0x37, 0xDD, 0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67,
-		0x9A, 0x5A, 0x91, 0x9B, 0x62, 0x6D, 0x4E, 0x50, 0xA8, 0xDD,
-		0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F, 0xB5, 0xD8,
-		0x07, 0xBF, 0x26, 0x18,
-		0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, 0xE1, 0x61,	/* x */
-		0xD2, 0xF4, 0x09, 0x26, 0x22, 0xFE, 0xCA, 0x70, 0x1B, 0xE4,
-		0xF5, 0x0F, 0x47, 0x58, 0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2,
-		0xA6, 0x58, 0xEF, 0x8C, 0x21, 0xE7, 0xC5, 0xEF, 0xE9, 0x65,
-		0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47, 0xB0, 0xDB,
-		0xD7, 0x0C, 0xE6, 0xB7,
-		0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, 0x5F, 0xA2,	/* y */
-		0xC2, 0x55, 0x74, 0x5D, 0x3C, 0x45, 0x1B, 0x30, 0x2C, 0x93,
-		0x46, 0xD9, 0xB7, 0xE4, 0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B,
-		0x59, 0x1F, 0x3E, 0x8F, 0x6A, 0xDD, 0xCB, 0xB0, 0xBC, 0x4C,
-		0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62, 0x5D, 0x6A,
-		0x59, 0x8B, 0x37, 0x60,
-		0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34,	/* order */
-		0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03,
-		0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x23,
-		0xC3, 0x13, 0xFA, 0xB5, 0x05, 0x89, 0x70, 0x3B, 0x5E, 0xC6,
-		0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C, 0xC1, 0x49,
-		0xC1, 0xAD, 0x4A, 0x91
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 15 * 6];
-}
- _EC_WTLS_1 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 15, 2
-	},
-	{			/* no seed */
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x02, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x01,
-		0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, 0xE5, 0xD5,	/* x */
-		0xC2, 0x70, 0x78, 0x06, 0x17,
-		0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, 0x0E, 0x08,	/* y */
-		0x78, 0x5C, 0xEB, 0xCC, 0x15,
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xBF,	/* order */
-		0x91, 0xAF, 0x6D, 0xEA, 0x73
-	}
-};
-
-/* IPSec curves */
-/* NOTE: The of curves over a extension field of non prime degree
- * is not recommended (Weil-descent).
- * As the group order is not a prime this curve is not suitable
- * for ECDSA.
- */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 20 * 6];
-}
- _EC_IPSEC_155_ID3 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 20, 3
-	},
-	{			/* no seed */
-		0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x33, 0x8f,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
-
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* y */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc8,
-
-		0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,	/* order */
-		0xC7, 0xF3, 0xC7, 0x88, 0x1B, 0xD0, 0x86, 0x8F, 0xA8, 0x6C
-	}
-};
-
-/* NOTE: The of curves over a extension field of non prime degree
- * is not recommended (Weil-descent).
- * As the group order is not a prime this curve is not suitable
- * for ECDSA.
- */
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 24 * 6];
-}
- _EC_IPSEC_185_ID4 = {
-	{
-		NID_X9_62_characteristic_two_field, 0, 24, 2
-	},
-	{			/* no seed */
-		0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x01,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x1e, 0xe9,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x18,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* y */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x0d,
-		0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20,
-		0xBA, 0xFC, 0xA7, 0x5E
-	}
-};
-
-#endif
-
-/* These curves were added by Annie Yousar <a.yousar@informatik.hu-berlin.de>
- * For the definition of RFC 5639 curves see
- * https://www.ietf.org/rfc/rfc5639.txt
- * These curves are generated verifiable at random, nevertheless the seed is
- * omitted as parameter because the generation mechanism is different from
- * those defined in ANSI X9.62.
- */
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 20 * 6];
-}
- _EC_brainpoolP160r1 = {
-	{
-		NID_X9_62_prime_field, 0, 20, 1
-	},
-	{			/* no seed */
-		0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF,	/* p */
-		0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
-		0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, 0xE2, 0xBE,	/* a */
-		0x61, 0xBA, 0xDA, 0x74, 0x5D, 0x97, 0xE8, 0xF7, 0xC3, 0x00,
-		0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4F,	/* b */
-		0xAA, 0x2D, 0xBD, 0xEC, 0x95, 0xC8, 0xD8, 0x67, 0x5E, 0x58,
-		0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, 0x62, 0x93,	/* x */
-		0x8C, 0x46, 0x31, 0xEB, 0x5A, 0xF7, 0xBD, 0xBC, 0xDB, 0xC3,
-		0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, 0x38, 0xF9,	/* y */
-		0x47, 0x41, 0x66, 0x9C, 0x97, 0x63, 0x16, 0xDA, 0x63, 0x21,
-		0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF,	/* order */
-		0x59, 0x91, 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 20 * 6];
-}
- _EC_brainpoolP160t1 = {
-	{
-		NID_X9_62_prime_field, 0, 20, 1
-	},
-	{			/* no seed */
-		0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF,	/* p */
-		0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
-		0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF,	/* a */
-		0xC7, 0xAD, 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0C,
-		0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, 0x51, 0xED,	/* b */
-		0x2C, 0x4D, 0x7D, 0xAA, 0x7A, 0x0B, 0x5C, 0x55, 0xF3, 0x80,
-		0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, 0x39, 0x7E,	/* x */
-		0x64, 0xBA, 0xEB, 0x05, 0xAC, 0xC2, 0x65, 0xFF, 0x23, 0x78,
-		0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, 0xF0, 0x99,	/* y */
-		0x1B, 0x84, 0x24, 0x43, 0x77, 0x21, 0x52, 0xC9, 0xE0, 0xAD,
-		0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF,	/* order */
-		0x59, 0x91, 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 24 * 6];
-}
- _EC_brainpoolP192r1 = {
-	{
-		NID_X9_62_prime_field, 0, 24, 1
-	},
-	{			/* no seed */
-		0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3,	/* p */
-		0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D,
-		0xE1, 0xA8, 0x62, 0x97,
-		0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, 0x9C, 0x39,	/* a */
-		0xC0, 0x31, 0xFE, 0x86, 0x85, 0xC1, 0xCA, 0xE0, 0x40, 0xE5,
-		0xC6, 0x9A, 0x28, 0xEF,
-		0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, 0xDC, 0x72,	/* b */
-		0x1D, 0x04, 0x4F, 0x44, 0x96, 0xBC, 0xCA, 0x7E, 0xF4, 0x14,
-		0x6F, 0xBF, 0x25, 0xC9,
-		0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, 0x53, 0xB0,	/* x */
-		0x33, 0xC5, 0x6C, 0xB0, 0xF0, 0x90, 0x0A, 0x2F, 0x5C, 0x48,
-		0x53, 0x37, 0x5F, 0xD6,
-		0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, 0x8B, 0x5F,	/* y */
-		0x48, 0x28, 0xC1, 0x49, 0x00, 0x02, 0xE6, 0x77, 0x3F, 0xA2,
-		0xFA, 0x29, 0x9B, 0x8F,
-		0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3,	/* order */
-		0x46, 0x2F, 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02,
-		0x9A, 0xC4, 0xAC, 0xC1
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 24 * 6];
-}
- _EC_brainpoolP192t1 = {
-	{
-		NID_X9_62_prime_field, 0, 24, 1
-	},
-	{			/* no seed */
-		0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3,	/* p */
-		0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D,
-		0xE1, 0xA8, 0x62, 0x97,
-		0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3,	/* a */
-		0x46, 0x30, 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D,
-		0xE1, 0xA8, 0x62, 0x94,
-		0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, 0x68, 0xF9,	/* b */
-		0xDE, 0xB4, 0x3B, 0x35, 0xBE, 0xC2, 0xFB, 0x68, 0x54, 0x2E,
-		0x27, 0x89, 0x7B, 0x79,
-		0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, 0x28, 0x2E,	/* x */
-		0x1F, 0xE7, 0xBB, 0xF4, 0x3F, 0xA7, 0x2C, 0x44, 0x6A, 0xF6,
-		0xF4, 0x61, 0x81, 0x29,
-		0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, 0x90, 0x2A,	/* y */
-		0xB5, 0xCA, 0x44, 0x9D, 0x00, 0x84, 0xB7, 0xE5, 0xB3, 0xDE,
-		0x7C, 0xCC, 0x01, 0xC9,
-		0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3,	/* order */
-		0x46, 0x2F, 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02,
-		0x9A, 0xC4, 0xAC, 0xC1
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 28 * 6];
-}
- _EC_brainpoolP224r1 = {
-	{
-		NID_X9_62_prime_field, 0, 28, 1
-	},
-	{			/* no seed */
-		0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18,	/* p */
-		0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57,
-		0x97, 0xDA, 0x89, 0xF5, 0x7E, 0xC8, 0xC0, 0xFF,
-		0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, 0x29, 0x98,	/* a */
-		0x03, 0xA6, 0xC1, 0x53, 0x0B, 0x51, 0x4E, 0x18, 0x2A, 0xD8,
-		0xB0, 0x04, 0x2A, 0x59, 0xCA, 0xD2, 0x9F, 0x43,
-		0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, 0x87, 0x07,	/* b */
-		0x13, 0xB1, 0xA9, 0x23, 0x69, 0xE3, 0x3E, 0x21, 0x35, 0xD2,
-		0x66, 0xDB, 0xB3, 0x72, 0x38, 0x6C, 0x40, 0x0B,
-		0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, 0x34, 0x08,	/* x */
-		0x23, 0xB2, 0xA8, 0x7D, 0xC6, 0x8C, 0x9E, 0x4C, 0xE3, 0x17,
-		0x4C, 0x1E, 0x6E, 0xFD, 0xEE, 0x12, 0xC0, 0x7D,
-		0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, 0x24, 0xC6,	/* y */
-		0xB8, 0x9E, 0x4E, 0xCD, 0xAC, 0x24, 0x35, 0x4B, 0x9E, 0x99,
-		0xCA, 0xA3, 0xF6, 0xD3, 0x76, 0x14, 0x02, 0xCD,
-		0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18,	/* order */
-		0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B,
-		0x6D, 0xDE, 0xBC, 0xA3, 0xA5, 0xA7, 0x93, 0x9F
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 28 * 6];
-}
- _EC_brainpoolP224t1 = {
-	{
-		NID_X9_62_prime_field, 0, 28, 1
-	},
-	{			/* no seed */
-		0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18,	/* p */
-		0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57,
-		0x97, 0xDA, 0x89, 0xF5, 0x7E, 0xC8, 0xC0, 0xFF,
-		0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18,	/* a */
-		0x30, 0x25, 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57,
-		0x97, 0xDA, 0x89, 0xF5, 0x7E, 0xC8, 0xC0, 0xFC,
-		0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, 0xEF, 0x27,	/* b */
-		0x1B, 0xF6, 0x0C, 0xED, 0x1E, 0xD2, 0x0D, 0xA1, 0x4C, 0x08,
-		0xB3, 0xBB, 0x64, 0xF1, 0x8A, 0x60, 0x88, 0x8D,
-		0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, 0x96, 0x42,	/* x */
-		0x4E, 0x7F, 0xFE, 0x14, 0x76, 0x2E, 0xCB, 0x49, 0xF8, 0x92,
-		0x8A, 0xC0, 0xC7, 0x60, 0x29, 0xB4, 0xD5, 0x80,
-		0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, 0xD2, 0x3F,	/* y */
-		0x3F, 0x4D, 0x7C, 0x0D, 0x4B, 0x1E, 0x41, 0xC8, 0xCC, 0x0D,
-		0x1C, 0x6A, 0xBD, 0x5F, 0x1A, 0x46, 0xDB, 0x4C,
-		0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18,	/* order */
-		0x30, 0x25, 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B,
-		0x6D, 0xDE, 0xBC, 0xA3, 0xA5, 0xA7, 0x93, 0x9F
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_brainpoolP256r1 = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66,	/* p */
-		0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23,
-		0xD5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E,
-		0x53, 0x77,
-		0x7D, 0x5A, 0x09, 0x75, 0xFC, 0x2C, 0x30, 0x57, 0xEE, 0xF6,	/* a */
-		0x75, 0x30, 0x41, 0x7A, 0xFF, 0xE7, 0xFB, 0x80, 0x55, 0xC1,
-		0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30,
-		0xB5, 0xD9,
-		0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30,	/* b */
-		0xB5, 0xD9, 0xBB, 0xD7, 0x7C, 0xBF, 0x95, 0x84, 0x16, 0x29,
-		0x5C, 0xF7, 0xE1, 0xCE, 0x6B, 0xCC, 0xDC, 0x18, 0xFF, 0x8C,
-		0x07, 0xB6,
-		0x8B, 0xD2, 0xAE, 0xB9, 0xCB, 0x7E, 0x57, 0xCB, 0x2C, 0x4B,	/* x */
-		0x48, 0x2F, 0xFC, 0x81, 0xB7, 0xAF, 0xB9, 0xDE, 0x27, 0xE1,
-		0xE3, 0xBD, 0x23, 0xC2, 0x3A, 0x44, 0x53, 0xBD, 0x9A, 0xCE,
-		0x32, 0x62,
-		0x54, 0x7E, 0xF8, 0x35, 0xC3, 0xDA, 0xC4, 0xFD, 0x97, 0xF8,	/* y */
-		0x46, 0x1A, 0x14, 0x61, 0x1D, 0xC9, 0xC2, 0x77, 0x45, 0x13,
-		0x2D, 0xED, 0x8E, 0x54, 0x5C, 0x1D, 0x54, 0xC7, 0x2F, 0x04,
-		0x69, 0x97,
-		0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66,	/* order */
-		0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3,
-		0xB5, 0x61, 0xA6, 0xF7, 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48,
-		0x56, 0xA7
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_brainpoolP256t1 = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66,	/* p */
-		0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23,
-		0xD5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E,
-		0x53, 0x77,
-		0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66,	/* a */
-		0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23,
-		0xD5, 0x26, 0x20, 0x28, 0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E,
-		0x53, 0x74,
-		0x66, 0x2C, 0x61, 0xC4, 0x30, 0xD8, 0x4E, 0xA4, 0xFE, 0x66,	/* b */
-		0xA7, 0x73, 0x3D, 0x0B, 0x76, 0xB7, 0xBF, 0x93, 0xEB, 0xC4,
-		0xAF, 0x2F, 0x49, 0x25, 0x6A, 0xE5, 0x81, 0x01, 0xFE, 0xE9,
-		0x2B, 0x04,
-		0xA3, 0xE8, 0xEB, 0x3C, 0xC1, 0xCF, 0xE7, 0xB7, 0x73, 0x22,	/* x */
-		0x13, 0xB2, 0x3A, 0x65, 0x61, 0x49, 0xAF, 0xA1, 0x42, 0xC4,
-		0x7A, 0xAF, 0xBC, 0x2B, 0x79, 0xA1, 0x91, 0x56, 0x2E, 0x13,
-		0x05, 0xF4,
-		0x2D, 0x99, 0x6C, 0x82, 0x34, 0x39, 0xC5, 0x6D, 0x7F, 0x7B,	/* y */
-		0x22, 0xE1, 0x46, 0x44, 0x41, 0x7E, 0x69, 0xBC, 0xB6, 0xDE,
-		0x39, 0xD0, 0x27, 0x00, 0x1D, 0xAB, 0xE8, 0xF3, 0x5B, 0x25,
-		0xC9, 0xBE,
-		0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66,	/* order */
-		0x0A, 0x90, 0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3,
-		0xB5, 0x61, 0xA6, 0xF7, 0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48,
-		0x56, 0xA7
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 40 * 6];
-}
- _EC_brainpoolP320r1 = {
-	{
-		NID_X9_62_prime_field, 0, 40, 1
-	},
-	{			/* no seed */
-		0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C,	/* p */
-		0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6,
-		0xF6, 0xF4, 0x0D, 0xEF, 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93,
-		0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x27,
-		0x3E, 0xE3, 0x0B, 0x56, 0x8F, 0xBA, 0xB0, 0xF8, 0x83, 0xCC,	/* a */
-		0xEB, 0xD4, 0x6D, 0x3F, 0x3B, 0xB8, 0xA2, 0xA7, 0x35, 0x13,
-		0xF5, 0xEB, 0x79, 0xDA, 0x66, 0x19, 0x0E, 0xB0, 0x85, 0xFF,
-		0xA9, 0xF4, 0x92, 0xF3, 0x75, 0xA9, 0x7D, 0x86, 0x0E, 0xB4,
-		0x52, 0x08, 0x83, 0x94, 0x9D, 0xFD, 0xBC, 0x42, 0xD3, 0xAD,	/* b */
-		0x19, 0x86, 0x40, 0x68, 0x8A, 0x6F, 0xE1, 0x3F, 0x41, 0x34,
-		0x95, 0x54, 0xB4, 0x9A, 0xCC, 0x31, 0xDC, 0xCD, 0x88, 0x45,
-		0x39, 0x81, 0x6F, 0x5E, 0xB4, 0xAC, 0x8F, 0xB1, 0xF1, 0xA6,
-		0x43, 0xBD, 0x7E, 0x9A, 0xFB, 0x53, 0xD8, 0xB8, 0x52, 0x89,	/* x */
-		0xBC, 0xC4, 0x8E, 0xE5, 0xBF, 0xE6, 0xF2, 0x01, 0x37, 0xD1,
-		0x0A, 0x08, 0x7E, 0xB6, 0xE7, 0x87, 0x1E, 0x2A, 0x10, 0xA5,
-		0x99, 0xC7, 0x10, 0xAF, 0x8D, 0x0D, 0x39, 0xE2, 0x06, 0x11,
-		0x14, 0xFD, 0xD0, 0x55, 0x45, 0xEC, 0x1C, 0xC8, 0xAB, 0x40,	/* y */
-		0x93, 0x24, 0x7F, 0x77, 0x27, 0x5E, 0x07, 0x43, 0xFF, 0xED,
-		0x11, 0x71, 0x82, 0xEA, 0xA9, 0xC7, 0x78, 0x77, 0xAA, 0xAC,
-		0x6A, 0xC7, 0xD3, 0x52, 0x45, 0xD1, 0x69, 0x2E, 0x8E, 0xE1,
-		0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C,	/* order */
-		0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5,
-		0xB6, 0x8F, 0x12, 0xA3, 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86,
-		0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B, 0x44, 0xC5, 0x93, 0x11
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 40 * 6];
-}
- _EC_brainpoolP320t1 = {
-	{
-		NID_X9_62_prime_field, 0, 40, 1
-	},
-	{			/* no seed */
-		0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C,	/* p */
-		0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6,
-		0xF6, 0xF4, 0x0D, 0xEF, 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93,
-		0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x27,
-		0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C,	/* a */
-		0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6,
-		0xF6, 0xF4, 0x0D, 0xEF, 0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93,
-		0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1, 0xF1, 0xB3, 0x2E, 0x24,
-		0xA7, 0xF5, 0x61, 0xE0, 0x38, 0xEB, 0x1E, 0xD5, 0x60, 0xB3,	/* b */
-		0xD1, 0x47, 0xDB, 0x78, 0x20, 0x13, 0x06, 0x4C, 0x19, 0xF2,
-		0x7E, 0xD2, 0x7C, 0x67, 0x80, 0xAA, 0xF7, 0x7F, 0xB8, 0xA5,
-		0x47, 0xCE, 0xB5, 0xB4, 0xFE, 0xF4, 0x22, 0x34, 0x03, 0x53,
-		0x92, 0x5B, 0xE9, 0xFB, 0x01, 0xAF, 0xC6, 0xFB, 0x4D, 0x3E,	/* x */
-		0x7D, 0x49, 0x90, 0x01, 0x0F, 0x81, 0x34, 0x08, 0xAB, 0x10,
-		0x6C, 0x4F, 0x09, 0xCB, 0x7E, 0xE0, 0x78, 0x68, 0xCC, 0x13,
-		0x6F, 0xFF, 0x33, 0x57, 0xF6, 0x24, 0xA2, 0x1B, 0xED, 0x52,
-		0x63, 0xBA, 0x3A, 0x7A, 0x27, 0x48, 0x3E, 0xBF, 0x66, 0x71,	/* y */
-		0xDB, 0xEF, 0x7A, 0xBB, 0x30, 0xEB, 0xEE, 0x08, 0x4E, 0x58,
-		0xA0, 0xB0, 0x77, 0xAD, 0x42, 0xA5, 0xA0, 0x98, 0x9D, 0x1E,
-		0xE7, 0x1B, 0x1B, 0x9B, 0xC0, 0x45, 0x5F, 0xB0, 0xD2, 0xC3,
-		0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C,	/* order */
-		0x78, 0x5E, 0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5,
-		0xB6, 0x8F, 0x12, 0xA3, 0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86,
-		0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B, 0x44, 0xC5, 0x93, 0x11
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 48 * 6];
-}
- _EC_brainpoolP384r1 = {
-	{
-		NID_X9_62_prime_field, 0, 48, 1
-	},
-	{			/* no seed */
-		0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D,	/* p */
-		0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09,
-		0xED, 0x54, 0x56, 0xB4, 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7,
-		0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71,
-		0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
-		0x7B, 0xC3, 0x82, 0xC6, 0x3D, 0x8C, 0x15, 0x0C, 0x3C, 0x72,	/* a */
-		0x08, 0x0A, 0xCE, 0x05, 0xAF, 0xA0, 0xC2, 0xBE, 0xA2, 0x8E,
-		0x4F, 0xB2, 0x27, 0x87, 0x13, 0x91, 0x65, 0xEF, 0xBA, 0x91,
-		0xF9, 0x0F, 0x8A, 0xA5, 0x81, 0x4A, 0x50, 0x3A, 0xD4, 0xEB,
-		0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26,
-		0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, 0x8B, 0x39,	/* b */
-		0xB5, 0x54, 0x16, 0xF0, 0x44, 0x7C, 0x2F, 0xB7, 0x7D, 0xE1,
-		0x07, 0xDC, 0xD2, 0xA6, 0x2E, 0x88, 0x0E, 0xA5, 0x3E, 0xEB,
-		0x62, 0xD5, 0x7C, 0xB4, 0x39, 0x02, 0x95, 0xDB, 0xC9, 0x94,
-		0x3A, 0xB7, 0x86, 0x96, 0xFA, 0x50, 0x4C, 0x11,
-		0x1D, 0x1C, 0x64, 0xF0, 0x68, 0xCF, 0x45, 0xFF, 0xA2, 0xA6,	/* x */
-		0x3A, 0x81, 0xB7, 0xC1, 0x3F, 0x6B, 0x88, 0x47, 0xA3, 0xE7,
-		0x7E, 0xF1, 0x4F, 0xE3, 0xDB, 0x7F, 0xCA, 0xFE, 0x0C, 0xBD,
-		0x10, 0xE8, 0xE8, 0x26, 0xE0, 0x34, 0x36, 0xD6, 0x46, 0xAA,
-		0xEF, 0x87, 0xB2, 0xE2, 0x47, 0xD4, 0xAF, 0x1E,
-		0x8A, 0xBE, 0x1D, 0x75, 0x20, 0xF9, 0xC2, 0xA4, 0x5C, 0xB1,	/* y */
-		0xEB, 0x8E, 0x95, 0xCF, 0xD5, 0x52, 0x62, 0xB7, 0x0B, 0x29,
-		0xFE, 0xEC, 0x58, 0x64, 0xE1, 0x9C, 0x05, 0x4F, 0xF9, 0x91,
-		0x29, 0x28, 0x0E, 0x46, 0x46, 0x21, 0x77, 0x91, 0x81, 0x11,
-		0x42, 0x82, 0x03, 0x41, 0x26, 0x3C, 0x53, 0x15,
-		0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D,	/* order */
-		0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09,
-		0xED, 0x54, 0x56, 0xB3, 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04,
-		0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF, 0x6B, 0x7F, 0xC3, 0x10,
-		0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 48 * 6];
-}
- _EC_brainpoolP384t1 = {
-	{
-		NID_X9_62_prime_field, 0, 48, 1
-	},
-	{			/* no seed */
-		0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D,	/* p */
-		0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09,
-		0xED, 0x54, 0x56, 0xB4, 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7,
-		0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71,
-		0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
-		0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D,	/* a */
-		0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09,
-		0xED, 0x54, 0x56, 0xB4, 0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7,
-		0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29, 0x90, 0x1D, 0x1A, 0x71,
-		0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x50,
-		0x7F, 0x51, 0x9E, 0xAD, 0xA7, 0xBD, 0xA8, 0x1B, 0xD8, 0x26,	/* b */
-		0xDB, 0xA6, 0x47, 0x91, 0x0F, 0x8C, 0x4B, 0x93, 0x46, 0xED,
-		0x8C, 0xCD, 0xC6, 0x4E, 0x4B, 0x1A, 0xBD, 0x11, 0x75, 0x6D,
-		0xCE, 0x1D, 0x20, 0x74, 0xAA, 0x26, 0x3B, 0x88, 0x80, 0x5C,
-		0xED, 0x70, 0x35, 0x5A, 0x33, 0xB4, 0x71, 0xEE,
-		0x18, 0xDE, 0x98, 0xB0, 0x2D, 0xB9, 0xA3, 0x06, 0xF2, 0xAF,	/* x */
-		0xCD, 0x72, 0x35, 0xF7, 0x2A, 0x81, 0x9B, 0x80, 0xAB, 0x12,
-		0xEB, 0xD6, 0x53, 0x17, 0x24, 0x76, 0xFE, 0xCD, 0x46, 0x2A,
-		0xAB, 0xFF, 0xC4, 0xFF, 0x19, 0x1B, 0x94, 0x6A, 0x5F, 0x54,
-		0xD8, 0xD0, 0xAA, 0x2F, 0x41, 0x88, 0x08, 0xCC,
-		0x25, 0xAB, 0x05, 0x69, 0x62, 0xD3, 0x06, 0x51, 0xA1, 0x14,	/* y */
-		0xAF, 0xD2, 0x75, 0x5A, 0xD3, 0x36, 0x74, 0x7F, 0x93, 0x47,
-		0x5B, 0x7A, 0x1F, 0xCA, 0x3B, 0x88, 0xF2, 0xB6, 0xA2, 0x08,
-		0xCC, 0xFE, 0x46, 0x94, 0x08, 0x58, 0x4D, 0xC2, 0xB2, 0x91,
-		0x26, 0x75, 0xBF, 0x5B, 0x9E, 0x58, 0x29, 0x28,
-		0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D,	/* order */
-		0x6F, 0x7E, 0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09,
-		0xED, 0x54, 0x56, 0xB3, 0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04,
-		0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF, 0x6B, 0x7F, 0xC3, 0x10,
-		0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 64 * 6];
-}
- _EC_brainpoolP512r1 = {
-	{
-		NID_X9_62_prime_field, 0, 64, 1
-	},
-	{			/* no seed */
-		0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4,	/* p */
-		0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3,
-		0xB3, 0xC9, 0xD2, 0x0E, 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33,
-		0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42,
-		0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, 0x28, 0x81,
-		0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-		0x58, 0x3A, 0x48, 0xF3,
-		0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89, 0xE2, 0x32,	/* a */
-		0x71, 0x45, 0xAC, 0x23, 0x4C, 0xC5, 0x94, 0xCB, 0xDD, 0x8D,
-		0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98,
-		0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1,
-		0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11,
-		0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D,
-		0x77, 0xFC, 0x94, 0xCA,
-		0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98,	/* b */
-		0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1,
-		0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11,
-		0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D,
-		0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67, 0x98, 0x40,
-		0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD, 0x28, 0x09, 0xBD, 0x63,
-		0x80, 0x16, 0xF7, 0x23,
-		0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64, 0x5A, 0x21,	/* x */
-		0x32, 0x2E, 0x9C, 0x4C, 0x6A, 0x93, 0x85, 0xED, 0x9F, 0x70,
-		0xB5, 0xD9, 0x16, 0xC1, 0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0,
-		0x09, 0x8E, 0xFF, 0x3B, 0x1F, 0x78, 0xE2, 0xD0, 0xD4, 0x8D,
-		0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F, 0x7C, 0x6D,
-		0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68, 0x8B, 0x35, 0x22, 0x09,
-		0xBC, 0xB9, 0xF8, 0x22,
-		0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC, 0xC0, 0xEA,	/* y */
-		0xBF, 0xA9, 0xCF, 0x78, 0x22, 0xFD, 0xF2, 0x09, 0xF7, 0x00,
-		0x24, 0xA5, 0x7B, 0x1A, 0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F,
-		0x81, 0x11, 0xB2, 0xDC, 0xDE, 0x49, 0x4A, 0x5F, 0x48, 0x5E,
-		0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE, 0xD1, 0xCA,
-		0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06, 0x78, 0xCD, 0x1E, 0x0F,
-		0x3A, 0xD8, 0x08, 0x92,
-		0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4,	/* order */
-		0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3,
-		0xB3, 0xC9, 0xD2, 0x0E, 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33,
-		0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19,
-		0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, 0x1D, 0xB1,
-		0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
-		0x9C, 0xA9, 0x00, 0x69
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 64 * 6];
-}
- _EC_brainpoolP512t1 = {
-	{
-		NID_X9_62_prime_field, 0, 64, 1
-	},
-	{			/* no seed */
-		0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4,	/* p */
-		0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3,
-		0xB3, 0xC9, 0xD2, 0x0E, 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33,
-		0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42,
-		0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, 0x28, 0x81,
-		0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-		0x58, 0x3A, 0x48, 0xF3,
-		0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4,	/* a */
-		0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3,
-		0xB3, 0xC9, 0xD2, 0x0E, 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33,
-		0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00, 0x9B, 0xC6, 0x68, 0x42,
-		0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6, 0x28, 0x81,
-		0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
-		0x58, 0x3A, 0x48, 0xF0,
-		0x7C, 0xBB, 0xBC, 0xF9, 0x44, 0x1C, 0xFA, 0xB7, 0x6E, 0x18,	/* b */
-		0x90, 0xE4, 0x68, 0x84, 0xEA, 0xE3, 0x21, 0xF7, 0x0C, 0x0B,
-		0xCB, 0x49, 0x81, 0x52, 0x78, 0x97, 0x50, 0x4B, 0xEC, 0x3E,
-		0x36, 0xA6, 0x2B, 0xCD, 0xFA, 0x23, 0x04, 0x97, 0x65, 0x40,
-		0xF6, 0x45, 0x00, 0x85, 0xF2, 0xDA, 0xE1, 0x45, 0xC2, 0x25,
-		0x53, 0xB4, 0x65, 0x76, 0x36, 0x89, 0x18, 0x0E, 0xA2, 0x57,
-		0x18, 0x67, 0x42, 0x3E,
-		0x64, 0x0E, 0xCE, 0x5C, 0x12, 0x78, 0x87, 0x17, 0xB9, 0xC1,	/* x */
-		0xBA, 0x06, 0xCB, 0xC2, 0xA6, 0xFE, 0xBA, 0x85, 0x84, 0x24,
-		0x58, 0xC5, 0x6D, 0xDE, 0x9D, 0xB1, 0x75, 0x8D, 0x39, 0xC0,
-		0x31, 0x3D, 0x82, 0xBA, 0x51, 0x73, 0x5C, 0xDB, 0x3E, 0xA4,
-		0x99, 0xAA, 0x77, 0xA7, 0xD6, 0x94, 0x3A, 0x64, 0xF7, 0xA3,
-		0xF2, 0x5F, 0xE2, 0x6F, 0x06, 0xB5, 0x1B, 0xAA, 0x26, 0x96,
-		0xFA, 0x90, 0x35, 0xDA,
-		0x5B, 0x53, 0x4B, 0xD5, 0x95, 0xF5, 0xAF, 0x0F, 0xA2, 0xC8,	/* y */
-		0x92, 0x37, 0x6C, 0x84, 0xAC, 0xE1, 0xBB, 0x4E, 0x30, 0x19,
-		0xB7, 0x16, 0x34, 0xC0, 0x11, 0x31, 0x15, 0x9C, 0xAE, 0x03,
-		0xCE, 0xE9, 0xD9, 0x93, 0x21, 0x84, 0xBE, 0xEF, 0x21, 0x6B,
-		0xD7, 0x1D, 0xF2, 0xDA, 0xDF, 0x86, 0xA6, 0x27, 0x30, 0x6E,
-		0xCF, 0xF9, 0x6D, 0xBB, 0x8B, 0xAC, 0xE1, 0x98, 0xB6, 0x1E,
-		0x00, 0xF8, 0xB3, 0x32,
-		0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4,	/* order */
-		0xE6, 0xAE, 0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3,
-		0xB3, 0xC9, 0xD2, 0x0E, 0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33,
-		0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41, 0x4C, 0xA9, 0x26, 0x19,
-		0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47, 0x1D, 0xB1,
-		0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
-		0x9C, 0xA9, 0x00, 0x69
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_FRP256v1 = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0xF1, 0xFD, 0x17, 0x8C, 0x0B, 0x3A, 0xD5, 0x8F, 0x10, 0x12,	/* p */
-		0x6D, 0xE8, 0xCE, 0x42, 0x43, 0x5B, 0x39, 0x61, 0xAD, 0xBC,
-		0xAB, 0xC8, 0xCA, 0x6D, 0xE8, 0xFC, 0xF3, 0x53, 0xD8, 0x6E,
-		0x9C, 0x03,
-		0xF1, 0xFD, 0x17, 0x8C, 0x0B, 0x3A, 0xD5, 0x8F, 0x10, 0x12,	/* a */
-		0x6D, 0xE8, 0xCE, 0x42, 0x43, 0x5B, 0x39, 0x61, 0xAD, 0xBC,
-		0xAB, 0xC8, 0xCA, 0x6D, 0xE8, 0xFC, 0xF3, 0x53, 0xD8, 0x6E,
-		0x9C, 0x00,
-		0xEE, 0x35, 0x3F, 0xCA, 0x54, 0x28, 0xA9, 0x30, 0x0D, 0x4A,	/* b */
-		0xBA, 0x75, 0x4A, 0x44, 0xC0, 0x0F, 0xDF, 0xEC, 0x0C, 0x9A,
-		0xE4, 0xB1, 0xA1, 0x80, 0x30, 0x75, 0xED, 0x96, 0x7B, 0x7B,
-		0xB7, 0x3F,
-		0xB6, 0xB3, 0xD4, 0xC3, 0x56, 0xC1, 0x39, 0xEB, 0x31, 0x18,	/* x */
-		0x3D, 0x47, 0x49, 0xD4, 0x23, 0x95, 0x8C, 0x27, 0xD2, 0xDC,
-		0xAF, 0x98, 0xB7, 0x01, 0x64, 0xC9, 0x7A, 0x2D, 0xD9, 0x8F,
-		0x5C, 0xFF,
-		0x61, 0x42, 0xE0, 0xF7, 0xC8, 0xB2, 0x04, 0x91, 0x1F, 0x92,	/* y */
-		0x71, 0xF0, 0xF3, 0xEC, 0xEF, 0x8C, 0x27, 0x01, 0xC3, 0x07,
-		0xE8, 0xE4, 0xC9, 0xE1, 0x83, 0x11, 0x5A, 0x15, 0x54, 0x06,
-		0x2C, 0xFB,
-		0xF1, 0xFD, 0x17, 0x8C, 0x0B, 0x3A, 0xD5, 0x8F, 0x10, 0x12,	/* order */
-		0x6D, 0xE8, 0xCE, 0x42, 0x43, 0x5B, 0x53, 0xDC, 0x67, 0xE1,
-		0x40, 0xD2, 0xBF, 0x94, 0x1F, 0xFD, 0xD4, 0x59, 0xC6, 0xD6,
-		0x55, 0xE1
-	}
-};
-
-#ifndef OPENSSL_NO_GOST
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_GOST_2001_Test = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x04, 0x31,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x07,
-		0x5F, 0xBF, 0xF4, 0x98, 0xAA, 0x93, 0x8C, 0xE7, 0x39, 0xB8,	/* b */
-		0xE0, 0x22, 0xFB, 0xAF, 0xEF, 0x40, 0x56, 0x3F, 0x6E, 0x6A,
-		0x34, 0x72, 0xFC, 0x2A, 0x51, 0x4C, 0x0C, 0xE9, 0xDA, 0xE2,
-		0x3B, 0x7E,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x02,
-		0x08, 0xE2, 0xA8, 0xA0, 0xE6, 0x51, 0x47, 0xD4, 0xBD, 0x63,	/* y */
-		0x16, 0x03, 0x0E, 0x16, 0xD1, 0x9C, 0x85, 0xC9, 0x7F, 0x0A,
-		0x9C, 0xA2, 0x67, 0x12, 0x2B, 0x96, 0xAB, 0xBC, 0xEA, 0x7E,
-		0x8F, 0xC8,
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x50, 0xFE, 0x8A, 0x18,
-		0x92, 0x97, 0x61, 0x54, 0xC5, 0x9C, 0xFC, 0x19, 0x3A, 0xCC,
-		0xF5, 0xB3,
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_GOST_2001_CryptoPro_A = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* p */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFD, 0x97,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* a */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-		0xFD, 0x94,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0xA6,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x8D, 0x91, 0xE4, 0x71, 0xE0, 0x98, 0x9C, 0xDA, 0x27, 0xDF,	/* y */
-		0x50, 0x5A, 0x45, 0x3F, 0x2B, 0x76, 0x35, 0x29, 0x4F, 0x2D,
-		0xDF, 0x23, 0xE3, 0xB1, 0x22, 0xAC, 0xC9, 0x9C, 0x9E, 0x9F,
-		0x1E, 0x14,
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,	/* order */
-		0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x6C, 0x61, 0x10, 0x70,
-		0x99, 0x5A, 0xD1, 0x00, 0x45, 0x84, 0x1B, 0x09, 0xB7, 0x61,
-		0xB8, 0x93,
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_GOST_2001_CryptoPro_B = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x0C, 0x99,
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x0C, 0x96,
-		0x3E, 0x1A, 0xF4, 0x19, 0xA2, 0x69, 0xA5, 0xF8, 0x66, 0xA7,	/* b */
-		0xD3, 0xC2, 0x5C, 0x3D, 0xF8, 0x0A, 0xE9, 0x79, 0x25, 0x93,
-		0x73, 0xFF, 0x2B, 0x18, 0x2F, 0x49, 0xD4, 0xCE, 0x7E, 0x1B,
-		0xBC, 0x8B,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01,
-		0x3F, 0xA8, 0x12, 0x43, 0x59, 0xF9, 0x66, 0x80, 0xB8, 0x3D,	/* y */
-		0x1C, 0x3E, 0xB2, 0xC0, 0x70, 0xE5, 0xC5, 0x45, 0xC9, 0x85,
-		0x8D, 0x03, 0xEC, 0xFB, 0x74, 0x4B, 0xF8, 0xD7, 0x17, 0x71,
-		0x7E, 0xFC,
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x5F, 0x70, 0x0C, 0xFF,
-		0xF1, 0xA6, 0x24, 0xE5, 0xE4, 0x97, 0x16, 0x1B, 0xCC, 0x8A,
-		0x19, 0x8F,
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 32 * 6];
-}
- _EC_GOST_2001_CryptoPro_C = {
-	{
-		NID_X9_62_prime_field, 0, 32, 1
-	},
-	{			/* no seed */
-		0x9B, 0x9F, 0x60, 0x5F, 0x5A, 0x85, 0x81, 0x07, 0xAB, 0x1E,	/* p */
-		0xC8, 0x5E, 0x6B, 0x41, 0xC8, 0xAA, 0xCF, 0x84, 0x6E, 0x86,
-		0x78, 0x90, 0x51, 0xD3, 0x79, 0x98, 0xF7, 0xB9, 0x02, 0x2D,
-		0x75, 0x9B,
-		0x9B, 0x9F, 0x60, 0x5F, 0x5A, 0x85, 0x81, 0x07, 0xAB, 0x1E,	/* a */
-		0xC8, 0x5E, 0x6B, 0x41, 0xC8, 0xAA, 0xCF, 0x84, 0x6E, 0x86,
-		0x78, 0x90, 0x51, 0xD3, 0x79, 0x98, 0xF7, 0xB9, 0x02, 0x2D,
-		0x75, 0x98,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* b */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x80, 0x5A,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00,
-		0x41, 0xEC, 0xE5, 0x57, 0x43, 0x71, 0x1A, 0x8C, 0x3C, 0xBF,	/* y */
-		0x37, 0x83, 0xCD, 0x08, 0xC0, 0xEE, 0x4D, 0x4D, 0xC4, 0x40,
-		0xD4, 0x64, 0x1A, 0x8F, 0x36, 0x6E, 0x55, 0x0D, 0xFD, 0xB3,
-		0xBB, 0x67,
-		0x9B, 0x9F, 0x60, 0x5F, 0x5A, 0x85, 0x81, 0x07, 0xAB, 0x1E,	/* order */
-		0xC8, 0x5E, 0x6B, 0x41, 0xC8, 0xAA, 0x58, 0x2C, 0xA3, 0x51,
-		0x1E, 0xDD, 0xFB, 0x74, 0xF0, 0x2F, 0x3A, 0x65, 0x98, 0x98,
-		0x0B, 0xB9,
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 64 * 6];
-}
- _EC_GOST_2012_TC26_A = {
-	{
-		NID_X9_62_prime_field, 0, 64, 1
-	},
-	{			/* no seed */
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,	/* p */
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xfd, 0xc7,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,	/* a */
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xfd, 0xc4,
-		0xe8, 0xc2, 0x50, 0x5d, 0xed, 0xfc, 0x86, 0xdd, 0xc1, 0xbd,	/* b */
-		0x0b, 0x2b, 0x66, 0x67, 0xf1, 0xda, 0x34, 0xb8, 0x25, 0x74,
-		0x76, 0x1c, 0xb0, 0xe8, 0x79, 0xbd, 0x08, 0x1c, 0xfd, 0x0b,
-		0x62, 0x65, 0xee, 0x3c, 0xb0, 0x90, 0xf3, 0x0d, 0x27, 0x61,
-		0x4c, 0xb4, 0x57, 0x40, 0x10, 0xda, 0x90, 0xdd, 0x86, 0x2e,
-		0xf9, 0xd4, 0xeb, 0xee, 0x47, 0x61, 0x50, 0x31, 0x90, 0x78,
-		0x5a, 0x71, 0xc7, 0x60,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x03,
-		0x75, 0x03, 0xcf, 0xe8, 0x7a, 0x83, 0x6a, 0xe3, 0xa6, 0x1b,	/* y */
-		0x88, 0x16, 0xe2, 0x54, 0x50, 0xe6, 0xce, 0x5e, 0x1c, 0x93,
-		0xac, 0xf1, 0xab, 0xc1, 0x77, 0x80, 0x64, 0xfd, 0xcb, 0xef,
-		0xa9, 0x21, 0xdf, 0x16, 0x26, 0xbe, 0x4f, 0xd0, 0x36, 0xe9,
-		0x3d, 0x75, 0xe6, 0xa5, 0x0e, 0x3a, 0x41, 0xe9, 0x80, 0x28,
-		0xfe, 0x5f, 0xc2, 0x35, 0xf5, 0xb8, 0x89, 0xa5, 0x89, 0xcb,
-		0x52, 0x15, 0xf2, 0xa4,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,	/* order */
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x27, 0xe6, 0x95, 0x32, 0xf4, 0x8d, 0x89, 0x11,
-		0x6f, 0xf2, 0x2b, 0x8d, 0x4e, 0x05, 0x60, 0x60, 0x9b, 0x4b,
-		0x38, 0xab, 0xfa, 0xd2, 0xb8, 0x5d, 0xca, 0xcd, 0xb1, 0x41,
-		0x1f, 0x10, 0xb2, 0x75
-	}
-};
-
-static const struct {
-	EC_CURVE_DATA h;
-	unsigned char data[0 + 64 * 6];
-}
- _EC_GOST_2012_TC26_B = {
-	{
-		NID_X9_62_prime_field, 0, 64, 1
-	},
-	{			/* no seed */
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* p */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x6f,
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* a */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x6c,
-		0x68, 0x7d, 0x1b, 0x45, 0x9d, 0xc8, 0x41, 0x45, 0x7e, 0x3e,	/* b */
-		0x06, 0xcf, 0x6f, 0x5e, 0x25, 0x17, 0xb9, 0x7c, 0x7d, 0x61,
-		0x4a, 0xf1, 0x38, 0xbc, 0xbf, 0x85, 0xdc, 0x80, 0x6c, 0x4b,
-		0x28, 0x9f, 0x3e, 0x96, 0x5d, 0x2d, 0xb1, 0x41, 0x6d, 0x21,
-		0x7f, 0x8b, 0x27, 0x6f, 0xad, 0x1a, 0xb6, 0x9c, 0x50, 0xf7,
-		0x8b, 0xee, 0x1f, 0xa3, 0x10, 0x6e, 0xfb, 0x8c, 0xcb, 0xc7,
-		0xc5, 0x14, 0x01, 0x16,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* x */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x02,
-		0x1a, 0x8f, 0x7e, 0xda, 0x38, 0x9b, 0x09, 0x4c, 0x2c, 0x07,	/* y */
-		0x1e, 0x36, 0x47, 0xa8, 0x94, 0x0f, 0x3c, 0x12, 0x3b, 0x69,
-		0x75, 0x78, 0xc2, 0x13, 0xbe, 0x6d, 0xd9, 0xe6, 0xc8, 0xec,
-		0x73, 0x35, 0xdc, 0xb2, 0x28, 0xfd, 0x1e, 0xdf, 0x4a, 0x39,
-		0x15, 0x2c, 0xbc, 0xaa, 0xf8, 0xc0, 0x39, 0x88, 0x28, 0x04,
-		0x10, 0x55, 0xf9, 0x4c, 0xee, 0xec, 0x7e, 0x21, 0x34, 0x07,
-		0x80, 0xfe, 0x41, 0xbd,
-		0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	/* order */
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x01, 0x49, 0xa1, 0xec, 0x14, 0x25, 0x65, 0xa5, 0x45,
-		0xac, 0xfd, 0xb7, 0x7b, 0xd9, 0xd4, 0x0c, 0xfa, 0x8b, 0x99,
-		0x67, 0x12, 0x10, 0x1b, 0xea, 0x0e, 0xc6, 0x34, 0x6c, 0x54,
-		0x37, 0x4f, 0x25, 0xbd
-	}
-};
-
-#endif
-
-typedef struct _ec_list_element_st {
-	int nid;
-	const EC_CURVE_DATA *data;
-	const EC_METHOD *(*meth) (void);
-	const char *comment;
-} ec_list_element;
-
-static const ec_list_element curve_list[] = {
-	/* prime field curves */
-	/* secg curves */
-	{NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field"},
-	{NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, "SECG curve over a 112 bit prime field"},
-	{NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, "SECG curve over a 128 bit prime field"},
-	{NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, "SECG curve over a 128 bit prime field"},
-	{NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, "SECG curve over a 160 bit prime field"},
-	{NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, "SECG curve over a 160 bit prime field"},
-	{NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field"},
-	/* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
-	{NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, "SECG curve over a 192 bit prime field"},
-	{NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, "SECG curve over a 224 bit prime field"},
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-	{NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, "NIST/SECG curve over a 224 bit prime field"},
-#else
-	{NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field"},
-#endif
-	{NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field"},
-	/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
-	{NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field"},
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-	{NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, "NIST/SECG curve over a 521 bit prime field"},
-#else
-	{NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, "NIST/SECG curve over a 521 bit prime field"},
-#endif
-	/* X9.62 curves */
-	{NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field"},
-	{NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, "X9.62 curve over a 192 bit prime field"},
-	{NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, "X9.62 curve over a 192 bit prime field"},
-	{NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, "X9.62 curve over a 239 bit prime field"},
-	{NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, "X9.62 curve over a 239 bit prime field"},
-	{NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, "X9.62 curve over a 239 bit prime field"},
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-	{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field"},
-#else
-	{NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field"},
-#endif
-#ifndef OPENSSL_NO_EC2M
-	/* characteristic two field curves */
-	/* NIST/SECG curves */
-	{NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field"},
-	{NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, "SECG curve over a 113 bit binary field"},
-	{NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, "SECG/WTLS curve over a 131 bit binary field"},
-	{NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, "SECG curve over a 131 bit binary field"},
-	{NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field"},
-	{NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, "SECG curve over a 163 bit binary field"},
-	{NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field"},
-	{NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, "SECG curve over a 193 bit binary field"},
-	{NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, "SECG curve over a 193 bit binary field"},
-	{NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"},
-	{NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"},
-	{NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, "SECG curve over a 239 bit binary field"},
-	{NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field"},
-	{NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field"},
-	{NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field"},
-	{NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field"},
-	{NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field"},
-	{NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field"},
-	/* X9.62 curves */
-	{NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field"},
-	{NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, "X9.62 curve over a 163 bit binary field"},
-	{NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, "X9.62 curve over a 163 bit binary field"},
-	{NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, "X9.62 curve over a 176 bit binary field"},
-	{NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, "X9.62 curve over a 191 bit binary field"},
-	{NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, "X9.62 curve over a 191 bit binary field"},
-	{NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, "X9.62 curve over a 191 bit binary field"},
-	{NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, "X9.62 curve over a 208 bit binary field"},
-	{NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, "X9.62 curve over a 239 bit binary field"},
-	{NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, "X9.62 curve over a 239 bit binary field"},
-	{NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, "X9.62 curve over a 239 bit binary field"},
-	{NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, "X9.62 curve over a 272 bit binary field"},
-	{NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, "X9.62 curve over a 304 bit binary field"},
-	{NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, "X9.62 curve over a 359 bit binary field"},
-	{NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, "X9.62 curve over a 368 bit binary field"},
-	{NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, "X9.62 curve over a 431 bit binary field"},
-	/*
-	 * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves
-	 * from X9.62]
-	 */
-	{NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, "WTLS curve over a 113 bit binary field"},
-	{NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field"},
-	{NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field"},
-	{NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field"},
-#endif
-	{NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field"},
-	{NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field"},
-	{NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, "WTLS curve over a 112 bit prime field"},
-	{NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, "WTLS curve over a 160 bit prime field"},
-#ifndef OPENSSL_NO_EC2M
-	{NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"},
-	{NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"},
-#endif
-	{NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, "WTLS curve over a 224 bit prime field"},
-#ifndef OPENSSL_NO_EC2M
-	/* IPSec curves */
-	{NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
-	"\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
-	{NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
-	"\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
-#endif
-	/* RFC 5639 curves */
-	{NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, "RFC 5639 curve over a 160 bit prime field"},
-	{NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, "RFC 5639 curve over a 160 bit prime field"},
-	{NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, "RFC 5639 curve over a 192 bit prime field"},
-	{NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, "RFC 5639 curve over a 192 bit prime field"},
-	{NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, "RFC 5639 curve over a 224 bit prime field"},
-	{NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, "RFC 5639 curve over a 224 bit prime field"},
-	{NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, "RFC 5639 curve over a 256 bit prime field"},
-	{NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, "RFC 5639 curve over a 256 bit prime field"},
-	{NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0, "RFC 5639 curve over a 320 bit prime field"},
-	{NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0, "RFC 5639 curve over a 320 bit prime field"},
-	{NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
-	{NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"},
-	{NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
-	{NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"},
-	/* ANSSI */
-	{NID_FRP256v1, &_EC_FRP256v1.h, 0, "FRP256v1"},
-#ifndef OPENSSL_NO_GOST
-	/* GOST R 34.10-2001 */
-	{NID_id_GostR3410_2001_TestParamSet, &_EC_GOST_2001_Test.h, 0, "GOST R 34.10-2001 Test Curve"},
-	{NID_id_GostR3410_2001_CryptoPro_A_ParamSet, &_EC_GOST_2001_CryptoPro_A.h, 0, "GOST R 34.10-2001 CryptoPro-A"},
-	{NID_id_GostR3410_2001_CryptoPro_B_ParamSet, &_EC_GOST_2001_CryptoPro_B.h, 0, "GOST R 34.10-2001 CryptoPro-B"},
-	{NID_id_GostR3410_2001_CryptoPro_C_ParamSet, &_EC_GOST_2001_CryptoPro_C.h, 0, "GOST R 34.10-2001 CryptoPro-C"},
-	{NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet, &_EC_GOST_2001_CryptoPro_A.h, 0, "GOST R 34.10-2001 CryptoPro-XchA"},
-	{NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet, &_EC_GOST_2001_CryptoPro_C.h, 0, "GOST R 34.10-2001 CryptoPro-XchB"},
-	{NID_id_tc26_gost_3410_2012_512_paramSetA, &_EC_GOST_2012_TC26_A.h, 0, "GOST R 34.10-2012 TC26-A"},
-	{NID_id_tc26_gost_3410_2012_512_paramSetB, &_EC_GOST_2012_TC26_B.h, 0, "GOST R 34.10-2012 TC26-B"},
-#endif
-};
-
-#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
-
-static EC_GROUP *
-ec_group_new_from_data(const ec_list_element curve)
-{
-	EC_GROUP *group = NULL;
-	EC_POINT *P = NULL;
-	BN_CTX *ctx = NULL;
-	BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL;
-	int ok = 0;
-	int seed_len, param_len;
-	const EC_METHOD *meth;
-	const EC_CURVE_DATA *data;
-	const unsigned char *params;
-
-	if ((ctx = BN_CTX_new()) == NULL) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	data = curve.data;
-	seed_len = data->seed_len;
-	param_len = data->param_len;
-	params = (const unsigned char *) (data + 1);	/* skip header */
-	params += seed_len;	/* skip seed   */
-
-	if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) ||
-	    !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) ||
-	    !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-		goto err;
-	}
-	if (curve.meth != 0) {
-		meth = curve.meth();
-		if (((group = EC_GROUP_new(meth)) == NULL) ||
-		    (!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
-			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-			goto err;
-		}
-	} else if (data->field_type == NID_X9_62_prime_field) {
-		if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
-			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#ifndef OPENSSL_NO_EC2M
-	else {			/* field_type ==
-				 * NID_X9_62_characteristic_two_field */
-		if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
-			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#endif
-
-	if ((P = EC_POINT_new(group)) == NULL) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL))
-	    || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-		goto err;
-	}
-	if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL))
-	    || !BN_set_word(x, (BN_ULONG) data->cofactor)) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
-		goto err;
-	}
-	if (!EC_GROUP_set_generator(group, P, order, x)) {
-		ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (seed_len) {
-		if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
-			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-	ok = 1;
-err:
-	if (!ok) {
-		EC_GROUP_free(group);
-		group = NULL;
-	}
-	EC_POINT_free(P);
-	BN_CTX_free(ctx);
-	BN_free(p);
-	BN_free(a);
-	BN_free(b);
-	BN_free(order);
-	BN_free(x);
-	BN_free(y);
-	return group;
-}
-
-EC_GROUP *
-EC_GROUP_new_by_curve_name(int nid)
-{
-	size_t i;
-	EC_GROUP *ret = NULL;
-
-	if (nid <= 0)
-		return NULL;
-
-	for (i = 0; i < curve_list_length; i++)
-		if (curve_list[i].nid == nid) {
-			ret = ec_group_new_from_data(curve_list[i]);
-			break;
-		}
-	if (ret == NULL) {
-		ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
-		return NULL;
-	}
-	EC_GROUP_set_curve_name(ret, nid);
-
-	return ret;
-}
-
-size_t 
-EC_get_builtin_curves(EC_builtin_curve * r, size_t nitems)
-{
-	size_t i, min;
-
-	if (r == NULL || nitems == 0)
-		return curve_list_length;
-
-	min = nitems < curve_list_length ? nitems : curve_list_length;
-
-	for (i = 0; i < min; i++) {
-		r[i].nid = curve_list[i].nid;
-		r[i].comment = curve_list[i].comment;
-	}
-
-	return curve_list_length;
-}
-
-/*
- * Functions to translate between common NIST curve names and NIDs.
- */
-
-typedef struct {
-	const char *name;	/* NIST Name of curve */
-	int nid;		/* Curve NID */
-} EC_NIST_NAME;
-
-static EC_NIST_NAME nist_curves[] = {
-	{ "B-163", NID_sect163r2 },
-	{ "B-233", NID_sect233r1 },
-	{ "B-283", NID_sect283r1 },
-	{ "B-409", NID_sect409r1 },
-	{ "B-571", NID_sect571r1 },
-	{ "K-163", NID_sect163k1 },
-	{ "K-233", NID_sect233k1 },
-	{ "K-283", NID_sect283k1 },
-	{ "K-409", NID_sect409k1 },
-	{ "K-571", NID_sect571k1 },
-	{ "P-192", NID_X9_62_prime192v1 },
-	{ "P-224", NID_secp224r1 },
-	{ "P-256", NID_X9_62_prime256v1 },
-	{ "P-384", NID_secp384r1 },
-	{ "P-521", NID_secp521r1 }
-};
-
-const char *
-EC_curve_nid2nist(int nid)
-{
-	size_t i;
-
-	for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
-		if (nist_curves[i].nid == nid)
-			return (nist_curves[i].name);
-	}
-	return (NULL);
-}
-
-int
-EC_curve_nist2nid(const char *name)
-{
-	size_t i;
-
-	for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
-		if (!strcmp(nist_curves[i].name, name))
-			return (nist_curves[i].nid);
-	}
-	return (NID_undef);
-}
diff --git a/lib/libssl/src/crypto/ec/ec_cvt.c b/lib/libssl/src/crypto/ec/ec_cvt.c
deleted file mode 100644
index a0982064b89..00000000000
--- a/lib/libssl/src/crypto/ec/ec_cvt.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* $OpenBSD: ec_cvt.c,v 1.6 2014/07/10 22:45:57 jsing Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
-EC_GROUP *
-EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b,
-    BN_CTX *ctx)
-{
-	const EC_METHOD *meth;
-	EC_GROUP *ret;
-
-#if defined(OPENSSL_BN_ASM_MONT)
-	/*
-	 * This might appear controversial, but the fact is that generic
-	 * prime method was observed to deliver better performance even
-	 * for NIST primes on a range of platforms, e.g.: 60%-15%
-	 * improvement on IA-64, ~25% on ARM, 30%-90% on P4, 20%-25%
-	 * in 32-bit build and 35%--12% in 64-bit build on Core2...
-	 * Coefficients are relative to optimized bn_nist.c for most
-	 * intensive ECDSA verify and ECDH operations for 192- and 521-
-	 * bit keys respectively. Choice of these boundary values is
-	 * arguable, because the dependency of improvement coefficient
-	 * from key length is not a "monotone" curve. For example while
-	 * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
-	 * generally faster, sometimes "respectfully" faster, sometimes
-	 * "tolerably" slower... What effectively happens is that loop
-	 * with bn_mul_add_words is put against bn_mul_mont, and the
-	 * latter "wins" on short vectors. Correct solution should be
-	 * implementing dedicated NxN multiplication subroutines for
-	 * small N. But till it materializes, let's stick to generic
-	 * prime method...
-	 *						<appro>
-	 */
-	meth = EC_GFp_mont_method();
-#else
-	meth = EC_GFp_nist_method();
-#endif
-
-	ret = EC_GROUP_new(meth);
-	if (ret == NULL)
-		return NULL;
-
-	if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
-		unsigned long err;
-
-		err = ERR_peek_last_error();
-
-		if (!(ERR_GET_LIB(err) == ERR_LIB_EC &&
-		    ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) ||
-		    (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) {
-			/* real error */
-
-			EC_GROUP_clear_free(ret);
-			return NULL;
-		}
-		/* not an actual error, we just cannot use EC_GFp_nist_method */
-
-		ERR_clear_error();
-
-		EC_GROUP_clear_free(ret);
-		meth = EC_GFp_mont_method();
-
-		ret = EC_GROUP_new(meth);
-		if (ret == NULL)
-			return NULL;
-
-		if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
-			EC_GROUP_clear_free(ret);
-			return NULL;
-		}
-	}
-	return ret;
-}
-
-#ifndef OPENSSL_NO_EC2M
-EC_GROUP *
-EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b,
-    BN_CTX *ctx)
-{
-	const EC_METHOD *meth;
-	EC_GROUP *ret;
-
-	meth = EC_GF2m_simple_method();
-
-	ret = EC_GROUP_new(meth);
-	if (ret == NULL)
-		return NULL;
-
-	if (!EC_GROUP_set_curve_GF2m(ret, p, a, b, ctx)) {
-		EC_GROUP_clear_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec_err.c b/lib/libssl/src/crypto/ec/ec_err.c
deleted file mode 100644
index 0ba510adae1..00000000000
--- a/lib/libssl/src/crypto/ec/ec_err.c
+++ /dev/null
@@ -1,279 +0,0 @@
-/* $OpenBSD: ec_err.c,v 1.9 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ec.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
-
-static ERR_STRING_DATA EC_str_functs[] =
-{
-	{ERR_FUNC(EC_F_BN_TO_FELEM), "BN_TO_FELEM"},
-	{ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
-	{ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
-	{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
-	{ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
-	{ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "DO_EC_KEY_PRINT"},
-	{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"},
-	{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"},
-	{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"},
-	{ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"},
-	{ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"},
-	{ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"},
-	{ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"},
-	{ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"},
-	{ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"},
-	{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"},
-	{ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"},
-	{ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"},
-	{ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"},
-	{ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"},
-	{ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"},
-	{ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "EC_ASN1_GROUP2CURVE"},
-	{ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "EC_ASN1_GROUP2FIELDID"},
-	{ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS), "EC_ASN1_GROUP2PARAMETERS"},
-	{ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"},
-	{ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"},
-	{ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"},
-	{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"},
-	{ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY), "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GF2m_simple_group_check_discriminant"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE), "ec_GF2m_simple_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GF2m_simple_point_get_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GF2m_simple_point_set_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GF2m_simple_set_compressed_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE), "ec_GFp_mont_field_set_to_one"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE), "ec_GFp_mont_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP), "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE), "ec_GFp_nistp224_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp224_point_get_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE), "ec_GFp_nistp256_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp256_point_get_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE), "ec_GFp_nistp521_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
-	{ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES), "ec_GFp_nistp521_point_get_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
-	{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
-	{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE), "ec_GFp_nist_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GFp_simple_group_check_discriminant"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE), "ec_GFp_simple_group_set_curve"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP), "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR), "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE), "ec_GFp_simple_points_make_affine"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES), "ec_GFp_simple_point_get_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES), "ec_GFp_simple_point_set_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP), "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES), "ec_GFp_simple_set_compressed_coordinates"},
-	{ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP), "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
-	{ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
-	{ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT), "EC_GROUP_check_discriminant"},
-	{ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS), "EC_GROUP_get_pentanomial_basis"},
-	{ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS), "EC_GROUP_get_trinomial_basis"},
-	{ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"},
-	{ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"},
-	{ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "EC_GROUP_NEW_FROM_DATA"},
-	{ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
-	{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
-	{ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
-	{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"},
-	{ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
-	{ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
-	{ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
-	{ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
-	{ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
-	{ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
-	{ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
-	{ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES), "EC_KEY_set_public_key_affine_coordinates"},
-	{ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
-	{ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
-	{ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
-	{ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
-	{ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"},
-	{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M), "EC_POINT_get_affine_coordinates_GF2m"},
-	{ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP), "EC_POINT_get_affine_coordinates_GFp"},
-	{ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_get_Jprojective_coordinates_GFp"},
-	{ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"},
-	{ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
-	{ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
-	{ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
-	{ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"},
-	{ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
-	{ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
-	{ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M), "EC_POINT_set_affine_coordinates_GF2m"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP), "EC_POINT_set_affine_coordinates_GFp"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M), "EC_POINT_set_compressed_coordinates_GF2m"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP), "EC_POINT_set_compressed_coordinates_GFp"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP), "EC_POINT_set_Jprojective_coordinates_GFp"},
-	{ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
-	{ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"},
-	{ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "EC_PRE_COMP_NEW"},
-	{ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
-	{ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
-	{ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"},
-	{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
-	{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
-	{ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
-	{ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "NISTP224_PRE_COMP_NEW"},
-	{ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "NISTP256_PRE_COMP_NEW"},
-	{ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "NISTP521_PRE_COMP_NEW"},
-	{ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
-	{ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"},
-	{ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"},
-	{ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "PKEY_EC_CTRL_STR"},
-	{ERR_FUNC(EC_F_PKEY_EC_DERIVE), "PKEY_EC_DERIVE"},
-	{ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "PKEY_EC_KEYGEN"},
-	{ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "PKEY_EC_PARAMGEN"},
-	{ERR_FUNC(EC_F_PKEY_EC_SIGN), "PKEY_EC_SIGN"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA EC_str_reasons[] =
-{
-	{ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
-	{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
-	{ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
-	{ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
-	{ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
-	{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE), "d2i ecpkparameters failure"},
-	{ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
-	{ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"},
-	{ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE), "ec group new by name failure"},
-	{ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
-	{ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
-	{ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE), "group2pkparameters failure"},
-	{ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE), "i2d ecpkparameters failure"},
-	{ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"},
-	{ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"},
-	{ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"},
-	{ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"},
-	{ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"},
-	{ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
-	{ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
-	{ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
-	{ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
-	{ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
-	{ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
-	{ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
-	{ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
-	{ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
-	{ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
-	{ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
-	{ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
-	{ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME), "not a supported NIST prime"},
-	{ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
-	{ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
-	{ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
-	{ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
-	{ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
-	{ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE), "pkparameters2group failure"},
-	{ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"},
-	{ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"},
-	{ERR_REASON(EC_R_SLOT_FULL), "slot full"},
-	{ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"},
-	{ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"},
-	{ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"},
-	{ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"},
-	{ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"},
-	{ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"},
-	{ERR_REASON(EC_R_WRONG_ORDER), "wrong order"},
-	{0, NULL}
-};
-
-#endif
-
-void 
-ERR_load_EC_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(EC_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, EC_str_functs);
-		ERR_load_strings(0, EC_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ec/ec_key.c b/lib/libssl/src/crypto/ec/ec_key.c
deleted file mode 100644
index fa962e4d0ff..00000000000
--- a/lib/libssl/src/crypto/ec/ec_key.c
+++ /dev/null
@@ -1,540 +0,0 @@
-/* $OpenBSD: ec_key.c,v 1.12 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions originally developed by SUN MICROSYSTEMS, INC., and
- * contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "ec_lcl.h"
-#include <openssl/err.h>
-
-EC_KEY *
-EC_KEY_new(void)
-{
-	EC_KEY *ret;
-
-	ret = malloc(sizeof(EC_KEY));
-	if (ret == NULL) {
-		ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->version = 1;
-	ret->flags = 0;
-	ret->group = NULL;
-	ret->pub_key = NULL;
-	ret->priv_key = NULL;
-	ret->enc_flag = 0;
-	ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
-	ret->references = 1;
-	ret->method_data = NULL;
-	return (ret);
-}
-
-EC_KEY *
-EC_KEY_new_by_curve_name(int nid)
-{
-	EC_KEY *ret = EC_KEY_new();
-	if (ret == NULL)
-		return NULL;
-	ret->group = EC_GROUP_new_by_curve_name(nid);
-	if (ret->group == NULL) {
-		EC_KEY_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-void 
-EC_KEY_free(EC_KEY * r)
-{
-	int i;
-
-	if (r == NULL)
-		return;
-
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
-	if (i > 0)
-		return;
-
-	EC_GROUP_free(r->group);
-	EC_POINT_free(r->pub_key);
-	BN_clear_free(r->priv_key);
-
-	EC_EX_DATA_free_all_data(&r->method_data);
-
-	explicit_bzero((void *) r, sizeof(EC_KEY));
-
-	free(r);
-}
-
-EC_KEY *
-EC_KEY_copy(EC_KEY * dest, const EC_KEY * src)
-{
-	EC_EXTRA_DATA *d;
-
-	if (dest == NULL || src == NULL) {
-		ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-	}
-	/* copy the parameters */
-	if (src->group) {
-		const EC_METHOD *meth = EC_GROUP_method_of(src->group);
-		/* clear the old group */
-		EC_GROUP_free(dest->group);
-		dest->group = EC_GROUP_new(meth);
-		if (dest->group == NULL)
-			return NULL;
-		if (!EC_GROUP_copy(dest->group, src->group))
-			return NULL;
-	}
-	/* copy the public key */
-	if (src->pub_key && src->group) {
-		EC_POINT_free(dest->pub_key);
-		dest->pub_key = EC_POINT_new(src->group);
-		if (dest->pub_key == NULL)
-			return NULL;
-		if (!EC_POINT_copy(dest->pub_key, src->pub_key))
-			return NULL;
-	}
-	/* copy the private key */
-	if (src->priv_key) {
-		if (dest->priv_key == NULL) {
-			dest->priv_key = BN_new();
-			if (dest->priv_key == NULL)
-				return NULL;
-		}
-		if (!BN_copy(dest->priv_key, src->priv_key))
-			return NULL;
-	}
-	/* copy method/extra data */
-	EC_EX_DATA_free_all_data(&dest->method_data);
-
-	for (d = src->method_data; d != NULL; d = d->next) {
-		void *t = d->dup_func(d->data);
-
-		if (t == NULL)
-			return 0;
-		if (!EC_EX_DATA_set_data(&dest->method_data, t, d->dup_func,
-		    d->free_func, d->clear_free_func))
-			return 0;
-	}
-
-	/* copy the rest */
-	dest->enc_flag = src->enc_flag;
-	dest->conv_form = src->conv_form;
-	dest->version = src->version;
-	dest->flags = src->flags;
-
-	return dest;
-}
-
-EC_KEY *
-EC_KEY_dup(const EC_KEY * ec_key)
-{
-	EC_KEY *ret = EC_KEY_new();
-	if (ret == NULL)
-		return NULL;
-	if (EC_KEY_copy(ret, ec_key) == NULL) {
-		EC_KEY_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-int 
-EC_KEY_up_ref(EC_KEY * r)
-{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
-	return ((i > 1) ? 1 : 0);
-}
-
-int 
-EC_KEY_generate_key(EC_KEY * eckey)
-{
-	int ok = 0;
-	BN_CTX *ctx = NULL;
-	BIGNUM *priv_key = NULL, *order = NULL;
-	EC_POINT *pub_key = NULL;
-
-	if (!eckey || !eckey->group) {
-		ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if ((order = BN_new()) == NULL)
-		goto err;
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	if (eckey->priv_key == NULL) {
-		priv_key = BN_new();
-		if (priv_key == NULL)
-			goto err;
-	} else
-		priv_key = eckey->priv_key;
-
-	if (!EC_GROUP_get_order(eckey->group, order, ctx))
-		goto err;
-
-	do
-		if (!BN_rand_range(priv_key, order))
-			goto err;
-	while (BN_is_zero(priv_key));
-
-	if (eckey->pub_key == NULL) {
-		pub_key = EC_POINT_new(eckey->group);
-		if (pub_key == NULL)
-			goto err;
-	} else
-		pub_key = eckey->pub_key;
-
-	if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx))
-		goto err;
-
-	eckey->priv_key = priv_key;
-	eckey->pub_key = pub_key;
-
-	ok = 1;
-
-err:
-	BN_free(order);
-	if (pub_key != NULL && eckey->pub_key == NULL)
-		EC_POINT_free(pub_key);
-	if (priv_key != NULL && eckey->priv_key == NULL)
-		BN_free(priv_key);
-	BN_CTX_free(ctx);
-	return (ok);
-}
-
-int 
-EC_KEY_check_key(const EC_KEY * eckey)
-{
-	int ok = 0;
-	BN_CTX *ctx = NULL;
-	const BIGNUM *order = NULL;
-	EC_POINT *point = NULL;
-
-	if (!eckey || !eckey->group || !eckey->pub_key) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key) > 0) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
-		goto err;
-	}
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if ((point = EC_POINT_new(eckey->group)) == NULL)
-		goto err;
-
-	/* testing whether the pub_key is on the elliptic curve */
-	if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-	}
-	/* testing whether pub_key * order is the point at infinity */
-	order = &eckey->group->order;
-	if (BN_is_zero(order)) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
-		goto err;
-	}
-	if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (EC_POINT_is_at_infinity(eckey->group, point) <= 0) {
-		ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-		goto err;
-	}
-	/*
-	 * in case the priv_key is present : check if generator * priv_key ==
-	 * pub_key
-	 */
-	if (eckey->priv_key) {
-		if (BN_cmp(eckey->priv_key, order) >= 0) {
-			ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-			goto err;
-		}
-		if (!EC_POINT_mul(eckey->group, point, eckey->priv_key,
-			NULL, NULL, ctx)) {
-			ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
-			goto err;
-		}
-		if (EC_POINT_cmp(eckey->group, point, eckey->pub_key,
-			ctx) != 0) {
-			ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY);
-			goto err;
-		}
-	}
-	ok = 1;
-err:
-	BN_CTX_free(ctx);
-	EC_POINT_free(point);
-	return (ok);
-}
-
-int 
-EC_KEY_set_public_key_affine_coordinates(EC_KEY * key, BIGNUM * x, BIGNUM * y)
-{
-	BN_CTX *ctx = NULL;
-	BIGNUM *tx, *ty;
-	EC_POINT *point = NULL;
-	int ok = 0, tmp_nid, is_char_two = 0;
-
-	if (!key || !key->group || !x || !y) {
-		ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	ctx = BN_CTX_new();
-	if (!ctx)
-		goto err;
-
-	point = EC_POINT_new(key->group);
-
-	if (!point)
-		goto err;
-
-	tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
-
-	if (tmp_nid == NID_X9_62_characteristic_two_field)
-		is_char_two = 1;
-
-	if ((tx = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((ty = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-#ifndef OPENSSL_NO_EC2M
-	if (is_char_two) {
-		if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
-			x, y, ctx))
-			goto err;
-		if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
-			tx, ty, ctx))
-			goto err;
-	} else
-#endif
-	{
-		if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
-			x, y, ctx))
-			goto err;
-		if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
-			tx, ty, ctx))
-			goto err;
-	}
-	/*
-	 * Check if retrieved coordinates match originals: if not values are
-	 * out of range.
-	 */
-	if (BN_cmp(x, tx) || BN_cmp(y, ty)) {
-		ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-		    EC_R_COORDINATES_OUT_OF_RANGE);
-		goto err;
-	}
-	if (!EC_KEY_set_public_key(key, point))
-		goto err;
-
-	if (EC_KEY_check_key(key) == 0)
-		goto err;
-
-	ok = 1;
-
-err:
-	BN_CTX_free(ctx);
-	EC_POINT_free(point);
-	return ok;
-
-}
-
-const EC_GROUP *
-EC_KEY_get0_group(const EC_KEY * key)
-{
-	return key->group;
-}
-
-int 
-EC_KEY_set_group(EC_KEY * key, const EC_GROUP * group)
-{
-	EC_GROUP_free(key->group);
-	key->group = EC_GROUP_dup(group);
-	return (key->group == NULL) ? 0 : 1;
-}
-
-const BIGNUM *
-EC_KEY_get0_private_key(const EC_KEY * key)
-{
-	return key->priv_key;
-}
-
-int 
-EC_KEY_set_private_key(EC_KEY * key, const BIGNUM * priv_key)
-{
-	BN_clear_free(key->priv_key);
-	key->priv_key = BN_dup(priv_key);
-	return (key->priv_key == NULL) ? 0 : 1;
-}
-
-const EC_POINT *
-EC_KEY_get0_public_key(const EC_KEY * key)
-{
-	return key->pub_key;
-}
-
-int 
-EC_KEY_set_public_key(EC_KEY * key, const EC_POINT * pub_key)
-{
-	EC_POINT_free(key->pub_key);
-	key->pub_key = EC_POINT_dup(pub_key, key->group);
-	return (key->pub_key == NULL) ? 0 : 1;
-}
-
-unsigned int 
-EC_KEY_get_enc_flags(const EC_KEY * key)
-{
-	return key->enc_flag;
-}
-
-void 
-EC_KEY_set_enc_flags(EC_KEY * key, unsigned int flags)
-{
-	key->enc_flag = flags;
-}
-
-point_conversion_form_t 
-EC_KEY_get_conv_form(const EC_KEY * key)
-{
-	return key->conv_form;
-}
-
-void 
-EC_KEY_set_conv_form(EC_KEY * key, point_conversion_form_t cform)
-{
-	key->conv_form = cform;
-	if (key->group != NULL)
-		EC_GROUP_set_point_conversion_form(key->group, cform);
-}
-
-void *
-EC_KEY_get_key_method_data(EC_KEY *key,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	void *ret;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_EC);
-	ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
-	CRYPTO_r_unlock(CRYPTO_LOCK_EC);
-
-	return ret;
-}
-
-void *
-EC_KEY_insert_key_method_data(EC_KEY * key, void *data,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	EC_EXTRA_DATA *ex_data;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_EC);
-	ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
-	if (ex_data == NULL)
-		EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
-	CRYPTO_w_unlock(CRYPTO_LOCK_EC);
-
-	return ex_data;
-}
-
-void 
-EC_KEY_set_asn1_flag(EC_KEY * key, int flag)
-{
-	if (key->group != NULL)
-		EC_GROUP_set_asn1_flag(key->group, flag);
-}
-
-int 
-EC_KEY_precompute_mult(EC_KEY * key, BN_CTX * ctx)
-{
-	if (key->group == NULL)
-		return 0;
-	return EC_GROUP_precompute_mult(key->group, ctx);
-}
-
-int 
-EC_KEY_get_flags(const EC_KEY * key)
-{
-	return key->flags;
-}
-
-void 
-EC_KEY_set_flags(EC_KEY * key, int flags)
-{
-	key->flags |= flags;
-}
-
-void 
-EC_KEY_clear_flags(EC_KEY * key, int flags)
-{
-	key->flags &= ~flags;
-}
diff --git a/lib/libssl/src/crypto/ec/ec_lcl.h b/lib/libssl/src/crypto/ec/ec_lcl.h
deleted file mode 100644
index faed33fe56f..00000000000
--- a/lib/libssl/src/crypto/ec/ec_lcl.h
+++ /dev/null
@@ -1,446 +0,0 @@
-/* $OpenBSD: ec_lcl.h,v 1.5 2014/06/12 15:49:29 deraadt Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by 
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * The elliptic curve binary polynomial software is originally written by 
- * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-
-
-#include <stdlib.h>
-
-#include <openssl/obj_mac.h>
-#include <openssl/ec.h>
-#include <openssl/bn.h>
-
-#if defined(__SUNPRO_C)
-# if __SUNPRO_C >= 0x520
-# pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
-# endif
-#endif
-
-/* Use default functions for poin2oct, oct2point and compressed coordinates */
-#define EC_FLAGS_DEFAULT_OCT	0x1
-
-/* Structure details are not part of the exported interface,
- * so all this may change in future versions. */
-
-struct ec_method_st {
-	/* Various method flags */
-	int flags;
-	/* used by EC_METHOD_get_field_type: */
-	int field_type; /* a NID */
-
-	/* used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_copy: */
-	int (*group_init)(EC_GROUP *);
-	void (*group_finish)(EC_GROUP *);
-	void (*group_clear_finish)(EC_GROUP *);
-	int (*group_copy)(EC_GROUP *, const EC_GROUP *);
-
-	/* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */
-	/* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */
-	int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-	int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-
-	/* used by EC_GROUP_get_degree: */
-	int (*group_get_degree)(const EC_GROUP *);
-
-	/* used by EC_GROUP_check: */
-	int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
-
-	/* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */
-	int (*point_init)(EC_POINT *);
-	void (*point_finish)(EC_POINT *);
-	void (*point_clear_finish)(EC_POINT *);
-	int (*point_copy)(EC_POINT *, const EC_POINT *);
-
-	/* used by EC_POINT_set_to_infinity,
-	 * EC_POINT_set_Jprojective_coordinates_GFp,
-	 * EC_POINT_get_Jprojective_coordinates_GFp,
-	 * EC_POINT_set_affine_coordinates_GFp,     ..._GF2m,
-	 * EC_POINT_get_affine_coordinates_GFp,     ..._GF2m,
-	 * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m:
-	 */
-	int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *);
-	int (*point_set_Jprojective_coordinates_GFp)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-	int (*point_get_Jprojective_coordinates_GFp)(const EC_GROUP *, const EC_POINT *,
-		BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-	int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-	int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *,
-		BIGNUM *x, BIGNUM *y, BN_CTX *);
-	int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *,
-		const BIGNUM *x, int y_bit, BN_CTX *);
-
-	/* used by EC_POINT_point2oct, EC_POINT_oct2point: */
-	size_t (*point2oct)(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-	        unsigned char *buf, size_t len, BN_CTX *);
-	int (*oct2point)(const EC_GROUP *, EC_POINT *,
-	        const unsigned char *buf, size_t len, BN_CTX *);
-
-	/* used by EC_POINT_add, EC_POINT_dbl, ECP_POINT_invert: */
-	int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-	int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-	int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
-
-	/* used by EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp: */
-	int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *);
-	int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-	int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-
-	/* used by EC_POINT_make_affine, EC_POINTs_make_affine: */
-	int (*make_affine)(const EC_GROUP *, EC_POINT *, BN_CTX *);
-	int (*points_make_affine)(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-
-	/* used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult, EC_POINT_have_precompute_mult
-	 * (default implementations are used if the 'mul' pointer is 0): */
-	int (*mul)(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-		size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-	int (*precompute_mult)(EC_GROUP *group, BN_CTX *);
-	int (*have_precompute_mult)(const EC_GROUP *group);
-
-
-	/* internal functions */
-
-	/* 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and 'dbl' so that
-	 * the same implementations of point operations can be used with different
-	 * optimized implementations of expensive field operations: */
-	int (*field_mul)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-	int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-	int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-
-	int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. to Montgomery */
-	int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *); /* e.g. from Montgomery */
-	int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-} /* EC_METHOD */;
-
-typedef struct ec_extra_data_st {
-	struct ec_extra_data_st *next;
-	void *data;
-	void *(*dup_func)(void *);
-	void (*free_func)(void *);
-	void (*clear_free_func)(void *);
-} EC_EXTRA_DATA; /* used in EC_GROUP */
-
-struct ec_group_st {
-	const EC_METHOD *meth;
-
-	EC_POINT *generator; /* optional */
-	BIGNUM order, cofactor;
-
-	int curve_name;/* optional NID for named curve */
-	int asn1_flag; /* flag to control the asn1 encoding */
-	point_conversion_form_t asn1_form;
-
-	unsigned char *seed; /* optional seed for parameters (appears in ASN1) */
-	size_t seed_len;
-
-	EC_EXTRA_DATA *extra_data; /* linked list */
-
-	/* The following members are handled by the method functions,
-	 * even if they appear generic */
-	
-	BIGNUM field; /* Field specification.
-	               * For curves over GF(p), this is the modulus;
-	               * for curves over GF(2^m), this is the 
-	               * irreducible polynomial defining the field.
-	               */
-
-	int poly[6]; /* Field specification for curves over GF(2^m).
-	              * The irreducible f(t) is then of the form:
-	              *     t^poly[0] + t^poly[1] + ... + t^poly[k]
-	              * where m = poly[0] > poly[1] > ... > poly[k] = 0.
-	              * The array is terminated with poly[k+1]=-1.
-	              * All elliptic curve irreducibles have at most 5
-	              * non-zero terms.
-	              */
-
-	BIGNUM a, b; /* Curve coefficients.
-	              * (Here the assumption is that BIGNUMs can be used
-	              * or abused for all kinds of fields, not just GF(p).)
-	              * For characteristic  > 3,  the curve is defined
-	              * by a Weierstrass equation of the form
-	              *     y^2 = x^3 + a*x + b.
-	              * For characteristic  2,  the curve is defined by
-	              * an equation of the form
-	              *     y^2 + x*y = x^3 + a*x^2 + b.
-	              */
-
-	int a_is_minus3; /* enable optimized point arithmetics for special case */
-
-	void *field_data1; /* method-specific (e.g., Montgomery structure) */
-	void *field_data2; /* method-specific */
-	int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *,	BN_CTX *); /* method-specific */
-} /* EC_GROUP */;
-
-struct ec_key_st {
-	int version;
-
-	EC_GROUP *group;
-
-	EC_POINT *pub_key;
-	BIGNUM	 *priv_key;
-
-	unsigned int enc_flag;
-	point_conversion_form_t conv_form;
-
-	int 	references;
-	int	flags;
-
-	EC_EXTRA_DATA *method_data;
-} /* EC_KEY */;
-
-/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only
- * (with visibility limited to 'package' level for now).
- * We use the function pointers as index for retrieval; this obviates
- * global ex_data-style index tables.
- */
-int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_free_data(EC_EXTRA_DATA **,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
-void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
-void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
-
-
-
-struct ec_point_st {
-	const EC_METHOD *meth;
-
-	/* All members except 'meth' are handled by the method functions,
-	 * even if they appear generic */
-
-	BIGNUM X;
-	BIGNUM Y;
-	BIGNUM Z; /* Jacobian projective coordinates:
-	           * (X, Y, Z)  represents  (X/Z^2, Y/Z^3)  if  Z != 0 */
-	int Z_is_one; /* enable optimized point arithmetics for special case */
-} /* EC_POINT */;
-
-
-
-/* method functions in ec_mult.c
- * (ec_lib.c uses these as defaults if group->method->mul is 0) */
-int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-	size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
-int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
-
-
-/* method functions in ecp_smpl.c */
-int ec_GFp_simple_group_init(EC_GROUP *);
-void ec_GFp_simple_group_finish(EC_GROUP *);
-void ec_GFp_simple_group_clear_finish(EC_GROUP *);
-int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_get_degree(const EC_GROUP *);
-int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GFp_simple_point_init(EC_POINT *);
-void ec_GFp_simple_point_finish(EC_POINT *);
-void ec_GFp_simple_point_clear_finish(EC_POINT *);
-int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
-int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-	unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
-	const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
-/* method functions in ecp_mont.c */
-int ec_GFp_mont_group_init(EC_GROUP *);
-int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-void ec_GFp_mont_group_finish(EC_GROUP *);
-void ec_GFp_mont_group_clear_finish(EC_GROUP *);
-int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
-
-
-/* method functions in ecp_nist.c */
-int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
-int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-
-
-/* method functions in ec2_smpl.c */
-int ec_GF2m_simple_group_init(EC_GROUP *);
-void ec_GF2m_simple_group_finish(EC_GROUP *);
-void ec_GF2m_simple_group_clear_finish(EC_GROUP *);
-int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *);
-int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_group_get_degree(const EC_GROUP *);
-int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
-int ec_GF2m_simple_point_init(EC_POINT *);
-void ec_GF2m_simple_point_finish(EC_POINT *);
-void ec_GF2m_simple_point_clear_finish(EC_POINT *);
-int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *);
-int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
-int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
-	BIGNUM *x, BIGNUM *y, BN_CTX *);
-int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
-	const BIGNUM *x, int y_bit, BN_CTX *);
-size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
-	unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
-	const unsigned char *buf, size_t len, BN_CTX *);
-int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
-int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
-int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
-int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
-int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
-int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
-int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
-
-
-/* method functions in ec2_mult.c */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-	size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ec2_mult.c */
-int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-	size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
-
-#ifndef OPENSSL_EC_NISTP_64_GCC_128
-/* method functions in ecp_nistp224.c */
-int ec_GFp_nistp224_group_init(EC_GROUP *group);
-int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_nistp256.c */
-int ec_GFp_nistp256_group_init(EC_GROUP *group);
-int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
-
-/* method functions in ecp_nistp521.c */
-int ec_GFp_nistp521_group_init(EC_GROUP *group);
-int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *n, BN_CTX *);
-int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
-int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
-int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx);
-int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
-int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
-
-/* utility functions in ecp_nistputil.c */
-void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
-	size_t felem_size, void *tmp_felems,
-	void (*felem_one)(void *out),
-	int (*felem_is_zero)(const void *in),
-	void (*felem_assign)(void *out, const void *in),
-	void (*felem_square)(void *out, const void *in),
-	void (*felem_mul)(void *out, const void *in1, const void *in2),
-	void (*felem_inv)(void *out, const void *in),
-	void (*felem_contract)(void *out, const void *in));
-void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in);
-#endif
diff --git a/lib/libssl/src/crypto/ec/ec_lib.c b/lib/libssl/src/crypto/ec/ec_lib.c
deleted file mode 100644
index 2b5abbd4bbf..00000000000
--- a/lib/libssl/src/crypto/ec/ec_lib.c
+++ /dev/null
@@ -1,1120 +0,0 @@
-/* $OpenBSD: ec_lib.c,v 1.20 2015/10/13 15:25:18 jsing Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/opensslv.h>
-
-#include "ec_lcl.h"
-
-/* functions for EC_GROUP objects */
-
-EC_GROUP *
-EC_GROUP_new(const EC_METHOD * meth)
-{
-	EC_GROUP *ret;
-
-	if (meth == NULL) {
-		ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
-		return NULL;
-	}
-	if (meth->group_init == 0) {
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return NULL;
-	}
-	ret = malloc(sizeof *ret);
-	if (ret == NULL) {
-		ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->meth = meth;
-
-	ret->extra_data = NULL;
-
-	ret->generator = NULL;
-	BN_init(&ret->order);
-	BN_init(&ret->cofactor);
-
-	ret->curve_name = 0;
-	ret->asn1_flag = 0;
-	ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED;
-
-	ret->seed = NULL;
-	ret->seed_len = 0;
-
-	if (!meth->group_init(ret)) {
-		free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-
-void 
-EC_GROUP_free(EC_GROUP * group)
-{
-	if (!group)
-		return;
-
-	if (group->meth->group_finish != 0)
-		group->meth->group_finish(group);
-
-	EC_EX_DATA_free_all_data(&group->extra_data);
-
-	EC_POINT_free(group->generator);
-	BN_free(&group->order);
-	BN_free(&group->cofactor);
-
-	free(group->seed);
-
-	free(group);
-}
-
-
-void 
-EC_GROUP_clear_free(EC_GROUP * group)
-{
-	if (!group)
-		return;
-
-	if (group->meth->group_clear_finish != 0)
-		group->meth->group_clear_finish(group);
-	else if (group->meth->group_finish != 0)
-		group->meth->group_finish(group);
-
-	EC_EX_DATA_clear_free_all_data(&group->extra_data);
-
-	EC_POINT_clear_free(group->generator);
-	BN_clear_free(&group->order);
-	BN_clear_free(&group->cofactor);
-
-	if (group->seed) {
-		explicit_bzero(group->seed, group->seed_len);
-		free(group->seed);
-	}
-	explicit_bzero(group, sizeof *group);
-	free(group);
-}
-
-
-int 
-EC_GROUP_copy(EC_GROUP * dest, const EC_GROUP * src)
-{
-	EC_EXTRA_DATA *d;
-
-	if (dest->meth->group_copy == 0) {
-		ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (dest->meth != src->meth) {
-		ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (dest == src)
-		return 1;
-
-	EC_EX_DATA_free_all_data(&dest->extra_data);
-
-	for (d = src->extra_data; d != NULL; d = d->next) {
-		void *t = d->dup_func(d->data);
-
-		if (t == NULL)
-			return 0;
-		if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func,
-		    d->free_func, d->clear_free_func))
-			return 0;
-	}
-
-	if (src->generator != NULL) {
-		if (dest->generator == NULL) {
-			dest->generator = EC_POINT_new(dest);
-			if (dest->generator == NULL)
-				return 0;
-		}
-		if (!EC_POINT_copy(dest->generator, src->generator))
-			return 0;
-	} else {
-		/* src->generator == NULL */
-		EC_POINT_clear_free(dest->generator);
-		dest->generator = NULL;
-	}
-
-	if (!BN_copy(&dest->order, &src->order))
-		return 0;
-	if (!BN_copy(&dest->cofactor, &src->cofactor))
-		return 0;
-
-	dest->curve_name = src->curve_name;
-	dest->asn1_flag = src->asn1_flag;
-	dest->asn1_form = src->asn1_form;
-
-	if (src->seed) {
-		free(dest->seed);
-		dest->seed = malloc(src->seed_len);
-		if (dest->seed == NULL)
-			return 0;
-		memcpy(dest->seed, src->seed, src->seed_len);
-		dest->seed_len = src->seed_len;
-	} else {
-		free(dest->seed);
-		dest->seed = NULL;
-		dest->seed_len = 0;
-	}
-
-
-	return dest->meth->group_copy(dest, src);
-}
-
-
-EC_GROUP *
-EC_GROUP_dup(const EC_GROUP * a)
-{
-	EC_GROUP *t = NULL;
-	int ok = 0;
-
-	if (a == NULL)
-		return NULL;
-
-	if ((t = EC_GROUP_new(a->meth)) == NULL)
-		return (NULL);
-	if (!EC_GROUP_copy(t, a))
-		goto err;
-
-	ok = 1;
-
-err:
-	if (!ok) {
-		EC_GROUP_free(t);
-		return NULL;
-	} else
-		return t;
-}
-
-
-const EC_METHOD *
-EC_GROUP_method_of(const EC_GROUP *group)
-{
-	return group->meth;
-}
-
-
-int 
-EC_METHOD_get_field_type(const EC_METHOD *meth)
-{
-	return meth->field_type;
-}
-
-
-int 
-EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
-    const BIGNUM *order, const BIGNUM *cofactor)
-{
-	if (generator == NULL) {
-		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if (group->generator == NULL) {
-		group->generator = EC_POINT_new(group);
-		if (group->generator == NULL)
-			return 0;
-	}
-	if (!EC_POINT_copy(group->generator, generator))
-		return 0;
-
-	if (order != NULL) {
-		if (!BN_copy(&group->order, order))
-			return 0;
-	} else
-		BN_zero(&group->order);
-
-	if (cofactor != NULL) {
-		if (!BN_copy(&group->cofactor, cofactor))
-			return 0;
-	} else
-		BN_zero(&group->cofactor);
-
-	return 1;
-}
-
-
-const EC_POINT *
-EC_GROUP_get0_generator(const EC_GROUP *group)
-{
-	return group->generator;
-}
-
-
-int 
-EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-{
-	if (!BN_copy(order, &group->order))
-		return 0;
-
-	return !BN_is_zero(order);
-}
-
-
-int 
-EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-{
-	if (!BN_copy(cofactor, &group->cofactor))
-		return 0;
-
-	return !BN_is_zero(&group->cofactor);
-}
-
-
-void 
-EC_GROUP_set_curve_name(EC_GROUP * group, int nid)
-{
-	group->curve_name = nid;
-}
-
-
-int 
-EC_GROUP_get_curve_name(const EC_GROUP * group)
-{
-	return group->curve_name;
-}
-
-
-void 
-EC_GROUP_set_asn1_flag(EC_GROUP * group, int flag)
-{
-	group->asn1_flag = flag;
-}
-
-
-int 
-EC_GROUP_get_asn1_flag(const EC_GROUP * group)
-{
-	return group->asn1_flag;
-}
-
-
-void 
-EC_GROUP_set_point_conversion_form(EC_GROUP * group,
-    point_conversion_form_t form)
-{
-	group->asn1_form = form;
-}
-
-
-point_conversion_form_t 
-EC_GROUP_get_point_conversion_form(const EC_GROUP * group)
-{
-	return group->asn1_form;
-}
-
-
-size_t 
-EC_GROUP_set_seed(EC_GROUP * group, const unsigned char *p, size_t len)
-{
-	if (group->seed) {
-		free(group->seed);
-		group->seed = NULL;
-		group->seed_len = 0;
-	}
-	if (!len || !p)
-		return 1;
-
-	if ((group->seed = malloc(len)) == NULL)
-		return 0;
-	memcpy(group->seed, p, len);
-	group->seed_len = len;
-
-	return len;
-}
-
-
-unsigned char *
-EC_GROUP_get0_seed(const EC_GROUP * group)
-{
-	return group->seed;
-}
-
-
-size_t 
-EC_GROUP_get_seed_len(const EC_GROUP * group)
-{
-	return group->seed_len;
-}
-
-
-int 
-EC_GROUP_set_curve_GFp(EC_GROUP * group, const BIGNUM * p, const BIGNUM * a,
-    const BIGNUM * b, BN_CTX * ctx)
-{
-	if (group->meth->group_set_curve == 0) {
-		ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_set_curve(group, p, a, b, ctx);
-}
-
-
-int 
-EC_GROUP_get_curve_GFp(const EC_GROUP * group, BIGNUM * p, BIGNUM * a,
-    BIGNUM * b, BN_CTX * ctx)
-{
-	if (group->meth->group_get_curve == 0) {
-		ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_get_curve(group, p, a, b, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int 
-EC_GROUP_set_curve_GF2m(EC_GROUP * group, const BIGNUM * p, const BIGNUM * a,
-    const BIGNUM * b, BN_CTX * ctx)
-{
-	if (group->meth->group_set_curve == 0) {
-		ECerr(EC_F_EC_GROUP_SET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_set_curve(group, p, a, b, ctx);
-}
-
-
-int 
-EC_GROUP_get_curve_GF2m(const EC_GROUP * group, BIGNUM * p, BIGNUM * a,
-    BIGNUM * b, BN_CTX * ctx)
-{
-	if (group->meth->group_get_curve == 0) {
-		ECerr(EC_F_EC_GROUP_GET_CURVE_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_get_curve(group, p, a, b, ctx);
-}
-#endif
-
-int 
-EC_GROUP_get_degree(const EC_GROUP * group)
-{
-	if (group->meth->group_get_degree == 0) {
-		ECerr(EC_F_EC_GROUP_GET_DEGREE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_get_degree(group);
-}
-
-
-int 
-EC_GROUP_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
-{
-	if (group->meth->group_check_discriminant == 0) {
-		ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	return group->meth->group_check_discriminant(group, ctx);
-}
-
-
-int 
-EC_GROUP_cmp(const EC_GROUP * a, const EC_GROUP * b, BN_CTX * ctx)
-{
-	int r = 0;
-	BIGNUM *a1, *a2, *a3, *b1, *b2, *b3;
-	BN_CTX *ctx_new = NULL;
-
-	/* compare the field types */
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
-	    EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
-		return 1;
-	/* compare the curve name (if present in both) */
-	if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
-	    EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
-		return 1;
-
-	if (!ctx)
-		ctx_new = ctx = BN_CTX_new();
-	if (!ctx)
-		return -1;
-
-	BN_CTX_start(ctx);
-	if ((a1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((a2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((a3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * XXX This approach assumes that the external representation of
-	 * curves over the same field type is the same.
-	 */
-	if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) ||
-	    !b->meth->group_get_curve(b, b1, b2, b3, ctx))
-		r = 1;
-
-	if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
-		r = 1;
-
-	/* XXX EC_POINT_cmp() assumes that the methods are equal */
-	if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a),
-		EC_GROUP_get0_generator(b), ctx))
-		r = 1;
-
-	if (!r) {
-		/* compare the order and cofactor */
-		if (!EC_GROUP_get_order(a, a1, ctx) ||
-		    !EC_GROUP_get_order(b, b1, ctx) ||
-		    !EC_GROUP_get_cofactor(a, a2, ctx) ||
-		    !EC_GROUP_get_cofactor(b, b2, ctx))
-			goto err;
-		if (BN_cmp(a1, b1) || BN_cmp(a2, b2))
-			r = 1;
-	}
-	BN_CTX_end(ctx);
-	if (ctx_new)
-		BN_CTX_free(ctx);
-
-	return r;
-
-err:
-	BN_CTX_end(ctx);
-	if (ctx_new)
-		BN_CTX_free(ctx);
-	return -1;
-}
-
-
-/* this has 'package' visibility */
-int 
-EC_EX_DATA_set_data(EC_EXTRA_DATA ** ex_data, void *data,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	EC_EXTRA_DATA *d;
-
-	if (ex_data == NULL)
-		return 0;
-
-	for (d = *ex_data; d != NULL; d = d->next) {
-		if (d->dup_func == dup_func && d->free_func == free_func &&
-		    d->clear_free_func == clear_free_func) {
-			ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL);
-			return 0;
-		}
-	}
-
-	if (data == NULL)
-		/* no explicit entry needed */
-		return 1;
-
-	d = malloc(sizeof *d);
-	if (d == NULL)
-		return 0;
-
-	d->data = data;
-	d->dup_func = dup_func;
-	d->free_func = free_func;
-	d->clear_free_func = clear_free_func;
-
-	d->next = *ex_data;
-	*ex_data = d;
-
-	return 1;
-}
-
-/* this has 'package' visibility */
-void *
-EC_EX_DATA_get_data(const EC_EXTRA_DATA * ex_data,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	const EC_EXTRA_DATA *d;
-
-	for (d = ex_data; d != NULL; d = d->next) {
-		if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func)
-			return d->data;
-	}
-
-	return NULL;
-}
-
-/* this has 'package' visibility */
-void 
-EC_EX_DATA_free_data(EC_EXTRA_DATA ** ex_data,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	EC_EXTRA_DATA **p;
-
-	if (ex_data == NULL)
-		return;
-
-	for (p = ex_data; *p != NULL; p = &((*p)->next)) {
-		if ((*p)->dup_func == dup_func &&
-		    (*p)->free_func == free_func &&
-		    (*p)->clear_free_func == clear_free_func) {
-			EC_EXTRA_DATA *next = (*p)->next;
-
-			(*p)->free_func((*p)->data);
-			free(*p);
-
-			*p = next;
-			return;
-		}
-	}
-}
-
-/* this has 'package' visibility */
-void 
-EC_EX_DATA_clear_free_data(EC_EXTRA_DATA ** ex_data,
-    void *(*dup_func) (void *),
-    void (*free_func) (void *),
-    void (*clear_free_func) (void *))
-{
-	EC_EXTRA_DATA **p;
-
-	if (ex_data == NULL)
-		return;
-
-	for (p = ex_data; *p != NULL; p = &((*p)->next)) {
-		if ((*p)->dup_func == dup_func &&
-		    (*p)->free_func == free_func &&
-		    (*p)->clear_free_func == clear_free_func) {
-			EC_EXTRA_DATA *next = (*p)->next;
-
-			(*p)->clear_free_func((*p)->data);
-			free(*p);
-
-			*p = next;
-			return;
-		}
-	}
-}
-
-/* this has 'package' visibility */
-void 
-EC_EX_DATA_free_all_data(EC_EXTRA_DATA ** ex_data)
-{
-	EC_EXTRA_DATA *d;
-
-	if (ex_data == NULL)
-		return;
-
-	d = *ex_data;
-	while (d) {
-		EC_EXTRA_DATA *next = d->next;
-
-		d->free_func(d->data);
-		free(d);
-
-		d = next;
-	}
-	*ex_data = NULL;
-}
-
-/* this has 'package' visibility */
-void 
-EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA ** ex_data)
-{
-	EC_EXTRA_DATA *d;
-
-	if (ex_data == NULL)
-		return;
-
-	d = *ex_data;
-	while (d) {
-		EC_EXTRA_DATA *next = d->next;
-
-		d->clear_free_func(d->data);
-		free(d);
-
-		d = next;
-	}
-	*ex_data = NULL;
-}
-
-
-/* functions for EC_POINT objects */
-
-EC_POINT *
-EC_POINT_new(const EC_GROUP * group)
-{
-	EC_POINT *ret;
-
-	if (group == NULL) {
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-	}
-	if (group->meth->point_init == 0) {
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return NULL;
-	}
-	ret = malloc(sizeof *ret);
-	if (ret == NULL) {
-		ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->meth = group->meth;
-
-	if (!ret->meth->point_init(ret)) {
-		free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-
-void 
-EC_POINT_free(EC_POINT * point)
-{
-	if (!point)
-		return;
-
-	if (point->meth->point_finish != 0)
-		point->meth->point_finish(point);
-	free(point);
-}
-
-
-void 
-EC_POINT_clear_free(EC_POINT * point)
-{
-	if (!point)
-		return;
-
-	if (point->meth->point_clear_finish != 0)
-		point->meth->point_clear_finish(point);
-	else if (point->meth->point_finish != 0)
-		point->meth->point_finish(point);
-	explicit_bzero(point, sizeof *point);
-	free(point);
-}
-
-
-int 
-EC_POINT_copy(EC_POINT * dest, const EC_POINT * src)
-{
-	if (dest->meth->point_copy == 0) {
-		ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (dest->meth != src->meth) {
-		ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (dest == src)
-		return 1;
-	return dest->meth->point_copy(dest, src);
-}
-
-
-EC_POINT *
-EC_POINT_dup(const EC_POINT * a, const EC_GROUP * group)
-{
-	EC_POINT *t;
-	int r;
-
-	if (a == NULL)
-		return NULL;
-
-	t = EC_POINT_new(group);
-	if (t == NULL)
-		return (NULL);
-	r = EC_POINT_copy(t, a);
-	if (!r) {
-		EC_POINT_free(t);
-		return NULL;
-	} else
-		return t;
-}
-
-
-const EC_METHOD *
-EC_POINT_method_of(const EC_POINT * point)
-{
-	return point->meth;
-}
-
-
-int 
-EC_POINT_set_to_infinity(const EC_GROUP * group, EC_POINT * point)
-{
-	if (group->meth->point_set_to_infinity == 0) {
-		ECerr(EC_F_EC_POINT_SET_TO_INFINITY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_TO_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_set_to_infinity(group, point);
-}
-
-
-int 
-EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-    const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx)
-{
-	if (group->meth->point_set_Jprojective_coordinates_GFp == 0) {
-		ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, z, ctx);
-}
-
-
-int 
-EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-    const EC_POINT *point, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
-{
-	if (group->meth->point_get_Jprojective_coordinates_GFp == 0) {
-		ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_get_Jprojective_coordinates_GFp(group, point, x, y, z, ctx);
-}
-
-
-int 
-EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point,
-    const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
-{
-	if (group->meth->point_set_affine_coordinates == 0) {
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int 
-EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *point,
-    const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx)
-{
-	if (group->meth->point_set_affine_coordinates == 0) {
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
-}
-#endif
-
-int 
-EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point,
-    BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-{
-	if (group->meth->point_get_affine_coordinates == 0) {
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int 
-EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group, const EC_POINT *point,
-    BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
-{
-	if (group->meth->point_get_affine_coordinates == 0) {
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
-}
-#endif
-
-int 
-EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
-    const EC_POINT *b, BN_CTX *ctx)
-{
-	if (group->meth->add == 0) {
-		ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth)) {
-		ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->add(group, r, a, b, ctx);
-}
-
-
-int 
-EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx)
-{
-	if (group->meth->dbl == 0) {
-		ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if ((group->meth != r->meth) || (r->meth != a->meth)) {
-		ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->dbl(group, r, a, ctx);
-}
-
-
-int 
-EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
-{
-	if (group->meth->invert == 0) {
-		ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != a->meth) {
-		ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->invert(group, a, ctx);
-}
-
-
-int 
-EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
-{
-	if (group->meth->is_at_infinity == 0) {
-		ECerr(EC_F_EC_POINT_IS_AT_INFINITY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->is_at_infinity(group, point);
-}
-
-
-int 
-EC_POINT_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX * ctx)
-{
-	if (group->meth->is_on_curve == 0) {
-		ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->is_on_curve(group, point, ctx);
-}
-
-
-int 
-EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
-    BN_CTX * ctx)
-{
-	if (group->meth->point_cmp == 0) {
-		ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return -1;
-	}
-	if ((group->meth != a->meth) || (a->meth != b->meth)) {
-		ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
-		return -1;
-	}
-	return group->meth->point_cmp(group, a, b, ctx);
-}
-
-
-int 
-EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
-{
-	if (group->meth->make_affine == 0) {
-		ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	return group->meth->make_affine(group, point, ctx);
-}
-
-
-int 
-EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[],
-    BN_CTX *ctx)
-{
-	size_t i;
-
-	if (group->meth->points_make_affine == 0) {
-		ECerr(EC_F_EC_POINTS_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	for (i = 0; i < num; i++) {
-		if (group->meth != points[i]->meth) {
-			ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
-			return 0;
-		}
-	}
-	return group->meth->points_make_affine(group, num, points, ctx);
-}
-
-
-/* Functions for point multiplication.
- *
- * If group->meth->mul is 0, we use the wNAF-based implementations in ec_mult.c;
- * otherwise we dispatch through methods.
- */
-
-int 
-EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-    size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx)
-{
-	if (group->meth->mul == 0)
-		/* use default */
-		return ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-
-	return group->meth->mul(group, r, scalar, num, points, scalars, ctx);
-}
-
-int 
-EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
-    const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx)
-{
-	/* just a convenient interface to EC_POINTs_mul() */
-
-	const EC_POINT *points[1];
-	const BIGNUM *scalars[1];
-
-	points[0] = point;
-	scalars[0] = p_scalar;
-
-	return EC_POINTs_mul(group, r, g_scalar,
-	    (point != NULL && p_scalar != NULL),
-	    points, scalars, ctx);
-}
-
-int 
-EC_GROUP_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	if (group->meth->mul == 0)
-		/* use default */
-		return ec_wNAF_precompute_mult(group, ctx);
-
-	if (group->meth->precompute_mult != 0)
-		return group->meth->precompute_mult(group, ctx);
-	else
-		return 1;	/* nothing to do, so report success */
-}
-
-int 
-EC_GROUP_have_precompute_mult(const EC_GROUP * group)
-{
-	if (group->meth->mul == 0)
-		/* use default */
-		return ec_wNAF_have_precompute_mult(group);
-
-	if (group->meth->have_precompute_mult != 0)
-		return group->meth->have_precompute_mult(group);
-	else
-		return 0;	/* cannot tell whether precomputation has
-				 * been performed */
-}
-
-EC_KEY *
-ECParameters_dup(EC_KEY *key)
-{
-	unsigned char *p = NULL;
-	EC_KEY *k = NULL;
-	int len;
-
-	if (key == NULL)
-		return (NULL);
-
-	if ((len = i2d_ECParameters(key, &p)) > 0)
-		k = d2i_ECParameters(NULL, (const unsigned char **)&p, len);
-
-	return (k);	
-}
diff --git a/lib/libssl/src/crypto/ec/ec_mult.c b/lib/libssl/src/crypto/ec/ec_mult.c
deleted file mode 100644
index e428ac586b1..00000000000
--- a/lib/libssl/src/crypto/ec/ec_mult.c
+++ /dev/null
@@ -1,886 +0,0 @@
-/* $OpenBSD: ec_mult.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-
-/*
- * This file implements the wNAF-based interleaving multi-exponentation method
- * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
- * for multiplication with precomputation, we use wNAF splitting
- * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
- */
-
-
-
-
-/* structure for precomputed multiples of the generator */
-typedef struct ec_pre_comp_st {
-	const EC_GROUP *group;	/* parent EC_GROUP object */
-	size_t blocksize;	/* block size for wNAF splitting */
-	size_t numblocks;	/* max. number of blocks for which we have
-				 * precomputation */
-	size_t w;		/* window size */
-	EC_POINT **points;	/* array with pre-calculated multiples of
-				 * generator: 'num' pointers to EC_POINT
-				 * objects followed by a NULL */
-	size_t num;		/* numblocks * 2^(w-1) */
-	int references;
-} EC_PRE_COMP;
-
-/* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */
-static void *ec_pre_comp_dup(void *);
-static void ec_pre_comp_free(void *);
-static void ec_pre_comp_clear_free(void *);
-
-static EC_PRE_COMP *
-ec_pre_comp_new(const EC_GROUP * group)
-{
-	EC_PRE_COMP *ret = NULL;
-
-	if (!group)
-		return NULL;
-
-	ret = malloc(sizeof(EC_PRE_COMP));
-	if (!ret) {
-		ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-		return ret;
-	}
-	ret->group = group;
-	ret->blocksize = 8;	/* default */
-	ret->numblocks = 0;
-	ret->w = 4;		/* default */
-	ret->points = NULL;
-	ret->num = 0;
-	ret->references = 1;
-	return ret;
-}
-
-static void *
-ec_pre_comp_dup(void *src_)
-{
-	EC_PRE_COMP *src = src_;
-
-	/* no need to actually copy, these objects never change! */
-
-	CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-	return src_;
-}
-
-static void 
-ec_pre_comp_free(void *pre_)
-{
-	int i;
-	EC_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	if (pre->points) {
-		EC_POINT **p;
-
-		for (p = pre->points; *p != NULL; p++)
-			EC_POINT_free(*p);
-		free(pre->points);
-	}
-	free(pre);
-}
-
-static void 
-ec_pre_comp_clear_free(void *pre_)
-{
-	int i;
-	EC_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	if (pre->points) {
-		EC_POINT **p;
-
-		for (p = pre->points; *p != NULL; p++) {
-			EC_POINT_clear_free(*p);
-			explicit_bzero(p, sizeof *p);
-		}
-		free(pre->points);
-	}
-	explicit_bzero(pre, sizeof *pre);
-	free(pre);
-}
-
-
-
-
-/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
- * This is an array  r[]  of values that are either zero or odd with an
- * absolute value less than  2^w  satisfying
- *     scalar = \sum_j r[j]*2^j
- * where at most one of any  w+1  consecutive digits is non-zero
- * with the exception that the most significant digit may be only
- * w-1 zeros away from that next non-zero digit.
- */
-static signed char *
-compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
-{
-	int window_val;
-	int ok = 0;
-	signed char *r = NULL;
-	int sign = 1;
-	int bit, next_bit, mask;
-	size_t len = 0, j;
-
-	if (BN_is_zero(scalar)) {
-		r = malloc(1);
-		if (!r) {
-			ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		r[0] = 0;
-		*ret_len = 1;
-		return r;
-	}
-	if (w <= 0 || w > 7) {
-		/* 'signed char' can represent integers with
-		 * absolute values less than 2^7 */
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	bit = 1 << w;		/* at most 128 */
-	next_bit = bit << 1;	/* at most 256 */
-	mask = next_bit - 1;	/* at most 255 */
-
-	if (BN_is_negative(scalar)) {
-		sign = -1;
-	}
-	if (scalar->d == NULL || scalar->top == 0) {
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	len = BN_num_bits(scalar);
-	r = malloc(len + 1);	/* modified wNAF may be one digit longer than
-				 * binary representation (*ret_len will be
-				 * set to the actual length, i.e. at most
-				 * BN_num_bits(scalar) + 1) */
-	if (r == NULL) {
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	window_val = scalar->d[0] & mask;
-	j = 0;
-	while ((window_val != 0) || (j + w + 1 < len)) {
-		/* if j+w+1 >= len, window_val will not increase */
-		int digit = 0;
-
-		/* 0 <= window_val <= 2^(w+1) */
-		if (window_val & 1) {
-			/* 0 < window_val < 2^(w+1) */
-			if (window_val & bit) {
-				digit = window_val - next_bit;	/* -2^w < digit < 0 */
-
-#if 1				/* modified wNAF */
-				if (j + w + 1 >= len) {
-					/*
-					 * special case for generating
-					 * modified wNAFs: no new bits will
-					 * be added into window_val, so using
-					 * a positive digit here will
-					 * decrease the total length of the
-					 * representation
-					 */
-
-					digit = window_val & (mask >> 1);	/* 0 < digit < 2^w */
-				}
-#endif
-			} else {
-				digit = window_val;	/* 0 < digit < 2^w */
-			}
-
-			if (digit <= -bit || digit >= bit || !(digit & 1)) {
-				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			window_val -= digit;
-
-			/*
-			 * now window_val is 0 or 2^(w+1) in standard wNAF
-			 * generation; for modified window NAFs, it may also
-			 * be 2^w
-			 */
-			if (window_val != 0 && window_val != next_bit && window_val != bit) {
-				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-		}
-		r[j++] = sign * digit;
-
-		window_val >>= 1;
-		window_val += bit * BN_is_bit_set(scalar, j + w);
-
-		if (window_val > next_bit) {
-			ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-	}
-
-	if (j > len + 1) {
-		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	len = j;
-	ok = 1;
-
-err:
-	if (!ok) {
-		free(r);
-		r = NULL;
-	}
-	if (ok)
-		*ret_len = len;
-	return r;
-}
-
-
-/* TODO: table should be optimised for the wNAF-based implementation,
- *       sometimes smaller windows will give better performance
- *       (thus the boundaries should be increased)
- */
-#define EC_window_bits_for_scalar_size(b) \
-		((size_t) \
-		 ((b) >= 2000 ? 6 : \
-		  (b) >=  800 ? 5 : \
-		  (b) >=  300 ? 4 : \
-		  (b) >=   70 ? 3 : \
-		  (b) >=   20 ? 2 : \
-		  1))
-
-/* Compute
- *      \sum scalars[i]*points[i],
- * also including
- *      scalar*generator
- * in the addition if scalar != NULL
- */
-int 
-ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
-    size_t num, const EC_POINT * points[], const BIGNUM * scalars[], BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	const EC_POINT *generator = NULL;
-	EC_POINT *tmp = NULL;
-	size_t totalnum;
-	size_t blocksize = 0, numblocks = 0;	/* for wNAF splitting */
-	size_t pre_points_per_block = 0;
-	size_t i, j;
-	int k;
-	int r_is_inverted = 0;
-	int r_is_at_infinity = 1;
-	size_t *wsize = NULL;	/* individual window sizes */
-	signed char **wNAF = NULL;	/* individual wNAFs */
-	signed char *tmp_wNAF = NULL;
-	size_t *wNAF_len = NULL;
-	size_t max_len = 0;
-	size_t num_val;
-	EC_POINT **val = NULL;	/* precomputation */
-	EC_POINT **v;
-	EC_POINT ***val_sub = NULL;	/* pointers to sub-arrays of 'val' or
-					 * 'pre_comp->points' */
-	const EC_PRE_COMP *pre_comp = NULL;
-	int num_scalar = 0;	/* flag: will be set to 1 if 'scalar' must be
-				 * treated like other scalars, i.e.
-				 * precomputation is not available */
-	int ret = 0;
-
-	if (group->meth != r->meth) {
-		ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if ((scalar == NULL) && (num == 0)) {
-		return EC_POINT_set_to_infinity(group, r);
-	}
-	for (i = 0; i < num; i++) {
-		if (group->meth != points[i]->meth) {
-			ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
-			return 0;
-		}
-	}
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			goto err;
-	}
-	if (scalar != NULL) {
-		generator = EC_GROUP_get0_generator(group);
-		if (generator == NULL) {
-			ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR);
-			goto err;
-		}
-		/* look if we can use precomputed multiples of generator */
-
-		pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
-
-		if (pre_comp && pre_comp->numblocks &&
-		    (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0)) {
-			blocksize = pre_comp->blocksize;
-
-			/*
-			 * determine maximum number of blocks that wNAF
-			 * splitting may yield (NB: maximum wNAF length is
-			 * bit length plus one)
-			 */
-			numblocks = (BN_num_bits(scalar) / blocksize) + 1;
-
-			/*
-			 * we cannot use more blocks than we have
-			 * precomputation for
-			 */
-			if (numblocks > pre_comp->numblocks)
-				numblocks = pre_comp->numblocks;
-
-			pre_points_per_block = (size_t) 1 << (pre_comp->w - 1);
-
-			/* check that pre_comp looks sane */
-			if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
-				ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-		} else {
-			/* can't use precomputation */
-			pre_comp = NULL;
-			numblocks = 1;
-			num_scalar = 1;	/* treat 'scalar' like 'num'-th
-					 * element of 'scalars' */
-		}
-	}
-	totalnum = num + numblocks;
-
-	/* includes space for pivot */
-	wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
-	if (wNAF == NULL) {
-		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	wNAF[0] = NULL;		/* preliminary pivot */
-
-	wsize = reallocarray(NULL, totalnum, sizeof wsize[0]);
-	wNAF_len = reallocarray(NULL, totalnum, sizeof wNAF_len[0]);
-	val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
-
-	if (wsize == NULL || wNAF_len == NULL || val_sub == NULL) {
-		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* num_val will be the total number of temporarily precomputed points */
-	num_val = 0;
-
-	for (i = 0; i < num + num_scalar; i++) {
-		size_t bits;
-
-		bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
-		wsize[i] = EC_window_bits_for_scalar_size(bits);
-		num_val += (size_t) 1 << (wsize[i] - 1);
-		wNAF[i + 1] = NULL;	/* make sure we always have a pivot */
-		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
-		if (wNAF[i] == NULL)
-			goto err;
-		if (wNAF_len[i] > max_len)
-			max_len = wNAF_len[i];
-	}
-
-	if (numblocks) {
-		/* we go here iff scalar != NULL */
-
-		if (pre_comp == NULL) {
-			if (num_scalar != 1) {
-				ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			/* we have already generated a wNAF for 'scalar' */
-		} else {
-			size_t tmp_len = 0;
-
-			if (num_scalar != 0) {
-				ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			/*
-			 * use the window size for which we have
-			 * precomputation
-			 */
-			wsize[num] = pre_comp->w;
-			tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len);
-			if (tmp_wNAF == NULL)
-				goto err;
-
-			if (tmp_len <= max_len) {
-				/*
-				 * One of the other wNAFs is at least as long
-				 * as the wNAF belonging to the generator, so
-				 * wNAF splitting will not buy us anything.
-				 */
-
-				numblocks = 1;
-				totalnum = num + 1;	/* don't use wNAF
-							 * splitting */
-				wNAF[num] = tmp_wNAF;
-				tmp_wNAF = NULL;
-				wNAF[num + 1] = NULL;
-				wNAF_len[num] = tmp_len;
-				if (tmp_len > max_len)
-					max_len = tmp_len;
-				/*
-				 * pre_comp->points starts with the points
-				 * that we need here:
-				 */
-				val_sub[num] = pre_comp->points;
-			} else {
-				/*
-				 * don't include tmp_wNAF directly into wNAF
-				 * array - use wNAF splitting and include the
-				 * blocks
-				 */
-
-				signed char *pp;
-				EC_POINT **tmp_points;
-
-				if (tmp_len < numblocks * blocksize) {
-					/*
-					 * possibly we can do with fewer
-					 * blocks than estimated
-					 */
-					numblocks = (tmp_len + blocksize - 1) / blocksize;
-					if (numblocks > pre_comp->numblocks) {
-						ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-						goto err;
-					}
-					totalnum = num + numblocks;
-				}
-				/* split wNAF in 'numblocks' parts */
-				pp = tmp_wNAF;
-				tmp_points = pre_comp->points;
-
-				for (i = num; i < totalnum; i++) {
-					if (i < totalnum - 1) {
-						wNAF_len[i] = blocksize;
-						if (tmp_len < blocksize) {
-							ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-							goto err;
-						}
-						tmp_len -= blocksize;
-					} else
-						/*
-						 * last block gets whatever
-						 * is left (this could be
-						 * more or less than
-						 * 'blocksize'!)
-						 */
-						wNAF_len[i] = tmp_len;
-
-					wNAF[i + 1] = NULL;
-					wNAF[i] = malloc(wNAF_len[i]);
-					if (wNAF[i] == NULL) {
-						ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-						goto err;
-					}
-					memcpy(wNAF[i], pp, wNAF_len[i]);
-					if (wNAF_len[i] > max_len)
-						max_len = wNAF_len[i];
-
-					if (*tmp_points == NULL) {
-						ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-						goto err;
-					}
-					val_sub[i] = tmp_points;
-					tmp_points += pre_points_per_block;
-					pp += blocksize;
-				}
-			}
-		}
-	}
-	/*
-	 * All points we precompute now go into a single array 'val'.
-	 * 'val_sub[i]' is a pointer to the subarray for the i-th point, or
-	 * to a subarray of 'pre_comp->points' if we already have
-	 * precomputation.
-	 */
-	val = reallocarray(NULL, (num_val + 1), sizeof val[0]);
-	if (val == NULL) {
-		ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	val[num_val] = NULL;	/* pivot element */
-
-	/* allocate points for precomputation */
-	v = val;
-	for (i = 0; i < num + num_scalar; i++) {
-		val_sub[i] = v;
-		for (j = 0; j < ((size_t) 1 << (wsize[i] - 1)); j++) {
-			*v = EC_POINT_new(group);
-			if (*v == NULL)
-				goto err;
-			v++;
-		}
-	}
-	if (!(v == val + num_val)) {
-		ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	if (!(tmp = EC_POINT_new(group)))
-		goto err;
-
-	/*
-	 * prepare precomputed values: val_sub[i][0] :=     points[i]
-	 * val_sub[i][1] := 3 * points[i] val_sub[i][2] := 5 * points[i] ...
-	 */
-	for (i = 0; i < num + num_scalar; i++) {
-		if (i < num) {
-			if (!EC_POINT_copy(val_sub[i][0], points[i]))
-				goto err;
-		} else {
-			if (!EC_POINT_copy(val_sub[i][0], generator))
-				goto err;
-		}
-
-		if (wsize[i] > 1) {
-			if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx))
-				goto err;
-			for (j = 1; j < ((size_t) 1 << (wsize[i] - 1)); j++) {
-				if (!EC_POINT_add(group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx))
-					goto err;
-			}
-		}
-	}
-
-	if (!EC_POINTs_make_affine(group, num_val, val, ctx))
-		goto err;
-
-	r_is_at_infinity = 1;
-
-	for (k = max_len - 1; k >= 0; k--) {
-		if (!r_is_at_infinity) {
-			if (!EC_POINT_dbl(group, r, r, ctx))
-				goto err;
-		}
-		for (i = 0; i < totalnum; i++) {
-			if (wNAF_len[i] > (size_t) k) {
-				int digit = wNAF[i][k];
-				int is_neg;
-
-				if (digit) {
-					is_neg = digit < 0;
-
-					if (is_neg)
-						digit = -digit;
-
-					if (is_neg != r_is_inverted) {
-						if (!r_is_at_infinity) {
-							if (!EC_POINT_invert(group, r, ctx))
-								goto err;
-						}
-						r_is_inverted = !r_is_inverted;
-					}
-					/* digit > 0 */
-
-					if (r_is_at_infinity) {
-						if (!EC_POINT_copy(r, val_sub[i][digit >> 1]))
-							goto err;
-						r_is_at_infinity = 0;
-					} else {
-						if (!EC_POINT_add(group, r, r, val_sub[i][digit >> 1], ctx))
-							goto err;
-					}
-				}
-			}
-		}
-	}
-
-	if (r_is_at_infinity) {
-		if (!EC_POINT_set_to_infinity(group, r))
-			goto err;
-	} else {
-		if (r_is_inverted)
-			if (!EC_POINT_invert(group, r, ctx))
-				goto err;
-	}
-
-	ret = 1;
-
-err:
-	BN_CTX_free(new_ctx);
-	EC_POINT_free(tmp);
-	free(wsize);
-	free(wNAF_len);
-	free(tmp_wNAF);
-	if (wNAF != NULL) {
-		signed char **w;
-
-		for (w = wNAF; *w != NULL; w++)
-			free(*w);
-
-		free(wNAF);
-	}
-	if (val != NULL) {
-		for (v = val; *v != NULL; v++)
-			EC_POINT_clear_free(*v);
-		free(val);
-	}
-	free(val_sub);
-	return ret;
-}
-
-
-/* ec_wNAF_precompute_mult()
- * creates an EC_PRE_COMP object with preprecomputed multiples of the generator
- * for use with wNAF splitting as implemented in ec_wNAF_mul().
- *
- * 'pre_comp->points' is an array of multiples of the generator
- * of the following form:
- * points[0] =     generator;
- * points[1] = 3 * generator;
- * ...
- * points[2^(w-1)-1] =     (2^(w-1)-1) * generator;
- * points[2^(w-1)]   =     2^blocksize * generator;
- * points[2^(w-1)+1] = 3 * 2^blocksize * generator;
- * ...
- * points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) *  2^(blocksize*(numblocks-2)) * generator
- * points[2^(w-1)*(numblocks-1)]   =              2^(blocksize*(numblocks-1)) * generator
- * ...
- * points[2^(w-1)*numblocks-1]     = (2^(w-1)) *  2^(blocksize*(numblocks-1)) * generator
- * points[2^(w-1)*numblocks]       = NULL
- */
-int 
-ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	const EC_POINT *generator;
-	EC_POINT *tmp_point = NULL, *base = NULL, **var;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *order;
-	size_t i, bits, w, pre_points_per_block, blocksize, numblocks,
-	 num;
-	EC_POINT **points = NULL;
-	EC_PRE_COMP *pre_comp;
-	int ret = 0;
-
-	/* if there is an old EC_PRE_COMP object, throw it away */
-	EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free);
-
-	if ((pre_comp = ec_pre_comp_new(group)) == NULL)
-		return 0;
-
-	generator = EC_GROUP_get0_generator(group);
-	if (generator == NULL) {
-		ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);
-		goto err;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			goto err;
-	}
-	BN_CTX_start(ctx);
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!EC_GROUP_get_order(group, order, ctx))
-		goto err;
-	if (BN_is_zero(order)) {
-		ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);
-		goto err;
-	}
-	bits = BN_num_bits(order);
-	/*
-	 * The following parameters mean we precompute (approximately) one
-	 * point per bit.
-	 * 
-	 * TBD: The combination  8, 4  is perfect for 160 bits; for other bit
-	 * lengths, other parameter combinations might provide better
-	 * efficiency.
-	 */
-	blocksize = 8;
-	w = 4;
-	if (EC_window_bits_for_scalar_size(bits) > w) {
-		/* let's not make the window too small ... */
-		w = EC_window_bits_for_scalar_size(bits);
-	}
-	numblocks = (bits + blocksize - 1) / blocksize;	/* max. number of blocks
-							 * to use for wNAF
-							 * splitting */
-
-	pre_points_per_block = (size_t) 1 << (w - 1);
-	num = pre_points_per_block * numblocks;	/* number of points to
-						 * compute and store */
-
-	points = reallocarray(NULL, (num + 1), sizeof(EC_POINT *));
-	if (!points) {
-		ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	var = points;
-	var[num] = NULL;	/* pivot */
-	for (i = 0; i < num; i++) {
-		if ((var[i] = EC_POINT_new(group)) == NULL) {
-			ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-
-	if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
-		ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!EC_POINT_copy(base, generator))
-		goto err;
-
-	/* do the precomputation */
-	for (i = 0; i < numblocks; i++) {
-		size_t j;
-
-		if (!EC_POINT_dbl(group, tmp_point, base, ctx))
-			goto err;
-
-		if (!EC_POINT_copy(*var++, base))
-			goto err;
-
-		for (j = 1; j < pre_points_per_block; j++, var++) {
-			/* calculate odd multiples of the current base point */
-			if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx))
-				goto err;
-		}
-
-		if (i < numblocks - 1) {
-			/*
-			 * get the next base (multiply current one by
-			 * 2^blocksize)
-			 */
-			size_t k;
-
-			if (blocksize <= 2) {
-				ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			if (!EC_POINT_dbl(group, base, tmp_point, ctx))
-				goto err;
-			for (k = 2; k < blocksize; k++) {
-				if (!EC_POINT_dbl(group, base, base, ctx))
-					goto err;
-			}
-		}
-	}
-
-	if (!EC_POINTs_make_affine(group, num, points, ctx))
-		goto err;
-
-	pre_comp->group = group;
-	pre_comp->blocksize = blocksize;
-	pre_comp->numblocks = numblocks;
-	pre_comp->w = w;
-	pre_comp->points = points;
-	points = NULL;
-	pre_comp->num = num;
-
-	if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
-		ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free))
-		goto err;
-	pre_comp = NULL;
-
-	ret = 1;
-err:
-	if (ctx != NULL)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	ec_pre_comp_free(pre_comp);
-	if (points) {
-		EC_POINT **p;
-
-		for (p = points; *p != NULL; p++)
-			EC_POINT_free(*p);
-		free(points);
-	}
-	EC_POINT_free(tmp_point);
-	EC_POINT_free(base);
-	return ret;
-}
-
-
-int 
-ec_wNAF_have_precompute_mult(const EC_GROUP * group)
-{
-	if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL)
-		return 1;
-	else
-		return 0;
-}
diff --git a/lib/libssl/src/crypto/ec/ec_oct.c b/lib/libssl/src/crypto/ec/ec_oct.c
deleted file mode 100644
index 82124a8f80f..00000000000
--- a/lib/libssl/src/crypto/ec/ec_oct.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* $OpenBSD: ec_oct.c,v 1.4 2014/07/10 22:45:57 jsing Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Binary polynomial ECC support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/opensslv.h>
-
-#include "ec_lcl.h"
-
-int 
-EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP * group, EC_POINT * point,
-    const BIGNUM * x, int y_bit, BN_CTX * ctx)
-{
-	if (group->meth->point_set_compressed_coordinates == 0
-	    && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-		if (group->meth->field_type == NID_X9_62_prime_field)
-			return ec_GFp_simple_set_compressed_coordinates(
-			    group, point, x, y_bit, ctx);
-		else
-#ifdef OPENSSL_NO_EC2M
-		{
-			ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP, EC_R_GF2M_NOT_SUPPORTED);
-			return 0;
-		}
-#else
-			return ec_GF2m_simple_set_compressed_coordinates(
-			    group, point, x, y_bit, ctx);
-#endif
-	}
-	return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx);
-}
-
-#ifndef OPENSSL_NO_EC2M
-int 
-EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP * group, EC_POINT * point,
-    const BIGNUM * x, int y_bit, BN_CTX * ctx)
-{
-	if (group->meth->point_set_compressed_coordinates == 0
-	    && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-		if (group->meth->field_type == NID_X9_62_prime_field)
-			return ec_GFp_simple_set_compressed_coordinates(
-			    group, point, x, y_bit, ctx);
-		else
-			return ec_GF2m_simple_set_compressed_coordinates(
-			    group, point, x, y_bit, ctx);
-	}
-	return group->meth->point_set_compressed_coordinates(group, point, x, y_bit, ctx);
-}
-#endif
-
-size_t 
-EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
-    point_conversion_form_t form,
-    unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-	if (group->meth->point2oct == 0
-	    && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-		ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-		if (group->meth->field_type == NID_X9_62_prime_field)
-			return ec_GFp_simple_point2oct(group, point,
-			    form, buf, len, ctx);
-		else
-#ifdef OPENSSL_NO_EC2M
-		{
-			ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_GF2M_NOT_SUPPORTED);
-			return 0;
-		}
-#else
-			return ec_GF2m_simple_point2oct(group, point,
-			    form, buf, len, ctx);
-#endif
-	}
-	return group->meth->point2oct(group, point, form, buf, len, ctx);
-}
-
-
-int 
-EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
-    const unsigned char *buf, size_t len, BN_CTX *ctx)
-{
-	if (group->meth->oct2point == 0 &&
-	    !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
-		ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-	}
-	if (group->meth != point->meth) {
-		ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
-		return 0;
-	}
-	if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
-		if (group->meth->field_type == NID_X9_62_prime_field)
-			return ec_GFp_simple_oct2point(group, point,
-			    buf, len, ctx);
-		else
-#ifdef OPENSSL_NO_EC2M
-		{
-			ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_GF2M_NOT_SUPPORTED);
-			return 0;
-		}
-#else
-			return ec_GF2m_simple_oct2point(group, point,
-			    buf, len, ctx);
-#endif
-	}
-	return group->meth->oct2point(group, point, buf, len, ctx);
-}
diff --git a/lib/libssl/src/crypto/ec/ec_pmeth.c b/lib/libssl/src/crypto/ec/ec_pmeth.c
deleted file mode 100644
index a52bff1f2fc..00000000000
--- a/lib/libssl/src/crypto/ec/ec_pmeth.c
+++ /dev/null
@@ -1,323 +0,0 @@
-/* $OpenBSD: ec_pmeth.c,v 1.9 2015/06/20 14:19:39 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-/* EC pkey context structure */
-
-typedef struct {
-	/* Key and paramgen group */
-	EC_GROUP *gen_group;
-	/* message digest */
-	const EVP_MD *md;
-} EC_PKEY_CTX;
-
-static int 
-pkey_ec_init(EVP_PKEY_CTX * ctx)
-{
-	EC_PKEY_CTX *dctx;
-	dctx = malloc(sizeof(EC_PKEY_CTX));
-	if (!dctx)
-		return 0;
-	dctx->gen_group = NULL;
-	dctx->md = NULL;
-
-	ctx->data = dctx;
-
-	return 1;
-}
-
-static int 
-pkey_ec_copy(EVP_PKEY_CTX * dst, EVP_PKEY_CTX * src)
-{
-	EC_PKEY_CTX *dctx, *sctx;
-	if (!pkey_ec_init(dst))
-		return 0;
-	sctx = src->data;
-	dctx = dst->data;
-	if (sctx->gen_group) {
-		dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
-		if (!dctx->gen_group)
-			return 0;
-	}
-	dctx->md = sctx->md;
-	return 1;
-}
-
-static void 
-pkey_ec_cleanup(EVP_PKEY_CTX * ctx)
-{
-	EC_PKEY_CTX *dctx = ctx->data;
-	if (dctx) {
-		EC_GROUP_free(dctx->gen_group);
-		free(dctx);
-	}
-}
-
-static int 
-pkey_ec_sign(EVP_PKEY_CTX * ctx, unsigned char *sig, size_t * siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	int ret, type;
-	unsigned int sltmp;
-	EC_PKEY_CTX *dctx = ctx->data;
-	EC_KEY *ec = ctx->pkey->pkey.ec;
-
-	if (!sig) {
-		*siglen = ECDSA_size(ec);
-		return 1;
-	} else if (*siglen < (size_t) ECDSA_size(ec)) {
-		ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-	if (dctx->md)
-		type = EVP_MD_type(dctx->md);
-	else
-		type = NID_sha1;
-
-
-	ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
-
-	if (ret <= 0)
-		return ret;
-	*siglen = (size_t) sltmp;
-	return 1;
-}
-
-static int 
-pkey_ec_verify(EVP_PKEY_CTX * ctx,
-    const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	int ret, type;
-	EC_PKEY_CTX *dctx = ctx->data;
-	EC_KEY *ec = ctx->pkey->pkey.ec;
-
-	if (dctx->md)
-		type = EVP_MD_type(dctx->md);
-	else
-		type = NID_sha1;
-
-	ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
-
-	return ret;
-}
-
-static int 
-pkey_ec_derive(EVP_PKEY_CTX * ctx, unsigned char *key, size_t * keylen)
-{
-	int ret;
-	size_t outlen;
-	const EC_POINT *pubkey = NULL;
-	if (!ctx->pkey || !ctx->peerkey) {
-		ECerr(EC_F_PKEY_EC_DERIVE, EC_R_KEYS_NOT_SET);
-		return 0;
-	}
-	if (!key) {
-		const EC_GROUP *group;
-		group = EC_KEY_get0_group(ctx->pkey->pkey.ec);
-		*keylen = (EC_GROUP_get_degree(group) + 7) / 8;
-		return 1;
-	}
-	pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
-
-	/*
-	 * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
-	 * not an error, the result is truncated.
-	 */
-
-	outlen = *keylen;
-
-	ret = ECDH_compute_key(key, outlen, pubkey, ctx->pkey->pkey.ec, 0);
-	if (ret < 0)
-		return ret;
-	*keylen = ret;
-	return 1;
-}
-
-static int 
-pkey_ec_ctrl(EVP_PKEY_CTX * ctx, int type, int p1, void *p2)
-{
-	EC_PKEY_CTX *dctx = ctx->data;
-	EC_GROUP *group;
-	switch (type) {
-	case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
-		group = EC_GROUP_new_by_curve_name(p1);
-		if (group == NULL) {
-			ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
-			return 0;
-		}
-		EC_GROUP_free(dctx->gen_group);
-		dctx->gen_group = group;
-		return 1;
-
-	case EVP_PKEY_CTRL_MD:
-		if (EVP_MD_type((const EVP_MD *) p2) != NID_sha1 &&
-		    EVP_MD_type((const EVP_MD *) p2) != NID_ecdsa_with_SHA1 &&
-		    EVP_MD_type((const EVP_MD *) p2) != NID_sha224 &&
-		    EVP_MD_type((const EVP_MD *) p2) != NID_sha256 &&
-		    EVP_MD_type((const EVP_MD *) p2) != NID_sha384 &&
-		    EVP_MD_type((const EVP_MD *) p2) != NID_sha512) {
-			ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
-			return 0;
-		}
-		dctx->md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_PEER_KEY:
-		/* Default behaviour is OK */
-	case EVP_PKEY_CTRL_DIGESTINIT:
-	case EVP_PKEY_CTRL_PKCS7_SIGN:
-	case EVP_PKEY_CTRL_CMS_SIGN:
-		return 1;
-
-	default:
-		return -2;
-
-	}
-}
-
-static int 
-pkey_ec_ctrl_str(EVP_PKEY_CTX * ctx,
-    const char *type, const char *value)
-{
-	if (!strcmp(type, "ec_paramgen_curve")) {
-		int nid;
-		nid = EC_curve_nist2nid(value);
-		if (nid == NID_undef)
-			nid = OBJ_sn2nid(value);
-		if (nid == NID_undef)
-			nid = OBJ_ln2nid(value);
-		if (nid == NID_undef) {
-			ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_CURVE);
-			return 0;
-		}
-		return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
-	}
-	return -2;
-}
-
-static int 
-pkey_ec_paramgen(EVP_PKEY_CTX * ctx, EVP_PKEY * pkey)
-{
-	EC_KEY *ec = NULL;
-	EC_PKEY_CTX *dctx = ctx->data;
-	int ret = 0;
-	if (dctx->gen_group == NULL) {
-		ECerr(EC_F_PKEY_EC_PARAMGEN, EC_R_NO_PARAMETERS_SET);
-		return 0;
-	}
-	ec = EC_KEY_new();
-	if (!ec)
-		return 0;
-	ret = EC_KEY_set_group(ec, dctx->gen_group);
-	if (ret)
-		EVP_PKEY_assign_EC_KEY(pkey, ec);
-	else
-		EC_KEY_free(ec);
-	return ret;
-}
-
-static int 
-pkey_ec_keygen(EVP_PKEY_CTX * ctx, EVP_PKEY * pkey)
-{
-	EC_KEY *ec = NULL;
-	if (ctx->pkey == NULL) {
-		ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
-		return 0;
-	}
-	ec = EC_KEY_new();
-	if (!ec)
-		return 0;
-	EVP_PKEY_assign_EC_KEY(pkey, ec);
-	/* Note: if error return, pkey is freed by parent routine */
-	if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
-		return 0;
-	return EC_KEY_generate_key(pkey->pkey.ec);
-}
-
-const EVP_PKEY_METHOD ec_pkey_meth = {
-	.pkey_id = EVP_PKEY_EC,
-
-	.init = pkey_ec_init,
-	.copy = pkey_ec_copy,
-	.cleanup = pkey_ec_cleanup,
-
-	.paramgen = pkey_ec_paramgen,
-
-	.keygen = pkey_ec_keygen,
-
-	.sign = pkey_ec_sign,
-
-	.verify = pkey_ec_verify,
-
-	.derive = pkey_ec_derive,
-
-	.ctrl = pkey_ec_ctrl,
-	.ctrl_str = pkey_ec_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/ec/ec_print.c b/lib/libssl/src/crypto/ec/ec_print.c
deleted file mode 100644
index af4d1996c0f..00000000000
--- a/lib/libssl/src/crypto/ec/ec_print.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/* $OpenBSD: ec_print.c,v 1.7 2014/12/03 19:53:20 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/crypto.h>
-#include "ec_lcl.h"
-
-BIGNUM *
-EC_POINT_point2bn(const EC_GROUP * group, const EC_POINT * point,
-    point_conversion_form_t form, BIGNUM * ret, BN_CTX * ctx)
-{
-	size_t buf_len = 0;
-	unsigned char *buf;
-
-	buf_len = EC_POINT_point2oct(group, point, form,
-	    NULL, 0, ctx);
-	if (buf_len == 0)
-		return NULL;
-
-	if ((buf = malloc(buf_len)) == NULL)
-		return NULL;
-
-	if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
-		free(buf);
-		return NULL;
-	}
-	ret = BN_bin2bn(buf, buf_len, ret);
-
-	free(buf);
-
-	return ret;
-}
-
-EC_POINT *
-EC_POINT_bn2point(const EC_GROUP * group,
-    const BIGNUM * bn, EC_POINT * point, BN_CTX * ctx)
-{
-	size_t buf_len = 0;
-	unsigned char *buf;
-	EC_POINT *ret;
-
-	if ((buf_len = BN_num_bytes(bn)) == 0)
-		return NULL;
-	buf = malloc(buf_len);
-	if (buf == NULL)
-		return NULL;
-
-	if (!BN_bn2bin(bn, buf)) {
-		free(buf);
-		return NULL;
-	}
-	if (point == NULL) {
-		if ((ret = EC_POINT_new(group)) == NULL) {
-			free(buf);
-			return NULL;
-		}
-	} else
-		ret = point;
-
-	if (!EC_POINT_oct2point(group, ret, buf, buf_len, ctx)) {
-		if (point == NULL)
-			EC_POINT_clear_free(ret);
-		free(buf);
-		return NULL;
-	}
-	free(buf);
-	return ret;
-}
-
-static const char *HEX_DIGITS = "0123456789ABCDEF";
-
-/* the return value must be freed (using free()) */
-char *
-EC_POINT_point2hex(const EC_GROUP * group, const EC_POINT * point,
-    point_conversion_form_t form, BN_CTX * ctx)
-{
-	char *ret, *p;
-	size_t buf_len = 0, i;
-	unsigned char *buf, *pbuf;
-
-	buf_len = EC_POINT_point2oct(group, point, form,
-	    NULL, 0, ctx);
-	if (buf_len == 0 || buf_len + 1 == 0)
-		return NULL;
-
-	if ((buf = malloc(buf_len)) == NULL)
-		return NULL;
-
-	if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
-		free(buf);
-		return NULL;
-	}
-	ret = reallocarray(NULL, buf_len + 1, 2);
-	if (ret == NULL) {
-		free(buf);
-		return NULL;
-	}
-	p = ret;
-	pbuf = buf;
-	for (i = buf_len; i > 0; i--) {
-		int v = (int) *(pbuf++);
-		*(p++) = HEX_DIGITS[v >> 4];
-		*(p++) = HEX_DIGITS[v & 0x0F];
-	}
-	*p = '\0';
-
-	free(buf);
-
-	return ret;
-}
-
-EC_POINT *
-EC_POINT_hex2point(const EC_GROUP * group, const char *buf,
-    EC_POINT * point, BN_CTX * ctx)
-{
-	EC_POINT *ret = NULL;
-	BIGNUM *tmp_bn = NULL;
-
-	if (!BN_hex2bn(&tmp_bn, buf))
-		return NULL;
-
-	ret = EC_POINT_bn2point(group, tmp_bn, point, ctx);
-
-	BN_clear_free(tmp_bn);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ec/eck_prn.c b/lib/libssl/src/crypto/ec/eck_prn.c
deleted file mode 100644
index 06cdd69591f..00000000000
--- a/lib/libssl/src/crypto/ec/eck_prn.c
+++ /dev/null
@@ -1,371 +0,0 @@
-/* $OpenBSD: eck_prn.c,v 1.11 2015/06/20 14:17:07 jsing Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions originally developed by SUN MICROSYSTEMS, INC., and
- * contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-int 
-ECPKParameters_print_fp(FILE * fp, const EC_GROUP * x, int off)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ECerr(EC_F_ECPKPARAMETERS_PRINT_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = ECPKParameters_print(b, x, off);
-	BIO_free(b);
-	return (ret);
-}
-
-int 
-EC_KEY_print_fp(FILE * fp, const EC_KEY * x, int off)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = EC_KEY_print(b, x, off);
-	BIO_free(b);
-	return (ret);
-}
-
-int 
-ECParameters_print_fp(FILE * fp, const EC_KEY * x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = ECParameters_print(b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int 
-EC_KEY_print(BIO * bp, const EC_KEY * x, int off)
-{
-	EVP_PKEY *pk;
-	int ret;
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *) x))
-		return 0;
-	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-	EVP_PKEY_free(pk);
-	return ret;
-}
-
-int 
-ECParameters_print(BIO * bp, const EC_KEY * x)
-{
-	EVP_PKEY *pk;
-	int ret;
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *) x))
-		return 0;
-	ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
-	EVP_PKEY_free(pk);
-	return ret;
-}
-
-static int 
-print_bin(BIO * fp, const char *str, const unsigned char *num,
-    size_t len, int off);
-
-int 
-ECPKParameters_print(BIO * bp, const EC_GROUP * x, int off)
-{
-	unsigned char *buffer = NULL;
-	size_t buf_len = 0, i;
-	int ret = 0, reason = ERR_R_BIO_LIB;
-	BN_CTX *ctx = NULL;
-	const EC_POINT *point = NULL;
-	BIGNUM *p = NULL, *a = NULL, *b = NULL, *gen = NULL, *order = NULL,
-	*cofactor = NULL;
-	const unsigned char *seed;
-	size_t seed_len = 0;
-	const char *nname;
-
-	static const char *gen_compressed = "Generator (compressed):";
-	static const char *gen_uncompressed = "Generator (uncompressed):";
-	static const char *gen_hybrid = "Generator (hybrid):";
-
-	if (!x) {
-		reason = ERR_R_PASSED_NULL_PARAMETER;
-		goto err;
-	}
-	ctx = BN_CTX_new();
-	if (ctx == NULL) {
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-	if (EC_GROUP_get_asn1_flag(x)) {
-		/* the curve parameter are given by an asn1 OID */
-		int nid;
-
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-
-		nid = EC_GROUP_get_curve_name(x);
-		if (nid == 0)
-			goto err;
-
-		if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
-			goto err;
-		if (BIO_printf(bp, "\n") <= 0)
-			goto err;
-
-		nname = EC_curve_nid2nist(nid);
-		if (nname) {
-			if (!BIO_indent(bp, off, 128))
-				goto err;
-			if (BIO_printf(bp, "NIST CURVE: %s\n", nname) <= 0)
-				goto err;
-		}
-	} else {
-		/* explicit parameters */
-		int is_char_two = 0;
-		point_conversion_form_t form;
-		int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
-
-		if (tmp_nid == NID_X9_62_characteristic_two_field)
-			is_char_two = 1;
-
-		if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
-		    (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
-		    (cofactor = BN_new()) == NULL) {
-			reason = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-#ifndef OPENSSL_NO_EC2M
-		if (is_char_two) {
-			if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) {
-				reason = ERR_R_EC_LIB;
-				goto err;
-			}
-		} else		/* prime field */
-#endif
-		{
-			if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) {
-				reason = ERR_R_EC_LIB;
-				goto err;
-			}
-		}
-
-		if ((point = EC_GROUP_get0_generator(x)) == NULL) {
-			reason = ERR_R_EC_LIB;
-			goto err;
-		}
-		if (!EC_GROUP_get_order(x, order, NULL) ||
-		    !EC_GROUP_get_cofactor(x, cofactor, NULL)) {
-			reason = ERR_R_EC_LIB;
-			goto err;
-		}
-		form = EC_GROUP_get_point_conversion_form(x);
-
-		if ((gen = EC_POINT_point2bn(x, point,
-			    form, NULL, ctx)) == NULL) {
-			reason = ERR_R_EC_LIB;
-			goto err;
-		}
-		buf_len = (size_t) BN_num_bytes(p);
-		if (buf_len < (i = (size_t) BN_num_bytes(a)))
-			buf_len = i;
-		if (buf_len < (i = (size_t) BN_num_bytes(b)))
-			buf_len = i;
-		if (buf_len < (i = (size_t) BN_num_bytes(gen)))
-			buf_len = i;
-		if (buf_len < (i = (size_t) BN_num_bytes(order)))
-			buf_len = i;
-		if (buf_len < (i = (size_t) BN_num_bytes(cofactor)))
-			buf_len = i;
-
-		if ((seed = EC_GROUP_get0_seed(x)) != NULL)
-			seed_len = EC_GROUP_get_seed_len(x);
-
-		buf_len += 10;
-		if ((buffer = malloc(buf_len)) == NULL) {
-			reason = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-		if (!BIO_indent(bp, off, 128))
-			goto err;
-
-		/* print the 'short name' of the field type */
-		if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
-		    <= 0)
-			goto err;
-
-		if (is_char_two) {
-			/* print the 'short name' of the base type OID */
-			int basis_type = EC_GROUP_get_basis_type(x);
-			if (basis_type == 0)
-				goto err;
-
-			if (!BIO_indent(bp, off, 128))
-				goto err;
-
-			if (BIO_printf(bp, "Basis Type: %s\n",
-				OBJ_nid2sn(basis_type)) <= 0)
-				goto err;
-
-			/* print the polynomial */
-			if ((p != NULL) && !ASN1_bn_print(bp, "Polynomial:", p, buffer,
-				off))
-				goto err;
-		} else {
-			if ((p != NULL) && !ASN1_bn_print(bp, "Prime:", p, buffer, off))
-				goto err;
-		}
-		if ((a != NULL) && !ASN1_bn_print(bp, "A:   ", a, buffer, off))
-			goto err;
-		if ((b != NULL) && !ASN1_bn_print(bp, "B:   ", b, buffer, off))
-			goto err;
-		if (form == POINT_CONVERSION_COMPRESSED) {
-			if ((gen != NULL) && !ASN1_bn_print(bp, gen_compressed, gen,
-				buffer, off))
-				goto err;
-		} else if (form == POINT_CONVERSION_UNCOMPRESSED) {
-			if ((gen != NULL) && !ASN1_bn_print(bp, gen_uncompressed, gen,
-				buffer, off))
-				goto err;
-		} else {	/* form == POINT_CONVERSION_HYBRID */
-			if ((gen != NULL) && !ASN1_bn_print(bp, gen_hybrid, gen,
-				buffer, off))
-				goto err;
-		}
-		if ((order != NULL) && !ASN1_bn_print(bp, "Order: ", order,
-			buffer, off))
-			goto err;
-		if ((cofactor != NULL) && !ASN1_bn_print(bp, "Cofactor: ", cofactor,
-			buffer, off))
-			goto err;
-		if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
-			goto err;
-	}
-	ret = 1;
-err:
-	if (!ret)
-		ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
-	BN_free(p);
-	BN_free(a);
-	BN_free(b);
-	BN_free(gen);
-	BN_free(order);
-	BN_free(cofactor);
-	BN_CTX_free(ctx);
-	free(buffer);
-	return (ret);
-}
-
-static int 
-print_bin(BIO * fp, const char *name, const unsigned char *buf,
-    size_t len, int off)
-{
-	size_t i;
-	char str[128];
-
-	if (buf == NULL)
-		return 1;
-	if (off) {
-		if (off > 128)
-			off = 128;
-		memset(str, ' ', off);
-		if (BIO_write(fp, str, off) <= 0)
-			return 0;
-	}
-	if (BIO_printf(fp, "%s", name) <= 0)
-		return 0;
-
-	for (i = 0; i < len; i++) {
-		if ((i % 15) == 0) {
-			str[0] = '\n';
-			memset(&(str[1]), ' ', off + 4);
-			if (BIO_write(fp, str, off + 1 + 4) <= 0)
-				return 0;
-		}
-		if (BIO_printf(fp, "%02x%s", buf[i], ((i + 1) == len) ? "" : ":") <= 0)
-			return 0;
-	}
-	if (BIO_write(fp, "\n", 1) <= 0)
-		return 0;
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ec/ecp_mont.c b/lib/libssl/src/crypto/ec/ecp_mont.c
deleted file mode 100644
index a3ad4e1ce9d..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_mont.c
+++ /dev/null
@@ -1,294 +0,0 @@
-/* $OpenBSD: ecp_mont.c,v 1.10 2015/02/13 00:46:03 beck Exp $ */
-/*
- * Originally written by Bodo Moeller for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-
-const EC_METHOD *
-EC_GFp_mont_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_mont_group_init,
-		.group_finish = ec_GFp_mont_group_finish,
-		.group_clear_finish = ec_GFp_mont_group_clear_finish,
-		.group_copy = ec_GFp_mont_group_copy,
-		.group_set_curve = ec_GFp_mont_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GFp_simple_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.field_mul = ec_GFp_mont_field_mul,
-		.field_sqr = ec_GFp_mont_field_sqr,
-		.field_encode = ec_GFp_mont_field_encode,
-		.field_decode = ec_GFp_mont_field_decode,
-		.field_set_to_one = ec_GFp_mont_field_set_to_one
-	};
-
-	return &ret;
-}
-
-
-int 
-ec_GFp_mont_group_init(EC_GROUP * group)
-{
-	int ok;
-
-	ok = ec_GFp_simple_group_init(group);
-	group->field_data1 = NULL;
-	group->field_data2 = NULL;
-	return ok;
-}
-
-
-void 
-ec_GFp_mont_group_finish(EC_GROUP * group)
-{
-	BN_MONT_CTX_free(group->field_data1);
-	group->field_data1 = NULL;
-	BN_free(group->field_data2);
-	group->field_data2 = NULL;
-	ec_GFp_simple_group_finish(group);
-}
-
-
-void 
-ec_GFp_mont_group_clear_finish(EC_GROUP * group)
-{
-	BN_MONT_CTX_free(group->field_data1);
-	group->field_data1 = NULL;
-	BN_clear_free(group->field_data2);
-	group->field_data2 = NULL;
-	ec_GFp_simple_group_clear_finish(group);
-}
-
-
-int 
-ec_GFp_mont_group_copy(EC_GROUP * dest, const EC_GROUP * src)
-{
-	BN_MONT_CTX_free(dest->field_data1);
-	dest->field_data1 = NULL;
-	BN_clear_free(dest->field_data2);
-	dest->field_data2 = NULL;
-
-	if (!ec_GFp_simple_group_copy(dest, src))
-		return 0;
-
-	if (src->field_data1 != NULL) {
-		dest->field_data1 = BN_MONT_CTX_new();
-		if (dest->field_data1 == NULL)
-			return 0;
-		if (!BN_MONT_CTX_copy(dest->field_data1, src->field_data1))
-			goto err;
-	}
-	if (src->field_data2 != NULL) {
-		dest->field_data2 = BN_dup(src->field_data2);
-		if (dest->field_data2 == NULL)
-			goto err;
-	}
-	return 1;
-
-err:
-	if (dest->field_data1 != NULL) {
-		BN_MONT_CTX_free(dest->field_data1);
-		dest->field_data1 = NULL;
-	}
-	return 0;
-}
-
-
-int 
-ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
-    const BIGNUM *b, BN_CTX *ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BN_MONT_CTX *mont = NULL;
-	BIGNUM *one = NULL;
-	int ret = 0;
-
-	BN_MONT_CTX_free(group->field_data1);
-	group->field_data1 = NULL;
-	BN_free(group->field_data2);
-	group->field_data2 = NULL;
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	mont = BN_MONT_CTX_new();
-	if (mont == NULL)
-		goto err;
-	if (!BN_MONT_CTX_set(mont, p, ctx)) {
-		ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB);
-		goto err;
-	}
-	one = BN_new();
-	if (one == NULL)
-		goto err;
-	if (!BN_to_montgomery(one, BN_value_one(), mont, ctx))
-		goto err;
-
-	group->field_data1 = mont;
-	mont = NULL;
-	group->field_data2 = one;
-	one = NULL;
-
-	ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-
-	if (!ret) {
-		BN_MONT_CTX_free(group->field_data1);
-		group->field_data1 = NULL;
-		BN_free(group->field_data2);
-		group->field_data2 = NULL;
-	}
-err:
-	BN_CTX_free(new_ctx);
-	BN_MONT_CTX_free(mont);
-	BN_free(one);
-	return ret;
-}
-
-
-int 
-ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *b, BN_CTX *ctx)
-{
-	if (group->field_data1 == NULL) {
-		ECerr(EC_F_EC_GFP_MONT_FIELD_MUL, EC_R_NOT_INITIALIZED);
-		return 0;
-	}
-	return BN_mod_mul_montgomery(r, a, b, group->field_data1, ctx);
-}
-
-
-int 
-ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    BN_CTX *ctx)
-{
-	if (group->field_data1 == NULL) {
-		ECerr(EC_F_EC_GFP_MONT_FIELD_SQR, EC_R_NOT_INITIALIZED);
-		return 0;
-	}
-	return BN_mod_mul_montgomery(r, a, a, group->field_data1, ctx);
-}
-
-
-int 
-ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    BN_CTX *ctx)
-{
-	if (group->field_data1 == NULL) {
-		ECerr(EC_F_EC_GFP_MONT_FIELD_ENCODE, EC_R_NOT_INITIALIZED);
-		return 0;
-	}
-	return BN_to_montgomery(r, a, (BN_MONT_CTX *) group->field_data1, ctx);
-}
-
-
-int 
-ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    BN_CTX *ctx)
-{
-	if (group->field_data1 == NULL) {
-		ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
-		return 0;
-	}
-	return BN_from_montgomery(r, a, group->field_data1, ctx);
-}
-
-
-int 
-ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx)
-{
-	if (group->field_data2 == NULL) {
-		ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED);
-		return 0;
-	}
-	if (!BN_copy(r, group->field_data2))
-		return 0;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ec/ecp_nist.c b/lib/libssl/src/crypto/ec/ecp_nist.c
deleted file mode 100644
index a33f9d9e398..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_nist.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/* $OpenBSD: ecp_nist.c,v 1.9 2014/07/12 16:03:37 miod Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project.
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include "ec_lcl.h"
-
-const EC_METHOD *
-EC_GFp_nist_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_simple_group_init,
-		.group_finish = ec_GFp_simple_group_finish,
-		.group_clear_finish = ec_GFp_simple_group_clear_finish,
-		.group_copy = ec_GFp_nist_group_copy,
-		.group_set_curve = ec_GFp_nist_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GFp_simple_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.field_mul = ec_GFp_nist_field_mul,
-		.field_sqr = ec_GFp_nist_field_sqr
-	};
-
-	return &ret;
-}
-
-int 
-ec_GFp_nist_group_copy(EC_GROUP * dest, const EC_GROUP * src)
-{
-	dest->field_mod_func = src->field_mod_func;
-
-	return ec_GFp_simple_group_copy(dest, src);
-}
-
-int 
-ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
-    const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp_bn;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-
-	BN_CTX_start(ctx);
-	if ((tmp_bn = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
-		group->field_mod_func = BN_nist_mod_192;
-	else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
-		group->field_mod_func = BN_nist_mod_224;
-	else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
-		group->field_mod_func = BN_nist_mod_256;
-	else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
-		group->field_mod_func = BN_nist_mod_384;
-	else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
-		group->field_mod_func = BN_nist_mod_521;
-	else {
-		ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME);
-		goto err;
-	}
-
-	ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
-    const BIGNUM *b, BN_CTX *ctx)
-{
-	int ret = 0;
-	BN_CTX *ctx_new = NULL;
-
-	if (!group || !r || !a || !b) {
-		ECerr(EC_F_EC_GFP_NIST_FIELD_MUL, ERR_R_PASSED_NULL_PARAMETER);
-		goto err;
-	}
-	if (!ctx)
-		if ((ctx_new = ctx = BN_CTX_new()) == NULL)
-			goto err;
-
-	if (!BN_mul(r, a, b, ctx))
-		goto err;
-	if (!group->field_mod_func(r, r, &group->field, ctx))
-		goto err;
-
-	ret = 1;
-err:
-	BN_CTX_free(ctx_new);
-	return ret;
-}
-
-
-int 
-ec_GFp_nist_field_sqr(const EC_GROUP * group, BIGNUM * r, const BIGNUM * a,
-    BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *ctx_new = NULL;
-
-	if (!group || !r || !a) {
-		ECerr(EC_F_EC_GFP_NIST_FIELD_SQR, EC_R_PASSED_NULL_PARAMETER);
-		goto err;
-	}
-	if (!ctx)
-		if ((ctx_new = ctx = BN_CTX_new()) == NULL)
-			goto err;
-
-	if (!BN_sqr(r, a, ctx))
-		goto err;
-	if (!group->field_mod_func(r, r, &group->field, ctx))
-		goto err;
-
-	ret = 1;
-err:
-	BN_CTX_free(ctx_new);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ec/ecp_nistp224.c b/lib/libssl/src/crypto/ec/ecp_nistp224.c
deleted file mode 100644
index 0976f24a9fd..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_nistp224.c
+++ /dev/null
@@ -1,1693 +0,0 @@
-/* $OpenBSD: ecp_nistp224.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Written by Emilia Kasper (Google) for the OpenSSL project.
- */
-/*
- * Copyright (c) 2011 Google Inc.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * A 64-bit implementation of the NIST P-224 elliptic curve point multiplication
- *
- * Inspired by Daniel J. Bernstein's public domain nistp224 implementation
- * and Adam Langley's public domain 64-bit C implementation of curve25519
- */
-
-#include <stdint.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
-#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-  typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit platforms */
-#else
-  #error "Need GCC 3.1 or later to define type uint128_t"
-#endif
-
-typedef uint8_t u8;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-
-/******************************************************************************/
-/*		    INTERNAL REPRESENTATION OF FIELD ELEMENTS
- *
- * Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
- * using 64-bit coefficients called 'limbs',
- * and sometimes (for multiplication results) as
- * b_0 + 2^56*b_1 + 2^112*b_2 + 2^168*b_3 + 2^224*b_4 + 2^280*b_5 + 2^336*b_6
- * using 128-bit coefficients called 'widelimbs'.
- * A 4-limb representation is an 'felem';
- * a 7-widelimb representation is a 'widefelem'.
- * Even within felems, bits of adjacent limbs overlap, and we don't always
- * reduce the representations: we ensure that inputs to each felem
- * multiplication satisfy a_i < 2^60, so outputs satisfy b_i < 4*2^60*2^60,
- * and fit into a 128-bit word without overflow. The coefficients are then
- * again partially reduced to obtain an felem satisfying a_i < 2^57.
- * We only reduce to the unique minimal representation at the end of the
- * computation.
- */
-
-typedef uint64_t limb;
-typedef uint128_t widelimb;
-
-typedef limb felem[4];
-typedef widelimb widefelem[7];
-
-/* Field element represented as a byte arrary.
- * 28*8 = 224 bits is also the group order size for the elliptic curve,
- * and we also use this type for scalars for point multiplication.
-  */
-typedef u8 felem_bytearray[28];
-
-static const felem_bytearray nistp224_curve_params[5] = {
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,    /* p */
-	 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
-	 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
-	{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,    /* a */
-	 0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
-	 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE},
-	{0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,    /* b */
-	 0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
-	 0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4},
-	{0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,    /* x */
-	 0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
-	 0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21},
-	{0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,    /* y */
-	 0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
-	 0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34}
-};
-
-/* Precomputed multiples of the standard generator
- * Points are given in coordinates (X, Y, Z) where Z normally is 1
- * (0 for the point at infinity).
- * For each field element, slice a_0 is word 0, etc.
- *
- * The table has 2 * 16 elements, starting with the following:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^56G
- *     3 | 0 0 1 1 | (2^56 + 1)G
- *     4 | 0 1 0 0 | 2^112G
- *     5 | 0 1 0 1 | (2^112 + 1)G
- *     6 | 0 1 1 0 | (2^112 + 2^56)G
- *     7 | 0 1 1 1 | (2^112 + 2^56 + 1)G
- *     8 | 1 0 0 0 | 2^168G
- *     9 | 1 0 0 1 | (2^168 + 1)G
- *    10 | 1 0 1 0 | (2^168 + 2^56)G
- *    11 | 1 0 1 1 | (2^168 + 2^56 + 1)G
- *    12 | 1 1 0 0 | (2^168 + 2^112)G
- *    13 | 1 1 0 1 | (2^168 + 2^112 + 1)G
- *    14 | 1 1 1 0 | (2^168 + 2^112 + 2^56)G
- *    15 | 1 1 1 1 | (2^168 + 2^112 + 2^56 + 1)G
- * followed by a copy of this with each element multiplied by 2^28.
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point,
- * and then another four locations using the second 16 elements.
- */
-static const felem gmul[2][16][3] =
-{{{{0, 0, 0, 0},
-   {0, 0, 0, 0},
-   {0, 0, 0, 0}},
-  {{0x3280d6115c1d21, 0xc1d356c2112234, 0x7f321390b94a03, 0xb70e0cbd6bb4bf},
-   {0xd5819985007e34, 0x75a05a07476444, 0xfb4c22dfe6cd43, 0xbd376388b5f723},
-   {1, 0, 0, 0}},
-  {{0xfd9675666ebbe9, 0xbca7664d40ce5e, 0x2242df8d8a2a43, 0x1f49bbb0f99bc5},
-   {0x29e0b892dc9c43, 0xece8608436e662, 0xdc858f185310d0, 0x9812dd4eb8d321},
-   {1, 0, 0, 0}},
-  {{0x6d3e678d5d8eb8, 0x559eed1cb362f1, 0x16e9a3bbce8a3f, 0xeedcccd8c2a748},
-   {0xf19f90ed50266d, 0xabf2b4bf65f9df, 0x313865468fafec, 0x5cb379ba910a17},
-   {1, 0, 0, 0}},
-  {{0x0641966cab26e3, 0x91fb2991fab0a0, 0xefec27a4e13a0b, 0x0499aa8a5f8ebe},
-   {0x7510407766af5d, 0x84d929610d5450, 0x81d77aae82f706, 0x6916f6d4338c5b},
-   {1, 0, 0, 0}},
-  {{0xea95ac3b1f15c6, 0x086000905e82d4, 0xdd323ae4d1c8b1, 0x932b56be7685a3},
-   {0x9ef93dea25dbbf, 0x41665960f390f0, 0xfdec76dbe2a8a7, 0x523e80f019062a},
-   {1, 0, 0, 0}},
-  {{0x822fdd26732c73, 0xa01c83531b5d0f, 0x363f37347c1ba4, 0xc391b45c84725c},
-   {0xbbd5e1b2d6ad24, 0xddfbcde19dfaec, 0xc393da7e222a7f, 0x1efb7890ede244},
-   {1, 0, 0, 0}},
-  {{0x4c9e90ca217da1, 0xd11beca79159bb, 0xff8d33c2c98b7c, 0x2610b39409f849},
-   {0x44d1352ac64da0, 0xcdbb7b2c46b4fb, 0x966c079b753c89, 0xfe67e4e820b112},
-   {1, 0, 0, 0}},
-  {{0xe28cae2df5312d, 0xc71b61d16f5c6e, 0x79b7619a3e7c4c, 0x05c73240899b47},
-   {0x9f7f6382c73e3a, 0x18615165c56bda, 0x641fab2116fd56, 0x72855882b08394},
-   {1, 0, 0, 0}},
-  {{0x0469182f161c09, 0x74a98ca8d00fb5, 0xb89da93489a3e0, 0x41c98768fb0c1d},
-   {0xe5ea05fb32da81, 0x3dce9ffbca6855, 0x1cfe2d3fbf59e6, 0x0e5e03408738a7},
-   {1, 0, 0, 0}},
-  {{0xdab22b2333e87f, 0x4430137a5dd2f6, 0xe03ab9f738beb8, 0xcb0c5d0dc34f24},
-   {0x764a7df0c8fda5, 0x185ba5c3fa2044, 0x9281d688bcbe50, 0xc40331df893881},
-   {1, 0, 0, 0}},
-  {{0xb89530796f0f60, 0xade92bd26909a3, 0x1a0c83fb4884da, 0x1765bf22a5a984},
-   {0x772a9ee75db09e, 0x23bc6c67cec16f, 0x4c1edba8b14e2f, 0xe2a215d9611369},
-   {1, 0, 0, 0}},
-  {{0x571e509fb5efb3, 0xade88696410552, 0xc8ae85fada74fe, 0x6c7e4be83bbde3},
-   {0xff9f51160f4652, 0xb47ce2495a6539, 0xa2946c53b582f4, 0x286d2db3ee9a60},
-   {1, 0, 0, 0}},
-  {{0x40bbd5081a44af, 0x0995183b13926c, 0xbcefba6f47f6d0, 0x215619e9cc0057},
-   {0x8bc94d3b0df45e, 0xf11c54a3694f6f, 0x8631b93cdfe8b5, 0xe7e3f4b0982db9},
-   {1, 0, 0, 0}},
-  {{0xb17048ab3e1c7b, 0xac38f36ff8a1d8, 0x1c29819435d2c6, 0xc813132f4c07e9},
-   {0x2891425503b11f, 0x08781030579fea, 0xf5426ba5cc9674, 0x1e28ebf18562bc},
-   {1, 0, 0, 0}},
-  {{0x9f31997cc864eb, 0x06cd91d28b5e4c, 0xff17036691a973, 0xf1aef351497c58},
-   {0xdd1f2d600564ff, 0xdead073b1402db, 0x74a684435bd693, 0xeea7471f962558},
-   {1, 0, 0, 0}}},
- {{{0, 0, 0, 0},
-   {0, 0, 0, 0},
-   {0, 0, 0, 0}},
-  {{0x9665266dddf554, 0x9613d78b60ef2d, 0xce27a34cdba417, 0xd35ab74d6afc31},
-   {0x85ccdd22deb15e, 0x2137e5783a6aab, 0xa141cffd8c93c6, 0x355a1830e90f2d},
-   {1, 0, 0, 0}},
-  {{0x1a494eadaade65, 0xd6da4da77fe53c, 0xe7992996abec86, 0x65c3553c6090e3},
-   {0xfa610b1fb09346, 0xf1c6540b8a4aaf, 0xc51a13ccd3cbab, 0x02995b1b18c28a},
-   {1, 0, 0, 0}},
-  {{0x7874568e7295ef, 0x86b419fbe38d04, 0xdc0690a7550d9a, 0xd3966a44beac33},
-   {0x2b7280ec29132f, 0xbeaa3b6a032df3, 0xdc7dd88ae41200, 0xd25e2513e3a100},
-   {1, 0, 0, 0}},
-  {{0x924857eb2efafd, 0xac2bce41223190, 0x8edaa1445553fc, 0x825800fd3562d5},
-   {0x8d79148ea96621, 0x23a01c3dd9ed8d, 0xaf8b219f9416b5, 0xd8db0cc277daea},
-   {1, 0, 0, 0}},
-  {{0x76a9c3b1a700f0, 0xe9acd29bc7e691, 0x69212d1a6b0327, 0x6322e97fe154be},
-   {0x469fc5465d62aa, 0x8d41ed18883b05, 0x1f8eae66c52b88, 0xe4fcbe9325be51},
-   {1, 0, 0, 0}},
-  {{0x825fdf583cac16, 0x020b857c7b023a, 0x683c17744b0165, 0x14ffd0a2daf2f1},
-   {0x323b36184218f9, 0x4944ec4e3b47d4, 0xc15b3080841acf, 0x0bced4b01a28bb},
-   {1, 0, 0, 0}},
-  {{0x92ac22230df5c4, 0x52f33b4063eda8, 0xcb3f19870c0c93, 0x40064f2ba65233},
-   {0xfe16f0924f8992, 0x012da25af5b517, 0x1a57bb24f723a6, 0x06f8bc76760def},
-   {1, 0, 0, 0}},
-  {{0x4a7084f7817cb9, 0xbcab0738ee9a78, 0x3ec11e11d9c326, 0xdc0fe90e0f1aae},
-   {0xcf639ea5f98390, 0x5c350aa22ffb74, 0x9afae98a4047b7, 0x956ec2d617fc45},
-   {1, 0, 0, 0}},
-  {{0x4306d648c1be6a, 0x9247cd8bc9a462, 0xf5595e377d2f2e, 0xbd1c3caff1a52e},
-   {0x045e14472409d0, 0x29f3e17078f773, 0x745a602b2d4f7d, 0x191837685cdfbb},
-   {1, 0, 0, 0}},
-  {{0x5b6ee254a8cb79, 0x4953433f5e7026, 0xe21faeb1d1def4, 0xc4c225785c09de},
-   {0x307ce7bba1e518, 0x31b125b1036db8, 0x47e91868839e8f, 0xc765866e33b9f3},
-   {1, 0, 0, 0}},
-  {{0x3bfece24f96906, 0x4794da641e5093, 0xde5df64f95db26, 0x297ecd89714b05},
-   {0x701bd3ebb2c3aa, 0x7073b4f53cb1d5, 0x13c5665658af16, 0x9895089d66fe58},
-   {1, 0, 0, 0}},
-  {{0x0fef05f78c4790, 0x2d773633b05d2e, 0x94229c3a951c94, 0xbbbd70df4911bb},
-   {0xb2c6963d2c1168, 0x105f47a72b0d73, 0x9fdf6111614080, 0x7b7e94b39e67b0},
-   {1, 0, 0, 0}},
-  {{0xad1a7d6efbe2b3, 0xf012482c0da69d, 0x6b3bdf12438345, 0x40d7558d7aa4d9},
-   {0x8a09fffb5c6d3d, 0x9a356e5d9ffd38, 0x5973f15f4f9b1c, 0xdcd5f59f63c3ea},
-   {1, 0, 0, 0}},
-  {{0xacf39f4c5ca7ab, 0x4c8071cc5fd737, 0xc64e3602cd1184, 0x0acd4644c9abba},
-   {0x6c011a36d8bf6e, 0xfecd87ba24e32a, 0x19f6f56574fad8, 0x050b204ced9405},
-   {1, 0, 0, 0}},
-  {{0xed4f1cae7d9a96, 0x5ceef7ad94c40a, 0x778e4a3bf3ef9b, 0x7405783dc3b55e},
-   {0x32477c61b6e8c6, 0xb46a97570f018b, 0x91176d0a7e95d1, 0x3df90fbc4c7d0e},
-   {1, 0, 0, 0}}}};
-
-/* Precomputation for the group generator. */
-typedef struct {
-	felem g_pre_comp[2][16][3];
-	int references;
-} NISTP224_PRE_COMP;
-
-const EC_METHOD *
-EC_GFp_nistp224_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_nistp224_group_init,
-		.group_finish = ec_GFp_simple_group_finish,
-		.group_clear_finish = ec_GFp_simple_group_clear_finish,
-		.group_copy = ec_GFp_nist_group_copy,
-		.group_set_curve = ec_GFp_nistp224_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		    ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		    ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		    ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		    ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		    ec_GFp_nistp224_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.mul = ec_GFp_nistp224_points_mul,
-		.precompute_mult = ec_GFp_nistp224_precompute_mult,
-		.have_precompute_mult = ec_GFp_nistp224_have_precompute_mult,
-		.field_mul = ec_GFp_nist_field_mul,
-		.field_sqr = ec_GFp_nist_field_sqr
-	};
-
-	return &ret;
-}
-
-/* Helper functions to convert field elements to/from internal representation */
-static void 
-bin28_to_felem(felem out, const u8 in[28])
-{
-	out[0] = *((const uint64_t *) (in)) & 0x00ffffffffffffff;
-	out[1] = (*((const uint64_t *) (in + 7))) & 0x00ffffffffffffff;
-	out[2] = (*((const uint64_t *) (in + 14))) & 0x00ffffffffffffff;
-	out[3] = (*((const uint64_t *) (in + 21))) & 0x00ffffffffffffff;
-}
-
-static void 
-felem_to_bin28(u8 out[28], const felem in)
-{
-	unsigned i;
-	for (i = 0; i < 7; ++i) {
-		out[i] = in[0] >> (8 * i);
-		out[i + 7] = in[1] >> (8 * i);
-		out[i + 14] = in[2] >> (8 * i);
-		out[i + 21] = in[3] >> (8 * i);
-	}
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void 
-flip_endian(u8 * out, const u8 * in, unsigned len)
-{
-	unsigned i;
-	for (i = 0; i < len; ++i)
-		out[i] = in[len - 1 - i];
-}
-
-/* From OpenSSL BIGNUM to internal representation */
-static int 
-BN_to_felem(felem out, const BIGNUM * bn)
-{
-	felem_bytearray b_in;
-	felem_bytearray b_out;
-	unsigned num_bytes;
-
-	/* BN_bn2bin eats leading zeroes */
-	memset(b_out, 0, sizeof b_out);
-	num_bytes = BN_num_bytes(bn);
-	if (num_bytes > sizeof b_out) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	if (BN_is_negative(bn)) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	num_bytes = BN_bn2bin(bn, b_in);
-	flip_endian(b_out, b_in, num_bytes);
-	bin28_to_felem(out, b_out);
-	return 1;
-}
-
-/* From internal representation to OpenSSL BIGNUM */
-static BIGNUM *
-felem_to_BN(BIGNUM * out, const felem in)
-{
-	felem_bytearray b_in, b_out;
-	felem_to_bin28(b_in, in);
-	flip_endian(b_out, b_in, sizeof b_out);
-	return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-/******************************************************************************/
-/*				FIELD OPERATIONS
- *
- * Field operations, using the internal representation of field elements.
- * NB! These operations are specific to our point multiplication and cannot be
- * expected to be correct in general - e.g., multiplication with a large scalar
- * will cause an overflow.
- *
- */
-
-static void 
-felem_one(felem out)
-{
-	out[0] = 1;
-	out[1] = 0;
-	out[2] = 0;
-	out[3] = 0;
-}
-
-static void 
-felem_assign(felem out, const felem in)
-{
-	out[0] = in[0];
-	out[1] = in[1];
-	out[2] = in[2];
-	out[3] = in[3];
-}
-
-/* Sum two field elements: out += in */
-static void 
-felem_sum(felem out, const felem in)
-{
-	out[0] += in[0];
-	out[1] += in[1];
-	out[2] += in[2];
-	out[3] += in[3];
-}
-
-/* Get negative value: out = -in */
-/* Assumes in[i] < 2^57 */
-static void 
-felem_neg(felem out, const felem in)
-{
-	static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
-	static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
-	static const limb two58m42m2 = (((limb) 1) << 58) -
-	(((limb) 1) << 42) - (((limb) 1) << 2);
-
-	/* Set to 0 mod 2^224-2^96+1 to ensure out > in */
-	out[0] = two58p2 - in[0];
-	out[1] = two58m42m2 - in[1];
-	out[2] = two58m2 - in[2];
-	out[3] = two58m2 - in[3];
-}
-
-/* Subtract field elements: out -= in */
-/* Assumes in[i] < 2^57 */
-static void 
-felem_diff(felem out, const felem in)
-{
-	static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
-	static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
-	static const limb two58m42m2 = (((limb) 1) << 58) -
-	(((limb) 1) << 42) - (((limb) 1) << 2);
-
-	/* Add 0 mod 2^224-2^96+1 to ensure out > in */
-	out[0] += two58p2;
-	out[1] += two58m42m2;
-	out[2] += two58m2;
-	out[3] += two58m2;
-
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-}
-
-/* Subtract in unreduced 128-bit mode: out -= in */
-/* Assumes in[i] < 2^119 */
-static void 
-widefelem_diff(widefelem out, const widefelem in)
-{
-	static const widelimb two120 = ((widelimb) 1) << 120;
-	static const widelimb two120m64 = (((widelimb) 1) << 120) -
-	(((widelimb) 1) << 64);
-	static const widelimb two120m104m64 = (((widelimb) 1) << 120) -
-	(((widelimb) 1) << 104) - (((widelimb) 1) << 64);
-
-	/* Add 0 mod 2^224-2^96+1 to ensure out > in */
-	out[0] += two120;
-	out[1] += two120m64;
-	out[2] += two120m64;
-	out[3] += two120;
-	out[4] += two120m104m64;
-	out[5] += two120m64;
-	out[6] += two120m64;
-
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-	out[4] -= in[4];
-	out[5] -= in[5];
-	out[6] -= in[6];
-}
-
-/* Subtract in mixed mode: out128 -= in64 */
-/* in[i] < 2^63 */
-static void 
-felem_diff_128_64(widefelem out, const felem in)
-{
-	static const widelimb two64p8 = (((widelimb) 1) << 64) +
-	(((widelimb) 1) << 8);
-	static const widelimb two64m8 = (((widelimb) 1) << 64) -
-	(((widelimb) 1) << 8);
-	static const widelimb two64m48m8 = (((widelimb) 1) << 64) -
-	(((widelimb) 1) << 48) - (((widelimb) 1) << 8);
-
-	/* Add 0 mod 2^224-2^96+1 to ensure out > in */
-	out[0] += two64p8;
-	out[1] += two64m48m8;
-	out[2] += two64m8;
-	out[3] += two64m8;
-
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-}
-
-/* Multiply a field element by a scalar: out = out * scalar
- * The scalars we actually use are small, so results fit without overflow */
-static void 
-felem_scalar(felem out, const limb scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-}
-
-/* Multiply an unreduced field element by a scalar: out = out * scalar
- * The scalars we actually use are small, so results fit without overflow */
-static void 
-widefelem_scalar(widefelem out, const widelimb scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-	out[4] *= scalar;
-	out[5] *= scalar;
-	out[6] *= scalar;
-}
-
-/* Square a field element: out = in^2 */
-static void 
-felem_square(widefelem out, const felem in)
-{
-	limb tmp0, tmp1, tmp2;
-	tmp0 = 2 * in[0];
-	tmp1 = 2 * in[1];
-	tmp2 = 2 * in[2];
-	out[0] = ((widelimb) in[0]) * in[0];
-	out[1] = ((widelimb) in[0]) * tmp1;
-	out[2] = ((widelimb) in[0]) * tmp2 + ((widelimb) in[1]) * in[1];
-	out[3] = ((widelimb) in[3]) * tmp0 +
-	    ((widelimb) in[1]) * tmp2;
-	out[4] = ((widelimb) in[3]) * tmp1 + ((widelimb) in[2]) * in[2];
-	out[5] = ((widelimb) in[3]) * tmp2;
-	out[6] = ((widelimb) in[3]) * in[3];
-}
-
-/* Multiply two field elements: out = in1 * in2 */
-static void 
-felem_mul(widefelem out, const felem in1, const felem in2)
-{
-	out[0] = ((widelimb) in1[0]) * in2[0];
-	out[1] = ((widelimb) in1[0]) * in2[1] + ((widelimb) in1[1]) * in2[0];
-	out[2] = ((widelimb) in1[0]) * in2[2] + ((widelimb) in1[1]) * in2[1] +
-	    ((widelimb) in1[2]) * in2[0];
-	out[3] = ((widelimb) in1[0]) * in2[3] + ((widelimb) in1[1]) * in2[2] +
-	    ((widelimb) in1[2]) * in2[1] + ((widelimb) in1[3]) * in2[0];
-	out[4] = ((widelimb) in1[1]) * in2[3] + ((widelimb) in1[2]) * in2[2] +
-	    ((widelimb) in1[3]) * in2[1];
-	out[5] = ((widelimb) in1[2]) * in2[3] + ((widelimb) in1[3]) * in2[2];
-	out[6] = ((widelimb) in1[3]) * in2[3];
-}
-
-/* Reduce seven 128-bit coefficients to four 64-bit coefficients.
- * Requires in[i] < 2^126,
- * ensures out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16 */
-static void 
-felem_reduce(felem out, const widefelem in)
-{
-	static const widelimb two127p15 = (((widelimb) 1) << 127) +
-	(((widelimb) 1) << 15);
-	static const widelimb two127m71 = (((widelimb) 1) << 127) -
-	(((widelimb) 1) << 71);
-	static const widelimb two127m71m55 = (((widelimb) 1) << 127) -
-	(((widelimb) 1) << 71) - (((widelimb) 1) << 55);
-	widelimb output[5];
-
-	/* Add 0 mod 2^224-2^96+1 to ensure all differences are positive */
-	output[0] = in[0] + two127p15;
-	output[1] = in[1] + two127m71m55;
-	output[2] = in[2] + two127m71;
-	output[3] = in[3];
-	output[4] = in[4];
-
-	/* Eliminate in[4], in[5], in[6] */
-	output[4] += in[6] >> 16;
-	output[3] += (in[6] & 0xffff) << 40;
-	output[2] -= in[6];
-
-	output[3] += in[5] >> 16;
-	output[2] += (in[5] & 0xffff) << 40;
-	output[1] -= in[5];
-
-	output[2] += output[4] >> 16;
-	output[1] += (output[4] & 0xffff) << 40;
-	output[0] -= output[4];
-
-	/* Carry 2 -> 3 -> 4 */
-	output[3] += output[2] >> 56;
-	output[2] &= 0x00ffffffffffffff;
-
-	output[4] = output[3] >> 56;
-	output[3] &= 0x00ffffffffffffff;
-
-	/* Now output[2] < 2^56, output[3] < 2^56, output[4] < 2^72 */
-
-	/* Eliminate output[4] */
-	output[2] += output[4] >> 16;
-	/* output[2] < 2^56 + 2^56 = 2^57 */
-	output[1] += (output[4] & 0xffff) << 40;
-	output[0] -= output[4];
-
-	/* Carry 0 -> 1 -> 2 -> 3 */
-	output[1] += output[0] >> 56;
-	out[0] = output[0] & 0x00ffffffffffffff;
-
-	output[2] += output[1] >> 56;
-	/* output[2] < 2^57 + 2^72 */
-	out[1] = output[1] & 0x00ffffffffffffff;
-	output[3] += output[2] >> 56;
-	/* output[3] <= 2^56 + 2^16 */
-	out[2] = output[2] & 0x00ffffffffffffff;
-
-	/*
-	 * out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16
-	 * (due to final carry), so out < 2*p
-	 */
-	out[3] = output[3];
-}
-
-static void 
-felem_square_reduce(felem out, const felem in)
-{
-	widefelem tmp;
-	felem_square(tmp, in);
-	felem_reduce(out, tmp);
-}
-
-static void 
-felem_mul_reduce(felem out, const felem in1, const felem in2)
-{
-	widefelem tmp;
-	felem_mul(tmp, in1, in2);
-	felem_reduce(out, tmp);
-}
-
-/* Reduce to unique minimal representation.
- * Requires 0 <= in < 2*p (always call felem_reduce first) */
-static void 
-felem_contract(felem out, const felem in)
-{
-	static const int64_t two56 = ((limb) 1) << 56;
-	/* 0 <= in < 2*p, p = 2^224 - 2^96 + 1 */
-	/* if in > p , reduce in = in - 2^224 + 2^96 - 1 */
-	int64_t tmp[4], a;
-	tmp[0] = in[0];
-	tmp[1] = in[1];
-	tmp[2] = in[2];
-	tmp[3] = in[3];
-	/* Case 1: a = 1 iff in >= 2^224 */
-	a = (in[3] >> 56);
-	tmp[0] -= a;
-	tmp[1] += a << 40;
-	tmp[3] &= 0x00ffffffffffffff;
-	/*
-	 * Case 2: a = 0 iff p <= in < 2^224, i.e., the high 128 bits are all
-	 * 1 and the lower part is non-zero
-	 */
-	a = ((in[3] & in[2] & (in[1] | 0x000000ffffffffff)) + 1) |
-	    (((int64_t) (in[0] + (in[1] & 0x000000ffffffffff)) - 1) >> 63);
-	a &= 0x00ffffffffffffff;
-	/* turn a into an all-one mask (if a = 0) or an all-zero mask */
-	a = (a - 1) >> 63;
-	/* subtract 2^224 - 2^96 + 1 if a is all-one */
-	tmp[3] &= a ^ 0xffffffffffffffff;
-	tmp[2] &= a ^ 0xffffffffffffffff;
-	tmp[1] &= (a ^ 0xffffffffffffffff) | 0x000000ffffffffff;
-	tmp[0] -= 1 & a;
-
-	/*
-	 * eliminate negative coefficients: if tmp[0] is negative, tmp[1]
-	 * must be non-zero, so we only need one step
-	 */
-	a = tmp[0] >> 63;
-	tmp[0] += two56 & a;
-	tmp[1] -= 1 & a;
-
-	/* carry 1 -> 2 -> 3 */
-	tmp[2] += tmp[1] >> 56;
-	tmp[1] &= 0x00ffffffffffffff;
-
-	tmp[3] += tmp[2] >> 56;
-	tmp[2] &= 0x00ffffffffffffff;
-
-	/* Now 0 <= out < p */
-	out[0] = tmp[0];
-	out[1] = tmp[1];
-	out[2] = tmp[2];
-	out[3] = tmp[3];
-}
-
-/* Zero-check: returns 1 if input is 0, and 0 otherwise.
- * We know that field elements are reduced to in < 2^225,
- * so we only need to check three cases: 0, 2^224 - 2^96 + 1,
- * and 2^225 - 2^97 + 2 */
-static limb 
-felem_is_zero(const felem in)
-{
-	limb zero, two224m96p1, two225m97p2;
-
-	zero = in[0] | in[1] | in[2] | in[3];
-	zero = (((int64_t) (zero) - 1) >> 63) & 1;
-	two224m96p1 = (in[0] ^ 1) | (in[1] ^ 0x00ffff0000000000)
-	    | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x00ffffffffffffff);
-	two224m96p1 = (((int64_t) (two224m96p1) - 1) >> 63) & 1;
-	two225m97p2 = (in[0] ^ 2) | (in[1] ^ 0x00fffe0000000000)
-	    | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x01ffffffffffffff);
-	two225m97p2 = (((int64_t) (two225m97p2) - 1) >> 63) & 1;
-	return (zero | two224m96p1 | two225m97p2);
-}
-
-static limb 
-felem_is_zero_int(const felem in)
-{
-	return (int) (felem_is_zero(in) & ((limb) 1));
-}
-
-/* Invert a field element */
-/* Computation chain copied from djb's code */
-static void 
-felem_inv(felem out, const felem in)
-{
-	felem ftmp, ftmp2, ftmp3, ftmp4;
-	widefelem tmp;
-	unsigned i;
-
-	felem_square(tmp, in);
-	felem_reduce(ftmp, tmp);/* 2 */
-	felem_mul(tmp, in, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^2 - 1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^3 - 2 */
-	felem_mul(tmp, in, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^3 - 1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp2, tmp);	/* 2^4 - 2 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^5 - 4 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^6 - 8 */
-	felem_mul(tmp, ftmp2, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^6 - 1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp2, tmp);	/* 2^7 - 2 */
-	for (i = 0; i < 5; ++i) {	/* 2^12 - 2^6 */
-		felem_square(tmp, ftmp2);
-		felem_reduce(ftmp2, tmp);
-	}
-	felem_mul(tmp, ftmp2, ftmp);
-	felem_reduce(ftmp2, tmp);	/* 2^12 - 1 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^13 - 2 */
-	for (i = 0; i < 11; ++i) {	/* 2^24 - 2^12 */
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^24 - 1 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^25 - 2 */
-	for (i = 0; i < 23; ++i) {	/* 2^48 - 2^24 */
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^48 - 1 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp4, tmp);	/* 2^49 - 2 */
-	for (i = 0; i < 47; ++i) {	/* 2^96 - 2^48 */
-		felem_square(tmp, ftmp4);
-		felem_reduce(ftmp4, tmp);
-	}
-	felem_mul(tmp, ftmp3, ftmp4);
-	felem_reduce(ftmp3, tmp);	/* 2^96 - 1 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp4, tmp);	/* 2^97 - 2 */
-	for (i = 0; i < 23; ++i) {	/* 2^120 - 2^24 */
-		felem_square(tmp, ftmp4);
-		felem_reduce(ftmp4, tmp);
-	}
-	felem_mul(tmp, ftmp2, ftmp4);
-	felem_reduce(ftmp2, tmp);	/* 2^120 - 1 */
-	for (i = 0; i < 6; ++i) {	/* 2^126 - 2^6 */
-		felem_square(tmp, ftmp2);
-		felem_reduce(ftmp2, tmp);
-	}
-	felem_mul(tmp, ftmp2, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^126 - 1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^127 - 2 */
-	felem_mul(tmp, ftmp, in);
-	felem_reduce(ftmp, tmp);/* 2^127 - 1 */
-	for (i = 0; i < 97; ++i) {	/* 2^224 - 2^97 */
-		felem_square(tmp, ftmp);
-		felem_reduce(ftmp, tmp);
-	}
-	felem_mul(tmp, ftmp, ftmp3);
-	felem_reduce(out, tmp);	/* 2^224 - 2^96 - 1 */
-}
-
-/* Copy in constant time:
- * if icopy == 1, copy in to out,
- * if icopy == 0, copy out to itself. */
-static void
-copy_conditional(felem out, const felem in, limb icopy)
-{
-	unsigned i;
-	/* icopy is a (64-bit) 0 or 1, so copy is either all-zero or all-one */
-	const limb copy = -icopy;
-	for (i = 0; i < 4; ++i) {
-		const limb tmp = copy & (in[i] ^ out[i]);
-		out[i] ^= tmp;
-	}
-}
-
-/******************************************************************************/
-/*			 ELLIPTIC CURVE POINT OPERATIONS
- *
- * Points are represented in Jacobian projective coordinates:
- * (X, Y, Z) corresponds to the affine point (X/Z^2, Y/Z^3),
- * or to the point at infinity if Z == 0.
- *
- */
-
-/* Double an elliptic curve point:
- * (X', Y', Z') = 2 * (X, Y, Z), where
- * X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
- * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
- * Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
- * while x_out == y_in is not (maybe this works, but it's not tested). */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-    const felem x_in, const felem y_in, const felem z_in)
-{
-	widefelem tmp, tmp2;
-	felem delta, gamma, beta, alpha, ftmp, ftmp2;
-
-	felem_assign(ftmp, x_in);
-	felem_assign(ftmp2, x_in);
-
-	/* delta = z^2 */
-	felem_square(tmp, z_in);
-	felem_reduce(delta, tmp);
-
-	/* gamma = y^2 */
-	felem_square(tmp, y_in);
-	felem_reduce(gamma, tmp);
-
-	/* beta = x*gamma */
-	felem_mul(tmp, x_in, gamma);
-	felem_reduce(beta, tmp);
-
-	/* alpha = 3*(x-delta)*(x+delta) */
-	felem_diff(ftmp, delta);
-	/* ftmp[i] < 2^57 + 2^58 + 2 < 2^59 */
-	felem_sum(ftmp2, delta);
-	/* ftmp2[i] < 2^57 + 2^57 = 2^58 */
-	felem_scalar(ftmp2, 3);
-	/* ftmp2[i] < 3 * 2^58 < 2^60 */
-	felem_mul(tmp, ftmp, ftmp2);
-	/* tmp[i] < 2^60 * 2^59 * 4 = 2^121 */
-	felem_reduce(alpha, tmp);
-
-	/* x' = alpha^2 - 8*beta */
-	felem_square(tmp, alpha);
-	/* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-	felem_assign(ftmp, beta);
-	felem_scalar(ftmp, 8);
-	/* ftmp[i] < 8 * 2^57 = 2^60 */
-	felem_diff_128_64(tmp, ftmp);
-	/* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-	felem_reduce(x_out, tmp);
-
-	/* z' = (y + z)^2 - gamma - delta */
-	felem_sum(delta, gamma);
-	/* delta[i] < 2^57 + 2^57 = 2^58 */
-	felem_assign(ftmp, y_in);
-	felem_sum(ftmp, z_in);
-	/* ftmp[i] < 2^57 + 2^57 = 2^58 */
-	felem_square(tmp, ftmp);
-	/* tmp[i] < 4 * 2^58 * 2^58 = 2^118 */
-	felem_diff_128_64(tmp, delta);
-	/* tmp[i] < 2^118 + 2^64 + 8 < 2^119 */
-	felem_reduce(z_out, tmp);
-
-	/* y' = alpha*(4*beta - x') - 8*gamma^2 */
-	felem_scalar(beta, 4);
-	/* beta[i] < 4 * 2^57 = 2^59 */
-	felem_diff(beta, x_out);
-	/* beta[i] < 2^59 + 2^58 + 2 < 2^60 */
-	felem_mul(tmp, alpha, beta);
-	/* tmp[i] < 4 * 2^57 * 2^60 = 2^119 */
-	felem_square(tmp2, gamma);
-	/* tmp2[i] < 4 * 2^57 * 2^57 = 2^116 */
-	widefelem_scalar(tmp2, 8);
-	/* tmp2[i] < 8 * 2^116 = 2^119 */
-	widefelem_diff(tmp, tmp2);
-	/* tmp[i] < 2^119 + 2^120 < 2^121 */
-	felem_reduce(y_out, tmp);
-}
-
-/* Add two elliptic curve points:
- * (X_1, Y_1, Z_1) + (X_2, Y_2, Z_2) = (X_3, Y_3, Z_3), where
- * X_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1)^2 - (Z_1^2 * X_2 - Z_2^2 * X_1)^3 -
- * 2 * Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2
- * Y_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1) * (Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2 - X_3) -
- *        Z_2^3 * Y_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^3
- * Z_3 = (Z_1^2 * X_2 - Z_2^2 * X_1) * (Z_1 * Z_2)
- *
- * This runs faster if 'mixed' is set, which requires Z_2 = 1 or Z_2 = 0.
- */
-
-/* This function is not entirely constant-time:
- * it includes a branch for checking whether the two input points are equal,
- * (while not equal to the point at infinity).
- * This case never happens during single point multiplication,
- * so there is no timing leak for ECDH or ECDSA signing. */
-static void 
-point_add(felem x3, felem y3, felem z3,
-    const felem x1, const felem y1, const felem z1,
-    const int mixed, const felem x2, const felem y2, const felem z2)
-{
-	felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, x_out, y_out, z_out;
-	widefelem tmp, tmp2;
-	limb z1_is_zero, z2_is_zero, x_equal, y_equal;
-
-	if (!mixed) {
-		/* ftmp2 = z2^2 */
-		felem_square(tmp, z2);
-		felem_reduce(ftmp2, tmp);
-
-		/* ftmp4 = z2^3 */
-		felem_mul(tmp, ftmp2, z2);
-		felem_reduce(ftmp4, tmp);
-
-		/* ftmp4 = z2^3*y1 */
-		felem_mul(tmp2, ftmp4, y1);
-		felem_reduce(ftmp4, tmp2);
-
-		/* ftmp2 = z2^2*x1 */
-		felem_mul(tmp2, ftmp2, x1);
-		felem_reduce(ftmp2, tmp2);
-	} else {
-		/* We'll assume z2 = 1 (special case z2 = 0 is handled later) */
-
-		/* ftmp4 = z2^3*y1 */
-		felem_assign(ftmp4, y1);
-
-		/* ftmp2 = z2^2*x1 */
-		felem_assign(ftmp2, x1);
-	}
-
-	/* ftmp = z1^2 */
-	felem_square(tmp, z1);
-	felem_reduce(ftmp, tmp);
-
-	/* ftmp3 = z1^3 */
-	felem_mul(tmp, ftmp, z1);
-	felem_reduce(ftmp3, tmp);
-
-	/* tmp = z1^3*y2 */
-	felem_mul(tmp, ftmp3, y2);
-	/* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-	/* ftmp3 = z1^3*y2 - z2^3*y1 */
-	felem_diff_128_64(tmp, ftmp4);
-	/* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-	felem_reduce(ftmp3, tmp);
-
-	/* tmp = z1^2*x2 */
-	felem_mul(tmp, ftmp, x2);
-	/* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-	/* ftmp = z1^2*x2 - z2^2*x1 */
-	felem_diff_128_64(tmp, ftmp2);
-	/* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
-	felem_reduce(ftmp, tmp);
-
-	/*
-	 * the formulae are incorrect if the points are equal so we check for
-	 * this and do doubling if this happens
-	 */
-	x_equal = felem_is_zero(ftmp);
-	y_equal = felem_is_zero(ftmp3);
-	z1_is_zero = felem_is_zero(z1);
-	z2_is_zero = felem_is_zero(z2);
-	/* In affine coordinates, (X_1, Y_1) == (X_2, Y_2) */
-	if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-		point_double(x3, y3, z3, x1, y1, z1);
-		return;
-	}
-	/* ftmp5 = z1*z2 */
-	if (!mixed) {
-		felem_mul(tmp, z1, z2);
-		felem_reduce(ftmp5, tmp);
-	} else {
-		/* special case z2 = 0 is handled later */
-		felem_assign(ftmp5, z1);
-	}
-
-	/* z_out = (z1^2*x2 - z2^2*x1)*(z1*z2) */
-	felem_mul(tmp, ftmp, ftmp5);
-	felem_reduce(z_out, tmp);
-
-	/* ftmp = (z1^2*x2 - z2^2*x1)^2 */
-	felem_assign(ftmp5, ftmp);
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);
-
-	/* ftmp5 = (z1^2*x2 - z2^2*x1)^3 */
-	felem_mul(tmp, ftmp, ftmp5);
-	felem_reduce(ftmp5, tmp);
-
-	/* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
-	felem_mul(tmp, ftmp2, ftmp);
-	felem_reduce(ftmp2, tmp);
-
-	/* tmp = z2^3*y1*(z1^2*x2 - z2^2*x1)^3 */
-	felem_mul(tmp, ftmp4, ftmp5);
-	/* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
-
-	/* tmp2 = (z1^3*y2 - z2^3*y1)^2 */
-	felem_square(tmp2, ftmp3);
-	/* tmp2[i] < 4 * 2^57 * 2^57 < 2^116 */
-
-	/* tmp2 = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 */
-	felem_diff_128_64(tmp2, ftmp5);
-	/* tmp2[i] < 2^116 + 2^64 + 8 < 2^117 */
-
-	/* ftmp5 = 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
-	felem_assign(ftmp5, ftmp2);
-	felem_scalar(ftmp5, 2);
-	/* ftmp5[i] < 2 * 2^57 = 2^58 */
-
-	/*
-	 * x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
-	 * 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2
-	 */
-	felem_diff_128_64(tmp2, ftmp5);
-	/* tmp2[i] < 2^117 + 2^64 + 8 < 2^118 */
-	felem_reduce(x_out, tmp2);
-
-	/* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out */
-	felem_diff(ftmp2, x_out);
-	/* ftmp2[i] < 2^57 + 2^58 + 2 < 2^59 */
-
-	/* tmp2 = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) */
-	felem_mul(tmp2, ftmp3, ftmp2);
-	/* tmp2[i] < 4 * 2^57 * 2^59 = 2^118 */
-
-	/*
-	 * y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 -
-	 * x_out) - z2^3*y1*(z1^2*x2 - z2^2*x1)^3
-	 */
-	widefelem_diff(tmp2, tmp);
-	/* tmp2[i] < 2^118 + 2^120 < 2^121 */
-	felem_reduce(y_out, tmp2);
-
-	/*
-	 * the result (x_out, y_out, z_out) is incorrect if one of the inputs
-	 * is the point at infinity, so we need to check for this separately
-	 */
-
-	/* if point 1 is at infinity, copy point 2 to output, and vice versa */
-	copy_conditional(x_out, x2, z1_is_zero);
-	copy_conditional(x_out, x1, z2_is_zero);
-	copy_conditional(y_out, y2, z1_is_zero);
-	copy_conditional(y_out, y1, z2_is_zero);
-	copy_conditional(z_out, z2, z1_is_zero);
-	copy_conditional(z_out, z1, z2_is_zero);
-	felem_assign(x3, x_out);
-	felem_assign(y3, y_out);
-	felem_assign(z3, z_out);
-}
-
-/* select_point selects the |idx|th point from a precomputation table and
- * copies it to out. */
-static void 
-select_point(const u64 idx, unsigned int size, const felem pre_comp[ /* size */ ][3], felem out[3])
-{
-	unsigned i, j;
-	limb *outlimbs = &out[0][0];
-	memset(outlimbs, 0, 3 * sizeof(felem));
-
-	for (i = 0; i < size; i++) {
-		const limb *inlimbs = &pre_comp[i][0][0];
-		u64 mask = i ^ idx;
-		mask |= mask >> 4;
-		mask |= mask >> 2;
-		mask |= mask >> 1;
-		mask &= 1;
-		mask--;
-		for (j = 0; j < 4 * 3; j++)
-			outlimbs[j] |= inlimbs[j] & mask;
-	}
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char 
-get_bit(const felem_bytearray in, unsigned i)
-{
-	if (i >= 224)
-		return 0;
-	return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/* Interleaved point multiplication using precomputed point multiples:
- * The small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[],
- * the scalars in scalars[]. If g_scalar is non-NULL, we also add this multiple
- * of the generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out */
-static void 
-batch_mul(felem x_out, felem y_out, felem z_out,
-    const felem_bytearray scalars[], const unsigned num_points, const u8 * g_scalar,
-    const int mixed, const felem pre_comp[][17][3], const felem g_pre_comp[2][16][3])
-{
-	int i, skip;
-	unsigned num;
-	unsigned gen_mul = (g_scalar != NULL);
-	felem nq[3], tmp[4];
-	u64 bits;
-	u8 sign, digit;
-
-	/* set nq to the point at infinity */
-	memset(nq, 0, 3 * sizeof(felem));
-
-	/*
-	 * Loop over all scalars msb-to-lsb, interleaving additions of
-	 * multiples of the generator (two in each of the last 28 rounds) and
-	 * additions of other points multiples (every 5th round).
-	 */
-	skip = 1;		/* save two point operations in the first
-				 * round */
-	for (i = (num_points ? 220 : 27); i >= 0; --i) {
-		/* double */
-		if (!skip)
-			point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-		/* add multiples of the generator */
-		if (gen_mul && (i <= 27)) {
-			/* first, look 28 bits upwards */
-			bits = get_bit(g_scalar, i + 196) << 3;
-			bits |= get_bit(g_scalar, i + 140) << 2;
-			bits |= get_bit(g_scalar, i + 84) << 1;
-			bits |= get_bit(g_scalar, i + 28);
-			/* select the point to add, in constant time */
-			select_point(bits, 16, g_pre_comp[1], tmp);
-
-			if (!skip) {
-				point_add(nq[0], nq[1], nq[2],
-				    nq[0], nq[1], nq[2],
-				    1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-			} else {
-				memcpy(nq, tmp, 3 * sizeof(felem));
-				skip = 0;
-			}
-
-			/* second, look at the current position */
-			bits = get_bit(g_scalar, i + 168) << 3;
-			bits |= get_bit(g_scalar, i + 112) << 2;
-			bits |= get_bit(g_scalar, i + 56) << 1;
-			bits |= get_bit(g_scalar, i);
-			/* select the point to add, in constant time */
-			select_point(bits, 16, g_pre_comp[0], tmp);
-			point_add(nq[0], nq[1], nq[2],
-			    nq[0], nq[1], nq[2],
-			    1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-		}
-		/* do other additions every 5 doublings */
-		if (num_points && (i % 5 == 0)) {
-			/* loop over all scalars */
-			for (num = 0; num < num_points; ++num) {
-				bits = get_bit(scalars[num], i + 4) << 5;
-				bits |= get_bit(scalars[num], i + 3) << 4;
-				bits |= get_bit(scalars[num], i + 2) << 3;
-				bits |= get_bit(scalars[num], i + 1) << 2;
-				bits |= get_bit(scalars[num], i) << 1;
-				bits |= get_bit(scalars[num], i - 1);
-				ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-				/* select the point to add or subtract */
-				select_point(digit, 17, pre_comp[num], tmp);
-				felem_neg(tmp[3], tmp[1]);	/* (X, -Y, Z) is the
-								 * negative point */
-				copy_conditional(tmp[1], tmp[3], sign);
-
-				if (!skip) {
-					point_add(nq[0], nq[1], nq[2],
-					    nq[0], nq[1], nq[2],
-					    mixed, tmp[0], tmp[1], tmp[2]);
-				} else {
-					memcpy(nq, tmp, 3 * sizeof(felem));
-					skip = 0;
-				}
-			}
-		}
-	}
-	felem_assign(x_out, nq[0]);
-	felem_assign(y_out, nq[1]);
-	felem_assign(z_out, nq[2]);
-}
-
-/******************************************************************************/
-/*		       FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP224_PRE_COMP *
-nistp224_pre_comp_new()
-{
-	NISTP224_PRE_COMP *ret = NULL;
-	ret = malloc(sizeof *ret);
-	if (!ret) {
-		ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-		return ret;
-	}
-	memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-	ret->references = 1;
-	return ret;
-}
-
-static void *
-nistp224_pre_comp_dup(void *src_)
-{
-	NISTP224_PRE_COMP *src = src_;
-
-	/* no need to actually copy, these objects never change! */
-	CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-	return src_;
-}
-
-static void 
-nistp224_pre_comp_free(void *pre_)
-{
-	int i;
-	NISTP224_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	free(pre);
-}
-
-static void 
-nistp224_pre_comp_clear_free(void *pre_)
-{
-	int i;
-	NISTP224_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	explicit_bzero(pre, sizeof *pre);
-	free(pre);
-}
-
-/******************************************************************************/
-/*			   OPENSSL EC_METHOD FUNCTIONS
- */
-
-int 
-ec_GFp_nistp224_group_init(EC_GROUP * group)
-{
-	int ret;
-	ret = ec_GFp_simple_group_init(group);
-	group->a_is_minus3 = 1;
-	return ret;
-}
-
-int 
-ec_GFp_nistp224_group_set_curve(EC_GROUP * group, const BIGNUM * p,
-    const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *curve_p, *curve_a, *curve_b;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_b = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	BN_bin2bn(nistp224_curve_params[0], sizeof(felem_bytearray), curve_p);
-	BN_bin2bn(nistp224_curve_params[1], sizeof(felem_bytearray), curve_a);
-	BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b);
-	if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) ||
-	    (BN_cmp(curve_b, b))) {
-		ECerr(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE,
-		    EC_R_WRONG_CURVE_PARAMETERS);
-		goto err;
-	}
-	group->field_mod_func = BN_nist_mod_224;
-	ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-/* Takes the Jacobian coordinates (X, Y, Z) of a point and returns
- * (X', Y') = (X/Z^2, Y/Z^3) */
-int 
-ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP * group,
-    const EC_POINT * point, BIGNUM * x, BIGNUM * y, BN_CTX * ctx)
-{
-	felem z1, z2, x_in, y_in, x_out, y_out;
-	widefelem tmp;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-		    EC_R_POINT_AT_INFINITY);
-		return 0;
-	}
-	if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-	    (!BN_to_felem(z1, &point->Z)))
-		return 0;
-	felem_inv(z2, z1);
-	felem_square(tmp, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, x_in, z1);
-	felem_reduce(x_in, tmp);
-	felem_contract(x_out, x_in);
-	if (x != NULL) {
-		if (!felem_to_BN(x, x_out)) {
-			ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-			    ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	felem_mul(tmp, z1, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, y_in, z1);
-	felem_reduce(y_in, tmp);
-	felem_contract(y_out, y_in);
-	if (y != NULL) {
-		if (!felem_to_BN(y, y_out)) {
-			ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
-			    ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void 
-make_points_affine(size_t num, felem points[ /* num */ ][3], felem tmp_felems[ /* num+1 */ ])
-{
-	/*
-	 * Runs in constant time, unless an input is the point at infinity
-	 * (which normally shouldn't happen).
-	 */
-	ec_GFp_nistp_points_make_affine_internal(
-	    num,
-	    points,
-	    sizeof(felem),
-	    tmp_felems,
-	    (void (*) (void *)) felem_one,
-	    (int (*) (const void *)) felem_is_zero_int,
-	    (void (*) (void *, const void *)) felem_assign,
-	    (void (*) (void *, const void *)) felem_square_reduce,
-	    (void (*) (void *, const void *, const void *)) felem_mul_reduce,
-	    (void (*) (void *, const void *)) felem_inv,
-	    (void (*) (void *, const void *)) felem_contract);
-}
-
-/* Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL values
- * Result is stored in r (r can equal one of the inputs). */
-int 
-ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r,
-    const BIGNUM * scalar, size_t num, const EC_POINT * points[],
-    const BIGNUM * scalars[], BN_CTX * ctx)
-{
-	int ret = 0;
-	int j;
-	unsigned i;
-	int mixed = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y, *z, *tmp_scalar;
-	felem_bytearray g_secret;
-	felem_bytearray *secrets = NULL;
-	felem(*pre_comp)[17][3] = NULL;
-	felem *tmp_felems = NULL;
-	felem_bytearray tmp;
-	unsigned num_bytes;
-	int have_pre_comp = 0;
-	size_t num_points = num;
-	felem x_in, y_in, z_in, x_out, y_out, z_out;
-	NISTP224_PRE_COMP *pre = NULL;
-	const felem(*g_pre_comp)[16][3] = NULL;
-	EC_POINT *generator = NULL;
-	const EC_POINT *p = NULL;
-	const BIGNUM *p_scalar = NULL;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL) ||
-	    ((z = BN_CTX_get(ctx)) == NULL) ||
-	    ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-		goto err;
-
-	if (scalar != NULL) {
-		pre = EC_EX_DATA_get_data(group->extra_data,
-		    nistp224_pre_comp_dup, nistp224_pre_comp_free,
-		    nistp224_pre_comp_clear_free);
-		if (pre)
-			/* we have precomputation, try to use it */
-			g_pre_comp = (const felem(*)[16][3]) pre->g_pre_comp;
-		else
-			/* try to use the standard precomputation */
-			g_pre_comp = &gmul[0];
-		generator = EC_POINT_new(group);
-		if (generator == NULL)
-			goto err;
-		/* get the generator from precomputation */
-		if (!felem_to_BN(x, g_pre_comp[0][1][0]) ||
-		    !felem_to_BN(y, g_pre_comp[0][1][1]) ||
-		    !felem_to_BN(z, g_pre_comp[0][1][2])) {
-			ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-			generator, x, y, z, ctx))
-			goto err;
-		if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-			/* precomputation matches generator */
-			have_pre_comp = 1;
-		else
-			/*
-			 * we don't have valid precomputation: treat the
-			 * generator as a random point
-			 */
-			num_points = num_points + 1;
-	}
-	if (num_points > 0) {
-		if (num_points >= 3) {
-			/*
-			 * unless we precompute multiples for just one or two
-			 * points, converting those into affine form is time
-			 * well spent
-			 */
-			mixed = 1;
-		}
-		secrets = calloc(num_points, sizeof(felem_bytearray));
-		pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
-		if (mixed) {
-			/* XXX should do more int overflow checking */
-			tmp_felems = reallocarray(NULL,
-			    (num_points * 17 + 1), sizeof(felem));
-		}
-		if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
-			ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/*
-		 * we treat NULL scalars as 0, and NULL points as points at
-		 * infinity, i.e., they contribute nothing to the linear
-		 * combination
-		 */
-		for (i = 0; i < num_points; ++i) {
-			if (i == num)
-				/* the generator */
-			{
-				p = EC_GROUP_get0_generator(group);
-				p_scalar = scalar;
-			} else
-				/* the i^th point */
-			{
-				p = points[i];
-				p_scalar = scalars[i];
-			}
-			if ((p_scalar != NULL) && (p != NULL)) {
-				/* reduce scalar to 0 <= scalar < 2^224 */
-				if ((BN_num_bits(p_scalar) > 224) || (BN_is_negative(p_scalar))) {
-					/*
-					 * this is an unusual input, and we
-					 * don't guarantee constant-timeness
-					 */
-					if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-						ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-						goto err;
-					}
-					num_bytes = BN_bn2bin(tmp_scalar, tmp);
-				} else
-					num_bytes = BN_bn2bin(p_scalar, tmp);
-				flip_endian(secrets[i], tmp, num_bytes);
-				/* precompute multiples */
-				if ((!BN_to_felem(x_out, &p->X)) ||
-				    (!BN_to_felem(y_out, &p->Y)) ||
-				    (!BN_to_felem(z_out, &p->Z)))
-					goto err;
-				felem_assign(pre_comp[i][1][0], x_out);
-				felem_assign(pre_comp[i][1][1], y_out);
-				felem_assign(pre_comp[i][1][2], z_out);
-				for (j = 2; j <= 16; ++j) {
-					if (j & 1) {
-						point_add(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][1][0], pre_comp[i][1][1], pre_comp[i][1][2],
-						    0, pre_comp[i][j - 1][0], pre_comp[i][j - 1][1], pre_comp[i][j - 1][2]);
-					} else {
-						point_double(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][j / 2][0], pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
-					}
-				}
-			}
-		}
-		if (mixed)
-			make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
-	}
-	/* the scalar for the generator */
-	if ((scalar != NULL) && (have_pre_comp)) {
-		memset(g_secret, 0, sizeof g_secret);
-		/* reduce scalar to 0 <= scalar < 2^224 */
-		if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
-			/*
-			 * this is an unusual input, and we don't guarantee
-			 * constant-timeness
-			 */
-			if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-				ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-				goto err;
-			}
-			num_bytes = BN_bn2bin(tmp_scalar, tmp);
-		} else
-			num_bytes = BN_bn2bin(scalar, tmp);
-		flip_endian(g_secret, tmp, num_bytes);
-		/* do the multiplication with generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    g_secret,
-		    mixed, (const felem(*)[17][3]) pre_comp,
-		    g_pre_comp);
-	} else
-		/* do the multiplication without generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    NULL, mixed, (const felem(*)[17][3]) pre_comp, NULL);
-	/* reduce the output to its unique minimal representation */
-	felem_contract(x_in, x_out);
-	felem_contract(y_in, y_out);
-	felem_contract(z_in, z_out);
-	if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
-	    (!felem_to_BN(z, z_in))) {
-		ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
-		goto err;
-	}
-	ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	free(secrets);
-	free(pre_comp);
-	free(tmp_felems);
-	return ret;
-}
-
-int 
-ec_GFp_nistp224_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	NISTP224_PRE_COMP *pre = NULL;
-	int i, j;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	EC_POINT *generator = NULL;
-	felem tmp_felems[32];
-
-	/* throw away old precomputation */
-	EC_EX_DATA_free_data(&group->extra_data, nistp224_pre_comp_dup,
-	    nistp224_pre_comp_free, nistp224_pre_comp_clear_free);
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	/* get the generator */
-	if (group->generator == NULL)
-		goto err;
-	generator = EC_POINT_new(group);
-	if (generator == NULL)
-		goto err;
-	BN_bin2bn(nistp224_curve_params[3], sizeof(felem_bytearray), x);
-	BN_bin2bn(nistp224_curve_params[4], sizeof(felem_bytearray), y);
-	if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-		goto err;
-	if ((pre = nistp224_pre_comp_new()) == NULL)
-		goto err;
-	/* if the generator is the standard one, use built-in precomputation */
-	if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-		memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-		ret = 1;
-		goto err;
-	}
-	if ((!BN_to_felem(pre->g_pre_comp[0][1][0], &group->generator->X)) ||
-	    (!BN_to_felem(pre->g_pre_comp[0][1][1], &group->generator->Y)) ||
-	    (!BN_to_felem(pre->g_pre_comp[0][1][2], &group->generator->Z)))
-		goto err;
-	/*
-	 * compute 2^56*G, 2^112*G, 2^168*G for the first table, 2^28*G,
-	 * 2^84*G, 2^140*G, 2^196*G for the second one
-	 */
-	for (i = 1; i <= 8; i <<= 1) {
-		point_double(
-		    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2],
-		    pre->g_pre_comp[0][i][0], pre->g_pre_comp[0][i][1], pre->g_pre_comp[0][i][2]);
-		for (j = 0; j < 27; ++j) {
-			point_double(
-			    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2],
-			    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-		}
-		if (i == 8)
-			break;
-		point_double(
-		    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2],
-		    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-		for (j = 0; j < 27; ++j) {
-			point_double(
-			    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2],
-			    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2]);
-		}
-	}
-	for (i = 0; i < 2; i++) {
-		/* g_pre_comp[i][0] is the point at infinity */
-		memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
-		/* the remaining multiples */
-		/* 2^56*G + 2^112*G resp. 2^84*G + 2^140*G */
-		point_add(
-		    pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
-		    pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
-		    pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
-		    0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-		    pre->g_pre_comp[i][2][2]);
-		/* 2^56*G + 2^168*G resp. 2^84*G + 2^196*G */
-		point_add(
-		    pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
-		    pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
-		    pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-		    0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-		    pre->g_pre_comp[i][2][2]);
-		/* 2^112*G + 2^168*G resp. 2^140*G + 2^196*G */
-		point_add(
-		    pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
-		    pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
-		    pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-		    0, pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
-		    pre->g_pre_comp[i][4][2]);
-		/*
-		 * 2^56*G + 2^112*G + 2^168*G resp. 2^84*G + 2^140*G +
-		 * 2^196*G
-		 */
-		point_add(
-		    pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
-		    pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
-		    pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
-		    0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
-		    pre->g_pre_comp[i][2][2]);
-		for (j = 1; j < 8; ++j) {
-			/* odd multiples: add G resp. 2^28*G */
-			point_add(
-			    pre->g_pre_comp[i][2 * j + 1][0], pre->g_pre_comp[i][2 * j + 1][1],
-			    pre->g_pre_comp[i][2 * j + 1][2], pre->g_pre_comp[i][2 * j][0],
-			    pre->g_pre_comp[i][2 * j][1], pre->g_pre_comp[i][2 * j][2],
-			    0, pre->g_pre_comp[i][1][0], pre->g_pre_comp[i][1][1],
-			    pre->g_pre_comp[i][1][2]);
-		}
-	}
-	make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_felems);
-
-	if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp224_pre_comp_dup,
-		nistp224_pre_comp_free, nistp224_pre_comp_clear_free))
-		goto err;
-	ret = 1;
-	pre = NULL;
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	nistp224_pre_comp_free(pre);
-	return ret;
-}
-
-int 
-ec_GFp_nistp224_have_precompute_mult(const EC_GROUP * group)
-{
-	if (EC_EX_DATA_get_data(group->extra_data, nistp224_pre_comp_dup,
-		nistp224_pre_comp_free, nistp224_pre_comp_clear_free)
-	    != NULL)
-		return 1;
-	else
-		return 0;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/ec/ecp_nistp256.c b/lib/libssl/src/crypto/ec/ecp_nistp256.c
deleted file mode 100644
index be1d2a5402f..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_nistp256.c
+++ /dev/null
@@ -1,2239 +0,0 @@
-/* $OpenBSD: ecp_nistp256.c,v 1.16 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Written by Adam Langley (Google) for the OpenSSL project
- */
-/*
- * Copyright (c) 2011 Google Inc.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * A 64-bit implementation of the NIST P-256 elliptic curve point multiplication
- *
- * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
- * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
- * work which got its smarts from Daniel J. Bernstein's work on the same.
- */
-
-#include <stdint.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
-#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-  typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit platforms */
-  typedef __int128_t int128_t;
-#else
-  #error "Need GCC 3.1 or later to define type uint128_t"
-#endif
-
-typedef uint8_t u8;
-typedef uint32_t u32;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-/* The underlying field.
- *
- * P256 operates over GF(2^256-2^224+2^192+2^96-1). We can serialise an element
- * of this field into 32 bytes. We call this an felem_bytearray. */
-
-typedef u8 felem_bytearray[32];
-
-/* These are the parameters of P256, taken from FIPS 186-3, page 86. These
- * values are big-endian. */
-static const felem_bytearray nistp256_curve_params[5] = {
-	{0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,       /* p */
-	 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
-	{0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,       /* a = -3 */
-	 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc},      /* b */
-	{0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
-	 0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
-	 0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
-	 0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b},
-	{0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,       /* x */
-	 0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
-	 0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
-	 0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96},
-	{0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,       /* y */
-	 0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
-	 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
-	 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}
-};
-
-/* The representation of field elements.
- * ------------------------------------
- *
- * We represent field elements with either four 128-bit values, eight 128-bit
- * values, or four 64-bit values. The field element represented is:
- *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + v[3]*2^192  (mod p)
- * or:
- *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + ... + v[8]*2^512  (mod p)
- *
- * 128-bit values are called 'limbs'. Since the limbs are spaced only 64 bits
- * apart, but are 128-bits wide, the most significant bits of each limb overlap
- * with the least significant bits of the next.
- *
- * A field element with four limbs is an 'felem'. One with eight limbs is a
- * 'longfelem'
- *
- * A field element with four, 64-bit values is called a 'smallfelem'. Small
- * values are used as intermediate values before multiplication.
- */
-
-#define NLIMBS 4
-
-typedef uint128_t limb;
-typedef limb felem[NLIMBS];
-typedef limb longfelem[NLIMBS * 2];
-typedef u64 smallfelem[NLIMBS];
-
-/* This is the value of the prime as four 64-bit words, little-endian. */
-static const u64 kPrime[4] = {0xfffffffffffffffful, 0xffffffff, 0, 0xffffffff00000001ul};
-static const limb bottom32bits = 0xffffffff;
-static const u64 bottom63bits = 0x7ffffffffffffffful;
-
-/* bin32_to_felem takes a little-endian byte array and converts it into felem
- * form. This assumes that the CPU is little-endian. */
-static void 
-bin32_to_felem(felem out, const u8 in[32])
-{
-	out[0] = *((u64 *) & in[0]);
-	out[1] = *((u64 *) & in[8]);
-	out[2] = *((u64 *) & in[16]);
-	out[3] = *((u64 *) & in[24]);
-}
-
-/* smallfelem_to_bin32 takes a smallfelem and serialises into a little endian,
- * 32 byte array. This assumes that the CPU is little-endian. */
-static void 
-smallfelem_to_bin32(u8 out[32], const smallfelem in)
-{
-	*((u64 *) & out[0]) = in[0];
-	*((u64 *) & out[8]) = in[1];
-	*((u64 *) & out[16]) = in[2];
-	*((u64 *) & out[24]) = in[3];
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void 
-flip_endian(u8 * out, const u8 * in, unsigned len)
-{
-	unsigned i;
-	for (i = 0; i < len; ++i)
-		out[i] = in[len - 1 - i];
-}
-
-/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
-static int 
-BN_to_felem(felem out, const BIGNUM * bn)
-{
-	felem_bytearray b_in;
-	felem_bytearray b_out;
-	unsigned num_bytes;
-
-	/* BN_bn2bin eats leading zeroes */
-	memset(b_out, 0, sizeof b_out);
-	num_bytes = BN_num_bytes(bn);
-	if (num_bytes > sizeof b_out) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	if (BN_is_negative(bn)) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	num_bytes = BN_bn2bin(bn, b_in);
-	flip_endian(b_out, b_in, num_bytes);
-	bin32_to_felem(out, b_out);
-	return 1;
-}
-
-/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
-static BIGNUM *
-smallfelem_to_BN(BIGNUM * out, const smallfelem in)
-{
-	felem_bytearray b_in, b_out;
-	smallfelem_to_bin32(b_in, in);
-	flip_endian(b_out, b_in, sizeof b_out);
-	return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-
-/* Field operations
- * ---------------- */
-
-static void 
-smallfelem_one(smallfelem out)
-{
-	out[0] = 1;
-	out[1] = 0;
-	out[2] = 0;
-	out[3] = 0;
-}
-
-static void 
-smallfelem_assign(smallfelem out, const smallfelem in)
-{
-	out[0] = in[0];
-	out[1] = in[1];
-	out[2] = in[2];
-	out[3] = in[3];
-}
-
-static void 
-felem_assign(felem out, const felem in)
-{
-	out[0] = in[0];
-	out[1] = in[1];
-	out[2] = in[2];
-	out[3] = in[3];
-}
-
-/* felem_sum sets out = out + in. */
-static void 
-felem_sum(felem out, const felem in)
-{
-	out[0] += in[0];
-	out[1] += in[1];
-	out[2] += in[2];
-	out[3] += in[3];
-}
-
-/* felem_small_sum sets out = out + in. */
-static void 
-felem_small_sum(felem out, const smallfelem in)
-{
-	out[0] += in[0];
-	out[1] += in[1];
-	out[2] += in[2];
-	out[3] += in[3];
-}
-
-/* felem_scalar sets out = out * scalar */
-static void 
-felem_scalar(felem out, const u64 scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-}
-
-/* longfelem_scalar sets out = out * scalar */
-static void 
-longfelem_scalar(longfelem out, const u64 scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-	out[4] *= scalar;
-	out[5] *= scalar;
-	out[6] *= scalar;
-	out[7] *= scalar;
-}
-
-#define two105m41m9 (((limb)1) << 105) - (((limb)1) << 41) - (((limb)1) << 9)
-#define two105 (((limb)1) << 105)
-#define two105m41p9 (((limb)1) << 105) - (((limb)1) << 41) + (((limb)1) << 9)
-
-/* zero105 is 0 mod p */
-static const felem zero105 = {two105m41m9, two105, two105m41p9, two105m41p9};
-
-/* smallfelem_neg sets |out| to |-small|
- * On exit:
- *   out[i] < out[i] + 2^105
- */
-static void 
-smallfelem_neg(felem out, const smallfelem small)
-{
-	/* In order to prevent underflow, we subtract from 0 mod p. */
-	out[0] = zero105[0] - small[0];
-	out[1] = zero105[1] - small[1];
-	out[2] = zero105[2] - small[2];
-	out[3] = zero105[3] - small[3];
-}
-
-/* felem_diff subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^104
- * On exit:
- *   out[i] < out[i] + 2^105
- */
-static void 
-felem_diff(felem out, const felem in)
-{
-	/* In order to prevent underflow, we add 0 mod p before subtracting. */
-	out[0] += zero105[0];
-	out[1] += zero105[1];
-	out[2] += zero105[2];
-	out[3] += zero105[3];
-
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-}
-
-#define two107m43m11 (((limb)1) << 107) - (((limb)1) << 43) - (((limb)1) << 11)
-#define two107 (((limb)1) << 107)
-#define two107m43p11 (((limb)1) << 107) - (((limb)1) << 43) + (((limb)1) << 11)
-
-/* zero107 is 0 mod p */
-static const felem zero107 = {two107m43m11, two107, two107m43p11, two107m43p11};
-
-/* An alternative felem_diff for larger inputs |in|
- * felem_diff_zero107 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^106
- * On exit:
- *   out[i] < out[i] + 2^107
- */
-static void 
-felem_diff_zero107(felem out, const felem in)
-{
-	/* In order to prevent underflow, we add 0 mod p before subtracting. */
-	out[0] += zero107[0];
-	out[1] += zero107[1];
-	out[2] += zero107[2];
-	out[3] += zero107[3];
-
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-}
-
-/* longfelem_diff subtracts |in| from |out|
- * On entry:
- *   in[i] < 7*2^67
- * On exit:
- *   out[i] < out[i] + 2^70 + 2^40
- */
-static void 
-longfelem_diff(longfelem out, const longfelem in)
-{
-	static const limb two70m8p6 = (((limb) 1) << 70) - (((limb) 1) << 8) + (((limb) 1) << 6);
-	static const limb two70p40 = (((limb) 1) << 70) + (((limb) 1) << 40);
-	static const limb two70 = (((limb) 1) << 70);
-	static const limb two70m40m38p6 = (((limb) 1) << 70) - (((limb) 1) << 40) - (((limb) 1) << 38) + (((limb) 1) << 6);
-	static const limb two70m6 = (((limb) 1) << 70) - (((limb) 1) << 6);
-
-	/* add 0 mod p to avoid underflow */
-	out[0] += two70m8p6;
-	out[1] += two70p40;
-	out[2] += two70;
-	out[3] += two70m40m38p6;
-	out[4] += two70m6;
-	out[5] += two70m6;
-	out[6] += two70m6;
-	out[7] += two70m6;
-
-	/* in[i] < 7*2^67 < 2^70 - 2^40 - 2^38 + 2^6 */
-	out[0] -= in[0];
-	out[1] -= in[1];
-	out[2] -= in[2];
-	out[3] -= in[3];
-	out[4] -= in[4];
-	out[5] -= in[5];
-	out[6] -= in[6];
-	out[7] -= in[7];
-}
-
-#define two64m0 (((limb)1) << 64) - 1
-#define two110p32m0 (((limb)1) << 110) + (((limb)1) << 32) - 1
-#define two64m46 (((limb)1) << 64) - (((limb)1) << 46)
-#define two64m32 (((limb)1) << 64) - (((limb)1) << 32)
-
-/* zero110 is 0 mod p */
-static const felem zero110 = {two64m0, two110p32m0, two64m46, two64m32};
-
-/* felem_shrink converts an felem into a smallfelem. The result isn't quite
- * minimal as the value may be greater than p.
- *
- * On entry:
- *   in[i] < 2^109
- * On exit:
- *   out[i] < 2^64
- */
-static void 
-felem_shrink(smallfelem out, const felem in)
-{
-	felem tmp;
-	u64 a, b, mask;
-	s64 high, low;
-	static const u64 kPrime3Test = 0x7fffffff00000001ul;	/* 2^63 - 2^32 + 1 */
-
-	/* Carry 2->3 */
-	tmp[3] = zero110[3] + in[3] + ((u64) (in[2] >> 64));
-	/* tmp[3] < 2^110 */
-
-	tmp[2] = zero110[2] + (u64) in[2];
-	tmp[0] = zero110[0] + in[0];
-	tmp[1] = zero110[1] + in[1];
-	/* tmp[0] < 2**110, tmp[1] < 2^111, tmp[2] < 2**65 */
-
-	/*
-	 * We perform two partial reductions where we eliminate the high-word
-	 * of tmp[3]. We don't update the other words till the end.
-	 */
-	a = tmp[3] >> 64;	/* a < 2^46 */
-	tmp[3] = (u64) tmp[3];
-	tmp[3] -= a;
-	tmp[3] += ((limb) a) << 32;
-	/* tmp[3] < 2^79 */
-
-	b = a;
-	a = tmp[3] >> 64;	/* a < 2^15 */
-	b += a;			/* b < 2^46 + 2^15 < 2^47 */
-	tmp[3] = (u64) tmp[3];
-	tmp[3] -= a;
-	tmp[3] += ((limb) a) << 32;
-	/* tmp[3] < 2^64 + 2^47 */
-
-	/*
-	 * This adjusts the other two words to complete the two partial
-	 * reductions.
-	 */
-	tmp[0] += b;
-	tmp[1] -= (((limb) b) << 32);
-
-	/*
-	 * In order to make space in tmp[3] for the carry from 2 -> 3, we
-	 * conditionally subtract kPrime if tmp[3] is large enough.
-	 */
-	high = tmp[3] >> 64;
-	/* As tmp[3] < 2^65, high is either 1 or 0 */
-	high <<= 63;
-	high >>= 63;
-	/*
-	 * high is: all ones   if the high word of tmp[3] is 1 all zeros  if
-	 * the high word of tmp[3] if 0
-	 */
-	low = tmp[3];
-	mask = low >> 63;
-	/*
-	 * mask is: all ones   if the MSB of low is 1 all zeros  if the MSB
-	 * of low if 0
-	 */
-	low &= bottom63bits;
-	low -= kPrime3Test;
-	/* if low was greater than kPrime3Test then the MSB is zero */
-	low = ~low;
-	low >>= 63;
-	/*
-	 * low is: all ones   if low was > kPrime3Test all zeros  if low was
-	 * <= kPrime3Test
-	 */
-	mask = (mask & low) | high;
-	tmp[0] -= mask & kPrime[0];
-	tmp[1] -= mask & kPrime[1];
-	/* kPrime[2] is zero, so omitted */
-	tmp[3] -= mask & kPrime[3];
-	/* tmp[3] < 2**64 - 2**32 + 1 */
-
-	tmp[1] += ((u64) (tmp[0] >> 64));
-	tmp[0] = (u64) tmp[0];
-	tmp[2] += ((u64) (tmp[1] >> 64));
-	tmp[1] = (u64) tmp[1];
-	tmp[3] += ((u64) (tmp[2] >> 64));
-	tmp[2] = (u64) tmp[2];
-	/* tmp[i] < 2^64 */
-
-	out[0] = tmp[0];
-	out[1] = tmp[1];
-	out[2] = tmp[2];
-	out[3] = tmp[3];
-}
-
-/* smallfelem_expand converts a smallfelem to an felem */
-static void 
-smallfelem_expand(felem out, const smallfelem in)
-{
-	out[0] = in[0];
-	out[1] = in[1];
-	out[2] = in[2];
-	out[3] = in[3];
-}
-
-/* smallfelem_square sets |out| = |small|^2
- * On entry:
- *   small[i] < 2^64
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void 
-smallfelem_square(longfelem out, const smallfelem small)
-{
-	limb a;
-	u64 high, low;
-
-	a = ((uint128_t) small[0]) * small[0];
-	low = a;
-	high = a >> 64;
-	out[0] = low;
-	out[1] = high;
-
-	a = ((uint128_t) small[0]) * small[1];
-	low = a;
-	high = a >> 64;
-	out[1] += low;
-	out[1] += low;
-	out[2] = high;
-
-	a = ((uint128_t) small[0]) * small[2];
-	low = a;
-	high = a >> 64;
-	out[2] += low;
-	out[2] *= 2;
-	out[3] = high;
-
-	a = ((uint128_t) small[0]) * small[3];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[4] = high;
-
-	a = ((uint128_t) small[1]) * small[2];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[3] *= 2;
-	out[4] += high;
-
-	a = ((uint128_t) small[1]) * small[1];
-	low = a;
-	high = a >> 64;
-	out[2] += low;
-	out[3] += high;
-
-	a = ((uint128_t) small[1]) * small[3];
-	low = a;
-	high = a >> 64;
-	out[4] += low;
-	out[4] *= 2;
-	out[5] = high;
-
-	a = ((uint128_t) small[2]) * small[3];
-	low = a;
-	high = a >> 64;
-	out[5] += low;
-	out[5] *= 2;
-	out[6] = high;
-	out[6] += high;
-
-	a = ((uint128_t) small[2]) * small[2];
-	low = a;
-	high = a >> 64;
-	out[4] += low;
-	out[5] += high;
-
-	a = ((uint128_t) small[3]) * small[3];
-	low = a;
-	high = a >> 64;
-	out[6] += low;
-	out[7] = high;
-}
-
-/* felem_square sets |out| = |in|^2
- * On entry:
- *   in[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void 
-felem_square(longfelem out, const felem in)
-{
-	u64 small[4];
-	felem_shrink(small, in);
-	smallfelem_square(out, small);
-}
-
-/* smallfelem_mul sets |out| = |small1| * |small2|
- * On entry:
- *   small1[i] < 2^64
- *   small2[i] < 2^64
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void 
-smallfelem_mul(longfelem out, const smallfelem small1, const smallfelem small2)
-{
-	limb a;
-	u64 high, low;
-
-	a = ((uint128_t) small1[0]) * small2[0];
-	low = a;
-	high = a >> 64;
-	out[0] = low;
-	out[1] = high;
-
-
-	a = ((uint128_t) small1[0]) * small2[1];
-	low = a;
-	high = a >> 64;
-	out[1] += low;
-	out[2] = high;
-
-	a = ((uint128_t) small1[1]) * small2[0];
-	low = a;
-	high = a >> 64;
-	out[1] += low;
-	out[2] += high;
-
-
-	a = ((uint128_t) small1[0]) * small2[2];
-	low = a;
-	high = a >> 64;
-	out[2] += low;
-	out[3] = high;
-
-	a = ((uint128_t) small1[1]) * small2[1];
-	low = a;
-	high = a >> 64;
-	out[2] += low;
-	out[3] += high;
-
-	a = ((uint128_t) small1[2]) * small2[0];
-	low = a;
-	high = a >> 64;
-	out[2] += low;
-	out[3] += high;
-
-
-	a = ((uint128_t) small1[0]) * small2[3];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[4] = high;
-
-	a = ((uint128_t) small1[1]) * small2[2];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[4] += high;
-
-	a = ((uint128_t) small1[2]) * small2[1];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[4] += high;
-
-	a = ((uint128_t) small1[3]) * small2[0];
-	low = a;
-	high = a >> 64;
-	out[3] += low;
-	out[4] += high;
-
-
-	a = ((uint128_t) small1[1]) * small2[3];
-	low = a;
-	high = a >> 64;
-	out[4] += low;
-	out[5] = high;
-
-	a = ((uint128_t) small1[2]) * small2[2];
-	low = a;
-	high = a >> 64;
-	out[4] += low;
-	out[5] += high;
-
-	a = ((uint128_t) small1[3]) * small2[1];
-	low = a;
-	high = a >> 64;
-	out[4] += low;
-	out[5] += high;
-
-
-	a = ((uint128_t) small1[2]) * small2[3];
-	low = a;
-	high = a >> 64;
-	out[5] += low;
-	out[6] = high;
-
-	a = ((uint128_t) small1[3]) * small2[2];
-	low = a;
-	high = a >> 64;
-	out[5] += low;
-	out[6] += high;
-
-
-	a = ((uint128_t) small1[3]) * small2[3];
-	low = a;
-	high = a >> 64;
-	out[6] += low;
-	out[7] = high;
-}
-
-/* felem_mul sets |out| = |in1| * |in2|
- * On entry:
- *   in1[i] < 2^109
- *   in2[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void 
-felem_mul(longfelem out, const felem in1, const felem in2)
-{
-	smallfelem small1, small2;
-	felem_shrink(small1, in1);
-	felem_shrink(small2, in2);
-	smallfelem_mul(out, small1, small2);
-}
-
-/* felem_small_mul sets |out| = |small1| * |in2|
- * On entry:
- *   small1[i] < 2^64
- *   in2[i] < 2^109
- * On exit:
- *   out[i] < 7 * 2^64 < 2^67
- */
-static void 
-felem_small_mul(longfelem out, const smallfelem small1, const felem in2)
-{
-	smallfelem small2;
-	felem_shrink(small2, in2);
-	smallfelem_mul(out, small1, small2);
-}
-
-#define two100m36m4 (((limb)1) << 100) - (((limb)1) << 36) - (((limb)1) << 4)
-#define two100 (((limb)1) << 100)
-#define two100m36p4 (((limb)1) << 100) - (((limb)1) << 36) + (((limb)1) << 4)
-/* zero100 is 0 mod p */
-static const felem zero100 = {two100m36m4, two100, two100m36p4, two100m36p4};
-
-/* Internal function for the different flavours of felem_reduce.
- * felem_reduce_ reduces the higher coefficients in[4]-in[7].
- * On entry:
- *   out[0] >= in[6] + 2^32*in[6] + in[7] + 2^32*in[7]
- *   out[1] >= in[7] + 2^32*in[4]
- *   out[2] >= in[5] + 2^32*in[5]
- *   out[3] >= in[4] + 2^32*in[5] + 2^32*in[6]
- * On exit:
- *   out[0] <= out[0] + in[4] + 2^32*in[5]
- *   out[1] <= out[1] + in[5] + 2^33*in[6]
- *   out[2] <= out[2] + in[7] + 2*in[6] + 2^33*in[7]
- *   out[3] <= out[3] + 2^32*in[4] + 3*in[7]
- */
-static void 
-felem_reduce_(felem out, const longfelem in)
-{
-	int128_t c;
-	/* combine common terms from below */
-	c = in[4] + (in[5] << 32);
-	out[0] += c;
-	out[3] -= c;
-
-	c = in[5] - in[7];
-	out[1] += c;
-	out[2] -= c;
-
-	/* the remaining terms */
-	/* 256: [(0,1),(96,-1),(192,-1),(224,1)] */
-	out[1] -= (in[4] << 32);
-	out[3] += (in[4] << 32);
-
-	/* 320: [(32,1),(64,1),(128,-1),(160,-1),(224,-1)] */
-	out[2] -= (in[5] << 32);
-
-	/* 384: [(0,-1),(32,-1),(96,2),(128,2),(224,-1)] */
-	out[0] -= in[6];
-	out[0] -= (in[6] << 32);
-	out[1] += (in[6] << 33);
-	out[2] += (in[6] * 2);
-	out[3] -= (in[6] << 32);
-
-	/* 448: [(0,-1),(32,-1),(64,-1),(128,1),(160,2),(192,3)] */
-	out[0] -= in[7];
-	out[0] -= (in[7] << 32);
-	out[2] += (in[7] << 33);
-	out[3] += (in[7] * 3);
-}
-
-/* felem_reduce converts a longfelem into an felem.
- * To be called directly after felem_square or felem_mul.
- * On entry:
- *   in[0] < 2^64, in[1] < 3*2^64, in[2] < 5*2^64, in[3] < 7*2^64
- *   in[4] < 7*2^64, in[5] < 5*2^64, in[6] < 3*2^64, in[7] < 2*64
- * On exit:
- *   out[i] < 2^101
- */
-static void 
-felem_reduce(felem out, const longfelem in)
-{
-	out[0] = zero100[0] + in[0];
-	out[1] = zero100[1] + in[1];
-	out[2] = zero100[2] + in[2];
-	out[3] = zero100[3] + in[3];
-
-	felem_reduce_(out, in);
-
-	/*
-	 * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
-	 * out[1] > 2^100 - 2^64 - 7*2^96 > 0 out[2] > 2^100 - 2^36 + 2^4 -
-	 * 5*2^64 - 5*2^96 > 0 out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96
-	 * - 3*2^96 > 0
-	 * 
-	 * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101 out[1] < 2^100 +
-	 * 3*2^64 + 5*2^64 + 3*2^97 < 2^101 out[2] < 2^100 + 5*2^64 + 2^64 +
-	 * 3*2^65 + 2^97 < 2^101 out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 <
-	 * 2^101
-	 */
-}
-
-/* felem_reduce_zero105 converts a larger longfelem into an felem.
- * On entry:
- *   in[0] < 2^71
- * On exit:
- *   out[i] < 2^106
- */
-static void 
-felem_reduce_zero105(felem out, const longfelem in)
-{
-	out[0] = zero105[0] + in[0];
-	out[1] = zero105[1] + in[1];
-	out[2] = zero105[2] + in[2];
-	out[3] = zero105[3] + in[3];
-
-	felem_reduce_(out, in);
-
-	/*
-	 * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
-	 * out[1] > 2^105 - 2^71 - 2^103 > 0 out[2] > 2^105 - 2^41 + 2^9 -
-	 * 2^71 - 2^103 > 0 out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 -
-	 * 2^103 > 0
-	 * 
-	 * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106 out[1] < 2^105 + 2^71 +
-	 * 2^71 + 2^103 < 2^106 out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 <
-	 * 2^106 out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
-	 */
-}
-
-/* subtract_u64 sets *result = *result - v and *carry to one if the subtraction
- * underflowed. */
-static void 
-subtract_u64(u64 * result, u64 * carry, u64 v)
-{
-	uint128_t r = *result;
-	r -= v;
-	*carry = (r >> 64) & 1;
-	*result = (u64) r;
-}
-
-/* felem_contract converts |in| to its unique, minimal representation.
- * On entry:
- *   in[i] < 2^109
- */
-static void 
-felem_contract(smallfelem out, const felem in)
-{
-	unsigned i;
-	u64 all_equal_so_far = 0, result = 0, carry;
-
-	felem_shrink(out, in);
-	/* small is minimal except that the value might be > p */
-
-	all_equal_so_far--;
-	/*
-	 * We are doing a constant time test if out >= kPrime. We need to
-	 * compare each u64, from most-significant to least significant. For
-	 * each one, if all words so far have been equal (m is all ones) then
-	 * a non-equal result is the answer. Otherwise we continue.
-	 */
-	for (i = 3; i < 4; i--) {
-		u64 equal;
-		uint128_t a = ((uint128_t) kPrime[i]) - out[i];
-		/*
-		 * if out[i] > kPrime[i] then a will underflow and the high
-		 * 64-bits will all be set.
-		 */
-		result |= all_equal_so_far & ((u64) (a >> 64));
-
-		/*
-		 * if kPrime[i] == out[i] then |equal| will be all zeros and
-		 * the decrement will make it all ones.
-		 */
-		equal = kPrime[i] ^ out[i];
-		equal--;
-		equal &= equal << 32;
-		equal &= equal << 16;
-		equal &= equal << 8;
-		equal &= equal << 4;
-		equal &= equal << 2;
-		equal &= equal << 1;
-		equal = ((s64) equal) >> 63;
-
-		all_equal_so_far &= equal;
-	}
-
-	/*
-	 * if all_equal_so_far is still all ones then the two values are
-	 * equal and so out >= kPrime is true.
-	 */
-	result |= all_equal_so_far;
-
-	/* if out >= kPrime then we subtract kPrime. */
-	subtract_u64(&out[0], &carry, result & kPrime[0]);
-	subtract_u64(&out[1], &carry, carry);
-	subtract_u64(&out[2], &carry, carry);
-	subtract_u64(&out[3], &carry, carry);
-
-	subtract_u64(&out[1], &carry, result & kPrime[1]);
-	subtract_u64(&out[2], &carry, carry);
-	subtract_u64(&out[3], &carry, carry);
-
-	subtract_u64(&out[2], &carry, result & kPrime[2]);
-	subtract_u64(&out[3], &carry, carry);
-
-	subtract_u64(&out[3], &carry, result & kPrime[3]);
-}
-
-static void 
-smallfelem_square_contract(smallfelem out, const smallfelem in)
-{
-	longfelem longtmp;
-	felem tmp;
-
-	smallfelem_square(longtmp, in);
-	felem_reduce(tmp, longtmp);
-	felem_contract(out, tmp);
-}
-
-static void 
-smallfelem_mul_contract(smallfelem out, const smallfelem in1, const smallfelem in2)
-{
-	longfelem longtmp;
-	felem tmp;
-
-	smallfelem_mul(longtmp, in1, in2);
-	felem_reduce(tmp, longtmp);
-	felem_contract(out, tmp);
-}
-
-/* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
- * otherwise.
- * On entry:
- *   small[i] < 2^64
- */
-static limb 
-smallfelem_is_zero(const smallfelem small)
-{
-	limb result;
-	u64 is_p;
-
-	u64 is_zero = small[0] | small[1] | small[2] | small[3];
-	is_zero--;
-	is_zero &= is_zero << 32;
-	is_zero &= is_zero << 16;
-	is_zero &= is_zero << 8;
-	is_zero &= is_zero << 4;
-	is_zero &= is_zero << 2;
-	is_zero &= is_zero << 1;
-	is_zero = ((s64) is_zero) >> 63;
-
-	is_p = (small[0] ^ kPrime[0]) |
-	    (small[1] ^ kPrime[1]) |
-	    (small[2] ^ kPrime[2]) |
-	    (small[3] ^ kPrime[3]);
-	is_p--;
-	is_p &= is_p << 32;
-	is_p &= is_p << 16;
-	is_p &= is_p << 8;
-	is_p &= is_p << 4;
-	is_p &= is_p << 2;
-	is_p &= is_p << 1;
-	is_p = ((s64) is_p) >> 63;
-
-	is_zero |= is_p;
-
-	result = is_zero;
-	result |= ((limb) is_zero) << 64;
-	return result;
-}
-
-static int 
-smallfelem_is_zero_int(const smallfelem small)
-{
-	return (int) (smallfelem_is_zero(small) & ((limb) 1));
-}
-
-/* felem_inv calculates |out| = |in|^{-1}
- *
- * Based on Fermat's Little Theorem:
- *   a^p = a (mod p)
- *   a^{p-1} = 1 (mod p)
- *   a^{p-2} = a^{-1} (mod p)
- */
-static void 
-felem_inv(felem out, const felem in)
-{
-	felem ftmp, ftmp2;
-	/* each e_I will hold |in|^{2^I - 1} */
-	felem e2, e4, e8, e16, e32, e64;
-	longfelem tmp;
-	unsigned i;
-
-	felem_square(tmp, in);
-	felem_reduce(ftmp, tmp);/* 2^1 */
-	felem_mul(tmp, in, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^2 - 2^0 */
-	felem_assign(e2, ftmp);
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^3 - 2^1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^4 - 2^2 */
-	felem_mul(tmp, ftmp, e2);
-	felem_reduce(ftmp, tmp);/* 2^4 - 2^0 */
-	felem_assign(e4, ftmp);
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^5 - 2^1 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^6 - 2^2 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^7 - 2^3 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^8 - 2^4 */
-	felem_mul(tmp, ftmp, e4);
-	felem_reduce(ftmp, tmp);/* 2^8 - 2^0 */
-	felem_assign(e8, ftmp);
-	for (i = 0; i < 8; i++) {
-		felem_square(tmp, ftmp);
-		felem_reduce(ftmp, tmp);
-	}			/* 2^16 - 2^8 */
-	felem_mul(tmp, ftmp, e8);
-	felem_reduce(ftmp, tmp);/* 2^16 - 2^0 */
-	felem_assign(e16, ftmp);
-	for (i = 0; i < 16; i++) {
-		felem_square(tmp, ftmp);
-		felem_reduce(ftmp, tmp);
-	}			/* 2^32 - 2^16 */
-	felem_mul(tmp, ftmp, e16);
-	felem_reduce(ftmp, tmp);/* 2^32 - 2^0 */
-	felem_assign(e32, ftmp);
-	for (i = 0; i < 32; i++) {
-		felem_square(tmp, ftmp);
-		felem_reduce(ftmp, tmp);
-	}			/* 2^64 - 2^32 */
-	felem_assign(e64, ftmp);
-	felem_mul(tmp, ftmp, in);
-	felem_reduce(ftmp, tmp);/* 2^64 - 2^32 + 2^0 */
-	for (i = 0; i < 192; i++) {
-		felem_square(tmp, ftmp);
-		felem_reduce(ftmp, tmp);
-	}			/* 2^256 - 2^224 + 2^192 */
-
-	felem_mul(tmp, e64, e32);
-	felem_reduce(ftmp2, tmp);	/* 2^64 - 2^0 */
-	for (i = 0; i < 16; i++) {
-		felem_square(tmp, ftmp2);
-		felem_reduce(ftmp2, tmp);
-	}			/* 2^80 - 2^16 */
-	felem_mul(tmp, ftmp2, e16);
-	felem_reduce(ftmp2, tmp);	/* 2^80 - 2^0 */
-	for (i = 0; i < 8; i++) {
-		felem_square(tmp, ftmp2);
-		felem_reduce(ftmp2, tmp);
-	}			/* 2^88 - 2^8 */
-	felem_mul(tmp, ftmp2, e8);
-	felem_reduce(ftmp2, tmp);	/* 2^88 - 2^0 */
-	for (i = 0; i < 4; i++) {
-		felem_square(tmp, ftmp2);
-		felem_reduce(ftmp2, tmp);
-	}			/* 2^92 - 2^4 */
-	felem_mul(tmp, ftmp2, e4);
-	felem_reduce(ftmp2, tmp);	/* 2^92 - 2^0 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^93 - 2^1 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^94 - 2^2 */
-	felem_mul(tmp, ftmp2, e2);
-	felem_reduce(ftmp2, tmp);	/* 2^94 - 2^0 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^95 - 2^1 */
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp2, tmp);	/* 2^96 - 2^2 */
-	felem_mul(tmp, ftmp2, in);
-	felem_reduce(ftmp2, tmp);	/* 2^96 - 3 */
-
-	felem_mul(tmp, ftmp2, ftmp);
-	felem_reduce(out, tmp);	/* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
-}
-
-static void 
-smallfelem_inv_contract(smallfelem out, const smallfelem in)
-{
-	felem tmp;
-
-	smallfelem_expand(tmp, in);
-	felem_inv(tmp, tmp);
-	felem_contract(out, tmp);
-}
-
-/* Group operations
- * ----------------
- *
- * Building on top of the field operations we have the operations on the
- * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates */
-
-/* point_double calculates 2*(x_in, y_in, z_in)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
- *
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested). */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-    const felem x_in, const felem y_in, const felem z_in)
-{
-	longfelem tmp, tmp2;
-	felem delta, gamma, beta, alpha, ftmp, ftmp2;
-	smallfelem small1, small2;
-
-	felem_assign(ftmp, x_in);
-	/* ftmp[i] < 2^106 */
-	felem_assign(ftmp2, x_in);
-	/* ftmp2[i] < 2^106 */
-
-	/* delta = z^2 */
-	felem_square(tmp, z_in);
-	felem_reduce(delta, tmp);
-	/* delta[i] < 2^101 */
-
-	/* gamma = y^2 */
-	felem_square(tmp, y_in);
-	felem_reduce(gamma, tmp);
-	/* gamma[i] < 2^101 */
-	felem_shrink(small1, gamma);
-
-	/* beta = x*gamma */
-	felem_small_mul(tmp, small1, x_in);
-	felem_reduce(beta, tmp);
-	/* beta[i] < 2^101 */
-
-	/* alpha = 3*(x-delta)*(x+delta) */
-	felem_diff(ftmp, delta);
-	/* ftmp[i] < 2^105 + 2^106 < 2^107 */
-	felem_sum(ftmp2, delta);
-	/* ftmp2[i] < 2^105 + 2^106 < 2^107 */
-	felem_scalar(ftmp2, 3);
-	/* ftmp2[i] < 3 * 2^107 < 2^109 */
-	felem_mul(tmp, ftmp, ftmp2);
-	felem_reduce(alpha, tmp);
-	/* alpha[i] < 2^101 */
-	felem_shrink(small2, alpha);
-
-	/* x' = alpha^2 - 8*beta */
-	smallfelem_square(tmp, small2);
-	felem_reduce(x_out, tmp);
-	felem_assign(ftmp, beta);
-	felem_scalar(ftmp, 8);
-	/* ftmp[i] < 8 * 2^101 = 2^104 */
-	felem_diff(x_out, ftmp);
-	/* x_out[i] < 2^105 + 2^101 < 2^106 */
-
-	/* z' = (y + z)^2 - gamma - delta */
-	felem_sum(delta, gamma);
-	/* delta[i] < 2^101 + 2^101 = 2^102 */
-	felem_assign(ftmp, y_in);
-	felem_sum(ftmp, z_in);
-	/* ftmp[i] < 2^106 + 2^106 = 2^107 */
-	felem_square(tmp, ftmp);
-	felem_reduce(z_out, tmp);
-	felem_diff(z_out, delta);
-	/* z_out[i] < 2^105 + 2^101 < 2^106 */
-
-	/* y' = alpha*(4*beta - x') - 8*gamma^2 */
-	felem_scalar(beta, 4);
-	/* beta[i] < 4 * 2^101 = 2^103 */
-	felem_diff_zero107(beta, x_out);
-	/* beta[i] < 2^107 + 2^103 < 2^108 */
-	felem_small_mul(tmp, small2, beta);
-	/* tmp[i] < 7 * 2^64 < 2^67 */
-	smallfelem_square(tmp2, small1);
-	/* tmp2[i] < 7 * 2^64 */
-	longfelem_scalar(tmp2, 8);
-	/* tmp2[i] < 8 * 7 * 2^64 = 7 * 2^67 */
-	longfelem_diff(tmp, tmp2);
-	/* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
-	felem_reduce_zero105(y_out, tmp);
-	/* y_out[i] < 2^106 */
-}
-
-/* point_double_small is the same as point_double, except that it operates on
- * smallfelems */
-static void
-point_double_small(smallfelem x_out, smallfelem y_out, smallfelem z_out,
-    const smallfelem x_in, const smallfelem y_in, const smallfelem z_in)
-{
-	felem felem_x_out, felem_y_out, felem_z_out;
-	felem felem_x_in, felem_y_in, felem_z_in;
-
-	smallfelem_expand(felem_x_in, x_in);
-	smallfelem_expand(felem_y_in, y_in);
-	smallfelem_expand(felem_z_in, z_in);
-	point_double(felem_x_out, felem_y_out, felem_z_out,
-	    felem_x_in, felem_y_in, felem_z_in);
-	felem_shrink(x_out, felem_x_out);
-	felem_shrink(y_out, felem_y_out);
-	felem_shrink(z_out, felem_z_out);
-}
-
-/* copy_conditional copies in to out iff mask is all ones. */
-static void
-copy_conditional(felem out, const felem in, limb mask)
-{
-	unsigned i;
-	for (i = 0; i < NLIMBS; ++i) {
-		const limb tmp = mask & (in[i] ^ out[i]);
-		out[i] ^= tmp;
-	}
-}
-
-/* copy_small_conditional copies in to out iff mask is all ones. */
-static void
-copy_small_conditional(felem out, const smallfelem in, limb mask)
-{
-	unsigned i;
-	const u64 mask64 = mask;
-	for (i = 0; i < NLIMBS; ++i) {
-		out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask);
-	}
-}
-
-/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
- * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
- *
- * This function includes a branch for checking whether the two input points
- * are equal, (while not equal to the point at infinity). This case never
- * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing. */
-static void 
-point_add(felem x3, felem y3, felem z3,
-    const felem x1, const felem y1, const felem z1,
-    const int mixed, const smallfelem x2, const smallfelem y2, const smallfelem z2)
-{
-	felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
-	longfelem tmp, tmp2;
-	smallfelem small1, small2, small3, small4, small5;
-	limb x_equal, y_equal, z1_is_zero, z2_is_zero;
-
-	felem_shrink(small3, z1);
-
-	z1_is_zero = smallfelem_is_zero(small3);
-	z2_is_zero = smallfelem_is_zero(z2);
-
-	/* ftmp = z1z1 = z1**2 */
-	smallfelem_square(tmp, small3);
-	felem_reduce(ftmp, tmp);
-	/* ftmp[i] < 2^101 */
-	felem_shrink(small1, ftmp);
-
-	if (!mixed) {
-		/* ftmp2 = z2z2 = z2**2 */
-		smallfelem_square(tmp, z2);
-		felem_reduce(ftmp2, tmp);
-		/* ftmp2[i] < 2^101 */
-		felem_shrink(small2, ftmp2);
-
-		felem_shrink(small5, x1);
-
-		/* u1 = ftmp3 = x1*z2z2 */
-		smallfelem_mul(tmp, small5, small2);
-		felem_reduce(ftmp3, tmp);
-		/* ftmp3[i] < 2^101 */
-
-		/* ftmp5 = z1 + z2 */
-		felem_assign(ftmp5, z1);
-		felem_small_sum(ftmp5, z2);
-		/* ftmp5[i] < 2^107 */
-
-		/* ftmp5 = (z1 + z2)**2 - (z1z1 + z2z2) = 2z1z2 */
-		felem_square(tmp, ftmp5);
-		felem_reduce(ftmp5, tmp);
-		/* ftmp2 = z2z2 + z1z1 */
-		felem_sum(ftmp2, ftmp);
-		/* ftmp2[i] < 2^101 + 2^101 = 2^102 */
-		felem_diff(ftmp5, ftmp2);
-		/* ftmp5[i] < 2^105 + 2^101 < 2^106 */
-
-		/* ftmp2 = z2 * z2z2 */
-		smallfelem_mul(tmp, small2, z2);
-		felem_reduce(ftmp2, tmp);
-
-		/* s1 = ftmp2 = y1 * z2**3 */
-		felem_mul(tmp, y1, ftmp2);
-		felem_reduce(ftmp6, tmp);
-		/* ftmp6[i] < 2^101 */
-	} else {
-		/* We'll assume z2 = 1 (special case z2 = 0 is handled later) */
-
-		/* u1 = ftmp3 = x1*z2z2 */
-		felem_assign(ftmp3, x1);
-		/* ftmp3[i] < 2^106 */
-
-		/* ftmp5 = 2z1z2 */
-		felem_assign(ftmp5, z1);
-		felem_scalar(ftmp5, 2);
-		/* ftmp5[i] < 2*2^106 = 2^107 */
-
-		/* s1 = ftmp2 = y1 * z2**3 */
-		felem_assign(ftmp6, y1);
-		/* ftmp6[i] < 2^106 */
-	}
-
-	/* u2 = x2*z1z1 */
-	smallfelem_mul(tmp, x2, small1);
-	felem_reduce(ftmp4, tmp);
-
-	/* h = ftmp4 = u2 - u1 */
-	felem_diff_zero107(ftmp4, ftmp3);
-	/* ftmp4[i] < 2^107 + 2^101 < 2^108 */
-	felem_shrink(small4, ftmp4);
-
-	x_equal = smallfelem_is_zero(small4);
-
-	/* z_out = ftmp5 * h */
-	felem_small_mul(tmp, small4, ftmp5);
-	felem_reduce(z_out, tmp);
-	/* z_out[i] < 2^101 */
-
-	/* ftmp = z1 * z1z1 */
-	smallfelem_mul(tmp, small1, small3);
-	felem_reduce(ftmp, tmp);
-
-	/* s2 = tmp = y2 * z1**3 */
-	felem_small_mul(tmp, y2, ftmp);
-	felem_reduce(ftmp5, tmp);
-
-	/* r = ftmp5 = (s2 - s1)*2 */
-	felem_diff_zero107(ftmp5, ftmp6);
-	/* ftmp5[i] < 2^107 + 2^107 = 2^108 */
-	felem_scalar(ftmp5, 2);
-	/* ftmp5[i] < 2^109 */
-	felem_shrink(small1, ftmp5);
-	y_equal = smallfelem_is_zero(small1);
-
-	if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-		point_double(x3, y3, z3, x1, y1, z1);
-		return;
-	}
-	/* I = ftmp = (2h)**2 */
-	felem_assign(ftmp, ftmp4);
-	felem_scalar(ftmp, 2);
-	/* ftmp[i] < 2*2^108 = 2^109 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);
-
-	/* J = ftmp2 = h * I */
-	felem_mul(tmp, ftmp4, ftmp);
-	felem_reduce(ftmp2, tmp);
-
-	/* V = ftmp4 = U1 * I */
-	felem_mul(tmp, ftmp3, ftmp);
-	felem_reduce(ftmp4, tmp);
-
-	/* x_out = r**2 - J - 2V */
-	smallfelem_square(tmp, small1);
-	felem_reduce(x_out, tmp);
-	felem_assign(ftmp3, ftmp4);
-	felem_scalar(ftmp4, 2);
-	felem_sum(ftmp4, ftmp2);
-	/* ftmp4[i] < 2*2^101 + 2^101 < 2^103 */
-	felem_diff(x_out, ftmp4);
-	/* x_out[i] < 2^105 + 2^101 */
-
-	/* y_out = r(V-x_out) - 2 * s1 * J */
-	felem_diff_zero107(ftmp3, x_out);
-	/* ftmp3[i] < 2^107 + 2^101 < 2^108 */
-	felem_small_mul(tmp, small1, ftmp3);
-	felem_mul(tmp2, ftmp6, ftmp2);
-	longfelem_scalar(tmp2, 2);
-	/* tmp2[i] < 2*2^67 = 2^68 */
-	longfelem_diff(tmp, tmp2);
-	/* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
-	felem_reduce_zero105(y_out, tmp);
-	/* y_out[i] < 2^106 */
-
-	copy_small_conditional(x_out, x2, z1_is_zero);
-	copy_conditional(x_out, x1, z2_is_zero);
-	copy_small_conditional(y_out, y2, z1_is_zero);
-	copy_conditional(y_out, y1, z2_is_zero);
-	copy_small_conditional(z_out, z2, z1_is_zero);
-	copy_conditional(z_out, z1, z2_is_zero);
-	felem_assign(x3, x_out);
-	felem_assign(y3, y_out);
-	felem_assign(z3, z_out);
-}
-
-/* point_add_small is the same as point_add, except that it operates on
- * smallfelems */
-static void 
-point_add_small(smallfelem x3, smallfelem y3, smallfelem z3,
-    smallfelem x1, smallfelem y1, smallfelem z1,
-    smallfelem x2, smallfelem y2, smallfelem z2)
-{
-	felem felem_x3, felem_y3, felem_z3;
-	felem felem_x1, felem_y1, felem_z1;
-	smallfelem_expand(felem_x1, x1);
-	smallfelem_expand(felem_y1, y1);
-	smallfelem_expand(felem_z1, z1);
-	point_add(felem_x3, felem_y3, felem_z3, felem_x1, felem_y1, felem_z1, 0, x2, y2, z2);
-	felem_shrink(x3, felem_x3);
-	felem_shrink(y3, felem_y3);
-	felem_shrink(z3, felem_z3);
-}
-
-/* Base point pre computation
- * --------------------------
- *
- * Two different sorts of precomputed tables are used in the following code.
- * Each contain various points on the curve, where each point is three field
- * elements (x, y, z).
- *
- * For the base point table, z is usually 1 (0 for the point at infinity).
- * This table has 2 * 16 elements, starting with the following:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^64G
- *     3 | 0 0 1 1 | (2^64 + 1)G
- *     4 | 0 1 0 0 | 2^128G
- *     5 | 0 1 0 1 | (2^128 + 1)G
- *     6 | 0 1 1 0 | (2^128 + 2^64)G
- *     7 | 0 1 1 1 | (2^128 + 2^64 + 1)G
- *     8 | 1 0 0 0 | 2^192G
- *     9 | 1 0 0 1 | (2^192 + 1)G
- *    10 | 1 0 1 0 | (2^192 + 2^64)G
- *    11 | 1 0 1 1 | (2^192 + 2^64 + 1)G
- *    12 | 1 1 0 0 | (2^192 + 2^128)G
- *    13 | 1 1 0 1 | (2^192 + 2^128 + 1)G
- *    14 | 1 1 1 0 | (2^192 + 2^128 + 2^64)G
- *    15 | 1 1 1 1 | (2^192 + 2^128 + 2^64 + 1)G
- * followed by a copy of this with each element multiplied by 2^32.
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point,
- * and then another four locations using the second 16 elements.
- *
- * Tables for other points have table[i] = iG for i in 0 .. 16. */
-
-/* gmul is the table of precomputed base points */
-static const smallfelem gmul[2][16][3] =
-{{{{0, 0, 0, 0},
-{0, 0, 0, 0},
-{0, 0, 0, 0}},
-{{0xf4a13945d898c296, 0x77037d812deb33a0, 0xf8bce6e563a440f2, 0x6b17d1f2e12c4247},
-{0xcbb6406837bf51f5, 0x2bce33576b315ece, 0x8ee7eb4a7c0f9e16, 0x4fe342e2fe1a7f9b},
-{1, 0, 0, 0}},
-{{0x90e75cb48e14db63, 0x29493baaad651f7e, 0x8492592e326e25de, 0x0fa822bc2811aaa5},
-{0xe41124545f462ee7, 0x34b1a65050fe82f5, 0x6f4ad4bcb3df188b, 0xbff44ae8f5dba80d},
-{1, 0, 0, 0}},
-{{0x93391ce2097992af, 0xe96c98fd0d35f1fa, 0xb257c0de95e02789, 0x300a4bbc89d6726f},
-{0xaa54a291c08127a0, 0x5bb1eeada9d806a5, 0x7f1ddb25ff1e3c6f, 0x72aac7e0d09b4644},
-{1, 0, 0, 0}},
-{{0x57c84fc9d789bd85, 0xfc35ff7dc297eac3, 0xfb982fd588c6766e, 0x447d739beedb5e67},
-{0x0c7e33c972e25b32, 0x3d349b95a7fae500, 0xe12e9d953a4aaff7, 0x2d4825ab834131ee},
-{1, 0, 0, 0}},
-{{0x13949c932a1d367f, 0xef7fbd2b1a0a11b7, 0xddc6068bb91dfc60, 0xef9519328a9c72ff},
-{0x196035a77376d8a8, 0x23183b0895ca1740, 0xc1ee9807022c219c, 0x611e9fc37dbb2c9b},
-{1, 0, 0, 0}},
-{{0xcae2b1920b57f4bc, 0x2936df5ec6c9bc36, 0x7dea6482e11238bf, 0x550663797b51f5d8},
-{0x44ffe216348a964c, 0x9fb3d576dbdefbe1, 0x0afa40018d9d50e5, 0x157164848aecb851},
-{1, 0, 0, 0}},
-{{0xe48ecafffc5cde01, 0x7ccd84e70d715f26, 0xa2e8f483f43e4391, 0xeb5d7745b21141ea},
-{0xcac917e2731a3479, 0x85f22cfe2844b645, 0x0990e6a158006cee, 0xeafd72ebdbecc17b},
-{1, 0, 0, 0}},
-{{0x6cf20ffb313728be, 0x96439591a3c6b94a, 0x2736ff8344315fc5, 0xa6d39677a7849276},
-{0xf2bab833c357f5f4, 0x824a920c2284059b, 0x66b8babd2d27ecdf, 0x674f84749b0b8816},
-{1, 0, 0, 0}},
-{{0x2df48c04677c8a3e, 0x74e02f080203a56b, 0x31855f7db8c7fedb, 0x4e769e7672c9ddad},
-{0xa4c36165b824bbb0, 0xfb9ae16f3b9122a5, 0x1ec0057206947281, 0x42b99082de830663},
-{1, 0, 0, 0}},
-{{0x6ef95150dda868b9, 0xd1f89e799c0ce131, 0x7fdc1ca008a1c478, 0x78878ef61c6ce04d},
-{0x9c62b9121fe0d976, 0x6ace570ebde08d4f, 0xde53142c12309def, 0xb6cb3f5d7b72c321},
-{1, 0, 0, 0}},
-{{0x7f991ed2c31a3573, 0x5b82dd5bd54fb496, 0x595c5220812ffcae, 0x0c88bc4d716b1287},
-{0x3a57bf635f48aca8, 0x7c8181f4df2564f3, 0x18d1b5b39c04e6aa, 0xdd5ddea3f3901dc6},
-{1, 0, 0, 0}},
-{{0xe96a79fb3e72ad0c, 0x43a0a28c42ba792f, 0xefe0a423083e49f3, 0x68f344af6b317466},
-{0xcdfe17db3fb24d4a, 0x668bfc2271f5c626, 0x604ed93c24d67ff3, 0x31b9c405f8540a20},
-{1, 0, 0, 0}},
-{{0xd36b4789a2582e7f, 0x0d1a10144ec39c28, 0x663c62c3edbad7a0, 0x4052bf4b6f461db9},
-{0x235a27c3188d25eb, 0xe724f33999bfcc5b, 0x862be6bd71d70cc8, 0xfecf4d5190b0fc61},
-{1, 0, 0, 0}},
-{{0x74346c10a1d4cfac, 0xafdf5cc08526a7a4, 0x123202a8f62bff7a, 0x1eddbae2c802e41a},
-{0x8fa0af2dd603f844, 0x36e06b7e4c701917, 0x0c45f45273db33a0, 0x43104d86560ebcfc},
-{1, 0, 0, 0}},
-{{0x9615b5110d1d78e5, 0x66b0de3225c4744b, 0x0a4a46fb6aaf363a, 0xb48e26b484f7a21c},
-{0x06ebb0f621a01b2d, 0xc004e4048b7b0f98, 0x64131bcdfed6f668, 0xfac015404d4d3dab},
-{1, 0, 0, 0}}},
-{{{0, 0, 0, 0},
-{0, 0, 0, 0},
-{0, 0, 0, 0}},
-{{0x3a5a9e22185a5943, 0x1ab919365c65dfb6, 0x21656b32262c71da, 0x7fe36b40af22af89},
-{0xd50d152c699ca101, 0x74b3d5867b8af212, 0x9f09f40407dca6f1, 0xe697d45825b63624},
-{1, 0, 0, 0}},
-{{0xa84aa9397512218e, 0xe9a521b074ca0141, 0x57880b3a18a2e902, 0x4a5b506612a677a6},
-{0x0beada7a4c4f3840, 0x626db15419e26d9d, 0xc42604fbe1627d40, 0xeb13461ceac089f1},
-{1, 0, 0, 0}},
-{{0xf9faed0927a43281, 0x5e52c4144103ecbc, 0xc342967aa815c857, 0x0781b8291c6a220a},
-{0x5a8343ceeac55f80, 0x88f80eeee54a05e3, 0x97b2a14f12916434, 0x690cde8df0151593},
-{1, 0, 0, 0}},
-{{0xaee9c75df7f82f2a, 0x9e4c35874afdf43a, 0xf5622df437371326, 0x8a535f566ec73617},
-{0xc5f9a0ac223094b7, 0xcde533864c8c7669, 0x37e02819085a92bf, 0x0455c08468b08bd7},
-{1, 0, 0, 0}},
-{{0x0c0a6e2c9477b5d9, 0xf9a4bf62876dc444, 0x5050a949b6cdc279, 0x06bada7ab77f8276},
-{0xc8b4aed1ea48dac9, 0xdebd8a4b7ea1070f, 0x427d49101366eb70, 0x5b476dfd0e6cb18a},
-{1, 0, 0, 0}},
-{{0x7c5c3e44278c340a, 0x4d54606812d66f3b, 0x29a751b1ae23c5d8, 0x3e29864e8a2ec908},
-{0x142d2a6626dbb850, 0xad1744c4765bd780, 0x1f150e68e322d1ed, 0x239b90ea3dc31e7e},
-{1, 0, 0, 0}},
-{{0x78c416527a53322a, 0x305dde6709776f8e, 0xdbcab759f8862ed4, 0x820f4dd949f72ff7},
-{0x6cc544a62b5debd4, 0x75be5d937b4e8cc4, 0x1b481b1b215c14d3, 0x140406ec783a05ec},
-{1, 0, 0, 0}},
-{{0x6a703f10e895df07, 0xfd75f3fa01876bd8, 0xeb5b06e70ce08ffe, 0x68f6b8542783dfee},
-{0x90c76f8a78712655, 0xcf5293d2f310bf7f, 0xfbc8044dfda45028, 0xcbe1feba92e40ce6},
-{1, 0, 0, 0}},
-{{0xe998ceea4396e4c1, 0xfc82ef0b6acea274, 0x230f729f2250e927, 0xd0b2f94d2f420109},
-{0x4305adddb38d4966, 0x10b838f8624c3b45, 0x7db2636658954e7a, 0x971459828b0719e5},
-{1, 0, 0, 0}},
-{{0x4bd6b72623369fc9, 0x57f2929e53d0b876, 0xc2d5cba4f2340687, 0x961610004a866aba},
-{0x49997bcd2e407a5e, 0x69ab197d92ddcb24, 0x2cf1f2438fe5131c, 0x7acb9fadcee75e44},
-{1, 0, 0, 0}},
-{{0x254e839423d2d4c0, 0xf57f0c917aea685b, 0xa60d880f6f75aaea, 0x24eb9acca333bf5b},
-{0xe3de4ccb1cda5dea, 0xfeef9341c51a6b4f, 0x743125f88bac4c4d, 0x69f891c5acd079cc},
-{1, 0, 0, 0}},
-{{0xeee44b35702476b5, 0x7ed031a0e45c2258, 0xb422d1e7bd6f8514, 0xe51f547c5972a107},
-{0xa25bcd6fc9cf343d, 0x8ca922ee097c184e, 0xa62f98b3a9fe9a06, 0x1c309a2b25bb1387},
-{1, 0, 0, 0}},
-{{0x9295dbeb1967c459, 0xb00148833472c98e, 0xc504977708011828, 0x20b87b8aa2c4e503},
-{0x3063175de057c277, 0x1bd539338fe582dd, 0x0d11adef5f69a044, 0xf5c6fa49919776be},
-{1, 0, 0, 0}},
-{{0x8c944e760fd59e11, 0x3876cba1102fad5f, 0xa454c3fad83faa56, 0x1ed7d1b9332010b9},
-{0xa1011a270024b889, 0x05e4d0dcac0cd344, 0x52b520f0eb6a2a24, 0x3a2b03f03217257a},
-{1, 0, 0, 0}},
-{{0xf20fc2afdf1d043d, 0xf330240db58d5a62, 0xfc7d229ca0058c3b, 0x15fee545c78dd9f6},
-{0x501e82885bc98cda, 0x41ef80e5d046ac04, 0x557d9f49461210fb, 0x4ab5b6b2b8753f81},
-{1, 0, 0, 0}}}};
-
-/* select_point selects the |idx|th point from a precomputation table and
- * copies it to out. */
-static void 
-select_point(const u64 idx, unsigned int size, const smallfelem pre_comp[16][3], smallfelem out[3])
-{
-	unsigned i, j;
-	u64 *outlimbs = &out[0][0];
-	memset(outlimbs, 0, 3 * sizeof(smallfelem));
-
-	for (i = 0; i < size; i++) {
-		const u64 *inlimbs = (u64 *) & pre_comp[i][0][0];
-		u64 mask = i ^ idx;
-		mask |= mask >> 4;
-		mask |= mask >> 2;
-		mask |= mask >> 1;
-		mask &= 1;
-		mask--;
-		for (j = 0; j < NLIMBS * 3; j++)
-			outlimbs[j] |= inlimbs[j] & mask;
-	}
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char 
-get_bit(const felem_bytearray in, int i)
-{
-	if ((i < 0) || (i >= 256))
-		return 0;
-	return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/* Interleaved point multiplication using precomputed point multiples:
- * The small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[],
- * the scalars in scalars[]. If g_scalar is non-NULL, we also add this multiple
- * of the generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out */
-static void 
-batch_mul(felem x_out, felem y_out, felem z_out,
-    const felem_bytearray scalars[], const unsigned num_points, const u8 * g_scalar,
-    const int mixed, const smallfelem pre_comp[][17][3], const smallfelem g_pre_comp[2][16][3])
-{
-	int i, skip;
-	unsigned num, gen_mul = (g_scalar != NULL);
-	felem nq[3], ftmp;
-	smallfelem tmp[3];
-	u64 bits;
-	u8 sign, digit;
-
-	/* set nq to the point at infinity */
-	memset(nq, 0, 3 * sizeof(felem));
-
-	/*
-	 * Loop over all scalars msb-to-lsb, interleaving additions of
-	 * multiples of the generator (two in each of the last 32 rounds) and
-	 * additions of other points multiples (every 5th round).
-	 */
-	skip = 1;		/* save two point operations in the first
-				 * round */
-	for (i = (num_points ? 255 : 31); i >= 0; --i) {
-		/* double */
-		if (!skip)
-			point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-		/* add multiples of the generator */
-		if (gen_mul && (i <= 31)) {
-			/* first, look 32 bits upwards */
-			bits = get_bit(g_scalar, i + 224) << 3;
-			bits |= get_bit(g_scalar, i + 160) << 2;
-			bits |= get_bit(g_scalar, i + 96) << 1;
-			bits |= get_bit(g_scalar, i + 32);
-			/* select the point to add, in constant time */
-			select_point(bits, 16, g_pre_comp[1], tmp);
-
-			if (!skip) {
-				point_add(nq[0], nq[1], nq[2],
-				    nq[0], nq[1], nq[2],
-				    1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-			} else {
-				smallfelem_expand(nq[0], tmp[0]);
-				smallfelem_expand(nq[1], tmp[1]);
-				smallfelem_expand(nq[2], tmp[2]);
-				skip = 0;
-			}
-
-			/* second, look at the current position */
-			bits = get_bit(g_scalar, i + 192) << 3;
-			bits |= get_bit(g_scalar, i + 128) << 2;
-			bits |= get_bit(g_scalar, i + 64) << 1;
-			bits |= get_bit(g_scalar, i);
-			/* select the point to add, in constant time */
-			select_point(bits, 16, g_pre_comp[0], tmp);
-			point_add(nq[0], nq[1], nq[2],
-			    nq[0], nq[1], nq[2],
-			    1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-		}
-		/* do other additions every 5 doublings */
-		if (num_points && (i % 5 == 0)) {
-			/* loop over all scalars */
-			for (num = 0; num < num_points; ++num) {
-				bits = get_bit(scalars[num], i + 4) << 5;
-				bits |= get_bit(scalars[num], i + 3) << 4;
-				bits |= get_bit(scalars[num], i + 2) << 3;
-				bits |= get_bit(scalars[num], i + 1) << 2;
-				bits |= get_bit(scalars[num], i) << 1;
-				bits |= get_bit(scalars[num], i - 1);
-				ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-				/*
-				 * select the point to add or subtract, in
-				 * constant time
-				 */
-				select_point(digit, 17, pre_comp[num], tmp);
-				smallfelem_neg(ftmp, tmp[1]);	/* (X, -Y, Z) is the
-								 * negative point */
-				copy_small_conditional(ftmp, tmp[1], (((limb) sign) - 1));
-				felem_contract(tmp[1], ftmp);
-
-				if (!skip) {
-					point_add(nq[0], nq[1], nq[2],
-					    nq[0], nq[1], nq[2],
-					    mixed, tmp[0], tmp[1], tmp[2]);
-				} else {
-					smallfelem_expand(nq[0], tmp[0]);
-					smallfelem_expand(nq[1], tmp[1]);
-					smallfelem_expand(nq[2], tmp[2]);
-					skip = 0;
-				}
-			}
-		}
-	}
-	felem_assign(x_out, nq[0]);
-	felem_assign(y_out, nq[1]);
-	felem_assign(z_out, nq[2]);
-}
-
-/* Precomputation for the group generator. */
-typedef struct {
-	smallfelem g_pre_comp[2][16][3];
-	int references;
-} NISTP256_PRE_COMP;
-
-const EC_METHOD *
-EC_GFp_nistp256_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_nistp256_group_init,
-		.group_finish = ec_GFp_simple_group_finish,
-		.group_clear_finish = ec_GFp_simple_group_clear_finish,
-		.group_copy = ec_GFp_nist_group_copy,
-		.group_set_curve = ec_GFp_nistp256_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GFp_nistp256_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.mul = ec_GFp_nistp256_points_mul,
-		.precompute_mult = ec_GFp_nistp256_precompute_mult,
-		.have_precompute_mult = ec_GFp_nistp256_have_precompute_mult,
-		.field_mul = ec_GFp_nist_field_mul,
-		.field_sqr = ec_GFp_nist_field_sqr
-	};
-
-	return &ret;
-}
-
-/******************************************************************************/
-/*		       FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP256_PRE_COMP *
-nistp256_pre_comp_new()
-{
-	NISTP256_PRE_COMP *ret = NULL;
-	ret = malloc(sizeof *ret);
-	if (!ret) {
-		ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-		return ret;
-	}
-	memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-	ret->references = 1;
-	return ret;
-}
-
-static void *
-nistp256_pre_comp_dup(void *src_)
-{
-	NISTP256_PRE_COMP *src = src_;
-
-	/* no need to actually copy, these objects never change! */
-	CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-	return src_;
-}
-
-static void 
-nistp256_pre_comp_free(void *pre_)
-{
-	int i;
-	NISTP256_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	free(pre);
-}
-
-static void 
-nistp256_pre_comp_clear_free(void *pre_)
-{
-	int i;
-	NISTP256_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	explicit_bzero(pre, sizeof *pre);
-	free(pre);
-}
-
-/******************************************************************************/
-/*			   OPENSSL EC_METHOD FUNCTIONS
- */
-
-int 
-ec_GFp_nistp256_group_init(EC_GROUP * group)
-{
-	int ret;
-	ret = ec_GFp_simple_group_init(group);
-	group->a_is_minus3 = 1;
-	return ret;
-}
-
-int 
-ec_GFp_nistp256_group_set_curve(EC_GROUP * group, const BIGNUM * p,
-    const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *curve_p, *curve_a, *curve_b;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_b = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	BN_bin2bn(nistp256_curve_params[0], sizeof(felem_bytearray), curve_p);
-	BN_bin2bn(nistp256_curve_params[1], sizeof(felem_bytearray), curve_a);
-	BN_bin2bn(nistp256_curve_params[2], sizeof(felem_bytearray), curve_b);
-	if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) ||
-	    (BN_cmp(curve_b, b))) {
-		ECerr(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE,
-		    EC_R_WRONG_CURVE_PARAMETERS);
-		goto err;
-	}
-	group->field_mod_func = BN_nist_mod_256;
-	ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-/* Takes the Jacobian coordinates (X, Y, Z) of a point and returns
- * (X', Y') = (X/Z^2, Y/Z^3) */
-int 
-ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP * group,
-    const EC_POINT * point, BIGNUM * x, BIGNUM * y, BN_CTX * ctx)
-{
-	felem z1, z2, x_in, y_in;
-	smallfelem x_out, y_out;
-	longfelem tmp;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-		    EC_R_POINT_AT_INFINITY);
-		return 0;
-	}
-	if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-	    (!BN_to_felem(z1, &point->Z)))
-		return 0;
-	felem_inv(z2, z1);
-	felem_square(tmp, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, x_in, z1);
-	felem_reduce(x_in, tmp);
-	felem_contract(x_out, x_in);
-	if (x != NULL) {
-		if (!smallfelem_to_BN(x, x_out)) {
-			ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-			    ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	felem_mul(tmp, z1, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, y_in, z1);
-	felem_reduce(y_in, tmp);
-	felem_contract(y_out, y_in);
-	if (y != NULL) {
-		if (!smallfelem_to_BN(y, y_out)) {
-			ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
-			    ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void 
-make_points_affine(size_t num, smallfelem points[ /* num */ ][3], smallfelem tmp_smallfelems[ /* num+1 */ ])
-{
-	/*
-	 * Runs in constant time, unless an input is the point at infinity
-	 * (which normally shouldn't happen).
-	 */
-	ec_GFp_nistp_points_make_affine_internal(
-	    num,
-	    points,
-	    sizeof(smallfelem),
-	    tmp_smallfelems,
-	    (void (*) (void *)) smallfelem_one,
-	    (int (*) (const void *)) smallfelem_is_zero_int,
-	    (void (*) (void *, const void *)) smallfelem_assign,
-	    (void (*) (void *, const void *)) smallfelem_square_contract,
-	    (void (*) (void *, const void *, const void *)) smallfelem_mul_contract,
-	    (void (*) (void *, const void *)) smallfelem_inv_contract,
-	    (void (*) (void *, const void *)) smallfelem_assign /* nothing to contract */ );
-}
-
-/* Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL values
- * Result is stored in r (r can equal one of the inputs). */
-int 
-ec_GFp_nistp256_points_mul(const EC_GROUP * group, EC_POINT * r,
-    const BIGNUM * scalar, size_t num, const EC_POINT * points[],
-    const BIGNUM * scalars[], BN_CTX * ctx)
-{
-	int ret = 0;
-	int j;
-	int mixed = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y, *z, *tmp_scalar;
-	felem_bytearray g_secret;
-	felem_bytearray *secrets = NULL;
-	smallfelem(*pre_comp)[17][3] = NULL;
-	smallfelem *tmp_smallfelems = NULL;
-	felem_bytearray tmp;
-	unsigned i, num_bytes;
-	int have_pre_comp = 0;
-	size_t num_points = num;
-	smallfelem x_in, y_in, z_in;
-	felem x_out, y_out, z_out;
-	NISTP256_PRE_COMP *pre = NULL;
-	const smallfelem(*g_pre_comp)[16][3] = NULL;
-	EC_POINT *generator = NULL;
-	const EC_POINT *p = NULL;
-	const BIGNUM *p_scalar = NULL;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL) ||
-	    ((z = BN_CTX_get(ctx)) == NULL) ||
-	    ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-		goto err;
-
-	if (scalar != NULL) {
-		pre = EC_EX_DATA_get_data(group->extra_data,
-		    nistp256_pre_comp_dup, nistp256_pre_comp_free,
-		    nistp256_pre_comp_clear_free);
-		if (pre)
-			/* we have precomputation, try to use it */
-			g_pre_comp = (const smallfelem(*)[16][3]) pre->g_pre_comp;
-		else
-			/* try to use the standard precomputation */
-			g_pre_comp = &gmul[0];
-		generator = EC_POINT_new(group);
-		if (generator == NULL)
-			goto err;
-		/* get the generator from precomputation */
-		if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) ||
-		    !smallfelem_to_BN(y, g_pre_comp[0][1][1]) ||
-		    !smallfelem_to_BN(z, g_pre_comp[0][1][2])) {
-			ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-			generator, x, y, z, ctx))
-			goto err;
-		if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-			/* precomputation matches generator */
-			have_pre_comp = 1;
-		else
-			/*
-			 * we don't have valid precomputation: treat the
-			 * generator as a random point
-			 */
-			num_points++;
-	}
-	if (num_points > 0) {
-		if (num_points >= 3) {
-			/*
-			 * unless we precompute multiples for just one or two
-			 * points, converting those into affine form is time
-			 * well spent
-			 */
-			mixed = 1;
-		}
-		secrets = calloc(num_points, sizeof(felem_bytearray));
-		pre_comp = calloc(num_points, 17 * 3 * sizeof(smallfelem));
-		if (mixed) {
-			/* XXX should do more int overflow checking */
-			tmp_smallfelems = reallocarray(NULL,
-			    (num_points * 17 + 1), sizeof(smallfelem));
-		}
-		if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_smallfelems == NULL))) {
-			ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/*
-		 * we treat NULL scalars as 0, and NULL points as points at
-		 * infinity, i.e., they contribute nothing to the linear
-		 * combination
-		 */
-		for (i = 0; i < num_points; ++i) {
-			if (i == num)
-				/*
-				 * we didn't have a valid precomputation, so
-				 * we pick the generator
-				 */
-			{
-				p = EC_GROUP_get0_generator(group);
-				p_scalar = scalar;
-			} else
-				/* the i^th point */
-			{
-				p = points[i];
-				p_scalar = scalars[i];
-			}
-			if ((p_scalar != NULL) && (p != NULL)) {
-				/* reduce scalar to 0 <= scalar < 2^256 */
-				if ((BN_num_bits(p_scalar) > 256) || (BN_is_negative(p_scalar))) {
-					/*
-					 * this is an unusual input, and we
-					 * don't guarantee constant-timeness
-					 */
-					if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-						ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-						goto err;
-					}
-					num_bytes = BN_bn2bin(tmp_scalar, tmp);
-				} else
-					num_bytes = BN_bn2bin(p_scalar, tmp);
-				flip_endian(secrets[i], tmp, num_bytes);
-				/* precompute multiples */
-				if ((!BN_to_felem(x_out, &p->X)) ||
-				    (!BN_to_felem(y_out, &p->Y)) ||
-				    (!BN_to_felem(z_out, &p->Z)))
-					goto err;
-				felem_shrink(pre_comp[i][1][0], x_out);
-				felem_shrink(pre_comp[i][1][1], y_out);
-				felem_shrink(pre_comp[i][1][2], z_out);
-				for (j = 2; j <= 16; ++j) {
-					if (j & 1) {
-						point_add_small(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][1][0], pre_comp[i][1][1], pre_comp[i][1][2],
-						    pre_comp[i][j - 1][0], pre_comp[i][j - 1][1], pre_comp[i][j - 1][2]);
-					} else {
-						point_double_small(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][j / 2][0], pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
-					}
-				}
-			}
-		}
-		if (mixed)
-			make_points_affine(num_points * 17, pre_comp[0], tmp_smallfelems);
-	}
-	/* the scalar for the generator */
-	if ((scalar != NULL) && (have_pre_comp)) {
-		memset(g_secret, 0, sizeof(g_secret));
-		/* reduce scalar to 0 <= scalar < 2^256 */
-		if ((BN_num_bits(scalar) > 256) || (BN_is_negative(scalar))) {
-			/*
-			 * this is an unusual input, and we don't guarantee
-			 * constant-timeness
-			 */
-			if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-				ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-				goto err;
-			}
-			num_bytes = BN_bn2bin(tmp_scalar, tmp);
-		} else
-			num_bytes = BN_bn2bin(scalar, tmp);
-		flip_endian(g_secret, tmp, num_bytes);
-		/* do the multiplication with generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    g_secret,
-		    mixed, (const smallfelem(*)[17][3]) pre_comp,
-		    g_pre_comp);
-	} else
-		/* do the multiplication without generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    NULL, mixed, (const smallfelem(*)[17][3]) pre_comp, NULL);
-	/* reduce the output to its unique minimal representation */
-	felem_contract(x_in, x_out);
-	felem_contract(y_in, y_out);
-	felem_contract(z_in, z_out);
-	if ((!smallfelem_to_BN(x, x_in)) || (!smallfelem_to_BN(y, y_in)) ||
-	    (!smallfelem_to_BN(z, z_in))) {
-		ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
-		goto err;
-	}
-	ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	free(secrets);
-	free(pre_comp);
-	free(tmp_smallfelems);
-	return ret;
-}
-
-int 
-ec_GFp_nistp256_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	NISTP256_PRE_COMP *pre = NULL;
-	int i, j;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	EC_POINT *generator = NULL;
-	smallfelem tmp_smallfelems[32];
-	felem x_tmp, y_tmp, z_tmp;
-
-	/* throw away old precomputation */
-	EC_EX_DATA_free_data(&group->extra_data, nistp256_pre_comp_dup,
-	    nistp256_pre_comp_free, nistp256_pre_comp_clear_free);
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	/* get the generator */
-	if (group->generator == NULL)
-		goto err;
-	generator = EC_POINT_new(group);
-	if (generator == NULL)
-		goto err;
-	BN_bin2bn(nistp256_curve_params[3], sizeof(felem_bytearray), x);
-	BN_bin2bn(nistp256_curve_params[4], sizeof(felem_bytearray), y);
-	if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-		goto err;
-	if ((pre = nistp256_pre_comp_new()) == NULL)
-		goto err;
-	/* if the generator is the standard one, use built-in precomputation */
-	if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-		memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-		ret = 1;
-		goto err;
-	}
-	if ((!BN_to_felem(x_tmp, &group->generator->X)) ||
-	    (!BN_to_felem(y_tmp, &group->generator->Y)) ||
-	    (!BN_to_felem(z_tmp, &group->generator->Z)))
-		goto err;
-	felem_shrink(pre->g_pre_comp[0][1][0], x_tmp);
-	felem_shrink(pre->g_pre_comp[0][1][1], y_tmp);
-	felem_shrink(pre->g_pre_comp[0][1][2], z_tmp);
-	/*
-	 * compute 2^64*G, 2^128*G, 2^192*G for the first table, 2^32*G,
-	 * 2^96*G, 2^160*G, 2^224*G for the second one
-	 */
-	for (i = 1; i <= 8; i <<= 1) {
-		point_double_small(
-		    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2],
-		    pre->g_pre_comp[0][i][0], pre->g_pre_comp[0][i][1], pre->g_pre_comp[0][i][2]);
-		for (j = 0; j < 31; ++j) {
-			point_double_small(
-			    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2],
-			    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-		}
-		if (i == 8)
-			break;
-		point_double_small(
-		    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2],
-		    pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
-		for (j = 0; j < 31; ++j) {
-			point_double_small(
-			    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2],
-			    pre->g_pre_comp[0][2 * i][0], pre->g_pre_comp[0][2 * i][1], pre->g_pre_comp[0][2 * i][2]);
-		}
-	}
-	for (i = 0; i < 2; i++) {
-		/* g_pre_comp[i][0] is the point at infinity */
-		memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
-		/* the remaining multiples */
-		/* 2^64*G + 2^128*G resp. 2^96*G + 2^160*G */
-		point_add_small(
-		    pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1], pre->g_pre_comp[i][6][2],
-		    pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
-		    pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1], pre->g_pre_comp[i][2][2]);
-		/* 2^64*G + 2^192*G resp. 2^96*G + 2^224*G */
-		point_add_small(
-		    pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1], pre->g_pre_comp[i][10][2],
-		    pre->g_pre_comp[i][8][0], pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-		    pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1], pre->g_pre_comp[i][2][2]);
-		/* 2^128*G + 2^192*G resp. 2^160*G + 2^224*G */
-		point_add_small(
-		    pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
-		    pre->g_pre_comp[i][8][0], pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
-		    pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2]);
-		/*
-		 * 2^64*G + 2^128*G + 2^192*G resp. 2^96*G + 2^160*G +
-		 * 2^224*G
-		 */
-		point_add_small(
-		    pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1], pre->g_pre_comp[i][14][2],
-		    pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
-		    pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1], pre->g_pre_comp[i][2][2]);
-		for (j = 1; j < 8; ++j) {
-			/* odd multiples: add G resp. 2^32*G */
-			point_add_small(
-			    pre->g_pre_comp[i][2 * j + 1][0], pre->g_pre_comp[i][2 * j + 1][1], pre->g_pre_comp[i][2 * j + 1][2],
-			    pre->g_pre_comp[i][2 * j][0], pre->g_pre_comp[i][2 * j][1], pre->g_pre_comp[i][2 * j][2],
-			    pre->g_pre_comp[i][1][0], pre->g_pre_comp[i][1][1], pre->g_pre_comp[i][1][2]);
-		}
-	}
-	make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_smallfelems);
-
-	if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp256_pre_comp_dup,
-		nistp256_pre_comp_free, nistp256_pre_comp_clear_free))
-		goto err;
-	ret = 1;
-	pre = NULL;
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	nistp256_pre_comp_free(pre);
-	return ret;
-}
-
-int 
-ec_GFp_nistp256_have_precompute_mult(const EC_GROUP * group)
-{
-	if (EC_EX_DATA_get_data(group->extra_data, nistp256_pre_comp_dup,
-		nistp256_pre_comp_free, nistp256_pre_comp_clear_free)
-	    != NULL)
-		return 1;
-	else
-		return 0;
-}
-#endif
diff --git a/lib/libssl/src/crypto/ec/ecp_nistp521.c b/lib/libssl/src/crypto/ec/ecp_nistp521.c
deleted file mode 100644
index cfa13b41f8e..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_nistp521.c
+++ /dev/null
@@ -1,2113 +0,0 @@
-/* $OpenBSD: ecp_nistp521.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Written by Adam Langley (Google) for the OpenSSL project
- */
-/*
- * Copyright (c) 2011 Google Inc.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * A 64-bit implementation of the NIST P-521 elliptic curve point multiplication
- *
- * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
- * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
- * work which got its smarts from Daniel J. Bernstein's work on the same.
- */
-
-#include <stdint.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-#include <openssl/err.h>
-#include "ec_lcl.h"
-
-#if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
-  /* even with gcc, the typedef won't work for 32-bit platforms */
-  typedef __uint128_t uint128_t; /* nonstandard; implemented by gcc on 64-bit platforms */
-#else
-  #error "Need GCC 3.1 or later to define type uint128_t"
-#endif
-
-typedef uint8_t u8;
-typedef uint64_t u64;
-typedef int64_t s64;
-
-/* The underlying field.
- *
- * P521 operates over GF(2^521-1). We can serialise an element of this field
- * into 66 bytes where the most significant byte contains only a single bit. We
- * call this an felem_bytearray. */
-
-typedef u8 felem_bytearray[66];
-
-/* These are the parameters of P521, taken from FIPS 186-3, section D.1.2.5.
- * These values are big-endian. */
-static const felem_bytearray nistp521_curve_params[5] =
-	{
-	{0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,  /* p */
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff},
-	{0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,  /* a = -3 */
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-	 0xff, 0xfc},
-	{0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c,  /* b */
-	 0x9a, 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85,
-	 0x40, 0xee, 0xa2, 0xda, 0x72, 0x5b, 0x99, 0xb3,
-	 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1,
-	 0x09, 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e,
-	 0x93, 0x7b, 0x16, 0x52, 0xc0, 0xbd, 0x3b, 0xb1,
-	 0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c,
-	 0x34, 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50,
-	 0x3f, 0x00},
-	{0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04,  /* x */
-	 0xe9, 0xcd, 0x9e, 0x3e, 0xcb, 0x66, 0x23, 0x95,
-	 0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f,
-	 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d,
-	 0x3d, 0xba, 0xa1, 0x4b, 0x5e, 0x77, 0xef, 0xe7,
-	 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff,
-	 0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a,
-	 0x42, 0x9b, 0xf9, 0x7e, 0x7e, 0x31, 0xc2, 0xe5,
-	 0xbd, 0x66},
-	{0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b,  /* y */
-	 0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d,
-	 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
-	 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e,
-	 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4,
-	 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
-	 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72,
-	 0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1,
-	 0x66, 0x50}
-	};
-
-/* The representation of field elements.
- * ------------------------------------
- *
- * We represent field elements with nine values. These values are either 64 or
- * 128 bits and the field element represented is:
- *   v[0]*2^0 + v[1]*2^58 + v[2]*2^116 + ... + v[8]*2^464  (mod p)
- * Each of the nine values is called a 'limb'. Since the limbs are spaced only
- * 58 bits apart, but are greater than 58 bits in length, the most significant
- * bits of each limb overlap with the least significant bits of the next.
- *
- * A field element with 64-bit limbs is an 'felem'. One with 128-bit limbs is a
- * 'largefelem' */
-
-#define NLIMBS 9
-
-typedef uint64_t limb;
-typedef limb felem[NLIMBS];
-typedef uint128_t largefelem[NLIMBS];
-
-static const limb bottom57bits = 0x1ffffffffffffff;
-static const limb bottom58bits = 0x3ffffffffffffff;
-
-/* bin66_to_felem takes a little-endian byte array and converts it into felem
- * form. This assumes that the CPU is little-endian. */
-static void 
-bin66_to_felem(felem out, const u8 in[66])
-{
-	out[0] = (*((limb *) & in[0])) & bottom58bits;
-	out[1] = (*((limb *) & in[7]) >> 2) & bottom58bits;
-	out[2] = (*((limb *) & in[14]) >> 4) & bottom58bits;
-	out[3] = (*((limb *) & in[21]) >> 6) & bottom58bits;
-	out[4] = (*((limb *) & in[29])) & bottom58bits;
-	out[5] = (*((limb *) & in[36]) >> 2) & bottom58bits;
-	out[6] = (*((limb *) & in[43]) >> 4) & bottom58bits;
-	out[7] = (*((limb *) & in[50]) >> 6) & bottom58bits;
-	out[8] = (*((limb *) & in[58])) & bottom57bits;
-}
-
-/* felem_to_bin66 takes an felem and serialises into a little endian, 66 byte
- * array. This assumes that the CPU is little-endian. */
-static void 
-felem_to_bin66(u8 out[66], const felem in)
-{
-	memset(out, 0, 66);
-	(*((limb *) & out[0])) = in[0];
-	(*((limb *) & out[7])) |= in[1] << 2;
-	(*((limb *) & out[14])) |= in[2] << 4;
-	(*((limb *) & out[21])) |= in[3] << 6;
-	(*((limb *) & out[29])) = in[4];
-	(*((limb *) & out[36])) |= in[5] << 2;
-	(*((limb *) & out[43])) |= in[6] << 4;
-	(*((limb *) & out[50])) |= in[7] << 6;
-	(*((limb *) & out[58])) = in[8];
-}
-
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void 
-flip_endian(u8 * out, const u8 * in, unsigned len)
-{
-	unsigned i;
-	for (i = 0; i < len; ++i)
-		out[i] = in[len - 1 - i];
-}
-
-/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
-static int 
-BN_to_felem(felem out, const BIGNUM * bn)
-{
-	felem_bytearray b_in;
-	felem_bytearray b_out;
-	unsigned num_bytes;
-
-	/* BN_bn2bin eats leading zeroes */
-	memset(b_out, 0, sizeof b_out);
-	num_bytes = BN_num_bytes(bn);
-	if (num_bytes > sizeof b_out) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	if (BN_is_negative(bn)) {
-		ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
-		return 0;
-	}
-	num_bytes = BN_bn2bin(bn, b_in);
-	flip_endian(b_out, b_in, num_bytes);
-	bin66_to_felem(out, b_out);
-	return 1;
-}
-
-/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
-static BIGNUM *
-felem_to_BN(BIGNUM * out, const felem in)
-{
-	felem_bytearray b_in, b_out;
-	felem_to_bin66(b_in, in);
-	flip_endian(b_out, b_in, sizeof b_out);
-	return BN_bin2bn(b_out, sizeof b_out, out);
-}
-
-
-/* Field operations
- * ---------------- */
-
-static void 
-felem_one(felem out)
-{
-	out[0] = 1;
-	out[1] = 0;
-	out[2] = 0;
-	out[3] = 0;
-	out[4] = 0;
-	out[5] = 0;
-	out[6] = 0;
-	out[7] = 0;
-	out[8] = 0;
-}
-
-static void 
-felem_assign(felem out, const felem in)
-{
-	out[0] = in[0];
-	out[1] = in[1];
-	out[2] = in[2];
-	out[3] = in[3];
-	out[4] = in[4];
-	out[5] = in[5];
-	out[6] = in[6];
-	out[7] = in[7];
-	out[8] = in[8];
-}
-
-/* felem_sum64 sets out = out + in. */
-static void 
-felem_sum64(felem out, const felem in)
-{
-	out[0] += in[0];
-	out[1] += in[1];
-	out[2] += in[2];
-	out[3] += in[3];
-	out[4] += in[4];
-	out[5] += in[5];
-	out[6] += in[6];
-	out[7] += in[7];
-	out[8] += in[8];
-}
-
-/* felem_scalar sets out = in * scalar */
-static void 
-felem_scalar(felem out, const felem in, limb scalar)
-{
-	out[0] = in[0] * scalar;
-	out[1] = in[1] * scalar;
-	out[2] = in[2] * scalar;
-	out[3] = in[3] * scalar;
-	out[4] = in[4] * scalar;
-	out[5] = in[5] * scalar;
-	out[6] = in[6] * scalar;
-	out[7] = in[7] * scalar;
-	out[8] = in[8] * scalar;
-}
-
-/* felem_scalar64 sets out = out * scalar */
-static void 
-felem_scalar64(felem out, limb scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-	out[4] *= scalar;
-	out[5] *= scalar;
-	out[6] *= scalar;
-	out[7] *= scalar;
-	out[8] *= scalar;
-}
-
-/* felem_scalar128 sets out = out * scalar */
-static void 
-felem_scalar128(largefelem out, limb scalar)
-{
-	out[0] *= scalar;
-	out[1] *= scalar;
-	out[2] *= scalar;
-	out[3] *= scalar;
-	out[4] *= scalar;
-	out[5] *= scalar;
-	out[6] *= scalar;
-	out[7] *= scalar;
-	out[8] *= scalar;
-}
-
-/* felem_neg sets |out| to |-in|
- * On entry:
- *   in[i] < 2^59 + 2^14
- * On exit:
- *   out[i] < 2^62
- */
-static void 
-felem_neg(felem out, const felem in)
-{
-	/* In order to prevent underflow, we subtract from 0 mod p. */
-	static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
-	static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-	out[0] = two62m3 - in[0];
-	out[1] = two62m2 - in[1];
-	out[2] = two62m2 - in[2];
-	out[3] = two62m2 - in[3];
-	out[4] = two62m2 - in[4];
-	out[5] = two62m2 - in[5];
-	out[6] = two62m2 - in[6];
-	out[7] = two62m2 - in[7];
-	out[8] = two62m2 - in[8];
-}
-
-/* felem_diff64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^59 + 2^14
- * On exit:
- *   out[i] < out[i] + 2^62
- */
-static void 
-felem_diff64(felem out, const felem in)
-{
-	/* In order to prevent underflow, we add 0 mod p before subtracting. */
-	static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
-	static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-	out[0] += two62m3 - in[0];
-	out[1] += two62m2 - in[1];
-	out[2] += two62m2 - in[2];
-	out[3] += two62m2 - in[3];
-	out[4] += two62m2 - in[4];
-	out[5] += two62m2 - in[5];
-	out[6] += two62m2 - in[6];
-	out[7] += two62m2 - in[7];
-	out[8] += two62m2 - in[8];
-}
-
-/* felem_diff_128_64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^62 + 2^17
- * On exit:
- *   out[i] < out[i] + 2^63
- */
-static void 
-felem_diff_128_64(largefelem out, const felem in)
-{
-	/* In order to prevent underflow, we add 0 mod p before subtracting. */
-	static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5);
-	static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4);
-
-	out[0] += two63m6 - in[0];
-	out[1] += two63m5 - in[1];
-	out[2] += two63m5 - in[2];
-	out[3] += two63m5 - in[3];
-	out[4] += two63m5 - in[4];
-	out[5] += two63m5 - in[5];
-	out[6] += two63m5 - in[6];
-	out[7] += two63m5 - in[7];
-	out[8] += two63m5 - in[8];
-}
-
-/* felem_diff_128_64 subtracts |in| from |out|
- * On entry:
- *   in[i] < 2^126
- * On exit:
- *   out[i] < out[i] + 2^127 - 2^69
- */
-static void 
-felem_diff128(largefelem out, const largefelem in)
-{
-	/* In order to prevent underflow, we add 0 mod p before subtracting. */
-	static const uint128_t two127m70 = (((uint128_t) 1) << 127) - (((uint128_t) 1) << 70);
-	static const uint128_t two127m69 = (((uint128_t) 1) << 127) - (((uint128_t) 1) << 69);
-
-	out[0] += (two127m70 - in[0]);
-	out[1] += (two127m69 - in[1]);
-	out[2] += (two127m69 - in[2]);
-	out[3] += (two127m69 - in[3]);
-	out[4] += (two127m69 - in[4]);
-	out[5] += (two127m69 - in[5]);
-	out[6] += (two127m69 - in[6]);
-	out[7] += (two127m69 - in[7]);
-	out[8] += (two127m69 - in[8]);
-}
-
-/* felem_square sets |out| = |in|^2
- * On entry:
- *   in[i] < 2^62
- * On exit:
- *   out[i] < 17 * max(in[i]) * max(in[i])
- */
-static void 
-felem_square(largefelem out, const felem in)
-{
-	felem inx2, inx4;
-	felem_scalar(inx2, in, 2);
-	felem_scalar(inx4, in, 4);
-
-	/*
-	 * We have many cases were we want to do in[x] * in[y] + in[y] *
-	 * in[x] This is obviously just 2 * in[x] * in[y] However, rather
-	 * than do the doubling on the 128 bit result, we double one of the
-	 * inputs to the multiplication by reading from |inx2|
-	 */
-
-	out[0] = ((uint128_t) in[0]) * in[0];
-	out[1] = ((uint128_t) in[0]) * inx2[1];
-	out[2] = ((uint128_t) in[0]) * inx2[2] +
-	    ((uint128_t) in[1]) * in[1];
-	out[3] = ((uint128_t) in[0]) * inx2[3] +
-	    ((uint128_t) in[1]) * inx2[2];
-	out[4] = ((uint128_t) in[0]) * inx2[4] +
-	    ((uint128_t) in[1]) * inx2[3] +
-	    ((uint128_t) in[2]) * in[2];
-	out[5] = ((uint128_t) in[0]) * inx2[5] +
-	    ((uint128_t) in[1]) * inx2[4] +
-	    ((uint128_t) in[2]) * inx2[3];
-	out[6] = ((uint128_t) in[0]) * inx2[6] +
-	    ((uint128_t) in[1]) * inx2[5] +
-	    ((uint128_t) in[2]) * inx2[4] +
-	    ((uint128_t) in[3]) * in[3];
-	out[7] = ((uint128_t) in[0]) * inx2[7] +
-	    ((uint128_t) in[1]) * inx2[6] +
-	    ((uint128_t) in[2]) * inx2[5] +
-	    ((uint128_t) in[3]) * inx2[4];
-	out[8] = ((uint128_t) in[0]) * inx2[8] +
-	    ((uint128_t) in[1]) * inx2[7] +
-	    ((uint128_t) in[2]) * inx2[6] +
-	    ((uint128_t) in[3]) * inx2[5] +
-	    ((uint128_t) in[4]) * in[4];
-
-	/*
-	 * The remaining limbs fall above 2^521, with the first falling at
-	 * 2^522. They correspond to locations one bit up from the limbs
-	 * produced above so we would have to multiply by two to align them.
-	 * Again, rather than operate on the 128-bit result, we double one of
-	 * the inputs to the multiplication. If we want to double for both
-	 * this reason, and the reason above, then we end up multiplying by
-	 * four.
-	 */
-
-	/* 9 */
-	out[0] += ((uint128_t) in[1]) * inx4[8] +
-	    ((uint128_t) in[2]) * inx4[7] +
-	    ((uint128_t) in[3]) * inx4[6] +
-	    ((uint128_t) in[4]) * inx4[5];
-
-	/* 10 */
-	out[1] += ((uint128_t) in[2]) * inx4[8] +
-	    ((uint128_t) in[3]) * inx4[7] +
-	    ((uint128_t) in[4]) * inx4[6] +
-	    ((uint128_t) in[5]) * inx2[5];
-
-	/* 11 */
-	out[2] += ((uint128_t) in[3]) * inx4[8] +
-	    ((uint128_t) in[4]) * inx4[7] +
-	    ((uint128_t) in[5]) * inx4[6];
-
-	/* 12 */
-	out[3] += ((uint128_t) in[4]) * inx4[8] +
-	    ((uint128_t) in[5]) * inx4[7] +
-	    ((uint128_t) in[6]) * inx2[6];
-
-	/* 13 */
-	out[4] += ((uint128_t) in[5]) * inx4[8] +
-	    ((uint128_t) in[6]) * inx4[7];
-
-	/* 14 */
-	out[5] += ((uint128_t) in[6]) * inx4[8] +
-	    ((uint128_t) in[7]) * inx2[7];
-
-	/* 15 */
-	out[6] += ((uint128_t) in[7]) * inx4[8];
-
-	/* 16 */
-	out[7] += ((uint128_t) in[8]) * inx2[8];
-}
-
-/* felem_mul sets |out| = |in1| * |in2|
- * On entry:
- *   in1[i] < 2^64
- *   in2[i] < 2^63
- * On exit:
- *   out[i] < 17 * max(in1[i]) * max(in2[i])
- */
-static void 
-felem_mul(largefelem out, const felem in1, const felem in2)
-{
-	felem in2x2;
-	felem_scalar(in2x2, in2, 2);
-
-	out[0] = ((uint128_t) in1[0]) * in2[0];
-
-	out[1] = ((uint128_t) in1[0]) * in2[1] +
-	    ((uint128_t) in1[1]) * in2[0];
-
-	out[2] = ((uint128_t) in1[0]) * in2[2] +
-	    ((uint128_t) in1[1]) * in2[1] +
-	    ((uint128_t) in1[2]) * in2[0];
-
-	out[3] = ((uint128_t) in1[0]) * in2[3] +
-	    ((uint128_t) in1[1]) * in2[2] +
-	    ((uint128_t) in1[2]) * in2[1] +
-	    ((uint128_t) in1[3]) * in2[0];
-
-	out[4] = ((uint128_t) in1[0]) * in2[4] +
-	    ((uint128_t) in1[1]) * in2[3] +
-	    ((uint128_t) in1[2]) * in2[2] +
-	    ((uint128_t) in1[3]) * in2[1] +
-	    ((uint128_t) in1[4]) * in2[0];
-
-	out[5] = ((uint128_t) in1[0]) * in2[5] +
-	    ((uint128_t) in1[1]) * in2[4] +
-	    ((uint128_t) in1[2]) * in2[3] +
-	    ((uint128_t) in1[3]) * in2[2] +
-	    ((uint128_t) in1[4]) * in2[1] +
-	    ((uint128_t) in1[5]) * in2[0];
-
-	out[6] = ((uint128_t) in1[0]) * in2[6] +
-	    ((uint128_t) in1[1]) * in2[5] +
-	    ((uint128_t) in1[2]) * in2[4] +
-	    ((uint128_t) in1[3]) * in2[3] +
-	    ((uint128_t) in1[4]) * in2[2] +
-	    ((uint128_t) in1[5]) * in2[1] +
-	    ((uint128_t) in1[6]) * in2[0];
-
-	out[7] = ((uint128_t) in1[0]) * in2[7] +
-	    ((uint128_t) in1[1]) * in2[6] +
-	    ((uint128_t) in1[2]) * in2[5] +
-	    ((uint128_t) in1[3]) * in2[4] +
-	    ((uint128_t) in1[4]) * in2[3] +
-	    ((uint128_t) in1[5]) * in2[2] +
-	    ((uint128_t) in1[6]) * in2[1] +
-	    ((uint128_t) in1[7]) * in2[0];
-
-	out[8] = ((uint128_t) in1[0]) * in2[8] +
-	    ((uint128_t) in1[1]) * in2[7] +
-	    ((uint128_t) in1[2]) * in2[6] +
-	    ((uint128_t) in1[3]) * in2[5] +
-	    ((uint128_t) in1[4]) * in2[4] +
-	    ((uint128_t) in1[5]) * in2[3] +
-	    ((uint128_t) in1[6]) * in2[2] +
-	    ((uint128_t) in1[7]) * in2[1] +
-	    ((uint128_t) in1[8]) * in2[0];
-
-	/* See comment in felem_square about the use of in2x2 here */
-
-	out[0] += ((uint128_t) in1[1]) * in2x2[8] +
-	    ((uint128_t) in1[2]) * in2x2[7] +
-	    ((uint128_t) in1[3]) * in2x2[6] +
-	    ((uint128_t) in1[4]) * in2x2[5] +
-	    ((uint128_t) in1[5]) * in2x2[4] +
-	    ((uint128_t) in1[6]) * in2x2[3] +
-	    ((uint128_t) in1[7]) * in2x2[2] +
-	    ((uint128_t) in1[8]) * in2x2[1];
-
-	out[1] += ((uint128_t) in1[2]) * in2x2[8] +
-	    ((uint128_t) in1[3]) * in2x2[7] +
-	    ((uint128_t) in1[4]) * in2x2[6] +
-	    ((uint128_t) in1[5]) * in2x2[5] +
-	    ((uint128_t) in1[6]) * in2x2[4] +
-	    ((uint128_t) in1[7]) * in2x2[3] +
-	    ((uint128_t) in1[8]) * in2x2[2];
-
-	out[2] += ((uint128_t) in1[3]) * in2x2[8] +
-	    ((uint128_t) in1[4]) * in2x2[7] +
-	    ((uint128_t) in1[5]) * in2x2[6] +
-	    ((uint128_t) in1[6]) * in2x2[5] +
-	    ((uint128_t) in1[7]) * in2x2[4] +
-	    ((uint128_t) in1[8]) * in2x2[3];
-
-	out[3] += ((uint128_t) in1[4]) * in2x2[8] +
-	    ((uint128_t) in1[5]) * in2x2[7] +
-	    ((uint128_t) in1[6]) * in2x2[6] +
-	    ((uint128_t) in1[7]) * in2x2[5] +
-	    ((uint128_t) in1[8]) * in2x2[4];
-
-	out[4] += ((uint128_t) in1[5]) * in2x2[8] +
-	    ((uint128_t) in1[6]) * in2x2[7] +
-	    ((uint128_t) in1[7]) * in2x2[6] +
-	    ((uint128_t) in1[8]) * in2x2[5];
-
-	out[5] += ((uint128_t) in1[6]) * in2x2[8] +
-	    ((uint128_t) in1[7]) * in2x2[7] +
-	    ((uint128_t) in1[8]) * in2x2[6];
-
-	out[6] += ((uint128_t) in1[7]) * in2x2[8] +
-	    ((uint128_t) in1[8]) * in2x2[7];
-
-	out[7] += ((uint128_t) in1[8]) * in2x2[8];
-}
-
-static const limb bottom52bits = 0xfffffffffffff;
-
-/* felem_reduce converts a largefelem to an felem.
- * On entry:
- *   in[i] < 2^128
- * On exit:
- *   out[i] < 2^59 + 2^14
- */
-static void 
-felem_reduce(felem out, const largefelem in)
-{
-	u64 overflow1, overflow2;
-
-	out[0] = ((limb) in[0]) & bottom58bits;
-	out[1] = ((limb) in[1]) & bottom58bits;
-	out[2] = ((limb) in[2]) & bottom58bits;
-	out[3] = ((limb) in[3]) & bottom58bits;
-	out[4] = ((limb) in[4]) & bottom58bits;
-	out[5] = ((limb) in[5]) & bottom58bits;
-	out[6] = ((limb) in[6]) & bottom58bits;
-	out[7] = ((limb) in[7]) & bottom58bits;
-	out[8] = ((limb) in[8]) & bottom58bits;
-
-	/* out[i] < 2^58 */
-
-	out[1] += ((limb) in[0]) >> 58;
-	out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
-	/*
-	 * out[1] < 2^58 + 2^6 + 2^58 = 2^59 + 2^6
-	 */
-	out[2] += ((limb) (in[0] >> 64)) >> 52;
-
-	out[2] += ((limb) in[1]) >> 58;
-	out[2] += (((limb) (in[1] >> 64)) & bottom52bits) << 6;
-	out[3] += ((limb) (in[1] >> 64)) >> 52;
-
-	out[3] += ((limb) in[2]) >> 58;
-	out[3] += (((limb) (in[2] >> 64)) & bottom52bits) << 6;
-	out[4] += ((limb) (in[2] >> 64)) >> 52;
-
-	out[4] += ((limb) in[3]) >> 58;
-	out[4] += (((limb) (in[3] >> 64)) & bottom52bits) << 6;
-	out[5] += ((limb) (in[3] >> 64)) >> 52;
-
-	out[5] += ((limb) in[4]) >> 58;
-	out[5] += (((limb) (in[4] >> 64)) & bottom52bits) << 6;
-	out[6] += ((limb) (in[4] >> 64)) >> 52;
-
-	out[6] += ((limb) in[5]) >> 58;
-	out[6] += (((limb) (in[5] >> 64)) & bottom52bits) << 6;
-	out[7] += ((limb) (in[5] >> 64)) >> 52;
-
-	out[7] += ((limb) in[6]) >> 58;
-	out[7] += (((limb) (in[6] >> 64)) & bottom52bits) << 6;
-	out[8] += ((limb) (in[6] >> 64)) >> 52;
-
-	out[8] += ((limb) in[7]) >> 58;
-	out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
-	/*
-	 * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12 < 2^59 + 2^13
-	 */
-	overflow1 = ((limb) (in[7] >> 64)) >> 52;
-
-	overflow1 += ((limb) in[8]) >> 58;
-	overflow1 += (((limb) (in[8] >> 64)) & bottom52bits) << 6;
-	overflow2 = ((limb) (in[8] >> 64)) >> 52;
-
-	overflow1 <<= 1;	/* overflow1 < 2^13 + 2^7 + 2^59 */
-	overflow2 <<= 1;	/* overflow2 < 2^13 */
-
-	out[0] += overflow1;	/* out[0] < 2^60 */
-	out[1] += overflow2;	/* out[1] < 2^59 + 2^6 + 2^13 */
-
-	out[1] += out[0] >> 58;
-	out[0] &= bottom58bits;
-	/*
-	 * out[0] < 2^58 out[1] < 2^59 + 2^6 + 2^13 + 2^2 < 2^59 + 2^14
-	 */
-}
-
-static void 
-felem_square_reduce(felem out, const felem in)
-{
-	largefelem tmp;
-	felem_square(tmp, in);
-	felem_reduce(out, tmp);
-}
-
-static void 
-felem_mul_reduce(felem out, const felem in1, const felem in2)
-{
-	largefelem tmp;
-	felem_mul(tmp, in1, in2);
-	felem_reduce(out, tmp);
-}
-
-/* felem_inv calculates |out| = |in|^{-1}
- *
- * Based on Fermat's Little Theorem:
- *   a^p = a (mod p)
- *   a^{p-1} = 1 (mod p)
- *   a^{p-2} = a^{-1} (mod p)
- */
-static void 
-felem_inv(felem out, const felem in)
-{
-	felem ftmp, ftmp2, ftmp3, ftmp4;
-	largefelem tmp;
-	unsigned i;
-
-	felem_square(tmp, in);
-	felem_reduce(ftmp, tmp);/* 2^1 */
-	felem_mul(tmp, in, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^2 - 2^0 */
-	felem_assign(ftmp2, ftmp);
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^3 - 2^1 */
-	felem_mul(tmp, in, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^3 - 2^0 */
-	felem_square(tmp, ftmp);
-	felem_reduce(ftmp, tmp);/* 2^4 - 2^1 */
-
-	felem_square(tmp, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^3 - 2^1 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp3, tmp);	/* 2^4 - 2^2 */
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^4 - 2^0 */
-
-	felem_assign(ftmp2, ftmp3);
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp3, tmp);	/* 2^5 - 2^1 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp3, tmp);	/* 2^6 - 2^2 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp3, tmp);	/* 2^7 - 2^3 */
-	felem_square(tmp, ftmp3);
-	felem_reduce(ftmp3, tmp);	/* 2^8 - 2^4 */
-	felem_assign(ftmp4, ftmp3);
-	felem_mul(tmp, ftmp3, ftmp);
-	felem_reduce(ftmp4, tmp);	/* 2^8 - 2^1 */
-	felem_square(tmp, ftmp4);
-	felem_reduce(ftmp4, tmp);	/* 2^9 - 2^2 */
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^8 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 8; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^16 - 2^8 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^16 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 16; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^32 - 2^16 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^32 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 32; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^64 - 2^32 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^64 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 64; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^128 - 2^64 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^128 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 128; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^256 - 2^128 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^256 - 2^0 */
-	felem_assign(ftmp2, ftmp3);
-
-	for (i = 0; i < 256; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^512 - 2^256 */
-	}
-	felem_mul(tmp, ftmp3, ftmp2);
-	felem_reduce(ftmp3, tmp);	/* 2^512 - 2^0 */
-
-	for (i = 0; i < 9; i++) {
-		felem_square(tmp, ftmp3);
-		felem_reduce(ftmp3, tmp);	/* 2^521 - 2^9 */
-	}
-	felem_mul(tmp, ftmp3, ftmp4);
-	felem_reduce(ftmp3, tmp);	/* 2^512 - 2^2 */
-	felem_mul(tmp, ftmp3, in);
-	felem_reduce(out, tmp);	/* 2^512 - 3 */
-}
-
-/* This is 2^521-1, expressed as an felem */
-static const felem kPrime =
-{
-	0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
-	0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
-	0x03ffffffffffffff, 0x03ffffffffffffff, 0x01ffffffffffffff
-};
-
-/* felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
- * otherwise.
- * On entry:
- *   in[i] < 2^59 + 2^14
- */
-static limb 
-felem_is_zero(const felem in)
-{
-	felem ftmp;
-	limb is_zero, is_p;
-	felem_assign(ftmp, in);
-
-	ftmp[0] += ftmp[8] >> 57;
-	ftmp[8] &= bottom57bits;
-	/* ftmp[8] < 2^57 */
-	ftmp[1] += ftmp[0] >> 58;
-	ftmp[0] &= bottom58bits;
-	ftmp[2] += ftmp[1] >> 58;
-	ftmp[1] &= bottom58bits;
-	ftmp[3] += ftmp[2] >> 58;
-	ftmp[2] &= bottom58bits;
-	ftmp[4] += ftmp[3] >> 58;
-	ftmp[3] &= bottom58bits;
-	ftmp[5] += ftmp[4] >> 58;
-	ftmp[4] &= bottom58bits;
-	ftmp[6] += ftmp[5] >> 58;
-	ftmp[5] &= bottom58bits;
-	ftmp[7] += ftmp[6] >> 58;
-	ftmp[6] &= bottom58bits;
-	ftmp[8] += ftmp[7] >> 58;
-	ftmp[7] &= bottom58bits;
-	/* ftmp[8] < 2^57 + 4 */
-
-	/*
-	 * The ninth limb of 2*(2^521-1) is 0x03ffffffffffffff, which is
-	 * greater than our bound for ftmp[8]. Therefore we only have to
-	 * check if the zero is zero or 2^521-1.
-	 */
-
-	is_zero = 0;
-	is_zero |= ftmp[0];
-	is_zero |= ftmp[1];
-	is_zero |= ftmp[2];
-	is_zero |= ftmp[3];
-	is_zero |= ftmp[4];
-	is_zero |= ftmp[5];
-	is_zero |= ftmp[6];
-	is_zero |= ftmp[7];
-	is_zero |= ftmp[8];
-
-	is_zero--;
-	/*
-	 * We know that ftmp[i] < 2^63, therefore the only way that the top
-	 * bit can be set is if is_zero was 0 before the decrement.
-	 */
-	is_zero = ((s64) is_zero) >> 63;
-
-	is_p = ftmp[0] ^ kPrime[0];
-	is_p |= ftmp[1] ^ kPrime[1];
-	is_p |= ftmp[2] ^ kPrime[2];
-	is_p |= ftmp[3] ^ kPrime[3];
-	is_p |= ftmp[4] ^ kPrime[4];
-	is_p |= ftmp[5] ^ kPrime[5];
-	is_p |= ftmp[6] ^ kPrime[6];
-	is_p |= ftmp[7] ^ kPrime[7];
-	is_p |= ftmp[8] ^ kPrime[8];
-
-	is_p--;
-	is_p = ((s64) is_p) >> 63;
-
-	is_zero |= is_p;
-	return is_zero;
-}
-
-static int 
-felem_is_zero_int(const felem in)
-{
-	return (int) (felem_is_zero(in) & ((limb) 1));
-}
-
-/* felem_contract converts |in| to its unique, minimal representation.
- * On entry:
- *   in[i] < 2^59 + 2^14
- */
-static void 
-felem_contract(felem out, const felem in)
-{
-	limb is_p, is_greater, sign;
-	static const limb two58 = ((limb) 1) << 58;
-
-	felem_assign(out, in);
-
-	out[0] += out[8] >> 57;
-	out[8] &= bottom57bits;
-	/* out[8] < 2^57 */
-	out[1] += out[0] >> 58;
-	out[0] &= bottom58bits;
-	out[2] += out[1] >> 58;
-	out[1] &= bottom58bits;
-	out[3] += out[2] >> 58;
-	out[2] &= bottom58bits;
-	out[4] += out[3] >> 58;
-	out[3] &= bottom58bits;
-	out[5] += out[4] >> 58;
-	out[4] &= bottom58bits;
-	out[6] += out[5] >> 58;
-	out[5] &= bottom58bits;
-	out[7] += out[6] >> 58;
-	out[6] &= bottom58bits;
-	out[8] += out[7] >> 58;
-	out[7] &= bottom58bits;
-	/* out[8] < 2^57 + 4 */
-
-	/*
-	 * If the value is greater than 2^521-1 then we have to subtract
-	 * 2^521-1 out. See the comments in felem_is_zero regarding why we
-	 * don't test for other multiples of the prime.
-	 */
-
-	/*
-	 * First, if |out| is equal to 2^521-1, we subtract it out to get
-	 * zero.
-	 */
-
-	is_p = out[0] ^ kPrime[0];
-	is_p |= out[1] ^ kPrime[1];
-	is_p |= out[2] ^ kPrime[2];
-	is_p |= out[3] ^ kPrime[3];
-	is_p |= out[4] ^ kPrime[4];
-	is_p |= out[5] ^ kPrime[5];
-	is_p |= out[6] ^ kPrime[6];
-	is_p |= out[7] ^ kPrime[7];
-	is_p |= out[8] ^ kPrime[8];
-
-	is_p--;
-	is_p &= is_p << 32;
-	is_p &= is_p << 16;
-	is_p &= is_p << 8;
-	is_p &= is_p << 4;
-	is_p &= is_p << 2;
-	is_p &= is_p << 1;
-	is_p = ((s64) is_p) >> 63;
-	is_p = ~is_p;
-
-	/* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
-
-	out[0] &= is_p;
-	out[1] &= is_p;
-	out[2] &= is_p;
-	out[3] &= is_p;
-	out[4] &= is_p;
-	out[5] &= is_p;
-	out[6] &= is_p;
-	out[7] &= is_p;
-	out[8] &= is_p;
-
-	/*
-	 * In order to test that |out| >= 2^521-1 we need only test if out[8]
-	 * >> 57 is greater than zero as (2^521-1) + x >= 2^522
-	 */
-	is_greater = out[8] >> 57;
-	is_greater |= is_greater << 32;
-	is_greater |= is_greater << 16;
-	is_greater |= is_greater << 8;
-	is_greater |= is_greater << 4;
-	is_greater |= is_greater << 2;
-	is_greater |= is_greater << 1;
-	is_greater = ((s64) is_greater) >> 63;
-
-	out[0] -= kPrime[0] & is_greater;
-	out[1] -= kPrime[1] & is_greater;
-	out[2] -= kPrime[2] & is_greater;
-	out[3] -= kPrime[3] & is_greater;
-	out[4] -= kPrime[4] & is_greater;
-	out[5] -= kPrime[5] & is_greater;
-	out[6] -= kPrime[6] & is_greater;
-	out[7] -= kPrime[7] & is_greater;
-	out[8] -= kPrime[8] & is_greater;
-
-	/* Eliminate negative coefficients */
-	sign = -(out[0] >> 63);
-	out[0] += (two58 & sign);
-	out[1] -= (1 & sign);
-	sign = -(out[1] >> 63);
-	out[1] += (two58 & sign);
-	out[2] -= (1 & sign);
-	sign = -(out[2] >> 63);
-	out[2] += (two58 & sign);
-	out[3] -= (1 & sign);
-	sign = -(out[3] >> 63);
-	out[3] += (two58 & sign);
-	out[4] -= (1 & sign);
-	sign = -(out[4] >> 63);
-	out[4] += (two58 & sign);
-	out[5] -= (1 & sign);
-	sign = -(out[0] >> 63);
-	out[5] += (two58 & sign);
-	out[6] -= (1 & sign);
-	sign = -(out[6] >> 63);
-	out[6] += (two58 & sign);
-	out[7] -= (1 & sign);
-	sign = -(out[7] >> 63);
-	out[7] += (two58 & sign);
-	out[8] -= (1 & sign);
-	sign = -(out[5] >> 63);
-	out[5] += (two58 & sign);
-	out[6] -= (1 & sign);
-	sign = -(out[6] >> 63);
-	out[6] += (two58 & sign);
-	out[7] -= (1 & sign);
-	sign = -(out[7] >> 63);
-	out[7] += (two58 & sign);
-	out[8] -= (1 & sign);
-}
-
-/* Group operations
- * ----------------
- *
- * Building on top of the field operations we have the operations on the
- * elliptic curve group itself. Points on the curve are represented in Jacobian
- * coordinates */
-
-/* point_double calcuates 2*(x_in, y_in, z_in)
- *
- * The method is taken from:
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
- *
- * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
- * while x_out == y_in is not (maybe this works, but it's not tested). */
-static void
-point_double(felem x_out, felem y_out, felem z_out,
-    const felem x_in, const felem y_in, const felem z_in)
-{
-	largefelem tmp, tmp2;
-	felem delta, gamma, beta, alpha, ftmp, ftmp2;
-
-	felem_assign(ftmp, x_in);
-	felem_assign(ftmp2, x_in);
-
-	/* delta = z^2 */
-	felem_square(tmp, z_in);
-	felem_reduce(delta, tmp);	/* delta[i] < 2^59 + 2^14 */
-
-	/* gamma = y^2 */
-	felem_square(tmp, y_in);
-	felem_reduce(gamma, tmp);	/* gamma[i] < 2^59 + 2^14 */
-
-	/* beta = x*gamma */
-	felem_mul(tmp, x_in, gamma);
-	felem_reduce(beta, tmp);/* beta[i] < 2^59 + 2^14 */
-
-	/* alpha = 3*(x-delta)*(x+delta) */
-	felem_diff64(ftmp, delta);
-	/* ftmp[i] < 2^61 */
-	felem_sum64(ftmp2, delta);
-	/* ftmp2[i] < 2^60 + 2^15 */
-	felem_scalar64(ftmp2, 3);
-	/* ftmp2[i] < 3*2^60 + 3*2^15 */
-	felem_mul(tmp, ftmp, ftmp2);
-	/*
-	 * tmp[i] < 17(3*2^121 + 3*2^76) = 61*2^121 + 61*2^76 < 64*2^121 +
-	 * 64*2^76 = 2^127 + 2^82 < 2^128
-	 */
-	felem_reduce(alpha, tmp);
-
-	/* x' = alpha^2 - 8*beta */
-	felem_square(tmp, alpha);
-	/*
-	 * tmp[i] < 17*2^120 < 2^125
-	 */
-	felem_assign(ftmp, beta);
-	felem_scalar64(ftmp, 8);
-	/* ftmp[i] < 2^62 + 2^17 */
-	felem_diff_128_64(tmp, ftmp);
-	/* tmp[i] < 2^125 + 2^63 + 2^62 + 2^17 */
-	felem_reduce(x_out, tmp);
-
-	/* z' = (y + z)^2 - gamma - delta */
-	felem_sum64(delta, gamma);
-	/* delta[i] < 2^60 + 2^15 */
-	felem_assign(ftmp, y_in);
-	felem_sum64(ftmp, z_in);
-	/* ftmp[i] < 2^60 + 2^15 */
-	felem_square(tmp, ftmp);
-	/*
-	 * tmp[i] < 17(2^122) < 2^127
-	 */
-	felem_diff_128_64(tmp, delta);
-	/* tmp[i] < 2^127 + 2^63 */
-	felem_reduce(z_out, tmp);
-
-	/* y' = alpha*(4*beta - x') - 8*gamma^2 */
-	felem_scalar64(beta, 4);
-	/* beta[i] < 2^61 + 2^16 */
-	felem_diff64(beta, x_out);
-	/* beta[i] < 2^61 + 2^60 + 2^16 */
-	felem_mul(tmp, alpha, beta);
-	/*
-	 * tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16)) = 17*(2^120 + 2^75
-	 * + 2^119 + 2^74 + 2^75 + 2^30) = 17*(2^120 + 2^119 + 2^76 + 2^74 +
-	 * 2^30) < 2^128
-	 */
-	felem_square(tmp2, gamma);
-	/*
-	 * tmp2[i] < 17*(2^59 + 2^14)^2 = 17*(2^118 + 2^74 + 2^28)
-	 */
-	felem_scalar128(tmp2, 8);
-	/*
-	 * tmp2[i] < 8*17*(2^118 + 2^74 + 2^28) = 2^125 + 2^121 + 2^81 + 2^77
-	 * + 2^35 + 2^31 < 2^126
-	 */
-	felem_diff128(tmp, tmp2);
-	/*
-	 * tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30) =
-	 * 2^127 + 2^124 + 2^122 + 2^120 + 2^118 + 2^80 + 2^78 + 2^76 + 2^74
-	 * + 2^69 + 2^34 + 2^30 < 2^128
-	 */
-	felem_reduce(y_out, tmp);
-}
-
-/* copy_conditional copies in to out iff mask is all ones. */
-static void
-copy_conditional(felem out, const felem in, limb mask)
-{
-	unsigned i;
-	for (i = 0; i < NLIMBS; ++i) {
-		const limb tmp = mask & (in[i] ^ out[i]);
-		out[i] ^= tmp;
-	}
-}
-
-/* point_add calcuates (x1, y1, z1) + (x2, y2, z2)
- *
- * The method is taken from
- *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
- * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
- *
- * This function includes a branch for checking whether the two input points
- * are equal (while not equal to the point at infinity). This case never
- * happens during single point multiplication, so there is no timing leak for
- * ECDH or ECDSA signing. */
-static void 
-point_add(felem x3, felem y3, felem z3,
-    const felem x1, const felem y1, const felem z1,
-    const int mixed, const felem x2, const felem y2, const felem z2)
-{
-	felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
-	largefelem tmp, tmp2;
-	limb x_equal, y_equal, z1_is_zero, z2_is_zero;
-
-	z1_is_zero = felem_is_zero(z1);
-	z2_is_zero = felem_is_zero(z2);
-
-	/* ftmp = z1z1 = z1**2 */
-	felem_square(tmp, z1);
-	felem_reduce(ftmp, tmp);
-
-	if (!mixed) {
-		/* ftmp2 = z2z2 = z2**2 */
-		felem_square(tmp, z2);
-		felem_reduce(ftmp2, tmp);
-
-		/* u1 = ftmp3 = x1*z2z2 */
-		felem_mul(tmp, x1, ftmp2);
-		felem_reduce(ftmp3, tmp);
-
-		/* ftmp5 = z1 + z2 */
-		felem_assign(ftmp5, z1);
-		felem_sum64(ftmp5, z2);
-		/* ftmp5[i] < 2^61 */
-
-		/* ftmp5 = (z1 + z2)**2 - z1z1 - z2z2 = 2*z1z2 */
-		felem_square(tmp, ftmp5);
-		/* tmp[i] < 17*2^122 */
-		felem_diff_128_64(tmp, ftmp);
-		/* tmp[i] < 17*2^122 + 2^63 */
-		felem_diff_128_64(tmp, ftmp2);
-		/* tmp[i] < 17*2^122 + 2^64 */
-		felem_reduce(ftmp5, tmp);
-
-		/* ftmp2 = z2 * z2z2 */
-		felem_mul(tmp, ftmp2, z2);
-		felem_reduce(ftmp2, tmp);
-
-		/* s1 = ftmp6 = y1 * z2**3 */
-		felem_mul(tmp, y1, ftmp2);
-		felem_reduce(ftmp6, tmp);
-	} else {
-		/* We'll assume z2 = 1 (special case z2 = 0 is handled later) */
-
-		/* u1 = ftmp3 = x1*z2z2 */
-		felem_assign(ftmp3, x1);
-
-		/* ftmp5 = 2*z1z2 */
-		felem_scalar(ftmp5, z1, 2);
-
-		/* s1 = ftmp6 = y1 * z2**3 */
-		felem_assign(ftmp6, y1);
-	}
-
-	/* u2 = x2*z1z1 */
-	felem_mul(tmp, x2, ftmp);
-	/* tmp[i] < 17*2^120 */
-
-	/* h = ftmp4 = u2 - u1 */
-	felem_diff_128_64(tmp, ftmp3);
-	/* tmp[i] < 17*2^120 + 2^63 */
-	felem_reduce(ftmp4, tmp);
-
-	x_equal = felem_is_zero(ftmp4);
-
-	/* z_out = ftmp5 * h */
-	felem_mul(tmp, ftmp5, ftmp4);
-	felem_reduce(z_out, tmp);
-
-	/* ftmp = z1 * z1z1 */
-	felem_mul(tmp, ftmp, z1);
-	felem_reduce(ftmp, tmp);
-
-	/* s2 = tmp = y2 * z1**3 */
-	felem_mul(tmp, y2, ftmp);
-	/* tmp[i] < 17*2^120 */
-
-	/* r = ftmp5 = (s2 - s1)*2 */
-	felem_diff_128_64(tmp, ftmp6);
-	/* tmp[i] < 17*2^120 + 2^63 */
-	felem_reduce(ftmp5, tmp);
-	y_equal = felem_is_zero(ftmp5);
-	felem_scalar64(ftmp5, 2);
-	/* ftmp5[i] < 2^61 */
-
-	if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
-		point_double(x3, y3, z3, x1, y1, z1);
-		return;
-	}
-	/* I = ftmp = (2h)**2 */
-	felem_assign(ftmp, ftmp4);
-	felem_scalar64(ftmp, 2);
-	/* ftmp[i] < 2^61 */
-	felem_square(tmp, ftmp);
-	/* tmp[i] < 17*2^122 */
-	felem_reduce(ftmp, tmp);
-
-	/* J = ftmp2 = h * I */
-	felem_mul(tmp, ftmp4, ftmp);
-	felem_reduce(ftmp2, tmp);
-
-	/* V = ftmp4 = U1 * I */
-	felem_mul(tmp, ftmp3, ftmp);
-	felem_reduce(ftmp4, tmp);
-
-	/* x_out = r**2 - J - 2V */
-	felem_square(tmp, ftmp5);
-	/* tmp[i] < 17*2^122 */
-	felem_diff_128_64(tmp, ftmp2);
-	/* tmp[i] < 17*2^122 + 2^63 */
-	felem_assign(ftmp3, ftmp4);
-	felem_scalar64(ftmp4, 2);
-	/* ftmp4[i] < 2^61 */
-	felem_diff_128_64(tmp, ftmp4);
-	/* tmp[i] < 17*2^122 + 2^64 */
-	felem_reduce(x_out, tmp);
-
-	/* y_out = r(V-x_out) - 2 * s1 * J */
-	felem_diff64(ftmp3, x_out);
-	/*
-	 * ftmp3[i] < 2^60 + 2^60 = 2^61
-	 */
-	felem_mul(tmp, ftmp5, ftmp3);
-	/* tmp[i] < 17*2^122 */
-	felem_mul(tmp2, ftmp6, ftmp2);
-	/* tmp2[i] < 17*2^120 */
-	felem_scalar128(tmp2, 2);
-	/* tmp2[i] < 17*2^121 */
-	felem_diff128(tmp, tmp2);
-	/*
-	 * tmp[i] < 2^127 - 2^69 + 17*2^122 = 2^126 - 2^122 - 2^6 - 2^2 - 1 <
-	 * 2^127
-	 */
-	felem_reduce(y_out, tmp);
-
-	copy_conditional(x_out, x2, z1_is_zero);
-	copy_conditional(x_out, x1, z2_is_zero);
-	copy_conditional(y_out, y2, z1_is_zero);
-	copy_conditional(y_out, y1, z2_is_zero);
-	copy_conditional(z_out, z2, z1_is_zero);
-	copy_conditional(z_out, z1, z2_is_zero);
-	felem_assign(x3, x_out);
-	felem_assign(y3, y_out);
-	felem_assign(z3, z_out);
-}
-
-/* Base point pre computation
- * --------------------------
- *
- * Two different sorts of precomputed tables are used in the following code.
- * Each contain various points on the curve, where each point is three field
- * elements (x, y, z).
- *
- * For the base point table, z is usually 1 (0 for the point at infinity).
- * This table has 16 elements:
- * index | bits    | point
- * ------+---------+------------------------------
- *     0 | 0 0 0 0 | 0G
- *     1 | 0 0 0 1 | 1G
- *     2 | 0 0 1 0 | 2^130G
- *     3 | 0 0 1 1 | (2^130 + 1)G
- *     4 | 0 1 0 0 | 2^260G
- *     5 | 0 1 0 1 | (2^260 + 1)G
- *     6 | 0 1 1 0 | (2^260 + 2^130)G
- *     7 | 0 1 1 1 | (2^260 + 2^130 + 1)G
- *     8 | 1 0 0 0 | 2^390G
- *     9 | 1 0 0 1 | (2^390 + 1)G
- *    10 | 1 0 1 0 | (2^390 + 2^130)G
- *    11 | 1 0 1 1 | (2^390 + 2^130 + 1)G
- *    12 | 1 1 0 0 | (2^390 + 2^260)G
- *    13 | 1 1 0 1 | (2^390 + 2^260 + 1)G
- *    14 | 1 1 1 0 | (2^390 + 2^260 + 2^130)G
- *    15 | 1 1 1 1 | (2^390 + 2^260 + 2^130 + 1)G
- *
- * The reason for this is so that we can clock bits into four different
- * locations when doing simple scalar multiplies against the base point.
- *
- * Tables for other points have table[i] = iG for i in 0 .. 16. */
-
-/* gmul is the table of precomputed base points */
-static const felem gmul[16][3] =
-{{{0, 0, 0, 0, 0, 0, 0, 0, 0},
-{0, 0, 0, 0, 0, 0, 0, 0, 0},
-{0, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x017e7e31c2e5bd66, 0x022cf0615a90a6fe, 0x00127a2ffa8de334,
-		0x01dfbf9d64a3f877, 0x006b4d3dbaa14b5e, 0x014fed487e0a2bd8,
-0x015b4429c6481390, 0x03a73678fb2d988e, 0x00c6858e06b70404},
-{0x00be94769fd16650, 0x031c21a89cb09022, 0x039013fad0761353,
-	0x02657bd099031542, 0x03273e662c97ee72, 0x01e6d11a05ebef45,
-0x03d1bd998f544495, 0x03001172297ed0b1, 0x011839296a789a3b},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x0373faacbc875bae, 0x00f325023721c671, 0x00f666fd3dbde5ad,
-		0x01a6932363f88ea7, 0x01fc6d9e13f9c47b, 0x03bcbffc2bbf734e,
-0x013ee3c3647f3a92, 0x029409fefe75d07d, 0x00ef9199963d85e5},
-{0x011173743ad5b178, 0x02499c7c21bf7d46, 0x035beaeabb8b1a58,
-	0x00f989c4752ea0a3, 0x0101e1de48a9c1a3, 0x01a20076be28ba6c,
-0x02f8052e5eb2de95, 0x01bfe8f82dea117c, 0x0160074d3c36ddb7},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x012f3fc373393b3b, 0x03d3d6172f1419fa, 0x02adc943c0b86873,
-		0x00d475584177952b, 0x012a4d1673750ee2, 0x00512517a0f13b0c,
-0x02b184671a7b1734, 0x0315b84236f1a50a, 0x00a4afc472edbdb9},
-{0x00152a7077f385c4, 0x03044007d8d1c2ee, 0x0065829d61d52b52,
-	0x00494ff6b6631d0d, 0x00a11d94d5f06bcf, 0x02d2f89474d9282e,
-0x0241c5727c06eeb9, 0x0386928710fbdb9d, 0x01f883f727b0dfbe},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x019b0c3c9185544d, 0x006243a37c9d97db, 0x02ee3cbe030a2ad2,
-		0x00cfdd946bb51e0d, 0x0271c00932606b91, 0x03f817d1ec68c561,
-0x03f37009806a369c, 0x03c1f30baf184fd5, 0x01091022d6d2f065},
-{0x0292c583514c45ed, 0x0316fca51f9a286c, 0x00300af507c1489a,
-	0x0295f69008298cf1, 0x02c0ed8274943d7b, 0x016509b9b47a431e,
-0x02bc9de9634868ce, 0x005b34929bffcb09, 0x000c1a0121681524},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x0286abc0292fb9f2, 0x02665eee9805b3f7, 0x01ed7455f17f26d6,
-		0x0346355b83175d13, 0x006284944cd0a097, 0x0191895bcdec5e51,
-0x02e288370afda7d9, 0x03b22312bfefa67a, 0x01d104d3fc0613fe},
-{0x0092421a12f7e47f, 0x0077a83fa373c501, 0x03bd25c5f696bd0d,
-	0x035c41e4d5459761, 0x01ca0d1742b24f53, 0x00aaab27863a509c,
-0x018b6de47df73917, 0x025c0b771705cd01, 0x01fd51d566d760a7},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x01dd92ff6b0d1dbd, 0x039c5e2e8f8afa69, 0x0261ed13242c3b27,
-		0x0382c6e67026e6a0, 0x01d60b10be2089f9, 0x03c15f3dce86723f,
-0x03c764a32d2a062d, 0x017307eac0fad056, 0x018207c0b96c5256},
-{0x0196a16d60e13154, 0x03e6ce74c0267030, 0x00ddbf2b4e52a5aa,
-	0x012738241bbf31c8, 0x00ebe8dc04685a28, 0x024c2ad6d380d4a2,
-0x035ee062a6e62d0e, 0x0029ed74af7d3a0f, 0x00eef32aec142ebd},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00c31ec398993b39, 0x03a9f45bcda68253, 0x00ac733c24c70890,
-		0x00872b111401ff01, 0x01d178c23195eafb, 0x03bca2c816b87f74,
-0x0261a9af46fbad7a, 0x0324b2a8dd3d28f9, 0x00918121d8f24e23},
-{0x032bc8c1ca983cd7, 0x00d869dfb08fc8c6, 0x01693cb61fce1516,
-	0x012a5ea68f4e88a8, 0x010869cab88d7ae3, 0x009081ad277ceee1,
-0x033a77166d064cdc, 0x03955235a1fb3a95, 0x01251a4a9b25b65e},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00148a3a1b27f40b, 0x0123186df1b31fdc, 0x00026e7beaad34ce,
-		0x01db446ac1d3dbba, 0x0299c1a33437eaec, 0x024540610183cbb7,
-0x0173bb0e9ce92e46, 0x02b937e43921214b, 0x01ab0436a9bf01b5},
-{0x0383381640d46948, 0x008dacbf0e7f330f, 0x03602122bcc3f318,
-	0x01ee596b200620d6, 0x03bd0585fda430b3, 0x014aed77fd123a83,
-0x005ace749e52f742, 0x0390fe041da2b842, 0x0189a8ceb3299242},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x012a19d6b3282473, 0x00c0915918b423ce, 0x023a954eb94405ae,
-		0x00529f692be26158, 0x0289fa1b6fa4b2aa, 0x0198ae4ceea346ef,
-0x0047d8cdfbdedd49, 0x00cc8c8953f0f6b8, 0x001424abbff49203},
-{0x0256732a1115a03a, 0x0351bc38665c6733, 0x03f7b950fb4a6447,
-	0x000afffa94c22155, 0x025763d0a4dab540, 0x000511e92d4fc283,
-0x030a7e9eda0ee96c, 0x004c3cd93a28bf0a, 0x017edb3a8719217f},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x011de5675a88e673, 0x031d7d0f5e567fbe, 0x0016b2062c970ae5,
-		0x03f4a2be49d90aa7, 0x03cef0bd13822866, 0x03f0923dcf774a6c,
-0x0284bebc4f322f72, 0x016ab2645302bb2c, 0x01793f95dace0e2a},
-{0x010646e13527a28f, 0x01ca1babd59dc5e7, 0x01afedfd9a5595df,
-	0x01f15785212ea6b1, 0x0324e5d64f6ae3f4, 0x02d680f526d00645,
-0x0127920fadf627a7, 0x03b383f75df4f684, 0x0089e0057e783b0a},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00f334b9eb3c26c6, 0x0298fdaa98568dce, 0x01c2d24843a82292,
-		0x020bcb24fa1b0711, 0x02cbdb3d2b1875e6, 0x0014907598f89422,
-0x03abe3aa43b26664, 0x02cbf47f720bc168, 0x0133b5e73014b79b},
-{0x034aab5dab05779d, 0x00cdc5d71fee9abb, 0x0399f16bd4bd9d30,
-	0x03582fa592d82647, 0x02be1cdfb775b0e9, 0x0034f7cea32e94cb,
-0x0335a7f08f56f286, 0x03b707e9565d1c8b, 0x0015c946ea5b614f},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x024676f6cff72255, 0x00d14625cac96378, 0x00532b6008bc3767,
-		0x01fc16721b985322, 0x023355ea1b091668, 0x029de7afdc0317c3,
-0x02fc8a7ca2da037c, 0x02de1217d74a6f30, 0x013f7173175b73bf},
-{0x0344913f441490b5, 0x0200f9e272b61eca, 0x0258a246b1dd55d2,
-	0x03753db9ea496f36, 0x025e02937a09c5ef, 0x030cbd3d14012692,
-0x01793a67e70dc72a, 0x03ec1d37048a662e, 0x006550f700c32a8d},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x00d3f48a347eba27, 0x008e636649b61bd8, 0x00d3b93716778fb3,
-		0x004d1915757bd209, 0x019d5311a3da44e0, 0x016d1afcbbe6aade,
-0x0241bf5f73265616, 0x0384672e5d50d39b, 0x005009fee522b684},
-{0x029b4fab064435fe, 0x018868ee095bbb07, 0x01ea3d6936cc92b8,
-	0x000608b00f78a2f3, 0x02db911073d1c20f, 0x018205938470100a,
-0x01f1e4964cbe6ff2, 0x021a19a29eed4663, 0x01414485f42afa81},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x01612b3a17f63e34, 0x03813992885428e6, 0x022b3c215b5a9608,
-		0x029b4057e19f2fcb, 0x0384059a587af7e6, 0x02d6400ace6fe610,
-0x029354d896e8e331, 0x00c047ee6dfba65e, 0x0037720542e9d49d},
-{0x02ce9eed7c5e9278, 0x0374ed703e79643b, 0x01316c54c4072006,
-	0x005aaa09054b2ee8, 0x002824000c840d57, 0x03d4eba24771ed86,
-0x0189c50aabc3bdae, 0x0338c01541e15510, 0x00466d56e38eed42},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}},
-{{0x007efd8330ad8bd6, 0x02465ed48047710b, 0x0034c6606b215e0c,
-		0x016ae30c53cbf839, 0x01fa17bd37161216, 0x018ead4e61ce8ab9,
-0x005482ed5f5dee46, 0x037543755bba1d7f, 0x005e5ac7e70a9d0f},
-{0x0117e1bb2fdcb2a2, 0x03deea36249f40c4, 0x028d09b4a6246cb7,
-	0x03524b8855bcf756, 0x023d7d109d5ceb58, 0x0178e43e3223ef9c,
-0x0154536a0c6e966a, 0x037964d1286ee9fe, 0x0199bcd90e125055},
-{1, 0, 0, 0, 0, 0, 0, 0, 0}}};
-
-/* select_point selects the |idx|th point from a precomputation table and
- * copies it to out. */
-static void 
-select_point(const limb idx, unsigned int size, const felem pre_comp[ /* size */ ][3],
-    felem out[3])
-{
-	unsigned i, j;
-	limb *outlimbs = &out[0][0];
-	memset(outlimbs, 0, 3 * sizeof(felem));
-
-	for (i = 0; i < size; i++) {
-		const limb *inlimbs = &pre_comp[i][0][0];
-		limb mask = i ^ idx;
-		mask |= mask >> 4;
-		mask |= mask >> 2;
-		mask |= mask >> 1;
-		mask &= 1;
-		mask--;
-		for (j = 0; j < NLIMBS * 3; j++)
-			outlimbs[j] |= inlimbs[j] & mask;
-	}
-}
-
-/* get_bit returns the |i|th bit in |in| */
-static char 
-get_bit(const felem_bytearray in, int i)
-{
-	if (i < 0)
-		return 0;
-	return (in[i >> 3] >> (i & 7)) & 1;
-}
-
-/* Interleaved point multiplication using precomputed point multiples:
- * The small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[],
- * the scalars in scalars[]. If g_scalar is non-NULL, we also add this multiple
- * of the generator, using certain (large) precomputed multiples in g_pre_comp.
- * Output point (X, Y, Z) is stored in x_out, y_out, z_out */
-static void 
-batch_mul(felem x_out, felem y_out, felem z_out,
-    const felem_bytearray scalars[], const unsigned num_points, const u8 * g_scalar,
-    const int mixed, const felem pre_comp[][17][3], const felem g_pre_comp[16][3])
-{
-	int i, skip;
-	unsigned num, gen_mul = (g_scalar != NULL);
-	felem nq[3], tmp[4];
-	limb bits;
-	u8 sign, digit;
-
-	/* set nq to the point at infinity */
-	memset(nq, 0, 3 * sizeof(felem));
-
-	/*
-	 * Loop over all scalars msb-to-lsb, interleaving additions of
-	 * multiples of the generator (last quarter of rounds) and additions
-	 * of other points multiples (every 5th round).
-	 */
-	skip = 1;		/* save two point operations in the first
-				 * round */
-	for (i = (num_points ? 520 : 130); i >= 0; --i) {
-		/* double */
-		if (!skip)
-			point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
-
-		/* add multiples of the generator */
-		if (gen_mul && (i <= 130)) {
-			bits = get_bit(g_scalar, i + 390) << 3;
-			if (i < 130) {
-				bits |= get_bit(g_scalar, i + 260) << 2;
-				bits |= get_bit(g_scalar, i + 130) << 1;
-				bits |= get_bit(g_scalar, i);
-			}
-			/* select the point to add, in constant time */
-			select_point(bits, 16, g_pre_comp, tmp);
-			if (!skip) {
-				point_add(nq[0], nq[1], nq[2],
-				    nq[0], nq[1], nq[2],
-				    1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
-			} else {
-				memcpy(nq, tmp, 3 * sizeof(felem));
-				skip = 0;
-			}
-		}
-		/* do other additions every 5 doublings */
-		if (num_points && (i % 5 == 0)) {
-			/* loop over all scalars */
-			for (num = 0; num < num_points; ++num) {
-				bits = get_bit(scalars[num], i + 4) << 5;
-				bits |= get_bit(scalars[num], i + 3) << 4;
-				bits |= get_bit(scalars[num], i + 2) << 3;
-				bits |= get_bit(scalars[num], i + 1) << 2;
-				bits |= get_bit(scalars[num], i) << 1;
-				bits |= get_bit(scalars[num], i - 1);
-				ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
-
-				/*
-				 * select the point to add or subtract, in
-				 * constant time
-				 */
-				select_point(digit, 17, pre_comp[num], tmp);
-				felem_neg(tmp[3], tmp[1]);	/* (X, -Y, Z) is the
-								 * negative point */
-				copy_conditional(tmp[1], tmp[3], (-(limb) sign));
-
-				if (!skip) {
-					point_add(nq[0], nq[1], nq[2],
-					    nq[0], nq[1], nq[2],
-					    mixed, tmp[0], tmp[1], tmp[2]);
-				} else {
-					memcpy(nq, tmp, 3 * sizeof(felem));
-					skip = 0;
-				}
-			}
-		}
-	}
-	felem_assign(x_out, nq[0]);
-	felem_assign(y_out, nq[1]);
-	felem_assign(z_out, nq[2]);
-}
-
-
-/* Precomputation for the group generator. */
-typedef struct {
-	felem g_pre_comp[16][3];
-	int references;
-} NISTP521_PRE_COMP;
-
-const EC_METHOD *
-EC_GFp_nistp521_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_nistp521_group_init,
-		.group_finish = ec_GFp_simple_group_finish,
-		.group_clear_finish = ec_GFp_simple_group_clear_finish,
-		.group_copy = ec_GFp_nist_group_copy,
-		.group_set_curve = ec_GFp_nistp521_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GFp_nistp521_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.mul = ec_GFp_nistp521_points_mul,
-		.precompute_mult = ec_GFp_nistp521_precompute_mult,
-		.have_precompute_mult = ec_GFp_nistp521_have_precompute_mult,
-		.field_mul = ec_GFp_nist_field_mul,
-		.field_sqr = ec_GFp_nist_field_sqr
-	};
-
-	return &ret;
-}
-
-
-/******************************************************************************/
-/*		       FUNCTIONS TO MANAGE PRECOMPUTATION
- */
-
-static NISTP521_PRE_COMP *
-nistp521_pre_comp_new()
-{
-	NISTP521_PRE_COMP *ret = NULL;
-	ret = malloc(sizeof(NISTP521_PRE_COMP));
-	if (!ret) {
-		ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
-		return ret;
-	}
-	memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
-	ret->references = 1;
-	return ret;
-}
-
-static void *
-nistp521_pre_comp_dup(void *src_)
-{
-	NISTP521_PRE_COMP *src = src_;
-
-	/* no need to actually copy, these objects never change! */
-	CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
-
-	return src_;
-}
-
-static void 
-nistp521_pre_comp_free(void *pre_)
-{
-	int i;
-	NISTP521_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	free(pre);
-}
-
-static void 
-nistp521_pre_comp_clear_free(void *pre_)
-{
-	int i;
-	NISTP521_PRE_COMP *pre = pre_;
-
-	if (!pre)
-		return;
-
-	i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
-	if (i > 0)
-		return;
-
-	explicit_bzero(pre, sizeof(*pre));
-	free(pre);
-}
-
-/******************************************************************************/
-/*			   OPENSSL EC_METHOD FUNCTIONS
- */
-
-int 
-ec_GFp_nistp521_group_init(EC_GROUP * group)
-{
-	int ret;
-	ret = ec_GFp_simple_group_init(group);
-	group->a_is_minus3 = 1;
-	return ret;
-}
-
-int 
-ec_GFp_nistp521_group_set_curve(EC_GROUP * group, const BIGNUM * p,
-    const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *curve_p, *curve_a, *curve_b;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_a = BN_CTX_get(ctx)) == NULL) ||
-	    ((curve_b = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	BN_bin2bn(nistp521_curve_params[0], sizeof(felem_bytearray), curve_p);
-	BN_bin2bn(nistp521_curve_params[1], sizeof(felem_bytearray), curve_a);
-	BN_bin2bn(nistp521_curve_params[2], sizeof(felem_bytearray), curve_b);
-	if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) ||
-	    (BN_cmp(curve_b, b))) {
-		ECerr(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE,
-		    EC_R_WRONG_CURVE_PARAMETERS);
-		goto err;
-	}
-	group->field_mod_func = BN_nist_mod_521;
-	ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-/* Takes the Jacobian coordinates (X, Y, Z) of a point and returns
- * (X', Y') = (X/Z^2, Y/Z^3) */
-int 
-ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP * group,
-    const EC_POINT * point, BIGNUM * x, BIGNUM * y, BN_CTX * ctx)
-{
-	felem z1, z2, x_in, y_in, x_out, y_out;
-	largefelem tmp;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
-		    EC_R_POINT_AT_INFINITY);
-		return 0;
-	}
-	if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
-	    (!BN_to_felem(z1, &point->Z)))
-		return 0;
-	felem_inv(z2, z1);
-	felem_square(tmp, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, x_in, z1);
-	felem_reduce(x_in, tmp);
-	felem_contract(x_out, x_in);
-	if (x != NULL) {
-		if (!felem_to_BN(x, x_out)) {
-			ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	felem_mul(tmp, z1, z2);
-	felem_reduce(z1, tmp);
-	felem_mul(tmp, y_in, z1);
-	felem_reduce(y_in, tmp);
-	felem_contract(y_out, y_in);
-	if (y != NULL) {
-		if (!felem_to_BN(y, y_out)) {
-			ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB);
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static void 
-make_points_affine(size_t num, felem points[ /* num */ ][3], felem tmp_felems[ /* num+1 */ ])
-{
-	/*
-	 * Runs in constant time, unless an input is the point at infinity
-	 * (which normally shouldn't happen).
-	 */
-	ec_GFp_nistp_points_make_affine_internal(
-	    num,
-	    points,
-	    sizeof(felem),
-	    tmp_felems,
-	    (void (*) (void *)) felem_one,
-	    (int (*) (const void *)) felem_is_zero_int,
-	    (void (*) (void *, const void *)) felem_assign,
-	    (void (*) (void *, const void *)) felem_square_reduce,
-	    (void (*) (void *, const void *, const void *)) felem_mul_reduce,
-	    (void (*) (void *, const void *)) felem_inv,
-	    (void (*) (void *, const void *)) felem_contract);
-}
-
-/* Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL values
- * Result is stored in r (r can equal one of the inputs). */
-int 
-ec_GFp_nistp521_points_mul(const EC_GROUP * group, EC_POINT * r,
-    const BIGNUM * scalar, size_t num, const EC_POINT * points[],
-    const BIGNUM * scalars[], BN_CTX * ctx)
-{
-	int ret = 0;
-	int j;
-	int mixed = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y, *z, *tmp_scalar;
-	felem_bytearray g_secret;
-	felem_bytearray *secrets = NULL;
-	felem(*pre_comp)[17][3] = NULL;
-	felem *tmp_felems = NULL;
-	felem_bytearray tmp;
-	unsigned i, num_bytes;
-	int have_pre_comp = 0;
-	size_t num_points = num;
-	felem x_in, y_in, z_in, x_out, y_out, z_out;
-	NISTP521_PRE_COMP *pre = NULL;
-	felem(*g_pre_comp)[3] = NULL;
-	EC_POINT *generator = NULL;
-	const EC_POINT *p = NULL;
-	const BIGNUM *p_scalar = NULL;
-
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL) ||
-	    ((z = BN_CTX_get(ctx)) == NULL) ||
-	    ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
-		goto err;
-
-	if (scalar != NULL) {
-		pre = EC_EX_DATA_get_data(group->extra_data,
-		    nistp521_pre_comp_dup, nistp521_pre_comp_free,
-		    nistp521_pre_comp_clear_free);
-		if (pre)
-			/* we have precomputation, try to use it */
-			g_pre_comp = &pre->g_pre_comp[0];
-		else
-			/* try to use the standard precomputation */
-			g_pre_comp = (felem(*)[3]) gmul;
-		generator = EC_POINT_new(group);
-		if (generator == NULL)
-			goto err;
-		/* get the generator from precomputation */
-		if (!felem_to_BN(x, g_pre_comp[1][0]) ||
-		    !felem_to_BN(y, g_pre_comp[1][1]) ||
-		    !felem_to_BN(z, g_pre_comp[1][2])) {
-			ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
-			generator, x, y, z, ctx))
-			goto err;
-		if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
-			/* precomputation matches generator */
-			have_pre_comp = 1;
-		else
-			/*
-			 * we don't have valid precomputation: treat the
-			 * generator as a random point
-			 */
-			num_points++;
-	}
-	if (num_points > 0) {
-		if (num_points >= 2) {
-			/*
-			 * unless we precompute multiples for just one point,
-			 * converting those into affine form is time well
-			 * spent
-			 */
-			mixed = 1;
-		}
-		secrets = calloc(num_points, sizeof(felem_bytearray));
-		pre_comp = calloc(num_points, 17 * 3 * sizeof(felem));
-		if (mixed) {
-			/* XXX should do more int overflow checking */
-			tmp_felems = reallocarray(NULL,
-			    (num_points * 17 + 1), sizeof(felem));
-		}
-		if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) {
-			ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		/*
-		 * we treat NULL scalars as 0, and NULL points as points at
-		 * infinity, i.e., they contribute nothing to the linear
-		 * combination
-		 */
-		for (i = 0; i < num_points; ++i) {
-			if (i == num)
-				/*
-				 * we didn't have a valid precomputation, so
-				 * we pick the generator
-				 */
-			{
-				p = EC_GROUP_get0_generator(group);
-				p_scalar = scalar;
-			} else
-				/* the i^th point */
-			{
-				p = points[i];
-				p_scalar = scalars[i];
-			}
-			if ((p_scalar != NULL) && (p != NULL)) {
-				/* reduce scalar to 0 <= scalar < 2^521 */
-				if ((BN_num_bits(p_scalar) > 521) || (BN_is_negative(p_scalar))) {
-					/*
-					 * this is an unusual input, and we
-					 * don't guarantee constant-timeness
-					 */
-					if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
-						ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-						goto err;
-					}
-					num_bytes = BN_bn2bin(tmp_scalar, tmp);
-				} else
-					num_bytes = BN_bn2bin(p_scalar, tmp);
-				flip_endian(secrets[i], tmp, num_bytes);
-				/* precompute multiples */
-				if ((!BN_to_felem(x_out, &p->X)) ||
-				    (!BN_to_felem(y_out, &p->Y)) ||
-				    (!BN_to_felem(z_out, &p->Z)))
-					goto err;
-				memcpy(pre_comp[i][1][0], x_out, sizeof(felem));
-				memcpy(pre_comp[i][1][1], y_out, sizeof(felem));
-				memcpy(pre_comp[i][1][2], z_out, sizeof(felem));
-				for (j = 2; j <= 16; ++j) {
-					if (j & 1) {
-						point_add(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][1][0], pre_comp[i][1][1], pre_comp[i][1][2],
-						    0, pre_comp[i][j - 1][0], pre_comp[i][j - 1][1], pre_comp[i][j - 1][2]);
-					} else {
-						point_double(
-						    pre_comp[i][j][0], pre_comp[i][j][1], pre_comp[i][j][2],
-						    pre_comp[i][j / 2][0], pre_comp[i][j / 2][1], pre_comp[i][j / 2][2]);
-					}
-				}
-			}
-		}
-		if (mixed)
-			make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
-	}
-	/* the scalar for the generator */
-	if ((scalar != NULL) && (have_pre_comp)) {
-		memset(g_secret, 0, sizeof(g_secret));
-		/* reduce scalar to 0 <= scalar < 2^521 */
-		if ((BN_num_bits(scalar) > 521) || (BN_is_negative(scalar))) {
-			/*
-			 * this is an unusual input, and we don't guarantee
-			 * constant-timeness
-			 */
-			if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
-				ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-				goto err;
-			}
-			num_bytes = BN_bn2bin(tmp_scalar, tmp);
-		} else
-			num_bytes = BN_bn2bin(scalar, tmp);
-		flip_endian(g_secret, tmp, num_bytes);
-		/* do the multiplication with generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    g_secret,
-		    mixed, (const felem(*)[17][3]) pre_comp,
-		    (const felem(*)[3]) g_pre_comp);
-	} else
-		/* do the multiplication without generator precomputation */
-		batch_mul(x_out, y_out, z_out,
-		    (const felem_bytearray(*)) secrets, num_points,
-		    NULL, mixed, (const felem(*)[17][3]) pre_comp, NULL);
-	/* reduce the output to its unique minimal representation */
-	felem_contract(x_in, x_out);
-	felem_contract(y_in, y_out);
-	felem_contract(z_in, z_out);
-	if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
-	    (!felem_to_BN(z, z_in))) {
-		ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
-		goto err;
-	}
-	ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
-
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	free(secrets);
-	free(pre_comp);
-	free(tmp_felems);
-	return ret;
-}
-
-int 
-ec_GFp_nistp521_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	NISTP521_PRE_COMP *pre = NULL;
-	int i, j;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	EC_POINT *generator = NULL;
-	felem tmp_felems[16];
-
-	/* throw away old precomputation */
-	EC_EX_DATA_free_data(&group->extra_data, nistp521_pre_comp_dup,
-	    nistp521_pre_comp_free, nistp521_pre_comp_clear_free);
-	if (ctx == NULL)
-		if ((ctx = new_ctx = BN_CTX_new()) == NULL)
-			return 0;
-	BN_CTX_start(ctx);
-	if (((x = BN_CTX_get(ctx)) == NULL) ||
-	    ((y = BN_CTX_get(ctx)) == NULL))
-		goto err;
-	/* get the generator */
-	if (group->generator == NULL)
-		goto err;
-	generator = EC_POINT_new(group);
-	if (generator == NULL)
-		goto err;
-	BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x);
-	BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y);
-	if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
-		goto err;
-	if ((pre = nistp521_pre_comp_new()) == NULL)
-		goto err;
-	/* if the generator is the standard one, use built-in precomputation */
-	if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
-		memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
-		ret = 1;
-		goto err;
-	}
-	if ((!BN_to_felem(pre->g_pre_comp[1][0], &group->generator->X)) ||
-	    (!BN_to_felem(pre->g_pre_comp[1][1], &group->generator->Y)) ||
-	    (!BN_to_felem(pre->g_pre_comp[1][2], &group->generator->Z)))
-		goto err;
-	/* compute 2^130*G, 2^260*G, 2^390*G */
-	for (i = 1; i <= 4; i <<= 1) {
-		point_double(pre->g_pre_comp[2 * i][0], pre->g_pre_comp[2 * i][1],
-		    pre->g_pre_comp[2 * i][2], pre->g_pre_comp[i][0],
-		    pre->g_pre_comp[i][1], pre->g_pre_comp[i][2]);
-		for (j = 0; j < 129; ++j) {
-			point_double(pre->g_pre_comp[2 * i][0],
-			    pre->g_pre_comp[2 * i][1],
-			    pre->g_pre_comp[2 * i][2],
-			    pre->g_pre_comp[2 * i][0],
-			    pre->g_pre_comp[2 * i][1],
-			    pre->g_pre_comp[2 * i][2]);
-		}
-	}
-	/* g_pre_comp[0] is the point at infinity */
-	memset(pre->g_pre_comp[0], 0, sizeof(pre->g_pre_comp[0]));
-	/* the remaining multiples */
-	/* 2^130*G + 2^260*G */
-	point_add(pre->g_pre_comp[6][0], pre->g_pre_comp[6][1],
-	    pre->g_pre_comp[6][2], pre->g_pre_comp[4][0],
-	    pre->g_pre_comp[4][1], pre->g_pre_comp[4][2],
-	    0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-	    pre->g_pre_comp[2][2]);
-	/* 2^130*G + 2^390*G */
-	point_add(pre->g_pre_comp[10][0], pre->g_pre_comp[10][1],
-	    pre->g_pre_comp[10][2], pre->g_pre_comp[8][0],
-	    pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
-	    0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-	    pre->g_pre_comp[2][2]);
-	/* 2^260*G + 2^390*G */
-	point_add(pre->g_pre_comp[12][0], pre->g_pre_comp[12][1],
-	    pre->g_pre_comp[12][2], pre->g_pre_comp[8][0],
-	    pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
-	    0, pre->g_pre_comp[4][0], pre->g_pre_comp[4][1],
-	    pre->g_pre_comp[4][2]);
-	/* 2^130*G + 2^260*G + 2^390*G */
-	point_add(pre->g_pre_comp[14][0], pre->g_pre_comp[14][1],
-	    pre->g_pre_comp[14][2], pre->g_pre_comp[12][0],
-	    pre->g_pre_comp[12][1], pre->g_pre_comp[12][2],
-	    0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
-	    pre->g_pre_comp[2][2]);
-	for (i = 1; i < 8; ++i) {
-		/* odd multiples: add G */
-		point_add(pre->g_pre_comp[2 * i + 1][0], pre->g_pre_comp[2 * i + 1][1],
-		    pre->g_pre_comp[2 * i + 1][2], pre->g_pre_comp[2 * i][0],
-		    pre->g_pre_comp[2 * i][1], pre->g_pre_comp[2 * i][2],
-		    0, pre->g_pre_comp[1][0], pre->g_pre_comp[1][1],
-		    pre->g_pre_comp[1][2]);
-	}
-	make_points_affine(15, &(pre->g_pre_comp[1]), tmp_felems);
-
-	if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp521_pre_comp_dup,
-		nistp521_pre_comp_free, nistp521_pre_comp_clear_free))
-		goto err;
-	ret = 1;
-	pre = NULL;
-err:
-	BN_CTX_end(ctx);
-	EC_POINT_free(generator);
-	BN_CTX_free(new_ctx);
-	nistp521_pre_comp_free(pre);
-	return ret;
-}
-
-int 
-ec_GFp_nistp521_have_precompute_mult(const EC_GROUP * group)
-{
-	if (EC_EX_DATA_get_data(group->extra_data, nistp521_pre_comp_dup,
-		nistp521_pre_comp_free, nistp521_pre_comp_clear_free)
-	    != NULL)
-		return 1;
-	else
-		return 0;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/ec/ecp_nistputil.c b/lib/libssl/src/crypto/ec/ecp_nistputil.c
deleted file mode 100644
index ca55b49ba29..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_nistputil.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/* $OpenBSD: ecp_nistputil.c,v 1.6 2014/07/10 22:45:57 jsing Exp $ */
-/*
- * Written by Bodo Moeller for the OpenSSL project.
- */
-/*
- * Copyright (c) 2011 Google Inc.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <stddef.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-
-/*
- * Common utility functions for ecp_nistp224.c, ecp_nistp256.c, ecp_nistp521.c.
- */
-
-#include "ec_lcl.h"
-
-/* Convert an array of points into affine coordinates.
- * (If the point at infinity is found (Z = 0), it remains unchanged.)
- * This function is essentially an equivalent to EC_POINTs_make_affine(), but
- * works with the internal representation of points as used by ecp_nistp###.c
- * rather than with (BIGNUM-based) EC_POINT data structures.
- *
- * point_array is the input/output buffer ('num' points in projective form,
- * i.e. three coordinates each), based on an internal representation of
- * field elements of size 'felem_size'.
- *
- * tmp_felems needs to point to a temporary array of 'num'+1 field elements
- * for storage of intermediate values.
- */
-void 
-ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
-    size_t felem_size, void *tmp_felems,
-    void (*felem_one) (void *out),
-    int (*felem_is_zero) (const void *in),
-    void (*felem_assign) (void *out, const void *in),
-    void (*felem_square) (void *out, const void *in),
-    void (*felem_mul) (void *out, const void *in1, const void *in2),
-    void (*felem_inv) (void *out, const void *in),
-    void (*felem_contract) (void *out, const void *in))
-{
-	int i = 0;
-
-#define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
-#define X(I) (&((char *)point_array)[3*(I) * felem_size])
-#define Y(I) (&((char *)point_array)[(3*(I) + 1) * felem_size])
-#define Z(I) (&((char *)point_array)[(3*(I) + 2) * felem_size])
-
-	if (!felem_is_zero(Z(0)))
-		felem_assign(tmp_felem(0), Z(0));
-	else
-		felem_one(tmp_felem(0));
-	for (i = 1; i < (int) num; i++) {
-		if (!felem_is_zero(Z(i)))
-			felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
-		else
-			felem_assign(tmp_felem(i), tmp_felem(i - 1));
-	}
-	/*
-	 * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
-	 * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i)
-	 * = 1
-	 */
-
-	felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
-	for (i = num - 1; i >= 0; i--) {
-		if (i > 0)
-			/*
-			 * tmp_felem(i-1) is the product of Z(0) .. Z(i-1),
-			 * tmp_felem(i) is the inverse of the product of Z(0)
-			 * .. Z(i)
-			 */
-			felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i));	/* 1/Z(i) */
-		else
-			felem_assign(tmp_felem(num), tmp_felem(0));	/* 1/Z(0) */
-
-		if (!felem_is_zero(Z(i))) {
-			if (i > 0)
-				/*
-				 * For next iteration, replace tmp_felem(i-1)
-				 * by its inverse
-				 */
-				felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
-
-			/*
-			 * Convert point (X, Y, Z) into affine form (X/(Z^2),
-			 * Y/(Z^3), 1)
-			 */
-			felem_square(Z(i), tmp_felem(num));	/* 1/(Z^2) */
-			felem_mul(X(i), X(i), Z(i));	/* X/(Z^2) */
-			felem_mul(Z(i), Z(i), tmp_felem(num));	/* 1/(Z^3) */
-			felem_mul(Y(i), Y(i), Z(i));	/* Y/(Z^3) */
-			felem_contract(X(i), X(i));
-			felem_contract(Y(i), Y(i));
-			felem_one(Z(i));
-		} else {
-			if (i > 0)
-				/*
-				 * For next iteration, replace tmp_felem(i-1)
-				 * by its inverse
-				 */
-				felem_assign(tmp_felem(i - 1), tmp_felem(i));
-		}
-	}
-}
-
-/*
- * This function looks at 5+1 scalar bits (5 current, 1 adjacent less
- * significant bit), and recodes them into a signed digit for use in fast point
- * multiplication: the use of signed rather than unsigned digits means that
- * fewer points need to be precomputed, given that point inversion is easy
- * (a precomputed point dP makes -dP available as well).
- *
- * BACKGROUND:
- *
- * Signed digits for multiplication were introduced by Booth ("A signed binary
- * multiplication technique", Quart. Journ. Mech. and Applied Math., vol. IV,
- * pt. 2 (1951), pp. 236-240), in that case for multiplication of integers.
- * Booth's original encoding did not generally improve the density of nonzero
- * digits over the binary representation, and was merely meant to simplify the
- * handling of signed factors given in two's complement; but it has since been
- * shown to be the basis of various signed-digit representations that do have
- * further advantages, including the wNAF, using the following general approach:
- *
- * (1) Given a binary representation
- *
- *       b_k  ...  b_2  b_1  b_0,
- *
- *     of a nonnegative integer (b_k in {0, 1}), rewrite it in digits 0, 1, -1
- *     by using bit-wise subtraction as follows:
- *
- *        b_k b_(k-1)  ...  b_2  b_1  b_0
- *      -     b_k      ...  b_3  b_2  b_1  b_0
- *       -------------------------------------
- *        s_k b_(k-1)  ...  s_3  s_2  s_1  s_0
- *
- *     A left-shift followed by subtraction of the original value yields a new
- *     representation of the same value, using signed bits s_i = b_(i+1) - b_i.
- *     This representation from Booth's paper has since appeared in the
- *     literature under a variety of different names including "reversed binary
- *     form", "alternating greedy expansion", "mutual opposite form", and
- *     "sign-alternating {+-1}-representation".
- *
- *     An interesting property is that among the nonzero bits, values 1 and -1
- *     strictly alternate.
- *
- * (2) Various window schemes can be applied to the Booth representation of
- *     integers: for example, right-to-left sliding windows yield the wNAF
- *     (a signed-digit encoding independently discovered by various researchers
- *     in the 1990s), and left-to-right sliding windows yield a left-to-right
- *     equivalent of the wNAF (independently discovered by various researchers
- *     around 2004).
- *
- * To prevent leaking information through side channels in point multiplication,
- * we need to recode the given integer into a regular pattern: sliding windows
- * as in wNAFs won't do, we need their fixed-window equivalent -- which is a few
- * decades older: we'll be using the so-called "modified Booth encoding" due to
- * MacSorley ("High-speed arithmetic in binary computers", Proc. IRE, vol. 49
- * (1961), pp. 67-91), in a radix-2^5 setting.  That is, we always combine five
- * signed bits into a signed digit:
- *
- *       s_(4j + 4) s_(4j + 3) s_(4j + 2) s_(4j + 1) s_(4j)
- *
- * The sign-alternating property implies that the resulting digit values are
- * integers from -16 to 16.
- *
- * Of course, we don't actually need to compute the signed digits s_i as an
- * intermediate step (that's just a nice way to see how this scheme relates
- * to the wNAF): a direct computation obtains the recoded digit from the
- * six bits b_(4j + 4) ... b_(4j - 1).
- *
- * This function takes those five bits as an integer (0 .. 63), writing the
- * recoded digit to *sign (0 for positive, 1 for negative) and *digit (absolute
- * value, in the range 0 .. 8).  Note that this integer essentially provides the
- * input bits "shifted to the left" by one position: for example, the input to
- * compute the least significant recoded digit, given that there's no bit b_-1,
- * has to be b_4 b_3 b_2 b_1 b_0 0.
- *
- */
-void 
-ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, unsigned char *digit, unsigned char in)
-{
-	unsigned char s, d;
-
-	s = ~((in >> 5) - 1);	/* sets all bits to MSB(in), 'in' seen as
-				 * 6-bit value */
-	d = (1 << 6) - in - 1;
-	d = (d & s) | (in & ~s);
-	d = (d >> 1) + (d & 1);
-
-	*sign = s & 1;
-	*digit = d;
-}
-#endif
diff --git a/lib/libssl/src/crypto/ec/ecp_oct.c b/lib/libssl/src/crypto/ec/ecp_oct.c
deleted file mode 100644
index 994f0b08b1b..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_oct.c
+++ /dev/null
@@ -1,395 +0,0 @@
-/* $OpenBSD: ecp_oct.c,v 1.7 2015/02/09 15:49:22 jsing Exp $ */
-/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project.
- * Includes code written by Bodo Moeller for the OpenSSL project.
-*/
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-int 
-ec_GFp_simple_set_compressed_coordinates(const EC_GROUP * group,
-    EC_POINT * point, const BIGNUM * x_, int y_bit, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp1, *tmp2, *x, *y;
-	int ret = 0;
-
-	/* clear error queue */
-	ERR_clear_error();
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	y_bit = (y_bit != 0);
-
-	BN_CTX_start(ctx);
-	if ((tmp1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * Recover y.  We have a Weierstrass equation y^2 = x^3 + a*x + b, so
-	 * y  is one of the square roots of  x^3 + a*x + b.
-	 */
-
-	/* tmp1 := x^3 */
-	if (!BN_nnmod(x, x_, &group->field, ctx))
-		goto err;
-	if (group->meth->field_decode == 0) {
-		/* field_{sqr,mul} work on standard representation */
-		if (!group->meth->field_sqr(group, tmp2, x_, ctx))
-			goto err;
-		if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx))
-			goto err;
-	} else {
-		if (!BN_mod_sqr(tmp2, x_, &group->field, ctx))
-			goto err;
-		if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx))
-			goto err;
-	}
-
-	/* tmp1 := tmp1 + a*x */
-	if (group->a_is_minus3) {
-		if (!BN_mod_lshift1_quick(tmp2, x, &group->field))
-			goto err;
-		if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field))
-			goto err;
-		if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field))
-			goto err;
-	} else {
-		if (group->meth->field_decode) {
-			if (!group->meth->field_decode(group, tmp2, &group->a, ctx))
-				goto err;
-			if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx))
-				goto err;
-		} else {
-			/* field_mul works on standard representation */
-			if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx))
-				goto err;
-		}
-
-		if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
-			goto err;
-	}
-
-	/* tmp1 := tmp1 + b */
-	if (group->meth->field_decode) {
-		if (!group->meth->field_decode(group, tmp2, &group->b, ctx))
-			goto err;
-		if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
-			goto err;
-	} else {
-		if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field))
-			goto err;
-	}
-
-	if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
-		unsigned long err = ERR_peek_last_error();
-
-		if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
-			ERR_clear_error();
-			ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
-		} else
-			ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_BN_LIB);
-		goto err;
-	}
-	if (y_bit != BN_is_odd(y)) {
-		if (BN_is_zero(y)) {
-			int kron;
-
-			kron = BN_kronecker(x, &group->field, ctx);
-			if (kron == -2)
-				goto err;
-
-			if (kron == 1)
-				ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSION_BIT);
-			else
-				/*
-				 * BN_mod_sqrt() should have cought this
-				 * error (not a square)
-				 */
-				ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, EC_R_INVALID_COMPRESSED_POINT);
-			goto err;
-		}
-		if (!BN_usub(y, &group->field, y))
-			goto err;
-	}
-	if (y_bit != BN_is_odd(y)) {
-		ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-		goto err;
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-size_t 
-ec_GFp_simple_point2oct(const EC_GROUP * group, const EC_POINT * point, point_conversion_form_t form,
-    unsigned char *buf, size_t len, BN_CTX * ctx)
-{
-	size_t ret;
-	BN_CTX *new_ctx = NULL;
-	int used_ctx = 0;
-	BIGNUM *x, *y;
-	size_t field_len, i, skip;
-
-	if ((form != POINT_CONVERSION_COMPRESSED)
-	    && (form != POINT_CONVERSION_UNCOMPRESSED)
-	    && (form != POINT_CONVERSION_HYBRID)) {
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
-		goto err;
-	}
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		/* encodes to a single 0 octet */
-		if (buf != NULL) {
-			if (len < 1) {
-				ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-				return 0;
-			}
-			buf[0] = 0;
-		}
-		return 1;
-	}
-	/* ret := required output buffer length */
-	field_len = BN_num_bytes(&group->field);
-	ret = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-	/* if 'buf' is NULL, just return required length */
-	if (buf != NULL) {
-		if (len < ret) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
-			goto err;
-		}
-		if (ctx == NULL) {
-			ctx = new_ctx = BN_CTX_new();
-			if (ctx == NULL)
-				return 0;
-		}
-		BN_CTX_start(ctx);
-		used_ctx = 1;
-		if ((x = BN_CTX_get(ctx)) == NULL)
-			goto err;
-		if ((y = BN_CTX_get(ctx)) == NULL)
-			goto err;
-
-		if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
-			goto err;
-
-		if ((form == POINT_CONVERSION_COMPRESSED || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
-			buf[0] = form + 1;
-		else
-			buf[0] = form;
-
-		i = 1;
-
-		skip = field_len - BN_num_bytes(x);
-		if (skip > field_len) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		while (skip > 0) {
-			buf[i++] = 0;
-			skip--;
-		}
-		skip = BN_bn2bin(x, buf + i);
-		i += skip;
-		if (i != 1 + field_len) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		if (form == POINT_CONVERSION_UNCOMPRESSED || form == POINT_CONVERSION_HYBRID) {
-			skip = field_len - BN_num_bytes(y);
-			if (skip > field_len) {
-				ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			while (skip > 0) {
-				buf[i++] = 0;
-				skip--;
-			}
-			skip = BN_bn2bin(y, buf + i);
-			i += skip;
-		}
-		if (i != ret) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-	}
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-
-err:
-	if (used_ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return 0;
-}
-
-
-int 
-ec_GFp_simple_oct2point(const EC_GROUP * group, EC_POINT * point,
-    const unsigned char *buf, size_t len, BN_CTX * ctx)
-{
-	point_conversion_form_t form;
-	int y_bit;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	size_t field_len, enc_len;
-	int ret = 0;
-
-	if (len == 0) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-	form = buf[0];
-	y_bit = form & 1;
-	form = form & ~1U;
-	if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
-	    && (form != POINT_CONVERSION_UNCOMPRESSED)
-	    && (form != POINT_CONVERSION_HYBRID)) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if (form == 0) {
-		if (len != 1) {
-			ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			return 0;
-		}
-		return EC_POINT_set_to_infinity(group, point);
-	}
-	field_len = BN_num_bytes(&group->field);
-	enc_len = (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
-
-	if (len != enc_len) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		return 0;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_bin2bn(buf + 1, field_len, x))
-		goto err;
-	if (BN_ucmp(x, &group->field) >= 0) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-		goto err;
-	}
-	if (form == POINT_CONVERSION_COMPRESSED) {
-		if (!EC_POINT_set_compressed_coordinates_GFp(group, point, x, y_bit, ctx))
-			goto err;
-	} else {
-		if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
-			goto err;
-		if (BN_ucmp(y, &group->field) >= 0) {
-			ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-			goto err;
-		}
-		if (form == POINT_CONVERSION_HYBRID) {
-			if (y_bit != BN_is_odd(y)) {
-				ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
-				goto err;
-			}
-		}
-		if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-			goto err;
-	}
-
-	/* test required by X9.62 */
-	if (EC_POINT_is_on_curve(group, point, ctx) <= 0) {
-		ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ec/ecp_smpl.c b/lib/libssl/src/crypto/ec/ecp_smpl.c
deleted file mode 100644
index f6db4dc9b19..00000000000
--- a/lib/libssl/src/crypto/ec/ecp_smpl.c
+++ /dev/null
@@ -1,1410 +0,0 @@
-/* $OpenBSD: ecp_smpl.c,v 1.15 2015/02/09 15:49:22 jsing Exp $ */
-/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
- * for the OpenSSL project.
- * Includes code written by Bodo Moeller for the OpenSSL project.
-*/
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * Portions of this software developed by SUN MICROSYSTEMS, INC.,
- * and contributed to the OpenSSL project.
- */
-
-#include <openssl/err.h>
-
-#include "ec_lcl.h"
-
-const EC_METHOD *
-EC_GFp_simple_method(void)
-{
-	static const EC_METHOD ret = {
-		.flags = EC_FLAGS_DEFAULT_OCT,
-		.field_type = NID_X9_62_prime_field,
-		.group_init = ec_GFp_simple_group_init,
-		.group_finish = ec_GFp_simple_group_finish,
-		.group_clear_finish = ec_GFp_simple_group_clear_finish,
-		.group_copy = ec_GFp_simple_group_copy,
-		.group_set_curve = ec_GFp_simple_group_set_curve,
-		.group_get_curve = ec_GFp_simple_group_get_curve,
-		.group_get_degree = ec_GFp_simple_group_get_degree,
-		.group_check_discriminant =
-		ec_GFp_simple_group_check_discriminant,
-		.point_init = ec_GFp_simple_point_init,
-		.point_finish = ec_GFp_simple_point_finish,
-		.point_clear_finish = ec_GFp_simple_point_clear_finish,
-		.point_copy = ec_GFp_simple_point_copy,
-		.point_set_to_infinity = ec_GFp_simple_point_set_to_infinity,
-		.point_set_Jprojective_coordinates_GFp =
-		ec_GFp_simple_set_Jprojective_coordinates_GFp,
-		.point_get_Jprojective_coordinates_GFp =
-		ec_GFp_simple_get_Jprojective_coordinates_GFp,
-		.point_set_affine_coordinates =
-		ec_GFp_simple_point_set_affine_coordinates,
-		.point_get_affine_coordinates =
-		ec_GFp_simple_point_get_affine_coordinates,
-		.add = ec_GFp_simple_add,
-		.dbl = ec_GFp_simple_dbl,
-		.invert = ec_GFp_simple_invert,
-		.is_at_infinity = ec_GFp_simple_is_at_infinity,
-		.is_on_curve = ec_GFp_simple_is_on_curve,
-		.point_cmp = ec_GFp_simple_cmp,
-		.make_affine = ec_GFp_simple_make_affine,
-		.points_make_affine = ec_GFp_simple_points_make_affine,
-		.field_mul = ec_GFp_simple_field_mul,
-		.field_sqr = ec_GFp_simple_field_sqr
-	};
-
-	return &ret;
-}
-
-
-/* Most method functions in this file are designed to work with
- * non-trivial representations of field elements if necessary
- * (see ecp_mont.c): while standard modular addition and subtraction
- * are used, the field_mul and field_sqr methods will be used for
- * multiplication, and field_encode and field_decode (if defined)
- * will be used for converting between representations.
-
- * Functions ec_GFp_simple_points_make_affine() and
- * ec_GFp_simple_point_get_affine_coordinates() specifically assume
- * that if a non-trivial representation is used, it is a Montgomery
- * representation (i.e. 'encoding' means multiplying by some factor R).
- */
-
-
-int 
-ec_GFp_simple_group_init(EC_GROUP * group)
-{
-	BN_init(&group->field);
-	BN_init(&group->a);
-	BN_init(&group->b);
-	group->a_is_minus3 = 0;
-	return 1;
-}
-
-
-void 
-ec_GFp_simple_group_finish(EC_GROUP * group)
-{
-	BN_free(&group->field);
-	BN_free(&group->a);
-	BN_free(&group->b);
-}
-
-
-void 
-ec_GFp_simple_group_clear_finish(EC_GROUP * group)
-{
-	BN_clear_free(&group->field);
-	BN_clear_free(&group->a);
-	BN_clear_free(&group->b);
-}
-
-
-int 
-ec_GFp_simple_group_copy(EC_GROUP * dest, const EC_GROUP * src)
-{
-	if (!BN_copy(&dest->field, &src->field))
-		return 0;
-	if (!BN_copy(&dest->a, &src->a))
-		return 0;
-	if (!BN_copy(&dest->b, &src->b))
-		return 0;
-
-	dest->a_is_minus3 = src->a_is_minus3;
-
-	return 1;
-}
-
-
-int 
-ec_GFp_simple_group_set_curve(EC_GROUP * group,
-    const BIGNUM * p, const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp_a;
-
-	/* p must be a prime > 3 */
-	if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) {
-		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD);
-		return 0;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((tmp_a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* group->field */
-	if (!BN_copy(&group->field, p))
-		goto err;
-	BN_set_negative(&group->field, 0);
-
-	/* group->a */
-	if (!BN_nnmod(tmp_a, a, p, ctx))
-		goto err;
-	if (group->meth->field_encode) {
-		if (!group->meth->field_encode(group, &group->a, tmp_a, ctx))
-			goto err;
-	} else if (!BN_copy(&group->a, tmp_a))
-		goto err;
-
-	/* group->b */
-	if (!BN_nnmod(&group->b, b, p, ctx))
-		goto err;
-	if (group->meth->field_encode)
-		if (!group->meth->field_encode(group, &group->b, &group->b, ctx))
-			goto err;
-
-	/* group->a_is_minus3 */
-	if (!BN_add_word(tmp_a, 3))
-		goto err;
-	group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_group_get_curve(const EC_GROUP * group, BIGNUM * p, BIGNUM * a, BIGNUM * b, BN_CTX * ctx)
-{
-	int ret = 0;
-	BN_CTX *new_ctx = NULL;
-
-	if (p != NULL) {
-		if (!BN_copy(p, &group->field))
-			return 0;
-	}
-	if (a != NULL || b != NULL) {
-		if (group->meth->field_decode) {
-			if (ctx == NULL) {
-				ctx = new_ctx = BN_CTX_new();
-				if (ctx == NULL)
-					return 0;
-			}
-			if (a != NULL) {
-				if (!group->meth->field_decode(group, a, &group->a, ctx))
-					goto err;
-			}
-			if (b != NULL) {
-				if (!group->meth->field_decode(group, b, &group->b, ctx))
-					goto err;
-			}
-		} else {
-			if (a != NULL) {
-				if (!BN_copy(a, &group->a))
-					goto err;
-			}
-			if (b != NULL) {
-				if (!BN_copy(b, &group->b))
-					goto err;
-			}
-		}
-	}
-	ret = 1;
-
-err:
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_group_get_degree(const EC_GROUP * group)
-{
-	return BN_num_bits(&group->field);
-}
-
-
-int 
-ec_GFp_simple_group_check_discriminant(const EC_GROUP * group, BN_CTX * ctx)
-{
-	int ret = 0;
-	BIGNUM *a, *b, *order, *tmp_1, *tmp_2;
-	const BIGNUM *p = &group->field;
-	BN_CTX *new_ctx = NULL;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL) {
-			ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	BN_CTX_start(ctx);
-	if ((a = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((b = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp_1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp_2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (group->meth->field_decode) {
-		if (!group->meth->field_decode(group, a, &group->a, ctx))
-			goto err;
-		if (!group->meth->field_decode(group, b, &group->b, ctx))
-			goto err;
-	} else {
-		if (!BN_copy(a, &group->a))
-			goto err;
-		if (!BN_copy(b, &group->b))
-			goto err;
-	}
-
-	/*
-	 * check the discriminant: y^2 = x^3 + a*x + b is an elliptic curve
-	 * <=> 4*a^3 + 27*b^2 != 0 (mod p) 0 =< a, b < p
-	 */
-	if (BN_is_zero(a)) {
-		if (BN_is_zero(b))
-			goto err;
-	} else if (!BN_is_zero(b)) {
-		if (!BN_mod_sqr(tmp_1, a, p, ctx))
-			goto err;
-		if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx))
-			goto err;
-		if (!BN_lshift(tmp_1, tmp_2, 2))
-			goto err;
-		/* tmp_1 = 4*a^3 */
-
-		if (!BN_mod_sqr(tmp_2, b, p, ctx))
-			goto err;
-		if (!BN_mul_word(tmp_2, 27))
-			goto err;
-		/* tmp_2 = 27*b^2 */
-
-		if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx))
-			goto err;
-		if (BN_is_zero(a))
-			goto err;
-	}
-	ret = 1;
-
-err:
-	if (ctx != NULL)
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_point_init(EC_POINT * point)
-{
-	BN_init(&point->X);
-	BN_init(&point->Y);
-	BN_init(&point->Z);
-	point->Z_is_one = 0;
-
-	return 1;
-}
-
-
-void 
-ec_GFp_simple_point_finish(EC_POINT * point)
-{
-	BN_free(&point->X);
-	BN_free(&point->Y);
-	BN_free(&point->Z);
-}
-
-
-void 
-ec_GFp_simple_point_clear_finish(EC_POINT * point)
-{
-	BN_clear_free(&point->X);
-	BN_clear_free(&point->Y);
-	BN_clear_free(&point->Z);
-	point->Z_is_one = 0;
-}
-
-
-int 
-ec_GFp_simple_point_copy(EC_POINT * dest, const EC_POINT * src)
-{
-	if (!BN_copy(&dest->X, &src->X))
-		return 0;
-	if (!BN_copy(&dest->Y, &src->Y))
-		return 0;
-	if (!BN_copy(&dest->Z, &src->Z))
-		return 0;
-	dest->Z_is_one = src->Z_is_one;
-
-	return 1;
-}
-
-
-int 
-ec_GFp_simple_point_set_to_infinity(const EC_GROUP * group, EC_POINT * point)
-{
-	point->Z_is_one = 0;
-	BN_zero(&point->Z);
-	return 1;
-}
-
-
-int 
-ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP * group, EC_POINT * point,
-    const BIGNUM * x, const BIGNUM * y, const BIGNUM * z, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	int ret = 0;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	if (x != NULL) {
-		if (!BN_nnmod(&point->X, x, &group->field, ctx))
-			goto err;
-		if (group->meth->field_encode) {
-			if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
-				goto err;
-		}
-	}
-	if (y != NULL) {
-		if (!BN_nnmod(&point->Y, y, &group->field, ctx))
-			goto err;
-		if (group->meth->field_encode) {
-			if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
-				goto err;
-		}
-	}
-	if (z != NULL) {
-		int Z_is_one;
-
-		if (!BN_nnmod(&point->Z, z, &group->field, ctx))
-			goto err;
-		Z_is_one = BN_is_one(&point->Z);
-		if (group->meth->field_encode) {
-			if (Z_is_one && (group->meth->field_set_to_one != 0)) {
-				if (!group->meth->field_set_to_one(group, &point->Z, ctx))
-					goto err;
-			} else {
-				if (!group->meth->field_encode(group, &point->Z, &point->Z, ctx))
-					goto err;
-			}
-		}
-		point->Z_is_one = Z_is_one;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP * group, const EC_POINT * point,
-    BIGNUM * x, BIGNUM * y, BIGNUM * z, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	int ret = 0;
-
-	if (group->meth->field_decode != 0) {
-		if (ctx == NULL) {
-			ctx = new_ctx = BN_CTX_new();
-			if (ctx == NULL)
-				return 0;
-		}
-		if (x != NULL) {
-			if (!group->meth->field_decode(group, x, &point->X, ctx))
-				goto err;
-		}
-		if (y != NULL) {
-			if (!group->meth->field_decode(group, y, &point->Y, ctx))
-				goto err;
-		}
-		if (z != NULL) {
-			if (!group->meth->field_decode(group, z, &point->Z, ctx))
-				goto err;
-		}
-	} else {
-		if (x != NULL) {
-			if (!BN_copy(x, &point->X))
-				goto err;
-		}
-		if (y != NULL) {
-			if (!BN_copy(y, &point->Y))
-				goto err;
-		}
-		if (z != NULL) {
-			if (!BN_copy(z, &point->Z))
-				goto err;
-		}
-	}
-
-	ret = 1;
-
-err:
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP * group, EC_POINT * point,
-    const BIGNUM * x, const BIGNUM * y, BN_CTX * ctx)
-{
-	if (x == NULL || y == NULL) {
-		/* unlike for projective coordinates, we do not tolerate this */
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y, BN_value_one(), ctx);
-}
-
-
-int 
-ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP * group, const EC_POINT * point,
-    BIGNUM * x, BIGNUM * y, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *Z, *Z_1, *Z_2, *Z_3;
-	const BIGNUM *Z_;
-	int ret = 0;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0) {
-		ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, EC_R_POINT_AT_INFINITY);
-		return 0;
-	}
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((Z = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Z_1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Z_2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Z_3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/* transform  (X, Y, Z)  into  (x, y) := (X/Z^2, Y/Z^3) */
-
-	if (group->meth->field_decode) {
-		if (!group->meth->field_decode(group, Z, &point->Z, ctx))
-			goto err;
-		Z_ = Z;
-	} else {
-		Z_ = &point->Z;
-	}
-
-	if (BN_is_one(Z_)) {
-		if (group->meth->field_decode) {
-			if (x != NULL) {
-				if (!group->meth->field_decode(group, x, &point->X, ctx))
-					goto err;
-			}
-			if (y != NULL) {
-				if (!group->meth->field_decode(group, y, &point->Y, ctx))
-					goto err;
-			}
-		} else {
-			if (x != NULL) {
-				if (!BN_copy(x, &point->X))
-					goto err;
-			}
-			if (y != NULL) {
-				if (!BN_copy(y, &point->Y))
-					goto err;
-			}
-		}
-	} else {
-		if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (group->meth->field_encode == 0) {
-			/* field_sqr works on standard representation */
-			if (!group->meth->field_sqr(group, Z_2, Z_1, ctx))
-				goto err;
-		} else {
-			if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx))
-				goto err;
-		}
-
-		if (x != NULL) {
-			/*
-			 * in the Montgomery case, field_mul will cancel out
-			 * Montgomery factor in X:
-			 */
-			if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx))
-				goto err;
-		}
-		if (y != NULL) {
-			if (group->meth->field_encode == 0) {
-				/* field_mul works on standard representation */
-				if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx))
-					goto err;
-			} else {
-				if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx))
-					goto err;
-			}
-
-			/*
-			 * in the Montgomery case, field_mul will cancel out
-			 * Montgomery factor in Y:
-			 */
-			if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx))
-				goto err;
-		}
-	}
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-int 
-ec_GFp_simple_add(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx)
-{
-	int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6;
-	int ret = 0;
-
-	if (a == b)
-		return EC_POINT_dbl(group, r, a, ctx);
-	if (EC_POINT_is_at_infinity(group, a) > 0)
-		return EC_POINT_copy(r, b);
-	if (EC_POINT_is_at_infinity(group, b) > 0)
-		return EC_POINT_copy(r, a);
-
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((n0 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n1 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n2 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n3 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n4 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n5 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((n6 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-
-	/*
-	 * Note that in this function we must not read components of 'a' or
-	 * 'b' once we have written the corresponding components of 'r'. ('r'
-	 * might be one of 'a' or 'b'.)
-	 */
-
-	/* n1, n2 */
-	if (b->Z_is_one) {
-		if (!BN_copy(n1, &a->X))
-			goto end;
-		if (!BN_copy(n2, &a->Y))
-			goto end;
-		/* n1 = X_a */
-		/* n2 = Y_a */
-	} else {
-		if (!field_sqr(group, n0, &b->Z, ctx))
-			goto end;
-		if (!field_mul(group, n1, &a->X, n0, ctx))
-			goto end;
-		/* n1 = X_a * Z_b^2 */
-
-		if (!field_mul(group, n0, n0, &b->Z, ctx))
-			goto end;
-		if (!field_mul(group, n2, &a->Y, n0, ctx))
-			goto end;
-		/* n2 = Y_a * Z_b^3 */
-	}
-
-	/* n3, n4 */
-	if (a->Z_is_one) {
-		if (!BN_copy(n3, &b->X))
-			goto end;
-		if (!BN_copy(n4, &b->Y))
-			goto end;
-		/* n3 = X_b */
-		/* n4 = Y_b */
-	} else {
-		if (!field_sqr(group, n0, &a->Z, ctx))
-			goto end;
-		if (!field_mul(group, n3, &b->X, n0, ctx))
-			goto end;
-		/* n3 = X_b * Z_a^2 */
-
-		if (!field_mul(group, n0, n0, &a->Z, ctx))
-			goto end;
-		if (!field_mul(group, n4, &b->Y, n0, ctx))
-			goto end;
-		/* n4 = Y_b * Z_a^3 */
-	}
-
-	/* n5, n6 */
-	if (!BN_mod_sub_quick(n5, n1, n3, p))
-		goto end;
-	if (!BN_mod_sub_quick(n6, n2, n4, p))
-		goto end;
-	/* n5 = n1 - n3 */
-	/* n6 = n2 - n4 */
-
-	if (BN_is_zero(n5)) {
-		if (BN_is_zero(n6)) {
-			/* a is the same point as b */
-			BN_CTX_end(ctx);
-			ret = EC_POINT_dbl(group, r, a, ctx);
-			ctx = NULL;
-			goto end;
-		} else {
-			/* a is the inverse of b */
-			BN_zero(&r->Z);
-			r->Z_is_one = 0;
-			ret = 1;
-			goto end;
-		}
-	}
-	/* 'n7', 'n8' */
-	if (!BN_mod_add_quick(n1, n1, n3, p))
-		goto end;
-	if (!BN_mod_add_quick(n2, n2, n4, p))
-		goto end;
-	/* 'n7' = n1 + n3 */
-	/* 'n8' = n2 + n4 */
-
-	/* Z_r */
-	if (a->Z_is_one && b->Z_is_one) {
-		if (!BN_copy(&r->Z, n5))
-			goto end;
-	} else {
-		if (a->Z_is_one) {
-			if (!BN_copy(n0, &b->Z))
-				goto end;
-		} else if (b->Z_is_one) {
-			if (!BN_copy(n0, &a->Z))
-				goto end;
-		} else {
-			if (!field_mul(group, n0, &a->Z, &b->Z, ctx))
-				goto end;
-		}
-		if (!field_mul(group, &r->Z, n0, n5, ctx))
-			goto end;
-	}
-	r->Z_is_one = 0;
-	/* Z_r = Z_a * Z_b * n5 */
-
-	/* X_r */
-	if (!field_sqr(group, n0, n6, ctx))
-		goto end;
-	if (!field_sqr(group, n4, n5, ctx))
-		goto end;
-	if (!field_mul(group, n3, n1, n4, ctx))
-		goto end;
-	if (!BN_mod_sub_quick(&r->X, n0, n3, p))
-		goto end;
-	/* X_r = n6^2 - n5^2 * 'n7' */
-
-	/* 'n9' */
-	if (!BN_mod_lshift1_quick(n0, &r->X, p))
-		goto end;
-	if (!BN_mod_sub_quick(n0, n3, n0, p))
-		goto end;
-	/* n9 = n5^2 * 'n7' - 2 * X_r */
-
-	/* Y_r */
-	if (!field_mul(group, n0, n0, n6, ctx))
-		goto end;
-	if (!field_mul(group, n5, n4, n5, ctx))
-		goto end;	/* now n5 is n5^3 */
-	if (!field_mul(group, n1, n2, n5, ctx))
-		goto end;
-	if (!BN_mod_sub_quick(n0, n0, n1, p))
-		goto end;
-	if (BN_is_odd(n0))
-		if (!BN_add(n0, n0, p))
-			goto end;
-	/* now  0 <= n0 < 2*p,  and n0 is even */
-	if (!BN_rshift1(&r->Y, n0))
-		goto end;
-	/* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */
-
-	ret = 1;
-
-end:
-	if (ctx)		/* otherwise we already called BN_CTX_end */
-		BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_dbl(const EC_GROUP * group, EC_POINT * r, const EC_POINT * a, BN_CTX * ctx)
-{
-	int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *n0, *n1, *n2, *n3;
-	int ret = 0;
-
-	if (EC_POINT_is_at_infinity(group, a) > 0) {
-		BN_zero(&r->Z);
-		r->Z_is_one = 0;
-		return 1;
-	}
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((n0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((n1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((n2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((n3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * Note that in this function we must not read components of 'a' once
-	 * we have written the corresponding components of 'r'. ('r' might
-	 * the same as 'a'.)
-	 */
-
-	/* n1 */
-	if (a->Z_is_one) {
-		if (!field_sqr(group, n0, &a->X, ctx))
-			goto err;
-		if (!BN_mod_lshift1_quick(n1, n0, p))
-			goto err;
-		if (!BN_mod_add_quick(n0, n0, n1, p))
-			goto err;
-		if (!BN_mod_add_quick(n1, n0, &group->a, p))
-			goto err;
-		/* n1 = 3 * X_a^2 + a_curve */
-	} else if (group->a_is_minus3) {
-		if (!field_sqr(group, n1, &a->Z, ctx))
-			goto err;
-		if (!BN_mod_add_quick(n0, &a->X, n1, p))
-			goto err;
-		if (!BN_mod_sub_quick(n2, &a->X, n1, p))
-			goto err;
-		if (!field_mul(group, n1, n0, n2, ctx))
-			goto err;
-		if (!BN_mod_lshift1_quick(n0, n1, p))
-			goto err;
-		if (!BN_mod_add_quick(n1, n0, n1, p))
-			goto err;
-		/*
-		 * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2) = 3 * X_a^2 - 3 *
-		 * Z_a^4
-		 */
-	} else {
-		if (!field_sqr(group, n0, &a->X, ctx))
-			goto err;
-		if (!BN_mod_lshift1_quick(n1, n0, p))
-			goto err;
-		if (!BN_mod_add_quick(n0, n0, n1, p))
-			goto err;
-		if (!field_sqr(group, n1, &a->Z, ctx))
-			goto err;
-		if (!field_sqr(group, n1, n1, ctx))
-			goto err;
-		if (!field_mul(group, n1, n1, &group->a, ctx))
-			goto err;
-		if (!BN_mod_add_quick(n1, n1, n0, p))
-			goto err;
-		/* n1 = 3 * X_a^2 + a_curve * Z_a^4 */
-	}
-
-	/* Z_r */
-	if (a->Z_is_one) {
-		if (!BN_copy(n0, &a->Y))
-			goto err;
-	} else {
-		if (!field_mul(group, n0, &a->Y, &a->Z, ctx))
-			goto err;
-	}
-	if (!BN_mod_lshift1_quick(&r->Z, n0, p))
-		goto err;
-	r->Z_is_one = 0;
-	/* Z_r = 2 * Y_a * Z_a */
-
-	/* n2 */
-	if (!field_sqr(group, n3, &a->Y, ctx))
-		goto err;
-	if (!field_mul(group, n2, &a->X, n3, ctx))
-		goto err;
-	if (!BN_mod_lshift_quick(n2, n2, 2, p))
-		goto err;
-	/* n2 = 4 * X_a * Y_a^2 */
-
-	/* X_r */
-	if (!BN_mod_lshift1_quick(n0, n2, p))
-		goto err;
-	if (!field_sqr(group, &r->X, n1, ctx))
-		goto err;
-	if (!BN_mod_sub_quick(&r->X, &r->X, n0, p))
-		goto err;
-	/* X_r = n1^2 - 2 * n2 */
-
-	/* n3 */
-	if (!field_sqr(group, n0, n3, ctx))
-		goto err;
-	if (!BN_mod_lshift_quick(n3, n0, 3, p))
-		goto err;
-	/* n3 = 8 * Y_a^4 */
-
-	/* Y_r */
-	if (!BN_mod_sub_quick(n0, n2, &r->X, p))
-		goto err;
-	if (!field_mul(group, n0, n1, n0, ctx))
-		goto err;
-	if (!BN_mod_sub_quick(&r->Y, n0, n3, p))
-		goto err;
-	/* Y_r = n1 * (n2 - X_r) - n3 */
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_invert(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx)
-{
-	if (EC_POINT_is_at_infinity(group, point) > 0 || BN_is_zero(&point->Y))
-		/* point is its own inverse */
-		return 1;
-
-	return BN_usub(&point->Y, &group->field, &point->Y);
-}
-
-
-int 
-ec_GFp_simple_is_at_infinity(const EC_GROUP * group, const EC_POINT * point)
-{
-	return BN_is_zero(&point->Z);
-}
-
-
-int 
-ec_GFp_simple_is_on_curve(const EC_GROUP * group, const EC_POINT * point, BN_CTX * ctx)
-{
-	int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	const BIGNUM *p;
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *rh, *tmp, *Z4, *Z6;
-	int ret = -1;
-
-	if (EC_POINT_is_at_infinity(group, point) > 0)
-		return 1;
-
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-	p = &group->field;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-	}
-	BN_CTX_start(ctx);
-	if ((rh = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Z4 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Z6 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * We have a curve defined by a Weierstrass equation y^2 = x^3 + a*x
-	 * + b. The point to consider is given in Jacobian projective
-	 * coordinates where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
-	 * Substituting this and multiplying by  Z^6  transforms the above
-	 * equation into Y^2 = X^3 + a*X*Z^4 + b*Z^6. To test this, we add up
-	 * the right-hand side in 'rh'.
-	 */
-
-	/* rh := X^2 */
-	if (!field_sqr(group, rh, &point->X, ctx))
-		goto err;
-
-	if (!point->Z_is_one) {
-		if (!field_sqr(group, tmp, &point->Z, ctx))
-			goto err;
-		if (!field_sqr(group, Z4, tmp, ctx))
-			goto err;
-		if (!field_mul(group, Z6, Z4, tmp, ctx))
-			goto err;
-
-		/* rh := (rh + a*Z^4)*X */
-		if (group->a_is_minus3) {
-			if (!BN_mod_lshift1_quick(tmp, Z4, p))
-				goto err;
-			if (!BN_mod_add_quick(tmp, tmp, Z4, p))
-				goto err;
-			if (!BN_mod_sub_quick(rh, rh, tmp, p))
-				goto err;
-			if (!field_mul(group, rh, rh, &point->X, ctx))
-				goto err;
-		} else {
-			if (!field_mul(group, tmp, Z4, &group->a, ctx))
-				goto err;
-			if (!BN_mod_add_quick(rh, rh, tmp, p))
-				goto err;
-			if (!field_mul(group, rh, rh, &point->X, ctx))
-				goto err;
-		}
-
-		/* rh := rh + b*Z^6 */
-		if (!field_mul(group, tmp, &group->b, Z6, ctx))
-			goto err;
-		if (!BN_mod_add_quick(rh, rh, tmp, p))
-			goto err;
-	} else {
-		/* point->Z_is_one */
-
-		/* rh := (rh + a)*X */
-		if (!BN_mod_add_quick(rh, rh, &group->a, p))
-			goto err;
-		if (!field_mul(group, rh, rh, &point->X, ctx))
-			goto err;
-		/* rh := rh + b */
-		if (!BN_mod_add_quick(rh, rh, &group->b, p))
-			goto err;
-	}
-
-	/* 'lh' := Y^2 */
-	if (!field_sqr(group, tmp, &point->Y, ctx))
-		goto err;
-
-	ret = (0 == BN_ucmp(tmp, rh));
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_cmp(const EC_GROUP * group, const EC_POINT * a, const EC_POINT * b, BN_CTX * ctx)
-{
-	/*
-	 * return values: -1   error 0   equal (in affine coordinates) 1
-	 * not equal
-	 */
-
-	int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
-	int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp1, *tmp2, *Za23, *Zb23;
-	const BIGNUM *tmp1_, *tmp2_;
-	int ret = -1;
-
-	if (EC_POINT_is_at_infinity(group, a) > 0) {
-		return EC_POINT_is_at_infinity(group, b) > 0 ? 0 : 1;
-	}
-	if (EC_POINT_is_at_infinity(group, b) > 0)
-		return 1;
-
-	if (a->Z_is_one && b->Z_is_one) {
-		return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-	}
-	field_mul = group->meth->field_mul;
-	field_sqr = group->meth->field_sqr;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return -1;
-	}
-	BN_CTX_start(ctx);
-	if ((tmp1 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((tmp2 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((Za23 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-	if ((Zb23 = BN_CTX_get(ctx)) == NULL)
-		goto end;
-
-	/*
-	 * We have to decide whether (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2,
-	 * Y_b/Z_b^3), or equivalently, whether (X_a*Z_b^2, Y_a*Z_b^3) =
-	 * (X_b*Z_a^2, Y_b*Z_a^3).
-	 */
-
-	if (!b->Z_is_one) {
-		if (!field_sqr(group, Zb23, &b->Z, ctx))
-			goto end;
-		if (!field_mul(group, tmp1, &a->X, Zb23, ctx))
-			goto end;
-		tmp1_ = tmp1;
-	} else
-		tmp1_ = &a->X;
-	if (!a->Z_is_one) {
-		if (!field_sqr(group, Za23, &a->Z, ctx))
-			goto end;
-		if (!field_mul(group, tmp2, &b->X, Za23, ctx))
-			goto end;
-		tmp2_ = tmp2;
-	} else
-		tmp2_ = &b->X;
-
-	/* compare  X_a*Z_b^2  with  X_b*Z_a^2 */
-	if (BN_cmp(tmp1_, tmp2_) != 0) {
-		ret = 1;	/* points differ */
-		goto end;
-	}
-	if (!b->Z_is_one) {
-		if (!field_mul(group, Zb23, Zb23, &b->Z, ctx))
-			goto end;
-		if (!field_mul(group, tmp1, &a->Y, Zb23, ctx))
-			goto end;
-		/* tmp1_ = tmp1 */
-	} else
-		tmp1_ = &a->Y;
-	if (!a->Z_is_one) {
-		if (!field_mul(group, Za23, Za23, &a->Z, ctx))
-			goto end;
-		if (!field_mul(group, tmp2, &b->Y, Za23, ctx))
-			goto end;
-		/* tmp2_ = tmp2 */
-	} else
-		tmp2_ = &b->Y;
-
-	/* compare  Y_a*Z_b^3  with  Y_b*Z_a^3 */
-	if (BN_cmp(tmp1_, tmp2_) != 0) {
-		ret = 1;	/* points differ */
-		goto end;
-	}
-	/* points are equal */
-	ret = 0;
-
-end:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_make_affine(const EC_GROUP * group, EC_POINT * point, BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *x, *y;
-	int ret = 0;
-
-	if (point->Z_is_one || EC_POINT_is_at_infinity(group, point) > 0)
-		return 1;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
-		goto err;
-	if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
-		goto err;
-	if (!point->Z_is_one) {
-		ECerr(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_points_make_affine(const EC_GROUP * group, size_t num, EC_POINT * points[], BN_CTX * ctx)
-{
-	BN_CTX *new_ctx = NULL;
-	BIGNUM *tmp0, *tmp1;
-	size_t pow2 = 0;
-	BIGNUM **heap = NULL;
-	size_t i;
-	int ret = 0;
-
-	if (num == 0)
-		return 1;
-
-	if (ctx == NULL) {
-		ctx = new_ctx = BN_CTX_new();
-		if (ctx == NULL)
-			return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((tmp0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	/*
-	 * Before converting the individual points, compute inverses of all Z
-	 * values. Modular inversion is rather slow, but luckily we can do
-	 * with a single explicit inversion, plus about 3 multiplications per
-	 * input value.
-	 */
-
-	pow2 = 1;
-	while (num > pow2)
-		pow2 <<= 1;
-	/*
-	 * Now pow2 is the smallest power of 2 satifsying pow2 >= num. We
-	 * need twice that.
-	 */
-	pow2 <<= 1;
-
-	heap = reallocarray(NULL, pow2, sizeof heap[0]);
-	if (heap == NULL)
-		goto err;
-
-	/*
-	 * The array is used as a binary tree, exactly as in heapsort:
-	 * 
-	 * heap[1] heap[2]                     heap[3] heap[4]       heap[5]
-	 * heap[6]       heap[7] heap[8]heap[9] heap[10]heap[11]
-	 * heap[12]heap[13] heap[14] heap[15]
-	 * 
-	 * We put the Z's in the last line; then we set each other node to the
-	 * product of its two child-nodes (where empty or 0 entries are
-	 * treated as ones); then we invert heap[1]; then we invert each
-	 * other node by replacing it by the product of its parent (after
-	 * inversion) and its sibling (before inversion).
-	 */
-	heap[0] = NULL;
-	for (i = pow2 / 2 - 1; i > 0; i--)
-		heap[i] = NULL;
-	for (i = 0; i < num; i++)
-		heap[pow2 / 2 + i] = &points[i]->Z;
-	for (i = pow2 / 2 + num; i < pow2; i++)
-		heap[i] = NULL;
-
-	/* set each node to the product of its children */
-	for (i = pow2 / 2 - 1; i > 0; i--) {
-		heap[i] = BN_new();
-		if (heap[i] == NULL)
-			goto err;
-
-		if (heap[2 * i] != NULL) {
-			if ((heap[2 * i + 1] == NULL) || BN_is_zero(heap[2 * i + 1])) {
-				if (!BN_copy(heap[i], heap[2 * i]))
-					goto err;
-			} else {
-				if (BN_is_zero(heap[2 * i])) {
-					if (!BN_copy(heap[i], heap[2 * i + 1]))
-						goto err;
-				} else {
-					if (!group->meth->field_mul(group, heap[i],
-						heap[2 * i], heap[2 * i + 1], ctx))
-						goto err;
-				}
-			}
-		}
-	}
-
-	/* invert heap[1] */
-	if (!BN_is_zero(heap[1])) {
-		if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx)) {
-			ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
-			goto err;
-		}
-	}
-	if (group->meth->field_encode != 0) {
-		/*
-		 * in the Montgomery case, we just turned  R*H  (representing
-		 * H) into  1/(R*H),  but we need  R*(1/H)  (representing
-		 * 1/H); i.e. we have need to multiply by the Montgomery
-		 * factor twice
-		 */
-		if (!group->meth->field_encode(group, heap[1], heap[1], ctx))
-			goto err;
-		if (!group->meth->field_encode(group, heap[1], heap[1], ctx))
-			goto err;
-	}
-	/* set other heap[i]'s to their inverses */
-	for (i = 2; i < pow2 / 2 + num; i += 2) {
-		/* i is even */
-		if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1])) {
-			if (!group->meth->field_mul(group, tmp0, heap[i / 2], heap[i + 1], ctx))
-				goto err;
-			if (!group->meth->field_mul(group, tmp1, heap[i / 2], heap[i], ctx))
-				goto err;
-			if (!BN_copy(heap[i], tmp0))
-				goto err;
-			if (!BN_copy(heap[i + 1], tmp1))
-				goto err;
-		} else {
-			if (!BN_copy(heap[i], heap[i / 2]))
-				goto err;
-		}
-	}
-
-	/*
-	 * we have replaced all non-zero Z's by their inverses, now fix up
-	 * all the points
-	 */
-	for (i = 0; i < num; i++) {
-		EC_POINT *p = points[i];
-
-		if (!BN_is_zero(&p->Z)) {
-			/* turn  (X, Y, 1/Z)  into  (X/Z^2, Y/Z^3, 1) */
-
-			if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx))
-				goto err;
-			if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx))
-				goto err;
-
-			if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx))
-				goto err;
-			if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx))
-				goto err;
-
-			if (group->meth->field_set_to_one != 0) {
-				if (!group->meth->field_set_to_one(group, &p->Z, ctx))
-					goto err;
-			} else {
-				if (!BN_one(&p->Z))
-					goto err;
-			}
-			p->Z_is_one = 1;
-		}
-	}
-
-	ret = 1;
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(new_ctx);
-	if (heap != NULL) {
-		/*
-		 * heap[pow2/2] .. heap[pow2-1] have not been allocated
-		 * locally!
-		 */
-		for (i = pow2 / 2 - 1; i > 0; i--) {
-			BN_clear_free(heap[i]);
-		}
-		free(heap);
-	}
-	return ret;
-}
-
-
-int 
-ec_GFp_simple_field_mul(const EC_GROUP * group, BIGNUM * r, const BIGNUM * a, const BIGNUM * b, BN_CTX * ctx)
-{
-	return BN_mod_mul(r, a, b, &group->field, ctx);
-}
-
-
-int 
-ec_GFp_simple_field_sqr(const EC_GROUP * group, BIGNUM * r, const BIGNUM * a, BN_CTX * ctx)
-{
-	return BN_mod_sqr(r, a, &group->field, ctx);
-}
diff --git a/lib/libssl/src/crypto/ecdh/ecdh.h b/lib/libssl/src/crypto/ecdh/ecdh.h
deleted file mode 100644
index ccc1312fd87..00000000000
--- a/lib/libssl/src/crypto/ecdh/ecdh.h
+++ /dev/null
@@ -1,128 +0,0 @@
-/* $OpenBSD: ecdh.h,v 1.5 2015/09/13 12:03:07 jsing Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDH_H
-#define HEADER_ECDH_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ECDH
-#error ECDH is disabled.
-#endif
-
-#include <openssl/ec.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-const ECDH_METHOD *ECDH_OpenSSL(void);
-
-void ECDH_set_default_method(const ECDH_METHOD *);
-const ECDH_METHOD *ECDH_get_default_method(void);
-int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
-
-int ECDH_size(const EC_KEY *ecdh);
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-    EC_KEY *ecdh,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-
-int 	  ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
-*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int 	  ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
-void 	  *ECDH_get_ex_data(EC_KEY *d, int idx);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDH_strings(void);
-
-/* Error codes for the ECDH functions. */
-
-/* Function codes. */
-#define ECDH_F_ECDH_CHECK				 102
-#define ECDH_F_ECDH_COMPUTE_KEY				 100
-#define ECDH_F_ECDH_DATA_NEW_METHOD			 101
-
-/* Reason codes. */
-#define ECDH_R_KDF_FAILED				 102
-#define ECDH_R_KEY_TRUNCATION				 104
-#define ECDH_R_NON_FIPS_METHOD				 103
-#define ECDH_R_NO_PRIVATE_VALUE				 100
-#define ECDH_R_POINT_ARITHMETIC_FAILURE			 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ecdh/ech_err.c b/lib/libssl/src/crypto/ecdh/ech_err.c
deleted file mode 100644
index afe5ff3af84..00000000000
--- a/lib/libssl/src/crypto/ecdh/ech_err.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* $OpenBSD: ech_err.c,v 1.5 2015/09/13 11:49:44 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ecdh.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
-
-static ERR_STRING_DATA ECDH_str_functs[]= {
-	{ERR_FUNC(ECDH_F_ECDH_CHECK),	"ECDH_CHECK"},
-	{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY),	"ECDH_compute_key"},
-	{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD),	"ECDH_DATA_new_method"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA ECDH_str_reasons[]= {
-	{ERR_REASON(ECDH_R_KDF_FAILED)           , "KDF failed"},
-	{ERR_REASON(ECDH_R_KEY_TRUNCATION), "key would be truncated"},
-	{ERR_REASON(ECDH_R_NON_FIPS_METHOD)      , "non fips method"},
-	{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE)     , "no private value"},
-	{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ECDH_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, ECDH_str_functs);
-		ERR_load_strings(0, ECDH_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ecdh/ech_key.c b/lib/libssl/src/crypto/ecdh/ech_key.c
deleted file mode 100644
index 33ee2444998..00000000000
--- a/lib/libssl/src/crypto/ecdh/ech_key.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* $OpenBSD: ech_key.c,v 1.6 2015/09/18 13:04:41 bcook Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include <openssl/sha.h>
-
-#include "ech_locl.h"
-
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-    EC_KEY *ecdh,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-
-/*
- * This implementation is based on the following primitives in the IEEE 1363
- * standard:
- *  - ECKAS-DH1
- *  - ECSVDP-DH
- * Finally an optional KDF is applied.
- */
-static int
-ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-    EC_KEY *ecdh,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
-{
-	BN_CTX *ctx;
-	EC_POINT *tmp = NULL;
-	BIGNUM *x = NULL, *y = NULL;
-	const BIGNUM *priv_key;
-	const EC_GROUP* group;
-	int ret = -1;
-	size_t buflen, len;
-	unsigned char *buf = NULL;
-
-	if (outlen > INT_MAX) {
-		/* Sort of, anyway. */
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((x = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	priv_key = EC_KEY_get0_private_key(ecdh);
-	if (priv_key == NULL) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
-		goto err;
-	}
-
-	group = EC_KEY_get0_group(ecdh);
-	if ((tmp = EC_POINT_new(group)) == NULL) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
-		    ECDH_R_POINT_ARITHMETIC_FAILURE);
-		goto err;
-	}
-
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-	    NID_X9_62_prime_field) {
-		if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y,
-		    ctx)) {
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
-			    ECDH_R_POINT_ARITHMETIC_FAILURE);
-			goto err;
-		}
-	}
-#ifndef OPENSSL_NO_EC2M
-	else {
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y,
-		    ctx)) {
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
-			    ECDH_R_POINT_ARITHMETIC_FAILURE);
-			goto err;
-		}
-	}
-#endif
-
-	buflen = ECDH_size(ecdh);
-	len = BN_num_bytes(x);
-	if (len > buflen) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	if (KDF == NULL && outlen < buflen) {
-		/* The resulting key would be truncated. */
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KEY_TRUNCATION);
-		goto err;
-	}
-	if ((buf = malloc(buflen)) == NULL) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	memset(buf, 0, buflen - len);
-	if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
-		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
-		goto err;
-	}
-
-	if (KDF != NULL) {
-		if (KDF(buf, buflen, out, &outlen) == NULL) {
-			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
-			goto err;
-		}
-		ret = outlen;
-	} else {
-		/* No KDF, just copy out the key and zero the rest. */
-		if (outlen > buflen) {
-			memset((void *)((uintptr_t)out + buflen), 0, outlen - buflen);
-			outlen = buflen;
-		}
-		memcpy(out, buf, outlen);
-		ret = outlen;
-	}
-
-err:
-	EC_POINT_free(tmp);
-	if (ctx)
-		BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	free(buf);
-	return (ret);
-}
-
-static ECDH_METHOD openssl_ecdh_meth = {
-	.name = "OpenSSL ECDH method",
-	.compute_key = ecdh_compute_key
-};
-
-const ECDH_METHOD *
-ECDH_OpenSSL(void)
-{
-	return &openssl_ecdh_meth;
-}
-
-int
-ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-    EC_KEY *eckey,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
-{
-	ECDH_DATA *ecdh = ecdh_check(eckey);
-	if (ecdh == NULL)
-		return 0;
-	return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
-}
diff --git a/lib/libssl/src/crypto/ecdh/ech_lib.c b/lib/libssl/src/crypto/ecdh/ech_lib.c
deleted file mode 100644
index bb70d2d95f7..00000000000
--- a/lib/libssl/src/crypto/ecdh/ech_lib.c
+++ /dev/null
@@ -1,247 +0,0 @@
-/* $OpenBSD: ech_lib.c,v 1.11 2015/09/13 12:03:07 jsing Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "ech_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-
-static const ECDH_METHOD *default_ECDH_method = NULL;
-
-static void *ecdh_data_new(void);
-static void *ecdh_data_dup(void *);
-static void  ecdh_data_free(void *);
-
-void
-ECDH_set_default_method(const ECDH_METHOD *meth)
-{
-	default_ECDH_method = meth;
-}
-
-const ECDH_METHOD *
-ECDH_get_default_method(void)
-{
-	if (!default_ECDH_method) {
-		default_ECDH_method = ECDH_OpenSSL();
-	}
-	return default_ECDH_method;
-}
-
-int
-ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
-{
-	ECDH_DATA *ecdh;
-
-	ecdh = ecdh_check(eckey);
-
-	if (ecdh == NULL)
-		return 0;
-
-#ifndef OPENSSL_NO_ENGINE
-	if (ecdh->engine) {
-		ENGINE_finish(ecdh->engine);
-		ecdh->engine = NULL;
-	}
-#endif
-	ecdh->meth = meth;
-	return 1;
-}
-
-static ECDH_DATA *
-ECDH_DATA_new_method(ENGINE *engine)
-{
-	ECDH_DATA *ret;
-
-	ret = malloc(sizeof(ECDH_DATA));
-	if (ret == NULL) {
-		ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-
-	ret->init = NULL;
-
-	ret->meth = ECDH_get_default_method();
-	ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
-	if (!ret->engine)
-		ret->engine = ENGINE_get_default_ECDH();
-	if (ret->engine) {
-		ret->meth = ENGINE_get_ECDH(ret->engine);
-		if (!ret->meth) {
-			ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
-		}
-	}
-#endif
-
-	ret->flags = ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
-	return (ret);
-}
-
-static void *
-ecdh_data_new(void)
-{
-	return (void *)ECDH_DATA_new_method(NULL);
-}
-
-static void *
-ecdh_data_dup(void *data)
-{
-	ECDH_DATA *r = (ECDH_DATA *)data;
-
-	/* XXX: dummy operation */
-	if (r == NULL)
-		return NULL;
-
-	return (void *)ecdh_data_new();
-}
-
-void
-ecdh_data_free(void *data)
-{
-	ECDH_DATA *r = (ECDH_DATA *)data;
-
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
-
-	explicit_bzero((void *)r, sizeof(ECDH_DATA));
-
-	free(r);
-}
-
-ECDH_DATA *
-ecdh_check(EC_KEY *key)
-{
-	ECDH_DATA *ecdh_data;
-
-	void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
-	    ecdh_data_free, ecdh_data_free);
-	if (data == NULL) {
-		ecdh_data = (ECDH_DATA *)ecdh_data_new();
-		if (ecdh_data == NULL)
-			return NULL;
-		data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
-		    ecdh_data_dup, ecdh_data_free, ecdh_data_free);
-		if (data != NULL) {
-			/* Another thread raced us to install the key_method
-			 * data and won. */
-			ecdh_data_free(ecdh_data);
-			ecdh_data = (ECDH_DATA *)data;
-		}
-	} else
-		ecdh_data = (ECDH_DATA *)data;
-
-	return ecdh_data;
-}
-
-int
-ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-	ECDH_DATA *ecdh;
-	ecdh = ecdh_check(d);
-	if (ecdh == NULL)
-		return 0;
-	return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg));
-}
-
-void *
-ECDH_get_ex_data(EC_KEY *d, int idx)
-{
-	ECDH_DATA *ecdh;
-	ecdh = ecdh_check(d);
-	if (ecdh == NULL)
-		return NULL;
-	return (CRYPTO_get_ex_data(&ecdh->ex_data, idx));
-}
-
-int
-ECDH_size(const EC_KEY *d)
-{
-	return ((EC_GROUP_get_degree(EC_KEY_get0_group(d)) + 7) / 8);
-}
diff --git a/lib/libssl/src/crypto/ecdh/ech_locl.h b/lib/libssl/src/crypto/ecdh/ech_locl.h
deleted file mode 100644
index 83380073933..00000000000
--- a/lib/libssl/src/crypto/ecdh/ech_locl.h
+++ /dev/null
@@ -1,97 +0,0 @@
-/* $OpenBSD: ech_locl.h,v 1.4 2015/09/13 10:46:20 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECH_LOCL_H
-#define HEADER_ECH_LOCL_H
-
-#include <openssl/ecdh.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-struct ecdh_method {
-	const char *name;
-	int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
-	    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
-	int flags;
-	char *app_data;
-};
-
-/* If this flag is set the ECDH method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define ECDH_FLAG_FIPS_METHOD	0x1
-
-typedef struct ecdh_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	/* method specific part */
-	ENGINE	*engine;
-	int	flags;
-	const ECDH_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
-} ECDH_DATA;
-
-ECDH_DATA *ecdh_check(EC_KEY *);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_ECH_LOCL_H */
diff --git a/lib/libssl/src/crypto/ecdsa/ecdsa.h b/lib/libssl/src/crypto/ecdsa/ecdsa.h
deleted file mode 100644
index 530ab265bb3..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecdsa.h
+++ /dev/null
@@ -1,286 +0,0 @@
-/* $OpenBSD: ecdsa.h,v 1.4 2015/02/08 13:35:06 jsing Exp $ */
-/**
- * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
- * \author Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDSA_H
-#define HEADER_ECDSA_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ECDSA
-#error ECDSA is disabled.
-#endif
-
-#include <openssl/ec.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct ECDSA_SIG_st ECDSA_SIG;
-
-struct ecdsa_method {
-	const char *name;
-	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
-	    const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
-	int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-	    BIGNUM **r);
-	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
-	    const ECDSA_SIG *sig, EC_KEY *eckey);
-#if 0
-	int (*init)(EC_KEY *eckey);
-	int (*finish)(EC_KEY *eckey);
-#endif
-	int flags;
-	char *app_data;
-};
-
-/* If this flag is set the ECDSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define ECDSA_FLAG_FIPS_METHOD  0x1
-
-struct ECDSA_SIG_st {
-	BIGNUM *r;
-	BIGNUM *s;
-};
-
-/** Allocates and initialize a ECDSA_SIG structure
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_SIG_new(void);
-
-/** frees a ECDSA_SIG structure
- *  \param  sig  pointer to the ECDSA_SIG structure
- */
-void ECDSA_SIG_free(ECDSA_SIG *sig);
-
-/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
- *  (*pp += length of the DER encoded signature)).
- *  \param  sig  pointer to the ECDSA_SIG object
- *  \param  pp   pointer to a unsigned char pointer for the output or NULL
- *  \return the length of the DER encoded ECDSA_SIG object or 0
- */
-int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-
-/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
- *  (*pp += len)).
- *  \param  sig  pointer to ECDSA_SIG pointer (may be NULL)
- *  \param  pp   memory buffer with the DER encoded signature
- *  \param  len  length of the buffer
- *  \return pointer to the decoded ECDSA_SIG structure (or NULL)
- */
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-
-/** Computes the ECDSA signature of the given hash value using
- *  the supplied private key and returns the created signature.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  eckey     EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
-    EC_KEY *eckey);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
- */
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
-    const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the supplied signature is a valid ECDSA
- *  signature of the supplied hash value using the supplied public key.
- *  \param  dgst      pointer to the hash value
- *  \param  dgst_len  length of the hash value
- *  \param  sig       ECDSA_SIG structure
- *  \param  eckey     EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-    const ECDSA_SIG *sig, EC_KEY* eckey);
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-
-/** Sets the default ECDSA method
- *  \param  meth  new default ECDSA_METHOD
- */
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-
-/** Returns the default ECDSA method
- *  \return pointer to ECDSA_METHOD structure containing the default method
- */
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-
-/** Sets method to be used for the ECDSA operations
- *  \param  eckey  EC_KEY object
- *  \param  meth   new method
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-
-/** Returns the maximum length of the DER encoded signature
- *  \param  eckey  EC_KEY object
- *  \return numbers of bytes required for the DER encoded signature
- */
-int ECDSA_size(const EC_KEY *eckey);
-
-/** Precompute parts of the signing operation
- *  \param  eckey  EC_KEY object containing a private EC key
- *  \param  ctx    BN_CTX object (optional)
- *  \param  kinv   BIGNUM pointer for the inverse of k
- *  \param  rp     BIGNUM pointer for x coordinate of k * generator
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-    BIGNUM **rp);
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      memory for the DER encoded created signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
-    unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-
-
-/** Computes ECDSA signature of a given hash value using the supplied
- *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value to sign
- *  \param  dgstlen  length of the hash value
- *  \param  sig      buffer to hold the DER encoded signature
- *  \param  siglen   pointer to the length of the returned signature
- *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
- *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
- *                   see ECDSA_sign_setup
- *  \param  eckey    EC_KEY object containing a private EC key
- *  \return 1 on success and 0 otherwise
- */
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
-    unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
-    const BIGNUM *rp, EC_KEY *eckey);
-
-/** Verifies that the given signature is valid ECDSA signature
- *  of the supplied hash value using the specified public key.
- *  \param  type     this parameter is ignored
- *  \param  dgst     pointer to the hash value
- *  \param  dgstlen  length of the hash value
- *  \param  sig      pointer to the DER encoded signature
- *  \param  siglen   length of the DER encoded signature
- *  \param  eckey    EC_KEY object containing a public EC key
- *  \return 1 if the signature is valid, 0 if the signature is invalid
- *          and -1 on error
- */
-int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
-    const unsigned char *sig, int siglen, EC_KEY *eckey);
-
-/* the standard ex_data functions */
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ECDSA_strings(void);
-
-/* Error codes for the ECDSA functions. */
-
-/* Function codes. */
-#define ECDSA_F_ECDSA_CHECK				 104
-#define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
-#define ECDSA_F_ECDSA_DO_SIGN				 101
-#define ECDSA_F_ECDSA_DO_VERIFY				 102
-#define ECDSA_F_ECDSA_SIGN_SETUP			 103
-
-/* Reason codes. */
-#define ECDSA_R_BAD_SIGNATURE				 100
-#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 101
-#define ECDSA_R_ERR_EC_LIB				 102
-#define ECDSA_R_MISSING_PARAMETERS			 103
-#define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
-#define ECDSA_R_NON_FIPS_METHOD				 107
-#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
-#define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_asn1.c b/lib/libssl/src/crypto/ecdsa/ecs_asn1.c
deleted file mode 100644
index 725fe44a367..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_asn1.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: ecs_asn1.c,v 1.8 2015/10/16 15:15:39 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecs_locl.h"
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-
-static const ASN1_TEMPLATE ECDSA_SIG_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECDSA_SIG, r),
-		.field_name = "r",
-		.item = &CBIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ECDSA_SIG, s),
-		.field_name = "s",
-		.item = &CBIGNUM_it,
-	},
-};
-
-const ASN1_ITEM ECDSA_SIG_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ECDSA_SIG_seq_tt,
-	.tcount = sizeof(ECDSA_SIG_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ECDSA_SIG),
-	.sname = "ECDSA_SIG",
-};
-
-ECDSA_SIG *ECDSA_SIG_new(void);
-void ECDSA_SIG_free(ECDSA_SIG *a);
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **a, const unsigned char **in, long len);
-int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **out);
-
-ECDSA_SIG *
-d2i_ECDSA_SIG(ECDSA_SIG **a, const unsigned char **in, long len)
-{
-	return (ECDSA_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ECDSA_SIG_it);
-}
-
-int
-i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECDSA_SIG_it);
-}
-
-ECDSA_SIG *
-ECDSA_SIG_new(void)
-{
-	return (ECDSA_SIG *)ASN1_item_new(&ECDSA_SIG_it);
-}
-
-void
-ECDSA_SIG_free(ECDSA_SIG *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ECDSA_SIG_it);
-}
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_err.c b/lib/libssl/src/crypto/ecdsa/ecs_err.c
deleted file mode 100644
index 26efc135e34..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_err.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $OpenBSD: ecs_err.c,v 1.4 2015/02/08 13:35:07 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ecdsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
-
-static ERR_STRING_DATA ECDSA_str_functs[]= {
-	{ERR_FUNC(ECDSA_F_ECDSA_CHECK),	"ECDSA_CHECK"},
-	{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_NEW_METHOD"},
-	{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),	"ECDSA_do_sign"},
-	{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),	"ECDSA_do_verify"},
-	{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP),	"ECDSA_sign_setup"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA ECDSA_str_reasons[]= {
-	{ERR_REASON(ECDSA_R_BAD_SIGNATURE)       , "bad signature"},
-	{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"},
-	{ERR_REASON(ECDSA_R_ERR_EC_LIB)          , "err ec lib"},
-	{ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  , "missing parameters"},
-	{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-	{ERR_REASON(ECDSA_R_NON_FIPS_METHOD)     , "non fips method"},
-	{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"},
-	{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ECDSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, ECDSA_str_functs);
-		ERR_load_strings(0, ECDSA_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_lib.c b/lib/libssl/src/crypto/ecdsa/ecs_lib.c
deleted file mode 100644
index 1ba788b4f06..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_lib.c
+++ /dev/null
@@ -1,264 +0,0 @@
-/* $OpenBSD: ecs_lib.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "ecs_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-static const ECDSA_METHOD *default_ECDSA_method = NULL;
-
-static void *ecdsa_data_new(void);
-static void *ecdsa_data_dup(void *);
-static void  ecdsa_data_free(void *);
-
-void
-ECDSA_set_default_method(const ECDSA_METHOD *meth)
-{
-	default_ECDSA_method = meth;
-}
-
-const ECDSA_METHOD *
-ECDSA_get_default_method(void)
-{
-	if (!default_ECDSA_method) {
-		default_ECDSA_method = ECDSA_OpenSSL();
-	}
-	return default_ECDSA_method;
-}
-
-int
-ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
-{
-	ECDSA_DATA *ecdsa;
-
-	ecdsa = ecdsa_check(eckey);
-
-	if (ecdsa == NULL)
-		return 0;
-
-#ifndef OPENSSL_NO_ENGINE
-	if (ecdsa->engine) {
-		ENGINE_finish(ecdsa->engine);
-		ecdsa->engine = NULL;
-	}
-#endif
-	ecdsa->meth = meth;
-
-	return 1;
-}
-
-static ECDSA_DATA *
-ECDSA_DATA_new_method(ENGINE *engine)
-{
-	ECDSA_DATA *ret;
-
-	ret = malloc(sizeof(ECDSA_DATA));
-	if (ret == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-
-	ret->init = NULL;
-
-	ret->meth = ECDSA_get_default_method();
-	ret->engine = engine;
-#ifndef OPENSSL_NO_ENGINE
-	if (!ret->engine)
-		ret->engine = ENGINE_get_default_ECDSA();
-	if (ret->engine) {
-		ret->meth = ENGINE_get_ECDSA(ret->engine);
-		if (!ret->meth) {
-			ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD,
-			    ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
-		}
-	}
-#endif
-
-	ret->flags = ret->meth->flags;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
-	return (ret);
-}
-
-static void *
-ecdsa_data_new(void)
-{
-	return (void *)ECDSA_DATA_new_method(NULL);
-}
-
-static void *
-ecdsa_data_dup(void *data)
-{
-	ECDSA_DATA *r = (ECDSA_DATA *)data;
-
-	/* XXX: dummy operation */
-	if (r == NULL)
-		return NULL;
-
-	return ecdsa_data_new();
-}
-
-static void
-ecdsa_data_free(void *data)
-{
-	ECDSA_DATA *r = (ECDSA_DATA *)data;
-
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
-
-	explicit_bzero((void *)r, sizeof(ECDSA_DATA));
-
-	free(r);
-}
-
-ECDSA_DATA *
-ecdsa_check(EC_KEY *key)
-{
-	ECDSA_DATA *ecdsa_data;
-
-	void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
-	    ecdsa_data_free, ecdsa_data_free);
-	if (data == NULL) {
-		ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
-		if (ecdsa_data == NULL)
-			return NULL;
-		data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
-		    ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
-		if (data != NULL) {
-			/* Another thread raced us to install the key_method
-			 * data and won. */
-			ecdsa_data_free(ecdsa_data);
-			ecdsa_data = (ECDSA_DATA *)data;
-		}
-	} else
-		ecdsa_data = (ECDSA_DATA *)data;
-
-	return ecdsa_data;
-}
-
-int
-ECDSA_size(const EC_KEY *r)
-{
-	int ret, i;
-	ASN1_INTEGER bs;
-	BIGNUM	*order = NULL;
-	unsigned char buf[4];
-	const EC_GROUP *group;
-
-	if (r == NULL)
-		return 0;
-	group = EC_KEY_get0_group(r);
-	if (group == NULL)
-		return 0;
-
-	if ((order = BN_new()) == NULL)
-		return 0;
-	if (!EC_GROUP_get_order(group, order, NULL)) {
-		BN_clear_free(order);
-		return 0;
-	}
-	i = BN_num_bits(order);
-	bs.length = (i + 7) / 8;
-	bs.data = buf;
-	bs.type = V_ASN1_INTEGER;
-	/* If the top bit is set the asn1 encoding is 1 larger. */
-	buf[0] = 0xff;
-
-	i = i2d_ASN1_INTEGER(&bs, NULL);
-	i += i; /* r and s */
-	ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
-	BN_clear_free(order);
-	return (ret);
-}
-
-int
-ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-	ECDSA_DATA *ecdsa;
-	ecdsa = ecdsa_check(d);
-	if (ecdsa == NULL)
-		return 0;
-	return (CRYPTO_set_ex_data(&ecdsa->ex_data, idx, arg));
-}
-
-void *
-ECDSA_get_ex_data(EC_KEY *d, int idx)
-{
-	ECDSA_DATA *ecdsa;
-	ecdsa = ecdsa_check(d);
-	if (ecdsa == NULL)
-		return NULL;
-	return (CRYPTO_get_ex_data(&ecdsa->ex_data, idx));
-}
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_locl.h b/lib/libssl/src/crypto/ecdsa/ecs_locl.h
deleted file mode 100644
index 24d866ae646..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_locl.h
+++ /dev/null
@@ -1,90 +0,0 @@
-/* $OpenBSD: ecs_locl.h,v 1.4 2015/02/08 13:35:07 jsing Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ECS_LOCL_H
-#define HEADER_ECS_LOCL_H
-
-#include <openssl/ecdsa.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct ecdsa_data_st {
-	/* EC_KEY_METH_DATA part */
-	int (*init)(EC_KEY *);
-	/* method (ECDSA) specific part */
-	ENGINE	*engine;
-	int	flags;
-	const ECDSA_METHOD *meth;
-	CRYPTO_EX_DATA ex_data;
-} ECDSA_DATA;
-
-/** ecdsa_check
- * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
- * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
- * \param  eckey pointer to a EC_KEY object
- * \return pointer to a ECDSA_DATA structure
- */
-ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_ECS_LOCL_H */
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_ossl.c b/lib/libssl/src/crypto/ecdsa/ecs_ossl.c
deleted file mode 100644
index 31102138c0a..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_ossl.c
+++ /dev/null
@@ -1,430 +0,0 @@
-/* $OpenBSD: ecs_ossl.c,v 1.6 2015/02/08 13:35:07 jsing Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include "ecs_locl.h"
-#include <openssl/err.h>
-#include <openssl/obj_mac.h>
-#include <openssl/bn.h>
-
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,
-    const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-    BIGNUM **rp);
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
-    const ECDSA_SIG *sig, EC_KEY *eckey);
-
-static ECDSA_METHOD openssl_ecdsa_meth = {
-	.name = "OpenSSL ECDSA method",
-	.ecdsa_do_sign = ecdsa_do_sign,
-	.ecdsa_sign_setup = ecdsa_sign_setup,
-	.ecdsa_do_verify = ecdsa_do_verify
-};
-
-const ECDSA_METHOD *
-ECDSA_OpenSSL(void)
-{
-	return &openssl_ecdsa_meth;
-}
-
-static int
-ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-	BN_CTX   *ctx = NULL;
-	BIGNUM	 *k = NULL, *r = NULL, *order = NULL, *X = NULL;
-	EC_POINT *tmp_point = NULL;
-	const EC_GROUP *group;
-	int 	 ret = 0;
-
-	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-
-	if (ctx_in == NULL) {
-		if ((ctx = BN_CTX_new()) == NULL) {
-			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	} else
-		ctx = ctx_in;
-
-	k = BN_new();	/* this value is later returned in *kinvp */
-	r = BN_new();	/* this value is later returned in *rp    */
-	order = BN_new();
-	X = BN_new();
-	if (!k || !r || !order || !X) {
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if ((tmp_point = EC_POINT_new(group)) == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (!EC_GROUP_get_order(group, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-		goto err;
-	}
-
-	do {
-		/* get random k */
-		do
-			if (!BN_rand_range(k, order)) {
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-				    ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
-				goto err;
-			}
-		while (BN_is_zero(k));
-
-		/* We do not want timing information to leak the length of k,
-		 * so we compute G*k using an equivalent scalar of fixed
-		 * bit-length. */
-		if (!BN_add(k, k, order))
-			goto err;
-		if (BN_num_bits(k) <= BN_num_bits(order))
-			if (!BN_add(k, k, order))
-				goto err;
-
-		/* compute r the x-coordinate of generator * k */
-		if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
-			goto err;
-		}
-		if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-		    NID_X9_62_prime_field) {
-			if (!EC_POINT_get_affine_coordinates_GFp(group,
-			    tmp_point, X, NULL, ctx)) {
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-				    ERR_R_EC_LIB);
-				goto err;
-			}
-		}
-#ifndef OPENSSL_NO_EC2M
-		else /* NID_X9_62_characteristic_two_field */
-		{
-			if (!EC_POINT_get_affine_coordinates_GF2m(group,
-			    tmp_point, X, NULL, ctx)) {
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-				    ERR_R_EC_LIB);
-				goto err;
-			}
-		}
-#endif
-		if (!BN_nnmod(r, X, order, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-			goto err;
-		}
-	} while (BN_is_zero(r));
-
-	/* compute the inverse of k */
-	if (!BN_mod_inverse(k, k, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* clear old values if necessary */
-	BN_clear_free(*rp);
-	BN_clear_free(*kinvp);
-	/* save the pre-computed values  */
-	*rp = r;
-	*kinvp = k;
-	ret = 1;
-
-err:
-	if (!ret) {
-		BN_clear_free(k);
-		BN_clear_free(r);
-	}
-	if (ctx_in == NULL)
-		BN_CTX_free(ctx);
-	BN_free(order);
-	EC_POINT_free(tmp_point);
-	BN_clear_free(X);
-	return (ret);
-}
-
-
-static ECDSA_SIG *
-ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
-    const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
-{
-	int     ok = 0, i;
-	BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
-	const BIGNUM *ckinv;
-	BN_CTX     *ctx = NULL;
-	const EC_GROUP   *group;
-	ECDSA_SIG  *ret;
-	ECDSA_DATA *ecdsa;
-	const BIGNUM *priv_key;
-
-	ecdsa = ecdsa_check(eckey);
-	group = EC_KEY_get0_group(eckey);
-	priv_key = EC_KEY_get0_private_key(eckey);
-
-	if (group == NULL || priv_key == NULL || ecdsa == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-	}
-
-	ret = ECDSA_SIG_new();
-	if (!ret) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	s = ret->s;
-
-	if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
-	    (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EC_GROUP_get_order(group, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
-		goto err;
-	}
-	i = BN_num_bits(order);
-	/* Need to truncate digest if it is too long: first truncate whole
-	 * bytes.
-	 */
-	if (8 * dgst_len > i)
-		dgst_len = (i + 7)/8;
-	if (!BN_bin2bn(dgst, dgst_len, m)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* If still too long truncate remaining bits with a shift */
-	if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-		goto err;
-	}
-	do {
-		if (in_kinv == NULL || in_r == NULL) {
-			if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r)) {
-				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-				    ERR_R_ECDSA_LIB);
-				goto err;
-			}
-			ckinv = kinv;
-		} else {
-			ckinv = in_kinv;
-			if (BN_copy(ret->r, in_r) == NULL) {
-				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-
-		if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (!BN_mod_add_quick(s, tmp, m, order)) {
-			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
-			goto err;
-		}
-		if (BN_is_zero(s)) {
-			/* if kinv and r have been supplied by the caller
-			 * don't to generate new kinv and r values */
-			if (in_kinv != NULL && in_r != NULL) {
-				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
-				    ECDSA_R_NEED_NEW_SETUP_VALUES);
-				goto err;
-			}
-		} else
-			/* s != 0 => we have a valid signature */
-			break;
-	} while (1);
-
-	ok = 1;
-
-err:
-	if (!ok) {
-		ECDSA_SIG_free(ret);
-		ret = NULL;
-	}
-	BN_CTX_free(ctx);
-	BN_clear_free(m);
-	BN_clear_free(tmp);
-	BN_free(order);
-	BN_clear_free(kinv);
-	return ret;
-}
-
-static int
-ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
-    EC_KEY *eckey)
-{
-	int ret = -1, i;
-	BN_CTX   *ctx;
-	BIGNUM   *order, *u1, *u2, *m, *X;
-	EC_POINT *point = NULL;
-	const EC_GROUP *group;
-	const EC_POINT *pub_key;
-
-	/* check input values */
-	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
-	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
-		return -1;
-	}
-
-	ctx = BN_CTX_new();
-	if (!ctx) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-	BN_CTX_start(ctx);
-	order = BN_CTX_get(ctx);
-	u1 = BN_CTX_get(ctx);
-	u2 = BN_CTX_get(ctx);
-	m = BN_CTX_get(ctx);
-	X = BN_CTX_get(ctx);
-	if (!X) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-
-	if (!EC_GROUP_get_order(group, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-		goto err;
-	}
-
-	if (BN_is_zero(sig->r)          || BN_is_negative(sig->r) ||
-	    BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s)  ||
-	    BN_is_negative(sig->s)      || BN_ucmp(sig->s, order) >= 0) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
-		ret = 0;	/* signature is invalid */
-		goto err;
-	}
-	/* calculate tmp1 = inv(S) mod order */
-	if (!BN_mod_inverse(u2, sig->s, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* digest -> m */
-	i = BN_num_bits(order);
-	/* Need to truncate digest if it is too long: first truncate whole
-	 * bytes.
-	 */
-	if (8 * dgst_len > i)
-		dgst_len = (i + 7)/8;
-	if (!BN_bin2bn(dgst, dgst_len, m)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* If still too long truncate remaining bits with a shift */
-	if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* u1 = m * tmp mod order */
-	if (!BN_mod_mul(u1, m, u2, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-	/* u2 = r * w mod q */
-	if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-
-	if ((point = EC_POINT_new(group)) == NULL) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-	    NID_X9_62_prime_field) {
-		if (!EC_POINT_get_affine_coordinates_GFp(group,
-		    point, X, NULL, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#ifndef OPENSSL_NO_EC2M
-	else /* NID_X9_62_characteristic_two_field */
-	{
-		if (!EC_POINT_get_affine_coordinates_GF2m(group,
-		    point, X, NULL, ctx)) {
-			ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#endif
-	if (!BN_nnmod(u1, X, order, ctx)) {
-		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
-		goto err;
-	}
-	/*  if the signature is correct u1 is equal to sig->r */
-	ret = (BN_ucmp(u1, sig->r) == 0);
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	EC_POINT_free(point);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_sign.c b/lib/libssl/src/crypto/ecdsa/ecs_sign.c
deleted file mode 100644
index 029a0cb562c..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_sign.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* $OpenBSD: ecs_sign.c,v 1.6 2015/02/08 13:35:07 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include "ecs_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-ECDSA_SIG *
-ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
-{
-	return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey);
-}
-
-ECDSA_SIG *
-ECDSA_do_sign_ex(const unsigned char *dgst, int dlen, const BIGNUM *kinv,
-    const BIGNUM *rp, EC_KEY *eckey)
-{
-	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-
-	if (ecdsa == NULL)
-		return NULL;
-	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, kinv, rp, eckey);
-}
-
-int
-ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-    unsigned int *siglen, EC_KEY *eckey)
-{
-	return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
-}
-
-int
-ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
-    unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey)
-{
-	ECDSA_SIG *s;
-
-	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
-	if (s == NULL) {
-		*siglen = 0;
-		return 0;
-	}
-	*siglen = i2d_ECDSA_SIG(s, &sig);
-	ECDSA_SIG_free(s);
-	return 1;
-}
-
-int
-ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
-{
-	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-
-	if (ecdsa == NULL)
-		return 0;
-	return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
-}
diff --git a/lib/libssl/src/crypto/ecdsa/ecs_vrf.c b/lib/libssl/src/crypto/ecdsa/ecs_vrf.c
deleted file mode 100644
index a4b627ace65..00000000000
--- a/lib/libssl/src/crypto/ecdsa/ecs_vrf.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* $OpenBSD: ecs_vrf.c,v 1.5 2015/02/08 13:35:07 jsing Exp $ */
-/*
- * Written by Nils Larsch for the OpenSSL project
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-#include <openssl/opensslconf.h>
-
-#include "ecs_locl.h"
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int
-ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
-    EC_KEY *eckey)
-{
-	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
-
-	if (ecdsa == NULL)
-		return 0;
-	return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
-}
-
-/* returns
- *      1: correct signature
- *      0: incorrect signature
- *     -1: error
- */
-int
-ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
-    const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
-{
-	ECDSA_SIG *s;
-	unsigned char *der = NULL;
-	const unsigned char *p = sigbuf;
-	int derlen = -1;
-	int ret = -1;
-
-	s = ECDSA_SIG_new();
-	if (s == NULL)
-		return (ret);
-	if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
-		goto err;
-	/* Ensure signature uses DER and doesn't have trailing garbage */
-	derlen = i2d_ECDSA_SIG(s, &der);
-	if (derlen != sig_len || memcmp(sigbuf, der, derlen))
-		goto err;
-	ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
-
-err:
-	if (derlen > 0) {
-		explicit_bzero(der, derlen);
-		free(der);
-	}
-	ECDSA_SIG_free(s);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/engine/README b/lib/libssl/src/crypto/engine/README
deleted file mode 100644
index 6b69b70f576..00000000000
--- a/lib/libssl/src/crypto/engine/README
+++ /dev/null
@@ -1,211 +0,0 @@
-Notes: 2001-09-24
------------------
-
-This "description" (if one chooses to call it that) needed some major updating
-so here goes. This update addresses a change being made at the same time to
-OpenSSL, and it pretty much completely restructures the underlying mechanics of
-the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
-for masochists" document *and* a rather extensive commit log message. (I'd get
-lynched for sticking all this in CHANGES or the commit mails :-).
-
-ENGINE_TABLE underlies this restructuring, as described in the internal header
-"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
-tb_rsa.c, tb_dsa.c, etc.
-
-However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
-I'll mention a bit about that first. EVP_CIPHER (and most of this applies
-equally to EVP_MD for digests) is both a "method" and a algorithm/mode
-identifier that, in the current API, "lingers". These cipher description +
-implementation structures can be defined or obtained directly by applications,
-or can be loaded "en masse" into EVP storage so that they can be catalogued and
-searched in various ways, ie. two ways of encrypting with the "des_cbc"
-algorithm/mode pair are;
-
-(i) directly;
-     const EVP_CIPHER *cipher = EVP_des_cbc();
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
-
-(ii) indirectly; 
-     OpenSSL_add_all_ciphers();
-     cipher = EVP_get_cipherbyname("des_cbc");
-     EVP_EncryptInit(&ctx, cipher, key, iv);
-     [ ... etc ... ]
-
-The latter is more generally used because it also allows ciphers/digests to be
-looked up based on other identifiers which can be useful for automatic cipher
-selection, eg. in SSL/TLS, or by user-controllable configuration.
-
-The important point about this is that EVP_CIPHER definitions and structures are
-passed around with impunity and there is no safe way, without requiring massive
-rewrites of many applications, to assume that EVP_CIPHERs can be reference
-counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
-comes from can "safely" be destroyed. Unless of course the way of getting to
-such ciphers is via entirely distinct API calls that didn't exist before.
-However existing API usage cannot be made to understand when an EVP_CIPHER
-pointer, that has been passed to the caller, is no longer being used.
-
-The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
-into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
-ciphers simultaneously registers cipher *types* and cipher *implementations* -
-they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
-hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
-solution is necessarily that ENGINE-provided ciphers simply are not registered,
-stored, or exposed to the caller in the same manner as existing ciphers. This is
-especially necessary considering the fact ENGINE uses reference counts to allow
-for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
-callers in the current API, support no such controls.
-
-Another sticking point for integrating cipher support into ENGINE is linkage.
-Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
-they are available *because* they're part of a giant ENGINE called "openssl".
-Ie. all implementations *have* to come from an ENGINE, but we get round that by
-having a giant ENGINE with all the software support encapsulated. This creates
-linker hassles if nothing else - linking a 1-line application that calls 2 basic
-RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
-ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
-continue with this approach for EVP_CIPHER support (even if it *was* possible)
-we would lose our ability to link selectively by selectively loading certain
-implementations of certain functionality. Touching any part of any kind of
-crypto would result in massive static linkage of everything else. So the
-solution is to change the way ENGINE feeds existing "classes", ie. how the
-hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
-for EVP_CIPHER, and EVP_MD.
-
-The way this is now being done is by mostly reverting back to how things used to
-work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
-was previously replaced by an "ENGINE" pointer and all RSA code that required
-the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
-temporarily get and use the ENGINE's RSA implementation. Apart from being more
-efficient, switching back to each RSA having an RSA_METHOD pointer also allows
-us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
-for a fallback ENGINE that encapsulates default implementations - we can simply
-have our RSA structure pointing its RSA_METHOD pointer to the software
-implementation and have its ENGINE pointer set to NULL.
-
-A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
-turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
-and the existing EVP API functions that return "software" implementations and
-descriptions remain untouched. However, the storage takes more meaning in terms
-of "cipher description" and less meaning in terms of "implementation". When an
-EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
-begin en/decryption, the hooking to ENGINE comes into play. What happens is that
-cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
-reference) for any ENGINE that is registered to perform the algo/mode that the
-provided EVP_CIPHER structure represents. Under normal circumstances, that
-ENGINE code will return NULL because no ENGINEs will have had any cipher
-implementations *registered*. As such, a NULL ENGINE pointer is stored in the
-EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
-context and so is used as the implementation. Pretty much how things work now
-except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
-
-Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
-combination represented by the provided EVP_CIPHER, then a functional reference
-to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
-That functional reference will be stored in the context (and released on
-cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
-definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
-application will actually be replaced by an EVP_CIPHER from the registered
-ENGINE - it will support the same algorithm/mode as the original but will be a
-completely different implementation. Because this EVP_CIPHER isn't stored in the
-EVP storage, nor is it returned to applications from traditional API functions,
-there is no associated problem with it not having reference counts. And of
-course, when one of these "private" cipher implementations is hooked into
-EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
-reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
-safe.
-
-The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
-in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
-EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
-use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
-ENGINE_TABLE essentially provide linker-separation of the classes so that even
-if ENGINEs implement *all* possible algorithms, an application using only
-EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
-ENGINE code that is independant of class, and of course the ENGINE
-implementation that the application loaded. It will *not* however link any
-class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
-other APIs, such as the RSA/DSA/etc library code.
-
-ENGINE_TABLE is a little more complicated than may seem necessary but this is
-mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
-DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
-to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
-example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
-These nids provide the uniquenness of an algorithm/mode - and each nid will hash
-to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
-pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
-caching tricks such that requests on that 'nid' will be cached and all future
-requests will return immediately (well, at least with minimal operation) unless
-a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
-that an application could have support for 10 ENGINEs statically linked
-in, and the machine in question may not have any of the hardware those 10
-ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
-want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
-each of those 10 ENGINEs. Instead, the first such request will try to do that
-and will either return (and cache) a NULL ENGINE pointer or will return a
-functional reference to the first that successfully initialised. In the latter
-case it will also cache an extra functional reference to the ENGINE as a
-"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
-that is unset only if un/registration takes place on that pile. Ie. if
-implementations of "des_cbc" are added or removed. This behaviour can be
-tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
-ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
-try to initialise from the "pile" will be those that are already initialised
-(ie. it's simply an increment of the functional reference count, and no real
-"initialisation" will take place).
-
-RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
-difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
-actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
-not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
-necessarily interoperable and don't have different flavours, only different
-implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
-or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
-represents ENGINEs that implement the single "type" of RSA there is.
-
-Cleanup - the registration and unregistration may pose questions about how
-cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
-application or EVP_CIPHER code releases its last reference to an ENGINE, the
-ENGINE_PILE code may still have references and thus those ENGINEs will stay
-hooked in forever). The way this is handled is via "unregistration". With these
-new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
-is an algorithm-agnostic process. Even if initialised, it will not have
-registered any of its implementations (to do so would link all class "table"
-code despite the fact the application may use only ciphers, for example). This
-is deliberately a distinct step. Moreover, registration and unregistration has
-nothing to do with whether an ENGINE is *functional* or not (ie. you can even
-register an ENGINE and its implementations without it being operational, you may
-not even have the drivers to make it operate). What actually happens with
-respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
-functions. These functions are internal-only and each part of ENGINE code that
-could require cleanup will, upon performing its first allocation, register a
-callback with the "engine_cleanup" code. The other part of this that makes it
-tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
-initialised state. So if RSA code asks for an ENGINE and no ENGINE has
-registered an implementation, the code will simply return NULL and the tb_rsa.c
-state will be unchanged. Thus, no cleanup is required unless registration takes
-place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
-callbacks calling each in turn, and will then internally delete its own storage
-(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
-part of a gracefull restart and the application wants to cleanup all state then
-start again), the internal STACK storage will be freshly allocated. This is much
-the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
-initialised state, so only modification operations (not queries) will cause that
-code to have to register a cleanup.
-
-What else? The bignum callbacks and associated ENGINE functions have been
-removed for two obvious reasons; (i) there was no way to generalise them to the
-mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
-method, and (ii) because of (i), there was no meaningful way for library or
-application code to automatically hook and use ENGINE supplied bignum functions
-anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
-exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
-one and now certainly doesn't make sense in any generalised way. Some of the
-RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
-changes have now, as a consequence, been reverted back. This is because the
-hooking of ENGINE is now automatic (and passive, it can interally use a NULL
-ENGINE pointer to simply ignore ENGINE from then on).
-
-Hell, that should be enough for now ... comments welcome: geoff@openssl.org
-
diff --git a/lib/libssl/src/crypto/engine/eng_aesni.c b/lib/libssl/src/crypto/engine/eng_aesni.c
deleted file mode 100644
index 5f9a36236ac..00000000000
--- a/lib/libssl/src/crypto/engine/eng_aesni.c
+++ /dev/null
@@ -1,568 +0,0 @@
-/* $OpenBSD: eng_aesni.c,v 1.8 2015/02/10 09:46:30 miod Exp $ */
-/*
- * Support for Intel AES-NI intruction set
- *   Author: Huang Ying <ying.huang@intel.com>
- *
- * Intel AES-NI is a new set of Single Instruction Multiple Data
- * (SIMD) instructions that are going to be introduced in the next
- * generation of Intel processor, as of 2009. These instructions
- * enable fast and secure data encryption and decryption, using the
- * Advanced Encryption Standard (AES), defined by FIPS Publication
- * number 197.  The architecture introduces six instructions that
- * offer full hardware support for AES. Four of them support high
- * performance data encryption and decryption, and the other two
- * instructions support the AES key expansion procedure.
- *
- * The white paper can be downloaded from:
- *   http://softwarecommunity.intel.com/isn/downloads/intelavx/AES-Instructions-Set_WP.pdf
- *
- * This file is based on engines/e_padlock.c
- */
-
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AES_NI) && !defined(OPENSSL_NO_AES)
-
-#include <openssl/aes.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-/* AES-NI is available *ONLY* on some x86 CPUs.  Not only that it
-   doesn't exist elsewhere, but it even can't be compiled on other
-   platforms! */
-#undef COMPILE_HW_AESNI
-#if (defined(__x86_64) || defined(__x86_64__) || \
-     defined(_M_AMD64) || defined(_M_X64) || \
-     defined(OPENSSL_IA32_SSE2)) && !defined(OPENSSL_NO_ASM) && !defined(__i386__)
-#define COMPILE_HW_AESNI
-#endif
-static ENGINE *ENGINE_aesni (void);
-
-void ENGINE_load_aesni (void)
-{
-/* On non-x86 CPUs it just returns. */
-#ifdef COMPILE_HW_AESNI
-	ENGINE *toadd = ENGINE_aesni();
-	if (!toadd)
-		return;
-	ENGINE_add (toadd);
-	ENGINE_register_complete (toadd);
-	ENGINE_free (toadd);
-	ERR_clear_error ();
-#endif
-}
-
-#ifdef COMPILE_HW_AESNI
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-
-void aesni_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-void aesni_decrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-
-void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, int enc);
-void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
-
-/* Function for ENGINE detection and control */
-static int aesni_init(ENGINE *e);
-
-/* Cipher Stuff */
-static int aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-    const int **nids, int nid);
-
-#define AESNI_MIN_ALIGN	16
-#define AESNI_ALIGN(x) \
-	((void *)(((unsigned long)(x)+AESNI_MIN_ALIGN-1)&~(AESNI_MIN_ALIGN-1)))
-
-/* Engine names */
-static const char   aesni_id[] = "aesni",
-    aesni_name[] = "Intel AES-NI engine",
-    no_aesni_name[] = "Intel AES-NI engine (no-aesni)";
-
-
-/* The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-static void
-aesni_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-    unsigned int len, const void *key, unsigned char ivec[16], int *num,
-    int enc)
-{
-	unsigned int n;
-	size_t l = 0;
-
-	n = *num;
-
-	if (enc) {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-			if (16%sizeof(size_t) == 0) do {	/* always true actually */
-			while (n && len) {
-				*(out++) = ivec[n] ^= *(in++);
-				--len;
-				n = (n + 1) % 16;
-			}
-			while (len >= 16) {
-				aesni_encrypt(ivec, ivec, key);
-				for (n = 0; n < 16; n += sizeof(size_t)) {
-					*(size_t*)(out + n) =
-					    *(size_t*)(ivec + n) ^= *(size_t*)(in + n);
-				}
-				len -= 16;
-				out += 16;
-				in += 16;
-			}
-			n = 0;
-			if (len) {
-				aesni_encrypt(ivec, ivec, key);
-				while (len--) {
-					out[n] = ivec[n] ^= in[n];
-					++n;
-				}
-			}
-			*num = n;
-			return;
-		} while (0);
-		/* the rest would be commonly eliminated by x86* compiler */
-#endif
-		while (l < len) {
-			if (n == 0) {
-				aesni_encrypt(ivec, ivec, key);
-			}
-			out[l] = ivec[n] ^= in[l];
-			++l;
-			n = (n + 1) % 16;
-		}
-		*num = n;
-	} else {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-			if (16%sizeof(size_t) == 0) do {	/* always true actually */
-			while (n && len) {
-				unsigned char c;
-				*(out++) = ivec[n] ^ (c = *(in++));
-				ivec[n] = c;
-				--len;
-				n = (n + 1) % 16;
-			}
-			while (len >= 16) {
-				aesni_encrypt(ivec, ivec, key);
-				for (n = 0; n < 16; n += sizeof(size_t)) {
-					size_t t = *(size_t*)(in + n);
-					*(size_t*)(out + n) = *(size_t*)(ivec + n) ^ t;
-					*(size_t*)(ivec + n) = t;
-				}
-				len -= 16;
-				out += 16;
-				in += 16;
-			}
-			n = 0;
-			if (len) {
-				aesni_encrypt(ivec, ivec, key);
-				while (len--) {
-					unsigned char c;
-					out[n] = ivec[n] ^ (c = in[n]);
-					ivec[n] = c;
-					++n;
-				}
-			}
-			*num = n;
-			return;
-		} while (0);
-		/* the rest would be commonly eliminated by x86* compiler */
-#endif
-		while (l < len) {
-			unsigned char c;
-			if (n == 0) {
-				aesni_encrypt(ivec, ivec, key);
-			}
-			out[l] = ivec[n] ^ (c = in[l]);
-			ivec[n] = c;
-			++l;
-			n = (n + 1) % 16;
-		}
-		*num = n;
-	}
-}
-
-/* The input and output encrypted as though 128bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-static void
-aesni_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-    unsigned int len, const void *key, unsigned char ivec[16], int *num)
-{
-	unsigned int n;
-	size_t l = 0;
-
-	n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-		if (16%sizeof(size_t) == 0) do { /* always true actually */
-		while (n && len) {
-			*(out++) = *(in++) ^ ivec[n];
-			--len;
-			n = (n + 1) % 16;
-		}
-		while (len >= 16) {
-			aesni_encrypt(ivec, ivec, key);
-			for (n = 0; n < 16; n += sizeof(size_t))
-				*(size_t*)(out + n) =
-				    *(size_t*)(in + n) ^ *(size_t*)(ivec + n);
-			len -= 16;
-			out += 16;
-			in += 16;
-		}
-		n = 0;
-		if (len) {
-			aesni_encrypt(ivec, ivec, key);
-			while (len--) {
-				out[n] = in[n] ^ ivec[n];
-				++n;
-			}
-		}
-		*num = n;
-		return;
-	} while (0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l < len) {
-		if (n == 0) {
-			aesni_encrypt(ivec, ivec, key);
-		}
-		out[l] = in[l] ^ ivec[n];
-		++l;
-		n = (n + 1) % 16;
-	}
-
-	*num = n;
-}
-/* ===== Engine "management" functions ===== */
-
-typedef unsigned long long IA32CAP;
-
-/* Prepare the ENGINE structure for registration */
-static int
-aesni_bind_helper(ENGINE *e)
-{
-	int engage;
-
-	if (sizeof(OPENSSL_ia32cap_P) > 4) {
-		engage = ((IA32CAP)OPENSSL_ia32cap_P >> 57) & 1;
-	} else {
-		IA32CAP OPENSSL_ia32_cpuid(void);
-		engage = (OPENSSL_ia32_cpuid() >> 57) & 1;
-	}
-
-	/* Register everything or return with an error */
-	if (!ENGINE_set_id(e, aesni_id) ||
-	    !ENGINE_set_name(e, engage ? aesni_name : no_aesni_name) ||
-	    !ENGINE_set_init_function(e, aesni_init) ||
-	    (engage && !ENGINE_set_ciphers (e, aesni_ciphers)))
-		return 0;
-
-	/* Everything looks good */
-	return 1;
-}
-
-/* Constructor */
-static ENGINE *
-ENGINE_aesni(void)
-{
-	ENGINE *eng = ENGINE_new();
-
-	if (!eng) {
-		return NULL;
-	}
-
-	if (!aesni_bind_helper(eng)) {
-		ENGINE_free(eng);
-		return NULL;
-	}
-
-	return eng;
-}
-
-/* Check availability of the engine */
-static int
-aesni_init(ENGINE *e)
-{
-	return 1;
-}
-
-#if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
-#define NID_aes_128_cfb	NID_aes_128_cfb128
-#endif
-
-#if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
-#define NID_aes_128_ofb	NID_aes_128_ofb128
-#endif
-
-#if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
-#define NID_aes_192_cfb	NID_aes_192_cfb128
-#endif
-
-#if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
-#define NID_aes_192_ofb	NID_aes_192_ofb128
-#endif
-
-#if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
-#define NID_aes_256_cfb	NID_aes_256_cfb128
-#endif
-
-#if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
-#define NID_aes_256_ofb	NID_aes_256_ofb128
-#endif
-
-/* List of supported ciphers. */
-static int aesni_cipher_nids[] = {
-	NID_aes_128_ecb,
-	NID_aes_128_cbc,
-	NID_aes_128_cfb,
-	NID_aes_128_ofb,
-
-	NID_aes_192_ecb,
-	NID_aes_192_cbc,
-	NID_aes_192_cfb,
-	NID_aes_192_ofb,
-
-	NID_aes_256_ecb,
-	NID_aes_256_cbc,
-	NID_aes_256_cfb,
-	NID_aes_256_ofb,
-};
-static int aesni_cipher_nids_num =
-    (sizeof(aesni_cipher_nids) / sizeof(aesni_cipher_nids[0]));
-
-typedef struct {
-	AES_KEY ks;
-	unsigned int _pad1[3];
-} AESNI_KEY;
-
-static int
-aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *user_key,
-    const unsigned char *iv, int enc)
-{
-	int ret;
-	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
-
-	if ((ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_CFB_MODE ||
-	    (ctx->cipher->flags & EVP_CIPH_MODE) == EVP_CIPH_OFB_MODE ||
-	    enc)
-		ret = aesni_set_encrypt_key(user_key, ctx->key_len * 8, key);
-	else
-		ret = aesni_set_decrypt_key(user_key, ctx->key_len * 8, key);
-
-	if (ret < 0) {
-		EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-aesni_cipher_ecb(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
-
-	aesni_ecb_encrypt(in, out, inl, key, ctx->encrypt);
-	return 1;
-}
-
-static int
-aesni_cipher_cbc(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
-
-	aesni_cbc_encrypt(in, out, inl, key, ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-static int
-aesni_cipher_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
-
-	aesni_cfb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num,
-	    ctx->encrypt);
-	return 1;
-}
-
-static int
-aesni_cipher_ofb(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	AES_KEY *key = AESNI_ALIGN(ctx->cipher_data);
-
-	aesni_ofb128_encrypt(in, out, inl, key, ctx->iv, &ctx->num);
-	return 1;
-}
-
-#define AES_BLOCK_SIZE		16
-
-#define EVP_CIPHER_block_size_ECB	AES_BLOCK_SIZE
-#define EVP_CIPHER_block_size_CBC	AES_BLOCK_SIZE
-#define EVP_CIPHER_block_size_OFB	1
-#define EVP_CIPHER_block_size_CFB	1
-
-/* Declaring so many ciphers by hand would be a pain.
-   Instead introduce a bit of preprocessor magic :-) */
-#define	DECLARE_AES_EVP(ksize,lmode,umode)	\
-static const EVP_CIPHER aesni_##ksize##_##lmode = {	\
-	NID_aes_##ksize##_##lmode,			\
-	EVP_CIPHER_block_size_##umode,			\
-	ksize / 8,					\
-	AES_BLOCK_SIZE,					\
-	0 | EVP_CIPH_##umode##_MODE,			\
-	aesni_init_key,				\
-	aesni_cipher_##lmode,				\
-	NULL,						\
-	sizeof(AESNI_KEY),				\
-	EVP_CIPHER_set_asn1_iv,				\
-	EVP_CIPHER_get_asn1_iv,				\
-	NULL,						\
-	NULL						\
-}
-
-DECLARE_AES_EVP(128, ecb, ECB);
-DECLARE_AES_EVP(128, cbc, CBC);
-DECLARE_AES_EVP(128, cfb, CFB);
-DECLARE_AES_EVP(128, ofb, OFB);
-
-DECLARE_AES_EVP(192, ecb, ECB);
-DECLARE_AES_EVP(192, cbc, CBC);
-DECLARE_AES_EVP(192, cfb, CFB);
-DECLARE_AES_EVP(192, ofb, OFB);
-
-DECLARE_AES_EVP(256, ecb, ECB);
-DECLARE_AES_EVP(256, cbc, CBC);
-DECLARE_AES_EVP(256, cfb, CFB);
-DECLARE_AES_EVP(256, ofb, OFB);
-
-static int
-aesni_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
-{
-	/* No specific cipher => return a list of supported nids ... */
-	if (!cipher) {
-		*nids = aesni_cipher_nids;
-		return aesni_cipher_nids_num;
-	}
-
-	/* ... or the requested "cipher" otherwise */
-	switch (nid) {
-	case NID_aes_128_ecb:
-		*cipher = &aesni_128_ecb;
-		break;
-	case NID_aes_128_cbc:
-		*cipher = &aesni_128_cbc;
-		break;
-	case NID_aes_128_cfb:
-		*cipher = &aesni_128_cfb;
-		break;
-	case NID_aes_128_ofb:
-		*cipher = &aesni_128_ofb;
-		break;
-
-	case NID_aes_192_ecb:
-		*cipher = &aesni_192_ecb;
-		break;
-	case NID_aes_192_cbc:
-		*cipher = &aesni_192_cbc;
-		break;
-	case NID_aes_192_cfb:
-		*cipher = &aesni_192_cfb;
-		break;
-	case NID_aes_192_ofb:
-		*cipher = &aesni_192_ofb;
-		break;
-
-	case NID_aes_256_ecb:
-		*cipher = &aesni_256_ecb;
-		break;
-	case NID_aes_256_cbc:
-		*cipher = &aesni_256_cbc;
-		break;
-	case NID_aes_256_cfb:
-		*cipher = &aesni_256_cfb;
-		break;
-	case NID_aes_256_ofb:
-		*cipher = &aesni_256_ofb;
-		break;
-
-	default:
-		/* Sorry, we don't support this NID */
-		*cipher = NULL;
-		return 0;
-	}
-	return 1;
-}
-
-#endif /* COMPILE_HW_AESNI */
-#endif /* !defined(OPENSSL_NO_HW) && !defined(OPENSSL_NO_HW_AESNI) && !defined(OPENSSL_NO_AES) */
diff --git a/lib/libssl/src/crypto/engine/eng_all.c b/lib/libssl/src/crypto/engine/eng_all.c
deleted file mode 100644
index 7640cf7fcde..00000000000
--- a/lib/libssl/src/crypto/engine/eng_all.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* $OpenBSD: eng_all.c,v 1.29 2015/07/19 22:34:27 doug Exp $ */
-/* Written by Richard Levitte <richard@levitte.org> for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-void
-ENGINE_load_builtin_engines(void)
-{
-	/* Some ENGINEs need this */
-	OPENSSL_cpuid_setup();
-
-#ifndef OPENSSL_NO_STATIC_ENGINE
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_PADLOCK
-	ENGINE_load_padlock();
-#endif
-#endif
-#endif
-	ENGINE_register_all_complete();
-}
diff --git a/lib/libssl/src/crypto/engine/eng_cnf.c b/lib/libssl/src/crypto/engine/eng_cnf.c
deleted file mode 100644
index acdebda6a67..00000000000
--- a/lib/libssl/src/crypto/engine/eng_cnf.c
+++ /dev/null
@@ -1,257 +0,0 @@
-/* $OpenBSD: eng_cnf.c,v 1.13 2015/02/11 03:19:37 doug Exp $ */
-/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-/* #define ENGINE_CONF_DEBUG */
-
-/* ENGINE config module */
-
-static char *
-skip_dot(char *name)
-{
-	char *p;
-
-	p = strchr(name, '.');
-	if (p)
-		return p + 1;
-	return name;
-}
-
-static STACK_OF(ENGINE) *initialized_engines = NULL;
-
-static int
-int_engine_init(ENGINE *e)
-{
-	if (!ENGINE_init(e))
-		return 0;
-	if (!initialized_engines)
-		initialized_engines = sk_ENGINE_new_null();
-	if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
-		ENGINE_finish(e);
-		return 0;
-	}
-	return 1;
-}
-
-
-static int
-int_engine_configure(char *name, char *value, const CONF *cnf)
-{
-	int i;
-	int ret = 0;
-	long do_init = -1;
-	STACK_OF(CONF_VALUE) *ecmds;
-	CONF_VALUE *ecmd = NULL;
-	char *ctrlname, *ctrlvalue;
-	ENGINE *e = NULL;
-	int soft = 0;
-
-	name = skip_dot(name);
-#ifdef ENGINE_CONF_DEBUG
-	fprintf(stderr, "Configuring engine %s\n", name);
-#endif
-	/* Value is a section containing ENGINE commands */
-	ecmds = NCONF_get_section(cnf, value);
-
-	if (!ecmds) {
-		ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-		    ENGINE_R_ENGINE_SECTION_ERROR);
-		return 0;
-	}
-
-	for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
-		ecmd = sk_CONF_VALUE_value(ecmds, i);
-		ctrlname = skip_dot(ecmd->name);
-		ctrlvalue = ecmd->value;
-#ifdef ENGINE_CONF_DEBUG
-		fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n",
-		    ctrlname, ctrlvalue);
-#endif
-
-		/* First handle some special pseudo ctrls */
-
-		/* Override engine name to use */
-		if (!strcmp(ctrlname, "engine_id"))
-			name = ctrlvalue;
-		else if (!strcmp(ctrlname, "soft_load"))
-			soft = 1;
-		/* Load a dynamic ENGINE */
-		else if (!strcmp(ctrlname, "dynamic_path")) {
-			e = ENGINE_by_id("dynamic");
-			if (!e)
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
-				goto err;
-			if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
-				goto err;
-		}
-		/* ... add other pseudos here ... */
-		else {
-			/* At this point we need an ENGINE structural reference
-			 * if we don't already have one.
-			 */
-			if (!e) {
-				e = ENGINE_by_id(name);
-				if (!e && soft) {
-					ERR_clear_error();
-					return 1;
-				}
-				if (!e)
-					goto err;
-			}
-			/* Allow "EMPTY" to mean no value: this allows a valid
-			 * "value" to be passed to ctrls of type NO_INPUT
-		 	 */
-			if (!strcmp(ctrlvalue, "EMPTY"))
-				ctrlvalue = NULL;
-			if (!strcmp(ctrlname, "init")) {
-				if (!NCONF_get_number_e(cnf, value, "init",
-				    &do_init))
-					goto err;
-				if (do_init == 1) {
-					if (!int_engine_init(e))
-						goto err;
-				} else if (do_init != 0) {
-					ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-					    ENGINE_R_INVALID_INIT_VALUE);
-					goto err;
-				}
-			}
-			else if (!strcmp(ctrlname, "default_algorithms")) {
-				if (!ENGINE_set_default_string(e, ctrlvalue))
-					goto err;
-			} else if (!ENGINE_ctrl_cmd_string(e,
-				ctrlname, ctrlvalue, 0))
-				goto err;
-		}
-	}
-	if (e && (do_init == -1) && !int_engine_init(e)) {
-		ecmd = NULL;
-		goto err;
-	}
-	ret = 1;
-
-err:
-	if (ret != 1) {
-		ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
-		    ENGINE_R_ENGINE_CONFIGURATION_ERROR);
-		if (ecmd)
-			ERR_asprintf_error_data(
-			    "section=%s, name=%s, value=%s",
-			    ecmd->section, ecmd->name, ecmd->value);
-	}
-	if (e)
-		ENGINE_free(e);
-	return ret;
-}
-
-
-static int
-int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
-{
-	STACK_OF(CONF_VALUE) *elist;
-	CONF_VALUE *cval;
-	int i;
-
-#ifdef ENGINE_CONF_DEBUG
-	fprintf(stderr, "Called engine module: name %s, value %s\n",
-	    CONF_imodule_get_name(md), CONF_imodule_get_value(md));
-#endif
-	/* Value is a section containing ENGINEs to configure */
-	elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
-
-	if (!elist) {
-		ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT,
-		    ENGINE_R_ENGINES_SECTION_ERROR);
-		return 0;
-	}
-
-	for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
-		cval = sk_CONF_VALUE_value(elist, i);
-		if (!int_engine_configure(cval->name, cval->value, cnf))
-			return 0;
-	}
-
-	return 1;
-}
-
-static void
-int_engine_module_finish(CONF_IMODULE *md)
-{
-	ENGINE *e;
-
-	while ((e = sk_ENGINE_pop(initialized_engines)))
-		ENGINE_finish(e);
-	sk_ENGINE_free(initialized_engines);
-	initialized_engines = NULL;
-}
-
-void
-ENGINE_add_conf_module(void)
-{
-	CONF_module_add("engines", int_engine_module_init,
-	    int_engine_module_finish);
-}
diff --git a/lib/libssl/src/crypto/engine/eng_ctrl.c b/lib/libssl/src/crypto/engine/eng_ctrl.c
deleted file mode 100644
index bf832dc626c..00000000000
--- a/lib/libssl/src/crypto/engine/eng_ctrl.c
+++ /dev/null
@@ -1,393 +0,0 @@
-/* $OpenBSD: eng_ctrl.c,v 1.10 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* When querying a ENGINE-specific control command's 'description', this string
- * is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL. */
-static const char *int_no_description = "";
-
-/* These internal functions handle 'CMD'-related control commands when the
- * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
- * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag. */
-
-static int
-int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
-{
-	if ((defn->cmd_num == 0) || (defn->cmd_name == NULL))
-		return 1;
-	return 0;
-}
-
-static int
-int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
-{
-	int idx = 0;
-	while (!int_ctrl_cmd_is_null(defn) &&
-	    (strcmp(defn->cmd_name, s) != 0)) {
-		idx++;
-		defn++;
-	}
-	if (int_ctrl_cmd_is_null(defn))
-		/* The given name wasn't found */
-		return -1;
-	return idx;
-}
-
-static int
-int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
-{
-	int idx = 0;
-	/* NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
-	 * our searches don't need to take any longer than necessary. */
-	while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) {
-		idx++;
-		defn++;
-	}
-	if (defn->cmd_num == num)
-		return idx;
-	/* The given cmd_num wasn't found */
-	return -1;
-}
-
-static int
-int_ctrl_helper(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
-{
-	int idx;
-	int ret;
-	char *s = (char *)p;
-
-	/* Take care of the easy one first (eg. it requires no searches) */
-	if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) {
-		if ((e->cmd_defns == NULL) ||
-		    int_ctrl_cmd_is_null(e->cmd_defns))
-			return 0;
-		return e->cmd_defns->cmd_num;
-	}
-	/* One or two commands require that "p" be a valid string buffer */
-	if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
-	    (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
-	    (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) {
-		if (s == NULL) {
-			ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-			    ERR_R_PASSED_NULL_PARAMETER);
-			return -1;
-		}
-	}
-	/* Now handle cmd_name -> cmd_num conversion */
-	if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) {
-		if ((e->cmd_defns == NULL) ||
-		    ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) {
-			ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-			    ENGINE_R_INVALID_CMD_NAME);
-			return -1;
-		}
-		return e->cmd_defns[idx].cmd_num;
-	}
-	/* For the rest of the commands, the 'long' argument must specify a
-	 * valie command number - so we need to conduct a search. */
-	if ((e->cmd_defns == NULL) ||
-	    ((idx = int_ctrl_cmd_by_num(e->cmd_defns, (unsigned int)i)) < 0)) {
-		ENGINEerr(ENGINE_F_INT_CTRL_HELPER,
-		    ENGINE_R_INVALID_CMD_NUMBER);
-		return -1;
-	}
-	/* Now the logic splits depending on command type */
-	switch (cmd) {
-	case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-		idx++;
-		if (int_ctrl_cmd_is_null(e->cmd_defns + idx))
-			/* end-of-list */
-			return 0;
-		else
-			return e->cmd_defns[idx].cmd_num;
-	case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-		return strlen(e->cmd_defns[idx].cmd_name);
-	case ENGINE_CTRL_GET_NAME_FROM_CMD:
-		ret = snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1,
-		    "%s", e->cmd_defns[idx].cmd_name);
-		if (ret >= (strlen(e->cmd_defns[idx].cmd_name) + 1))
-			ret = -1;
-		return ret;
-	case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-		if (e->cmd_defns[idx].cmd_desc)
-			return strlen(e->cmd_defns[idx].cmd_desc);
-		return strlen(int_no_description);
-	case ENGINE_CTRL_GET_DESC_FROM_CMD:
-		if (e->cmd_defns[idx].cmd_desc) {
-			ret = snprintf(s,
-			    strlen(e->cmd_defns[idx].cmd_desc) + 1,
-			    "%s", e->cmd_defns[idx].cmd_desc);
-			if (ret >= strlen(e->cmd_defns[idx].cmd_desc) + 1)
-				ret = -1;
-			return ret;
-		}
-		ret = snprintf(s, strlen(int_no_description) + 1, "%s",
-		    int_no_description);
-		if (ret >= strlen(int_no_description) + 1)
-			ret = -1;
-		return ret;
-	case ENGINE_CTRL_GET_CMD_FLAGS:
-		return e->cmd_defns[idx].cmd_flags;
-	}
-
-	/* Shouldn't really be here ... */
-	ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INTERNAL_LIST_ERROR);
-	return -1;
-}
-
-int
-ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void))
-{
-	int ctrl_exists, ref_exists;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ref_exists = ((e->struct_ref > 0) ? 1 : 0);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
-	if (!ref_exists) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_REFERENCE);
-		return 0;
-	}
-	/* Intercept any "root-level" commands before trying to hand them on to
-	 * ctrl() handlers. */
-	switch (cmd) {
-	case ENGINE_CTRL_HAS_CTRL_FUNCTION:
-		return ctrl_exists;
-	case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
-	case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
-	case ENGINE_CTRL_GET_CMD_FROM_NAME:
-	case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
-	case ENGINE_CTRL_GET_NAME_FROM_CMD:
-	case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
-	case ENGINE_CTRL_GET_DESC_FROM_CMD:
-	case ENGINE_CTRL_GET_CMD_FLAGS:
-		if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
-			return int_ctrl_helper(e, cmd, i, p, f);
-		if (!ctrl_exists) {
-			ENGINEerr(ENGINE_F_ENGINE_CTRL,
-			    ENGINE_R_NO_CONTROL_FUNCTION);
-			/* For these cmd-related functions, failure is indicated
-			 * by a -1 return value (because 0 is used as a valid
-			 * return in some places). */
-			return -1;
-		}
-	default:
-		break;
-	}
-	/* Anything else requires a ctrl() handler to exist. */
-	if (!ctrl_exists) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION);
-		return 0;
-	}
-	return e->ctrl(e, cmd, i, p, f);
-}
-
-int
-ENGINE_cmd_is_executable(ENGINE *e, int cmd)
-{
-	int flags;
-
-	if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd,
-	    NULL, NULL)) < 0) {
-		ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
-		    ENGINE_R_INVALID_CMD_NUMBER);
-		return 0;
-	}
-	if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
-	    !(flags & ENGINE_CMD_FLAG_NUMERIC) &&
-	    !(flags & ENGINE_CMD_FLAG_STRING))
-		return 0;
-	return 1;
-}
-
-int
-ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name, long i, void *p,
-    void (*f)(void), int cmd_optional)
-{
-	int num;
-
-	if ((e == NULL) || (cmd_name == NULL)) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if ((e->ctrl == NULL) ||
-	    ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME,
-	    0, (void *)cmd_name, NULL)) <= 0)) {
-		/* If the command didn't *have* to be supported, we fake
-		 * success. This allows certain settings to be specified for
-		 * multiple ENGINEs and only require a change of ENGINE id
-		 * (without having to selectively apply settings). Eg. changing
-		 * from a hardware device back to the regular software ENGINE
-		 * without editing the config file, etc. */
-		if (cmd_optional) {
-			ERR_clear_error();
-			return 1;
-		}
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ENGINE_R_INVALID_CMD_NAME);
-		return 0;
-	}
-
-	/* Force the result of the control command to 0 or 1, for the reasons
-	 * mentioned before. */
-	if (ENGINE_ctrl(e, num, i, p, f) > 0)
-		return 1;
-
-	return 0;
-}
-
-int
-ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-    int cmd_optional)
-{
-	int num, flags;
-	long l;
-	char *ptr;
-
-	if ((e == NULL) || (cmd_name == NULL)) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if ((e->ctrl == NULL) ||
-	    ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FROM_NAME, 0,
-	    (void *)cmd_name, NULL)) <= 0)) {
-		/* If the command didn't *have* to be supported, we fake
-		 * success. This allows certain settings to be specified for
-		 * multiple ENGINEs and only require a change of ENGINE id
-		 * (without having to selectively apply settings). Eg. changing
-		 * from a hardware device back to the regular software ENGINE
-		 * without editing the config file, etc. */
-		if (cmd_optional) {
-			ERR_clear_error();
-			return 1;
-		}
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_INVALID_CMD_NAME);
-		return 0;
-	}
-	if (!ENGINE_cmd_is_executable(e, num)) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_CMD_NOT_EXECUTABLE);
-		return 0;
-	}
-	if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
-	    NULL, NULL)) < 0) {
-		/* Shouldn't happen, given that ENGINE_cmd_is_executable()
-		 * returned success. */
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_INTERNAL_LIST_ERROR);
-		return 0;
-	}
-	/* If the command takes no input, there must be no input. And vice
-	 * versa. */
-	if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
-		if (arg != NULL) {
-			ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-			    ENGINE_R_COMMAND_TAKES_NO_INPUT);
-			return 0;
-		}
-		/* We deliberately force the result of ENGINE_ctrl() to 0 or 1
-		 * rather than returning it as "return data". This is to ensure
-		 * usage of these commands is consistent across applications and
-		 * that certain applications don't understand it one way, and
-		 * others another. */
-		if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
-			return 1;
-		return 0;
-	}
-	/* So, we require input */
-	if (arg == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_COMMAND_TAKES_INPUT);
-		return 0;
-	}
-	/* If it takes string input, that's easy */
-	if (flags & ENGINE_CMD_FLAG_STRING) {
-		/* Same explanation as above */
-		if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
-			return 1;
-		return 0;
-	}
-	/* If it doesn't take numeric either, then it is unsupported for use in
-	 * a config-setting situation, which is what this function is for. This
-	 * should never happen though, because ENGINE_cmd_is_executable() was
-	 * used. */
-	if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_INTERNAL_LIST_ERROR);
-		return 0;
-	}
-	l = strtol(arg, &ptr, 10);
-	if ((arg == ptr) || (*ptr != '\0')) {
-		ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
-		    ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
-		return 0;
-	}
-	/* Force the result of the control command to 0 or 1, for the reasons
-	 * mentioned before. */
-	if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/engine/eng_dyn.c b/lib/libssl/src/crypto/engine/eng_dyn.c
deleted file mode 100644
index 400ce726815..00000000000
--- a/lib/libssl/src/crypto/engine/eng_dyn.c
+++ /dev/null
@@ -1,64 +0,0 @@
-/* $OpenBSD: eng_dyn.c,v 1.14 2015/06/19 06:05:11 bcook Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/engine.h>
-
-void
-ENGINE_load_dynamic(void)
-{
-}
diff --git a/lib/libssl/src/crypto/engine/eng_err.c b/lib/libssl/src/crypto/engine/eng_err.c
deleted file mode 100644
index d65efde9914..00000000000
--- a/lib/libssl/src/crypto/engine/eng_err.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* $OpenBSD: eng_err.c,v 1.10 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/engine.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
-
-static ERR_STRING_DATA ENGINE_str_functs[] = {
-	{ERR_FUNC(ENGINE_F_DYNAMIC_CTRL),	"DYNAMIC_CTRL"},
-	{ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX),	"DYNAMIC_GET_DATA_CTX"},
-	{ERR_FUNC(ENGINE_F_DYNAMIC_LOAD),	"DYNAMIC_LOAD"},
-	{ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX),	"DYNAMIC_SET_DATA_CTX"},
-	{ERR_FUNC(ENGINE_F_ENGINE_ADD),	"ENGINE_add"},
-	{ERR_FUNC(ENGINE_F_ENGINE_BY_ID),	"ENGINE_by_id"},
-	{ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE),	"ENGINE_cmd_is_executable"},
-	{ERR_FUNC(ENGINE_F_ENGINE_CTRL),	"ENGINE_ctrl"},
-	{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD),	"ENGINE_ctrl_cmd"},
-	{ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING),	"ENGINE_ctrl_cmd_string"},
-	{ERR_FUNC(ENGINE_F_ENGINE_FINISH),	"ENGINE_finish"},
-	{ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL),	"ENGINE_FREE_UTIL"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER),	"ENGINE_get_cipher"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE),	"ENGINE_GET_DEFAULT_TYPE"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST),	"ENGINE_get_digest"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT),	"ENGINE_get_next"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),	"ENGINE_get_pkey_asn1_meth"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH),	"ENGINE_get_pkey_meth"},
-	{ERR_FUNC(ENGINE_F_ENGINE_GET_PREV),	"ENGINE_get_prev"},
-	{ERR_FUNC(ENGINE_F_ENGINE_INIT),	"ENGINE_init"},
-	{ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD),	"ENGINE_LIST_ADD"},
-	{ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE),	"ENGINE_LIST_REMOVE"},
-	{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY),	"ENGINE_load_private_key"},
-	{ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY),	"ENGINE_load_public_key"},
-	{ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT),	"ENGINE_load_ssl_client_cert"},
-	{ERR_FUNC(ENGINE_F_ENGINE_NEW),	"ENGINE_new"},
-	{ERR_FUNC(ENGINE_F_ENGINE_REMOVE),	"ENGINE_remove"},
-	{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),	"ENGINE_set_default_string"},
-	{ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE),	"ENGINE_SET_DEFAULT_TYPE"},
-	{ERR_FUNC(ENGINE_F_ENGINE_SET_ID),	"ENGINE_set_id"},
-	{ERR_FUNC(ENGINE_F_ENGINE_SET_NAME),	"ENGINE_set_name"},
-	{ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER),	"ENGINE_TABLE_REGISTER"},
-	{ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY),	"ENGINE_UNLOAD_KEY"},
-	{ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH),	"ENGINE_UNLOCKED_FINISH"},
-	{ERR_FUNC(ENGINE_F_ENGINE_UP_REF),	"ENGINE_up_ref"},
-	{ERR_FUNC(ENGINE_F_INT_CTRL_HELPER),	"INT_CTRL_HELPER"},
-	{ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE),	"INT_ENGINE_CONFIGURE"},
-	{ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT),	"INT_ENGINE_MODULE_INIT"},
-	{ERR_FUNC(ENGINE_F_LOG_MESSAGE),	"LOG_MESSAGE"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA ENGINE_str_reasons[] = {
-	{ERR_REASON(ENGINE_R_ALREADY_LOADED)     , "already loaded"},
-	{ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER), "argument is not a number"},
-	{ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE) , "cmd not executable"},
-	{ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
-	{ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
-	{ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
-	{ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED), "ctrl command not implemented"},
-	{ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED) , "dh not implemented"},
-	{ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
-	{ERR_REASON(ENGINE_R_DSO_FAILURE)        , "DSO failure"},
-	{ERR_REASON(ENGINE_R_DSO_NOT_FOUND)      , "dso not found"},
-	{ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
-	{ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR), "engine configuration error"},
-	{ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
-	{ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
-	{ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY), "failed loading private key"},
-	{ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY), "failed loading public key"},
-	{ERR_REASON(ENGINE_R_FINISH_FAILED)      , "finish failed"},
-	{ERR_REASON(ENGINE_R_GET_HANDLE_FAILED)  , "could not obtain hardware handle"},
-	{ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING) , "'id' or 'name' missing"},
-	{ERR_REASON(ENGINE_R_INIT_FAILED)        , "init failed"},
-	{ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
-	{ERR_REASON(ENGINE_R_INVALID_ARGUMENT)   , "invalid argument"},
-	{ERR_REASON(ENGINE_R_INVALID_CMD_NAME)   , "invalid cmd name"},
-	{ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER) , "invalid cmd number"},
-	{ERR_REASON(ENGINE_R_INVALID_INIT_VALUE) , "invalid init value"},
-	{ERR_REASON(ENGINE_R_INVALID_STRING)     , "invalid string"},
-	{ERR_REASON(ENGINE_R_NOT_INITIALISED)    , "not initialised"},
-	{ERR_REASON(ENGINE_R_NOT_LOADED)         , "not loaded"},
-	{ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
-	{ERR_REASON(ENGINE_R_NO_INDEX)           , "no index"},
-	{ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION)   , "no load function"},
-	{ERR_REASON(ENGINE_R_NO_REFERENCE)       , "no reference"},
-	{ERR_REASON(ENGINE_R_NO_SUCH_ENGINE)     , "no such engine"},
-	{ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION) , "no unload function"},
-	{ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS) , "provide parameters"},
-	{ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
-	{ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
-	{ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
-	{ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD), "unimplemented public key method"},
-	{ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ENGINE_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, ENGINE_str_functs);
-		ERR_load_strings(0, ENGINE_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/engine/eng_fat.c b/lib/libssl/src/crypto/engine/eng_fat.c
deleted file mode 100644
index b54757d8ad5..00000000000
--- a/lib/libssl/src/crypto/engine/eng_fat.c
+++ /dev/null
@@ -1,192 +0,0 @@
-/* $OpenBSD: eng_fat.c,v 1.15 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include "eng_int.h"
-#include <openssl/conf.h>
-
-int
-ENGINE_set_default(ENGINE *e, unsigned int flags)
-{
-	if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
-		return 0;
-	if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
-		return 0;
-#ifndef OPENSSL_NO_RSA
-	if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_DSA
-	if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_DH
-	if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_ECDH
-	if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e))
-		return 0;
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
-		return 0;
-#endif
-	if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
-		return 0;
-	if ((flags & ENGINE_METHOD_PKEY_METHS) &&
-	    !ENGINE_set_default_pkey_meths(e))
-		return 0;
-	if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS) &&
-	    !ENGINE_set_default_pkey_asn1_meths(e))
-		return 0;
-	return 1;
-}
-
-/* Set default algorithms using a string */
-
-static int
-int_def_cb(const char *alg, int len, void *arg)
-{
-	unsigned int *pflags = arg;
-
-	if (!strncmp(alg, "ALL", len))
-		*pflags |= ENGINE_METHOD_ALL;
-	else if (!strncmp(alg, "RSA", len))
-		*pflags |= ENGINE_METHOD_RSA;
-	else if (!strncmp(alg, "DSA", len))
-		*pflags |= ENGINE_METHOD_DSA;
-	else if (!strncmp(alg, "ECDH", len))
-		*pflags |= ENGINE_METHOD_ECDH;
-	else if (!strncmp(alg, "ECDSA", len))
-		*pflags |= ENGINE_METHOD_ECDSA;
-	else if (!strncmp(alg, "DH", len))
-		*pflags |= ENGINE_METHOD_DH;
-	else if (!strncmp(alg, "RAND", len))
-		*pflags |= ENGINE_METHOD_RAND;
-	else if (!strncmp(alg, "CIPHERS", len))
-		*pflags |= ENGINE_METHOD_CIPHERS;
-	else if (!strncmp(alg, "DIGESTS", len))
-		*pflags |= ENGINE_METHOD_DIGESTS;
-	else if (!strncmp(alg, "PKEY", len))
-		*pflags |= ENGINE_METHOD_PKEY_METHS |
-		    ENGINE_METHOD_PKEY_ASN1_METHS;
-	else if (!strncmp(alg, "PKEY_CRYPTO", len))
-		*pflags |= ENGINE_METHOD_PKEY_METHS;
-	else if (!strncmp(alg, "PKEY_ASN1", len))
-		*pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
-	else
-		return 0;
-	return 1;
-}
-
-int
-ENGINE_set_default_string(ENGINE *e, const char *def_list)
-{
-	unsigned int flags = 0;
-
-	if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) {
-		ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
-		    ENGINE_R_INVALID_STRING);
-		ERR_asprintf_error_data("str=%s",def_list);
-		return 0;
-	}
-	return ENGINE_set_default(e, flags);
-}
-
-int
-ENGINE_register_complete(ENGINE *e)
-{
-	ENGINE_register_ciphers(e);
-	ENGINE_register_digests(e);
-#ifndef OPENSSL_NO_RSA
-	ENGINE_register_RSA(e);
-#endif
-#ifndef OPENSSL_NO_DSA
-	ENGINE_register_DSA(e);
-#endif
-#ifndef OPENSSL_NO_DH
-	ENGINE_register_DH(e);
-#endif
-#ifndef OPENSSL_NO_ECDH
-	ENGINE_register_ECDH(e);
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	ENGINE_register_ECDSA(e);
-#endif
-	ENGINE_register_RAND(e);
-	ENGINE_register_pkey_meths(e);
-	return 1;
-}
-
-int
-ENGINE_register_all_complete(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
-			ENGINE_register_complete(e);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/eng_init.c b/lib/libssl/src/crypto/engine/eng_init.c
deleted file mode 100644
index b50e22594c1..00000000000
--- a/lib/libssl/src/crypto/engine/eng_init.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* $OpenBSD: eng_init.c,v 1.7 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* Initialise a engine type for use (or up its functional reference count
- * if it's already in use). This version is only used internally. */
-int
-engine_unlocked_init(ENGINE *e)
-{
-	int to_return = 1;
-
-	if ((e->funct_ref == 0) && e->init)
-		/* This is the first functional reference and the engine
-		 * requires initialisation so we do it now. */
-		to_return = e->init(e);
-	if (to_return) {
-		/* OK, we return a functional reference which is also a
-		 * structural reference. */
-		e->struct_ref++;
-		e->funct_ref++;
-		engine_ref_debug(e, 0, 1)
-		engine_ref_debug(e, 1, 1)
-	}
-	return to_return;
-}
-
-/* Free a functional reference to a engine type. This version is only used
- * internally. */
-int
-engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
-{
-	int to_return = 1;
-
-	/* Reduce the functional reference count here so if it's the terminating
-	 * case, we can release the lock safely and call the finish() handler
-	 * without risk of a race. We get a race if we leave the count until
-	 * after and something else is calling "finish" at the same time -
-	 * there's a chance that both threads will together take the count from
-	 * 2 to 0 without either calling finish(). */
-	e->funct_ref--;
-	engine_ref_debug(e, 1, -1);
-	if ((e->funct_ref == 0) && e->finish) {
-		if (unlock_for_handlers)
-			CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		to_return = e->finish(e);
-		if (unlock_for_handlers)
-			CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-		if (!to_return)
-			return 0;
-	}
-
-	/* Release the structural reference too */
-	if (!engine_free_util(e, 0)) {
-		ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH,
-		    ENGINE_R_FINISH_FAILED);
-		return 0;
-	}
-	return to_return;
-}
-
-/* The API (locked) version of "init" */
-int
-ENGINE_init(ENGINE *e)
-{
-	int ret;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_INIT, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_unlocked_init(e);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-}
-
-/* The API (locked) version of "finish" */
-int
-ENGINE_finish(ENGINE *e)
-{
-	int to_return = 1;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	to_return = engine_unlocked_finish(e, 1);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!to_return) {
-		ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED);
-		return 0;
-	}
-	return to_return;
-}
diff --git a/lib/libssl/src/crypto/engine/eng_int.h b/lib/libssl/src/crypto/engine/eng_int.h
deleted file mode 100644
index f2404119815..00000000000
--- a/lib/libssl/src/crypto/engine/eng_int.h
+++ /dev/null
@@ -1,206 +0,0 @@
-/* $OpenBSD: eng_int.h,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_INT_H
-#define HEADER_ENGINE_INT_H
-
-/* Take public definitions from engine.h */
-#include <openssl/engine.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* If we compile with this symbol defined, then both reference counts in the
- * ENGINE structure will be monitored with a line of output on stderr for each
- * change. This prints the engine's pointer address (truncated to unsigned int),
- * "struct" or "funct" to indicate the reference type, the before and after
- * reference count, and the file:line-number pair. The "engine_ref_debug"
- * statements must come *after* the change. */
-#ifdef ENGINE_REF_COUNT_DEBUG
-
-#define engine_ref_debug(e, isfunct, diff) \
-	fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
-		(unsigned int)(e), (isfunct ? "funct" : "struct"), \
-		((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
-		((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
-		(__FILE__), (__LINE__));
-
-#else
-
-#define engine_ref_debug(e, isfunct, diff)
-
-#endif
-
-/* Any code that will need cleanup operations should use these functions to
- * register callbacks. ENGINE_cleanup() will call all registered callbacks in
- * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
- * held (in "write" mode). */
-typedef void (ENGINE_CLEANUP_CB)(void);
-typedef struct st_engine_cleanup_item {
-	ENGINE_CLEANUP_CB *cb;
-} ENGINE_CLEANUP_ITEM;
-DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
-void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
-void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
-
-/* We need stacks of ENGINEs for use in eng_table.c */
-DECLARE_STACK_OF(ENGINE)
-
-/* If this symbol is defined then engine_table_select(), the function that is
- * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults and
- * functional references (etc), will display debugging summaries to stderr. */
-/* #define ENGINE_TABLE_DEBUG */
-
-/* This represents an implementation table. Dependent code should instantiate it
- * as a (ENGINE_TABLE *) pointer value set initially to NULL. */
-typedef struct st_engine_table ENGINE_TABLE;
-int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-    ENGINE *e, const int *nids, int num_nids, int setdefault);
-void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
-void engine_table_cleanup(ENGINE_TABLE **table);
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
-#else
-ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
-    int l);
-#define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
-#endif
-typedef void (engine_table_doall_cb)(int nid, STACK_OF(ENGINE) *sk,
-    ENGINE *def, void *arg);
-void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
-    void *arg);
-
-/* Internal versions of API functions that have control over locking. These are
- * used between C files when functionality needs to be shared but the caller may
- * already be controlling of the CRYPTO_LOCK_ENGINE lock. */
-int engine_unlocked_init(ENGINE *e);
-int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
-int engine_free_util(ENGINE *e, int locked);
-
-/* This function will reset all "set"able values in an ENGINE to NULL. This
- * won't touch reference counts or ex_data, but is equivalent to calling all the
- * ENGINE_set_***() functions with a NULL value. */
-void engine_set_all_null(ENGINE *e);
-
-/* NB: Bitwise OR-able values for the "flags" variable in ENGINE are now exposed
- * in engine.h. */
-
-/* Free up dynamically allocated public key methods associated with ENGINE */
-
-void engine_pkey_meths_free(ENGINE *e);
-void engine_pkey_asn1_meths_free(ENGINE *e);
-
-/* This is a structure for storing implementations of various crypto
- * algorithms and functions. */
-struct engine_st {
-	const char *id;
-	const char *name;
-	const RSA_METHOD *rsa_meth;
-	const DSA_METHOD *dsa_meth;
-	const DH_METHOD *dh_meth;
-	const ECDH_METHOD *ecdh_meth;
-	const ECDSA_METHOD *ecdsa_meth;
-	const RAND_METHOD *rand_meth;
-	const STORE_METHOD *store_meth;
-	/* Cipher handling is via this callback */
-	ENGINE_CIPHERS_PTR ciphers;
-	/* Digest handling is via this callback */
-	ENGINE_DIGESTS_PTR digests;
-	/* Public key handling via this callback */
-	ENGINE_PKEY_METHS_PTR pkey_meths;
-	/* ASN1 public key handling via this callback */
-	ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
-
-	ENGINE_GEN_INT_FUNC_PTR	destroy;
-
-	ENGINE_GEN_INT_FUNC_PTR init;
-	ENGINE_GEN_INT_FUNC_PTR finish;
-	ENGINE_CTRL_FUNC_PTR ctrl;
-	ENGINE_LOAD_KEY_PTR load_privkey;
-	ENGINE_LOAD_KEY_PTR load_pubkey;
-
-	ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
-
-	const ENGINE_CMD_DEFN *cmd_defns;
-	int flags;
-	/* reference count on the structure itself */
-	int struct_ref;
-	/* reference count on usability of the engine type. NB: This
-	 * controls the loading and initialisation of any functionlity
-	 * required by this engine, whereas the previous count is
-	 * simply to cope with (de)allocation of this structure. Hence,
-	 * running_ref <= struct_ref at all times. */
-	int funct_ref;
-	/* A place to store per-ENGINE data */
-	CRYPTO_EX_DATA ex_data;
-	/* Used to maintain the linked-list of engines. */
-	struct engine_st *prev;
-	struct engine_st *next;
-};
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_ENGINE_INT_H */
diff --git a/lib/libssl/src/crypto/engine/eng_lib.c b/lib/libssl/src/crypto/engine/eng_lib.c
deleted file mode 100644
index f5f54fc6576..00000000000
--- a/lib/libssl/src/crypto/engine/eng_lib.c
+++ /dev/null
@@ -1,367 +0,0 @@
-/* $OpenBSD: eng_lib.c,v 1.11 2015/02/11 03:19:37 doug Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-#include "eng_int.h"
-
-/* The "new"/"free" stuff first */
-
-ENGINE *
-ENGINE_new(void)
-{
-	ENGINE *ret;
-
-	ret = malloc(sizeof(ENGINE));
-	if (ret == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	memset(ret, 0, sizeof(ENGINE));
-	ret->struct_ref = 1;
-	engine_ref_debug(ret, 0, 1)
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
-	return ret;
-}
-
-/* Placed here (close proximity to ENGINE_new) so that modifications to the
- * elements of the ENGINE structure are more likely to be caught and changed
- * here. */
-void
-engine_set_all_null(ENGINE *e)
-{
-	e->id = NULL;
-	e->name = NULL;
-	e->rsa_meth = NULL;
-	e->dsa_meth = NULL;
-	e->dh_meth = NULL;
-	e->rand_meth = NULL;
-	e->store_meth = NULL;
-	e->ciphers = NULL;
-	e->digests = NULL;
-	e->destroy = NULL;
-	e->init = NULL;
-	e->finish = NULL;
-	e->ctrl = NULL;
-	e->load_privkey = NULL;
-	e->load_pubkey = NULL;
-	e->cmd_defns = NULL;
-	e->flags = 0;
-}
-
-int
-engine_free_util(ENGINE *e, int locked)
-{
-	int i;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if (locked)
-		i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
-	else
-		i = --e->struct_ref;
-	engine_ref_debug(e, 0, -1)
-	if (i > 0)
-		return 1;
-
-	/* Free up any dynamically allocated public key methods */
-	engine_pkey_meths_free(e);
-	engine_pkey_asn1_meths_free(e);
-	/* Give the ENGINE a chance to do any structural cleanup corresponding
-	 * to allocation it did in its constructor (eg. unload error strings) */
-	if (e->destroy)
-		e->destroy(e);
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
-	free(e);
-	return 1;
-}
-
-int
-ENGINE_free(ENGINE *e)
-{
-	return engine_free_util(e, 1);
-}
-
-/* Cleanup stuff */
-
-/* ENGINE_cleanup() is coded such that anything that does work that will need
- * cleanup can register a "cleanup" callback here. That way we don't get linker
- * bloat by referring to all *possible* cleanups, but any linker bloat into code
- * "X" will cause X's cleanup function to end up here. */
-static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
-static int
-int_cleanup_check(int create)
-{
-	if (cleanup_stack)
-		return 1;
-	if (!create)
-		return 0;
-	cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
-	return (cleanup_stack ? 1 : 0);
-}
-
-static ENGINE_CLEANUP_ITEM *
-int_cleanup_item(ENGINE_CLEANUP_CB *cb)
-{
-	ENGINE_CLEANUP_ITEM *item = malloc(sizeof(ENGINE_CLEANUP_ITEM));
-
-	if (!item)
-		return NULL;
-	item->cb = cb;
-	return item;
-}
-
-void
-engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
-{
-	ENGINE_CLEANUP_ITEM *item;
-
-	if (!int_cleanup_check(1))
-		return;
-	item = int_cleanup_item(cb);
-	if (item)
-		sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
-}
-
-void
-engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
-{
-	ENGINE_CLEANUP_ITEM *item;
-
-	if (!int_cleanup_check(1))
-		return;
-	item = int_cleanup_item(cb);
-	if (item)
-		sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
-}
-/* The API function that performs all cleanup */
-static void
-engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
-{
-	(*(item->cb))();
-	free(item);
-}
-
-void
-ENGINE_cleanup(void)
-{
-	if (int_cleanup_check(0)) {
-		sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
-		    engine_cleanup_cb_free);
-		cleanup_stack = NULL;
-	}
-	/* FIXME: This should be handled (somehow) through RAND, eg. by it
-	 * registering a cleanup callback. */
-	RAND_set_rand_method(NULL);
-}
-
-/* Now the "ex_data" support */
-
-int
-ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
-}
-
-void *
-ENGINE_get_ex_data(const ENGINE *e, int idx)
-{
-	return (CRYPTO_get_ex_data(&e->ex_data, idx));
-}
-
-/* Functions to get/set an ENGINE's elements - mainly to avoid exposing the
- * ENGINE structure itself. */
-
-int
-ENGINE_set_id(ENGINE *e, const char *id)
-{
-	if (id == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_SET_ID,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	e->id = id;
-	return 1;
-}
-
-int
-ENGINE_set_name(ENGINE *e, const char *name)
-{
-	if (name == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_SET_NAME,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	e->name = name;
-	return 1;
-}
-
-int
-ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
-{
-	e->destroy = destroy_f;
-	return 1;
-}
-
-int
-ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
-{
-	e->init = init_f;
-	return 1;
-}
-
-int
-ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
-{
-	e->finish = finish_f;
-	return 1;
-}
-
-int
-ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
-{
-	e->ctrl = ctrl_f;
-	return 1;
-}
-
-int
-ENGINE_set_flags(ENGINE *e, int flags)
-{
-	e->flags = flags;
-	return 1;
-}
-
-int
-ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
-{
-	e->cmd_defns = defns;
-	return 1;
-}
-
-const char *
-ENGINE_get_id(const ENGINE *e)
-{
-	return e->id;
-}
-
-const char *
-ENGINE_get_name(const ENGINE *e)
-{
-	return e->name;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_destroy_function(const ENGINE *e)
-{
-	return e->destroy;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_init_function(const ENGINE *e)
-{
-	return e->init;
-}
-
-ENGINE_GEN_INT_FUNC_PTR
-ENGINE_get_finish_function(const ENGINE *e)
-{
-	return e->finish;
-}
-
-ENGINE_CTRL_FUNC_PTR
-ENGINE_get_ctrl_function(const ENGINE *e)
-{
-	return e->ctrl;
-}
-
-int
-ENGINE_get_flags(const ENGINE *e)
-{
-	return e->flags;
-}
-
-const ENGINE_CMD_DEFN *
-ENGINE_get_cmd_defns(const ENGINE *e)
-{
-	return e->cmd_defns;
-}
-
-/* eng_lib.o is pretty much linked into anything that touches ENGINE already, so
- * put the "static_state" hack here. */
-
-static int internal_static_hack = 0;
-
-void *
-ENGINE_get_static_state(void)
-{
-	return &internal_static_hack;
-}
diff --git a/lib/libssl/src/crypto/engine/eng_list.c b/lib/libssl/src/crypto/engine/eng_list.c
deleted file mode 100644
index fc1d16b183e..00000000000
--- a/lib/libssl/src/crypto/engine/eng_list.c
+++ /dev/null
@@ -1,396 +0,0 @@
-/* $OpenBSD: eng_list.c,v 1.21 2015/07/19 00:56:48 bcook Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <string.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-
-#include "cryptlib.h"
-#include "eng_int.h"
-
-/* The linked-list of pointers to engine types. engine_list_head
- * incorporates an implicit structural reference but engine_list_tail
- * does not - the latter is a computational niceity and only points
- * to something that is already pointed to by its predecessor in the
- * list (or engine_list_head itself). In the same way, the use of the
- * "prev" pointer in each ENGINE is to save excessive list iteration,
- * it doesn't correspond to an extra structural reference. Hence,
- * engine_list_head, and each non-null "next" pointer account for
- * the list itself assuming exactly 1 structural reference on each
- * list member. */
-static ENGINE *engine_list_head = NULL;
-static ENGINE *engine_list_tail = NULL;
-
-/* This cleanup function is only needed internally. If it should be called, we
- * register it with the "ENGINE_cleanup()" stack to be called during cleanup. */
-
-static void
-engine_list_cleanup(void)
-{
-	ENGINE *iterator = engine_list_head;
-
-	while (iterator != NULL && ENGINE_remove(iterator))
-		iterator = engine_list_head;
-}
-
-/* These static functions starting with a lower case "engine_" always
- * take place when CRYPTO_LOCK_ENGINE has been locked up. */
-static int
-engine_list_add(ENGINE *e)
-{
-	int conflict = 0;
-	ENGINE *iterator = NULL;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	iterator = engine_list_head;
-	while (iterator && !conflict) {
-		conflict = (strcmp(iterator->id, e->id) == 0);
-		iterator = iterator->next;
-	}
-	if (conflict) {
-		ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-		    ENGINE_R_CONFLICTING_ENGINE_ID);
-		return 0;
-	}
-	if (engine_list_head == NULL) {
-		/* We are adding to an empty list. */
-		if (engine_list_tail) {
-			ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-			    ENGINE_R_INTERNAL_LIST_ERROR);
-			return 0;
-		}
-		engine_list_head = e;
-		e->prev = NULL;
-		/* The first time the list allocates, we should register the
-		 * cleanup. */
-		engine_cleanup_add_last(engine_list_cleanup);
-	} else {
-		/* We are adding to the tail of an existing list. */
-		if ((engine_list_tail == NULL) ||
-		    (engine_list_tail->next != NULL)) {
-			ENGINEerr(ENGINE_F_ENGINE_LIST_ADD,
-			    ENGINE_R_INTERNAL_LIST_ERROR);
-			return 0;
-		}
-		engine_list_tail->next = e;
-		e->prev = engine_list_tail;
-	}
-	/* Having the engine in the list assumes a structural
-	 * reference. */
-	e->struct_ref++;
-	engine_ref_debug(e, 0, 1)
-	/* However it came to be, e is the last item in the list. */
-	engine_list_tail = e;
-	e->next = NULL;
-	return 1;
-}
-
-static int
-engine_list_remove(ENGINE *e)
-{
-	ENGINE *iterator;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	/* We need to check that e is in our linked list! */
-	iterator = engine_list_head;
-	while (iterator && (iterator != e))
-		iterator = iterator->next;
-	if (iterator == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
-		    ENGINE_R_ENGINE_IS_NOT_IN_LIST);
-		return 0;
-	}
-	/* un-link e from the chain. */
-	if (e->next)
-		e->next->prev = e->prev;
-	if (e->prev)
-		e->prev->next = e->next;
-	/* Correct our head/tail if necessary. */
-	if (engine_list_head == e)
-		engine_list_head = e->next;
-	if (engine_list_tail == e)
-		engine_list_tail = e->prev;
-	engine_free_util(e, 0);
-	return 1;
-}
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *
-ENGINE_get_first(void)
-{
-	ENGINE *ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_list_head;
-	if (ret) {
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-}
-
-ENGINE *
-ENGINE_get_last(void)
-{
-	ENGINE *ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = engine_list_tail;
-	if (ret) {
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-}
-
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *
-ENGINE_get_next(ENGINE *e)
-{
-	ENGINE *ret = NULL;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_NEXT,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = e->next;
-	if (ret) {
-		/* Return a valid structural refernce to the next ENGINE */
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Release the structural reference to the previous ENGINE */
-	ENGINE_free(e);
-	return ret;
-}
-
-ENGINE *
-ENGINE_get_prev(ENGINE *e)
-{
-	ENGINE *ret = NULL;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_PREV,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	ret = e->prev;
-	if (ret) {
-		/* Return a valid structural reference to the next ENGINE */
-		ret->struct_ref++;
-		engine_ref_debug(ret, 0, 1)
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Release the structural reference to the previous ENGINE */
-	ENGINE_free(e);
-	return ret;
-}
-
-/* Add another "ENGINE" type into the list. */
-int
-ENGINE_add(ENGINE *e)
-{
-	int to_return = 1;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if ((e->id == NULL) || (e->name == NULL)) {
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-		    ENGINE_R_ID_OR_NAME_MISSING);
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (!engine_list_add(e)) {
-		ENGINEerr(ENGINE_F_ENGINE_ADD,
-		    ENGINE_R_INTERNAL_LIST_ERROR);
-		to_return = 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return to_return;
-}
-
-/* Remove an existing "ENGINE" type from the array. */
-int
-ENGINE_remove(ENGINE *e)
-{
-	int to_return = 1;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_REMOVE,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (!engine_list_remove(e)) {
-		ENGINEerr(ENGINE_F_ENGINE_REMOVE,
-		    ENGINE_R_INTERNAL_LIST_ERROR);
-		to_return = 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return to_return;
-}
-
-static void
-engine_cpy(ENGINE *dest, const ENGINE *src)
-{
-	dest->id = src->id;
-	dest->name = src->name;
-#ifndef OPENSSL_NO_RSA
-	dest->rsa_meth = src->rsa_meth;
-#endif
-#ifndef OPENSSL_NO_DSA
-	dest->dsa_meth = src->dsa_meth;
-#endif
-#ifndef OPENSSL_NO_DH
-	dest->dh_meth = src->dh_meth;
-#endif
-#ifndef OPENSSL_NO_ECDH
-	dest->ecdh_meth = src->ecdh_meth;
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	dest->ecdsa_meth = src->ecdsa_meth;
-#endif
-	dest->rand_meth = src->rand_meth;
-	dest->store_meth = src->store_meth;
-	dest->ciphers = src->ciphers;
-	dest->digests = src->digests;
-	dest->pkey_meths = src->pkey_meths;
-	dest->destroy = src->destroy;
-	dest->init = src->init;
-	dest->finish = src->finish;
-	dest->ctrl = src->ctrl;
-	dest->load_privkey = src->load_privkey;
-	dest->load_pubkey = src->load_pubkey;
-	dest->cmd_defns = src->cmd_defns;
-	dest->flags = src->flags;
-}
-
-ENGINE *
-ENGINE_by_id(const char *id)
-{
-	ENGINE *iterator;
-
-	if (id == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_BY_ID,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return NULL;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	iterator = engine_list_head;
-	while (iterator && (strcmp(id, iterator->id) != 0))
-		iterator = iterator->next;
-	if (iterator) {
-		/* We need to return a structural reference. If this is an
-		 * ENGINE type that returns copies, make a duplicate - otherwise
-		 * increment the existing ENGINE's reference count. */
-		if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
-			ENGINE *cp = ENGINE_new();
-			if (!cp)
-				iterator = NULL;
-			else {
-				engine_cpy(cp, iterator);
-				iterator = cp;
-			}
-		} else {
-			iterator->struct_ref++;
-			engine_ref_debug(iterator, 0, 1)
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-
-	if (iterator == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
-		ERR_asprintf_error_data("id=%s", id);
-	}
-	return iterator;
-}
-
-int
-ENGINE_up_ref(ENGINE *e)
-{
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/eng_openssl.c b/lib/libssl/src/crypto/engine/eng_openssl.c
deleted file mode 100644
index 6154aebdee7..00000000000
--- a/lib/libssl/src/crypto/engine/eng_openssl.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* $OpenBSD: eng_openssl.c,v 1.12 2015/12/07 03:30:09 bcook Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/rand.h>
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-/* This testing gunk is implemented (and explained) lower down. It also assumes
- * the application explicitly calls "ENGINE_load_openssl()" because this is no
- * longer automatic in ENGINE_load_builtin_engines(). */
-#define TEST_ENG_OPENSSL_RC4
-#define TEST_ENG_OPENSSL_PKEY
-/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
-/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
-#define TEST_ENG_OPENSSL_SHA
-/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
-/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
-/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
-/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
-
-/* Now check what of those algorithms are actually enabled */
-#ifdef OPENSSL_NO_RC4
-#undef TEST_ENG_OPENSSL_RC4
-#undef TEST_ENG_OPENSSL_RC4_OTHERS
-#undef TEST_ENG_OPENSSL_RC4_P_INIT
-#undef TEST_ENG_OPENSSL_RC4_P_CIPHER
-#endif
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
-#undef TEST_ENG_OPENSSL_SHA
-#undef TEST_ENG_OPENSSL_SHA_OTHERS
-#undef TEST_ENG_OPENSSL_SHA_P_INIT
-#undef TEST_ENG_OPENSSL_SHA_P_UPDATE
-#undef TEST_ENG_OPENSSL_SHA_P_FINAL
-#endif
-
-#ifdef TEST_ENG_OPENSSL_RC4
-static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
-    const int **nids, int nid);
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-static int openssl_digests(ENGINE *e, const EVP_MD **digest,
-    const int **nids, int nid);
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
-    UI_METHOD *ui_method, void *callback_data);
-#endif
-
-/* The constants used when creating the ENGINE */
-static const char *engine_openssl_id = "openssl";
-static const char *engine_openssl_name = "Software engine support";
-
-/* This internal function is used by ENGINE_openssl() and possibly by the
- * "dynamic" ENGINE support too */
-static int
-bind_helper(ENGINE *e)
-{
-	if (!ENGINE_set_id(e, engine_openssl_id) ||
-	    !ENGINE_set_name(e, engine_openssl_name)
-#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
-#ifndef OPENSSL_NO_RSA
-	    || !ENGINE_set_RSA(e, RSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_DSA
-	    || !ENGINE_set_DSA(e, DSA_get_default_method())
-#endif
-#ifndef OPENSSL_NO_ECDH
-	    || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	    || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
-#endif
-#ifndef OPENSSL_NO_DH
-	    || !ENGINE_set_DH(e, DH_get_default_method())
-#endif
-	    || !ENGINE_set_RAND(e, RAND_SSLeay())
-#ifdef TEST_ENG_OPENSSL_RC4
-	    || !ENGINE_set_ciphers(e, openssl_ciphers)
-#endif
-#ifdef TEST_ENG_OPENSSL_SHA
-	    || !ENGINE_set_digests(e, openssl_digests)
-#endif
-#endif
-#ifdef TEST_ENG_OPENSSL_PKEY
-	    || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
-#endif
-		)
-		return 0;
-	/* If we add errors to this ENGINE, ensure the error handling is setup here */
-	/* openssl_load_error_strings(); */
-	return 1;
-}
-
-static ENGINE *
-engine_openssl(void)
-{
-	ENGINE *ret = ENGINE_new();
-
-	if (!ret)
-		return NULL;
-	if (!bind_helper(ret)) {
-		ENGINE_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-void
-ENGINE_load_openssl(void)
-{
-	ENGINE *toadd = engine_openssl();
-
-	if (!toadd)
-		return;
-	(void) ENGINE_add(toadd);
-	/* If the "add" worked, it gets a structural reference. So either way,
-	 * we release our just-created reference. */
-	ENGINE_free(toadd);
-	ERR_clear_error();
-}
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library. */
-#ifdef ENGINE_DYNAMIC_SUPPORT
-static int
-bind_fn(ENGINE *e, const char *id)
-{
-	if (id && (strcmp(id, engine_openssl_id) != 0))
-		return 0;
-	if (!bind_helper(e))
-		return 0;
-	return 1;
-}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
-#endif /* ENGINE_DYNAMIC_SUPPORT */
-
-#ifdef TEST_ENG_OPENSSL_RC4
-/* This section of code compiles an "alternative implementation" of two modes of
- * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
- * should under normal circumstances go via this support rather than the default
- * EVP support. There are other symbols to tweak the testing;
- *    TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
- *        we're asked for a cipher we don't support (should not happen).
- *    TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
- *        the "init_key" handler is called.
- *    TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
- */
-#include <openssl/rc4.h>
-#define TEST_RC4_KEY_SIZE		16
-static int test_cipher_nids[] = {NID_rc4, NID_rc4_40};
-static int test_cipher_nids_number = 2;
-
-typedef struct {
-	unsigned char key[TEST_RC4_KEY_SIZE];
-	RC4_KEY ks;
-} TEST_RC4_KEY;
-
-#define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
-static int
-test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-#ifdef TEST_ENG_OPENSSL_RC4_P_INIT
-	fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
-#endif
-	memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
-	RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
-	    test(ctx)->key);
-	return 1;
-}
-
-static int
-test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-#ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
-	fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
-#endif
-	RC4(&test(ctx)->ks, inl, in, out);
-	return 1;
-}
-
-static const EVP_CIPHER test_r4_cipher = {
-	NID_rc4,
-	1, TEST_RC4_KEY_SIZE, 0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	test_rc4_init_key,
-	test_rc4_cipher,
-	NULL,
-	sizeof(TEST_RC4_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
-static const EVP_CIPHER test_r4_40_cipher = {
-	NID_rc4_40,
-	1,5 /* 40 bit */,0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	test_rc4_init_key,
-	test_rc4_cipher,
-	NULL,
-	sizeof(TEST_RC4_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
-static int
-openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
-{
-	if (!cipher) {
-		/* We are returning a list of supported nids */
-		*nids = test_cipher_nids;
-		return test_cipher_nids_number;
-	}
-	/* We are being asked for a specific cipher */
-	if (nid == NID_rc4)
-		*cipher = &test_r4_cipher;
-	else if (nid == NID_rc4_40)
-		*cipher = &test_r4_40_cipher;
-	else {
-#ifdef TEST_ENG_OPENSSL_RC4_OTHERS
-		fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
-		    "nid %d\n", nid);
-#endif
-		*cipher = NULL;
-		return 0;
-	}
-	return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_SHA
-/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
-#include <openssl/sha.h>
-static int test_digest_nids[] = {NID_sha1};
-static int test_digest_nids_number = 1;
-
-static int
-test_sha1_init(EVP_MD_CTX *ctx)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_INIT
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
-#endif
-	return SHA1_Init(ctx->md_data);
-}
-
-static int
-test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
-#endif
-	return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-#ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
-	fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
-#endif
-	return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD test_sha_md = {
-	NID_sha1,
-	NID_sha1WithRSAEncryption,
-	SHA_DIGEST_LENGTH,
-	0,
-	test_sha1_init,
-	test_sha1_update,
-	test_sha1_final,
-	NULL,
-	NULL,
-	EVP_PKEY_RSA_method,
-	SHA_CBLOCK,
-	sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-static int
-openssl_digests(ENGINE *e, const EVP_MD **digest, const int **nids, int nid)
-{
-	if (!digest) {
-		/* We are returning a list of supported nids */
-		*nids = test_digest_nids;
-		return test_digest_nids_number;
-	}
-	/* We are being asked for a specific digest */
-	if (nid == NID_sha1)
-		*digest = &test_sha_md;
-	else {
-#ifdef TEST_ENG_OPENSSL_SHA_OTHERS
-		fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
-		    "nid %d\n", nid);
-#endif
-		*digest = NULL;
-		return 0;
-	}
-	return 1;
-}
-#endif
-
-#ifdef TEST_ENG_OPENSSL_PKEY
-static EVP_PKEY *
-openssl_load_privkey(ENGINE *eng, const char *key_id, UI_METHOD *ui_method,
-    void *callback_data)
-{
-	BIO *in;
-	EVP_PKEY *key;
-
-	fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
-	    key_id);
-	in = BIO_new_file(key_id, "r");
-	if (!in)
-		return NULL;
-	key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
-	BIO_free(in);
-	return key;
-}
-#endif
diff --git a/lib/libssl/src/crypto/engine/eng_padlock.c b/lib/libssl/src/crypto/engine/eng_padlock.c
deleted file mode 100644
index 1c86a343dfe..00000000000
--- a/lib/libssl/src/crypto/engine/eng_padlock.c
+++ /dev/null
@@ -1,1128 +0,0 @@
-/* $OpenBSD: eng_padlock.c,v 1.14 2015/02/07 13:19:15 doug Exp $ */
-/*
- * Support for VIA PadLock Advanced Cryptography Engine (ACE)
- * Written by Michal Ludvig <michal@logix.cz>
- *            http://www.logix.cz/michal
- *
- * Big thanks to Andy Polyakov for a help with optimization,
- * assembler fixes, port to MS Windows and a lot of other
- * valuable work on this engine!
- */
-
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/dso.h>
-#include <openssl/engine.h>
-#include <openssl/evp.h>
-#ifndef OPENSSL_NO_AES
-#include <openssl/aes.h>
-#endif
-#include <openssl/err.h>
-
-#ifndef OPENSSL_NO_HW
-#ifndef OPENSSL_NO_HW_PADLOCK
-
-/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
-#if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
-#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
-#    define DYNAMIC_ENGINE
-#  endif
-#elif (OPENSSL_VERSION_NUMBER >= 0x00907000L)
-#  ifdef ENGINE_DYNAMIC_SUPPORT
-#    define DYNAMIC_ENGINE
-#  endif
-#else
-#  error "Only OpenSSL >= 0.9.7 is supported"
-#endif
-
-/* VIA PadLock AES is available *ONLY* on some x86 CPUs.
-   Not only that it doesn't exist elsewhere, but it
-   even can't be compiled on other platforms!
-
-   In addition, because of the heavy use of inline assembler,
-   compiler choice is limited to GCC and Microsoft C. */
-#undef COMPILE_HW_PADLOCK
-#if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
-# if (defined(__GNUC__) && (defined(__i386__) || defined(__i386)))
-#  define COMPILE_HW_PADLOCK
-# endif
-#endif
-
-#ifdef OPENSSL_NO_DYNAMIC_ENGINE
-#ifdef COMPILE_HW_PADLOCK
-static ENGINE *ENGINE_padlock (void);
-#endif
-
-void ENGINE_load_padlock (void)
-{
-/* On non-x86 CPUs it just returns. */
-#ifdef COMPILE_HW_PADLOCK
-	ENGINE *toadd = ENGINE_padlock ();
-	if (!toadd)
-		return;
-	ENGINE_add (toadd);
-	ENGINE_free (toadd);
-	ERR_clear_error ();
-#endif
-}
-
-#endif
-
-#ifdef COMPILE_HW_PADLOCK
-/* We do these includes here to avoid header problems on platforms that
-   do not have the VIA padlock anyway... */
-#include <stdlib.h>
-#if defined(__GNUC__)
-# ifndef alloca
-#  define alloca(s) __builtin_alloca(s)
-# endif
-#endif
-
-/* Function for ENGINE detection and control */
-static int padlock_available(void);
-static int padlock_init(ENGINE *e);
-
-/* RNG Stuff */
-static RAND_METHOD padlock_rand;
-
-/* Cipher Stuff */
-#ifndef OPENSSL_NO_AES
-static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
-#endif
-
-/* Engine names */
-static const char *padlock_id = "padlock";
-static char padlock_name[100];
-
-/* Available features */
-static int padlock_use_ace = 0;	/* Advanced Cryptography Engine */
-static int padlock_use_rng = 0;	/* Random Number Generator */
-#ifndef OPENSSL_NO_AES
-static int padlock_aes_align_required = 1;
-#endif
-
-/* ===== Engine "management" functions ===== */
-
-/* Prepare the ENGINE structure for registration */
-static int
-padlock_bind_helper(ENGINE *e)
-{
-	/* Check available features */
-	padlock_available();
-
-	/*
-	 * RNG is currently disabled for reasons discussed in commentary just
-	 * before padlock_rand_bytes function.
-	 */
-	padlock_use_rng = 0;
-
-	/* Generate a nice engine name with available features */
-	(void) snprintf(padlock_name, sizeof(padlock_name),
-	    "VIA PadLock (%s, %s)",
-	    padlock_use_rng ? "RNG" : "no-RNG",
-	    padlock_use_ace ? "ACE" : "no-ACE");
-
-	/* Register everything or return with an error */
-	if (!ENGINE_set_id(e, padlock_id) ||
-	    !ENGINE_set_name(e, padlock_name) ||
-	    !ENGINE_set_init_function(e, padlock_init) ||
-#ifndef OPENSSL_NO_AES
-	    (padlock_use_ace && !ENGINE_set_ciphers (e, padlock_ciphers)) ||
-#endif
-	    (padlock_use_rng && !ENGINE_set_RAND (e, &padlock_rand))) {
-		return 0;
-	}
-
-	/* Everything looks good */
-	return 1;
-}
-
-#ifdef OPENSSL_NO_DYNAMIC_ENGINE
-
-/* Constructor */
-static ENGINE *
-ENGINE_padlock(void)
-{
-	ENGINE *eng = ENGINE_new();
-
-	if (!eng) {
-		return NULL;
-	}
-
-	if (!padlock_bind_helper(eng)) {
-		ENGINE_free(eng);
-		return NULL;
-	}
-
-	return eng;
-}
-
-#endif
-
-/* Check availability of the engine */
-static int
-padlock_init(ENGINE *e)
-{
-	return (padlock_use_rng || padlock_use_ace);
-}
-
-/* This stuff is needed if this ENGINE is being compiled into a self-contained
- * shared-library.
- */
-#ifdef DYNAMIC_ENGINE
-static int
-padlock_bind_fn(ENGINE *e, const char *id)
-{
-	if (id && (strcmp(id, padlock_id) != 0)) {
-		return 0;
-	}
-
-	if (!padlock_bind_helper(e))  {
-		return 0;
-	}
-
-	return 1;
-}
-
-IMPLEMENT_DYNAMIC_CHECK_FN()
-IMPLEMENT_DYNAMIC_BIND_FN (padlock_bind_fn)
-#endif /* DYNAMIC_ENGINE */
-
-/* ===== Here comes the "real" engine ===== */
-
-#ifndef OPENSSL_NO_AES
-/* Some AES-related constants */
-#define AES_BLOCK_SIZE		16
-#define AES_KEY_SIZE_128	16
-#define AES_KEY_SIZE_192	24
-#define AES_KEY_SIZE_256	32
-
-/* Here we store the status information relevant to the
-   current context. */
-/* BIG FAT WARNING:
- * 	Inline assembler in PADLOCK_XCRYPT_ASM()
- * 	depends on the order of items in this structure.
- * 	Don't blindly modify, reorder, etc!
- */
-struct padlock_cipher_data {
-	unsigned char iv[AES_BLOCK_SIZE];	/* Initialization vector */
-	union {
-		unsigned int pad[4];
-		struct {
-			int rounds : 4;
-			int dgst : 1;	/* n/a in C3 */
-			int align : 1;	/* n/a in C3 */
-			int ciphr : 1;	/* n/a in C3 */
-			unsigned int keygen : 1;
-			int interm : 1;
-			unsigned int encdec : 1;
-			int ksize : 2;
-		} b;
-	} cword;		/* Control word */
-	AES_KEY ks;		/* Encryption key */
-};
-
-/*
- * Essentially this variable belongs in thread local storage.
- * Having this variable global on the other hand can only cause
- * few bogus key reloads [if any at all on single-CPU system],
- * so we accept the penatly...
- */
-static volatile struct padlock_cipher_data *padlock_saved_context;
-#endif
-
-/*
- * =======================================================
- * Inline assembler section(s).
- * =======================================================
- * Order of arguments is chosen to facilitate Windows port
- * using __fastcall calling convention. If you wish to add
- * more routines, keep in mind that first __fastcall
- * argument is passed in %ecx and second - in %edx.
- * =======================================================
- */
-#if defined(__GNUC__) && __GNUC__>=2
-/*
- * As for excessive "push %ebx"/"pop %ebx" found all over.
- * When generating position-independent code GCC won't let
- * us use "b" in assembler templates nor even respect "ebx"
- * in "clobber description." Therefore the trouble...
- */
-
-/* Helper function - check if a CPUID instruction
-   is available on this CPU */
-static int
-padlock_insn_cpuid_available(void)
-{
-	int result = -1;
-
-	/* We're checking if the bit #21 of EFLAGS
-	   can be toggled. If yes = CPUID is available. */
-	asm volatile (
-	    "pushf\n"
-	    "popl %%eax\n"
-	    "xorl $0x200000, %%eax\n"
-	    "movl %%eax, %%ecx\n"
-	    "andl $0x200000, %%ecx\n"
-	    "pushl %%eax\n"
-	    "popf\n"
-	    "pushf\n"
-	    "popl %%eax\n"
-	    "andl $0x200000, %%eax\n"
-	    "xorl %%eax, %%ecx\n"
-	    "movl %%ecx, %0\n"
-	    : "=r" (result) : : "eax", "ecx");
-
-	return (result == 0);
-}
-
-/* Load supported features of the CPU to see if
-   the PadLock is available. */
-static int
-padlock_available(void)
-{
-	char vendor_string[16];
-	unsigned int eax, edx;
-
-	/* First check if the CPUID instruction is available at all... */
-	if (! padlock_insn_cpuid_available())
-		return 0;
-
-	/* Are we running on the Centaur (VIA) CPU? */
-	eax = 0x00000000;
-	vendor_string[12] = 0;
-	asm volatile (
-	    "pushl	%%ebx\n"
-	    "cpuid\n"
-	    "movl	%%ebx,(%%edi)\n"
-	    "movl	%%edx,4(%%edi)\n"
-	    "movl	%%ecx,8(%%edi)\n"
-	    "popl	%%ebx"
-	    : "+a"(eax) : "D"(vendor_string) : "ecx", "edx");
-	if (strcmp(vendor_string, "CentaurHauls") != 0)
-		return 0;
-
-	/* Check for Centaur Extended Feature Flags presence */
-	eax = 0xC0000000;
-	asm volatile ("pushl %%ebx; cpuid; popl	%%ebx"
-	    : "+a"(eax) : : "ecx", "edx");
-	if (eax < 0xC0000001)
-		return 0;
-
-	/* Read the Centaur Extended Feature Flags */
-	eax = 0xC0000001;
-	asm volatile ("pushl %%ebx; cpuid; popl %%ebx"
-	    : "+a"(eax), "=d"(edx) : : "ecx");
-
-	/* Fill up some flags */
-	padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
-	padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
-
-	return padlock_use_ace + padlock_use_rng;
-}
-
-#ifndef OPENSSL_NO_AES
-/* Our own htonl()/ntohl() */
-static inline void
-padlock_bswapl(AES_KEY *ks)
-{
-	size_t i = sizeof(ks->rd_key)/sizeof(ks->rd_key[0]);
-	unsigned int *key = ks->rd_key;
-
-	while (i--) {
-		asm volatile ("bswapl %0" : "+r"(*key));
-		key++;
-	}
-}
-#endif
-
-/* Force key reload from memory to the CPU microcode.
-   Loading EFLAGS from the stack clears EFLAGS[30]
-   which does the trick. */
-static inline void
-padlock_reload_key(void)
-{
-	asm volatile ("pushfl; popfl");
-}
-
-#ifndef OPENSSL_NO_AES
-/*
- * This is heuristic key context tracing. At first one
- * believes that one should use atomic swap instructions,
- * but it's not actually necessary. Point is that if
- * padlock_saved_context was changed by another thread
- * after we've read it and before we compare it with cdata,
- * our key *shall* be reloaded upon thread context switch
- * and we are therefore set in either case...
- */
-static inline void
-padlock_verify_context(struct padlock_cipher_data *cdata)
-{
-	asm volatile (
-	    "pushfl\n"
-	    "	btl	$30,(%%esp)\n"
-	    "	jnc	1f\n"
-	    "	cmpl	%2,%1\n"
-	    "	je	1f\n"
-	    "	popfl\n"
-	    "	subl	$4,%%esp\n"
-	    "1:	addl	$4,%%esp\n"
-	    "	movl	%2,%0"
-	    :"+m"(padlock_saved_context)
-	: "r"(padlock_saved_context), "r"(cdata) : "cc");
-}
-
-/* Template for padlock_xcrypt_* modes */
-/* BIG FAT WARNING:
- * 	The offsets used with 'leal' instructions
- * 	describe items of the 'padlock_cipher_data'
- * 	structure.
- */
-#define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)	\
-static inline void *name(size_t cnt,		\
-	struct padlock_cipher_data *cdata,	\
-	void *out, const void *inp) 		\
-{	void *iv; 				\
-	asm volatile ( "pushl	%%ebx\n"	\
-		"	leal	16(%0),%%edx\n"	\
-		"	leal	32(%0),%%ebx\n"	\
-			rep_xcrypt "\n"		\
-		"	popl	%%ebx"		\
-		: "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
-		: "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
-		: "edx", "cc", "memory");	\
-	return iv;				\
-}
-
-/* Generate all functions with appropriate opcodes */
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")	/* rep xcryptecb */
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")	/* rep xcryptcbc */
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")	/* rep xcryptcfb */
-PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")	/* rep xcryptofb */
-#endif
-
-/* The RNG call itself */
-static inline unsigned int
-padlock_xstore(void *addr, unsigned int edx_in)
-{
-	unsigned int eax_out;
-
-	asm volatile (".byte 0x0f,0xa7,0xc0"	/* xstore */
-	: "=a"(eax_out),"=m"(*(unsigned *)addr)
-	: "D"(addr), "d" (edx_in)
-	);
-
-	return eax_out;
-}
-
-/* Why not inline 'rep movsd'? I failed to find information on what
- * value in Direction Flag one can expect and consequently have to
- * apply "better-safe-than-sorry" approach and assume "undefined."
- * I could explicitly clear it and restore the original value upon
- * return from padlock_aes_cipher, but it's presumably too much
- * trouble for too little gain...
- *
- * In case you wonder 'rep xcrypt*' instructions above are *not*
- * affected by the Direction Flag and pointers advance toward
- * larger addresses unconditionally.
- */
-static inline unsigned char *
-padlock_memcpy(void *dst, const void *src, size_t n)
-{
-	long       *d = dst;
-	const long *s = src;
-
-	n /= sizeof(*d);
-		do { *d++ = *s++;
-	} while (--n);
-
-	return dst;
-}
-#endif
-
-/* ===== AES encryption/decryption ===== */
-#ifndef OPENSSL_NO_AES
-
-#if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
-#define NID_aes_128_cfb	NID_aes_128_cfb128
-#endif
-
-#if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
-#define NID_aes_128_ofb	NID_aes_128_ofb128
-#endif
-
-#if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
-#define NID_aes_192_cfb	NID_aes_192_cfb128
-#endif
-
-#if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
-#define NID_aes_192_ofb	NID_aes_192_ofb128
-#endif
-
-#if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
-#define NID_aes_256_cfb	NID_aes_256_cfb128
-#endif
-
-#if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
-#define NID_aes_256_ofb	NID_aes_256_ofb128
-#endif
-
-/* List of supported ciphers. */
-static int padlock_cipher_nids[] = {
-	NID_aes_128_ecb,
-	NID_aes_128_cbc,
-	NID_aes_128_cfb,
-	NID_aes_128_ofb,
-
-	NID_aes_192_ecb,
-	NID_aes_192_cbc,
-	NID_aes_192_cfb,
-	NID_aes_192_ofb,
-
-	NID_aes_256_ecb,
-	NID_aes_256_cbc,
-	NID_aes_256_cfb,
-	NID_aes_256_ofb,
-};
-static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids)/
-sizeof(padlock_cipher_nids[0]));
-
-/* Function prototypes ... */
-static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t nbytes);
-
-#define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) +		\
-	( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F )	)
-#define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
-	NEAREST_ALIGNED(ctx->cipher_data))
-
-#define EVP_CIPHER_block_size_ECB	AES_BLOCK_SIZE
-#define EVP_CIPHER_block_size_CBC	AES_BLOCK_SIZE
-#define EVP_CIPHER_block_size_OFB	1
-#define EVP_CIPHER_block_size_CFB	1
-
-/* Declaring so many ciphers by hand would be a pain.
-   Instead introduce a bit of preprocessor magic :-) */
-#define	DECLARE_AES_EVP(ksize,lmode,umode)	\
-static const EVP_CIPHER padlock_aes_##ksize##_##lmode = {	\
-	NID_aes_##ksize##_##lmode,		\
-	EVP_CIPHER_block_size_##umode,	\
-	AES_KEY_SIZE_##ksize,		\
-	AES_BLOCK_SIZE,			\
-	0 | EVP_CIPH_##umode##_MODE,	\
-	padlock_aes_init_key,		\
-	padlock_aes_cipher,		\
-	NULL,				\
-	sizeof(struct padlock_cipher_data) + 16,	\
-	EVP_CIPHER_set_asn1_iv,		\
-	EVP_CIPHER_get_asn1_iv,		\
-	NULL,				\
-	NULL				\
-}
-
-DECLARE_AES_EVP(128, ecb, ECB);
-DECLARE_AES_EVP(128, cbc, CBC);
-DECLARE_AES_EVP(128, cfb, CFB);
-DECLARE_AES_EVP(128, ofb, OFB);
-
-DECLARE_AES_EVP(192, ecb, ECB);
-DECLARE_AES_EVP(192, cbc, CBC);
-DECLARE_AES_EVP(192, cfb, CFB);
-DECLARE_AES_EVP(192, ofb, OFB);
-
-DECLARE_AES_EVP(256, ecb, ECB);
-DECLARE_AES_EVP(256, cbc, CBC);
-DECLARE_AES_EVP(256, cfb, CFB);
-DECLARE_AES_EVP(256, ofb, OFB);
-
-static int
-padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid)
-{
-	/* No specific cipher => return a list of supported nids ... */
-	if (!cipher) {
-		*nids = padlock_cipher_nids;
-		return padlock_cipher_nids_num;
-	}
-
-	/* ... or the requested "cipher" otherwise */
-	switch (nid) {
-	case NID_aes_128_ecb:
-		*cipher = &padlock_aes_128_ecb;
-		break;
-	case NID_aes_128_cbc:
-		*cipher = &padlock_aes_128_cbc;
-		break;
-	case NID_aes_128_cfb:
-		*cipher = &padlock_aes_128_cfb;
-		break;
-	case NID_aes_128_ofb:
-		*cipher = &padlock_aes_128_ofb;
-		break;
-	case NID_aes_192_ecb:
-		*cipher = &padlock_aes_192_ecb;
-		break;
-	case NID_aes_192_cbc:
-		*cipher = &padlock_aes_192_cbc;
-		break;
-	case NID_aes_192_cfb:
-		*cipher = &padlock_aes_192_cfb;
-		break;
-	case NID_aes_192_ofb:
-		*cipher = &padlock_aes_192_ofb;
-		break;
-	case NID_aes_256_ecb:
-		*cipher = &padlock_aes_256_ecb;
-		break;
-	case NID_aes_256_cbc:
-		*cipher = &padlock_aes_256_cbc;
-		break;
-	case NID_aes_256_cfb:
-		*cipher = &padlock_aes_256_cfb;
-		break;
-	case NID_aes_256_ofb:
-		*cipher = &padlock_aes_256_ofb;
-		break;
-	default:
-		/* Sorry, we don't support this NID */
-		*cipher = NULL;
-		return 0;
-	}
-
-	return 1;
-}
-
-/* Prepare the encryption key for PadLock usage */
-static int
-padlock_aes_init_key (EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	struct padlock_cipher_data *cdata;
-	int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
-
-	if (key == NULL)
-		return 0;	/* ERROR */
-
-	cdata = ALIGNED_CIPHER_DATA(ctx);
-	memset(cdata, 0, sizeof(struct padlock_cipher_data));
-
-	/* Prepare Control word. */
-	if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
-		cdata->cword.b.encdec = 0;
-	else
-		cdata->cword.b.encdec = (ctx->encrypt == 0);
-	cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
-	cdata->cword.b.ksize = (key_len - 128) / 64;
-
-	switch (key_len) {
-	case 128:
-		/* PadLock can generate an extended key for
-		   AES128 in hardware */
-		memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
-		cdata->cword.b.keygen = 0;
-		break;
-
-	case 192:
-	case 256:
-		/* Generate an extended AES key in software.
-		   Needed for AES192/AES256 */
-		/* Well, the above applies to Stepping 8 CPUs
-		   and is listed as hardware errata. They most
-		   likely will fix it at some point and then
-		   a check for stepping would be due here. */
-		if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
-		    EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE ||
-		    enc)
-			AES_set_encrypt_key(key, key_len, &cdata->ks);
-		else
-			AES_set_decrypt_key(key, key_len, &cdata->ks);
-#ifndef AES_ASM
-		/* OpenSSL C functions use byte-swapped extended key. */
-		padlock_bswapl(&cdata->ks);
-#endif
-		cdata->cword.b.keygen = 1;
-		break;
-
-	default:
-		/* ERROR */
-		return 0;
-	}
-
-	/*
-	 * This is done to cover for cases when user reuses the
-	 * context for new key. The catch is that if we don't do
-	 * this, padlock_eas_cipher might proceed with old key...
-	 */
-	padlock_reload_key ();
-
-	return 1;
-}
-
-/*
- * Simplified version of padlock_aes_cipher() used when
- * 1) both input and output buffers are at aligned addresses.
- * or when
- * 2) running on a newer CPU that doesn't require aligned buffers.
- */
-static int
-padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
-    const unsigned char *in_arg, size_t nbytes)
-{
-	struct padlock_cipher_data *cdata;
-	void  *iv;
-
-	cdata = ALIGNED_CIPHER_DATA(ctx);
-	padlock_verify_context(cdata);
-
-	switch (EVP_CIPHER_CTX_mode(ctx)) {
-	case EVP_CIPH_ECB_MODE:
-		padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata,
-		    out_arg, in_arg);
-		break;
-
-	case EVP_CIPH_CBC_MODE:
-		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata,
-		    out_arg, in_arg);
-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
-		break;
-
-	case EVP_CIPH_CFB_MODE:
-		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata,
-		    out_arg, in_arg);
-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
-		break;
-
-	case EVP_CIPH_OFB_MODE:
-		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata,
-		    out_arg, in_arg);
-		memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
-		break;
-
-	default:
-		return 0;
-	}
-
-	memset(cdata->iv, 0, AES_BLOCK_SIZE);
-
-	return 1;
-}
-
-#ifndef  PADLOCK_CHUNK
-# define PADLOCK_CHUNK	512	/* Must be a power of 2 larger than 16 */
-#endif
-#if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1)
-# error "insane PADLOCK_CHUNK..."
-#endif
-
-/* Re-align the arguments to 16-Bytes boundaries and run the
-   encryption function itself. This function is not AES-specific. */
-static int
-padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
-    const unsigned char *in_arg, size_t nbytes)
-{
-	struct padlock_cipher_data *cdata;
-	const  void *inp;
-	unsigned char  *out;
-	void  *iv;
-	int    inp_misaligned, out_misaligned, realign_in_loop;
-	size_t chunk, allocated = 0;
-
-	/* ctx->num is maintained in byte-oriented modes,
-	   such as CFB and OFB... */
-	if ((chunk = ctx->num)) {
-		/* borrow chunk variable */
-		unsigned char *ivp = ctx->iv;
-
-		switch (EVP_CIPHER_CTX_mode(ctx)) {
-		case EVP_CIPH_CFB_MODE:
-			if (chunk >= AES_BLOCK_SIZE)
-				return 0; /* bogus value */
-
-			if (ctx->encrypt)
-				while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
-					ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
-					chunk++, nbytes--;
-				}
-			else
-				while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
-					unsigned char c = *(in_arg++);
-					*(out_arg++) = c ^ ivp[chunk];
-					ivp[chunk++] = c, nbytes--;
-				}
-
-			ctx->num = chunk % AES_BLOCK_SIZE;
-			break;
-		case EVP_CIPH_OFB_MODE:
-			if (chunk >= AES_BLOCK_SIZE)
-				return 0; /* bogus value */
-
-			while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
-				*(out_arg++) = *(in_arg++) ^ ivp[chunk];
-				chunk++, nbytes--;
-			}
-
-			ctx->num = chunk % AES_BLOCK_SIZE;
-			break;
-		}
-	}
-
-	if (nbytes == 0)
-		return 1;
-#if 0
-	if (nbytes % AES_BLOCK_SIZE)
-		return 0; /* are we expected to do tail processing? */
-#else
-	/* nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC
-	   modes and arbitrary value in byte-oriented modes, such as
-	   CFB and OFB... */
-#endif
-
-	/* VIA promises CPUs that won't require alignment in the future.
-	   For now padlock_aes_align_required is initialized to 1 and
-	   the condition is never met... */
-	/* C7 core is capable to manage unaligned input in non-ECB[!]
-	   mode, but performance penalties appear to be approximately
-	   same as for software alignment below or ~3x. They promise to
-	   improve it in the future, but for now we can just as well
-	   pretend that it can only handle aligned input... */
-	if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
-		return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
-		    nbytes);
-
-	inp_misaligned = (((size_t)in_arg) & 0x0F);
-	out_misaligned = (((size_t)out_arg) & 0x0F);
-
-	/* Note that even if output is aligned and input not,
-	 * I still prefer to loop instead of copy the whole
-	 * input and then encrypt in one stroke. This is done
-	 * in order to improve L1 cache utilization... */
-	realign_in_loop = out_misaligned|inp_misaligned;
-
-	if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
-		return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg,
-		    nbytes);
-
-	/* this takes one "if" out of the loops */
-	chunk = nbytes;
-	chunk %= PADLOCK_CHUNK;
-	if (chunk == 0)
-		chunk = PADLOCK_CHUNK;
-
-	if (out_misaligned) {
-		/* optmize for small input */
-		allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
-		out = alloca(0x10 + allocated);
-		out = NEAREST_ALIGNED(out);
-	} else
-		out = out_arg;
-
-	cdata = ALIGNED_CIPHER_DATA(ctx);
-	padlock_verify_context(cdata);
-
-	switch (EVP_CIPHER_CTX_mode(ctx)) {
-	case EVP_CIPH_ECB_MODE:
-		do {
-			if (inp_misaligned)
-				inp = padlock_memcpy(out, in_arg, chunk);
-			else
-				inp = in_arg;
-			in_arg += chunk;
-
-			padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata,
-			    out, inp);
-
-			if (out_misaligned)
-				out_arg = padlock_memcpy(out_arg, out, chunk) +
-				    chunk;
-			else
-				out = out_arg += chunk;
-
-			nbytes -= chunk;
-			chunk = PADLOCK_CHUNK;
-		} while (nbytes);
-		break;
-
-	case EVP_CIPH_CBC_MODE:
-		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		goto cbc_shortcut;
-		do {
-			if (iv != cdata->iv)
-				memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
-			chunk = PADLOCK_CHUNK;
-			cbc_shortcut: /* optimize for small input */
-			if (inp_misaligned)
-				inp = padlock_memcpy(out, in_arg, chunk);
-			else
-				inp = in_arg;
-			in_arg += chunk;
-
-			iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata,
-			    out, inp);
-
-			if (out_misaligned)
-				out_arg = padlock_memcpy(out_arg, out, chunk) +
-				    chunk;
-			else
-				out = out_arg += chunk;
-		} while (nbytes -= chunk);
-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
-		break;
-
-	case EVP_CIPH_CFB_MODE:
-		memcpy (iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		chunk &= ~(AES_BLOCK_SIZE - 1);
-		if (chunk)
-			goto cfb_shortcut;
-		else
-			goto cfb_skiploop;
-		do {
-			if (iv != cdata->iv)
-				memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
-			chunk = PADLOCK_CHUNK;
-			cfb_shortcut: /* optimize for small input */
-			if (inp_misaligned)
-				inp = padlock_memcpy(out, in_arg, chunk);
-			else
-				inp = in_arg;
-			in_arg += chunk;
-
-			iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata,
-			    out, inp);
-
-			if (out_misaligned)
-				out_arg = padlock_memcpy(out_arg, out, chunk) +
-				    chunk;
-			else
-				out = out_arg += chunk;
-
-			nbytes -= chunk;
-		} while (nbytes >= AES_BLOCK_SIZE);
-
-cfb_skiploop:
-		if (nbytes) {
-			unsigned char *ivp = cdata->iv;
-
-			if (iv != ivp) {
-				memcpy(ivp, iv, AES_BLOCK_SIZE);
-				iv = ivp;
-			}
-			ctx->num = nbytes;
-			if (cdata->cword.b.encdec) {
-				cdata->cword.b.encdec = 0;
-				padlock_reload_key();
-				padlock_xcrypt_ecb(1, cdata, ivp, ivp);
-				cdata->cword.b.encdec = 1;
-				padlock_reload_key();
-				while (nbytes) {
-					unsigned char c = *(in_arg++);
-					*(out_arg++) = c ^ *ivp;
-					*(ivp++) = c, nbytes--;
-				}
-			} else {
-				padlock_reload_key();
-				padlock_xcrypt_ecb(1, cdata, ivp, ivp);
-				padlock_reload_key();
-				while (nbytes) {
-					*ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
-					ivp++, nbytes--;
-				}
-			}
-		}
-
-		memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
-		break;
-
-	case EVP_CIPH_OFB_MODE:
-		memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
-		chunk &= ~(AES_BLOCK_SIZE - 1);
-		if (chunk) do	{
-			if (inp_misaligned)
-				inp = padlock_memcpy(out, in_arg, chunk);
-			else
-				inp = in_arg;
-			in_arg += chunk;
-
-			padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata,
-			    out, inp);
-
-			if (out_misaligned)
-				out_arg = padlock_memcpy(out_arg, out, chunk) +
-				    chunk;
-			else
-				out = out_arg += chunk;
-
-			nbytes -= chunk;
-			chunk = PADLOCK_CHUNK;
-		} while (nbytes >= AES_BLOCK_SIZE);
-
-		if (nbytes) {
-			unsigned char *ivp = cdata->iv;
-
-			ctx->num = nbytes;
-			padlock_reload_key();	/* empirically found */
-			padlock_xcrypt_ecb(1, cdata, ivp, ivp);
-			padlock_reload_key();	/* empirically found */
-			while (nbytes) {
-				*(out_arg++) = *(in_arg++) ^ *ivp;
-				ivp++, nbytes--;
-			}
-		}
-
-		memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
-		break;
-
-	default:
-		return 0;
-	}
-
-	/* Clean the realign buffer if it was used */
-	if (out_misaligned) {
-		volatile unsigned long *p = (void *)out;
-		size_t n = allocated/sizeof(*p);
-		while (n--)
-			*p++ = 0;
-	}
-
-	memset(cdata->iv, 0, AES_BLOCK_SIZE);
-
-	return 1;
-}
-
-#endif /* OPENSSL_NO_AES */
-
-/* ===== Random Number Generator ===== */
-/*
- * This code is not engaged. The reason is that it does not comply
- * with recommendations for VIA RNG usage for secure applications
- * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it
- * provide meaningful error control...
- */
-/* Wrapper that provides an interface between the API and
-   the raw PadLock RNG */
-static int
-padlock_rand_bytes(unsigned char *output, int count)
-{
-	unsigned int eax, buf;
-
-	while (count >= 8) {
-		eax = padlock_xstore(output, 0);
-		if (!(eax & (1 << 6)))
-			return 0; /* RNG disabled */
-		/* this ---vv--- covers DC bias, Raw Bits and String Filter */
-		if (eax & (0x1F << 10))
-			return 0;
-		if ((eax & 0x1F) == 0)
-			continue; /* no data, retry... */
-		if ((eax & 0x1F) != 8)
-			return 0; /* fatal failure...  */
-		output += 8;
-		count -= 8;
-	}
-	while (count > 0) {
-		eax = padlock_xstore(&buf, 3);
-		if (!(eax & (1 << 6)))
-			return 0; /* RNG disabled */
-		/* this ---vv--- covers DC bias, Raw Bits and String Filter */
-		if (eax & (0x1F << 10))
-			return 0;
-		if ((eax & 0x1F) == 0)
-			continue; /* no data, retry... */
-		if ((eax & 0x1F) != 1)
-			return 0; /* fatal failure...  */
-		*output++ = (unsigned char)buf;
-		count--;
-	}
-	*(volatile unsigned int *)&buf = 0;
-
-	return 1;
-}
-
-/* Dummy but necessary function */
-static int
-padlock_rand_status(void)
-{
-	return 1;
-}
-
-/* Prepare structure for registration */
-static RAND_METHOD padlock_rand = {
-	.bytes = padlock_rand_bytes,
-	.pseudorand = padlock_rand_bytes,
-	.status = padlock_rand_status
-};
-
-#else  /* !COMPILE_HW_PADLOCK */
-#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-extern int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
-extern int
-bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) {
-	return 0;
-}
-IMPLEMENT_DYNAMIC_CHECK_FN()
-#endif
-#endif /* COMPILE_HW_PADLOCK */
-
-#endif /* !OPENSSL_NO_HW_PADLOCK */
-#endif /* !OPENSSL_NO_HW */
diff --git a/lib/libssl/src/crypto/engine/eng_padlock.ec b/lib/libssl/src/crypto/engine/eng_padlock.ec
deleted file mode 100644
index a0e7cbd60dc..00000000000
--- a/lib/libssl/src/crypto/engine/eng_padlock.ec
+++ /dev/null
@@ -1 +0,0 @@
-L PADLOCK	eng_padlock_err.h			eng_padlock_err.c
diff --git a/lib/libssl/src/crypto/engine/eng_pkey.c b/lib/libssl/src/crypto/engine/eng_pkey.c
deleted file mode 100644
index 74b1ce03b74..00000000000
--- a/lib/libssl/src/crypto/engine/eng_pkey.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* $OpenBSD: eng_pkey.c,v 1.6 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* Basic get/set stuff */
-
-int
-ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f)
-{
-	e->load_privkey = loadpriv_f;
-	return 1;
-}
-
-int
-ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
-{
-	e->load_pubkey = loadpub_f;
-	return 1;
-}
-
-int
-ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
-    ENGINE_SSL_CLIENT_CERT_PTR loadssl_f)
-{
-	e->load_ssl_client_cert = loadssl_f;
-	return 1;
-}
-
-ENGINE_LOAD_KEY_PTR
-ENGINE_get_load_privkey_function(const ENGINE *e)
-{
-	return e->load_privkey;
-}
-
-ENGINE_LOAD_KEY_PTR
-ENGINE_get_load_pubkey_function(const ENGINE *e)
-{
-	return e->load_pubkey;
-}
-
-ENGINE_SSL_CLIENT_CERT_PTR
-ENGINE_get_ssl_client_cert_function(const ENGINE *e)
-{
-	return e->load_ssl_client_cert;
-}
-
-/* API functions to load public/private keys */
-
-EVP_PKEY *
-ENGINE_load_private_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
-    void *callback_data)
-{
-	EVP_PKEY *pkey;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (e->funct_ref == 0) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-		    ENGINE_R_NOT_INITIALISED);
-		return 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!e->load_privkey) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-		    ENGINE_R_NO_LOAD_FUNCTION);
-		return 0;
-	}
-	pkey = e->load_privkey(e, key_id, ui_method, callback_data);
-	if (!pkey) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
-		    ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
-		return 0;
-	}
-	return pkey;
-}
-
-EVP_PKEY *
-ENGINE_load_public_key(ENGINE *e, const char *key_id, UI_METHOD *ui_method,
-    void *callback_data)
-{
-	EVP_PKEY *pkey;
-
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (e->funct_ref == 0) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-		    ENGINE_R_NOT_INITIALISED);
-		return 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!e->load_pubkey) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-		    ENGINE_R_NO_LOAD_FUNCTION);
-		return 0;
-	}
-	pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
-	if (!pkey) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
-		    ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
-		return 0;
-	}
-	return pkey;
-}
-
-int
-ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s, STACK_OF(X509_NAME) *ca_dn,
-    X509 **pcert, EVP_PKEY **ppkey, STACK_OF(X509) **pother,
-    UI_METHOD *ui_method, void *callback_data)
-{
-	if (e == NULL) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (e->funct_ref == 0) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-		    ENGINE_R_NOT_INITIALISED);
-		return 0;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	if (!e->load_ssl_client_cert) {
-		ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
-		    ENGINE_R_NO_LOAD_FUNCTION);
-		return 0;
-	}
-	return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
-	    ui_method, callback_data);
-}
diff --git a/lib/libssl/src/crypto/engine/eng_table.c b/lib/libssl/src/crypto/engine/eng_table.c
deleted file mode 100644
index 342c76fa1b0..00000000000
--- a/lib/libssl/src/crypto/engine/eng_table.c
+++ /dev/null
@@ -1,355 +0,0 @@
-/* $OpenBSD: eng_table.c,v 1.8 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-
-#include "eng_int.h"
-
-/* The type of the items in the table */
-typedef struct st_engine_pile {
-	/* The 'nid' of this algorithm/mode */
-	int nid;
-	/* ENGINEs that implement this algorithm/mode. */
-	STACK_OF(ENGINE) *sk;
-	/* The default ENGINE to perform this algorithm/mode. */
-	ENGINE *funct;
-	/* Zero if 'sk' is newer than the cached 'funct', non-zero otherwise */
-	int uptodate;
-} ENGINE_PILE;
-
-DECLARE_LHASH_OF(ENGINE_PILE);
-
-/* The type exposed in eng_int.h */
-struct st_engine_table {
-	LHASH_OF(ENGINE_PILE) piles;
-}; /* ENGINE_TABLE */
-
-typedef struct st_engine_pile_doall {
-	engine_table_doall_cb *cb;
-	void *arg;
-} ENGINE_PILE_DOALL;
-
-/* Global flags (ENGINE_TABLE_FLAG_***). */
-static unsigned int table_flags = 0;
-
-/* API function manipulating 'table_flags' */
-unsigned int
-ENGINE_get_table_flags(void)
-{
-	return table_flags;
-}
-
-void
-ENGINE_set_table_flags(unsigned int flags)
-{
-	table_flags = flags;
-}
-
-/* Internal functions for the "piles" hash table */
-static unsigned long
-engine_pile_hash(const ENGINE_PILE *c)
-{
-	return c->nid;
-}
-
-static int
-engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
-{
-	return a->nid - b->nid;
-}
-static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
-static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
-
-static int
-int_table_check(ENGINE_TABLE **t, int create)
-{
-	LHASH_OF(ENGINE_PILE) *lh;
-
-	if (*t)
-		return 1;
-	if (!create)
-		return 0;
-	if ((lh = lh_ENGINE_PILE_new()) == NULL)
-		return 0;
-	*t = (ENGINE_TABLE *)lh;
-	return 1;
-}
-
-/* Privately exposed (via eng_int.h) functions for adding and/or removing
- * ENGINEs from the implementation table */
-int
-engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
-    ENGINE *e, const int *nids, int num_nids, int setdefault)
-{
-	int ret = 0, added = 0;
-	ENGINE_PILE tmplate, *fnd;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (!(*table))
-		added = 1;
-	if (!int_table_check(table, 1))
-		goto end;
-	if (added)
-		/* The cleanup callback needs to be added */
-		engine_cleanup_add_first(cleanup);
-	while (num_nids--) {
-		tmplate.nid = *nids;
-		fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
-		if (!fnd) {
-			fnd = malloc(sizeof(ENGINE_PILE));
-			if (!fnd)
-				goto end;
-			fnd->uptodate = 1;
-			fnd->nid = *nids;
-			fnd->sk = sk_ENGINE_new_null();
-			if (!fnd->sk) {
-				free(fnd);
-				goto end;
-			}
-			fnd->funct = NULL;
-			(void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
-		}
-		/* A registration shouldn't add duplciate entries */
-		(void)sk_ENGINE_delete_ptr(fnd->sk, e);
-		/* if 'setdefault', this ENGINE goes to the head of the list */
-		if (!sk_ENGINE_push(fnd->sk, e))
-			goto end;
-		/* "touch" this ENGINE_PILE */
-		fnd->uptodate = 0;
-		if (setdefault) {
-			if (!engine_unlocked_init(e)) {
-				ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
-				    ENGINE_R_INIT_FAILED);
-				goto end;
-			}
-			if (fnd->funct)
-				engine_unlocked_finish(fnd->funct, 0);
-			fnd->funct = e;
-			fnd->uptodate = 1;
-		}
-		nids++;
-	}
-	ret = 1;
-end:
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return ret;
-}
-
-static void
-int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
-{
-	int n;
-
-	/* Iterate the 'c->sk' stack removing any occurance of 'e' */
-	while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
-		(void)sk_ENGINE_delete(pile->sk, n);
-		pile->uptodate = 0;
-	}
-	if (pile->funct == e) {
-		engine_unlocked_finish(e, 0);
-		pile->funct = NULL;
-	}
-}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
-
-void
-engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (int_table_check(table, 0))
-		lh_ENGINE_PILE_doall_arg(&(*table)->piles,
-		    LHASH_DOALL_ARG_FN(int_unregister_cb), ENGINE, e);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-static void
-int_cleanup_cb_doall(ENGINE_PILE *p)
-{
-	sk_ENGINE_free(p->sk);
-	if (p->funct)
-		engine_unlocked_finish(p->funct, 0);
-	free(p);
-}
-static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
-
-void
-engine_table_cleanup(ENGINE_TABLE **table)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	if (*table) {
-		lh_ENGINE_PILE_doall(&(*table)->piles,
-		    LHASH_DOALL_FN(int_cleanup_cb));
-		lh_ENGINE_PILE_free(&(*table)->piles);
-		*table = NULL;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-}
-
-/* return a functional reference for a given 'nid' */
-#ifndef ENGINE_TABLE_DEBUG
-ENGINE *
-engine_table_select(ENGINE_TABLE **table, int nid)
-#else
-ENGINE *
-engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, int l)
-#endif
-{
-	ENGINE *ret = NULL;
-	ENGINE_PILE tmplate, *fnd = NULL;
-	int initres, loop = 0;
-
-	if (!(*table)) {
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
-		    "registered!\n", f, l, nid);
-#endif
-		return NULL;
-	}
-	ERR_set_mark();
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	/* Check again inside the lock otherwise we could race against cleanup
-	 * operations. But don't worry about a fprintf(stderr). */
-	if (!int_table_check(table, 0))
-		goto end;
-	tmplate.nid = nid;
-	fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
-	if (!fnd)
-		goto end;
-	if (fnd->funct && engine_unlocked_init(fnd->funct)) {
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-		    "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
-#endif
-		ret = fnd->funct;
-		goto end;
-	}
-	if (fnd->uptodate) {
-		ret = fnd->funct;
-		goto end;
-	}
-trynext:
-	ret = sk_ENGINE_value(fnd->sk, loop++);
-	if (!ret) {
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
-		    "registered implementations would initialise\n", f, l, nid);
-#endif
-		goto end;
-	}
-	/* Try to initialise the ENGINE? */
-	if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
-		initres = engine_unlocked_init(ret);
-	else
-		initres = 0;
-	if (initres) {
-		/* Update 'funct' */
-		if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
-			/* If there was a previous default we release it. */
-			if (fnd->funct)
-				engine_unlocked_finish(fnd->funct, 0);
-			fnd->funct = ret;
-#ifdef ENGINE_TABLE_DEBUG
-			fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
-			    "setting default to '%s'\n", f, l, nid, ret->id);
-#endif
-		}
-#ifdef ENGINE_TABLE_DEBUG
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
-		    "newly initialised '%s'\n", f, l, nid, ret->id);
-#endif
-		goto end;
-	}
-	goto trynext;
-end:
-	/* If it failed, it is unlikely to succeed again until some future
-	 * registrations have taken place. In all cases, we cache. */
-	if (fnd)
-		fnd->uptodate = 1;
-#ifdef ENGINE_TABLE_DEBUG
-	if (ret)
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-		    "ENGINE '%s'\n", f, l, nid, ret->id);
-	else
-		fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
-		    "'no matching ENGINE'\n", f, l, nid);
-#endif
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	/* Whatever happened, any failed init()s are not failures in this
-	 * context, so clear our error state. */
-	ERR_pop_to_mark();
-	return ret;
-}
-
-/* Table enumeration */
-
-static void
-int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
-{
-	dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
-}
-static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
-
-void
-engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb, void *arg)
-{
-	ENGINE_PILE_DOALL dall;
-
-	dall.cb = cb;
-	dall.arg = arg;
-	lh_ENGINE_PILE_doall_arg(&table->piles, LHASH_DOALL_ARG_FN(int_cb),
-	    ENGINE_PILE_DOALL, &dall);
-}
diff --git a/lib/libssl/src/crypto/engine/engine.h b/lib/libssl/src/crypto/engine/engine.h
deleted file mode 100644
index 30d1bde4ae2..00000000000
--- a/lib/libssl/src/crypto/engine/engine.h
+++ /dev/null
@@ -1,807 +0,0 @@
-/* $OpenBSD: engine.h,v 1.31 2015/07/19 22:34:27 doug Exp $ */
-/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_ENGINE_H
-#define HEADER_ENGINE_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ENGINE
-#error ENGINE is disabled.
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_ECDH
-#include <openssl/ecdh.h>
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
-#endif
-#include <openssl/ui.h>
-#include <openssl/err.h>
-#endif
-
-#include <openssl/ossl_typ.h>
-
-#include <openssl/x509.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* These flags are used to control combinations of algorithm (methods)
- * by bitwise "OR"ing. */
-#define ENGINE_METHOD_RSA		(unsigned int)0x0001
-#define ENGINE_METHOD_DSA		(unsigned int)0x0002
-#define ENGINE_METHOD_DH		(unsigned int)0x0004
-#define ENGINE_METHOD_RAND		(unsigned int)0x0008
-#define ENGINE_METHOD_ECDH		(unsigned int)0x0010
-#define ENGINE_METHOD_ECDSA		(unsigned int)0x0020
-#define ENGINE_METHOD_CIPHERS		(unsigned int)0x0040
-#define ENGINE_METHOD_DIGESTS		(unsigned int)0x0080
-#define ENGINE_METHOD_STORE		(unsigned int)0x0100
-#define ENGINE_METHOD_PKEY_METHS	(unsigned int)0x0200
-#define ENGINE_METHOD_PKEY_ASN1_METHS	(unsigned int)0x0400
-/* Obvious all-or-nothing cases. */
-#define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
-#define ENGINE_METHOD_NONE		(unsigned int)0x0000
-
-/* This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
- * internally to control registration of ENGINE implementations, and can be set
- * by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
- * initialise registered ENGINEs if they are not already initialised. */
-#define ENGINE_TABLE_FLAG_NOINIT	(unsigned int)0x0001
-
-/* ENGINE flags that can be set by ENGINE_set_flags(). */
-/* #define ENGINE_FLAGS_MALLOCED	0x0001 */ /* Not used */
-
-/* This flag is for ENGINEs that wish to handle the various 'CMD'-related
- * control commands on their own. Without this flag, ENGINE_ctrl() handles these
- * control commands on behalf of the ENGINE using their "cmd_defns" data. */
-#define ENGINE_FLAGS_MANUAL_CMD_CTRL	(int)0x0002
-
-/* This flag is for ENGINEs who return new duplicate structures when found via
- * "ENGINE_by_id()". When an ENGINE must store state (eg. if ENGINE_ctrl()
- * commands are called in sequence as part of some stateful process like
- * key-generation setup and execution), it can set this flag - then each attempt
- * to obtain the ENGINE will result in it being copied into a new structure.
- * Normally, ENGINEs don't declare this flag so ENGINE_by_id() just increments
- * the existing ENGINE's structural reference count. */
-#define ENGINE_FLAGS_BY_ID_COPY		(int)0x0004
-
-/* This flag if for an ENGINE that does not want its methods registered as
- * part of ENGINE_register_all_complete() for example if the methods are
- * not usable as default methods.
- */
-
-#define ENGINE_FLAGS_NO_REGISTER_ALL	(int)0x0008
-
-/* ENGINEs can support their own command types, and these flags are used in
- * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input each
- * command expects. Currently only numeric and string input is supported. If a
- * control command supports none of the _NUMERIC, _STRING, or _NO_INPUT options,
- * then it is regarded as an "internal" control command - and not for use in
- * config setting situations. As such, they're not available to the
- * ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl() access. Changes to
- * this list of 'command types' should be reflected carefully in
- * ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string(). */
-
-/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
-/* accepts string input (cast from 'void*' to 'const char *', 4th parameter to
- * ENGINE_ctrl) */
-#define ENGINE_CMD_FLAG_STRING		(unsigned int)0x0002
-/* Indicates that the control command takes *no* input. Ie. the control command
- * is unparameterised. */
-#define ENGINE_CMD_FLAG_NO_INPUT	(unsigned int)0x0004
-/* Indicates that the control command is internal. This control command won't
- * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
- * function. */
-#define ENGINE_CMD_FLAG_INTERNAL	(unsigned int)0x0008
-
-/* NB: These 3 control commands are deprecated and should not be used. ENGINEs
- * relying on these commands should compile conditional support for
- * compatibility (eg. if these symbols are defined) but should also migrate the
- * same functionality to their own ENGINE-specific control functions that can be
- * "discovered" by calling applications. The fact these control commands
- * wouldn't be "executable" (ie. usable by text-based config) doesn't change the
- * fact that application code can find and use them without requiring per-ENGINE
- * hacking. */
-
-/* These flags are used to tell the ctrl function what should be done.
- * All command numbers are shared between all engines, even if some don't
- * make sense to some engines.  In such a case, they do nothing but return
- * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */
-#define ENGINE_CTRL_SET_LOGSTREAM		1
-#define ENGINE_CTRL_SET_PASSWORD_CALLBACK	2
-#define ENGINE_CTRL_HUP				3 /* Close and reinitialise any
-						     handles/connections etc. */
-#define ENGINE_CTRL_SET_USER_INTERFACE          4 /* Alternative to callback */
-#define ENGINE_CTRL_SET_CALLBACK_DATA           5 /* User-specific data, used
-						     when calling the password
-						     callback and the user
-						     interface */
-#define ENGINE_CTRL_LOAD_CONFIGURATION		6 /* Load a configuration, given
-						     a string that represents a
-						     file name or so */
-#define ENGINE_CTRL_LOAD_SECTION		7 /* Load data from a given
-						     section in the already loaded
-						     configuration */
-
-/* These control commands allow an application to deal with an arbitrary engine
- * in a dynamic way. Warn: Negative return values indicate errors FOR THESE
- * COMMANDS because zero is used to indicate 'end-of-list'. Other commands,
- * including ENGINE-specific command types, return zero for an error.
- *
- * An ENGINE can choose to implement these ctrl functions, and can internally
- * manage things however it chooses - it does so by setting the
- * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise the
- * ENGINE_ctrl() code handles this on the ENGINE's behalf using the cmd_defns
- * data (set using ENGINE_set_cmd_defns()). This means an ENGINE's ctrl()
- * handler need only implement its own commands - the above "meta" commands will
- * be taken care of. */
-
-/* Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not", then
- * all the remaining control commands will return failure, so it is worth
- * checking this first if the caller is trying to "discover" the engine's
- * capabilities and doesn't want errors generated unnecessarily. */
-#define ENGINE_CTRL_HAS_CTRL_FUNCTION		10
-/* Returns a positive command number for the first command supported by the
- * engine. Returns zero if no ctrl commands are supported. */
-#define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
-/* The 'long' argument specifies a command implemented by the engine, and the
- * return value is the next command supported, or zero if there are no more. */
-#define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
-/* The 'void*' argument is a command name (cast from 'const char *'), and the
- * return value is the command that corresponds to it. */
-#define ENGINE_CTRL_GET_CMD_FROM_NAME		13
-/* The next two allow a command to be converted into its corresponding string
- * form. In each case, the 'long' argument supplies the command. In the NAME_LEN
- * case, the return value is the length of the command name (not counting a
- * trailing EOL). In the NAME case, the 'void*' argument must be a string buffer
- * large enough, and it will be populated with the name of the command (WITH a
- * trailing EOL). */
-#define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
-#define ENGINE_CTRL_GET_NAME_FROM_CMD		15
-/* The next two are similar but give a "short description" of a command. */
-#define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
-#define ENGINE_CTRL_GET_DESC_FROM_CMD		17
-/* With this command, the return value is the OR'd combination of
- * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
- * engine-specific ctrl command expects. */
-#define ENGINE_CTRL_GET_CMD_FLAGS		18
-
-/* ENGINE implementations should start the numbering of their own control
- * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc). */
-#define ENGINE_CMD_BASE				200
-
-/* If an ENGINE supports its own specific control commands and wishes the
- * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on its
- * behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN entries
- * to ENGINE_set_cmd_defns(). It should also implement a ctrl() handler that
- * supports the stated commands (ie. the "cmd_num" entries as described by the
- * array). NB: The array must be ordered in increasing order of cmd_num.
- * "null-terminated" means that the last ENGINE_CMD_DEFN element has cmd_num set
- * to zero and/or cmd_name set to NULL. */
-typedef struct ENGINE_CMD_DEFN_st {
-	unsigned int cmd_num; /* The command number */
-	const char *cmd_name; /* The command name itself */
-	const char *cmd_desc; /* A short description of the command */
-	unsigned int cmd_flags; /* The input the command expects */
-} ENGINE_CMD_DEFN;
-
-/* Generic function pointer */
-typedef int (*ENGINE_GEN_FUNC_PTR)(void);
-/* Generic function pointer taking no arguments */
-typedef int (*ENGINE_GEN_INT_FUNC_PTR)(ENGINE *);
-/* Specific control function pointer */
-typedef int (*ENGINE_CTRL_FUNC_PTR)(ENGINE *, int, long, void *,
-    void (*f)(void));
-/* Generic load_key function pointer */
-typedef EVP_PKEY * (*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
-    UI_METHOD *ui_method, void *callback_data);
-typedef int (*ENGINE_SSL_CLIENT_CERT_PTR)(ENGINE *, SSL *ssl,
-    STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **pkey,
-    STACK_OF(X509) **pother, UI_METHOD *ui_method, void *callback_data);
-
-/* These callback types are for an ENGINE's handler for cipher and digest logic.
- * These handlers have these prototypes;
- *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
- *   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
- * Looking at how to implement these handlers in the case of cipher support, if
- * the framework wants the EVP_CIPHER for 'nid', it will call;
- *   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
- * If the framework wants a list of supported 'nid's, it will call;
- *   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
- */
-/* Returns to a pointer to the array of supported cipher 'nid's. If the second
- * parameter is non-NULL it is set to the size of the returned array. */
-typedef int (*ENGINE_CIPHERS_PTR)(ENGINE *, const EVP_CIPHER **,
-    const int **, int);
-typedef int (*ENGINE_DIGESTS_PTR)(ENGINE *, const EVP_MD **, const int **, int);
-typedef int (*ENGINE_PKEY_METHS_PTR)(ENGINE *, EVP_PKEY_METHOD **,
-    const int **, int);
-typedef int (*ENGINE_PKEY_ASN1_METHS_PTR)(ENGINE *, EVP_PKEY_ASN1_METHOD **,
-    const int **, int);
-
-/* STRUCTURE functions ... all of these functions deal with pointers to ENGINE
- * structures where the pointers have a "structural reference". This means that
- * their reference is to allowed access to the structure but it does not imply
- * that the structure is functional. To simply increment or decrement the
- * structural reference count, use ENGINE_by_id and ENGINE_free. NB: This is not
- * required when iterating using ENGINE_get_next as it will automatically
- * decrement the structural reference count of the "current" ENGINE and
- * increment the structural reference count of the ENGINE it returns (unless it
- * is NULL). */
-
-/* Get the first/last "ENGINE" type available. */
-ENGINE *ENGINE_get_first(void);
-ENGINE *ENGINE_get_last(void);
-/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
-ENGINE *ENGINE_get_next(ENGINE *e);
-ENGINE *ENGINE_get_prev(ENGINE *e);
-/* Add another "ENGINE" type into the array. */
-int ENGINE_add(ENGINE *e);
-/* Remove an existing "ENGINE" type from the array. */
-int ENGINE_remove(ENGINE *e);
-/* Retrieve an engine from the list by its unique "id" value. */
-ENGINE *ENGINE_by_id(const char *id);
-/* Add all the built-in engines. */
-void ENGINE_load_openssl(void);
-void ENGINE_load_dynamic(void);
-#ifndef OPENSSL_NO_STATIC_ENGINE
-void ENGINE_load_padlock(void);
-#endif
-void ENGINE_load_builtin_engines(void);
-
-/* Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
- * "registry" handling. */
-unsigned int ENGINE_get_table_flags(void);
-void ENGINE_set_table_flags(unsigned int flags);
-
-/* Manage registration of ENGINEs per "table". For each type, there are 3
- * functions;
- *   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
- *   ENGINE_unregister_***(e) - unregister the implementation from 'e'
- *   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
- * Cleanup is automatically registered from each table when required, so
- * ENGINE_cleanup() will reverse any "register" operations. */
-
-int ENGINE_register_RSA(ENGINE *e);
-void ENGINE_unregister_RSA(ENGINE *e);
-void ENGINE_register_all_RSA(void);
-
-int ENGINE_register_DSA(ENGINE *e);
-void ENGINE_unregister_DSA(ENGINE *e);
-void ENGINE_register_all_DSA(void);
-
-int ENGINE_register_ECDH(ENGINE *e);
-void ENGINE_unregister_ECDH(ENGINE *e);
-void ENGINE_register_all_ECDH(void);
-
-int ENGINE_register_ECDSA(ENGINE *e);
-void ENGINE_unregister_ECDSA(ENGINE *e);
-void ENGINE_register_all_ECDSA(void);
-
-int ENGINE_register_DH(ENGINE *e);
-void ENGINE_unregister_DH(ENGINE *e);
-void ENGINE_register_all_DH(void);
-
-int ENGINE_register_RAND(ENGINE *e);
-void ENGINE_unregister_RAND(ENGINE *e);
-void ENGINE_register_all_RAND(void);
-
-int ENGINE_register_STORE(ENGINE *e);
-void ENGINE_unregister_STORE(ENGINE *e);
-void ENGINE_register_all_STORE(void);
-
-int ENGINE_register_ciphers(ENGINE *e);
-void ENGINE_unregister_ciphers(ENGINE *e);
-void ENGINE_register_all_ciphers(void);
-
-int ENGINE_register_digests(ENGINE *e);
-void ENGINE_unregister_digests(ENGINE *e);
-void ENGINE_register_all_digests(void);
-
-int ENGINE_register_pkey_meths(ENGINE *e);
-void ENGINE_unregister_pkey_meths(ENGINE *e);
-void ENGINE_register_all_pkey_meths(void);
-
-int ENGINE_register_pkey_asn1_meths(ENGINE *e);
-void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
-void ENGINE_register_all_pkey_asn1_meths(void);
-
-/* These functions register all support from the above categories. Note, use of
- * these functions can result in static linkage of code your application may not
- * need. If you only need a subset of functionality, consider using more
- * selective initialisation. */
-int ENGINE_register_complete(ENGINE *e);
-int ENGINE_register_all_complete(void);
-
-/* Send parametrised control commands to the engine. The possibilities to send
- * down an integer, a pointer to data or a function pointer are provided. Any of
- * the parameters may or may not be NULL, depending on the command number. In
- * actuality, this function only requires a structural (rather than functional)
- * reference to an engine, but many control commands may require the engine be
- * functional. The caller should be aware of trying commands that require an
- * operational ENGINE, and only use functional references in such situations. */
-int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
-
-/* This function tests if an ENGINE-specific command is usable as a "setting".
- * Eg. in an application's config file that gets processed through
- * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
- * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl(). */
-int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
-
-/* This function works like ENGINE_ctrl() with the exception of taking a
- * command name instead of a command number, and can handle optional commands.
- * See the comment on ENGINE_ctrl_cmd_string() for an explanation on how to
- * use the cmd_name and cmd_optional. */
-int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-    long i, void *p, void (*f)(void), int cmd_optional);
-
-/* This function passes a command-name and argument to an ENGINE. The cmd_name
- * is converted to a command number and the control command is called using
- * 'arg' as an argument (unless the ENGINE doesn't support such a command, in
- * which case no control command is called). The command is checked for input
- * flags, and if necessary the argument will be converted to a numeric value. If
- * cmd_optional is non-zero, then if the ENGINE doesn't support the given
- * cmd_name the return value will be success anyway. This function is intended
- * for applications to use so that users (or config files) can supply
- * engine-specific config data to the ENGINE at run-time to control behaviour of
- * specific engines. As such, it shouldn't be used for calling ENGINE_ctrl()
- * functions that return data, deal with binary data, or that are otherwise
- * supposed to be used directly through ENGINE_ctrl() in application code. Any
- * "return" data from an ENGINE_ctrl() operation in this function will be lost -
- * the return value is interpreted as failure if the return value is zero,
- * success otherwise, and this function returns a boolean value as a result. In
- * other words, vendors of 'ENGINE'-enabled devices should write ENGINE
- * implementations with parameterisations that work in this scheme, so that
- * compliant ENGINE-based applications can work consistently with the same
- * configuration for the same ENGINE-enabled devices, across applications. */
-int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-    int cmd_optional);
-
-/* These functions are useful for manufacturing new ENGINE structures. They
- * don't address reference counting at all - one uses them to populate an ENGINE
- * structure with personalised implementations of things prior to using it
- * directly or adding it to the builtin ENGINE list in OpenSSL. These are also
- * here so that the ENGINE structure doesn't have to be exposed and break binary
- * compatibility! */
-ENGINE *ENGINE_new(void);
-int ENGINE_free(ENGINE *e);
-int ENGINE_up_ref(ENGINE *e);
-int ENGINE_set_id(ENGINE *e, const char *id);
-int ENGINE_set_name(ENGINE *e, const char *name);
-int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
-int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
-int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
-int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
-int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
-int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
-int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
-int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
-int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
-int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
-int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
-int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
-int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
-int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
-    ENGINE_SSL_CLIENT_CERT_PTR loadssl_f);
-int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
-int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
-int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
-int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
-int ENGINE_set_flags(ENGINE *e, int flags);
-int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-/* These functions allow control over any per-structure ENGINE data. */
-int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
-void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
-/* This function cleans up anything that needs it. Eg. the ENGINE_add() function
- * automatically ensures the list cleanup function is registered to be called
- * from ENGINE_cleanup(). Similarly, all ENGINE_register_*** functions ensure
- * ENGINE_cleanup() will clean up after them. */
-void ENGINE_cleanup(void);
-
-/* These return values from within the ENGINE structure. These can be useful
- * with functional references as well as structural references - it depends
- * which you obtained. Using the result for functional purposes if you only
- * obtained a structural reference may be problematic! */
-const char *ENGINE_get_id(const ENGINE *e);
-const char *ENGINE_get_name(const ENGINE *e);
-const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
-const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
-const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
-const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
-const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
-const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
-const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
-ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
-ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
-ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
-ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE *e);
-ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
-ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
-ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
-ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
-const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
-const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
-const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
-const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
-    const char *str, int len);
-const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
-    const char *str, int len);
-const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-int ENGINE_get_flags(const ENGINE *e);
-
-/* FUNCTIONAL functions. These functions deal with ENGINE structures
- * that have (or will) be initialised for use. Broadly speaking, the
- * structural functions are useful for iterating the list of available
- * engine types, creating new engine types, and other "list" operations.
- * These functions actually deal with ENGINEs that are to be used. As
- * such these functions can fail (if applicable) when particular
- * engines are unavailable - eg. if a hardware accelerator is not
- * attached or not functioning correctly. Each ENGINE has 2 reference
- * counts; structural and functional. Every time a functional reference
- * is obtained or released, a corresponding structural reference is
- * automatically obtained or released too. */
-
-/* Initialise a engine type for use (or up its reference count if it's
- * already in use). This will fail if the engine is not currently
- * operational and cannot initialise. */
-int ENGINE_init(ENGINE *e);
-/* Free a functional reference to a engine type. This does not require
- * a corresponding call to ENGINE_free as it also releases a structural
- * reference. */
-int ENGINE_finish(ENGINE *e);
-
-/* The following functions handle keys that are stored in some secondary
- * location, handled by the engine.  The storage may be on a card or
- * whatever. */
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-    UI_METHOD *ui_method, void *callback_data);
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-    UI_METHOD *ui_method, void *callback_data);
-int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
-    STACK_OF(X509_NAME) *ca_dn, X509 **pcert, EVP_PKEY **ppkey,
-    STACK_OF(X509) **pother,
-    UI_METHOD *ui_method, void *callback_data);
-
-/* This returns a pointer for the current ENGINE structure that
- * is (by default) performing any RSA operations. The value returned
- * is an incremented reference, so it should be free'd (ENGINE_finish)
- * before it is discarded. */
-ENGINE *ENGINE_get_default_RSA(void);
-/* Same for the other "methods" */
-ENGINE *ENGINE_get_default_DSA(void);
-ENGINE *ENGINE_get_default_ECDH(void);
-ENGINE *ENGINE_get_default_ECDSA(void);
-ENGINE *ENGINE_get_default_DH(void);
-ENGINE *ENGINE_get_default_RAND(void);
-/* These functions can be used to get a functional reference to perform
- * ciphering or digesting corresponding to "nid". */
-ENGINE *ENGINE_get_cipher_engine(int nid);
-ENGINE *ENGINE_get_digest_engine(int nid);
-ENGINE *ENGINE_get_pkey_meth_engine(int nid);
-ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
-
-/* This sets a new default ENGINE structure for performing RSA
- * operations. If the result is non-zero (success) then the ENGINE
- * structure will have had its reference count up'd so the caller
- * should still free their own reference 'e'. */
-int ENGINE_set_default_RSA(ENGINE *e);
-int ENGINE_set_default_string(ENGINE *e, const char *def_list);
-/* Same for the other "methods" */
-int ENGINE_set_default_DSA(ENGINE *e);
-int ENGINE_set_default_ECDH(ENGINE *e);
-int ENGINE_set_default_ECDSA(ENGINE *e);
-int ENGINE_set_default_DH(ENGINE *e);
-int ENGINE_set_default_RAND(ENGINE *e);
-int ENGINE_set_default_ciphers(ENGINE *e);
-int ENGINE_set_default_digests(ENGINE *e);
-int ENGINE_set_default_pkey_meths(ENGINE *e);
-int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
-
-/* The combination "set" - the flags are bitwise "OR"d from the
- * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
- * function, this function can result in unnecessary static linkage. If your
- * application requires only specific functionality, consider using more
- * selective functions. */
-int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
-void ENGINE_add_conf_module(void);
-
-/* Deprecated functions ... */
-/* int ENGINE_clear_defaults(void); */
-
-/**************************/
-/* DYNAMIC ENGINE SUPPORT */
-/**************************/
-
-/* Binary/behaviour compatibility levels */
-#define OSSL_DYNAMIC_VERSION		(unsigned long)0x00020000
-/* Binary versions older than this are too old for us (whether we're a loader or
- * a loadee) */
-#define OSSL_DYNAMIC_OLDEST		(unsigned long)0x00020000
-
-/* When compiling an ENGINE entirely as an external shared library, loadable by
- * the "dynamic" ENGINE, these types are needed. The 'dynamic_fns' structure
- * type provides the calling application's (or library's) error functionality
- * and memory management function pointers to the loaded library. These should
- * be used/set in the loaded library code so that the loading application's
- * 'state' will be used/changed in all operations. The 'static_state' pointer
- * allows the loaded library to know if it shares the same static data as the
- * calling application (or library), and thus whether these callbacks need to be
- * set or not. */
-typedef void *(*dyn_MEM_malloc_cb)(size_t);
-typedef void *(*dyn_MEM_realloc_cb)(void *, size_t);
-typedef void (*dyn_MEM_free_cb)(void *);
-typedef struct st_dynamic_MEM_fns {
-	dyn_MEM_malloc_cb			malloc_cb;
-	dyn_MEM_realloc_cb			realloc_cb;
-	dyn_MEM_free_cb				free_cb;
-} dynamic_MEM_fns;
-/* FIXME: Perhaps the memory and locking code (crypto.h) should declare and use
- * these types so we (and any other dependant code) can simplify a bit?? */
-typedef void (*dyn_lock_locking_cb)(int, int, const char *, int);
-typedef int (*dyn_lock_add_lock_cb)(int*, int, int, const char *, int);
-typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb)(
-    const char *, int);
-typedef void (*dyn_dynlock_lock_cb)(int, struct CRYPTO_dynlock_value *,
-    const char *, int);
-typedef void (*dyn_dynlock_destroy_cb)(struct CRYPTO_dynlock_value *,
-    const char *, int);
-typedef struct st_dynamic_LOCK_fns {
-	dyn_lock_locking_cb			lock_locking_cb;
-	dyn_lock_add_lock_cb			lock_add_lock_cb;
-	dyn_dynlock_create_cb			dynlock_create_cb;
-	dyn_dynlock_lock_cb			dynlock_lock_cb;
-	dyn_dynlock_destroy_cb			dynlock_destroy_cb;
-} dynamic_LOCK_fns;
-/* The top-level structure */
-typedef struct st_dynamic_fns {
-	void 					*static_state;
-	const ERR_FNS				*err_fns;
-	const CRYPTO_EX_DATA_IMPL		*ex_data_fns;
-	dynamic_MEM_fns				mem_fns;
-	dynamic_LOCK_fns			lock_fns;
-} dynamic_fns;
-
-/* The version checking function should be of this prototype. NB: The
- * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading code.
- * If this function returns zero, it indicates a (potential) version
- * incompatibility and the loaded library doesn't believe it can proceed.
- * Otherwise, the returned value is the (latest) version supported by the
- * loading library. The loader may still decide that the loaded code's version
- * is unsatisfactory and could veto the load. The function is expected to
- * be implemented with the symbol name "v_check", and a default implementation
- * can be fully instantiated with IMPLEMENT_DYNAMIC_CHECK_FN(). */
-typedef unsigned long (*dynamic_v_check_fn)(unsigned long ossl_version);
-#define IMPLEMENT_DYNAMIC_CHECK_FN() \
-	extern unsigned long v_check(unsigned long v); \
-	extern unsigned long v_check(unsigned long v) { \
-		if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
-		return 0; }
-
-/* This function is passed the ENGINE structure to initialise with its own
- * function and command settings. It should not adjust the structural or
- * functional reference counts. If this function returns zero, (a) the load will
- * be aborted, (b) the previous ENGINE state will be memcpy'd back onto the
- * structure, and (c) the shared library will be unloaded. So implementations
- * should do their own internal cleanup in failure circumstances otherwise they
- * could leak. The 'id' parameter, if non-NULL, represents the ENGINE id that
- * the loader is looking for. If this is NULL, the shared library can choose to
- * return failure or to initialise a 'default' ENGINE. If non-NULL, the shared
- * library must initialise only an ENGINE matching the passed 'id'. The function
- * is expected to be implemented with the symbol name "bind_engine". A standard
- * implementation can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where
- * the parameter 'fn' is a callback function that populates the ENGINE structure
- * and returns an int value (zero for failure). 'fn' should have prototype;
- *    [static] int fn(ENGINE *e, const char *id); */
-typedef int (*dynamic_bind_engine)(ENGINE *e, const char *id,
-    const dynamic_fns *fns);
-#define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
-	extern \
-	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
-	extern \
-	int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
-		if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
-		if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
-			fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
-			return 0; \
-		CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
-		CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
-		CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
-		CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
-		CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
-		if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
-			return 0; \
-		if(!ERR_set_implementation(fns->err_fns)) return 0; \
-	skip_cbs: \
-		if(!fn(e,id)) return 0; \
-		return 1; }
-
-/* If the loading application (or library) and the loaded ENGINE library share
- * the same static data (eg. they're both dynamically linked to the same
- * libcrypto.so) we need a way to avoid trying to set system callbacks - this
- * would fail, and for the same reason that it's unnecessary to try. If the
- * loaded ENGINE has (or gets from through the loader) its own copy of the
- * libcrypto static data, we will need to set the callbacks. The easiest way to
- * detect this is to have a function that returns a pointer to some static data
- * and let the loading application and loaded ENGINE compare their respective
- * values. */
-					void *ENGINE_get_static_state(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_ENGINE_strings(void);
-
-/* Error codes for the ENGINE functions. */
-
-/* Function codes. */
-#define ENGINE_F_DYNAMIC_CTRL				 180
-#define ENGINE_F_DYNAMIC_GET_DATA_CTX			 181
-#define ENGINE_F_DYNAMIC_LOAD				 182
-#define ENGINE_F_DYNAMIC_SET_DATA_CTX			 183
-#define ENGINE_F_ENGINE_ADD				 105
-#define ENGINE_F_ENGINE_BY_ID				 106
-#define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE		 170
-#define ENGINE_F_ENGINE_CTRL				 142
-#define ENGINE_F_ENGINE_CTRL_CMD			 178
-#define ENGINE_F_ENGINE_CTRL_CMD_STRING			 171
-#define ENGINE_F_ENGINE_FINISH				 107
-#define ENGINE_F_ENGINE_FREE_UTIL			 108
-#define ENGINE_F_ENGINE_GET_CIPHER			 185
-#define ENGINE_F_ENGINE_GET_DEFAULT_TYPE		 177
-#define ENGINE_F_ENGINE_GET_DIGEST			 186
-#define ENGINE_F_ENGINE_GET_NEXT			 115
-#define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH		 193
-#define ENGINE_F_ENGINE_GET_PKEY_METH			 192
-#define ENGINE_F_ENGINE_GET_PREV			 116
-#define ENGINE_F_ENGINE_INIT				 119
-#define ENGINE_F_ENGINE_LIST_ADD			 120
-#define ENGINE_F_ENGINE_LIST_REMOVE			 121
-#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY		 150
-#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY			 151
-#define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT		 194
-#define ENGINE_F_ENGINE_NEW				 122
-#define ENGINE_F_ENGINE_REMOVE				 123
-#define ENGINE_F_ENGINE_SET_DEFAULT_STRING		 189
-#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE		 126
-#define ENGINE_F_ENGINE_SET_ID				 129
-#define ENGINE_F_ENGINE_SET_NAME			 130
-#define ENGINE_F_ENGINE_TABLE_REGISTER			 184
-#define ENGINE_F_ENGINE_UNLOAD_KEY			 152
-#define ENGINE_F_ENGINE_UNLOCKED_FINISH			 191
-#define ENGINE_F_ENGINE_UP_REF				 190
-#define ENGINE_F_INT_CTRL_HELPER			 172
-#define ENGINE_F_INT_ENGINE_CONFIGURE			 188
-#define ENGINE_F_INT_ENGINE_MODULE_INIT			 187
-#define ENGINE_F_LOG_MESSAGE				 141
-
-/* Reason codes. */
-#define ENGINE_R_ALREADY_LOADED				 100
-#define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER		 133
-#define ENGINE_R_CMD_NOT_EXECUTABLE			 134
-#define ENGINE_R_COMMAND_TAKES_INPUT			 135
-#define ENGINE_R_COMMAND_TAKES_NO_INPUT			 136
-#define ENGINE_R_CONFLICTING_ENGINE_ID			 103
-#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED		 119
-#define ENGINE_R_DH_NOT_IMPLEMENTED			 139
-#define ENGINE_R_DSA_NOT_IMPLEMENTED			 140
-#define ENGINE_R_DSO_FAILURE				 104
-#define ENGINE_R_DSO_NOT_FOUND				 132
-#define ENGINE_R_ENGINES_SECTION_ERROR			 148
-#define ENGINE_R_ENGINE_CONFIGURATION_ERROR		 102
-#define ENGINE_R_ENGINE_IS_NOT_IN_LIST			 105
-#define ENGINE_R_ENGINE_SECTION_ERROR			 149
-#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY		 128
-#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY		 129
-#define ENGINE_R_FINISH_FAILED				 106
-#define ENGINE_R_GET_HANDLE_FAILED			 107
-#define ENGINE_R_ID_OR_NAME_MISSING			 108
-#define ENGINE_R_INIT_FAILED				 109
-#define ENGINE_R_INTERNAL_LIST_ERROR			 110
-#define ENGINE_R_INVALID_ARGUMENT			 143
-#define ENGINE_R_INVALID_CMD_NAME			 137
-#define ENGINE_R_INVALID_CMD_NUMBER			 138
-#define ENGINE_R_INVALID_INIT_VALUE			 151
-#define ENGINE_R_INVALID_STRING				 150
-#define ENGINE_R_NOT_INITIALISED			 117
-#define ENGINE_R_NOT_LOADED				 112
-#define ENGINE_R_NO_CONTROL_FUNCTION			 120
-#define ENGINE_R_NO_INDEX				 144
-#define ENGINE_R_NO_LOAD_FUNCTION			 125
-#define ENGINE_R_NO_REFERENCE				 130
-#define ENGINE_R_NO_SUCH_ENGINE				 116
-#define ENGINE_R_NO_UNLOAD_FUNCTION			 126
-#define ENGINE_R_PROVIDE_PARAMETERS			 113
-#define ENGINE_R_RSA_NOT_IMPLEMENTED			 141
-#define ENGINE_R_UNIMPLEMENTED_CIPHER			 146
-#define ENGINE_R_UNIMPLEMENTED_DIGEST			 147
-#define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD	 101
-#define ENGINE_R_VERSION_INCOMPATIBILITY		 145
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/engine/tb_asnmth.c b/lib/libssl/src/crypto/engine/tb_asnmth.c
deleted file mode 100644
index 3ba55419339..00000000000
--- a/lib/libssl/src/crypto/engine/tb_asnmth.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* $OpenBSD: tb_asnmth.c,v 1.5 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include "asn1_locl.h"
-#include <openssl/evp.h>
-
-/* If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
- * function that is used by EVP to hook in pkey_asn1_meth code and cache
- * defaults (etc), will display brief debugging summaries to stderr with the
- * 'nid'. */
-/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
-
-void
-ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
-{
-	engine_table_unregister(&pkey_asn1_meth_table, e);
-}
-
-static void
-engine_unregister_all_pkey_asn1_meths(void)
-{
-	engine_table_cleanup(&pkey_asn1_meth_table);
-}
-
-int
-ENGINE_register_pkey_asn1_meths(ENGINE *e)
-{
-	if (e->pkey_asn1_meths) {
-		const int *nids;
-		int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&pkey_asn1_meth_table,
-			    engine_unregister_all_pkey_asn1_meths, e, nids,
-			    num_nids, 0);
-	}
-	return 1;
-}
-
-void
-ENGINE_register_all_pkey_asn1_meths(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_pkey_asn1_meths(e);
-}
-
-int
-ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
-{
-	if (e->pkey_asn1_meths) {
-		const int *nids;
-		int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&pkey_asn1_meth_table,
-			    engine_unregister_all_pkey_asn1_meths, e, nids,
-			    num_nids, 1);
-	}
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_asn1_meth 'nid' */
-ENGINE *
-ENGINE_get_pkey_asn1_meth_engine(int nid)
-{
-	return engine_table_select(&pkey_asn1_meth_table, nid);
-}
-
-/* Obtains a pkey_asn1_meth implementation from an ENGINE functional reference */
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
-{
-	EVP_PKEY_ASN1_METHOD *ret;
-	ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
-
-	if (!fn || !fn(e, &ret, NULL, nid)) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH,
-		    ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
-		return NULL;
-	}
-	return ret;
-}
-
-/* Gets the pkey_asn1_meth callback from an ENGINE structure */
-ENGINE_PKEY_ASN1_METHS_PTR
-ENGINE_get_pkey_asn1_meths(const ENGINE *e)
-{
-	return e->pkey_asn1_meths;
-}
-
-/* Sets the pkey_asn1_meth callback in an ENGINE structure */
-int
-ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
-{
-	e->pkey_asn1_meths = f;
-	return 1;
-}
-
-/* Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
- * ENGINE is destroyed
- */
-
-void
-engine_pkey_asn1_meths_free(ENGINE *e)
-{
-	int i;
-	EVP_PKEY_ASN1_METHOD *pkm;
-
-	if (e->pkey_asn1_meths) {
-		const int *pknids;
-		int npknids;
-		npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
-		for (i = 0; i < npknids; i++) {
-			if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
-				EVP_PKEY_asn1_free(pkm);
-			}
-		}
-	}
-}
-
-/* Find a method based on a string. This does a linear search through
- * all implemented algorithms. This is OK in practice because only
- * a small number of algorithms are likely to be implemented in an engine
- * and it is not used for speed critical operations.
- */
-
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_get_pkey_asn1_meth_str(ENGINE *e, const char *str, int len)
-{
-	int i, nidcount;
-	const int *nids;
-	EVP_PKEY_ASN1_METHOD *ameth;
-
-	if (!e->pkey_asn1_meths)
-		return NULL;
-	if (len == -1)
-		len = strlen(str);
-	nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
-	for (i = 0; i < nidcount; i++) {
-		e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
-		if (((int)strlen(ameth->pem_str) == len) &&
-		    !strncasecmp(ameth->pem_str, str, len))
-			return ameth;
-	}
-	return NULL;
-}
-
-typedef struct {
-	ENGINE *e;
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	const char *str;
-	int len;
-} ENGINE_FIND_STR;
-
-static void
-look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
-{
-	ENGINE_FIND_STR *lk = arg;
-	int i;
-
-	if (lk->ameth)
-		return;
-	for (i = 0; i < sk_ENGINE_num(sk); i++) {
-		ENGINE *e = sk_ENGINE_value(sk, i);
-		EVP_PKEY_ASN1_METHOD *ameth;
-		e->pkey_asn1_meths(e, &ameth, NULL, nid);
-		if (((int)strlen(ameth->pem_str) == lk->len) &&
-		    !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
-			lk->e = e;
-			lk->ameth = ameth;
-			return;
-		}
-	}
-}
-
-const EVP_PKEY_ASN1_METHOD *
-ENGINE_pkey_asn1_find_str(ENGINE **pe, const char *str, int len)
-{
-	ENGINE_FIND_STR fstr;
-
-	fstr.e = NULL;
-	fstr.ameth = NULL;
-	fstr.str = str;
-	fstr.len = len;
-	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-	engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
-	/* If found obtain a structural reference to engine */
-	if (fstr.e) {
-		fstr.e->struct_ref++;
-		engine_ref_debug(fstr.e, 0, 1)
-	}
-	*pe = fstr.e;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
-	return fstr.ameth;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_cipher.c b/lib/libssl/src/crypto/engine/tb_cipher.c
deleted file mode 100644
index a888d7a9584..00000000000
--- a/lib/libssl/src/crypto/engine/tb_cipher.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* $OpenBSD: tb_cipher.c,v 1.7 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_cipher_engine(), the function that
- * is used by EVP to hook in cipher code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_CIPHER_DEBUG */
-
-static ENGINE_TABLE *cipher_table = NULL;
-
-void
-ENGINE_unregister_ciphers(ENGINE *e)
-{
-	engine_table_unregister(&cipher_table, e);
-}
-
-static void
-engine_unregister_all_ciphers(void)
-{
-	engine_table_cleanup(&cipher_table);
-}
-
-int
-ENGINE_register_ciphers(ENGINE *e)
-{
-	if (e->ciphers) {
-		const int *nids;
-		int num_nids = e->ciphers(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&cipher_table,
-			    engine_unregister_all_ciphers, e, nids,
-			    num_nids, 0);
-	}
-	return 1;
-}
-
-void
-ENGINE_register_all_ciphers(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_ciphers(e);
-}
-
-int
-ENGINE_set_default_ciphers(ENGINE *e)
-{
-	if (e->ciphers) {
-		const int *nids;
-		int num_nids = e->ciphers(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&cipher_table,
-			    engine_unregister_all_ciphers, e, nids,
-			    num_nids, 1);
-	}
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given cipher 'nid' */
-ENGINE *
-ENGINE_get_cipher_engine(int nid)
-{
-	return engine_table_select(&cipher_table, nid);
-}
-
-/* Obtains a cipher implementation from an ENGINE functional reference */
-const EVP_CIPHER *
-ENGINE_get_cipher(ENGINE *e, int nid)
-{
-	const EVP_CIPHER *ret;
-	ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
-
-	if (!fn || !fn(e, &ret, NULL, nid)) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER,
-		    ENGINE_R_UNIMPLEMENTED_CIPHER);
-		return NULL;
-	}
-	return ret;
-}
-
-/* Gets the cipher callback from an ENGINE structure */
-ENGINE_CIPHERS_PTR
-ENGINE_get_ciphers(const ENGINE *e)
-{
-	return e->ciphers;
-}
-
-/* Sets the cipher callback in an ENGINE structure */
-int
-ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
-{
-	e->ciphers = f;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_dh.c b/lib/libssl/src/crypto/engine/tb_dh.c
deleted file mode 100644
index 4f200424e5f..00000000000
--- a/lib/libssl/src/crypto/engine/tb_dh.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_dh.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DH(), the function that is
- * used by DH to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DH_DEBUG */
-
-static ENGINE_TABLE *dh_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_DH(ENGINE *e)
-{
-	engine_table_unregister(&dh_table, e);
-}
-
-static void
-engine_unregister_all_DH(void)
-{
-	engine_table_cleanup(&dh_table);
-}
-
-int
-ENGINE_register_DH(ENGINE *e)
-{
-	if (e->dh_meth)
-		return engine_table_register(&dh_table,
-		    engine_unregister_all_DH, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_DH(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_DH(e);
-}
-
-int
-ENGINE_set_default_DH(ENGINE *e)
-{
-	if (e->dh_meth)
-		return engine_table_register(&dh_table,
-		    engine_unregister_all_DH, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_DH(void)
-{
-	return engine_table_select(&dh_table, dummy_nid);
-}
-
-/* Obtains an DH implementation from an ENGINE functional reference */
-const DH_METHOD *
-ENGINE_get_DH(const ENGINE *e)
-{
-	return e->dh_meth;
-}
-
-/* Sets an DH implementation in an ENGINE structure */
-int
-ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
-{
-	e->dh_meth = dh_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_digest.c b/lib/libssl/src/crypto/engine/tb_digest.c
deleted file mode 100644
index f7720d39e70..00000000000
--- a/lib/libssl/src/crypto/engine/tb_digest.c
+++ /dev/null
@@ -1,153 +0,0 @@
-/* $OpenBSD: tb_digest.c,v 1.7 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_digest_engine(), the function that
- * is used by EVP to hook in digest code and cache defaults (etc), will display
- * brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DIGEST_DEBUG */
-
-static ENGINE_TABLE *digest_table = NULL;
-
-void
-ENGINE_unregister_digests(ENGINE *e)
-{
-	engine_table_unregister(&digest_table, e);
-}
-
-static void
-engine_unregister_all_digests(void)
-{
-	engine_table_cleanup(&digest_table);
-}
-
-int
-ENGINE_register_digests(ENGINE *e)
-{
-	if (e->digests) {
-		const int *nids;
-		int num_nids = e->digests(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&digest_table,
-			    engine_unregister_all_digests, e, nids,
-			    num_nids, 0);
-	}
-	return 1;
-}
-
-void
-ENGINE_register_all_digests(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_digests(e);
-}
-
-int
-ENGINE_set_default_digests(ENGINE *e)
-{
-	if (e->digests) {
-		const int *nids;
-		int num_nids = e->digests(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&digest_table,
-			    engine_unregister_all_digests, e, nids,
-			    num_nids, 1);
-	}
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given digest 'nid' */
-ENGINE *
-ENGINE_get_digest_engine(int nid)
-{
-	return engine_table_select(&digest_table, nid);
-}
-
-/* Obtains a digest implementation from an ENGINE functional reference */
-const EVP_MD *
-ENGINE_get_digest(ENGINE *e, int nid)
-{
-	const EVP_MD *ret;
-	ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
-
-	if (!fn || !fn(e, &ret, NULL, nid)) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST,
-		    ENGINE_R_UNIMPLEMENTED_DIGEST);
-		return NULL;
-	}
-	return ret;
-}
-
-/* Gets the digest callback from an ENGINE structure */
-ENGINE_DIGESTS_PTR
-ENGINE_get_digests(const ENGINE *e)
-{
-	return e->digests;
-}
-
-/* Sets the digest callback in an ENGINE structure */
-int
-ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
-{
-	e->digests = f;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_dsa.c b/lib/libssl/src/crypto/engine/tb_dsa.c
deleted file mode 100644
index 23e92361073..00000000000
--- a/lib/libssl/src/crypto/engine/tb_dsa.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_dsa.c,v 1.7 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_DSA(), the function that is
- * used by DSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_DSA_DEBUG */
-
-static ENGINE_TABLE *dsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_DSA(ENGINE *e)
-{
-	engine_table_unregister(&dsa_table, e);
-}
-
-static void
-engine_unregister_all_DSA(void)
-{
-	engine_table_cleanup(&dsa_table);
-}
-
-int
-ENGINE_register_DSA(ENGINE *e)
-{
-	if (e->dsa_meth)
-		return engine_table_register(&dsa_table,
-		    engine_unregister_all_DSA, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_DSA(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_DSA(e);
-}
-
-int
-ENGINE_set_default_DSA(ENGINE *e)
-{
-	if (e->dsa_meth)
-		return engine_table_register(&dsa_table,
-		    engine_unregister_all_DSA, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_DSA(void)
-{
-	return engine_table_select(&dsa_table, dummy_nid);
-}
-
-/* Obtains an DSA implementation from an ENGINE functional reference */
-const DSA_METHOD *
-ENGINE_get_DSA(const ENGINE *e)
-{
-	return e->dsa_meth;
-}
-
-/* Sets an DSA implementation in an ENGINE structure */
-int
-ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
-{
-	e->dsa_meth = dsa_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_ecdh.c b/lib/libssl/src/crypto/engine/tb_ecdh.c
deleted file mode 100644
index a67877addde..00000000000
--- a/lib/libssl/src/crypto/engine/tb_ecdh.c
+++ /dev/null
@@ -1,141 +0,0 @@
-/* $OpenBSD: tb_ecdh.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH engine software is originally written by Nils Gura and
- * Douglas Stebila of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_ECDH(), the function that is
- * used by ECDH to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_ECDH_DEBUG */
-
-static ENGINE_TABLE *ecdh_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_ECDH(ENGINE *e)
-{
-	engine_table_unregister(&ecdh_table, e);
-}
-
-static void
-engine_unregister_all_ECDH(void)
-{
-	engine_table_cleanup(&ecdh_table);
-}
-
-int
-ENGINE_register_ECDH(ENGINE *e)
-{
-	if (e->ecdh_meth)
-		return engine_table_register(&ecdh_table,
-		    engine_unregister_all_ECDH, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_ECDH(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_ECDH(e);
-}
-
-int
-ENGINE_set_default_ECDH(ENGINE *e)
-{
-	if (e->ecdh_meth)
-		return engine_table_register(&ecdh_table,
-		    engine_unregister_all_ECDH, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_ECDH(void)
-{
-	return engine_table_select(&ecdh_table, dummy_nid);
-}
-
-/* Obtains an ECDH implementation from an ENGINE functional reference */
-const ECDH_METHOD *
-ENGINE_get_ECDH(const ENGINE *e)
-{
-	return e->ecdh_meth;
-}
-
-/* Sets an ECDH implementation in an ENGINE structure */
-int
-ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth)
-{
-	e->ecdh_meth = ecdh_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_ecdsa.c b/lib/libssl/src/crypto/engine/tb_ecdsa.c
deleted file mode 100644
index 226b76e185f..00000000000
--- a/lib/libssl/src/crypto/engine/tb_ecdsa.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_ecdsa.c,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_ECDSA(), the function that is
- * used by ECDSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_ECDSA_DEBUG */
-
-static ENGINE_TABLE *ecdsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_ECDSA(ENGINE *e)
-{
-	engine_table_unregister(&ecdsa_table, e);
-}
-
-static void
-engine_unregister_all_ECDSA(void)
-{
-	engine_table_cleanup(&ecdsa_table);
-}
-
-int
-ENGINE_register_ECDSA(ENGINE *e)
-{
-	if (e->ecdsa_meth)
-		return engine_table_register(&ecdsa_table,
-		    engine_unregister_all_ECDSA, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_ECDSA(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_ECDSA(e);
-}
-
-int
-ENGINE_set_default_ECDSA(ENGINE *e)
-{
-	if (e->ecdsa_meth)
-		return engine_table_register(&ecdsa_table,
-		    engine_unregister_all_ECDSA, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_ECDSA(void)
-{
-	return engine_table_select(&ecdsa_table, dummy_nid);
-}
-
-/* Obtains an ECDSA implementation from an ENGINE functional reference */
-const ECDSA_METHOD *
-ENGINE_get_ECDSA(const ENGINE *e)
-{
-	return e->ecdsa_meth;
-}
-
-/* Sets an ECDSA implementation in an ENGINE structure */
-int
-ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth)
-{
-	e->ecdsa_meth = ecdsa_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_pkmeth.c b/lib/libssl/src/crypto/engine/tb_pkmeth.c
deleted file mode 100644
index 38404342628..00000000000
--- a/lib/libssl/src/crypto/engine/tb_pkmeth.c
+++ /dev/null
@@ -1,176 +0,0 @@
-/* $OpenBSD: tb_pkmeth.c,v 1.5 2015/02/11 03:19:37 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-
-#include "eng_int.h"
-#include <openssl/evp.h>
-
-/* If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
- * that is used by EVP to hook in pkey_meth code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_PKEY_METH_DEBUG */
-
-static ENGINE_TABLE *pkey_meth_table = NULL;
-
-void
-ENGINE_unregister_pkey_meths(ENGINE *e)
-{
-	engine_table_unregister(&pkey_meth_table, e);
-}
-
-static void
-engine_unregister_all_pkey_meths(void)
-{
-	engine_table_cleanup(&pkey_meth_table);
-}
-
-int
-ENGINE_register_pkey_meths(ENGINE *e)
-{
-	if (e->pkey_meths) {
-		const int *nids;
-		int num_nids = e->pkey_meths(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&pkey_meth_table,
-			    engine_unregister_all_pkey_meths, e, nids,
-			    num_nids, 0);
-	}
-	return 1;
-}
-
-void
-ENGINE_register_all_pkey_meths(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_pkey_meths(e);
-}
-
-int
-ENGINE_set_default_pkey_meths(ENGINE *e)
-{
-	if (e->pkey_meths) {
-		const int *nids;
-		int num_nids = e->pkey_meths(e, NULL, &nids, 0);
-		if (num_nids > 0)
-			return engine_table_register(&pkey_meth_table,
-			    engine_unregister_all_pkey_meths, e, nids,
-			    num_nids, 1);
-	}
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references) for a given pkey_meth 'nid' */
-ENGINE *
-ENGINE_get_pkey_meth_engine(int nid)
-{
-	return engine_table_select(&pkey_meth_table, nid);
-}
-
-/* Obtains a pkey_meth implementation from an ENGINE functional reference */
-const EVP_PKEY_METHOD *
-ENGINE_get_pkey_meth(ENGINE *e, int nid)
-{
-	EVP_PKEY_METHOD *ret;
-	ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
-
-	if (!fn || !fn(e, &ret, NULL, nid)) {
-		ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH,
-		    ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
-		return NULL;
-	}
-	return ret;
-}
-
-/* Gets the pkey_meth callback from an ENGINE structure */
-ENGINE_PKEY_METHS_PTR
-ENGINE_get_pkey_meths(const ENGINE *e)
-{
-	return e->pkey_meths;
-}
-
-/* Sets the pkey_meth callback in an ENGINE structure */
-int
-ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
-{
-	e->pkey_meths = f;
-	return 1;
-}
-
-/* Internal function to free up EVP_PKEY_METHOD structures before an
- * ENGINE is destroyed
- */
-
-void
-engine_pkey_meths_free(ENGINE *e)
-{
-	int i;
-	EVP_PKEY_METHOD *pkm;
-
-	if (e->pkey_meths) {
-		const int *pknids;
-		int npknids;
-		npknids = e->pkey_meths(e, NULL, &pknids, 0);
-		for (i = 0; i < npknids; i++) {
-			if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
-				EVP_PKEY_meth_free(pkm);
-			}
-		}
-	}
-}
diff --git a/lib/libssl/src/crypto/engine/tb_rand.c b/lib/libssl/src/crypto/engine/tb_rand.c
deleted file mode 100644
index cc61da747c6..00000000000
--- a/lib/libssl/src/crypto/engine/tb_rand.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_rand.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RAND(), the function that is
- * used by RAND to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RAND_DEBUG */
-
-static ENGINE_TABLE *rand_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_RAND(ENGINE *e)
-{
-	engine_table_unregister(&rand_table, e);
-}
-
-static void
-engine_unregister_all_RAND(void)
-{
-	engine_table_cleanup(&rand_table);
-}
-
-int
-ENGINE_register_RAND(ENGINE *e)
-{
-	if (e->rand_meth)
-		return engine_table_register(&rand_table,
-		    engine_unregister_all_RAND, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_RAND(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_RAND(e);
-}
-
-int
-ENGINE_set_default_RAND(ENGINE *e)
-{
-	if (e->rand_meth)
-		return engine_table_register(&rand_table,
-		    engine_unregister_all_RAND, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_RAND(void)
-{
-	return engine_table_select(&rand_table, dummy_nid);
-}
-
-/* Obtains an RAND implementation from an ENGINE functional reference */
-const RAND_METHOD *
-ENGINE_get_RAND(const ENGINE *e)
-{
-	return e->rand_meth;
-}
-
-/* Sets an RAND implementation in an ENGINE structure */
-int
-ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
-{
-	e->rand_meth = rand_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_rsa.c b/lib/libssl/src/crypto/engine/tb_rsa.c
deleted file mode 100644
index 52ee8889a0a..00000000000
--- a/lib/libssl/src/crypto/engine/tb_rsa.c
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: tb_rsa.c,v 1.6 2014/06/12 15:49:29 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_RSA(), the function that is
- * used by RSA to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_RSA_DEBUG */
-
-static ENGINE_TABLE *rsa_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_RSA(ENGINE *e)
-{
-	engine_table_unregister(&rsa_table, e);
-}
-
-static void
-engine_unregister_all_RSA(void)
-{
-	engine_table_cleanup(&rsa_table);
-}
-
-int
-ENGINE_register_RSA(ENGINE *e)
-{
-	if (e->rsa_meth)
-		return engine_table_register(&rsa_table,
-		    engine_unregister_all_RSA, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_RSA(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_RSA(e);
-}
-
-int
-ENGINE_set_default_RSA(ENGINE *e)
-{
-	if (e->rsa_meth)
-		return engine_table_register(&rsa_table,
-		    engine_unregister_all_RSA, e, &dummy_nid, 1, 1);
-	return 1;
-}
-
-/* Exposed API function to get a functional reference from the implementation
- * table (ie. try to get a functional reference from the tabled structural
- * references). */
-ENGINE *
-ENGINE_get_default_RSA(void)
-{
-	return engine_table_select(&rsa_table, dummy_nid);
-}
-
-/* Obtains an RSA implementation from an ENGINE functional reference */
-const RSA_METHOD *
-ENGINE_get_RSA(const ENGINE *e)
-{
-	return e->rsa_meth;
-}
-
-/* Sets an RSA implementation in an ENGINE structure */
-int
-ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
-{
-	e->rsa_meth = rsa_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/engine/tb_store.c b/lib/libssl/src/crypto/engine/tb_store.c
deleted file mode 100644
index e9ad11ab017..00000000000
--- a/lib/libssl/src/crypto/engine/tb_store.c
+++ /dev/null
@@ -1,109 +0,0 @@
-/* $OpenBSD: tb_store.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "eng_int.h"
-
-/* If this symbol is defined then ENGINE_get_default_STORE(), the function that is
- * used by STORE to hook in implementation code and cache defaults (etc), will
- * display brief debugging summaries to stderr with the 'nid'. */
-/* #define ENGINE_STORE_DEBUG */
-
-static ENGINE_TABLE *store_table = NULL;
-static const int dummy_nid = 1;
-
-void
-ENGINE_unregister_STORE(ENGINE *e)
-{
-	engine_table_unregister(&store_table, e);
-}
-
-static void
-engine_unregister_all_STORE(void)
-{
-	engine_table_cleanup(&store_table);
-}
-
-int
-ENGINE_register_STORE(ENGINE *e)
-{
-	if (e->store_meth)
-		return engine_table_register(&store_table,
-		    engine_unregister_all_STORE, e, &dummy_nid, 1, 0);
-	return 1;
-}
-
-void
-ENGINE_register_all_STORE(void)
-{
-	ENGINE *e;
-
-	for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
-		ENGINE_register_STORE(e);
-}
-
-/* Obtains an STORE implementation from an ENGINE functional reference */
-const STORE_METHOD *
-ENGINE_get_STORE(const ENGINE *e)
-{
-	return e->store_meth;
-}
-
-/* Sets an STORE implementation in an ENGINE structure */
-int
-ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth)
-{
-	e->store_meth = store_meth;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/err/err.c b/lib/libssl/src/crypto/err/err.c
deleted file mode 100644
index f06320247cc..00000000000
--- a/lib/libssl/src/crypto/err/err.c
+++ /dev/null
@@ -1,1156 +0,0 @@
-/* $OpenBSD: err.c,v 1.41 2014/11/09 19:17:13 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-
-DECLARE_LHASH_OF(ERR_STRING_DATA);
-DECLARE_LHASH_OF(ERR_STATE);
-
-static void err_load_strings(int lib, ERR_STRING_DATA *str);
-
-static void ERR_STATE_free(ERR_STATE *s);
-#ifndef OPENSSL_NO_ERR
-static ERR_STRING_DATA ERR_str_libraries[] = {
-	{ERR_PACK(ERR_LIB_NONE,0,0),		"unknown library"},
-	{ERR_PACK(ERR_LIB_SYS,0,0),		"system library"},
-	{ERR_PACK(ERR_LIB_BN,0,0),		"bignum routines"},
-	{ERR_PACK(ERR_LIB_RSA,0,0),		"rsa routines"},
-	{ERR_PACK(ERR_LIB_DH,0,0),		"Diffie-Hellman routines"},
-	{ERR_PACK(ERR_LIB_EVP,0,0),		"digital envelope routines"},
-	{ERR_PACK(ERR_LIB_BUF,0,0),		"memory buffer routines"},
-	{ERR_PACK(ERR_LIB_OBJ,0,0),		"object identifier routines"},
-	{ERR_PACK(ERR_LIB_PEM,0,0),		"PEM routines"},
-	{ERR_PACK(ERR_LIB_DSA,0,0),		"dsa routines"},
-	{ERR_PACK(ERR_LIB_X509,0,0),		"x509 certificate routines"},
-	{ERR_PACK(ERR_LIB_ASN1,0,0),		"asn1 encoding routines"},
-	{ERR_PACK(ERR_LIB_CONF,0,0),		"configuration file routines"},
-	{ERR_PACK(ERR_LIB_CRYPTO,0,0),		"common libcrypto routines"},
-	{ERR_PACK(ERR_LIB_EC,0,0),		"elliptic curve routines"},
-	{ERR_PACK(ERR_LIB_SSL,0,0),		"SSL routines"},
-	{ERR_PACK(ERR_LIB_BIO,0,0),		"BIO routines"},
-	{ERR_PACK(ERR_LIB_PKCS7,0,0),		"PKCS7 routines"},
-	{ERR_PACK(ERR_LIB_X509V3,0,0),		"X509 V3 routines"},
-	{ERR_PACK(ERR_LIB_PKCS12,0,0),		"PKCS12 routines"},
-	{ERR_PACK(ERR_LIB_RAND,0,0),		"random number generator"},
-	{ERR_PACK(ERR_LIB_DSO,0,0),		"DSO support routines"},
-	{ERR_PACK(ERR_LIB_TS,0,0),		"time stamp routines"},
-	{ERR_PACK(ERR_LIB_ENGINE,0,0),		"engine routines"},
-	{ERR_PACK(ERR_LIB_OCSP,0,0),		"OCSP routines"},
-	{ERR_PACK(ERR_LIB_FIPS,0,0),		"FIPS routines"},
-	{ERR_PACK(ERR_LIB_CMS,0,0),		"CMS routines"},
-	{ERR_PACK(ERR_LIB_HMAC,0,0),		"HMAC routines"},
-	{ERR_PACK(ERR_LIB_GOST,0,0),		"GOST routines"},
-	{0, NULL},
-};
-
-static ERR_STRING_DATA ERR_str_functs[] = {
-	{ERR_PACK(0,SYS_F_FOPEN, 0),     	"fopen"},
-	{ERR_PACK(0,SYS_F_CONNECT, 0),		"connect"},
-	{ERR_PACK(0,SYS_F_GETSERVBYNAME, 0),	"getservbyname"},
-	{ERR_PACK(0,SYS_F_SOCKET, 0),		"socket"},
-	{ERR_PACK(0,SYS_F_IOCTLSOCKET, 0),	"ioctl"},
-	{ERR_PACK(0,SYS_F_BIND, 0),		"bind"},
-	{ERR_PACK(0,SYS_F_LISTEN, 0),		"listen"},
-	{ERR_PACK(0,SYS_F_ACCEPT, 0),		"accept"},
-	{ERR_PACK(0,SYS_F_OPENDIR, 0),		"opendir"},
-	{ERR_PACK(0,SYS_F_FREAD, 0),		"fread"},
-	{0, NULL},
-};
-
-static ERR_STRING_DATA ERR_str_reasons[] = {
-	{ERR_R_SYS_LIB,				"system lib"},
-	{ERR_R_BN_LIB,				"BN lib"},
-	{ERR_R_RSA_LIB,				"RSA lib"},
-	{ERR_R_DH_LIB,				"DH lib"},
-	{ERR_R_EVP_LIB,				"EVP lib"},
-	{ERR_R_BUF_LIB,				"BUF lib"},
-	{ERR_R_OBJ_LIB,				"OBJ lib"},
-	{ERR_R_PEM_LIB,				"PEM lib"},
-	{ERR_R_DSA_LIB,				"DSA lib"},
-	{ERR_R_X509_LIB,			"X509 lib"},
-	{ERR_R_ASN1_LIB,			"ASN1 lib"},
-	{ERR_R_CONF_LIB,			"CONF lib"},
-	{ERR_R_CRYPTO_LIB,			"CRYPTO lib"},
-	{ERR_R_EC_LIB,				"EC lib"},
-	{ERR_R_SSL_LIB,				"SSL lib"},
-	{ERR_R_BIO_LIB,				"BIO lib"},
-	{ERR_R_PKCS7_LIB,			"PKCS7 lib"},
-	{ERR_R_X509V3_LIB,			"X509V3 lib"},
-	{ERR_R_PKCS12_LIB,			"PKCS12 lib"},
-	{ERR_R_RAND_LIB,			"RAND lib"},
-	{ERR_R_DSO_LIB,				"DSO lib"},
-	{ERR_R_ENGINE_LIB,			"ENGINE lib"},
-	{ERR_R_OCSP_LIB,			"OCSP lib"},
-	{ERR_R_TS_LIB,				"TS lib"},
-
-	{ERR_R_NESTED_ASN1_ERROR,		"nested asn1 error"},
-	{ERR_R_BAD_ASN1_OBJECT_HEADER,		"bad asn1 object header"},
-	{ERR_R_BAD_GET_ASN1_OBJECT_CALL,	"bad get asn1 object call"},
-	{ERR_R_EXPECTING_AN_ASN1_SEQUENCE,	"expecting an asn1 sequence"},
-	{ERR_R_ASN1_LENGTH_MISMATCH,		"asn1 length mismatch"},
-	{ERR_R_MISSING_ASN1_EOS,		"missing asn1 eos"},
-
-	{ERR_R_FATAL,				"fatal"},
-	{ERR_R_MALLOC_FAILURE,			"malloc failure"},
-	{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,	"called a function you should not call"},
-	{ERR_R_PASSED_NULL_PARAMETER,		"passed a null parameter"},
-	{ERR_R_INTERNAL_ERROR,			"internal error"},
-	{ERR_R_DISABLED	,			"called a function that was disabled at compile-time"},
-
-	{0, NULL},
-};
-#endif
-
-
-/* Define the predeclared (but externally opaque) "ERR_FNS" type */
-struct st_ERR_FNS {
-	/* Works on the "error_hash" string table */
-	LHASH_OF(ERR_STRING_DATA) *(*cb_err_get)(int create);
-	void (*cb_err_del)(void);
-	ERR_STRING_DATA *(*cb_err_get_item)(const ERR_STRING_DATA *);
-	ERR_STRING_DATA *(*cb_err_set_item)(ERR_STRING_DATA *);
-	ERR_STRING_DATA *(*cb_err_del_item)(ERR_STRING_DATA *);
-	/* Works on the "thread_hash" error-state table */
-	LHASH_OF(ERR_STATE) *(*cb_thread_get)(int create);
-	void (*cb_thread_release)(LHASH_OF(ERR_STATE) **hash);
-	ERR_STATE *(*cb_thread_get_item)(const ERR_STATE *);
-	ERR_STATE *(*cb_thread_set_item)(ERR_STATE *);
-	void (*cb_thread_del_item)(const ERR_STATE *);
-	/* Returns the next available error "library" numbers */
-	int (*cb_get_next_lib)(void);
-};
-
-/* Predeclarations of the "err_defaults" functions */
-static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create);
-static void int_err_del(void);
-static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
-static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
-static LHASH_OF(ERR_STATE) *int_thread_get(int create);
-static void int_thread_release(LHASH_OF(ERR_STATE) **hash);
-static ERR_STATE *int_thread_get_item(const ERR_STATE *);
-static ERR_STATE *int_thread_set_item(ERR_STATE *);
-static void int_thread_del_item(const ERR_STATE *);
-static int int_err_get_next_lib(void);
-
-/* The static ERR_FNS table using these defaults functions */
-static const ERR_FNS err_defaults = {
-	int_err_get,
-	int_err_del,
-	int_err_get_item,
-	int_err_set_item,
-	int_err_del_item,
-	int_thread_get,
-	int_thread_release,
-	int_thread_get_item,
-	int_thread_set_item,
-	int_thread_del_item,
-	int_err_get_next_lib
-};
-
-/* The replacable table of ERR_FNS functions we use at run-time */
-static const ERR_FNS *err_fns = NULL;
-
-/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */
-#define ERRFN(a) err_fns->cb_##a
-
-/* The internal state used by "err_defaults" - as such, the setting, reading,
- * creating, and deleting of this data should only be permitted via the
- * "err_defaults" functions. This way, a linked module can completely defer all
- * ERR state operation (together with requisite locking) to the implementations
- * and state in the loading application. */
-static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL;
-static LHASH_OF(ERR_STATE) *int_thread_hash = NULL;
-static int int_thread_hash_references = 0;
-static int int_err_library_number = ERR_LIB_USER;
-
-/* Internal function that checks whether "err_fns" is set and if not, sets it to
- * the defaults. */
-static void
-err_fns_check(void)
-{
-	if (err_fns)
-		return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!err_fns)
-		err_fns = &err_defaults;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-
-/* API functions to get or set the underlying ERR functions. */
-
-const ERR_FNS *
-ERR_get_implementation(void)
-{
-	err_fns_check();
-	return err_fns;
-}
-
-int
-ERR_set_implementation(const ERR_FNS *fns)
-{
-	int ret = 0;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	/* It's too late if 'err_fns' is non-NULL. BTW: not much point setting
-	 * an error is there?! */
-	if (!err_fns) {
-		err_fns = fns;
-		ret = 1;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	return ret;
-}
-
-/* These are the callbacks provided to "lh_new()" when creating the LHASH tables
- * internal to the "err_defaults" implementation. */
-
-static unsigned long get_error_values(int inc, int top, const char **file,
-    int *line, const char **data, int *flags);
-
-/* The internal functions used in the "err_defaults" implementation */
-
-static unsigned long
-err_string_data_hash(const ERR_STRING_DATA *a)
-{
-	unsigned long ret, l;
-
-	l = a->error;
-	ret = l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
-	return (ret^ret % 19*13);
-}
-static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA)
-
-static int
-err_string_data_cmp(const ERR_STRING_DATA *a, const ERR_STRING_DATA *b)
-{
-	return (int)(a->error - b->error);
-}
-static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA)
-
-static
-LHASH_OF(ERR_STRING_DATA) *int_err_get(int create)
-{
-	LHASH_OF(ERR_STRING_DATA) *ret = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!int_error_hash && create) {
-		CRYPTO_push_info("int_err_get (err.c)");
-		int_error_hash = lh_ERR_STRING_DATA_new();
-		CRYPTO_pop_info();
-	}
-	if (int_error_hash)
-		ret = int_error_hash;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return ret;
-}
-
-static void
-int_err_del(void)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (int_error_hash) {
-		lh_ERR_STRING_DATA_free(int_error_hash);
-		int_error_hash = NULL;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-
-static ERR_STRING_DATA *
-int_err_get_item(const ERR_STRING_DATA *d)
-{
-	ERR_STRING_DATA *p;
-	LHASH_OF(ERR_STRING_DATA) *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STRING_DATA_retrieve(hash, d);
-	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-}
-
-static ERR_STRING_DATA *
-int_err_set_item(ERR_STRING_DATA *d)
-{
-	ERR_STRING_DATA *p;
-	LHASH_OF(ERR_STRING_DATA) *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(1);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STRING_DATA_insert(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-}
-
-static ERR_STRING_DATA *
-int_err_del_item(ERR_STRING_DATA *d)
-{
-	ERR_STRING_DATA *p;
-	LHASH_OF(ERR_STRING_DATA) *hash;
-
-	err_fns_check();
-	hash = ERRFN(err_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STRING_DATA_delete(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return p;
-}
-
-static unsigned long
-err_state_hash(const ERR_STATE *a)
-{
-	return CRYPTO_THREADID_hash(&a->tid) * 13;
-}
-static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE)
-
-static int
-err_state_cmp(const ERR_STATE *a, const ERR_STATE *b)
-{
-	return CRYPTO_THREADID_cmp(&a->tid, &b->tid);
-}
-static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE)
-
-static
-LHASH_OF(ERR_STATE) *int_thread_get(int create)
-{
-	LHASH_OF(ERR_STATE) *ret = NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!int_thread_hash && create) {
-		CRYPTO_push_info("int_thread_get (err.c)");
-		int_thread_hash = lh_ERR_STATE_new();
-		CRYPTO_pop_info();
-	}
-	if (int_thread_hash) {
-		int_thread_hash_references++;
-		ret = int_thread_hash;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-	return ret;
-}
-
-static void
-int_thread_release(LHASH_OF(ERR_STATE) **hash)
-{
-	int i;
-
-	if (hash == NULL || *hash == NULL)
-		return;
-
-	i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR);
-	if (i > 0)
-		return;
-
-	*hash = NULL;
-}
-
-static ERR_STATE *
-int_thread_get_item(const ERR_STATE *d)
-{
-	ERR_STATE *p;
-	LHASH_OF(ERR_STATE) *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(0);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STATE_retrieve(hash, d);
-	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-
-	ERRFN(thread_release)(&hash);
-	return p;
-}
-
-static ERR_STATE *
-int_thread_set_item(ERR_STATE *d)
-{
-	ERR_STATE *p;
-	LHASH_OF(ERR_STATE) *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(1);
-	if (!hash)
-		return NULL;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STATE_insert(hash, d);
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	ERRFN(thread_release)(&hash);
-	return p;
-}
-
-static void
-int_thread_del_item(const ERR_STATE *d)
-{
-	ERR_STATE *p;
-	LHASH_OF(ERR_STATE) *hash;
-
-	err_fns_check();
-	hash = ERRFN(thread_get)(0);
-	if (!hash)
-		return;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	p = lh_ERR_STATE_delete(hash, d);
-	/* make sure we don't leak memory */
-	if (int_thread_hash_references == 1 &&
-	    int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0) {
-		lh_ERR_STATE_free(int_thread_hash);
-		int_thread_hash = NULL;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	ERRFN(thread_release)(&hash);
-	if (p)
-		ERR_STATE_free(p);
-}
-
-static int
-int_err_get_next_lib(void)
-{
-	int ret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	ret = int_err_library_number++;
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-
-	return ret;
-}
-
-
-#ifndef OPENSSL_NO_ERR
-#define NUM_SYS_STR_REASONS 127
-#define LEN_SYS_STR_REASON 32
-
-static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
-/* SYS_str_reasons is filled with copies of strerror() results at
- * initialization.
- * 'errno' values up to 127 should cover all usual errors,
- * others will be displayed numerically by ERR_error_string.
- * It is crucial that we have something for each reason code
- * that occurs in ERR_str_reasons, or bogus reason strings
- * will be returned for SYSerr(), which always gets an errno
- * value and never one of those 'standard' reason codes. */
-
-static void
-build_SYS_str_reasons(void)
-{
-	/* malloc cannot be used here, use static storage instead */
-	static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
-	int i;
-	static int init = 1;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_ERR);
-	if (!init) {
-		CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-		return;
-	}
-
-	CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
-	CRYPTO_w_lock(CRYPTO_LOCK_ERR);
-	if (!init) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-		return;
-	}
-
-	for (i = 1; i <= NUM_SYS_STR_REASONS; i++) {
-		ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
-
-		str->error = (unsigned long)i;
-		if (str->string == NULL) {
-			char (*dest)[LEN_SYS_STR_REASON] =
-			    &(strerror_tab[i - 1]);
-			const char *src = strerror(i);
-			if (src != NULL) {
-				strlcpy(*dest, src, sizeof *dest);
-				str->string = *dest;
-			}
-		}
-		if (str->string == NULL)
-			str->string = "unknown";
-	}
-
-	/* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL},
-	 * as required by ERR_load_strings. */
-
-	init = 0;
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
-}
-#endif
-
-#define err_clear_data(p,i) \
-	do { \
-		if (((p)->err_data[i] != NULL) && \
-		    (p)->err_data_flags[i] & ERR_TXT_MALLOCED) { \
-			free((p)->err_data[i]); \
-			(p)->err_data[i] = NULL; \
-		} \
-		(p)->err_data_flags[i] = 0; \
-	} while(0)
-
-#define err_clear(p,i) \
-	do { \
-		(p)->err_flags[i] = 0; \
-		(p)->err_buffer[i] = 0; \
-		err_clear_data(p, i); \
-		(p)->err_file[i] = NULL; \
-		(p)->err_line[i] = -1; \
-	} while(0)
-
-static void
-ERR_STATE_free(ERR_STATE *s)
-{
-	int i;
-
-	if (s == NULL)
-		return;
-
-	for (i = 0; i < ERR_NUM_ERRORS; i++) {
-		err_clear_data(s, i);
-	}
-	free(s);
-}
-
-void
-ERR_load_ERR_strings(void)
-{
-	err_fns_check();
-#ifndef OPENSSL_NO_ERR
-	err_load_strings(0, ERR_str_libraries);
-	err_load_strings(0, ERR_str_reasons);
-	err_load_strings(ERR_LIB_SYS, ERR_str_functs);
-	build_SYS_str_reasons();
-	err_load_strings(ERR_LIB_SYS, SYS_str_reasons);
-#endif
-}
-
-static void
-err_load_strings(int lib, ERR_STRING_DATA *str)
-{
-	while (str->error) {
-		if (lib)
-			str->error |= ERR_PACK(lib, 0, 0);
-		ERRFN(err_set_item)(str);
-		str++;
-	}
-}
-
-void
-ERR_load_strings(int lib, ERR_STRING_DATA *str)
-{
-	ERR_load_ERR_strings();
-	err_load_strings(lib, str);
-}
-
-void
-ERR_unload_strings(int lib, ERR_STRING_DATA *str)
-{
-	while (str->error) {
-		if (lib)
-			str->error |= ERR_PACK(lib, 0, 0);
-		ERRFN(err_del_item)(str);
-		str++;
-	}
-}
-
-void
-ERR_free_strings(void)
-{
-	err_fns_check();
-	ERRFN(err_del)();
-}
-
-/********************************************************/
-
-void
-ERR_put_error(int lib, int func, int reason, const char *file, int line)
-{
-	ERR_STATE *es;
-	int save_errno = errno;
-
-	es = ERR_get_state();
-
-	es->top = (es->top + 1) % ERR_NUM_ERRORS;
-	if (es->top == es->bottom)
-		es->bottom = (es->bottom + 1) % ERR_NUM_ERRORS;
-	es->err_flags[es->top] = 0;
-	es->err_buffer[es->top] = ERR_PACK(lib, func, reason);
-	es->err_file[es->top] = file;
-	es->err_line[es->top] = line;
-	err_clear_data(es, es->top);
-	errno = save_errno;
-}
-
-void
-ERR_clear_error(void)
-{
-	int i;
-	ERR_STATE *es;
-
-	es = ERR_get_state();
-
-	for (i = 0; i < ERR_NUM_ERRORS; i++) {
-		err_clear(es, i);
-	}
-	es->top = es->bottom = 0;
-}
-
-
-unsigned long
-ERR_get_error(void)
-{
-	return (get_error_values(1, 0, NULL, NULL, NULL, NULL));
-}
-
-unsigned long
-ERR_get_error_line(const char **file, int *line)
-{
-	return (get_error_values(1, 0, file, line, NULL, NULL));
-}
-
-unsigned long
-ERR_get_error_line_data(const char **file, int *line,
-    const char **data, int *flags)
-{
-	return (get_error_values(1, 0, file, line, data, flags));
-}
-
-
-unsigned long
-ERR_peek_error(void)
-{
-	return (get_error_values(0, 0, NULL, NULL, NULL, NULL));
-}
-
-unsigned long
-ERR_peek_error_line(const char **file, int *line)
-{
-	return (get_error_values(0, 0, file, line, NULL, NULL));
-}
-
-unsigned long
-ERR_peek_error_line_data(const char **file, int *line,
-    const char **data, int *flags)
-{
-	return (get_error_values(0, 0, file, line, data, flags));
-}
-
-unsigned long
-ERR_peek_last_error(void)
-{
-	return (get_error_values(0, 1, NULL, NULL, NULL, NULL));
-}
-
-unsigned long
-ERR_peek_last_error_line(const char **file, int *line)
-{
-	return (get_error_values(0, 1, file, line, NULL, NULL));
-}
-
-unsigned long
-ERR_peek_last_error_line_data(const char **file, int *line,
-    const char **data, int *flags)
-{
-	return (get_error_values(0, 1, file, line, data, flags));
-}
-
-static unsigned long
-get_error_values(int inc, int top, const char **file, int *line,
-    const char **data, int *flags)
-{
-	int i = 0;
-	ERR_STATE *es;
-	unsigned long ret;
-
-	es = ERR_get_state();
-
-	if (inc && top) {
-		if (file)
-			*file = "";
-		if (line)
-			*line = 0;
-		if (data)
-			*data = "";
-		if (flags)
-			*flags = 0;
-
-		return ERR_R_INTERNAL_ERROR;
-	}
-
-	if (es->bottom == es->top)
-		return 0;
-	if (top)
-		i = es->top;			 /* last error */
-	else
-		i = (es->bottom + 1) % ERR_NUM_ERRORS; /* first error */
-
-	ret = es->err_buffer[i];
-	if (inc) {
-		es->bottom = i;
-		es->err_buffer[i] = 0;
-	}
-
-	if ((file != NULL) && (line != NULL)) {
-		if (es->err_file[i] == NULL) {
-			*file = "NA";
-			if (line != NULL)
-				*line = 0;
-		} else {
-			*file = es->err_file[i];
-			if (line != NULL)
-				*line = es->err_line[i];
-		}
-	}
-
-	if (data == NULL) {
-		if (inc) {
-			err_clear_data(es, i);
-		}
-	} else {
-		if (es->err_data[i] == NULL) {
-			*data = "";
-			if (flags != NULL)
-				*flags = 0;
-		} else {
-			*data = es->err_data[i];
-			if (flags != NULL)
-				*flags = es->err_data_flags[i];
-		}
-	}
-	return ret;
-}
-
-void
-ERR_error_string_n(unsigned long e, char *buf, size_t len)
-{
-	char lsbuf[30], fsbuf[30], rsbuf[30];
-	const char *ls, *fs, *rs;
-	int l, f, r, ret;
-
-	l = ERR_GET_LIB(e);
-	f = ERR_GET_FUNC(e);
-	r = ERR_GET_REASON(e);
-
-	ls = ERR_lib_error_string(e);
-	fs = ERR_func_error_string(e);
-	rs = ERR_reason_error_string(e);
-
-	if (ls == NULL) {
-		(void) snprintf(lsbuf, sizeof(lsbuf), "lib(%d)", l);
-		ls = lsbuf;
-	}
-	if (fs == NULL) {
-		(void) snprintf(fsbuf, sizeof(fsbuf), "func(%d)", f);
-		fs = fsbuf;
-	}
-	if (rs == NULL) {
-		(void) snprintf(rsbuf, sizeof(rsbuf), "reason(%d)", r);
-		rs = rsbuf;
-	}
-
-	ret = snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs);
-	if (ret == -1)
-		return;	/* can't happen, and can't do better if it does */
-	if (ret >= len) {
-		/* output may be truncated; make sure we always have 5
-		 * colon-separated fields, i.e. 4 colons ... */
-#define NUM_COLONS 4
-		if (len > NUM_COLONS) /* ... if possible */
-		{
-			int i;
-			char *s = buf;
-
-			for (i = 0; i < NUM_COLONS; i++) {
-				char *colon = strchr(s, ':');
-				if (colon == NULL ||
-				    colon > &buf[len - 1] - NUM_COLONS + i) {
-					/* set colon no. i at last possible position
-					 * (buf[len-1] is the terminating 0)*/
-					colon = &buf[len - 1] - NUM_COLONS + i;
-					*colon = ':';
-				}
-				s = colon + 1;
-			}
-		}
-	}
-}
-
-/* BAD for multi-threading: uses a local buffer if ret == NULL */
-/* ERR_error_string_n should be used instead for ret != NULL
- * as ERR_error_string cannot know how large the buffer is */
-char *
-ERR_error_string(unsigned long e, char *ret)
-{
-	static char buf[256];
-
-	if (ret == NULL)
-		ret = buf;
-	ERR_error_string_n(e, ret, 256);
-
-	return ret;
-}
-
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
-{
-	err_fns_check();
-	return ERRFN(err_get)(0);
-}
-
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
-{
-	err_fns_check();
-	return ERRFN(thread_get)(0);
-}
-
-void
-ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
-{
-	err_fns_check();
-	ERRFN(thread_release)(hash);
-}
-
-const char *
-ERR_lib_error_string(unsigned long e)
-{
-	ERR_STRING_DATA d, *p;
-	unsigned long l;
-
-	err_fns_check();
-	l = ERR_GET_LIB(e);
-	d.error = ERR_PACK(l, 0, 0);
-	p = ERRFN(err_get_item)(&d);
-	return ((p == NULL) ? NULL : p->string);
-}
-
-const char *
-ERR_func_error_string(unsigned long e)
-{
-	ERR_STRING_DATA d, *p;
-	unsigned long l, f;
-
-	err_fns_check();
-	l = ERR_GET_LIB(e);
-	f = ERR_GET_FUNC(e);
-	d.error = ERR_PACK(l, f, 0);
-	p = ERRFN(err_get_item)(&d);
-	return ((p == NULL) ? NULL : p->string);
-}
-
-const char *
-ERR_reason_error_string(unsigned long e)
-{
-	ERR_STRING_DATA d, *p = NULL;
-	unsigned long l, r;
-
-	err_fns_check();
-	l = ERR_GET_LIB(e);
-	r = ERR_GET_REASON(e);
-	d.error = ERR_PACK(l, 0, r);
-	p = ERRFN(err_get_item)(&d);
-	if (!p) {
-		d.error = ERR_PACK(0, 0, r);
-		p = ERRFN(err_get_item)(&d);
-	}
-	return ((p == NULL) ? NULL : p->string);
-}
-
-void
-ERR_remove_thread_state(const CRYPTO_THREADID *id)
-{
-	ERR_STATE tmp;
-
-	if (id)
-		CRYPTO_THREADID_cpy(&tmp.tid, id);
-	else
-		CRYPTO_THREADID_current(&tmp.tid);
-	err_fns_check();
-	/* thread_del_item automatically destroys the LHASH if the number of
-	 * items reaches zero. */
-	ERRFN(thread_del_item)(&tmp);
-}
-
-#ifndef OPENSSL_NO_DEPRECATED
-void
-ERR_remove_state(unsigned long pid)
-{
-	ERR_remove_thread_state(NULL);
-}
-#endif
-
-ERR_STATE *
-ERR_get_state(void)
-{
-	static ERR_STATE fallback;
-	ERR_STATE *ret, tmp, *tmpp = NULL;
-	int i;
-	CRYPTO_THREADID tid;
-
-	err_fns_check();
-	CRYPTO_THREADID_current(&tid);
-	CRYPTO_THREADID_cpy(&tmp.tid, &tid);
-	ret = ERRFN(thread_get_item)(&tmp);
-
-	/* ret == the error state, if NULL, make a new one */
-	if (ret == NULL) {
-		ret = malloc(sizeof(ERR_STATE));
-		if (ret == NULL)
-			return (&fallback);
-		CRYPTO_THREADID_cpy(&ret->tid, &tid);
-		ret->top = 0;
-		ret->bottom = 0;
-		for (i = 0; i < ERR_NUM_ERRORS; i++) {
-			ret->err_data[i] = NULL;
-			ret->err_data_flags[i] = 0;
-		}
-		tmpp = ERRFN(thread_set_item)(ret);
-		/* To check if insertion failed, do a get. */
-		if (ERRFN(thread_get_item)(ret) != ret) {
-			ERR_STATE_free(ret); /* could not insert it */
-			return (&fallback);
-		}
-		/* If a race occured in this function and we came second, tmpp
-		 * is the first one that we just replaced. */
-		if (tmpp)
-			ERR_STATE_free(tmpp);
-	}
-	return ret;
-}
-
-int
-ERR_get_next_error_library(void)
-{
-	err_fns_check();
-	return ERRFN(get_next_lib)();
-}
-
-void
-ERR_set_error_data(char *data, int flags)
-{
-	ERR_STATE *es;
-	int i;
-
-	es = ERR_get_state();
-
-	i = es->top;
-	if (i == 0)
-		i = ERR_NUM_ERRORS - 1;
-
-	err_clear_data(es, i);
-	es->err_data[i] = data;
-	es->err_data_flags[i] = flags;
-}
-
-void
-ERR_asprintf_error_data(char * format, ...) {
-	char *errbuf = NULL;
-	va_list ap;
-	int r;
-
-	va_start(ap, format);
-	r = vasprintf(&errbuf, format, ap);
-	va_end(ap);
-	if (r == -1)
-		ERR_set_error_data("malloc failed", ERR_TXT_STRING);
-	else
-		ERR_set_error_data(errbuf, ERR_TXT_MALLOCED|ERR_TXT_STRING);
-}
-void
-ERR_add_error_data(int num, ...)
-{
-	va_list args;
-	va_start(args, num);
-	ERR_add_error_vdata(num, args);
-	va_end(args);
-}
-
-void
-ERR_add_error_vdata(int num, va_list args)
-{
-	char format[129];
-	char *errbuf;
-	int i;
-
-	format[0] = '\0';
-	for (i = 0; i < num; i++) {
-		if (strlcat(format, "%s", sizeof(format)) >= sizeof(format)) {
-			ERR_set_error_data("too many errors", ERR_TXT_STRING);
-			return;
-		}
-	}
-	if (vasprintf(&errbuf, format, args) == -1)
-		ERR_set_error_data("malloc failed", ERR_TXT_STRING);
-	else
-		ERR_set_error_data(errbuf, ERR_TXT_MALLOCED|ERR_TXT_STRING);
-}
-
-int
-ERR_set_mark(void)
-{
-	ERR_STATE *es;
-
-	es = ERR_get_state();
-
-	if (es->bottom == es->top)
-		return 0;
-	es->err_flags[es->top] |= ERR_FLAG_MARK;
-	return 1;
-}
-
-int
-ERR_pop_to_mark(void)
-{
-	ERR_STATE *es;
-
-	es = ERR_get_state();
-
-	while (es->bottom != es->top &&
-	    (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {
-		err_clear(es, es->top);
-		es->top -= 1;
-		if (es->top == -1)
-			es->top = ERR_NUM_ERRORS - 1;
-	}
-
-	if (es->bottom == es->top)
-		return 0;
-	es->err_flags[es->top]&=~ERR_FLAG_MARK;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/err/err.h b/lib/libssl/src/crypto/err/err.h
deleted file mode 100644
index 87bb96eec75..00000000000
--- a/lib/libssl/src/crypto/err/err.h
+++ /dev/null
@@ -1,381 +0,0 @@
-/* $OpenBSD: err.h,v 1.22 2014/11/09 19:17:13 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_ERR_H
-#define HEADER_ERR_H
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_LHASH
-#include <openssl/lhash.h>
-#endif
-
-#ifdef	__cplusplus
-extern "C" {
-#endif
-
-#ifndef OPENSSL_NO_ERR
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,d,e)
-#else
-#define ERR_PUT_error(a,b,c,d,e)	ERR_put_error(a,b,c,NULL,0)
-#endif
-
-#include <errno.h>
-
-#define ERR_TXT_MALLOCED	0x01
-#define ERR_TXT_STRING		0x02
-
-#define ERR_FLAG_MARK		0x01
-
-#define ERR_NUM_ERRORS	16
-typedef struct err_state_st {
-	CRYPTO_THREADID tid;
-	int err_flags[ERR_NUM_ERRORS];
-	unsigned long err_buffer[ERR_NUM_ERRORS];
-	char *err_data[ERR_NUM_ERRORS];
-	int err_data_flags[ERR_NUM_ERRORS];
-	const char *err_file[ERR_NUM_ERRORS];
-	int err_line[ERR_NUM_ERRORS];
-	int top, bottom;
-} ERR_STATE;
-
-/* library */
-#define ERR_LIB_NONE		1
-#define ERR_LIB_SYS		2
-#define ERR_LIB_BN		3
-#define ERR_LIB_RSA		4
-#define ERR_LIB_DH		5
-#define ERR_LIB_EVP		6
-#define ERR_LIB_BUF		7
-#define ERR_LIB_OBJ		8
-#define ERR_LIB_PEM		9
-#define ERR_LIB_DSA		10
-#define ERR_LIB_X509		11
-/* #define ERR_LIB_METH         12 */
-#define ERR_LIB_ASN1		13
-#define ERR_LIB_CONF		14
-#define ERR_LIB_CRYPTO		15
-#define ERR_LIB_EC		16
-#define ERR_LIB_SSL		20
-/* #define ERR_LIB_SSL23        21 */
-/* #define ERR_LIB_SSL2         22 */
-/* #define ERR_LIB_SSL3         23 */
-/* #define ERR_LIB_RSAREF       30 */
-/* #define ERR_LIB_PROXY        31 */
-#define ERR_LIB_BIO		32
-#define ERR_LIB_PKCS7		33
-#define ERR_LIB_X509V3		34
-#define ERR_LIB_PKCS12		35
-#define ERR_LIB_RAND		36
-#define ERR_LIB_DSO		37
-#define ERR_LIB_ENGINE		38
-#define ERR_LIB_OCSP            39
-#define ERR_LIB_UI              40
-#define ERR_LIB_COMP            41
-#define ERR_LIB_ECDSA		42
-#define ERR_LIB_ECDH		43
-#define ERR_LIB_STORE           44
-#define ERR_LIB_FIPS		45
-#define ERR_LIB_CMS		46
-#define ERR_LIB_TS		47
-#define ERR_LIB_HMAC		48
-#define ERR_LIB_JPAKE		49
-#define ERR_LIB_GOST		50
-
-#define ERR_LIB_USER		128
-
-#define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
-#define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
-#define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
-#define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
-#define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
-#define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
-#define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
-#define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
-#define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
-#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
-#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
-#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
-#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
-#define ECerr(f,r)   ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
-#define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
-#define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
-#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
-#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
-#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
-#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
-#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
-#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
-#define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
-#define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
-#define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
-#define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
-#define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
-#define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
-#define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
-#define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
-#define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
-#define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
-#define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
-#define GOSTerr(f,r) ERR_PUT_error(ERR_LIB_GOST,(f),(r),__FILE__,__LINE__)
-
-#define ERR_PACK(l,f,r)		(((((unsigned long)l)&0xffL)<<24L)| \
-				((((unsigned long)f)&0xfffL)<<12L)| \
-				((((unsigned long)r)&0xfffL)))
-#define ERR_GET_LIB(l)		(int)((((unsigned long)l)>>24L)&0xffL)
-#define ERR_GET_FUNC(l)		(int)((((unsigned long)l)>>12L)&0xfffL)
-#define ERR_GET_REASON(l)	(int)((l)&0xfffL)
-#define ERR_FATAL_ERROR(l)	(int)((l)&ERR_R_FATAL)
-
-
-/* OS functions */
-#define SYS_F_FOPEN		1
-#define SYS_F_CONNECT		2
-#define SYS_F_GETSERVBYNAME	3
-#define SYS_F_SOCKET		4
-#define SYS_F_IOCTLSOCKET	5
-#define SYS_F_BIND		6
-#define SYS_F_LISTEN		7
-#define SYS_F_ACCEPT		8
-#define SYS_F_WSASTARTUP	9 /* Winsock stuff */
-#define SYS_F_OPENDIR		10
-#define SYS_F_FREAD		11
-
-
-/* reasons */
-#define ERR_R_SYS_LIB	ERR_LIB_SYS       /* 2 */
-#define ERR_R_BN_LIB	ERR_LIB_BN        /* 3 */
-#define ERR_R_RSA_LIB	ERR_LIB_RSA       /* 4 */
-#define ERR_R_DH_LIB	ERR_LIB_DH        /* 5 */
-#define ERR_R_EVP_LIB	ERR_LIB_EVP       /* 6 */
-#define ERR_R_BUF_LIB	ERR_LIB_BUF       /* 7 */
-#define ERR_R_OBJ_LIB	ERR_LIB_OBJ       /* 8 */
-#define ERR_R_PEM_LIB	ERR_LIB_PEM       /* 9 */
-#define ERR_R_DSA_LIB	ERR_LIB_DSA      /* 10 */
-#define ERR_R_X509_LIB	ERR_LIB_X509     /* 11 */
-#define ERR_R_ASN1_LIB	ERR_LIB_ASN1     /* 13 */
-#define ERR_R_CONF_LIB	ERR_LIB_CONF     /* 14 */
-#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO  /* 15 */
-#define ERR_R_EC_LIB	ERR_LIB_EC       /* 16 */
-#define ERR_R_SSL_LIB	ERR_LIB_SSL      /* 20 */
-#define ERR_R_BIO_LIB	ERR_LIB_BIO      /* 32 */
-#define ERR_R_PKCS7_LIB	ERR_LIB_PKCS7    /* 33 */
-#define ERR_R_X509V3_LIB ERR_LIB_X509V3  /* 34 */
-#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12  /* 35 */
-#define ERR_R_RAND_LIB	ERR_LIB_RAND     /* 36 */
-#define ERR_R_DSO_LIB	ERR_LIB_DSO      /* 37 */
-#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE  /* 38 */
-#define ERR_R_OCSP_LIB  ERR_LIB_OCSP     /* 39 */
-#define ERR_R_UI_LIB    ERR_LIB_UI       /* 40 */
-#define ERR_R_COMP_LIB	ERR_LIB_COMP     /* 41 */
-#define ERR_R_ECDSA_LIB ERR_LIB_ECDSA	 /* 42 */
-#define ERR_R_ECDH_LIB  ERR_LIB_ECDH	 /* 43 */
-#define ERR_R_STORE_LIB ERR_LIB_STORE    /* 44 */
-#define ERR_R_TS_LIB	ERR_LIB_TS       /* 45 */
-
-#define ERR_R_NESTED_ASN1_ERROR			58
-#define ERR_R_BAD_ASN1_OBJECT_HEADER		59
-#define ERR_R_BAD_GET_ASN1_OBJECT_CALL		60
-#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE	61
-#define ERR_R_ASN1_LENGTH_MISMATCH		62
-#define ERR_R_MISSING_ASN1_EOS			63
-
-/* fatal error */
-#define ERR_R_FATAL				64
-#define	ERR_R_MALLOC_FAILURE			(1|ERR_R_FATAL)
-#define	ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED	(2|ERR_R_FATAL)
-#define	ERR_R_PASSED_NULL_PARAMETER		(3|ERR_R_FATAL)
-#define	ERR_R_INTERNAL_ERROR			(4|ERR_R_FATAL)
-#define	ERR_R_DISABLED				(5|ERR_R_FATAL)
-
-/* 99 is the maximum possible ERR_R_... code, higher values
- * are reserved for the individual libraries */
-
-
-typedef struct ERR_string_data_st {
-	unsigned long error;
-	const char *string;
-} ERR_STRING_DATA;
-
-void ERR_put_error(int lib, int func, int reason, const char *file, int line);
-void ERR_set_error_data(char *data, int flags);
-
-unsigned long ERR_get_error(void);
-unsigned long ERR_get_error_line(const char **file, int *line);
-unsigned long ERR_get_error_line_data(const char **file, int *line,
-    const char **data, int *flags);
-unsigned long ERR_peek_error(void);
-unsigned long ERR_peek_error_line(const char **file, int *line);
-unsigned long ERR_peek_error_line_data(const char **file, int *line,
-    const char **data, int *flags);
-unsigned long ERR_peek_last_error(void);
-unsigned long ERR_peek_last_error_line(const char **file, int *line);
-unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-    const char **data, int *flags);
-void ERR_clear_error(void );
-char *ERR_error_string(unsigned long e, char *buf);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-const char *ERR_lib_error_string(unsigned long e);
-const char *ERR_func_error_string(unsigned long e);
-const char *ERR_reason_error_string(unsigned long e);
-void ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u),
-    void *u);
-void ERR_print_errors_fp(FILE *fp);
-#ifndef OPENSSL_NO_BIO
-void ERR_print_errors(BIO *bp);
-#endif
-void ERR_asprintf_error_data(char * format, ...);
-void ERR_add_error_data(int num, ...);
-void ERR_add_error_vdata(int num, va_list args);
-void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
-void ERR_load_ERR_strings(void);
-void ERR_load_crypto_strings(void);
-void ERR_free_strings(void);
-
-void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
-#ifndef OPENSSL_NO_DEPRECATED
-void ERR_remove_state(unsigned long pid); /* if zero we look it up */
-#endif
-ERR_STATE *ERR_get_state(void);
-
-#ifndef OPENSSL_NO_LHASH
-LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
-LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
-void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
-#endif
-
-int ERR_get_next_error_library(void);
-
-int ERR_set_mark(void);
-int ERR_pop_to_mark(void);
-
-/* Already defined in ossl_typ.h */
-/* typedef struct st_ERR_FNS ERR_FNS; */
-/* An application can use this function and provide the return value to loaded
- * modules that should use the application's ERR state/functionality */
-const ERR_FNS *ERR_get_implementation(void);
-/* A loaded module should call this function prior to any ERR operations using
- * the application's "ERR_FNS". */
-int ERR_set_implementation(const ERR_FNS *fns);
-
-#ifdef	__cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/err/err_all.c b/lib/libssl/src/crypto/err/err_all.c
deleted file mode 100644
index 58adce64e75..00000000000
--- a/lib/libssl/src/crypto/err/err_all.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* $OpenBSD: err_all.c,v 1.22 2015/02/11 04:05:14 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/conf.h>
-#include <openssl/dso.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem2.h>
-#include <openssl/pkcs12.h>
-#include <openssl/rand.h>
-#include <openssl/ts.h>
-#include <openssl/ui.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-#ifndef OPENSSL_NO_ECDH
-#include <openssl/ecdh.h>
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_GOST
-#include <openssl/gost.h>
-#endif
-
-void
-ERR_load_crypto_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	ERR_load_ERR_strings(); /* include error strings for SYSerr */
-	ERR_load_BN_strings();
-#ifndef OPENSSL_NO_RSA
-	ERR_load_RSA_strings();
-#endif
-#ifndef OPENSSL_NO_DH
-	ERR_load_DH_strings();
-#endif
-	ERR_load_EVP_strings();
-	ERR_load_BUF_strings();
-	ERR_load_OBJ_strings();
-	ERR_load_PEM_strings();
-#ifndef OPENSSL_NO_DSA
-	ERR_load_DSA_strings();
-#endif
-	ERR_load_X509_strings();
-	ERR_load_ASN1_strings();
-	ERR_load_CONF_strings();
-	ERR_load_CRYPTO_strings();
-#ifndef OPENSSL_NO_EC
-	ERR_load_EC_strings();
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	ERR_load_ECDSA_strings();
-#endif
-#ifndef OPENSSL_NO_ECDH
-	ERR_load_ECDH_strings();
-#endif
-	/* skip ERR_load_SSL_strings() because it is not in this library */
-	ERR_load_BIO_strings();
-	ERR_load_PKCS7_strings();
-	ERR_load_X509V3_strings();
-	ERR_load_PKCS12_strings();
-	ERR_load_RAND_strings();
-	ERR_load_DSO_strings();
-	ERR_load_TS_strings();
-#ifndef OPENSSL_NO_ENGINE
-	ERR_load_ENGINE_strings();
-#endif
-	ERR_load_OCSP_strings();
-	ERR_load_UI_strings();
-#ifndef OPENSSL_NO_CMS
-	ERR_load_CMS_strings();
-#endif
-#ifndef OPENSSL_NO_GOST
-	ERR_load_GOST_strings();
-#endif
-#endif
-}
diff --git a/lib/libssl/src/crypto/err/err_prn.c b/lib/libssl/src/crypto/err/err_prn.c
deleted file mode 100644
index 021bcd5d1d8..00000000000
--- a/lib/libssl/src/crypto/err/err_prn.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: err_prn.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-
-void
-ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), void *u)
-{
-	unsigned long l;
-	char buf[256];
-	char buf2[4096];
-	const char *file, *data;
-	int line, flags;
-	unsigned long es;
-	CRYPTO_THREADID cur;
-
-	CRYPTO_THREADID_current(&cur);
-	es = CRYPTO_THREADID_hash(&cur);
-	while ((l = ERR_get_error_line_data(&file, &line, &data,
-	    &flags)) != 0) {
-		ERR_error_string_n(l, buf, sizeof buf);
-		(void) snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es,
-		    buf, file, line, (flags & ERR_TXT_STRING) ? data : "");
-		if (cb(buf2, strlen(buf2), u) <= 0)
-			break; /* abort outputting the error report */
-	}
-}
-
-static int
-print_fp(const char *str, size_t len, void *fp)
-{
-	BIO bio;
-
-	BIO_set(&bio, BIO_s_file());
-	BIO_set_fp(&bio, fp, BIO_NOCLOSE);
-
-	return BIO_printf(&bio, "%s", str);
-}
-
-void
-ERR_print_errors_fp(FILE *fp)
-{
-	ERR_print_errors_cb(print_fp, fp);
-}
-
-static int
-print_bio(const char *str, size_t len, void *bp)
-{
-	return BIO_write((BIO *)bp, str, len);
-}
-
-void
-ERR_print_errors(BIO *bp)
-{
-	ERR_print_errors_cb(print_bio, bp);
-}
diff --git a/lib/libssl/src/crypto/err/openssl.ec b/lib/libssl/src/crypto/err/openssl.ec
deleted file mode 100644
index dcebbba6c49..00000000000
--- a/lib/libssl/src/crypto/err/openssl.ec
+++ /dev/null
@@ -1,96 +0,0 @@
-# crypto/err/openssl.ec
-
-# configuration file for util/mkerr.pl
-
-# files that may have to be rewritten by util/mkerr.pl
-L ERR		NONE				NONE
-L BN		crypto/bn/bn.h			crypto/bn/bn_err.c
-L RSA		crypto/rsa/rsa.h		crypto/rsa/rsa_err.c
-L DH		crypto/dh/dh.h			crypto/dh/dh_err.c
-L EVP		crypto/evp/evp.h		crypto/evp/evp_err.c
-L BUF		crypto/buffer/buffer.h		crypto/buffer/buf_err.c
-L OBJ		crypto/objects/objects.h	crypto/objects/obj_err.c
-L PEM		crypto/pem/pem.h		crypto/pem/pem_err.c
-L DSA		crypto/dsa/dsa.h		crypto/dsa/dsa_err.c
-L X509		crypto/x509/x509.h		crypto/x509/x509_err.c
-L ASN1		crypto/asn1/asn1.h		crypto/asn1/asn1_err.c
-L CONF		crypto/conf/conf.h		crypto/conf/conf_err.c
-L CRYPTO	crypto/crypto.h			crypto/cpt_err.c
-L EC		crypto/ec/ec.h			crypto/ec/ec_err.c
-L SSL		ssl/ssl.h			ssl/ssl_err.c
-L BIO		crypto/bio/bio.h		crypto/bio/bio_err.c
-L PKCS7		crypto/pkcs7/pkcs7.h		crypto/pkcs7/pkcs7err.c
-L X509V3	crypto/x509v3/x509v3.h		crypto/x509v3/v3err.c
-L PKCS12	crypto/pkcs12/pkcs12.h		crypto/pkcs12/pk12err.c
-L RAND		crypto/rand/rand.h		crypto/rand/rand_err.c
-L DSO		crypto/dso/dso.h		crypto/dso/dso_err.c
-L ENGINE	crypto/engine/engine.h		crypto/engine/eng_err.c
-L OCSP		crypto/ocsp/ocsp.h		crypto/ocsp/ocsp_err.c
-L UI		crypto/ui/ui.h			crypto/ui/ui_err.c
-L COMP		crypto/comp/comp.h		crypto/comp/comp_err.c
-L ECDSA		crypto/ecdsa/ecdsa.h		crypto/ecdsa/ecs_err.c
-L ECDH		crypto/ecdh/ecdh.h		crypto/ecdh/ech_err.c
-L STORE		crypto/store/store.h		crypto/store/str_err.c
-L TS		crypto/ts/ts.h			crypto/ts/ts_err.c
-L HMAC		crypto/hmac/hmac.h		crypto/hmac/hmac_err.c
-L CMS		crypto/cms/cms.h		crypto/cms/cms_err.c
-L GOST		crypto/gost/gost.h		crypto/gost/gost_err.c
-
-# additional header files to be scanned for function names
-L NONE		crypto/x509/x509_vfy.h		NONE
-L NONE		crypto/ec/ec_lcl.h		NONE
-L NONE		crypto/asn1/asn_lcl.h		NONE
-L NONE		crypto/cms/cms_lcl.h		NONE
-
-
-F RSAREF_F_RSA_BN2BIN
-F RSAREF_F_RSA_PRIVATE_DECRYPT
-F RSAREF_F_RSA_PRIVATE_ENCRYPT
-F RSAREF_F_RSA_PUBLIC_DECRYPT
-F RSAREF_F_RSA_PUBLIC_ENCRYPT
-#F SSL_F_CLIENT_CERTIFICATE
-
-R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		1010
-R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		1020
-R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED		1021
-R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		1022
-R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE	1030
-R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		1040
-R SSL_R_SSLV3_ALERT_NO_CERTIFICATE		1041
-R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		1042
-R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	1043
-R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		1044
-R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		1045
-R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		1046
-R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		1047
-R SSL_R_TLSV1_ALERT_UNKNOWN_CA			1048
-R SSL_R_TLSV1_ALERT_ACCESS_DENIED		1049
-R SSL_R_TLSV1_ALERT_DECODE_ERROR		1050
-R SSL_R_TLSV1_ALERT_DECRYPT_ERROR		1051
-R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		1060
-R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		1070
-R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY	1071
-R SSL_R_TLSV1_ALERT_INTERNAL_ERROR		1080
-R SSL_R_TLSV1_ALERT_USER_CANCELLED		1090
-R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		1100
-R SSL_R_TLSV1_UNSUPPORTED_EXTENSION		1110
-R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE		1111
-R SSL_R_TLSV1_UNRECOGNIZED_NAME			1112
-R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE	1113
-R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE	1114
-
-R RSAREF_R_CONTENT_ENCODING			0x0400
-R RSAREF_R_DATA					0x0401
-R RSAREF_R_DIGEST_ALGORITHM			0x0402
-R RSAREF_R_ENCODING				0x0403
-R RSAREF_R_KEY					0x0404
-R RSAREF_R_KEY_ENCODING				0x0405
-R RSAREF_R_LEN					0x0406
-R RSAREF_R_MODULUS_LEN				0x0407
-R RSAREF_R_NEED_RANDOM				0x0408
-R RSAREF_R_PRIVATE_KEY				0x0409
-R RSAREF_R_PUBLIC_KEY				0x040a
-R RSAREF_R_SIGNATURE				0x040b
-R RSAREF_R_SIGNATURE_ENCODING			0x040c
-R RSAREF_R_ENCRYPTION_ALGORITHM			0x040d
-
diff --git a/lib/libssl/src/crypto/evp/bio_b64.c b/lib/libssl/src/crypto/evp/bio_b64.c
deleted file mode 100644
index b54e8793ec3..00000000000
--- a/lib/libssl/src/crypto/evp/bio_b64.c
+++ /dev/null
@@ -1,567 +0,0 @@
-/* $OpenBSD: bio_b64.c,v 1.20 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int b64_write(BIO *h, const char *buf, int num);
-static int b64_read(BIO *h, char *buf, int size);
-static int b64_puts(BIO *h, const char *str);
-/*static int b64_gets(BIO *h, char *str, int size); */
-static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int b64_new(BIO *h);
-static int b64_free(BIO *data);
-static long b64_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-#define B64_BLOCK_SIZE	1024
-#define B64_BLOCK_SIZE2	768
-#define B64_NONE	0
-#define B64_ENCODE	1
-#define B64_DECODE	2
-
-typedef struct b64_struct {
-	/*BIO *bio; moved to the BIO structure */
-	int buf_len;
-	int buf_off;
-	int tmp_len;		/* used to find the start when decoding */
-	int tmp_nl;		/* If true, scan until '\n' */
-	int encode;
-	int start;		/* have we started decoding yet? */
-	int cont;		/* <= 0 when finished */
-	EVP_ENCODE_CTX base64;
-	char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
-	char tmp[B64_BLOCK_SIZE];
-} BIO_B64_CTX;
-
-static BIO_METHOD methods_b64 = {
-	.type = BIO_TYPE_BASE64,
-	.name = "base64 encoding",
-	.bwrite = b64_write,
-	.bread = b64_read,
-	.bputs = b64_puts,
-	.ctrl = b64_ctrl,
-	.create = b64_new,
-	.destroy = b64_free,
-	.callback_ctrl = b64_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_base64(void)
-{
-	return (&methods_b64);
-}
-
-static int
-b64_new(BIO *bi)
-{
-	BIO_B64_CTX *ctx;
-
-	ctx = malloc(sizeof(BIO_B64_CTX));
-	if (ctx == NULL)
-		return (0);
-
-	ctx->buf_len = 0;
-	ctx->tmp_len = 0;
-	ctx->tmp_nl = 0;
-	ctx->buf_off = 0;
-	ctx->cont = 1;
-	ctx->start = 1;
-	ctx->encode = 0;
-
-	bi->init = 1;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	bi->num = 0;
-	return (1);
-}
-
-static int
-b64_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	free(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-b64_read(BIO *b, char *out, int outl)
-{
-	int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
-	BIO_B64_CTX *ctx;
-	unsigned char *p, *q;
-
-	if (out == NULL)
-		return (0);
-	ctx = (BIO_B64_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-
-	BIO_clear_retry_flags(b);
-
-	if (ctx->encode != B64_DECODE) {
-		ctx->encode = B64_DECODE;
-		ctx->buf_len = 0;
-		ctx->buf_off = 0;
-		ctx->tmp_len = 0;
-		EVP_DecodeInit(&(ctx->base64));
-	}
-
-	/* First check if there are bytes decoded/encoded */
-	if (ctx->buf_len > 0) {
-		OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-		i = ctx->buf_len - ctx->buf_off;
-		if (i > outl)
-			i = outl;
-		OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
-		memcpy(out, &(ctx->buf[ctx->buf_off]), i);
-		ret = i;
-		out += i;
-		outl -= i;
-		ctx->buf_off += i;
-		if (ctx->buf_len == ctx->buf_off) {
-			ctx->buf_len = 0;
-			ctx->buf_off = 0;
-		}
-	}
-
-	/* At this point, we have room of outl bytes and an empty
-	 * buffer, so we should read in some more. */
-
-	ret_code = 0;
-	while (outl > 0) {
-		if (ctx->cont <= 0)
-			break;
-
-		i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]),
-		    B64_BLOCK_SIZE - ctx->tmp_len);
-
-		if (i <= 0) {
-			ret_code = i;
-
-			/* Should we continue next time we are called? */
-			if (!BIO_should_retry(b->next_bio)) {
-				ctx->cont = i;
-				/* If buffer empty break */
-				if (ctx->tmp_len == 0)
-					break;
-				/* Fall through and process what we have */
-				else
-					i = 0;
-			}
-			/* else we retry and add more data to buffer */
-			else
-				break;
-		}
-		i += ctx->tmp_len;
-		ctx->tmp_len = i;
-
-		/* We need to scan, a line at a time until we
-		 * have a valid line if we are starting. */
-		if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) {
-			/* ctx->start=1; */
-			ctx->tmp_len = 0;
-		} else if (ctx->start) {
-			q = p =(unsigned char *)ctx->tmp;
-			num = 0;
-			for (j = 0; j < i; j++) {
-				if (*(q++) != '\n')
-					continue;
-
-				/* due to a previous very long line,
-				 * we need to keep on scanning for a '\n'
-				 * before we even start looking for
-				 * base64 encoded stuff. */
-				if (ctx->tmp_nl) {
-					p = q;
-					ctx->tmp_nl = 0;
-					continue;
-				}
-
-				k = EVP_DecodeUpdate(&(ctx->base64),
-				    (unsigned char *)ctx->buf,
-				    &num, p, q - p);
-				if ((k <= 0) && (num == 0) && (ctx->start))
-					EVP_DecodeInit(&ctx->base64);
-				else {
-					if (p != (unsigned char *)
-						&(ctx->tmp[0])) {
-						i -= (p - (unsigned char *)
-						&(ctx->tmp[0]));
-						for (x = 0; x < i; x++)
-							ctx->tmp[x] = p[x];
-					}
-					EVP_DecodeInit(&ctx->base64);
-					ctx->start = 0;
-					break;
-				}
-				p = q;
-			}
-
-			/* we fell off the end without starting */
-			if ((j == i) && (num == 0)) {
-				/* Is this is one long chunk?, if so, keep on
-				 * reading until a new line. */
-				if (p == (unsigned char *)&(ctx->tmp[0])) {
-					/* Check buffer full */
-					if (i == B64_BLOCK_SIZE) {
-						ctx->tmp_nl = 1;
-						ctx->tmp_len = 0;
-					}
-				}
-				else if (p != q) /* finished on a '\n' */
-				{
-					n = q - p;
-					for (ii = 0; ii < n; ii++)
-						ctx->tmp[ii] = p[ii];
-					ctx->tmp_len = n;
-				}
-				/* else finished on a '\n' */
-				continue;
-			} else {
-				ctx->tmp_len = 0;
-			}
-		} else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) {
-			/* If buffer isn't full and we can retry then
-			 * restart to read in more data.
-			 */
-			continue;
-		}
-
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-			int z, jj;
-
-			jj = i & ~3; /* process per 4 */
-			z = EVP_DecodeBlock((unsigned char *)ctx->buf,
-			    (unsigned char *)ctx->tmp, jj);
-			if (jj > 2) {
-				if (ctx->tmp[jj-1] == '=') {
-					z--;
-					if (ctx->tmp[jj-2] == '=')
-						z--;
-				}
-			}
-			/* z is now number of output bytes and jj is the
-			 * number consumed */
-			if (jj != i) {
-				memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
-				ctx->tmp_len = i - jj;
-			}
-			ctx->buf_len = 0;
-			if (z > 0) {
-				ctx->buf_len = z;
-			}
-			i = z;
-		} else {
-			i = EVP_DecodeUpdate(&(ctx->base64),
-			    (unsigned char *)ctx->buf, &ctx->buf_len,
-			    (unsigned char *)ctx->tmp, i);
-			ctx->tmp_len = 0;
-		}
-		ctx->buf_off = 0;
-		if (i < 0) {
-			ret_code = 0;
-			ctx->buf_len = 0;
-			break;
-		}
-
-		if (ctx->buf_len <= outl)
-			i = ctx->buf_len;
-		else
-			i = outl;
-
-		memcpy(out, ctx->buf, i);
-		ret += i;
-		ctx->buf_off = i;
-		if (ctx->buf_off == ctx->buf_len) {
-			ctx->buf_len = 0;
-			ctx->buf_off = 0;
-		}
-		outl -= i;
-		out += i;
-	}
-	/* BIO_clear_retry_flags(b); */
-	BIO_copy_next_retry(b);
-	return ((ret == 0) ? ret_code : ret);
-}
-
-static int
-b64_write(BIO *b, const char *in, int inl)
-{
-	int ret = 0;
-	int n;
-	int i;
-	BIO_B64_CTX *ctx;
-
-	ctx = (BIO_B64_CTX *)b->ptr;
-	BIO_clear_retry_flags(b);
-
-	if (ctx->encode != B64_ENCODE) {
-		ctx->encode = B64_ENCODE;
-		ctx->buf_len = 0;
-		ctx->buf_off = 0;
-		ctx->tmp_len = 0;
-		EVP_EncodeInit(&(ctx->base64));
-	}
-
-	OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
-	OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-	OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-	n = ctx->buf_len - ctx->buf_off;
-	while (n > 0) {
-		i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-		if (i <= 0) {
-			BIO_copy_next_retry(b);
-			return (i);
-		}
-		OPENSSL_assert(i <= n);
-		ctx->buf_off += i;
-		OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
-		OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-		n -= i;
-	}
-	/* at this point all pending data has been written */
-	ctx->buf_off = 0;
-	ctx->buf_len = 0;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-
-	while (inl > 0) {
-		n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
-
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-			if (ctx->tmp_len > 0) {
-				OPENSSL_assert(ctx->tmp_len <= 3);
-				n = 3 - ctx->tmp_len;
-				/* There's a theoretical possibility for this */
-				if (n > inl)
-					n = inl;
-				memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
-				ctx->tmp_len += n;
-				ret += n;
-				if (ctx->tmp_len < 3)
-					break;
-				ctx->buf_len = EVP_EncodeBlock(
-				    (unsigned char *)ctx->buf,
-				    (unsigned char *)ctx->tmp, ctx->tmp_len);
-				OPENSSL_assert(ctx->buf_len <=
-				    (int)sizeof(ctx->buf));
-				OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-				/* Since we're now done using the temporary
-				   buffer, the length should be 0'd */
-				ctx->tmp_len = 0;
-			} else {
-				if (n < 3) {
-					memcpy(ctx->tmp, in, n);
-					ctx->tmp_len = n;
-					ret += n;
-					break;
-				}
-				n -= n % 3;
-				ctx->buf_len = EVP_EncodeBlock(
-				    (unsigned char *)ctx->buf,
-				    (const unsigned char *)in, n);
-				OPENSSL_assert(ctx->buf_len <=
-				    (int)sizeof(ctx->buf));
-				OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-				ret += n;
-			}
-		} else {
-			EVP_EncodeUpdate(&(ctx->base64),
-			    (unsigned char *)ctx->buf, &ctx->buf_len,
-			    (unsigned char *)in, n);
-			OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
-			OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-			ret += n;
-		}
-		inl -= n;
-		in += n;
-
-		ctx->buf_off = 0;
-		n = ctx->buf_len;
-		while (n > 0) {
-			i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-				return ((ret == 0) ? i : ret);
-			}
-			OPENSSL_assert(i <= n);
-			n -= i;
-			ctx->buf_off += i;
-			OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
-			OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-		}
-		ctx->buf_len = 0;
-		ctx->buf_off = 0;
-	}
-	return (ret);
-}
-
-static long
-b64_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO_B64_CTX *ctx;
-	long ret = 1;
-	int i;
-
-	ctx = (BIO_B64_CTX *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ctx->cont = 1;
-		ctx->start = 1;
-		ctx->encode = B64_NONE;
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret = 1;
-		else
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_WPENDING: /* More to write in buffer */
-		OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-		ret = ctx->buf_len - ctx->buf_off;
-		if ((ret == 0) && (ctx->encode != B64_NONE) &&
-		    (ctx->base64.num != 0))
-			ret = 1;
-		else if (ret <= 0)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-		OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
-		ret = ctx->buf_len - ctx->buf_off;
-		if (ret <= 0)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-again:
-		while (ctx->buf_len != ctx->buf_off) {
-			i = b64_write(b, NULL, 0);
-			if (i < 0)
-				return i;
-		}
-		if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
-			if (ctx->tmp_len != 0) {
-				ctx->buf_len = EVP_EncodeBlock(
-				    (unsigned char *)ctx->buf,
-				    (unsigned char *)ctx->tmp,
-				    ctx->tmp_len);
-				ctx->buf_off = 0;
-				ctx->tmp_len = 0;
-				goto again;
-			}
-		} else if (ctx->encode != B64_NONE && ctx->base64.num != 0) {
-			ctx->buf_off = 0;
-			EVP_EncodeFinal(&(ctx->base64),
-			    (unsigned char *)ctx->buf,
-			    &(ctx->buf_len));
-			/* push out the bytes */
-			goto again;
-		}
-		/* Finally flush the underlying BIO */
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_CTRL_DUP:
-		break;
-	case BIO_CTRL_INFO:
-	case BIO_CTRL_GET:
-	case BIO_CTRL_SET:
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-}
-
-static long
-b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-b64_puts(BIO *b, const char *str)
-{
-	return b64_write(b, str, strlen(str));
-}
diff --git a/lib/libssl/src/crypto/evp/bio_enc.c b/lib/libssl/src/crypto/evp/bio_enc.c
deleted file mode 100644
index 1920c6d1808..00000000000
--- a/lib/libssl/src/crypto/evp/bio_enc.c
+++ /dev/null
@@ -1,427 +0,0 @@
-/* $OpenBSD: bio_enc.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-static int enc_write(BIO *h, const char *buf, int num);
-static int enc_read(BIO *h, char *buf, int size);
-/*static int enc_puts(BIO *h, const char *str); */
-/*static int enc_gets(BIO *h, char *str, int size); */
-static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int enc_new(BIO *h);
-static int enc_free(BIO *data);
-static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
-#define ENC_BLOCK_SIZE	(1024*4)
-#define BUF_OFFSET	(EVP_MAX_BLOCK_LENGTH*2)
-
-typedef struct enc_struct {
-	int buf_len;
-	int buf_off;
-	int cont;		/* <= 0 when finished */
-	int finished;
-	int ok;			/* bad decrypt */
-	EVP_CIPHER_CTX cipher;
-	/* buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate
-	 * can return up to a block more data than is presented to it
-	 */
-	char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
-} BIO_ENC_CTX;
-
-static BIO_METHOD methods_enc = {
-	.type = BIO_TYPE_CIPHER,
-	.name = "cipher",
-	.bwrite = enc_write,
-	.bread = enc_read,
-	.ctrl = enc_ctrl,
-	.create = enc_new,
-	.destroy = enc_free,
-	.callback_ctrl = enc_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_cipher(void)
-{
-	return (&methods_enc);
-}
-
-static int
-enc_new(BIO *bi)
-{
-	BIO_ENC_CTX *ctx;
-
-	ctx = malloc(sizeof(BIO_ENC_CTX));
-	if (ctx == NULL)
-		return (0);
-	EVP_CIPHER_CTX_init(&ctx->cipher);
-
-	ctx->buf_len = 0;
-	ctx->buf_off = 0;
-	ctx->cont = 1;
-	ctx->finished = 0;
-	ctx->ok = 1;
-
-	bi->init = 0;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-enc_free(BIO *a)
-{
-	BIO_ENC_CTX *b;
-
-	if (a == NULL)
-		return (0);
-	b = (BIO_ENC_CTX *)a->ptr;
-	EVP_CIPHER_CTX_cleanup(&(b->cipher));
-	explicit_bzero(a->ptr, sizeof(BIO_ENC_CTX));
-	free(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-enc_read(BIO *b, char *out, int outl)
-{
-	int ret = 0, i;
-	BIO_ENC_CTX *ctx;
-
-	if (out == NULL)
-		return (0);
-	ctx = (BIO_ENC_CTX *)b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-
-	/* First check if there are bytes decoded/encoded */
-	if (ctx->buf_len > 0) {
-		i = ctx->buf_len - ctx->buf_off;
-		if (i > outl)
-			i = outl;
-		memcpy(out, &(ctx->buf[ctx->buf_off]), i);
-		ret = i;
-		out += i;
-		outl -= i;
-		ctx->buf_off += i;
-		if (ctx->buf_len == ctx->buf_off) {
-			ctx->buf_len = 0;
-			ctx->buf_off = 0;
-		}
-	}
-
-	/* At this point, we have room of outl bytes and an empty
-	 * buffer, so we should read in some more. */
-
-	while (outl > 0) {
-		if (ctx->cont <= 0)
-			break;
-
-		/* read in at IV offset, read the EVP_Cipher
-		 * documentation about why */
-		i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
-
-		if (i <= 0) {
-			/* Should be continue next time we are called? */
-			if (!BIO_should_retry(b->next_bio)) {
-				ctx->cont = i;
-				i = EVP_CipherFinal_ex(&(ctx->cipher),
-				    (unsigned char *)ctx->buf,
-				    &(ctx->buf_len));
-				ctx->ok = i;
-				ctx->buf_off = 0;
-			} else {
-				ret = (ret == 0) ? i : ret;
-				break;
-			}
-		} else {
-			EVP_CipherUpdate(&(ctx->cipher),
-			    (unsigned char *)ctx->buf, &ctx->buf_len,
-			    (unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
-			ctx->cont = 1;
-			/* Note: it is possible for EVP_CipherUpdate to
-			 * decrypt zero bytes because this is or looks like
-			 * the final block: if this happens we should retry
-			 * and either read more data or decrypt the final
-			 * block
-			 */
-			if (ctx->buf_len == 0)
-				continue;
-		}
-
-		if (ctx->buf_len <= outl)
-			i = ctx->buf_len;
-		else
-			i = outl;
-		if (i <= 0)
-			break;
-		memcpy(out, ctx->buf, i);
-		ret += i;
-		ctx->buf_off = i;
-		outl -= i;
-		out += i;
-	}
-
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return ((ret == 0) ? ctx->cont : ret);
-}
-
-static int
-enc_write(BIO *b, const char *in, int inl)
-{
-	int ret = 0, n, i;
-	BIO_ENC_CTX *ctx;
-
-	ctx = (BIO_ENC_CTX *)b->ptr;
-	ret = inl;
-
-	BIO_clear_retry_flags(b);
-	n = ctx->buf_len - ctx->buf_off;
-	while (n > 0) {
-		i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-		if (i <= 0) {
-			BIO_copy_next_retry(b);
-			return (i);
-		}
-		ctx->buf_off += i;
-		n -= i;
-	}
-	/* at this point all pending data has been written */
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-
-	ctx->buf_off = 0;
-	while (inl > 0) {
-		n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
-		EVP_CipherUpdate(&(ctx->cipher),
-		    (unsigned char *)ctx->buf, &ctx->buf_len,
-		    (unsigned char *)in, n);
-		inl -= n;
-		in += n;
-
-		ctx->buf_off = 0;
-		n = ctx->buf_len;
-		while (n > 0) {
-			i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
-			if (i <= 0) {
-				BIO_copy_next_retry(b);
-				return (ret == inl) ? i : ret - inl;
-			}
-			n -= i;
-			ctx->buf_off += i;
-		}
-		ctx->buf_len = 0;
-		ctx->buf_off = 0;
-	}
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static long
-enc_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	BIO *dbio;
-	BIO_ENC_CTX *ctx, *dctx;
-	long ret = 1;
-	int i;
-	EVP_CIPHER_CTX **c_ctx;
-
-	ctx = (BIO_ENC_CTX *)b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		ctx->ok = 1;
-		ctx->finished = 0;
-		EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL,
-		    ctx->cipher.encrypt);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_EOF:	/* More to read */
-		if (ctx->cont <= 0)
-			ret = 1;
-		else
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_WPENDING:
-		ret = ctx->buf_len - ctx->buf_off;
-		if (ret <= 0)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_PENDING: /* More to read in buffer */
-		ret = ctx->buf_len - ctx->buf_off;
-		if (ret <= 0)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_FLUSH:
-		/* do a final write */
-again:
-		while (ctx->buf_len != ctx->buf_off) {
-			i = enc_write(b, NULL, 0);
-			if (i < 0)
-				return i;
-		}
-
-		if (!ctx->finished) {
-			ctx->finished = 1;
-			ctx->buf_off = 0;
-			ret = EVP_CipherFinal_ex(&(ctx->cipher),
-			    (unsigned char *)ctx->buf,
-			    &(ctx->buf_len));
-			ctx->ok = (int)ret;
-			if (ret <= 0)
-				break;
-
-			/* push out the bytes */
-			goto again;
-		}
-
-		/* Finally flush the underlying BIO */
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_C_GET_CIPHER_STATUS:
-		ret = (long)ctx->ok;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_C_GET_CIPHER_CTX:
-		c_ctx = (EVP_CIPHER_CTX **)ptr;
-		(*c_ctx) = &(ctx->cipher);
-		b->init = 1;
-		break;
-	case BIO_CTRL_DUP:
-		dbio = (BIO *)ptr;
-		dctx = (BIO_ENC_CTX *)dbio->ptr;
-		EVP_CIPHER_CTX_init(&dctx->cipher);
-		ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
-		if (ret)
-			dbio->init = 1;
-		break;
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-}
-
-static long
-enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-/*
-void BIO_set_cipher_ctx(b,c)
-BIO *b;
-EVP_CIPHER_ctx *c;
-	{
-	if (b == NULL) return;
-
-	if ((b->callback != NULL) &&
-		(b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
-		return;
-
-	b->init=1;
-	ctx=(BIO_ENC_CTX *)b->ptr;
-	memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
-
-	if (b->callback != NULL)
-		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
-	}
-*/
-
-void
-BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
-    const unsigned char *i, int e)
-{
-	BIO_ENC_CTX *ctx;
-
-	if (b == NULL)
-		return;
-
-	if ((b->callback != NULL) &&
-	    (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <= 0))
-		return;
-
-	b->init = 1;
-	ctx = (BIO_ENC_CTX *)b->ptr;
-	EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e);
-
-	if (b->callback != NULL)
-		b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
-}
diff --git a/lib/libssl/src/crypto/evp/bio_md.c b/lib/libssl/src/crypto/evp/bio_md.c
deleted file mode 100644
index b1973746a7c..00000000000
--- a/lib/libssl/src/crypto/evp/bio_md.c
+++ /dev/null
@@ -1,277 +0,0 @@
-/* $OpenBSD: bio_md.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <errno.h>
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-/* BIO_put and BIO_get both add to the digest,
- * BIO_gets returns the digest */
-
-static int md_write(BIO *h, char const *buf, int num);
-static int md_read(BIO *h, char *buf, int size);
-/*static int md_puts(BIO *h, const char *str); */
-static int md_gets(BIO *h, char *str, int size);
-static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int md_new(BIO *h);
-static int md_free(BIO *data);
-static long md_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-
-static BIO_METHOD methods_md = {
-	.type = BIO_TYPE_MD,
-	.name = "message digest",
-	.bwrite = md_write,
-	.bread = md_read,
-	.bgets = md_gets,
-	.ctrl = md_ctrl,
-	.create = md_new,
-	.destroy = md_free,
-	.callback_ctrl = md_callback_ctrl
-};
-
-BIO_METHOD *
-BIO_f_md(void)
-{
-	return (&methods_md);
-}
-
-static int
-md_new(BIO *bi)
-{
-	EVP_MD_CTX *ctx;
-
-	ctx = EVP_MD_CTX_create();
-	if (ctx == NULL)
-		return (0);
-
-	bi->init = 0;
-	bi->ptr = (char *)ctx;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-md_free(BIO *a)
-{
-	if (a == NULL)
-		return (0);
-	EVP_MD_CTX_destroy(a->ptr);
-	a->ptr = NULL;
-	a->init = 0;
-	a->flags = 0;
-	return (1);
-}
-
-static int
-md_read(BIO *b, char *out, int outl)
-{
-	int ret = 0;
-	EVP_MD_CTX *ctx;
-
-	if (out == NULL)
-		return (0);
-	ctx = b->ptr;
-
-	if ((ctx == NULL) || (b->next_bio == NULL))
-		return (0);
-
-	ret = BIO_read(b->next_bio, out, outl);
-	if (b->init) {
-		if (ret > 0) {
-			if (EVP_DigestUpdate(ctx, (unsigned char *)out,
-			    (unsigned int)ret) <= 0)
-				return (-1);
-		}
-	}
-	BIO_clear_retry_flags(b);
-	BIO_copy_next_retry(b);
-	return (ret);
-}
-
-static int
-md_write(BIO *b, const char *in, int inl)
-{
-	int ret = 0;
-	EVP_MD_CTX *ctx;
-
-	if ((in == NULL) || (inl <= 0))
-		return (0);
-	ctx = b->ptr;
-
-	if ((ctx != NULL) && (b->next_bio != NULL))
-		ret = BIO_write(b->next_bio, in, inl);
-	if (b->init) {
-		if (ret > 0) {
-			if (!EVP_DigestUpdate(ctx, (const unsigned char *)in,
-			    (unsigned int)ret)) {
-				BIO_clear_retry_flags(b);
-				return 0;
-			}
-		}
-	}
-	if (b->next_bio != NULL) {
-		BIO_clear_retry_flags(b);
-		BIO_copy_next_retry(b);
-	}
-	return (ret);
-}
-
-static long
-md_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	EVP_MD_CTX *ctx, *dctx, **pctx;
-	const EVP_MD **ppmd;
-	EVP_MD *md;
-	long ret = 1;
-	BIO *dbio;
-
-	ctx = b->ptr;
-
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		if (b->init)
-			ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL);
-		else
-			ret = 0;
-		if (ret > 0)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	case BIO_C_GET_MD:
-		if (b->init) {
-			ppmd = ptr;
-			*ppmd = ctx->digest;
-		} else
-			ret = 0;
-		break;
-	case BIO_C_GET_MD_CTX:
-		pctx = ptr;
-		*pctx = ctx;
-		b->init = 1;
-		break;
-	case BIO_C_SET_MD_CTX:
-		if (b->init)
-			b->ptr = ptr;
-		else
-			ret = 0;
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-
-	case BIO_C_SET_MD:
-		md = ptr;
-		ret = EVP_DigestInit_ex(ctx, md, NULL);
-		if (ret > 0)
-			b->init = 1;
-		break;
-	case BIO_CTRL_DUP:
-		dbio = ptr;
-		dctx = dbio->ptr;
-		if (!EVP_MD_CTX_copy_ex(dctx, ctx))
-			return 0;
-		b->init = 1;
-		break;
-	default:
-		ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-}
-
-static long
-md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	long ret = 1;
-
-	if (b->next_bio == NULL)
-		return (0);
-	switch (cmd) {
-	default:
-		ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-md_gets(BIO *bp, char *buf, int size)
-{
-	EVP_MD_CTX *ctx;
-	unsigned int ret;
-
-	ctx = bp->ptr;
-	if (size < ctx->digest->md_size)
-		return (0);
-	if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0)
-		return -1;
-
-	return ((int)ret);
-}
-
-/*
-static int md_puts(bp,str)
-BIO *bp;
-char *str;
-	{
-	return(-1);
-	}
-*/
diff --git a/lib/libssl/src/crypto/evp/c_all.c b/lib/libssl/src/crypto/evp/c_all.c
deleted file mode 100644
index b83195b3706..00000000000
--- a/lib/libssl/src/crypto/evp/c_all.c
+++ /dev/null
@@ -1,298 +0,0 @@
-/* $OpenBSD: c_all.c,v 1.20 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/conf.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "cryptlib.h"
-
-void
-OpenSSL_add_all_ciphers(void)
-{
-#ifndef OPENSSL_NO_DES
-	EVP_add_cipher(EVP_des_cfb());
-	EVP_add_cipher(EVP_des_cfb1());
-	EVP_add_cipher(EVP_des_cfb8());
-	EVP_add_cipher(EVP_des_ede_cfb());
-	EVP_add_cipher(EVP_des_ede3_cfb());
-	EVP_add_cipher(EVP_des_ede3_cfb1());
-	EVP_add_cipher(EVP_des_ede3_cfb8());
-
-	EVP_add_cipher(EVP_des_ofb());
-	EVP_add_cipher(EVP_des_ede_ofb());
-	EVP_add_cipher(EVP_des_ede3_ofb());
-
-	EVP_add_cipher(EVP_desx_cbc());
-	EVP_add_cipher_alias(SN_desx_cbc, "DESX");
-	EVP_add_cipher_alias(SN_desx_cbc, "desx");
-
-	EVP_add_cipher(EVP_des_cbc());
-	EVP_add_cipher_alias(SN_des_cbc, "DES");
-	EVP_add_cipher_alias(SN_des_cbc, "des");
-	EVP_add_cipher(EVP_des_ede_cbc());
-	EVP_add_cipher(EVP_des_ede3_cbc());
-	EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
-	EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
-
-	EVP_add_cipher(EVP_des_ecb());
-	EVP_add_cipher(EVP_des_ede());
-	EVP_add_cipher(EVP_des_ede3());
-#endif
-
-#ifndef OPENSSL_NO_RC4
-	EVP_add_cipher(EVP_rc4());
-	EVP_add_cipher(EVP_rc4_40());
-#ifndef OPENSSL_NO_MD5
-	EVP_add_cipher(EVP_rc4_hmac_md5());
-#endif
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-	EVP_add_cipher(EVP_idea_ecb());
-	EVP_add_cipher(EVP_idea_cfb());
-	EVP_add_cipher(EVP_idea_ofb());
-	EVP_add_cipher(EVP_idea_cbc());
-	EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
-	EVP_add_cipher_alias(SN_idea_cbc, "idea");
-#endif
-
-#ifndef OPENSSL_NO_RC2
-	EVP_add_cipher(EVP_rc2_ecb());
-	EVP_add_cipher(EVP_rc2_cfb());
-	EVP_add_cipher(EVP_rc2_ofb());
-	EVP_add_cipher(EVP_rc2_cbc());
-	EVP_add_cipher(EVP_rc2_40_cbc());
-	EVP_add_cipher(EVP_rc2_64_cbc());
-	EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
-	EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
-#endif
-
-#ifndef OPENSSL_NO_BF
-	EVP_add_cipher(EVP_bf_ecb());
-	EVP_add_cipher(EVP_bf_cfb());
-	EVP_add_cipher(EVP_bf_ofb());
-	EVP_add_cipher(EVP_bf_cbc());
-	EVP_add_cipher_alias(SN_bf_cbc, "BF");
-	EVP_add_cipher_alias(SN_bf_cbc, "bf");
-	EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
-#endif
-
-#ifndef OPENSSL_NO_CAST
-	EVP_add_cipher(EVP_cast5_ecb());
-	EVP_add_cipher(EVP_cast5_cfb());
-	EVP_add_cipher(EVP_cast5_ofb());
-	EVP_add_cipher(EVP_cast5_cbc());
-	EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
-	EVP_add_cipher_alias(SN_cast5_cbc, "cast");
-	EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
-	EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
-#endif
-
-#ifndef OPENSSL_NO_AES
-	EVP_add_cipher(EVP_aes_128_ecb());
-	EVP_add_cipher(EVP_aes_128_cbc());
-	EVP_add_cipher(EVP_aes_128_cfb());
-	EVP_add_cipher(EVP_aes_128_cfb1());
-	EVP_add_cipher(EVP_aes_128_cfb8());
-	EVP_add_cipher(EVP_aes_128_ofb());
-	EVP_add_cipher(EVP_aes_128_ctr());
-	EVP_add_cipher(EVP_aes_128_gcm());
-	EVP_add_cipher(EVP_aes_128_xts());
-	EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
-	EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
-	EVP_add_cipher(EVP_aes_192_ecb());
-	EVP_add_cipher(EVP_aes_192_cbc());
-	EVP_add_cipher(EVP_aes_192_cfb());
-	EVP_add_cipher(EVP_aes_192_cfb1());
-	EVP_add_cipher(EVP_aes_192_cfb8());
-	EVP_add_cipher(EVP_aes_192_ofb());
-	EVP_add_cipher(EVP_aes_192_ctr());
-	EVP_add_cipher(EVP_aes_192_gcm());
-	EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
-	EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
-	EVP_add_cipher(EVP_aes_256_ecb());
-	EVP_add_cipher(EVP_aes_256_cbc());
-	EVP_add_cipher(EVP_aes_256_cfb());
-	EVP_add_cipher(EVP_aes_256_cfb1());
-	EVP_add_cipher(EVP_aes_256_cfb8());
-	EVP_add_cipher(EVP_aes_256_ofb());
-	EVP_add_cipher(EVP_aes_256_ctr());
-	EVP_add_cipher(EVP_aes_256_gcm());
-	EVP_add_cipher(EVP_aes_256_xts());
-	EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
-	EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-#endif
-#endif
-
-#ifndef OPENSSL_NO_CAMELLIA
-	EVP_add_cipher(EVP_camellia_128_ecb());
-	EVP_add_cipher(EVP_camellia_128_cbc());
-	EVP_add_cipher(EVP_camellia_128_cfb());
-	EVP_add_cipher(EVP_camellia_128_cfb1());
-	EVP_add_cipher(EVP_camellia_128_cfb8());
-	EVP_add_cipher(EVP_camellia_128_ofb());
-	EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
-	EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
-	EVP_add_cipher(EVP_camellia_192_ecb());
-	EVP_add_cipher(EVP_camellia_192_cbc());
-	EVP_add_cipher(EVP_camellia_192_cfb());
-	EVP_add_cipher(EVP_camellia_192_cfb1());
-	EVP_add_cipher(EVP_camellia_192_cfb8());
-	EVP_add_cipher(EVP_camellia_192_ofb());
-	EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
-	EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
-	EVP_add_cipher(EVP_camellia_256_ecb());
-	EVP_add_cipher(EVP_camellia_256_cbc());
-	EVP_add_cipher(EVP_camellia_256_cfb());
-	EVP_add_cipher(EVP_camellia_256_cfb1());
-	EVP_add_cipher(EVP_camellia_256_cfb8());
-	EVP_add_cipher(EVP_camellia_256_ofb());
-	EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
-	EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
-#endif
-
-#ifndef OPENSSL_NO_CHACHA
-	EVP_add_cipher(EVP_chacha20());
-#endif
-
-#ifndef OPENSSL_NO_GOST
-	EVP_add_cipher(EVP_gost2814789_ecb());
-	EVP_add_cipher(EVP_gost2814789_cfb64());
-	EVP_add_cipher(EVP_gost2814789_cnt());
-#endif
-}
-
-void
-OpenSSL_add_all_digests(void)
-{
-#ifndef OPENSSL_NO_MD4
-	EVP_add_digest(EVP_md4());
-#endif
-
-#ifndef OPENSSL_NO_MD5
-	EVP_add_digest(EVP_md5());
-	EVP_add_digest_alias(SN_md5, "ssl2-md5");
-	EVP_add_digest_alias(SN_md5, "ssl3-md5");
-#endif
-
-#if !defined(OPENSSL_NO_SHA)
-#ifndef OPENSSL_NO_DSA
-	EVP_add_digest(EVP_dss());
-#endif
-#endif
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-	EVP_add_digest(EVP_sha1());
-	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-#ifndef OPENSSL_NO_DSA
-	EVP_add_digest(EVP_dss1());
-	EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-	EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-	EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-#endif
-#ifndef OPENSSL_NO_ECDSA
-	EVP_add_digest(EVP_ecdsa());
-#endif
-#endif
-
-#ifndef OPENSSL_NO_GOST
-	EVP_add_digest(EVP_gostr341194());
-	EVP_add_digest(EVP_gost2814789imit());
-	EVP_add_digest(EVP_streebog256());
-	EVP_add_digest(EVP_streebog512());
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-	EVP_add_digest(EVP_ripemd160());
-	EVP_add_digest_alias(SN_ripemd160, "ripemd");
-	EVP_add_digest_alias(SN_ripemd160, "rmd160");
-#endif
-#ifndef OPENSSL_NO_SHA256
-	EVP_add_digest(EVP_sha224());
-	EVP_add_digest(EVP_sha256());
-#endif
-#ifndef OPENSSL_NO_SHA512
-	EVP_add_digest(EVP_sha384());
-	EVP_add_digest(EVP_sha512());
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-	EVP_add_digest(EVP_whirlpool());
-#endif
-}
-
-void
-OPENSSL_add_all_algorithms_noconf(void)
-{
-	OPENSSL_cpuid_setup();
-	OpenSSL_add_all_ciphers();
-	OpenSSL_add_all_digests();
-}
-
-void
-OPENSSL_add_all_algorithms_conf(void)
-{
-	OPENSSL_add_all_algorithms_noconf();
-	OPENSSL_config(NULL);
-}
diff --git a/lib/libssl/src/crypto/evp/digest.c b/lib/libssl/src/crypto/evp/digest.c
deleted file mode 100644
index 6d8ed9b4995..00000000000
--- a/lib/libssl/src/crypto/evp/digest.c
+++ /dev/null
@@ -1,405 +0,0 @@
-/* $OpenBSD: digest.c,v 1.26 2015/02/11 03:19:37 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-void
-EVP_MD_CTX_init(EVP_MD_CTX *ctx)
-{
-	memset(ctx, 0, sizeof *ctx);
-}
-
-EVP_MD_CTX *
-EVP_MD_CTX_create(void)
-{
-	return calloc(1, sizeof(EVP_MD_CTX));
-}
-
-int
-EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
-{
-	EVP_MD_CTX_init(ctx);
-	return EVP_DigestInit_ex(ctx, type, NULL);
-}
-
-int
-EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
-{
-	EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unecessary. */
-	if (ctx->engine && ctx->digest && (!type ||
-	    (type && (type->type == ctx->digest->type))))
-		goto skip_to_init;
-	if (type) {
-		/* Ensure an ENGINE left lying around from last time is cleared
-		 * (the previous check attempted to avoid this if the same
-		 * ENGINE and EVP_MD could be used). */
-		if (ctx->engine)
-			ENGINE_finish(ctx->engine);
-		if (impl) {
-			if (!ENGINE_init(impl)) {
-				EVPerr(EVP_F_EVP_DIGESTINIT_EX,
-				    EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-		} else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_digest_engine(type->type);
-		if (impl) {
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-			if (!d) {
-				/* Same comment from evp_enc.c */
-				EVPerr(EVP_F_EVP_DIGESTINIT_EX,
-				    EVP_R_INITIALIZATION_ERROR);
-				ENGINE_finish(impl);
-				return 0;
-			}
-			/* We'll use the ENGINE's private digest definition */
-			type = d;
-			/* Store the ENGINE functional reference so we know
-			 * 'type' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-		} else
-			ctx->engine = NULL;
-	} else if (!ctx->digest) {
-		EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
-		return 0;
-	}
-#endif
-	if (ctx->digest != type) {
-		if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
-		    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-			explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
-			free(ctx->md_data);
-			ctx->md_data = NULL;
-		}
-		ctx->digest = type;
-		if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
-			ctx->update = type->update;
-			ctx->md_data = malloc(type->ctx_size);
-			if (ctx->md_data == NULL) {
-				EVP_PKEY_CTX_free(ctx->pctx);
-				ctx->pctx = NULL;
-				EVPerr(EVP_F_EVP_DIGESTINIT_EX,
-				    ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-		}
-	}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
-	if (ctx->pctx) {
-		int r;
-		r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
-		    EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
-		if (r <= 0 && (r != -2))
-			return 0;
-	}
-	if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
-		return 1;
-	return ctx->digest->init(ctx);
-}
-
-int
-EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return ctx->update(ctx, data, count);
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int
-EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
-	int ret;
-
-	ret = EVP_DigestFinal_ex(ctx, md, size);
-	EVP_MD_CTX_cleanup(ctx);
-	return ret;
-}
-
-/* The caller can assume that this removes any secret data from the context */
-int
-EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
-{
-	int ret;
-
-	if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
-		EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
-		return 0;
-	}
-	ret = ctx->digest->final(ctx, md);
-	if (size != NULL)
-		*size = ctx->digest->md_size;
-	if (ctx->digest->cleanup) {
-		ctx->digest->cleanup(ctx);
-		EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
-	}
-	memset(ctx->md_data, 0, ctx->digest->ctx_size);
-	return ret;
-}
-
-int
-EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
-	EVP_MD_CTX_init(out);
-	return EVP_MD_CTX_copy_ex(out, in);
-}
-
-int
-EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
-{
-	unsigned char *tmp_buf;
-
-	if ((in == NULL) || (in->digest == NULL)) {
-		EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
-		return 0;
-	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a digest context using an ENGINE */
-	if (in->engine && !ENGINE_init(in->engine)) {
-		EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
-		return 0;
-	}
-#endif
-
-	if (out->digest == in->digest) {
-		tmp_buf = out->md_data;
-		EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
-	} else
-		tmp_buf = NULL;
-	EVP_MD_CTX_cleanup(out);
-	memcpy(out, in, sizeof *out);
-
-	if (in->md_data && out->digest->ctx_size) {
-		if (tmp_buf)
-			out->md_data = tmp_buf;
-		else {
-			out->md_data = malloc(out->digest->ctx_size);
-			if (!out->md_data) {
-				EVPerr(EVP_F_EVP_MD_CTX_COPY_EX,
-				    ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-		}
-		memcpy(out->md_data, in->md_data, out->digest->ctx_size);
-	}
-
-	out->update = in->update;
-
-	if (in->pctx) {
-		out->pctx = EVP_PKEY_CTX_dup(in->pctx);
-		if (!out->pctx) {
-			EVP_MD_CTX_cleanup(out);
-			return 0;
-		}
-	}
-
-	if (out->digest->copy)
-		return out->digest->copy(out, in);
-
-	return 1;
-}
-
-int
-EVP_Digest(const void *data, size_t count,
-    unsigned char *md, unsigned int *size, const EVP_MD *type, ENGINE *impl)
-{
-	EVP_MD_CTX ctx;
-	int ret;
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
-	ret = EVP_DigestInit_ex(&ctx, type, impl) &&
-	    EVP_DigestUpdate(&ctx, data, count) &&
-	    EVP_DigestFinal_ex(&ctx, md, size);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return ret;
-}
-
-void
-EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
-{
-	if (ctx) {
-		EVP_MD_CTX_cleanup(ctx);
-		free(ctx);
-	}
-}
-
-/* This call frees resources associated with the context */
-int
-EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
-{
-	/* Don't assume ctx->md_data was cleaned in EVP_Digest_Final,
-	 * because sometimes only copies of the context are ever finalised.
-	 */
-	if (ctx->digest && ctx->digest->cleanup &&
-	    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
-		ctx->digest->cleanup(ctx);
-	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
-	    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-		explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
-		free(ctx->md_data);
-	}
-	EVP_PKEY_CTX_free(ctx->pctx);
-#ifndef OPENSSL_NO_ENGINE
-	if (ctx->engine)
-		/* The EVP_MD we used belongs to an ENGINE, release the
-		 * functional reference we held for this reason. */
-		ENGINE_finish(ctx->engine);
-#endif
-	memset(ctx, 0, sizeof *ctx);
-
-	return 1;
-}
-
-int
-EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
-{
-	int ret;
-
-	if (!ctx->digest) {
-		EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_NO_CIPHER_SET);
-		return 0;
-	}
-
-	if (!ctx->digest->md_ctrl) {
-		EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
-		return 0;
-	}
-
-	ret = ctx->digest->md_ctrl(ctx, type, arg, ptr);
-	if (ret == -1) {
-		EVPerr(EVP_F_EVP_MD_CTX_CTRL,
-		    EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/evp/e_aes.c b/lib/libssl/src/crypto/evp/e_aes.c
deleted file mode 100644
index a6d48085c3c..00000000000
--- a/lib/libssl/src/crypto/evp/e_aes.c
+++ /dev/null
@@ -1,1548 +0,0 @@
-/* $OpenBSD: e_aes.c,v 1.29 2015/09/10 15:56:25 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_AES
-#include <openssl/aes.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-#include "evp_locl.h"
-#include "modes_lcl.h"
-
-typedef struct {
-	AES_KEY ks;
-	block128_f block;
-	union {
-		cbc128_f cbc;
-		ctr128_f ctr;
-	} stream;
-} EVP_AES_KEY;
-
-typedef struct {
-	AES_KEY ks;		/* AES key schedule to use */
-	int key_set;		/* Set if key initialised */
-	int iv_set;		/* Set if an iv is set */
-	GCM128_CONTEXT gcm;
-	unsigned char *iv;	/* Temporary IV store */
-	int ivlen;		/* IV length */
-	int taglen;
-	int iv_gen;		/* It is OK to generate IVs */
-	int tls_aad_len;	/* TLS AAD length */
-	ctr128_f ctr;
-} EVP_AES_GCM_CTX;
-
-typedef struct {
-	AES_KEY ks1, ks2;	/* AES key schedules to use */
-	XTS128_CONTEXT xts;
-	void (*stream)(const unsigned char *in, unsigned char *out,
-	    size_t length, const AES_KEY *key1, const AES_KEY *key2,
-	    const unsigned char iv[16]);
-} EVP_AES_XTS_CTX;
-
-typedef struct {
-	AES_KEY ks;		/* AES key schedule to use */
-	int key_set;		/* Set if key initialised */
-	int iv_set;		/* Set if an iv is set */
-	int tag_set;		/* Set if tag is valid */
-	int len_set;		/* Set if message length set */
-	int L, M;		/* L and M parameters from RFC3610 */
-	CCM128_CONTEXT ccm;
-	ccm128_f str;
-} EVP_AES_CCM_CTX;
-
-#define MAXBITCHUNK	((size_t)1<<(sizeof(size_t)*8-4))
-
-#ifdef VPAES_ASM
-int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-
-void vpaes_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-void vpaes_decrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-
-void vpaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
-#endif
-#ifdef BSAES_ASM
-void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char ivec[16], int enc);
-void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
-    size_t len, const AES_KEY *key, const unsigned char ivec[16]);
-void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
-    size_t len, const AES_KEY *key1, const AES_KEY *key2,
-    const unsigned char iv[16]);
-void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
-    size_t len, const AES_KEY *key1, const AES_KEY *key2,
-    const unsigned char iv[16]);
-#endif
-#ifdef AES_CTR_ASM
-void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
-    size_t blocks, const AES_KEY *key,
-    const unsigned char ivec[AES_BLOCK_SIZE]);
-#endif
-#ifdef AES_XTS_ASM
-void AES_xts_encrypt(const char *inp, char *out, size_t len,
-    const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]);
-void AES_xts_decrypt(const char *inp, char *out, size_t len,
-    const AES_KEY *key1, const AES_KEY *key2, const unsigned char iv[16]);
-#endif
-
-#if	defined(AES_ASM) && !defined(I386_ONLY) &&	(  \
-	((defined(__i386)	|| defined(__i386__)	|| \
-	  defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
-	defined(__x86_64)	|| defined(__x86_64__)	|| \
-	defined(_M_AMD64)	|| defined(_M_X64)	|| \
-	defined(__INTEL__)				)
-
-extern unsigned int OPENSSL_ia32cap_P[2];
-
-#ifdef VPAES_ASM
-#define VPAES_CAPABLE	(OPENSSL_ia32cap_P[1]&(1<<(41-32)))
-#endif
-#ifdef BSAES_ASM
-#define BSAES_CAPABLE	VPAES_CAPABLE
-#endif
-/*
- * AES-NI section
- */
-#define	AESNI_CAPABLE	(OPENSSL_ia32cap_P[1]&(1<<(57-32)))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
-    AES_KEY *key);
-
-void aesni_encrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-void aesni_decrypt(const unsigned char *in, unsigned char *out,
-    const AES_KEY *key);
-
-void aesni_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, int enc);
-void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
-
-void aesni_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
-    size_t blocks, const void *key, const unsigned char *ivec);
-
-void aesni_xts_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key1, const AES_KEY *key2,
-    const unsigned char iv[16]);
-
-void aesni_xts_decrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key1, const AES_KEY *key2,
-    const unsigned char iv[16]);
-
-void aesni_ccm64_encrypt_blocks (const unsigned char *in, unsigned char *out,
-    size_t blocks, const void *key, const unsigned char ivec[16],
-    unsigned char cmac[16]);
-
-void aesni_ccm64_decrypt_blocks (const unsigned char *in, unsigned char *out,
-    size_t blocks, const void *key, const unsigned char ivec[16],
-    unsigned char cmac[16]);
-
-static int
-aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	int ret, mode;
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	mode = ctx->cipher->flags & EVP_CIPH_MODE;
-	if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) &&
-	    !enc) {
-		ret = aesni_set_decrypt_key(key, ctx->key_len * 8,
-		    ctx->cipher_data);
-		dat->block = (block128_f)aesni_decrypt;
-		dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-		    (cbc128_f)aesni_cbc_encrypt : NULL;
-	} else {
-		ret = aesni_set_encrypt_key(key, ctx->key_len * 8,
-		    ctx->cipher_data);
-		dat->block = (block128_f)aesni_encrypt;
-		if (mode == EVP_CIPH_CBC_MODE)
-			dat->stream.cbc = (cbc128_f)aesni_cbc_encrypt;
-		else if (mode == EVP_CIPH_CTR_MODE)
-			dat->stream.ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
-		else
-			dat->stream.cbc = NULL;
-	}
-
-	if (ret < 0) {
-		EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv,
-	    ctx->encrypt);
-
-	return 1;
-}
-
-static int
-aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	size_t	bl = ctx->cipher->block_size;
-
-	if (len < bl)
-		return 1;
-
-	aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt);
-
-	return 1;
-}
-
-#define aesni_ofb_cipher aes_ofb_cipher
-static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-#define aesni_cfb_cipher aes_cfb_cipher
-static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-#define aesni_cfb8_cipher aes_cfb8_cipher
-static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-#define aesni_cfb1_cipher aes_cfb1_cipher
-static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-#define aesni_ctr_cipher aes_ctr_cipher
-static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-static int
-aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-	if (key) {
-		aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks);
-		CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
-		    (block128_f)aesni_encrypt);
-		gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks;
-		/* If we have an iv can set it directly, otherwise use
-		 * saved IV.
-		 */
-		if (iv == NULL && gctx->iv_set)
-			iv = gctx->iv;
-		if (iv) {
-			CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-			gctx->iv_set = 1;
-		}
-		gctx->key_set = 1;
-	} else {
-		/* If key set use IV, otherwise copy */
-		if (gctx->key_set)
-			CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-		else
-			memcpy(gctx->iv, iv, gctx->ivlen);
-		gctx->iv_set = 1;
-		gctx->iv_gen = 0;
-	}
-	return 1;
-}
-
-#define aesni_gcm_cipher aes_gcm_cipher
-static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-static int
-aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-
-	if (key) {
-		/* key_len is two AES keys */
-		if (enc) {
-			aesni_set_encrypt_key(key, ctx->key_len * 4,
-			    &xctx->ks1);
-			xctx->xts.block1 = (block128_f)aesni_encrypt;
-			xctx->stream = aesni_xts_encrypt;
-		} else {
-			aesni_set_decrypt_key(key, ctx->key_len * 4,
-			    &xctx->ks1);
-			xctx->xts.block1 = (block128_f)aesni_decrypt;
-			xctx->stream = aesni_xts_decrypt;
-		}
-
-		aesni_set_encrypt_key(key + ctx->key_len / 2,
-		    ctx->key_len * 4, &xctx->ks2);
-		xctx->xts.block2 = (block128_f)aesni_encrypt;
-
-		xctx->xts.key1 = &xctx->ks1;
-	}
-
-	if (iv) {
-		xctx->xts.key2 = &xctx->ks2;
-		memcpy(ctx->iv, iv, 16);
-	}
-
-	return 1;
-}
-
-#define aesni_xts_cipher aes_xts_cipher
-static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-static int
-aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-	if (key) {
-		aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
-		CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-		    &cctx->ks, (block128_f)aesni_encrypt);
-		cctx->str = enc ? (ccm128_f)aesni_ccm64_encrypt_blocks :
-		    (ccm128_f)aesni_ccm64_decrypt_blocks;
-		cctx->key_set = 1;
-	}
-	if (iv) {
-		memcpy(ctx->iv, iv, 15 - cctx->L);
-		cctx->iv_set = 1;
-	}
-	return 1;
-}
-
-#define aesni_ccm_cipher aes_ccm_cipher
-static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-
-#define BLOCK_CIPHER_generic(n,keylen,blocksize,ivlen,nmode,mode,MODE,fl) \
-static const EVP_CIPHER aesni_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##nmode,					\
-	.block_size = blocksize,					\
-	.key_len = keylen / 8,						\
-	.iv_len = ivlen, 						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aesni_init_key,						\
-	.do_cipher = aesni_##mode##_cipher,				\
-	.ctx_size = sizeof(EVP_AES_KEY)					\
-};									\
-static const EVP_CIPHER aes_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##nmode,					\
-	.block_size = blocksize,					\
-	.key_len = keylen / 8,						\
-	.iv_len = ivlen, 						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aes_init_key,						\
-	.do_cipher = aes_##mode##_cipher,				\
-	.ctx_size = sizeof(EVP_AES_KEY)					\
-};									\
-const EVP_CIPHER *							\
-EVP_aes_##keylen##_##mode(void)						\
-{									\
-	return AESNI_CAPABLE ?						\
-	    &aesni_##keylen##_##mode : &aes_##keylen##_##mode;		\
-}
-
-#define BLOCK_CIPHER_custom(n,keylen,blocksize,ivlen,mode,MODE,fl)	\
-static const EVP_CIPHER aesni_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##mode,					\
-	.block_size = blocksize,					\
-	.key_len =							\
-	    (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) *	\
-	    keylen / 8,							\
-	.iv_len = ivlen,						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aesni_##mode##_init_key,				\
-	.do_cipher = aesni_##mode##_cipher,				\
-	.cleanup = aes_##mode##_cleanup,				\
-	.ctx_size = sizeof(EVP_AES_##MODE##_CTX),			\
-	.ctrl = aes_##mode##_ctrl					\
-};									\
-static const EVP_CIPHER aes_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##mode,					\
-	.block_size = blocksize,					\
-	.key_len =							\
-	    (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) *	\
-	    keylen / 8,							\
-	.iv_len = ivlen,						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aes_##mode##_init_key,					\
-	.do_cipher = aes_##mode##_cipher,				\
-	.cleanup = aes_##mode##_cleanup,				\
-	.ctx_size = sizeof(EVP_AES_##MODE##_CTX),			\
-	.ctrl = aes_##mode##_ctrl					\
-};									\
-const EVP_CIPHER *							\
-EVP_aes_##keylen##_##mode(void)						\
-{									\
-	return AESNI_CAPABLE ?						\
-	    &aesni_##keylen##_##mode : &aes_##keylen##_##mode;		\
-}
-
-#else
-
-#define BLOCK_CIPHER_generic(n,keylen,blocksize,ivlen,nmode,mode,MODE,fl) \
-static const EVP_CIPHER aes_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##nmode,					\
-	.block_size = blocksize,					\
-	.key_len = keylen / 8,						\
-	.iv_len = ivlen,						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aes_init_key,						\
-	.do_cipher = aes_##mode##_cipher,				\
-	.ctx_size = sizeof(EVP_AES_KEY)					\
-};									\
-const EVP_CIPHER *							\
-EVP_aes_##keylen##_##mode(void)						\
-{									\
-	return &aes_##keylen##_##mode;					\
-}
-
-#define BLOCK_CIPHER_custom(n,keylen,blocksize,ivlen,mode,MODE,fl)	\
-static const EVP_CIPHER aes_##keylen##_##mode = {			\
-	.nid = n##_##keylen##_##mode,					\
-	.block_size = blocksize,					\
-	.key_len =							\
-	    (EVP_CIPH_##MODE##_MODE == EVP_CIPH_XTS_MODE ? 2 : 1) *	\
-	    keylen / 8,							\
-	.iv_len = ivlen,						\
-	.flags = fl | EVP_CIPH_##MODE##_MODE,				\
-	.init = aes_##mode##_init_key,					\
-	.do_cipher = aes_##mode##_cipher,				\
-	.cleanup = aes_##mode##_cleanup,				\
-	.ctx_size = sizeof(EVP_AES_##MODE##_CTX),			\
-	.ctrl = aes_##mode##_ctrl					\
-};									\
-const EVP_CIPHER *							\
-EVP_aes_##keylen##_##mode(void)						\
-{									\
-	return &aes_##keylen##_##mode;					\
-}
-
-#endif
-
-#define BLOCK_CIPHER_generic_pack(nid,keylen,flags)		\
-	BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
-	BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
-	BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
-	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)	\
-	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)	\
-	BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)	\
-	BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
-
-static int
-aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	int ret, mode;
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	mode = ctx->cipher->flags & EVP_CIPH_MODE;
-	if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE) &&
-	    !enc)
-#ifdef BSAES_CAPABLE
-		if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
-			ret = AES_set_decrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)AES_decrypt;
-			dat->stream.cbc = (cbc128_f)bsaes_cbc_encrypt;
-		} else
-#endif
-#ifdef VPAES_CAPABLE
-		if (VPAES_CAPABLE) {
-			ret = vpaes_set_decrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)vpaes_decrypt;
-			dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-			    (cbc128_f)vpaes_cbc_encrypt : NULL;
-		} else
-#endif
-		{
-			ret = AES_set_decrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)AES_decrypt;
-			dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-			    (cbc128_f)AES_cbc_encrypt : NULL;
-		} else
-#ifdef BSAES_CAPABLE
-		if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
-			ret = AES_set_encrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)AES_encrypt;
-			dat->stream.ctr = (ctr128_f)bsaes_ctr32_encrypt_blocks;
-		} else
-#endif
-#ifdef VPAES_CAPABLE
-		if (VPAES_CAPABLE) {
-			ret = vpaes_set_encrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)vpaes_encrypt;
-			dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-			    (cbc128_f)vpaes_cbc_encrypt : NULL;
-		} else
-#endif
-		{
-			ret = AES_set_encrypt_key(key, ctx->key_len * 8,
-			    &dat->ks);
-			dat->block = (block128_f)AES_encrypt;
-			dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
-			    (cbc128_f)AES_cbc_encrypt : NULL;
-#ifdef AES_CTR_ASM
-			if (mode == EVP_CIPH_CTR_MODE)
-				dat->stream.ctr = (ctr128_f)AES_ctr32_encrypt;
-#endif
-		}
-
-	if (ret < 0) {
-		EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	if (dat->stream.cbc)
-		(*dat->stream.cbc)(in, out, len, &dat->ks, ctx->iv,
-		    ctx->encrypt);
-	else if (ctx->encrypt)
-		CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv,
-		    dat->block);
-	else
-		CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv,
-		    dat->block);
-
-	return 1;
-}
-
-static int
-aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	size_t	bl = ctx->cipher->block_size;
-	size_t	i;
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	if (len < bl)
-		return 1;
-
-	for (i = 0, len -= bl; i <= len; i += bl)
-		(*dat->block)(in + i, out + i, &dat->ks);
-
-	return 1;
-}
-
-static int
-aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	CRYPTO_ofb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
-	    dat->block);
-	return 1;
-}
-
-static int
-aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	CRYPTO_cfb128_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
-	    ctx->encrypt, dat->block);
-	return 1;
-}
-
-static int
-aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks, ctx->iv, &ctx->num,
-	    ctx->encrypt, dat->block);
-	return 1;
-}
-
-static int
-aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	if (ctx->flags&EVP_CIPH_FLAG_LENGTH_BITS) {
-		CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks, ctx->iv,
-		    &ctx->num, ctx->encrypt, dat->block);
-		return 1;
-	}
-
-	while (len >= MAXBITCHUNK) {
-		CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK*8, &dat->ks,
-		    ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-		len -= MAXBITCHUNK;
-	}
-	if (len)
-		CRYPTO_cfb128_1_encrypt(in, out, len*8, &dat->ks,
-		    ctx->iv, &ctx->num, ctx->encrypt, dat->block);
-
-	return 1;
-}
-
-static int aes_ctr_cipher (EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	unsigned int num = ctx->num;
-	EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
-
-	if (dat->stream.ctr)
-		CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
-		    ctx->iv, ctx->buf, &num, dat->stream.ctr);
-	else
-		CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
-		    ctx->iv, ctx->buf, &num, dat->block);
-	ctx->num = (size_t)num;
-	return 1;
-}
-
-BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
-BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS)
-BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS)
-
-static int
-aes_gcm_cleanup(EVP_CIPHER_CTX *c)
-{
-	EVP_AES_GCM_CTX *gctx = c->cipher_data;
-
-	if (gctx->iv != c->iv)
-		free(gctx->iv);
-	explicit_bzero(gctx, sizeof(*gctx));
-	return 1;
-}
-
-/* increment counter (64-bit int) by 1 */
-static void
-ctr64_inc(unsigned char *counter)
-{
-	int n = 8;
-	unsigned char  c;
-
-	do {
-		--n;
-		c = counter[n];
-		++c;
-		counter[n] = c;
-		if (c)
-			return;
-	} while (n);
-}
-
-static int
-aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	EVP_AES_GCM_CTX *gctx = c->cipher_data;
-
-	switch (type) {
-	case EVP_CTRL_INIT:
-		gctx->key_set = 0;
-		gctx->iv_set = 0;
-		gctx->ivlen = c->cipher->iv_len;
-		gctx->iv = c->iv;
-		gctx->taglen = -1;
-		gctx->iv_gen = 0;
-		gctx->tls_aad_len = -1;
-		return 1;
-
-	case EVP_CTRL_GCM_SET_IVLEN:
-		if (arg <= 0)
-			return 0;
-		/* Allocate memory for IV if needed */
-		if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
-			if (gctx->iv != c->iv)
-				free(gctx->iv);
-			gctx->iv = malloc(arg);
-			if (!gctx->iv)
-				return 0;
-		}
-		gctx->ivlen = arg;
-		return 1;
-
-	case EVP_CTRL_GCM_SET_TAG:
-		if (arg <= 0 || arg > 16 || c->encrypt)
-			return 0;
-		memcpy(c->buf, ptr, arg);
-		gctx->taglen = arg;
-		return 1;
-
-	case EVP_CTRL_GCM_GET_TAG:
-		if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
-			return 0;
-		memcpy(ptr, c->buf, arg);
-		return 1;
-
-	case EVP_CTRL_GCM_SET_IV_FIXED:
-		/* Special case: -1 length restores whole IV */
-		if (arg == -1) {
-			memcpy(gctx->iv, ptr, gctx->ivlen);
-			gctx->iv_gen = 1;
-			return 1;
-		}
-		/* Fixed field must be at least 4 bytes and invocation field
-		 * at least 8.
-		 */
-		if ((arg < 4) || (gctx->ivlen - arg) < 8)
-			return 0;
-		if (arg)
-			memcpy(gctx->iv, ptr, arg);
-		if (c->encrypt)
-			arc4random_buf(gctx->iv + arg, gctx->ivlen - arg);
-		gctx->iv_gen = 1;
-		return 1;
-
-	case EVP_CTRL_GCM_IV_GEN:
-		if (gctx->iv_gen == 0 || gctx->key_set == 0)
-			return 0;
-		CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
-		if (arg <= 0 || arg > gctx->ivlen)
-			arg = gctx->ivlen;
-		memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
-		/* Invocation field will be at least 8 bytes in size and
-		 * so no need to check wrap around or increment more than
-		 * last 8 bytes.
-		 */
-		ctr64_inc(gctx->iv + gctx->ivlen - 8);
-		gctx->iv_set = 1;
-		return 1;
-
-	case EVP_CTRL_GCM_SET_IV_INV:
-		if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
-			return 0;
-		memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
-		CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
-		gctx->iv_set = 1;
-		return 1;
-
-	case EVP_CTRL_AEAD_TLS1_AAD:
-		/* Save the AAD for later use */
-		if (arg != 13)
-			return 0;
-		memcpy(c->buf, ptr, arg);
-		gctx->tls_aad_len = arg;
-		{
-			unsigned int len = c->buf[arg - 2] << 8 |
-			    c->buf[arg - 1];
-
-			/* Correct length for explicit IV */
-			len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
-
-			/* If decrypting correct for tag too */
-			if (!c->encrypt)
-				len -= EVP_GCM_TLS_TAG_LEN;
-			c->buf[arg - 2] = len >> 8;
-			c->buf[arg - 1] = len & 0xff;
-		}
-		/* Extra padding: tag appended to record */
-		return EVP_GCM_TLS_TAG_LEN;
-
-	case EVP_CTRL_COPY:
-	    {
-		EVP_CIPHER_CTX *out = ptr;
-		EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
-
-		if (gctx->gcm.key) {
-			if (gctx->gcm.key != &gctx->ks)
-				return 0;
-			gctx_out->gcm.key = &gctx_out->ks;
-		}
-		if (gctx->iv == c->iv)
-			gctx_out->iv = out->iv;
-		else {
-			gctx_out->iv = malloc(gctx->ivlen);
-			if (!gctx_out->iv)
-				return 0;
-			memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
-		}
-		return 1;
-	    }
-
-	default:
-		return -1;
-
-	}
-}
-
-static ctr128_f
-aes_gcm_set_key(AES_KEY *aes_key, GCM128_CONTEXT *gcm_ctx,
-    const unsigned char *key, size_t key_len)
-{
-#ifdef BSAES_CAPABLE
-	if (BSAES_CAPABLE) {
-		AES_set_encrypt_key(key, key_len * 8, aes_key);
-		CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt);
-		return (ctr128_f)bsaes_ctr32_encrypt_blocks;
-	} else
-#endif
-#ifdef VPAES_CAPABLE
-	if (VPAES_CAPABLE) {
-		vpaes_set_encrypt_key(key, key_len * 8, aes_key);
-		CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)vpaes_encrypt);
-		return NULL;
-	} else
-#endif
-		(void)0; /* terminate potentially open 'else' */
-
-	AES_set_encrypt_key(key, key_len * 8, aes_key);
-	CRYPTO_gcm128_init(gcm_ctx, aes_key, (block128_f)AES_encrypt);
-#ifdef AES_CTR_ASM
-	return (ctr128_f)AES_ctr32_encrypt;
-#else
-	return NULL;
-#endif
-}
-
-static int
-aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-	if (key) {
-		gctx->ctr = aes_gcm_set_key(&gctx->ks, &gctx->gcm,
-		    key, ctx->key_len);
-
-		/* If we have an iv can set it directly, otherwise use
-		 * saved IV.
-		 */
-		if (iv == NULL && gctx->iv_set)
-			iv = gctx->iv;
-		if (iv) {
-			CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-			gctx->iv_set = 1;
-		}
-		gctx->key_set = 1;
-	} else {
-		/* If key set use IV, otherwise copy */
-		if (gctx->key_set)
-			CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
-		else
-			memcpy(gctx->iv, iv, gctx->ivlen);
-		gctx->iv_set = 1;
-		gctx->iv_gen = 0;
-	}
-	return 1;
-}
-
-/* Handle TLS GCM packet format. This consists of the last portion of the IV
- * followed by the payload and finally the tag. On encrypt generate IV,
- * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
- * and verify tag.
- */
-
-static int
-aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-	int rv = -1;
-
-	/* Encrypt/decrypt must be performed in place */
-	if (out != in ||
-	    len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
-		return -1;
-
-	/* Set IV from start of buffer or generate IV and write to start
-	 * of buffer.
-	 */
-	if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
-	    EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
-	    EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
-		goto err;
-
-	/* Use saved AAD */
-	if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
-		goto err;
-
-	/* Fix buffer and length to point to payload */
-	in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-	out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-	len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
-	if (ctx->encrypt) {
-		/* Encrypt payload */
-		if (gctx->ctr) {
-			if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in, out,
-			    len, gctx->ctr))
-				goto err;
-		} else {
-			if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, len))
-				goto err;
-		}
-		out += len;
-
-		/* Finally write tag */
-		CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
-		rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
-	} else {
-		/* Decrypt */
-		if (gctx->ctr) {
-			if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in, out,
-			    len, gctx->ctr))
-				goto err;
-		} else {
-			if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, len))
-				goto err;
-		}
-		/* Retrieve tag */
-		CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
-
-		/* If tag mismatch wipe buffer */
-		if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
-			explicit_bzero(out, len);
-			goto err;
-		}
-		rv = len;
-	}
-
-err:
-	gctx->iv_set = 0;
-	gctx->tls_aad_len = -1;
-	return rv;
-}
-
-static int
-aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
-
-	/* If not set up, return error */
-	if (!gctx->key_set)
-		return -1;
-
-	if (gctx->tls_aad_len >= 0)
-		return aes_gcm_tls_cipher(ctx, out, in, len);
-
-	if (!gctx->iv_set)
-		return -1;
-
-	if (in) {
-		if (out == NULL) {
-			if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
-				return -1;
-		} else if (ctx->encrypt) {
-			if (gctx->ctr) {
-				if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
-				    in, out, len, gctx->ctr))
-					return -1;
-			} else {
-				if (CRYPTO_gcm128_encrypt(&gctx->gcm,
-				    in, out, len))
-					return -1;
-			}
-		} else {
-			if (gctx->ctr) {
-				if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
-				    in, out, len, gctx->ctr))
-					return -1;
-			} else {
-				if (CRYPTO_gcm128_decrypt(&gctx->gcm,
-				    in, out, len))
-					return -1;
-			}
-		}
-		return len;
-	} else {
-		if (!ctx->encrypt) {
-			if (gctx->taglen < 0)
-				return -1;
-			if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf,
-			    gctx->taglen) != 0)
-				return -1;
-			gctx->iv_set = 0;
-			return 0;
-		}
-		CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
-		gctx->taglen = 16;
-
-		/* Don't reuse the IV */
-		gctx->iv_set = 0;
-		return 0;
-	}
-
-}
-
-#define CUSTOM_FLAGS \
-    ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \
-      EVP_CIPH_FLAG_CUSTOM_CIPHER | EVP_CIPH_ALWAYS_CALL_INIT | \
-      EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY )
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
-    EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
-    EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
-    EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS)
-
-static int
-aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	EVP_AES_XTS_CTX *xctx = c->cipher_data;
-
-	switch (type) {
-	case EVP_CTRL_INIT:
-		/*
-		 * key1 and key2 are used as an indicator both key and IV
-		 * are set
-		 */
-		xctx->xts.key1 = NULL;
-		xctx->xts.key2 = NULL;
-		return 1;
-
-	case EVP_CTRL_COPY:
-	    {
-		EVP_CIPHER_CTX *out = ptr;
-		EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
-
-		if (xctx->xts.key1) {
-			if (xctx->xts.key1 != &xctx->ks1)
-				return 0;
-			xctx_out->xts.key1 = &xctx_out->ks1;
-		}
-		if (xctx->xts.key2) {
-			if (xctx->xts.key2 != &xctx->ks2)
-				return 0;
-			xctx_out->xts.key2 = &xctx_out->ks2;
-		}
-		return 1;
-	    }
-	}
-	return -1;
-}
-
-static int
-aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-
-	if (key) do {
-#ifdef AES_XTS_ASM
-		xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
-#else
-		xctx->stream = NULL;
-#endif
-		/* key_len is two AES keys */
-#ifdef BSAES_CAPABLE
-		if (BSAES_CAPABLE)
-			xctx->stream = enc ? bsaes_xts_encrypt :
-			    bsaes_xts_decrypt;
-		else
-#endif
-#ifdef VPAES_CAPABLE
-		if (VPAES_CAPABLE) {
-			if (enc) {
-				vpaes_set_encrypt_key(key, ctx->key_len * 4,
-				    &xctx->ks1);
-				xctx->xts.block1 = (block128_f)vpaes_encrypt;
-			} else {
-				vpaes_set_decrypt_key(key, ctx->key_len * 4,
-				    &xctx->ks1);
-				xctx->xts.block1 = (block128_f)vpaes_decrypt;
-			}
-
-			vpaes_set_encrypt_key(key + ctx->key_len / 2,
-			    ctx->key_len * 4, &xctx->ks2);
-			xctx->xts.block2 = (block128_f)vpaes_encrypt;
-
-			xctx->xts.key1 = &xctx->ks1;
-			break;
-		} else
-#endif
-			(void)0;	/* terminate potentially open 'else' */
-
-		if (enc) {
-			AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
-			xctx->xts.block1 = (block128_f)AES_encrypt;
-		} else {
-			AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
-			xctx->xts.block1 = (block128_f)AES_decrypt;
-		}
-
-		AES_set_encrypt_key(key + ctx->key_len / 2,
-		    ctx->key_len * 4, &xctx->ks2);
-		xctx->xts.block2 = (block128_f)AES_encrypt;
-
-		xctx->xts.key1 = &xctx->ks1;
-	} while (0);
-
-	if (iv) {
-		xctx->xts.key2 = &xctx->ks2;
-		memcpy(ctx->iv, iv, 16);
-	}
-
-	return 1;
-}
-
-static int
-aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
-
-	if (!xctx->xts.key1 || !xctx->xts.key2)
-		return 0;
-	if (!out || !in || len < AES_BLOCK_SIZE)
-		return 0;
-
-	if (xctx->stream)
-		(*xctx->stream)(in, out, len, xctx->xts.key1, xctx->xts.key2,
-		    ctx->iv);
-	else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
-	    ctx->encrypt))
-		return 0;
-	return 1;
-}
-
-#define aes_xts_cleanup NULL
-
-#define XTS_FLAGS \
-    ( EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV | \
-      EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT | EVP_CIPH_CUSTOM_COPY )
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS, EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS, EVP_CIPH_FLAG_FIPS|XTS_FLAGS)
-
-static int
-aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	EVP_AES_CCM_CTX *cctx = c->cipher_data;
-
-	switch (type) {
-	case EVP_CTRL_INIT:
-		cctx->key_set = 0;
-		cctx->iv_set = 0;
-		cctx->L = 8;
-		cctx->M = 12;
-		cctx->tag_set = 0;
-		cctx->len_set = 0;
-		return 1;
-
-	case EVP_CTRL_CCM_SET_IVLEN:
-		arg = 15 - arg;
-
-	case EVP_CTRL_CCM_SET_L:
-		if (arg < 2 || arg > 8)
-			return 0;
-		cctx->L = arg;
-		return 1;
-
-	case EVP_CTRL_CCM_SET_TAG:
-		if ((arg & 1) || arg < 4 || arg > 16)
-			return 0;
-		if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
-			return 0;
-		if (ptr) {
-			cctx->tag_set = 1;
-			memcpy(c->buf, ptr, arg);
-		}
-		cctx->M = arg;
-		return 1;
-
-	case EVP_CTRL_CCM_GET_TAG:
-		if (!c->encrypt || !cctx->tag_set)
-			return 0;
-		if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
-			return 0;
-		cctx->tag_set = 0;
-		cctx->iv_set = 0;
-		cctx->len_set = 0;
-		return 1;
-
-	case EVP_CTRL_COPY:
-	    {
-		EVP_CIPHER_CTX *out = ptr;
-		EVP_AES_CCM_CTX *cctx_out = out->cipher_data;
-
-		if (cctx->ccm.key) {
-			if (cctx->ccm.key != &cctx->ks)
-				return 0;
-			cctx_out->ccm.key = &cctx_out->ks;
-		}
-		return 1;
-	    }
-
-	default:
-		return -1;
-	}
-}
-
-static int
-aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-
-	if (!iv && !key)
-		return 1;
-	if (key) do {
-#ifdef VPAES_CAPABLE
-		if (VPAES_CAPABLE) {
-			vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
-			CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-			    &cctx->ks, (block128_f)vpaes_encrypt);
-			cctx->str = NULL;
-			cctx->key_set = 1;
-			break;
-		}
-#endif
-		AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks);
-		CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
-		    &cctx->ks, (block128_f)AES_encrypt);
-		cctx->str = NULL;
-		cctx->key_set = 1;
-	} while (0);
-	if (iv) {
-		memcpy(ctx->iv, iv, 15 - cctx->L);
-		cctx->iv_set = 1;
-	}
-	return 1;
-}
-
-static int
-aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
-	CCM128_CONTEXT *ccm = &cctx->ccm;
-
-	/* If not set up, return error */
-	if (!cctx->iv_set && !cctx->key_set)
-		return -1;
-	if (!ctx->encrypt && !cctx->tag_set)
-		return -1;
-
-	if (!out) {
-		if (!in) {
-			if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L,
-			    len))
-				return -1;
-			cctx->len_set = 1;
-			return len;
-		}
-		/* If have AAD need message length */
-		if (!cctx->len_set && len)
-			return -1;
-		CRYPTO_ccm128_aad(ccm, in, len);
-		return len;
-	}
-	/* EVP_*Final() doesn't return any data */
-	if (!in)
-		return 0;
-	/* If not set length yet do it */
-	if (!cctx->len_set) {
-		if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
-			return -1;
-		cctx->len_set = 1;
-	}
-	if (ctx->encrypt) {
-		if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
-		    cctx->str) : CRYPTO_ccm128_encrypt(ccm, in, out, len))
-			return -1;
-		cctx->tag_set = 1;
-		return len;
-	} else {
-		int rv = -1;
-		if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
-		    cctx->str) : !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
-			unsigned char tag[16];
-			if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
-				if (!memcmp(tag, ctx->buf, cctx->M))
-					rv = len;
-			}
-		}
-		if (rv == -1)
-			explicit_bzero(out, len);
-		cctx->iv_set = 0;
-		cctx->tag_set = 0;
-		cctx->len_set = 0;
-		return rv;
-	}
-
-}
-
-#define aes_ccm_cleanup NULL
-
-BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
-    EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
-    EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
-BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
-    EVP_CIPH_FLAG_FIPS|CUSTOM_FLAGS)
-
-#define EVP_AEAD_AES_GCM_TAG_LEN 16
-
-struct aead_aes_gcm_ctx {
-	union {
-		double align;
-		AES_KEY ks;
-	} ks;
-	GCM128_CONTEXT gcm;
-	ctr128_f ctr;
-	unsigned char tag_len;
-};
-
-static int
-aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const unsigned char *key, size_t key_len,
-    size_t tag_len)
-{
-	struct aead_aes_gcm_ctx *gcm_ctx;
-	const size_t key_bits = key_len * 8;
-
-	/* EVP_AEAD_CTX_init should catch this. */
-	if (key_bits != 128 && key_bits != 256) {
-		EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_BAD_KEY_LENGTH);
-		return 0;
-	}
-
-	if (tag_len == EVP_AEAD_DEFAULT_TAG_LENGTH)
-		tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
-
-	if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) {
-		EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_TAG_TOO_LARGE);
-		return 0;
-	}
-
-	gcm_ctx = malloc(sizeof(struct aead_aes_gcm_ctx));
-	if (gcm_ctx == NULL)
-		return 0;
-
-#ifdef AESNI_CAPABLE
-	if (AESNI_CAPABLE) {
-		aesni_set_encrypt_key(key, key_bits, &gcm_ctx->ks.ks);
-		CRYPTO_gcm128_init(&gcm_ctx->gcm, &gcm_ctx->ks.ks,
-		    (block128_f)aesni_encrypt);
-		gcm_ctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
-	} else
-#endif
-	{
-		gcm_ctx->ctr = aes_gcm_set_key(&gcm_ctx->ks.ks, &gcm_ctx->gcm,
-		    key, key_len);
-	}
-	gcm_ctx->tag_len = tag_len;
-	ctx->aead_state = gcm_ctx;
-
-	return 1;
-}
-
-static void
-aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx)
-{
-	struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
-
-	explicit_bzero(gcm_ctx, sizeof(*gcm_ctx));
-	free(gcm_ctx);
-}
-
-static int
-aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
-    size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
-    const unsigned char *in, size_t in_len, const unsigned char *ad,
-    size_t ad_len)
-{
-	const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
-	GCM128_CONTEXT gcm;
-	size_t bulk = 0;
-
-	if (max_out_len < in_len + gcm_ctx->tag_len) {
-		EVPerr(EVP_F_AEAD_AES_GCM_SEAL, EVP_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-
-	memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
-	CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len);
-
-	if (ad_len > 0 && CRYPTO_gcm128_aad(&gcm, ad, ad_len))
-		return 0;
-
-	if (gcm_ctx->ctr) {
-		if (CRYPTO_gcm128_encrypt_ctr32(&gcm, in + bulk, out + bulk,
-		    in_len - bulk, gcm_ctx->ctr))
-			return 0;
-	} else {
-		if (CRYPTO_gcm128_encrypt(&gcm, in + bulk, out + bulk,
-		    in_len - bulk))
-			return 0;
-	}
-
-	CRYPTO_gcm128_tag(&gcm, out + in_len, gcm_ctx->tag_len);
-	*out_len = in_len + gcm_ctx->tag_len;
-
-	return 1;
-}
-
-static int
-aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
-    size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
-    const unsigned char *in, size_t in_len, const unsigned char *ad,
-    size_t ad_len)
-{
-	const struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
-	unsigned char tag[EVP_AEAD_AES_GCM_TAG_LEN];
-	GCM128_CONTEXT gcm;
-	size_t plaintext_len;
-	size_t bulk = 0;
-
-	if (in_len < gcm_ctx->tag_len) {
-		EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
-		return 0;
-	}
-
-	plaintext_len = in_len - gcm_ctx->tag_len;
-
-	if (max_out_len < plaintext_len) {
-		EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-
-	memcpy(&gcm, &gcm_ctx->gcm, sizeof(gcm));
-	CRYPTO_gcm128_setiv(&gcm, nonce, nonce_len);
-
-	if (CRYPTO_gcm128_aad(&gcm, ad, ad_len))
-		return 0;
-
-	if (gcm_ctx->ctr) {
-		if (CRYPTO_gcm128_decrypt_ctr32(&gcm, in + bulk, out + bulk,
-		    in_len - bulk - gcm_ctx->tag_len, gcm_ctx->ctr))
-			return 0;
-	} else {
-		if (CRYPTO_gcm128_decrypt(&gcm, in + bulk, out + bulk,
-		    in_len - bulk - gcm_ctx->tag_len))
-			return 0;
-	}
-
-	CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
-	if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
-		EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT);
-		return 0;
-	}
-
-	*out_len = plaintext_len;
-
-	return 1;
-}
-
-static const EVP_AEAD aead_aes_128_gcm = {
-	.key_len = 16,
-	.nonce_len = 12,
-	.overhead = EVP_AEAD_AES_GCM_TAG_LEN,
-	.max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN,
-
-	.init = aead_aes_gcm_init,
-	.cleanup = aead_aes_gcm_cleanup,
-	.seal = aead_aes_gcm_seal,
-	.open = aead_aes_gcm_open,
-};
-
-static const EVP_AEAD aead_aes_256_gcm = {
-	.key_len = 32,
-	.nonce_len = 12,
-	.overhead = EVP_AEAD_AES_GCM_TAG_LEN,
-	.max_tag_len = EVP_AEAD_AES_GCM_TAG_LEN,
-
-	.init = aead_aes_gcm_init,
-	.cleanup = aead_aes_gcm_cleanup,
-	.seal = aead_aes_gcm_seal,
-	.open = aead_aes_gcm_open,
-};
-
-const EVP_AEAD *
-EVP_aead_aes_128_gcm(void)
-{
-	return &aead_aes_128_gcm;
-}
-
-const EVP_AEAD *
-EVP_aead_aes_256_gcm(void)
-{
-	return &aead_aes_256_gcm;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_aes_cbc_hmac_sha1.c b/lib/libssl/src/crypto/evp/e_aes_cbc_hmac_sha1.c
deleted file mode 100644
index 8574823aed3..00000000000
--- a/lib/libssl/src/crypto/evp/e_aes_cbc_hmac_sha1.c
+++ /dev/null
@@ -1,604 +0,0 @@
-/* $OpenBSD: e_aes_cbc_hmac_sha1.c,v 1.12 2016/05/04 15:01:33 tedu Exp $ */
-/* ====================================================================
- * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/aes.h>
-#include <openssl/sha.h>
-#include "evp_locl.h"
-#include "constant_time_locl.h"
-
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#define EVP_CIPH_FLAG_AEAD_CIPHER	0x200000
-#define EVP_CTRL_AEAD_TLS1_AAD		0x16
-#define EVP_CTRL_AEAD_SET_MAC_KEY	0x17
-#endif
-
-#define TLS1_1_VERSION 0x0302
-
-typedef struct {
-	AES_KEY		ks;
-	SHA_CTX		head, tail, md;
-	size_t		payload_length;	/* AAD length in decrypt case */
-	union {
-		unsigned int	tls_ver;
-		unsigned char	tls_aad[16];	/* 13 used */
-	} aux;
-} EVP_AES_HMAC_SHA1;
-
-#define NO_PAYLOAD_LENGTH	((size_t)-1)
-
-#if	defined(AES_ASM) &&	( \
-	defined(__x86_64)	|| defined(__x86_64__)	|| \
-	defined(_M_AMD64)	|| defined(_M_X64)	|| \
-	defined(__INTEL__)	)
-
-#if defined(__GNUC__) && __GNUC__>=2
-# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
-#endif
-
-extern unsigned int OPENSSL_ia32cap_P[2];
-#define AESNI_CAPABLE   (1<<(57-32))
-
-int aesni_set_encrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
-int aesni_set_decrypt_key(const unsigned char *userKey, int bits, AES_KEY *key);
-
-void aesni_cbc_encrypt(const unsigned char *in, unsigned char *out,
-    size_t length, const AES_KEY *key, unsigned char *ivec, int enc);
-
-void aesni_cbc_sha1_enc (const void *inp, void *out, size_t blocks,
-    const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0);
-
-#define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
-
-static int
-aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
-    const unsigned char *iv, int enc)
-{
-	EVP_AES_HMAC_SHA1 *key = data(ctx);
-	int ret;
-
-	if (enc)
-		ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
-	else
-		ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
-
-	SHA1_Init(&key->head);	/* handy when benchmarking */
-	key->tail = key->head;
-	key->md = key->head;
-
-	key->payload_length = NO_PAYLOAD_LENGTH;
-
-	return ret < 0 ? 0 : 1;
-}
-
-#define	STITCHED_CALL
-
-#if !defined(STITCHED_CALL)
-#define	aes_off 0
-#endif
-
-void sha1_block_data_order (void *c, const void *p, size_t len);
-
-static void
-sha1_update(SHA_CTX *c, const void *data, size_t len)
-{
-	const unsigned char *ptr = data;
-	size_t res;
-
-	if ((res = c->num)) {
-		res = SHA_CBLOCK - res;
-		if (len < res)
-			res = len;
-		SHA1_Update(c, ptr, res);
-		ptr += res;
-		len -= res;
-	}
-
-	res = len % SHA_CBLOCK;
-	len -= res;
-
-	if (len) {
-		sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
-
-		ptr += len;
-		c->Nh += len >> 29;
-		c->Nl += len <<= 3;
-		if (c->Nl < (unsigned int)len)
-			c->Nh++;
-	}
-
-	if (res)
-		SHA1_Update(c, ptr, res);
-}
-
-#ifdef SHA1_Update
-#undef SHA1_Update
-#endif
-#define SHA1_Update sha1_update
-
-static int
-aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_AES_HMAC_SHA1 *key = data(ctx);
-	unsigned int l;
-	size_t plen = key->payload_length,
-	    iv = 0,		/* explicit IV in TLS 1.1 and later */
-	    sha_off = 0;
-#if defined(STITCHED_CALL)
-	size_t aes_off = 0, blocks;
-
-	sha_off = SHA_CBLOCK - key->md.num;
-#endif
-
-	key->payload_length = NO_PAYLOAD_LENGTH;
-
-	if (len % AES_BLOCK_SIZE)
-		return 0;
-
-	if (ctx->encrypt) {
-		if (plen == NO_PAYLOAD_LENGTH)
-			plen = len;
-		else if (len != ((plen + SHA_DIGEST_LENGTH + AES_BLOCK_SIZE) &
-		    -AES_BLOCK_SIZE))
-			return 0;
-		else if (key->aux.tls_ver >= TLS1_1_VERSION)
-			iv = AES_BLOCK_SIZE;
-
-#if defined(STITCHED_CALL)
-		if (plen > (sha_off + iv) &&
-		    (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
-			SHA1_Update(&key->md, in + iv, sha_off);
-
-			aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
-			    ctx->iv, &key->md, in + iv + sha_off);
-			blocks *= SHA_CBLOCK;
-			aes_off += blocks;
-			sha_off += blocks;
-			key->md.Nh += blocks >> 29;
-			key->md.Nl += blocks <<= 3;
-			if (key->md.Nl < (unsigned int)blocks)
-				key->md.Nh++;
-		} else {
-			sha_off = 0;
-		}
-#endif
-		sha_off += iv;
-		SHA1_Update(&key->md, in + sha_off, plen - sha_off);
-
-		if (plen != len) {	/* "TLS" mode of operation */
-			if (in != out)
-				memcpy(out + aes_off, in + aes_off,
-				    plen - aes_off);
-
-			/* calculate HMAC and append it to payload */
-			SHA1_Final(out + plen, &key->md);
-			key->md = key->tail;
-			SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
-			SHA1_Final(out + plen, &key->md);
-
-			/* pad the payload|hmac */
-			plen += SHA_DIGEST_LENGTH;
-			for (l = len - plen - 1; plen < len; plen++)
-				out[plen] = l;
-
-			/* encrypt HMAC|padding at once */
-			aesni_cbc_encrypt(out + aes_off, out + aes_off,
-			    len - aes_off, &key->ks, ctx->iv, 1);
-		} else {
-			aesni_cbc_encrypt(in + aes_off, out + aes_off,
-			    len - aes_off, &key->ks, ctx->iv, 1);
-		}
-	} else {
-		union {
-			unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
-			unsigned char c[32 + SHA_DIGEST_LENGTH];
-		} mac, *pmac;
-
-		/* arrange cache line alignment */
-		pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
-
-		/* decrypt HMAC|padding at once */
-		aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
-
-		if (plen) {	/* "TLS" mode of operation */
-			size_t inp_len, mask, j, i;
-			unsigned int res, maxpad, pad, bitlen;
-			int ret = 1;
-			union {
-				unsigned int u[SHA_LBLOCK];
-				unsigned char c[SHA_CBLOCK];
-			}
-			*data = (void *)key->md.data;
-
-			if ((key->aux.tls_aad[plen - 4] << 8 |
-			    key->aux.tls_aad[plen - 3]) >= TLS1_1_VERSION)
-				iv = AES_BLOCK_SIZE;
-
-			if (len < (iv + SHA_DIGEST_LENGTH + 1))
-				return 0;
-
-			/* omit explicit iv */
-			out += iv;
-			len -= iv;
-
-			/* figure out payload length */
-			pad = out[len - 1];
-			maxpad = len - (SHA_DIGEST_LENGTH + 1);
-			maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
-			maxpad &= 255;
-
-			ret &= constant_time_ge(maxpad, pad);
-
-			inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
-			mask = (0 - ((inp_len - len) >>
-			    (sizeof(inp_len) * 8 - 1)));
-			inp_len &= mask;
-			ret &= (int)mask;
-
-			key->aux.tls_aad[plen - 2] = inp_len >> 8;
-			key->aux.tls_aad[plen - 1] = inp_len;
-
-			/* calculate HMAC */
-			key->md = key->head;
-			SHA1_Update(&key->md, key->aux.tls_aad, plen);
-
-#if 1
-			len -= SHA_DIGEST_LENGTH;		/* amend mac */
-			if (len >= (256 + SHA_CBLOCK)) {
-				j = (len - (256 + SHA_CBLOCK)) &
-				    (0 - SHA_CBLOCK);
-				j += SHA_CBLOCK - key->md.num;
-				SHA1_Update(&key->md, out, j);
-				out += j;
-				len -= j;
-				inp_len -= j;
-			}
-
-			/* but pretend as if we hashed padded payload */
-			bitlen = key->md.Nl + (inp_len << 3);	/* at most 18 bits */
-#ifdef BSWAP
-			bitlen = BSWAP(bitlen);
-#else
-			mac.c[0] = 0;
-			mac.c[1] = (unsigned char)(bitlen >> 16);
-			mac.c[2] = (unsigned char)(bitlen >> 8);
-			mac.c[3] = (unsigned char)bitlen;
-			bitlen = mac.u[0];
-#endif
-
-			pmac->u[0] = 0;
-			pmac->u[1] = 0;
-			pmac->u[2] = 0;
-			pmac->u[3] = 0;
-			pmac->u[4] = 0;
-
-			for (res = key->md.num, j = 0; j < len; j++) {
-				size_t c = out[j];
-				mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
-				c &= mask;
-				c |= 0x80 & ~mask &
-				    ~((inp_len - j) >> (sizeof(j) * 8 - 8));
-				data->c[res++] = (unsigned char)c;
-
-				if (res != SHA_CBLOCK)
-					continue;
-
-				/* j is not incremented yet */
-				mask = 0 - ((inp_len + 7 - j) >>
-				    (sizeof(j) * 8 - 1));
-				data->u[SHA_LBLOCK - 1] |= bitlen&mask;
-				sha1_block_data_order(&key->md, data, 1);
-				mask &= 0 - ((j - inp_len - 72) >>
-				    (sizeof(j) * 8 - 1));
-				pmac->u[0] |= key->md.h0 & mask;
-				pmac->u[1] |= key->md.h1 & mask;
-				pmac->u[2] |= key->md.h2 & mask;
-				pmac->u[3] |= key->md.h3 & mask;
-				pmac->u[4] |= key->md.h4 & mask;
-				res = 0;
-			}
-
-			for (i = res; i < SHA_CBLOCK; i++, j++)
-				data->c[i] = 0;
-
-			if (res > SHA_CBLOCK - 8) {
-				mask = 0 - ((inp_len + 8 - j) >>
-				    (sizeof(j) * 8 - 1));
-				data->u[SHA_LBLOCK - 1] |= bitlen & mask;
-				sha1_block_data_order(&key->md, data, 1);
-				mask &= 0 - ((j - inp_len - 73) >>
-				    (sizeof(j) * 8 - 1));
-				pmac->u[0] |= key->md.h0 & mask;
-				pmac->u[1] |= key->md.h1 & mask;
-				pmac->u[2] |= key->md.h2 & mask;
-				pmac->u[3] |= key->md.h3 & mask;
-				pmac->u[4] |= key->md.h4 & mask;
-
-				memset(data, 0, SHA_CBLOCK);
-				j += 64;
-			}
-			data->u[SHA_LBLOCK - 1] = bitlen;
-			sha1_block_data_order(&key->md, data, 1);
-			mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
-			pmac->u[0] |= key->md.h0 & mask;
-			pmac->u[1] |= key->md.h1 & mask;
-			pmac->u[2] |= key->md.h2 & mask;
-			pmac->u[3] |= key->md.h3 & mask;
-			pmac->u[4] |= key->md.h4 & mask;
-
-#ifdef BSWAP
-			pmac->u[0] = BSWAP(pmac->u[0]);
-			pmac->u[1] = BSWAP(pmac->u[1]);
-			pmac->u[2] = BSWAP(pmac->u[2]);
-			pmac->u[3] = BSWAP(pmac->u[3]);
-			pmac->u[4] = BSWAP(pmac->u[4]);
-#else
-			for (i = 0; i < 5; i++) {
-				res = pmac->u[i];
-				pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
-				pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
-				pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
-				pmac->c[4 * i + 3] = (unsigned char)res;
-			}
-#endif
-			len += SHA_DIGEST_LENGTH;
-#else
-			SHA1_Update(&key->md, out, inp_len);
-			res = key->md.num;
-			SHA1_Final(pmac->c, &key->md);
-
-			{
-				unsigned int inp_blocks, pad_blocks;
-
-				/* but pretend as if we hashed padded payload */
-				inp_blocks = 1 + ((SHA_CBLOCK - 9 - res) >>
-				    (sizeof(res) * 8 - 1));
-				res += (unsigned int)(len - inp_len);
-				pad_blocks = res / SHA_CBLOCK;
-				res %= SHA_CBLOCK;
-				pad_blocks += 1 + ((SHA_CBLOCK - 9 - res) >>
-				    (sizeof(res) * 8 - 1));
-				for (; inp_blocks < pad_blocks; inp_blocks++)
-					sha1_block_data_order(&key->md,
-					    data, 1);
-			}
-#endif
-			key->md = key->tail;
-			SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
-			SHA1_Final(pmac->c, &key->md);
-
-			/* verify HMAC */
-			out += inp_len;
-			len -= inp_len;
-#if 1
-			{
-				unsigned char *p =
-				    out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
-				size_t off = out - p;
-				unsigned int c, cmask;
-
-				maxpad += SHA_DIGEST_LENGTH;
-				for (res = 0, i = 0, j = 0; j < maxpad; j++) {
-					c = p[j];
-					cmask = ((int)(j - off -
-					    SHA_DIGEST_LENGTH)) >>
-					    (sizeof(int) * 8 - 1);
-					res |= (c ^ pad) & ~cmask;	/* ... and padding */
-					cmask &= ((int)(off - 1 - j)) >>
-					    (sizeof(int) * 8 - 1);
-					res |= (c ^ pmac->c[i]) & cmask;
-					i += 1 & cmask;
-				}
-				maxpad -= SHA_DIGEST_LENGTH;
-
-				res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-				ret &= (int)~res;
-			}
-#else
-			for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
-				res |= out[i] ^ pmac->c[i];
-			res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
-			ret &= (int)~res;
-
-			/* verify padding */
-			pad = (pad & ~res) | (maxpad & res);
-			out = out + len - 1 - pad;
-			for (res = 0, i = 0; i < pad; i++)
-				res |= out[i] ^ pad;
-
-			res = (0 - res) >> (sizeof(res) * 8 - 1);
-			ret &= (int)~res;
-#endif
-			return ret;
-		} else {
-			SHA1_Update(&key->md, out, len);
-		}
-	}
-
-	return 1;
-}
-
-static int
-aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-	EVP_AES_HMAC_SHA1 *key = data(ctx);
-
-	switch (type) {
-	case EVP_CTRL_AEAD_SET_MAC_KEY:
-		{
-			unsigned int  i;
-			unsigned char hmac_key[64];
-
-			memset(hmac_key, 0, sizeof(hmac_key));
-
-			if (arg > (int)sizeof(hmac_key)) {
-				SHA1_Init(&key->head);
-				SHA1_Update(&key->head, ptr, arg);
-				SHA1_Final(hmac_key, &key->head);
-			} else {
-				memcpy(hmac_key, ptr, arg);
-			}
-
-			for (i = 0; i < sizeof(hmac_key); i++)
-				hmac_key[i] ^= 0x36;		/* ipad */
-			SHA1_Init(&key->head);
-			SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
-
-			for (i = 0; i < sizeof(hmac_key); i++)
-				hmac_key[i] ^= 0x36 ^ 0x5c;	/* opad */
-			SHA1_Init(&key->tail);
-			SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
-			explicit_bzero(hmac_key, sizeof(hmac_key));
-
-			return 1;
-		}
-	case EVP_CTRL_AEAD_TLS1_AAD:
-		{
-			unsigned char *p = ptr;
-			unsigned int len = p[arg - 2] << 8 | p[arg - 1];
-
-			if (ctx->encrypt) {
-				key->payload_length = len;
-				if ((key->aux.tls_ver = p[arg - 4] << 8 |
-				    p[arg - 3]) >= TLS1_1_VERSION) {
-					len -= AES_BLOCK_SIZE;
-					p[arg - 2] = len >> 8;
-					p[arg - 1] = len;
-				}
-				key->md = key->head;
-				SHA1_Update(&key->md, p, arg);
-
-				return (int)(((len + SHA_DIGEST_LENGTH +
-				    AES_BLOCK_SIZE) & -AES_BLOCK_SIZE) - len);
-			} else {
-				if (arg > 13)
-					arg = 13;
-				memcpy(key->aux.tls_aad, ptr, arg);
-				key->payload_length = arg;
-
-				return SHA_DIGEST_LENGTH;
-			}
-		}
-	default:
-		return -1;
-	}
-}
-
-static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
-#ifdef NID_aes_128_cbc_hmac_sha1
-	.nid = NID_aes_128_cbc_hmac_sha1,
-#else
-	.nid = NID_undef,
-#endif
-	.block_size = 16,
-	.key_len = 16,
-	.iv_len = 16,
-	.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-	    EVP_CIPH_FLAG_AEAD_CIPHER,
-	.init = aesni_cbc_hmac_sha1_init_key,
-	.do_cipher = aesni_cbc_hmac_sha1_cipher,
-	.ctx_size = sizeof(EVP_AES_HMAC_SHA1),
-	.ctrl = aesni_cbc_hmac_sha1_ctrl
-};
-
-static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
-#ifdef NID_aes_256_cbc_hmac_sha1
-	.nid = NID_aes_256_cbc_hmac_sha1,
-#else
-	.nid = NID_undef,
-#endif
-	.block_size = 16,
-	.key_len = 32,
-	.iv_len = 16,
-	.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
-	    EVP_CIPH_FLAG_AEAD_CIPHER,
-	.init = aesni_cbc_hmac_sha1_init_key,
-	.do_cipher = aesni_cbc_hmac_sha1_cipher,
-	.ctx_size = sizeof(EVP_AES_HMAC_SHA1),
-	.ctrl = aesni_cbc_hmac_sha1_ctrl
-};
-
-const EVP_CIPHER *
-EVP_aes_128_cbc_hmac_sha1(void)
-{
-	return OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
-	    &aesni_128_cbc_hmac_sha1_cipher : NULL;
-}
-
-const EVP_CIPHER *
-EVP_aes_256_cbc_hmac_sha1(void)
-{
-	return OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
-	    &aesni_256_cbc_hmac_sha1_cipher : NULL;
-}
-#else
-const EVP_CIPHER *
-EVP_aes_128_cbc_hmac_sha1(void)
-{
-	return NULL;
-}
-
-const EVP_CIPHER *
-EVP_aes_256_cbc_hmac_sha1(void)
-{
-	    return NULL;
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_bf.c b/lib/libssl/src/crypto/evp/e_bf.c
deleted file mode 100644
index 615c9bd7710..00000000000
--- a/lib/libssl/src/crypto/evp/e_bf.c
+++ /dev/null
@@ -1,91 +0,0 @@
-/* $OpenBSD: e_bf.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BF
-
-#include <openssl/blowfish.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-typedef struct {
-	BF_KEY ks;
-} EVP_BF_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_BF_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
-    EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int
-bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	BF_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_camellia.c b/lib/libssl/src/crypto/evp/e_camellia.c
deleted file mode 100644
index e3424cfe94a..00000000000
--- a/lib/libssl/src/crypto/evp/e_camellia.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* $OpenBSD: e_camellia.c,v 1.7 2015/02/10 09:50:12 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_CAMELLIA
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/camellia.h>
-#include "evp_locl.h"
-
-static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-/* Camellia subkey Structure */
-typedef struct {
-	CAMELLIA_KEY ks;
-} EVP_CAMELLIA_KEY;
-
-/* Attribute operation for Camellia */
-#define data(ctx)	EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(camellia_128, ks, Camellia, EVP_CAMELLIA_KEY,
-    NID_camellia_128, 16, 16, 16, 128,
-    0, camellia_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL)
-IMPLEMENT_BLOCK_CIPHER(camellia_192, ks, Camellia, EVP_CAMELLIA_KEY,
-    NID_camellia_192, 16, 24, 16, 128,
-    0, camellia_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL)
-IMPLEMENT_BLOCK_CIPHER(camellia_256, ks, Camellia, EVP_CAMELLIA_KEY,
-    NID_camellia_256, 16, 32, 16, 128,
-    0, camellia_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    NULL)
-
-#define IMPLEMENT_CAMELLIA_CFBR(ksize,cbits)	IMPLEMENT_CFBR(camellia,Camellia,EVP_CAMELLIA_KEY,ks,ksize,cbits,16)
-
-IMPLEMENT_CAMELLIA_CFBR(128, 1)
-IMPLEMENT_CAMELLIA_CFBR(192, 1)
-IMPLEMENT_CAMELLIA_CFBR(256, 1)
-
-IMPLEMENT_CAMELLIA_CFBR(128, 8)
-IMPLEMENT_CAMELLIA_CFBR(192, 8)
-IMPLEMENT_CAMELLIA_CFBR(256, 8)
-
-
-/* The subkey for Camellia is generated. */
-static int
-camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	int ret;
-
-	ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
-
-	if (ret < 0) {
-		EVPerr(EVP_F_CAMELLIA_INIT_KEY,
-		    EVP_R_CAMELLIA_KEY_SETUP_FAILED);
-		return 0;
-	}
-
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_cast.c b/lib/libssl/src/crypto/evp/e_cast.c
deleted file mode 100644
index 707daa96564..00000000000
--- a/lib/libssl/src/crypto/evp/e_cast.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* $OpenBSD: e_cast.c,v 1.7 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_CAST
-
-#include <openssl/cast.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-typedef struct {
-	CAST_KEY ks;
-} EVP_CAST_KEY;
-
-#define data(ctx)	EVP_C_DATA(EVP_CAST_KEY,ctx)
-
-IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
-    NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
-    EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int
-cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_chacha.c b/lib/libssl/src/crypto/evp/e_chacha.c
deleted file mode 100644
index b63f586bba8..00000000000
--- a/lib/libssl/src/crypto/evp/e_chacha.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* $OpenBSD: e_chacha.c,v 1.5 2014/08/04 04:16:11 miod Exp $ */
-/*
- * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_CHACHA
-
-#include <openssl/chacha.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int chacha_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len);
-static int chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-static const EVP_CIPHER chacha20_cipher = {
-	.nid = NID_chacha20,
-	.block_size = 1,
-	.key_len = 32,
-	.iv_len = 8,
-	.flags = EVP_CIPH_STREAM_CIPHER,
-	.init = chacha_init,
-	.do_cipher = chacha_cipher,
-	.ctx_size = sizeof(ChaCha_ctx)
-};
-
-const EVP_CIPHER *
-EVP_chacha20(void)
-{
-	return (&chacha20_cipher);
-}
-
-static int
-chacha_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	ChaCha_set_key((ChaCha_ctx *)ctx->cipher_data, key,
-	    EVP_CIPHER_CTX_key_length(ctx) * 8);
-	if (iv != NULL)
-		ChaCha_set_iv((ChaCha_ctx *)ctx->cipher_data, iv, NULL);
-	return 1;
-}
-
-static int
-chacha_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
-    size_t len)
-{
-	ChaCha((ChaCha_ctx *)ctx->cipher_data, out, in, len);
-	return 1;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_chacha20poly1305.c b/lib/libssl/src/crypto/evp/e_chacha20poly1305.c
deleted file mode 100644
index e5395ad8caf..00000000000
--- a/lib/libssl/src/crypto/evp/e_chacha20poly1305.c
+++ /dev/null
@@ -1,324 +0,0 @@
-/* $OpenBSD: e_chacha20poly1305.c,v 1.14 2016/04/28 16:06:53 jsing Exp $ */
-
-/*
- * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <stdint.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/chacha.h>
-#include <openssl/poly1305.h>
-
-#include "evp_locl.h"
-
-#define POLY1305_TAG_LEN 16
-#define CHACHA20_NONCE_LEN_OLD 8
-
-/*
- * The informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols",
- * introduced a modified AEAD construction that is incompatible with the
- * common style that has been already used in TLS.  The IETF version also
- * adds a constant (salt) that is prepended to the nonce.
- */
-#define CHACHA20_CONSTANT_LEN 4
-#define CHACHA20_IV_LEN 8
-#define CHACHA20_NONCE_LEN (CHACHA20_CONSTANT_LEN + CHACHA20_IV_LEN)
-
-struct aead_chacha20_poly1305_ctx {
-	unsigned char key[32];
-	unsigned char tag_len;
-};
-
-static int
-aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const unsigned char *key,
-    size_t key_len, size_t tag_len)
-{
-	struct aead_chacha20_poly1305_ctx *c20_ctx;
-
-	if (tag_len == 0)
-		tag_len = POLY1305_TAG_LEN;
-
-	if (tag_len > POLY1305_TAG_LEN) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_INIT, EVP_R_TOO_LARGE);
-		return 0;
-	}
-
-	/* Internal error - EVP_AEAD_CTX_init should catch this. */
-	if (key_len != sizeof(c20_ctx->key))
-		return 0;
-
-	c20_ctx = malloc(sizeof(struct aead_chacha20_poly1305_ctx));
-	if (c20_ctx == NULL)
-		return 0;
-
-	memcpy(&c20_ctx->key[0], key, key_len);
-	c20_ctx->tag_len = tag_len;
-	ctx->aead_state = c20_ctx;
-
-	return 1;
-}
-
-static void
-aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx)
-{
-	struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
-
-	explicit_bzero(c20_ctx->key, sizeof(c20_ctx->key));
-	free(c20_ctx);
-}
-
-static void
-poly1305_update_with_length(poly1305_state *poly1305,
-    const unsigned char *data, size_t data_len)
-{
-	size_t j = data_len;
-	unsigned char length_bytes[8];
-	unsigned i;
-
-	for (i = 0; i < sizeof(length_bytes); i++) {
-		length_bytes[i] = j;
-		j >>= 8;
-	}
-
-	if (data != NULL)
-		CRYPTO_poly1305_update(poly1305, data, data_len);
-	CRYPTO_poly1305_update(poly1305, length_bytes, sizeof(length_bytes));
-}
-
-static void
-poly1305_update_with_pad16(poly1305_state *poly1305,
-    const unsigned char *data, size_t data_len)
-{
-	static const unsigned char zero_pad16[16];
-	size_t pad_len;
-
-	CRYPTO_poly1305_update(poly1305, data, data_len);
-
-	/* pad16() is defined in RFC 7539 2.8.1. */
-	if ((pad_len = data_len % 16) == 0)
-		return;
-
-	CRYPTO_poly1305_update(poly1305, zero_pad16, 16 - pad_len);
-}
-
-static int
-aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
-    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-    size_t nonce_len, const unsigned char *in, size_t in_len,
-    const unsigned char *ad, size_t ad_len)
-{
-	const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
-	unsigned char poly1305_key[32];
-	poly1305_state poly1305;
-	const unsigned char *iv;
-	const uint64_t in_len_64 = in_len;
-	uint64_t ctr;
-
-	/* The underlying ChaCha implementation may not overflow the block
-	 * counter into the second counter word. Therefore we disallow
-	 * individual operations that work on more than 2TB at a time.
-	 * in_len_64 is needed because, on 32-bit platforms, size_t is only
-	 * 32-bits and this produces a warning because it's always false.
-	 * Casting to uint64_t inside the conditional is not sufficient to stop
-	 * the warning. */
-	if (in_len_64 >= (1ULL << 32) * 64 - 64) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_TOO_LARGE);
-		return 0;
-	}
-
-	if (max_out_len < in_len + c20_ctx->tag_len) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL,
-		    EVP_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-
-	if (nonce_len != ctx->aead->nonce_len) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_IV_TOO_LARGE);
-		return 0;
-	}
-
-	if (nonce_len == CHACHA20_NONCE_LEN_OLD) {
-		/* Google's draft-agl-tls-chacha20poly1305-04, Nov 2013 */
-
-		memset(poly1305_key, 0, sizeof(poly1305_key));
-		CRYPTO_chacha_20(poly1305_key, poly1305_key,
-		    sizeof(poly1305_key), c20_ctx->key, nonce, 0);
-
-		CRYPTO_poly1305_init(&poly1305, poly1305_key);
-		poly1305_update_with_length(&poly1305, ad, ad_len);
-		CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, nonce, 1);
-		poly1305_update_with_length(&poly1305, out, in_len);
-	} else if (nonce_len == CHACHA20_NONCE_LEN) {
-		/* RFC 7539, May 2015 */
-
-		ctr = (uint64_t)(nonce[0] | nonce[1] << 8 |
-		    nonce[2] << 16 | nonce[3] << 24) << 32;
-		iv = nonce + CHACHA20_CONSTANT_LEN;
-
-		memset(poly1305_key, 0, sizeof(poly1305_key));
-		CRYPTO_chacha_20(poly1305_key, poly1305_key,
-		    sizeof(poly1305_key), c20_ctx->key, iv, ctr);
-
-		CRYPTO_poly1305_init(&poly1305, poly1305_key);
-		poly1305_update_with_pad16(&poly1305, ad, ad_len);
-		CRYPTO_chacha_20(out, in, in_len, c20_ctx->key, iv, ctr + 1);
-		poly1305_update_with_pad16(&poly1305, out, in_len);
-		poly1305_update_with_length(&poly1305, NULL, ad_len);
-		poly1305_update_with_length(&poly1305, NULL, in_len);
-	}
-
-	if (c20_ctx->tag_len != POLY1305_TAG_LEN) {
-		unsigned char tag[POLY1305_TAG_LEN];
-		CRYPTO_poly1305_finish(&poly1305, tag);
-		memcpy(out + in_len, tag, c20_ctx->tag_len);
-		*out_len = in_len + c20_ctx->tag_len;
-		return 1;
-	}
-
-	CRYPTO_poly1305_finish(&poly1305, out + in_len);
-	*out_len = in_len + POLY1305_TAG_LEN;
-	return 1;
-}
-
-static int
-aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
-    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-    size_t nonce_len, const unsigned char *in, size_t in_len,
-    const unsigned char *ad, size_t ad_len)
-{
-	const struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
-	unsigned char mac[POLY1305_TAG_LEN];
-	unsigned char poly1305_key[32];
-	const unsigned char *iv = nonce;
-	poly1305_state poly1305;
-	const uint64_t in_len_64 = in_len;
-	size_t plaintext_len;
-	uint64_t ctr = 0;
-
-	if (in_len < c20_ctx->tag_len) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
-		return 0;
-	}
-
-	/* The underlying ChaCha implementation may not overflow the block
-	 * counter into the second counter word. Therefore we disallow
-	 * individual operations that work on more than 2TB at a time.
-	 * in_len_64 is needed because, on 32-bit platforms, size_t is only
-	 * 32-bits and this produces a warning because it's always false.
-	 * Casting to uint64_t inside the conditional is not sufficient to stop
-	 * the warning. */
-	if (in_len_64 >= (1ULL << 32) * 64 - 64) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_TOO_LARGE);
-		return 0;
-	}
-
-	if (nonce_len != ctx->aead->nonce_len) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_IV_TOO_LARGE);
-		return 0;
-	}
-
-	plaintext_len = in_len - c20_ctx->tag_len;
-
-	if (max_out_len < plaintext_len) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN,
-		    EVP_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-
-	if (nonce_len == CHACHA20_NONCE_LEN_OLD) {
-		/* Google's draft-agl-tls-chacha20poly1305-04, Nov 2013 */
-
-		memset(poly1305_key, 0, sizeof(poly1305_key));
-		CRYPTO_chacha_20(poly1305_key, poly1305_key,
-		    sizeof(poly1305_key), c20_ctx->key, nonce, 0);
-
-		CRYPTO_poly1305_init(&poly1305, poly1305_key);
-		poly1305_update_with_length(&poly1305, ad, ad_len);
-		poly1305_update_with_length(&poly1305, in, plaintext_len);
-	} else if (nonce_len == CHACHA20_NONCE_LEN) {
-		/* RFC 7539, May 2015 */
-
-		ctr = (uint64_t)(nonce[0] | nonce[1] << 8 |
-		    nonce[2] << 16 | nonce[3] << 24) << 32;
-		iv = nonce + CHACHA20_CONSTANT_LEN;
-
-		memset(poly1305_key, 0, sizeof(poly1305_key));
-		CRYPTO_chacha_20(poly1305_key, poly1305_key,
-		    sizeof(poly1305_key), c20_ctx->key, iv, ctr);
-
-		CRYPTO_poly1305_init(&poly1305, poly1305_key);
-		poly1305_update_with_pad16(&poly1305, ad, ad_len);
-		poly1305_update_with_pad16(&poly1305, in, plaintext_len);
-		poly1305_update_with_length(&poly1305, NULL, ad_len);
-		poly1305_update_with_length(&poly1305, NULL, plaintext_len);
-	}
-
-	CRYPTO_poly1305_finish(&poly1305, mac);
-
-	if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) {
-		EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT);
-		return 0;
-	}
-
-	CRYPTO_chacha_20(out, in, plaintext_len, c20_ctx->key, iv, ctr + 1);
-	*out_len = plaintext_len;
-	return 1;
-}
-
-static const EVP_AEAD aead_chacha20_poly1305 = {
-	.key_len = 32,
-	.nonce_len = CHACHA20_NONCE_LEN,
-	.overhead = POLY1305_TAG_LEN,
-	.max_tag_len = POLY1305_TAG_LEN,
-
-	.init = aead_chacha20_poly1305_init,
-	.cleanup = aead_chacha20_poly1305_cleanup,
-	.seal = aead_chacha20_poly1305_seal,
-	.open = aead_chacha20_poly1305_open,
-};
-
-static const EVP_AEAD aead_chacha20_poly1305_old = {
-	.key_len = 32,
-	.nonce_len = CHACHA20_NONCE_LEN_OLD,
-	.overhead = POLY1305_TAG_LEN,
-	.max_tag_len = POLY1305_TAG_LEN,
-
-	.init = aead_chacha20_poly1305_init,
-	.cleanup = aead_chacha20_poly1305_cleanup,
-	.seal = aead_chacha20_poly1305_seal,
-	.open = aead_chacha20_poly1305_open,
-};
-
-const EVP_AEAD *
-EVP_aead_chacha20_poly1305()
-{
-	return &aead_chacha20_poly1305;
-}
-
-const EVP_AEAD *
-EVP_aead_chacha20_poly1305_old()
-{
-	return &aead_chacha20_poly1305_old;
-}
-
-#endif  /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */
diff --git a/lib/libssl/src/crypto/evp/e_des.c b/lib/libssl/src/crypto/evp/e_des.c
deleted file mode 100644
index ad91720ff1c..00000000000
--- a/lib/libssl/src/crypto/evp/e_des.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* $OpenBSD: e_des.c,v 1.14 2015/10/12 06:05:52 guenther Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_DES
-
-#include <openssl/evp.h>
-#include <openssl/des.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int
-des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-		DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
-		    ctx->cipher_data, ctx->encrypt);
-	return 1;
-}
-
-static int
-des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, &ctx->num);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, &ctx->num);
-	return 1;
-}
-
-static int
-des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-static int
-des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-	return 1;
-}
-
-/* Although we have a CFB-r implementation for DES, it doesn't pack the right
-   way, so wrap it here */
-static int
-des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	size_t n, chunk = EVP_MAXCHUNK/8;
-	unsigned char c[1], d[1];
-
-	if (inl < chunk)
-		chunk = inl;
-
-	while (inl && inl >= chunk) {
-		for (n = 0; n < chunk*8; ++n) {
-			c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
-			DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data,
-			    (DES_cblock *)ctx->iv, ctx->encrypt);
-			out[n / 8] = (out[n / 8] &
-			    ~(0x80 >> (unsigned int)(n % 8))) |
-			    ((d[0] & 0x80) >> (unsigned int)(n % 8));
-		}
-		inl -= chunk;
-		in += chunk;
-		out += chunk;
-		if (inl < chunk)
-			chunk = inl;
-	}
-
-	return 1;
-}
-
-static int
-des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
-		    ctx->cipher_data, (DES_cblock *)ctx->iv, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
-    EVP_CIPH_RAND_KEY, des_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    des_ctrl)
-
-BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 1,
-    EVP_CIPH_RAND_KEY, des_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv, des_ctrl)
-
-BLOCK_CIPHER_def_cfb(des, DES_key_schedule, NID_des, 8, 8, 8,
-    EVP_CIPH_RAND_KEY, des_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv, des_ctrl)
-
-static int
-des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(deskey, ctx->cipher_data);
-	return 1;
-}
-
-static int
-des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	switch (type) {
-	case EVP_CTRL_RAND_KEY:
-		if (DES_random_key((DES_cblock *)ptr) == 0)
-			return 0;
-		return 1;
-
-	default:
-		return -1;
-	}
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_des3.c b/lib/libssl/src/crypto/evp/e_des3.c
deleted file mode 100644
index 3cb95a8e22b..00000000000
--- a/lib/libssl/src/crypto/evp/e_des3.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* $OpenBSD: e_des3.c,v 1.19 2015/10/12 06:05:52 guenther Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_DES
-
-#include <openssl/des.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct {
-    DES_key_schedule ks1;/* key schedule */
-    DES_key_schedule ks2;/* key schedule (for ede) */
-    DES_key_schedule ks3;/* key schedule (for ede3) */
-} DES_EDE_KEY;
-
-#define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
-
-/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */
-
-static int
-des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-	DES_ecb3_encrypt((const_DES_cblock *)(in + i), (DES_cblock *)(out + i),
-	    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3, ctx->encrypt);
-	return 1;
-}
-
-static int
-des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, &ctx->num);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ede3_ofb64_encrypt(in, out, (long)inl,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, &ctx->num);
-
-	return 1;
-}
-
-static int
-des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ede3_cbc_encrypt(in, out, (long)inl,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-static int
-des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ede3_cfb64_encrypt(in, out, (long)inl,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
-	return 1;
-}
-
-/* Although we have a CFB-r implementation for 3-DES, it doesn't pack the right
-   way, so wrap it here */
-static int
-des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	size_t n;
-	unsigned char c[1], d[1];
-
-	for (n = 0; n < inl; ++n) {
-		c[0] = (in[n/8]&(1 << (7 - n % 8))) ? 0x80 : 0;
-		DES_ede3_cfb_encrypt(c, d, 1, 1,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-		out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
-		    ((d[0] & 0x80) >> (unsigned int)(n % 8));
-	}
-
-	return 1;
-}
-
-static int
-des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
-		    &data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
-		    (DES_cblock *)ctx->iv, ctx->encrypt);
-	return 1;
-}
-
-BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
-    EVP_CIPH_RAND_KEY, des_ede_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    des3_ctrl)
-
-#define des_ede3_cfb64_cipher des_ede_cfb64_cipher
-#define des_ede3_ofb_cipher des_ede_ofb_cipher
-#define des_ede3_cbc_cipher des_ede_cbc_cipher
-#define des_ede3_ecb_cipher des_ede_ecb_cipher
-
-BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
-    EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    des3_ctrl)
-
-BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
-    EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    des3_ctrl)
-
-BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
-    EVP_CIPH_RAND_KEY, des_ede3_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv,
-    EVP_CIPHER_get_asn1_iv,
-    des3_ctrl)
-
-static int
-des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
-	DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
-	memcpy(&data(ctx)->ks3, &data(ctx)->ks1,
-	    sizeof(data(ctx)->ks1));
-	return 1;
-}
-
-static int
-des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-
-	DES_set_key_unchecked(&deskey[0], &data(ctx)->ks1);
-	DES_set_key_unchecked(&deskey[1], &data(ctx)->ks2);
-	DES_set_key_unchecked(&deskey[2], &data(ctx)->ks3);
-	return 1;
-}
-
-static int
-des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	DES_cblock *deskey = ptr;
-
-	switch (type) {
-	case EVP_CTRL_RAND_KEY:
-		if (DES_random_key(deskey) == 0)
-			return 0;
-		if (c->key_len >= 16 && DES_random_key(deskey + 1) == 0)
-			return 0;
-		if (c->key_len >= 24 && DES_random_key(deskey + 2) == 0)
-			return 0;
-		return 1;
-
-	default:
-		return -1;
-	}
-}
-
-const EVP_CIPHER *
-EVP_des_ede(void)
-{
-	return &des_ede_ecb;
-}
-
-const EVP_CIPHER *
-EVP_des_ede3(void)
-{
-	return &des_ede3_ecb;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_gost2814789.c b/lib/libssl/src/crypto/evp/e_gost2814789.c
deleted file mode 100644
index e2235a64b5d..00000000000
--- a/lib/libssl/src/crypto/evp/e_gost2814789.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* $OpenBSD: e_gost2814789.c,v 1.3 2014/11/18 05:30:07 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-#include "evp_locl.h"
-
-typedef struct {
-	GOST2814789_KEY ks;
-	int param_nid;
-} EVP_GOST2814789_CTX;
-
-static int
-gost2814789_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-	EVP_GOST2814789_CTX *c = ctx->cipher_data;
-
-	switch (type) {
-	case EVP_CTRL_PBE_PRF_NID:
-		if (ptr != NULL) {
-			*((int *)ptr) = NID_id_HMACGostR3411_94;
-			return 1;
-		} else {
-			return 0;
-		}
-	case EVP_CTRL_INIT:
-		/* Default value to have any s-box set at all */
-		c->param_nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
-		return Gost2814789_set_sbox(&c->ks, c->param_nid);
-	case EVP_CTRL_GOST_SET_SBOX:
-		return Gost2814789_set_sbox(&c->ks, arg);
-	default:
-		return -1;
-	}
-}
-
-static int
-gost2814789_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	EVP_GOST2814789_CTX *c = ctx->cipher_data;
-
-	return Gost2814789_set_key(&c->ks, key, ctx->key_len * 8);
-}
-
-int
-gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
-{
-	int len = 0;
-	unsigned char *buf = NULL;
-	unsigned char *p = NULL;
-	EVP_GOST2814789_CTX *c = ctx->cipher_data;
-	ASN1_OCTET_STRING *os = NULL;
-	GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
-
-	if (gcp == NULL) {
-		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) {
-		GOST_CIPHER_PARAMS_free(gcp);
-		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
-		return 0;
-	}
-	ASN1_OBJECT_free(gcp->enc_param_set);
-	gcp->enc_param_set = OBJ_nid2obj(c->param_nid);
-
-	len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
-	p = buf = malloc(len);
-	if (buf == NULL) {
-		GOST_CIPHER_PARAMS_free(gcp);
-		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	i2d_GOST_CIPHER_PARAMS(gcp, &p);
-	GOST_CIPHER_PARAMS_free(gcp);
-
-	os = ASN1_OCTET_STRING_new();
-	if (os == NULL) {
-		free(buf);
-		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (ASN1_OCTET_STRING_set(os, buf, len) == 0) {
-		ASN1_OCTET_STRING_free(os);
-		free(buf);
-		GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB);
-		return 0;
-	}
-	free(buf);
-
-	ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
-	return 1;
-}
-
-int
-gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
-{
-	int ret = -1;
-	int len;
-	GOST_CIPHER_PARAMS *gcp = NULL;
-	EVP_GOST2814789_CTX *c = ctx->cipher_data;
-	unsigned char *p;
-
-	if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE)
-		return ret;
-
-	p = params->value.sequence->data;
-
-	gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
-	    params->value.sequence->length);
-
-	len = gcp->iv->length;
-	if (len != ctx->cipher->iv_len) {
-		GOST_CIPHER_PARAMS_free(gcp);
-		GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS,
-		    GOST_R_INVALID_IV_LENGTH);
-		return -1;
-	}
-
-	if (!Gost2814789_set_sbox(&c->ks, OBJ_obj2nid(gcp->enc_param_set))) {
-		GOST_CIPHER_PARAMS_free(gcp);
-		return -1;
-	}
-	c->param_nid = OBJ_obj2nid(gcp->enc_param_set);
-
-	memcpy(ctx->oiv, gcp->iv->data, len);
-	memcpy(ctx->iv, gcp->iv->data, len);
-
-	GOST_CIPHER_PARAMS_free(gcp);
-
-	return 1;
-}
-
-BLOCK_CIPHER_func_ecb(gost2814789, Gost2814789, EVP_GOST2814789_CTX, ks)
-BLOCK_CIPHER_func_cfb(gost2814789, Gost2814789, 64, EVP_GOST2814789_CTX, ks)
-
-static int
-gost2814789_cnt_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	EVP_GOST2814789_CTX *c = ctx->cipher_data;
-
-	while (inl >= EVP_MAXCHUNK) {
-		Gost2814789_cnt_encrypt(in, out, (long)EVP_MAXCHUNK, &c->ks,
-		    ctx->iv, ctx->buf, &ctx->num);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-
-	if (inl)
-		Gost2814789_cnt_encrypt(in, out, inl, &c->ks, ctx->iv, ctx->buf,
-		    &ctx->num);
-	return 1;
-}
-
-/* gost89 is CFB-64 */
-#define NID_gost89_cfb64 NID_id_Gost28147_89
-
-BLOCK_CIPHER_def_ecb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 8, 32,
-		     EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
-		     gost2814789_init_key, NULL, gost2814789_set_asn1_params,
-		     gost2814789_get_asn1_params, gost2814789_ctl)
-BLOCK_CIPHER_def_cfb(gost2814789, EVP_GOST2814789_CTX, NID_gost89, 32, 8, 64,
-		     EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
-		     gost2814789_init_key, NULL, gost2814789_set_asn1_params,
-		     gost2814789_get_asn1_params, gost2814789_ctl)
-BLOCK_CIPHER_def1(gost2814789, cnt, cnt, OFB, EVP_GOST2814789_CTX, NID_gost89,
-		  1, 32, 8, EVP_CIPH_NO_PADDING | EVP_CIPH_CTRL_INIT,
-		  gost2814789_init_key, NULL, gost2814789_set_asn1_params,
-		  gost2814789_get_asn1_params, gost2814789_ctl)
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_idea.c b/lib/libssl/src/crypto/evp/e_idea.c
deleted file mode 100644
index 454ad4e6722..00000000000
--- a/lib/libssl/src/crypto/evp/e_idea.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* $OpenBSD: e_idea.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_IDEA
-
-#include <openssl/evp.h>
-#include <openssl/idea.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-
-/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special
- * case
- */
-
-static int
-idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	BLOCK_CIPHER_ecb_loop()
-	idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
-	return 1;
-}
-
-/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
-
-typedef struct {
-	IDEA_KEY_SCHEDULE ks;
-} EVP_IDEA_KEY;
-
-BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
-BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
-BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
-
-BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
-    0, idea_init_key, NULL,
-    EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
-
-static int
-idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	if (!enc) {
-		if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
-			enc = 1;
-		else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE)
-			enc = 1;
-	}
-	if (enc)
-		idea_set_encrypt_key(key, ctx->cipher_data);
-	else {
-		IDEA_KEY_SCHEDULE tmp;
-
-		idea_set_encrypt_key(key, &tmp);
-		idea_set_decrypt_key(&tmp, ctx->cipher_data);
-		explicit_bzero((unsigned char *)&tmp,
-		    sizeof(IDEA_KEY_SCHEDULE));
-	}
-	return 1;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_null.c b/lib/libssl/src/crypto/evp/e_null.c
deleted file mode 100644
index 65374cc3f53..00000000000
--- a/lib/libssl/src/crypto/evp/e_null.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* $OpenBSD: e_null.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl);
-
-static const EVP_CIPHER n_cipher = {
-	NID_undef,
-	1, 0, 0,
-	0,
-	null_init_key,
-	null_cipher,
-	NULL,
-	0,
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
-const EVP_CIPHER *
-EVP_enc_null(void)
-{
-	return (&n_cipher);
-}
-
-static int
-null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	/*	memset(&(ctx->c),0,sizeof(ctx->c));*/
-	return 1;
-}
-
-static int
-null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	if (in != out)
-		memcpy((char *)out, (const char *)in, inl);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/evp/e_old.c b/lib/libssl/src/crypto/evp/e_old.c
deleted file mode 100644
index 71166654b01..00000000000
--- a/lib/libssl/src/crypto/evp/e_old.c
+++ /dev/null
@@ -1,159 +0,0 @@
-/* $OpenBSD: e_old.c,v 1.8 2015/02/10 11:45:09 jsing Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-
-#include <openssl/evp.h>
-
-/* Define some deprecated functions, so older programs
-   don't crash and burn too quickly.  On Windows and VMS,
-   these will never be used, since functions and variables
-   in shared libraries are selected by entry point location,
-   not by name.  */
-
-#ifndef OPENSSL_NO_BF
-#undef EVP_bf_cfb
-const EVP_CIPHER *EVP_bf_cfb(void);
-const EVP_CIPHER *
-EVP_bf_cfb(void)
-{
-	return EVP_bf_cfb64();
-}
-#endif
-
-#ifndef OPENSSL_NO_DES
-#undef EVP_des_cfb
-const EVP_CIPHER *EVP_des_cfb(void);
-const EVP_CIPHER *
-EVP_des_cfb(void)
-{
-	return EVP_des_cfb64();
-}
-#undef EVP_des_ede3_cfb
-const EVP_CIPHER *EVP_des_ede3_cfb(void);
-const EVP_CIPHER *
-EVP_des_ede3_cfb(void)
-{
-	return EVP_des_ede3_cfb64();
-}
-#undef EVP_des_ede_cfb
-const EVP_CIPHER *EVP_des_ede_cfb(void);
-const EVP_CIPHER *
-EVP_des_ede_cfb(void)
-{
-	return EVP_des_ede_cfb64();
-}
-#endif
-
-#ifndef OPENSSL_NO_IDEA
-#undef EVP_idea_cfb
-const EVP_CIPHER *EVP_idea_cfb(void);
-const EVP_CIPHER *
-EVP_idea_cfb(void)
-{
-	return EVP_idea_cfb64();
-}
-#endif
-
-#ifndef OPENSSL_NO_RC2
-#undef EVP_rc2_cfb
-const EVP_CIPHER *EVP_rc2_cfb(void);
-const EVP_CIPHER *
-EVP_rc2_cfb(void)
-{
-	return EVP_rc2_cfb64();
-}
-#endif
-
-#ifndef OPENSSL_NO_CAST
-#undef EVP_cast5_cfb
-const EVP_CIPHER *EVP_cast5_cfb(void);
-const EVP_CIPHER *
-EVP_cast5_cfb(void)
-{
-	return EVP_cast5_cfb64();
-}
-#endif
-
-#ifndef OPENSSL_NO_AES
-#undef EVP_aes_128_cfb
-const EVP_CIPHER *EVP_aes_128_cfb(void);
-const EVP_CIPHER *
-EVP_aes_128_cfb(void)
-{
-	return EVP_aes_128_cfb128();
-}
-#undef EVP_aes_192_cfb
-const EVP_CIPHER *EVP_aes_192_cfb(void);
-const EVP_CIPHER *
-EVP_aes_192_cfb(void)
-{
-	return EVP_aes_192_cfb128();
-}
-#undef EVP_aes_256_cfb
-const EVP_CIPHER *EVP_aes_256_cfb(void);
-const EVP_CIPHER *
-EVP_aes_256_cfb(void)
-{
-	return EVP_aes_256_cfb128();
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_rc2.c b/lib/libssl/src/crypto/evp/e_rc2.c
deleted file mode 100644
index 9052195ac28..00000000000
--- a/lib/libssl/src/crypto/evp/e_rc2.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_RC2
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rc2.h>
-
-#include "evp_locl.h"
-
-static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
-static int rc2_magic_to_meth(int i);
-static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
-
-typedef struct {
-	int key_bits;	/* effective key bits */
-	RC2_KEY ks;	/* key schedule */
-} EVP_RC2_KEY;
-
-#define data(ctx)	((EVP_RC2_KEY *)(ctx)->cipher_data)
-
-IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
-    8,
-    RC2_KEY_LENGTH, 8, 64,
-    EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-    rc2_init_key, NULL,
-    rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
-    rc2_ctrl)
-
-#define RC2_40_MAGIC	0xa0
-#define RC2_64_MAGIC	0x78
-#define RC2_128_MAGIC	0x3a
-
-static const EVP_CIPHER r2_64_cbc_cipher = {
-	NID_rc2_64_cbc,
-	8, 8 /* 64 bit */, 8,
-	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-	rc2_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_RC2_KEY),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	rc2_ctrl,
-	NULL
-};
-
-static const EVP_CIPHER r2_40_cbc_cipher = {
-	NID_rc2_40_cbc,
-	8, 5 /* 40 bit */, 8,
-	EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
-	rc2_init_key,
-	rc2_cbc_cipher,
-	NULL,
-	sizeof(EVP_RC2_KEY),
-	rc2_set_asn1_type_and_iv,
-	rc2_get_asn1_type_and_iv,
-	rc2_ctrl,
-	NULL
-};
-
-const EVP_CIPHER *
-EVP_rc2_64_cbc(void)
-{
-	return (&r2_64_cbc_cipher);
-}
-
-const EVP_CIPHER *
-EVP_rc2_40_cbc(void)
-{
-	return (&r2_40_cbc_cipher);
-}
-
-static int
-rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
-	    key, data(ctx)->key_bits);
-	return 1;
-}
-
-static int
-rc2_meth_to_magic(EVP_CIPHER_CTX *e)
-{
-	int i;
-
-	EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
-	if (i == 128)
-		return (RC2_128_MAGIC);
-	else if (i == 64)
-		return (RC2_64_MAGIC);
-	else if (i == 40)
-		return (RC2_40_MAGIC);
-	else
-		return (0);
-}
-
-static int
-rc2_magic_to_meth(int i)
-{
-	if (i == RC2_128_MAGIC)
-		return 128;
-	else if (i == RC2_64_MAGIC)
-		return 64;
-	else if (i == RC2_40_MAGIC)
-		return 40;
-	else {
-		EVPerr(EVP_F_RC2_MAGIC_TO_METH, EVP_R_UNSUPPORTED_KEY_SIZE);
-		return (0);
-	}
-}
-
-static int
-rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	long num = 0;
-	int i = 0;
-	int key_bits;
-	unsigned int l;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-
-	if (type != NULL) {
-		l = EVP_CIPHER_CTX_iv_length(c);
-		if (l > sizeof(iv)) {
-			EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
-			    EVP_R_IV_TOO_LARGE);
-			return -1;
-		}
-		i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
-		if (i != (int)l)
-			return (-1);
-		key_bits = rc2_magic_to_meth((int)num);
-		if (!key_bits)
-			return (-1);
-		if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
-			return -1;
-		EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS,
-		    key_bits, NULL);
-		EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
-	}
-	return (i);
-}
-
-static int
-rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	long num;
-	int i = 0, j;
-
-	if (type != NULL) {
-		num = rc2_meth_to_magic(c);
-		j = EVP_CIPHER_CTX_iv_length(c);
-		i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
-	}
-	return (i);
-}
-
-static int
-rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
-{
-	switch (type) {
-	case EVP_CTRL_INIT:
-		data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
-		return 1;
-
-	case EVP_CTRL_GET_RC2_KEY_BITS:
-		*(int *)ptr = data(c)->key_bits;
-		return 1;
-
-	case EVP_CTRL_SET_RC2_KEY_BITS:
-		if (arg > 0) {
-			data(c)->key_bits = arg;
-			return 1;
-		}
-		return 0;
-
-#ifdef PBE_PRF_TEST
-	case EVP_CTRL_PBE_PRF_NID:
-		*(int *)ptr = NID_hmacWithMD5;
-		return 1;
-#endif
-
-	default:
-		return -1;
-	}
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_rc4.c b/lib/libssl/src/crypto/evp/e_rc4.c
deleted file mode 100644
index e77a2931415..00000000000
--- a/lib/libssl/src/crypto/evp/e_rc4.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* $OpenBSD: e_rc4.c,v 1.14 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_RC4
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rc4.h>
-
-#include "evp_locl.h"
-
-/* FIXME: surely this is available elsewhere? */
-#define EVP_RC4_KEY_SIZE		16
-
-typedef struct {
-    RC4_KEY ks;	/* working key */
-} EVP_RC4_KEY;
-
-#define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
-
-static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl);
-
-static const EVP_CIPHER r4_cipher = {
-	NID_rc4,
-	1, EVP_RC4_KEY_SIZE, 0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	rc4_init_key,
-	rc4_cipher,
-	NULL,
-	sizeof(EVP_RC4_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
-static const EVP_CIPHER r4_40_cipher = {
-	NID_rc4_40,
-	1, 5 /* 40 bit */, 0,
-	EVP_CIPH_VARIABLE_LENGTH,
-	rc4_init_key,
-	rc4_cipher,
-	NULL,
-	sizeof(EVP_RC4_KEY),
-	NULL,
-	NULL,
-	NULL,
-	NULL
-};
-
-const EVP_CIPHER *
-EVP_rc4(void)
-{
-	return (&r4_cipher);
-}
-
-const EVP_CIPHER *
-EVP_rc4_40(void)
-{
-	return (&r4_40_cipher);
-}
-
-static int
-rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
-	return 1;
-}
-
-static int
-rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	RC4(&data(ctx)->ks, inl, in, out);
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_rc4_hmac_md5.c b/lib/libssl/src/crypto/evp/e_rc4_hmac_md5.c
deleted file mode 100644
index 1f085af4039..00000000000
--- a/lib/libssl/src/crypto/evp/e_rc4_hmac_md5.c
+++ /dev/null
@@ -1,309 +0,0 @@
-/* $OpenBSD: e_rc4_hmac_md5.c,v 1.5 2014/08/11 13:29:43 bcook Exp $ */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rc4.h>
-#include <openssl/md5.h>
-
-#ifndef EVP_CIPH_FLAG_AEAD_CIPHER
-#define EVP_CIPH_FLAG_AEAD_CIPHER	0x200000
-#define EVP_CTRL_AEAD_TLS1_AAD		0x16
-#define EVP_CTRL_AEAD_SET_MAC_KEY	0x17
-#endif
-
-/* FIXME: surely this is available elsewhere? */
-#define EVP_RC4_KEY_SIZE		16
-
-typedef struct {
-	RC4_KEY		ks;
-	MD5_CTX		head, tail, md;
-	size_t		payload_length;
-} EVP_RC4_HMAC_MD5;
-
-#define NO_PAYLOAD_LENGTH	((size_t)-1)
-
-void rc4_md5_enc (RC4_KEY *key, const void *in0, void *out,
-    MD5_CTX *ctx, const void *inp, size_t blocks);
-
-#define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
-
-static int
-rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *inkey,
-    const unsigned char *iv, int enc)
-{
-	EVP_RC4_HMAC_MD5 *key = data(ctx);
-
-	RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
-
-	MD5_Init(&key->head);	/* handy when benchmarking */
-	key->tail = key->head;
-	key->md = key->head;
-
-	key->payload_length = NO_PAYLOAD_LENGTH;
-
-	return 1;
-}
-
-#if	!defined(OPENSSL_NO_ASM) && defined(RC4_MD5_ASM) &&	( \
-	defined(__x86_64)	|| defined(__x86_64__)	|| \
-	defined(_M_AMD64)	|| defined(_M_X64)	|| \
-	defined(__INTEL__)		) && \
-	!(defined(__APPLE__) && defined(__MACH__))
-#define	STITCHED_CALL
-#endif
-
-#if !defined(STITCHED_CALL)
-#define	rc4_off 0
-#define	md5_off 0
-#endif
-
-static int
-rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t len)
-{
-	EVP_RC4_HMAC_MD5 *key = data(ctx);
-#if defined(STITCHED_CALL)
-	size_t	rc4_off = 32-1-(key->ks.x&(32-1)),	/* 32 is $MOD from rc4_md5-x86_64.pl */
-	md5_off = MD5_CBLOCK - key->md.num,
-	    blocks;
-	unsigned int l;
-	extern unsigned int OPENSSL_ia32cap_P[];
-#endif
-	size_t	plen = key->payload_length;
-
-	if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
-		return 0;
-
-	if (ctx->encrypt) {
-		if (plen == NO_PAYLOAD_LENGTH)
-			plen = len;
-#if defined(STITCHED_CALL)
-		/* cipher has to "fall behind" */
-		if (rc4_off > md5_off)
-			md5_off += MD5_CBLOCK;
-
-		if (plen > md5_off &&
-		    (blocks = (plen - md5_off) / MD5_CBLOCK) &&
-		    (OPENSSL_ia32cap_P[0]&(1 << 20)) == 0) {
-			MD5_Update(&key->md, in, md5_off);
-			RC4(&key->ks, rc4_off, in, out);
-
-			rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
-			    &key->md, in + md5_off, blocks);
-			blocks *= MD5_CBLOCK;
-			rc4_off += blocks;
-			md5_off += blocks;
-			key->md.Nh += blocks >> 29;
-			key->md.Nl += blocks <<= 3;
-			if (key->md.Nl < (unsigned int)blocks)
-				key->md.Nh++;
-		} else {
-			rc4_off = 0;
-			md5_off = 0;
-		}
-#endif
-		MD5_Update(&key->md, in + md5_off, plen - md5_off);
-
-		if (plen!=len) {	/* "TLS" mode of operation */
-			if (in != out)
-				memcpy(out + rc4_off, in + rc4_off,
-				    plen - rc4_off);
-
-			/* calculate HMAC and append it to payload */
-			MD5_Final(out + plen, &key->md);
-			key->md = key->tail;
-			MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
-			MD5_Final(out + plen, &key->md);
-
-			/* encrypt HMAC at once */
-			RC4(&key->ks, len - rc4_off, out + rc4_off,
-			    out + rc4_off);
-		} else {
-			RC4(&key->ks, len - rc4_off, in + rc4_off,
-			    out + rc4_off);
-		}
-	} else {
-		unsigned char mac[MD5_DIGEST_LENGTH];
-#if defined(STITCHED_CALL)
-		/* digest has to "fall behind" */
-		if (md5_off > rc4_off)
-			rc4_off += 2*MD5_CBLOCK;
-		else
-			rc4_off += MD5_CBLOCK;
-
-		if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
-		    (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
-			RC4(&key->ks, rc4_off, in, out);
-			MD5_Update(&key->md, out, md5_off);
-
-			rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
-			    &key->md, out + md5_off, blocks);
-			blocks *= MD5_CBLOCK;
-			rc4_off += blocks;
-			md5_off += blocks;
-			l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
-			if (l < key->md.Nl)
-				key->md.Nh++;
-			key->md.Nl = l;
-			key->md.Nh += blocks >> 29;
-		} else {
-			md5_off = 0;
-			rc4_off = 0;
-		}
-#endif
-		/* decrypt HMAC at once */
-		RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
-		if (plen!=NO_PAYLOAD_LENGTH) {	/* "TLS" mode of operation */
-			MD5_Update(&key->md, out + md5_off, plen - md5_off);
-
-			/* calculate HMAC and verify it */
-			MD5_Final(mac, &key->md);
-			key->md = key->tail;
-			MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
-			MD5_Final(mac, &key->md);
-
-			if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
-				return 0;
-		} else {
-			MD5_Update(&key->md, out + md5_off, len - md5_off);
-		}
-	}
-
-	key->payload_length = NO_PAYLOAD_LENGTH;
-
-	return 1;
-}
-
-static int
-rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-	EVP_RC4_HMAC_MD5 *key = data(ctx);
-
-	switch (type) {
-	case EVP_CTRL_AEAD_SET_MAC_KEY:
-		{
-			unsigned int  i;
-			unsigned char hmac_key[64];
-
-			memset (hmac_key, 0, sizeof(hmac_key));
-
-			if (arg > (int)sizeof(hmac_key)) {
-				MD5_Init(&key->head);
-				MD5_Update(&key->head, ptr, arg);
-				MD5_Final(hmac_key, &key->head);
-			} else {
-				memcpy(hmac_key, ptr, arg);
-			}
-
-			for (i = 0; i < sizeof(hmac_key); i++)
-				hmac_key[i] ^= 0x36;		/* ipad */
-			MD5_Init(&key->head);
-			MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
-
-			for (i = 0; i < sizeof(hmac_key); i++)
-				hmac_key[i] ^= 0x36 ^ 0x5c;	/* opad */
-			MD5_Init(&key->tail);
-			MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
-
-			return 1;
-		}
-	case EVP_CTRL_AEAD_TLS1_AAD:
-		{
-			unsigned char *p = ptr;
-			unsigned int len = p[arg - 2] << 8 | p[arg - 1];
-
-			if (!ctx->encrypt) {
-				len -= MD5_DIGEST_LENGTH;
-				p[arg - 2] = len >> 8;
-				p[arg - 1] = len;
-			}
-			key->payload_length = len;
-			key->md = key->head;
-			MD5_Update(&key->md, p, arg);
-
-			return MD5_DIGEST_LENGTH;
-		}
-	default:
-		return -1;
-	}
-}
-
-static EVP_CIPHER r4_hmac_md5_cipher = {
-#ifdef NID_rc4_hmac_md5
-	NID_rc4_hmac_md5,
-#else
-	NID_undef,
-#endif
-	1, EVP_RC4_KEY_SIZE, 0,
-	EVP_CIPH_STREAM_CIPHER|EVP_CIPH_VARIABLE_LENGTH|EVP_CIPH_FLAG_AEAD_CIPHER,
-	rc4_hmac_md5_init_key,
-	rc4_hmac_md5_cipher,
-	NULL,
-	sizeof(EVP_RC4_HMAC_MD5),
-	NULL,
-	NULL,
-	rc4_hmac_md5_ctrl,
-	NULL
-};
-
-const EVP_CIPHER *
-EVP_rc4_hmac_md5(void)
-{
-	return (&r4_hmac_md5_cipher);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/e_xcbc_d.c b/lib/libssl/src/crypto/evp/e_xcbc_d.c
deleted file mode 100644
index 2aae0a91512..00000000000
--- a/lib/libssl/src/crypto/evp/e_xcbc_d.c
+++ /dev/null
@@ -1,137 +0,0 @@
-/* $OpenBSD: e_xcbc_d.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_DES
-
-#include <openssl/des.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc);
-static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl);
-
-
-typedef struct {
-	DES_key_schedule ks;/* key schedule */
-	DES_cblock inw;
-	DES_cblock outw;
-} DESX_CBC_KEY;
-
-#define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
-
-static const EVP_CIPHER d_xcbc_cipher = {
-	NID_desx_cbc,
-	8, 24, 8,
-	EVP_CIPH_CBC_MODE,
-	desx_cbc_init_key,
-	desx_cbc_cipher,
-	NULL,
-	sizeof(DESX_CBC_KEY),
-	EVP_CIPHER_set_asn1_iv,
-	EVP_CIPHER_get_asn1_iv,
-	NULL,
-	NULL
-};
-
-const EVP_CIPHER *
-EVP_desx_cbc(void)
-{
-	return (&d_xcbc_cipher);
-}
-
-static int
-desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-    const unsigned char *iv, int enc)
-{
-	DES_cblock *deskey = (DES_cblock *)key;
-
-	DES_set_key_unchecked(deskey, &data(ctx)->ks);
-	memcpy(&data(ctx)->inw[0], &key[8], 8);
-	memcpy(&data(ctx)->outw[0], &key[16], 8);
-
-	return 1;
-}
-
-static int
-desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
-    const unsigned char *in, size_t inl)
-{
-	while (inl >= EVP_MAXCHUNK) {
-		DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
-		    (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw,
-		    &data(ctx)->outw, ctx->encrypt);
-		inl -= EVP_MAXCHUNK;
-		in += EVP_MAXCHUNK;
-		out += EVP_MAXCHUNK;
-	}
-	if (inl)
-		DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
-		    (DES_cblock *)&(ctx->iv[0]), &data(ctx)->inw,
-		    &data(ctx)->outw, ctx->encrypt);
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/encode.c b/lib/libssl/src/crypto/evp/encode.c
deleted file mode 100644
index 1097a7c9039..00000000000
--- a/lib/libssl/src/crypto/evp/encode.c
+++ /dev/null
@@ -1,423 +0,0 @@
-/* $OpenBSD: encode.c,v 1.24 2016/05/04 15:05:13 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-
-#define conv_bin2ascii(a)	(data_bin2ascii[(a)&0x3f])
-#define conv_ascii2bin(a)	(data_ascii2bin[(a)&0x7f])
-
-/* 64 char lines
- * pad input with 0
- * left over chars are set to =
- * 1 byte  => xx==
- * 2 bytes => xxx=
- * 3 bytes => xxxx
- */
-#define BIN_PER_LINE    (64/4*3)
-#define CHUNKS_PER_LINE (64/4)
-#define CHAR_PER_LINE   (64+1)
-
-static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
-abcdefghijklmnopqrstuvwxyz0123456789+/";
-
-/* 0xF0 is a EOLN
- * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
- * 0xF2 is EOF
- * 0xE0 is ignore at start of line.
- * 0xFF is error
- */
-
-#define B64_EOLN		0xF0
-#define B64_CR			0xF1
-#define B64_EOF			0xF2
-#define B64_WS			0xE0
-#define B64_ERROR       	0xFF
-#define B64_NOT_BASE64(a)	(((a)|0x13) == 0xF3)
-
-static const unsigned char data_ascii2bin[128] = {
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
-	0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
-	0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
-	0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
-	0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
-	0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
-	0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-	0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
-	0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
-	0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
-	0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-};
-
-void
-EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
-{
-	ctx->length = 48;
-	ctx->num = 0;
-	ctx->line_num = 0;
-}
-
-void
-EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl)
-{
-	int i, j;
-	size_t total = 0;
-
-	*outl = 0;
-	if (inl == 0)
-		return;
-	OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
-	if (ctx->length - ctx->num > inl) {
-		memcpy(&(ctx->enc_data[ctx->num]), in, inl);
-		ctx->num += inl;
-		return;
-	}
-	if (ctx->num != 0) {
-		i = ctx->length - ctx->num;
-		memcpy(&(ctx->enc_data[ctx->num]), in, i);
-		in += i;
-		inl -= i;
-		j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
-		ctx->num = 0;
-		out += j;
-		*(out++) = '\n';
-		*out = '\0';
-		total = j + 1;
-	}
-	while (inl >= ctx->length && total <= INT_MAX) {
-		j = EVP_EncodeBlock(out, in, ctx->length);
-		in += ctx->length;
-		inl -= ctx->length;
-		out += j;
-		*(out++) = '\n';
-		*out = '\0';
-		total += j + 1;
-	}
-	if (total > INT_MAX) {
-		/* Too much output data! */
-		*outl = 0;
-		return;
-	}
-	if (inl != 0)
-		memcpy(&(ctx->enc_data[0]), in, inl);
-	ctx->num = inl;
-	*outl = total;
-}
-
-void
-EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
-	unsigned int ret = 0;
-
-	if (ctx->num != 0) {
-		ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
-		out[ret++] = '\n';
-		out[ret] = '\0';
-		ctx->num = 0;
-	}
-	*outl = ret;
-}
-
-int
-EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
-{
-	int i, ret = 0;
-	unsigned long l;
-
-	for (i = dlen; i > 0; i -= 3) {
-		if (i >= 3) {
-			l = (((unsigned long)f[0]) << 16L) |
-			    (((unsigned long)f[1]) << 8L) | f[2];
-			*(t++) = conv_bin2ascii(l >> 18L);
-			*(t++) = conv_bin2ascii(l >> 12L);
-			*(t++) = conv_bin2ascii(l >> 6L);
-			*(t++) = conv_bin2ascii(l     );
-		} else {
-			l = ((unsigned long)f[0]) << 16L;
-			if (i == 2)
-				l |= ((unsigned long)f[1] << 8L);
-
-			*(t++) = conv_bin2ascii(l >> 18L);
-			*(t++) = conv_bin2ascii(l >> 12L);
-			*(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
-			*(t++) = '=';
-		}
-		ret += 4;
-		f += 3;
-	}
-
-	*t = '\0';
-	return (ret);
-}
-
-void
-EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
-{
-	ctx->length = 30;
-	ctx->num = 0;
-	ctx->line_num = 0;
-	ctx->expect_nl = 0;
-}
-
-/* -1 for error
- *  0 for last line
- *  1 for full line
- */
-int
-EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl)
-{
-	int seof = -1, eof = 0, rv = -1, ret = 0, i, v, tmp, n, ln, exp_nl;
-	unsigned char *d;
-
-	n = ctx->num;
-	d = ctx->enc_data;
-	ln = ctx->line_num;
-	exp_nl = ctx->expect_nl;
-
-	/* last line of input. */
-	if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF))) {
-		rv = 0;
-		goto end;
-	}
-
-	/* We parse the input data */
-	for (i = 0; i < inl; i++) {
-		/* If the current line is > 80 characters, scream alot */
-		if (ln >= 80) {
-			rv = -1;
-			goto end;
-		}
-
-		/* Get char and put it into the buffer */
-		tmp= *(in++);
-		v = conv_ascii2bin(tmp);
-		/* only save the good data :-) */
-		if (!B64_NOT_BASE64(v)) {
-			OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
-			d[n++] = tmp;
-			ln++;
-		} else if (v == B64_ERROR) {
-			rv = -1;
-			goto end;
-		}
-
-		/* There should not be base64 data after padding. */
-		if (eof && tmp != '=' && tmp != '\r' && tmp != '\n' &&
-		    v != B64_EOF) {
-			rv = -1;
-			goto end;
-		}
-
-		/* have we seen a '=' which is 'definitely' the last
-		 * input line.  seof will point to the character that
-		 * holds it. and eof will hold how many characters to
-		 * chop off. */
-		if (tmp == '=') {
-			if (seof == -1)
-				seof = n;
-			eof++;
-		}
-
-		/* There should be no more than two padding markers. */
-		if (eof > 2) {
-			rv = -1;
-			goto end;
-		}
-
-		if (v == B64_CR) {
-			ln = 0;
-			if (exp_nl)
-				continue;
-		}
-
-		/* eoln */
-		if (v == B64_EOLN) {
-			ln = 0;
-			if (exp_nl) {
-				exp_nl = 0;
-				continue;
-			}
-		}
-		exp_nl = 0;
-
-		/* If we are at the end of input and it looks like a
-		 * line, process it. */
-		if (((i + 1) == inl) && (((n&3) == 0) || eof)) {
-			v = B64_EOF;
-			/* In case things were given us in really small
-			   records (so two '=' were given in separate
-			   updates), eof may contain the incorrect number
-			   of ending bytes to skip, so let's redo the count */
-			eof = 0;
-			if (d[n-1] == '=')
-				eof++;
-			if (d[n-2] == '=')
-				eof++;
-			/* There will never be more than two '=' */
-		}
-
-		if ((v == B64_EOF && (n&3) == 0) || (n >= 64)) {
-			/* This is needed to work correctly on 64 byte input
-			 * lines.  We process the line and then need to
-			 * accept the '\n' */
-			if ((v != B64_EOF) && (n >= 64))
-				exp_nl = 1;
-			if (n > 0) {
-				v = EVP_DecodeBlock(out, d, n);
-				n = 0;
-				if (v < 0) {
-					rv = 0;
-					goto end;
-				}
-				ret += (v - eof);
-			} else {
-				eof = 1;
-				v = 0;
-			}
-
-			/* This is the case where we have had a short
-			 * but valid input line */
-			if ((v < ctx->length) && eof) {
-				rv = 0;
-				goto end;
-			} else
-				ctx->length = v;
-
-			if (seof >= 0) {
-				rv = 0;
-				goto end;
-			}
-			out += v;
-		}
-	}
-	rv = 1;
-
-end:
-	*outl = ret;
-	ctx->num = n;
-	ctx->line_num = ln;
-	ctx->expect_nl = exp_nl;
-	return (rv);
-}
-
-int
-EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
-{
-	int i, ret = 0, a, b, c, d;
-	unsigned long l;
-
-	/* trim white space from the start of the line. */
-	while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
-		f++;
-		n--;
-	}
-
-	/* strip off stuff at the end of the line
-	 * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
-	while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
-		n--;
-
-	if (n % 4 != 0)
-		return (-1);
-
-	for (i = 0; i < n; i += 4) {
-		a = conv_ascii2bin(*(f++));
-		b = conv_ascii2bin(*(f++));
-		c = conv_ascii2bin(*(f++));
-		d = conv_ascii2bin(*(f++));
-		if ((a & 0x80) || (b & 0x80) ||
-		    (c & 0x80) || (d & 0x80))
-			return (-1);
-		l = ((((unsigned long)a) << 18L) |
-		    (((unsigned long)b) << 12L) |
-		    (((unsigned long)c) << 6L) |
-		    (((unsigned long)d)));
-		*(t++) = (unsigned char)(l >> 16L) & 0xff;
-		*(t++) = (unsigned char)(l >> 8L) & 0xff;
-		*(t++) = (unsigned char)(l) & 0xff;
-		ret += 3;
-	}
-	return (ret);
-}
-
-int
-EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
-{
-	int i;
-
-	*outl = 0;
-	if (ctx->num != 0) {
-		i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
-		if (i < 0)
-			return (-1);
-		ctx->num = 0;
-		*outl = i;
-		return (1);
-	} else
-		return (1);
-}
diff --git a/lib/libssl/src/crypto/evp/evp.h b/lib/libssl/src/crypto/evp/evp.h
deleted file mode 100644
index 75798dae8c8..00000000000
--- a/lib/libssl/src/crypto/evp/evp.h
+++ /dev/null
@@ -1,1501 +0,0 @@
-/* $OpenBSD: evp.h,v 1.51 2016/05/30 13:42:54 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_ENVELOPE_H
-#define HEADER_ENVELOPE_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-
-/*
-#define EVP_RC2_KEY_SIZE		16
-#define EVP_RC4_KEY_SIZE		16
-#define EVP_BLOWFISH_KEY_SIZE		16
-#define EVP_CAST5_KEY_SIZE		16
-#define EVP_RC5_32_12_16_KEY_SIZE	16
-*/
-#define EVP_MAX_MD_SIZE			64	/* longest known is SHA512 */
-#define EVP_MAX_KEY_LENGTH		64
-#define EVP_MAX_IV_LENGTH		16
-#define EVP_MAX_BLOCK_LENGTH		32
-
-#define PKCS5_SALT_LEN			8
-/* Default PKCS#5 iteration count */
-#define PKCS5_DEFAULT_ITER		2048
-
-#include <openssl/objects.h>
-
-#define EVP_PK_RSA	0x0001
-#define EVP_PK_DSA	0x0002
-#define EVP_PK_DH	0x0004
-#define EVP_PK_EC	0x0008
-#define EVP_PKT_SIGN	0x0010
-#define EVP_PKT_ENC	0x0020
-#define EVP_PKT_EXCH	0x0040
-#define EVP_PKS_RSA	0x0100
-#define EVP_PKS_DSA	0x0200
-#define EVP_PKS_EC	0x0400
-#define EVP_PKT_EXP	0x1000 /* <= 512 bit key */
-
-#define EVP_PKEY_NONE	NID_undef
-#define EVP_PKEY_RSA	NID_rsaEncryption
-#define EVP_PKEY_RSA2	NID_rsa
-#define EVP_PKEY_DSA	NID_dsa
-#define EVP_PKEY_DSA1	NID_dsa_2
-#define EVP_PKEY_DSA2	NID_dsaWithSHA
-#define EVP_PKEY_DSA3	NID_dsaWithSHA1
-#define EVP_PKEY_DSA4	NID_dsaWithSHA1_2
-#define EVP_PKEY_DH	NID_dhKeyAgreement
-#define EVP_PKEY_EC	NID_X9_62_id_ecPublicKey
-#define EVP_PKEY_GOSTR01 NID_id_GostR3410_2001
-#define EVP_PKEY_GOSTIMIT NID_id_Gost28147_89_MAC
-#define EVP_PKEY_HMAC	NID_hmac
-#define EVP_PKEY_CMAC	NID_cmac
-#define EVP_PKEY_GOSTR12_256 NID_id_tc26_gost3410_2012_256
-#define EVP_PKEY_GOSTR12_512 NID_id_tc26_gost3410_2012_512
-
-#ifdef	__cplusplus
-extern "C" {
-#endif
-
-/* Type needs to be a bit field
- * Sub-type needs to be for variations on the method, as in, can it do
- * arbitrary encryption.... */
-struct evp_pkey_st {
-	int type;
-	int save_type;
-	int references;
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	ENGINE *engine;
-	union	{
-		char *ptr;
-#ifndef OPENSSL_NO_RSA
-		struct rsa_st *rsa;	/* RSA */
-#endif
-#ifndef OPENSSL_NO_DSA
-		struct dsa_st *dsa;	/* DSA */
-#endif
-#ifndef OPENSSL_NO_DH
-		struct dh_st *dh;	/* DH */
-#endif
-#ifndef OPENSSL_NO_EC
-		struct ec_key_st *ec;	/* ECC */
-#endif
-#ifndef OPENSSL_NO_GOST
-		struct gost_key_st *gost; /* GOST */
-#endif
-	} pkey;
-	int save_parameters;
-	STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-} /* EVP_PKEY */;
-
-#define EVP_PKEY_MO_SIGN	0x0001
-#define EVP_PKEY_MO_VERIFY	0x0002
-#define EVP_PKEY_MO_ENCRYPT	0x0004
-#define EVP_PKEY_MO_DECRYPT	0x0008
-
-typedef int evp_sign_method(int type, const unsigned char *m,
-    unsigned int m_length, unsigned char *sigret, unsigned int *siglen,
-    void *key);
-typedef int evp_verify_method(int type, const unsigned char *m,
-    unsigned int m_length, const unsigned char *sigbuf, unsigned int siglen,
-    void *key);
-
-#ifndef EVP_MD
-struct env_md_st {
-	int type;
-	int pkey_type;
-	int md_size;
-	unsigned long flags;
-	int (*init)(EVP_MD_CTX *ctx);
-	int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
-	int (*final)(EVP_MD_CTX *ctx, unsigned char *md);
-	int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from);
-	int (*cleanup)(EVP_MD_CTX *ctx);
-
-	evp_sign_method *sign;
-	evp_verify_method *verify;
-	int required_pkey_type[5]; /*EVP_PKEY_xxx */
-	int block_size;
-	int ctx_size; /* how big does the ctx->md_data need to be */
-	/* control function */
-	int (*md_ctrl)(EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
-} /* EVP_MD */;
-
-#define EVP_MD_FLAG_ONESHOT	0x0001 /* digest can only handle a single
-					* block */
-
-#define EVP_MD_FLAG_PKEY_DIGEST	0x0002 /* digest is a "clone" digest used
-					* which is a copy of an existing
-					* one for a specific public key type.
-					* EVP_dss1() etc */
-
-/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
-
-#define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE	0x0004
-
-/* DigestAlgorithmIdentifier flags... */
-
-#define EVP_MD_FLAG_DIGALGID_MASK		0x0018
-
-/* NULL or absent parameter accepted. Use NULL */
-
-#define EVP_MD_FLAG_DIGALGID_NULL		0x0000
-
-/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
-
-#define EVP_MD_FLAG_DIGALGID_ABSENT		0x0008
-
-/* Custom handling via ctrl */
-
-#define EVP_MD_FLAG_DIGALGID_CUSTOM		0x0018
-
-#define EVP_MD_FLAG_FIPS	0x0400 /* Note if suitable for use in FIPS mode */
-
-/* Digest ctrls */
-
-#define	EVP_MD_CTRL_DIGALGID			0x1
-#define	EVP_MD_CTRL_MICALG			0x2
-#define	EVP_MD_CTRL_SET_KEY			0x3
-#define	EVP_MD_CTRL_GOST_SET_SBOX		0x4
-
-/* Minimum Algorithm specific ctrl value */
-
-#define	EVP_MD_CTRL_ALG_CTRL			0x1000
-
-#define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
-
-#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_DSA_method	(evp_sign_method *)DSA_sign, \
-				(evp_verify_method *)DSA_verify, \
-				{EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
-					EVP_PKEY_DSA4,0}
-#else
-#define EVP_PKEY_DSA_method	EVP_PKEY_NULL_method
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
-#define EVP_PKEY_ECDSA_method   (evp_sign_method *)ECDSA_sign, \
-				(evp_verify_method *)ECDSA_verify, \
-                                 {EVP_PKEY_EC,0,0,0}
-#else
-#define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
-#endif
-
-#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_RSA_method	(evp_sign_method *)RSA_sign, \
-				(evp_verify_method *)RSA_verify, \
-				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
-				(evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
-				(evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
-				{EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
-#else
-#define EVP_PKEY_RSA_method	EVP_PKEY_NULL_method
-#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
-#endif
-
-#endif /* !EVP_MD */
-
-struct env_md_ctx_st {
-	const EVP_MD *digest;
-	ENGINE *engine; /* functional reference if 'digest' is ENGINE-provided */
-	unsigned long flags;
-	void *md_data;
-	/* Public key context for sign/verify */
-	EVP_PKEY_CTX *pctx;
-	/* Update function: usually copied from EVP_MD */
-	int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
-} /* EVP_MD_CTX */;
-
-/* values for EVP_MD_CTX flags */
-
-#define EVP_MD_CTX_FLAG_ONESHOT		0x0001 /* digest update will be called
-						* once only */
-#define EVP_MD_CTX_FLAG_CLEANED		0x0002 /* context has already been
-						* cleaned */
-#define EVP_MD_CTX_FLAG_REUSE		0x0004 /* Don't free up ctx->md_data
-						* in EVP_MD_CTX_cleanup */
-/* FIPS and pad options are ignored in 1.0.0, definitions are here
- * so we don't accidentally reuse the values for other purposes.
- */
-
-#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW	0x0008	/* Allow use of non FIPS digest
-						 * in FIPS mode */
-
-/* The following PAD options are also currently ignored in 1.0.0, digest
- * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
- * instead.
- */
-#define EVP_MD_CTX_FLAG_PAD_MASK	0xF0	/* RSA mode to use */
-#define EVP_MD_CTX_FLAG_PAD_PKCS1	0x00	/* PKCS#1 v1.5 mode */
-#define EVP_MD_CTX_FLAG_PAD_X931	0x10	/* X9.31 mode */
-#define EVP_MD_CTX_FLAG_PAD_PSS		0x20	/* PSS mode */
-
-#define EVP_MD_CTX_FLAG_NO_INIT		0x0100 /* Don't initialize md_data */
-
-struct evp_cipher_st {
-	int nid;
-	int block_size;
-	int key_len;		/* Default value for variable length ciphers */
-	int iv_len;
-	unsigned long flags;	/* Various flags */
-	int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,
-	    const unsigned char *iv, int enc);	/* init key */
-	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
-	    const unsigned char *in, size_t inl);/* encrypt/decrypt data */
-	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
-	int ctx_size;		/* how big ctx->cipher_data needs to be */
-	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
-	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
-	int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */
-	void *app_data;		/* Application data */
-} /* EVP_CIPHER */;
-
-/* Values for cipher flags */
-
-/* Modes for ciphers */
-
-#define		EVP_CIPH_STREAM_CIPHER		0x0
-#define		EVP_CIPH_ECB_MODE		0x1
-#define		EVP_CIPH_CBC_MODE		0x2
-#define		EVP_CIPH_CFB_MODE		0x3
-#define		EVP_CIPH_OFB_MODE		0x4
-#define		EVP_CIPH_CTR_MODE		0x5
-#define		EVP_CIPH_GCM_MODE		0x6
-#define		EVP_CIPH_CCM_MODE		0x7
-#define		EVP_CIPH_XTS_MODE		0x10001
-#define 	EVP_CIPH_MODE			0xF0007
-/* Set if variable length cipher */
-#define 	EVP_CIPH_VARIABLE_LENGTH	0x8
-/* Set if the iv handling should be done by the cipher itself */
-#define 	EVP_CIPH_CUSTOM_IV		0x10
-/* Set if the cipher's init() function should be called if key is NULL */
-#define 	EVP_CIPH_ALWAYS_CALL_INIT	0x20
-/* Call ctrl() to init cipher parameters */
-#define 	EVP_CIPH_CTRL_INIT		0x40
-/* Don't use standard key length function */
-#define 	EVP_CIPH_CUSTOM_KEY_LENGTH	0x80
-/* Don't use standard block padding */
-#define 	EVP_CIPH_NO_PADDING		0x100
-/* cipher handles random key generation */
-#define 	EVP_CIPH_RAND_KEY		0x200
-/* cipher has its own additional copying logic */
-#define 	EVP_CIPH_CUSTOM_COPY		0x400
-/* Allow use default ASN1 get/set iv */
-#define		EVP_CIPH_FLAG_DEFAULT_ASN1	0x1000
-/* Buffer length in bits not bytes: CFB1 mode only */
-#define		EVP_CIPH_FLAG_LENGTH_BITS	0x2000
-/* Note if suitable for use in FIPS mode */
-#define		EVP_CIPH_FLAG_FIPS		0x4000
-/* Allow non FIPS cipher in FIPS mode */
-#define		EVP_CIPH_FLAG_NON_FIPS_ALLOW	0x8000
-/* Cipher handles any and all padding logic as well
- * as finalisation.
- */
-#define 	EVP_CIPH_FLAG_CUSTOM_CIPHER	0x100000
-#define		EVP_CIPH_FLAG_AEAD_CIPHER	0x200000
-
-/* ctrl() values */
-
-#define		EVP_CTRL_INIT			0x0
-#define 	EVP_CTRL_SET_KEY_LENGTH		0x1
-#define 	EVP_CTRL_GET_RC2_KEY_BITS	0x2
-#define 	EVP_CTRL_SET_RC2_KEY_BITS	0x3
-#define 	EVP_CTRL_GET_RC5_ROUNDS		0x4
-#define 	EVP_CTRL_SET_RC5_ROUNDS		0x5
-#define 	EVP_CTRL_RAND_KEY		0x6
-#define 	EVP_CTRL_PBE_PRF_NID		0x7
-#define 	EVP_CTRL_COPY			0x8
-#define 	EVP_CTRL_GCM_SET_IVLEN		0x9
-#define 	EVP_CTRL_GCM_GET_TAG		0x10
-#define 	EVP_CTRL_GCM_SET_TAG		0x11
-#define		EVP_CTRL_GCM_SET_IV_FIXED	0x12
-#define		EVP_CTRL_GCM_IV_GEN		0x13
-#define		EVP_CTRL_CCM_SET_IVLEN		EVP_CTRL_GCM_SET_IVLEN
-#define		EVP_CTRL_CCM_GET_TAG		EVP_CTRL_GCM_GET_TAG
-#define		EVP_CTRL_CCM_SET_TAG		EVP_CTRL_GCM_SET_TAG
-#define		EVP_CTRL_CCM_SET_L		0x14
-#define		EVP_CTRL_CCM_SET_MSGLEN		0x15
-/* AEAD cipher deduces payload length and returns number of bytes
- * required to store MAC and eventual padding. Subsequent call to
- * EVP_Cipher even appends/verifies MAC.
- */
-#define		EVP_CTRL_AEAD_TLS1_AAD		0x16
-/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
-#define		EVP_CTRL_AEAD_SET_MAC_KEY	0x17
-/* Set the GCM invocation field, decrypt only */
-#define		EVP_CTRL_GCM_SET_IV_INV		0x18
-/* Set the S-BOX NID for GOST ciphers */
-#define		EVP_CTRL_GOST_SET_SBOX		0x19
-
-/* GCM TLS constants */
-/* Length of fixed part of IV derived from PRF */
-#define EVP_GCM_TLS_FIXED_IV_LEN			4
-/* Length of explicit part of IV part of TLS records */
-#define EVP_GCM_TLS_EXPLICIT_IV_LEN			8
-/* Length of tag for TLS */
-#define EVP_GCM_TLS_TAG_LEN				16
-
-typedef struct evp_cipher_info_st {
-	const EVP_CIPHER *cipher;
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-} EVP_CIPHER_INFO;
-
-struct evp_cipher_ctx_st {
-	const EVP_CIPHER *cipher;
-	ENGINE *engine;	/* functional reference if 'cipher' is ENGINE-provided */
-	int encrypt;		/* encrypt or decrypt */
-	int buf_len;		/* number we have left */
-
-	unsigned char  oiv[EVP_MAX_IV_LENGTH];	/* original iv */
-	unsigned char  iv[EVP_MAX_IV_LENGTH];	/* working iv */
-	unsigned char buf[EVP_MAX_BLOCK_LENGTH];/* saved partial block */
-	int num;				/* used by cfb/ofb/ctr mode */
-
-	void *app_data;		/* application stuff */
-	int key_len;		/* May change for variable length cipher */
-	unsigned long flags;	/* Various flags */
-	void *cipher_data; /* per EVP data */
-	int final_used;
-	int block_mask;
-	unsigned char final[EVP_MAX_BLOCK_LENGTH];/* possible final block */
-} /* EVP_CIPHER_CTX */;
-
-typedef struct evp_Encode_Ctx_st {
-	int num;	/* number saved in a partial encode/decode */
-	int length;	/* The length is either the output line length
-			 * (in input bytes) or the shortest input line
-			 * length that is ok.  Once decoding begins,
-			 * the length is adjusted up each time a longer
-			 * line is decoded */
-	unsigned char enc_data[80];	/* data to encode */
-	int line_num;	/* number read on current line */
-	int expect_nl;
-} EVP_ENCODE_CTX;
-
-/* Password based encryption function */
-typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
-
-#ifndef OPENSSL_NO_RSA
-#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
-					(char *)(rsa))
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
-					(char *)(dsa))
-#endif
-
-#ifndef OPENSSL_NO_DH
-#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
-					(char *)(dh))
-#endif
-
-#ifndef OPENSSL_NO_EC
-#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
-                                        (char *)(eckey))
-#endif
-
-#ifndef OPENSSL_NO_GOST
-#define EVP_PKEY_assign_GOST(pkey,gostkey) EVP_PKEY_assign((pkey),EVP_PKEY_GOSTR01,\
-                                        (char *)(gostkey))
-#endif
-
-/* Add some extra combinations */
-#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
-#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
-#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
-int EVP_MD_type(const EVP_MD *md);
-#define EVP_MD_nid(e)			EVP_MD_type(e)
-#define EVP_MD_name(e)			OBJ_nid2sn(EVP_MD_nid(e))
-int EVP_MD_pkey_type(const EVP_MD *md);
-int EVP_MD_size(const EVP_MD *md);
-int EVP_MD_block_size(const EVP_MD *md);
-unsigned long EVP_MD_flags(const EVP_MD *md);
-
-const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
-#define EVP_MD_CTX_size(e)		EVP_MD_size(EVP_MD_CTX_md(e))
-#define EVP_MD_CTX_block_size(e)	EVP_MD_block_size(EVP_MD_CTX_md(e))
-#define EVP_MD_CTX_type(e)		EVP_MD_type(EVP_MD_CTX_md(e))
-
-int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
-#define EVP_CIPHER_name(e)		OBJ_nid2sn(EVP_CIPHER_nid(e))
-int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
-int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
-int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
-unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
-#define EVP_CIPHER_mode(e)		(EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
-
-const EVP_CIPHER * EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
-int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
-void * EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
-void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
-#define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
-unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
-#define EVP_CIPHER_CTX_mode(e)		(EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
-
-#define EVP_ENCODE_LENGTH(l)	(((l+2)/3*4)+(l/48+1)*2+80)
-#define EVP_DECODE_LENGTH(l)	((l+3)/4*3+80)
-
-#define EVP_SignInit_ex(a,b,c)		EVP_DigestInit_ex(a,b,c)
-#define EVP_SignInit(a,b)		EVP_DigestInit(a,b)
-#define EVP_SignUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-#define	EVP_VerifyInit_ex(a,b,c)	EVP_DigestInit_ex(a,b,c)
-#define	EVP_VerifyInit(a,b)		EVP_DigestInit(a,b)
-#define	EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
-#define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
-#define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)
-#define EVP_DigestSignUpdate(a,b,c)	EVP_DigestUpdate(a,b,c)
-#define EVP_DigestVerifyUpdate(a,b,c)	EVP_DigestUpdate(a,b,c)
-
-#define BIO_set_md(b,md)		BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
-#define BIO_get_md(b,mdp)		BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
-#define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
-#define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
-#define BIO_get_cipher_status(b)	BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
-#define BIO_get_cipher_ctx(b,c_pp)	BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
-
-int EVP_Cipher(EVP_CIPHER_CTX *c, unsigned char *out, const unsigned char *in,
-    unsigned int inl);
-
-#define EVP_add_cipher_alias(n,alias) \
-	OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_add_digest_alias(n,alias) \
-	OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
-#define EVP_delete_cipher_alias(alias) \
-	OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
-#define EVP_delete_digest_alias(alias) \
-	OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
-
-void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
-int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
-EVP_MD_CTX *EVP_MD_CTX_create(void);
-void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
-void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
-int EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
-int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
-int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
-int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
-int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
-int EVP_Digest(const void *data, size_t count, unsigned char *md,
-    unsigned int *size, const EVP_MD *type, ENGINE *impl);
-
-int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
-int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
-
-int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
-int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
-    const char *prompt, int verify);
-void EVP_set_pw_prompt(const char *prompt);
-char *EVP_get_pw_prompt(void);
-
-int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
-    const unsigned char *salt, const unsigned char *data, int datal, int count,
-    unsigned char *key, unsigned char *iv);
-
-void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
-void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
-int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
-
-int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv);
-int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    ENGINE *impl, const unsigned char *key, const unsigned char *iv);
-int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl);
-int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-#ifndef LIBRESSL_INTERNAL
-int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-#endif
-
-int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv);
-int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    ENGINE *impl, const unsigned char *key, const unsigned char *iv);
-int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl);
-int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-#ifndef LIBRESSL_INTERNAL
-int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-#endif
-
-int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv, int enc);
-int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc);
-int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl);
-int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-#ifndef LIBRESSL_INTERNAL
-int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
-#endif
-	
-int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
-    EVP_PKEY *pkey);
-
-int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-    unsigned int siglen, EVP_PKEY *pkey);
-
-int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-    const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
-int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen);
-
-int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-    const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
-int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
-
-int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-    const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv);
-int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-    unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
-    int npubk);
-int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
-
-void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
-void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl);
-void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
-int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
-int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl);
-int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
-int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
-
-void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
-void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
-int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
-int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
-int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
-
-#ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_md(void);
-BIO_METHOD *BIO_f_base64(void);
-BIO_METHOD *BIO_f_cipher(void);
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
-    const unsigned char *i, int enc);
-#endif
-
-const EVP_MD *EVP_md_null(void);
-#ifndef OPENSSL_NO_MD4
-const EVP_MD *EVP_md4(void);
-#endif
-#ifndef OPENSSL_NO_MD5
-const EVP_MD *EVP_md5(void);
-#endif
-#ifndef OPENSSL_NO_SHA
-const EVP_MD *EVP_sha1(void);
-const EVP_MD *EVP_dss(void);
-const EVP_MD *EVP_dss1(void);
-const EVP_MD *EVP_ecdsa(void);
-#endif
-#ifndef OPENSSL_NO_SHA256
-const EVP_MD *EVP_sha224(void);
-const EVP_MD *EVP_sha256(void);
-#endif
-#ifndef OPENSSL_NO_SHA512
-const EVP_MD *EVP_sha384(void);
-const EVP_MD *EVP_sha512(void);
-#endif
-#ifndef OPENSSL_NO_RIPEMD
-const EVP_MD *EVP_ripemd160(void);
-#endif
-#ifndef OPENSSL_NO_WHIRLPOOL
-const EVP_MD *EVP_whirlpool(void);
-#endif
-#ifndef OPENSSL_NO_GOST
-const EVP_MD *EVP_gostr341194(void);
-const EVP_MD *EVP_gost2814789imit(void);
-const EVP_MD *EVP_streebog256(void);
-const EVP_MD *EVP_streebog512(void);
-#endif
-const EVP_CIPHER *EVP_enc_null(void);		/* does nothing :-) */
-#ifndef OPENSSL_NO_DES
-const EVP_CIPHER *EVP_des_ecb(void);
-const EVP_CIPHER *EVP_des_ede(void);
-const EVP_CIPHER *EVP_des_ede3(void);
-const EVP_CIPHER *EVP_des_ede_ecb(void);
-const EVP_CIPHER *EVP_des_ede3_ecb(void);
-const EVP_CIPHER *EVP_des_cfb64(void);
-# define EVP_des_cfb EVP_des_cfb64
-const EVP_CIPHER *EVP_des_cfb1(void);
-const EVP_CIPHER *EVP_des_cfb8(void);
-const EVP_CIPHER *EVP_des_ede_cfb64(void);
-# define EVP_des_ede_cfb EVP_des_ede_cfb64
-const EVP_CIPHER *EVP_des_ede3_cfb64(void);
-# define EVP_des_ede3_cfb EVP_des_ede3_cfb64
-const EVP_CIPHER *EVP_des_ede3_cfb1(void);
-const EVP_CIPHER *EVP_des_ede3_cfb8(void);
-const EVP_CIPHER *EVP_des_ofb(void);
-const EVP_CIPHER *EVP_des_ede_ofb(void);
-const EVP_CIPHER *EVP_des_ede3_ofb(void);
-const EVP_CIPHER *EVP_des_cbc(void);
-const EVP_CIPHER *EVP_des_ede_cbc(void);
-const EVP_CIPHER *EVP_des_ede3_cbc(void);
-const EVP_CIPHER *EVP_desx_cbc(void);
-#endif
-#ifndef OPENSSL_NO_RC4
-const EVP_CIPHER *EVP_rc4(void);
-const EVP_CIPHER *EVP_rc4_40(void);
-#ifndef OPENSSL_NO_MD5
-const EVP_CIPHER *EVP_rc4_hmac_md5(void);
-#endif
-#endif
-#ifndef OPENSSL_NO_IDEA
-const EVP_CIPHER *EVP_idea_ecb(void);
-const EVP_CIPHER *EVP_idea_cfb64(void);
-# define EVP_idea_cfb EVP_idea_cfb64
-const EVP_CIPHER *EVP_idea_ofb(void);
-const EVP_CIPHER *EVP_idea_cbc(void);
-#endif
-#ifndef OPENSSL_NO_RC2
-const EVP_CIPHER *EVP_rc2_ecb(void);
-const EVP_CIPHER *EVP_rc2_cbc(void);
-const EVP_CIPHER *EVP_rc2_40_cbc(void);
-const EVP_CIPHER *EVP_rc2_64_cbc(void);
-const EVP_CIPHER *EVP_rc2_cfb64(void);
-# define EVP_rc2_cfb EVP_rc2_cfb64
-const EVP_CIPHER *EVP_rc2_ofb(void);
-#endif
-#ifndef OPENSSL_NO_BF
-const EVP_CIPHER *EVP_bf_ecb(void);
-const EVP_CIPHER *EVP_bf_cbc(void);
-const EVP_CIPHER *EVP_bf_cfb64(void);
-# define EVP_bf_cfb EVP_bf_cfb64
-const EVP_CIPHER *EVP_bf_ofb(void);
-#endif
-#ifndef OPENSSL_NO_CAST
-const EVP_CIPHER *EVP_cast5_ecb(void);
-const EVP_CIPHER *EVP_cast5_cbc(void);
-const EVP_CIPHER *EVP_cast5_cfb64(void);
-# define EVP_cast5_cfb EVP_cast5_cfb64
-const EVP_CIPHER *EVP_cast5_ofb(void);
-#endif
-#ifndef OPENSSL_NO_AES
-const EVP_CIPHER *EVP_aes_128_ecb(void);
-const EVP_CIPHER *EVP_aes_128_cbc(void);
-const EVP_CIPHER *EVP_aes_128_cfb1(void);
-const EVP_CIPHER *EVP_aes_128_cfb8(void);
-const EVP_CIPHER *EVP_aes_128_cfb128(void);
-# define EVP_aes_128_cfb EVP_aes_128_cfb128
-const EVP_CIPHER *EVP_aes_128_ofb(void);
-const EVP_CIPHER *EVP_aes_128_ctr(void);
-const EVP_CIPHER *EVP_aes_128_ccm(void);
-const EVP_CIPHER *EVP_aes_128_gcm(void);
-const EVP_CIPHER *EVP_aes_128_xts(void);
-const EVP_CIPHER *EVP_aes_192_ecb(void);
-const EVP_CIPHER *EVP_aes_192_cbc(void);
-const EVP_CIPHER *EVP_aes_192_cfb1(void);
-const EVP_CIPHER *EVP_aes_192_cfb8(void);
-const EVP_CIPHER *EVP_aes_192_cfb128(void);
-# define EVP_aes_192_cfb EVP_aes_192_cfb128
-const EVP_CIPHER *EVP_aes_192_ofb(void);
-const EVP_CIPHER *EVP_aes_192_ctr(void);
-const EVP_CIPHER *EVP_aes_192_ccm(void);
-const EVP_CIPHER *EVP_aes_192_gcm(void);
-const EVP_CIPHER *EVP_aes_256_ecb(void);
-const EVP_CIPHER *EVP_aes_256_cbc(void);
-const EVP_CIPHER *EVP_aes_256_cfb1(void);
-const EVP_CIPHER *EVP_aes_256_cfb8(void);
-const EVP_CIPHER *EVP_aes_256_cfb128(void);
-# define EVP_aes_256_cfb EVP_aes_256_cfb128
-const EVP_CIPHER *EVP_aes_256_ofb(void);
-const EVP_CIPHER *EVP_aes_256_ctr(void);
-const EVP_CIPHER *EVP_aes_256_ccm(void);
-const EVP_CIPHER *EVP_aes_256_gcm(void);
-const EVP_CIPHER *EVP_aes_256_xts(void);
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
-const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
-#endif
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-const EVP_CIPHER *EVP_camellia_128_ecb(void);
-const EVP_CIPHER *EVP_camellia_128_cbc(void);
-const EVP_CIPHER *EVP_camellia_128_cfb1(void);
-const EVP_CIPHER *EVP_camellia_128_cfb8(void);
-const EVP_CIPHER *EVP_camellia_128_cfb128(void);
-# define EVP_camellia_128_cfb EVP_camellia_128_cfb128
-const EVP_CIPHER *EVP_camellia_128_ofb(void);
-const EVP_CIPHER *EVP_camellia_192_ecb(void);
-const EVP_CIPHER *EVP_camellia_192_cbc(void);
-const EVP_CIPHER *EVP_camellia_192_cfb1(void);
-const EVP_CIPHER *EVP_camellia_192_cfb8(void);
-const EVP_CIPHER *EVP_camellia_192_cfb128(void);
-# define EVP_camellia_192_cfb EVP_camellia_192_cfb128
-const EVP_CIPHER *EVP_camellia_192_ofb(void);
-const EVP_CIPHER *EVP_camellia_256_ecb(void);
-const EVP_CIPHER *EVP_camellia_256_cbc(void);
-const EVP_CIPHER *EVP_camellia_256_cfb1(void);
-const EVP_CIPHER *EVP_camellia_256_cfb8(void);
-const EVP_CIPHER *EVP_camellia_256_cfb128(void);
-# define EVP_camellia_256_cfb EVP_camellia_256_cfb128
-const EVP_CIPHER *EVP_camellia_256_ofb(void);
-#endif
-
-#ifndef OPENSSL_NO_CHACHA
-const EVP_CIPHER *EVP_chacha20(void);
-#endif
-
-#ifndef OPENSSL_NO_GOST
-const EVP_CIPHER *EVP_gost2814789_ecb(void);
-const EVP_CIPHER *EVP_gost2814789_cfb64(void);
-const EVP_CIPHER *EVP_gost2814789_cnt(void);
-#endif
-
-void OPENSSL_add_all_algorithms_noconf(void);
-void OPENSSL_add_all_algorithms_conf(void);
-
-#ifdef OPENSSL_LOAD_CONF
-#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_conf()
-#else
-#define OpenSSL_add_all_algorithms() OPENSSL_add_all_algorithms_noconf()
-#endif
-
-void OpenSSL_add_all_ciphers(void);
-void OpenSSL_add_all_digests(void);
-
-#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
-#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
-#define SSLeay_add_all_digests() OpenSSL_add_all_digests()
-
-int EVP_add_cipher(const EVP_CIPHER *cipher);
-int EVP_add_digest(const EVP_MD *digest);
-
-const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
-const EVP_MD *EVP_get_digestbyname(const char *name);
-void EVP_cleanup(void);
-
-void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from,
-    const char *to, void *x), void *arg);
-void EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph,
-    const char *from, const char *to, void *x), void *arg);
-
-void EVP_MD_do_all(void (*fn)(const EVP_MD *ciph, const char *from,
-    const char *to, void *x), void *arg);
-void EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *ciph, const char *from,
-    const char *to, void *x), void *arg);
-
-int EVP_PKEY_decrypt_old(unsigned char *dec_key, const unsigned char *enc_key,
-    int enc_key_len, EVP_PKEY *private_key);
-int EVP_PKEY_encrypt_old(unsigned char *enc_key, const unsigned char *key,
-    int key_len, EVP_PKEY *pub_key);
-int EVP_PKEY_type(int type);
-int EVP_PKEY_id(const EVP_PKEY *pkey);
-int EVP_PKEY_base_id(const EVP_PKEY *pkey);
-int EVP_PKEY_bits(EVP_PKEY *pkey);
-int EVP_PKEY_size(EVP_PKEY *pkey);
-int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
-int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
-int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
-void *EVP_PKEY_get0(EVP_PKEY *pkey);
-
-#ifndef OPENSSL_NO_RSA
-struct rsa_st;
-int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
-struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_DSA
-struct dsa_st;
-int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
-struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_DH
-struct dh_st;
-int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
-struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_EC
-struct ec_key_st;
-int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
-struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-#endif
-#ifndef OPENSSL_NO_GOST
-struct gost_key_st;
-#endif
-
-EVP_PKEY *EVP_PKEY_new(void);
-void EVP_PKEY_free(EVP_PKEY *pkey);
-
-EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
-    long length);
-int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
-
-EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
-    long length);
-EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
-    long length);
-int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
-
-int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
-int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
-int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
-int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
-
-int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx);
-int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx);
-int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx);
-
-int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
-
-int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
-/* calls methods */
-int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* These are used by EVP_CIPHER methods */
-int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-/* PKCS5 password based encryption */
-int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de);
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-    const unsigned char *salt, int saltlen, int iter, int keylen,
-    unsigned char *out);
-int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
-    int saltlen, int iter, const EVP_MD *digest, int keylen,
-    unsigned char *out);
-int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md,
-    int en_de);
-
-void PKCS5_PBE_add(void);
-
-int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-    ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
-
-/* PBE type */
-
-/* Can appear as the outermost AlgorithmIdentifier */
-#define EVP_PBE_TYPE_OUTER	0x0
-/* Is an PRF type OID */
-#define EVP_PBE_TYPE_PRF	0x1
-
-int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
-    EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-    EVP_PBE_KEYGEN *keygen);
-int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
-    EVP_PBE_KEYGEN **pkeygen);
-void EVP_PBE_cleanup(void);
-
-#define ASN1_PKEY_ALIAS		0x1
-#define ASN1_PKEY_DYNAMIC	0x2
-#define ASN1_PKEY_SIGPARAM_NULL	0x4
-
-#define ASN1_PKEY_CTRL_PKCS7_SIGN	0x1
-#define ASN1_PKEY_CTRL_PKCS7_ENCRYPT	0x2
-#define ASN1_PKEY_CTRL_DEFAULT_MD_NID	0x3
-#define ASN1_PKEY_CTRL_CMS_SIGN		0x5
-#define ASN1_PKEY_CTRL_CMS_ENVELOPE	0x7
-
-int EVP_PKEY_asn1_get_count(void);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
-const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
-    const char *str, int len);
-int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
-int EVP_PKEY_asn1_add_alias(int to, int from);
-int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags,
-    const char **pinfo, const char **ppem_str,
-    const EVP_PKEY_ASN1_METHOD *ameth);
-
-const EVP_PKEY_ASN1_METHOD* EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
-EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags, const char *pem_str,
-    const char *info);
-void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
-    const EVP_PKEY_ASN1_METHOD *src);
-void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
-void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
-    int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
-    int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
-    int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx),
-    int (*pkey_size)(const EVP_PKEY *pk),
-    int (*pkey_bits)(const EVP_PKEY *pk));
-void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
-    int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
-    int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx));
-void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
-    int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
-    int (*param_missing)(const EVP_PKEY *pk),
-    int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
-    int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
-    int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx));
-
-void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
-    void (*pkey_free)(EVP_PKEY *pkey));
-void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
-    int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2));
-
-#define EVP_PKEY_OP_UNDEFINED		0
-#define EVP_PKEY_OP_PARAMGEN		(1<<1)
-#define EVP_PKEY_OP_KEYGEN		(1<<2)
-#define EVP_PKEY_OP_SIGN		(1<<3)
-#define EVP_PKEY_OP_VERIFY		(1<<4)
-#define EVP_PKEY_OP_VERIFYRECOVER	(1<<5)
-#define EVP_PKEY_OP_SIGNCTX		(1<<6)
-#define EVP_PKEY_OP_VERIFYCTX		(1<<7)
-#define EVP_PKEY_OP_ENCRYPT		(1<<8)
-#define EVP_PKEY_OP_DECRYPT		(1<<9)
-#define EVP_PKEY_OP_DERIVE		(1<<10)
-
-#define EVP_PKEY_OP_TYPE_SIG	\
-	(EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
-		| EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
-
-#define EVP_PKEY_OP_TYPE_CRYPT \
-	(EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
-
-#define EVP_PKEY_OP_TYPE_NOGEN \
-	(EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
-
-#define EVP_PKEY_OP_TYPE_GEN \
-		(EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
-
-#define	 EVP_PKEY_CTX_set_signature_md(ctx, md)	\
-		EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
-					EVP_PKEY_CTRL_MD, 0, (void *)md)
-
-#define EVP_PKEY_CTRL_MD		1
-#define EVP_PKEY_CTRL_PEER_KEY		2
-
-#define EVP_PKEY_CTRL_PKCS7_ENCRYPT	3
-#define EVP_PKEY_CTRL_PKCS7_DECRYPT	4
-
-#define EVP_PKEY_CTRL_PKCS7_SIGN	5
-
-#define EVP_PKEY_CTRL_SET_MAC_KEY	6
-
-#define EVP_PKEY_CTRL_DIGESTINIT	7
-
-/* Used by GOST key encryption in TLS */
-#define EVP_PKEY_CTRL_SET_IV 		8
-
-#define EVP_PKEY_CTRL_CMS_ENCRYPT	9
-#define EVP_PKEY_CTRL_CMS_DECRYPT	10
-#define EVP_PKEY_CTRL_CMS_SIGN		11
-
-#define EVP_PKEY_CTRL_CIPHER		12
-
-#define EVP_PKEY_ALG_CTRL		0x1000
-
-
-#define EVP_PKEY_FLAG_AUTOARGLEN	2
-/* Method handles all operations: don't assume any digest related
- * defaults.
- */
-#define EVP_PKEY_FLAG_SIGCTX_CUSTOM	4
-
-const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
-EVP_PKEY_METHOD* EVP_PKEY_meth_new(int id, int flags);
-void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
-    const EVP_PKEY_METHOD *meth);
-void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
-void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
-int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
-
-EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
-EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
-    int p1, void *p2);
-int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-    const char *value);
-
-int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
-void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
-
-EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
-    int keylen);
-
-void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
-EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
-
-EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
-
-void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
-void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen);
-int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout,
-    size_t *routlen, const unsigned char *sig, size_t siglen);
-int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen);
-int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen);
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
-typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
-int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-
-void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
-EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
-
-int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-
-void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
-    int (*init)(EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
-    int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
-
-void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
-    void (*cleanup)(EVP_PKEY_CTX *ctx));
-
-void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
-    int (*paramgen_init)(EVP_PKEY_CTX *ctx),
-    int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
-    int (*keygen_init)(EVP_PKEY_CTX *ctx),
-    int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
-
-void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
-    int (*sign_init)(EVP_PKEY_CTX *ctx),
-    int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen));
-
-void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
-    int (*verify_init)(EVP_PKEY_CTX *ctx),
-    int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen));
-
-void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
-    int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
-    int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,
-    size_t *siglen, const unsigned char *tbs, size_t tbslen));
-
-void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
-    int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-    int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
-    int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-    int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-    EVP_MD_CTX *mctx));
-
-void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
-    int (*encrypt_init)(EVP_PKEY_CTX *ctx),
-    int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen));
-
-void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
-    int (*decrypt_init)(EVP_PKEY_CTX *ctx),
-    int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen));
-
-void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
-    int (*derive_init)(EVP_PKEY_CTX *ctx),
-    int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
-
-void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
-    int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
-    int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
-
-/* Authenticated Encryption with Additional Data.
- *
- * AEAD couples confidentiality and integrity in a single primtive. AEAD
- * algorithms take a key and then can seal and open individual messages. Each
- * message has a unique, per-message nonce and, optionally, additional data
- * which is authenticated but not included in the output. */
-
-struct evp_aead_st;
-typedef struct evp_aead_st EVP_AEAD;
-
-#ifndef OPENSSL_NO_AES
-/* EVP_aes_128_gcm is AES-128 in Galois Counter Mode. */
-const EVP_AEAD *EVP_aead_aes_128_gcm(void);
-/* EVP_aes_256_gcm is AES-256 in Galois Counter Mode. */
-const EVP_AEAD *EVP_aead_aes_256_gcm(void);
-#endif
-
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-/* EVP_aead_chacha20_poly1305 is ChaCha20 with a Poly1305 authenticator. */
-const EVP_AEAD *EVP_aead_chacha20_poly1305(void);
-const EVP_AEAD *EVP_aead_chacha20_poly1305_old(void);
-#endif
-
-/* EVP_AEAD_key_length returns the length of the keys used. */
-size_t EVP_AEAD_key_length(const EVP_AEAD *aead);
-
-/* EVP_AEAD_nonce_length returns the length of the per-message nonce. */
-size_t EVP_AEAD_nonce_length(const EVP_AEAD *aead);
-
-/* EVP_AEAD_max_overhead returns the maximum number of additional bytes added
- * by the act of sealing data with the AEAD. */
-size_t EVP_AEAD_max_overhead(const EVP_AEAD *aead);
-
-/* EVP_AEAD_max_tag_len returns the maximum tag length when using this AEAD.
- * This * is the largest value that can be passed as a tag length to
- * EVP_AEAD_CTX_init. */
-size_t EVP_AEAD_max_tag_len(const EVP_AEAD *aead);
-
-/* An EVP_AEAD_CTX represents an AEAD algorithm configured with a specific key
- * and message-independent IV. */
-typedef struct evp_aead_ctx_st {
-	const EVP_AEAD *aead;
-	/* aead_state is an opaque pointer to the AEAD specific state. */
-	void *aead_state;
-} EVP_AEAD_CTX;
-
-/* EVP_AEAD_MAX_TAG_LENGTH is the maximum tag length used by any AEAD
- * defined in this header. */
-#define EVP_AEAD_MAX_TAG_LENGTH 16
-
-/* EVP_AEAD_DEFAULT_TAG_LENGTH is a magic value that can be passed to
- * EVP_AEAD_CTX_init to indicate that the default tag length for an AEAD
- * should be used. */
-#define EVP_AEAD_DEFAULT_TAG_LENGTH 0
-
-/* EVP_AEAD_init initializes the context for the given AEAD algorithm.
- * The implementation argument may be NULL to choose the default implementation.
- * Authentication tags may be truncated by passing a tag length. A tag length
- * of zero indicates the default tag length should be used. */
-int EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
-    const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl);
-
-/* EVP_AEAD_CTX_cleanup frees any data allocated for this context. */
-void EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx);
-
-/* EVP_AEAD_CTX_seal encrypts and authenticates the input and authenticates
- * any additional data (AD), the result being written as output. One is
- * returned on success, otherwise zero.
- *
- * This function may be called (with the same EVP_AEAD_CTX) concurrently with
- * itself or EVP_AEAD_CTX_open.
- *
- * At most max_out_len bytes are written as output and, in order to ensure
- * success, this value should be the length of the input plus the result of
- * EVP_AEAD_overhead. On successful return, out_len is set to the actual
- * number of bytes written.
- *
- * The length of the nonce is must be equal to the result of
- * EVP_AEAD_nonce_length for this AEAD.
- *
- * EVP_AEAD_CTX_seal never results in a partial output. If max_out_len is
- * insufficient, zero will be returned and out_len will be set to zero.
- *
- * If the input and output are aliased then out must be <= in. */
-int EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
-    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-    size_t nonce_len, const unsigned char *in, size_t in_len,
-    const unsigned char *ad, size_t ad_len);
-
-/* EVP_AEAD_CTX_open authenticates the input and additional data, decrypting
- * the input and writing it as output. One is returned on success, otherwise
- * zero.
- *
- * This function may be called (with the same EVP_AEAD_CTX) concurrently with
- * itself or EVP_AEAD_CTX_seal.
- *
- * At most the number of input bytes are written as output. In order to ensure
- * success, max_out_len should be at least the same as the input length. On
- * successful return out_len is set to the actual number of bytes written.
- *
- * The length of nonce must be equal to the result of EVP_AEAD_nonce_length
- * for this AEAD.
- *
- * EVP_AEAD_CTX_open never results in a partial output. If max_out_len is
- * insufficient, zero will be returned and out_len will be set to zero.
- *
- * If the input and output are aliased then out must be <= in. */
-int EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
-    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-    size_t nonce_len, const unsigned char *in, size_t in_len,
-    const unsigned char *ad, size_t ad_len);
-
-void EVP_add_alg_module(void);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_EVP_strings(void);
-
-/* Error codes for the EVP functions. */
-
-/* Function codes. */
-#define EVP_F_AEAD_AES_GCM_INIT				 187
-#define EVP_F_AEAD_AES_GCM_OPEN				 188
-#define EVP_F_AEAD_AES_GCM_SEAL				 189
-#define EVP_F_AEAD_CHACHA20_POLY1305_INIT		 192
-#define EVP_F_AEAD_CHACHA20_POLY1305_OPEN		 193
-#define EVP_F_AEAD_CHACHA20_POLY1305_SEAL		 194
-#define EVP_F_AEAD_CTX_OPEN				 185
-#define EVP_F_AEAD_CTX_SEAL				 186
-#define EVP_F_AESNI_INIT_KEY				 165
-#define EVP_F_AESNI_XTS_CIPHER				 176
-#define EVP_F_AES_INIT_KEY				 133
-#define EVP_F_AES_XTS					 172
-#define EVP_F_AES_XTS_CIPHER				 175
-#define EVP_F_ALG_MODULE_INIT				 177
-#define EVP_F_CAMELLIA_INIT_KEY				 159
-#define EVP_F_CMAC_INIT					 173
-#define EVP_F_D2I_PKEY					 100
-#define EVP_F_DO_SIGVER_INIT				 161
-#define EVP_F_DSAPKEY2PKCS8				 134
-#define EVP_F_DSA_PKEY2PKCS8				 135
-#define EVP_F_ECDSA_PKEY2PKCS8				 129
-#define EVP_F_ECKEY_PKEY2PKCS8				 132
-#define EVP_F_EVP_AEAD_CTX_INIT				 180
-#define EVP_F_EVP_AEAD_CTX_OPEN				 190
-#define EVP_F_EVP_AEAD_CTX_SEAL				 191
-#define EVP_F_EVP_BYTESTOKEY				 200
-#define EVP_F_EVP_CIPHERINIT_EX				 123
-#define EVP_F_EVP_CIPHER_CTX_COPY			 163
-#define EVP_F_EVP_CIPHER_CTX_CTRL			 124
-#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH		 122
-#define EVP_F_EVP_CIPHER_GET_ASN1_IV			 201
-#define EVP_F_EVP_CIPHER_SET_ASN1_IV			 202
-#define EVP_F_EVP_DECRYPTFINAL_EX			 101
-#define EVP_F_EVP_DECRYPTUPDATE				 199
-#define EVP_F_EVP_DIGESTFINAL_EX			 196
-#define EVP_F_EVP_DIGESTINIT_EX				 128
-#define EVP_F_EVP_ENCRYPTFINAL_EX			 127
-#define EVP_F_EVP_ENCRYPTUPDATE				 198
-#define EVP_F_EVP_MD_CTX_COPY_EX			 110
-#define EVP_F_EVP_MD_CTX_CTRL				 195
-#define EVP_F_EVP_MD_SIZE				 162
-#define EVP_F_EVP_OPENINIT				 102
-#define EVP_F_EVP_PBE_ALG_ADD				 115
-#define EVP_F_EVP_PBE_ALG_ADD_TYPE			 160
-#define EVP_F_EVP_PBE_CIPHERINIT			 116
-#define EVP_F_EVP_PKCS82PKEY				 111
-#define EVP_F_EVP_PKCS82PKEY_BROKEN			 136
-#define EVP_F_EVP_PKEY2PKCS8_BROKEN			 113
-#define EVP_F_EVP_PKEY_COPY_PARAMETERS			 103
-#define EVP_F_EVP_PKEY_CTX_CTRL				 137
-#define EVP_F_EVP_PKEY_CTX_CTRL_STR			 150
-#define EVP_F_EVP_PKEY_CTX_DUP				 156
-#define EVP_F_EVP_PKEY_DECRYPT				 104
-#define EVP_F_EVP_PKEY_DECRYPT_INIT			 138
-#define EVP_F_EVP_PKEY_DECRYPT_OLD			 151
-#define EVP_F_EVP_PKEY_DERIVE				 153
-#define EVP_F_EVP_PKEY_DERIVE_INIT			 154
-#define EVP_F_EVP_PKEY_DERIVE_SET_PEER			 155
-#define EVP_F_EVP_PKEY_ENCRYPT				 105
-#define EVP_F_EVP_PKEY_ENCRYPT_INIT			 139
-#define EVP_F_EVP_PKEY_ENCRYPT_OLD			 152
-#define EVP_F_EVP_PKEY_GET1_DH				 119
-#define EVP_F_EVP_PKEY_GET1_DSA				 120
-#define EVP_F_EVP_PKEY_GET1_ECDSA			 130
-#define EVP_F_EVP_PKEY_GET1_EC_KEY			 131
-#define EVP_F_EVP_PKEY_GET1_RSA				 121
-#define EVP_F_EVP_PKEY_KEYGEN				 146
-#define EVP_F_EVP_PKEY_KEYGEN_INIT			 147
-#define EVP_F_EVP_PKEY_NEW				 106
-#define EVP_F_EVP_PKEY_PARAMGEN				 148
-#define EVP_F_EVP_PKEY_PARAMGEN_INIT			 149
-#define EVP_F_EVP_PKEY_SIGN				 140
-#define EVP_F_EVP_PKEY_SIGN_INIT			 141
-#define EVP_F_EVP_PKEY_VERIFY				 142
-#define EVP_F_EVP_PKEY_VERIFY_INIT			 143
-#define EVP_F_EVP_PKEY_VERIFY_RECOVER			 144
-#define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT		 145
-#define EVP_F_EVP_RIJNDAEL				 126
-#define EVP_F_EVP_SIGNFINAL				 107
-#define EVP_F_EVP_VERIFYFINAL				 108
-#define EVP_F_FIPS_CIPHERINIT				 166
-#define EVP_F_FIPS_CIPHER_CTX_COPY			 170
-#define EVP_F_FIPS_CIPHER_CTX_CTRL			 167
-#define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH		 171
-#define EVP_F_FIPS_DIGESTINIT				 168
-#define EVP_F_FIPS_MD_CTX_COPY				 169
-#define EVP_F_HMAC_INIT_EX				 174
-#define EVP_F_INT_CTX_NEW				 157
-#define EVP_F_PKCS5_PBE_KEYIVGEN			 117
-#define EVP_F_PKCS5_V2_PBE_KEYIVGEN			 118
-#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN			 164
-#define EVP_F_PKCS8_SET_BROKEN				 112
-#define EVP_F_PKEY_SET_TYPE				 158
-#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV			 197
-#define EVP_F_RC2_MAGIC_TO_METH				 109
-#define EVP_F_RC5_CTRL					 125
-
-/* Reason codes. */
-#define EVP_R_AES_IV_SETUP_FAILED			 162
-#define EVP_R_AES_KEY_SETUP_FAILED			 143
-#define EVP_R_ASN1_LIB					 140
-#define EVP_R_BAD_BLOCK_LENGTH				 136
-#define EVP_R_BAD_DECRYPT				 100
-#define EVP_R_BAD_KEY_LENGTH				 137
-#define EVP_R_BN_DECODE_ERROR				 112
-#define EVP_R_BN_PUBKEY_ERROR				 113
-#define EVP_R_BUFFER_TOO_SMALL				 155
-#define EVP_R_CAMELLIA_KEY_SETUP_FAILED			 157
-#define EVP_R_CIPHER_PARAMETER_ERROR			 122
-#define EVP_R_COMMAND_NOT_SUPPORTED			 147
-#define EVP_R_CTRL_NOT_IMPLEMENTED			 132
-#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED		 133
-#define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH		 138
-#define EVP_R_DECODE_ERROR				 114
-#define EVP_R_DIFFERENT_KEY_TYPES			 101
-#define EVP_R_DIFFERENT_PARAMETERS			 153
-#define EVP_R_DISABLED_FOR_FIPS				 163
-#define EVP_R_ENCODE_ERROR				 115
-#define EVP_R_ERROR_LOADING_SECTION			 165
-#define EVP_R_ERROR_SETTING_FIPS_MODE			 166
-#define EVP_R_EVP_PBE_CIPHERINIT_ERROR			 119
-#define EVP_R_EXPECTING_AN_RSA_KEY			 127
-#define EVP_R_EXPECTING_A_DH_KEY			 128
-#define EVP_R_EXPECTING_A_DSA_KEY			 129
-#define EVP_R_EXPECTING_A_ECDSA_KEY			 141
-#define EVP_R_EXPECTING_A_EC_KEY			 142
-#define EVP_R_FIPS_MODE_NOT_SUPPORTED			 167
-#define EVP_R_INITIALIZATION_ERROR			 134
-#define EVP_R_INPUT_NOT_INITIALIZED			 111
-#define EVP_R_INVALID_DIGEST				 152
-#define EVP_R_INVALID_FIPS_MODE				 168
-#define EVP_R_INVALID_KEY_LENGTH			 130
-#define EVP_R_INVALID_OPERATION				 148
-#define EVP_R_IV_TOO_LARGE				 102
-#define EVP_R_KEYGEN_FAILURE				 120
-#define EVP_R_MESSAGE_DIGEST_IS_NULL			 159
-#define EVP_R_METHOD_NOT_SUPPORTED			 144
-#define EVP_R_MISSING_PARAMETERS			 103
-#define EVP_R_NO_CIPHER_SET				 131
-#define EVP_R_NO_DEFAULT_DIGEST				 158
-#define EVP_R_NO_DIGEST_SET				 139
-#define EVP_R_NO_DSA_PARAMETERS				 116
-#define EVP_R_NO_KEY_SET				 154
-#define EVP_R_NO_OPERATION_SET				 149
-#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED		 104
-#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED		 105
-#define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 150
-#define EVP_R_OPERATON_NOT_INITIALIZED			 151
-#define EVP_R_OUTPUT_ALIASES_INPUT			 172
-#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE			 117
-#define EVP_R_PRIVATE_KEY_DECODE_ERROR			 145
-#define EVP_R_PRIVATE_KEY_ENCODE_ERROR			 146
-#define EVP_R_PUBLIC_KEY_NOT_RSA			 106
-#define EVP_R_TAG_TOO_LARGE				 171
-#define EVP_R_TOO_LARGE					 164
-#define EVP_R_UNKNOWN_CIPHER				 160
-#define EVP_R_UNKNOWN_DIGEST				 161
-#define EVP_R_UNKNOWN_OPTION				 169
-#define EVP_R_UNKNOWN_PBE_ALGORITHM			 121
-#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS		 135
-#define EVP_R_UNSUPPORTED_ALGORITHM			 156
-#define EVP_R_UNSUPPORTED_CIPHER			 107
-#define EVP_R_UNSUPPORTED_KEYLENGTH			 123
-#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION	 124
-#define EVP_R_UNSUPPORTED_KEY_SIZE			 108
-#define EVP_R_UNSUPPORTED_PRF				 125
-#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM		 118
-#define EVP_R_UNSUPPORTED_SALT_TYPE			 126
-#define EVP_R_WRONG_FINAL_BLOCK_LENGTH			 109
-#define EVP_R_WRONG_PUBLIC_KEY_TYPE			 110
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/evp/evp_aead.c b/lib/libssl/src/crypto/evp/evp_aead.c
deleted file mode 100644
index 197b7f515f9..00000000000
--- a/lib/libssl/src/crypto/evp/evp_aead.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* $OpenBSD: evp_aead.c,v 1.5 2014/06/21 15:30:36 jsing Exp $ */
-/*
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <limits.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-#include <openssl/err.h>
-
-#include "evp_locl.h"
-
-size_t
-EVP_AEAD_key_length(const EVP_AEAD *aead)
-{
-	return aead->key_len;
-}
-
-size_t
-EVP_AEAD_nonce_length(const EVP_AEAD *aead)
-{
-	return aead->nonce_len;
-}
-
-size_t
-EVP_AEAD_max_overhead(const EVP_AEAD *aead)
-{
-	return aead->overhead;
-}
-
-size_t
-EVP_AEAD_max_tag_len(const EVP_AEAD *aead)
-{
-	return aead->max_tag_len;
-}
-
-int
-EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
-    const unsigned char *key, size_t key_len, size_t tag_len, ENGINE *impl)
-{
-	ctx->aead = aead;
-	if (key_len != aead->key_len) {
-		EVPerr(EVP_F_EVP_AEAD_CTX_INIT, EVP_R_UNSUPPORTED_KEY_SIZE);
-		return 0;
-	}
-	return aead->init(ctx, key, key_len, tag_len);
-}
-
-void
-EVP_AEAD_CTX_cleanup(EVP_AEAD_CTX *ctx)
-{
-	if (ctx->aead == NULL)
-		return;
-	ctx->aead->cleanup(ctx);
-	ctx->aead = NULL;
-}
-
-/* check_alias returns 0 if out points within the buffer determined by in
- * and in_len and 1 otherwise.
- *
- * When processing, there's only an issue if out points within in[:in_len]
- * and isn't equal to in. If that's the case then writing the output will
- * stomp input that hasn't been read yet.
- *
- * This function checks for that case. */
-static int
-check_alias(const unsigned char *in, size_t in_len, const unsigned char *out)
-{
-	if (out <= in)
-		return 1;
-	if (in + in_len <= out)
-		return 1;
-	return 0;
-}
-
-int
-EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
-    size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
-    const unsigned char *in, size_t in_len, const unsigned char *ad,
-    size_t ad_len)
-{
-	size_t possible_out_len = in_len + ctx->aead->overhead;
-
-	/* Overflow. */
-	if (possible_out_len < in_len) {
-		EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_TOO_LARGE);
-		goto error;
-	}
-
-	if (!check_alias(in, in_len, out)) {
-		EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_OUTPUT_ALIASES_INPUT);
-		goto error;
-	}
-
-	if (ctx->aead->seal(ctx, out, out_len, max_out_len, nonce, nonce_len,
-	    in, in_len, ad, ad_len)) {
-		return 1;
-	}
-
-error:
-	/* In the event of an error, clear the output buffer so that a caller
-	 * that doesn't check the return value doesn't send raw data. */
-	memset(out, 0, max_out_len);
-	*out_len = 0;
-	return 0;
-}
-
-int
-EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
-    size_t max_out_len, const unsigned char *nonce, size_t nonce_len,
-    const unsigned char *in, size_t in_len, const unsigned char *ad,
-    size_t ad_len)
-{
-	if (!check_alias(in, in_len, out)) {
-		EVPerr(EVP_F_AEAD_CTX_OPEN, EVP_R_OUTPUT_ALIASES_INPUT);
-		goto error;
-	}
-
-	if (ctx->aead->open(ctx, out, out_len, max_out_len, nonce, nonce_len,
-	    in, in_len, ad, ad_len)) {
-		return 1;
-	}
-
-error:
-	/* In the event of an error, clear the output buffer so that a caller
-	 * that doesn't check the return value doesn't try and process bad
-	 * data. */
-	memset(out, 0, max_out_len);
-	*out_len = 0;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/evp/evp_enc.c b/lib/libssl/src/crypto/evp/evp_enc.c
deleted file mode 100644
index f8d2cb78d4c..00000000000
--- a/lib/libssl/src/crypto/evp/evp_enc.c
+++ /dev/null
@@ -1,670 +0,0 @@
-/* $OpenBSD: evp_enc.c,v 1.31 2016/05/30 13:42:54 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "evp_locl.h"
-
-#define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
-
-void
-EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
-{
-	memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
-}
-
-EVP_CIPHER_CTX *
-EVP_CIPHER_CTX_new(void)
-{
-	return calloc(1, sizeof(EVP_CIPHER_CTX));
-}
-
-int
-EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv, int enc)
-{
-	if (cipher)
-		EVP_CIPHER_CTX_init(ctx);
-	return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
-}
-
-int
-EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
-    const unsigned char *key, const unsigned char *iv, int enc)
-{
-	if (enc == -1)
-		enc = ctx->encrypt;
-	else {
-		if (enc)
-			enc = 1;
-		ctx->encrypt = enc;
-	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Whether it's nice or not, "Inits" can be used on "Final"'d contexts
-	 * so this context may already have an ENGINE! Try to avoid releasing
-	 * the previous handle, re-querying for an ENGINE, and having a
-	 * reinitialisation, when it may all be unecessary. */
-	if (ctx->engine && ctx->cipher &&
-	    (!cipher || (cipher && (cipher->nid == ctx->cipher->nid))))
-		goto skip_to_init;
-#endif
-	if (cipher) {
-		/* Ensure a context left lying around from last time is cleared
-		 * (the previous check attempted to avoid this if the same
-		 * ENGINE and EVP_CIPHER could be used). */
-		if (ctx->cipher) {
-			unsigned long flags = ctx->flags;
-			EVP_CIPHER_CTX_cleanup(ctx);
-			/* Restore encrypt and flags */
-			ctx->encrypt = enc;
-			ctx->flags = flags;
-		}
-#ifndef OPENSSL_NO_ENGINE
-		if (impl) {
-			if (!ENGINE_init(impl)) {
-				EVPerr(EVP_F_EVP_CIPHERINIT_EX,
-				    EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-		} else
-			/* Ask if an ENGINE is reserved for this job */
-			impl = ENGINE_get_cipher_engine(cipher->nid);
-		if (impl) {
-			/* There's an ENGINE for this job ... (apparently) */
-			const EVP_CIPHER *c =
-			    ENGINE_get_cipher(impl, cipher->nid);
-			if (!c) {
-				EVPerr(EVP_F_EVP_CIPHERINIT_EX,
-				    EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-			/* We'll use the ENGINE's private cipher definition */
-			cipher = c;
-			/* Store the ENGINE functional reference so we know
-			 * 'cipher' came from an ENGINE and we need to release
-			 * it when done. */
-			ctx->engine = impl;
-		} else
-			ctx->engine = NULL;
-#endif
-
-		ctx->cipher = cipher;
-		if (ctx->cipher->ctx_size) {
-			ctx->cipher_data = malloc(ctx->cipher->ctx_size);
-			if (!ctx->cipher_data) {
-				EVPerr(EVP_F_EVP_CIPHERINIT_EX,
-				    ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-		} else {
-			ctx->cipher_data = NULL;
-		}
-		ctx->key_len = cipher->key_len;
-		ctx->flags = 0;
-		if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
-			if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
-				EVPerr(EVP_F_EVP_CIPHERINIT_EX,
-				    EVP_R_INITIALIZATION_ERROR);
-				return 0;
-			}
-		}
-	} else if (!ctx->cipher) {
-		EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
-		return 0;
-	}
-#ifndef OPENSSL_NO_ENGINE
-skip_to_init:
-#endif
-	/* we assume block size is a power of 2 in *cryptUpdate */
-	if (ctx->cipher->block_size != 1 &&
-	    ctx->cipher->block_size != 8 &&
-	    ctx->cipher->block_size != 16) {
-		EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
-		return 0;
-	}
-
-	if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
-		switch (EVP_CIPHER_CTX_mode(ctx)) {
-
-		case EVP_CIPH_STREAM_CIPHER:
-		case EVP_CIPH_ECB_MODE:
-			break;
-
-		case EVP_CIPH_CFB_MODE:
-		case EVP_CIPH_OFB_MODE:
-
-			ctx->num = 0;
-			/* fall-through */
-
-		case EVP_CIPH_CBC_MODE:
-
-			if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
-			    sizeof(ctx->iv)) {
-				EVPerr(EVP_F_EVP_CIPHERINIT_EX,
-				    EVP_R_IV_TOO_LARGE);
-				return 0;
-			}
-			if (iv)
-				memcpy(ctx->oiv, iv,
-				    EVP_CIPHER_CTX_iv_length(ctx));
-			memcpy(ctx->iv, ctx->oiv,
-			    EVP_CIPHER_CTX_iv_length(ctx));
-			break;
-
-		case EVP_CIPH_CTR_MODE:
-			ctx->num = 0;
-			/* Don't reuse IV for CTR mode */
-			if (iv)
-				memcpy(ctx->iv, iv,
-				    EVP_CIPHER_CTX_iv_length(ctx));
-			break;
-
-		default:
-			return 0;
-			break;
-		}
-	}
-
-	if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
-		if (!ctx->cipher->init(ctx, key, iv, enc))
-			return 0;
-	}
-	ctx->buf_len = 0;
-	ctx->final_used = 0;
-	ctx->block_mask = ctx->cipher->block_size - 1;
-	return 1;
-}
-
-int
-EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl)
-{
-	if (ctx->encrypt)
-		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-	else
-		return EVP_DecryptUpdate(ctx, out, outl, in, inl);
-}
-
-int
-EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	if (ctx->encrypt)
-		return EVP_EncryptFinal_ex(ctx, out, outl);
-	else
-		return EVP_DecryptFinal_ex(ctx, out, outl);
-}
-
-int
-EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	if (ctx->encrypt)
-		return EVP_EncryptFinal_ex(ctx, out, outl);
-	else
-		return EVP_DecryptFinal_ex(ctx, out, outl);
-}
-
-int
-EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv)
-{
-	return EVP_CipherInit(ctx, cipher, key, iv, 1);
-}
-
-int
-EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
-    const unsigned char *key, const unsigned char *iv)
-{
-	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
-}
-
-int
-EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-    const unsigned char *key, const unsigned char *iv)
-{
-	return EVP_CipherInit(ctx, cipher, key, iv, 0);
-}
-
-int
-EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
-    const unsigned char *key, const unsigned char *iv)
-{
-	return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
-}
-
-int
-EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl)
-{
-	int i, j, bl;
-
-	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-		i = M_do_cipher(ctx, out, in, inl);
-		if (i < 0)
-			return 0;
-		else
-			*outl = i;
-		return 1;
-	}
-
-	if (inl <= 0) {
-		*outl = 0;
-		return inl == 0;
-	}
-
-	if (ctx->buf_len == 0 && (inl&(ctx->block_mask)) == 0) {
-		if (M_do_cipher(ctx, out, in, inl)) {
-			*outl = inl;
-			return 1;
-		} else {
-			*outl = 0;
-			return 0;
-		}
-	}
-	i = ctx->buf_len;
-	bl = ctx->cipher->block_size;
-	if ((size_t)bl > sizeof(ctx->buf)) {
-		EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
-		*outl = 0;
-		return 0;
-	}
-	if (i != 0) {
-		if (bl - i > inl) {
-			memcpy(&(ctx->buf[i]), in, inl);
-			ctx->buf_len += inl;
-			*outl = 0;
-			return 1;
-		} else {
-			j = bl - i;
-			memcpy(&(ctx->buf[i]), in, j);
-			if (!M_do_cipher(ctx, out, ctx->buf, bl))
-				return 0;
-			inl -= j;
-			in += j;
-			out += bl;
-			*outl = bl;
-		}
-	} else
-		*outl = 0;
-	i = inl&(bl - 1);
-	inl -= i;
-	if (inl > 0) {
-		if (!M_do_cipher(ctx, out, in, inl))
-			return 0;
-		*outl += inl;
-	}
-
-	if (i != 0)
-		memcpy(ctx->buf, &(in[inl]), i);
-	ctx->buf_len = i;
-	return 1;
-}
-
-int
-EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int ret;
-
-	ret = EVP_EncryptFinal_ex(ctx, out, outl);
-	(void) EVP_CIPHER_CTX_cleanup(ctx);
-	return ret;
-}
-
-int
-EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int n, ret;
-	unsigned int i, b, bl;
-
-	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-		ret = M_do_cipher(ctx, out, NULL, 0);
-		if (ret < 0)
-			return 0;
-		else
-			*outl = ret;
-		return 1;
-	}
-
-	b = ctx->cipher->block_size;
-	if (b > sizeof ctx->buf) {
-		EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
-		return 0;
-	}
-	if (b == 1) {
-		*outl = 0;
-		return 1;
-	}
-	bl = ctx->buf_len;
-	if (ctx->flags & EVP_CIPH_NO_PADDING) {
-		if (bl) {
-			EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
-			    EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-			return 0;
-		}
-		*outl = 0;
-		return 1;
-	}
-
-	n = b - bl;
-	for (i = bl; i < b; i++)
-		ctx->buf[i] = n;
-	ret = M_do_cipher(ctx, out, ctx->buf, b);
-
-
-	if (ret)
-		*outl = b;
-
-	return ret;
-}
-
-int
-EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
-    const unsigned char *in, int inl)
-{
-	int fix_len;
-	unsigned int b;
-
-	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-		fix_len = M_do_cipher(ctx, out, in, inl);
-		if (fix_len < 0) {
-			*outl = 0;
-			return 0;
-		} else
-			*outl = fix_len;
-		return 1;
-	}
-
-	if (inl <= 0) {
-		*outl = 0;
-		return inl == 0;
-	}
-
-	if (ctx->flags & EVP_CIPH_NO_PADDING)
-		return EVP_EncryptUpdate(ctx, out, outl, in, inl);
-
-	b = ctx->cipher->block_size;
-	if (b > sizeof ctx->final) {
-		EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
-		return 0;
-	}
-
-	if (ctx->final_used) {
-		memcpy(out, ctx->final, b);
-		out += b;
-		fix_len = 1;
-	} else
-		fix_len = 0;
-
-
-	if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
-		return 0;
-
-	/* if we have 'decrypted' a multiple of block size, make sure
-	 * we have a copy of this last block */
-	if (b > 1 && !ctx->buf_len) {
-		*outl -= b;
-		ctx->final_used = 1;
-		memcpy(ctx->final, &out[*outl], b);
-	} else
-		ctx->final_used = 0;
-
-	if (fix_len)
-		*outl += b;
-
-	return 1;
-}
-
-int
-EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int ret;
-
-	ret = EVP_DecryptFinal_ex(ctx, out, outl);
-	(void) EVP_CIPHER_CTX_cleanup(ctx);
-	return ret;
-}
-
-int
-EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int i, n;
-	unsigned int b;
-	*outl = 0;
-
-	if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
-		i = M_do_cipher(ctx, out, NULL, 0);
-		if (i < 0)
-			return 0;
-		else
-			*outl = i;
-		return 1;
-	}
-
-	b = ctx->cipher->block_size;
-	if (ctx->flags & EVP_CIPH_NO_PADDING) {
-		if (ctx->buf_len) {
-			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
-			    EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
-			return 0;
-		}
-		*outl = 0;
-		return 1;
-	}
-	if (b > 1) {
-		if (ctx->buf_len || !ctx->final_used) {
-			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
-			    EVP_R_WRONG_FINAL_BLOCK_LENGTH);
-			return (0);
-		}
-		if (b > sizeof ctx->final) {
-			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
-			    EVP_R_BAD_BLOCK_LENGTH);
-			return 0;
-		}
-		n = ctx->final[b - 1];
-		if (n == 0 || n > (int)b) {
-			EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
-			return (0);
-		}
-		for (i = 0; i < n; i++) {
-			if (ctx->final[--b] != n) {
-				EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
-				    EVP_R_BAD_DECRYPT);
-				return (0);
-			}
-		}
-		n = ctx->cipher->block_size - n;
-		for (i = 0; i < n; i++)
-			out[i] = ctx->final[i];
-		*outl = n;
-	} else
-		*outl = 0;
-	return (1);
-}
-
-void
-EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
-{
-	if (ctx) {
-		EVP_CIPHER_CTX_cleanup(ctx);
-		free(ctx);
-	}
-}
-
-int
-EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
-{
-	if (c->cipher != NULL) {
-		if (c->cipher->cleanup && !c->cipher->cleanup(c))
-			return 0;
-		/* Cleanse cipher context data */
-		if (c->cipher_data)
-			explicit_bzero(c->cipher_data, c->cipher->ctx_size);
-	}
-	free(c->cipher_data);
-#ifndef OPENSSL_NO_ENGINE
-	if (c->engine)
-		/* The EVP_CIPHER we used belongs to an ENGINE, release the
-		 * functional reference we held for this reason. */
-		ENGINE_finish(c->engine);
-#endif
-	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
-	return 1;
-}
-
-int
-EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
-{
-	if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
-		return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH,
-		    keylen, NULL);
-	if (c->key_len == keylen)
-		return 1;
-	if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
-		c->key_len = keylen;
-		return 1;
-	}
-	EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
-	return 0;
-}
-
-int
-EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
-{
-	if (pad)
-		ctx->flags &= ~EVP_CIPH_NO_PADDING;
-	else
-		ctx->flags |= EVP_CIPH_NO_PADDING;
-	return 1;
-}
-
-int
-EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
-{
-	int ret;
-
-	if (!ctx->cipher) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
-		return 0;
-	}
-
-	if (!ctx->cipher->ctrl) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
-		return 0;
-	}
-
-	ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
-	if (ret == -1) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
-		    EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return ret;
-}
-
-int
-EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
-{
-	if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
-		return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
-	arc4random_buf(key, ctx->key_len);
-	return 1;
-}
-
-int
-EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
-{
-	if ((in == NULL) || (in->cipher == NULL)) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
-		return 0;
-	}
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a cipher context using an ENGINE */
-	if (in->engine && !ENGINE_init(in->engine)) {
-		EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
-		return 0;
-	}
-#endif
-
-	EVP_CIPHER_CTX_cleanup(out);
-	memcpy(out, in, sizeof *out);
-
-	if (in->cipher_data && in->cipher->ctx_size) {
-		out->cipher_data = malloc(in->cipher->ctx_size);
-		if (!out->cipher_data) {
-			EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
-	}
-
-	if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
-		return in->cipher->ctrl((EVP_CIPHER_CTX *)in,
-		    EVP_CTRL_COPY, 0, out);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/evp/evp_err.c b/lib/libssl/src/crypto/evp/evp_err.c
deleted file mode 100644
index dadd5365a07..00000000000
--- a/lib/libssl/src/crypto/evp/evp_err.c
+++ /dev/null
@@ -1,261 +0,0 @@
-/* $OpenBSD: evp_err.c,v 1.21 2015/02/15 14:35:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
-
-static ERR_STRING_DATA EVP_str_functs[] = {
-	{ERR_FUNC(EVP_F_AEAD_AES_GCM_INIT), "AEAD_AES_GCM_INIT"},
-	{ERR_FUNC(EVP_F_AEAD_AES_GCM_OPEN), "AEAD_AES_GCM_OPEN"},
-	{ERR_FUNC(EVP_F_AEAD_AES_GCM_SEAL), "AEAD_AES_GCM_SEAL"},
-	{ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_INIT), "AEAD_CHACHA20_POLY1305_INIT"},
-	{ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_OPEN), "AEAD_CHACHA20_POLY1305_OPEN"},
-	{ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_SEAL), "AEAD_CHACHA20_POLY1305_SEAL"},
-	{ERR_FUNC(EVP_F_AEAD_CTX_OPEN), "AEAD_CTX_OPEN"},
-	{ERR_FUNC(EVP_F_AEAD_CTX_SEAL), "AEAD_CTX_SEAL"},
-	{ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
-	{ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
-	{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
-	{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
-	{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
-	{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
-	{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
-	{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
-	{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
-	{ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
-	{ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
-	{ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
-	{ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
-	{ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
-	{ERR_FUNC(EVP_F_EVP_AEAD_CTX_INIT), "EVP_AEAD_CTX_init"},
-	{ERR_FUNC(EVP_F_EVP_AEAD_CTX_OPEN), "EVP_AEAD_CTX_open"},
-	{ERR_FUNC(EVP_F_EVP_AEAD_CTX_SEAL), "EVP_AEAD_CTX_seal"},
-	{ERR_FUNC(EVP_F_EVP_BYTESTOKEY), "EVP_BytesToKey"},
-	{ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
-	{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
-	{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
-	{ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
-	{ERR_FUNC(EVP_F_EVP_CIPHER_GET_ASN1_IV), "EVP_CIPHER_get_asn1_iv"},
-	{ERR_FUNC(EVP_F_EVP_CIPHER_SET_ASN1_IV), "EVP_CIPHER_set_asn1_iv"},
-	{ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
-	{ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"},
-	{ERR_FUNC(EVP_F_EVP_DIGESTFINAL_EX), "EVP_DigestFinal_ex"},
-	{ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
-	{ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
-	{ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"},
-	{ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
-	{ERR_FUNC(EVP_F_EVP_MD_CTX_CTRL), "EVP_MD_CTX_ctrl"},
-	{ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
-	{ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
-	{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
-	{ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
-	{ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
-	{ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
-	{ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
-	{ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
-	{ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
-	{ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
-	{ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
-	{ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
-	{ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
-	{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
-	{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
-	{ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
-	{ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
-	{ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
-	{ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
-	{ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
-	{ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
-	{ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
-	{ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
-	{ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
-	{ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
-	{ERR_FUNC(EVP_F_RC2_GET_ASN1_TYPE_AND_IV), "RC2_GET_ASN1_TYPE_AND_IV"},
-	{ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
-	{ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA EVP_str_reasons[] = {
-	{ERR_REASON(EVP_R_AES_IV_SETUP_FAILED)   , "aes iv setup failed"},
-	{ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED)  , "aes key setup failed"},
-	{ERR_REASON(EVP_R_ASN1_LIB)              , "asn1 lib"},
-	{ERR_REASON(EVP_R_BAD_BLOCK_LENGTH)      , "bad block length"},
-	{ERR_REASON(EVP_R_BAD_DECRYPT)           , "bad decrypt"},
-	{ERR_REASON(EVP_R_BAD_KEY_LENGTH)        , "bad key length"},
-	{ERR_REASON(EVP_R_BN_DECODE_ERROR)       , "bn decode error"},
-	{ERR_REASON(EVP_R_BN_PUBKEY_ERROR)       , "bn pubkey error"},
-	{ERR_REASON(EVP_R_BUFFER_TOO_SMALL)      , "buffer too small"},
-	{ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"},
-	{ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
-	{ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED) , "command not supported"},
-	{ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED)  , "ctrl not implemented"},
-	{ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED), "ctrl operation not implemented"},
-	{ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH), "data not multiple of block length"},
-	{ERR_REASON(EVP_R_DECODE_ERROR)          , "decode error"},
-	{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES)   , "different key types"},
-	{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS)  , "different parameters"},
-	{ERR_REASON(EVP_R_DISABLED_FOR_FIPS)     , "disabled for fips"},
-	{ERR_REASON(EVP_R_ENCODE_ERROR)          , "encode error"},
-	{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) , "error loading section"},
-	{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
-	{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
-	{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY)  , "expecting an rsa key"},
-	{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY)    , "expecting a dh key"},
-	{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY)   , "expecting a dsa key"},
-	{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) , "expecting a ecdsa key"},
-	{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY)    , "expecting a ec key"},
-	{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
-	{ERR_REASON(EVP_R_INITIALIZATION_ERROR)  , "initialization error"},
-	{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) , "input not initialized"},
-	{ERR_REASON(EVP_R_INVALID_DIGEST)        , "invalid digest"},
-	{ERR_REASON(EVP_R_INVALID_FIPS_MODE)     , "invalid fips mode"},
-	{ERR_REASON(EVP_R_INVALID_KEY_LENGTH)    , "invalid key length"},
-	{ERR_REASON(EVP_R_INVALID_OPERATION)     , "invalid operation"},
-	{ERR_REASON(EVP_R_IV_TOO_LARGE)          , "iv too large"},
-	{ERR_REASON(EVP_R_KEYGEN_FAILURE)        , "keygen failure"},
-	{ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
-	{ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED)  , "method not supported"},
-	{ERR_REASON(EVP_R_MISSING_PARAMETERS)    , "missing parameters"},
-	{ERR_REASON(EVP_R_NO_CIPHER_SET)         , "no cipher set"},
-	{ERR_REASON(EVP_R_NO_DEFAULT_DIGEST)     , "no default digest"},
-	{ERR_REASON(EVP_R_NO_DIGEST_SET)         , "no digest set"},
-	{ERR_REASON(EVP_R_NO_DSA_PARAMETERS)     , "no dsa parameters"},
-	{ERR_REASON(EVP_R_NO_KEY_SET)            , "no key set"},
-	{ERR_REASON(EVP_R_NO_OPERATION_SET)      , "no operation set"},
-	{ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED), "no sign function configured"},
-	{ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED), "no verify function configured"},
-	{ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
-	{ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
-	{ERR_REASON(EVP_R_OUTPUT_ALIASES_INPUT)  , "output aliases input"},
-	{ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE), "pkcs8 unknown broken type"},
-	{ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
-	{ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
-	{ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA)    , "public key not rsa"},
-	{ERR_REASON(EVP_R_TAG_TOO_LARGE)         , "tag too large"},
-	{ERR_REASON(EVP_R_TOO_LARGE)             , "too large"},
-	{ERR_REASON(EVP_R_UNKNOWN_CIPHER)        , "unknown cipher"},
-	{ERR_REASON(EVP_R_UNKNOWN_DIGEST)        , "unknown digest"},
-	{ERR_REASON(EVP_R_UNKNOWN_OPTION)        , "unknown option"},
-	{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) , "unknown pbe algorithm"},
-	{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS), "unsuported number of rounds"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) , "unsupported algorithm"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_CIPHER)    , "unsupported cipher"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH) , "unsupported keylength"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION), "unsupported key derivation function"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE)  , "unsupported key size"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_PRF)       , "unsupported prf"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM), "unsupported private key algorithm"},
-	{ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE) , "unsupported salt type"},
-	{ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
-	{ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE) , "wrong public key type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_EVP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, EVP_str_functs);
-		ERR_load_strings(0, EVP_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/evp/evp_key.c b/lib/libssl/src/crypto/evp/evp_key.c
deleted file mode 100644
index 2c76743e428..00000000000
--- a/lib/libssl/src/crypto/evp/evp_key.c
+++ /dev/null
@@ -1,206 +0,0 @@
-/* $OpenBSD: evp_key.c,v 1.23 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/ui.h>
-#include <openssl/x509.h>
-
-/* should be init to zeros. */
-static char prompt_string[80];
-
-void
-EVP_set_pw_prompt(const char *prompt)
-{
-	if (prompt == NULL)
-		prompt_string[0] = '\0';
-	else {
-		strlcpy(prompt_string, prompt, sizeof(prompt_string));
-	}
-}
-
-char *
-EVP_get_pw_prompt(void)
-{
-	if (prompt_string[0] == '\0')
-		return (NULL);
-	else
-		return (prompt_string);
-}
-
-int
-EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
-{
-	return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
-}
-
-int
-EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
-    int verify)
-{
-	int ret;
-	char buff[BUFSIZ];
-	UI *ui;
-
-	if ((prompt == NULL) && (prompt_string[0] != '\0'))
-		prompt = prompt_string;
-	ui = UI_new();
-	if (ui == NULL)
-		return -1;
-	if (UI_add_input_string(ui, prompt, 0, buf, min,
-	    (len >= BUFSIZ) ? BUFSIZ - 1 : len) < 0)
-		return -1;
-	if (verify) {
-		if (UI_add_verify_string(ui, prompt, 0, buff, min,
-		    (len >= BUFSIZ) ? BUFSIZ - 1 : len, buf) < 0)
-			return -1;
-	}
-	ret = UI_process(ui);
-	UI_free(ui);
-	explicit_bzero(buff, BUFSIZ);
-	return ret;
-}
-
-int
-EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
-    const unsigned char *salt, const unsigned char *data, int datal,
-    int count, unsigned char *key, unsigned char *iv)
-{
-	EVP_MD_CTX c;
-	unsigned char md_buf[EVP_MAX_MD_SIZE];
-	int niv, nkey, addmd = 0;
-	unsigned int mds = 0, i;
-	int rv = 0;
-
-	nkey = type->key_len;
-	niv = type->iv_len;
-
-	if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
-		EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
-		return 0;
-	}
-	if ((size_t)niv > EVP_MAX_IV_LENGTH) {
-		EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
-		return 0;
-	}
-
-	if (data == NULL)
-		return (nkey);
-
-	EVP_MD_CTX_init(&c);
-	for (;;) {
-		if (!EVP_DigestInit_ex(&c, md, NULL))
-			goto err;
-		if (addmd++)
-			if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
-				goto err;
-		if (!EVP_DigestUpdate(&c, data, datal))
-			goto err;
-		if (salt != NULL)
-			if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
-				goto err;
-		if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
-			goto err;
-
-		for (i = 1; i < (unsigned int)count; i++) {
-			if (!EVP_DigestInit_ex(&c, md, NULL))
-				goto err;
-			if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
-				goto err;
-			if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
-				goto err;
-		}
-		i = 0;
-		if (nkey) {
-			for (;;) {
-				if (nkey == 0)
-					break;
-				if (i == mds)
-					break;
-				if (key != NULL)
-					*(key++) = md_buf[i];
-				nkey--;
-				i++;
-			}
-		}
-		if (niv && (i != mds)) {
-			for (;;) {
-				if (niv == 0)
-					break;
-				if (i == mds)
-					break;
-				if (iv != NULL)
-					*(iv++) = md_buf[i];
-				niv--;
-				i++;
-			}
-		}
-		if ((nkey == 0) && (niv == 0))
-			break;
-	}
-	rv = type->key_len;
-
-err:
-	EVP_MD_CTX_cleanup(&c);
-	explicit_bzero(md_buf, sizeof md_buf);
-	return rv;
-}
diff --git a/lib/libssl/src/crypto/evp/evp_lib.c b/lib/libssl/src/crypto/evp/evp_lib.c
deleted file mode 100644
index 491c8d6f670..00000000000
--- a/lib/libssl/src/crypto/evp/evp_lib.c
+++ /dev/null
@@ -1,348 +0,0 @@
-/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int
-EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	int ret;
-
-	if (c->cipher->set_asn1_parameters != NULL)
-		ret = c->cipher->set_asn1_parameters(c, type);
-	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
-		ret = EVP_CIPHER_set_asn1_iv(c, type);
-	else
-		ret = -1;
-	return (ret);
-}
-
-int
-EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	int ret;
-
-	if (c->cipher->get_asn1_parameters != NULL)
-		ret = c->cipher->get_asn1_parameters(c, type);
-	else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1)
-		ret = EVP_CIPHER_get_asn1_iv(c, type);
-	else
-		ret = -1;
-	return (ret);
-}
-
-int
-EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	int i = 0;
-	unsigned int l;
-
-	if (type != NULL) {
-		l = EVP_CIPHER_CTX_iv_length(c);
-		if (l > sizeof(c->iv)) {
-			EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
-			     EVP_R_IV_TOO_LARGE);
-			return 0;
-		}
-		i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
-		if (i != (int)l)
-			return (-1);
-		else if (i > 0)
-			memcpy(c->iv, c->oiv, l);
-	}
-	return (i);
-}
-
-int
-EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
-{
-	int i = 0;
-	unsigned int j;
-
-	if (type != NULL) {
-		j = EVP_CIPHER_CTX_iv_length(c);
-		if (j > sizeof(c->iv)) {
-			EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
-			     EVP_R_IV_TOO_LARGE);
-			return 0;
-		}
-		i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
-	}
-	return (i);
-}
-
-/* Convert the various cipher NIDs and dummies to a proper OID NID */
-int
-EVP_CIPHER_type(const EVP_CIPHER *ctx)
-{
-	int nid;
-	ASN1_OBJECT *otmp;
-	nid = EVP_CIPHER_nid(ctx);
-
-	switch (nid) {
-	case NID_rc2_cbc:
-	case NID_rc2_64_cbc:
-	case NID_rc2_40_cbc:
-		return NID_rc2_cbc;
-
-	case NID_rc4:
-	case NID_rc4_40:
-		return NID_rc4;
-
-	case NID_aes_128_cfb128:
-	case NID_aes_128_cfb8:
-	case NID_aes_128_cfb1:
-		return NID_aes_128_cfb128;
-
-	case NID_aes_192_cfb128:
-	case NID_aes_192_cfb8:
-	case NID_aes_192_cfb1:
-		return NID_aes_192_cfb128;
-
-	case NID_aes_256_cfb128:
-	case NID_aes_256_cfb8:
-	case NID_aes_256_cfb1:
-		return NID_aes_256_cfb128;
-
-	case NID_des_cfb64:
-	case NID_des_cfb8:
-	case NID_des_cfb1:
-		return NID_des_cfb64;
-
-	case NID_des_ede3_cfb64:
-	case NID_des_ede3_cfb8:
-	case NID_des_ede3_cfb1:
-		return NID_des_cfb64;
-
-	default:
-		/* Check it has an OID and it is valid */
-		otmp = OBJ_nid2obj(nid);
-		if (!otmp || !otmp->data)
-			nid = NID_undef;
-		ASN1_OBJECT_free(otmp);
-		return nid;
-	}
-}
-
-int
-EVP_CIPHER_block_size(const EVP_CIPHER *e)
-{
-	return e->block_size;
-}
-
-int
-EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->cipher->block_size;
-}
-
-int
-EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in,
-    unsigned int inl)
-{
-	return ctx->cipher->do_cipher(ctx, out, in, inl);
-}
-
-const EVP_CIPHER *
-EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->cipher;
-}
-
-unsigned long
-EVP_CIPHER_flags(const EVP_CIPHER *cipher)
-{
-	return cipher->flags;
-}
-
-unsigned long
-EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->cipher->flags;
-}
-
-void *
-EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->app_data;
-}
-
-void
-EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
-{
-	ctx->app_data = data;
-}
-
-int
-EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
-{
-	return cipher->iv_len;
-}
-
-int
-EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->cipher->iv_len;
-}
-
-int
-EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
-{
-	return cipher->key_len;
-}
-
-int
-EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->key_len;
-}
-
-int
-EVP_CIPHER_nid(const EVP_CIPHER *cipher)
-{
-	return cipher->nid;
-}
-
-int
-EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
-{
-	return ctx->cipher->nid;
-}
-
-int
-EVP_MD_block_size(const EVP_MD *md)
-{
-	return md->block_size;
-}
-
-int
-EVP_MD_type(const EVP_MD *md)
-{
-	return md->type;
-}
-
-int
-EVP_MD_pkey_type(const EVP_MD *md)
-{
-	return md->pkey_type;
-}
-
-int
-EVP_MD_size(const EVP_MD *md)
-{
-	if (!md) {
-		EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
-		return -1;
-	}
-	return md->md_size;
-}
-
-unsigned long
-EVP_MD_flags(const EVP_MD *md)
-{
-	return md->flags;
-}
-
-const EVP_MD *
-EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
-{
-	if (!ctx)
-		return NULL;
-	return ctx->digest;
-}
-
-void
-EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
-{
-	ctx->flags |= flags;
-}
-
-void
-EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
-{
-	ctx->flags &= ~flags;
-}
-
-int
-EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
-{
-	return (ctx->flags & flags);
-}
-
-void
-EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-	ctx->flags |= flags;
-}
-
-void
-EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
-{
-	ctx->flags &= ~flags;
-}
-
-int
-EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
-{
-	return (ctx->flags & flags);
-}
diff --git a/lib/libssl/src/crypto/evp/evp_locl.h b/lib/libssl/src/crypto/evp/evp_locl.h
deleted file mode 100644
index 80071ec1ab3..00000000000
--- a/lib/libssl/src/crypto/evp/evp_locl.h
+++ /dev/null
@@ -1,366 +0,0 @@
-/* $OpenBSD: evp_locl.h,v 1.13 2014/06/12 15:49:29 deraadt Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Macros to code block cipher wrappers */
-
-/* Wrapper functions for each cipher mode */
-
-#define BLOCK_CIPHER_ecb_loop() \
-	size_t i, bl; \
-	bl = ctx->cipher->block_size;\
-	if(inl < bl) return 1;\
-	inl -= bl; \
-	for(i=0; i <= inl; i+=bl)
-
-#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-	BLOCK_CIPHER_ecb_loop() \
-		cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
-	return 1;\
-}
-
-#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
-
-#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-	while(inl>=EVP_MAXCHUNK)\
-	    {\
-	    cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
-	    inl-=EVP_MAXCHUNK;\
-	    in +=EVP_MAXCHUNK;\
-	    out+=EVP_MAXCHUNK;\
-	    }\
-	if (inl)\
-	    cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-	while(inl>=EVP_MAXCHUNK) \
-	    {\
-	    cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
-	    inl-=EVP_MAXCHUNK;\
-	    in +=EVP_MAXCHUNK;\
-	    out+=EVP_MAXCHUNK;\
-	    }\
-	if (inl)\
-	    cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
-{\
-	size_t chunk=EVP_MAXCHUNK;\
-	if (cbits==1)  chunk>>=3;\
-	if (inl<chunk) chunk=inl;\
-	while(inl && inl>=chunk)\
-	    {\
-            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
-	    inl-=chunk;\
-	    in +=chunk;\
-	    out+=chunk;\
-	    if(inl<chunk) chunk=inl;\
-	    }\
-	return 1;\
-}
-
-#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
-	BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
-	BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
-
-#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
-			  key_len, iv_len, flags, init_key, cleanup, \
-			  set_asn1, get_asn1, ctrl) \
-static const EVP_CIPHER cname##_##mode = { \
-	nid##_##nmode, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_##MODE##_MODE, \
-	init_key, \
-	cname##_##mode##_cipher, \
-	cleanup, \
-	sizeof(kstruct), \
-	set_asn1, get_asn1,\
-	ctrl, \
-	NULL \
-}; \
-const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
-
-#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
-			     iv_len, flags, init_key, cleanup, set_asn1, \
-			     get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
-		  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
-			     iv_len, cbits, flags, init_key, cleanup, \
-			     set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
-		  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-		  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
-			     iv_len, cbits, flags, init_key, cleanup, \
-			     set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
-		  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
-		  get_asn1, ctrl)
-
-#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
-			     flags, init_key, cleanup, set_asn1, \
-			     get_asn1, ctrl) \
-BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
-		  0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-			  nid, block_size, key_len, iv_len, cbits, flags, \
-			  init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
-		     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
-		     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
-BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
-		     init_key, cleanup, set_asn1, get_asn1, ctrl)
-
-
-/*
-#define BLOCK_CIPHER_defs(cname, kstruct, \
-				nid, block_size, key_len, iv_len, flags,\
-				 init_key, cleanup, set_asn1, get_asn1, ctrl)\
-static const EVP_CIPHER cname##_cbc = {\
-	nid##_cbc, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_CBC_MODE,\
-	init_key,\
-	cname##_cbc_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl, \
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
-static const EVP_CIPHER cname##_cfb = {\
-	nid##_cfb64, 1, key_len, iv_len, \
-	flags | EVP_CIPH_CFB_MODE,\
-	init_key,\
-	cname##_cfb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
-static const EVP_CIPHER cname##_ofb = {\
-	nid##_ofb64, 1, key_len, iv_len, \
-	flags | EVP_CIPH_OFB_MODE,\
-	init_key,\
-	cname##_ofb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
-static const EVP_CIPHER cname##_ecb = {\
-	nid##_ecb, block_size, key_len, iv_len, \
-	flags | EVP_CIPH_ECB_MODE,\
-	init_key,\
-	cname##_ecb_cipher,\
-	cleanup,\
-	sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
-		sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
-	set_asn1, get_asn1,\
-	ctrl,\
-	NULL \
-};\
-const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
-*/
-
-#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
-			       block_size, key_len, iv_len, cbits, \
-			       flags, init_key, \
-			       cleanup, set_asn1, get_asn1, ctrl) \
-	BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
-	BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
-			  cbits, flags, init_key, cleanup, set_asn1, \
-			  get_asn1, ctrl)
-
-#define EVP_C_DATA(kstruct, ctx)	((kstruct *)(ctx)->cipher_data)
-
-#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
-	BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
-	BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
-			     NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
-			     0, cipher##_init_key, NULL, \
-			     EVP_CIPHER_set_asn1_iv, \
-			     EVP_CIPHER_get_asn1_iv, \
-			     NULL)
-
-										struct evp_pkey_ctx_st {
-	/* Method associated with this operation */
-	const EVP_PKEY_METHOD *pmeth;
-	/* Engine that implements this method or NULL if builtin */
-	ENGINE *engine;
-	/* Key: may be NULL */
-	EVP_PKEY *pkey;
-	/* Peer key for key agreement, may be NULL */
-	EVP_PKEY *peerkey;
-	/* Actual operation */
-	int operation;
-	/* Algorithm specific data */
-	void *data;
-	/* Application specific data */
-	void *app_data;
-	/* Keygen callback */
-	EVP_PKEY_gen_cb *pkey_gencb;
-	/* implementation specific keygen data */
-	int *keygen_info;
-	int keygen_info_count;
-} /* EVP_PKEY_CTX */;
-
-#define EVP_PKEY_FLAG_DYNAMIC	1
-
-struct evp_pkey_method_st {
-	int pkey_id;
-	int flags;
-
-	int (*init)(EVP_PKEY_CTX *ctx);
-	int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
-	void (*cleanup)(EVP_PKEY_CTX *ctx);
-
-	int (*paramgen_init)(EVP_PKEY_CTX *ctx);
-	int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-
-	int (*keygen_init)(EVP_PKEY_CTX *ctx);
-	int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
-
-	int (*sign_init)(EVP_PKEY_CTX *ctx);
-	int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-	    const unsigned char *tbs, size_t tbslen);
-
-	int (*verify_init)(EVP_PKEY_CTX *ctx);
-	int (*verify)(EVP_PKEY_CTX *ctx,
-	    const unsigned char *sig, size_t siglen,
-	    const unsigned char *tbs, size_t tbslen);
-
-	int (*verify_recover_init)(EVP_PKEY_CTX *ctx);
-	int (*verify_recover)(EVP_PKEY_CTX *ctx,
-	    unsigned char *rout, size_t *routlen,
-	    const unsigned char *sig, size_t siglen);
-
-	int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-	int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-	    EVP_MD_CTX *mctx);
-
-	int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
-	int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,
-	    int siglen, EVP_MD_CTX *mctx);
-
-	int (*encrypt_init)(EVP_PKEY_CTX *ctx);
-	int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-	    const unsigned char *in, size_t inlen);
-
-	int (*decrypt_init)(EVP_PKEY_CTX *ctx);
-	int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-	    const unsigned char *in, size_t inlen);
-
-	int (*derive_init)(EVP_PKEY_CTX *ctx);
-	int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
-	int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
-	int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value);
-} /* EVP_PKEY_METHOD */;
-
-void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
-
-int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de);
-
-/* EVP_AEAD represents a specific AEAD algorithm. */
-struct evp_aead_st {
-	unsigned char key_len;
-	unsigned char nonce_len;
-	unsigned char overhead;
-	unsigned char max_tag_len;
-
-	int (*init)(struct evp_aead_ctx_st*, const unsigned char *key,
-	    size_t key_len, size_t tag_len);
-	void (*cleanup)(struct evp_aead_ctx_st*);
-
-	int (*seal)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
-	    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-	    size_t nonce_len, const unsigned char *in, size_t in_len,
-	    const unsigned char *ad, size_t ad_len);
-
-	int (*open)(const struct evp_aead_ctx_st *ctx, unsigned char *out,
-	    size_t *out_len, size_t max_out_len, const unsigned char *nonce,
-	    size_t nonce_len, const unsigned char *in, size_t in_len,
-	    const unsigned char *ad, size_t ad_len);
-};
diff --git a/lib/libssl/src/crypto/evp/evp_pbe.c b/lib/libssl/src/crypto/evp/evp_pbe.c
deleted file mode 100644
index 0787e2dc942..00000000000
--- a/lib/libssl/src/crypto/evp/evp_pbe.c
+++ /dev/null
@@ -1,295 +0,0 @@
-/* $OpenBSD: evp_pbe.c,v 1.23 2015/02/08 22:20:18 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-/* Password based encryption (PBE) functions */
-
-DECLARE_STACK_OF(EVP_PBE_CTL)
-static STACK_OF(EVP_PBE_CTL) *pbe_algs;
-
-/* Setup a cipher context from a PBE algorithm */
-
-typedef struct {
-	int pbe_type;
-	int pbe_nid;
-	int cipher_nid;
-	int md_nid;
-	EVP_PBE_KEYGEN *keygen;
-} EVP_PBE_CTL;
-
-static const EVP_PBE_CTL builtin_pbe[] = {
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC, NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC, NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC, NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
-
-#ifndef OPENSSL_NO_HMAC
-	{EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
-#endif
-
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4, NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4, NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC, NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC, NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC, NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
-
-#ifndef OPENSSL_NO_HMAC
-	{EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
-#endif
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC, NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC, NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
-	{EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC, NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
-
-
-	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
-	{EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
-	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
-	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
-	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
-	{EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
-	{EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
-};
-
-int
-EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
-    ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
-{
-	const EVP_CIPHER *cipher;
-	const EVP_MD *md;
-	int cipher_nid, md_nid;
-	EVP_PBE_KEYGEN *keygen;
-
-	if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
-	    &cipher_nid, &md_nid, &keygen)) {
-		char obj_tmp[80];
-		EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
-		if (!pbe_obj)
-			strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
-		else
-			i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
-		ERR_asprintf_error_data("TYPE=%s", obj_tmp);
-		return 0;
-	}
-
-	if (!pass)
-		passlen = 0;
-	else if (passlen == -1)
-		passlen = strlen(pass);
-
-	if (cipher_nid == -1)
-		cipher = NULL;
-	else {
-		cipher = EVP_get_cipherbynid(cipher_nid);
-		if (!cipher) {
-			EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
-			return 0;
-		}
-	}
-
-	if (md_nid == -1)
-		md = NULL;
-	else {
-		md = EVP_get_digestbynid(md_nid);
-		if (!md) {
-			EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
-			return 0;
-		}
-	}
-
-	if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
-		EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
-
-static int
-pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
-{
-	int ret = pbe1->pbe_type - pbe2->pbe_type;
-
-	if (ret)
-		return ret;
-	else
-		return pbe1->pbe_nid - pbe2->pbe_nid;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
-
-static int
-pbe_cmp(const EVP_PBE_CTL * const *a, const EVP_PBE_CTL * const *b)
-{
-	int ret = (*a)->pbe_type - (*b)->pbe_type;
-
-	if (ret)
-		return ret;
-	else
-		return (*a)->pbe_nid - (*b)->pbe_nid;
-}
-
-/* Add a PBE algorithm */
-
-int
-EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
-    EVP_PBE_KEYGEN *keygen)
-{
-	EVP_PBE_CTL *pbe_tmp;
-
-	if (pbe_algs == NULL) {
-		pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
-		if (pbe_algs == NULL) {
-			EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	pbe_tmp = malloc(sizeof(EVP_PBE_CTL));
-	if (pbe_tmp == NULL) {
-		EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	pbe_tmp->pbe_type = pbe_type;
-	pbe_tmp->pbe_nid = pbe_nid;
-	pbe_tmp->cipher_nid = cipher_nid;
-	pbe_tmp->md_nid = md_nid;
-	pbe_tmp->keygen = keygen;
-
-	if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
-		free(pbe_tmp);
-		EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-int
-EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
-    EVP_PBE_KEYGEN *keygen)
-{
-	int cipher_nid, md_nid;
-
-	if (cipher)
-		cipher_nid = EVP_CIPHER_nid(cipher);
-	else
-		cipher_nid = -1;
-	if (md)
-		md_nid = EVP_MD_type(md);
-	else
-		md_nid = -1;
-
-	return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
-	    cipher_nid, md_nid, keygen);
-}
-
-int
-EVP_PBE_find(int type, int pbe_nid,
-    int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
-{
-	EVP_PBE_CTL *pbetmp = NULL, pbelu;
-	int i;
-	if (pbe_nid == NID_undef)
-		return 0;
-
-	pbelu.pbe_type = type;
-	pbelu.pbe_nid = pbe_nid;
-
-	if (pbe_algs) {
-		i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
-		if (i != -1)
-			pbetmp = sk_EVP_PBE_CTL_value (pbe_algs, i);
-	}
-	if (pbetmp == NULL) {
-		pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
-		    sizeof(builtin_pbe)/sizeof(EVP_PBE_CTL));
-	}
-	if (pbetmp == NULL)
-		return 0;
-	if (pcnid)
-		*pcnid = pbetmp->cipher_nid;
-	if (pmnid)
-		*pmnid = pbetmp->md_nid;
-	if (pkeygen)
-		*pkeygen = pbetmp->keygen;
-	return 1;
-}
-
-static void
-free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
-{
-	free(pbe);
-}
-
-void
-EVP_PBE_cleanup(void)
-{
-	sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
-	pbe_algs = NULL;
-}
diff --git a/lib/libssl/src/crypto/evp/evp_pkey.c b/lib/libssl/src/crypto/evp/evp_pkey.c
deleted file mode 100644
index 689ff596ce3..00000000000
--- a/lib/libssl/src/crypto/evp/evp_pkey.c
+++ /dev/null
@@ -1,240 +0,0 @@
-/* $OpenBSD: evp_pkey.c,v 1.18 2014/10/18 17:20:40 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-/* Extract a private key from a PKCS8 structure */
-
-EVP_PKEY *
-EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
-{
-	EVP_PKEY *pkey = NULL;
-	ASN1_OBJECT *algoid;
-	char obj_tmp[80];
-
-	if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
-		return NULL;
-
-	if (!(pkey = EVP_PKEY_new())) {
-		EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
-		EVPerr(EVP_F_EVP_PKCS82PKEY,
-		    EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
-		ERR_asprintf_error_data("TYPE=%s", obj_tmp);
-		goto error;
-	}
-
-	if (pkey->ameth->priv_decode) {
-		if (!pkey->ameth->priv_decode(pkey, p8)) {
-			EVPerr(EVP_F_EVP_PKCS82PKEY,
-			    EVP_R_PRIVATE_KEY_DECODE_ERROR);
-			goto error;
-		}
-	} else {
-		EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
-		goto error;
-	}
-
-	return pkey;
-
-error:
-	EVP_PKEY_free(pkey);
-	return NULL;
-}
-
-PKCS8_PRIV_KEY_INFO *
-EVP_PKEY2PKCS8(EVP_PKEY *pkey)
-{
-	return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
-}
-
-/* Turn a private key into a PKCS8 structure */
-
-PKCS8_PRIV_KEY_INFO *
-EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-
-	if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p8->broken = broken;
-
-	if (pkey->ameth) {
-		if (pkey->ameth->priv_encode) {
-			if (!pkey->ameth->priv_encode(p8, pkey)) {
-				EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
-				    EVP_R_PRIVATE_KEY_ENCODE_ERROR);
-				goto error;
-			}
-		} else {
-			EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
-			    EVP_R_METHOD_NOT_SUPPORTED);
-			goto error;
-		}
-	} else {
-		EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
-		    EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
-		goto error;
-	}
-	return p8;
-
-error:
-	PKCS8_PRIV_KEY_INFO_free(p8);
-	return NULL;
-}
-
-PKCS8_PRIV_KEY_INFO *
-PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
-{
-	switch (broken) {
-	case PKCS8_OK:
-		p8->broken = PKCS8_OK;
-		return p8;
-		break;
-
-	case PKCS8_NO_OCTET:
-		p8->broken = PKCS8_NO_OCTET;
-		p8->pkey->type = V_ASN1_SEQUENCE;
-		return p8;
-		break;
-
-	default:
-		EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
-		return NULL;
-	}
-}
-
-/* EVP_PKEY attribute functions */
-
-int
-EVP_PKEY_get_attr_count(const EVP_PKEY *key)
-{
-	return X509at_get_attr_count(key->attributes);
-}
-
-int
-EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
-{
-	return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
-}
-
-int
-EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *
-EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
-{
-	return X509at_get_attr(key->attributes, loc);
-}
-
-X509_ATTRIBUTE *
-EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
-{
-	return X509at_delete_attr(key->attributes, loc);
-}
-
-int
-EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
-{
-	if (X509at_add1_attr(&key->attributes, attr))
-		return 1;
-	return 0;
-}
-
-int
-EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key, const ASN1_OBJECT *obj, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key, int nid, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key, const char *attrname, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_txt(&key->attributes, attrname, type,
-	    bytes, len))
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/evp/m_dss.c b/lib/libssl/src/crypto/evp/m_dss.c
deleted file mode 100644
index d23c9b4e71a..00000000000
--- a/lib/libssl/src/crypto/evp/m_dss.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: m_dss.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_SHA
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dsa_md = {
-	.type = NID_dsaWithSHA,
-	.pkey_type = NID_dsaWithSHA,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_DIGEST,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_DSA
-	.sign = (evp_sign_method *)DSA_sign,
-	.verify = (evp_verify_method *)DSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_dss(void)
-{
-	return (&dsa_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_dss1.c b/lib/libssl/src/crypto/evp/m_dss1.c
deleted file mode 100644
index a906c11b69e..00000000000
--- a/lib/libssl/src/crypto/evp/m_dss1.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* $OpenBSD: m_dss1.c,v 1.16 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_SHA
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD dss1_md = {
-	.type = NID_dsa,
-	.pkey_type = NID_dsaWithSHA1,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_DIGEST,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_DSA
-	.sign = (evp_sign_method *)DSA_sign,
-	.verify = (evp_verify_method *)DSA_verify,
-	.required_pkey_type = {
-	        EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, EVP_PKEY_DSA4, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_dss1(void)
-{
-	return (&dss1_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_ecdsa.c b/lib/libssl/src/crypto/evp/m_ecdsa.c
deleted file mode 100644
index b9af6423b56..00000000000
--- a/lib/libssl/src/crypto/evp/m_ecdsa.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* $OpenBSD: m_ecdsa.c,v 1.8 2014/07/11 08:44:48 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_SHA
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ecdsa_md = {
-	.type = NID_ecdsa_with_SHA1,
-	.pkey_type = NID_ecdsa_with_SHA1,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_DIGEST,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_ECDSA
-	.sign = (evp_sign_method *)ECDSA_sign,
-	.verify = (evp_verify_method *)ECDSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_EC, 0, 0, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_ecdsa(void)
-{
-	return (&ecdsa_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_gost2814789.c b/lib/libssl/src/crypto/evp/m_gost2814789.c
deleted file mode 100644
index 279af872e02..00000000000
--- a/lib/libssl/src/crypto/evp/m_gost2814789.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: m_gost2814789.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-
-#include <openssl/evp.h>
-#include <openssl/gost.h>
-#include <openssl/objects.h>
-
-static int
-gost2814789_init(EVP_MD_CTX *ctx)
-{
-	return GOST2814789IMIT_Init(ctx->md_data,
-	    NID_id_Gost28147_89_CryptoPro_A_ParamSet);
-}
-
-static int
-gost2814789_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return GOST2814789IMIT_Update(ctx->md_data, data, count);
-}
-
-static int
-gost2814789_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return GOST2814789IMIT_Final(md, ctx->md_data);
-}
-
-static int
-gost2814789_md_ctrl(EVP_MD_CTX *ctx, int cmd, int p1, void *p2)
-{
-	GOST2814789IMIT_CTX *gctx = ctx->md_data;
-
-	switch (cmd) {
-	case EVP_MD_CTRL_SET_KEY:
-		return Gost2814789_set_key(&gctx->cipher, p2, p1);
-	case EVP_MD_CTRL_GOST_SET_SBOX:
-		return Gost2814789_set_sbox(&gctx->cipher, p1);
-	}
-	return -2;
-}
-
-static const EVP_MD gost2814789imit_md = {
-	.type = NID_id_Gost28147_89_MAC,
-	.pkey_type = NID_undef,
-	.md_size = GOST2814789IMIT_LENGTH,
-	.flags = 0,
-	.init = gost2814789_init,
-	.update = gost2814789_update,
-	.final = gost2814789_final,
-	.block_size = GOST2814789IMIT_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(GOST2814789IMIT_CTX),
-	.md_ctrl = gost2814789_md_ctrl,
-};
-
-const EVP_MD *
-EVP_gost2814789imit(void)
-{
-	return (&gost2814789imit_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_gostr341194.c b/lib/libssl/src/crypto/evp/m_gostr341194.c
deleted file mode 100644
index 66d9b4f303e..00000000000
--- a/lib/libssl/src/crypto/evp/m_gostr341194.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* $OpenBSD: m_gostr341194.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-
-#include <openssl/evp.h>
-#include <openssl/gost.h>
-#include <openssl/objects.h>
-
-static int
-gostr341194_init(EVP_MD_CTX *ctx)
-{
-	return GOSTR341194_Init(ctx->md_data,
-	    NID_id_GostR3411_94_CryptoProParamSet);
-}
-
-static int
-gostr341194_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return GOSTR341194_Update(ctx->md_data, data, count);
-}
-
-static int
-gostr341194_final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return GOSTR341194_Final(md, ctx->md_data);
-}
-
-static const EVP_MD gostr341194_md = {
-	.type = NID_id_GostR3411_94,
-	.pkey_type = NID_undef,
-	.md_size = GOSTR341194_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
-	.init = gostr341194_init,
-	.update = gostr341194_update,
-	.final = gostr341194_final,
-	.block_size = GOSTR341194_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(GOSTR341194_CTX),
-};
-
-const EVP_MD *
-EVP_gostr341194(void)
-{
-	return (&gostr341194_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_md4.c b/lib/libssl/src/crypto/evp/m_md4.c
deleted file mode 100644
index ab3cc852bec..00000000000
--- a/lib/libssl/src/crypto/evp/m_md4.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: m_md4.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_MD4
-
-#include <openssl/evp.h>
-#include <openssl/md4.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return MD4_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return MD4_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return MD4_Final(md, ctx->md_data);
-}
-
-static const EVP_MD md4_md = {
-	.type = NID_md4,
-	.pkey_type = NID_md4WithRSAEncryption,
-	.md_size = MD4_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = MD4_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(MD4_CTX),
-};
-
-const EVP_MD *
-EVP_md4(void)
-{
-	return (&md4_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_md5.c b/lib/libssl/src/crypto/evp/m_md5.c
deleted file mode 100644
index 36cff7ab519..00000000000
--- a/lib/libssl/src/crypto/evp/m_md5.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: m_md5.c,v 1.15 2014/07/13 09:30:02 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_MD5
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return MD5_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return MD5_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return MD5_Final(md, ctx->md_data);
-}
-
-static const EVP_MD md5_md = {
-	.type = NID_md5,
-	.pkey_type = NID_md5WithRSAEncryption,
-	.md_size = MD5_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = MD5_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(MD5_CTX),
-};
-
-const EVP_MD *
-EVP_md5(void)
-{
-	return (&md5_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_null.c b/lib/libssl/src/crypto/evp/m_null.c
deleted file mode 100644
index 897be3cee99..00000000000
--- a/lib/libssl/src/crypto/evp/m_null.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* $OpenBSD: m_null.c,v 1.9 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return 1;
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return 1;
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return 1;
-}
-
-static const EVP_MD null_md = {
-	.type = NID_undef,
-	.pkey_type = NID_undef,
-	.md_size = 0,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-	.sign = NULL,
-	.verify = NULL,
-	.required_pkey_type = {
-		0, 0, 0, 0,
-	},
-	.block_size = 0,
-	.ctx_size = sizeof(EVP_MD *),
-};
-
-const EVP_MD *
-EVP_md_null(void)
-{
-	return (&null_md);
-}
diff --git a/lib/libssl/src/crypto/evp/m_ripemd.c b/lib/libssl/src/crypto/evp/m_ripemd.c
deleted file mode 100644
index be7f1393b02..00000000000
--- a/lib/libssl/src/crypto/evp/m_ripemd.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: m_ripemd.c,v 1.12 2014/07/13 09:30:02 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_RIPEMD
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/ripemd.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return RIPEMD160_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return RIPEMD160_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return RIPEMD160_Final(md, ctx->md_data);
-}
-
-static const EVP_MD ripemd160_md = {
-	.type = NID_ripemd160,
-	.pkey_type = NID_ripemd160WithRSA,
-	.md_size = RIPEMD160_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = RIPEMD160_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
-};
-
-const EVP_MD *
-EVP_ripemd160(void)
-{
-	return (&ripemd160_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_sha1.c b/lib/libssl/src/crypto/evp/m_sha1.c
deleted file mode 100644
index 13d5b030d27..00000000000
--- a/lib/libssl/src/crypto/evp/m_sha1.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* $OpenBSD: m_sha1.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_SHA
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return SHA1_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA1_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA1_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha1_md = {
-	.type = NID_sha1,
-	.pkey_type = NID_sha1WithRSAEncryption,
-	.md_size = SHA_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA_CTX),
-};
-
-const EVP_MD *
-EVP_sha1(void)
-{
-	return (&sha1_md);
-}
-#endif
-
-#ifndef OPENSSL_NO_SHA256
-static int
-init224(EVP_MD_CTX *ctx)
-{
-	return SHA224_Init(ctx->md_data);
-}
-
-static int
-init256(EVP_MD_CTX *ctx)
-{
-	return SHA256_Init(ctx->md_data);
-}
-/*
- * Even though there're separate SHA224_[Update|Final], we call
- * SHA256 functions even in SHA224 context. This is what happens
- * there anyway, so we can spare few CPU cycles:-)
- */
-static int
-update256(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA256_Update(ctx->md_data, data, count);
-}
-
-static int
-final256(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA256_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha224_md = {
-	.type = NID_sha224,
-	.pkey_type = NID_sha224WithRSAEncryption,
-	.md_size = SHA224_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
-	.init = init224,
-	.update = update256,
-	.final = final256,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA256_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
-};
-
-const EVP_MD *
-EVP_sha224(void)
-{
-	return (&sha224_md);
-}
-
-static const EVP_MD sha256_md = {
-	.type = NID_sha256,
-	.pkey_type = NID_sha256WithRSAEncryption,
-	.md_size = SHA256_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
-	.init = init256,
-	.update = update256,
-	.final = final256,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA256_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA256_CTX),
-};
-
-const EVP_MD *
-EVP_sha256(void)
-{
-	return (&sha256_md);
-}
-#endif	/* ifndef OPENSSL_NO_SHA256 */
-
-#ifndef OPENSSL_NO_SHA512
-static int
-init384(EVP_MD_CTX *ctx)
-{
-	return SHA384_Init(ctx->md_data);
-}
-
-static int
-init512(EVP_MD_CTX *ctx)
-{
-	return SHA512_Init(ctx->md_data);
-}
-/* See comment in SHA224/256 section */
-static int
-update512(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return SHA512_Update(ctx->md_data, data, count);
-}
-
-static int
-final512(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return SHA512_Final(md, ctx->md_data);
-}
-
-static const EVP_MD sha384_md = {
-	.type = NID_sha384,
-	.pkey_type = NID_sha384WithRSAEncryption,
-	.md_size = SHA384_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
-	.init = init384,
-	.update = update512,
-	.final = final512,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA512_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
-};
-
-const EVP_MD *
-EVP_sha384(void)
-{
-	return (&sha384_md);
-}
-
-static const EVP_MD sha512_md = {
-	.type = NID_sha512,
-	.pkey_type = NID_sha512WithRSAEncryption,
-	.md_size = SHA512_DIGEST_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE|EVP_MD_FLAG_DIGALGID_ABSENT,
-	.init = init512,
-	.update = update512,
-	.final = final512,
-	.copy = NULL,
-	.cleanup = NULL,
-#ifndef OPENSSL_NO_RSA
-	.sign = (evp_sign_method *)RSA_sign,
-	.verify = (evp_verify_method *)RSA_verify,
-	.required_pkey_type = {
-		EVP_PKEY_RSA, EVP_PKEY_RSA2, 0, 0,
-	},
-#endif
-	.block_size = SHA512_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(SHA512_CTX),
-};
-
-const EVP_MD *
-EVP_sha512(void)
-{
-	return (&sha512_md);
-}
-#endif	/* ifndef OPENSSL_NO_SHA512 */
diff --git a/lib/libssl/src/crypto/evp/m_sigver.c b/lib/libssl/src/crypto/evp/m_sigver.c
deleted file mode 100644
index 579325be671..00000000000
--- a/lib/libssl/src/crypto/evp/m_sigver.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/* $OpenBSD: m_sigver.c,v 1.5 2015/12/14 03:37:27 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-static int
-do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    ENGINE *e, EVP_PKEY *pkey, int ver)
-{
-	if (ctx->pctx == NULL)
-		ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
-	if (ctx->pctx == NULL)
-		return 0;
-
-	if (type == NULL) {
-		int def_nid;
-		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
-			type = EVP_get_digestbynid(def_nid);
-	}
-
-	if (type == NULL) {
-		EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
-		return 0;
-	}
-
-	if (ver) {
-		if (ctx->pctx->pmeth->verifyctx_init) {
-			if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx,
-			    ctx) <=0)
-				return 0;
-			ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
-		} else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
-			return 0;
-	} else {
-		if (ctx->pctx->pmeth->signctx_init) {
-			if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
-				return 0;
-			ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
-		} else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
-			return 0;
-	}
-	if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
-		return 0;
-	if (pctx)
-		*pctx = ctx->pctx;
-	if (!EVP_DigestInit_ex(ctx, type, e))
-		return 0;
-	return 1;
-}
-
-int
-EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    ENGINE *e, EVP_PKEY *pkey)
-{
-	return do_sigver_init(ctx, pctx, type, e, pkey, 0);
-}
-
-int
-EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
-    ENGINE *e, EVP_PKEY *pkey)
-{
-	return do_sigver_init(ctx, pctx, type, e, pkey, 1);
-}
-
-int
-EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen)
-{
-	int sctx, r = 0;
-
-	if (ctx->pctx->pmeth->signctx)
-		sctx = 1;
-	else
-		sctx = 0;
-	if (sigret) {
-		EVP_MD_CTX tmp_ctx;
-		unsigned char md[EVP_MAX_MD_SIZE];
-		unsigned int mdlen = 0;
-		EVP_MD_CTX_init(&tmp_ctx);
-		if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-			return 0;
-		if (sctx)
-			r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
-			    sigret, siglen, &tmp_ctx);
-		else
-			r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-		EVP_MD_CTX_cleanup(&tmp_ctx);
-		if (sctx || !r)
-			return r;
-		if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
-			return 0;
-	} else {
-		if (sctx) {
-			if (ctx->pctx->pmeth->signctx(ctx->pctx, sigret,
-			    siglen, ctx) <= 0)
-				return 0;
-		} else {
-			int s = EVP_MD_size(ctx->digest);
-			if (s < 0 || EVP_PKEY_sign(ctx->pctx, sigret, siglen,
-			    NULL, s) <= 0)
-				return 0;
-		}
-	}
-	return 1;
-}
-
-int
-EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen)
-{
-	EVP_MD_CTX tmp_ctx;
-	unsigned char md[EVP_MAX_MD_SIZE];
-	int r;
-	unsigned int mdlen = 0;
-	int vctx;
-
-	if (ctx->pctx->pmeth->verifyctx)
-		vctx = 1;
-	else
-		vctx = 0;
-	EVP_MD_CTX_init(&tmp_ctx);
-	if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-		return -1;
-	if (vctx) {
-		r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx, sig,
-		    siglen, &tmp_ctx);
-	} else
-		r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
-	EVP_MD_CTX_cleanup(&tmp_ctx);
-	if (vctx || !r)
-		return r;
-	return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
-}
diff --git a/lib/libssl/src/crypto/evp/m_streebog.c b/lib/libssl/src/crypto/evp/m_streebog.c
deleted file mode 100644
index 882c7852bb7..00000000000
--- a/lib/libssl/src/crypto/evp/m_streebog.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* $OpenBSD: m_streebog.c,v 1.2 2014/11/09 23:06:50 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-
-#include <openssl/evp.h>
-#include <openssl/gost.h>
-#include <openssl/objects.h>
-
-static int
-streebog_init256(EVP_MD_CTX *ctx)
-{
-	return STREEBOG256_Init(ctx->md_data);
-}
-
-static int
-streebog_update256(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return STREEBOG256_Update(ctx->md_data, data, count);
-}
-
-static int
-streebog_final256(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return STREEBOG256_Final(md, ctx->md_data);
-}
-
-static int
-streebog_init512(EVP_MD_CTX *ctx)
-{
-	return STREEBOG512_Init(ctx->md_data);
-}
-
-static int
-streebog_update512(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return STREEBOG512_Update(ctx->md_data, data, count);
-}
-
-static int
-streebog_final512(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return STREEBOG512_Final(md, ctx->md_data);
-}
-
-static const EVP_MD streebog256_md = {
-	.type = NID_id_tc26_gost3411_2012_256,
-	.pkey_type = NID_undef,
-	.md_size = STREEBOG256_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
-	.init = streebog_init256,
-	.update = streebog_update256,
-	.final = streebog_final256,
-	.block_size = STREEBOG_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
-};
-
-static const EVP_MD streebog512_md = {
-	.type = NID_id_tc26_gost3411_2012_512,
-	.pkey_type = NID_undef,
-	.md_size = STREEBOG512_LENGTH,
-	.flags = EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
-	.init = streebog_init512,
-	.update = streebog_update512,
-	.final = streebog_final512,
-	.block_size = STREEBOG_CBLOCK,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(STREEBOG_CTX),
-};
-
-const EVP_MD *
-EVP_streebog256(void)
-{
-	return (&streebog256_md);
-}
-
-const EVP_MD *
-EVP_streebog512(void)
-{
-	return (&streebog512_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/m_wp.c b/lib/libssl/src/crypto/evp/m_wp.c
deleted file mode 100644
index 3f543ac0af8..00000000000
--- a/lib/libssl/src/crypto/evp/m_wp.c
+++ /dev/null
@@ -1,56 +0,0 @@
-/* $OpenBSD: m_wp.c,v 1.8 2014/07/13 09:30:02 miod Exp $ */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_WHIRLPOOL
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/whrlpool.h>
-
-static int
-init(EVP_MD_CTX *ctx)
-{
-	return WHIRLPOOL_Init(ctx->md_data);
-}
-
-static int
-update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	return WHIRLPOOL_Update(ctx->md_data, data, count);
-}
-
-static int
-final(EVP_MD_CTX *ctx, unsigned char *md)
-{
-	return WHIRLPOOL_Final(md, ctx->md_data);
-}
-
-static const EVP_MD whirlpool_md = {
-	.type = NID_whirlpool,
-	.pkey_type = 0,
-	.md_size = WHIRLPOOL_DIGEST_LENGTH,
-	.flags = 0,
-	.init = init,
-	.update = update,
-	.final = final,
-	.copy = NULL,
-	.cleanup = NULL,
-	.sign = NULL,
-	.verify = NULL,
-	.required_pkey_type = {
-		0, 0, 0, 0,
-	},
-	.block_size = WHIRLPOOL_BBLOCK / 8,
-	.ctx_size = sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
-};
-
-const EVP_MD *
-EVP_whirlpool(void)
-{
-	return (&whirlpool_md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/names.c b/lib/libssl/src/crypto/evp/names.c
deleted file mode 100644
index 33d7dc80842..00000000000
--- a/lib/libssl/src/crypto/evp/names.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/* $OpenBSD: names.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-EVP_add_cipher(const EVP_CIPHER *c)
-{
-	int r;
-
-	if (c == NULL)
-		return 0;
-
-	OPENSSL_init();
-
-	r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
-	    (const char *)c);
-	if (r == 0)
-		return (0);
-	check_defer(c->nid);
-	r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
-	    (const char *)c);
-	return (r);
-}
-
-int
-EVP_add_digest(const EVP_MD *md)
-{
-	int r;
-	const char *name;
-
-	OPENSSL_init();
-
-	name = OBJ_nid2sn(md->type);
-	r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
-	if (r == 0)
-		return (0);
-	check_defer(md->type);
-	r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
-	    (const char *)md);
-	if (r == 0)
-		return (0);
-
-	if (md->pkey_type && md->type != md->pkey_type) {
-		r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
-		    OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
-		if (r == 0)
-			return (0);
-		check_defer(md->pkey_type);
-		r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
-		    OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS, name);
-	}
-	return (r);
-}
-
-const EVP_CIPHER *
-EVP_get_cipherbyname(const char *name)
-{
-	const EVP_CIPHER *cp;
-
-	cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
-	return (cp);
-}
-
-const EVP_MD *
-EVP_get_digestbyname(const char *name)
-{
-	const EVP_MD *cp;
-
-	cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
-	return (cp);
-}
-
-void
-EVP_cleanup(void)
-{
-	OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
-	OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
-	/* The above calls will only clean out the contents of the name
-	   hash table, but not the hash table itself.  The following line
-	   does that part.  -- Richard Levitte */
-	OBJ_NAME_cleanup(-1);
-
-	EVP_PBE_cleanup();
-	if (obj_cleanup_defer == 2) {
-		obj_cleanup_defer = 0;
-		OBJ_cleanup();
-	}
-	OBJ_sigid_free();
-}
-
-struct doall_cipher {
-	void *arg;
-	void (*fn)(const EVP_CIPHER *ciph, const char *from, const char *to,
-	    void *arg);
-};
-
-static void
-do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
-{
-	struct doall_cipher *dc = arg;
-
-	if (nm->alias)
-		dc->fn(NULL, nm->name, nm->data, dc->arg);
-	else
-		dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
-}
-
-void
-EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, const char *from,
-    const char *to, void *x), void *arg)
-{
-	struct doall_cipher dc;
-
-	dc.fn = fn;
-	dc.arg = arg;
-	OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
-}
-
-void
-EVP_CIPHER_do_all_sorted(void (*fn)(const EVP_CIPHER *ciph, const char *from,
-    const char *to, void *x), void *arg)
-{
-	struct doall_cipher dc;
-
-	dc.fn = fn;
-	dc.arg = arg;
-	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
-	    do_all_cipher_fn, &dc);
-}
-
-struct doall_md {
-	void *arg;
-	void (*fn)(const EVP_MD *ciph, const char *from, const char *to,
-	    void *arg);
-};
-
-static void
-do_all_md_fn(const OBJ_NAME *nm, void *arg)
-{
-	struct doall_md *dc = arg;
-
-	if (nm->alias)
-		dc->fn(NULL, nm->name, nm->data, dc->arg);
-	else
-		dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
-}
-
-void
-EVP_MD_do_all(void (*fn)(const EVP_MD *md, const char *from, const char *to,
-    void *x), void *arg)
-{
-	struct doall_md dc;
-
-	dc.fn = fn;
-	dc.arg = arg;
-	OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
-}
-
-void
-EVP_MD_do_all_sorted(void (*fn)(const EVP_MD *md,
-    const char *from, const char *to, void *x), void *arg)
-{
-	struct doall_md dc;
-
-	dc.fn = fn;
-	dc.arg = arg;
-	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
-}
diff --git a/lib/libssl/src/crypto/evp/p5_crpt.c b/lib/libssl/src/crypto/evp/p5_crpt.c
deleted file mode 100644
index 626910fd7ab..00000000000
--- a/lib/libssl/src/crypto/evp/p5_crpt.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/* $OpenBSD: p5_crpt.c,v 1.16 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-
-/* Doesn't do anything now: Builtin PBE algorithms in static table.
- */
-
-void
-PKCS5_PBE_add(void)
-{
-}
-
-int
-PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
-{
-	EVP_MD_CTX ctx;
-	unsigned char md_tmp[EVP_MAX_MD_SIZE];
-	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-	int i;
-	PBEPARAM *pbe;
-	int saltlen, iter;
-	unsigned char *salt;
-	const unsigned char *pbuf;
-	int mdsize;
-	int rv = 0;
-
-	/* Extract useful info from parameter */
-	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-	    param->value.sequence == NULL) {
-		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	mdsize = EVP_MD_size(md);
-	if (mdsize < 0)
-		return 0;
-
-	pbuf = param->value.sequence->data;
-	if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
-		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	if (!pbe->iter)
-		iter = 1;
-	else
-		iter = ASN1_INTEGER_get (pbe->iter);
-	salt = pbe->salt->data;
-	saltlen = pbe->salt->length;
-
-	if (!pass)
-		passlen = 0;
-	else if (passlen == -1)
-		passlen = strlen(pass);
-
-	EVP_MD_CTX_init(&ctx);
-
-	if (!EVP_DigestInit_ex(&ctx, md, NULL))
-		goto err;
-	if (!EVP_DigestUpdate(&ctx, pass, passlen))
-		goto err;
-	if (!EVP_DigestUpdate(&ctx, salt, saltlen))
-		goto err;
-	if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
-		goto err;
-	for (i = 1; i < iter; i++) {
-		if (!EVP_DigestInit_ex(&ctx, md, NULL))
-			goto err;
-		if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
-			goto err;
-		if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
-			goto err;
-	}
-	if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
-		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
-		goto err;
-	}
-	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
-	if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
-		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
-		goto err;
-	}
-	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
-	    EVP_CIPHER_iv_length(cipher));
-	if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
-		goto err;
-	explicit_bzero(md_tmp, EVP_MAX_MD_SIZE);
-	explicit_bzero(key, EVP_MAX_KEY_LENGTH);
-	explicit_bzero(iv, EVP_MAX_IV_LENGTH);
-	rv = 1;
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	PBEPARAM_free(pbe);
-	return rv;
-}
diff --git a/lib/libssl/src/crypto/evp/p5_crpt2.c b/lib/libssl/src/crypto/evp/p5_crpt2.c
deleted file mode 100644
index 632c2c76ce0..00000000000
--- a/lib/libssl/src/crypto/evp/p5_crpt2.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* $OpenBSD: p5_crpt2.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-
-/* This is an implementation of PKCS#5 v2.0 password based encryption key
- * derivation function PBKDF2.
- * SHA1 version verified against test vectors posted by Peter Gutmann
- * <pgut001@cs.auckland.ac.nz> to the PKCS-TNG <pkcs-tng@rsa.com> mailing list.
- */
-
-int
-PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
-    int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out)
-{
-	unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
-	int cplen, j, k, tkeylen, mdlen;
-	unsigned long i = 1;
-	HMAC_CTX hctx_tpl, hctx;
-
-	mdlen = EVP_MD_size(digest);
-	if (mdlen < 0)
-		return 0;
-
-	HMAC_CTX_init(&hctx_tpl);
-	p = out;
-	tkeylen = keylen;
-	if (!pass)
-		passlen = 0;
-	else if (passlen == -1)
-		passlen = strlen(pass);
-	if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
-		HMAC_CTX_cleanup(&hctx_tpl);
-		return 0;
-	}
-	while (tkeylen) {
-		if (tkeylen > mdlen)
-			cplen = mdlen;
-		else
-			cplen = tkeylen;
-		/* We are unlikely to ever use more than 256 blocks (5120 bits!)
-		 * but just in case...
-		 */
-		itmp[0] = (unsigned char)((i >> 24) & 0xff);
-		itmp[1] = (unsigned char)((i >> 16) & 0xff);
-		itmp[2] = (unsigned char)((i >> 8) & 0xff);
-		itmp[3] = (unsigned char)(i & 0xff);
-		if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
-			HMAC_CTX_cleanup(&hctx_tpl);
-			return 0;
-		}
-		if (!HMAC_Update(&hctx, salt, saltlen) ||
-		    !HMAC_Update(&hctx, itmp, 4) ||
-		    !HMAC_Final(&hctx, digtmp, NULL)) {
-			HMAC_CTX_cleanup(&hctx_tpl);
-			HMAC_CTX_cleanup(&hctx);
-			return 0;
-		}
-		HMAC_CTX_cleanup(&hctx);
-		memcpy(p, digtmp, cplen);
-		for (j = 1; j < iter; j++) {
-			if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
-				HMAC_CTX_cleanup(&hctx_tpl);
-				return 0;
-			}
-			if (!HMAC_Update(&hctx, digtmp, mdlen) ||
-			    !HMAC_Final(&hctx, digtmp, NULL)) {
-				HMAC_CTX_cleanup(&hctx_tpl);
-				HMAC_CTX_cleanup(&hctx);
-				return 0;
-			}
-			HMAC_CTX_cleanup(&hctx);
-			for (k = 0; k < cplen; k++)
-				p[k] ^= digtmp[k];
-		}
-		tkeylen -= cplen;
-		i++;
-		p += cplen;
-	}
-	HMAC_CTX_cleanup(&hctx_tpl);
-	return 1;
-}
-
-int
-PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, const unsigned char *salt,
-    int saltlen, int iter, int keylen, unsigned char *out)
-{
-	return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter,
-	    EVP_sha1(), keylen, out);
-}
-
-/* Now the key derivation function itself. This is a bit evil because
- * it has to check the ASN1 parameters are valid: and there are quite a
- * few of them...
- */
-
-int
-PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
-{
-	const unsigned char *pbuf;
-	int plen;
-	PBE2PARAM *pbe2 = NULL;
-	const EVP_CIPHER *cipher;
-
-	int rv = 0;
-
-	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-	    param->value.sequence == NULL) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-		goto err;
-	}
-
-	pbuf = param->value.sequence->data;
-	plen = param->value.sequence->length;
-	if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
-		goto err;
-	}
-
-	/* See if we recognise the key derivation function */
-
-	if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-		    EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
-		goto err;
-	}
-
-	/* lets see if we recognise the encryption algorithm.
-	 */
-
-	cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
-
-	if (!cipher) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-		    EVP_R_UNSUPPORTED_CIPHER);
-		goto err;
-	}
-
-	/* Fixup cipher based on AlgorithmIdentifier */
-	if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
-		goto err;
-	if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
-		EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
-		    EVP_R_CIPHER_PARAMETER_ERROR);
-		goto err;
-	}
-	rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
-	    pbe2->keyfunc->parameter, c, md, en_de);
-
-err:
-	PBE2PARAM_free(pbe2);
-	return rv;
-}
-
-int
-PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *c, const EVP_MD *md, int en_de)
-{
-	unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
-	const unsigned char *pbuf;
-	int saltlen, iter, plen;
-	int rv = 0;
-	unsigned int keylen = 0;
-	int prf_nid, hmac_md_nid;
-	PBKDF2PARAM *kdf = NULL;
-	const EVP_MD *prfmd;
-
-	if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
-		return 0;
-	}
-	keylen = EVP_CIPHER_CTX_key_length(ctx);
-	if (keylen > sizeof key) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
-		return 0;
-	}
-
-	/* Decode parameter */
-
-	if (!param || (param->type != V_ASN1_SEQUENCE)) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	pbuf = param->value.sequence->data;
-	plen = param->value.sequence->length;
-
-	if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
-		return 0;
-	}
-
-	/* Now check the parameters of the kdf */
-
-	if (kdf->keylength &&
-	    (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
-		    EVP_R_UNSUPPORTED_KEYLENGTH);
-		goto err;
-	}
-
-	if (kdf->prf)
-		prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
-	else
-		prf_nid = NID_hmacWithSHA1;
-
-	if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
-		goto err;
-	}
-
-	prfmd = EVP_get_digestbynid(hmac_md_nid);
-	if (prfmd == NULL) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
-		goto err;
-	}
-
-	if (kdf->salt->type != V_ASN1_OCTET_STRING) {
-		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
-		    EVP_R_UNSUPPORTED_SALT_TYPE);
-		goto err;
-	}
-
-	/* it seems that its all OK */
-	salt = kdf->salt->value.octet_string->data;
-	saltlen = kdf->salt->value.octet_string->length;
-	iter = ASN1_INTEGER_get(kdf->iter);
-	if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
-	    keylen, key))
-		goto err;
-	rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
-
-err:
-	explicit_bzero(key, keylen);
-	PBKDF2PARAM_free(kdf);
-	return rv;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/evp/p_dec.c b/lib/libssl/src/crypto/evp/p_dec.c
deleted file mode 100644
index 2244ae8c62b..00000000000
--- a/lib/libssl/src/crypto/evp/p_dec.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/* $OpenBSD: p_dec.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-int
-EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
-    EVP_PKEY *priv)
-{
-	int ret = -1;
-
-#ifndef OPENSSL_NO_RSA
-	if (priv->type != EVP_PKEY_RSA) {
-#endif
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-		goto err;
-	}
-
-	ret = RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa,
-	    RSA_PKCS1_PADDING);
-
-err:
-#endif
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/evp/p_enc.c b/lib/libssl/src/crypto/evp/p_enc.c
deleted file mode 100644
index 63d2649f6e4..00000000000
--- a/lib/libssl/src/crypto/evp/p_enc.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $OpenBSD: p_enc.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-int
-EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
-    EVP_PKEY *pubk)
-{
-	int ret = 0;
-
-#ifndef OPENSSL_NO_RSA
-	if (pubk->type != EVP_PKEY_RSA) {
-#endif
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
-#ifndef OPENSSL_NO_RSA
-		goto err;
-	}
-	ret = RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa, RSA_PKCS1_PADDING);
-err:
-#endif
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/evp/p_lib.c b/lib/libssl/src/crypto/evp/p_lib.c
deleted file mode 100644
index e172c348940..00000000000
--- a/lib/libssl/src/crypto/evp/p_lib.c
+++ /dev/null
@@ -1,483 +0,0 @@
-/* $OpenBSD: p_lib.c,v 1.16 2014/07/12 22:26:01 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-static void EVP_PKEY_free_it(EVP_PKEY *x);
-
-int
-EVP_PKEY_bits(EVP_PKEY *pkey)
-{
-	if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
-		return pkey->ameth->pkey_bits(pkey);
-	return 0;
-}
-
-int
-EVP_PKEY_size(EVP_PKEY *pkey)
-{
-	if (pkey && pkey->ameth && pkey->ameth->pkey_size)
-		return pkey->ameth->pkey_size(pkey);
-	return 0;
-}
-
-int
-EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
-{
-#ifndef OPENSSL_NO_DSA
-	if (pkey->type == EVP_PKEY_DSA) {
-		int ret = pkey->save_parameters;
-
-		if (mode >= 0)
-			pkey->save_parameters = mode;
-		return (ret);
-	}
-#endif
-#ifndef OPENSSL_NO_EC
-	if (pkey->type == EVP_PKEY_EC) {
-		int ret = pkey->save_parameters;
-
-		if (mode >= 0)
-			pkey->save_parameters = mode;
-		return (ret);
-	}
-#endif
-	return (0);
-}
-
-int
-EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
-{
-	if (to->type != from->type) {
-		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
-		    EVP_R_DIFFERENT_KEY_TYPES);
-		goto err;
-	}
-
-	if (EVP_PKEY_missing_parameters(from)) {
-		EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,
-		    EVP_R_MISSING_PARAMETERS);
-		goto err;
-	}
-	if (from->ameth && from->ameth->param_copy)
-		return from->ameth->param_copy(to, from);
-
-err:
-	return 0;
-}
-
-int
-EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
-{
-	if (pkey->ameth && pkey->ameth->param_missing)
-		return pkey->ameth->param_missing(pkey);
-	return 0;
-}
-
-int
-EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (a->type != b->type)
-		return -1;
-	if (a->ameth && a->ameth->param_cmp)
-		return a->ameth->param_cmp(a, b);
-	return -2;
-}
-
-int
-EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (a->type != b->type)
-		return -1;
-
-	if (a->ameth) {
-		int ret;
-		/* Compare parameters if the algorithm has them */
-		if (a->ameth->param_cmp) {
-			ret = a->ameth->param_cmp(a, b);
-			if (ret <= 0)
-				return ret;
-		}
-
-		if (a->ameth->pub_cmp)
-			return a->ameth->pub_cmp(a, b);
-	}
-
-	return -2;
-}
-
-EVP_PKEY *
-EVP_PKEY_new(void)
-{
-	EVP_PKEY *ret;
-
-	ret = malloc(sizeof(EVP_PKEY));
-	if (ret == NULL) {
-		EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->type = EVP_PKEY_NONE;
-	ret->save_type = EVP_PKEY_NONE;
-	ret->references = 1;
-	ret->ameth = NULL;
-	ret->engine = NULL;
-	ret->pkey.ptr = NULL;
-	ret->attributes = NULL;
-	ret->save_parameters = 1;
-	return (ret);
-}
-
-/* Setup a public key ASN1 method and ENGINE from a NID or a string.
- * If pkey is NULL just return 1 or 0 if the algorithm exists.
- */
-
-static int
-pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
-{
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	ENGINE *e = NULL;
-	if (pkey) {
-		if (pkey->pkey.ptr)
-			EVP_PKEY_free_it(pkey);
-		/* If key type matches and a method exists then this
-		 * lookup has succeeded once so just indicate success.
-		 */
-		if ((type == pkey->save_type) && pkey->ameth)
-			return 1;
-#ifndef OPENSSL_NO_ENGINE
-		/* If we have an ENGINE release it */
-		if (pkey->engine) {
-			ENGINE_finish(pkey->engine);
-			pkey->engine = NULL;
-		}
-#endif
-	}
-	if (str)
-		ameth = EVP_PKEY_asn1_find_str(&e, str, len);
-	else
-		ameth = EVP_PKEY_asn1_find(&e, type);
-#ifndef OPENSSL_NO_ENGINE
-	if (!pkey && e)
-		ENGINE_finish(e);
-#endif
-	if (!ameth) {
-		EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
-		return 0;
-	}
-	if (pkey) {
-		pkey->ameth = ameth;
-		pkey->engine = e;
-
-		pkey->type = pkey->ameth->pkey_id;
-		pkey->save_type = type;
-	}
-	return 1;
-}
-
-int
-EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
-{
-	return pkey_set_type(pkey, type, NULL, -1);
-}
-
-int
-EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
-{
-	return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
-}
-
-int
-EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
-{
-	if (!EVP_PKEY_set_type(pkey, type))
-		return 0;
-	pkey->pkey.ptr = key;
-	return (key != NULL);
-}
-
-void *
-EVP_PKEY_get0(EVP_PKEY *pkey)
-{
-	return pkey->pkey.ptr;
-}
-
-#ifndef OPENSSL_NO_RSA
-int
-EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
-{
-	int ret = EVP_PKEY_assign_RSA(pkey, key);
-	if (ret)
-		RSA_up_ref(key);
-	return ret;
-}
-
-RSA *
-EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
-{
-	if (pkey->type != EVP_PKEY_RSA) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
-		return NULL;
-	}
-	RSA_up_ref(pkey->pkey.rsa);
-	return pkey->pkey.rsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-int
-EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
-{
-	int ret = EVP_PKEY_assign_DSA(pkey, key);
-	if (ret)
-		DSA_up_ref(key);
-	return ret;
-}
-
-DSA *
-EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
-{
-	if (pkey->type != EVP_PKEY_DSA) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
-		return NULL;
-	}
-	DSA_up_ref(pkey->pkey.dsa);
-	return pkey->pkey.dsa;
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-
-int
-EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
-{
-	int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
-	if (ret)
-		EC_KEY_up_ref(key);
-	return ret;
-}
-
-EC_KEY *
-EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
-{
-	if (pkey->type != EVP_PKEY_EC) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
-		return NULL;
-	}
-	EC_KEY_up_ref(pkey->pkey.ec);
-	return pkey->pkey.ec;
-}
-#endif
-
-
-#ifndef OPENSSL_NO_DH
-
-int
-EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
-{
-	int ret = EVP_PKEY_assign_DH(pkey, key);
-	if (ret)
-		DH_up_ref(key);
-	return ret;
-}
-
-DH *
-EVP_PKEY_get1_DH(EVP_PKEY *pkey)
-{
-	if (pkey->type != EVP_PKEY_DH) {
-		EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
-		return NULL;
-	}
-	DH_up_ref(pkey->pkey.dh);
-	return pkey->pkey.dh;
-}
-#endif
-
-int
-EVP_PKEY_type(int type)
-{
-	int ret;
-	const EVP_PKEY_ASN1_METHOD *ameth;
-	ENGINE *e;
-	ameth = EVP_PKEY_asn1_find(&e, type);
-	if (ameth)
-		ret = ameth->pkey_id;
-	else
-		ret = NID_undef;
-#ifndef OPENSSL_NO_ENGINE
-	if (e)
-		ENGINE_finish(e);
-#endif
-	return ret;
-}
-
-int
-EVP_PKEY_id(const EVP_PKEY *pkey)
-{
-	return pkey->type;
-}
-
-int
-EVP_PKEY_base_id(const EVP_PKEY *pkey)
-{
-	return EVP_PKEY_type(pkey->type);
-}
-
-void
-EVP_PKEY_free(EVP_PKEY *x)
-{
-	int i;
-
-	if (x == NULL)
-		return;
-
-	i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
-	if (i > 0)
-		return;
-
-	EVP_PKEY_free_it(x);
-	if (x->attributes)
-		sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
-	free(x);
-}
-
-static void
-EVP_PKEY_free_it(EVP_PKEY *x)
-{
-	if (x->ameth && x->ameth->pkey_free) {
-		x->ameth->pkey_free(x);
-		x->pkey.ptr = NULL;
-	}
-#ifndef OPENSSL_NO_ENGINE
-	if (x->engine) {
-		ENGINE_finish(x->engine);
-		x->engine = NULL;
-	}
-#endif
-}
-
-static int
-unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, const char *kstr)
-{
-	BIO_indent(out, indent, 128);
-	BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
-	    kstr, OBJ_nid2ln(pkey->type));
-	return 1;
-}
-
-int
-EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx)
-{
-	if (pkey->ameth && pkey->ameth->pub_print)
-		return pkey->ameth->pub_print(out, pkey, indent, pctx);
-
-	return unsup_alg(out, pkey, indent, "Public Key");
-}
-
-int
-EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx)
-{
-	if (pkey->ameth && pkey->ameth->priv_print)
-		return pkey->ameth->priv_print(out, pkey, indent, pctx);
-
-	return unsup_alg(out, pkey, indent, "Private Key");
-}
-
-int
-EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent,
-    ASN1_PCTX *pctx)
-{
-	if (pkey->ameth && pkey->ameth->param_print)
-		return pkey->ameth->param_print(out, pkey, indent, pctx);
-	return unsup_alg(out, pkey, indent, "Parameters");
-}
-
-int
-EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
-{
-	if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
-		return -2;
-	return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
-	    0, pnid);
-}
-
diff --git a/lib/libssl/src/crypto/evp/p_open.c b/lib/libssl/src/crypto/evp/p_open.c
deleted file mode 100644
index 002a6dea706..00000000000
--- a/lib/libssl/src/crypto/evp/p_open.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* $OpenBSD: p_open.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_RSA
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-int
-EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-    const unsigned char *ek, int ekl, const unsigned char *iv, EVP_PKEY *priv)
-{
-	unsigned char *key = NULL;
-	int i, size = 0, ret = 0;
-
-	if (type) {
-		EVP_CIPHER_CTX_init(ctx);
-		if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
-			return 0;
-	}
-
-	if (!priv)
-		return 1;
-
-	if (priv->type != EVP_PKEY_RSA) {
-		EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
-		goto err;
-	}
-
-	size = RSA_size(priv->pkey.rsa);
-	key = malloc(size + 2);
-	if (key == NULL) {
-		/* ERROR */
-		EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
-	if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
-		/* ERROR */
-		goto err;
-	}
-	if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
-		goto err;
-
-	ret = 1;
-
-err:
-	if (key != NULL)
-		explicit_bzero(key, size);
-	free(key);
-	return (ret);
-}
-
-int
-EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int i;
-
-	i = EVP_DecryptFinal_ex(ctx, out, outl);
-	if (i)
-		i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-	return (i);
-}
-#endif
diff --git a/lib/libssl/src/crypto/evp/p_seal.c b/lib/libssl/src/crypto/evp/p_seal.c
deleted file mode 100644
index 8b9740fbcdc..00000000000
--- a/lib/libssl/src/crypto/evp/p_seal.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* $OpenBSD: p_seal.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-int
-EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
-    int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
-{
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int i;
-
-	if (type) {
-		EVP_CIPHER_CTX_init(ctx);
-		if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
-			return 0;
-	}
-	if ((npubk <= 0) || !pubk)
-		return 1;
-	if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
-		return 0;
-	if (EVP_CIPHER_CTX_iv_length(ctx))
-		arc4random_buf(iv, EVP_CIPHER_CTX_iv_length(ctx));
-
-	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
-		return 0;
-
-	for (i = 0; i < npubk; i++) {
-		ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
-		    EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
-		if (ekl[i] <= 0)
-			return (-1);
-	}
-	return (npubk);
-}
-
-/* MACRO
-void EVP_SealUpdate(ctx,out,outl,in,inl)
-EVP_CIPHER_CTX *ctx;
-unsigned char *out;
-int *outl;
-unsigned char *in;
-int inl;
-	{
-	EVP_EncryptUpdate(ctx,out,outl,in,inl);
-	}
-*/
-
-int
-EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
-{
-	int i;
-
-	i = EVP_EncryptFinal_ex(ctx, out, outl);
-	if (i)
-		i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
-	return i;
-}
diff --git a/lib/libssl/src/crypto/evp/p_sign.c b/lib/libssl/src/crypto/evp/p_sign.c
deleted file mode 100644
index 4058d47f072..00000000000
--- a/lib/libssl/src/crypto/evp/p_sign.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* $OpenBSD: p_sign.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
-    EVP_PKEY *pkey)
-{
-	unsigned char m[EVP_MAX_MD_SIZE];
-	unsigned int m_len;
-	int i = 0, ok = 0, v;
-	EVP_MD_CTX tmp_ctx;
-	EVP_PKEY_CTX *pkctx = NULL;
-
-	*siglen = 0;
-	EVP_MD_CTX_init(&tmp_ctx);
-	if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-		goto err;
-	if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
-		goto err;
-	EVP_MD_CTX_cleanup(&tmp_ctx);
-
-	if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-		size_t sltmp = (size_t)EVP_PKEY_size(pkey);
-		i = 0;
-		pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-		if (!pkctx)
-			goto err;
-		if (EVP_PKEY_sign_init(pkctx) <= 0)
-			goto err;
-		if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-			goto err;
-		if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
-			goto err;
-		*siglen = sltmp;
-		i = 1;
-err:
-		EVP_PKEY_CTX_free(pkctx);
-		return i;
-	}
-
-	for (i = 0; i < 4; i++) {
-		v = ctx->digest->required_pkey_type[i];
-		if (v == 0)
-			break;
-		if (pkey->type == v) {
-			ok = 1;
-			break;
-		}
-	}
-	if (!ok) {
-		EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-		return (0);
-	}
-
-	if (ctx->digest->sign == NULL) {
-		EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
-		return (0);
-	}
-	return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
-	    pkey->pkey.ptr));
-}
diff --git a/lib/libssl/src/crypto/evp/p_verify.c b/lib/libssl/src/crypto/evp/p_verify.c
deleted file mode 100644
index e653fcf6a54..00000000000
--- a/lib/libssl/src/crypto/evp/p_verify.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* $OpenBSD: p_verify.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
-    unsigned int siglen, EVP_PKEY *pkey)
-{
-	unsigned char m[EVP_MAX_MD_SIZE];
-	unsigned int m_len;
-	int i = 0, ok = 0, v;
-	EVP_MD_CTX tmp_ctx;
-	EVP_PKEY_CTX *pkctx = NULL;
-
-	EVP_MD_CTX_init(&tmp_ctx);
-	if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
-		goto err;
-	if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
-		goto err;
-	EVP_MD_CTX_cleanup(&tmp_ctx);
-
-	if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
-		i = -1;
-		pkctx = EVP_PKEY_CTX_new(pkey, NULL);
-		if (!pkctx)
-			goto err;
-		if (EVP_PKEY_verify_init(pkctx) <= 0)
-			goto err;
-		if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
-			goto err;
-		i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
-err:
-		EVP_PKEY_CTX_free(pkctx);
-		return i;
-	}
-
-	for (i = 0; i < 4; i++) {
-		v = ctx->digest->required_pkey_type[i];
-		if (v == 0)
-			break;
-		if (pkey->type == v) {
-			ok = 1;
-			break;
-		}
-	}
-	if (!ok) {
-		EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
-		return (-1);
-	}
-	if (ctx->digest->verify == NULL) {
-		EVPerr(EVP_F_EVP_VERIFYFINAL,
-		    EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
-		return (0);
-	}
-
-	return(ctx->digest->verify(ctx->digest->type, m, m_len,
-	    sigbuf, siglen, pkey->pkey.ptr));
-}
diff --git a/lib/libssl/src/crypto/evp/pmeth_fn.c b/lib/libssl/src/crypto/evp/pmeth_fn.c
deleted file mode 100644
index 4cf18a0be1e..00000000000
--- a/lib/libssl/src/crypto/evp/pmeth_fn.c
+++ /dev/null
@@ -1,362 +0,0 @@
-/* $OpenBSD: pmeth_fn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-#define M_check_autoarg(ctx, arg, arglen, err) \
-	if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
-		{ \
-		size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
-		if (!arg) \
-			{ \
-			*arglen = pksize; \
-			return 1; \
-			} \
-		else if (*arglen < pksize) \
-			{ \
-			EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
-			return 0; \
-			} \
-		}
-
-int
-EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-		EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_SIGN;
-	if (!ctx->pmeth->sign_init)
-		return 1;
-	ret = ctx->pmeth->sign_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
-		EVPerr(EVP_F_EVP_PKEY_SIGN,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_SIGN) {
-		EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
-	return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
-}
-
-int
-EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_VERIFY;
-	if (!ctx->pmeth->verify_init)
-		return 1;
-	ret = ctx->pmeth->verify_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_VERIFY) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
-}
-
-int
-EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
-	if (!ctx->pmeth->verify_recover_init)
-		return 1;
-	ret = ctx->pmeth->verify_recover_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
-    const unsigned char *sig, size_t siglen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
-		EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
-		    EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
-	return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
-}
-
-int
-EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_ENCRYPT;
-	if (!ctx->pmeth->encrypt_init)
-		return 1;
-	ret = ctx->pmeth->encrypt_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
-		EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
-	return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
-}
-
-int
-EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_DECRYPT;
-	if (!ctx->pmeth->decrypt_init)
-		return 1;
-	ret = ctx->pmeth->decrypt_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
-		EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
-	return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
-}
-
-int
-EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_DERIVE;
-	if (!ctx->pmeth->derive_init)
-		return 1;
-	ret = ctx->pmeth->derive_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
-	    ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
-	    !ctx->pmeth->ctrl) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_DERIVE &&
-	    ctx->operation != EVP_PKEY_OP_ENCRYPT &&
-	    ctx->operation != EVP_PKEY_OP_DECRYPT) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-		    EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-
-	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
-
-	if (ret <= 0)
-		return ret;
-
-	if (ret == 2)
-		return 1;
-
-	if (!ctx->pkey) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
-		return -1;
-	}
-
-	if (ctx->pkey->type != peer->type) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-		    EVP_R_DIFFERENT_KEY_TYPES);
-		return -1;
-	}
-
-	/* ran@cryptocom.ru: For clarity.  The error is if parameters in peer are
-	 * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return
-	 * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
-	 * (different key types) is impossible here because it is checked earlier.
-	 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
-	if (!EVP_PKEY_missing_parameters(peer) &&
-	    !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
-		    EVP_R_DIFFERENT_PARAMETERS);
-		return -1;
-	}
-
-	EVP_PKEY_free(ctx->peerkey);
-	ctx->peerkey = peer;
-
-	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
-
-	if (ret <= 0) {
-		ctx->peerkey = NULL;
-		return ret;
-	}
-
-	CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	return 1;
-}
-
-int
-EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_DERIVE) {
-		EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-	M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
-	return ctx->pmeth->derive(ctx, key, pkeylen);
-}
diff --git a/lib/libssl/src/crypto/evp/pmeth_gn.c b/lib/libssl/src/crypto/evp/pmeth_gn.c
deleted file mode 100644
index 29f533625a5..00000000000
--- a/lib/libssl/src/crypto/evp/pmeth_gn.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/* $OpenBSD: pmeth_gn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#include "evp_locl.h"
-
-int
-EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
-		EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_PARAMGEN;
-	if (!ctx->pmeth->paramgen_init)
-		return 1;
-	ret = ctx->pmeth->paramgen_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
-		EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-
-	if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
-		EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-
-	if (!ppkey)
-		return -1;
-
-	if (!*ppkey)
-		*ppkey = EVP_PKEY_new();
-
-	ret = ctx->pmeth->paramgen(ctx, *ppkey);
-	if (ret <= 0) {
-		EVP_PKEY_free(*ppkey);
-		*ppkey = NULL;
-	}
-	return ret;
-}
-
-int
-EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
-		EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	ctx->operation = EVP_PKEY_OP_KEYGEN;
-	if (!ctx->pmeth->keygen_init)
-		return 1;
-	ret = ctx->pmeth->keygen_init(ctx);
-	if (ret <= 0)
-		ctx->operation = EVP_PKEY_OP_UNDEFINED;
-	return ret;
-}
-
-int
-EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
-		EVPerr(EVP_F_EVP_PKEY_KEYGEN,
-		    EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-	}
-	if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
-		EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
-		return -1;
-	}
-
-	if (!ppkey)
-		return -1;
-
-	if (!*ppkey)
-		*ppkey = EVP_PKEY_new();
-
-	ret = ctx->pmeth->keygen(ctx, *ppkey);
-	if (ret <= 0) {
-		EVP_PKEY_free(*ppkey);
-		*ppkey = NULL;
-	}
-	return ret;
-}
-
-void
-EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
-{
-	ctx->pkey_gencb = cb;
-}
-
-EVP_PKEY_gen_cb *
-EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
-{
-	return ctx->pkey_gencb;
-}
-
-/* "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB
- * style callbacks.
- */
-
-static int
-trans_cb(int a, int b, BN_GENCB *gcb)
-{
-	EVP_PKEY_CTX *ctx = gcb->arg;
-	ctx->keygen_info[0] = a;
-	ctx->keygen_info[1] = b;
-	return ctx->pkey_gencb(ctx);
-}
-
-void
-evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
-{
-	BN_GENCB_set(cb, trans_cb, ctx)
-}
-
-int
-EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
-{
-	if (idx == -1)
-		return ctx->keygen_info_count;
-	if (idx < 0 || idx > ctx->keygen_info_count)
-		return 0;
-	return ctx->keygen_info[idx];
-}
-
-EVP_PKEY *
-EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen)
-{
-	EVP_PKEY_CTX *mac_ctx = NULL;
-	EVP_PKEY *mac_key = NULL;
-
-	mac_ctx = EVP_PKEY_CTX_new_id(type, e);
-	if (!mac_ctx)
-		return NULL;
-	if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
-		goto merr;
-	if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
-	    EVP_PKEY_CTRL_SET_MAC_KEY, keylen, (void *)key) <= 0)
-		goto merr;
-	if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
-		goto merr;
-
-merr:
-	EVP_PKEY_CTX_free(mac_ctx);
-	return mac_key;
-}
diff --git a/lib/libssl/src/crypto/evp/pmeth_lib.c b/lib/libssl/src/crypto/evp/pmeth_lib.c
deleted file mode 100644
index c93fa99cc67..00000000000
--- a/lib/libssl/src/crypto/evp/pmeth_lib.c
+++ /dev/null
@@ -1,618 +0,0 @@
-/* $OpenBSD: pmeth_lib.c,v 1.11 2015/02/11 03:19:37 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-#include "evp_locl.h"
-
-typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
-
-DECLARE_STACK_OF(EVP_PKEY_METHOD)
-STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
-
-extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
-extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
-extern const EVP_PKEY_METHOD gostimit_pkey_meth, gostr01_pkey_meth;
-
-static const EVP_PKEY_METHOD *standard_methods[] = {
-#ifndef OPENSSL_NO_RSA
-	&rsa_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_DH
-	&dh_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_DSA
-	&dsa_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_EC
-	&ec_pkey_meth,
-#endif
-#ifndef OPENSSL_NO_GOST
-	&gostr01_pkey_meth,
-	&gostimit_pkey_meth,
-#endif
-	&hmac_pkey_meth,
-	&cmac_pkey_meth,
-};
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
-    pmeth);
-
-static int
-pmeth_cmp(const EVP_PKEY_METHOD * const *a, const EVP_PKEY_METHOD * const *b)
-{
-	return ((*a)->pkey_id - (*b)->pkey_id);
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
-    pmeth);
-
-const EVP_PKEY_METHOD *
-EVP_PKEY_meth_find(int type)
-{
-	EVP_PKEY_METHOD tmp;
-	const EVP_PKEY_METHOD *t = &tmp, **ret;
-
-	tmp.pkey_id = type;
-	if (app_pkey_methods) {
-		int idx;
-		idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
-		if (idx >= 0)
-			return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
-	}
-	ret = OBJ_bsearch_pmeth(&t, standard_methods,
-	    sizeof(standard_methods)/sizeof(EVP_PKEY_METHOD *));
-	if (!ret || !*ret)
-		return NULL;
-	return *ret;
-}
-
-static EVP_PKEY_CTX *
-int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
-{
-	EVP_PKEY_CTX *ret;
-	const EVP_PKEY_METHOD *pmeth;
-
-	if (id == -1) {
-		if (!pkey || !pkey->ameth)
-			return NULL;
-		id = pkey->ameth->pkey_id;
-	}
-#ifndef OPENSSL_NO_ENGINE
-	if (pkey && pkey->engine)
-		e = pkey->engine;
-	/* Try to find an ENGINE which implements this method */
-	if (e) {
-		if (!ENGINE_init(e)) {
-			EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
-			return NULL;
-		}
-	} else
-		e = ENGINE_get_pkey_meth_engine(id);
-
-	/* If an ENGINE handled this method look it up. Othewise
-	 * use internal tables.
-	 */
-
-	if (e)
-		pmeth = ENGINE_get_pkey_meth(e, id);
-	else
-#endif
-		pmeth = EVP_PKEY_meth_find(id);
-
-	if (pmeth == NULL) {
-		EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
-		return NULL;
-	}
-
-	ret = malloc(sizeof(EVP_PKEY_CTX));
-	if (!ret) {
-#ifndef OPENSSL_NO_ENGINE
-		if (e)
-			ENGINE_finish(e);
-#endif
-		EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->engine = e;
-	ret->pmeth = pmeth;
-	ret->operation = EVP_PKEY_OP_UNDEFINED;
-	ret->pkey = pkey;
-	ret->peerkey = NULL;
-	ret->pkey_gencb = 0;
-	if (pkey)
-		CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	ret->data = NULL;
-
-	if (pmeth->init) {
-		if (pmeth->init(ret) <= 0) {
-			EVP_PKEY_CTX_free(ret);
-			return NULL;
-		}
-	}
-
-	return ret;
-}
-
-EVP_PKEY_METHOD*
-EVP_PKEY_meth_new(int id, int flags)
-{
-	EVP_PKEY_METHOD *pmeth;
-
-	pmeth = calloc(1, sizeof(EVP_PKEY_METHOD));
-	if (!pmeth)
-		return NULL;
-
-	pmeth->pkey_id = id;
-	pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
-
-	pmeth->init = 0;
-	pmeth->copy = 0;
-	pmeth->cleanup = 0;
-	pmeth->paramgen_init = 0;
-	pmeth->paramgen = 0;
-	pmeth->keygen_init = 0;
-	pmeth->keygen = 0;
-	pmeth->sign_init = 0;
-	pmeth->sign = 0;
-	pmeth->verify_init = 0;
-	pmeth->verify = 0;
-	pmeth->verify_recover_init = 0;
-	pmeth->verify_recover = 0;
-	pmeth->signctx_init = 0;
-	pmeth->signctx = 0;
-	pmeth->verifyctx_init = 0;
-	pmeth->verifyctx = 0;
-	pmeth->encrypt_init = 0;
-	pmeth->encrypt = 0;
-	pmeth->decrypt_init = 0;
-	pmeth->decrypt = 0;
-	pmeth->derive_init = 0;
-	pmeth->derive = 0;
-	pmeth->ctrl = 0;
-	pmeth->ctrl_str = 0;
-
-	return pmeth;
-}
-
-void
-EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags, const EVP_PKEY_METHOD *meth)
-{
-	if (ppkey_id)
-		*ppkey_id = meth->pkey_id;
-	if (pflags)
-		*pflags = meth->flags;
-}
-
-void
-EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
-{
-	dst->init = src->init;
-	dst->copy = src->copy;
-	dst->cleanup = src->cleanup;
-
-	dst->paramgen_init = src->paramgen_init;
-	dst->paramgen = src->paramgen;
-
-	dst->keygen_init = src->keygen_init;
-	dst->keygen = src->keygen;
-
-	dst->sign_init = src->sign_init;
-	dst->sign = src->sign;
-
-	dst->verify_init = src->verify_init;
-	dst->verify = src->verify;
-
-	dst->verify_recover_init = src->verify_recover_init;
-	dst->verify_recover = src->verify_recover;
-
-	dst->signctx_init = src->signctx_init;
-	dst->signctx = src->signctx;
-
-	dst->verifyctx_init = src->verifyctx_init;
-	dst->verifyctx = src->verifyctx;
-
-	dst->encrypt_init = src->encrypt_init;
-	dst->encrypt = src->encrypt;
-
-	dst->decrypt_init = src->decrypt_init;
-	dst->decrypt = src->decrypt;
-
-	dst->derive_init = src->derive_init;
-	dst->derive = src->derive;
-
-	dst->ctrl = src->ctrl;
-	dst->ctrl_str = src->ctrl_str;
-}
-
-void
-EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
-{
-	if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
-		free(pmeth);
-}
-
-EVP_PKEY_CTX *
-EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
-{
-	return int_ctx_new(pkey, e, -1);
-}
-
-EVP_PKEY_CTX *
-EVP_PKEY_CTX_new_id(int id, ENGINE *e)
-{
-	return int_ctx_new(NULL, e, id);
-}
-
-EVP_PKEY_CTX *
-EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
-{
-	EVP_PKEY_CTX *rctx;
-
-	if (!pctx->pmeth || !pctx->pmeth->copy)
-		return NULL;
-#ifndef OPENSSL_NO_ENGINE
-	/* Make sure it's safe to copy a pkey context using an ENGINE */
-	if (pctx->engine && !ENGINE_init(pctx->engine)) {
-		EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
-		return 0;
-	}
-#endif
-	rctx = malloc(sizeof(EVP_PKEY_CTX));
-	if (!rctx)
-		return NULL;
-
-	rctx->pmeth = pctx->pmeth;
-#ifndef OPENSSL_NO_ENGINE
-	rctx->engine = pctx->engine;
-#endif
-
-	if (pctx->pkey)
-		CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-	rctx->pkey = pctx->pkey;
-
-	if (pctx->peerkey)
-		CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-
-	rctx->peerkey = pctx->peerkey;
-
-	rctx->data = NULL;
-	rctx->app_data = NULL;
-	rctx->operation = pctx->operation;
-
-	if (pctx->pmeth->copy(rctx, pctx) > 0)
-		return rctx;
-
-	EVP_PKEY_CTX_free(rctx);
-	return NULL;
-}
-
-int
-EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
-{
-	if (app_pkey_methods == NULL) {
-		app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
-		if (!app_pkey_methods)
-			return 0;
-	}
-	if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
-		return 0;
-	sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
-	return 1;
-}
-
-void
-EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
-{
-	if (ctx == NULL)
-		return;
-	if (ctx->pmeth && ctx->pmeth->cleanup)
-		ctx->pmeth->cleanup(ctx);
-	EVP_PKEY_free(ctx->pkey);
-	EVP_PKEY_free(ctx->peerkey);
-#ifndef OPENSSL_NO_ENGINE
-	if (ctx->engine)
-		/* The EVP_PKEY_CTX we used belongs to an ENGINE, release the
-		 * functional reference we held for this reason. */
-		ENGINE_finish(ctx->engine);
-#endif
-	free(ctx);
-}
-
-int
-EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
-    int p1, void *p2)
-{
-	int ret;
-
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
-		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
-		return -2;
-	}
-	if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
-		return -1;
-
-	if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
-		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
-		return -1;
-	}
-
-	if ((optype != -1) && !(ctx->operation & optype)) {
-		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
-		return -1;
-	}
-
-	ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
-
-	if (ret == -2)
-		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
-
-	return ret;
-
-}
-
-int
-EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
-{
-	if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
-		EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
-		    EVP_R_COMMAND_NOT_SUPPORTED);
-		return -2;
-	}
-	if (!strcmp(name, "digest")) {
-		const EVP_MD *md;
-		if (!value || !(md = EVP_get_digestbyname(value))) {
-			EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR,
-			    EVP_R_INVALID_DIGEST);
-			return 0;
-		}
-		return EVP_PKEY_CTX_set_signature_md(ctx, md);
-	}
-	return ctx->pmeth->ctrl_str(ctx, name, value);
-}
-
-int
-EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
-{
-	return ctx->operation;
-}
-
-void
-EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
-{
-	ctx->keygen_info = dat;
-	ctx->keygen_info_count = datlen;
-}
-
-void
-EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
-{
-	ctx->data = data;
-}
-
-void *
-EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
-{
-	return ctx->data;
-}
-
-EVP_PKEY *
-EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
-{
-	return ctx->pkey;
-}
-
-EVP_PKEY *
-EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
-{
-	return ctx->peerkey;
-}
-
-void
-EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
-{
-	ctx->app_data = data;
-}
-
-void *
-EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
-{
-	return ctx->app_data;
-}
-
-void
-EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
-    int (*init)(EVP_PKEY_CTX *ctx))
-{
-	pmeth->init = init;
-}
-
-void
-EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
-    int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src))
-{
-	pmeth->copy = copy;
-}
-
-void
-EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
-    void (*cleanup)(EVP_PKEY_CTX *ctx))
-{
-	pmeth->cleanup = cleanup;
-}
-
-void
-EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
-    int (*paramgen_init)(EVP_PKEY_CTX *ctx),
-    int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
-{
-	pmeth->paramgen_init = paramgen_init;
-	pmeth->paramgen = paramgen;
-}
-
-void
-EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
-    int (*keygen_init)(EVP_PKEY_CTX *ctx),
-    int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey))
-{
-	pmeth->keygen_init = keygen_init;
-	pmeth->keygen = keygen;
-}
-
-void
-EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
-    int (*sign_init)(EVP_PKEY_CTX *ctx),
-    int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen))
-{
-	pmeth->sign_init = sign_init;
-	pmeth->sign = sign;
-}
-
-void
-EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
-    int (*verify_init)(EVP_PKEY_CTX *ctx),
-    int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen))
-{
-	pmeth->verify_init = verify_init;
-	pmeth->verify = verify;
-}
-
-void
-EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
-    int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
-    int (*verify_recover)(EVP_PKEY_CTX *ctx,
-    unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen))
-{
-	pmeth->verify_recover_init = verify_recover_init;
-	pmeth->verify_recover = verify_recover;
-}
-
-void
-EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
-    int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-    int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    EVP_MD_CTX *mctx))
-{
-	pmeth->signctx_init = signctx_init;
-	pmeth->signctx = signctx;
-}
-
-void
-EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
-    int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
-    int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
-    EVP_MD_CTX *mctx))
-{
-	pmeth->verifyctx_init = verifyctx_init;
-	pmeth->verifyctx = verifyctx;
-}
-
-void
-EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
-    int (*encrypt_init)(EVP_PKEY_CTX *ctx),
-    int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen))
-{
-	pmeth->encrypt_init = encrypt_init;
-	pmeth->encrypt = encryptfn;
-}
-
-void
-EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
-    int (*decrypt_init)(EVP_PKEY_CTX *ctx),
-    int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen))
-{
-	pmeth->decrypt_init = decrypt_init;
-	pmeth->decrypt = decrypt;
-}
-
-void
-EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
-    int (*derive_init)(EVP_PKEY_CTX *ctx),
-    int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen))
-{
-	pmeth->derive_init = derive_init;
-	pmeth->derive = derive;
-}
-
-void
-EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
-    int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
-    int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value))
-{
-	pmeth->ctrl = ctrl;
-	pmeth->ctrl_str = ctrl_str;
-}
diff --git a/lib/libssl/src/crypto/ex_data.c b/lib/libssl/src/crypto/ex_data.c
deleted file mode 100644
index 231e5df8a33..00000000000
--- a/lib/libssl/src/crypto/ex_data.c
+++ /dev/null
@@ -1,638 +0,0 @@
-/* $OpenBSD: ex_data.c,v 1.18 2015/02/10 11:22:21 jsing Exp $ */
-
-/*
- * Overhaul notes;
- *
- * This code is now *mostly* thread-safe. It is now easier to understand in what
- * ways it is safe and in what ways it is not, which is an improvement. Firstly,
- * all per-class stacks and index-counters for ex_data are stored in the same
- * global LHASH table (keyed by class). This hash table uses locking for all
- * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
- * called when no other threads can possibly race against it (even if it was
- * locked, the race would mean it's possible the hash table might have been
- * recreated after the cleanup). As classes can only be added to the hash table,
- * and within each class, the stack of methods can only be incremented, the
- * locking mechanics are simpler than they would otherwise be. For example, the
- * new/dup/free ex_data functions will lock the hash table, copy the method
- * pointers it needs from the relevant class, then unlock the hash table before
- * actually applying those method pointers to the task of the new/dup/free
- * operations. As they can't be removed from the method-stack, only
- * supplemented, there's no race conditions associated with using them outside
- * the lock. The get/set_ex_data functions are not locked because they do not
- * involve this global state at all - they operate directly with a previously
- * obtained per-class method index and a particular "ex_data" variable. These
- * variables are usually instantiated per-context (eg. each RSA structure has
- * one) so locking on read/write access to that variable can be locked locally
- * if required (eg. using the "RSA" lock to synchronise access to a
- * per-RSA-structure ex_data variable if required).
- * [Geoff]
- */
-
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-
-/* What an "implementation of ex_data functionality" looks like */
-struct st_CRYPTO_EX_DATA_IMPL {
-	/*********************/
-	/* GLOBAL OPERATIONS */
-	/* Return a new class index */
-	int (*cb_new_class)(void);
-	/* Cleanup all state used by the implementation */
-	void (*cb_cleanup)(void);
-	/************************/
-	/* PER-CLASS OPERATIONS */
-	/* Get a new method index within a class */
-	int (*cb_get_new_index)(int class_index, long argl, void *argp,
-	    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-	    CRYPTO_EX_free *free_func);
-	/* Initialise a new CRYPTO_EX_DATA of a given class */
-	int (*cb_new_ex_data)(int class_index, void *obj,
-	    CRYPTO_EX_DATA *ad);
-	/* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
-	int (*cb_dup_ex_data)(int class_index, CRYPTO_EX_DATA *to,
-	    CRYPTO_EX_DATA *from);
-	/* Cleanup a CRYPTO_EX_DATA of a given class */
-	void (*cb_free_ex_data)(int class_index, void *obj,
-	    CRYPTO_EX_DATA *ad);
-};
-
-/* The implementation we use at run-time */
-static const CRYPTO_EX_DATA_IMPL *impl = NULL;
-
-/* To call "impl" functions, use this macro rather than referring to 'impl' directly, eg.
- * EX_IMPL(get_new_index)(...);
-*/
-#define EX_IMPL(a) impl->cb_##a
-
-/* Predeclare the "default" ex_data implementation */
-static int int_new_class(void);
-static void int_cleanup(void);
-static int int_get_new_index(int class_index, long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-    CRYPTO_EX_free *free_func);
-static int int_new_ex_data(int class_index, void *obj,
-    CRYPTO_EX_DATA *ad);
-static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
-    CRYPTO_EX_DATA *from);
-static void int_free_ex_data(int class_index, void *obj,
-    CRYPTO_EX_DATA *ad);
-
-static CRYPTO_EX_DATA_IMPL impl_default = {
-	int_new_class,
-	int_cleanup,
-	int_get_new_index,
-	int_new_ex_data,
-	int_dup_ex_data,
-	int_free_ex_data
-};
-
-/* Internal function that checks whether "impl" is set and if not, sets it to
- * the default. */
-static void
-impl_check(void)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if (!impl)
-		impl = &impl_default;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-}
-/* A macro wrapper for impl_check that first uses a non-locked test before
- * invoking the function (which checks again inside a lock). */
-#define IMPL_CHECK if(!impl) impl_check();
-
-/* API functions to get/set the "ex_data" implementation */
-const CRYPTO_EX_DATA_IMPL *
-CRYPTO_get_ex_data_implementation(void)
-{
-	IMPL_CHECK
-	return impl;
-}
-
-int
-CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i)
-{
-	int toret = 0;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if (!impl) {
-		impl = i;
-		toret = 1;
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-}
-
-/****************************************************************************/
-/* Interal (default) implementation of "ex_data" support. API functions are
- * further down. */
-
-/* The type that represents what each "class" used to implement locally. A STACK
- * of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is the global
- * value representing the class that is used to distinguish these items. */
-typedef struct st_ex_class_item {
-	int class_index;
-	STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
-	int meth_num;
-} EX_CLASS_ITEM;
-
-/* When assigning new class indexes, this is our counter */
-static int ex_class = CRYPTO_EX_INDEX_USER;
-
-/* The global hash table of EX_CLASS_ITEM items */
-DECLARE_LHASH_OF(EX_CLASS_ITEM);
-static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL;
-
-/* The callbacks required in the "ex_data" hash table */
-static unsigned long
-ex_class_item_hash(const EX_CLASS_ITEM *a)
-{
-	return a->class_index;
-}
-
-static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM)
-
-static int
-ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b)
-{
-	return a->class_index - b->class_index;
-}
-
-static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM)
-
-/* Internal functions used by the "impl_default" implementation to access the
- * state */
-
-static int
-ex_data_check(void)
-{
-	int toret = 1;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	if (!ex_data &&
-	    (ex_data = lh_EX_CLASS_ITEM_new()) == NULL)
-		toret = 0;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-}
-/* This macros helps reduce the locking from repeated checks because the
- * ex_data_check() function checks ex_data again inside a lock. */
-#define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
-
-/* This "inner" callback is used by the callback function that follows it */
-static void
-def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs)
-{
-	free(funcs);
-}
-
-/* This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
- * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't do
- * any locking. */
-static void
-def_cleanup_cb(void *a_void)
-{
-	EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void;
-	sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb);
-	free(item);
-}
-
-/* Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to a
- * given class. Handles locking. */
-static EX_CLASS_ITEM *
-def_get_class(int class_index)
-{
-	EX_CLASS_ITEM d, *p, *gen;
-	EX_DATA_CHECK(return NULL;)
-	d.class_index = class_index;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
-	if (!p) {
-		gen = malloc(sizeof(EX_CLASS_ITEM));
-		if (gen) {
-			gen->class_index = class_index;
-			gen->meth_num = 0;
-			gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null();
-			if (!gen->meth)
-				free(gen);
-			else {
-				/* Because we're inside the ex_data lock, the
-				 * return value from the insert will be NULL */
-				(void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
-				p = gen;
-			}
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	if (!p)
-		CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE);
-	return p;
-}
-
-/* Add a new method to the given EX_CLASS_ITEM and return the corresponding
- * index (or -1 for error). Handles locking. */
-static int
-def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	int toret = -1;
-	CRYPTO_EX_DATA_FUNCS *a = malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
-
-	if (!a) {
-		CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-	a->argl = argl;
-	a->argp = argp;
-	a->new_func = new_func;
-	a->dup_func = dup_func;
-	a->free_func = free_func;
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	while (sk_CRYPTO_EX_DATA_FUNCS_num(item->meth) <= item->meth_num) {
-		if (!sk_CRYPTO_EX_DATA_FUNCS_push(item->meth, NULL)) {
-			CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
-			free(a);
-			goto err;
-		}
-	}
-	toret = item->meth_num++;
-	(void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
-err:
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-}
-
-/**************************************************************/
-/* The functions in the default CRYPTO_EX_DATA_IMPL structure */
-
-static int
-int_new_class(void)
-{
-	int toret;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
-	toret = ex_class++;
-	CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
-	return toret;
-}
-
-static void
-int_cleanup(void)
-{
-	EX_DATA_CHECK(return;)
-	lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb);
-	lh_EX_CLASS_ITEM_free(ex_data);
-	ex_data = NULL;
-	impl = NULL;
-}
-
-static int
-int_get_new_index(int class_index, long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-    CRYPTO_EX_free *free_func)
-{
-	EX_CLASS_ITEM *item = def_get_class(class_index);
-
-	if (!item)
-		return -1;
-	return def_add_index(item, argl, argp, new_func, dup_func, free_func);
-}
-
-/* Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries in
- * the lock, then using them outside the lock. NB: Thread-safety only applies to
- * the global "ex_data" state (ie. class definitions), not thread-safe on 'ad'
- * itself. */
-static int
-int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-	int mx, i;
-	void *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	EX_CLASS_ITEM *item = def_get_class(class_index);
-
-	if (!item)
-		/* error is already set */
-		return 0;
-	ad->sk = NULL;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	if (mx > 0) {
-		storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if (!storage)
-			goto skip;
-		for (i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(
-			    item->meth, i);
-	}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if ((mx > 0) && !storage) {
-		CRYPTOerr(CRYPTO_F_INT_NEW_EX_DATA, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	for (i = 0; i < mx; i++) {
-		if (storage[i] && storage[i]->new_func) {
-			ptr = CRYPTO_get_ex_data(ad, i);
-			storage[i]->new_func(obj, ptr, ad, i,
-			    storage[i]->argl, storage[i]->argp);
-		}
-	}
-	free(storage);
-	return 1;
-}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static int
-int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from)
-{
-	int mx, j, i;
-	char *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	EX_CLASS_ITEM *item;
-
-	if (!from->sk)
-		/* 'to' should be "blank" which *is* just like 'from' */
-		return 1;
-	if ((item = def_get_class(class_index)) == NULL)
-		return 0;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	j = sk_void_num(from->sk);
-	if (j < mx)
-		mx = j;
-	if (mx > 0) {
-		storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if (!storage)
-			goto skip;
-		for (i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(
-			    item->meth, i);
-	}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if ((mx > 0) && !storage) {
-		CRYPTOerr(CRYPTO_F_INT_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	for (i = 0; i < mx; i++) {
-		ptr = CRYPTO_get_ex_data(from, i);
-		if (storage[i] && storage[i]->dup_func)
-			storage[i]->dup_func(to, from, &ptr, i,
-			    storage[i]->argl, storage[i]->argp);
-		CRYPTO_set_ex_data(to, i, ptr);
-	}
-	free(storage);
-	return 1;
-}
-
-/* Same thread-safety notes as for "int_new_ex_data" */
-static void
-int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-	int mx, i;
-	EX_CLASS_ITEM *item;
-	void *ptr;
-	CRYPTO_EX_DATA_FUNCS **storage = NULL;
-	if ((item = def_get_class(class_index)) == NULL)
-		return;
-	CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
-	mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
-	if (mx > 0) {
-		storage = reallocarray(NULL, mx, sizeof(CRYPTO_EX_DATA_FUNCS*));
-		if (!storage)
-			goto skip;
-		for (i = 0; i < mx; i++)
-			storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(
-			    item->meth, i);
-	}
-skip:
-	CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
-	if ((mx > 0) && !storage) {
-		CRYPTOerr(CRYPTO_F_INT_FREE_EX_DATA, ERR_R_MALLOC_FAILURE);
-		return;
-	}
-	for (i = 0; i < mx; i++) {
-		if (storage[i] && storage[i]->free_func) {
-			ptr = CRYPTO_get_ex_data(ad, i);
-			storage[i]->free_func(obj, ptr, ad, i,
-			    storage[i]->argl, storage[i]->argp);
-		}
-	}
-	free(storage);
-	if (ad->sk) {
-		sk_void_free(ad->sk);
-		ad->sk = NULL;
-	}
-}
-
-/********************************************************************/
-/* API functions that defer all "state" operations to the "ex_data"
- * implementation we have set. */
-
-/* Obtain an index for a new class (not the same as getting a new index within
- * an existing class - this is actually getting a new *class*) */
-int
-CRYPTO_ex_data_new_class(void)
-{
-	IMPL_CHECK
-	return EX_IMPL(new_class)();
-}
-
-/* Release all "ex_data" state to prevent memory leaks. This can't be made
- * thread-safe without overhauling a lot of stuff, and shouldn't really be
- * called under potential race-conditions anyway (it's for program shutdown
- * after all). */
-void
-CRYPTO_cleanup_all_ex_data(void)
-{
-	IMPL_CHECK
-	EX_IMPL(cleanup)();
-}
-
-/* Inside an existing class, get/register a new index. */
-int
-CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	int ret = -1;
-
-	IMPL_CHECK
-	ret = EX_IMPL(get_new_index)(class_index,
-	    argl, argp, new_func, dup_func, free_func);
-	return ret;
-}
-
-/* Initialise a new CRYPTO_EX_DATA for use in a particular class - including
- * calling new() callbacks for each index in the class used by this variable */
-int
-CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-	IMPL_CHECK
-	return EX_IMPL(new_ex_data)(class_index, obj, ad);
-}
-
-/* Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks for
- * each index in the class used by this variable */
-int
-CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from)
-{
-	IMPL_CHECK
-	return EX_IMPL(dup_ex_data)(class_index, to, from);
-}
-
-/* Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
- * each index in the class used by this variable */
-void
-CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
-{
-	IMPL_CHECK
-	EX_IMPL(free_ex_data)(class_index, obj, ad);
-}
-
-/* For a given CRYPTO_EX_DATA variable, set the value corresponding to a
- * particular index in the class used by this variable */
-int
-CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
-{
-	int i;
-
-	if (ad->sk == NULL) {
-		if ((ad->sk = sk_void_new_null()) == NULL) {
-			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,
-			    ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-	}
-	i = sk_void_num(ad->sk);
-
-	while (i <= idx) {
-		if (!sk_void_push(ad->sk, NULL)) {
-			CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,
-			    ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-		i++;
-	}
-	sk_void_set(ad->sk, idx, val);
-	return (1);
-}
-
-/* For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
- * particular index in the class used by this variable */
-void *
-CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
-{
-	if (ad->sk == NULL)
-		return (0);
-	else if (idx >= sk_void_num(ad->sk))
-		return (0);
-	else
-		return (sk_void_value(ad->sk, idx));
-}
diff --git a/lib/libssl/src/crypto/gost/gost.h b/lib/libssl/src/crypto/gost/gost.h
deleted file mode 100644
index 516c1b41fc9..00000000000
--- a/lib/libssl/src/crypto/gost/gost.h
+++ /dev/null
@@ -1,262 +0,0 @@
-/* $OpenBSD: gost.h,v 1.2 2014/11/09 19:24:30 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_GOST_H
-#define HEADER_GOST_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_GOST
-#error GOST is disabled.
-#endif
-
-#include <openssl/asn1t.h>
-#include <openssl/ec.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct gost2814789_key_st {
-	unsigned int key[8];
-	unsigned int k87[256],k65[256],k43[256],k21[256];
-	unsigned int count;
-	unsigned key_meshing : 1;
-} GOST2814789_KEY;
-
-int Gost2814789_set_sbox(GOST2814789_KEY *key, int nid);
-int Gost2814789_set_key(GOST2814789_KEY *key,
-		const unsigned char *userKey, const int bits);
-void Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	GOST2814789_KEY *key, const int enc);
-void Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, GOST2814789_KEY *key,
-	unsigned char *ivec, int *num, const int enc);
-void Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out,
-	size_t length, GOST2814789_KEY *key,
-	unsigned char *ivec, unsigned char *cnt_buf, int *num);
-
-typedef struct {
-	ASN1_OCTET_STRING *iv;
-	ASN1_OBJECT *enc_param_set;
-} GOST_CIPHER_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
-
-#define GOST2814789IMIT_LENGTH 4
-#define GOST2814789IMIT_CBLOCK 8
-#define GOST2814789IMIT_LONG unsigned int
-
-typedef struct GOST2814789IMITstate_st {
-	GOST2814789IMIT_LONG	Nl, Nh;
-	unsigned char		data[GOST2814789IMIT_CBLOCK];
-	unsigned int		num;
-
-	GOST2814789_KEY		cipher;
-	unsigned char		mac[GOST2814789IMIT_CBLOCK];
-} GOST2814789IMIT_CTX;
-
-/* Note, also removed second parameter and removed dctx->cipher setting */
-int GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid);
-int GOST2814789IMIT_Update(GOST2814789IMIT_CTX *c, const void *data, size_t len);
-int GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c);
-void GOST2814789IMIT_Transform(GOST2814789IMIT_CTX *c, const unsigned char *data);
-unsigned char *GOST2814789IMIT(const unsigned char *d, size_t n,
-		unsigned char *md, int nid,
-		const unsigned char *key, const unsigned char *iv);
-
-#define GOSTR341194_LONG unsigned int
-
-#define GOSTR341194_LENGTH	32
-#define GOSTR341194_CBLOCK	32
-#define GOSTR341194_LBLOCK	(GOSTR341194_CBLOCK/4)
-
-typedef struct GOSTR341194state_st {
-	GOSTR341194_LONG	Nl, Nh;
-	GOSTR341194_LONG	data[GOSTR341194_LBLOCK];
-	unsigned int		num;
-
-	GOST2814789_KEY		cipher;
-	unsigned char		H[GOSTR341194_CBLOCK];
-	unsigned char		S[GOSTR341194_CBLOCK];
-} GOSTR341194_CTX;
-
-/* Note, also removed second parameter and removed dctx->cipher setting */
-int GOSTR341194_Init(GOSTR341194_CTX *c, int nid);
-int GOSTR341194_Update(GOSTR341194_CTX *c, const void *data, size_t len);
-int GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX *c);
-void GOSTR341194_Transform(GOSTR341194_CTX *c, const unsigned char *data);
-unsigned char *GOSTR341194(const unsigned char *d, size_t n,unsigned char *md, int nid);
-
-#if defined(_LP64)
-#define STREEBOG_LONG64 unsigned long
-#define U64(C)     C##UL
-#else
-#define STREEBOG_LONG64 unsigned long long
-#define U64(C)     C##ULL
-#endif
-
-#define STREEBOG_LBLOCK 8
-#define STREEBOG_CBLOCK 64
-#define STREEBOG256_LENGTH 32
-#define STREEBOG512_LENGTH 64
-
-typedef struct STREEBOGstate_st {
-	STREEBOG_LONG64	data[STREEBOG_LBLOCK];
-	unsigned int	num;
-	unsigned int	md_len;
-	STREEBOG_LONG64	h[STREEBOG_LBLOCK];
-	STREEBOG_LONG64 N[STREEBOG_LBLOCK];
-	STREEBOG_LONG64 Sigma[STREEBOG_LBLOCK];
-} STREEBOG_CTX;
-
-int STREEBOG256_Init(STREEBOG_CTX *c);
-int STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len);
-int STREEBOG256_Final(unsigned char *md, STREEBOG_CTX *c);
-void STREEBOG256_Transform(STREEBOG_CTX *c, const unsigned char *data);
-unsigned char *STREEBOG256(const unsigned char *d, size_t n,unsigned char *md);
-
-int STREEBOG512_Init(STREEBOG_CTX *c);
-int STREEBOG512_Update(STREEBOG_CTX *c, const void *data, size_t len);
-int STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c);
-void STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data);
-unsigned char *STREEBOG512(const unsigned char *d, size_t n,unsigned char *md);
-
-typedef struct gost_key_st GOST_KEY;
-GOST_KEY *GOST_KEY_new(void);
-void GOST_KEY_free(GOST_KEY * r);
-int GOST_KEY_check_key(const GOST_KEY * eckey);
-int GOST_KEY_set_public_key_affine_coordinates(GOST_KEY * key, BIGNUM * x, BIGNUM * y);
-const EC_GROUP * GOST_KEY_get0_group(const GOST_KEY * key);
-int GOST_KEY_set_group(GOST_KEY * key, const EC_GROUP * group);
-int GOST_KEY_get_digest(const GOST_KEY * key);
-int GOST_KEY_set_digest(GOST_KEY * key, int digest_nid);
-const BIGNUM * GOST_KEY_get0_private_key(const GOST_KEY * key);
-int GOST_KEY_set_private_key(GOST_KEY * key, const BIGNUM * priv_key);
-const EC_POINT * GOST_KEY_get0_public_key(const GOST_KEY * key);
-int GOST_KEY_set_public_key(GOST_KEY * key, const EC_POINT * pub_key);
-size_t GOST_KEY_get_size(const GOST_KEY * r);
-
-/* Gost-specific pmeth control-function parameters */
-/* For GOST R34.10 parameters */
-#define EVP_PKEY_CTRL_GOST_PARAMSET	(EVP_PKEY_ALG_CTRL+1)
-#define EVP_PKEY_CTRL_GOST_SIG_FORMAT	(EVP_PKEY_ALG_CTRL+2)
-#define EVP_PKEY_CTRL_GOST_SET_DIGEST	(EVP_PKEY_ALG_CTRL+3)
-#define EVP_PKEY_CTRL_GOST_GET_DIGEST	(EVP_PKEY_ALG_CTRL+4)
-
-#define GOST_SIG_FORMAT_SR_BE	0
-#define GOST_SIG_FORMAT_RS_LE	1
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_GOST_strings(void);
-
-/* Error codes for the GOST functions. */
-
-/* Function codes. */
-#define GOST_F_DECODE_GOST01_ALGOR_PARAMS		 104
-#define GOST_F_ENCODE_GOST01_ALGOR_PARAMS		 105
-#define GOST_F_GOST2001_COMPUTE_PUBLIC			 106
-#define GOST_F_GOST2001_DO_SIGN				 107
-#define GOST_F_GOST2001_DO_VERIFY			 108
-#define GOST_F_GOST2001_KEYGEN				 109
-#define GOST_F_GOST89_GET_ASN1_PARAMETERS		 102
-#define GOST_F_GOST89_SET_ASN1_PARAMETERS		 103
-#define GOST_F_GOST_KEY_CHECK_KEY			 124
-#define GOST_F_GOST_KEY_NEW				 125
-#define GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 126
-#define GOST_F_PARAM_COPY_GOST01			 110
-#define GOST_F_PARAM_DECODE_GOST01			 111
-#define GOST_F_PKEY_GOST01_CTRL				 116
-#define GOST_F_PKEY_GOST01_DECRYPT			 112
-#define GOST_F_PKEY_GOST01_DERIVE			 113
-#define GOST_F_PKEY_GOST01_ENCRYPT			 114
-#define GOST_F_PKEY_GOST01_PARAMGEN			 115
-#define GOST_F_PKEY_GOST01_SIGN				 123
-#define GOST_F_PKEY_GOST_MAC_CTRL			 100
-#define GOST_F_PKEY_GOST_MAC_KEYGEN			 101
-#define GOST_F_PRIV_DECODE_GOST01			 117
-#define GOST_F_PUB_DECODE_GOST01			 118
-#define GOST_F_PUB_ENCODE_GOST01			 119
-#define GOST_F_PUB_PRINT_GOST01				 120
-#define GOST_F_UNPACK_SIGNATURE_CP			 121
-#define GOST_F_UNPACK_SIGNATURE_LE			 122
-
-/* Reason codes. */
-#define GOST_R_BAD_KEY_PARAMETERS_FORMAT		 104
-#define GOST_R_BAD_PKEY_PARAMETERS_FORMAT		 105
-#define GOST_R_CANNOT_PACK_EPHEMERAL_KEY		 106
-#define GOST_R_CTRL_CALL_FAILED				 107
-#define GOST_R_ERROR_COMPUTING_SHARED_KEY		 108
-#define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO		 109
-#define GOST_R_INCOMPATIBLE_ALGORITHMS			 110
-#define GOST_R_INCOMPATIBLE_PEER_KEY			 111
-#define GOST_R_INVALID_DIGEST_TYPE			 100
-#define GOST_R_INVALID_IV_LENGTH			 103
-#define GOST_R_INVALID_MAC_KEY_LENGTH			 101
-#define GOST_R_KEY_IS_NOT_INITIALIZED			 112
-#define GOST_R_KEY_PARAMETERS_MISSING			 113
-#define GOST_R_MAC_KEY_NOT_SET				 102
-#define GOST_R_NO_PARAMETERS_SET			 115
-#define GOST_R_NO_PEER_KEY				 116
-#define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR	 117
-#define GOST_R_PUBLIC_KEY_UNDEFINED			 118
-#define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED		 120
-#define GOST_R_SIGNATURE_MISMATCH			 121
-#define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q		 122
-#define GOST_R_UKM_NOT_SET				 123
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost2814789.c b/lib/libssl/src/crypto/gost/gost2814789.c
deleted file mode 100644
index e285413ed46..00000000000
--- a/lib/libssl/src/crypto/gost/gost2814789.c
+++ /dev/null
@@ -1,471 +0,0 @@
-/* $OpenBSD: gost2814789.c,v 1.5 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/objects.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-static inline unsigned int
-f(const GOST2814789_KEY *c, unsigned int x)
-{
-	return  c->k87[(x>>24) & 255] | c->k65[(x>>16) & 255]|
-		c->k43[(x>> 8) & 255] | c->k21[(x    ) & 255];
-}
-
-void
-Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
-    const GOST2814789_KEY *key)
-{
-	unsigned int n1, n2; /* As named in the GOST */
-
-	c2l(in, n1);
-	c2l(in, n2);
-
-	/* Instead of swapping halves, swap names each round */
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
-	n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
-	n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
-	n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
-
-	l2c(n2, out);
-	l2c(n1, out);
-}
-
-void
-Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
-    const GOST2814789_KEY *key)
-{
-	unsigned int n1, n2; /* As named in the GOST */
-
-	c2l(in, n1);
-	c2l(in, n2);
-
-	/* Instead of swapping halves, swap names each round */
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
-	n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
-	n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
-	n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
-
-	n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
-	n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
-	n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
-	n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
-
-	n2 ^= f(key, n1 + key->key[7]); n1 ^= f(key, n2 + key->key[6]);
-	n2 ^= f(key, n1 + key->key[5]); n1 ^= f(key, n2 + key->key[4]);
-	n2 ^= f(key, n1 + key->key[3]); n1 ^= f(key, n2 + key->key[2]);
-	n2 ^= f(key, n1 + key->key[1]); n1 ^= f(key, n2 + key->key[0]);
-
-	l2c(n2, out);
-	l2c(n1, out);
-}
-
-static void
-Gost2814789_mac(const unsigned char *in, unsigned char *mac,
-    GOST2814789_KEY *key)
-{
-	unsigned int n1, n2; /* As named in the GOST */
-	unsigned char *p;
-	int i;
-
-	for (i = 0; i < 8; i++)
-		mac[i] ^= in[i];
-
-	p = mac;
-	c2l(p, n1);
-	c2l(p, n2);
-
-	/* Instead of swapping halves, swap names each round */
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	n2 ^= f(key, n1 + key->key[0]); n1 ^= f(key, n2 + key->key[1]);
-	n2 ^= f(key, n1 + key->key[2]); n1 ^= f(key, n2 + key->key[3]);
-	n2 ^= f(key, n1 + key->key[4]); n1 ^= f(key, n2 + key->key[5]);
-	n2 ^= f(key, n1 + key->key[6]); n1 ^= f(key, n2 + key->key[7]);
-
-	p = mac;
-	l2c(n1, p);
-	l2c(n2, p);
-}
-
-void
-Gost2814789_ecb_encrypt(const unsigned char *in, unsigned char *out,
-    GOST2814789_KEY *key, const int enc)
-{
-	if (key->key_meshing && key->count == 1024) {
-		Gost2814789_cryptopro_key_mesh(key);
-		key->count = 0;
-	}
-
-	if (enc)
-		Gost2814789_encrypt(in, out, key);
-	else
-		Gost2814789_decrypt(in, out, key);
-}
-
-static inline void
-Gost2814789_encrypt_mesh(unsigned char *iv, GOST2814789_KEY *key)
-{
-	if (key->key_meshing && key->count == 1024) {
-		Gost2814789_cryptopro_key_mesh(key);
-		Gost2814789_encrypt(iv, iv, key);
-		key->count = 0;
-	}
-	Gost2814789_encrypt(iv, iv, key);
-	key->count += 8;
-}
-
-static inline void
-Gost2814789_mac_mesh(const unsigned char *data, unsigned char *mac,
-    GOST2814789_KEY *key)
-{
-	if (key->key_meshing && key->count == 1024) {
-		Gost2814789_cryptopro_key_mesh(key);
-		key->count = 0;
-	}
-	Gost2814789_mac(data, mac, key);
-	key->count += 8;
-}
-
-void
-Gost2814789_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-    size_t len, GOST2814789_KEY *key, unsigned char *ivec, int *num,
-    const int enc)
-{
-	unsigned int n;
-	size_t l = 0;
-
-	n = *num;
-
-	if (enc) {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-		if (8 % sizeof(size_t) == 0) do { /* always true actually */
-			while (n && len) {
-				*(out++) = ivec[n] ^= *(in++);
-				--len;
-				n = (n + 1) % 8;
-			}
-#ifdef __STRICT_ALIGNMENT
-			if (((size_t)in | (size_t)out | (size_t)ivec) %
-			    sizeof(size_t) != 0)
-				break;
-#endif
-			while (len >= 8) {
-				Gost2814789_encrypt_mesh(ivec, key);
-				for (; n < 8; n += sizeof(size_t)) {
-					*(size_t*)(out + n) =
-					*(size_t*)(ivec + n) ^=
-					    *(size_t*)(in + n);
-				}
-				len -= 8;
-				out += 8;
-				in  += 8;
-				n = 0;
-			}
-			if (len) {
-				Gost2814789_encrypt_mesh(ivec, key);
-				while (len--) {
-					out[n] = ivec[n] ^= in[n];
-					++n;
-				}
-			}
-			*num = n;
-			return;
-		} while (0);
-		/* the rest would be commonly eliminated by x86* compiler */
-#endif
-		while (l<len) {
-			if (n == 0) {
-				Gost2814789_encrypt_mesh(ivec, key);
-			}
-			out[l] = ivec[n] ^= in[l];
-			++l;
-			n = (n + 1) % 8;
-		}
-		*num = n;
-	} else {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-		if (8 % sizeof(size_t) == 0) do { /* always true actually */
-			while (n && len) {
-				unsigned char c;
-
-				*(out++) = ivec[n] ^ (c = *(in++));
-				ivec[n] = c;
-				--len;
-				n = (n + 1) % 8;
- 			}
-#ifdef __STRICT_ALIGNMENT
-			if (((size_t)in | (size_t)out | (size_t)ivec) %
-			    sizeof(size_t) != 0)
-				break;
-#endif
-			while (len >= 8) {
-				Gost2814789_encrypt_mesh(ivec, key);
-				for (; n < 8; n += sizeof(size_t)) {
-					size_t t = *(size_t*)(in + n);
-					*(size_t*)(out + n) =
-					    *(size_t*)(ivec + n) ^ t;
-					*(size_t*)(ivec + n) = t;
-				}
-				len -= 8;
-				out += 8;
-				in  += 8;
-				n = 0;
-			}
-			if (len) {
-				Gost2814789_encrypt_mesh(ivec, key);
-				while (len--) {
-					unsigned char c;
-
-					out[n] = ivec[n] ^ (c = in[n]);
-					ivec[n] = c;
-					++n;
-				}
- 			}
-			*num = n;
-			return;
-		} while (0);
-		/* the rest would be commonly eliminated by x86* compiler */
-#endif
-		while (l < len) {
-			unsigned char c;
-
-			if (n == 0) {
-				Gost2814789_encrypt_mesh(ivec, key);
-			}
-			out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;
-			++l;
-			n = (n + 1) % 8;
-		}
-		*num = n;
-	}
-}
-
-static inline void
-Gost2814789_cnt_next(unsigned char *ivec, unsigned char *out,
-    GOST2814789_KEY *key)
-{
-	unsigned char *p = ivec, *p2 = ivec;
-	unsigned int val, val2;
-
-	if (key->count == 0)
-		Gost2814789_encrypt(ivec, ivec, key);
-
-	if (key->key_meshing && key->count == 1024) {
-		Gost2814789_cryptopro_key_mesh(key);
-		Gost2814789_encrypt(ivec, ivec, key);
-		key->count = 0;
-	}
-
-	c2l(p, val);
-	val2 = val + 0x01010101;
-	l2c(val2, p2);
-
-	c2l(p, val);
-	val2 = val + 0x01010104;
-	if (val > val2) /* overflow */
-		val2++;
-	l2c(val2, p2);
-
-	Gost2814789_encrypt(ivec, out, key);
-	key->count += 8;
-}
-
-void
-Gost2814789_cnt_encrypt(const unsigned char *in, unsigned char *out, size_t len,
-    GOST2814789_KEY *key, unsigned char *ivec, unsigned char *cnt_buf, int *num)
-{
-	unsigned int n;
-	size_t l = 0;
-
-	n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (8 % sizeof(size_t) == 0) do { /* always true actually */
-		while (n && len) {
-			*(out++) = *(in++) ^ cnt_buf[n];
-			--len;
-			n = (n + 1) % 8;
-		}
-
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in | (size_t)out | (size_t)ivec) %
-		    sizeof(size_t) != 0)
-			break;
-#endif
-		while (len >= 8) {
-			Gost2814789_cnt_next(ivec, cnt_buf, key);
-			for (; n < 8; n += sizeof(size_t))
-				*(size_t *)(out + n) = *(size_t *)(in + n) ^
-				    *(size_t *)(cnt_buf + n);
-			len -= 8;
-			out += 8;
-			in  += 8;
-			n = 0;
-		}
-		if (len) {
-			Gost2814789_cnt_next(ivec, cnt_buf, key);
-			while (len--) {
-				out[n] = in[n] ^ cnt_buf[n];
-				++n;
-			}
-		}
-		*num = n;
-		return;
-	} while(0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l < len) {
-		if (n==0)
-			Gost2814789_cnt_next(ivec, cnt_buf, key);
-		out[l] = in[l] ^ cnt_buf[n];
-		++l;
-		n = (n + 1) % 8;
-	}
-
-	*num=n;
-}
-
-int
-GOST2814789IMIT_Init(GOST2814789IMIT_CTX *c, int nid)
-{
-	c->Nl = c->Nh = c->num = 0;
-	memset(c->mac, 0, 8);
-	return Gost2814789_set_sbox(&c->cipher, nid);
-}
-
-static void
-GOST2814789IMIT_block_data_order(GOST2814789IMIT_CTX *ctx,
-    const unsigned char *p, size_t num)
-{
-	int i;
-
-	for (i = 0; i < num; i++) {
-		Gost2814789_mac_mesh(p, ctx->mac, &ctx->cipher);
-		p += 8;
-	}
-}
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_CBLOCK	GOST2814789IMIT_CBLOCK
-#define HASH_LONG	GOST2814789IMIT_LONG
-#define HASH_CTX	GOST2814789IMIT_CTX
-#define HASH_UPDATE	GOST2814789IMIT_Update
-#define HASH_TRANSFORM	GOST2814789IMIT_Transform
-#define HASH_NO_FINAL	1
-#define HASH_BLOCK_DATA_ORDER	GOST2814789IMIT_block_data_order
-
-#include "md32_common.h"
-
-int
-GOST2814789IMIT_Final(unsigned char *md, GOST2814789IMIT_CTX *c)
-{
-	if (c->num) {
-		memset(c->data + c->num, 0, 8 - c->num);
-		Gost2814789_mac_mesh(c->data, c->mac, &c->cipher);
-	}
-	if (c->Nl <= 8 * 8 && c->Nl > 0 && c->Nh == 0) {
-		memset(c->data, 0, 8);
-		Gost2814789_mac_mesh(c->data, c->mac, &c->cipher);
-	}
-	memcpy(md, c->mac, 4);
-	return 1;
-}
-
-unsigned char *
-GOST2814789IMIT(const unsigned char *d, size_t n, unsigned char *md, int nid,
-    const unsigned char *key, const unsigned char *iv)
-{
-	GOST2814789IMIT_CTX c;
-	static unsigned char m[GOST2814789IMIT_LENGTH];
-
-	if (md == NULL)
-		md = m;
-	GOST2814789IMIT_Init(&c, nid);
-	memcpy(c.mac, iv, 8);
-	Gost2814789_set_key(&c.cipher, key, 256);
-	GOST2814789IMIT_Update(&c, d, n);
-	GOST2814789IMIT_Final(md, &c);
-	explicit_bzero(&c, sizeof(c));
-	return (md);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost89_keywrap.c b/lib/libssl/src/crypto/gost/gost89_keywrap.c
deleted file mode 100644
index a754c4d56ea..00000000000
--- a/lib/libssl/src/crypto/gost/gost89_keywrap.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-static void
-key_diversify_crypto_pro(GOST2814789_KEY *ctx, const unsigned char *inputKey,
-    const unsigned char *ukm, unsigned char *outputKey)
-{
-	unsigned long k, s1, s2;
-	int i, mask;
-	unsigned char S[8];
-	unsigned char *p;
-
-	memcpy(outputKey, inputKey, 32);
-	for (i = 0; i < 8; i++) {
-		/* Make array of integers from key */
-		/* Compute IV S */
-		s1 = 0, s2 = 0;
-		p = outputKey;
-		for (mask = 1; mask < 256; mask <<= 1) {
-			c2l(p, k);
-			if (mask & ukm[i]) {
-				s1 += k;
-			} else {
-				s2 += k;
-			}
-		}
-		p = S;
-		l2c (s1, p);
-		l2c (s2, p);
-		Gost2814789_set_key(ctx, outputKey, 256);
-		mask = 0;
-		Gost2814789_cfb64_encrypt(outputKey, outputKey, 32, ctx, S,
-		    &mask, 1);
-	}
-}
-
-int
-gost_key_wrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
-    const unsigned char *ukm, const unsigned char *sessionKey,
-    unsigned char *wrappedKey)
-{
-	GOST2814789_KEY ctx;
-	unsigned char kek_ukm[32];
-
-	Gost2814789_set_sbox(&ctx, nid);
-	key_diversify_crypto_pro(&ctx, keyExchangeKey, ukm, kek_ukm);
-	Gost2814789_set_key(&ctx, kek_ukm, 256);
-	memcpy(wrappedKey, ukm, 8);
-	Gost2814789_encrypt(sessionKey +  0, wrappedKey + 8 +  0, &ctx);
-	Gost2814789_encrypt(sessionKey +  8, wrappedKey + 8 +  8, &ctx);
-	Gost2814789_encrypt(sessionKey + 16, wrappedKey + 8 + 16, &ctx);
-	Gost2814789_encrypt(sessionKey + 24, wrappedKey + 8 + 24, &ctx);
-	GOST2814789IMIT(sessionKey, 32, wrappedKey + 40, nid, kek_ukm, ukm);
-	return 1;
-}
-
-int
-gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
-    const unsigned char *wrappedKey, unsigned char *sessionKey)
-{
-	unsigned char kek_ukm[32], cek_mac[4];
-	GOST2814789_KEY ctx;
-
-	Gost2814789_set_sbox(&ctx, nid);
-	/* First 8 bytes of wrapped Key is ukm */
-	key_diversify_crypto_pro(&ctx, keyExchangeKey, wrappedKey, kek_ukm);
-	Gost2814789_set_key(&ctx, kek_ukm, 256);
-	Gost2814789_decrypt(wrappedKey + 8 +  0, sessionKey +  0, &ctx);
-	Gost2814789_decrypt(wrappedKey + 8 +  8, sessionKey +  8, &ctx);
-	Gost2814789_decrypt(wrappedKey + 8 + 16, sessionKey + 16, &ctx);
-	Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
-
-	GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
-	if (memcmp(cek_mac, wrappedKey + 40, 4))
-		return 0;
-
-	return 1;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost89_params.c b/lib/libssl/src/crypto/gost/gost89_params.c
deleted file mode 100644
index 35d8f62fe96..00000000000
--- a/lib/libssl/src/crypto/gost/gost89_params.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/* $OpenBSD: gost89_params.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/objects.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-/* Substitution blocks from test examples for GOST R 34.11-94*/
-static const gost_subst_block GostR3411_94_TestParamSet = {
-	{0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC},
-	{0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC},
-	{0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE},
-	{0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2},
-	{0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3},
-	{0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB},
-	{0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9},
-	{0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3}
-};
-
-/* Substitution blocks for hash function 1.2.643.2.9.1.6.1  */
-static const gost_subst_block GostR3411_94_CryptoProParamSet = {
-	{0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC},
-	{0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB},
-	{0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3},
-	{0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5},
-	{0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3},
-	{0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD},
-	{0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8},
-	{0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF}
-};
-
-/* Test paramset from GOST 28147 */
-gost_subst_block Gost28147_TestParamSet = {
-	{0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8},
-	{0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD},
-	{0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4},
-	{0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4},
-	{0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8},
-	{0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB},
-	{0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5},
-	{0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6}
-};
-
-
-/* 1.2.643.2.2.31.1 */
-static const gost_subst_block Gost28147_CryptoProParamSetA = {
-	{0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4},
-	{0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE},
-	{0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6},
-	{0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6},
-	{0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6},
-	{0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9},
-	{0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1},
-	{0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5}
-};
-
-/* 1.2.643.2.2.31.2 */
-static const gost_subst_block Gost28147_CryptoProParamSetB = {
-	{0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC},
-	{0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE},
-	{0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5},
-	{0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3},
-	{0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8},
-	{0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4},
-	{0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE},
-	{0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF}
-};
-
-/* 1.2.643.2.2.31.3 */
-static const gost_subst_block Gost28147_CryptoProParamSetC = {
-	{0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8},
-	{0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7},
-	{0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD},
-	{0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7},
-	{0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4},
-	{0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB},
-	{0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3},
-	{0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3}
-};
-
-/* 1.2.643.2.2.31.4 */
-static const gost_subst_block Gost28147_CryptoProParamSetD = {
-	{0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE},
-	{0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7},
-	{0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6},
-	{0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1},
-	{0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8},
-	{0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2},
-	{0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1},
-	{0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3}
-};
-
-static const gost_subst_block Gost28147_TC26ParamSetZ = {
-	{0x1,0x7,0xe,0xd,0x0,0x5,0x8,0x3,0x4,0xf,0xa,0x6,0x9,0xc,0xb,0x2},
-	{0x8,0xe,0x2,0x5,0x6,0x9,0x1,0xc,0xf,0x4,0xb,0x0,0xd,0xa,0x3,0x7},
-	{0x5,0xd,0xf,0x6,0x9,0x2,0xc,0xa,0xb,0x7,0x8,0x1,0x4,0x3,0xe,0x0},
-	{0x7,0xf,0x5,0xa,0x8,0x1,0x6,0xd,0x0,0x9,0x3,0xe,0xb,0x4,0x2,0xc},
-	{0xc,0x8,0x2,0x1,0xd,0x4,0xf,0x6,0x7,0x0,0xa,0x5,0x3,0xe,0x9,0xb},
-	{0xb,0x3,0x5,0x8,0x2,0xf,0xa,0xd,0xe,0x1,0x7,0x4,0xc,0x9,0x6,0x0},
-	{0x6,0x8,0x2,0x3,0x9,0xa,0x5,0xc,0x1,0xe,0x4,0x7,0xb,0xd,0x0,0xf},
-	{0xc,0x4,0x6,0x2,0xa,0x5,0xb,0x9,0xe,0x8,0xd,0x7,0x0,0x3,0xf,0x1}
-};
-
-static const unsigned char CryptoProKeyMeshingKey[] = {
-	0x69, 0x00, 0x72, 0x22,   0x64, 0xC9, 0x04, 0x23,
-	0x8D, 0x3A, 0xDB, 0x96,   0x46, 0xE9, 0x2A, 0xC4,
-	0x18, 0xFE, 0xAC, 0x94,   0x00, 0xED, 0x07, 0x12,
-	0xC0, 0x86, 0xDC, 0xC2,   0xEF, 0x4C, 0xA9, 0x2B
-};
-
-static const struct gost89_parameters_info {
-	int nid;
-	const gost_subst_block *sblock;
-	int key_meshing;
-} gost_cipher_list[] =
-{
-	{NID_id_Gost28147_89_CryptoPro_A_ParamSet,&Gost28147_CryptoProParamSetA,1},
-	{NID_id_Gost28147_89_CryptoPro_B_ParamSet,&Gost28147_CryptoProParamSetB,1},
-	{NID_id_Gost28147_89_CryptoPro_C_ParamSet,&Gost28147_CryptoProParamSetC,1},
-	{NID_id_Gost28147_89_CryptoPro_D_ParamSet,&Gost28147_CryptoProParamSetD,1},
-	{NID_id_tc26_gost_28147_param_Z,&Gost28147_TC26ParamSetZ,1},
-	{NID_id_Gost28147_89_TestParamSet,&Gost28147_TestParamSet,0},
-	{NID_id_GostR3411_94_TestParamSet,&GostR3411_94_TestParamSet,0},
-	{NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
-	{NID_undef,NULL,0}
-};
-
-int
-Gost2814789_set_sbox(GOST2814789_KEY *key, int nid)
-{
-	int i;
-	const gost_subst_block *b = NULL;
-	unsigned int t;
-
-	for (i = 0; gost_cipher_list[i].nid != NID_undef; i++) {
-		if (gost_cipher_list[i].nid != nid)
-			continue;
-
-		b = gost_cipher_list[i].sblock;
-		key->key_meshing = gost_cipher_list[i].key_meshing;
-		break;
-	}
-
-	if (b == NULL)
-		return 0;
-
-	for (i = 0; i < 256; i++) {
-		t = (unsigned int)(b->k8[i >> 4] <<4 | b->k7 [i & 15]) << 24;
-		key->k87[i] = (t << 11) | (t >> 21);
-		t = (unsigned int)(b->k6[i >> 4] <<4 | b->k5 [i & 15]) << 16;
-		key->k65[i] = (t << 11) | (t >> 21);
-		t = (unsigned int)(b->k4[i >> 4] <<4 | b->k3 [i & 15]) << 8;
-		key->k43[i] = (t << 11) | (t >> 21);
-		t = (unsigned int)(b->k2[i >> 4] <<4 | b->k1 [i & 15]) << 0;
-		key->k21[i] = (t << 11) | (t >> 21);
-	}
-
-	return 1;
-}
-
-int
-Gost2814789_set_key(GOST2814789_KEY *key, const unsigned char *userKey,
-    const int bits)
-{
-	int i;
-
-	if (bits != 256)
-		return 0;
-
-	for (i = 0; i < 8; i++)
-		c2l(userKey, key->key[i]);
-
-	key->count = 0;
-
-	return 1;
-}
-
-void
-Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key)
-{
-	unsigned char newkey[32];
-
-	Gost2814789_decrypt(CryptoProKeyMeshingKey +  0, newkey +  0, key);
-	Gost2814789_decrypt(CryptoProKeyMeshingKey +  8, newkey +  8, key);
-	Gost2814789_decrypt(CryptoProKeyMeshingKey + 16, newkey + 16, key);
-	Gost2814789_decrypt(CryptoProKeyMeshingKey + 24, newkey + 24, key);
-
-	Gost2814789_set_key(key, newkey, 256);
-}
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost89imit_ameth.c b/lib/libssl/src/crypto/gost/gost89imit_ameth.c
deleted file mode 100644
index a2631d97f8a..00000000000
--- a/lib/libssl/src/crypto/gost/gost89imit_ameth.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* $OpenBSD: gost89imit_ameth.c,v 1.2 2014/11/09 23:06:52 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/evp.h>
-
-#include "asn1_locl.h"
-
-static void
-mackey_free_gost(EVP_PKEY *pk)
-{
-	free(pk->pkey.ptr);
-}
-
-static int
-mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-	switch (op) {
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *)arg2 = NID_id_Gost28147_89_MAC;
-		return 2;
-	}
-	return -2;
-}
-
-const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth = {
-	.pkey_id = EVP_PKEY_GOSTIMIT,
-	.pkey_base_id = EVP_PKEY_GOSTIMIT,
-	.pkey_flags = ASN1_PKEY_SIGPARAM_NULL,
-
-	.pem_str = "GOST-MAC",
-	.info = "GOST 28147-89 MAC",
-
-	.pkey_free = mackey_free_gost,
-	.pkey_ctrl = mac_ctrl_gost,
-};
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost89imit_pmeth.c b/lib/libssl/src/crypto/gost/gost89imit_pmeth.c
deleted file mode 100644
index 00eaf1decc4..00000000000
--- a/lib/libssl/src/crypto/gost/gost89imit_pmeth.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/* $OpenBSD: gost89imit_pmeth.c,v 1.3 2014/11/13 20:29:55 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-#include <openssl/x509v3.h> /* For string_to_hex */
-
-#include "evp_locl.h"
-#include "gost_locl.h"
-
-struct gost_mac_pmeth_data {
-	EVP_MD *md;
-	unsigned char key[32];
-	unsigned key_set :1;
-};
-
-static int
-pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
-{
-	struct gost_mac_pmeth_data *data;
-
-	data = calloc(1, sizeof(struct gost_mac_pmeth_data));
-	if (data == NULL)
-		return 0;
-	EVP_PKEY_CTX_set_data(ctx, data);
-	return 1;
-}
-
-static void
-pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
-{
-	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-	free(data);
-}
-
-static int
-pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	struct gost_mac_pmeth_data *dst_data, *src_data;
-
-	if (pkey_gost_mac_init(dst) == 0)
-		return 0;
-
-	src_data = EVP_PKEY_CTX_get_data(src);
-	dst_data = EVP_PKEY_CTX_get_data(dst);
-
-	*dst_data = *src_data;
-
-	return 1;
-}
-
-static int
-pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-	unsigned char *keydata;
-
-	if (!data->key_set) {
-		GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
-		return 0;
-	}
-
-	keydata = malloc(32);
-	if (keydata == NULL) {
-		GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	memcpy(keydata, data->key, 32);
-	EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
-
-	return 1;
-}
-
-static int
-pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-
-	switch (type) {
-	case EVP_PKEY_CTRL_MD:
-		if (EVP_MD_type(p2) != NID_id_Gost28147_89_MAC) {
-			GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
-			    GOST_R_INVALID_DIGEST_TYPE);
-			return 0;
-		}
-		data->md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_SET_MAC_KEY:
-		if (p1 != 32) {
-			GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
-			    GOST_R_INVALID_MAC_KEY_LENGTH);
-			return 0;
-		}
-
-		memcpy(data->key, p2, 32);
-		data->key_set = 1;
-		return 1;
-
-	case EVP_PKEY_CTRL_DIGESTINIT:
-	    {
-		EVP_MD_CTX *mctx = p2;
-		void *key;
-
-		if (!data->key_set) {
-			EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
-			if (pkey == NULL) {
-				GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
-				    GOST_R_MAC_KEY_NOT_SET);
-				return 0;
-			}
-			key = EVP_PKEY_get0(pkey);
-			if (key == NULL) {
-				GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
-				    GOST_R_MAC_KEY_NOT_SET);
-				return 0;
-			}
-		} else {
-			key = &(data->key);
-		}
-		if (mctx->digest->md_ctrl == NULL)
-			return 0;
-		return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32 * 8,
-		    key);
-	    }
-
-	}
-
-	return -2;
-}
-
-static int
-pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
-	if (value == NULL)
-		return 0;
-	if (strcmp(type, "key") == 0) {
-		void *p = (void *)value;
-		return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
-		    strlen(value), p);
-	}
-	if (strcmp(type, "hexkey") == 0) {
-		unsigned char *key;
-		int r;
-		long keylen;
-
-		key = string_to_hex(value, &keylen);
-		if (key == NULL)
-			return 0;
-		r = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen,
-		    key);
-		free(key);
-		return r;
-	}
-	return -2;
-}
-
-static int
-pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-	return 1;
-}
-
-static int
-pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    EVP_MD_CTX *mctx)
-{
-	/* for platforms where sizeof(int) != sizeof(size_t)*/
-	unsigned int tmpsiglen = *siglen;
-	int ret;
-
-	if (sig == NULL) {
-		*siglen = 4;
-		return 1;
-	}
-
-	ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
-	*siglen = tmpsiglen;
-	return ret;
-}
-
-const EVP_PKEY_METHOD gostimit_pkey_meth = {
-	.pkey_id = EVP_PKEY_GOSTIMIT,
-
-	.init = pkey_gost_mac_init,
-	.cleanup = pkey_gost_mac_cleanup,
-	.copy = pkey_gost_mac_copy,
-
-	.keygen = pkey_gost_mac_keygen,
-
-	.signctx_init = pkey_gost_mac_signctx_init,
-	.signctx = pkey_gost_mac_signctx,
-
-	.ctrl = pkey_gost_mac_ctrl,
-	.ctrl_str = pkey_gost_mac_ctrl_str,
-};
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost_asn1.c b/lib/libssl/src/crypto/gost/gost_asn1.c
deleted file mode 100644
index 2652162777b..00000000000
--- a/lib/libssl/src/crypto/gost/gost_asn1.c
+++ /dev/null
@@ -1,295 +0,0 @@
-/**********************************************************************
- *                          gost_keytrans.c                           *
- *             Copyright (c) 2005-2006 Cryptocom LTD                  *
- *         This file is distributed under the same license as OpenSSL *
- *                                                                    *
- *   ASN1 structure definition for GOST key transport                 *
- *          Requires OpenSSL 0.9.9 for compilation                    *
- **********************************************************************/
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-#include "gost_asn1.h"
-
-static const ASN1_TEMPLATE GOST_KEY_TRANSPORT_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_TRANSPORT, key_info),
-		.field_name = "key_info",
-		.item = &GOST_KEY_INFO_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_TRANSPORT, key_agreement_info),
-		.field_name = "key_agreement_info",
-		.item = &GOST_KEY_AGREEMENT_INFO_it,
-	},
-};
-
-const ASN1_ITEM GOST_KEY_TRANSPORT_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GOST_KEY_TRANSPORT_seq_tt,
-	.tcount = sizeof(GOST_KEY_TRANSPORT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GOST_KEY_TRANSPORT),
-	.sname = "GOST_KEY_TRANSPORT",
-};
-
-GOST_KEY_TRANSPORT *
-d2i_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT **a, const unsigned char **in, long len)
-{
-	return (GOST_KEY_TRANSPORT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GOST_KEY_TRANSPORT_it);
-}
-
-int
-i2d_GOST_KEY_TRANSPORT(GOST_KEY_TRANSPORT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_TRANSPORT_it);
-}
-
-GOST_KEY_TRANSPORT *
-GOST_KEY_TRANSPORT_new(void)
-{
-	return (GOST_KEY_TRANSPORT *)ASN1_item_new(&GOST_KEY_TRANSPORT_it);
-}
-
-void
-GOST_KEY_TRANSPORT_free(GOST_KEY_TRANSPORT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_TRANSPORT_it);
-}
-
-static const ASN1_TEMPLATE GOST_KEY_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_INFO, encrypted_key),
-		.field_name = "encrypted_key",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_INFO, imit),
-		.field_name = "imit",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM GOST_KEY_INFO_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GOST_KEY_INFO_seq_tt,
-	.tcount = sizeof(GOST_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GOST_KEY_INFO),
-	.sname = "GOST_KEY_INFO",
-};
-
-GOST_KEY_INFO *
-d2i_GOST_KEY_INFO(GOST_KEY_INFO **a, const unsigned char **in, long len)
-{
-	return (GOST_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GOST_KEY_INFO_it);
-}
-
-int
-i2d_GOST_KEY_INFO(GOST_KEY_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_INFO_it);
-}
-
-GOST_KEY_INFO *
-GOST_KEY_INFO_new(void)
-{
-	return (GOST_KEY_INFO *)ASN1_item_new(&GOST_KEY_INFO_it);
-}
-
-void
-GOST_KEY_INFO_free(GOST_KEY_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_INFO_it);
-}
-
-static const ASN1_TEMPLATE GOST_KEY_AGREEMENT_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_AGREEMENT_INFO, cipher),
-		.field_name = "cipher",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_AGREEMENT_INFO, ephem_key),
-		.field_name = "ephem_key",
-		.item = &X509_PUBKEY_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_AGREEMENT_INFO, eph_iv),
-		.field_name = "eph_iv",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM GOST_KEY_AGREEMENT_INFO_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GOST_KEY_AGREEMENT_INFO_seq_tt,
-	.tcount = sizeof(GOST_KEY_AGREEMENT_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GOST_KEY_AGREEMENT_INFO),
-	.sname = "GOST_KEY_AGREEMENT_INFO",
-};
-
-GOST_KEY_AGREEMENT_INFO *
-d2i_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO **a, const unsigned char **in, long len)
-{
-	return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GOST_KEY_AGREEMENT_INFO_it);
-}
-
-int
-i2d_GOST_KEY_AGREEMENT_INFO(GOST_KEY_AGREEMENT_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_AGREEMENT_INFO_it);
-}
-
-GOST_KEY_AGREEMENT_INFO *
-GOST_KEY_AGREEMENT_INFO_new(void)
-{
-	return (GOST_KEY_AGREEMENT_INFO *)ASN1_item_new(&GOST_KEY_AGREEMENT_INFO_it);
-}
-
-void
-GOST_KEY_AGREEMENT_INFO_free(GOST_KEY_AGREEMENT_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_AGREEMENT_INFO_it);
-}
-
-
-static const ASN1_TEMPLATE GOST_KEY_PARAMS_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_PARAMS, key_params),
-		.field_name = "key_params",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_PARAMS, hash_params),
-		.field_name = "hash_params",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(GOST_KEY_PARAMS, cipher_params),
-		.field_name = "cipher_params",
-		.item = &ASN1_OBJECT_it,
-	},
-};
-
-const ASN1_ITEM GOST_KEY_PARAMS_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GOST_KEY_PARAMS_seq_tt,
-	.tcount = sizeof(GOST_KEY_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GOST_KEY_PARAMS),
-	.sname = "GOST_KEY_PARAMS",
-};
-
-GOST_KEY_PARAMS *
-d2i_GOST_KEY_PARAMS(GOST_KEY_PARAMS **a, const unsigned char **in, long len)
-{
-	return (GOST_KEY_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GOST_KEY_PARAMS_it);
-}
-
-int
-i2d_GOST_KEY_PARAMS(GOST_KEY_PARAMS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_KEY_PARAMS_it);
-}
-
-GOST_KEY_PARAMS *
-GOST_KEY_PARAMS_new(void)
-{
-	return (GOST_KEY_PARAMS *)ASN1_item_new(&GOST_KEY_PARAMS_it);
-}
-
-void
-GOST_KEY_PARAMS_free(GOST_KEY_PARAMS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GOST_KEY_PARAMS_it);
-}
-
-static const ASN1_TEMPLATE GOST_CIPHER_PARAMS_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_CIPHER_PARAMS, iv),
-		.field_name = "iv",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GOST_CIPHER_PARAMS, enc_param_set),
-		.field_name = "enc_param_set",
-		.item = &ASN1_OBJECT_it,
-	},
-};
-
-const ASN1_ITEM GOST_CIPHER_PARAMS_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GOST_CIPHER_PARAMS_seq_tt,
-	.tcount = sizeof(GOST_CIPHER_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GOST_CIPHER_PARAMS),
-	.sname = "GOST_CIPHER_PARAMS",
-};
-
-GOST_CIPHER_PARAMS *
-d2i_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS **a, const unsigned char **in, long len)
-{
-	return (GOST_CIPHER_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GOST_CIPHER_PARAMS_it);
-}
-
-int
-i2d_GOST_CIPHER_PARAMS(GOST_CIPHER_PARAMS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GOST_CIPHER_PARAMS_it);
-}
-
-GOST_CIPHER_PARAMS *
-GOST_CIPHER_PARAMS_new(void)
-{
-	return (GOST_CIPHER_PARAMS *)ASN1_item_new(&GOST_CIPHER_PARAMS_it);
-}
-
-void
-GOST_CIPHER_PARAMS_free(GOST_CIPHER_PARAMS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GOST_CIPHER_PARAMS_it);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost_asn1.h b/lib/libssl/src/crypto/gost/gost_asn1.h
deleted file mode 100644
index 62719c70cd9..00000000000
--- a/lib/libssl/src/crypto/gost/gost_asn1.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/* $OpenBSD: gost_asn1.h,v 1.1 2014/11/09 19:17:13 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_GOST_ASN1_H
-#define HEADER_GOST_ASN1_H
-
-#include <openssl/asn1.h>
-
-typedef struct {
-	ASN1_OCTET_STRING *encrypted_key;
-	ASN1_OCTET_STRING *imit;
-} GOST_KEY_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
-
-typedef struct {
-	ASN1_OBJECT *cipher;
-	X509_PUBKEY *ephem_key;
-	ASN1_OCTET_STRING *eph_iv;
-} GOST_KEY_AGREEMENT_INFO;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
-
-typedef struct {
-	GOST_KEY_INFO *key_info;
-	GOST_KEY_AGREEMENT_INFO *key_agreement_info;
-} GOST_KEY_TRANSPORT;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
-
-typedef struct {
-	ASN1_OBJECT *key_params;
-	ASN1_OBJECT *hash_params;
-	ASN1_OBJECT *cipher_params;
-} GOST_KEY_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gost_err.c b/lib/libssl/src/crypto/gost/gost_err.c
deleted file mode 100644
index b4e061f985b..00000000000
--- a/lib/libssl/src/crypto/gost/gost_err.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* crypto/gost/gost_err.c */
-/* ====================================================================
- * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_GOST,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_GOST,0,reason)
-
-static ERR_STRING_DATA GOST_str_functs[]=
-	{
-{ERR_FUNC(GOST_F_DECODE_GOST01_ALGOR_PARAMS),	"DECODE_GOST01_ALGOR_PARAMS"},
-{ERR_FUNC(GOST_F_ENCODE_GOST01_ALGOR_PARAMS),	"ENCODE_GOST01_ALGOR_PARAMS"},
-{ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC),	"GOST2001_COMPUTE_PUBLIC"},
-{ERR_FUNC(GOST_F_GOST2001_DO_SIGN),	"GOST2001_DO_SIGN"},
-{ERR_FUNC(GOST_F_GOST2001_DO_VERIFY),	"GOST2001_DO_VERIFY"},
-{ERR_FUNC(GOST_F_GOST2001_KEYGEN),	"GOST2001_KEYGEN"},
-{ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS),	"GOST89_GET_ASN1_PARAMETERS"},
-{ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS),	"GOST89_SET_ASN1_PARAMETERS"},
-{ERR_FUNC(GOST_F_GOST_KEY_CHECK_KEY),	"GOST_KEY_check_key"},
-{ERR_FUNC(GOST_F_GOST_KEY_NEW),	"GOST_KEY_new"},
-{ERR_FUNC(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES),	"GOST_KEY_set_public_key_affine_coordinates"},
-{ERR_FUNC(GOST_F_PARAM_COPY_GOST01),	"PARAM_COPY_GOST01"},
-{ERR_FUNC(GOST_F_PARAM_DECODE_GOST01),	"PARAM_DECODE_GOST01"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_CTRL),	"PKEY_GOST01_CTRL"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_DECRYPT),	"PKEY_GOST01_DECRYPT"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_DERIVE),	"PKEY_GOST01_DERIVE"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_ENCRYPT),	"PKEY_GOST01_ENCRYPT"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN),	"PKEY_GOST01_PARAMGEN"},
-{ERR_FUNC(GOST_F_PKEY_GOST01_SIGN),	"PKEY_GOST01_SIGN"},
-{ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL),	"PKEY_GOST_MAC_CTRL"},
-{ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN),	"PKEY_GOST_MAC_KEYGEN"},
-{ERR_FUNC(GOST_F_PRIV_DECODE_GOST01),	"PRIV_DECODE_GOST01"},
-{ERR_FUNC(GOST_F_PUB_DECODE_GOST01),	"PUB_DECODE_GOST01"},
-{ERR_FUNC(GOST_F_PUB_ENCODE_GOST01),	"PUB_ENCODE_GOST01"},
-{ERR_FUNC(GOST_F_PUB_PRINT_GOST01),	"PUB_PRINT_GOST01"},
-{ERR_FUNC(GOST_F_UNPACK_SIGNATURE_CP),	"UNPACK_SIGNATURE_CP"},
-{ERR_FUNC(GOST_F_UNPACK_SIGNATURE_LE),	"UNPACK_SIGNATURE_LE"},
-{0,NULL}
-	};
-
-static ERR_STRING_DATA GOST_str_reasons[]=
-	{
-{ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),"bad key parameters format"},
-{ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),"bad pkey parameters format"},
-{ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),"cannot pack ephemeral key"},
-{ERR_REASON(GOST_R_CTRL_CALL_FAILED)     ,"ctrl call failed"},
-{ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),"error computing shared key"},
-{ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),"error parsing key transport info"},
-{ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS),"incompatible algorithms"},
-{ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY),"incompatible peer key"},
-{ERR_REASON(GOST_R_INVALID_DIGEST_TYPE)  ,"invalid digest type"},
-{ERR_REASON(GOST_R_INVALID_IV_LENGTH)    ,"invalid iv length"},
-{ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH),"invalid mac key length"},
-{ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED),"key is not initialized"},
-{ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING),"key parameters missing"},
-{ERR_REASON(GOST_R_MAC_KEY_NOT_SET)      ,"mac key not set"},
-{ERR_REASON(GOST_R_NO_PARAMETERS_SET)    ,"no parameters set"},
-{ERR_REASON(GOST_R_NO_PEER_KEY)          ,"no peer key"},
-{ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),"no private part of non ephemeral keypair"},
-{ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED) ,"public key undefined"},
-{ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),"random number generator failed"},
-{ERR_REASON(GOST_R_SIGNATURE_MISMATCH)   ,"signature mismatch"},
-{ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),"signature parts greater than q"},
-{ERR_REASON(GOST_R_UKM_NOT_SET)          ,"ukm not set"},
-{0,NULL}
-	};
-
-#endif
-
-void ERR_load_GOST_strings(void)
-	{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(GOST_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings(0,GOST_str_functs);
-		ERR_load_strings(0,GOST_str_reasons);
-		}
-#endif
-	}
diff --git a/lib/libssl/src/crypto/gost/gost_locl.h b/lib/libssl/src/crypto/gost/gost_locl.h
deleted file mode 100644
index 9036f59771d..00000000000
--- a/lib/libssl/src/crypto/gost/gost_locl.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/* $OpenBSD: gost_locl.h,v 1.3 2014/11/13 20:29:55 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#ifndef HEADER_GOST_LOCL_H
-#define HEADER_GOST_LOCL_H
-
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-
-/* Internal representation of GOST substitution blocks */
-typedef struct {
-	unsigned char k8[16];
-	unsigned char k7[16];
-	unsigned char k6[16];
-	unsigned char k5[16];
-	unsigned char k4[16];
-	unsigned char k3[16];
-	unsigned char k2[16];
-	unsigned char k1[16];
-} gost_subst_block;		
-
-#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#  define c2l(c,l)	((l)=*((const unsigned int *)(c)), (c)+=4)
-#  define l2c(l,c)	(*((unsigned int *)(c))=(l), (c)+=4)
-#else
-#define c2l(c,l)	(l =(((unsigned long)(*((c)++)))    ),		\
-			 l|=(((unsigned long)(*((c)++)))<< 8),		\
-			 l|=(((unsigned long)(*((c)++)))<<16),		\
-			 l|=(((unsigned long)(*((c)++)))<<24))
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff),	\
-			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
-#endif
-
-extern void Gost2814789_encrypt(const unsigned char *in, unsigned char *out,
-	const GOST2814789_KEY *key);
-extern void Gost2814789_decrypt(const unsigned char *in, unsigned char *out,
-	const GOST2814789_KEY *key);
-extern void Gost2814789_cryptopro_key_mesh(GOST2814789_KEY *key);
-
-/* GOST 28147-89 key wrapping */
-extern int gost_key_unwrap_crypto_pro(int nid,
-    const unsigned char *keyExchangeKey, const unsigned char *wrappedKey,
-    unsigned char *sessionKey);
-extern int gost_key_wrap_crypto_pro(int nid,
-    const unsigned char *keyExchangeKey, const unsigned char *ukm,
-    const unsigned char *sessionKey, unsigned char *wrappedKey);
-/* Pkey part */
-extern int gost2001_compute_public(GOST_KEY *ec);
-extern ECDSA_SIG *gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey);
-extern int gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec);
-extern int gost2001_keygen(GOST_KEY *ec);
-extern int VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey,
-    GOST_KEY *priv_key, const BIGNUM *ukm);
-extern BIGNUM *GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn);
-extern int GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len);
-
-/* GOST R 34.10 parameters */
-extern int GostR3410_get_md_digest(int nid);
-extern int GostR3410_get_pk_digest(int nid);
-extern int GostR3410_256_param_id(const char *value);
-extern int GostR3410_512_param_id(const char *value);
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341001.c b/lib/libssl/src/crypto/gost/gostr341001.c
deleted file mode 100644
index c6221e4a012..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341001.c
+++ /dev/null
@@ -1,401 +0,0 @@
-/* $OpenBSD: gostr341001.c,v 1.4 2015/02/14 06:40:04 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-#include "gost_locl.h"
-
-/* Convert little-endian byte array into bignum */
-BIGNUM *
-GOST_le2bn(const unsigned char *buf, size_t len, BIGNUM *bn)
-{
-	unsigned char temp[64];
-	int i;
-
-	if (len > 64)
-		return NULL;
-
-	for (i = 0; i < len; i++) {
-		temp[len - 1 - i] = buf[i];
-	}
-
-	return BN_bin2bn(temp, len, bn);
-}
-
-int
-GOST_bn2le(BIGNUM *bn, unsigned char *buf, int len)
-{
-	unsigned char temp[64];
-	int i, bytes;
-
-	bytes = BN_num_bytes(bn);
-	if (len > 64 || bytes > len)
-		return 0;
-
-	BN_bn2bin(bn, temp);
-
-	for (i = 0; i < bytes; i++) {
-		buf[bytes - 1 - i] = temp[i];
-	}
-
-	memset(buf + bytes, 0, len - bytes);
-
-	return 1;
-}
-
-int
-gost2001_compute_public(GOST_KEY *ec)
-{
-	const EC_GROUP *group = GOST_KEY_get0_group(ec);
-	EC_POINT *pub_key = NULL;
-	const BIGNUM *priv_key = NULL;
-	BN_CTX *ctx = NULL;
-	int ok = 0;
-
-	if (group == NULL) {
-		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,
-		    GOST_R_KEY_IS_NOT_INITIALIZED);
-		return 0;
-	}
-	ctx = BN_CTX_new();
-	if (ctx == NULL) {
-		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((priv_key = GOST_KEY_get0_private_key(ec)) == NULL)
-		goto err;
-
-	pub_key = EC_POINT_new(group);
-	if (pub_key == NULL)
-		goto err;
-	if (EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx) == 0)
-		goto err;
-	if (GOST_KEY_set_public_key(ec, pub_key) == 0)
-		goto err;
-	ok = 1;
-
-	if (ok == 0) {
-err:
-		GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
-	}
-	EC_POINT_free(pub_key);
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	return ok;
-}
-
-ECDSA_SIG *
-gost2001_do_sign(BIGNUM *md, GOST_KEY *eckey)
-{
-	ECDSA_SIG *newsig = NULL;
-	BIGNUM *order = NULL;
-	const EC_GROUP *group;
-	const BIGNUM *priv_key;
-	BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k =
-	    NULL, *e = NULL;
-	EC_POINT *C = NULL;
-	BN_CTX *ctx = BN_CTX_new();
-	int ok = 0;
-
-	if (ctx == NULL) {
-		GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	BN_CTX_start(ctx);
-	newsig = ECDSA_SIG_new();
-	if (newsig == NULL) {
-		GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	s = newsig->s;
-	r = newsig->r;
-	group = GOST_KEY_get0_group(eckey);
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (EC_GROUP_get_order(group, order, ctx) == 0)
-		goto err;
-	priv_key = GOST_KEY_get0_private_key(eckey);
-	if ((e = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (BN_mod(e, md, order, ctx) == 0)
-		goto err;
-	if (BN_is_zero(e))
-		BN_one(e);
-	if ((k = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((C = EC_POINT_new(group)) == NULL)
-		goto err;
-	do {
-		do {
-			if (!BN_rand_range(k, order)) {
-				GOSTerr(GOST_F_GOST2001_DO_SIGN,
-					GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
-				goto err;
-			}
-			/*
-			 * We do not want timing information to leak the length
-			 * of k, so we compute G*k using an equivalent scalar
-			 * of fixed bit-length.
-			 */
-			if (BN_add(k, k, order) == 0)
-				goto err;
-			if (BN_num_bits(k) <= BN_num_bits(order))
-				if (BN_add(k, k, order) == 0)
-					goto err;
-
-			if (EC_POINT_mul(group, C, k, NULL, NULL, ctx) == 0) {
-				GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
-				goto err;
-			}
-			if (EC_POINT_get_affine_coordinates_GFp(group, C, X,
-			    NULL, ctx) == 0) {
-				GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
-				goto err;
-			}
-			if (BN_nnmod(r, X, order, ctx) == 0)
-				goto err;
-		} while (BN_is_zero(r));
-		/* s = (r*priv_key+k*e) mod order */
-		if (tmp == NULL) {
-			if ((tmp = BN_CTX_get(ctx)) == NULL)
-				goto err;
-		}
-		if (BN_mod_mul(tmp, priv_key, r, order, ctx) == 0)
-			goto err;
-		if (tmp2 == NULL) {
-			if ((tmp2 = BN_CTX_get(ctx)) == NULL)
-				goto err;
-		}
-		if (BN_mod_mul(tmp2, k, e, order, ctx) == 0)
-			goto err;
-		if (BN_mod_add(s, tmp, tmp2, order, ctx) == 0)
-			goto err;
-	} while (BN_is_zero(s));
-	ok = 1;
-
-err:
-	EC_POINT_free(C);
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	if (ok == 0) {
-		ECDSA_SIG_free(newsig);
-		newsig = NULL;
-	}
-	return newsig;
-}
-
-int
-gost2001_do_verify(BIGNUM *md, ECDSA_SIG *sig, GOST_KEY *ec)
-{
-	BN_CTX *ctx = BN_CTX_new();
-	const EC_GROUP *group = GOST_KEY_get0_group(ec);
-	BIGNUM *order;
-	BIGNUM *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 = NULL;
-	BIGNUM *X = NULL, *tmp = NULL;
-	EC_POINT *C = NULL;
-	const EC_POINT *pub_key = NULL;
-	int ok = 0;
-
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((e = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((z1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((z2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((tmp = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((R = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((v = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (EC_GROUP_get_order(group, order, ctx) == 0)
-		goto err;
-	pub_key = GOST_KEY_get0_public_key(ec);
-	if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
-	    BN_cmp(sig->s, order) >= 1 || BN_cmp(sig->r, order) >= 1) {
-		GOSTerr(GOST_F_GOST2001_DO_VERIFY,
-		    GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
-		goto err;
-	}
-
-	if (BN_mod(e, md, order, ctx) == 0)
-		goto err;
-	if (BN_is_zero(e))
-		BN_one(e);
-	if ((v = BN_mod_inverse(v, e, order, ctx)) == NULL)
-		goto err;
-	if (BN_mod_mul(z1, sig->s, v, order, ctx) == 0)
-		goto err;
-	if (BN_sub(tmp, order, sig->r) == 0)
-		goto err;
-	if (BN_mod_mul(z2, tmp, v, order, ctx) == 0)
-		goto err;
-	if ((C = EC_POINT_new(group)) == NULL)
-		goto err;
-	if (EC_POINT_mul(group, C, z1, pub_key, z2, ctx) == 0) {
-		GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx) == 0) {
-		GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (BN_mod(R, X, order, ctx) == 0)
-		goto err;
-	if (BN_cmp(R, sig->r) != 0) {
-		GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
-	} else {
-		ok = 1;
-	}
-err:
-	EC_POINT_free(C);
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	return ok;
-}
-
-/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
-int
-VKO_compute_key(BIGNUM *X, BIGNUM *Y, const GOST_KEY *pkey, GOST_KEY *priv_key,
-    const BIGNUM *ukm)
-{
-	BIGNUM *p = NULL, *order = NULL;
-	const BIGNUM *key = GOST_KEY_get0_private_key(priv_key);
-	const EC_GROUP *group = GOST_KEY_get0_group(priv_key);
-	const EC_POINT *pub_key = GOST_KEY_get0_public_key(pkey);
-	EC_POINT *pnt;
-	BN_CTX *ctx = NULL;
-	int ok = 0;
-
-	pnt = EC_POINT_new(group);
-	if (pnt == NULL)
-		goto err;
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((p = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((order = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (EC_GROUP_get_order(group, order, ctx) == 0)
-		goto err;
-	if (BN_mod_mul(p, key, ukm, order, ctx) == 0)
-		goto err;
-	if (EC_POINT_mul(group, pnt, NULL, pub_key, p, ctx) == 0)
-		goto err;
-	if (EC_POINT_get_affine_coordinates_GFp(group, pnt, X, Y, ctx) == 0)
-		goto err;
-	ok = 1;
-
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	EC_POINT_free(pnt);
-	return ok;
-}
-
-int
-gost2001_keygen(GOST_KEY *ec)
-{
-	BIGNUM *order = BN_new(), *d = BN_new();
-	const EC_GROUP *group = GOST_KEY_get0_group(ec);
-	int rc = 0;
-
-	if (order == NULL || d == NULL)
-		goto err;
-	if (EC_GROUP_get_order(group, order, NULL) == 0)
-		goto err;
-
-	do {
-		if (BN_rand_range(d, order) == 0) {
-			GOSTerr(GOST_F_GOST2001_KEYGEN,
-				GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
-			goto err;
-		}
-	} while (BN_is_zero(d));
-
-	if (GOST_KEY_set_private_key(ec, d) == 0)
-		goto err;
-	rc = gost2001_compute_public(ec);
-
-err:
-	BN_free(d);
-	BN_free(order);
-	return rc;
-}
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341001_ameth.c b/lib/libssl/src/crypto/gost/gostr341001_ameth.c
deleted file mode 100644
index 3153d2f2eb8..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341001_ameth.c
+++ /dev/null
@@ -1,737 +0,0 @@
-/* $OpenBSD: gostr341001_ameth.c,v 1.9 2015/02/14 06:40:04 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/ec.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/gost.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-
-#include "asn1_locl.h"
-#include "gost_locl.h"
-#include "gost_asn1.h"
-
-static void
-pkey_free_gost01(EVP_PKEY *key)
-{
-	GOST_KEY_free(key->pkey.gost);
-}
-
-/*
- * Parses GOST algorithm parameters from X509_ALGOR and
- * modifies pkey setting NID and parameters
- */
-static int
-decode_gost01_algor_params(EVP_PKEY *pkey, const unsigned char **p, int len)
-{
-	int param_nid = NID_undef, digest_nid = NID_undef;
-	GOST_KEY_PARAMS *gkp = NULL;
-	EC_GROUP *group;
-	GOST_KEY *ec;
-
-	gkp = d2i_GOST_KEY_PARAMS(NULL, p, len);
-	if (gkp == NULL) {
-		GOSTerr(GOST_F_DECODE_GOST01_ALGOR_PARAMS,
-			GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
-		return 0;
-	}
-	param_nid = OBJ_obj2nid(gkp->key_params);
-	digest_nid = OBJ_obj2nid(gkp->hash_params);
-	GOST_KEY_PARAMS_free(gkp);
-
-	ec = pkey->pkey.gost;
-	if (ec == NULL) {
-		ec = GOST_KEY_new();
-		if (ec == NULL)
-			return 0;
-		if (EVP_PKEY_assign_GOST(pkey, ec) == 0)
-			return 0;
-	}
-
-	group = EC_GROUP_new_by_curve_name(param_nid);
-	if (group == NULL)
-		return 0;
-	EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
-	if (GOST_KEY_set_group(ec, group) == 0) {
-		EC_GROUP_free(group);
-		return 0;
-	}
-	EC_GROUP_free(group);
-	if (GOST_KEY_set_digest(ec, digest_nid) == 0)
-		return 0;
-	return 1;
-}
-
-static ASN1_STRING *
-encode_gost01_algor_params(const EVP_PKEY *key)
-{
-	ASN1_STRING *params = ASN1_STRING_new();
-	GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
-	int pkey_param_nid = NID_undef;
-
-	if (params == NULL || gkp == NULL) {
-		GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS,
-		    ERR_R_MALLOC_FAILURE);
-		ASN1_STRING_free(params);
-		params = NULL;
-		goto err;
-	}
-
-	pkey_param_nid =
-	    EC_GROUP_get_curve_name(GOST_KEY_get0_group(key->pkey.gost));
-	gkp->key_params = OBJ_nid2obj(pkey_param_nid);
-	gkp->hash_params = OBJ_nid2obj(GOST_KEY_get_digest(key->pkey.gost));
-	/*gkp->cipher_params = OBJ_nid2obj(cipher_param_nid); */
-	params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
-	if (params->length <= 0) {
-		GOSTerr(GOST_F_ENCODE_GOST01_ALGOR_PARAMS,
-		    ERR_R_MALLOC_FAILURE);
-		ASN1_STRING_free(params);
-		params = NULL;
-		goto err;
-	}
-	params->type = V_ASN1_SEQUENCE;
-err:
-	GOST_KEY_PARAMS_free(gkp);
-	return params;
-}
-
-static int
-pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	const GOST_KEY *ea = a->pkey.gost;
-	const GOST_KEY *eb = b->pkey.gost;
-	const EC_POINT *ka, *kb;
-	int ret = 0;
-
-	if (ea == NULL || eb == NULL)
-		return 0;
-	ka = GOST_KEY_get0_public_key(ea);
-	kb = GOST_KEY_get0_public_key(eb);
-	if (ka == NULL || kb == NULL)
-		return 0;
-	ret = (0 == EC_POINT_cmp(GOST_KEY_get0_group(ea), ka, kb, NULL));
-	return ret;
-}
-
-static int
-pkey_size_gost01(const EVP_PKEY *pk)
-{
-	if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
-		return 128;
-	return 64;
-}
-
-static int
-pkey_bits_gost01(const EVP_PKEY *pk)
-{
-	if (GOST_KEY_get_digest(pk->pkey.gost) == NID_id_tc26_gost3411_2012_512)
-		return 512;
-	return 256;
-}
-
-static int
-pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
-{
-	X509_ALGOR *palg = NULL;
-	const unsigned char *pubkey_buf = NULL;
-	const unsigned char *p;
-	ASN1_OBJECT *palgobj = NULL;
-	int pub_len;
-	BIGNUM *X, *Y;
-	ASN1_OCTET_STRING *octet = NULL;
-	int len;
-	int ret;
-	int ptype = V_ASN1_UNDEF;
-	ASN1_STRING *pval = NULL;
-
-	if (X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub)
-	    == 0)
-		return 0;
-	(void)EVP_PKEY_assign_GOST(pk, NULL);
-	X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
-	if (ptype != V_ASN1_SEQUENCE) {
-		GOSTerr(GOST_F_PUB_DECODE_GOST01,
-		    GOST_R_BAD_KEY_PARAMETERS_FORMAT);
-		return 0;
-	}
-	p = pval->data;
-	if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
-		return 0;
-
-	octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
-	if (octet == NULL) {
-		GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	len = octet->length / 2;
-
-	X = GOST_le2bn(octet->data, len, NULL);
-	Y = GOST_le2bn(octet->data + len, len, NULL);
-
-	ASN1_OCTET_STRING_free(octet);
-
-	ret = GOST_KEY_set_public_key_affine_coordinates(pk->pkey.gost, X, Y);
-	if (ret == 0)
-		GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB);
-
-	BN_free(X);
-	BN_free(Y);
-
-	return ret;
-}
-
-static int
-pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
-{
-	ASN1_OBJECT *algobj = NULL;
-	ASN1_OCTET_STRING *octet = NULL;
-	ASN1_STRING *params = NULL;
-	void *pval = NULL;
-	unsigned char *buf = NULL, *sptr;
-	int key_size, ret = 0;
-	const EC_POINT *pub_key;
-	BIGNUM *X = NULL, *Y = NULL;
-	const GOST_KEY *ec = pk->pkey.gost;
-	int ptype = V_ASN1_UNDEF;
-
-	algobj = OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(ec)));
-	if (pk->save_parameters) {
-		params = encode_gost01_algor_params(pk);
-		if (params == NULL)
-			return 0;
-		pval = params;
-		ptype = V_ASN1_SEQUENCE;
-	}
-
-	key_size = GOST_KEY_get_size(ec);
-
-	pub_key = GOST_KEY_get0_public_key(ec);
-	if (pub_key == NULL) {
-		GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED);
-		goto err;
-	}
-
-	octet = ASN1_OCTET_STRING_new();
-	if (octet == NULL) {
-		GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	ret = ASN1_STRING_set(octet, NULL, 2 * key_size);
-	if (ret == 0) {
-		GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-
-	sptr = ASN1_STRING_data(octet);
-
-	X = BN_new();
-	Y = BN_new();
-	if (X == NULL || Y == NULL) {
-		GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EC_POINT_get_affine_coordinates_GFp(GOST_KEY_get0_group(ec),
-	    pub_key, X, Y, NULL) == 0) {
-		GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_EC_LIB);
-		goto err;
-	}
-
-	GOST_bn2le(X, sptr, key_size);
-	GOST_bn2le(Y, sptr + key_size, key_size);
-
-	BN_free(Y);
-	BN_free(X);
-
-	ret = i2d_ASN1_OCTET_STRING(octet, &buf);
-	ASN1_BIT_STRING_free(octet);
-	if (ret < 0)
-		return 0;
-
-	return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
-
-err:
-	BN_free(Y);
-	BN_free(X);
-	ASN1_BIT_STRING_free(octet);
-	ASN1_STRING_free(params);
-	return 0;
-}
-
-static int
-param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
-{
-	int param_nid =
-	    EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost));
-
-	if (BIO_indent(out, indent, 128) == 0)
-		return 0;
-	BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
-	if (BIO_indent(out, indent, 128) == 0)
-		return 0;
-	BIO_printf(out, "Digest Algorithm: %s\n",
-	    OBJ_nid2ln(GOST_KEY_get_digest(pkey->pkey.gost)));
-	return 1;
-}
-
-static int
-pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
-{
-	BN_CTX *ctx = BN_CTX_new();
-	BIGNUM *X, *Y;
-	const EC_POINT *pubkey;
-	const EC_GROUP *group;
-
-	if (ctx == NULL) {
-		GOSTerr(GOST_F_PUB_PRINT_GOST01, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	BN_CTX_start(ctx);
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	pubkey = GOST_KEY_get0_public_key(pkey->pkey.gost);
-	group = GOST_KEY_get0_group(pkey->pkey.gost);
-	if (EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y,
-	    ctx) == 0) {
-		GOSTerr(GOST_F_PUB_PRINT_GOST01, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (BIO_indent(out, indent, 128) == 0)
-		goto err;
-	BIO_printf(out, "Public key:\n");
-	if (BIO_indent(out, indent + 3, 128) == 0)
-		goto err;
-	BIO_printf(out, "X:");
-	BN_print(out, X);
-	BIO_printf(out, "\n");
-	BIO_indent(out, indent + 3, 128);
-	BIO_printf(out, "Y:");
-	BN_print(out, Y);
-	BIO_printf(out, "\n");
-
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-
-	return param_print_gost01(out, pkey, indent, pctx);
-
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	return 0;
-}
-
-static int
-priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx)
-{
-	const BIGNUM *key;
-
-	if (BIO_indent(out, indent, 128) == 0)
-		return 0;
-	BIO_printf(out, "Private key: ");
-	key = GOST_KEY_get0_private_key(pkey->pkey.gost);
-	if (key == NULL)
-		BIO_printf(out, "<undefined)");
-	else
-		BN_print(out, key);
-	BIO_printf(out, "\n");
-
-	return pub_print_gost01(out, pkey, indent, pctx);
-}
-
-static int
-priv_decode_gost01(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
-{
-	const unsigned char *pkey_buf = NULL, *p = NULL;
-	int priv_len = 0;
-	BIGNUM *pk_num = NULL;
-	int ret = 0;
-	X509_ALGOR *palg = NULL;
-	ASN1_OBJECT *palg_obj = NULL;
-	ASN1_INTEGER *priv_key = NULL;
-	GOST_KEY *ec;
-	int ptype = V_ASN1_UNDEF;
-	ASN1_STRING *pval = NULL;
-
-	if (PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf) == 0)
-		return 0;
-	(void)EVP_PKEY_assign_GOST(pk, NULL);
-	X509_ALGOR_get0(NULL, &ptype, (void **)&pval, palg);
-	if (ptype != V_ASN1_SEQUENCE) {
-		GOSTerr(GOST_F_PUB_DECODE_GOST01,
-		    GOST_R_BAD_KEY_PARAMETERS_FORMAT);
-		return 0;
-	}
-	p = pval->data;
-	if (decode_gost01_algor_params(pk, &p, pval->length) == 0)
-		return 0;
-	p = pkey_buf;
-	if (V_ASN1_OCTET_STRING == *p) {
-		/* New format - Little endian octet string */
-		unsigned char rev_buf[32];
-		int i;
-		ASN1_OCTET_STRING *s =
-		    d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
-
-		if (s == NULL || s->length != 32) {
-			GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR);
-			ASN1_STRING_free(s);
-			return 0;
-		}
-		for (i = 0; i < 32; i++) {
-			rev_buf[31 - i] = s->data[i];
-		}
-		ASN1_STRING_free(s);
-		pk_num = BN_bin2bn(rev_buf, 32, NULL);
-	} else {
-		priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
-		if (priv_key == NULL)
-			return 0;
-		ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL);
-		ASN1_INTEGER_free(priv_key);
-		if (ret == 0) {
-			GOSTerr(GOST_F_PRIV_DECODE_GOST01, EVP_R_DECODE_ERROR);
-			return 0;
-		}
-	}
-
-	ec = pk->pkey.gost;
-	if (ec == NULL) {
-		ec = GOST_KEY_new();
-		if (ec == NULL) {
-			BN_free(pk_num);
-			return 0;
-		}
-		if (EVP_PKEY_assign_GOST(pk, ec) == 0) {
-			BN_free(pk_num);
-			GOST_KEY_free(ec);
-			return 0;
-		}
-	}
-	if (GOST_KEY_set_private_key(ec, pk_num) == 0) {
-		BN_free(pk_num);
-		return 0;
-	}
-	ret = 0;
-	if (EVP_PKEY_missing_parameters(pk) == 0)
-		ret = gost2001_compute_public(ec) != 0;
-	BN_free(pk_num);
-
-	return ret;
-}
-
-static int
-priv_encode_gost01(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
-{
-	ASN1_OBJECT *algobj =
-	    OBJ_nid2obj(GostR3410_get_pk_digest(GOST_KEY_get_digest(pk->pkey.gost)));
-	ASN1_STRING *params = encode_gost01_algor_params(pk);
-	unsigned char *priv_buf = NULL;
-	int priv_len;
-	ASN1_INTEGER *asn1key = NULL;
-
-	if (params == NULL)
-		return 0;
-
-	asn1key = BN_to_ASN1_INTEGER(GOST_KEY_get0_private_key(pk->pkey.gost),
-	    NULL);
-	if (asn1key == NULL) {
-		ASN1_STRING_free(params);
-		return 0;
-	}
-	priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf);
-	ASN1_INTEGER_free(asn1key);
-	return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params, priv_buf,
-	    priv_len);
-}
-
-static int
-param_encode_gost01(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	ASN1_STRING *params = encode_gost01_algor_params(pkey);
-	int len;
-
-	if (params == NULL)
-		return 0;
-	len = params->length;
-	if (pder != NULL)
-		memcpy(*pder, params->data, params->length);
-	ASN1_STRING_free(params);
-	return len;
-}
-
-static int
-param_decode_gost01(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	ASN1_OBJECT *obj = NULL;
-	int nid;
-	GOST_KEY *ec;
-	EC_GROUP *group;
-	int ret;
-
-	/* New format */
-	if ((V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED) == **pder)
-		return decode_gost01_algor_params(pkey, pder, derlen);
-
-	/* Compatibility */
-	if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
-		GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	nid = OBJ_obj2nid(obj);
-	ASN1_OBJECT_free(obj);
-
-	ec = GOST_KEY_new();
-	if (ec == NULL) {
-		GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	group = EC_GROUP_new_by_curve_name(nid);
-	if (group == NULL) {
-		GOSTerr(GOST_F_PARAM_DECODE_GOST01,
-		    EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
-		GOST_KEY_free(ec);
-		return 0;
-	}
-
-	EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
-	if (GOST_KEY_set_group(ec, group) == 0) {
-		GOSTerr(GOST_F_PARAM_DECODE_GOST01, ERR_R_EC_LIB);
-		EC_GROUP_free(group);
-		GOST_KEY_free(ec);
-		return 0;
-	}
-	EC_GROUP_free(group);
-	if (GOST_KEY_set_digest(ec,
-	    NID_id_GostR3411_94_CryptoProParamSet) == 0) {
-		GOSTerr(GOST_F_PARAM_DECODE_GOST01, GOST_R_INVALID_DIGEST_TYPE);
-		GOST_KEY_free(ec);
-		return 0;
-	}
-	ret = EVP_PKEY_assign_GOST(pkey, ec);
-	if (ret == 0)
-		GOST_KEY_free(ec);
-	return ret;
-}
-
-static int
-param_missing_gost01(const EVP_PKEY *pk)
-{
-	const GOST_KEY *ec = pk->pkey.gost;
-
-	if (ec == NULL)
-		return 1;
-	if (GOST_KEY_get0_group(ec) == NULL)
-		return 1;
-	if (GOST_KEY_get_digest(ec) == NID_undef)
-		return 1;
-	return 0;
-}
-
-static int
-param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
-{
-	GOST_KEY *eto = to->pkey.gost;
-	const GOST_KEY *efrom = from->pkey.gost;
-	int ret = 1;
-
-	if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
-		GOSTerr(GOST_F_PARAM_COPY_GOST01,
-		    GOST_R_INCOMPATIBLE_ALGORITHMS);
-		return 0;
-	}
-	if (efrom == NULL) {
-		GOSTerr(GOST_F_PARAM_COPY_GOST01,
-		    GOST_R_KEY_PARAMETERS_MISSING);
-		return 0;
-	}
-	if (eto == NULL) {
-		eto = GOST_KEY_new();
-		if (eto == NULL) {
-			GOSTerr(GOST_F_PARAM_COPY_GOST01,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if (EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto) == 0) {
-			GOST_KEY_free(eto);
-			return 0;
-		}
-	}
-	GOST_KEY_set_group(eto, GOST_KEY_get0_group(efrom));
-	GOST_KEY_set_digest(eto, GOST_KEY_get_digest(efrom));
-	if (GOST_KEY_get0_private_key(eto) != NULL)
-		ret = gost2001_compute_public(eto);
-
-	return ret;
-}
-
-static int
-param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (EC_GROUP_get_curve_name(GOST_KEY_get0_group(a->pkey.gost)) !=
-	    EC_GROUP_get_curve_name(GOST_KEY_get0_group(b->pkey.gost)))
-		return 0;
-
-	if (GOST_KEY_get_digest(a->pkey.gost) !=
-	    GOST_KEY_get_digest(b->pkey.gost))
-		return 0;
-
-	return 1;
-}
-
-static int
-pkey_ctrl_gost01(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-	X509_ALGOR *alg1 = NULL, *alg2 = NULL, *alg3 = NULL;
-	int digest = GOST_KEY_get_digest(pkey->pkey.gost);
-
-	switch (op) {
-	case ASN1_PKEY_CTRL_PKCS7_SIGN:
-		if (arg1 == 0)
-			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
-		break;
-
-	case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
-		if (arg1 == 0)
-			PKCS7_RECIP_INFO_get0_alg(arg2, &alg3);
-		break;
-#ifndef OPENSSL_NO_CMS
-	case ASN1_PKEY_CTRL_CMS_SIGN:
-		if (arg1 == 0)
-			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
-		break;
-
-	case ASN1_PKEY_CTRL_CMS_ENVELOPE:
-		if (arg1 == 0)
-			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg3);
-		break;
-#endif
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *)arg2 = GostR3410_get_md_digest(digest);
-		return 2;
-
-	default:
-		return -2;
-	}
-
-	if (alg1)
-		X509_ALGOR_set0(alg1, OBJ_nid2obj(GostR3410_get_md_digest(digest)), V_ASN1_NULL, 0);
-	if (alg2)
-		X509_ALGOR_set0(alg2, OBJ_nid2obj(GostR3410_get_pk_digest(digest)), V_ASN1_NULL, 0);
-	if (alg3) {
-		ASN1_STRING *params = encode_gost01_algor_params(pkey);
-		if (params == NULL) {
-			return -1;
-		}
-		X509_ALGOR_set0(alg3,
-		    OBJ_nid2obj(GostR3410_get_pk_digest(digest)),
-		    V_ASN1_SEQUENCE, params);
-	}
-
-	return 1;
-}
-
-const EVP_PKEY_ASN1_METHOD gostr01_asn1_meths[] = {
-	{
-		.pkey_id = EVP_PKEY_GOSTR01,
-		.pkey_base_id = EVP_PKEY_GOSTR01,
-		.pkey_flags = ASN1_PKEY_SIGPARAM_NULL,
-
-		.pem_str = "GOST2001",
-		.info = "GOST R 34.10-2001",
-
-		.pkey_free = pkey_free_gost01,
-		.pkey_ctrl = pkey_ctrl_gost01,
-
-		.priv_decode = priv_decode_gost01,
-		.priv_encode = priv_encode_gost01,
-		.priv_print = priv_print_gost01,
-
-		.param_decode = param_decode_gost01,
-		.param_encode = param_encode_gost01,
-		.param_missing = param_missing_gost01,
-		.param_copy = param_copy_gost01,
-		.param_cmp = param_cmp_gost01,
-		.param_print = param_print_gost01,
-
-		.pub_decode = pub_decode_gost01,
-		.pub_encode = pub_encode_gost01,
-		.pub_cmp = pub_cmp_gost01,
-		.pub_print = pub_print_gost01,
-		.pkey_size = pkey_size_gost01,
-		.pkey_bits = pkey_bits_gost01,
-	},
-	{
-		.pkey_id = EVP_PKEY_GOSTR12_256,
-		.pkey_base_id = EVP_PKEY_GOSTR01,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-	{
-		.pkey_id = EVP_PKEY_GOSTR12_512,
-		.pkey_base_id = EVP_PKEY_GOSTR01,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	},
-};
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341001_key.c b/lib/libssl/src/crypto/gost/gostr341001_key.c
deleted file mode 100644
index 894a189e3bc..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341001_key.c
+++ /dev/null
@@ -1,322 +0,0 @@
-/* $OpenBSD: gostr341001_key.c,v 1.6 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-#include <openssl/objects.h>
-#include "gost_locl.h"
-
-struct gost_key_st {
-	EC_GROUP *group;
-
-	EC_POINT *pub_key;
-	BIGNUM	 *priv_key;
-
-	int	references;
-
-	int digest_nid;
-};
-
-GOST_KEY *
-GOST_KEY_new(void)
-{
-	GOST_KEY *ret;
-
-	ret = malloc(sizeof(GOST_KEY));
-	if (ret == NULL) {
-		GOSTerr(GOST_F_GOST_KEY_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->group = NULL;
-	ret->pub_key = NULL;
-	ret->priv_key = NULL;
-	ret->references = 1;
-	ret->digest_nid = NID_undef;
-	return (ret);
-}
-
-void
-GOST_KEY_free(GOST_KEY *r)
-{
-	int i;
-
-	if (r == NULL)
-		return;
-
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
-	if (i > 0)
-		return;
-
-	EC_GROUP_free(r->group);
-	EC_POINT_free(r->pub_key);
-	BN_clear_free(r->priv_key);
-
-	explicit_bzero((void *)r, sizeof(GOST_KEY));
-	free(r);
-}
-
-int
-GOST_KEY_check_key(const GOST_KEY *key)
-{
-	int ok = 0;
-	BN_CTX *ctx = NULL;
-	BIGNUM *order = NULL;
-	EC_POINT *point = NULL;
-
-	if (key == NULL || key->group == NULL || key->pub_key == NULL) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	if (EC_POINT_is_at_infinity(key->group, key->pub_key) != 0) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
-		goto err;
-	}
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-	if ((point = EC_POINT_new(key->group)) == NULL)
-		goto err;
-
-	/* testing whether the pub_key is on the elliptic curve */
-	if (EC_POINT_is_on_curve(key->group, key->pub_key, ctx) == 0) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
-		goto err;
-	}
-	/* testing whether pub_key * order is the point at infinity */
-	if ((order = BN_new()) == NULL)
-		goto err;
-	if (EC_GROUP_get_order(key->group, order, ctx) == 0) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
-		goto err;
-	}
-	if (EC_POINT_mul(key->group, point, NULL, key->pub_key, order,
-	    ctx) == 0) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB);
-		goto err;
-	}
-	if (EC_POINT_is_at_infinity(key->group, point) == 0) {
-		GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-		goto err;
-	}
-	/*
-	 * in case the priv_key is present : check if generator * priv_key ==
-	 * pub_key
-	 */
-	if (key->priv_key != NULL) {
-		if (BN_cmp(key->priv_key, order) >= 0) {
-			GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
-			goto err;
-		}
-		if (EC_POINT_mul(key->group, point, key->priv_key, NULL, NULL,
-		    ctx) == 0) {
-			GOSTerr(GOST_F_GOST_KEY_CHECK_KEY, ERR_R_EC_LIB);
-			goto err;
-		}
-		if (EC_POINT_cmp(key->group, point, key->pub_key, ctx) != 0) {
-			GOSTerr(GOST_F_GOST_KEY_CHECK_KEY,
-			    EC_R_INVALID_PRIVATE_KEY);
-			goto err;
-		}
-	}
-	ok = 1;
-err:
-	BN_free(order);
-	BN_CTX_free(ctx);
-	EC_POINT_free(point);
-	return (ok);
-}
-
-int
-GOST_KEY_set_public_key_affine_coordinates(GOST_KEY *key, BIGNUM *x, BIGNUM *y)
-{
-	BN_CTX *ctx = NULL;
-	BIGNUM *tx, *ty;
-	EC_POINT *point = NULL;
-	int ok = 0;
-
-	if (key == NULL || key->group == NULL || x == NULL || y == NULL) {
-		GOSTerr(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return 0;
-	}
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-
-	point = EC_POINT_new(key->group);
-	if (point == NULL)
-		goto err;
-
-	if ((tx = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((ty = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if (EC_POINT_set_affine_coordinates_GFp(key->group, point, x, y,
-	    ctx) == 0)
-		goto err;
-	if (EC_POINT_get_affine_coordinates_GFp(key->group, point, tx, ty,
-	    ctx) == 0)
-		goto err;
-	/*
-	 * Check if retrieved coordinates match originals: if not, values are
-	 * out of range.
-	 */
-	if (BN_cmp(x, tx) != 0 || BN_cmp(y, ty) != 0) {
-		GOSTerr(GOST_F_GOST_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
-		    EC_R_COORDINATES_OUT_OF_RANGE);
-		goto err;
-	}
-	if (GOST_KEY_set_public_key(key, point) == 0)
-		goto err;
-
-	if (GOST_KEY_check_key(key) == 0)
-		goto err;
-
-	ok = 1;
-
-err:
-	EC_POINT_free(point);
-	BN_CTX_free(ctx);
-	return ok;
-
-}
-
-const EC_GROUP *
-GOST_KEY_get0_group(const GOST_KEY *key)
-{
-	return key->group;
-}
-
-int
-GOST_KEY_set_group(GOST_KEY *key, const EC_GROUP *group)
-{
-	EC_GROUP_free(key->group);
-	key->group = EC_GROUP_dup(group);
-	return (key->group == NULL) ? 0 : 1;
-}
-
-const BIGNUM *
-GOST_KEY_get0_private_key(const GOST_KEY *key)
-{
-	return key->priv_key;
-}
-
-int
-GOST_KEY_set_private_key(GOST_KEY *key, const BIGNUM *priv_key)
-{
-	BN_clear_free(key->priv_key);
-	key->priv_key = BN_dup(priv_key);
-	return (key->priv_key == NULL) ? 0 : 1;
-}
-
-const EC_POINT *
-GOST_KEY_get0_public_key(const GOST_KEY *key)
-{
-	return key->pub_key;
-}
-
-int
-GOST_KEY_set_public_key(GOST_KEY *key, const EC_POINT *pub_key)
-{
-	EC_POINT_free(key->pub_key);
-	key->pub_key = EC_POINT_dup(pub_key, key->group);
-	return (key->pub_key == NULL) ? 0 : 1;
-}
-
-int
-GOST_KEY_get_digest(const GOST_KEY *key)
-{
-	return key->digest_nid;
-}
-int
-GOST_KEY_set_digest(GOST_KEY *key, int digest_nid)
-{
-	if (digest_nid == NID_id_GostR3411_94_CryptoProParamSet ||
-	    digest_nid == NID_id_tc26_gost3411_2012_256 ||
-	    digest_nid == NID_id_tc26_gost3411_2012_512) {
-		key->digest_nid = digest_nid;
-		return 1;
-	}
-
-	return 0;
-}
-
-size_t
-GOST_KEY_get_size(const GOST_KEY *r)
-{
-	int i;
-	BIGNUM *order = NULL;
-	const EC_GROUP *group;
-
-	if (r == NULL)
-		return 0;
-	group = GOST_KEY_get0_group(r);
-	if (group == NULL)
-		return 0;
-
-	if ((order = BN_new()) == NULL)
-		return 0;
-
-	if (EC_GROUP_get_order(group, order, NULL) == 0) {
-		BN_clear_free(order);
-		return 0;
-	}
-
-	i = BN_num_bytes(order);
-	BN_clear_free(order);
-	return (i);
-}
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341001_params.c b/lib/libssl/src/crypto/gost/gostr341001_params.c
deleted file mode 100644
index 6500c30f317..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341001_params.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* $OpenBSD: gostr341001_params.c,v 1.3 2015/07/20 22:42:56 bcook Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/objects.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-int
-GostR3410_get_md_digest(int nid)
-{
-	if (nid == NID_id_GostR3411_94_CryptoProParamSet)
-		return NID_id_GostR3411_94;
-	return nid;
-}
-
-int
-GostR3410_get_pk_digest(int nid)
-{
-	switch (nid) {
-	case NID_id_GostR3411_94_CryptoProParamSet:
-		return NID_id_GostR3410_2001;
-	case NID_id_tc26_gost3411_2012_256:
-		return NID_id_tc26_gost3410_2012_256;
-	case NID_id_tc26_gost3411_2012_512:
-		return NID_id_tc26_gost3410_2012_512;
-	default:
-		return NID_undef;
-	}
-}
-
-typedef struct GostR3410_params {
-	const char *name;
-	int nid;
-} GostR3410_params;
-
-static const GostR3410_params GostR3410_256_params[] = {
-	{ "A",  NID_id_GostR3410_2001_CryptoPro_A_ParamSet },
-	{ "B",  NID_id_GostR3410_2001_CryptoPro_B_ParamSet },
-	{ "C",  NID_id_GostR3410_2001_CryptoPro_C_ParamSet },
-	{ "0",  NID_id_GostR3410_2001_TestParamSet },
-	{ "XA", NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet },
-	{ "XB", NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet },
-	{ NULL, NID_undef },
-};
-
-static const GostR3410_params GostR3410_512_params[] = {
-	{ "A",  NID_id_tc26_gost_3410_2012_512_paramSetA },
-	{ "B",  NID_id_tc26_gost_3410_2012_512_paramSetB },
-	{ NULL, NID_undef },
-};
-
-int
-GostR3410_256_param_id(const char *value)
-{
-	int i;
-
-	for (i = 0; GostR3410_256_params[i].nid != NID_undef; i++) {
-		if (strcasecmp(GostR3410_256_params[i].name, value) == 0)
-			return GostR3410_256_params[i].nid;
-	}
-
-	return NID_undef;
-}
-
-int
-GostR3410_512_param_id(const char *value)
-{
-	int i;
-
-	for (i = 0; GostR3410_512_params[i].nid != NID_undef; i++) {
-		if (strcasecmp(GostR3410_512_params[i].name, value) == 0)
-			return GostR3410_512_params[i].nid;
-	}
-
-	return NID_undef;
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341001_pmeth.c b/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
deleted file mode 100644
index 1454f3f0a2b..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
+++ /dev/null
@@ -1,719 +0,0 @@
-/* $OpenBSD: gostr341001_pmeth.c,v 1.12 2015/02/14 15:08:37 miod Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/bn.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/gost.h>
-#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
-#include <openssl/x509.h>
-
-#include "evp_locl.h"
-#include "gost_locl.h"
-#include "gost_asn1.h"
-
-static ECDSA_SIG *
-unpack_signature_cp(const unsigned char *sig, size_t siglen)
-{
-	ECDSA_SIG *s;
-
-	s = ECDSA_SIG_new();
-	if (s == NULL) {
-		GOSTerr(GOST_F_UNPACK_SIGNATURE_CP, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	BN_bin2bn(sig, siglen / 2, s->s);
-	BN_bin2bn(sig + siglen / 2, siglen / 2, s->r);
-	return s;
-}
-
-static int
-pack_signature_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
-{
-	int r_len = BN_num_bytes(s->r);
-	int s_len = BN_num_bytes(s->s);
-
-	if (r_len > order || s_len > order)
-		return 0;
-
-	*siglen = 2 * order;
-
-	memset(sig, 0, *siglen);
-	BN_bn2bin(s->s, sig + order - s_len);
-	BN_bn2bin(s->r, sig + 2 * order - r_len);
-	ECDSA_SIG_free(s);
-	return 1;
-}
-
-static ECDSA_SIG *
-unpack_signature_le(const unsigned char *sig, size_t siglen)
-{
-	ECDSA_SIG *s;
-
-	s = ECDSA_SIG_new();
-	if (s == NULL) {
-		GOSTerr(GOST_F_UNPACK_SIGNATURE_LE, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	GOST_le2bn(sig, siglen / 2, s->r);
-	GOST_le2bn(sig + siglen / 2, siglen / 2, s->s);
-	return s;
-}
-
-static int
-pack_signature_le(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
-{
-	*siglen = 2 * order;
-	memset(sig, 0, *siglen);
-	GOST_bn2le(s->r, sig, order);
-	GOST_bn2le(s->s, sig + order, order);
-	ECDSA_SIG_free(s);
-	return 1;
-}
-
-struct gost_pmeth_data {
-	int sign_param_nid; /* Should be set whenever parameters are filled */
-	int digest_nid;
-	EVP_MD *md;
-	unsigned char *shared_ukm;
-	int peer_key_used;
-	int sig_format;
-};
-
-static int
-pkey_gost01_init(EVP_PKEY_CTX *ctx)
-{
-	struct gost_pmeth_data *data;
-	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
-
-	data = calloc(1, sizeof(struct gost_pmeth_data));
-	if (data == NULL)
-		return 0;
-
-	if (pkey != NULL && pkey->pkey.gost != NULL) {
-		data->sign_param_nid =
-		    EC_GROUP_get_curve_name(GOST_KEY_get0_group(pkey->pkey.gost));
-		data->digest_nid = GOST_KEY_get_digest(pkey->pkey.gost);
-	}
-	EVP_PKEY_CTX_set_data(ctx, data);
-	return 1;
-}
-
-/* Copies contents of gost_pmeth_data structure */
-static int
-pkey_gost01_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	struct gost_pmeth_data *dst_data, *src_data;
-
-	if (pkey_gost01_init(dst) == 0)
-		return 0;
-
-	src_data = EVP_PKEY_CTX_get_data(src);
-	dst_data = EVP_PKEY_CTX_get_data(dst);
-	*dst_data = *src_data;
-	if (src_data->shared_ukm != NULL)
-		dst_data->shared_ukm = NULL;
-	return 1;
-}
-
-/* Frees up gost_pmeth_data structure */
-static void
-pkey_gost01_cleanup(EVP_PKEY_CTX *ctx)
-{
-	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-
-	free(data->shared_ukm);
-	free(data);
-}
-
-static int
-pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-	EC_GROUP *group = NULL;
-	GOST_KEY *gost = NULL;
-	int ret = 0;
-
-	if (data->sign_param_nid == NID_undef ||
-	    data->digest_nid == NID_undef) {
-		GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
-		return 0;
-	}
-
-	group = EC_GROUP_new_by_curve_name(data->sign_param_nid);
-	if (group == NULL)
-		goto done;
-
-	EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
-
-	gost = GOST_KEY_new();
-	if (gost == NULL)
-		goto done;
-
-	if (GOST_KEY_set_digest(gost, data->digest_nid) == 0)
-		goto done;
-
-	if (GOST_KEY_set_group(gost, group) != 0)
-		ret = EVP_PKEY_assign_GOST(pkey, gost);
-
-done:
-	if (ret == 0)
-		GOST_KEY_free(gost);
-	EC_GROUP_free(group);
-	return ret;
-}
-
-static int
-pkey_gost01_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	if (pkey_gost01_paramgen(ctx, pkey) == 0)
-		return 0;
-	return gost2001_keygen(pkey->pkey.gost) != 0;
-}
-
-static int
-pkey_gost01_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbs_len)
-{
-	ECDSA_SIG *unpacked_sig = NULL;
-	EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
-	struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
-	BIGNUM *md;
-	size_t size;
-	int ret;
-
-	if (pkey == NULL || pkey->pkey.gost == NULL)
-		return 0;
-	size = GOST_KEY_get_size(pkey->pkey.gost);
-
-	if (siglen == NULL)
-		return 0;
-	if (sig == NULL) {
-		*siglen = 2 * size;
-		return 1;
-	} else if (*siglen < 2 * size) {
-		GOSTerr(GOST_F_PKEY_GOST01_SIGN, EC_R_BUFFER_TOO_SMALL);
-		return 0;
-	}
-	if (tbs_len != 32 && tbs_len != 64) {
-		GOSTerr(GOST_F_PKEY_GOST01_SIGN, EVP_R_BAD_BLOCK_LENGTH);
-		return 0;
-	}
-	md = GOST_le2bn(tbs, tbs_len, NULL);
-	if (md == NULL)
-		return 0;
-	unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
-	BN_free(md);
-	if (unpacked_sig == NULL) {
-		return 0;
-	}
-	switch (pctx->sig_format) {
-	case GOST_SIG_FORMAT_SR_BE:
-		ret = pack_signature_cp(unpacked_sig, size, sig, siglen);
-		break;
-	case GOST_SIG_FORMAT_RS_LE:
-		ret = pack_signature_le(unpacked_sig, size, sig, siglen);
-		break;
-	default:
-		ret = -1;
-		break;
-	}
-	if (ret <= 0)
-		ECDSA_SIG_free(unpacked_sig);
-	return ret;
-}
-
-static int
-pkey_gost01_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbs_len)
-{
-	int ok = 0;
-	EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
-	struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
-	ECDSA_SIG *s = NULL;
-	BIGNUM *md;
-
-	if (pub_key == NULL)
-		return 0;
-	switch (pctx->sig_format) {
-	case GOST_SIG_FORMAT_SR_BE:
-		s = unpack_signature_cp(sig, siglen);
-		break;
-	case GOST_SIG_FORMAT_RS_LE:
-		s = unpack_signature_le(sig, siglen);
-		break;
-	}
-	if (s == NULL)
-		return 0;
-	md = GOST_le2bn(tbs, tbs_len, NULL);
-	if (md == NULL)
-		goto err;
-	ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
-
-err:
-	BN_free(md);
-	ECDSA_SIG_free(s);
-	return ok;
-}
-
-static int
-gost01_VKO_key(EVP_PKEY *pub_key, EVP_PKEY *priv_key, const unsigned char *ukm,
-    unsigned char *key)
-{
-	unsigned char hashbuf[128];
-	int digest_nid;
-	int ret = 0;
-	BN_CTX *ctx = BN_CTX_new();
-	BIGNUM *UKM, *X, *Y;
-
-	if (ctx == NULL)
-		return 0;
-
-	BN_CTX_start(ctx);
-	if ((UKM = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((X = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((Y = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	GOST_le2bn(ukm, 8, UKM);
-
-	digest_nid = GOST_KEY_get_digest(priv_key->pkey.gost);
-	if (VKO_compute_key(X, Y, pub_key->pkey.gost, priv_key->pkey.gost,
-	    UKM) == 0)
-		goto err;
-
-	switch (digest_nid) {
-	case NID_id_GostR3411_94_CryptoProParamSet:
-		GOST_bn2le(X, hashbuf, 32);
-		GOST_bn2le(Y, hashbuf + 32, 32);
-		GOSTR341194(hashbuf, 64, key, digest_nid);
-		ret = 1;
-		break;
-	case NID_id_tc26_gost3411_2012_256:
-		GOST_bn2le(X, hashbuf, 32);
-		GOST_bn2le(Y, hashbuf + 32, 32);
-		STREEBOG256(hashbuf, 64, key);
-		ret = 1;
-		break;
-	case NID_id_tc26_gost3411_2012_512:
-		GOST_bn2le(X, hashbuf, 64);
-		GOST_bn2le(Y, hashbuf + 64, 64);
-		STREEBOG256(hashbuf, 128, key);
-		ret = 1;
-		break;
-	default:
-		ret = -2;
-		break;
-	}
-err:
-	BN_CTX_end(ctx);
-	BN_CTX_free(ctx);
-	return ret;
-}
-
-int
-pkey_gost01_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key, size_t *key_len,
-    const unsigned char *in, size_t in_len)
-{
-	const unsigned char *p = in;
-	EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
-	GOST_KEY_TRANSPORT *gkt = NULL;
-	int ret = 0;
-	unsigned char wrappedKey[44];
-	unsigned char sharedKey[32];
-	EVP_PKEY *eph_key = NULL, *peerkey = NULL;
-	int nid;
-
-	if (key == NULL) {
-		*key_len = 32;
-		return 1;
-	}
-	gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
-	if (gkt == NULL) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-		    GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
-		return -1;
-	}
-
-	/* If key transport structure contains public key, use it */
-	eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
-	if (eph_key != NULL) {
-		if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
-			GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-			    GOST_R_INCOMPATIBLE_PEER_KEY);
-			goto err;
-		}
-	} else {
-		/* Set control "public key from client certificate used" */
-		if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
-		    NULL) <= 0) {
-			GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-			    GOST_R_CTRL_CALL_FAILED);
-			goto err;
-		}
-	}
-	peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
-	if (peerkey == NULL) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT, GOST_R_NO_PEER_KEY);
-		goto err;
-	}
-
-	nid = OBJ_obj2nid(gkt->key_agreement_info->cipher);
-
-	if (gkt->key_agreement_info->eph_iv->length != 8) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-		    GOST_R_INVALID_IV_LENGTH);
-		goto err;
-	}
-	memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
-	if (gkt->key_info->encrypted_key->length != 32) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-		    EVP_R_BAD_KEY_LENGTH);
-		goto err;
-	}
-	memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
-	if (gkt->key_info->imit->length != 4) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
-	if (gost01_VKO_key(peerkey, priv, wrappedKey, sharedKey) <= 0)
-		goto err;
-	if (gost_key_unwrap_crypto_pro(nid, sharedKey, wrappedKey, key) == 0) {
-		GOSTerr(GOST_F_PKEY_GOST01_DECRYPT,
-		    GOST_R_ERROR_COMPUTING_SHARED_KEY);
-		goto err;
-	}
-
-	ret = 1;
-err:
-	EVP_PKEY_free(eph_key);
-	GOST_KEY_TRANSPORT_free(gkt);
-	return ret;
-}
-
-int
-pkey_gost01_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
-{
-	/*
-	 * Public key of peer in the ctx field peerkey
-	 * Our private key in the ctx pkey
-	 * ukm is in the algorithm specific context data
-	 */
-	EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx);
-	EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
-	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
-
-	if (data->shared_ukm == NULL) {
-		GOSTerr(GOST_F_PKEY_GOST01_DERIVE, GOST_R_UKM_NOT_SET);
-		return 0;
-	}
-
-	if (key == NULL) {
-		*keylen = 32;
-		return 32;
-	}
-
-	if (gost01_VKO_key(peer_key, my_key, data->shared_ukm, key) <= 0)
-		return 0;
-
-	*keylen = 32;
-	return 1;
-}
-
-int
-pkey_gost01_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, size_t *out_len,
-    const unsigned char *key, size_t key_len)
-{
-	GOST_KEY_TRANSPORT *gkt = NULL;
-	EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
-	struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
-	unsigned char ukm[8], shared_key[32], crypted_key[44];
-	int ret = 0;
-	int key_is_ephemeral;
-	EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx);
-	int nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
-
-	if (data->shared_ukm != NULL) {
-		memcpy(ukm, data->shared_ukm, 8);
-	} else /* if (out != NULL) */ {
-		arc4random_buf(ukm, 8);
-	}
-	/* Check for private key in the peer_key of context */
-	if (sec_key) {
-		key_is_ephemeral = 0;
-		if (GOST_KEY_get0_private_key(sec_key->pkey.gost) == 0) {
-			GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT,
-			    GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
-			goto err;
-		}
-	} else {
-		key_is_ephemeral = 1;
-		if (out != NULL) {
-			GOST_KEY *tmp_key;
-
-			sec_key = EVP_PKEY_new();
-			if (sec_key == NULL)
-				goto err;
-			tmp_key = GOST_KEY_new();
-			if (tmp_key == NULL)
-				goto err;
-			if (EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk),
-			    tmp_key) == 0) {
-				GOST_KEY_free(tmp_key);
-				goto err;
-			}
-			if (EVP_PKEY_copy_parameters(sec_key, pubk) == 0)
-				goto err;
-			if (gost2001_keygen(sec_key->pkey.gost) == 0) {
-				goto err;
-			}
-		}
-	}
-
-	if (out != NULL) {
-		if (gost01_VKO_key(pubk, sec_key, ukm, shared_key) <= 0)
-			goto err;
-		gost_key_wrap_crypto_pro(nid, shared_key, ukm, key,
-		    crypted_key);
-	}
-	gkt = GOST_KEY_TRANSPORT_new();
-	if (gkt == NULL)
-		goto err;
-	if (ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8) == 0)
-		goto err;
-	if (ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40,
-	    4) == 0)
-		goto err;
-	if (ASN1_OCTET_STRING_set(gkt->key_info->encrypted_key, crypted_key + 8,
-	    32) == 0)
-		goto err;
-	if (key_is_ephemeral) {
-		if (X509_PUBKEY_set(&gkt->key_agreement_info->ephem_key,
-		    out != NULL ? sec_key : pubk) == 0) {
-			GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT,
-			    GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
-			goto err;
-		}
-	}
-	ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
-	gkt->key_agreement_info->cipher = OBJ_nid2obj(nid);
-	if (key_is_ephemeral)
-		EVP_PKEY_free(sec_key);
-	else {
-		/* Set control "public key from client certificate used" */
-		if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3,
-		    NULL) <= 0) {
-			GOSTerr(GOST_F_PKEY_GOST01_ENCRYPT,
-			    GOST_R_CTRL_CALL_FAILED);
-			goto err;
-		}
-	}
-	if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0)
-		ret = 1;
-	GOST_KEY_TRANSPORT_free(gkt);
-	return ret;
-
-err:
-	if (key_is_ephemeral)
-		EVP_PKEY_free(sec_key);
-	GOST_KEY_TRANSPORT_free(gkt);
-	return -1;
-}
-
-
-static int
-pkey_gost01_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	struct gost_pmeth_data *pctx = EVP_PKEY_CTX_get_data(ctx);
-
-	switch (type) {
-	case EVP_PKEY_CTRL_MD:
-		if (EVP_MD_type(p2) !=
-		    GostR3410_get_md_digest(pctx->digest_nid)) {
-			GOSTerr(GOST_F_PKEY_GOST01_CTRL,
-			    GOST_R_INVALID_DIGEST_TYPE);
-			return 0;
-		}
-		pctx->md = p2;
-		return 1;
-	case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
-	case EVP_PKEY_CTRL_PKCS7_DECRYPT:
-	case EVP_PKEY_CTRL_PKCS7_SIGN:
-	case EVP_PKEY_CTRL_DIGESTINIT:
-#ifndef OPENSSL_NO_CMS
-	case EVP_PKEY_CTRL_CMS_ENCRYPT:
-	case EVP_PKEY_CTRL_CMS_DECRYPT:
-	case EVP_PKEY_CTRL_CMS_SIGN:
-#endif
-		return 1;
-
-	case EVP_PKEY_CTRL_GOST_PARAMSET:
-		pctx->sign_param_nid = (int)p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_SET_IV:
-	    {
-		char *ukm = malloc(p1);
-
-		if (ukm == NULL) {
-			GOSTerr(GOST_F_PKEY_GOST01_CTRL,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		memcpy(ukm, p2, p1);
-		free(pctx->shared_ukm);
-		pctx->shared_ukm = ukm;
-		return 1;
-	    }
-
-	case EVP_PKEY_CTRL_PEER_KEY:
-		if (p1 == 0 || p1 == 1)	/* call from EVP_PKEY_derive_set_peer */
-			return 1;
-		if (p1 == 2)	/* TLS: peer key used? */
-			return pctx->peer_key_used;
-		if (p1 == 3)	/* TLS: peer key used! */
-			return (pctx->peer_key_used = 1);
-		return -2;
-	case EVP_PKEY_CTRL_GOST_SIG_FORMAT:
-		switch (p1) {
-		case GOST_SIG_FORMAT_SR_BE:
-		case GOST_SIG_FORMAT_RS_LE:
-			pctx->sig_format = p1;
-			return 1;
-		default:
-			return 0;
-		}
-		break;
-	case EVP_PKEY_CTRL_GOST_SET_DIGEST:
-		pctx->digest_nid = (int)p1;
-		return 1;
-	case EVP_PKEY_CTRL_GOST_GET_DIGEST:
-		*(int *)p2 = pctx->digest_nid;
-		return 1;
-	default:
-		return -2;
-	}
-}
-
-static int
-pkey_gost01_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
-	int param_nid = NID_undef;
-	int digest_nid = NID_undef;
-
-	if (strcmp(type, "paramset") == 0) {
-		if (value == NULL)
-			return 0;
-		if (pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_GET_DIGEST, 0,
-		    &digest_nid) == 0)
-			return 0;
-		if (digest_nid == NID_id_tc26_gost3411_2012_512)
-			param_nid = GostR3410_512_param_id(value);
-		else
-			param_nid = GostR3410_256_param_id(value);
-		if (param_nid == NID_undef)
-			param_nid = OBJ_txt2nid(value);
-		if (param_nid == NID_undef)
-			return 0;
-
-		return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
-		    param_nid, NULL);
-	}
-	if (strcmp(type, "dgst") == 0) {
-		if (value == NULL)
-			return 0;
-		else if (strcmp(value, "gost94") == 0 ||
-		    strcmp(value, "md_gost94") == 0)
-			digest_nid = NID_id_GostR3411_94_CryptoProParamSet;
-		else if (strcmp(value, "streebog256") == 0)
-			digest_nid = NID_id_tc26_gost3411_2012_256;
-		else if (strcmp(value, "streebog512") == 0)
-			digest_nid = NID_id_tc26_gost3411_2012_512;
-
-		if (digest_nid == NID_undef)
-			return 0;
-
-		return pkey_gost01_ctrl(ctx, EVP_PKEY_CTRL_GOST_SET_DIGEST,
-		    digest_nid, NULL);
-	}
-	return -2;
-}
-
-const EVP_PKEY_METHOD gostr01_pkey_meth = {
-	.pkey_id = EVP_PKEY_GOSTR01,
-
-	.init = pkey_gost01_init,
-	.copy = pkey_gost01_copy,
-	.cleanup = pkey_gost01_cleanup,
-
-	.paramgen = pkey_gost01_paramgen,
-	.keygen = pkey_gost01_keygen,
-	.sign = pkey_gost01_sign,
-	.verify = pkey_gost01_verify,
-
-	.encrypt = pkey_gost01_encrypt,
-	.decrypt = pkey_gost01_decrypt,
-	.derive = pkey_gost01_derive,
-
-	.ctrl = pkey_gost01_ctrl,
-	.ctrl_str = pkey_gost01_ctrl_str,
-};
-#endif
diff --git a/lib/libssl/src/crypto/gost/gostr341194.c b/lib/libssl/src/crypto/gost/gostr341194.c
deleted file mode 100644
index 2a462185aa4..00000000000
--- a/lib/libssl/src/crypto/gost/gostr341194.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/* $OpenBSD: gostr341194.c,v 1.5 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/crypto.h>
-#include <openssl/objects.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-/* Following functions are various bit meshing routines used in
- * GOST R 34.11-94 algorithms */
-static void
-swap_bytes(unsigned char *w, unsigned char *k)
-{
-	int i, j;
-
-	for (i = 0; i < 4; i++)
-		for (j = 0; j < 8; j++)
-			k[i + 4 * j] = w[8 * i + j];
-}
-
-/* was A_A */
-static void
-circle_xor8(const unsigned char *w, unsigned char *k)
-{
-	unsigned char buf[8];
-	int i;
-
-	memcpy(buf, w, 8);
-	memmove(k, w + 8, 24);
-	for (i = 0; i < 8; i++)
-		k[i + 24] = buf[i] ^ k[i];
-}
-
-/* was R_R */
-static void
-transform_3(unsigned char *data)
-{
-	unsigned short int acc;
-
-	acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) |
-	     ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8);
-	memmove(data, data + 2, 30);
-	data[30] = acc & 0xff;
-	data[31] = acc >> 8;
-}
-
-/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
-static int
-add_blocks(int n, unsigned char *left, const unsigned char *right)
-{
-	int i;
-	int carry = 0;
-	int sum;
-
-	for (i = 0; i < n; i++) {
-		sum = (int)left[i] + (int)right[i] + carry;
-		left[i] = sum & 0xff;
-		carry = sum >> 8;
-	}
-	return carry;
-}
-
-/* Xor two sequences of bytes */
-static void
-xor_blocks(unsigned char *result, const unsigned char *a,
-    const unsigned char *b, size_t len)
-{
-	size_t i;
-
-	for (i = 0; i < len; i++)
-		result[i] = a[i] ^ b[i];
-}
-
-/* 
- * 	Calculate H(i+1) = Hash(Hi,Mi) 
- * 	Where H and M are 32 bytes long
- */
-static int
-hash_step(GOSTR341194_CTX *c, unsigned char *H, const unsigned char *M)
-{
-	unsigned char U[32], W[32], V[32], S[32], Key[32];
-	int i;
-
-	/* Compute first key */
-	xor_blocks(W, H, M, 32);
-	swap_bytes(W, Key);
-	/* Encrypt first 8 bytes of H with first key */
-	Gost2814789_set_key(&c->cipher, Key, 256);
-	Gost2814789_encrypt(H, S, &c->cipher);
-
-	/* Compute second key */
-	circle_xor8(H, U);
-	circle_xor8(M, V);
-	circle_xor8(V, V);
-	xor_blocks(W, U, V, 32);
-	swap_bytes(W, Key);
-	/* encrypt second 8 bytes of H with second key */
-	Gost2814789_set_key(&c->cipher, Key, 256);
-	Gost2814789_encrypt(H+8, S+8, &c->cipher);
-
-	/* compute third key */
-	circle_xor8(U, U);
-	U[31] = ~U[31];
-	U[29] = ~U[29];
-	U[28] = ~U[28];
-	U[24] = ~U[24];
-	U[23] = ~U[23];
-	U[20] = ~U[20];
-	U[18] = ~U[18];
-	U[17] = ~U[17];
-	U[14] = ~U[14];
-	U[12] = ~U[12];
-	U[10] = ~U[10];
-	U[8] = ~U[8];
-	U[7] = ~U[7];
-	U[5] = ~U[5];
-	U[3] = ~U[3];
-	U[1] = ~U[1];
-	circle_xor8(V, V);
-	circle_xor8(V, V);
-	xor_blocks(W, U, V, 32);
-	swap_bytes(W, Key);
-	/* encrypt third 8 bytes of H with third key */
-	Gost2814789_set_key(&c->cipher, Key, 256);
-	Gost2814789_encrypt(H+16, S+16, &c->cipher);
-
-	/* Compute fourth key */
-	circle_xor8(U, U);
-	circle_xor8(V, V);
-	circle_xor8(V, V);
-	xor_blocks(W, U, V, 32);
-	swap_bytes(W, Key);
-	/* Encrypt last 8 bytes with fourth key */
-	Gost2814789_set_key(&c->cipher, Key, 256);
-	Gost2814789_encrypt(H+24, S+24, &c->cipher);
-
-	for (i = 0; i < 12; i++)
-		transform_3(S);
-	xor_blocks(S, S, M, 32);
-	transform_3(S);
-	xor_blocks(S, S, H, 32);
-	for (i = 0; i < 61; i++)
-		transform_3(S);
-	memcpy(H, S, 32);
-	return 1;
-}
-
-int
-GOSTR341194_Init(GOSTR341194_CTX *c, int nid)
-{
-	memset(c, 0, sizeof(*c));
-	return Gost2814789_set_sbox(&c->cipher, nid);
-}
-
-static void
-GOSTR341194_block_data_order(GOSTR341194_CTX *ctx, const unsigned char *p,
-    size_t num)
-{
-	int i;
-
-	for (i = 0; i < num; i++) {
-		hash_step(ctx, ctx->H, p);
-		add_blocks(32, ctx->S, p);
-		p += 32;
-	}
-}
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_CBLOCK	GOSTR341194_CBLOCK
-#define HASH_LONG	GOSTR341194_LONG
-#define HASH_CTX	GOSTR341194_CTX
-#define HASH_UPDATE	GOSTR341194_Update
-#define HASH_TRANSFORM	GOSTR341194_Transform
-#define HASH_NO_FINAL	1
-#define HASH_BLOCK_DATA_ORDER	GOSTR341194_block_data_order
-
-#include "md32_common.h"
-
-int
-GOSTR341194_Final(unsigned char *md, GOSTR341194_CTX * c)
-{
-	unsigned char *p = (unsigned char *)c->data;
-	unsigned char T[32];
-
-	if (c->num > 0) {
-		memset(p + c->num, 0, 32 - c->num);
-		hash_step(c, c->H, p);
-		add_blocks(32, c->S, p);
-	}
-
-	p = T;
-	HOST_l2c(c->Nl, p);
-	HOST_l2c(c->Nh, p);
-	memset(p, 0, 32 - 8);
-	hash_step(c, c->H, T);
-	hash_step(c, c->H, c->S);
-
-	memcpy(md, c->H, 32);
-
-	return 1;
-}
-
-unsigned char *
-GOSTR341194(const unsigned char *d, size_t n, unsigned char *md, int nid)
-{
-	GOSTR341194_CTX c;
-	static unsigned char m[GOSTR341194_LENGTH];
-
-	if (md == NULL)
-		md = m;
-	if (!GOSTR341194_Init(&c, nid))
-		return 0;
-	GOSTR341194_Update(&c, d, n);
-	GOSTR341194_Final(md, &c);
-	explicit_bzero(&c, sizeof(c));
-	return (md);
-}
-#endif
diff --git a/lib/libssl/src/crypto/gost/streebog.c b/lib/libssl/src/crypto/gost/streebog.c
deleted file mode 100644
index 902472bd9e2..00000000000
--- a/lib/libssl/src/crypto/gost/streebog.c
+++ /dev/null
@@ -1,1477 +0,0 @@
-/* $OpenBSD: streebog.c,v 1.5 2015/09/10 15:56:25 jsing Exp $ */
-/*
- * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
- * Copyright (c) 2005-2006 Cryptocom LTD
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <machine/endian.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_GOST
-#include <openssl/crypto.h>
-#include <openssl/objects.h>
-#include <openssl/gost.h>
-
-#include "gost_locl.h"
-
-static const STREEBOG_LONG64 A_PI_table[8][256] = {
-	{ /* 0 */
-		U64(0xd01f715b5c7ef8e6), U64(0x16fa240980778325),
-		U64(0xa8a42e857ee049c8), U64(0x6ac1068fa186465b),
-		U64(0x6e417bd7a2e9320b), U64(0x665c8167a437daab),
-		U64(0x7666681aa89617f6), U64(0x4b959163700bdcf5),
-		U64(0xf14be6b78df36248), U64(0xc585bd689a625cff),
-		U64(0x9557d7fca67d82cb), U64(0x89f0b969af6dd366),
-		U64(0xb0833d48749f6c35), U64(0xa1998c23b1ecbc7c),
-		U64(0x8d70c431ac02a736), U64(0xd6dfbc2fd0a8b69e),
-		U64(0x37aeb3e551fa198b), U64(0x0b7d128a40b5cf9c),
-		U64(0x5a8f2008b5780cbc), U64(0xedec882284e333e5),
-		U64(0xd25fc177d3c7c2ce), U64(0x5e0f5d50b61778ec),
-		U64(0x1d873683c0c24cb9), U64(0xad040bcbb45d208c),
-		U64(0x2f89a0285b853c76), U64(0x5732fff6791b8d58),
-		U64(0x3e9311439ef6ec3f), U64(0xc9183a809fd3c00f),
-		U64(0x83adf3f5260a01ee), U64(0xa6791941f4e8ef10),
-		U64(0x103ae97d0ca1cd5d), U64(0x2ce948121dee1b4a),
-		U64(0x39738421dbf2bf53), U64(0x093da2a6cf0cf5b4),
-		U64(0xcd9847d89cbcb45f), U64(0xf9561c078b2d8ae8),
-		U64(0x9c6a755a6971777f), U64(0xbc1ebaa0712ef0c5),
-		U64(0x72e61542abf963a6), U64(0x78bb5fde229eb12e),
-		U64(0x14ba94250fceb90d), U64(0x844d6697630e5282),
-		U64(0x98ea08026a1e032f), U64(0xf06bbea144217f5c),
-		U64(0xdb6263d11ccb377a), U64(0x641c314b2b8ee083),
-		U64(0x320e96ab9b4770cf), U64(0x1ee7deb986a96b85),
-		U64(0xe96cf57a878c47b5), U64(0xfdd6615f8842feb8),
-		U64(0xc83862965601dd1b), U64(0x2ea9f83e92572162),
-		U64(0xf876441142ff97fc), U64(0xeb2c455608357d9d),
-		U64(0x5612a7e0b0c9904c), U64(0x6c01cbfb2d500823),
-		U64(0x4548a6a7fa037a2d), U64(0xabc4c6bf388b6ef4),
-		U64(0xbade77d4fdf8bebd), U64(0x799b07c8eb4cac3a),
-		U64(0x0c9d87e805b19cf0), U64(0xcb588aac106afa27),
-		U64(0xea0c1d40c1e76089), U64(0x2869354a1e816f1a),
-		U64(0xff96d17307fbc490), U64(0x9f0a9d602f1a5043),
-		U64(0x96373fc6e016a5f7), U64(0x5292dab8b3a6e41c),
-		U64(0x9b8ae0382c752413), U64(0x4f15ec3b7364a8a5),
-		U64(0x3fb349555724f12b), U64(0xc7c50d4415db66d7),
-		U64(0x92b7429ee379d1a7), U64(0xd37f99611a15dfda),
-		U64(0x231427c05e34a086), U64(0xa439a96d7b51d538),
-		U64(0xb403401077f01865), U64(0xdda2aea5901d7902),
-		U64(0x0a5d4a9c8967d288), U64(0xc265280adf660f93),
-		U64(0x8bb0094520d4e94e), U64(0x2a29856691385532),
-		U64(0x42a833c5bf072941), U64(0x73c64d54622b7eb2),
-		U64(0x07e095624504536c), U64(0x8a905153e906f45a),
-		U64(0x6f6123c16b3b2f1f), U64(0xc6e55552dc097bc3),
-		U64(0x4468feb133d16739), U64(0xe211e7f0c7398829),
-		U64(0xa2f96419f7879b40), U64(0x19074bdbc3ad38e9),
-		U64(0xf4ebc3f9474e0b0c), U64(0x43886bd376d53455),
-		U64(0xd8028beb5aa01046), U64(0x51f23282f5cdc320),
-		U64(0xe7b1c2be0d84e16d), U64(0x081dfab006dee8a0),
-		U64(0x3b33340d544b857b), U64(0x7f5bcabc679ae242),
-		U64(0x0edd37c48a08a6d8), U64(0x81ed43d9a9b33bc6),
-		U64(0xb1a3655ebd4d7121), U64(0x69a1eeb5e7ed6167),
-		U64(0xf6ab73d5c8f73124), U64(0x1a67a3e185c61fd5),
-		U64(0x2dc91004d43c065e), U64(0x0240b02c8fb93a28),
-		U64(0x90f7f2b26cc0eb8f), U64(0x3cd3a16f114fd617),
-		U64(0xaae49ea9f15973e0), U64(0x06c0cd748cd64e78),
-		U64(0xda423bc7d5192a6e), U64(0xc345701c16b41287),
-		U64(0x6d2193ede4821537), U64(0xfcf639494190e3ac),
-		U64(0x7c3b228621f1c57e), U64(0xfb16ac2b0494b0c0),
-		U64(0xbf7e529a3745d7f9), U64(0x6881b6a32e3f7c73),
-		U64(0xca78d2bad9b8e733), U64(0xbbfe2fc2342aa3a9),
-		U64(0x0dbddffecc6381e4), U64(0x70a6a56e2440598e),
-		U64(0xe4d12a844befc651), U64(0x8c509c2765d0ba22),
-		U64(0xee8c6018c28814d9), U64(0x17da7c1f49a59e31),
-		U64(0x609c4c1328e194d3), U64(0xb3e3d57232f44b09),
-		U64(0x91d7aaa4a512f69b), U64(0x0ffd6fd243dabbcc),
-		U64(0x50d26a943c1fde34), U64(0x6be15e9968545b4f),
-		U64(0x94778fea6faf9fdf), U64(0x2b09dd7058ea4826),
-		U64(0x677cd9716de5c7bf), U64(0x49d5214fffb2e6dd),
-		U64(0x0360e83a466b273c), U64(0x1fc786af4f7b7691),
-		U64(0xa0b9d435783ea168), U64(0xd49f0c035f118cb6),
-		U64(0x01205816c9d21d14), U64(0xac2453dd7d8f3d98),
-		U64(0x545217cc3f70aa64), U64(0x26b4028e9489c9c2),
-		U64(0xdec2469fd6765e3e), U64(0x04807d58036f7450),
-		U64(0xe5f17292823ddb45), U64(0xf30b569b024a5860),
-		U64(0x62dcfc3fa758aefb), U64(0xe84cad6c4e5e5aa1),
-		U64(0xccb81fce556ea94b), U64(0x53b282ae7a74f908),
-		U64(0x1b47fbf74c1402c1), U64(0x368eebf39828049f),
-		U64(0x7afbeff2ad278b06), U64(0xbe5e0a8cfe97caed),
-		U64(0xcfd8f7f413058e77), U64(0xf78b2bc301252c30),
-		U64(0x4d555c17fcdd928d), U64(0x5f2f05467fc565f8),
-		U64(0x24f4b2a21b30f3ea), U64(0x860dd6bbecb768aa),
-		U64(0x4c750401350f8f99), U64(0x0000000000000000),
-		U64(0xecccd0344d312ef1), U64(0xb5231806be220571),
-		U64(0xc105c030990d28af), U64(0x653c695de25cfd97),
-		U64(0x159acc33c61ca419), U64(0xb89ec7f872418495),
-		U64(0xa9847693b73254dc), U64(0x58cf90243ac13694),
-		U64(0x59efc832f3132b80), U64(0x5c4fed7c39ae42c4),
-		U64(0x828dabe3efd81cfa), U64(0xd13f294d95ace5f2),
-		U64(0x7d1b7a90e823d86a), U64(0xb643f03cf849224d),
-		U64(0x3df3f979d89dcb03), U64(0x7426d836272f2dde),
-		U64(0xdfe21e891fa4432a), U64(0x3a136c1b9d99986f),
-		U64(0xfa36f43dcd46add4), U64(0xc025982650df35bb),
-		U64(0x856d3e81aadc4f96), U64(0xc4a5e57e53b041eb),
-		U64(0x4708168b75ba4005), U64(0xaf44bbe73be41aa4),
-		U64(0x971767d029c4b8e3), U64(0xb9be9feebb939981),
-		U64(0x215497ecd18d9aae), U64(0x316e7e91dd2c57f3),
-		U64(0xcef8afe2dad79363), U64(0x3853dc371220a247),
-		U64(0x35ee03c9de4323a3), U64(0xe6919aa8c456fc79),
-		U64(0xe05157dc4880b201), U64(0x7bdbb7e464f59612),
-		U64(0x127a59518318f775), U64(0x332ecebd52956ddb),
-		U64(0x8f30741d23bb9d1e), U64(0xd922d3fd93720d52),
-		U64(0x7746300c61440ae2), U64(0x25d4eab4d2e2eefe),
-		U64(0x75068020eefd30ca), U64(0x135a01474acaea61),
-		U64(0x304e268714fe4ae7), U64(0xa519f17bb283c82c),
-		U64(0xdc82f6b359cf6416), U64(0x5baf781e7caa11a8),
-		U64(0xb2c38d64fb26561d), U64(0x34ce5bdf17913eb7),
-		U64(0x5d6fb56af07c5fd0), U64(0x182713cd0a7f25fd),
-		U64(0x9e2ac576e6c84d57), U64(0x9aaab82ee5a73907),
-		U64(0xa3d93c0f3e558654), U64(0x7e7b92aaae48ff56),
-		U64(0x872d8ead256575be), U64(0x41c8dbfff96c0e7d),
-		U64(0x99ca5014a3cc1e3b), U64(0x40e883e930be1369),
-		U64(0x1ca76e95091051ad), U64(0x4e35b42dbab6b5b1),
-		U64(0x05a0254ecabd6944), U64(0xe1710fca8152af15),
-		U64(0xf22b0e8dcb984574), U64(0xb763a82a319b3f59),
-		U64(0x63fca4296e8ab3ef), U64(0x9d4a2d4ca0a36a6b),
-		U64(0xe331bfe60eeb953d), U64(0xd5bf541596c391a2),
-		U64(0xf5cb9bef8e9c1618), U64(0x46284e9dbc685d11),
-		U64(0x2074cffa185f87ba), U64(0xbd3ee2b6b8fcedd1),
-		U64(0xae64e3f1f23607b0), U64(0xfeb68965ce29d984),
-		U64(0x55724fdaf6a2b770), U64(0x29496d5cd753720e),
-		U64(0xa75941573d3af204), U64(0x8e102c0bea69800a),
-		U64(0x111ab16bc573d049), U64(0xd7ffe439197aab8a),
-		U64(0xefac380e0b5a09cd), U64(0x48f579593660fbc9),
-		U64(0x22347fd697e6bd92), U64(0x61bc1405e13389c7),
-		U64(0x4ab5c975b9d9c1e1), U64(0x80cd1bcf606126d2),
-		U64(0x7186fd78ed92449a), U64(0x93971a882aabccb3),
-		U64(0x88d0e17f66bfce72), U64(0x27945a985d5bd4d6)
-	}, { /* 1 */
-		U64(0xde553f8c05a811c8), U64(0x1906b59631b4f565),
-		U64(0x436e70d6b1964ff7), U64(0x36d343cb8b1e9d85),
-		U64(0x843dfacc858aab5a), U64(0xfdfc95c299bfc7f9),
-		U64(0x0f634bdea1d51fa2), U64(0x6d458b3b76efb3cd),
-		U64(0x85c3f77cf8593f80), U64(0x3c91315fbe737cb2),
-		U64(0x2148b03366ace398), U64(0x18f8b8264c6761bf),
-		U64(0xc830c1c495c9fb0f), U64(0x981a76102086a0aa),
-		U64(0xaa16012142f35760), U64(0x35cc54060c763cf6),
-		U64(0x42907d66cc45db2d), U64(0x8203d44b965af4bc),
-		U64(0x3d6f3cefc3a0e868), U64(0xbc73ff69d292bda7),
-		U64(0x8722ed0102e20a29), U64(0x8f8185e8cd34deb7),
-		U64(0x9b0561dda7ee01d9), U64(0x5335a0193227fad6),
-		U64(0xc9cecc74e81a6fd5), U64(0x54f5832e5c2431ea),
-		U64(0x99e47ba05d553470), U64(0xf7bee756acd226ce),
-		U64(0x384e05a5571816fd), U64(0xd1367452a47d0e6a),
-		U64(0xf29fde1c386ad85b), U64(0x320c77316275f7ca),
-		U64(0xd0c879e2d9ae9ab0), U64(0xdb7406c69110ef5d),
-		U64(0x45505e51a2461011), U64(0xfc029872e46c5323),
-		U64(0xfa3cb6f5f7bc0cc5), U64(0x031f17cd8768a173),
-		U64(0xbd8df2d9af41297d), U64(0x9d3b4f5ab43e5e3f),
-		U64(0x4071671b36feee84), U64(0x716207e7d3e3b83d),
-		U64(0x48d20ff2f9283a1a), U64(0x27769eb4757cbc7e),
-		U64(0x5c56ebc793f2e574), U64(0xa48b474f9ef5dc18),
-		U64(0x52cbada94ff46e0c), U64(0x60c7da982d8199c6),
-		U64(0x0e9d466edc068b78), U64(0x4eec2175eaf865fc),
-		U64(0x550b8e9e21f7a530), U64(0x6b7ba5bc653fec2b),
-		U64(0x5eb7f1ba6949d0dd), U64(0x57ea94e3db4c9099),
-		U64(0xf640eae6d101b214), U64(0xdd4a284182c0b0bb),
-		U64(0xff1d8fbf6304f250), U64(0xb8accb933bf9d7e8),
-		U64(0xe8867c478eb68c4d), U64(0x3f8e2692391bddc1),
-		U64(0xcb2fd60912a15a7c), U64(0xaec935dbab983d2f),
-		U64(0xf55ffd2b56691367), U64(0x80e2ce366ce1c115),
-		U64(0x179bf3f8edb27e1d), U64(0x01fe0db07dd394da),
-		U64(0xda8a0b76ecc37b87), U64(0x44ae53e1df9584cb),
-		U64(0xb310b4b77347a205), U64(0xdfab323c787b8512),
-		U64(0x3b511268d070b78e), U64(0x65e6e3d2b9396753),
-		U64(0x6864b271e2574d58), U64(0x259784c98fc789d7),
-		U64(0x02e11a7dfabb35a9), U64(0x8841a6dfa337158b),
-		U64(0x7ade78c39b5dcdd0), U64(0xb7cf804d9a2cc84a),
-		U64(0x20b6bd831b7f7742), U64(0x75bd331d3a88d272),
-		U64(0x418f6aab4b2d7a5e), U64(0xd9951cbb6babdaf4),
-		U64(0xb6318dfde7ff5c90), U64(0x1f389b112264aa83),
-		U64(0x492c024284fbaec0), U64(0xe33a0363c608f9a0),
-		U64(0x2688930408af28a4), U64(0xc7538a1a341ce4ad),
-		U64(0x5da8e677ee2171ae), U64(0x8c9e92254a5c7fc4),
-		U64(0x63d8cd55aae938b5), U64(0x29ebd8daa97a3706),
-		U64(0x959827b37be88aa1), U64(0x1484e4356adadf6e),
-		U64(0xa7945082199d7d6b), U64(0xbf6ce8a455fa1cd4),
-		U64(0x9cc542eac9edcae5), U64(0x79c16f0e1c356ca3),
-		U64(0x89bfab6fdee48151), U64(0xd4174d1830c5f0ff),
-		U64(0x9258048415eb419d), U64(0x6139d72850520d1c),
-		U64(0x6a85a80c18ec78f1), U64(0xcd11f88e0171059a),
-		U64(0xcceff53e7ca29140), U64(0xd229639f2315af19),
-		U64(0x90b91ef9ef507434), U64(0x5977d28d074a1be1),
-		U64(0x311360fce51d56b9), U64(0xc093a92d5a1f2f91),
-		U64(0x1a19a25bb6dc5416), U64(0xeb996b8a09de2d3e),
-		U64(0xfee3820f1ed7668a), U64(0xd7085ad5b7ad518c),
-		U64(0x7fff41890fe53345), U64(0xec5948bd67dde602),
-		U64(0x2fd5f65dbaaa68e0), U64(0xa5754affe32648c2),
-		U64(0xf8ddac880d07396c), U64(0x6fa491468c548664),
-		U64(0x0c7c5c1326bdbed1), U64(0x4a33158f03930fb3),
-		U64(0x699abfc19f84d982), U64(0xe4fa2054a80b329c),
-		U64(0x6707f9af438252fa), U64(0x08a368e9cfd6d49e),
-		U64(0x47b1442c58fd25b8), U64(0xbbb3dc5ebc91769b),
-		U64(0x1665fe489061eac7), U64(0x33f27a811fa66310),
-		U64(0x93a609346838d547), U64(0x30ed6d4c98cec263),
-		U64(0x1dd9816cd8df9f2a), U64(0x94662a03063b1e7b),
-		U64(0x83fdd9fbeb896066), U64(0x7b207573e68e590a),
-		U64(0x5f49fc0a149a4407), U64(0x343259b671a5a82c),
-		U64(0xfbc2bb458a6f981f), U64(0xc272b350a0a41a38),
-		U64(0x3aaf1fd8ada32354), U64(0x6cbb868b0b3c2717),
-		U64(0xa2b569c88d2583fe), U64(0xf180c9d1bf027928),
-		U64(0xaf37386bd64ba9f5), U64(0x12bacab2790a8088),
-		U64(0x4c0d3b0810435055), U64(0xb2eeb9070e9436df),
-		U64(0xc5b29067cea7d104), U64(0xdcb425f1ff132461),
-		U64(0x4f122cc5972bf126), U64(0xac282fa651230886),
-		U64(0xe7e537992f6393ef), U64(0xe61b3a2952b00735),
-		U64(0x709c0a57ae302ce7), U64(0xe02514ae416058d3),
-		U64(0xc44c9dd7b37445de), U64(0x5a68c5408022ba92),
-		U64(0x1c278cdca50c0bf0), U64(0x6e5a9cf6f18712be),
-		U64(0x86dce0b17f319ef3), U64(0x2d34ec2040115d49),
-		U64(0x4bcd183f7e409b69), U64(0x2815d56ad4a9a3dc),
-		U64(0x24698979f2141d0d), U64(0x0000000000000000),
-		U64(0x1ec696a15fb73e59), U64(0xd86b110b16784e2e),
-		U64(0x8e7f8858b0e74a6d), U64(0x063e2e8713d05fe6),
-		U64(0xe2c40ed3bbdb6d7a), U64(0xb1f1aeca89fc97ac),
-		U64(0xe1db191e3cb3cc09), U64(0x6418ee62c4eaf389),
-		U64(0xc6ad87aa49cf7077), U64(0xd6f65765ca7ec556),
-		U64(0x9afb6c6dda3d9503), U64(0x7ce05644888d9236),
-		U64(0x8d609f95378feb1e), U64(0x23a9aa4e9c17d631),
-		U64(0x6226c0e5d73aac6f), U64(0x56149953a69f0443),
-		U64(0xeeb852c09d66d3ab), U64(0x2b0ac2a753c102af),
-		U64(0x07c023376e03cb3c), U64(0x2ccae1903dc2c993),
-		U64(0xd3d76e2f5ec63bc3), U64(0x9e2458973356ff4c),
-		U64(0xa66a5d32644ee9b1), U64(0x0a427294356de137),
-		U64(0x783f62be61e6f879), U64(0x1344c70204d91452),
-		U64(0x5b96c8f0fdf12e48), U64(0xa90916ecc59bf613),
-		U64(0xbe92e5142829880e), U64(0x727d102a548b194e),
-		U64(0x1be7afebcb0fc0cc), U64(0x3e702b2244c8491b),
-		U64(0xd5e940a84d166425), U64(0x66f9f41f3e51c620),
-		U64(0xabe80c913f20c3ba), U64(0xf07ec461c2d1edf2),
-		U64(0xf361d3ac45b94c81), U64(0x0521394a94b8fe95),
-		U64(0xadd622162cf09c5c), U64(0xe97871f7f3651897),
-		U64(0xf4a1f09b2bba87bd), U64(0x095d6559b2054044),
-		U64(0x0bbc7f2448be75ed), U64(0x2af4cf172e129675),
-		U64(0x157ae98517094bb4), U64(0x9fda55274e856b96),
-		U64(0x914713499283e0ee), U64(0xb952c623462a4332),
-		U64(0x74433ead475b46a8), U64(0x8b5eb112245fb4f8),
-		U64(0xa34b6478f0f61724), U64(0x11a5dd7ffe6221fb),
-		U64(0xc16da49d27ccbb4b), U64(0x76a224d0bde07301),
-		U64(0x8aa0bca2598c2022), U64(0x4df336b86d90c48f),
-		U64(0xea67663a740db9e4), U64(0xef465f70e0b54771),
-		U64(0x39b008152acb8227), U64(0x7d1e5bf4f55e06ec),
-		U64(0x105bd0cf83b1b521), U64(0x775c2960c033e7db),
-		U64(0x7e014c397236a79f), U64(0x811cc386113255cf),
-		U64(0xeda7450d1a0e72d8), U64(0x5889df3d7a998f3b),
-		U64(0x2e2bfbedc779fc3a), U64(0xce0eef438619a4e9),
-		U64(0x372d4e7bf6cd095f), U64(0x04df34fae96b6a4f),
-		U64(0xf923a13870d4adb6), U64(0xa1aa7e050a4d228d),
-		U64(0xa8f71b5cb84862c9), U64(0xb52e9a306097fde3),
-		U64(0x0d8251a35b6e2a0b), U64(0x2257a7fee1c442eb),
-		U64(0x73831d9a29588d94), U64(0x51d4ba64c89ccf7f),
-		U64(0x502ab7d4b54f5ba5), U64(0x97793dce8153bf08),
-		U64(0xe5042de4d5d8a646), U64(0x9687307efc802bd2),
-		U64(0xa05473b5779eb657), U64(0xb4d097801d446939),
-		U64(0xcff0e2f3fbca3033), U64(0xc38cbee0dd778ee2),
-		U64(0x464f499c252eb162), U64(0xcad1dbb96f72cea6),
-		U64(0xba4dd1eec142e241), U64(0xb00fa37af42f0376)
-	}, { /* 2 */
-		U64(0xcce4cd3aa968b245), U64(0x089d5484e80b7faf),
-		U64(0x638246c1b3548304), U64(0xd2fe0ec8c2355492),
-		U64(0xa7fbdf7ff2374eee), U64(0x4df1600c92337a16),
-		U64(0x84e503ea523b12fb), U64(0x0790bbfd53ab0c4a),
-		U64(0x198a780f38f6ea9d), U64(0x2ab30c8f55ec48cb),
-		U64(0xe0f7fed6b2c49db5), U64(0xb6ecf3f422cadbdc),
-		U64(0x409c9a541358df11), U64(0xd3ce8a56dfde3fe3),
-		U64(0xc3e9224312c8c1a0), U64(0x0d6dfa58816ba507),
-		U64(0xddf3e1b179952777), U64(0x04c02a42748bb1d9),
-		U64(0x94c2abff9f2decb8), U64(0x4f91752da8f8acf4),
-		U64(0x78682befb169bf7b), U64(0xe1c77a48af2ff6c4),
-		U64(0x0c5d7ec69c80ce76), U64(0x4cc1e4928fd81167),
-		U64(0xfeed3d24d9997b62), U64(0x518bb6dfc3a54a23),
-		U64(0x6dbf2d26151f9b90), U64(0xb5bc624b05ea664f),
-		U64(0xe86aaa525acfe21a), U64(0x4801ced0fb53a0be),
-		U64(0xc91463e6c00868ed), U64(0x1027a815cd16fe43),
-		U64(0xf67069a0319204cd), U64(0xb04ccc976c8abce7),
-		U64(0xc0b9b3fc35e87c33), U64(0xf380c77c58f2de65),
-		U64(0x50bb3241de4e2152), U64(0xdf93f490435ef195),
-		U64(0xf1e0d25d62390887), U64(0xaf668bfb1a3c3141),
-		U64(0xbc11b251f00a7291), U64(0x73a5eed47e427d47),
-		U64(0x25bee3f6ee4c3b2e), U64(0x43cc0beb34786282),
-		U64(0xc824e778dde3039c), U64(0xf97d86d98a327728),
-		U64(0xf2b043e24519b514), U64(0xe297ebf7880f4b57),
-		U64(0x3a94a49a98fab688), U64(0x868516cb68f0c419),
-		U64(0xeffa11af0964ee50), U64(0xa4ab4ec0d517f37d),
-		U64(0xa9c6b498547c567a), U64(0x8e18424f80fbbbb6),
-		U64(0x0bcdc53bcf2bc23c), U64(0x137739aaea3643d0),
-		U64(0x2c1333ec1bac2ff0), U64(0x8d48d3f0a7db0625),
-		U64(0x1e1ac3f26b5de6d7), U64(0xf520f81f16b2b95e),
-		U64(0x9f0f6ec450062e84), U64(0x0130849e1deb6b71),
-		U64(0xd45e31ab8c7533a9), U64(0x652279a2fd14e43f),
-		U64(0x3209f01e70f1c927), U64(0xbe71a770cac1a473),
-		U64(0x0e3d6be7a64b1894), U64(0x7ec8148cff29d840),
-		U64(0xcb7476c7fac3be0f), U64(0x72956a4a63a91636),
-		U64(0x37f95ec21991138f), U64(0x9e3fea5a4ded45f5),
-		U64(0x7b38ba50964902e8), U64(0x222e580bbde73764),
-		U64(0x61e253e0899f55e6), U64(0xfc8d2805e352ad80),
-		U64(0x35994be3235ac56d), U64(0x09add01af5e014de),
-		U64(0x5e8659a6780539c6), U64(0xb17c48097161d796),
-		U64(0x026015213acbd6e2), U64(0xd1ae9f77e515e901),
-		U64(0xb7dc776a3f21b0ad), U64(0xaba6a1b96eb78098),
-		U64(0x9bcf4486248d9f5d), U64(0x582666c536455efd),
-		U64(0xfdbdac9bfeb9c6f1), U64(0xc47999be4163cdea),
-		U64(0x765540081722a7ef), U64(0x3e548ed8ec710751),
-		U64(0x3d041f67cb51bac2), U64(0x7958af71ac82d40a),
-		U64(0x36c9da5c047a78fe), U64(0xed9a048e33af38b2),
-		U64(0x26ee7249c96c86bd), U64(0x900281bdeba65d61),
-		U64(0x11172c8bd0fd9532), U64(0xea0abf73600434f8),
-		U64(0x42fc8f75299309f3), U64(0x34a9cf7d3eb1ae1c),
-		U64(0x2b838811480723ba), U64(0x5ce64c8742ceef24),
-		U64(0x1adae9b01fd6570e), U64(0x3c349bf9d6bad1b3),
-		U64(0x82453c891c7b75c0), U64(0x97923a40b80d512b),
-		U64(0x4a61dbf1c198765c), U64(0xb48ce6d518010d3e),
-		U64(0xcfb45c858e480fd6), U64(0xd933cbf30d1e96ae),
-		U64(0xd70ea014ab558e3a), U64(0xc189376228031742),
-		U64(0x9262949cd16d8b83), U64(0xeb3a3bed7def5f89),
-		U64(0x49314a4ee6b8cbcf), U64(0xdcc3652f647e4c06),
-		U64(0xda635a4c2a3e2b3d), U64(0x470c21a940f3d35b),
-		U64(0x315961a157d174b4), U64(0x6672e81dda3459ac),
-		U64(0x5b76f77a1165e36e), U64(0x445cb01667d36ec8),
-		U64(0xc5491d205c88a69b), U64(0x456c34887a3805b9),
-		U64(0xffddb9bac4721013), U64(0x99af51a71e4649bf),
-		U64(0xa15be01cbc7729d5), U64(0x52db2760e485f7b0),
-		U64(0x8c78576eba306d54), U64(0xae560f6507d75a30),
-		U64(0x95f22f6182c687c9), U64(0x71c5fbf54489aba5),
-		U64(0xca44f259e728d57e), U64(0x88b87d2ccebbdc8d),
-		U64(0xbab18d32be4a15aa), U64(0x8be8ec93e99b611e),
-		U64(0x17b713e89ebdf209), U64(0xb31c5d284baa0174),
-		U64(0xeeca9531148f8521), U64(0xb8d198138481c348),
-		U64(0x8988f9b2d350b7fc), U64(0xb9e11c8d996aa839),
-		U64(0x5a4673e40c8e881f), U64(0x1687977683569978),
-		U64(0xbf4123eed72acf02), U64(0x4ea1f1b3b513c785),
-		U64(0xe767452be16f91ff), U64(0x7505d1b730021a7c),
-		U64(0xa59bca5ec8fc980c), U64(0xad069eda20f7e7a3),
-		U64(0x38f4b1bba231606a), U64(0x60d2d77e94743e97),
-		U64(0x9affc0183966f42c), U64(0x248e6768f3a7505f),
-		U64(0xcdd449a4b483d934), U64(0x87b59255751baf68),
-		U64(0x1bea6d2e023d3c7f), U64(0x6b1f12455b5ffcab),
-		U64(0x743555292de9710d), U64(0xd8034f6d10f5fddf),
-		U64(0xc6198c9f7ba81b08), U64(0xbb8109aca3a17edb),
-		U64(0xfa2d1766ad12cabb), U64(0xc729080166437079),
-		U64(0x9c5fff7b77269317), U64(0x0000000000000000),
-		U64(0x15d706c9a47624eb), U64(0x6fdf38072fd44d72),
-		U64(0x5fb6dd3865ee52b7), U64(0xa33bf53d86bcff37),
-		U64(0xe657c1b5fc84fa8e), U64(0xaa962527735cebe9),
-		U64(0x39c43525bfda0b1b), U64(0x204e4d2a872ce186),
-		U64(0x7a083ece8ba26999), U64(0x554b9c9db72efbfa),
-		U64(0xb22cd9b656416a05), U64(0x96a2bedea5e63a5a),
-		U64(0x802529a826b0a322), U64(0x8115ad363b5bc853),
-		U64(0x8375b81701901eb1), U64(0x3069e53f4a3a1fc5),
-		U64(0xbd2136cfede119e0), U64(0x18bafc91251d81ec),
-		U64(0x1d4a524d4c7d5b44), U64(0x05f0aedc6960daa8),
-		U64(0x29e39d3072ccf558), U64(0x70f57f6b5962c0d4),
-		U64(0x989fd53903ad22ce), U64(0xf84d024797d91c59),
-		U64(0x547b1803aac5908b), U64(0xf0d056c37fd263f6),
-		U64(0xd56eb535919e58d8), U64(0x1c7ad6d351963035),
-		U64(0x2e7326cd2167f912), U64(0xac361a443d1c8cd2),
-		U64(0x697f076461942a49), U64(0x4b515f6fdc731d2d),
-		U64(0x8ad8680df4700a6f), U64(0x41ac1eca0eb3b460),
-		U64(0x7d988533d80965d3), U64(0xa8f6300649973d0b),
-		U64(0x7765c4960ac9cc9e), U64(0x7ca801adc5e20ea2),
-		U64(0xdea3700e5eb59ae4), U64(0xa06b6482a19c42a4),
-		U64(0x6a2f96db46b497da), U64(0x27def6d7d487edcc),
-		U64(0x463ca5375d18b82a), U64(0xa6cb5be1efdc259f),
-		U64(0x53eba3fef96e9cc1), U64(0xce84d81b93a364a7),
-		U64(0xf4107c810b59d22f), U64(0x333974806d1aa256),
-		U64(0x0f0def79bba073e5), U64(0x231edc95a00c5c15),
-		U64(0xe437d494c64f2c6c), U64(0x91320523f64d3610),
-		U64(0x67426c83c7df32dd), U64(0x6eefbc99323f2603),
-		U64(0x9d6f7be56acdf866), U64(0x5916e25b2bae358c),
-		U64(0x7ff89012e2c2b331), U64(0x035091bf2720bd93),
-		U64(0x561b0d22900e4669), U64(0x28d319ae6f279e29),
-		U64(0x2f43a2533c8c9263), U64(0xd09e1be9f8fe8270),
-		U64(0xf740ed3e2c796fbc), U64(0xdb53ded237d5404c),
-		U64(0x62b2c25faebfe875), U64(0x0afd41a5d2c0a94d),
-		U64(0x6412fd3ce0ff8f4e), U64(0xe3a76f6995e42026),
-		U64(0x6c8fa9b808f4f0e1), U64(0xc2d9a6dd0f23aad1),
-		U64(0x8f28c6d19d10d0c7), U64(0x85d587744fd0798a),
-		U64(0xa20b71a39b579446), U64(0x684f83fa7c7f4138),
-		U64(0xe507500adba4471d), U64(0x3f640a46f19a6c20),
-		U64(0x1247bd34f7dd28a1), U64(0x2d23b77206474481),
-		U64(0x93521002cc86e0f2), U64(0x572b89bc8de52d18),
-		U64(0xfb1d93f8b0f9a1ca), U64(0xe95a2ecc4724896b),
-		U64(0x3ba420048511ddf9), U64(0xd63e248ab6bee54b),
-		U64(0x5dd6c8195f258455), U64(0x06a03f634e40673b),
-		U64(0x1f2a476c76b68da6), U64(0x217ec9b49ac78af7),
-		U64(0xecaa80102e4453c3), U64(0x14e78257b99d4f9a)
-	}, { /* 3 */
-		U64(0x20329b2cc87bba05), U64(0x4f5eb6f86546a531),
-		U64(0xd4f44775f751b6b1), U64(0x8266a47b850dfa8b),
-		U64(0xbb986aa15a6ca985), U64(0xc979eb08f9ae0f99),
-		U64(0x2da6f447a2375ea1), U64(0x1e74275dcd7d8576),
-		U64(0xbc20180a800bc5f8), U64(0xb4a2f701b2dc65be),
-		U64(0xe726946f981b6d66), U64(0x48e6c453bf21c94c),
-		U64(0x42cad9930f0a4195), U64(0xefa47b64aacccd20),
-		U64(0x71180a8960409a42), U64(0x8bb3329bf6a44e0c),
-		U64(0xd34c35de2d36dacc), U64(0xa92f5b7cbc23dc96),
-		U64(0xb31a85aa68bb09c3), U64(0x13e04836a73161d2),
-		U64(0xb24dfc4129c51d02), U64(0x8ae44b70b7da5acd),
-		U64(0xe671ed84d96579a7), U64(0xa4bb3417d66f3832),
-		U64(0x4572ab38d56d2de8), U64(0xb1b47761ea47215c),
-		U64(0xe81c09cf70aba15d), U64(0xffbdb872ce7f90ac),
-		U64(0xa8782297fd5dc857), U64(0x0d946f6b6a4ce4a4),
-		U64(0xe4df1f4f5b995138), U64(0x9ebc71edca8c5762),
-		U64(0x0a2c1dc0b02b88d9), U64(0x3b503c115d9d7b91),
-		U64(0xc64376a8111ec3a2), U64(0xcec199a323c963e4),
-		U64(0xdc76a87ec58616f7), U64(0x09d596e073a9b487),
-		U64(0x14583a9d7d560daf), U64(0xf4c6dc593f2a0cb4),
-		U64(0xdd21d19584f80236), U64(0x4a4836983ddde1d3),
-		U64(0xe58866a41ae745f9), U64(0xf591a5b27e541875),
-		U64(0x891dc05074586693), U64(0x5b068c651810a89e),
-		U64(0xa30346bc0c08544f), U64(0x3dbf3751c684032d),
-		U64(0x2a1e86ec785032dc), U64(0xf73f5779fca830ea),
-		U64(0xb60c05ca30204d21), U64(0x0cc316802b32f065),
-		U64(0x8770241bdd96be69), U64(0xb861e18199ee95db),
-		U64(0xf805cad91418fcd1), U64(0x29e70dccbbd20e82),
-		U64(0xc7140f435060d763), U64(0x0f3a9da0e8b0cc3b),
-		U64(0xa2543f574d76408e), U64(0xbd7761e1c175d139),
-		U64(0x4b1f4f737ca3f512), U64(0x6dc2df1f2fc137ab),
-		U64(0xf1d05c3967b14856), U64(0xa742bf3715ed046c),
-		U64(0x654030141d1697ed), U64(0x07b872abda676c7d),
-		U64(0x3ce84eba87fa17ec), U64(0xc1fb0403cb79afdf),
-		U64(0x3e46bc7105063f73), U64(0x278ae987121cd678),
-		U64(0xa1adb4778ef47cd0), U64(0x26dd906c5362c2b9),
-		U64(0x05168060589b44e2), U64(0xfbfc41f9d79ac08f),
-		U64(0x0e6de44ba9ced8fa), U64(0x9feb08068bf243a3),
-		U64(0x7b341749d06b129b), U64(0x229c69e74a87929a),
-		U64(0xe09ee6c4427c011b), U64(0x5692e30e725c4c3a),
-		U64(0xda99a33e5e9f6e4b), U64(0x353dd85af453a36b),
-		U64(0x25241b4c90e0fee7), U64(0x5de987258309d022),
-		U64(0xe230140fc0802984), U64(0x93281e86a0c0b3c6),
-		U64(0xf229d719a4337408), U64(0x6f6c2dd4ad3d1f34),
-		U64(0x8ea5b2fbae3f0aee), U64(0x8331dd90c473ee4a),
-		U64(0x346aa1b1b52db7aa), U64(0xdf8f235e06042aa9),
-		U64(0xcc6f6b68a1354b7b), U64(0x6c95a6f46ebf236a),
-		U64(0x52d31a856bb91c19), U64(0x1a35ded6d498d555),
-		U64(0xf37eaef2e54d60c9), U64(0x72e181a9a3c2a61c),
-		U64(0x98537aad51952fde), U64(0x16f6c856ffaa2530),
-		U64(0xd960281e9d1d5215), U64(0x3a0745fa1ce36f50),
-		U64(0x0b7b642bf1559c18), U64(0x59a87eae9aec8001),
-		U64(0x5e100c05408bec7c), U64(0x0441f98b19e55023),
-		U64(0xd70dcc5534d38aef), U64(0x927f676de1bea707),
-		U64(0x9769e70db925e3e5), U64(0x7a636ea29115065a),
-		U64(0x468b201816ef11b6), U64(0xab81a9b73edff409),
-		U64(0xc0ac7de88a07bb1e), U64(0x1f235eb68c0391b7),
-		U64(0x6056b074458dd30f), U64(0xbe8eeac102f7ed67),
-		U64(0xcd381283e04b5fba), U64(0x5cbefecec277c4e3),
-		U64(0xd21b4c356c48ce0d), U64(0x1019c31664b35d8c),
-		U64(0x247362a7d19eea26), U64(0xebe582efb3299d03),
-		U64(0x02aef2cb82fc289f), U64(0x86275df09ce8aaa8),
-		U64(0x28b07427faac1a43), U64(0x38a9b7319e1f47cf),
-		U64(0xc82e92e3b8d01b58), U64(0x06ef0b409b1978bc),
-		U64(0x62f842bfc771fb90), U64(0x9904034610eb3b1f),
-		U64(0xded85ab5477a3e68), U64(0x90d195a663428f98),
-		U64(0x5384636e2ac708d8), U64(0xcbd719c37b522706),
-		U64(0xae9729d76644b0eb), U64(0x7c8c65e20a0c7ee6),
-		U64(0x80c856b007f1d214), U64(0x8c0b40302cc32271),
-		U64(0xdbcedad51fe17a8a), U64(0x740e8ae938dbdea0),
-		U64(0xa615c6dc549310ad), U64(0x19cc55f6171ae90b),
-		U64(0x49b1bdb8fe5fdd8d), U64(0xed0a89af2830e5bf),
-		U64(0x6a7aadb4f5a65bd6), U64(0x7e22972988f05679),
-		U64(0xf952b3325566e810), U64(0x39fecedadf61530e),
-		U64(0x6101c99f04f3c7ce), U64(0x2e5f7f6761b562ff),
-		U64(0xf08725d226cf5c97), U64(0x63af3b54860fef51),
-		U64(0x8ff2cb10ef411e2f), U64(0x884ab9bb35267252),
-		U64(0x4df04433e7ba8dae), U64(0x9afd8866d3690741),
-		U64(0x66b9bb34de94abb3), U64(0x9baaf18d92171380),
-		U64(0x543c11c5f0a064a5), U64(0x17a1b1bdbed431f1),
-		U64(0xb5f58eeaf3a2717f), U64(0xc355f6c849858740),
-		U64(0xec5df044694ef17e), U64(0xd83751f5dc6346d4),
-		U64(0xfc4433520dfdacf2), U64(0x0000000000000000),
-		U64(0x5a51f58e596ebc5f), U64(0x3285aaf12e34cf16),
-		U64(0x8d5c39db6dbd36b0), U64(0x12b731dde64f7513),
-		U64(0x94906c2d7aa7dfbb), U64(0x302b583aacc8e789),
-		U64(0x9d45facd090e6b3c), U64(0x2165e2c78905aec4),
-		U64(0x68d45f7f775a7349), U64(0x189b2c1d5664fdca),
-		U64(0xe1c99f2f030215da), U64(0x6983269436246788),
-		U64(0x8489af3b1e148237), U64(0xe94b702431d5b59c),
-		U64(0x33d2d31a6f4adbd7), U64(0xbfd9932a4389f9a6),
-		U64(0xb0e30e8aab39359d), U64(0xd1e2c715afcaf253),
-		U64(0x150f43763c28196e), U64(0xc4ed846393e2eb3d),
-		U64(0x03f98b20c3823c5e), U64(0xfd134ab94c83b833),
-		U64(0x556b682eb1de7064), U64(0x36c4537a37d19f35),
-		U64(0x7559f30279a5ca61), U64(0x799ae58252973a04),
-		U64(0x9c12832648707ffd), U64(0x78cd9c6913e92ec5),
-		U64(0x1d8dac7d0effb928), U64(0x439da0784e745554),
-		U64(0x413352b3cc887dcb), U64(0xbacf134a1b12bd44),
-		U64(0x114ebafd25cd494d), U64(0x2f08068c20cb763e),
-		U64(0x76a07822ba27f63f), U64(0xeab2fb04f25789c2),
-		U64(0xe3676de481fe3d45), U64(0x1b62a73d95e6c194),
-		U64(0x641749ff5c68832c), U64(0xa5ec4dfc97112cf3),
-		U64(0xf6682e92bdd6242b), U64(0x3f11c59a44782bb2),
-		U64(0x317c21d1edb6f348), U64(0xd65ab5be75ad9e2e),
-		U64(0x6b2dd45fb4d84f17), U64(0xfaab381296e4d44e),
-		U64(0xd0b5befeeeb4e692), U64(0x0882ef0b32d7a046),
-		U64(0x512a91a5a83b2047), U64(0x963e9ee6f85bf724),
-		U64(0x4e09cf132438b1f0), U64(0x77f701c9fb59e2fe),
-		U64(0x7ddb1c094b726a27), U64(0x5f4775ee01f5f8bd),
-		U64(0x9186ec4d223c9b59), U64(0xfeeac1998f01846d),
-		U64(0xac39db1ce4b89874), U64(0xb75b7c21715e59e0),
-		U64(0xafc0503c273aa42a), U64(0x6e3b543fec430bf5),
-		U64(0x704f7362213e8e83), U64(0x58ff0745db9294c0),
-		U64(0x67eec2df9feabf72), U64(0xa0facd9ccf8a6811),
-		U64(0xb936986ad890811a), U64(0x95c715c63bd9cb7a),
-		U64(0xca8060283a2c33c7), U64(0x507de84ee9453486),
-		U64(0x85ded6d05f6a96f6), U64(0x1cdad5964f81ade9),
-		U64(0xd5a33e9eb62fa270), U64(0x40642b588df6690a),
-		U64(0x7f75eec2c98e42b8), U64(0x2cf18dace3494a60),
-		U64(0x23cb100c0bf9865b), U64(0xeef3028febb2d9e1),
-		U64(0x4425d2d394133929), U64(0xaad6d05c7fa1e0c8),
-		U64(0xad6ea2f7a5c68cb5), U64(0xc2028f2308fb9381),
-		U64(0x819f2f5b468fc6d5), U64(0xc5bafd88d29cfffc),
-		U64(0x47dc59f357910577), U64(0x2b49ff07392e261d),
-		U64(0x57c59ae5332258fb), U64(0x73b6f842e2bcb2dd),
-		U64(0xcf96e04862b77725), U64(0x4ca73dd8a6c4996f),
-		U64(0x015779eb417e14c1), U64(0x37932a9176af8bf4)
-	}, { /* 4 */
-		U64(0x190a2c9b249df23e), U64(0x2f62f8b62263e1e9),
-		U64(0x7a7f754740993655), U64(0x330b7ba4d5564d9f),
-		U64(0x4c17a16a46672582), U64(0xb22f08eb7d05f5b8),
-		U64(0x535f47f40bc148cc), U64(0x3aec5d27d4883037),
-		U64(0x10ed0a1825438f96), U64(0x516101f72c233d17),
-		U64(0x13cc6f949fd04eae), U64(0x739853c441474bfd),
-		U64(0x653793d90d3f5b1b), U64(0x5240647b96b0fc2f),
-		U64(0x0c84890ad27623e0), U64(0xd7189b32703aaea3),
-		U64(0x2685de3523bd9c41), U64(0x99317c5b11bffefa),
-		U64(0x0d9baa854f079703), U64(0x70b93648fbd48ac5),
-		U64(0xa80441fce30bc6be), U64(0x7287704bdc36ff1e),
-		U64(0xb65384ed33dc1f13), U64(0xd36417343ee34408),
-		U64(0x39cd38ab6e1bf10f), U64(0x5ab861770a1f3564),
-		U64(0x0ebacf09f594563b), U64(0xd04572b884708530),
-		U64(0x3cae9722bdb3af47), U64(0x4a556b6f2f5cbaf2),
-		U64(0xe1704f1f76c4bd74), U64(0x5ec4ed7144c6dfcf),
-		U64(0x16afc01d4c7810e6), U64(0x283f113cd629ca7a),
-		U64(0xaf59a8761741ed2d), U64(0xeed5a3991e215fac),
-		U64(0x3bf37ea849f984d4), U64(0xe413e096a56ce33c),
-		U64(0x2c439d3a98f020d1), U64(0x637559dc6404c46b),
-		U64(0x9e6c95d1e5f5d569), U64(0x24bb9836045fe99a),
-		U64(0x44efa466dac8ecc9), U64(0xc6eab2a5c80895d6),
-		U64(0x803b50c035220cc4), U64(0x0321658cba93c138),
-		U64(0x8f9ebc465dc7ee1c), U64(0xd15a5137190131d3),
-		U64(0x0fa5ec8668e5e2d8), U64(0x91c979578d1037b1),
-		U64(0x0642ca05693b9f70), U64(0xefca80168350eb4f),
-		U64(0x38d21b24f36a45ec), U64(0xbeab81e1af73d658),
-		U64(0x8cbfd9cae7542f24), U64(0xfd19cc0d81f11102),
-		U64(0x0ac6430fbb4dbc90), U64(0x1d76a09d6a441895),
-		U64(0x2a01573ff1cbbfa1), U64(0xb572e161894fde2b),
-		U64(0x8124734fa853b827), U64(0x614b1fdf43e6b1b0),
-		U64(0x68ac395c4238cc18), U64(0x21d837bfd7f7b7d2),
-		U64(0x20c714304a860331), U64(0x5cfaab726324aa14),
-		U64(0x74c5ba4eb50d606e), U64(0xf3a3030474654739),
-		U64(0x23e671bcf015c209), U64(0x45f087e947b9582a),
-		U64(0xd8bd77b418df4c7b), U64(0xe06f6c90ebb50997),
-		U64(0x0bd96080263c0873), U64(0x7e03f9410e40dcfe),
-		U64(0xb8e94be4c6484928), U64(0xfb5b0608e8ca8e72),
-		U64(0x1a2b49179e0e3306), U64(0x4e29e76961855059),
-		U64(0x4f36c4e6fcf4e4ba), U64(0x49740ee395cf7bca),
-		U64(0xc2963ea386d17f7d), U64(0x90d65ad810618352),
-		U64(0x12d34c1b02a1fa4d), U64(0xfa44258775bb3a91),
-		U64(0x18150f14b9ec46dd), U64(0x1491861e6b9a653d),
-		U64(0x9a1019d7ab2c3fc2), U64(0x3668d42d06fe13d7),
-		U64(0xdcc1fbb25606a6d0), U64(0x969490dd795a1c22),
-		U64(0x3549b1a1bc6dd2ef), U64(0xc94f5e23a0ed770e),
-		U64(0xb9f6686b5b39fdcb), U64(0xc4d4f4a6efeae00d),
-		U64(0xe732851a1fff2204), U64(0x94aad6de5eb869f9),
-		U64(0x3f8ff2ae07206e7f), U64(0xfe38a9813b62d03a),
-		U64(0xa7a1ad7a8bee2466), U64(0x7b6056c8dde882b6),
-		U64(0x302a1e286fc58ca7), U64(0x8da0fa457a259bc7),
-		U64(0xb3302b64e074415b), U64(0x5402ae7eff8b635f),
-		U64(0x08f8050c9cafc94b), U64(0xae468bf98a3059ce),
-		U64(0x88c355cca98dc58f), U64(0xb10e6d67c7963480),
-		U64(0xbad70de7e1aa3cf3), U64(0xbfb4a26e320262bb),
-		U64(0xcb711820870f02d5), U64(0xce12b7a954a75c9d),
-		U64(0x563ce87dd8691684), U64(0x9f73b65e7884618a),
-		U64(0x2b1e74b06cba0b42), U64(0x47cec1ea605b2df1),
-		U64(0x1c698312f735ac76), U64(0x5fdbcefed9b76b2c),
-		U64(0x831a354c8fb1cdfc), U64(0x820516c312c0791f),
-		U64(0xb74ca762aeadabf0), U64(0xfc06ef821c80a5e1),
-		U64(0x5723cbf24518a267), U64(0x9d4df05d5f661451),
-		U64(0x588627742dfd40bf), U64(0xda8331b73f3d39a0),
-		U64(0x17b0e392d109a405), U64(0xf965400bcf28fba9),
-		U64(0x7c3dbf4229a2a925), U64(0x023e460327e275db),
-		U64(0x6cd0b55a0ce126b3), U64(0xe62da695828e96e7),
-		U64(0x42ad6e63b3f373b9), U64(0xe50cc319381d57df),
-		U64(0xc5cbd729729b54ee), U64(0x46d1e265fd2a9912),
-		U64(0x6428b056904eeff8), U64(0x8be23040131e04b7),
-		U64(0x6709d5da2add2ec0), U64(0x075de98af44a2b93),
-		U64(0x8447dcc67bfbe66f), U64(0x6616f655b7ac9a23),
-		U64(0xd607b8bded4b1a40), U64(0x0563af89d3a85e48),
-		U64(0x3db1b4ad20c21ba4), U64(0x11f22997b8323b75),
-		U64(0x292032b34b587e99), U64(0x7f1cdace9331681d),
-		U64(0x8e819fc9c0b65aff), U64(0xa1e3677fe2d5bb16),
-		U64(0xcd33d225ee349da5), U64(0xd9a2543b85aef898),
-		U64(0x795e10cbfa0af76d), U64(0x25a4bbb9992e5d79),
-		U64(0x78413344677b438e), U64(0xf0826688cef68601),
-		U64(0xd27b34bba392f0eb), U64(0x551d8df162fad7bc),
-		U64(0x1e57c511d0d7d9ad), U64(0xdeffbdb171e4d30b),
-		U64(0xf4feea8e802f6caa), U64(0xa480c8f6317de55e),
-		U64(0xa0fc44f07fa40ff5), U64(0x95b5f551c3c9dd1a),
-		U64(0x22f952336d6476ea), U64(0x0000000000000000),
-		U64(0xa6be8ef5169f9085), U64(0xcc2cf1aa73452946),
-		U64(0x2e7ddb39bf12550a), U64(0xd526dd3157d8db78),
-		U64(0x486b2d6c08becf29), U64(0x9b0f3a58365d8b21),
-		U64(0xac78cdfaadd22c15), U64(0xbc95c7e28891a383),
-		U64(0x6a927f5f65dab9c3), U64(0xc3891d2c1ba0cb9e),
-		U64(0xeaa92f9f50f8b507), U64(0xcf0d9426c9d6e87e),
-		U64(0xca6e3baf1a7eb636), U64(0xab25247059980786),
-		U64(0x69b31ad3df4978fb), U64(0xe2512a93cc577c4c),
-		U64(0xff278a0ea61364d9), U64(0x71a615c766a53e26),
-		U64(0x89dc764334fc716c), U64(0xf87a638452594f4a),
-		U64(0xf2bc208be914f3da), U64(0x8766b94ac1682757),
-		U64(0xbbc82e687cdb8810), U64(0x626a7a53f9757088),
-		U64(0xa2c202f358467a2e), U64(0x4d0882e5db169161),
-		U64(0x09e7268301de7da8), U64(0xe897699c771ac0dc),
-		U64(0xc8507dac3d9cc3ed), U64(0xc0a878a0a1330aa6),
-		U64(0x978bb352e42ba8c1), U64(0xe9884a13ea6b743f),
-		U64(0x279afdbabecc28a2), U64(0x047c8c064ed9eaab),
-		U64(0x507e2278b15289f4), U64(0x599904fbb08cf45c),
-		U64(0xbd8ae46d15e01760), U64(0x31353da7f2b43844),
-		U64(0x8558ff49e68a528c), U64(0x76fbfc4d92ef15b5),
-		U64(0x3456922e211c660c), U64(0x86799ac55c1993b4),
-		U64(0x3e90d1219a51da9c), U64(0x2d5cbeb505819432),
-		U64(0x982e5fd48cce4a19), U64(0xdb9c1238a24c8d43),
-		U64(0xd439febecaa96f9b), U64(0x418c0bef0960b281),
-		U64(0x158ea591f6ebd1de), U64(0x1f48e69e4da66d4e),
-		U64(0x8afd13cf8e6fb054), U64(0xf5e1c9011d5ed849),
-		U64(0xe34e091c5126c8af), U64(0xad67ee7530a398f6),
-		U64(0x43b24dec2e82c75a), U64(0x75da99c1287cd48d),
-		U64(0x92e81cdb3783f689), U64(0xa3dd217cc537cecd),
-		U64(0x60543c50de970553), U64(0x93f73f54aaf2426a),
-		U64(0xa91b62737e7a725d), U64(0xf19d4507538732e2),
-		U64(0x77e4dfc20f9ea156), U64(0x7d229ccdb4d31dc6),
-		U64(0x1b346a98037f87e5), U64(0xedf4c615a4b29e94),
-		U64(0x4093286094110662), U64(0xb0114ee85ae78063),
-		U64(0x6ff1d0d6b672e78b), U64(0x6dcf96d591909250),
-		U64(0xdfe09e3eec9567e8), U64(0x3214582b4827f97c),
-		U64(0xb46dc2ee143e6ac8), U64(0xf6c0ac8da7cd1971),
-		U64(0xebb60c10cd8901e4), U64(0xf7df8f023abcad92),
-		U64(0x9c52d3d2c217a0b2), U64(0x6b8d5cd0f8ab0d20),
-		U64(0x3777f7a29b8fa734), U64(0x011f238f9d71b4e3),
-		U64(0xc1b75b2f3c42be45), U64(0x5de588fdfe551ef7),
-		U64(0x6eeef3592b035368), U64(0xaa3a07ffc4e9b365),
-		U64(0xecebe59a39c32a77), U64(0x5ba742f8976e8187),
-		U64(0x4b4a48e0b22d0e11), U64(0xddded83dcb771233),
-		U64(0xa59feb79ac0c51bd), U64(0xc7f5912a55792135)
-	}, { /* 5 */
-		U64(0x6d6ae04668a9b08a), U64(0x3ab3f04b0be8c743),
-		U64(0xe51e166b54b3c908), U64(0xbe90a9eb35c2f139),
-		U64(0xb2c7066637f2bec1), U64(0xaa6945613392202c),
-		U64(0x9a28c36f3b5201eb), U64(0xddce5a93ab536994),
-		U64(0x0e34133ef6382827), U64(0x52a02ba1ec55048b),
-		U64(0xa2f88f97c4b2a177), U64(0x8640e513ca2251a5),
-		U64(0xcdf1d36258137622), U64(0xfe6cb708dedf8ddb),
-		U64(0x8a174a9ec8121e5d), U64(0x679896036b81560e),
-		U64(0x59ed033395795fee), U64(0x1dd778ab8b74edaf),
-		U64(0xee533ef92d9f926d), U64(0x2a8c79baf8a8d8f5),
-		U64(0x6bcf398e69b119f6), U64(0xe20491742fafdd95),
-		U64(0x276488e0809c2aec), U64(0xea955b82d88f5cce),
-		U64(0x7102c63a99d9e0c4), U64(0xf9763017a5c39946),
-		U64(0x429fa2501f151b3d), U64(0x4659c72bea05d59e),
-		U64(0x984b7fdccf5a6634), U64(0xf742232953fbb161),
-		U64(0x3041860e08c021c7), U64(0x747bfd9616cd9386),
-		U64(0x4bb1367192312787), U64(0x1b72a1638a6c44d3),
-		U64(0x4a0e68a6e8359a66), U64(0x169a5039f258b6ca),
-		U64(0xb98a2ef44edee5a4), U64(0xd9083fe85e43a737),
-		U64(0x967f6ce239624e13), U64(0x8874f62d3c1a7982),
-		U64(0x3c1629830af06e3f), U64(0x9165ebfd427e5a8e),
-		U64(0xb5dd81794ceeaa5c), U64(0x0de8f15a7834f219),
-		U64(0x70bd98ede3dd5d25), U64(0xaccc9ca9328a8950),
-		U64(0x56664eda1945ca28), U64(0x221db34c0f8859ae),
-		U64(0x26dbd637fa98970d), U64(0x1acdffb4f068f932),
-		U64(0x4585254f64090fa0), U64(0x72de245e17d53afa),
-		U64(0x1546b25d7c546cf4), U64(0x207e0ffffb803e71),
-		U64(0xfaaad2732bcf4378), U64(0xb462dfae36ea17bd),
-		U64(0xcf926fd1ac1b11fd), U64(0xe0672dc7dba7ba4a),
-		U64(0xd3fa49ad5d6b41b3), U64(0x8ba81449b216a3bc),
-		U64(0x14f9ec8a0650d115), U64(0x40fc1ee3eb1d7ce2),
-		U64(0x23a2ed9b758ce44f), U64(0x782c521b14fddc7e),
-		U64(0x1c68267cf170504e), U64(0xbcf31558c1ca96e6),
-		U64(0xa781b43b4ba6d235), U64(0xf6fd7dfe29ff0c80),
-		U64(0xb0a4bad5c3fad91e), U64(0xd199f51ea963266c),
-		U64(0x414340349119c103), U64(0x5405f269ed4dadf7),
-		U64(0xabd61bb649969dcd), U64(0x6813dbeae7bdc3c8),
-		U64(0x65fb2ab09f8931d1), U64(0xf1e7fae152e3181d),
-		U64(0xc1a67cef5a2339da), U64(0x7a4feea8e0f5bba1),
-		U64(0x1e0b9acf05783791), U64(0x5b8ebf8061713831),
-		U64(0x80e53cdbcb3af8d9), U64(0x7e898bd315e57502),
-		U64(0xc6bcfbf0213f2d47), U64(0x95a38e86b76e942d),
-		U64(0x092e94218d243cba), U64(0x8339debf453622e7),
-		U64(0xb11be402b9fe64ff), U64(0x57d9100d634177c9),
-		U64(0xcc4e8db52217cbc3), U64(0x3b0cae9c71ec7aa2),
-		U64(0xfb158ca451cbfe99), U64(0x2b33276d82ac6514),
-		U64(0x01bf5ed77a04bde1), U64(0xc5601994af33f779),
-		U64(0x75c4a3416cc92e67), U64(0xf3844652a6eb7fc2),
-		U64(0x3487e375fdd0ef64), U64(0x18ae430704609eed),
-		U64(0x4d14efb993298efb), U64(0x815a620cb13e4538),
-		U64(0x125c354207487869), U64(0x9eeea614ce42cf48),
-		U64(0xce2d3106d61fac1c), U64(0xbbe99247bad6827b),
-		U64(0x071a871f7b1c149d), U64(0x2e4a1cc10db81656),
-		U64(0x77a71ff298c149b8), U64(0x06a5d9c80118a97c),
-		U64(0xad73c27e488e34b1), U64(0x443a7b981e0db241),
-		U64(0xe3bbcfa355ab6074), U64(0x0af276450328e684),
-		U64(0x73617a896dd1871b), U64(0x58525de4ef7de20f),
-		U64(0xb7be3dcab8e6cd83), U64(0x19111dd07e64230c),
-		U64(0x842359a03e2a367a), U64(0x103f89f1f3401fb6),
-		U64(0xdc710444d157d475), U64(0xb835702334da5845),
-		U64(0x4320fc876511a6dc), U64(0xd026abc9d3679b8d),
-		U64(0x17250eee885c0b2b), U64(0x90dab52a387ae76f),
-		U64(0x31fed8d972c49c26), U64(0x89cba8fa461ec463),
-		U64(0x2ff5421677bcabb7), U64(0x396f122f85e41d7d),
-		U64(0xa09b332430bac6a8), U64(0xc888e8ced7070560),
-		U64(0xaeaf201ac682ee8f), U64(0x1180d7268944a257),
-		U64(0xf058a43628e7a5fc), U64(0xbd4c4b8fbbce2b07),
-		U64(0xa1246df34abe7b49), U64(0x7d5569b79be9af3c),
-		U64(0xa9b5a705bd9efa12), U64(0xdb6b835baa4bc0e8),
-		U64(0x05793bac8f147342), U64(0x21c1512881848390),
-		U64(0xfdb0556c50d357e5), U64(0x613d4fcb6a99ff72),
-		U64(0x03dce2648e0cda3e), U64(0xe949b9e6568386f0),
-		U64(0xfc0f0bbb2ad7ea04), U64(0x6a70675913b5a417),
-		U64(0x7f36d5046fe1c8e3), U64(0x0c57af8d02304ff8),
-		U64(0x32223abdfcc84618), U64(0x0891caf6f720815b),
-		U64(0xa63eeaec31a26fd4), U64(0x2507345374944d33),
-		U64(0x49d28ac266394058), U64(0xf5219f9aa7f3d6be),
-		U64(0x2d96fea583b4cc68), U64(0x5a31e1571b7585d0),
-		U64(0x8ed12fe53d02d0fe), U64(0xdfade6205f5b0e4b),
-		U64(0x4cabb16ee92d331a), U64(0x04c6657bf510cea3),
-		U64(0xd73c2cd6a87b8f10), U64(0xe1d87310a1a307ab),
-		U64(0x6cd5be9112ad0d6b), U64(0x97c032354366f3f2),
-		U64(0xd4e0ceb22677552e), U64(0x0000000000000000),
-		U64(0x29509bde76a402cb), U64(0xc27a9e8bd42fe3e4),
-		U64(0x5ef7842cee654b73), U64(0xaf107ecdbc86536e),
-		U64(0x3fcacbe784fcb401), U64(0xd55f90655c73e8cf),
-		U64(0xe6c2f40fdabf1336), U64(0xe8f6e7312c873b11),
-		U64(0xeb2a0555a28be12f), U64(0xe4a148bc2eb774e9),
-		U64(0x9b979db84156bc0a), U64(0x6eb60222e6a56ab4),
-		U64(0x87ffbbc4b026ec44), U64(0xc703a5275b3b90a6),
-		U64(0x47e699fc9001687f), U64(0x9c8d1aa73a4aa897),
-		U64(0x7cea3760e1ed12dd), U64(0x4ec80ddd1d2554c5),
-		U64(0x13e36b957d4cc588), U64(0x5d2b66486069914d),
-		U64(0x92b90999cc7280b0), U64(0x517cc9c56259deb5),
-		U64(0xc937b619ad03b881), U64(0xec30824ad997f5b2),
-		U64(0xa45d565fc5aa080b), U64(0xd6837201d27f32f1),
-		U64(0x635ef3789e9198ad), U64(0x531f75769651b96a),
-		U64(0x4f77530a6721e924), U64(0x486dd4151c3dfdb9),
-		U64(0x5f48dafb9461f692), U64(0x375b011173dc355a),
-		U64(0x3da9775470f4d3de), U64(0x8d0dcd81b30e0ac0),
-		U64(0x36e45fc609d888bb), U64(0x55baacbe97491016),
-		U64(0x8cb29356c90ab721), U64(0x76184125e2c5f459),
-		U64(0x99f4210bb55edbd5), U64(0x6f095cf59ca1d755),
-		U64(0x9f51f8c3b44672a9), U64(0x3538bda287d45285),
-		U64(0x50c39712185d6354), U64(0xf23b1885dcefc223),
-		U64(0x79930ccc6ef9619f), U64(0xed8fdc9da3934853),
-		U64(0xcb540aaa590bdf5e), U64(0x5c94389f1a6d2cac),
-		U64(0xe77daad8a0bbaed7), U64(0x28efc5090ca0bf2a),
-		U64(0xbf2ff73c4fc64cd8), U64(0xb37858b14df60320),
-		U64(0xf8c96ec0dfc724a7), U64(0x828680683f329f06),
-		U64(0x941cd051cd6a29cc), U64(0xc3c5c05cae2b5e05),
-		U64(0xb601631dc2e27062), U64(0xc01922382027843b),
-		U64(0x24b86a840e90f0d2), U64(0xd245177a276ffc52),
-		U64(0x0f8b4de98c3c95c6), U64(0x3e759530fef809e0),
-		U64(0x0b4d2892792c5b65), U64(0xc4df4743d5374a98),
-		U64(0xa5e20888bfaeb5ea), U64(0xba56cc90c0d23f9a),
-		U64(0x38d04cf8ffe0a09c), U64(0x62e1adafe495254c),
-		U64(0x0263bcb3f40867df), U64(0xcaeb547d230f62bf),
-		U64(0x6082111c109d4293), U64(0xdad4dd8cd04f7d09),
-		U64(0xefec602e579b2f8c), U64(0x1fb4c4187f7c8a70),
-		U64(0xffd3e9dfa4db303a), U64(0x7bf0b07f9af10640),
-		U64(0xf49ec14dddf76b5f), U64(0x8f6e713247066d1f),
-		U64(0x339d646a86ccfbf9), U64(0x64447467e58d8c30),
-		U64(0x2c29a072f9b07189), U64(0xd8b7613f24471ad6),
-		U64(0x6627c8d41185ebef), U64(0xa347d140beb61c96),
-		U64(0xde12b8f7255fb3aa), U64(0x9d324470404e1576),
-		U64(0x9306574eb6763d51), U64(0xa80af9d2c79a47f3),
-		U64(0x859c0777442e8b9b), U64(0x69ac853d9db97e29)
-	}, { /* 6 */
-		U64(0xc3407dfc2de6377e), U64(0x5b9e93eea4256f77),
-		U64(0xadb58fdd50c845e0), U64(0x5219ff11a75bed86),
-		U64(0x356b61cfd90b1de9), U64(0xfb8f406e25abe037),
-		U64(0x7a5a0231c0f60796), U64(0x9d3cd216e1f5020b),
-		U64(0x0c6550fb6b48d8f3), U64(0xf57508c427ff1c62),
-		U64(0x4ad35ffa71cb407d), U64(0x6290a2da1666aa6d),
-		U64(0xe284ec2349355f9f), U64(0xb3c307c53d7c84ec),
-		U64(0x05e23c0468365a02), U64(0x190bac4d6c9ebfa8),
-		U64(0x94bbbee9e28b80fa), U64(0xa34fc777529cb9b5),
-		U64(0xcc7b39f095bcd978), U64(0x2426addb0ce532e3),
-		U64(0x7e79329312ce4fc7), U64(0xab09a72eebec2917),
-		U64(0xf8d15499f6b9d6c2), U64(0x1a55b8babf8c895d),
-		U64(0xdb8add17fb769a85), U64(0xb57f2f368658e81b),
-		U64(0x8acd36f18f3f41f6), U64(0x5ce3b7bba50f11d3),
-		U64(0x114dcc14d5ee2f0a), U64(0xb91a7fcded1030e8),
-		U64(0x81d5425fe55de7a1), U64(0xb6213bc1554adeee),
-		U64(0x80144ef95f53f5f2), U64(0x1e7688186db4c10c),
-		U64(0x3b912965db5fe1bc), U64(0xc281715a97e8252d),
-		U64(0x54a5d7e21c7f8171), U64(0x4b12535ccbc5522e),
-		U64(0x1d289cefbea6f7f9), U64(0x6ef5f2217d2e729e),
-		U64(0xe6a7dc819b0d17ce), U64(0x1b94b41c05829b0e),
-		U64(0x33d7493c622f711e), U64(0xdcf7f942fa5ce421),
-		U64(0x600fba8b7f7a8ecb), U64(0x46b60f011a83988e),
-		U64(0x235b898e0dcf4c47), U64(0x957ab24f588592a9),
-		U64(0x4354330572b5c28c), U64(0xa5f3ef84e9b8d542),
-		U64(0x8c711e02341b2d01), U64(0x0b1874ae6a62a657),
-		U64(0x1213d8e306fc19ff), U64(0xfe6d7c6a4d9dba35),
-		U64(0x65ed868f174cd4c9), U64(0x88522ea0e6236550),
-		U64(0x899322065c2d7703), U64(0xc01e690bfef4018b),
-		U64(0x915982ed8abddaf8), U64(0xbe675b98ec3a4e4c),
-		U64(0xa996bf7f82f00db1), U64(0xe1daf8d49a27696a),
-		U64(0x2effd5d3dc8986e7), U64(0xd153a51f2b1a2e81),
-		U64(0x18caa0ebd690adfb), U64(0x390e3134b243c51a),
-		U64(0x2778b92cdff70416), U64(0x029f1851691c24a6),
-		U64(0x5e7cafeacc133575), U64(0xfa4e4cc89fa5f264),
-		U64(0x5a5f9f481e2b7d24), U64(0x484c47ab18d764db),
-		U64(0x400a27f2a1a7f479), U64(0xaeeb9b2a83da7315),
-		U64(0x721c626879869734), U64(0x042330a2d2384851),
-		U64(0x85f672fd3765aff0), U64(0xba446b3a3e02061d),
-		U64(0x73dd6ecec3888567), U64(0xffac70ccf793a866),
-		U64(0xdfa9edb5294ed2d4), U64(0x6c6aea7014325638),
-		U64(0x834a5a0e8c41c307), U64(0xcdba35562fb2cb2b),
-		U64(0x0ad97808d06cb404), U64(0x0f3b440cb85aee06),
-		U64(0xe5f9c876481f213b), U64(0x98deee1289c35809),
-		U64(0x59018bbfcd394bd1), U64(0xe01bf47220297b39),
-		U64(0xde68e1139340c087), U64(0x9fa3ca4788e926ad),
-		U64(0xbb85679c840c144e), U64(0x53d8f3b71d55ffd5),
-		U64(0x0da45c5dd146caa0), U64(0x6f34fe87c72060cd),
-		U64(0x57fbc315cf6db784), U64(0xcee421a1fca0fdde),
-		U64(0x3d2d0196607b8d4b), U64(0x642c8a29ad42c69a),
-		U64(0x14aff010bdd87508), U64(0xac74837beac657b3),
-		U64(0x3216459ad821634d), U64(0x3fb219c70967a9ed),
-		U64(0x06bc28f3bb246cf7), U64(0xf2082c9126d562c6),
-		U64(0x66b39278c45ee23c), U64(0xbd394f6f3f2878b9),
-		U64(0xfd33689d9e8f8cc0), U64(0x37f4799eb017394f),
-		U64(0x108cc0b26fe03d59), U64(0xda4bd1b1417888d6),
-		U64(0xb09d1332ee6eb219), U64(0x2f3ed975668794b4),
-		U64(0x58c0871977375982), U64(0x7561463d78ace990),
-		U64(0x09876cff037e82f1), U64(0x7fb83e35a8c05d94),
-		U64(0x26b9b58a65f91645), U64(0xef20b07e9873953f),
-		U64(0x3148516d0b3355b8), U64(0x41cb2b541ba9e62a),
-		U64(0x790416c613e43163), U64(0xa011d380818e8f40),
-		U64(0x3a5025c36151f3ef), U64(0xd57095bdf92266d0),
-		U64(0x498d4b0da2d97688), U64(0x8b0c3a57353153a5),
-		U64(0x21c491df64d368e1), U64(0x8f2f0af5e7091bf4),
-		U64(0x2da1c1240f9bb012), U64(0xc43d59a92ccc49da),
-		U64(0xbfa6573e56345c1f), U64(0x828b56a8364fd154),
-		U64(0x9a41f643e0df7caf), U64(0xbcf843c985266aea),
-		U64(0x2b1de9d7b4bfdce5), U64(0x20059d79dedd7ab2),
-		U64(0x6dabe6d6ae3c446b), U64(0x45e81bf6c991ae7b),
-		U64(0x6351ae7cac68b83e), U64(0xa432e32253b6c711),
-		U64(0xd092a9b991143cd2), U64(0xcac711032e98b58f),
-		U64(0xd8d4c9e02864ac70), U64(0xc5fc550f96c25b89),
-		U64(0xd7ef8dec903e4276), U64(0x67729ede7e50f06f),
-		U64(0xeac28c7af045cf3d), U64(0xb15c1f945460a04a),
-		U64(0x9cfddeb05bfb1058), U64(0x93c69abce3a1fe5e),
-		U64(0xeb0380dc4a4bdd6e), U64(0xd20db1e8f8081874),
-		U64(0x229a8528b7c15e14), U64(0x44291750739fbc28),
-		U64(0xd3ccbd4e42060a27), U64(0xf62b1c33f4ed2a97),
-		U64(0x86a8660ae4779905), U64(0xd62e814a2a305025),
-		U64(0x477703a7a08d8add), U64(0x7b9b0e977af815c5),
-		U64(0x78c51a60a9ea2330), U64(0xa6adfb733aaae3b7),
-		U64(0x97e5aa1e3199b60f), U64(0x0000000000000000),
-		U64(0xf4b404629df10e31), U64(0x5564db44a6719322),
-		U64(0x9207961a59afec0d), U64(0x9624a6b88b97a45c),
-		U64(0x363575380a192b1c), U64(0x2c60cd82b595a241),
-		U64(0x7d272664c1dc7932), U64(0x7142769faa94a1c1),
-		U64(0xa1d0df263b809d13), U64(0x1630e841d4c451ae),
-		U64(0xc1df65ad44fa13d8), U64(0x13d2d445bcf20bac),
-		U64(0xd915c546926abe23), U64(0x38cf3d92084dd749),
-		U64(0xe766d0272103059d), U64(0xc7634d5effde7f2f),
-		U64(0x077d2455012a7ea4), U64(0xedbfa82ff16fb199),
-		U64(0xaf2a978c39d46146), U64(0x42953fa3c8bbd0df),
-		U64(0xcb061da59496a7dc), U64(0x25e7a17db6eb20b0),
-		U64(0x34aa6d6963050fba), U64(0xa76cf7d580a4f1e4),
-		U64(0xf7ea10954ee338c4), U64(0xfcf2643b24819e93),
-		U64(0xcf252d0746aeef8d), U64(0x4ef06f58a3f3082c),
-		U64(0x563acfb37563a5d7), U64(0x5086e740ce47c920),
-		U64(0x2982f186dda3f843), U64(0x87696aac5e798b56),
-		U64(0x5d22bb1d1f010380), U64(0x035e14f7d31236f5),
-		U64(0x3cec0d30da759f18), U64(0xf3c920379cdb7095),
-		U64(0xb8db736b571e22bb), U64(0xdd36f5e44052f672),
-		U64(0xaac8ab8851e23b44), U64(0xa857b3d938fe1fe2),
-		U64(0x17f1e4e76eca43fd), U64(0xec7ea4894b61a3ca),
-		U64(0x9e62c6e132e734fe), U64(0xd4b1991b432c7483),
-		U64(0x6ad6c283af163acf), U64(0x1ce9904904a8e5aa),
-		U64(0x5fbda34c761d2726), U64(0xf910583f4cb7c491),
-		U64(0xc6a241f845d06d7c), U64(0x4f3163fe19fd1a7f),
-		U64(0xe99c988d2357f9c8), U64(0x8eee06535d0709a7),
-		U64(0x0efa48aa0254fc55), U64(0xb4be23903c56fa48),
-		U64(0x763f52caabbedf65), U64(0xeee1bcd8227d876c),
-		U64(0xe345e085f33b4dcc), U64(0x3e731561b369bbbe),
-		U64(0x2843fd2067adea10), U64(0x2adce5710eb1ceb6),
-		U64(0xb7e03767ef44ccbd), U64(0x8db012a48e153f52),
-		U64(0x61ceb62dc5749c98), U64(0xe85d942b9959eb9b),
-		U64(0x4c6f7709caef2c8a), U64(0x84377e5b8d6bbda3),
-		U64(0x30895dcbb13d47eb), U64(0x74a04a9bc2a2fbc3),
-		U64(0x6b17ce251518289c), U64(0xe438c4d0f2113368),
-		U64(0x1fb784bed7bad35f), U64(0x9b80fae55ad16efc),
-		U64(0x77fe5e6c11b0cd36), U64(0xc858095247849129),
-		U64(0x08466059b97090a2), U64(0x01c10ca6ba0e1253),
-		U64(0x6988d6747c040c3a), U64(0x6849dad2c60a1e69),
-		U64(0x5147ebe67449db73), U64(0xc99905f4fd8a837a),
-		U64(0x991fe2b433cd4a5a), U64(0xf09734c04fc94660),
-		U64(0xa28ecbd1e892abe6), U64(0xf1563866f5c75433),
-		U64(0x4dae7baf70e13ed9), U64(0x7ce62ac27bd26b61),
-		U64(0x70837a39109ab392), U64(0x90988e4b30b3c8ab),
-		U64(0xb2020b63877296bf), U64(0x156efcb607d6675b)
-	}, { /* 7 */
-		U64(0xe63f55ce97c331d0), U64(0x25b506b0015bba16),
-		U64(0xc8706e29e6ad9ba8), U64(0x5b43d3775d521f6a),
-		U64(0x0bfa3d577035106e), U64(0xab95fc172afb0e66),
-		U64(0xf64b63979e7a3276), U64(0xf58b4562649dad4b),
-		U64(0x48f7c3dbae0c83f1), U64(0xff31916642f5c8c5),
-		U64(0xcbb048dc1c4a0495), U64(0x66b8f83cdf622989),
-		U64(0x35c130e908e2b9b0), U64(0x7c761a61f0b34fa1),
-		U64(0x3601161cf205268d), U64(0x9e54ccfe2219b7d6),
-		U64(0x8b7d90a538940837), U64(0x9cd403588ea35d0b),
-		U64(0xbc3c6fea9ccc5b5a), U64(0xe5ff733b6d24aeed),
-		U64(0xceed22de0f7eb8d2), U64(0xec8581cab1ab545e),
-		U64(0xb96105e88ff8e71d), U64(0x8ca03501871a5ead),
-		U64(0x76ccce65d6db2a2f), U64(0x5883f582a7b58057),
-		U64(0x3f7be4ed2e8adc3e), U64(0x0fe7be06355cd9c9),
-		U64(0xee054e6c1d11be83), U64(0x1074365909b903a6),
-		U64(0x5dde9f80b4813c10), U64(0x4a770c7d02b6692c),
-		U64(0x5379c8d5d7809039), U64(0xb4067448161ed409),
-		U64(0x5f5e5026183bd6cd), U64(0xe898029bf4c29df9),
-		U64(0x7fb63c940a54d09c), U64(0xc5171f897f4ba8bc),
-		U64(0xa6f28db7b31d3d72), U64(0x2e4f3be7716eaa78),
-		U64(0x0d6771a099e63314), U64(0x82076254e41bf284),
-		U64(0x2f0fd2b42733df98), U64(0x5c9e76d3e2dc49f0),
-		U64(0x7aeb569619606cdb), U64(0x83478b07b2468764),
-		U64(0xcfadcb8d5923cd32), U64(0x85dac7f05b95a41e),
-		U64(0xb5469d1b4043a1e9), U64(0xb821ecbbd9a592fd),
-		U64(0x1b8e0b0e798c13c8), U64(0x62a57b6d9a0be02e),
-		U64(0xfcf1b793b81257f8), U64(0x9d94ea0bd8fe28eb),
-		U64(0x4cea408aeb654a56), U64(0x23284a47e888996c),
-		U64(0x2d8f1d128b893545), U64(0xf4cbac3132c0d8ab),
-		U64(0xbd7c86b9ca912eba), U64(0x3a268eef3dbe6079),
-		U64(0xf0d62f6077a9110c), U64(0x2735c916ade150cb),
-		U64(0x89fd5f03942ee2ea), U64(0x1acee25d2fd16628),
-		U64(0x90f39bab41181bff), U64(0x430dfe8cde39939f),
-		U64(0xf70b8ac4c8274796), U64(0x1c53aeaac6024552),
-		U64(0x13b410acf35e9c9b), U64(0xa532ab4249faa24f),
-		U64(0x2b1251e5625a163f), U64(0xd7e3e676da4841c7),
-		U64(0xa7b264e4e5404892), U64(0xda8497d643ae72d3),
-		U64(0x861ae105a1723b23), U64(0x38a6414991048aa4),
-		U64(0x6578dec92585b6b4), U64(0x0280cfa6acbaeadd),
-		U64(0x88bdb650c273970a), U64(0x9333bd5ebbff84c2),
-		U64(0x4e6a8f2c47dfa08b), U64(0x321c954db76cef2a),
-		U64(0x418d312a72837942), U64(0xb29b38bfffcdf773),
-		U64(0x6c022c38f90a4c07), U64(0x5a033a240b0f6a8a),
-		U64(0x1f93885f3ce5da6f), U64(0xc38a537e96988bc6),
-		U64(0x39e6a81ac759ff44), U64(0x29929e43cee0fce2),
-		U64(0x40cdd87924de0ca2), U64(0xe9d8ebc8a29fe819),
-		U64(0x0c2798f3cfbb46f4), U64(0x55e484223e53b343),
-		U64(0x4650948ecd0d2fd8), U64(0x20e86cb2126f0651),
-		U64(0x6d42c56baf5739e7), U64(0xa06fc1405ace1e08),
-		U64(0x7babbfc54f3d193b), U64(0x424d17df8864e67f),
-		U64(0xd8045870ef14980e), U64(0xc6d7397c85ac3781),
-		U64(0x21a885e1443273b1), U64(0x67f8116f893f5c69),
-		U64(0x24f5efe35706cff6), U64(0xd56329d076f2ab1a),
-		U64(0x5e1eb9754e66a32d), U64(0x28d2771098bd8902),
-		U64(0x8f6013f47dfdc190), U64(0x17a993fdb637553c),
-		U64(0xe0a219397e1012aa), U64(0x786b9930b5da8606),
-		U64(0x6e82e39e55b0a6da), U64(0x875a0856f72f4ec3),
-		U64(0x3741ff4fa458536d), U64(0xac4859b3957558fc),
-		U64(0x7ef6d5c75c09a57c), U64(0xc04a758b6c7f14fb),
-		U64(0xf9acdd91ab26ebbf), U64(0x7391a467c5ef9668),
-		U64(0x335c7c1ee1319aca), U64(0xa91533b18641e4bb),
-		U64(0xe4bf9a683b79db0d), U64(0x8e20faa72ba0b470),
-		U64(0x51f907737b3a7ae4), U64(0x2268a314bed5ec8c),
-		U64(0xd944b123b949edee), U64(0x31dcb3b84d8b7017),
-		U64(0xd3fe65279f218860), U64(0x097af2f1dc8ffab3),
-		U64(0x9b09a6fc312d0b91), U64(0xcc6ded78a3c4520f),
-		U64(0x3481d9ba5ebfcc50), U64(0x4f2a667f1182d56b),
-		U64(0xdfd9fdd4509ace94), U64(0x26752045fbbc252b),
-		U64(0xbffc491f662bc467), U64(0xdd593272fc202449),
-		U64(0x3cbbc218d46d4303), U64(0x91b372f817456e1f),
-		U64(0x681faf69bc6385a0), U64(0xb686bbeebaa43ed4),
-		U64(0x1469b5084cd0ca01), U64(0x98c98009cbca94ac),
-		U64(0x6438379a73d8c354), U64(0xc2caba2dc0c5fe26),
-		U64(0x3e3b0dbe78d7a9de), U64(0x50b9ee202d670f04),
-		U64(0x4590b27b37eab0e5), U64(0x6025b4cb36b10af3),
-		U64(0xfb2c1237079c0162), U64(0xa12f28130c936be8),
-		U64(0x4b37e52e54eb1ccc), U64(0x083a1ba28ad28f53),
-		U64(0xc10a9cd83a22611b), U64(0x9f1425ad7444c236),
-		U64(0x069d4cf7e9d3237a), U64(0xedc56899e7f621be),
-		U64(0x778c273680865fcf), U64(0x309c5aeb1bd605f7),
-		U64(0x8de0dc52d1472b4d), U64(0xf8ec34c2fd7b9e5f),
-		U64(0xea18cd3d58787724), U64(0xaad515447ca67b86),
-		U64(0x9989695a9d97e14c), U64(0x0000000000000000),
-		U64(0xf196c63321f464ec), U64(0x71116bc169557cb5),
-		U64(0xaf887f466f92c7c1), U64(0x972e3e0ffe964d65),
-		U64(0x190ec4a8d536f915), U64(0x95aef1a9522ca7b8),
-		U64(0xdc19db21aa7d51a9), U64(0x94ee18fa0471d258),
-		U64(0x8087adf248a11859), U64(0xc457f6da2916dd5c),
-		U64(0xfa6cfb6451c17482), U64(0xf256e0c6db13fbd1),
-		U64(0x6a9f60cf10d96f7d), U64(0x4daaa9d9bd383fb6),
-		U64(0x03c026f5fae79f3d), U64(0xde99148706c7bb74),
-		U64(0x2a52b8b6340763df), U64(0x6fc20acd03edd33a),
-		U64(0xd423c08320afdefa), U64(0xbbe1ca4e23420dc0),
-		U64(0x966ed75ca8cb3885), U64(0xeb58246e0e2502c4),
-		U64(0x055d6a021334bc47), U64(0xa47242111fa7d7af),
-		U64(0xe3623fcc84f78d97), U64(0x81c744a11efc6db9),
-		U64(0xaec8961539cfb221), U64(0xf31609958d4e8e31),
-		U64(0x63e5923ecc5695ce), U64(0x47107ddd9b505a38),
-		U64(0xa3afe7b5a0298135), U64(0x792b7063e387f3e6),
-		U64(0x0140e953565d75e0), U64(0x12f4f9ffa503e97b),
-		U64(0x750ce8902c3cb512), U64(0xdbc47e8515f30733),
-		U64(0x1ed3610c6ab8af8f), U64(0x5239218681dde5d9),
-		U64(0xe222d69fd2aaf877), U64(0xfe71783514a8bd25),
-		U64(0xcaf0a18f4a177175), U64(0x61655d9860ec7f13),
-		U64(0xe77fbc9dc19e4430), U64(0x2ccff441ddd440a5),
-		U64(0x16e97aaee06a20dc), U64(0xa855dae2d01c915b),
-		U64(0x1d1347f9905f30b2), U64(0xb7c652bdecf94b34),
-		U64(0xd03e43d265c6175d), U64(0xfdb15ec0ee4f2218),
-		U64(0x57644b8492e9599e), U64(0x07dda5a4bf8e569a),
-		U64(0x54a46d71680ec6a3), U64(0x5624a2d7c4b42c7e),
-		U64(0xbebca04c3076b187), U64(0x7d36f332a6ee3a41),
-		U64(0x3b6667bc6be31599), U64(0x695f463aea3ef040),
-		U64(0xad08b0e0c3282d1c), U64(0xb15b1e4a052a684e),
-		U64(0x44d05b2861b7c505), U64(0x15295c5b1a8dbfe1),
-		U64(0x744c01c37a61c0f2), U64(0x59c31cd1f1e8f5b7),
-		U64(0xef45a73f4b4ccb63), U64(0x6bdf899c46841a9d),
-		U64(0x3dfb2b4b823036e3), U64(0xa2ef0ee6f674f4d5),
-		U64(0x184e2dfb836b8cf5), U64(0x1134df0a5fe47646),
-		U64(0xbaa1231d751f7820), U64(0xd17eaa81339b62bd),
-		U64(0xb01bf71953771dae), U64(0x849a2ea30dc8d1fe),
-		U64(0x705182923f080955), U64(0x0ea757556301ac29),
-		U64(0x041d83514569c9a7), U64(0x0abad4042668658e),
-		U64(0x49b72a88f851f611), U64(0x8a3d79f66ec97dd7),
-		U64(0xcd2d042bf59927ef), U64(0xc930877ab0f0ee48),
-		U64(0x9273540deda2f122), U64(0xc797d02fd3f14261),
-		U64(0xe1e2f06a284d674a), U64(0xd2be8c74c97cfd80),
-		U64(0x9a494faf67707e71), U64(0xb3dbd1eca9908293),
-		U64(0x72d14d3493b2e388), U64(0xd6a30f258c153427)
-	},
-};
-
-static const STREEBOG_LONG64 C16[12][8] = {
-	{
-		U64(0xdd806559f2a64507), U64(0x05767436cc744d23),
-		U64(0xa2422a08a460d315), U64(0x4b7ce09192676901),
-		U64(0x714eb88d7585c4fc), U64(0x2f6a76432e45d016),
-		U64(0xebcb2f81c0657c1f), U64(0xb1085bda1ecadae9)
-	}, {
-		U64(0xe679047021b19bb7), U64(0x55dda21bd7cbcd56),
-		U64(0x5cb561c2db0aa7ca), U64(0x9ab5176b12d69958),
-		U64(0x61d55e0f16b50131), U64(0xf3feea720a232b98),
-		U64(0x4fe39d460f70b5d7), U64(0x6fa3b58aa99d2f1a)
-	}, {
-		U64(0x991e96f50aba0ab2), U64(0xc2b6f443867adb31),
-		U64(0xc1c93a376062db09), U64(0xd3e20fe490359eb1),
-		U64(0xf2ea7514b1297b7b), U64(0x06f15e5f529c1f8b),
-		U64(0x0a39fc286a3d8435), U64(0xf574dcac2bce2fc7)
-	}, {
-		U64(0x220cbebc84e3d12e), U64(0x3453eaa193e837f1),
-		U64(0xd8b71333935203be), U64(0xa9d72c82ed03d675),
-		U64(0x9d721cad685e353f), U64(0x488e857e335c3c7d),
-		U64(0xf948e1a05d71e4dd), U64(0xef1fdfb3e81566d2)
-	}, {
-		U64(0x601758fd7c6cfe57), U64(0x7a56a27ea9ea63f5),
-		U64(0xdfff00b723271a16), U64(0xbfcd1747253af5a3),
-		U64(0x359e35d7800fffbd), U64(0x7f151c1f1686104a),
-		U64(0x9a3f410c6ca92363), U64(0x4bea6bacad474799)
-	}, {
-		U64(0xfa68407a46647d6e), U64(0xbf71c57236904f35),
-		U64(0x0af21f66c2bec6b6), U64(0xcffaa6b71c9ab7b4),
-		U64(0x187f9ab49af08ec6), U64(0x2d66c4f95142a46c),
-		U64(0x6fa4c33b7a3039c0), U64(0xae4faeae1d3ad3d9)
-	}, {
-		U64(0x8886564d3a14d493), U64(0x3517454ca23c4af3),
-		U64(0x06476983284a0504), U64(0x0992abc52d822c37),
-		U64(0xd3473e33197a93c9), U64(0x399ec6c7e6bf87c9),
-		U64(0x51ac86febf240954), U64(0xf4c70e16eeaac5ec)
-	}, {
-		U64(0xa47f0dd4bf02e71e), U64(0x36acc2355951a8d9),
-		U64(0x69d18d2bd1a5c42f), U64(0xf4892bcb929b0690),
-		U64(0x89b4443b4ddbc49a), U64(0x4eb7f8719c36de1e),
-		U64(0x03e7aa020c6e4141), U64(0x9b1f5b424d93c9a7)
-	}, {
-		U64(0x7261445183235adb), U64(0x0e38dc92cb1f2a60),
-		U64(0x7b2b8a9aa6079c54), U64(0x800a440bdbb2ceb1),
-		U64(0x3cd955b7e00d0984), U64(0x3a7d3a1b25894224),
-		U64(0x944c9ad8ec165fde), U64(0x378f5a541631229b)
-	}, {
-		U64(0x74b4c7fb98459ced), U64(0x3698fad1153bb6c3),
-		U64(0x7a1e6c303b7652f4), U64(0x9fe76702af69334b),
-		U64(0x1fffe18a1b336103), U64(0x8941e71cff8a78db),
-		U64(0x382ae548b2e4f3f3), U64(0xabbedea680056f52)
-	}, {
-		U64(0x6bcaa4cd81f32d1b), U64(0xdea2594ac06fd85d),
-		U64(0xefbacd1d7d476e98), U64(0x8a1d71efea48b9ca),
-		U64(0x2001802114846679), U64(0xd8fa6bbbebab0761),
-		U64(0x3002c6cd635afe94), U64(0x7bcd9ed0efc889fb)
-	}, {
-		U64(0x48bc924af11bd720), U64(0xfaf417d5d9b21b99),
-		U64(0xe71da4aa88e12852), U64(0x5d80ef9d1891cc86),
-		U64(0xf82012d430219f9b), U64(0xcda43c32bcdf1d77),
-		U64(0xd21380b00449b17a), U64(0x378ee767f11631ba)
-	},
-};
-
-#define B(x,i,j)	(((STREEBOG_LONG64)(*(((const unsigned char *)(&x))+i)))<<(j*8))
-#define PULL64(x) (B(x,0,0)|B(x,1,1)|B(x,2,2)|B(x,3,3)|B(x,4,4)|B(x,5,5)|B(x,6,6)|B(x,7,7))
-#define SWAB64(x) (B(x,0,7)|B(x,1,6)|B(x,2,5)|B(x,3,4)|B(x,4,3)|B(x,5,2)|B(x,6,1)|B(x,7,0))
-
-static inline STREEBOG_LONG64
-multipermute(const STREEBOG_LONG64 *in, int i)
-{
-	STREEBOG_LONG64 t = 0;
-
-	t ^= A_PI_table[0][(in[0] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[1][(in[1] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[2][(in[2] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[3][(in[3] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[4][(in[4] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[5][(in[5] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[6][(in[6] >> (i * 8)) & 0xff];
-	t ^= A_PI_table[7][(in[7] >> (i * 8)) & 0xff];
-
-	return t;
-}
-
-static void
-transform(STREEBOG_LONG64 *out, const STREEBOG_LONG64 *a,
-    const STREEBOG_LONG64 *b)
-{
-	STREEBOG_LONG64 tmp[8];
-
-	tmp[0] = a[0] ^ b[0];
-	tmp[1] = a[1] ^ b[1];
-	tmp[2] = a[2] ^ b[2];
-	tmp[3] = a[3] ^ b[3];
-	tmp[4] = a[4] ^ b[4];
-	tmp[5] = a[5] ^ b[5];
-	tmp[6] = a[6] ^ b[6];
-	tmp[7] = a[7] ^ b[7];
-
-	out[0] = multipermute(tmp, 0);
-	out[1] = multipermute(tmp, 1);
-	out[2] = multipermute(tmp, 2);
-	out[3] = multipermute(tmp, 3);
-	out[4] = multipermute(tmp, 4);
-	out[5] = multipermute(tmp, 5);
-	out[6] = multipermute(tmp, 6);
-	out[7] = multipermute(tmp, 7);
-}
-
-static inline void
-gN(STREEBOG_LONG64 *h, STREEBOG_LONG64 *m, STREEBOG_LONG64 *N)
-{
-	STREEBOG_LONG64 K[8];
-	STREEBOG_LONG64 T[8];
-	int i;
-
-	transform(K, h, N);
-
-	transform(T, K, m);
-	transform(K, K, C16[0]);
-	for (i = 1; i < 12; i++) {
-		transform(T, K, T);
-		transform(K, K, C16[i]);
-	}
-
-	h[0] ^= T[0] ^ K[0] ^ m[0];
-	h[1] ^= T[1] ^ K[1] ^ m[1];
-	h[2] ^= T[2] ^ K[2] ^ m[2];
-	h[3] ^= T[3] ^ K[3] ^ m[3];
-	h[4] ^= T[4] ^ K[4] ^ m[4];
-	h[5] ^= T[5] ^ K[5] ^ m[5];
-	h[6] ^= T[6] ^ K[6] ^ m[6];
-	h[7] ^= T[7] ^ K[7] ^ m[7];
-}
-
-
-static void
-streebog_single_block(STREEBOG_CTX *ctx, const unsigned char *in, size_t num)
-{
-	STREEBOG_LONG64 M[8], l;
-	int i;
-
-	for (i = 0; i < 8; i++)
-		M[i] = PULL64(in[i*8]);
-
-	gN(ctx->h, M, ctx->N);
-
-	l = ctx->N[0];
-	ctx->N[0] += num;
-
-	if (ctx->N[0] < l || ctx->N[0] < num) {
-		for (i = 1; i < 8; i++) {
-			ctx->N[i]++;
-			if (ctx->N[i] != 0)
-				break;
-		}
-	}
-
-	ctx->Sigma[0] += M[0];
-	for (i = 1; i < 8; i++)
-		if (ctx->Sigma[i-1] < M[i-1])
-			ctx->Sigma[i] += M[i] + 1;
-		else
-			ctx->Sigma[i] += M[i];
-}
-
-
-
-static void
-streebog_block_data_order(STREEBOG_CTX *ctx, const unsigned char *in,
-    size_t num)
-{
-	int i;
-
-	for (i = 0; i < num; i++)
-		streebog_single_block(ctx, in + i * STREEBOG_CBLOCK, 64 * 8);
-}
-
-int
-STREEBOG512_Final(unsigned char *md, STREEBOG_CTX *c)
-{
-	unsigned char *p = (unsigned char *)c->data;
-	STREEBOG_LONG64 Z[STREEBOG_LBLOCK] = {0};
-	int n;
-
-	if (c->num == STREEBOG_CBLOCK) {
-		streebog_block_data_order(c, p, 1);
-		c->num -= STREEBOG_CBLOCK;
-	}
-
-	n = c->num;
-	p[n++] = 1;
-	memset(p + n, 0, STREEBOG_CBLOCK - n);
-
-	streebog_single_block(c, p, c->num * 8);
-
-	gN(c->h, c->N, Z);
-	gN(c->h, c->Sigma, Z);
-
-	for (n = 0; n < STREEBOG_LBLOCK; n++)
-		c->h[n] = SWAB64(c->h[n]);
-
-	if (md == NULL)
-		return 0;
-
-	switch (c->md_len) {
-		/* Let compiler decide if it's appropriate to unroll... */
-	case STREEBOG256_LENGTH:
-		for (n = 0; n < STREEBOG256_LENGTH / 8; n++) {
-			STREEBOG_LONG64 t = c->h[4+n];
-
-#if BYTE_ORDER == BIG_ENDIAN
-			*(md++) = (unsigned char)(t);
-			*(md++) = (unsigned char)(t >> 8);
-			*(md++) = (unsigned char)(t >> 16);
-			*(md++) = (unsigned char)(t >> 24);
-			*(md++) = (unsigned char)(t >> 32);
-			*(md++) = (unsigned char)(t >> 40);
-			*(md++) = (unsigned char)(t >> 48);
-			*(md++) = (unsigned char)(t >> 56);
-#else
-			*(md++) = (unsigned char)(t >> 56);
-			*(md++) = (unsigned char)(t >> 48);
-			*(md++) = (unsigned char)(t >> 40);
-			*(md++) = (unsigned char)(t >> 32);
-			*(md++) = (unsigned char)(t >> 24);
-			*(md++) = (unsigned char)(t >> 16);
-			*(md++) = (unsigned char)(t >> 8);
-			*(md++) = (unsigned char)(t);
-#endif
-		}
-		break;
-	case STREEBOG512_LENGTH:
-		for (n = 0; n < STREEBOG512_LENGTH / 8; n++) {
-			STREEBOG_LONG64 t = c->h[n];
-
-#if BYTE_ORDER == BIG_ENDIAN
-			*(md++) = (unsigned char)(t);
-			*(md++) = (unsigned char)(t >> 8);
-			*(md++) = (unsigned char)(t >> 16);
-			*(md++) = (unsigned char)(t >> 24);
-			*(md++) = (unsigned char)(t >> 32);
-			*(md++) = (unsigned char)(t >> 40);
-			*(md++) = (unsigned char)(t >> 48);
-			*(md++) = (unsigned char)(t >> 56);
-#else
-			*(md++) = (unsigned char)(t >> 56);
-			*(md++) = (unsigned char)(t >> 48);
-			*(md++) = (unsigned char)(t >> 40);
-			*(md++) = (unsigned char)(t >> 32);
-			*(md++) = (unsigned char)(t >> 24);
-			*(md++) = (unsigned char)(t >> 16);
-			*(md++) = (unsigned char)(t >> 8);
-			*(md++) = (unsigned char)(t);
-#endif
-		}
-		break;
-		/* ... as well as make sure md_len is not abused. */
-	default:
-		return 0;
-	}
-
-	return 1;
-}
-
-int
-STREEBOG256_Final(unsigned char *md, STREEBOG_CTX * c)
-{
-	return STREEBOG512_Final(md, c);
-}
-
-int
-STREEBOG512_Update(STREEBOG_CTX *c, const void *_data, size_t len)
-{
-	unsigned char *p = (unsigned char *)c->data;
-	const unsigned char *data = (const unsigned char *)_data;
-
-	if (len == 0)
-		return 1;
-
-	if (c->num != 0) {
-		size_t n = STREEBOG_CBLOCK - c->num;
-
-		if (len < n) {
-			memcpy(p + c->num, data, len);
-			c->num += (unsigned int)len;
-			return 1;
-		} else {
-			memcpy(p + c->num, data, n);
-			c->num = 0;
-			len -= n;
-			data += n;
-			streebog_block_data_order(c, p, 1);
-		}
-	}
-
-	if (len >= STREEBOG_CBLOCK) {
-		streebog_block_data_order(c, data, len / STREEBOG_CBLOCK);
-		data += len;
-		len %= STREEBOG_CBLOCK;
-		data -= len;
-	}
-
-	if (len != 0) {
-		memcpy(p, data, len);
-		c->num = (int)len;
-	}
-
-	return 1;
-}
-
-int
-STREEBOG256_Update(STREEBOG_CTX *c, const void *data, size_t len)
-{
-	return STREEBOG512_Update(c, data, len);
-}
-
-void
-STREEBOG512_Transform(STREEBOG_CTX *c, const unsigned char *data)
-{
-	streebog_block_data_order(c, data, 1);
-}
-
-int
-STREEBOG256_Init(STREEBOG_CTX *c)
-{
-	memset(c, 0, sizeof(*c));
-	memset(c->h, 1, sizeof(c->h));
-
-	c->md_len = STREEBOG256_LENGTH;
-	return 1;
-}
-
-int
-STREEBOG512_Init(STREEBOG_CTX *c)
-{
-	memset(c, 0, sizeof(*c));
-	memset(c->h, 0, sizeof(c->h));
-
-	c->num = 0;
-	c->md_len = STREEBOG512_LENGTH;
-	return 1;
-}
-
-unsigned char *
-STREEBOG256(const unsigned char *d, size_t n, unsigned char *md)
-{
-	STREEBOG_CTX c;
-	static unsigned char m[STREEBOG256_LENGTH];
-
-	if (md == NULL)
-		md = m;
-	STREEBOG256_Init(&c);
-	STREEBOG256_Update(&c, d, n);
-	STREEBOG256_Final(md, &c);
-	explicit_bzero(&c, sizeof(c));
-	return (md);
-}
-
-unsigned char *
-STREEBOG512(const unsigned char *d, size_t n, unsigned char *md)
-{
-	STREEBOG_CTX c;
-	static unsigned char m[STREEBOG512_LENGTH];
-
-	if (md == NULL)
-		md = m;
-	STREEBOG512_Init(&c);
-	STREEBOG512_Update(&c, d, n);
-	STREEBOG512_Final(md, &c);
-	explicit_bzero(&c, sizeof(c));
-	return (md);
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/hmac/hm_ameth.c b/lib/libssl/src/crypto/hmac/hm_ameth.c
deleted file mode 100644
index cfa02397051..00000000000
--- a/lib/libssl/src/crypto/hmac/hm_ameth.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/* $OpenBSD: hm_ameth.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2007.
- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-
-#include "asn1_locl.h"
-
-#define HMAC_TEST_PRIVATE_KEY_FORMAT
-
-/* HMAC "ASN1" method. This is just here to indicate the
- * maximum HMAC output length and to free up an HMAC
- * key.
- */
-
-static int
-hmac_size(const EVP_PKEY *pkey)
-{
-	return EVP_MAX_MD_SIZE;
-}
-
-static void
-hmac_key_free(EVP_PKEY *pkey)
-{
-	ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-
-	if (os) {
-		if (os->data)
-			explicit_bzero(os->data, os->length);
-		ASN1_OCTET_STRING_free(os);
-	}
-}
-
-static int
-hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-	switch (op) {
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *)arg2 = NID_sha1;
-		return 1;
-	default:
-		return -2;
-	}
-}
-
-#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
-/* A bogus private key format for test purposes. This is simply the
- * HMAC key with "HMAC PRIVATE KEY" in the headers. When enabled the
- * genpkey utility can be used to "generate" HMAC keys.
- */
-
-static int
-old_hmac_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	ASN1_OCTET_STRING *os;
-
-	os = ASN1_OCTET_STRING_new();
-	if (os == NULL)
-		goto err;
-	if (ASN1_OCTET_STRING_set(os, *pder, derlen) == 0)
-		goto err;
-	if (EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os) == 0)
-		goto err;
-	return 1;
-
-err:
-	ASN1_OCTET_STRING_free(os);
-	return 0;
-}
-
-static int
-old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	int inc;
-	ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
-
-	if (pder) {
-		if (!*pder) {
-			*pder = malloc(os->length);
-			if (*pder == NULL)
-				return -1;
-			inc = 0;
-		} else
-			inc = 1;
-
-		memcpy(*pder, os->data, os->length);
-
-		if (inc)
-			*pder += os->length;
-	}
-
-	return os->length;
-}
-
-#endif
-
-const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
-	.pkey_id = EVP_PKEY_HMAC,
-	.pkey_base_id = EVP_PKEY_HMAC,
-
-	.pem_str = "HMAC",
-	.info = "OpenSSL HMAC method",
-
-	.pkey_size = hmac_size,
-
-	.pkey_free = hmac_key_free,
-	.pkey_ctrl = hmac_pkey_ctrl,
-#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
-	.old_priv_decode = old_hmac_decode,
-	.old_priv_encode = old_hmac_encode
-#endif
-};
diff --git a/lib/libssl/src/crypto/hmac/hm_pmeth.c b/lib/libssl/src/crypto/hmac/hm_pmeth.c
deleted file mode 100644
index c5ac6c00c0f..00000000000
--- a/lib/libssl/src/crypto/hmac/hm_pmeth.c
+++ /dev/null
@@ -1,259 +0,0 @@
-/* $OpenBSD: hm_pmeth.c,v 1.9 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2007.
- */
-/* ====================================================================
- * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "evp_locl.h"
-
-/* HMAC pkey context structure */
-
-typedef struct {
-	const EVP_MD *md;	/* MD for HMAC use */
-	ASN1_OCTET_STRING ktmp; /* Temp storage for key */
-	HMAC_CTX ctx;
-} HMAC_PKEY_CTX;
-
-static int
-pkey_hmac_init(EVP_PKEY_CTX *ctx)
-{
-	HMAC_PKEY_CTX *hctx;
-
-	hctx = malloc(sizeof(HMAC_PKEY_CTX));
-	if (!hctx)
-		return 0;
-	hctx->md = NULL;
-	hctx->ktmp.data = NULL;
-	hctx->ktmp.length = 0;
-	hctx->ktmp.flags = 0;
-	hctx->ktmp.type = V_ASN1_OCTET_STRING;
-	HMAC_CTX_init(&hctx->ctx);
-
-	ctx->data = hctx;
-	ctx->keygen_info_count = 0;
-
-	return 1;
-}
-
-static int
-pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	HMAC_PKEY_CTX *sctx, *dctx;
-
-	if (!pkey_hmac_init(dst))
-		return 0;
-	sctx = src->data;
-	dctx = dst->data;
-	dctx->md = sctx->md;
-	HMAC_CTX_init(&dctx->ctx);
-	if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
-		return 0;
-	if (sctx->ktmp.data) {
-		if (!ASN1_OCTET_STRING_set(&dctx->ktmp, sctx->ktmp.data,
-		    sctx->ktmp.length))
-			return 0;
-	}
-	return 1;
-}
-
-static void
-pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
-{
-	HMAC_PKEY_CTX *hctx = ctx->data;
-
-	HMAC_CTX_cleanup(&hctx->ctx);
-	if (hctx->ktmp.data) {
-		if (hctx->ktmp.length)
-			explicit_bzero(hctx->ktmp.data, hctx->ktmp.length);
-		free(hctx->ktmp.data);
-		hctx->ktmp.data = NULL;
-	}
-	free(hctx);
-}
-
-static int
-pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	ASN1_OCTET_STRING *hkey = NULL;
-	HMAC_PKEY_CTX *hctx = ctx->data;
-
-	if (!hctx->ktmp.data)
-		return 0;
-	hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
-	if (!hkey)
-		return 0;
-	EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
-
-	return 1;
-}
-
-static int
-int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
-{
-	HMAC_PKEY_CTX *hctx = ctx->pctx->data;
-
-	if (!HMAC_Update(&hctx->ctx, data, count))
-		return 0;
-	return 1;
-}
-
-static int
-hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
-{
-	HMAC_PKEY_CTX *hctx = ctx->data;
-
-	HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
-	EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
-	mctx->update = int_update;
-	return 1;
-}
-
-static int
-hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    EVP_MD_CTX *mctx)
-{
-	unsigned int hlen;
-	HMAC_PKEY_CTX *hctx = ctx->data;
-	int l = EVP_MD_CTX_size(mctx);
-
-	if (l < 0)
-		return 0;
-	*siglen = l;
-	if (!sig)
-		return 1;
-
-	if (!HMAC_Final(&hctx->ctx, sig, &hlen))
-		return 0;
-	*siglen = (size_t)hlen;
-	return 1;
-}
-
-static int
-pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	HMAC_PKEY_CTX *hctx = ctx->data;
-	ASN1_OCTET_STRING *key;
-
-	switch (type) {
-	case EVP_PKEY_CTRL_SET_MAC_KEY:
-		if ((!p2 && p1 > 0) || (p1 < -1))
-			return 0;
-		if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
-			return 0;
-		break;
-
-	case EVP_PKEY_CTRL_MD:
-		hctx->md = p2;
-		break;
-
-	case EVP_PKEY_CTRL_DIGESTINIT:
-		key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
-		if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
-		    ctx->engine))
-			return 0;
-		break;
-
-	default:
-		return -2;
-	}
-	return 1;
-}
-
-static int
-pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
-	if (!value)
-		return 0;
-	if (!strcmp(type, "key")) {
-		void *p = (void *)value;
-		return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
-	}
-	if (!strcmp(type, "hexkey")) {
-		unsigned char *key;
-		int r;
-		long keylen;
-		key = string_to_hex(value, &keylen);
-		if (!key)
-			return 0;
-		r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
-		free(key);
-		return r;
-	}
-	return -2;
-}
-
-const EVP_PKEY_METHOD hmac_pkey_meth = {
-	.pkey_id = EVP_PKEY_HMAC,
-
-	.init = pkey_hmac_init,
-	.copy = pkey_hmac_copy,
-	.cleanup = pkey_hmac_cleanup,
-
-	.keygen = pkey_hmac_keygen,
-
-	.signctx_init = hmac_signctx_init,
-	.signctx = hmac_signctx,
-
-	.ctrl = pkey_hmac_ctrl,
-	.ctrl_str = pkey_hmac_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/hmac/hmac.c b/lib/libssl/src/crypto/hmac/hmac.c
deleted file mode 100644
index 155e32a540c..00000000000
--- a/lib/libssl/src/crypto/hmac/hmac.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* $OpenBSD: hmac.c,v 1.22 2015/02/10 09:52:35 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/hmac.h>
-
-int
-HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
-    ENGINE *impl)
-{
-	int i, j, reset = 0;
-	unsigned char pad[HMAC_MAX_MD_CBLOCK];
-
-	if (md != NULL) {
-		reset = 1;
-		ctx->md = md;
-	} else
-		md = ctx->md;
-
-	if (key != NULL) {
-		reset = 1;
-		j = EVP_MD_block_size(md);
-		if ((size_t)j > sizeof(ctx->key)) {
-			EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_BAD_BLOCK_LENGTH);
-			goto err;
-		}
-		if (j < len) {
-			if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
-				goto err;
-			if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
-				goto err;
-			if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
-			    &ctx->key_length))
-				goto err;
-		} else {
-			if ((size_t)len > sizeof(ctx->key)) {
-				EVPerr(EVP_F_HMAC_INIT_EX,
-				    EVP_R_BAD_KEY_LENGTH);
-				goto err;
-			}
-			memcpy(ctx->key, key, len);
-			ctx->key_length = len;
-		}
-		if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
-			memset(&ctx->key[ctx->key_length], 0,
-			    HMAC_MAX_MD_CBLOCK - ctx->key_length);
-	}
-
-	if (reset) {
-		for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-			pad[i] = 0x36 ^ ctx->key[i];
-		if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
-			goto err;
-		if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
-			goto err;
-
-		for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
-			pad[i] = 0x5c ^ ctx->key[i];
-		if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
-			goto err;
-		if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
-			goto err;
-	}
-	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
-		goto err;
-	return 1;
-err:
-	return 0;
-}
-
-int
-HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
-{
-	if (key && md)
-		HMAC_CTX_init(ctx);
-	return HMAC_Init_ex(ctx, key, len, md, NULL);
-}
-
-int
-HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
-{
-	return EVP_DigestUpdate(&ctx->md_ctx, data, len);
-}
-
-int
-HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
-{
-	unsigned int i;
-	unsigned char buf[EVP_MAX_MD_SIZE];
-
-	if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
-		goto err;
-	if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
-		goto err;
-	if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
-		goto err;
-	if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
-		goto err;
-	return 1;
-err:
-	return 0;
-}
-
-void
-HMAC_CTX_init(HMAC_CTX *ctx)
-{
-	EVP_MD_CTX_init(&ctx->i_ctx);
-	EVP_MD_CTX_init(&ctx->o_ctx);
-	EVP_MD_CTX_init(&ctx->md_ctx);
-}
-
-int
-HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
-{
-	if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
-		goto err;
-	if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
-		goto err;
-	if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
-		goto err;
-	memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
-	dctx->key_length = sctx->key_length;
-	dctx->md = sctx->md;
-	return 1;
-err:
-	return 0;
-}
-
-void
-HMAC_CTX_cleanup(HMAC_CTX *ctx)
-{
-	EVP_MD_CTX_cleanup(&ctx->i_ctx);
-	EVP_MD_CTX_cleanup(&ctx->o_ctx);
-	EVP_MD_CTX_cleanup(&ctx->md_ctx);
-	memset(ctx, 0, sizeof *ctx);
-}
-
-unsigned char *
-HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d,
-    size_t n, unsigned char *md, unsigned int *md_len)
-{
-	HMAC_CTX c;
-	static unsigned char m[EVP_MAX_MD_SIZE];
-
-	if (md == NULL)
-		md = m;
-	HMAC_CTX_init(&c);
-	if (!HMAC_Init(&c, key, key_len, evp_md))
-		goto err;
-	if (!HMAC_Update(&c, d, n))
-		goto err;
-	if (!HMAC_Final(&c, md, md_len))
-		goto err;
-	HMAC_CTX_cleanup(&c);
-	return md;
-err:
-	return NULL;
-}
-
-void
-HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
-{
-	EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
-	EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
-	EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
-}
diff --git a/lib/libssl/src/crypto/hmac/hmac.h b/lib/libssl/src/crypto/hmac/hmac.h
deleted file mode 100644
index f3418b3cb75..00000000000
--- a/lib/libssl/src/crypto/hmac/hmac.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* $OpenBSD: hmac.h,v 1.12 2014/06/21 13:39:46 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#ifndef HEADER_HMAC_H
-#define HEADER_HMAC_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_HMAC
-#error HMAC is disabled.
-#endif
-
-#include <openssl/evp.h>
-
-#define HMAC_MAX_MD_CBLOCK	128	/* largest known is SHA512 */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct hmac_ctx_st {
-	const EVP_MD *md;
-	EVP_MD_CTX md_ctx;
-	EVP_MD_CTX i_ctx;
-	EVP_MD_CTX o_ctx;
-	unsigned int key_length;
-	unsigned char key[HMAC_MAX_MD_CBLOCK];
-} HMAC_CTX;
-
-#define HMAC_size(e)	(EVP_MD_size((e)->md))
-
-
-void HMAC_CTX_init(HMAC_CTX *ctx);
-void HMAC_CTX_cleanup(HMAC_CTX *ctx);
-
-#define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx) /* deprecated */
-
-int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
-    const EVP_MD *md); /* deprecated */
-int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md,
-    ENGINE *impl);
-int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
-int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
-    const unsigned char *d, size_t n, unsigned char *md, unsigned int *md_len);
-int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/ia64cpuid.S b/lib/libssl/src/crypto/ia64cpuid.S
deleted file mode 100644
index 39e8093c6cc..00000000000
--- a/lib/libssl/src/crypto/ia64cpuid.S
+++ /dev/null
@@ -1,121 +0,0 @@
-// Works on all IA-64 platforms: Linux, HP-UX, Win64i...
-// On Win64i compile with ias.exe.
-.text
-
-.global	OPENSSL_cpuid_setup#
-.proc	OPENSSL_cpuid_setup#
-OPENSSL_cpuid_setup:
-{ .mib;	br.ret.sptk.many	b0		};;
-.endp	OPENSSL_cpuid_setup#
-
-.global	OPENSSL_atomic_add#
-.proc	OPENSSL_atomic_add#
-.align	32
-OPENSSL_atomic_add:
-{ .mii;	ld4		r2=[r32]
-	nop.i		0
-	nop.i		0		};;
-.Lspin:
-{ .mii;	mov		ar.ccv=r2
-	add		r8=r2,r33
-	mov		r3=r2		};;
-{ .mmi;	mf;;
-	cmpxchg4.acq	r2=[r32],r8,ar.ccv
-	nop.i		0		};;
-{ .mib;	cmp.ne		p6,p0=r2,r3
-	nop.i		0
-(p6)	br.dpnt		.Lspin		};;
-{ .mib;	nop.m		0
-	sxt4		r8=r8
-	br.ret.sptk.many	b0	};;
-.endp	OPENSSL_atomic_add#
-
-// Returns a structure comprising pointer to the top of stack of
-// the caller and pointer beyond backing storage for the current
-// register frame. The latter is required, because it might be
-// insufficient to wipe backing storage for the current frame
-// (as this procedure does), one might have to go further, toward
-// higher addresses to reach for whole "retroactively" saved
-// context...
-.global	OPENSSL_wipe_cpu#
-.proc	OPENSSL_wipe_cpu#
-.align	32
-OPENSSL_wipe_cpu:
-	.prologue
-	.fframe	0
-	.save	ar.pfs,r2
-	.save	ar.lc,r3
-{ .mib;	alloc		r2=ar.pfs,0,96,0,96
-	mov		r3=ar.lc
-	brp.loop.imp	.L_wipe_top,.L_wipe_end-16
-					};;
-{ .mii;	mov		r9=ar.bsp
-	mov		r8=pr
-	mov		ar.lc=96	};;
-	.body
-{ .mii;	add		r9=96*8-8,r9
-	mov		ar.ec=1		};;
-
-// One can sweep double as fast, but then we can't quarantee
-// that backing storage is wiped...
-.L_wipe_top:
-{ .mfi;	st8		[r9]=r0,-8
-	mov		f127=f0
-	mov		r127=r0		}
-{ .mfb;	nop.m		0
-	nop.f		0
-	br.ctop.sptk	.L_wipe_top	};;
-.L_wipe_end:
-
-{ .mfi;	mov		r11=r0
-	mov		f6=f0
-	mov		r14=r0		}
-{ .mfi;	mov		r15=r0
-	mov		f7=f0
-	mov		r16=r0		}
-{ .mfi;	mov		r17=r0
-	mov		f8=f0
-	mov		r18=r0		}
-{ .mfi;	mov		r19=r0
-	mov		f9=f0
-	mov		r20=r0		}
-{ .mfi;	mov		r21=r0
-	mov		f10=f0
-	mov		r22=r0		}
-{ .mfi;	mov		r23=r0
-	mov		f11=f0
-	mov		r24=r0		}
-{ .mfi;	mov		r25=r0
-	mov		f12=f0
-	mov		r26=r0		}
-{ .mfi;	mov		r27=r0
-	mov		f13=f0
-	mov		r28=r0		}
-{ .mfi;	mov		r29=r0
-	mov		f14=f0
-	mov		r30=r0		}
-{ .mfi;	mov		r31=r0
-	mov		f15=f0
-	nop.i		0		}
-{ .mfi;	mov		f16=f0		}
-{ .mfi;	mov		f17=f0		}
-{ .mfi;	mov		f18=f0		}
-{ .mfi;	mov		f19=f0		}
-{ .mfi;	mov		f20=f0		}
-{ .mfi;	mov		f21=f0		}
-{ .mfi;	mov		f22=f0		}
-{ .mfi;	mov		f23=f0		}
-{ .mfi;	mov		f24=f0		}
-{ .mfi;	mov		f25=f0		}
-{ .mfi;	mov		f26=f0		}
-{ .mfi;	mov		f27=f0		}
-{ .mfi;	mov		f28=f0		}
-{ .mfi;	mov		f29=f0		}
-{ .mfi;	mov		f30=f0		}
-{ .mfi;	add		r9=96*8+8,r9
-	mov		f31=f0
-	mov		pr=r8,0x1ffff	}
-{ .mib;	mov		r8=sp
-	mov		ar.lc=r3
-	br.ret.sptk	b0		};;
-.endp	OPENSSL_wipe_cpu#
diff --git a/lib/libssl/src/crypto/idea/i_cbc.c b/lib/libssl/src/crypto/idea/i_cbc.c
deleted file mode 100644
index 5bb9640c340..00000000000
--- a/lib/libssl/src/crypto/idea/i_cbc.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* $OpenBSD: i_cbc.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt)
-	{
-	unsigned long tin0,tin1;
-	unsigned long tout0,tout1,xor0,xor1;
-	long l=length;
-	unsigned long tin[2];
-
-	if (encrypt)
-		{
-		n2l(iv,tout0);
-		n2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0);
-			n2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]; l2n(tout0,out);
-			tout1=tin[1]; l2n(tout1,out);
-			}
-		if (l != -8)
-			{
-			n2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]; l2n(tout0,out);
-			tout1=tin[1]; l2n(tout1,out);
-			}
-		l2n(tout0,iv);
-		l2n(tout1,iv);
-		}
-	else
-		{
-		n2l(iv,xor0);
-		n2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			n2l(in,tin0); tin[0]=tin0;
-			n2l(in,tin1); tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2n(tout0,out);
-			l2n(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			n2l(in,tin0); tin[0]=tin0;
-			n2l(in,tin1); tin[1]=tin1;
-			idea_encrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2nn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2n(xor0,iv);
-		l2n(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-void idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key)
-	{
-	IDEA_INT *p;
-	unsigned long x1,x2,x3,x4,t0,t1,ul;
-
-	x2=d[0];
-	x1=(x2>>16);
-	x4=d[1];
-	x3=(x4>>16);
-
-	p= &(key->data[0][0]);
-
-	E_IDEA(0);
-	E_IDEA(1);
-	E_IDEA(2);
-	E_IDEA(3);
-	E_IDEA(4);
-	E_IDEA(5);
-	E_IDEA(6);
-	E_IDEA(7);
-
-	x1&=0xffff;
-	idea_mul(x1,x1,*p,ul); p++;
-
-	t0= x3+ *(p++);
-	t1= x2+ *(p++);
-
-	x4&=0xffff;
-	idea_mul(x4,x4,*p,ul);
-
-	d[0]=(t0&0xffff)|((x1&0xffff)<<16);
-	d[1]=(x4&0xffff)|((t1&0xffff)<<16);
-	}
diff --git a/lib/libssl/src/crypto/idea/i_cfb64.c b/lib/libssl/src/crypto/idea/i_cfb64.c
deleted file mode 100644
index b979aaef866..00000000000
--- a/lib/libssl/src/crypto/idea/i_cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* $OpenBSD: i_cfb64.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, IDEA_KEY_SCHEDULE *schedule,
-			unsigned char *ivec, int *num, int encrypt)
-	{
-	unsigned long v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned long ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				idea_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				n2l(iv,v0); ti[0]=v0;
-				n2l(iv,v1); ti[1]=v1;
-				idea_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2n(t,iv);
-				t=ti[1]; l2n(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/idea/i_ecb.c b/lib/libssl/src/crypto/idea/i_ecb.c
deleted file mode 100644
index dac456cdc59..00000000000
--- a/lib/libssl/src/crypto/idea/i_ecb.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* $OpenBSD: i_ecb.c,v 1.3 2014/07/09 11:10:51 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-#include <openssl/opensslv.h>
-
-const char *idea_options(void)
-	{
-	if (sizeof(short) != sizeof(IDEA_INT))
-		return("idea(int)");
-	else
-		return("idea(short)");
-	}
-
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	     IDEA_KEY_SCHEDULE *ks)
-	{
-	unsigned long l0,l1,d[2];
-
-	n2l(in,l0); d[0]=l0;
-	n2l(in,l1); d[1]=l1;
-	idea_encrypt(d,ks);
-	l0=d[0]; l2n(l0,out);
-	l1=d[1]; l2n(l1,out);
-	l0=l1=d[0]=d[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/idea/i_ofb64.c b/lib/libssl/src/crypto/idea/i_ofb64.c
deleted file mode 100644
index 376dad9f6d9..00000000000
--- a/lib/libssl/src/crypto/idea/i_ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* $OpenBSD: i_ofb64.c,v 1.3 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-			long length, IDEA_KEY_SCHEDULE *schedule,
-			unsigned char *ivec, int *num)
-	{
-	unsigned long v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned char d[8];
-	char *dp;
-	unsigned long ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	n2l(iv,v0);
-	n2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2n(v0,dp);
-	l2n(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			idea_encrypt((unsigned long *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2n(t,dp);
-			t=ti[1]; l2n(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2n(v0,iv);
-		l2n(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/idea/i_skey.c b/lib/libssl/src/crypto/idea/i_skey.c
deleted file mode 100644
index 2824d2618e4..00000000000
--- a/lib/libssl/src/crypto/idea/i_skey.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* $OpenBSD: i_skey.c,v 1.4 2014/10/28 07:35:58 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/idea.h>
-#include "idea_lcl.h"
-
-static IDEA_INT inverse(unsigned int xin);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
-	{
-	int i;
-	IDEA_INT *kt,*kf,r0,r1,r2;
-
-	kt= &(ks->data[0][0]);
-	n2s(key,kt[0]); n2s(key,kt[1]); n2s(key,kt[2]); n2s(key,kt[3]);
-	n2s(key,kt[4]); n2s(key,kt[5]); n2s(key,kt[6]); n2s(key,kt[7]);
-
-	kf=kt;
-	kt+=8;
-	for (i=0; i<6; i++)
-		{
-		r2= kf[1];
-		r1= kf[2];
-		*(kt++)= ((r2<<9) | (r1>>7))&0xffff;
-		r0= kf[3];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[4];
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		r0= kf[5];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[6];
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		r0= kf[7];
-		*(kt++)= ((r1<<9) | (r0>>7))&0xffff;
-		r1= kf[0];
-		if (i >= 5) break;
-		*(kt++)= ((r0<<9) | (r1>>7))&0xffff;
-		*(kt++)= ((r1<<9) | (r2>>7))&0xffff;
-		kf+=8;
-		}
-	}
-
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
-	{
-	int r;
-	IDEA_INT *fp,*tp,t;
-
-	tp= &(dk->data[0][0]);
-	fp= &(ek->data[8][0]);
-	for (r=0; r<9; r++)
-		{
-		*(tp++)=inverse(fp[0]);
-		*(tp++)=((int)(0x10000L-fp[2])&0xffff);
-		*(tp++)=((int)(0x10000L-fp[1])&0xffff);
-		*(tp++)=inverse(fp[3]);
-		if (r == 8) break;
-		fp-=6;
-		*(tp++)=fp[4];
-		*(tp++)=fp[5];
-		}
-
-	tp= &(dk->data[0][0]);
-	t=tp[1];
-	tp[1]=tp[2];
-	tp[2]=t;
-
-	t=tp[49];
-	tp[49]=tp[50];
-	tp[50]=t;
-	}
-
-/* taken directly from the 'paper' I'll have a look at it later */
-static IDEA_INT inverse(unsigned int xin)
-	{
-	long n1,n2,q,r,b1,b2,t;
-
-	if (xin == 0)
-		b2=0;
-	else
-		{
-		n1=0x10001;
-		n2=xin;
-		b2=1;
-		b1=0;
-
-		do	{
-			r=(n1%n2);
-			q=(n1-r)/n2;
-			if (r == 0)
-				{ if (b2 < 0) b2=0x10001+b2; }
-			else
-				{
-				n1=n2;
-				n2=r;
-				t=b2;
-				b2=b1-q*b2;
-				b1=t;
-				}
-			} while (r != 0);
-		}
-	return((IDEA_INT)b2);
-	}
diff --git a/lib/libssl/src/crypto/idea/idea.h b/lib/libssl/src/crypto/idea/idea.h
deleted file mode 100644
index f76bcaeba58..00000000000
--- a/lib/libssl/src/crypto/idea/idea.h
+++ /dev/null
@@ -1,100 +0,0 @@
-/* $OpenBSD: idea.h,v 1.10 2014/06/12 15:49:29 deraadt Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_IDEA_H
-#define HEADER_IDEA_H
-
-#include <openssl/opensslconf.h> /* IDEA_INT, OPENSSL_NO_IDEA */
-
-#ifdef OPENSSL_NO_IDEA
-#error IDEA is disabled.
-#endif
-
-#define IDEA_ENCRYPT	1
-#define IDEA_DECRYPT	0
-
-#define IDEA_BLOCK	8
-#define IDEA_KEY_LENGTH	16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct idea_key_st
-	{
-	IDEA_INT data[9][6];
-	} IDEA_KEY_SCHEDULE;
-
-const char *idea_options(void);
-void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
-	IDEA_KEY_SCHEDULE *ks);
-void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
-void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
-void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
-void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
-	int *num,int enc);
-void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-	long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
-void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/idea/idea_lcl.h b/lib/libssl/src/crypto/idea/idea_lcl.h
deleted file mode 100644
index e46c960875c..00000000000
--- a/lib/libssl/src/crypto/idea/idea_lcl.h
+++ /dev/null
@@ -1,150 +0,0 @@
-/* $OpenBSD: idea_lcl.h,v 1.3 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* The new form of this macro (check if the a*b == 0) was suggested by 
- * Colin Plumb <colin@nyx10.cs.du.edu> */
-/* Removal of the inner if from from Wei Dai 24/4/96 */
-#define idea_mul(r,a,b,ul) \
-ul=(unsigned long)a*b; \
-if (ul != 0) \
-	{ \
-	r=(ul&0xffff)-(ul>>16); \
-	r-=((r)>>16); \
-	} \
-else \
-	r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ 
-
-/*  7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
- * for pointing out that I was assuming little endian
- * byte order for all quantities what idea
- * actually used bigendian.  No where in the spec does it mention
- * this, it is all in terms of 16 bit numbers and even the example
- * does not use byte streams for the input example :-(.
- * If you byte swap each pair of input, keys and iv, the functions
- * would produce the output as the old version :-(.
- */
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#undef s2n
-#define s2n(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
-
-#undef n2s
-#define n2s(c,l)	(l =((IDEA_INT)(*((c)++)))<< 8L, \
-			 l|=((IDEA_INT)(*((c)++)))      )
-
-#define E_IDEA(num) \
-	x1&=0xffff; \
-	idea_mul(x1,x1,*p,ul); p++; \
-	x2+= *(p++); \
-	x3+= *(p++); \
-	x4&=0xffff; \
-	idea_mul(x4,x4,*p,ul); p++; \
-	t0=(x1^x3)&0xffff; \
-	idea_mul(t0,t0,*p,ul); p++; \
-	t1=(t0+(x2^x4))&0xffff; \
-	idea_mul(t1,t1,*p,ul); p++; \
-	t0+=t1; \
-	x1^=t1; \
-	x4^=t0; \
-	ul=x2^t0; /* do the swap to x3 */ \
-	x2=x3^t1; \
-	x3=ul;
-
diff --git a/lib/libssl/src/crypto/krb5/krb5_asn.c b/lib/libssl/src/crypto/krb5/krb5_asn.c
deleted file mode 100644
index 4713fce37b3..00000000000
--- a/lib/libssl/src/crypto/krb5/krb5_asn.c
+++ /dev/null
@@ -1,722 +0,0 @@
-/* $OpenBSD: krb5_asn.c,v 1.4 2015/07/25 14:49:45 jsing Exp $ */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
-** using ocsp/{*.h,*asn*.c} as a starting point
-*/
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/krb5_asn.h>
-
-
-static const ASN1_TEMPLATE KRB5_ENCDATA_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_ENCDATA, etype),
-		.field_name = "etype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(KRB5_ENCDATA, kvno),
-		.field_name = "kvno",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 2,
-		.offset = offsetof(KRB5_ENCDATA, cipher),
-		.field_name = "cipher",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM KRB5_ENCDATA_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_ENCDATA_seq_tt,
-	.tcount = sizeof(KRB5_ENCDATA_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_ENCDATA),
-	.sname = "KRB5_ENCDATA",
-};
-
-
-KRB5_ENCDATA *
-d2i_KRB5_ENCDATA(KRB5_ENCDATA **a, const unsigned char **in, long len)
-{
-	return (KRB5_ENCDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_ENCDATA_it);
-}
-
-int
-i2d_KRB5_ENCDATA(KRB5_ENCDATA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCDATA_it);
-}
-
-KRB5_ENCDATA *
-KRB5_ENCDATA_new(void)
-{
-	return (KRB5_ENCDATA *)ASN1_item_new(&KRB5_ENCDATA_it);
-}
-
-void
-KRB5_ENCDATA_free(KRB5_ENCDATA *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCDATA_it);
-}
-
-
-static const ASN1_TEMPLATE KRB5_PRINCNAME_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_PRINCNAME, nametype),
-		.field_name = "nametype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF,
-		.tag = 1,
-		.offset = offsetof(KRB5_PRINCNAME, namestring),
-		.field_name = "namestring",
-		.item = &ASN1_GENERALSTRING_it,
-	},
-};
-
-const ASN1_ITEM KRB5_PRINCNAME_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_PRINCNAME_seq_tt,
-	.tcount = sizeof(KRB5_PRINCNAME_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_PRINCNAME),
-	.sname = "KRB5_PRINCNAME",
-};
-
-
-KRB5_PRINCNAME *
-d2i_KRB5_PRINCNAME(KRB5_PRINCNAME **a, const unsigned char **in, long len)
-{
-	return (KRB5_PRINCNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_PRINCNAME_it);
-}
-
-int
-i2d_KRB5_PRINCNAME(KRB5_PRINCNAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_PRINCNAME_it);
-}
-
-KRB5_PRINCNAME *
-KRB5_PRINCNAME_new(void)
-{
-	return (KRB5_PRINCNAME *)ASN1_item_new(&KRB5_PRINCNAME_it);
-}
-
-void
-KRB5_PRINCNAME_free(KRB5_PRINCNAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_PRINCNAME_it);
-}
-
-
-/* [APPLICATION 1] = 0x61 */
-static const ASN1_TEMPLATE KRB5_TKTBODY_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_TKTBODY, tktvno),
-		.field_name = "tktvno",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_TKTBODY, realm),
-		.field_name = "realm",
-		.item = &ASN1_GENERALSTRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 2,
-		.offset = offsetof(KRB5_TKTBODY, sname),
-		.field_name = "sname",
-		.item = &KRB5_PRINCNAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 3,
-		.offset = offsetof(KRB5_TKTBODY, encdata),
-		.field_name = "encdata",
-		.item = &KRB5_ENCDATA_it,
-	},
-};
-
-const ASN1_ITEM KRB5_TKTBODY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_TKTBODY_seq_tt,
-	.tcount = sizeof(KRB5_TKTBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_TKTBODY),
-	.sname = "KRB5_TKTBODY",
-};
-
-
-KRB5_TKTBODY *
-d2i_KRB5_TKTBODY(KRB5_TKTBODY **a, const unsigned char **in, long len)
-{
-	return (KRB5_TKTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_TKTBODY_it);
-}
-
-int
-i2d_KRB5_TKTBODY(KRB5_TKTBODY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TKTBODY_it);
-}
-
-KRB5_TKTBODY *
-KRB5_TKTBODY_new(void)
-{
-	return (KRB5_TKTBODY *)ASN1_item_new(&KRB5_TKTBODY_it);
-}
-
-void
-KRB5_TKTBODY_free(KRB5_TKTBODY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_TKTBODY_it);
-}
-
-
-static const ASN1_TEMPLATE KRB5_TICKET_item_tt =  {
-	.flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
-	.tag = 1,
-	.offset = 0,
-	.field_name = "KRB5_TICKET",
-	.item = &KRB5_TKTBODY_it,
-};
-
-const ASN1_ITEM KRB5_TICKET_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &KRB5_TICKET_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "KRB5_TICKET",
-};
-
-
-KRB5_TICKET *
-d2i_KRB5_TICKET(KRB5_TICKET **a, const unsigned char **in, long len)
-{
-	return (KRB5_TICKET *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_TICKET_it);
-}
-
-int
-i2d_KRB5_TICKET(KRB5_TICKET *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_TICKET_it);
-}
-
-KRB5_TICKET *
-KRB5_TICKET_new(void)
-{
-	return (KRB5_TICKET *)ASN1_item_new(&KRB5_TICKET_it);
-}
-
-void
-KRB5_TICKET_free(KRB5_TICKET *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_TICKET_it);
-}
-
-
-/* [APPLICATION 14] = 0x6e */
-static const ASN1_TEMPLATE KRB5_APREQBODY_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_APREQBODY, pvno),
-		.field_name = "pvno",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_APREQBODY, msgtype),
-		.field_name = "msgtype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 2,
-		.offset = offsetof(KRB5_APREQBODY, apoptions),
-		.field_name = "apoptions",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 3,
-		.offset = offsetof(KRB5_APREQBODY, ticket),
-		.field_name = "ticket",
-		.item = &KRB5_TICKET_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 4,
-		.offset = offsetof(KRB5_APREQBODY, authenticator),
-		.field_name = "authenticator",
-		.item = &KRB5_ENCDATA_it,
-	},
-};
-
-const ASN1_ITEM KRB5_APREQBODY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_APREQBODY_seq_tt,
-	.tcount = sizeof(KRB5_APREQBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_APREQBODY),
-	.sname = "KRB5_APREQBODY",
-};
-
-
-KRB5_APREQBODY *
-d2i_KRB5_APREQBODY(KRB5_APREQBODY **a, const unsigned char **in, long len)
-{
-	return (KRB5_APREQBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_APREQBODY_it);
-}
-
-int
-i2d_KRB5_APREQBODY(KRB5_APREQBODY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQBODY_it);
-}
-
-KRB5_APREQBODY *
-KRB5_APREQBODY_new(void)
-{
-	return (KRB5_APREQBODY *)ASN1_item_new(&KRB5_APREQBODY_it);
-}
-
-void
-KRB5_APREQBODY_free(KRB5_APREQBODY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQBODY_it);
-}
-
-static const ASN1_TEMPLATE KRB5_APREQ_item_tt =  {
-	.flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
-	.tag = 14,
-	.offset = 0,
-	.field_name = "KRB5_APREQ",
-	.item = &KRB5_APREQBODY_it,
-};
-
-const ASN1_ITEM KRB5_APREQ_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &KRB5_APREQ_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "KRB5_APREQ",
-};
-
-
-KRB5_APREQ *
-d2i_KRB5_APREQ(KRB5_APREQ **a, const unsigned char **in, long len)
-{
-	return (KRB5_APREQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_APREQ_it);
-}
-
-int
-i2d_KRB5_APREQ(KRB5_APREQ *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_APREQ_it);
-}
-
-KRB5_APREQ *
-KRB5_APREQ_new(void)
-{
-	return (KRB5_APREQ *)ASN1_item_new(&KRB5_APREQ_it);
-}
-
-void
-KRB5_APREQ_free(KRB5_APREQ *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_APREQ_it);
-}
-
-
-/*  Authenticator stuff 	*/
-
-static const ASN1_TEMPLATE KRB5_CHECKSUM_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_CHECKSUM, ctype),
-		.field_name = "ctype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_CHECKSUM, checksum),
-		.field_name = "checksum",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM KRB5_CHECKSUM_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_CHECKSUM_seq_tt,
-	.tcount = sizeof(KRB5_CHECKSUM_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_CHECKSUM),
-	.sname = "KRB5_CHECKSUM",
-};
-
-
-KRB5_CHECKSUM *
-d2i_KRB5_CHECKSUM(KRB5_CHECKSUM **a, const unsigned char **in, long len)
-{
-	return (KRB5_CHECKSUM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_CHECKSUM_it);
-}
-
-int
-i2d_KRB5_CHECKSUM(KRB5_CHECKSUM *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_CHECKSUM_it);
-}
-
-KRB5_CHECKSUM *
-KRB5_CHECKSUM_new(void)
-{
-	return (KRB5_CHECKSUM *)ASN1_item_new(&KRB5_CHECKSUM_it);
-}
-
-void
-KRB5_CHECKSUM_free(KRB5_CHECKSUM *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_CHECKSUM_it);
-}
-
-
-static const ASN1_TEMPLATE KRB5_ENCKEY_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_ENCKEY, ktype),
-		.field_name = "ktype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_ENCKEY, keyvalue),
-		.field_name = "keyvalue",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM KRB5_ENCKEY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_ENCKEY_seq_tt,
-	.tcount = sizeof(KRB5_ENCKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_ENCKEY),
-	.sname = "KRB5_ENCKEY",
-};
-
-
-KRB5_ENCKEY *
-d2i_KRB5_ENCKEY(KRB5_ENCKEY **a, const unsigned char **in, long len)
-{
-	return (KRB5_ENCKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_ENCKEY_it);
-}
-
-int
-i2d_KRB5_ENCKEY(KRB5_ENCKEY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_ENCKEY_it);
-}
-
-KRB5_ENCKEY *
-KRB5_ENCKEY_new(void)
-{
-	return (KRB5_ENCKEY *)ASN1_item_new(&KRB5_ENCKEY_it);
-}
-
-void
-KRB5_ENCKEY_free(KRB5_ENCKEY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_ENCKEY_it);
-}
-
-
-/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */
-static const ASN1_TEMPLATE KRB5_AUTHDATA_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_AUTHDATA, adtype),
-		.field_name = "adtype",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_AUTHDATA, addata),
-		.field_name = "addata",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM KRB5_AUTHDATA_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_AUTHDATA_seq_tt,
-	.tcount = sizeof(KRB5_AUTHDATA_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_AUTHDATA),
-	.sname = "KRB5_AUTHDATA",
-};
-
-
-KRB5_AUTHDATA *
-d2i_KRB5_AUTHDATA(KRB5_AUTHDATA **a, const unsigned char **in, long len)
-{
-	return (KRB5_AUTHDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_AUTHDATA_it);
-}
-
-int
-i2d_KRB5_AUTHDATA(KRB5_AUTHDATA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHDATA_it);
-}
-
-KRB5_AUTHDATA *
-KRB5_AUTHDATA_new(void)
-{
-	return (KRB5_AUTHDATA *)ASN1_item_new(&KRB5_AUTHDATA_it);
-}
-
-void
-KRB5_AUTHDATA_free(KRB5_AUTHDATA *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHDATA_it);
-}
-
-
-/* [APPLICATION 2] = 0x62 */
-static const ASN1_TEMPLATE KRB5_AUTHENTBODY_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(KRB5_AUTHENTBODY, avno),
-		.field_name = "avno",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(KRB5_AUTHENTBODY, crealm),
-		.field_name = "crealm",
-		.item = &ASN1_GENERALSTRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 2,
-		.offset = offsetof(KRB5_AUTHENTBODY, cname),
-		.field_name = "cname",
-		.item = &KRB5_PRINCNAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 3,
-		.offset = offsetof(KRB5_AUTHENTBODY, cksum),
-		.field_name = "cksum",
-		.item = &KRB5_CHECKSUM_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 4,
-		.offset = offsetof(KRB5_AUTHENTBODY, cusec),
-		.field_name = "cusec",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 5,
-		.offset = offsetof(KRB5_AUTHENTBODY, ctime),
-		.field_name = "ctime",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 6,
-		.offset = offsetof(KRB5_AUTHENTBODY, subkey),
-		.field_name = "subkey",
-		.item = &KRB5_ENCKEY_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 7,
-		.offset = offsetof(KRB5_AUTHENTBODY, seqnum),
-		.field_name = "seqnum",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 8,
-		.offset = offsetof(KRB5_AUTHENTBODY, authorization),
-		.field_name = "authorization",
-		.item = &KRB5_AUTHDATA_it,
-	},
-};
-
-const ASN1_ITEM KRB5_AUTHENTBODY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = KRB5_AUTHENTBODY_seq_tt,
-	.tcount = sizeof(KRB5_AUTHENTBODY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(KRB5_AUTHENTBODY),
-	.sname = "KRB5_AUTHENTBODY",
-};
-
-
-KRB5_AUTHENTBODY *
-d2i_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY **a, const unsigned char **in, long len)
-{
-	return (KRB5_AUTHENTBODY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_AUTHENTBODY_it);
-}
-
-int
-i2d_KRB5_AUTHENTBODY(KRB5_AUTHENTBODY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENTBODY_it);
-}
-
-KRB5_AUTHENTBODY *
-KRB5_AUTHENTBODY_new(void)
-{
-	return (KRB5_AUTHENTBODY *)ASN1_item_new(&KRB5_AUTHENTBODY_it);
-}
-
-void
-KRB5_AUTHENTBODY_free(KRB5_AUTHENTBODY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENTBODY_it);
-}
-
-static const ASN1_TEMPLATE KRB5_AUTHENT_item_tt =  {
-	.flags = ASN1_TFLG_EXPTAG | ASN1_TFLG_APPLICATION,
-	.tag = 2,
-	.offset = 0,
-	.field_name = "KRB5_AUTHENT",
-	.item = &KRB5_AUTHENTBODY_it,
-};
-
-const ASN1_ITEM KRB5_AUTHENT_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &KRB5_AUTHENT_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "KRB5_AUTHENT",
-};
-
-
-KRB5_AUTHENT *
-d2i_KRB5_AUTHENT(KRB5_AUTHENT **a, const unsigned char **in, long len)
-{
-	return (KRB5_AUTHENT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &KRB5_AUTHENT_it);
-}
-
-int
-i2d_KRB5_AUTHENT(KRB5_AUTHENT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &KRB5_AUTHENT_it);
-}
-
-KRB5_AUTHENT *
-KRB5_AUTHENT_new(void)
-{
-	return (KRB5_AUTHENT *)ASN1_item_new(&KRB5_AUTHENT_it);
-}
-
-void
-KRB5_AUTHENT_free(KRB5_AUTHENT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &KRB5_AUTHENT_it);
-}
diff --git a/lib/libssl/src/crypto/krb5/krb5_asn.h b/lib/libssl/src/crypto/krb5/krb5_asn.h
deleted file mode 100644
index a5326e10579..00000000000
--- a/lib/libssl/src/crypto/krb5/krb5_asn.h
+++ /dev/null
@@ -1,256 +0,0 @@
-/* $OpenBSD: krb5_asn.h,v 1.4 2014/06/12 15:49:29 deraadt Exp $ */
-/* Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project,
-** using ocsp/{*.h,*asn*.c} as a starting point
-*/
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_KRB5_ASN_H
-#define HEADER_KRB5_ASN_H
-
-/*
-#include <krb5.h>
-*/
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-
-/*	ASN.1 from Kerberos RFC 1510
-*/
-
-/*	EncryptedData ::=   SEQUENCE {
-**		etype[0]                      INTEGER, -- EncryptionType
-**		kvno[1]                       INTEGER OPTIONAL,
-**		cipher[2]                     OCTET STRING -- ciphertext
-**	}
-*/
-typedef	struct	krb5_encdata_st
-	{
-	ASN1_INTEGER			*etype;
-	ASN1_INTEGER			*kvno;
-	ASN1_OCTET_STRING		*cipher;
-	}	KRB5_ENCDATA;
-
-DECLARE_STACK_OF(KRB5_ENCDATA)
-
-/*	PrincipalName ::=   SEQUENCE {
-**		name-type[0]                  INTEGER,
-**		name-string[1]                SEQUENCE OF GeneralString
-**	}
-*/
-typedef	struct	krb5_princname_st
-	{
-	ASN1_INTEGER			*nametype;
-	STACK_OF(ASN1_GENERALSTRING)	*namestring;
-	}	KRB5_PRINCNAME;
-
-DECLARE_STACK_OF(KRB5_PRINCNAME)
-
-
-/*	Ticket ::=	[APPLICATION 1] SEQUENCE {
-**		tkt-vno[0]                    INTEGER,
-**		realm[1]                      Realm,
-**		sname[2]                      PrincipalName,
-**		enc-part[3]                   EncryptedData
-**	}
-*/
-typedef	struct	krb5_tktbody_st
-	{
-	ASN1_INTEGER			*tktvno;
-	ASN1_GENERALSTRING		*realm;
-	KRB5_PRINCNAME			*sname;
-	KRB5_ENCDATA			*encdata;
-	}	KRB5_TKTBODY;
-
-typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
-DECLARE_STACK_OF(KRB5_TKTBODY)
-
-
-/*	AP-REQ ::=      [APPLICATION 14] SEQUENCE {
-**		pvno[0]                       INTEGER,
-**		msg-type[1]                   INTEGER,
-**		ap-options[2]                 APOptions,
-**		ticket[3]                     Ticket,
-**		authenticator[4]              EncryptedData
-**	}
-**
-**	APOptions ::=   BIT STRING {
-**		reserved(0), use-session-key(1), mutual-required(2) }
-*/
-typedef	struct	krb5_ap_req_st
-	{
-	ASN1_INTEGER			*pvno;
-	ASN1_INTEGER			*msgtype;
-	ASN1_BIT_STRING			*apoptions;
-	KRB5_TICKET			*ticket;
-	KRB5_ENCDATA			*authenticator;
-	}	KRB5_APREQBODY;
-
-typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
-DECLARE_STACK_OF(KRB5_APREQBODY)
-
-
-/*	Authenticator Stuff	*/
-
-
-/*	Checksum ::=   SEQUENCE {
-**		cksumtype[0]                  INTEGER,
-**		checksum[1]                   OCTET STRING
-**	}
-*/
-typedef	struct	krb5_checksum_st
-	{
-	ASN1_INTEGER			*ctype;
-	ASN1_OCTET_STRING		*checksum;
-	}	KRB5_CHECKSUM;
-
-DECLARE_STACK_OF(KRB5_CHECKSUM)
-
-
-/*	EncryptionKey ::=   SEQUENCE {
-**		keytype[0]                    INTEGER,
-**		keyvalue[1]                   OCTET STRING
-**	}
-*/
-typedef struct  krb5_encryptionkey_st
-	{
-	ASN1_INTEGER			*ktype;
-	ASN1_OCTET_STRING		*keyvalue;
-	}	KRB5_ENCKEY;
-
-DECLARE_STACK_OF(KRB5_ENCKEY)
-
-
-/*	AuthorizationData ::=   SEQUENCE OF SEQUENCE {
-**		ad-type[0]                    INTEGER,
-**              ad-data[1]                    OCTET STRING
-**	}
-*/
-typedef struct	krb5_authorization_st
-	{
-	ASN1_INTEGER			*adtype;
-	ASN1_OCTET_STRING		*addata;
-	}	KRB5_AUTHDATA;
-
-DECLARE_STACK_OF(KRB5_AUTHDATA)
-
-			
-/*	-- Unencrypted authenticator
-**	Authenticator ::=    [APPLICATION 2] SEQUENCE    {
-**		authenticator-vno[0]          INTEGER,
-**		crealm[1]                     Realm,
-**		cname[2]                      PrincipalName,
-**		cksum[3]                      Checksum OPTIONAL,
-**		cusec[4]                      INTEGER,
-**		ctime[5]                      KerberosTime,
-**		subkey[6]                     EncryptionKey OPTIONAL,
-**		seq-number[7]                 INTEGER OPTIONAL,
-**		authorization-data[8]         AuthorizationData OPTIONAL
-**	}
-*/
-typedef struct	krb5_authenticator_st
-	{
-	ASN1_INTEGER			*avno;
-	ASN1_GENERALSTRING		*crealm;
-	KRB5_PRINCNAME			*cname;
-	KRB5_CHECKSUM			*cksum;
-	ASN1_INTEGER			*cusec;
-	ASN1_GENERALIZEDTIME		*ctime;
-	KRB5_ENCKEY			*subkey;
-	ASN1_INTEGER			*seqnum;
-	KRB5_AUTHDATA			*authorization;
-	}	KRB5_AUTHENTBODY;
-
-typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
-DECLARE_STACK_OF(KRB5_AUTHENTBODY)
-
-
-/*  DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
-**	type *name##_new(void);
-**	void name##_free(type *a);
-**	DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
-**	 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
-**	  type *d2i_##name(type **a, const unsigned char **in, long len);
-**	  int i2d_##name(type *a, unsigned char **out);
-**	  DECLARE_ASN1_ITEM(itname) = extern const ASN1_ITEM itname##_it
-*/
-
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
-DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
-DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
-
-DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
-DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
-DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/lib/libssl/src/crypto/lhash/lh_stats.c b/lib/libssl/src/crypto/lhash/lh_stats.c
deleted file mode 100644
index e7dde478065..00000000000
--- a/lib/libssl/src/crypto/lhash/lh_stats.c
+++ /dev/null
@@ -1,254 +0,0 @@
-/* $OpenBSD: lh_stats.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/lhash.h>
-
-#ifdef OPENSSL_NO_BIO
-
-void
-lh_stats(LHASH *lh, FILE *out)
-{
-	fprintf(out, "num_items             = %lu\n", lh->num_items);
-	fprintf(out, "num_nodes             = %u\n", lh->num_nodes);
-	fprintf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
-	fprintf(out, "num_expands           = %lu\n", lh->num_expands);
-	fprintf(out, "num_expand_reallocs   = %lu\n", lh->num_expand_reallocs);
-	fprintf(out, "num_contracts         = %lu\n", lh->num_contracts);
-	fprintf(out, "num_contract_reallocs = %lu\n",
-	    lh->num_contract_reallocs);
-	fprintf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
-	fprintf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
-	fprintf(out, "num_insert            = %lu\n", lh->num_insert);
-	fprintf(out, "num_replace           = %lu\n", lh->num_replace);
-	fprintf(out, "num_delete            = %lu\n", lh->num_delete);
-	fprintf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
-	fprintf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
-	fprintf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
-	fprintf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
-#if 0
-	fprintf(out, "p                     = %u\n", lh->p);
-	fprintf(out, "pmax                  = %u\n", lh->pmax);
-	fprintf(out, "up_load               = %lu\n", lh->up_load);
-	fprintf(out, "down_load             = %lu\n", lh->down_load);
-#endif
-}
-
-void
-lh_node_stats(LHASH *lh, FILE *out)
-{
-	LHASH_NODE *n;
-	unsigned int i, num;
-
-	for (i = 0; i < lh->num_nodes; i++) {
-		for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-			num++;
-		fprintf(out, "node %6u -> %3u\n", i, num);
-	}
-}
-
-void
-lh_node_usage_stats(LHASH *lh, FILE *out)
-{
-	LHASH_NODE *n;
-	unsigned long num;
-	unsigned int i;
-	unsigned long total = 0, n_used = 0;
-
-	for (i = 0; i < lh->num_nodes; i++) {
-		for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-			num++;
-		if (num != 0) {
-			n_used++;
-			total += num;
-		}
-	}
-	fprintf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
-	fprintf(out, "%lu items\n", total);
-	if (n_used == 0)
-		return;
-	fprintf(out, "load %d.%02d  actual load %d.%02d\n",
-	    (int)(total / lh->num_nodes),
-	    (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
-	    (int)(total / n_used),
-	    (int)((total % n_used) * 100 / n_used));
-}
-
-#else
-
-void
-lh_stats(const _LHASH *lh, FILE *fp)
-{
-	BIO *bp;
-
-	bp = BIO_new(BIO_s_file());
-	if (bp == NULL)
-		goto end;
-	BIO_set_fp(bp, fp, BIO_NOCLOSE);
-	lh_stats_bio(lh, bp);
-	BIO_free(bp);
-end:;
-}
-
-void
-lh_node_stats(const _LHASH *lh, FILE *fp)
-{
-	BIO *bp;
-
-	bp = BIO_new(BIO_s_file());
-	if (bp == NULL)
-		goto end;
-	BIO_set_fp(bp, fp, BIO_NOCLOSE);
-	lh_node_stats_bio(lh, bp);
-	BIO_free(bp);
-end:;
-}
-
-void
-lh_node_usage_stats(const _LHASH *lh, FILE *fp)
-{
-	BIO *bp;
-
-	bp = BIO_new(BIO_s_file());
-	if (bp == NULL)
-		goto end;
-	BIO_set_fp(bp, fp, BIO_NOCLOSE);
-	lh_node_usage_stats_bio(lh, bp);
-	BIO_free(bp);
-end:;
-}
-
-
-void
-lh_stats_bio(const _LHASH *lh, BIO *out)
-{
-	BIO_printf(out, "num_items             = %lu\n", lh->num_items);
-	BIO_printf(out, "num_nodes             = %u\n", lh->num_nodes);
-	BIO_printf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
-	BIO_printf(out, "num_expands           = %lu\n", lh->num_expands);
-	BIO_printf(out, "num_expand_reallocs   = %lu\n",
-	    lh->num_expand_reallocs);
-	BIO_printf(out, "num_contracts         = %lu\n", lh->num_contracts);
-	BIO_printf(out, "num_contract_reallocs = %lu\n",
-	    lh->num_contract_reallocs);
-	BIO_printf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
-	BIO_printf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
-	BIO_printf(out, "num_insert            = %lu\n", lh->num_insert);
-	BIO_printf(out, "num_replace           = %lu\n", lh->num_replace);
-	BIO_printf(out, "num_delete            = %lu\n", lh->num_delete);
-	BIO_printf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
-	BIO_printf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
-	BIO_printf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
-	BIO_printf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
-#if 0
-	BIO_printf(out, "p                     = %u\n", lh->p);
-	BIO_printf(out, "pmax                  = %u\n", lh->pmax);
-	BIO_printf(out, "up_load               = %lu\n", lh->up_load);
-	BIO_printf(out, "down_load             = %lu\n", lh->down_load);
-#endif
-}
-
-void
-lh_node_stats_bio(const _LHASH *lh, BIO *out)
-{
-	LHASH_NODE *n;
-	unsigned int i, num;
-
-	for (i = 0; i < lh->num_nodes; i++) {
-		for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-			num++;
-		BIO_printf(out, "node %6u -> %3u\n", i, num);
-	}
-}
-
-void
-lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
-{
-	LHASH_NODE *n;
-	unsigned long num;
-	unsigned int i;
-	unsigned long total = 0, n_used = 0;
-
-	for (i = 0; i < lh->num_nodes; i++) {
-		for (n = lh->b[i], num = 0; n != NULL; n = n->next)
-			num++;
-		if (num != 0) {
-			n_used++;
-			total += num;
-		}
-	}
-	BIO_printf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
-	BIO_printf(out, "%lu items\n", total);
-	if (n_used == 0)
-		return;
-	BIO_printf(out, "load %d.%02d  actual load %d.%02d\n",
-	    (int)(total / lh->num_nodes),
-	    (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
-	    (int)(total / n_used),
-	    (int)((total % n_used) * 100 / n_used));
-}
-
-#endif
diff --git a/lib/libssl/src/crypto/lhash/lhash.c b/lib/libssl/src/crypto/lhash/lhash.c
deleted file mode 100644
index f4994f7471d..00000000000
--- a/lib/libssl/src/crypto/lhash/lhash.c
+++ /dev/null
@@ -1,463 +0,0 @@
-/* $OpenBSD: lhash.c,v 1.17 2014/07/10 22:45:57 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Code for dynamic hash table routines
- * Author - Eric Young v 2.0
- *
- * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
- *	     present. eay 18-Jun-98
- *
- * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
- *
- * 2.0 eay - Fixed a bug that occurred when using lh_delete
- *	     from inside lh_doall().  As entries were deleted,
- *	     the 'table' was 'contract()ed', making some entries
- *	     jump from the end of the table to the start, there by
- *	     skipping the lh_doall() processing. eay - 4/12/95
- *
- * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
- *	     were not being free()ed. 21/11/95
- *
- * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
- *	     19/09/95
- *
- * 1.7 eay - Removed the fputs() for realloc failures - the code
- *           should silently tolerate them.  I have also fixed things
- *           lint complained about 04/05/95
- *
- * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
- *
- * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
- *
- * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
- *
- * 1.3 eay - Fixed a few lint problems 19/3/1991
- *
- * 1.2 eay - Fixed lh_doall problem 13/3/1991
- *
- * 1.1 eay - Added lh_doall
- *
- * 1.0 eay - First version
- */
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-#undef MIN_NODES
-#define MIN_NODES	16
-#define UP_LOAD		(2*LH_LOAD_MULT) /* load times 256  (default 2) */
-#define DOWN_LOAD	(LH_LOAD_MULT)   /* load times 256  (default 1) */
-
-static void expand(_LHASH *lh);
-static void contract(_LHASH *lh);
-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
-
-_LHASH *
-lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
-{
-	_LHASH *ret;
-	int i;
-
-	if ((ret = malloc(sizeof(_LHASH))) == NULL)
-		goto err0;
-	if ((ret->b = reallocarray(NULL, MIN_NODES, sizeof(LHASH_NODE *))) == NULL)
-		goto err1;
-	for (i = 0; i < MIN_NODES; i++)
-		ret->b[i] = NULL;
-	ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c);
-	ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h);
-	ret->num_nodes = MIN_NODES / 2;
-	ret->num_alloc_nodes = MIN_NODES;
-	ret->p = 0;
-	ret->pmax = MIN_NODES / 2;
-	ret->up_load = UP_LOAD;
-	ret->down_load = DOWN_LOAD;
-	ret->num_items = 0;
-
-	ret->num_expands = 0;
-	ret->num_expand_reallocs = 0;
-	ret->num_contracts = 0;
-	ret->num_contract_reallocs = 0;
-	ret->num_hash_calls = 0;
-	ret->num_comp_calls = 0;
-	ret->num_insert = 0;
-	ret->num_replace = 0;
-	ret->num_delete = 0;
-	ret->num_no_delete = 0;
-	ret->num_retrieve = 0;
-	ret->num_retrieve_miss = 0;
-	ret->num_hash_comps = 0;
-
-	ret->error = 0;
-	return (ret);
-
-err1:
-	free(ret);
-err0:
-	return (NULL);
-}
-
-void
-lh_free(_LHASH *lh)
-{
-	unsigned int i;
-	LHASH_NODE *n, *nn;
-
-	if (lh == NULL)
-		return;
-
-	for (i = 0; i < lh->num_nodes; i++) {
-		n = lh->b[i];
-		while (n != NULL) {
-			nn = n->next;
-			free(n);
-			n = nn;
-		}
-	}
-	free(lh->b);
-	free(lh);
-}
-
-void *
-lh_insert(_LHASH *lh, void *data)
-{
-	unsigned long hash;
-	LHASH_NODE *nn, **rn;
-	void *ret;
-
-	lh->error = 0;
-	if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))
-		expand(lh);
-
-	rn = getrn(lh, data, &hash);
-
-	if (*rn == NULL) {
-		if ((nn = malloc(sizeof(LHASH_NODE))) == NULL) {
-			lh->error++;
-			return (NULL);
-		}
-		nn->data = data;
-		nn->next = NULL;
-#ifndef OPENSSL_NO_HASH_COMP
-		nn->hash = hash;
-#endif
-		*rn = nn;
-		ret = NULL;
-		lh->num_insert++;
-		lh->num_items++;
-	}
-	else /* replace same key */
-	{
-		ret = (*rn)->data;
-		(*rn)->data = data;
-		lh->num_replace++;
-	}
-	return (ret);
-}
-
-void *
-lh_delete(_LHASH *lh, const void *data)
-{
-	unsigned long hash;
-	LHASH_NODE *nn, **rn;
-	void *ret;
-
-	lh->error = 0;
-	rn = getrn(lh, data, &hash);
-
-	if (*rn == NULL) {
-		lh->num_no_delete++;
-		return (NULL);
-	} else {
-		nn= *rn;
-		*rn = nn->next;
-		ret = nn->data;
-		free(nn);
-		lh->num_delete++;
-	}
-
-	lh->num_items--;
-	if ((lh->num_nodes > MIN_NODES) &&
-	    (lh->down_load >= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)))
-		contract(lh);
-
-	return (ret);
-}
-
-void *
-lh_retrieve(_LHASH *lh, const void *data)
-{
-	unsigned long hash;
-	LHASH_NODE **rn;
-	void *ret;
-
-	lh->error = 0;
-	rn = getrn(lh, data, &hash);
-
-	if (*rn == NULL) {
-		lh->num_retrieve_miss++;
-		return (NULL);
-	} else {
-		ret = (*rn)->data;
-		lh->num_retrieve++;
-	}
-	return (ret);
-}
-
-static void
-doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
-    LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
-{
-	int i;
-	LHASH_NODE *a, *n;
-
-	if (lh == NULL)
-		return;
-
-	/* reverse the order so we search from 'top to bottom'
-	 * We were having memory leaks otherwise */
-	for (i = lh->num_nodes - 1; i >= 0; i--) {
-		a = lh->b[i];
-		while (a != NULL) {
-			/* 28/05/91 - eay - n added so items can be deleted
-			 * via lh_doall */
-			/* 22/05/08 - ben - eh? since a is not passed,
-			 * this should not be needed */
-			n = a->next;
-			if (use_arg)
-				func_arg(a->data, arg);
-			else
-				func(a->data);
-			a = n;
-		}
-	}
-}
-
-void
-lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
-{
-	doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
-}
-
-void
-lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
-{
-	doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
-}
-
-static void
-expand(_LHASH *lh)
-{
-	LHASH_NODE **n, **n1, **n2, *np;
-	unsigned int p, i, j;
-	unsigned long hash, nni;
-
-	lh->num_nodes++;
-	lh->num_expands++;
-	p = (int)lh->p++;
-	n1 = &(lh->b[p]);
-	n2 = &(lh->b[p + (int)lh->pmax]);
-	*n2 = NULL;        /* 27/07/92 - eay - undefined pointer bug */
-	nni = lh->num_alloc_nodes;
-
-	for (np = *n1; np != NULL; ) {
-#ifndef OPENSSL_NO_HASH_COMP
-		hash = np->hash;
-#else
-		hash = lh->hash(np->data);
-		lh->num_hash_calls++;
-#endif
-		if ((hash % nni) != p) { /* move it */
-			*n1 = (*n1)->next;
-			np->next= *n2;
-			*n2 = np;
-		} else
-			n1 = &((*n1)->next);
-		np= *n1;
-	}
-
-	if ((lh->p) >= lh->pmax) {
-		j = (int)lh->num_alloc_nodes * 2;
-		n = reallocarray(lh->b, j, sizeof(LHASH_NODE *));
-		if (n == NULL) {
-/*			fputs("realloc error in lhash", stderr); */
-			lh->error++;
-			lh->p = 0;
-			return;
-		}
-		/* else */
-		for (i = (int)lh->num_alloc_nodes; i < j; i++)/* 26/02/92 eay */
-			n[i] = NULL;			  /* 02/03/92 eay */
-		lh->pmax = lh->num_alloc_nodes;
-		lh->num_alloc_nodes = j;
-		lh->num_expand_reallocs++;
-		lh->p = 0;
-		lh->b = n;
-	}
-}
-
-static void
-contract(_LHASH *lh)
-{
-	LHASH_NODE **n, *n1, *np;
-
-	np = lh->b[lh->p + lh->pmax - 1];
-	lh->b[lh->p+lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */
-	if (lh->p == 0) {
-		n = reallocarray(lh->b, lh->pmax, sizeof(LHASH_NODE *));
-		if (n == NULL) {
-/*			fputs("realloc error in lhash", stderr); */
-			lh->error++;
-			return;
-		}
-		lh->num_contract_reallocs++;
-		lh->num_alloc_nodes /= 2;
-		lh->pmax /= 2;
-		lh->p = lh->pmax - 1;
-		lh->b = n;
-	} else
-		lh->p--;
-
-	lh->num_nodes--;
-	lh->num_contracts++;
-
-	n1 = lh->b[(int)lh->p];
-	if (n1 == NULL)
-		lh->b[(int)lh->p] = np;
-	else {
-		while (n1->next != NULL)
-			n1 = n1->next;
-		n1->next = np;
-	}
-}
-
-static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
-{
-	LHASH_NODE **ret, *n1;
-	unsigned long hash, nn;
-	LHASH_COMP_FN_TYPE cf;
-
-	hash = (*(lh->hash))(data);
-	lh->num_hash_calls++;
-	*rhash = hash;
-
-	nn = hash % lh->pmax;
-	if (nn < lh->p)
-		nn = hash % lh->num_alloc_nodes;
-
-	cf = lh->comp;
-	ret = &(lh->b[(int)nn]);
-	for (n1 = *ret; n1 != NULL; n1 = n1->next) {
-#ifndef OPENSSL_NO_HASH_COMP
-		lh->num_hash_comps++;
-		if (n1->hash != hash) {
-			ret = &(n1->next);
-			continue;
-		}
-#endif
-		lh->num_comp_calls++;
-		if (cf(n1->data, data) == 0)
-			break;
-		ret = &(n1->next);
-	}
-	return (ret);
-}
-
-/* The following hash seems to work very well on normal text strings
- * no collisions on /usr/dict/words and it distributes on %2^n quite
- * well, not as good as MD5, but still good.
- */
-unsigned long
-lh_strhash(const char *c)
-{
-	unsigned long ret = 0;
-	long n;
-	unsigned long v;
-	int r;
-
-	if ((c == NULL) || (*c == '\0'))
-		return (ret);
-/*
-	unsigned char b[16];
-	MD5(c,strlen(c),b);
-	return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
-*/
-
-	n = 0x100;
-	while (*c) {
-		v = n | (*c);
-		n += 0x100;
-		r = (int)((v >> 2) ^ v) & 0x0f;
-		ret = (ret << r)|(ret >> (32 - r));
-		ret &= 0xFFFFFFFFL;
-		ret ^= v * v;
-		c++;
-	}
-	return ((ret >> 16) ^ ret);
-}
-
-unsigned long
-lh_num_items(const _LHASH *lh)
-{
-	return lh ? lh->num_items : 0;
-}
diff --git a/lib/libssl/src/crypto/lhash/lhash.h b/lib/libssl/src/crypto/lhash/lhash.h
deleted file mode 100644
index 9c63657396b..00000000000
--- a/lib/libssl/src/crypto/lhash/lhash.h
+++ /dev/null
@@ -1,235 +0,0 @@
-/* $OpenBSD: lhash.h,v 1.12 2014/06/12 15:49:29 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Header for dynamic hash table routines
- * Author - Eric Young
- */
-
-#ifndef HEADER_LHASH_H
-#define HEADER_LHASH_H
-
-#include <openssl/opensslconf.h>
-
-#include <stdio.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct lhash_node_st {
-	void *data;
-	struct lhash_node_st *next;
-#ifndef OPENSSL_NO_HASH_COMP
-	unsigned long hash;
-#endif
-} LHASH_NODE;
-
-typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
-typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
-typedef void (*LHASH_DOALL_FN_TYPE)(void *);
-typedef void (*LHASH_DOALL_ARG_FN_TYPE)(void *, void *);
-
-/* Macros for declaring and implementing type-safe wrappers for LHASH callbacks.
- * This way, callbacks can be provided to LHASH structures without function
- * pointer casting and the macro-defined callbacks provide per-variable casting
- * before deferring to the underlying type-specific callbacks. NB: It is
- * possible to place a "static" in front of both the DECLARE and IMPLEMENT
- * macros if the functions are strictly internal. */
-
-/* First: "hash" functions */
-#define DECLARE_LHASH_HASH_FN(name, o_type) \
-	unsigned long name##_LHASH_HASH(const void *);
-#define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
-	unsigned long name##_LHASH_HASH(const void *arg) { \
-		const o_type *a = arg; \
-		return name##_hash(a); }
-#define LHASH_HASH_FN(name) name##_LHASH_HASH
-
-/* Second: "compare" functions */
-#define DECLARE_LHASH_COMP_FN(name, o_type) \
-	int name##_LHASH_COMP(const void *, const void *);
-#define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
-	int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
-		const o_type *a = arg1;		    \
-		const o_type *b = arg2; \
-		return name##_cmp(a,b); }
-#define LHASH_COMP_FN(name) name##_LHASH_COMP
-
-/* Third: "doall" functions */
-#define DECLARE_LHASH_DOALL_FN(name, o_type) \
-	void name##_LHASH_DOALL(void *);
-#define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
-	void name##_LHASH_DOALL(void *arg) { \
-		o_type *a = arg; \
-		name##_doall(a); }
-#define LHASH_DOALL_FN(name) name##_LHASH_DOALL
-
-/* Fourth: "doall_arg" functions */
-#define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-	void name##_LHASH_DOALL_ARG(void *, void *);
-#define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
-	void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
-		o_type *a = arg1; \
-		a_type *b = arg2; \
-		name##_doall_arg(a, b); }
-#define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
-
-typedef struct lhash_st {
-	LHASH_NODE **b;
-	LHASH_COMP_FN_TYPE comp;
-	LHASH_HASH_FN_TYPE hash;
-	unsigned int num_nodes;
-	unsigned int num_alloc_nodes;
-	unsigned int p;
-	unsigned int pmax;
-	unsigned long up_load; /* load times 256 */
-	unsigned long down_load; /* load times 256 */
-	unsigned long num_items;
-
-	unsigned long num_expands;
-	unsigned long num_expand_reallocs;
-	unsigned long num_contracts;
-	unsigned long num_contract_reallocs;
-	unsigned long num_hash_calls;
-	unsigned long num_comp_calls;
-	unsigned long num_insert;
-	unsigned long num_replace;
-	unsigned long num_delete;
-	unsigned long num_no_delete;
-	unsigned long num_retrieve;
-	unsigned long num_retrieve_miss;
-	unsigned long num_hash_comps;
-
-	int error;
-} _LHASH;	/* Do not use _LHASH directly, use LHASH_OF
-		 * and friends */
-
-#define LH_LOAD_MULT	256
-
-/* Indicates a malloc() error in the last call, this is only bad
- * in lh_insert(). */
-#define lh_error(lh)	((lh)->error)
-
-_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
-void lh_free(_LHASH *lh);
-void *lh_insert(_LHASH *lh, void *data);
-void *lh_delete(_LHASH *lh, const void *data);
-void *lh_retrieve(_LHASH *lh, const void *data);
-void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
-void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
-unsigned long lh_strhash(const char *c);
-unsigned long lh_num_items(const _LHASH *lh);
-
-void lh_stats(const _LHASH *lh, FILE *out);
-void lh_node_stats(const _LHASH *lh, FILE *out);
-void lh_node_usage_stats(const _LHASH *lh, FILE *out);
-
-#ifndef OPENSSL_NO_BIO
-void lh_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_stats_bio(const _LHASH *lh, BIO *out);
-void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
-#endif
-
-/* Type checking... */
-
-#define LHASH_OF(type) struct lhash_st_##type
-
-#define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
-
-#define CHECKED_LHASH_OF(type,lh) \
-  ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
-
-/* Define wrapper functions. */
-#define LHM_lh_new(type, name) \
-  ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
-#define LHM_lh_error(type, lh) \
-  lh_error(CHECKED_LHASH_OF(type,lh))
-#define LHM_lh_insert(type, lh, inst) \
-  ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
-		     CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_retrieve(type, lh, inst) \
-  ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
-		       CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_delete(type, lh, inst) \
-  ((type *)lh_delete(CHECKED_LHASH_OF(type, lh),			\
-		     CHECKED_PTR_OF(type, inst)))
-#define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
-#define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
-  lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
-#define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
-#define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
-#define LHM_lh_node_stats_bio(type, lh, out) \
-  lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_node_usage_stats_bio(type, lh, out) \
-  lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_stats_bio(type, lh, out) \
-  lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
-#define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
-
-DECLARE_LHASH_OF(OPENSSL_STRING);
-DECLARE_LHASH_OF(OPENSSL_CSTRING);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/malloc-wrapper.c b/lib/libssl/src/crypto/malloc-wrapper.c
deleted file mode 100644
index 68af8182309..00000000000
--- a/lib/libssl/src/crypto/malloc-wrapper.c
+++ /dev/null
@@ -1,197 +0,0 @@
-/* $OpenBSD: malloc-wrapper.c,v 1.3 2014/04/20 14:32:19 jsing Exp $ */
-/*
- * Copyright (c) 2014 Bob Beck
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-int
-CRYPTO_set_mem_functions(void *(*m)(size_t), void *(*r)(void *, size_t),
-    void (*f)(void *))
-{
-	return 0;
-}
-
-int
-CRYPTO_set_mem_ex_functions(void *(*m)(size_t, const char *, int),
-    void *(*r)(void *, size_t, const char *, int), void (*f)(void *))
-{
-	return 0;
-}
-
-int
-CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*f)(void *))
-{
-	return 0;
-}
-
-int
-CRYPTO_set_locked_mem_ex_functions(void *(*m)(size_t, const char *, int),
-    void (*f)(void *))
-{
-	return 0;
-}
-
-int
-CRYPTO_set_mem_debug_functions(void (*m)(void *, int, const char *, int, int),
-    void (*r)(void *, void *, int, const char *, int, int),
-    void (*f)(void *, int), void (*so)(long), long (*go)(void))
-{
-	return 0;
-}
-
-
-void
-CRYPTO_get_mem_functions(void *(**m)(size_t), void *(**r)(void *, size_t),
-    void (**f)(void *))
-{
-	if (m != NULL)
-		*m = malloc;
-	if (r != NULL)
-		*r = realloc;
-	if (f != NULL)
-		*f = free;
-}
-
-void
-CRYPTO_get_mem_ex_functions(void *(**m)(size_t, const char *, int),
-    void *(**r)(void *, size_t, const char *, int), void (**f)(void *))
-{
-	if (m != NULL)
-		*m = NULL;
-	if (r != NULL)
-		*r = NULL;
-	if (f != NULL)
-		*f = free;
-}
-
-void
-CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *))
-{
-	if (m != NULL)
-		*m = malloc;
-	if (f != NULL)
-		*f = free;
-}
-
-void
-CRYPTO_get_locked_mem_ex_functions(void *(**m)(size_t, const char *, int),
-    void (**f)(void *))
-{
-	if (m != NULL)
-		*m = NULL;
-	if (f != NULL)
-		*f = free;
-}
-
-void
-CRYPTO_get_mem_debug_functions(void (**m)(void *, int, const char *, int, int),
-    void (**r)(void *, void *, int, const char *, int, int),
-    void (**f)(void *, int), void (**so)(long), long (**go)(void))
-{
-	if (m != NULL)
-		*m = NULL;
-	if (r != NULL)
-		*r = NULL;
-	if (f != NULL)
-		*f = NULL;
-	if (so != NULL)
-		*so = NULL;
-	if (go != NULL)
-		*go = NULL;
-}
-
-
-void *
-CRYPTO_malloc_locked(int num, const char *file, int line)
-{
-	if (num <= 0)
-		return NULL;
-	return malloc(num);
-}
-
-void
-CRYPTO_free_locked(void *ptr)
-{
-	free(ptr);
-}
-
-void *
-CRYPTO_malloc(int num, const char *file, int line)
-{
-	if (num <= 0)
-		return NULL;
-	return malloc(num);
-}
-
-char *
-CRYPTO_strdup(const char *str, const char *file, int line)
-{
-	return strdup(str);
-}
-
-void *
-CRYPTO_realloc(void *ptr, int num, const char *file, int line)
-{
-	if (num <= 0)
-		return NULL;
-
-	return realloc(ptr, num);
-}
-
-void *
-CRYPTO_realloc_clean(void *ptr, int old_len, int num, const char *file,
-    int line)
-{
-	void *ret = NULL;
-
-	if (num <= 0)
-		return NULL;
-	if (num < old_len)
-		return NULL; /* original does not support shrinking */
-	ret = malloc(num);
-	if (ret && ptr && old_len > 0) {
-		memcpy(ret, ptr, old_len);
-		explicit_bzero(ptr, old_len);
-		free(ptr);
-	}
-	return ret;
-}
-
-void
-CRYPTO_free(void *ptr)
-{
-	free(ptr);
-}
-
-void *
-CRYPTO_remalloc(void *a, int num, const char *file, int line)
-{
-	free(a);
-	return malloc(num);
-}
-
-void
-CRYPTO_set_mem_debug_options(long bits)
-{
-	return;
-}
-
-long
-CRYPTO_get_mem_debug_options(void)
-{
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/md32_common.h b/lib/libssl/src/crypto/md32_common.h
deleted file mode 100644
index 7b6a354478b..00000000000
--- a/lib/libssl/src/crypto/md32_common.h
+++ /dev/null
@@ -1,359 +0,0 @@
-/* $OpenBSD: md32_common.h,v 1.20 2014/11/09 19:08:24 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-/*
- * This is a generic 32 bit "collector" for message digest algorithms.
- * Whenever needed it collects input character stream into chunks of
- * 32 bit values and invokes a block function that performs actual hash
- * calculations.
- *
- * Porting guide.
- *
- * Obligatory macros:
- *
- * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
- *	this macro defines byte order of input stream.
- * HASH_CBLOCK
- *	size of a unit chunk HASH_BLOCK operates on.
- * HASH_LONG
- *	has to be at least 32 bit wide.
- * HASH_CTX
- *	context structure that at least contains following
- *	members:
- *		typedef struct {
- *			...
- *			HASH_LONG	Nl,Nh;
- *			either {
- *			HASH_LONG	data[HASH_LBLOCK];
- *			unsigned char	data[HASH_CBLOCK];
- *			};
- *			unsigned int	num;
- *			...
- *			} HASH_CTX;
- *	data[] vector is expected to be zeroed upon first call to
- *	HASH_UPDATE.
- * HASH_UPDATE
- *	name of "Update" function, implemented here.
- * HASH_TRANSFORM
- *	name of "Transform" function, implemented here.
- * HASH_FINAL
- *	name of "Final" function, implemented here.
- * HASH_BLOCK_DATA_ORDER
- *	name of "block" function capable of treating *unaligned* input
- *	message in original (data) byte order, implemented externally.
- * HASH_MAKE_STRING
- *	macro convering context variables to an ASCII hash string.
- *
- * MD5 example:
- *
- *	#define DATA_ORDER_IS_LITTLE_ENDIAN
- *
- *	#define HASH_LONG		MD5_LONG
- *	#define HASH_CTX		MD5_CTX
- *	#define HASH_CBLOCK		MD5_CBLOCK
- *	#define HASH_UPDATE		MD5_Update
- *	#define HASH_TRANSFORM		MD5_Transform
- *	#define HASH_FINAL		MD5_Final
- *	#define HASH_BLOCK_DATA_ORDER	md5_block_data_order
- *
- *					<appro@fy.chalmers.se>
- */
-
-#include <stdint.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-#error "DATA_ORDER must be defined!"
-#endif
-
-#ifndef HASH_CBLOCK
-#error "HASH_CBLOCK must be defined!"
-#endif
-#ifndef HASH_LONG
-#error "HASH_LONG must be defined!"
-#endif
-#ifndef HASH_CTX
-#error "HASH_CTX must be defined!"
-#endif
-
-#ifndef HASH_UPDATE
-#error "HASH_UPDATE must be defined!"
-#endif
-#ifndef HASH_TRANSFORM
-#error "HASH_TRANSFORM must be defined!"
-#endif
-#if !defined(HASH_FINAL) && !defined(HASH_NO_FINAL)
-#error "HASH_FINAL or HASH_NO_FINAL must be defined!"
-#endif
-
-#ifndef HASH_BLOCK_DATA_ORDER
-#error "HASH_BLOCK_DATA_ORDER must be defined!"
-#endif
-
-/*
- * This common idiom is recognized by the compiler and turned into a
- * CPU-specific intrinsic as appropriate. 
- * e.g. GCC optimizes to roll on amd64 at -O0
- */
-static inline uint32_t ROTATE(uint32_t a, uint32_t n)
-{
-	return (a<<n)|(a>>(32-n));
-}
-
-#if defined(DATA_ORDER_IS_BIG_ENDIAN)
-
-#if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
-      (defined(__x86_64) || defined(__x86_64__))
-    /*
-     * This gives ~30-40% performance improvement in SHA-256 compiled
-     * with gcc [on P4]. Well, first macro to be frank. We can pull
-     * this trick on x86* platforms only, because these CPUs can fetch
-     * unaligned data without raising an exception.
-     */
-#  define HOST_c2l(c,l)	({ unsigned int r=*((const unsigned int *)(c));	\
-				   asm ("bswapl %0":"=r"(r):"0"(r));	\
-				   (c)+=4; (l)=r;			})
-#  define HOST_l2c(l,c)	({ unsigned int r=(l);			\
-				   asm ("bswapl %0":"=r"(r):"0"(r));	\
-				   *((unsigned int *)(c))=r; (c)+=4;	})
-# endif
-#endif
-#if defined(__s390__) || defined(__s390x__)
-# define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4)
-# define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4)
-#endif
-
-#ifndef HOST_c2l
-#define HOST_c2l(c,l) do {l =(((unsigned long)(*((c)++)))<<24);	\
-			  l|=(((unsigned long)(*((c)++)))<<16);	\
-			  l|=(((unsigned long)(*((c)++)))<< 8);	\
-			  l|=(((unsigned long)(*((c)++)))    );	\
-		      } while (0)
-#endif
-#ifndef HOST_l2c
-#define HOST_l2c(l,c) do {*((c)++)=(unsigned char)(((l)>>24)&0xff);	\
-			  *((c)++)=(unsigned char)(((l)>>16)&0xff);	\
-			  *((c)++)=(unsigned char)(((l)>> 8)&0xff);	\
-			  *((c)++)=(unsigned char)(((l)    )&0xff);	\
-		      } while (0)
-#endif
-
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-
-#if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__s390x__)
-#  define HOST_c2l(c,l)	({ asm ("lrv	%0,%1"			\
-				   :"=d"(l) :"m"(*(const unsigned int *)(c)));\
-				   (c)+=4; 				})
-#  define HOST_l2c(l,c)	({ asm ("strv	%1,%0"			\
-				   :"=m"(*(unsigned int *)(c)) :"d"(l));\
-				   (c)+=4; 				})
-# endif
-#endif
-#if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
-#  define HOST_c2l(c,l)	((l)=*((const unsigned int *)(c)), (c)+=4)
-#  define HOST_l2c(l,c)	(*((unsigned int *)(c))=(l), (c)+=4)
-#endif
-
-#ifndef HOST_c2l
-#define HOST_c2l(c,l) do {l =(((unsigned long)(*((c)++)))    );	\
-			  l|=(((unsigned long)(*((c)++)))<< 8);	\
-			  l|=(((unsigned long)(*((c)++)))<<16);	\
-			  l|=(((unsigned long)(*((c)++)))<<24);	\
-		      } while (0)
-#endif
-#ifndef HOST_l2c
-#define HOST_l2c(l,c) do {*((c)++)=(unsigned char)(((l)    )&0xff);	\
-			  *((c)++)=(unsigned char)(((l)>> 8)&0xff);	\
-			  *((c)++)=(unsigned char)(((l)>>16)&0xff);	\
-			  *((c)++)=(unsigned char)(((l)>>24)&0xff);	\
-		      } while (0)
-#endif
-
-#endif
-
-/*
- * Time for some action:-)
- */
-
-int
-HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
-{
-	const unsigned char *data = data_;
-	unsigned char *p;
-	HASH_LONG l;
-	size_t n;
-
-	if (len == 0)
-		return 1;
-
-	l = (c->Nl + (((HASH_LONG)len) << 3))&0xffffffffUL;
-	/* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
-	 * Wei Dai <weidai@eskimo.com> for pointing it out. */
-	if (l < c->Nl) /* overflow */
-		c->Nh++;
-	c->Nh+=(HASH_LONG)(len>>29);	/* might cause compiler warning on 16-bit */
-	c->Nl = l;
-
-	n = c->num;
-	if (n != 0) {
-		p = (unsigned char *)c->data;
-
-		if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
-			memcpy (p + n, data, HASH_CBLOCK - n);
-			HASH_BLOCK_DATA_ORDER (c, p, 1);
-			n = HASH_CBLOCK - n;
-			data += n;
-			len -= n;
-			c->num = 0;
-			memset (p,0,HASH_CBLOCK);	/* keep it zeroed */
-		} else {
-			memcpy (p + n, data, len);
-			c->num += (unsigned int)len;
-			return 1;
-		}
-	}
-
-	n = len/HASH_CBLOCK;
-	if (n > 0) {
-		HASH_BLOCK_DATA_ORDER (c, data, n);
-		n    *= HASH_CBLOCK;
-		data += n;
-		len -= n;
-	}
-
-	if (len != 0) {
-		p = (unsigned char *)c->data;
-		c->num = (unsigned int)len;
-		memcpy (p, data, len);
-	}
-	return 1;
-}
-
-
-void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data)
-{
-	HASH_BLOCK_DATA_ORDER (c, data, 1);
-}
-
-
-#ifndef HASH_NO_FINAL
-int HASH_FINAL (unsigned char *md, HASH_CTX *c)
-{
-	unsigned char *p = (unsigned char *)c->data;
-	size_t n = c->num;
-
-	p[n] = 0x80; /* there is always room for one */
-	n++;
-
-	if (n > (HASH_CBLOCK - 8)) {
-		memset (p + n, 0, HASH_CBLOCK - n);
-		n = 0;
-		HASH_BLOCK_DATA_ORDER (c, p, 1);
-	}
-	memset (p + n, 0, HASH_CBLOCK - 8 - n);
-
-	p += HASH_CBLOCK - 8;
-#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
-	HOST_l2c(c->Nh, p);
-	HOST_l2c(c->Nl, p);
-#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
-	HOST_l2c(c->Nl, p);
-	HOST_l2c(c->Nh, p);
-#endif
-	p -= HASH_CBLOCK;
-	HASH_BLOCK_DATA_ORDER (c, p, 1);
-	c->num = 0;
-	memset (p, 0, HASH_CBLOCK);
-
-#ifndef HASH_MAKE_STRING
-#error "HASH_MAKE_STRING must be defined!"
-#else
-	HASH_MAKE_STRING(c, md);
-#endif
-
-	return 1;
-}
-#endif
-
-#ifndef MD32_REG_T
-#if defined(__alpha) || defined(__sparcv9) || defined(__mips)
-#define MD32_REG_T long
-/*
- * This comment was originaly written for MD5, which is why it
- * discusses A-D. But it basically applies to all 32-bit digests,
- * which is why it was moved to common header file.
- *
- * In case you wonder why A-D are declared as long and not
- * as MD5_LONG. Doing so results in slight performance
- * boost on LP64 architectures. The catch is we don't
- * really care if 32 MSBs of a 64-bit register get polluted
- * with eventual overflows as we *save* only 32 LSBs in
- * *either* case. Now declaring 'em long excuses the compiler
- * from keeping 32 MSBs zeroed resulting in 13% performance
- * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
- * Well, to be honest it should say that this *prevents*
- * performance degradation.
- *				<appro@fy.chalmers.se>
- */
-#else
-/*
- * Above is not absolute and there are LP64 compilers that
- * generate better code if MD32_REG_T is defined int. The above
- * pre-processor condition reflects the circumstances under which
- * the conclusion was made and is subject to further extension.
- *				<appro@fy.chalmers.se>
- */
-#define MD32_REG_T int
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/md4/md4.h b/lib/libssl/src/crypto/md4/md4.h
deleted file mode 100644
index 04aacc98012..00000000000
--- a/lib/libssl/src/crypto/md4/md4.h
+++ /dev/null
@@ -1,103 +0,0 @@
-/* $OpenBSD: md4.h,v 1.16 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stddef.h>
-
-#ifndef HEADER_MD4_H
-#define HEADER_MD4_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MD4
-#error MD4 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD4_LONG has to be at least 32 bits wide.                     !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#define MD4_LONG unsigned int
-
-#define MD4_CBLOCK	64
-#define MD4_LBLOCK	(MD4_CBLOCK/4)
-#define MD4_DIGEST_LENGTH 16
-
-typedef struct MD4state_st
-	{
-	MD4_LONG A,B,C,D;
-	MD4_LONG Nl,Nh;
-	MD4_LONG data[MD4_LBLOCK];
-	unsigned int num;
-	} MD4_CTX;
-
-int MD4_Init(MD4_CTX *c);
-int MD4_Update(MD4_CTX *c, const void *data, size_t len);
-int MD4_Final(unsigned char *md, MD4_CTX *c);
-unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
-void MD4_Transform(MD4_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/md4/md4_dgst.c b/lib/libssl/src/crypto/md4/md4_dgst.c
deleted file mode 100644
index 4d3801fc26e..00000000000
--- a/lib/libssl/src/crypto/md4/md4_dgst.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* $OpenBSD: md4_dgst.c,v 1.16 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-#include "md4_locl.h"
-
-/* Implemented from RFC1186 The MD4 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-int MD4_Init(MD4_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->A=INIT_DATA_A;
-	c->B=INIT_DATA_B;
-	c->C=INIT_DATA_C;
-	c->D=INIT_DATA_D;
-	return 1;
-	}
-
-#ifndef md4_block_data_order
-#ifdef X
-#undef X
-#endif
-void md4_block_data_order (MD4_CTX *c, const void *data_, size_t num)
-	{
-	const unsigned char *data=data_;
-	unsigned MD32_REG_T A,B,C,D,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	MD4_LONG XX[MD4_LBLOCK];
-# define X(i)	XX[i]
-#endif
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;)
-		{
-	HOST_c2l(data,l); X( 0)=l;
-	HOST_c2l(data,l); X( 1)=l;
-	/* Round 0 */
-	R0(A,B,C,D,X( 0), 3,0);	HOST_c2l(data,l); X( 2)=l;
-	R0(D,A,B,C,X( 1), 7,0);	HOST_c2l(data,l); X( 3)=l;
-	R0(C,D,A,B,X( 2),11,0);	HOST_c2l(data,l); X( 4)=l;
-	R0(B,C,D,A,X( 3),19,0);	HOST_c2l(data,l); X( 5)=l;
-	R0(A,B,C,D,X( 4), 3,0);	HOST_c2l(data,l); X( 6)=l;
-	R0(D,A,B,C,X( 5), 7,0);	HOST_c2l(data,l); X( 7)=l;
-	R0(C,D,A,B,X( 6),11,0);	HOST_c2l(data,l); X( 8)=l;
-	R0(B,C,D,A,X( 7),19,0);	HOST_c2l(data,l); X( 9)=l;
-	R0(A,B,C,D,X( 8), 3,0);	HOST_c2l(data,l); X(10)=l;
-	R0(D,A,B,C,X( 9), 7,0);	HOST_c2l(data,l); X(11)=l;
-	R0(C,D,A,B,X(10),11,0);	HOST_c2l(data,l); X(12)=l;
-	R0(B,C,D,A,X(11),19,0);	HOST_c2l(data,l); X(13)=l;
-	R0(A,B,C,D,X(12), 3,0);	HOST_c2l(data,l); X(14)=l;
-	R0(D,A,B,C,X(13), 7,0);	HOST_c2l(data,l); X(15)=l;
-	R0(C,D,A,B,X(14),11,0);
-	R0(B,C,D,A,X(15),19,0);
-	/* Round 1 */
-	R1(A,B,C,D,X( 0), 3,0x5A827999L);
-	R1(D,A,B,C,X( 4), 5,0x5A827999L);
-	R1(C,D,A,B,X( 8), 9,0x5A827999L);
-	R1(B,C,D,A,X(12),13,0x5A827999L);
-	R1(A,B,C,D,X( 1), 3,0x5A827999L);
-	R1(D,A,B,C,X( 5), 5,0x5A827999L);
-	R1(C,D,A,B,X( 9), 9,0x5A827999L);
-	R1(B,C,D,A,X(13),13,0x5A827999L);
-	R1(A,B,C,D,X( 2), 3,0x5A827999L);
-	R1(D,A,B,C,X( 6), 5,0x5A827999L);
-	R1(C,D,A,B,X(10), 9,0x5A827999L);
-	R1(B,C,D,A,X(14),13,0x5A827999L);
-	R1(A,B,C,D,X( 3), 3,0x5A827999L);
-	R1(D,A,B,C,X( 7), 5,0x5A827999L);
-	R1(C,D,A,B,X(11), 9,0x5A827999L);
-	R1(B,C,D,A,X(15),13,0x5A827999L);
-	/* Round 2 */
-	R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 4),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(12),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X(10), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 6),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(14),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 5),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(13),15,0x6ED9EBA1L);
-	R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L);
-	R2(D,A,B,C,X(11), 9,0x6ED9EBA1L);
-	R2(C,D,A,B,X( 7),11,0x6ED9EBA1L);
-	R2(B,C,D,A,X(15),15,0x6ED9EBA1L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
diff --git a/lib/libssl/src/crypto/md4/md4_locl.h b/lib/libssl/src/crypto/md4/md4_locl.h
deleted file mode 100644
index ef574c040d8..00000000000
--- a/lib/libssl/src/crypto/md4/md4_locl.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* $OpenBSD: md4_locl.h,v 1.9 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/md4.h>
-
-void md4_block_data_order (MD4_CTX *c, const void *p,size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG		MD4_LONG
-#define HASH_CTX		MD4_CTX
-#define HASH_CBLOCK		MD4_CBLOCK
-#define HASH_UPDATE		MD4_Update
-#define HASH_TRANSFORM		MD4_Transform
-#define HASH_FINAL		MD4_Final
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	} while (0)
-#define	HASH_BLOCK_DATA_ORDER	md4_block_data_order
-
-#include "md32_common.h"
-
-/*
-#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
-#define	G(x,y,z)	(((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below.  Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
-#define G(b,c,d)	(((b) & (c)) | ((b) & (d)) | ((c) & (d)))
-#define	H(b,c,d)	((b) ^ (c) ^ (d))
-
-#define R0(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+F((b),(c),(d))); \
-	a=ROTATE(a,s); };
-
-#define R1(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+G((b),(c),(d))); \
-	a=ROTATE(a,s); };\
-
-#define R2(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+H((b),(c),(d))); \
-	a=ROTATE(a,s); };
diff --git a/lib/libssl/src/crypto/md4/md4_one.c b/lib/libssl/src/crypto/md4/md4_one.c
deleted file mode 100644
index c1fd6f3e521..00000000000
--- a/lib/libssl/src/crypto/md4/md4_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: md4_one.c,v 1.10 2015/09/14 01:45:03 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md4.h>
-#include <openssl/crypto.h>
-
-unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	MD4_CTX c;
-	static unsigned char m[MD4_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!MD4_Init(&c))
-		return NULL;
-	MD4_Update(&c,d,n);
-	MD4_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
diff --git a/lib/libssl/src/crypto/md5/asm/md5-586.pl b/lib/libssl/src/crypto/md5/asm/md5-586.pl
deleted file mode 100644
index 6cb66bb4999..00000000000
--- a/lib/libssl/src/crypto/md5/asm/md5-586.pl
+++ /dev/null
@@ -1,307 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X);
-# version, non-normal is the
-# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="eax";
-$B="ebx";
-$C="ecx";
-$D="edx";
-$tmp1="edi";
-$tmp2="ebp";
-$X="esi";
-
-# What we need to load into $tmp for the next round
-%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
-@xo=(
- 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,	# R0
- 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12,	# R1
- 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2,	# R2
- 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9,	# R3
- );
-
-&md5_block("md5_block_asm_data_order");
-&asm_finish();
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
-	return($n{$p});
-	}
-
-sub R0
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&mov($tmp1,$C)  if $pos < 0;
-	&mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one 
-
-	# body proper
-
-	&comment("R0 $ki");
-	&xor($tmp1,$d); # F function - part 2
-
-	&and($tmp1,$b); # F function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$d); # F function - part 4
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# next tmp1 for R0
-	&mov($tmp1,&Np($c)) if $pos == 1;	# next tmp1 for R1
-
-	&rotl($a,$s);
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
-	&add($a,$b);
-	}
-
-sub R1
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&comment("R1 $ki");
-
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$b); # G function - part 2
-	&and($tmp1,$d); # G function - part 3
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-	&xor($tmp1,$c);			# G function - part 4
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# G function - part 1
-	&mov($tmp1,&Np($c)) if $pos == 1;	# G function - part 1
-
-	&rotl($a,$s);
-
-	&add($a,$b);
-	}
-
-sub R2
-	{
-	local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-	# This one is different, only 3 logical operations
-
-if (($n & 1) == 0)
-	{
-	&comment("R2 $ki");
-	# make sure to do 'D' first, not 'B', else we clash with
-	# the last add from the previous round.
-
-	&xor($tmp1,$d); # H function - part 2
-
-	&xor($tmp1,$b); # H function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&add($a,$tmp1);
-
-	&rotl($a,$s);
-
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
-	&mov($tmp1,&Np($c));
-	}
-else
-	{
-	&comment("R2 $ki");
-	# make sure to do 'D' first, not 'B', else we clash with
-	# the last add from the previous round.
-
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&add($b,$c);			# MOVED FORWARD
-	&xor($tmp1,$d); # H function - part 2
-
-	&xor($tmp1,$b); # H function - part 3
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
-
-	&add($a,$tmp1);
-	&mov($tmp1,&Np($c)) if $pos < 1;	# H function - part 1
-	&mov($tmp1,-1) if $pos == 1;		# I function - part 1
-
-	&rotl($a,$s);
-
-	&add($a,$b);
-	}
-	}
-
-sub R3
-	{
-	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
-
-	&comment("R3 $ki");
-
-	# &not($tmp1)
-	&xor($tmp1,$d) if $pos < 0; 	# I function - part 2
-
-	&or($tmp1,$b);				# I function - part 3
-	&lea($a,&DWP($t,$a,$tmp2,1));
-
-	&xor($tmp1,$c); 			# I function - part 4
-	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0))	if $pos != 2; # load X/k value
-	&mov($tmp2,&wparam(0)) if $pos == 2;
-
-	&add($a,$tmp1);
-	&mov($tmp1,-1) if $pos < 1;	# H function - part 1
-	&add($K,64) if $pos >=1 && !$normal;
-
-	&rotl($a,$s);
-
-	&xor($tmp1,&Np($d)) if $pos <= 0; 	# I function - part = first time
-	&mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
-	&add($a,$b);
-	}
-
-
-sub md5_block
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"",3);
-
-	# parameter 1 is the MD5_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-
-	&push("esi");
-	 &push("edi");
-	&mov($tmp1,	&wparam(0)); # edi
-	 &mov($X,	&wparam(1)); # esi
-	&mov($C,	&wparam(2));
-	 &push("ebp");
-	&shl($C,	6);
-	&push("ebx");
-	 &add($C,	$X); # offset we end at
-	&sub($C,	64);
-	 &mov($A,	&DWP( 0,$tmp1,"",0));
-	&push($C);	# Put on the TOS
-	 &mov($B,	&DWP( 4,$tmp1,"",0));
-	&mov($C,	&DWP( 8,$tmp1,"",0));
-	 &mov($D,	&DWP(12,$tmp1,"",0));
-
-	&set_label("start") unless $normal;
-	&comment("");
-	&comment("R0 section");
-
-	&R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
-	&R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
-	&R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
-	&R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
-	&R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
-	&R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
-	&R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
-	&R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
-	&R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
-	&R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
-	&R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
-	&R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
-	&R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
-	&R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
-	&R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
-	&R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
-
-	&comment("");
-	&comment("R1 section");
-	&R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
-	&R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
-	&R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
-	&R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
-	&R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
-	&R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
-	&R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
-	&R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
-	&R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
-	&R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
-	&R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
-	&R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
-	&R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
-	&R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
-	&R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
-	&R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
-
-	&comment("");
-	&comment("R2 section");
-	&R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
-	&R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
-	&R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
-	&R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
-	&R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
-	&R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
-	&R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
-	&R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
-	&R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
-	&R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
-	&R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
-	&R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
-	&R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
-	&R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
-	&R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
-	&R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
-
-	&comment("");
-	&comment("R3 section");
-	&R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
-	&R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
-	&R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
-	&R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
-	&R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
-	&R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
-	&R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
-	&R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
-	&R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
-	&R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
-	&R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
-	&R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
-	&R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
-	&R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
-	&R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
-	&R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
-
-	# &mov($tmp2,&wparam(0));	# done in the last R3
-	# &mov($tmp1,	&DWP( 0,$tmp2,"",0)); # done is the last R3
-
-	&add($A,$tmp1);
-	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));
-
-	&add($B,$tmp1);
-	&mov($tmp1,	&DWP( 8,$tmp2,"",0));
-
-	&add($C,$tmp1);
-	&mov($tmp1,	&DWP(12,$tmp2,"",0));
-
-	&add($D,$tmp1);
-	&mov(&DWP( 0,$tmp2,"",0),$A);
-
-	&mov(&DWP( 4,$tmp2,"",0),$B);
-	&mov($tmp1,&swtmp(0)) unless $normal;
-
-	&mov(&DWP( 8,$tmp2,"",0),$C);
-	 &mov(&DWP(12,$tmp2,"",0),$D);
-
-	&cmp($tmp1,$X) unless $normal;			# check count
-	 &jae(&label("start")) unless $normal;
-
-	&pop("eax"); # pop the temp variable off the stack
-	 &pop("ebx");
-	&pop("ebp");
-	 &pop("edi");
-	&pop("esi");
-	 &ret();
-	&function_end_B($name);
-	}
-
diff --git a/lib/libssl/src/crypto/md5/asm/md5-ia64.S b/lib/libssl/src/crypto/md5/asm/md5-ia64.S
deleted file mode 100644
index e7de08d46a2..00000000000
--- a/lib/libssl/src/crypto/md5/asm/md5-ia64.S
+++ /dev/null
@@ -1,992 +0,0 @@
-/* Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
-
-//	Common registers are assigned as follows:
-//
-//	COMMON
-//
-//	t0		Const Tbl Ptr	TPtr
-//	t1		Round Constant	TRound
-//	t4		Block residual	LenResid
-//	t5		Residual Data	DTmp
-//
-//	{in,out}0	Block 0 Cycle	RotateM0
-//	{in,out}1	Block Value 12	M12
-//	{in,out}2	Block Value 8	M8
-//	{in,out}3	Block Value 4	M4
-//	{in,out}4	Block Value 0	M0
-//	{in,out}5	Block 1 Cycle	RotateM1
-//	{in,out}6	Block Value 13	M13
-//	{in,out}7	Block Value 9	M9
-//	{in,out}8	Block Value 5	M5
-//	{in,out}9	Block Value 1	M1
-//	{in,out}10	Block 2 Cycle	RotateM2
-//	{in,out}11	Block Value 14	M14
-//	{in,out}12	Block Value 10	M10
-//	{in,out}13	Block Value 6	M6
-//	{in,out}14	Block Value 2	M2
-//	{in,out}15	Block 3 Cycle	RotateM3
-//	{in,out}16	Block Value 15	M15
-//	{in,out}17	Block Value 11	M11
-//	{in,out}18	Block Value 7	M7
-//	{in,out}19	Block Value 3	M3
-//	{in,out}20	Scratch			Z
-//	{in,out}21	Scratch			Y
-//	{in,out}22	Scratch			X
-//	{in,out}23	Scratch			W
-//	{in,out}24	Digest A		A
-//	{in,out}25	Digest B		B
-//	{in,out}26	Digest C		C
-//	{in,out}27	Digest D		D
-//	{in,out}28	Active Data Ptr	DPtr
-//	in28		Dummy Value		-
-//	out28		Dummy Value		-
-//	bt0			Coroutine Link	QUICK_RTN
-//
-///	These predicates are used for computing the padding block(s) and
-///	are shared between the driver and digest co-routines
-//
-//	pt0			Extra Pad Block	pExtra
-//	pt1			Load next word	pLoad
-//	pt2			Skip next word	pSkip
-//	pt3			Search for Pad	pNoPad
-//	pt4			Pad Word 0		pPad0
-//	pt5			Pad Word 1		pPad1
-//	pt6			Pad Word 2		pPad2
-//	pt7			Pad Word 3		pPad3
-
-#define	DTmp		r19
-#define	LenResid	r18
-#define	QUICK_RTN	b6
-#define	TPtr		r14
-#define	TRound		r15
-#define	pExtra		p6
-#define	pLoad		p7
-#define	pNoPad		p9
-#define	pPad0		p10
-#define	pPad1		p11
-#define	pPad2		p12
-#define	pPad3		p13
-#define	pSkip		p8
-
-#define	A_		out24
-#define	B_		out25
-#define	C_		out26
-#define	D_		out27
-#define	DPtr_		out28
-#define	M0_		out4
-#define	M1_		out9
-#define	M10_		out12
-#define	M11_		out17
-#define	M12_		out1
-#define	M13_		out6
-#define	M14_		out11
-#define	M15_		out16
-#define	M2_		out14
-#define	M3_		out19
-#define	M4_		out3
-#define	M5_		out8
-#define	M6_		out13
-#define	M7_		out18
-#define	M8_		out2
-#define	M9_		out7
-#define	RotateM0_	out0
-#define	RotateM1_	out5
-#define	RotateM2_	out10
-#define	RotateM3_	out15
-#define	W_		out23
-#define	X_		out22
-#define	Y_		out21
-#define	Z_		out20
-
-#define	A		in24
-#define	B		in25
-#define	C		in26
-#define	D		in27
-#define	DPtr		in28
-#define	M0		in4
-#define	M1		in9
-#define	M10		in12
-#define	M11		in17
-#define	M12		in1
-#define	M13		in6
-#define	M14		in11
-#define	M15		in16
-#define	M2		in14
-#define	M3		in19
-#define	M4		in3
-#define	M5		in8
-#define	M6		in13
-#define	M7		in18
-#define	M8		in2
-#define	M9		in7
-#define	RotateM0	in0
-#define	RotateM1	in5
-#define	RotateM2	in10
-#define	RotateM3	in15
-#define	W		in23
-#define	X		in22
-#define	Y		in21
-#define	Z		in20
-
-/* register stack configuration for md5_block_asm_data_order(): */
-#define	MD5_NINP	3
-#define	MD5_NLOC	0
-#define MD5_NOUT	29
-#define MD5_NROT	0
-
-/* register stack configuration for helpers: */
-#define	_NINPUTS	MD5_NOUT
-#define	_NLOCALS	0
-#define _NOUTPUT	0
-#define	_NROTATE	24	/* this must be <= _NINPUTS */
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-#define	ADDP	addp4
-#else
-#define	ADDP	add
-#endif
-
-#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
-#define HOST_IS_BIG_ENDIAN
-#endif
-
-//	Macros for getting the left and right portions of little-endian words
-
-#define	GETLW(dst, src, align)	dep.z dst = src, 32 - 8 * align, 8 * align
-#define	GETRW(dst, src, align)	extr.u dst = src, 8 * align, 32 - 8 * align
-
-//	MD5 driver
-//
-//		Reads an input block, then calls the digest block
-//		subroutine and adds the results to the accumulated
-//		digest.  It allocates 32 outs which the subroutine
-//		uses as it's inputs and rotating
-//		registers. Initializes the round constant pointer and
-//		takes care of saving/restoring ar.lc
-//
-///	INPUT
-//
-//	in0		Context Ptr		CtxPtr0
-//	in1		Input Data Ptr		DPtrIn
-//	in2		Integral Blocks		BlockCount
-//	rp		Return Address		-
-//
-///	CODE
-//
-//	v2		Input Align		InAlign
-//	t0		Shared w/digest		-
-//	t1		Shared w/digest		-
-//	t2		Shared w/digest		-
-//	t3		Shared w/digest		-
-//	t4		Shared w/digest		-
-//	t5		Shared w/digest		-
-//	t6		PFS Save		PFSSave
-//	t7		ar.lc Save		LCSave
-//	t8		Saved PR		PRSave
-//	t9		2nd CtxPtr		CtxPtr1
-//	t10		Table Base		CTable
-//	t11		Table[0]		CTable0
-//	t13		Accumulator A		AccumA
-//	t14		Accumulator B		AccumB
-//	t15		Accumulator C		AccumC
-//	t16		Accumulator D		AccumD
-//	pt0		Shared w/digest		-
-//	pt1		Shared w/digest		-
-//	pt2		Shared w/digest		-
-//	pt3		Shared w/digest		-
-//	pt4		Shared w/digest		-
-//	pt5		Shared w/digest		-
-//	pt6		Shared w/digest		-
-//	pt7		Shared w/digest		-
-//	pt8		Not Aligned		pOff
-//	pt8		Blocks Left		pAgain
-
-#define	AccumA		r27
-#define	AccumB		r28
-#define	AccumC		r29
-#define	AccumD		r30
-#define	CTable		r24
-#define	CTable0		r25
-#define	CtxPtr0		in0
-#define	CtxPtr1		r23
-#define	DPtrIn		in1
-#define	BlockCount	in2
-#define	InAlign		r10
-#define	LCSave		r21
-#define	PFSSave		r20
-#define	PRSave		r22
-#define	pAgain		p63
-#define	pOff		p63
-
-	.text
-
-/* md5_block_asm_data_order(MD5_CTX *c, const void *data, size_t num)
-
-     where:
-      c: a pointer to a structure of this type:
-
-	   typedef struct MD5state_st
-	     {
-	       MD5_LONG A,B,C,D;
-	       MD5_LONG Nl,Nh;
-	       MD5_LONG data[MD5_LBLOCK];
-	       unsigned int num;
-	     }
-	   MD5_CTX;
-
-      data: a pointer to the input data (may be misaligned)
-      num:  the number of 16-byte blocks to hash (i.e., the length
-            of DATA is 16*NUM.
-
-   */
-
-	.type	md5_block_asm_data_order, @function
-	.global	md5_block_asm_data_order
-	.align	32
-	.proc	md5_block_asm_data_order
-md5_block_asm_data_order:
-.md5_block:
-	.prologue
-{	.mmi
-	.save	ar.pfs, PFSSave
-	alloc	PFSSave = ar.pfs, MD5_NINP, MD5_NLOC, MD5_NOUT, MD5_NROT
-	ADDP	CtxPtr1 = 8, CtxPtr0
-	mov	CTable = ip
-}
-{	.mmi
-	ADDP	DPtrIn = 0, DPtrIn
-	ADDP	CtxPtr0 = 0, CtxPtr0
-	.save	ar.lc, LCSave
-	mov	LCSave = ar.lc
-}
-;;
-{	.mmi
-	add	CTable = .md5_tbl_data_order#-.md5_block#, CTable
-	and	InAlign = 0x3, DPtrIn
-}
-
-{	.mmi
-	ld4	AccumA = [CtxPtr0], 4
-	ld4	AccumC = [CtxPtr1], 4
-	.save pr, PRSave
-	mov	PRSave = pr
-	.body
-}
-;;
-{	.mmi
-	ld4	AccumB = [CtxPtr0]
-	ld4	AccumD = [CtxPtr1]
-	dep	DPtr_ = 0, DPtrIn, 0, 2
-} ;;
-#ifdef HOST_IS_BIG_ENDIAN
-	rum	psr.be;;	// switch to little-endian
-#endif
-{	.mmb
-	ld4	CTable0 = [CTable], 4
-	cmp.ne	pOff, p0 = 0, InAlign
-(pOff)	br.cond.spnt.many .md5_unaligned
-} ;;
-
-//	The FF load/compute loop rotates values three times, so that
-//	loading into M12 here produces the M0 value, M13 -> M1, etc.
-
-.md5_block_loop0:
-{	.mmi
-	ld4	M12_ = [DPtr_], 4
-	mov	TPtr = CTable
-	mov	TRound = CTable0
-} ;;
-{	.mmi
-	ld4	M13_ = [DPtr_], 4
-	mov	A_ = AccumA
-	mov	B_ = AccumB
-} ;;
-{	.mmi
-	ld4	M14_ = [DPtr_], 4
-	mov	C_ = AccumC
-	mov	D_ = AccumD
-} ;;
-{	.mmb
-	ld4	M15_ = [DPtr_], 4
-	add	BlockCount = -1, BlockCount
-	br.call.sptk.many QUICK_RTN = md5_digest_block0
-} ;;
-
-//	Now, we add the new digest values and do some clean-up
-//	before checking if there's another full block to process
-
-{	.mmi
-	add	AccumA = AccumA, A_
-	add	AccumB = AccumB, B_
-	cmp.ne	pAgain, p0 = 0, BlockCount
-}
-{	.mib
-	add	AccumC = AccumC, C_
-	add	AccumD = AccumD, D_
-(pAgain) br.cond.dptk.many .md5_block_loop0
-} ;;
-
-.md5_exit:
-#ifdef HOST_IS_BIG_ENDIAN
-	sum	psr.be;;	// switch back to big-endian mode
-#endif
-{	.mmi
-	st4	[CtxPtr0] = AccumB, -4
-	st4	[CtxPtr1] = AccumD, -4
-	mov	pr = PRSave, 0x1ffff ;;
-}
-{	.mmi
-	st4	[CtxPtr0] = AccumA
-	st4	[CtxPtr1] = AccumC
-	mov	ar.lc = LCSave
-} ;;
-{	.mib
-	mov	ar.pfs = PFSSave
-	br.ret.sptk.few	rp
-} ;;
-
-#define	MD5UNALIGNED(offset)						\
-.md5_process##offset:							\
-{	.mib ;								\
-	nop	0x0	;						\
-	GETRW(DTmp, DTmp, offset) ;					\
-} ;;									\
-.md5_block_loop##offset:						\
-{	.mmi ;								\
-	ld4	Y_ = [DPtr_], 4 ;					\
-	mov	TPtr = CTable ;						\
-	mov	TRound = CTable0 ;					\
-} ;;									\
-{	.mmi ;								\
-	ld4	M13_ = [DPtr_], 4 ;					\
-	mov	A_ = AccumA ;						\
-	mov	B_ = AccumB ;						\
-} ;;									\
-{	.mii ;								\
-	ld4	M14_ = [DPtr_], 4 ;					\
-	GETLW(W_, Y_, offset) ;						\
-	mov	C_ = AccumC ;						\
-}									\
-{	.mmi ;								\
-	mov	D_ = AccumD ;;						\
-	or	M12_ = W_, DTmp ;					\
-	GETRW(DTmp, Y_, offset) ;					\
-}									\
-{	.mib ;								\
-	ld4	M15_ = [DPtr_], 4 ;					\
-	add	BlockCount = -1, BlockCount ;				\
-	br.call.sptk.many QUICK_RTN = md5_digest_block##offset;		\
-} ;;									\
-{	.mmi ;								\
-	add	AccumA = AccumA, A_ ;					\
-	add	AccumB = AccumB, B_ ;					\
-	cmp.ne	pAgain, p0 = 0, BlockCount ;				\
-}									\
-{	.mib ;								\
-	add	AccumC = AccumC, C_ ;					\
-	add	AccumD = AccumD, D_ ;					\
-(pAgain) br.cond.dptk.many .md5_block_loop##offset ;			\
-} ;;									\
-{	.mib ;								\
-	nop	0x0 ;							\
-	nop	0x0 ;							\
-	br.cond.sptk.many .md5_exit ;					\
-} ;;
-
-	.align	32
-.md5_unaligned:
-//
-//	Because variable shifts are expensive, we special case each of
-//	the four alignements. In practice, this won't hurt too much
-//	since only one working set of code will be loaded.
-//
-{	.mib
-	ld4	DTmp = [DPtr_], 4
-	cmp.eq	pOff, p0 = 1, InAlign
-(pOff)	br.cond.dpnt.many .md5_process1
-} ;;
-{	.mib
-	cmp.eq	pOff, p0 = 2, InAlign
-	nop	0x0
-(pOff)	br.cond.dpnt.many .md5_process2
-} ;;
-	MD5UNALIGNED(3)
-	MD5UNALIGNED(1)
-	MD5UNALIGNED(2)
-
-	.endp md5_block_asm_data_order
-
-
-// MD5 Perform the F function and load
-//
-// Passed the first 4 words (M0 - M3) and initial (A, B, C, D) values,
-// computes the FF() round of functions, then branches to the common
-// digest code to finish up with GG(), HH, and II().
-//
-// INPUT
-//
-// rp Return Address -
-//
-// CODE
-//
-// v0 PFS bit bucket PFS
-// v1 Loop Trip Count LTrip
-// pt0 Load next word pMore
-
-/* For F round: */
-#define LTrip	r9
-#define PFS	r8
-#define pMore	p6
-
-/* For GHI rounds: */
-#define T	r9
-#define U	r10
-#define V	r11
-
-#define COMPUTE(a, b, s, M, R)			\
-{						\
-	.mii ;					\
-	ld4 TRound = [TPtr], 4 ;		\
-	dep.z Y = Z, 32, 32 ;;			\
-	shrp Z = Z, Y, 64 - s ;			\
-} ;;						\
-{						\
-	.mmi ;					\
-	add a = Z, b ;				\
-	mov R = M ;				\
-	nop 0x0 ;				\
-} ;;
-
-#define LOOP(a, b, s, M, R, label)		\
-{	.mii ;					\
-	ld4 TRound = [TPtr], 4 ;		\
-	dep.z Y = Z, 32, 32 ;;			\
-	shrp Z = Z, Y, 64 - s ;			\
-} ;;						\
-{	.mib ;					\
-	add a = Z, b ;				\
-	mov R = M ;				\
-	br.ctop.sptk.many label ;		\
-} ;;
-
-// G(B, C, D) = (B & D) | (C & ~D)
-
-#define G(a, b, c, d, M)			\
-{	.mmi ;					\
-	add Z = M, TRound ;			\
-	and Y = b, d ;				\
-	andcm X = c, d ;			\
-} ;;						\
-{	.mii ;					\
-	add Z = Z, a ;				\
-	or Y = Y, X ;;				\
-	add Z = Z, Y ;				\
-} ;;
-
-// H(B, C, D) = B ^ C ^ D
-
-#define H(a, b, c, d, M)			\
-{	.mmi ;					\
-	add Z = M, TRound ;			\
-	xor Y = b, c ;				\
-	nop 0x0 ;				\
-} ;;						\
-{	.mii ;					\
-	add Z = Z, a ;				\
-	xor Y = Y, d ;;				\
-	add Z = Z, Y ;				\
-} ;;
-
-// I(B, C, D) = C ^ (B | ~D)
-//
-// However, since we have an andcm operator, we use the fact that
-//
-// Y ^ Z == ~Y ^ ~Z
-//
-// to rewrite the expression as
-//
-// I(B, C, D) = ~C ^ (~B & D)
-
-#define I(a, b, c, d, M)			\
-{	.mmi ;					\
-	add Z = M, TRound ;			\
-	andcm Y = d, b ;			\
-	andcm X = -1, c ;			\
-} ;;						\
-{	.mii ;					\
-	add Z = Z, a ;				\
-	xor Y = Y, X ;;				\
-	add Z = Z, Y ;				\
-} ;;
-
-#define GG4(label)				\
-	G(A, B, C, D, M0)			\
-	COMPUTE(A, B, 5, M0, RotateM0)		\
-	G(D, A, B, C, M1)			\
-	COMPUTE(D, A, 9, M1, RotateM1)		\
-	G(C, D, A, B, M2)			\
-	COMPUTE(C, D, 14, M2, RotateM2)		\
-	G(B, C, D, A, M3)			\
-	LOOP(B, C, 20, M3, RotateM3, label)
-
-#define HH4(label)				\
-	H(A, B, C, D, M0)			\
-	COMPUTE(A, B, 4, M0, RotateM0)		\
-	H(D, A, B, C, M1)			\
-	COMPUTE(D, A, 11, M1, RotateM1)		\
-	H(C, D, A, B, M2)			\
-	COMPUTE(C, D, 16, M2, RotateM2)		\
-	H(B, C, D, A, M3)			\
-	LOOP(B, C, 23, M3, RotateM3, label)
-
-#define II4(label)				\
-	I(A, B, C, D, M0)			\
-	COMPUTE(A, B, 6, M0, RotateM0)		\
-	I(D, A, B, C, M1)			\
-	COMPUTE(D, A, 10, M1, RotateM1)		\
-	I(C, D, A, B, M2)			\
-	COMPUTE(C, D, 15, M2, RotateM2)		\
-	I(B, C, D, A, M3)			\
-	LOOP(B, C, 21, M3, RotateM3, label)
-
-#define FFLOAD(a, b, c, d, M, N, s)		\
-{	.mii ;					\
-(pMore) ld4 N = [DPtr], 4 ;			\
-	add Z = M, TRound ;			\
-	and Y = c, b ;				\
-}						\
-{	.mmi ;					\
-	andcm X = d, b ;;			\
-	add Z = Z, a ;				\
-	or Y = Y, X ;				\
-} ;;						\
-{	.mii ;					\
-	ld4 TRound = [TPtr], 4 ;		\
-	add Z = Z, Y ;;				\
-	dep.z Y = Z, 32, 32 ;			\
-} ;;						\
-{	.mii ;					\
-	nop 0x0 ;				\
-	shrp Z = Z, Y, 64 - s ;;		\
-	add a = Z, b ;				\
-} ;;
-
-#define FFLOOP(a, b, c, d, M, N, s, dest)	\
-{	.mii ;					\
-(pMore)	ld4 N = [DPtr], 4 ;			\
-	add Z = M, TRound ;			\
-	and Y = c, b ;				\
-}						\
-{	.mmi ;					\
-	andcm X = d, b ;;			\
-	add Z = Z, a ;				\
-	or Y = Y, X ;				\
-} ;;						\
-{	.mii ;					\
-	ld4 TRound = [TPtr], 4 ;		\
-	add Z = Z, Y ;;				\
-	dep.z Y = Z, 32, 32 ;			\
-} ;;						\
-{	.mii ;					\
-	nop 0x0 ;				\
-	shrp Z = Z, Y, 64 - s ;;		\
-	add a = Z, b ;				\
-}						\
-{	.mib ;					\
-	cmp.ne pMore, p0 = 0, LTrip ;		\
-	add LTrip = -1, LTrip ;			\
-	br.ctop.dptk.many dest ;		\
-} ;;
-
-	.type md5_digest_block0, @function
-	.align 32
-
-	.proc md5_digest_block0
-	.prologue
-md5_digest_block0:
-	.altrp QUICK_RTN
-	.body
-{	.mmi
-	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
-	mov LTrip = 2
-	mov ar.lc = 3
-} ;;
-{	.mii
-	cmp.eq pMore, p0 = r0, r0
-	mov ar.ec = 0
-	nop 0x0
-} ;;
-
-.md5_FF_round0:
-	FFLOAD(A, B, C, D, M12, RotateM0, 7)
-	FFLOAD(D, A, B, C, M13, RotateM1, 12)
-	FFLOAD(C, D, A, B, M14, RotateM2, 17)
-	FFLOOP(B, C, D, A, M15, RotateM3, 22, .md5_FF_round0)
-	//
-	// !!! Fall through to md5_digest_GHI
-	//
-	.endp md5_digest_block0
-
-	.type md5_digest_GHI, @function
-	.align 32
-
-	.proc md5_digest_GHI
-	.prologue
-	.regstk _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
-md5_digest_GHI:
-	.altrp QUICK_RTN
-	.body
-//
-// The following sequence shuffles the block counstants round for the
-// next round:
-//
-// 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
-// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
-//
-{	.mmi
-	mov Z = M0
-	mov Y = M15
-	mov ar.lc = 3
-}
-{	.mmi
-	mov X = M2
-	mov W = M9
-	mov V = M4
-} ;;
-
-{	.mmi
-	mov M0 = M1
-	mov M15 = M12
-	mov ar.ec = 1
-}
-{	.mmi
-	mov M2 = M11
-	mov M9 = M14
-	mov M4 = M5
-} ;;
-
-{	.mmi
-	mov M1 = M6
-	mov M12 = M13
-	mov U = M3
-}
-{	.mmi
-	mov M11 = M8
-	mov M14 = M7
-	mov M5 = M10
-} ;;
-
-{	.mmi
-	mov M6 = Y
-	mov M13 = X
-	mov M3 = Z
-}
-{	.mmi
-	mov M8 = W
-	mov M7 = V
-	mov M10 = U
-} ;;
-
-.md5_GG_round:
-	GG4(.md5_GG_round)
-
-// The following sequence shuffles the block constants round for the
-// next round:
-//
-// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
-// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
-
-{	.mmi
-	mov Z = M0
-	mov Y = M1
-	mov ar.lc = 3
-}
-{	.mmi
-	mov X = M3
-	mov W = M5
-	mov V = M6
-} ;;
-
-{	.mmi
-	mov M0 = M4
-	mov M1 = M11
-	mov ar.ec = 1
-}
-{	.mmi
-	mov M3 = M9
-	mov U = M8
-	mov T = M13
-} ;;
-
-{	.mmi
-	mov M4 = Z
-	mov M11 = Y
-	mov M5 = M7
-}
-{	.mmi
-	mov M6 = M14
-	mov M8 = M12
-	mov M13 = M15
-} ;;
-
-{	.mmi
-	mov M7 = W
-	mov M14 = V
-	nop 0x0
-}
-{	.mmi
-	mov M9 = X
-	mov M12 = U
-	mov M15 = T
-} ;;
-
-.md5_HH_round:
-	HH4(.md5_HH_round)
-
-// The following sequence shuffles the block constants round for the
-// next round:
-//
-// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
-// 0 7 14 5 12 3 10 1 8 15 6 13 4 11 2 9
-
-{	.mmi
-	mov Z = M0
-	mov Y = M15
-	mov ar.lc = 3
-}
-{	.mmi
-	mov X = M10
-	mov W = M1
-	mov V = M4
-} ;;
-
-{	.mmi
-	mov M0 = M9
-	mov M15 = M12
-	mov ar.ec = 1
-}
-{	.mmi
-	mov M10 = M11
-	mov M1 = M6
-	mov M4 = M13
-} ;;
-
-{	.mmi
-	mov M9 = M14
-	mov M12 = M5
-	mov U = M3
-}
-{	.mmi
-	mov M11 = M8
-	mov M6 = M7
-	mov M13 = M2
-} ;;
-
-{	.mmi
-	mov M14 = Y
-	mov M5 = X
-	mov M3 = Z
-}
-{	.mmi
-	mov M8 = W
-	mov M7 = V
-	mov M2 = U
-} ;;
-
-.md5_II_round:
-	II4(.md5_II_round)
-
-{	.mib
-	nop 0x0
-	nop 0x0
-	br.ret.sptk.many QUICK_RTN
-} ;;
-
-	.endp md5_digest_GHI
-
-#define FFLOADU(a, b, c, d, M, P, N, s, offset)	\
-{	.mii ;					\
-(pMore) ld4 N = [DPtr], 4 ;			\
-	add Z = M, TRound ;			\
-	and Y = c, b ;				\
-}						\
-{	.mmi ;					\
-	andcm X = d, b ;;			\
-	add Z = Z, a ;				\
-	or Y = Y, X ;				\
-} ;;						\
-{	.mii ;					\
-	ld4 TRound = [TPtr], 4 ;		\
-	GETLW(W, P, offset) ;			\
-	add Z = Z, Y ;				\
-} ;;						\
-{	.mii ;					\
-	or W = W, DTmp ;			\
-	dep.z Y = Z, 32, 32 ;;			\
-	shrp Z = Z, Y, 64 - s ;			\
-} ;;						\
-{	.mii ;					\
-	add a = Z, b ;				\
-	GETRW(DTmp, P, offset) ;		\
-	mov P = W ;				\
-} ;;
-
-#define FFLOOPU(a, b, c, d, M, P, N, s, offset)		\
-{	.mii ;						\
-(pMore) ld4 N = [DPtr], 4 ;				\
-	add Z = M, TRound ;				\
-	and Y = c, b ;					\
-}							\
-{	.mmi ;						\
-	andcm X = d, b ;;				\
-	add Z = Z, a ;					\
-	or Y = Y, X ;					\
-} ;;							\
-{	.mii ;						\
-	ld4 TRound = [TPtr], 4 ;			\
-(pMore) GETLW(W, P, offset) 	;			\
-	add Z = Z, Y ;					\
-} ;;							\
-{	.mii ;						\
-(pMore) or W = W, DTmp ;				\
-	dep.z Y = Z, 32, 32 ;;				\
-	shrp Z = Z, Y, 64 - s ;				\
-} ;;							\
-{	.mii ;						\
-	add a = Z, b ;					\
-(pMore) GETRW(DTmp, P, offset) 	;			\
-(pMore) mov P = W ;					\
-}							\
-{	.mib ;						\
-	cmp.ne pMore, p0 = 0, LTrip ;			\
-	add LTrip = -1, LTrip ;				\
-	br.ctop.sptk.many .md5_FF_round##offset ;	\
-} ;;
-
-#define MD5FBLOCK(offset)						\
-	.type md5_digest_block##offset, @function ;			\
-									\
-	.align 32 ;							\
-	.proc md5_digest_block##offset ;				\
-	.prologue ;							\
-	.altrp QUICK_RTN ;						\
-	.body ;								\
-md5_digest_block##offset:						\
-{	.mmi ;								\
-	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE ;	\
-	mov LTrip = 2 ;							\
-	mov ar.lc = 3 ;							\
-} ;;									\
-{	.mii ;								\
-	cmp.eq pMore, p0 = r0, r0 ;					\
-	mov ar.ec = 0 ;							\
-	nop 0x0 ;							\
-} ;;									\
-									\
-	.pred.rel "mutex", pLoad, pSkip ;				\
-.md5_FF_round##offset:							\
-	FFLOADU(A, B, C, D, M12, M13, RotateM0, 7, offset)		\
-	FFLOADU(D, A, B, C, M13, M14, RotateM1, 12, offset)		\
-	FFLOADU(C, D, A, B, M14, M15, RotateM2, 17, offset)		\
-	FFLOOPU(B, C, D, A, M15, RotateM0, RotateM3, 22, offset)	\
-									\
-{	.mib ;								\
-	nop 0x0 ;							\
-	nop 0x0 ;							\
-	br.cond.sptk.many md5_digest_GHI ;				\
-} ;;									\
-	.endp md5_digest_block##offset
-
-MD5FBLOCK(1)
-MD5FBLOCK(2)
-MD5FBLOCK(3)
-
-	.align 64
-	.type md5_constants, @object
-md5_constants:
-.md5_tbl_data_order:			// To ensure little-endian data
-					// order, code as bytes.
-	data1 0x78, 0xa4, 0x6a, 0xd7	//     0
-	data1 0x56, 0xb7, 0xc7, 0xe8	//     1
-	data1 0xdb, 0x70, 0x20, 0x24	//     2
-	data1 0xee, 0xce, 0xbd, 0xc1	//     3
-	data1 0xaf, 0x0f, 0x7c, 0xf5	//     4
-	data1 0x2a, 0xc6, 0x87, 0x47	//     5
-	data1 0x13, 0x46, 0x30, 0xa8	//     6
-	data1 0x01, 0x95, 0x46, 0xfd	//     7
-	data1 0xd8, 0x98, 0x80, 0x69	//     8
-	data1 0xaf, 0xf7, 0x44, 0x8b	//     9
-	data1 0xb1, 0x5b, 0xff, 0xff	//    10
-	data1 0xbe, 0xd7, 0x5c, 0x89	//    11
-	data1 0x22, 0x11, 0x90, 0x6b	//    12
-	data1 0x93, 0x71, 0x98, 0xfd	//    13
-	data1 0x8e, 0x43, 0x79, 0xa6	//    14
-	data1 0x21, 0x08, 0xb4, 0x49	//    15
-	data1 0x62, 0x25, 0x1e, 0xf6	//    16
-	data1 0x40, 0xb3, 0x40, 0xc0	//    17
-	data1 0x51, 0x5a, 0x5e, 0x26	//    18
-	data1 0xaa, 0xc7, 0xb6, 0xe9	//    19
-	data1 0x5d, 0x10, 0x2f, 0xd6	//    20
-	data1 0x53, 0x14, 0x44, 0x02	//    21
-	data1 0x81, 0xe6, 0xa1, 0xd8	//    22
-	data1 0xc8, 0xfb, 0xd3, 0xe7	//    23
-	data1 0xe6, 0xcd, 0xe1, 0x21	//    24
-	data1 0xd6, 0x07, 0x37, 0xc3	//    25
-	data1 0x87, 0x0d, 0xd5, 0xf4	//    26
-	data1 0xed, 0x14, 0x5a, 0x45	//    27
-	data1 0x05, 0xe9, 0xe3, 0xa9	//    28
-	data1 0xf8, 0xa3, 0xef, 0xfc	//    29
-	data1 0xd9, 0x02, 0x6f, 0x67	//    30
-	data1 0x8a, 0x4c, 0x2a, 0x8d	//    31
-	data1 0x42, 0x39, 0xfa, 0xff	//    32
-	data1 0x81, 0xf6, 0x71, 0x87	//    33
-	data1 0x22, 0x61, 0x9d, 0x6d	//    34
-	data1 0x0c, 0x38, 0xe5, 0xfd	//    35
-	data1 0x44, 0xea, 0xbe, 0xa4	//    36
-	data1 0xa9, 0xcf, 0xde, 0x4b	//    37
-	data1 0x60, 0x4b, 0xbb, 0xf6	//    38
-	data1 0x70, 0xbc, 0xbf, 0xbe	//    39
-	data1 0xc6, 0x7e, 0x9b, 0x28	//    40
-	data1 0xfa, 0x27, 0xa1, 0xea	//    41
-	data1 0x85, 0x30, 0xef, 0xd4	//    42
-	data1 0x05, 0x1d, 0x88, 0x04	//    43
-	data1 0x39, 0xd0, 0xd4, 0xd9	//    44
-	data1 0xe5, 0x99, 0xdb, 0xe6	//    45
-	data1 0xf8, 0x7c, 0xa2, 0x1f	//    46
-	data1 0x65, 0x56, 0xac, 0xc4	//    47
-	data1 0x44, 0x22, 0x29, 0xf4	//    48
-	data1 0x97, 0xff, 0x2a, 0x43	//    49
-	data1 0xa7, 0x23, 0x94, 0xab	//    50
-	data1 0x39, 0xa0, 0x93, 0xfc	//    51
-	data1 0xc3, 0x59, 0x5b, 0x65	//    52
-	data1 0x92, 0xcc, 0x0c, 0x8f	//    53
-	data1 0x7d, 0xf4, 0xef, 0xff	//    54
-	data1 0xd1, 0x5d, 0x84, 0x85	//    55
-	data1 0x4f, 0x7e, 0xa8, 0x6f	//    56
-	data1 0xe0, 0xe6, 0x2c, 0xfe	//    57
-	data1 0x14, 0x43, 0x01, 0xa3	//    58
-	data1 0xa1, 0x11, 0x08, 0x4e	//    59
-	data1 0x82, 0x7e, 0x53, 0xf7	//    60
-	data1 0x35, 0xf2, 0x3a, 0xbd	//    61
-	data1 0xbb, 0xd2, 0xd7, 0x2a	//    62
-	data1 0x91, 0xd3, 0x86, 0xeb	//    63
-.size	md5_constants#,64*4
diff --git a/lib/libssl/src/crypto/md5/asm/md5-x86_64.pl b/lib/libssl/src/crypto/md5/asm/md5-x86_64.pl
deleted file mode 100755
index c902a1b532f..00000000000
--- a/lib/libssl/src/crypto/md5/asm/md5-x86_64.pl
+++ /dev/null
@@ -1,264 +0,0 @@
-#!/usr/bin/perl -w
-#
-# MD5 optimized for AMD64.
-#
-# Author: Marc Bevand <bevand_m (at) epita.fr>
-# Licence: I hereby disclaim the copyright on this code and place it
-# in the public domain.
-#
-
-use strict;
-
-my $code;
-
-# round1_step() does:
-#   dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s)
-#   %r10d = X[k_next]
-#   %r11d = z' (copy of z for the next step)
-# Each round1_step() takes about 5.3 clocks (9 instructions, 1.7 IPC)
-sub round1_step
-{
-    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
-    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
-    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
-    $code .= <<EOF;
-	xor	$y,		%r11d		/* y ^ ... */
-	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
-	and	$x,		%r11d		/* x & ... */
-	xor	$z,		%r11d		/* z ^ ... */
-	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
-	add	%r11d,		$dst		/* dst += ... */
-	rol	\$$s,		$dst		/* dst <<< s */
-	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
-	add	$x,		$dst		/* dst += x */
-EOF
-}
-
-# round2_step() does:
-#   dst = x + ((dst + G(x,y,z) + X[k] + T_i) <<< s)
-#   %r10d = X[k_next]
-#   %r11d = z' (copy of z for the next step)
-#   %r12d = z' (copy of z for the next step)
-# Each round2_step() takes about 5.4 clocks (11 instructions, 2.0 IPC)
-sub round2_step
-{
-    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
-    $code .= " mov	1*4(%rsi),	%r10d		/* (NEXT STEP) X[1] */\n" if ($pos == -1);
-    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
-    $code .= " mov	%edx,		%r12d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
-    $code .= <<EOF;
-	not	%r11d				/* not z */
-	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
-	and	$x,		%r12d		/* x & z */
-	and	$y,		%r11d		/* y & (not z) */
-	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
-	or	%r11d,		%r12d		/* (y & (not z)) | (x & z) */
-	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
-	add	%r12d,		$dst		/* dst += ... */
-	mov	$y,		%r12d		/* (NEXT STEP) z' = $y */
-	rol	\$$s,		$dst		/* dst <<< s */
-	add	$x,		$dst		/* dst += x */
-EOF
-}
-
-# round3_step() does:
-#   dst = x + ((dst + H(x,y,z) + X[k] + T_i) <<< s)
-#   %r10d = X[k_next]
-#   %r11d = y' (copy of y for the next step)
-# Each round3_step() takes about 4.2 clocks (8 instructions, 1.9 IPC)
-sub round3_step
-{
-    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
-    $code .= " mov	5*4(%rsi),	%r10d		/* (NEXT STEP) X[5] */\n" if ($pos == -1);
-    $code .= " mov	%ecx,		%r11d		/* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
-    $code .= <<EOF;
-	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
-	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
-	xor	$z,		%r11d		/* z ^ ... */
-	xor	$x,		%r11d		/* x ^ ... */
-	add	%r11d,		$dst		/* dst += ... */
-	rol	\$$s,		$dst		/* dst <<< s */
-	mov	$x,		%r11d		/* (NEXT STEP) y' = $x */
-	add	$x,		$dst		/* dst += x */
-EOF
-}
-
-# round4_step() does:
-#   dst = x + ((dst + I(x,y,z) + X[k] + T_i) <<< s)
-#   %r10d = X[k_next]
-#   %r11d = not z' (copy of not z for the next step)
-# Each round4_step() takes about 5.2 clocks (9 instructions, 1.7 IPC)
-sub round4_step
-{
-    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
-    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
-    $code .= " mov	\$0xffffffff,	%r11d\n" if ($pos == -1);
-    $code .= " xor	%edx,		%r11d		/* (NEXT STEP) not z' = not %edx*/\n"
-    if ($pos == -1);
-    $code .= <<EOF;
-	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
-	or	$x,		%r11d		/* x | ... */
-	xor	$y,		%r11d		/* y ^ ... */
-	add	%r11d,		$dst		/* dst += ... */
-	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
-	mov	\$0xffffffff,	%r11d
-	rol	\$$s,		$dst		/* dst <<< s */
-	xor	$y,		%r11d		/* (NEXT STEP) not z' = not $y */
-	add	$x,		$dst		/* dst += x */
-EOF
-}
-
-my $flavour = shift;
-my $output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-no warnings qw(uninitialized);
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$code .= <<EOF;
-.text
-.align 16
-
-.globl md5_block_asm_data_order
-.type md5_block_asm_data_order,\@function,3
-md5_block_asm_data_order:
-	push	%rbp
-	push	%rbx
-	push	%r12
-	push	%r14
-	push	%r15
-.Lprologue:
-
-	# rdi = arg #1 (ctx, MD5_CTX pointer)
-	# rsi = arg #2 (ptr, data pointer)
-	# rdx = arg #3 (nbr, number of 16-word blocks to process)
-	mov	%rdi,		%rbp	# rbp = ctx
-	shl	\$6,		%rdx	# rdx = nbr in bytes
-	lea	(%rsi,%rdx),	%rdi	# rdi = end
-	mov	0*4(%rbp),	%eax	# eax = ctx->A
-	mov	1*4(%rbp),	%ebx	# ebx = ctx->B
-	mov	2*4(%rbp),	%ecx	# ecx = ctx->C
-	mov	3*4(%rbp),	%edx	# edx = ctx->D
-	# end is 'rdi'
-	# ptr is 'rsi'
-	# A is 'eax'
-	# B is 'ebx'
-	# C is 'ecx'
-	# D is 'edx'
-
-	cmp	%rdi,		%rsi		# cmp end with ptr
-	je	.Lend				# jmp if ptr == end
-
-	# BEGIN of loop over 16-word blocks
-.Lloop:	# save old values of A, B, C, D
-	mov	%eax,		%r8d
-	mov	%ebx,		%r9d
-	mov	%ecx,		%r14d
-	mov	%edx,		%r15d
-EOF
-round1_step(-1,'%eax','%ebx','%ecx','%edx', '1','0xd76aa478', '7');
-round1_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xe8c7b756','12');
-round1_step( 0,'%ecx','%edx','%eax','%ebx', '3','0x242070db','17');
-round1_step( 0,'%ebx','%ecx','%edx','%eax', '4','0xc1bdceee','22');
-round1_step( 0,'%eax','%ebx','%ecx','%edx', '5','0xf57c0faf', '7');
-round1_step( 0,'%edx','%eax','%ebx','%ecx', '6','0x4787c62a','12');
-round1_step( 0,'%ecx','%edx','%eax','%ebx', '7','0xa8304613','17');
-round1_step( 0,'%ebx','%ecx','%edx','%eax', '8','0xfd469501','22');
-round1_step( 0,'%eax','%ebx','%ecx','%edx', '9','0x698098d8', '7');
-round1_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8b44f7af','12');
-round1_step( 0,'%ecx','%edx','%eax','%ebx','11','0xffff5bb1','17');
-round1_step( 0,'%ebx','%ecx','%edx','%eax','12','0x895cd7be','22');
-round1_step( 0,'%eax','%ebx','%ecx','%edx','13','0x6b901122', '7');
-round1_step( 0,'%edx','%eax','%ebx','%ecx','14','0xfd987193','12');
-round1_step( 0,'%ecx','%edx','%eax','%ebx','15','0xa679438e','17');
-round1_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x49b40821','22');
-
-round2_step(-1,'%eax','%ebx','%ecx','%edx', '6','0xf61e2562', '5');
-round2_step( 0,'%edx','%eax','%ebx','%ecx','11','0xc040b340', '9');
-round2_step( 0,'%ecx','%edx','%eax','%ebx', '0','0x265e5a51','14');
-round2_step( 0,'%ebx','%ecx','%edx','%eax', '5','0xe9b6c7aa','20');
-round2_step( 0,'%eax','%ebx','%ecx','%edx','10','0xd62f105d', '5');
-round2_step( 0,'%edx','%eax','%ebx','%ecx','15', '0x2441453', '9');
-round2_step( 0,'%ecx','%edx','%eax','%ebx', '4','0xd8a1e681','14');
-round2_step( 0,'%ebx','%ecx','%edx','%eax', '9','0xe7d3fbc8','20');
-round2_step( 0,'%eax','%ebx','%ecx','%edx','14','0x21e1cde6', '5');
-round2_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xc33707d6', '9');
-round2_step( 0,'%ecx','%edx','%eax','%ebx', '8','0xf4d50d87','14');
-round2_step( 0,'%ebx','%ecx','%edx','%eax','13','0x455a14ed','20');
-round2_step( 0,'%eax','%ebx','%ecx','%edx', '2','0xa9e3e905', '5');
-round2_step( 0,'%edx','%eax','%ebx','%ecx', '7','0xfcefa3f8', '9');
-round2_step( 0,'%ecx','%edx','%eax','%ebx','12','0x676f02d9','14');
-round2_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x8d2a4c8a','20');
-
-round3_step(-1,'%eax','%ebx','%ecx','%edx', '8','0xfffa3942', '4');
-round3_step( 0,'%edx','%eax','%ebx','%ecx','11','0x8771f681','11');
-round3_step( 0,'%ecx','%edx','%eax','%ebx','14','0x6d9d6122','16');
-round3_step( 0,'%ebx','%ecx','%edx','%eax', '1','0xfde5380c','23');
-round3_step( 0,'%eax','%ebx','%ecx','%edx', '4','0xa4beea44', '4');
-round3_step( 0,'%edx','%eax','%ebx','%ecx', '7','0x4bdecfa9','11');
-round3_step( 0,'%ecx','%edx','%eax','%ebx','10','0xf6bb4b60','16');
-round3_step( 0,'%ebx','%ecx','%edx','%eax','13','0xbebfbc70','23');
-round3_step( 0,'%eax','%ebx','%ecx','%edx', '0','0x289b7ec6', '4');
-round3_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xeaa127fa','11');
-round3_step( 0,'%ecx','%edx','%eax','%ebx', '6','0xd4ef3085','16');
-round3_step( 0,'%ebx','%ecx','%edx','%eax', '9', '0x4881d05','23');
-round3_step( 0,'%eax','%ebx','%ecx','%edx','12','0xd9d4d039', '4');
-round3_step( 0,'%edx','%eax','%ebx','%ecx','15','0xe6db99e5','11');
-round3_step( 0,'%ecx','%edx','%eax','%ebx', '2','0x1fa27cf8','16');
-round3_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xc4ac5665','23');
-
-round4_step(-1,'%eax','%ebx','%ecx','%edx', '7','0xf4292244', '6');
-round4_step( 0,'%edx','%eax','%ebx','%ecx','14','0x432aff97','10');
-round4_step( 0,'%ecx','%edx','%eax','%ebx', '5','0xab9423a7','15');
-round4_step( 0,'%ebx','%ecx','%edx','%eax','12','0xfc93a039','21');
-round4_step( 0,'%eax','%ebx','%ecx','%edx', '3','0x655b59c3', '6');
-round4_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8f0ccc92','10');
-round4_step( 0,'%ecx','%edx','%eax','%ebx', '1','0xffeff47d','15');
-round4_step( 0,'%ebx','%ecx','%edx','%eax', '8','0x85845dd1','21');
-round4_step( 0,'%eax','%ebx','%ecx','%edx','15','0x6fa87e4f', '6');
-round4_step( 0,'%edx','%eax','%ebx','%ecx', '6','0xfe2ce6e0','10');
-round4_step( 0,'%ecx','%edx','%eax','%ebx','13','0xa3014314','15');
-round4_step( 0,'%ebx','%ecx','%edx','%eax', '4','0x4e0811a1','21');
-round4_step( 0,'%eax','%ebx','%ecx','%edx','11','0xf7537e82', '6');
-round4_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xbd3af235','10');
-round4_step( 0,'%ecx','%edx','%eax','%ebx', '9','0x2ad7d2bb','15');
-round4_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xeb86d391','21');
-$code .= <<EOF;
-	# add old values of A, B, C, D
-	add	%r8d,	%eax
-	add	%r9d,	%ebx
-	add	%r14d,	%ecx
-	add	%r15d,	%edx
-
-	# loop control
-	add	\$64,		%rsi		# ptr += 64
-	cmp	%rdi,		%rsi		# cmp end with ptr
-	jb	.Lloop				# jmp if ptr < end
-	# END of loop over 16-word blocks
-
-.Lend:
-	mov	%eax,		0*4(%rbp)	# ctx->A = A
-	mov	%ebx,		1*4(%rbp)	# ctx->B = B
-	mov	%ecx,		2*4(%rbp)	# ctx->C = C
-	mov	%edx,		3*4(%rbp)	# ctx->D = D
-
-	mov	(%rsp),%r15
-	mov	8(%rsp),%r14
-	mov	16(%rsp),%r12
-	mov	24(%rsp),%rbx
-	mov	32(%rsp),%rbp
-	add	\$40,%rsp
-.Lepilogue:
-	ret
-.size md5_block_asm_data_order,.-md5_block_asm_data_order
-EOF
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/md5/md5.h b/lib/libssl/src/crypto/md5/md5.h
deleted file mode 100644
index e2c511c7c51..00000000000
--- a/lib/libssl/src/crypto/md5/md5.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* $OpenBSD: md5.h,v 1.20 2014/10/20 13:06:54 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stddef.h>
-
-#ifndef HEADER_MD5_H
-#define HEADER_MD5_H
-#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
-#define __bounded__(x, y, z)
-#endif
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_MD5
-#error MD5 is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! MD5_LONG has to be at least 32 bits wide.                     !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#define MD5_LONG unsigned int
-
-#define MD5_CBLOCK	64
-#define MD5_LBLOCK	(MD5_CBLOCK/4)
-#define MD5_DIGEST_LENGTH 16
-
-typedef struct MD5state_st
-	{
-	MD5_LONG A,B,C,D;
-	MD5_LONG Nl,Nh;
-	MD5_LONG data[MD5_LBLOCK];
-	unsigned int num;
-	} MD5_CTX;
-
-int MD5_Init(MD5_CTX *c);
-int MD5_Update(MD5_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int MD5_Final(unsigned char *md, MD5_CTX *c);
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void MD5_Transform(MD5_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/md5/md5_dgst.c b/lib/libssl/src/crypto/md5/md5_dgst.c
deleted file mode 100644
index f55113727ae..00000000000
--- a/lib/libssl/src/crypto/md5/md5_dgst.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/* $OpenBSD: md5_dgst.c,v 1.14 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "md5_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
- */
-
-#define INIT_DATA_A (unsigned long)0x67452301L
-#define INIT_DATA_B (unsigned long)0xefcdab89L
-#define INIT_DATA_C (unsigned long)0x98badcfeL
-#define INIT_DATA_D (unsigned long)0x10325476L
-
-int MD5_Init(MD5_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->A=INIT_DATA_A;
-	c->B=INIT_DATA_B;
-	c->C=INIT_DATA_C;
-	c->D=INIT_DATA_D;
-	return 1;
-	}
-
-#ifndef md5_block_data_order
-#ifdef X
-#undef X
-#endif
-void md5_block_data_order (MD5_CTX *c, const void *data_, size_t num)
-	{
-	const unsigned char *data=data_;
-	unsigned MD32_REG_T A,B,C,D,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	MD5_LONG XX[MD5_LBLOCK];
-# define X(i)	XX[i]
-#endif
-
-	A=c->A;
-	B=c->B;
-	C=c->C;
-	D=c->D;
-
-	for (;num--;)
-		{
-	HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-	/* Round 0 */
-	R0(A,B,C,D,X( 0), 7,0xd76aa478L);	HOST_c2l(data,l); X( 2)=l;
-	R0(D,A,B,C,X( 1),12,0xe8c7b756L);	HOST_c2l(data,l); X( 3)=l;
-	R0(C,D,A,B,X( 2),17,0x242070dbL);	HOST_c2l(data,l); X( 4)=l;
-	R0(B,C,D,A,X( 3),22,0xc1bdceeeL);	HOST_c2l(data,l); X( 5)=l;
-	R0(A,B,C,D,X( 4), 7,0xf57c0fafL);	HOST_c2l(data,l); X( 6)=l;
-	R0(D,A,B,C,X( 5),12,0x4787c62aL);	HOST_c2l(data,l); X( 7)=l;
-	R0(C,D,A,B,X( 6),17,0xa8304613L);	HOST_c2l(data,l); X( 8)=l;
-	R0(B,C,D,A,X( 7),22,0xfd469501L);	HOST_c2l(data,l); X( 9)=l;
-	R0(A,B,C,D,X( 8), 7,0x698098d8L);	HOST_c2l(data,l); X(10)=l;
-	R0(D,A,B,C,X( 9),12,0x8b44f7afL);	HOST_c2l(data,l); X(11)=l;
-	R0(C,D,A,B,X(10),17,0xffff5bb1L);	HOST_c2l(data,l); X(12)=l;
-	R0(B,C,D,A,X(11),22,0x895cd7beL);	HOST_c2l(data,l); X(13)=l;
-	R0(A,B,C,D,X(12), 7,0x6b901122L);	HOST_c2l(data,l); X(14)=l;
-	R0(D,A,B,C,X(13),12,0xfd987193L);	HOST_c2l(data,l); X(15)=l;
-	R0(C,D,A,B,X(14),17,0xa679438eL);
-	R0(B,C,D,A,X(15),22,0x49b40821L);
-	/* Round 1 */
-	R1(A,B,C,D,X( 1), 5,0xf61e2562L);
-	R1(D,A,B,C,X( 6), 9,0xc040b340L);
-	R1(C,D,A,B,X(11),14,0x265e5a51L);
-	R1(B,C,D,A,X( 0),20,0xe9b6c7aaL);
-	R1(A,B,C,D,X( 5), 5,0xd62f105dL);
-	R1(D,A,B,C,X(10), 9,0x02441453L);
-	R1(C,D,A,B,X(15),14,0xd8a1e681L);
-	R1(B,C,D,A,X( 4),20,0xe7d3fbc8L);
-	R1(A,B,C,D,X( 9), 5,0x21e1cde6L);
-	R1(D,A,B,C,X(14), 9,0xc33707d6L);
-	R1(C,D,A,B,X( 3),14,0xf4d50d87L);
-	R1(B,C,D,A,X( 8),20,0x455a14edL);
-	R1(A,B,C,D,X(13), 5,0xa9e3e905L);
-	R1(D,A,B,C,X( 2), 9,0xfcefa3f8L);
-	R1(C,D,A,B,X( 7),14,0x676f02d9L);
-	R1(B,C,D,A,X(12),20,0x8d2a4c8aL);
-	/* Round 2 */
-	R2(A,B,C,D,X( 5), 4,0xfffa3942L);
-	R2(D,A,B,C,X( 8),11,0x8771f681L);
-	R2(C,D,A,B,X(11),16,0x6d9d6122L);
-	R2(B,C,D,A,X(14),23,0xfde5380cL);
-	R2(A,B,C,D,X( 1), 4,0xa4beea44L);
-	R2(D,A,B,C,X( 4),11,0x4bdecfa9L);
-	R2(C,D,A,B,X( 7),16,0xf6bb4b60L);
-	R2(B,C,D,A,X(10),23,0xbebfbc70L);
-	R2(A,B,C,D,X(13), 4,0x289b7ec6L);
-	R2(D,A,B,C,X( 0),11,0xeaa127faL);
-	R2(C,D,A,B,X( 3),16,0xd4ef3085L);
-	R2(B,C,D,A,X( 6),23,0x04881d05L);
-	R2(A,B,C,D,X( 9), 4,0xd9d4d039L);
-	R2(D,A,B,C,X(12),11,0xe6db99e5L);
-	R2(C,D,A,B,X(15),16,0x1fa27cf8L);
-	R2(B,C,D,A,X( 2),23,0xc4ac5665L);
-	/* Round 3 */
-	R3(A,B,C,D,X( 0), 6,0xf4292244L);
-	R3(D,A,B,C,X( 7),10,0x432aff97L);
-	R3(C,D,A,B,X(14),15,0xab9423a7L);
-	R3(B,C,D,A,X( 5),21,0xfc93a039L);
-	R3(A,B,C,D,X(12), 6,0x655b59c3L);
-	R3(D,A,B,C,X( 3),10,0x8f0ccc92L);
-	R3(C,D,A,B,X(10),15,0xffeff47dL);
-	R3(B,C,D,A,X( 1),21,0x85845dd1L);
-	R3(A,B,C,D,X( 8), 6,0x6fa87e4fL);
-	R3(D,A,B,C,X(15),10,0xfe2ce6e0L);
-	R3(C,D,A,B,X( 6),15,0xa3014314L);
-	R3(B,C,D,A,X(13),21,0x4e0811a1L);
-	R3(A,B,C,D,X( 4), 6,0xf7537e82L);
-	R3(D,A,B,C,X(11),10,0xbd3af235L);
-	R3(C,D,A,B,X( 2),15,0x2ad7d2bbL);
-	R3(B,C,D,A,X( 9),21,0xeb86d391L);
-
-	A = c->A += A;
-	B = c->B += B;
-	C = c->C += C;
-	D = c->D += D;
-		}
-	}
-#endif
diff --git a/lib/libssl/src/crypto/md5/md5_locl.h b/lib/libssl/src/crypto/md5/md5_locl.h
deleted file mode 100644
index 00c5a67e318..00000000000
--- a/lib/libssl/src/crypto/md5/md5_locl.h
+++ /dev/null
@@ -1,128 +0,0 @@
-/* $OpenBSD: md5_locl.h,v 1.13 2014/10/20 13:06:54 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/md5.h>
-
-#ifdef MD5_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
-     defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
-#  define md5_block_data_order md5_block_asm_data_order
-# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
-#  define md5_block_data_order md5_block_asm_data_order
-# endif
-#endif
-
-void md5_block_data_order (MD5_CTX *c, const void *p,size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG		MD5_LONG
-#define HASH_CTX		MD5_CTX
-#define HASH_CBLOCK		MD5_CBLOCK
-#define HASH_UPDATE		MD5_Update
-#define HASH_TRANSFORM		MD5_Transform
-#define HASH_FINAL		MD5_Final
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	} while (0)
-#define	HASH_BLOCK_DATA_ORDER	md5_block_data_order
-
-#include "md32_common.h"
-
-/*
-#define	F(x,y,z)	(((x) & (y))  |  ((~(x)) & (z)))
-#define	G(x,y,z)	(((x) & (z))  |  ((y) & (~(z))))
-*/
-
-/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
- * simplified to the code below.  Wei attributes these optimizations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- */
-#define	F(b,c,d)	((((c) ^ (d)) & (b)) ^ (d))
-#define	G(b,c,d)	((((b) ^ (c)) & (d)) ^ (c))
-#define	H(b,c,d)	((b) ^ (c) ^ (d))
-#define	I(b,c,d)	(((~(d)) | (b)) ^ (c))
-
-#define R0(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+F((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };\
-
-#define R1(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+G((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
-
-#define R2(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+H((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
-
-#define R3(a,b,c,d,k,s,t) { \
-	a+=((k)+(t)+I((b),(c),(d))); \
-	a=ROTATE(a,s); \
-	a+=b; };
diff --git a/lib/libssl/src/crypto/md5/md5_one.c b/lib/libssl/src/crypto/md5/md5_one.c
deleted file mode 100644
index 3fb05de30c3..00000000000
--- a/lib/libssl/src/crypto/md5/md5_one.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: md5_one.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/md5.h>
-#include <openssl/crypto.h>
-
-unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	MD5_CTX c;
-	static unsigned char m[MD5_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!MD5_Init(&c))
-		return NULL;
-	MD5_Update(&c,d,n);
-	MD5_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
diff --git a/lib/libssl/src/crypto/mem_clr.c b/lib/libssl/src/crypto/mem_clr.c
deleted file mode 100644
index 9ee5e65a2e6..00000000000
--- a/lib/libssl/src/crypto/mem_clr.c
+++ /dev/null
@@ -1,11 +0,0 @@
-/* $OpenBSD: mem_clr.c,v 1.4 2014/06/12 15:49:27 deraadt Exp $ */
-
-/* Ted Unangst places this file in the public domain. */
-#include <string.h>
-#include <openssl/crypto.h>
-
-void
-OPENSSL_cleanse(void *ptr, size_t len)
-{
-	explicit_bzero(ptr, len);
-}
diff --git a/lib/libssl/src/crypto/mem_dbg.c b/lib/libssl/src/crypto/mem_dbg.c
deleted file mode 100644
index cae02a6f219..00000000000
--- a/lib/libssl/src/crypto/mem_dbg.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: mem_dbg.c,v 1.22 2014/06/12 15:49:27 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/crypto.h>
-#include <openssl/bio.h>
-#include <openssl/lhash.h>
-
-int
-CRYPTO_mem_ctrl(int mode)
-{
-	return (CRYPTO_MEM_CHECK_OFF);
-}
-
-int
-CRYPTO_is_mem_check_on(void)
-{
-	return (0);
-}
-
-
-void
-CRYPTO_dbg_set_options(long bits)
-{
-	return;
-}
-
-long
-CRYPTO_dbg_get_options(void)
-{
-	return (0);
-}
-
-int
-CRYPTO_push_info_(const char *info, const char *file, int line)
-{
-	return (0);
-}
-
-int
-CRYPTO_pop_info(void)
-{
-	return (0);
-}
-
-int
-CRYPTO_remove_all_info(void)
-{
-	return (0);
-}
-
-void
-CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
-    int before_p)
-{
-	/* CRYPTO_dbg_malloc is no longer permitted */
-	abort();
-}
-
-void
-CRYPTO_dbg_free(void *addr, int before_p)
-{
-	/* CRYPTO_dbg_free is no longer permitted */
-	abort();
-}
-
-void
-CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
-    const char *file, int line, int before_p)
-{
-	/* CRYPTO_dbg_realloc is no longer permitted */
-	abort();
-}
-
-void
-CRYPTO_mem_leaks(BIO *b)
-{
-	return;
-}
-
-void
-CRYPTO_mem_leaks_fp(FILE *fp)
-{
-	return;
-}
-
-
-void
-CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
-{
-	return;
-}
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-alpha.pl b/lib/libssl/src/crypto/modes/asm/ghash-alpha.pl
deleted file mode 100644
index b6d6ea5a62a..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-alpha.pl
+++ /dev/null
@@ -1,455 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# March 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+128 bytes shared table]. Even though
-# loops are aggressively modulo-scheduled in respect to references to
-# Htbl and Z.hi updates for 8 cycles per byte, measured performance is
-# ~12 cycles per processed byte on 21264 CPU. It seems to be a dynamic
-# scheduling "glitch," because uprofile(1) indicates uniform sample
-# distribution, as if all instruction bundles execute in 1.5 cycles.
-# Meaning that it could have been even faster, yet 12 cycles is ~60%
-# better than gcc-generated code and ~80% than code generated by vendor
-# compiler.
-
-$cnt="v0";	# $0
-$t0="t0";
-$t1="t1";
-$t2="t2";
-$Thi0="t3";	# $4
-$Tlo0="t4";
-$Thi1="t5";
-$Tlo1="t6";
-$rem="t7";	# $8
-#################
-$Xi="a0";	# $16, input argument block
-$Htbl="a1";
-$inp="a2";
-$len="a3";
-$nlo="a4";	# $20
-$nhi="a5";
-$Zhi="t8";
-$Zlo="t9";
-$Xhi="t10";	# $24
-$Xlo="t11";
-$remp="t12";
-$rem_4bit="AT";	# $28
-
-{ my $N;
-  sub loop() {
-
-	$N++;
-$code.=<<___;
-.align	4
-	extbl	$Xlo,7,$nlo
-	and	$nlo,0xf0,$nhi
-	sll	$nlo,4,$nlo
-	and	$nlo,0xf0,$nlo
-
-	addq	$nlo,$Htbl,$nlo
-	ldq	$Zlo,8($nlo)
-	addq	$nhi,$Htbl,$nhi
-	ldq	$Zhi,0($nlo)
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	lda	$cnt,6(zero)
-	extbl	$Xlo,6,$nlo
-
-	ldq	$Tlo1,8($nhi)
-	s8addq	$remp,$rem_4bit,$remp
-	ldq	$Thi1,0($nhi)
-	srl	$Zlo,4,$Zlo
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$t0,$Zlo,$Zlo
-	and	$nlo,0xf0,$nhi
-
-	xor	$Tlo1,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-	xor	$Thi1,$Zhi,$Zhi
-	and	$nlo,0xf0,$nlo
-
-	addq	$nlo,$Htbl,$nlo
-	ldq	$Tlo0,8($nlo)
-	addq	$nhi,$Htbl,$nhi
-	ldq	$Thi0,0($nlo)
-
-.Looplo$N:
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	subq	$cnt,1,$cnt
-	srl	$Zlo,4,$Zlo
-
-	ldq	$Tlo1,8($nhi)
-	xor	$rem,$Zhi,$Zhi
-	ldq	$Thi1,0($nhi)
-	s8addq	$remp,$rem_4bit,$remp
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$t0,$Zlo,$Zlo
-	extbl	$Xlo,$cnt,$nlo
-
-	and	$nlo,0xf0,$nhi
-	xor	$Thi0,$Zhi,$Zhi
-	xor	$Tlo0,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	and	$nlo,0xf0,$nlo
-	srl	$Zlo,4,$Zlo
-
-	s8addq	$remp,$rem_4bit,$remp
-	xor	$rem,$Zhi,$Zhi
-	addq	$nlo,$Htbl,$nlo
-	addq	$nhi,$Htbl,$nhi
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	ldq	$Tlo0,8($nlo)
-	xor	$t0,$Zlo,$Zlo
-
-	xor	$Tlo1,$Zlo,$Zlo
-	xor	$Thi1,$Zhi,$Zhi
-	ldq	$Thi0,0($nlo)
-	bne	$cnt,.Looplo$N
-
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	lda	$cnt,7(zero)
-	srl	$Zlo,4,$Zlo
-
-	ldq	$Tlo1,8($nhi)
-	xor	$rem,$Zhi,$Zhi
-	ldq	$Thi1,0($nhi)
-	s8addq	$remp,$rem_4bit,$remp
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$t0,$Zlo,$Zlo
-	extbl	$Xhi,$cnt,$nlo
-
-	and	$nlo,0xf0,$nhi
-	xor	$Thi0,$Zhi,$Zhi
-	xor	$Tlo0,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	and	$nlo,0xf0,$nlo
-	srl	$Zlo,4,$Zlo
-
-	s8addq	$remp,$rem_4bit,$remp
-	xor	$rem,$Zhi,$Zhi
-	addq	$nlo,$Htbl,$nlo
-	addq	$nhi,$Htbl,$nhi
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	ldq	$Tlo0,8($nlo)
-	xor	$t0,$Zlo,$Zlo
-
-	xor	$Tlo1,$Zlo,$Zlo
-	xor	$Thi1,$Zhi,$Zhi
-	ldq	$Thi0,0($nlo)
-	unop
-
-
-.Loophi$N:
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	subq	$cnt,1,$cnt
-	srl	$Zlo,4,$Zlo
-
-	ldq	$Tlo1,8($nhi)
-	xor	$rem,$Zhi,$Zhi
-	ldq	$Thi1,0($nhi)
-	s8addq	$remp,$rem_4bit,$remp
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$t0,$Zlo,$Zlo
-	extbl	$Xhi,$cnt,$nlo
-
-	and	$nlo,0xf0,$nhi
-	xor	$Thi0,$Zhi,$Zhi
-	xor	$Tlo0,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	and	$nlo,0xf0,$nlo
-	srl	$Zlo,4,$Zlo
-
-	s8addq	$remp,$rem_4bit,$remp
-	xor	$rem,$Zhi,$Zhi
-	addq	$nlo,$Htbl,$nlo
-	addq	$nhi,$Htbl,$nhi
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	ldq	$Tlo0,8($nlo)
-	xor	$t0,$Zlo,$Zlo
-
-	xor	$Tlo1,$Zlo,$Zlo
-	xor	$Thi1,$Zhi,$Zhi
-	ldq	$Thi0,0($nlo)
-	bne	$cnt,.Loophi$N
-
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	srl	$Zlo,4,$Zlo
-
-	ldq	$Tlo1,8($nhi)
-	xor	$rem,$Zhi,$Zhi
-	ldq	$Thi1,0($nhi)
-	s8addq	$remp,$rem_4bit,$remp
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$t0,$Zlo,$Zlo
-
-	xor	$Tlo0,$Zlo,$Zlo
-	xor	$Thi0,$Zhi,$Zhi
-
-	and	$Zlo,0x0f,$remp
-	sll	$Zhi,60,$t0
-	srl	$Zlo,4,$Zlo
-
-	s8addq	$remp,$rem_4bit,$remp
-	xor	$rem,$Zhi,$Zhi
-
-	ldq	$rem,0($remp)
-	srl	$Zhi,4,$Zhi
-	xor	$Tlo1,$Zlo,$Zlo
-	xor	$Thi1,$Zhi,$Zhi
-	xor	$t0,$Zlo,$Zlo
-	xor	$rem,$Zhi,$Zhi
-___
-}}
-
-$code=<<___;
-#include <machine/asm.h>
-
-.text
-
-.set	noat
-.set	noreorder
-.globl	gcm_gmult_4bit
-.align	4
-.ent	gcm_gmult_4bit
-gcm_gmult_4bit:
-	.frame	sp,0,ra
-	.prologue 0
-
-	ldq	$Xlo,8($Xi)
-	ldq	$Xhi,0($Xi)
-
-	bsr	$t0,picmeup
-	nop
-___
-
-	&loop();
-
-$code.=<<___;
-	srl	$Zlo,24,$t0	# byte swap
-	srl	$Zlo,8,$t1
-
-	sll	$Zlo,8,$t2
-	sll	$Zlo,24,$Zlo
-	zapnot	$t0,0x11,$t0
-	zapnot	$t1,0x22,$t1
-
-	zapnot	$Zlo,0x88,$Zlo
-	or	$t0,$t1,$t0
-	zapnot	$t2,0x44,$t2
-
-	or	$Zlo,$t0,$Zlo
-	srl	$Zhi,24,$t0
-	srl	$Zhi,8,$t1
-
-	or	$Zlo,$t2,$Zlo
-	sll	$Zhi,8,$t2
-	sll	$Zhi,24,$Zhi
-
-	srl	$Zlo,32,$Xlo
-	sll	$Zlo,32,$Zlo
-
-	zapnot	$t0,0x11,$t0
-	zapnot	$t1,0x22,$t1
-	or	$Zlo,$Xlo,$Xlo
-
-	zapnot	$Zhi,0x88,$Zhi
-	or	$t0,$t1,$t0
-	zapnot	$t2,0x44,$t2
-
-	or	$Zhi,$t0,$Zhi
-	or	$Zhi,$t2,$Zhi
-
-	srl	$Zhi,32,$Xhi
-	sll	$Zhi,32,$Zhi
-
-	or	$Zhi,$Xhi,$Xhi
-	stq	$Xlo,8($Xi)
-	stq	$Xhi,0($Xi)
-
-	ret	(ra)
-.end	gcm_gmult_4bit
-___
-
-$inhi="s0";
-$inlo="s1";
-
-$code.=<<___;
-.globl	gcm_ghash_4bit
-.align	4
-.ent	gcm_ghash_4bit
-gcm_ghash_4bit:
-	lda	sp,-32(sp)
-	stq	ra,0(sp)
-	stq	s0,8(sp)
-	stq	s1,16(sp)
-	.mask	0x04000600,-32
-	.frame	sp,32,ra
-	.prologue 0
-
-	ldq_u	$inhi,0($inp)
-	ldq_u	$Thi0,7($inp)
-	ldq_u	$inlo,8($inp)
-	ldq_u	$Tlo0,15($inp)
-	ldq	$Xhi,0($Xi)
-	ldq	$Xlo,8($Xi)
-
-	bsr	$t0,picmeup
-	nop
-
-.Louter:
-	extql	$inhi,$inp,$inhi
-	extqh	$Thi0,$inp,$Thi0
-	or	$inhi,$Thi0,$inhi
-	lda	$inp,16($inp)
-
-	extql	$inlo,$inp,$inlo
-	extqh	$Tlo0,$inp,$Tlo0
-	or	$inlo,$Tlo0,$inlo
-	subq	$len,16,$len
-
-	xor	$Xlo,$inlo,$Xlo
-	xor	$Xhi,$inhi,$Xhi
-___
-
-	&loop();
-
-$code.=<<___;
-	srl	$Zlo,24,$t0	# byte swap
-	srl	$Zlo,8,$t1
-
-	sll	$Zlo,8,$t2
-	sll	$Zlo,24,$Zlo
-	zapnot	$t0,0x11,$t0
-	zapnot	$t1,0x22,$t1
-
-	zapnot	$Zlo,0x88,$Zlo
-	or	$t0,$t1,$t0
-	zapnot	$t2,0x44,$t2
-
-	or	$Zlo,$t0,$Zlo
-	srl	$Zhi,24,$t0
-	srl	$Zhi,8,$t1
-
-	or	$Zlo,$t2,$Zlo
-	sll	$Zhi,8,$t2
-	sll	$Zhi,24,$Zhi
-
-	srl	$Zlo,32,$Xlo
-	sll	$Zlo,32,$Zlo
-	beq	$len,.Ldone
-
-	zapnot	$t0,0x11,$t0
-	zapnot	$t1,0x22,$t1
-	or	$Zlo,$Xlo,$Xlo
-	ldq_u	$inhi,0($inp)
-
-	zapnot	$Zhi,0x88,$Zhi
-	or	$t0,$t1,$t0
-	zapnot	$t2,0x44,$t2
-	ldq_u	$Thi0,7($inp)
-
-	or	$Zhi,$t0,$Zhi
-	or	$Zhi,$t2,$Zhi
-	ldq_u	$inlo,8($inp)
-	ldq_u	$Tlo0,15($inp)
-
-	srl	$Zhi,32,$Xhi
-	sll	$Zhi,32,$Zhi
-
-	or	$Zhi,$Xhi,$Xhi
-	br	zero,.Louter
-
-.Ldone:
-	zapnot	$t0,0x11,$t0
-	zapnot	$t1,0x22,$t1
-	or	$Zlo,$Xlo,$Xlo
-
-	zapnot	$Zhi,0x88,$Zhi
-	or	$t0,$t1,$t0
-	zapnot	$t2,0x44,$t2
-
-	or	$Zhi,$t0,$Zhi
-	or	$Zhi,$t2,$Zhi
-
-	srl	$Zhi,32,$Xhi
-	sll	$Zhi,32,$Zhi
-
-	or	$Zhi,$Xhi,$Xhi
-
-	stq	$Xlo,8($Xi)
-	stq	$Xhi,0($Xi)
-
-	.set	noreorder
-	/*ldq	ra,0(sp)*/
-	ldq	s0,8(sp)
-	ldq	s1,16(sp)
-	lda	sp,32(sp)
-	ret	(ra)
-.end	gcm_ghash_4bit
-
-.align	4
-.ent	picmeup
-picmeup:
-	.frame	sp,0,$t0
-	.prologue 0
-	br	$rem_4bit,.Lpic
-.Lpic:	lda	$rem_4bit,12($rem_4bit)
-	ret	($t0)
-.end	picmeup
-	nop
-rem_4bit:
-	.long	0,0x0000<<16, 0,0x1C20<<16, 0,0x3840<<16, 0,0x2460<<16
-	.long	0,0x7080<<16, 0,0x6CA0<<16, 0,0x48C0<<16, 0,0x54E0<<16
-	.long	0,0xE100<<16, 0,0xFD20<<16, 0,0xD940<<16, 0,0xC560<<16
-	.long	0,0x9180<<16, 0,0x8DA0<<16, 0,0xA9C0<<16, 0,0xB5E0<<16
-.ascii	"GHASH for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
-.align	4
-
-___
-$output=shift and open STDOUT,">$output";
-print $code;
-close STDOUT;
-
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-armv4.pl b/lib/libssl/src/crypto/modes/asm/ghash-armv4.pl
deleted file mode 100644
index d91586ee292..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-armv4.pl
+++ /dev/null
@@ -1,429 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# April 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+32 bytes shared table]. There is no
-# experimental performance data available yet. The only approximation
-# that can be made at this point is based on code size. Inner loop is
-# 32 instructions long and on single-issue core should execute in <40
-# cycles. Having verified that gcc 3.4 didn't unroll corresponding
-# loop, this assembler loop body was found to be ~3x smaller than
-# compiler-generated one...
-#
-# July 2010
-#
-# Rescheduling for dual-issue pipeline resulted in 8.5% improvement on
-# Cortex A8 core and ~25 cycles per processed byte (which was observed
-# to be ~3 times faster than gcc-generated code:-)
-#
-# February 2011
-#
-# Profiler-assisted and platform-specific optimization resulted in 7%
-# improvement on Cortex A8 core and ~23.5 cycles per byte.
-#
-# March 2011
-#
-# Add NEON implementation featuring polynomial multiplication, i.e. no
-# lookup tables involved. On Cortex A8 it was measured to process one
-# byte in 15 cycles or 55% faster than integer-only code.
-
-# ====================================================================
-# Note about "528B" variant. In ARM case it makes lesser sense to
-# implement it for following reasons:
-#
-# - performance improvement won't be anywhere near 50%, because 128-
-#   bit shift operation is neatly fused with 128-bit xor here, and
-#   "538B" variant would eliminate only 4-5 instructions out of 32
-#   in the inner loop (meaning that estimated improvement is ~15%);
-# - ARM-based systems are often embedded ones and extra memory
-#   consumption might be unappreciated (for so little improvement);
-#
-# Byte order [in]dependence. =========================================
-#
-# Caller is expected to maintain specific *dword* order in Htable,
-# namely with *least* significant dword of 128-bit value at *lower*
-# address. This differs completely from C code and has everything to
-# do with ldm instruction and order in which dwords are "consumed" by
-# algorithm. *Byte* order within these dwords in turn is whatever
-# *native* byte order on current platform. See gcm128.c for working
-# example...
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$Xi="r0";	# argument block
-$Htbl="r1";
-$inp="r2";
-$len="r3";
-
-$Zll="r4";	# variables
-$Zlh="r5";
-$Zhl="r6";
-$Zhh="r7";
-$Tll="r8";
-$Tlh="r9";
-$Thl="r10";
-$Thh="r11";
-$nlo="r12";
-################# r13 is stack pointer
-$nhi="r14";
-################# r15 is program counter
-
-$rem_4bit=$inp;	# used in gcm_gmult_4bit
-$cnt=$len;
-
-sub Zsmash() {
-  my $i=12;
-  my @args=@_;
-  for ($Zll,$Zlh,$Zhl,$Zhh) {
-    $code.=<<___;
-#if __ARM_ARCH__>=7 && defined(__ARMEL__)
-	rev	$_,$_
-	str	$_,[$Xi,#$i]
-#elif defined(__ARMEB__)
-	str	$_,[$Xi,#$i]
-#else
-	mov	$Tlh,$_,lsr#8
-	strb	$_,[$Xi,#$i+3]
-	mov	$Thl,$_,lsr#16
-	strb	$Tlh,[$Xi,#$i+2]
-	mov	$Thh,$_,lsr#24
-	strb	$Thl,[$Xi,#$i+1]
-	strb	$Thh,[$Xi,#$i]
-#endif
-___
-    $code.="\t".shift(@args)."\n";
-    $i-=4;
-  }
-}
-
-$code=<<___;
-#include "arm_arch.h"
-
-.text
-.code	32
-
-.type	rem_4bit,%object
-.align	5
-rem_4bit:
-.short	0x0000,0x1C20,0x3840,0x2460
-.short	0x7080,0x6CA0,0x48C0,0x54E0
-.short	0xE100,0xFD20,0xD940,0xC560
-.short	0x9180,0x8DA0,0xA9C0,0xB5E0
-.size	rem_4bit,.-rem_4bit
-
-.type	rem_4bit_get,%function
-rem_4bit_get:
-	sub	$rem_4bit,pc,#8
-	sub	$rem_4bit,$rem_4bit,#32	@ &rem_4bit
-	b	.Lrem_4bit_got
-	nop
-.size	rem_4bit_get,.-rem_4bit_get
-
-.global	gcm_ghash_4bit
-.type	gcm_ghash_4bit,%function
-gcm_ghash_4bit:
-	sub	r12,pc,#8
-	add	$len,$inp,$len		@ $len to point at the end
-	stmdb	sp!,{r3-r11,lr}		@ save $len/end too
-	sub	r12,r12,#48		@ &rem_4bit
-
-	ldmia	r12,{r4-r11}		@ copy rem_4bit ...
-	stmdb	sp!,{r4-r11}		@ ... to stack
-
-	ldrb	$nlo,[$inp,#15]
-	ldrb	$nhi,[$Xi,#15]
-.Louter:
-	eor	$nlo,$nlo,$nhi
-	and	$nhi,$nlo,#0xf0
-	and	$nlo,$nlo,#0x0f
-	mov	$cnt,#14
-
-	add	$Zhh,$Htbl,$nlo,lsl#4
-	ldmia	$Zhh,{$Zll-$Zhh}	@ load Htbl[nlo]
-	add	$Thh,$Htbl,$nhi
-	ldrb	$nlo,[$inp,#14]
-
-	and	$nhi,$Zll,#0xf		@ rem
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
-	add	$nhi,$nhi,$nhi
-	eor	$Zll,$Tll,$Zll,lsr#4
-	ldrh	$Tll,[sp,$nhi]		@ rem_4bit[rem]
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	ldrb	$nhi,[$Xi,#14]
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-	eor	$nlo,$nlo,$nhi
-	and	$nhi,$nlo,#0xf0
-	and	$nlo,$nlo,#0x0f
-	eor	$Zhh,$Zhh,$Tll,lsl#16
-
-.Linner:
-	add	$Thh,$Htbl,$nlo,lsl#4
-	and	$nlo,$Zll,#0xf		@ rem
-	subs	$cnt,$cnt,#1
-	add	$nlo,$nlo,$nlo
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nlo]
-	eor	$Zll,$Tll,$Zll,lsr#4
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	ldrh	$Tll,[sp,$nlo]		@ rem_4bit[rem]
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	ldrplb	$nlo,[$inp,$cnt]
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-
-	add	$Thh,$Htbl,$nhi
-	and	$nhi,$Zll,#0xf		@ rem
-	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
-	add	$nhi,$nhi,$nhi
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
-	eor	$Zll,$Tll,$Zll,lsr#4
-	ldrplb	$Tll,[$Xi,$cnt]
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	ldrh	$Tlh,[sp,$nhi]
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eorpl	$nlo,$nlo,$Tll
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-	andpl	$nhi,$nlo,#0xf0
-	andpl	$nlo,$nlo,#0x0f
-	eor	$Zhh,$Zhh,$Tlh,lsl#16	@ ^= rem_4bit[rem]
-	bpl	.Linner
-
-	ldr	$len,[sp,#32]		@ re-load $len/end
-	add	$inp,$inp,#16
-	mov	$nhi,$Zll
-___
-	&Zsmash("cmp\t$inp,$len","ldrneb\t$nlo,[$inp,#15]");
-$code.=<<___;
-	bne	.Louter
-
-	add	sp,sp,#36
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r11,pc}
-#else
-	ldmia	sp!,{r4-r11,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	gcm_ghash_4bit,.-gcm_ghash_4bit
-
-.global	gcm_gmult_4bit
-.type	gcm_gmult_4bit,%function
-gcm_gmult_4bit:
-	stmdb	sp!,{r4-r11,lr}
-	ldrb	$nlo,[$Xi,#15]
-	b	rem_4bit_get
-.Lrem_4bit_got:
-	and	$nhi,$nlo,#0xf0
-	and	$nlo,$nlo,#0x0f
-	mov	$cnt,#14
-
-	add	$Zhh,$Htbl,$nlo,lsl#4
-	ldmia	$Zhh,{$Zll-$Zhh}	@ load Htbl[nlo]
-	ldrb	$nlo,[$Xi,#14]
-
-	add	$Thh,$Htbl,$nhi
-	and	$nhi,$Zll,#0xf		@ rem
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
-	add	$nhi,$nhi,$nhi
-	eor	$Zll,$Tll,$Zll,lsr#4
-	ldrh	$Tll,[$rem_4bit,$nhi]	@ rem_4bit[rem]
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-	and	$nhi,$nlo,#0xf0
-	eor	$Zhh,$Zhh,$Tll,lsl#16
-	and	$nlo,$nlo,#0x0f
-
-.Loop:
-	add	$Thh,$Htbl,$nlo,lsl#4
-	and	$nlo,$Zll,#0xf		@ rem
-	subs	$cnt,$cnt,#1
-	add	$nlo,$nlo,$nlo
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nlo]
-	eor	$Zll,$Tll,$Zll,lsr#4
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	ldrh	$Tll,[$rem_4bit,$nlo]	@ rem_4bit[rem]
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	ldrplb	$nlo,[$Xi,$cnt]
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-
-	add	$Thh,$Htbl,$nhi
-	and	$nhi,$Zll,#0xf		@ rem
-	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
-	add	$nhi,$nhi,$nhi
-	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
-	eor	$Zll,$Tll,$Zll,lsr#4
-	eor	$Zll,$Zll,$Zlh,lsl#28
-	eor	$Zlh,$Tlh,$Zlh,lsr#4
-	ldrh	$Tll,[$rem_4bit,$nhi]	@ rem_4bit[rem]
-	eor	$Zlh,$Zlh,$Zhl,lsl#28
-	eor	$Zhl,$Thl,$Zhl,lsr#4
-	eor	$Zhl,$Zhl,$Zhh,lsl#28
-	eor	$Zhh,$Thh,$Zhh,lsr#4
-	andpl	$nhi,$nlo,#0xf0
-	andpl	$nlo,$nlo,#0x0f
-	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
-	bpl	.Loop
-___
-	&Zsmash();
-$code.=<<___;
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r11,pc}
-#else
-	ldmia	sp!,{r4-r11,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size	gcm_gmult_4bit,.-gcm_gmult_4bit
-___
-{
-my $cnt=$Htbl;	# $Htbl is used once in the very beginning
-
-my ($Hhi, $Hlo, $Zo, $T, $xi, $mod) = map("d$_",(0..7));
-my ($Qhi, $Qlo, $Z,  $R, $zero, $Qpost, $IN) = map("q$_",(8..15));
-
-# Z:Zo keeps 128-bit result shifted by 1 to the right, with bottom bit
-# in Zo. Or should I say "top bit", because GHASH is specified in
-# reverse bit order? Otherwise straightforward 128-bt H by one input
-# byte multiplication and modulo-reduction, times 16.
-
-sub Dlo()   { shift=~m|q([1]?[0-9])|?"d".($1*2):"";     }
-sub Dhi()   { shift=~m|q([1]?[0-9])|?"d".($1*2+1):"";   }
-sub Q()     { shift=~m|d([1-3]?[02468])|?"q".($1/2):""; }
-
-$code.=<<___;
-#if __ARM_ARCH__>=7
-.fpu	neon
-
-.global	gcm_gmult_neon
-.type	gcm_gmult_neon,%function
-.align	4
-gcm_gmult_neon:
-	sub		$Htbl,#16		@ point at H in GCM128_CTX
-	vld1.64		`&Dhi("$IN")`,[$Xi,:64]!@ load Xi
-	vmov.i32	$mod,#0xe1		@ our irreducible polynomial
-	vld1.64		`&Dlo("$IN")`,[$Xi,:64]!
-	vshr.u64	$mod,#32
-	vldmia		$Htbl,{$Hhi-$Hlo}	@ load H
-	veor		$zero,$zero
-#ifdef __ARMEL__
-	vrev64.8	$IN,$IN
-#endif
-	veor		$Qpost,$Qpost
-	veor		$R,$R
-	mov		$cnt,#16
-	veor		$Z,$Z
-	mov		$len,#16
-	veor		$Zo,$Zo
-	vdup.8		$xi,`&Dlo("$IN")`[0]	@ broadcast lowest byte
-	b		.Linner_neon
-.size	gcm_gmult_neon,.-gcm_gmult_neon
-
-.global	gcm_ghash_neon
-.type	gcm_ghash_neon,%function
-.align	4
-gcm_ghash_neon:
-	vld1.64		`&Dhi("$Z")`,[$Xi,:64]!	@ load Xi
-	vmov.i32	$mod,#0xe1		@ our irreducible polynomial
-	vld1.64		`&Dlo("$Z")`,[$Xi,:64]!
-	vshr.u64	$mod,#32
-	vldmia		$Xi,{$Hhi-$Hlo}		@ load H
-	veor		$zero,$zero
-	nop
-#ifdef __ARMEL__
-	vrev64.8	$Z,$Z
-#endif
-.Louter_neon:
-	vld1.64		`&Dhi($IN)`,[$inp]!	@ load inp
-	veor		$Qpost,$Qpost
-	vld1.64		`&Dlo($IN)`,[$inp]!
-	veor		$R,$R
-	mov		$cnt,#16
-#ifdef __ARMEL__
-	vrev64.8	$IN,$IN
-#endif
-	veor		$Zo,$Zo
-	veor		$IN,$Z			@ inp^=Xi
-	veor		$Z,$Z
-	vdup.8		$xi,`&Dlo("$IN")`[0]	@ broadcast lowest byte
-.Linner_neon:
-	subs		$cnt,$cnt,#1
-	vmull.p8	$Qlo,$Hlo,$xi		@ H.lo�Xi[i]
-	vmull.p8	$Qhi,$Hhi,$xi		@ H.hi�Xi[i]
-	vext.8		$IN,$zero,#1		@ IN>>=8
-
-	veor		$Z,$Qpost		@ modulo-scheduled part
-	vshl.i64	`&Dlo("$R")`,#48
-	vdup.8		$xi,`&Dlo("$IN")`[0]	@ broadcast lowest byte
-	veor		$T,`&Dlo("$Qlo")`,`&Dlo("$Z")`
-
-	veor		`&Dhi("$Z")`,`&Dlo("$R")`
-	vuzp.8		$Qlo,$Qhi
-	vsli.8		$Zo,$T,#1		@ compose the "carry" byte
-	vext.8		$Z,$zero,#1		@ Z>>=8
-
-	vmull.p8	$R,$Zo,$mod		@ "carry"�0xe1
-	vshr.u8		$Zo,$T,#7		@ save Z's bottom bit
-	vext.8		$Qpost,$Qlo,$zero,#1	@ Qlo>>=8
-	veor		$Z,$Qhi
-	bne		.Linner_neon
-
-	veor		$Z,$Qpost		@ modulo-scheduled artefact
-	vshl.i64	`&Dlo("$R")`,#48
-	veor		`&Dhi("$Z")`,`&Dlo("$R")`
-
-	@ finalization, normalize Z:Zo
-	vand		$Zo,$mod		@ suffices to mask the bit
-	vshr.u64	`&Dhi(&Q("$Zo"))`,`&Dlo("$Z")`,#63
-	vshl.i64	$Z,#1
-	subs		$len,#16
-	vorr		$Z,`&Q("$Zo")`		@ Z=Z:Zo<<1
-	bne		.Louter_neon
-
-#ifdef __ARMEL__
-	vrev64.8	$Z,$Z
-#endif
-	sub		$Xi,#16	
-	vst1.64		`&Dhi("$Z")`,[$Xi,:64]!	@ write out Xi
-	vst1.64		`&Dlo("$Z")`,[$Xi,:64]
-
-	bx	lr
-.size	gcm_ghash_neon,.-gcm_ghash_neon
-#endif
-___
-}
-$code.=<<___;
-.asciz  "GHASH for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
-.align  2
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT; # enforce flush
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-ia64.pl b/lib/libssl/src/crypto/modes/asm/ghash-ia64.pl
deleted file mode 100755
index 0354c954448..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-ia64.pl
+++ /dev/null
@@ -1,463 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# March 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+128 bytes shared table]. Streamed
-# GHASH performance was measured to be 6.67 cycles per processed byte
-# on Itanium 2, which is >90% better than Microsoft compiler generated
-# code. To anchor to something else sha1-ia64.pl module processes one
-# byte in 5.7 cycles. On Itanium GHASH should run at ~8.5 cycles per
-# byte.
-
-# September 2010
-#
-# It was originally thought that it makes lesser sense to implement
-# "528B" variant on Itanium 2 for following reason. Because number of
-# functional units is naturally limited, it appeared impossible to
-# implement "528B" loop in 4 cycles, only in 5. This would mean that
-# theoretically performance improvement couldn't be more than 20%.
-# But occasionally you prove yourself wrong:-) I figured out a way to
-# fold couple of instructions and having freed yet another instruction
-# slot by unrolling the loop... Resulting performance is 4.45 cycles
-# per processed byte and 50% better than "256B" version. On original
-# Itanium performance should remain the same as the "256B" version,
-# i.e. ~8.5 cycles.
-
-$output=shift and (open STDOUT,">$output" or die "can't open $output: $!");
-
-if ($^O eq "hpux") {
-    $ADDP="addp4";
-    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
-} else { $ADDP="add"; }
-for (@ARGV)  {  $big_endian=1 if (/\-DB_ENDIAN/);
-                $big_endian=0 if (/\-DL_ENDIAN/);  }
-if (!defined($big_endian))
-             {  $big_endian=(unpack('L',pack('N',1))==1);  }
-
-sub loop() {
-my $label=shift;
-my ($p16,$p17)=(shift)?("p63","p63"):("p16","p17"); # mask references to inp
-
-# Loop is scheduled for 6 ticks on Itanium 2 and 8 on Itanium, i.e.
-# in scalable manner;-) Naturally assuming data in L1 cache...
-# Special note about 'dep' instruction, which is used to construct
-# &rem_4bit[Zlo&0xf]. It works, because rem_4bit is aligned at 128
-# bytes boundary and lower 7 bits of its address are guaranteed to
-# be zero.
-$code.=<<___;
-$label:
-{ .mfi;	(p18)	ld8	Hlo=[Hi[1]],-8
-	(p19)	dep	rem=Zlo,rem_4bitp,3,4	}
-{ .mfi;	(p19)	xor	Zhi=Zhi,Hhi
-	($p17)	xor	xi[1]=xi[1],in[1]	};;
-{ .mfi;	(p18)	ld8	Hhi=[Hi[1]]
-	(p19)	shrp	Zlo=Zhi,Zlo,4		}
-{ .mfi;	(p19)	ld8	rem=[rem]
-	(p18)	and	Hi[1]=mask0xf0,xi[2]	};;
-{ .mmi;	($p16)	ld1	in[0]=[inp],-1
-	(p18)	xor	Zlo=Zlo,Hlo
-	(p19)	shr.u	Zhi=Zhi,4		}
-{ .mib;	(p19)	xor	Hhi=Hhi,rem
-	(p18)	add	Hi[1]=Htbl,Hi[1]	};;
-
-{ .mfi;	(p18)	ld8	Hlo=[Hi[1]],-8
-	(p18)	dep	rem=Zlo,rem_4bitp,3,4	}
-{ .mfi;	(p17)	shladd	Hi[0]=xi[1],4,r0
-	(p18)	xor	Zhi=Zhi,Hhi		};;
-{ .mfi;	(p18)	ld8	Hhi=[Hi[1]]
-	(p18)	shrp	Zlo=Zhi,Zlo,4		}
-{ .mfi;	(p18)	ld8	rem=[rem]
-	(p17)	and	Hi[0]=mask0xf0,Hi[0]	};;
-{ .mmi;	(p16)	ld1	xi[0]=[Xi],-1
-	(p18)	xor	Zlo=Zlo,Hlo
-	(p18)	shr.u	Zhi=Zhi,4		}
-{ .mib;	(p18)	xor	Hhi=Hhi,rem
-	(p17)	add	Hi[0]=Htbl,Hi[0]
-	br.ctop.sptk	$label			};;
-___
-}
-
-$code=<<___;
-.explicit
-.text
-
-prevfs=r2;	prevlc=r3;	prevpr=r8;
-mask0xf0=r21;
-rem=r22;	rem_4bitp=r23;
-Xi=r24;		Htbl=r25;
-inp=r26;	end=r27;
-Hhi=r28;	Hlo=r29;
-Zhi=r30;	Zlo=r31;
-
-.align	128
-.skip	16					// aligns loop body
-.global	gcm_gmult_4bit#
-.proc	gcm_gmult_4bit#
-gcm_gmult_4bit:
-	.prologue
-{ .mmi;	.save	ar.pfs,prevfs
-	alloc	prevfs=ar.pfs,2,6,0,8
-	$ADDP	Xi=15,in0			// &Xi[15]
-	mov	rem_4bitp=ip		}
-{ .mii;	$ADDP	Htbl=8,in1			// &Htbl[0].lo
-	.save	ar.lc,prevlc
-	mov	prevlc=ar.lc
-	.save	pr,prevpr
-	mov	prevpr=pr		};;
-
-	.body
-	.rotr	in[3],xi[3],Hi[2]
-
-{ .mib;	ld1	xi[2]=[Xi],-1			// Xi[15]
-	mov	mask0xf0=0xf0
-	brp.loop.imp	.Loop1,.Lend1-16};;
-{ .mmi;	ld1	xi[1]=[Xi],-1			// Xi[14]
-					};;
-{ .mii;	shladd	Hi[1]=xi[2],4,r0
-	mov	pr.rot=0x7<<16
-	mov	ar.lc=13		};;
-{ .mii;	and	Hi[1]=mask0xf0,Hi[1]
-	mov	ar.ec=3
-	xor	Zlo=Zlo,Zlo		};;
-{ .mii;	add	Hi[1]=Htbl,Hi[1]		// &Htbl[nlo].lo
-	add	rem_4bitp=rem_4bit#-gcm_gmult_4bit#,rem_4bitp
-	xor	Zhi=Zhi,Zhi		};;
-___
-	&loop	(".Loop1",1);
-$code.=<<___;
-.Lend1:
-{ .mib;	xor	Zhi=Zhi,Hhi		};;	// modulo-scheduling artefact
-{ .mib;	mux1	Zlo=Zlo,\@rev		};;
-{ .mib;	mux1	Zhi=Zhi,\@rev		};;
-{ .mmi;	add	Hlo=9,Xi;;			// ;; is here to prevent
-	add	Hhi=1,Xi		};;	// pipeline flush on Itanium
-{ .mib;	st8	[Hlo]=Zlo
-	mov	pr=prevpr,0x1ffff	};;
-{ .mib;	st8	[Hhi]=Zhi
-	mov	ar.lc=prevlc
-	br.ret.sptk.many	b0	};;
-.endp	gcm_gmult_4bit#
-___
-
-######################################################################
-# "528B" (well, "512B" actualy) streamed GHASH
-#
-$Xip="in0";
-$Htbl="in1";
-$inp="in2";
-$len="in3";
-$rem_8bit="loc0";
-$mask0xff="loc1";
-($sum,$rum) = $big_endian ? ("nop.m","nop.m") : ("sum","rum");
-
-sub load_htable() {
-    for (my $i=0;$i<8;$i++) {
-	$code.=<<___;
-{ .mmi;	ld8	r`16+2*$i+1`=[r8],16		// Htable[$i].hi
-	ld8	r`16+2*$i`=[r9],16	}	// Htable[$i].lo
-{ .mmi;	ldf8	f`32+2*$i+1`=[r10],16		// Htable[`8+$i`].hi
-	ldf8	f`32+2*$i`=[r11],16		// Htable[`8+$i`].lo
-___
-	$code.=shift	if (($i+$#_)==7);
-	$code.="\t};;\n"
-    }
-}
-
-$code.=<<___;
-prevsp=r3;
-
-.align	32
-.skip	16					// aligns loop body
-.global	gcm_ghash_4bit#
-.proc	gcm_ghash_4bit#
-gcm_ghash_4bit:
-	.prologue
-{ .mmi;	.save	ar.pfs,prevfs
-	alloc	prevfs=ar.pfs,4,2,0,0
-	.vframe	prevsp
-	mov	prevsp=sp
-	mov	$rem_8bit=ip		};;
-	.body
-{ .mfi;	$ADDP	r8=0+0,$Htbl
-	$ADDP	r9=0+8,$Htbl		}
-{ .mfi;	$ADDP	r10=128+0,$Htbl
-	$ADDP	r11=128+8,$Htbl		};;
-___
-	&load_htable(
-	"	$ADDP	$Xip=15,$Xip",		# &Xi[15]
-	"	$ADDP	$len=$len,$inp",	# &inp[len]
-	"	$ADDP	$inp=15,$inp",		# &inp[15]
-	"	mov	$mask0xff=0xff",
-	"	add	sp=-512,sp",
-	"	andcm	sp=sp,$mask0xff",	# align stack frame
-	"	add	r14=0,sp",
-	"	add	r15=8,sp");
-$code.=<<___;
-{ .mmi;	$sum	1<<1				// go big-endian
-	add	r8=256+0,sp
-	add	r9=256+8,sp		}
-{ .mmi;	add	r10=256+128+0,sp
-	add	r11=256+128+8,sp
-	add	$len=-17,$len		};;
-___
-for($i=0;$i<8;$i++) {	# generate first half of Hshr4[]
-my ($rlo,$rhi)=("r".eval(16+2*$i),"r".eval(16+2*$i+1));
-$code.=<<___;
-{ .mmi;	st8	[r8]=$rlo,16			// Htable[$i].lo
-	st8	[r9]=$rhi,16			// Htable[$i].hi
-	shrp	$rlo=$rhi,$rlo,4	}//;;
-{ .mmi;	stf8	[r10]=f`32+2*$i`,16		// Htable[`8+$i`].lo
-	stf8	[r11]=f`32+2*$i+1`,16		// Htable[`8+$i`].hi
-	shr.u	$rhi=$rhi,4		};;
-{ .mmi;	st8	[r14]=$rlo,16			// Htable[$i].lo>>4
-	st8	[r15]=$rhi,16		}//;;	// Htable[$i].hi>>4
-___
-}
-$code.=<<___;
-{ .mmi;	ld8	r16=[r8],16			// Htable[8].lo
-	ld8	r17=[r9],16		};;	// Htable[8].hi
-{ .mmi;	ld8	r18=[r8],16			// Htable[9].lo
-	ld8	r19=[r9],16		}	// Htable[9].hi
-{ .mmi;	rum	1<<5				// clear um.mfh
-	shrp	r16=r17,r16,4		};;
-___
-for($i=0;$i<6;$i++) {	# generate second half of Hshr4[]
-$code.=<<___;
-{ .mmi;	ld8	r`20+2*$i`=[r8],16		// Htable[`10+$i`].lo
-	ld8	r`20+2*$i+1`=[r9],16		// Htable[`10+$i`].hi
-	shr.u	r`16+2*$i+1`=r`16+2*$i+1`,4	};;
-{ .mmi;	st8	[r14]=r`16+2*$i`,16		// Htable[`8+$i`].lo>>4
-	st8	[r15]=r`16+2*$i+1`,16		// Htable[`8+$i`].hi>>4
-	shrp	r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4	}
-___
-}
-$code.=<<___;
-{ .mmi;	shr.u	r`16+2*$i+1`=r`16+2*$i+1`,4	};;
-{ .mmi;	st8	[r14]=r`16+2*$i`,16		// Htable[`8+$i`].lo>>4
-	st8	[r15]=r`16+2*$i+1`,16		// Htable[`8+$i`].hi>>4
-	shrp	r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4	}
-{ .mmi;	add	$Htbl=256,sp			// &Htable[0]
-	add	$rem_8bit=rem_8bit#-gcm_ghash_4bit#,$rem_8bit
-	shr.u	r`18+2*$i+1`=r`18+2*$i+1`,4	};;
-{ .mmi;	st8	[r14]=r`18+2*$i`		// Htable[`8+$i`].lo>>4
-	st8	[r15]=r`18+2*$i+1`	}	// Htable[`8+$i`].hi>>4
-___
-
-$in="r15";
-@xi=("r16","r17");
-@rem=("r18","r19");
-($Alo,$Ahi,$Blo,$Bhi,$Zlo,$Zhi)=("r20","r21","r22","r23","r24","r25");
-($Atbl,$Btbl)=("r26","r27");
-
-$code.=<<___;	# (p16)
-{ .mmi;	ld1	$in=[$inp],-1			//(p16) *inp--
-	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
-	cmp.eq	p0,p6=r0,r0		};;	//	clear p6
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-
-$code.=<<___;	# (p16),(p17)
-{ .mmi;	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
-	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
-{ .mii;	ld1	$in=[$inp],-1			//(p16) *inp--
-	dep	$Atbl=$xi[1],$Htbl,4,4		//(p17) &Htable[nlo].lo
-	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
-.align	32
-.LOOP:
-{ .mmi;
-(p6)	st8	[$Xip]=$Zhi,13
-	xor	$Zlo=$Zlo,$Zlo
-	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi].lo
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-
-$code.=<<___;	# (p16),(p17),(p18)
-{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
-	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
-	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
-{ .mfi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
-	dep	$Atbl=$xi[1],$Htbl,4,4	}	//(p17) &Htable[nlo].lo
-{ .mfi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
-	xor	$Zlo=$Zlo,$Alo		};;	//(p18) Z.lo^=Htable[nlo].lo
-{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
-	ld1	$in=[$inp],-1		}	//(p16) *inp--
-{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
-	mov	$Zhi=$Ahi			//(p18) Z.hi^=Htable[nlo].hi
-	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
-{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
-	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
-	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
-{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
-	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-
-for ($i=1;$i<14;$i++) {
-# Above and below fragments are derived from this one by removing
-# unsuitable (p??) instructions.
-$code.=<<___;	# (p16),(p17),(p18),(p19)
-{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
-	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
-	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
-{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
-	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
-	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
-{ .mmi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
-	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
-	dep	$Atbl=$xi[1],$Htbl,4,4	}	//(p17) &Htable[nlo].lo
-{ .mmi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
-	xor	$Zlo=$Zlo,$Alo			//(p18) Z.lo^=Htable[nlo].lo
-	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
-{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
-	ld1	$in=[$inp],-1			//(p16) *inp--
-	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
-{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
-	xor	$Zhi=$Zhi,$Ahi			//(p18) Z.hi^=Htable[nlo].hi
-	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
-{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
-	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
-	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
-{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
-	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
-	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-}
-
-$code.=<<___;	# (p17),(p18),(p19)
-{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
-	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
-	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
-{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
-	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
-	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
-{ .mmi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
-	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
-	dep	$Atbl=$xi[1],$Htbl,4,4	};;	//(p17) &Htable[nlo].lo
-{ .mmi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
-	xor	$Zlo=$Zlo,$Alo			//(p18) Z.lo^=Htable[nlo].lo
-	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
-{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
-	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
-{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
-	xor	$Zhi=$Zhi,$Ahi			//(p18) Z.hi^=Htable[nlo].hi
-	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
-{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
-	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
-{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
-	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
-	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-
-$code.=<<___;	# (p18),(p19)
-{ .mfi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
-	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
-{ .mfi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
-	xor	$Zlo=$Zlo,$Blo		};;	//(p19) Z.lo^=Hshr4[nhi].lo
-{ .mfi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
-	xor	$Zlo=$Zlo,$Alo		}	//(p18) Z.lo^=Htable[nlo].lo
-{ .mfi;	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
-	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
-{ .mfi;	ld8	$Blo=[$Btbl],8			//(p18) Htable[nhi].lo,&Htable[nhi].hi
-	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
-{ .mfi;	shladd	$rem[0]=$Zlo,4,r0		//(p18) Z.lo<<4
-	xor	$Zhi=$Zhi,$Ahi		};;	//(p18) Z.hi^=Htable[nlo].hi
-{ .mfi;	ld8	$Bhi=[$Btbl]			//(p18) Htable[nhi].hi
-	shrp	$Zlo=$Zhi,$Zlo,4	}	//(p18) Z.lo=(Z.hi<<60)|(Z.lo>>4)
-{ .mfi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
-	xor	$Zhi=$Zhi,$rem[1]	};;	//(p19) Z.hi^=rem_8bit[rem]<<48
-___
-push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
-
-$code.=<<___;	# (p19)
-{ .mmi;	cmp.ltu	p6,p0=$inp,$len
-	add	$inp=32,$inp
-	shr.u	$Zhi=$Zhi,4		}	//(p19) Z.hi>>=4
-{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
-	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
-	add	$Xip=9,$Xip		};;	//	&Xi.lo
-{ .mmi;	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
-(p6)	ld1	$in=[$inp],-1			//[p16] *inp--
-(p6)	extr.u	$xi[1]=$Zlo,8,8		}	//[p17] Xi[14]
-{ .mmi;	xor	$Zhi=$Zhi,$Bhi			//(p19) Z.hi^=Hshr4[nhi].hi
-(p6)	and	$xi[0]=$Zlo,$mask0xff	};;	//[p16] Xi[15]
-{ .mmi;	st8	[$Xip]=$Zlo,-8
-(p6)	xor	$xi[0]=$xi[0],$in		//[p17] xi=$xi[i]^inp[i]
-	shl	$rem[1]=$rem[1],48	};;	//(p19) rem_8bit[rem]<<48
-{ .mmi;
-(p6)	ld1	$in=[$inp],-1			//[p16] *inp--
-	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
-(p6)	dep	$Atbl=$xi[0],$Htbl,4,4	}	//[p17] &Htable[nlo].lo
-{ .mib;
-(p6)	and	$xi[0]=-16,$xi[0]		//[p17] nhi=xi&0xf0
-(p6)	br.cond.dptk.many	.LOOP	};;
-
-{ .mib;	st8	[$Xip]=$Zhi		};;
-{ .mib;	$rum	1<<1				// return to little-endian
-	.restore	sp
-	mov	sp=prevsp
-	br.ret.sptk.many	b0	};;
-.endp	gcm_ghash_4bit#
-___
-$code.=<<___;
-.align	128
-.type	rem_4bit#,\@object
-rem_4bit:
-        data8	0x0000<<48, 0x1C20<<48, 0x3840<<48, 0x2460<<48
-        data8	0x7080<<48, 0x6CA0<<48, 0x48C0<<48, 0x54E0<<48
-        data8	0xE100<<48, 0xFD20<<48, 0xD940<<48, 0xC560<<48
-        data8	0x9180<<48, 0x8DA0<<48, 0xA9C0<<48, 0xB5E0<<48
-.size	rem_4bit#,128
-.type	rem_8bit#,\@object
-rem_8bit:
-	data1	0x00,0x00, 0x01,0xC2, 0x03,0x84, 0x02,0x46, 0x07,0x08, 0x06,0xCA, 0x04,0x8C, 0x05,0x4E
-	data1	0x0E,0x10, 0x0F,0xD2, 0x0D,0x94, 0x0C,0x56, 0x09,0x18, 0x08,0xDA, 0x0A,0x9C, 0x0B,0x5E
-	data1	0x1C,0x20, 0x1D,0xE2, 0x1F,0xA4, 0x1E,0x66, 0x1B,0x28, 0x1A,0xEA, 0x18,0xAC, 0x19,0x6E
-	data1	0x12,0x30, 0x13,0xF2, 0x11,0xB4, 0x10,0x76, 0x15,0x38, 0x14,0xFA, 0x16,0xBC, 0x17,0x7E
-	data1	0x38,0x40, 0x39,0x82, 0x3B,0xC4, 0x3A,0x06, 0x3F,0x48, 0x3E,0x8A, 0x3C,0xCC, 0x3D,0x0E
-	data1	0x36,0x50, 0x37,0x92, 0x35,0xD4, 0x34,0x16, 0x31,0x58, 0x30,0x9A, 0x32,0xDC, 0x33,0x1E
-	data1	0x24,0x60, 0x25,0xA2, 0x27,0xE4, 0x26,0x26, 0x23,0x68, 0x22,0xAA, 0x20,0xEC, 0x21,0x2E
-	data1	0x2A,0x70, 0x2B,0xB2, 0x29,0xF4, 0x28,0x36, 0x2D,0x78, 0x2C,0xBA, 0x2E,0xFC, 0x2F,0x3E
-	data1	0x70,0x80, 0x71,0x42, 0x73,0x04, 0x72,0xC6, 0x77,0x88, 0x76,0x4A, 0x74,0x0C, 0x75,0xCE
-	data1	0x7E,0x90, 0x7F,0x52, 0x7D,0x14, 0x7C,0xD6, 0x79,0x98, 0x78,0x5A, 0x7A,0x1C, 0x7B,0xDE
-	data1	0x6C,0xA0, 0x6D,0x62, 0x6F,0x24, 0x6E,0xE6, 0x6B,0xA8, 0x6A,0x6A, 0x68,0x2C, 0x69,0xEE
-	data1	0x62,0xB0, 0x63,0x72, 0x61,0x34, 0x60,0xF6, 0x65,0xB8, 0x64,0x7A, 0x66,0x3C, 0x67,0xFE
-	data1	0x48,0xC0, 0x49,0x02, 0x4B,0x44, 0x4A,0x86, 0x4F,0xC8, 0x4E,0x0A, 0x4C,0x4C, 0x4D,0x8E
-	data1	0x46,0xD0, 0x47,0x12, 0x45,0x54, 0x44,0x96, 0x41,0xD8, 0x40,0x1A, 0x42,0x5C, 0x43,0x9E
-	data1	0x54,0xE0, 0x55,0x22, 0x57,0x64, 0x56,0xA6, 0x53,0xE8, 0x52,0x2A, 0x50,0x6C, 0x51,0xAE
-	data1	0x5A,0xF0, 0x5B,0x32, 0x59,0x74, 0x58,0xB6, 0x5D,0xF8, 0x5C,0x3A, 0x5E,0x7C, 0x5F,0xBE
-	data1	0xE1,0x00, 0xE0,0xC2, 0xE2,0x84, 0xE3,0x46, 0xE6,0x08, 0xE7,0xCA, 0xE5,0x8C, 0xE4,0x4E
-	data1	0xEF,0x10, 0xEE,0xD2, 0xEC,0x94, 0xED,0x56, 0xE8,0x18, 0xE9,0xDA, 0xEB,0x9C, 0xEA,0x5E
-	data1	0xFD,0x20, 0xFC,0xE2, 0xFE,0xA4, 0xFF,0x66, 0xFA,0x28, 0xFB,0xEA, 0xF9,0xAC, 0xF8,0x6E
-	data1	0xF3,0x30, 0xF2,0xF2, 0xF0,0xB4, 0xF1,0x76, 0xF4,0x38, 0xF5,0xFA, 0xF7,0xBC, 0xF6,0x7E
-	data1	0xD9,0x40, 0xD8,0x82, 0xDA,0xC4, 0xDB,0x06, 0xDE,0x48, 0xDF,0x8A, 0xDD,0xCC, 0xDC,0x0E
-	data1	0xD7,0x50, 0xD6,0x92, 0xD4,0xD4, 0xD5,0x16, 0xD0,0x58, 0xD1,0x9A, 0xD3,0xDC, 0xD2,0x1E
-	data1	0xC5,0x60, 0xC4,0xA2, 0xC6,0xE4, 0xC7,0x26, 0xC2,0x68, 0xC3,0xAA, 0xC1,0xEC, 0xC0,0x2E
-	data1	0xCB,0x70, 0xCA,0xB2, 0xC8,0xF4, 0xC9,0x36, 0xCC,0x78, 0xCD,0xBA, 0xCF,0xFC, 0xCE,0x3E
-	data1	0x91,0x80, 0x90,0x42, 0x92,0x04, 0x93,0xC6, 0x96,0x88, 0x97,0x4A, 0x95,0x0C, 0x94,0xCE
-	data1	0x9F,0x90, 0x9E,0x52, 0x9C,0x14, 0x9D,0xD6, 0x98,0x98, 0x99,0x5A, 0x9B,0x1C, 0x9A,0xDE
-	data1	0x8D,0xA0, 0x8C,0x62, 0x8E,0x24, 0x8F,0xE6, 0x8A,0xA8, 0x8B,0x6A, 0x89,0x2C, 0x88,0xEE
-	data1	0x83,0xB0, 0x82,0x72, 0x80,0x34, 0x81,0xF6, 0x84,0xB8, 0x85,0x7A, 0x87,0x3C, 0x86,0xFE
-	data1	0xA9,0xC0, 0xA8,0x02, 0xAA,0x44, 0xAB,0x86, 0xAE,0xC8, 0xAF,0x0A, 0xAD,0x4C, 0xAC,0x8E
-	data1	0xA7,0xD0, 0xA6,0x12, 0xA4,0x54, 0xA5,0x96, 0xA0,0xD8, 0xA1,0x1A, 0xA3,0x5C, 0xA2,0x9E
-	data1	0xB5,0xE0, 0xB4,0x22, 0xB6,0x64, 0xB7,0xA6, 0xB2,0xE8, 0xB3,0x2A, 0xB1,0x6C, 0xB0,0xAE
-	data1	0xBB,0xF0, 0xBA,0x32, 0xB8,0x74, 0xB9,0xB6, 0xBC,0xF8, 0xBD,0x3A, 0xBF,0x7C, 0xBE,0xBE
-.size	rem_8bit#,512
-stringz	"GHASH for IA64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/mux1(\s+)\S+\@rev/nop.i$1 0x0/gm      if ($big_endian);
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-parisc.pl b/lib/libssl/src/crypto/modes/asm/ghash-parisc.pl
deleted file mode 100644
index 965802d3fae..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-parisc.pl
+++ /dev/null
@@ -1,741 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# April 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+128 bytes shared table]. On PA-7100LC
-# it processes one byte in 19.6 cycles, which is more than twice as
-# fast as code generated by gcc 3.2. PA-RISC 2.0 loop is scheduled for
-# 8 cycles, but measured performance on PA-8600 system is ~9 cycles per
-# processed byte. This is ~2.2x faster than 64-bit code generated by
-# vendor compiler (which used to be very hard to beat:-).
-#
-# Special thanks to polarhome.com for providing HP-UX account.
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-	$NREGS		=6;
-} else {
-	$LEVEL		="1.0";	#"\n\t.ALLOW\t2.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-	$NREGS		=11;
-}
-
-$FRAME=10*$SIZE_T+$FRAME_MARKER;# NREGS saved regs + frame marker
-				#                 [+ argument transfer]
-
-################# volatile registers
-$Xi="%r26";	# argument block
-$Htbl="%r25";
-$inp="%r24";
-$len="%r23";
-$Hhh=$Htbl;	# variables
-$Hll="%r22";
-$Zhh="%r21";
-$Zll="%r20";
-$cnt="%r19";
-$rem_4bit="%r28";
-$rem="%r29";
-$mask0xf0="%r31";
-
-################# preserved registers
-$Thh="%r1";
-$Tll="%r2";
-$nlo="%r3";
-$nhi="%r4";
-$byte="%r5";
-if ($SIZE_T==4) {
-	$Zhl="%r6";
-	$Zlh="%r7";
-	$Hhl="%r8";
-	$Hlh="%r9";
-	$Thl="%r10";
-	$Tlh="%r11";
-}
-$rem2="%r6";	# used in PA-RISC 2.0 code
-
-$code.=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	gcm_gmult_4bit,ENTRY,ARGW0=GR,ARGW1=GR
-	.ALIGN	64
-gcm_gmult_4bit
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=$NREGS
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-___
-$code.=<<___ if ($SIZE_T==4);
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-___
-$code.=<<___;
-	blr	%r0,$rem_4bit
-	ldi	3,$rem
-L\$pic_gmult
-	andcm	$rem_4bit,$rem,$rem_4bit
-	addl	$inp,$len,$len
-	ldo	L\$rem_4bit-L\$pic_gmult($rem_4bit),$rem_4bit
-	ldi	0xf0,$mask0xf0
-___
-$code.=<<___ if ($SIZE_T==4);
-#ifndef __OpenBSD__
-	ldi	31,$rem
-	mtctl	$rem,%cr11
-	extrd,u,*= $rem,%sar,1,$rem	; executes on PA-RISC 1.0
-	b	L\$parisc1_gmult
-	nop
-___
-
-$code.=<<___;
-	ldb	15($Xi),$nlo
-	ldo	8($Htbl),$Hll
-
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-
-	ldd	$nlo($Hll),$Zll
-	ldd	$nlo($Hhh),$Zhh
-
-	depd,z	$Zll,60,4,$rem
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldb	14($Xi),$nlo
-
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-	b	L\$oop_gmult_pa2
-	ldi	13,$cnt
-
-	.ALIGN	8
-L\$oop_gmult_pa2
-	xor	$rem,$Zhh,$Zhh		; moved here to work around gas bug
-	depd,z	$Zll,60,4,$rem
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nlo($Hll),$Tll
-	ldd	$nlo($Hhh),$Thh
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-
-	xor	$rem,$Zhh,$Zhh
-	depd,z	$Zll,60,4,$rem
-	ldbx	$cnt($Xi),$nlo
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-	ldd	$rem($rem_4bit),$rem
-
-	xor	$Tll,$Zll,$Zll
-	addib,uv -1,$cnt,L\$oop_gmult_pa2
-	xor	$Thh,$Zhh,$Zhh
-
-	xor	$rem,$Zhh,$Zhh
-	depd,z	$Zll,60,4,$rem
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nlo($Hll),$Tll
-	ldd	$nlo($Hhh),$Thh
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-
-	xor	$rem,$Zhh,$Zhh
-	depd,z	$Zll,60,4,$rem
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-
-	xor	$rem,$Zhh,$Zhh
-	std	$Zll,8($Xi)
-	std	$Zhh,0($Xi)
-___
-
-$code.=<<___ if ($SIZE_T==4);
-	b	L\$done_gmult
-	nop
-
-L\$parisc1_gmult
-#endif
-	ldb	15($Xi),$nlo
-	ldo	12($Htbl),$Hll
-	ldo	8($Htbl),$Hlh
-	ldo	4($Htbl),$Hhl
-
-	and	$mask0xf0,$nlo,$nhi
-	zdep	$nlo,27,4,$nlo
-
-	ldwx	$nlo($Hll),$Zll
-	ldwx	$nlo($Hlh),$Zlh
-	ldwx	$nlo($Hhl),$Zhl
-	ldwx	$nlo($Hhh),$Zhh
-	zdep	$Zll,28,4,$rem
-	ldb	14($Xi),$nlo
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	extru	$Zhh,27,28,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	xor	$rem,$Zhh,$Zhh
-	and	$mask0xf0,$nlo,$nhi
-	zdep	$nlo,27,4,$nlo
-
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nlo($Hll),$Tll
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nlo($Hlh),$Tlh
-	xor	$Thl,$Zhl,$Zhl
-	b	L\$oop_gmult_pa1
-	ldi	13,$cnt
-
-	.ALIGN	8
-L\$oop_gmult_pa1
-	zdep	$Zll,28,4,$rem
-	ldwx	$nlo($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nlo($Hhh),$Thh
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	ldbx	$cnt($Xi),$nlo
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	extru	$Zhh,27,28,$Zhh
-	xor	$Thl,$Zhl,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	xor	$rem,$Zhh,$Zhh
-	zdep	$Zll,28,4,$rem
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	and	$mask0xf0,$nlo,$nhi
-	extru	$Zhh,27,28,$Zhh
-	zdep	$nlo,27,4,$nlo
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nlo($Hll),$Tll
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nlo($Hlh),$Tlh
-	xor	$rem,$Zhh,$Zhh
-	addib,uv -1,$cnt,L\$oop_gmult_pa1
-	xor	$Thl,$Zhl,$Zhl
-
-	zdep	$Zll,28,4,$rem
-	ldwx	$nlo($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nlo($Hhh),$Thh
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	extru	$Zhh,27,28,$Zhh
-	xor	$rem,$Zhh,$Zhh
-	xor	$Thl,$Zhl,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	zdep	$Zll,28,4,$rem
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	extru	$Zhh,27,28,$Zhh
-	xor	$Tll,$Zll,$Zll
-	xor	$Tlh,$Zlh,$Zlh
-	xor	$rem,$Zhh,$Zhh
-	stw	$Zll,12($Xi)
-	xor	$Thl,$Zhl,$Zhl
-	stw	$Zlh,8($Xi)
-	xor	$Thh,$Zhh,$Zhh
-	stw	$Zhl,4($Xi)
-	stw	$Zhh,0($Xi)
-___
-$code.=<<___;
-L\$done_gmult
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-___
-$code.=<<___ if ($SIZE_T==4);
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-___
-$code.=<<___;
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.EXPORT	gcm_ghash_4bit,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
-	.ALIGN	64
-gcm_ghash_4bit
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=11
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-___
-$code.=<<___ if ($SIZE_T==4);
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-___
-$code.=<<___;
-	blr	%r0,$rem_4bit
-	ldi	3,$rem
-L\$pic_ghash
-	andcm	$rem_4bit,$rem,$rem_4bit
-	addl	$inp,$len,$len
-	ldo	L\$rem_4bit-L\$pic_ghash($rem_4bit),$rem_4bit
-	ldi	0xf0,$mask0xf0
-___
-$code.=<<___ if ($SIZE_T==4);
-#ifndef __OpenBSD__
-	ldi	31,$rem
-	mtctl	$rem,%cr11
-	extrd,u,*= $rem,%sar,1,$rem	; executes on PA-RISC 1.0
-	b	L\$parisc1_ghash
-	nop
-___
-
-$code.=<<___;
-	ldb	15($Xi),$nlo
-	ldo	8($Htbl),$Hll
-
-L\$outer_ghash_pa2
-	ldb	15($inp),$nhi
-	xor	$nhi,$nlo,$nlo
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-
-	ldd	$nlo($Hll),$Zll
-	ldd	$nlo($Hhh),$Zhh
-
-	depd,z	$Zll,60,4,$rem
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldb	14($Xi),$nlo
-	ldb	14($inp),$byte
-
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-	xor	$byte,$nlo,$nlo
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-	b	L\$oop_ghash_pa2
-	ldi	13,$cnt
-
-	.ALIGN	8
-L\$oop_ghash_pa2
-	xor	$rem,$Zhh,$Zhh		; moved here to work around gas bug
-	depd,z	$Zll,60,4,$rem2
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nlo($Hll),$Tll
-	ldd	$nlo($Hhh),$Thh
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldbx	$cnt($Xi),$nlo
-	ldbx	$cnt($inp),$byte
-
-	depd,z	$Zll,60,4,$rem
-	shrpd	$Zhh,$Zll,4,$Zll
-	ldd	$rem2($rem_4bit),$rem2
-
-	xor	$rem2,$Zhh,$Zhh
-	xor	$byte,$nlo,$nlo
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-
-	and	$mask0xf0,$nlo,$nhi
-	depd,z	$nlo,59,4,$nlo
-
-	extrd,u	$Zhh,59,60,$Zhh
-	xor	$Tll,$Zll,$Zll
-
-	ldd	$rem($rem_4bit),$rem
-	addib,uv -1,$cnt,L\$oop_ghash_pa2
-	xor	$Thh,$Zhh,$Zhh
-
-	xor	$rem,$Zhh,$Zhh
-	depd,z	$Zll,60,4,$rem2
-
-	shrpd	$Zhh,$Zll,4,$Zll
-	extrd,u	$Zhh,59,60,$Zhh
-	ldd	$nlo($Hll),$Tll
-	ldd	$nlo($Hhh),$Thh
-
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-
-	depd,z	$Zll,60,4,$rem
-	shrpd	$Zhh,$Zll,4,$Zll
-	ldd	$rem2($rem_4bit),$rem2
-
-	xor	$rem2,$Zhh,$Zhh
-	ldd	$nhi($Hll),$Tll
-	ldd	$nhi($Hhh),$Thh
-
-	extrd,u	$Zhh,59,60,$Zhh
-	xor	$Tll,$Zll,$Zll
-	xor	$Thh,$Zhh,$Zhh
-	ldd	$rem($rem_4bit),$rem
-
-	xor	$rem,$Zhh,$Zhh
-	std	$Zll,8($Xi)
-	ldo	16($inp),$inp
-	std	$Zhh,0($Xi)
-	cmpb,*<> $inp,$len,L\$outer_ghash_pa2
-	copy	$Zll,$nlo
-___
-
-$code.=<<___ if ($SIZE_T==4);
-	b	L\$done_ghash
-	nop
-
-L\$parisc1_ghash
-#endif
-	ldb	15($Xi),$nlo
-	ldo	12($Htbl),$Hll
-	ldo	8($Htbl),$Hlh
-	ldo	4($Htbl),$Hhl
-
-L\$outer_ghash_pa1
-	ldb	15($inp),$byte
-	xor	$byte,$nlo,$nlo
-	and	$mask0xf0,$nlo,$nhi
-	zdep	$nlo,27,4,$nlo
-
-	ldwx	$nlo($Hll),$Zll
-	ldwx	$nlo($Hlh),$Zlh
-	ldwx	$nlo($Hhl),$Zhl
-	ldwx	$nlo($Hhh),$Zhh
-	zdep	$Zll,28,4,$rem
-	ldb	14($Xi),$nlo
-	ldb	14($inp),$byte
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	extru	$Zhh,27,28,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	xor	$byte,$nlo,$nlo
-	xor	$rem,$Zhh,$Zhh
-	and	$mask0xf0,$nlo,$nhi
-	zdep	$nlo,27,4,$nlo
-
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nlo($Hll),$Tll
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nlo($Hlh),$Tlh
-	xor	$Thl,$Zhl,$Zhl
-	b	L\$oop_ghash_pa1
-	ldi	13,$cnt
-
-	.ALIGN	8
-L\$oop_ghash_pa1
-	zdep	$Zll,28,4,$rem
-	ldwx	$nlo($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nlo($Hhh),$Thh
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	ldbx	$cnt($Xi),$nlo
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	ldbx	$cnt($inp),$byte
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	extru	$Zhh,27,28,$Zhh
-	xor	$Thl,$Zhl,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	xor	$rem,$Zhh,$Zhh
-	zdep	$Zll,28,4,$rem
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	xor	$byte,$nlo,$nlo
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	and	$mask0xf0,$nlo,$nhi
-	extru	$Zhh,27,28,$Zhh
-	zdep	$nlo,27,4,$nlo
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nlo($Hll),$Tll
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nlo($Hlh),$Tlh
-	xor	$rem,$Zhh,$Zhh
-	addib,uv -1,$cnt,L\$oop_ghash_pa1
-	xor	$Thl,$Zhl,$Zhl
-
-	zdep	$Zll,28,4,$rem
-	ldwx	$nlo($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	ldwx	$nlo($Hhh),$Thh
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	xor	$Tll,$Zll,$Zll
-	ldwx	$nhi($Hll),$Tll
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	xor	$Tlh,$Zlh,$Zlh
-	ldwx	$nhi($Hlh),$Tlh
-	extru	$Zhh,27,28,$Zhh
-	xor	$rem,$Zhh,$Zhh
-	xor	$Thl,$Zhl,$Zhl
-	ldwx	$nhi($Hhl),$Thl
-	xor	$Thh,$Zhh,$Zhh
-	ldwx	$nhi($Hhh),$Thh
-	zdep	$Zll,28,4,$rem
-	ldwx	$rem($rem_4bit),$rem
-	shrpw	$Zlh,$Zll,4,$Zll
-	shrpw	$Zhl,$Zlh,4,$Zlh
-	shrpw	$Zhh,$Zhl,4,$Zhl
-	extru	$Zhh,27,28,$Zhh
-	xor	$Tll,$Zll,$Zll
-	xor	$Tlh,$Zlh,$Zlh
-	xor	$rem,$Zhh,$Zhh
-	stw	$Zll,12($Xi)
-	xor	$Thl,$Zhl,$Zhl
-	stw	$Zlh,8($Xi)
-	xor	$Thh,$Zhh,$Zhh
-	stw	$Zhl,4($Xi)
-	ldo	16($inp),$inp
-	stw	$Zhh,0($Xi)
-	comb,<>	$inp,$len,L\$outer_ghash_pa1
-	copy	$Zll,$nlo
-___
-$code.=<<___;
-L\$done_ghash
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-___
-$code.=<<___ if ($SIZE_T==4);
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-___
-$code.=<<___;
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.ALIGN	64
-L\$rem_4bit
-	.WORD	`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0
-	.WORD	`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0
-	.WORD	`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0
-	.WORD	`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0
-
-	.data
-	.STRINGZ "GHASH for PA-RISC, GRYPTOGAMS by <appro\@openssl.org>"
-	.ALIGN	64
-___
-
-# Explicitly encode PA-RISC 2.0 instructions used in this module, so
-# that it can be compiled with .LEVEL 1.0. It should be noted that I
-# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
-# directive...
-
-my $ldd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "ldd$mod\t$args";
-
-    if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)		# format 4
-    {	my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)	# format 5
-    {	my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
-	$opcode|=(($1&0xF)<<17)|(($1&0x10)<<12);		# encode offset
-	$opcode|=(1<<5)  if ($mod =~ /^,m/);
-	$opcode|=(1<<13) if ($mod =~ /^,mb/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $std = sub {
-  my ($mod,$args) = @_;
-  my $orig = "std$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
-    {	my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $extrd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "extrd$mod\t$args";
-
-    # I only have ",u" completer, it's implicitly encoded...
-    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
-    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
-	my $len=32-$3;
-	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
-	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
-    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
-	my $len=32-$2;
-	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
-	$opcode |= (1<<13) if ($mod =~ /,\**=/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $shrpd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "shrpd$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
-    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
-	my $cpos=63-$3;
-	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/)	# format 11
-    {	sprintf "\t.WORD\t0x%08x\t; %s",
-		(0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $depd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "depd$mod\t$args";
-
-    # I only have ",z" completer, it's implicitly encoded...
-    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 16
-    {	my $opcode=(0x3c<<26)|($4<<21)|($1<<16);
-    	my $cpos=63-$2;
-	my $len=32-$3;
-	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode pos
-	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-sub assemble {
-  my ($mnemonic,$mod,$args)=@_;
-  my $opcode = eval("\$$mnemonic");
-
-    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
-}
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-	if ($SIZE_T==4) {
-		s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e;
-		s/cmpb,\*/comb,/;
-		s/,\*/,/;
-	}
-	s/\bbv\b/bve/	if ($SIZE_T==8);
-	print $_,"\n";
-}
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-s390x.pl b/lib/libssl/src/crypto/modes/asm/ghash-s390x.pl
deleted file mode 100644
index 6a40d5d89c0..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-s390x.pl
+++ /dev/null
@@ -1,262 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# September 2010.
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+128 bytes shared table]. Performance
-# was measured to be ~18 cycles per processed byte on z10, which is
-# almost 40% better than gcc-generated code. It should be noted that
-# 18 cycles is worse result than expected: loop is scheduled for 12
-# and the result should be close to 12. In the lack of instruction-
-# level profiling data it's impossible to tell why...
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific. On z990 it was measured to perform
-# 2.8x better than 32-bit code generated by gcc 4.3.
-
-# March 2011.
-#
-# Support for hardware KIMD-GHASH is verified to produce correct
-# result and therefore is engaged. On z196 it was measured to process
-# 8KB buffer ~7 faster than software implementation. It's not as
-# impressive for smaller buffer sizes and for smallest 16-bytes buffer
-# it's actually almost 2 times slower. Which is the reason why
-# KIMD-GHASH is not used in gcm_gmult_4bit.
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$softonly=0;
-
-$Zhi="%r0";
-$Zlo="%r1";
-
-$Xi="%r2";	# argument block
-$Htbl="%r3";
-$inp="%r4";
-$len="%r5";
-
-$rem0="%r6";	# variables
-$rem1="%r7";
-$nlo="%r8";
-$nhi="%r9";
-$xi="%r10";
-$cnt="%r11";
-$tmp="%r12";
-$x78="%r13";
-$rem_4bit="%r14";
-
-$sp="%r15";
-
-$code.=<<___;
-.text
-
-.globl	gcm_gmult_4bit
-.align	32
-gcm_gmult_4bit:
-___
-$code.=<<___ if(!$softonly && 0);	# hardware is slow for single block...
-	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security-assist
-	jz	.Lsoft_gmult
-	lghi	%r0,0
-	la	%r1,16($sp)
-	.long	0xb93e0004	# kimd %r0,%r4
-	lg	%r1,24($sp)
-	tmhh	%r1,0x4000	# check for function 65
-	jz	.Lsoft_gmult
-	stg	%r0,16($sp)	# arrange 16 bytes of zero input
-	stg	%r0,24($sp)
-	lghi	%r0,65		# function 65
-	la	%r1,0($Xi)	# H lies right after Xi in gcm128_context
-	la	$inp,16($sp)
-	lghi	$len,16
-	.long	0xb93e0004	# kimd %r0,$inp
-	brc	1,.-4		# pay attention to "partial completion"
-	br	%r14
-.align	32
-.Lsoft_gmult:
-___
-$code.=<<___;
-	stm${g}	%r6,%r14,6*$SIZE_T($sp)
-
-	aghi	$Xi,-1
-	lghi	$len,1
-	lghi	$x78,`0xf<<3`
-	larl	$rem_4bit,rem_4bit
-
-	lg	$Zlo,8+1($Xi)		# Xi
-	j	.Lgmult_shortcut
-.type	gcm_gmult_4bit,\@function
-.size	gcm_gmult_4bit,(.-gcm_gmult_4bit)
-
-.globl	gcm_ghash_4bit
-.align	32
-gcm_ghash_4bit:
-___
-$code.=<<___ if(!$softonly);
-	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security-assist
-	jz	.Lsoft_ghash
-	lghi	%r0,0
-	la	%r1,16($sp)
-	.long	0xb93e0004	# kimd %r0,%r4
-	lg	%r1,24($sp)
-	tmhh	%r1,0x4000	# check for function 65
-	jz	.Lsoft_ghash
-	lghi	%r0,65		# function 65
-	la	%r1,0($Xi)	# H lies right after Xi in gcm128_context
-	.long	0xb93e0004	# kimd %r0,$inp
-	brc	1,.-4		# pay attention to "partial completion"
-	br	%r14
-.align	32
-.Lsoft_ghash:
-___
-$code.=<<___ if ($flavour =~ /3[12]/);
-	llgfr	$len,$len
-___
-$code.=<<___;
-	stm${g}	%r6,%r14,6*$SIZE_T($sp)
-
-	aghi	$Xi,-1
-	srlg	$len,$len,4
-	lghi	$x78,`0xf<<3`
-	larl	$rem_4bit,rem_4bit
-
-	lg	$Zlo,8+1($Xi)		# Xi
-	lg	$Zhi,0+1($Xi)
-	lghi	$tmp,0
-.Louter:
-	xg	$Zhi,0($inp)		# Xi ^= inp 
-	xg	$Zlo,8($inp)
-	xgr	$Zhi,$tmp
-	stg	$Zlo,8+1($Xi)
-	stg	$Zhi,0+1($Xi)
-
-.Lgmult_shortcut:
-	lghi	$tmp,0xf0
-	sllg	$nlo,$Zlo,4
-	srlg	$xi,$Zlo,8		# extract second byte
-	ngr	$nlo,$tmp
-	lgr	$nhi,$Zlo
-	lghi	$cnt,14
-	ngr	$nhi,$tmp
-
-	lg	$Zlo,8($nlo,$Htbl)
-	lg	$Zhi,0($nlo,$Htbl)
-
-	sllg	$nlo,$xi,4
-	sllg	$rem0,$Zlo,3
-	ngr	$nlo,$tmp
-	ngr	$rem0,$x78
-	ngr	$xi,$tmp
-
-	sllg	$tmp,$Zhi,60
-	srlg	$Zlo,$Zlo,4
-	srlg	$Zhi,$Zhi,4
-	xg	$Zlo,8($nhi,$Htbl)
-	xg	$Zhi,0($nhi,$Htbl)
-	lgr	$nhi,$xi
-	sllg	$rem1,$Zlo,3
-	xgr	$Zlo,$tmp
-	ngr	$rem1,$x78
-	j	.Lghash_inner
-.align	16
-.Lghash_inner:
-	srlg	$Zlo,$Zlo,4
-	sllg	$tmp,$Zhi,60
-	xg	$Zlo,8($nlo,$Htbl)
-	srlg	$Zhi,$Zhi,4
-	llgc	$xi,0($cnt,$Xi)
-	xg	$Zhi,0($nlo,$Htbl)
-	sllg	$nlo,$xi,4
-	xg	$Zhi,0($rem0,$rem_4bit)
-	nill	$nlo,0xf0
-	sllg	$rem0,$Zlo,3
-	xgr	$Zlo,$tmp
-	ngr	$rem0,$x78
-	nill	$xi,0xf0
-
-	sllg	$tmp,$Zhi,60
-	srlg	$Zlo,$Zlo,4
-	srlg	$Zhi,$Zhi,4
-	xg	$Zlo,8($nhi,$Htbl)
-	xg	$Zhi,0($nhi,$Htbl)
-	lgr	$nhi,$xi
-	xg	$Zhi,0($rem1,$rem_4bit)
-	sllg	$rem1,$Zlo,3
-	xgr	$Zlo,$tmp
-	ngr	$rem1,$x78
-	brct	$cnt,.Lghash_inner
-
-	sllg	$tmp,$Zhi,60
-	srlg	$Zlo,$Zlo,4
-	srlg	$Zhi,$Zhi,4
-	xg	$Zlo,8($nlo,$Htbl)
-	xg	$Zhi,0($nlo,$Htbl)
-	sllg	$xi,$Zlo,3
-	xg	$Zhi,0($rem0,$rem_4bit)
-	xgr	$Zlo,$tmp
-	ngr	$xi,$x78
-
-	sllg	$tmp,$Zhi,60
-	srlg	$Zlo,$Zlo,4
-	srlg	$Zhi,$Zhi,4
-	xg	$Zlo,8($nhi,$Htbl)
-	xg	$Zhi,0($nhi,$Htbl)
-	xgr	$Zlo,$tmp
-	xg	$Zhi,0($rem1,$rem_4bit)
-
-	lg	$tmp,0($xi,$rem_4bit)
-	la	$inp,16($inp)
-	sllg	$tmp,$tmp,4		# correct last rem_4bit[rem]
-	brctg	$len,.Louter
-
-	xgr	$Zhi,$tmp
-	stg	$Zlo,8+1($Xi)
-	stg	$Zhi,0+1($Xi)
-	lm${g}	%r6,%r14,6*$SIZE_T($sp)
-	br	%r14
-.type	gcm_ghash_4bit,\@function
-.size	gcm_ghash_4bit,(.-gcm_ghash_4bit)
-
-.align	64
-rem_4bit:
-	.long	`0x0000<<12`,0,`0x1C20<<12`,0,`0x3840<<12`,0,`0x2460<<12`,0
-	.long	`0x7080<<12`,0,`0x6CA0<<12`,0,`0x48C0<<12`,0,`0x54E0<<12`,0
-	.long	`0xE100<<12`,0,`0xFD20<<12`,0,`0xD940<<12`,0,`0xC560<<12`,0
-	.long	`0x9180<<12`,0,`0x8DA0<<12`,0,`0xA9C0<<12`,0,`0xB5E0<<12`,0
-.type	rem_4bit,\@object
-.size	rem_4bit,(.-rem_4bit)
-.string	"GHASH for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-sparcv9.pl b/lib/libssl/src/crypto/modes/asm/ghash-sparcv9.pl
deleted file mode 100644
index 70e7b044a3e..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-sparcv9.pl
+++ /dev/null
@@ -1,330 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# March 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+128 bytes shared table]. Performance
-# results are for streamed GHASH subroutine on UltraSPARC pre-Tx CPU
-# and are expressed in cycles per processed byte, less is better:
-#
-#		gcc 3.3.x	cc 5.2		this assembler
-#
-# 32-bit build	81.4		43.3		12.6	(+546%/+244%)
-# 64-bit build	20.2		21.2		12.6	(+60%/+68%)
-#
-# Here is data collected on UltraSPARC T1 system running Linux:
-#
-#		gcc 4.4.1			this assembler
-#
-# 32-bit build	566				50	(+1000%)
-# 64-bit build	56				50	(+12%)
-#
-# I don't quite understand why difference between 32-bit and 64-bit
-# compiler-generated code is so big. Compilers *were* instructed to
-# generate code for UltraSPARC and should have used 64-bit registers
-# for Z vector (see C code) even in 32-bit build... Oh well, it only
-# means more impressive improvement coefficients for this assembler
-# module;-) Loops are aggressively modulo-scheduled in respect to
-# references to input data and Z.hi updates to achieve 12 cycles
-# timing. To anchor to something else, sha1-sparcv9.pl spends 11.6
-# cycles to process one byte on UltraSPARC pre-Tx CPU and ~24 on T1.
-
-$bits=32;
-for (@ARGV)     { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)  { $bias=2047; $frame=192; }
-else            { $bias=0;    $frame=112; }
-
-$output=shift;
-open STDOUT,">$output";
-
-$Zhi="%o0";	# 64-bit values
-$Zlo="%o1";
-$Thi="%o2";
-$Tlo="%o3";
-$rem="%o4";
-$tmp="%o5";
-
-$nhi="%l0";	# small values and pointers
-$nlo="%l1";
-$xi0="%l2";
-$xi1="%l3";
-$rem_4bit="%l4";
-$remi="%l5";
-$Htblo="%l6";
-$cnt="%l7";
-
-$Xi="%i0";	# input argument block
-$Htbl="%i1";
-$inp="%i2";
-$len="%i3";
-
-$code.=<<___;
-.section	".text",#alloc,#execinstr
-
-.align	64
-rem_4bit:
-	.long	`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0
-	.long	`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0
-	.long	`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0
-	.long	`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0
-.type	rem_4bit,#object
-.size	rem_4bit,(.-rem_4bit)
-
-.globl	gcm_ghash_4bit
-.align	32
-gcm_ghash_4bit:
-	save	%sp,-$frame,%sp
-	ldub	[$inp+15],$nlo
-	ldub	[$Xi+15],$xi0
-	ldub	[$Xi+14],$xi1
-	add	$len,$inp,$len
-	add	$Htbl,8,$Htblo
-
-1:	call	.+8
-	add	%o7,rem_4bit-1b,$rem_4bit
-
-.Louter:
-	xor	$xi0,$nlo,$nlo
-	and	$nlo,0xf0,$nhi
-	and	$nlo,0x0f,$nlo
-	sll	$nlo,4,$nlo
-	ldx	[$Htblo+$nlo],$Zlo
-	ldx	[$Htbl+$nlo],$Zhi
-
-	ldub	[$inp+14],$nlo
-
-	ldx	[$Htblo+$nhi],$Tlo
-	and	$Zlo,0xf,$remi
-	ldx	[$Htbl+$nhi],$Thi
-	sll	$remi,3,$remi
-	ldx	[$rem_4bit+$remi],$rem
-	srlx	$Zlo,4,$Zlo
-	mov	13,$cnt
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-
-	xor	$xi1,$nlo,$nlo
-	and	$Zlo,0xf,$remi
-	and	$nlo,0xf0,$nhi
-	and	$nlo,0x0f,$nlo
-	ba	.Lghash_inner
-	sll	$nlo,4,$nlo
-.align	32
-.Lghash_inner:
-	ldx	[$Htblo+$nlo],$Tlo
-	sll	$remi,3,$remi
-	xor	$Thi,$Zhi,$Zhi
-	ldx	[$Htbl+$nlo],$Thi
-	srlx	$Zlo,4,$Zlo
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	ldub	[$inp+$cnt],$nlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	ldub	[$Xi+$cnt],$xi1
-	xor	$Thi,$Zhi,$Zhi
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nhi],$Tlo
-	sll	$remi,3,$remi
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$Htbl+$nhi],$Thi
-	srlx	$Zlo,4,$Zlo
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$xi1,$nlo,$nlo
-	srlx	$Zhi,4,$Zhi
-	and	$nlo,0xf0,$nhi
-	addcc	$cnt,-1,$cnt
-	xor	$Zlo,$tmp,$Zlo
-	and	$nlo,0x0f,$nlo
-	xor	$Tlo,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-	blu	.Lghash_inner
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nlo],$Tlo
-	sll	$remi,3,$remi
-	xor	$Thi,$Zhi,$Zhi
-	ldx	[$Htbl+$nlo],$Thi
-	srlx	$Zlo,4,$Zlo
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-
-	add	$inp,16,$inp
-	cmp	$inp,$len
-	be,pn	`$bits==64?"%xcc":"%icc"`,.Ldone
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nhi],$Tlo
-	sll	$remi,3,$remi
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$Htbl+$nhi],$Thi
-	srlx	$Zlo,4,$Zlo
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	ldub	[$inp+15],$nlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-	stx	$Zlo,[$Xi+8]
-	xor	$rem,$Zhi,$Zhi
-	stx	$Zhi,[$Xi]
-	srl	$Zlo,8,$xi1
-	and	$Zlo,0xff,$xi0
-	ba	.Louter
-	and	$xi1,0xff,$xi1
-.align	32
-.Ldone:
-	ldx	[$Htblo+$nhi],$Tlo
-	sll	$remi,3,$remi
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$Htbl+$nhi],$Thi
-	srlx	$Zlo,4,$Zlo
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-	stx	$Zlo,[$Xi+8]
-	xor	$rem,$Zhi,$Zhi
-	stx	$Zhi,[$Xi]
-
-	ret
-	restore
-.type	gcm_ghash_4bit,#function
-.size	gcm_ghash_4bit,(.-gcm_ghash_4bit)
-___
-
-undef $inp;
-undef $len;
-
-$code.=<<___;
-.globl	gcm_gmult_4bit
-.align	32
-gcm_gmult_4bit:
-	save	%sp,-$frame,%sp
-	ldub	[$Xi+15],$nlo
-	add	$Htbl,8,$Htblo
-
-1:	call	.+8
-	add	%o7,rem_4bit-1b,$rem_4bit
-
-	and	$nlo,0xf0,$nhi
-	and	$nlo,0x0f,$nlo
-	sll	$nlo,4,$nlo
-	ldx	[$Htblo+$nlo],$Zlo
-	ldx	[$Htbl+$nlo],$Zhi
-
-	ldub	[$Xi+14],$nlo
-
-	ldx	[$Htblo+$nhi],$Tlo
-	and	$Zlo,0xf,$remi
-	ldx	[$Htbl+$nhi],$Thi
-	sll	$remi,3,$remi
-	ldx	[$rem_4bit+$remi],$rem
-	srlx	$Zlo,4,$Zlo
-	mov	13,$cnt
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-
-	and	$Zlo,0xf,$remi
-	and	$nlo,0xf0,$nhi
-	and	$nlo,0x0f,$nlo
-	ba	.Lgmult_inner
-	sll	$nlo,4,$nlo
-.align	32
-.Lgmult_inner:
-	ldx	[$Htblo+$nlo],$Tlo
-	sll	$remi,3,$remi
-	xor	$Thi,$Zhi,$Zhi
-	ldx	[$Htbl+$nlo],$Thi
-	srlx	$Zlo,4,$Zlo
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	ldub	[$Xi+$cnt],$nlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nhi],$Tlo
-	sll	$remi,3,$remi
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$Htbl+$nhi],$Thi
-	srlx	$Zlo,4,$Zlo
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	srlx	$Zhi,4,$Zhi
-	and	$nlo,0xf0,$nhi
-	addcc	$cnt,-1,$cnt
-	xor	$Zlo,$tmp,$Zlo
-	and	$nlo,0x0f,$nlo
-	xor	$Tlo,$Zlo,$Zlo
-	sll	$nlo,4,$nlo
-	blu	.Lgmult_inner
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nlo],$Tlo
-	sll	$remi,3,$remi
-	xor	$Thi,$Zhi,$Zhi
-	ldx	[$Htbl+$nlo],$Thi
-	srlx	$Zlo,4,$Zlo
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-	and	$Zlo,0xf,$remi
-
-	ldx	[$Htblo+$nhi],$Tlo
-	sll	$remi,3,$remi
-	xor	$rem,$Zhi,$Zhi
-	ldx	[$Htbl+$nhi],$Thi
-	srlx	$Zlo,4,$Zlo
-	ldx	[$rem_4bit+$remi],$rem
-	sllx	$Zhi,60,$tmp
-	xor	$Tlo,$Zlo,$Zlo
-	srlx	$Zhi,4,$Zhi
-	xor	$Zlo,$tmp,$Zlo
-	xor	$Thi,$Zhi,$Zhi
-	stx	$Zlo,[$Xi+8]
-	xor	$rem,$Zhi,$Zhi
-	stx	$Zhi,[$Xi]
-
-	ret
-	restore
-.type	gcm_gmult_4bit,#function
-.size	gcm_gmult_4bit,(.-gcm_gmult_4bit)
-.asciz	"GHASH for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
-.align	4
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-x86.pl b/lib/libssl/src/crypto/modes/asm/ghash-x86.pl
deleted file mode 100644
index 83c727e07f9..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-x86.pl
+++ /dev/null
@@ -1,1342 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# March, May, June 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that it
-# uses 256 bytes per-key table [+64/128 bytes fixed table]. It has two
-# code paths: vanilla x86 and vanilla MMX. Former will be executed on
-# 486 and Pentium, latter on all others. MMX GHASH features so called
-# "528B" variant of "4-bit" method utilizing additional 256+16 bytes
-# of per-key storage [+512 bytes shared table]. Performance results
-# are for streamed GHASH subroutine and are expressed in cycles per
-# processed byte, less is better:
-#
-#		gcc 2.95.3(*)	MMX assembler	x86 assembler
-#
-# Pentium	105/111(**)	-		50
-# PIII		68 /75		12.2		24
-# P4		125/125		17.8		84(***)
-# Opteron	66 /70		10.1		30
-# Core2		54 /67		8.4		18
-#
-# (*)	gcc 3.4.x was observed to generate few percent slower code,
-#	which is one of reasons why 2.95.3 results were chosen,
-#	another reason is lack of 3.4.x results for older CPUs;
-#	comparison with MMX results is not completely fair, because C
-#	results are for vanilla "256B" implementation, while
-#	assembler results are for "528B";-)
-# (**)	second number is result for code compiled with -fPIC flag,
-#	which is actually more relevant, because assembler code is
-#	position-independent;
-# (***)	see comment in non-MMX routine for further details;
-#
-# To summarize, it's >2-5 times faster than gcc-generated code. To
-# anchor it to something else SHA1 assembler processes one byte in
-# 11-13 cycles on contemporary x86 cores. As for choice of MMX in
-# particular, see comment at the end of the file...
-
-# May 2010
-#
-# Add PCLMULQDQ version performing at 2.10 cycles per processed byte.
-# The question is how close is it to theoretical limit? The pclmulqdq
-# instruction latency appears to be 14 cycles and there can't be more
-# than 2 of them executing at any given time. This means that single
-# Karatsuba multiplication would take 28 cycles *plus* few cycles for
-# pre- and post-processing. Then multiplication has to be followed by
-# modulo-reduction. Given that aggregated reduction method [see
-# "Carry-less Multiplication and Its Usage for Computing the GCM Mode"
-# white paper by Intel] allows you to perform reduction only once in
-# a while we can assume that asymptotic performance can be estimated
-# as (28+Tmod/Naggr)/16, where Tmod is time to perform reduction
-# and Naggr is the aggregation factor.
-#
-# Before we proceed to this implementation let's have closer look at
-# the best-performing code suggested by Intel in their white paper.
-# By tracing inter-register dependencies Tmod is estimated as ~19
-# cycles and Naggr chosen by Intel is 4, resulting in 2.05 cycles per
-# processed byte. As implied, this is quite optimistic estimate,
-# because it does not account for Karatsuba pre- and post-processing,
-# which for a single multiplication is ~5 cycles. Unfortunately Intel
-# does not provide performance data for GHASH alone. But benchmarking
-# AES_GCM_encrypt ripped out of Fig. 15 of the white paper with aadt
-# alone resulted in 2.46 cycles per byte of out 16KB buffer. Note that
-# the result accounts even for pre-computing of degrees of the hash
-# key H, but its portion is negligible at 16KB buffer size.
-#
-# Moving on to the implementation in question. Tmod is estimated as
-# ~13 cycles and Naggr is 2, giving asymptotic performance of ...
-# 2.16. How is it possible that measured performance is better than
-# optimistic theoretical estimate? There is one thing Intel failed
-# to recognize. By serializing GHASH with CTR in same subroutine
-# former's performance is really limited to above (Tmul + Tmod/Naggr)
-# equation. But if GHASH procedure is detached, the modulo-reduction
-# can be interleaved with Naggr-1 multiplications at instruction level
-# and under ideal conditions even disappear from the equation. So that
-# optimistic theoretical estimate for this implementation is ...
-# 28/16=1.75, and not 2.16. Well, it's probably way too optimistic,
-# at least for such small Naggr. I'd argue that (28+Tproc/Naggr),
-# where Tproc is time required for Karatsuba pre- and post-processing,
-# is more realistic estimate. In this case it gives ... 1.91 cycles.
-# Or in other words, depending on how well we can interleave reduction
-# and one of the two multiplications the performance should be betwen
-# 1.91 and 2.16. As already mentioned, this implementation processes
-# one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart
-# - in 2.02. x86_64 performance is better, because larger register
-# bank allows to interleave reduction and multiplication better.
-#
-# Does it make sense to increase Naggr? To start with it's virtually
-# impossible in 32-bit mode, because of limited register bank
-# capacity. Otherwise improvement has to be weighed agiainst slower
-# setup, as well as code size and complexity increase. As even
-# optimistic estimate doesn't promise 30% performance improvement,
-# there are currently no plans to increase Naggr.
-#
-# Special thanks to David Woodhouse <dwmw2@infradead.org> for
-# providing access to a Westmere-based system on behalf of Intel
-# Open Source Technology Centre.
-
-# January 2010
-#
-# Tweaked to optimize transitions between integer and FP operations
-# on same XMM register, PCLMULQDQ subroutine was measured to process
-# one byte in 2.07 cycles on Sandy Bridge, and in 2.12 - on Westmere.
-# The minor regression on Westmere is outweighed by ~15% improvement
-# on Sandy Bridge. Strangely enough attempt to modify 64-bit code in
-# similar manner resulted in almost 20% degradation on Sandy Bridge,
-# where original 64-bit code processes one byte in 1.95 cycles.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"ghash-x86.pl",$x86only = $ARGV[$#ARGV] eq "386");
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-($Zhh,$Zhl,$Zlh,$Zll) = ("ebp","edx","ecx","ebx");
-$inp  = "edi";
-$Htbl = "esi";
-
-$unroll = 0;	# Affects x86 loop. Folded loop performs ~7% worse
-		# than unrolled, which has to be weighted against
-		# 2.5x x86-specific code size reduction.
-
-sub x86_loop {
-    my $off = shift;
-    my $rem = "eax";
-
-	&mov	($Zhh,&DWP(4,$Htbl,$Zll));
-	&mov	($Zhl,&DWP(0,$Htbl,$Zll));
-	&mov	($Zlh,&DWP(12,$Htbl,$Zll));
-	&mov	($Zll,&DWP(8,$Htbl,$Zll));
-	&xor	($rem,$rem);	# avoid partial register stalls on PIII
-
-	# shrd practically kills P4, 2.5x deterioration, but P4 has
-	# MMX code-path to execute. shrd runs tad faster [than twice
-	# the shifts, move's and or's] on pre-MMX Pentium (as well as
-	# PIII and Core2), *but* minimizes code size, spares register
-	# and thus allows to fold the loop...
-	if (!$unroll) {
-	my $cnt = $inp;
-	&mov	($cnt,15);
-	&jmp	(&label("x86_loop"));
-	&set_label("x86_loop",16);
-	    for($i=1;$i<=2;$i++) {
-		&mov	(&LB($rem),&LB($Zll));
-		&shrd	($Zll,$Zlh,4);
-		&and	(&LB($rem),0xf);
-		&shrd	($Zlh,$Zhl,4);
-		&shrd	($Zhl,$Zhh,4);
-		&shr	($Zhh,4);
-		&xor	($Zhh,&DWP($off+16,"esp",$rem,4));
-
-		&mov	(&LB($rem),&BP($off,"esp",$cnt));
-		if ($i&1) {
-			&and	(&LB($rem),0xf0);
-		} else {
-			&shl	(&LB($rem),4);
-		}
-
-		&xor	($Zll,&DWP(8,$Htbl,$rem));
-		&xor	($Zlh,&DWP(12,$Htbl,$rem));
-		&xor	($Zhl,&DWP(0,$Htbl,$rem));
-		&xor	($Zhh,&DWP(4,$Htbl,$rem));
-
-		if ($i&1) {
-			&dec	($cnt);
-			&js	(&label("x86_break"));
-		} else {
-			&jmp	(&label("x86_loop"));
-		}
-	    }
-	&set_label("x86_break",16);
-	} else {
-	    for($i=1;$i<32;$i++) {
-		&comment($i);
-		&mov	(&LB($rem),&LB($Zll));
-		&shrd	($Zll,$Zlh,4);
-		&and	(&LB($rem),0xf);
-		&shrd	($Zlh,$Zhl,4);
-		&shrd	($Zhl,$Zhh,4);
-		&shr	($Zhh,4);
-		&xor	($Zhh,&DWP($off+16,"esp",$rem,4));
-
-		if ($i&1) {
-			&mov	(&LB($rem),&BP($off+15-($i>>1),"esp"));
-			&and	(&LB($rem),0xf0);
-		} else {
-			&mov	(&LB($rem),&BP($off+15-($i>>1),"esp"));
-			&shl	(&LB($rem),4);
-		}
-
-		&xor	($Zll,&DWP(8,$Htbl,$rem));
-		&xor	($Zlh,&DWP(12,$Htbl,$rem));
-		&xor	($Zhl,&DWP(0,$Htbl,$rem));
-		&xor	($Zhh,&DWP(4,$Htbl,$rem));
-	    }
-	}
-	&bswap	($Zll);
-	&bswap	($Zlh);
-	&bswap	($Zhl);
-	if (!$x86only) {
-		&bswap	($Zhh);
-	} else {
-		&mov	("eax",$Zhh);
-		&bswap	("eax");
-		&mov	($Zhh,"eax");
-	}
-}
-
-if ($unroll) {
-    &function_begin_B("_x86_gmult_4bit_inner");
-	&x86_loop(4);
-	&ret	();
-    &function_end_B("_x86_gmult_4bit_inner");
-}
-
-sub deposit_rem_4bit {
-    my $bias = shift;
-
-	&mov	(&DWP($bias+0, "esp"),0x0000<<16);
-	&mov	(&DWP($bias+4, "esp"),0x1C20<<16);
-	&mov	(&DWP($bias+8, "esp"),0x3840<<16);
-	&mov	(&DWP($bias+12,"esp"),0x2460<<16);
-	&mov	(&DWP($bias+16,"esp"),0x7080<<16);
-	&mov	(&DWP($bias+20,"esp"),0x6CA0<<16);
-	&mov	(&DWP($bias+24,"esp"),0x48C0<<16);
-	&mov	(&DWP($bias+28,"esp"),0x54E0<<16);
-	&mov	(&DWP($bias+32,"esp"),0xE100<<16);
-	&mov	(&DWP($bias+36,"esp"),0xFD20<<16);
-	&mov	(&DWP($bias+40,"esp"),0xD940<<16);
-	&mov	(&DWP($bias+44,"esp"),0xC560<<16);
-	&mov	(&DWP($bias+48,"esp"),0x9180<<16);
-	&mov	(&DWP($bias+52,"esp"),0x8DA0<<16);
-	&mov	(&DWP($bias+56,"esp"),0xA9C0<<16);
-	&mov	(&DWP($bias+60,"esp"),0xB5E0<<16);
-}
-
-$suffix = $x86only ? "" : "_x86";
-
-&function_begin("gcm_gmult_4bit".$suffix);
-	&stack_push(16+4+1);			# +1 for stack alignment
-	&mov	($inp,&wparam(0));		# load Xi
-	&mov	($Htbl,&wparam(1));		# load Htable
-
-	&mov	($Zhh,&DWP(0,$inp));		# load Xi[16]
-	&mov	($Zhl,&DWP(4,$inp));
-	&mov	($Zlh,&DWP(8,$inp));
-	&mov	($Zll,&DWP(12,$inp));
-
-	&deposit_rem_4bit(16);
-
-	&mov	(&DWP(0,"esp"),$Zhh);		# copy Xi[16] on stack
-	&mov	(&DWP(4,"esp"),$Zhl);
-	&mov	(&DWP(8,"esp"),$Zlh);
-	&mov	(&DWP(12,"esp"),$Zll);
-	&shr	($Zll,20);
-	&and	($Zll,0xf0);
-
-	if ($unroll) {
-		&call	("_x86_gmult_4bit_inner");
-	} else {
-		&x86_loop(0);
-		&mov	($inp,&wparam(0));
-	}
-
-	&mov	(&DWP(12,$inp),$Zll);
-	&mov	(&DWP(8,$inp),$Zlh);
-	&mov	(&DWP(4,$inp),$Zhl);
-	&mov	(&DWP(0,$inp),$Zhh);
-	&stack_pop(16+4+1);
-&function_end("gcm_gmult_4bit".$suffix);
-
-&function_begin("gcm_ghash_4bit".$suffix);
-	&stack_push(16+4+1);			# +1 for 64-bit alignment
-	&mov	($Zll,&wparam(0));		# load Xi
-	&mov	($Htbl,&wparam(1));		# load Htable
-	&mov	($inp,&wparam(2));		# load in
-	&mov	("ecx",&wparam(3));		# load len
-	&add	("ecx",$inp);
-	&mov	(&wparam(3),"ecx");
-
-	&mov	($Zhh,&DWP(0,$Zll));		# load Xi[16]
-	&mov	($Zhl,&DWP(4,$Zll));
-	&mov	($Zlh,&DWP(8,$Zll));
-	&mov	($Zll,&DWP(12,$Zll));
-
-	&deposit_rem_4bit(16);
-
-    &set_label("x86_outer_loop",16);
-	&xor	($Zll,&DWP(12,$inp));		# xor with input
-	&xor	($Zlh,&DWP(8,$inp));
-	&xor	($Zhl,&DWP(4,$inp));
-	&xor	($Zhh,&DWP(0,$inp));
-	&mov	(&DWP(12,"esp"),$Zll);		# dump it on stack
-	&mov	(&DWP(8,"esp"),$Zlh);
-	&mov	(&DWP(4,"esp"),$Zhl);
-	&mov	(&DWP(0,"esp"),$Zhh);
-
-	&shr	($Zll,20);
-	&and	($Zll,0xf0);
-
-	if ($unroll) {
-		&call	("_x86_gmult_4bit_inner");
-	} else {
-		&x86_loop(0);
-		&mov	($inp,&wparam(2));
-	}
-	&lea	($inp,&DWP(16,$inp));
-	&cmp	($inp,&wparam(3));
-	&mov	(&wparam(2),$inp)	if (!$unroll);
-	&jb	(&label("x86_outer_loop"));
-
-	&mov	($inp,&wparam(0));	# load Xi
-	&mov	(&DWP(12,$inp),$Zll);
-	&mov	(&DWP(8,$inp),$Zlh);
-	&mov	(&DWP(4,$inp),$Zhl);
-	&mov	(&DWP(0,$inp),$Zhh);
-	&stack_pop(16+4+1);
-&function_end("gcm_ghash_4bit".$suffix);
-
-if (!$x86only) {{{
-
-&static_label("rem_4bit");
-
-if (!$sse2) {{	# pure-MMX "May" version...
-
-$S=12;		# shift factor for rem_4bit
-
-&function_begin_B("_mmx_gmult_4bit_inner");
-# MMX version performs 3.5 times better on P4 (see comment in non-MMX
-# routine for further details), 100% better on Opteron, ~70% better
-# on Core2 and PIII... In other words effort is considered to be well
-# spent... Since initial release the loop was unrolled in order to
-# "liberate" register previously used as loop counter. Instead it's
-# used to optimize critical path in 'Z.hi ^= rem_4bit[Z.lo&0xf]'.
-# The path involves move of Z.lo from MMX to integer register,
-# effective address calculation and finally merge of value to Z.hi.
-# Reference to rem_4bit is scheduled so late that I had to >>4
-# rem_4bit elements. This resulted in 20-45% procent improvement
-# on contemporary �-archs.
-{
-    my $cnt;
-    my $rem_4bit = "eax";
-    my @rem = ($Zhh,$Zll);
-    my $nhi = $Zhl;
-    my $nlo = $Zlh;
-
-    my ($Zlo,$Zhi) = ("mm0","mm1");
-    my $tmp = "mm2";
-
-	&xor	($nlo,$nlo);	# avoid partial register stalls on PIII
-	&mov	($nhi,$Zll);
-	&mov	(&LB($nlo),&LB($nhi));
-	&shl	(&LB($nlo),4);
-	&and	($nhi,0xf0);
-	&movq	($Zlo,&QWP(8,$Htbl,$nlo));
-	&movq	($Zhi,&QWP(0,$Htbl,$nlo));
-	&movd	($rem[0],$Zlo);
-
-	for ($cnt=28;$cnt>=-2;$cnt--) {
-	    my $odd = $cnt&1;
-	    my $nix = $odd ? $nlo : $nhi;
-
-		&shl	(&LB($nlo),4)			if ($odd);
-		&psrlq	($Zlo,4);
-		&movq	($tmp,$Zhi);
-		&psrlq	($Zhi,4);
-		&pxor	($Zlo,&QWP(8,$Htbl,$nix));
-		&mov	(&LB($nlo),&BP($cnt/2,$inp))	if (!$odd && $cnt>=0);
-		&psllq	($tmp,60);
-		&and	($nhi,0xf0)			if ($odd);
-		&pxor	($Zhi,&QWP(0,$rem_4bit,$rem[1],8)) if ($cnt<28);
-		&and	($rem[0],0xf);
-		&pxor	($Zhi,&QWP(0,$Htbl,$nix));
-		&mov	($nhi,$nlo)			if (!$odd && $cnt>=0);
-		&movd	($rem[1],$Zlo);
-		&pxor	($Zlo,$tmp);
-
-		push	(@rem,shift(@rem));		# "rotate" registers
-	}
-
-	&mov	($inp,&DWP(4,$rem_4bit,$rem[1],8));	# last rem_4bit[rem]
-
-	&psrlq	($Zlo,32);	# lower part of Zlo is already there
-	&movd	($Zhl,$Zhi);
-	&psrlq	($Zhi,32);
-	&movd	($Zlh,$Zlo);
-	&movd	($Zhh,$Zhi);
-	&shl	($inp,4);	# compensate for rem_4bit[i] being >>4
-
-	&bswap	($Zll);
-	&bswap	($Zhl);
-	&bswap	($Zlh);
-	&xor	($Zhh,$inp);
-	&bswap	($Zhh);
-
-	&ret	();
-}
-&function_end_B("_mmx_gmult_4bit_inner");
-
-&function_begin("gcm_gmult_4bit_mmx");
-	&mov	($inp,&wparam(0));	# load Xi
-	&mov	($Htbl,&wparam(1));	# load Htable
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop("eax");
-	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
-
-	&movz	($Zll,&BP(15,$inp));
-
-	&call	("_mmx_gmult_4bit_inner");
-
-	&mov	($inp,&wparam(0));	# load Xi
-	&emms	();
-	&mov	(&DWP(12,$inp),$Zll);
-	&mov	(&DWP(4,$inp),$Zhl);
-	&mov	(&DWP(8,$inp),$Zlh);
-	&mov	(&DWP(0,$inp),$Zhh);
-&function_end("gcm_gmult_4bit_mmx");
-
-# Streamed version performs 20% better on P4, 7% on Opteron,
-# 10% on Core2 and PIII...
-&function_begin("gcm_ghash_4bit_mmx");
-	&mov	($Zhh,&wparam(0));	# load Xi
-	&mov	($Htbl,&wparam(1));	# load Htable
-	&mov	($inp,&wparam(2));	# load in
-	&mov	($Zlh,&wparam(3));	# load len
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop("eax");
-	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
-
-	&add	($Zlh,$inp);
-	&mov	(&wparam(3),$Zlh);	# len to point at the end of input
-	&stack_push(4+1);		# +1 for stack alignment
-
-	&mov	($Zll,&DWP(12,$Zhh));	# load Xi[16]
-	&mov	($Zhl,&DWP(4,$Zhh));
-	&mov	($Zlh,&DWP(8,$Zhh));
-	&mov	($Zhh,&DWP(0,$Zhh));
-	&jmp	(&label("mmx_outer_loop"));
-
-    &set_label("mmx_outer_loop",16);
-	&xor	($Zll,&DWP(12,$inp));
-	&xor	($Zhl,&DWP(4,$inp));
-	&xor	($Zlh,&DWP(8,$inp));
-	&xor	($Zhh,&DWP(0,$inp));
-	&mov	(&wparam(2),$inp);
-	&mov	(&DWP(12,"esp"),$Zll);
-	&mov	(&DWP(4,"esp"),$Zhl);
-	&mov	(&DWP(8,"esp"),$Zlh);
-	&mov	(&DWP(0,"esp"),$Zhh);
-
-	&mov	($inp,"esp");
-	&shr	($Zll,24);
-
-	&call	("_mmx_gmult_4bit_inner");
-
-	&mov	($inp,&wparam(2));
-	&lea	($inp,&DWP(16,$inp));
-	&cmp	($inp,&wparam(3));
-	&jb	(&label("mmx_outer_loop"));
-
-	&mov	($inp,&wparam(0));	# load Xi
-	&emms	();
-	&mov	(&DWP(12,$inp),$Zll);
-	&mov	(&DWP(4,$inp),$Zhl);
-	&mov	(&DWP(8,$inp),$Zlh);
-	&mov	(&DWP(0,$inp),$Zhh);
-
-	&stack_pop(4+1);
-&function_end("gcm_ghash_4bit_mmx");
-
-}} else {{	# "June" MMX version...
-		# ... has slower "April" gcm_gmult_4bit_mmx with folded
-		# loop. This is done to conserve code size...
-$S=16;		# shift factor for rem_4bit
-
-sub mmx_loop() {
-# MMX version performs 2.8 times better on P4 (see comment in non-MMX
-# routine for further details), 40% better on Opteron and Core2, 50%
-# better on PIII... In other words effort is considered to be well
-# spent...
-    my $inp = shift;
-    my $rem_4bit = shift;
-    my $cnt = $Zhh;
-    my $nhi = $Zhl;
-    my $nlo = $Zlh;
-    my $rem = $Zll;
-
-    my ($Zlo,$Zhi) = ("mm0","mm1");
-    my $tmp = "mm2";
-
-	&xor	($nlo,$nlo);	# avoid partial register stalls on PIII
-	&mov	($nhi,$Zll);
-	&mov	(&LB($nlo),&LB($nhi));
-	&mov	($cnt,14);
-	&shl	(&LB($nlo),4);
-	&and	($nhi,0xf0);
-	&movq	($Zlo,&QWP(8,$Htbl,$nlo));
-	&movq	($Zhi,&QWP(0,$Htbl,$nlo));
-	&movd	($rem,$Zlo);
-	&jmp	(&label("mmx_loop"));
-
-    &set_label("mmx_loop",16);
-	&psrlq	($Zlo,4);
-	&and	($rem,0xf);
-	&movq	($tmp,$Zhi);
-	&psrlq	($Zhi,4);
-	&pxor	($Zlo,&QWP(8,$Htbl,$nhi));
-	&mov	(&LB($nlo),&BP(0,$inp,$cnt));
-	&psllq	($tmp,60);
-	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
-	&dec	($cnt);
-	&movd	($rem,$Zlo);
-	&pxor	($Zhi,&QWP(0,$Htbl,$nhi));
-	&mov	($nhi,$nlo);
-	&pxor	($Zlo,$tmp);
-	&js	(&label("mmx_break"));
-
-	&shl	(&LB($nlo),4);
-	&and	($rem,0xf);
-	&psrlq	($Zlo,4);
-	&and	($nhi,0xf0);
-	&movq	($tmp,$Zhi);
-	&psrlq	($Zhi,4);
-	&pxor	($Zlo,&QWP(8,$Htbl,$nlo));
-	&psllq	($tmp,60);
-	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
-	&movd	($rem,$Zlo);
-	&pxor	($Zhi,&QWP(0,$Htbl,$nlo));
-	&pxor	($Zlo,$tmp);
-	&jmp	(&label("mmx_loop"));
-
-    &set_label("mmx_break",16);
-	&shl	(&LB($nlo),4);
-	&and	($rem,0xf);
-	&psrlq	($Zlo,4);
-	&and	($nhi,0xf0);
-	&movq	($tmp,$Zhi);
-	&psrlq	($Zhi,4);
-	&pxor	($Zlo,&QWP(8,$Htbl,$nlo));
-	&psllq	($tmp,60);
-	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
-	&movd	($rem,$Zlo);
-	&pxor	($Zhi,&QWP(0,$Htbl,$nlo));
-	&pxor	($Zlo,$tmp);
-
-	&psrlq	($Zlo,4);
-	&and	($rem,0xf);
-	&movq	($tmp,$Zhi);
-	&psrlq	($Zhi,4);
-	&pxor	($Zlo,&QWP(8,$Htbl,$nhi));
-	&psllq	($tmp,60);
-	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
-	&movd	($rem,$Zlo);
-	&pxor	($Zhi,&QWP(0,$Htbl,$nhi));
-	&pxor	($Zlo,$tmp);
-
-	&psrlq	($Zlo,32);	# lower part of Zlo is already there
-	&movd	($Zhl,$Zhi);
-	&psrlq	($Zhi,32);
-	&movd	($Zlh,$Zlo);
-	&movd	($Zhh,$Zhi);
-
-	&bswap	($Zll);
-	&bswap	($Zhl);
-	&bswap	($Zlh);
-	&bswap	($Zhh);
-}
-
-&function_begin("gcm_gmult_4bit_mmx");
-	&mov	($inp,&wparam(0));	# load Xi
-	&mov	($Htbl,&wparam(1));	# load Htable
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop("eax");
-	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
-
-	&movz	($Zll,&BP(15,$inp));
-
-	&mmx_loop($inp,"eax");
-
-	&emms	();
-	&mov	(&DWP(12,$inp),$Zll);
-	&mov	(&DWP(4,$inp),$Zhl);
-	&mov	(&DWP(8,$inp),$Zlh);
-	&mov	(&DWP(0,$inp),$Zhh);
-&function_end("gcm_gmult_4bit_mmx");
-
-######################################################################
-# Below subroutine is "528B" variant of "4-bit" GCM GHASH function
-# (see gcm128.c for details). It provides further 20-40% performance
-# improvement over above mentioned "May" version.
-
-&static_label("rem_8bit");
-
-&function_begin("gcm_ghash_4bit_mmx");
-{ my ($Zlo,$Zhi) = ("mm7","mm6");
-  my $rem_8bit = "esi";
-  my $Htbl = "ebx";
-
-    # parameter block
-    &mov	("eax",&wparam(0));		# Xi
-    &mov	("ebx",&wparam(1));		# Htable
-    &mov	("ecx",&wparam(2));		# inp
-    &mov	("edx",&wparam(3));		# len
-    &mov	("ebp","esp");			# original %esp
-    &call	(&label("pic_point"));
-    &set_label	("pic_point");
-    &blindpop	($rem_8bit);
-    &lea	($rem_8bit,&DWP(&label("rem_8bit")."-".&label("pic_point"),$rem_8bit));
-
-    &sub	("esp",512+16+16);		# allocate stack frame...
-    &and	("esp",-64);			# ...and align it
-    &sub	("esp",16);			# place for (u8)(H[]<<4)
-
-    &add	("edx","ecx");			# pointer to the end of input
-    &mov	(&DWP(528+16+0,"esp"),"eax");	# save Xi
-    &mov	(&DWP(528+16+8,"esp"),"edx");	# save inp+len
-    &mov	(&DWP(528+16+12,"esp"),"ebp");	# save original %esp
-
-    { my @lo  = ("mm0","mm1","mm2");
-      my @hi  = ("mm3","mm4","mm5");
-      my @tmp = ("mm6","mm7");
-      my ($off1,$off2,$i) = (0,0,);
-
-      &add	($Htbl,128);			# optimize for size
-      &lea	("edi",&DWP(16+128,"esp"));
-      &lea	("ebp",&DWP(16+256+128,"esp"));
-
-      # decompose Htable (low and high parts are kept separately),
-      # generate Htable[]>>4, (u8)(Htable[]<<4), save to stack...
-      for ($i=0;$i<18;$i++) {
-
-	&mov	("edx",&DWP(16*$i+8-128,$Htbl))		if ($i<16);
-	&movq	($lo[0],&QWP(16*$i+8-128,$Htbl))	if ($i<16);
-	&psllq	($tmp[1],60)				if ($i>1);
-	&movq	($hi[0],&QWP(16*$i+0-128,$Htbl))	if ($i<16);
-	&por	($lo[2],$tmp[1])			if ($i>1);
-	&movq	(&QWP($off1-128,"edi"),$lo[1])		if ($i>0 && $i<17);
-	&psrlq	($lo[1],4)				if ($i>0 && $i<17);
-	&movq	(&QWP($off1,"edi"),$hi[1])		if ($i>0 && $i<17);
-	&movq	($tmp[0],$hi[1])			if ($i>0 && $i<17);
-	&movq	(&QWP($off2-128,"ebp"),$lo[2])		if ($i>1);
-	&psrlq	($hi[1],4)				if ($i>0 && $i<17);
-	&movq	(&QWP($off2,"ebp"),$hi[2])		if ($i>1);
-	&shl	("edx",4)				if ($i<16);
-	&mov	(&BP($i,"esp"),&LB("edx"))		if ($i<16);
-
-	unshift	(@lo,pop(@lo));			# "rotate" registers
-	unshift	(@hi,pop(@hi));
-	unshift	(@tmp,pop(@tmp));
-	$off1 += 8	if ($i>0);
-	$off2 += 8	if ($i>1);
-      }
-    }
-
-    &movq	($Zhi,&QWP(0,"eax"));
-    &mov	("ebx",&DWP(8,"eax"));
-    &mov	("edx",&DWP(12,"eax"));		# load Xi
-
-&set_label("outer",16);
-  { my $nlo = "eax";
-    my $dat = "edx";
-    my @nhi = ("edi","ebp");
-    my @rem = ("ebx","ecx");
-    my @red = ("mm0","mm1","mm2");
-    my $tmp = "mm3";
-
-    &xor	($dat,&DWP(12,"ecx"));		# merge input data
-    &xor	("ebx",&DWP(8,"ecx"));
-    &pxor	($Zhi,&QWP(0,"ecx"));
-    &lea	("ecx",&DWP(16,"ecx"));		# inp+=16
-    #&mov	(&DWP(528+12,"esp"),$dat);	# save inp^Xi
-    &mov	(&DWP(528+8,"esp"),"ebx");
-    &movq	(&QWP(528+0,"esp"),$Zhi);
-    &mov	(&DWP(528+16+4,"esp"),"ecx");	# save inp
-
-    &xor	($nlo,$nlo);
-    &rol	($dat,8);
-    &mov	(&LB($nlo),&LB($dat));
-    &mov	($nhi[1],$nlo);
-    &and	(&LB($nlo),0x0f);
-    &shr	($nhi[1],4);
-    &pxor	($red[0],$red[0]);
-    &rol	($dat,8);			# next byte
-    &pxor	($red[1],$red[1]);
-    &pxor	($red[2],$red[2]);
-
-    # Just like in "May" verson modulo-schedule for critical path in
-    # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor'
-    # is scheduled so late that rem_8bit[] has to be shifted *right*
-    # by 16, which is why last argument to pinsrw is 2, which
-    # corresponds to <<32=<<48>>16...
-    for ($j=11,$i=0;$i<15;$i++) {
-
-      if ($i>0) {
-	&pxor	($Zlo,&QWP(16,"esp",$nlo,8));		# Z^=H[nlo]
-	&rol	($dat,8);				# next byte
-	&pxor	($Zhi,&QWP(16+128,"esp",$nlo,8));
-
-	&pxor	($Zlo,$tmp);
-	&pxor	($Zhi,&QWP(16+256+128,"esp",$nhi[0],8));
-	&xor	(&LB($rem[1]),&BP(0,"esp",$nhi[0]));	# rem^(H[nhi]<<4)
-      } else {
-	&movq	($Zlo,&QWP(16,"esp",$nlo,8));
-	&movq	($Zhi,&QWP(16+128,"esp",$nlo,8));
-      }
-
-	&mov	(&LB($nlo),&LB($dat));
-	&mov	($dat,&DWP(528+$j,"esp"))		if (--$j%4==0);
-
-	&movd	($rem[0],$Zlo);
-	&movz	($rem[1],&LB($rem[1]))			if ($i>0);
-	&psrlq	($Zlo,8);				# Z>>=8
-
-	&movq	($tmp,$Zhi);
-	&mov	($nhi[0],$nlo);
-	&psrlq	($Zhi,8);
-
-	&pxor	($Zlo,&QWP(16+256+0,"esp",$nhi[1],8));	# Z^=H[nhi]>>4
-	&and	(&LB($nlo),0x0f);
-	&psllq	($tmp,56);
-
-	&pxor	($Zhi,$red[1])				if ($i>1);
-	&shr	($nhi[0],4);
-	&pinsrw	($red[0],&WP(0,$rem_8bit,$rem[1],2),2)	if ($i>0);
-
-	unshift	(@red,pop(@red));			# "rotate" registers
-	unshift	(@rem,pop(@rem));
-	unshift	(@nhi,pop(@nhi));
-    }
-
-    &pxor	($Zlo,&QWP(16,"esp",$nlo,8));		# Z^=H[nlo]
-    &pxor	($Zhi,&QWP(16+128,"esp",$nlo,8));
-    &xor	(&LB($rem[1]),&BP(0,"esp",$nhi[0]));	# rem^(H[nhi]<<4)
-
-    &pxor	($Zlo,$tmp);
-    &pxor	($Zhi,&QWP(16+256+128,"esp",$nhi[0],8));
-    &movz	($rem[1],&LB($rem[1]));
-
-    &pxor	($red[2],$red[2]);			# clear 2nd word
-    &psllq	($red[1],4);
-
-    &movd	($rem[0],$Zlo);
-    &psrlq	($Zlo,4);				# Z>>=4
-
-    &movq	($tmp,$Zhi);
-    &psrlq	($Zhi,4);
-    &shl	($rem[0],4);				# rem<<4
-
-    &pxor	($Zlo,&QWP(16,"esp",$nhi[1],8));	# Z^=H[nhi]
-    &psllq	($tmp,60);
-    &movz	($rem[0],&LB($rem[0]));
-
-    &pxor	($Zlo,$tmp);
-    &pxor	($Zhi,&QWP(16+128,"esp",$nhi[1],8));
-
-    &pinsrw	($red[0],&WP(0,$rem_8bit,$rem[1],2),2);
-    &pxor	($Zhi,$red[1]);
-
-    &movd	($dat,$Zlo);
-    &pinsrw	($red[2],&WP(0,$rem_8bit,$rem[0],2),3);	# last is <<48
-
-    &psllq	($red[0],12);				# correct by <<16>>4
-    &pxor	($Zhi,$red[0]);
-    &psrlq	($Zlo,32);
-    &pxor	($Zhi,$red[2]);
-
-    &mov	("ecx",&DWP(528+16+4,"esp"));	# restore inp
-    &movd	("ebx",$Zlo);
-    &movq	($tmp,$Zhi);			# 01234567
-    &psllw	($Zhi,8);			# 1.3.5.7.
-    &psrlw	($tmp,8);			# .0.2.4.6
-    &por	($Zhi,$tmp);			# 10325476
-    &bswap	($dat);
-    &pshufw	($Zhi,$Zhi,0b00011011);		# 76543210
-    &bswap	("ebx");
-    
-    &cmp	("ecx",&DWP(528+16+8,"esp"));	# are we done?
-    &jne	(&label("outer"));
-  }
-
-    &mov	("eax",&DWP(528+16+0,"esp"));	# restore Xi
-    &mov	(&DWP(12,"eax"),"edx");
-    &mov	(&DWP(8,"eax"),"ebx");
-    &movq	(&QWP(0,"eax"),$Zhi);
-
-    &mov	("esp",&DWP(528+16+12,"esp"));	# restore original %esp
-    &emms	();
-}
-&function_end("gcm_ghash_4bit_mmx");
-}}
-
-if ($sse2) {{
-######################################################################
-# PCLMULQDQ version.
-
-$Xip="eax";
-$Htbl="edx";
-$const="ecx";
-$inp="esi";
-$len="ebx";
-
-($Xi,$Xhi)=("xmm0","xmm1");	$Hkey="xmm2";
-($T1,$T2,$T3)=("xmm3","xmm4","xmm5");
-($Xn,$Xhn)=("xmm6","xmm7");
-
-&static_label("bswap");
-
-sub clmul64x64_T2 {	# minimal "register" pressure
-my ($Xhi,$Xi,$Hkey)=@_;
-
-	&movdqa		($Xhi,$Xi);		#
-	&pshufd		($T1,$Xi,0b01001110);
-	&pshufd		($T2,$Hkey,0b01001110);
-	&pxor		($T1,$Xi);		#
-	&pxor		($T2,$Hkey);
-
-	&pclmulqdq	($Xi,$Hkey,0x00);	#######
-	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
-	&pclmulqdq	($T1,$T2,0x00);		#######
-	&xorps		($T1,$Xi);		#
-	&xorps		($T1,$Xhi);		#
-
-	&movdqa		($T2,$T1);		#
-	&psrldq		($T1,8);
-	&pslldq		($T2,8);		#
-	&pxor		($Xhi,$T1);
-	&pxor		($Xi,$T2);		#
-}
-
-sub clmul64x64_T3 {
-# Even though this subroutine offers visually better ILP, it
-# was empirically found to be a tad slower than above version.
-# At least in gcm_ghash_clmul context. But it's just as well,
-# because loop modulo-scheduling is possible only thanks to
-# minimized "register" pressure...
-my ($Xhi,$Xi,$Hkey)=@_;
-
-	&movdqa		($T1,$Xi);		#
-	&movdqa		($Xhi,$Xi);
-	&pclmulqdq	($Xi,$Hkey,0x00);	#######
-	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
-	&pshufd		($T2,$T1,0b01001110);	#
-	&pshufd		($T3,$Hkey,0b01001110);
-	&pxor		($T2,$T1);		#
-	&pxor		($T3,$Hkey);
-	&pclmulqdq	($T2,$T3,0x00);		#######
-	&pxor		($T2,$Xi);		#
-	&pxor		($T2,$Xhi);		#
-
-	&movdqa		($T3,$T2);		#
-	&psrldq		($T2,8);
-	&pslldq		($T3,8);		#
-	&pxor		($Xhi,$T2);
-	&pxor		($Xi,$T3);		#
-}
-
-if (1) {		# Algorithm 9 with <<1 twist.
-			# Reduction is shorter and uses only two
-			# temporary registers, which makes it better
-			# candidate for interleaving with 64x64
-			# multiplication. Pre-modulo-scheduled loop
-			# was found to be ~20% faster than Algorithm 5
-			# below. Algorithm 9 was therefore chosen for
-			# further optimization...
-
-sub reduction_alg9 {	# 17/13 times faster than Intel version
-my ($Xhi,$Xi) = @_;
-
-	# 1st phase
-	&movdqa		($T1,$Xi);		#
-	&psllq		($Xi,1);
-	&pxor		($Xi,$T1);		#
-	&psllq		($Xi,5);		#
-	&pxor		($Xi,$T1);		#
-	&psllq		($Xi,57);		#
-	&movdqa		($T2,$Xi);		#
-	&pslldq		($Xi,8);
-	&psrldq		($T2,8);		#
-	&pxor		($Xi,$T1);
-	&pxor		($Xhi,$T2);		#
-
-	# 2nd phase
-	&movdqa		($T2,$Xi);
-	&psrlq		($Xi,5);
-	&pxor		($Xi,$T2);		#
-	&psrlq		($Xi,1);		#
-	&pxor		($Xi,$T2);		#
-	&pxor		($T2,$Xhi);
-	&psrlq		($Xi,1);		#
-	&pxor		($Xi,$T2);		#
-}
-
-&function_begin_B("gcm_init_clmul");
-	&mov		($Htbl,&wparam(0));
-	&mov		($Xip,&wparam(1));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Hkey,&QWP(0,$Xip));
-	&pshufd		($Hkey,$Hkey,0b01001110);# dword swap
-
-	# <<1 twist
-	&pshufd		($T2,$Hkey,0b11111111);	# broadcast uppermost dword
-	&movdqa		($T1,$Hkey);
-	&psllq		($Hkey,1);
-	&pxor		($T3,$T3);		#
-	&psrlq		($T1,63);
-	&pcmpgtd	($T3,$T2);		# broadcast carry bit
-	&pslldq		($T1,8);
-	&por		($Hkey,$T1);		# H<<=1
-
-	# magic reduction
-	&pand		($T3,&QWP(16,$const));	# 0x1c2_polynomial
-	&pxor		($Hkey,$T3);		# if(carry) H^=0x1c2_polynomial
-
-	# calculate H^2
-	&movdqa		($Xi,$Hkey);
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);
-	&reduction_alg9	($Xhi,$Xi);
-
-	&movdqu		(&QWP(0,$Htbl),$Hkey);	# save H
-	&movdqu		(&QWP(16,$Htbl),$Xi);	# save H^2
-
-	&ret		();
-&function_end_B("gcm_init_clmul");
-
-&function_begin_B("gcm_gmult_clmul");
-	&mov		($Xip,&wparam(0));
-	&mov		($Htbl,&wparam(1));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Xi,&QWP(0,$Xip));
-	&movdqa		($T3,&QWP(0,$const));
-	&movups		($Hkey,&QWP(0,$Htbl));
-	&pshufb		($Xi,$T3);
-
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);
-	&reduction_alg9	($Xhi,$Xi);
-
-	&pshufb		($Xi,$T3);
-	&movdqu		(&QWP(0,$Xip),$Xi);
-
-	&ret	();
-&function_end_B("gcm_gmult_clmul");
-
-&function_begin("gcm_ghash_clmul");
-	&mov		($Xip,&wparam(0));
-	&mov		($Htbl,&wparam(1));
-	&mov		($inp,&wparam(2));
-	&mov		($len,&wparam(3));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Xi,&QWP(0,$Xip));
-	&movdqa		($T3,&QWP(0,$const));
-	&movdqu		($Hkey,&QWP(0,$Htbl));
-	&pshufb		($Xi,$T3);
-
-	&sub		($len,0x10);
-	&jz		(&label("odd_tail"));
-
-	#######
-	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
-	#	[(H*Ii+1) + (H*Xi+1)] mod P =
-	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
-	#
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
-	&pshufb		($T1,$T3);
-	&pshufb		($Xn,$T3);
-	&pxor		($Xi,$T1);		# Ii+Xi
-
-	&clmul64x64_T2	($Xhn,$Xn,$Hkey);	# H*Ii+1
-	&movups		($Hkey,&QWP(16,$Htbl));	# load H^2
-
-	&lea		($inp,&DWP(32,$inp));	# i+=2
-	&sub		($len,0x20);
-	&jbe		(&label("even_tail"));
-
-&set_label("mod_loop");
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&movups		($Hkey,&QWP(0,$Htbl));	# load H
-
-	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
-	&pxor		($Xhi,$Xhn);
-
-	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
-	&pshufb		($T1,$T3);
-	&pshufb		($Xn,$T3);
-
-	&movdqa		($T3,$Xn);		#&clmul64x64_TX	($Xhn,$Xn,$Hkey); H*Ii+1
-	&movdqa		($Xhn,$Xn);
-	 &pxor		($Xhi,$T1);		# "Ii+Xi", consume early
-
-	  &movdqa	($T1,$Xi);		#&reduction_alg9($Xhi,$Xi); 1st phase
-	  &psllq	($Xi,1);
-	  &pxor		($Xi,$T1);		#
-	  &psllq	($Xi,5);		#
-	  &pxor		($Xi,$T1);		#
-	&pclmulqdq	($Xn,$Hkey,0x00);	#######
-	  &psllq	($Xi,57);		#
-	  &movdqa	($T2,$Xi);		#
-	  &pslldq	($Xi,8);
-	  &psrldq	($T2,8);		#	
-	  &pxor		($Xi,$T1);
-	&pshufd		($T1,$T3,0b01001110);
-	  &pxor		($Xhi,$T2);		#
-	&pxor		($T1,$T3);
-	&pshufd		($T3,$Hkey,0b01001110);
-	&pxor		($T3,$Hkey);		#
-
-	&pclmulqdq	($Xhn,$Hkey,0x11);	#######
-	  &movdqa	($T2,$Xi);		# 2nd phase
-	  &psrlq	($Xi,5);
-	  &pxor		($Xi,$T2);		#
-	  &psrlq	($Xi,1);		#
-	  &pxor		($Xi,$T2);		#
-	  &pxor		($T2,$Xhi);
-	  &psrlq	($Xi,1);		#
-	  &pxor		($Xi,$T2);		#
-
-	&pclmulqdq	($T1,$T3,0x00);		#######
-	&movups		($Hkey,&QWP(16,$Htbl));	# load H^2
-	&xorps		($T1,$Xn);		#
-	&xorps		($T1,$Xhn);		#
-
-	&movdqa		($T3,$T1);		#
-	&psrldq		($T1,8);
-	&pslldq		($T3,8);		#
-	&pxor		($Xhn,$T1);
-	&pxor		($Xn,$T3);		#
-	&movdqa		($T3,&QWP(0,$const));
-
-	&lea		($inp,&DWP(32,$inp));
-	&sub		($len,0x20);
-	&ja		(&label("mod_loop"));
-
-&set_label("even_tail");
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
-
-	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
-	&pxor		($Xhi,$Xhn);
-
-	&reduction_alg9	($Xhi,$Xi);
-
-	&test		($len,$len);
-	&jnz		(&label("done"));
-
-	&movups		($Hkey,&QWP(0,$Htbl));	# load H
-&set_label("odd_tail");
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&pshufb		($T1,$T3);
-	&pxor		($Xi,$T1);		# Ii+Xi
-
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);	# H*(Ii+Xi)
-	&reduction_alg9	($Xhi,$Xi);
-
-&set_label("done");
-	&pshufb		($Xi,$T3);
-	&movdqu		(&QWP(0,$Xip),$Xi);
-&function_end("gcm_ghash_clmul");
-
-} else {		# Algorith 5. Kept for reference purposes.
-
-sub reduction_alg5 {	# 19/16 times faster than Intel version
-my ($Xhi,$Xi)=@_;
-
-	# <<1
-	&movdqa		($T1,$Xi);		#
-	&movdqa		($T2,$Xhi);
-	&pslld		($Xi,1);
-	&pslld		($Xhi,1);		#
-	&psrld		($T1,31);
-	&psrld		($T2,31);		#
-	&movdqa		($T3,$T1);
-	&pslldq		($T1,4);
-	&psrldq		($T3,12);		#
-	&pslldq		($T2,4);
-	&por		($Xhi,$T3);		#
-	&por		($Xi,$T1);
-	&por		($Xhi,$T2);		#
-
-	# 1st phase
-	&movdqa		($T1,$Xi);
-	&movdqa		($T2,$Xi);
-	&movdqa		($T3,$Xi);		#
-	&pslld		($T1,31);
-	&pslld		($T2,30);
-	&pslld		($Xi,25);		#
-	&pxor		($T1,$T2);
-	&pxor		($T1,$Xi);		#
-	&movdqa		($T2,$T1);		#
-	&pslldq		($T1,12);
-	&psrldq		($T2,4);		#
-	&pxor		($T3,$T1);
-
-	# 2nd phase
-	&pxor		($Xhi,$T3);		#
-	&movdqa		($Xi,$T3);
-	&movdqa		($T1,$T3);
-	&psrld		($Xi,1);		#
-	&psrld		($T1,2);
-	&psrld		($T3,7);		#
-	&pxor		($Xi,$T1);
-	&pxor		($Xhi,$T2);
-	&pxor		($Xi,$T3);		#
-	&pxor		($Xi,$Xhi);		#
-}
-
-&function_begin_B("gcm_init_clmul");
-	&mov		($Htbl,&wparam(0));
-	&mov		($Xip,&wparam(1));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Hkey,&QWP(0,$Xip));
-	&pshufd		($Hkey,$Hkey,0b01001110);# dword swap
-
-	# calculate H^2
-	&movdqa		($Xi,$Hkey);
-	&clmul64x64_T3	($Xhi,$Xi,$Hkey);
-	&reduction_alg5	($Xhi,$Xi);
-
-	&movdqu		(&QWP(0,$Htbl),$Hkey);	# save H
-	&movdqu		(&QWP(16,$Htbl),$Xi);	# save H^2
-
-	&ret		();
-&function_end_B("gcm_init_clmul");
-
-&function_begin_B("gcm_gmult_clmul");
-	&mov		($Xip,&wparam(0));
-	&mov		($Htbl,&wparam(1));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Xi,&QWP(0,$Xip));
-	&movdqa		($Xn,&QWP(0,$const));
-	&movdqu		($Hkey,&QWP(0,$Htbl));
-	&pshufb		($Xi,$Xn);
-
-	&clmul64x64_T3	($Xhi,$Xi,$Hkey);
-	&reduction_alg5	($Xhi,$Xi);
-
-	&pshufb		($Xi,$Xn);
-	&movdqu		(&QWP(0,$Xip),$Xi);
-
-	&ret	();
-&function_end_B("gcm_gmult_clmul");
-
-&function_begin("gcm_ghash_clmul");
-	&mov		($Xip,&wparam(0));
-	&mov		($Htbl,&wparam(1));
-	&mov		($inp,&wparam(2));
-	&mov		($len,&wparam(3));
-
-	&call		(&label("pic"));
-&set_label("pic");
-	&blindpop	($const);
-	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
-
-	&movdqu		($Xi,&QWP(0,$Xip));
-	&movdqa		($T3,&QWP(0,$const));
-	&movdqu		($Hkey,&QWP(0,$Htbl));
-	&pshufb		($Xi,$T3);
-
-	&sub		($len,0x10);
-	&jz		(&label("odd_tail"));
-
-	#######
-	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
-	#	[(H*Ii+1) + (H*Xi+1)] mod P =
-	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
-	#
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
-	&pshufb		($T1,$T3);
-	&pshufb		($Xn,$T3);
-	&pxor		($Xi,$T1);		# Ii+Xi
-
-	&clmul64x64_T3	($Xhn,$Xn,$Hkey);	# H*Ii+1
-	&movdqu		($Hkey,&QWP(16,$Htbl));	# load H^2
-
-	&sub		($len,0x20);
-	&lea		($inp,&DWP(32,$inp));	# i+=2
-	&jbe		(&label("even_tail"));
-
-&set_label("mod_loop");
-	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
-	&movdqu		($Hkey,&QWP(0,$Htbl));	# load H
-
-	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
-	&pxor		($Xhi,$Xhn);
-
-	&reduction_alg5	($Xhi,$Xi);
-
-	#######
-	&movdqa		($T3,&QWP(0,$const));
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
-	&pshufb		($T1,$T3);
-	&pshufb		($Xn,$T3);
-	&pxor		($Xi,$T1);		# Ii+Xi
-
-	&clmul64x64_T3	($Xhn,$Xn,$Hkey);	# H*Ii+1
-	&movdqu		($Hkey,&QWP(16,$Htbl));	# load H^2
-
-	&sub		($len,0x20);
-	&lea		($inp,&DWP(32,$inp));
-	&ja		(&label("mod_loop"));
-
-&set_label("even_tail");
-	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
-
-	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
-	&pxor		($Xhi,$Xhn);
-
-	&reduction_alg5	($Xhi,$Xi);
-
-	&movdqa		($T3,&QWP(0,$const));
-	&test		($len,$len);
-	&jnz		(&label("done"));
-
-	&movdqu		($Hkey,&QWP(0,$Htbl));	# load H
-&set_label("odd_tail");
-	&movdqu		($T1,&QWP(0,$inp));	# Ii
-	&pshufb		($T1,$T3);
-	&pxor		($Xi,$T1);		# Ii+Xi
-
-	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H*(Ii+Xi)
-	&reduction_alg5	($Xhi,$Xi);
-
-	&movdqa		($T3,&QWP(0,$const));
-&set_label("done");
-	&pshufb		($Xi,$T3);
-	&movdqu		(&QWP(0,$Xip),$Xi);
-&function_end("gcm_ghash_clmul");
-
-}
-
-&set_label("bswap",64);
-	&data_byte(15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0);
-	&data_byte(1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2);	# 0x1c2_polynomial
-}}	# $sse2
-
-&set_label("rem_4bit",64);
-	&data_word(0,0x0000<<$S,0,0x1C20<<$S,0,0x3840<<$S,0,0x2460<<$S);
-	&data_word(0,0x7080<<$S,0,0x6CA0<<$S,0,0x48C0<<$S,0,0x54E0<<$S);
-	&data_word(0,0xE100<<$S,0,0xFD20<<$S,0,0xD940<<$S,0,0xC560<<$S);
-	&data_word(0,0x9180<<$S,0,0x8DA0<<$S,0,0xA9C0<<$S,0,0xB5E0<<$S);
-&set_label("rem_8bit",64);
-	&data_short(0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E);
-	&data_short(0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E);
-	&data_short(0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E);
-	&data_short(0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E);
-	&data_short(0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E);
-	&data_short(0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E);
-	&data_short(0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E);
-	&data_short(0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E);
-	&data_short(0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE);
-	&data_short(0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE);
-	&data_short(0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE);
-	&data_short(0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE);
-	&data_short(0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E);
-	&data_short(0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E);
-	&data_short(0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE);
-	&data_short(0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE);
-	&data_short(0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E);
-	&data_short(0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E);
-	&data_short(0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E);
-	&data_short(0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E);
-	&data_short(0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E);
-	&data_short(0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E);
-	&data_short(0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E);
-	&data_short(0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E);
-	&data_short(0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE);
-	&data_short(0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE);
-	&data_short(0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE);
-	&data_short(0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE);
-	&data_short(0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E);
-	&data_short(0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E);
-	&data_short(0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE);
-	&data_short(0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE);
-}}}	# !$x86only
-
-&asciz("GHASH for x86, CRYPTOGAMS by <appro\@openssl.org>");
-&asm_finish();
-
-# A question was risen about choice of vanilla MMX. Or rather why wasn't
-# SSE2 chosen instead? In addition to the fact that MMX runs on legacy
-# CPUs such as PIII, "4-bit" MMX version was observed to provide better
-# performance than *corresponding* SSE2 one even on contemporary CPUs.
-# SSE2 results were provided by Peter-Michael Hager. He maintains SSE2
-# implementation featuring full range of lookup-table sizes, but with
-# per-invocation lookup table setup. Latter means that table size is
-# chosen depending on how much data is to be hashed in every given call,
-# more data - larger table. Best reported result for Core2 is ~4 cycles
-# per processed byte out of 64KB block. This number accounts even for
-# 64KB table setup overhead. As discussed in gcm128.c we choose to be
-# more conservative in respect to lookup table sizes, but how do the
-# results compare? Minimalistic "256B" MMX version delivers ~11 cycles
-# on same platform. As also discussed in gcm128.c, next in line "8-bit
-# Shoup's" or "4KB" method should deliver twice the performance of
-# "256B" one, in other words not worse than ~6 cycles per byte. It
-# should be also be noted that in SSE2 case improvement can be "super-
-# linear," i.e. more than twice, mostly because >>8 maps to single
-# instruction on SSE2 register. This is unlike "4-bit" case when >>4
-# maps to same amount of instructions in both MMX and SSE2 cases.
-# Bottom line is that switch to SSE2 is considered to be justifiable
-# only in case we choose to implement "8-bit" method...
diff --git a/lib/libssl/src/crypto/modes/asm/ghash-x86_64.pl b/lib/libssl/src/crypto/modes/asm/ghash-x86_64.pl
deleted file mode 100644
index 38d779edbcf..00000000000
--- a/lib/libssl/src/crypto/modes/asm/ghash-x86_64.pl
+++ /dev/null
@@ -1,806 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# March, June 2010
-#
-# The module implements "4-bit" GCM GHASH function and underlying
-# single multiplication operation in GF(2^128). "4-bit" means that
-# it uses 256 bytes per-key table [+128 bytes shared table]. GHASH
-# function features so called "528B" variant utilizing additional
-# 256+16 bytes of per-key storage [+512 bytes shared table].
-# Performance results are for this streamed GHASH subroutine and are
-# expressed in cycles per processed byte, less is better:
-#
-#		gcc 3.4.x(*)	assembler
-#
-# P4		28.6		14.0		+100%
-# Opteron	19.3		7.7		+150%
-# Core2		17.8		8.1(**)		+120%
-#
-# (*)	comparison is not completely fair, because C results are
-#	for vanilla "256B" implementation, while assembler results
-#	are for "528B";-)
-# (**)	it's mystery [to me] why Core2 result is not same as for
-#	Opteron;
-
-# May 2010
-#
-# Add PCLMULQDQ version performing at 2.02 cycles per processed byte.
-# See ghash-x86.pl for background information and details about coding
-# techniques.
-#
-# Special thanks to David Woodhouse <dwmw2@infradead.org> for
-# providing access to a Westmere-based system on behalf of Intel
-# Open Source Technology Centre.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-# common register layout
-$nlo="%rax";
-$nhi="%rbx";
-$Zlo="%r8";
-$Zhi="%r9";
-$tmp="%r10";
-$rem_4bit = "%r11";
-
-$Xi="%rdi";
-$Htbl="%rsi";
-
-# per-function register layout
-$cnt="%rcx";
-$rem="%rdx";
-
-sub LB() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/	or
-			$r =~ s/%[er]([sd]i)/%\1l/	or
-			$r =~ s/%[er](bp)/%\1l/		or
-			$r =~ s/%(r[0-9]+)[d]?/%\1b/;   $r; }
-
-sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
-{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
-  my $arg = pop;
-    $arg = "\$$arg" if ($arg*1 eq $arg);
-    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
-}
-
-{ my $N;
-  sub loop() {
-  my $inp = shift;
-
-	$N++;
-$code.=<<___;
-	xor	$nlo,$nlo
-	xor	$nhi,$nhi
-	mov	`&LB("$Zlo")`,`&LB("$nlo")`
-	mov	`&LB("$Zlo")`,`&LB("$nhi")`
-	shl	\$4,`&LB("$nlo")`
-	mov	\$14,$cnt
-	mov	8($Htbl,$nlo),$Zlo
-	mov	($Htbl,$nlo),$Zhi
-	and	\$0xf0,`&LB("$nhi")`
-	mov	$Zlo,$rem
-	jmp	.Loop$N
-
-.align	16
-.Loop$N:
-	shr	\$4,$Zlo
-	and	\$0xf,$rem
-	mov	$Zhi,$tmp
-	mov	($inp,$cnt),`&LB("$nlo")`
-	shr	\$4,$Zhi
-	xor	8($Htbl,$nhi),$Zlo
-	shl	\$60,$tmp
-	xor	($Htbl,$nhi),$Zhi
-	mov	`&LB("$nlo")`,`&LB("$nhi")`
-	xor	($rem_4bit,$rem,8),$Zhi
-	mov	$Zlo,$rem
-	shl	\$4,`&LB("$nlo")`
-	xor	$tmp,$Zlo
-	dec	$cnt
-	js	.Lbreak$N
-
-	shr	\$4,$Zlo
-	and	\$0xf,$rem
-	mov	$Zhi,$tmp
-	shr	\$4,$Zhi
-	xor	8($Htbl,$nlo),$Zlo
-	shl	\$60,$tmp
-	xor	($Htbl,$nlo),$Zhi
-	and	\$0xf0,`&LB("$nhi")`
-	xor	($rem_4bit,$rem,8),$Zhi
-	mov	$Zlo,$rem
-	xor	$tmp,$Zlo
-	jmp	.Loop$N
-
-.align	16
-.Lbreak$N:
-	shr	\$4,$Zlo
-	and	\$0xf,$rem
-	mov	$Zhi,$tmp
-	shr	\$4,$Zhi
-	xor	8($Htbl,$nlo),$Zlo
-	shl	\$60,$tmp
-	xor	($Htbl,$nlo),$Zhi
-	and	\$0xf0,`&LB("$nhi")`
-	xor	($rem_4bit,$rem,8),$Zhi
-	mov	$Zlo,$rem
-	xor	$tmp,$Zlo
-
-	shr	\$4,$Zlo
-	and	\$0xf,$rem
-	mov	$Zhi,$tmp
-	shr	\$4,$Zhi
-	xor	8($Htbl,$nhi),$Zlo
-	shl	\$60,$tmp
-	xor	($Htbl,$nhi),$Zhi
-	xor	$tmp,$Zlo
-	xor	($rem_4bit,$rem,8),$Zhi
-
-	bswap	$Zlo
-	bswap	$Zhi
-___
-}}
-
-$code=<<___;
-.text
-
-.globl	gcm_gmult_4bit
-.type	gcm_gmult_4bit,\@function,2
-.align	16
-gcm_gmult_4bit:
-	push	%rbx
-	push	%rbp		# %rbp and %r12 are pushed exclusively in
-	push	%r12		# order to reuse Win64 exception handler...
-.Lgmult_prologue:
-
-	movzb	15($Xi),$Zlo
-	lea	.Lrem_4bit(%rip),$rem_4bit
-___
-	&loop	($Xi);
-$code.=<<___;
-	mov	$Zlo,8($Xi)
-	mov	$Zhi,($Xi)
-
-	mov	16(%rsp),%rbx
-	lea	24(%rsp),%rsp
-.Lgmult_epilogue:
-	ret
-.size	gcm_gmult_4bit,.-gcm_gmult_4bit
-___
-
-# per-function register layout
-$inp="%rdx";
-$len="%rcx";
-$rem_8bit=$rem_4bit;
-
-$code.=<<___;
-.globl	gcm_ghash_4bit
-.type	gcm_ghash_4bit,\@function,4
-.align	16
-gcm_ghash_4bit:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	sub	\$280,%rsp
-.Lghash_prologue:
-	mov	$inp,%r14		# reassign couple of args
-	mov	$len,%r15
-___
-{ my $inp="%r14";
-  my $dat="%edx";
-  my $len="%r15";
-  my @nhi=("%ebx","%ecx");
-  my @rem=("%r12","%r13");
-  my $Hshr4="%rbp";
-
-	&sub	($Htbl,-128);		# size optimization
-	&lea	($Hshr4,"16+128(%rsp)");
-	{ my @lo =($nlo,$nhi);
-          my @hi =($Zlo,$Zhi);
-
-	  &xor	($dat,$dat);
-	  for ($i=0,$j=-2;$i<18;$i++,$j++) {
-	    &mov	("$j(%rsp)",&LB($dat))		if ($i>1);
-	    &or		($lo[0],$tmp)			if ($i>1);
-	    &mov	(&LB($dat),&LB($lo[1]))		if ($i>0 && $i<17);
-	    &shr	($lo[1],4)			if ($i>0 && $i<17);
-	    &mov	($tmp,$hi[1])			if ($i>0 && $i<17);
-	    &shr	($hi[1],4)			if ($i>0 && $i<17);
-	    &mov	("8*$j($Hshr4)",$hi[0])		if ($i>1);
-	    &mov	($hi[0],"16*$i+0-128($Htbl)")	if ($i<16);
-	    &shl	(&LB($dat),4)			if ($i>0 && $i<17);
-	    &mov	("8*$j-128($Hshr4)",$lo[0])	if ($i>1);
-	    &mov	($lo[0],"16*$i+8-128($Htbl)")	if ($i<16);
-	    &shl	($tmp,60)			if ($i>0 && $i<17);
-
-	    push	(@lo,shift(@lo));
-	    push	(@hi,shift(@hi));
-	  }
-	}
-	&add	($Htbl,-128);
-	&mov	($Zlo,"8($Xi)");
-	&mov	($Zhi,"0($Xi)");
-	&add	($len,$inp);		# pointer to the end of data
-	&lea	($rem_8bit,".Lrem_8bit(%rip)");
-	&jmp	(".Louter_loop");
-
-$code.=".align	16\n.Louter_loop:\n";
-	&xor	($Zhi,"($inp)");
-	&mov	("%rdx","8($inp)");
-	&lea	($inp,"16($inp)");
-	&xor	("%rdx",$Zlo);
-	&mov	("($Xi)",$Zhi);
-	&mov	("8($Xi)","%rdx");
-	&shr	("%rdx",32);
-
-	&xor	($nlo,$nlo);
-	&rol	($dat,8);
-	&mov	(&LB($nlo),&LB($dat));
-	&movz	($nhi[0],&LB($dat));
-	&shl	(&LB($nlo),4);
-	&shr	($nhi[0],4);
-
-	for ($j=11,$i=0;$i<15;$i++) {
-	    &rol	($dat,8);
-	    &xor	($Zlo,"8($Htbl,$nlo)")			if ($i>0);
-	    &xor	($Zhi,"($Htbl,$nlo)")			if ($i>0);
-	    &mov	($Zlo,"8($Htbl,$nlo)")			if ($i==0);
-	    &mov	($Zhi,"($Htbl,$nlo)")			if ($i==0);
-
-	    &mov	(&LB($nlo),&LB($dat));
-	    &xor	($Zlo,$tmp)				if ($i>0);
-	    &movzw	($rem[1],"($rem_8bit,$rem[1],2)")	if ($i>0);
-
-	    &movz	($nhi[1],&LB($dat));
-	    &shl	(&LB($nlo),4);
-	    &movzb	($rem[0],"(%rsp,$nhi[0])");
-
-	    &shr	($nhi[1],4)				if ($i<14);
-	    &and	($nhi[1],0xf0)				if ($i==14);
-	    &shl	($rem[1],48)				if ($i>0);
-	    &xor	($rem[0],$Zlo);
-
-	    &mov	($tmp,$Zhi);
-	    &xor	($Zhi,$rem[1])				if ($i>0);
-	    &shr	($Zlo,8);
-
-	    &movz	($rem[0],&LB($rem[0]));
-	    &mov	($dat,"$j($Xi)")			if (--$j%4==0);
-	    &shr	($Zhi,8);
-
-	    &xor	($Zlo,"-128($Hshr4,$nhi[0],8)");
-	    &shl	($tmp,56);
-	    &xor	($Zhi,"($Hshr4,$nhi[0],8)");
-
-	    unshift	(@nhi,pop(@nhi));		# "rotate" registers
-	    unshift	(@rem,pop(@rem));
-	}
-	&movzw	($rem[1],"($rem_8bit,$rem[1],2)");
-	&xor	($Zlo,"8($Htbl,$nlo)");
-	&xor	($Zhi,"($Htbl,$nlo)");
-
-	&shl	($rem[1],48);
-	&xor	($Zlo,$tmp);
-
-	&xor	($Zhi,$rem[1]);
-	&movz	($rem[0],&LB($Zlo));
-	&shr	($Zlo,4);
-
-	&mov	($tmp,$Zhi);
-	&shl	(&LB($rem[0]),4);
-	&shr	($Zhi,4);
-
-	&xor	($Zlo,"8($Htbl,$nhi[0])");
-	&movzw	($rem[0],"($rem_8bit,$rem[0],2)");
-	&shl	($tmp,60);
-
-	&xor	($Zhi,"($Htbl,$nhi[0])");
-	&xor	($Zlo,$tmp);
-	&shl	($rem[0],48);
-
-	&bswap	($Zlo);
-	&xor	($Zhi,$rem[0]);
-
-	&bswap	($Zhi);
-	&cmp	($inp,$len);
-	&jb	(".Louter_loop");
-}
-$code.=<<___;
-	mov	$Zlo,8($Xi)
-	mov	$Zhi,($Xi)
-
-	lea	280(%rsp),%rsi
-	mov	0(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lghash_epilogue:
-	ret
-.size	gcm_ghash_4bit,.-gcm_ghash_4bit
-___
-
-######################################################################
-# PCLMULQDQ version.
-
-@_4args=$win64?	("%rcx","%rdx","%r8", "%r9") :	# Win64 order
-		("%rdi","%rsi","%rdx","%rcx");	# Unix order
-
-($Xi,$Xhi)=("%xmm0","%xmm1");	$Hkey="%xmm2";
-($T1,$T2,$T3)=("%xmm3","%xmm4","%xmm5");
-
-sub clmul64x64_T2 {	# minimal register pressure
-my ($Xhi,$Xi,$Hkey,$modulo)=@_;
-
-$code.=<<___ if (!defined($modulo));
-	movdqa		$Xi,$Xhi		#
-	pshufd		\$0b01001110,$Xi,$T1
-	pshufd		\$0b01001110,$Hkey,$T2
-	pxor		$Xi,$T1			#
-	pxor		$Hkey,$T2
-___
-$code.=<<___;
-	pclmulqdq	\$0x00,$Hkey,$Xi	#######
-	pclmulqdq	\$0x11,$Hkey,$Xhi	#######
-	pclmulqdq	\$0x00,$T2,$T1		#######
-	pxor		$Xi,$T1			#
-	pxor		$Xhi,$T1		#
-
-	movdqa		$T1,$T2			#
-	psrldq		\$8,$T1
-	pslldq		\$8,$T2			#
-	pxor		$T1,$Xhi
-	pxor		$T2,$Xi			#
-___
-}
-
-sub reduction_alg9 {	# 17/13 times faster than Intel version
-my ($Xhi,$Xi) = @_;
-
-$code.=<<___;
-	# 1st phase
-	movdqa		$Xi,$T1			#
-	psllq		\$1,$Xi
-	pxor		$T1,$Xi			#
-	psllq		\$5,$Xi			#
-	pxor		$T1,$Xi			#
-	psllq		\$57,$Xi		#
-	movdqa		$Xi,$T2			#
-	pslldq		\$8,$Xi
-	psrldq		\$8,$T2			#	
-	pxor		$T1,$Xi
-	pxor		$T2,$Xhi		#
-
-	# 2nd phase
-	movdqa		$Xi,$T2
-	psrlq		\$5,$Xi
-	pxor		$T2,$Xi			#
-	psrlq		\$1,$Xi			#
-	pxor		$T2,$Xi			#
-	pxor		$Xhi,$T2
-	psrlq		\$1,$Xi			#
-	pxor		$T2,$Xi			#
-___
-}
-
-{ my ($Htbl,$Xip)=@_4args;
-
-$code.=<<___;
-.globl	gcm_init_clmul
-.type	gcm_init_clmul,\@abi-omnipotent
-.align	16
-gcm_init_clmul:
-	movdqu		($Xip),$Hkey
-	pshufd		\$0b01001110,$Hkey,$Hkey	# dword swap
-
-	# <<1 twist
-	pshufd		\$0b11111111,$Hkey,$T2	# broadcast uppermost dword
-	movdqa		$Hkey,$T1
-	psllq		\$1,$Hkey
-	pxor		$T3,$T3			#
-	psrlq		\$63,$T1
-	pcmpgtd		$T2,$T3			# broadcast carry bit
-	pslldq		\$8,$T1
-	por		$T1,$Hkey		# H<<=1
-
-	# magic reduction
-	pand		.L0x1c2_polynomial(%rip),$T3
-	pxor		$T3,$Hkey		# if(carry) H^=0x1c2_polynomial
-
-	# calculate H^2
-	movdqa		$Hkey,$Xi
-___
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);
-	&reduction_alg9	($Xhi,$Xi);
-$code.=<<___;
-	movdqu		$Hkey,($Htbl)		# save H
-	movdqu		$Xi,16($Htbl)		# save H^2
-	ret
-.size	gcm_init_clmul,.-gcm_init_clmul
-___
-}
-
-{ my ($Xip,$Htbl)=@_4args;
-
-$code.=<<___;
-.globl	gcm_gmult_clmul
-.type	gcm_gmult_clmul,\@abi-omnipotent
-.align	16
-gcm_gmult_clmul:
-	movdqu		($Xip),$Xi
-	movdqa		.Lbswap_mask(%rip),$T3
-	movdqu		($Htbl),$Hkey
-	pshufb		$T3,$Xi
-___
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);
-	&reduction_alg9	($Xhi,$Xi);
-$code.=<<___;
-	pshufb		$T3,$Xi
-	movdqu		$Xi,($Xip)
-	ret
-.size	gcm_gmult_clmul,.-gcm_gmult_clmul
-___
-}
-
-{ my ($Xip,$Htbl,$inp,$len)=@_4args;
-  my $Xn="%xmm6";
-  my $Xhn="%xmm7";
-  my $Hkey2="%xmm8";
-  my $T1n="%xmm9";
-  my $T2n="%xmm10";
-
-$code.=<<___;
-.globl	gcm_ghash_clmul
-.type	gcm_ghash_clmul,\@abi-omnipotent
-.align	16
-gcm_ghash_clmul:
-___
-$code.=<<___ if ($win64);
-.LSEH_begin_gcm_ghash_clmul:
-	# I can't trust assembler to use specific encoding:-(
-	.byte	0x48,0x83,0xec,0x58		#sub	\$0x58,%rsp
-	.byte	0x0f,0x29,0x34,0x24		#movaps	%xmm6,(%rsp)
-	.byte	0x0f,0x29,0x7c,0x24,0x10	#movdqa	%xmm7,0x10(%rsp)
-	.byte	0x44,0x0f,0x29,0x44,0x24,0x20	#movaps	%xmm8,0x20(%rsp)
-	.byte	0x44,0x0f,0x29,0x4c,0x24,0x30	#movaps	%xmm9,0x30(%rsp)
-	.byte	0x44,0x0f,0x29,0x54,0x24,0x40	#movaps	%xmm10,0x40(%rsp)
-___
-$code.=<<___;
-	movdqa		.Lbswap_mask(%rip),$T3
-
-	movdqu		($Xip),$Xi
-	movdqu		($Htbl),$Hkey
-	pshufb		$T3,$Xi
-
-	sub		\$0x10,$len
-	jz		.Lodd_tail
-
-	movdqu		16($Htbl),$Hkey2
-	#######
-	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
-	#	[(H*Ii+1) + (H*Xi+1)] mod P =
-	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
-	#
-	movdqu		($inp),$T1		# Ii
-	movdqu		16($inp),$Xn		# Ii+1
-	pshufb		$T3,$T1
-	pshufb		$T3,$Xn
-	pxor		$T1,$Xi			# Ii+Xi
-___
-	&clmul64x64_T2	($Xhn,$Xn,$Hkey);	# H*Ii+1
-$code.=<<___;
-	movdqa		$Xi,$Xhi		#
-	pshufd		\$0b01001110,$Xi,$T1
-	pshufd		\$0b01001110,$Hkey2,$T2
-	pxor		$Xi,$T1			#
-	pxor		$Hkey2,$T2
-
-	lea		32($inp),$inp		# i+=2
-	sub		\$0x20,$len
-	jbe		.Leven_tail
-
-.Lmod_loop:
-___
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey2,1);	# H^2*(Ii+Xi)
-$code.=<<___;
-	movdqu		($inp),$T1		# Ii
-	pxor		$Xn,$Xi			# (H*Ii+1) + H^2*(Ii+Xi)
-	pxor		$Xhn,$Xhi
-
-	movdqu		16($inp),$Xn		# Ii+1
-	pshufb		$T3,$T1
-	pshufb		$T3,$Xn
-
-	movdqa		$Xn,$Xhn		#
-	pshufd		\$0b01001110,$Xn,$T1n
-	pshufd		\$0b01001110,$Hkey,$T2n
-	pxor		$Xn,$T1n		#
-	pxor		$Hkey,$T2n
-	 pxor		$T1,$Xhi		# "Ii+Xi", consume early
-
-	  movdqa	$Xi,$T1			# 1st phase
-	  psllq		\$1,$Xi
-	  pxor		$T1,$Xi			#
-	  psllq		\$5,$Xi			#
-	  pxor		$T1,$Xi			#
-	pclmulqdq	\$0x00,$Hkey,$Xn	#######
-	  psllq		\$57,$Xi		#
-	  movdqa	$Xi,$T2			#
-	  pslldq	\$8,$Xi
-	  psrldq	\$8,$T2			#	
-	  pxor		$T1,$Xi
-	  pxor		$T2,$Xhi		#
-
-	pclmulqdq	\$0x11,$Hkey,$Xhn	#######
-	  movdqa	$Xi,$T2			# 2nd phase
-	  psrlq		\$5,$Xi
-	  pxor		$T2,$Xi			#
-	  psrlq		\$1,$Xi			#
-	  pxor		$T2,$Xi			#
-	  pxor		$Xhi,$T2
-	  psrlq		\$1,$Xi			#
-	  pxor		$T2,$Xi			#
-
-	pclmulqdq	\$0x00,$T2n,$T1n	#######
-	 movdqa		$Xi,$Xhi		#
-	 pshufd		\$0b01001110,$Xi,$T1
-	 pshufd		\$0b01001110,$Hkey2,$T2
-	 pxor		$Xi,$T1			#
-	 pxor		$Hkey2,$T2
-
-	pxor		$Xn,$T1n		#
-	pxor		$Xhn,$T1n		#
-	movdqa		$T1n,$T2n		#
-	psrldq		\$8,$T1n
-	pslldq		\$8,$T2n		#
-	pxor		$T1n,$Xhn
-	pxor		$T2n,$Xn		#
-
-	lea		32($inp),$inp
-	sub		\$0x20,$len
-	ja		.Lmod_loop
-
-.Leven_tail:
-___
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey2,1);	# H^2*(Ii+Xi)
-$code.=<<___;
-	pxor		$Xn,$Xi			# (H*Ii+1) + H^2*(Ii+Xi)
-	pxor		$Xhn,$Xhi
-___
-	&reduction_alg9	($Xhi,$Xi);
-$code.=<<___;
-	test		$len,$len
-	jnz		.Ldone
-
-.Lodd_tail:
-	movdqu		($inp),$T1		# Ii
-	pshufb		$T3,$T1
-	pxor		$T1,$Xi			# Ii+Xi
-___
-	&clmul64x64_T2	($Xhi,$Xi,$Hkey);	# H*(Ii+Xi)
-	&reduction_alg9	($Xhi,$Xi);
-$code.=<<___;
-.Ldone:
-	pshufb		$T3,$Xi
-	movdqu		$Xi,($Xip)
-___
-$code.=<<___ if ($win64);
-	movaps	(%rsp),%xmm6
-	movaps	0x10(%rsp),%xmm7
-	movaps	0x20(%rsp),%xmm8
-	movaps	0x30(%rsp),%xmm9
-	movaps	0x40(%rsp),%xmm10
-	add	\$0x58,%rsp
-___
-$code.=<<___;
-	ret
-.LSEH_end_gcm_ghash_clmul:
-.size	gcm_ghash_clmul,.-gcm_ghash_clmul
-___
-}
-
-$code.=<<___;
-.align	64
-.Lbswap_mask:
-	.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
-.L0x1c2_polynomial:
-	.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
-.align	64
-.type	.Lrem_4bit,\@object
-.Lrem_4bit:
-	.long	0,`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`
-	.long	0,`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`
-	.long	0,`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`
-	.long	0,`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`
-.type	.Lrem_8bit,\@object
-.Lrem_8bit:
-	.value	0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E
-	.value	0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E
-	.value	0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E
-	.value	0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E
-	.value	0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E
-	.value	0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E
-	.value	0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E
-	.value	0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E
-	.value	0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE
-	.value	0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE
-	.value	0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE
-	.value	0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE
-	.value	0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E
-	.value	0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E
-	.value	0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE
-	.value	0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE
-	.value	0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E
-	.value	0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E
-	.value	0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E
-	.value	0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E
-	.value	0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E
-	.value	0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E
-	.value	0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E
-	.value	0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E
-	.value	0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE
-	.value	0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE
-	.value	0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE
-	.value	0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE
-	.value	0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E
-	.value	0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E
-	.value	0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE
-	.value	0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE
-
-.asciz	"GHASH for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_prologue
-
-	lea	24(%rax),%rax		# adjust "rsp"
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-
-.Lin_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	se_handler,.-se_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_gcm_gmult_4bit
-	.rva	.LSEH_end_gcm_gmult_4bit
-	.rva	.LSEH_info_gcm_gmult_4bit
-
-	.rva	.LSEH_begin_gcm_ghash_4bit
-	.rva	.LSEH_end_gcm_ghash_4bit
-	.rva	.LSEH_info_gcm_ghash_4bit
-
-	.rva	.LSEH_begin_gcm_ghash_clmul
-	.rva	.LSEH_end_gcm_ghash_clmul
-	.rva	.LSEH_info_gcm_ghash_clmul
-
-.section	.xdata
-.align	8
-.LSEH_info_gcm_gmult_4bit:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lgmult_prologue,.Lgmult_epilogue	# HandlerData
-.LSEH_info_gcm_ghash_4bit:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lghash_prologue,.Lghash_epilogue	# HandlerData
-.LSEH_info_gcm_ghash_clmul:
-	.byte	0x01,0x1f,0x0b,0x00
-	.byte	0x1f,0xa8,0x04,0x00	#movaps 0x40(rsp),xmm10
-	.byte	0x19,0x98,0x03,0x00	#movaps 0x30(rsp),xmm9
-	.byte	0x13,0x88,0x02,0x00	#movaps 0x20(rsp),xmm8
-	.byte	0x0d,0x78,0x01,0x00	#movaps 0x10(rsp),xmm7
-	.byte	0x08,0x68,0x00,0x00	#movaps (rsp),xmm6
-	.byte	0x04,0xa2,0x00,0x00	#sub	rsp,0x58
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/modes/cbc128.c b/lib/libssl/src/crypto/modes/cbc128.c
deleted file mode 100644
index fe45103b0ca..00000000000
--- a/lib/libssl/src/crypto/modes/cbc128.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/* $OpenBSD: cbc128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#undef STRICT_ALIGNMENT
-#ifdef __STRICT_ALIGNMENT
-#define STRICT_ALIGNMENT 1
-#else
-#define STRICT_ALIGNMENT 0
-#endif
-
-void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{
-	size_t n;
-	const unsigned char *iv = ivec;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (STRICT_ALIGNMENT &&
-	    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
-		while (len>=16) {
-			for(n=0; n<16; ++n)
-				out[n] = in[n] ^ iv[n];
-			(*block)(out, out, key);
-			iv = out;
-			len -= 16;
-			in  += 16;
-			out += 16;
-		}
-	} else {
-		while (len>=16) {
-			for(n=0; n<16; n+=sizeof(size_t))
-				*(size_t*)(out+n) =
-				*(size_t*)(in+n) ^ *(size_t*)(iv+n);
-			(*block)(out, out, key);
-			iv = out;
-			len -= 16;
-			in  += 16;
-			out += 16;
-		}
-	}
-#endif
-	while (len) {
-		for(n=0; n<16 && n<len; ++n)
-			out[n] = in[n] ^ iv[n];
-		for(; n<16; ++n)
-			out[n] = iv[n];
-		(*block)(out, out, key);
-		iv = out;
-		if (len<=16) break;
-		len -= 16;
-		in  += 16;
-		out += 16;
-	}
-	memcpy(ivec,iv,16);
-}
-
-void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{
-	size_t n;
-	union { size_t t[16/sizeof(size_t)]; unsigned char c[16]; } tmp;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (in != out) {
-		const unsigned char *iv = ivec;
-
-		if (STRICT_ALIGNMENT &&
-		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
-			while (len>=16) {
-				(*block)(in, out, key);
-				for(n=0; n<16; ++n)
-					out[n] ^= iv[n];
-				iv = in;
-				len -= 16;
-				in  += 16;
-				out += 16;
-			}
-		} else if (16%sizeof(size_t) == 0) { /* always true */
-			while (len>=16) {
-				size_t *out_t=(size_t *)out, *iv_t=(size_t *)iv;
-
-				(*block)(in, out, key);
-				for(n=0; n<16/sizeof(size_t); n++)
-					out_t[n] ^= iv_t[n];
-				iv = in;
-				len -= 16;
-				in  += 16;
-				out += 16;
-			}
-		}
-		memcpy(ivec,iv,16);
-	} else {
-		if (STRICT_ALIGNMENT &&
-		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {
-			unsigned char c;
-			while (len>=16) {
-				(*block)(in, tmp.c, key);
-				for(n=0; n<16; ++n) {
-					c = in[n];
-					out[n] = tmp.c[n] ^ ivec[n];
-					ivec[n] = c;
-				}
-				len -= 16;
-				in  += 16;
-				out += 16;
-			}
-		} else if (16%sizeof(size_t) == 0) { /* always true */
-			while (len>=16) {
-				size_t c, *out_t=(size_t *)out, *ivec_t=(size_t *)ivec;
-				const size_t *in_t=(const size_t *)in;
-
-				(*block)(in, tmp.c, key);
-				for(n=0; n<16/sizeof(size_t); n++) {
-					c = in_t[n];
-					out_t[n] = tmp.t[n] ^ ivec_t[n];
-					ivec_t[n] = c;
-				}
-				len -= 16;
-				in  += 16;
-				out += 16;
-			}
-		}
-	}
-#endif
-	while (len) {
-		unsigned char c;
-		(*block)(in, tmp.c, key);
-		for(n=0; n<16 && n<len; ++n) {
-			c = in[n];
-			out[n] = tmp.c[n] ^ ivec[n];
-			ivec[n] = c;
-		}
-		if (len<=16) {
-			for (; n<16; ++n)
-				ivec[n] = in[n];
-			break;
-		}
-		len -= 16;
-		in  += 16;
-		out += 16;
-	}
-}
diff --git a/lib/libssl/src/crypto/modes/ccm128.c b/lib/libssl/src/crypto/modes/ccm128.c
deleted file mode 100644
index 58cc4f44c6a..00000000000
--- a/lib/libssl/src/crypto/modes/ccm128.c
+++ /dev/null
@@ -1,441 +0,0 @@
-/* $OpenBSD: ccm128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/* First you setup M and L parameters and pass the key schedule.
- * This is called once per session setup... */
-void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
-	unsigned int M,unsigned int L,void *key,block128_f block)
-{
-	memset(ctx->nonce.c,0,sizeof(ctx->nonce.c));
-	ctx->nonce.c[0] = ((u8)(L-1)&7) | (u8)(((M-2)/2)&7)<<3;
-	ctx->blocks = 0;
-	ctx->block = block;
-	ctx->key = key;
-}
-
-/* !!! Following interfaces are to be called *once* per packet !!! */
-
-/* Then you setup per-message nonce and pass the length of the message */
-int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
-	const unsigned char *nonce,size_t nlen,size_t mlen)
-{
-	unsigned int L = ctx->nonce.c[0]&7;	/* the L parameter */
-
-	if (nlen<(14-L)) return -1;		/* nonce is too short */
-
-	if (sizeof(mlen)==8 && L>=3) {
-		ctx->nonce.c[8]  = (u8)(mlen>>(56%(sizeof(mlen)*8)));
-		ctx->nonce.c[9]  = (u8)(mlen>>(48%(sizeof(mlen)*8)));
-		ctx->nonce.c[10] = (u8)(mlen>>(40%(sizeof(mlen)*8)));
-		ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
-	}
-	else
-		ctx->nonce.u[1] = 0;
-
-	ctx->nonce.c[12] = (u8)(mlen>>24);
-	ctx->nonce.c[13] = (u8)(mlen>>16);
-	ctx->nonce.c[14] = (u8)(mlen>>8);
-	ctx->nonce.c[15] = (u8)mlen;
-
-	ctx->nonce.c[0] &= ~0x40;	/* clear Adata flag */
-	memcpy(&ctx->nonce.c[1],nonce,14-L);
-
-	return 0;
-}
-
-/* Then you pass additional authentication data, this is optional */
-void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
-	const unsigned char *aad,size_t alen)
-{	unsigned int i;
-	block128_f block = ctx->block;
-
-	if (alen==0) return;
-
-	ctx->nonce.c[0] |= 0x40;	/* set Adata flag */
-	(*block)(ctx->nonce.c,ctx->cmac.c,ctx->key),
-	ctx->blocks++;
-
-	if (alen<(0x10000-0x100)) {
-		ctx->cmac.c[0] ^= (u8)(alen>>8);
-		ctx->cmac.c[1] ^= (u8)alen;
-		i=2;
-	}
-	else if (sizeof(alen)==8 && alen>=(size_t)1<<(32%(sizeof(alen)*8))) {
-		ctx->cmac.c[0] ^= 0xFF;
-		ctx->cmac.c[1] ^= 0xFF;
-		ctx->cmac.c[2] ^= (u8)(alen>>(56%(sizeof(alen)*8)));
-		ctx->cmac.c[3] ^= (u8)(alen>>(48%(sizeof(alen)*8)));
-		ctx->cmac.c[4] ^= (u8)(alen>>(40%(sizeof(alen)*8)));
-		ctx->cmac.c[5] ^= (u8)(alen>>(32%(sizeof(alen)*8)));
-		ctx->cmac.c[6] ^= (u8)(alen>>24);
-		ctx->cmac.c[7] ^= (u8)(alen>>16);
-		ctx->cmac.c[8] ^= (u8)(alen>>8);
-		ctx->cmac.c[9] ^= (u8)alen;
-		i=10;
-	}
-	else {
-		ctx->cmac.c[0] ^= 0xFF;
-		ctx->cmac.c[1] ^= 0xFE;
-		ctx->cmac.c[2] ^= (u8)(alen>>24);
-		ctx->cmac.c[3] ^= (u8)(alen>>16);
-		ctx->cmac.c[4] ^= (u8)(alen>>8);
-		ctx->cmac.c[5] ^= (u8)alen;
-		i=6;
-	}
-
-	do {
-		for(;i<16 && alen;++i,++aad,--alen)
-			ctx->cmac.c[i] ^= *aad;
-		(*block)(ctx->cmac.c,ctx->cmac.c,ctx->key),
-		ctx->blocks++;
-		i=0;
-	} while (alen);
-}
-
-/* Finally you encrypt or decrypt the message */
-
-/* counter part of nonce may not be larger than L*8 bits,
- * L is not larger than 8, therefore 64-bit counter... */
-static void ctr64_inc(unsigned char *counter) {
-	unsigned int n=8;
-	u8  c;
-
-	counter += 8;
-	do {
-		--n;
-		c = counter[n];
-		++c;
-		counter[n] = c;
-		if (c) return;
-	} while (n);
-}
-
-int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out,
-	size_t len)
-{
-	size_t		n;
-	unsigned int	i,L;
-	unsigned char	flags0	= ctx->nonce.c[0];
-	block128_f	block	= ctx->block;
-	void *		key	= ctx->key;
-	union { u64 u[2]; u8 c[16]; } scratch;
-
-	if (!(flags0&0x40))
-		(*block)(ctx->nonce.c,ctx->cmac.c,key),
-		ctx->blocks++;
-
-	ctx->nonce.c[0] = L = flags0&7;
-	for (n=0,i=15-L;i<15;++i) {
-		n |= ctx->nonce.c[i];
-		ctx->nonce.c[i]=0;
-		n <<= 8;
-	}
-	n |= ctx->nonce.c[15];	/* reconstructed length */
-	ctx->nonce.c[15]=1;
-
-	if (n!=len) return -1;	/* length mismatch */
-
-	ctx->blocks += ((len+15)>>3)|1;
-	if (ctx->blocks > (U64(1)<<61))	return -2; /* too much data */
-
-	while (len>=16) {
-#ifdef __STRICT_ALIGNMENT
-		union { u64 u[2]; u8 c[16]; } temp;
-
-		memcpy (temp.c,inp,16);
-		ctx->cmac.u[0] ^= temp.u[0];
-		ctx->cmac.u[1] ^= temp.u[1];
-#else
-		ctx->cmac.u[0] ^= ((u64*)inp)[0];
-		ctx->cmac.u[1] ^= ((u64*)inp)[1];
-#endif
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-		(*block)(ctx->nonce.c,scratch.c,key);
-		ctr64_inc(ctx->nonce.c);
-#ifdef __STRICT_ALIGNMENT
-		temp.u[0] ^= scratch.u[0];
-		temp.u[1] ^= scratch.u[1];
-		memcpy(out,temp.c,16);
-#else
-		((u64*)out)[0] = scratch.u[0]^((u64*)inp)[0];
-		((u64*)out)[1] = scratch.u[1]^((u64*)inp)[1];
-#endif
-		inp += 16;
-		out += 16;
-		len -= 16;
-	}
-
-	if (len) {
-		for (i=0; i<len; ++i) ctx->cmac.c[i] ^= inp[i];
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-		(*block)(ctx->nonce.c,scratch.c,key);
-		for (i=0; i<len; ++i) out[i] = scratch.c[i]^inp[i];
-	}
-
-	for (i=15-L;i<16;++i)
-		ctx->nonce.c[i]=0;
-
-	(*block)(ctx->nonce.c,scratch.c,key);
-	ctx->cmac.u[0] ^= scratch.u[0];
-	ctx->cmac.u[1] ^= scratch.u[1];
-
-	ctx->nonce.c[0] = flags0;
-
-	return 0;
-}
-
-int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out,
-	size_t len)
-{
-	size_t		n;
-	unsigned int	i,L;
-	unsigned char	flags0	= ctx->nonce.c[0];
-	block128_f	block	= ctx->block;
-	void *		key	= ctx->key;
-	union { u64 u[2]; u8 c[16]; } scratch;
-
-	if (!(flags0&0x40))
-		(*block)(ctx->nonce.c,ctx->cmac.c,key);
-
-	ctx->nonce.c[0] = L = flags0&7;
-	for (n=0,i=15-L;i<15;++i) {
-		n |= ctx->nonce.c[i];
-		ctx->nonce.c[i]=0;
-		n <<= 8;
-	}
-	n |= ctx->nonce.c[15];	/* reconstructed length */
-	ctx->nonce.c[15]=1;
-
-	if (n!=len) return -1;
-
-	while (len>=16) {
-#ifdef __STRICT_ALIGNMENT
-		union { u64 u[2]; u8 c[16]; } temp;
-#endif
-		(*block)(ctx->nonce.c,scratch.c,key);
-		ctr64_inc(ctx->nonce.c);
-#ifdef __STRICT_ALIGNMENT
-		memcpy (temp.c,inp,16);
-		ctx->cmac.u[0] ^= (scratch.u[0] ^= temp.u[0]);
-		ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]);
-		memcpy (out,scratch.c,16);
-#else
-		ctx->cmac.u[0] ^= (((u64*)out)[0] = scratch.u[0]^((u64*)inp)[0]);
-		ctx->cmac.u[1] ^= (((u64*)out)[1] = scratch.u[1]^((u64*)inp)[1]);
-#endif
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-
-		inp += 16;
-		out += 16;
-		len -= 16;
-	}
-
-	if (len) {
-		(*block)(ctx->nonce.c,scratch.c,key);
-		for (i=0; i<len; ++i)
-			ctx->cmac.c[i] ^= (out[i] = scratch.c[i]^inp[i]);
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-	}
-
-	for (i=15-L;i<16;++i)
-		ctx->nonce.c[i]=0;
-
-	(*block)(ctx->nonce.c,scratch.c,key);
-	ctx->cmac.u[0] ^= scratch.u[0];
-	ctx->cmac.u[1] ^= scratch.u[1];
-
-	ctx->nonce.c[0] = flags0;
-
-	return 0;
-}
-
-static void ctr64_add (unsigned char *counter,size_t inc)
-{	size_t n=8, val=0;
-
-	counter += 8;
-	do {
-		--n;
-		val += counter[n] + (inc&0xff);
-		counter[n] = (unsigned char)val;
-		val >>= 8;	/* carry bit */
-		inc >>= 8;
-	} while(n && (inc || val));
-}
-
-int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out,
-	size_t len,ccm128_f stream)
-{
-	size_t		n;
-	unsigned int	i,L;
-	unsigned char	flags0	= ctx->nonce.c[0];
-	block128_f	block	= ctx->block;
-	void *		key	= ctx->key;
-	union { u64 u[2]; u8 c[16]; } scratch;
-
-	if (!(flags0&0x40))
-		(*block)(ctx->nonce.c,ctx->cmac.c,key),
-		ctx->blocks++;
-
-	ctx->nonce.c[0] = L = flags0&7;
-	for (n=0,i=15-L;i<15;++i) {
-		n |= ctx->nonce.c[i];
-		ctx->nonce.c[i]=0;
-		n <<= 8;
-	}
-	n |= ctx->nonce.c[15];	/* reconstructed length */
-	ctx->nonce.c[15]=1;
-
-	if (n!=len) return -1;	/* length mismatch */
-
-	ctx->blocks += ((len+15)>>3)|1;
-	if (ctx->blocks > (U64(1)<<61))	return -2; /* too much data */
-
-	if ((n=len/16)) {
-		(*stream)(inp,out,n,key,ctx->nonce.c,ctx->cmac.c);
-		n   *= 16;
-		inp += n;
-		out += n;
-		len -= n;
-		if (len) ctr64_add(ctx->nonce.c,n/16);
-	}
-
-	if (len) {
-		for (i=0; i<len; ++i) ctx->cmac.c[i] ^= inp[i];
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-		(*block)(ctx->nonce.c,scratch.c,key);
-		for (i=0; i<len; ++i) out[i] = scratch.c[i]^inp[i];
-	}
-
-	for (i=15-L;i<16;++i)
-		ctx->nonce.c[i]=0;
-
-	(*block)(ctx->nonce.c,scratch.c,key);
-	ctx->cmac.u[0] ^= scratch.u[0];
-	ctx->cmac.u[1] ^= scratch.u[1];
-
-	ctx->nonce.c[0] = flags0;
-
-	return 0;
-}
-
-int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out,
-	size_t len,ccm128_f stream)
-{
-	size_t		n;
-	unsigned int	i,L;
-	unsigned char	flags0	= ctx->nonce.c[0];
-	block128_f	block	= ctx->block;
-	void *		key	= ctx->key;
-	union { u64 u[2]; u8 c[16]; } scratch;
-
-	if (!(flags0&0x40))
-		(*block)(ctx->nonce.c,ctx->cmac.c,key);
-
-	ctx->nonce.c[0] = L = flags0&7;
-	for (n=0,i=15-L;i<15;++i) {
-		n |= ctx->nonce.c[i];
-		ctx->nonce.c[i]=0;
-		n <<= 8;
-	}
-	n |= ctx->nonce.c[15];	/* reconstructed length */
-	ctx->nonce.c[15]=1;
-
-	if (n!=len) return -1;
-
-	if ((n=len/16)) {
-		(*stream)(inp,out,n,key,ctx->nonce.c,ctx->cmac.c);
-		n   *= 16;
-		inp += n;
-		out += n;
-		len -= n;
-		if (len) ctr64_add(ctx->nonce.c,n/16);
-	}
-
-	if (len) {
-		(*block)(ctx->nonce.c,scratch.c,key);
-		for (i=0; i<len; ++i)
-			ctx->cmac.c[i] ^= (out[i] = scratch.c[i]^inp[i]);
-		(*block)(ctx->cmac.c,ctx->cmac.c,key);
-	}
-
-	for (i=15-L;i<16;++i)
-		ctx->nonce.c[i]=0;
-
-	(*block)(ctx->nonce.c,scratch.c,key);
-	ctx->cmac.u[0] ^= scratch.u[0];
-	ctx->cmac.u[1] ^= scratch.u[1];
-
-	ctx->nonce.c[0] = flags0;
-
-	return 0;
-}
-
-size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx,unsigned char *tag,size_t len)
-{	unsigned int M = (ctx->nonce.c[0]>>3)&7;	/* the M parameter */
-
-	M *= 2; M += 2;
-	if (len<M)	return 0;
-	memcpy(tag,ctx->cmac.c,M);
-	return M;
-}
diff --git a/lib/libssl/src/crypto/modes/cfb128.c b/lib/libssl/src/crypto/modes/cfb128.c
deleted file mode 100644
index 8399f0c5be0..00000000000
--- a/lib/libssl/src/crypto/modes/cfb128.c
+++ /dev/null
@@ -1,234 +0,0 @@
-/* $OpenBSD: cfb128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/* The input and output encrypted as though 128bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block)
-{
-    unsigned int n;
-    size_t l = 0;
-
-    n = *num;
-
-    if (enc) {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do {	/* always true actually */
-		while (n && len) {
-			*(out++) = ivec[n] ^= *(in++);
-			--len;
-			n = (n+1) % 16;
-		}
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
-			break;
-#endif
-		while (len>=16) {
-			(*block)(ivec, ivec, key);
-			for (; n<16; n+=sizeof(size_t)) {
-				*(size_t*)(out+n) =
-				*(size_t*)(ivec+n) ^= *(size_t*)(in+n);
-			}
-			len -= 16;
-			out += 16;
-			in  += 16;
-			n = 0;
-		}
-		if (len) {
-			(*block)(ivec, ivec, key);
-			while (len--) {
-				out[n] = ivec[n] ^= in[n];
-				++n;
-			}
-		}
-		*num = n;
-		return;
-	} while (0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l<len) {
-		if (n == 0) {
-			(*block)(ivec, ivec, key);
-		}
-		out[l] = ivec[n] ^= in[l];
-		++l;
-		n = (n+1) % 16;
-	}
-	*num = n;
-    } else {
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do {	/* always true actually */
-		while (n && len) {
-			unsigned char c;
-			*(out++) = ivec[n] ^ (c = *(in++)); ivec[n] = c;
-			--len;
-			n = (n+1) % 16;
- 		}
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
-			break;
-#endif
-		while (len>=16) {
-			(*block)(ivec, ivec, key);
-			for (; n<16; n+=sizeof(size_t)) {
-				size_t t = *(size_t*)(in+n);
-				*(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t;
-				*(size_t*)(ivec+n) = t;
-			}
-			len -= 16;
-			out += 16;
-			in  += 16;
-			n = 0;
-		}
-		if (len) {
-			(*block)(ivec, ivec, key);
-			while (len--) {
-				unsigned char c;
-				out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c;
-				++n;
-			}
- 		}
-		*num = n;
-		return;
-	} while (0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l<len) {
-		unsigned char c;
-		if (n == 0) {
-			(*block)(ivec, ivec, key);
-		}
-		out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;
-		++l;
-		n = (n+1) % 16;
-	}
-	*num=n;
-    }
-}
-
-/* This expects a single block of size nbits for both in and out. Note that
-   it corrupts any extra bits in the last byte of out */
-static void cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
-			    int nbits,const void *key,
-			    unsigned char ivec[16],int enc,
-			    block128_f block)
-{
-    int n,rem,num;
-    unsigned char ovec[16*2 + 1];  /* +1 because we dererefence (but don't use) one byte off the end */
-
-    if (nbits<=0 || nbits>128) return;
-
-	/* fill in the first half of the new IV with the current IV */
-	memcpy(ovec,ivec,16);
-	/* construct the new IV */
-	(*block)(ivec,ivec,key);
-	num = (nbits+7)/8;
-	if (enc)	/* encrypt the input */
-	    for(n=0 ; n < num ; ++n)
-		out[n] = (ovec[16+n] = in[n] ^ ivec[n]);
-	else		/* decrypt the input */
-	    for(n=0 ; n < num ; ++n)
-		out[n] = (ovec[16+n] = in[n]) ^ ivec[n];
-	/* shift ovec left... */
-	rem = nbits%8;
-	num = nbits/8;
-	if(rem==0)
-	    memcpy(ivec,ovec+num,16);
-	else
-	    for(n=0 ; n < 16 ; ++n)
-		ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
-
-    /* it is not necessary to cleanse ovec, since the IV is not secret */
-}
-
-/* N.B. This expects the input to be packed, MS bit first */
-void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
-		 	size_t bits, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block)
-{
-    size_t n;
-    unsigned char c[1],d[1];
-
-    for(n=0 ; n<bits ; ++n)
-	{
-	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
-	cfbr_encrypt_block(c,d,1,key,ivec,enc,block);
-	out[n/8]=(out[n/8]&~(1 << (unsigned int)(7-n%8))) |
-		 ((d[0]&0x80) >> (unsigned int)(n%8));
-	}
-}
-
-void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
-			size_t length, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block)
-{
-    size_t n;
-
-    for(n=0 ; n<length ; ++n)
-	cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc,block);
-}
-
diff --git a/lib/libssl/src/crypto/modes/ctr128.c b/lib/libssl/src/crypto/modes/ctr128.c
deleted file mode 100644
index 7fd0223701a..00000000000
--- a/lib/libssl/src/crypto/modes/ctr128.c
+++ /dev/null
@@ -1,252 +0,0 @@
-/* $OpenBSD: ctr128.c,v 1.6 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-#include <assert.h>
-
-/* NOTE: the IV/counter CTR mode is big-endian.  The code itself
- * is endian-neutral. */
-
-/* increment counter (128-bit int) by 1 */
-static void ctr128_inc(unsigned char *counter) {
-	u32 n=16;
-	u8  c;
-
-	do {
-		--n;
-		c = counter[n];
-		++c;
-		counter[n] = c;
-		if (c) return;
-	} while (n);
-}
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-static void
-ctr128_inc_aligned(unsigned char *counter)
-{
-	size_t *data,c,n;
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-		ctr128_inc(counter);
-		return;
-	}
-
-	data = (size_t *)counter;
-	n = 16/sizeof(size_t);
-	do {
-		--n;
-		c = data[n];
-		++c;
-		data[n] = c;
-		if (c) return;
-	} while (n);
-}
-#endif
-
-/* The input encrypted as though 128bit counter mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num, and the
- * encrypted counter is kept in ecount_buf.  Both *num and
- * ecount_buf must be initialised with zeros before the first
- * call to CRYPTO_ctr128_encrypt().
- *
- * This algorithm assumes that the counter is in the x lower bits
- * of the IV (ivec), and that the application has full control over
- * overflow and the rest of the IV.  This implementation takes NO
- * responsability for checking that the counter doesn't overflow
- * into the rest of the IV when incremented.
- */
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], unsigned char ecount_buf[16],
-			unsigned int *num, block128_f block)
-{
-	unsigned int n;
-	size_t l=0;
-
-	assert(*num < 16);
-
-	n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do { /* always true actually */
-		while (n && len) {
-			*(out++) = *(in++) ^ ecount_buf[n];
-			--len;
-			n = (n+1) % 16;
-		}
-
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
-			break;
-#endif
-		while (len>=16) {
-			(*block)(ivec, ecount_buf, key);
-			ctr128_inc_aligned(ivec);
-			for (; n<16; n+=sizeof(size_t))
-				*(size_t *)(out+n) =
-				*(size_t *)(in+n) ^ *(size_t *)(ecount_buf+n);
-			len -= 16;
-			out += 16;
-			in  += 16;
-			n = 0;
-		}
-		if (len) {
-			(*block)(ivec, ecount_buf, key);
- 			ctr128_inc_aligned(ivec);
-			while (len--) {
-				out[n] = in[n] ^ ecount_buf[n];
-				++n;
-			}
-		}
-		*num = n;
-		return;
-	} while(0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l<len) {
-		if (n==0) {
-			(*block)(ivec, ecount_buf, key);
- 			ctr128_inc(ivec);
-		}
-		out[l] = in[l] ^ ecount_buf[n];
-		++l;
-		n = (n+1) % 16;
-	}
-
-	*num=n;
-}
-
-/* increment upper 96 bits of 128-bit counter by 1 */
-static void ctr96_inc(unsigned char *counter) {
-	u32 n=12;
-	u8  c;
-
-	do {
-		--n;
-		c = counter[n];
-		++c;
-		counter[n] = c;
-		if (c) return;
-	} while (n);
-}
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], unsigned char ecount_buf[16],
-			unsigned int *num, ctr128_f func)
-{
-	unsigned int n,ctr32;
-
-	assert(*num < 16);
-
-	n = *num;
-
-	while (n && len) {
-		*(out++) = *(in++) ^ ecount_buf[n];
-		--len;
-		n = (n+1) % 16;
-	}
-
-	ctr32 = GETU32(ivec+12);
-	while (len>=16) {
-		size_t blocks = len/16;
-		/*
-		 * 1<<28 is just a not-so-small yet not-so-large number...
-		 * Below condition is practically never met, but it has to
-		 * be checked for code correctness.
-		 */
-		if (sizeof(size_t)>sizeof(unsigned int) && blocks>(1U<<28))
-			blocks = (1U<<28);
-		/*
-		 * As (*func) operates on 32-bit counter, caller
-		 * has to handle overflow. 'if' below detects the
-		 * overflow, which is then handled by limiting the
-		 * amount of blocks to the exact overflow point...
-		 */
-		ctr32 += (u32)blocks;
-		if (ctr32 < blocks) {
-			blocks -= ctr32;
-			ctr32   = 0;
-		}
-		(*func)(in,out,blocks,key,ivec);
-		/* (*ctr) does not update ivec, caller does: */
-		PUTU32(ivec+12,ctr32);
-		/* ... overflow was detected, propogate carry. */
-		if (ctr32 == 0)	ctr96_inc(ivec);
-		blocks *= 16;
-		len -= blocks;
-		out += blocks;
-		in  += blocks;
-	}
-	if (len) {
-		memset(ecount_buf,0,16);
-		(*func)(ecount_buf,ecount_buf,1,key,ivec);
-		++ctr32;
-		PUTU32(ivec+12,ctr32);
-		if (ctr32 == 0)	ctr96_inc(ivec);
-		while (len--) {
-			out[n] = in[n] ^ ecount_buf[n];
-			++n;
-		}
-	}
-
-	*num=n;
-}
diff --git a/lib/libssl/src/crypto/modes/cts128.c b/lib/libssl/src/crypto/modes/cts128.c
deleted file mode 100644
index 802aa77cd56..00000000000
--- a/lib/libssl/src/crypto/modes/cts128.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* $OpenBSD: cts128.c,v 1.5 2015/07/19 18:27:26 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/*
- * Trouble with Ciphertext Stealing, CTS, mode is that there is no
- * common official specification, but couple of cipher/application
- * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to
- * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which
- * deviates from mentioned RFCs. Most notably it allows input to be
- * of block length and it doesn't flip the order of the last two
- * blocks. CTS is being discussed even in ECB context, but it's not
- * adopted for any known application. This implementation provides
- * two interfaces: one compliant with above mentioned RFCs and one
- * compliant with the NIST proposal, both extending CBC mode.
- */
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{	size_t residue, n;
-
-	if (len <= 16) return 0;
-
-	if ((residue=len%16) == 0) residue = 16;
-
-	len -= residue;
-
-	CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
-
-	in  += len;
-	out += len;
-
-	for (n=0; n<residue; ++n)
-		ivec[n] ^= in[n];
-	(*block)(ivec,ivec,key);
-	memcpy(out,out-16,residue);
-	memcpy(out-16,ivec,16); 
-
-	return len+residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{	size_t residue, n;
-
-	if (len < 16) return 0;
-
-	residue=len%16;
-
-	len -= residue;
-
-	CRYPTO_cbc128_encrypt(in,out,len,key,ivec,block);
-
-	if (residue==0)	return len;
-
-	in  += len;
-	out += len;
-
-	for (n=0; n<residue; ++n)
-		ivec[n] ^= in[n];
-	(*block)(ivec,ivec,key);
-	memcpy(out-16+residue,ivec,16);
-
-	return len+residue;
-}
-
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue;
-	union { size_t align; unsigned char c[16]; } tmp;
-
-	if (len <= 16) return 0;
-
-	if ((residue=len%16) == 0) residue = 16;
-
-	len -= residue;
-
-	(*cbc)(in,out,len,key,ivec,1);
-
-	in  += len;
-	out += len;
-
-	memset(tmp.c,0,sizeof(tmp));
-	memcpy(tmp.c,in,residue);
-	memcpy(out,out-16,residue);
-	(*cbc)(tmp.c,out-16,16,key,ivec,1);
-	return len+residue;
-}
-
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue;
-	union { size_t align; unsigned char c[16]; } tmp;
-
-	if (len < 16) return 0;
-
-	residue=len%16;
-
-	len -= residue;
-
-	(*cbc)(in,out,len,key,ivec,1);
-
-	if (residue==0) return len;
-
-	in  += len;
-	out += len;
-
-	memset(tmp.c,0,sizeof(tmp));
-	memcpy(tmp.c,in,residue);
-	(*cbc)(tmp.c,out-16+residue,16,key,ivec,1);
-	return len+residue;
-}
-
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{	size_t residue, n;
-	union { size_t align; unsigned char c[32]; } tmp;
-
-	if (len<=16) return 0;
-
-	if ((residue=len%16) == 0) residue = 16;
-
-	len -= 16+residue;
-
-	if (len) {
-		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
-		in  += len;
-		out += len;
-	}
-
-	(*block)(in,tmp.c+16,key);
-
-	memcpy(tmp.c,tmp.c+16,16);
-	memcpy(tmp.c,in+16,residue);
-	(*block)(tmp.c,tmp.c,key);
-
-	for(n=0; n<16; ++n) {
-		unsigned char c = in[n];
-		out[n] = tmp.c[n] ^ ivec[n];
-		ivec[n] = c;
-	}
-	for(residue+=16; n<residue; ++n)
-		out[n] = tmp.c[n] ^ in[n];
-
-	return 16+len+residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block)
-{	size_t residue, n;
-	union { size_t align; unsigned char c[32]; } tmp;
-
-	if (len<16) return 0;
-
-	residue=len%16;
-
-	if (residue==0) {
-		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
-		return len;
-	}
-
-	len -= 16+residue;
-
-	if (len) {
-		CRYPTO_cbc128_decrypt(in,out,len,key,ivec,block);
-		in  += len;
-		out += len;
-	}
-
-	(*block)(in+residue,tmp.c+16,key);
-
-	memcpy(tmp.c,tmp.c+16,16);
-	memcpy(tmp.c,in,residue);
-	(*block)(tmp.c,tmp.c,key);
-
-	for(n=0; n<16; ++n) {
-		unsigned char c = in[n];
-		out[n] = tmp.c[n] ^ ivec[n];
-		ivec[n] = in[n+residue];
-		tmp.c[n] = c;
-	}
-	for(residue+=16; n<residue; ++n)
-		out[n] = tmp.c[n] ^ tmp.c[n-16];
-
-	return 16+len+residue;
-}
-
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue;
-	union { size_t align; unsigned char c[32]; } tmp;
-
-	if (len<=16) return 0;
-
-	if ((residue=len%16) == 0) residue = 16;
-
-	len -= 16+residue;
-
-	if (len) {
-		(*cbc)(in,out,len,key,ivec,0);
-		in  += len;
-		out += len;
-	}
-
-	memset(tmp.c,0,sizeof(tmp));
-	/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
-	(*cbc)(in,tmp.c,16,key,tmp.c+16,0);
-
-	memcpy(tmp.c,in+16,residue);
-	(*cbc)(tmp.c,tmp.c,32,key,ivec,0);
-	memcpy(out,tmp.c,16+residue);
-	return 16+len+residue;
-}
-
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc)
-{	size_t residue;
-	union { size_t align; unsigned char c[32]; } tmp;
-
-	if (len<16) return 0;
-
-	residue=len%16;
-
-	if (residue==0) {
-		(*cbc)(in,out,len,key,ivec,0);
-		return len;
-	}
-
-	len -= 16+residue;
-
-	if (len) {
-		(*cbc)(in,out,len,key,ivec,0);
-		in  += len;
-		out += len;
-	}
-
-	memset(tmp.c,0,sizeof(tmp));
-	/* this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0] */
-	(*cbc)(in+residue,tmp.c,16,key,tmp.c+16,0);
-
-	memcpy(tmp.c,in,residue);
-	(*cbc)(tmp.c,tmp.c,32,key,ivec,0);
-	memcpy(out,tmp.c,16+residue);
-	return 16+len+residue;
-}
diff --git a/lib/libssl/src/crypto/modes/gcm128.c b/lib/libssl/src/crypto/modes/gcm128.c
deleted file mode 100644
index dd6d91e8807..00000000000
--- a/lib/libssl/src/crypto/modes/gcm128.c
+++ /dev/null
@@ -1,1539 +0,0 @@
-/* $OpenBSD: gcm128.c,v 1.13 2015/09/10 15:56:25 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#define OPENSSL_FIPSAPI
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-#if defined(BSWAP4) && defined(__STRICT_ALIGNMENT)
-/* redefine, because alignment is ensured */
-#undef	GETU32
-#define	GETU32(p)	BSWAP4(*(const u32 *)(p))
-#undef	PUTU32
-#define	PUTU32(p,v)	*(u32 *)(p) = BSWAP4(v)
-#endif
-
-#define	PACK(s)		((size_t)(s)<<(sizeof(size_t)*8-16))
-#define REDUCE1BIT(V)	\
-	do { \
-		if (sizeof(size_t)==8) { \
-			u64 T = U64(0xe100000000000000) & (0-(V.lo&1)); \
-			V.lo  = (V.hi<<63)|(V.lo>>1); \
-			V.hi  = (V.hi>>1 )^T; \
-		} else { \
-			u32 T = 0xe1000000U & (0-(u32)(V.lo&1)); \
-			V.lo  = (V.hi<<63)|(V.lo>>1); \
-			V.hi  = (V.hi>>1 )^((u64)T<<32); \
-		} \
-	} while(0)
-
-/*
- * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
- * never be set to 8. 8 is effectively reserved for testing purposes.
- * TABLE_BITS>1 are lookup-table-driven implementations referred to as
- * "Shoup's" in GCM specification. In other words OpenSSL does not cover
- * whole spectrum of possible table driven implementations. Why? In
- * non-"Shoup's" case memory access pattern is segmented in such manner,
- * that it's trivial to see that cache timing information can reveal
- * fair portion of intermediate hash value. Given that ciphertext is
- * always available to attacker, it's possible for him to attempt to
- * deduce secret parameter H and if successful, tamper with messages
- * [which is nothing but trivial in CTR mode]. In "Shoup's" case it's
- * not as trivial, but there is no reason to believe that it's resistant
- * to cache-timing attack. And the thing about "8-bit" implementation is
- * that it consumes 16 (sixteen) times more memory, 4KB per individual
- * key + 1KB shared. Well, on pros side it should be twice as fast as
- * "4-bit" version. And for gcc-generated x86[_64] code, "8-bit" version
- * was observed to run ~75% faster, closer to 100% for commercial
- * compilers... Yet "4-bit" procedure is preferred, because it's
- * believed to provide better security-performance balance and adequate
- * all-round performance. "All-round" refers to things like:
- *
- * - shorter setup time effectively improves overall timing for
- *   handling short messages;
- * - larger table allocation can become unbearable because of VM
- *   subsystem penalties (for example on Windows large enough free
- *   results in VM working set trimming, meaning that consequent
- *   malloc would immediately incur working set expansion);
- * - larger table has larger cache footprint, which can affect
- *   performance of other code paths (not necessarily even from same
- *   thread in Hyper-Threading world);
- *
- * Value of 1 is not appropriate for performance reasons.
- */
-#if	TABLE_BITS==8
-
-static void gcm_init_8bit(u128 Htable[256], u64 H[2])
-{
-	int  i, j;
-	u128 V;
-
-	Htable[0].hi = 0;
-	Htable[0].lo = 0;
-	V.hi = H[0];
-	V.lo = H[1];
-
-	for (Htable[128]=V, i=64; i>0; i>>=1) {
-		REDUCE1BIT(V);
-		Htable[i] = V;
-	}
-
-	for (i=2; i<256; i<<=1) {
-		u128 *Hi = Htable+i, H0 = *Hi;
-		for (j=1; j<i; ++j) {
-			Hi[j].hi = H0.hi^Htable[j].hi;
-			Hi[j].lo = H0.lo^Htable[j].lo;
-		}
-	}
-}
-
-static void gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256])
-{
-	u128 Z = { 0, 0};
-	const u8 *xi = (const u8 *)Xi+15;
-	size_t rem, n = *xi;
-	static const size_t rem_8bit[256] = {
-		PACK(0x0000), PACK(0x01C2), PACK(0x0384), PACK(0x0246),
-		PACK(0x0708), PACK(0x06CA), PACK(0x048C), PACK(0x054E),
-		PACK(0x0E10), PACK(0x0FD2), PACK(0x0D94), PACK(0x0C56),
-		PACK(0x0918), PACK(0x08DA), PACK(0x0A9C), PACK(0x0B5E),
-		PACK(0x1C20), PACK(0x1DE2), PACK(0x1FA4), PACK(0x1E66),
-		PACK(0x1B28), PACK(0x1AEA), PACK(0x18AC), PACK(0x196E),
-		PACK(0x1230), PACK(0x13F2), PACK(0x11B4), PACK(0x1076),
-		PACK(0x1538), PACK(0x14FA), PACK(0x16BC), PACK(0x177E),
-		PACK(0x3840), PACK(0x3982), PACK(0x3BC4), PACK(0x3A06),
-		PACK(0x3F48), PACK(0x3E8A), PACK(0x3CCC), PACK(0x3D0E),
-		PACK(0x3650), PACK(0x3792), PACK(0x35D4), PACK(0x3416),
-		PACK(0x3158), PACK(0x309A), PACK(0x32DC), PACK(0x331E),
-		PACK(0x2460), PACK(0x25A2), PACK(0x27E4), PACK(0x2626),
-		PACK(0x2368), PACK(0x22AA), PACK(0x20EC), PACK(0x212E),
-		PACK(0x2A70), PACK(0x2BB2), PACK(0x29F4), PACK(0x2836),
-		PACK(0x2D78), PACK(0x2CBA), PACK(0x2EFC), PACK(0x2F3E),
-		PACK(0x7080), PACK(0x7142), PACK(0x7304), PACK(0x72C6),
-		PACK(0x7788), PACK(0x764A), PACK(0x740C), PACK(0x75CE),
-		PACK(0x7E90), PACK(0x7F52), PACK(0x7D14), PACK(0x7CD6),
-		PACK(0x7998), PACK(0x785A), PACK(0x7A1C), PACK(0x7BDE),
-		PACK(0x6CA0), PACK(0x6D62), PACK(0x6F24), PACK(0x6EE6),
-		PACK(0x6BA8), PACK(0x6A6A), PACK(0x682C), PACK(0x69EE),
-		PACK(0x62B0), PACK(0x6372), PACK(0x6134), PACK(0x60F6),
-		PACK(0x65B8), PACK(0x647A), PACK(0x663C), PACK(0x67FE),
-		PACK(0x48C0), PACK(0x4902), PACK(0x4B44), PACK(0x4A86),
-		PACK(0x4FC8), PACK(0x4E0A), PACK(0x4C4C), PACK(0x4D8E),
-		PACK(0x46D0), PACK(0x4712), PACK(0x4554), PACK(0x4496),
-		PACK(0x41D8), PACK(0x401A), PACK(0x425C), PACK(0x439E),
-		PACK(0x54E0), PACK(0x5522), PACK(0x5764), PACK(0x56A6),
-		PACK(0x53E8), PACK(0x522A), PACK(0x506C), PACK(0x51AE),
-		PACK(0x5AF0), PACK(0x5B32), PACK(0x5974), PACK(0x58B6),
-		PACK(0x5DF8), PACK(0x5C3A), PACK(0x5E7C), PACK(0x5FBE),
-		PACK(0xE100), PACK(0xE0C2), PACK(0xE284), PACK(0xE346),
-		PACK(0xE608), PACK(0xE7CA), PACK(0xE58C), PACK(0xE44E),
-		PACK(0xEF10), PACK(0xEED2), PACK(0xEC94), PACK(0xED56),
-		PACK(0xE818), PACK(0xE9DA), PACK(0xEB9C), PACK(0xEA5E),
-		PACK(0xFD20), PACK(0xFCE2), PACK(0xFEA4), PACK(0xFF66),
-		PACK(0xFA28), PACK(0xFBEA), PACK(0xF9AC), PACK(0xF86E),
-		PACK(0xF330), PACK(0xF2F2), PACK(0xF0B4), PACK(0xF176),
-		PACK(0xF438), PACK(0xF5FA), PACK(0xF7BC), PACK(0xF67E),
-		PACK(0xD940), PACK(0xD882), PACK(0xDAC4), PACK(0xDB06),
-		PACK(0xDE48), PACK(0xDF8A), PACK(0xDDCC), PACK(0xDC0E),
-		PACK(0xD750), PACK(0xD692), PACK(0xD4D4), PACK(0xD516),
-		PACK(0xD058), PACK(0xD19A), PACK(0xD3DC), PACK(0xD21E),
-		PACK(0xC560), PACK(0xC4A2), PACK(0xC6E4), PACK(0xC726),
-		PACK(0xC268), PACK(0xC3AA), PACK(0xC1EC), PACK(0xC02E),
-		PACK(0xCB70), PACK(0xCAB2), PACK(0xC8F4), PACK(0xC936),
-		PACK(0xCC78), PACK(0xCDBA), PACK(0xCFFC), PACK(0xCE3E),
-		PACK(0x9180), PACK(0x9042), PACK(0x9204), PACK(0x93C6),
-		PACK(0x9688), PACK(0x974A), PACK(0x950C), PACK(0x94CE),
-		PACK(0x9F90), PACK(0x9E52), PACK(0x9C14), PACK(0x9DD6),
-		PACK(0x9898), PACK(0x995A), PACK(0x9B1C), PACK(0x9ADE),
-		PACK(0x8DA0), PACK(0x8C62), PACK(0x8E24), PACK(0x8FE6),
-		PACK(0x8AA8), PACK(0x8B6A), PACK(0x892C), PACK(0x88EE),
-		PACK(0x83B0), PACK(0x8272), PACK(0x8034), PACK(0x81F6),
-		PACK(0x84B8), PACK(0x857A), PACK(0x873C), PACK(0x86FE),
-		PACK(0xA9C0), PACK(0xA802), PACK(0xAA44), PACK(0xAB86),
-		PACK(0xAEC8), PACK(0xAF0A), PACK(0xAD4C), PACK(0xAC8E),
-		PACK(0xA7D0), PACK(0xA612), PACK(0xA454), PACK(0xA596),
-		PACK(0xA0D8), PACK(0xA11A), PACK(0xA35C), PACK(0xA29E),
-		PACK(0xB5E0), PACK(0xB422), PACK(0xB664), PACK(0xB7A6),
-		PACK(0xB2E8), PACK(0xB32A), PACK(0xB16C), PACK(0xB0AE),
-		PACK(0xBBF0), PACK(0xBA32), PACK(0xB874), PACK(0xB9B6),
-		PACK(0xBCF8), PACK(0xBD3A), PACK(0xBF7C), PACK(0xBEBE) };
-
-	while (1) {
-		Z.hi ^= Htable[n].hi;
-		Z.lo ^= Htable[n].lo;
-
-		if ((u8 *)Xi==xi)	break;
-
-		n = *(--xi);
-
-		rem  = (size_t)Z.lo&0xff;
-		Z.lo = (Z.hi<<56)|(Z.lo>>8);
-		Z.hi = (Z.hi>>8);
-		if (sizeof(size_t)==8)
-			Z.hi ^= rem_8bit[rem];
-		else
-			Z.hi ^= (u64)rem_8bit[rem]<<32;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-		Xi[0] = BSWAP8(Z.hi);
-		Xi[1] = BSWAP8(Z.lo);
-#else
-		u8 *p = (u8 *)Xi;
-		u32 v;
-		v = (u32)(Z.hi>>32);	PUTU32(p,v);
-		v = (u32)(Z.hi);	PUTU32(p+4,v);
-		v = (u32)(Z.lo>>32);	PUTU32(p+8,v);
-		v = (u32)(Z.lo);	PUTU32(p+12,v);
-#endif
-	}
-	else {
-		Xi[0] = Z.hi;
-		Xi[1] = Z.lo;
-	}
-}
-#define GCM_MUL(ctx,Xi)   gcm_gmult_8bit(ctx->Xi.u,ctx->Htable)
-
-#elif	TABLE_BITS==4
-
-static void gcm_init_4bit(u128 Htable[16], u64 H[2])
-{
-	u128 V;
-#if defined(OPENSSL_SMALL_FOOTPRINT)
-	int  i;
-#endif
-
-	Htable[0].hi = 0;
-	Htable[0].lo = 0;
-	V.hi = H[0];
-	V.lo = H[1];
-
-#if defined(OPENSSL_SMALL_FOOTPRINT)
-	for (Htable[8]=V, i=4; i>0; i>>=1) {
-		REDUCE1BIT(V);
-		Htable[i] = V;
-	}
-
-	for (i=2; i<16; i<<=1) {
-		u128 *Hi = Htable+i;
-		int   j;
-		for (V=*Hi, j=1; j<i; ++j) {
-			Hi[j].hi = V.hi^Htable[j].hi;
-			Hi[j].lo = V.lo^Htable[j].lo;
-		}
-	}
-#else
-	Htable[8] = V;
-	REDUCE1BIT(V);
-	Htable[4] = V;
-	REDUCE1BIT(V);
-	Htable[2] = V;
-	REDUCE1BIT(V);
-	Htable[1] = V;
-	Htable[3].hi  = V.hi^Htable[2].hi, Htable[3].lo  = V.lo^Htable[2].lo;
-	V=Htable[4];
-	Htable[5].hi  = V.hi^Htable[1].hi, Htable[5].lo  = V.lo^Htable[1].lo;
-	Htable[6].hi  = V.hi^Htable[2].hi, Htable[6].lo  = V.lo^Htable[2].lo;
-	Htable[7].hi  = V.hi^Htable[3].hi, Htable[7].lo  = V.lo^Htable[3].lo;
-	V=Htable[8];
-	Htable[9].hi  = V.hi^Htable[1].hi, Htable[9].lo  = V.lo^Htable[1].lo;
-	Htable[10].hi = V.hi^Htable[2].hi, Htable[10].lo = V.lo^Htable[2].lo;
-	Htable[11].hi = V.hi^Htable[3].hi, Htable[11].lo = V.lo^Htable[3].lo;
-	Htable[12].hi = V.hi^Htable[4].hi, Htable[12].lo = V.lo^Htable[4].lo;
-	Htable[13].hi = V.hi^Htable[5].hi, Htable[13].lo = V.lo^Htable[5].lo;
-	Htable[14].hi = V.hi^Htable[6].hi, Htable[14].lo = V.lo^Htable[6].lo;
-	Htable[15].hi = V.hi^Htable[7].hi, Htable[15].lo = V.lo^Htable[7].lo;
-#endif
-#if defined(GHASH_ASM) && (defined(__arm__) || defined(__arm))
-	/*
-	 * ARM assembler expects specific dword order in Htable.
-	 */
-	{
-	int j;
-
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-		for (j=0;j<16;++j) {
-			V = Htable[j];
-			Htable[j].hi = V.lo;
-			Htable[j].lo = V.hi;
-		}
-	else
-		for (j=0;j<16;++j) {
-			V = Htable[j];
-			Htable[j].hi = V.lo<<32|V.lo>>32;
-			Htable[j].lo = V.hi<<32|V.hi>>32;
-		}
-	}
-#endif
-}
-
-#ifndef GHASH_ASM
-static const size_t rem_4bit[16] = {
-	PACK(0x0000), PACK(0x1C20), PACK(0x3840), PACK(0x2460),
-	PACK(0x7080), PACK(0x6CA0), PACK(0x48C0), PACK(0x54E0),
-	PACK(0xE100), PACK(0xFD20), PACK(0xD940), PACK(0xC560),
-	PACK(0x9180), PACK(0x8DA0), PACK(0xA9C0), PACK(0xB5E0) };
-
-static void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16])
-{
-	u128 Z;
-	int cnt = 15;
-	size_t rem, nlo, nhi;
-
-	nlo  = ((const u8 *)Xi)[15];
-	nhi  = nlo>>4;
-	nlo &= 0xf;
-
-	Z.hi = Htable[nlo].hi;
-	Z.lo = Htable[nlo].lo;
-
-	while (1) {
-		rem  = (size_t)Z.lo&0xf;
-		Z.lo = (Z.hi<<60)|(Z.lo>>4);
-		Z.hi = (Z.hi>>4);
-		if (sizeof(size_t)==8)
-			Z.hi ^= rem_4bit[rem];
-		else
-			Z.hi ^= (u64)rem_4bit[rem]<<32;
-
-		Z.hi ^= Htable[nhi].hi;
-		Z.lo ^= Htable[nhi].lo;
-
-		if (--cnt<0)		break;
-
-		nlo  = ((const u8 *)Xi)[cnt];
-		nhi  = nlo>>4;
-		nlo &= 0xf;
-
-		rem  = (size_t)Z.lo&0xf;
-		Z.lo = (Z.hi<<60)|(Z.lo>>4);
-		Z.hi = (Z.hi>>4);
-		if (sizeof(size_t)==8)
-			Z.hi ^= rem_4bit[rem];
-		else
-			Z.hi ^= (u64)rem_4bit[rem]<<32;
-
-		Z.hi ^= Htable[nlo].hi;
-		Z.lo ^= Htable[nlo].lo;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-		Xi[0] = BSWAP8(Z.hi);
-		Xi[1] = BSWAP8(Z.lo);
-#else
-		u8 *p = (u8 *)Xi;
-		u32 v;
-		v = (u32)(Z.hi>>32);	PUTU32(p,v);
-		v = (u32)(Z.hi);	PUTU32(p+4,v);
-		v = (u32)(Z.lo>>32);	PUTU32(p+8,v);
-		v = (u32)(Z.lo);	PUTU32(p+12,v);
-#endif
-	}
-	else {
-		Xi[0] = Z.hi;
-		Xi[1] = Z.lo;
-	}
-}
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-/*
- * Streamed gcm_mult_4bit, see CRYPTO_gcm128_[en|de]crypt for
- * details... Compiler-generated code doesn't seem to give any
- * performance improvement, at least not on x86[_64]. It's here
- * mostly as reference and a placeholder for possible future
- * non-trivial optimization[s]...
- */
-static void gcm_ghash_4bit(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)
-{
-    u128 Z;
-    int cnt;
-    size_t rem, nlo, nhi;
-
-#if 1
-    do {
-	cnt  = 15;
-	nlo  = ((const u8 *)Xi)[15];
-	nlo ^= inp[15];
-	nhi  = nlo>>4;
-	nlo &= 0xf;
-
-	Z.hi = Htable[nlo].hi;
-	Z.lo = Htable[nlo].lo;
-
-	while (1) {
-		rem  = (size_t)Z.lo&0xf;
-		Z.lo = (Z.hi<<60)|(Z.lo>>4);
-		Z.hi = (Z.hi>>4);
-		if (sizeof(size_t)==8)
-			Z.hi ^= rem_4bit[rem];
-		else
-			Z.hi ^= (u64)rem_4bit[rem]<<32;
-
-		Z.hi ^= Htable[nhi].hi;
-		Z.lo ^= Htable[nhi].lo;
-
-		if (--cnt<0)		break;
-
-		nlo  = ((const u8 *)Xi)[cnt];
-		nlo ^= inp[cnt];
-		nhi  = nlo>>4;
-		nlo &= 0xf;
-
-		rem  = (size_t)Z.lo&0xf;
-		Z.lo = (Z.hi<<60)|(Z.lo>>4);
-		Z.hi = (Z.hi>>4);
-		if (sizeof(size_t)==8)
-			Z.hi ^= rem_4bit[rem];
-		else
-			Z.hi ^= (u64)rem_4bit[rem]<<32;
-
-		Z.hi ^= Htable[nlo].hi;
-		Z.lo ^= Htable[nlo].lo;
-	}
-#else
-    /*
-     * Extra 256+16 bytes per-key plus 512 bytes shared tables
-     * [should] give ~50% improvement... One could have PACK()-ed
-     * the rem_8bit even here, but the priority is to minimize
-     * cache footprint...
-     */ 
-    u128 Hshr4[16];	/* Htable shifted right by 4 bits */
-    u8   Hshl4[16];	/* Htable shifted left  by 4 bits */
-    static const unsigned short rem_8bit[256] = {
-	0x0000, 0x01C2, 0x0384, 0x0246, 0x0708, 0x06CA, 0x048C, 0x054E,
-	0x0E10, 0x0FD2, 0x0D94, 0x0C56, 0x0918, 0x08DA, 0x0A9C, 0x0B5E,
-	0x1C20, 0x1DE2, 0x1FA4, 0x1E66, 0x1B28, 0x1AEA, 0x18AC, 0x196E,
-	0x1230, 0x13F2, 0x11B4, 0x1076, 0x1538, 0x14FA, 0x16BC, 0x177E,
-	0x3840, 0x3982, 0x3BC4, 0x3A06, 0x3F48, 0x3E8A, 0x3CCC, 0x3D0E,
-	0x3650, 0x3792, 0x35D4, 0x3416, 0x3158, 0x309A, 0x32DC, 0x331E,
-	0x2460, 0x25A2, 0x27E4, 0x2626, 0x2368, 0x22AA, 0x20EC, 0x212E,
-	0x2A70, 0x2BB2, 0x29F4, 0x2836, 0x2D78, 0x2CBA, 0x2EFC, 0x2F3E,
-	0x7080, 0x7142, 0x7304, 0x72C6, 0x7788, 0x764A, 0x740C, 0x75CE,
-	0x7E90, 0x7F52, 0x7D14, 0x7CD6, 0x7998, 0x785A, 0x7A1C, 0x7BDE,
-	0x6CA0, 0x6D62, 0x6F24, 0x6EE6, 0x6BA8, 0x6A6A, 0x682C, 0x69EE,
-	0x62B0, 0x6372, 0x6134, 0x60F6, 0x65B8, 0x647A, 0x663C, 0x67FE,
-	0x48C0, 0x4902, 0x4B44, 0x4A86, 0x4FC8, 0x4E0A, 0x4C4C, 0x4D8E,
-	0x46D0, 0x4712, 0x4554, 0x4496, 0x41D8, 0x401A, 0x425C, 0x439E,
-	0x54E0, 0x5522, 0x5764, 0x56A6, 0x53E8, 0x522A, 0x506C, 0x51AE,
-	0x5AF0, 0x5B32, 0x5974, 0x58B6, 0x5DF8, 0x5C3A, 0x5E7C, 0x5FBE,
-	0xE100, 0xE0C2, 0xE284, 0xE346, 0xE608, 0xE7CA, 0xE58C, 0xE44E,
-	0xEF10, 0xEED2, 0xEC94, 0xED56, 0xE818, 0xE9DA, 0xEB9C, 0xEA5E,
-	0xFD20, 0xFCE2, 0xFEA4, 0xFF66, 0xFA28, 0xFBEA, 0xF9AC, 0xF86E,
-	0xF330, 0xF2F2, 0xF0B4, 0xF176, 0xF438, 0xF5FA, 0xF7BC, 0xF67E,
-	0xD940, 0xD882, 0xDAC4, 0xDB06, 0xDE48, 0xDF8A, 0xDDCC, 0xDC0E,
-	0xD750, 0xD692, 0xD4D4, 0xD516, 0xD058, 0xD19A, 0xD3DC, 0xD21E,
-	0xC560, 0xC4A2, 0xC6E4, 0xC726, 0xC268, 0xC3AA, 0xC1EC, 0xC02E,
-	0xCB70, 0xCAB2, 0xC8F4, 0xC936, 0xCC78, 0xCDBA, 0xCFFC, 0xCE3E,
-	0x9180, 0x9042, 0x9204, 0x93C6, 0x9688, 0x974A, 0x950C, 0x94CE,
-	0x9F90, 0x9E52, 0x9C14, 0x9DD6, 0x9898, 0x995A, 0x9B1C, 0x9ADE,
-	0x8DA0, 0x8C62, 0x8E24, 0x8FE6, 0x8AA8, 0x8B6A, 0x892C, 0x88EE,
-	0x83B0, 0x8272, 0x8034, 0x81F6, 0x84B8, 0x857A, 0x873C, 0x86FE,
-	0xA9C0, 0xA802, 0xAA44, 0xAB86, 0xAEC8, 0xAF0A, 0xAD4C, 0xAC8E,
-	0xA7D0, 0xA612, 0xA454, 0xA596, 0xA0D8, 0xA11A, 0xA35C, 0xA29E,
-	0xB5E0, 0xB422, 0xB664, 0xB7A6, 0xB2E8, 0xB32A, 0xB16C, 0xB0AE,
-	0xBBF0, 0xBA32, 0xB874, 0xB9B6, 0xBCF8, 0xBD3A, 0xBF7C, 0xBEBE };
-    /*
-     * This pre-processing phase slows down procedure by approximately
-     * same time as it makes each loop spin faster. In other words
-     * single block performance is approximately same as straightforward
-     * "4-bit" implementation, and then it goes only faster...
-     */
-    for (cnt=0; cnt<16; ++cnt) {
-	Z.hi = Htable[cnt].hi;
-	Z.lo = Htable[cnt].lo;
-	Hshr4[cnt].lo = (Z.hi<<60)|(Z.lo>>4);
-	Hshr4[cnt].hi = (Z.hi>>4);
-	Hshl4[cnt]    = (u8)(Z.lo<<4);
-    }
-
-    do {
-	for (Z.lo=0, Z.hi=0, cnt=15; cnt; --cnt) {
-		nlo  = ((const u8 *)Xi)[cnt];
-		nlo ^= inp[cnt];
-		nhi  = nlo>>4;
-		nlo &= 0xf;
-
-		Z.hi ^= Htable[nlo].hi;
-		Z.lo ^= Htable[nlo].lo;
-
-		rem = (size_t)Z.lo&0xff;
-
-		Z.lo = (Z.hi<<56)|(Z.lo>>8);
-		Z.hi = (Z.hi>>8);
-
-		Z.hi ^= Hshr4[nhi].hi;
-		Z.lo ^= Hshr4[nhi].lo;
-		Z.hi ^= (u64)rem_8bit[rem^Hshl4[nhi]]<<48;
-	}
-
-	nlo  = ((const u8 *)Xi)[0];
-	nlo ^= inp[0];
-	nhi  = nlo>>4;
-	nlo &= 0xf;
-
-	Z.hi ^= Htable[nlo].hi;
-	Z.lo ^= Htable[nlo].lo;
-
-	rem = (size_t)Z.lo&0xf;
-
-	Z.lo = (Z.hi<<60)|(Z.lo>>4);
-	Z.hi = (Z.hi>>4);
-
-	Z.hi ^= Htable[nhi].hi;
-	Z.lo ^= Htable[nhi].lo;
-	Z.hi ^= ((u64)rem_8bit[rem<<4])<<48;
-#endif
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-		Xi[0] = BSWAP8(Z.hi);
-		Xi[1] = BSWAP8(Z.lo);
-#else
-		u8 *p = (u8 *)Xi;
-		u32 v;
-		v = (u32)(Z.hi>>32);	PUTU32(p,v);
-		v = (u32)(Z.hi);	PUTU32(p+4,v);
-		v = (u32)(Z.lo>>32);	PUTU32(p+8,v);
-		v = (u32)(Z.lo);	PUTU32(p+12,v);
-#endif
-	}
-	else {
-		Xi[0] = Z.hi;
-		Xi[1] = Z.lo;
-	}
-    } while (inp+=16, len-=16);
-}
-#endif
-#else
-void gcm_gmult_4bit(u64 Xi[2],const u128 Htable[16]);
-void gcm_ghash_4bit(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-#endif
-
-#define GCM_MUL(ctx,Xi)   gcm_gmult_4bit(ctx->Xi.u,ctx->Htable)
-#if defined(GHASH_ASM) || !defined(OPENSSL_SMALL_FOOTPRINT)
-#define GHASH(ctx,in,len) gcm_ghash_4bit((ctx)->Xi.u,(ctx)->Htable,in,len)
-/* GHASH_CHUNK is "stride parameter" missioned to mitigate cache
- * trashing effect. In other words idea is to hash data while it's
- * still in L1 cache after encryption pass... */
-#define GHASH_CHUNK       (3*1024)
-#endif
-
-#else	/* TABLE_BITS */
-
-static void gcm_gmult_1bit(u64 Xi[2],const u64 H[2])
-{
-	u128 V,Z = { 0,0 };
-	long X;
-	int  i,j;
-	const long *xi = (const long *)Xi;
-
-	V.hi = H[0];	/* H is in host byte order, no byte swapping */
-	V.lo = H[1];
-
-	for (j=0; j<16/sizeof(long); ++j) {
-		if (BYTE_ORDER == LITTLE_ENDIAN) {
-			if (sizeof(long)==8) {
-#ifdef BSWAP8
-				X = (long)(BSWAP8(xi[j]));
-#else
-				const u8 *p = (const u8 *)(xi+j);
-				X = (long)((u64)GETU32(p)<<32|GETU32(p+4));
-#endif
-			}
-			else {
-				const u8 *p = (const u8 *)(xi+j);
-				X = (long)GETU32(p);
-			}
-		}
-		else
-			X = xi[j];
-
-		for (i=0; i<8*sizeof(long); ++i, X<<=1) {
-			u64 M = (u64)(X>>(8*sizeof(long)-1));
-			Z.hi ^= V.hi&M;
-			Z.lo ^= V.lo&M;
-
-			REDUCE1BIT(V);
-		}
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-		Xi[0] = BSWAP8(Z.hi);
-		Xi[1] = BSWAP8(Z.lo);
-#else
-		u8 *p = (u8 *)Xi;
-		u32 v;
-		v = (u32)(Z.hi>>32);	PUTU32(p,v);
-		v = (u32)(Z.hi);	PUTU32(p+4,v);
-		v = (u32)(Z.lo>>32);	PUTU32(p+8,v);
-		v = (u32)(Z.lo);	PUTU32(p+12,v);
-#endif
-	}
-	else {
-		Xi[0] = Z.hi;
-		Xi[1] = Z.lo;
-	}
-}
-#define GCM_MUL(ctx,Xi)	  gcm_gmult_1bit(ctx->Xi.u,ctx->H.u)
-
-#endif
-
-#if	TABLE_BITS==4 && defined(GHASH_ASM)
-# if	!defined(I386_ONLY) && \
-	(defined(__i386)	|| defined(__i386__)	|| \
-	 defined(__x86_64)	|| defined(__x86_64__)	|| \
-	 defined(_M_IX86)	|| defined(_M_AMD64)	|| defined(_M_X64))
-#  define GHASH_ASM_X86_OR_64
-#  define GCM_FUNCREF_4BIT
-extern unsigned int OPENSSL_ia32cap_P[2];
-
-void gcm_init_clmul(u128 Htable[16],const u64 Xi[2]);
-void gcm_gmult_clmul(u64 Xi[2],const u128 Htable[16]);
-void gcm_ghash_clmul(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-
-#  if	defined(__i386) || defined(__i386__) || defined(_M_IX86)
-#   define GHASH_ASM_X86
-void gcm_gmult_4bit_mmx(u64 Xi[2],const u128 Htable[16]);
-void gcm_ghash_4bit_mmx(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-
-void gcm_gmult_4bit_x86(u64 Xi[2],const u128 Htable[16]);
-void gcm_ghash_4bit_x86(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-#  endif
-# elif defined(__arm__) || defined(__arm)
-#  include "arm_arch.h"
-#  if __ARM_ARCH__>=7
-#   define GHASH_ASM_ARM
-#   define GCM_FUNCREF_4BIT
-void gcm_gmult_neon(u64 Xi[2],const u128 Htable[16]);
-void gcm_ghash_neon(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-#  endif
-# endif
-#endif
-
-#ifdef GCM_FUNCREF_4BIT
-# undef  GCM_MUL
-# define GCM_MUL(ctx,Xi)	(*gcm_gmult_p)(ctx->Xi.u,ctx->Htable)
-# ifdef GHASH
-#  undef  GHASH
-#  define GHASH(ctx,in,len)	(*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len)
-# endif
-#endif
-
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block)
-{
-	memset(ctx,0,sizeof(*ctx));
-	ctx->block = block;
-	ctx->key   = key;
-
-	(*block)(ctx->H.c,ctx->H.c,key);
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-		/* H is stored in host byte order */
-#ifdef BSWAP8
-		ctx->H.u[0] = BSWAP8(ctx->H.u[0]);
-		ctx->H.u[1] = BSWAP8(ctx->H.u[1]);
-#else
-		u8 *p = ctx->H.c;
-		u64 hi,lo;
-		hi = (u64)GETU32(p)  <<32|GETU32(p+4);
-		lo = (u64)GETU32(p+8)<<32|GETU32(p+12);
-		ctx->H.u[0] = hi;
-		ctx->H.u[1] = lo;
-#endif
-	}
-
-#if	TABLE_BITS==8
-	gcm_init_8bit(ctx->Htable,ctx->H.u);
-#elif	TABLE_BITS==4
-# if	defined(GHASH_ASM_X86_OR_64)
-#  if	!defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2)
-	if (OPENSSL_ia32cap_P[0]&(1<<24) &&	/* check FXSR bit */
-	    OPENSSL_ia32cap_P[1]&(1<<1) ) {	/* check PCLMULQDQ bit */
-		gcm_init_clmul(ctx->Htable,ctx->H.u);
-		ctx->gmult = gcm_gmult_clmul;
-		ctx->ghash = gcm_ghash_clmul;
-		return;
-	}
-#  endif
-	gcm_init_4bit(ctx->Htable,ctx->H.u);
-#  if	defined(GHASH_ASM_X86)			/* x86 only */
-#   if	defined(OPENSSL_IA32_SSE2)
-	if (OPENSSL_ia32cap_P[0]&(1<<25)) {	/* check SSE bit */
-#   else
-	if (OPENSSL_ia32cap_P[0]&(1<<23)) {	/* check MMX bit */
-#   endif
-		ctx->gmult = gcm_gmult_4bit_mmx;
-		ctx->ghash = gcm_ghash_4bit_mmx;
-	} else {
-		ctx->gmult = gcm_gmult_4bit_x86;
-		ctx->ghash = gcm_ghash_4bit_x86;
-	}
-#  else
-	ctx->gmult = gcm_gmult_4bit;
-	ctx->ghash = gcm_ghash_4bit;
-#  endif
-# elif	defined(GHASH_ASM_ARM)
-	if (OPENSSL_armcap_P & ARMV7_NEON) {
-		ctx->gmult = gcm_gmult_neon;
-		ctx->ghash = gcm_ghash_neon;
-	} else {
-		gcm_init_4bit(ctx->Htable,ctx->H.u);
-		ctx->gmult = gcm_gmult_4bit;
-		ctx->ghash = gcm_ghash_4bit;
-	}
-# else
-	gcm_init_4bit(ctx->Htable,ctx->H.u);
-# endif
-#endif
-}
-
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx,const unsigned char *iv,size_t len)
-{
-	unsigned int ctr;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-#endif
-
-	ctx->Yi.u[0]  = 0;
-	ctx->Yi.u[1]  = 0;
-	ctx->Xi.u[0]  = 0;
-	ctx->Xi.u[1]  = 0;
-	ctx->len.u[0] = 0;	/* AAD length */
-	ctx->len.u[1] = 0;	/* message length */
-	ctx->ares = 0;
-	ctx->mres = 0;
-
-	if (len==12) {
-		memcpy(ctx->Yi.c,iv,12);
-		ctx->Yi.c[15]=1;
-		ctr=1;
-	}
-	else {
-		size_t i;
-		u64 len0 = len;
-
-		while (len>=16) {
-			for (i=0; i<16; ++i) ctx->Yi.c[i] ^= iv[i];
-			GCM_MUL(ctx,Yi);
-			iv += 16;
-			len -= 16;
-		}
-		if (len) {
-			for (i=0; i<len; ++i) ctx->Yi.c[i] ^= iv[i];
-			GCM_MUL(ctx,Yi);
-		}
-		len0 <<= 3;
-		if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-			ctx->Yi.u[1]  ^= BSWAP8(len0);
-#else
-			ctx->Yi.c[8]  ^= (u8)(len0>>56);
-			ctx->Yi.c[9]  ^= (u8)(len0>>48);
-			ctx->Yi.c[10] ^= (u8)(len0>>40);
-			ctx->Yi.c[11] ^= (u8)(len0>>32);
-			ctx->Yi.c[12] ^= (u8)(len0>>24);
-			ctx->Yi.c[13] ^= (u8)(len0>>16);
-			ctx->Yi.c[14] ^= (u8)(len0>>8);
-			ctx->Yi.c[15] ^= (u8)(len0);
-#endif
-		}
-		else
-			ctx->Yi.u[1]  ^= len0;
-
-		GCM_MUL(ctx,Yi);
-
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-			ctr = GETU32(ctx->Yi.c+12);
-#endif
-		else
-			ctr = ctx->Yi.d[3];
-	}
-
-	(*ctx->block)(ctx->Yi.c,ctx->EK0.c,ctx->key);
-	++ctr;
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-		ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-		PUTU32(ctx->Yi.c+12,ctr);
-#endif
-	else
-		ctx->Yi.d[3] = ctr;
-}
-
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx,const unsigned char *aad,size_t len)
-{
-	size_t i;
-	unsigned int n;
-	u64 alen = ctx->len.u[0];
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-# ifdef GHASH
-	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)	= ctx->ghash;
-# endif
-#endif
-
-	if (ctx->len.u[1]) return -2;
-
-	alen += len;
-	if (alen>(U64(1)<<61) || (sizeof(len)==8 && alen<len))
-		return -1;
-	ctx->len.u[0] = alen;
-
-	n = ctx->ares;
-	if (n) {
-		while (n && len) {
-			ctx->Xi.c[n] ^= *(aad++);
-			--len;
-			n = (n+1)%16;
-		}
-		if (n==0) GCM_MUL(ctx,Xi);
-		else {
-			ctx->ares = n;
-			return 0;
-		}
-	}
-
-#ifdef GHASH
-	if ((i = (len&(size_t)-16))) {
-		GHASH(ctx,aad,i);
-		aad += i;
-		len -= i;
-	}
-#else
-	while (len>=16) {
-		for (i=0; i<16; ++i) ctx->Xi.c[i] ^= aad[i];
-		GCM_MUL(ctx,Xi);
-		aad += 16;
-		len -= 16;
-	}
-#endif
-	if (len) {
-		n = (unsigned int)len;
-		for (i=0; i<len; ++i) ctx->Xi.c[i] ^= aad[i];
-	}
-
-	ctx->ares = n;
-	return 0;
-}
-
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
-		const unsigned char *in, unsigned char *out,
-		size_t len)
-{
-	unsigned int n, ctr;
-	size_t i;
-	u64        mlen  = ctx->len.u[1];
-	block128_f block = ctx->block;
-	void      *key   = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-# ifdef GHASH
-	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)	= ctx->ghash;
-# endif
-#endif
-
-	mlen += len;
-	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
-		return -1;
-	ctx->len.u[1] = mlen;
-
-	if (ctx->ares) {
-		/* First call to encrypt finalizes GHASH(AAD) */
-		GCM_MUL(ctx,Xi);
-		ctx->ares = 0;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-		ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-		ctr = GETU32(ctx->Yi.c+12);
-#endif
-	else
-		ctr = ctx->Yi.d[3];
-
-	n = ctx->mres;
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do {	/* always true actually */
-		if (n) {
-			while (n && len) {
-				ctx->Xi.c[n] ^= *(out++) = *(in++)^ctx->EKi.c[n];
-				--len;
-				n = (n+1)%16;
-			}
-			if (n==0) GCM_MUL(ctx,Xi);
-			else {
-				ctx->mres = n;
-				return 0;
-			}
-		}
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out)%sizeof(size_t) != 0)
-			break;
-#endif
-#if defined(GHASH) && defined(GHASH_CHUNK)
-		while (len>=GHASH_CHUNK) {
-		    size_t j=GHASH_CHUNK;
-
-		    while (j) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i)
-				out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-			out += 16;
-			in  += 16;
-			j   -= 16;
-		    }
-		    GHASH(ctx,out-GHASH_CHUNK,GHASH_CHUNK);
-		    len -= GHASH_CHUNK;
-		}
-		if ((i = (len&(size_t)-16))) {
-		    size_t j=i;
-
-		    while (len>=16) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i)
-				out_t[i] = in_t[i] ^ ctx->EKi.t[i];
-			out += 16;
-			in  += 16;
-			len -= 16;
-		    }
-		    GHASH(ctx,out-j,j);
-		}
-#else
-		while (len>=16) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i)
-				ctx->Xi.t[i] ^=
-				out_t[i] = in_t[i]^ctx->EKi.t[i];
-			GCM_MUL(ctx,Xi);
-			out += 16;
-			in  += 16;
-			len -= 16;
-		}
-#endif
-		if (len) {
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			while (len--) {
-				ctx->Xi.c[n] ^= out[n] = in[n]^ctx->EKi.c[n];
-				++n;
-			}
-		}
-
-		ctx->mres = n;
-		return 0;
-	} while(0);
-#endif
-	for (i=0;i<len;++i) {
-		if (n==0) {
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-		}
-		ctx->Xi.c[n] ^= out[i] = in[i]^ctx->EKi.c[n];
-		n = (n+1)%16;
-		if (n==0)
-			GCM_MUL(ctx,Xi);
-	}
-
-	ctx->mres = n;
-	return 0;
-}
-
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
-		const unsigned char *in, unsigned char *out,
-		size_t len)
-{
-	unsigned int n, ctr;
-	size_t i;
-	u64        mlen  = ctx->len.u[1];
-	block128_f block = ctx->block;
-	void      *key   = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-# ifdef GHASH
-	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)	= ctx->ghash;
-# endif
-#endif
-
-	mlen += len;
-	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
-		return -1;
-	ctx->len.u[1] = mlen;
-
-	if (ctx->ares) {
-		/* First call to decrypt finalizes GHASH(AAD) */
-		GCM_MUL(ctx,Xi);
-		ctx->ares = 0;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-		ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-		ctr = GETU32(ctx->Yi.c+12);
-#endif
-	else
-		ctr = ctx->Yi.d[3];
-
-	n = ctx->mres;
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do {	/* always true actually */
-		if (n) {
-			while (n && len) {
-				u8 c = *(in++);
-				*(out++) = c^ctx->EKi.c[n];
-				ctx->Xi.c[n] ^= c;
-				--len;
-				n = (n+1)%16;
-			}
-			if (n==0) GCM_MUL (ctx,Xi);
-			else {
-				ctx->mres = n;
-				return 0;
-			}
-		}
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out)%sizeof(size_t) != 0)
-			break;
-#endif
-#if defined(GHASH) && defined(GHASH_CHUNK)
-		while (len>=GHASH_CHUNK) {
-		    size_t j=GHASH_CHUNK;
-
-		    GHASH(ctx,in,GHASH_CHUNK);
-		    while (j) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i)
-				out_t[i] = in_t[i]^ctx->EKi.t[i];
-			out += 16;
-			in  += 16;
-			j   -= 16;
-		    }
-		    len -= GHASH_CHUNK;
-		}
-		if ((i = (len&(size_t)-16))) {
-		    GHASH(ctx,in,i);
-		    while (len>=16) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i)
-				out_t[i] = in_t[i]^ctx->EKi.t[i];
-			out += 16;
-			in  += 16;
-			len -= 16;
-		    }
-		}
-#else
-		while (len>=16) {
-		    	size_t *out_t=(size_t *)out;
-		    	const size_t *in_t=(const size_t *)in;
-
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			for (i=0; i<16/sizeof(size_t); ++i) {
-				size_t c = in[i];
-				out[i] = c^ctx->EKi.t[i];
-				ctx->Xi.t[i] ^= c;
-			}
-			GCM_MUL(ctx,Xi);
-			out += 16;
-			in  += 16;
-			len -= 16;
-		}
-#endif
-		if (len) {
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-			while (len--) {
-				u8 c = in[n];
-				ctx->Xi.c[n] ^= c;
-				out[n] = c^ctx->EKi.c[n];
-				++n;
-			}
-		}
-
-		ctx->mres = n;
-		return 0;
-	} while(0);
-#endif
-	for (i=0;i<len;++i) {
-		u8 c;
-		if (n==0) {
-			(*block)(ctx->Yi.c,ctx->EKi.c,key);
-			++ctr;
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-				ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-				PUTU32(ctx->Yi.c+12,ctr);
-#endif
-			else
-				ctx->Yi.d[3] = ctr;
-		}
-		c = in[i];
-		out[i] = c^ctx->EKi.c[n];
-		ctx->Xi.c[n] ^= c;
-		n = (n+1)%16;
-		if (n==0)
-			GCM_MUL(ctx,Xi);
-	}
-
-	ctx->mres = n;
-	return 0;
-}
-
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
-		const unsigned char *in, unsigned char *out,
-		size_t len, ctr128_f stream)
-{
-	unsigned int n, ctr;
-	size_t i;
-	u64   mlen = ctx->len.u[1];
-	void *key  = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-# ifdef GHASH
-	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)	= ctx->ghash;
-# endif
-#endif
-
-	mlen += len;
-	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
-		return -1;
-	ctx->len.u[1] = mlen;
-
-	if (ctx->ares) {
-		/* First call to encrypt finalizes GHASH(AAD) */
-		GCM_MUL(ctx,Xi);
-		ctx->ares = 0;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-		ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-		ctr = GETU32(ctx->Yi.c+12);
-#endif
-	else
-		ctr = ctx->Yi.d[3];
-
-	n = ctx->mres;
-	if (n) {
-		while (n && len) {
-			ctx->Xi.c[n] ^= *(out++) = *(in++)^ctx->EKi.c[n];
-			--len;
-			n = (n+1)%16;
-		}
-		if (n==0) GCM_MUL(ctx,Xi);
-		else {
-			ctx->mres = n;
-			return 0;
-		}
-	}
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
-	while (len>=GHASH_CHUNK) {
-		(*stream)(in,out,GHASH_CHUNK/16,key,ctx->Yi.c);
-		ctr += GHASH_CHUNK/16;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		GHASH(ctx,out,GHASH_CHUNK);
-		out += GHASH_CHUNK;
-		in  += GHASH_CHUNK;
-		len -= GHASH_CHUNK;
-	}
-#endif
-	if ((i = (len&(size_t)-16))) {
-		size_t j=i/16;
-
-		(*stream)(in,out,j,key,ctx->Yi.c);
-		ctr += (unsigned int)j;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		in  += i;
-		len -= i;
-#if defined(GHASH)
-		GHASH(ctx,out,i);
-		out += i;
-#else
-		while (j--) {
-			for (i=0;i<16;++i) ctx->Xi.c[i] ^= out[i];
-			GCM_MUL(ctx,Xi);
-			out += 16;
-		}
-#endif
-	}
-	if (len) {
-		(*ctx->block)(ctx->Yi.c,ctx->EKi.c,key);
-		++ctr;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		while (len--) {
-			ctx->Xi.c[n] ^= out[n] = in[n]^ctx->EKi.c[n];
-			++n;
-		}
-	}
-
-	ctx->mres = n;
-	return 0;
-}
-
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
-		const unsigned char *in, unsigned char *out,
-		size_t len,ctr128_f stream)
-{
-	unsigned int n, ctr;
-	size_t i;
-	u64   mlen = ctx->len.u[1];
-	void *key  = ctx->key;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-# ifdef GHASH
-	void (*gcm_ghash_p)(u64 Xi[2],const u128 Htable[16],
-				const u8 *inp,size_t len)	= ctx->ghash;
-# endif
-#endif
-
-	mlen += len;
-	if (mlen>((U64(1)<<36)-32) || (sizeof(len)==8 && mlen<len))
-		return -1;
-	ctx->len.u[1] = mlen;
-
-	if (ctx->ares) {
-		/* First call to decrypt finalizes GHASH(AAD) */
-		GCM_MUL(ctx,Xi);
-		ctx->ares = 0;
-	}
-
-	if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-		ctr = BSWAP4(ctx->Yi.d[3]);
-#else
-		ctr = GETU32(ctx->Yi.c+12);
-#endif
-	else
-		ctr = ctx->Yi.d[3];
-
-	n = ctx->mres;
-	if (n) {
-		while (n && len) {
-			u8 c = *(in++);
-			*(out++) = c^ctx->EKi.c[n];
-			ctx->Xi.c[n] ^= c;
-			--len;
-			n = (n+1)%16;
-		}
-		if (n==0) GCM_MUL (ctx,Xi);
-		else {
-			ctx->mres = n;
-			return 0;
-		}
-	}
-#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
-	while (len>=GHASH_CHUNK) {
-		GHASH(ctx,in,GHASH_CHUNK);
-		(*stream)(in,out,GHASH_CHUNK/16,key,ctx->Yi.c);
-		ctr += GHASH_CHUNK/16;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		out += GHASH_CHUNK;
-		in  += GHASH_CHUNK;
-		len -= GHASH_CHUNK;
-	}
-#endif
-	if ((i = (len&(size_t)-16))) {
-		size_t j=i/16;
-
-#if defined(GHASH)
-		GHASH(ctx,in,i);
-#else
-		while (j--) {
-			size_t k;
-			for (k=0;k<16;++k) ctx->Xi.c[k] ^= in[k];
-			GCM_MUL(ctx,Xi);
-			in += 16;
-		}
-		j   = i/16;
-		in -= i;
-#endif
-		(*stream)(in,out,j,key,ctx->Yi.c);
-		ctr += (unsigned int)j;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		out += i;
-		in  += i;
-		len -= i;
-	}
-	if (len) {
-		(*ctx->block)(ctx->Yi.c,ctx->EKi.c,key);
-		++ctr;
-		if (BYTE_ORDER == LITTLE_ENDIAN)
-#ifdef BSWAP4
-			ctx->Yi.d[3] = BSWAP4(ctr);
-#else
-			PUTU32(ctx->Yi.c+12,ctr);
-#endif
-		else
-			ctx->Yi.d[3] = ctr;
-		while (len--) {
-			u8 c = in[n];
-			ctx->Xi.c[n] ^= c;
-			out[n] = c^ctx->EKi.c[n];
-			++n;
-		}
-	}
-
-	ctx->mres = n;
-	return 0;
-}
-
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
-			size_t len)
-{
-	u64 alen = ctx->len.u[0]<<3;
-	u64 clen = ctx->len.u[1]<<3;
-#ifdef GCM_FUNCREF_4BIT
-	void (*gcm_gmult_p)(u64 Xi[2],const u128 Htable[16])	= ctx->gmult;
-#endif
-
-	if (ctx->mres || ctx->ares)
-		GCM_MUL(ctx,Xi);
-
-	if (BYTE_ORDER == LITTLE_ENDIAN) {
-#ifdef BSWAP8
-		alen = BSWAP8(alen);
-		clen = BSWAP8(clen);
-#else
-		u8 *p = ctx->len.c;
-
-		ctx->len.u[0] = alen;
-		ctx->len.u[1] = clen;
-
-		alen = (u64)GETU32(p)  <<32|GETU32(p+4);
-		clen = (u64)GETU32(p+8)<<32|GETU32(p+12);
-#endif
-	}
-
-	ctx->Xi.u[0] ^= alen;
-	ctx->Xi.u[1] ^= clen;
-	GCM_MUL(ctx,Xi);
-
-	ctx->Xi.u[0] ^= ctx->EK0.u[0];
-	ctx->Xi.u[1] ^= ctx->EK0.u[1];
-
-	if (tag && len<=sizeof(ctx->Xi))
-		return memcmp(ctx->Xi.c,tag,len);
-	else
-		return -1;
-}
-
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
-{
-	CRYPTO_gcm128_finish(ctx, NULL, 0);
-	memcpy(tag, ctx->Xi.c, len<=sizeof(ctx->Xi.c)?len:sizeof(ctx->Xi.c));
-}
-
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block)
-{
-	GCM128_CONTEXT *ret;
-
-	if ((ret = malloc(sizeof(GCM128_CONTEXT))))
-		CRYPTO_gcm128_init(ret,key,block);
-
-	return ret;
-}
-
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx)
-{
-	if (ctx) {
-		explicit_bzero(ctx,sizeof(*ctx));
-		free(ctx);
-	}
-}
diff --git a/lib/libssl/src/crypto/modes/modes.h b/lib/libssl/src/crypto/modes/modes.h
deleted file mode 100644
index a532cb3f412..00000000000
--- a/lib/libssl/src/crypto/modes/modes.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/* $OpenBSD: modes.h,v 1.2 2014/06/12 15:49:30 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
- *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
- */
-
-#include <stddef.h>
-
-typedef void (*block128_f)(const unsigned char in[16],
-			unsigned char out[16],
-			const void *key);
-
-typedef void (*cbc128_f)(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], int enc);
-
-typedef void (*ctr128_f)(const unsigned char *in, unsigned char *out,
-			size_t blocks, const void *key,
-			const unsigned char ivec[16]);
-
-typedef void (*ccm128_f)(const unsigned char *in, unsigned char *out,
-			size_t blocks, const void *key,
-			const unsigned char ivec[16],unsigned char cmac[16]);
-
-void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-
-void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], unsigned char ecount_buf[16],
-			unsigned int *num, block128_f block);
-
-void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], unsigned char ecount_buf[16],
-			unsigned int *num, ctr128_f ctr);
-
-void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], int *num,
-			block128_f block);
-
-void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block);
-void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
-			size_t length, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block);
-void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
-			size_t bits, const void *key,
-			unsigned char ivec[16], int *num,
-			int enc, block128_f block);
-
-size_t CRYPTO_cts128_encrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_cts128_decrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc);
-
-size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc);
-size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], block128_f block);
-size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], cbc128_f cbc);
-
-typedef struct gcm128_context GCM128_CONTEXT;
-
-GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
-void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx,void *key,block128_f block);
-void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
-			size_t len);
-int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
-			size_t len);
-int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
-			const unsigned char *in, unsigned char *out,
-			size_t len);
-int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
-			const unsigned char *in, unsigned char *out,
-			size_t len);
-int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
-			const unsigned char *in, unsigned char *out,
-			size_t len, ctr128_f stream);
-int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
-			const unsigned char *in, unsigned char *out,
-			size_t len, ctr128_f stream);
-int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx,const unsigned char *tag,
-			size_t len);
-void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
-
-typedef struct ccm128_context CCM128_CONTEXT;
-
-void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
-	unsigned int M, unsigned int L, void *key,block128_f block);
-int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
-	const unsigned char *nonce, size_t nlen, size_t mlen);
-void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
-	const unsigned char *aad, size_t alen);
-int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out, size_t len);
-int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out, size_t len);
-int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out, size_t len,
-	ccm128_f stream);
-int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
-	const unsigned char *inp, unsigned char *out, size_t len,
-	ccm128_f stream);
-size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
-
-typedef struct xts128_context XTS128_CONTEXT;
-
-int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
-	const unsigned char *inp, unsigned char *out, size_t len, int enc);
diff --git a/lib/libssl/src/crypto/modes/modes_lcl.h b/lib/libssl/src/crypto/modes/modes_lcl.h
deleted file mode 100644
index 8e43e480fc1..00000000000
--- a/lib/libssl/src/crypto/modes/modes_lcl.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* $OpenBSD: modes_lcl.h,v 1.8 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use is governed by OpenSSL license.
- * ====================================================================
- */
-
-#include <machine/endian.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/modes.h>
-
-#if defined(_LP64)
-typedef long i64;
-typedef unsigned long u64;
-#define U64(C) C##UL
-#else
-typedef long long i64;
-typedef unsigned long long u64;
-#define U64(C) C##ULL
-#endif
-
-typedef unsigned int u32;
-typedef unsigned char u8;
-
-#if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-#if defined(__GNUC__) && __GNUC__>=2
-# if defined(__x86_64) || defined(__x86_64__)
-#  define BSWAP8(x) ({	u64 ret=(x);			\
-			asm ("bswapq %0"		\
-			: "+r"(ret));	ret;		})
-#  define BSWAP4(x) ({	u32 ret=(x);			\
-			asm ("bswapl %0"		\
-			: "+r"(ret));	ret;		})
-# elif (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)
-#  define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
-			asm ("bswapl %0; bswapl %1"	\
-			: "+r"(hi),"+r"(lo));		\
-			(u64)hi<<32|lo;			})
-#  define BSWAP4(x) ({	u32 ret=(x);			\
-			asm ("bswapl %0"		\
-			: "+r"(ret));	ret;		})
-# elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
-#  define BSWAP8(x) ({	u32 lo=(u64)(x)>>32,hi=(x);	\
-			asm ("rev %0,%0; rev %1,%1"	\
-			: "+r"(hi),"+r"(lo));		\
-			(u64)hi<<32|lo;			})
-#  define BSWAP4(x) ({	u32 ret;			\
-			asm ("rev %0,%1"		\
-			: "=r"(ret) : "r"((u32)(x)));	\
-			ret;				})
-# endif
-#endif
-#endif
-
-#if defined(BSWAP4) && !defined(__STRICT_ALIGNMENT)
-#define GETU32(p)	BSWAP4(*(const u32 *)(p))
-#define PUTU32(p,v)	*(u32 *)(p) = BSWAP4(v)
-#else
-#define GETU32(p)	((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
-#define PUTU32(p,v)	((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
-#endif
-
-/* GCM definitions */
-
-typedef struct { u64 hi,lo; } u128;
-
-#ifdef	TABLE_BITS
-#undef	TABLE_BITS
-#endif
-/*
- * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
- * never be set to 8 [or 1]. For further information see gcm128.c.
- */
-#define	TABLE_BITS 4
-
-struct gcm128_context {
-	/* Following 6 names follow names in GCM specification */
-	union { u64 u[2]; u32 d[4]; u8 c[16]; size_t t[16/sizeof(size_t)]; }
-	  Yi,EKi,EK0,len,Xi,H;
-	/* Relative position of Xi, H and pre-computed Htable is used
-	 * in some assembler modules, i.e. don't change the order! */
-#if TABLE_BITS==8
-	u128 Htable[256];
-#else
-	u128 Htable[16];
-	void (*gmult)(u64 Xi[2],const u128 Htable[16]);
-	void (*ghash)(u64 Xi[2],const u128 Htable[16],const u8 *inp,size_t len);
-#endif
-	unsigned int mres, ares;
-	block128_f block;
-	void *key;
-};
-
-struct xts128_context {
-	void      *key1, *key2;
-	block128_f block1,block2;
-};
-
-struct ccm128_context {
-	union { u64 u[2]; u8 c[16]; } nonce, cmac;
-	u64 blocks;
-	block128_f block;
-	void *key;
-};
-
diff --git a/lib/libssl/src/crypto/modes/ofb128.c b/lib/libssl/src/crypto/modes/ofb128.c
deleted file mode 100644
index 1b8a6fd500d..00000000000
--- a/lib/libssl/src/crypto/modes/ofb128.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* $OpenBSD: ofb128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-/* The input and output encrypted as though 128bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 128bit block we have used is contained in *num;
- */
-void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
-			size_t len, const void *key,
-			unsigned char ivec[16], int *num,
-			block128_f block)
-{
-	unsigned int n;
-	size_t l=0;
-
-	n = *num;
-
-#if !defined(OPENSSL_SMALL_FOOTPRINT)
-	if (16%sizeof(size_t) == 0) do { /* always true actually */
-		while (n && len) {
-			*(out++) = *(in++) ^ ivec[n];
-			--len;
-			n = (n+1) % 16;
-		}
-#ifdef __STRICT_ALIGNMENT
-		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)
-			break;
-#endif
-		while (len>=16) {
-			(*block)(ivec, ivec, key);
-			for (; n<16; n+=sizeof(size_t))
-				*(size_t*)(out+n) =
-				*(size_t*)(in+n) ^ *(size_t*)(ivec+n);
-			len -= 16;
-			out += 16;
-			in  += 16;
-			n = 0;
-		}
-		if (len) {
-			(*block)(ivec, ivec, key);
-			while (len--) {
-				out[n] = in[n] ^ ivec[n];
-				++n;
-			}
-		}
-		*num = n;
-		return;
-	} while(0);
-	/* the rest would be commonly eliminated by x86* compiler */
-#endif
-	while (l<len) {
-		if (n==0) {
-			(*block)(ivec, ivec, key);
-		}
-		out[l] = in[l] ^ ivec[n];
-		++l;
-		n = (n+1) % 16;
-	}
-
-	*num=n;
-}
diff --git a/lib/libssl/src/crypto/modes/xts128.c b/lib/libssl/src/crypto/modes/xts128.c
deleted file mode 100644
index 3e2378379e0..00000000000
--- a/lib/libssl/src/crypto/modes/xts128.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* $OpenBSD: xts128.c,v 1.6 2015/02/10 09:46:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <machine/endian.h>
-#include <openssl/crypto.h>
-#include "modes_lcl.h"
-#include <string.h>
-
-#ifndef MODES_DEBUG
-# ifndef NDEBUG
-#  define NDEBUG
-# endif
-#endif
-
-int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx, const unsigned char iv[16],
-	const unsigned char *inp, unsigned char *out,
-	size_t len, int enc)
-{
-	union { u64 u[2]; u32 d[4]; u8 c[16]; } tweak, scratch;
-	unsigned int i;
-
-	if (len<16) return -1;
-
-	memcpy(tweak.c, iv, 16);
-
-	(*ctx->block2)(tweak.c,tweak.c,ctx->key2);
-
-	if (!enc && (len%16)) len-=16;
-
-	while (len>=16) {
-#ifdef __STRICT_ALIGNMENT
-		memcpy(scratch.c,inp,16);
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-#else
-		scratch.u[0] = ((u64*)inp)[0]^tweak.u[0];
-		scratch.u[1] = ((u64*)inp)[1]^tweak.u[1];
-#endif
-		(*ctx->block1)(scratch.c,scratch.c,ctx->key1);
-#ifdef __STRICT_ALIGNMENT
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-		memcpy(out,scratch.c,16);
-#else
-		((u64*)out)[0] = scratch.u[0]^=tweak.u[0];
-		((u64*)out)[1] = scratch.u[1]^=tweak.u[1];
-#endif
-		inp += 16;
-		out += 16;
-		len -= 16;
-
-		if (len==0)	return 0;
-
-		if (BYTE_ORDER == LITTLE_ENDIAN) {
-			unsigned int carry,res;
-			
-			res = 0x87&(((int)tweak.d[3])>>31);
-			carry = (unsigned int)(tweak.u[0]>>63);
-			tweak.u[0] = (tweak.u[0]<<1)^res;
-			tweak.u[1] = (tweak.u[1]<<1)|carry;
-		}
-		else {
-			size_t c;
-
-			for (c=0,i=0;i<16;++i) {
-				/*+ substitutes for |, because c is 1 bit */ 
-				c += ((size_t)tweak.c[i])<<1;
-				tweak.c[i] = (u8)c;
-				c = c>>8;
-			}
-			tweak.c[0] ^= (u8)(0x87&(0-c));
-		}
-	}
-	if (enc) {
-		for (i=0;i<len;++i) {
-			u8 c = inp[i];
-			out[i] = scratch.c[i];
-			scratch.c[i] = c;
-		}
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-		(*ctx->block1)(scratch.c,scratch.c,ctx->key1);
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-		memcpy(out-16,scratch.c,16);
-	}
-	else {
-		union { u64 u[2]; u8 c[16]; } tweak1;
-
-		if (BYTE_ORDER == LITTLE_ENDIAN) {
-			unsigned int carry,res;
-
-			res = 0x87&(((int)tweak.d[3])>>31);
-			carry = (unsigned int)(tweak.u[0]>>63);
-			tweak1.u[0] = (tweak.u[0]<<1)^res;
-			tweak1.u[1] = (tweak.u[1]<<1)|carry;
-		}
-		else {
-			size_t c;
-
-			for (c=0,i=0;i<16;++i) {
-				/*+ substitutes for |, because c is 1 bit */ 
-				c += ((size_t)tweak.c[i])<<1;
-				tweak1.c[i] = (u8)c;
-				c = c>>8;
-			}
-			tweak1.c[0] ^= (u8)(0x87&(0-c));
-		}
-#ifdef __STRICT_ALIGNMENT
-		memcpy(scratch.c,inp,16);
-		scratch.u[0] ^= tweak1.u[0];
-		scratch.u[1] ^= tweak1.u[1];
-#else
-		scratch.u[0] = ((u64*)inp)[0]^tweak1.u[0];
-		scratch.u[1] = ((u64*)inp)[1]^tweak1.u[1];
-#endif
-		(*ctx->block1)(scratch.c,scratch.c,ctx->key1);
-		scratch.u[0] ^= tweak1.u[0];
-		scratch.u[1] ^= tweak1.u[1];
-
-		for (i=0;i<len;++i) {
-			u8 c = inp[16+i];
-			out[16+i] = scratch.c[i];
-			scratch.c[i] = c;
-		}
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-		(*ctx->block1)(scratch.c,scratch.c,ctx->key1);
-#ifdef __STRICT_ALIGNMENT
-		scratch.u[0] ^= tweak.u[0];
-		scratch.u[1] ^= tweak.u[1];
-		memcpy (out,scratch.c,16);
-#else
-		((u64*)out)[0] = scratch.u[0]^tweak.u[0];
-		((u64*)out)[1] = scratch.u[1]^tweak.u[1];
-#endif
-	}
-
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/o_init.c b/lib/libssl/src/crypto/o_init.c
deleted file mode 100644
index 2f819eac958..00000000000
--- a/lib/libssl/src/crypto/o_init.c
+++ /dev/null
@@ -1,10 +0,0 @@
-/* $OpenBSD: o_init.c,v 1.8 2014/06/12 15:49:27 deraadt Exp $ */
-/* Ted Unangst places this file in the public domain. */
-
-#include <openssl/crypto.h>
-
-void
-OPENSSL_init(void)
-{
-
-}
diff --git a/lib/libssl/src/crypto/o_str.c b/lib/libssl/src/crypto/o_str.c
deleted file mode 100644
index f05889e4c87..00000000000
--- a/lib/libssl/src/crypto/o_str.c
+++ /dev/null
@@ -1,21 +0,0 @@
-/* $OpenBSD: o_str.c,v 1.9 2014/07/09 20:22:14 tedu Exp $ */
-/*
- * Written by Theo de Raadt.  Public domain.
- */
-
-#include <string.h>
-
-int OPENSSL_strcasecmp(const char *str1, const char *str2);
-int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
-
-int
-OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
-{
-	return strncasecmp(str1, str2, n);
-}
-
-int
-OPENSSL_strcasecmp(const char *str1, const char *str2)
-{
-	return strcasecmp(str1, str2);
-}
diff --git a/lib/libssl/src/crypto/o_time.c b/lib/libssl/src/crypto/o_time.c
deleted file mode 100644
index 9b2e7e5b5e5..00000000000
--- a/lib/libssl/src/crypto/o_time.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* $OpenBSD: o_time.c,v 1.15 2014/06/12 15:49:27 deraadt Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2008.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include "o_time.h"
-
-/* Take a tm structure and add an offset to it. This avoids any OS issues
- * with restricted date types and overflows which cause the year 2038
- * problem.
- */
-
-#define SECS_PER_DAY (24 * 60 * 60)
-
-static long date_to_julian(int y, int m, int d);
-static void julian_to_date(long jd, int *y, int *m, int *d);
-
-int
-OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
-{
-	int offset_hms, offset_day;
-	long time_jd;
-	int time_year, time_month, time_day;
-	/* split offset into days and day seconds */
-	offset_day = offset_sec / SECS_PER_DAY;
-	/* Avoid sign issues with % operator */
-	offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
-	offset_day += off_day;
-	/* Add current time seconds to offset */
-	offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
-	/* Adjust day seconds if overflow */
-	if (offset_hms >= SECS_PER_DAY) {
-		offset_day++;
-		offset_hms -= SECS_PER_DAY;
-	} else if (offset_hms < 0) {
-		offset_day--;
-		offset_hms += SECS_PER_DAY;
-	}
-
-	/* Convert date of time structure into a Julian day number.
-	 */
-
-	time_year = tm->tm_year + 1900;
-	time_month = tm->tm_mon + 1;
-	time_day = tm->tm_mday;
-
-	time_jd = date_to_julian(time_year, time_month, time_day);
-
-	/* Work out Julian day of new date */
-	time_jd += offset_day;
-
-	if (time_jd < 0)
-		return 0;
-
-	/* Convert Julian day back to date */
-
-	julian_to_date(time_jd, &time_year, &time_month, &time_day);
-
-	if (time_year < 1900 || time_year > 9999)
-		return 0;
-
-	/* Update tm structure */
-
-	tm->tm_year = time_year - 1900;
-	tm->tm_mon = time_month - 1;
-	tm->tm_mday = time_day;
-
-	tm->tm_hour = offset_hms / 3600;
-	tm->tm_min = (offset_hms / 60) % 60;
-	tm->tm_sec = offset_hms % 60;
-
-	return 1;
-
-}
-
-/* Convert date to and from julian day
- * Uses Fliegel & Van Flandern algorithm
- */
-static long
-date_to_julian(int y, int m, int d)
-{
-	return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
-	    (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
-	    (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 +
-	    d - 32075;
-}
-
-static void
-julian_to_date(long jd, int *y, int *m, int *d)
-{
-	long  L = jd + 68569;
-	long  n = (4 * L) / 146097;
-	long  i, j;
-
-	L = L - (146097 * n + 3) / 4;
-	i = (4000 * (L + 1)) / 1461001;
-	L = L - (1461 * i) / 4 + 31;
-	j = (80 * L) / 2447;
-	*d = L - (2447 * j) / 80;
-	L = j / 11;
-	*m = j + 2 - (12 * L);
-	*y = 100 * (n - 49) + i + L;
-}
diff --git a/lib/libssl/src/crypto/o_time.h b/lib/libssl/src/crypto/o_time.h
deleted file mode 100644
index 27411b3637b..00000000000
--- a/lib/libssl/src/crypto/o_time.h
+++ /dev/null
@@ -1,66 +0,0 @@
-/* $OpenBSD: o_time.h,v 1.6 2014/06/12 15:49:27 deraadt Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_O_TIME_H
-#define HEADER_O_TIME_H
-
-#include <time.h>
-
-int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
-
-#endif
diff --git a/lib/libssl/src/crypto/objects/o_names.c b/lib/libssl/src/crypto/objects/o_names.c
deleted file mode 100644
index 81240db204a..00000000000
--- a/lib/libssl/src/crypto/objects/o_names.c
+++ /dev/null
@@ -1,354 +0,0 @@
-/* $OpenBSD: o_names.c,v 1.21 2015/07/18 21:21:28 beck Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/safestack.h>
-
-/* I use the ex_data stuff to manage the identifiers for the obj_name_types
- * that applications may define.  I only really use the free function field.
- */
-DECLARE_LHASH_OF(OBJ_NAME);
-static LHASH_OF(OBJ_NAME) *names_lh = NULL;
-static int names_type_num = OBJ_NAME_TYPE_NUM;
-
-typedef struct name_funcs_st {
-	unsigned long (*hash_func)(const char *name);
-	int (*cmp_func)(const char *a, const char *b);
-	void (*free_func)(const char *, int, const char *);
-} NAME_FUNCS;
-
-DECLARE_STACK_OF(NAME_FUNCS)
-
-static STACK_OF(NAME_FUNCS) *name_funcs_stack;
-
-/* The LHASH callbacks now use the raw "void *" prototypes and do per-variable
- * casting in the functions. This prevents function pointer casting without the
- * need for macro-generated wrapper functions. */
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a); */
-static unsigned long obj_name_hash(const void *a_void);
-/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
-static int obj_name_cmp(const void *a_void, const void *b_void);
-
-static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
-static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
-
-int
-OBJ_NAME_init(void)
-{
-	if (names_lh != NULL)
-		return (1);
-	names_lh = lh_OBJ_NAME_new();
-	return (names_lh != NULL);
-}
-
-int
-OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
-    int (*cmp_func)(const char *, const char *),
-    void (*free_func)(const char *, int, const char *))
-{
-	int ret;
-	int i;
-	NAME_FUNCS *name_funcs;
-
-	if (name_funcs_stack == NULL)
-		name_funcs_stack = sk_NAME_FUNCS_new_null();
-	if (name_funcs_stack == NULL)
-		return (0);
-
-	ret = names_type_num;
-	names_type_num++;
-	for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
-		name_funcs = malloc(sizeof(NAME_FUNCS));
-		if (!name_funcs) {
-			OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-		name_funcs->hash_func = lh_strhash;
-		name_funcs->cmp_func = strcmp;
-		name_funcs->free_func = NULL;
-		if (sk_NAME_FUNCS_push(name_funcs_stack, name_funcs) == 0) {
-			free(name_funcs);
-			OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-	}
-	name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
-	if (hash_func != NULL)
-		name_funcs->hash_func = hash_func;
-	if (cmp_func != NULL)
-		name_funcs->cmp_func = cmp_func;
-	if (free_func != NULL)
-		name_funcs->free_func = free_func;
-	return (ret);
-}
-
-/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */
-static int
-obj_name_cmp(const void *a_void, const void *b_void)
-{
-	int ret;
-	const OBJ_NAME *a = (const OBJ_NAME *)a_void;
-	const OBJ_NAME *b = (const OBJ_NAME *)b_void;
-
-	ret = a->type - b->type;
-	if (ret == 0) {
-		if ((name_funcs_stack != NULL) &&
-		    (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
-			ret = sk_NAME_FUNCS_value(name_funcs_stack,
-			    a->type)->cmp_func(a->name, b->name);
-		} else
-			ret = strcmp(a->name, b->name);
-	}
-	return (ret);
-}
-
-/* static unsigned long obj_name_hash(OBJ_NAME *a) */
-static unsigned long
-obj_name_hash(const void *a_void)
-{
-	unsigned long ret;
-	const OBJ_NAME *a = (const OBJ_NAME *)a_void;
-
-	if ((name_funcs_stack != NULL) &&
-	    (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
-		ret = sk_NAME_FUNCS_value(name_funcs_stack,
-		    a->type)->hash_func(a->name);
-	} else {
-		ret = lh_strhash(a->name);
-	}
-	ret ^= a->type;
-	return (ret);
-}
-
-const char *
-OBJ_NAME_get(const char *name, int type)
-{
-	OBJ_NAME on, *ret;
-	int num = 0, alias;
-
-	if (name == NULL)
-		return (NULL);
-	if ((names_lh == NULL) && !OBJ_NAME_init())
-		return (NULL);
-
-	alias = type&OBJ_NAME_ALIAS;
-	type&= ~OBJ_NAME_ALIAS;
-
-	on.name = name;
-	on.type = type;
-
-	for (;;) {
-		ret = lh_OBJ_NAME_retrieve(names_lh, &on);
-		if (ret == NULL)
-			return (NULL);
-		if ((ret->alias) && !alias) {
-			if (++num > 10)
-				return (NULL);
-			on.name = ret->data;
-		} else {
-			return (ret->data);
-		}
-	}
-}
-
-int
-OBJ_NAME_add(const char *name, int type, const char *data)
-{
-	OBJ_NAME *onp, *ret;
-	int alias;
-
-	if ((names_lh == NULL) && !OBJ_NAME_init())
-		return (0);
-
-	alias = type & OBJ_NAME_ALIAS;
-	type &= ~OBJ_NAME_ALIAS;
-
-	onp = malloc(sizeof(OBJ_NAME));
-	if (onp == NULL) {
-		/* ERROR */
-		return (0);
-	}
-
-	onp->name = name;
-	onp->alias = alias;
-	onp->type = type;
-	onp->data = data;
-
-	ret = lh_OBJ_NAME_insert(names_lh, onp);
-	if (ret != NULL) {
-		/* free things */
-		if ((name_funcs_stack != NULL) &&
-		    (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
-			/* XXX: I'm not sure I understand why the free
-			 * function should get three arguments...
-			 * -- Richard Levitte
-			 */
-			sk_NAME_FUNCS_value(
-			    name_funcs_stack, ret->type)->free_func(
-			    ret->name, ret->type, ret->data);
-		}
-		free(ret);
-	} else {
-		if (lh_OBJ_NAME_error(names_lh)) {
-			/* ERROR */
-			return (0);
-		}
-	}
-	return (1);
-}
-
-int
-OBJ_NAME_remove(const char *name, int type)
-{
-	OBJ_NAME on, *ret;
-
-	if (names_lh == NULL)
-		return (0);
-
-	type &= ~OBJ_NAME_ALIAS;
-	on.name = name;
-	on.type = type;
-	ret = lh_OBJ_NAME_delete(names_lh, &on);
-	if (ret != NULL) {
-		/* free things */
-		if ((name_funcs_stack != NULL) &&
-		    (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
-			/* XXX: I'm not sure I understand why the free
-			 * function should get three arguments...
-			 * -- Richard Levitte
-			 */
-			sk_NAME_FUNCS_value(
-			    name_funcs_stack, ret->type)->free_func(
-			    ret->name, ret->type, ret->data);
-		}
-		free(ret);
-		return (1);
-	} else
-		return (0);
-}
-
-struct doall {
-	int type;
-	void (*fn)(const OBJ_NAME *, void *arg);
-	void *arg;
-};
-
-static void
-do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d)
-{
-	if (name->type == d->type)
-		d->fn(name, d->arg);
-}
-
-static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
-
-void
-OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg), void *arg)
-{
-	struct doall d;
-
-	d.type = type;
-	d.fn = fn;
-	d.arg = arg;
-
-	lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
-	    struct doall, &d);
-}
-
-struct doall_sorted {
-	int type;
-	int n;
-	const OBJ_NAME **names;
-};
-
-static void
-do_all_sorted_fn(const OBJ_NAME *name, void *d_)
-{
-	struct doall_sorted *d = d_;
-
-	if (name->type != d->type)
-		return;
-
-	d->names[d->n++] = name;
-}
-
-static int
-do_all_sorted_cmp(const void *n1_, const void *n2_)
-{
-	const OBJ_NAME * const *n1 = n1_;
-	const OBJ_NAME * const *n2 = n2_;
-
-	return strcmp((*n1)->name, (*n2)->name);
-}
-
-void
-OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
-    void *arg)
-{
-	struct doall_sorted d;
-	int n;
-
-	d.type = type;
-	d.names = reallocarray(NULL, lh_OBJ_NAME_num_items(names_lh),
-	    sizeof *d.names);
-	d.n = 0;
-	if (d.names != NULL) {
-		OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
-
-		qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
-
-		for (n = 0; n < d.n; ++n)
-			fn(d.names[n], arg);
-
-		free(d.names);
-	}
-}
-
-static int free_type;
-
-static void
-names_lh_free_doall(OBJ_NAME *onp)
-{
-	if (onp == NULL)
-		return;
-
-	if (free_type < 0 || free_type == onp->type)
-		OBJ_NAME_remove(onp->name, onp->type);
-}
-
-static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
-
-static void
-name_funcs_free(NAME_FUNCS *ptr)
-{
-	free(ptr);
-}
-
-void
-OBJ_NAME_cleanup(int type)
-{
-	unsigned long down_load;
-
-	if (names_lh == NULL)
-		return;
-
-	free_type = type;
-	down_load = lh_OBJ_NAME_down_load(names_lh);
-	lh_OBJ_NAME_down_load(names_lh) = 0;
-
-	lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
-	if (type < 0) {
-		lh_OBJ_NAME_free(names_lh);
-		sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free);
-		names_lh = NULL;
-		name_funcs_stack = NULL;
-	} else
-		lh_OBJ_NAME_down_load(names_lh) = down_load;
-}
diff --git a/lib/libssl/src/crypto/objects/obj_dat.c b/lib/libssl/src/crypto/objects/obj_dat.c
deleted file mode 100644
index 1ae38bc4e8e..00000000000
--- a/lib/libssl/src/crypto/objects/obj_dat.c
+++ /dev/null
@@ -1,773 +0,0 @@
-/* $OpenBSD: obj_dat.c,v 1.36 2016/07/17 21:23:50 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <ctype.h>
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-
-/* obj_dat.h is generated from objects.h by obj_dat.pl */
-#include "obj_dat.h"
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
-DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
-
-#define ADDED_DATA	0
-#define ADDED_SNAME	1
-#define ADDED_LNAME	2
-#define ADDED_NID	3
-
-typedef struct added_obj_st {
-	int type;
-	ASN1_OBJECT *obj;
-} ADDED_OBJ;
-DECLARE_LHASH_OF(ADDED_OBJ);
-
-static int new_nid = NUM_NID;
-static LHASH_OF(ADDED_OBJ) *added = NULL;
-
-static int sn_cmp(const ASN1_OBJECT * const *a, const unsigned int *b)
-{
-	return (strcmp((*a)->sn, nid_objs[*b].sn));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
-
-static int ln_cmp(const ASN1_OBJECT * const *a, const unsigned int *b)
-{
-	return (strcmp((*a)->ln, nid_objs[*b].ln));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
-
-static unsigned long
-added_obj_hash(const ADDED_OBJ *ca)
-{
-	const ASN1_OBJECT *a;
-	int i;
-	unsigned long ret = 0;
-	unsigned char *p;
-
-	a = ca->obj;
-	switch (ca->type) {
-	case ADDED_DATA:
-		ret = a->length << 20L;
-		p = (unsigned char *)a->data;
-		for (i = 0; i < a->length; i++)
-			ret ^= p[i] << ((i * 3) % 24);
-		break;
-	case ADDED_SNAME:
-		ret = lh_strhash(a->sn);
-		break;
-	case ADDED_LNAME:
-		ret = lh_strhash(a->ln);
-		break;
-	case ADDED_NID:
-		ret = a->nid;
-		break;
-	default:
-		/* abort(); */
-		return 0;
-	}
-	ret &= 0x3fffffffL;
-	ret |= ca->type << 30L;
-	return (ret);
-}
-static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
-
-static int
-added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
-{
-	ASN1_OBJECT *a, *b;
-	int i;
-
-	i = ca->type - cb->type;
-	if (i)
-		return (i);
-	a = ca->obj;
-	b = cb->obj;
-	switch (ca->type) {
-	case ADDED_DATA:
-		i = (a->length - b->length);
-		if (i)
-			return (i);
-		return (memcmp(a->data, b->data, (size_t)a->length));
-	case ADDED_SNAME:
-		if (a->sn == NULL)
-			return (-1);
-		else if (b->sn == NULL)
-			return (1);
-		else
-			return (strcmp(a->sn, b->sn));
-	case ADDED_LNAME:
-		if (a->ln == NULL)
-			return (-1);
-		else if (b->ln == NULL)
-			return (1);
-		else
-			return (strcmp(a->ln, b->ln));
-	case ADDED_NID:
-		return (a->nid - b->nid);
-	default:
-		/* abort(); */
-		return 0;
-	}
-}
-static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
-
-static int
-init_added(void)
-{
-	if (added != NULL)
-		return (1);
-	added = lh_ADDED_OBJ_new();
-	return (added != NULL);
-}
-
-static void
-cleanup1_doall(ADDED_OBJ *a)
-{
-	a->obj->nid = 0;
-	a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC |
-	    ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-	    ASN1_OBJECT_FLAG_DYNAMIC_DATA;
-}
-
-static void cleanup2_doall(ADDED_OBJ *a)
-{
-	a->obj->nid++;
-}
-
-static void
-cleanup3_doall(ADDED_OBJ *a)
-{
-	if (--a->obj->nid == 0)
-		ASN1_OBJECT_free(a->obj);
-	free(a);
-}
-
-static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
-static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
-
-/* The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting
- * to use freed up OIDs. If neccessary the actual freeing up of OIDs is
- * delayed.
- */
-
-int obj_cleanup_defer = 0;
-
-void
-check_defer(int nid)
-{
-	if (!obj_cleanup_defer && nid >= NUM_NID)
-		obj_cleanup_defer = 1;
-}
-
-void
-OBJ_cleanup(void)
-{
-	if (obj_cleanup_defer) {
-		obj_cleanup_defer = 2;
-		return;
-	}
-	if (added == NULL)
-		return;
-	lh_ADDED_OBJ_down_load(added) = 0;
-	lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
-	lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
-	lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
-	lh_ADDED_OBJ_free(added);
-	added = NULL;
-}
-
-int
-OBJ_new_nid(int num)
-{
-	int i;
-
-	i = new_nid;
-	new_nid += num;
-	return (i);
-}
-
-int
-OBJ_add_object(const ASN1_OBJECT *obj)
-{
-	ASN1_OBJECT *o;
-	ADDED_OBJ *ao[4] = {NULL, NULL, NULL, NULL}, *aop;
-	int i;
-
-	if (added == NULL)
-		if (!init_added())
-			return (0);
-	if ((o = OBJ_dup(obj)) == NULL)
-		goto err;
-	if (!(ao[ADDED_NID] = malloc(sizeof(ADDED_OBJ))))
-		goto err2;
-	if ((o->length != 0) && (obj->data != NULL))
-		if (!(ao[ADDED_DATA] = malloc(sizeof(ADDED_OBJ))))
-			goto err2;
-	if (o->sn != NULL)
-		if (!(ao[ADDED_SNAME] = malloc(sizeof(ADDED_OBJ))))
-			goto err2;
-	if (o->ln != NULL)
-		if (!(ao[ADDED_LNAME] = malloc(sizeof(ADDED_OBJ))))
-			goto err2;
-
-	for (i = ADDED_DATA; i <= ADDED_NID; i++) {
-		if (ao[i] != NULL) {
-			ao[i]->type = i;
-			ao[i]->obj = o;
-			aop = lh_ADDED_OBJ_insert(added, ao[i]);
-			/* memory leak, buit should not normally matter */
-			free(aop);
-		}
-	}
-	o->flags &= ~(ASN1_OBJECT_FLAG_DYNAMIC |
-	    ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
-	    ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-
-	return (o->nid);
-
-err2:
-	OBJerr(OBJ_F_OBJ_ADD_OBJECT, ERR_R_MALLOC_FAILURE);
-err:
-	for (i = ADDED_DATA; i <= ADDED_NID; i++)
-		free(ao[i]);
-	free(o);
-	return (NID_undef);
-}
-
-ASN1_OBJECT *
-OBJ_nid2obj(int n)
-{
-	ADDED_OBJ ad, *adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID)) {
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-			OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-		return ((ASN1_OBJECT *)&(nid_objs[n]));
-	} else if (added == NULL)
-		return (NULL);
-	else {
-		ad.type = ADDED_NID;
-		ad.obj = &ob;
-		ob.nid = n;
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj);
-		else {
-			OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-	}
-}
-
-const char *
-OBJ_nid2sn(int n)
-{
-	ADDED_OBJ ad, *adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID)) {
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-			OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-		return (nid_objs[n].sn);
-	} else if (added == NULL)
-		return (NULL);
-	else {
-		ad.type = ADDED_NID;
-		ad.obj = &ob;
-		ob.nid = n;
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj->sn);
-		else {
-			OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-	}
-}
-
-const char *
-OBJ_nid2ln(int n)
-{
-	ADDED_OBJ ad, *adp;
-	ASN1_OBJECT ob;
-
-	if ((n >= 0) && (n < NUM_NID)) {
-		if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
-			OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-		return (nid_objs[n].ln);
-	} else if (added == NULL)
-		return (NULL);
-	else {
-		ad.type = ADDED_NID;
-		ad.obj = &ob;
-		ob.nid = n;
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj->ln);
-		else {
-			OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
-			return (NULL);
-		}
-	}
-}
-
-static int
-obj_cmp(const ASN1_OBJECT * const *ap, const unsigned int *bp)
-{
-	int j;
-	const ASN1_OBJECT *a= *ap;
-	const ASN1_OBJECT *b = &nid_objs[*bp];
-
-	j = (a->length - b->length);
-	if (j)
-		return (j);
-	return (memcmp(a->data, b->data, a->length));
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
-
-int
-OBJ_obj2nid(const ASN1_OBJECT *a)
-{
-	const unsigned int *op;
-	ADDED_OBJ ad, *adp;
-
-	if (a == NULL)
-		return (NID_undef);
-	if (a->nid != 0)
-		return (a->nid);
-
-	if (added != NULL) {
-		ad.type = ADDED_DATA;
-		ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj->nid);
-	}
-	op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
-	if (op == NULL)
-		return (NID_undef);
-	return (nid_objs[*op].nid);
-}
-
-/* Convert an object name into an ASN1_OBJECT
- * if "noname" is not set then search for short and long names first.
- * This will convert the "dotted" form into an object: unlike OBJ_txt2nid
- * it can be used with any objects, not just registered ones.
- */
-
-ASN1_OBJECT *
-OBJ_txt2obj(const char *s, int no_name)
-{
-	int nid = NID_undef;
-	ASN1_OBJECT *op = NULL;
-	unsigned char *buf;
-	unsigned char *p;
-	const unsigned char *cp;
-	int i, j;
-
-	if (!no_name) {
-		if (((nid = OBJ_sn2nid(s)) != NID_undef) ||
-		    ((nid = OBJ_ln2nid(s)) != NID_undef) )
-			return OBJ_nid2obj(nid);
-	}
-
-	/* Work out size of content octets */
-	i = a2d_ASN1_OBJECT(NULL, 0, s, -1);
-	if (i <= 0) {
-		/* Don't clear the error */
-		/*ERR_clear_error();*/
-		return NULL;
-	}
-	/* Work out total size */
-	j = ASN1_object_size(0, i, V_ASN1_OBJECT);
-
-	if ((buf = malloc(j)) == NULL)
-		return NULL;
-
-	p = buf;
-	/* Write out tag+length */
-	ASN1_put_object(&p, 0, i, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
-	/* Write out contents */
-	a2d_ASN1_OBJECT(p, i, s, -1);
-
-	cp = buf;
-	op = d2i_ASN1_OBJECT(NULL, &cp, j);
-	free(buf);
-	return op;
-}
-
-int
-OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
-{
-	int i, ret = 0, len, nid, first = 1, use_bn;
-	BIGNUM *bl = NULL;
-	unsigned long l;
-	const unsigned char *p;
-
-	/* Ensure that, at every state, |buf| is NUL-terminated. */
-	if (buf_len > 0)
-		buf[0] = '\0';
-
-	if ((a == NULL) || (a->data == NULL))
-		goto err;
-
-	if (!no_name && (nid = OBJ_obj2nid(a)) != NID_undef) {
-		const char *s;
-		s = OBJ_nid2ln(nid);
-		if (s == NULL)
-			s = OBJ_nid2sn(nid);
-		if (s) {
-			ret = strlcpy(buf, s, buf_len);
-			goto out;
-		}
-	}
-
-	len = a->length;
-	p = a->data;
-
-	while (len > 0) {
-		l = 0;
-		use_bn = 0;
-		for (;;) {
-			unsigned char c = *p++;
-			len--;
-			if ((len == 0) && (c & 0x80))
-				goto err;
-			if (use_bn) {
-				if (!BN_add_word(bl, c & 0x7f))
-					goto err;
-			} else
-				l |= c & 0x7f;
-			if (!(c & 0x80))
-				break;
-			if (!use_bn && (l > (ULONG_MAX >> 7L))) {
-				if (!bl && !(bl = BN_new()))
-					goto err;
-				if (!BN_set_word(bl, l))
-					goto err;
-				use_bn = 1;
-			}
-			if (use_bn) {
-				if (!BN_lshift(bl, bl, 7))
-					goto err;
-			} else
-				l <<= 7L;
-		}
-
-		if (first) {
-			first = 0;
-			if (l >= 80) {
-				i = 2;
-				if (use_bn) {
-					if (!BN_sub_word(bl, 80))
-						goto err;
-				} else
-					l -= 80;
-			} else {
-				i = (int)(l / 40);
-				l -= (long)(i * 40);
-			}
-			if (buf_len > 1) {
-				*buf++ = i + '0';
-				*buf = '\0';
-				buf_len--;
-			}
-			ret++;
-		}
-
-		if (buf_len <= 0) {
-			ret = 0;
-			goto out;
-		}
-		if (use_bn) {
-			char *bndec;
-
-			bndec = BN_bn2dec(bl);
-			if (!bndec)
-				goto err;
-			i = snprintf(buf, buf_len, ".%s", bndec);
-			free(bndec);
-			if (i == -1)
-				goto err;
-			if (i >= buf_len) {
-				buf_len = 0;
-			} else {
-				buf += i;
-				buf_len -= i;
-			}
-			ret += i;
-		} else {
-			i = snprintf(buf, buf_len, ".%lu", l);
-			if (i == -1)
-				goto err;
-			if (i >= buf_len) {
-				buf_len = 0;
-			} else {
-				buf += i;
-				buf_len -= i;
-			}
-			ret += i;
-			l = 0;
-		}
-	}
-
-out:
-	BN_free(bl);
-	return ret;
-
-err:
-	ret = 0;
-	goto out;
-}
-
-int
-OBJ_txt2nid(const char *s)
-{
-	ASN1_OBJECT *obj;
-	int nid;
-
-	obj = OBJ_txt2obj(s, 0);
-	nid = OBJ_obj2nid(obj);
-	ASN1_OBJECT_free(obj);
-	return nid;
-}
-
-int
-OBJ_ln2nid(const char *s)
-{
-	ASN1_OBJECT o;
-	const ASN1_OBJECT *oo = &o;
-	ADDED_OBJ ad, *adp;
-	const unsigned int *op;
-
-	o.ln = s;
-	if (added != NULL) {
-		ad.type = ADDED_LNAME;
-		ad.obj = &o;
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj->nid);
-	}
-	op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
-	if (op == NULL)
-		return (NID_undef);
-	return (nid_objs[*op].nid);
-}
-
-int
-OBJ_sn2nid(const char *s)
-{
-	ASN1_OBJECT o;
-	const ASN1_OBJECT *oo = &o;
-	ADDED_OBJ ad, *adp;
-	const unsigned int *op;
-
-	o.sn = s;
-	if (added != NULL) {
-		ad.type = ADDED_SNAME;
-		ad.obj = &o;
-		adp = lh_ADDED_OBJ_retrieve(added, &ad);
-		if (adp != NULL)
-			return (adp->obj->nid);
-	}
-	op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
-	if (op == NULL)
-		return (NID_undef);
-	return (nid_objs[*op].nid);
-}
-
-const void *
-OBJ_bsearch_(const void *key, const void *base, int num, int size,
-    int (*cmp)(const void *, const void *))
-{
-	return OBJ_bsearch_ex_(key, base, num, size, cmp, 0);
-}
-
-const void *
-OBJ_bsearch_ex_(const void *key, const void *base_, int num, int size,
-    int (*cmp)(const void *, const void *), int flags)
-{
-	const char *base = base_;
-	int l, h, i = 0, c = 0;
-	const char *p = NULL;
-
-	if (num == 0)
-		return (NULL);
-	l = 0;
-	h = num;
-	while (l < h) {
-		i = (l + h) / 2;
-		p = &(base[i * size]);
-		c = (*cmp)(key, p);
-		if (c < 0)
-			h = i;
-		else if (c > 0)
-			l = i + 1;
-		else
-			break;
-	}
-	if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH))
-		p = NULL;
-	else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) {
-		while (i > 0 && (*cmp)(key, &(base[(i - 1) * size])) == 0)
-			i--;
-		p = &(base[i * size]);
-	}
-	return (p);
-}
-
-int
-OBJ_create_objects(BIO *in)
-{
-	char buf[512];
-	int i, num = 0;
-	char *o, *s, *l = NULL;
-
-	for (;;) {
-		s = o = NULL;
-		i = BIO_gets(in, buf, 512);
-		if (i <= 0)
-			return (num);
-		buf[i - 1] = '\0';
-		if (!isalnum((unsigned char)buf[0]))
-			return (num);
-		o = s=buf;
-		while (isdigit((unsigned char)*s) || (*s == '.'))
-			s++;
-		if (*s != '\0') {
-			*(s++) = '\0';
-			while (isspace((unsigned char)*s))
-				s++;
-			if (*s == '\0')
-				s = NULL;
-			else {
-				l = s;
-				while ((*l != '\0') &&
-				    !isspace((unsigned char)*l))
-					l++;
-				if (*l != '\0') {
-					*(l++) = '\0';
-					while (isspace((unsigned char)*l))
-						l++;
-					if (*l == '\0')
-						l = NULL;
-				} else
-					l = NULL;
-			}
-		} else
-			s = NULL;
-		if ((o == NULL) || (*o == '\0'))
-			return (num);
-		if (!OBJ_create(o, s, l))
-			return (num);
-		num++;
-	}
-	/* return(num); */
-}
-
-int
-OBJ_create(const char *oid, const char *sn, const char *ln)
-{
-	int ok = 0;
-	ASN1_OBJECT *op = NULL;
-	unsigned char *buf;
-	int i;
-
-	i = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
-	if (i <= 0)
-		return (0);
-
-	if ((buf = malloc(i)) == NULL) {
-		OBJerr(OBJ_F_OBJ_CREATE, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	i = a2d_ASN1_OBJECT(buf, i, oid, -1);
-	if (i == 0)
-		goto err;
-	op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln);
-	if (op == NULL)
-		goto err;
-	ok = OBJ_add_object(op);
-
-err:
-	ASN1_OBJECT_free(op);
-	free(buf);
-	return (ok);
-}
diff --git a/lib/libssl/src/crypto/objects/obj_dat.pl b/lib/libssl/src/crypto/objects/obj_dat.pl
deleted file mode 100644
index 86bcefb97af..00000000000
--- a/lib/libssl/src/crypto/objects/obj_dat.pl
+++ /dev/null
@@ -1,307 +0,0 @@
-#!/usr/local/bin/perl
-
-# fixes bug in floating point emulation on sparc64 when
-# this script produces off-by-one output on sparc64
-use integer;
-
-sub obj_cmp
-	{
-	local(@a,@b,$_,$r);
-
-	$A=$obj_len{$obj{$nid{$a}}};
-	$B=$obj_len{$obj{$nid{$b}}};
-
-	$r=($A-$B);
-	return($r) if $r != 0;
-
-	$A=$obj_der{$obj{$nid{$a}}};
-	$B=$obj_der{$obj{$nid{$b}}};
-
-	return($A cmp $B);
-	}
-
-sub expand_obj
-	{
-	local(*v)=@_;
-	local($k,$d);
-	local($i);
-
-	do	{
-		$i=0;
-		foreach $k (keys %v)
-			{
-			if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
-				{ $i++; }
-			}
-		} while($i);
-	foreach $k (keys %v)
-		{
-		@a=split(/,/,$v{$k});
-		$objn{$k}=$#a+1;
-		}
-	return(%objn);
-	}
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-
-while (<IN>)
-	{
-	next unless /^\#define\s+(\S+)\s+(.*)$/;
-	$v=$1;
-	$d=$2;
-	$d =~ s/^\"//;
-	$d =~ s/\"$//;
-	if ($v =~ /^SN_(.*)$/)
-		{
-		if(defined $snames{$d})
-			{
-			print "WARNING: Duplicate short name \"$d\"\n";
-			}
-		else 
-			{ $snames{$d} = "X"; }
-		$sn{$1}=$d;
-		}
-	elsif ($v =~ /^LN_(.*)$/)
-		{
-		if(defined $lnames{$d})
-			{
-			print "WARNING: Duplicate long name \"$d\"\n";
-			}
-		else 
-			{ $lnames{$d} = "X"; }
-		$ln{$1}=$d;
-		}
-	elsif ($v =~ /^NID_(.*)$/)
-		{ $nid{$d}=$1; }
-	elsif ($v =~ /^OBJ_(.*)$/)
-		{
-		$obj{$1}=$v;
-		$objd{$v}=$d;
-		}
-	}
-close IN;
-
-%ob=&expand_obj(*objd);
-
-@a=sort { $a <=> $b } keys %nid;
-$n=$a[$#a]+1;
-
-@lvalues=();
-$lvalues=0;
-
-for ($i=0; $i<$n; $i++)
-	{
-	if (!defined($nid{$i}))
-		{
-		push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
-		}
-	else
-		{
-		$sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
-		$ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
-
-		if ($sn eq "NULL") {
-			$sn=$ln;
-			$sn{$nid{$i}} = $ln;
-		}
-
-		if ($ln eq "NULL") {
-			$ln=$sn;
-			$ln{$nid{$i}} = $sn;
-		}
-			
-		$out ="{";
-		$out.="\"$sn\"";
-		$out.=","."\"$ln\"";
-		$out.=",NID_$nid{$i},";
-		if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
-			{
-			$v=$objd{$obj{$nid{$i}}};
-			$v =~ s/L//g;
-			$v =~ s/,/ /g;
-			$r=&der_it($v);
-			$z="";
-			$length=0;
-			foreach (unpack("C*",$r))
-				{
-				$z.=sprintf("0x%02X,",$_);
-				$length++;
-				}
-			$obj_der{$obj{$nid{$i}}}=$z;
-			$obj_len{$obj{$nid{$i}}}=$length;
-
-			push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
-				$z,$lvalues,$obj{$nid{$i}}));
-			$out.="$length,&(lvalues[$lvalues]),0";
-			$lvalues+=$length;
-			}
-		else
-			{
-			$out.="0,NULL,0";
-			}
-		$out.="},\n";
-		push(@out,$out);
-		}
-	}
-
-@a=grep(defined($sn{$nid{$_}}),0 .. $n);
-foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
-	{
-	push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
-	}
-
-@a=grep(defined($ln{$nid{$_}}),0 .. $n);
-foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
-	{
-	push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
-	}
-
-@a=grep(defined($obj{$nid{$_}}),0 .. $n);
-foreach (sort obj_cmp @a)
-	{
-	$m=$obj{$nid{$_}};
-	$v=$objd{$m};
-	$v =~ s/L//g;
-	$v =~ s/,/ /g;
-	push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
-	}
-
-print OUT <<'EOF';
-/* crypto/objects/obj_dat.h */
-
-/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
- * following command:
- * perl obj_dat.pl obj_mac.h obj_dat.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-EOF
-
-printf OUT "#define NUM_NID %d\n",$n;
-printf OUT "#define NUM_SN %d\n",$#sn+1;
-printf OUT "#define NUM_LN %d\n",$#ln+1;
-printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
-
-printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
-print OUT @lvalues;
-print OUT "};\n\n";
-
-printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n";
-foreach (@out)
-	{
-	if (length($_) > 75)
-		{
-		$out="";
-		foreach (split(/,/))
-			{
-			$t=$out.$_.",";
-			if (length($t) > 70)
-				{
-				print OUT "$out\n";
-				$t="\t$_,";
-				}
-			$out=$t;
-			}
-		chop $out;
-		print OUT "$out";
-		}
-	else
-		{ print OUT $_; }
-	}
-print  OUT "};\n\n";
-
-printf OUT "static const unsigned int sn_objs[NUM_SN]={\n";
-print  OUT @sn;
-print  OUT "};\n\n";
-
-printf OUT "static const unsigned int ln_objs[NUM_LN]={\n";
-print  OUT @ln;
-print  OUT "};\n\n";
-
-printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n";
-print  OUT @ob;
-print  OUT "};\n\n";
-
-close OUT;
-
-sub der_it
-	{
-	local($v)=@_;
-	local(@a,$i,$ret,@r);
-
-	@a=split(/\s+/,$v);
-	$ret.=pack("C*",$a[0]*40+$a[1]);
-	shift @a;
-	shift @a;
-	foreach (@a)
-		{
-		@r=();
-		$t=0;
-		while ($_ >= 128)
-			{
-			$x=$_%128;
-			$_/=128;
-			push(@r,((($t++)?0x80:0)|$x));
-			}
-		push(@r,((($t++)?0x80:0)|$_));
-		$ret.=pack("C*",reverse(@r));
-		}
-	return($ret);
-	}
diff --git a/lib/libssl/src/crypto/objects/obj_err.c b/lib/libssl/src/crypto/objects/obj_err.c
deleted file mode 100644
index 9cea59b7854..00000000000
--- a/lib/libssl/src/crypto/objects/obj_err.c
+++ /dev/null
@@ -1,102 +0,0 @@
-/* $OpenBSD: obj_err.c,v 1.11 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
-
-static ERR_STRING_DATA OBJ_str_functs[] = {
-	{ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT),	"OBJ_add_object"},
-	{ERR_FUNC(OBJ_F_OBJ_CREATE),	"OBJ_create"},
-	{ERR_FUNC(OBJ_F_OBJ_DUP),	"OBJ_dup"},
-	{ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX),	"OBJ_NAME_new_index"},
-	{ERR_FUNC(OBJ_F_OBJ_NID2LN),	"OBJ_nid2ln"},
-	{ERR_FUNC(OBJ_F_OBJ_NID2OBJ),	"OBJ_nid2obj"},
-	{ERR_FUNC(OBJ_F_OBJ_NID2SN),	"OBJ_nid2sn"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA OBJ_str_reasons[] = {
-	{ERR_REASON(OBJ_R_MALLOC_FAILURE)        , "malloc failure"},
-	{ERR_REASON(OBJ_R_UNKNOWN_NID)           , "unknown nid"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_OBJ_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, OBJ_str_functs);
-		ERR_load_strings(0, OBJ_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/objects/obj_lib.c b/lib/libssl/src/crypto/objects/obj_lib.c
deleted file mode 100644
index 247bafbe019..00000000000
--- a/lib/libssl/src/crypto/objects/obj_lib.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/* $OpenBSD: obj_lib.c,v 1.13 2014/10/07 04:59:25 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-
-ASN1_OBJECT *
-OBJ_dup(const ASN1_OBJECT *o)
-{
-	ASN1_OBJECT *r;
-	char *ln = NULL, *sn = NULL;
-	unsigned char *data = NULL;
-
-	if (o == NULL)
-		return (NULL);
-	if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
-		return((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of
-					     duplication is this??? */
-
-	r = ASN1_OBJECT_new();
-	if (r == NULL) {
-		OBJerr(OBJ_F_OBJ_DUP, ERR_R_ASN1_LIB);
-		return (NULL);
-	}
-	data = malloc(o->length);
-	if (data == NULL)
-		goto err;
-	if (o->data != NULL)
-		memcpy(data, o->data, o->length);
-	/* once data attached to object it remains const */
-	r->data = data;
-	r->length = o->length;
-	r->nid = o->nid;
-	r->ln = r->sn = NULL;
-	if (o->ln != NULL) {
-		ln = strdup(o->ln);
-		if (ln == NULL)
-			goto err;
-		r->ln = ln;
-	}
-
-	if (o->sn != NULL) {
-		sn = strdup(o->sn);
-		if (sn == NULL)
-			goto err;
-		r->sn = sn;
-	}
-	r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
-	    ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA);
-	return (r);
-
-err:
-	OBJerr(OBJ_F_OBJ_DUP, ERR_R_MALLOC_FAILURE);
-	free(ln);
-	free(sn);
-	free(data);
-	free(r);
-	return (NULL);
-}
-
-int
-OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
-{
-	int ret;
-
-	ret = (a->length - b->length);
-	if (ret)
-		return (ret);
-	return (memcmp(a->data, b->data, a->length));
-}
diff --git a/lib/libssl/src/crypto/objects/obj_mac.num b/lib/libssl/src/crypto/objects/obj_mac.num
deleted file mode 100644
index d3a658e59c3..00000000000
--- a/lib/libssl/src/crypto/objects/obj_mac.num
+++ /dev/null
@@ -1,949 +0,0 @@
-undef		0
-rsadsi		1
-pkcs		2
-md2		3
-md5		4
-rc4		5
-rsaEncryption		6
-md2WithRSAEncryption		7
-md5WithRSAEncryption		8
-pbeWithMD2AndDES_CBC		9
-pbeWithMD5AndDES_CBC		10
-X500		11
-X509		12
-commonName		13
-countryName		14
-localityName		15
-stateOrProvinceName		16
-organizationName		17
-organizationalUnitName		18
-rsa		19
-pkcs7		20
-pkcs7_data		21
-pkcs7_signed		22
-pkcs7_enveloped		23
-pkcs7_signedAndEnveloped		24
-pkcs7_digest		25
-pkcs7_encrypted		26
-pkcs3		27
-dhKeyAgreement		28
-des_ecb		29
-des_cfb64		30
-des_cbc		31
-des_ede_ecb		32
-des_ede3_ecb		33
-idea_cbc		34
-idea_cfb64		35
-idea_ecb		36
-rc2_cbc		37
-rc2_ecb		38
-rc2_cfb64		39
-rc2_ofb64		40
-sha		41
-shaWithRSAEncryption		42
-des_ede_cbc		43
-des_ede3_cbc		44
-des_ofb64		45
-idea_ofb64		46
-pkcs9		47
-pkcs9_emailAddress		48
-pkcs9_unstructuredName		49
-pkcs9_contentType		50
-pkcs9_messageDigest		51
-pkcs9_signingTime		52
-pkcs9_countersignature		53
-pkcs9_challengePassword		54
-pkcs9_unstructuredAddress		55
-pkcs9_extCertAttributes		56
-netscape		57
-netscape_cert_extension		58
-netscape_data_type		59
-des_ede_cfb64		60
-des_ede3_cfb64		61
-des_ede_ofb64		62
-des_ede3_ofb64		63
-sha1		64
-sha1WithRSAEncryption		65
-dsaWithSHA		66
-dsa_2		67
-pbeWithSHA1AndRC2_CBC		68
-id_pbkdf2		69
-dsaWithSHA1_2		70
-netscape_cert_type		71
-netscape_base_url		72
-netscape_revocation_url		73
-netscape_ca_revocation_url		74
-netscape_renewal_url		75
-netscape_ca_policy_url		76
-netscape_ssl_server_name		77
-netscape_comment		78
-netscape_cert_sequence		79
-desx_cbc		80
-id_ce		81
-subject_key_identifier		82
-key_usage		83
-private_key_usage_period		84
-subject_alt_name		85
-issuer_alt_name		86
-basic_constraints		87
-crl_number		88
-certificate_policies		89
-authority_key_identifier		90
-bf_cbc		91
-bf_ecb		92
-bf_cfb64		93
-bf_ofb64		94
-mdc2		95
-mdc2WithRSA		96
-rc4_40		97
-rc2_40_cbc		98
-givenName		99
-surname		100
-initials		101
-uniqueIdentifier		102
-crl_distribution_points		103
-md5WithRSA		104
-serialNumber		105
-title		106
-description		107
-cast5_cbc		108
-cast5_ecb		109
-cast5_cfb64		110
-cast5_ofb64		111
-pbeWithMD5AndCast5_CBC		112
-dsaWithSHA1		113
-md5_sha1		114
-sha1WithRSA		115
-dsa		116
-ripemd160		117
-ripemd160WithRSA		119
-rc5_cbc		120
-rc5_ecb		121
-rc5_cfb64		122
-rc5_ofb64		123
-rle_compression		124
-zlib_compression		125
-ext_key_usage		126
-id_pkix		127
-id_kp		128
-server_auth		129
-client_auth		130
-code_sign		131
-email_protect		132
-time_stamp		133
-ms_code_ind		134
-ms_code_com		135
-ms_ctl_sign		136
-ms_sgc		137
-ms_efs		138
-ns_sgc		139
-delta_crl		140
-crl_reason		141
-invalidity_date		142
-sxnet		143
-pbe_WithSHA1And128BitRC4		144
-pbe_WithSHA1And40BitRC4		145
-pbe_WithSHA1And3_Key_TripleDES_CBC		146
-pbe_WithSHA1And2_Key_TripleDES_CBC		147
-pbe_WithSHA1And128BitRC2_CBC		148
-pbe_WithSHA1And40BitRC2_CBC		149
-keyBag		150
-pkcs8ShroudedKeyBag		151
-certBag		152
-crlBag		153
-secretBag		154
-safeContentsBag		155
-friendlyName		156
-localKeyID		157
-x509Certificate		158
-sdsiCertificate		159
-x509Crl		160
-pbes2		161
-pbmac1		162
-hmacWithSHA1		163
-id_qt_cps		164
-id_qt_unotice		165
-rc2_64_cbc		166
-SMIMECapabilities		167
-pbeWithMD2AndRC2_CBC		168
-pbeWithMD5AndRC2_CBC		169
-pbeWithSHA1AndDES_CBC		170
-ms_ext_req		171
-ext_req		172
-name		173
-dnQualifier		174
-id_pe		175
-id_ad		176
-info_access		177
-ad_OCSP		178
-ad_ca_issuers		179
-OCSP_sign		180
-iso		181
-member_body		182
-ISO_US		183
-X9_57		184
-X9cm		185
-pkcs1		186
-pkcs5		187
-SMIME		188
-id_smime_mod		189
-id_smime_ct		190
-id_smime_aa		191
-id_smime_alg		192
-id_smime_cd		193
-id_smime_spq		194
-id_smime_cti		195
-id_smime_mod_cms		196
-id_smime_mod_ess		197
-id_smime_mod_oid		198
-id_smime_mod_msg_v3		199
-id_smime_mod_ets_eSignature_88		200
-id_smime_mod_ets_eSignature_97		201
-id_smime_mod_ets_eSigPolicy_88		202
-id_smime_mod_ets_eSigPolicy_97		203
-id_smime_ct_receipt		204
-id_smime_ct_authData		205
-id_smime_ct_publishCert		206
-id_smime_ct_TSTInfo		207
-id_smime_ct_TDTInfo		208
-id_smime_ct_contentInfo		209
-id_smime_ct_DVCSRequestData		210
-id_smime_ct_DVCSResponseData		211
-id_smime_aa_receiptRequest		212
-id_smime_aa_securityLabel		213
-id_smime_aa_mlExpandHistory		214
-id_smime_aa_contentHint		215
-id_smime_aa_msgSigDigest		216
-id_smime_aa_encapContentType		217
-id_smime_aa_contentIdentifier		218
-id_smime_aa_macValue		219
-id_smime_aa_equivalentLabels		220
-id_smime_aa_contentReference		221
-id_smime_aa_encrypKeyPref		222
-id_smime_aa_signingCertificate		223
-id_smime_aa_smimeEncryptCerts		224
-id_smime_aa_timeStampToken		225
-id_smime_aa_ets_sigPolicyId		226
-id_smime_aa_ets_commitmentType		227
-id_smime_aa_ets_signerLocation		228
-id_smime_aa_ets_signerAttr		229
-id_smime_aa_ets_otherSigCert		230
-id_smime_aa_ets_contentTimestamp		231
-id_smime_aa_ets_CertificateRefs		232
-id_smime_aa_ets_RevocationRefs		233
-id_smime_aa_ets_certValues		234
-id_smime_aa_ets_revocationValues		235
-id_smime_aa_ets_escTimeStamp		236
-id_smime_aa_ets_certCRLTimestamp		237
-id_smime_aa_ets_archiveTimeStamp		238
-id_smime_aa_signatureType		239
-id_smime_aa_dvcs_dvc		240
-id_smime_alg_ESDHwith3DES		241
-id_smime_alg_ESDHwithRC2		242
-id_smime_alg_3DESwrap		243
-id_smime_alg_RC2wrap		244
-id_smime_alg_ESDH		245
-id_smime_alg_CMS3DESwrap		246
-id_smime_alg_CMSRC2wrap		247
-id_smime_cd_ldap		248
-id_smime_spq_ets_sqt_uri		249
-id_smime_spq_ets_sqt_unotice		250
-id_smime_cti_ets_proofOfOrigin		251
-id_smime_cti_ets_proofOfReceipt		252
-id_smime_cti_ets_proofOfDelivery		253
-id_smime_cti_ets_proofOfSender		254
-id_smime_cti_ets_proofOfApproval		255
-id_smime_cti_ets_proofOfCreation		256
-md4		257
-id_pkix_mod		258
-id_qt		259
-id_it		260
-id_pkip		261
-id_alg		262
-id_cmc		263
-id_on		264
-id_pda		265
-id_aca		266
-id_qcs		267
-id_cct		268
-id_pkix1_explicit_88		269
-id_pkix1_implicit_88		270
-id_pkix1_explicit_93		271
-id_pkix1_implicit_93		272
-id_mod_crmf		273
-id_mod_cmc		274
-id_mod_kea_profile_88		275
-id_mod_kea_profile_93		276
-id_mod_cmp		277
-id_mod_qualified_cert_88		278
-id_mod_qualified_cert_93		279
-id_mod_attribute_cert		280
-id_mod_timestamp_protocol		281
-id_mod_ocsp		282
-id_mod_dvcs		283
-id_mod_cmp2000		284
-biometricInfo		285
-qcStatements		286
-ac_auditEntity		287
-ac_targeting		288
-aaControls		289
-sbgp_ipAddrBlock		290
-sbgp_autonomousSysNum		291
-sbgp_routerIdentifier		292
-textNotice		293
-ipsecEndSystem		294
-ipsecTunnel		295
-ipsecUser		296
-dvcs		297
-id_it_caProtEncCert		298
-id_it_signKeyPairTypes		299
-id_it_encKeyPairTypes		300
-id_it_preferredSymmAlg		301
-id_it_caKeyUpdateInfo		302
-id_it_currentCRL		303
-id_it_unsupportedOIDs		304
-id_it_subscriptionRequest		305
-id_it_subscriptionResponse		306
-id_it_keyPairParamReq		307
-id_it_keyPairParamRep		308
-id_it_revPassphrase		309
-id_it_implicitConfirm		310
-id_it_confirmWaitTime		311
-id_it_origPKIMessage		312
-id_regCtrl		313
-id_regInfo		314
-id_regCtrl_regToken		315
-id_regCtrl_authenticator		316
-id_regCtrl_pkiPublicationInfo		317
-id_regCtrl_pkiArchiveOptions		318
-id_regCtrl_oldCertID		319
-id_regCtrl_protocolEncrKey		320
-id_regInfo_utf8Pairs		321
-id_regInfo_certReq		322
-id_alg_des40		323
-id_alg_noSignature		324
-id_alg_dh_sig_hmac_sha1		325
-id_alg_dh_pop		326
-id_cmc_statusInfo		327
-id_cmc_identification		328
-id_cmc_identityProof		329
-id_cmc_dataReturn		330
-id_cmc_transactionId		331
-id_cmc_senderNonce		332
-id_cmc_recipientNonce		333
-id_cmc_addExtensions		334
-id_cmc_encryptedPOP		335
-id_cmc_decryptedPOP		336
-id_cmc_lraPOPWitness		337
-id_cmc_getCert		338
-id_cmc_getCRL		339
-id_cmc_revokeRequest		340
-id_cmc_regInfo		341
-id_cmc_responseInfo		342
-id_cmc_queryPending		343
-id_cmc_popLinkRandom		344
-id_cmc_popLinkWitness		345
-id_cmc_confirmCertAcceptance		346
-id_on_personalData		347
-id_pda_dateOfBirth		348
-id_pda_placeOfBirth		349
-id_pda_pseudonym		350
-id_pda_gender		351
-id_pda_countryOfCitizenship		352
-id_pda_countryOfResidence		353
-id_aca_authenticationInfo		354
-id_aca_accessIdentity		355
-id_aca_chargingIdentity		356
-id_aca_group		357
-id_aca_role		358
-id_qcs_pkixQCSyntax_v1		359
-id_cct_crs		360
-id_cct_PKIData		361
-id_cct_PKIResponse		362
-ad_timeStamping		363
-ad_dvcs		364
-id_pkix_OCSP_basic		365
-id_pkix_OCSP_Nonce		366
-id_pkix_OCSP_CrlID		367
-id_pkix_OCSP_acceptableResponses		368
-id_pkix_OCSP_noCheck		369
-id_pkix_OCSP_archiveCutoff		370
-id_pkix_OCSP_serviceLocator		371
-id_pkix_OCSP_extendedStatus		372
-id_pkix_OCSP_valid		373
-id_pkix_OCSP_path		374
-id_pkix_OCSP_trustRoot		375
-algorithm		376
-rsaSignature		377
-X500algorithms		378
-org		379
-dod		380
-iana		381
-Directory		382
-Management		383
-Experimental		384
-Private		385
-Security		386
-SNMPv2		387
-Mail		388
-Enterprises		389
-dcObject		390
-domainComponent		391
-Domain		392
-joint_iso_ccitt		393
-selected_attribute_types		394
-clearance		395
-md4WithRSAEncryption		396
-ac_proxying		397
-sinfo_access		398
-id_aca_encAttrs		399
-role		400
-policy_constraints		401
-target_information		402
-no_rev_avail		403
-ccitt		404
-ansi_X9_62		405
-X9_62_prime_field		406
-X9_62_characteristic_two_field		407
-X9_62_id_ecPublicKey		408
-X9_62_prime192v1		409
-X9_62_prime192v2		410
-X9_62_prime192v3		411
-X9_62_prime239v1		412
-X9_62_prime239v2		413
-X9_62_prime239v3		414
-X9_62_prime256v1		415
-ecdsa_with_SHA1		416
-ms_csp_name		417
-aes_128_ecb		418
-aes_128_cbc		419
-aes_128_ofb128		420
-aes_128_cfb128		421
-aes_192_ecb		422
-aes_192_cbc		423
-aes_192_ofb128		424
-aes_192_cfb128		425
-aes_256_ecb		426
-aes_256_cbc		427
-aes_256_ofb128		428
-aes_256_cfb128		429
-hold_instruction_code		430
-hold_instruction_none		431
-hold_instruction_call_issuer		432
-hold_instruction_reject		433
-data		434
-pss		435
-ucl		436
-pilot		437
-pilotAttributeType		438
-pilotAttributeSyntax		439
-pilotObjectClass		440
-pilotGroups		441
-iA5StringSyntax		442
-caseIgnoreIA5StringSyntax		443
-pilotObject		444
-pilotPerson		445
-account		446
-document		447
-room		448
-documentSeries		449
-rFC822localPart		450
-dNSDomain		451
-domainRelatedObject		452
-friendlyCountry		453
-simpleSecurityObject		454
-pilotOrganization		455
-pilotDSA		456
-qualityLabelledData		457
-userId		458
-textEncodedORAddress		459
-rfc822Mailbox		460
-info		461
-favouriteDrink		462
-roomNumber		463
-photo		464
-userClass		465
-host		466
-manager		467
-documentIdentifier		468
-documentTitle		469
-documentVersion		470
-documentAuthor		471
-documentLocation		472
-homeTelephoneNumber		473
-secretary		474
-otherMailbox		475
-lastModifiedTime		476
-lastModifiedBy		477
-aRecord		478
-pilotAttributeType27		479
-mXRecord		480
-nSRecord		481
-sOARecord		482
-cNAMERecord		483
-associatedDomain		484
-associatedName		485
-homePostalAddress		486
-personalTitle		487
-mobileTelephoneNumber		488
-pagerTelephoneNumber		489
-friendlyCountryName		490
-organizationalStatus		491
-janetMailbox		492
-mailPreferenceOption		493
-buildingName		494
-dSAQuality		495
-singleLevelQuality		496
-subtreeMinimumQuality		497
-subtreeMaximumQuality		498
-personalSignature		499
-dITRedirect		500
-audio		501
-documentPublisher		502
-x500UniqueIdentifier		503
-mime_mhs		504
-mime_mhs_headings		505
-mime_mhs_bodies		506
-id_hex_partial_message		507
-id_hex_multipart_message		508
-generationQualifier		509
-pseudonym		510
-InternationalRA		511
-id_set		512
-set_ctype		513
-set_msgExt		514
-set_attr		515
-set_policy		516
-set_certExt		517
-set_brand		518
-setct_PANData		519
-setct_PANToken		520
-setct_PANOnly		521
-setct_OIData		522
-setct_PI		523
-setct_PIData		524
-setct_PIDataUnsigned		525
-setct_HODInput		526
-setct_AuthResBaggage		527
-setct_AuthRevReqBaggage		528
-setct_AuthRevResBaggage		529
-setct_CapTokenSeq		530
-setct_PInitResData		531
-setct_PI_TBS		532
-setct_PResData		533
-setct_AuthReqTBS		534
-setct_AuthResTBS		535
-setct_AuthResTBSX		536
-setct_AuthTokenTBS		537
-setct_CapTokenData		538
-setct_CapTokenTBS		539
-setct_AcqCardCodeMsg		540
-setct_AuthRevReqTBS		541
-setct_AuthRevResData		542
-setct_AuthRevResTBS		543
-setct_CapReqTBS		544
-setct_CapReqTBSX		545
-setct_CapResData		546
-setct_CapRevReqTBS		547
-setct_CapRevReqTBSX		548
-setct_CapRevResData		549
-setct_CredReqTBS		550
-setct_CredReqTBSX		551
-setct_CredResData		552
-setct_CredRevReqTBS		553
-setct_CredRevReqTBSX		554
-setct_CredRevResData		555
-setct_PCertReqData		556
-setct_PCertResTBS		557
-setct_BatchAdminReqData		558
-setct_BatchAdminResData		559
-setct_CardCInitResTBS		560
-setct_MeAqCInitResTBS		561
-setct_RegFormResTBS		562
-setct_CertReqData		563
-setct_CertReqTBS		564
-setct_CertResData		565
-setct_CertInqReqTBS		566
-setct_ErrorTBS		567
-setct_PIDualSignedTBE		568
-setct_PIUnsignedTBE		569
-setct_AuthReqTBE		570
-setct_AuthResTBE		571
-setct_AuthResTBEX		572
-setct_AuthTokenTBE		573
-setct_CapTokenTBE		574
-setct_CapTokenTBEX		575
-setct_AcqCardCodeMsgTBE		576
-setct_AuthRevReqTBE		577
-setct_AuthRevResTBE		578
-setct_AuthRevResTBEB		579
-setct_CapReqTBE		580
-setct_CapReqTBEX		581
-setct_CapResTBE		582
-setct_CapRevReqTBE		583
-setct_CapRevReqTBEX		584
-setct_CapRevResTBE		585
-setct_CredReqTBE		586
-setct_CredReqTBEX		587
-setct_CredResTBE		588
-setct_CredRevReqTBE		589
-setct_CredRevReqTBEX		590
-setct_CredRevResTBE		591
-setct_BatchAdminReqTBE		592
-setct_BatchAdminResTBE		593
-setct_RegFormReqTBE		594
-setct_CertReqTBE		595
-setct_CertReqTBEX		596
-setct_CertResTBE		597
-setct_CRLNotificationTBS		598
-setct_CRLNotificationResTBS		599
-setct_BCIDistributionTBS		600
-setext_genCrypt		601
-setext_miAuth		602
-setext_pinSecure		603
-setext_pinAny		604
-setext_track2		605
-setext_cv		606
-set_policy_root		607
-setCext_hashedRoot		608
-setCext_certType		609
-setCext_merchData		610
-setCext_cCertRequired		611
-setCext_tunneling		612
-setCext_setExt		613
-setCext_setQualf		614
-setCext_PGWYcapabilities		615
-setCext_TokenIdentifier		616
-setCext_Track2Data		617
-setCext_TokenType		618
-setCext_IssuerCapabilities		619
-setAttr_Cert		620
-setAttr_PGWYcap		621
-setAttr_TokenType		622
-setAttr_IssCap		623
-set_rootKeyThumb		624
-set_addPolicy		625
-setAttr_Token_EMV		626
-setAttr_Token_B0Prime		627
-setAttr_IssCap_CVM		628
-setAttr_IssCap_T2		629
-setAttr_IssCap_Sig		630
-setAttr_GenCryptgrm		631
-setAttr_T2Enc		632
-setAttr_T2cleartxt		633
-setAttr_TokICCsig		634
-setAttr_SecDevSig		635
-set_brand_IATA_ATA		636
-set_brand_Diners		637
-set_brand_AmericanExpress		638
-set_brand_JCB		639
-set_brand_Visa		640
-set_brand_MasterCard		641
-set_brand_Novus		642
-des_cdmf		643
-rsaOAEPEncryptionSET		644
-itu_t		645
-joint_iso_itu_t		646
-international_organizations		647
-ms_smartcard_login		648
-ms_upn		649
-aes_128_cfb1		650
-aes_192_cfb1		651
-aes_256_cfb1		652
-aes_128_cfb8		653
-aes_192_cfb8		654
-aes_256_cfb8		655
-des_cfb1		656
-des_cfb8		657
-des_ede3_cfb1		658
-des_ede3_cfb8		659
-streetAddress		660
-postalCode		661
-id_ppl		662
-proxyCertInfo		663
-id_ppl_anyLanguage		664
-id_ppl_inheritAll		665
-name_constraints		666
-Independent		667
-sha256WithRSAEncryption		668
-sha384WithRSAEncryption		669
-sha512WithRSAEncryption		670
-sha224WithRSAEncryption		671
-sha256		672
-sha384		673
-sha512		674
-sha224		675
-identified_organization		676
-certicom_arc		677
-wap		678
-wap_wsg		679
-X9_62_id_characteristic_two_basis		680
-X9_62_onBasis		681
-X9_62_tpBasis		682
-X9_62_ppBasis		683
-X9_62_c2pnb163v1		684
-X9_62_c2pnb163v2		685
-X9_62_c2pnb163v3		686
-X9_62_c2pnb176v1		687
-X9_62_c2tnb191v1		688
-X9_62_c2tnb191v2		689
-X9_62_c2tnb191v3		690
-X9_62_c2onb191v4		691
-X9_62_c2onb191v5		692
-X9_62_c2pnb208w1		693
-X9_62_c2tnb239v1		694
-X9_62_c2tnb239v2		695
-X9_62_c2tnb239v3		696
-X9_62_c2onb239v4		697
-X9_62_c2onb239v5		698
-X9_62_c2pnb272w1		699
-X9_62_c2pnb304w1		700
-X9_62_c2tnb359v1		701
-X9_62_c2pnb368w1		702
-X9_62_c2tnb431r1		703
-secp112r1		704
-secp112r2		705
-secp128r1		706
-secp128r2		707
-secp160k1		708
-secp160r1		709
-secp160r2		710
-secp192k1		711
-secp224k1		712
-secp224r1		713
-secp256k1		714
-secp384r1		715
-secp521r1		716
-sect113r1		717
-sect113r2		718
-sect131r1		719
-sect131r2		720
-sect163k1		721
-sect163r1		722
-sect163r2		723
-sect193r1		724
-sect193r2		725
-sect233k1		726
-sect233r1		727
-sect239k1		728
-sect283k1		729
-sect283r1		730
-sect409k1		731
-sect409r1		732
-sect571k1		733
-sect571r1		734
-wap_wsg_idm_ecid_wtls1		735
-wap_wsg_idm_ecid_wtls3		736
-wap_wsg_idm_ecid_wtls4		737
-wap_wsg_idm_ecid_wtls5		738
-wap_wsg_idm_ecid_wtls6		739
-wap_wsg_idm_ecid_wtls7		740
-wap_wsg_idm_ecid_wtls8		741
-wap_wsg_idm_ecid_wtls9		742
-wap_wsg_idm_ecid_wtls10		743
-wap_wsg_idm_ecid_wtls11		744
-wap_wsg_idm_ecid_wtls12		745
-any_policy		746
-policy_mappings		747
-inhibit_any_policy		748
-ipsec3		749
-ipsec4		750
-camellia_128_cbc		751
-camellia_192_cbc		752
-camellia_256_cbc		753
-camellia_128_ecb		754
-camellia_192_ecb		755
-camellia_256_ecb		756
-camellia_128_cfb128		757
-camellia_192_cfb128		758
-camellia_256_cfb128		759
-camellia_128_cfb1		760
-camellia_192_cfb1		761
-camellia_256_cfb1		762
-camellia_128_cfb8		763
-camellia_192_cfb8		764
-camellia_256_cfb8		765
-camellia_128_ofb128		766
-camellia_192_ofb128		767
-camellia_256_ofb128		768
-subject_directory_attributes		769
-issuing_distribution_point		770
-certificate_issuer		771
-korea		772
-kisa		773
-kftc		774
-npki_alg		775
-seed_ecb		776
-seed_cbc		777
-seed_ofb128		778
-seed_cfb128		779
-hmac_md5		780
-hmac_sha1		781
-id_PasswordBasedMAC		782
-id_DHBasedMac		783
-id_it_suppLangTags		784
-caRepository		785
-id_smime_ct_compressedData		786
-id_ct_asciiTextWithCRLF		787
-id_aes128_wrap		788
-id_aes192_wrap		789
-id_aes256_wrap		790
-ecdsa_with_Recommended		791
-ecdsa_with_Specified		792
-ecdsa_with_SHA224		793
-ecdsa_with_SHA256		794
-ecdsa_with_SHA384		795
-ecdsa_with_SHA512		796
-hmacWithMD5		797
-hmacWithSHA224		798
-hmacWithSHA256		799
-hmacWithSHA384		800
-hmacWithSHA512		801
-dsa_with_SHA224		802
-dsa_with_SHA256		803
-whirlpool		804
-cryptopro		805
-cryptocom		806
-id_GostR3411_94_with_GostR3410_2001		807
-id_GostR3411_94_with_GostR3410_94		808
-id_GostR3411_94		809
-id_HMACGostR3411_94		810
-id_GostR3410_2001		811
-id_GostR3410_94		812
-id_Gost28147_89		813
-gost89_cnt		814
-id_Gost28147_89_MAC		815
-id_GostR3411_94_prf		816
-id_GostR3410_2001DH		817
-id_GostR3410_94DH		818
-id_Gost28147_89_CryptoPro_KeyMeshing		819
-id_Gost28147_89_None_KeyMeshing		820
-id_GostR3411_94_TestParamSet		821
-id_GostR3411_94_CryptoProParamSet		822
-id_Gost28147_89_TestParamSet		823
-id_Gost28147_89_CryptoPro_A_ParamSet		824
-id_Gost28147_89_CryptoPro_B_ParamSet		825
-id_Gost28147_89_CryptoPro_C_ParamSet		826
-id_Gost28147_89_CryptoPro_D_ParamSet		827
-id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
-id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
-id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
-id_GostR3410_94_TestParamSet		831
-id_GostR3410_94_CryptoPro_A_ParamSet		832
-id_GostR3410_94_CryptoPro_B_ParamSet		833
-id_GostR3410_94_CryptoPro_C_ParamSet		834
-id_GostR3410_94_CryptoPro_D_ParamSet		835
-id_GostR3410_94_CryptoPro_XchA_ParamSet		836
-id_GostR3410_94_CryptoPro_XchB_ParamSet		837
-id_GostR3410_94_CryptoPro_XchC_ParamSet		838
-id_GostR3410_2001_TestParamSet		839
-id_GostR3410_2001_CryptoPro_A_ParamSet		840
-id_GostR3410_2001_CryptoPro_B_ParamSet		841
-id_GostR3410_2001_CryptoPro_C_ParamSet		842
-id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
-id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
-id_GostR3410_94_a		845
-id_GostR3410_94_aBis		846
-id_GostR3410_94_b		847
-id_GostR3410_94_bBis		848
-id_Gost28147_89_cc		849
-id_GostR3410_94_cc		850
-id_GostR3410_2001_cc		851
-id_GostR3411_94_with_GostR3410_94_cc		852
-id_GostR3411_94_with_GostR3410_2001_cc		853
-id_GostR3410_2001_ParamSet_cc		854
-hmac		855
-LocalKeySet		856
-freshest_crl		857
-id_on_permanentIdentifier		858
-searchGuide		859
-businessCategory		860
-postalAddress		861
-postOfficeBox		862
-physicalDeliveryOfficeName		863
-telephoneNumber		864
-telexNumber		865
-teletexTerminalIdentifier		866
-facsimileTelephoneNumber		867
-x121Address		868
-internationaliSDNNumber		869
-registeredAddress		870
-destinationIndicator		871
-preferredDeliveryMethod		872
-presentationAddress		873
-supportedApplicationContext		874
-member		875
-owner		876
-roleOccupant		877
-seeAlso		878
-userPassword		879
-userCertificate		880
-cACertificate		881
-authorityRevocationList		882
-certificateRevocationList		883
-crossCertificatePair		884
-enhancedSearchGuide		885
-protocolInformation		886
-distinguishedName		887
-uniqueMember		888
-houseIdentifier		889
-supportedAlgorithms		890
-deltaRevocationList		891
-dmdName		892
-id_alg_PWRI_KEK		893
-cmac		894
-aes_128_gcm		895
-aes_128_ccm		896
-id_aes128_wrap_pad		897
-aes_192_gcm		898
-aes_192_ccm		899
-id_aes192_wrap_pad		900
-aes_256_gcm		901
-aes_256_ccm		902
-id_aes256_wrap_pad		903
-aes_128_ctr		904
-aes_192_ctr		905
-aes_256_ctr		906
-id_camellia128_wrap		907
-id_camellia192_wrap		908
-id_camellia256_wrap		909
-anyExtendedKeyUsage		910
-mgf1		911
-rsassaPss		912
-aes_128_xts		913
-aes_256_xts		914
-rc4_hmac_md5		915
-aes_128_cbc_hmac_sha1		916
-aes_192_cbc_hmac_sha1		917
-aes_256_cbc_hmac_sha1		918
-rsaesOaep		919
-teletrust		920
-brainpool		921
-brainpoolP160r1		922
-brainpoolP160t1		923
-brainpoolP192r1		924
-brainpoolP192t1		925
-brainpoolP224r1		926
-brainpoolP224t1		927
-brainpoolP256r1		928
-brainpoolP256t1		929
-brainpoolP320r1		930
-brainpoolP320t1		931
-brainpoolP384r1		932
-brainpoolP384t1		933
-brainpoolP512r1		934
-brainpoolP512t1		935
-FRP256v1		936
-chacha20		937
-gost89_ecb		938
-gost89_cbc		939
-tc26		940
-id_tc26_gost3411_2012_256		941
-id_tc26_gost3411_2012_512		942
-id_tc26_gost_3410_2012_512_paramSetA		943
-id_tc26_gost_3410_2012_512_paramSetB		944
-id_tc26_gost_28147_param_Z		945
-id_tc26_gost3410_2012_256		946
-id_tc26_gost3410_2012_512		947
-id_tc26_signwithdigest_gost3410_2012_256		948
-id_tc26_signwithdigest_gost3410_2012_512		949
diff --git a/lib/libssl/src/crypto/objects/obj_xref.c b/lib/libssl/src/crypto/objects/obj_xref.c
deleted file mode 100644
index 94dd6293dd5..00000000000
--- a/lib/libssl/src/crypto/objects/obj_xref.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* $OpenBSD: obj_xref.c,v 1.7 2014/06/12 15:49:30 deraadt Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/objects.h>
-#include "obj_xref.h"
-
-DECLARE_STACK_OF(nid_triple)
-STACK_OF(nid_triple) *sig_app, *sigx_app;
-
-static int
-sig_cmp(const nid_triple *a, const nid_triple *b)
-{
-	return a->sign_id - b->sign_id;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
-
-static int
-sig_sk_cmp(const nid_triple * const *a, const nid_triple * const *b)
-{
-	return (*a)->sign_id - (*b)->sign_id;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
-
-static int
-sigx_cmp(const nid_triple * const *a, const nid_triple * const *b)
-{
-	int ret;
-
-	ret = (*a)->hash_id - (*b)->hash_id;
-	if (ret)
-		return ret;
-	return (*a)->pkey_id - (*b)->pkey_id;
-}
-
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
-
-int
-OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
-{
-	nid_triple tmp;
-	const nid_triple *rv = NULL;
-	tmp.sign_id = signid;
-
-	if (sig_app) {
-		int idx = sk_nid_triple_find(sig_app, &tmp);
-		if (idx >= 0)
-			rv = sk_nid_triple_value(sig_app, idx);
-	}
-
-#ifndef OBJ_XREF_TEST2
-	if (rv == NULL) {
-		rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
-		    sizeof(sigoid_srt) / sizeof(nid_triple));
-	}
-#endif
-	if (rv == NULL)
-		return 0;
-	if (pdig_nid)
-		*pdig_nid = rv->hash_id;
-	if (ppkey_nid)
-		*ppkey_nid = rv->pkey_id;
-	return 1;
-}
-
-int
-OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
-{
-	nid_triple tmp;
-	const nid_triple *t = &tmp;
-	const nid_triple **rv = NULL;
-
-	tmp.hash_id = dig_nid;
-	tmp.pkey_id = pkey_nid;
-
-	if (sigx_app) {
-		int idx = sk_nid_triple_find(sigx_app, &tmp);
-		if (idx >= 0) {
-			t = sk_nid_triple_value(sigx_app, idx);
-			rv = &t;
-		}
-	}
-
-#ifndef OBJ_XREF_TEST2
-	if (rv == NULL) {
-		rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
-		    sizeof(sigoid_srt_xref) / sizeof(nid_triple *));
-	}
-#endif
-	if (rv == NULL)
-		return 0;
-	if (psignid)
-		*psignid = (*rv)->sign_id;
-	return 1;
-}
-
-int
-OBJ_add_sigid(int signid, int dig_id, int pkey_id)
-{
-	nid_triple *ntr;
-
-	if (!sig_app)
-		sig_app = sk_nid_triple_new(sig_sk_cmp);
-	if (!sig_app)
-		return 0;
-	if (!sigx_app)
-		sigx_app = sk_nid_triple_new(sigx_cmp);
-	if (!sigx_app)
-		return 0;
-	ntr = reallocarray(NULL, 3, sizeof(int));
-	if (!ntr)
-		return 0;
-	ntr->sign_id = signid;
-	ntr->hash_id = dig_id;
-	ntr->pkey_id = pkey_id;
-
-	if (!sk_nid_triple_push(sig_app, ntr)) {
-		free(ntr);
-		return 0;
-	}
-
-	if (!sk_nid_triple_push(sigx_app, ntr))
-		return 0;
-
-	sk_nid_triple_sort(sig_app);
-	sk_nid_triple_sort(sigx_app);
-
-	return 1;
-}
-
-static void
-sid_free(nid_triple *tt)
-{
-	free(tt);
-}
-
-void
-OBJ_sigid_free(void)
-{
-	if (sig_app) {
-		sk_nid_triple_pop_free(sig_app, sid_free);
-		sig_app = NULL;
-	}
-	if (sigx_app) {
-		sk_nid_triple_free(sigx_app);
-		sigx_app = NULL;
-	}
-}
diff --git a/lib/libssl/src/crypto/objects/obj_xref.h b/lib/libssl/src/crypto/objects/obj_xref.h
deleted file mode 100644
index 44994566945..00000000000
--- a/lib/libssl/src/crypto/objects/obj_xref.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: obj_xref.h,v 1.3 2014/11/09 19:17:13 miod Exp $ */
-/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
-
-typedef struct
-	{
-	int sign_id;
-	int hash_id;
-	int pkey_id;
-	} nid_triple;
-
-static const nid_triple sigoid_srt[] =
-	{
-	{NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
-	{NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
-	{NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
-	{NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
-	{NID_dsaWithSHA, NID_sha, NID_dsa},
-	{NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
-	{NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
-	{NID_md5WithRSA, NID_md5, NID_rsa},
-	{NID_dsaWithSHA1, NID_sha1, NID_dsa},
-	{NID_sha1WithRSA, NID_sha1, NID_rsa},
-	{NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
-	{NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
-	{NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
-	{NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
-	{NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
-	{NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
-	{NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
-	{NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
-	{NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
-	{NID_dsa_with_SHA224, NID_sha224, NID_dsa},
-	{NID_dsa_with_SHA256, NID_sha256, NID_dsa},
-	{NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
-	{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
-	{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
-	{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
-	{NID_rsassaPss, NID_undef, NID_rsaEncryption},
-	{NID_id_tc26_signwithdigest_gost3410_2012_256, NID_id_tc26_gost3411_2012_256, NID_id_GostR3410_2001},
-	{NID_id_tc26_signwithdigest_gost3410_2012_512, NID_id_tc26_gost3411_2012_512, NID_id_GostR3410_2001},
-	};
-
-static const nid_triple * const sigoid_srt_xref[] =
-	{
-	&sigoid_srt[29],
-	&sigoid_srt[17],
-	&sigoid_srt[18],
-	&sigoid_srt[0],
-	&sigoid_srt[1],
-	&sigoid_srt[7],
-	&sigoid_srt[2],
-	&sigoid_srt[4],
-	&sigoid_srt[3],
-	&sigoid_srt[9],
-	&sigoid_srt[5],
-	&sigoid_srt[8],
-	&sigoid_srt[12],
-	&sigoid_srt[6],
-	&sigoid_srt[10],
-	&sigoid_srt[11],
-	&sigoid_srt[13],
-	&sigoid_srt[24],
-	&sigoid_srt[20],
-	&sigoid_srt[14],
-	&sigoid_srt[21],
-	&sigoid_srt[15],
-	&sigoid_srt[22],
-	&sigoid_srt[16],
-	&sigoid_srt[23],
-	&sigoid_srt[19],
-	&sigoid_srt[25],
-	&sigoid_srt[26],
-	&sigoid_srt[27],
-	&sigoid_srt[28],
-	&sigoid_srt[30],
-	&sigoid_srt[31],
-	};
-
diff --git a/lib/libssl/src/crypto/objects/obj_xref.txt b/lib/libssl/src/crypto/objects/obj_xref.txt
deleted file mode 100644
index dde52d8143e..00000000000
--- a/lib/libssl/src/crypto/objects/obj_xref.txt
+++ /dev/null
@@ -1,48 +0,0 @@
-# OID cross reference table.
-# Links signatures OIDs to their corresponding public key algorithms
-# and digests.
-
-md2WithRSAEncryption	md2	rsaEncryption
-md5WithRSAEncryption	md5	rsaEncryption
-shaWithRSAEncryption	sha	rsaEncryption
-sha1WithRSAEncryption	sha1	rsaEncryption
-md4WithRSAEncryption	md4	rsaEncryption
-sha256WithRSAEncryption sha256	rsaEncryption
-sha384WithRSAEncryption	sha384	rsaEncryption
-sha512WithRSAEncryption	sha512	rsaEncryption
-sha224WithRSAEncryption	sha224	rsaEncryption
-mdc2WithRSA		mdc2	rsaEncryption
-ripemd160WithRSA	ripemd160 rsaEncryption
-# For PSS the digest algorithm can vary and depends on the included
-# AlgorithmIdentifier. The digest "undef" indicates the public key
-# method should handle this explicitly.
-rsassaPss		undef	rsaEncryption
-
-# Alternative deprecated OIDs. By using the older "rsa" OID this
-# type will be recognized by not normally used.
-
-md5WithRSA		md5	rsa
-sha1WithRSA		sha1	rsa
-
-dsaWithSHA		sha	dsa
-dsaWithSHA1		sha1	dsa
-
-dsaWithSHA1_2		sha1	dsa_2
-
-ecdsa_with_SHA1		sha1	X9_62_id_ecPublicKey
-ecdsa_with_SHA224	sha224	X9_62_id_ecPublicKey
-ecdsa_with_SHA256	sha256	X9_62_id_ecPublicKey
-ecdsa_with_SHA384	sha384	X9_62_id_ecPublicKey
-ecdsa_with_SHA512	sha512	X9_62_id_ecPublicKey
-ecdsa_with_Recommended	undef	X9_62_id_ecPublicKey
-ecdsa_with_Specified	undef	X9_62_id_ecPublicKey
-
-dsa_with_SHA224		sha224	dsa
-dsa_with_SHA256		sha256	dsa
-
-id_GostR3411_94_with_GostR3410_2001	id_GostR3411_94 id_GostR3410_2001
-id_GostR3411_94_with_GostR3410_94	id_GostR3411_94 id_GostR3410_94
-id_GostR3411_94_with_GostR3410_94_cc	id_GostR3411_94 id_GostR3410_94_cc
-id_GostR3411_94_with_GostR3410_2001_cc	id_GostR3411_94 id_GostR3410_2001_cc
-id_tc26_signwithdigest_gost3410_2012_256	id_tc26_gost3411_2012_256 id_tc26_gost3410_2012_256
-id_tc26_signwithdigest_gost3410_2012_512	id_tc26_gost3411_2012_512 id_tc26_gost3410_2012_512
diff --git a/lib/libssl/src/crypto/objects/objects.README b/lib/libssl/src/crypto/objects/objects.README
deleted file mode 100644
index 4d745508d83..00000000000
--- a/lib/libssl/src/crypto/objects/objects.README
+++ /dev/null
@@ -1,44 +0,0 @@
-objects.txt syntax
-------------------
-
-To cover all the naming hacks that were previously in objects.h needed some
-kind of hacks in objects.txt.
-
-The basic syntax for adding an object is as follows:
-
-	1 2 3 4		: shortName	: Long Name
-
-		If the long name doesn't contain spaces, or no short name
-		exists, the long name is used as basis for the base name
-		in C.  Otherwise, the short name is used.
-
-		The base name (let's call it 'base') will then be used to
-		create the C macros SN_base, LN_base, NID_base and OBJ_base.
-
-		Note that if the base name contains spaces, dashes or periods,
-		those will be converte to underscore.
-
-Then there are some extra commands:
-
-	!Alias foo 1 2 3 4
-
-		This juts makes a name foo for an OID.  The C macro
-		OBJ_foo will be created as a result.
-
-	!Cname foo
-
-		This makes sure that the name foo will be used as base name
-		in C.
-
-	!module foo
-	1 2 3 4		: shortName	: Long Name
-	!global
-
-		The !module command was meant to define a kind of modularity.
-		What it does is to make sure the module name is prepended
-		to the base name.  !global turns this off.  This construction
-		is not recursive.
-
-Lines starting with # are treated as comments, as well as any line starting
-with ! and not matching the commands above.
-
diff --git a/lib/libssl/src/crypto/objects/objects.h b/lib/libssl/src/crypto/objects/objects.h
deleted file mode 100644
index a4ce4ec2202..00000000000
--- a/lib/libssl/src/crypto/objects/objects.h
+++ /dev/null
@@ -1,1136 +0,0 @@
-/* $OpenBSD: objects.h,v 1.11 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_OBJECTS_H
-#define HEADER_OBJECTS_H
-
-#define USE_OBJ_MAC
-
-#ifdef USE_OBJ_MAC
-#include <openssl/obj_mac.h>
-#else
-#define SN_undef			"UNDEF"
-#define LN_undef			"undefined"
-#define NID_undef			0
-#define OBJ_undef			0L
-
-#define SN_Algorithm			"Algorithm"
-#define LN_algorithm			"algorithm"
-#define NID_algorithm			38
-#define OBJ_algorithm			1L,3L,14L,3L,2L
-
-#define LN_rsadsi			"rsadsi"
-#define NID_rsadsi			1
-#define OBJ_rsadsi			1L,2L,840L,113549L
-
-#define LN_pkcs				"pkcs"
-#define NID_pkcs			2
-#define OBJ_pkcs			OBJ_rsadsi,1L
-
-#define SN_md2				"MD2"
-#define LN_md2				"md2"
-#define NID_md2				3
-#define OBJ_md2				OBJ_rsadsi,2L,2L
-
-#define SN_md5				"MD5"
-#define LN_md5				"md5"
-#define NID_md5				4
-#define OBJ_md5				OBJ_rsadsi,2L,5L
-
-#define SN_rc4				"RC4"
-#define LN_rc4				"rc4"
-#define NID_rc4				5
-#define OBJ_rc4				OBJ_rsadsi,3L,4L
-
-#define LN_rsaEncryption		"rsaEncryption"
-#define NID_rsaEncryption		6
-#define OBJ_rsaEncryption		OBJ_pkcs,1L,1L
-
-#define SN_md2WithRSAEncryption		"RSA-MD2"
-#define LN_md2WithRSAEncryption		"md2WithRSAEncryption"
-#define NID_md2WithRSAEncryption	7
-#define OBJ_md2WithRSAEncryption	OBJ_pkcs,1L,2L
-
-#define SN_md5WithRSAEncryption		"RSA-MD5"
-#define LN_md5WithRSAEncryption		"md5WithRSAEncryption"
-#define NID_md5WithRSAEncryption	8
-#define OBJ_md5WithRSAEncryption	OBJ_pkcs,1L,4L
-
-#define SN_pbeWithMD2AndDES_CBC		"PBE-MD2-DES"
-#define LN_pbeWithMD2AndDES_CBC		"pbeWithMD2AndDES-CBC"
-#define NID_pbeWithMD2AndDES_CBC	9
-#define OBJ_pbeWithMD2AndDES_CBC	OBJ_pkcs,5L,1L
-
-#define SN_pbeWithMD5AndDES_CBC		"PBE-MD5-DES"
-#define LN_pbeWithMD5AndDES_CBC		"pbeWithMD5AndDES-CBC"
-#define NID_pbeWithMD5AndDES_CBC	10
-#define OBJ_pbeWithMD5AndDES_CBC	OBJ_pkcs,5L,3L
-
-#define LN_X500				"X500"
-#define NID_X500			11
-#define OBJ_X500			2L,5L
-
-#define LN_X509				"X509"
-#define NID_X509			12
-#define OBJ_X509			OBJ_X500,4L
-
-#define SN_commonName			"CN"
-#define LN_commonName			"commonName"
-#define NID_commonName			13
-#define OBJ_commonName			OBJ_X509,3L
-
-#define SN_countryName			"C"
-#define LN_countryName			"countryName"
-#define NID_countryName			14
-#define OBJ_countryName			OBJ_X509,6L
-
-#define SN_localityName			"L"
-#define LN_localityName			"localityName"
-#define NID_localityName		15
-#define OBJ_localityName		OBJ_X509,7L
-
-/* Postal Address? PA */
-
-/* should be "ST" (rfc1327) but MS uses 'S' */
-#define SN_stateOrProvinceName		"ST"
-#define LN_stateOrProvinceName		"stateOrProvinceName"
-#define NID_stateOrProvinceName		16
-#define OBJ_stateOrProvinceName		OBJ_X509,8L
-
-#define SN_organizationName		"O"
-#define LN_organizationName		"organizationName"
-#define NID_organizationName		17
-#define OBJ_organizationName		OBJ_X509,10L
-
-#define SN_organizationalUnitName	"OU"
-#define LN_organizationalUnitName	"organizationalUnitName"
-#define NID_organizationalUnitName	18
-#define OBJ_organizationalUnitName	OBJ_X509,11L
-
-#define SN_rsa				"RSA"
-#define LN_rsa				"rsa"
-#define NID_rsa				19
-#define OBJ_rsa				OBJ_X500,8L,1L,1L
-
-#define LN_pkcs7			"pkcs7"
-#define NID_pkcs7			20
-#define OBJ_pkcs7			OBJ_pkcs,7L
-
-#define LN_pkcs7_data			"pkcs7-data"
-#define NID_pkcs7_data			21
-#define OBJ_pkcs7_data			OBJ_pkcs7,1L
-
-#define LN_pkcs7_signed			"pkcs7-signedData"
-#define NID_pkcs7_signed		22
-#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
-
-#define LN_pkcs7_enveloped		"pkcs7-envelopedData"
-#define NID_pkcs7_enveloped		23
-#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
-
-#define LN_pkcs7_signedAndEnveloped	"pkcs7-signedAndEnvelopedData"
-#define NID_pkcs7_signedAndEnveloped	24
-#define OBJ_pkcs7_signedAndEnveloped	OBJ_pkcs7,4L
-
-#define LN_pkcs7_digest			"pkcs7-digestData"
-#define NID_pkcs7_digest		25
-#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
-
-#define LN_pkcs7_encrypted		"pkcs7-encryptedData"
-#define NID_pkcs7_encrypted		26
-#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
-
-#define LN_pkcs3			"pkcs3"
-#define NID_pkcs3			27
-#define OBJ_pkcs3			OBJ_pkcs,3L
-
-#define LN_dhKeyAgreement		"dhKeyAgreement"
-#define NID_dhKeyAgreement		28
-#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
-
-#define SN_des_ecb			"DES-ECB"
-#define LN_des_ecb			"des-ecb"
-#define NID_des_ecb			29
-#define OBJ_des_ecb			OBJ_algorithm,6L
-
-#define SN_des_cfb64			"DES-CFB"
-#define LN_des_cfb64			"des-cfb"
-#define NID_des_cfb64			30
-/* IV + num */
-#define OBJ_des_cfb64			OBJ_algorithm,9L
-
-#define SN_des_cbc			"DES-CBC"
-#define LN_des_cbc			"des-cbc"
-#define NID_des_cbc			31
-/* IV */
-#define OBJ_des_cbc			OBJ_algorithm,7L
-
-#define SN_des_ede			"DES-EDE"
-#define LN_des_ede			"des-ede"
-#define NID_des_ede			32
-/* ?? */
-#define OBJ_des_ede			OBJ_algorithm,17L
-
-#define SN_des_ede3			"DES-EDE3"
-#define LN_des_ede3			"des-ede3"
-#define NID_des_ede3			33
-
-#define SN_idea_cbc			"IDEA-CBC"
-#define LN_idea_cbc			"idea-cbc"
-#define NID_idea_cbc			34
-#define OBJ_idea_cbc			1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
-
-#define SN_idea_cfb64			"IDEA-CFB"
-#define LN_idea_cfb64			"idea-cfb"
-#define NID_idea_cfb64			35
-
-#define SN_idea_ecb			"IDEA-ECB"
-#define LN_idea_ecb			"idea-ecb"
-#define NID_idea_ecb			36
-
-#define SN_rc2_cbc			"RC2-CBC"
-#define LN_rc2_cbc			"rc2-cbc"
-#define NID_rc2_cbc			37
-#define OBJ_rc2_cbc			OBJ_rsadsi,3L,2L
-
-#define SN_rc2_ecb			"RC2-ECB"
-#define LN_rc2_ecb			"rc2-ecb"
-#define NID_rc2_ecb			38
-
-#define SN_rc2_cfb64			"RC2-CFB"
-#define LN_rc2_cfb64			"rc2-cfb"
-#define NID_rc2_cfb64			39
-
-#define SN_rc2_ofb64			"RC2-OFB"
-#define LN_rc2_ofb64			"rc2-ofb"
-#define NID_rc2_ofb64			40
-
-#define SN_sha				"SHA"
-#define LN_sha				"sha"
-#define NID_sha				41
-#define OBJ_sha				OBJ_algorithm,18L
-
-#define SN_shaWithRSAEncryption		"RSA-SHA"
-#define LN_shaWithRSAEncryption		"shaWithRSAEncryption"
-#define NID_shaWithRSAEncryption	42
-#define OBJ_shaWithRSAEncryption	OBJ_algorithm,15L
-
-#define SN_des_ede_cbc			"DES-EDE-CBC"
-#define LN_des_ede_cbc			"des-ede-cbc"
-#define NID_des_ede_cbc			43
-
-#define SN_des_ede3_cbc			"DES-EDE3-CBC"
-#define LN_des_ede3_cbc			"des-ede3-cbc"
-#define NID_des_ede3_cbc		44
-#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
-
-#define SN_des_ofb64			"DES-OFB"
-#define LN_des_ofb64			"des-ofb"
-#define NID_des_ofb64			45
-#define OBJ_des_ofb64			OBJ_algorithm,8L
-
-#define SN_idea_ofb64			"IDEA-OFB"
-#define LN_idea_ofb64			"idea-ofb"
-#define NID_idea_ofb64			46
-
-#define LN_pkcs9			"pkcs9"
-#define NID_pkcs9			47
-#define OBJ_pkcs9			OBJ_pkcs,9L
-
-#define SN_pkcs9_emailAddress		"Email"
-#define LN_pkcs9_emailAddress		"emailAddress"
-#define NID_pkcs9_emailAddress		48
-#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
-
-#define LN_pkcs9_unstructuredName	"unstructuredName"
-#define NID_pkcs9_unstructuredName	49
-#define OBJ_pkcs9_unstructuredName	OBJ_pkcs9,2L
-
-#define LN_pkcs9_contentType		"contentType"
-#define NID_pkcs9_contentType		50
-#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
-
-#define LN_pkcs9_messageDigest		"messageDigest"
-#define NID_pkcs9_messageDigest		51
-#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
-
-#define LN_pkcs9_signingTime		"signingTime"
-#define NID_pkcs9_signingTime		52
-#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
-
-#define LN_pkcs9_countersignature	"countersignature"
-#define NID_pkcs9_countersignature	53
-#define OBJ_pkcs9_countersignature	OBJ_pkcs9,6L
-
-#define LN_pkcs9_challengePassword	"challengePassword"
-#define NID_pkcs9_challengePassword	54
-#define OBJ_pkcs9_challengePassword	OBJ_pkcs9,7L
-
-#define LN_pkcs9_unstructuredAddress	"unstructuredAddress"
-#define NID_pkcs9_unstructuredAddress	55
-#define OBJ_pkcs9_unstructuredAddress	OBJ_pkcs9,8L
-
-#define LN_pkcs9_extCertAttributes	"extendedCertificateAttributes"
-#define NID_pkcs9_extCertAttributes	56
-#define OBJ_pkcs9_extCertAttributes	OBJ_pkcs9,9L
-
-#define SN_netscape			"Netscape"
-#define LN_netscape			"Netscape Communications Corp."
-#define NID_netscape			57
-#define OBJ_netscape			2L,16L,840L,1L,113730L
-
-#define SN_netscape_cert_extension	"nsCertExt"
-#define LN_netscape_cert_extension	"Netscape Certificate Extension"
-#define NID_netscape_cert_extension	58
-#define OBJ_netscape_cert_extension	OBJ_netscape,1L
-
-#define SN_netscape_data_type		"nsDataType"
-#define LN_netscape_data_type		"Netscape Data Type"
-#define NID_netscape_data_type		59
-#define OBJ_netscape_data_type		OBJ_netscape,2L
-
-#define SN_des_ede_cfb64		"DES-EDE-CFB"
-#define LN_des_ede_cfb64		"des-ede-cfb"
-#define NID_des_ede_cfb64		60
-
-#define SN_des_ede3_cfb64		"DES-EDE3-CFB"
-#define LN_des_ede3_cfb64		"des-ede3-cfb"
-#define NID_des_ede3_cfb64		61
-
-#define SN_des_ede_ofb64		"DES-EDE-OFB"
-#define LN_des_ede_ofb64		"des-ede-ofb"
-#define NID_des_ede_ofb64		62
-
-#define SN_des_ede3_ofb64		"DES-EDE3-OFB"
-#define LN_des_ede3_ofb64		"des-ede3-ofb"
-#define NID_des_ede3_ofb64		63
-
-/* I'm not sure about the object ID */
-#define SN_sha1				"SHA1"
-#define LN_sha1				"sha1"
-#define NID_sha1			64
-#define OBJ_sha1			OBJ_algorithm,26L
-/* 28 Jun 1996 - eay */
-/* #define OBJ_sha1			1L,3L,14L,2L,26L,05L <- wrong */
-
-#define SN_sha1WithRSAEncryption	"RSA-SHA1"
-#define LN_sha1WithRSAEncryption	"sha1WithRSAEncryption"
-#define NID_sha1WithRSAEncryption	65
-#define OBJ_sha1WithRSAEncryption	OBJ_pkcs,1L,5L
-
-#define SN_dsaWithSHA			"DSA-SHA"
-#define LN_dsaWithSHA			"dsaWithSHA"
-#define NID_dsaWithSHA			66
-#define OBJ_dsaWithSHA			OBJ_algorithm,13L
-
-#define SN_dsa_2			"DSA-old"
-#define LN_dsa_2			"dsaEncryption-old"
-#define NID_dsa_2			67
-#define OBJ_dsa_2			OBJ_algorithm,12L
-
-/* proposed by microsoft to RSA */
-#define SN_pbeWithSHA1AndRC2_CBC	"PBE-SHA1-RC2-64"
-#define LN_pbeWithSHA1AndRC2_CBC	"pbeWithSHA1AndRC2-CBC"
-#define NID_pbeWithSHA1AndRC2_CBC	68
-#define OBJ_pbeWithSHA1AndRC2_CBC	OBJ_pkcs,5L,11L
-
-/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now
- * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something
- * completely different.
- */
-#define LN_id_pbkdf2			"PBKDF2"
-#define NID_id_pbkdf2			69
-#define OBJ_id_pbkdf2			OBJ_pkcs,5L,12L
-
-#define SN_dsaWithSHA1_2		"DSA-SHA1-old"
-#define LN_dsaWithSHA1_2		"dsaWithSHA1-old"
-#define NID_dsaWithSHA1_2		70
-/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
-#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
-
-#define SN_netscape_cert_type		"nsCertType"
-#define LN_netscape_cert_type		"Netscape Cert Type"
-#define NID_netscape_cert_type		71
-#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
-
-#define SN_netscape_base_url		"nsBaseUrl"
-#define LN_netscape_base_url		"Netscape Base Url"
-#define NID_netscape_base_url		72
-#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
-
-#define SN_netscape_revocation_url	"nsRevocationUrl"
-#define LN_netscape_revocation_url	"Netscape Revocation Url"
-#define NID_netscape_revocation_url	73
-#define OBJ_netscape_revocation_url	OBJ_netscape_cert_extension,3L
-
-#define SN_netscape_ca_revocation_url	"nsCaRevocationUrl"
-#define LN_netscape_ca_revocation_url	"Netscape CA Revocation Url"
-#define NID_netscape_ca_revocation_url	74
-#define OBJ_netscape_ca_revocation_url	OBJ_netscape_cert_extension,4L
-
-#define SN_netscape_renewal_url		"nsRenewalUrl"
-#define LN_netscape_renewal_url		"Netscape Renewal Url"
-#define NID_netscape_renewal_url	75
-#define OBJ_netscape_renewal_url	OBJ_netscape_cert_extension,7L
-
-#define SN_netscape_ca_policy_url	"nsCaPolicyUrl"
-#define LN_netscape_ca_policy_url	"Netscape CA Policy Url"
-#define NID_netscape_ca_policy_url	76
-#define OBJ_netscape_ca_policy_url	OBJ_netscape_cert_extension,8L
-
-#define SN_netscape_ssl_server_name	"nsSslServerName"
-#define LN_netscape_ssl_server_name	"Netscape SSL Server Name"
-#define NID_netscape_ssl_server_name	77
-#define OBJ_netscape_ssl_server_name	OBJ_netscape_cert_extension,12L
-
-#define SN_netscape_comment		"nsComment"
-#define LN_netscape_comment		"Netscape Comment"
-#define NID_netscape_comment		78
-#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
-
-#define SN_netscape_cert_sequence	"nsCertSequence"
-#define LN_netscape_cert_sequence	"Netscape Certificate Sequence"
-#define NID_netscape_cert_sequence	79
-#define OBJ_netscape_cert_sequence	OBJ_netscape_data_type,5L
-
-#define SN_desx_cbc			"DESX-CBC"
-#define LN_desx_cbc			"desx-cbc"
-#define NID_desx_cbc			80
-
-#define SN_id_ce			"id-ce"
-#define NID_id_ce			81
-#define OBJ_id_ce			2L,5L,29L
-
-#define SN_subject_key_identifier	"subjectKeyIdentifier"
-#define LN_subject_key_identifier	"X509v3 Subject Key Identifier"
-#define NID_subject_key_identifier	82
-#define OBJ_subject_key_identifier	OBJ_id_ce,14L
-
-#define SN_key_usage			"keyUsage"
-#define LN_key_usage			"X509v3 Key Usage"
-#define NID_key_usage			83
-#define OBJ_key_usage			OBJ_id_ce,15L
-
-#define SN_private_key_usage_period	"privateKeyUsagePeriod"
-#define LN_private_key_usage_period	"X509v3 Private Key Usage Period"
-#define NID_private_key_usage_period	84
-#define OBJ_private_key_usage_period	OBJ_id_ce,16L
-
-#define SN_subject_alt_name		"subjectAltName"
-#define LN_subject_alt_name		"X509v3 Subject Alternative Name"
-#define NID_subject_alt_name		85
-#define OBJ_subject_alt_name		OBJ_id_ce,17L
-
-#define SN_issuer_alt_name		"issuerAltName"
-#define LN_issuer_alt_name		"X509v3 Issuer Alternative Name"
-#define NID_issuer_alt_name		86
-#define OBJ_issuer_alt_name		OBJ_id_ce,18L
-
-#define SN_basic_constraints		"basicConstraints"
-#define LN_basic_constraints		"X509v3 Basic Constraints"
-#define NID_basic_constraints		87
-#define OBJ_basic_constraints		OBJ_id_ce,19L
-
-#define SN_crl_number			"crlNumber"
-#define LN_crl_number			"X509v3 CRL Number"
-#define NID_crl_number			88
-#define OBJ_crl_number			OBJ_id_ce,20L
-
-#define SN_certificate_policies		"certificatePolicies"
-#define LN_certificate_policies		"X509v3 Certificate Policies"
-#define NID_certificate_policies	89
-#define OBJ_certificate_policies	OBJ_id_ce,32L
-
-#define SN_authority_key_identifier	"authorityKeyIdentifier"
-#define LN_authority_key_identifier	"X509v3 Authority Key Identifier"
-#define NID_authority_key_identifier	90
-#define OBJ_authority_key_identifier	OBJ_id_ce,35L
-
-#define SN_bf_cbc			"BF-CBC"
-#define LN_bf_cbc			"bf-cbc"
-#define NID_bf_cbc			91
-#define OBJ_bf_cbc			1L,3L,6L,1L,4L,1L,3029L,1L,2L
-
-#define SN_bf_ecb			"BF-ECB"
-#define LN_bf_ecb			"bf-ecb"
-#define NID_bf_ecb			92
-
-#define SN_bf_cfb64			"BF-CFB"
-#define LN_bf_cfb64			"bf-cfb"
-#define NID_bf_cfb64			93
-
-#define SN_bf_ofb64			"BF-OFB"
-#define LN_bf_ofb64			"bf-ofb"
-#define NID_bf_ofb64			94
-
-#define SN_mdc2				"MDC2"
-#define LN_mdc2				"mdc2"
-#define NID_mdc2			95
-#define OBJ_mdc2			2L,5L,8L,3L,101L
-/* An alternative?			1L,3L,14L,3L,2L,19L */
-
-#define SN_mdc2WithRSA			"RSA-MDC2"
-#define LN_mdc2WithRSA			"mdc2withRSA"
-#define NID_mdc2WithRSA			96
-#define OBJ_mdc2WithRSA			2L,5L,8L,3L,100L
-
-#define SN_rc4_40			"RC4-40"
-#define LN_rc4_40			"rc4-40"
-#define NID_rc4_40			97
-
-#define SN_rc2_40_cbc			"RC2-40-CBC"
-#define LN_rc2_40_cbc			"rc2-40-cbc"
-#define NID_rc2_40_cbc			98
-
-#define SN_givenName			"G"
-#define LN_givenName			"givenName"
-#define NID_givenName			99
-#define OBJ_givenName			OBJ_X509,42L
-
-#define SN_surname			"S"
-#define LN_surname			"surname"
-#define NID_surname			100
-#define OBJ_surname			OBJ_X509,4L
-
-#define SN_initials			"I"
-#define LN_initials			"initials"
-#define NID_initials			101
-#define OBJ_initials			OBJ_X509,43L
-
-#define SN_uniqueIdentifier		"UID"
-#define LN_uniqueIdentifier		"uniqueIdentifier"
-#define NID_uniqueIdentifier		102
-#define OBJ_uniqueIdentifier		OBJ_X509,45L
-
-#define SN_crl_distribution_points	"crlDistributionPoints"
-#define LN_crl_distribution_points	"X509v3 CRL Distribution Points"
-#define NID_crl_distribution_points	103
-#define OBJ_crl_distribution_points	OBJ_id_ce,31L
-
-#define SN_md5WithRSA			"RSA-NP-MD5"
-#define LN_md5WithRSA			"md5WithRSA"
-#define NID_md5WithRSA			104
-#define OBJ_md5WithRSA			OBJ_algorithm,3L
-
-#define SN_serialNumber			"SN"
-#define LN_serialNumber			"serialNumber"
-#define NID_serialNumber		105
-#define OBJ_serialNumber		OBJ_X509,5L
-
-#define SN_title			"T"
-#define LN_title			"title"
-#define NID_title			106
-#define OBJ_title			OBJ_X509,12L
-
-#define SN_description			"D"
-#define LN_description			"description"
-#define NID_description			107
-#define OBJ_description			OBJ_X509,13L
-
-/* CAST5 is CAST-128, I'm just sticking with the documentation */
-#define SN_cast5_cbc			"CAST5-CBC"
-#define LN_cast5_cbc			"cast5-cbc"
-#define NID_cast5_cbc			108
-#define OBJ_cast5_cbc			1L,2L,840L,113533L,7L,66L,10L
-
-#define SN_cast5_ecb			"CAST5-ECB"
-#define LN_cast5_ecb			"cast5-ecb"
-#define NID_cast5_ecb			109
-
-#define SN_cast5_cfb64			"CAST5-CFB"
-#define LN_cast5_cfb64			"cast5-cfb"
-#define NID_cast5_cfb64			110
-
-#define SN_cast5_ofb64			"CAST5-OFB"
-#define LN_cast5_ofb64			"cast5-ofb"
-#define NID_cast5_ofb64			111
-
-#define LN_pbeWithMD5AndCast5_CBC	"pbeWithMD5AndCast5CBC"
-#define NID_pbeWithMD5AndCast5_CBC	112
-#define OBJ_pbeWithMD5AndCast5_CBC	1L,2L,840L,113533L,7L,66L,12L
-
-/* This is one sun will soon be using :-(
- * id-dsa-with-sha1 ID  ::= {
- *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
- */
-#define SN_dsaWithSHA1			"DSA-SHA1"
-#define LN_dsaWithSHA1			"dsaWithSHA1"
-#define NID_dsaWithSHA1			113
-#define OBJ_dsaWithSHA1			1L,2L,840L,10040L,4L,3L
-
-#define NID_md5_sha1			114
-#define SN_md5_sha1			"MD5-SHA1"
-#define LN_md5_sha1			"md5-sha1"
-
-#define SN_sha1WithRSA			"RSA-SHA1-2"
-#define LN_sha1WithRSA			"sha1WithRSA"
-#define NID_sha1WithRSA			115
-#define OBJ_sha1WithRSA			OBJ_algorithm,29L
-
-#define SN_dsa				"DSA"
-#define LN_dsa				"dsaEncryption"
-#define NID_dsa				116
-#define OBJ_dsa				1L,2L,840L,10040L,4L,1L
-
-#define SN_ripemd160			"RIPEMD160"
-#define LN_ripemd160			"ripemd160"
-#define NID_ripemd160			117
-#define OBJ_ripemd160			1L,3L,36L,3L,2L,1L
-
-/* The name should actually be rsaSignatureWithripemd160, but I'm going
- * to continue using the convention I'm using with the other ciphers */
-#define SN_ripemd160WithRSA		"RSA-RIPEMD160"
-#define LN_ripemd160WithRSA		"ripemd160WithRSA"
-#define NID_ripemd160WithRSA		119
-#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
-
-/* Taken from rfc2040
- *  RC5_CBC_Parameters ::= SEQUENCE {
- *	version           INTEGER (v1_0(16)),
- *	rounds            INTEGER (8..127),
- *	blockSizeInBits   INTEGER (64, 128),
- *	iv                OCTET STRING OPTIONAL
- *	}
- */
-#define SN_rc5_cbc			"RC5-CBC"
-#define LN_rc5_cbc			"rc5-cbc"
-#define NID_rc5_cbc			120
-#define OBJ_rc5_cbc			OBJ_rsadsi,3L,8L
-
-#define SN_rc5_ecb			"RC5-ECB"
-#define LN_rc5_ecb			"rc5-ecb"
-#define NID_rc5_ecb			121
-
-#define SN_rc5_cfb64			"RC5-CFB"
-#define LN_rc5_cfb64			"rc5-cfb"
-#define NID_rc5_cfb64			122
-
-#define SN_rc5_ofb64			"RC5-OFB"
-#define LN_rc5_ofb64			"rc5-ofb"
-#define NID_rc5_ofb64			123
-
-#define SN_rle_compression		"RLE"
-#define LN_rle_compression		"run length compression"
-#define NID_rle_compression		124
-#define OBJ_rle_compression		1L,1L,1L,1L,666L,1L
-
-#define SN_zlib_compression		"ZLIB"
-#define LN_zlib_compression		"zlib compression"
-#define NID_zlib_compression		125
-#define OBJ_zlib_compression		1L,1L,1L,1L,666L,2L
-
-#define SN_ext_key_usage		"extendedKeyUsage"
-#define LN_ext_key_usage		"X509v3 Extended Key Usage"
-#define NID_ext_key_usage		126
-#define OBJ_ext_key_usage		OBJ_id_ce,37
-
-#define SN_id_pkix			"PKIX"
-#define NID_id_pkix			127
-#define OBJ_id_pkix			1L,3L,6L,1L,5L,5L,7L
-
-#define SN_id_kp			"id-kp"
-#define NID_id_kp			128
-#define OBJ_id_kp			OBJ_id_pkix,3L
-
-/* PKIX extended key usage OIDs */
-
-#define SN_server_auth			"serverAuth"
-#define LN_server_auth			"TLS Web Server Authentication"
-#define NID_server_auth			129
-#define OBJ_server_auth			OBJ_id_kp,1L
-
-#define SN_client_auth			"clientAuth"
-#define LN_client_auth			"TLS Web Client Authentication"
-#define NID_client_auth			130
-#define OBJ_client_auth			OBJ_id_kp,2L
-
-#define SN_code_sign			"codeSigning"
-#define LN_code_sign			"Code Signing"
-#define NID_code_sign			131
-#define OBJ_code_sign			OBJ_id_kp,3L
-
-#define SN_email_protect		"emailProtection"
-#define LN_email_protect		"E-mail Protection"
-#define NID_email_protect		132
-#define OBJ_email_protect		OBJ_id_kp,4L
-
-#define SN_time_stamp			"timeStamping"
-#define LN_time_stamp			"Time Stamping"
-#define NID_time_stamp			133
-#define OBJ_time_stamp			OBJ_id_kp,8L
-
-/* Additional extended key usage OIDs: Microsoft */
-
-#define SN_ms_code_ind			"msCodeInd"
-#define LN_ms_code_ind			"Microsoft Individual Code Signing"
-#define NID_ms_code_ind			134
-#define OBJ_ms_code_ind			1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
-
-#define SN_ms_code_com			"msCodeCom"
-#define LN_ms_code_com			"Microsoft Commercial Code Signing"
-#define NID_ms_code_com			135
-#define OBJ_ms_code_com			1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
-
-#define SN_ms_ctl_sign			"msCTLSign"
-#define LN_ms_ctl_sign			"Microsoft Trust List Signing"
-#define NID_ms_ctl_sign			136
-#define OBJ_ms_ctl_sign			1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
-
-#define SN_ms_sgc			"msSGC"
-#define LN_ms_sgc			"Microsoft Server Gated Crypto"
-#define NID_ms_sgc			137
-#define OBJ_ms_sgc			1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
-
-#define SN_ms_efs			"msEFS"
-#define LN_ms_efs			"Microsoft Encrypted File System"
-#define NID_ms_efs			138
-#define OBJ_ms_efs			1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
-
-/* Additional usage: Netscape */
-
-#define SN_ns_sgc			"nsSGC"
-#define LN_ns_sgc			"Netscape Server Gated Crypto"
-#define NID_ns_sgc			139
-#define OBJ_ns_sgc			OBJ_netscape,4L,1L
-
-#define SN_delta_crl			"deltaCRL"
-#define LN_delta_crl			"X509v3 Delta CRL Indicator"
-#define NID_delta_crl			140
-#define OBJ_delta_crl			OBJ_id_ce,27L
-
-#define SN_crl_reason			"CRLReason"
-#define LN_crl_reason			"CRL Reason Code"
-#define NID_crl_reason			141
-#define OBJ_crl_reason			OBJ_id_ce,21L
-
-#define SN_invalidity_date		"invalidityDate"
-#define LN_invalidity_date		"Invalidity Date"
-#define NID_invalidity_date		142
-#define OBJ_invalidity_date		OBJ_id_ce,24L
-
-#define SN_sxnet			"SXNetID"
-#define LN_sxnet			"Strong Extranet ID"
-#define NID_sxnet			143
-#define OBJ_sxnet			1L,3L,101L,1L,4L,1L
-
-/* PKCS12 and related OBJECT IDENTIFIERS */
-
-#define OBJ_pkcs12			OBJ_pkcs,12L
-#define OBJ_pkcs12_pbeids		OBJ_pkcs12, 1
-
-#define SN_pbe_WithSHA1And128BitRC4	"PBE-SHA1-RC4-128"
-#define LN_pbe_WithSHA1And128BitRC4	"pbeWithSHA1And128BitRC4"
-#define NID_pbe_WithSHA1And128BitRC4	144
-#define OBJ_pbe_WithSHA1And128BitRC4	OBJ_pkcs12_pbeids, 1L
-
-#define SN_pbe_WithSHA1And40BitRC4	"PBE-SHA1-RC4-40"
-#define LN_pbe_WithSHA1And40BitRC4	"pbeWithSHA1And40BitRC4"
-#define NID_pbe_WithSHA1And40BitRC4	145
-#define OBJ_pbe_WithSHA1And40BitRC4	OBJ_pkcs12_pbeids, 2L
-
-#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC	"PBE-SHA1-3DES"
-#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC	"pbeWithSHA1And3-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC	146
-#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC	OBJ_pkcs12_pbeids, 3L
-
-#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC	"PBE-SHA1-2DES"
-#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC	"pbeWithSHA1And2-KeyTripleDES-CBC"
-#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC	147
-#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC	OBJ_pkcs12_pbeids, 4L
-
-#define SN_pbe_WithSHA1And128BitRC2_CBC		"PBE-SHA1-RC2-128"
-#define LN_pbe_WithSHA1And128BitRC2_CBC		"pbeWithSHA1And128BitRC2-CBC"
-#define NID_pbe_WithSHA1And128BitRC2_CBC	148
-#define OBJ_pbe_WithSHA1And128BitRC2_CBC	OBJ_pkcs12_pbeids, 5L
-
-#define SN_pbe_WithSHA1And40BitRC2_CBC	"PBE-SHA1-RC2-40"
-#define LN_pbe_WithSHA1And40BitRC2_CBC	"pbeWithSHA1And40BitRC2-CBC"
-#define NID_pbe_WithSHA1And40BitRC2_CBC	149
-#define OBJ_pbe_WithSHA1And40BitRC2_CBC	OBJ_pkcs12_pbeids, 6L
-
-#define OBJ_pkcs12_Version1	OBJ_pkcs12, 10L
-
-#define OBJ_pkcs12_BagIds	OBJ_pkcs12_Version1, 1L
-
-#define LN_keyBag		"keyBag"
-#define NID_keyBag		150
-#define OBJ_keyBag		OBJ_pkcs12_BagIds, 1L
-
-#define LN_pkcs8ShroudedKeyBag	"pkcs8ShroudedKeyBag"
-#define NID_pkcs8ShroudedKeyBag	151
-#define OBJ_pkcs8ShroudedKeyBag	OBJ_pkcs12_BagIds, 2L
-
-#define LN_certBag		"certBag"
-#define NID_certBag		152
-#define OBJ_certBag		OBJ_pkcs12_BagIds, 3L
-
-#define LN_crlBag		"crlBag"
-#define NID_crlBag		153
-#define OBJ_crlBag		OBJ_pkcs12_BagIds, 4L
-
-#define LN_secretBag		"secretBag"
-#define NID_secretBag		154
-#define OBJ_secretBag		OBJ_pkcs12_BagIds, 5L
-
-#define LN_safeContentsBag	"safeContentsBag"
-#define NID_safeContentsBag	155
-#define OBJ_safeContentsBag	OBJ_pkcs12_BagIds, 6L
-
-#define LN_friendlyName		"friendlyName"
-#define	NID_friendlyName	156
-#define OBJ_friendlyName	OBJ_pkcs9, 20L
-
-#define LN_localKeyID		"localKeyID"
-#define	NID_localKeyID		157
-#define OBJ_localKeyID		OBJ_pkcs9, 21L
-
-#define OBJ_certTypes		OBJ_pkcs9, 22L
-
-#define LN_x509Certificate	"x509Certificate"
-#define	NID_x509Certificate	158
-#define OBJ_x509Certificate	OBJ_certTypes, 1L
-
-#define LN_sdsiCertificate	"sdsiCertificate"
-#define	NID_sdsiCertificate	159
-#define OBJ_sdsiCertificate	OBJ_certTypes, 2L
-
-#define OBJ_crlTypes		OBJ_pkcs9, 23L
-
-#define LN_x509Crl		"x509Crl"
-#define	NID_x509Crl		160
-#define OBJ_x509Crl		OBJ_crlTypes, 1L
-
-/* PKCS#5 v2 OIDs */
-
-#define LN_pbes2		"PBES2"
-#define NID_pbes2		161
-#define OBJ_pbes2		OBJ_pkcs,5L,13L
-
-#define LN_pbmac1		"PBMAC1"
-#define NID_pbmac1		162
-#define OBJ_pbmac1		OBJ_pkcs,5L,14L
-
-#define LN_hmacWithSHA1		"hmacWithSHA1"
-#define NID_hmacWithSHA1	163
-#define OBJ_hmacWithSHA1	OBJ_rsadsi,2L,7L
-
-/* Policy Qualifier Ids */
-
-#define LN_id_qt_cps		"Policy Qualifier CPS"
-#define SN_id_qt_cps		"id-qt-cps"
-#define NID_id_qt_cps		164
-#define OBJ_id_qt_cps		OBJ_id_pkix,2L,1L
-
-#define LN_id_qt_unotice	"Policy Qualifier User Notice"
-#define SN_id_qt_unotice	"id-qt-unotice"
-#define NID_id_qt_unotice	165
-#define OBJ_id_qt_unotice	OBJ_id_pkix,2L,2L
-
-#define SN_rc2_64_cbc			"RC2-64-CBC"
-#define LN_rc2_64_cbc			"rc2-64-cbc"
-#define NID_rc2_64_cbc			166
-
-#define SN_SMIMECapabilities		"SMIME-CAPS"
-#define LN_SMIMECapabilities		"S/MIME Capabilities"
-#define NID_SMIMECapabilities		167
-#define OBJ_SMIMECapabilities		OBJ_pkcs9,15L
-
-#define SN_pbeWithMD2AndRC2_CBC		"PBE-MD2-RC2-64"
-#define LN_pbeWithMD2AndRC2_CBC		"pbeWithMD2AndRC2-CBC"
-#define NID_pbeWithMD2AndRC2_CBC	168
-#define OBJ_pbeWithMD2AndRC2_CBC	OBJ_pkcs,5L,4L
-
-#define SN_pbeWithMD5AndRC2_CBC		"PBE-MD5-RC2-64"
-#define LN_pbeWithMD5AndRC2_CBC		"pbeWithMD5AndRC2-CBC"
-#define NID_pbeWithMD5AndRC2_CBC	169
-#define OBJ_pbeWithMD5AndRC2_CBC	OBJ_pkcs,5L,6L
-
-#define SN_pbeWithSHA1AndDES_CBC	"PBE-SHA1-DES"
-#define LN_pbeWithSHA1AndDES_CBC	"pbeWithSHA1AndDES-CBC"
-#define NID_pbeWithSHA1AndDES_CBC	170
-#define OBJ_pbeWithSHA1AndDES_CBC	OBJ_pkcs,5L,10L
-
-/* Extension request OIDs */
-
-#define LN_ms_ext_req			"Microsoft Extension Request"
-#define SN_ms_ext_req			"msExtReq"
-#define NID_ms_ext_req			171
-#define OBJ_ms_ext_req			1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
-
-#define LN_ext_req			"Extension Request"
-#define SN_ext_req			"extReq"
-#define NID_ext_req			172
-#define OBJ_ext_req			OBJ_pkcs9,14L
-
-#define SN_name				"name"
-#define LN_name				"name"
-#define NID_name			173
-#define OBJ_name			OBJ_X509,41L
-
-#define SN_dnQualifier			"dnQualifier"
-#define LN_dnQualifier			"dnQualifier"
-#define NID_dnQualifier			174
-#define OBJ_dnQualifier			OBJ_X509,46L
-
-#define SN_id_pe			"id-pe"
-#define NID_id_pe			175
-#define OBJ_id_pe			OBJ_id_pkix,1L
-
-#define SN_id_ad			"id-ad"
-#define NID_id_ad			176
-#define OBJ_id_ad			OBJ_id_pkix,48L
-
-#define SN_info_access			"authorityInfoAccess"
-#define LN_info_access			"Authority Information Access"
-#define NID_info_access			177
-#define OBJ_info_access			OBJ_id_pe,1L
-
-#define SN_ad_OCSP			"OCSP"
-#define LN_ad_OCSP			"OCSP"
-#define NID_ad_OCSP			178
-#define OBJ_ad_OCSP			OBJ_id_ad,1L
-
-#define SN_ad_ca_issuers		"caIssuers"
-#define LN_ad_ca_issuers		"CA Issuers"
-#define NID_ad_ca_issuers		179
-#define OBJ_ad_ca_issuers		OBJ_id_ad,2L
-
-#define SN_OCSP_sign			"OCSPSigning"
-#define LN_OCSP_sign			"OCSP Signing"
-#define NID_OCSP_sign			180
-#define OBJ_OCSP_sign			OBJ_id_kp,9L
-#endif /* USE_OBJ_MAC */
-
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-
-#define	OBJ_NAME_TYPE_UNDEF		0x00
-#define	OBJ_NAME_TYPE_MD_METH		0x01
-#define	OBJ_NAME_TYPE_CIPHER_METH	0x02
-#define	OBJ_NAME_TYPE_PKEY_METH		0x03
-#define	OBJ_NAME_TYPE_COMP_METH		0x04
-#define	OBJ_NAME_TYPE_NUM		0x05
-
-#define	OBJ_NAME_ALIAS			0x8000
-
-#define OBJ_BSEARCH_VALUE_ON_NOMATCH		0x01
-#define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH	0x02
-
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct obj_name_st {
-	int type;
-	int alias;
-	const char *name;
-	const char *data;
-} OBJ_NAME;
-
-#define		OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
-
-
-int OBJ_NAME_init(void);
-int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),
-    int (*cmp_func)(const char *, const char *),
-    void (*free_func)(const char *, int, const char *));
-const char *OBJ_NAME_get(const char *name, int type);
-int OBJ_NAME_add(const char *name, int type, const char *data);
-int OBJ_NAME_remove(const char *name, int type);
-void OBJ_NAME_cleanup(int type); /* -1 for everything */
-void OBJ_NAME_do_all(int type, void (*fn)(const OBJ_NAME *, void *arg),
-    void *arg);
-void OBJ_NAME_do_all_sorted(int type, void (*fn)(const OBJ_NAME *, void *arg),
-    void *arg);
-
-ASN1_OBJECT *	OBJ_dup(const ASN1_OBJECT *o);
-ASN1_OBJECT *	OBJ_nid2obj(int n);
-const char *	OBJ_nid2ln(int n);
-const char *	OBJ_nid2sn(int n);
-int		OBJ_obj2nid(const ASN1_OBJECT *o);
-ASN1_OBJECT *	OBJ_txt2obj(const char *s, int no_name);
-int	OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-int		OBJ_txt2nid(const char *s);
-int		OBJ_ln2nid(const char *s);
-int		OBJ_sn2nid(const char *s);
-int		OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
-const void *	OBJ_bsearch_(const void *key, const void *base, int num,
-		    int size, int (*cmp)(const void *, const void *));
-const void *	OBJ_bsearch_ex_(const void *key, const void *base, int num,
-		    int size, int (*cmp)(const void *, const void *),
-		    int flags);
-
-#define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm)	\
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
-  static int nm##_cmp(type1 const *, type2 const *); \
-  scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-#define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp)	\
-  _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
-#define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)	\
-  type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
-
-/*
- * Unsolved problem: if a type is actually a pointer type, like
- * nid_triple is, then its impossible to get a const where you need
- * it. Consider:
- *
- * typedef int nid_triple[3];
- * const void *a_;
- * const nid_triple const *a = a_;
- *
- * The assignement discards a const because what you really want is:
- *
- * const int const * const *a = a_;
- *
- * But if you do that, you lose the fact that a is an array of 3 ints,
- * which breaks comparison functions.
- *
- * Thus we end up having to cast, sadly, or unpack the
- * declarations. Or, as I finally did in this case, delcare nid_triple
- * to be a struct, which it should have been in the first place.
- *
- * Ben, August 2008.
- *
- * Also, strictly speaking not all types need be const, but handling
- * the non-constness means a lot of complication, and in practice
- * comparison routines do always not touch their arguments.
- */
-
-#define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)	\
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)	\
-      { \
-      type1 const *a = a_; \
-      type2 const *b = b_; \
-      return nm##_cmp(a,b); \
-      } \
-  static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
-      { \
-      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
-					nm##_cmp_BSEARCH_CMP_FN); \
-      } \
-      extern void dummy_prototype(void)
-
-#define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)	\
-  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)	\
-      { \
-      type1 const *a = a_; \
-      type2 const *b = b_; \
-      return nm##_cmp(a,b); \
-      } \
-  type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
-      { \
-      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
-					nm##_cmp_BSEARCH_CMP_FN); \
-      } \
-      extern void dummy_prototype(void)
-
-#define OBJ_bsearch(type1,key,type2,base,num,cmp)			       \
-  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
-			 num,sizeof(type2),				\
-			 ((void)CHECKED_PTR_OF(type1,cmp##_type_1),	\
-			  (void)CHECKED_PTR_OF(type2,cmp##_type_2),	\
-			  cmp##_BSEARCH_CMP_FN)))
-
-#define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags)			\
-  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
-			 num,sizeof(type2),				\
-			 ((void)CHECKED_PTR_OF(type1,cmp##_type_1),	\
-			  (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
-			  cmp##_BSEARCH_CMP_FN)),flags)
-
-int		OBJ_new_nid(int num);
-int		OBJ_add_object(const ASN1_OBJECT *obj);
-int		OBJ_create(const char *oid, const char *sn, const char *ln);
-void		OBJ_cleanup(void );
-int		OBJ_create_objects(BIO *in);
-
-int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
-int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
-int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
-void OBJ_sigid_free(void);
-
-extern int obj_cleanup_defer;
-void check_defer(int nid);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OBJ_strings(void);
-
-/* Error codes for the OBJ functions. */
-
-/* Function codes. */
-#define OBJ_F_OBJ_ADD_OBJECT				 105
-#define OBJ_F_OBJ_CREATE				 100
-#define OBJ_F_OBJ_DUP					 101
-#define OBJ_F_OBJ_NAME_NEW_INDEX			 106
-#define OBJ_F_OBJ_NID2LN				 102
-#define OBJ_F_OBJ_NID2OBJ				 103
-#define OBJ_F_OBJ_NID2SN				 104
-
-/* Reason codes. */
-#define OBJ_R_MALLOC_FAILURE				 100
-#define OBJ_R_UNKNOWN_NID				 101
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/objects/objects.pl b/lib/libssl/src/crypto/objects/objects.pl
deleted file mode 100644
index d2bf659d888..00000000000
--- a/lib/libssl/src/crypto/objects/objects.pl
+++ /dev/null
@@ -1,233 +0,0 @@
-#!/usr/local/bin/perl
-
-open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
-$max_nid=0;
-$o=0;
-while(<NUMIN>)
-	{
-	chop;
-	$o++;
-	s/#.*$//;
-	next if /^\s*$/;
-	$_ = 'X'.$_;
-	($Cname,$mynum) = split;
-	$Cname =~ s/^X//;
-	if (defined($nidn{$mynum}))
-		{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
-	if (defined($nid{$Cname}))
-		{ die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
-	$nid{$Cname} = $mynum;
-	$nidn{$mynum} = $Cname;
-	$order{$mynum} = $o;
-	$max_nid = $mynum if $mynum > $max_nid;
-	}
-close NUMIN;
-
-open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
-$Cname="";
-$o=0;
-while (<IN>)
-	{
-	chop;
-	$o++;
-        if (/^!module\s+(.*)$/)
-		{
-		$module = $1."-";
-		$module =~ s/\./_/g;
-		$module =~ s/-/_/g;
-		}
-        if (/^!global$/)
-		{ $module = ""; }
-	if (/^!Cname\s+(.*)$/)
-		{ $Cname = $1; }
-	if (/^!Alias\s+(.+?)\s+(.*)$/)
-		{
-		$Cname = $module.$1;
-		$myoid = $2;
-		$myoid = &process_oid($myoid);
-		$Cname =~ s/-/_/g;
-		$ordern{$o} = $Cname;
-		$order{$Cname} = $o;
-		$obj{$Cname} = $myoid;
-		$_ = "";
-		$Cname = "";
-		}
-	s/!.*$//;
-	s/#.*$//;
-	next if /^\s*$/;
-	($myoid,$mysn,$myln) = split ':';
-	$mysn =~ s/^\s*//;
-	$mysn =~ s/\s*$//;
-	$myln =~ s/^\s*//;
-	$myln =~ s/\s*$//;
-	$myoid =~ s/^\s*//;
-	$myoid =~ s/\s*$//;
-	if ($myoid ne "")
-		{
-		$myoid = &process_oid($myoid);
-		}
-
-	if ($Cname eq "" && !($myln =~ / /))
-		{
-		$Cname = $myln;
-		$Cname =~ s/\./_/g;
-		$Cname =~ s/-/_/g;
-		if ($Cname ne "" && defined($ln{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	if ($Cname eq "")
-		{
-		$Cname = $mysn;
-		$Cname =~ s/-/_/g;
-		if ($Cname ne "" && defined($sn{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	if ($Cname eq "")
-		{
-		$Cname = $myln;
-		$Cname =~ s/-/_/g;
-		$Cname =~ s/\./_/g;
-		$Cname =~ s/ /_/g;
-		if ($Cname ne "" && defined($ln{$module.$Cname}))
-			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
-		}
-	$Cname =~ s/\./_/g;
-	$Cname =~ s/-/_/g;
-	$Cname = $module.$Cname;
-	$ordern{$o} = $Cname;
-	$order{$Cname} = $o;
-	$sn{$Cname} = $mysn;
-	$ln{$Cname} = $myln;
-	$obj{$Cname} = $myoid;
-	if (!defined($nid{$Cname}))
-		{
-		$max_nid++;
-		$nid{$Cname} = $max_nid;
-		$nidn{$max_nid} = $Cname;
-print STDERR "Added OID $Cname\n";
-		}
-	$Cname="";
-	}
-close IN;
-
-#XXX don't modify input files
-#open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
-#foreach (sort { $a <=> $b } keys %nidn)
-#	{
-#	print NUMOUT $nidn{$_},"\t\t",$_,"\n";
-#	}
-#close NUMOUT;
-
-open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
-print OUT <<'EOF';
-/* crypto/objects/obj_mac.h */
-
-/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
- * following command:
- * perl objects.pl objects.txt obj_mac.num obj_mac.h
- */
-
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#define SN_undef			"UNDEF"
-#define LN_undef			"undefined"
-#define NID_undef			0
-#define OBJ_undef			0L
-
-EOF
-
-foreach (sort { $a <=> $b } keys %ordern)
-	{
-	$Cname=$ordern{$_};
-	print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
-	print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
-	print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
-	print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
-	print OUT "\n";
-	}
-
-close OUT;
-
-sub process_oid
-	{
-	local($oid)=@_;
-	local(@a,$oid_pref);
-
-	@a = split(/\s+/,$myoid);
-	$pref_oid = "";
-	$pref_sep = "";
-	if (!($a[0] =~ /^[0-9]+$/))
-		{
-		$a[0] =~ s/-/_/g;
-		if (!defined($obj{$a[0]}))
-			{ die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
-		$pref_oid = "OBJ_" . $a[0];
-		$pref_sep = ",";
-		shift @a;
-		}
-	$oids = join('L,',@a) . "L";
-	if ($oids ne "L")
-		{
-		$oids = $pref_oid . $pref_sep . $oids;
-		}
-	else
-		{
-		$oids = $pref_oid;
-		}
-	return($oids);
-	}
diff --git a/lib/libssl/src/crypto/objects/objects.txt b/lib/libssl/src/crypto/objects/objects.txt
deleted file mode 100644
index 1ce73cc9841..00000000000
--- a/lib/libssl/src/crypto/objects/objects.txt
+++ /dev/null
@@ -1,1330 +0,0 @@
-# CCITT was renamed to ITU-T quite some time ago
-0			: ITU-T			: itu-t
-!Alias ccitt itu-t
-
-1			: ISO			: iso
-
-2			: JOINT-ISO-ITU-T	: joint-iso-itu-t
-!Alias joint-iso-ccitt joint-iso-itu-t
-
-iso 2			: member-body		: ISO Member Body
-
-iso 3			: identified-organization
-
-# HMAC OIDs
-identified-organization 6 1 5 5 8 1 1	: HMAC-MD5	: hmac-md5
-identified-organization 6 1 5 5 8 1 2	: HMAC-SHA1	: hmac-sha1
-
-identified-organization 132	: certicom-arc
-
-joint-iso-itu-t 23	: international-organizations	: International Organizations
-
-international-organizations 43	: wap
-wap 1			: wap-wsg
-
-joint-iso-itu-t 5 1 5	: selected-attribute-types	: Selected Attribute Types
-
-selected-attribute-types 55	: clearance
-
-member-body 840		: ISO-US		: ISO US Member Body
-ISO-US 10040		: X9-57			: X9.57
-X9-57 4			: X9cm			: X9.57 CM ?
-
-!Cname dsa
-X9cm 1			: DSA			: dsaEncryption
-X9cm 3			: DSA-SHA1		: dsaWithSHA1
-
-
-ISO-US 10045		: ansi-X9-62		: ANSI X9.62
-!module X9-62
-!Alias id-fieldType ansi-X9-62 1
-X9-62_id-fieldType 1		: prime-field
-X9-62_id-fieldType 2		: characteristic-two-field
-X9-62_characteristic-two-field 3 : id-characteristic-two-basis
-X9-62_id-characteristic-two-basis 1 : onBasis
-X9-62_id-characteristic-two-basis 2 : tpBasis
-X9-62_id-characteristic-two-basis 3 : ppBasis
-!Alias id-publicKeyType ansi-X9-62 2
-X9-62_id-publicKeyType 1	: id-ecPublicKey
-!Alias ellipticCurve ansi-X9-62 3
-!Alias c-TwoCurve X9-62_ellipticCurve 0
-X9-62_c-TwoCurve 1		: c2pnb163v1
-X9-62_c-TwoCurve 2		: c2pnb163v2
-X9-62_c-TwoCurve 3		: c2pnb163v3
-X9-62_c-TwoCurve 4		: c2pnb176v1
-X9-62_c-TwoCurve 5		: c2tnb191v1
-X9-62_c-TwoCurve 6		: c2tnb191v2
-X9-62_c-TwoCurve 7		: c2tnb191v3
-X9-62_c-TwoCurve 8		: c2onb191v4
-X9-62_c-TwoCurve 9		: c2onb191v5
-X9-62_c-TwoCurve 10		: c2pnb208w1
-X9-62_c-TwoCurve 11		: c2tnb239v1
-X9-62_c-TwoCurve 12		: c2tnb239v2
-X9-62_c-TwoCurve 13		: c2tnb239v3
-X9-62_c-TwoCurve 14		: c2onb239v4
-X9-62_c-TwoCurve 15		: c2onb239v5
-X9-62_c-TwoCurve 16		: c2pnb272w1
-X9-62_c-TwoCurve 17		: c2pnb304w1
-X9-62_c-TwoCurve 18		: c2tnb359v1
-X9-62_c-TwoCurve 19		: c2pnb368w1
-X9-62_c-TwoCurve 20		: c2tnb431r1
-!Alias primeCurve X9-62_ellipticCurve 1
-X9-62_primeCurve 1	 	: prime192v1
-X9-62_primeCurve 2	 	: prime192v2
-X9-62_primeCurve 3	 	: prime192v3
-X9-62_primeCurve 4	 	: prime239v1
-X9-62_primeCurve 5	 	: prime239v2
-X9-62_primeCurve 6	 	: prime239v3
-X9-62_primeCurve 7	 	: prime256v1
-!Alias id-ecSigType ansi-X9-62 4
-!global
-X9-62_id-ecSigType 1		: ecdsa-with-SHA1
-X9-62_id-ecSigType 2		: ecdsa-with-Recommended
-X9-62_id-ecSigType 3		: ecdsa-with-Specified
-ecdsa-with-Specified 1		: ecdsa-with-SHA224
-ecdsa-with-Specified 2		: ecdsa-with-SHA256
-ecdsa-with-Specified 3		: ecdsa-with-SHA384
-ecdsa-with-Specified 4		: ecdsa-with-SHA512
-
-# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
-# (http://www.secg.org/)
-!Alias secg_ellipticCurve certicom-arc 0
-# SECG prime curves OIDs
-secg-ellipticCurve 6		: secp112r1
-secg-ellipticCurve 7		: secp112r2
-secg-ellipticCurve 28		: secp128r1
-secg-ellipticCurve 29		: secp128r2
-secg-ellipticCurve 9		: secp160k1
-secg-ellipticCurve 8		: secp160r1
-secg-ellipticCurve 30		: secp160r2
-secg-ellipticCurve 31		: secp192k1
-# NOTE: the curve secp192r1 is the same as prime192v1 defined above
-#       and is therefore omitted
-secg-ellipticCurve 32		: secp224k1
-secg-ellipticCurve 33		: secp224r1
-secg-ellipticCurve 10		: secp256k1
-# NOTE: the curve secp256r1 is the same as prime256v1 defined above
-#       and is therefore omitted
-secg-ellipticCurve 34		: secp384r1
-secg-ellipticCurve 35		: secp521r1
-# SECG characteristic two curves OIDs
-secg-ellipticCurve 4		: sect113r1
-secg-ellipticCurve 5		: sect113r2
-secg-ellipticCurve 22		: sect131r1
-secg-ellipticCurve 23		: sect131r2
-secg-ellipticCurve 1		: sect163k1
-secg-ellipticCurve 2		: sect163r1
-secg-ellipticCurve 15		: sect163r2
-secg-ellipticCurve 24		: sect193r1
-secg-ellipticCurve 25		: sect193r2
-secg-ellipticCurve 26		: sect233k1
-secg-ellipticCurve 27		: sect233r1
-secg-ellipticCurve 3		: sect239k1
-secg-ellipticCurve 16		: sect283k1
-secg-ellipticCurve 17		: sect283r1
-secg-ellipticCurve 36		: sect409k1
-secg-ellipticCurve 37		: sect409r1
-secg-ellipticCurve 38		: sect571k1
-secg-ellipticCurve 39		: sect571r1
-
-# WAP/TLS curve OIDs (http://www.wapforum.org/)
-!Alias wap-wsg-idm-ecid wap-wsg 4
-wap-wsg-idm-ecid 1	: wap-wsg-idm-ecid-wtls1
-wap-wsg-idm-ecid 3	: wap-wsg-idm-ecid-wtls3
-wap-wsg-idm-ecid 4	: wap-wsg-idm-ecid-wtls4
-wap-wsg-idm-ecid 5	: wap-wsg-idm-ecid-wtls5
-wap-wsg-idm-ecid 6	: wap-wsg-idm-ecid-wtls6
-wap-wsg-idm-ecid 7	: wap-wsg-idm-ecid-wtls7
-wap-wsg-idm-ecid 8	: wap-wsg-idm-ecid-wtls8
-wap-wsg-idm-ecid 9	: wap-wsg-idm-ecid-wtls9
-wap-wsg-idm-ecid 10	: wap-wsg-idm-ecid-wtls10
-wap-wsg-idm-ecid 11	: wap-wsg-idm-ecid-wtls11
-wap-wsg-idm-ecid 12	: wap-wsg-idm-ecid-wtls12
-
-
-ISO-US 113533 7 66 10	: CAST5-CBC		: cast5-cbc
-			: CAST5-ECB		: cast5-ecb
-!Cname cast5-cfb64
-			: CAST5-CFB		: cast5-cfb
-!Cname cast5-ofb64
-			: CAST5-OFB		: cast5-ofb
-!Cname pbeWithMD5AndCast5-CBC
-ISO-US 113533 7 66 12	:			: pbeWithMD5AndCast5CBC
-
-# Macs for CMP and CRMF
-ISO-US 113533 7 66 13	: id-PasswordBasedMAC	: password based MAC
-ISO-US 113533 7 66 30	: id-DHBasedMac		: Diffie-Hellman based MAC
-
-ISO-US 113549		: rsadsi		: RSA Data Security, Inc.
-
-rsadsi 1		: pkcs			: RSA Data Security, Inc. PKCS
-
-pkcs 1			: pkcs1
-pkcs1 1			:			: rsaEncryption
-pkcs1 2			: RSA-MD2		: md2WithRSAEncryption
-pkcs1 3			: RSA-MD4		: md4WithRSAEncryption
-pkcs1 4			: RSA-MD5		: md5WithRSAEncryption
-pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption
-# According to PKCS #1 version 2.1
-pkcs1 7			: RSAES-OAEP		: rsaesOaep
-pkcs1 8			: MGF1			: mgf1
-pkcs1 10		: RSASSA-PSS		: rsassaPss
-
-pkcs1 11		: RSA-SHA256		: sha256WithRSAEncryption
-pkcs1 12		: RSA-SHA384		: sha384WithRSAEncryption
-pkcs1 13		: RSA-SHA512		: sha512WithRSAEncryption
-pkcs1 14		: RSA-SHA224		: sha224WithRSAEncryption
-
-pkcs 3			: pkcs3
-pkcs3 1			:			: dhKeyAgreement
-
-pkcs 5			: pkcs5
-pkcs5 1			: PBE-MD2-DES		: pbeWithMD2AndDES-CBC
-pkcs5 3			: PBE-MD5-DES		: pbeWithMD5AndDES-CBC
-pkcs5 4			: PBE-MD2-RC2-64	: pbeWithMD2AndRC2-CBC
-pkcs5 6			: PBE-MD5-RC2-64	: pbeWithMD5AndRC2-CBC
-pkcs5 10		: PBE-SHA1-DES		: pbeWithSHA1AndDES-CBC
-pkcs5 11		: PBE-SHA1-RC2-64	: pbeWithSHA1AndRC2-CBC
-!Cname id_pbkdf2
-pkcs5 12		:			: PBKDF2
-!Cname pbes2
-pkcs5 13		:			: PBES2
-!Cname pbmac1
-pkcs5 14		:			: PBMAC1
-
-pkcs 7			: pkcs7
-pkcs7 1			:			: pkcs7-data
-!Cname pkcs7-signed
-pkcs7 2			:			: pkcs7-signedData
-!Cname pkcs7-enveloped
-pkcs7 3			:			: pkcs7-envelopedData
-!Cname pkcs7-signedAndEnveloped
-pkcs7 4			:			: pkcs7-signedAndEnvelopedData
-!Cname pkcs7-digest
-pkcs7 5			:			: pkcs7-digestData
-!Cname pkcs7-encrypted
-pkcs7 6			:			: pkcs7-encryptedData
-
-pkcs 9			: pkcs9
-!module pkcs9
-pkcs9 1			: 			: emailAddress
-pkcs9 2			:			: unstructuredName
-pkcs9 3			:			: contentType
-pkcs9 4			:			: messageDigest
-pkcs9 5			:			: signingTime
-pkcs9 6			:			: countersignature
-pkcs9 7			:			: challengePassword
-pkcs9 8			:			: unstructuredAddress
-!Cname extCertAttributes
-pkcs9 9			:			: extendedCertificateAttributes
-!global
-
-!Cname ext-req
-pkcs9 14		: extReq		: Extension Request
-
-!Cname SMIMECapabilities
-pkcs9 15		: SMIME-CAPS		: S/MIME Capabilities
-
-# S/MIME
-!Cname SMIME
-pkcs9 16		: SMIME			: S/MIME
-SMIME 0			: id-smime-mod
-SMIME 1			: id-smime-ct
-SMIME 2			: id-smime-aa
-SMIME 3			: id-smime-alg
-SMIME 4			: id-smime-cd
-SMIME 5			: id-smime-spq
-SMIME 6			: id-smime-cti
-
-# S/MIME Modules
-id-smime-mod 1		: id-smime-mod-cms
-id-smime-mod 2		: id-smime-mod-ess
-id-smime-mod 3		: id-smime-mod-oid
-id-smime-mod 4		: id-smime-mod-msg-v3
-id-smime-mod 5		: id-smime-mod-ets-eSignature-88
-id-smime-mod 6		: id-smime-mod-ets-eSignature-97
-id-smime-mod 7		: id-smime-mod-ets-eSigPolicy-88
-id-smime-mod 8		: id-smime-mod-ets-eSigPolicy-97
-
-# S/MIME Content Types
-id-smime-ct 1		: id-smime-ct-receipt
-id-smime-ct 2		: id-smime-ct-authData
-id-smime-ct 3		: id-smime-ct-publishCert
-id-smime-ct 4		: id-smime-ct-TSTInfo
-id-smime-ct 5		: id-smime-ct-TDTInfo
-id-smime-ct 6		: id-smime-ct-contentInfo
-id-smime-ct 7		: id-smime-ct-DVCSRequestData
-id-smime-ct 8		: id-smime-ct-DVCSResponseData
-id-smime-ct 9		: id-smime-ct-compressedData
-id-smime-ct 27		: id-ct-asciiTextWithCRLF
-
-# S/MIME Attributes
-id-smime-aa 1		: id-smime-aa-receiptRequest
-id-smime-aa 2		: id-smime-aa-securityLabel
-id-smime-aa 3		: id-smime-aa-mlExpandHistory
-id-smime-aa 4		: id-smime-aa-contentHint
-id-smime-aa 5		: id-smime-aa-msgSigDigest
-# obsolete
-id-smime-aa 6		: id-smime-aa-encapContentType
-id-smime-aa 7		: id-smime-aa-contentIdentifier
-# obsolete
-id-smime-aa 8		: id-smime-aa-macValue
-id-smime-aa 9		: id-smime-aa-equivalentLabels
-id-smime-aa 10		: id-smime-aa-contentReference
-id-smime-aa 11		: id-smime-aa-encrypKeyPref
-id-smime-aa 12		: id-smime-aa-signingCertificate
-id-smime-aa 13		: id-smime-aa-smimeEncryptCerts
-id-smime-aa 14		: id-smime-aa-timeStampToken
-id-smime-aa 15		: id-smime-aa-ets-sigPolicyId
-id-smime-aa 16		: id-smime-aa-ets-commitmentType
-id-smime-aa 17		: id-smime-aa-ets-signerLocation
-id-smime-aa 18		: id-smime-aa-ets-signerAttr
-id-smime-aa 19		: id-smime-aa-ets-otherSigCert
-id-smime-aa 20		: id-smime-aa-ets-contentTimestamp
-id-smime-aa 21		: id-smime-aa-ets-CertificateRefs
-id-smime-aa 22		: id-smime-aa-ets-RevocationRefs
-id-smime-aa 23		: id-smime-aa-ets-certValues
-id-smime-aa 24		: id-smime-aa-ets-revocationValues
-id-smime-aa 25		: id-smime-aa-ets-escTimeStamp
-id-smime-aa 26		: id-smime-aa-ets-certCRLTimestamp
-id-smime-aa 27		: id-smime-aa-ets-archiveTimeStamp
-id-smime-aa 28		: id-smime-aa-signatureType
-id-smime-aa 29		: id-smime-aa-dvcs-dvc
-
-# S/MIME Algorithm Identifiers
-# obsolete
-id-smime-alg 1		: id-smime-alg-ESDHwith3DES
-# obsolete
-id-smime-alg 2		: id-smime-alg-ESDHwithRC2
-# obsolete
-id-smime-alg 3		: id-smime-alg-3DESwrap
-# obsolete
-id-smime-alg 4		: id-smime-alg-RC2wrap
-id-smime-alg 5		: id-smime-alg-ESDH
-id-smime-alg 6		: id-smime-alg-CMS3DESwrap
-id-smime-alg 7		: id-smime-alg-CMSRC2wrap
-id-smime-alg 9		: id-alg-PWRI-KEK
-
-# S/MIME Certificate Distribution
-id-smime-cd 1		: id-smime-cd-ldap
-
-# S/MIME Signature Policy Qualifier
-id-smime-spq 1		: id-smime-spq-ets-sqt-uri
-id-smime-spq 2		: id-smime-spq-ets-sqt-unotice
-
-# S/MIME Commitment Type Identifier
-id-smime-cti 1		: id-smime-cti-ets-proofOfOrigin
-id-smime-cti 2		: id-smime-cti-ets-proofOfReceipt
-id-smime-cti 3		: id-smime-cti-ets-proofOfDelivery
-id-smime-cti 4		: id-smime-cti-ets-proofOfSender
-id-smime-cti 5		: id-smime-cti-ets-proofOfApproval
-id-smime-cti 6		: id-smime-cti-ets-proofOfCreation
-
-pkcs9 20		:			: friendlyName
-pkcs9 21		:			: localKeyID
-!Cname ms-csp-name
-1 3 6 1 4 1 311 17 1	: CSPName		: Microsoft CSP Name
-1 3 6 1 4 1 311 17 2	: LocalKeySet		: Microsoft Local Key set
-!Alias certTypes pkcs9 22
-certTypes 1		:			: x509Certificate
-certTypes 2		:			: sdsiCertificate
-!Alias crlTypes pkcs9 23
-crlTypes 1		:			: x509Crl
-
-!Alias pkcs12 pkcs 12
-!Alias pkcs12-pbeids pkcs12 1
-
-!Cname pbe-WithSHA1And128BitRC4
-pkcs12-pbeids 1		: PBE-SHA1-RC4-128	: pbeWithSHA1And128BitRC4
-!Cname pbe-WithSHA1And40BitRC4
-pkcs12-pbeids 2		: PBE-SHA1-RC4-40	: pbeWithSHA1And40BitRC4
-!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
-pkcs12-pbeids 3		: PBE-SHA1-3DES		: pbeWithSHA1And3-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
-pkcs12-pbeids 4		: PBE-SHA1-2DES		: pbeWithSHA1And2-KeyTripleDES-CBC
-!Cname pbe-WithSHA1And128BitRC2-CBC
-pkcs12-pbeids 5		: PBE-SHA1-RC2-128	: pbeWithSHA1And128BitRC2-CBC
-!Cname pbe-WithSHA1And40BitRC2-CBC
-pkcs12-pbeids 6		: PBE-SHA1-RC2-40	: pbeWithSHA1And40BitRC2-CBC
-
-!Alias pkcs12-Version1 pkcs12 10
-!Alias pkcs12-BagIds pkcs12-Version1 1
-pkcs12-BagIds 1		:			: keyBag
-pkcs12-BagIds 2		:			: pkcs8ShroudedKeyBag
-pkcs12-BagIds 3		:			: certBag
-pkcs12-BagIds 4		:			: crlBag
-pkcs12-BagIds 5		:			: secretBag
-pkcs12-BagIds 6		:			: safeContentsBag
-
-rsadsi 2 2		: MD2			: md2
-rsadsi 2 4		: MD4			: md4
-rsadsi 2 5		: MD5			: md5
-			: MD5-SHA1		: md5-sha1
-rsadsi 2 6		:			: hmacWithMD5
-rsadsi 2 7		:			: hmacWithSHA1
-
-# From RFC4231
-rsadsi 2 8		:			: hmacWithSHA224
-rsadsi 2 9		:			: hmacWithSHA256
-rsadsi 2 10		:			: hmacWithSHA384
-rsadsi 2 11		:			: hmacWithSHA512
-
-rsadsi 3 2		: RC2-CBC		: rc2-cbc
-			: RC2-ECB		: rc2-ecb
-!Cname rc2-cfb64
-			: RC2-CFB		: rc2-cfb
-!Cname rc2-ofb64
-			: RC2-OFB		: rc2-ofb
-			: RC2-40-CBC		: rc2-40-cbc
-			: RC2-64-CBC		: rc2-64-cbc
-rsadsi 3 4		: RC4			: rc4
-			: RC4-40		: rc4-40
-rsadsi 3 7		: DES-EDE3-CBC		: des-ede3-cbc
-rsadsi 3 8		: RC5-CBC		: rc5-cbc
-			: RC5-ECB		: rc5-ecb
-!Cname rc5-cfb64
-			: RC5-CFB		: rc5-cfb
-!Cname rc5-ofb64
-			: RC5-OFB		: rc5-ofb
-
-!Cname ms-ext-req
-1 3 6 1 4 1 311 2 1 14	: msExtReq		: Microsoft Extension Request
-!Cname ms-code-ind
-1 3 6 1 4 1 311 2 1 21	: msCodeInd		: Microsoft Individual Code Signing
-!Cname ms-code-com
-1 3 6 1 4 1 311 2 1 22	: msCodeCom		: Microsoft Commercial Code Signing
-!Cname ms-ctl-sign
-1 3 6 1 4 1 311 10 3 1	: msCTLSign		: Microsoft Trust List Signing
-!Cname ms-sgc
-1 3 6 1 4 1 311 10 3 3	: msSGC			: Microsoft Server Gated Crypto
-!Cname ms-efs
-1 3 6 1 4 1 311 10 3 4	: msEFS			: Microsoft Encrypted File System
-!Cname ms-smartcard-login
-1 3 6 1 4 1 311 20 2 2	: msSmartcardLogin	: Microsoft Smartcardlogin
-!Cname ms-upn
-1 3 6 1 4 1 311 20 2 3	: msUPN			: Microsoft Universal Principal Name
-
-1 3 6 1 4 1 188 7 1 1 2	: IDEA-CBC		: idea-cbc
-			: IDEA-ECB		: idea-ecb
-!Cname idea-cfb64
-			: IDEA-CFB		: idea-cfb
-!Cname idea-ofb64
-			: IDEA-OFB		: idea-ofb
-
-1 3 6 1 4 1 3029 1 2	: BF-CBC		: bf-cbc
-			: BF-ECB		: bf-ecb
-!Cname bf-cfb64
-			: BF-CFB		: bf-cfb
-!Cname bf-ofb64
-			: BF-OFB		: bf-ofb
-
-!Cname id-pkix
-1 3 6 1 5 5 7		: PKIX
-
-# PKIX Arcs
-id-pkix 0		: id-pkix-mod
-id-pkix 1		: id-pe
-id-pkix 2		: id-qt
-id-pkix 3		: id-kp
-id-pkix 4		: id-it
-id-pkix 5		: id-pkip
-id-pkix 6		: id-alg
-id-pkix 7		: id-cmc
-id-pkix 8		: id-on
-id-pkix 9		: id-pda
-id-pkix 10		: id-aca
-id-pkix 11		: id-qcs
-id-pkix 12		: id-cct
-id-pkix 21		: id-ppl
-id-pkix 48		: id-ad
-
-# PKIX Modules
-id-pkix-mod 1		: id-pkix1-explicit-88
-id-pkix-mod 2		: id-pkix1-implicit-88
-id-pkix-mod 3		: id-pkix1-explicit-93
-id-pkix-mod 4		: id-pkix1-implicit-93
-id-pkix-mod 5		: id-mod-crmf
-id-pkix-mod 6		: id-mod-cmc
-id-pkix-mod 7		: id-mod-kea-profile-88
-id-pkix-mod 8		: id-mod-kea-profile-93
-id-pkix-mod 9		: id-mod-cmp
-id-pkix-mod 10		: id-mod-qualified-cert-88
-id-pkix-mod 11		: id-mod-qualified-cert-93
-id-pkix-mod 12		: id-mod-attribute-cert
-id-pkix-mod 13		: id-mod-timestamp-protocol
-id-pkix-mod 14		: id-mod-ocsp
-id-pkix-mod 15		: id-mod-dvcs
-id-pkix-mod 16		: id-mod-cmp2000
-
-# PKIX Private Extensions
-!Cname info-access
-id-pe 1			: authorityInfoAccess	: Authority Information Access
-id-pe 2			: biometricInfo		: Biometric Info
-id-pe 3			: qcStatements
-id-pe 4			: ac-auditEntity
-id-pe 5			: ac-targeting
-id-pe 6			: aaControls
-id-pe 7			: sbgp-ipAddrBlock
-id-pe 8			: sbgp-autonomousSysNum
-id-pe 9			: sbgp-routerIdentifier
-id-pe 10		: ac-proxying
-!Cname sinfo-access
-id-pe 11		: subjectInfoAccess	: Subject Information Access
-id-pe 14		: proxyCertInfo		: Proxy Certificate Information
-
-# PKIX policyQualifiers for Internet policy qualifiers
-id-qt 1			: id-qt-cps		: Policy Qualifier CPS
-id-qt 2			: id-qt-unotice		: Policy Qualifier User Notice
-id-qt 3			: textNotice
-
-# PKIX key purpose identifiers
-!Cname server-auth
-id-kp 1			: serverAuth		: TLS Web Server Authentication
-!Cname client-auth
-id-kp 2			: clientAuth		: TLS Web Client Authentication
-!Cname code-sign
-id-kp 3			: codeSigning		: Code Signing
-!Cname email-protect
-id-kp 4			: emailProtection	: E-mail Protection
-id-kp 5			: ipsecEndSystem	: IPSec End System
-id-kp 6			: ipsecTunnel		: IPSec Tunnel
-id-kp 7			: ipsecUser		: IPSec User
-!Cname time-stamp
-id-kp 8			: timeStamping		: Time Stamping
-# From OCSP spec RFC2560
-!Cname OCSP-sign
-id-kp 9			: OCSPSigning		: OCSP Signing
-id-kp 10		: DVCS			: dvcs
-
-# CMP information types
-id-it 1			: id-it-caProtEncCert
-id-it 2			: id-it-signKeyPairTypes
-id-it 3			: id-it-encKeyPairTypes
-id-it 4			: id-it-preferredSymmAlg
-id-it 5			: id-it-caKeyUpdateInfo
-id-it 6			: id-it-currentCRL
-id-it 7			: id-it-unsupportedOIDs
-# obsolete
-id-it 8			: id-it-subscriptionRequest
-# obsolete
-id-it 9			: id-it-subscriptionResponse
-id-it 10		: id-it-keyPairParamReq
-id-it 11		: id-it-keyPairParamRep
-id-it 12		: id-it-revPassphrase
-id-it 13		: id-it-implicitConfirm
-id-it 14		: id-it-confirmWaitTime
-id-it 15		: id-it-origPKIMessage
-id-it 16		: id-it-suppLangTags
-
-# CRMF registration
-id-pkip 1		: id-regCtrl
-id-pkip 2		: id-regInfo
-
-# CRMF registration controls
-id-regCtrl 1		: id-regCtrl-regToken
-id-regCtrl 2		: id-regCtrl-authenticator
-id-regCtrl 3		: id-regCtrl-pkiPublicationInfo
-id-regCtrl 4		: id-regCtrl-pkiArchiveOptions
-id-regCtrl 5		: id-regCtrl-oldCertID
-id-regCtrl 6		: id-regCtrl-protocolEncrKey
-
-# CRMF registration information
-id-regInfo 1		: id-regInfo-utf8Pairs
-id-regInfo 2		: id-regInfo-certReq
-
-# algorithms
-id-alg 1		: id-alg-des40
-id-alg 2		: id-alg-noSignature
-id-alg 3		: id-alg-dh-sig-hmac-sha1
-id-alg 4		: id-alg-dh-pop
-
-# CMC controls
-id-cmc 1		: id-cmc-statusInfo
-id-cmc 2		: id-cmc-identification
-id-cmc 3		: id-cmc-identityProof
-id-cmc 4		: id-cmc-dataReturn
-id-cmc 5		: id-cmc-transactionId
-id-cmc 6		: id-cmc-senderNonce
-id-cmc 7		: id-cmc-recipientNonce
-id-cmc 8		: id-cmc-addExtensions
-id-cmc 9		: id-cmc-encryptedPOP
-id-cmc 10		: id-cmc-decryptedPOP
-id-cmc 11		: id-cmc-lraPOPWitness
-id-cmc 15		: id-cmc-getCert
-id-cmc 16		: id-cmc-getCRL
-id-cmc 17		: id-cmc-revokeRequest
-id-cmc 18		: id-cmc-regInfo
-id-cmc 19		: id-cmc-responseInfo
-id-cmc 21		: id-cmc-queryPending
-id-cmc 22		: id-cmc-popLinkRandom
-id-cmc 23		: id-cmc-popLinkWitness
-id-cmc 24		: id-cmc-confirmCertAcceptance 
-
-# other names
-id-on 1			: id-on-personalData
-id-on 3			: id-on-permanentIdentifier : Permanent Identifier
-
-# personal data attributes
-id-pda 1		: id-pda-dateOfBirth
-id-pda 2		: id-pda-placeOfBirth
-id-pda 3		: id-pda-gender
-id-pda 4		: id-pda-countryOfCitizenship
-id-pda 5		: id-pda-countryOfResidence
-
-# attribute certificate attributes
-id-aca 1		: id-aca-authenticationInfo
-id-aca 2		: id-aca-accessIdentity
-id-aca 3		: id-aca-chargingIdentity
-id-aca 4		: id-aca-group
-# attention : the following seems to be obsolete, replace by 'role'
-id-aca 5		: id-aca-role
-id-aca 6		: id-aca-encAttrs
-
-# qualified certificate statements
-id-qcs 1		: id-qcs-pkixQCSyntax-v1
-
-# CMC content types
-id-cct 1		: id-cct-crs
-id-cct 2		: id-cct-PKIData
-id-cct 3		: id-cct-PKIResponse
-
-# Predefined Proxy Certificate policy languages
-id-ppl 0		: id-ppl-anyLanguage	: Any language
-id-ppl 1		: id-ppl-inheritAll	: Inherit all
-id-ppl 2		: id-ppl-independent	: Independent
-
-# access descriptors for authority info access extension
-!Cname ad-OCSP
-id-ad 1			: OCSP			: OCSP
-!Cname ad-ca-issuers
-id-ad 2			: caIssuers		: CA Issuers
-!Cname ad-timeStamping
-id-ad 3			: ad_timestamping	: AD Time Stamping
-!Cname ad-dvcs
-id-ad 4			: AD_DVCS		: ad dvcs
-id-ad 5			: caRepository		: CA Repository
-
-
-!Alias id-pkix-OCSP ad-OCSP
-!module id-pkix-OCSP
-!Cname basic
-id-pkix-OCSP 1		: basicOCSPResponse	: Basic OCSP Response
-id-pkix-OCSP 2		: Nonce			: OCSP Nonce
-id-pkix-OCSP 3		: CrlID			: OCSP CRL ID
-id-pkix-OCSP 4		: acceptableResponses	: Acceptable OCSP Responses
-id-pkix-OCSP 5		: noCheck		: OCSP No Check
-id-pkix-OCSP 6		: archiveCutoff		: OCSP Archive Cutoff
-id-pkix-OCSP 7		: serviceLocator	: OCSP Service Locator
-id-pkix-OCSP 8		: extendedStatus	: Extended OCSP Status
-id-pkix-OCSP 9		: valid
-id-pkix-OCSP 10		: path
-id-pkix-OCSP 11		: trustRoot		: Trust Root
-!global
-
-1 3 14 3 2		: algorithm		: algorithm
-algorithm 3		: RSA-NP-MD5		: md5WithRSA
-algorithm 6		: DES-ECB		: des-ecb
-algorithm 7		: DES-CBC		: des-cbc
-!Cname des-ofb64
-algorithm 8		: DES-OFB		: des-ofb
-!Cname des-cfb64
-algorithm 9		: DES-CFB		: des-cfb
-algorithm 11		: rsaSignature
-!Cname dsa-2
-algorithm 12		: DSA-old		: dsaEncryption-old
-algorithm 13		: DSA-SHA		: dsaWithSHA
-algorithm 15		: RSA-SHA		: shaWithRSAEncryption
-!Cname des-ede-ecb
-algorithm 17		: DES-EDE		: des-ede
-!Cname des-ede3-ecb
-			: DES-EDE3		: des-ede3
-			: DES-EDE-CBC		: des-ede-cbc
-!Cname des-ede-cfb64
-			: DES-EDE-CFB		: des-ede-cfb
-!Cname des-ede3-cfb64
-			: DES-EDE3-CFB		: des-ede3-cfb
-!Cname des-ede-ofb64
-			: DES-EDE-OFB		: des-ede-ofb
-!Cname des-ede3-ofb64
-			: DES-EDE3-OFB		: des-ede3-ofb
-			: DESX-CBC		: desx-cbc
-algorithm 18		: SHA			: sha
-algorithm 26		: SHA1			: sha1
-!Cname dsaWithSHA1-2
-algorithm 27		: DSA-SHA1-old		: dsaWithSHA1-old
-algorithm 29		: RSA-SHA1-2		: sha1WithRSA
-
-1 3 36 3 2 1		: RIPEMD160		: ripemd160
-1 3 36 3 3 1 2		: RSA-RIPEMD160		: ripemd160WithRSA
-
-!Cname sxnet
-1 3 101 1 4 1		: SXNetID		: Strong Extranet ID
-
-2 5			: X500			: directory services (X.500)
-
-X500 4			: X509
-X509 3			: CN			: commonName
-X509 4			: SN			: surname
-X509 5			: 			: serialNumber
-X509 6			: C			: countryName
-X509 7			: L			: localityName
-X509 8			: ST			: stateOrProvinceName
-X509 9			: street		: streetAddress
-X509 10			: O			: organizationName
-X509 11			: OU			: organizationalUnitName
-X509 12			: title			: title
-X509 13			: 			: description
-X509 14			: 			: searchGuide
-X509 15			: 			: businessCategory
-X509 16			: 			: postalAddress
-X509 17			: 			: postalCode
-X509 18			: 			: postOfficeBox
-X509 19			: 			: physicalDeliveryOfficeName
-X509 20			: 			: telephoneNumber
-X509 21			: 			: telexNumber
-X509 22			: 			: teletexTerminalIdentifier
-X509 23			: 			: facsimileTelephoneNumber
-X509 24			: 			: x121Address
-X509 25			: 			: internationaliSDNNumber
-X509 26			: 			: registeredAddress
-X509 27			: 			: destinationIndicator
-X509 28			: 			: preferredDeliveryMethod
-X509 29			: 			: presentationAddress
-X509 30			: 			: supportedApplicationContext
-X509 31			: member		:
-X509 32			: owner			:
-X509 33			: 			: roleOccupant
-X509 34			: seeAlso		:
-X509 35			: 			: userPassword
-X509 36			: 			: userCertificate
-X509 37			: 			: cACertificate
-X509 38			: 			: authorityRevocationList
-X509 39			: 			: certificateRevocationList
-X509 40			: 			: crossCertificatePair
-X509 41			: name			: name
-X509 42			: GN			: givenName
-X509 43			: initials		: initials
-X509 44			: 			: generationQualifier
-X509 45			: 			: x500UniqueIdentifier
-X509 46			: dnQualifier		: dnQualifier
-X509 47			: 			: enhancedSearchGuide
-X509 48			: 			: protocolInformation
-X509 49			: 			: distinguishedName
-X509 50			: 			: uniqueMember
-X509 51			: 			: houseIdentifier
-X509 52			: 			: supportedAlgorithms
-X509 53			: 			: deltaRevocationList
-X509 54			: dmdName		:
-X509 65			:			: pseudonym
-X509 72			: role			: role
-
-X500 8			: X500algorithms	: directory services - algorithms
-X500algorithms 1 1	: RSA			: rsa
-X500algorithms 3 100	: RSA-MDC2		: mdc2WithRSA
-X500algorithms 3 101	: MDC2			: mdc2
-
-X500 29			: id-ce
-!Cname subject-directory-attributes
-id-ce 9			: subjectDirectoryAttributes : X509v3 Subject Directory Attributes
-!Cname subject-key-identifier
-id-ce 14		: subjectKeyIdentifier	: X509v3 Subject Key Identifier
-!Cname key-usage
-id-ce 15		: keyUsage		: X509v3 Key Usage
-!Cname private-key-usage-period
-id-ce 16		: privateKeyUsagePeriod	: X509v3 Private Key Usage Period
-!Cname subject-alt-name
-id-ce 17		: subjectAltName	: X509v3 Subject Alternative Name
-!Cname issuer-alt-name
-id-ce 18		: issuerAltName		: X509v3 Issuer Alternative Name
-!Cname basic-constraints
-id-ce 19		: basicConstraints	: X509v3 Basic Constraints
-!Cname crl-number
-id-ce 20		: crlNumber		: X509v3 CRL Number
-!Cname crl-reason
-id-ce 21		: CRLReason		: X509v3 CRL Reason Code
-!Cname invalidity-date
-id-ce 24		: invalidityDate	: Invalidity Date
-!Cname delta-crl
-id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
-!Cname issuing-distribution-point
-id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distrubution Point
-!Cname certificate-issuer
-id-ce 29		: certificateIssuer	: X509v3 Certificate Issuer
-!Cname name-constraints
-id-ce 30		: nameConstraints	: X509v3 Name Constraints
-!Cname crl-distribution-points
-id-ce 31		: crlDistributionPoints	: X509v3 CRL Distribution Points
-!Cname certificate-policies
-id-ce 32		: certificatePolicies	: X509v3 Certificate Policies
-!Cname any-policy
-certificate-policies 0	: anyPolicy		: X509v3 Any Policy
-!Cname policy-mappings
-id-ce 33		: policyMappings	: X509v3 Policy Mappings
-!Cname authority-key-identifier
-id-ce 35		: authorityKeyIdentifier : X509v3 Authority Key Identifier
-!Cname policy-constraints
-id-ce 36		: policyConstraints	: X509v3 Policy Constraints
-!Cname ext-key-usage
-id-ce 37		: extendedKeyUsage	: X509v3 Extended Key Usage
-!Cname freshest-crl
-id-ce 46		: freshestCRL		: X509v3 Freshest CRL
-!Cname inhibit-any-policy
-id-ce 54		: inhibitAnyPolicy	: X509v3 Inhibit Any Policy
-!Cname target-information
-id-ce 55		: targetInformation	: X509v3 AC Targeting
-!Cname no-rev-avail
-id-ce 56		: noRevAvail		: X509v3 No Revocation Available
-
-# From RFC5280
-ext-key-usage 0		: anyExtendedKeyUsage	: Any Extended Key Usage
-
-
-!Cname netscape
-2 16 840 1 113730	: Netscape		: Netscape Communications Corp.
-!Cname netscape-cert-extension
-netscape 1		: nsCertExt		: Netscape Certificate Extension
-!Cname netscape-data-type
-netscape 2		: nsDataType		: Netscape Data Type
-!Cname netscape-cert-type
-netscape-cert-extension 1 : nsCertType		: Netscape Cert Type
-!Cname netscape-base-url
-netscape-cert-extension 2 : nsBaseUrl		: Netscape Base Url
-!Cname netscape-revocation-url
-netscape-cert-extension 3 : nsRevocationUrl	: Netscape Revocation Url
-!Cname netscape-ca-revocation-url
-netscape-cert-extension 4 : nsCaRevocationUrl	: Netscape CA Revocation Url
-!Cname netscape-renewal-url
-netscape-cert-extension 7 : nsRenewalUrl	: Netscape Renewal Url
-!Cname netscape-ca-policy-url
-netscape-cert-extension 8 : nsCaPolicyUrl	: Netscape CA Policy Url
-!Cname netscape-ssl-server-name
-netscape-cert-extension 12 : nsSslServerName	: Netscape SSL Server Name
-!Cname netscape-comment
-netscape-cert-extension 13 : nsComment		: Netscape Comment
-!Cname netscape-cert-sequence
-netscape-data-type 5	: nsCertSequence	: Netscape Certificate Sequence
-!Cname ns-sgc
-netscape 4 1		: nsSGC			: Netscape Server Gated Crypto
-
-# iso(1)
-iso 3			: ORG			: org
-org 6			: DOD			: dod
-dod 1			: IANA			: iana
-!Alias internet iana
-
-internet 1		: directory		: Directory
-internet 2		: mgmt			: Management
-internet 3		: experimental		: Experimental
-internet 4		: private		: Private
-internet 5		: security		: Security
-internet 6		: snmpv2		: SNMPv2
-# Documents refer to "internet 7" as "mail". This however leads to ambiguities
-# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
-# rfc822Mailbox. The short name is therefore here left out for a reason.
-# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
-# references are realized via long name "Mail" (with capital M).
-internet 7		:			: Mail
-
-Private 1		: enterprises		: Enterprises
-
-# RFC 2247
-Enterprises 1466 344	: dcobject		: dcObject
-
-# RFC 1495
-Mail 1			: mime-mhs		: MIME MHS
-mime-mhs 1		: mime-mhs-headings	: mime-mhs-headings
-mime-mhs 2		: mime-mhs-bodies	: mime-mhs-bodies
-mime-mhs-headings 1	: id-hex-partial-message : id-hex-partial-message
-mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
-
-# What the hell are these OIDs, really?
-!Cname rle-compression
-1 1 1 1 666 1		: RLE			: run length compression
-!Cname zlib-compression
-id-smime-alg 8		: ZLIB			: zlib compression
-
-# AES aka Rijndael
-
-!Alias csor 2 16 840 1 101 3
-!Alias nistAlgorithms csor 4
-!Alias aes nistAlgorithms 1
-
-aes 1			: AES-128-ECB		: aes-128-ecb
-aes 2			: AES-128-CBC		: aes-128-cbc
-!Cname aes-128-ofb128
-aes 3			: AES-128-OFB		: aes-128-ofb
-!Cname aes-128-cfb128
-aes 4			: AES-128-CFB		: aes-128-cfb
-aes 5			: id-aes128-wrap
-aes 6			: id-aes128-GCM		: aes-128-gcm
-aes 7			: id-aes128-CCM		: aes-128-ccm
-aes 8			: id-aes128-wrap-pad
-
-aes 21			: AES-192-ECB		: aes-192-ecb
-aes 22			: AES-192-CBC		: aes-192-cbc
-!Cname aes-192-ofb128
-aes 23			: AES-192-OFB		: aes-192-ofb
-!Cname aes-192-cfb128
-aes 24			: AES-192-CFB		: aes-192-cfb
-aes 25			: id-aes192-wrap
-aes 26			: id-aes192-GCM		: aes-192-gcm
-aes 27			: id-aes192-CCM		: aes-192-ccm
-aes 28			: id-aes192-wrap-pad
-
-aes 41			: AES-256-ECB		: aes-256-ecb
-aes 42			: AES-256-CBC		: aes-256-cbc
-!Cname aes-256-ofb128
-aes 43			: AES-256-OFB		: aes-256-ofb
-!Cname aes-256-cfb128
-aes 44			: AES-256-CFB		: aes-256-cfb
-aes 45			: id-aes256-wrap
-aes 46			: id-aes256-GCM		: aes-256-gcm
-aes 47			: id-aes256-CCM		: aes-256-ccm
-aes 48			: id-aes256-wrap-pad
-
-# There are no OIDs for these modes...
-
-			: AES-128-CFB1		: aes-128-cfb1
-			: AES-192-CFB1		: aes-192-cfb1
-			: AES-256-CFB1		: aes-256-cfb1
-			: AES-128-CFB8		: aes-128-cfb8
-			: AES-192-CFB8		: aes-192-cfb8
-			: AES-256-CFB8		: aes-256-cfb8
-			: AES-128-CTR		: aes-128-ctr
-			: AES-192-CTR		: aes-192-ctr
-			: AES-256-CTR		: aes-256-ctr
-			: AES-128-XTS		: aes-128-xts
-			: AES-256-XTS		: aes-256-xts
-			: DES-CFB1		: des-cfb1
-			: DES-CFB8		: des-cfb8
-			: DES-EDE3-CFB1		: des-ede3-cfb1
-			: DES-EDE3-CFB8		: des-ede3-cfb8
-
-# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
-!Alias nist_hashalgs nistAlgorithms 2
-nist_hashalgs 1		: SHA256		: sha256
-nist_hashalgs 2		: SHA384		: sha384
-nist_hashalgs 3		: SHA512		: sha512
-nist_hashalgs 4		: SHA224		: sha224
-
-# OIDs for dsa-with-sha224 and dsa-with-sha256
-!Alias dsa_with_sha2 nistAlgorithms 3
-dsa_with_sha2 1		: dsa_with_SHA224
-dsa_with_sha2 2		: dsa_with_SHA256
-
-# Hold instruction CRL entry extension
-!Cname hold-instruction-code
-id-ce 23		: holdInstructionCode	: Hold Instruction Code
-!Alias holdInstruction	X9-57 2
-!Cname hold-instruction-none
-holdInstruction 1	: holdInstructionNone	: Hold Instruction None
-!Cname hold-instruction-call-issuer
-holdInstruction 2	: holdInstructionCallIssuer : Hold Instruction Call Issuer
-!Cname hold-instruction-reject
-holdInstruction 3	: holdInstructionReject	: Hold Instruction Reject
-
-# OID's from ITU-T.  Most of this is defined in RFC 1274.  A couple of
-# them are also mentioned in RFC 2247
-itu-t 9			: data
-data 2342		: pss
-pss 19200300		: ucl
-ucl 100			: pilot
-pilot 1			:			: pilotAttributeType
-pilot 3			:			: pilotAttributeSyntax
-pilot 4			:			: pilotObjectClass
-pilot 10		:			: pilotGroups
-pilotAttributeSyntax 4	:			: iA5StringSyntax
-pilotAttributeSyntax 5	:			: caseIgnoreIA5StringSyntax
-pilotObjectClass 3	:			: pilotObject
-pilotObjectClass 4	:			: pilotPerson
-pilotObjectClass 5	: account
-pilotObjectClass 6	: document
-pilotObjectClass 7	: room
-pilotObjectClass 9	:			: documentSeries
-pilotObjectClass 13	: domain		: Domain
-pilotObjectClass 14	:			: rFC822localPart
-pilotObjectClass 15	:			: dNSDomain
-pilotObjectClass 17	:			: domainRelatedObject
-pilotObjectClass 18	:			: friendlyCountry
-pilotObjectClass 19	:			: simpleSecurityObject
-pilotObjectClass 20	:			: pilotOrganization
-pilotObjectClass 21	:			: pilotDSA
-pilotObjectClass 22	:			: qualityLabelledData
-pilotAttributeType 1	: UID			: userId
-pilotAttributeType 2	:			: textEncodedORAddress
-pilotAttributeType 3	: mail			: rfc822Mailbox
-pilotAttributeType 4	: info
-pilotAttributeType 5	:			: favouriteDrink
-pilotAttributeType 6	:			: roomNumber
-pilotAttributeType 7	: photo
-pilotAttributeType 8	:			: userClass
-pilotAttributeType 9	: host
-pilotAttributeType 10	: manager
-pilotAttributeType 11	:			: documentIdentifier
-pilotAttributeType 12	:			: documentTitle
-pilotAttributeType 13	:			: documentVersion
-pilotAttributeType 14	:			: documentAuthor
-pilotAttributeType 15	:			: documentLocation
-pilotAttributeType 20	:			: homeTelephoneNumber
-pilotAttributeType 21	: secretary
-pilotAttributeType 22	:			: otherMailbox
-pilotAttributeType 23	:			: lastModifiedTime
-pilotAttributeType 24	:			: lastModifiedBy
-pilotAttributeType 25	: DC			: domainComponent
-pilotAttributeType 26	:			: aRecord
-pilotAttributeType 27	:			: pilotAttributeType27
-pilotAttributeType 28	:			: mXRecord
-pilotAttributeType 29	:			: nSRecord
-pilotAttributeType 30	:			: sOARecord
-pilotAttributeType 31	:			: cNAMERecord
-pilotAttributeType 37	:			: associatedDomain
-pilotAttributeType 38	:			: associatedName
-pilotAttributeType 39	:			: homePostalAddress
-pilotAttributeType 40	:			: personalTitle
-pilotAttributeType 41	:			: mobileTelephoneNumber
-pilotAttributeType 42	:			: pagerTelephoneNumber
-pilotAttributeType 43	:			: friendlyCountryName
-# The following clashes with 2.5.4.45, so commented away
-#pilotAttributeType 44	: uid			: uniqueIdentifier
-pilotAttributeType 45	:			: organizationalStatus
-pilotAttributeType 46	:			: janetMailbox
-pilotAttributeType 47	:			: mailPreferenceOption
-pilotAttributeType 48	:			: buildingName
-pilotAttributeType 49	:			: dSAQuality
-pilotAttributeType 50	:			: singleLevelQuality
-pilotAttributeType 51	:			: subtreeMinimumQuality
-pilotAttributeType 52	:			: subtreeMaximumQuality
-pilotAttributeType 53	:			: personalSignature
-pilotAttributeType 54	:			: dITRedirect
-pilotAttributeType 55	: audio
-pilotAttributeType 56	:			: documentPublisher
-
-international-organizations 42	: id-set	: Secure Electronic Transactions
-
-id-set 0		: set-ctype		: content types
-id-set 1		: set-msgExt		: message extensions
-id-set 3		: set-attr
-id-set 5		: set-policy
-id-set 7		: set-certExt		: certificate extensions
-id-set 8		: set-brand
-
-set-ctype 0		: setct-PANData
-set-ctype 1		: setct-PANToken
-set-ctype 2		: setct-PANOnly
-set-ctype 3		: setct-OIData
-set-ctype 4		: setct-PI
-set-ctype 5		: setct-PIData
-set-ctype 6		: setct-PIDataUnsigned
-set-ctype 7		: setct-HODInput
-set-ctype 8		: setct-AuthResBaggage
-set-ctype 9		: setct-AuthRevReqBaggage
-set-ctype 10		: setct-AuthRevResBaggage
-set-ctype 11		: setct-CapTokenSeq
-set-ctype 12		: setct-PInitResData
-set-ctype 13		: setct-PI-TBS
-set-ctype 14		: setct-PResData
-set-ctype 16		: setct-AuthReqTBS
-set-ctype 17		: setct-AuthResTBS
-set-ctype 18		: setct-AuthResTBSX
-set-ctype 19		: setct-AuthTokenTBS
-set-ctype 20		: setct-CapTokenData
-set-ctype 21		: setct-CapTokenTBS
-set-ctype 22		: setct-AcqCardCodeMsg
-set-ctype 23		: setct-AuthRevReqTBS
-set-ctype 24		: setct-AuthRevResData
-set-ctype 25		: setct-AuthRevResTBS
-set-ctype 26		: setct-CapReqTBS
-set-ctype 27		: setct-CapReqTBSX
-set-ctype 28		: setct-CapResData
-set-ctype 29		: setct-CapRevReqTBS
-set-ctype 30		: setct-CapRevReqTBSX
-set-ctype 31		: setct-CapRevResData
-set-ctype 32		: setct-CredReqTBS
-set-ctype 33		: setct-CredReqTBSX
-set-ctype 34		: setct-CredResData
-set-ctype 35		: setct-CredRevReqTBS
-set-ctype 36		: setct-CredRevReqTBSX
-set-ctype 37		: setct-CredRevResData
-set-ctype 38		: setct-PCertReqData
-set-ctype 39		: setct-PCertResTBS
-set-ctype 40		: setct-BatchAdminReqData
-set-ctype 41		: setct-BatchAdminResData
-set-ctype 42		: setct-CardCInitResTBS
-set-ctype 43		: setct-MeAqCInitResTBS
-set-ctype 44		: setct-RegFormResTBS
-set-ctype 45		: setct-CertReqData
-set-ctype 46		: setct-CertReqTBS
-set-ctype 47		: setct-CertResData
-set-ctype 48		: setct-CertInqReqTBS
-set-ctype 49		: setct-ErrorTBS
-set-ctype 50		: setct-PIDualSignedTBE
-set-ctype 51		: setct-PIUnsignedTBE
-set-ctype 52		: setct-AuthReqTBE
-set-ctype 53		: setct-AuthResTBE
-set-ctype 54		: setct-AuthResTBEX
-set-ctype 55		: setct-AuthTokenTBE
-set-ctype 56		: setct-CapTokenTBE
-set-ctype 57		: setct-CapTokenTBEX
-set-ctype 58		: setct-AcqCardCodeMsgTBE
-set-ctype 59		: setct-AuthRevReqTBE
-set-ctype 60		: setct-AuthRevResTBE
-set-ctype 61		: setct-AuthRevResTBEB
-set-ctype 62		: setct-CapReqTBE
-set-ctype 63		: setct-CapReqTBEX
-set-ctype 64		: setct-CapResTBE
-set-ctype 65		: setct-CapRevReqTBE
-set-ctype 66		: setct-CapRevReqTBEX
-set-ctype 67		: setct-CapRevResTBE
-set-ctype 68		: setct-CredReqTBE
-set-ctype 69		: setct-CredReqTBEX
-set-ctype 70		: setct-CredResTBE
-set-ctype 71		: setct-CredRevReqTBE
-set-ctype 72		: setct-CredRevReqTBEX
-set-ctype 73		: setct-CredRevResTBE
-set-ctype 74		: setct-BatchAdminReqTBE
-set-ctype 75		: setct-BatchAdminResTBE
-set-ctype 76		: setct-RegFormReqTBE
-set-ctype 77		: setct-CertReqTBE
-set-ctype 78		: setct-CertReqTBEX
-set-ctype 79		: setct-CertResTBE
-set-ctype 80		: setct-CRLNotificationTBS
-set-ctype 81		: setct-CRLNotificationResTBS
-set-ctype 82		: setct-BCIDistributionTBS
-
-set-msgExt 1		: setext-genCrypt	: generic cryptogram
-set-msgExt 3		: setext-miAuth		: merchant initiated auth
-set-msgExt 4		: setext-pinSecure
-set-msgExt 5		: setext-pinAny
-set-msgExt 7		: setext-track2
-set-msgExt 8		: setext-cv		: additional verification
-
-set-policy 0		: set-policy-root
-
-set-certExt 0		: setCext-hashedRoot
-set-certExt 1		: setCext-certType
-set-certExt 2		: setCext-merchData
-set-certExt 3		: setCext-cCertRequired
-set-certExt 4		: setCext-tunneling
-set-certExt 5		: setCext-setExt
-set-certExt 6		: setCext-setQualf
-set-certExt 7		: setCext-PGWYcapabilities
-set-certExt 8		: setCext-TokenIdentifier
-set-certExt 9		: setCext-Track2Data
-set-certExt 10		: setCext-TokenType
-set-certExt 11		: setCext-IssuerCapabilities
-
-set-attr 0		: setAttr-Cert
-set-attr 1		: setAttr-PGWYcap	: payment gateway capabilities
-set-attr 2		: setAttr-TokenType
-set-attr 3		: setAttr-IssCap	: issuer capabilities
-
-setAttr-Cert 0		: set-rootKeyThumb
-setAttr-Cert 1		: set-addPolicy
-
-setAttr-TokenType 1	: setAttr-Token-EMV
-setAttr-TokenType 2	: setAttr-Token-B0Prime
-
-setAttr-IssCap 3	: setAttr-IssCap-CVM
-setAttr-IssCap 4	: setAttr-IssCap-T2
-setAttr-IssCap 5	: setAttr-IssCap-Sig
-
-setAttr-IssCap-CVM 1	: setAttr-GenCryptgrm	: generate cryptogram
-setAttr-IssCap-T2 1	: setAttr-T2Enc		: encrypted track 2
-setAttr-IssCap-T2 2	: setAttr-T2cleartxt	: cleartext track 2
-
-setAttr-IssCap-Sig 1	: setAttr-TokICCsig	: ICC or token signature
-setAttr-IssCap-Sig 2	: setAttr-SecDevSig	: secure device signature
-
-set-brand 1		: set-brand-IATA-ATA
-set-brand 30		: set-brand-Diners
-set-brand 34		: set-brand-AmericanExpress
-set-brand 35		: set-brand-JCB
-set-brand 4		: set-brand-Visa
-set-brand 5		: set-brand-MasterCard
-set-brand 6011		: set-brand-Novus
-
-rsadsi 3 10		: DES-CDMF		: des-cdmf
-rsadsi 1 1 6		: rsaOAEPEncryptionSET
-
-			: Oakley-EC2N-3		: ipsec3
-			: Oakley-EC2N-4		: ipsec4
-
-iso 0 10118 3 0 55	: whirlpool
-
-# GOST OIDs
-
-member-body 643 2 2	: cryptopro
-member-body 643 2 9	: cryptocom
-
-cryptopro 3		: id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
-cryptopro 4		: id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
-!Cname id-GostR3411-94
-cryptopro 9		: md_gost94		: GOST R 34.11-94
-cryptopro 10		: id-HMACGostR3411-94	: HMAC GOST 34.11-94
-!Cname id-GostR3410-2001
-cryptopro 19		: gost2001	: GOST R 34.10-2001
-!Cname id-GostR3410-94
-cryptopro 20		: gost94	: GOST R 34.10-94
-!Cname id-Gost28147-89
-cryptopro 21		: gost89 		: GOST 28147-89
-			: gost89-cnt
-!Cname id-Gost28147-89-MAC
-cryptopro 22		: gost-mac	: GOST 28147-89 MAC
-!Cname id-GostR3411-94-prf
-cryptopro 23		: prf-gostr3411-94	: GOST R 34.11-94 PRF
-cryptopro 98		: id-GostR3410-2001DH	: GOST R 34.10-2001 DH
-cryptopro 99		: id-GostR3410-94DH	: GOST R 34.10-94 DH
-
-cryptopro 14 1		: id-Gost28147-89-CryptoPro-KeyMeshing
-cryptopro 14 0		: id-Gost28147-89-None-KeyMeshing
-
-# GOST parameter set OIDs
-
-cryptopro 30 0		: id-GostR3411-94-TestParamSet
-cryptopro 30 1		: id-GostR3411-94-CryptoProParamSet
-
-cryptopro 31 0		: id-Gost28147-89-TestParamSet
-cryptopro 31 1		: id-Gost28147-89-CryptoPro-A-ParamSet
-cryptopro 31 2		: id-Gost28147-89-CryptoPro-B-ParamSet
-cryptopro 31 3		: id-Gost28147-89-CryptoPro-C-ParamSet
-cryptopro 31 4		: id-Gost28147-89-CryptoPro-D-ParamSet
-cryptopro 31 5		: id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
-cryptopro 31 6		: id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
-cryptopro 31 7		: id-Gost28147-89-CryptoPro-RIC-1-ParamSet
-
-cryptopro 32 0		: id-GostR3410-94-TestParamSet
-cryptopro 32 2		: id-GostR3410-94-CryptoPro-A-ParamSet
-cryptopro 32 3		: id-GostR3410-94-CryptoPro-B-ParamSet
-cryptopro 32 4		: id-GostR3410-94-CryptoPro-C-ParamSet
-cryptopro 32 5		: id-GostR3410-94-CryptoPro-D-ParamSet
-
-cryptopro 33 1		: id-GostR3410-94-CryptoPro-XchA-ParamSet
-cryptopro 33 2		: id-GostR3410-94-CryptoPro-XchB-ParamSet
-cryptopro 33 3		: id-GostR3410-94-CryptoPro-XchC-ParamSet
-
-cryptopro 35 0		: id-GostR3410-2001-TestParamSet
-cryptopro 35 1		: id-GostR3410-2001-CryptoPro-A-ParamSet
-cryptopro 35 2		: id-GostR3410-2001-CryptoPro-B-ParamSet
-cryptopro 35 3		: id-GostR3410-2001-CryptoPro-C-ParamSet
-
-cryptopro 36 0		: id-GostR3410-2001-CryptoPro-XchA-ParamSet
-cryptopro 36 1		: id-GostR3410-2001-CryptoPro-XchB-ParamSet
-
-id-GostR3410-94 1	: id-GostR3410-94-a
-id-GostR3410-94 2	: id-GostR3410-94-aBis
-id-GostR3410-94 3	: id-GostR3410-94-b
-id-GostR3410-94 4	: id-GostR3410-94-bBis
-
-# Cryptocom LTD GOST OIDs
-
-cryptocom 1 6 1		: id-Gost28147-89-cc	: GOST 28147-89 Cryptocom ParamSet
-!Cname id-GostR3410-94-cc
-cryptocom 1 5 3		: gost94cc	: GOST 34.10-94 Cryptocom
-!Cname id-GostR3410-2001-cc
-cryptocom 1 5 4		: gost2001cc	: GOST 34.10-2001 Cryptocom
-
-cryptocom 1 3 3		: id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
-cryptocom 1 3 4		: id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
-
-cryptocom 1 8 1		: id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
-
-# Definitions for Camellia cipher - CBC MODE
-
-1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC		: camellia-128-cbc
-1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC		: camellia-192-cbc
-1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC		: camellia-256-cbc
-1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
-1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
-1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
-
-# Definitions for Camellia cipher - ECB, CFB, OFB MODE
-
-!Alias ntt-ds 0 3 4401 5
-!Alias camellia ntt-ds 3 1 9 
-
-camellia 1		: CAMELLIA-128-ECB		: camellia-128-ecb
-!Cname camellia-128-ofb128
-camellia 3		: CAMELLIA-128-OFB		: camellia-128-ofb
-!Cname camellia-128-cfb128
-camellia 4		: CAMELLIA-128-CFB		: camellia-128-cfb
-
-camellia 21		: CAMELLIA-192-ECB		: camellia-192-ecb
-!Cname camellia-192-ofb128
-camellia 23		: CAMELLIA-192-OFB		: camellia-192-ofb
-!Cname camellia-192-cfb128
-camellia 24		: CAMELLIA-192-CFB		: camellia-192-cfb
-
-camellia 41		: CAMELLIA-256-ECB		: camellia-256-ecb
-!Cname camellia-256-ofb128
-camellia 43		: CAMELLIA-256-OFB		: camellia-256-ofb
-!Cname camellia-256-cfb128
-camellia 44		: CAMELLIA-256-CFB		: camellia-256-cfb
-
-# There are no OIDs for these modes...
-
-			: CAMELLIA-128-CFB1		: camellia-128-cfb1
-			: CAMELLIA-192-CFB1		: camellia-192-cfb1
-			: CAMELLIA-256-CFB1		: camellia-256-cfb1
-			: CAMELLIA-128-CFB8		: camellia-128-cfb8
-			: CAMELLIA-192-CFB8		: camellia-192-cfb8
-			: CAMELLIA-256-CFB8		: camellia-256-cfb8
-
-# Definitions for SEED cipher - ECB, CBC, OFB mode
-
-member-body 410 200004  : KISA          : kisa
-kisa 1 3                : SEED-ECB      : seed-ecb
-kisa 1 4                : SEED-CBC      : seed-cbc
-!Cname seed-cfb128
-kisa 1 5                : SEED-CFB      : seed-cfb
-!Cname seed-ofb128
-kisa 1 6                : SEED-OFB      : seed-ofb
-
-# There is no OID that just denotes "HMAC" oddly enough...
-
-			: HMAC				: hmac
-# Nor CMAC either
-			: CMAC				: cmac
-
-# Synthetic composite ciphersuites
-			: RC4-HMAC-MD5			: rc4-hmac-md5
-			: AES-128-CBC-HMAC-SHA1		: aes-128-cbc-hmac-sha1
-			: AES-192-CBC-HMAC-SHA1		: aes-192-cbc-hmac-sha1
-			: AES-256-CBC-HMAC-SHA1		: aes-256-cbc-hmac-sha1
-
-identified-organization 36		: teletrust
-teletrust 3 3 2 8 1 : brainpool
-brainpool 1 1 : brainpoolP160r1
-brainpool 1 2 : brainpoolP160t1
-brainpool 1 3 : brainpoolP192r1
-brainpool 1 4 : brainpoolP192t1
-brainpool 1 5 : brainpoolP224r1
-brainpool 1 6 : brainpoolP224t1
-brainpool 1 7 : brainpoolP256r1
-brainpool 1 8 : brainpoolP256t1
-brainpool 1 9 : brainpoolP320r1
-brainpool 1 10 : brainpoolP320t1
-brainpool 1 11 : brainpoolP384r1
-brainpool 1 12 : brainpoolP384t1
-brainpool 1 13 : brainpoolP512r1
-brainpool 1 14 : brainpoolP512t1
-
-1 2 250 1 223 101 256 1 : FRP256v1
-
-# ChaCha Stream Cipher
-!Cname chacha20
-			: ChaCha		: chacha
-			: gost89-ecb
-			: gost89-cbc
-
-member-body 643 7 1	: tc26
-!Cname id-tc26-gost3411-2012-256
-tc26 1 2 2		: streebog256 : GOST R 34.11-2012 (256 bit)
-!Cname id-tc26-gost3411-2012-512
-tc26 1 2 3		: streebog512 : GOST R 34-11-2012 (512 bit)
-tc26 2 1 2 1		: id-tc26-gost-3410-2012-512-paramSetA
-tc26 2 1 2 2		: id-tc26-gost-3410-2012-512-paramSetB
-tc26 2 5 1 1		: id-tc26-gost-28147-param-Z
-tc26 1 1 1		: id-tc26-gost3410-2012-256 : GOST R 34.10-2012 (256 bit)
-tc26 1 1 2		: id-tc26-gost3410-2012-512 : GOST R 34.10-2012 (512 bit)
-tc26 1 3 2		: id-tc26-signwithdigest-gost3410-2012-256 : GOST R 34.11-2012 with GOST R 34.10-2012 (256 bit)
-tc26 1 3 3		: id-tc26-signwithdigest-gost3410-2012-512 : GOST R 34.11-2012 with GOST R 34.10-2012 (512 bit)
diff --git a/lib/libssl/src/crypto/objects/objxref.pl b/lib/libssl/src/crypto/objects/objxref.pl
deleted file mode 100644
index 731d3ae22c2..00000000000
--- a/lib/libssl/src/crypto/objects/objxref.pl
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/usr/local/bin/perl
-
-use strict;
-
-my %xref_tbl;
-my %oid_tbl;
-
-my ($mac_file, $xref_file) = @ARGV;
-
-open(IN, $mac_file) || die "Can't open $mac_file";
-
-# Read in OID nid values for a lookup table.
-
-while (<IN>)
-	{
-	chomp;
-	my ($name, $num) = /^(\S+)\s+(\S+)$/;
-	$oid_tbl{$name} = $num;
-	}
-close IN;
-
-open(IN, $xref_file) || die "Can't open $xref_file";
-
-my $ln = 1;
-
-while (<IN>)
-	{
-	chomp;
-	s/#.*$//;
-	next if (/^\S*$/);
-	my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
-	check_oid($xr);
-	check_oid($p1);
-	check_oid($p2);
-	$xref_tbl{$xr} = [$p1, $p2, $ln];
-	}
-
-my @xrkeys = keys %xref_tbl;
-
-my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
-
-for(my $i = 0; $i <= $#srt1; $i++)
-	{
-	$xref_tbl{$srt1[$i]}[2] = $i;
-	}
-
-my @srt2 = sort
-	{
-	my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
-	my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
-	return $ap1 - $bp1 if ($ap1 != $bp1);
-	my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
-	my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
-
-	return $ap2 - $bp2;
-	} @xrkeys;
-
-my $pname = $0;
-
-$pname =~ s|^.[^/]/||;
-
-print <<EOF;
-/* AUTOGENERATED BY $pname, DO NOT EDIT */
-
-typedef struct
-	{
-	int sign_id;
-	int hash_id;
-	int pkey_id;
-	} nid_triple;
-
-static const nid_triple sigoid_srt[] =
-	{
-EOF
-
-foreach (@srt1)
-	{
-	my $xr = $_;
-	my ($p1, $p2) = @{$xref_tbl{$_}};
-	print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
-	}
-
-print "\t};";
-print <<EOF;
-
-
-static const nid_triple * const sigoid_srt_xref[] =
-	{
-EOF
-
-foreach (@srt2)
-	{
-	my $x = $xref_tbl{$_}[2];
-	print "\t\&sigoid_srt\[$x\],\n";
-	}
-
-print "\t};\n\n";
-
-sub check_oid
-	{
-	my ($chk) = @_;
-	if (!exists $oid_tbl{$chk})
-		{
-		die "Not Found \"$chk\"\n";
-		}
-	}
-
diff --git a/lib/libssl/src/crypto/ocsp/ocsp.h b/lib/libssl/src/crypto/ocsp/ocsp.h
deleted file mode 100644
index eb653099811..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp.h
+++ /dev/null
@@ -1,615 +0,0 @@
-/* $OpenBSD: ocsp.h,v 1.7 2015/09/26 17:38:41 jsing Exp $ */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OCSP_H
-#define HEADER_OCSP_H
-
-#include <openssl/ossl_typ.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include <openssl/safestack.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Various flags and values */
-
-#define OCSP_DEFAULT_NONCE_LENGTH	16
-
-#define OCSP_NOCERTS			0x1
-#define OCSP_NOINTERN			0x2
-#define OCSP_NOSIGS			0x4
-#define OCSP_NOCHAIN			0x8
-#define OCSP_NOVERIFY			0x10
-#define OCSP_NOEXPLICIT			0x20
-#define OCSP_NOCASIGN			0x40
-#define OCSP_NODELEGATED		0x80
-#define OCSP_NOCHECKS			0x100
-#define OCSP_TRUSTOTHER			0x200
-#define OCSP_RESPID_KEY			0x400
-#define OCSP_NOTIME			0x800
-
-/*   CertID ::= SEQUENCE {
- *       hashAlgorithm            AlgorithmIdentifier,
- *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
- *       issuerKeyHash      OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
- *       serialNumber       CertificateSerialNumber }
- */
-typedef struct ocsp_cert_id_st {
-	X509_ALGOR *hashAlgorithm;
-	ASN1_OCTET_STRING *issuerNameHash;
-	ASN1_OCTET_STRING *issuerKeyHash;
-	ASN1_INTEGER *serialNumber;
-} OCSP_CERTID;
-
-DECLARE_STACK_OF(OCSP_CERTID)
-
-/*   Request ::=     SEQUENCE {
- *       reqCert                    CertID,
- *       singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_one_request_st {
-	OCSP_CERTID *reqCert;
-	STACK_OF(X509_EXTENSION) *singleRequestExtensions;
-} OCSP_ONEREQ;
-
-DECLARE_STACK_OF(OCSP_ONEREQ)
-DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
-
-
-/*   TBSRequest      ::=     SEQUENCE {
- *       version             [0] EXPLICIT Version DEFAULT v1,
- *       requestorName       [1] EXPLICIT GeneralName OPTIONAL,
- *       requestList             SEQUENCE OF Request,
- *       requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_req_info_st {
-	ASN1_INTEGER *version;
-	GENERAL_NAME *requestorName;
-	STACK_OF(OCSP_ONEREQ) *requestList;
-	STACK_OF(X509_EXTENSION) *requestExtensions;
-} OCSP_REQINFO;
-
-/*   Signature       ::=     SEQUENCE {
- *       signatureAlgorithm   AlgorithmIdentifier,
- *       signature            BIT STRING,
- *       certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-typedef struct ocsp_signature_st {
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_BIT_STRING *signature;
-	STACK_OF(X509) *certs;
-} OCSP_SIGNATURE;
-
-/*   OCSPRequest     ::=     SEQUENCE {
- *       tbsRequest                  TBSRequest,
- *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
- */
-typedef struct ocsp_request_st {
-	OCSP_REQINFO *tbsRequest;
-	OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
-} OCSP_REQUEST;
-
-/*   OCSPResponseStatus ::= ENUMERATED {
- *       successful            (0),      --Response has valid confirmations
- *       malformedRequest      (1),      --Illegal confirmation request
- *       internalError         (2),      --Internal error in issuer
- *       tryLater              (3),      --Try again later
- *                                       --(4) is not used
- *       sigRequired           (5),      --Must sign the request
- *       unauthorized          (6)       --Request unauthorized
- *   }
- */
-#define OCSP_RESPONSE_STATUS_SUCCESSFUL		0
-#define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST	1
-#define OCSP_RESPONSE_STATUS_INTERNALERROR	2
-#define OCSP_RESPONSE_STATUS_TRYLATER		3
-#define OCSP_RESPONSE_STATUS_SIGREQUIRED	5
-#define OCSP_RESPONSE_STATUS_UNAUTHORIZED	6
-
-/*   ResponseBytes ::=       SEQUENCE {
- *       responseType   OBJECT IDENTIFIER,
- *       response       OCTET STRING }
- */
-typedef struct ocsp_resp_bytes_st {
-	ASN1_OBJECT *responseType;
-	ASN1_OCTET_STRING *response;
-} OCSP_RESPBYTES;
-
-/*   OCSPResponse ::= SEQUENCE {
- *      responseStatus         OCSPResponseStatus,
- *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
- */
-struct ocsp_response_st {
-	ASN1_ENUMERATED *responseStatus;
-	OCSP_RESPBYTES  *responseBytes;
-};
-
-/*   ResponderID ::= CHOICE {
- *      byName   [1] Name,
- *      byKey    [2] KeyHash }
- */
-#define V_OCSP_RESPID_NAME 0
-#define V_OCSP_RESPID_KEY  1
-struct ocsp_responder_id_st {
-	int type;
-	union {
-		X509_NAME* byName;
-		ASN1_OCTET_STRING *byKey;
-	} value;
-};
-
-DECLARE_STACK_OF(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-
-/*   KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
- *                            --(excluding the tag and length fields)
- */
-
-/*   RevokedInfo ::= SEQUENCE {
- *       revocationTime              GeneralizedTime,
- *       revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
- */
-typedef struct ocsp_revoked_info_st {
-	ASN1_GENERALIZEDTIME *revocationTime;
-	ASN1_ENUMERATED *revocationReason;
-} OCSP_REVOKEDINFO;
-
-/*   CertStatus ::= CHOICE {
- *       good                [0]     IMPLICIT NULL,
- *       revoked             [1]     IMPLICIT RevokedInfo,
- *       unknown             [2]     IMPLICIT UnknownInfo }
- */
-#define V_OCSP_CERTSTATUS_GOOD    0
-#define V_OCSP_CERTSTATUS_REVOKED 1
-#define V_OCSP_CERTSTATUS_UNKNOWN 2
-typedef struct ocsp_cert_status_st {
-	int type;
-	union {
-		ASN1_NULL *good;
-		OCSP_REVOKEDINFO *revoked;
-		ASN1_NULL *unknown;
-	} value;
-} OCSP_CERTSTATUS;
-
-/*   SingleResponse ::= SEQUENCE {
- *      certID                       CertID,
- *      certStatus                   CertStatus,
- *      thisUpdate                   GeneralizedTime,
- *      nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
- *      singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_single_response_st {
-	OCSP_CERTID *certId;
-	OCSP_CERTSTATUS *certStatus;
-	ASN1_GENERALIZEDTIME *thisUpdate;
-	ASN1_GENERALIZEDTIME *nextUpdate;
-	STACK_OF(X509_EXTENSION) *singleExtensions;
-} OCSP_SINGLERESP;
-
-DECLARE_STACK_OF(OCSP_SINGLERESP)
-DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
-
-/*   ResponseData ::= SEQUENCE {
- *      version              [0] EXPLICIT Version DEFAULT v1,
- *      responderID              ResponderID,
- *      producedAt               GeneralizedTime,
- *      responses                SEQUENCE OF SingleResponse,
- *      responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
- */
-typedef struct ocsp_response_data_st {
-	ASN1_INTEGER *version;
-	OCSP_RESPID  *responderId;
-	ASN1_GENERALIZEDTIME *producedAt;
-	STACK_OF(OCSP_SINGLERESP) *responses;
-	STACK_OF(X509_EXTENSION) *responseExtensions;
-} OCSP_RESPDATA;
-
-/*   BasicOCSPResponse       ::= SEQUENCE {
- *      tbsResponseData      ResponseData,
- *      signatureAlgorithm   AlgorithmIdentifier,
- *      signature            BIT STRING,
- *      certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
- */
-  /* Note 1:
-     The value for "signature" is specified in the OCSP rfc2560 as follows:
-     "The value for the signature SHALL be computed on the hash of the DER
-     encoding ResponseData."  This means that you must hash the DER-encoded
-     tbsResponseData, and then run it through a crypto-signing function, which
-     will (at least w/RSA) do a hash-'n'-private-encrypt operation.  This seems
-     a bit odd, but that's the spec.  Also note that the data structures do not
-     leave anywhere to independently specify the algorithm used for the initial
-     hash. So, we look at the signature-specification algorithm, and try to do
-     something intelligent.	-- Kathy Weinhold, CertCo */
-  /* Note 2:
-     It seems that the mentioned passage from RFC 2560 (section 4.2.1) is open
-     for interpretation.  I've done tests against another responder, and found
-     that it doesn't do the double hashing that the RFC seems to say one
-     should.  Therefore, all relevant functions take a flag saying which
-     variant should be used.	-- Richard Levitte, OpenSSL team and CeloCom */
-typedef struct ocsp_basic_response_st {
-	OCSP_RESPDATA *tbsResponseData;
-	X509_ALGOR *signatureAlgorithm;
-	ASN1_BIT_STRING *signature;
-	STACK_OF(X509) *certs;
-} OCSP_BASICRESP;
-
-/*
- *   CRLReason ::= ENUMERATED {
- *        unspecified             (0),
- *        keyCompromise           (1),
- *        cACompromise            (2),
- *        affiliationChanged      (3),
- *        superseded              (4),
- *        cessationOfOperation    (5),
- *        certificateHold         (6),
- *        removeFromCRL           (8) }
- */
-#define OCSP_REVOKED_STATUS_NOSTATUS			-1
-#define OCSP_REVOKED_STATUS_UNSPECIFIED			0
-#define OCSP_REVOKED_STATUS_KEYCOMPROMISE		1
-#define OCSP_REVOKED_STATUS_CACOMPROMISE		2
-#define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED		3
-#define OCSP_REVOKED_STATUS_SUPERSEDED			4
-#define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION	5
-#define OCSP_REVOKED_STATUS_CERTIFICATEHOLD		6
-#define OCSP_REVOKED_STATUS_REMOVEFROMCRL		8
-
-/* CrlID ::= SEQUENCE {
- *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
- *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
- *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
- */
-typedef struct ocsp_crl_id_st {
-	ASN1_IA5STRING *crlUrl;
-	ASN1_INTEGER *crlNum;
-	ASN1_GENERALIZEDTIME *crlTime;
-} OCSP_CRLID;
-
-/* ServiceLocator ::= SEQUENCE {
- *      issuer    Name,
- *      locator   AuthorityInfoAccessSyntax OPTIONAL }
- */
-typedef struct ocsp_service_locator_st {
-	X509_NAME* issuer;
-	STACK_OF(ACCESS_DESCRIPTION) *locator;
-} OCSP_SERVICELOC;
-
-#define PEM_STRING_OCSP_REQUEST	"OCSP REQUEST"
-#define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
-
-#define d2i_OCSP_REQUEST_bio(bp,p) \
-    ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
-
-#define d2i_OCSP_RESPONSE_bio(bp,p) \
-    ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
-
-#define	PEM_read_bio_OCSP_REQUEST(bp,x,cb) \
-    (OCSP_REQUEST *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_REQUEST, \
-	PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
-
-#define	PEM_read_bio_OCSP_RESPONSE(bp,x,cb) \
-    (OCSP_RESPONSE *)PEM_ASN1_read_bio((char *(*)())d2i_OCSP_RESPONSE, \
-	PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
-
-#define PEM_write_bio_OCSP_REQUEST(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
-	bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-#define PEM_write_bio_OCSP_RESPONSE(bp,o) \
-    PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
-	bp,(char *)o, NULL,NULL,0,NULL,NULL)
-
-#define i2d_OCSP_RESPONSE_bio(bp,o) \
-    ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
-
-#define i2d_OCSP_REQUEST_bio(bp,o) \
-    ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
-
-#define OCSP_REQUEST_sign(o,pkey,md) \
-    ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO), \
-	o->optionalSignature->signatureAlgorithm,NULL, \
-	o->optionalSignature->signature,o->tbsRequest,pkey,md)
-
-#define OCSP_BASICRESP_sign(o,pkey,md,d) \
-    ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL, \
-	o->signature,o->tbsResponseData,pkey,md)
-
-#define OCSP_REQUEST_verify(a,r) \
-    ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO), \
-	a->optionalSignature->signatureAlgorithm, \
-	a->optionalSignature->signature,a->tbsRequest,r)
-
-#define OCSP_BASICRESP_verify(a,r,d) \
-    ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA), \
-	a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
-
-#define ASN1_BIT_STRING_digest(data,type,md,len) \
-    ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
-
-#define OCSP_CERTSTATUS_dup(cs) \
-	ASN1_item_dup(&OCSP_CERTSTATUS_it, cs)
-
-OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
-
-OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req);
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req,
-	    int maxline);
-int	OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
-void	OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
-int	OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
-int	OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name,
-	    const char *value);
-
-OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
-
-OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName,
-	    ASN1_BIT_STRING* issuerKey, ASN1_INTEGER *serialNumber);
-
-OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
-
-int	OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
-int	OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
-int	OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
-int	OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
-
-int	OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
-int	OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
-
-int	OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key,
-	    const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags);
-
-int	OCSP_response_status(OCSP_RESPONSE *resp);
-OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
-
-int	OCSP_resp_count(OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
-int	OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
-int	OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-	    ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd,
-	    ASN1_GENERALIZEDTIME **nextupd);
-int	OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-	    int *reason, ASN1_GENERALIZEDTIME **revtime,
-	    ASN1_GENERALIZEDTIME **thisupd, ASN1_GENERALIZEDTIME **nextupd);
-int	OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
-	    ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
-
-int	OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
-	    X509_STORE *store, unsigned long flags);
-
-int	OCSP_parse_url(char *url, char **phost, char **pport, char **ppath,
-	    int *pssl);
-
-int	OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-int	OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
-
-int	OCSP_request_onereq_count(OCSP_REQUEST *req);
-OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
-OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
-int	OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-	    ASN1_OCTET_STRING **pikeyHash, ASN1_INTEGER **pserial,
-	    OCSP_CERTID *cid);
-int	OCSP_request_is_signed(OCSP_REQUEST *req);
-OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
-OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp, OCSP_CERTID *cid,
-	    int status, int reason, ASN1_TIME *revtime, ASN1_TIME *thisupd,
-	    ASN1_TIME *nextupd);
-int	OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
-int	OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
-	    const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags);
-
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
-
-X509_EXTENSION *OCSP_accept_responses_new(char **oids);
-
-X509_EXTENSION *OCSP_archive_cutoff_new(char* tim);
-
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls);
-
-int	OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
-int	OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
-int	OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
-	    int lastpos);
-int	OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit,
-	    int lastpos);
-X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
-X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
-void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx);
-int	OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value,
-	    int crit, unsigned long flags);
-int	OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
-
-int	OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
-int	OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
-int	OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj,
-	    int lastpos);
-int	OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
-X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
-X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
-void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
-int	OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-	    unsigned long flags);
-int	OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
-
-int	OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
-int	OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
-int	OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
-	    int lastpos);
-int	OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
-	    int lastpos);
-X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
-X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
-void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
-	    int *idx);
-int	OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
-	    int crit, unsigned long flags);
-int	OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
-
-int	OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
-int	OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid,
-	    int lastpos);
-int	OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
-	    int lastpos);
-int	OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
-	    int lastpos);
-X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
-X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
-void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
-	    int *idx);
-int	OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
-	    int crit, unsigned long flags);
-int	OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex,
-	    int loc);
-
-DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
-DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
-DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
-DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
-DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
-DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
-DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
-DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
-DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
-
-const char *OCSP_response_status_str(long s);
-const char *OCSP_cert_status_str(long s);
-const char *OCSP_crl_reason_str(long s);
-
-int	OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* a, unsigned long flags);
-int	OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags);
-
-int	OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-	    X509_STORE *st, unsigned long flags);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_OCSP_strings(void);
-
-/* Error codes for the OCSP functions. */
-
-/* Function codes. */
-#define OCSP_F_ASN1_STRING_ENCODE			 100
-#define OCSP_F_D2I_OCSP_NONCE				 102
-#define OCSP_F_OCSP_BASIC_ADD1_STATUS			 103
-#define OCSP_F_OCSP_BASIC_SIGN				 104
-#define OCSP_F_OCSP_BASIC_VERIFY			 105
-#define OCSP_F_OCSP_CERT_ID_NEW				 101
-#define OCSP_F_OCSP_CHECK_DELEGATED			 106
-#define OCSP_F_OCSP_CHECK_IDS				 107
-#define OCSP_F_OCSP_CHECK_ISSUER			 108
-#define OCSP_F_OCSP_CHECK_VALIDITY			 115
-#define OCSP_F_OCSP_MATCH_ISSUERID			 109
-#define OCSP_F_OCSP_PARSE_URL				 114
-#define OCSP_F_OCSP_REQUEST_SIGN			 110
-#define OCSP_F_OCSP_REQUEST_VERIFY			 116
-#define OCSP_F_OCSP_RESPONSE_GET1_BASIC			 111
-#define OCSP_F_OCSP_SENDREQ_BIO				 112
-#define OCSP_F_OCSP_SENDREQ_NBIO			 117
-#define OCSP_F_PARSE_HTTP_LINE1				 118
-#define OCSP_F_REQUEST_VERIFY				 113
-
-/* Reason codes. */
-#define OCSP_R_BAD_DATA					 100
-#define OCSP_R_CERTIFICATE_VERIFY_ERROR			 101
-#define OCSP_R_DIGEST_ERR				 102
-#define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD		 122
-#define OCSP_R_ERROR_IN_THISUPDATE_FIELD		 123
-#define OCSP_R_ERROR_PARSING_URL			 121
-#define OCSP_R_MISSING_OCSPSIGNING_USAGE		 103
-#define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE		 124
-#define OCSP_R_NOT_BASIC_RESPONSE			 104
-#define OCSP_R_NO_CERTIFICATES_IN_CHAIN			 105
-#define OCSP_R_NO_CONTENT				 106
-#define OCSP_R_NO_PUBLIC_KEY				 107
-#define OCSP_R_NO_RESPONSE_DATA				 108
-#define OCSP_R_NO_REVOKED_TIME				 109
-#define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 110
-#define OCSP_R_REQUEST_NOT_SIGNED			 128
-#define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA	 111
-#define OCSP_R_ROOT_CA_NOT_TRUSTED			 112
-#define OCSP_R_SERVER_READ_ERROR			 113
-#define OCSP_R_SERVER_RESPONSE_ERROR			 114
-#define OCSP_R_SERVER_RESPONSE_PARSE_ERROR		 115
-#define OCSP_R_SERVER_WRITE_ERROR			 116
-#define OCSP_R_SIGNATURE_FAILURE			 117
-#define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND		 118
-#define OCSP_R_STATUS_EXPIRED				 125
-#define OCSP_R_STATUS_NOT_YET_VALID			 126
-#define OCSP_R_STATUS_TOO_OLD				 127
-#define OCSP_R_UNKNOWN_MESSAGE_DIGEST			 119
-#define OCSP_R_UNKNOWN_NID				 120
-#define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE		 129
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_asn.c b/lib/libssl/src/crypto/ocsp/ocsp_asn.c
deleted file mode 100644
index 72e7638c759..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_asn.c
+++ /dev/null
@@ -1,962 +0,0 @@
-/* $OpenBSD: ocsp_asn.c,v 1.8 2015/07/25 14:52:47 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/ocsp.h>
-
-static const ASN1_TEMPLATE OCSP_SIGNATURE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SIGNATURE, signatureAlgorithm),
-		.field_name = "signatureAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SIGNATURE, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_SIGNATURE, certs),
-		.field_name = "certs",
-		.item = &X509_it,
-	},
-};
-
-const ASN1_ITEM OCSP_SIGNATURE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_SIGNATURE_seq_tt,
-	.tcount = sizeof(OCSP_SIGNATURE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_SIGNATURE),
-	.sname = "OCSP_SIGNATURE",
-};
-
-
-OCSP_SIGNATURE *
-d2i_OCSP_SIGNATURE(OCSP_SIGNATURE **a, const unsigned char **in, long len)
-{
-	return (OCSP_SIGNATURE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_SIGNATURE_it);
-}
-
-int
-i2d_OCSP_SIGNATURE(OCSP_SIGNATURE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SIGNATURE_it);
-}
-
-OCSP_SIGNATURE *
-OCSP_SIGNATURE_new(void)
-{
-	return (OCSP_SIGNATURE *)ASN1_item_new(&OCSP_SIGNATURE_it);
-}
-
-void
-OCSP_SIGNATURE_free(OCSP_SIGNATURE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_SIGNATURE_it);
-}
-
-static const ASN1_TEMPLATE OCSP_CERTID_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_CERTID, hashAlgorithm),
-		.field_name = "hashAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_CERTID, issuerNameHash),
-		.field_name = "issuerNameHash",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_CERTID, issuerKeyHash),
-		.field_name = "issuerKeyHash",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_CERTID, serialNumber),
-		.field_name = "serialNumber",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM OCSP_CERTID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_CERTID_seq_tt,
-	.tcount = sizeof(OCSP_CERTID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_CERTID),
-	.sname = "OCSP_CERTID",
-};
-
-
-OCSP_CERTID *
-d2i_OCSP_CERTID(OCSP_CERTID **a, const unsigned char **in, long len)
-{
-	return (OCSP_CERTID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_CERTID_it);
-}
-
-int
-i2d_OCSP_CERTID(OCSP_CERTID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CERTID_it);
-}
-
-OCSP_CERTID *
-OCSP_CERTID_new(void)
-{
-	return (OCSP_CERTID *)ASN1_item_new(&OCSP_CERTID_it);
-}
-
-void
-OCSP_CERTID_free(OCSP_CERTID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_CERTID_it);
-}
-
-static const ASN1_TEMPLATE OCSP_ONEREQ_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_ONEREQ, reqCert),
-		.field_name = "reqCert",
-		.item = &OCSP_CERTID_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_ONEREQ, singleRequestExtensions),
-		.field_name = "singleRequestExtensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM OCSP_ONEREQ_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_ONEREQ_seq_tt,
-	.tcount = sizeof(OCSP_ONEREQ_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_ONEREQ),
-	.sname = "OCSP_ONEREQ",
-};
-
-
-OCSP_ONEREQ *
-d2i_OCSP_ONEREQ(OCSP_ONEREQ **a, const unsigned char **in, long len)
-{
-	return (OCSP_ONEREQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_ONEREQ_it);
-}
-
-int
-i2d_OCSP_ONEREQ(OCSP_ONEREQ *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_ONEREQ_it);
-}
-
-OCSP_ONEREQ *
-OCSP_ONEREQ_new(void)
-{
-	return (OCSP_ONEREQ *)ASN1_item_new(&OCSP_ONEREQ_it);
-}
-
-void
-OCSP_ONEREQ_free(OCSP_ONEREQ *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_ONEREQ_it);
-}
-
-static const ASN1_TEMPLATE OCSP_REQINFO_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_REQINFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(OCSP_REQINFO, requestorName),
-		.field_name = "requestorName",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(OCSP_REQINFO, requestList),
-		.field_name = "requestList",
-		.item = &OCSP_ONEREQ_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(OCSP_REQINFO, requestExtensions),
-		.field_name = "requestExtensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM OCSP_REQINFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_REQINFO_seq_tt,
-	.tcount = sizeof(OCSP_REQINFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_REQINFO),
-	.sname = "OCSP_REQINFO",
-};
-
-
-OCSP_REQINFO *
-d2i_OCSP_REQINFO(OCSP_REQINFO **a, const unsigned char **in, long len)
-{
-	return (OCSP_REQINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_REQINFO_it);
-}
-
-int
-i2d_OCSP_REQINFO(OCSP_REQINFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REQINFO_it);
-}
-
-OCSP_REQINFO *
-OCSP_REQINFO_new(void)
-{
-	return (OCSP_REQINFO *)ASN1_item_new(&OCSP_REQINFO_it);
-}
-
-void
-OCSP_REQINFO_free(OCSP_REQINFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_REQINFO_it);
-}
-
-static const ASN1_TEMPLATE OCSP_REQUEST_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_REQUEST, tbsRequest),
-		.field_name = "tbsRequest",
-		.item = &OCSP_REQINFO_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_REQUEST, optionalSignature),
-		.field_name = "optionalSignature",
-		.item = &OCSP_SIGNATURE_it,
-	},
-};
-
-const ASN1_ITEM OCSP_REQUEST_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_REQUEST_seq_tt,
-	.tcount = sizeof(OCSP_REQUEST_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_REQUEST),
-	.sname = "OCSP_REQUEST",
-};
-
-
-OCSP_REQUEST *
-d2i_OCSP_REQUEST(OCSP_REQUEST **a, const unsigned char **in, long len)
-{
-	return (OCSP_REQUEST *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_REQUEST_it);
-}
-
-int
-i2d_OCSP_REQUEST(OCSP_REQUEST *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REQUEST_it);
-}
-
-OCSP_REQUEST *
-OCSP_REQUEST_new(void)
-{
-	return (OCSP_REQUEST *)ASN1_item_new(&OCSP_REQUEST_it);
-}
-
-void
-OCSP_REQUEST_free(OCSP_REQUEST *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_REQUEST_it);
-}
-
-/* OCSP_RESPONSE templates */
-
-static const ASN1_TEMPLATE OCSP_RESPBYTES_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPBYTES, responseType),
-		.field_name = "responseType",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPBYTES, response),
-		.field_name = "response",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM OCSP_RESPBYTES_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_RESPBYTES_seq_tt,
-	.tcount = sizeof(OCSP_RESPBYTES_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_RESPBYTES),
-	.sname = "OCSP_RESPBYTES",
-};
-
-
-OCSP_RESPBYTES *
-d2i_OCSP_RESPBYTES(OCSP_RESPBYTES **a, const unsigned char **in, long len)
-{
-	return (OCSP_RESPBYTES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_RESPBYTES_it);
-}
-
-int
-i2d_OCSP_RESPBYTES(OCSP_RESPBYTES *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPBYTES_it);
-}
-
-OCSP_RESPBYTES *
-OCSP_RESPBYTES_new(void)
-{
-	return (OCSP_RESPBYTES *)ASN1_item_new(&OCSP_RESPBYTES_it);
-}
-
-void
-OCSP_RESPBYTES_free(OCSP_RESPBYTES *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPBYTES_it);
-}
-
-static const ASN1_TEMPLATE OCSP_RESPONSE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPONSE, responseStatus),
-		.field_name = "responseStatus",
-		.item = &ASN1_ENUMERATED_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPONSE, responseBytes),
-		.field_name = "responseBytes",
-		.item = &OCSP_RESPBYTES_it,
-	},
-};
-
-const ASN1_ITEM OCSP_RESPONSE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_RESPONSE_seq_tt,
-	.tcount = sizeof(OCSP_RESPONSE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_RESPONSE),
-	.sname = "OCSP_RESPONSE",
-};
-
-
-OCSP_RESPONSE *
-d2i_OCSP_RESPONSE(OCSP_RESPONSE **a, const unsigned char **in, long len)
-{
-	return (OCSP_RESPONSE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_RESPONSE_it);
-}
-
-int
-i2d_OCSP_RESPONSE(OCSP_RESPONSE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPONSE_it);
-}
-
-OCSP_RESPONSE *
-OCSP_RESPONSE_new(void)
-{
-	return (OCSP_RESPONSE *)ASN1_item_new(&OCSP_RESPONSE_it);
-}
-
-void
-OCSP_RESPONSE_free(OCSP_RESPONSE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPONSE_it);
-}
-
-static const ASN1_TEMPLATE OCSP_RESPID_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 1,
-		.offset = offsetof(OCSP_RESPID, value.byName),
-		.field_name = "value.byName",
-		.item = &X509_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 2,
-		.offset = offsetof(OCSP_RESPID, value.byKey),
-		.field_name = "value.byKey",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM OCSP_RESPID_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(OCSP_RESPID, type),
-	.templates = OCSP_RESPID_ch_tt,
-	.tcount = sizeof(OCSP_RESPID_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_RESPID),
-	.sname = "OCSP_RESPID",
-};
-
-
-OCSP_RESPID *
-d2i_OCSP_RESPID(OCSP_RESPID **a, const unsigned char **in, long len)
-{
-	return (OCSP_RESPID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_RESPID_it);
-}
-
-int
-i2d_OCSP_RESPID(OCSP_RESPID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPID_it);
-}
-
-OCSP_RESPID *
-OCSP_RESPID_new(void)
-{
-	return (OCSP_RESPID *)ASN1_item_new(&OCSP_RESPID_it);
-}
-
-void
-OCSP_RESPID_free(OCSP_RESPID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPID_it);
-}
-
-static const ASN1_TEMPLATE OCSP_REVOKEDINFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_REVOKEDINFO, revocationTime),
-		.field_name = "revocationTime",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_REVOKEDINFO, revocationReason),
-		.field_name = "revocationReason",
-		.item = &ASN1_ENUMERATED_it,
-	},
-};
-
-const ASN1_ITEM OCSP_REVOKEDINFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_REVOKEDINFO_seq_tt,
-	.tcount = sizeof(OCSP_REVOKEDINFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_REVOKEDINFO),
-	.sname = "OCSP_REVOKEDINFO",
-};
-
-
-OCSP_REVOKEDINFO *
-d2i_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO **a, const unsigned char **in, long len)
-{
-	return (OCSP_REVOKEDINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_REVOKEDINFO_it);
-}
-
-int
-i2d_OCSP_REVOKEDINFO(OCSP_REVOKEDINFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_REVOKEDINFO_it);
-}
-
-OCSP_REVOKEDINFO *
-OCSP_REVOKEDINFO_new(void)
-{
-	return (OCSP_REVOKEDINFO *)ASN1_item_new(&OCSP_REVOKEDINFO_it);
-}
-
-void
-OCSP_REVOKEDINFO_free(OCSP_REVOKEDINFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_REVOKEDINFO_it);
-}
-
-static const ASN1_TEMPLATE OCSP_CERTSTATUS_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 0,
-		.offset = offsetof(OCSP_CERTSTATUS, value.good),
-		.field_name = "value.good",
-		.item = &ASN1_NULL_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 1,
-		.offset = offsetof(OCSP_CERTSTATUS, value.revoked),
-		.field_name = "value.revoked",
-		.item = &OCSP_REVOKEDINFO_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = 2,
-		.offset = offsetof(OCSP_CERTSTATUS, value.unknown),
-		.field_name = "value.unknown",
-		.item = &ASN1_NULL_it,
-	},
-};
-
-const ASN1_ITEM OCSP_CERTSTATUS_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(OCSP_CERTSTATUS, type),
-	.templates = OCSP_CERTSTATUS_ch_tt,
-	.tcount = sizeof(OCSP_CERTSTATUS_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_CERTSTATUS),
-	.sname = "OCSP_CERTSTATUS",
-};
-
-
-OCSP_CERTSTATUS *
-d2i_OCSP_CERTSTATUS(OCSP_CERTSTATUS **a, const unsigned char **in, long len)
-{
-	return (OCSP_CERTSTATUS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_CERTSTATUS_it);
-}
-
-int
-i2d_OCSP_CERTSTATUS(OCSP_CERTSTATUS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CERTSTATUS_it);
-}
-
-OCSP_CERTSTATUS *
-OCSP_CERTSTATUS_new(void)
-{
-	return (OCSP_CERTSTATUS *)ASN1_item_new(&OCSP_CERTSTATUS_it);
-}
-
-void
-OCSP_CERTSTATUS_free(OCSP_CERTSTATUS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_CERTSTATUS_it);
-}
-
-static const ASN1_TEMPLATE OCSP_SINGLERESP_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SINGLERESP, certId),
-		.field_name = "certId",
-		.item = &OCSP_CERTID_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SINGLERESP, certStatus),
-		.field_name = "certStatus",
-		.item = &OCSP_CERTSTATUS_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SINGLERESP, thisUpdate),
-		.field_name = "thisUpdate",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_SINGLERESP, nextUpdate),
-		.field_name = "nextUpdate",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(OCSP_SINGLERESP, singleExtensions),
-		.field_name = "singleExtensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM OCSP_SINGLERESP_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_SINGLERESP_seq_tt,
-	.tcount = sizeof(OCSP_SINGLERESP_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_SINGLERESP),
-	.sname = "OCSP_SINGLERESP",
-};
-
-
-OCSP_SINGLERESP *
-d2i_OCSP_SINGLERESP(OCSP_SINGLERESP **a, const unsigned char **in, long len)
-{
-	return (OCSP_SINGLERESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_SINGLERESP_it);
-}
-
-int
-i2d_OCSP_SINGLERESP(OCSP_SINGLERESP *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SINGLERESP_it);
-}
-
-OCSP_SINGLERESP *
-OCSP_SINGLERESP_new(void)
-{
-	return (OCSP_SINGLERESP *)ASN1_item_new(&OCSP_SINGLERESP_it);
-}
-
-void
-OCSP_SINGLERESP_free(OCSP_SINGLERESP *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_SINGLERESP_it);
-}
-
-static const ASN1_TEMPLATE OCSP_RESPDATA_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPDATA, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPDATA, responderId),
-		.field_name = "responderId",
-		.item = &OCSP_RESPID_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPDATA, producedAt),
-		.field_name = "producedAt",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(OCSP_RESPDATA, responses),
-		.field_name = "responses",
-		.item = &OCSP_SINGLERESP_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(OCSP_RESPDATA, responseExtensions),
-		.field_name = "responseExtensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM OCSP_RESPDATA_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_RESPDATA_seq_tt,
-	.tcount = sizeof(OCSP_RESPDATA_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_RESPDATA),
-	.sname = "OCSP_RESPDATA",
-};
-
-
-OCSP_RESPDATA *
-d2i_OCSP_RESPDATA(OCSP_RESPDATA **a, const unsigned char **in, long len)
-{
-	return (OCSP_RESPDATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_RESPDATA_it);
-}
-
-int
-i2d_OCSP_RESPDATA(OCSP_RESPDATA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_RESPDATA_it);
-}
-
-OCSP_RESPDATA *
-OCSP_RESPDATA_new(void)
-{
-	return (OCSP_RESPDATA *)ASN1_item_new(&OCSP_RESPDATA_it);
-}
-
-void
-OCSP_RESPDATA_free(OCSP_RESPDATA *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_RESPDATA_it);
-}
-
-static const ASN1_TEMPLATE OCSP_BASICRESP_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_BASICRESP, tbsResponseData),
-		.field_name = "tbsResponseData",
-		.item = &OCSP_RESPDATA_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_BASICRESP, signatureAlgorithm),
-		.field_name = "signatureAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_BASICRESP, signature),
-		.field_name = "signature",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_BASICRESP, certs),
-		.field_name = "certs",
-		.item = &X509_it,
-	},
-};
-
-const ASN1_ITEM OCSP_BASICRESP_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_BASICRESP_seq_tt,
-	.tcount = sizeof(OCSP_BASICRESP_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_BASICRESP),
-	.sname = "OCSP_BASICRESP",
-};
-
-
-OCSP_BASICRESP *
-d2i_OCSP_BASICRESP(OCSP_BASICRESP **a, const unsigned char **in, long len)
-{
-	return (OCSP_BASICRESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_BASICRESP_it);
-}
-
-int
-i2d_OCSP_BASICRESP(OCSP_BASICRESP *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_BASICRESP_it);
-}
-
-OCSP_BASICRESP *
-OCSP_BASICRESP_new(void)
-{
-	return (OCSP_BASICRESP *)ASN1_item_new(&OCSP_BASICRESP_it);
-}
-
-void
-OCSP_BASICRESP_free(OCSP_BASICRESP *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_BASICRESP_it);
-}
-
-static const ASN1_TEMPLATE OCSP_CRLID_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_CRLID, crlUrl),
-		.field_name = "crlUrl",
-		.item = &ASN1_IA5STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(OCSP_CRLID, crlNum),
-		.field_name = "crlNum",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(OCSP_CRLID, crlTime),
-		.field_name = "crlTime",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-};
-
-const ASN1_ITEM OCSP_CRLID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_CRLID_seq_tt,
-	.tcount = sizeof(OCSP_CRLID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_CRLID),
-	.sname = "OCSP_CRLID",
-};
-
-
-OCSP_CRLID *
-d2i_OCSP_CRLID(OCSP_CRLID **a, const unsigned char **in, long len)
-{
-	return (OCSP_CRLID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_CRLID_it);
-}
-
-int
-i2d_OCSP_CRLID(OCSP_CRLID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_CRLID_it);
-}
-
-OCSP_CRLID *
-OCSP_CRLID_new(void)
-{
-	return (OCSP_CRLID *)ASN1_item_new(&OCSP_CRLID_it);
-}
-
-void
-OCSP_CRLID_free(OCSP_CRLID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_CRLID_it);
-}
-
-static const ASN1_TEMPLATE OCSP_SERVICELOC_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OCSP_SERVICELOC, issuer),
-		.field_name = "issuer",
-		.item = &X509_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(OCSP_SERVICELOC, locator),
-		.field_name = "locator",
-		.item = &ACCESS_DESCRIPTION_it,
-	},
-};
-
-const ASN1_ITEM OCSP_SERVICELOC_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OCSP_SERVICELOC_seq_tt,
-	.tcount = sizeof(OCSP_SERVICELOC_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OCSP_SERVICELOC),
-	.sname = "OCSP_SERVICELOC",
-};
-
-
-OCSP_SERVICELOC *
-d2i_OCSP_SERVICELOC(OCSP_SERVICELOC **a, const unsigned char **in, long len)
-{
-	return (OCSP_SERVICELOC *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OCSP_SERVICELOC_it);
-}
-
-int
-i2d_OCSP_SERVICELOC(OCSP_SERVICELOC *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OCSP_SERVICELOC_it);
-}
-
-OCSP_SERVICELOC *
-OCSP_SERVICELOC_new(void)
-{
-	return (OCSP_SERVICELOC *)ASN1_item_new(&OCSP_SERVICELOC_it);
-}
-
-void
-OCSP_SERVICELOC_free(OCSP_SERVICELOC *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OCSP_SERVICELOC_it);
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_cl.c b/lib/libssl/src/crypto/ocsp/ocsp_cl.c
deleted file mode 100644
index 86baed87247..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_cl.c
+++ /dev/null
@@ -1,404 +0,0 @@
-/* $OpenBSD: ocsp_cl.c,v 1.11 2016/07/16 16:14:28 beck Exp $ */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int asn1_time_parse(const char *, size_t, struct tm *, int);
-int asn1_tm_cmp(struct tm *, struct tm *);
-
-/* Utility functions related to sending OCSP requests and extracting
- * relevant information from the response.
- */
-
-/* Add an OCSP_CERTID to an OCSP request. Return new OCSP_ONEREQ
- * pointer: useful if we want to add extensions.
- */
-OCSP_ONEREQ *
-OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
-{
-	OCSP_ONEREQ *one = NULL;
-
-	if (!(one = OCSP_ONEREQ_new()))
-		goto err;
-	if (one->reqCert)
-		OCSP_CERTID_free(one->reqCert);
-	one->reqCert = cid;
-	if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one))
-		goto err;
-	return one;
-
-err:
-	OCSP_ONEREQ_free(one);
-	return NULL;
-}
-
-/* Set requestorName from an X509_NAME structure */
-int
-OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
-{
-	GENERAL_NAME *gen;
-
-	gen = GENERAL_NAME_new();
-	if (gen == NULL)
-		return 0;
-	if (!X509_NAME_set(&gen->d.directoryName, nm)) {
-		GENERAL_NAME_free(gen);
-		return 0;
-	}
-	gen->type = GEN_DIRNAME;
-	if (req->tbsRequest->requestorName)
-		GENERAL_NAME_free(req->tbsRequest->requestorName);
-	req->tbsRequest->requestorName = gen;
-	return 1;
-}
-
-/* Add a certificate to an OCSP request */
-int
-OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
-{
-	OCSP_SIGNATURE *sig;
-
-	if (!req->optionalSignature)
-		req->optionalSignature = OCSP_SIGNATURE_new();
-	sig = req->optionalSignature;
-	if (!sig)
-		return 0;
-	if (!cert)
-		return 1;
-	if (!sig->certs && !(sig->certs = sk_X509_new_null()))
-		return 0;
-
-	if (!sk_X509_push(sig->certs, cert))
-		return 0;
-	CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-	return 1;
-}
-
-/* Sign an OCSP request set the requestorName to the subjec
- * name of an optional signers certificate and include one
- * or more optional certificates in the request. Behaves
- * like PKCS7_sign().
- */
-int
-OCSP_request_sign(OCSP_REQUEST *req, X509 *signer, EVP_PKEY *key,
-    const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags)
-{
-	int i;
-	OCSP_SIGNATURE *sig;
-	X509 *x;
-
-	if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
-		goto err;
-
-	if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new()))
-		goto err;
-	if (key) {
-		if (!X509_check_private_key(signer, key)) {
-			OCSPerr(OCSP_F_OCSP_REQUEST_SIGN,
-			    OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-			goto err;
-		}
-		if (!OCSP_REQUEST_sign(req, key, dgst))
-			goto err;
-	}
-
-	if (!(flags & OCSP_NOCERTS)) {
-		if (!OCSP_request_add1_cert(req, signer))
-			goto err;
-		for (i = 0; i < sk_X509_num(certs); i++) {
-			x = sk_X509_value(certs, i);
-			if (!OCSP_request_add1_cert(req, x))
-				goto err;
-		}
-	}
-
-	return 1;
-
-err:
-	OCSP_SIGNATURE_free(req->optionalSignature);
-	req->optionalSignature = NULL;
-	return 0;
-}
-
-/* Get response status */
-int
-OCSP_response_status(OCSP_RESPONSE *resp)
-{
-	return ASN1_ENUMERATED_get(resp->responseStatus);
-}
-
-/* Extract basic response from OCSP_RESPONSE or NULL if
- * no basic response present.
- */
-OCSP_BASICRESP *
-OCSP_response_get1_basic(OCSP_RESPONSE *resp)
-{
-	OCSP_RESPBYTES *rb;
-
-	rb = resp->responseBytes;
-	if (!rb) {
-		OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC,
-		    OCSP_R_NO_RESPONSE_DATA);
-		return NULL;
-	}
-	if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
-		OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC,
-		    OCSP_R_NOT_BASIC_RESPONSE);
-		return NULL;
-	}
-
-	return ASN1_item_unpack(rb->response, ASN1_ITEM_rptr(OCSP_BASICRESP));
-}
-
-/* Return number of OCSP_SINGLERESP reponses present in
- * a basic response.
- */
-int
-OCSP_resp_count(OCSP_BASICRESP *bs)
-{
-	if (!bs)
-		return -1;
-	return sk_OCSP_SINGLERESP_num(bs->tbsResponseData->responses);
-}
-
-/* Extract an OCSP_SINGLERESP response with a given index */
-OCSP_SINGLERESP *
-OCSP_resp_get0(OCSP_BASICRESP *bs, int idx)
-{
-	if (!bs)
-		return NULL;
-	return sk_OCSP_SINGLERESP_value(bs->tbsResponseData->responses, idx);
-}
-
-/* Look single response matching a given certificate ID */
-int
-OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)
-{
-	int i;
-	STACK_OF(OCSP_SINGLERESP) *sresp;
-	OCSP_SINGLERESP *single;
-
-	if (!bs)
-		return -1;
-	if (last < 0)
-		last = 0;
-	else
-		last++;
-	sresp = bs->tbsResponseData->responses;
-	for (i = last; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
-		single = sk_OCSP_SINGLERESP_value(sresp, i);
-		if (!OCSP_id_cmp(id, single->certId))
-			return i;
-	}
-	return -1;
-}
-
-/* Extract status information from an OCSP_SINGLERESP structure.
- * Note: the revtime and reason values are only set if the
- * certificate status is revoked. Returns numerical value of
- * status.
- */
-int
-OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
-    ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd,
-    ASN1_GENERALIZEDTIME **nextupd)
-{
-	int ret;
-	OCSP_CERTSTATUS *cst;
-
-	if (!single)
-		return -1;
-	cst = single->certStatus;
-	ret = cst->type;
-	if (ret == V_OCSP_CERTSTATUS_REVOKED) {
-		OCSP_REVOKEDINFO *rev = cst->value.revoked;
-
-		if (revtime)
-			*revtime = rev->revocationTime;
-		if (reason) {
-			if (rev->revocationReason)
-				*reason = ASN1_ENUMERATED_get(
-				    rev->revocationReason);
-			else
-				*reason = -1;
-		}
-	}
-	if (thisupd)
-		*thisupd = single->thisUpdate;
-	if (nextupd)
-		*nextupd = single->nextUpdate;
-	return ret;
-}
-
-/* This function combines the previous ones: look up a certificate ID and
- * if found extract status information. Return 0 is successful.
- */
-int
-OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
-    int *reason, ASN1_GENERALIZEDTIME **revtime, ASN1_GENERALIZEDTIME **thisupd,
-    ASN1_GENERALIZEDTIME **nextupd)
-{
-	int i;
-	OCSP_SINGLERESP *single;
-
-	i = OCSP_resp_find(bs, id, -1);
-	/* Maybe check for multiple responses and give an error? */
-	if (i < 0)
-		return 0;
-	single = OCSP_resp_get0(bs, i);
-	i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd);
-	if (status)
-		*status = i;
-	return 1;
-}
-
-/* Check validity of thisUpdate and nextUpdate fields. It is possible that the request will
- * take a few seconds to process and/or the time wont be totally accurate. Therefore to avoid
- * rejecting otherwise valid time we allow the times to be within 'nsec' of the current time.
- * Also to avoid accepting very old responses without a nextUpdate field an optional maxage
- * parameter specifies the maximum age the thisUpdate field can be.
- */
-int
-OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
-    ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec)
-{
-	time_t t_now, t_tmp;
-	struct tm tm_this, tm_next, tm_tmp;
-
-	time(&t_now);
-
-	/*
-	 * Times must explicitly be a GENERALIZEDTIME as per section
-	 * 4.2.2.1 of RFC 6960 - It is invalid to accept other times
-	 * (such as UTCTIME permitted/required by RFC 5280 for certificates)
-	 */
-
-	/* Check thisUpdate is valid and not more than nsec in the future */
-	if (asn1_time_parse(thisupd->data, thisupd->length, &tm_this,
-	    V_ASN1_GENERALIZEDTIME) != V_ASN1_GENERALIZEDTIME) {
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-		    OCSP_R_ERROR_IN_THISUPDATE_FIELD);
-		return 0;
-	} else {
-		t_tmp = t_now + nsec;
-		if (gmtime_r(&t_tmp, &tm_tmp) == NULL)
-			return 0;
-		if (asn1_tm_cmp(&tm_this, &tm_tmp) > 0) {
-			OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-			    OCSP_R_STATUS_NOT_YET_VALID);
-			return 0;
-		}
-
-		/*
-		 * If maxsec specified check thisUpdate is not more than maxsec
-		 * in the past
-		 */
-		if (maxsec >= 0) {
-			t_tmp = t_now - maxsec;
-			if (gmtime_r(&t_tmp, &tm_tmp) == NULL)
-				return 0;
-			if (asn1_tm_cmp(&tm_this, &tm_tmp) < 0) {
-				OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-				    OCSP_R_STATUS_TOO_OLD);
-				return 0;
-			}
-		}
-	}
-
-	if (!nextupd)
-		return 1;
-
-	/* Check nextUpdate is valid and not more than nsec in the past */
-	if (asn1_time_parse(nextupd->data, nextupd->length, &tm_next,
-	    V_ASN1_GENERALIZEDTIME) != V_ASN1_GENERALIZEDTIME) {
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-		    OCSP_R_ERROR_IN_NEXTUPDATE_FIELD);
-		return 0;
-	} else {
-		t_tmp = t_now - nsec;
-		if (gmtime_r(&t_tmp, &tm_tmp) == NULL)
-			return 0;
-		if (asn1_tm_cmp(&tm_next, &tm_tmp) < 0) {
-			OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-			    OCSP_R_STATUS_EXPIRED);
-			return 0;
-		}
-	}
-
-	/* Also don't allow nextUpdate to precede thisUpdate */
-	if (asn1_tm_cmp(&tm_next, &tm_this) < 0) {
-		OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
-		    OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE);
-		return 0;
-	}
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_err.c b/lib/libssl/src/crypto/ocsp/ocsp_err.c
deleted file mode 100644
index af781074b62..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_err.c
+++ /dev/null
@@ -1,142 +0,0 @@
-/* $OpenBSD: ocsp_err.c,v 1.7 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
-
-static ERR_STRING_DATA OCSP_str_functs[]= {
-	{ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE),	"ASN1_STRING_encode"},
-	{ERR_FUNC(OCSP_F_D2I_OCSP_NONCE),	"D2I_OCSP_NONCE"},
-	{ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS),	"OCSP_basic_add1_status"},
-	{ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN),	"OCSP_basic_sign"},
-	{ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY),	"OCSP_basic_verify"},
-	{ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW),	"OCSP_cert_id_new"},
-	{ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED),	"OCSP_CHECK_DELEGATED"},
-	{ERR_FUNC(OCSP_F_OCSP_CHECK_IDS),	"OCSP_CHECK_IDS"},
-	{ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER),	"OCSP_CHECK_ISSUER"},
-	{ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY),	"OCSP_check_validity"},
-	{ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID),	"OCSP_MATCH_ISSUERID"},
-	{ERR_FUNC(OCSP_F_OCSP_PARSE_URL),	"OCSP_parse_url"},
-	{ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN),	"OCSP_request_sign"},
-	{ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY),	"OCSP_request_verify"},
-	{ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC),	"OCSP_response_get1_basic"},
-	{ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO),	"OCSP_sendreq_bio"},
-	{ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO),	"OCSP_sendreq_nbio"},
-	{ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1),	"PARSE_HTTP_LINE1"},
-	{ERR_FUNC(OCSP_F_REQUEST_VERIFY),	"REQUEST_VERIFY"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA OCSP_str_reasons[]= {
-	{ERR_REASON(OCSP_R_BAD_DATA)             , "bad data"},
-	{ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-	{ERR_REASON(OCSP_R_DIGEST_ERR)           , "digest err"},
-	{ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD), "error in nextupdate field"},
-	{ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD), "error in thisupdate field"},
-	{ERR_REASON(OCSP_R_ERROR_PARSING_URL)    , "error parsing url"},
-	{ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE), "missing ocspsigning usage"},
-	{ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE), "nextupdate before thisupdate"},
-	{ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE)   , "not basic response"},
-	{ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
-	{ERR_REASON(OCSP_R_NO_CONTENT)           , "no content"},
-	{ERR_REASON(OCSP_R_NO_PUBLIC_KEY)        , "no public key"},
-	{ERR_REASON(OCSP_R_NO_RESPONSE_DATA)     , "no response data"},
-	{ERR_REASON(OCSP_R_NO_REVOKED_TIME)      , "no revoked time"},
-	{ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"},
-	{ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED)   , "request not signed"},
-	{ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA), "response contains no revocation data"},
-	{ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED)  , "root ca not trusted"},
-	{ERR_REASON(OCSP_R_SERVER_READ_ERROR)    , "server read error"},
-	{ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
-	{ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR), "server response parse error"},
-	{ERR_REASON(OCSP_R_SERVER_WRITE_ERROR)   , "server write error"},
-	{ERR_REASON(OCSP_R_SIGNATURE_FAILURE)    , "signature failure"},
-	{ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"},
-	{ERR_REASON(OCSP_R_STATUS_EXPIRED)       , "status expired"},
-	{ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID) , "status not yet valid"},
-	{ERR_REASON(OCSP_R_STATUS_TOO_OLD)       , "status too old"},
-	{ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST), "unknown message digest"},
-	{ERR_REASON(OCSP_R_UNKNOWN_NID)          , "unknown nid"},
-	{ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE), "unsupported requestorname type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_OCSP_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, OCSP_str_functs);
-		ERR_load_strings(0, OCSP_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_ext.c b/lib/libssl/src/crypto/ocsp/ocsp_ext.c
deleted file mode 100644
index edcf5bcca88..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_ext.c
+++ /dev/null
@@ -1,607 +0,0 @@
-/* $OpenBSD: ocsp_ext.c,v 1.14 2015/07/19 18:29:31 miod Exp $ */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* Standard wrapper functions for extensions */
-
-/* OCSP request extensions */
-
-int
-OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
-{
-	return X509v3_get_ext_count(x->tbsRequest->requestExtensions);
-}
-
-int
-OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(x->tbsRequest->requestExtensions, nid,
-	    lastpos);
-}
-
-int
-OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(x->tbsRequest->requestExtensions, obj,
-	    lastpos);
-}
-
-int
-OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(x->tbsRequest->requestExtensions,
-	    crit, lastpos);
-}
-
-X509_EXTENSION *
-OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
-{
-	return X509v3_get_ext(x->tbsRequest->requestExtensions, loc);
-}
-
-X509_EXTENSION *
-OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
-{
-	return X509v3_delete_ext(x->tbsRequest->requestExtensions, loc);
-}
-
-void *
-OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
-}
-
-int
-OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value,
-	    crit, flags);
-}
-
-int
-OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex,
-	    loc) != NULL;
-}
-
-/* Single extensions */
-
-int
-OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
-{
-	return X509v3_get_ext_count(x->singleRequestExtensions);
-}
-
-int
-OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos);
-}
-
-int
-OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos);
-}
-
-int
-OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(x->singleRequestExtensions, crit,
-	    lastpos);
-}
-
-X509_EXTENSION *
-OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
-{
-	return X509v3_get_ext(x->singleRequestExtensions, loc);
-}
-
-X509_EXTENSION *
-OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
-{
-	return X509v3_delete_ext(x->singleRequestExtensions, loc);
-}
-
-void *
-OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
-}
-
-int
-OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit,
-	    flags);
-}
-
-int
-OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL;
-}
-
-/* OCSP Basic response */
-
-int
-OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
-{
-	return X509v3_get_ext_count(x->tbsResponseData->responseExtensions);
-}
-
-int
-OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(x->tbsResponseData->responseExtensions,
-	    nid, lastpos);
-}
-
-int
-OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(x->tbsResponseData->responseExtensions,
-	    obj, lastpos);
-}
-
-int
-OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(
-	    x->tbsResponseData->responseExtensions, crit, lastpos);
-}
-
-X509_EXTENSION *
-OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
-{
-	return X509v3_get_ext(x->tbsResponseData->responseExtensions, loc);
-}
-
-X509_EXTENSION *
-OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
-{
-	return X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc);
-}
-
-void *
-OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid,
-	    crit, idx);
-}
-
-int
-OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid,
-	    value, crit, flags);
-}
-
-int
-OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex,
-	    loc) != NULL;
-}
-
-/* OCSP single response extensions */
-
-int
-OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
-{
-	return X509v3_get_ext_count(x->singleExtensions);
-}
-
-int
-OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos);
-}
-
-int
-OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
-    int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos);
-}
-
-int
-OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos);
-}
-
-X509_EXTENSION *
-OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
-{
-	return X509v3_get_ext(x->singleExtensions, loc);
-}
-
-X509_EXTENSION *
-OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
-{
-	return X509v3_delete_ext(x->singleExtensions, loc);
-}
-
-void *
-OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
-}
-
-int
-OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
-}
-
-int
-OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL;
-}
-
-/* also CRL Entry Extensions */
-#if 0
-ASN1_STRING *
-ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, void *data,
-    STACK_OF(ASN1_OBJECT) *sk)
-{
-	int i;
-	unsigned char *p, *b = NULL;
-
-	if (data) {
-		if ((i = i2d(data, NULL)) <= 0)
-			goto err;
-		if (!(b = p = malloc(i)))
-			goto err;
-		if (i2d(data, &p) <= 0)
-			goto err;
-	} else if (sk) {
-		if ((i = i2d_ASN1_SET_OF_ASN1_OBJECT(sk, NULL,
-		    (I2D_OF(ASN1_OBJECT))i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
-		    IS_SEQUENCE)) <= 0)
-			goto err;
-		if (!(b = p = malloc(i)))
-			goto err;
-		if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk, &p,
-		    (I2D_OF(ASN1_OBJECT))i2d, V_ASN1_SEQUENCE,
-		    V_ASN1_UNIVERSAL, IS_SEQUENCE) <= 0)
-			goto err;
-	} else {
-		OCSPerr(OCSP_F_ASN1_STRING_ENCODE, OCSP_R_BAD_DATA);
-		goto err;
-	}
-	if (!s && !(s = ASN1_STRING_new()))
-		goto err;
-	if (!(ASN1_STRING_set(s, b, i)))
-		goto err;
-	free(b);
-	return s;
-
-err:
-	free(b);
-	return NULL;
-}
-#endif
-
-/* Nonce handling functions */
-
-/* Add a nonce to an extension stack. A nonce can be specificed or if NULL
- * a random nonce will be generated.
- * Note: OpenSSL 0.9.7d and later create an OCTET STRING containing the
- * nonce, previous versions used the raw nonce.
- */
-
-static int
-ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, unsigned char *val, int len)
-{
-	unsigned char *tmpval;
-	ASN1_OCTET_STRING os;
-	int ret = 0;
-
-	if (len <= 0)
-		len = OCSP_DEFAULT_NONCE_LENGTH;
-	/* Create the OCTET STRING manually by writing out the header and
-	 * appending the content octets. This avoids an extra memory allocation
-	 * operation in some cases. Applications should *NOT* do this because
-	 * it relies on library internals.
-	 */
-	os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
-	os.data = malloc(os.length);
-	if (os.data == NULL)
-		goto err;
-	tmpval = os.data;
-	ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
-	if (val)
-		memcpy(tmpval, val, len);
-	else
-		arc4random_buf(tmpval, len);
-	if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, &os, 0,
-	    X509V3_ADD_REPLACE))
-		goto err;
-	ret = 1;
-
-err:
-	free(os.data);
-	return ret;
-}
-
-/* Add nonce to an OCSP request */
-int
-OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
-{
-	return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
-}
-
-/* Same as above but for a response */
-int
-OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
-{
-	return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val,
-	    len);
-}
-
-/* Check nonce validity in a request and response.
- * Return value reflects result:
- *  1: nonces present and equal.
- *  2: nonces both absent.
- *  3: nonce present in response only.
- *  0: nonces both present and not equal.
- * -1: nonce in request only.
- *
- *  For most responders clients can check return > 0.
- *  If responder doesn't handle nonces return != 0 may be
- *  necessary. return == 0 is always an error.
- */
-int
-OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
-{
-	/*
-	 * Since we are only interested in the presence or absence of
-	 * the nonce and comparing its value there is no need to use
-	 * the X509V3 routines: this way we can avoid them allocating an
-	 * ASN1_OCTET_STRING structure for the value which would be
-	 * freed immediately anyway.
-	 */
-	int req_idx, resp_idx;
-	X509_EXTENSION *req_ext, *resp_ext;
-
-	req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-	resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs,
-	    NID_id_pkix_OCSP_Nonce, -1);
-	/* Check both absent */
-	if (req_idx < 0 && resp_idx < 0)
-		return 2;
-	/* Check in request only */
-	if (req_idx >= 0 && resp_idx < 0)
-		return -1;
-	/* Check in response but not request */
-	if (req_idx < 0 && resp_idx >= 0)
-		return 3;
-	/* Otherwise nonce in request and response so retrieve the extensions */
-	req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-	resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
-	if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
-		return 0;
-	return 1;
-}
-
-/* Copy the nonce value (if any) from an OCSP request to
- * a response.
- */
-int
-OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
-{
-	X509_EXTENSION *req_ext;
-	int req_idx;
-
-	/* Check for nonce in request */
-	req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
-	/* If no nonce that's OK */
-	if (req_idx < 0)
-		return 2;
-	req_ext = OCSP_REQUEST_get_ext(req, req_idx);
-	return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
-}
-
-X509_EXTENSION *
-OCSP_crlID_new(char *url, long *n, char *tim)
-{
-	X509_EXTENSION *x = NULL;
-	OCSP_CRLID *cid = NULL;
-
-	if (!(cid = OCSP_CRLID_new()))
-		goto err;
-	if (url) {
-		if (!(cid->crlUrl = ASN1_IA5STRING_new()))
-			goto err;
-		if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
-			goto err;
-	}
-	if (n) {
-		if (!(cid->crlNum = ASN1_INTEGER_new()))
-			goto err;
-		if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
-			goto err;
-	}
-	if (tim) {
-		if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
-			goto err;
-		if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
-			goto err;
-	}
-	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
-
-err:
-	if (cid)
-		OCSP_CRLID_free(cid);
-	return x;
-}
-
-/*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
-X509_EXTENSION *
-OCSP_accept_responses_new(char **oids)
-{
-	int nid;
-	STACK_OF(ASN1_OBJECT) *sk = NULL;
-	ASN1_OBJECT *o = NULL;
-	X509_EXTENSION *x = NULL;
-
-	if (!(sk = sk_ASN1_OBJECT_new_null()))
-		return NULL;
-	while (oids && *oids) {
-		if ((nid = OBJ_txt2nid(*oids)) != NID_undef &&
-		    (o = OBJ_nid2obj(nid)))
-			if (sk_ASN1_OBJECT_push(sk, o) == 0) {
-				sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-				return NULL;
-			}
-		oids++;
-	}
-	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
-	sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
-	return x;
-}
-
-/*  ArchiveCutoff ::= GeneralizedTime */
-X509_EXTENSION *
-OCSP_archive_cutoff_new(char* tim)
-{
-	X509_EXTENSION *x = NULL;
-	ASN1_GENERALIZEDTIME *gt = NULL;
-
-	if (!(gt = ASN1_GENERALIZEDTIME_new()))
-		return NULL;
-	if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
-		goto err;
-	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
-
-err:
-	if (gt)
-		ASN1_GENERALIZEDTIME_free(gt);
-	return x;
-}
-
-/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
- * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value.  This
- * method forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
- */
-X509_EXTENSION *
-OCSP_url_svcloc_new(X509_NAME* issuer, char **urls)
-{
-	X509_EXTENSION *x = NULL;
-	ASN1_IA5STRING *ia5 = NULL;
-	OCSP_SERVICELOC *sloc = NULL;
-	ACCESS_DESCRIPTION *ad = NULL;
-
-	if (!(sloc = OCSP_SERVICELOC_new()))
-		goto err;
-	if (!(sloc->issuer = X509_NAME_dup(issuer)))
-		goto err;
-	if (urls && *urls &&
-	    !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
-		goto err;
-	while (urls && *urls) {
-		if (!(ad = ACCESS_DESCRIPTION_new()))
-			goto err;
-		if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
-			goto err;
-		if (!(ad->location = GENERAL_NAME_new()))
-			goto err;
-		if (!(ia5 = ASN1_IA5STRING_new()))
-			goto err;
-		if (!ASN1_STRING_set((ASN1_STRING*)ia5, *urls, -1))
-			goto err;
-		ad->location->type = GEN_URI;
-		ad->location->d.ia5 = ia5;
-		ia5 = NULL;
-		if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
-			goto err;
-		ad = NULL;
-		urls++;
-	}
-	x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
-
-err:
-	if (ia5)
-		ASN1_IA5STRING_free(ia5);
-	if (ad)
-		ACCESS_DESCRIPTION_free(ad);
-	if (sloc)
-		OCSP_SERVICELOC_free(sloc);
-	return x;
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_ht.c b/lib/libssl/src/crypto/ocsp/ocsp_ht.c
deleted file mode 100644
index 4d21543396a..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_ht.c
+++ /dev/null
@@ -1,463 +0,0 @@
-/* $OpenBSD: ocsp_ht.c,v 1.22 2014/10/03 06:02:38 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <openssl/buffer.h>
-
-/* Stateful OCSP request code, supporting non-blocking I/O */
-
-/* Opaque OCSP request status structure */
-
-struct ocsp_req_ctx_st {
-	int state;		/* Current I/O state */
-	unsigned char *iobuf;	/* Line buffer */
-	int iobuflen;		/* Line buffer length */
-	BIO *io;		/* BIO to perform I/O with */
-	BIO *mem;		/* Memory BIO response is built into */
-	unsigned long asn1_len;	/* ASN1 length of response */
-};
-
-#define OCSP_MAX_REQUEST_LENGTH	(100 * 1024)
-#define OCSP_MAX_LINE_LEN	4096;
-
-/* OCSP states */
-
-/* If set no reading should be performed */
-#define OHS_NOREAD		0x1000
-/* Error condition */
-#define OHS_ERROR		(0 | OHS_NOREAD)
-/* First line being read */
-#define OHS_FIRSTLINE		1
-/* MIME headers being read */
-#define OHS_HEADERS		2
-/* OCSP initial header (tag + length) being read */
-#define OHS_ASN1_HEADER		3
-/* OCSP content octets being read */
-#define OHS_ASN1_CONTENT	4
-/* Request being sent */
-#define OHS_ASN1_WRITE		(6 | OHS_NOREAD)
-/* Request being flushed */
-#define OHS_ASN1_FLUSH		(7 | OHS_NOREAD)
-/* Completed */
-#define OHS_DONE		(8 | OHS_NOREAD)
-
-
-static int parse_http_line1(char *line);
-
-void
-OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx)
-{
-	if (rctx == NULL)
-		return;
-
-	BIO_free(rctx->mem);
-	free(rctx->iobuf);
-	free(rctx);
-}
-
-int
-OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req)
-{
-	if (BIO_printf(rctx->mem, "Content-Type: application/ocsp-request\r\n"
-	    "Content-Length: %d\r\n\r\n", i2d_OCSP_REQUEST(req, NULL)) <= 0)
-		return 0;
-	if (i2d_OCSP_REQUEST_bio(rctx->mem, req) <= 0)
-		return 0;
-	rctx->state = OHS_ASN1_WRITE;
-	rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
-	return 1;
-}
-
-int
-OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name,
-    const char *value)
-{
-	if (!name)
-		return 0;
-	if (BIO_puts(rctx->mem, name) <= 0)
-		return 0;
-	if (value) {
-		if (BIO_write(rctx->mem, ": ", 2) != 2)
-			return 0;
-		if (BIO_puts(rctx->mem, value) <= 0)
-			return 0;
-	}
-	if (BIO_write(rctx->mem, "\r\n", 2) != 2)
-		return 0;
-	return 1;
-}
-
-OCSP_REQ_CTX *
-OCSP_sendreq_new(BIO *io, char *path, OCSP_REQUEST *req, int maxline)
-{
-	OCSP_REQ_CTX *rctx;
-
-	rctx = malloc(sizeof(OCSP_REQ_CTX));
-	if (rctx == NULL)
-		return NULL;
-	rctx->state = OHS_ERROR;
-	rctx->mem = BIO_new(BIO_s_mem());
-	rctx->io = io;
-	rctx->asn1_len = 0;
-	if (maxline > 0)
-		rctx->iobuflen = maxline;
-	else
-		rctx->iobuflen = OCSP_MAX_LINE_LEN;
-	rctx->iobuf = malloc(rctx->iobuflen);
-	if (!rctx->iobuf) {
-		BIO_free(rctx->mem);
-		free(rctx);
-		return NULL;
-	}
-	if (!path)
-		path = "/";
-
-	if (BIO_printf(rctx->mem, "POST %s HTTP/1.0\r\n", path) <= 0) {
-		free(rctx->iobuf);
-		BIO_free(rctx->mem);
-		free(rctx);
-		return NULL;
-	}
-
-	if (req && !OCSP_REQ_CTX_set1_req(rctx, req)) {
-		free(rctx->iobuf);
-		BIO_free(rctx->mem);
-		free(rctx);
-		return NULL;
-	}
-
-	return rctx;
-}
-
-/* Parse the HTTP response. This will look like this:
- * "HTTP/1.0 200 OK". We need to obtain the numeric code and
- * (optional) informational message.
- */
-static int
-parse_http_line1(char *line)
-{
-	int retcode;
-	char *p, *q, *r;
-
-	/* Skip to first white space (passed protocol info) */
-	for (p = line; *p && !isspace((unsigned char)*p); p++)
-		continue;
-	if (!*p) {
-		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
-		    OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		return 0;
-	}
-
-	/* Skip past white space to start of response code */
-	while (*p && isspace((unsigned char)*p))
-		p++;
-	if (!*p) {
-		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
-		    OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		return 0;
-	}
-
-	/* Find end of response code: first whitespace after start of code */
-	for (q = p; *q && !isspace((unsigned char)*q); q++)
-		continue;
-	if (!*q) {
-		OCSPerr(OCSP_F_PARSE_HTTP_LINE1,
-		    OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
-		return 0;
-	}
-
-	/* Set end of response code and start of message */
-	*q++ = 0;
-
-	/* Attempt to parse numeric code */
-	retcode = strtoul(p, &r, 10);
-
-	if (*r)
-		return 0;
-
-	/* Skip over any leading white space in message */
-	while (*q && isspace((unsigned char)*q))
-		q++;
-	if (*q) {
-		/* Finally zap any trailing white space in message (include
-		 * CRLF) */
-
-		/* We know q has a non white space character so this is OK */
-		for (r = q + strlen(q) - 1; isspace((unsigned char)*r); r--)
-			*r = 0;
-	}
-	if (retcode != 200) {
-		OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
-		if (!*q)
-			ERR_asprintf_error_data("Code=%s", p);
-		else
-			ERR_asprintf_error_data("Code=%s,Reason=%s", p, q);
-		return 0;
-	}
-
-	return 1;
-}
-
-int
-OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
-{
-	int i, n;
-	const unsigned char *p;
-
-next_io:
-	if (!(rctx->state & OHS_NOREAD)) {
-		n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen);
-
-		if (n <= 0) {
-			if (BIO_should_retry(rctx->io))
-				return -1;
-			return 0;
-		}
-
-		/* Write data to memory BIO */
-		if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
-			return 0;
-	}
-
-	switch (rctx->state) {
-	case OHS_ASN1_WRITE:
-		n = BIO_get_mem_data(rctx->mem, &p);
-		i = BIO_write(rctx->io,
-		    p + (n - rctx->asn1_len), rctx->asn1_len);
-		if (i <= 0) {
-			if (BIO_should_retry(rctx->io))
-				return -1;
-			rctx->state = OHS_ERROR;
-			return 0;
-		}
-
-		rctx->asn1_len -= i;
-		if (rctx->asn1_len > 0)
-			goto next_io;
-
-		rctx->state = OHS_ASN1_FLUSH;
-
-		(void)BIO_reset(rctx->mem);
-		/* FALLTHROUGH */
-
-	case OHS_ASN1_FLUSH:
-		i = BIO_flush(rctx->io);
-		if (i > 0) {
-			rctx->state = OHS_FIRSTLINE;
-			goto next_io;
-		}
-
-		if (BIO_should_retry(rctx->io))
-			return -1;
-
-		rctx->state = OHS_ERROR;
-		return 0;
-
-	case OHS_ERROR:
-		return 0;
-
-	case OHS_FIRSTLINE:
-	case OHS_HEADERS:
-		/* Attempt to read a line in */
-next_line:
-		/* Due to &%^*$" memory BIO behaviour with BIO_gets we
-		 * have to check there's a complete line in there before
-		 * calling BIO_gets or we'll just get a partial read.
-		 */
-		n = BIO_get_mem_data(rctx->mem, &p);
-		if ((n <= 0) || !memchr(p, '\n', n)) {
-			if (n >= rctx->iobuflen) {
-				rctx->state = OHS_ERROR;
-				return 0;
-			}
-			goto next_io;
-		}
-		n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
-		if (n <= 0) {
-			if (BIO_should_retry(rctx->mem))
-				goto next_io;
-			rctx->state = OHS_ERROR;
-			return 0;
-		}
-
-		/* Don't allow excessive lines */
-		if (n == rctx->iobuflen) {
-			rctx->state = OHS_ERROR;
-			return 0;
-		}
-
-		/* First line */
-		if (rctx->state == OHS_FIRSTLINE) {
-			if (parse_http_line1((char *)rctx->iobuf)) {
-				rctx->state = OHS_HEADERS;
-				goto next_line;
-			} else {
-				rctx->state = OHS_ERROR;
-				return 0;
-			}
-		} else {
-			/* Look for blank line: end of headers */
-			for (p = rctx->iobuf; *p; p++) {
-				if ((*p != '\r') && (*p != '\n'))
-					break;
-			}
-			if (*p)
-				goto next_line;
-
-			rctx->state = OHS_ASN1_HEADER;
-		}
-		/* FALLTRHOUGH */
-
-	case OHS_ASN1_HEADER:
-		/* Now reading ASN1 header: can read at least 2 bytes which
-		 * is enough for ASN1 SEQUENCE header and either length field
-		 * or at least the length of the length field.
-		 */
-		n = BIO_get_mem_data(rctx->mem, &p);
-		if (n < 2)
-			goto next_io;
-
-		/* Check it is an ASN1 SEQUENCE */
-		if (*p++ != (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) {
-			rctx->state = OHS_ERROR;
-			return 0;
-		}
-
-		/* Check out length field */
-		if (*p & 0x80) {
-			/* If MSB set on initial length octet we can now
-			 * always read 6 octets: make sure we have them.
-			 */
-			if (n < 6)
-				goto next_io;
-			n = *p & 0x7F;
-			/* Not NDEF or excessive length */
-			if (!n || (n > 4)) {
-				rctx->state = OHS_ERROR;
-				return 0;
-			}
-			p++;
-			rctx->asn1_len = 0;
-			for (i = 0; i < n; i++) {
-				rctx->asn1_len <<= 8;
-				rctx->asn1_len |= *p++;
-			}
-
-			if (rctx->asn1_len > OCSP_MAX_REQUEST_LENGTH) {
-				rctx->state = OHS_ERROR;
-				return 0;
-			}
-
-			rctx->asn1_len += n + 2;
-		} else
-			rctx->asn1_len = *p + 2;
-
-		rctx->state = OHS_ASN1_CONTENT;
-
-		/* FALLTHROUGH */
-
-	case OHS_ASN1_CONTENT:
-		n = BIO_get_mem_data(rctx->mem, &p);
-		if (n < (int)rctx->asn1_len)
-			goto next_io;
-
-		*presp = d2i_OCSP_RESPONSE(NULL, &p, rctx->asn1_len);
-		if (*presp) {
-			rctx->state = OHS_DONE;
-			return 1;
-		}
-
-		rctx->state = OHS_ERROR;
-		return 0;
-
-	case OHS_DONE:
-		return 1;
-	}
-
-	return 0;
-}
-
-/* Blocking OCSP request handler: now a special case of non-blocking I/O */
-OCSP_RESPONSE *
-OCSP_sendreq_bio(BIO *b, char *path, OCSP_REQUEST *req)
-{
-	OCSP_RESPONSE *resp = NULL;
-	OCSP_REQ_CTX *ctx;
-	int rv;
-
-	ctx = OCSP_sendreq_new(b, path, req, -1);
-	if (ctx == NULL)
-		return NULL;
-
-	do {
-		rv = OCSP_sendreq_nbio(&resp, ctx);
-	} while ((rv == -1) && BIO_should_retry(b));
-
-	OCSP_REQ_CTX_free(ctx);
-
-	if (rv)
-		return resp;
-
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_lib.c b/lib/libssl/src/crypto/ocsp/ocsp_lib.c
deleted file mode 100644
index be5bf7dab5d..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_lib.c
+++ /dev/null
@@ -1,282 +0,0 @@
-/* $OpenBSD: ocsp_lib.c,v 1.18 2015/02/10 05:25:45 jsing Exp $ */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was transfered to Richard Levitte from CertCo by Kathy
-   Weinhold in mid-spring 2000 to be included in OpenSSL or released
-   as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* Convert a certificate and its issuer to an OCSP_CERTID */
-
-OCSP_CERTID *
-OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
-{
-	X509_NAME *iname;
-	ASN1_INTEGER *serial;
-	ASN1_BIT_STRING *ikey;
-
-#ifndef OPENSSL_NO_SHA1
-	if (!dgst)
-		dgst = EVP_sha1();
-#endif
-	if (subject) {
-		iname = X509_get_issuer_name(subject);
-		serial = X509_get_serialNumber(subject);
-	} else {
-		iname = X509_get_subject_name(issuer);
-		serial = NULL;
-	}
-	ikey = X509_get0_pubkey_bitstr(issuer);
-	return OCSP_cert_id_new(dgst, iname, ikey, serial);
-}
-
-OCSP_CERTID *
-OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName,
-    ASN1_BIT_STRING* issuerKey, ASN1_INTEGER *serialNumber)
-{
-	int nid;
-	unsigned int i;
-	X509_ALGOR *alg;
-	OCSP_CERTID *cid = NULL;
-	unsigned char md[EVP_MAX_MD_SIZE];
-
-	if (!(cid = OCSP_CERTID_new()))
-		goto err;
-
-	alg = cid->hashAlgorithm;
-	if (alg->algorithm != NULL)
-		ASN1_OBJECT_free(alg->algorithm);
-	if ((nid = EVP_MD_type(dgst)) == NID_undef) {
-		OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
-		goto err;
-	}
-	if (!(alg->algorithm = OBJ_nid2obj(nid)))
-		goto err;
-	if ((alg->parameter = ASN1_TYPE_new()) == NULL)
-		goto err;
-	alg->parameter->type = V_ASN1_NULL;
-
-	if (!X509_NAME_digest(issuerName, dgst, md, &i))
-		goto digerr;
-	if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)))
-		goto err;
-
-	/* Calculate the issuerKey hash, excluding tag and length */
-	if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
-		goto err;
-
-	if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)))
-		goto err;
-
-	if (serialNumber) {
-		ASN1_INTEGER_free(cid->serialNumber);
-		if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber)))
-			goto err;
-	}
-	return cid;
-
-digerr:
-	OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);
-err:
-	if (cid)
-		OCSP_CERTID_free(cid);
-	return NULL;
-}
-
-int
-OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-{
-	int ret;
-
-	ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm);
-	if (ret)
-		return ret;
-	ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash);
-	if (ret)
-		return ret;
-	return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash);
-}
-
-int
-OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
-{
-	int ret;
-
-	ret = OCSP_id_issuer_cmp(a, b);
-	if (ret)
-		return ret;
-	return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber);
-}
-
-/* Parse a URL and split it up into host, port and path components and whether
- * it is SSL.
- */
-int
-OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl)
-{
-	char *p, *buf;
-	char *host, *port;
-
-	*phost = NULL;
-	*pport = NULL;
-	*ppath = NULL;
-
-	/* dup the buffer since we are going to mess with it */
-	buf = url ? strdup(url) : NULL;
-	if (!buf)
-		goto mem_err;
-
-	/* Check for initial colon */
-	p = strchr(buf, ':');
-	if (!p)
-		goto parse_err;
-
-	*(p++) = '\0';
-
-	if (!strcmp(buf, "http")) {
-		*pssl = 0;
-		port = "80";
-	} else if (!strcmp(buf, "https")) {
-		*pssl = 1;
-		port = "443";
-	} else
-		goto parse_err;
-
-	/* Check for double slash */
-	if ((p[0] != '/') || (p[1] != '/'))
-		goto parse_err;
-
-	p += 2;
-
-	host = p;
-
-	/* Check for trailing part of path */
-	p = strchr(p, '/');
-	if (!p)
-		*ppath = strdup("/");
-	else {
-		*ppath = strdup(p);
-		/* Set start of path to 0 so hostname is valid */
-		*p = '\0';
-	}
-
-	if (!*ppath)
-		goto mem_err;
-
-	/* Look for optional ':' for port number */
-	if ((p = strchr(host, ':'))) {
-		*p = 0;
-		port = p + 1;
-	} else {
-		/* Not found: set default port */
-		if (*pssl)
-			port = "443";
-		else
-			port = "80";
-	}
-
-	*pport = strdup(port);
-	if (!*pport)
-		goto mem_err;
-
-	*phost = strdup(host);
-
-	if (!*phost)
-		goto mem_err;
-
-	free(buf);
-
-	return 1;
-
-mem_err:
-	OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
-	goto err;
-
-parse_err:
-	OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
-
-err:
-	free(buf);
-	free(*ppath);
-	free(*pport);
-	free(*phost);
-	*phost = NULL;
-	*pport = NULL;
-	*ppath = NULL;
-	return 0;
-}
-
-
-OCSP_CERTID *
-OCSP_CERTID_dup(OCSP_CERTID *x)
-{
-	return ASN1_item_dup(&OCSP_CERTID_it, x);
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_prn.c b/lib/libssl/src/crypto/ocsp/ocsp_prn.c
deleted file mode 100644
index 37d033adb66..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_prn.c
+++ /dev/null
@@ -1,312 +0,0 @@
-/* $OpenBSD: ocsp_prn.c,v 1.8 2015/07/16 02:16:19 miod Exp $ */
-/* Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
- * project. */
-
-/* History:
-   This file was originally part of ocsp.c and was transfered to Richard
-   Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be included
-   in OpenSSL or released as a patch kit. */
-
-/* ====================================================================
- * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/bio.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-
-static int
-ocsp_certid_print(BIO *bp, OCSP_CERTID* a, int indent)
-{
-	BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
-	indent += 2;
-	BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
-	i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
-	BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
-	i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
-	BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
-	i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
-	BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
-	i2a_ASN1_INTEGER(bp, a->serialNumber);
-	BIO_printf(bp, "\n");
-	return 1;
-}
-
-typedef struct {
-	long t;
-	const char *m;
-} OCSP_TBLSTR;
-
-static const char *
-table2string(long s, const OCSP_TBLSTR *ts, int len)
-{
-	const OCSP_TBLSTR *p;
-
-	for (p = ts; p < ts + len; p++)
-		if (p->t == s)
-			return p->m;
-	return "(UNKNOWN)";
-}
-
-const char *
-OCSP_response_status_str(long s)
-{
-	static const OCSP_TBLSTR rstat_tbl[] = {
-		{ OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful" },
-		{ OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest" },
-		{ OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror" },
-		{ OCSP_RESPONSE_STATUS_TRYLATER, "trylater" },
-		{ OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired" },
-		{ OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized" }
-	};
-	return table2string(s, rstat_tbl, 6);
-}
-
-const char *
-OCSP_cert_status_str(long s)
-{
-	static const OCSP_TBLSTR cstat_tbl[] = {
-		{ V_OCSP_CERTSTATUS_GOOD, "good" },
-		{ V_OCSP_CERTSTATUS_REVOKED, "revoked" },
-		{ V_OCSP_CERTSTATUS_UNKNOWN, "unknown" }
-	};
-	return table2string(s, cstat_tbl, 3);
-}
-
-const char *
-OCSP_crl_reason_str(long s)
-{
-	static const OCSP_TBLSTR reason_tbl[] = {
-		{ OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified" },
-		{ OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise" },
-		{ OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise" },
-		{ OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged" },
-		{ OCSP_REVOKED_STATUS_SUPERSEDED, "superseded" },
-		{ OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation" },
-		{ OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold" },
-		{ OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL" }
-	};
-	return table2string(s, reason_tbl, 8);
-}
-
-int
-OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST* o, unsigned long flags)
-{
-	int i;
-	long l;
-	OCSP_CERTID* cid = NULL;
-	OCSP_ONEREQ *one = NULL;
-	OCSP_REQINFO *inf = o->tbsRequest;
-	OCSP_SIGNATURE *sig = o->optionalSignature;
-
-	if (BIO_write(bp, "OCSP Request Data:\n", 19) <= 0)
-		goto err;
-	l = ASN1_INTEGER_get(inf->version);
-	if (BIO_printf(bp, "    Version: %lu (0x%lx)", l+1, l) <= 0)
-		goto err;
-	if (inf->requestorName != NULL) {
-		if (BIO_write(bp, "\n    Requestor Name: ", 21) <= 0)
-			goto err;
-		GENERAL_NAME_print(bp, inf->requestorName);
-	}
-	if (BIO_write(bp, "\n    Requestor List:\n", 21) <= 0)
-		goto err;
-	for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) {
-		one = sk_OCSP_ONEREQ_value(inf->requestList, i);
-		cid = one->reqCert;
-		ocsp_certid_print(bp, cid, 8);
-		if (!X509V3_extensions_print(bp, "Request Single Extensions",
-		    one->singleRequestExtensions, flags, 8))
-			goto err;
-	}
-	if (!X509V3_extensions_print(bp, "Request Extensions",
-	    inf->requestExtensions, flags, 4))
-		goto err;
-	if (sig) {
-		if (X509_signature_print(bp, sig->signatureAlgorithm,
-		    sig->signature) == 0)
-			goto err;
-		for (i = 0; i < sk_X509_num(sig->certs); i++) {
-			if (X509_print(bp, sk_X509_value(sig->certs, i)) == 0)
-				goto err;
-			if (PEM_write_bio_X509(bp,
-			    sk_X509_value(sig->certs, i)) == 0)
-				goto err;
-		}
-	}
-	return 1;
-
-err:
-	return 0;
-}
-
-int
-OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE* o, unsigned long flags)
-{
-	int i, ret = 0;
-	long l;
-	OCSP_CERTID *cid = NULL;
-	OCSP_BASICRESP *br = NULL;
-	OCSP_RESPID *rid = NULL;
-	OCSP_RESPDATA  *rd = NULL;
-	OCSP_CERTSTATUS *cst = NULL;
-	OCSP_REVOKEDINFO *rev = NULL;
-	OCSP_SINGLERESP *single = NULL;
-	OCSP_RESPBYTES *rb = o->responseBytes;
-
-	if (BIO_puts(bp, "OCSP Response Data:\n") <= 0)
-		goto err;
-	l = ASN1_ENUMERATED_get(o->responseStatus);
-	if (BIO_printf(bp, "    OCSP Response Status: %s (0x%lx)\n",
-	    OCSP_response_status_str(l), l) <= 0)
-		goto err;
-	if (rb == NULL)
-		return 1;
-	if (BIO_puts(bp, "    Response Type: ") <= 0)
-		goto err;
-	if (i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
-		goto err;
-	if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
-		BIO_puts(bp, " (unknown response type)\n");
-		return 1;
-	}
-
-	i = ASN1_STRING_length(rb->response);
-	if (!(br = OCSP_response_get1_basic(o)))
-		goto err;
-	rd = br->tbsResponseData;
-	l = ASN1_INTEGER_get(rd->version);
-	if (BIO_printf(bp, "\n    Version: %lu (0x%lx)\n", l+1, l) <= 0)
-		goto err;
-	if (BIO_puts(bp, "    Responder Id: ") <= 0)
-		goto err;
-
-	rid = rd->responderId;
-	switch (rid->type) {
-	case V_OCSP_RESPID_NAME:
-		X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);
-		break;
-	case V_OCSP_RESPID_KEY:
-		i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);
-		break;
-	}
-
-	if (BIO_printf(bp, "\n    Produced At: ")<=0)
-		goto err;
-	if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt))
-		goto err;
-	if (BIO_printf(bp, "\n    Responses:\n") <= 0)
-		goto err;
-	for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) {
-		if (! sk_OCSP_SINGLERESP_value(rd->responses, i))
-			continue;
-		single = sk_OCSP_SINGLERESP_value(rd->responses, i);
-		cid = single->certId;
-		if (ocsp_certid_print(bp, cid, 4) <= 0)
-			goto err;
-		cst = single->certStatus;
-		if (BIO_printf(bp, "    Cert Status: %s",
-		    OCSP_cert_status_str(cst->type)) <= 0)
-			goto err;
-		if (cst->type == V_OCSP_CERTSTATUS_REVOKED) {
-			rev = cst->value.revoked;
-			if (BIO_printf(bp, "\n    Revocation Time: ") <= 0)
-				goto err;
-			if (!ASN1_GENERALIZEDTIME_print(bp,
-			    rev->revocationTime))
-				goto err;
-			if (rev->revocationReason) {
-				l = ASN1_ENUMERATED_get(rev->revocationReason);
-				if (BIO_printf(bp,
-				    "\n    Revocation Reason: %s (0x%lx)",
-				    OCSP_crl_reason_str(l), l) <= 0)
-					goto err;
-			}
-		}
-		if (BIO_printf(bp, "\n    This Update: ") <= 0)
-			goto err;
-		if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate))
-			goto err;
-		if (single->nextUpdate) {
-			if (BIO_printf(bp, "\n    Next Update: ") <= 0)
-				goto err;
-			if (!ASN1_GENERALIZEDTIME_print(bp, single->nextUpdate))
-				goto err;
-		}
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-		if (!X509V3_extensions_print(bp, "Response Single Extensions",
-		    single->singleExtensions, flags, 8))
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (!X509V3_extensions_print(bp, "Response Extensions",
-	    rd->responseExtensions, flags, 4))
-		goto err;
-	if (X509_signature_print(bp, br->signatureAlgorithm, br->signature) <=
-	    0)
-		goto err;
-
-	for (i = 0; i < sk_X509_num(br->certs); i++) {
-		X509_print(bp, sk_X509_value(br->certs, i));
-		PEM_write_bio_X509(bp, sk_X509_value(br->certs, i));
-	}
-
-	ret = 1;
-
-err:
-	OCSP_BASICRESP_free(br);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_srv.c b/lib/libssl/src/crypto/ocsp/ocsp_srv.c
deleted file mode 100644
index 1f8aa3141ea..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_srv.c
+++ /dev/null
@@ -1,276 +0,0 @@
-/* $OpenBSD: ocsp_srv.c,v 1.8 2016/06/25 16:10:26 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* Utility functions related to sending OCSP responses and extracting
- * relevant information from the request.
- */
-
-int
-OCSP_request_onereq_count(OCSP_REQUEST *req)
-{
-	return sk_OCSP_ONEREQ_num(req->tbsRequest->requestList);
-}
-
-OCSP_ONEREQ *
-OCSP_request_onereq_get0(OCSP_REQUEST *req, int i)
-{
-	return sk_OCSP_ONEREQ_value(req->tbsRequest->requestList, i);
-}
-
-OCSP_CERTID *
-OCSP_onereq_get0_id(OCSP_ONEREQ *one)
-{
-	return one->reqCert;
-}
-
-int
-OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
-    ASN1_OCTET_STRING **pikeyHash, ASN1_INTEGER **pserial, OCSP_CERTID *cid)
-{
-	if (!cid)
-		return 0;
-	if (pmd)
-		*pmd = cid->hashAlgorithm->algorithm;
-	if (piNameHash)
-		*piNameHash = cid->issuerNameHash;
-	if (pikeyHash)
-		*pikeyHash = cid->issuerKeyHash;
-	if (pserial)
-		*pserial = cid->serialNumber;
-	return 1;
-}
-
-int
-OCSP_request_is_signed(OCSP_REQUEST *req)
-{
-	if (req->optionalSignature)
-		return 1;
-	return 0;
-}
-
-/* Create an OCSP response and encode an optional basic response */
-OCSP_RESPONSE *
-OCSP_response_create(int status, OCSP_BASICRESP *bs)
-{
-	OCSP_RESPONSE *rsp = NULL;
-
-	if (!(rsp = OCSP_RESPONSE_new()))
-		goto err;
-	if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status)))
-		goto err;
-	if (!bs)
-		return rsp;
-	if (!(rsp->responseBytes = OCSP_RESPBYTES_new()))
-		goto err;
-	rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
-	if (!ASN1_item_pack(bs, ASN1_ITEM_rptr(OCSP_BASICRESP),
-	    &rsp->responseBytes->response))
-		goto err;
-	return rsp;
-
-err:
-	if (rsp)
-		OCSP_RESPONSE_free(rsp);
-	return NULL;
-}
-
-OCSP_SINGLERESP *
-OCSP_basic_add1_status(OCSP_BASICRESP *rsp, OCSP_CERTID *cid, int status,
-    int reason, ASN1_TIME *revtime, ASN1_TIME *thisupd, ASN1_TIME *nextupd)
-{
-	OCSP_SINGLERESP *single = NULL;
-	OCSP_CERTSTATUS *cs;
-	OCSP_REVOKEDINFO *ri;
-
-	if (!rsp->tbsResponseData->responses &&
-	    !(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null()))
-		goto err;
-
-	if (!(single = OCSP_SINGLERESP_new()))
-		goto err;
-
-	if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
-		goto err;
-	if (nextupd &&
-	    !ASN1_TIME_to_generalizedtime(nextupd, &single->nextUpdate))
-		goto err;
-
-	OCSP_CERTID_free(single->certId);
-
-	if (!(single->certId = OCSP_CERTID_dup(cid)))
-		goto err;
-
-	cs = single->certStatus;
-	switch (cs->type = status) {
-	case V_OCSP_CERTSTATUS_REVOKED:
-		if (!revtime) {
-			OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS,
-			    OCSP_R_NO_REVOKED_TIME);
-			goto err;
-		}
-		if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new()))
-			goto err;
-		if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
-			goto err;
-		if (reason != OCSP_REVOKED_STATUS_NOSTATUS) {
-			if (!(ri->revocationReason = ASN1_ENUMERATED_new()))
-				goto err;
-			if (!(ASN1_ENUMERATED_set(ri->revocationReason,
-			    reason)))
-				goto err;
-		}
-		break;
-
-	case V_OCSP_CERTSTATUS_GOOD:
-		cs->value.good = ASN1_NULL_new();
-		break;
-
-	case V_OCSP_CERTSTATUS_UNKNOWN:
-		cs->value.unknown = ASN1_NULL_new();
-		break;
-
-	default:
-		goto err;
-	}
-	if (!(sk_OCSP_SINGLERESP_push(rsp->tbsResponseData->responses, single)))
-		goto err;
-	return single;
-
-err:
-	OCSP_SINGLERESP_free(single);
-	return NULL;
-}
-
-/* Add a certificate to an OCSP request */
-int
-OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
-{
-	if (!resp->certs && !(resp->certs = sk_X509_new_null()))
-		return 0;
-
-	if (!sk_X509_push(resp->certs, cert))
-		return 0;
-	CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
-	return 1;
-}
-
-int
-OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key,
-    const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags)
-{
-	int i;
-	OCSP_RESPID *rid;
-
-	if (!X509_check_private_key(signer, key)) {
-		OCSPerr(OCSP_F_OCSP_BASIC_SIGN,
-		    OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		goto err;
-	}
-
-	if (!(flags & OCSP_NOCERTS)) {
-		if (!OCSP_basic_add1_cert(brsp, signer))
-			goto err;
-		for (i = 0; i < sk_X509_num(certs); i++) {
-			X509 *tmpcert = sk_X509_value(certs, i);
-			if (!OCSP_basic_add1_cert(brsp, tmpcert))
-				goto err;
-		}
-	}
-
-	rid = brsp->tbsResponseData->responderId;
-	if (flags & OCSP_RESPID_KEY) {
-		unsigned char md[SHA_DIGEST_LENGTH];
-
-		X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
-		if (!(rid->value.byKey = ASN1_OCTET_STRING_new()))
-			goto err;
-		if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md,
-		    SHA_DIGEST_LENGTH)))
-			goto err;
-		rid->type = V_OCSP_RESPID_KEY;
-	} else {
-		if (!X509_NAME_set(&rid->value.byName,
-		    X509_get_subject_name(signer)))
-			goto err;
-		rid->type = V_OCSP_RESPID_NAME;
-	}
-
-	if (!(flags & OCSP_NOTIME) &&
-	    !ASN1_GENERALIZEDTIME_set(brsp->tbsResponseData->producedAt, time(NULL)))
-		goto err;
-
-	/* Right now, I think that not doing double hashing is the right
-	   thing.	-- Richard Levitte */
-
-	if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0))
-		goto err;
-
-	return 1;
-
-err:
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/ocsp/ocsp_vfy.c b/lib/libssl/src/crypto/ocsp/ocsp_vfy.c
deleted file mode 100644
index f28571b92fe..00000000000
--- a/lib/libssl/src/crypto/ocsp/ocsp_vfy.c
+++ /dev/null
@@ -1,462 +0,0 @@
-/* $OpenBSD: ocsp_vfy.c,v 1.13 2016/07/05 00:21:47 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/ocsp.h>
-#include <openssl/err.h>
-#include <string.h>
-
-static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
-    STACK_OF(X509) *certs, X509_STORE *st, unsigned long flags);
-static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id);
-static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
-    unsigned long flags);
-static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret);
-static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
-    STACK_OF(OCSP_SINGLERESP) *sresp);
-static int ocsp_check_delegated(X509 *x, int flags);
-static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
-    X509_NAME *nm, STACK_OF(X509) *certs, X509_STORE *st,
-    unsigned long flags);
-
-/* Verify a basic response message */
-int
-OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, X509_STORE *st,
-    unsigned long flags)
-{
-	X509 *signer, *x;
-	STACK_OF(X509) *chain = NULL;
-	STACK_OF(X509) *untrusted = NULL;
-	X509_STORE_CTX ctx;
-	int i, ret = 0;
-
-	ret = ocsp_find_signer(&signer, bs, certs, st, flags);
-	if (!ret) {
-		OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-		    OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-		goto end;
-	}
-	if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-		flags |= OCSP_NOVERIFY;
-	if (!(flags & OCSP_NOSIGS)) {
-		EVP_PKEY *skey;
-
-		skey = X509_get_pubkey(signer);
-		if (skey) {
-			ret = OCSP_BASICRESP_verify(bs, skey, 0);
-			EVP_PKEY_free(skey);
-		}
-		if (!skey || ret <= 0) {
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-			    OCSP_R_SIGNATURE_FAILURE);
-			goto end;
-		}
-	}
-	if (!(flags & OCSP_NOVERIFY)) {
-		int init_res;
-
-		if (flags & OCSP_NOCHAIN) {
-			untrusted = NULL;
-		} else if (bs->certs && certs) {
-			untrusted = sk_X509_dup(bs->certs);
-			for (i = 0; i < sk_X509_num(certs); i++) {
-				if (!sk_X509_push(untrusted,
-					sk_X509_value(certs, i))) {
-					OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-					    ERR_R_MALLOC_FAILURE);
-					goto end;
-				}
-			}
-		} else
-			untrusted = bs->certs;
-		init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted);
-		if (!init_res) {
-			ret = -1;
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB);
-			goto end;
-		}
-
-		X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-		ret = X509_verify_cert(&ctx);
-		chain = X509_STORE_CTX_get1_chain(&ctx);
-		X509_STORE_CTX_cleanup(&ctx);
-		if (ret <= 0) {
-			i = X509_STORE_CTX_get_error(&ctx);
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-			    OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_asprintf_error_data("Verify error:%s",
-			    X509_verify_cert_error_string(i));
-			goto end;
-		}
-		if (flags & OCSP_NOCHECKS) {
-			ret = 1;
-			goto end;
-		}
-		/* At this point we have a valid certificate chain
-		 * need to verify it against the OCSP issuer criteria.
-		 */
-		ret = ocsp_check_issuer(bs, chain, flags);
-
-		/* If fatal error or valid match then finish */
-		if (ret != 0)
-			goto end;
-
-		/* Easy case: explicitly trusted. Get root CA and
-		 * check for explicit trust
-		 */
-		if (flags & OCSP_NOEXPLICIT)
-			goto end;
-
-		x = sk_X509_value(chain, sk_X509_num(chain) - 1);
-		if (X509_check_trust(x, NID_OCSP_sign, 0) !=
-			X509_TRUST_TRUSTED) {
-			OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
-			    OCSP_R_ROOT_CA_NOT_TRUSTED);
-			goto end;
-		}
-		ret = 1;
-	}
-
-end:
-	if (chain)
-		sk_X509_pop_free(chain, X509_free);
-	if (bs->certs && certs)
-		sk_X509_free(untrusted);
-	return ret;
-}
-
-static int
-ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
-    X509_STORE *st, unsigned long flags)
-{
-	X509 *signer;
-	OCSP_RESPID *rid = bs->tbsResponseData->responderId;
-
-	if ((signer = ocsp_find_signer_sk(certs, rid))) {
-		*psigner = signer;
-		return 2;
-	}
-	if (!(flags & OCSP_NOINTERN) &&
-	    (signer = ocsp_find_signer_sk(bs->certs, rid))) {
-		*psigner = signer;
-		return 1;
-	}
-	/* Maybe lookup from store if by subject name */
-
-	*psigner = NULL;
-	return 0;
-}
-
-static X509 *
-ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
-{
-	int i;
-	unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
-	X509 *x;
-
-	/* Easy if lookup by name */
-	if (id->type == V_OCSP_RESPID_NAME)
-		return X509_find_by_subject(certs, id->value.byName);
-
-	/* Lookup by key hash */
-
-	/* If key hash isn't SHA1 length then forget it */
-	if (id->value.byKey->length != SHA_DIGEST_LENGTH)
-		return NULL;
-	keyhash = id->value.byKey->data;
-	/* Calculate hash of each key and compare */
-	for (i = 0; i < sk_X509_num(certs); i++) {
-		x = sk_X509_value(certs, i);
-		X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
-		if (!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
-			return x;
-	}
-	return NULL;
-}
-
-static int
-ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
-    unsigned long flags)
-{
-	STACK_OF(OCSP_SINGLERESP) *sresp;
-	X509 *signer, *sca;
-	OCSP_CERTID *caid = NULL;
-	int i;
-
-	sresp = bs->tbsResponseData->responses;
-
-	if (sk_X509_num(chain) <= 0) {
-		OCSPerr(OCSP_F_OCSP_CHECK_ISSUER,
-		    OCSP_R_NO_CERTIFICATES_IN_CHAIN);
-		return -1;
-	}
-
-	/* See if the issuer IDs match. */
-	i = ocsp_check_ids(sresp, &caid);
-
-	/* If ID mismatch or other error then return */
-	if (i <= 0)
-		return i;
-
-	signer = sk_X509_value(chain, 0);
-	/* Check to see if OCSP responder CA matches request CA */
-	if (sk_X509_num(chain) > 1) {
-		sca = sk_X509_value(chain, 1);
-		i = ocsp_match_issuerid(sca, caid, sresp);
-		if (i < 0)
-			return i;
-		if (i) {
-			/* We have a match, if extensions OK then success */
-			if (ocsp_check_delegated(signer, flags))
-				return 1;
-			return 0;
-		}
-	}
-
-	/* Otherwise check if OCSP request signed directly by request CA */
-	return ocsp_match_issuerid(signer, caid, sresp);
-}
-
-/* Check the issuer certificate IDs for equality. If there is a mismatch with the same
- * algorithm then there's no point trying to match any certificates against the issuer.
- * If the issuer IDs all match then we just need to check equality against one of them.
- */
-static int
-ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
-{
-	OCSP_CERTID *tmpid, *cid;
-	int i, idcount;
-
-	idcount = sk_OCSP_SINGLERESP_num(sresp);
-	if (idcount <= 0) {
-		OCSPerr(OCSP_F_OCSP_CHECK_IDS,
-		    OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA);
-		return -1;
-	}
-
-	cid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
-
-	*ret = NULL;
-
-	for (i = 1; i < idcount; i++) {
-		tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
-		/* Check to see if IDs match */
-		if (OCSP_id_issuer_cmp(cid, tmpid)) {
-			return 0;
-		}
-	}
-
-	/* All IDs match: only need to check one ID */
-	*ret = cid;
-	return 1;
-}
-
-static int
-ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
-    STACK_OF(OCSP_SINGLERESP) *sresp)
-{
-	/* If only one ID to match then do it */
-	if (cid) {
-		const EVP_MD *dgst;
-		X509_NAME *iname;
-		int mdlen;
-		unsigned char md[EVP_MAX_MD_SIZE];
-
-		if (!(dgst =
-		    EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) {
-			OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
-			    OCSP_R_UNKNOWN_MESSAGE_DIGEST);
-			return -1;
-		}
-
-		mdlen = EVP_MD_size(dgst);
-		if (mdlen < 0)
-			return -1;
-		if (cid->issuerNameHash->length != mdlen ||
-		    cid->issuerKeyHash->length != mdlen)
-			return 0;
-		iname = X509_get_subject_name(cert);
-		if (!X509_NAME_digest(iname, dgst, md, NULL))
-			return -1;
-		if (memcmp(md, cid->issuerNameHash->data, mdlen))
-			return 0;
-		X509_pubkey_digest(cert, dgst, md, NULL);
-		if (memcmp(md, cid->issuerKeyHash->data, mdlen))
-			return 0;
-
-		return 1;
-	} else {
-		/* We have to match the whole lot */
-		int i, ret;
-		OCSP_CERTID *tmpid;
-
-		for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
-			tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
-			ret = ocsp_match_issuerid(cert, tmpid, NULL);
-			if (ret <= 0)
-				return ret;
-		}
-		return 1;
-	}
-}
-
-static int
-ocsp_check_delegated(X509 *x, int flags)
-{
-	X509_check_purpose(x, -1, 0);
-	if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN))
-		return 1;
-	OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE);
-	return 0;
-}
-
-/* Verify an OCSP request. This is fortunately much easier than OCSP
- * response verify. Just find the signers certificate and verify it
- * against a given trust value.
- */
-int
-OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store,
-    unsigned long flags)
-{
-	X509 *signer;
-	X509_NAME *nm;
-	GENERAL_NAME *gen;
-	int ret;
-	X509_STORE_CTX ctx;
-
-	if (!req->optionalSignature) {
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_REQUEST_NOT_SIGNED);
-		return 0;
-	}
-	gen = req->tbsRequest->requestorName;
-	if (!gen || gen->type != GEN_DIRNAME) {
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-		    OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
-		return 0;
-	}
-	nm = gen->d.directoryName;
-	ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags);
-	if (ret <= 0) {
-		OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-		    OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
-		return 0;
-	}
-	if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
-		flags |= OCSP_NOVERIFY;
-	if (!(flags & OCSP_NOSIGS)) {
-		EVP_PKEY *skey;
-
-		skey = X509_get_pubkey(signer);
-		ret = OCSP_REQUEST_verify(req, skey);
-		EVP_PKEY_free(skey);
-		if (ret <= 0) {
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-			    OCSP_R_SIGNATURE_FAILURE);
-			return 0;
-		}
-	}
-	if (!(flags & OCSP_NOVERIFY)) {
-		int init_res;
-
-		if (flags & OCSP_NOCHAIN)
-			init_res = X509_STORE_CTX_init(&ctx, store, signer,
-			    NULL);
-		else
-			init_res = X509_STORE_CTX_init(&ctx, store, signer,
-			    req->optionalSignature->certs);
-		if (!init_res) {
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, ERR_R_X509_LIB);
-			return 0;
-		}
-
-		X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
-		X509_STORE_CTX_set_trust(&ctx, X509_TRUST_OCSP_REQUEST);
-		ret = X509_verify_cert(&ctx);
-		X509_STORE_CTX_cleanup(&ctx);
-		if (ret <= 0) {
-			ret = X509_STORE_CTX_get_error(&ctx);
-			OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
-			    OCSP_R_CERTIFICATE_VERIFY_ERROR);
-			ERR_asprintf_error_data("Verify error:%s",
-			    X509_verify_cert_error_string(ret));
-			return 0;
-		}
-	}
-	return 1;
-}
-
-static int
-ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req, X509_NAME *nm,
-    STACK_OF(X509) *certs, X509_STORE *st, unsigned long flags)
-{
-	X509 *signer;
-
-	if (!(flags & OCSP_NOINTERN)) {
-		signer = X509_find_by_subject(req->optionalSignature->certs, nm);
-		if (signer) {
-			*psigner = signer;
-			return 1;
-		}
-	}
-
-	signer = X509_find_by_subject(certs, nm);
-	if (signer) {
-		*psigner = signer;
-		return 2;
-	}
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/opensslfeatures.h b/lib/libssl/src/crypto/opensslfeatures.h
deleted file mode 100644
index ba4dbba9596..00000000000
--- a/lib/libssl/src/crypto/opensslfeatures.h
+++ /dev/null
@@ -1,26 +0,0 @@
-# define OPENSSL_NO_EC_NISTP_64_GCC_128
-# define OPENSSL_NO_CMS
-# define OPENSSL_NO_COMP
-# define OPENSSL_NO_EGD
-# define OPENSSL_NO_GMP
-# define OPENSSL_NO_JPAKE
-# define OPENSSL_NO_KRB5
-# define OPENSSL_NO_MD2
-# define OPENSSL_NO_MDC2
-# define OPENSSL_NO_PSK
-# define OPENSSL_NO_RC5
-# define OPENSSL_NO_RFC3779
-# define OPENSSL_NO_RSAX
-# define OPENSSL_NO_SCTP
-# define OPENSSL_NO_SEED
-# define OPENSSL_NO_SHA0
-# define OPENSSL_NO_SRP
-# define OPENSSL_NO_SSL2
-# define OPENSSL_NO_SSL3
-# define OPENSSL_NO_SSL3_METHOD
-# define OPENSSL_NO_STORE
-# define OPENSSL_NO_BUF_FREELISTS
-# define OPENSSL_NO_HEARTBEATS
-# define OPENSSL_NO_DYNAMIC_ENGINE
-
-# define OPENSSL_THREADS
diff --git a/lib/libssl/src/crypto/opensslv.h b/lib/libssl/src/crypto/opensslv.h
deleted file mode 100644
index ecc92412d1d..00000000000
--- a/lib/libssl/src/crypto/opensslv.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* $OpenBSD: opensslv.h,v 1.37 2016/07/31 19:30:32 bcook Exp $ */
-#ifndef HEADER_OPENSSLV_H
-#define HEADER_OPENSSLV_H
-
-/* These will change with each release of LibreSSL-portable */
-#define LIBRESSL_VERSION_NUMBER	0x2050000fL
-#define LIBRESSL_VERSION_TEXT	"LibreSSL 2.5.0"
-
-/* These will never change */
-#define OPENSSL_VERSION_NUMBER	0x20000000L
-#define OPENSSL_VERSION_TEXT	LIBRESSL_VERSION_TEXT
-#define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
-
-#define SHLIB_VERSION_HISTORY ""
-#define SHLIB_VERSION_NUMBER "1.0.0"
-
-#endif /* HEADER_OPENSSLV_H */
diff --git a/lib/libssl/src/crypto/ossl_typ.h b/lib/libssl/src/crypto/ossl_typ.h
deleted file mode 100644
index 234fdca1ea8..00000000000
--- a/lib/libssl/src/crypto/ossl_typ.h
+++ /dev/null
@@ -1,174 +0,0 @@
-/* $OpenBSD: ossl_typ.h,v 1.13 2015/09/30 04:10:07 doug Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_OPENSSL_TYPES_H
-#define HEADER_OPENSSL_TYPES_H
-
-#include <openssl/opensslconf.h>
-
-typedef struct asn1_string_st ASN1_INTEGER;
-typedef struct asn1_string_st ASN1_ENUMERATED;
-typedef struct asn1_string_st ASN1_BIT_STRING;
-typedef struct asn1_string_st ASN1_OCTET_STRING;
-typedef struct asn1_string_st ASN1_PRINTABLESTRING;
-typedef struct asn1_string_st ASN1_T61STRING;
-typedef struct asn1_string_st ASN1_IA5STRING;
-typedef struct asn1_string_st ASN1_GENERALSTRING;
-typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
-typedef struct asn1_string_st ASN1_BMPSTRING;
-typedef struct asn1_string_st ASN1_UTCTIME;
-typedef struct asn1_string_st ASN1_TIME;
-typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
-typedef struct asn1_string_st ASN1_VISIBLESTRING;
-typedef struct asn1_string_st ASN1_UTF8STRING;
-typedef struct asn1_string_st ASN1_STRING;
-typedef int ASN1_BOOLEAN;
-typedef int ASN1_NULL;
-
-typedef struct ASN1_ITEM_st ASN1_ITEM;
-typedef struct asn1_pctx_st ASN1_PCTX;
-
-#ifdef BIGNUM
-#undef BIGNUM
-#endif
-typedef struct bignum_st BIGNUM;
-typedef struct bignum_ctx BN_CTX;
-typedef struct bn_blinding_st BN_BLINDING;
-typedef struct bn_mont_ctx_st BN_MONT_CTX;
-typedef struct bn_recp_ctx_st BN_RECP_CTX;
-typedef struct bn_gencb_st BN_GENCB;
-
-typedef struct buf_mem_st BUF_MEM;
-
-typedef struct evp_cipher_st EVP_CIPHER;
-typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
-typedef struct env_md_st EVP_MD;
-typedef struct env_md_ctx_st EVP_MD_CTX;
-typedef struct evp_pkey_st EVP_PKEY;
-
-typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
-
-typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
-typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
-
-typedef struct dh_st DH;
-typedef struct dh_method DH_METHOD;
-
-typedef struct dsa_st DSA;
-typedef struct dsa_method DSA_METHOD;
-
-typedef struct rsa_st RSA;
-typedef struct rsa_meth_st RSA_METHOD;
-
-typedef struct rand_meth_st RAND_METHOD;
-
-typedef struct ecdh_method ECDH_METHOD;
-typedef struct ecdsa_method ECDSA_METHOD;
-
-typedef struct x509_st X509;
-typedef struct X509_algor_st X509_ALGOR;
-typedef struct X509_crl_st X509_CRL;
-typedef struct x509_crl_method_st X509_CRL_METHOD;
-typedef struct x509_revoked_st X509_REVOKED;
-typedef struct X509_name_st X509_NAME;
-typedef struct X509_pubkey_st X509_PUBKEY;
-typedef struct x509_store_st X509_STORE;
-typedef struct x509_store_ctx_st X509_STORE_CTX;
-
-typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
-
-typedef struct v3_ext_ctx X509V3_CTX;
-typedef struct conf_st CONF;
-
-typedef struct store_st STORE;
-typedef struct store_method_st STORE_METHOD;
-
-typedef struct ui_st UI;
-typedef struct ui_method_st UI_METHOD;
-
-typedef struct st_ERR_FNS ERR_FNS;
-
-typedef struct engine_st ENGINE;
-typedef struct ssl_st SSL;
-typedef struct ssl_ctx_st SSL_CTX;
-
-typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
-typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
-typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
-typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
-
-typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
-typedef struct DIST_POINT_st DIST_POINT;
-typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
-typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
-
-/* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
-#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */
-#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */
-
-typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
-/* Callback types for crypto.h */
-typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-    int idx, long argl, void *argp);
-typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-    int idx, long argl, void *argp);
-typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
-    void *from_d, int idx, long argl, void *argp);
-
-typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
-typedef struct ocsp_response_st OCSP_RESPONSE;
-typedef struct ocsp_responder_id_st OCSP_RESPID;
-
-#endif /* def HEADER_OPENSSL_TYPES_H */
diff --git a/lib/libssl/src/crypto/pariscid.pl b/lib/libssl/src/crypto/pariscid.pl
deleted file mode 100644
index da74a2836ce..00000000000
--- a/lib/libssl/src/crypto/pariscid.pl
+++ /dev/null
@@ -1,86 +0,0 @@
-#!/usr/bin/env perl
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$ST		="std";
-} else {
-	$LEVEL		="1.1";
-	$SIZE_T		=4;
-	$ST		="stw";
-}
-
-$rp="%r2";
-$sp="%r30";
-$rv="%r28";
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	OPENSSL_cpuid_setup,ENTRY
-	.ALIGN	8
-OPENSSL_cpuid_setup
-	.PROC
-	.CALLINFO	NO_CALLS
-	.ENTRY
-	bv	($rp)
-	.EXIT
-	nop
-	.PROCEND
-
-	.EXPORT	OPENSSL_wipe_cpu,ENTRY
-	.ALIGN	8
-OPENSSL_wipe_cpu
-	.PROC
-	.CALLINFO	NO_CALLS
-	.ENTRY
-	xor		%r0,%r0,%r1
-	fcpy,dbl	%fr0,%fr4
-	xor		%r0,%r0,%r19
-	fcpy,dbl	%fr0,%fr5
-	xor		%r0,%r0,%r20
-	fcpy,dbl	%fr0,%fr6
-	xor		%r0,%r0,%r21
-	fcpy,dbl	%fr0,%fr7
-	xor		%r0,%r0,%r22
-	fcpy,dbl	%fr0,%fr8
-	xor		%r0,%r0,%r23
-	fcpy,dbl	%fr0,%fr9
-	xor		%r0,%r0,%r24
-	fcpy,dbl	%fr0,%fr10
-	xor		%r0,%r0,%r25
-	fcpy,dbl	%fr0,%fr11
-	xor		%r0,%r0,%r26
-	fcpy,dbl	%fr0,%fr22
-	xor		%r0,%r0,%r29
-	fcpy,dbl	%fr0,%fr23
-	xor		%r0,%r0,%r31
-	fcpy,dbl	%fr0,%fr24
-	fcpy,dbl	%fr0,%fr25
-	fcpy,dbl	%fr0,%fr26
-	fcpy,dbl	%fr0,%fr27
-	fcpy,dbl	%fr0,%fr28
-	fcpy,dbl	%fr0,%fr29
-	fcpy,dbl	%fr0,%fr30
-	fcpy,dbl	%fr0,%fr31
-	bv		($rp)
-	.EXIT
-	ldo		0($sp),$rv
-	.PROCEND
-___
-$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
-$code =~ s/,\*/,/gm		if ($SIZE_T==4);
-$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
-print $code;
-close STDOUT;
-
diff --git a/lib/libssl/src/crypto/pem/message b/lib/libssl/src/crypto/pem/message
deleted file mode 100644
index e8bf9d75929..00000000000
--- a/lib/libssl/src/crypto/pem/message
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PRIVACY-ENHANCED MESSAGE-----
-Proc-Type: 4,ENCRYPTED
-Proc-Type: 4,MIC-ONLY
-Proc-Type: 4,MIC-CLEAR
-Content-Domain: RFC822
-DEK-Info: DES-CBC,0123456789abcdef
-Originator-Certificate
- xxxx
-Issuer-Certificate
- xxxx
-MIC-Info: RSA-MD5,RSA,
- xxxx
-
-
------END PRIVACY-ENHANCED MESSAGE-----
-
diff --git a/lib/libssl/src/crypto/pem/pem.h b/lib/libssl/src/crypto/pem/pem.h
deleted file mode 100644
index 3a0d8b35761..00000000000
--- a/lib/libssl/src/crypto/pem/pem.h
+++ /dev/null
@@ -1,616 +0,0 @@
-/* $OpenBSD: pem.h,v 1.16 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PEM_H
-#define HEADER_PEM_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#ifndef OPENSSL_NO_STACK
-#include <openssl/stack.h>
-#endif
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/pem2.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define PEM_BUFSIZE		1024
-
-#define PEM_OBJ_UNDEF		0
-#define PEM_OBJ_X509		1
-#define PEM_OBJ_X509_REQ	2
-#define PEM_OBJ_CRL		3
-#define PEM_OBJ_SSL_SESSION	4
-#define PEM_OBJ_PRIV_KEY	10
-#define PEM_OBJ_PRIV_RSA	11
-#define PEM_OBJ_PRIV_DSA	12
-#define PEM_OBJ_PRIV_DH		13
-#define PEM_OBJ_PUB_RSA		14
-#define PEM_OBJ_PUB_DSA		15
-#define PEM_OBJ_PUB_DH		16
-#define PEM_OBJ_DHPARAMS	17
-#define PEM_OBJ_DSAPARAMS	18
-#define PEM_OBJ_PRIV_RSA_PUBLIC	19
-#define PEM_OBJ_PRIV_ECDSA	20
-#define PEM_OBJ_PUB_ECDSA	21
-#define PEM_OBJ_ECPARAMETERS	22
-
-#define PEM_ERROR		30
-#define PEM_DEK_DES_CBC         40
-#define PEM_DEK_IDEA_CBC        45
-#define PEM_DEK_DES_EDE         50
-#define PEM_DEK_DES_ECB         60
-#define PEM_DEK_RSA             70
-#define PEM_DEK_RSA_MD2         80
-#define PEM_DEK_RSA_MD5         90
-
-#define PEM_MD_MD2		NID_md2
-#define PEM_MD_MD5		NID_md5
-#define PEM_MD_SHA		NID_sha
-#define PEM_MD_MD2_RSA		NID_md2WithRSAEncryption
-#define PEM_MD_MD5_RSA		NID_md5WithRSAEncryption
-#define PEM_MD_SHA_RSA		NID_sha1WithRSAEncryption
-
-#define PEM_STRING_X509_OLD	"X509 CERTIFICATE"
-#define PEM_STRING_X509		"CERTIFICATE"
-#define PEM_STRING_X509_PAIR	"CERTIFICATE PAIR"
-#define PEM_STRING_X509_TRUSTED	"TRUSTED CERTIFICATE"
-#define PEM_STRING_X509_REQ_OLD	"NEW CERTIFICATE REQUEST"
-#define PEM_STRING_X509_REQ	"CERTIFICATE REQUEST"
-#define PEM_STRING_X509_CRL	"X509 CRL"
-#define PEM_STRING_EVP_PKEY	"ANY PRIVATE KEY"
-#define PEM_STRING_PUBLIC	"PUBLIC KEY"
-#define PEM_STRING_RSA		"RSA PRIVATE KEY"
-#define PEM_STRING_RSA_PUBLIC	"RSA PUBLIC KEY"
-#define PEM_STRING_DSA		"DSA PRIVATE KEY"
-#define PEM_STRING_DSA_PUBLIC	"DSA PUBLIC KEY"
-#define PEM_STRING_PKCS7	"PKCS7"
-#define PEM_STRING_PKCS7_SIGNED	"PKCS #7 SIGNED DATA"
-#define PEM_STRING_PKCS8	"ENCRYPTED PRIVATE KEY"
-#define PEM_STRING_PKCS8INF	"PRIVATE KEY"
-#define PEM_STRING_DHPARAMS	"DH PARAMETERS"
-#define PEM_STRING_SSL_SESSION	"SSL SESSION PARAMETERS"
-#define PEM_STRING_DSAPARAMS	"DSA PARAMETERS"
-#define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
-#define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
-#define PEM_STRING_ECPRIVATEKEY	"EC PRIVATE KEY"
-#define PEM_STRING_PARAMETERS	"PARAMETERS"
-#define PEM_STRING_CMS		"CMS"
-
-  /* Note that this structure is initialised by PEM_SealInit and cleaned up
-     by PEM_SealFinal (at least for now) */
-typedef struct PEM_Encode_Seal_st {
-	EVP_ENCODE_CTX encode;
-	EVP_MD_CTX md;
-	EVP_CIPHER_CTX cipher;
-} PEM_ENCODE_SEAL_CTX;
-
-/* enc_type is one off */
-#define PEM_TYPE_ENCRYPTED      10
-#define PEM_TYPE_MIC_ONLY       20
-#define PEM_TYPE_MIC_CLEAR      30
-#define PEM_TYPE_CLEAR		40
-
-typedef struct pem_recip_st {
-	char *name;
-	X509_NAME *dn;
-
-	int cipher;
-	int key_enc;
-	/*	char iv[8]; unused and wrong size */
-} PEM_USER;
-
-typedef struct pem_ctx_st {
-	int type;		/* what type of object */
-
-	struct	{
-		int version;
-		int mode;
-	} proc_type;
-
-	char *domain;
-
-	struct	{
-		int cipher;
-	/* unused, and wrong size
-	   unsigned char iv[8]; */
-	} DEK_info;
-
-	PEM_USER *originator;
-
-	int num_recipient;
-	PEM_USER **recipient;
-
-	/* XXX(ben): don#t think this is used!
-		STACK *x509_chain;	/ * certificate chain */
-	EVP_MD *md;		/* signature type */
-
-	int md_enc;		/* is the md encrypted or not? */
-	int md_len;		/* length of md_data */
-	char *md_data;		/* message digest, could be pkey encrypted */
-
-	EVP_CIPHER *dec;	/* date encryption cipher */
-	int key_len;		/* key length */
-	unsigned char *key;	/* key */
-	/* unused, and wrong size
-	   unsigned char iv[8]; */
-
-	int  data_enc;		/* is the data encrypted */
-	int data_len;
-	unsigned char *data;
-} PEM_CTX;
-
-/* These macros make the PEM_read/PEM_write functions easier to maintain and
- * write. Now they are all implemented with either:
- * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...)
- */
-
-
-#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
-type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
-}
-
-#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-#define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, const type *x) \
-{ \
-return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, \
-		  void *u) \
-	{ \
-	return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
-	}
-
-#define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
-int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, \
-		  void *u) \
-	{ \
-	return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
-	}
-
-
-#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
-{ \
-return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
-}
-
-#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
-}
-
-#define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, const type *x) \
-{ \
-return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
-}
-
-#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
-	{ \
-	return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
-	}
-
-#define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
-	{ \
-	return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
-	}
-
-#define IMPLEMENT_PEM_write(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
-	IMPLEMENT_PEM_read_fp(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw(name, type, str, asn1) \
-	IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_write(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
-	IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_const(name, type, str, asn1)
-
-#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
-	IMPLEMENT_PEM_read(name, type, str, asn1) \
-	IMPLEMENT_PEM_write_cb(name, type, str, asn1)
-
-/* These are the same except they are for the declarations */
-
-
-#define DECLARE_PEM_read_fp(name, type) \
-	type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_fp(name, type) \
-	int PEM_write_##name(FILE *fp, type *x);
-
-#define DECLARE_PEM_write_fp_const(name, type) \
-	int PEM_write_##name(FILE *fp, const type *x);
-
-#define DECLARE_PEM_write_cb_fp(name, type) \
-	int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-
-#ifndef OPENSSL_NO_BIO
-#define DECLARE_PEM_read_bio(name, type) \
-	type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
-
-#define DECLARE_PEM_write_bio(name, type) \
-	int PEM_write_bio_##name(BIO *bp, type *x);
-
-#define DECLARE_PEM_write_bio_const(name, type) \
-	int PEM_write_bio_##name(BIO *bp, const type *x);
-
-#define DECLARE_PEM_write_cb_bio(name, type) \
-	int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
-	     unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
-
-#else
-
-#define DECLARE_PEM_read_bio(name, type) /**/
-#define DECLARE_PEM_write_bio(name, type) /**/
-#define DECLARE_PEM_write_bio_const(name, type) /**/
-#define DECLARE_PEM_write_cb_bio(name, type) /**/
-
-#endif
-
-#define DECLARE_PEM_write(name, type) \
-	DECLARE_PEM_write_bio(name, type) \
-	DECLARE_PEM_write_fp(name, type)
-
-#define DECLARE_PEM_write_const(name, type) \
-	DECLARE_PEM_write_bio_const(name, type) \
-	DECLARE_PEM_write_fp_const(name, type)
-
-#define DECLARE_PEM_write_cb(name, type) \
-	DECLARE_PEM_write_cb_bio(name, type) \
-	DECLARE_PEM_write_cb_fp(name, type)
-
-#define DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_read_bio(name, type) \
-	DECLARE_PEM_read_fp(name, type)
-
-#define DECLARE_PEM_rw(name, type) \
-	DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_write(name, type)
-
-#define DECLARE_PEM_rw_const(name, type) \
-	DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_write_const(name, type)
-
-#define DECLARE_PEM_rw_cb(name, type) \
-	DECLARE_PEM_read(name, type) \
-	DECLARE_PEM_write_cb(name, type)
-
-typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata);
-
-int	PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
-int	PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
-	    pem_password_cb *callback, void *u);
-
-#ifndef OPENSSL_NO_BIO
-int	PEM_read_bio(BIO *bp, char **name, char **header,
-	    unsigned char **data, long *len);
-int	PEM_write_bio(BIO *bp, const char *name, char *hdr, unsigned char *data,
-	    long len);
-int	PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
-	    const char *name, BIO *bp, pem_password_cb *cb, void *u);
-void *	PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp,
-	    void **x, pem_password_cb *cb, void *u);
-int	PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
-	    const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-	    pem_password_cb *cb, void *u);
-
-STACK_OF(X509_INFO) *	PEM_X509_INFO_read_bio(BIO *bp,
-	    STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u);
-int	PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-	    unsigned char *kstr, int klen, pem_password_cb *cd, void *u);
-#endif
-
-int	PEM_read(FILE *fp, char **name, char **header,
-	    unsigned char **data, long *len);
-int	PEM_write(FILE *fp, char *name, char *hdr, unsigned char *data,
-	    long len);
-void *  PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
-	    pem_password_cb *cb, void *u);
-int	PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
-	    void *x, const EVP_CIPHER *enc, unsigned char *kstr,
-	    int klen, pem_password_cb *callback, void *u);
-STACK_OF(X509_INFO) *	PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
-	    pem_password_cb *cb, void *u);
-
-int	PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
-	    EVP_MD *md_type, unsigned char **ek, int *ekl,
-	    unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void	PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-	    unsigned char *in, int inl);
-int	PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-	    unsigned char *out, int *outl, EVP_PKEY *priv);
-
-void    PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void    PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
-int	PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
-	    unsigned int *siglen, EVP_PKEY *pkey);
-
-int	PEM_def_callback(char *buf, int num, int w, void *key);
-void	PEM_proc_type(char *buf, int type);
-void	PEM_dek_info(char *buf, const char *type, int len, char *str);
-
-
-DECLARE_PEM_rw(X509, X509)
-
-DECLARE_PEM_rw(X509_AUX, X509)
-
-DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
-
-DECLARE_PEM_rw(X509_REQ, X509_REQ)
-DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
-
-DECLARE_PEM_rw(X509_CRL, X509_CRL)
-
-DECLARE_PEM_rw(PKCS7, PKCS7)
-
-DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
-
-DECLARE_PEM_rw(PKCS8, X509_SIG)
-
-DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
-
-#ifndef OPENSSL_NO_RSA
-
-DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
-
-DECLARE_PEM_rw_const(RSAPublicKey, RSA)
-DECLARE_PEM_rw(RSA_PUBKEY, RSA)
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-
-DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
-
-DECLARE_PEM_rw(DSA_PUBKEY, DSA)
-
-DECLARE_PEM_rw_const(DSAparams, DSA)
-
-#endif
-
-#ifndef OPENSSL_NO_EC
-DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
-DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
-DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-DECLARE_PEM_rw_const(DHparams, DH)
-
-#endif
-
-DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
-
-DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
-
-int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
-    char *, int, pem_password_cb *, void *);
-int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
-    void *u);
-
-int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-    char *kstr, int klen,
-    pem_password_cb *cb, void *u);
-
-EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
-    void *u);
-
-int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cd, void *u);
-
-EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
-int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
-
-
-EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
-EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
-EVP_PKEY *b2i_PublicKey_bio(BIO *in);
-int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
-int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
-#ifndef OPENSSL_NO_RC4
-EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
-int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb,
-    void *u);
-#endif
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PEM_strings(void);
-
-/* Error codes for the PEM functions. */
-
-/* Function codes. */
-#define PEM_F_B2I_DSS					 127
-#define PEM_F_B2I_PVK_BIO				 128
-#define PEM_F_B2I_RSA					 129
-#define PEM_F_CHECK_BITLEN_DSA				 130
-#define PEM_F_CHECK_BITLEN_RSA				 131
-#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO			 120
-#define PEM_F_D2I_PKCS8PRIVATEKEY_FP			 121
-#define PEM_F_DO_B2I					 132
-#define PEM_F_DO_B2I_BIO				 133
-#define PEM_F_DO_BLOB_HEADER				 134
-#define PEM_F_DO_PK8PKEY				 126
-#define PEM_F_DO_PK8PKEY_FP				 125
-#define PEM_F_DO_PVK_BODY				 135
-#define PEM_F_DO_PVK_HEADER				 136
-#define PEM_F_I2B_PVK					 137
-#define PEM_F_I2B_PVK_BIO				 138
-#define PEM_F_LOAD_IV					 101
-#define PEM_F_PEM_ASN1_READ				 102
-#define PEM_F_PEM_ASN1_READ_BIO				 103
-#define PEM_F_PEM_ASN1_WRITE				 104
-#define PEM_F_PEM_ASN1_WRITE_BIO			 105
-#define PEM_F_PEM_DEF_CALLBACK				 100
-#define PEM_F_PEM_DO_HEADER				 106
-#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY		 118
-#define PEM_F_PEM_GET_EVP_CIPHER_INFO			 107
-#define PEM_F_PEM_PK8PKEY				 119
-#define PEM_F_PEM_READ					 108
-#define PEM_F_PEM_READ_BIO				 109
-#define PEM_F_PEM_READ_BIO_PARAMETERS			 140
-#define PEM_F_PEM_READ_BIO_PRIVATEKEY			 123
-#define PEM_F_PEM_READ_PRIVATEKEY			 124
-#define PEM_F_PEM_SEALFINAL				 110
-#define PEM_F_PEM_SEALINIT				 111
-#define PEM_F_PEM_SIGNFINAL				 112
-#define PEM_F_PEM_WRITE					 113
-#define PEM_F_PEM_WRITE_BIO				 114
-#define PEM_F_PEM_WRITE_PRIVATEKEY			 139
-#define PEM_F_PEM_X509_INFO_READ			 115
-#define PEM_F_PEM_X509_INFO_READ_BIO			 116
-#define PEM_F_PEM_X509_INFO_WRITE_BIO			 117
-
-/* Reason codes. */
-#define PEM_R_BAD_BASE64_DECODE				 100
-#define PEM_R_BAD_DECRYPT				 101
-#define PEM_R_BAD_END_LINE				 102
-#define PEM_R_BAD_IV_CHARS				 103
-#define PEM_R_BAD_MAGIC_NUMBER				 116
-#define PEM_R_BAD_PASSWORD_READ				 104
-#define PEM_R_BAD_VERSION_NUMBER			 117
-#define PEM_R_BIO_WRITE_FAILURE				 118
-#define PEM_R_CIPHER_IS_NULL				 127
-#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY		 115
-#define PEM_R_EXPECTING_PRIVATE_KEY_BLOB		 119
-#define PEM_R_EXPECTING_PUBLIC_KEY_BLOB			 120
-#define PEM_R_INCONSISTENT_HEADER			 121
-#define PEM_R_KEYBLOB_HEADER_PARSE_ERROR		 122
-#define PEM_R_KEYBLOB_TOO_SHORT				 123
-#define PEM_R_NOT_DEK_INFO				 105
-#define PEM_R_NOT_ENCRYPTED				 106
-#define PEM_R_NOT_PROC_TYPE				 107
-#define PEM_R_NO_START_LINE				 108
-#define PEM_R_PROBLEMS_GETTING_PASSWORD			 109
-#define PEM_R_PUBLIC_KEY_NO_RSA				 110
-#define PEM_R_PVK_DATA_TOO_SHORT			 124
-#define PEM_R_PVK_TOO_SHORT				 125
-#define PEM_R_READ_KEY					 111
-#define PEM_R_SHORT_HEADER				 112
-#define PEM_R_UNSUPPORTED_CIPHER			 113
-#define PEM_R_UNSUPPORTED_ENCRYPTION			 114
-#define PEM_R_UNSUPPORTED_KEY_COMPONENTS		 126
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/pem/pem2.h b/lib/libssl/src/crypto/pem/pem2.h
deleted file mode 100644
index 19525b4a452..00000000000
--- a/lib/libssl/src/crypto/pem/pem2.h
+++ /dev/null
@@ -1,71 +0,0 @@
-/* $OpenBSD: pem2.h,v 1.5 2014/06/12 15:49:30 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/*
- * This header only exists to break a circular dependency between pem and err
- * Ben 30 Jan 1999.
- */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#ifndef HEADER_PEM_H
-void ERR_load_PEM_strings(void);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
diff --git a/lib/libssl/src/crypto/pem/pem_all.c b/lib/libssl/src/crypto/pem/pem_all.c
deleted file mode 100644
index 7df917b01c9..00000000000
--- a/lib/libssl/src/crypto/pem/pem_all.c
+++ /dev/null
@@ -1,313 +0,0 @@
-/* $OpenBSD: pem_all.c,v 1.15 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_RSA
-static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
-#endif
-
-#ifndef OPENSSL_NO_EC
-static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
-#endif
-
-IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
-
-IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
-
-IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
-
-IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
-
-IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
-    PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
-
-
-#ifndef OPENSSL_NO_RSA
-
-/* We treat RSA or DSA private keys as a special case.
- *
- * For private keys we read in an EVP_PKEY structure with
- * PEM_read_bio_PrivateKey() and extract the relevant private
- * key: this means can handle "traditional" and PKCS#8 formats
- * transparently.
- */
-
-static RSA *
-pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
-{
-	RSA *rtmp;
-
-	if (!key)
-		return NULL;
-	rtmp = EVP_PKEY_get1_RSA(key);
-	EVP_PKEY_free(key);
-	if (!rtmp)
-		return NULL;
-	if (rsa) {
-		RSA_free(*rsa);
-		*rsa = rtmp;
-	}
-	return rtmp;
-}
-
-RSA *
-PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-
-	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_rsa(pktmp, rsa);
-}
-
-
-RSA *
-PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-
-	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_rsa(pktmp, rsa);
-}
-
-
-IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey)
-
-IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey)
-IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY)
-
-#endif
-
-#ifndef OPENSSL_NO_DSA
-
-static DSA *
-pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
-{
-	DSA *dtmp;
-
-	if (!key)
-		return NULL;
-	dtmp = EVP_PKEY_get1_DSA(key);
-	EVP_PKEY_free(key);
-	if (!dtmp)
-		return NULL;
-	if (dsa) {
-		DSA_free(*dsa);
-		*dsa = dtmp;
-	}
-	return dtmp;
-}
-
-DSA *
-PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-
-	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);	/* will free pktmp */
-}
-
-IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey)
-
-IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
-
-
-DSA *
-PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-
-	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_dsa(pktmp, dsa);	/* will free pktmp */
-}
-
-
-IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
-
-#endif
-
-
-#ifndef OPENSSL_NO_EC
-static EC_KEY *
-pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
-{
-	EC_KEY *dtmp;
-
-	if (!key)
-		return NULL;
-	dtmp = EVP_PKEY_get1_EC_KEY(key);
-	EVP_PKEY_free(key);
-	if (!dtmp)
-		return NULL;
-	if (eckey) {
-		EC_KEY_free(*eckey);
-		*eckey = dtmp;
-	}
-	return dtmp;
-}
-
-EC_KEY *
-PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-	pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
-	return pkey_get_eckey(pktmp, key);	/* will free pktmp */
-}
-
-IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS,
-    ECPKParameters)
-
-IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY,
-    ECPrivateKey)
-
-IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
-
-
-EC_KEY *
-PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *pktmp;
-
-	pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
-	return pkey_get_eckey(pktmp, eckey);	/* will free pktmp */
-}
-
-
-#endif
-
-#ifndef OPENSSL_NO_DH
-
-IMPLEMENT_PEM_rw_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
-
-#endif
-
-IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/lib/libssl/src/crypto/pem/pem_err.c b/lib/libssl/src/crypto/pem/pem_err.c
deleted file mode 100644
index c3d0fa35768..00000000000
--- a/lib/libssl/src/crypto/pem/pem_err.c
+++ /dev/null
@@ -1,161 +0,0 @@
-/* $OpenBSD: pem_err.c,v 1.11 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
-
-static ERR_STRING_DATA PEM_str_functs[] = {
-	{ERR_FUNC(PEM_F_B2I_DSS),	"B2I_DSS"},
-	{ERR_FUNC(PEM_F_B2I_PVK_BIO),	"b2i_PVK_bio"},
-	{ERR_FUNC(PEM_F_B2I_RSA),	"B2I_RSA"},
-	{ERR_FUNC(PEM_F_CHECK_BITLEN_DSA),	"CHECK_BITLEN_DSA"},
-	{ERR_FUNC(PEM_F_CHECK_BITLEN_RSA),	"CHECK_BITLEN_RSA"},
-	{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO),	"d2i_PKCS8PrivateKey_bio"},
-	{ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP),	"d2i_PKCS8PrivateKey_fp"},
-	{ERR_FUNC(PEM_F_DO_B2I),	"DO_B2I"},
-	{ERR_FUNC(PEM_F_DO_B2I_BIO),	"DO_B2I_BIO"},
-	{ERR_FUNC(PEM_F_DO_BLOB_HEADER),	"DO_BLOB_HEADER"},
-	{ERR_FUNC(PEM_F_DO_PK8PKEY),	"DO_PK8PKEY"},
-	{ERR_FUNC(PEM_F_DO_PK8PKEY_FP),	"DO_PK8PKEY_FP"},
-	{ERR_FUNC(PEM_F_DO_PVK_BODY),	"DO_PVK_BODY"},
-	{ERR_FUNC(PEM_F_DO_PVK_HEADER),	"DO_PVK_HEADER"},
-	{ERR_FUNC(PEM_F_I2B_PVK),	"I2B_PVK"},
-	{ERR_FUNC(PEM_F_I2B_PVK_BIO),	"i2b_PVK_bio"},
-	{ERR_FUNC(PEM_F_LOAD_IV),	"LOAD_IV"},
-	{ERR_FUNC(PEM_F_PEM_ASN1_READ),	"PEM_ASN1_read"},
-	{ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO),	"PEM_ASN1_read_bio"},
-	{ERR_FUNC(PEM_F_PEM_ASN1_WRITE),	"PEM_ASN1_write"},
-	{ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO),	"PEM_ASN1_write_bio"},
-	{ERR_FUNC(PEM_F_PEM_DEF_CALLBACK),	"PEM_def_callback"},
-	{ERR_FUNC(PEM_F_PEM_DO_HEADER),	"PEM_do_header"},
-	{ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),	"PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
-	{ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO),	"PEM_get_EVP_CIPHER_INFO"},
-	{ERR_FUNC(PEM_F_PEM_PK8PKEY),	"PEM_PK8PKEY"},
-	{ERR_FUNC(PEM_F_PEM_READ),	"PEM_read"},
-	{ERR_FUNC(PEM_F_PEM_READ_BIO),	"PEM_read_bio"},
-	{ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS),	"PEM_read_bio_Parameters"},
-	{ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY),	"PEM_READ_BIO_PRIVATEKEY"},
-	{ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY),	"PEM_READ_PRIVATEKEY"},
-	{ERR_FUNC(PEM_F_PEM_SEALFINAL),	"PEM_SealFinal"},
-	{ERR_FUNC(PEM_F_PEM_SEALINIT),	"PEM_SealInit"},
-	{ERR_FUNC(PEM_F_PEM_SIGNFINAL),	"PEM_SignFinal"},
-	{ERR_FUNC(PEM_F_PEM_WRITE),	"PEM_write"},
-	{ERR_FUNC(PEM_F_PEM_WRITE_BIO),	"PEM_write_bio"},
-	{ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY),	"PEM_WRITE_PRIVATEKEY"},
-	{ERR_FUNC(PEM_F_PEM_X509_INFO_READ),	"PEM_X509_INFO_read"},
-	{ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO),	"PEM_X509_INFO_read_bio"},
-	{ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO),	"PEM_X509_INFO_write_bio"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA PEM_str_reasons[] = {
-	{ERR_REASON(PEM_R_BAD_BASE64_DECODE)     , "bad base64 decode"},
-	{ERR_REASON(PEM_R_BAD_DECRYPT)           , "bad decrypt"},
-	{ERR_REASON(PEM_R_BAD_END_LINE)          , "bad end line"},
-	{ERR_REASON(PEM_R_BAD_IV_CHARS)          , "bad iv chars"},
-	{ERR_REASON(PEM_R_BAD_MAGIC_NUMBER)      , "bad magic number"},
-	{ERR_REASON(PEM_R_BAD_PASSWORD_READ)     , "bad password read"},
-	{ERR_REASON(PEM_R_BAD_VERSION_NUMBER)    , "bad version number"},
-	{ERR_REASON(PEM_R_BIO_WRITE_FAILURE)     , "bio write failure"},
-	{ERR_REASON(PEM_R_CIPHER_IS_NULL)        , "cipher is null"},
-	{ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY), "error converting private key"},
-	{ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB), "expecting private key blob"},
-	{ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB), "expecting public key blob"},
-	{ERR_REASON(PEM_R_INCONSISTENT_HEADER)   , "inconsistent header"},
-	{ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR), "keyblob header parse error"},
-	{ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT)     , "keyblob too short"},
-	{ERR_REASON(PEM_R_NOT_DEK_INFO)          , "not dek info"},
-	{ERR_REASON(PEM_R_NOT_ENCRYPTED)         , "not encrypted"},
-	{ERR_REASON(PEM_R_NOT_PROC_TYPE)         , "not proc type"},
-	{ERR_REASON(PEM_R_NO_START_LINE)         , "no start line"},
-	{ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD), "problems getting password"},
-	{ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA)     , "public key no rsa"},
-	{ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT)    , "pvk data too short"},
-	{ERR_REASON(PEM_R_PVK_TOO_SHORT)         , "pvk too short"},
-	{ERR_REASON(PEM_R_READ_KEY)              , "read key"},
-	{ERR_REASON(PEM_R_SHORT_HEADER)          , "short header"},
-	{ERR_REASON(PEM_R_UNSUPPORTED_CIPHER)    , "unsupported cipher"},
-	{ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
-	{ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS), "unsupported key components"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_PEM_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, PEM_str_functs);
-		ERR_load_strings(0, PEM_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/pem/pem_info.c b/lib/libssl/src/crypto/pem/pem_info.c
deleted file mode 100644
index 191e3b5b104..00000000000
--- a/lib/libssl/src/crypto/pem/pem_info.c
+++ /dev/null
@@ -1,406 +0,0 @@
-/* $OpenBSD: pem_info.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-STACK_OF(X509_INFO) *
-PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
-    void *u)
-{
-	BIO *b;
-	STACK_OF(X509_INFO) *ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_X509_INFO_READ, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_X509_INFO_read_bio(b, sk, cb, u);
-	BIO_free(b);
-	return (ret);
-}
-
-STACK_OF(X509_INFO) *
-PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
-    void *u)
-{
-	X509_INFO *xi = NULL;
-	char *name = NULL, *header = NULL;
-	void *pp;
-	unsigned char *data = NULL;
-	const unsigned char *p;
-	long len, error = 0;
-	int ok = 0;
-	STACK_OF(X509_INFO) *ret = NULL;
-	unsigned int i, raw, ptype;
-	d2i_of_void *d2i = 0;
-
-	if (sk == NULL) {
-		if ((ret = sk_X509_INFO_new_null()) == NULL) {
-			PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	} else
-		ret = sk;
-
-	if ((xi = X509_INFO_new()) == NULL)
-		goto err;
-	for (;;) {
-		raw = 0;
-		ptype = 0;
-		i = PEM_read_bio(bp, &name, &header, &data, &len);
-		if (i == 0) {
-			error = ERR_GET_REASON(ERR_peek_last_error());
-			if (error == PEM_R_NO_START_LINE) {
-				ERR_clear_error();
-				break;
-			}
-			goto err;
-		}
-start:
-		if ((strcmp(name, PEM_STRING_X509) == 0) ||
-		    (strcmp(name, PEM_STRING_X509_OLD) == 0)) {
-			d2i = (D2I_OF(void))d2i_X509;
-			if (xi->x509 != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-			pp = &(xi->x509);
-		} else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) {
-			d2i = (D2I_OF(void))d2i_X509_AUX;
-			if (xi->x509 != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-			pp = &(xi->x509);
-		} else if (strcmp(name, PEM_STRING_X509_CRL) == 0) {
-			d2i = (D2I_OF(void))d2i_X509_CRL;
-			if (xi->crl != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-			pp = &(xi->crl);
-		} else
-#ifndef OPENSSL_NO_RSA
-		if (strcmp(name, PEM_STRING_RSA) == 0) {
-			d2i = (D2I_OF(void))d2i_RSAPrivateKey;
-			if (xi->x_pkey != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-
-			xi->enc_data = NULL;
-			xi->enc_len = 0;
-
-			xi->x_pkey = X509_PKEY_new();
-			if (xi->x_pkey == NULL)
-				goto err;
-			ptype = EVP_PKEY_RSA;
-			pp = &xi->x_pkey->dec_pkey;
-			if (strlen(header) > 10) /* assume encrypted */
-				raw = 1;
-		} else
-#endif
-#ifndef OPENSSL_NO_DSA
-		if (strcmp(name, PEM_STRING_DSA) == 0) {
-			d2i = (D2I_OF(void))d2i_DSAPrivateKey;
-			if (xi->x_pkey != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-
-			xi->enc_data = NULL;
-			xi->enc_len = 0;
-
-			xi->x_pkey = X509_PKEY_new();
-			if (xi->x_pkey == NULL)
-				goto err;
-			ptype = EVP_PKEY_DSA;
-			pp = &xi->x_pkey->dec_pkey;
-			if (strlen(header) > 10) /* assume encrypted */
-				raw = 1;
-		} else
-#endif
-#ifndef OPENSSL_NO_EC
-		if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) {
-			d2i = (D2I_OF(void))d2i_ECPrivateKey;
-			if (xi->x_pkey != NULL) {
-				if (!sk_X509_INFO_push(ret, xi))
-					goto err;
-				if ((xi = X509_INFO_new()) == NULL)
-					goto err;
-				goto start;
-			}
-
-			xi->enc_data = NULL;
-			xi->enc_len = 0;
-
-			xi->x_pkey = X509_PKEY_new();
-			if (xi->x_pkey == NULL)
-				goto err;
-			ptype = EVP_PKEY_EC;
-			pp = &xi->x_pkey->dec_pkey;
-			if (strlen(header) > 10) /* assume encrypted */
-				raw = 1;
-		} else
-#endif
-		{
-			d2i = NULL;
-			pp = NULL;
-		}
-
-		if (d2i != NULL) {
-			if (!raw) {
-				EVP_CIPHER_INFO cipher;
-
-				if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
-					goto err;
-				if (!PEM_do_header(&cipher, data, &len, cb, u))
-					goto err;
-				p = data;
-				if (ptype) {
-					if (!d2i_PrivateKey(ptype, pp, &p,
-					    len)) {
-						PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,
-						    ERR_R_ASN1_LIB);
-						goto err;
-					}
-				} else if (d2i(pp, &p, len) == NULL) {
-					PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,
-					    ERR_R_ASN1_LIB);
-					goto err;
-				}
-			} else { /* encrypted RSA data */
-				if (!PEM_get_EVP_CIPHER_INFO(header,
-				    &xi->enc_cipher))
-					goto err;
-				xi->enc_data = (char *)data;
-				xi->enc_len = (int)len;
-				data = NULL;
-			}
-		} else {
-			/* unknown */
-		}
-		free(name);
-		free(header);
-		free(data);
-		name = NULL;
-		header = NULL;
-		data = NULL;
-	}
-
-	/* if the last one hasn't been pushed yet and there is anything
-	 * in it then add it to the stack ...
-	 */
-	if ((xi->x509 != NULL) || (xi->crl != NULL) ||
-	    (xi->x_pkey != NULL) || (xi->enc_data != NULL)) {
-		if (!sk_X509_INFO_push(ret, xi))
-			goto err;
-		xi = NULL;
-	}
-	ok = 1;
-
-err:
-	if (xi != NULL)
-		X509_INFO_free(xi);
-	if (!ok) {
-		for (i = 0; ((int)i) < sk_X509_INFO_num(ret); i++) {
-			xi = sk_X509_INFO_value(ret, i);
-			X509_INFO_free(xi);
-		}
-		if (ret != sk)
-			sk_X509_INFO_free(ret);
-		ret = NULL;
-	}
-
-	free(name);
-	free(header);
-	free(data);
-	return (ret);
-}
-
-
-/* A TJH addition */
-int
-PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
-    unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	EVP_CIPHER_CTX ctx;
-	int i, ret = 0;
-	unsigned char *data = NULL;
-	const char *objstr = NULL;
-	char buf[PEM_BUFSIZE];
-	unsigned char *iv = NULL;
-
-	if (enc != NULL) {
-		objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
-		if (objstr == NULL) {
-			PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
-			    PEM_R_UNSUPPORTED_CIPHER);
-			goto err;
-		}
-	}
-
-	/* now for the fun part ... if we have a private key then
-	 * we have to be able to handle a not-yet-decrypted key
-	 * being written out correctly ... if it is decrypted or
-	 * it is non-encrypted then we use the base code
-	 */
-	if (xi->x_pkey != NULL) {
-		if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) {
-			if (enc == NULL) {
-				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
-				    PEM_R_CIPHER_IS_NULL);
-				goto err;
-			}
-
-			/* copy from weirdo names into more normal things */
-			iv = xi->enc_cipher.iv;
-			data = (unsigned char *)xi->enc_data;
-			i = xi->enc_len;
-
-			/* we take the encryption data from the
-			 * internal stuff rather than what the
-			 * user has passed us ... as we have to
-			 * match exactly for some strange reason
-			 */
-			objstr = OBJ_nid2sn(
-			    EVP_CIPHER_nid(xi->enc_cipher.cipher));
-			if (objstr == NULL) {
-				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
-				    PEM_R_UNSUPPORTED_CIPHER);
-				goto err;
-			}
-
-			/* create the right magic header stuff */
-			if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
-			    sizeof buf) {
-				PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
-				    ASN1_R_BUFFER_TOO_SMALL);
-				goto err;
-			}
-			buf[0] = '\0';
-			PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-			PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
-
-			/* use the normal code to write things out */
-			i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
-			if (i <= 0)
-				goto err;
-		} else {
-			/* Add DSA/DH */
-#ifndef OPENSSL_NO_RSA
-			/* normal optionally encrypted stuff */
-			if (PEM_write_bio_RSAPrivateKey(bp,
-			    xi->x_pkey->dec_pkey->pkey.rsa,
-			    enc, kstr, klen, cb, u) <= 0)
-				goto err;
-#endif
-		}
-	}
-
-	/* if we have a certificate then write it out now */
-	if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0))
-		goto err;
-
-	/* we are ignoring anything else that is loaded into the X509_INFO
-	 * structure for the moment ... as I don't need it so I'm not
-	 * coding it here and Eric can do it when this makes it into the
-	 * base library --tjh
-	 */
-
-	ret = 1;
-
-err:
-	explicit_bzero((char *)&ctx, sizeof(ctx));
-	explicit_bzero(buf, PEM_BUFSIZE);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/pem/pem_lib.c b/lib/libssl/src/crypto/pem/pem_lib.c
deleted file mode 100644
index 852b0eaf866..00000000000
--- a/lib/libssl/src/crypto/pem/pem_lib.c
+++ /dev/null
@@ -1,872 +0,0 @@
-/* $OpenBSD: pem_lib.c,v 1.42 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DES
-#include <openssl/des.h>
-#endif
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-#define MIN_LENGTH	4
-
-static int load_iv(char **fromp, unsigned char *to, int num);
-static int check_pem(const char *nm, const char *name);
-int pem_check_suffix(const char *pem_str, const char *suffix);
-
-/* XXX LSSL ABI XXX return value and `num' ought to be size_t */
-int
-PEM_def_callback(char *buf, int num, int w, void *key)
-{
-	size_t l;
-	int i;
-	const char *prompt;
-
-	if (num < 0)
-		return -1;
-
-	if (key) {
-		l = strlen(key);
-		if (l > (size_t)num)
-			l = (size_t)num;
-		memcpy(buf, key, l);
-		return (int)l;
-	}
-
-	prompt = EVP_get_pw_prompt();
-	if (prompt == NULL)
-		prompt = "Enter PEM pass phrase:";
-
-	for (;;) {
-		i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
-		if (i != 0) {
-			PEMerr(PEM_F_PEM_DEF_CALLBACK,
-			    PEM_R_PROBLEMS_GETTING_PASSWORD);
-			memset(buf, 0, num);
-			return (-1);
-		}
-		l = strlen(buf);
-		if (l < MIN_LENGTH) {
-			fprintf(stderr, "phrase is too short, "
-			    "needs to be at least %zu chars\n",
-			    (size_t)MIN_LENGTH);
-		} else
-			break;
-	}
-	return (int)l;
-}
-
-void
-PEM_proc_type(char *buf, int type)
-{
-	const char *str;
-
-	if (type == PEM_TYPE_ENCRYPTED)
-		str = "ENCRYPTED";
-	else if (type == PEM_TYPE_MIC_CLEAR)
-		str = "MIC-CLEAR";
-	else if (type == PEM_TYPE_MIC_ONLY)
-		str = "MIC-ONLY";
-	else
-		str = "BAD-TYPE";
-
-	strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
-	strlcat(buf, str, PEM_BUFSIZE);
-	strlcat(buf, "\n", PEM_BUFSIZE);
-}
-
-void
-PEM_dek_info(char *buf, const char *type, int len, char *str)
-{
-	static const unsigned char map[17] = "0123456789ABCDEF";
-	long i;
-	int j;
-
-	strlcat(buf, "DEK-Info: ", PEM_BUFSIZE);
-	strlcat(buf, type, PEM_BUFSIZE);
-	strlcat(buf, ",", PEM_BUFSIZE);
-	j = strlen(buf);
-	if (j + (len * 2) + 1 > PEM_BUFSIZE)
-		return;
-	for (i = 0; i < len; i++) {
-		buf[j + i * 2] = map[(str[i] >> 4) & 0x0f];
-		buf[j + i * 2 + 1] = map[(str[i]) & 0x0f];
-	}
-	buf[j + i * 2] = '\n';
-	buf[j + i * 2 + 1] = '\0';
-}
-
-void *
-PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
-    pem_password_cb *cb, void *u)
-{
-	BIO *b;
-	void *ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
-	BIO_free(b);
-	return (ret);
-}
-
-static int
-check_pem(const char *nm, const char *name)
-{
-	/* Normal matching nm and name */
-	if (!strcmp(nm, name))
-		return 1;
-
-	/* Make PEM_STRING_EVP_PKEY match any private key */
-
-	if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
-		int slen;
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		if (!strcmp(nm, PEM_STRING_PKCS8))
-			return 1;
-		if (!strcmp(nm, PEM_STRING_PKCS8INF))
-			return 1;
-		slen = pem_check_suffix(nm, "PRIVATE KEY");
-		if (slen > 0) {
-			/* NB: ENGINE implementations wont contain
-			 * a deprecated old private key decode function
-			 * so don't look for them.
-			 */
-			ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
-			if (ameth && ameth->old_priv_decode)
-				return 1;
-		}
-		return 0;
-	}
-
-	if (!strcmp(name, PEM_STRING_PARAMETERS)) {
-		int slen;
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		slen = pem_check_suffix(nm, "PARAMETERS");
-		if (slen > 0) {
-			ENGINE *e;
-			ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
-			if (ameth) {
-				int r;
-				if (ameth->param_decode)
-					r = 1;
-				else
-					r = 0;
-#ifndef OPENSSL_NO_ENGINE
-				if (e)
-					ENGINE_finish(e);
-#endif
-				return r;
-			}
-		}
-		return 0;
-	}
-
-	/* Permit older strings */
-
-	if (!strcmp(nm, PEM_STRING_X509_OLD) &&
-	    !strcmp(name, PEM_STRING_X509))
-		return 1;
-
-	if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) &&
-	    !strcmp(name, PEM_STRING_X509_REQ))
-		return 1;
-
-	/* Allow normal certs to be read as trusted certs */
-	if (!strcmp(nm, PEM_STRING_X509) &&
-	    !strcmp(name, PEM_STRING_X509_TRUSTED))
-		return 1;
-
-	if (!strcmp(nm, PEM_STRING_X509_OLD) &&
-	    !strcmp(name, PEM_STRING_X509_TRUSTED))
-		return 1;
-
-	/* Some CAs use PKCS#7 with CERTIFICATE headers */
-	if (!strcmp(nm, PEM_STRING_X509) &&
-	    !strcmp(name, PEM_STRING_PKCS7))
-		return 1;
-
-	if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
-	    !strcmp(name, PEM_STRING_PKCS7))
-		return 1;
-
-#ifndef OPENSSL_NO_CMS
-	if (!strcmp(nm, PEM_STRING_X509) &&
-	    !strcmp(name, PEM_STRING_CMS))
-		return 1;
-	/* Allow CMS to be read from PKCS#7 headers */
-	if (!strcmp(nm, PEM_STRING_PKCS7) &&
-	    !strcmp(name, PEM_STRING_CMS))
-		return 1;
-#endif
-
-	return 0;
-}
-
-int
-PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
-    const char *name, BIO *bp, pem_password_cb *cb, void *u)
-{
-	EVP_CIPHER_INFO cipher;
-	char *nm = NULL, *header = NULL;
-	unsigned char *data = NULL;
-	long len;
-	int ret = 0;
-
-	for (;;) {
-		if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
-			if (ERR_GET_REASON(ERR_peek_error()) ==
-			    PEM_R_NO_START_LINE)
-				ERR_asprintf_error_data("Expecting: %s", name);
-			return 0;
-		}
-		if (check_pem(nm, name))
-			break;
-		free(nm);
-		free(header);
-		free(data);
-	}
-	if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
-		goto err;
-	if (!PEM_do_header(&cipher, data, &len, cb, u))
-		goto err;
-
-	*pdata = data;
-	*plen = len;
-
-	if (pnm)
-		*pnm = nm;
-
-	ret = 1;
-
-err:
-	if (!ret || !pnm)
-		free(nm);
-	free(header);
-	if (!ret)
-		free(data);
-	return ret;
-}
-
-int
-PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x,
-    const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-    pem_password_cb *callback, void *u)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
-    const EVP_CIPHER *enc, unsigned char *kstr, int klen,
-    pem_password_cb *callback, void *u)
-{
-	EVP_CIPHER_CTX ctx;
-	int dsize = 0, i, j, ret = 0;
-	unsigned char *p, *data = NULL;
-	const char *objstr = NULL;
-	char buf[PEM_BUFSIZE];
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	unsigned char iv[EVP_MAX_IV_LENGTH];
-
-	if (enc != NULL) {
-		objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
-		if (objstr == NULL) {
-			PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
-			    PEM_R_UNSUPPORTED_CIPHER);
-			goto err;
-		}
-	}
-
-	if ((dsize = i2d(x, NULL)) < 0) {
-		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
-		dsize = 0;
-		goto err;
-	}
-	/* dzise + 8 bytes are needed */
-	/* actually it needs the cipher block size extra... */
-	data = malloc(dsize + 20);
-	if (data == NULL) {
-		PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	p = data;
-	i = i2d(x, &p);
-
-	if (enc != NULL) {
-		if (kstr == NULL) {
-			if (callback == NULL)
-				klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
-			else
-				klen = (*callback)(buf, PEM_BUFSIZE, 1, u);
-			if (klen <= 0) {
-				PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
-				    PEM_R_READ_KEY);
-				goto err;
-			}
-			kstr = (unsigned char *)buf;
-		}
-		if ((size_t)enc->iv_len > sizeof(iv)) {
-			PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE);
-			goto err;
-		}
-		arc4random_buf(iv, enc->iv_len); /* Generate a salt */
-		/* The 'iv' is used as the iv and as a salt.  It is
-		 * NOT taken from the BytesToKey function */
-		if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1,
-		    key, NULL))
-			goto err;
-
-		if (kstr == (unsigned char *)buf)
-			explicit_bzero(buf, PEM_BUFSIZE);
-
-		if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
-			PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
-			    ASN1_R_BUFFER_TOO_SMALL);
-			goto err;
-		}
-
-		buf[0] = '\0';
-		PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
-		PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
-		/* k=strlen(buf); */
-
-		EVP_CIPHER_CTX_init(&ctx);
-		ret = 1;
-		if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv) ||
-		    !EVP_EncryptUpdate(&ctx, data, &j, data, i) ||
-		    !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
-			ret = 0;
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		if (ret == 0)
-			goto err;
-		i += j;
-	} else {
-		ret = 1;
-		buf[0] = '\0';
-	}
-	i = PEM_write_bio(bp, name, buf, data, i);
-	if (i <= 0)
-		ret = 0;
-err:
-	explicit_bzero(key, sizeof(key));
-	explicit_bzero(iv, sizeof(iv));
-	explicit_bzero((char *)&ctx, sizeof(ctx));
-	explicit_bzero(buf, PEM_BUFSIZE);
-	if (data != NULL) {
-		explicit_bzero(data, (unsigned int)dsize);
-		free(data);
-	}
-	return (ret);
-}
-
-int
-PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
-    pem_password_cb *callback, void *u)
-{
-	int i, j, o, klen;
-	long len;
-	EVP_CIPHER_CTX ctx;
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	char buf[PEM_BUFSIZE];
-
-	len = *plen;
-
-	if (cipher->cipher == NULL)
-		return (1);
-	if (callback == NULL)
-		klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
-	else
-		klen = callback(buf, PEM_BUFSIZE, 0, u);
-	if (klen <= 0) {
-		PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
-		return (0);
-	}
-	if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
-	    (unsigned char *)buf, klen, 1, key, NULL))
-		return 0;
-
-	j = (int)len;
-	EVP_CIPHER_CTX_init(&ctx);
-	o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key,
-	    &(cipher->iv[0]));
-	if (o)
-		o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
-	if (o)
-		o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	explicit_bzero((char *)buf, sizeof(buf));
-	explicit_bzero((char *)key, sizeof(key));
-	if (!o) {
-		PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
-		return (0);
-	}
-	*plen = j + i;
-	return (1);
-}
-
-int
-PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
-{
-	const EVP_CIPHER *enc = NULL;
-	char *p, c;
-	char **header_pp = &header;
-
-	cipher->cipher = NULL;
-	if ((header == NULL) || (*header == '\0') || (*header == '\n'))
-		return (1);
-	if (strncmp(header, "Proc-Type: ", 11) != 0) {
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
-		return (0);
-	}
-	header += 11;
-	if (*header != '4')
-		return (0);
-	header++;
-	if (*header != ',')
-		return (0);
-	header++;
-	if (strncmp(header, "ENCRYPTED", 9) != 0) {
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
-		return (0);
-	}
-	for (; (*header != '\n') && (*header != '\0'); header++)
-		;
-	if (*header == '\0') {
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
-		return (0);
-	}
-	header++;
-	if (strncmp(header, "DEK-Info: ", 10) != 0) {
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
-		return (0);
-	}
-	header += 10;
-
-	p = header;
-	for (;;) {
-		c= *header;
-		if (!(	((c >= 'A') && (c <= 'Z')) || (c == '-') ||
-		    ((c >= '0') && (c <= '9'))))
-			break;
-		header++;
-	}
-	*header = '\0';
-	cipher->cipher = enc = EVP_get_cipherbyname(p);
-	*header = c;
-	header++;
-
-	if (enc == NULL) {
-		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,
-		    PEM_R_UNSUPPORTED_ENCRYPTION);
-		return (0);
-	}
-	if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
-		return (0);
-
-	return (1);
-}
-
-static int
-load_iv(char **fromp, unsigned char *to, int num)
-{
-	int v, i;
-	char *from;
-
-	from= *fromp;
-	for (i = 0; i < num; i++)
-		to[i] = 0;
-	num *= 2;
-	for (i = 0; i < num; i++) {
-		if ((*from >= '0') && (*from <= '9'))
-			v = *from - '0';
-		else if ((*from >= 'A') && (*from <= 'F'))
-			v = *from - 'A' + 10;
-		else if ((*from >= 'a') && (*from <= 'f'))
-			v = *from - 'a' + 10;
-		else {
-			PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
-			return (0);
-		}
-		from++;
-		to[i / 2] |= v << (long)((!(i & 1)) * 4);
-	}
-
-	*fromp = from;
-	return (1);
-}
-
-int
-PEM_write(FILE *fp, char *name, char *header, unsigned char *data, long len)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_write_bio(b, name, header, data, len);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
-    long len)
-{
-	int nlen, n, i, j, outl;
-	unsigned char *buf = NULL;
-	EVP_ENCODE_CTX ctx;
-	int reason = ERR_R_BUF_LIB;
-
-	EVP_EncodeInit(&ctx);
-	nlen = strlen(name);
-
-	if ((BIO_write(bp, "-----BEGIN ", 11) != 11) ||
-	    (BIO_write(bp, name, nlen) != nlen) ||
-	    (BIO_write(bp, "-----\n", 6) != 6))
-		goto err;
-
-	i = strlen(header);
-	if (i > 0) {
-		if ((BIO_write(bp, header, i) != i) ||
-		    (BIO_write(bp, "\n", 1) != 1))
-			goto err;
-	}
-
-	buf = reallocarray(NULL, PEM_BUFSIZE, 8);
-	if (buf == NULL) {
-		reason = ERR_R_MALLOC_FAILURE;
-		goto err;
-	}
-
-	i = j = 0;
-	while (len > 0) {
-		n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len);
-		EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n);
-		if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl))
-			goto err;
-		i += outl;
-		len -= n;
-		j += n;
-	}
-	EVP_EncodeFinal(&ctx, buf, &outl);
-	if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
-		goto err;
-	explicit_bzero(buf, PEM_BUFSIZE * 8);
-	free(buf);
-	buf = NULL;
-	if ((BIO_write(bp, "-----END ", 9) != 9) ||
-	    (BIO_write(bp, name, nlen) != nlen) ||
-	    (BIO_write(bp, "-----\n", 6) != 6))
-		goto err;
-	return (i + outl);
-
-err:
-	if (buf) {
-		explicit_bzero(buf, PEM_BUFSIZE * 8);
-		free(buf);
-	}
-	PEMerr(PEM_F_PEM_WRITE_BIO, reason);
-	return (0);
-}
-
-int
-PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_read_bio(b, name, header, data, len);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
-    long *len)
-{
-	EVP_ENCODE_CTX ctx;
-	int end = 0, i, k, bl = 0, hl = 0, nohead = 0;
-	char buf[256];
-	BUF_MEM *nameB;
-	BUF_MEM *headerB;
-	BUF_MEM *dataB, *tmpB;
-
-	nameB = BUF_MEM_new();
-	headerB = BUF_MEM_new();
-	dataB = BUF_MEM_new();
-	if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) {
-		BUF_MEM_free(nameB);
-		BUF_MEM_free(headerB);
-		BUF_MEM_free(dataB);
-		PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	buf[254] = '\0';
-	for (;;) {
-		i = BIO_gets(bp, buf, 254);
-
-		if (i <= 0) {
-			PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE);
-			goto err;
-		}
-
-		while ((i >= 0) && (buf[i] <= ' '))
-			i--;
-		buf[++i] = '\n';
-		buf[++i] = '\0';
-
-		if (strncmp(buf, "-----BEGIN ", 11) == 0) {
-			i = strlen(&(buf[11]));
-
-			if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
-				continue;
-			if (!BUF_MEM_grow(nameB, i + 9)) {
-				PEMerr(PEM_F_PEM_READ_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			memcpy(nameB->data, &(buf[11]), i - 6);
-			nameB->data[i - 6] = '\0';
-			break;
-		}
-	}
-	hl = 0;
-	if (!BUF_MEM_grow(headerB, 256)) {
-		PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	headerB->data[0] = '\0';
-	for (;;) {
-		i = BIO_gets(bp, buf, 254);
-		if (i <= 0)
-			break;
-
-		while ((i >= 0) && (buf[i] <= ' '))
-			i--;
-		buf[++i] = '\n';
-		buf[++i] = '\0';
-
-		if (buf[0] == '\n')
-			break;
-		if (!BUF_MEM_grow(headerB, hl + i + 9)) {
-			PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (strncmp(buf, "-----END ", 9) == 0) {
-			nohead = 1;
-			break;
-		}
-		memcpy(&(headerB->data[hl]), buf, i);
-		headerB->data[hl + i] = '\0';
-		hl += i;
-	}
-
-	bl = 0;
-	if (!BUF_MEM_grow(dataB, 1024)) {
-		PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	dataB->data[0] = '\0';
-	if (!nohead) {
-		for (;;) {
-			i = BIO_gets(bp, buf, 254);
-			if (i <= 0)
-				break;
-
-			while ((i >= 0) && (buf[i] <= ' '))
-				i--;
-			buf[++i] = '\n';
-			buf[++i] = '\0';
-
-			if (i != 65)
-				end = 1;
-			if (strncmp(buf, "-----END ", 9) == 0)
-				break;
-			if (i > 65)
-				break;
-			if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
-				PEMerr(PEM_F_PEM_READ_BIO,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			memcpy(&(dataB->data[bl]), buf, i);
-			dataB->data[bl + i] = '\0';
-			bl += i;
-			if (end) {
-				buf[0] = '\0';
-				i = BIO_gets(bp, buf, 254);
-				if (i <= 0)
-					break;
-
-				while ((i >= 0) && (buf[i] <= ' '))
-					i--;
-				buf[++i] = '\n';
-				buf[++i] = '\0';
-
-				break;
-			}
-		}
-	} else {
-		tmpB = headerB;
-		headerB = dataB;
-		dataB = tmpB;
-		bl = hl;
-	}
-	i = strlen(nameB->data);
-	if ((strncmp(buf, "-----END ", 9) != 0) ||
-	    (strncmp(nameB->data, &(buf[9]), i) != 0) ||
-	    (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
-		PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE);
-		goto err;
-	}
-
-	EVP_DecodeInit(&ctx);
-	i = EVP_DecodeUpdate(&ctx,
-	    (unsigned char *)dataB->data, &bl,
-	    (unsigned char *)dataB->data, bl);
-	if (i < 0) {
-		PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
-		goto err;
-	}
-	i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
-	if (i < 0) {
-		PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
-		goto err;
-	}
-	bl += k;
-
-	if (bl == 0)
-		goto err;
-	*name = nameB->data;
-	*header = headerB->data;
-	*data = (unsigned char *)dataB->data;
-	*len = bl;
-	free(nameB);
-	free(headerB);
-	free(dataB);
-	return (1);
-
-err:
-	BUF_MEM_free(nameB);
-	BUF_MEM_free(headerB);
-	BUF_MEM_free(dataB);
-	return (0);
-}
-
-/* Check pem string and return prefix length.
- * If for example the pem_str == "RSA PRIVATE KEY" and suffix = "PRIVATE KEY"
- * the return value is 3 for the string "RSA".
- */
-
-int
-pem_check_suffix(const char *pem_str, const char *suffix)
-{
-	int pem_len = strlen(pem_str);
-	int suffix_len = strlen(suffix);
-	const char *p;
-
-	if (suffix_len + 1 >= pem_len)
-		return 0;
-	p = pem_str + pem_len - suffix_len;
-	if (strcmp(p, suffix))
-		return 0;
-	p--;
-	if (*p != ' ')
-		return 0;
-	return p - pem_str;
-}
diff --git a/lib/libssl/src/crypto/pem/pem_oth.c b/lib/libssl/src/crypto/pem/pem_oth.c
deleted file mode 100644
index ccd2b893d54..00000000000
--- a/lib/libssl/src/crypto/pem/pem_oth.c
+++ /dev/null
@@ -1,87 +0,0 @@
-/* $OpenBSD: pem_oth.c,v 1.7 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-/* Handle 'other' PEMs: not private keys */
-
-void *
-PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
-    pem_password_cb *cb, void *u)
-{
-	const unsigned char *p = NULL;
-	unsigned char *data = NULL;
-	long len;
-	char *ret = NULL;
-
-	if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u))
-		return NULL;
-	p = data;
-	ret = d2i(x, &p, len);
-	if (ret == NULL)
-		PEMerr(PEM_F_PEM_ASN1_READ_BIO, ERR_R_ASN1_LIB);
-	free(data);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/pem/pem_pk8.c b/lib/libssl/src/crypto/pem/pem_pk8.c
deleted file mode 100644
index d02dec15464..00000000000
--- a/lib/libssl/src/crypto/pem/pem_pk8.c
+++ /dev/null
@@ -1,256 +0,0 @@
-/* $OpenBSD: pem_pk8.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-
-static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,
-    const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u);
-static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, int nid,
-    const EVP_CIPHER *enc, char *kstr, int klen, pem_password_cb *cb, void *u);
-
-/* These functions write a private key in PKCS#8 format: it is a "drop in"
- * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
- * is NULL then it uses the unencrypted private key form. The 'nid' versions
- * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
- */
-
-int
-PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, char *kstr,
-    int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int
-PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-int
-i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int
-i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-static int
-do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	X509_SIG *p8;
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	char buf[PEM_BUFSIZE];
-	int ret;
-
-	if (!(p8inf = EVP_PKEY2PKCS8(x))) {
-		PEMerr(PEM_F_DO_PK8PKEY,
-		    PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
-		return 0;
-	}
-	if (enc || (nid != -1)) {
-		if (!kstr) {
-			if (!cb)
-				klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
-			else
-				klen = cb(buf, PEM_BUFSIZE, 1, u);
-			if (klen <= 0) {
-				PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY);
-				PKCS8_PRIV_KEY_INFO_free(p8inf);
-				return 0;
-			}
-
-			kstr = buf;
-		}
-		p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
-		if (kstr == buf)
-			explicit_bzero(buf, klen);
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-		if (isder)
-			ret = i2d_PKCS8_bio(bp, p8);
-		else
-			ret = PEM_write_bio_PKCS8(bp, p8);
-		X509_SIG_free(p8);
-		return ret;
-	} else {
-		if (isder)
-			ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-		else
-			ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-		return ret;
-	}
-}
-
-EVP_PKEY *
-d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	PKCS8_PRIV_KEY_INFO *p8inf = NULL;
-	X509_SIG *p8 = NULL;
-	int klen;
-	EVP_PKEY *ret;
-	char psbuf[PEM_BUFSIZE];
-
-	p8 = d2i_PKCS8_bio(bp, NULL);
-	if (!p8)
-		return NULL;
-	if (cb)
-		klen = cb(psbuf, PEM_BUFSIZE, 0, u);
-	else
-		klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-	if (klen <= 0) {
-		PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
-		X509_SIG_free(p8);
-		return NULL;
-	}
-	p8inf = PKCS8_decrypt(p8, psbuf, klen);
-	X509_SIG_free(p8);
-	if (!p8inf)
-		return NULL;
-	ret = EVP_PKCS82PKEY(p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	if (!ret)
-		return NULL;
-	if (x) {
-		EVP_PKEY_free(*x);
-		*x = ret;
-	}
-	return ret;
-}
-
-
-int
-i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
-}
-
-int
-i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, char *kstr,
-    int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
-}
-
-int
-PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, char *kstr,
-    int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
-}
-
-int
-PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
-}
-
-static int
-do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
-    char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	BIO *bp;
-	int ret;
-
-	if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
-	BIO_free(bp);
-	return ret;
-}
-
-EVP_PKEY *
-d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	BIO *bp;
-	EVP_PKEY *ret;
-
-	if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
-		PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
-		return NULL;
-	}
-	ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
-	BIO_free(bp);
-	return ret;
-}
-
-
-IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
-IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
-    PKCS8_PRIV_KEY_INFO)
diff --git a/lib/libssl/src/crypto/pem/pem_pkey.c b/lib/libssl/src/crypto/pem/pem_pkey.c
deleted file mode 100644
index afb476f818d..00000000000
--- a/lib/libssl/src/crypto/pem/pem_pkey.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* $OpenBSD: pem_pkey.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "asn1_locl.h"
-
-int pem_check_suffix(const char *pem_str, const char *suffix);
-
-EVP_PKEY *
-PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	char *nm = NULL;
-	const unsigned char *p = NULL;
-	unsigned char *data = NULL;
-	long len;
-	int slen;
-	EVP_PKEY *ret = NULL;
-
-	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY,
-	    bp, cb, u))
-		return NULL;
-	p = data;
-
-	if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
-		PKCS8_PRIV_KEY_INFO *p8inf;
-		p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
-		if (!p8inf)
-			goto p8err;
-		ret = EVP_PKCS82PKEY(p8inf);
-		if (x) {
-			EVP_PKEY_free(*x);
-			*x = ret;
-		}
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-	} else if (strcmp(nm, PEM_STRING_PKCS8) == 0) {
-		PKCS8_PRIV_KEY_INFO *p8inf;
-		X509_SIG *p8;
-		int klen;
-		char psbuf[PEM_BUFSIZE];
-		p8 = d2i_X509_SIG(NULL, &p, len);
-		if (!p8)
-			goto p8err;
-		if (cb)
-			klen = cb(psbuf, PEM_BUFSIZE, 0, u);
-		else
-			klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-		if (klen <= 0) {
-			PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,
-			    PEM_R_BAD_PASSWORD_READ);
-			X509_SIG_free(p8);
-			goto err;
-		}
-		p8inf = PKCS8_decrypt(p8, psbuf, klen);
-		X509_SIG_free(p8);
-		if (!p8inf)
-			goto p8err;
-		ret = EVP_PKCS82PKEY(p8inf);
-		if (x) {
-			EVP_PKEY_free(*x);
-			*x = ret;
-		}
-		PKCS8_PRIV_KEY_INFO_free(p8inf);
-	} else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) {
-		const EVP_PKEY_ASN1_METHOD *ameth;
-		ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
-		if (!ameth || !ameth->old_priv_decode)
-			goto p8err;
-		ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len);
-	}
-
-p8err:
-	if (ret == NULL)
-		PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB);
-err:
-	free(nm);
-	explicit_bzero(data, len);
-	free(data);
-	return (ret);
-}
-
-int
-PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	char pem_str[80];
-
-	if (!x->ameth || x->ameth->priv_encode)
-		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
-		    (char *)kstr, klen, cb, u);
-
-	(void) snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY",
-	    x->ameth->pem_str);
-	return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
-	    pem_str, bp, x, enc, kstr, klen, cb, u);
-}
-
-EVP_PKEY *
-PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
-{
-	char *nm = NULL;
-	const unsigned char *p = NULL;
-	unsigned char *data = NULL;
-	long len;
-	int slen;
-	EVP_PKEY *ret = NULL;
-
-	if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
-	    bp, 0, NULL))
-		return NULL;
-	p = data;
-
-	if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) {
-		ret = EVP_PKEY_new();
-		if (!ret)
-			goto err;
-		if (!EVP_PKEY_set_type_str(ret, nm, slen) ||
-		    !ret->ameth->param_decode ||
-		    !ret->ameth->param_decode(ret, &p, len)) {
-			EVP_PKEY_free(ret);
-			ret = NULL;
-			goto err;
-		}
-		if (x) {
-			EVP_PKEY_free(*x);
-			*x = ret;
-		}
-	}
-
-err:
-	if (ret == NULL)
-		PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS, ERR_R_ASN1_LIB);
-	free(nm);
-	free(data);
-	return (ret);
-}
-
-int
-PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
-{
-	char pem_str[80];
-
-	if (!x->ameth || !x->ameth->param_encode)
-		return 0;
-
-	(void) snprintf(pem_str, sizeof(pem_str), "%s PARAMETERS",
-	    x->ameth->pem_str);
-	return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode,
-	    pem_str, bp, x, NULL, NULL, 0, 0, NULL);
-}
-
-EVP_PKEY *
-PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
-{
-	BIO *b;
-	EVP_PKEY *ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		PEMerr(PEM_F_PEM_READ_PRIVATEKEY, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = PEM_read_bio_PrivateKey(b, x, cb, u);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-    unsigned char *kstr, int klen, pem_password_cb *cb, void *u)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
-		PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY, ERR_R_BUF_LIB);
-		return 0;
-	}
-	ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
-	BIO_free(b);
-	return ret;
-}
-
diff --git a/lib/libssl/src/crypto/pem/pem_seal.c b/lib/libssl/src/crypto/pem/pem_seal.c
deleted file mode 100644
index 96687eb77f9..00000000000
--- a/lib/libssl/src/crypto/pem/pem_seal.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* $OpenBSD: pem_seal.c,v 1.22 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>	/* for OPENSSL_NO_RSA */
-
-#ifndef OPENSSL_NO_RSA
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-int
-PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
-    unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
-{
-	unsigned char key[EVP_MAX_KEY_LENGTH];
-	int ret = -1;
-	int i, j, max = 0;
-	char *s = NULL;
-
-	for (i = 0; i < npubk; i++) {
-		if (pubk[i]->type != EVP_PKEY_RSA) {
-			PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
-			goto err;
-		}
-		j = RSA_size(pubk[i]->pkey.rsa);
-		if (j > max)
-			max = j;
-	}
-	s = reallocarray(NULL, max, 2);
-	if (s == NULL) {
-		PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	EVP_EncodeInit(&ctx->encode);
-
-	EVP_MD_CTX_init(&ctx->md);
-	if (!EVP_SignInit(&ctx->md, md_type))
-		goto err;
-
-	EVP_CIPHER_CTX_init(&ctx->cipher);
-	ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
-	if (ret <= 0)
-		goto err;
-
-	/* base64 encode the keys */
-	for (i = 0; i < npubk; i++) {
-		j = EVP_EncodeBlock((unsigned char *)s, ek[i],
-		    RSA_size(pubk[i]->pkey.rsa));
-		ekl[i] = j;
-		memcpy(ek[i], s, j + 1);
-	}
-
-	ret = npubk;
-
-err:
-	free(s);
-	explicit_bzero(key, EVP_MAX_KEY_LENGTH);
-	return (ret);
-}
-
-void
-PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
-    unsigned char *in, int inl)
-{
-	unsigned char buffer[1600];
-	int i, j;
-
-	*outl = 0;
-	EVP_SignUpdate(&ctx->md, in, inl);
-	for (;;) {
-		if (inl <= 0)
-			break;
-		if (inl > 1200)
-			i = 1200;
-		else
-			i = inl;
-		EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
-		EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
-		*outl += j;
-		out += j;
-		in += i;
-		inl -= i;
-	}
-}
-
-int
-PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
-    unsigned char *out, int *outl, EVP_PKEY *priv)
-{
-	unsigned char *s = NULL;
-	int ret = 0, j;
-	unsigned int i;
-
-	if (priv->type != EVP_PKEY_RSA) {
-		PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
-		goto err;
-	}
-	i = RSA_size(priv->pkey.rsa);
-	if (i < 100)
-		i = 100;
-	s = reallocarray(NULL, i, 2);
-	if (s == NULL) {
-		PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
-		goto err;
-	EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
-	*outl = j;
-	out += j;
-	EVP_EncodeFinal(&ctx->encode, out, &j);
-	*outl += j;
-
-	if (!EVP_SignFinal(&ctx->md, s, &i, priv))
-		goto err;
-	*sigl = EVP_EncodeBlock(sig, s, i);
-
-	ret = 1;
-
-err:
-	EVP_MD_CTX_cleanup(&ctx->md);
-	EVP_CIPHER_CTX_cleanup(&ctx->cipher);
-	free(s);
-	return (ret);
-}
-#endif
diff --git a/lib/libssl/src/crypto/pem/pem_sign.c b/lib/libssl/src/crypto/pem/pem_sign.c
deleted file mode 100644
index aab8c4d6b84..00000000000
--- a/lib/libssl/src/crypto/pem/pem_sign.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* $OpenBSD: pem_sign.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-void
-PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
-{
-	EVP_DigestInit_ex(ctx, type, NULL);
-}
-
-void
-PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
-    unsigned int count)
-{
-	EVP_DigestUpdate(ctx, data, count);
-}
-
-int
-PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
-    EVP_PKEY *pkey)
-{
-	unsigned char *m;
-	int i, ret = 0;
-	unsigned int m_len;
-
-	m = malloc(EVP_PKEY_size(pkey) + 2);
-	if (m == NULL) {
-		PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EVP_SignFinal(ctx, m, &m_len, pkey) <= 0)
-		goto err;
-
-	i = EVP_EncodeBlock(sigret, m, m_len);
-	*siglen = i;
-	ret = 1;
-
-err:
-	/* ctx has been zeroed by EVP_SignFinal() */
-	free(m);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/pem/pem_x509.c b/lib/libssl/src/crypto/pem/pem_x509.c
deleted file mode 100644
index e4b7f1c2c69..00000000000
--- a/lib/libssl/src/crypto/pem/pem_x509.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/* $OpenBSD: pem_x509.c,v 1.6 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
diff --git a/lib/libssl/src/crypto/pem/pem_xaux.c b/lib/libssl/src/crypto/pem/pem_xaux.c
deleted file mode 100644
index eb768405321..00000000000
--- a/lib/libssl/src/crypto/pem/pem_xaux.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/* $OpenBSD: pem_xaux.c,v 1.7 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
-IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR,
-    X509_CERT_PAIR)
diff --git a/lib/libssl/src/crypto/pem/pkcs7.lis b/lib/libssl/src/crypto/pem/pkcs7.lis
deleted file mode 100644
index be90c5d87f5..00000000000
--- a/lib/libssl/src/crypto/pem/pkcs7.lis
+++ /dev/null
@@ -1,22 +0,0 @@
-21     0:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
- 00     2:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
- 21    13:d=0 hl=2 l=  0 cons: cont: 00			# explicit tag
-  21    15:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-   00    17:d=0 hl=2 l=  1 prim: univ: INTEGER          # version 
-   20    20:d=0 hl=2 l=  0 cons: univ: SET               
-   21    22:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
-    00    24:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
-    00    35:d=0 hl=2 l=  0 prim: univ: EOC               
-   21    37:d=0 hl=2 l=  0 cons: cont: 00               # cert tag
-    20    39:d=0 hl=4 l=545 cons: univ: SEQUENCE          
-    20   588:d=0 hl=4 l=524 cons: univ: SEQUENCE          
-    00  1116:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  1118:d=0 hl=2 l=  0 cons: cont: 01		# crl tag
-    20  1120:d=0 hl=4 l=653 cons: univ: SEQUENCE          
-    20  1777:d=0 hl=4 l=285 cons: univ: SEQUENCE          
-    00  2066:d=0 hl=2 l=  0 prim: univ: EOC               
-   21  2068:d=0 hl=2 l=  0 cons: univ: SET              # signers 
-    00  2070:d=0 hl=2 l=  0 prim: univ: EOC               
-  00  2072:d=0 hl=2 l=  0 prim: univ: EOC               
- 00  2074:d=0 hl=2 l=  0 prim: univ: EOC               
-00  2076:d=0 hl=2 l=  0 prim: univ: EOC               
diff --git a/lib/libssl/src/crypto/pem/pvkfmt.c b/lib/libssl/src/crypto/pem/pvkfmt.c
deleted file mode 100644
index 7a9045396c5..00000000000
--- a/lib/libssl/src/crypto/pem/pvkfmt.c
+++ /dev/null
@@ -1,939 +0,0 @@
-/* $OpenBSD: pvkfmt.c,v 1.16 2016/03/02 14:28:14 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Support for PVK format keys and related structures (such a PUBLICKEYBLOB
- * and PRIVATEKEYBLOB).
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
-
-/* Utility function: read a DWORD (4 byte unsigned integer) in little endian
- * format
- */
-
-static unsigned int
-read_ledword(const unsigned char **in)
-{
-	const unsigned char *p = *in;
-	unsigned int ret;
-
-	ret = *p++;
-	ret |= (*p++ << 8);
-	ret |= (*p++ << 16);
-	ret |= (*p++ << 24);
-	*in = p;
-	return ret;
-}
-
-/* Read a BIGNUM in little endian format. The docs say that this should take up
- * bitlen/8 bytes.
- */
-
-static int
-read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
-{
-	const unsigned char *p;
-	unsigned char *tmpbuf, *q;
-	unsigned int i;
-
-	p = *in + nbyte - 1;
-	tmpbuf = malloc(nbyte);
-	if (!tmpbuf)
-		return 0;
-	q = tmpbuf;
-	for (i = 0; i < nbyte; i++)
-		*q++ = *p--;
-	*r = BN_bin2bn(tmpbuf, nbyte, NULL);
-	free(tmpbuf);
-	if (*r) {
-		*in += nbyte;
-		return 1;
-	} else
-		return 0;
-}
-
-
-/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
-
-#define MS_PUBLICKEYBLOB	0x6
-#define MS_PRIVATEKEYBLOB	0x7
-#define MS_RSA1MAGIC		0x31415352L
-#define MS_RSA2MAGIC		0x32415352L
-#define MS_DSS1MAGIC		0x31535344L
-#define MS_DSS2MAGIC		0x32535344L
-
-#define MS_KEYALG_RSA_KEYX	0xa400
-#define MS_KEYALG_DSS_SIGN	0x2200
-
-#define MS_KEYTYPE_KEYX		0x1
-#define MS_KEYTYPE_SIGN		0x2
-
-/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
-#define MS_PVKMAGIC		0xb0b5f11eL
-/* Salt length for PVK files */
-#define PVK_SALTLEN		0x10
-
-static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
-    unsigned int bitlen, int ispub);
-static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
-    unsigned int bitlen, int ispub);
-
-static int
-do_blob_header(const unsigned char **in, unsigned int length,
-    unsigned int *pmagic, unsigned int *pbitlen, int *pisdss, int *pispub)
-{
-	const unsigned char *p = *in;
-
-	if (length < 16)
-		return 0;
-	/* bType */
-	if (*p == MS_PUBLICKEYBLOB) {
-		if (*pispub == 0) {
-			PEMerr(PEM_F_DO_BLOB_HEADER,
-			    PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
-			return 0;
-		}
-		*pispub = 1;
-	} else if (*p == MS_PRIVATEKEYBLOB) {
-		if (*pispub == 1) {
-			PEMerr(PEM_F_DO_BLOB_HEADER,
-			    PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
-			return 0;
-		}
-		*pispub = 0;
-	} else
-		return 0;
-	p++;
-	/* Version */
-	if (*p++ != 0x2) {
-		PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
-		return 0;
-	}
-	/* Ignore reserved, aiKeyAlg */
-	p += 6;
-	*pmagic = read_ledword(&p);
-	*pbitlen = read_ledword(&p);
-	if (*pbitlen > 65536) {
-		PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_INCONSISTENT_HEADER);
-		return 0;
-	}
-	*pisdss = 0;
-	switch (*pmagic) {
-
-	case MS_DSS1MAGIC:
-		*pisdss = 1;
-	case MS_RSA1MAGIC:
-		if (*pispub == 0) {
-			PEMerr(PEM_F_DO_BLOB_HEADER,
-			    PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
-			return 0;
-		}
-		break;
-
-	case MS_DSS2MAGIC:
-		*pisdss = 1;
-	case MS_RSA2MAGIC:
-		if (*pispub == 1) {
-			PEMerr(PEM_F_DO_BLOB_HEADER,
-			    PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
-			return 0;
-		}
-		break;
-
-	default:
-		PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
-		return -1;
-	}
-	*in = p;
-	return 1;
-}
-
-static unsigned int
-blob_length(unsigned bitlen, int isdss, int ispub)
-{
-	unsigned int nbyte, hnbyte;
-
-	nbyte = (bitlen + 7) >> 3;
-	hnbyte = (bitlen + 15) >> 4;
-	if (isdss) {
-
-		/* Expected length: 20 for q + 3 components bitlen each + 24
-		 * for seed structure.
-		 */
-		if (ispub)
-			return 44 + 3 * nbyte;
-		/* Expected length: 20 for q, priv, 2 bitlen components + 24
-		 * for seed structure.
-		 */
-		else
-			return 64 + 2 * nbyte;
-	} else {
-		/* Expected length: 4 for 'e' + 'n' */
-		if (ispub)
-			return 4 + nbyte;
-		else
-		/* Expected length: 4 for 'e' and 7 other components.
-		 * 2 components are bitlen size, 5 are bitlen/2
-		 */
-				return 4 + 2*nbyte + 5*hnbyte;
-	}
-
-}
-
-static EVP_PKEY *
-do_b2i(const unsigned char **in, unsigned int length, int ispub)
-{
-	const unsigned char *p = *in;
-	unsigned int bitlen, magic;
-	int isdss;
-
-	if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
-		PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
-		return NULL;
-	}
-	length -= 16;
-	if (length < blob_length(bitlen, isdss, ispub)) {
-		PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
-		return NULL;
-	}
-	if (isdss)
-		return b2i_dss(&p, length, bitlen, ispub);
-	else
-		return b2i_rsa(&p, length, bitlen, ispub);
-}
-
-static EVP_PKEY *
-do_b2i_bio(BIO *in, int ispub)
-{
-	const unsigned char *p;
-	unsigned char hdr_buf[16], *buf = NULL;
-	unsigned int bitlen, magic, length;
-	int isdss;
-	EVP_PKEY *ret = NULL;
-
-	if (BIO_read(in, hdr_buf, 16) != 16) {
-		PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
-		return NULL;
-	}
-	p = hdr_buf;
-	if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
-		return NULL;
-
-	length = blob_length(bitlen, isdss, ispub);
-	buf = malloc(length);
-	if (!buf) {
-		PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	p = buf;
-	if (BIO_read(in, buf, length) != (int)length) {
-		PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
-		goto err;
-	}
-
-	if (isdss)
-		ret = b2i_dss(&p, length, bitlen, ispub);
-	else
-		ret = b2i_rsa(&p, length, bitlen, ispub);
-
-err:
-	free(buf);
-	return ret;
-}
-
-static EVP_PKEY *
-b2i_dss(const unsigned char **in, unsigned int length, unsigned int bitlen,
-    int ispub)
-{
-	const unsigned char *p = *in;
-	EVP_PKEY *ret = NULL;
-	DSA *dsa = NULL;
-	BN_CTX *ctx = NULL;
-	unsigned int nbyte;
-
-	nbyte = (bitlen + 7) >> 3;
-
-	dsa = DSA_new();
-	ret = EVP_PKEY_new();
-	if (!dsa || !ret)
-		goto memerr;
-	if (!read_lebn(&p, nbyte, &dsa->p))
-		goto memerr;
-	if (!read_lebn(&p, 20, &dsa->q))
-		goto memerr;
-	if (!read_lebn(&p, nbyte, &dsa->g))
-		goto memerr;
-	if (ispub) {
-		if (!read_lebn(&p, nbyte, &dsa->pub_key))
-			goto memerr;
-	} else {
-		if (!read_lebn(&p, 20, &dsa->priv_key))
-			goto memerr;
-		/* Calculate public key */
-		if (!(dsa->pub_key = BN_new()))
-			goto memerr;
-		if (!(ctx = BN_CTX_new()))
-			goto memerr;
-		if (!BN_mod_exp(dsa->pub_key, dsa->g,
-		    dsa->priv_key, dsa->p, ctx))
-			goto memerr;
-		BN_CTX_free(ctx);
-	}
-
-	EVP_PKEY_set1_DSA(ret, dsa);
-	DSA_free(dsa);
-	*in = p;
-	return ret;
-
-memerr:
-	PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
-	DSA_free(dsa);
-	EVP_PKEY_free(ret);
-	BN_CTX_free(ctx);
-	return NULL;
-}
-
-static EVP_PKEY *
-b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen,
-    int ispub)
-{
-	const unsigned char *p = *in;
-	EVP_PKEY *ret = NULL;
-	RSA *rsa = NULL;
-	unsigned int nbyte, hnbyte;
-
-	nbyte = (bitlen + 7) >> 3;
-	hnbyte = (bitlen + 15) >> 4;
-	rsa = RSA_new();
-	ret = EVP_PKEY_new();
-	if (!rsa || !ret)
-		goto memerr;
-	rsa->e = BN_new();
-	if (!rsa->e)
-		goto memerr;
-	if (!BN_set_word(rsa->e, read_ledword(&p)))
-		goto memerr;
-	if (!read_lebn(&p, nbyte, &rsa->n))
-		goto memerr;
-	if (!ispub) {
-		if (!read_lebn(&p, hnbyte, &rsa->p))
-			goto memerr;
-		if (!read_lebn(&p, hnbyte, &rsa->q))
-			goto memerr;
-		if (!read_lebn(&p, hnbyte, &rsa->dmp1))
-			goto memerr;
-		if (!read_lebn(&p, hnbyte, &rsa->dmq1))
-			goto memerr;
-		if (!read_lebn(&p, hnbyte, &rsa->iqmp))
-			goto memerr;
-		if (!read_lebn(&p, nbyte, &rsa->d))
-			goto memerr;
-	}
-
-	EVP_PKEY_set1_RSA(ret, rsa);
-	RSA_free(rsa);
-	*in = p;
-	return ret;
-
-memerr:
-	PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
-	RSA_free(rsa);
-	EVP_PKEY_free(ret);
-	return NULL;
-}
-
-EVP_PKEY *
-b2i_PrivateKey(const unsigned char **in, long length)
-{
-	return do_b2i(in, length, 0);
-}
-
-EVP_PKEY *
-b2i_PublicKey(const unsigned char **in, long length)
-{
-	return do_b2i(in, length, 1);
-}
-
-EVP_PKEY *
-b2i_PrivateKey_bio(BIO *in)
-{
-	return do_b2i_bio(in, 0);
-}
-
-EVP_PKEY *
-b2i_PublicKey_bio(BIO *in)
-{
-	return do_b2i_bio(in, 1);
-}
-
-static void
-write_ledword(unsigned char **out, unsigned int dw)
-{
-	unsigned char *p = *out;
-
-	*p++ = dw & 0xff;
-	*p++ = (dw >> 8) & 0xff;
-	*p++ = (dw >> 16) & 0xff;
-	*p++ = (dw >> 24) & 0xff;
-	*out = p;
-}
-
-static void
-write_lebn(unsigned char **out, const BIGNUM *bn, int len)
-{
-	int nb, i;
-	unsigned char *p = *out, *q, c;
-
-	nb = BN_num_bytes(bn);
-	BN_bn2bin(bn, p);
-	q = p + nb - 1;
-	/* In place byte order reversal */
-	for (i = 0; i < nb / 2; i++) {
-		c = *p;
-		*p++ = *q;
-		*q-- = c;
-	}
-	*out += nb;
-	/* Pad with zeroes if we have to */
-	if (len > 0) {
-		len -= nb;
-		if (len > 0) {
-			memset(*out, 0, len);
-			*out += len;
-		}
-	}
-}
-
-
-static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
-static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
-
-static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
-static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
-
-static int
-do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
-{
-	unsigned char *p;
-	unsigned int bitlen, magic = 0, keyalg;
-	int outlen, noinc = 0;
-
-	if (pk->type == EVP_PKEY_DSA) {
-		bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
-		keyalg = MS_KEYALG_DSS_SIGN;
-	} else if (pk->type == EVP_PKEY_RSA) {
-		bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
-		keyalg = MS_KEYALG_RSA_KEYX;
-	} else
-		return -1;
-	if (bitlen == 0)
-		return -1;
-	outlen = 16 + blob_length(bitlen,
-	    keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
-	if (out == NULL)
-		return outlen;
-	if (*out)
-		p = *out;
-	else {
-		p = malloc(outlen);
-		if (!p)
-			return -1;
-		*out = p;
-		noinc = 1;
-	}
-	if (ispub)
-		*p++ = MS_PUBLICKEYBLOB;
-	else
-		*p++ = MS_PRIVATEKEYBLOB;
-	*p++ = 0x2;
-	*p++ = 0;
-	*p++ = 0;
-	write_ledword(&p, keyalg);
-	write_ledword(&p, magic);
-	write_ledword(&p, bitlen);
-	if (keyalg == MS_KEYALG_DSS_SIGN)
-		write_dsa(&p, pk->pkey.dsa, ispub);
-	else
-		write_rsa(&p, pk->pkey.rsa, ispub);
-	if (!noinc)
-		*out += outlen;
-	return outlen;
-}
-
-static int
-do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
-{
-	unsigned char *tmp = NULL;
-	int outlen, wrlen;
-
-	outlen = do_i2b(&tmp, pk, ispub);
-	if (outlen < 0)
-		return -1;
-	wrlen = BIO_write(out, tmp, outlen);
-	free(tmp);
-	if (wrlen == outlen)
-		return outlen;
-	return -1;
-}
-
-static int
-check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
-{
-	int bitlen;
-
-	bitlen = BN_num_bits(dsa->p);
-	if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160) ||
-	    (BN_num_bits(dsa->g) > bitlen))
-		goto badkey;
-	if (ispub) {
-		if (BN_num_bits(dsa->pub_key) > bitlen)
-			goto badkey;
-		*pmagic = MS_DSS1MAGIC;
-	} else {
-		if (BN_num_bits(dsa->priv_key) > 160)
-			goto badkey;
-		*pmagic = MS_DSS2MAGIC;
-	}
-
-	return bitlen;
-
-badkey:
-	PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
-	return 0;
-}
-
-static int
-check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
-{
-	int nbyte, hnbyte, bitlen;
-
-	if (BN_num_bits(rsa->e) > 32)
-		goto badkey;
-	bitlen = BN_num_bits(rsa->n);
-	nbyte = BN_num_bytes(rsa->n);
-	hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
-	if (ispub) {
-		*pmagic = MS_RSA1MAGIC;
-		return bitlen;
-	} else {
-		*pmagic = MS_RSA2MAGIC;
-		/* For private key each component must fit within nbyte or
-		 * hnbyte.
-		 */
-		if (BN_num_bytes(rsa->d) > nbyte)
-			goto badkey;
-		if ((BN_num_bytes(rsa->iqmp) > hnbyte) ||
-		    (BN_num_bytes(rsa->p) > hnbyte) ||
-		    (BN_num_bytes(rsa->q) > hnbyte) ||
-		    (BN_num_bytes(rsa->dmp1) > hnbyte) ||
-		    (BN_num_bytes(rsa->dmq1) > hnbyte))
-			goto badkey;
-	}
-	return bitlen;
-
-badkey:
-	PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
-	return 0;
-}
-
-static void
-write_rsa(unsigned char **out, RSA *rsa, int ispub)
-{
-	int nbyte, hnbyte;
-
-	nbyte = BN_num_bytes(rsa->n);
-	hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
-	write_lebn(out, rsa->e, 4);
-	write_lebn(out, rsa->n, -1);
-	if (ispub)
-		return;
-	write_lebn(out, rsa->p, hnbyte);
-	write_lebn(out, rsa->q, hnbyte);
-	write_lebn(out, rsa->dmp1, hnbyte);
-	write_lebn(out, rsa->dmq1, hnbyte);
-	write_lebn(out, rsa->iqmp, hnbyte);
-	write_lebn(out, rsa->d, nbyte);
-}
-
-static void
-write_dsa(unsigned char **out, DSA *dsa, int ispub)
-{
-	int nbyte;
-
-	nbyte = BN_num_bytes(dsa->p);
-	write_lebn(out, dsa->p, nbyte);
-	write_lebn(out, dsa->q, 20);
-	write_lebn(out, dsa->g, nbyte);
-	if (ispub)
-		write_lebn(out, dsa->pub_key, nbyte);
-	else
-		write_lebn(out, dsa->priv_key, 20);
-	/* Set "invalid" for seed structure values */
-	memset(*out, 0xff, 24);
-	*out += 24;
-	return;
-}
-
-int
-i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
-{
-	return do_i2b_bio(out, pk, 0);
-}
-
-int
-i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
-{
-	return do_i2b_bio(out, pk, 1);
-}
-
-#ifndef OPENSSL_NO_RC4
-
-static int
-do_PVK_header(const unsigned char **in, unsigned int length, int skip_magic,
-    unsigned int *psaltlen, unsigned int *pkeylen)
-{
-	const unsigned char *p = *in;
-	unsigned int pvk_magic, is_encrypted;
-
-	if (skip_magic) {
-		if (length < 20) {
-			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
-			return 0;
-		}
-		length -= 20;
-	} else {
-		if (length < 24) {
-			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
-			return 0;
-		}
-		length -= 24;
-		pvk_magic = read_ledword(&p);
-		if (pvk_magic != MS_PVKMAGIC) {
-			PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
-			return 0;
-		}
-	}
-	/* Skip reserved */
-	p += 4;
-	/*keytype = */read_ledword(&p);
-	is_encrypted = read_ledword(&p);
-	*psaltlen = read_ledword(&p);
-	*pkeylen = read_ledword(&p);
-	if (*psaltlen > 65536 || *pkeylen > 65536) {
-		PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
-		return 0;
-	}
-
-	if (is_encrypted && !*psaltlen) {
-		PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
-		return 0;
-	}
-
-	*in = p;
-	return 1;
-}
-
-static int
-derive_pvk_key(unsigned char *key, const unsigned char *salt,
-    unsigned int saltlen, const unsigned char *pass, int passlen)
-{
-	EVP_MD_CTX mctx;
-	int rv = 1;
-
-	EVP_MD_CTX_init(&mctx);
-	if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL) ||
-	    !EVP_DigestUpdate(&mctx, salt, saltlen) ||
-	    !EVP_DigestUpdate(&mctx, pass, passlen) ||
-	    !EVP_DigestFinal_ex(&mctx, key, NULL))
-		rv = 0;
-
-	EVP_MD_CTX_cleanup(&mctx);
-	return rv;
-}
-
-static EVP_PKEY *
-do_PVK_body(const unsigned char **in, unsigned int saltlen,
-    unsigned int keylen, pem_password_cb *cb, void *u)
-{
-	EVP_PKEY *ret = NULL;
-	const unsigned char *p = *in;
-	unsigned int magic;
-	unsigned char *enctmp = NULL, *q;
-	EVP_CIPHER_CTX cctx;
-
-	EVP_CIPHER_CTX_init(&cctx);
-	if (saltlen) {
-		char psbuf[PEM_BUFSIZE];
-		unsigned char keybuf[20];
-		int enctmplen, inlen;
-
-		if (cb)
-			inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
-		else
-			inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
-		if (inlen <= 0) {
-			PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
-			goto err;
-		}
-		enctmp = malloc(keylen + 8);
-		if (!enctmp) {
-			PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf,
-		    inlen)) {
-			goto err;
-		}
-		p += saltlen;
-		/* Copy BLOBHEADER across, decrypt rest */
-		memcpy(enctmp, p, 8);
-		p += 8;
-		if (keylen < 8) {
-			PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
-			goto err;
-		}
-		inlen = keylen - 8;
-		q = enctmp + 8;
-		if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-			goto err;
-		if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
-			goto err;
-		if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
-			goto err;
-		magic = read_ledword((const unsigned char **)&q);
-		if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
-			q = enctmp + 8;
-			memset(keybuf + 5, 0, 11);
-			if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
-			    NULL))
-				goto err;
-			explicit_bzero(keybuf, 20);
-			if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
-				goto err;
-			if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,
-			    &enctmplen))
-				goto err;
-			magic = read_ledword((const unsigned char **)&q);
-			if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
-				PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
-				goto err;
-			}
-		} else
-			explicit_bzero(keybuf, 20);
-		p = enctmp;
-	}
-
-	ret = b2i_PrivateKey(&p, keylen);
-
-err:
-	EVP_CIPHER_CTX_cleanup(&cctx);
-	if (enctmp && saltlen)
-		free(enctmp);
-	return ret;
-}
-
-
-EVP_PKEY *
-b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
-{
-	unsigned char pvk_hdr[24], *buf = NULL;
-	const unsigned char *p;
-	size_t buflen;
-	EVP_PKEY *ret = NULL;
-	unsigned int saltlen, keylen;
-
-	if (BIO_read(in, pvk_hdr, 24) != 24) {
-		PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
-		return NULL;
-	}
-	p = pvk_hdr;
-
-	if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
-		return 0;
-	buflen = keylen + saltlen;
-	buf = malloc(buflen);
-	if (!buf) {
-		PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p = buf;
-	if (BIO_read(in, buf, buflen) != buflen) {
-		PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
-		goto err;
-	}
-	ret = do_PVK_body(&p, saltlen, keylen, cb, u);
-
-err:
-	if (buf) {
-		explicit_bzero(buf, buflen);
-		free(buf);
-	}
-	return ret;
-}
-
-static int
-i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb,
-    void *u)
-{
-	int outlen = 24, pklen;
-	unsigned char *p, *salt = NULL;
-	EVP_CIPHER_CTX cctx;
-
-	EVP_CIPHER_CTX_init(&cctx);
-	if (enclevel)
-		outlen += PVK_SALTLEN;
-	pklen = do_i2b(NULL, pk, 0);
-	if (pklen < 0)
-		return -1;
-	outlen += pklen;
-	if (!out)
-		return outlen;
-	if (*out)
-		p = *out;
-	else {
-		p = malloc(outlen);
-		if (!p) {
-			PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-		*out = p;
-	}
-
-	write_ledword(&p, MS_PVKMAGIC);
-	write_ledword(&p, 0);
-	if (pk->type == EVP_PKEY_DSA)
-		write_ledword(&p, MS_KEYTYPE_SIGN);
-	else
-		write_ledword(&p, MS_KEYTYPE_KEYX);
-	write_ledword(&p, enclevel ? 1 : 0);
-	write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
-	write_ledword(&p, pklen);
-	if (enclevel) {
-		arc4random_buf(p, PVK_SALTLEN);
-		salt = p;
-		p += PVK_SALTLEN;
-	}
-	do_i2b(&p, pk, 0);
-	if (enclevel == 0)
-		return outlen;
-	else {
-		char psbuf[PEM_BUFSIZE];
-		unsigned char keybuf[20];
-		int enctmplen, inlen;
-		if (cb)
-			inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
-		else
-			inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
-		if (inlen <= 0) {
-			PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
-			goto error;
-		}
-		if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
-		    (unsigned char *)psbuf, inlen))
-			goto error;
-		if (enclevel == 1)
-			memset(keybuf + 5, 0, 11);
-		p = salt + PVK_SALTLEN + 8;
-		if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
-			goto error;
-		explicit_bzero(keybuf, 20);
-		if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
-			goto error;
-		if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
-			goto error;
-	}
-	EVP_CIPHER_CTX_cleanup(&cctx);
-	return outlen;
-
-error:
-	EVP_CIPHER_CTX_cleanup(&cctx);
-	return -1;
-}
-
-int
-i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u)
-{
-	unsigned char *tmp = NULL;
-	int outlen, wrlen;
-
-	outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
-	if (outlen < 0)
-		return -1;
-	wrlen = BIO_write(out, tmp, outlen);
-	free(tmp);
-	if (wrlen == outlen) {
-		PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
-		return outlen;
-	}
-	return -1;
-}
-
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/perlasm/cbc.pl b/lib/libssl/src/crypto/perlasm/cbc.pl
deleted file mode 100644
index 24561e759ab..00000000000
--- a/lib/libssl/src/crypto/perlasm/cbc.pl
+++ /dev/null
@@ -1,349 +0,0 @@
-#!/usr/local/bin/perl
-
-# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
-# des_cblock (*input);
-# des_cblock (*output);
-# long length;
-# des_key_schedule schedule;
-# des_cblock (*ivec);
-# int enc;
-#
-# calls 
-# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
-#
-
-#&cbc("des_ncbc_encrypt","des_encrypt",0);
-#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
-#	1,4,5,3,5,-1);
-#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
-#	0,4,5,3,5,-1);
-#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
-#	0,6,7,3,4,5);
-#
-# When doing a cipher that needs bigendian order,
-# for encrypt, the iv is kept in bigendian form,
-# while for decrypt, it is kept in little endian.
-sub cbc
-	{
-	local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
-	# name is the function name
-	# enc_func and dec_func and the functions to call for encrypt/decrypt
-	# swap is true if byte order needs to be reversed
-	# iv_off is parameter number for the iv 
-	# enc_off is parameter number for the encrypt/decrypt flag
-	# p1,p2,p3 are the offsets for parameters to be passed to the
-	# underlying calls.
-
-	&function_begin_B($name,"");
-	&comment("");
-
-	$in="esi";
-	$out="edi";
-	$count="ebp";
-
-	&push("ebp");
-	&push("ebx");
-	&push("esi");
-	&push("edi");
-
-	$data_off=4;
-	$data_off+=4 if ($p1 > 0);
-	$data_off+=4 if ($p2 > 0);
-	$data_off+=4 if ($p3 > 0);
-
-	&mov($count,	&wparam(2));	# length
-
-	&comment("getting iv ptr from parameter $iv_off");
-	&mov("ebx",	&wparam($iv_off));	# Get iv ptr
-
-	&mov($in,	&DWP(0,"ebx","",0));#	iv[0]
-	&mov($out,	&DWP(4,"ebx","",0));#	iv[1]
-
-	&push($out);
-	&push($in);
-	&push($out);	# used in decrypt for iv[1]
-	&push($in);	# used in decrypt for iv[0]
-
-	&mov("ebx",	"esp");		# This is the address of tin[2]
-
-	&mov($in,	&wparam(0));	# in
-	&mov($out,	&wparam(1));	# out
-
-	# We have loaded them all, how lets push things
-	&comment("getting encrypt flag from parameter $enc_off");
-	&mov("ecx",	&wparam($enc_off));	# Get enc flag
-	if ($p3 > 0)
-		{
-		&comment("get and push parameter $p3");
-		if ($enc_off != $p3)
-			{ &mov("eax",	&wparam($p3)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	if ($p2 > 0)
-		{
-		&comment("get and push parameter $p2");
-		if ($enc_off != $p2)
-			{ &mov("eax",	&wparam($p2)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	if ($p1 > 0)
-		{
-		&comment("get and push parameter $p1");
-		if ($enc_off != $p1)
-			{ &mov("eax",	&wparam($p1)); &push("eax"); }
-		else	{ &push("ecx"); }
-		}
-	&push("ebx");		# push data/iv
-
-	&cmp("ecx",0);
-	&jz(&label("decrypt"));
-
-	&and($count,0xfffffff8);
-	&mov("eax",	&DWP($data_off,"esp","",0));	# load iv[0]
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	# load iv[1]
-
-	&jz(&label("encrypt_finish"));
-
-	#############################################################
-
-	&set_label("encrypt_loop");
-	# encrypt start 
-	# "eax" and "ebx" hold iv (or the last cipher text)
-
-	&mov("ecx",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("edx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&xor("eax",	"ecx");
-	&xor("ebx",	"edx");
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($enc_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP(0,$out,"",0),"eax");
-	&mov(&DWP(4,$out,"",0),"ebx");
-
-	# eax and ebx are the next iv.
-
-	&add($in,	8);
-	&add($out,	8);
-
-	&sub($count,	8);
-	&jnz(&label("encrypt_loop"));
-
-###################################################################3
-	&set_label("encrypt_finish");
-	&mov($count,	&wparam(2));	# length
-	&and($count,	7);
-	&jz(&label("finish"));
-	&call(&label("PIC_point"));
-&set_label("PIC_point");
-	&blindpop("edx");
-	&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
-	&mov($count,&DWP(0,"ecx",$count,4));
-	&add($count,"edx");
-	&xor("ecx","ecx");
-	&xor("edx","edx");
-	#&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
-	&jmp_ptr($count);
-
-&set_label("ej7");
-	&movb(&HB("edx"),	&BP(6,$in,"",0));
-	&shl("edx",8);
-&set_label("ej6");
-	&movb(&HB("edx"),	&BP(5,$in,"",0));
-&set_label("ej5");
-	&movb(&LB("edx"),	&BP(4,$in,"",0));
-&set_label("ej4");
-	&mov("ecx",		&DWP(0,$in,"",0));
-	&jmp(&label("ejend"));
-&set_label("ej3");
-	&movb(&HB("ecx"),	&BP(2,$in,"",0));
-	&shl("ecx",8);
-&set_label("ej2");
-	&movb(&HB("ecx"),	&BP(1,$in,"",0));
-&set_label("ej1");
-	&movb(&LB("ecx"),	&BP(0,$in,"",0));
-&set_label("ejend");
-
-	&xor("eax",	"ecx");
-	&xor("ebx",	"edx");
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($enc_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP(0,$out,"",0),"eax");
-	&mov(&DWP(4,$out,"",0),"ebx");
-
-	&jmp(&label("finish"));
-
-	#############################################################
-	#############################################################
-	&set_label("decrypt",1);
-	# decrypt start 
-	&and($count,0xfffffff8);
-	# The next 2 instructions are only for if the jz is taken
-	&mov("eax",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("ebx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-	&jz(&label("decrypt_finish"));
-
-	&set_label("decrypt_loop");
-	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($dec_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-
-	&xor("ecx",	"eax");
-	&xor("edx",	"ebx");
-
-	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
-	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
-
-	&mov(&DWP(0,$out,"",0),"ecx");
-	&mov(&DWP(4,$out,"",0),"edx");
-
-	&mov(&DWP($data_off+8,"esp","",0),	"eax");	# save iv
-	&mov(&DWP($data_off+12,"esp","",0),	"ebx");	#
-
-	&add($in,	8);
-	&add($out,	8);
-
-	&sub($count,	8);
-	&jnz(&label("decrypt_loop"));
-############################ ENDIT #######################3
-	&set_label("decrypt_finish");
-	&mov($count,	&wparam(2));	# length
-	&and($count,	7);
-	&jz(&label("finish"));
-
-	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
-	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
-	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
-
-	&call($dec_func);
-
-	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
-	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
-
-	&bswap("eax")	if $swap;
-	&bswap("ebx")	if $swap;
-
-	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
-	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
-
-	&xor("ecx",	"eax");
-	&xor("edx",	"ebx");
-
-	# this is for when we exit
-	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
-	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
-
-&set_label("dj7");
-	&rotr("edx",	16);
-	&movb(&BP(6,$out,"",0),	&LB("edx"));
-	&shr("edx",16);
-&set_label("dj6");
-	&movb(&BP(5,$out,"",0),	&HB("edx"));
-&set_label("dj5");
-	&movb(&BP(4,$out,"",0),	&LB("edx"));
-&set_label("dj4");
-	&mov(&DWP(0,$out,"",0),	"ecx");
-	&jmp(&label("djend"));
-&set_label("dj3");
-	&rotr("ecx",	16);
-	&movb(&BP(2,$out,"",0),	&LB("ecx"));
-	&shl("ecx",16);
-&set_label("dj2");
-	&movb(&BP(1,$in,"",0),	&HB("ecx"));
-&set_label("dj1");
-	&movb(&BP(0,$in,"",0),	&LB("ecx"));
-&set_label("djend");
-
-	# final iv is still in eax:ebx
-	&jmp(&label("finish"));
-
-
-############################ FINISH #######################3
-	&set_label("finish",1);
-	&mov("ecx",	&wparam($iv_off));	# Get iv ptr
-
-	#################################################
-	$total=16+4;
-	$total+=4 if ($p1 > 0);
-	$total+=4 if ($p2 > 0);
-	$total+=4 if ($p3 > 0);
-	&add("esp",$total);
-
-	&mov(&DWP(0,"ecx","",0),	"eax");	# save iv
-	&mov(&DWP(4,"ecx","",0),	"ebx");	# save iv
-
-	&function_end_A($name);
-
-	&align(64);
-	&set_label("cbc_enc_jmp_table");
-	&data_word("0");
-	&data_word(&label("ej1")."-".&label("PIC_point"));
-	&data_word(&label("ej2")."-".&label("PIC_point"));
-	&data_word(&label("ej3")."-".&label("PIC_point"));
-	&data_word(&label("ej4")."-".&label("PIC_point"));
-	&data_word(&label("ej5")."-".&label("PIC_point"));
-	&data_word(&label("ej6")."-".&label("PIC_point"));
-	&data_word(&label("ej7")."-".&label("PIC_point"));
-	# not used
-	#&set_label("cbc_dec_jmp_table",1);
-	#&data_word("0");
-	#&data_word(&label("dj1")."-".&label("PIC_point"));
-	#&data_word(&label("dj2")."-".&label("PIC_point"));
-	#&data_word(&label("dj3")."-".&label("PIC_point"));
-	#&data_word(&label("dj4")."-".&label("PIC_point"));
-	#&data_word(&label("dj5")."-".&label("PIC_point"));
-	#&data_word(&label("dj6")."-".&label("PIC_point"));
-	#&data_word(&label("dj7")."-".&label("PIC_point"));
-	&align(64);
-
-	&function_end_B($name);
-	
-	}
-
-1;
diff --git a/lib/libssl/src/crypto/perlasm/ppc-xlate.pl b/lib/libssl/src/crypto/perlasm/ppc-xlate.pl
deleted file mode 100755
index a3edd982b66..00000000000
--- a/lib/libssl/src/crypto/perlasm/ppc-xlate.pl
+++ /dev/null
@@ -1,159 +0,0 @@
-#!/usr/bin/env perl
-
-# PowerPC assembler distiller by <appro>.
-
-my $flavour = shift;
-my $output = shift;
-open STDOUT,">$output" || die "can't open $output: $!";
-
-my %GLOBALS;
-my $dotinlocallabels=($flavour=~/linux/)?1:0;
-
-################################################################
-# directives which need special treatment on different platforms
-################################################################
-my $globl = sub {
-    my $junk = shift;
-    my $name = shift;
-    my $global = \$GLOBALS{$name};
-    my $ret;
-
-    $name =~ s|^[\.\_]||;
- 
-    SWITCH: for ($flavour) {
-	/aix/		&& do { $name = ".$name";
-				last;
-			      };
-	/osx/		&& do { $name = "_$name";
-				last;
-			      };
-	/linux.*32/	&& do {	$ret .= ".globl	$name\n";
-				$ret .= ".type	$name,\@function";
-				last;
-			      };
-	/linux.*64/	&& do {	$ret .= ".globl	$name\n";
-				$ret .= ".type	$name,\@function\n";
-				$ret .= ".section	\".opd\",\"aw\"\n";
-				$ret .= ".align	3\n";
-				$ret .= "$name:\n";
-				$ret .= ".quad	.$name,.TOC.\@tocbase,0\n";
-				$ret .= ".size	$name,24\n";
-				$ret .= ".previous\n";
-
-				$name = ".$name";
-				last;
-			      };
-    }
-
-    $ret = ".globl	$name" if (!$ret);
-    $$global = $name;
-    $ret;
-};
-my $text = sub {
-    ($flavour =~ /aix/) ? ".csect" : ".text";
-};
-my $machine = sub {
-    my $junk = shift;
-    my $arch = shift;
-    if ($flavour =~ /osx/)
-    {	$arch =~ s/\"//g;
-	$arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any");
-    }
-    ".machine	$arch";
-};
-my $size = sub {
-    if ($flavour =~ /linux.*32/)
-    {	shift;
-	".size	" . join(",",@_);
-    }
-    else
-    {	"";	}
-};
-my $asciz = sub {
-    shift;
-    my $line = join(",",@_);
-    if ($line =~ /^"(.*)"$/)
-    {	".byte	" . join(",",unpack("C*",$1),0) . "\n.align	2";	}
-    else
-    {	"";	}
-};
-
-################################################################
-# simplified mnemonics not handled by at least one assembler
-################################################################
-my $cmplw = sub {
-    my $f = shift;
-    my $cr = 0; $cr = shift if ($#_>1);
-    # Some out-of-date 32-bit GNU assembler just can't handle cmplw...
-    ($flavour =~ /linux.*32/) ?
-	"	.long	".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 :
-	"	cmplw	".join(',',$cr,@_);
-};
-my $bdnz = sub {
-    my $f = shift;
-    my $bo = $f=~/[\+\-]/ ? 16+9 : 16;	# optional "to be taken" hint
-    "	bc	$bo,0,".shift;
-} if ($flavour!~/linux/);
-my $bltlr = sub {
-    my $f = shift;
-    my $bo = $f=~/\-/ ? 12+2 : 12;	# optional "not to be taken" hint
-    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
-	"	.long	".sprintf "0x%x",19<<26|$bo<<21|16<<1 :
-	"	bclr	$bo,0";
-};
-my $bnelr = sub {
-    my $f = shift;
-    my $bo = $f=~/\-/ ? 4+2 : 4;	# optional "not to be taken" hint
-    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
-	"	.long	".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
-	"	bclr	$bo,2";
-};
-my $beqlr = sub {
-    my $f = shift;
-    my $bo = $f=~/-/ ? 12+2 : 12;	# optional "not to be taken" hint
-    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
-	"	.long	".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
-	"	bclr	$bo,2";
-};
-# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
-# arguments is 64, with "operand out of range" error.
-my $extrdi = sub {
-    my ($f,$ra,$rs,$n,$b) = @_;
-    $b = ($b+$n)&63; $n = 64-$n;
-    "	rldicl	$ra,$rs,$b,$n";
-};
-
-while($line=<>) {
-
-    $line =~ s|[#!;].*$||;	# get rid of asm-style comments...
-    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
-    $line =~ s|^\s+||;		# ... and skip white spaces in beginning...
-    $line =~ s|\s+$||;		# ... and at the end
-
-    {
-	$line =~ s|\b\.L(\w+)|L$1|g;	# common denominator for Locallabel
-	$line =~ s|\bL(\w+)|\.L$1|g	if ($dotinlocallabels);
-    }
-
-    {
-	$line =~ s|(^[\.\w]+)\:\s*||;
-	my $label = $1;
-	printf "%s:",($GLOBALS{$label} or $label) if ($label);
-    }
-
-    {
-	$line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||;
-	my $c = $1; $c = "\t" if ($c eq "");
-	my $mnemonic = $2;
-	my $f = $3;
-	my $opcode = eval("\$$mnemonic");
-	$line =~ s|\bc?[rf]([0-9]+)\b|$1|g if ($c ne "." and $flavour !~ /osx/);
-	if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(',',$line)); }
-	elsif ($mnemonic)           { $line = $c.$mnemonic.$f."\t".$line; }
-    }
-
-    print $line if ($line);
-    print "\n";
-}
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/perlasm/readme b/lib/libssl/src/crypto/perlasm/readme
deleted file mode 100644
index 57d61fda1ee..00000000000
--- a/lib/libssl/src/crypto/perlasm/readme
+++ /dev/null
@@ -1,124 +0,0 @@
-The perl scripts in this directory are my 'hack' to generate
-multiple different assembler formats via the one origional script.
-
-The way to use this library is to start with adding the path to this directory
-and then include it.
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-The first thing we do is setup the file and type of assembler
-
-&asm_init($ARGV[0],$0);
-
-The first argument is the 'type'.  Currently
-'cpp', 'sol', 'a.out', 'elf' or 'win32'.
-Argument 2 is the file name.
-
-The reciprocal function is
-&asm_finish() which should be called at the end.
-
-There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
-and x86unix.pl which is the unix (gas) version.
-
-Functions of interest are:
-&external_label("des_SPtrans");	declare and external variable
-&LB(reg);			Low byte for a register
-&HB(reg);			High byte for a register
-&BP(off,base,index,scale)	Byte pointer addressing
-&DWP(off,base,index,scale)	Word pointer addressing
-&stack_push(num)		Basically a 'sub esp, num*4' with extra
-&stack_pop(num)			inverse of stack_push
-&function_begin(name,extra)	Start a function with pushing of
-				edi, esi, ebx and ebp.  extra is extra win32
-				external info that may be required.
-&function_begin_B(name,extra)	Same as norma function_begin but no pushing.
-&function_end(name)		Call at end of function.
-&function_end_A(name)		Standard pop and ret, for use inside functions
-&function_end_B(name)		Call at end but with poping or 'ret'.
-&swtmp(num)			Address on stack temp word.
-&wparam(num)			Parameter number num, that was push
-				in C convention.  This all works over pushes
-				and pops.
-&comment("hello there")		Put in a comment.
-&label("loop")			Refer to a label, normally a jmp target.
-&set_label("loop")		Set a label at this point.
-&data_word(word)		Put in a word of data.
-
-So how does this all hold together?  Given
-
-int calc(int len, int *data)
-	{
-	int i,j=0;
-
-	for (i=0; i<len; i++)
-		{
-		j+=other(data[i]);
-		}
-	}
-
-So a very simple version of this function could be coded as
-
-	push(@INC,"perlasm","../../perlasm");
-	require "x86asm.pl";
-	
-	&asm_init($ARGV[0],"cacl.pl");
-
-	&external_label("other");
-
-	$tmp1=	"eax";
-	$j=	"edi";
-	$data=	"esi";
-	$i=	"ebp";
-
-	&comment("a simple function");
-	&function_begin("calc");
-	&mov(	$data,		&wparam(1)); # data
-	&xor(	$j,		$j);
-	&xor(	$i,		$i);
-
-	&set_label("loop");
-	&cmp(	$i,		&wparam(0));
-	&jge(	&label("end"));
-
-	&mov(	$tmp1,		&DWP(0,$data,$i,4));
-	&push(	$tmp1);
-	&call(	"other");
-	&add(	$j,		"eax");
-	&pop(	$tmp1);
-	&inc(	$i);
-	&jmp(	&label("loop"));
-
-	&set_label("end");
-	&mov(	"eax",		$j);
-
-	&function_end("calc");
-
-	&asm_finish();
-
-The above example is very very unoptimised but gives an idea of how
-things work.
-
-There is also a cbc mode function generator in cbc.pl
-
-&cbc(	$name,
-	$encrypt_function_name,
-	$decrypt_function_name,
-	$true_if_byte_swap_needed,
-	$parameter_number_for_iv,
-	$parameter_number_for_encrypt_flag,
-	$first_parameter_to_pass,
-	$second_parameter_to_pass,
-	$third_parameter_to_pass);
-
-So for example, given
-void BF_encrypt(BF_LONG *data,BF_KEY *key);
-void BF_decrypt(BF_LONG *data,BF_KEY *key);
-void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
-        BF_KEY *ks, unsigned char *iv, int enc);
-
-&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
-
-&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
-&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
-
diff --git a/lib/libssl/src/crypto/perlasm/x86_64-xlate.pl b/lib/libssl/src/crypto/perlasm/x86_64-xlate.pl
deleted file mode 100755
index 4bd53da33dd..00000000000
--- a/lib/libssl/src/crypto/perlasm/x86_64-xlate.pl
+++ /dev/null
@@ -1,1075 +0,0 @@
-#!/usr/bin/env perl
-
-# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
-#
-# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
-# format is way easier to parse. Because it's simpler to "gear" from
-# Unix ABI to Windows one [see cross-reference "card" at the end of
-# file]. Because Linux targets were available first...
-#
-# In addition the script also "distills" code suitable for GNU
-# assembler, so that it can be compiled with more rigid assemblers,
-# such as Solaris /usr/ccs/bin/as.
-#
-# This translator is not designed to convert *arbitrary* assembler
-# code from AT&T format to MASM one. It's designed to convert just
-# enough to provide for dual-ABI OpenSSL modules development...
-# There *are* limitations and you might have to modify your assembler
-# code or this script to achieve the desired result...
-#
-# Currently recognized limitations:
-#
-# - can't use multiple ops per line;
-#
-# Dual-ABI styling rules.
-#
-# 1. Adhere to Unix register and stack layout [see cross-reference
-#    ABI "card" at the end for explanation].
-# 2. Forget about "red zone," stick to more traditional blended
-#    stack frame allocation. If volatile storage is actually required
-#    that is. If not, just leave the stack as is.
-# 3. Functions tagged with ".type name,@function" get crafted with
-#    unified Win64 prologue and epilogue automatically. If you want
-#    to take care of ABI differences yourself, tag functions as
-#    ".type name,@abi-omnipotent" instead.
-# 4. To optimize the Win64 prologue you can specify number of input
-#    arguments as ".type name,@function,N." Keep in mind that if N is
-#    larger than 6, then you *have to* write "abi-omnipotent" code,
-#    because >6 cases can't be addressed with unified prologue.
-# 5. Name local labels as .L*, do *not* use dynamic labels such as 1:
-#    (sorry about latter).
-# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
-#    required to identify the spots, where to inject Win64 epilogue!
-#    But on the pros, it's then prefixed with rep automatically:-)
-# 7. Stick to explicit ip-relative addressing. If you have to use
-#    GOTPCREL addressing, stick to mov symbol@GOTPCREL(%rip),%r??.
-#    Both are recognized and translated to proper Win64 addressing
-#    modes. To support legacy code a synthetic directive, .picmeup,
-#    is implemented. It puts address of the *next* instruction into
-#    target register, e.g.:
-#
-#		.picmeup	%rax
-#		lea		.Label-.(%rax),%rax
-#
-# 8. In order to provide for structured exception handling unified
-#    Win64 prologue copies %rsp value to %rax. For further details
-#    see SEH paragraph at the end.
-# 9. .init segment is allowed to contain calls to functions only.
-# a. If function accepts more than 4 arguments *and* >4th argument
-#    is declared as non 64-bit value, do clear its upper part.
-
-my $flavour = shift;
-my $output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-open STDOUT,">$output" || die "can't open $output: $!"
-	if (defined($output));
-
-my $gas=1;	$gas=0 if ($output =~ /\.asm$/);
-my $elf=1;	$elf=0 if (!$gas);
-my $win64=0;
-my $prefix="";
-my $decor=".L";
-
-my $masmref=8 + 50727*2**-32;	# 8.00.50727 shipped with VS2005
-my $masm=0;
-my $PTR=" PTR";
-
-my $nasmref=2.03;
-my $nasm=0;
-
-if    ($flavour eq "mingw64")	{ $gas=1; $elf=0; $win64=1;
-				  $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`;
-				  chomp($prefix);
-				}
-elsif ($flavour eq "macosx")	{ $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
-elsif ($flavour eq "masm")	{ $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
-elsif ($flavour eq "nasm")	{ $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
-elsif (!$gas)
-{   if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
-    {	$nasm = $1 + $2*0.01; $PTR="";  }
-    elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
-    {	$masm = $1 + $2*2**-16 + $4*2**-32;   }
-    die "no assembler found on %PATH" if (!($nasm || $masm));
-    $win64=1;
-    $elf=0;
-    $decor="\$L\$";
-}
-
-my $current_segment;
-my $current_function;
-my %globals;
-
-{ package opcode;	# pick up opcodes
-    sub re {
-	my	$self = shift;	# single instance in enough...
-	local	*line = shift;
-	undef	$ret;
-
-	if ($line =~ /^([a-z][a-z0-9]*)/i) {
-	    $self->{op} = $1;
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-
-	    undef $self->{sz};
-	    if ($self->{op} =~ /^(movz)x?([bw]).*/) {	# movz is pain...
-		$self->{op} = $1;
-		$self->{sz} = $2;
-	    } elsif ($self->{op} =~ /call|jmp/) {
-		$self->{sz} = "";
-	    } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
-		$self->{sz} = "";
-	    } elsif ($self->{op} =~ /^v/) { # VEX
-		$self->{sz} = "";
-	    } elsif ($self->{op} =~ /mov[dq]/ && $line =~ /%xmm/) {
-		$self->{sz} = "";
-	    } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
-		$self->{op} = $1;
-		$self->{sz} = $2;
-	    }
-	}
-	$ret;
-    }
-    sub size {
-	my $self = shift;
-	my $sz   = shift;
-	$self->{sz} = $sz if (defined($sz) && !defined($self->{sz}));
-	$self->{sz};
-    }
-    sub out {
-	my $self = shift;
-	if ($gas) {
-	    if ($self->{op} eq "movz") {	# movz is pain...
-		sprintf "%s%s%s",$self->{op},$self->{sz},shift;
-	    } elsif ($self->{op} =~ /^set/) { 
-		"$self->{op}";
-	    } elsif ($self->{op} eq "ret") {
-		my $epilogue = "";
-		if ($win64 && $current_function->{abi} eq "svr4") {
-		    $epilogue = "movq	8(%rsp),%rdi\n\t" .
-				"movq	16(%rsp),%rsi\n\t";
-		}
-	    	$epilogue . ".byte	0xf3,0xc3";
-	    } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
-		".p2align\t3\n\t.quad";
-	    } else {
-		"$self->{op}$self->{sz}";
-	    }
-	} else {
-	    $self->{op} =~ s/^movz/movzx/;
-	    if ($self->{op} eq "ret") {
-		$self->{op} = "";
-		if ($win64 && $current_function->{abi} eq "svr4") {
-		    $self->{op} = "mov	rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
-				  "mov	rsi,QWORD${PTR}[16+rsp]\n\t";
-	    	}
-		$self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
-	    } elsif ($self->{op} =~ /^(pop|push)f/) {
-		$self->{op} .= $self->{sz};
-	    } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
-		$self->{op} = "\tDQ";
-	    } 
-	    $self->{op};
-	}
-    }
-    sub mnemonic {
-	my $self=shift;
-	my $op=shift;
-	$self->{op}=$op if (defined($op));
-	$self->{op};
-    }
-}
-{ package const;	# pick up constants, which start with $
-    sub re {
-	my	$self = shift;	# single instance in enough...
-	local	*line = shift;
-	undef	$ret;
-
-	if ($line =~ /^\$([^,]+)/) {
-	    $self->{value} = $1;
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-	}
-	$ret;
-    }
-    sub out {
-    	my $self = shift;
-
-	if ($gas) {
-	    # Solaris /usr/ccs/bin/as can't handle multiplications
-	    # in $self->{value}
-	    $self->{value} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
-	    $self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
-	    sprintf "\$%s",$self->{value};
-	} else {
-	    $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
-	    $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
-	    sprintf "%s",$self->{value};
-	}
-    }
-}
-{ package ea;		# pick up effective addresses: expr(%reg,%reg,scale)
-    sub re {
-	my	$self = shift;	# single instance in enough...
-	local	*line = shift;
-	undef	$ret;
-
-	# optional * ---vvv--- appears in indirect jmp/call
-	if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
-	    $self->{asterisk} = $1;
-	    $self->{label} = $2;
-	    ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
-	    $self->{scale} = 1 if (!defined($self->{scale}));
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-
-	    if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
-		die if (opcode->mnemonic() ne "mov");
-		opcode->mnemonic("lea");
-	    }
-	    $self->{base}  =~ s/^%//;
-	    $self->{index} =~ s/^%// if (defined($self->{index}));
-	}
-	$ret;
-    }
-    sub size {}
-    sub out {
-    	my $self = shift;
-	my $sz = shift;
-
-	$self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
-	$self->{label} =~ s/\.L/$decor/g;
-
-	# Silently convert all EAs to 64-bit. This is required for
-	# elder GNU assembler and results in more compact code,
-	# *but* most importantly AES module depends on this feature!
-	$self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
-	$self->{base}  =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
-
-	# Solaris /usr/ccs/bin/as can't handle multiplications
-	# in $self->{label}, new gas requires sign extension...
-	use integer;
-	$self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
-	$self->{label} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
-	$self->{label} =~ s/([0-9]+)/$1<<32>>32/eg;
-
-	if ($gas) {
-	    $self->{label} =~ s/^___imp_/__imp__/   if ($flavour eq "mingw64");
-
-	    if (defined($self->{index})) {
-		sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
-					$self->{label},
-					$self->{base}?"%$self->{base}":"",
-					$self->{index},$self->{scale};
-	    } else {
-		sprintf "%s%s(%%%s)",	$self->{asterisk},$self->{label},$self->{base};
-	    }
-	} else {
-	    %szmap = (	b=>"BYTE$PTR", w=>"WORD$PTR", l=>"DWORD$PTR",
-	    		q=>"QWORD$PTR",o=>"OWORD$PTR",x=>"XMMWORD$PTR" );
-
-	    $self->{label} =~ s/\./\$/g;
-	    $self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
-	    $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
-	    $sz="q" if ($self->{asterisk} || opcode->mnemonic() eq "movq");
-	    $sz="l" if (opcode->mnemonic() eq "movd");
-
-	    if (defined($self->{index})) {
-		sprintf "%s[%s%s*%d%s]",$szmap{$sz},
-					$self->{label}?"$self->{label}+":"",
-					$self->{index},$self->{scale},
-					$self->{base}?"+$self->{base}":"";
-	    } elsif ($self->{base} eq "rip") {
-		sprintf "%s[%s]",$szmap{$sz},$self->{label};
-	    } else {
-		sprintf "%s[%s%s]",$szmap{$sz},
-					$self->{label}?"$self->{label}+":"",
-					$self->{base};
-	    }
-	}
-    }
-}
-{ package register;	# pick up registers, which start with %.
-    sub re {
-	my	$class = shift;	# muliple instances...
-	my	$self = {};
-	local	*line = shift;
-	undef	$ret;
-
-	# optional * ---vvv--- appears in indirect jmp/call
-	if ($line =~ /^(\*?)%(\w+)/) {
-	    bless $self,$class;
-	    $self->{asterisk} = $1;
-	    $self->{value} = $2;
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-	}
-	$ret;
-    }
-    sub size {
-	my	$self = shift;
-	undef	$ret;
-
-	if    ($self->{value} =~ /^r[\d]+b$/i)	{ $ret="b"; }
-	elsif ($self->{value} =~ /^r[\d]+w$/i)	{ $ret="w"; }
-	elsif ($self->{value} =~ /^r[\d]+d$/i)	{ $ret="l"; }
-	elsif ($self->{value} =~ /^r[\w]+$/i)	{ $ret="q"; }
-	elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; }
-	elsif ($self->{value} =~ /^[\w]{2}l$/i)	{ $ret="b"; }
-	elsif ($self->{value} =~ /^[\w]{2}$/i)	{ $ret="w"; }
-	elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; }
-
-	$ret;
-    }
-    sub out {
-    	my $self = shift;
-	if ($gas)	{ sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
-	else		{ $self->{value}; }
-    }
-}
-{ package label;	# pick up labels, which end with :
-    sub re {
-	my	$self = shift;	# single instance is enough...
-	local	*line = shift;
-	undef	$ret;
-
-	if ($line =~ /(^[\.\w]+)\:/) {
-	    $self->{value} = $1;
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-
-	    $self->{value} =~ s/^\.L/$decor/;
-	}
-	$ret;
-    }
-    sub out {
-	my $self = shift;
-
-	if ($gas) {
-	    my $func = ($globals{$self->{value}} or $self->{value}) . ":";
-	    if ($win64	&&
-			$current_function->{name} eq $self->{value} &&
-			$current_function->{abi} eq "svr4") {
-		$func .= "\n";
-		$func .= "	movq	%rdi,8(%rsp)\n";
-		$func .= "	movq	%rsi,16(%rsp)\n";
-		$func .= "	movq	%rsp,%rax\n";
-		$func .= "${decor}SEH_begin_$current_function->{name}:\n";
-		my $narg = $current_function->{narg};
-		$narg=6 if (!defined($narg));
-		$func .= "	movq	%rcx,%rdi\n" if ($narg>0);
-		$func .= "	movq	%rdx,%rsi\n" if ($narg>1);
-		$func .= "	movq	%r8,%rdx\n"  if ($narg>2);
-		$func .= "	movq	%r9,%rcx\n"  if ($narg>3);
-		$func .= "	movq	40(%rsp),%r8\n" if ($narg>4);
-		$func .= "	movq	48(%rsp),%r9\n" if ($narg>5);
-	    }
-	    $func;
-	} elsif ($self->{value} ne "$current_function->{name}") {
-	    $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
-	    $self->{value} . ":";
-	} elsif ($win64 && $current_function->{abi} eq "svr4") {
-	    my $func =	"$current_function->{name}" .
-			($nasm ? ":" : "\tPROC $current_function->{scope}") .
-			"\n";
-	    $func .= "	mov	QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
-	    $func .= "	mov	QWORD${PTR}[16+rsp],rsi\n";
-	    $func .= "	mov	rax,rsp\n";
-	    $func .= "${decor}SEH_begin_$current_function->{name}:";
-	    $func .= ":" if ($masm);
-	    $func .= "\n";
-	    my $narg = $current_function->{narg};
-	    $narg=6 if (!defined($narg));
-	    $func .= "	mov	rdi,rcx\n" if ($narg>0);
-	    $func .= "	mov	rsi,rdx\n" if ($narg>1);
-	    $func .= "	mov	rdx,r8\n"  if ($narg>2);
-	    $func .= "	mov	rcx,r9\n"  if ($narg>3);
-	    $func .= "	mov	r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
-	    $func .= "	mov	r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
-	    $func .= "\n";
-	} else {
-	   "$current_function->{name}".
-			($nasm ? ":" : "\tPROC $current_function->{scope}");
-	}
-    }
-}
-{ package expr;		# pick up expressioins
-    sub re {
-	my	$self = shift;	# single instance is enough...
-	local	*line = shift;
-	undef	$ret;
-
-	if ($line =~ /(^[^,]+)/) {
-	    $self->{value} = $1;
-	    $ret = $self;
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-
-	    $self->{value} =~ s/\@PLT// if (!$elf);
-	    $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
-	    $self->{value} =~ s/\.L/$decor/g;
-	}
-	$ret;
-    }
-    sub out {
-	my $self = shift;
-	if ($nasm && opcode->mnemonic()=~m/^j/) {
-	    "NEAR ".$self->{value};
-	} else {
-	    $self->{value};
-	}
-    }
-}
-{ package directive;	# pick up directives, which start with .
-    sub re {
-	my	$self = shift;	# single instance is enough...
-	local	*line = shift;
-	undef	$ret;
-	my	$dir;
-	my	%opcode =	# lea 2f-1f(%rip),%dst; 1: nop; 2:
-		(	"%rax"=>0x01058d48,	"%rcx"=>0x010d8d48,
-			"%rdx"=>0x01158d48,	"%rbx"=>0x011d8d48,
-			"%rsp"=>0x01258d48,	"%rbp"=>0x012d8d48,
-			"%rsi"=>0x01358d48,	"%rdi"=>0x013d8d48,
-			"%r8" =>0x01058d4c,	"%r9" =>0x010d8d4c,
-			"%r10"=>0x01158d4c,	"%r11"=>0x011d8d4c,
-			"%r12"=>0x01258d4c,	"%r13"=>0x012d8d4c,
-			"%r14"=>0x01358d4c,	"%r15"=>0x013d8d4c	);
-
-	if ($line =~ /^\s*(\.\w+)/) {
-	    $dir = $1;
-	    $ret = $self;
-	    undef $self->{value};
-	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
-
-	    SWITCH: for ($dir) {
-		/\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
-			    		$dir="\t.long";
-					$line=sprintf "0x%x,0x90000000",$opcode{$1};
-				    }
-				    last;
-				  };
-		/\.global|\.globl|\.extern/
-			    && do { $globals{$line} = $prefix . $line;
-				    $line = $globals{$line} if ($prefix);
-				    last;
-				  };
-		/\.type/    && do { ($sym,$type,$narg) = split(',',$line);
-				    if ($type eq "\@function") {
-					undef $current_function;
-					$current_function->{name} = $sym;
-					$current_function->{abi}  = "svr4";
-					$current_function->{narg} = $narg;
-					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
-				    } elsif ($type eq "\@abi-omnipotent") {
-					undef $current_function;
-					$current_function->{name} = $sym;
-					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
-				    }
-				    $line =~ s/\@abi\-omnipotent/\@function/;
-				    $line =~ s/\@function.*/\@function/;
-				    last;
-				  };
-		/\.asciz/   && do { if ($line =~ /^"(.*)"$/) {
-					$dir  = ".byte";
-					$line = join(",",unpack("C*",$1),0);
-				    }
-				    last;
-				  };
-		/\.rva|\.long|\.quad/
-			    && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
-				    $line =~ s/\.L/$decor/g;
-				    last;
-				  };
-	    }
-
-	    if ($gas) {
-		$self->{value} = $dir . "\t" . $line;
-
-		if ($dir =~ /\.extern/) {
-		    $self->{value} = ""; # swallow extern
-		} elsif (!$elf && $dir =~ /\.type/) {
-		    $self->{value} = "";
-		    $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
-				(defined($globals{$1})?".scl 2;":".scl 3;") .
-				"\t.type 32;\t.endef"
-				if ($win64 && $line =~ /([^,]+),\@function/);
-		} elsif (!$elf && $dir =~ /\.size/) {
-		    $self->{value} = "";
-		    if (defined($current_function)) {
-			$self->{value} .= "${decor}SEH_end_$current_function->{name}:"
-				if ($win64 && $current_function->{abi} eq "svr4");
-			undef $current_function;
-		    }
-		} elsif (!$elf && $dir =~ /\.align/) {
-		    $self->{value} = ".p2align\t" . (log($line)/log(2));
-		} elsif ($dir eq ".section") {
-		    $current_segment=$line;
-		    if (!$elf && $current_segment eq ".init") {
-			if	($flavour eq "macosx")	{ $self->{value} = ".mod_init_func"; }
-			elsif	($flavour eq "mingw64")	{ $self->{value} = ".section\t.ctors"; }
-		    }
-		} elsif ($dir =~ /\.(text|data)/) {
-		    $current_segment=".$1";
-		} elsif ($dir =~ /\.hidden/) {
-		    if    ($flavour eq "macosx")  { $self->{value} = ".private_extern\t$prefix$line"; }
-		    elsif ($flavour eq "mingw64") { $self->{value} = ""; }
-		} elsif ($dir =~ /\.comm/) {
-		    $self->{value} = "$dir\t$prefix$line";
-		    $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
-		}
-		$line = "";
-		return $self;
-	    }
-
-	    # non-gas case or nasm/masm
-	    SWITCH: for ($dir) {
-		/\.text/    && do { my $v=undef;
-				    if ($nasm) {
-					$v="section	.text code align=64\n";
-				    } else {
-					$v="$current_segment\tENDS\n" if ($current_segment);
-					$current_segment = ".text\$";
-					$v.="$current_segment\tSEGMENT ";
-					$v.=$masm>=$masmref ? "ALIGN(64)" : "PAGE";
-					$v.=" 'CODE'";
-				    }
-				    $self->{value} = $v;
-				    last;
-				  };
-		/\.data/    && do { my $v=undef;
-				    if ($nasm) {
-					$v="section	.data data align=8\n";
-				    } else {
-					$v="$current_segment\tENDS\n" if ($current_segment);
-					$current_segment = "_DATA";
-					$v.="$current_segment\tSEGMENT";
-				    }
-				    $self->{value} = $v;
-				    last;
-				  };
-		/\.section/ && do { my $v=undef;
-				    $line =~ s/([^,]*).*/$1/;
-				    $line = ".CRT\$XCU" if ($line eq ".init");
-				    if ($nasm) {
-					$v="section	$line";
-					if ($line=~/\.([px])data/) {
-					    $v.=" rdata align=";
-					    $v.=$1 eq "p"? 4 : 8;
-					} elsif ($line=~/\.CRT\$/i) {
-					    $v.=" rdata align=8";
-					}
-				    } else {
-					$v="$current_segment\tENDS\n" if ($current_segment);
-					$v.="$line\tSEGMENT";
-					if ($line=~/\.([px])data/) {
-					    $v.=" READONLY";
-					    $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
-					} elsif ($line=~/\.CRT\$/i) {
-					    $v.=" READONLY ";
-					    $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
-					}
-				    }
-				    $current_segment = $line;
-				    $self->{value} = $v;
-				    last;
-				  };
-		/\.extern/  && do { $self->{value}  = "EXTERN\t".$line;
-				    $self->{value} .= ":NEAR" if ($masm);
-				    last;
-				  };
-		/\.globl|.global/
-			    && do { $self->{value}  = $masm?"PUBLIC":"global";
-				    $self->{value} .= "\t".$line;
-				    last;
-				  };
-		/\.size/    && do { if (defined($current_function)) {
-					undef $self->{value};
-					if ($current_function->{abi} eq "svr4") {
-					    $self->{value}="${decor}SEH_end_$current_function->{name}:";
-					    $self->{value}.=":\n" if($masm);
-					}
-					$self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
-					undef $current_function;
-				    }
-				    last;
-				  };
-		/\.align/   && do { $self->{value} = "ALIGN\t".$line; last; };
-		/\.(value|long|rva|quad)/
-			    && do { my $sz  = substr($1,0,1);
-				    my @arr = split(/,\s*/,$line);
-				    my $last = pop(@arr);
-				    my $conv = sub  {	my $var=shift;
-							$var=~s/^(0b[0-1]+)/oct($1)/eig;
-							$var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
-							if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
-							{ $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
-							$var;
-						    };  
-
-				    $sz =~ tr/bvlrq/BWDDQ/;
-				    $self->{value} = "\tD$sz\t";
-				    for (@arr) { $self->{value} .= &$conv($_).","; }
-				    $self->{value} .= &$conv($last);
-				    last;
-				  };
-		/\.byte/    && do { my @str=split(/,\s*/,$line);
-				    map(s/(0b[0-1]+)/oct($1)/eig,@str);
-				    map(s/0x([0-9a-f]+)/0$1h/ig,@str) if ($masm);	
-				    while ($#str>15) {
-					$self->{value}.="DB\t"
-						.join(",",@str[0..15])."\n";
-					foreach (0..15) { shift @str; }
-				    }
-				    $self->{value}.="DB\t"
-						.join(",",@str) if (@str);
-				    last;
-				  };
-		/\.comm/    && do { my @str=split(/,\s*/,$line);
-				    my $v=undef;
-				    if ($nasm) {
-					$v.="common	$prefix@str[0] @str[1]";
-				    } else {
-					$v="$current_segment\tENDS\n" if ($current_segment);
-					$current_segment = "_DATA";
-					$v.="$current_segment\tSEGMENT\n";
-					$v.="COMM	@str[0]:DWORD:".@str[1]/4;
-				    }
-				    $self->{value} = $v;
-				    last;
-				  };
-	    }
-	    $line = "";
-	}
-
-	$ret;
-    }
-    sub out {
-	my $self = shift;
-	$self->{value};
-    }
-}
-
-sub rex {
- local *opcode=shift;
- my ($dst,$src,$rex)=@_;
-
-   $rex|=0x04 if($dst>=8);
-   $rex|=0x01 if($src>=8);
-   push @opcode,($rex|0x40) if ($rex);
-}
-
-# older gas and ml64 don't handle SSE>2 instructions
-my %regrm = (	"%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
-		"%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7	);
-
-if ($flavour ne "openbsd") {
-
-$movq = sub {	# elderly gas can't handle inter-register movq
-  my $arg = shift;
-  my @opcode=(0x66);
-    if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
-	my ($src,$dst)=($1,$2);
-	if ($dst !~ /[0-9]+/)	{ $dst = $regrm{"%e$dst"}; }
-	rex(\@opcode,$src,$dst,0x8);
-	push @opcode,0x0f,0x7e;
-	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
-	@opcode;
-    } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
-	my ($src,$dst)=($2,$1);
-	if ($dst !~ /[0-9]+/)	{ $dst = $regrm{"%e$dst"}; }
-	rex(\@opcode,$src,$dst,0x8);
-	push @opcode,0x0f,0x6e;
-	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
-	@opcode;
-    } else {
-	();
-    }
-};
-
-}
-
-my $pextrd = sub {
-    if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
-      my @opcode=(0x66);
-	$imm=$1;
-	$src=$2;
-	$dst=$3;
-	if ($dst =~ /%r([0-9]+)d/)	{ $dst = $1; }
-	elsif ($dst =~ /%e/)		{ $dst = $regrm{$dst}; }
-	rex(\@opcode,$src,$dst);
-	push @opcode,0x0f,0x3a,0x16;
-	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
-	push @opcode,$imm;
-	@opcode;
-    } else {
-	();
-    }
-};
-
-my $pinsrd = sub {
-    if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
-      my @opcode=(0x66);
-	$imm=$1;
-	$src=$2;
-	$dst=$3;
-	if ($src =~ /%r([0-9]+)/)	{ $src = $1; }
-	elsif ($src =~ /%e/)		{ $src = $regrm{$src}; }
-	rex(\@opcode,$dst,$src);
-	push @opcode,0x0f,0x3a,0x22;
-	push @opcode,0xc0|(($dst&7)<<3)|($src&7);	# ModR/M
-	push @opcode,$imm;
-	@opcode;
-    } else {
-	();
-    }
-};
-
-if ($flavour ne "openbsd") {
-
-$pshufb = sub {
-    if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
-      my @opcode=(0x66);
-	rex(\@opcode,$2,$1);
-	push @opcode,0x0f,0x38,0x00;
-	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
-	@opcode;
-    } else {
-	();
-    }
-};
-
-$palignr = sub {
-    if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
-      my @opcode=(0x66);
-	rex(\@opcode,$3,$2);
-	push @opcode,0x0f,0x3a,0x0f;
-	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
-	push @opcode,$1;
-	@opcode;
-    } else {
-	();
-    }
-};
-
-$pclmulqdq = sub {
-    if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
-      my @opcode=(0x66);
-	rex(\@opcode,$3,$2);
-	push @opcode,0x0f,0x3a,0x44;
-	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
-	my $c=$1;
-	push @opcode,$c=~/^0/?oct($c):$c;
-	@opcode;
-    } else {
-	();
-    }
-};
-
-}
-
-if ($nasm) {
-    print <<___;
-default	rel
-%define XMMWORD
-___
-} elsif ($masm) {
-    print <<___;
-OPTION	DOTNAME
-___
-}
-while($line=<>) {
-
-    chomp($line);
-
-    $line =~ s|[#!].*$||;	# get rid of asm-style comments...
-    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
-    $line =~ s|^\s+||;		# ... and skip white spaces in beginning
-
-    undef $label;
-    undef $opcode;
-    undef @args;
-
-    if ($label=label->re(\$line))	{ print $label->out(); }
-
-    if (directive->re(\$line)) {
-	printf "%s",directive->out();
-    } elsif ($opcode=opcode->re(\$line)) {
-	my $asm = eval("\$".$opcode->mnemonic());
-	undef @bytes;
-	
-	if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
-	    print $gas?".byte\t":"DB\t",join(',',@bytes),"\n";
-	    next;
-	}
-
-	ARGUMENT: while (1) {
-	my $arg;
-
-	if ($arg=register->re(\$line))	{ opcode->size($arg->size()); }
-	elsif ($arg=const->re(\$line))	{ }
-	elsif ($arg=ea->re(\$line))	{ }
-	elsif ($arg=expr->re(\$line))	{ }
-	else				{ last ARGUMENT; }
-
-	push @args,$arg;
-
-	last ARGUMENT if ($line !~ /^,/);
-
-	$line =~ s/^,\s*//;
-	} # ARGUMENT:
-
-	if ($#args>=0) {
-	    my $insn;
-	    my $sz=opcode->size();
-
-	    if ($gas) {
-		$insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
-		@args = map($_->out($sz),@args);
-		printf "\t%s\t%s",$insn,join(",",@args);
-	    } else {
-		$insn = $opcode->out();
-		foreach (@args) {
-		    my $arg = $_->out();
-		    # $insn.=$sz compensates for movq, pinsrw, ...
-		    if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
-		    if ($arg =~ /^mm[0-9]+$/)  { $insn.=$sz; $sz="q" if(!$sz); last; }
-		}
-		@args = reverse(@args);
-		undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
-		printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args));
-	    }
-	} else {
-	    printf "\t%s",$opcode->out();
-	}
-    }
-
-    print $line,"\n";
-}
-
-print "\n$current_segment\tENDS\n"	if ($current_segment && $masm);
-print "END\n"				if ($masm);
-
-close STDOUT;
-
-#################################################
-# Cross-reference x86_64 ABI "card"
-#
-# 		Unix		Win64
-# %rax		*		*
-# %rbx		-		-
-# %rcx		#4		#1
-# %rdx		#3		#2
-# %rsi		#2		-
-# %rdi		#1		-
-# %rbp		-		-
-# %rsp		-		-
-# %r8		#5		#3
-# %r9		#6		#4
-# %r10		*		*
-# %r11		*		*
-# %r12		-		-
-# %r13		-		-
-# %r14		-		-
-# %r15		-		-
-# 
-# (*)	volatile register
-# (-)	preserved by callee
-# (#)	Nth argument, volatile
-#
-# In Unix terms top of stack is argument transfer area for arguments
-# which could not be accomodated in registers. Or in other words 7th
-# [integer] argument resides at 8(%rsp) upon function entry point.
-# 128 bytes above %rsp constitute a "red zone" which is not touched
-# by signal handlers and can be used as temporal storage without
-# allocating a frame.
-#
-# In Win64 terms N*8 bytes on top of stack is argument transfer area,
-# which belongs to/can be overwritten by callee. N is the number of
-# arguments passed to callee, *but* not less than 4! This means that
-# upon function entry point 5th argument resides at 40(%rsp), as well
-# as that 32 bytes from 8(%rsp) can always be used as temporal
-# storage [without allocating a frame]. One can actually argue that
-# one can assume a "red zone" above stack pointer under Win64 as well.
-# Point is that at apparently no occasion Windows kernel would alter
-# the area above user stack pointer in true asynchronous manner...
-#
-# All the above means that if assembler programmer adheres to Unix
-# register and stack layout, but disregards the "red zone" existense,
-# it's possible to use following prologue and epilogue to "gear" from
-# Unix to Win64 ABI in leaf functions with not more than 6 arguments.
-#
-# omnipotent_function:
-# ifdef WIN64
-#	movq	%rdi,8(%rsp)
-#	movq	%rsi,16(%rsp)
-#	movq	%rcx,%rdi	; if 1st argument is actually present
-#	movq	%rdx,%rsi	; if 2nd argument is actually ...
-#	movq	%r8,%rdx	; if 3rd argument is ...
-#	movq	%r9,%rcx	; if 4th argument ...
-#	movq	40(%rsp),%r8	; if 5th ...
-#	movq	48(%rsp),%r9	; if 6th ...
-# endif
-#	...
-# ifdef WIN64
-#	movq	8(%rsp),%rdi
-#	movq	16(%rsp),%rsi
-# endif
-#	ret
-#
-#################################################
-# Win64 SEH, Structured Exception Handling.
-#
-# Unlike on Unix systems(*) lack of Win64 stack unwinding information
-# has undesired side-effect at run-time: if an exception is raised in
-# assembler subroutine such as those in question (basically we're
-# referring to segmentation violations caused by malformed input
-# parameters), the application is briskly terminated without invoking
-# any exception handlers, most notably without generating memory dump
-# or any user notification whatsoever. This poses a problem. It's
-# possible to address it by registering custom language-specific
-# handler that would restore processor context to the state at
-# subroutine entry point and return "exception is not handled, keep
-# unwinding" code. Writing such handler can be a challenge... But it's
-# doable, though requires certain coding convention. Consider following
-# snippet:
-#
-# .type	function,@function
-# function:
-#	movq	%rsp,%rax	# copy rsp to volatile register
-#	pushq	%r15		# save non-volatile registers
-#	pushq	%rbx
-#	pushq	%rbp
-#	movq	%rsp,%r11
-#	subq	%rdi,%r11	# prepare [variable] stack frame
-#	andq	$-64,%r11
-#	movq	%rax,0(%r11)	# check for exceptions
-#	movq	%r11,%rsp	# allocate [variable] stack frame
-#	movq	%rax,0(%rsp)	# save original rsp value
-# magic_point:
-#	...
-#	movq	0(%rsp),%rcx	# pull original rsp value
-#	movq	-24(%rcx),%rbp	# restore non-volatile registers
-#	movq	-16(%rcx),%rbx
-#	movq	-8(%rcx),%r15
-#	movq	%rcx,%rsp	# restore original rsp
-#	ret
-# .size function,.-function
-#
-# The key is that up to magic_point copy of original rsp value remains
-# in chosen volatile register and no non-volatile register, except for
-# rsp, is modified. While past magic_point rsp remains constant till
-# the very end of the function. In this case custom language-specific
-# exception handler would look like this:
-#
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-# {	ULONG64 *rsp = (ULONG64 *)context->Rax;
-#	if (context->Rip >= magic_point)
-#	{   rsp = ((ULONG64 **)context->Rsp)[0];
-#	    context->Rbp = rsp[-3];
-#	    context->Rbx = rsp[-2];
-#	    context->R15 = rsp[-1];
-#	}
-#	context->Rsp = (ULONG64)rsp;
-#	context->Rdi = rsp[1];
-#	context->Rsi = rsp[2];
-#
-#	memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
-#	RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
-#		dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
-#		&disp->HandlerData,&disp->EstablisherFrame,NULL);
-#	return ExceptionContinueSearch;
-# }
-#
-# It's appropriate to implement this handler in assembler, directly in
-# function's module. In order to do that one has to know members'
-# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
-# values. Here they are:
-#
-#	CONTEXT.Rax				120
-#	CONTEXT.Rcx				128
-#	CONTEXT.Rdx				136
-#	CONTEXT.Rbx				144
-#	CONTEXT.Rsp				152
-#	CONTEXT.Rbp				160
-#	CONTEXT.Rsi				168
-#	CONTEXT.Rdi				176
-#	CONTEXT.R8				184
-#	CONTEXT.R9				192
-#	CONTEXT.R10				200
-#	CONTEXT.R11				208
-#	CONTEXT.R12				216
-#	CONTEXT.R13				224
-#	CONTEXT.R14				232
-#	CONTEXT.R15				240
-#	CONTEXT.Rip				248
-#	CONTEXT.Xmm6				512
-#	sizeof(CONTEXT)				1232
-#	DISPATCHER_CONTEXT.ControlPc		0
-#	DISPATCHER_CONTEXT.ImageBase		8
-#	DISPATCHER_CONTEXT.FunctionEntry	16
-#	DISPATCHER_CONTEXT.EstablisherFrame	24
-#	DISPATCHER_CONTEXT.TargetIp		32
-#	DISPATCHER_CONTEXT.ContextRecord	40
-#	DISPATCHER_CONTEXT.LanguageHandler	48
-#	DISPATCHER_CONTEXT.HandlerData		56
-#	UNW_FLAG_NHANDLER			0
-#	ExceptionContinueSearch			1
-#
-# In order to tie the handler to the function one has to compose
-# couple of structures: one for .xdata segment and one for .pdata.
-#
-# UNWIND_INFO structure for .xdata segment would be
-#
-# function_unwind_info:
-#	.byte	9,0,0,0
-#	.rva	handler
-#
-# This structure designates exception handler for a function with
-# zero-length prologue, no stack frame or frame register.
-#
-# To facilitate composing of .pdata structures, auto-generated "gear"
-# prologue copies rsp value to rax and denotes next instruction with
-# .LSEH_begin_{function_name} label. This essentially defines the SEH
-# styling rule mentioned in the beginning. Position of this label is
-# chosen in such manner that possible exceptions raised in the "gear"
-# prologue would be accounted to caller and unwound from latter's frame.
-# End of function is marked with respective .LSEH_end_{function_name}
-# label. To summarize, .pdata segment would contain
-#
-#	.rva	.LSEH_begin_function
-#	.rva	.LSEH_end_function
-#	.rva	function_unwind_info
-#
-# Reference to functon_unwind_info from .xdata segment is the anchor.
-# In case you wonder why references are 32-bit .rvas and not 64-bit
-# .quads. References put into these two segments are required to be
-# *relative* to the base address of the current binary module, a.k.a.
-# image base. No Win64 module, be it .exe or .dll, can be larger than
-# 2GB and thus such relative references can be and are accommodated in
-# 32 bits.
-#
-# Having reviewed the example function code, one can argue that "movq
-# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
-# rax would contain an undefined value. If this "offends" you, use
-# another register and refrain from modifying rax till magic_point is
-# reached, i.e. as if it was a non-volatile register. If more registers
-# are required prior [variable] frame setup is completed, note that
-# nobody says that you can have only one "magic point." You can
-# "liberate" non-volatile registers by denoting last stack off-load
-# instruction and reflecting it in finer grade unwind logic in handler.
-# After all, isn't it why it's called *language-specific* handler...
-#
-# Attentive reader can notice that exceptions would be mishandled in
-# auto-generated "gear" epilogue. Well, exception effectively can't
-# occur there, because if memory area used by it was subject to
-# segmentation violation, then it would be raised upon call to the
-# function (and as already mentioned be accounted to caller, which is
-# not a problem). If you're still not comfortable, then define tail
-# "magic point" just prior ret instruction and have handler treat it...
-#
-# (*)	Note that we're talking about run-time, not debug-time. Lack of
-#	unwind information makes debugging hard on both Windows and
-#	Unix. "Unlike" referes to the fact that on Unix signal handler
-#	will always be invoked, core dumped and appropriate exit code
-#	returned to parent (for user notification).
diff --git a/lib/libssl/src/crypto/perlasm/x86asm.pl b/lib/libssl/src/crypto/perlasm/x86asm.pl
deleted file mode 100644
index 5916ea4f893..00000000000
--- a/lib/libssl/src/crypto/perlasm/x86asm.pl
+++ /dev/null
@@ -1,256 +0,0 @@
-#!/usr/bin/env perl
-
-# require 'x86asm.pl';
-# &asm_init(<flavor>,"des-586.pl"[,$i386only]);
-# &function_begin("foo");
-# ...
-# &function_end("foo");
-# &asm_finish
-
-$out=();
-$i386=0;
-
-# AUTOLOAD is this context has quite unpleasant side effect, namely
-# that typos in function calls effectively go to assembler output,
-# but on the pros side we don't have to implement one subroutine per
-# each opcode...
-sub ::AUTOLOAD
-{ my $opcode = $AUTOLOAD;
-
-    die "more than 4 arguments passed to $opcode" if ($#_>3);
-
-    $opcode =~ s/.*:://;
-    if    ($opcode =~ /^push/) { $stack+=4; }
-    elsif ($opcode =~ /^pop/)  { $stack-=4; }
-
-    &generic($opcode,@_) or die "undefined subroutine \&$AUTOLOAD";
-}
-
-sub ::emit
-{ my $opcode=shift;
-
-    if ($#_==-1)    { push(@out,"\t$opcode\n");				}
-    else            { push(@out,"\t$opcode\t".join(',',@_)."\n");	}
-}
-
-sub ::emitraw
-{ my $opcode=shift;
-
-    if ($#_==-1)    { push(@out,"$opcode\n");				}
-    else            { push(@out,"$opcode\t".join(',',@_)."\n");	}
-}
-
-sub ::LB
-{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'";
-  $1."l";
-}
-sub ::HB
-{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'";
-  $1."h";
-}
-sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num);	}
-sub ::stack_pop	{ my $num=$_[0]*4; $stack-=$num; &add("esp",$num);	}
-sub ::blindpop	{ &pop($_[0]); $stack+=4;				}
-sub ::wparam	{ &DWP($stack+4*$_[0],"esp");				}
-sub ::swtmp	{ &DWP(4*$_[0],"esp");					}
-
-sub ::bswap
-{   if ($i386)	# emulate bswap for i386
-    {	&comment("bswap @_");
-	&xchg(&HB(@_),&LB(@_));
-	&ror (@_,16);
-	&xchg(&HB(@_),&LB(@_));
-    }
-    else
-    {	&generic("bswap",@_);	}
-}
-# These are made-up opcodes introduced over the years essentially
-# by ignorance, just alias them to real ones...
-sub ::movb	{ &mov(@_);	}
-sub ::xorb	{ &xor(@_);	}
-sub ::rotl	{ &rol(@_);	}
-sub ::rotr	{ &ror(@_);	}
-sub ::exch	{ &xchg(@_);	}
-sub ::halt	{ &hlt;		}
-sub ::movz	{ &movzx(@_);	}
-sub ::pushf	{ &pushfd;	}
-sub ::popf	{ &popfd;	}
-
-# 3 argument instructions
-sub ::movq
-{ my($p1,$p2,$optimize)=@_;
-
-    if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/)
-    # movq between mmx registers can sink Intel CPUs
-    {	&::pshufw($p1,$p2,0xe4);		}
-    else
-    {	&::generic("movq",@_);			}
-}
-
-# SSE>2 instructions
-my %regrm = (	"eax"=>0, "ecx"=>1, "edx"=>2, "ebx"=>3,
-		"esp"=>4, "ebp"=>5, "esi"=>6, "edi"=>7	);
-sub ::pextrd
-{ my($dst,$src,$imm)=@_;
-    if ("$dst:$src" =~ /(e[a-dsd][ixp]):xmm([0-7])/)
-    {	&::data_byte(0x66,0x0f,0x3a,0x16,0xc0|($2<<3)|$regrm{$1},$imm);	}
-    else
-    {	&::generic("pextrd",@_);		}
-}
-
-sub ::pinsrd
-{ my($dst,$src,$imm)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):(e[a-dsd][ixp])/)
-    {	&::data_byte(0x66,0x0f,0x3a,0x22,0xc0|($1<<3)|$regrm{$2},$imm);	}
-    else
-    {	&::generic("pinsrd",@_);		}
-}
-
-sub ::pshufb
-{ my($dst,$src)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
-    {	&data_byte(0x66,0x0f,0x38,0x00,0xc0|($1<<3)|$2);	}
-    else
-    {	&::generic("pshufb",@_);		}
-}
-
-sub ::palignr
-{ my($dst,$src,$imm)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
-    {	&::data_byte(0x66,0x0f,0x3a,0x0f,0xc0|($1<<3)|$2,$imm);	}
-    else
-    {	&::generic("palignr",@_);		}
-}
-
-sub ::pclmulqdq
-{ my($dst,$src,$imm)=@_;
-    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
-    {	&::data_byte(0x66,0x0f,0x3a,0x44,0xc0|($1<<3)|$2,$imm);	}
-    else
-    {	&::generic("pclmulqdq",@_);		}
-}
-
-# label management
-$lbdecor="L";		# local label decoration, set by package
-$label="000";
-
-sub ::islabel		# see is argument is a known label
-{ my $i;
-    foreach $i (values %label) { return $i if ($i eq $_[0]); }
-  $label{$_[0]};	# can be undef
-}
-
-sub ::label		# instantiate a function-scope label
-{   if (!defined($label{$_[0]}))
-    {	$label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++;   }
-  $label{$_[0]};
-}
-
-sub ::LABEL		# instantiate a file-scope label
-{   $label{$_[0]}=$_[1] if (!defined($label{$_[0]}));
-  $label{$_[0]};
-}
-
-sub ::static_label	{ &::LABEL($_[0],$lbdecor.$_[0]); }
-
-sub ::set_label_B	{ push(@out,"@_:\n"); }
-sub ::set_label
-{ my $label=&::label($_[0]);
-    &::align($_[1]) if ($_[1]>1);
-    &::set_label_B($label);
-  $label;
-}
-
-sub ::wipe_labels	# wipes function-scope labels
-{   foreach $i (keys %label)
-    {	delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/);	}
-}
-
-# subroutine management
-sub ::function_begin
-{   &function_begin_B(@_);
-    $stack=4;
-    &push("ebp");
-    &push("ebx");
-    &push("esi");
-    &push("edi");
-}
-
-sub ::function_end
-{   &pop("edi");
-    &pop("esi");
-    &pop("ebx");
-    &pop("ebp");
-    &ret();
-    &function_end_B(@_);
-    $stack=0;
-    &wipe_labels();
-}
-
-sub ::function_end_A
-{   &pop("edi");
-    &pop("esi");
-    &pop("ebx");
-    &pop("ebp");
-    &ret();
-    $stack+=16;	# readjust esp as if we didn't pop anything
-}
-
-sub ::asciz
-{ my @str=unpack("C*",shift);
-    push @str,0;
-    while ($#str>15) {
-	&data_byte(@str[0..15]);
-	foreach (0..15) { shift @str; }
-    }
-    &data_byte(@str) if (@str);
-}
-
-sub ::asm_finish
-{   &file_end();
-    print @out;
-}
-
-sub ::asm_init
-{ my ($type,$fn,$cpu)=@_;
-
-    $filename=$fn;
-    $i386=$cpu;
-
-    $elf=$cpp=$coff=$aout=$macosx=$win32=$openbsd=$android=0;
-    if    (($type eq "elf"))
-    {	$elf=1;			require "x86gas.pl";	}
-    elsif (($type eq "a\.out"))
-    {	$aout=1;		require "x86gas.pl";	}
-    elsif (($type eq "coff" or $type eq "gaswin"))
-    {	$coff=1;		require "x86gas.pl";	}
-    elsif (($type eq "macosx"))
-    {	$aout=1; $macosx=1;	require "x86gas.pl";	}
-    elsif (($type eq "openbsd-elf"))
-    {	$openbsd=$elf=1;	require "x86gas.pl";	}
-    elsif (($type eq "openbsd-a.out"))
-    {	$openbsd=1;		require "x86gas.pl";	}
-    elsif (($type eq "android"))
-    {	$elf=1; $android=1;	require "x86gas.pl";	}
-    else
-    {	print STDERR <<"EOF";
-Pick one target type from
-	elf	- Linux, FreeBSD, Solaris x86, etc.
-	a.out	- DJGPP, elder OpenBSD, etc.
-	coff	- GAS/COFF such as Win32 targets
-	openbsd-elf	- OpenBSD elf
-	openbsd-a.out	- OpenBSD a.out
-	macosx	- Mac OS X
-EOF
-	exit(1);
-    }
-
-    $pic=0;
-    for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
-
-    ::emitraw("#include <machine/asm.h>\n") if $openbsd;
-    $filename =~ s/\.pl$//;
-    &file($filename);
-}
-
-1;
diff --git a/lib/libssl/src/crypto/perlasm/x86gas.pl b/lib/libssl/src/crypto/perlasm/x86gas.pl
deleted file mode 100644
index d4baea514bd..00000000000
--- a/lib/libssl/src/crypto/perlasm/x86gas.pl
+++ /dev/null
@@ -1,272 +0,0 @@
-#!/usr/bin/env perl
-
-package x86gas;
-
-*out=\@::out;
-
-$::lbdecor=$::aout?"L":".L";		# local label decoration
-$nmdecor=($::aout or $::coff)?"_":"";	# external name decoration
-
-$initseg="";
-
-$align=16;
-$align=log($align)/log(2) if ($::aout);
-$com_start="#" if ($::aout or $::coff);
-
-sub opsize()
-{ my $reg=shift;
-    if    ($reg =~ m/^%e/o)		{ "l"; }
-    elsif ($reg =~ m/^%[a-d][hl]$/o)	{ "b"; }
-    elsif ($reg =~ m/^%[xm]/o)		{ undef; }
-    else				{ "w"; }
-}
-
-# swap arguments;
-# expand opcode with size suffix;
-# prefix numeric constants with $;
-sub ::generic
-{ my($opcode,@arg)=@_;
-  my($suffix,$dst,$src);
-
-    @arg=reverse(@arg);
-
-    for (@arg)
-    {	s/^(\*?)(e?[a-dsixphl]{2})$/$1%$2/o;	# gp registers
-	s/^([xy]?mm[0-7])$/%$1/o;		# xmm/mmx registers
-	s/^(\-?[0-9]+)$/\$$1/o;			# constants
-	s/^(\-?0x[0-9a-f]+)$/\$$1/o;		# constants
-    }
-
-    $dst = $arg[$#arg]		if ($#arg>=0);
-    $src = $arg[$#arg-1]	if ($#arg>=1);
-    if    ($dst =~ m/^%/o)	{ $suffix=&opsize($dst); }
-    elsif ($src =~ m/^%/o)	{ $suffix=&opsize($src); }
-    else			{ $suffix="l";           }
-    undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o);
-
-    if ($#_==0)				{ &::emit($opcode);		}
-    elsif ($#_==1 && $opcode =~ m/^(call|clflush|j|loop|set)/o)
-					{ &::emit($opcode,@arg);	}
-    else				{ &::emit($opcode.$suffix,@arg);}
-
-  1;
-}
-#
-# opcodes not covered by ::generic above, mostly inconsistent namings...
-#
-sub ::movzx	{ &::movzb(@_);			}
-sub ::pushfd	{ &::pushfl;			}
-sub ::popfd	{ &::popfl;			}
-sub ::cpuid	{ &::emit(".byte\t0x0f,0xa2");	}
-sub ::rdtsc	{ &::emit(".byte\t0x0f,0x31");	}
-
-sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
-sub ::call_ptr	{ &::generic("call","*$_[0]");	}
-sub ::jmp_ptr	{ &::generic("jmp","*$_[0]");	}
-
-*::bswap = sub	{ &::emit("bswap","%$_[0]");	} if (!$::i386);
-
-sub ::DWP
-{ my($addr,$reg1,$reg2,$idx)=@_;
-  my $ret="";
-
-    $addr =~ s/^\s+//;
-    # prepend global references with optional underscore
-    $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
-
-    $reg1 = "%$reg1" if ($reg1);
-    $reg2 = "%$reg2" if ($reg2);
-
-    $ret .= $addr if (($addr ne "") && ($addr ne 0));
-
-    if ($reg2)
-    {	$idx!= 0 or $idx=1;
-	$ret .= "($reg1,$reg2,$idx)";
-    }
-    elsif ($reg1)
-    {	$ret .= "($reg1)";	}
-
-  $ret;
-}
-sub ::QWP	{ &::DWP(@_);	}
-sub ::BP	{ &::DWP(@_);	}
-sub ::WP	{ &::DWP(@_);	}
-sub ::BC	{ @_;		}
-sub ::DWC	{ @_;		}
-
-sub ::file
-{   push(@out,".file\t\"$_[0].s\"\n.text\n");	}
-
-sub ::function_begin_B
-{ my $func=shift;
-  my $global=($func !~ /^_/);
-  my $begin="${::lbdecor}_${func}_begin";
-
-    &::LABEL($func,$global?"$begin":"$nmdecor$func");
-    $func=$nmdecor.$func;
-
-    push(@out,".globl\t$func\n")	if ($global);
-    if ($::coff)
-    {	push(@out,".def\t$func;\t.scl\t".(3-$global).";\t.type\t32;\t.endef\n"); }
-    elsif (($::aout and !$::pic) or $::macosx)
-    { }
-    else
-    {	push(@out,".type	$func,\@function\n"); }
-    push(@out,".align\t$align\n");
-    push(@out,"$func:\n");
-    push(@out,"$begin:\n")		if ($global);
-    $::stack=4;
-}
-
-sub ::function_end_B
-{ my $func=shift;
-    push(@out,".size\t$nmdecor$func,.-".&::LABEL($func)."\n") if ($::elf);
-    $::stack=0;
-    &::wipe_labels();
-}
-
-sub ::comment
-	{
-	if (!defined($com_start) or $::elf)
-		{	# Regarding $::elf above...
-			# GNU and SVR4 as'es use different comment delimiters,
-		push(@out,"\n");	# so we just skip ELF comments...
-		return;
-		}
-	foreach (@_)
-		{
-		if (/^\s*$/)
-			{ push(@out,"\n"); }
-		else
-			{ push(@out,"\t$com_start $_ $com_end\n"); }
-		}
-	}
-
-sub ::external_label
-{   foreach(@_) { &::LABEL($_,$nmdecor.$_); }   }
-
-sub ::public_label
-{   push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");   }
-
-sub ::file_end
-{   if ($::macosx)
-    {	if (%non_lazy_ptr)
-    	{   push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n");
-	    foreach $i (keys %non_lazy_ptr)
-	    {	push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n");   }
-	}
-    }
-    if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
-	my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,8";
-	if ($::macosx)	{ push (@out,"$tmp,2\n"); }
-	elsif ($::elf)	{ push (@out,"$tmp,4\n"); }
-	else		{ push (@out,"$tmp\n"); }
-    }
-    push(@out,$initseg) if ($initseg);
-}
-
-sub ::data_byte	{   push(@out,".byte\t".join(',',@_)."\n");   }
-sub ::data_short{   push(@out,".value\t".join(',',@_)."\n");  }
-sub ::data_word {   push(@out,".long\t".join(',',@_)."\n");   }
-
-sub ::align
-{ my $val=$_[0],$p2,$i;
-    if ($::aout)
-    {	for ($p2=0;$val!=0;$val>>=1) { $p2++; }
-	$val=$p2-1;
-	$val.=",0x90";
-    }
-    push(@out,".align\t$val\n");
-}
-
-sub ::picmeup
-{ my($dst,$sym,$base,$reflabel)=@_;
-
-    if ($::openbsd)
-    {  &::emitraw("#if defined(PIC) || defined(__PIC__)");
-       &::emitraw("PIC_PROLOGUE");
-       &::mov($dst, &::DWP("PIC_GOT($sym)"));
-       &::emitraw("PIC_EPILOGUE");
-       &::emitraw("#else /* PIC */");
-       &::lea($dst,&::DWP($sym));
-       &::emitraw("#endif /* PIC */");
-    }
-    if (($::pic && ($::elf || $::aout)) || $::macosx)
-    {	if (!defined($base))
-	{   &::call(&::label("PIC_me_up"));
-	    &::set_label("PIC_me_up");
-	    &::blindpop($dst);
-	    $base=$dst;
-	    $reflabel=&::label("PIC_me_up");
-	}
-	if ($::macosx)
-	{   my $indirect=&::static_label("$nmdecor$sym\$non_lazy_ptr");
-	    &::mov($dst,&::DWP("$indirect-$reflabel",$base));
-	    $non_lazy_ptr{"$nmdecor$sym"}=$indirect;
-	}
-	else
-	{   &::lea($dst,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]",
-			    $base));
-	    &::mov($dst,&::DWP("$sym\@GOT",$dst));
-	}
-    }
-    else
-    {	&::lea($dst,&::DWP($sym));	}
-}
-
-sub ::initseg
-{ my $f=$nmdecor.shift;
-
-    if ($::openbsd)
-    {	$initseg.=<<___;
-.section	.init
-PIC_PROLOGUE
-	call	PIC_PLT($f)
-PIC_EPILOGUE
-	jmp	.Linitalign
-.align	$align
-.Linitalign:
-___
-    } elsif ($::android)
-    {	$initseg.=<<___;
-.section	.init_array
-.align	4
-.long	$f
-___
-    }
-    elsif ($::elf)
-    {	$initseg.=<<___;
-.section	.init
-	call	$f
-___
-    }
-    elsif ($::coff)
-    {   $initseg.=<<___;	# applies to both Cygwin and Mingw
-.section	.ctors
-.long	$f
-___
-    }
-    elsif ($::macosx)
-    {	$initseg.=<<___;
-.mod_init_func
-.align 2
-.long   $f
-___
-    }
-    elsif ($::aout)
-    {	my $ctor="${nmdecor}_GLOBAL_\$I\$$f";
-	$initseg.=".text\n";
-	$initseg.=".type	$ctor,\@function\n" if ($::pic);
-	$initseg.=<<___;	# OpenBSD way...
-.globl	$ctor
-.align	2
-$ctor:
-	jmp	$f
-___
-    }
-}
-
-sub ::dataseg
-{   push(@out,".data\n");   }
-
-1;
diff --git a/lib/libssl/src/crypto/pkcs12/p12_add.c b/lib/libssl/src/crypto/pkcs12/p12_add.c
deleted file mode 100644
index cb7f72b3652..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_add.c
+++ /dev/null
@@ -1,266 +0,0 @@
-/* $OpenBSD: p12_add.c,v 1.13 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Pack an object into an OCTET STRING and turn into a safebag */
-
-PKCS12_SAFEBAG *
-PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it, int nid1, int nid2)
-{
-	PKCS12_BAGS *bag;
-	PKCS12_SAFEBAG *safebag;
-
-	if (!(bag = PKCS12_BAGS_new())) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	bag->type = OBJ_nid2obj(nid1);
-	if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG,
-		    ERR_R_MALLOC_FAILURE);
-		PKCS12_BAGS_free(bag);
-		return NULL;
-	}
-	if (!(safebag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG,
-		    ERR_R_MALLOC_FAILURE);
-		PKCS12_BAGS_free(bag);
-		return NULL;
-	}
-	safebag->value.bag = bag;
-	safebag->type = OBJ_nid2obj(nid2);
-	return safebag;
-}
-
-/* Turn PKCS8 object into a keybag */
-
-PKCS12_SAFEBAG *
-PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-{
-	PKCS12_SAFEBAG *bag;
-
-	if (!(bag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	bag->type = OBJ_nid2obj(NID_keyBag);
-	bag->value.keybag = p8;
-	return bag;
-}
-
-/* Turn PKCS8 object into a shrouded keybag */
-
-PKCS12_SAFEBAG *
-PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, int passlen,
-    unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
-{
-	PKCS12_SAFEBAG *bag;
-	const EVP_CIPHER *pbe_ciph;
-
-	/* Set up the safe bag */
-	if (!(bag = PKCS12_SAFEBAG_new())) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
-
-	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
-
-	if (pbe_ciph)
-		pbe_nid = -1;
-
-	if (!(bag->value.shkeybag = PKCS8_encrypt(pbe_nid, pbe_ciph, pass,
-	    passlen, salt, saltlen, iter, p8))) {
-		PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
-		PKCS12_SAFEBAG_free(bag);
-		return NULL;
-	}
-
-	return bag;
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
-PKCS7 *
-PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
-{
-	PKCS7 *p7;
-
-	if (!(p7 = PKCS7_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	p7->type = OBJ_nid2obj(NID_pkcs7_data);
-	if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA,
-		    PKCS12_R_CANT_PACK_STRUCTURE);
-		goto err;
-	}
-	return p7;
-
-err:
-	PKCS7_free(p7);
-	return NULL;
-}
-
-/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
-STACK_OF(PKCS12_SAFEBAG) *
-PKCS12_unpack_p7data(PKCS7 *p7)
-{
-	if (!PKCS7_type_is_data(p7)) {
-		PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,
-		    PKCS12_R_CONTENT_TYPE_NOT_DATA);
-		return NULL;
-	}
-	return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
-}
-
-/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
-
-PKCS7 *
-PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-    unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags)
-{
-	PKCS7 *p7;
-	X509_ALGOR *pbe;
-	const EVP_CIPHER *pbe_ciph;
-
-	if (!(p7 = PKCS7_new())) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
-		    PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
-		goto err;
-	}
-
-	pbe_ciph = EVP_get_cipherbynid(pbe_nid);
-
-	if (pbe_ciph)
-		pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
-	else
-		pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
-
-	if (!pbe) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
-	p7->d.encrypted->enc_data->algorithm = pbe;
-	ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
-	if (!(p7->d.encrypted->enc_data->enc_data = PKCS12_item_i2d_encrypt(
-	    pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, passlen, bags, 1))) {
-		PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
-		    PKCS12_R_ENCRYPT_ERROR);
-		goto err;
-	}
-
-	return p7;
-
-err:
-	PKCS7_free(p7);
-	return NULL;
-}
-
-STACK_OF(PKCS12_SAFEBAG) *
-PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass, int passlen)
-{
-	if (!PKCS7_type_is_encrypted(p7))
-		return NULL;
-	return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
-	    ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass, passlen,
-	    p7->d.encrypted->enc_data->enc_data, 1);
-}
-
-PKCS8_PRIV_KEY_INFO *
-PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass, int passlen)
-{
-	return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
-}
-
-int
-PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
-{
-	if (ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
-	    &p12->authsafes->d.data))
-		return 1;
-	return 0;
-}
-
-STACK_OF(PKCS7) *
-PKCS12_unpack_authsafes(PKCS12 *p12)
-{
-	if (!PKCS7_type_is_data(p12->authsafes)) {
-		PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,
-		    PKCS12_R_CONTENT_TYPE_NOT_DATA);
-		return NULL;
-	}
-	return ASN1_item_unpack(p12->authsafes->d.data,
-	    ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_asn.c b/lib/libssl/src/crypto/pkcs12/p12_asn.c
deleted file mode 100644
index 3baf8f43d5c..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_asn.c
+++ /dev/null
@@ -1,476 +0,0 @@
-/* $OpenBSD: p12_asn.c,v 1.9 2015/07/25 17:08:40 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 ASN1 module */
-
-static const ASN1_TEMPLATE PKCS12_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12, authsafes),
-		.field_name = "authsafes",
-		.item = &PKCS7_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS12, mac),
-		.field_name = "mac",
-		.item = &PKCS12_MAC_DATA_it,
-	},
-};
-
-const ASN1_ITEM PKCS12_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS12_seq_tt,
-	.tcount = sizeof(PKCS12_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS12),
-	.sname = "PKCS12",
-};
-
-
-PKCS12 *
-d2i_PKCS12(PKCS12 **a, const unsigned char **in, long len)
-{
-	return (PKCS12 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS12_it);
-}
-
-int
-i2d_PKCS12(PKCS12 *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_it);
-}
-
-PKCS12 *
-PKCS12_new(void)
-{
-	return (PKCS12 *)ASN1_item_new(&PKCS12_it);
-}
-
-void
-PKCS12_free(PKCS12 *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_it);
-}
-
-static const ASN1_TEMPLATE PKCS12_MAC_DATA_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12_MAC_DATA, dinfo),
-		.field_name = "dinfo",
-		.item = &X509_SIG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12_MAC_DATA, salt),
-		.field_name = "salt",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS12_MAC_DATA, iter),
-		.field_name = "iter",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM PKCS12_MAC_DATA_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS12_MAC_DATA_seq_tt,
-	.tcount = sizeof(PKCS12_MAC_DATA_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS12_MAC_DATA),
-	.sname = "PKCS12_MAC_DATA",
-};
-
-
-PKCS12_MAC_DATA *
-d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, const unsigned char **in, long len)
-{
-	return (PKCS12_MAC_DATA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS12_MAC_DATA_it);
-}
-
-int
-i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_MAC_DATA_it);
-}
-
-PKCS12_MAC_DATA *
-PKCS12_MAC_DATA_new(void)
-{
-	return (PKCS12_MAC_DATA *)ASN1_item_new(&PKCS12_MAC_DATA_it);
-}
-
-void
-PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it);
-}
-
-static const ASN1_TEMPLATE bag_default_tt = {
-	.flags = ASN1_TFLG_EXPLICIT,
-	.tag = 0,
-	.offset = offsetof(PKCS12_BAGS, value.other),
-	.field_name = "value.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE PKCS12_BAGS_adbtbl[] = {
-	{
-		.value = NID_x509Certificate,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_BAGS, value.x509cert),
-			.field_name = "value.x509cert",
-			.item = &ASN1_OCTET_STRING_it,
-		},
-	
-	},
-	{
-		.value = NID_x509Crl,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_BAGS, value.x509crl),
-			.field_name = "value.x509crl",
-			.item = &ASN1_OCTET_STRING_it,
-		},
-	
-	},
-	{
-		.value = NID_sdsiCertificate,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_BAGS, value.sdsicert),
-			.field_name = "value.sdsicert",
-			.item = &ASN1_IA5STRING_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB PKCS12_BAGS_adb = {
-	.flags = 0,
-	.offset = offsetof(PKCS12_BAGS, type),
-	.app_items = 0,
-	.tbl = PKCS12_BAGS_adbtbl,
-	.tblcount = sizeof(PKCS12_BAGS_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &bag_default_tt,
-	.null_tt = NULL,
-};
-
-static const ASN1_TEMPLATE PKCS12_BAGS_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12_BAGS, type),
-		.field_name = "type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "PKCS12_BAGS",
-		.item = (const ASN1_ITEM *)&PKCS12_BAGS_adb,
-	},
-};
-
-const ASN1_ITEM PKCS12_BAGS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS12_BAGS_seq_tt,
-	.tcount = sizeof(PKCS12_BAGS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS12_BAGS),
-	.sname = "PKCS12_BAGS",
-};
-
-
-PKCS12_BAGS *
-d2i_PKCS12_BAGS(PKCS12_BAGS **a, const unsigned char **in, long len)
-{
-	return (PKCS12_BAGS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS12_BAGS_it);
-}
-
-int
-i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_BAGS_it);
-}
-
-PKCS12_BAGS *
-PKCS12_BAGS_new(void)
-{
-	return (PKCS12_BAGS *)ASN1_item_new(&PKCS12_BAGS_it);
-}
-
-void
-PKCS12_BAGS_free(PKCS12_BAGS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it);
-}
-
-static const ASN1_TEMPLATE safebag_default_tt = {
-	.flags = ASN1_TFLG_EXPLICIT,
-	.tag = 0,
-	.offset = offsetof(PKCS12_SAFEBAG, value.other),
-	.field_name = "value.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE PKCS12_SAFEBAG_adbtbl[] = {
-	{
-		.value = NID_keyBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.keybag),
-			.field_name = "value.keybag",
-			.item = &PKCS8_PRIV_KEY_INFO_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs8ShroudedKeyBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.shkeybag),
-			.field_name = "value.shkeybag",
-			.item = &X509_SIG_it,
-		},
-	
-	},
-	{
-		.value = NID_safeContentsBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SET_OF,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.safes),
-			.field_name = "value.safes",
-			.item = &PKCS12_SAFEBAG_it,
-		},
-	},
-	{
-		.value = NID_certBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
-			.field_name = "value.bag",
-			.item = &PKCS12_BAGS_it,
-		},
-	
-	},
-	{
-		.value = NID_crlBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
-			.field_name = "value.bag",
-			.item = &PKCS12_BAGS_it,
-		},
-	
-	},
-	{
-		.value = NID_secretBag,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT,
-			.tag = 0,
-			.offset = offsetof(PKCS12_SAFEBAG, value.bag),
-			.field_name = "value.bag",
-			.item = &PKCS12_BAGS_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB PKCS12_SAFEBAG_adb = {
-	.flags = 0,
-	.offset = offsetof(PKCS12_SAFEBAG, type),
-	.app_items = 0,
-	.tbl = PKCS12_SAFEBAG_adbtbl,
-	.tblcount = sizeof(PKCS12_SAFEBAG_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &safebag_default_tt,
-	.null_tt = NULL,
-};
-
-static const ASN1_TEMPLATE PKCS12_SAFEBAG_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS12_SAFEBAG, type),
-		.field_name = "type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "PKCS12_SAFEBAG",
-		.item = (const ASN1_ITEM *)&PKCS12_SAFEBAG_adb,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS12_SAFEBAG, attrib),
-		.field_name = "attrib",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM PKCS12_SAFEBAG_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS12_SAFEBAG_seq_tt,
-	.tcount = sizeof(PKCS12_SAFEBAG_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS12_SAFEBAG),
-	.sname = "PKCS12_SAFEBAG",
-};
-
-
-PKCS12_SAFEBAG *
-d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, const unsigned char **in, long len)
-{
-	return (PKCS12_SAFEBAG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS12_SAFEBAG_it);
-}
-
-int
-i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS12_SAFEBAG_it);
-}
-
-PKCS12_SAFEBAG *
-PKCS12_SAFEBAG_new(void)
-{
-	return (PKCS12_SAFEBAG *)ASN1_item_new(&PKCS12_SAFEBAG_it);
-}
-
-void
-PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS12_SAFEBAG_it);
-}
-
-/* SEQUENCE OF SafeBag */
-static const ASN1_TEMPLATE PKCS12_SAFEBAGS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "PKCS12_SAFEBAGS",
-	.item = &PKCS12_SAFEBAG_it,
-};
-
-const ASN1_ITEM PKCS12_SAFEBAGS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &PKCS12_SAFEBAGS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "PKCS12_SAFEBAGS",
-};
-
-/* Authsafes: SEQUENCE OF PKCS7 */
-static const ASN1_TEMPLATE PKCS12_AUTHSAFES_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "PKCS12_AUTHSAFES",
-	.item = &PKCS7_it,
-};
-
-const ASN1_ITEM PKCS12_AUTHSAFES_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &PKCS12_AUTHSAFES_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "PKCS12_AUTHSAFES",
-};
-
diff --git a/lib/libssl/src/crypto/pkcs12/p12_attr.c b/lib/libssl/src/crypto/pkcs12/p12_attr.c
deleted file mode 100644
index 7552cf0a607..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_attr.c
+++ /dev/null
@@ -1,155 +0,0 @@
-/* $OpenBSD: p12_attr.c,v 1.10 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/pkcs12.h>
-
-/* Add a local keyid to a safebag */
-
-int
-PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
-	    V_ASN1_OCTET_STRING, name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-/* Add key usage to PKCS#8 structure */
-
-int
-PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-{
-	unsigned char us_val;
-
-	us_val = (unsigned char) usage;
-	if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
-	    V_ASN1_BIT_STRING, &us_val, 1))
-		return 1;
-	else
-		return 0;
-}
-
-/* Add a friendlyname to a safebag */
-
-int
-PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-	    MBSTRING_ASC, (unsigned char *)name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-
-int
-PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
-    int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
-	    MBSTRING_BMP, name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-int
-PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)
-{
-	if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
-	    MBSTRING_ASC, (unsigned char *)name, namelen))
-		return 1;
-	else
-		return 0;
-}
-
-ASN1_TYPE *
-PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
-{
-	X509_ATTRIBUTE *attrib;
-	int i;
-
-	if (!attrs)
-		return NULL;
-	for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) {
-		attrib = sk_X509_ATTRIBUTE_value (attrs, i);
-		if (OBJ_obj2nid (attrib->object) == attr_nid) {
-			if (sk_ASN1_TYPE_num (attrib->value.set))
-				return sk_ASN1_TYPE_value(attrib->value.set, 0);
-			else
-				return NULL;
-		}
-	}
-	return NULL;
-}
-
-char *
-PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
-{
-	ASN1_TYPE *atype;
-
-	if (!(atype = PKCS12_get_attr(bag, NID_friendlyName)))
-		return NULL;
-	if (atype->type != V_ASN1_BMPSTRING)
-		return NULL;
-	return OPENSSL_uni2asc(atype->value.bmpstring->data,
-	    atype->value.bmpstring->length);
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_crpt.c b/lib/libssl/src/crypto/pkcs12/p12_crpt.c
deleted file mode 100644
index 0f215d2fe2d..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_crpt.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* $OpenBSD: p12_crpt.c,v 1.12 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 PBE algorithms now in static table */
-
-void
-PKCS12_PBE_add(void)
-{
-}
-
-int
-PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md, int en_de)
-{
-	PBEPARAM *pbe;
-	int saltlen, iter, ret;
-	unsigned char *salt;
-	const unsigned char *pbuf;
-	unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
-
-	/* Extract useful info from parameter */
-	if (param == NULL || param->type != V_ASN1_SEQUENCE ||
-	    param->value.sequence == NULL) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
-		return 0;
-	}
-
-	pbuf = param->value.sequence->data;
-	if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
-		return 0;
-	}
-
-	if (!pbe->iter)
-		iter = 1;
-	else
-		iter = ASN1_INTEGER_get (pbe->iter);
-	salt = pbe->salt->data;
-	saltlen = pbe->salt->length;
-	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
-	    iter, EVP_CIPHER_key_length(cipher), key, md)) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_KEY_GEN_ERROR);
-		PBEPARAM_free(pbe);
-		return 0;
-	}
-	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID,
-	    iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_IV_GEN_ERROR);
-		PBEPARAM_free(pbe);
-		return 0;
-	}
-	PBEPARAM_free(pbe);
-	ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
-	explicit_bzero(key, EVP_MAX_KEY_LENGTH);
-	explicit_bzero(iv, EVP_MAX_IV_LENGTH);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_crt.c b/lib/libssl/src/crypto/pkcs12/p12_crt.c
deleted file mode 100644
index bef4d54cd9f..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_crt.c
+++ /dev/null
@@ -1,350 +0,0 @@
-/* $OpenBSD: p12_crt.c,v 1.16 2015/02/14 12:43:07 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
-    PKCS12_SAFEBAG *bag);
-
-static int
-copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
-{
-	int idx;
-	X509_ATTRIBUTE *attr;
-
-	idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);
-	if (idx < 0)
-		return 1;
-	attr = EVP_PKEY_get_attr(pkey, idx);
-	if (!X509at_add1_attr(&bag->attrib, attr))
-		return 0;
-	return 1;
-}
-
-PKCS12 *
-PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-    STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter,
-    int keytype)
-{
-	PKCS12 *p12 = NULL;
-	STACK_OF(PKCS7) *safes = NULL;
-	STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
-	PKCS12_SAFEBAG *bag = NULL;
-	int i;
-	unsigned char keyid[EVP_MAX_MD_SIZE];
-	unsigned int keyidlen = 0;
-
-	/* Set defaults */
-	if (!nid_cert) {
-		nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
-	}
-	if (!nid_key)
-		nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
-	if (!iter)
-		iter = PKCS12_DEFAULT_ITER;
-	if (!mac_iter)
-		mac_iter = 1;
-
-	if (!pkey && !cert && !ca) {
-		PKCS12err(PKCS12_F_PKCS12_CREATE,
-		    PKCS12_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-
-	if (pkey && cert) {
-		if (!X509_check_private_key(cert, pkey))
-			return NULL;
-		X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
-	}
-
-	if (cert) {
-		bag = PKCS12_add_cert(&bags, cert);
-		if (name && !PKCS12_add_friendlyname(bag, name, -1))
-			goto err;
-		if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-			goto err;
-	}
-
-	/* Add all other certificates */
-	for (i = 0; i < sk_X509_num(ca); i++) {
-		if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i)))
-			goto err;
-	}
-
-	if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass))
-		goto err;
-
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	bags = NULL;
-
-	if (pkey) {
-		bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);
-
-		if (!bag)
-			goto err;
-
-		if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
-			goto err;
-		if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
-			goto err;
-
-		if (name && !PKCS12_add_friendlyname(bag, name, -1))
-			goto err;
-		if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-			goto err;
-	}
-
-	if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL))
-		goto err;
-
-	sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	bags = NULL;
-
-	p12 = PKCS12_add_safes(safes, 0);
-
-	if (!p12)
-		goto err;
-
-	sk_PKCS7_pop_free(safes, PKCS7_free);
-
-	safes = NULL;
-
-	if ((mac_iter != -1) &&
-	    !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL))
-		goto err;
-
-	return p12;
-
-err:
-	if (p12)
-		PKCS12_free(p12);
-	if (safes)
-		sk_PKCS7_pop_free(safes, PKCS7_free);
-	if (bags)
-		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	return NULL;
-}
-
-PKCS12_SAFEBAG *
-PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)
-{
-	PKCS12_SAFEBAG *bag = NULL;
-	char *name;
-	int namelen = -1;
-	unsigned char *keyid;
-	int keyidlen = -1;
-
-	/* Add user certificate */
-	if (!(bag = PKCS12_x5092certbag(cert)))
-		goto err;
-
-	/* Use friendlyName and localKeyID in certificate.
-	 * (if present)
-	 */
-	name = (char *)X509_alias_get0(cert, &namelen);
-	if (name && !PKCS12_add_friendlyname(bag, name, namelen))
-		goto err;
-
-	keyid = X509_keyid_get0(cert, &keyidlen);
-
-	if (keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
-		goto err;
-
-	if (!pkcs12_add_bag(pbags, bag))
-		goto err;
-
-	return bag;
-
-err:
-	if (bag)
-		PKCS12_SAFEBAG_free(bag);
-
-	return NULL;
-}
-
-PKCS12_SAFEBAG *
-PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key, int key_usage,
-    int iter, int nid_key, char *pass)
-{
-	PKCS12_SAFEBAG *bag = NULL;
-	PKCS8_PRIV_KEY_INFO *p8 = NULL;
-
-	/* Make a PKCS#8 structure */
-	if (!(p8 = EVP_PKEY2PKCS8(key)))
-		goto err;
-	if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
-		goto err;
-	if (nid_key != -1) {
-		bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0,
-		    iter, p8);
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		p8 = NULL;
-	} else {
-		bag = PKCS12_MAKE_KEYBAG(p8);
-		if (bag != NULL)
-			p8 = NULL;
-	}
-
-	if (!bag)
-		goto err;
-
-	if (!pkcs12_add_bag(pbags, bag))
-		goto err;
-
-	return bag;
-
-err:
-	if (bag)
-		PKCS12_SAFEBAG_free(bag);
-	if (p8)
-		PKCS8_PRIV_KEY_INFO_free(p8);
-
-	return NULL;
-}
-
-int
-PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
-    int nid_safe, int iter, char *pass)
-{
-	PKCS7 *p7 = NULL;
-	int free_safes = 0;
-
-	if (!*psafes) {
-		*psafes = sk_PKCS7_new_null();
-		if (!*psafes)
-			return 0;
-		free_safes = 1;
-	} else
-		free_safes = 0;
-
-	if (nid_safe == 0)
-		nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC;
-
-	if (nid_safe == -1)
-		p7 = PKCS12_pack_p7data(bags);
-	else
-		p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0,
-		    iter, bags);
-	if (!p7)
-		goto err;
-
-	if (!sk_PKCS7_push(*psafes, p7))
-		goto err;
-
-	return 1;
-
-err:
-	if (free_safes) {
-		sk_PKCS7_free(*psafes);
-		*psafes = NULL;
-	}
-
-	if (p7)
-		PKCS7_free(p7);
-
-	return 0;
-}
-
-static int
-pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, PKCS12_SAFEBAG *bag)
-{
-	int free_bags;
-
-	if (!pbags)
-		return 1;
-	if (!*pbags) {
-		*pbags = sk_PKCS12_SAFEBAG_new_null();
-		if (!*pbags)
-			return 0;
-		free_bags = 1;
-	} else
-		free_bags = 0;
-
-	if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) {
-		if (free_bags) {
-			sk_PKCS12_SAFEBAG_free(*pbags);
-			*pbags = NULL;
-		}
-		return 0;
-	}
-
-	return 1;
-}
-
-PKCS12 *
-PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7)
-{
-	PKCS12 *p12;
-
-	if (nid_p7 <= 0)
-		nid_p7 = NID_pkcs7_data;
-	p12 = PKCS12_init(nid_p7);
-
-	if (!p12)
-		return NULL;
-
-	if (!PKCS12_pack_authsafes(p12, safes)) {
-		PKCS12_free(p12);
-		return NULL;
-	}
-
-	return p12;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_decr.c b/lib/libssl/src/crypto/pkcs12/p12_decr.c
deleted file mode 100644
index ad4e0bc6605..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_decr.c
+++ /dev/null
@@ -1,190 +0,0 @@
-/* $OpenBSD: p12_decr.c,v 1.17 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Encrypt/Decrypt a buffer based on password and algor, result in a
- * malloc'ed buffer
- */
-
-unsigned char *
-PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen,
-    unsigned char *in, int inlen, unsigned char **data, int *datalen, int en_de)
-{
-	unsigned char *out;
-	int outlen, i;
-	EVP_CIPHER_CTX ctx;
-
-	EVP_CIPHER_CTX_init(&ctx);
-	/* Decrypt data */
-	if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
-	    algor->parameter, &ctx, en_de)) {
-		out = NULL;
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
-		    PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
-		goto err;
-	}
-
-	if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
-		free(out);
-		out = NULL;
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
-		goto err;
-	}
-
-	outlen = i;
-	if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
-		free(out);
-		out = NULL;
-		PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
-		    PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
-		goto err;
-	}
-	outlen += i;
-	if (datalen)
-		*datalen = outlen;
-	if (data)
-		*data = out;
-
-err:
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return out;
-
-}
-
-/* Decrypt an OCTET STRING and decode ASN1 structure
- * if zbuf set zero buffer after use.
- */
-
-void *
-PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf)
-{
-	unsigned char *out;
-	const unsigned char *p;
-	void *ret;
-	int outlen;
-
-	if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
-	    &out, &outlen, 0)) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,
-		    PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
-		return NULL;
-	}
-	p = out;
-	ret = ASN1_item_d2i(NULL, &p, outlen, it);
-	if (zbuf)
-		explicit_bzero(out, outlen);
-	if (!ret)
-		PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,
-		    PKCS12_R_DECODE_ERROR);
-	free(out);
-	return ret;
-}
-
-/* Encode ASN1 structure and encrypt, return OCTET STRING
- * if zbuf set zero encoding.
- */
-
-ASN1_OCTET_STRING *
-PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen,
-    void *obj, int zbuf)
-{
-	ASN1_OCTET_STRING *oct;
-	unsigned char *in = NULL;
-	int inlen;
-
-	if (!(oct = ASN1_OCTET_STRING_new ())) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	inlen = ASN1_item_i2d(obj, &in, it);
-	if (!in) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,
-		    PKCS12_R_ENCODE_ERROR);
-		goto err;
-	}
-	if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
-	    &oct->length, 1)) {
-		PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT,
-		    PKCS12_R_ENCRYPT_ERROR);
-		goto err;
-	}
-	if (zbuf)
-		explicit_bzero(in, inlen);
-	free(in);
-	return oct;
-
-err:
-	free(in);
-	ASN1_OCTET_STRING_free(oct);
-	return NULL;
-}
-
-IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/lib/libssl/src/crypto/pkcs12/p12_init.c b/lib/libssl/src/crypto/pkcs12/p12_init.c
deleted file mode 100644
index cd01196b6fc..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_init.c
+++ /dev/null
@@ -1,97 +0,0 @@
-/* $OpenBSD: p12_init.c,v 1.10 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Initialise a PKCS12 structure to take data */
-
-PKCS12 *
-PKCS12_init(int mode)
-{
-	PKCS12 *pkcs12;
-
-	if (!(pkcs12 = PKCS12_new())) {
-		PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ASN1_INTEGER_set(pkcs12->version, 3);
-	pkcs12->authsafes->type = OBJ_nid2obj(mode);
-	switch (mode) {
-	case NID_pkcs7_data:
-		if (!(pkcs12->authsafes->d.data =
-		    ASN1_OCTET_STRING_new())) {
-			PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		break;
-	default:
-		PKCS12err(PKCS12_F_PKCS12_INIT,
-		    PKCS12_R_UNSUPPORTED_PKCS12_MODE);
-		goto err;
-	}
-
-	return pkcs12;
-
-err:
-	if (pkcs12 != NULL)
-		PKCS12_free(pkcs12);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_key.c b/lib/libssl/src/crypto/pkcs12/p12_key.c
deleted file mode 100644
index 38f8a8194c7..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_key.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* $OpenBSD: p12_key.c,v 1.23 2015/09/10 15:56:25 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS12 compatible key/IV generation */
-#ifndef min
-#define min(a,b) ((a) < (b) ? (a) : (b))
-#endif
-
-int
-PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-    int saltlen, int id, int iter, int n, unsigned char *out,
-    const EVP_MD *md_type)
-{
-	int ret;
-	unsigned char *unipass;
-	int uniplen;
-
-	if (!pass) {
-		unipass = NULL;
-		uniplen = 0;
-	} else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
-		PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
-	    id, iter, n, out, md_type);
-	if (ret <= 0)
-		return 0;
-	if (unipass) {
-		explicit_bzero(unipass, uniplen);
-		free(unipass);
-	}
-	return ret;
-}
-
-int
-PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
-    int saltlen, int id, int iter, int n, unsigned char *out,
-    const EVP_MD *md_type)
-{
-	unsigned char *B, *D, *I, *p, *Ai;
-	int Slen, Plen, Ilen, Ijlen;
-	int i, j, u, v;
-	int ret = 0;
-	BIGNUM *Ij, *Bpl1;	/* These hold Ij and B + 1 */
-	EVP_MD_CTX ctx;
-
-	EVP_MD_CTX_init(&ctx);
-	v = EVP_MD_block_size(md_type);
-	u = EVP_MD_size(md_type);
-	if (u < 0)
-		return 0;
-	D = malloc(v);
-	Ai = malloc(u);
-	B = malloc(v + 1);
-	Slen = v * ((saltlen + v - 1) / v);
-	if (passlen)
-		Plen = v * ((passlen + v - 1)/v);
-	else
-		Plen = 0;
-	Ilen = Slen + Plen;
-	I = malloc(Ilen);
-	Ij = BN_new();
-	Bpl1 = BN_new();
-	if (!D || !Ai || !B || !I || !Ij || !Bpl1)
-		goto err;
-	for (i = 0; i < v; i++)
-		D[i] = id;
-	p = I;
-	for (i = 0; i < Slen; i++)
-		*p++ = salt[i % saltlen];
-	for (i = 0; i < Plen; i++)
-		*p++ = pass[i % passlen];
-	for (;;) {
-		if (!EVP_DigestInit_ex(&ctx, md_type, NULL) ||
-		    !EVP_DigestUpdate(&ctx, D, v) ||
-		    !EVP_DigestUpdate(&ctx, I, Ilen) ||
-		    !EVP_DigestFinal_ex(&ctx, Ai, NULL))
-			goto err;
-		for (j = 1; j < iter; j++) {
-			if (!EVP_DigestInit_ex(&ctx, md_type, NULL) ||
-			    !EVP_DigestUpdate(&ctx, Ai, u) ||
-			    !EVP_DigestFinal_ex(&ctx, Ai, NULL))
-				goto err;
-		}
-		memcpy (out, Ai, min (n, u));
-		if (u >= n) {
-			ret = 1;
-			goto end;
-		}
-		n -= u;
-		out += u;
-		for (j = 0; j < v; j++)
-			B[j] = Ai[j % u];
-		/* Work out B + 1 first then can use B as tmp space */
-		if (!BN_bin2bn (B, v, Bpl1))
-			goto err;
-		if (!BN_add_word (Bpl1, 1))
-			goto err;
-		for (j = 0; j < Ilen; j += v) {
-			if (!BN_bin2bn(I + j, v, Ij))
-				goto err;
-			if (!BN_add(Ij, Ij, Bpl1))
-				goto err;
-			if (!BN_bn2bin(Ij, B))
-				goto err;
-			Ijlen = BN_num_bytes (Ij);
-			/* If more than 2^(v*8) - 1 cut off MSB */
-			if (Ijlen > v) {
-				if (!BN_bn2bin (Ij, B))
-					goto err;
-				memcpy (I + j, B + 1, v);
-#ifndef PKCS12_BROKEN_KEYGEN
-				/* If less than v bytes pad with zeroes */
-			} else if (Ijlen < v) {
-				memset(I + j, 0, v - Ijlen);
-				if (!BN_bn2bin(Ij, I + j + v - Ijlen))
-					goto err;
-#endif
-			} else if (!BN_bn2bin (Ij, I + j))
-				goto err;
-		}
-	}
-
-err:
-	PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
-
-end:
-	free(Ai);
-	free(B);
-	free(D);
-	free(I);
-	BN_free(Ij);
-	BN_free(Bpl1);
-	EVP_MD_CTX_cleanup(&ctx);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_kiss.c b/lib/libssl/src/crypto/pkcs12/p12_kiss.c
deleted file mode 100644
index df992a68fc6..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_kiss.c
+++ /dev/null
@@ -1,297 +0,0 @@
-/* $OpenBSD: p12_kiss.c,v 1.17 2016/03/11 07:08:44 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* Simplified PKCS#12 routines */
-
-static int parse_pk12( PKCS12 *p12, const char *pass, int passlen,
-    EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
-    int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen,
-    EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
-
-/* Parse and decrypt a PKCS#12 structure returning user key, user cert
- * and other (CA) certs. Note either ca should be NULL, *ca should be NULL,
- * or it should point to a valid STACK structure. pkey and cert can be
- * passed unitialised.
- */
-
-int
-PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-    STACK_OF(X509) **ca)
-{
-	STACK_OF(X509) *ocerts = NULL;
-	X509 *x = NULL;
-	/* Check for NULL PKCS12 structure */
-
-	if (!p12) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE,
-		    PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-		return 0;
-	}
-
-	if (pkey)
-		*pkey = NULL;
-	if (cert)
-		*cert = NULL;
-
-	/* Check the mac */
-
-	/* If password is zero length or NULL then try verifying both cases
-	 * to determine which password is correct. The reason for this is that
-	 * under PKCS#12 password based encryption no password and a zero length
-	 * password are two different things...
-	 */
-
-	if (!pass || !*pass) {
-		if (PKCS12_verify_mac(p12, NULL, 0))
-			pass = NULL;
-		else if (PKCS12_verify_mac(p12, "", 0))
-			pass = "";
-		else {
-			PKCS12err(PKCS12_F_PKCS12_PARSE,
-			    PKCS12_R_MAC_VERIFY_FAILURE);
-			goto err;
-		}
-	} else if (!PKCS12_verify_mac(p12, pass, -1)) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_MAC_VERIFY_FAILURE);
-		goto err;
-	}
-
-	/* Allocate stack for other certificates */
-	ocerts = sk_X509_new_null();
-	if (!ocerts) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	if (!parse_pk12 (p12, pass, -1, pkey, ocerts)) {
-		PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_PARSE_ERROR);
-		goto err;
-	}
-
-	while ((x = sk_X509_pop(ocerts))) {
-		if (pkey && *pkey && cert && !*cert) {
-			if (X509_check_private_key(x, *pkey)) {
-				*cert = x;
-				x = NULL;
-			}
-		}
-
-		if (ca && x) {
-			if (!*ca)
-				*ca = sk_X509_new_null();
-			if (!*ca)
-				goto err;
-			if (!sk_X509_push(*ca, x))
-				goto err;
-			x = NULL;
-		}
-		X509_free(x);
-	}
-
-	if (ocerts)
-		sk_X509_pop_free(ocerts, X509_free);
-
-	return 1;
-
-err:
-	if (pkey && *pkey)
-		EVP_PKEY_free(*pkey);
-	if (cert)
-		X509_free(*cert);
-	X509_free(x);
-	if (ocerts)
-		sk_X509_pop_free(ocerts, X509_free);
-	return 0;
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int
-parse_pk12(PKCS12 *p12, const char *pass, int passlen, EVP_PKEY **pkey,
-    STACK_OF(X509) *ocerts)
-{
-	STACK_OF(PKCS7) *asafes;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid;
-	PKCS7 *p7;
-
-	if (!(asafes = PKCS12_unpack_authsafes (p12)))
-		return 0;
-	for (i = 0; i < sk_PKCS7_num (asafes); i++) {
-		p7 = sk_PKCS7_value (asafes, i);
-		bagnid = OBJ_obj2nid (p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
-		} else
-			continue;
-		if (!bags) {
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-		if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
-			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-			sk_PKCS7_pop_free(asafes, PKCS7_free);
-			return 0;
-		}
-		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-	}
-	sk_PKCS7_pop_free(asafes, PKCS7_free);
-	return 1;
-}
-
-static int
-parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, int passlen,
-    EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
-{
-	int i;
-
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-		if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i), pass, passlen,
-		    pkey, ocerts))
-			return 0;
-	}
-	return 1;
-}
-
-static int
-parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, EVP_PKEY **pkey,
-    STACK_OF(X509) *ocerts)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509 *x509;
-	ASN1_TYPE *attrib;
-	ASN1_BMPSTRING *fname = NULL;
-	ASN1_OCTET_STRING *lkid = NULL;
-
-	if ((attrib = PKCS12_get_attr (bag, NID_friendlyName)))
-		fname = attrib->value.bmpstring;
-
-	if ((attrib = PKCS12_get_attr (bag, NID_localKeyID)))
-		lkid = attrib->value.octet_string;
-
-	switch (M_PKCS12_bag_type(bag)) {
-	case NID_keyBag:
-		if (!pkey || *pkey)
-			return 1;
-		if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
-			return 0;
-		break;
-
-	case NID_pkcs8ShroudedKeyBag:
-		if (!pkey || *pkey)
-			return 1;
-		if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
-			return 0;
-		*pkey = EVP_PKCS82PKEY(p8);
-		PKCS8_PRIV_KEY_INFO_free(p8);
-		if (!(*pkey))
-			return 0;
-		break;
-
-	case NID_certBag:
-		if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate )
-			return 1;
-		if (!(x509 = PKCS12_certbag2x509(bag)))
-			return 0;
-		if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
-			X509_free(x509);
-			return 0;
-		}
-		if (fname) {
-			int len, r;
-			unsigned char *data;
-			len = ASN1_STRING_to_UTF8(&data, fname);
-			if (len >= 0) {
-				r = X509_alias_set1(x509, data, len);
-				free(data);
-				if (!r) {
-					X509_free(x509);
-					return 0;
-				}
-			}
-		}
-
-		if (!sk_X509_push(ocerts, x509)) {
-			X509_free(x509);
-			return 0;
-		}
-
-		break;
-
-	case NID_safeContentsBag:
-		return parse_bags(bag->value.safes, pass, passlen,
-		    pkey, ocerts);
-		break;
-
-	default:
-		return 1;
-		break;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_mutl.c b/lib/libssl/src/crypto/pkcs12/p12_mutl.c
deleted file mode 100644
index bf88c782702..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_mutl.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* $OpenBSD: p12_mutl.c,v 1.21 2015/09/30 17:30:15 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_HMAC
-
-#include <openssl/err.h>
-#include <openssl/hmac.h>
-#include <openssl/pkcs12.h>
-
-/* Generate a MAC */
-int
-PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-    unsigned char *mac, unsigned int *maclen)
-{
-	const EVP_MD *md_type;
-	HMAC_CTX hmac;
-	unsigned char key[EVP_MAX_MD_SIZE], *salt;
-	int saltlen, iter;
-	int md_size;
-
-	if (!PKCS7_type_is_data(p12->authsafes)) {
-		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,
-		    PKCS12_R_CONTENT_TYPE_NOT_DATA);
-		return 0;
-	}
-
-	salt = p12->mac->salt->data;
-	saltlen = p12->mac->salt->length;
-	if (!p12->mac->iter)
-		iter = 1;
-	else
-		iter = ASN1_INTEGER_get(p12->mac->iter);
-	if (!(md_type = EVP_get_digestbyobj(
-	    p12->mac->dinfo->algor->algorithm))) {
-		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,
-		    PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
-		return 0;
-	}
-	md_size = EVP_MD_size(md_type);
-	if (md_size < 0)
-		return 0;
-	if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
-	    md_size, key, md_type)) {
-		PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
-		return 0;
-	}
-	HMAC_CTX_init(&hmac);
-	if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL) ||
-	    !HMAC_Update(&hmac, p12->authsafes->d.data->data,
-	    p12->authsafes->d.data->length) ||
-	    !HMAC_Final(&hmac, mac, maclen)) {
-		HMAC_CTX_cleanup(&hmac);
-		return 0;
-	}
-	HMAC_CTX_cleanup(&hmac);
-	return 1;
-}
-
-/* Verify the mac */
-int
-PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
-{
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-
-	if (p12->mac == NULL) {
-		PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
-		return 0;
-	}
-	if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-		PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC,
-		    PKCS12_R_MAC_GENERATION_ERROR);
-		return 0;
-	}
-	if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) ||
-	    memcmp(mac, p12->mac->dinfo->digest->data, maclen))
-		return 0;
-	return 1;
-}
-
-/* Set a mac */
-
-int
-PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, unsigned char *salt,
-    int saltlen, int iter, const EVP_MD *md_type)
-{
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-
-	if (!md_type)
-		md_type = EVP_sha1();
-	if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) ==
-	    PKCS12_ERROR) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
-		return 0;
-	}
-	if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC,
-		    PKCS12_R_MAC_GENERATION_ERROR);
-		return 0;
-	}
-	if (!(ASN1_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
-		PKCS12err(PKCS12_F_PKCS12_SET_MAC,
-		    PKCS12_R_MAC_STRING_SET_ERROR);
-		return 0;
-	}
-	return 1;
-}
-
-/* Set up a mac structure */
-int
-PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
-    const EVP_MD *md_type)
-{
-	if (!(p12->mac = PKCS12_MAC_DATA_new()))
-		return PKCS12_ERROR;
-	if (iter > 1) {
-		if (!(p12->mac->iter = ASN1_INTEGER_new())) {
-			PKCS12err(PKCS12_F_PKCS12_SETUP_MAC,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
-			PKCS12err(PKCS12_F_PKCS12_SETUP_MAC,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	if (!saltlen)
-		saltlen = PKCS12_SALT_LEN;
-	if (!(p12->mac->salt->data = malloc(saltlen))) {
-		PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p12->mac->salt->length = saltlen;
-	if (!salt)
-		arc4random_buf(p12->mac->salt->data, saltlen);
-	else
-		memcpy (p12->mac->salt->data, salt, saltlen);
-	p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
-	if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
-		PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
-
-	return 1;
-}
-#endif
diff --git a/lib/libssl/src/crypto/pkcs12/p12_npas.c b/lib/libssl/src/crypto/pkcs12/p12_npas.c
deleted file mode 100644
index b9dea51b85f..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_npas.c
+++ /dev/null
@@ -1,244 +0,0 @@
-/* $OpenBSD: p12_npas.c,v 1.10 2015/02/14 14:18:58 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* PKCS#12 password change routine */
-
-static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
-static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
-    char *newpass);
-static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
-static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
-
-/*
- * Change the password on a PKCS#12 structure.
- */
-
-int
-PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
-{
-	/* Check for NULL PKCS12 structure */
-
-	if (!p12) {
-		PKCS12err(PKCS12_F_PKCS12_NEWPASS,
-		    PKCS12_R_INVALID_NULL_PKCS12_POINTER);
-		return 0;
-	}
-
-	/* Check the mac */
-
-	if (!PKCS12_verify_mac(p12, oldpass, -1)) {
-		PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
-		return 0;
-	}
-
-	if (!newpass_p12(p12, oldpass, newpass)) {
-		PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
-		return 0;
-	}
-
-	return 1;
-}
-
-/* Parse the outer PKCS#12 structure */
-
-static int
-newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
-{
-	STACK_OF(PKCS7) *asafes, *newsafes;
-	STACK_OF(PKCS12_SAFEBAG) *bags;
-	int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
-	PKCS7 *p7, *p7new;
-	ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
-	unsigned char mac[EVP_MAX_MD_SIZE];
-	unsigned int maclen;
-
-	if (!(asafes = PKCS12_unpack_authsafes(p12)))
-		return 0;
-	if (!(newsafes = sk_PKCS7_new_null()))
-		return 0;
-	for (i = 0; i < sk_PKCS7_num(asafes); i++) {
-		p7 = sk_PKCS7_value(asafes, i);
-		bagnid = OBJ_obj2nid(p7->type);
-		if (bagnid == NID_pkcs7_data) {
-			bags = PKCS12_unpack_p7data(p7);
-		} else if (bagnid == NID_pkcs7_encrypted) {
-			bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
-			if (!alg_get(p7->d.encrypted->enc_data->algorithm,
-			    &pbe_nid, &pbe_iter, &pbe_saltlen)) {
-				sk_PKCS12_SAFEBAG_pop_free(bags,
-				    PKCS12_SAFEBAG_free);
-				bags = NULL;
-			}
-		} else
-			continue;
-		if (bags == NULL)
-			goto err;
-		if (!newpass_bags(bags, oldpass, newpass)) {
-			sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-			goto err;
-		}
-		/* Repack bag in same form with new password */
-		if (bagnid == NID_pkcs7_data)
-			p7new = PKCS12_pack_p7data(bags);
-		else
-			p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1,
-			    NULL, pbe_saltlen, pbe_iter, bags);
-		sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
-		if (p7new == NULL)
-			goto err;
-		if (sk_PKCS7_push(newsafes, p7new) == 0)
-			goto err;
-	}
-	sk_PKCS7_pop_free(asafes, PKCS7_free);
-
-	/* Repack safe: save old safe in case of error */
-
-	p12_data_tmp = p12->authsafes->d.data;
-	if (!(p12->authsafes->d.data = ASN1_OCTET_STRING_new())) {
-		p12->authsafes->d.data = p12_data_tmp;
-		goto err;
-	}
-	if (!PKCS12_pack_authsafes(p12, newsafes))
-		goto saferr;
-
-	if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
-		goto saferr;
-	if (!(macnew = ASN1_OCTET_STRING_new()))
-		goto saferr;
-	if (!ASN1_OCTET_STRING_set(macnew, mac, maclen))
-		goto saferr;
-	ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
-	p12->mac->dinfo->digest = macnew;
-	ASN1_OCTET_STRING_free(p12_data_tmp);
-
-	return 1;
-
-saferr:
-	/* Restore old safe */
-	ASN1_OCTET_STRING_free(p12->authsafes->d.data);
-	ASN1_OCTET_STRING_free(macnew);
-	p12->authsafes->d.data = p12_data_tmp;
-	return 0;
-
-err:
-	sk_PKCS7_pop_free(asafes, PKCS7_free);
-	sk_PKCS7_pop_free(newsafes, PKCS7_free);
-	return 0;
-}
-
-
-static int
-newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, char *newpass)
-{
-	int i;
-
-	for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
-		if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i),
-		    oldpass, newpass))
-			return 0;
-	}
-	return 1;
-}
-
-/* Change password of safebag: only needs handle shrouded keybags */
-
-static int
-newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
-{
-	PKCS8_PRIV_KEY_INFO *p8;
-	X509_SIG *p8new;
-	int p8_nid, p8_saltlen, p8_iter;
-
-	if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
-		return 1;
-
-	if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
-		return 0;
-	if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter,
-	    &p8_saltlen))
-		return 0;
-	if (!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
-	    p8_iter, p8))) return 0;
-	X509_SIG_free(bag->value.shkeybag);
-	bag->value.shkeybag = p8new;
-	return 1;
-}
-
-static int
-alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
-{
-	PBEPARAM *pbe;
-	const unsigned char *p;
-
-	p = alg->parameter->value.sequence->data;
-	pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
-	if (!pbe)
-		return 0;
-	*pnid = OBJ_obj2nid(alg->algorithm);
-	*piter = ASN1_INTEGER_get(pbe->iter);
-	*psaltlen = pbe->salt->length;
-	PBEPARAM_free(pbe);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_p8d.c b/lib/libssl/src/crypto/pkcs12/p12_p8d.c
deleted file mode 100644
index 5d3339e2f21..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_p8d.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/* $OpenBSD: p12_p8d.c,v 1.5 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/pkcs12.h>
-
-PKCS8_PRIV_KEY_INFO *
-PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen)
-{
-	return PKCS12_item_decrypt_d2i(p8->algor,
-	    ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass, passlen, p8->digest, 1);
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_p8e.c b/lib/libssl/src/crypto/pkcs12/p12_p8e.c
deleted file mode 100644
index db3db872148..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_p8e.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* $OpenBSD: p12_p8e.c,v 1.6 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-X509_SIG *
-PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass,
-    int passlen, unsigned char *salt, int saltlen, int iter,
-    PKCS8_PRIV_KEY_INFO *p8inf)
-{
-	X509_SIG *p8 = NULL;
-	X509_ALGOR *pbe;
-
-	if (!(p8 = X509_SIG_new())) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (pbe_nid == -1)
-		pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
-	else
-		pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
-	if (!pbe) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
-		goto err;
-	}
-	X509_ALGOR_free(p8->algor);
-	p8->algor = pbe;
-	ASN1_OCTET_STRING_free(p8->digest);
-	p8->digest = PKCS12_item_i2d_encrypt(pbe,
-	    ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass, passlen, p8inf, 1);
-	if (!p8->digest) {
-		PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
-		goto err;
-	}
-
-	return p8;
-
-err:
-	X509_SIG_free(p8);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/pkcs12/p12_utl.c b/lib/libssl/src/crypto/pkcs12/p12_utl.c
deleted file mode 100644
index b60d4d020ce..00000000000
--- a/lib/libssl/src/crypto/pkcs12/p12_utl.c
+++ /dev/null
@@ -1,168 +0,0 @@
-/* $OpenBSD: p12_utl.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/pkcs12.h>
-
-/* Cheap and nasty Unicode stuff */
-
-unsigned char *
-OPENSSL_asc2uni(const char *asc, int asclen, unsigned char **uni, int *unilen)
-{
-	int ulen, i;
-	unsigned char *unitmp;
-
-	if (asclen == -1)
-		asclen = strlen(asc);
-	ulen = asclen * 2 + 2;
-	if (!(unitmp = malloc(ulen)))
-		return NULL;
-	for (i = 0; i < ulen - 2; i += 2) {
-		unitmp[i] = 0;
-		unitmp[i + 1] = asc[i >> 1];
-	}
-	/* Make result double null terminated */
-	unitmp[ulen - 2] = 0;
-	unitmp[ulen - 1] = 0;
-	if (unilen)
-		*unilen = ulen;
-	if (uni)
-		*uni = unitmp;
-	return unitmp;
-}
-
-char *
-OPENSSL_uni2asc(unsigned char *uni, int unilen)
-{
-	int asclen, i;
-	char *asctmp;
-
-	asclen = unilen / 2;
-	/* If no terminating zero allow for one */
-	if (!unilen || uni[unilen - 1])
-		asclen++;
-	uni++;
-	if (!(asctmp = malloc(asclen)))
-		return NULL;
-	for (i = 0; i < unilen; i += 2)
-		asctmp[i >> 1] = uni[i];
-	asctmp[asclen - 1] = 0;
-	return asctmp;
-}
-
-int
-i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-int
-i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-
-PKCS12 *
-d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
-}
-
-PKCS12 *
-d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
-{
-	    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
-}
-
-PKCS12_SAFEBAG *
-PKCS12_x5092certbag(X509 *x509)
-{
-	return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
-	    NID_x509Certificate, NID_certBag);
-}
-
-PKCS12_SAFEBAG *
-PKCS12_x509crl2certbag(X509_CRL *crl)
-{
-	return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
-	    NID_x509Crl, NID_crlBag);
-}
-
-X509 *
-PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
-{
-	if (M_PKCS12_bag_type(bag) != NID_certBag)
-		return NULL;
-	if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
-		return NULL;
-	return ASN1_item_unpack(bag->value.bag->value.octet,
-	    ASN1_ITEM_rptr(X509));
-}
-
-X509_CRL *
-PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
-{
-	if (M_PKCS12_bag_type(bag) != NID_crlBag)
-		return NULL;
-	if (M_PKCS12_cert_bag_type(bag) != NID_x509Crl)
-		return NULL;
-	return ASN1_item_unpack(bag->value.bag->value.octet,
-	    ASN1_ITEM_rptr(X509_CRL));
-}
diff --git a/lib/libssl/src/crypto/pkcs12/pk12err.c b/lib/libssl/src/crypto/pkcs12/pk12err.c
deleted file mode 100644
index 0464a8303c1..00000000000
--- a/lib/libssl/src/crypto/pkcs12/pk12err.c
+++ /dev/null
@@ -1,144 +0,0 @@
-/* $OpenBSD: pk12err.c,v 1.10 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
-
-static ERR_STRING_DATA PKCS12_str_functs[]= {
-	{ERR_FUNC(PKCS12_F_PARSE_BAG),	"PARSE_BAG"},
-	{ERR_FUNC(PKCS12_F_PARSE_BAGS),	"PARSE_BAGS"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME),	"PKCS12_ADD_FRIENDLYNAME"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),	"PKCS12_add_friendlyname_asc"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),	"PKCS12_add_friendlyname_uni"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID),	"PKCS12_add_localkeyid"},
-	{ERR_FUNC(PKCS12_F_PKCS12_CREATE),	"PKCS12_create"},
-	{ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC),	"PKCS12_gen_mac"},
-	{ERR_FUNC(PKCS12_F_PKCS12_INIT),	"PKCS12_init"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I),	"PKCS12_item_decrypt_d2i"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT),	"PKCS12_item_i2d_encrypt"},
-	{ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG),	"PKCS12_item_pack_safebag"},
-	{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC),	"PKCS12_key_gen_asc"},
-	{ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI),	"PKCS12_key_gen_uni"},
-	{ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG),	"PKCS12_MAKE_KEYBAG"},
-	{ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG),	"PKCS12_MAKE_SHKEYBAG"},
-	{ERR_FUNC(PKCS12_F_PKCS12_NEWPASS),	"PKCS12_newpass"},
-	{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA),	"PKCS12_pack_p7data"},
-	{ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA),	"PKCS12_pack_p7encdata"},
-	{ERR_FUNC(PKCS12_F_PKCS12_PARSE),	"PKCS12_parse"},
-	{ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT),	"PKCS12_pbe_crypt"},
-	{ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN),	"PKCS12_PBE_keyivgen"},
-	{ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC),	"PKCS12_setup_mac"},
-	{ERR_FUNC(PKCS12_F_PKCS12_SET_MAC),	"PKCS12_set_mac"},
-	{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES),	"PKCS12_unpack_authsafes"},
-	{ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA),	"PKCS12_unpack_p7data"},
-	{ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC),	"PKCS12_verify_mac"},
-	{ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE),	"PKCS8_add_keyusage"},
-	{ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT),	"PKCS8_encrypt"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA PKCS12_str_reasons[]= {
-	{ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"},
-	{ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"},
-	{ERR_REASON(PKCS12_R_DECODE_ERROR)       , "decode error"},
-	{ERR_REASON(PKCS12_R_ENCODE_ERROR)       , "encode error"},
-	{ERR_REASON(PKCS12_R_ENCRYPT_ERROR)      , "encrypt error"},
-	{ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE), "error setting encrypted data type"},
-	{ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-	{ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER), "invalid null pkcs12 pointer"},
-	{ERR_REASON(PKCS12_R_IV_GEN_ERROR)       , "iv gen error"},
-	{ERR_REASON(PKCS12_R_KEY_GEN_ERROR)      , "key gen error"},
-	{ERR_REASON(PKCS12_R_MAC_ABSENT)         , "mac absent"},
-	{ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
-	{ERR_REASON(PKCS12_R_MAC_SETUP_ERROR)    , "mac setup error"},
-	{ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
-	{ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR)   , "mac verify error"},
-	{ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE) , "mac verify failure"},
-	{ERR_REASON(PKCS12_R_PARSE_ERROR)        , "parse error"},
-	{ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR), "pkcs12 algor cipherinit error"},
-	{ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR), "pkcs12 cipherfinal error"},
-	{ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR), "pkcs12 pbe crypt error"},
-	{ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM), "unknown digest algorithm"},
-	{ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE), "unsupported pkcs12 mode"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_PKCS12_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, PKCS12_str_functs);
-		ERR_load_strings(0, PKCS12_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/pkcs12/pkcs12.h b/lib/libssl/src/crypto/pkcs12/pkcs12.h
deleted file mode 100644
index ead29fd7178..00000000000
--- a/lib/libssl/src/crypto/pkcs12/pkcs12.h
+++ /dev/null
@@ -1,331 +0,0 @@
-/* $OpenBSD: pkcs12.h,v 1.13 2014/07/08 09:27:21 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PKCS12_H
-#define HEADER_PKCS12_H
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define PKCS12_KEY_ID	1
-#define PKCS12_IV_ID	2
-#define PKCS12_MAC_ID	3
-
-/* Default iteration count */
-#ifndef PKCS12_DEFAULT_ITER
-#define PKCS12_DEFAULT_ITER	PKCS5_DEFAULT_ITER
-#endif
-
-#define PKCS12_MAC_KEY_LENGTH 20
-
-#define PKCS12_SALT_LEN	8
-
-/* Uncomment out next line for unicode password and names, otherwise ASCII */
-
-/*#define PBE_UNICODE*/
-
-#ifdef PBE_UNICODE
-#define PKCS12_key_gen PKCS12_key_gen_uni
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
-#else
-#define PKCS12_key_gen PKCS12_key_gen_asc
-#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
-#endif
-
-/* MS key usage constants */
-
-#define KEY_EX	0x10
-#define KEY_SIG 0x80
-
-typedef struct {
-	X509_SIG *dinfo;
-	ASN1_OCTET_STRING *salt;
-	ASN1_INTEGER *iter;	/* defaults to 1 */
-} PKCS12_MAC_DATA;
-
-typedef struct {
-	ASN1_INTEGER *version;
-	PKCS12_MAC_DATA *mac;
-	PKCS7 *authsafes;
-} PKCS12;
-
-typedef struct {
-	ASN1_OBJECT *type;
-	union {
-	struct pkcs12_bag_st *bag; /* secret, crl and certbag */
-	struct pkcs8_priv_key_info_st	*keybag; /* keybag */
-	X509_SIG *shkeybag; /* shrouded key bag */
-		STACK_OF(PKCS12_SAFEBAG) *safes;
-		ASN1_TYPE *other;
-	} value;
-	STACK_OF(X509_ATTRIBUTE) *attrib;
-} PKCS12_SAFEBAG;
-
-DECLARE_STACK_OF(PKCS12_SAFEBAG)
-DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
-DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
-
-typedef struct pkcs12_bag_st {
-	ASN1_OBJECT *type;
-	union {
-		ASN1_OCTET_STRING *x509cert;
-		ASN1_OCTET_STRING *x509crl;
-		ASN1_OCTET_STRING *octet;
-		ASN1_IA5STRING *sdsicert;
-		ASN1_TYPE *other; /* Secret or other bag */
-	} value;
-} PKCS12_BAGS;
-
-#define PKCS12_ERROR	0
-#define PKCS12_OK	1
-
-/* Compatibility macros */
-
-#define M_PKCS12_x5092certbag PKCS12_x5092certbag
-#define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
-
-#define M_PKCS12_certbag2x509 PKCS12_certbag2x509
-#define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
-
-#define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
-#define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
-#define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
-#define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
-
-#define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
-#define M_PKCS8_decrypt PKCS8_decrypt
-
-#define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
-#define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
-#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
-
-#define PKCS12_get_attr(bag, attr_nid) \
-			 PKCS12_get_attr_gen(bag->attrib, attr_nid)
-
-#define PKCS8_get_attr(p8, attr_nid) \
-		PKCS12_get_attr_gen(p8->attributes, attr_nid)
-
-#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
-
-
-PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
-PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
-X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
-X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
-
-PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
-    int nid1, int nid2);
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass, int passlen);
-PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag, const char *pass,
-    int passlen);
-X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
-    const char *pass, int passlen, unsigned char *salt, int saltlen, int iter,
-    PKCS8_PRIV_KEY_INFO *p8);
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
-    int passlen, unsigned char *salt, int saltlen, int iter,
-    PKCS8_PRIV_KEY_INFO *p8);
-PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
-    unsigned char *salt, int saltlen, int iter, STACK_OF(PKCS12_SAFEBAG) *bags);
-STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
-    int passlen);
-
-int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
-STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
-    int namelen);
-int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
-    int namelen);
-int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
-    int namelen);
-int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name,
-    int namelen);
-int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
-ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
-char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
-unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
-    int passlen, unsigned char *in, int inlen, unsigned char **data,
-    int *datalen, int en_de);
-void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
-    const char *pass, int passlen, ASN1_OCTET_STRING *oct, int zbuf);
-ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
-    const ASN1_ITEM *it, const char *pass, int passlen, void *obj, int zbuf);
-PKCS12 *PKCS12_init(int mode);
-int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
-    int saltlen, int id, int iter, int n, unsigned char *out,
-    const EVP_MD *md_type);
-int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
-    int saltlen, int id, int iter, int n, unsigned char *out,
-    const EVP_MD *md_type);
-int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
-    ASN1_TYPE *param, const EVP_CIPHER *cipher, const EVP_MD *md_type,
-    int en_de);
-int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
-    unsigned char *mac, unsigned int *maclen);
-int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
-int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
-    unsigned char *salt, int saltlen, int iter,
-    const EVP_MD *md_type);
-int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
-    int saltlen, const EVP_MD *md_type);
-unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
-    unsigned char **uni, int *unilen);
-char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
-
-DECLARE_ASN1_FUNCTIONS(PKCS12)
-DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
-DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
-DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
-
-DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
-DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
-
-void PKCS12_PBE_add(void);
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
-    STACK_OF(X509) **ca);
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-    STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
-    int mac_iter, int keytype);
-
-PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
-PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags, EVP_PKEY *key,
-    int key_usage, int iter, int key_nid, char *pass);
-int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
-    int safe_nid, int iter, char *pass);
-PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
-
-int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
-int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
-PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
-PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS12_strings(void);
-
-/* Error codes for the PKCS12 functions. */
-
-/* Function codes. */
-#define PKCS12_F_PARSE_BAG				 129
-#define PKCS12_F_PARSE_BAGS				 103
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME		 100
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC		 127
-#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI		 102
-#define PKCS12_F_PKCS12_ADD_LOCALKEYID			 104
-#define PKCS12_F_PKCS12_CREATE				 105
-#define PKCS12_F_PKCS12_GEN_MAC				 107
-#define PKCS12_F_PKCS12_INIT				 109
-#define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I		 106
-#define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT		 108
-#define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG		 117
-#define PKCS12_F_PKCS12_KEY_GEN_ASC			 110
-#define PKCS12_F_PKCS12_KEY_GEN_UNI			 111
-#define PKCS12_F_PKCS12_MAKE_KEYBAG			 112
-#define PKCS12_F_PKCS12_MAKE_SHKEYBAG			 113
-#define PKCS12_F_PKCS12_NEWPASS				 128
-#define PKCS12_F_PKCS12_PACK_P7DATA			 114
-#define PKCS12_F_PKCS12_PACK_P7ENCDATA			 115
-#define PKCS12_F_PKCS12_PARSE				 118
-#define PKCS12_F_PKCS12_PBE_CRYPT			 119
-#define PKCS12_F_PKCS12_PBE_KEYIVGEN			 120
-#define PKCS12_F_PKCS12_SETUP_MAC			 122
-#define PKCS12_F_PKCS12_SET_MAC				 123
-#define PKCS12_F_PKCS12_UNPACK_AUTHSAFES		 130
-#define PKCS12_F_PKCS12_UNPACK_P7DATA			 131
-#define PKCS12_F_PKCS12_VERIFY_MAC			 126
-#define PKCS12_F_PKCS8_ADD_KEYUSAGE			 124
-#define PKCS12_F_PKCS8_ENCRYPT				 125
-
-/* Reason codes. */
-#define PKCS12_R_CANT_PACK_STRUCTURE			 100
-#define PKCS12_R_CONTENT_TYPE_NOT_DATA			 121
-#define PKCS12_R_DECODE_ERROR				 101
-#define PKCS12_R_ENCODE_ERROR				 102
-#define PKCS12_R_ENCRYPT_ERROR				 103
-#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE	 120
-#define PKCS12_R_INVALID_NULL_ARGUMENT			 104
-#define PKCS12_R_INVALID_NULL_PKCS12_POINTER		 105
-#define PKCS12_R_IV_GEN_ERROR				 106
-#define PKCS12_R_KEY_GEN_ERROR				 107
-#define PKCS12_R_MAC_ABSENT				 108
-#define PKCS12_R_MAC_GENERATION_ERROR			 109
-#define PKCS12_R_MAC_SETUP_ERROR			 110
-#define PKCS12_R_MAC_STRING_SET_ERROR			 111
-#define PKCS12_R_MAC_VERIFY_ERROR			 112
-#define PKCS12_R_MAC_VERIFY_FAILURE			 113
-#define PKCS12_R_PARSE_ERROR				 114
-#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR		 115
-#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR		 116
-#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR			 117
-#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM		 118
-#define PKCS12_R_UNSUPPORTED_PKCS12_MODE		 119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/pkcs7/bio_pk7.c b/lib/libssl/src/crypto/pkcs7/bio_pk7.c
deleted file mode 100644
index 0e4a4f7559d..00000000000
--- a/lib/libssl/src/crypto/pkcs7/bio_pk7.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/* $OpenBSD: bio_pk7.c,v 1.4 2014/06/29 17:05:36 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/pkcs7.h>
-#include <openssl/bio.h>
-
-#include <stdio.h>
-
-/* Streaming encode support for PKCS#7 */
-BIO *
-BIO_new_PKCS7(BIO *out, PKCS7 *p7)
-{
-	return BIO_new_NDEF(out, (ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_asn1.c b/lib/libssl/src/crypto/pkcs7/pk7_asn1.c
deleted file mode 100644
index 81e4a01f14f..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_asn1.c
+++ /dev/null
@@ -1,968 +0,0 @@
-/* $OpenBSD: pk7_asn1.c,v 1.12 2015/07/25 15:33:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-
-/* PKCS#7 ASN1 module */
-
-/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
-
-static const ASN1_TEMPLATE p7default_tt = {
-	.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-	.tag = 0,
-	.offset = offsetof(PKCS7, d.other),
-	.field_name = "d.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE PKCS7_adbtbl[] = {
-	{
-		.value = NID_pkcs7_data,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.data),
-			.field_name = "d.data",
-			.item = &ASN1_OCTET_STRING_NDEF_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_signed,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.sign),
-			.field_name = "d.sign",
-			.item = &PKCS7_SIGNED_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_enveloped,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.enveloped),
-			.field_name = "d.enveloped",
-			.item = &PKCS7_ENVELOPE_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_signedAndEnveloped,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.signed_and_enveloped),
-			.field_name = "d.signed_and_enveloped",
-			.item = &PKCS7_SIGN_ENVELOPE_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_digest,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.digest),
-			.field_name = "d.digest",
-			.item = &PKCS7_DIGEST_it,
-		},
-	
-	},
-	{
-		.value = NID_pkcs7_encrypted,
-		.tt = {
-			.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
-			.tag = 0,
-			.offset = offsetof(PKCS7, d.encrypted),
-			.field_name = "d.encrypted",
-			.item = &PKCS7_ENCRYPT_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB PKCS7_adb = {
-	.flags = 0,
-	.offset = offsetof(PKCS7, type),
-	.app_items = 0,
-	.tbl = PKCS7_adbtbl,
-	.tblcount = sizeof(PKCS7_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &p7default_tt,
-	.null_tt = NULL,
-};
-
-/* PKCS#7 streaming support */
-static int
-pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	ASN1_STREAM_ARG *sarg = exarg;
-	PKCS7 **pp7 = (PKCS7 **)pval;
-
-	switch (operation) {
-	case ASN1_OP_STREAM_PRE:
-		if (PKCS7_stream(&sarg->boundary, *pp7) <= 0)
-			return 0;
-
-	case ASN1_OP_DETACHED_PRE:
-		sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out);
-		if (!sarg->ndef_bio)
-			return 0;
-		break;
-
-	case ASN1_OP_STREAM_POST:
-	case ASN1_OP_DETACHED_POST:
-		if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0)
-			return 0;
-		break;
-	}
-	return 1;
-}
-
-static const ASN1_AUX PKCS7_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = pk7_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE PKCS7_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7, type),
-		.field_name = "type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "PKCS7",
-		.item = (const ASN1_ITEM *)&PKCS7_adb,
-	},
-};
-
-const ASN1_ITEM PKCS7_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_seq_tt,
-	.tcount = sizeof(PKCS7_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &PKCS7_aux,
-	.size = sizeof(PKCS7),
-	.sname = "PKCS7",
-};
-
-
-PKCS7 *
-d2i_PKCS7(PKCS7 **a, const unsigned char **in, long len)
-{
-	return (PKCS7 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_it);
-}
-
-int
-i2d_PKCS7(PKCS7 *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_it);
-}
-
-PKCS7 *
-PKCS7_new(void)
-{
-	return (PKCS7 *)ASN1_item_new(&PKCS7_it);
-}
-
-void
-PKCS7_free(PKCS7 *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_it);
-}
-
-int
-i2d_PKCS7_NDEF(PKCS7 *a, unsigned char **out)
-{
-	return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, &PKCS7_it);
-}
-
-PKCS7 *
-PKCS7_dup(PKCS7 *x)
-{
-	return ASN1_item_dup(&PKCS7_it, x);
-}
-
-static const ASN1_TEMPLATE PKCS7_SIGNED_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNED, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNED, md_algs),
-		.field_name = "md_algs",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNED, contents),
-		.field_name = "contents",
-		.item = &PKCS7_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNED, cert),
-		.field_name = "cert",
-		.item = &X509_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(PKCS7_SIGNED, crl),
-		.field_name = "crl",
-		.item = &X509_CRL_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNED, signer_info),
-		.field_name = "signer_info",
-		.item = &PKCS7_SIGNER_INFO_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_SIGNED_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_SIGNED_seq_tt,
-	.tcount = sizeof(PKCS7_SIGNED_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_SIGNED),
-	.sname = "PKCS7_SIGNED",
-};
-
-
-PKCS7_SIGNED *
-d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, const unsigned char **in, long len)
-{
-	return (PKCS7_SIGNED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_SIGNED_it);
-}
-
-int
-i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGNED_it);
-}
-
-PKCS7_SIGNED *
-PKCS7_SIGNED_new(void)
-{
-	return (PKCS7_SIGNED *)ASN1_item_new(&PKCS7_SIGNED_it);
-}
-
-void
-PKCS7_SIGNED_free(PKCS7_SIGNED *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNED_it);
-}
-
-/* Minor tweak to operation: free up EVP_PKEY */
-static int
-si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_FREE_POST) {
-		PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
-		EVP_PKEY_free(si->pkey);
-	}
-	return 1;
-}
-
-static const ASN1_AUX PKCS7_SIGNER_INFO_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = si_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE PKCS7_SIGNER_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, issuer_and_serial),
-		.field_name = "issuer_and_serial",
-		.item = &PKCS7_ISSUER_AND_SERIAL_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, digest_alg),
-		.field_name = "digest_alg",
-		.item = &X509_ALGOR_it,
-	},
-	/* NB this should be a SET OF but we use a SEQUENCE OF so the
-	 * original order * is retained when the structure is reencoded.
-	 * Since the attributes are implicitly tagged this will not affect
-	 * the encoding.
-	 */
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, auth_attr),
-		.field_name = "auth_attr",
-		.item = &X509_ATTRIBUTE_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, digest_enc_alg),
-		.field_name = "digest_enc_alg",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGNER_INFO, enc_digest),
-		.field_name = "enc_digest",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(PKCS7_SIGNER_INFO, unauth_attr),
-		.field_name = "unauth_attr",
-		.item = &X509_ATTRIBUTE_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_SIGNER_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_SIGNER_INFO_seq_tt,
-	.tcount = sizeof(PKCS7_SIGNER_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &PKCS7_SIGNER_INFO_aux,
-	.size = sizeof(PKCS7_SIGNER_INFO),
-	.sname = "PKCS7_SIGNER_INFO",
-};
-
-
-PKCS7_SIGNER_INFO *
-d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, const unsigned char **in, long len)
-{
-	return (PKCS7_SIGNER_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_SIGNER_INFO_it);
-}
-
-int
-i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGNER_INFO_it);
-}
-
-PKCS7_SIGNER_INFO *
-PKCS7_SIGNER_INFO_new(void)
-{
-	return (PKCS7_SIGNER_INFO *)ASN1_item_new(&PKCS7_SIGNER_INFO_it);
-}
-
-void
-PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNER_INFO_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_ISSUER_AND_SERIAL_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ISSUER_AND_SERIAL, issuer),
-		.field_name = "issuer",
-		.item = &X509_NAME_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ISSUER_AND_SERIAL, serial),
-		.field_name = "serial",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_ISSUER_AND_SERIAL_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_ISSUER_AND_SERIAL_seq_tt,
-	.tcount = sizeof(PKCS7_ISSUER_AND_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_ISSUER_AND_SERIAL),
-	.sname = "PKCS7_ISSUER_AND_SERIAL",
-};
-
-
-PKCS7_ISSUER_AND_SERIAL *
-d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, const unsigned char **in, long len)
-{
-	return (PKCS7_ISSUER_AND_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_ISSUER_AND_SERIAL_it);
-}
-
-int
-i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ISSUER_AND_SERIAL_it);
-}
-
-PKCS7_ISSUER_AND_SERIAL *
-PKCS7_ISSUER_AND_SERIAL_new(void)
-{
-	return (PKCS7_ISSUER_AND_SERIAL *)ASN1_item_new(&PKCS7_ISSUER_AND_SERIAL_it);
-}
-
-void
-PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ISSUER_AND_SERIAL_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_ENVELOPE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENVELOPE, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENVELOPE, recipientinfo),
-		.field_name = "recipientinfo",
-		.item = &PKCS7_RECIP_INFO_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENVELOPE, enc_data),
-		.field_name = "enc_data",
-		.item = &PKCS7_ENC_CONTENT_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_ENVELOPE_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_ENVELOPE_seq_tt,
-	.tcount = sizeof(PKCS7_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_ENVELOPE),
-	.sname = "PKCS7_ENVELOPE",
-};
-
-
-PKCS7_ENVELOPE *
-d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, const unsigned char **in, long len)
-{
-	return (PKCS7_ENVELOPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_ENVELOPE_it);
-}
-
-int
-i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENVELOPE_it);
-}
-
-PKCS7_ENVELOPE *
-PKCS7_ENVELOPE_new(void)
-{
-	return (PKCS7_ENVELOPE *)ASN1_item_new(&PKCS7_ENVELOPE_it);
-}
-
-void
-PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENVELOPE_it);
-}
-
-/* Minor tweak to operation: free up X509 */
-static int
-ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_FREE_POST) {
-		PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
-		X509_free(ri->cert);
-	}
-	return 1;
-}
-
-static const ASN1_AUX PKCS7_RECIP_INFO_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = ri_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE PKCS7_RECIP_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_RECIP_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_RECIP_INFO, issuer_and_serial),
-		.field_name = "issuer_and_serial",
-		.item = &PKCS7_ISSUER_AND_SERIAL_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_RECIP_INFO, key_enc_algor),
-		.field_name = "key_enc_algor",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_RECIP_INFO, enc_key),
-		.field_name = "enc_key",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_RECIP_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_RECIP_INFO_seq_tt,
-	.tcount = sizeof(PKCS7_RECIP_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &PKCS7_RECIP_INFO_aux,
-	.size = sizeof(PKCS7_RECIP_INFO),
-	.sname = "PKCS7_RECIP_INFO",
-};
-
-
-PKCS7_RECIP_INFO *
-d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, const unsigned char **in, long len)
-{
-	return (PKCS7_RECIP_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_RECIP_INFO_it);
-}
-
-int
-i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_RECIP_INFO_it);
-}
-
-PKCS7_RECIP_INFO *
-PKCS7_RECIP_INFO_new(void)
-{
-	return (PKCS7_RECIP_INFO *)ASN1_item_new(&PKCS7_RECIP_INFO_it);
-}
-
-void
-PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_RECIP_INFO_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_ENC_CONTENT_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENC_CONTENT, content_type),
-		.field_name = "content_type",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENC_CONTENT, algorithm),
-		.field_name = "algorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENC_CONTENT, enc_data),
-		.field_name = "enc_data",
-		.item = &ASN1_OCTET_STRING_NDEF_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_ENC_CONTENT_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_ENC_CONTENT_seq_tt,
-	.tcount = sizeof(PKCS7_ENC_CONTENT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_ENC_CONTENT),
-	.sname = "PKCS7_ENC_CONTENT",
-};
-
-
-PKCS7_ENC_CONTENT *
-d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, const unsigned char **in, long len)
-{
-	return (PKCS7_ENC_CONTENT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_ENC_CONTENT_it);
-}
-
-int
-i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENC_CONTENT_it);
-}
-
-PKCS7_ENC_CONTENT *
-PKCS7_ENC_CONTENT_new(void)
-{
-	return (PKCS7_ENC_CONTENT *)ASN1_item_new(&PKCS7_ENC_CONTENT_it);
-}
-
-void
-PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENC_CONTENT_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_SIGN_ENVELOPE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, recipientinfo),
-		.field_name = "recipientinfo",
-		.item = &PKCS7_RECIP_INFO_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, md_algs),
-		.field_name = "md_algs",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, enc_data),
-		.field_name = "enc_data",
-		.item = &PKCS7_ENC_CONTENT_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, cert),
-		.field_name = "cert",
-		.item = &X509_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, crl),
-		.field_name = "crl",
-		.item = &X509_CRL_it,
-	},
-	{
-		.flags = ASN1_TFLG_SET_OF,
-		.tag = 0,
-		.offset = offsetof(PKCS7_SIGN_ENVELOPE, signer_info),
-		.field_name = "signer_info",
-		.item = &PKCS7_SIGNER_INFO_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_SIGN_ENVELOPE_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_SIGN_ENVELOPE_seq_tt,
-	.tcount = sizeof(PKCS7_SIGN_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_SIGN_ENVELOPE),
-	.sname = "PKCS7_SIGN_ENVELOPE",
-};
-
-
-PKCS7_SIGN_ENVELOPE *
-d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, const unsigned char **in, long len)
-{
-	return (PKCS7_SIGN_ENVELOPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_SIGN_ENVELOPE_it);
-}
-
-int
-i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_SIGN_ENVELOPE_it);
-}
-
-PKCS7_SIGN_ENVELOPE *
-PKCS7_SIGN_ENVELOPE_new(void)
-{
-	return (PKCS7_SIGN_ENVELOPE *)ASN1_item_new(&PKCS7_SIGN_ENVELOPE_it);
-}
-
-void
-PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGN_ENVELOPE_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_ENCRYPT_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENCRYPT, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_ENCRYPT, enc_data),
-		.field_name = "enc_data",
-		.item = &PKCS7_ENC_CONTENT_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_ENCRYPT_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_ENCRYPT_seq_tt,
-	.tcount = sizeof(PKCS7_ENCRYPT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_ENCRYPT),
-	.sname = "PKCS7_ENCRYPT",
-};
-
-
-PKCS7_ENCRYPT *
-d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, const unsigned char **in, long len)
-{
-	return (PKCS7_ENCRYPT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_ENCRYPT_it);
-}
-
-int
-i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_ENCRYPT_it);
-}
-
-PKCS7_ENCRYPT *
-PKCS7_ENCRYPT_new(void)
-{
-	return (PKCS7_ENCRYPT *)ASN1_item_new(&PKCS7_ENCRYPT_it);
-}
-
-void
-PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENCRYPT_it);
-}
-
-static const ASN1_TEMPLATE PKCS7_DIGEST_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_DIGEST, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_DIGEST, md),
-		.field_name = "md",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_DIGEST, contents),
-		.field_name = "contents",
-		.item = &PKCS7_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PKCS7_DIGEST, digest),
-		.field_name = "digest",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM PKCS7_DIGEST_it = {
-	.itype = ASN1_ITYPE_NDEF_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKCS7_DIGEST_seq_tt,
-	.tcount = sizeof(PKCS7_DIGEST_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKCS7_DIGEST),
-	.sname = "PKCS7_DIGEST",
-};
-
-
-PKCS7_DIGEST *
-d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, const unsigned char **in, long len)
-{
-	return (PKCS7_DIGEST *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKCS7_DIGEST_it);
-}
-
-int
-i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS7_DIGEST_it);
-}
-
-PKCS7_DIGEST *
-PKCS7_DIGEST_new(void)
-{
-	return (PKCS7_DIGEST *)ASN1_item_new(&PKCS7_DIGEST_it);
-}
-
-void
-PKCS7_DIGEST_free(PKCS7_DIGEST *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKCS7_DIGEST_it);
-}
-
-/* Specials for authenticated attributes */
-
-/* When signing attributes we want to reorder them to match the sorted
- * encoding.
- */
-
-static const ASN1_TEMPLATE PKCS7_ATTR_SIGN_item_tt = {
-	.flags = ASN1_TFLG_SET_ORDER,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "PKCS7_ATTRIBUTES",
-	.item = &X509_ATTRIBUTE_it,
-};
-
-const ASN1_ITEM PKCS7_ATTR_SIGN_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &PKCS7_ATTR_SIGN_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "PKCS7_ATTR_SIGN",
-};
-
-/* When verifying attributes we need to use the received order. So
- * we use SEQUENCE OF and tag it to SET OF
- */
-
-static const ASN1_TEMPLATE PKCS7_ATTR_VERIFY_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
-	.tag = V_ASN1_SET,
-	.offset = 0,
-	.field_name = "PKCS7_ATTRIBUTES",
-	.item = &X509_ATTRIBUTE_it,
-};
-
-const ASN1_ITEM PKCS7_ATTR_VERIFY_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &PKCS7_ATTR_VERIFY_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "PKCS7_ATTR_VERIFY",
-};
-
-
-int
-PKCS7_print_ctx(BIO *out, PKCS7 *x, int indent, const ASN1_PCTX *pctx)
-{
-	return ASN1_item_print(out, (ASN1_VALUE *)x, indent,
-	    &PKCS7_it, pctx);
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_attr.c b/lib/libssl/src/crypto/pkcs7/pk7_attr.c
deleted file mode 100644
index 554a47673ba..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_attr.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* $OpenBSD: pk7_attr.c,v 1.10 2014/10/28 05:46:56 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/bio.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/pkcs7.h>
-#include <openssl/x509.h>
-#include <openssl/err.h>
-
-int
-PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap)
-{
-	ASN1_STRING *seq;
-	if (!(seq = ASN1_STRING_new())) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
-	    ASN1_ITEM_rptr(X509_ALGORS));
-	return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
-	    V_ASN1_SEQUENCE, seq);
-}
-
-STACK_OF(X509_ALGOR) *
-PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
-{
-	ASN1_TYPE *cap;
-	const unsigned char *p;
-
-	cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
-	if (!cap || (cap->type != V_ASN1_SEQUENCE))
-		return NULL;
-	p = cap->value.sequence->data;
-	return (STACK_OF(X509_ALGOR) *)
-	ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
-	    ASN1_ITEM_rptr(X509_ALGORS));
-}
-
-/* Basic smime-capabilities OID and optional integer arg */
-int
-PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-	X509_ALGOR *alg;
-
-	if (!(alg = X509_ALGOR_new())) {
-		PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_OBJECT_free(alg->algorithm);
-	alg->algorithm = OBJ_nid2obj(nid);
-	if (arg > 0) {
-		ASN1_INTEGER *nbit;
-
-		if (!(alg->parameter = ASN1_TYPE_new()))
-			goto err;
-		if (!(nbit = ASN1_INTEGER_new()))
-			goto err;
-		if (!ASN1_INTEGER_set(nbit, arg)) {
-			ASN1_INTEGER_free(nbit);
-			goto err;
-		}
-		alg->parameter->value.integer = nbit;
-		alg->parameter->type = V_ASN1_INTEGER;
-	}
-	if (sk_X509_ALGOR_push(sk, alg) == 0)
-		goto err;
-	return 1;
-
-err:
-	PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
-	X509_ALGOR_free(alg);
-	return 0;
-}
-
-int
-PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
-{
-	if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
-		return 0;
-	if (!coid)
-		coid = OBJ_nid2obj(NID_pkcs7_data);
-	return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-	    V_ASN1_OBJECT, coid);
-}
-
-int
-PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
-{
-	if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
-		PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
-		    ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
-	    V_ASN1_UTCTIME, t);
-}
-
-int
-PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, const unsigned char *md,
-    int mdlen)
-{
-	ASN1_OCTET_STRING *os;
-
-	os = ASN1_OCTET_STRING_new();
-	if (!os)
-		return 0;
-	if (!ASN1_STRING_set(os, md, mdlen) ||
-	    !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
-	    V_ASN1_OCTET_STRING, os)) {
-		ASN1_OCTET_STRING_free(os);
-		return 0;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/lib/libssl/src/crypto/pkcs7/pk7_doit.c
deleted file mode 100644
index 50e4fe39c1c..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_doit.c
+++ /dev/null
@@ -1,1287 +0,0 @@
-/* $OpenBSD: pk7_doit.c,v 1.38 2015/09/30 18:41:06 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
-    void *value);
-static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
-
-static int
-PKCS7_type_is_other(PKCS7* p7)
-{
-	int isOther = 1;
-
-	int nid = OBJ_obj2nid(p7->type);
-
-	switch (nid ) {
-	case NID_pkcs7_data:
-	case NID_pkcs7_signed:
-	case NID_pkcs7_enveloped:
-	case NID_pkcs7_signedAndEnveloped:
-	case NID_pkcs7_digest:
-	case NID_pkcs7_encrypted:
-		isOther = 0;
-		break;
-	default:
-		isOther = 1;
-	}
-
-	return isOther;
-
-}
-
-static ASN1_OCTET_STRING *
-PKCS7_get_octet_string(PKCS7 *p7)
-{
-	if (PKCS7_type_is_data(p7))
-		return p7->d.data;
-	if (PKCS7_type_is_other(p7) && p7->d.other &&
-	    (p7->d.other->type == V_ASN1_OCTET_STRING))
-		return p7->d.other->value.octet_string;
-	return NULL;
-}
-
-static int
-PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
-{
-	BIO *btmp;
-	const EVP_MD *md;
-	if ((btmp = BIO_new(BIO_f_md())) == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
-		goto err;
-	}
-
-	md = EVP_get_digestbyobj(alg->algorithm);
-	if (md == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST,
-		    PKCS7_R_UNKNOWN_DIGEST_TYPE);
-		goto err;
-	}
-
-	BIO_set_md(btmp, md);
-	if (*pbio == NULL)
-		*pbio = btmp;
-	else if (!BIO_push(*pbio, btmp)) {
-		PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
-		goto err;
-	}
-	btmp = NULL;
-
-	return 1;
-
-err:
-	BIO_free(btmp);
-	return 0;
-
-}
-
-static int
-pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri, unsigned char *key, int keylen)
-{
-	EVP_PKEY_CTX *pctx = NULL;
-	EVP_PKEY *pkey = NULL;
-	unsigned char *ek = NULL;
-	int ret = 0;
-	size_t eklen;
-
-	pkey = X509_get_pubkey(ri->cert);
-	if (!pkey)
-		return 0;
-
-	pctx = EVP_PKEY_CTX_new(pkey, NULL);
-	if (!pctx)
-		return 0;
-
-	if (EVP_PKEY_encrypt_init(pctx) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
-	    EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
-		goto err;
-	}
-
-	if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
-		goto err;
-
-	ek = malloc(eklen);
-
-	if (ek == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
-		goto err;
-
-	ASN1_STRING_set0(ri->enc_key, ek, eklen);
-	ek = NULL;
-
-	ret = 1;
-
-err:
-	EVP_PKEY_free(pkey);
-	EVP_PKEY_CTX_free(pctx);
-	free(ek);
-	return ret;
-}
-
-
-static int
-pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen, PKCS7_RECIP_INFO *ri,
-    EVP_PKEY *pkey)
-{
-	EVP_PKEY_CTX *pctx = NULL;
-	unsigned char *ek = NULL;
-	size_t eklen;
-
-	int ret = -1;
-
-	pctx = EVP_PKEY_CTX_new(pkey, NULL);
-	if (!pctx)
-		return -1;
-
-	if (EVP_PKEY_decrypt_init(pctx) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
-	    EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
-		goto err;
-	}
-
-	if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
-	    ri->enc_key->data, ri->enc_key->length) <= 0)
-		goto err;
-
-	ek = malloc(eklen);
-	if (ek == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (EVP_PKEY_decrypt(pctx, ek, &eklen,
-	    ri->enc_key->data, ri->enc_key->length) <= 0) {
-		ret = 0;
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
-		goto err;
-	}
-
-	ret = 1;
-
-	if (*pek) {
-		explicit_bzero(*pek, *peklen);
-		free(*pek);
-	}
-
-	*pek = ek;
-	*peklen = eklen;
-
-err:
-	EVP_PKEY_CTX_free(pctx);
-	if (!ret && ek)
-		free(ek);
-
-	return ret;
-}
-
-BIO *
-PKCS7_dataInit(PKCS7 *p7, BIO *bio)
-{
-	int i;
-	BIO *out = NULL, *btmp = NULL;
-	X509_ALGOR *xa = NULL;
-	const EVP_CIPHER *evp_cipher = NULL;
-	STACK_OF(X509_ALGOR) *md_sk = NULL;
-	STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
-	X509_ALGOR *xalg = NULL;
-	PKCS7_RECIP_INFO *ri = NULL;
-	ASN1_OCTET_STRING *os = NULL;
-
-	if (p7 == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_INVALID_NULL_POINTER);
-		return NULL;
-	}
-
-	/*
-	 * The content field in the PKCS7 ContentInfo is optional,
-	 * but that really only applies to inner content (precisely,
-	 * detached signatures).
-	 *
-	 * When reading content, missing outer content is therefore
-	 * treated as an error.
-	 *
-	 * When creating content, PKCS7_content_new() must be called
-	 * before calling this method, so a NULL p7->d is always
-	 * an error.
-	 */
-	if (p7->d.ptr == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_NO_CONTENT);
-		return NULL;
-	}
-
-	i = OBJ_obj2nid(p7->type);
-	p7->state = PKCS7_S_HEADER;
-
-	switch (i) {
-	case NID_pkcs7_signed:
-		md_sk = p7->d.sign->md_algs;
-		os = PKCS7_get_octet_string(p7->d.sign->contents);
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		rsk = p7->d.signed_and_enveloped->recipientinfo;
-		md_sk = p7->d.signed_and_enveloped->md_algs;
-		xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
-		evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
-		if (evp_cipher == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-			    PKCS7_R_CIPHER_NOT_INITIALIZED);
-			goto err;
-		}
-		break;
-	case NID_pkcs7_enveloped:
-		rsk = p7->d.enveloped->recipientinfo;
-		xalg = p7->d.enveloped->enc_data->algorithm;
-		evp_cipher = p7->d.enveloped->enc_data->cipher;
-		if (evp_cipher == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-			    PKCS7_R_CIPHER_NOT_INITIALIZED);
-			goto err;
-		}
-		break;
-	case NID_pkcs7_digest:
-		xa = p7->d.digest->md;
-		os = PKCS7_get_octet_string(p7->d.digest->contents);
-		break;
-	case NID_pkcs7_data:
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATAINIT,
-		    PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-	}
-
-	for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
-		if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
-			goto err;
-
-	if (xa && !PKCS7_bio_add_digest(&out, xa))
-		goto err;
-
-	if (evp_cipher != NULL) {
-		unsigned char key[EVP_MAX_KEY_LENGTH];
-		unsigned char iv[EVP_MAX_IV_LENGTH];
-		int keylen, ivlen;
-		EVP_CIPHER_CTX *ctx;
-
-		if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);
-			goto err;
-		}
-		BIO_get_cipher_ctx(btmp, &ctx);
-		keylen = EVP_CIPHER_key_length(evp_cipher);
-		ivlen = EVP_CIPHER_iv_length(evp_cipher);
-		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
-		if (ivlen > 0)
-			arc4random_buf(iv, ivlen);
-		if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL,
-		    NULL, 1) <= 0)
-			goto err;
-		if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
-			goto err;
-		if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
-			goto err;
-
-		if (ivlen > 0) {
-			if (xalg->parameter == NULL) {
-				xalg->parameter = ASN1_TYPE_new();
-				if (xalg->parameter == NULL)
-					goto err;
-			}
-			if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
-				goto err;
-		}
-
-		/* Lets do the pub key stuff :-) */
-		for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-			ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-			if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
-				goto err;
-		}
-		explicit_bzero(key, keylen);
-
-		if (out == NULL)
-			out = btmp;
-		else
-			BIO_push(out, btmp);
-		btmp = NULL;
-	}
-
-	if (bio == NULL) {
-		if (PKCS7_is_detached(p7))
-			bio = BIO_new(BIO_s_null());
-		else if (os && os->length > 0)
-			bio = BIO_new_mem_buf(os->data, os->length);
-		if (bio == NULL) {
-			bio = BIO_new(BIO_s_mem());
-			if (bio == NULL)
-				goto err;
-			BIO_set_mem_eof_return(bio, 0);
-		}
-	}
-	if (out)
-		BIO_push(out, bio);
-	else
-		out = bio;
-	bio = NULL;
-	if (0) {
-err:
-		if (out != NULL)
-			BIO_free_all(out);
-		if (btmp != NULL)
-			BIO_free_all(btmp);
-		out = NULL;
-	}
-	return (out);
-}
-
-static int
-pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
-{
-	int ret;
-
-	ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
-	    pcert->cert_info->issuer);
-	if (ret)
-		return ret;
-	return ASN1_STRING_cmp(pcert->cert_info->serialNumber,
-	    ri->issuer_and_serial->serial);
-}
-
-/* int */
-BIO *
-PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
-{
-	int i, j;
-	BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
-	X509_ALGOR *xa;
-	ASN1_OCTET_STRING *data_body = NULL;
-	const EVP_MD *evp_md;
-	const EVP_CIPHER *evp_cipher = NULL;
-	EVP_CIPHER_CTX *evp_ctx = NULL;
-	X509_ALGOR *enc_alg = NULL;
-	STACK_OF(X509_ALGOR) *md_sk = NULL;
-	STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
-	PKCS7_RECIP_INFO *ri = NULL;
-	unsigned char *ek = NULL, *tkey = NULL;
-	int eklen = 0, tkeylen = 0;
-
-	if (p7 == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-		    PKCS7_R_INVALID_NULL_POINTER);
-		return NULL;
-	}
-
-	if (p7->d.ptr == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT);
-		return NULL;
-	}
-
-	i = OBJ_obj2nid(p7->type);
-	p7->state = PKCS7_S_HEADER;
-
-	switch (i) {
-	case NID_pkcs7_signed:
-		data_body = PKCS7_get_octet_string(p7->d.sign->contents);
-		md_sk = p7->d.sign->md_algs;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		rsk = p7->d.signed_and_enveloped->recipientinfo;
-		md_sk = p7->d.signed_and_enveloped->md_algs;
-		data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
-		enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
-		evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
-		if (evp_cipher == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-			    PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-			goto err;
-		}
-		break;
-	case NID_pkcs7_enveloped:
-		rsk = p7->d.enveloped->recipientinfo;
-		enc_alg = p7->d.enveloped->enc_data->algorithm;
-		data_body = p7->d.enveloped->enc_data->enc_data;
-		evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
-		if (evp_cipher == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-			    PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
-			goto err;
-		}
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-		    PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-	}
-
-	/* We will be checking the signature */
-	if (md_sk != NULL) {
-		for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
-			xa = sk_X509_ALGOR_value(md_sk, i);
-			if ((btmp = BIO_new(BIO_f_md())) == NULL) {
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-				    ERR_R_BIO_LIB);
-				goto err;
-			}
-
-			j = OBJ_obj2nid(xa->algorithm);
-			evp_md = EVP_get_digestbynid(j);
-			if (evp_md == NULL) {
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-				    PKCS7_R_UNKNOWN_DIGEST_TYPE);
-				goto err;
-			}
-
-			BIO_set_md(btmp, evp_md);
-			if (out == NULL)
-				out = btmp;
-			else
-				BIO_push(out, btmp);
-			btmp = NULL;
-		}
-	}
-
-	if (evp_cipher != NULL) {
-		if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
-			goto err;
-		}
-
-		/* It was encrypted, we need to decrypt the secret key
-		 * with the private key */
-
-		/* Find the recipientInfo which matches the passed certificate
-		 * (if any)
-		 */
-		if (pcert) {
-			for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-				ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-				if (!pkcs7_cmp_ri(ri, pcert))
-					break;
-				ri = NULL;
-			}
-			if (ri == NULL) {
-				PKCS7err(PKCS7_F_PKCS7_DATADECODE,
-				    PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
-				goto err;
-			}
-		}
-
-		/* If we haven't got a certificate try each ri in turn */
-		if (pcert == NULL) {
-			/* Always attempt to decrypt all rinfo even
-			 * after sucess as a defence against MMA timing
-			 * attacks.
-			 */
-			for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
-				ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
-
-				if (pkcs7_decrypt_rinfo(&ek, &eklen,
-				    ri, pkey) < 0)
-					goto err;
-				ERR_clear_error();
-			}
-		} else {
-			/* Only exit on fatal errors, not decrypt failure */
-			if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
-				goto err;
-			ERR_clear_error();
-		}
-
-		evp_ctx = NULL;
-		BIO_get_cipher_ctx(etmp, &evp_ctx);
-		if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL,
-		    NULL, 0) <= 0)
-			goto err;
-		if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
-			goto err;
-		/* Generate random key as MMA defence */
-		tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
-		tkey = malloc(tkeylen);
-		if (!tkey)
-			goto err;
-		if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
-			goto err;
-		if (ek == NULL) {
-			ek = tkey;
-			eklen = tkeylen;
-			tkey = NULL;
-		}
-
-		if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
-			/* Some S/MIME clients don't use the same key
-			 * and effective key length. The key length is
-			 * determined by the size of the decrypted RSA key.
-			 */
-			if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
-				/* Use random key as MMA defence */
-				explicit_bzero(ek, eklen);
-				free(ek);
-				ek = tkey;
-				eklen = tkeylen;
-				tkey = NULL;
-			}
-		}
-		/* Clear errors so we don't leak information useful in MMA */
-		ERR_clear_error();
-		if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
-			goto err;
-
-		if (ek) {
-			explicit_bzero(ek, eklen);
-			free(ek);
-			ek = NULL;
-		}
-		if (tkey) {
-			explicit_bzero(tkey, tkeylen);
-			free(tkey);
-			tkey = NULL;
-		}
-
-		if (out == NULL)
-			out = etmp;
-		else
-			BIO_push(out, etmp);
-		etmp = NULL;
-	}
-
-	if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
-		bio = in_bio;
-	} else {
-		if (data_body != NULL && data_body->length > 0)
-			bio = BIO_new_mem_buf(data_body->data, data_body->length);
-		else {
-			bio = BIO_new(BIO_s_mem());
-			BIO_set_mem_eof_return(bio, 0);
-		}
-		if (bio == NULL)
-			goto err;
-	}
-	BIO_push(out, bio);
-
-	if (0) {
-err:
-		if (ek) {
-			explicit_bzero(ek, eklen);
-			free(ek);
-		}
-		if (tkey) {
-			explicit_bzero(tkey, tkeylen);
-			free(tkey);
-		}
-		if (out != NULL)
-			BIO_free_all(out);
-		if (btmp != NULL)
-			BIO_free_all(btmp);
-		if (etmp != NULL)
-			BIO_free_all(etmp);
-		out = NULL;
-	}
-	return (out);
-}
-
-static BIO *
-PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
-{
-	for (;;) {
-		bio = BIO_find_type(bio, BIO_TYPE_MD);
-		if (bio == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
-			    PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-			return NULL;
-		}
-		BIO_get_md_ctx(bio, pmd);
-		if (*pmd == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-		if (EVP_MD_CTX_type(*pmd) == nid)
-			return bio;
-		bio = BIO_next(bio);
-	}
-	return NULL;
-}
-
-static int
-do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
-{
-	unsigned char md_data[EVP_MAX_MD_SIZE];
-	unsigned int md_len;
-
-	/* Add signing time if not already present */
-	if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
-		if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
-			PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-
-	/* Add digest */
-	if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
-		PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
-		return 0;
-	}
-	if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
-		PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	/* Now sign the attributes */
-	if (!PKCS7_SIGNER_INFO_sign(si))
-		return 0;
-
-	return 1;
-}
-
-
-int
-PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
-{
-	int ret = 0;
-	int i, j;
-	BIO *btmp;
-	PKCS7_SIGNER_INFO *si;
-	EVP_MD_CTX *mdc, ctx_tmp;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
-	ASN1_OCTET_STRING *os = NULL;
-
-	if (p7 == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-		    PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if (p7->d.ptr == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_NO_CONTENT);
-		return 0;
-	}
-
-	EVP_MD_CTX_init(&ctx_tmp);
-	i = OBJ_obj2nid(p7->type);
-	p7->state = PKCS7_S_HEADER;
-
-	switch (i) {
-	case NID_pkcs7_data:
-		os = p7->d.data;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		/* XXX */
-		si_sk = p7->d.signed_and_enveloped->signer_info;
-		os = p7->d.signed_and_enveloped->enc_data->enc_data;
-		if (!os) {
-			os = ASN1_OCTET_STRING_new();
-			if (!os) {
-				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			p7->d.signed_and_enveloped->enc_data->enc_data = os;
-		}
-		break;
-	case NID_pkcs7_enveloped:
-		/* XXX */
-		os = p7->d.enveloped->enc_data->enc_data;
-		if (!os) {
-			os = ASN1_OCTET_STRING_new();
-			if (!os) {
-				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			p7->d.enveloped->enc_data->enc_data = os;
-		}
-		break;
-	case NID_pkcs7_signed:
-		si_sk = p7->d.sign->signer_info;
-		os = PKCS7_get_octet_string(p7->d.sign->contents);
-		if (!PKCS7_is_detached(p7) && os == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_DECODE_ERROR);
-			goto err;
-		}
-		/* If detached data then the content is excluded */
-		if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
-			ASN1_OCTET_STRING_free(os);
-			os = NULL;
-			p7->d.sign->contents->d.data = NULL;
-		}
-		break;
-
-	case NID_pkcs7_digest:
-		os = PKCS7_get_octet_string(p7->d.digest->contents);
-		if (os == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_DECODE_ERROR);
-			goto err;
-		}
-		/* If detached data then the content is excluded */
-		if (PKCS7_type_is_data(p7->d.digest->contents) &&
-		    p7->detached) {
-			ASN1_OCTET_STRING_free(os);
-			os = NULL;
-			p7->d.digest->contents->d.data = NULL;
-		}
-		break;
-
-	default:
-		PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-		    PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-	}
-
-	if (si_sk != NULL) {
-		for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
-			si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
-			if (si->pkey == NULL)
-				continue;
-
-			j = OBJ_obj2nid(si->digest_alg->algorithm);
-
-			btmp = bio;
-
-			btmp = PKCS7_find_digest(&mdc, btmp, j);
-
-			if (btmp == NULL)
-				goto err;
-
-			/* We now have the EVP_MD_CTX, lets do the
-			 * signing. */
-			if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
-				goto err;
-
-			sk = si->auth_attr;
-
-			/* If there are attributes, we add the digest
-			 * attribute and only sign the attributes */
-			if (sk_X509_ATTRIBUTE_num(sk) > 0) {
-				if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
-					goto err;
-			} else {
-				unsigned char *abuf = NULL;
-				unsigned int abuflen;
-				abuflen = EVP_PKEY_size(si->pkey);
-				abuf = malloc(abuflen);
-				if (!abuf)
-					goto err;
-
-				if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen,
-				    si->pkey)) {
-					PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-					    ERR_R_EVP_LIB);
-					goto err;
-				}
-				ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
-			}
-		}
-	} else if (i == NID_pkcs7_digest) {
-		unsigned char md_data[EVP_MAX_MD_SIZE];
-		unsigned int md_len;
-
-		if (!PKCS7_find_digest(&mdc, bio,
-		    OBJ_obj2nid(p7->d.digest->md->algorithm)))
-			goto err;
-		if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
-			goto err;
-		if (ASN1_STRING_set(p7->d.digest->digest, md_data,
-		    md_len) == 0)
-			goto err;
-	}
-
-	if (!PKCS7_is_detached(p7)) {
-		/*
-		 * NOTE: only reach os == NULL here because detached
-		 * digested data support is broken?
-		 */
-		if (os == NULL)
-			goto err;
-		if (!(os->flags & ASN1_STRING_FLAG_NDEF)) {
-			char *cont;
-			long contlen;
-
-			btmp = BIO_find_type(bio, BIO_TYPE_MEM);
-			if (btmp == NULL) {
-				PKCS7err(PKCS7_F_PKCS7_DATAFINAL,
-				    PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
-				goto err;
-			}
-			contlen = BIO_get_mem_data(btmp, &cont);
-			/*
-			 * Mark the BIO read only then we can use its copy
-			 * of the data instead of making an extra copy.
-			 */
-			BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
-			BIO_set_mem_eof_return(btmp, 0);
-			ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
-		}
-	}
-	ret = 1;
-err:
-	EVP_MD_CTX_cleanup(&ctx_tmp);
-	return (ret);
-}
-
-int
-PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
-{
-	EVP_MD_CTX mctx;
-	EVP_PKEY_CTX *pctx;
-	unsigned char *abuf = NULL;
-	int alen;
-	size_t siglen;
-	const EVP_MD *md = NULL;
-
-	md = EVP_get_digestbyobj(si->digest_alg->algorithm);
-	if (md == NULL)
-		return 0;
-
-	EVP_MD_CTX_init(&mctx);
-	if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-	    EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
-		goto err;
-	}
-
-	alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
-	    ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
-	if (!abuf)
-		goto err;
-	if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
-		goto err;
-	free(abuf);
-	abuf = NULL;
-	if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
-		goto err;
-	abuf = malloc(siglen);
-	if (!abuf)
-		goto err;
-	if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-	    EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
-		goto err;
-	}
-
-	EVP_MD_CTX_cleanup(&mctx);
-
-	ASN1_STRING_set0(si->enc_digest, abuf, siglen);
-
-	return 1;
-
-err:
-	free(abuf);
-	EVP_MD_CTX_cleanup(&mctx);
-	return 0;
-}
-
-int
-PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
-    PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-	PKCS7_ISSUER_AND_SERIAL *ias;
-	int ret = 0, i;
-	STACK_OF(X509) *cert;
-	X509 *x509;
-
-	if (p7 == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
-		    PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if (p7->d.ptr == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_NO_CONTENT);
-		return 0;
-	}
-
-	if (PKCS7_type_is_signed(p7)) {
-		cert = p7->d.sign->cert;
-	} else if (PKCS7_type_is_signedAndEnveloped(p7)) {
-		cert = p7->d.signed_and_enveloped->cert;
-	} else {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
-		goto err;
-	}
-	/* XXXX */
-	ias = si->issuer_and_serial;
-
-	x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
-
-	/* were we able to find the cert in passed to us */
-	if (x509 == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
-		    PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
-		goto err;
-	}
-
-	/* Lets verify */
-	if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
-		goto err;
-	}
-	X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
-	i = X509_verify_cert(ctx);
-	if (i <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
-		X509_STORE_CTX_cleanup(ctx);
-		goto err;
-	}
-	X509_STORE_CTX_cleanup(ctx);
-
-	return PKCS7_signatureVerify(bio, p7, si, x509);
-err:
-	
-	return ret;
-}
-
-int
-PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, X509 *x509)
-{
-	ASN1_OCTET_STRING *os;
-	EVP_MD_CTX mdc_tmp, *mdc;
-	int ret = 0, i;
-	int md_type;
-	STACK_OF(X509_ATTRIBUTE) *sk;
-	BIO *btmp;
-	EVP_PKEY *pkey;
-
-	EVP_MD_CTX_init(&mdc_tmp);
-
-	if (!PKCS7_type_is_signed(p7) &&
-	    !PKCS7_type_is_signedAndEnveloped(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-		    PKCS7_R_WRONG_PKCS7_TYPE);
-		goto err;
-	}
-
-	md_type = OBJ_obj2nid(si->digest_alg->algorithm);
-
-	btmp = bio;
-	for (;;) {
-		if ((btmp == NULL) ||
-		    ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-			    PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-			goto err;
-		}
-		BIO_get_md_ctx(btmp, &mdc);
-		if (mdc == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		if (EVP_MD_CTX_type(mdc) == md_type)
-			break;
-		/* Workaround for some broken clients that put the signature
-		 * OID instead of the digest OID in digest_alg->algorithm
-		 */
-		if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
-			break;
-		btmp = BIO_next(btmp);
-	}
-
-	/* mdc is the digest ctx that we want, unless there are attributes,
-	 * in which case the digest is the signed attributes */
-	if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
-		goto err;
-
-	sk = si->auth_attr;
-	if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
-		unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
-		unsigned int md_len;
-		int alen;
-		ASN1_OCTET_STRING *message_digest;
-
-		if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
-			goto err;
-		message_digest = PKCS7_digest_from_attributes(sk);
-		if (!message_digest) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-			    PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
-			goto err;
-		}
-		if ((message_digest->length != (int)md_len) ||
-		    (memcmp(message_digest->data, md_dat, md_len))) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-			    PKCS7_R_DIGEST_FAILURE);
-			ret = -1;
-			goto err;
-		}
-
-		if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type),
-		    NULL))
-			goto err;
-
-		alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
-		    ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
-		if (alen <= 0) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
-			ret = -1;
-			goto err;
-		}
-		if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
-			goto err;
-
-		free(abuf);
-	}
-
-	os = si->enc_digest;
-	pkey = X509_get_pubkey(x509);
-	if (!pkey) {
-		ret = -1;
-		goto err;
-	}
-
-	i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
-	EVP_PKEY_free(pkey);
-	if (i <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-		    PKCS7_R_SIGNATURE_FAILURE);
-		ret = -1;
-		goto err;
-	} else
-		ret = 1;
-err:
-	EVP_MD_CTX_cleanup(&mdc_tmp);
-	return (ret);
-}
-
-PKCS7_ISSUER_AND_SERIAL *
-PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
-{
-	STACK_OF(PKCS7_RECIP_INFO) *rsk;
-	PKCS7_RECIP_INFO *ri;
-	int i;
-
-	i = OBJ_obj2nid(p7->type);
-	if (i != NID_pkcs7_signedAndEnveloped)
-		return NULL;
-	if (p7->d.signed_and_enveloped == NULL)
-		return NULL;
-	rsk = p7->d.signed_and_enveloped->recipientinfo;
-	if (rsk == NULL)
-		return NULL;
-	ri = sk_PKCS7_RECIP_INFO_value(rsk, 0);
-	if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
-		return (NULL);
-	ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
-	return (ri->issuer_and_serial);
-}
-
-ASN1_TYPE *
-PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
-	return (get_attribute(si->auth_attr, nid));
-}
-
-ASN1_TYPE *
-PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
-{
-	return (get_attribute(si->unauth_attr, nid));
-}
-
-static ASN1_TYPE *
-get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
-{
-	int i;
-	X509_ATTRIBUTE *xa;
-	ASN1_OBJECT *o;
-
-	o = OBJ_nid2obj(nid);
-	if (!o || !sk)
-		return (NULL);
-	for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-		xa = sk_X509_ATTRIBUTE_value(sk, i);
-		if (OBJ_cmp(xa->object, o) == 0) {
-			if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
-				return (sk_ASN1_TYPE_value(xa->value.set, 0));
-			else
-				return (NULL);
-		}
-	}
-	return (NULL);
-}
-
-ASN1_OCTET_STRING *
-PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
-{
-	ASN1_TYPE *astype;
-
-	if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
-		return NULL;
-	if (astype->type != V_ASN1_OCTET_STRING)
-		return NULL;
-	return astype->value.octet_string;
-}
-
-int
-PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-    STACK_OF(X509_ATTRIBUTE) *sk)
-{
-	int i;
-
-	if (p7si->auth_attr != NULL)
-		sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,
-		    X509_ATTRIBUTE_free);
-	p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
-	if (p7si->auth_attr == NULL)
-		return 0;
-	for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-		if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
-		    X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i))))
-		    == NULL)
-			return (0);
-	}
-	return (1);
-}
-
-int
-PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk)
-{
-	int i;
-
-	if (p7si->unauth_attr != NULL)
-		sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr,
-		    X509_ATTRIBUTE_free);
-	p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
-	if (p7si->unauth_attr == NULL)
-		return 0;
-	for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-		if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
-		    X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk, i))))
-		    == NULL)
-			return (0);
-	}
-	return (1);
-}
-
-int
-PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-    void *value)
-{
-	return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
-}
-
-int
-PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, void *value)
-{
-	return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
-}
-
-static int
-add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value)
-{
-	X509_ATTRIBUTE *attr = NULL;
-
-	if (*sk == NULL) {
-		*sk = sk_X509_ATTRIBUTE_new_null();
-		if (*sk == NULL)
-			return 0;
-new_attrib:
-		if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
-			return 0;
-		if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
-			X509_ATTRIBUTE_free(attr);
-			return 0;
-		}
-	} else {
-		int i;
-
-		for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
-			attr = sk_X509_ATTRIBUTE_value(*sk, i);
-			if (OBJ_obj2nid(attr->object) == nid) {
-				X509_ATTRIBUTE_free(attr);
-				attr = X509_ATTRIBUTE_create(nid, atrtype,
-				    value);
-				if (attr == NULL)
-					return 0;
-				if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
-					X509_ATTRIBUTE_free(attr);
-					return 0;
-				}
-				goto end;
-			}
-		}
-		goto new_attrib;
-	}
-end:
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_lib.c b/lib/libssl/src/crypto/pkcs7/pk7_lib.c
deleted file mode 100644
index b3dc068f3d9..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_lib.c
+++ /dev/null
@@ -1,668 +0,0 @@
-/* $OpenBSD: pk7_lib.c,v 1.18 2015/09/30 18:41:06 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "asn1_locl.h"
-
-long
-PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
-{
-	int nid;
-	long ret;
-
-	nid = OBJ_obj2nid(p7->type);
-
-	switch (cmd) {
-	case PKCS7_OP_SET_DETACHED_SIGNATURE:
-		if (nid == NID_pkcs7_signed) {
-			ret = p7->detached = (int)larg;
-			if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
-				ASN1_OCTET_STRING *os;
-				os = p7->d.sign->contents->d.data;
-				ASN1_OCTET_STRING_free(os);
-				p7->d.sign->contents->d.data = NULL;
-			}
-		} else {
-			PKCS7err(PKCS7_F_PKCS7_CTRL,
-			    PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-			ret = 0;
-		}
-		break;
-	case PKCS7_OP_GET_DETACHED_SIGNATURE:
-		if (nid == NID_pkcs7_signed) {
-			if (!p7->d.sign  || !p7->d.sign->contents->d.ptr)
-				ret = 1;
-			else
-				ret = 0;
-
-			p7->detached = ret;
-		} else {
-			PKCS7err(PKCS7_F_PKCS7_CTRL,
-			    PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
-			ret = 0;
-		}
-
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_CTRL, PKCS7_R_UNKNOWN_OPERATION);
-		ret = 0;
-	}
-	return (ret);
-}
-
-int
-PKCS7_content_new(PKCS7 *p7, int type)
-{
-	PKCS7 *ret = NULL;
-
-	if ((ret = PKCS7_new()) == NULL)
-		goto err;
-	if (!PKCS7_set_type(ret, type))
-		goto err;
-	if (!PKCS7_set_content(p7, ret))
-		goto err;
-
-	return (1);
-err:
-	if (ret != NULL)
-		PKCS7_free(ret);
-	return (0);
-}
-
-int
-PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
-{
-	int i;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signed:
-		if (p7->d.sign->contents != NULL)
-			PKCS7_free(p7->d.sign->contents);
-		p7->d.sign->contents = p7_data;
-		break;
-	case NID_pkcs7_digest:
-		if (p7->d.digest->contents != NULL)
-			PKCS7_free(p7->d.digest->contents);
-		p7->d.digest->contents = p7_data;
-		break;
-	case NID_pkcs7_data:
-	case NID_pkcs7_enveloped:
-	case NID_pkcs7_signedAndEnveloped:
-	case NID_pkcs7_encrypted:
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,
-		    PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-	}
-	return (1);
-err:
-	return (0);
-}
-
-int
-PKCS7_set_type(PKCS7 *p7, int type)
-{
-	ASN1_OBJECT *obj;
-
-	/*PKCS7_content_free(p7);*/
-	obj=OBJ_nid2obj(type); /* will not fail */
-
-	switch (type) {
-	case NID_pkcs7_signed:
-		p7->type = obj;
-		if ((p7->d.sign = PKCS7_SIGNED_new()) == NULL)
-			goto err;
-		if (!ASN1_INTEGER_set(p7->d.sign->version, 1)) {
-			PKCS7_SIGNED_free(p7->d.sign);
-			p7->d.sign = NULL;
-			goto err;
-		}
-		break;
-	case NID_pkcs7_data:
-		p7->type = obj;
-		if ((p7->d.data = ASN1_OCTET_STRING_new()) == NULL)
-			goto err;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		p7->type = obj;
-		if ((p7->d.signed_and_enveloped =
-		    PKCS7_SIGN_ENVELOPE_new()) == NULL)
-			goto err;
-		ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1);
-		if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1))
-			goto err;
-		p7->d.signed_and_enveloped->enc_data->content_type =
-		    OBJ_nid2obj(NID_pkcs7_data);
-		break;
-	case NID_pkcs7_enveloped:
-		p7->type = obj;
-		if ((p7->d.enveloped = PKCS7_ENVELOPE_new()) == NULL)
-			goto err;
-		if (!ASN1_INTEGER_set(p7->d.enveloped->version, 0))
-			goto err;
-		p7->d.enveloped->enc_data->content_type =
-		    OBJ_nid2obj(NID_pkcs7_data);
-		break;
-	case NID_pkcs7_encrypted:
-		p7->type = obj;
-		if ((p7->d.encrypted = PKCS7_ENCRYPT_new()) == NULL)
-			goto err;
-		if (!ASN1_INTEGER_set(p7->d.encrypted->version, 0))
-			goto err;
-		p7->d.encrypted->enc_data->content_type =
-		    OBJ_nid2obj(NID_pkcs7_data);
-		break;
-
-	case NID_pkcs7_digest:
-		p7->type = obj;
-		if ((p7->d.digest = PKCS7_DIGEST_new()) == NULL)
-			goto err;
-		if (!ASN1_INTEGER_set(p7->d.digest->version, 0))
-			goto err;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_TYPE,
-		    PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
-		goto err;
-	}
-	return (1);
-err:
-	return (0);
-}
-
-int
-PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other)
-{
-	p7->type = OBJ_nid2obj(type);
-	p7->d.other = other;
-	return 1;
-}
-
-int
-PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
-{
-	int i, j, nid;
-	X509_ALGOR *alg;
-	STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
-	STACK_OF(X509_ALGOR) *md_sk;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signed:
-		signer_sk = p7->d.sign->signer_info;
-		md_sk = p7->d.sign->md_algs;
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		signer_sk = p7->d.signed_and_enveloped->signer_info;
-		md_sk = p7->d.signed_and_enveloped->md_algs;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, PKCS7_R_WRONG_CONTENT_TYPE);
-		return (0);
-	}
-
-	nid = OBJ_obj2nid(psi->digest_alg->algorithm);
-
-	/* If the digest is not currently listed, add it */
-	j = 0;
-	for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
-		alg = sk_X509_ALGOR_value(md_sk, i);
-		if (OBJ_obj2nid(alg->algorithm) == nid) {
-			j = 1;
-			break;
-		}
-	}
-	if (!j) /* we need to add another algorithm */
-	{
-		if (!(alg = X509_ALGOR_new()) ||
-		    !(alg->parameter = ASN1_TYPE_new())) {
-			X509_ALGOR_free(alg);
-			PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,
-			    ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-		alg->algorithm = OBJ_nid2obj(nid);
-		alg->parameter->type = V_ASN1_NULL;
-		if (!sk_X509_ALGOR_push(md_sk, alg)) {
-			X509_ALGOR_free(alg);
-			return 0;
-		}
-	}
-
-	if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi))
-		return 0;
-	return (1);
-}
-
-int
-PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
-{
-	int i;
-	STACK_OF(X509) **sk;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signed:
-		sk = &(p7->d.sign->cert);
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		sk = &(p7->d.signed_and_enveloped->cert);
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,
-		    PKCS7_R_WRONG_CONTENT_TYPE);
-		return (0);
-	}
-
-	if (*sk == NULL)
-		*sk = sk_X509_new_null();
-	if (*sk == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
-	if (!sk_X509_push(*sk, x509)) {
-		X509_free(x509);
-		return 0;
-	}
-	return (1);
-}
-
-int
-PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
-{
-	int i;
-	STACK_OF(X509_CRL) **sk;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signed:
-		sk = &(p7->d.sign->crl);
-		break;
-	case NID_pkcs7_signedAndEnveloped:
-		sk = &(p7->d.signed_and_enveloped->crl);
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_CRL, PKCS7_R_WRONG_CONTENT_TYPE);
-		return (0);
-	}
-
-	if (*sk == NULL)
-		*sk = sk_X509_CRL_new_null();
-	if (*sk == NULL) {
-		PKCS7err(PKCS7_F_PKCS7_ADD_CRL, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
-	if (!sk_X509_CRL_push(*sk, crl)) {
-		X509_CRL_free(crl);
-		return 0;
-	}
-	return (1);
-}
-
-int
-PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-    const EVP_MD *dgst)
-{
-	int ret;
-
-	/* We now need to add another PKCS7_SIGNER_INFO entry */
-	if (!ASN1_INTEGER_set(p7i->version, 1))
-		goto err;
-	if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
-	    X509_get_issuer_name(x509)))
-		goto err;
-
-	/* because ASN1_INTEGER_set is used to set a 'long' we will do
-	 * things the ugly way. */
-	ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	if (!(p7i->issuer_and_serial->serial =
-	    ASN1_STRING_dup(X509_get_serialNumber(x509))))
-		goto err;
-
-	/* lets keep the pkey around for a while */
-	CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	p7i->pkey = pkey;
-
-	/* Set the algorithms */
-
-	X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
-	    V_ASN1_NULL, NULL);
-
-	if (pkey->ameth && pkey->ameth->pkey_ctrl) {
-		ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN,
-		    0, p7i);
-		if (ret > 0)
-			return 1;
-		if (ret != -2) {
-			PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
-			    PKCS7_R_SIGNING_CTRL_FAILURE);
-			return 0;
-		}
-	}
-	PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
-	    PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-err:
-	return 0;
-}
-
-PKCS7_SIGNER_INFO *
-PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, const EVP_MD *dgst)
-{
-	PKCS7_SIGNER_INFO *si = NULL;
-
-	if (dgst == NULL) {
-		int def_nid;
-		if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
-			goto err;
-		dgst = EVP_get_digestbynid(def_nid);
-		if (dgst == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE,
-			    PKCS7_R_NO_DEFAULT_DIGEST);
-			goto err;
-		}
-	}
-
-	if ((si = PKCS7_SIGNER_INFO_new()) == NULL)
-		goto err;
-	if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst))
-		goto err;
-	if (!PKCS7_add_signer(p7, si))
-		goto err;
-	return (si);
-err:
-	if (si)
-		PKCS7_SIGNER_INFO_free(si);
-	return (NULL);
-}
-
-int
-PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
-{
-	if (PKCS7_type_is_digest(p7)) {
-		if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) {
-			PKCS7err(PKCS7_F_PKCS7_SET_DIGEST,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		p7->d.digest->md->parameter->type = V_ASN1_NULL;
-		p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md));
-		return 1;
-	}
-
-	PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, PKCS7_R_WRONG_CONTENT_TYPE);
-	return 1;
-}
-
-STACK_OF(PKCS7_SIGNER_INFO) *
-PKCS7_get_signer_info(PKCS7 *p7)
-{
-	if (p7 == NULL || p7->d.ptr == NULL)
-		return (NULL);
-	if (PKCS7_type_is_signed(p7)) {
-		return (p7->d.sign->signer_info);
-	} else if (PKCS7_type_is_signedAndEnveloped(p7)) {
-		return (p7->d.signed_and_enveloped->signer_info);
-	} else
-		return (NULL);
-}
-
-void
-PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
-    X509_ALGOR **pdig, X509_ALGOR **psig)
-{
-	if (pk)
-		*pk = si->pkey;
-	if (pdig)
-		*pdig = si->digest_alg;
-	if (psig)
-		*psig = si->digest_enc_alg;
-}
-
-void
-PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
-{
-	if (penc)
-		*penc = ri->key_enc_algor;
-}
-
-PKCS7_RECIP_INFO *
-PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
-{
-	PKCS7_RECIP_INFO *ri;
-
-	if ((ri = PKCS7_RECIP_INFO_new()) == NULL)
-		goto err;
-	if (!PKCS7_RECIP_INFO_set(ri, x509))
-		goto err;
-	if (!PKCS7_add_recipient_info(p7, ri))
-		goto err;
-	return ri;
-err:
-	if (ri)
-		PKCS7_RECIP_INFO_free(ri);
-	return NULL;
-}
-
-int
-PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
-{
-	int i;
-	STACK_OF(PKCS7_RECIP_INFO) *sk;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signedAndEnveloped:
-		sk = p7->d.signed_and_enveloped->recipientinfo;
-		break;
-	case NID_pkcs7_enveloped:
-		sk = p7->d.enveloped->recipientinfo;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,
-		    PKCS7_R_WRONG_CONTENT_TYPE);
-		return (0);
-	}
-
-	if (!sk_PKCS7_RECIP_INFO_push(sk, ri))
-		return 0;
-	return (1);
-}
-
-int
-PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
-{
-	int ret;
-	EVP_PKEY *pkey = NULL;
-	if (!ASN1_INTEGER_set(p7i->version, 0))
-		return 0;
-	if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
-	    X509_get_issuer_name(x509)))
-		return 0;
-
-	ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
-	if (!(p7i->issuer_and_serial->serial =
-	    ASN1_STRING_dup(X509_get_serialNumber(x509))))
-		return 0;
-
-	pkey = X509_get_pubkey(x509);
-
-	if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) {
-		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-		    PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-		goto err;
-	}
-
-	ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT,
-	    0, p7i);
-	if (ret == -2) {
-		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-		    PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
-		goto err;
-	}
-	if (ret <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
-		    PKCS7_R_ENCRYPTION_CTRL_FAILURE);
-		goto err;
-	}
-
-	EVP_PKEY_free(pkey);
-
-	CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
-	p7i->cert = x509;
-
-	return 1;
-
-err:
-	EVP_PKEY_free(pkey);
-	return 0;
-}
-
-X509 *
-PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-	if (PKCS7_type_is_signed(p7))
-		return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
-		    si->issuer_and_serial->issuer,
-		    si->issuer_and_serial->serial));
-	else
-		return (NULL);
-}
-
-int
-PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
-{
-	int i;
-	PKCS7_ENC_CONTENT *ec;
-
-	i = OBJ_obj2nid(p7->type);
-	switch (i) {
-	case NID_pkcs7_signedAndEnveloped:
-		ec = p7->d.signed_and_enveloped->enc_data;
-		break;
-	case NID_pkcs7_enveloped:
-		ec = p7->d.enveloped->enc_data;
-		break;
-	default:
-		PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_WRONG_CONTENT_TYPE);
-		return (0);
-	}
-
-	/* Check cipher OID exists and has data in it*/
-	i = EVP_CIPHER_type(cipher);
-	if (i == NID_undef) {
-		PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,
-		    PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
-		return (0);
-	}
-
-	ec->cipher = cipher;
-	return 1;
-}
-
-int
-PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
-{
-	ASN1_OCTET_STRING *os = NULL;
-
-	switch (OBJ_obj2nid(p7->type)) {
-	case NID_pkcs7_data:
-		os = p7->d.data;
-		break;
-
-	case NID_pkcs7_signedAndEnveloped:
-		os = p7->d.signed_and_enveloped->enc_data->enc_data;
-		if (os == NULL) {
-			os = ASN1_OCTET_STRING_new();
-			p7->d.signed_and_enveloped->enc_data->enc_data = os;
-		}
-		break;
-
-	case NID_pkcs7_enveloped:
-		os = p7->d.enveloped->enc_data->enc_data;
-		if (os == NULL) {
-			os = ASN1_OCTET_STRING_new();
-			p7->d.enveloped->enc_data->enc_data = os;
-		}
-		break;
-
-	case NID_pkcs7_signed:
-		os = p7->d.sign->contents->d.data;
-		break;
-
-	default:
-		os = NULL;
-		break;
-	}
-
-	if (os == NULL)
-		return 0;
-
-	os->flags |= ASN1_STRING_FLAG_NDEF;
-	*boundary = &os->data;
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_mime.c b/lib/libssl/src/crypto/pkcs7/pk7_mime.c
deleted file mode 100644
index 31023f22c6e..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_mime.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* $OpenBSD: pk7_mime.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- */
-
-#include <ctype.h>
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-
-/* PKCS#7 wrappers round generalised stream and MIME routines */
-
-int
-i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
-{
-	return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags,
-	    ASN1_ITEM_rptr(PKCS7));
-}
-
-int
-PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
-{
-	return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *) p7, in, flags,
-	    "PKCS7", ASN1_ITEM_rptr(PKCS7));
-}
-
-int
-SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
-{
-	STACK_OF(X509_ALGOR) *mdalgs;
-	int ctype_nid = OBJ_obj2nid(p7->type);
-	if (ctype_nid == NID_pkcs7_signed)
-		mdalgs = p7->d.sign->md_algs;
-	else
-		mdalgs = NULL;
-
-	flags ^= SMIME_OLDMIME;
-
-
-	return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
-	    ctype_nid, NID_undef, mdalgs, ASN1_ITEM_rptr(PKCS7));
-}
-
-PKCS7 *
-SMIME_read_PKCS7(BIO *bio, BIO **bcont)
-{
-	return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pk7_smime.c b/lib/libssl/src/crypto/pkcs7/pk7_smime.c
deleted file mode 100644
index 1c00e5914a6..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pk7_smime.c
+++ /dev/null
@@ -1,600 +0,0 @@
-/* $OpenBSD: pk7_smime.c,v 1.20 2015/02/07 14:21:41 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* Simple PKCS#7 processing functions */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-
-PKCS7 *
-PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data,
-    int flags)
-{
-	PKCS7 *p7;
-	int i;
-
-	if (!(p7 = PKCS7_new())) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (!PKCS7_set_type(p7, NID_pkcs7_signed))
-		goto err;
-
-	if (!PKCS7_content_new(p7, NID_pkcs7_data))
-		goto err;
-
-	if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
-		goto err;
-	}
-
-	if (!(flags & PKCS7_NOCERTS)) {
-		for (i = 0; i < sk_X509_num(certs); i++) {
-			if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
-				goto err;
-		}
-	}
-
-	if (flags & PKCS7_DETACHED)
-		PKCS7_set_detached(p7, 1);
-
-	if (flags & (PKCS7_STREAM|PKCS7_PARTIAL))
-		return p7;
-
-	if (PKCS7_final(p7, data, flags))
-		return p7;
-
-err:
-	PKCS7_free(p7);
-	return NULL;
-}
-
-int
-PKCS7_final(PKCS7 *p7, BIO *data, int flags)
-{
-	BIO *p7bio;
-	int ret = 0;
-
-	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	SMIME_crlf_copy(data, p7bio, flags);
-
-	(void)BIO_flush(p7bio);
-
-	if (!PKCS7_dataFinal(p7, p7bio)) {
-		PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
-		goto err;
-	}
-
-	ret = 1;
-
-err:
-	BIO_free_all(p7bio);
-
-	return ret;
-}
-
-/* Check to see if a cipher exists and if so add S/MIME capabilities */
-
-static int
-add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-	if (EVP_get_cipherbynid(nid))
-		return PKCS7_simple_smimecap(sk, nid, arg);
-	return 1;
-}
-
-static int
-add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
-{
-	if (EVP_get_digestbynid(nid))
-		return PKCS7_simple_smimecap(sk, nid, arg);
-	return 1;
-}
-
-PKCS7_SIGNER_INFO *
-PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey,
-    const EVP_MD *md, int flags)
-{
-	PKCS7_SIGNER_INFO *si = NULL;
-	STACK_OF(X509_ALGOR) *smcap = NULL;
-
-	if (!X509_check_private_key(signcert, pkey)) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
-		    PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		return NULL;
-	}
-
-	if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
-		PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
-		    PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
-		return NULL;
-	}
-
-	if (!(flags & PKCS7_NOCERTS)) {
-		if (!PKCS7_add_certificate(p7, signcert))
-			goto err;
-	}
-
-	if (!(flags & PKCS7_NOATTR)) {
-		if (!PKCS7_add_attrib_content_type(si, NULL))
-			goto err;
-		/* Add SMIMECapabilities */
-		if (!(flags & PKCS7_NOSMIMECAP)) {
-			if (!(smcap = sk_X509_ALGOR_new_null())) {
-				PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-			if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1) ||
-			    !add_digest_smcap(smcap, NID_id_GostR3411_94, -1) ||
-			    !add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_256, -1) ||
-			    !add_digest_smcap(smcap, NID_id_tc26_gost3411_2012_512, -1) ||
-			    !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1) ||
-			    !add_cipher_smcap(smcap, NID_aes_192_cbc, -1) ||
-			    !add_cipher_smcap(smcap, NID_aes_128_cbc, -1) ||
-			    !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1) ||
-			    !add_cipher_smcap(smcap, NID_rc2_cbc, 128) ||
-			    !add_cipher_smcap(smcap, NID_rc2_cbc, 64) ||
-			    !add_cipher_smcap(smcap, NID_des_cbc, -1) ||
-			    !add_cipher_smcap(smcap, NID_rc2_cbc, 40) ||
-			    !PKCS7_add_attrib_smimecap(si, smcap))
-				goto err;
-			sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-			smcap = NULL;
-		}
-		if (flags & PKCS7_REUSE_DIGEST) {
-			if (!pkcs7_copy_existing_digest(p7, si))
-				goto err;
-			if (!(flags & PKCS7_PARTIAL) &&
-			    !PKCS7_SIGNER_INFO_sign(si))
-				goto err;
-		}
-	}
-	return si;
-
-err:
-	if (smcap)
-		sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
-	return NULL;
-}
-
-/* Search for a digest matching SignerInfo digest type and if found
- * copy across.
- */
-
-static int
-pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
-{
-	int i;
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-	PKCS7_SIGNER_INFO *sitmp;
-	ASN1_OCTET_STRING *osdig = NULL;
-
-	sinfos = PKCS7_get_signer_info(p7);
-	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-		sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-		if (si == sitmp)
-			break;
-		if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
-			continue;
-		if (!OBJ_cmp(si->digest_alg->algorithm,
-		    sitmp->digest_alg->algorithm)) {
-			osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
-			break;
-		}
-
-	}
-
-	if (osdig)
-		return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
-
-	PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
-	    PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
-	return 0;
-}
-
-int
-PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata,
-    BIO *out, int flags)
-{
-	STACK_OF(X509) *signers;
-	X509 *signer;
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-	PKCS7_SIGNER_INFO *si;
-	X509_STORE_CTX cert_ctx;
-	char buf[4096];
-	int i, j = 0, k, ret = 0;
-	BIO *p7bio;
-	BIO *tmpin, *tmpout;
-
-	if (!p7) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if (!PKCS7_type_is_signed(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
-		return 0;
-	}
-
-	/* Check for no data and no content: no data to verify signature */
-	if (PKCS7_get_detached(p7) && !indata) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
-		return 0;
-	}
-
-	/*
-	 * Very old Netscape illegally included empty content with
-	 * a detached signature.  Very old users should upgrade.
-	 */
-	/* Check for data and content: two sets of data */
-	if (!PKCS7_get_detached(p7) && indata) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
-		return 0;
-	}
-
-	sinfos = PKCS7_get_signer_info(p7);
-
-	if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
-		PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
-		return 0;
-	}
-
-
-	signers = PKCS7_get0_signers(p7, certs, flags);
-
-	if (!signers)
-		return 0;
-
-	/* Now verify the certificates */
-
-	if (!(flags & PKCS7_NOVERIFY))
-		for (k = 0; k < sk_X509_num(signers); k++) {
-			signer = sk_X509_value (signers, k);
-			if  (!(flags & PKCS7_NOCHAIN)) {
-				if (!X509_STORE_CTX_init(&cert_ctx, store,
-				    signer, p7->d.sign->cert)) {
-					PKCS7err(PKCS7_F_PKCS7_VERIFY,
-					    ERR_R_X509_LIB);
-					sk_X509_free(signers);
-					return 0;
-				}
-				X509_STORE_CTX_set_default(&cert_ctx,
-				    "smime_sign");
-			} else if (!X509_STORE_CTX_init(&cert_ctx, store,
-			    signer, NULL)) {
-				PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
-				sk_X509_free(signers);
-				return 0;
-			}
-			if (!(flags & PKCS7_NOCRL))
-				X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
-			i = X509_verify_cert(&cert_ctx);
-			if (i <= 0)
-				j = X509_STORE_CTX_get_error(&cert_ctx);
-			X509_STORE_CTX_cleanup(&cert_ctx);
-			if (i <= 0) {
-				PKCS7err(PKCS7_F_PKCS7_VERIFY,
-				    PKCS7_R_CERTIFICATE_VERIFY_ERROR);
-				ERR_asprintf_error_data("Verify error:%s",
-				    X509_verify_cert_error_string(j));
-				sk_X509_free(signers);
-				return 0;
-			}
-			/* Check for revocation status here */
-		}
-
-	/*
-	 * Performance optimization: if the content is a memory BIO then
-	 * store its contents in a temporary read only memory BIO. This
-	 * avoids potentially large numbers of slow copies of data which will
-	 * occur when reading from a read write memory BIO when signatures
-	 * are calculated.
-	 */
-	if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) {
-		char *ptr;
-		long len;
-
-		len = BIO_get_mem_data(indata, &ptr);
-		tmpin = BIO_new_mem_buf(ptr, len);
-		if (tmpin == NULL) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	} else
-		tmpin = indata;
-
-
-	if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
-		goto err;
-
-	if (flags & PKCS7_TEXT) {
-		if (!(tmpout = BIO_new(BIO_s_mem()))) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		BIO_set_mem_eof_return(tmpout, 0);
-	} else
-		tmpout = out;
-
-	/* We now have to 'read' from p7bio to calculate digests etc. */
-	for (;;) {
-		i = BIO_read(p7bio, buf, sizeof(buf));
-		if (i <= 0)
-			break;
-		if (tmpout)
-			BIO_write(tmpout, buf, i);
-	}
-
-	if (flags & PKCS7_TEXT) {
-		if (!SMIME_text(tmpout, out)) {
-			PKCS7err(PKCS7_F_PKCS7_VERIFY,
-			    PKCS7_R_SMIME_TEXT_ERROR);
-			BIO_free(tmpout);
-			goto err;
-		}
-		BIO_free(tmpout);
-	}
-
-	/* Now Verify All Signatures */
-	if (!(flags & PKCS7_NOSIGS))
-		for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-			si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-			signer = sk_X509_value (signers, i);
-			j = PKCS7_signatureVerify(p7bio, p7, si, signer);
-			if (j <= 0) {
-				PKCS7err(PKCS7_F_PKCS7_VERIFY,
-				    PKCS7_R_SIGNATURE_FAILURE);
-				goto err;
-			}
-		}
-
-	ret = 1;
-
-err:
-	if (tmpin == indata) {
-		if (indata)
-			BIO_pop(p7bio);
-	}
-	BIO_free_all(p7bio);
-	sk_X509_free(signers);
-
-	return ret;
-}
-
-STACK_OF(X509) *
-PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
-{
-	STACK_OF(X509) *signers;
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
-	PKCS7_SIGNER_INFO *si;
-	PKCS7_ISSUER_AND_SERIAL *ias;
-	X509 *signer;
-	int i;
-
-	if (!p7) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
-		    PKCS7_R_INVALID_NULL_POINTER);
-		return NULL;
-	}
-
-	if (!PKCS7_type_is_signed(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
-		    PKCS7_R_WRONG_CONTENT_TYPE);
-		return NULL;
-	}
-
-	/* Collect all the signers together */
-	sinfos = PKCS7_get_signer_info(p7);
-	if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
-		return 0;
-	}
-
-	if (!(signers = sk_X509_new_null())) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
-		si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
-		ias = si->issuer_and_serial;
-		signer = NULL;
-		/* If any certificates passed they take priority */
-		if (certs)
-			signer = X509_find_by_issuer_and_serial (certs,
-			    ias->issuer, ias->serial);
-		if (!signer && !(flags & PKCS7_NOINTERN) && p7->d.sign->cert)
-			signer =
-			    X509_find_by_issuer_and_serial(p7->d.sign->cert,
-			      ias->issuer, ias->serial);
-		if (!signer) {
-			PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
-			    PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
-			sk_X509_free(signers);
-			return 0;
-		}
-
-		if (!sk_X509_push(signers, signer)) {
-			sk_X509_free(signers);
-			return NULL;
-		}
-	}
-	return signers;
-}
-
-/* Build a complete PKCS#7 enveloped data */
-
-PKCS7 *
-PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-    int flags)
-{
-	PKCS7 *p7;
-	BIO *p7bio = NULL;
-	int i;
-	X509 *x509;
-
-	if (!(p7 = PKCS7_new())) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
-		goto err;
-	if (!PKCS7_set_cipher(p7, cipher)) {
-		PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
-		goto err;
-	}
-
-	for (i = 0; i < sk_X509_num(certs); i++) {
-		x509 = sk_X509_value(certs, i);
-		if (!PKCS7_add_recipient(p7, x509)) {
-			PKCS7err(PKCS7_F_PKCS7_ENCRYPT,
-			    PKCS7_R_ERROR_ADDING_RECIPIENT);
-			goto err;
-		}
-	}
-
-	if (flags & PKCS7_STREAM)
-		return p7;
-
-	if (PKCS7_final(p7, in, flags))
-		return p7;
-
-err:
-	BIO_free_all(p7bio);
-	PKCS7_free(p7);
-	return NULL;
-}
-
-int
-PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
-{
-	BIO *tmpmem;
-	int ret, i;
-	char buf[4096];
-
-	if (!p7) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
-		return 0;
-	}
-
-	if (!PKCS7_type_is_enveloped(p7)) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE);
-		return 0;
-	}
-
-	if (cert && !X509_check_private_key(cert, pkey)) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT,
-		    PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		return 0;
-	}
-
-	if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
-		PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
-		return 0;
-	}
-
-	if (flags & PKCS7_TEXT) {
-		BIO *tmpbuf;
-
-		/* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
-		if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
-			PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
-			BIO_free_all(tmpmem);
-			return 0;
-		}
-		BIO_push(tmpbuf, tmpmem);
-		ret = SMIME_text(tmpbuf, data);
-		if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
-			if (!BIO_get_cipher_status(tmpmem))
-				ret = 0;
-		}
-		BIO_free_all(tmpbuf);
-		return ret;
-	} else {
-		for (;;) {
-			i = BIO_read(tmpmem, buf, sizeof(buf));
-			if (i <= 0) {
-				ret = 1;
-				if (BIO_method_type(tmpmem) ==
-				    BIO_TYPE_CIPHER) {
-					if (!BIO_get_cipher_status(tmpmem))
-						ret = 0;
-				}
-				break;
-			}
-			if (BIO_write(data, buf, i) != i) {
-				ret = 0;
-				break;
-			}
-		}
-		BIO_free_all(tmpmem);
-		return ret;
-	}
-}
diff --git a/lib/libssl/src/crypto/pkcs7/pkcs7.h b/lib/libssl/src/crypto/pkcs7/pkcs7.h
deleted file mode 100644
index 609ce045533..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pkcs7.h
+++ /dev/null
@@ -1,480 +0,0 @@
-/* $OpenBSD: pkcs7.h,v 1.14 2014/07/02 12:40:41 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_PKCS7_H
-#define HEADER_PKCS7_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bio.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*
-Encryption_ID		DES-CBC
-Digest_ID		MD5
-Digest_Encryption_ID	rsaEncryption
-Key_Encryption_ID	rsaEncryption
-*/
-
-typedef struct pkcs7_issuer_and_serial_st {
-	X509_NAME *issuer;
-	ASN1_INTEGER *serial;
-} PKCS7_ISSUER_AND_SERIAL;
-
-typedef struct pkcs7_signer_info_st {
-	ASN1_INTEGER 			*version;	/* version 1 */
-	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
-	X509_ALGOR			*digest_alg;
-	STACK_OF(X509_ATTRIBUTE)	*auth_attr;	/* [ 0 ] */
-	X509_ALGOR			*digest_enc_alg;
-	ASN1_OCTET_STRING		*enc_digest;
-	STACK_OF(X509_ATTRIBUTE)	*unauth_attr;	/* [ 1 ] */
-
-	/* The private key to sign with */
-	EVP_PKEY			*pkey;
-} PKCS7_SIGNER_INFO;
-
-DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
-
-typedef struct pkcs7_recip_info_st {
-	ASN1_INTEGER			*version;	/* version 0 */
-	PKCS7_ISSUER_AND_SERIAL		*issuer_and_serial;
-	X509_ALGOR			*key_enc_algor;
-	ASN1_OCTET_STRING		*enc_key;
-	X509				*cert; /* get the pub-key from this */
-} PKCS7_RECIP_INFO;
-
-DECLARE_STACK_OF(PKCS7_RECIP_INFO)
-DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
-
-typedef struct pkcs7_signed_st {
-	ASN1_INTEGER			*version;	/* version 1 */
-	STACK_OF(X509_ALGOR)		*md_algs;	/* md used */
-	STACK_OF(X509)			*cert;		/* [ 0 ] */
-	STACK_OF(X509_CRL)		*crl;		/* [ 1 ] */
-	STACK_OF(PKCS7_SIGNER_INFO)	*signer_info;
-
-	struct pkcs7_st			*contents;
-} PKCS7_SIGNED;
-/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
- * How about merging the two */
-
-typedef struct pkcs7_enc_content_st {
-	ASN1_OBJECT			*content_type;
-	X509_ALGOR			*algorithm;
-	ASN1_OCTET_STRING		*enc_data;	/* [ 0 ] */
-	const EVP_CIPHER		*cipher;
-} PKCS7_ENC_CONTENT;
-
-typedef struct pkcs7_enveloped_st {
-	ASN1_INTEGER			*version;	/* version 0 */
-	STACK_OF(PKCS7_RECIP_INFO)	*recipientinfo;
-	PKCS7_ENC_CONTENT		*enc_data;
-} PKCS7_ENVELOPE;
-
-typedef struct pkcs7_signedandenveloped_st {
-	ASN1_INTEGER			*version;	/* version 1 */
-	STACK_OF(X509_ALGOR)		*md_algs;	/* md used */
-	STACK_OF(X509)			*cert;		/* [ 0 ] */
-	STACK_OF(X509_CRL)		*crl;		/* [ 1 ] */
-	STACK_OF(PKCS7_SIGNER_INFO)	*signer_info;
-
-	PKCS7_ENC_CONTENT		*enc_data;
-	STACK_OF(PKCS7_RECIP_INFO)	*recipientinfo;
-} PKCS7_SIGN_ENVELOPE;
-
-typedef struct pkcs7_digest_st {
-	ASN1_INTEGER			*version;	/* version 0 */
-	X509_ALGOR			*md;		/* md used */
-	struct pkcs7_st 		*contents;
-	ASN1_OCTET_STRING		*digest;
-} PKCS7_DIGEST;
-
-typedef struct pkcs7_encrypted_st {
-	ASN1_INTEGER			*version;	/* version 0 */
-	PKCS7_ENC_CONTENT		*enc_data;
-} PKCS7_ENCRYPT;
-
-typedef struct pkcs7_st {
-	/* The following is non NULL if it contains ASN1 encoding of
-	 * this structure */
-	unsigned char *asn1;
-	long length;
-
-#define PKCS7_S_HEADER	0
-#define PKCS7_S_BODY	1
-#define PKCS7_S_TAIL	2
-	int state; /* used during processing */
-
-	int detached;
-
-	ASN1_OBJECT *type;
-	/* content as defined by the type */
-	/* all encryption/message digests are applied to the 'contents',
-	 * leaving out the 'type' field. */
-	union	{
-		char *ptr;
-
-		/* NID_pkcs7_data */
-		ASN1_OCTET_STRING *data;
-
-		/* NID_pkcs7_signed */
-		PKCS7_SIGNED *sign;
-
-		/* NID_pkcs7_enveloped */
-		PKCS7_ENVELOPE *enveloped;
-
-		/* NID_pkcs7_signedAndEnveloped */
-		PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
-
-		/* NID_pkcs7_digest */
-		PKCS7_DIGEST *digest;
-
-		/* NID_pkcs7_encrypted */
-		PKCS7_ENCRYPT *encrypted;
-
-		/* Anything else */
-		ASN1_TYPE *other;
-	} d;
-} PKCS7;
-
-DECLARE_STACK_OF(PKCS7)
-DECLARE_ASN1_SET_OF(PKCS7)
-DECLARE_PKCS12_STACK_OF(PKCS7)
-
-#define PKCS7_OP_SET_DETACHED_SIGNATURE	1
-#define PKCS7_OP_GET_DETACHED_SIGNATURE	2
-
-#define PKCS7_get_signed_attributes(si)	((si)->auth_attr)
-#define PKCS7_get_attributes(si)	((si)->unauth_attr)
-
-#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
-#define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
-#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
-#define PKCS7_type_is_signedAndEnveloped(a) \
-		(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
-#define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
-#define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
-#define PKCS7_type_is_encrypted(a) \
-		(OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
-
-#define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
-
-#define PKCS7_set_detached(p,v) \
-		PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
-#define PKCS7_get_detached(p) \
-		PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
-
-#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
-
-/* S/MIME related flags */
-
-#define PKCS7_TEXT		0x1
-#define PKCS7_NOCERTS		0x2
-#define PKCS7_NOSIGS		0x4
-#define PKCS7_NOCHAIN		0x8
-#define PKCS7_NOINTERN		0x10
-#define PKCS7_NOVERIFY		0x20
-#define PKCS7_DETACHED		0x40
-#define PKCS7_BINARY		0x80
-#define PKCS7_NOATTR		0x100
-#define	PKCS7_NOSMIMECAP	0x200
-#define PKCS7_NOOLDMIMETYPE	0x400
-#define PKCS7_CRLFEOL		0x800
-#define PKCS7_STREAM		0x1000
-#define PKCS7_NOCRL		0x2000
-#define PKCS7_PARTIAL		0x4000
-#define PKCS7_REUSE_DIGEST	0x8000
-
-/* Flags: for compatibility with older code */
-
-#define SMIME_TEXT	PKCS7_TEXT
-#define SMIME_NOCERTS	PKCS7_NOCERTS
-#define SMIME_NOSIGS	PKCS7_NOSIGS
-#define SMIME_NOCHAIN	PKCS7_NOCHAIN
-#define SMIME_NOINTERN	PKCS7_NOINTERN
-#define SMIME_NOVERIFY	PKCS7_NOVERIFY
-#define SMIME_DETACHED	PKCS7_DETACHED
-#define SMIME_BINARY	PKCS7_BINARY
-#define SMIME_NOATTR	PKCS7_NOATTR
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
-
-int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
-    const EVP_MD *type, unsigned char *md, unsigned int *len);
-PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
-int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
-PKCS7 *PKCS7_dup(PKCS7 *p7);
-PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
-int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
-int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
-
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
-DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
-DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
-DECLARE_ASN1_FUNCTIONS(PKCS7)
-
-DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
-DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
-
-DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
-DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
-
-long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
-
-int PKCS7_set_type(PKCS7 *p7, int type);
-int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
-int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
-int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-    const EVP_MD *dgst);
-int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
-int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
-int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
-int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
-int PKCS7_content_new(PKCS7 *p7, int nid);
-int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
-    BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
-    X509 *x509);
-
-BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
-int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
-BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
-
-
-PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
-    EVP_PKEY *pkey, const EVP_MD *dgst);
-X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
-STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
-
-PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
-void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
-    X509_ALGOR **pdig, X509_ALGOR **psig);
-void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
-int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
-int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
-int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
-int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
-ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
-    void *data);
-int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
-    void *value);
-ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
-ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
-int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
-    STACK_OF(X509_ATTRIBUTE) *sk);
-int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk);
-
-
-PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
-    BIO *data, int flags);
-
-PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
-    X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md,
-    int flags);
-
-int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
-int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
-    BIO *indata, BIO *out, int flags);
-STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
-    int flags);
-int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-
-int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
-    STACK_OF(X509_ALGOR) *cap);
-STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
-int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
-
-int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
-int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
-int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
-    const unsigned char *md, int mdlen);
-
-int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
-PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
-
-BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_PKCS7_strings(void);
-
-/* Error codes for the PKCS7 functions. */
-
-/* Function codes. */
-#define PKCS7_F_B64_READ_PKCS7				 120
-#define PKCS7_F_B64_WRITE_PKCS7				 121
-#define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB			 136
-#define PKCS7_F_I2D_PKCS7_BIO_STREAM			 140
-#define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME		 135
-#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP		 118
-#define PKCS7_F_PKCS7_ADD_CERTIFICATE			 100
-#define PKCS7_F_PKCS7_ADD_CRL				 101
-#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO		 102
-#define PKCS7_F_PKCS7_ADD_SIGNATURE			 131
-#define PKCS7_F_PKCS7_ADD_SIGNER			 103
-#define PKCS7_F_PKCS7_BIO_ADD_DIGEST			 125
-#define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST		 138
-#define PKCS7_F_PKCS7_CTRL				 104
-#define PKCS7_F_PKCS7_DATADECODE			 112
-#define PKCS7_F_PKCS7_DATAFINAL				 128
-#define PKCS7_F_PKCS7_DATAINIT				 105
-#define PKCS7_F_PKCS7_DATASIGN				 106
-#define PKCS7_F_PKCS7_DATAVERIFY			 107
-#define PKCS7_F_PKCS7_DECRYPT				 114
-#define PKCS7_F_PKCS7_DECRYPT_RINFO			 133
-#define PKCS7_F_PKCS7_ENCODE_RINFO			 132
-#define PKCS7_F_PKCS7_ENCRYPT				 115
-#define PKCS7_F_PKCS7_FINAL				 134
-#define PKCS7_F_PKCS7_FIND_DIGEST			 127
-#define PKCS7_F_PKCS7_GET0_SIGNERS			 124
-#define PKCS7_F_PKCS7_RECIP_INFO_SET			 130
-#define PKCS7_F_PKCS7_SET_CIPHER			 108
-#define PKCS7_F_PKCS7_SET_CONTENT			 109
-#define PKCS7_F_PKCS7_SET_DIGEST			 126
-#define PKCS7_F_PKCS7_SET_TYPE				 110
-#define PKCS7_F_PKCS7_SIGN				 116
-#define PKCS7_F_PKCS7_SIGNATUREVERIFY			 113
-#define PKCS7_F_PKCS7_SIGNER_INFO_SET			 129
-#define PKCS7_F_PKCS7_SIGNER_INFO_SIGN			 139
-#define PKCS7_F_PKCS7_SIGN_ADD_SIGNER			 137
-#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP			 119
-#define PKCS7_F_PKCS7_VERIFY				 117
-#define PKCS7_F_SMIME_READ_PKCS7			 122
-#define PKCS7_F_SMIME_TEXT				 123
-
-/* Reason codes. */
-#define PKCS7_R_CERTIFICATE_VERIFY_ERROR		 117
-#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER		 144
-#define PKCS7_R_CIPHER_NOT_INITIALIZED			 116
-#define PKCS7_R_CONTENT_AND_DATA_PRESENT		 118
-#define PKCS7_R_CTRL_ERROR				 152
-#define PKCS7_R_DECODE_ERROR				 130
-#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH		 100
-#define PKCS7_R_DECRYPT_ERROR				 119
-#define PKCS7_R_DIGEST_FAILURE				 101
-#define PKCS7_R_ENCRYPTION_CTRL_FAILURE			 149
-#define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
-#define PKCS7_R_ERROR_ADDING_RECIPIENT			 120
-#define PKCS7_R_ERROR_SETTING_CIPHER			 121
-#define PKCS7_R_INVALID_MIME_TYPE			 131
-#define PKCS7_R_INVALID_NULL_POINTER			 143
-#define PKCS7_R_MIME_NO_CONTENT_TYPE			 132
-#define PKCS7_R_MIME_PARSE_ERROR			 133
-#define PKCS7_R_MIME_SIG_PARSE_ERROR			 134
-#define PKCS7_R_MISSING_CERIPEND_INFO			 103
-#define PKCS7_R_NO_CONTENT				 122
-#define PKCS7_R_NO_CONTENT_TYPE				 135
-#define PKCS7_R_NO_DEFAULT_DIGEST			 151
-#define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND		 154
-#define PKCS7_R_NO_MULTIPART_BODY_FAILURE		 136
-#define PKCS7_R_NO_MULTIPART_BOUNDARY			 137
-#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE	 115
-#define PKCS7_R_NO_RECIPIENT_MATCHES_KEY		 146
-#define PKCS7_R_NO_SIGNATURES_ON_DATA			 123
-#define PKCS7_R_NO_SIGNERS				 142
-#define PKCS7_R_NO_SIG_CONTENT_TYPE			 138
-#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE	 104
-#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR		 124
-#define PKCS7_R_PKCS7_ADD_SIGNER_ERROR			 153
-#define PKCS7_R_PKCS7_DATAFINAL				 126
-#define PKCS7_R_PKCS7_DATAFINAL_ERROR			 125
-#define PKCS7_R_PKCS7_DATASIGN				 145
-#define PKCS7_R_PKCS7_PARSE_ERROR			 139
-#define PKCS7_R_PKCS7_SIG_PARSE_ERROR			 140
-#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 127
-#define PKCS7_R_SIGNATURE_FAILURE			 105
-#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND		 128
-#define PKCS7_R_SIGNING_CTRL_FAILURE			 147
-#define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE	 148
-#define PKCS7_R_SIG_INVALID_MIME_TYPE			 141
-#define PKCS7_R_SMIME_TEXT_ERROR			 129
-#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE		 106
-#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO			 107
-#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST		 108
-#define PKCS7_R_UNKNOWN_DIGEST_TYPE			 109
-#define PKCS7_R_UNKNOWN_OPERATION			 110
-#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE			 111
-#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE		 112
-#define PKCS7_R_WRONG_CONTENT_TYPE			 113
-#define PKCS7_R_WRONG_PKCS7_TYPE			 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/pkcs7/pkcs7err.c b/lib/libssl/src/crypto/pkcs7/pkcs7err.c
deleted file mode 100644
index 8a67bf52210..00000000000
--- a/lib/libssl/src/crypto/pkcs7/pkcs7err.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* $OpenBSD: pkcs7err.c,v 1.11 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/pkcs7.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
-
-static ERR_STRING_DATA PKCS7_str_functs[]= {
-	{ERR_FUNC(PKCS7_F_B64_READ_PKCS7),	"B64_READ_PKCS7"},
-	{ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7),	"B64_WRITE_PKCS7"},
-	{ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB),	"DO_PKCS7_SIGNED_ATTRIB"},
-	{ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM),	"i2d_PKCS7_bio_stream"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),	"PKCS7_add0_attrib_signing_time"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),	"PKCS7_add_attrib_smimecap"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE),	"PKCS7_add_certificate"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL),	"PKCS7_add_crl"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO),	"PKCS7_add_recipient_info"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE),	"PKCS7_add_signature"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER),	"PKCS7_add_signer"},
-	{ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST),	"PKCS7_BIO_ADD_DIGEST"},
-	{ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),	"PKCS7_COPY_EXISTING_DIGEST"},
-	{ERR_FUNC(PKCS7_F_PKCS7_CTRL),	"PKCS7_ctrl"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DATADECODE),	"PKCS7_dataDecode"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL),	"PKCS7_dataFinal"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DATAINIT),	"PKCS7_dataInit"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DATASIGN),	"PKCS7_DATASIGN"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY),	"PKCS7_dataVerify"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT),	"PKCS7_decrypt"},
-	{ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO),	"PKCS7_DECRYPT_RINFO"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO),	"PKCS7_ENCODE_RINFO"},
-	{ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT),	"PKCS7_encrypt"},
-	{ERR_FUNC(PKCS7_F_PKCS7_FINAL),	"PKCS7_final"},
-	{ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST),	"PKCS7_FIND_DIGEST"},
-	{ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS),	"PKCS7_get0_signers"},
-	{ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET),	"PKCS7_RECIP_INFO_set"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER),	"PKCS7_set_cipher"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT),	"PKCS7_set_content"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST),	"PKCS7_set_digest"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE),	"PKCS7_set_type"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIGN),	"PKCS7_sign"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY),	"PKCS7_signatureVerify"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET),	"PKCS7_SIGNER_INFO_set"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN),	"PKCS7_SIGNER_INFO_sign"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER),	"PKCS7_sign_add_signer"},
-	{ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP),	"PKCS7_simple_smimecap"},
-	{ERR_FUNC(PKCS7_F_PKCS7_VERIFY),	"PKCS7_verify"},
-	{ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7),	"SMIME_read_PKCS7"},
-	{ERR_FUNC(PKCS7_F_SMIME_TEXT),	"SMIME_text"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA PKCS7_str_reasons[]= {
-	{ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-	{ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"},
-	{ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
-	{ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT), "content and data present"},
-	{ERR_REASON(PKCS7_R_CTRL_ERROR)          , "ctrl error"},
-	{ERR_REASON(PKCS7_R_DECODE_ERROR)        , "decode error"},
-	{ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH), "decrypted key is wrong length"},
-	{ERR_REASON(PKCS7_R_DECRYPT_ERROR)       , "decrypt error"},
-	{ERR_REASON(PKCS7_R_DIGEST_FAILURE)      , "digest failure"},
-	{ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
-	{ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "encryption not supported for this key type"},
-	{ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
-	{ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
-	{ERR_REASON(PKCS7_R_INVALID_MIME_TYPE)   , "invalid mime type"},
-	{ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
-	{ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
-	{ERR_REASON(PKCS7_R_MIME_PARSE_ERROR)    , "mime parse error"},
-	{ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
-	{ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
-	{ERR_REASON(PKCS7_R_NO_CONTENT)          , "no content"},
-	{ERR_REASON(PKCS7_R_NO_CONTENT_TYPE)     , "no content type"},
-	{ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST)   , "no default digest"},
-	{ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND), "no matching digest type found"},
-	{ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"},
-	{ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
-	{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE), "no recipient matches certificate"},
-	{ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY), "no recipient matches key"},
-	{ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
-	{ERR_REASON(PKCS7_R_NO_SIGNERS)          , "no signers"},
-	{ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE) , "no sig content type"},
-	{ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE), "operation not supported on this type"},
-	{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"},
-	{ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
-	{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL)     , "pkcs7 datafinal"},
-	{ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
-	{ERR_REASON(PKCS7_R_PKCS7_DATASIGN)      , "pkcs7 datasign"},
-	{ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR)   , "pkcs7 parse error"},
-	{ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"},
-	{ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"},
-	{ERR_REASON(PKCS7_R_SIGNATURE_FAILURE)   , "signature failure"},
-	{ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"},
-	{ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
-	{ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE), "signing not supported for this key type"},
-	{ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
-	{ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR)    , "smime text error"},
-	{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE), "unable to find certificate"},
-	{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO), "unable to find mem bio"},
-	{ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST), "unable to find message digest"},
-	{ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE) , "unknown digest type"},
-	{ERR_REASON(PKCS7_R_UNKNOWN_OPERATION)   , "unknown operation"},
-	{ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
-	{ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
-	{ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE)  , "wrong content type"},
-	{ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE)    , "wrong pkcs7 type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_PKCS7_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, PKCS7_str_functs);
-		ERR_load_strings(0, PKCS7_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/poly1305/poly1305-donna.c b/lib/libssl/src/crypto/poly1305/poly1305-donna.c
deleted file mode 100644
index 773ea4ebe78..00000000000
--- a/lib/libssl/src/crypto/poly1305/poly1305-donna.c
+++ /dev/null
@@ -1,321 +0,0 @@
-/* $OpenBSD: poly1305-donna.c,v 1.3 2014/06/12 15:49:30 deraadt Exp $ */
-/*
- * Public Domain poly1305 from Andrew Moon
- * Based on poly1305-donna.c, poly1305-donna-32.h and poly1305-donna.h from:
- *   https://github.com/floodyberry/poly1305-donna
- */
-
-#include <stddef.h>
-
-static inline void poly1305_init(poly1305_context *ctx,
-    const unsigned char key[32]);
-static inline void poly1305_update(poly1305_context *ctx,
-    const unsigned char *m, size_t bytes);
-static inline void poly1305_finish(poly1305_context *ctx,
-    unsigned char mac[16]);
-
-/*
- * poly1305 implementation using 32 bit * 32 bit = 64 bit multiplication
- * and 64 bit addition.
- */
-
-#define poly1305_block_size 16
-
-/* 17 + sizeof(size_t) + 14*sizeof(unsigned long) */
-typedef struct poly1305_state_internal_t {
-	unsigned long r[5];
-	unsigned long h[5];
-	unsigned long pad[4];
-	size_t leftover;
-	unsigned char buffer[poly1305_block_size];
-	unsigned char final;
-} poly1305_state_internal_t;
-
-/* interpret four 8 bit unsigned integers as a 32 bit unsigned integer in little endian */
-static unsigned long
-U8TO32(const unsigned char *p)
-{
-	return (((unsigned long)(p[0] & 0xff)) |
-	    ((unsigned long)(p[1] & 0xff) <<  8) |
-	    ((unsigned long)(p[2] & 0xff) << 16) |
-	    ((unsigned long)(p[3] & 0xff) << 24));
-}
-
-/* store a 32 bit unsigned integer as four 8 bit unsigned integers in little endian */
-static void
-U32TO8(unsigned char *p, unsigned long v)
-{
-	p[0] = (v) & 0xff;
-	p[1] = (v >>  8) & 0xff;
-	p[2] = (v >> 16) & 0xff;
-	p[3] = (v >> 24) & 0xff;
-}
-
-static inline void
-poly1305_init(poly1305_context *ctx, const unsigned char key[32])
-{
-	poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx;
-
-	/* r &= 0xffffffc0ffffffc0ffffffc0fffffff */
-	st->r[0] = (U8TO32(&key[0])) & 0x3ffffff;
-	st->r[1] = (U8TO32(&key[3]) >> 2) & 0x3ffff03;
-	st->r[2] = (U8TO32(&key[6]) >> 4) & 0x3ffc0ff;
-	st->r[3] = (U8TO32(&key[9]) >> 6) & 0x3f03fff;
-	st->r[4] = (U8TO32(&key[12]) >> 8) & 0x00fffff;
-
-	/* h = 0 */
-	st->h[0] = 0;
-	st->h[1] = 0;
-	st->h[2] = 0;
-	st->h[3] = 0;
-	st->h[4] = 0;
-
-	/* save pad for later */
-	st->pad[0] = U8TO32(&key[16]);
-	st->pad[1] = U8TO32(&key[20]);
-	st->pad[2] = U8TO32(&key[24]);
-	st->pad[3] = U8TO32(&key[28]);
-
-	st->leftover = 0;
-	st->final = 0;
-}
-
-static void
-poly1305_blocks(poly1305_state_internal_t *st, const unsigned char *m, size_t bytes)
-{
-	const unsigned long hibit = (st->final) ? 0 : (1 << 24); /* 1 << 128 */
-	unsigned long r0, r1, r2, r3, r4;
-	unsigned long s1, s2, s3, s4;
-	unsigned long h0, h1, h2, h3, h4;
-	unsigned long long d0, d1, d2, d3, d4;
-	unsigned long c;
-
-	r0 = st->r[0];
-	r1 = st->r[1];
-	r2 = st->r[2];
-	r3 = st->r[3];
-	r4 = st->r[4];
-
-	s1 = r1 * 5;
-	s2 = r2 * 5;
-	s3 = r3 * 5;
-	s4 = r4 * 5;
-
-	h0 = st->h[0];
-	h1 = st->h[1];
-	h2 = st->h[2];
-	h3 = st->h[3];
-	h4 = st->h[4];
-
-	while (bytes >= poly1305_block_size) {
-		/* h += m[i] */
-		h0 += (U8TO32(m + 0)) & 0x3ffffff;
-		h1 += (U8TO32(m + 3) >> 2) & 0x3ffffff;
-		h2 += (U8TO32(m + 6) >> 4) & 0x3ffffff;
-		h3 += (U8TO32(m + 9) >> 6) & 0x3ffffff;
-		h4 += (U8TO32(m + 12) >> 8) | hibit;
-
-		/* h *= r */
-		d0 = ((unsigned long long)h0 * r0) +
-		    ((unsigned long long)h1 * s4) +
-		    ((unsigned long long)h2 * s3) +
-		    ((unsigned long long)h3 * s2) +
-		    ((unsigned long long)h4 * s1);
-		d1 = ((unsigned long long)h0 * r1) +
-		    ((unsigned long long)h1 * r0) +
-		    ((unsigned long long)h2 * s4) +
-		    ((unsigned long long)h3 * s3) +
-		    ((unsigned long long)h4 * s2);
-		d2 = ((unsigned long long)h0 * r2) +
-		    ((unsigned long long)h1 * r1) +
-		    ((unsigned long long)h2 * r0) +
-		    ((unsigned long long)h3 * s4) +
-		    ((unsigned long long)h4 * s3);
-		d3 = ((unsigned long long)h0 * r3) +
-		    ((unsigned long long)h1 * r2) +
-		    ((unsigned long long)h2 * r1) +
-		    ((unsigned long long)h3 * r0) +
-		    ((unsigned long long)h4 * s4);
-		d4 = ((unsigned long long)h0 * r4) +
-		    ((unsigned long long)h1 * r3) +
-		    ((unsigned long long)h2 * r2) +
-		    ((unsigned long long)h3 * r1) +
-		    ((unsigned long long)h4 * r0);
-
-		/* (partial) h %= p */
-		c = (unsigned long)(d0 >> 26);
-		h0 = (unsigned long)d0 & 0x3ffffff;
-		d1 += c;
-		c = (unsigned long)(d1 >> 26);
-		h1 = (unsigned long)d1 & 0x3ffffff;
-		d2 += c;
-		c = (unsigned long)(d2 >> 26);
-		h2 = (unsigned long)d2 & 0x3ffffff;
-		d3 += c;
-		c = (unsigned long)(d3 >> 26);
-		h3 = (unsigned long)d3 & 0x3ffffff;
-		d4 += c;
-		c = (unsigned long)(d4 >> 26);
-		h4 = (unsigned long)d4 & 0x3ffffff;
-		h0 += c * 5;
-		c = (h0 >> 26);
-		h0 = h0 & 0x3ffffff;
-		h1 += c;
-
-		m += poly1305_block_size;
-		bytes -= poly1305_block_size;
-	}
-
-	st->h[0] = h0;
-	st->h[1] = h1;
-	st->h[2] = h2;
-	st->h[3] = h3;
-	st->h[4] = h4;
-}
-
-static inline void
-poly1305_update(poly1305_context *ctx, const unsigned char *m, size_t bytes)
-{
-	poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx;
-	size_t i;
-
-	/* handle leftover */
-	if (st->leftover) {
-		size_t want = (poly1305_block_size - st->leftover);
-		if (want > bytes)
-			want = bytes;
-		for (i = 0; i < want; i++)
-			st->buffer[st->leftover + i] = m[i];
-		bytes -= want;
-		m += want;
-		st->leftover += want;
-		if (st->leftover < poly1305_block_size)
-			return;
-		poly1305_blocks(st, st->buffer, poly1305_block_size);
-		st->leftover = 0;
-	}
-
-	/* process full blocks */
-	if (bytes >= poly1305_block_size) {
-		size_t want = (bytes & ~(poly1305_block_size - 1));
-		poly1305_blocks(st, m, want);
-		m += want;
-		bytes -= want;
-	}
-
-	/* store leftover */
-	if (bytes) {
-		for (i = 0; i < bytes; i++)
-			st->buffer[st->leftover + i] = m[i];
-		st->leftover += bytes;
-	}
-}
-
-static inline void
-poly1305_finish(poly1305_context *ctx, unsigned char mac[16])
-{
-	poly1305_state_internal_t *st = (poly1305_state_internal_t *)ctx;
-	unsigned long h0, h1, h2, h3, h4, c;
-	unsigned long g0, g1, g2, g3, g4;
-	unsigned long long f;
-	unsigned long mask;
-
-	/* process the remaining block */
-	if (st->leftover) {
-		size_t i = st->leftover;
-		st->buffer[i++] = 1;
-		for (; i < poly1305_block_size; i++)
-			st->buffer[i] = 0;
-		st->final = 1;
-		poly1305_blocks(st, st->buffer, poly1305_block_size);
-	}
-
-	/* fully carry h */
-	h0 = st->h[0];
-	h1 = st->h[1];
-	h2 = st->h[2];
-	h3 = st->h[3];
-	h4 = st->h[4];
-
-	c = h1 >> 26;
-	h1 = h1 & 0x3ffffff;
-	h2 += c;
-	c = h2 >> 26;
-	h2 = h2 & 0x3ffffff;
-	h3 += c;
-	c = h3 >> 26;
-	h3 = h3 & 0x3ffffff;
-	h4 += c;
-	c = h4 >> 26;
-	h4 = h4 & 0x3ffffff;
-	h0 += c * 5;
-	c = h0 >> 26;
-	h0 = h0 & 0x3ffffff;
-	h1 += c;
-
-	/* compute h + -p */
-	g0 = h0 + 5;
-	c = g0 >> 26;
-	g0 &= 0x3ffffff;
-	g1 = h1 + c;
-	c = g1 >> 26;
-	g1 &= 0x3ffffff;
-	g2 = h2 + c;
-	c = g2 >> 26;
-	g2 &= 0x3ffffff;
-	g3 = h3 + c;
-	c = g3 >> 26;
-	g3 &= 0x3ffffff;
-	g4 = h4 + c - (1 << 26);
-
-	/* select h if h < p, or h + -p if h >= p */
-	mask = (g4 >> ((sizeof(unsigned long) * 8) - 1)) - 1;
-	g0 &= mask;
-	g1 &= mask;
-	g2 &= mask;
-	g3 &= mask;
-	g4 &= mask;
-	mask = ~mask;
-	h0 = (h0 & mask) | g0;
-	h1 = (h1 & mask) | g1;
-	h2 = (h2 & mask) | g2;
-	h3 = (h3 & mask) | g3;
-	h4 = (h4 & mask) | g4;
-
-	/* h = h % (2^128) */
-	h0 = ((h0) | (h1 << 26)) & 0xffffffff;
-	h1 = ((h1 >>  6) | (h2 << 20)) & 0xffffffff;
-	h2 = ((h2 >> 12) | (h3 << 14)) & 0xffffffff;
-	h3 = ((h3 >> 18) | (h4 <<  8)) & 0xffffffff;
-
-	/* mac = (h + pad) % (2^128) */
-	f = (unsigned long long)h0 + st->pad[0];
-	h0 = (unsigned long)f;
-	f = (unsigned long long)h1 + st->pad[1] + (f >> 32);
-	h1 = (unsigned long)f;
-	f = (unsigned long long)h2 + st->pad[2] + (f >> 32);
-	h2 = (unsigned long)f;
-	f = (unsigned long long)h3 + st->pad[3] + (f >> 32);
-	h3 = (unsigned long)f;
-
-	U32TO8(mac +  0, h0);
-	U32TO8(mac +  4, h1);
-	U32TO8(mac +  8, h2);
-	U32TO8(mac + 12, h3);
-
-	/* zero out the state */
-	st->h[0] = 0;
-	st->h[1] = 0;
-	st->h[2] = 0;
-	st->h[3] = 0;
-	st->h[4] = 0;
-	st->r[0] = 0;
-	st->r[1] = 0;
-	st->r[2] = 0;
-	st->r[3] = 0;
-	st->r[4] = 0;
-	st->pad[0] = 0;
-	st->pad[1] = 0;
-	st->pad[2] = 0;
-	st->pad[3] = 0;
-}
diff --git a/lib/libssl/src/crypto/poly1305/poly1305.c b/lib/libssl/src/crypto/poly1305/poly1305.c
deleted file mode 100644
index 75a34cc3e14..00000000000
--- a/lib/libssl/src/crypto/poly1305/poly1305.c
+++ /dev/null
@@ -1,38 +0,0 @@
-/* $OpenBSD: poly1305.c,v 1.3 2014/06/12 15:49:30 deraadt Exp $ */
-/*
- * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <openssl/poly1305.h>
-#include "poly1305-donna.c"
-
-void
-CRYPTO_poly1305_init(poly1305_context *ctx, const unsigned char key[32])
-{
-	poly1305_init(ctx, key);
-}
-
-void
-CRYPTO_poly1305_update(poly1305_context *ctx, const unsigned char *in,
-    size_t len)
-{
-	poly1305_update(ctx, in, len);
-}
-
-void
-CRYPTO_poly1305_finish(poly1305_context *ctx, unsigned char mac[16])
-{
-	poly1305_finish(ctx, mac);
-}
diff --git a/lib/libssl/src/crypto/poly1305/poly1305.h b/lib/libssl/src/crypto/poly1305/poly1305.h
deleted file mode 100644
index 00ab0bfd2ba..00000000000
--- a/lib/libssl/src/crypto/poly1305/poly1305.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/* $OpenBSD: poly1305.h,v 1.3 2014/07/25 14:04:51 jsing Exp $ */
-/*
- * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#ifndef HEADER_POLY1305_H
-#define HEADER_POLY1305_H
-
-#include <openssl/opensslconf.h>
-
-#if defined(OPENSSL_NO_POLY1305)
-#error Poly1305 is disabled.
-#endif
-
-#include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct poly1305_context {
-	size_t aligner;
-	unsigned char opaque[136];
-} poly1305_context;
-
-typedef struct poly1305_context poly1305_state;
-
-void CRYPTO_poly1305_init(poly1305_context *ctx, const unsigned char key[32]);
-void CRYPTO_poly1305_update(poly1305_context *ctx, const unsigned char *in,
-    size_t len);
-void CRYPTO_poly1305_finish(poly1305_context *ctx, unsigned char mac[16]);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif /* HEADER_POLY1305_H */
diff --git a/lib/libssl/src/crypto/ppccap.c b/lib/libssl/src/crypto/ppccap.c
deleted file mode 100644
index ce01edf6ecf..00000000000
--- a/lib/libssl/src/crypto/ppccap.c
+++ /dev/null
@@ -1,50 +0,0 @@
-/* $OpenBSD: ppccap.c,v 1.6 2014/07/17 23:48:24 deraadt Exp $ */
-
-#include <sys/types.h>
-#include <sys/sysctl.h>
-#include <machine/cpu.h>
-#include <unistd.h>
-
-#include <crypto.h>
-#include <openssl/bn.h>
-
-#ifdef unused
-#define PPC_FPU64	(1<<0)
-#define PPC_ALTIVEC	(1<<1)
-
-static int OPENSSL_ppccap_P = 0;
-#endif
-
-#ifdef OPENSSL_BN_ASM_MONT
-extern int bn_mul_mont_int(BN_ULONG *, const BN_ULONG *, const BN_ULONG *,
-	    const BN_ULONG *, const BN_ULONG *, int);
-int
-bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-    const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-	return bn_mul_mont_int(rp, ap, bp, np, n0, num);
-}
-#endif
-
-#ifdef unused
-void OPENSSL_cpuid_setup(void) __attribute__((constructor));
-
-void
-OPENSSL_cpuid_setup(void)
-{
-	static const int mib[2] = { CTL_MACHDEP, CPU_ALTIVEC };
-	static int trigger = 0;
-	int altivec = 0;
-	size_t size;
-
-	if (trigger)
-		return;
-	trigger = 1;
-
-	size = sizeof altivec;
-	if (sysctl(mib, 2, &altivec, &size, NULL, 0) != -1) {
-		if (altivec != 0)
-			OPENSSL_ppccap_P |= PPC_ALTIVEC;
-	}
-}
-#endif
diff --git a/lib/libssl/src/crypto/ppccpuid.pl b/lib/libssl/src/crypto/ppccpuid.pl
deleted file mode 100755
index 0cef7014b6e..00000000000
--- a/lib/libssl/src/crypto/ppccpuid.pl
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/usr/bin/env perl
-
-$flavour = shift;
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-if ($flavour=~/64/) {
-    $CMPLI="cmpldi";
-    $SHRLI="srdi";
-    $SIGNX="extsw";
-} else {
-    $CMPLI="cmplwi";
-    $SHRLI="srwi";
-    $SIGNX="mr";
-}
-
-$code=<<___;
-.machine	"any"
-.text
-
-#if 0
-.globl	.OPENSSL_ppc64_probe
-.align	4
-.OPENSSL_ppc64_probe:
-	fcfid	f1,f1
-	extrdi	r0,r0,32,0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-#endif
-
-.globl	.OPENSSL_wipe_cpu
-.align	4
-.OPENSSL_wipe_cpu:
-	xor	r0,r0,r0
-	fmr	f0,f31
-	fmr	f1,f31
-	fmr	f2,f31
-	mr	r3,r1
-	fmr	f3,f31
-	xor	r4,r4,r4
-	fmr	f4,f31
-	xor	r5,r5,r5
-	fmr	f5,f31
-	xor	r6,r6,r6
-	fmr	f6,f31
-	xor	r7,r7,r7
-	fmr	f7,f31
-	xor	r8,r8,r8
-	fmr	f8,f31
-	xor	r9,r9,r9
-	fmr	f9,f31
-	xor	r10,r10,r10
-	fmr	f10,f31
-	xor	r11,r11,r11
-	fmr	f11,f31
-	xor	r12,r12,r12
-	fmr	f12,f31
-	fmr	f13,f31
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-
-.globl	.OPENSSL_atomic_add
-.align	4
-.OPENSSL_atomic_add:
-Ladd:	lwarx	r5,0,r3
-	add	r0,r4,r5
-	stwcx.	r0,0,r3
-	bne-	Ladd
-	$SIGNX	r3,r0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,2,0
-	.long	0
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/rand/rand.h b/lib/libssl/src/crypto/rand/rand.h
deleted file mode 100644
index fcb2e9218d0..00000000000
--- a/lib/libssl/src/crypto/rand/rand.h
+++ /dev/null
@@ -1,127 +0,0 @@
-/* $OpenBSD: rand.h,v 1.22 2014/10/22 14:02:52 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-
-#ifndef HEADER_RAND_H
-#define HEADER_RAND_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Already defined in ossl_typ.h */
-/* typedef struct rand_meth_st RAND_METHOD; */
-
-struct rand_meth_st {
-	void (*seed)(const void *buf, int num);
-	int (*bytes)(unsigned char *buf, int num);
-	void (*cleanup)(void);
-	void (*add)(const void *buf, int num, double entropy);
-	int (*pseudorand)(unsigned char *buf, int num);
-	int (*status)(void);
-};
-
-int RAND_set_rand_method(const RAND_METHOD *meth);
-const RAND_METHOD *RAND_get_rand_method(void);
-#ifndef OPENSSL_NO_ENGINE
-int RAND_set_rand_engine(ENGINE *engine);
-#endif
-RAND_METHOD *RAND_SSLeay(void);
-
-#ifndef LIBRESSL_INTERNAL
-void RAND_cleanup(void );
-int  RAND_bytes(unsigned char *buf, int num);
-int  RAND_pseudo_bytes(unsigned char *buf, int num);
-void RAND_seed(const void *buf, int num);
-void RAND_add(const void *buf, int num, double entropy);
-int  RAND_load_file(const char *file, long max_bytes);
-int  RAND_write_file(const char *file);
-const char *RAND_file_name(char *file, size_t num);
-int RAND_status(void);
-int RAND_poll(void);
-#endif
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RAND_strings(void);
-
-/* Error codes for the RAND functions. (no longer used) */
-
-/* Function codes. */
-#define RAND_F_RAND_GET_RAND_METHOD			 101
-#define RAND_F_RAND_INIT_FIPS				 102
-#define RAND_F_SSLEAY_RAND_BYTES			 100
-
-/* Reason codes. */
-#define RAND_R_DUAL_EC_DRBG_DISABLED			 104
-#define RAND_R_ERROR_INITIALISING_DRBG			 102
-#define RAND_R_ERROR_INSTANTIATING_DRBG			 103
-#define RAND_R_NO_FIPS_RANDOM_METHOD_SET		 101
-#define RAND_R_PRNG_NOT_SEEDED				 100
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/rand/rand_err.c b/lib/libssl/src/crypto/rand/rand_err.c
deleted file mode 100644
index 3f91fcb37bf..00000000000
--- a/lib/libssl/src/crypto/rand/rand_err.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* $OpenBSD: rand_err.c,v 1.14 2014/07/10 22:45:57 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/rand.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
-
-static ERR_STRING_DATA RAND_str_functs[] = {
-	{ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD),	"RAND_get_rand_method"},
-	{ERR_FUNC(RAND_F_RAND_INIT_FIPS),	"RAND_init_fips"},
-	{ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES),	"SSLEAY_RAND_BYTES"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA RAND_str_reasons[] = {
-	{ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"},
-	{ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
-	{ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
-	{ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET), "no fips random method set"},
-	{ERR_REASON(RAND_R_PRNG_NOT_SEEDED)      , "PRNG not seeded"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_RAND_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, RAND_str_functs);
-		ERR_load_strings(0, RAND_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/rand/rand_lib.c b/lib/libssl/src/crypto/rand/rand_lib.c
deleted file mode 100644
index 8342a55f05d..00000000000
--- a/lib/libssl/src/crypto/rand/rand_lib.c
+++ /dev/null
@@ -1,100 +0,0 @@
-/* $OpenBSD: rand_lib.c,v 1.20 2014/10/22 13:02:04 jsing Exp $ */
-/*
- * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <stdlib.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/rand.h>
-
-/*
- * The useful functions in this file are at the bottom.
- */
-int
-RAND_set_rand_method(const RAND_METHOD *meth)
-{
-	return 1;
-}
-
-const RAND_METHOD *
-RAND_get_rand_method(void)
-{
-	return NULL;
-}
-
-RAND_METHOD *
-RAND_SSLeay(void)
-{
-	return NULL;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-int
-RAND_set_rand_engine(ENGINE *engine)
-{
-	return 1;
-}
-#endif
-
-void
-RAND_cleanup(void)
-{
-
-}
-
-void
-RAND_seed(const void *buf, int num)
-{
-
-}
-
-void
-RAND_add(const void *buf, int num, double entropy)
-{
-
-}
-
-int
-RAND_status(void)
-{
-	return 1;
-}
-
-int
-RAND_poll(void)
-{
-	return 1;
-}
-
-/*
- * Hurray. You've made it to the good parts.
- */
-int
-RAND_bytes(unsigned char *buf, int num)
-{
-	if (num > 0)
-		arc4random_buf(buf, num);
-	return 1;
-}
-
-int
-RAND_pseudo_bytes(unsigned char *buf, int num)
-{
-	if (num > 0)
-		arc4random_buf(buf, num);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/rand/randfile.c b/lib/libssl/src/crypto/rand/randfile.c
deleted file mode 100644
index 72c065c48da..00000000000
--- a/lib/libssl/src/crypto/rand/randfile.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/* $OpenBSD: randfile.c,v 1.42 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#include <openssl/rand.h>
-#include <openssl/buffer.h>
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-
-#undef BUFSIZE
-#define BUFSIZE	1024
-#define RAND_DATA 1024
-
-/* Note that these functions should not be used. */
-
-int
-RAND_load_file(const char *file, long bytes)
-{
-	/* the "whole" file */
-	if (bytes == -1)
-		return 123456;
-	else
-		return bytes;
-}
-
-int
-RAND_write_file(const char *file)
-{
-	unsigned char buf[BUFSIZE];
-	int i, ret = 0;
-	FILE *out = NULL;
-	int n, fd;
-	struct stat sb;
-
-	/*
-	 * If this file is a device, avoid opening it.
-	 * XXX TOCTOU
-	 */
-	if (stat(file, &sb) != -1 &&
-	    (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode))) {
-		return (1);
-	}
-
-	fd = open(file, O_WRONLY|O_CREAT, 0600);
-	if (fd == -1)
-		return (1);
-	out = fdopen(fd, "wb");
-
-	if (out == NULL) {
-		close(fd);
-		return (1);
-	}
-
-	n = RAND_DATA;
-	for (;;) {
-		i = (n > BUFSIZE) ? BUFSIZE : n;
-		n -= BUFSIZE;
-		arc4random_buf(buf, i);
-		i = fwrite(buf, 1, i, out);
-		if (i <= 0) {
-			ret = 0;
-			break;
-		}
-		ret += i;
-		if (n <= 0)
-			break;
-	}
-
-	fclose(out);
-	explicit_bzero(buf, BUFSIZE);
-	return ret;
-}
-
-const char *
-RAND_file_name(char * buf, size_t size)
-{
-	if (strlcpy(buf, "/dev/urandom", size) >= size)
-		return (NULL);
-	return buf;
-}
diff --git a/lib/libssl/src/crypto/rc2/rc2.h b/lib/libssl/src/crypto/rc2/rc2.h
deleted file mode 100644
index 21511ff36ea..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/* $OpenBSD: rc2.h,v 1.11 2014/07/10 22:45:57 jsing Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC2_H
-#define HEADER_RC2_H
-
-#include <openssl/opensslconf.h> /* OPENSSL_NO_RC2, RC2_INT */
-
-#ifdef OPENSSL_NO_RC2
-#error RC2 is disabled.
-#endif
-
-#define RC2_ENCRYPT	1
-#define RC2_DECRYPT	0
-
-#define RC2_BLOCK	8
-#define RC2_KEY_LENGTH	16
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc2_key_st
-	{
-	RC2_INT data[64];
-	} RC2_KEY;
-
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
-void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
-		     int enc);
-void RC2_encrypt(unsigned long *data,RC2_KEY *key);
-void RC2_decrypt(unsigned long *data,RC2_KEY *key);
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	RC2_KEY *ks, unsigned char *iv, int enc);
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num, int enc);
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/rc2/rc2_cbc.c b/lib/libssl/src/crypto/rc2/rc2_cbc.c
deleted file mode 100644
index a947f1d3c3a..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2_cbc.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* $OpenBSD: rc2_cbc.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
-	     RC2_KEY *ks, unsigned char *iv, int encrypt)
-	{
-	unsigned long tin0,tin1;
-	unsigned long tout0,tout1,xor0,xor1;
-	long l=length;
-	unsigned long tin[2];
-
-	if (encrypt)
-		{
-		c2l(iv,tout0);
-		c2l(iv,tout1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0);
-			c2l(in,tin1);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC2_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		if (l != -8)
-			{
-			c2ln(in,tin0,tin1,l+8);
-			tin0^=tout0;
-			tin1^=tout1;
-			tin[0]=tin0;
-			tin[1]=tin1;
-			RC2_encrypt(tin,ks);
-			tout0=tin[0]; l2c(tout0,out);
-			tout1=tin[1]; l2c(tout1,out);
-			}
-		l2c(tout0,iv);
-		l2c(tout1,iv);
-		}
-	else
-		{
-		c2l(iv,xor0);
-		c2l(iv,xor1);
-		iv-=8;
-		for (l-=8; l>=0; l-=8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC2_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2c(tout0,out);
-			l2c(tout1,out);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		if (l != -8)
-			{
-			c2l(in,tin0); tin[0]=tin0;
-			c2l(in,tin1); tin[1]=tin1;
-			RC2_decrypt(tin,ks);
-			tout0=tin[0]^xor0;
-			tout1=tin[1]^xor1;
-			l2cn(tout0,tout1,out,l+8);
-			xor0=tin0;
-			xor1=tin1;
-			}
-		l2c(xor0,iv);
-		l2c(xor1,iv);
-		}
-	tin0=tin1=tout0=tout1=xor0=xor1=0;
-	tin[0]=tin[1]=0;
-	}
-
-void RC2_encrypt(unsigned long *d, RC2_KEY *key)
-	{
-	int i,n;
-	RC2_INT *p0,*p1;
-	RC2_INT x0,x1,x2,x3,t;
-	unsigned long l;
-
-	l=d[0];
-	x0=(RC2_INT)l&0xffff;
-	x1=(RC2_INT)(l>>16L);
-	l=d[1];
-	x2=(RC2_INT)l&0xffff;
-	x3=(RC2_INT)(l>>16L);
-
-	n=3;
-	i=5;
-
-	p0=p1= &(key->data[0]);
-	for (;;)
-		{
-		t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
-		x0=(t<<1)|(t>>15);
-		t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
-		x1=(t<<2)|(t>>14);
-		t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
-		x2=(t<<3)|(t>>13);
-		t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
-		x3=(t<<5)|(t>>11);
-
-		if (--i == 0)
-			{
-			if (--n == 0) break;
-			i=(n == 2)?6:5;
-
-			x0+=p1[x3&0x3f];
-			x1+=p1[x0&0x3f];
-			x2+=p1[x1&0x3f];
-			x3+=p1[x2&0x3f];
-			}
-		}
-
-	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
-	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
-	}
-
-void RC2_decrypt(unsigned long *d, RC2_KEY *key)
-	{
-	int i,n;
-	RC2_INT *p0,*p1;
-	RC2_INT x0,x1,x2,x3,t;
-	unsigned long l;
-
-	l=d[0];
-	x0=(RC2_INT)l&0xffff;
-	x1=(RC2_INT)(l>>16L);
-	l=d[1];
-	x2=(RC2_INT)l&0xffff;
-	x3=(RC2_INT)(l>>16L);
-
-	n=3;
-	i=5;
-
-	p0= &(key->data[63]);
-	p1= &(key->data[0]);
-	for (;;)
-		{
-		t=((x3<<11)|(x3>>5))&0xffff;
-		x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
-		t=((x2<<13)|(x2>>3))&0xffff;
-		x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
-		t=((x1<<14)|(x1>>2))&0xffff;
-		x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
-		t=((x0<<15)|(x0>>1))&0xffff;
-		x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
-
-		if (--i == 0)
-			{
-			if (--n == 0) break;
-			i=(n == 2)?6:5;
-
-			x3=(x3-p1[x2&0x3f])&0xffff;
-			x2=(x2-p1[x1&0x3f])&0xffff;
-			x1=(x1-p1[x0&0x3f])&0xffff;
-			x0=(x0-p1[x3&0x3f])&0xffff;
-			}
-		}
-
-	d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
-	d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
-	}
-
diff --git a/lib/libssl/src/crypto/rc2/rc2_ecb.c b/lib/libssl/src/crypto/rc2/rc2_ecb.c
deleted file mode 100644
index 76873752788..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2_ecb.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/* $OpenBSD: rc2_ecb.c,v 1.6 2014/07/09 11:10:51 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-#include <openssl/opensslv.h>
-
-/* RC2 as implemented frm a posting from
- * Newsgroups: sci.crypt
- * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
- * Subject: Specification for Ron Rivests Cipher No.2
- * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
- * Date: 11 Feb 1996 06:45:03 GMT
- */
-
-void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
-		     int encrypt)
-	{
-	unsigned long l,d[2];
-
-	c2l(in,l); d[0]=l;
-	c2l(in,l); d[1]=l;
-	if (encrypt)
-		RC2_encrypt(d,ks);
-	else
-		RC2_decrypt(d,ks);
-	l=d[0]; l2c(l,out);
-	l=d[1]; l2c(l,out);
-	l=d[0]=d[1]=0;
-	}
-
diff --git a/lib/libssl/src/crypto/rc2/rc2_locl.h b/lib/libssl/src/crypto/rc2/rc2_locl.h
deleted file mode 100644
index 73d8c68ca76..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2_locl.h
+++ /dev/null
@@ -1,156 +0,0 @@
-/* $OpenBSD: rc2_locl.h,v 1.2 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#undef c2l
-#define c2l(c,l)	(l =((unsigned long)(*((c)++)))    , \
-			 l|=((unsigned long)(*((c)++)))<< 8L, \
-			 l|=((unsigned long)(*((c)++)))<<16L, \
-			 l|=((unsigned long)(*((c)++)))<<24L)
-
-/* NOTE - c is not incremented as per c2l */
-#undef c2ln
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#undef l2c
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)     )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24L)&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#undef l2cn
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
-				} \
-			}
-
-/* NOTE - c is not incremented as per n2l */
-#define n2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))    ; \
-			case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 6: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 5: l2|=((unsigned long)(*(--(c))))<<24; \
-			case 4: l1 =((unsigned long)(*(--(c))))    ; \
-			case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 2: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 1: l1|=((unsigned long)(*(--(c))))<<24; \
-				} \
-			}
-
-/* NOTE - c is not incremented as per l2n */
-#define l2nn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-				} \
-			}
-
-#undef n2l
-#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
-                         l|=((unsigned long)(*((c)++)))<<16L, \
-                         l|=((unsigned long)(*((c)++)))<< 8L, \
-                         l|=((unsigned long)(*((c)++))))
-
-#undef l2n
-#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
-                         *((c)++)=(unsigned char)(((l)     )&0xff))
-
-#define C_RC2(n) \
-	t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
-	x0=(t<<1)|(t>>15); \
-	t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
-	x1=(t<<2)|(t>>14); \
-	t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
-	x2=(t<<3)|(t>>13); \
-	t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
-	x3=(t<<5)|(t>>11);
-
diff --git a/lib/libssl/src/crypto/rc2/rc2_skey.c b/lib/libssl/src/crypto/rc2/rc2_skey.c
deleted file mode 100644
index 964db098932..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2_skey.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* $OpenBSD: rc2_skey.c,v 1.12 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/crypto.h>
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-static const unsigned char key_table[256]={
-	0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
-	0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
-	0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
-	0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
-	0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
-	0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
-	0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
-	0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
-	0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
-	0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
-	0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
-	0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
-	0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
-	0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
-	0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
-	0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
-	0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
-	0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
-	0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
-	0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
-	0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
-	0xfe,0x7f,0xc1,0xad,
-	};
-
-/* It has come to my attention that there are 2 versions of the RC2
- * key schedule.  One which is normal, and anther which has a hook to
- * use a reduced key length.
- * BSAFE uses the 'retarded' version.  What I previously shipped is
- * the same as specifying 1024 for the 'bits' parameter.  Bsafe uses
- * a version where the bits parameter is the same as len*8 */
-void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
-	{
-	int i,j;
-	unsigned char *k;
-	RC2_INT *ki;
-	unsigned int c,d;
-
-	k= (unsigned char *)&(key->data[0]);
-	*k=0; /* for if there is a zero length key */
-
-	if (len > 128) len=128;
-	if (bits <= 0) bits=1024;
-	if (bits > 1024) bits=1024;
-
-	for (i=0; i<len; i++)
-		k[i]=data[i];
-
-	/* expand table */
-	d=k[len-1];
-	j=0;
-	for (i=len; i < 128; i++,j++)
-		{
-		d=key_table[(k[j]+d)&0xff];
-		k[i]=d;
-		}
-
-	/* hmm.... key reduction to 'bits' bits */
-
-	j=(bits+7)>>3;
-	i=128-j;
-	c= (0xff>>(-bits & 0x07));
-
-	d=key_table[k[i]&c];
-	k[i]=d;
-	while (i--)
-		{
-		d=key_table[k[i+j]^d];
-		k[i]=d;
-		}
-
-	/* copy from bytes into RC2_INT's */
-	ki= &(key->data[63]);
-	for (i=127; i>=0; i-=2)
-		*(ki--)=((k[i]<<8)|k[i-1])&0xffff;
-	}
diff --git a/lib/libssl/src/crypto/rc2/rc2cfb64.c b/lib/libssl/src/crypto/rc2/rc2cfb64.c
deleted file mode 100644
index 95366444c4e..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2cfb64.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/* $OpenBSD: rc2cfb64.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit cfb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-
-void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num, int encrypt)
-	{
-	unsigned long v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned long ti[2];
-	unsigned char *iv,c,cc;
-
-	iv=(unsigned char *)ivec;
-	if (encrypt)
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			c= *(in++)^iv[n];
-			*(out++)=c;
-			iv[n]=c;
-			n=(n+1)&0x07;
-			}
-		}
-	else
-		{
-		while (l--)
-			{
-			if (n == 0)
-				{
-				c2l(iv,v0); ti[0]=v0;
-				c2l(iv,v1); ti[1]=v1;
-				RC2_encrypt((unsigned long *)ti,schedule);
-				iv=(unsigned char *)ivec;
-				t=ti[0]; l2c(t,iv);
-				t=ti[1]; l2c(t,iv);
-				iv=(unsigned char *)ivec;
-				}
-			cc= *(in++);
-			c=iv[n];
-			iv[n]=cc;
-			*(out++)=c^cc;
-			n=(n+1)&0x07;
-			}
-		}
-	v0=v1=ti[0]=ti[1]=t=c=cc=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/rc2/rc2ofb64.c b/lib/libssl/src/crypto/rc2/rc2ofb64.c
deleted file mode 100644
index c47b4137394..00000000000
--- a/lib/libssl/src/crypto/rc2/rc2ofb64.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* $OpenBSD: rc2ofb64.c,v 1.5 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc2.h>
-#include "rc2_locl.h"
-
-/* The input and output encrypted as though 64bit ofb mode is being
- * used.  The extra state information to record how much of the
- * 64bit block we have used is contained in *num;
- */
-void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-		       long length, RC2_KEY *schedule, unsigned char *ivec,
-		       int *num)
-	{
-	unsigned long v0,v1,t;
-	int n= *num;
-	long l=length;
-	unsigned char d[8];
-	char *dp;
-	unsigned long ti[2];
-	unsigned char *iv;
-	int save=0;
-
-	iv=(unsigned char *)ivec;
-	c2l(iv,v0);
-	c2l(iv,v1);
-	ti[0]=v0;
-	ti[1]=v1;
-	dp=(char *)d;
-	l2c(v0,dp);
-	l2c(v1,dp);
-	while (l--)
-		{
-		if (n == 0)
-			{
-			RC2_encrypt((unsigned long *)ti,schedule);
-			dp=(char *)d;
-			t=ti[0]; l2c(t,dp);
-			t=ti[1]; l2c(t,dp);
-			save++;
-			}
-		*(out++)= *(in++)^d[n];
-		n=(n+1)&0x07;
-		}
-	if (save)
-		{
-		v0=ti[0];
-		v1=ti[1];
-		iv=(unsigned char *)ivec;
-		l2c(v0,iv);
-		l2c(v1,iv);
-		}
-	t=v0=v1=ti[0]=ti[1]=0;
-	*num=n;
-	}
-
diff --git a/lib/libssl/src/crypto/rc2/rrc2.doc b/lib/libssl/src/crypto/rc2/rrc2.doc
deleted file mode 100644
index f93ee003d2f..00000000000
--- a/lib/libssl/src/crypto/rc2/rrc2.doc
+++ /dev/null
@@ -1,219 +0,0 @@
->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
-Article 23601 of sci.crypt:
-Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
->From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Newsgroups: sci.crypt
-Subject: Specification for Ron Rivests Cipher No.2
-Date: 11 Feb 1996 06:45:03 GMT
-Organization: University of Auckland
-Lines: 203
-Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
-Message-ID: <4fk39f$f70@net.auckland.ac.nz>
-NNTP-Posting-Host: cs26.cs.auckland.ac.nz
-X-Newsreader: NN version 6.5.0 #3 (NOV)
-
-
-
-
-                           Ron Rivest's Cipher No.2
-                           ------------------------
- 
-Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
-refer to it by other names) is word oriented, operating on a block of 64 bits
-divided into four 16-bit words, with a key table of 64 words.  All data units
-are little-endian.  This functional description of the algorithm is based in
-the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
-the same general layout, terminology, and pseudocode style.
- 
- 
-Notation and RRC.2 Primitive Operations
- 
-RRC.2 uses the following primitive operations:
- 
-1. Two's-complement addition of words, denoted by "+".  The inverse operation,
-   subtraction, is denoted by "-".
-2. Bitwise exclusive OR, denoted by "^".
-3. Bitwise AND, denoted by "&".
-4. Bitwise NOT, denoted by "~".
-5. A left-rotation of words; the rotation of word x left by y is denoted
-   x <<< y.  The inverse operation, right-rotation, is denoted x >>> y.
- 
-These operations are directly and efficiently supported by most processors.
- 
- 
-The RRC.2 Algorithm
- 
-RRC.2 consists of three components, a *key expansion* algorithm, an
-*encryption* algorithm, and a *decryption* algorithm.
- 
- 
-Key Expansion
- 
-The purpose of the key-expansion routine is to expand the user's key K to fill
-the expanded key array S, so S resembles an array of random binary words
-determined by the user's secret key K.
- 
-Initialising the S-box
- 
-RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
-Beale Cipher No.1 XOR'd with a one-time pad.  The Beale Ciphers predate modern
-cryptography by enough time that there should be no concerns about trapdoors
-hidden in the data.  They have been published widely, and the S-box can be
-easily recreated from the one-time pad values and the Beale Cipher data taken
-from a standard source.  To initialise the S-box:
- 
-  for i = 0 to 255 do
-    sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
- 
-The contents of Beale Cipher No.1 and the necessary one-time pad are given as
-an appendix at the end of this document.  For efficiency, implementors may wish
-to skip the Beale Cipher expansion and store the sBox table directly.
- 
-Expanding the Secret Key to 128 Bytes
- 
-The secret key is first expanded to fill 128 bytes (64 words).  The expansion
-consists of taking the sum of the first and last bytes in the user key, looking
-up the sum (modulo 256) in the S-box, and appending the result to the key.  The
-operation is repeated with the second byte and new last byte of the key until
-all 128 bytes have been generated.  Note that the following pseudocode treats
-the S array as an array of 128 bytes rather than 64 words.
- 
-  for j = 0 to length-1 do
-    S[ j ] = K[ j ]
-  for j = length to 127 do
-    s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
- 
-At this point it is possible to perform a truncation of the effective key
-length to ease the creation of espionage-enabled software products.  However
-since the author cannot conceive why anyone would want to do this, it will not
-be considered further.
- 
-The final phase of the key expansion involves replacing the first byte of S
-with the entry selected from the S-box:
- 
-  S[ 0 ] = sBox[ S[ 0 ] ]
- 
- 
-Encryption
- 
-The cipher has 16 full rounds, each divided into 4 subrounds.  Two of the full
-rounds perform an additional transformation on the data.  Note that the
-following pseudocode treats the S array as an array of 64 words rather than 128
-bytes.
- 
-  for i = 0 to 15 do
-    j = i * 4;
-    word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
-    word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
-    word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
-    word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
- 
-In addition the fifth and eleventh rounds add the contents of the S-box indexed
-by one of the data words to another of the data words following the four
-subrounds as follows:
- 
-    word0 = word0 + S[ word3 & 63 ];
-    word1 = word1 + S[ word0 & 63 ];
-    word2 = word2 + S[ word1 & 63 ];
-    word3 = word3 + S[ word2 & 63 ];
- 
- 
-Decryption
- 
-The decryption operation is simply the inverse of the encryption operation.
-Note that the following pseudocode treats the S array as an array of 64 words
-rather than 128 bytes.
- 
-  for i = 15 downto 0 do
-    j = i * 4;
-    word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
-    word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
-    word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
-    word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
- 
-In addition the fifth and eleventh rounds subtract the contents of the S-box
-indexed by one of the data words from another one of the data words following
-the four subrounds as follows:
- 
-    word3 = word3 - S[ word2 & 63 ]
-    word2 = word2 - S[ word1 & 63 ]
-    word1 = word1 - S[ word0 & 63 ]
-    word0 = word0 - S[ word3 & 63 ]
- 
- 
-Test Vectors
- 
-The following test vectors may be used to test the correctness of an RRC.2
-implementation:
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
- 
-  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Plain:    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
-  Cipher:   0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
- 
-  Key:      0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-            0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
-  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-  Cipher:   0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
- 
- 
-Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
-          Creating the S-Box
- 
-Beale Cipher No.1.
- 
-  71, 194,  38,1701,  89,  76,  11,  83,1629,  48,  94,  63, 132,  16, 111,  95,
-  84, 341, 975,  14,  40,  64,  27,  81, 139, 213,  63,  90,1120,   8,  15,   3,
- 126,2018,  40,  74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
- 124, 211, 486, 225, 401, 370,  11, 101, 305, 139, 189,  17,  33,  88, 208, 193,
- 145,   1,  94,  73, 416, 918, 263,  28, 500, 538, 356, 117, 136, 219,  27, 176,
- 130,  10, 460,  25, 485,  18, 436,  65,  84, 200, 283, 118, 320, 138,  36, 416,
- 280,  15,  71, 224, 961,  44,  16, 401,  39,  88,  61, 304,  12,  21,  24, 283,
- 134,  92,  63, 246, 486, 682,   7, 219, 184, 360, 780,  18,  64, 463, 474, 131,
- 160,  79,  73, 440,  95,  18,  64, 581,  34,  69, 128, 367, 460,  17,  81,  12,
- 103, 820,  62, 110,  97, 103, 862,  70,  60,1317, 471, 540, 208, 121, 890, 346,
-  36, 150,  59, 568, 614,  13, 120,  63, 219, 812,2160,1780,  99,  35,  18,  21,
- 136, 872,  15,  28, 170,  88,   4,  30,  44, 112,  18, 147, 436, 195, 320,  37,
- 122, 113,   6, 140,   8, 120, 305,  42,  58, 461,  44, 106, 301,  13, 408, 680,
-  93,  86, 116, 530,  82, 568,   9, 102,  38, 416,  89,  71, 216, 728, 965, 818,
-   2,  38, 121, 195,  14, 326, 148, 234,  18,  55, 131, 234, 361, 824,   5,  81,
- 623,  48, 961,  19,  26,  33,  10,1101, 365,  92,  88, 181, 275, 346, 201, 206
- 
-One-time Pad.
- 
- 158, 186, 223,  97,  64, 145, 190, 190, 117, 217, 163,  70, 206, 176, 183, 194,
- 146,  43, 248, 141,   3,  54,  72, 223, 233, 153,  91, 210,  36, 131, 244, 161,
- 105, 120, 113, 191, 113,  86,  19, 245, 213, 221,  43,  27, 242, 157,  73, 213,
- 193,  92, 166,  10,  23, 197, 112, 110, 193,  30, 156,  51, 125,  51, 158,  67,
- 197, 215,  59, 218, 110, 246, 181,   0, 135,  76, 164,  97,  47,  87, 234, 108,
- 144, 127,   6,   6, 222, 172,  80, 144,  22, 245, 207,  70, 227, 182, 146, 134,
- 119, 176,  73,  58, 135,  69,  23, 198,   0, 170,  32, 171, 176, 129,  91,  24,
- 126,  77, 248,   0, 118,  69,  57,  60, 190, 171, 217,  61, 136, 169, 196,  84,
- 168, 167, 163, 102, 223,  64, 174, 178, 166, 239, 242, 195, 249,  92,  59,  38,
- 241,  46, 236,  31,  59, 114,  23,  50, 119, 186,   7,  66, 212,  97, 222, 182,
- 230, 118, 122,  86, 105,  92, 179, 243, 255, 189, 223, 164, 194, 215,  98,  44,
-  17,  20,  53, 153, 137, 224, 176, 100, 208, 114,  36, 200, 145, 150, 215,  20,
-  87,  44, 252,  20, 235, 242, 163, 132,  63,  18,   5, 122,  74,  97,  34,  97,
- 142,  86, 146, 221, 179, 166, 161,  74,  69, 182,  88, 120, 128,  58,  76, 155,
-  15,  30,  77, 216, 165, 117, 107,  90, 169, 127, 143, 181, 208, 137, 200, 127,
- 170, 195,  26,  84, 255, 132, 150,  58, 103, 250, 120, 221, 237,  37,   8,  99
- 
- 
-Implementation
- 
-A non-US based programmer who has never seen any encryption code before will
-shortly be implementing RRC.2 based solely on this specification and not on
-knowledge of any other encryption algorithms.  Stand by.
-
-
-
diff --git a/lib/libssl/src/crypto/rc2/version b/lib/libssl/src/crypto/rc2/version
deleted file mode 100644
index a69ff35a437..00000000000
--- a/lib/libssl/src/crypto/rc2/version
+++ /dev/null
@@ -1,22 +0,0 @@
-1.1 23/08/96 - eay
-	Changed RC2_set_key() so it now takes another argument.  Many
-	thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
-	clarification and origional specification of RC2.  BSAFE uses
-	this last parameter, 'bits'.  It the key is 128 bits, BSAFE
-	also sets this parameter to 128.  The old behaviour can be
-	duplicated by setting this parameter to 1024.
-
-1.0 08/04/96 - eay
-	First version of SSLeay with rc2.  This has been written from the spec
-	posted sci.crypt.  It is in this directory under rrc2.doc
-	I have no test values for any mode other than ecb, my wrappers for the
-	other modes should be ok since they are basically the same as
-	the ones taken from idea and des :-).  I have implemented them as
-	little-endian operators.
-	While rc2 is included because it is used with SSL, I don't know how
-	far I trust it.  It is about the same speed as IDEA and DES.
-	So if you are paranoid, used Triple DES, else IDEA.  If RC2
-	does get used more, perhaps more people will look for weaknesses in
-	it.
-	
-
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-586.pl b/lib/libssl/src/crypto/rc4/asm/rc4-586.pl
deleted file mode 100644
index 84f1a798cb8..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-586.pl
+++ /dev/null
@@ -1,410 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# At some point it became apparent that the original SSLeay RC4
-# assembler implementation performs suboptimally on latest IA-32
-# microarchitectures. After re-tuning performance has changed as
-# following:
-#
-# Pentium	-10%
-# Pentium III	+12%
-# AMD		+50%(*)
-# P4		+250%(**)
-#
-# (*)	This number is actually a trade-off:-) It's possible to
-#	achieve	+72%, but at the cost of -48% off PIII performance.
-#	In other words code performing further 13% faster on AMD
-#	would perform almost 2 times slower on Intel PIII...
-#	For reference! This code delivers ~80% of rc4-amd64.pl
-#	performance on the same Opteron machine.
-# (**)	This number requires compressed key schedule set up by
-#	RC4_set_key [see commentary below for further details].
-#
-#					<appro@fy.chalmers.se>
-
-# May 2011
-#
-# Optimize for Core2 and Westmere [and incidentally Opteron]. Current
-# performance in cycles per processed byte (less is better) and
-# improvement relative to previous version of this module is:
-#
-# Pentium	10.2			# original numbers
-# Pentium III	7.8(*)
-# Intel P4	7.5
-#
-# Opteron	6.1/+20%		# new MMX numbers
-# Core2		5.3/+67%(**)
-# Westmere	5.1/+94%(**)
-# Sandy Bridge	5.0/+8%
-# Atom		12.6/+6%
-#
-# (*)	PIII can actually deliver 6.6 cycles per byte with MMX code,
-#	but this specific code performs poorly on Core2. And vice
-#	versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs
-#	poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU
-#	[anymore], I chose to discard PIII-specific code path and opt
-#	for original IALU-only code, which is why MMX/SSE code path
-#	is guarded by SSE2 bit (see below), not MMX/SSE.
-# (**)	Performance vs. block size on Core2 and Westmere had a maximum
-#	at ... 64 bytes block size. And it was quite a maximum, 40-60%
-#	in comparison to largest 8KB block size. Above improvement
-#	coefficients are for the largest block size.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"rc4-586.pl");
-
-$xx="eax";
-$yy="ebx";
-$tx="ecx";
-$ty="edx";
-$inp="esi";
-$out="ebp";
-$dat="edi";
-
-sub RC4_loop {
-  my $i=shift;
-  my $func = ($i==0)?*mov:*or;
-
-	&add	(&LB($yy),&LB($tx));
-	&mov	($ty,&DWP(0,$dat,$yy,4));
-	&mov	(&DWP(0,$dat,$yy,4),$tx);
-	&mov	(&DWP(0,$dat,$xx,4),$ty);
-	&add	($ty,$tx);
-	&inc	(&LB($xx));
-	&and	($ty,0xff);
-	&ror	($out,8)	if ($i!=0);
-	if ($i<3) {
-	  &mov	($tx,&DWP(0,$dat,$xx,4));
-	} else {
-	  &mov	($tx,&wparam(3));	# reload [re-biased] out
-	}
-	&$func	($out,&DWP(0,$dat,$ty,4));
-}
-
-if ($alt=0) {
-  # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron,
-  # but ~40% slower on Core2 and Westmere... Attempt to add movz
-  # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet
-  # on Core2 with movz it's almost 20% slower than below alternative
-  # code... Yes, it's a total mess...
-  my @XX=($xx,$out);
-  $RC4_loop_mmx = sub {		# SSE actually...
-    my $i=shift;
-    my $j=$i<=0?0:$i>>1;
-    my $mm=$i<=0?"mm0":"mm".($i&1);
-
-	&add	(&LB($yy),&LB($tx));
-	&lea	(@XX[1],&DWP(1,@XX[0]));
-	&pxor	("mm2","mm0")				if ($i==0);
-	&psllq	("mm1",8)				if ($i==0);
-	&and	(@XX[1],0xff);
-	&pxor	("mm0","mm0")				if ($i<=0);
-	&mov	($ty,&DWP(0,$dat,$yy,4));
-	&mov	(&DWP(0,$dat,$yy,4),$tx);
-	&pxor	("mm1","mm2")				if ($i==0);
-	&mov	(&DWP(0,$dat,$XX[0],4),$ty);
-	&add	(&LB($ty),&LB($tx));
-	&movd	(@XX[0],"mm7")				if ($i==0);
-	&mov	($tx,&DWP(0,$dat,@XX[1],4));
-	&pxor	("mm1","mm1")				if ($i==1);
-	&movq	("mm2",&QWP(0,$inp))			if ($i==1);
-	&movq	(&QWP(-8,(@XX[0],$inp)),"mm1")		if ($i==0);
-	&pinsrw	($mm,&DWP(0,$dat,$ty,4),$j);
-
-	push	(@XX,shift(@XX))			if ($i>=0);
-  }
-} else {
-  # Using pinsrw here improves performane on Intel CPUs by 2-3%, but
-  # brings down AMD by 7%...
-  $RC4_loop_mmx = sub {
-    my $i=shift;
-
-	&add	(&LB($yy),&LB($tx));
-	&psllq	("mm1",8*(($i-1)&7))			if (abs($i)!=1);
-	&mov	($ty,&DWP(0,$dat,$yy,4));
-	&mov	(&DWP(0,$dat,$yy,4),$tx);
-	&mov	(&DWP(0,$dat,$xx,4),$ty);
-	&inc	($xx);
-	&add	($ty,$tx);
-	&movz	($xx,&LB($xx));				# (*)
-	&movz	($ty,&LB($ty));				# (*)
-	&pxor	("mm2",$i==1?"mm0":"mm1")		if ($i>=0);
-	&movq	("mm0",&QWP(0,$inp))			if ($i<=0);
-	&movq	(&QWP(-8,($out,$inp)),"mm2")		if ($i==0);
-	&mov	($tx,&DWP(0,$dat,$xx,4));
-	&movd	($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4));
-
-	# (*)	This is the key to Core2 and Westmere performance.
-	#	Whithout movz out-of-order execution logic confuses
-	#	itself and fails to reorder loads and stores. Problem
-	#	appears to be fixed in Sandy Bridge...
-  }
-}
-
-&external_label("OPENSSL_ia32cap_P");
-
-# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
-&function_begin("RC4");
-	&mov	($dat,&wparam(0));	# load key schedule pointer
-	&mov	($ty, &wparam(1));	# load len
-	&mov	($inp,&wparam(2));	# load inp
-	&mov	($out,&wparam(3));	# load out
-
-	&xor	($xx,$xx);		# avoid partial register stalls
-	&xor	($yy,$yy);
-
-	&cmp	($ty,0);		# safety net
-	&je	(&label("abort"));
-
-	&mov	(&LB($xx),&BP(0,$dat));	# load key->x
-	&mov	(&LB($yy),&BP(4,$dat));	# load key->y
-	&add	($dat,8);
-
-	&lea	($tx,&DWP(0,$inp,$ty));
-	&sub	($out,$inp);		# re-bias out
-	&mov	(&wparam(1),$tx);	# save input+len
-
-	&inc	(&LB($xx));
-
-	# detect compressed key schedule...
-	&cmp	(&DWP(256,$dat),-1);
-	&je	(&label("RC4_CHAR"));
-
-	&mov	($tx,&DWP(0,$dat,$xx,4));
-
-	&and	($ty,-4);		# how many 4-byte chunks?
-	&jz	(&label("loop1"));
-
-	&test	($ty,-8);
-	&mov	(&wparam(3),$out);	# $out as accumulator in these loops
-	&jz	(&label("go4loop4"));
-
-	&picmeup($out,"OPENSSL_ia32cap_P");
-	&bt	(&DWP(0,$out),26);	# check SSE2 bit [could have been MMX]
-	&jnc	(&label("go4loop4"));
-
-	&mov	($out,&wparam(3))	if (!$alt);
-	&movd	("mm7",&wparam(3))	if ($alt);
-	&and	($ty,-8);
-	&lea	($ty,&DWP(-8,$inp,$ty));
-	&mov	(&DWP(-4,$dat),$ty);	# save input+(len/8)*8-8
-
-	&$RC4_loop_mmx(-1);
-	&jmp(&label("loop_mmx_enter"));
-
-	&set_label("loop_mmx",16);
-		&$RC4_loop_mmx(0);
-	&set_label("loop_mmx_enter");
-		for 	($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); }
-		&mov	($ty,$yy);
-		&xor	($yy,$yy);		# this is second key to Core2
-		&mov	(&LB($yy),&LB($ty));	# and Westmere performance...
-		&cmp	($inp,&DWP(-4,$dat));
-		&lea	($inp,&DWP(8,$inp));
-	&jb	(&label("loop_mmx"));
-
-    if ($alt) {
-	&movd	($out,"mm7");
-	&pxor	("mm2","mm0");
-	&psllq	("mm1",8);
-	&pxor	("mm1","mm2");
-	&movq	(&QWP(-8,$out,$inp),"mm1");
-    } else {
-	&psllq	("mm1",56);
-	&pxor	("mm2","mm1");
-	&movq	(&QWP(-8,$out,$inp),"mm2");
-    }
-	&emms	();
-
-	&cmp	($inp,&wparam(1));	# compare to input+len
-	&je	(&label("done"));
-	&jmp	(&label("loop1"));
-
-&set_label("go4loop4",16);
-	&lea	($ty,&DWP(-4,$inp,$ty));
-	&mov	(&wparam(2),$ty);	# save input+(len/4)*4-4
-
-	&set_label("loop4");
-		for ($i=0;$i<4;$i++) { RC4_loop($i); }
-		&ror	($out,8);
-		&xor	($out,&DWP(0,$inp));
-		&cmp	($inp,&wparam(2));	# compare to input+(len/4)*4-4
-		&mov	(&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here
-		&lea	($inp,&DWP(4,$inp));
-		&mov	($tx,&DWP(0,$dat,$xx,4));
-	&jb	(&label("loop4"));
-
-	&cmp	($inp,&wparam(1));	# compare to input+len
-	&je	(&label("done"));
-	&mov	($out,&wparam(3));	# restore $out
-
-	&set_label("loop1",16);
-		&add	(&LB($yy),&LB($tx));
-		&mov	($ty,&DWP(0,$dat,$yy,4));
-		&mov	(&DWP(0,$dat,$yy,4),$tx);
-		&mov	(&DWP(0,$dat,$xx,4),$ty);
-		&add	($ty,$tx);
-		&inc	(&LB($xx));
-		&and	($ty,0xff);
-		&mov	($ty,&DWP(0,$dat,$ty,4));
-		&xor	(&LB($ty),&BP(0,$inp));
-		&lea	($inp,&DWP(1,$inp));
-		&mov	($tx,&DWP(0,$dat,$xx,4));
-		&cmp	($inp,&wparam(1));	# compare to input+len
-		&mov	(&BP(-1,$out,$inp),&LB($ty));
-	&jb	(&label("loop1"));
-
-	&jmp	(&label("done"));
-
-# this is essentially Intel P4 specific codepath...
-&set_label("RC4_CHAR",16);
-	&movz	($tx,&BP(0,$dat,$xx));
-	# strangely enough unrolled loop performs over 20% slower...
-	&set_label("cloop1");
-		&add	(&LB($yy),&LB($tx));
-		&movz	($ty,&BP(0,$dat,$yy));
-		&mov	(&BP(0,$dat,$yy),&LB($tx));
-		&mov	(&BP(0,$dat,$xx),&LB($ty));
-		&add	(&LB($ty),&LB($tx));
-		&movz	($ty,&BP(0,$dat,$ty));
-		&add	(&LB($xx),1);
-		&xor	(&LB($ty),&BP(0,$inp));
-		&lea	($inp,&DWP(1,$inp));
-		&movz	($tx,&BP(0,$dat,$xx));
-		&cmp	($inp,&wparam(1));
-		&mov	(&BP(-1,$out,$inp),&LB($ty));
-	&jb	(&label("cloop1"));
-
-&set_label("done");
-	&dec	(&LB($xx));
-	&mov	(&DWP(-4,$dat),$yy);		# save key->y
-	&mov	(&BP(-8,$dat),&LB($xx));	# save key->x
-&set_label("abort");
-&function_end("RC4");
-
-########################################################################
-
-$inp="esi";
-$out="edi";
-$idi="ebp";
-$ido="ecx";
-$idx="edx";
-
-# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
-&function_begin("RC4_set_key");
-	&mov	($out,&wparam(0));		# load key
-	&mov	($idi,&wparam(1));		# load len
-	&mov	($inp,&wparam(2));		# load data
-	&picmeup($idx,"OPENSSL_ia32cap_P");
-
-	&lea	($out,&DWP(2*4,$out));		# &key->data
-	&lea	($inp,&DWP(0,$inp,$idi));	# $inp to point at the end
-	&neg	($idi);
-	&xor	("eax","eax");
-	&mov	(&DWP(-4,$out),$idi);		# borrow key->y
-
-	&bt	(&DWP(0,$idx),20);		# check for bit#20
-	&jc	(&label("c1stloop"));
-
-&set_label("w1stloop",16);
-	&mov	(&DWP(0,$out,"eax",4),"eax");	# key->data[i]=i;
-	&add	(&LB("eax"),1);			# i++;
-	&jnc	(&label("w1stloop"));
-
-	&xor	($ido,$ido);
-	&xor	($idx,$idx);
-
-&set_label("w2ndloop",16);
-	&mov	("eax",&DWP(0,$out,$ido,4));
-	&add	(&LB($idx),&BP(0,$inp,$idi));
-	&add	(&LB($idx),&LB("eax"));
-	&add	($idi,1);
-	&mov	("ebx",&DWP(0,$out,$idx,4));
-	&jnz	(&label("wnowrap"));
-	  &mov	($idi,&DWP(-4,$out));
-	&set_label("wnowrap");
-	&mov	(&DWP(0,$out,$idx,4),"eax");
-	&mov	(&DWP(0,$out,$ido,4),"ebx");
-	&add	(&LB($ido),1);
-	&jnc	(&label("w2ndloop"));
-&jmp	(&label("exit"));
-
-# Unlike all other x86 [and x86_64] implementations, Intel P4 core
-# [including EM64T] was found to perform poorly with above "32-bit" key
-# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded
-# assembler turned out to be 3.5x if re-coded for compressed 8-bit one,
-# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit
-# schedule for x86[_64], because non-P4 implementations suffer from
-# significant performance losses then, e.g. PIII exhibits >2x
-# deterioration, and so does Opteron. In order to assure optimal
-# all-round performance, we detect P4 at run-time and set up compressed
-# key schedule, which is recognized by RC4 procedure.
-
-&set_label("c1stloop",16);
-	&mov	(&BP(0,$out,"eax"),&LB("eax"));	# key->data[i]=i;
-	&add	(&LB("eax"),1);			# i++;
-	&jnc	(&label("c1stloop"));
-
-	&xor	($ido,$ido);
-	&xor	($idx,$idx);
-	&xor	("ebx","ebx");
-
-&set_label("c2ndloop",16);
-	&mov	(&LB("eax"),&BP(0,$out,$ido));
-	&add	(&LB($idx),&BP(0,$inp,$idi));
-	&add	(&LB($idx),&LB("eax"));
-	&add	($idi,1);
-	&mov	(&LB("ebx"),&BP(0,$out,$idx));
-	&jnz	(&label("cnowrap"));
-	  &mov	($idi,&DWP(-4,$out));
-	&set_label("cnowrap");
-	&mov	(&BP(0,$out,$idx),&LB("eax"));
-	&mov	(&BP(0,$out,$ido),&LB("ebx"));
-	&add	(&LB($ido),1);
-	&jnc	(&label("c2ndloop"));
-
-	&mov	(&DWP(256,$out),-1);		# mark schedule as compressed
-
-&set_label("exit");
-	&xor	("eax","eax");
-	&mov	(&DWP(-8,$out),"eax");		# key->x=0;
-	&mov	(&DWP(-4,$out),"eax");		# key->y=0;
-&function_end("RC4_set_key");
-
-# const char *RC4_options(void);
-&function_begin_B("RC4_options");
-	&call	(&label("pic_point"));
-&set_label("pic_point");
-	&blindpop("eax");
-	&lea	("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax"));
-	&picmeup("edx","OPENSSL_ia32cap_P");
-	&mov	("edx",&DWP(0,"edx"));
-	&bt	("edx",20);
-	&jc	(&label("1xchar"));
-	&bt	("edx",26);
-	&jnc	(&label("ret"));
-	&add	("eax",25);
-	&ret	();
-&set_label("1xchar");
-	&add	("eax",12);
-&set_label("ret");
-	&ret	();
-&set_label("opts",64);
-&asciz	("rc4(4x,int)");
-&asciz	("rc4(1x,char)");
-&asciz	("rc4(8x,mmx)");
-&asciz	("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>");
-&align	(64);
-&function_end_B("RC4_options");
-
-&asm_finish();
-
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-ia64.pl b/lib/libssl/src/crypto/rc4/asm/rc4-ia64.pl
deleted file mode 100644
index 49cd5b5e694..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-ia64.pl
+++ /dev/null
@@ -1,755 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by David Mosberger <David.Mosberger@acm.org> based on the
-# Itanium optimized Crypto code which was released by HP Labs at
-# http://www.hpl.hp.com/research/linux/crypto/.
-#
-# Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
-
-
-
-# This is a little helper program which generates a software-pipelined
-# for RC4 encryption.  The basic algorithm looks like this:
-#
-#   for (counter = 0; counter < len; ++counter)
-#     {
-#       in = inp[counter];
-#       SI = S[I];
-#       J = (SI + J) & 0xff;
-#       SJ = S[J];
-#       T = (SI + SJ) & 0xff;
-#       S[I] = SJ, S[J] = SI;
-#       ST = S[T];
-#       outp[counter] = in ^ ST;
-#       I = (I + 1) & 0xff;
-#     }
-#
-# Pipelining this loop isn't easy, because the stores to the S[] array
-# need to be observed in the right order.  The loop generated by the
-# code below has the following pipeline diagram:
-#
-#      cycle
-#     | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 |
-# iter
-#   1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
-#   2:             xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
-#   3:                         xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
-#
-#   where:
-# 	LDI = load of S[I]
-# 	LDJ = load of S[J]
-# 	SWP = swap of S[I] and S[J]
-# 	LDT = load of S[T]
-#
-# Note that in the above diagram, the major trouble-spot is that LDI
-# of the 2nd iteration is performed BEFORE the SWP of the first
-# iteration.  Fortunately, this is easy to detect (I of the 1st
-# iteration will be equal to J of the 2nd iteration) and when this
-# happens, we simply forward the proper value from the 1st iteration
-# to the 2nd one.  The proper value in this case is simply the value
-# of S[I] from the first iteration (thanks to the fact that SWP
-# simply swaps the contents of S[I] and S[J]).
-#
-# Another potential trouble-spot is in cycle 7, where SWP of the 1st
-# iteration issues at the same time as the LDI of the 3rd iteration.
-# However, thanks to IA-64 execution semantics, this can be taken
-# care of simply by placing LDI later in the instruction-group than
-# SWP.  IA-64 CPUs will automatically forward the value if they
-# detect that the SWP and LDI are accessing the same memory-location.
-
-# The core-loop that can be pipelined then looks like this (annotated
-# with McKinley/Madison issue port & latency numbers, assuming L1
-# cache hits for the most part):
-
-# operation:	    instruction:		    issue-ports:  latency
-# ------------------  -----------------------------   ------------- -------
-
-# Data = *inp++       ld1 data = [inp], 1             M0-M1         1 cyc     c0
-#                     shladd Iptr = I, KeyTable, 3    M0-M3, I0, I1 1 cyc
-# I = (I + 1) & 0xff  padd1 nextI = I, one            M0-M3, I0, I1 3 cyc
-#                     ;;
-# SI = S[I]           ld8 SI = [Iptr]                 M0-M1         1 cyc     c1 * after SWAP!
-#                     ;;
-#                     cmp.eq.unc pBypass = I, J                                  * after J is valid!
-# J = SI + J          add J = J, SI                   M0-M3, I0, I1 1 cyc     c2
-#                     (pBypass) br.cond.spnt Bypass
-#                     ;;
-# ---------------------------------------------------------------------------------------
-# J = J & 0xff        zxt1 J = J                      I0, I1, 1 cyc           c3
-#                     ;;
-#                     shladd Jptr = J, KeyTable, 3    M0-M3, I0, I1 1 cyc     c4
-#                     ;;
-# SJ = S[J]           ld8 SJ = [Jptr]                 M0-M1         1 cyc     c5
-#                     ;;
-# ---------------------------------------------------------------------------------------
-# T = (SI + SJ)       add T = SI, SJ                  M0-M3, I0, I1 1 cyc     c6
-#                     ;;
-# T = T & 0xff        zxt1 T = T                      I0, I1        1 cyc
-# S[I] = SJ           st8 [Iptr] = SJ                 M2-M3                   c7
-# S[J] = SI           st8 [Jptr] = SI                 M2-M3
-#                     ;;
-#                     shladd Tptr = T, KeyTable, 3    M0-M3, I0, I1 1 cyc     c8
-#                     ;;
-# ---------------------------------------------------------------------------------------
-# T = S[T]            ld8 T = [Tptr]                  M0-M1         1 cyc     c9
-#                     ;;
-# data ^= T           xor data = data, T              M0-M3, I0, I1 1 cyc     c10
-#                     ;;
-# *out++ = Data ^ T   dep word = word, data, 8, POS   I0, I1        1 cyc     c11
-#                     ;;
-# ---------------------------------------------------------------------------------------
-
-# There are several points worth making here:
-
-#   - Note that due to the bypass/forwarding-path, the first two
-#     phases of the loop are strangly mingled together.  In
-#     particular, note that the first stage of the pipeline is
-#     using the value of "J", as calculated by the second stage.
-#   - Each bundle-pair will have exactly 6 instructions.
-#   - Pipelined, the loop can execute in 3 cycles/iteration and
-#     4 stages.  However, McKinley/Madison can issue "st1" to
-#     the same bank at a rate of at most one per 4 cycles.  Thus,
-#     instead of storing each byte, we accumulate them in a word
-#     and then write them back at once with a single "st8" (this
-#     implies that the setup code needs to ensure that the output
-#     buffer is properly aligned, if need be, by encoding the
-#     first few bytes separately).
-#   - There is no space for a "br.ctop" instruction.  For this
-#     reason we can't use module-loop support in IA-64 and have
-#     to do a traditional, purely software-pipelined loop.
-#   - We can't replace any of the remaining "add/zxt1" pairs with
-#     "padd1" because the latency for that instruction is too high
-#     and would push the loop to the point where more bypasses
-#     would be needed, which we don't have space for.
-#   - The above loop runs at around 3.26 cycles/byte, or roughly
-#     440 MByte/sec on a 1.5GHz Madison.  This is well below the
-#     system bus bandwidth and hence with judicious use of
-#     "lfetch" this loop can run at (almost) peak speed even when
-#     the input and output data reside in memory.  The
-#     max. latency that can be tolerated is (PREFETCH_DISTANCE *
-#     L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at
-#     least) 1-ahead prefetching of 128 byte cache-lines.  Note
-#     that we do NOT prefetch into L1, since that would only
-#     interfere with the S[] table values stored there.  This is
-#     acceptable because there is a 10 cycle latency between
-#     load and first use of the input data.
-#   - We use a branch to out-of-line bypass-code of cycle-pressure:
-#     we calculate the next J, check for the need to activate the
-#     bypass path, and activate the bypass path ALL IN THE SAME
-#     CYCLE.  If we didn't have these constraints, we could do
-#     the bypass with a simple conditional move instruction.
-#     Fortunately, the bypass paths get activated relatively
-#     infrequently, so the extra branches don't cost all that much
-#     (about 0.04 cycles/byte, measured on a 16396 byte file with
-#     random input data).
-#
-
-$phases = 4;		# number of stages/phases in the pipelined-loop
-$unroll_count = 6;	# number of times we unrolled it
-$pComI = (1 << 0);
-$pComJ = (1 << 1);
-$pComT = (1 << 2);
-$pOut  = (1 << 3);
-
-$NData = 4;
-$NIP = 3;
-$NJP = 2;
-$NI = 2;
-$NSI = 3;
-$NSJ = 2;
-$NT = 2;
-$NOutWord = 2;
-
-#
-# $threshold is the minimum length before we attempt to use the
-# big software-pipelined loop.  It MUST be greater-or-equal
-# to:
-#  		PHASES * (UNROLL_COUNT + 1) + 7
-#
-# The "+ 7" comes from the fact we may have to encode up to
-#   7 bytes separately before the output pointer is aligned.
-#
-$threshold = (3 * ($phases * ($unroll_count + 1)) + 7);
-
-sub I {
-    local *code = shift;
-    local $format = shift;
-    $code .= sprintf ("\t\t".$format."\n", @_);
-}
-
-sub P {
-    local *code = shift;
-    local $format = shift;
-    $code .= sprintf ($format."\n", @_);
-}
-
-sub STOP {
-    local *code = shift;
-    $code .=<<___;
-		;;
-___
-}
-
-sub emit_body {
-    local *c = shift;
-    local *bypass = shift;
-    local ($iteration, $p) = @_;
-
-    local $i0 = $iteration;
-    local $i1 = $iteration - 1;
-    local $i2 = $iteration - 2;
-    local $i3 = $iteration - 3;
-    local $iw0 = ($iteration - 3) / 8;
-    local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1;
-    local $byte_num = ($iteration - 3) % 8;
-    local $label = $iteration + 1;
-    local $pAny = ($p & 0xf) == 0xf;
-    local $pByp = (($p & $pComI) && ($iteration > 0));
-
-    $c.=<<___;
-//////////////////////////////////////////////////
-___
-
-    if (($p & 0xf) == 0) {
-	$c.="#ifdef HOST_IS_BIG_ENDIAN\n";
-	&I(\$c,"shr.u	OutWord[%u] = OutWord[%u], 32;;",
-				$iw1 % $NOutWord, $iw1 % $NOutWord);
-	$c.="#endif\n";
-	&I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord);
-	return;
-    }
-
-    # Cycle 0
-    &I(\$c, "{ .mmi")					      if ($pAny);
-    &I(\$c, "ld1    Data[%u] = [InPtr], 1", $i0 % $NData)     if ($p & $pComI);
-    &I(\$c, "padd1  I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI);
-    &I(\$c, "zxt1   J = J")				      if ($p & $pComJ);
-    &I(\$c, "}")					      if ($pAny);
-    &I(\$c, "{ .mmi")					      if ($pAny);
-    &I(\$c, "LKEY   T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT)   if ($p & $pOut);
-    &I(\$c, "add    T[%u] = SI[%u], SJ[%u]",
-       $i0 % $NT, $i2 % $NSI, $i1 % $NSJ)		      if ($p & $pComT);
-    &I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI);
-    &I(\$c, "}")					      if ($pAny);
-    &STOP(\$c);
-
-    # Cycle 1
-    &I(\$c, "{ .mmi")					      if ($pAny);
-    &I(\$c, "SKEY   [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT);
-    &I(\$c, "SKEY   [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT);
-    &I(\$c, "zxt1   T[%u] = T[%u]", $i0 % $NT, $i0 % $NT)     if ($p & $pComT);
-    &I(\$c, "}")					      if ($pAny);
-    &I(\$c, "{ .mmi")					      if ($pAny);
-    &I(\$c, "LKEY   SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI);
-    &I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP)		      if ($p & $pComJ);
-    &I(\$c, "xor    Data[%u] = Data[%u], T[%u]",
-       $i3 % $NData, $i3 % $NData, $i1 % $NT)		      if ($p & $pOut);
-    &I(\$c, "}")					      if ($pAny);
-    &STOP(\$c);
-
-    # Cycle 2
-    &I(\$c, "{ .mmi")					      if ($pAny);
-    &I(\$c, "LKEY   SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ);
-    &I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI)	      if ($pByp);
-    &I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8",
-       $iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut);
-    &I(\$c, "}")					      if ($pAny);
-    &I(\$c, "{ .mmb")					      if ($pAny);
-    &I(\$c, "add    J = J, SI[%u]", $i0 % $NSI)		      if ($p & $pComI);
-    &I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT)    if ($p & $pComT);
-    &P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp);
-    &I(\$c, "}") if ($pAny);
-    &STOP(\$c);
-
-    &P(\$c, ".rc4Resume%u:", $label)			      if ($pByp);
-    if ($byte_num == 0 && $iteration >= $phases) {
-	&I(\$c, "st8 [OutPtr] = OutWord[%u], 8",
-	   $iw1 % $NOutWord)				      if ($p & $pOut);
-	if ($iteration == (1 + $unroll_count) * $phases - 1) {
-	    if ($unroll_count == 6) {
-		&I(\$c, "mov OutWord[%u] = OutWord[%u]",
-		   $iw1 % $NOutWord, $iw0 % $NOutWord);
-	    }
-	    &I(\$c, "lfetch.nt1 [InPrefetch], %u",
-	       $unroll_count * $phases);
-	    &I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u",
-	       $unroll_count * $phases);
-	    &I(\$c, "br.cloop.sptk.few .rc4Loop");
-	}
-    }
-
-    if ($pByp) {
-	&P(\$bypass, ".rc4Bypass%u:", $label);
-	&I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI);
-	&I(\$bypass, "nop 0");
-	&I(\$bypass, "nop 0");
-	&I(\$bypass, ";;");
-	&I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI);
-	&I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI);
-	&I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label);
-	&I(\$bypass, ";;");
-    }
-}
-
-$code=<<___;
-.ident \"rc4-ia64.s, version 3.0\"
-.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\"
-
-#define LCSave		r8
-#define PRSave		r9
-
-/* Inputs become invalid once rotation begins!  */
-
-#define StateTable	in0
-#define DataLen		in1
-#define InputBuffer	in2
-#define OutputBuffer	in3
-
-#define KTable		r14
-#define J		r15
-#define InPtr		r16
-#define OutPtr		r17
-#define InPrefetch	r18
-#define OutPrefetch	r19
-#define One		r20
-#define LoopCount	r21
-#define Remainder	r22
-#define IFinal		r23
-#define EndPtr		r24
-
-#define tmp0		r25
-#define tmp1		r26
-
-#define pBypass		p6
-#define pDone		p7
-#define pSmall		p8
-#define pAligned	p9
-#define pUnaligned	p10
-
-#define pComputeI	pPhase[0]
-#define pComputeJ	pPhase[1]
-#define pComputeT	pPhase[2]
-#define pOutput		pPhase[3]
-
-#define RetVal		r8
-#define L_OK		p7
-#define L_NOK		p8
-
-#define	_NINPUTS	4
-#define	_NOUTPUT	0
-
-#define	_NROTATE	24
-#define	_NLOCALS	(_NROTATE - _NINPUTS - _NOUTPUT)
-
-#ifndef SZ
-# define SZ	4	// this must be set to sizeof(RC4_INT)
-#endif
-
-#if SZ == 1
-# define LKEY			ld1
-# define SKEY			st1
-# define KEYADDR(dst, i)	add dst = i, KTable
-#elif SZ == 2
-# define LKEY			ld2
-# define SKEY			st2
-# define KEYADDR(dst, i)	shladd dst = i, 1, KTable
-#elif SZ == 4
-# define LKEY			ld4
-# define SKEY			st4
-# define KEYADDR(dst, i)	shladd dst = i, 2, KTable
-#else
-# define LKEY			ld8
-# define SKEY			st8
-# define KEYADDR(dst, i)	shladd dst = i, 3, KTable
-#endif
-
-#if defined(_HPUX_SOURCE) && !defined(_LP64)
-# define ADDP	addp4
-#else
-# define ADDP	add
-#endif
-
-/* Define a macro for the bit number of the n-th byte: */
-
-#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
-# define HOST_IS_BIG_ENDIAN
-# define BYTE_POS(n)	(56 - (8 * (n)))
-#else
-# define BYTE_POS(n)	(8 * (n))
-#endif
-
-/*
-   We must perform the first phase of the pipeline explicitly since
-   we will always load from the stable the first time. The br.cexit
-   will never be taken since regardless of the number of bytes because
-   the epilogue count is 4.
-*/
-/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX
-   assembler failed on original macro with syntax error. <appro> */
-#define MODSCHED_RC4_PROLOGUE						   \\
-	{								   \\
-				ld1		Data[0] = [InPtr], 1;	   \\
-				add		IFinal = 1, I[1];	   \\
-				KEYADDR(IPr[0], I[1]);			   \\
-	} ;;								   \\
-	{								   \\
-				LKEY		SI[0] = [IPr[0]];	   \\
-				mov		pr.rot = 0x10000;	   \\
-				mov		ar.ec = 4;		   \\
-	} ;;								   \\
-	{								   \\
-				add		J = J, SI[0];		   \\
-				zxt1		I[0] = IFinal;		   \\
-				br.cexit.spnt.few .+16; /* never taken */  \\
-	} ;;
-#define MODSCHED_RC4_LOOP(label)					   \\
-label:									   \\
-	{	.mmi;							   \\
-		(pComputeI)	ld1		Data[0] = [InPtr], 1;	   \\
-		(pComputeI)	add		IFinal = 1, I[1];	   \\
-		(pComputeJ)	zxt1		J = J;			   \\
-	}{	.mmi;							   \\
-		(pOutput)	LKEY		T[1] = [T[1]];		   \\
-		(pComputeT)	add		T[0] = SI[2], SJ[1];	   \\
-		(pComputeI)	KEYADDR(IPr[0], I[1]);			   \\
-	} ;;								   \\
-	{	.mmi;							   \\
-		(pComputeT)	SKEY		[IPr[2]] = SJ[1];	   \\
-		(pComputeT)	SKEY		[JP[1]] = SI[2];	   \\
-		(pComputeT)	zxt1		T[0] = T[0];		   \\
-	}{	.mmi;							   \\
-		(pComputeI)	LKEY		SI[0] = [IPr[0]];	   \\
-		(pComputeJ)	KEYADDR(JP[0], J);			   \\
-		(pComputeI)	cmp.eq.unc	pBypass, p0 = I[1], J;	   \\
-	} ;;								   \\
-	{	.mmi;							   \\
-		(pComputeJ)	LKEY		SJ[0] = [JP[0]];	   \\
-		(pOutput)	xor		Data[3] = Data[3], T[1];   \\
-				nop		0x0;			   \\
-	}{	.mmi;							   \\
-		(pComputeT)	KEYADDR(T[0], T[0]);			   \\
-		(pBypass)	mov		SI[0] = SI[1];		   \\
-		(pComputeI)	zxt1		I[0] = IFinal;		   \\
-	} ;;								   \\
-	{	.mmb;							   \\
-		(pOutput)	st1		[OutPtr] = Data[3], 1;	   \\
-		(pComputeI)	add		J = J, SI[0];		   \\
-				br.ctop.sptk.few label;			   \\
-	} ;;
-
-	.text
-
-	.align	32
-
-	.type	RC4, \@function
-	.global	RC4
-
-	.proc	RC4
-	.prologue
-
-RC4:
-	{
-	  	.mmi
-		alloc	r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
-
-		.rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\
-		      OutWord[2]
-		.rotp pPhase[4]
-
-		ADDP		InPrefetch = 0, InputBuffer
-		ADDP		KTable = 0, StateTable
-	}
-	{
-		.mmi
-		ADDP		InPtr = 0, InputBuffer
-		ADDP		OutPtr = 0, OutputBuffer
-		mov		RetVal = r0
-	}
-	;;
-	{
-		.mmi
-		lfetch.nt1	[InPrefetch], 0x80
-		ADDP		OutPrefetch = 0, OutputBuffer
-	}
-	{               // Return 0 if the input length is nonsensical
-        	.mib
-		ADDP		StateTable = 0, StateTable
-        	cmp.ge.unc  	L_NOK, L_OK = r0, DataLen
-	(L_NOK) br.ret.sptk.few rp
-	}
-	;;
-	{
-        	.mib
-        	cmp.eq.or  	L_NOK, L_OK = r0, InPtr
-        	cmp.eq.or  	L_NOK, L_OK = r0, OutPtr
-		nop		0x0
-	}
-	{
-		.mib
-        	cmp.eq.or  	L_NOK, L_OK = r0, StateTable
-		nop		0x0
-	(L_NOK) br.ret.sptk.few rp
-	}
-	;;
-		LKEY		I[1] = [KTable], SZ
-/* Prefetch the state-table. It contains 256 elements of size SZ */
-
-#if SZ == 1
-		ADDP		tmp0 = 1*128, StateTable
-#elif SZ == 2
-		ADDP		tmp0 = 3*128, StateTable
-		ADDP		tmp1 = 2*128, StateTable
-#elif SZ == 4
-		ADDP		tmp0 = 7*128, StateTable
-		ADDP		tmp1 = 6*128, StateTable
-#elif SZ == 8
-		ADDP		tmp0 = 15*128, StateTable
-		ADDP		tmp1 = 14*128, StateTable
-#endif
-		;;
-#if SZ >= 8
-		lfetch.fault.nt1		[tmp0], -256	// 15
-		lfetch.fault.nt1		[tmp1], -256;;
-		lfetch.fault.nt1		[tmp0], -256	// 13
-		lfetch.fault.nt1		[tmp1], -256;;
-		lfetch.fault.nt1		[tmp0], -256	// 11
-		lfetch.fault.nt1		[tmp1], -256;;
-		lfetch.fault.nt1		[tmp0], -256	//  9
-		lfetch.fault.nt1		[tmp1], -256;;
-#endif
-#if SZ >= 4
-		lfetch.fault.nt1		[tmp0], -256	//  7
-		lfetch.fault.nt1		[tmp1], -256;;
-		lfetch.fault.nt1		[tmp0], -256	//  5
-		lfetch.fault.nt1		[tmp1], -256;;
-#endif
-#if SZ >= 2
-		lfetch.fault.nt1		[tmp0], -256	//  3
-		lfetch.fault.nt1		[tmp1], -256;;
-#endif
-	{
-		.mii
-		lfetch.fault.nt1		[tmp0]		//  1
-		add		I[1]=1,I[1];;
-		zxt1		I[1]=I[1]
-	}
-	{
-		.mmi
-		lfetch.nt1	[InPrefetch], 0x80
-		lfetch.excl.nt1	[OutPrefetch], 0x80
-		.save		pr, PRSave
-		mov		PRSave = pr
-	} ;;
-	{
-		.mmi
-		lfetch.excl.nt1	[OutPrefetch], 0x80
-		LKEY		J = [KTable], SZ
-		ADDP		EndPtr = DataLen, InPtr
-	}  ;;
-	{
-		.mmi
-		ADDP		EndPtr = -1, EndPtr	// Make it point to
-							// last data byte.
-		mov		One = 1
-		.save		ar.lc, LCSave
-		mov		LCSave = ar.lc
-		.body
-	} ;;
-	{
-		.mmb
-		sub		Remainder = 0, OutPtr
-		cmp.gtu		pSmall, p0 = $threshold, DataLen
-(pSmall)	br.cond.dpnt	.rc4Remainder		// Data too small for
-							// big loop.
-	} ;;
-	{
-		.mmi
-		and		Remainder = 0x7, Remainder
-		;;
-		cmp.eq		pAligned, pUnaligned = Remainder, r0
-		nop		0x0
-	} ;;
-	{
-		.mmb
-.pred.rel	"mutex",pUnaligned,pAligned
-(pUnaligned)	add		Remainder = -1, Remainder
-(pAligned)	sub		Remainder = EndPtr, InPtr
-(pAligned)	br.cond.dptk.many .rc4Aligned
-	} ;;
-	{
-		.mmi
-		nop		0x0
-		nop		0x0
-		mov.i		ar.lc = Remainder
-	}
-
-/* Do the initial few bytes via the compact, modulo-scheduled loop
-   until the output pointer is 8-byte-aligned.  */
-
-		MODSCHED_RC4_PROLOGUE
-		MODSCHED_RC4_LOOP(.RC4AlignLoop)
-
-	{
-		.mib
-		sub		Remainder = EndPtr, InPtr
-		zxt1		IFinal = IFinal
-		clrrrb				// Clear CFM.rrb.pr so
-		;;				// next "mov pr.rot = N"
-						// does the right thing.
-	}
-	{
-		.mmi
-		mov		I[1] = IFinal
-		nop		0x0
-		nop		0x0
-	} ;;
-
-
-.rc4Aligned:
-
-/*
-   Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases)
- */
-
-	{
-		.mlx
-		add	LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder
-		movl		Remainder = 0xaaaaaaaaaaaaaaab
-	} ;;
-	{
-		.mmi
-		setf.sig	f6 = LoopCount		// M2, M3	6 cyc
-		setf.sig	f7 = Remainder		// M2, M3	6 cyc
-		nop		0x0
-	} ;;
-	{
-		.mfb
-		nop		0x0
-		xmpy.hu		f6 = f6, f7
-		nop		0x0
-	} ;;
-	{
-		.mmi
-		getf.sig	LoopCount = f6;;	// M2		5 cyc
-		nop		0x0
-		shr.u		LoopCount = LoopCount, 4
-	} ;;
-	{
-		.mmi
-		nop		0x0
-		nop		0x0
-		mov.i		ar.lc = LoopCount
-	} ;;
-
-/* Now comes the unrolled loop: */
-
-.rc4Prologue:
-___
-
-$iteration = 0;
-
-# Generate the prologue:
-$predicates = 1;
-for ($i = 0; $i < $phases; ++$i) {
-    &emit_body (\$code, \$bypass, $iteration++, $predicates);
-    $predicates = ($predicates << 1) | 1;
-}
-
-$code.=<<___;
-.rc4Loop:
-___
-
-# Generate the body:
-for ($i = 0; $i < $unroll_count*$phases; ++$i) {
-    &emit_body (\$code, \$bypass, $iteration++, $predicates);
-}
-
-$code.=<<___;
-.rc4Epilogue:
-___
-
-# Generate the epilogue:
-for ($i = 0; $i < $phases; ++$i) {
-    $predicates <<= 1;
-    &emit_body (\$code, \$bypass, $iteration++, $predicates);
-}
-
-$code.=<<___;
-	{
-		.mmi
-		lfetch.nt1	[EndPtr]	// fetch line with last byte
-		mov		IFinal = I[1]
-		nop		0x0
-	}
-
-.rc4Remainder:
-	{
-		.mmi
-		sub		Remainder = EndPtr, InPtr	// Calculate
-								// # of bytes
-								// left - 1
-		nop		0x0
-		nop		0x0
-	} ;;
-	{
-		.mib
-		cmp.eq		pDone, p0 = -1, Remainder // done already?
-		mov.i		ar.lc = Remainder
-(pDone)		br.cond.dptk.few .rc4Complete
-	}
-
-/* Do the remaining bytes via the compact, modulo-scheduled loop */
-
-		MODSCHED_RC4_PROLOGUE
-		MODSCHED_RC4_LOOP(.RC4RestLoop)
-
-.rc4Complete:
-	{
-		.mmi
-		add		KTable = -SZ, KTable
-		add		IFinal = -1, IFinal
-		mov		ar.lc = LCSave
-	} ;;
-	{
-		.mii
-		SKEY		[KTable] = J,-SZ
-		zxt1		IFinal = IFinal
-		mov		pr = PRSave, 0x1FFFF
-	} ;;
-	{
-		.mib
-		SKEY		[KTable] = IFinal
-		add		RetVal = 1, r0
-		br.ret.sptk.few	rp
-	} ;;
-___
-
-# Last but not least, emit the code for the bypass-code of the unrolled loop:
-
-$code.=$bypass;
-
-$code.=<<___;
-	.endp RC4
-___
-
-print $code;
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-md5-x86_64.pl b/lib/libssl/src/crypto/rc4/asm/rc4-md5-x86_64.pl
deleted file mode 100644
index 501d9e936bb..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-md5-x86_64.pl
+++ /dev/null
@@ -1,525 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# June 2011
-#
-# This is RC4+MD5 "stitch" implementation. The idea, as spelled in
-# http://download.intel.com/design/intarch/papers/323686.pdf, is that
-# since both algorithms exhibit instruction-level parallelism, ILP,
-# below theoretical maximum, interleaving them would allow to utilize
-# processor resources better and achieve better performance. RC4
-# instruction sequence is virtually identical to rc4-x86_64.pl, which
-# is heavily based on submission by Maxim Perminov, Maxim Locktyukhin
-# and Jim Guilford of Intel. MD5 is fresh implementation aiming to
-# minimize register usage, which was used as "main thread" with RC4
-# weaved into it, one RC4 round per one MD5 round. In addition to the
-# stiched subroutine the script can generate standalone replacement
-# md5_block_asm_data_order and RC4. Below are performance numbers in
-# cycles per processed byte, less is better, for these the standalone
-# subroutines, sum of them, and stitched one:
-#
-#		RC4	MD5	RC4+MD5	stitch	gain
-# Opteron	6.5(*)	5.4	11.9	7.0	+70%(*)
-# Core2		6.5	5.8	12.3	7.7	+60%
-# Westmere	4.3	5.2	9.5	7.0	+36%
-# Sandy Bridge	4.2	5.5	9.7	6.8	+43%
-# Atom		9.3	6.5	15.8	11.1	+42%
-#
-# (*)	rc4-x86_64.pl delivers 5.3 on Opteron, so real improvement
-#	is +53%...
-
-my ($rc4,$md5)=(1,1);	# what to generate?
-my $D="#" if (!$md5);	# if set to "#", MD5 is stitched into RC4(),
-			# but its result is discarded. Idea here is
-			# to be able to use 'openssl speed rc4' for
-			# benchmarking the stitched subroutine... 
-
-my $flavour = shift;
-my $output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-my ($dat,$in0,$out,$ctx,$inp,$len, $func,$nargs);
-
-if ($rc4 && !$md5) {
-  ($dat,$len,$in0,$out) = ("%rdi","%rsi","%rdx","%rcx");
-  $func="RC4";				$nargs=4;
-} elsif ($md5 && !$rc4) {
-  ($ctx,$inp,$len) = ("%rdi","%rsi","%rdx");
-  $func="md5_block_asm_data_order";	$nargs=3;
-} else {
-  ($dat,$in0,$out,$ctx,$inp,$len) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
-  $func="rc4_md5_enc";			$nargs=6;
-  # void rc4_md5_enc(
-  #		RC4_KEY *key,		#
-  #		const void *in0,	# RC4 input
-  #		void *out,		# RC4 output
-  #		MD5_CTX *ctx,		#
-  #		const void *inp,	# MD5 input
-  #		size_t len);		# number of 64-byte blocks
-}
-
-my @K=(	0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee,
-	0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501,
-	0x698098d8,0x8b44f7af,0xffff5bb1,0x895cd7be,
-	0x6b901122,0xfd987193,0xa679438e,0x49b40821,
-
-	0xf61e2562,0xc040b340,0x265e5a51,0xe9b6c7aa,
-	0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8,
-	0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed,
-	0xa9e3e905,0xfcefa3f8,0x676f02d9,0x8d2a4c8a,
-
-	0xfffa3942,0x8771f681,0x6d9d6122,0xfde5380c,
-	0xa4beea44,0x4bdecfa9,0xf6bb4b60,0xbebfbc70,
-	0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05,
-	0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665,
-
-	0xf4292244,0x432aff97,0xab9423a7,0xfc93a039,
-	0x655b59c3,0x8f0ccc92,0xffeff47d,0x85845dd1,
-	0x6fa87e4f,0xfe2ce6e0,0xa3014314,0x4e0811a1,
-	0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391	);
-
-my @V=("%r8d","%r9d","%r10d","%r11d");	# MD5 registers
-my $tmp="%r12d";
-
-my @XX=("%rbp","%rsi");			# RC4 registers
-my @TX=("%rax","%rbx");
-my $YY="%rcx";
-my $TY="%rdx";
-
-my $MOD=32;				# 16, 32 or 64
-
-$code.=<<___;
-.text
-.align 16
-
-.globl	$func
-.type	$func,\@function,$nargs
-$func:
-	cmp	\$0,$len
-	je	.Labort
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	sub	\$40,%rsp
-.Lbody:
-___
-if ($rc4) {
-$code.=<<___;
-$D#md5#	mov	$ctx,%r11		# reassign arguments
-	mov	$len,%r12
-	mov	$in0,%r13
-	mov	$out,%r14
-$D#md5#	mov	$inp,%r15
-___
-    $ctx="%r11"	if ($md5);		# reassign arguments
-    $len="%r12";
-    $in0="%r13";
-    $out="%r14";
-    $inp="%r15"	if ($md5);
-    $inp=$in0	if (!$md5);
-$code.=<<___;
-	xor	$XX[0],$XX[0]
-	xor	$YY,$YY
-
-	lea	8($dat),$dat
-	mov	-8($dat),$XX[0]#b
-	mov	-4($dat),$YY#b
-
-	inc	$XX[0]#b
-	sub	$in0,$out
-	movl	($dat,$XX[0],4),$TX[0]#d
-___
-$code.=<<___ if (!$md5);
-	xor	$TX[1],$TX[1]
-	test	\$-128,$len
-	jz	.Loop1
-	sub	$XX[0],$TX[1]
-	and	\$`$MOD-1`,$TX[1]
-	jz	.Loop${MOD}_is_hot
-	sub	$TX[1],$len
-.Loop${MOD}_warmup:
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	$TY#d,($dat,$XX[0],4)
-	add	$TY#b,$TX[0]#b
-	inc	$XX[0]#b
-	movl	($dat,$TX[0],4),$TY#d
-	movl	($dat,$XX[0],4),$TX[0]#d
-	xorb	($in0),$TY#b
-	movb	$TY#b,($out,$in0)
-	lea	1($in0),$in0
-	dec	$TX[1]
-	jnz	.Loop${MOD}_warmup
-
-	mov	$YY,$TX[1]
-	xor	$YY,$YY
-	mov	$TX[1]#b,$YY#b
-
-.Loop${MOD}_is_hot:
-	mov	$len,32(%rsp)		# save original $len
-	shr	\$6,$len		# number of 64-byte blocks
-___
-  if ($D && !$md5) {			# stitch in dummy MD5
-    $md5=1;
-    $ctx="%r11";
-    $inp="%r15";
-    $code.=<<___;
-	mov	%rsp,$ctx
-	mov	$in0,$inp
-___
-  }
-}
-$code.=<<___;
-#rc4#	add	$TX[0]#b,$YY#b
-#rc4#	lea	($dat,$XX[0],4),$XX[1]
-	shl	\$6,$len
-	add	$inp,$len		# pointer to the end of input
-	mov	$len,16(%rsp)
-
-#md5#	mov	$ctx,24(%rsp)		# save pointer to MD5_CTX
-#md5#	mov	0*4($ctx),$V[0]		# load current hash value from MD5_CTX
-#md5#	mov	1*4($ctx),$V[1]
-#md5#	mov	2*4($ctx),$V[2]
-#md5#	mov	3*4($ctx),$V[3]
-	jmp	.Loop
-
-.align	16
-.Loop:
-#md5#	mov	$V[0],0*4(%rsp)		# put aside current hash value
-#md5#	mov	$V[1],1*4(%rsp)
-#md5#	mov	$V[2],2*4(%rsp)
-#md5#	mov	$V[3],$tmp		# forward reference
-#md5#	mov	$V[3],3*4(%rsp)
-___
-
-sub R0 {
-  my ($i,$a,$b,$c,$d)=@_;
-  my @rot0=(7,12,17,22);
-  my $j=$i%16;
-  my $k=$i%$MOD;
-  my $xmm="%xmm".($j&1);
-    $code.="	movdqu	($in0),%xmm2\n"		if ($rc4 && $j==15);
-    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
-    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
-    $code.=<<___;
-#rc4#	movl	($dat,$YY,4),$TY#d
-#md5#	xor	$c,$tmp
-#rc4#	movl	$TX[0]#d,($dat,$YY,4)
-#md5#	and	$b,$tmp
-#md5#	add	4*`$j`($inp),$a
-#rc4#	add	$TY#b,$TX[0]#b
-#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
-#md5#	add	\$$K[$i],$a
-#md5#	xor	$d,$tmp
-#rc4#	movz	$TX[0]#b,$TX[0]#d
-#rc4#	movl	$TY#d,4*$k($XX[1])
-#md5#	add	$tmp,$a
-#rc4#	add	$TX[1]#b,$YY#b
-#md5#	rol	\$$rot0[$j%4],$a
-#md5#	mov	`$j==15?"$b":"$c"`,$tmp		# forward reference
-#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
-#md5#	add	$b,$a
-___
-    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
-	mov	$YY,$XX[1]
-	xor	$YY,$YY				# keyword to partial register
-	mov	$XX[1]#b,$YY#b
-	lea	($dat,$XX[0],4),$XX[1]
-___
-    $code.=<<___ if ($rc4 && $j==15);
-	psllq	\$8,%xmm1
-	pxor	%xmm0,%xmm2
-	pxor	%xmm1,%xmm2
-___
-}
-sub R1 {
-  my ($i,$a,$b,$c,$d)=@_;
-  my @rot1=(5,9,14,20);
-  my $j=$i%16;
-  my $k=$i%$MOD;
-  my $xmm="%xmm".($j&1);
-    $code.="	movdqu	16($in0),%xmm3\n"	if ($rc4 && $j==15);
-    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
-    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
-    $code.=<<___;
-#rc4#	movl	($dat,$YY,4),$TY#d
-#md5#	xor	$b,$tmp
-#rc4#	movl	$TX[0]#d,($dat,$YY,4)
-#md5#	and	$d,$tmp
-#md5#	add	4*`((1+5*$j)%16)`($inp),$a
-#rc4#	add	$TY#b,$TX[0]#b
-#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
-#md5#	add	\$$K[$i],$a
-#md5#	xor	$c,$tmp
-#rc4#	movz	$TX[0]#b,$TX[0]#d
-#rc4#	movl	$TY#d,4*$k($XX[1])
-#md5#	add	$tmp,$a
-#rc4#	add	$TX[1]#b,$YY#b
-#md5#	rol	\$$rot1[$j%4],$a
-#md5#	mov	`$j==15?"$c":"$b"`,$tmp		# forward reference
-#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
-#md5#	add	$b,$a
-___
-    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
-	mov	$YY,$XX[1]
-	xor	$YY,$YY				# keyword to partial register
-	mov	$XX[1]#b,$YY#b
-	lea	($dat,$XX[0],4),$XX[1]
-___
-    $code.=<<___ if ($rc4 && $j==15);
-	psllq	\$8,%xmm1
-	pxor	%xmm0,%xmm3
-	pxor	%xmm1,%xmm3
-___
-}
-sub R2 {
-  my ($i,$a,$b,$c,$d)=@_;
-  my @rot2=(4,11,16,23);
-  my $j=$i%16;
-  my $k=$i%$MOD;
-  my $xmm="%xmm".($j&1);
-    $code.="	movdqu	32($in0),%xmm4\n"	if ($rc4 && $j==15);
-    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
-    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
-    $code.=<<___;
-#rc4#	movl	($dat,$YY,4),$TY#d
-#md5#	xor	$c,$tmp
-#rc4#	movl	$TX[0]#d,($dat,$YY,4)
-#md5#	xor	$b,$tmp
-#md5#	add	4*`((5+3*$j)%16)`($inp),$a
-#rc4#	add	$TY#b,$TX[0]#b
-#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
-#md5#	add	\$$K[$i],$a
-#rc4#	movz	$TX[0]#b,$TX[0]#d
-#md5#	add	$tmp,$a
-#rc4#	movl	$TY#d,4*$k($XX[1])
-#rc4#	add	$TX[1]#b,$YY#b
-#md5#	rol	\$$rot2[$j%4],$a
-#md5#	mov	`$j==15?"\\\$-1":"$c"`,$tmp	# forward reference
-#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
-#md5#	add	$b,$a
-___
-    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
-	mov	$YY,$XX[1]
-	xor	$YY,$YY				# keyword to partial register
-	mov	$XX[1]#b,$YY#b
-	lea	($dat,$XX[0],4),$XX[1]
-___
-    $code.=<<___ if ($rc4 && $j==15);
-	psllq	\$8,%xmm1
-	pxor	%xmm0,%xmm4
-	pxor	%xmm1,%xmm4
-___
-}
-sub R3 {
-  my ($i,$a,$b,$c,$d)=@_;
-  my @rot3=(6,10,15,21);
-  my $j=$i%16;
-  my $k=$i%$MOD;
-  my $xmm="%xmm".($j&1);
-    $code.="	movdqu	48($in0),%xmm5\n"	if ($rc4 && $j==15);
-    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
-    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
-    $code.=<<___;
-#rc4#	movl	($dat,$YY,4),$TY#d
-#md5#	xor	$d,$tmp
-#rc4#	movl	$TX[0]#d,($dat,$YY,4)
-#md5#	or	$b,$tmp
-#md5#	add	4*`((7*$j)%16)`($inp),$a
-#rc4#	add	$TY#b,$TX[0]#b
-#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
-#md5#	add	\$$K[$i],$a
-#rc4#	movz	$TX[0]#b,$TX[0]#d
-#md5#	xor	$c,$tmp
-#rc4#	movl	$TY#d,4*$k($XX[1])
-#md5#	add	$tmp,$a
-#rc4#	add	$TX[1]#b,$YY#b
-#md5#	rol	\$$rot3[$j%4],$a
-#md5#	mov	\$-1,$tmp			# forward reference
-#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
-#md5#	add	$b,$a
-___
-    $code.=<<___ if ($rc4 && $j==15);
-	mov	$XX[0],$XX[1]
-	xor	$XX[0],$XX[0]			# keyword to partial register
-	mov	$XX[1]#b,$XX[0]#b
-	mov	$YY,$XX[1]
-	xor	$YY,$YY				# keyword to partial register
-	mov	$XX[1]#b,$YY#b
-	lea	($dat,$XX[0],4),$XX[1]
-	psllq	\$8,%xmm1
-	pxor	%xmm0,%xmm5
-	pxor	%xmm1,%xmm5
-___
-}
-
-my $i=0;
-for(;$i<16;$i++) { R0($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
-for(;$i<32;$i++) { R1($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
-for(;$i<48;$i++) { R2($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
-for(;$i<64;$i++) { R3($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
-
-$code.=<<___;
-#md5#	add	0*4(%rsp),$V[0]		# accumulate hash value
-#md5#	add	1*4(%rsp),$V[1]
-#md5#	add	2*4(%rsp),$V[2]
-#md5#	add	3*4(%rsp),$V[3]
-
-#rc4#	movdqu	%xmm2,($out,$in0)	# write RC4 output
-#rc4#	movdqu	%xmm3,16($out,$in0)
-#rc4#	movdqu	%xmm4,32($out,$in0)
-#rc4#	movdqu	%xmm5,48($out,$in0)
-#md5#	lea	64($inp),$inp
-#rc4#	lea	64($in0),$in0
-	cmp	16(%rsp),$inp		# are we done?
-	jb	.Loop
-
-#md5#	mov	24(%rsp),$len		# restore pointer to MD5_CTX
-#rc4#	sub	$TX[0]#b,$YY#b		# correct $YY
-#md5#	mov	$V[0],0*4($len)		# write MD5_CTX
-#md5#	mov	$V[1],1*4($len)
-#md5#	mov	$V[2],2*4($len)
-#md5#	mov	$V[3],3*4($len)
-___
-$code.=<<___ if ($rc4 && (!$md5 || $D));
-	mov	32(%rsp),$len		# restore original $len
-	and	\$63,$len		# remaining bytes
-	jnz	.Loop1
-	jmp	.Ldone
-	
-.align	16
-.Loop1:
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	$TY#d,($dat,$XX[0],4)
-	add	$TY#b,$TX[0]#b
-	inc	$XX[0]#b
-	movl	($dat,$TX[0],4),$TY#d
-	movl	($dat,$XX[0],4),$TX[0]#d
-	xorb	($in0),$TY#b
-	movb	$TY#b,($out,$in0)
-	lea	1($in0),$in0
-	dec	$len
-	jnz	.Loop1
-
-.Ldone:
-___
-$code.=<<___;
-#rc4#	sub	\$1,$XX[0]#b
-#rc4#	movl	$XX[0]#d,-8($dat)
-#rc4#	movl	$YY#d,-4($dat)
-
-	mov	40(%rsp),%r15
-	mov	48(%rsp),%r14
-	mov	56(%rsp),%r13
-	mov	64(%rsp),%r12
-	mov	72(%rsp),%rbp
-	mov	80(%rsp),%rbx
-	lea	88(%rsp),%rsp
-.Lepilogue:
-.Labort:
-	ret
-.size $func,.-$func
-___
-
-if ($rc4 && $D) {	# sole purpose of this section is to provide
-			# option to use the generated module as drop-in
-			# replacement for rc4-x86_64.pl for debugging
-			# and testing purposes...
-my ($idx,$ido)=("%r8","%r9");
-my ($dat,$len,$inp)=("%rdi","%rsi","%rdx");
-
-$code.=<<___;
-.globl	RC4_set_key
-.type	RC4_set_key,\@function,3
-.align	16
-RC4_set_key:
-	lea	8($dat),$dat
-	lea	($inp,$len),$inp
-	neg	$len
-	mov	$len,%rcx
-	xor	%eax,%eax
-	xor	$ido,$ido
-	xor	%r10,%r10
-	xor	%r11,%r11
-	jmp	.Lw1stloop
-
-.align	16
-.Lw1stloop:
-	mov	%eax,($dat,%rax,4)
-	add	\$1,%al
-	jnc	.Lw1stloop
-
-	xor	$ido,$ido
-	xor	$idx,$idx
-.align	16
-.Lw2ndloop:
-	mov	($dat,$ido,4),%r10d
-	add	($inp,$len,1),$idx#b
-	add	%r10b,$idx#b
-	add	\$1,$len
-	mov	($dat,$idx,4),%r11d
-	cmovz	%rcx,$len
-	mov	%r10d,($dat,$idx,4)
-	mov	%r11d,($dat,$ido,4)
-	add	\$1,$ido#b
-	jnc	.Lw2ndloop
-
-	xor	%eax,%eax
-	mov	%eax,-8($dat)
-	mov	%eax,-4($dat)
-	ret
-.size	RC4_set_key,.-RC4_set_key
-
-.globl	RC4_options
-.type	RC4_options,\@abi-omnipotent
-.align	16
-RC4_options:
-	lea	.Lopts(%rip),%rax
-	ret
-.align	64
-.Lopts:
-.asciz	"rc4(64x,int)"
-.align	64
-.size	RC4_options,.-RC4_options
-___
-}
-
-sub reg_part {
-my ($reg,$conv)=@_;
-    if ($reg =~ /%r[0-9]+/)     { $reg .= $conv; }
-    elsif ($conv eq "b")        { $reg =~ s/%[er]([^x]+)x?/%$1l/;       }
-    elsif ($conv eq "w")        { $reg =~ s/%[er](.+)/%$1/;             }
-    elsif ($conv eq "d")        { $reg =~ s/%[er](.+)/%e$1/;            }
-    return $reg;
-}
-
-$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/pinsrw\s+\$0,/movd	/gm;
-
-$code =~ s/#md5#//gm	if ($md5);
-$code =~ s/#rc4#//gm	if ($rc4);
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-parisc.pl b/lib/libssl/src/crypto/rc4/asm/rc4-parisc.pl
deleted file mode 100644
index 7e7974430aa..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-parisc.pl
+++ /dev/null
@@ -1,320 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# RC4 for PA-RISC.
-
-# June 2009.
-#
-# Performance is 33% better than gcc 3.2 generated code on PA-7100LC.
-# For reference, [4x] unrolled loop is >40% faster than folded one.
-# It's possible to unroll loop 8 times on PA-RISC 2.0, but improvement
-# is believed to be not sufficient to justify the effort...
-#
-# Special thanks to polarhome.com for providing HP-UX account.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-} else {
-	$LEVEL		="1.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-}
-
-$FRAME=4*$SIZE_T+$FRAME_MARKER;	# 4 saved regs + frame marker
-				#                [+ argument transfer]
-$SZ=1;				# defaults to RC4_CHAR
-if (open CONF,"<${dir}../../opensslconf.h") {
-    while(<CONF>) {
-	if (m/#\s*define\s+RC4_INT\s+(.*)/) {
-	    $SZ = ($1=~/char$/) ? 1 : 4;
-	    last;
-	}
-    }
-    close CONF;
-}
-
-if ($SZ==1) {	# RC4_CHAR
-    $LD="ldb";
-    $LDX="ldbx";
-    $MKX="addl";
-    $ST="stb";
-} else {	# RC4_INT (~5% faster than RC4_CHAR on PA-7100LC)
-    $LD="ldw";
-    $LDX="ldwx,s";
-    $MKX="sh2addl";
-    $ST="stw";
-}
-
-$key="%r26";
-$len="%r25";
-$inp="%r24";
-$out="%r23";
-
-@XX=("%r19","%r20");
-@TX=("%r21","%r22");
-$YY="%r28";
-$TY="%r29";
-
-$acc="%r1";
-$ix="%r2";
-$iy="%r3";
-$dat0="%r4";
-$dat1="%r5";
-$rem="%r6";
-$mask="%r31";
-
-sub unrolledloopbody {
-for ($i=0;$i<4;$i++) {
-$code.=<<___;
-	ldo	1($XX[0]),$XX[1]
-	`sprintf("$LDX	%$TY(%$key),%$dat1") if ($i>0)`	
-	and	$mask,$XX[1],$XX[1]
-	$LDX	$YY($key),$TY
-	$MKX	$YY,$key,$ix
-	$LDX	$XX[1]($key),$TX[1]
-	$MKX	$XX[0],$key,$iy
-	$ST	$TX[0],0($ix)
-	comclr,<> $XX[1],$YY,%r0	; conditional
-	copy	$TX[0],$TX[1]		; move
-	`sprintf("%sdep	%$dat1,%d,8,%$acc",$i==1?"z":"",8*($i-1)+7) if ($i>0)`
-	$ST	$TY,0($iy)
-	addl	$TX[0],$TY,$TY
-	addl	$TX[1],$YY,$YY
-	and	$mask,$TY,$TY
-	and	$mask,$YY,$YY
-___
-push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
-} }
-
-sub foldedloop {
-my ($label,$count)=@_;
-$code.=<<___;
-$label
-	$MKX	$YY,$key,$iy
-	$LDX	$YY($key),$TY
-	$MKX	$XX[0],$key,$ix
-	$ST	$TX[0],0($iy)
-	ldo	1($XX[0]),$XX[0]
-	$ST	$TY,0($ix)
-	addl	$TX[0],$TY,$TY
-	ldbx	$inp($out),$dat1
-	and	$mask,$TY,$TY
-	and	$mask,$XX[0],$XX[0]
-	$LDX	$TY($key),$acc
-	$LDX	$XX[0]($key),$TX[0]
-	ldo	1($out),$out
-	xor	$dat1,$acc,$acc
-	addl	$TX[0],$YY,$YY
-	stb	$acc,-1($out)
-	addib,<> -1,$count,$label	; $count is always small
-	and	$mask,$YY,$YY
-___
-}
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	RC4,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
-RC4
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-4*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=6
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-
-	cmpib,*= 0,$len,L\$abort
-	sub	$inp,$out,$inp		; distance between $inp and $out
-
-	$LD	`0*$SZ`($key),$XX[0]
-	$LD	`1*$SZ`($key),$YY
-	ldo	`2*$SZ`($key),$key
-
-	ldi	0xff,$mask
-	ldi	3,$dat0		
-
-	ldo	1($XX[0]),$XX[0]	; warm up loop
-	and	$mask,$XX[0],$XX[0]
-	$LDX	$XX[0]($key),$TX[0]
-	addl	$TX[0],$YY,$YY
-	cmpib,*>>= 6,$len,L\$oop1	; is $len large enough to bother?
-	and	$mask,$YY,$YY
-
-	and,<>	$out,$dat0,$rem		; is $out aligned?
-	b	L\$alignedout
-	subi	4,$rem,$rem
-	sub	$len,$rem,$len
-___
-&foldedloop("L\$alignout",$rem);	# process till $out is aligned
-
-$code.=<<___;
-L\$alignedout				; $len is at least 4 here
-	and,<>	$inp,$dat0,$acc		; is $inp aligned?
-	b	L\$oop4
-	sub	$inp,$acc,$rem		; align $inp
-
-	sh3addl	$acc,%r0,$acc
-	subi	32,$acc,$acc
-	mtctl	$acc,%cr11		; load %sar with vshd align factor
-	ldwx	$rem($out),$dat0
-	ldo	4($rem),$rem
-L\$oop4misalignedinp
-___
-&unrolledloopbody();
-$code.=<<___;
-	$LDX	$TY($key),$ix
-	ldwx	$rem($out),$dat1
-	ldo	-4($len),$len
-	or	$ix,$acc,$acc		; last piece, no need to dep
-	vshd	$dat0,$dat1,$iy		; align data
-	copy	$dat1,$dat0
-	xor	$iy,$acc,$acc
-	stw	$acc,0($out)
-	cmpib,*<< 3,$len,L\$oop4misalignedinp
-	ldo	4($out),$out
-	cmpib,*= 0,$len,L\$done
-	nop
-	b	L\$oop1
-	nop
-
-	.ALIGN	8
-L\$oop4
-___
-&unrolledloopbody();
-$code.=<<___;
-	$LDX	$TY($key),$ix
-	ldwx	$inp($out),$dat0
-	ldo	-4($len),$len
-	or	$ix,$acc,$acc		; last piece, no need to dep
-	xor	$dat0,$acc,$acc
-	stw	$acc,0($out)
-	cmpib,*<< 3,$len,L\$oop4
-	ldo	4($out),$out
-	cmpib,*= 0,$len,L\$done
-	nop
-___
-&foldedloop("L\$oop1",$len);
-$code.=<<___;
-L\$done
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2
-	ldo	-1($XX[0]),$XX[0]	; chill out loop
-	sub	$YY,$TX[0],$YY
-	and	$mask,$XX[0],$XX[0]
-	and	$mask,$YY,$YY
-	$ST	$XX[0],`-2*$SZ`($key)
-	$ST	$YY,`-1*$SZ`($key)
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-L\$abort
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-___
-
-$code.=<<___;
-
-	.EXPORT	RC4_set_key,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
-	.ALIGN	8
-RC4_set_key
-	.PROC
-	.CALLINFO	NO_CALLS
-	.ENTRY
-	$ST	%r0,`0*$SZ`($key)
-	$ST	%r0,`1*$SZ`($key)
-	ldo	`2*$SZ`($key),$key
-	copy	%r0,@XX[0]
-L\$1st
-	$ST	@XX[0],0($key)
-	ldo	1(@XX[0]),@XX[0]
-	bb,>=	@XX[0],`31-8`,L\$1st	; @XX[0]<256
-	ldo	$SZ($key),$key
-
-	ldo	`-256*$SZ`($key),$key	; rewind $key
-	addl	$len,$inp,$inp		; $inp to point at the end
-	sub	%r0,$len,%r23		; inverse index
-	copy	%r0,@XX[0]
-	copy	%r0,@XX[1]
-	ldi	0xff,$mask
-
-L\$2nd
-	$LDX	@XX[0]($key),@TX[0]
-	ldbx	%r23($inp),@TX[1]
-	addi,nuv 1,%r23,%r23		; increment and conditional
-	sub	%r0,$len,%r23		; inverse index
-	addl	@TX[0],@XX[1],@XX[1]
-	addl	@TX[1],@XX[1],@XX[1]
-	and	$mask,@XX[1],@XX[1]
-	$MKX	@XX[0],$key,$TY
-	$LDX	@XX[1]($key),@TX[1]
-	$MKX	@XX[1],$key,$YY
-	ldo	1(@XX[0]),@XX[0]
-	$ST	@TX[0],0($YY)
-	bb,>=	@XX[0],`31-8`,L\$2nd	; @XX[0]<256
-	$ST	@TX[1],0($TY)
-
-	bv,n	(%r2)
-	.EXIT
-	nop
-	.PROCEND
-
-	.EXPORT	RC4_options,ENTRY
-	.ALIGN	8
-RC4_options
-	.PROC
-	.CALLINFO	NO_CALLS
-	.ENTRY
-	blr	%r0,%r28
-	ldi	3,%r1
-L\$pic
-	andcm	%r28,%r1,%r28
-	bv	(%r2)
-	.EXIT
-	ldo	L\$opts-L\$pic(%r28),%r28
-	.PROCEND
-
-	.data
-	.ALIGN	8
-L\$opts
-	.STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)"
-	.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
-$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-s390x.pl b/lib/libssl/src/crypto/rc4/asm/rc4-s390x.pl
deleted file mode 100644
index 1aa754820c6..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-s390x.pl
+++ /dev/null
@@ -1,234 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# February 2009
-#
-# Performance is 2x of gcc 3.4.6 on z10. Coding "secret" is to
-# "cluster" Address Generation Interlocks, so that one pipeline stall
-# resolves several dependencies.
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific. On z990 it was measured to perform
-# 50% better than code generated by gcc 4.3.
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$rp="%r14";
-$sp="%r15";
-$code=<<___;
-.text
-
-___
-
-# void RC4(RC4_KEY *key,size_t len,const void *inp,void *out)
-{
-$acc="%r0";
-$cnt="%r1";
-$key="%r2";
-$len="%r3";
-$inp="%r4";
-$out="%r5";
-
-@XX=("%r6","%r7");
-@TX=("%r8","%r9");
-$YY="%r10";
-$TY="%r11";
-
-$code.=<<___;
-.globl	RC4
-.type	RC4,\@function
-.align	64
-RC4:
-	stm${g}	%r6,%r11,6*$SIZE_T($sp)
-___
-$code.=<<___ if ($flavour =~ /3[12]/);
-	llgfr	$len,$len
-___
-$code.=<<___;
-	llgc	$XX[0],0($key)
-	llgc	$YY,1($key)
-	la	$XX[0],1($XX[0])
-	nill	$XX[0],0xff
-	srlg	$cnt,$len,3
-	ltgr	$cnt,$cnt
-	llgc	$TX[0],2($XX[0],$key)
-	jz	.Lshort
-	j	.Loop8
-
-.align	64
-.Loop8:
-___
-for ($i=0;$i<8;$i++) {
-$code.=<<___;
-	la	$YY,0($YY,$TX[0])	# $i
-	nill	$YY,255
-	la	$XX[1],1($XX[0])
-	nill	$XX[1],255
-___
-$code.=<<___ if ($i==1);
-	llgc	$acc,2($TY,$key)
-___
-$code.=<<___ if ($i>1);
-	sllg	$acc,$acc,8
-	ic	$acc,2($TY,$key)
-___
-$code.=<<___;
-	llgc	$TY,2($YY,$key)
-	stc	$TX[0],2($YY,$key)
-	llgc	$TX[1],2($XX[1],$key)
-	stc	$TY,2($XX[0],$key)
-	cr	$XX[1],$YY
-	jne	.Lcmov$i
-	la	$TX[1],0($TX[0])
-.Lcmov$i:
-	la	$TY,0($TY,$TX[0])
-	nill	$TY,255
-___
-push(@TX,shift(@TX)); push(@XX,shift(@XX));     # "rotate" registers
-}
-
-$code.=<<___;
-	lg	$TX[1],0($inp)
-	sllg	$acc,$acc,8
-	la	$inp,8($inp)
-	ic	$acc,2($TY,$key)
-	xgr	$acc,$TX[1]
-	stg	$acc,0($out)
-	la	$out,8($out)
-	brctg	$cnt,.Loop8
-
-.Lshort:
-	lghi	$acc,7
-	ngr	$len,$acc
-	jz	.Lexit
-	j	.Loop1
-
-.align	16
-.Loop1:
-	la	$YY,0($YY,$TX[0])
-	nill	$YY,255
-	llgc	$TY,2($YY,$key)
-	stc	$TX[0],2($YY,$key)
-	stc	$TY,2($XX[0],$key)
-	ar	$TY,$TX[0]
-	ahi	$XX[0],1
-	nill	$TY,255
-	nill	$XX[0],255
-	llgc	$acc,0($inp)
-	la	$inp,1($inp)
-	llgc	$TY,2($TY,$key)
-	llgc	$TX[0],2($XX[0],$key)
-	xr	$acc,$TY
-	stc	$acc,0($out)
-	la	$out,1($out)
-	brct	$len,.Loop1
-
-.Lexit:
-	ahi	$XX[0],-1
-	stc	$XX[0],0($key)
-	stc	$YY,1($key)
-	lm${g}	%r6,%r11,6*$SIZE_T($sp)
-	br	$rp
-.size	RC4,.-RC4
-.string	"RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-
-___
-}
-
-# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp)
-{
-$cnt="%r0";
-$idx="%r1";
-$key="%r2";
-$len="%r3";
-$inp="%r4";
-$acc="%r5";
-$dat="%r6";
-$ikey="%r7";
-$iinp="%r8";
-
-$code.=<<___;
-.globl	RC4_set_key
-.type	RC4_set_key,\@function
-.align	64
-RC4_set_key:
-	stm${g}	%r6,%r8,6*$SIZE_T($sp)
-	lhi	$cnt,256
-	la	$idx,0(%r0)
-	sth	$idx,0($key)
-.align	4
-.L1stloop:
-	stc	$idx,2($idx,$key)
-	la	$idx,1($idx)
-	brct	$cnt,.L1stloop
-
-	lghi	$ikey,-256
-	lr	$cnt,$len
-	la	$iinp,0(%r0)
-	la	$idx,0(%r0)
-.align	16
-.L2ndloop:
-	llgc	$acc,2+256($ikey,$key)
-	llgc	$dat,0($iinp,$inp)
-	la	$idx,0($idx,$acc)
-	la	$ikey,1($ikey)
-	la	$idx,0($idx,$dat)
-	nill	$idx,255
-	la	$iinp,1($iinp)
-	tml	$ikey,255
-	llgc	$dat,2($idx,$key)
-	stc	$dat,2+256-1($ikey,$key)
-	stc	$acc,2($idx,$key)
-	jz	.Ldone
-	brct	$cnt,.L2ndloop
-	lr	$cnt,$len
-	la	$iinp,0(%r0)
-	j	.L2ndloop
-.Ldone:
-	lm${g}	%r6,%r8,6*$SIZE_T($sp)
-	br	$rp
-.size	RC4_set_key,.-RC4_set_key
-
-___
-}
-
-# const char *RC4_options()
-$code.=<<___;
-.globl	RC4_options
-.type	RC4_options,\@function
-.align	16
-RC4_options:
-	larl	%r2,.Loptions
-	br	%r14
-.size	RC4_options,.-RC4_options
-.section	.rodata
-.Loptions:
-.align	8
-.string	"rc4(8x,char)"
-___
-
-print $code;
-close STDOUT;	# force flush
diff --git a/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl b/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl
deleted file mode 100755
index 197749dda73..00000000000
--- a/lib/libssl/src/crypto/rc4/asm/rc4-x86_64.pl
+++ /dev/null
@@ -1,543 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# July 2004
-#
-# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
-# "hand-coded assembler"] doesn't stand for the whole improvement
-# coefficient. It turned out that eliminating RC4_CHAR from config
-# line results in ~40% improvement (yes, even for C implementation).
-# Presumably it has everything to do with AMD cache architecture and
-# RAW or whatever penalties. Once again! The module *requires* config
-# line *without* RC4_CHAR! As for coding "secret," I bet on partial
-# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
-# I simply 'inc %r8b'. Even though optimization manual discourages
-# to operate on partial registers, it turned out to be the best bet.
-# At least for AMD... How IA32E would perform remains to be seen...
-
-# November 2004
-#
-# As was shown by Marc Bevand reordering of couple of load operations
-# results in even higher performance gain of 3.3x:-) At least on
-# Opteron... For reference, 1x in this case is RC4_CHAR C-code
-# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
-# Latter means that if you want to *estimate* what to expect from
-# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
-
-# November 2004
-#
-# Intel P4 EM64T core was found to run the AMD64 code really slow...
-# The only way to achieve comparable performance on P4 was to keep
-# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
-# compose blended code, which would perform even within 30% marginal
-# on either AMD and Intel platforms, I implement both cases. See
-# rc4_skey.c for further details...
-
-# April 2005
-#
-# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing 
-# those with add/sub results in 50% performance improvement of folded
-# loop...
-
-# May 2005
-#
-# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
-# performance by >30% [unlike P4 32-bit case that is]. But this is
-# provided that loads are reordered even more aggressively! Both code
-# pathes, AMD64 and EM64T, reorder loads in essentially same manner
-# as my IA-64 implementation. On Opteron this resulted in modest 5%
-# improvement [I had to test it], while final Intel P4 performance
-# achieves respectful 432MBps on 2.8GHz processor now. For reference.
-# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than
-# RC4_INT code-path. While if executed on Opteron, it's only 25%
-# slower than the RC4_INT one [meaning that if CPU �-arch detection
-# is not implemented, then this final RC4_CHAR code-path should be
-# preferred, as it provides better *all-round* performance].
-
-# March 2007
-#
-# Intel Core2 was observed to perform poorly on both code paths:-( It
-# apparently suffers from some kind of partial register stall, which
-# occurs in 64-bit mode only [as virtually identical 32-bit loop was
-# observed to outperform 64-bit one by almost 50%]. Adding two movzb to
-# cloop1 boosts its performance by 80%! This loop appears to be optimal
-# fit for Core2 and therefore the code was modified to skip cloop8 on
-# this CPU.
-
-# May 2010
-#
-# Intel Westmere was observed to perform suboptimally. Adding yet
-# another movzb to cloop1 improved performance by almost 50%! Core2
-# performance is improved too, but nominally...
-
-# May 2011
-#
-# The only code path that was not modified is P4-specific one. Non-P4
-# Intel code path optimization is heavily based on submission by Maxim
-# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
-# some of the ideas even in attempt to optmize the original RC4_INT
-# code path... Current performance in cycles per processed byte (less
-# is better) and improvement coefficients relative to previous
-# version of this module are:
-#
-# Opteron	5.3/+0%(*)
-# P4		6.5
-# Core2		6.2/+15%(**)
-# Westmere	4.2/+60%
-# Sandy Bridge	4.2/+120%
-# Atom		9.3/+80%
-#
-# (*)	But corresponding loop has less instructions, which should have
-#	positive effect on upcoming Bulldozer, which has one less ALU.
-#	For reference, Intel code runs at 6.8 cpb rate on Opteron.
-# (**)	Note that Core2 result is ~15% lower than corresponding result
-#	for 32-bit code, meaning that it's possible to improve it,
-#	but more than likely at the cost of the others (see rc4-586.pl
-#	to get the idea)...
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$dat="%rdi";	    # arg1
-$len="%rsi";	    # arg2
-$inp="%rdx";	    # arg3
-$out="%rcx";	    # arg4
-
-{
-$code=<<___;
-.text
-.extern	OPENSSL_ia32cap_P
-
-.globl	RC4
-.type	RC4,\@function,4
-.align	16
-RC4:	or	$len,$len
-	jne	.Lentry
-	ret
-.Lentry:
-	push	%rbx
-	push	%r12
-	push	%r13
-.Lprologue:
-	mov	$len,%r11
-	mov	$inp,%r12
-	mov	$out,%r13
-___
-my $len="%r11";		# reassign input arguments
-my $inp="%r12";
-my $out="%r13";
-
-my @XX=("%r10","%rsi");
-my @TX=("%rax","%rbx");
-my $YY="%rcx";
-my $TY="%rdx";
-
-$code.=<<___;
-	xor	$XX[0],$XX[0]
-	xor	$YY,$YY
-
-	lea	8($dat),$dat
-	mov	-8($dat),$XX[0]#b
-	mov	-4($dat),$YY#b
-	cmpl	\$-1,256($dat)
-	je	.LRC4_CHAR
-	mov	OPENSSL_ia32cap_P(%rip),%r8d
-	xor	$TX[1],$TX[1]
-	inc	$XX[0]#b
-	sub	$XX[0],$TX[1]
-	sub	$inp,$out
-	movl	($dat,$XX[0],4),$TX[0]#d
-	test	\$-16,$len
-	jz	.Lloop1
-	bt	\$30,%r8d	# Intel CPU?
-	jc	.Lintel
-	and	\$7,$TX[1]
-	lea	1($XX[0]),$XX[1]
-	jz	.Loop8
-	sub	$TX[1],$len
-.Loop8_warmup:
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	$TY#d,($dat,$XX[0],4)
-	add	$TY#b,$TX[0]#b
-	inc	$XX[0]#b
-	movl	($dat,$TX[0],4),$TY#d
-	movl	($dat,$XX[0],4),$TX[0]#d
-	xorb	($inp),$TY#b
-	movb	$TY#b,($out,$inp)
-	lea	1($inp),$inp
-	dec	$TX[1]
-	jnz	.Loop8_warmup
-
-	lea	1($XX[0]),$XX[1]
-	jmp	.Loop8
-.align	16
-.Loop8:
-___
-for ($i=0;$i<8;$i++) {
-$code.=<<___ if ($i==7);
-	add	\$8,$XX[1]#b
-___
-$code.=<<___;
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	`4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
-	ror	\$8,%r8				# ror is redundant when $i=0
-	movl	$TY#d,4*$i($dat,$XX[0],4)
-	add	$TX[0]#b,$TY#b
-	movb	($dat,$TY,4),%r8b
-___
-push(@TX,shift(@TX)); #push(@XX,shift(@XX));	# "rotate" registers
-}
-$code.=<<___;
-	add	\$8,$XX[0]#b
-	ror	\$8,%r8
-	sub	\$8,$len
-
-	xor	($inp),%r8
-	mov	%r8,($out,$inp)
-	lea	8($inp),$inp
-
-	test	\$-8,$len
-	jnz	.Loop8
-	cmp	\$0,$len
-	jne	.Lloop1
-	jmp	.Lexit
-
-.align	16
-.Lintel:
-	test	\$-32,$len
-	jz	.Lloop1
-	and	\$15,$TX[1]
-	jz	.Loop16_is_hot
-	sub	$TX[1],$len
-.Loop16_warmup:
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	$TY#d,($dat,$XX[0],4)
-	add	$TY#b,$TX[0]#b
-	inc	$XX[0]#b
-	movl	($dat,$TX[0],4),$TY#d
-	movl	($dat,$XX[0],4),$TX[0]#d
-	xorb	($inp),$TY#b
-	movb	$TY#b,($out,$inp)
-	lea	1($inp),$inp
-	dec	$TX[1]
-	jnz	.Loop16_warmup
-
-	mov	$YY,$TX[1]
-	xor	$YY,$YY
-	mov	$TX[1]#b,$YY#b
-
-.Loop16_is_hot:
-	lea	($dat,$XX[0],4),$XX[1]
-___
-sub RC4_loop {
-  my $i=shift;
-  my $j=$i<0?0:$i;
-  my $xmm="%xmm".($j&1);
-
-    $code.="	add	\$16,$XX[0]#b\n"		if ($i==15);
-    $code.="	movdqu	($inp),%xmm2\n"			if ($i==15);
-    $code.="	add	$TX[0]#b,$YY#b\n"		if ($i<=0);
-    $code.="	movl	($dat,$YY,4),$TY#d\n";
-    $code.="	pxor	%xmm0,%xmm2\n"			if ($i==0);
-    $code.="	psllq	\$8,%xmm1\n"			if ($i==0);
-    $code.="	pxor	$xmm,$xmm\n"			if ($i<=1);
-    $code.="	movl	$TX[0]#d,($dat,$YY,4)\n";
-    $code.="	add	$TY#b,$TX[0]#b\n";
-    $code.="	movl	`4*($j+1)`($XX[1]),$TX[1]#d\n"	if ($i<15);
-    $code.="	movz	$TX[0]#b,$TX[0]#d\n";
-    $code.="	movl	$TY#d,4*$j($XX[1])\n";
-    $code.="	pxor	%xmm1,%xmm2\n"			if ($i==0);
-    $code.="	lea	($dat,$XX[0],4),$XX[1]\n"	if ($i==15);
-    $code.="	add	$TX[1]#b,$YY#b\n"		if ($i<15);
-    $code.="	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
-    $code.="	movdqu	%xmm2,($out,$inp)\n"		if ($i==0);
-    $code.="	lea	16($inp),$inp\n"		if ($i==0);
-    $code.="	movl	($XX[1]),$TX[1]#d\n"		if ($i==15);
-}
-	RC4_loop(-1);
-$code.=<<___;
-	jmp	.Loop16_enter
-.align	16
-.Loop16:
-___
-
-for ($i=0;$i<16;$i++) {
-    $code.=".Loop16_enter:\n"		if ($i==1);
-	RC4_loop($i);
-	push(@TX,shift(@TX)); 		# "rotate" registers
-}
-$code.=<<___;
-	mov	$YY,$TX[1]
-	xor	$YY,$YY			# keyword to partial register
-	sub	\$16,$len
-	mov	$TX[1]#b,$YY#b
-	test	\$-16,$len
-	jnz	.Loop16
-
-	psllq	\$8,%xmm1
-	pxor	%xmm0,%xmm2
-	pxor	%xmm1,%xmm2
-	movdqu	%xmm2,($out,$inp)
-	lea	16($inp),$inp
-
-	cmp	\$0,$len
-	jne	.Lloop1
-	jmp	.Lexit
-
-.align	16
-.Lloop1:
-	add	$TX[0]#b,$YY#b
-	movl	($dat,$YY,4),$TY#d
-	movl	$TX[0]#d,($dat,$YY,4)
-	movl	$TY#d,($dat,$XX[0],4)
-	add	$TY#b,$TX[0]#b
-	inc	$XX[0]#b
-	movl	($dat,$TX[0],4),$TY#d
-	movl	($dat,$XX[0],4),$TX[0]#d
-	xorb	($inp),$TY#b
-	movb	$TY#b,($out,$inp)
-	lea	1($inp),$inp
-	dec	$len
-	jnz	.Lloop1
-	jmp	.Lexit
-
-.align	16
-.LRC4_CHAR:
-	add	\$1,$XX[0]#b
-	movzb	($dat,$XX[0]),$TX[0]#d
-	test	\$-8,$len
-	jz	.Lcloop1
-	jmp	.Lcloop8
-.align	16
-.Lcloop8:
-	mov	($inp),%r8d
-	mov	4($inp),%r9d
-___
-# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
-for ($i=0;$i<4;$i++) {
-$code.=<<___;
-	add	$TX[0]#b,$YY#b
-	lea	1($XX[0]),$XX[1]
-	movzb	($dat,$YY),$TY#d
-	movzb	$XX[1]#b,$XX[1]#d
-	movzb	($dat,$XX[1]),$TX[1]#d
-	movb	$TX[0]#b,($dat,$YY)
-	cmp	$XX[1],$YY
-	movb	$TY#b,($dat,$XX[0])
-	jne	.Lcmov$i			# Intel cmov is sloooow...
-	mov	$TX[0],$TX[1]
-.Lcmov$i:
-	add	$TX[0]#b,$TY#b
-	xor	($dat,$TY),%r8b
-	ror	\$8,%r8d
-___
-push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
-}
-for ($i=4;$i<8;$i++) {
-$code.=<<___;
-	add	$TX[0]#b,$YY#b
-	lea	1($XX[0]),$XX[1]
-	movzb	($dat,$YY),$TY#d
-	movzb	$XX[1]#b,$XX[1]#d
-	movzb	($dat,$XX[1]),$TX[1]#d
-	movb	$TX[0]#b,($dat,$YY)
-	cmp	$XX[1],$YY
-	movb	$TY#b,($dat,$XX[0])
-	jne	.Lcmov$i			# Intel cmov is sloooow...
-	mov	$TX[0],$TX[1]
-.Lcmov$i:
-	add	$TX[0]#b,$TY#b
-	xor	($dat,$TY),%r9b
-	ror	\$8,%r9d
-___
-push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
-}
-$code.=<<___;
-	lea	-8($len),$len
-	mov	%r8d,($out)
-	lea	8($inp),$inp
-	mov	%r9d,4($out)
-	lea	8($out),$out
-
-	test	\$-8,$len
-	jnz	.Lcloop8
-	cmp	\$0,$len
-	jne	.Lcloop1
-	jmp	.Lexit
-___
-$code.=<<___;
-.align	16
-.Lcloop1:
-	add	$TX[0]#b,$YY#b
-	movzb	$YY#b,$YY#d
-	movzb	($dat,$YY),$TY#d
-	movb	$TX[0]#b,($dat,$YY)
-	movb	$TY#b,($dat,$XX[0])
-	add	$TX[0]#b,$TY#b
-	add	\$1,$XX[0]#b
-	movzb	$TY#b,$TY#d
-	movzb	$XX[0]#b,$XX[0]#d
-	movzb	($dat,$TY),$TY#d
-	movzb	($dat,$XX[0]),$TX[0]#d
-	xorb	($inp),$TY#b
-	lea	1($inp),$inp
-	movb	$TY#b,($out)
-	lea	1($out),$out
-	sub	\$1,$len
-	jnz	.Lcloop1
-	jmp	.Lexit
-
-.align	16
-.Lexit:
-	sub	\$1,$XX[0]#b
-	movl	$XX[0]#d,-8($dat)
-	movl	$YY#d,-4($dat)
-
-	mov	(%rsp),%r13
-	mov	8(%rsp),%r12
-	mov	16(%rsp),%rbx
-	add	\$24,%rsp
-.Lepilogue:
-	ret
-.size	RC4,.-RC4
-___
-}
-
-$idx="%r8";
-$ido="%r9";
-
-$code.=<<___;
-.globl	RC4_set_key
-.type	RC4_set_key,\@function,3
-.align	16
-RC4_set_key:
-	lea	8($dat),$dat
-	lea	($inp,$len),$inp
-	neg	$len
-	mov	$len,%rcx
-	xor	%eax,%eax
-	xor	$ido,$ido
-	xor	%r10,%r10
-	xor	%r11,%r11
-
-	mov	OPENSSL_ia32cap_P(%rip),$idx#d
-	bt	\$20,$idx#d	# RC4_CHAR?
-	jc	.Lc1stloop
-	jmp	.Lw1stloop
-
-.align	16
-.Lw1stloop:
-	mov	%eax,($dat,%rax,4)
-	add	\$1,%al
-	jnc	.Lw1stloop
-
-	xor	$ido,$ido
-	xor	$idx,$idx
-.align	16
-.Lw2ndloop:
-	mov	($dat,$ido,4),%r10d
-	add	($inp,$len,1),$idx#b
-	add	%r10b,$idx#b
-	add	\$1,$len
-	mov	($dat,$idx,4),%r11d
-	cmovz	%rcx,$len
-	mov	%r10d,($dat,$idx,4)
-	mov	%r11d,($dat,$ido,4)
-	add	\$1,$ido#b
-	jnc	.Lw2ndloop
-	jmp	.Lexit_key
-
-.align	16
-.Lc1stloop:
-	mov	%al,($dat,%rax)
-	add	\$1,%al
-	jnc	.Lc1stloop
-
-	xor	$ido,$ido
-	xor	$idx,$idx
-.align	16
-.Lc2ndloop:
-	mov	($dat,$ido),%r10b
-	add	($inp,$len),$idx#b
-	add	%r10b,$idx#b
-	add	\$1,$len
-	mov	($dat,$idx),%r11b
-	jnz	.Lcnowrap
-	mov	%rcx,$len
-.Lcnowrap:
-	mov	%r10b,($dat,$idx)
-	mov	%r11b,($dat,$ido)
-	add	\$1,$ido#b
-	jnc	.Lc2ndloop
-	movl	\$-1,256($dat)
-
-.align	16
-.Lexit_key:
-	xor	%eax,%eax
-	mov	%eax,-8($dat)
-	mov	%eax,-4($dat)
-	ret
-.size	RC4_set_key,.-RC4_set_key
-
-.globl	RC4_options
-.type	RC4_options,\@abi-omnipotent
-.align	16
-RC4_options:
-	lea	.Lopts(%rip),%rax
-	mov	OPENSSL_ia32cap_P(%rip),%edx
-	bt	\$20,%edx
-	jc	.L8xchar
-	bt	\$30,%edx
-	jnc	.Ldone
-	add	\$25,%rax
-	ret
-.L8xchar:
-	add	\$12,%rax
-.Ldone:
-	ret
-.align	64
-.Lopts:
-.asciz	"rc4(8x,int)"
-.asciz	"rc4(8x,char)"
-.asciz	"rc4(16x,int)"
-.asciz	"RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-.size	RC4_options,.-RC4_options
-___
-
-sub reg_part {
-my ($reg,$conv)=@_;
-    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
-    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
-    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
-    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
-    return $reg;
-}
-
-$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/rc4/rc4.h b/lib/libssl/src/crypto/rc4/rc4.h
deleted file mode 100644
index f59185ed33a..00000000000
--- a/lib/libssl/src/crypto/rc4/rc4.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $OpenBSD: rc4.h,v 1.13 2015/10/20 15:50:13 jsing Exp $ */
-/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RC4_H
-#define HEADER_RC4_H
-
-#include <openssl/opensslconf.h> /* OPENSSL_NO_RC4, RC4_INT */
-
-#ifdef OPENSSL_NO_RC4
-#error RC4 is disabled.
-#endif
-
-#include <stddef.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct rc4_key_st {
-	RC4_INT x, y;
-	RC4_INT data[256];
-} RC4_KEY;
-
-const char *RC4_options(void);
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
-    unsigned char *outdata);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/rc4/rc4_enc.c b/lib/libssl/src/crypto/rc4/rc4_enc.c
deleted file mode 100644
index 4dacf3f7089..00000000000
--- a/lib/libssl/src/crypto/rc4/rc4_enc.c
+++ /dev/null
@@ -1,253 +0,0 @@
-/* $OpenBSD: rc4_enc.c,v 1.15 2015/10/21 16:36:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <machine/endian.h>
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void
-RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
-    unsigned char *outdata)
-{
-	RC4_INT *d;
-	RC4_INT x, y,tx, ty;
-	size_t i;
-
-	x = key->x;
-	y = key->y;
-	d = key->data;
-
-#if defined(RC4_CHUNK)
-	/*
-	 * The original reason for implementing this(*) was the fact that
-	 * pre-21164a Alpha CPUs don't have byte load/store instructions
-	 * and e.g. a byte store has to be done with 64-bit load, shift,
-	 * and, or and finally 64-bit store. Peaking data and operating
-	 * at natural word size made it possible to reduce amount of
-	 * instructions as well as to perform early read-ahead without
-	 * suffering from RAW (read-after-write) hazard. This resulted
-	 * in ~40%(**) performance improvement on 21064 box with gcc.
-	 * But it's not only Alpha users who win here:-) Thanks to the
-	 * early-n-wide read-ahead this implementation also exhibits
-	 * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
-	 * on sizeof(RC4_INT)).
-	 *
-	 * (*)	"this" means code which recognizes the case when input
-	 *	and output pointers appear to be aligned at natural CPU
-	 *	word boundary
-	 * (**)	i.e. according to 'apps/openssl speed rc4' benchmark,
-	 *	crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
-	 *
-	 * Caveats.
-	 *
-	 * - RC4_CHUNK="unsigned long long" should be a #1 choice for
-	 *   UltraSPARC. Unfortunately gcc generates very slow code
-	 *   (2.5-3 times slower than one generated by Sun's WorkShop
-	 *   C) and therefore gcc (at least 2.95 and earlier) should
-	 *   always be told that RC4_CHUNK="unsigned long".
-	 *
-	 *					<appro@fy.chalmers.se>
-	 */
-
-# define RC4_STEP	( \
-			x=(x+1) &0xff,	\
-			tx=d[x],	\
-			y=(tx+y)&0xff,	\
-			ty=d[y],	\
-			d[y]=tx,	\
-			d[x]=ty,	\
-			(RC4_CHUNK)d[(tx+ty)&0xff]\
-			)
-
-	if ((((size_t)indata & (sizeof(RC4_CHUNK) - 1)) |
-	    ((size_t)outdata & (sizeof(RC4_CHUNK) - 1))) == 0 ) {
-		RC4_CHUNK ichunk, otp;
-
-		/*
-		 * I reckon we can afford to implement both endian
-		 * cases and to decide which way to take at run-time
-		 * because the machine code appears to be very compact
-		 * and redundant 1-2KB is perfectly tolerable (i.e.
-		 * in case the compiler fails to eliminate it:-). By
-		 * suggestion from Terrel Larson <terr@terralogic.net>.
-		 *
-		 * Special notes.
-		 *
-		 * - compilers (those I've tried) don't seem to have
-		 *   problems eliminating either the operators guarded
-		 *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
-		 *   expressions themselves so I've got 'em to replace
-		 *   corresponding #ifdefs from the previous version;
-		 * - I chose to let the redundant switch cases when
-		 *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
-		 *   before);
-		 * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
-		 *   [LB]ESHFT guards against "shift is out of range"
-		 *   warnings when sizeof(RC4_CHUNK)!=8
-		 *
-		 *			<appro@fy.chalmers.se>
-		 */
-		if (BYTE_ORDER != LITTLE_ENDIAN) {	/* BIG-ENDIAN CASE */
-# define BESHFT(c)	(((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
-				ichunk  = *(RC4_CHUNK *)indata;
-				otp = RC4_STEP << BESHFT(0);
-				otp |= RC4_STEP << BESHFT(1);
-				otp |= RC4_STEP << BESHFT(2);
-				otp |= RC4_STEP << BESHFT(3);
-				if (sizeof(RC4_CHUNK) == 8) {
-					otp |= RC4_STEP << BESHFT(4);
-					otp |= RC4_STEP << BESHFT(5);
-					otp |= RC4_STEP << BESHFT(6);
-					otp |= RC4_STEP << BESHFT(7);
-				}
-				*(RC4_CHUNK *)outdata = otp^ichunk;
-				indata += sizeof(RC4_CHUNK);
-				outdata += sizeof(RC4_CHUNK);
-			}
-		} else {	/* LITTLE-ENDIAN CASE */
-# define LESHFT(c)	(((c)*8)&(sizeof(RC4_CHUNK)*8-1))
-			for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
-				ichunk = *(RC4_CHUNK *)indata;
-				otp = RC4_STEP;
-				otp |= RC4_STEP << 8;
-				otp |= RC4_STEP << 16;
-				otp |= RC4_STEP << 24;
-				if (sizeof(RC4_CHUNK) == 8) {
-					otp |= RC4_STEP << LESHFT(4);
-					otp |= RC4_STEP << LESHFT(5);
-					otp |= RC4_STEP << LESHFT(6);
-					otp |= RC4_STEP << LESHFT(7);
-				}
-				*(RC4_CHUNK *)outdata = otp ^ ichunk;
-				indata += sizeof(RC4_CHUNK);
-				outdata += sizeof(RC4_CHUNK);
-			}
-		}
-	}
-#endif
-#define LOOP(in,out) \
-		x=((x+1)&0xff); \
-		tx=d[x]; \
-		y=(tx+y)&0xff; \
-		d[x]=ty=d[y]; \
-		d[y]=tx; \
-		(out) = d[(tx+ty)&0xff]^ (in);
-
-#ifndef RC4_INDEX
-#define RC4_LOOP(a,b,i)	LOOP(*((a)++),*((b)++))
-#else
-#define RC4_LOOP(a,b,i)	LOOP(a[i],b[i])
-#endif
-
-	i = len >> 3;
-	if (i) {
-		for (;;) {
-			RC4_LOOP(indata, outdata, 0);
-			RC4_LOOP(indata, outdata, 1);
-			RC4_LOOP(indata, outdata, 2);
-			RC4_LOOP(indata, outdata, 3);
-			RC4_LOOP(indata, outdata, 4);
-			RC4_LOOP(indata, outdata, 5);
-			RC4_LOOP(indata, outdata, 6);
-			RC4_LOOP(indata, outdata, 7);
-#ifdef RC4_INDEX
-			indata += 8;
-			outdata += 8;
-#endif
-			if (--i == 0)
-				break;
-		}
-	}
-	i = len&0x07;
-	if (i) {
-		for (;;) {
-			RC4_LOOP(indata, outdata, 0);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 1);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 2);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 3);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 4);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 5);
-			if (--i == 0)
-				break;
-			RC4_LOOP(indata, outdata, 6);
-			if (--i == 0)
-				break;
-		}
-	}
-	key->x = x;
-	key->y = y;
-}
diff --git a/lib/libssl/src/crypto/rc4/rc4_locl.h b/lib/libssl/src/crypto/rc4/rc4_locl.h
deleted file mode 100644
index d2b08064a3b..00000000000
--- a/lib/libssl/src/crypto/rc4/rc4_locl.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* $OpenBSD: rc4_locl.h,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-
-#ifndef HEADER_RC4_LOCL_H
-#define HEADER_RC4_LOCL_H
-#endif
diff --git a/lib/libssl/src/crypto/rc4/rc4_skey.c b/lib/libssl/src/crypto/rc4/rc4_skey.c
deleted file mode 100644
index 861941fb4d6..00000000000
--- a/lib/libssl/src/crypto/rc4/rc4_skey.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: rc4_skey.c,v 1.14 2015/10/20 15:50:13 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/rc4.h>
-#include "rc4_locl.h"
-#include <openssl/opensslv.h>
-
-const char *
-RC4_options(void)
-{
-#ifdef RC4_INDEX
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(idx,char)");
-	else
-		return("rc4(idx,int)");
-#else
-	if (sizeof(RC4_INT) == 1)
-		return("rc4(ptr,char)");
-	else
-		return("rc4(ptr,int)");
-#endif
-}
-
-/* RC4 as implemented from a posting from
- * Newsgroups: sci.crypt
- * From: sterndark@netcom.com (David Sterndark)
- * Subject: RC4 Algorithm revealed.
- * Message-ID: <sternCvKL4B.Hyy@netcom.com>
- * Date: Wed, 14 Sep 1994 06:35:31 GMT
- */
-
-void
-RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
-{
-	RC4_INT tmp;
-	int id1, id2;
-	RC4_INT *d;
-	unsigned int i;
-
-	d = &(key->data[0]);
-	key->x = 0;
-	key->y = 0;
-	id1 = id2 = 0;
-
-#define SK_LOOP(d,n) { \
-		tmp=d[(n)]; \
-		id2 = (data[id1] + tmp + id2) & 0xff; \
-		if (++id1 == len) id1=0; \
-		d[(n)]=d[id2]; \
-		d[id2]=tmp; }
-
-	for (i = 0; i < 256; i++)
-		d[i] = i;
-	for (i = 0; i < 256; i += 4) {
-		SK_LOOP(d, i + 0);
-		SK_LOOP(d, i + 1);
-		SK_LOOP(d, i + 2);
-		SK_LOOP(d, i + 3);
-	}
-}
diff --git a/lib/libssl/src/crypto/ripemd/README b/lib/libssl/src/crypto/ripemd/README
deleted file mode 100644
index 5e18d458664..00000000000
--- a/lib/libssl/src/crypto/ripemd/README
+++ /dev/null
@@ -1,15 +0,0 @@
-RIPEMD-160
-http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
-
-This is my implementation of RIPEMD-160.  The pentium assembler is a little
-off the pace since I only get 1050 cycles, while the best is 1013.
-I have a few ideas for how to get another 20 or so cycles, but at
-this point I will not bother right now.  I believe the trick will be
-to remove my 'copy X array onto stack' until inside the RIP1() finctions the
-first time round.  To do this I need another register and will only have one
-temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
-after the first half of the calculation.  I should read the origional
-value, add then write.  Currently I just save the new and read the origioal.
-I then read both at the end.  Bad.
-
-eric (20-Jan-1998)
diff --git a/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl b/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl
deleted file mode 100644
index e8b2bc2db2d..00000000000
--- a/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl
+++ /dev/null
@@ -1,591 +0,0 @@
-#!/usr/local/bin/perl
-
-# Normal is the
-# ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
-
-$normal=0;
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],$0);
-
-$A="ecx";
-$B="esi";
-$C="edi";
-$D="ebx";
-$E="ebp";
-$tmp1="eax";
-$tmp2="edx";
-
-$KL1=0x5A827999;
-$KL2=0x6ED9EBA1;
-$KL3=0x8F1BBCDC;
-$KL4=0xA953FD4E;
-$KR0=0x50A28BE6;
-$KR1=0x5C4DD124; 
-$KR2=0x6D703EF3;
-$KR3=0x7A6D76E9;
-
-
-@wl=(	 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
-	 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
-	 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
-	 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
-	 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
-	 );
-
-@wr=(	 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
-	 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
-	15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
-	 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
-	12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
-	);
-
-@sl=(	11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
-	 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
-	11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
-	11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
-	 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
-	 );
-
-@sr=(	 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
-	 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
-	 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
-	15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
-	 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
- 	);
-
-&ripemd160_block("ripemd160_block_asm_data_order");
-&asm_finish();
-
-sub Xv
-	{
-	local($n)=@_;
-	return(&swtmp($n));
-	# tmp on stack
-	}
-
-sub Np
-	{
-	local($p)=@_;
-	local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
-	return($n{$p});
-	}
-
-sub RIP1
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-	 #&mov($tmp1,	$c) if $o == -1;
-	&xor($tmp1,	$d) if $o == -1;
-	 &mov($tmp2,	&Xv($pos));
-	&xor($tmp1,	$b);
-	 &add($a,	$tmp2);
-	&rotl($c,	10);
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($c));	# NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &xor($tmp1,	$d);
-	&mov($tmp2,	&Xv($pos));
-	 &xor($tmp1,	$b);
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($c)) if $o <= 0;
-	 &mov($tmp1,	-1) if $o == 1;
-	 # XXX if $o == 2;
-	&rotl($c,	10);
-	&add($a,	$tmp2);
-	 &xor($tmp1,	&Np($d)) if $o <= 0;
-	 &mov($tmp2,	&Xv($pos2)) if $o == 1;
-	 &mov($tmp2,	&wparam(0)) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP2
-	{
-	local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
-
-# XXXXXX
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	&Xv($pos)) if $o < -1;
-#	&mov($tmp1,	-1) if $o < -1;
-
-	 &add($a,	$tmp2);
-	&mov($tmp2,	$c);
-	 &sub($tmp1,	$b);
-	&and($tmp2,	$b);
-	 &and($tmp1,	$d);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &mov($tmp2,	-1) if $o <= 0;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 # XXX
-	 &add($a,	$tmp1);
-	&mov($tmp1,	$c);
-	 &sub($tmp2,	$b);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$d);
-	if ($o != 2)
-		{
-	&or($tmp1,	$tmp2);
-	 &mov($tmp2,	&Xv($pos2)) if $o <= 0;
-	 &mov($tmp2,	-1) if $o == 1;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &mov($tmp1,	-1) if $o <= 0;
-	 &sub($tmp2,	&Np($c)) if $o == 1;
-		} else {
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Np($c));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &xor($tmp1,	&Np($d));
-		}
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP3
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	-1) if $o < -1;
-#	&sub($tmp2,	$c) if $o < -1;
-	 &mov($tmp1,	&Xv($pos));
-	&or($tmp2,	$b);
-	 &add($a,	$tmp1);
-	&xor($tmp2,	$d);
-	 &mov($tmp1,	-1) if $o <= 0;		# NEXT
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &sub($tmp1,	&Np($c)) if $o <= 0;	# NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &mov($tmp2,	&Xv($pos));
-	&or($tmp1,	$b);
-	 &add($a,	$tmp2);
-	&xor($tmp1,	$d);
-	 &mov($tmp2,	-1) if $o <= 0;		# NEXT
-	 &mov($tmp2,	-1) if $o == 1;
-	 &mov($tmp2,	&Xv($pos2)) if $o == 2;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &sub($tmp2,	&Np($c)) if $o <= 0;	# NEXT
-	 &mov($tmp1,	&Np($d)) if $o == 1;
-	 &mov($tmp1,	-1) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP4
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-#	 &mov($tmp2,	-1) if $o == -2;
-#	&mov($tmp1,	$d) if $o == -2;
-	 &sub($tmp2,	$d);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$c);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2));
-	 &mov($tmp2,	-1) unless $o > 0;	# NEXT
-	 # XXX
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($d)) unless $o > 0; # NEXT
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &sub($tmp2,	$d);
-	&and($tmp1,	$b);
-	 &and($tmp2,	$c);
-	&or($tmp2,	$tmp1);
-	 &mov($tmp1,	&Xv($pos));
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2));
-	 &mov($tmp2,	-1) if $o == 0;	# NEXT
-	 &mov($tmp2,	-1) if $o == 1;
-	 &mov($tmp2,	-1) if $o == 2;
-	 # XXX
-	&add($a,	$tmp1);
-	 &mov($tmp1,	&Np($d)) if $o == 0;	# NEXT
-	 &sub($tmp2,	&Np($d)) if $o == 1;
-	 &sub($tmp2,	&Np($c)) if $o == 2;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub RIP5
-	{
-	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
-
-	&comment($p++);
-	if ($p & 1)
-		{
-	 &mov($tmp2,	-1) if $o == -2;
-	&sub($tmp2,	$d) if $o == -2;
-	 &mov($tmp1,	&Xv($pos));
-	&or($tmp2,	$c);
-	 &add($a,	$tmp1);
-	&xor($tmp2,	$b);
-	 &mov($tmp1,	-1) if $o <= 0;
-	 # XXX
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp2,1));
-	 &sub($tmp1,	&Np($d)) if $o <= 0;
-	 # XXX
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	else
-		{
-	 &mov($tmp2,	&Xv($pos));
-	&or($tmp1,	$c);
-	 &add($a,	$tmp2);
-	&xor($tmp1,	$b);
-	 &mov($tmp2,	-1) if $o <= 0;
-	 &mov($tmp2,	&wparam(0)) if $o == 1;	# Middle code
-	 &mov($tmp2,	-1) if $o == 2;
-	&rotl($c,	10);
-	&lea($a,	&DWP($K,$a,$tmp1,1));
-	 &sub($tmp2,	&Np($d)) if $o <= 0;
-	 &mov(&swtmp(16),	$A) if $o == 1;
-	 &mov($tmp1,	&Np($d)) if $o == 2;
-	&rotl($a,	$s);
-	&add($a,	$e);
-		}
-	}
-
-sub ripemd160_block
-	{
-	local($name)=@_;
-
-	&function_begin_B($name,"",3);
-
-	# parameter 1 is the RIPEMD160_CTX structure.
-	# A	0
-	# B	4
-	# C	8
-	# D 	12
-	# E 	16
-
-	&mov($tmp2,	&wparam(0));
-	 &mov($tmp1,	&wparam(1));
-	&push("esi");
-	 &mov($A,	&DWP( 0,$tmp2,"",0));
-	&push("edi");
-	 &mov($B,	&DWP( 4,$tmp2,"",0));
-	&push("ebp");
-	 &mov($C,	&DWP( 8,$tmp2,"",0));
-	&push("ebx");
-	 &stack_push(16+5+6);
-			  # Special comment about the figure of 6.
-			  # Idea is to pad the current frame so
-			  # that the top of the stack gets fairly
-			  # aligned. Well, as you realize it would
-			  # always depend on how the frame below is
-			  # aligned. The good news are that gcc-2.95
-			  # and later does keep first argument at
-			  # least double-wise aligned.
-			  #			<appro@fy.chalmers.se>
-
-	&set_label("start") unless $normal;
-	&comment("");
-
-	# &mov($tmp1,	&wparam(1)); # Done at end of loop
-	# &mov($tmp2,	&wparam(0)); # Done at end of loop
-
-	for ($z=0; $z<16; $z+=2)
-		{
-		&mov($D,		&DWP( $z*4,$tmp1,"",0));
-		 &mov($E,		&DWP( ($z+1)*4,$tmp1,"",0));
-		&mov(&swtmp($z),	$D);
-		 &mov(&swtmp($z+1),	$E);
-		}
-	&mov($tmp1,	$C);
-	 &mov($D,	&DWP(12,$tmp2,"",0));
-	&mov($E,	&DWP(16,$tmp2,"",0));
-
-	&RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
-	&RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
-	&RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
-	&RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
-	&RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
-	&RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
-	&RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
-	&RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
-
-	&RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
-	&RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
-	&RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
-	&RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
-	&RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
-	&RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
-	&RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
-	&RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
-
-	&RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
-	&RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
-	&RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
-	&RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
-	&RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
-	&RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
-	&RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
-	&RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
-
-	&RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
-	&RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
-	&RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
-	&RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
-	&RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
-	&RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
-	&RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
-	&RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
-
-	&RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
-	&RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
-	&RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
-	&RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
-	&RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
-	&RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
-	&RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
-	&RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
-
-	# &mov($tmp2,	&wparam(0)); # moved into last RIP5
-	# &mov(&swtmp(16),	$A);
-	 &mov($A,	&DWP( 0,$tmp2,"",0));
-	&mov(&swtmp(16+1),	$B);
-	 &mov(&swtmp(16+2),	$C);
-	&mov($B,	&DWP( 4,$tmp2,"",0));
-	 &mov(&swtmp(16+3),	$D);
-	&mov($C,	&DWP( 8,$tmp2,"",0));
-	 &mov(&swtmp(16+4),	$E);
-	&mov($D,	&DWP(12,$tmp2,"",0));
-	 &mov($E,	&DWP(16,$tmp2,"",0));
-
-	&RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
-	&RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
-	&RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
-	&RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
-	&RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
-	&RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
-	&RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
-	&RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
-
-	&RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
-	&RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
-	&RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
-	&RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
-	&RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
-	&RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
-	&RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
-	&RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
-
-	&RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
-	&RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
-	&RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
-	&RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
-	&RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
-	&RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
-	&RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
-	&RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
-
-	&RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
-	&RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
-	&RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
-	&RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
-	&RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
-	&RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
-	&RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
-	&RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
-
-	&RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
-	&RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
-	&RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
-	&RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
-	&RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
-	&RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
-	&RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
-	&RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
-
-	# &mov($tmp2,	&wparam(0)); # Moved into last round
-
-	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));	# ctx->B
- 	&add($D,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+2));		# $c
-	&add($D,	$tmp1);
-
-	 &mov($tmp1,	&DWP( 8,$tmp2,"",0));	# ctx->C
-	&add($E,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+3));		# $d
-	&add($E,	$tmp1);
-
-	 &mov($tmp1,	&DWP(12,$tmp2,"",0));	# ctx->D
-	&add($A,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+4));		# $e
-	&add($A,	$tmp1);
-
-
-	 &mov($tmp1,	&DWP(16,$tmp2,"",0));	# ctx->E
-	&add($B,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+0));		# $a
-	&add($B,	$tmp1);
-
-	 &mov($tmp1,	&DWP( 0,$tmp2,"",0));	# ctx->A
-	&add($C,	$tmp1);	
-	 &mov($tmp1,	&swtmp(16+1));		# $b
-	&add($C,	$tmp1);
-
-	 &mov($tmp1,	&wparam(2));
-
-	&mov(&DWP( 0,$tmp2,"",0),	$D);
-	 &mov(&DWP( 4,$tmp2,"",0),	$E);
-	&mov(&DWP( 8,$tmp2,"",0),	$A);
-	 &sub($tmp1,1);
-	&mov(&DWP(12,$tmp2,"",0),	$B);
-	 &mov(&DWP(16,$tmp2,"",0),	$C);
-
-	&jle(&label("get_out"));
-
-	&mov(&wparam(2),$tmp1);
-	 &mov($C,	$A);
-	&mov($tmp1,	&wparam(1));
-	 &mov($A,	$D);
-	&add($tmp1,	64);
-	 &mov($B,	$E);
-	&mov(&wparam(1),$tmp1);
-
-	&jmp(&label("start"));
-
-	&set_label("get_out");
-
-	&stack_pop(16+5+6);
-
-	&pop("ebx");
-	&pop("ebp");
-	&pop("edi");
-	&pop("esi");
-	&ret();
-	&function_end_B($name);
-	}
-
diff --git a/lib/libssl/src/crypto/ripemd/ripemd.h b/lib/libssl/src/crypto/ripemd/ripemd.h
deleted file mode 100644
index a5f3a129373..00000000000
--- a/lib/libssl/src/crypto/ripemd/ripemd.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/* $OpenBSD: ripemd.h,v 1.14 2014/07/10 22:45:57 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stddef.h>
-
-#ifndef HEADER_RIPEMD_H
-#define HEADER_RIPEMD_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#ifdef OPENSSL_NO_RIPEMD
-#error RIPEMD is disabled.
-#endif
-
-#if defined(__LP32__)
-#define RIPEMD160_LONG unsigned long
-#elif defined(__ILP64__)
-#define RIPEMD160_LONG unsigned long
-#define RIPEMD160_LONG_LOG2 3
-#else
-#define RIPEMD160_LONG unsigned int
-#endif
-
-#define RIPEMD160_CBLOCK	64
-#define RIPEMD160_LBLOCK	(RIPEMD160_CBLOCK/4)
-#define RIPEMD160_DIGEST_LENGTH	20
-
-typedef struct RIPEMD160state_st
-	{
-	RIPEMD160_LONG A,B,C,D,E;
-	RIPEMD160_LONG Nl,Nh;
-	RIPEMD160_LONG data[RIPEMD160_LBLOCK];
-	unsigned int   num;
-	} RIPEMD160_CTX;
-
-int RIPEMD160_Init(RIPEMD160_CTX *c);
-int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
-int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-unsigned char *RIPEMD160(const unsigned char *d, size_t n,
-	unsigned char *md);
-void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/lib/libssl/src/crypto/ripemd/rmd_dgst.c
deleted file mode 100644
index 458968d4a60..00000000000
--- a/lib/libssl/src/crypto/ripemd/rmd_dgst.c
+++ /dev/null
@@ -1,290 +0,0 @@
-/* $OpenBSD: rmd_dgst.c,v 1.17 2014/10/28 07:35:59 jsg Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "rmd_locl.h"
-#include <openssl/opensslv.h>
-#include <openssl/crypto.h>
-
-#  ifdef RMD160_ASM
-     void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,size_t num);
-#    define ripemd160_block ripemd160_block_x86
-#  else
-     void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,size_t num);
-#  endif
-
-int RIPEMD160_Init(RIPEMD160_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->A=RIPEMD160_A;
-	c->B=RIPEMD160_B;
-	c->C=RIPEMD160_C;
-	c->D=RIPEMD160_D;
-	c->E=RIPEMD160_E;
-	return 1;
-	}
-
-#ifndef ripemd160_block_data_order
-#ifdef X
-#undef X
-#endif
-void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, size_t num)
-	{
-	const unsigned char *data=p;
-	unsigned MD32_REG_T A,B,C,D,E;
-	unsigned MD32_REG_T a,b,c,d,e,l;
-#ifndef MD32_XARRAY
-	/* See comment in crypto/sha/sha_locl.h for details. */
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-# define X(i)	XX##i
-#else
-	RIPEMD160_LONG	XX[16];
-# define X(i)	XX[i]
-#endif
-
-	for (;num--;)
-		{
-
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	HOST_c2l(data,l); X( 0)=l;HOST_c2l(data,l); X( 1)=l;
-	RIP1(A,B,C,D,E,WL00,SL00);	HOST_c2l(data,l); X( 2)=l;
-	RIP1(E,A,B,C,D,WL01,SL01);	HOST_c2l(data,l); X( 3)=l;
-	RIP1(D,E,A,B,C,WL02,SL02);	HOST_c2l(data,l); X( 4)=l;
-	RIP1(C,D,E,A,B,WL03,SL03);	HOST_c2l(data,l); X( 5)=l;
-	RIP1(B,C,D,E,A,WL04,SL04);	HOST_c2l(data,l); X( 6)=l;
-	RIP1(A,B,C,D,E,WL05,SL05);	HOST_c2l(data,l); X( 7)=l;
-	RIP1(E,A,B,C,D,WL06,SL06);	HOST_c2l(data,l); X( 8)=l;
-	RIP1(D,E,A,B,C,WL07,SL07);	HOST_c2l(data,l); X( 9)=l;
-	RIP1(C,D,E,A,B,WL08,SL08);	HOST_c2l(data,l); X(10)=l;
-	RIP1(B,C,D,E,A,WL09,SL09);	HOST_c2l(data,l); X(11)=l;
-	RIP1(A,B,C,D,E,WL10,SL10);	HOST_c2l(data,l); X(12)=l;
-	RIP1(E,A,B,C,D,WL11,SL11);	HOST_c2l(data,l); X(13)=l;
-	RIP1(D,E,A,B,C,WL12,SL12);	HOST_c2l(data,l); X(14)=l;
-	RIP1(C,D,E,A,B,WL13,SL13);	HOST_c2l(data,l); X(15)=l;
-	RIP1(B,C,D,E,A,WL14,SL14);
-	RIP1(A,B,C,D,E,WL15,SL15);
-
-	RIP2(E,A,B,C,D,WL16,SL16,KL1);
-	RIP2(D,E,A,B,C,WL17,SL17,KL1);
-	RIP2(C,D,E,A,B,WL18,SL18,KL1);
-	RIP2(B,C,D,E,A,WL19,SL19,KL1);
-	RIP2(A,B,C,D,E,WL20,SL20,KL1);
-	RIP2(E,A,B,C,D,WL21,SL21,KL1);
-	RIP2(D,E,A,B,C,WL22,SL22,KL1);
-	RIP2(C,D,E,A,B,WL23,SL23,KL1);
-	RIP2(B,C,D,E,A,WL24,SL24,KL1);
-	RIP2(A,B,C,D,E,WL25,SL25,KL1);
-	RIP2(E,A,B,C,D,WL26,SL26,KL1);
-	RIP2(D,E,A,B,C,WL27,SL27,KL1);
-	RIP2(C,D,E,A,B,WL28,SL28,KL1);
-	RIP2(B,C,D,E,A,WL29,SL29,KL1);
-	RIP2(A,B,C,D,E,WL30,SL30,KL1);
-	RIP2(E,A,B,C,D,WL31,SL31,KL1);
-
-	RIP3(D,E,A,B,C,WL32,SL32,KL2);
-	RIP3(C,D,E,A,B,WL33,SL33,KL2);
-	RIP3(B,C,D,E,A,WL34,SL34,KL2);
-	RIP3(A,B,C,D,E,WL35,SL35,KL2);
-	RIP3(E,A,B,C,D,WL36,SL36,KL2);
-	RIP3(D,E,A,B,C,WL37,SL37,KL2);
-	RIP3(C,D,E,A,B,WL38,SL38,KL2);
-	RIP3(B,C,D,E,A,WL39,SL39,KL2);
-	RIP3(A,B,C,D,E,WL40,SL40,KL2);
-	RIP3(E,A,B,C,D,WL41,SL41,KL2);
-	RIP3(D,E,A,B,C,WL42,SL42,KL2);
-	RIP3(C,D,E,A,B,WL43,SL43,KL2);
-	RIP3(B,C,D,E,A,WL44,SL44,KL2);
-	RIP3(A,B,C,D,E,WL45,SL45,KL2);
-	RIP3(E,A,B,C,D,WL46,SL46,KL2);
-	RIP3(D,E,A,B,C,WL47,SL47,KL2);
-
-	RIP4(C,D,E,A,B,WL48,SL48,KL3);
-	RIP4(B,C,D,E,A,WL49,SL49,KL3);
-	RIP4(A,B,C,D,E,WL50,SL50,KL3);
-	RIP4(E,A,B,C,D,WL51,SL51,KL3);
-	RIP4(D,E,A,B,C,WL52,SL52,KL3);
-	RIP4(C,D,E,A,B,WL53,SL53,KL3);
-	RIP4(B,C,D,E,A,WL54,SL54,KL3);
-	RIP4(A,B,C,D,E,WL55,SL55,KL3);
-	RIP4(E,A,B,C,D,WL56,SL56,KL3);
-	RIP4(D,E,A,B,C,WL57,SL57,KL3);
-	RIP4(C,D,E,A,B,WL58,SL58,KL3);
-	RIP4(B,C,D,E,A,WL59,SL59,KL3);
-	RIP4(A,B,C,D,E,WL60,SL60,KL3);
-	RIP4(E,A,B,C,D,WL61,SL61,KL3);
-	RIP4(D,E,A,B,C,WL62,SL62,KL3);
-	RIP4(C,D,E,A,B,WL63,SL63,KL3);
-
-	RIP5(B,C,D,E,A,WL64,SL64,KL4);
-	RIP5(A,B,C,D,E,WL65,SL65,KL4);
-	RIP5(E,A,B,C,D,WL66,SL66,KL4);
-	RIP5(D,E,A,B,C,WL67,SL67,KL4);
-	RIP5(C,D,E,A,B,WL68,SL68,KL4);
-	RIP5(B,C,D,E,A,WL69,SL69,KL4);
-	RIP5(A,B,C,D,E,WL70,SL70,KL4);
-	RIP5(E,A,B,C,D,WL71,SL71,KL4);
-	RIP5(D,E,A,B,C,WL72,SL72,KL4);
-	RIP5(C,D,E,A,B,WL73,SL73,KL4);
-	RIP5(B,C,D,E,A,WL74,SL74,KL4);
-	RIP5(A,B,C,D,E,WL75,SL75,KL4);
-	RIP5(E,A,B,C,D,WL76,SL76,KL4);
-	RIP5(D,E,A,B,C,WL77,SL77,KL4);
-	RIP5(C,D,E,A,B,WL78,SL78,KL4);
-	RIP5(B,C,D,E,A,WL79,SL79,KL4);
-
-	a=A; b=B; c=C; d=D; e=E;
-	/* Do other half */
-	A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
-
-	RIP5(A,B,C,D,E,WR00,SR00,KR0);
-	RIP5(E,A,B,C,D,WR01,SR01,KR0);
-	RIP5(D,E,A,B,C,WR02,SR02,KR0);
-	RIP5(C,D,E,A,B,WR03,SR03,KR0);
-	RIP5(B,C,D,E,A,WR04,SR04,KR0);
-	RIP5(A,B,C,D,E,WR05,SR05,KR0);
-	RIP5(E,A,B,C,D,WR06,SR06,KR0);
-	RIP5(D,E,A,B,C,WR07,SR07,KR0);
-	RIP5(C,D,E,A,B,WR08,SR08,KR0);
-	RIP5(B,C,D,E,A,WR09,SR09,KR0);
-	RIP5(A,B,C,D,E,WR10,SR10,KR0);
-	RIP5(E,A,B,C,D,WR11,SR11,KR0);
-	RIP5(D,E,A,B,C,WR12,SR12,KR0);
-	RIP5(C,D,E,A,B,WR13,SR13,KR0);
-	RIP5(B,C,D,E,A,WR14,SR14,KR0);
-	RIP5(A,B,C,D,E,WR15,SR15,KR0);
-
-	RIP4(E,A,B,C,D,WR16,SR16,KR1);
-	RIP4(D,E,A,B,C,WR17,SR17,KR1);
-	RIP4(C,D,E,A,B,WR18,SR18,KR1);
-	RIP4(B,C,D,E,A,WR19,SR19,KR1);
-	RIP4(A,B,C,D,E,WR20,SR20,KR1);
-	RIP4(E,A,B,C,D,WR21,SR21,KR1);
-	RIP4(D,E,A,B,C,WR22,SR22,KR1);
-	RIP4(C,D,E,A,B,WR23,SR23,KR1);
-	RIP4(B,C,D,E,A,WR24,SR24,KR1);
-	RIP4(A,B,C,D,E,WR25,SR25,KR1);
-	RIP4(E,A,B,C,D,WR26,SR26,KR1);
-	RIP4(D,E,A,B,C,WR27,SR27,KR1);
-	RIP4(C,D,E,A,B,WR28,SR28,KR1);
-	RIP4(B,C,D,E,A,WR29,SR29,KR1);
-	RIP4(A,B,C,D,E,WR30,SR30,KR1);
-	RIP4(E,A,B,C,D,WR31,SR31,KR1);
-
-	RIP3(D,E,A,B,C,WR32,SR32,KR2);
-	RIP3(C,D,E,A,B,WR33,SR33,KR2);
-	RIP3(B,C,D,E,A,WR34,SR34,KR2);
-	RIP3(A,B,C,D,E,WR35,SR35,KR2);
-	RIP3(E,A,B,C,D,WR36,SR36,KR2);
-	RIP3(D,E,A,B,C,WR37,SR37,KR2);
-	RIP3(C,D,E,A,B,WR38,SR38,KR2);
-	RIP3(B,C,D,E,A,WR39,SR39,KR2);
-	RIP3(A,B,C,D,E,WR40,SR40,KR2);
-	RIP3(E,A,B,C,D,WR41,SR41,KR2);
-	RIP3(D,E,A,B,C,WR42,SR42,KR2);
-	RIP3(C,D,E,A,B,WR43,SR43,KR2);
-	RIP3(B,C,D,E,A,WR44,SR44,KR2);
-	RIP3(A,B,C,D,E,WR45,SR45,KR2);
-	RIP3(E,A,B,C,D,WR46,SR46,KR2);
-	RIP3(D,E,A,B,C,WR47,SR47,KR2);
-
-	RIP2(C,D,E,A,B,WR48,SR48,KR3);
-	RIP2(B,C,D,E,A,WR49,SR49,KR3);
-	RIP2(A,B,C,D,E,WR50,SR50,KR3);
-	RIP2(E,A,B,C,D,WR51,SR51,KR3);
-	RIP2(D,E,A,B,C,WR52,SR52,KR3);
-	RIP2(C,D,E,A,B,WR53,SR53,KR3);
-	RIP2(B,C,D,E,A,WR54,SR54,KR3);
-	RIP2(A,B,C,D,E,WR55,SR55,KR3);
-	RIP2(E,A,B,C,D,WR56,SR56,KR3);
-	RIP2(D,E,A,B,C,WR57,SR57,KR3);
-	RIP2(C,D,E,A,B,WR58,SR58,KR3);
-	RIP2(B,C,D,E,A,WR59,SR59,KR3);
-	RIP2(A,B,C,D,E,WR60,SR60,KR3);
-	RIP2(E,A,B,C,D,WR61,SR61,KR3);
-	RIP2(D,E,A,B,C,WR62,SR62,KR3);
-	RIP2(C,D,E,A,B,WR63,SR63,KR3);
-
-	RIP1(B,C,D,E,A,WR64,SR64);
-	RIP1(A,B,C,D,E,WR65,SR65);
-	RIP1(E,A,B,C,D,WR66,SR66);
-	RIP1(D,E,A,B,C,WR67,SR67);
-	RIP1(C,D,E,A,B,WR68,SR68);
-	RIP1(B,C,D,E,A,WR69,SR69);
-	RIP1(A,B,C,D,E,WR70,SR70);
-	RIP1(E,A,B,C,D,WR71,SR71);
-	RIP1(D,E,A,B,C,WR72,SR72);
-	RIP1(C,D,E,A,B,WR73,SR73);
-	RIP1(B,C,D,E,A,WR74,SR74);
-	RIP1(A,B,C,D,E,WR75,SR75);
-	RIP1(E,A,B,C,D,WR76,SR76);
-	RIP1(D,E,A,B,C,WR77,SR77);
-	RIP1(C,D,E,A,B,WR78,SR78);
-	RIP1(B,C,D,E,A,WR79,SR79);
-
-	D     =ctx->B+c+D;
-	ctx->B=ctx->C+d+E;
-	ctx->C=ctx->D+e+A;
-	ctx->D=ctx->E+a+B;
-	ctx->E=ctx->A+b+C;
-	ctx->A=D;
-
-		}
-	}
-#endif
diff --git a/lib/libssl/src/crypto/ripemd/rmd_locl.h b/lib/libssl/src/crypto/ripemd/rmd_locl.h
deleted file mode 100644
index 54cce5b6453..00000000000
--- a/lib/libssl/src/crypto/ripemd/rmd_locl.h
+++ /dev/null
@@ -1,146 +0,0 @@
-/* $OpenBSD: rmd_locl.h,v 1.12 2014/10/20 13:06:54 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/opensslconf.h>
-#include <openssl/ripemd.h>
-
-/*
- * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
- * FOR EXPLANATIONS ON FOLLOWING "CODE."
- *					<appro@fy.chalmers.se>
- */
-#ifdef RMD160_ASM
-# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
-#  define ripemd160_block_data_order ripemd160_block_asm_data_order
-# endif
-#endif
-
-void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,size_t num);
-
-#define DATA_ORDER_IS_LITTLE_ENDIAN
-
-#define HASH_LONG               RIPEMD160_LONG
-#define HASH_CTX                RIPEMD160_CTX
-#define HASH_CBLOCK             RIPEMD160_CBLOCK
-#define HASH_UPDATE             RIPEMD160_Update
-#define HASH_TRANSFORM          RIPEMD160_Transform
-#define HASH_FINAL              RIPEMD160_Final
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	ll=(c)->A; HOST_l2c(ll,(s));	\
-	ll=(c)->B; HOST_l2c(ll,(s));	\
-	ll=(c)->C; HOST_l2c(ll,(s));	\
-	ll=(c)->D; HOST_l2c(ll,(s));	\
-	ll=(c)->E; HOST_l2c(ll,(s));	\
-	} while (0)
-#define HASH_BLOCK_DATA_ORDER   ripemd160_block_data_order
-
-#include "md32_common.h"
-
-#if 0
-#define F1(x,y,z)	 ((x)^(y)^(z))
-#define F2(x,y,z)	(((x)&(y))|((~x)&z))
-#define F3(x,y,z)	(((x)|(~y))^(z))
-#define F4(x,y,z)	(((x)&(z))|((y)&(~(z))))
-#define F5(x,y,z)	 ((x)^((y)|(~(z))))
-#else
-/*
- * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
- */
-#define F1(x,y,z)	((x) ^ (y) ^ (z))
-#define F2(x,y,z)	((((y) ^ (z)) & (x)) ^ (z))
-#define F3(x,y,z)	(((~(y)) | (x)) ^ (z))
-#define F4(x,y,z)	((((x) ^ (y)) & (z)) ^ (y))
-#define F5(x,y,z)	(((~(z)) | (y)) ^ (x))
-#endif
-
-#define RIPEMD160_A	0x67452301L
-#define RIPEMD160_B	0xEFCDAB89L
-#define RIPEMD160_C	0x98BADCFEL
-#define RIPEMD160_D	0x10325476L
-#define RIPEMD160_E	0xC3D2E1F0L
-
-#include "rmdconst.h"
-
-#define RIP1(a,b,c,d,e,w,s) { \
-	a+=F1(b,c,d)+X(w); \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP2(a,b,c,d,e,w,s,K) { \
-	a+=F2(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP3(a,b,c,d,e,w,s,K) { \
-	a+=F3(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP4(a,b,c,d,e,w,s,K) { \
-	a+=F4(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
-#define RIP5(a,b,c,d,e,w,s,K) { \
-	a+=F5(b,c,d)+X(w)+K; \
-        a=ROTATE(a,s)+e; \
-        c=ROTATE(c,10); }
-
diff --git a/lib/libssl/src/crypto/ripemd/rmd_one.c b/lib/libssl/src/crypto/ripemd/rmd_one.c
deleted file mode 100644
index 0d372f32f78..00000000000
--- a/lib/libssl/src/crypto/ripemd/rmd_one.c
+++ /dev/null
@@ -1,78 +0,0 @@
-/* $OpenBSD: rmd_one.c,v 1.9 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/ripemd.h>
-#include <openssl/crypto.h>
-
-unsigned char *RIPEMD160(const unsigned char *d, size_t n,
-	     unsigned char *md)
-	{
-	RIPEMD160_CTX c;
-	static unsigned char m[RIPEMD160_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!RIPEMD160_Init(&c))
-		return NULL;
-	RIPEMD160_Update(&c,d,n);
-	RIPEMD160_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
diff --git a/lib/libssl/src/crypto/ripemd/rmdconst.h b/lib/libssl/src/crypto/ripemd/rmdconst.h
deleted file mode 100644
index b36011cc44b..00000000000
--- a/lib/libssl/src/crypto/ripemd/rmdconst.h
+++ /dev/null
@@ -1,399 +0,0 @@
-/* $OpenBSD: rmdconst.h,v 1.2 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#define KL0 0x00000000L
-#define KL1 0x5A827999L
-#define KL2 0x6ED9EBA1L
-#define KL3 0x8F1BBCDCL
-#define KL4 0xA953FD4EL
-
-#define KR0 0x50A28BE6L
-#define KR1 0x5C4DD124L
-#define KR2 0x6D703EF3L
-#define KR3 0x7A6D76E9L
-#define KR4 0x00000000L
-
-#define WL00  0
-#define SL00 11
-#define WL01  1
-#define SL01 14
-#define WL02  2
-#define SL02 15
-#define WL03  3
-#define SL03 12
-#define WL04  4
-#define SL04  5
-#define WL05  5
-#define SL05  8
-#define WL06  6
-#define SL06  7
-#define WL07  7
-#define SL07  9
-#define WL08  8
-#define SL08 11
-#define WL09  9
-#define SL09 13
-#define WL10 10
-#define SL10 14
-#define WL11 11
-#define SL11 15
-#define WL12 12
-#define SL12  6
-#define WL13 13
-#define SL13  7
-#define WL14 14
-#define SL14  9
-#define WL15 15
-#define SL15  8
-
-#define WL16  7
-#define SL16  7
-#define WL17  4
-#define SL17  6
-#define WL18 13
-#define SL18  8
-#define WL19  1
-#define SL19 13
-#define WL20 10
-#define SL20 11
-#define WL21  6
-#define SL21  9
-#define WL22 15
-#define SL22  7
-#define WL23  3
-#define SL23 15
-#define WL24 12
-#define SL24  7
-#define WL25  0
-#define SL25 12
-#define WL26  9
-#define SL26 15
-#define WL27  5
-#define SL27  9
-#define WL28  2
-#define SL28 11
-#define WL29 14
-#define SL29  7
-#define WL30 11
-#define SL30 13
-#define WL31  8
-#define SL31 12
-
-#define WL32  3
-#define SL32 11
-#define WL33 10
-#define SL33 13
-#define WL34 14
-#define SL34  6
-#define WL35  4
-#define SL35  7
-#define WL36  9
-#define SL36 14
-#define WL37 15
-#define SL37  9
-#define WL38  8
-#define SL38 13
-#define WL39  1
-#define SL39 15
-#define WL40  2
-#define SL40 14
-#define WL41  7
-#define SL41  8
-#define WL42  0
-#define SL42 13
-#define WL43  6
-#define SL43  6
-#define WL44 13
-#define SL44  5
-#define WL45 11
-#define SL45 12
-#define WL46  5
-#define SL46  7
-#define WL47 12
-#define SL47  5
-
-#define WL48  1
-#define SL48 11
-#define WL49  9
-#define SL49 12
-#define WL50 11
-#define SL50 14
-#define WL51 10
-#define SL51 15
-#define WL52  0
-#define SL52 14
-#define WL53  8
-#define SL53 15
-#define WL54 12
-#define SL54  9
-#define WL55  4
-#define SL55  8
-#define WL56 13
-#define SL56  9
-#define WL57  3
-#define SL57 14
-#define WL58  7
-#define SL58  5
-#define WL59 15
-#define SL59  6
-#define WL60 14
-#define SL60  8
-#define WL61  5
-#define SL61  6
-#define WL62  6
-#define SL62  5
-#define WL63  2
-#define SL63 12
-
-#define WL64  4
-#define SL64  9
-#define WL65  0
-#define SL65 15
-#define WL66  5
-#define SL66  5
-#define WL67  9
-#define SL67 11
-#define WL68  7
-#define SL68  6
-#define WL69 12
-#define SL69  8
-#define WL70  2
-#define SL70 13
-#define WL71 10
-#define SL71 12
-#define WL72 14
-#define SL72  5
-#define WL73  1
-#define SL73 12
-#define WL74  3
-#define SL74 13
-#define WL75  8
-#define SL75 14
-#define WL76 11
-#define SL76 11
-#define WL77  6
-#define SL77  8
-#define WL78 15
-#define SL78  5
-#define WL79 13
-#define SL79  6
-
-#define WR00  5
-#define SR00  8
-#define WR01 14
-#define SR01  9
-#define WR02  7
-#define SR02  9
-#define WR03  0
-#define SR03 11
-#define WR04  9
-#define SR04 13
-#define WR05  2
-#define SR05 15
-#define WR06 11
-#define SR06 15
-#define WR07  4
-#define SR07  5
-#define WR08 13
-#define SR08  7
-#define WR09  6
-#define SR09  7
-#define WR10 15
-#define SR10  8
-#define WR11  8
-#define SR11 11
-#define WR12  1
-#define SR12 14
-#define WR13 10
-#define SR13 14
-#define WR14  3
-#define SR14 12
-#define WR15 12
-#define SR15  6
-
-#define WR16  6
-#define SR16  9
-#define WR17 11
-#define SR17 13
-#define WR18  3
-#define SR18 15
-#define WR19  7
-#define SR19  7
-#define WR20  0
-#define SR20 12
-#define WR21 13
-#define SR21  8
-#define WR22  5
-#define SR22  9
-#define WR23 10
-#define SR23 11
-#define WR24 14
-#define SR24  7
-#define WR25 15
-#define SR25  7
-#define WR26  8
-#define SR26 12
-#define WR27 12
-#define SR27  7
-#define WR28  4
-#define SR28  6
-#define WR29  9
-#define SR29 15
-#define WR30  1
-#define SR30 13
-#define WR31  2
-#define SR31 11
-
-#define WR32 15
-#define SR32  9
-#define WR33  5
-#define SR33  7
-#define WR34  1
-#define SR34 15
-#define WR35  3
-#define SR35 11
-#define WR36  7
-#define SR36  8
-#define WR37 14
-#define SR37  6
-#define WR38  6
-#define SR38  6
-#define WR39  9
-#define SR39 14
-#define WR40 11
-#define SR40 12
-#define WR41  8
-#define SR41 13
-#define WR42 12
-#define SR42  5
-#define WR43  2
-#define SR43 14
-#define WR44 10
-#define SR44 13
-#define WR45  0
-#define SR45 13
-#define WR46  4
-#define SR46  7
-#define WR47 13
-#define SR47  5
-
-#define WR48  8
-#define SR48 15
-#define WR49  6
-#define SR49  5
-#define WR50  4
-#define SR50  8
-#define WR51  1
-#define SR51 11
-#define WR52  3
-#define SR52 14
-#define WR53 11
-#define SR53 14
-#define WR54 15
-#define SR54  6
-#define WR55  0
-#define SR55 14
-#define WR56  5
-#define SR56  6
-#define WR57 12
-#define SR57  9
-#define WR58  2
-#define SR58 12
-#define WR59 13
-#define SR59  9
-#define WR60  9
-#define SR60 12
-#define WR61  7
-#define SR61  5
-#define WR62 10
-#define SR62 15
-#define WR63 14
-#define SR63  8
-
-#define WR64 12
-#define SR64  8
-#define WR65 15
-#define SR65  5
-#define WR66 10
-#define SR66 12
-#define WR67  4
-#define SR67  9
-#define WR68  1
-#define SR68 12
-#define WR69  5
-#define SR69  5
-#define WR70  8
-#define SR70 14
-#define WR71  7
-#define SR71  6
-#define WR72  6
-#define SR72  8
-#define WR73  2
-#define SR73 13
-#define WR74 13
-#define SR74  6
-#define WR75 14
-#define SR75  5
-#define WR76  0
-#define SR76 15
-#define WR77  3
-#define SR77 13
-#define WR78  9
-#define SR78 11
-#define WR79 11
-#define SR79 11
-
diff --git a/lib/libssl/src/crypto/rsa/rsa.h b/lib/libssl/src/crypto/rsa/rsa.h
deleted file mode 100644
index d240294809f..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa.h
+++ /dev/null
@@ -1,548 +0,0 @@
-/* $OpenBSD: rsa.h,v 1.28 2016/06/30 02:02:06 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_RSA_H
-#define HEADER_RSA_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/crypto.h>
-#include <openssl/ossl_typ.h>
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/bn.h>
-#endif
-
-#ifdef OPENSSL_NO_RSA
-#error RSA is disabled.
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct rsa_st RSA; */
-/* typedef struct rsa_meth_st RSA_METHOD; */
-
-struct rsa_meth_st {
-	const char *name;
-	int (*rsa_pub_enc)(int flen, const unsigned char *from,
-	    unsigned char *to, RSA *rsa, int padding);
-	int (*rsa_pub_dec)(int flen, const unsigned char *from,
-	    unsigned char *to, RSA *rsa, int padding);
-	int (*rsa_priv_enc)(int flen, const unsigned char *from,
-	    unsigned char *to, RSA *rsa, int padding);
-	int (*rsa_priv_dec)(int flen, const unsigned char *from,
-	    unsigned char *to, RSA *rsa, int padding);
-	int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
-	    BN_CTX *ctx); /* Can be null */
-	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-	    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
-	int (*init)(RSA *rsa);		/* called at new */
-	int (*finish)(RSA *rsa);	/* called at free */
-	int flags;			/* RSA_METHOD_FLAG_* things */
-	char *app_data;			/* may be needed! */
-/* New sign and verify functions: some libraries don't allow arbitrary data
- * to be signed/verified: this allows them to be used. Note: for this to work
- * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
- * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
- * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
- * option is set in 'flags'.
- */
-	int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length,
-	    unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
-	int (*rsa_verify)(int dtype, const unsigned char *m,
-	    unsigned int m_length, const unsigned char *sigbuf,
-	    unsigned int siglen, const RSA *rsa);
-/* If this callback is NULL, the builtin software RSA key-gen will be used. This
- * is for behavioural compatibility whilst the code gets rewired, but one day
- * it would be nice to assume there are no such things as "builtin software"
- * implementations. */
-	int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-};
-
-struct rsa_st {
-	/* The first parameter is used to pickup errors where
-	 * this is passed instead of aEVP_PKEY, it is set to 0 */
-	int pad;
-	long version;
-	const RSA_METHOD *meth;
-	/* functional reference if 'meth' is ENGINE-provided */
-	ENGINE *engine;
-	BIGNUM *n;
-	BIGNUM *e;
-	BIGNUM *d;
-	BIGNUM *p;
-	BIGNUM *q;
-	BIGNUM *dmp1;
-	BIGNUM *dmq1;
-	BIGNUM *iqmp;
-	/* be careful using this if the RSA structure is shared */
-	CRYPTO_EX_DATA ex_data;
-	int references;
-	int flags;
-
-	/* Used to cache montgomery values */
-	BN_MONT_CTX *_method_mod_n;
-	BN_MONT_CTX *_method_mod_p;
-	BN_MONT_CTX *_method_mod_q;
-
-	/* all BIGNUM values are actually in the following data, if it is not
-	 * NULL */
-	BN_BLINDING *blinding;
-	BN_BLINDING *mt_blinding;
-};
-
-#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
-# define OPENSSL_RSA_MAX_MODULUS_BITS	16384
-#endif
-
-#ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
-# define OPENSSL_RSA_SMALL_MODULUS_BITS	3072
-#endif
-#ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
-# define OPENSSL_RSA_MAX_PUBEXP_BITS	64 /* exponent limit enforced for "large" modulus only */
-#endif
-
-#define RSA_3	0x3L
-#define RSA_F4	0x10001L
-
-/* Don't check pub/private match. */
-#define RSA_METHOD_FLAG_NO_CHECK	0x0001
-
-#define RSA_FLAG_CACHE_PUBLIC		0x0002
-#define RSA_FLAG_CACHE_PRIVATE		0x0004
-#define RSA_FLAG_BLINDING		0x0008
-#define RSA_FLAG_THREAD_SAFE		0x0010
-
-/*
- * This flag means the private key operations will be handled by rsa_mod_exp
- * and that they do not depend on the private key components being present:
- * for example a key stored in external hardware. Without this flag bn_mod_exp
- * gets called when private key components are absent.
- */
-#define RSA_FLAG_EXT_PKEY		0x0020
-
-/*
- * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions.
- */
-#define RSA_FLAG_SIGN_VER		0x0040
-
-/*
- * The built-in RSA implementation uses blinding by default, but other engines
- * might not need it.
- */
-#define RSA_FLAG_NO_BLINDING		0x0080
-
-#define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
-				pad, NULL)
-
-#define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
-				EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
-
-#define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-				(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
-				EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
-				len, NULL)
-
-#define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
-				(EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
-				EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
-				0, plen)
-
-#define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
-				EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
-
-#define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
-				EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
-
-#define	 EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md)	\
-		EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG,  \
-				EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
-
-#define	 EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd)	\
-		EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_SIG,  \
-				EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
-
-#define EVP_PKEY_CTRL_RSA_PADDING	(EVP_PKEY_ALG_CTRL + 1)
-#define EVP_PKEY_CTRL_RSA_PSS_SALTLEN	(EVP_PKEY_ALG_CTRL + 2)
-
-#define EVP_PKEY_CTRL_RSA_KEYGEN_BITS	(EVP_PKEY_ALG_CTRL + 3)
-#define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP	(EVP_PKEY_ALG_CTRL + 4)
-#define EVP_PKEY_CTRL_RSA_MGF1_MD	(EVP_PKEY_ALG_CTRL + 5)
-
-#define EVP_PKEY_CTRL_GET_RSA_PADDING		(EVP_PKEY_ALG_CTRL + 6)
-#define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN	(EVP_PKEY_ALG_CTRL + 7)
-#define EVP_PKEY_CTRL_GET_RSA_MGF1_MD		(EVP_PKEY_ALG_CTRL + 8)
-
-#define RSA_PKCS1_PADDING	1
-#define RSA_SSLV23_PADDING	2
-#define RSA_NO_PADDING		3
-#define RSA_PKCS1_OAEP_PADDING	4
-#define RSA_X931_PADDING	5
-/* EVP_PKEY_ only */
-#define RSA_PKCS1_PSS_PADDING	6
-
-#define RSA_PKCS1_PADDING_SIZE	11
-
-#define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
-#define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
-
-RSA *RSA_new(void);
-RSA *RSA_new_method(ENGINE *engine);
-int RSA_size(const RSA *rsa);
-
-/* Deprecated version */
-#ifndef OPENSSL_NO_DEPRECATED
-RSA *RSA_generate_key(int bits, unsigned long e,
-    void (*callback)(int, int, void *), void *cb_arg);
-#endif /* !defined(OPENSSL_NO_DEPRECATED) */
-
-/* New version */
-int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-
-int RSA_check_key(const RSA *);
-/* next 4 return -1 on error */
-int RSA_public_encrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-int RSA_private_encrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-int RSA_public_decrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-int RSA_private_decrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-void RSA_free(RSA *r);
-/* "up" the RSA object's reference count */
-int RSA_up_ref(RSA *r);
-
-int RSA_flags(const RSA *r);
-
-void RSA_set_default_method(const RSA_METHOD *meth);
-const RSA_METHOD *RSA_get_default_method(void);
-const RSA_METHOD *RSA_get_method(const RSA *rsa);
-int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
-/* these are the actual SSLeay RSA functions */
-const RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
-const RSA_METHOD *RSA_null_method(void);
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
-
-typedef struct rsa_pss_params_st {
-	X509_ALGOR *hashAlgorithm;
-	X509_ALGOR *maskGenAlgorithm;
-	ASN1_INTEGER *saltLength;
-	ASN1_INTEGER *trailerField;
-} RSA_PSS_PARAMS;
-
-DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
-
-int RSA_print_fp(FILE *fp, const RSA *r, int offset);
-
-#ifndef OPENSSL_NO_BIO
-int RSA_print(BIO *bp, const RSA *r, int offset);
-#endif
-
-#ifndef OPENSSL_NO_RC4
-int i2d_RSA_NET(const RSA *a, unsigned char **pp,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey);
-RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
-    int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey);
-
-int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
-    int (*cb)(char *buf, int len, const char *prompt, int verify));
-RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
-    int (*cb)(char *buf, int len, const char *prompt, int verify));
-#endif
-
-/* The following 2 functions sign and verify a X509_SIG ASN1 object
- * inside PKCS#1 padded RSA encryption */
-int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
-    const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-/* The following 2 function sign and verify a ASN1_OCTET_STRING
- * object inside PKCS#1 padded RSA encryption */
-int RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m,
-    unsigned int m_length, unsigned char *sigret, unsigned int *siglen,
-    RSA *rsa);
-int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
-    unsigned int m_length, unsigned char *sigbuf, unsigned int siglen,
-    RSA *rsa);
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-void RSA_blinding_off(RSA *rsa);
-BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
-
-int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-    const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-    const unsigned char *f, int fl);
-int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len);
-int PKCS1_MGF1(unsigned char *mask, long len,
-    const unsigned char *seed, long seedlen, const EVP_MD *dgst);
-int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-    const unsigned char *f, int fl,
-    const unsigned char *p, int pl);
-int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len,
-    const unsigned char *p, int pl);
-int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-    const unsigned char *f, int fl);
-int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_none(unsigned char *to, int tlen,
-    const unsigned char *f, int fl);
-int RSA_padding_check_none(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len);
-int RSA_padding_add_X931(unsigned char *to, int tlen,
-    const unsigned char *f, int fl);
-int RSA_padding_check_X931(unsigned char *to, int tlen,
-    const unsigned char *f, int fl, int rsa_len);
-int RSA_X931_hash_id(int nid);
-
-int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
-    const EVP_MD *Hash, const unsigned char *EM, int sLen);
-int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
-    const unsigned char *mHash, const EVP_MD *Hash, int sLen);
-
-int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
-    const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM,
-    int sLen);
-
-int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
-    const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-    int sLen);
-
-int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int RSA_set_ex_data(RSA *r, int idx, void *arg);
-void *RSA_get_ex_data(const RSA *r, int idx);
-
-RSA *RSAPublicKey_dup(RSA *rsa);
-RSA *RSAPrivateKey_dup(RSA *rsa);
-
-/* If this flag is set the RSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define RSA_FLAG_FIPS_METHOD			0x0400
-
-/* If this flag is set the operations normally disabled in FIPS mode are
- * permitted it is then the applications responsibility to ensure that the
- * usage is compliant.
- */
-
-#define RSA_FLAG_NON_FIPS_ALLOW			0x0400
-/* Application has decided PRNG is good enough to generate a key: don't
- * check.
- */
-#define RSA_FLAG_CHECKED			0x0800
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_RSA_strings(void);
-
-/* Error codes for the RSA functions. */
-
-/* Function codes. */
-#define RSA_F_CHECK_PADDING_MD				 140
-#define RSA_F_DO_RSA_PRINT				 146
-#define RSA_F_INT_RSA_VERIFY				 145
-#define RSA_F_MEMORY_LOCK				 100
-#define RSA_F_OLD_RSA_PRIV_DECODE			 147
-#define RSA_F_PKEY_RSA_CTRL				 143
-#define RSA_F_PKEY_RSA_CTRL_STR				 144
-#define RSA_F_PKEY_RSA_SIGN				 142
-#define RSA_F_PKEY_RSA_VERIFY				 154
-#define RSA_F_PKEY_RSA_VERIFYRECOVER			 141
-#define RSA_F_RSA_BUILTIN_KEYGEN			 129
-#define RSA_F_RSA_CHECK_KEY				 123
-#define RSA_F_RSA_EAY_MOD_EXP				 157
-#define RSA_F_RSA_EAY_PRIVATE_DECRYPT			 101
-#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT			 102
-#define RSA_F_RSA_EAY_PUBLIC_DECRYPT			 103
-#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT			 104
-#define RSA_F_RSA_GENERATE_KEY				 105
-#define RSA_F_RSA_GENERATE_KEY_EX			 155
-#define RSA_F_RSA_ITEM_VERIFY				 156
-#define RSA_F_RSA_MEMORY_LOCK				 130
-#define RSA_F_RSA_NEW_METHOD				 106
-#define RSA_F_RSA_NULL					 124
-#define RSA_F_RSA_NULL_MOD_EXP				 131
-#define RSA_F_RSA_NULL_PRIVATE_DECRYPT			 132
-#define RSA_F_RSA_NULL_PRIVATE_ENCRYPT			 133
-#define RSA_F_RSA_NULL_PUBLIC_DECRYPT			 134
-#define RSA_F_RSA_NULL_PUBLIC_ENCRYPT			 135
-#define RSA_F_RSA_PADDING_ADD_NONE			 107
-#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP		 121
-#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS			 125
-#define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1		 148
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1		 108
-#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2		 109
-#define RSA_F_RSA_PADDING_ADD_SSLV23			 110
-#define RSA_F_RSA_PADDING_ADD_X931			 127
-#define RSA_F_RSA_PADDING_CHECK_NONE			 111
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP		 122
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1		 112
-#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2		 113
-#define RSA_F_RSA_PADDING_CHECK_SSLV23			 114
-#define RSA_F_RSA_PADDING_CHECK_X931			 128
-#define RSA_F_RSA_PRINT					 115
-#define RSA_F_RSA_PRINT_FP				 116
-#define RSA_F_RSA_PRIVATE_DECRYPT			 150
-#define RSA_F_RSA_PRIVATE_ENCRYPT			 151
-#define RSA_F_RSA_PRIV_DECODE				 137
-#define RSA_F_RSA_PRIV_ENCODE				 138
-#define RSA_F_RSA_PUBLIC_DECRYPT			 152
-#define RSA_F_RSA_PUBLIC_ENCRYPT			 153
-#define RSA_F_RSA_PUB_DECODE				 139
-#define RSA_F_RSA_SETUP_BLINDING			 136
-#define RSA_F_RSA_SIGN					 117
-#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING		 118
-#define RSA_F_RSA_VERIFY				 119
-#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING		 120
-#define RSA_F_RSA_VERIFY_PKCS1_PSS			 126
-#define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1			 149
-
-/* Reason codes. */
-#define RSA_R_ALGORITHM_MISMATCH			 100
-#define RSA_R_BAD_E_VALUE				 101
-#define RSA_R_BAD_FIXED_HEADER_DECRYPT			 102
-#define RSA_R_BAD_PAD_BYTE_COUNT			 103
-#define RSA_R_BAD_SIGNATURE				 104
-#define RSA_R_BLOCK_TYPE_IS_NOT_01			 106
-#define RSA_R_BLOCK_TYPE_IS_NOT_02			 107
-#define RSA_R_DATA_GREATER_THAN_MOD_LEN			 108
-#define RSA_R_DATA_TOO_LARGE				 109
-#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 110
-#define RSA_R_DATA_TOO_LARGE_FOR_MODULUS		 132
-#define RSA_R_DATA_TOO_SMALL				 111
-#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE		 122
-#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY		 112
-#define RSA_R_DMP1_NOT_CONGRUENT_TO_D			 124
-#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D			 125
-#define RSA_R_D_E_NOT_CONGRUENT_TO_1			 123
-#define RSA_R_FIRST_OCTET_INVALID			 133
-#define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE	 144
-#define RSA_R_INVALID_DIGEST_LENGTH			 143
-#define RSA_R_INVALID_HEADER				 137
-#define RSA_R_INVALID_KEYBITS				 145
-#define RSA_R_INVALID_MESSAGE_LENGTH			 131
-#define RSA_R_INVALID_MGF1_MD				 156
-#define RSA_R_INVALID_PADDING				 138
-#define RSA_R_INVALID_PADDING_MODE			 141
-#define RSA_R_INVALID_PSS_PARAMETERS			 149
-#define RSA_R_INVALID_PSS_SALTLEN			 146
-#define RSA_R_INVALID_SALT_LENGTH			 150
-#define RSA_R_INVALID_TRAILER				 139
-#define RSA_R_INVALID_X931_DIGEST			 142
-#define RSA_R_IQMP_NOT_INVERSE_OF_Q			 126
-#define RSA_R_KEY_SIZE_TOO_SMALL			 120
-#define RSA_R_LAST_OCTET_INVALID			 134
-#define RSA_R_MODULUS_TOO_LARGE				 105
-#define RSA_R_NON_FIPS_RSA_METHOD			 157
-#define RSA_R_NO_PUBLIC_EXPONENT			 140
-#define RSA_R_NULL_BEFORE_BLOCK_MISSING			 113
-#define RSA_R_N_DOES_NOT_EQUAL_P_Q			 127
-#define RSA_R_OAEP_DECODING_ERROR			 121
-#define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE	 158
-#define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE	 148
-#define RSA_R_PADDING_CHECK_FAILED			 114
-#define RSA_R_P_NOT_PRIME				 128
-#define RSA_R_Q_NOT_PRIME				 129
-#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED		 130
-#define RSA_R_SLEN_CHECK_FAILED				 136
-#define RSA_R_SLEN_RECOVERY_FAILED			 135
-#define RSA_R_SSLV3_ROLLBACK_ATTACK			 115
-#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
-#define RSA_R_UNKNOWN_ALGORITHM_TYPE			 117
-#define RSA_R_UNKNOWN_MASK_DIGEST			 151
-#define RSA_R_UNKNOWN_PADDING_TYPE			 118
-#define RSA_R_UNKNOWN_PSS_DIGEST			 152
-#define RSA_R_UNSUPPORTED_MASK_ALGORITHM		 153
-#define RSA_R_UNSUPPORTED_MASK_PARAMETER		 154
-#define RSA_R_UNSUPPORTED_SIGNATURE_TYPE		 155
-#define RSA_R_VALUE_MISSING				 147
-#define RSA_R_WRONG_SIGNATURE_LENGTH			 119
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/rsa/rsa_ameth.c b/lib/libssl/src/crypto/rsa/rsa_ameth.c
deleted file mode 100644
index b66c7492939..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_ameth.c
+++ /dev/null
@@ -1,675 +0,0 @@
-/* $OpenBSD: rsa_ameth.c,v 1.15 2015/12/03 23:03:10 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-
-#include "asn1_locl.h"
-
-static int
-rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
-{
-	unsigned char *penc = NULL;
-	int penclen;
-
-	penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
-	if (penclen <= 0)
-		return 0;
-	if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
-	    V_ASN1_NULL, NULL, penc, penclen))
-		return 1;
-
-	free(penc);
-	return 0;
-}
-
-static int
-rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
-{
-	const unsigned char *p;
-	int pklen;
-	RSA *rsa = NULL;
-
-	if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
-		return 0;
-	if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) {
-		RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
-		return 0;
-	}
-	EVP_PKEY_assign_RSA (pkey, rsa);
-	return 1;
-}
-
-static int
-rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
-{
-	if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0 ||
-	    BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
-		return 0;
-	return 1;
-}
-
-static int
-old_rsa_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen)
-{
-	RSA *rsa;
-
-	if (!(rsa = d2i_RSAPrivateKey (NULL, pder, derlen))) {
-		RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
-		return 0;
-	}
-	EVP_PKEY_assign_RSA(pkey, rsa);
-	return 1;
-}
-
-static int
-old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
-{
-	return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
-}
-
-static int
-rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
-{
-	unsigned char *rk = NULL;
-	int rklen;
-
-	rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
-
-	if (rklen <= 0) {
-		RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
-	    V_ASN1_NULL, NULL, rk, rklen)) {
-		RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
-{
-	const unsigned char *p;
-	int pklen;
-
-	if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
-		return 0;
-	return old_rsa_priv_decode(pkey, &p, pklen);
-}
-
-static int
-int_rsa_size(const EVP_PKEY *pkey)
-{
-	return RSA_size(pkey->pkey.rsa);
-}
-
-static int
-rsa_bits(const EVP_PKEY *pkey)
-{
-	return BN_num_bits(pkey->pkey.rsa->n);
-}
-
-static void
-int_rsa_free(EVP_PKEY *pkey)
-{
-	RSA_free(pkey->pkey.rsa);
-}
-
-static void
-update_buflen(const BIGNUM *b, size_t *pbuflen)
-{
-	size_t i;
-
-	if (!b)
-		return;
-	if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
-		*pbuflen = i;
-}
-
-static int
-do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
-{
-	char *str;
-	const char *s;
-	unsigned char *m = NULL;
-	int ret = 0, mod_len = 0;
-	size_t buf_len = 0;
-
-	update_buflen(x->n, &buf_len);
-	update_buflen(x->e, &buf_len);
-
-	if (priv) {
-		update_buflen(x->d, &buf_len);
-		update_buflen(x->p, &buf_len);
-		update_buflen(x->q, &buf_len);
-		update_buflen(x->dmp1, &buf_len);
-		update_buflen(x->dmq1, &buf_len);
-		update_buflen(x->iqmp, &buf_len);
-	}
-
-	m = malloc(buf_len + 10);
-	if (m == NULL) {
-		RSAerr(RSA_F_DO_RSA_PRINT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (x->n != NULL)
-		mod_len = BN_num_bits(x->n);
-
-	if (!BIO_indent(bp, off, 128))
-		goto err;
-
-	if (priv && x->d) {
-		if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len) <= 0)
-			goto err;
-		str = "modulus:";
-		s = "publicExponent:";
-	} else {
-		if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len) <= 0)
-			goto err;
-		str = "Modulus:";
-		s= "Exponent:";
-	}
-	if (!ASN1_bn_print(bp, str, x->n, m, off))
-		goto err;
-	if (!ASN1_bn_print(bp, s, x->e, m, off))
-		goto err;
-	if (priv) {
-		if (!ASN1_bn_print(bp, "privateExponent:", x->d,m, off))
-			goto err;
-		if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))
-			goto err;
-		if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))
-			goto err;
-		if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))
-			goto err;
-		if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))
-			goto err;
-		if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))
-			goto err;
-	}
-	ret = 1;
-err:
-	free(m);
-	return (ret);
-}
-
-static int
-rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
-}
-
-static int
-rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx)
-{
-	return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
-}
-
-static RSA_PSS_PARAMS *
-rsa_pss_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash)
-{
-	const unsigned char *p;
-	int plen;
-	RSA_PSS_PARAMS *pss;
-
-	*pmaskHash = NULL;
-
-	if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
-		return NULL;
-
-	p = alg->parameter->value.sequence->data;
-	plen = alg->parameter->value.sequence->length;
-	pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
-
-	if (!pss)
-		return NULL;
-
-	if (pss->maskGenAlgorithm) {
-		ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
-		if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1 &&
-		    param && param->type == V_ASN1_SEQUENCE) {
-			p = param->value.sequence->data;
-			plen = param->value.sequence->length;
-			*pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
-		}
-	}
-
-	return pss;
-}
-
-static int
-rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss, X509_ALGOR *maskHash,
-    int indent)
-{
-	int rv = 0;
-
-	if (!pss) {
-		if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
-			return 0;
-		return 1;
-	}
-	if (BIO_puts(bp, "\n") <= 0)
-		goto err;
-	if (!BIO_indent(bp, indent, 128))
-		goto err;
-	if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
-		goto err;
-
-	if (pss->hashAlgorithm) {
-		if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
-			goto err;
-	} else if (BIO_puts(bp, "sha1 (default)") <= 0)
-		goto err;
-
-	if (BIO_puts(bp, "\n") <= 0)
-		goto err;
-
-	if (!BIO_indent(bp, indent, 128))
-		goto err;
-
-	if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
-		goto err;
-	if (pss->maskGenAlgorithm) {
-		if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
-			goto err;
-		if (BIO_puts(bp, " with ") <= 0)
-			goto err;
-		if (maskHash) {
-			if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
-				goto err;
-		} else if (BIO_puts(bp, "INVALID") <= 0)
-			goto err;
-	} else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
-		goto err;
-	BIO_puts(bp, "\n");
-
-	if (!BIO_indent(bp, indent, 128))
-		goto err;
-	if (BIO_puts(bp, "Salt Length: 0x") <= 0)
-		goto err;
-	if (pss->saltLength) {
-		if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
-			goto err;
-	} else if (BIO_puts(bp, "14 (default)") <= 0)
-		goto err;
-	BIO_puts(bp, "\n");
-
-	if (!BIO_indent(bp, indent, 128))
-		goto err;
-	if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
-		goto err;
-	if (pss->trailerField) {
-		if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
-			goto err;
-	} else if (BIO_puts(bp, "BC (default)") <= 0)
-		goto err;
-	BIO_puts(bp, "\n");
-
-	rv = 1;
-
-err:
-	return rv;
-}
-
-static int
-rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, const ASN1_STRING *sig,
-    int indent, ASN1_PCTX *pctx)
-{
-	if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) {
-		int rv;
-		RSA_PSS_PARAMS *pss;
-		X509_ALGOR *maskHash;
-		pss = rsa_pss_decode(sigalg, &maskHash);
-		rv = rsa_pss_param_print(bp, pss, maskHash, indent);
-		if (pss)
-			RSA_PSS_PARAMS_free(pss);
-		if (maskHash)
-			X509_ALGOR_free(maskHash);
-		if (!rv)
-			return 0;
-	} else if (!sig && BIO_puts(bp, "\n") <= 0)
-		return 0;
-	if (sig)
-		return X509_signature_dump(bp, sig, indent);
-	return 1;
-}
-
-static int
-rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
-{
-	X509_ALGOR *alg = NULL;
-
-	switch (op) {
-	case ASN1_PKEY_CTRL_PKCS7_SIGN:
-		if (arg1 == 0)
-			PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
-		break;
-
-	case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
-		if (arg1 == 0)
-			PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
-		break;
-#ifndef OPENSSL_NO_CMS
-	case ASN1_PKEY_CTRL_CMS_SIGN:
-		if (arg1 == 0)
-			CMS_SignerInfo_get0_algs(arg2, NULL, NULL, NULL, &alg);
-		break;
-
-	case ASN1_PKEY_CTRL_CMS_ENVELOPE:
-		if (arg1 == 0)
-			CMS_RecipientInfo_ktri_get0_algs(arg2, NULL, NULL, &alg);
-		break;
-#endif
-
-	case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
-		*(int *)arg2 = NID_sha1;
-		return 1;
-
-	default:
-		return -2;
-	}
-
-	if (alg)
-		X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption),
-		    V_ASN1_NULL, 0);
-
-	return 1;
-}
-
-/* Customised RSA item verification routine. This is called
- * when a signature is encountered requiring special handling. We
- * currently only handle PSS.
- */
-static int
-rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-    X509_ALGOR *sigalg, ASN1_BIT_STRING *sig, EVP_PKEY *pkey)
-{
-	int rv = -1;
-	int saltlen;
-	const EVP_MD *mgf1md = NULL, *md = NULL;
-	RSA_PSS_PARAMS *pss;
-	X509_ALGOR *maskHash;
-	EVP_PKEY_CTX *pkctx;
-
-	/* Sanity check: make sure it is PSS */
-	if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
-		RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
-		return -1;
-	}
-
-	/* Decode PSS parameters */
-	pss = rsa_pss_decode(sigalg, &maskHash);
-
-	if (pss == NULL) {
-		RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_PSS_PARAMETERS);
-		goto err;
-	}
-	/* Check mask and lookup mask hash algorithm */
-	if (pss->maskGenAlgorithm) {
-		if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) != NID_mgf1) {
-			RSAerr(RSA_F_RSA_ITEM_VERIFY,
-			    RSA_R_UNSUPPORTED_MASK_ALGORITHM);
-			goto err;
-		}
-		if (!maskHash) {
-			RSAerr(RSA_F_RSA_ITEM_VERIFY,
-			    RSA_R_UNSUPPORTED_MASK_PARAMETER);
-			goto err;
-		}
-		mgf1md = EVP_get_digestbyobj(maskHash->algorithm);
-		if (mgf1md == NULL) {
-			RSAerr(RSA_F_RSA_ITEM_VERIFY,
-			    RSA_R_UNKNOWN_MASK_DIGEST);
-			goto err;
-		}
-	} else
-		mgf1md = EVP_sha1();
-
-	if (pss->hashAlgorithm) {
-		md = EVP_get_digestbyobj(pss->hashAlgorithm->algorithm);
-		if (md == NULL) {
-			RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNKNOWN_PSS_DIGEST);
-			goto err;
-		}
-	} else
-		md = EVP_sha1();
-
-	if (pss->saltLength) {
-		saltlen = ASN1_INTEGER_get(pss->saltLength);
-
-		/* Could perform more salt length sanity checks but the main
-		 * RSA routines will trap other invalid values anyway.
-		 */
-		if (saltlen < 0) {
-			RSAerr(RSA_F_RSA_ITEM_VERIFY,
-			    RSA_R_INVALID_SALT_LENGTH);
-			goto err;
-		}
-	} else
-		saltlen = 20;
-
-	/* low-level routines support only trailer field 0xbc (value 1)
-	 * and PKCS#1 says we should reject any other value anyway.
-	 */
-	if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) {
-		RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_INVALID_TRAILER);
-		goto err;
-	}
-
-	/* We have all parameters now set up context */
-
-	if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
-		goto err;
-
-	if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
-		goto err;
-
-	if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
-		goto err;
-	/* Carry on */
-	rv = 2;
-
-err:
-	RSA_PSS_PARAMS_free(pss);
-	if (maskHash)
-		X509_ALGOR_free(maskHash);
-	return rv;
-}
-
-static int
-rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
-    X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig)
-{
-	int pad_mode;
-	EVP_PKEY_CTX *pkctx = ctx->pctx;
-
-	if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
-		return 0;
-	if (pad_mode == RSA_PKCS1_PADDING)
-		return 2;
-	if (pad_mode == RSA_PKCS1_PSS_PADDING) {
-		const EVP_MD *sigmd, *mgf1md;
-		RSA_PSS_PARAMS *pss = NULL;
-		X509_ALGOR *mgf1alg = NULL;
-		ASN1_STRING *os1 = NULL, *os2 = NULL;
-		EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
-		int saltlen, rv = 0;
-
-		sigmd = EVP_MD_CTX_md(ctx);
-		if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
-			goto err;
-		if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
-			goto err;
-		if (saltlen == -1)
-			saltlen = EVP_MD_size(sigmd);
-		else if (saltlen == -2) {
-			saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
-			if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
-				saltlen--;
-		}
-		pss = RSA_PSS_PARAMS_new();
-		if (!pss)
-			goto err;
-		if (saltlen != 20) {
-			pss->saltLength = ASN1_INTEGER_new();
-			if (!pss->saltLength)
-				goto err;
-			if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
-				goto err;
-		}
-		if (EVP_MD_type(sigmd) != NID_sha1) {
-			pss->hashAlgorithm = X509_ALGOR_new();
-			if (!pss->hashAlgorithm)
-				goto err;
-			X509_ALGOR_set_md(pss->hashAlgorithm, sigmd);
-		}
-		if (EVP_MD_type(mgf1md) != NID_sha1) {
-			ASN1_STRING *stmp = NULL;
-			/* need to embed algorithm ID inside another */
-			mgf1alg = X509_ALGOR_new();
-			X509_ALGOR_set_md(mgf1alg, mgf1md);
-			if (!ASN1_item_pack(mgf1alg, ASN1_ITEM_rptr(X509_ALGOR),
-			    &stmp))
-				goto err;
-			pss->maskGenAlgorithm = X509_ALGOR_new();
-			if (!pss->maskGenAlgorithm)
-				goto err;
-			X509_ALGOR_set0(pss->maskGenAlgorithm,
-			    OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
-		}
-		/* Finally create string with pss parameter encoding. */
-		if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os1))
-			goto err;
-		if (alg2) {
-			os2 = ASN1_STRING_dup(os1);
-			if (!os2)
-				goto err;
-			X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss),
-			    V_ASN1_SEQUENCE, os2);
-		}
-		X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss),
-		    V_ASN1_SEQUENCE, os1);
-		os1 = os2 = NULL;
-		rv = 3;
-err:
-		if (mgf1alg)
-			X509_ALGOR_free(mgf1alg);
-		if (pss)
-			RSA_PSS_PARAMS_free(pss);
-		ASN1_STRING_free(os1);
-		return rv;
-	}
-	return 2;
-}
-
-const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
-	{
-		.pkey_id = EVP_PKEY_RSA,
-		.pkey_base_id = EVP_PKEY_RSA,
-		.pkey_flags = ASN1_PKEY_SIGPARAM_NULL,
-
-		.pem_str = "RSA",
-		.info = "OpenSSL RSA method",
-
-		.pub_decode = rsa_pub_decode,
-		.pub_encode = rsa_pub_encode,
-		.pub_cmp = rsa_pub_cmp,
-		.pub_print = rsa_pub_print,
-
-		.priv_decode = rsa_priv_decode,
-		.priv_encode = rsa_priv_encode,
-		.priv_print = rsa_priv_print,
-
-		.pkey_size = int_rsa_size,
-		.pkey_bits = rsa_bits,
-
-		.sig_print = rsa_sig_print,
-
-		.pkey_free = int_rsa_free,
-		.pkey_ctrl = rsa_pkey_ctrl,
-		.old_priv_decode = old_rsa_priv_decode,
-		.old_priv_encode = old_rsa_priv_encode,
-		.item_verify = rsa_item_verify,
-		.item_sign = rsa_item_sign
-	},
-
-	{
-		.pkey_id = EVP_PKEY_RSA2,
-		.pkey_base_id = EVP_PKEY_RSA,
-		.pkey_flags = ASN1_PKEY_ALIAS
-	}
-};
diff --git a/lib/libssl/src/crypto/rsa/rsa_asn1.c b/lib/libssl/src/crypto/rsa/rsa_asn1.c
deleted file mode 100644
index 27afdece008..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_asn1.c
+++ /dev/null
@@ -1,308 +0,0 @@
-/* $OpenBSD: rsa_asn1.c,v 1.12 2015/02/14 15:06:55 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2000.
- */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-/* Override the default free and new methods */
-static int
-rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	if (operation == ASN1_OP_NEW_PRE) {
-		*pval = (ASN1_VALUE *)RSA_new();
-		if (*pval)
-			return 2;
-		return 0;
-	} else if (operation == ASN1_OP_FREE_PRE) {
-		RSA_free((RSA *)*pval);
-		*pval = NULL;
-		return 2;
-	}
-	return 1;
-}
-
-static const ASN1_AUX RSAPrivateKey_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = rsa_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE RSAPrivateKey_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, version),
-		.field_name = "version",
-		.item = &LONG_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, n),
-		.field_name = "n",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, e),
-		.field_name = "e",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, d),
-		.field_name = "d",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, p),
-		.field_name = "p",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, q),
-		.field_name = "q",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, dmp1),
-		.field_name = "dmp1",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, dmq1),
-		.field_name = "dmq1",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, iqmp),
-		.field_name = "iqmp",
-		.item = &BIGNUM_it,
-	},
-};
-
-const ASN1_ITEM RSAPrivateKey_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = RSAPrivateKey_seq_tt,
-	.tcount = sizeof(RSAPrivateKey_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &RSAPrivateKey_aux,
-	.size = sizeof(RSA),
-	.sname = "RSA",
-};
-
-
-static const ASN1_AUX RSAPublicKey_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = rsa_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE RSAPublicKey_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, n),
-		.field_name = "n",
-		.item = &BIGNUM_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(RSA, e),
-		.field_name = "e",
-		.item = &BIGNUM_it,
-	},
-};
-
-const ASN1_ITEM RSAPublicKey_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = RSAPublicKey_seq_tt,
-	.tcount = sizeof(RSAPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &RSAPublicKey_aux,
-	.size = sizeof(RSA),
-	.sname = "RSA",
-};
-
-static const ASN1_TEMPLATE RSA_PSS_PARAMS_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(RSA_PSS_PARAMS, hashAlgorithm),
-		.field_name = "hashAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(RSA_PSS_PARAMS, maskGenAlgorithm),
-		.field_name = "maskGenAlgorithm",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(RSA_PSS_PARAMS, saltLength),
-		.field_name = "saltLength",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 3,
-		.offset = offsetof(RSA_PSS_PARAMS, trailerField),
-		.field_name = "trailerField",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM RSA_PSS_PARAMS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = RSA_PSS_PARAMS_seq_tt,
-	.tcount = sizeof(RSA_PSS_PARAMS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(RSA_PSS_PARAMS),
-	.sname = "RSA_PSS_PARAMS",
-};
-
-
-RSA_PSS_PARAMS *
-d2i_RSA_PSS_PARAMS(RSA_PSS_PARAMS **a, const unsigned char **in, long len)
-{
-	return (RSA_PSS_PARAMS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &RSA_PSS_PARAMS_it);
-}
-
-int
-i2d_RSA_PSS_PARAMS(RSA_PSS_PARAMS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSA_PSS_PARAMS_it);
-}
-
-RSA_PSS_PARAMS *
-RSA_PSS_PARAMS_new(void)
-{
-	return (RSA_PSS_PARAMS *)ASN1_item_new(&RSA_PSS_PARAMS_it);
-}
-
-void
-RSA_PSS_PARAMS_free(RSA_PSS_PARAMS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &RSA_PSS_PARAMS_it);
-}
-
-
-RSA *
-d2i_RSAPrivateKey(RSA **a, const unsigned char **in, long len)
-{
-	return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &RSAPrivateKey_it);
-}
-
-int
-i2d_RSAPrivateKey(const RSA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPrivateKey_it);
-}
-
-
-RSA *
-d2i_RSAPublicKey(RSA **a, const unsigned char **in, long len)
-{
-	return (RSA *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &RSAPublicKey_it);
-}
-
-int
-i2d_RSAPublicKey(const RSA *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &RSAPublicKey_it);
-}
-
-RSA *
-RSAPublicKey_dup(RSA *rsa)
-{
-	return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
-}
-
-RSA *
-RSAPrivateKey_dup(RSA *rsa)
-{
-	return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_chk.c b/lib/libssl/src/crypto/rsa/rsa_chk.c
deleted file mode 100644
index c247a8d80e8..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_chk.c
+++ /dev/null
@@ -1,213 +0,0 @@
-/* $OpenBSD: rsa_chk.c,v 1.9 2014/07/10 07:43:11 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- */
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int
-RSA_check_key(const RSA *key)
-{
-	BIGNUM *i, *j, *k, *l, *m;
-	BN_CTX *ctx;
-	int r;
-	int ret = 1;
-
-	if (!key->p || !key->q || !key->n || !key->e || !key->d) {
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
-		return 0;
-	}
-
-	i = BN_new();
-	j = BN_new();
-	k = BN_new();
-	l = BN_new();
-	m = BN_new();
-	ctx = BN_CTX_new();
-	if (i == NULL || j == NULL || k == NULL || l == NULL || m == NULL ||
-	    ctx == NULL) {
-		ret = -1;
-		RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* p prime? */
-	r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
-	if (r != 1) {
-		ret = r;
-		if (r != 0)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
-	}
-
-	/* q prime? */
-	r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL);
-	if (r != 1) {
-		ret = r;
-		if (r != 0)
-			goto err;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
-	}
-
-	/* n = p*q? */
-	r = BN_mul(i, key->p, key->q, ctx);
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-
-	if (BN_cmp(i, key->n) != 0) {
-		ret = 0;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
-	}
-
-	/* d*e = 1  mod lcm(p-1,q-1)? */
-
-	r = BN_sub(i, key->p, BN_value_one());
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-	r = BN_sub(j, key->q, BN_value_one());
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-
-	/* now compute k = lcm(i,j) */
-	r = BN_mul(l, i, j, ctx);
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-	r = BN_gcd(m, i, j, ctx);
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-	r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-
-	r = BN_mod_mul(i, key->d, key->e, k, ctx);
-	if (!r) {
-		ret = -1;
-		goto err;
-	}
-
-	if (!BN_is_one(i)) {
-		ret = 0;
-		RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
-	}
-
-	if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
-		/* dmp1 = d mod (p-1)? */
-		r = BN_sub(i, key->p, BN_value_one());
-		if (!r) {
-			ret = -1;
-			goto err;
-		}
-
-		r = BN_mod(j, key->d, i, ctx);
-		if (!r) {
-			ret = -1;
-			goto err;
-		}
-
-		if (BN_cmp(j, key->dmp1) != 0) {
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-			    RSA_R_DMP1_NOT_CONGRUENT_TO_D);
-		}
-
-		/* dmq1 = d mod (q-1)? */
-		r = BN_sub(i, key->q, BN_value_one());
-		if (!r) {
-			ret = -1;
-			goto err;
-		}
-
-		r = BN_mod(j, key->d, i, ctx);
-		if (!r) {
-			ret = -1;
-			goto err;
-		}
-
-		if (BN_cmp(j, key->dmq1) != 0) {
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-			    RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
-		}
-
-		/* iqmp = q^-1 mod p? */
-		if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
-			ret = -1;
-			goto err;
-		}
-
-		if (BN_cmp(i, key->iqmp) != 0) {
-			ret = 0;
-			RSAerr(RSA_F_RSA_CHECK_KEY,
-			    RSA_R_IQMP_NOT_INVERSE_OF_Q);
-		}
-	}
-
-err:
-	BN_free(i);
-	BN_free(j);
-	BN_free(k);
-	BN_free(l);
-	BN_free(m);
-	BN_CTX_free(ctx);
-
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_crpt.c b/lib/libssl/src/crypto/rsa/rsa_crpt.c
deleted file mode 100644
index ccb677c12b0..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_crpt.c
+++ /dev/null
@@ -1,214 +0,0 @@
-/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/rsa.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-int
-RSA_size(const RSA *r)
-{
-	return BN_num_bytes(r->n);
-}
-
-int
-RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	return rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding);
-}
-
-int
-RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	return rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding);
-}
-
-int
-RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	return rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding);
-}
-
-int
-RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	return rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding);
-}
-
-int
-RSA_flags(const RSA *r)
-{
-	return r == NULL ? 0 : r->meth->flags;
-}
-
-void
-RSA_blinding_off(RSA *rsa)
-{
-	BN_BLINDING_free(rsa->blinding);
-	rsa->blinding = NULL;
-	rsa->flags |= RSA_FLAG_NO_BLINDING;
-}
-
-int
-RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
-{
-	int ret = 0;
-
-	if (rsa->blinding != NULL)
-		RSA_blinding_off(rsa);
-
-	rsa->blinding = RSA_setup_blinding(rsa, ctx);
-	if (rsa->blinding == NULL)
-		goto err;
-
-	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-	ret = 1;
-err:
-	return (ret);
-}
-
-static BIGNUM *
-rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
-    BN_CTX *ctx)
-{
-	BIGNUM *ret = NULL, *r0, *r1, *r2;
-
-	if (d == NULL || p == NULL || q == NULL)
-		return NULL;
-
-	BN_CTX_start(ctx);
-	if ((r0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	if (!BN_sub(r1, p, BN_value_one()))
-		goto err;
-	if (!BN_sub(r2, q, BN_value_one()))
-		goto err;
-	if (!BN_mul(r0, r1, r2, ctx))
-		goto err;
-
-	ret = BN_mod_inverse(NULL, d, r0, ctx);
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-BN_BLINDING *
-RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
-{
-	BIGNUM *e;
-	BIGNUM n;
-	BN_CTX *ctx;
-	BN_BLINDING *ret = NULL;
-
-	if (in_ctx == NULL) {
-		if ((ctx = BN_CTX_new()) == NULL)
-			return 0;
-	} else
-		ctx = in_ctx;
-
-	BN_CTX_start(ctx);
-
-	if (rsa->e == NULL) {
-		e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
-		if (e == NULL) {
-			RSAerr(RSA_F_RSA_SETUP_BLINDING,
-			    RSA_R_NO_PUBLIC_EXPONENT);
-			goto err;
-		}
-	} else
-		e = rsa->e;
-
-	BN_init(&n);
-	BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
-
-	ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp,
-	    rsa->_method_mod_n);
-
-	if (ret == NULL) {
-		RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
-		goto err;
-	}
-	CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
-err:
-	BN_CTX_end(ctx);
-	if (in_ctx == NULL)
-		BN_CTX_free(ctx);
-	if (rsa->e == NULL)
-		BN_free(e);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_depr.c b/lib/libssl/src/crypto/rsa/rsa_depr.c
deleted file mode 100644
index b830a2293c4..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_depr.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* $OpenBSD: rsa_depr.c,v 1.8 2014/07/11 08:44:49 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NB: This file contains deprecated functions (compatibility wrappers to the
- * "new" versions). */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-
-RSA *
-RSA_generate_key(int bits, unsigned long e_value,
-    void (*callback)(int, int, void *), void *cb_arg)
-{
-	BN_GENCB cb;
-	int i;
-	RSA *rsa = RSA_new();
-	BIGNUM *e = BN_new();
-
-	if (!rsa || !e)
-		goto err;
-
-	/* The problem is when building with 8, 16, or 32 BN_ULONG,
-	 * unsigned long can be larger */
-	for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) {
-		if (e_value & (1UL << i))
-			if (BN_set_bit(e, i) == 0)
-				goto err;
-	}
-
-	BN_GENCB_set_old(&cb, callback, cb_arg);
-
-	if (RSA_generate_key_ex(rsa, bits, e, &cb)) {
-		BN_free(e);
-		return rsa;
-	}
-err:
-	BN_free(e);
-	RSA_free(rsa);
-
-	return 0;
-}
-#endif
diff --git a/lib/libssl/src/crypto/rsa/rsa_eay.c b/lib/libssl/src/crypto/rsa/rsa_eay.c
deleted file mode 100644
index 2facd1c6f6a..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ /dev/null
@@ -1,888 +0,0 @@
-/* $OpenBSD: rsa_eay.c,v 1.42 2016/07/07 11:53:12 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
-static int RSA_eay_init(RSA *rsa);
-static int RSA_eay_finish(RSA *rsa);
-
-static RSA_METHOD rsa_pkcs1_eay_meth = {
-	.name = "Eric Young's PKCS#1 RSA",
-	.rsa_pub_enc = RSA_eay_public_encrypt,
-	.rsa_pub_dec = RSA_eay_public_decrypt, /* signature verification */
-	.rsa_priv_enc = RSA_eay_private_encrypt, /* signing */
-	.rsa_priv_dec = RSA_eay_private_decrypt,
-	.rsa_mod_exp = RSA_eay_mod_exp,
-	.bn_mod_exp = BN_mod_exp_mont, /* XXX probably we should not use Montgomery if  e == 3 */
-	.init = RSA_eay_init,
-	.finish = RSA_eay_finish,
-};
-
-const RSA_METHOD *
-RSA_PKCS1_SSLeay(void)
-{
-	return &rsa_pkcs1_eay_meth;
-}
-
-static int
-RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	BIGNUM *f, *ret;
-	int i, j, k, num = 0, r = -1;
-	unsigned char *buf = NULL;
-	BN_CTX *ctx = NULL;
-
-	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
-		return -1;
-	}
-
-	if (BN_ucmp(rsa->n, rsa->e) <= 0) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
-		return -1;
-	}
-
-	/* for large moduli, enforce exponent limit */
-	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
-		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
-			RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
-			return -1;
-		}
-	}
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
-	ret = BN_CTX_get(ctx);
-	num = BN_num_bytes(rsa->n);
-	buf = malloc(num);
-
-	if (f == NULL || ret == NULL || buf == NULL) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	switch (padding) {
-	case RSA_PKCS1_PADDING:
-		i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen);
-		break;
-#ifndef OPENSSL_NO_SHA
-	case RSA_PKCS1_OAEP_PADDING:
-		i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
-		break;
-#endif
-	case RSA_SSLV23_PADDING:
-		i = RSA_padding_add_SSLv23(buf, num, from, flen);
-		break;
-	case RSA_NO_PADDING:
-		i = RSA_padding_add_none(buf, num, from, flen);
-		break;
-	default:
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,
-		    RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (i <= 0)
-		goto err;
-
-	if (BN_bin2bn(buf, num, f) == NULL)
-		goto err;
-
-	if (BN_ucmp(f, rsa->n) >= 0) {
-		/* usually the padding functions would catch this */
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,
-		    RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-		goto err;
-	}
-
-	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-		    CRYPTO_LOCK_RSA, rsa->n, ctx))
-			goto err;
-
-	if (!rsa->meth->bn_mod_exp(ret, f,rsa->e, rsa->n, ctx,
-	    rsa->_method_mod_n))
-		goto err;
-
-	/* put in leading 0 bytes if the number is less than the
-	 * length of the modulus */
-	j = BN_num_bytes(ret);
-	i = BN_bn2bin(ret, &(to[num - j]));
-	for (k = 0; k < num - i; k++)
-		to[k] = 0;
-
-	r = num;
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	if (buf != NULL) {
-		explicit_bzero(buf, num);
-		free(buf);
-	}
-	return r;
-}
-
-static BN_BLINDING *
-rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
-{
-	BN_BLINDING *ret;
-	int got_write_lock = 0;
-	CRYPTO_THREADID cur;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_RSA);
-
-	if (rsa->blinding == NULL) {
-		CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-		CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-		got_write_lock = 1;
-
-		if (rsa->blinding == NULL)
-			rsa->blinding = RSA_setup_blinding(rsa, ctx);
-	}
-
-	ret = rsa->blinding;
-	if (ret == NULL)
-		goto err;
-
-	CRYPTO_THREADID_current(&cur);
-	if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) {
-		/* rsa->blinding is ours! */
-		*local = 1;
-	} else {
-		/* resort to rsa->mt_blinding instead */
-		/*
-		 * Instruct rsa_blinding_convert(), rsa_blinding_invert()
-		 * that the BN_BLINDING is shared, meaning that accesses
-		 * require locks, and that the blinding factor must be
-		 * stored outside the BN_BLINDING
-		 */
-		*local = 0;
-
-		if (rsa->mt_blinding == NULL) {
-			if (!got_write_lock) {
-				CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-				CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-				got_write_lock = 1;
-			}
-
-			if (rsa->mt_blinding == NULL)
-				rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
-		}
-		ret = rsa->mt_blinding;
-	}
-
-err:
-	if (got_write_lock)
-		CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-	else
-		CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
-	return ret;
-}
-
-static int
-rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, BN_CTX *ctx)
-{
-	if (unblind == NULL)
-		/*
-		 * Local blinding: store the unblinding factor
-		 * in BN_BLINDING.
-		 */
-		return BN_BLINDING_convert_ex(f, NULL, b, ctx);
-	else {
-		/*
-		 * Shared blinding: store the unblinding factor
-		 * outside BN_BLINDING.
-		 */
-		int ret;
-		CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);
-		ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
-		CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);
-		return ret;
-	}
-}
-
-static int
-rsa_blinding_invert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind, BN_CTX *ctx)
-{
-	/*
-	 * For local blinding, unblind is set to NULL, and BN_BLINDING_invert_ex
-	 * will use the unblinding factor stored in BN_BLINDING.
-	 * If BN_BLINDING is shared between threads, unblind must be non-null:
-	 * BN_BLINDING_invert_ex will then use the local unblinding factor,
-	 * and will only read the modulus from BN_BLINDING.
-	 * In both cases it's safe to access the blinding without a lock.
-	 */
-	return BN_BLINDING_invert_ex(f, unblind, b, ctx);
-}
-
-/* signing */
-static int
-RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	BIGNUM *f, *ret, *res;
-	int i, j, k, num = 0, r = -1;
-	unsigned char *buf = NULL;
-	BN_CTX *ctx = NULL;
-	int local_blinding = 0;
-	/*
-	 * Used only if the blinding structure is shared. A non-NULL unblind
-	 * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
-	 * the unblinding factor outside the blinding structure.
-	 */
-	BIGNUM *unblind = NULL;
-	BN_BLINDING *blinding = NULL;
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
-	ret = BN_CTX_get(ctx);
-	num = BN_num_bytes(rsa->n);
-	buf = malloc(num);
-
-	if (f == NULL || ret == NULL || buf == NULL) {
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	switch (padding) {
-	case RSA_PKCS1_PADDING:
-		i = RSA_padding_add_PKCS1_type_1(buf, num, from, flen);
-		break;
-	case RSA_X931_PADDING:
-		i = RSA_padding_add_X931(buf, num, from, flen);
-		break;
-	case RSA_NO_PADDING:
-		i = RSA_padding_add_none(buf, num, from, flen);
-		break;
-	case RSA_SSLV23_PADDING:
-	default:
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
-		    RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (i <= 0)
-		goto err;
-
-	if (BN_bin2bn(buf, num, f) == NULL)
-		goto err;
-
-	if (BN_ucmp(f, rsa->n) >= 0) {
-		/* usually the padding functions would catch this */
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
-		    RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-		goto err;
-	}
-
-	if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
-		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
-		if (blinding == NULL) {
-			RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-	}
-
-	if (blinding != NULL) {
-		if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
-			RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!rsa_blinding_convert(blinding, f, unblind, ctx))
-			goto err;
-	}
-
-	if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
-	    (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL &&
-	    rsa->dmq1 != NULL && rsa->iqmp != NULL)) {
-		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
-			goto err;
-	} else {
-		BIGNUM d;
-
-		BN_init(&d);
-		BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
-
-		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-			    CRYPTO_LOCK_RSA, rsa->n, ctx))
-				goto err;
-
-		if (!rsa->meth->bn_mod_exp(ret, f, &d, rsa->n, ctx,
-		    rsa->_method_mod_n)) {
-			goto err;
-		}
-	}
-
-	if (blinding)
-		if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
-			goto err;
-
-	if (padding == RSA_X931_PADDING) {
-		BN_sub(f, rsa->n, ret);
-		if (BN_cmp(ret, f) > 0)
-			res = f;
-		else
-			res = ret;
-	} else
-		res = ret;
-
-	/* put in leading 0 bytes if the number is less than the
-	 * length of the modulus */
-	j = BN_num_bytes(res);
-	i = BN_bn2bin(res, &(to[num - j]));
-	for (k = 0; k < num - i; k++)
-		to[k] = 0;
-
-	r = num;
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	if (buf != NULL) {
-		explicit_bzero(buf, num);
-		free(buf);
-	}
-	return r;
-}
-
-static int
-RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	BIGNUM *f, *ret;
-	int j, num = 0, r = -1;
-	unsigned char *p;
-	unsigned char *buf = NULL;
-	BN_CTX *ctx = NULL;
-	int local_blinding = 0;
-	/*
-	 * Used only if the blinding structure is shared. A non-NULL unblind
-	 * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
-	 * the unblinding factor outside the blinding structure.
-	 */
-	BIGNUM *unblind = NULL;
-	BN_BLINDING *blinding = NULL;
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
-	ret = BN_CTX_get(ctx);
-	num = BN_num_bytes(rsa->n);
-	buf = malloc(num);
-
-	if (!f || !ret || !buf) {
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* This check was for equality but PGP does evil things
-	 * and chops off the top '0' bytes */
-	if (flen > num) {
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-		    RSA_R_DATA_GREATER_THAN_MOD_LEN);
-		goto err;
-	}
-
-	/* make data into a big number */
-	if (BN_bin2bn(from, (int)flen, f) == NULL)
-		goto err;
-
-	if (BN_ucmp(f, rsa->n) >= 0) {
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-		    RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-		goto err;
-	}
-
-	if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
-		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
-		if (blinding == NULL) {
-			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-	}
-
-	if (blinding != NULL) {
-		if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
-			RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (!rsa_blinding_convert(blinding, f, unblind, ctx))
-			goto err;
-	}
-
-	/* do the decrypt */
-	if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
-	    (rsa->p != NULL && rsa->q != NULL && rsa->dmp1 != NULL &&
-	    rsa->dmq1 != NULL && rsa->iqmp != NULL)) {
-		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
-			goto err;
-	} else {
-		BIGNUM d;
-
-		BN_init(&d);
-		BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
-
-		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-			    CRYPTO_LOCK_RSA, rsa->n, ctx))
-				goto err;
-
-		if (!rsa->meth->bn_mod_exp(ret, f, &d, rsa->n, ctx,
-		    rsa->_method_mod_n)) {
-			goto err;
-		}
-	}
-
-	if (blinding)
-		if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
-			goto err;
-
-	p = buf;
-	j = BN_bn2bin(ret, p); /* j is only used with no-padding mode */
-
-	switch (padding) {
-	case RSA_PKCS1_PADDING:
-		r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num);
-		break;
-#ifndef OPENSSL_NO_SHA
-	case RSA_PKCS1_OAEP_PADDING:
-		r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
-		break;
-#endif
-	case RSA_SSLV23_PADDING:
-		r = RSA_padding_check_SSLv23(to, num, buf, j, num);
-		break;
-	case RSA_NO_PADDING:
-		r = RSA_padding_check_none(to, num, buf, j, num);
-		break;
-	default:
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-		    RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (r < 0)
-		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
-		    RSA_R_PADDING_CHECK_FAILED);
-
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	if (buf != NULL) {
-		explicit_bzero(buf, num);
-		free(buf);
-	}
-	return r;
-}
-
-/* signature verification */
-static int
-RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
-    RSA *rsa, int padding)
-{
-	BIGNUM *f, *ret;
-	int i, num = 0, r = -1;
-	unsigned char *p;
-	unsigned char *buf = NULL;
-	BN_CTX *ctx = NULL;
-
-	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
-		return -1;
-	}
-
-	if (BN_ucmp(rsa->n, rsa->e) <= 0) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
-		return -1;
-	}
-
-	/* for large moduli, enforce exponent limit */
-	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
-		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
-			RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
-			return -1;
-		}
-	}
-
-	if ((ctx = BN_CTX_new()) == NULL)
-		goto err;
-
-	BN_CTX_start(ctx);
-	f = BN_CTX_get(ctx);
-	ret = BN_CTX_get(ctx);
-	num = BN_num_bytes(rsa->n);
-	buf = malloc(num);
-
-	if (!f || !ret || !buf) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* This check was for equality but PGP does evil things
-	 * and chops off the top '0' bytes */
-	if (flen > num) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
-		    RSA_R_DATA_GREATER_THAN_MOD_LEN);
-		goto err;
-	}
-
-	if (BN_bin2bn(from, flen, f) == NULL)
-		goto err;
-
-	if (BN_ucmp(f, rsa->n) >= 0) {
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
-		    RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
-		goto err;
-	}
-
-	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-		    CRYPTO_LOCK_RSA, rsa->n, ctx))
-			goto err;
-
-	if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
-	    rsa->_method_mod_n))
-		goto err;
-
-	if (padding == RSA_X931_PADDING && (ret->d[0] & 0xf) != 12)
-		if (!BN_sub(ret, rsa->n, ret))
-			goto err;
-
-	p = buf;
-	i = BN_bn2bin(ret, p);
-
-	switch (padding) {
-	case RSA_PKCS1_PADDING:
-		r = RSA_padding_check_PKCS1_type_1(to, num, buf, i, num);
-		break;
-	case RSA_X931_PADDING:
-		r = RSA_padding_check_X931(to, num, buf, i, num);
-		break;
-	case RSA_NO_PADDING:
-		r = RSA_padding_check_none(to, num, buf, i, num);
-		break;
-	default:
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
-		    RSA_R_UNKNOWN_PADDING_TYPE);
-		goto err;
-	}
-	if (r < 0)
-		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
-		    RSA_R_PADDING_CHECK_FAILED);
-
-err:
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-	if (buf != NULL) {
-		explicit_bzero(buf, num);
-		free(buf);
-	}
-	return r;
-}
-
-static int
-RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
-{
-	BIGNUM *r1, *m1, *vrfy;
-	BIGNUM dmp1, dmq1, c, pr1;
-	int ret = 0;
-
-	BN_CTX_start(ctx);
-	r1 = BN_CTX_get(ctx);
-	m1 = BN_CTX_get(ctx);
-	vrfy = BN_CTX_get(ctx);
-	if (r1 == NULL || m1 == NULL || vrfy == NULL) {
-		RSAerr(RSA_F_RSA_EAY_MOD_EXP, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	{
-		BIGNUM p, q;
-
-		/*
-		 * Make sure BN_mod_inverse in Montgomery intialization uses the
-		 * BN_FLG_CONSTTIME flag
-		 */
-		BN_init(&p);
-		BN_init(&q);
-		BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
-		BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME);
-
-		if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
-			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p,
-			     CRYPTO_LOCK_RSA, &p, ctx) ||
-			    !BN_MONT_CTX_set_locked(&rsa->_method_mod_q,
-			     CRYPTO_LOCK_RSA, &q, ctx)) {
-				goto err;
-			}
-		}
-	}
-
-	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
-		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n,
-		    CRYPTO_LOCK_RSA, rsa->n, ctx))
-			goto err;
-
-	/* compute I mod q */
-	BN_init(&c);
-	BN_with_flags(&c, I, BN_FLG_CONSTTIME);
-
-	if (!BN_mod(r1, &c, rsa->q, ctx))
-		goto err;
-
-	/* compute r1^dmq1 mod q */
-	BN_init(&dmq1);
-	BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
-
-	if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx,
-	    rsa->_method_mod_q))
-		goto err;
-
-	/* compute I mod p */
-	BN_with_flags(&c, I, BN_FLG_CONSTTIME);
-
-	if (!BN_mod(r1, &c, rsa->p, ctx))
-		goto err;
-
-	/* compute r1^dmp1 mod p */
-	BN_init(&dmp1);
-	BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
-
-	if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx,
-	    rsa->_method_mod_p))
-		goto err;
-
-	if (!BN_sub(r0, r0, m1))
-		goto err;
-
-	/*
-	 * This will help stop the size of r0 increasing, which does
-	 * affect the multiply if it optimised for a power of 2 size
-	 */
-	if (BN_is_negative(r0))
-		if (!BN_add(r0, r0, rsa->p))
-			goto err;
-
-	if (!BN_mul(r1, r0, rsa->iqmp, ctx))
-		goto err;
-
-	/* Turn BN_FLG_CONSTTIME flag on before division operation */
-	BN_init(&pr1);
-	BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME);
-
-	if (!BN_mod(r0, &pr1, rsa->p, ctx))
-		goto err;
-
-	/*
-	 * If p < q it is occasionally possible for the correction of
-	 * adding 'p' if r0 is negative above to leave the result still
-	 * negative. This can break the private key operations: the following
-	 * second correction should *always* correct this rare occurrence.
-	 * This will *never* happen with OpenSSL generated keys because
-	 * they ensure p > q [steve]
-	 */
-	if (BN_is_negative(r0))
-		if (!BN_add(r0, r0, rsa->p))
-			goto err;
-	if (!BN_mul(r1, r0, rsa->q, ctx))
-		goto err;
-	if (!BN_add(r0, r1, m1))
-		goto err;
-
-	if (rsa->e && rsa->n) {
-		if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
-		    rsa->_method_mod_n))
-			goto err;
-		/*
-		 * If 'I' was greater than (or equal to) rsa->n, the operation
-		 * will be equivalent to using 'I mod n'. However, the result of
-		 * the verify will *always* be less than 'n' so we don't check
-		 * for absolute equality, just congruency.
-		 */
-		if (!BN_sub(vrfy, vrfy, I))
-			goto err;
-		if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
-			goto err;
-		if (BN_is_negative(vrfy))
-			if (!BN_add(vrfy, vrfy, rsa->n))
-				goto err;
-		if (!BN_is_zero(vrfy)) {
-			/*
-			 * 'I' and 'vrfy' aren't congruent mod n. Don't leak
-			 * miscalculated CRT output, just do a raw (slower)
-			 * mod_exp and return that instead.
-			 */
-			BIGNUM d;
-
-			BN_init(&d);
-			BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
-
-			if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx,
-			    rsa->_method_mod_n)) {
-				goto err;
-			}
-		}
-	}
-	ret = 1;
-err:
-	BN_CTX_end(ctx);
-	return ret;
-}
-
-static int
-RSA_eay_init(RSA *rsa)
-{
-	rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
-	return 1;
-}
-
-static int
-RSA_eay_finish(RSA *rsa)
-{
-	BN_MONT_CTX_free(rsa->_method_mod_n);
-	BN_MONT_CTX_free(rsa->_method_mod_p);
-	BN_MONT_CTX_free(rsa->_method_mod_q);
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_err.c b/lib/libssl/src/crypto/rsa/rsa_err.c
deleted file mode 100644
index 81622c60994..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_err.c
+++ /dev/null
@@ -1,210 +0,0 @@
-/* $OpenBSD: rsa_err.c,v 1.16 2015/02/15 14:35:30 miod Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
-
-static ERR_STRING_DATA RSA_str_functs[] = {
-	{ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"},
-	{ERR_FUNC(RSA_F_DO_RSA_PRINT), "DO_RSA_PRINT"},
-	{ERR_FUNC(RSA_F_INT_RSA_VERIFY), "INT_RSA_VERIFY"},
-	{ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
-	{ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "OLD_RSA_PRIV_DECODE"},
-	{ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
-	{ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
-	{ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
-	{ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
-	{ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
-	{ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
-	{ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
-	{ERR_FUNC(RSA_F_RSA_EAY_MOD_EXP), "RSA_EAY_MOD_EXP"},
-	{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
-	{ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
-	{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
-	{ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
-	{ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
-	{ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
-	{ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
-	{ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
-	{ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
-	{ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
-	{ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
-	{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"},
-	{ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"},
-	{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"},
-	{ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP), "RSA_padding_add_PKCS1_OAEP"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1), "RSA_padding_add_PKCS1_PSS_mgf1"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1), "RSA_padding_add_PKCS1_type_1"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2), "RSA_padding_add_PKCS1_type_2"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP), "RSA_padding_check_PKCS1_OAEP"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1), "RSA_padding_check_PKCS1_type_1"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2), "RSA_padding_check_PKCS1_type_2"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
-	{ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
-	{ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
-	{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
-	{ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
-	{ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
-	{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
-	{ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
-	{ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
-	{ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
-	{ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
-	{ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
-	{ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
-	{ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING), "RSA_sign_ASN1_OCTET_STRING"},
-	{ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
-	{ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING), "RSA_verify_ASN1_OCTET_STRING"},
-	{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
-	{ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA RSA_str_reasons[] = {
-	{ERR_REASON(RSA_R_ALGORITHM_MISMATCH)    , "algorithm mismatch"},
-	{ERR_REASON(RSA_R_BAD_E_VALUE)           , "bad e value"},
-	{ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"},
-	{ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT)    , "bad pad byte count"},
-	{ERR_REASON(RSA_R_BAD_SIGNATURE)         , "bad signature"},
-	{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01)  , "block type is not 01"},
-	{ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02)  , "block type is not 02"},
-	{ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN), "data greater than mod len"},
-	{ERR_REASON(RSA_R_DATA_TOO_LARGE)        , "data too large"},
-	{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"},
-	{ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS), "data too large for modulus"},
-	{ERR_REASON(RSA_R_DATA_TOO_SMALL)        , "data too small"},
-	{ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE), "data too small for key size"},
-	{ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY), "digest too big for rsa key"},
-	{ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"},
-	{ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
-	{ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
-	{ERR_REASON(RSA_R_FIRST_OCTET_INVALID)   , "first octet invalid"},
-	{ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE), "illegal or unsupported padding mode"},
-	{ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH) , "invalid digest length"},
-	{ERR_REASON(RSA_R_INVALID_HEADER)        , "invalid header"},
-	{ERR_REASON(RSA_R_INVALID_KEYBITS)       , "invalid keybits"},
-	{ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
-	{ERR_REASON(RSA_R_INVALID_MGF1_MD)       , "invalid mgf1 md"},
-	{ERR_REASON(RSA_R_INVALID_PADDING)       , "invalid padding"},
-	{ERR_REASON(RSA_R_INVALID_PADDING_MODE)  , "invalid padding mode"},
-	{ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
-	{ERR_REASON(RSA_R_INVALID_PSS_SALTLEN)   , "invalid pss saltlen"},
-	{ERR_REASON(RSA_R_INVALID_SALT_LENGTH)   , "invalid salt length"},
-	{ERR_REASON(RSA_R_INVALID_TRAILER)       , "invalid trailer"},
-	{ERR_REASON(RSA_R_INVALID_X931_DIGEST)   , "invalid x931 digest"},
-	{ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q) , "iqmp not inverse of q"},
-	{ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL)    , "key size too small"},
-	{ERR_REASON(RSA_R_LAST_OCTET_INVALID)    , "last octet invalid"},
-	{ERR_REASON(RSA_R_MODULUS_TOO_LARGE)     , "modulus too large"},
-	{ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD)   , "non fips rsa method"},
-	{ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT)    , "no public exponent"},
-	{ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING), "null before block missing"},
-	{ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  , "n does not equal p q"},
-	{ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   , "oaep decoding error"},
-	{ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE), "operation not allowed in fips mode"},
-	{ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE), "operation not supported for this keytype"},
-	{ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  , "padding check failed"},
-	{ERR_REASON(RSA_R_P_NOT_PRIME)           , "p not prime"},
-	{ERR_REASON(RSA_R_Q_NOT_PRIME)           , "q not prime"},
-	{ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED), "rsa operations not supported"},
-	{ERR_REASON(RSA_R_SLEN_CHECK_FAILED)     , "salt length check failed"},
-	{ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED)  , "salt length recovery failed"},
-	{ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK) , "sslv3 rollback attack"},
-	{ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"},
-	{ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
-	{ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST)   , "unknown mask digest"},
-	{ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE)  , "unknown padding type"},
-	{ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST)    , "unknown pss digest"},
-	{ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM), "unsupported mask algorithm"},
-	{ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER), "unsupported mask parameter"},
-	{ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE), "unsupported signature type"},
-	{ERR_REASON(RSA_R_VALUE_MISSING)         , "value missing"},
-	{ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_RSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, RSA_str_functs);
-		ERR_load_strings(0, RSA_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_gen.c b/lib/libssl/src/crypto/rsa/rsa_gen.c
deleted file mode 100644
index d46f4f2478f..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_gen.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/* $OpenBSD: rsa_gen.c,v 1.18 2016/06/30 02:02:06 bcook Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-
-/* NB: these functions have been "upgraded", the deprecated versions (which are
- * compatibility wrappers using these functions) are in rsa_depr.c.
- * - Geoff
- */
-
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb);
-
-/*
- * NB: this wrapper would normally be placed in rsa_lib.c and the static
- * implementation would probably be in rsa_eay.c. Nonetheless, is kept here so
- * that we don't introduce a new linker dependency. Eg. any application that
- * wasn't previously linking object code related to key-generation won't have to
- * now just because key-generation is part of RSA_METHOD.
- */
-int
-RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
-{
-	if (rsa->meth->rsa_keygen)
-		return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
-	return rsa_builtin_keygen(rsa, bits, e_value, cb);
-}
-
-static int
-rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
-{
-	BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
-	BIGNUM pr0, d, p;
-	int bitsp, bitsq, ok = -1, n = 0;
-	BN_CTX *ctx = NULL;
-
-	ctx = BN_CTX_new();
-	if (ctx == NULL)
-		goto err;
-	BN_CTX_start(ctx);
-	if ((r0 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r1 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r2 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-	if ((r3 = BN_CTX_get(ctx)) == NULL)
-		goto err;
-
-	bitsp = (bits + 1) / 2;
-	bitsq = bits - bitsp;
-
-	/* We need the RSA components non-NULL */
-	if (!rsa->n && ((rsa->n = BN_new()) == NULL))
-		goto err;
-	if (!rsa->d && ((rsa->d = BN_new()) == NULL))
-		goto err;
-	if (!rsa->e && ((rsa->e = BN_new()) == NULL))
-		goto err;
-	if (!rsa->p && ((rsa->p = BN_new()) == NULL))
-		goto err;
-	if (!rsa->q && ((rsa->q = BN_new()) == NULL))
-		goto err;
-	if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
-		goto err;
-	if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
-		goto err;
-	if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
-		goto err;
-
-	BN_copy(rsa->e, e_value);
-
-	/* generate p and q */
-	for (;;) {
-		if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
-			goto err;
-		if (!BN_sub(r2, rsa->p, BN_value_one()))
-			goto err;
-		if (!BN_gcd(r1, r2, rsa->e, ctx))
-			goto err;
-		if (BN_is_one(r1))
-			break;
-		if (!BN_GENCB_call(cb, 2, n++))
-			goto err;
-	}
-	if (!BN_GENCB_call(cb, 3, 0))
-		goto err;
-	for (;;) {
-		/*
-		 * When generating ridiculously small keys, we can get stuck
-		 * continually regenerating the same prime values. Check for
-		 * this and bail if it happens 3 times.
-		 */
-		unsigned int degenerate = 0;
-		do {
-			if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL,
-			    cb))
-				goto err;
-		} while (BN_cmp(rsa->p, rsa->q) == 0 &&
-		    ++degenerate < 3);
-		if (degenerate == 3) {
-			ok = 0; /* we set our own err */
-			RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,
-			    RSA_R_KEY_SIZE_TOO_SMALL);
-			goto err;
-		}
-		if (!BN_sub(r2, rsa->q, BN_value_one()))
-			goto err;
-		if (!BN_gcd(r1, r2, rsa->e, ctx))
-			goto err;
-		if (BN_is_one(r1))
-			break;
-		if (!BN_GENCB_call(cb, 2, n++))
-			goto err;
-	}
-	if (!BN_GENCB_call(cb, 3, 1))
-		goto err;
-	if (BN_cmp(rsa->p, rsa->q) < 0) {
-		tmp = rsa->p;
-		rsa->p = rsa->q;
-		rsa->q = tmp;
-	}
-
-	/* calculate n */
-	if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx))
-		goto err;
-
-	/* calculate d */
-	if (!BN_sub(r1, rsa->p, BN_value_one()))	/* p-1 */
-		goto err;
-	if (!BN_sub(r2, rsa->q, BN_value_one()))	/* q-1 */
-		goto err;
-	if (!BN_mul(r0, r1, r2, ctx))			/* (p-1)(q-1) */
-		goto err;
-
-	BN_with_flags(&pr0, r0, BN_FLG_CONSTTIME);
-
-	if (!BN_mod_inverse(rsa->d, rsa->e, &pr0, ctx)) /* d */
-		goto err;
-
-	/* set up d for correct BN_FLG_CONSTTIME flag */
-	BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
-
-	/* calculate d mod (p-1) */
-	if (!BN_mod(rsa->dmp1, &d, r1, ctx))
-		goto err;
-
-	/* calculate d mod (q-1) */
-	if (!BN_mod(rsa->dmq1, &d, r2, ctx))
-		goto err;
-
-	/* calculate inverse of q mod p */
-	BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
-	if (!BN_mod_inverse(rsa->iqmp, rsa->q, &p, ctx))
-		goto err;
-
-	ok = 1;
-err:
-	if (ok == -1) {
-		RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, ERR_LIB_BN);
-		ok = 0;
-	}
-	if (ctx != NULL) {
-		BN_CTX_end(ctx);
-		BN_CTX_free(ctx);
-	}
-
-	return ok;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_lib.c b/lib/libssl/src/crypto/rsa/rsa_lib.c
deleted file mode 100644
index 51dc94a1340..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_lib.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/* $OpenBSD: rsa_lib.c,v 1.30 2015/02/11 03:19:37 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bn.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/rsa.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-static const RSA_METHOD *default_RSA_meth = NULL;
-
-RSA *
-RSA_new(void)
-{
-	RSA *r = RSA_new_method(NULL);
-
-	return r;
-}
-
-void
-RSA_set_default_method(const RSA_METHOD *meth)
-{
-	default_RSA_meth = meth;
-}
-
-const RSA_METHOD *
-RSA_get_default_method(void)
-{
-	if (default_RSA_meth == NULL)
-		default_RSA_meth = RSA_PKCS1_SSLeay();
-
-	return default_RSA_meth;
-}
-
-const RSA_METHOD *
-RSA_get_method(const RSA *rsa)
-{
-	return rsa->meth;
-}
-
-int
-RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
-{
-	/*
-	 * NB: The caller is specifically setting a method, so it's not up to us
-	 * to deal with which ENGINE it comes from.
-	 */
-	const RSA_METHOD *mtmp;
-
-	mtmp = rsa->meth;
-	if (mtmp->finish)
-		mtmp->finish(rsa);
-#ifndef OPENSSL_NO_ENGINE
-	if (rsa->engine) {
-		ENGINE_finish(rsa->engine);
-		rsa->engine = NULL;
-	}
-#endif
-	rsa->meth = meth;
-	if (meth->init)
-		meth->init(rsa);
-	return 1;
-}
-
-RSA *
-RSA_new_method(ENGINE *engine)
-{
-	RSA *ret;
-
-	ret = malloc(sizeof(RSA));
-	if (ret == NULL) {
-		RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	ret->meth = RSA_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
-	if (engine) {
-		if (!ENGINE_init(engine)) {
-			RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			free(ret);
-			return NULL;
-		}
-		ret->engine = engine;
-	} else
-		ret->engine = ENGINE_get_default_RSA();
-	if (ret->engine) {
-		ret->meth = ENGINE_get_RSA(ret->engine);
-		if (!ret->meth) {
-			RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
-			ENGINE_finish(ret->engine);
-			free(ret);
-			return NULL;
-		}
-	}
-#endif
-
-	ret->pad = 0;
-	ret->version = 0;
-	ret->n = NULL;
-	ret->e = NULL;
-	ret->d = NULL;
-	ret->p = NULL;
-	ret->q = NULL;
-	ret->dmp1 = NULL;
-	ret->dmq1 = NULL;
-	ret->iqmp = NULL;
-	ret->references = 1;
-	ret->_method_mod_n = NULL;
-	ret->_method_mod_p = NULL;
-	ret->_method_mod_q = NULL;
-	ret->blinding = NULL;
-	ret->mt_blinding = NULL;
-	ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
-	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		free(ret);
-		return NULL;
-	}
-
-	if (ret->meth->init != NULL && !ret->meth->init(ret)) {
-#ifndef OPENSSL_NO_ENGINE
-		if (ret->engine)
-			ENGINE_finish(ret->engine);
-#endif
-		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
-		free(ret);
-		ret = NULL;
-	}
-	return ret;
-}
-
-void
-RSA_free(RSA *r)
-{
-	int i;
-
-	if (r == NULL)
-		return;
-
-	i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_RSA);
-	if (i > 0)
-		return;
-
-	if (r->meth->finish)
-		r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
-	if (r->engine)
-		ENGINE_finish(r->engine);
-#endif
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
-
-	BN_clear_free(r->n);
-	BN_clear_free(r->e);
-	BN_clear_free(r->d);
-	BN_clear_free(r->p);
-	BN_clear_free(r->q);
-	BN_clear_free(r->dmp1);
-	BN_clear_free(r->dmq1);
-	BN_clear_free(r->iqmp);
-	BN_BLINDING_free(r->blinding);
-	BN_BLINDING_free(r->mt_blinding);
-	free(r);
-}
-
-int
-RSA_up_ref(RSA *r)
-{
-	int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
-	return i > 1 ? 1 : 0;
-}
-
-int
-RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-RSA_set_ex_data(RSA *r, int idx, void *arg)
-{
-	return CRYPTO_set_ex_data(&r->ex_data, idx, arg);
-}
-
-void *
-RSA_get_ex_data(const RSA *r, int idx)
-{
-	return CRYPTO_get_ex_data(&r->ex_data, idx);
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_locl.h b/lib/libssl/src/crypto/rsa/rsa_locl.h
deleted file mode 100644
index 24da0dc1796..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_locl.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* $OpenBSD: rsa_locl.h,v 1.3 2014/07/09 19:51:31 jsing Exp $ */
-extern int int_rsa_verify(int dtype, const unsigned char *m,
-    unsigned int m_len, unsigned char *rm, size_t *prm_len,
-    const unsigned char *sigbuf, size_t siglen, RSA *rsa);
diff --git a/lib/libssl/src/crypto/rsa/rsa_none.c b/lib/libssl/src/crypto/rsa/rsa_none.c
deleted file mode 100644
index 5222b3c1ebf..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_none.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* $OpenBSD: rsa_none.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int
-RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *from,
-    int flen)
-{
-	if (flen > tlen) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_NONE,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	if (flen < tlen) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_NONE,
-		    RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	memcpy(to, from, flen);
-	return 1;
-}
-
-int
-RSA_padding_check_none(unsigned char *to, int tlen, const unsigned char *from,
-    int flen, int num)
-{
-	if (flen > tlen) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_NONE, RSA_R_DATA_TOO_LARGE);
-		return -1;
-	}
-
-	memset(to, 0, tlen - flen);
-	memcpy(to + tlen - flen, from, flen);
-	return tlen;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_oaep.c b/lib/libssl/src/crypto/rsa/rsa_oaep.c
deleted file mode 100644
index 86e2bfc34f4..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_oaep.c
+++ /dev/null
@@ -1,236 +0,0 @@
-/* $OpenBSD: rsa_oaep.c,v 1.25 2015/06/20 12:01:14 jsing Exp $ */
-/* Written by Ulf Moeller. This software is distributed on an "AS IS"
-   basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */
-
-/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
-
-/* See Victor Shoup, "OAEP reconsidered," Nov. 2000,
- * <URL: http://www.shoup.net/papers/oaep.ps.Z>
- * for problems with the security proof for the
- * original OAEP scheme, which EME-OAEP is based on.
- *
- * A new proof can be found in E. Fujisaki, T. Okamoto,
- * D. Pointcheval, J. Stern, "RSA-OEAP is Still Alive!",
- * Dec. 2000, <URL: http://eprint.iacr.org/2000/061/>.
- * The new proof has stronger requirements for the
- * underlying permutation: "partial-one-wayness" instead
- * of one-wayness.  For the RSA function, this is
- * an equivalent notion.
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-
-static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
-    long seedlen);
-
-int
-RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-    const unsigned char *from, int flen, const unsigned char *param, int plen)
-{
-	int i, emlen = tlen - 1;
-	unsigned char *db, *seed;
-	unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH];
-
-	if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	if (emlen < 2 * SHA_DIGEST_LENGTH + 1) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,
-		    RSA_R_KEY_SIZE_TOO_SMALL);
-		return 0;
-	}
-
-	to[0] = 0;
-	seed = to + 1;
-	db = to + SHA_DIGEST_LENGTH + 1;
-
-	if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL))
-		return 0;
-	memset(db + SHA_DIGEST_LENGTH, 0,
-	    emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
-	db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
-	memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, flen);
-	arc4random_buf(seed, SHA_DIGEST_LENGTH);
-
-	dbmask = malloc(emlen - SHA_DIGEST_LENGTH);
-	if (dbmask == NULL) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	if (MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed,
-	    SHA_DIGEST_LENGTH) < 0)
-		return 0;
-	for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
-		db[i] ^= dbmask[i];
-
-	if (MGF1(seedmask, SHA_DIGEST_LENGTH, db,
-	    emlen - SHA_DIGEST_LENGTH) < 0)
-		return 0;
-	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
-		seed[i] ^= seedmask[i];
-
-	free(dbmask);
-	return 1;
-}
-
-int
-RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-    const unsigned char *from, int flen, int num, const unsigned char *param,
-    int plen)
-{
-	int i, dblen, mlen = -1;
-	const unsigned char *maskeddb;
-	int lzero;
-	unsigned char *db = NULL;
-	unsigned char seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH];
-	unsigned char *padded_from;
-	int bad = 0;
-
-	if (--num < 2 * SHA_DIGEST_LENGTH + 1)
-		/*
-		 * 'num' is the length of the modulus, i.e. does not depend
-		 * on the particular ciphertext.
-		 */
-		goto decoding_err;
-
-	lzero = num - flen;
-	if (lzero < 0) {
-		/*
-		 * signalling this error immediately after detection might allow
-		 * for side-channel attacks (e.g. timing if 'plen' is huge
-		 * -- cf. James H. Manger, "A Chosen Ciphertext Attack on RSA
-		 * Optimal Asymmetric Encryption Padding (OAEP) [...]",
-		 * CRYPTO 2001), so we use a 'bad' flag
-		 */
-		bad = 1;
-		lzero = 0;
-		flen = num; /* don't overflow the memcpy to padded_from */
-	}
-
-	dblen = num - SHA_DIGEST_LENGTH;
-	db = malloc(dblen + num);
-	if (db == NULL) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,
-		    ERR_R_MALLOC_FAILURE);
-		return -1;
-	}
-
-	/*
-	 * Always do this zero-padding copy (even when lzero == 0)
-	 * to avoid leaking timing info about the value of lzero.
-	 */
-	padded_from = db + dblen;
-	memset(padded_from, 0, lzero);
-	memcpy(padded_from + lzero, from, flen);
-
-	maskeddb = padded_from + SHA_DIGEST_LENGTH;
-
-	if (MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen))
-		return -1;
-	for (i = 0; i < SHA_DIGEST_LENGTH; i++)
-		seed[i] ^= padded_from[i];
-
-	if (MGF1(db, dblen, seed, SHA_DIGEST_LENGTH))
-		return -1;
-	for (i = 0; i < dblen; i++)
-		db[i] ^= maskeddb[i];
-
-	if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
-		return -1;
-
-	if (timingsafe_memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
-		goto decoding_err;
-	else {
-		for (i = SHA_DIGEST_LENGTH; i < dblen; i++)
-			if (db[i] != 0x00)
-				break;
-		if (i == dblen || db[i] != 0x01)
-			goto decoding_err;
-		else {
-			/* everything looks OK */
-
-			mlen = dblen - ++i;
-			if (tlen < mlen) {
-				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,
-				    RSA_R_DATA_TOO_LARGE);
-				mlen = -1;
-			} else
-				memcpy(to, db + i, mlen);
-		}
-	}
-	free(db);
-	return mlen;
-
-decoding_err:
-	/*
-	 * To avoid chosen ciphertext attacks, the error message should not
-	 * reveal which kind of decoding error happened
-	 */
-	RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR);
-	free(db);
-	return -1;
-}
-
-int
-PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
-    long seedlen, const EVP_MD *dgst)
-{
-	long i, outlen = 0;
-	unsigned char cnt[4];
-	EVP_MD_CTX c;
-	unsigned char md[EVP_MAX_MD_SIZE];
-	int mdlen;
-	int rv = -1;
-
-	EVP_MD_CTX_init(&c);
-	mdlen = EVP_MD_size(dgst);
-	if (mdlen < 0)
-		goto err;
-	for (i = 0; outlen < len; i++) {
-		cnt[0] = (unsigned char)((i >> 24) & 255);
-		cnt[1] = (unsigned char)((i >> 16) & 255);
-		cnt[2] = (unsigned char)((i >> 8)) & 255;
-		cnt[3] = (unsigned char)(i & 255);
-		if (!EVP_DigestInit_ex(&c, dgst, NULL) ||
-		    !EVP_DigestUpdate(&c, seed, seedlen) ||
-		    !EVP_DigestUpdate(&c, cnt, 4))
-			goto err;
-		if (outlen + mdlen <= len) {
-			if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
-				goto err;
-			outlen += mdlen;
-		} else {
-			if (!EVP_DigestFinal_ex(&c, md, NULL))
-				goto err;
-			memcpy(mask + outlen, md, len - outlen);
-			outlen = len;
-		}
-	}
-	rv = 0;
-err:
-	EVP_MD_CTX_cleanup(&c);
-	return rv;
-}
-
-static int
-MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
-{
-	return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
-}
-#endif
diff --git a/lib/libssl/src/crypto/rsa/rsa_pk1.c b/lib/libssl/src/crypto/rsa/rsa_pk1.c
deleted file mode 100644
index 6c3e7fb8461..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_pk1.c
+++ /dev/null
@@ -1,224 +0,0 @@
-/* $OpenBSD: rsa_pk1.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int
-RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-    const unsigned char *from, int flen)
-{
-	int j;
-	unsigned char *p;
-
-	if (flen > (tlen - RSA_PKCS1_PADDING_SIZE)) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	p = (unsigned char *)to;
-
-	*(p++) = 0;
-	*(p++) = 1; /* Private Key BT (Block Type) */
-
-	/* pad out with 0xff data */
-	j = tlen - 3 - flen;
-	memset(p, 0xff, j);
-	p += j;
-	*(p++) = '\0';
-	memcpy(p, from, flen);
-
-	return 1;
-}
-
-int
-RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-    const unsigned char *from, int flen, int num)
-{
-	int i, j;
-	const unsigned char *p;
-
-	p = from;
-	if (num != flen + 1 || *(p++) != 01) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-		    RSA_R_BLOCK_TYPE_IS_NOT_01);
-		return -1;
-	}
-
-	/* scan over padding data */
-	j = flen - 1; /* one for type. */
-	for (i = 0; i < j; i++) {
-		if (*p != 0xff) {
-			/* should decrypt to 0xff */
-			if (*p == 0) {
-				p++;
-				break;
-			} else {
-				RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-				    RSA_R_BAD_FIXED_HEADER_DECRYPT);
-				return -1;
-			}
-		}
-		p++;
-	}
-
-	if (i == j) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-		    RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return -1;
-	}
-
-	if (i < 8) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-		    RSA_R_BAD_PAD_BYTE_COUNT);
-		return -1;
-	}
-	i++; /* Skip over the '\0' */
-	j -= i;
-	if (j > tlen) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
-		    RSA_R_DATA_TOO_LARGE);
-		return -1;
-	}
-	memcpy(to, p, j);
-
-	return j;
-}
-
-int
-RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-    const unsigned char *from, int flen)
-{
-	int i, j;
-	unsigned char *p;
-
-	if (flen > tlen - 11) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	p = (unsigned char *)to;
-
-	*(p++) = 0;
-	*(p++) = 2; /* Public Key BT (Block Type) */
-
-	/* pad out with non-zero random data */
-	j = tlen - 3 - flen;
-
-	arc4random_buf(p, j);
-	for (i = 0; i < j; i++) {
-		while (*p == '\0')
-			arc4random_buf(p, 1);
-		p++;
-	}
-
-	*(p++) = '\0';
-
-	memcpy(p, from, flen);
-	return 1;
-}
-
-int
-RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-    const unsigned char *from, int flen, int num)
-{
-	int i, j;
-	const unsigned char *p;
-
-	p = from;
-	if (num != flen + 1 || *(p++) != 02) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
-		    RSA_R_BLOCK_TYPE_IS_NOT_02);
-		return -1;
-	}
-
-	/* scan over padding data */
-	j = flen - 1; /* one for type. */
-	for (i = 0; i < j; i++)
-		if (*(p++) == 0)
-			break;
-
-	if (i == j) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
-		    RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return -1;
-	}
-
-	if (i < 8) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
-		    RSA_R_BAD_PAD_BYTE_COUNT);
-		return -1;
-	}
-	i++; /* Skip over the '\0' */
-	j -= i;
-	if (j > tlen) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
-		    RSA_R_DATA_TOO_LARGE);
-		return -1;
-	}
-	memcpy(to, p, j);
-
-	return j;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_pmeth.c b/lib/libssl/src/crypto/rsa/rsa_pmeth.c
deleted file mode 100644
index 0b648138ee8..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_pmeth.c
+++ /dev/null
@@ -1,616 +0,0 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_CMS
-#include <openssl/cms.h>
-#endif
-
-#include "evp_locl.h"
-#include "rsa_locl.h"
-
-/* RSA pkey context structure */
-
-typedef struct {
-	/* Key gen parameters */
-	int nbits;
-	BIGNUM *pub_exp;
-	/* Keygen callback info */
-	int gentmp[2];
-	/* RSA padding mode */
-	int pad_mode;
-	/* message digest */
-	const EVP_MD *md;
-	/* message digest for MGF1 */
-	const EVP_MD *mgf1md;
-	/* PSS/OAEP salt length */
-	int saltlen;
-	/* Temp buffer */
-	unsigned char *tbuf;
-} RSA_PKEY_CTX;
-
-static int
-pkey_rsa_init(EVP_PKEY_CTX *ctx)
-{
-	RSA_PKEY_CTX *rctx;
-
-	rctx = malloc(sizeof(RSA_PKEY_CTX));
-	if (!rctx)
-		return 0;
-	rctx->nbits = 2048;
-	rctx->pub_exp = NULL;
-	rctx->pad_mode = RSA_PKCS1_PADDING;
-	rctx->md = NULL;
-	rctx->mgf1md = NULL;
-	rctx->tbuf = NULL;
-
-	rctx->saltlen = -2;
-
-	ctx->data = rctx;
-	ctx->keygen_info = rctx->gentmp;
-	ctx->keygen_info_count = 2;
-
-	return 1;
-}
-
-static int
-pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
-{
-	RSA_PKEY_CTX *dctx, *sctx;
-
-	if (!pkey_rsa_init(dst))
-		return 0;
-	sctx = src->data;
-	dctx = dst->data;
-	dctx->nbits = sctx->nbits;
-	if (sctx->pub_exp) {
-		dctx->pub_exp = BN_dup(sctx->pub_exp);
-		if (!dctx->pub_exp)
-			return 0;
-	}
-	dctx->pad_mode = sctx->pad_mode;
-	dctx->md = sctx->md;
-	return 1;
-}
-
-static int
-setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk)
-{
-	if (ctx->tbuf)
-		return 1;
-	ctx->tbuf = malloc(EVP_PKEY_size(pk->pkey));
-	if (!ctx->tbuf)
-		return 0;
-	return 1;
-}
-
-static void
-pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
-{
-	RSA_PKEY_CTX *rctx = ctx->data;
-
-	if (rctx) {
-		BN_free(rctx->pub_exp);
-		free(rctx->tbuf);
-		free(rctx);
-	}
-}
-
-static int
-pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	int ret;
-	RSA_PKEY_CTX *rctx = ctx->data;
-	RSA *rsa = ctx->pkey->pkey.rsa;
-
-	if (rctx->md) {
-		if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
-			RSAerr(RSA_F_PKEY_RSA_SIGN,
-			    RSA_R_INVALID_DIGEST_LENGTH);
-			return -1;
-		}
-
-		if (rctx->pad_mode == RSA_X931_PADDING) {
-			if (!setup_tbuf(rctx, ctx))
-				return -1;
-			memcpy(rctx->tbuf, tbs, tbslen);
-			rctx->tbuf[tbslen] =
-			    RSA_X931_hash_id(EVP_MD_type(rctx->md));
-			ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf, sig,
-			    rsa, RSA_X931_PADDING);
-		} else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-			unsigned int sltmp;
-
-			ret = RSA_sign(EVP_MD_type(rctx->md), tbs, tbslen, sig,
-			    &sltmp, rsa);
-			if (ret <= 0)
-				return ret;
-			ret = sltmp;
-		} else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
-			if (!setup_tbuf(rctx, ctx))
-				return -1;
-			if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa, rctx->tbuf,
-			    tbs, rctx->md, rctx->mgf1md, rctx->saltlen))
-				return -1;
-			ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
-			    sig, rsa, RSA_NO_PADDING);
-		} else
-			return -1;
-	} else
-		ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
-		    rctx->pad_mode);
-	if (ret < 0)
-		return ret;
-	*siglen = ret;
-	return 1;
-}
-
-static int
-pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
-    const unsigned char *sig, size_t siglen)
-{
-	int ret;
-	RSA_PKEY_CTX *rctx = ctx->data;
-
-	if (rctx->md) {
-		if (rctx->pad_mode == RSA_X931_PADDING) {
-			if (!setup_tbuf(rctx, ctx))
-				return -1;
-			ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
-			    ctx->pkey->pkey.rsa, RSA_X931_PADDING);
-			if (ret < 1)
-				return 0;
-			ret--;
-			if (rctx->tbuf[ret] !=
-				RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
-				RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
-				    RSA_R_ALGORITHM_MISMATCH);
-				return 0;
-			}
-			if (ret != EVP_MD_size(rctx->md)) {
-				RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
-				    RSA_R_INVALID_DIGEST_LENGTH);
-				return 0;
-			}
-			if (rout)
-				memcpy(rout, rctx->tbuf, ret);
-		} else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
-			size_t sltmp;
-
-			ret = int_rsa_verify(EVP_MD_type(rctx->md), NULL, 0,
-			    rout, &sltmp, sig, siglen, ctx->pkey->pkey.rsa);
-			if (ret <= 0)
-				return 0;
-			ret = sltmp;
-		} else
-			return -1;
-	} else
-		ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
-		    rctx->pad_mode);
-	if (ret < 0)
-		return ret;
-	*routlen = ret;
-	return 1;
-}
-
-static int
-pkey_rsa_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
-    const unsigned char *tbs, size_t tbslen)
-{
-	RSA_PKEY_CTX *rctx = ctx->data;
-	RSA *rsa = ctx->pkey->pkey.rsa;
-	size_t rslen;
-
-	if (rctx->md) {
-		if (rctx->pad_mode == RSA_PKCS1_PADDING)
-			return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
-			    sig, siglen, rsa);
-		if (rctx->pad_mode == RSA_X931_PADDING) {
-			if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig,
-			    siglen) <= 0)
-				return 0;
-		} else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
-			int ret;
-
-			if (!setup_tbuf(rctx, ctx))
-				return -1;
-			ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
-			    rsa, RSA_NO_PADDING);
-			if (ret <= 0)
-				return 0;
-			ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs, rctx->md,
-			    rctx->mgf1md, rctx->tbuf, rctx->saltlen);
-			if (ret <= 0)
-				return 0;
-			return 1;
-		} else
-			return -1;
-	} else {
-		if (!setup_tbuf(rctx, ctx))
-			return -1;
-		rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf, rsa,
-		    rctx->pad_mode);
-		if (rslen == 0)
-			return 0;
-	}
-
-	if (rslen != tbslen || memcmp(tbs, rctx->tbuf, rslen))
-		return 0;
-
-	return 1;
-}
-
-static int
-pkey_rsa_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-	int ret;
-	RSA_PKEY_CTX *rctx = ctx->data;
-
-	ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
-	    rctx->pad_mode);
-	if (ret < 0)
-		return ret;
-	*outlen = ret;
-	return 1;
-}
-
-static int
-pkey_rsa_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
-    const unsigned char *in, size_t inlen)
-{
-	int ret;
-	RSA_PKEY_CTX *rctx = ctx->data;
-
-	ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
-	    rctx->pad_mode);
-	if (ret < 0)
-		return ret;
-	*outlen = ret;
-	return 1;
-}
-
-static int
-check_padding_md(const EVP_MD *md, int padding)
-{
-	if (!md)
-		return 1;
-
-	if (padding == RSA_NO_PADDING) {
-		RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
-		return 0;
-	}
-
-	if (padding == RSA_X931_PADDING) {
-		if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
-			RSAerr(RSA_F_CHECK_PADDING_MD,
-			    RSA_R_INVALID_X931_DIGEST);
-			return 0;
-		}
-		return 1;
-	}
-
-	return 1;
-}
-
-static int
-pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
-{
-	RSA_PKEY_CTX *rctx = ctx->data;
-
-	switch (type) {
-	case EVP_PKEY_CTRL_RSA_PADDING:
-		if (p1 >= RSA_PKCS1_PADDING && p1 <= RSA_PKCS1_PSS_PADDING) {
-			if (!check_padding_md(rctx->md, p1))
-				return 0;
-			if (p1 == RSA_PKCS1_PSS_PADDING) {
-				if (!(ctx->operation &
-				    (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)))
-					goto bad_pad;
-				if (!rctx->md)
-					rctx->md = EVP_sha1();
-			}
-			if (p1 == RSA_PKCS1_OAEP_PADDING) {
-				if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
-					goto bad_pad;
-				if (!rctx->md)
-					rctx->md = EVP_sha1();
-			}
-			rctx->pad_mode = p1;
-			return 1;
-		}
-bad_pad:
-		RSAerr(RSA_F_PKEY_RSA_CTRL,
-		    RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
-		return -2;
-
-	case EVP_PKEY_CTRL_GET_RSA_PADDING:
-		*(int *)p2 = rctx->pad_mode;
-		return 1;
-
-	case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
-	case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
-		if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
-			RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
-			return -2;
-		}
-		if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN)
-			*(int *)p2 = rctx->saltlen;
-		else {
-			if (p1 < -2)
-				return -2;
-			rctx->saltlen = p1;
-		}
-		return 1;
-
-	case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
-		if (p1 < 256) {
-			RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS);
-			return -2;
-		}
-		rctx->nbits = p1;
-		return 1;
-
-	case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
-		if (!p2)
-			return -2;
-		rctx->pub_exp = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_MD:
-		if (!check_padding_md(p2, rctx->pad_mode))
-			return 0;
-		rctx->md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_RSA_MGF1_MD:
-	case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
-		if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
-			RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_MGF1_MD);
-			return -2;
-		}
-		if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) {
-			if (rctx->mgf1md)
-				*(const EVP_MD **)p2 = rctx->mgf1md;
-			else
-				*(const EVP_MD **)p2 = rctx->md;
-		} else
-			rctx->mgf1md = p2;
-		return 1;
-
-	case EVP_PKEY_CTRL_DIGESTINIT:
-	case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
-	case EVP_PKEY_CTRL_PKCS7_DECRYPT:
-	case EVP_PKEY_CTRL_PKCS7_SIGN:
-		return 1;
-#ifndef OPENSSL_NO_CMS
-	case EVP_PKEY_CTRL_CMS_DECRYPT:
-		{
-			X509_ALGOR *alg = NULL;
-			ASN1_OBJECT *encalg = NULL;
-
-			if (p2)
-				CMS_RecipientInfo_ktri_get0_algs(p2, NULL,
-				    NULL, &alg);
-			if (alg)
-				X509_ALGOR_get0(&encalg, NULL, NULL, alg);
-			if (encalg && OBJ_obj2nid(encalg) == NID_rsaesOaep)
-				rctx->pad_mode = RSA_PKCS1_OAEP_PADDING;
-		}
-		/* FALLTHROUGH */
-
-	case EVP_PKEY_CTRL_CMS_ENCRYPT:
-	case EVP_PKEY_CTRL_CMS_SIGN:
-		return 1;
-#endif
-	case EVP_PKEY_CTRL_PEER_KEY:
-		RSAerr(RSA_F_PKEY_RSA_CTRL,
-		    RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
-		return -2;
-
-	default:
-		return -2;
-	}
-}
-
-static int
-pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value)
-{
-	long lval;
-	char *ep;
-
-	if (!value) {
-		RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING);
-		return 0;
-	}
-	if (!strcmp(type, "rsa_padding_mode")) {
-		int pm;
-		if (!strcmp(value, "pkcs1"))
-			pm = RSA_PKCS1_PADDING;
-		else if (!strcmp(value, "sslv23"))
-			pm = RSA_SSLV23_PADDING;
-		else if (!strcmp(value, "none"))
-			pm = RSA_NO_PADDING;
-		else if (!strcmp(value, "oeap"))
-			pm = RSA_PKCS1_OAEP_PADDING;
-		else if (!strcmp(value, "oaep"))
-			pm = RSA_PKCS1_OAEP_PADDING;
-		else if (!strcmp(value, "x931"))
-			pm = RSA_X931_PADDING;
-		else if (!strcmp(value, "pss"))
-			pm = RSA_PKCS1_PSS_PADDING;
-		else {
-			RSAerr(RSA_F_PKEY_RSA_CTRL_STR,
-			    RSA_R_UNKNOWN_PADDING_TYPE);
-			return -2;
-		}
-		return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
-	}
-
-	if (!strcmp(type, "rsa_pss_saltlen")) {
-		int saltlen;
-
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		saltlen = lval;
-		return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
-	}
-
-	if (!strcmp(type, "rsa_keygen_bits")) {
-		int nbits;
-
-		errno = 0;
-		lval = strtol(value, &ep, 10);
-		if (value[0] == '\0' || *ep != '\0')
-			goto not_a_number;
-		if ((errno == ERANGE &&
-		    (lval == LONG_MAX || lval == LONG_MIN)) ||
-		    (lval > INT_MAX || lval < INT_MIN))
-			goto out_of_range;
-		nbits = lval;
-		return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
-	}
-
-	if (!strcmp(type, "rsa_keygen_pubexp")) {
-		int ret;
-		BIGNUM *pubexp = NULL;
-
-		if (!BN_asc2bn(&pubexp, value))
-			return 0;
-		ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp);
-		if (ret <= 0)
-			BN_free(pubexp);
-		return ret;
-	}
-
-not_a_number:
-out_of_range:
-	return -2;
-}
-
-static int
-pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
-{
-	RSA *rsa = NULL;
-	RSA_PKEY_CTX *rctx = ctx->data;
-	BN_GENCB *pcb, cb;
-	int ret;
-
-	if (!rctx->pub_exp) {
-		rctx->pub_exp = BN_new();
-		if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
-			return 0;
-	}
-	rsa = RSA_new();
-	if (!rsa)
-		return 0;
-	if (ctx->pkey_gencb) {
-		pcb = &cb;
-		evp_pkey_set_cb_translate(pcb, ctx);
-	} else
-		pcb = NULL;
-	ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
-	if (ret > 0)
-		EVP_PKEY_assign_RSA(pkey, rsa);
-	else
-		RSA_free(rsa);
-	return ret;
-}
-
-const EVP_PKEY_METHOD rsa_pkey_meth = {
-	.pkey_id = EVP_PKEY_RSA,
-	.flags = EVP_PKEY_FLAG_AUTOARGLEN,
-
-	.init = pkey_rsa_init,
-	.copy = pkey_rsa_copy,
-	.cleanup = pkey_rsa_cleanup,
-
-	.keygen = pkey_rsa_keygen,
-
-	.sign = pkey_rsa_sign,
-
-	.verify = pkey_rsa_verify,
-
-	.verify_recover = pkey_rsa_verifyrecover,
-
-	.encrypt = pkey_rsa_encrypt,
-
-	.decrypt = pkey_rsa_decrypt,
-
-	.ctrl = pkey_rsa_ctrl,
-	.ctrl_str = pkey_rsa_ctrl_str
-};
diff --git a/lib/libssl/src/crypto/rsa/rsa_prn.c b/lib/libssl/src/crypto/rsa/rsa_prn.c
deleted file mode 100644
index db82dab5be1..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_prn.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* $OpenBSD: rsa_prn.c,v 1.6 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2006.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-
-int
-RSA_print_fp(FILE *fp, const RSA *x, int off)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file())) == NULL) {
-		RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB);
-		return 0;
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = RSA_print(b, x, off);
-	BIO_free(b);
-	return ret;
-}
-
-int
-RSA_print(BIO *bp, const RSA *x, int off)
-{
-	EVP_PKEY *pk;
-	int ret;
-
-	pk = EVP_PKEY_new();
-	if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
-		return 0;
-	ret = EVP_PKEY_print_private(bp, pk, off, NULL);
-	EVP_PKEY_free(pk);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_pss.c b/lib/libssl/src/crypto/rsa/rsa_pss.c
deleted file mode 100644
index 5e137a30901..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_pss.c
+++ /dev/null
@@ -1,289 +0,0 @@
-/* $OpenBSD: rsa_pss.c,v 1.11 2014/10/22 13:02:04 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/sha.h>
-
-static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-
-int
-RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash, const EVP_MD *Hash,
-    const unsigned char *EM, int sLen)
-{
-	return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
-}
-
-int
-RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
-    const EVP_MD *Hash, const EVP_MD *mgf1Hash, const unsigned char *EM,
-    int sLen)
-{
-	int i;
-	int ret = 0;
-	int hLen, maskedDBLen, MSBits, emLen;
-	const unsigned char *H;
-	unsigned char *DB = NULL;
-	EVP_MD_CTX ctx;
-	unsigned char H_[EVP_MAX_MD_SIZE];
-
-	EVP_MD_CTX_init(&ctx);
-
-	if (mgf1Hash == NULL)
-		mgf1Hash = Hash;
-
-	hLen = EVP_MD_size(Hash);
-	if (hLen < 0)
-		goto err;
-	/*
-	 * Negative sLen has special meanings:
-	 *	-1	sLen == hLen
-	 *	-2	salt length is autorecovered from signature
-	 *	-N	reserved
-	 */
-	if (sLen == -1)
-		sLen = hLen;
-	else if (sLen == -2)
-		sLen = -2;
-	else if (sLen < -2) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
-		    RSA_R_SLEN_CHECK_FAILED);
-		goto err;
-	}
-
-	MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
-	emLen = RSA_size(rsa);
-	if (EM[0] & (0xFF << MSBits)) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
-		    RSA_R_FIRST_OCTET_INVALID);
-		goto err;
-	}
-	if (MSBits == 0) {
-		EM++;
-		emLen--;
-	}
-	if (emLen < (hLen + sLen + 2)) {
-		/* sLen can be small negative */
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
-		goto err;
-	}
-	if (EM[emLen - 1] != 0xbc) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
-		    RSA_R_LAST_OCTET_INVALID);
-		goto err;
-	}
-	maskedDBLen = emLen - hLen - 1;
-	H = EM + maskedDBLen;
-	DB = malloc(maskedDBLen);
-	if (!DB) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0)
-		goto err;
-	for (i = 0; i < maskedDBLen; i++)
-		DB[i] ^= EM[i];
-	if (MSBits)
-		DB[0] &= 0xFF >> (8 - MSBits);
-	for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++)
-		;
-	if (DB[i++] != 0x1) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
-		    RSA_R_SLEN_RECOVERY_FAILED);
-		goto err;
-	}
-	if (sLen >= 0 && (maskedDBLen - i) != sLen) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1,
-		    RSA_R_SLEN_CHECK_FAILED);
-		goto err;
-	}
-	if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
-	    !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) ||
-	    !EVP_DigestUpdate(&ctx, mHash, hLen))
-		goto err;
-	if (maskedDBLen - i) {
-		if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
-			goto err;
-	}
-	if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
-		goto err;
-	if (memcmp(H_, H, hLen)) {
-		RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
-		ret = 0;
-	} else
-		ret = 1;
-
-err:
-	free(DB);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return ret;
-}
-
-int
-RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
-    const unsigned char *mHash, const EVP_MD *Hash, int sLen)
-{
-	return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
-}
-
-int
-RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
-    const unsigned char *mHash, const EVP_MD *Hash, const EVP_MD *mgf1Hash,
-    int sLen)
-{
-	int i;
-	int ret = 0;
-	int hLen, maskedDBLen, MSBits, emLen;
-	unsigned char *H, *salt = NULL, *p;
-	EVP_MD_CTX ctx;
-
-	EVP_MD_CTX_init(&ctx);
-
-	if (mgf1Hash == NULL)
-		mgf1Hash = Hash;
-
-	hLen = EVP_MD_size(Hash);
-	if (hLen < 0)
-		goto err;
-	/*
-	 * Negative sLen has special meanings:
-	 *	-1	sLen == hLen
-	 *	-2	salt length is maximized
-	 *	-N	reserved
-	 */
-	if (sLen == -1)
-		sLen = hLen;
-	else if (sLen == -2)
-		sLen = -2;
-	else if (sLen < -2) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-		    RSA_R_SLEN_CHECK_FAILED);
-		goto err;
-	}
-
-	MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
-	emLen = RSA_size(rsa);
-	if (MSBits == 0) {
-		*EM++ = 0;
-		emLen--;
-	}
-	if (sLen == -2)
-		sLen = emLen - hLen - 2;
-	else if (emLen < (hLen + sLen + 2)) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		goto err;
-	}
-	if (sLen > 0) {
-		salt = malloc(sLen);
-		if (!salt) {
-			RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		arc4random_buf(salt, sLen);
-	}
-	maskedDBLen = emLen - hLen - 1;
-	H = EM + maskedDBLen;
-	if (!EVP_DigestInit_ex(&ctx, Hash, NULL) ||
-	    !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) ||
-	    !EVP_DigestUpdate(&ctx, mHash, hLen))
-		goto err;
-	if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
-		goto err;
-	if (!EVP_DigestFinal_ex(&ctx, H, NULL))
-		goto err;
-
-	/* Generate dbMask in place then perform XOR on it */
-	if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
-		goto err;
-
-	p = EM;
-
-	/*
-	 * Initial PS XORs with all zeroes which is a NOP so just update
-	 * pointer. Note from a test above this value is guaranteed to
-	 * be non-negative.
-	 */
-	p += emLen - sLen - hLen - 2;
-	*p++ ^= 0x1;
-	if (sLen > 0) {
-		for (i = 0; i < sLen; i++)
-			*p++ ^= salt[i];
-	}
-	if (MSBits)
-		EM[0] &= 0xFF >> (8 - MSBits);
-
-	/* H is already in place so just set final 0xbc */
-	EM[emLen - 1] = 0xbc;
-
-	ret = 1;
-
-err:
-	free(salt);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_saos.c b/lib/libssl/src/crypto/rsa/rsa_saos.c
deleted file mode 100644
index 5dbc10dbb20..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_saos.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/* $OpenBSD: rsa_saos.c,v 1.19 2015/09/30 18:41:06 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-int
-RSA_sign_ASN1_OCTET_STRING(int type, const unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-{
-	ASN1_OCTET_STRING sig;
-	int i, j, ret = 1;
-	unsigned char *p, *s;
-
-	sig.type = V_ASN1_OCTET_STRING;
-	sig.length = m_len;
-	sig.data = (unsigned char *)m;
-
-	i = i2d_ASN1_OCTET_STRING(&sig, NULL);
-	j = RSA_size(rsa);
-	if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
-		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,
-		    RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-		return 0;
-	}
-	s = malloc(j + 1);
-	if (s == NULL) {
-		RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	p = s;
-	i2d_ASN1_OCTET_STRING(&sig, &p);
-	i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-	if (i <= 0)
-		ret = 0;
-	else
-		*siglen = i;
-
-	explicit_bzero(s, (unsigned int)j + 1);
-	free(s);
-	return ret;
-}
-
-int
-RSA_verify_ASN1_OCTET_STRING(int dtype, const unsigned char *m,
-    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
-{
-	int i, ret = 0;
-	unsigned char *s;
-	const unsigned char *p;
-	ASN1_OCTET_STRING *sig = NULL;
-
-	if (siglen != (unsigned int)RSA_size(rsa)) {
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-		    RSA_R_WRONG_SIGNATURE_LENGTH);
-		return 0;
-	}
-
-	s = malloc(siglen);
-	if (s == NULL) {
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-
-	if (i <= 0)
-		goto err;
-
-	p = s;
-	sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
-	if (sig == NULL)
-		goto err;
-
-	if ((unsigned int)sig->length != m_len ||
-	    memcmp(m, sig->data, m_len) != 0) {
-		RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
-		    RSA_R_BAD_SIGNATURE);
-	} else
-		ret = 1;
-err:
-	ASN1_OCTET_STRING_free(sig);
-	if (s != NULL) {
-		explicit_bzero(s, (unsigned int)siglen);
-		free(s);
-	}
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_sign.c b/lib/libssl/src/crypto/rsa/rsa_sign.c
deleted file mode 100644
index 7be08f544b0..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_sign.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* $OpenBSD: rsa_sign.c,v 1.25 2015/09/10 15:56:25 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-
-#include "rsa_locl.h"
-
-/* Size of an SSL signature: MD5+SHA1 */
-#define SSL_SIG_LENGTH	36
-
-int
-RSA_sign(int type, const unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa)
-{
-	X509_SIG sig;
-	ASN1_TYPE parameter;
-	int i, j, ret = 1;
-	unsigned char *p, *tmps = NULL;
-	const unsigned char *s = NULL;
-	X509_ALGOR algor;
-	ASN1_OCTET_STRING digest;
-
-	if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign)
-		return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
-
-	/* Special case: SSL signature, just check the length */
-	if (type == NID_md5_sha1) {
-		if (m_len != SSL_SIG_LENGTH) {
-			RSAerr(RSA_F_RSA_SIGN, RSA_R_INVALID_MESSAGE_LENGTH);
-			return 0;
-		}
-		i = SSL_SIG_LENGTH;
-		s = m;
-	} else {
-		sig.algor = &algor;
-		sig.algor->algorithm = OBJ_nid2obj(type);
-		if (sig.algor->algorithm == NULL) {
-			RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE);
-			return 0;
-		}
-		if (sig.algor->algorithm->length == 0) {
-			RSAerr(RSA_F_RSA_SIGN,
-			    RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
-			return 0;
-		}
-		parameter.type = V_ASN1_NULL;
-		parameter.value.ptr = NULL;
-		sig.algor->parameter = &parameter;
-
-		sig.digest = &digest;
-		sig.digest->data = (unsigned char *)m; /* TMP UGLY CAST */
-		sig.digest->length = m_len;
-
-		i = i2d_X509_SIG(&sig, NULL);
-	}
-	j = RSA_size(rsa);
-	if (i > j - RSA_PKCS1_PADDING_SIZE) {
-		RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
-		return 0;
-	}
-	if (type != NID_md5_sha1) {
-		tmps = malloc(j + 1);
-		if (tmps == NULL) {
-			RSAerr(RSA_F_RSA_SIGN, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		p = tmps;
-		i2d_X509_SIG(&sig, &p);
-		s = tmps;
-	}
-	i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
-	if (i <= 0)
-		ret = 0;
-	else
-		*siglen = i;
-
-	if (type != NID_md5_sha1) {
-		explicit_bzero(tmps, (unsigned int)j + 1);
-		free(tmps);
-	}
-	return (ret);
-}
-
-int
-int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
-    unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf,
-    size_t siglen, RSA *rsa)
-{
-	int i, ret = 0, sigtype;
-	unsigned char *s;
-	X509_SIG *sig = NULL;
-
-	if (siglen != (unsigned int)RSA_size(rsa)) {
-		RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH);
-		return 0;
-	}
-
-	if ((dtype == NID_md5_sha1) && rm) {
-		i = RSA_public_decrypt((int)siglen, sigbuf, rm, rsa,
-		    RSA_PKCS1_PADDING);
-		if (i <= 0)
-			return 0;
-		*prm_len = i;
-		return 1;
-	}
-
-	s = malloc(siglen);
-	if (s == NULL) {
-		RSAerr(RSA_F_INT_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (dtype == NID_md5_sha1 && m_len != SSL_SIG_LENGTH) {
-		RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH);
-		goto err;
-	}
-	i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
-
-	if (i <= 0)
-		goto err;
-
-	/* Special case: SSL signature */
-	if (dtype == NID_md5_sha1) {
-		if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH))
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-		else
-			ret = 1;
-	} else {
-		const unsigned char *p = s;
-
-		sig = d2i_X509_SIG(NULL, &p, (long)i);
-
-		if (sig == NULL)
-			goto err;
-
-		/* Excess data can be used to create forgeries */
-		if (p != s + i) {
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-			goto err;
-		}
-
-		/* Parameters to the signature algorithm can also be used to
-		   create forgeries */
-		if (sig->algor->parameter &&
-		    ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) {
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-			goto err;
-		}
-
-		sigtype = OBJ_obj2nid(sig->algor->algorithm);
-
-		if (sigtype != dtype) {
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
-			goto err;
-		}
-		if (rm) {
-			const EVP_MD *md;
-
-			md = EVP_get_digestbynid(dtype);
-			if (md && (EVP_MD_size(md) != sig->digest->length))
-				RSAerr(RSA_F_INT_RSA_VERIFY,
-				    RSA_R_INVALID_DIGEST_LENGTH);
-			else {
-				memcpy(rm, sig->digest->data,
-				    sig->digest->length);
-				*prm_len = sig->digest->length;
-				ret = 1;
-			}
-		} else if ((unsigned int)sig->digest->length != m_len ||
-		    memcmp(m, sig->digest->data, m_len) != 0) {
-			RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-		} else
-			ret = 1;
-	}
-err:
-	if (sig != NULL)
-		X509_SIG_free(sig);
-	if (s != NULL) {
-		explicit_bzero(s, (unsigned int)siglen);
-		free(s);
-	}
-	return ret;
-}
-
-int
-RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
-    const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
-{
-	if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify)
-		return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen,
-		    rsa);
-
-	return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_ssl.c b/lib/libssl/src/crypto/rsa/rsa_ssl.c
deleted file mode 100644
index 73262f29c16..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_ssl.c
+++ /dev/null
@@ -1,151 +0,0 @@
-/* $OpenBSD: rsa_ssl.c,v 1.14 2014/10/22 13:02:04 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-
-int
-RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from,
-    int flen)
-{
-	int i, j;
-	unsigned char *p;
-
-	if (flen > tlen - 11) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return 0;
-	}
-
-	p = (unsigned char *)to;
-
-	*(p++) = 0;
-	*(p++) = 2; /* Public Key BT (Block Type) */
-
-	/* pad out with non-zero random data */
-	j = tlen - 3 - 8 - flen;
-
-	arc4random_buf(p, j);
-	for (i = 0; i < j; i++) {
-		while (*p == '\0')
-			arc4random_buf(p, 1);
-		p++;
-	}
-
-	memset(p, 3, 8);
-	p += 8;
-	*(p++) = '\0';
-
-	memcpy(p, from, flen);
-	return 1;
-}
-
-int
-RSA_padding_check_SSLv23(unsigned char *to, int tlen, const unsigned char *from,
-    int flen, int num)
-{
-	int i, j, k;
-	const unsigned char *p;
-
-	p = from;
-	if (flen < 10) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL);
-		return -1;
-	}
-	if (num != flen + 1 || *(p++) != 02) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,
-		    RSA_R_BLOCK_TYPE_IS_NOT_02);
-		return -1;
-	}
-
-	/* scan over padding data */
-	j = flen - 1; /* one for type */
-	for (i = 0; i < j; i++)
-		if (*(p++) == 0)
-			break;
-
-	if (i == j || i < 8) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,
-		    RSA_R_NULL_BEFORE_BLOCK_MISSING);
-		return -1;
-	}
-	for (k = -9; k < -1; k++) {
-		if (p[k] !=  0x03)
-			break;
-	}
-	if (k == -1) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,
-		    RSA_R_SSLV3_ROLLBACK_ATTACK);
-		return -1;
-	}
-
-	i++; /* Skip over the '\0' */
-	j -= i;
-	if (j > tlen) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_LARGE);
-		return -1;
-	}
-	memcpy(to, p, j);
-
-	return j;
-}
diff --git a/lib/libssl/src/crypto/rsa/rsa_x931.c b/lib/libssl/src/crypto/rsa/rsa_x931.c
deleted file mode 100644
index 2993b4028da..00000000000
--- a/lib/libssl/src/crypto/rsa/rsa_x931.c
+++ /dev/null
@@ -1,167 +0,0 @@
-/* $OpenBSD: rsa_x931.c,v 1.9 2014/10/18 17:20:40 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2005.
- */
-/* ====================================================================
- * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/rsa.h>
-
-int
-RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *from,
-    int flen)
-{
-	int j;
-	unsigned char *p;
-
-	/*
-	 * Absolute minimum amount of padding is 1 header nibble, 1 padding
-	 * nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
-	 */
-	j = tlen - flen - 2;
-
-	if (j < 0) {
-		RSAerr(RSA_F_RSA_PADDING_ADD_X931,
-		    RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
-		return -1;
-	}
-
-	p = (unsigned char *)to;
-
-	/* If no padding start and end nibbles are in one byte */
-	if (j == 0)
-		*p++ = 0x6A;
-	else {
-		*p++ = 0x6B;
-		if (j > 1) {
-			memset(p, 0xBB, j - 1);
-			p += j - 1;
-		}
-		*p++ = 0xBA;
-	}
-	memcpy(p, from, flen);
-	p += flen;
-	*p = 0xCC;
-	return 1;
-}
-
-int
-RSA_padding_check_X931(unsigned char *to, int tlen, const unsigned char *from,
-    int flen, int num)
-{
-	int i = 0, j;
-	const unsigned char *p = from;
-
-	if (num != flen || (*p != 0x6A && *p != 0x6B)) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_HEADER);
-		return -1;
-	}
-
-	if (*p++ == 0x6B) {
-		j = flen - 3;
-		for (i = 0; i < j; i++) {
-			unsigned char c = *p++;
-			if (c == 0xBA)
-				break;
-			if (c != 0xBB) {
-				RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
-				    RSA_R_INVALID_PADDING);
-				return -1;
-			}
-		}
-
-		if (i == 0) {
-			RSAerr(RSA_F_RSA_PADDING_CHECK_X931,
-			    RSA_R_INVALID_PADDING);
-			return -1;
-		}
-
-		j -= i;
-	} else
-		j = flen - 2;
-
-	if (j < 0 || p[j] != 0xCC) {
-		RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
-		return -1;
-	}
-
-	memcpy(to, p, j);
-
-	return j;
-}
-
-/* Translate between X931 hash ids and NIDs */
-
-int
-RSA_X931_hash_id(int nid)
-{
-	switch (nid) {
-	case NID_sha1:
-		return 0x33;
-	case NID_sha256:
-		return 0x34;
-	case NID_sha384:
-		return 0x36;
-	case NID_sha512:
-		return 0x35;
-	}
-
-	return -1;
-}
diff --git a/lib/libssl/src/crypto/s390xcap.c b/lib/libssl/src/crypto/s390xcap.c
deleted file mode 100644
index 6fc60f27f28..00000000000
--- a/lib/libssl/src/crypto/s390xcap.c
+++ /dev/null
@@ -1,43 +0,0 @@
-/* $OpenBSD: s390xcap.c,v 1.3 2014/06/12 15:49:27 deraadt Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-
-extern unsigned long OPENSSL_s390xcap_P[];
-
-static sigjmp_buf ill_jmp;
-static void ill_handler (int sig)
-{
-	siglongjmp(ill_jmp, sig);
-}
-
-unsigned long OPENSSL_s390x_facilities(void);
-
-void
-OPENSSL_cpuid_setup(void)
-{
-	sigset_t oset;
-	struct sigaction ill_act, oact;
-
-	if (OPENSSL_s390xcap_P[0])
-		return;
-
-	OPENSSL_s390xcap_P[0] = 1UL << (8*sizeof(unsigned long) - 1);
-
-	memset(&ill_act, 0, sizeof(ill_act));
-	ill_act.sa_handler = ill_handler;
-	sigfillset(&ill_act.sa_mask);
-	sigdelset(&ill_act.sa_mask, SIGILL);
-	sigdelset(&ill_act.sa_mask, SIGTRAP);
-	sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-	sigaction (SIGILL, &ill_act, &oact);
-
-	/* protection against missing store-facility-list-extended */
-	if (sigsetjmp(ill_jmp, 1) == 0)
-		OPENSSL_s390x_facilities();
-
-	sigaction (SIGILL, &oact, NULL);
-	sigprocmask(SIG_SETMASK, &oset, NULL);
-}
diff --git a/lib/libssl/src/crypto/s390xcpuid.S b/lib/libssl/src/crypto/s390xcpuid.S
deleted file mode 100644
index 25adb646c4c..00000000000
--- a/lib/libssl/src/crypto/s390xcpuid.S
+++ /dev/null
@@ -1,55 +0,0 @@
-.text
-
-.globl	OPENSSL_s390x_facilities
-.type	OPENSSL_s390x_facilities,@function
-.align	16
-OPENSSL_s390x_facilities:
-	lghi	%r0,0
-	larl	%r2,OPENSSL_s390xcap_P
-	stg	%r0,8(%r2)
-	.long	0xb2b02000	# stfle	0(%r2)
-	brc	8,.Ldone
-	lghi	%r0,1
-	.long	0xb2b02000	# stfle 0(%r2)
-.Ldone:
-	lg	%r2,0(%r2)
-	br	%r14
-.size	OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
-
-.globl	OPENSSL_atomic_add
-.type	OPENSSL_atomic_add,@function
-.align	16
-OPENSSL_atomic_add:
-	l	%r1,0(%r2)
-.Lspin:	lr	%r0,%r1
-	ar	%r0,%r3
-	cs	%r1,%r0,0(%r2)
-	brc	4,.Lspin
-	lgfr	%r2,%r0		# OpenSSL expects the new value
-	br	%r14
-.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
-
-.globl	OPENSSL_wipe_cpu
-.type	OPENSSL_wipe_cpu,@function
-.align	16
-OPENSSL_wipe_cpu:
-	xgr	%r0,%r0
-	xgr	%r1,%r1
-	lgr	%r2,%r15
-	xgr	%r3,%r3
-	xgr	%r4,%r4
-	lzdr	%f0
-	lzdr	%f1
-	lzdr	%f2
-	lzdr	%f3
-	lzdr	%f4
-	lzdr	%f5
-	lzdr	%f6
-	lzdr	%f7
-	br	%r14
-.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-
-.section	.init
-	brasl	%r14,OPENSSL_cpuid_setup
-
-.comm	OPENSSL_s390xcap_P,16,8
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-586.pl b/lib/libssl/src/crypto/sha/asm/sha1-586.pl
deleted file mode 100644
index 6fbea34d78c..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-586.pl
+++ /dev/null
@@ -1,1225 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# "[Re]written" was achieved in two major overhauls. In 2004 BODY_*
-# functions were re-implemented to address P4 performance issue [see
-# commentary below], and in 2006 the rest was rewritten in order to
-# gain freedom to liberate licensing terms.
-
-# January, September 2004.
-#
-# It was noted that Intel IA-32 C compiler generates code which
-# performs ~30% *faster* on P4 CPU than original *hand-coded*
-# SHA1 assembler implementation. To address this problem (and
-# prove that humans are still better than machines:-), the
-# original code was overhauled, which resulted in following
-# performance changes:
-#
-#		compared with original	compared with Intel cc
-#		assembler impl.		generated code
-# Pentium	-16%			+48%
-# PIII/AMD	+8%			+16%
-# P4		+85%(!)			+45%
-#
-# As you can see Pentium came out as looser:-( Yet I reckoned that
-# improvement on P4 outweights the loss and incorporate this
-# re-tuned code to 0.9.7 and later.
-# ----------------------------------------------------------------
-#					<appro@fy.chalmers.se>
-
-# August 2009.
-#
-# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as
-# '(c&d) + (b&(c^d))', which allows to accumulate partial results
-# and lighten "pressure" on scratch registers. This resulted in
-# >12% performance improvement on contemporary AMD cores (with no
-# degradation on other CPUs:-). Also, the code was revised to maximize
-# "distance" between instructions producing input to 'lea' instruction
-# and the 'lea' instruction itself, which is essential for Intel Atom
-# core and resulted in ~15% improvement.
-
-# October 2010.
-#
-# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
-# is to offload message schedule denoted by Wt in NIST specification,
-# or Xupdate in OpenSSL source, to SIMD unit. The idea is not novel,
-# and in SSE2 context was first explored by Dean Gaudet in 2004, see
-# http://arctic.org/~dean/crypto/sha1.html. Since then several things
-# have changed that made it interesting again:
-#
-# a) XMM units became faster and wider;
-# b) instruction set became more versatile;
-# c) an important observation was made by Max Locktykhin, which made
-#    it possible to reduce amount of instructions required to perform
-#    the operation in question, for further details see
-#    http://software.intel.com/en-us/articles/improving-the-performance-of-the-secure-hash-algorithm-1/.
-
-# April 2011.
-#
-# Add AVX code path, probably most controversial... The thing is that
-# switch to AVX alone improves performance by as little as 4% in
-# comparison to SSSE3 code path. But below result doesn't look like
-# 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as
-# pair of �-ops, and it's the additional �-ops, two per round, that
-# make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded
-# as single �-op by Sandy Bridge and it's replacing 'ro[rl]' with
-# equivalent 'sh[rl]d' that is responsible for the impressive 5.1
-# cycles per processed byte. But 'sh[rl]d' is not something that used
-# to be fast, nor does it appear to be fast in upcoming Bulldozer
-# [according to its optimization manual]. Which is why AVX code path
-# is guarded by *both* AVX and synthetic bit denoting Intel CPUs.
-# One can argue that it's unfair to AMD, but without 'sh[rl]d' it
-# makes no sense to keep the AVX code path. If somebody feels that
-# strongly, it's probably more appropriate to discuss possibility of
-# using vector rotate XOP on AMD...
-
-######################################################################
-# Current performance is summarized in following table. Numbers are
-# CPU clock cycles spent to process single byte (less is better).
-#
-#		x86		SSSE3		AVX
-# Pentium	15.7		-
-# PIII		11.5		-
-# P4		10.6		-
-# AMD K8	7.1		-
-# Core2		7.3		6.1/+20%	-
-# Atom		12.5		9.5(*)/+32%	-
-# Westmere	7.3		5.6/+30%	-
-# Sandy Bridge	8.8		6.2/+40%	5.1(**)/+70%
-#
-# (*)	Loop is 1056 instructions long and expected result is ~8.25.
-#	It remains mystery [to me] why ILP is limited to 1.7.
-#
-# (**)	As per above comment, the result is for AVX *plus* sh[rl]d.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
-
-$xmm=$ymm=0;
-for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-$ymm=1 if ($xmm &&
-		`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
-			=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
-		$1>=2.19);	# first version supporting AVX
-
-&external_label("OPENSSL_ia32cap_P") if ($xmm);
-
-
-$A="eax";
-$B="ebx";
-$C="ecx";
-$D="edx";
-$E="edi";
-$T="esi";
-$tmp1="ebp";
-
-@V=($A,$B,$C,$D,$E,$T);
-
-$alt=0;	# 1 denotes alternative IALU implementation, which performs
-	# 8% *worse* on P4, same on Westmere and Atom, 2% better on
-	# Sandy Bridge...
-
-sub BODY_00_15
-	{
-	local($n,$a,$b,$c,$d,$e,$f)=@_;
-
-	&comment("00_15 $n");
-
-	&mov($f,$c);			# f to hold F_00_19(b,c,d)
-	 if ($n==0)  { &mov($tmp1,$a); }
-	 else        { &mov($a,$tmp1); }
-	&rotl($tmp1,5);			# tmp1=ROTATE(a,5)
-	 &xor($f,$d);
-	&add($tmp1,$e);			# tmp1+=e;
-	 &mov($e,&swtmp($n%16));	# e becomes volatile and is loaded
-	 				# with xi, also note that e becomes
-					# f in next round...
-	&and($f,$b);
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &xor($f,$d);			# f holds F_00_19(b,c,d)
-	&lea($tmp1,&DWP(0x5a827999,$tmp1,$e));	# tmp1+=K_00_19+xi
-
-	if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round
-		      &add($f,$tmp1); }	# f+=tmp1
-	else        { &add($tmp1,$f); }	# f becomes a in next round
-	&mov($tmp1,$a)			if ($alt && $n==15);
-	}
-
-sub BODY_16_19
-	{
-	local($n,$a,$b,$c,$d,$e,$f)=@_;
-
-	&comment("16_19 $n");
-
-if ($alt) {
-	&xor($c,$d);
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&and($tmp1,$c);			# tmp1 to hold F_00_19(b,c,d), b&=c^d
-	 &xor($f,&swtmp(($n+8)%16));
-	&xor($tmp1,$d);			# tmp1=F_00_19(b,c,d)
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &add($e,$tmp1);		# e+=F_00_19(b,c,d)
-	&xor($c,$d);			# restore $c
-	 &mov($tmp1,$a);		# b in next round
-	&rotr($b,$n==16?2:7);		# b=ROTATE(b,30)
-	 &mov(&swtmp($n%16),$f);	# xi=f
-	&rotl($a,5);			# ROTATE(a,5)
-	 &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
-	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
-	 &add($f,$a);			# f+=ROTATE(a,5)
-} else {
-	&mov($tmp1,$c);			# tmp1 to hold F_00_19(b,c,d)
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&xor($tmp1,$d);
-	 &xor($f,&swtmp(($n+8)%16));
-	&and($tmp1,$b);
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &xor($tmp1,$d);		# tmp1=F_00_19(b,c,d)
-	&add($e,$tmp1);			# e+=F_00_19(b,c,d)
-	 &mov($tmp1,$a);
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &mov(&swtmp($n%16),$f);	# xi=f
-	&rotl($tmp1,5);			# ROTATE(a,5)
-	 &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
-	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
-	 &add($f,$tmp1);		# f+=ROTATE(a,5)
-}
-	}
-
-sub BODY_20_39
-	{
-	local($n,$a,$b,$c,$d,$e,$f)=@_;
-	local $K=($n<40)?0x6ed9eba1:0xca62c1d6;
-
-	&comment("20_39 $n");
-
-if ($alt) {
-	&xor($tmp1,$c);			# tmp1 to hold F_20_39(b,c,d), b^=c
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&xor($tmp1,$d);			# tmp1 holds F_20_39(b,c,d)
-	 &xor($f,&swtmp(($n+8)%16));
-	&add($e,$tmp1);			# e+=F_20_39(b,c,d)
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &mov($tmp1,$a);		# b in next round
-	&rotr($b,7);			# b=ROTATE(b,30)
-	 &mov(&swtmp($n%16),$f)		if($n<77);# xi=f
-	&rotl($a,5);			# ROTATE(a,5)
-	 &xor($b,$c)			if($n==39);# warm up for BODY_40_59
-	&and($tmp1,$b)			if($n==39);
-	 &lea($f,&DWP($K,$f,$e));	# f+=e+K_XX_YY
-	&mov($e,&swtmp(($n+1)%16))	if($n<79);# pre-fetch f for next round
-	 &add($f,$a);			# f+=ROTATE(a,5)
-	&rotr($a,5)			if ($n==79);
-} else {
-	&mov($tmp1,$b);			# tmp1 to hold F_20_39(b,c,d)
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&xor($tmp1,$c);
-	 &xor($f,&swtmp(($n+8)%16));
-	&xor($tmp1,$d);			# tmp1 holds F_20_39(b,c,d)
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &add($e,$tmp1);		# e+=F_20_39(b,c,d)
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &mov($tmp1,$a);
-	&rotl($tmp1,5);			# ROTATE(a,5)
-	 &mov(&swtmp($n%16),$f) if($n<77);# xi=f
-	&lea($f,&DWP($K,$f,$e));	# f+=e+K_XX_YY
-	 &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
-	&add($f,$tmp1);			# f+=ROTATE(a,5)
-}
-	}
-
-sub BODY_40_59
-	{
-	local($n,$a,$b,$c,$d,$e,$f)=@_;
-
-	&comment("40_59 $n");
-
-if ($alt) {
-	&add($e,$tmp1);			# e+=b&(c^d)
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&mov($tmp1,$d);
-	 &xor($f,&swtmp(($n+8)%16));
-	&xor($c,$d);			# restore $c
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &and($tmp1,$c);
-	&rotr($b,7);			# b=ROTATE(b,30)
-	 &add($e,$tmp1);		# e+=c&d
-	&mov($tmp1,$a);			# b in next round
-	 &mov(&swtmp($n%16),$f);	# xi=f
-	&rotl($a,5);			# ROTATE(a,5)
-	 &xor($b,$c)			if ($n<59);
-	&and($tmp1,$b)			if ($n<59);# tmp1 to hold F_40_59(b,c,d)
-	 &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e+(b&(c^d))
-	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
-	 &add($f,$a);			# f+=ROTATE(a,5)
-} else {
-	&mov($tmp1,$c);			# tmp1 to hold F_40_59(b,c,d)
-	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
-	&xor($tmp1,$d);
-	 &xor($f,&swtmp(($n+8)%16));
-	&and($tmp1,$b);
-	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
-	&rotl($f,1);			# f=ROTATE(f,1)
-	 &add($tmp1,$e);		# b&(c^d)+=e
-	&rotr($b,2);			# b=ROTATE(b,30)
-	 &mov($e,$a);			# e becomes volatile
-	&rotl($e,5);			# ROTATE(a,5)
-	 &mov(&swtmp($n%16),$f);	# xi=f
-	&lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d))
-	 &mov($tmp1,$c);
-	&add($f,$e);			# f+=ROTATE(a,5)
-	 &and($tmp1,$d);
-	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
-	 &add($f,$tmp1);		# f+=c&d
-}
-	}
-
-&function_begin("sha1_block_data_order");
-if ($xmm) {
-  &static_label("ssse3_shortcut");
-  &static_label("avx_shortcut")		if ($ymm);
-  &static_label("K_XX_XX");
-
-	&call	(&label("pic_point"));	# make it PIC!
-  &set_label("pic_point");
-	&blindpop($tmp1);
-	&picmeup($T,"OPENSSL_ia32cap_P",$tmp1,&label("pic_point"));
-	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
-
-	&mov	($A,&DWP(0,$T));
-	&mov	($D,&DWP(4,$T));
-	&test	($D,1<<9);		# check SSSE3 bit
-	&jz	(&label("x86"));
-	&test	($A,1<<24);		# check FXSR bit
-	&jz	(&label("x86"));
-	if ($ymm) {
-		&and	($D,1<<28);		# mask AVX bit
-		&and	($A,1<<30);		# mask "Intel CPU" bit
-		&or	($A,$D);
-		&cmp	($A,1<<28|1<<30);
-		&je	(&label("avx_shortcut"));
-	}
-	&jmp	(&label("ssse3_shortcut"));
-  &set_label("x86",16);
-}
-	&mov($tmp1,&wparam(0));	# SHA_CTX *c
-	&mov($T,&wparam(1));	# const void *input
-	&mov($A,&wparam(2));	# size_t num
-	&stack_push(16+3);	# allocate X[16]
-	&shl($A,6);
-	&add($A,$T);
-	&mov(&wparam(2),$A);	# pointer beyond the end of input
-	&mov($E,&DWP(16,$tmp1));# pre-load E
-	&jmp(&label("loop"));
-
-&set_label("loop",16);
-
-	# copy input chunk to X, but reversing byte order!
-	for ($i=0; $i<16; $i+=4)
-		{
-		&mov($A,&DWP(4*($i+0),$T));
-		&mov($B,&DWP(4*($i+1),$T));
-		&mov($C,&DWP(4*($i+2),$T));
-		&mov($D,&DWP(4*($i+3),$T));
-		&bswap($A);
-		&bswap($B);
-		&bswap($C);
-		&bswap($D);
-		&mov(&swtmp($i+0),$A);
-		&mov(&swtmp($i+1),$B);
-		&mov(&swtmp($i+2),$C);
-		&mov(&swtmp($i+3),$D);
-		}
-	&mov(&wparam(1),$T);	# redundant in 1st spin
-
-	&mov($A,&DWP(0,$tmp1));	# load SHA_CTX
-	&mov($B,&DWP(4,$tmp1));
-	&mov($C,&DWP(8,$tmp1));
-	&mov($D,&DWP(12,$tmp1));
-	# E is pre-loaded
-
-	for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
-	for(;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
-	for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-	for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-	for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-
-	(($V[5] eq $D) and ($V[0] eq $E)) or die;	# double-check
-
-	&mov($tmp1,&wparam(0));	# re-load SHA_CTX*
-	&mov($D,&wparam(1));	# D is last "T" and is discarded
-
-	&add($E,&DWP(0,$tmp1));	# E is last "A"...
-	&add($T,&DWP(4,$tmp1));
-	&add($A,&DWP(8,$tmp1));
-	&add($B,&DWP(12,$tmp1));
-	&add($C,&DWP(16,$tmp1));
-
-	&mov(&DWP(0,$tmp1),$E);	# update SHA_CTX
-	 &add($D,64);		# advance input pointer
-	&mov(&DWP(4,$tmp1),$T);
-	 &cmp($D,&wparam(2));	# have we reached the end yet?
-	&mov(&DWP(8,$tmp1),$A);
-	 &mov($E,$C);		# C is last "E" which needs to be "pre-loaded"
-	&mov(&DWP(12,$tmp1),$B);
-	 &mov($T,$D);		# input pointer
-	&mov(&DWP(16,$tmp1),$C);
-	&jb(&label("loop"));
-
-	&stack_pop(16+3);
-&function_end("sha1_block_data_order");
-
-if ($xmm) {
-######################################################################
-# The SSSE3 implementation.
-#
-# %xmm[0-7] are used as ring @X[] buffer containing quadruples of last
-# 32 elements of the message schedule or Xupdate outputs. First 4
-# quadruples are simply byte-swapped input, next 4 are calculated
-# according to method originally suggested by Dean Gaudet (modulo
-# being implemented in SSSE3). Once 8 quadruples or 32 elements are
-# collected, it switches to routine proposed by Max Locktyukhin.
-#
-# Calculations inevitably require temporary reqisters, and there are
-# no %xmm registers left to spare. For this reason part of the ring
-# buffer, X[2..4] to be specific, is offloaded to 3 quadriples ring
-# buffer on the stack. Keep in mind that X[2] is alias X[-6], X[3] -
-# X[-5], and X[4] - X[-4]...
-#
-# Another notable optimization is aggressive stack frame compression
-# aiming to minimize amount of 9-byte instructions...
-#
-# Yet another notable optimization is "jumping" $B variable. It means
-# that there is no register permanently allocated for $B value. This
-# allowed to eliminate one instruction from body_20_39...
-#
-my $Xi=4;			# 4xSIMD Xupdate round, start pre-seeded
-my @X=map("xmm$_",(4..7,0..3));	# pre-seeded for $Xi=4
-my @V=($A,$B,$C,$D,$E);
-my $j=0;			# hash round
-my @T=($T,$tmp1);
-my $inp;
-
-my $_rol=sub { &rol(@_) };
-my $_ror=sub { &ror(@_) };
-
-&function_begin("_sha1_block_data_order_ssse3");
-	&call	(&label("pic_point"));	# make it PIC!
-	&set_label("pic_point");
-	&blindpop($tmp1);
-	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
-&set_label("ssse3_shortcut");
-
-	&movdqa	(@X[3],&QWP(0,$tmp1));		# K_00_19
-	&movdqa	(@X[4],&QWP(16,$tmp1));		# K_20_39
-	&movdqa	(@X[5],&QWP(32,$tmp1));		# K_40_59
-	&movdqa	(@X[6],&QWP(48,$tmp1));		# K_60_79
-	&movdqa	(@X[2],&QWP(64,$tmp1));		# pbswap mask
-
-	&mov	($E,&wparam(0));		# load argument block
-	&mov	($inp=@T[1],&wparam(1));
-	&mov	($D,&wparam(2));
-	&mov	(@T[0],"esp");
-
-	# stack frame layout
-	#
-	# +0	X[0]+K	X[1]+K	X[2]+K	X[3]+K	# XMM->IALU xfer area
-	#	X[4]+K	X[5]+K	X[6]+K	X[7]+K
-	#	X[8]+K	X[9]+K	X[10]+K	X[11]+K
-	#	X[12]+K	X[13]+K	X[14]+K	X[15]+K
-	#
-	# +64	X[0]	X[1]	X[2]	X[3]	# XMM->XMM backtrace area
-	#	X[4]	X[5]	X[6]	X[7]
-	#	X[8]	X[9]	X[10]	X[11]	# even borrowed for K_00_19
-	#
-	# +112	K_20_39	K_20_39	K_20_39	K_20_39	# constants
-	#	K_40_59	K_40_59	K_40_59	K_40_59
-	#	K_60_79	K_60_79	K_60_79	K_60_79
-	#	K_00_19	K_00_19	K_00_19	K_00_19
-	#	pbswap mask
-	#
-	# +192	ctx				# argument block
-	# +196	inp
-	# +200	end
-	# +204	esp
-	&sub	("esp",208);
-	&and	("esp",-64);
-
-	&movdqa	(&QWP(112+0,"esp"),@X[4]);	# copy constants
-	&movdqa	(&QWP(112+16,"esp"),@X[5]);
-	&movdqa	(&QWP(112+32,"esp"),@X[6]);
-	&shl	($D,6);				# len*64
-	&movdqa	(&QWP(112+48,"esp"),@X[3]);
-	&add	($D,$inp);			# end of input
-	&movdqa	(&QWP(112+64,"esp"),@X[2]);
-	&add	($inp,64);
-	&mov	(&DWP(192+0,"esp"),$E);		# save argument block
-	&mov	(&DWP(192+4,"esp"),$inp);
-	&mov	(&DWP(192+8,"esp"),$D);
-	&mov	(&DWP(192+12,"esp"),@T[0]);	# save original %esp
-
-	&mov	($A,&DWP(0,$E));		# load context
-	&mov	($B,&DWP(4,$E));
-	&mov	($C,&DWP(8,$E));
-	&mov	($D,&DWP(12,$E));
-	&mov	($E,&DWP(16,$E));
-	&mov	(@T[0],$B);			# magic seed
-
-	&movdqu	(@X[-4&7],&QWP(-64,$inp));	# load input to %xmm[0-3]
-	&movdqu	(@X[-3&7],&QWP(-48,$inp));
-	&movdqu	(@X[-2&7],&QWP(-32,$inp));
-	&movdqu	(@X[-1&7],&QWP(-16,$inp));
-	&pshufb	(@X[-4&7],@X[2]);		# byte swap
-	&pshufb	(@X[-3&7],@X[2]);
-	&pshufb	(@X[-2&7],@X[2]);
-	&movdqa	(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
-	&pshufb	(@X[-1&7],@X[2]);
-	&paddd	(@X[-4&7],@X[3]);		# add K_00_19
-	&paddd	(@X[-3&7],@X[3]);
-	&paddd	(@X[-2&7],@X[3]);
-	&movdqa	(&QWP(0,"esp"),@X[-4&7]);	# X[]+K xfer to IALU
-	&psubd	(@X[-4&7],@X[3]);		# restore X[]
-	&movdqa	(&QWP(0+16,"esp"),@X[-3&7]);
-	&psubd	(@X[-3&7],@X[3]);
-	&movdqa	(&QWP(0+32,"esp"),@X[-2&7]);
-	&psubd	(@X[-2&7],@X[3]);
-	&movdqa	(@X[0],@X[-3&7]);
-	&jmp	(&label("loop"));
-
-######################################################################
-# SSE instruction sequence is first broken to groups of independent
-# instructions, independent in respect to their inputs and shifter
-# (not all architectures have more than one). Then IALU instructions
-# are "knitted in" between the SSE groups. Distance is maintained for
-# SSE latency of 2 in hope that it fits better upcoming AMD Bulldozer
-# [which allegedly also implements SSSE3]...
-#
-# Temporary registers usage. X[2] is volatile at the entry and at the
-# end is restored from backtrace ring buffer. X[3] is expected to
-# contain current K_XX_XX constant and is used to caclulate X[-1]+K
-# from previous round, it becomes volatile the moment the value is
-# saved to stack for transfer to IALU. X[4] becomes volatile whenever
-# X[-4] is accumulated and offloaded to backtrace ring buffer, at the
-# end it is loaded with next K_XX_XX [which becomes X[3] in next
-# round]...
-#
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&palignr(@X[0],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	&movdqa	(@X[2],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &paddd	(@X[3],@X[-1&7]);
-	  &movdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psrldq	(@X[2],4);		# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[2],@X[-2&7]);	# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@X[2]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&movdqa	(@X[4],@X[0]);
-	&movdqa	(@X[2],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslldq	(@X[4],12);		# "X[0]"<<96, extract one dword
-	&paddd	(@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@X[2],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(@X[3],@X[4]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@X[4],30);
-	&por	(@X[0],@X[2]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5);	# restore X[] from backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslld	(@X[3],2);
-	&pxor	(@X[0],@X[4]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(@X[4],&QWP(112-16+16*(($Xi)/5),"esp"));	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@X[3]);		# "X[0]"^=("X[0]"<<96)<<<2
-	  &movdqa	(@X[1],@X[-2&7])	if ($Xi<7);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-}
-
-sub Xupdate_ssse3_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&movdqa	(@X[2],@X[-1&7])	if ($Xi==8);
-	 eval(shift(@insns));		# body_20_39
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
-	&palignr(@X[2],@X[-2&7],8);	# compose "X[-6]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
-	  &movdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);	# save X[] to backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 if ($Xi%5) {
-	  &movdqa	(@X[4],@X[3]);	# "perpetuate" K_XX_XX...
-	 } else {			# ... or load next one
-	  &movdqa	(@X[4],&QWP(112-16+16*($Xi/5),"esp"));
-	 }
-	  &paddd	(@X[3],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@X[2]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&movdqa	(@X[2],@X[0]);
-	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pslld	(@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	&psrld	(@X[2],30);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&por	(@X[0],@X[2]);		# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &movdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19);	# restore X[] from backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	  &movdqa	(@X[3],@X[0])	if ($Xi<19);
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-}
-
-sub Xuplast_ssse3_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &paddd	(@X[3],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&mov	($inp=@T[1],&DWP(192+4,"esp"));
-	&cmp	($inp,&DWP(192+8,"esp"));
-	&je	(&label("done"));
-
-	&movdqa	(@X[3],&QWP(112+48,"esp"));	# K_00_19
-	&movdqa	(@X[2],&QWP(112+64,"esp"));	# pbswap mask
-	&movdqu	(@X[-4&7],&QWP(0,$inp));	# load input
-	&movdqu	(@X[-3&7],&QWP(16,$inp));
-	&movdqu	(@X[-2&7],&QWP(32,$inp));
-	&movdqu	(@X[-1&7],&QWP(48,$inp));
-	&add	($inp,64);
-	&pshufb	(@X[-4&7],@X[2]);		# byte swap
-	&mov	(&DWP(192+4,"esp"),$inp);
-	&movdqa	(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
-
-  $Xi=0;
-}
-
-sub Xloop_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pshufb	(@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&paddd	(@X[($Xi-4)&7],@X[3]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(&QWP(0+16*$Xi,"esp"),@X[($Xi-4)&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psubd	(@X[($Xi-4)&7],@X[3]);
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-sub body_00_19 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,&DWP(4*($j&15),"esp"));',	# X[]+K xfer
-	'&xor	($c,$d);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&xor	($c,$d);',	# restore $c
-	'&xor	(@T[0],$d);',
-	'&add	($e,$a);',
-	'&$_ror	($b,$j?7:2);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-
-sub body_20_39 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,&DWP(4*($j++&15),"esp"));',	# X[]+K xfer
-	'&xor	(@T[0],$d);',	# ($b^$d)
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&xor	(@T[0],$c);',	# ($b^$d^$c)
-	'&add	($e,$a);',
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-
-sub body_40_59 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&mov	(@T[1],$c);',
-	'&xor	($c,$d);',
-	'&add	($e,&DWP(4*($j++&15),"esp"));',	# X[]+K xfer
-	'&and	(@T[1],$d);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[1]);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&add	($e,@T[0]);',
-	'&xor	($c,$d);',	# restore $c
-	'&add	($e,$a);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-
-&set_label("loop",16);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xuplast_ssse3_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-
-	&mov	(@T[1],&DWP(192,"esp"));	# update context
-	&add	($A,&DWP(0,@T[1]));
-	&add	(@T[0],&DWP(4,@T[1]));		# $b
-	&add	($C,&DWP(8,@T[1]));
-	&mov	(&DWP(0,@T[1]),$A);
-	&add	($D,&DWP(12,@T[1]));
-	&mov	(&DWP(4,@T[1]),@T[0]);
-	&add	($E,&DWP(16,@T[1]));
-	&mov	(&DWP(8,@T[1]),$C);
-	&mov	($B,@T[0]);
-	&mov	(&DWP(12,@T[1]),$D);
-	&mov	(&DWP(16,@T[1]),$E);
-	&movdqa	(@X[0],@X[-3&7]);
-
-	&jmp	(&label("loop"));
-
-&set_label("done",16);		$j=$saved_j; @V=@saved_V;
-
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-
-	&mov	(@T[1],&DWP(192,"esp"));	# update context
-	&add	($A,&DWP(0,@T[1]));
-	&mov	("esp",&DWP(192+12,"esp"));	# restore %esp
-	&add	(@T[0],&DWP(4,@T[1]));		# $b
-	&add	($C,&DWP(8,@T[1]));
-	&mov	(&DWP(0,@T[1]),$A);
-	&add	($D,&DWP(12,@T[1]));
-	&mov	(&DWP(4,@T[1]),@T[0]);
-	&add	($E,&DWP(16,@T[1]));
-	&mov	(&DWP(8,@T[1]),$C);
-	&mov	(&DWP(12,@T[1]),$D);
-	&mov	(&DWP(16,@T[1]),$E);
-
-&function_end("_sha1_block_data_order_ssse3");
-
-if ($ymm) {
-my $Xi=4;			# 4xSIMD Xupdate round, start pre-seeded
-my @X=map("xmm$_",(4..7,0..3));	# pre-seeded for $Xi=4
-my @V=($A,$B,$C,$D,$E);
-my $j=0;			# hash round
-my @T=($T,$tmp1);
-my $inp;
-
-my $_rol=sub { &shld(@_[0],@_) };
-my $_ror=sub { &shrd(@_[0],@_) };
-
-&function_begin("_sha1_block_data_order_avx");
-	&call	(&label("pic_point"));	# make it PIC!
-	&set_label("pic_point");
-	&blindpop($tmp1);
-	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
-&set_label("avx_shortcut");
-	&vzeroall();
-
-	&vmovdqa(@X[3],&QWP(0,$tmp1));		# K_00_19
-	&vmovdqa(@X[4],&QWP(16,$tmp1));		# K_20_39
-	&vmovdqa(@X[5],&QWP(32,$tmp1));		# K_40_59
-	&vmovdqa(@X[6],&QWP(48,$tmp1));		# K_60_79
-	&vmovdqa(@X[2],&QWP(64,$tmp1));		# pbswap mask
-
-	&mov	($E,&wparam(0));		# load argument block
-	&mov	($inp=@T[1],&wparam(1));
-	&mov	($D,&wparam(2));
-	&mov	(@T[0],"esp");
-
-	# stack frame layout
-	#
-	# +0	X[0]+K	X[1]+K	X[2]+K	X[3]+K	# XMM->IALU xfer area
-	#	X[4]+K	X[5]+K	X[6]+K	X[7]+K
-	#	X[8]+K	X[9]+K	X[10]+K	X[11]+K
-	#	X[12]+K	X[13]+K	X[14]+K	X[15]+K
-	#
-	# +64	X[0]	X[1]	X[2]	X[3]	# XMM->XMM backtrace area
-	#	X[4]	X[5]	X[6]	X[7]
-	#	X[8]	X[9]	X[10]	X[11]	# even borrowed for K_00_19
-	#
-	# +112	K_20_39	K_20_39	K_20_39	K_20_39	# constants
-	#	K_40_59	K_40_59	K_40_59	K_40_59
-	#	K_60_79	K_60_79	K_60_79	K_60_79
-	#	K_00_19	K_00_19	K_00_19	K_00_19
-	#	pbswap mask
-	#
-	# +192	ctx				# argument block
-	# +196	inp
-	# +200	end
-	# +204	esp
-	&sub	("esp",208);
-	&and	("esp",-64);
-
-	&vmovdqa(&QWP(112+0,"esp"),@X[4]);	# copy constants
-	&vmovdqa(&QWP(112+16,"esp"),@X[5]);
-	&vmovdqa(&QWP(112+32,"esp"),@X[6]);
-	&shl	($D,6);				# len*64
-	&vmovdqa(&QWP(112+48,"esp"),@X[3]);
-	&add	($D,$inp);			# end of input
-	&vmovdqa(&QWP(112+64,"esp"),@X[2]);
-	&add	($inp,64);
-	&mov	(&DWP(192+0,"esp"),$E);		# save argument block
-	&mov	(&DWP(192+4,"esp"),$inp);
-	&mov	(&DWP(192+8,"esp"),$D);
-	&mov	(&DWP(192+12,"esp"),@T[0]);	# save original %esp
-
-	&mov	($A,&DWP(0,$E));		# load context
-	&mov	($B,&DWP(4,$E));
-	&mov	($C,&DWP(8,$E));
-	&mov	($D,&DWP(12,$E));
-	&mov	($E,&DWP(16,$E));
-	&mov	(@T[0],$B);			# magic seed
-
-	&vmovdqu(@X[-4&7],&QWP(-64,$inp));	# load input to %xmm[0-3]
-	&vmovdqu(@X[-3&7],&QWP(-48,$inp));
-	&vmovdqu(@X[-2&7],&QWP(-32,$inp));
-	&vmovdqu(@X[-1&7],&QWP(-16,$inp));
-	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
-	&vpshufb(@X[-3&7],@X[-3&7],@X[2]);
-	&vpshufb(@X[-2&7],@X[-2&7],@X[2]);
-	&vmovdqa(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
-	&vpshufb(@X[-1&7],@X[-1&7],@X[2]);
-	&vpaddd	(@X[0],@X[-4&7],@X[3]);		# add K_00_19
-	&vpaddd	(@X[1],@X[-3&7],@X[3]);
-	&vpaddd	(@X[2],@X[-2&7],@X[3]);
-	&vmovdqa(&QWP(0,"esp"),@X[0]);		# X[]+K xfer to IALU
-	&vmovdqa(&QWP(0+16,"esp"),@X[1]);
-	&vmovdqa(&QWP(0+32,"esp"),@X[2]);
-	&jmp	(&label("loop"));
-
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
-	  &vmovdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpsrldq(@X[2],@X[-1&7],4);		# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[2],@X[2],@X[-2&7]);		# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@X[2]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@X[2],@X[0],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslldq(@X[4],@X[0],12);		# "X[0]"<<96, extract one dword
-	&vpaddd	(@X[0],@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@X[3],@X[4],30);
-	&vpor	(@X[0],@X[0],@X[2]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslld	(@X[4],@X[4],2);
-	  &vmovdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5);	# restore X[] from backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpxor	(@X[0],@X[0],@X[3]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@X[4]);		# "X[0]"^=("X[0]"<<96)<<<2
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(@X[4],&QWP(112-16+16*(($Xi)/5),"esp"));	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-}
-
-sub Xupdate_avx_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&vpalignr(@X[2],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
-	&vpxor	(@X[0],@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpxor	(@X[0],@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
-	  &vmovdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);	# save X[] to backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 if ($Xi%5) {
-	  &vmovdqa	(@X[4],@X[3]);	# "perpetuate" K_XX_XX...
-	 } else {			# ... or load next one
-	  &vmovdqa	(@X[4],&QWP(112-16+16*($Xi/5),"esp"));
-	 }
-	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@X[2]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpsrld	(@X[2],@X[0],30);
-	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpslld	(@X[0],@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpor	(@X[0],@X[0],@X[2]);	# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &vmovdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19);	# restore X[] from backtrace buffer
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-}
-
-sub Xuplast_avx_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&mov	($inp=@T[1],&DWP(192+4,"esp"));
-	&cmp	($inp,&DWP(192+8,"esp"));
-	&je	(&label("done"));
-
-	&vmovdqa(@X[3],&QWP(112+48,"esp"));	# K_00_19
-	&vmovdqa(@X[2],&QWP(112+64,"esp"));	# pbswap mask
-	&vmovdqu(@X[-4&7],&QWP(0,$inp));	# load input
-	&vmovdqu(@X[-3&7],&QWP(16,$inp));
-	&vmovdqu(@X[-2&7],&QWP(32,$inp));
-	&vmovdqu(@X[-1&7],&QWP(48,$inp));
-	&add	($inp,64);
-	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);		# byte swap
-	&mov	(&DWP(192+4,"esp"),$inp);
-	&vmovdqa(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
-
-  $Xi=0;
-}
-
-sub Xloop_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpshufb	(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpaddd	(@X[$Xi&7],@X[($Xi-4)&7],@X[3]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vmovdqa	(&QWP(0+16*$Xi,"esp"),@X[$Xi&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-&set_label("loop",16);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xuplast_avx_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-
-	&mov	(@T[1],&DWP(192,"esp"));	# update context
-	&add	($A,&DWP(0,@T[1]));
-	&add	(@T[0],&DWP(4,@T[1]));		# $b
-	&add	($C,&DWP(8,@T[1]));
-	&mov	(&DWP(0,@T[1]),$A);
-	&add	($D,&DWP(12,@T[1]));
-	&mov	(&DWP(4,@T[1]),@T[0]);
-	&add	($E,&DWP(16,@T[1]));
-	&mov	(&DWP(8,@T[1]),$C);
-	&mov	($B,@T[0]);
-	&mov	(&DWP(12,@T[1]),$D);
-	&mov	(&DWP(16,@T[1]),$E);
-
-	&jmp	(&label("loop"));
-
-&set_label("done",16);		$j=$saved_j; @V=@saved_V;
-
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-
-	&vzeroall();
-
-	&mov	(@T[1],&DWP(192,"esp"));	# update context
-	&add	($A,&DWP(0,@T[1]));
-	&mov	("esp",&DWP(192+12,"esp"));	# restore %esp
-	&add	(@T[0],&DWP(4,@T[1]));		# $b
-	&add	($C,&DWP(8,@T[1]));
-	&mov	(&DWP(0,@T[1]),$A);
-	&add	($D,&DWP(12,@T[1]));
-	&mov	(&DWP(4,@T[1]),@T[0]);
-	&add	($E,&DWP(16,@T[1]));
-	&mov	(&DWP(8,@T[1]),$C);
-	&mov	(&DWP(12,@T[1]),$D);
-	&mov	(&DWP(16,@T[1]),$E);
-&function_end("_sha1_block_data_order_avx");
-}
-&set_label("K_XX_XX",64);
-&data_word(0x5a827999,0x5a827999,0x5a827999,0x5a827999);	# K_00_19
-&data_word(0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1);	# K_20_39
-&data_word(0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc);	# K_40_59
-&data_word(0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6);	# K_60_79
-&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f);	# pbswap mask
-}
-&asciz("SHA1 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-alpha.pl b/lib/libssl/src/crypto/sha/asm/sha1-alpha.pl
deleted file mode 100644
index 44720c418c8..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-alpha.pl
+++ /dev/null
@@ -1,317 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA1 block procedure for Alpha.
-
-# On 21264 performance is 33% better than code generated by vendor
-# compiler, and 75% better than GCC [3.4], and in absolute terms is
-# 8.7 cycles per processed byte. Implementation features vectorized
-# byte swap, but not Xupdate.
-
-@X=(	"\$0",	"\$1",	"\$2",	"\$3",	"\$4",	"\$5",	"\$6",	"\$7",
-	"\$8",	"\$9",	"\$10",	"\$11",	"\$12",	"\$13",	"\$14",	"\$15");
-$ctx="a0";	# $16
-$inp="a1";
-$num="a2";
-$A="a3";
-$B="a4";	# 20
-$C="a5";
-$D="t8";
-$E="t9";	@V=($A,$B,$C,$D,$E);
-$t0="t10";	# 24
-$t1="t11";
-$t2="ra";
-$t3="t12";
-$K="AT";	# 28
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i==0);
-	ldq_u	@X[0],0+0($inp)
-	ldq_u	@X[1],0+7($inp)
-___
-$code.=<<___ if (!($i&1) && $i<14);
-	ldq_u	@X[$i+2],($i+2)*4+0($inp)
-	ldq_u	@X[$i+3],($i+2)*4+7($inp)
-___
-$code.=<<___ if (!($i&1) && $i<15);
-	extql	@X[$i],$inp,@X[$i]
-	extqh	@X[$i+1],$inp,@X[$i+1]
-
-	or	@X[$i+1],@X[$i],@X[$i]	# pair of 32-bit values are fetched
-
-	srl	@X[$i],24,$t0		# vectorized byte swap
-	srl	@X[$i],8,$t2
-
-	sll	@X[$i],8,$t3
-	sll	@X[$i],24,@X[$i]
-	zapnot	$t0,0x11,$t0
-	zapnot	$t2,0x22,$t2
-
-	zapnot	@X[$i],0x88,@X[$i]
-	or	$t0,$t2,$t0
-	zapnot	$t3,0x44,$t3
-	sll	$a,5,$t1
-
-	or	@X[$i],$t0,@X[$i]
-	addl	$K,$e,$e
-	and	$b,$c,$t2
-	zapnot	$a,0xf,$a
-
-	or	@X[$i],$t3,@X[$i]
-	srl	$a,27,$t0
-	bic	$d,$b,$t3
-	sll	$b,30,$b
-
-	extll	@X[$i],4,@X[$i+1]	# extract upper half
-	or	$t2,$t3,$t2
-	addl	@X[$i],$e,$e
-
-	addl	$t1,$e,$e
-	srl	$b,32,$t3
-	zapnot	@X[$i],0xf,@X[$i]
-
-	addl	$t0,$e,$e
-	addl	$t2,$e,$e
-	or	$t3,$b,$b
-___
-$code.=<<___ if (($i&1) && $i<15);
-	sll	$a,5,$t1
-	addl	$K,$e,$e
-	and	$b,$c,$t2
-	zapnot	$a,0xf,$a
-
-	srl	$a,27,$t0
-	addl	@X[$i%16],$e,$e
-	bic	$d,$b,$t3
-	sll	$b,30,$b
-
-	or	$t2,$t3,$t2
-	addl	$t1,$e,$e
-	srl	$b,32,$t3
-	zapnot	@X[$i],0xf,@X[$i]
-
-	addl	$t0,$e,$e
-	addl	$t2,$e,$e
-	or	$t3,$b,$b
-___
-$code.=<<___ if ($i>=15);	# with forward Xupdate
-	sll	$a,5,$t1
-	addl	$K,$e,$e
-	and	$b,$c,$t2
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
-
-	zapnot	$a,0xf,$a
-	addl	@X[$i%16],$e,$e
-	bic	$d,$b,$t3
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-
-	srl	$a,27,$t0
-	addl	$t1,$e,$e
-	or	$t2,$t3,$t2
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-
-	sll	$b,30,$b
-	addl	$t0,$e,$e
-	srl	@X[$j%16],31,$t1
-
-	addl	$t2,$e,$e
-	srl	$b,32,$t3
-	addl	@X[$j%16],@X[$j%16],@X[$j%16]
-
-	or	$t3,$b,$b
-	zapnot	@X[$i%16],0xf,@X[$i%16]
-	or	$t1,@X[$j%16],@X[$j%16]
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<79);	# with forward Xupdate
-	sll	$a,5,$t1
-	addl	$K,$e,$e
-	zapnot	$a,0xf,$a
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
-
-	sll	$b,30,$t3
-	addl	$t1,$e,$e
-	xor	$b,$c,$t2
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-
-	srl	$b,2,$b
-	addl	@X[$i%16],$e,$e
-	xor	$d,$t2,$t2
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-
-	srl	@X[$j%16],31,$t1
-	addl	$t2,$e,$e
-	srl	$a,27,$t0
-	addl	@X[$j%16],@X[$j%16],@X[$j%16]
-
-	or	$t3,$b,$b
-	addl	$t0,$e,$e
-	or	$t1,@X[$j%16],@X[$j%16]
-___
-$code.=<<___ if ($i<77);
-	zapnot	@X[$i%16],0xf,@X[$i%16]
-___
-$code.=<<___ if ($i==79);	# with context fetch
-	sll	$a,5,$t1
-	addl	$K,$e,$e
-	zapnot	$a,0xf,$a
-	ldl	@X[0],0($ctx)
-
-	sll	$b,30,$t3
-	addl	$t1,$e,$e
-	xor	$b,$c,$t2
-	ldl	@X[1],4($ctx)
-
-	srl	$b,2,$b
-	addl	@X[$i%16],$e,$e
-	xor	$d,$t2,$t2
-	ldl	@X[2],8($ctx)
-
-	srl	$a,27,$t0
-	addl	$t2,$e,$e
-	ldl	@X[3],12($ctx)
-
-	or	$t3,$b,$b
-	addl	$t0,$e,$e
-	ldl	@X[4],16($ctx)
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___;	# with forward Xupdate
-	sll	$a,5,$t1
-	addl	$K,$e,$e
-	zapnot	$a,0xf,$a
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
-
-	srl	$a,27,$t0
-	and	$b,$c,$t2
-	and	$b,$d,$t3
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-
-	sll	$b,30,$b
-	addl	$t1,$e,$e
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-
-	srl	@X[$j%16],31,$t1
-	addl	$t0,$e,$e
-	or	$t2,$t3,$t2
-	and	$c,$d,$t3
-
-	or	$t2,$t3,$t2
-	srl	$b,32,$t3
-	addl	@X[$i%16],$e,$e
-	addl	@X[$j%16],@X[$j%16],@X[$j%16]
-
-	or	$t3,$b,$b
-	addl	$t2,$e,$e
-	or	$t1,@X[$j%16],@X[$j%16]
-	zapnot	@X[$i%16],0xf,@X[$i%16]
-___
-}
-
-$code=<<___;
-#include <machine/asm.h>
-
-.text
-
-.set	noat
-.set	noreorder
-.globl	sha1_block_data_order
-.align	5
-.ent	sha1_block_data_order
-sha1_block_data_order:
-	lda	sp,-64(sp)
-	stq	ra,0(sp)
-	stq	s0,8(sp)
-	stq	s1,16(sp)
-	stq	s2,24(sp)
-	stq	s3,32(sp)
-	stq	s4,40(sp)
-	stq	s5,48(sp)
-	stq	fp,56(sp)
-	.mask	0x0400fe00,-64
-	.frame	sp,64,ra
-	.prologue 0
-
-	ldl	$A,0($ctx)
-	ldl	$B,4($ctx)
-	sll	$num,6,$num
-	ldl	$C,8($ctx)
-	ldl	$D,12($ctx)
-	ldl	$E,16($ctx)
-	addq	$inp,$num,$num
-
-.Lloop:
-	.set	noreorder
-	ldah	$K,23170(zero)
-	zapnot	$B,0xf,$B
-	lda	$K,31129($K)	# K_00_19
-___
-for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	ldah	$K,28378(zero)
-	lda	$K,-5215($K)	# K_20_39
-___
-for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	ldah	$K,-28900(zero)
-	lda	$K,-17188($K)	# K_40_59
-___
-for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	ldah	$K,-13725(zero)
-	lda	$K,-15914($K)	# K_60_79
-___
-for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	addl	@X[0],$A,$A
-	addl	@X[1],$B,$B
-	addl	@X[2],$C,$C
-	addl	@X[3],$D,$D
-	addl	@X[4],$E,$E
-	stl	$A,0($ctx)
-	stl	$B,4($ctx)
-	addq	$inp,64,$inp
-	stl	$C,8($ctx)
-	stl	$D,12($ctx)
-	stl	$E,16($ctx)
-	cmpult	$inp,$num,$t1
-	bne	$t1,.Lloop
-
-	.set	noreorder
-	ldq	ra,0(sp)
-	ldq	s0,8(sp)
-	ldq	s1,16(sp)
-	ldq	s2,24(sp)
-	ldq	s3,32(sp)
-	ldq	s4,40(sp)
-	ldq	s5,48(sp)
-	ldq	fp,56(sp)
-	lda	sp,64(sp)
-	ret	(ra)
-.end	sha1_block_data_order
-.ascii	"SHA1 block transform for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-$output=shift and open STDOUT,">$output";
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-armv4-large.pl b/lib/libssl/src/crypto/sha/asm/sha1-armv4-large.pl
deleted file mode 100644
index 33da3e0e3c0..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-armv4-large.pl
+++ /dev/null
@@ -1,248 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# sha1_block procedure for ARMv4.
-#
-# January 2007.
-
-# Size/performance trade-off
-# ====================================================================
-# impl		size in bytes	comp cycles[*]	measured performance
-# ====================================================================
-# thumb		304		3212		4420
-# armv4-small	392/+29%	1958/+64%	2250/+96%
-# armv4-compact	740/+89%	1552/+26%	1840/+22%
-# armv4-large	1420/+92%	1307/+19%	1370/+34%[***]
-# full unroll	~5100/+260%	~1260/+4%	~1300/+5%
-# ====================================================================
-# thumb		= same as 'small' but in Thumb instructions[**] and
-#		  with recurring code in two private functions;
-# small		= detached Xload/update, loops are folded;
-# compact	= detached Xload/update, 5x unroll;
-# large		= interleaved Xload/update, 5x unroll;
-# full unroll	= interleaved Xload/update, full unroll, estimated[!];
-#
-# [*]	Manually counted instructions in "grand" loop body. Measured
-#	performance is affected by prologue and epilogue overhead,
-#	i-cache availability, branch penalties, etc.
-# [**]	While each Thumb instruction is twice smaller, they are not as
-#	diverse as ARM ones: e.g., there are only two arithmetic
-#	instructions with 3 arguments, no [fixed] rotate, addressing
-#	modes are limited. As result it takes more instructions to do
-#	the same job in Thumb, therefore the code is never twice as
-#	small and always slower.
-# [***]	which is also ~35% better than compiler generated code. Dual-
-#	issue Cortex A8 core was measured to process input block in
-#	~990 cycles.
-
-# August 2010.
-#
-# Rescheduling for dual-issue pipeline resulted in 13% improvement on
-# Cortex A8 core and in absolute terms ~870 cycles per input block
-# [or 13.6 cycles per byte].
-
-# February 2011.
-#
-# Profiler-assisted and platform-specific optimization resulted in 10%
-# improvement on Cortex A8 core and 12.2 cycles per byte.
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$ctx="r0";
-$inp="r1";
-$len="r2";
-$a="r3";
-$b="r4";
-$c="r5";
-$d="r6";
-$e="r7";
-$K="r8";
-$t0="r9";
-$t1="r10";
-$t2="r11";
-$t3="r12";
-$Xi="r14";
-@V=($a,$b,$c,$d,$e);
-
-sub Xupdate {
-my ($a,$b,$c,$d,$e,$opt1,$opt2)=@_;
-$code.=<<___;
-	ldr	$t0,[$Xi,#15*4]
-	ldr	$t1,[$Xi,#13*4]
-	ldr	$t2,[$Xi,#7*4]
-	add	$e,$K,$e,ror#2			@ E+=K_xx_xx
-	ldr	$t3,[$Xi,#2*4]
-	eor	$t0,$t0,$t1
-	eor	$t2,$t2,$t3			@ 1 cycle stall
-	eor	$t1,$c,$d			@ F_xx_xx
-	mov	$t0,$t0,ror#31
-	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
-	eor	$t0,$t0,$t2,ror#31
-	str	$t0,[$Xi,#-4]!
-	$opt1					@ F_xx_xx
-	$opt2					@ F_xx_xx
-	add	$e,$e,$t0			@ E+=X[i]
-___
-}
-
-sub BODY_00_15 {
-my ($a,$b,$c,$d,$e)=@_;
-$code.=<<___;
-#if __ARM_ARCH__<7
-	ldrb	$t1,[$inp,#2]
-	ldrb	$t0,[$inp,#3]
-	ldrb	$t2,[$inp,#1]
-	add	$e,$K,$e,ror#2			@ E+=K_00_19
-	ldrb	$t3,[$inp],#4
-	orr	$t0,$t0,$t1,lsl#8
-	eor	$t1,$c,$d			@ F_xx_xx
-	orr	$t0,$t0,$t2,lsl#16
-	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
-	orr	$t0,$t0,$t3,lsl#24
-#else
-	ldr	$t0,[$inp],#4			@ handles unaligned
-	add	$e,$K,$e,ror#2			@ E+=K_00_19
-	eor	$t1,$c,$d			@ F_xx_xx
-	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
-#ifdef __ARMEL__
-	rev	$t0,$t0				@ byte swap
-#endif
-#endif
-	and	$t1,$b,$t1,ror#2
-	add	$e,$e,$t0			@ E+=X[i]
-	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
-	str	$t0,[$Xi,#-4]!
-	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
-___
-}
-
-sub BODY_16_19 {
-my ($a,$b,$c,$d,$e)=@_;
-	&Xupdate(@_,"and $t1,$b,$t1,ror#2");
-$code.=<<___;
-	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
-	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
-___
-}
-
-sub BODY_20_39 {
-my ($a,$b,$c,$d,$e)=@_;
-	&Xupdate(@_,"eor $t1,$b,$t1,ror#2");
-$code.=<<___;
-	add	$e,$e,$t1			@ E+=F_20_39(B,C,D)
-___
-}
-
-sub BODY_40_59 {
-my ($a,$b,$c,$d,$e)=@_;
-	&Xupdate(@_,"and $t1,$b,$t1,ror#2","and $t2,$c,$d");
-$code.=<<___;
-	add	$e,$e,$t1			@ E+=F_40_59(B,C,D)
-	add	$e,$e,$t2,ror#2
-___
-}
-
-$code=<<___;
-#include "arm_arch.h"
-
-.text
-
-.global	sha1_block_data_order
-.type	sha1_block_data_order,%function
-
-.align	2
-sha1_block_data_order:
-	stmdb	sp!,{r4-r12,lr}
-	add	$len,$inp,$len,lsl#6	@ $len to point at the end of $inp
-	ldmia	$ctx,{$a,$b,$c,$d,$e}
-.Lloop:
-	ldr	$K,.LK_00_19
-	mov	$Xi,sp
-	sub	sp,sp,#15*4
-	mov	$c,$c,ror#30
-	mov	$d,$d,ror#30
-	mov	$e,$e,ror#30		@ [6]
-.L_00_15:
-___
-for($i=0;$i<5;$i++) {
-	&BODY_00_15(@V);	unshift(@V,pop(@V));
-}
-$code.=<<___;
-	teq	$Xi,sp
-	bne	.L_00_15		@ [((11+4)*5+2)*3]
-	sub	sp,sp,#25*4
-___
-	&BODY_00_15(@V);	unshift(@V,pop(@V));
-	&BODY_16_19(@V);	unshift(@V,pop(@V));
-	&BODY_16_19(@V);	unshift(@V,pop(@V));
-	&BODY_16_19(@V);	unshift(@V,pop(@V));
-	&BODY_16_19(@V);	unshift(@V,pop(@V));
-$code.=<<___;
-
-	ldr	$K,.LK_20_39		@ [+15+16*4]
-	cmn	sp,#0			@ [+3], clear carry to denote 20_39
-.L_20_39_or_60_79:
-___
-for($i=0;$i<5;$i++) {
-	&BODY_20_39(@V);	unshift(@V,pop(@V));
-}
-$code.=<<___;
-	teq	$Xi,sp			@ preserve carry
-	bne	.L_20_39_or_60_79	@ [+((12+3)*5+2)*4]
-	bcs	.L_done			@ [+((12+3)*5+2)*4], spare 300 bytes
-
-	ldr	$K,.LK_40_59
-	sub	sp,sp,#20*4		@ [+2]
-.L_40_59:
-___
-for($i=0;$i<5;$i++) {
-	&BODY_40_59(@V);	unshift(@V,pop(@V));
-}
-$code.=<<___;
-	teq	$Xi,sp
-	bne	.L_40_59		@ [+((12+5)*5+2)*4]
-
-	ldr	$K,.LK_60_79
-	sub	sp,sp,#20*4
-	cmp	sp,#0			@ set carry to denote 60_79
-	b	.L_20_39_or_60_79	@ [+4], spare 300 bytes
-.L_done:
-	add	sp,sp,#80*4		@ "deallocate" stack frame
-	ldmia	$ctx,{$K,$t0,$t1,$t2,$t3}
-	add	$a,$K,$a
-	add	$b,$t0,$b
-	add	$c,$t1,$c,ror#2
-	add	$d,$t2,$d,ror#2
-	add	$e,$t3,$e,ror#2
-	stmia	$ctx,{$a,$b,$c,$d,$e}
-	teq	$inp,$len
-	bne	.Lloop			@ [+18], total 1307
-
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r12,pc}
-#else
-	ldmia	sp!,{r4-r12,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.align	2
-.LK_00_19:	.word	0x5a827999
-.LK_20_39:	.word	0x6ed9eba1
-.LK_40_59:	.word	0x8f1bbcdc
-.LK_60_79:	.word	0xca62c1d6
-.size	sha1_block_data_order,.-sha1_block_data_order
-.asciz	"SHA1 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT; # enforce flush
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl b/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl
deleted file mode 100644
index 02d35d1614c..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-ia64.pl
+++ /dev/null
@@ -1,305 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Eternal question is what's wrong with compiler generated code? The
-# trick is that it's possible to reduce the number of shifts required
-# to perform rotations by maintaining copy of 32-bit value in upper
-# bits of 64-bit register. Just follow mux2 and shrp instructions...
-# Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which
-# is >50% better than HP C and >2x better than gcc.
-
-$code=<<___;
-.ident  \"sha1-ia64.s, version 1.3\"
-.ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
-.explicit
-
-___
-
-
-if ($^O eq "hpux") {
-    $ADDP="addp4";
-    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
-} else { $ADDP="add"; }
-
-#$human=1;
-if ($human) {	# useful for visual code auditing...
-	($A,$B,$C,$D,$E)   = ("A","B","C","D","E");
-	($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4");
-	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
-	    (	"K_00_19","K_20_39","K_40_59","K_60_79"	);
-	@X= (	"X0", "X1", "X2", "X3", "X4", "X5", "X6", "X7",
-		"X8", "X9","X10","X11","X12","X13","X14","X15"	);
-}
-else {
-	($A,$B,$C,$D,$E)   =    ("loc0","loc1","loc2","loc3","loc4");
-	($h0,$h1,$h2,$h3,$h4) = ("loc5","loc6","loc7","loc8","loc9");
-	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
-	    (	"r14", "r15", "loc10", "loc11"	);
-	@X= (	"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
-		"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31"	);
-}
-
-sub BODY_00_15 {
-local	*code=shift;
-my	($i,$a,$b,$c,$d,$e)=@_;
-my	$j=$i+1;
-my	$Xn=@X[$j%16];
-
-$code.=<<___ if ($i==0);
-{ .mmi;	ld1	$X[$i]=[inp],2		    // MSB
-	ld1	tmp2=[tmp3],2		};;
-{ .mmi;	ld1	tmp0=[inp],2
-	ld1	tmp4=[tmp3],2		    // LSB
-	dep	$X[$i]=$X[$i],tmp2,8,8	};;
-___
-if ($i<15) {
-	$code.=<<___;
-{ .mmi;	ld1	$Xn=[inp],2		    // forward Xload
-	nop.m	0x0
-	dep	tmp1=tmp0,tmp4,8,8	};;
-{ .mmi;	ld1	tmp2=[tmp3],2		    // forward Xload
-	and	tmp4=$c,$b
-	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
-{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
-	andcm	tmp1=$d,$b
-	dep.z	tmp5=$a,5,27		};; // a<<5
-{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xload
-	or	tmp4=tmp4,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	extr.u	tmp1=$a,27,5		};; // a>>27
-{ .mmi;	ld1	tmp0=[inp],2		    // forward Xload
-	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi;	ld1	tmp4=[tmp3],2		    // forward Xload
-	or	tmp5=tmp1,tmp5		    // ROTATE(a,5)
-	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)
-	dep	$Xn=$Xn,tmp2,8,8	    // forward Xload
-	mux2	$X[$i]=$X[$i],0x44	} //;;
-
-___
-	}
-else	{
-	$code.=<<___;
-{ .mii;	and	tmp3=$c,$b
-	dep	tmp1=tmp0,tmp4,8,8;;
-	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
-{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
-	andcm	tmp1=$d,$b
-	dep.z	tmp5=$a,5,27		};; // a<<5
-{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xupdate
-	or	tmp4=tmp3,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
-	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
-	nop.i	0			};;
-{ .mmi;	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
-	xor	$Xn=$Xn,tmp3		    // forward Xupdate
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi; or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
-	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
-	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	mux2	$X[$i]=$X[$i],0x44	};;
-
-___
-	}
-}
-
-sub BODY_16_19 {
-local	*code=shift;
-my	($i,$a,$b,$c,$d,$e)=@_;
-my	$j=$i+1;
-my	$Xn=@X[$j%16];
-
-$code.=<<___;
-{ .mib;	add	$e=$e,$K_00_19		    // e+=K_00_19
-	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mib;	andcm	tmp1=$d,$b
-	and	tmp0=$c,$b		};;
-{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
-	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
-	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16]	// forward Xupdate
-	nop.i	0			};;
-{ .mmi;	add	$e=$e,tmp0		    // f+=F_00_19(b,c,d)
-	xor	$Xn=$Xn,tmp3		    // forward Xupdate
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
-	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
-	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	nop.i	0			};;
-
-___
-}
-
-sub BODY_20_39 {
-local	*code=shift;
-my	($i,$a,$b,$c,$d,$e,$Konst)=@_;
-	$Konst = $K_20_39 if (!defined($Konst));
-my	$j=$i+1;
-my	$Xn=@X[$j%16];
-
-if ($i<79) {
-$code.=<<___;
-{ .mib;	add	$e=$e,$Konst		    // e+=K_XX_XX
-	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mib;	xor	tmp0=$c,$b
-	xor	$Xn=$Xn,$X[($j+2)%16]	};; // forward Xupdate
-{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
-	xor	$Xn=$Xn,$X[($j+8)%16]	};; // forward Xupdate
-{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
-	xor	$Xn=$Xn,$X[($j+13)%16]	    // forward Xupdate
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
-	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
-	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	nop.i	0			};;
-
-___
-}
-else {
-$code.=<<___;
-{ .mib;	add	$e=$e,$Konst		    // e+=K_60_79
-	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mib;	xor	tmp0=$c,$b
-	add	$h1=$h1,$a		};; // wrap up
-{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
-	add	$h3=$h3,$c		};; // wrap up
-{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
-	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
-	shrp	$b=tmp6,tmp6,2		};; // b=ROTATE(b,30) ;;?
-{ .mmi;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
-	add	tmp3=1,inp		    // used in unaligned codepath
-	add	$h4=$h4,$d		};; // wrap up
-
-___
-}
-}
-
-sub BODY_40_59 {
-local	*code=shift;
-my	($i,$a,$b,$c,$d,$e)=@_;
-my	$j=$i+1;
-my	$Xn=@X[$j%16];
-
-$code.=<<___;
-{ .mib;	add	$e=$e,$K_40_59		    // e+=K_40_59
-	dep.z	tmp5=$a,5,27		}   // a<<5
-{ .mib;	and	tmp1=$c,$d
-	xor	tmp0=$c,$d		};;
-{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
-	add	tmp5=tmp5,tmp1		    // a<<5+(c&d)
-	extr.u	tmp1=$a,27,5		}   // a>>27
-{ .mmi;	and	tmp0=tmp0,$b
-	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
-	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] };;	// forward Xupdate
-{ .mmi;	add	$e=$e,tmp0		    // e+=b&(c^d)
-	add	tmp5=tmp5,tmp1		    // ROTATE(a,5)+(c&d)
-	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
-{ .mmi;	xor	$Xn=$Xn,tmp3
-	mux2	tmp6=$a,0x44		};; // see b in next iteration
-{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)+(c&d)
-	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
-	nop.i	0x0			};;
-
-___
-}
-sub BODY_60_79	{ &BODY_20_39(@_,$K_60_79); }
-
-$code.=<<___;
-.text
-
-tmp0=r8;
-tmp1=r9;
-tmp2=r10;
-tmp3=r11;
-ctx=r32;	// in0
-inp=r33;	// in1
-
-// void sha1_block_data_order(SHA_CTX *c,const void *p,size_t num);
-.global	sha1_block_data_order#
-.proc	sha1_block_data_order#
-.align	32
-sha1_block_data_order:
-	.prologue
-{ .mmi;	alloc	tmp1=ar.pfs,3,14,0,0
-	$ADDP	tmp0=4,ctx
-	.save	ar.lc,r3
-	mov	r3=ar.lc		}
-{ .mmi;	$ADDP	ctx=0,ctx
-	$ADDP	inp=0,inp
-	mov	r2=pr			};;
-tmp4=in2;
-tmp5=loc12;
-tmp6=loc13;
-	.body
-{ .mlx;	ld4	$h0=[ctx],8
-	movl	$K_00_19=0x5a827999	}
-{ .mlx;	ld4	$h1=[tmp0],8
-	movl	$K_20_39=0x6ed9eba1	};;
-{ .mlx;	ld4	$h2=[ctx],8
-	movl	$K_40_59=0x8f1bbcdc	}
-{ .mlx;	ld4	$h3=[tmp0]
-	movl	$K_60_79=0xca62c1d6	};;
-{ .mmi;	ld4	$h4=[ctx],-16
-	add	in2=-1,in2		    // adjust num for ar.lc
-	mov	ar.ec=1			};;
-{ .mmi;	nop.m	0
-	add	tmp3=1,inp
-	mov	ar.lc=in2		};; // brp.loop.imp: too far
-
-.Ldtop:
-{ .mmi;	mov	$A=$h0
-	mov	$B=$h1
-	mux2	tmp6=$h1,0x44		}
-{ .mmi;	mov	$C=$h2
-	mov	$D=$h3
-	mov	$E=$h4			};;
-
-___
-
-{ my $i;
-  my @V=($A,$B,$C,$D,$E);
-
-	for($i=0;$i<16;$i++)	{ &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); }
-	for(;$i<20;$i++)	{ &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); }
-	for(;$i<40;$i++)	{ &BODY_20_39(\$code,$i,@V); unshift(@V,pop(@V)); }
-	for(;$i<60;$i++)	{ &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); }
-	for(;$i<80;$i++)	{ &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); }
-
-	(($V[0] eq $A) and ($V[4] eq $E)) or die;	# double-check
-}
-
-$code.=<<___;
-{ .mmb;	add	$h0=$h0,$A
-	add	$h2=$h2,$C
-	br.ctop.dptk.many	.Ldtop	};;
-.Ldend:
-{ .mmi;	add	tmp0=4,ctx
-	mov	ar.lc=r3		};;
-{ .mmi;	st4	[ctx]=$h0,8
-	st4	[tmp0]=$h1,8		};;
-{ .mmi;	st4	[ctx]=$h2,8
-	st4	[tmp0]=$h3		};;
-{ .mib;	st4	[ctx]=$h4,-16
-	mov	pr=r2,0x1ffff
-	br.ret.sptk.many	b0	};;
-.endp	sha1_block_data_order#
-stringz	"SHA1 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$output=shift and open STDOUT,">$output";
-print $code;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-mips.pl b/lib/libssl/src/crypto/sha/asm/sha1-mips.pl
deleted file mode 100644
index 75fe7113e29..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-mips.pl
+++ /dev/null
@@ -1,350 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA1 block procedure for MIPS.
-
-# Performance improvement is 30% on unaligned input. The "secret" is
-# to deploy lwl/lwr pair to load unaligned input. One could have
-# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32-
-# compatible subroutine. There is room for minor optimization on
-# little-endian platforms...
-
-######################################################################
-# There is a number of MIPS ABI in use, O32 and N32/64 are most
-# widely used. Then there is a new contender: NUBI. It appears that if
-# one picks the latter, it's possible to arrange code in ABI neutral
-# manner. Therefore let's stick to NUBI register layout:
-#
-($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
-($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
-($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
-#
-# The return value is placed in $a0. Following coding rules facilitate
-# interoperability:
-#
-# - never ever touch $tp, "thread pointer", former $gp;
-# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
-#   old code];
-# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
-#
-# For reference here is register layout for N32/64 MIPS ABIs:
-#
-# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
-# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
-# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
-# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
-#
-$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
-
-if ($flavour =~ /64|n32/i) {
-	$PTR_ADD="dadd";	# incidentally works even on n32
-	$PTR_SUB="dsub";	# incidentally works even on n32
-	$REG_S="sd";
-	$REG_L="ld";
-	$PTR_SLL="dsll";	# incidentally works even on n32
-	$SZREG=8;
-} else {
-	$PTR_ADD="add";
-	$PTR_SUB="sub";
-	$REG_S="sw";
-	$REG_L="lw";
-	$PTR_SLL="sll";
-	$SZREG=4;
-}
-#
-# <appro@openssl.org>
-#
-######################################################################
-
-$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
-
-for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);   }
-open STDOUT,">$output";
-
-if (!defined($big_endian))
-            {   $big_endian=(unpack('L',pack('N',1))==1);   }
-
-# offsets of the Most and Least Significant Bytes
-$MSB=$big_endian?0:3;
-$LSB=3&~$MSB;
-
-@X=map("\$$_",(8..23));	# a4-a7,s0-s11
-
-$ctx=$a0;
-$inp=$a1;
-$num=$a2;
-$A="\$1";
-$B="\$2";
-$C="\$3";
-$D="\$7";
-$E="\$24";	@V=($A,$B,$C,$D,$E);
-$t0="\$25";
-$t1=$num;	# $num is offloaded to stack
-$t2="\$30";	# fp
-$K="\$31";	# ra
-
-sub BODY_00_14 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___	if (!$big_endian);
-	srl	$t0,@X[$i],24	# byte swap($i)
-	srl	$t1,@X[$i],8
-	andi	$t2,@X[$i],0xFF00
-	sll	@X[$i],@X[$i],24
-	andi	$t1,0xFF00
-	sll	$t2,$t2,8
-	or	@X[$i],$t0
-	or	$t1,$t2
-	or	@X[$i],$t1
-___
-$code.=<<___;
-	 lwl	@X[$j],$j*4+$MSB($inp)
-	sll	$t0,$a,5	# $i
-	addu	$e,$K
-	 lwr	@X[$j],$j*4+$LSB($inp)
-	srl	$t1,$a,27
-	addu	$e,$t0
-	xor	$t0,$c,$d
-	addu	$e,$t1
-	sll	$t2,$b,30
-	and	$t0,$b
-	srl	$b,$b,2
-	xor	$t0,$d
-	addu	$e,@X[$i]
-	or	$b,$t2
-	addu	$e,$t0
-___
-}
-
-sub BODY_15_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-
-$code.=<<___	if (!$big_endian && $i==15);
-	srl	$t0,@X[$i],24	# byte swap($i)
-	srl	$t1,@X[$i],8
-	andi	$t2,@X[$i],0xFF00
-	sll	@X[$i],@X[$i],24
-	andi	$t1,0xFF00
-	sll	$t2,$t2,8
-	or	@X[$i],$t0
-	or	@X[$i],$t1
-	or	@X[$i],$t2
-___
-$code.=<<___;
-	 xor	@X[$j%16],@X[($j+2)%16]
-	sll	$t0,$a,5	# $i
-	addu	$e,$K
-	srl	$t1,$a,27
-	addu	$e,$t0
-	 xor	@X[$j%16],@X[($j+8)%16]
-	xor	$t0,$c,$d
-	addu	$e,$t1
-	 xor	@X[$j%16],@X[($j+13)%16]
-	sll	$t2,$b,30
-	and	$t0,$b
-	 srl	$t1,@X[$j%16],31
-	 addu	@X[$j%16],@X[$j%16]
-	srl	$b,$b,2
-	xor	$t0,$d
-	 or	@X[$j%16],$t1
-	addu	$e,@X[$i%16]
-	or	$b,$t2
-	addu	$e,$t0
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<79);
-	 xor	@X[$j%16],@X[($j+2)%16]
-	sll	$t0,$a,5	# $i
-	addu	$e,$K
-	srl	$t1,$a,27
-	addu	$e,$t0
-	 xor	@X[$j%16],@X[($j+8)%16]
-	xor	$t0,$c,$d
-	addu	$e,$t1
-	 xor	@X[$j%16],@X[($j+13)%16]
-	sll	$t2,$b,30
-	xor	$t0,$b
-	 srl	$t1,@X[$j%16],31
-	 addu	@X[$j%16],@X[$j%16]
-	srl	$b,$b,2
-	addu	$e,@X[$i%16]
-	 or	@X[$j%16],$t1
-	or	$b,$t2
-	addu	$e,$t0
-___
-$code.=<<___ if ($i==79);
-	 lw	@X[0],0($ctx)
-	sll	$t0,$a,5	# $i
-	addu	$e,$K
-	 lw	@X[1],4($ctx)
-	srl	$t1,$a,27
-	addu	$e,$t0
-	 lw	@X[2],8($ctx)
-	xor	$t0,$c,$d
-	addu	$e,$t1
-	 lw	@X[3],12($ctx)
-	sll	$t2,$b,30
-	xor	$t0,$b
-	 lw	@X[4],16($ctx)
-	srl	$b,$b,2
-	addu	$e,@X[$i%16]
-	or	$b,$t2
-	addu	$e,$t0
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<79);
-	 xor	@X[$j%16],@X[($j+2)%16]
-	sll	$t0,$a,5	# $i
-	addu	$e,$K
-	srl	$t1,$a,27
-	addu	$e,$t0
-	 xor	@X[$j%16],@X[($j+8)%16]
-	and	$t0,$c,$d
-	addu	$e,$t1
-	 xor	@X[$j%16],@X[($j+13)%16]
-	sll	$t2,$b,30
-	addu	$e,$t0
-	 srl	$t1,@X[$j%16],31
-	xor	$t0,$c,$d
-	 addu	@X[$j%16],@X[$j%16]
-	and	$t0,$b
-	srl	$b,$b,2
-	 or	@X[$j%16],$t1
-	addu	$e,@X[$i%16]
-	or	$b,$t2
-	addu	$e,$t0
-___
-}
-
-$FRAMESIZE=16;	# large enough to accommodate NUBI saved registers
-$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
-
-$code=<<___;
-.text
-
-.set	noat
-.set	noreorder
-.align	5
-.globl	sha1_block_data_order
-.ent	sha1_block_data_order
-sha1_block_data_order:
-	.frame	$sp,$FRAMESIZE*$SZREG,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-	$PTR_SUB $sp,$FRAMESIZE*$SZREG
-	$REG_S	$ra,($FRAMESIZE-1)*$SZREG($sp)
-	$REG_S	$fp,($FRAMESIZE-2)*$SZREG($sp)
-	$REG_S	$s11,($FRAMESIZE-3)*$SZREG($sp)
-	$REG_S	$s10,($FRAMESIZE-4)*$SZREG($sp)
-	$REG_S	$s9,($FRAMESIZE-5)*$SZREG($sp)
-	$REG_S	$s8,($FRAMESIZE-6)*$SZREG($sp)
-	$REG_S	$s7,($FRAMESIZE-7)*$SZREG($sp)
-	$REG_S	$s6,($FRAMESIZE-8)*$SZREG($sp)
-	$REG_S	$s5,($FRAMESIZE-9)*$SZREG($sp)
-	$REG_S	$s4,($FRAMESIZE-10)*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	$s3,($FRAMESIZE-11)*$SZREG($sp)
-	$REG_S	$s2,($FRAMESIZE-12)*$SZREG($sp)
-	$REG_S	$s1,($FRAMESIZE-13)*$SZREG($sp)
-	$REG_S	$s0,($FRAMESIZE-14)*$SZREG($sp)
-	$REG_S	$gp,($FRAMESIZE-15)*$SZREG($sp)
-___
-$code.=<<___;
-	$PTR_SLL $num,6
-	$PTR_ADD $num,$inp
-	$REG_S	$num,0($sp)
-	lw	$A,0($ctx)
-	lw	$B,4($ctx)
-	lw	$C,8($ctx)
-	lw	$D,12($ctx)
-	b	.Loop
-	lw	$E,16($ctx)
-.align	4
-.Loop:
-	.set	reorder
-	lwl	@X[0],$MSB($inp)
-	lui	$K,0x5a82
-	lwr	@X[0],$LSB($inp)
-	ori	$K,0x7999	# K_00_19
-___
-for ($i=0;$i<15;$i++)	{ &BODY_00_14($i,@V); unshift(@V,pop(@V)); }
-for (;$i<20;$i++)	{ &BODY_15_19($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	lui	$K,0x6ed9
-	ori	$K,0xeba1	# K_20_39
-___
-for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	lui	$K,0x8f1b
-	ori	$K,0xbcdc	# K_40_59
-___
-for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	lui	$K,0xca62
-	ori	$K,0xc1d6	# K_60_79
-___
-for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	$PTR_ADD $inp,64
-	$REG_L	$num,0($sp)
-
-	addu	$A,$X[0]
-	addu	$B,$X[1]
-	sw	$A,0($ctx)
-	addu	$C,$X[2]
-	addu	$D,$X[3]
-	sw	$B,4($ctx)
-	addu	$E,$X[4]
-	sw	$C,8($ctx)
-	sw	$D,12($ctx)
-	sw	$E,16($ctx)
-	.set	noreorder
-	bne	$inp,$num,.Loop
-	nop
-
-	.set	noreorder
-	$REG_L	$ra,($FRAMESIZE-1)*$SZREG($sp)
-	$REG_L	$fp,($FRAMESIZE-2)*$SZREG($sp)
-	$REG_L	$s11,($FRAMESIZE-3)*$SZREG($sp)
-	$REG_L	$s10,($FRAMESIZE-4)*$SZREG($sp)
-	$REG_L	$s9,($FRAMESIZE-5)*$SZREG($sp)
-	$REG_L	$s8,($FRAMESIZE-6)*$SZREG($sp)
-	$REG_L	$s7,($FRAMESIZE-7)*$SZREG($sp)
-	$REG_L	$s6,($FRAMESIZE-8)*$SZREG($sp)
-	$REG_L	$s5,($FRAMESIZE-9)*$SZREG($sp)
-	$REG_L	$s4,($FRAMESIZE-10)*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s3,($FRAMESIZE-11)*$SZREG($sp)
-	$REG_L	$s2,($FRAMESIZE-12)*$SZREG($sp)
-	$REG_L	$s1,($FRAMESIZE-13)*$SZREG($sp)
-	$REG_L	$s0,($FRAMESIZE-14)*$SZREG($sp)
-	$REG_L	$gp,($FRAMESIZE-15)*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE*$SZREG
-.end	sha1_block_data_order
-.rdata
-.asciiz	"SHA1 for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
-___
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-parisc.pl b/lib/libssl/src/crypto/sha/asm/sha1-parisc.pl
deleted file mode 100644
index 6cb46564224..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-parisc.pl
+++ /dev/null
@@ -1,266 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA1 block procedure for PA-RISC.
-
-# June 2009.
-#
-# On PA-7100LC performance is >30% better than gcc 3.2 generated code
-# for aligned input and >50% better for unaligned. Compared to vendor
-# compiler on PA-8600 it's almost 60% faster in 64-bit build and just
-# few percent faster in 32-bit one (this for aligned input, data for
-# unaligned input is not available).
-#
-# Special thanks to polarhome.com for providing HP-UX account.
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-} else {
-	$LEVEL		="1.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-}
-
-$FRAME=14*$SIZE_T+$FRAME_MARKER;# 14 saved regs + frame marker
-				#                 [+ argument transfer]
-$ctx="%r26";		# arg0
-$inp="%r25";		# arg1
-$num="%r24";		# arg2
-
-$t0="%r28";
-$t1="%r29";
-$K="%r31";
-
-@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
-    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$t0);
-
-@V=($A,$B,$C,$D,$E)=("%r19","%r20","%r21","%r22","%r23");
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<15);
-	addl	$K,$e,$e	; $i
-	shd	$a,$a,27,$t1
-	addl	@X[$i],$e,$e
-	and	$c,$b,$t0
-	addl	$t1,$e,$e
-	andcm	$d,$b,$t1
-	shd	$b,$b,2,$b
-	or	$t1,$t0,$t0
-	addl	$t0,$e,$e
-___
-$code.=<<___ if ($i>=15);	# with forward Xupdate
-	addl	$K,$e,$e	; $i
-	shd	$a,$a,27,$t1
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
-	addl	@X[$i%16],$e,$e
-	and	$c,$b,$t0
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-	addl	$t1,$e,$e
-	andcm	$d,$b,$t1
-	shd	$b,$b,2,$b
-	or	$t1,$t0,$t0
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-	add	$t0,$e,$e
-	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<79);
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]	; $i
-	addl	$K,$e,$e
-	shd	$a,$a,27,$t1
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-	addl	@X[$i%16],$e,$e
-	xor	$b,$c,$t0
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-	addl	$t1,$e,$e
-	shd	$b,$b,2,$b
-	xor	$d,$t0,$t0
-	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
-	addl	$t0,$e,$e
-___
-$code.=<<___ if ($i==79);	# with context load
-	ldw	0($ctx),@X[0]	; $i
-	addl	$K,$e,$e
-	shd	$a,$a,27,$t1
-	ldw	4($ctx),@X[1]
-	addl	@X[$i%16],$e,$e
-	xor	$b,$c,$t0
-	ldw	8($ctx),@X[2]
-	addl	$t1,$e,$e
-	shd	$b,$b,2,$b
-	xor	$d,$t0,$t0
-	ldw	12($ctx),@X[3]
-	addl	$t0,$e,$e
-	ldw	16($ctx),@X[4]
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___;
-	shd	$a,$a,27,$t1	; $i
-	addl	$K,$e,$e
-	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
-	xor	$d,$c,$t0
-	addl	@X[$i%16],$e,$e
-	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
-	and	$b,$t0,$t0
-	addl	$t1,$e,$e
-	shd	$b,$b,2,$b
-	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
-	addl	$t0,$e,$e
-	and	$d,$c,$t1
-	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
-	addl	$t1,$e,$e
-___
-}
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.EXPORT	sha1_block_data_order,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
-sha1_block_data_order
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-14*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=16
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
-	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
-	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
-	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
-	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
-
-	ldw	0($ctx),$A
-	ldw	4($ctx),$B
-	ldw	8($ctx),$C
-	ldw	12($ctx),$D
-	ldw	16($ctx),$E
-
-	extru	$inp,31,2,$t0		; t0=inp&3;
-	sh3addl	$t0,%r0,$t0		; t0*=8;
-	subi	32,$t0,$t0		; t0=32-t0;
-	mtctl	$t0,%cr11		; %sar=t0;
-
-L\$oop
-	ldi	3,$t0
-	andcm	$inp,$t0,$t0		; 64-bit neutral
-___
-	for ($i=0;$i<15;$i++) {		# load input block
-	$code.="\tldw	`4*$i`($t0),@X[$i]\n";		}
-$code.=<<___;
-	cmpb,*=	$inp,$t0,L\$aligned
-	ldw	60($t0),@X[15]
-	ldw	64($t0),@X[16]
-___
-	for ($i=0;$i<16;$i++) {		# align input
-	$code.="\tvshd	@X[$i],@X[$i+1],@X[$i]\n";	}
-$code.=<<___;
-L\$aligned
-	ldil	L'0x5a827000,$K		; K_00_19
-	ldo	0x999($K),$K
-___
-for ($i=0;$i<20;$i++)   { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	ldil	L'0x6ed9e000,$K		; K_20_39
-	ldo	0xba1($K),$K
-___
-
-for (;$i<40;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	ldil	L'0x8f1bb000,$K		; K_40_59
-	ldo	0xcdc($K),$K
-___
-
-for (;$i<60;$i++)       { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	ldil	L'0xca62c000,$K		; K_60_79
-	ldo	0x1d6($K),$K
-___
-for (;$i<80;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	addl	@X[0],$A,$A
-	addl	@X[1],$B,$B
-	addl	@X[2],$C,$C
-	addl	@X[3],$D,$D
-	addl	@X[4],$E,$E
-	stw	$A,0($ctx)
-	stw	$B,4($ctx)
-	stw	$C,8($ctx)
-	stw	$D,12($ctx)
-	stw	$E,16($ctx)
-	addib,*<> -1,$num,L\$oop
-	ldo	64($inp),$inp
-
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
-	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
-	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
-	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
-	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.data
-	.STRINGZ "SHA1 block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/,\*/,/gm		if ($SIZE_T==4);
-$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-ppc.pl b/lib/libssl/src/crypto/sha/asm/sha1-ppc.pl
deleted file mode 100755
index 2140dd2f8dd..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-ppc.pl
+++ /dev/null
@@ -1,326 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# I let hardware handle unaligned input(*), except on page boundaries
-# (see below for details). Otherwise straightforward implementation
-# with X vector in register bank. The module is big-endian [which is
-# not big deal as there're no little-endian targets left around].
-#
-# (*) this means that this module is inappropriate for PPC403? Does
-#     anybody know if pre-POWER3 can sustain unaligned load?
-
-# 			-m64	-m32
-# ----------------------------------
-# PPC970,gcc-4.0.0	+76%	+59%
-# Power6,xlc-7		+68%	+33%
-
-$flavour = shift;
-
-if ($flavour =~ /64/) {
-	$SIZE_T	=8;
-	$LRSAVE	=2*$SIZE_T;
-	$UCMP	="cmpld";
-	$STU	="stdu";
-	$POP	="ld";
-	$PUSH	="std";
-} elsif ($flavour =~ /32/) {
-	$SIZE_T	=4;
-	$LRSAVE	=$SIZE_T;
-	$UCMP	="cmplw";
-	$STU	="stwu";
-	$POP	="lwz";
-	$PUSH	="stw";
-} else { die "nonsense $flavour"; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
-
-$FRAME=24*$SIZE_T+64;
-$LOCALS=6*$SIZE_T;
-
-$K  ="r0";
-$sp ="r1";
-$toc="r2";
-$ctx="r3";
-$inp="r4";
-$num="r5";
-$t0 ="r15";
-$t1 ="r6";
-
-$A  ="r7";
-$B  ="r8";
-$C  ="r9";
-$D  ="r10";
-$E  ="r11";
-$T  ="r12";
-
-@V=($A,$B,$C,$D,$E,$T);
-@X=("r16","r17","r18","r19","r20","r21","r22","r23",
-    "r24","r25","r26","r27","r28","r29","r30","r31");
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i==0);
-	lwz	@X[$i],`$i*4`($inp)
-___
-$code.=<<___ if ($i<15);
-	lwz	@X[$j],`$j*4`($inp)
-	add	$f,$K,$e
-	rotlwi	$e,$a,5
-	add	$f,$f,@X[$i]
-	and	$t0,$c,$b
-	add	$f,$f,$e
-	andc	$t1,$d,$b
-	rotlwi	$b,$b,30
-	or	$t0,$t0,$t1
-	add	$f,$f,$t0
-___
-$code.=<<___ if ($i>=15);
-	add	$f,$K,$e
-	rotlwi	$e,$a,5
-	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
-	add	$f,$f,@X[$i%16]
-	and	$t0,$c,$b
-	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
-	add	$f,$f,$e
-	andc	$t1,$d,$b
-	rotlwi	$b,$b,30
-	or	$t0,$t0,$t1
-	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
-	add	$f,$f,$t0
-	rotlwi	@X[$j%16],@X[$j%16],1
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i<79);
-	add	$f,$K,$e
-	rotlwi	$e,$a,5
-	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
-	add	$f,$f,@X[$i%16]
-	xor	$t0,$b,$c
-	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
-	add	$f,$f,$e
-	rotlwi	$b,$b,30
-	xor	$t0,$t0,$d
-	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
-	add	$f,$f,$t0
-	rotlwi	@X[$j%16],@X[$j%16],1
-___
-$code.=<<___ if ($i==79);
-	add	$f,$K,$e
-	rotlwi	$e,$a,5
-	lwz	r16,0($ctx)
-	add	$f,$f,@X[$i%16]
-	xor	$t0,$b,$c
-	lwz	r17,4($ctx)
-	add	$f,$f,$e
-	rotlwi	$b,$b,30
-	lwz	r18,8($ctx)
-	xor	$t0,$t0,$d
-	lwz	r19,12($ctx)
-	add	$f,$f,$t0
-	lwz	r20,16($ctx)
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e,$f)=@_;
-my $j=$i+1;
-$code.=<<___;
-	add	$f,$K,$e
-	rotlwi	$e,$a,5
-	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
-	add	$f,$f,@X[$i%16]
-	and	$t0,$b,$c
-	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
-	add	$f,$f,$e
-	or	$t1,$b,$c
-	rotlwi	$b,$b,30
-	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
-	and	$t1,$t1,$d
-	or	$t0,$t0,$t1
-	rotlwi	@X[$j%16],@X[$j%16],1
-	add	$f,$f,$t0
-___
-}
-
-$code=<<___;
-.machine	"any"
-.text
-
-.globl	.sha1_block_data_order
-.align	4
-.sha1_block_data_order:
-	$STU	$sp,-$FRAME($sp)
-	mflr	r0
-	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
-	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
-	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
-	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
-	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
-	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
-	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
-	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
-	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
-	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
-	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
-	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
-	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
-	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
-	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
-	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
-	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
-	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
-	lwz	$A,0($ctx)
-	lwz	$B,4($ctx)
-	lwz	$C,8($ctx)
-	lwz	$D,12($ctx)
-	lwz	$E,16($ctx)
-	andi.	r0,$inp,3
-	bne	Lunaligned
-Laligned:
-	mtctr	$num
-	bl	Lsha1_block_private
-	b	Ldone
-
-; PowerPC specification allows an implementation to be ill-behaved
-; upon unaligned access which crosses page boundary. "Better safe
-; than sorry" principle makes me treat it specially. But I don't
-; look for particular offending word, but rather for 64-byte input
-; block which crosses the boundary. Once found that block is aligned
-; and hashed separately...
-.align	4
-Lunaligned:
-	subfic	$t1,$inp,4096
-	andi.	$t1,$t1,4095	; distance to closest page boundary
-	srwi.	$t1,$t1,6	; t1/=64
-	beq	Lcross_page
-	$UCMP	$num,$t1
-	ble-	Laligned	; didn't cross the page boundary
-	mtctr	$t1
-	subfc	$num,$t1,$num
-	bl	Lsha1_block_private
-Lcross_page:
-	li	$t1,16
-	mtctr	$t1
-	addi	r20,$sp,$LOCALS	; spot within the frame
-Lmemcpy:
-	lbz	r16,0($inp)
-	lbz	r17,1($inp)
-	lbz	r18,2($inp)
-	lbz	r19,3($inp)
-	addi	$inp,$inp,4
-	stb	r16,0(r20)
-	stb	r17,1(r20)
-	stb	r18,2(r20)
-	stb	r19,3(r20)
-	addi	r20,r20,4
-	bdnz	Lmemcpy
-
-	$PUSH	$inp,`$FRAME-$SIZE_T*18`($sp)
-	li	$t1,1
-	addi	$inp,$sp,$LOCALS
-	mtctr	$t1
-	bl	Lsha1_block_private
-	$POP	$inp,`$FRAME-$SIZE_T*18`($sp)
-	addic.	$num,$num,-1
-	bne-	Lunaligned
-
-Ldone:
-	$POP	r0,`$FRAME+$LRSAVE`($sp)
-	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
-	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
-	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
-	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
-	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
-	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
-	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
-	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
-	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
-	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
-	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
-	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
-	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
-	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
-	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
-	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
-	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
-	mtlr	r0
-	addi	$sp,$sp,$FRAME
-	blr
-	.long	0
-	.byte	0,12,4,1,0x80,18,3,0
-	.long	0
-___
-
-# This is private block function, which uses tailored calling
-# interface, namely upon entry SHA_CTX is pre-loaded to given
-# registers and counter register contains amount of chunks to
-# digest...
-$code.=<<___;
-.align	4
-Lsha1_block_private:
-___
-$code.=<<___;	# load K_00_19
-	lis	$K,0x5a82
-	ori	$K,$K,0x7999
-___
-for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;	# load K_20_39
-	lis	$K,0x6ed9
-	ori	$K,$K,0xeba1
-___
-for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;	# load K_40_59
-	lis	$K,0x8f1b
-	ori	$K,$K,0xbcdc
-___
-for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;	# load K_60_79
-	lis	$K,0xca62
-	ori	$K,$K,0xc1d6
-___
-for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	add	r16,r16,$E
-	add	r17,r17,$T
-	add	r18,r18,$A
-	add	r19,r19,$B
-	add	r20,r20,$C
-	stw	r16,0($ctx)
-	mr	$A,r16
-	stw	r17,4($ctx)
-	mr	$B,r17
-	stw	r18,8($ctx)
-	mr	$C,r18
-	stw	r19,12($ctx)
-	mr	$D,r19
-	stw	r20,16($ctx)
-	mr	$E,r20
-	addi	$inp,$inp,`16*4`
-	bdnz-	Lsha1_block_private
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-___
-$code.=<<___;
-.asciz	"SHA1 block transform for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-s390x.pl b/lib/libssl/src/crypto/sha/asm/sha1-s390x.pl
deleted file mode 100644
index 9193dda45ef..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-s390x.pl
+++ /dev/null
@@ -1,246 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA1 block procedure for s390x.
-
-# April 2007.
-#
-# Performance is >30% better than gcc 3.3 generated code. But the real
-# twist is that SHA1 hardware support is detected and utilized. In
-# which case performance can reach further >4.5x for larger chunks.
-
-# January 2009.
-#
-# Optimize Xupdate for amount of memory references and reschedule
-# instructions to favour dual-issue z10 pipeline. On z10 hardware is
-# "only" ~2.3x faster than software.
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific.
-
-$kimdfunc=1;	# magic function code for kimd instruction
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$K_00_39="%r0"; $K=$K_00_39;
-$K_40_79="%r1";
-$ctx="%r2";	$prefetch="%r2";
-$inp="%r3";
-$len="%r4";
-
-$A="%r5";
-$B="%r6";
-$C="%r7";
-$D="%r8";
-$E="%r9";	@V=($A,$B,$C,$D,$E);
-$t0="%r10";
-$t1="%r11";
-@X=("%r12","%r13","%r14");
-$sp="%r15";
-
-$stdframe=16*$SIZE_T+4*8;
-$frame=$stdframe+16*4;
-
-sub Xupdate {
-my $i=shift;
-
-$code.=<<___ if ($i==15);
-	lg	$prefetch,$stdframe($sp)	### Xupdate(16) warm-up
-	lr	$X[0],$X[2]
-___
-return if ($i&1);	# Xupdate is vectorized and executed every 2nd cycle
-$code.=<<___ if ($i<16);
-	lg	$X[0],`$i*4`($inp)	### Xload($i)
-	rllg	$X[1],$X[0],32
-___
-$code.=<<___ if ($i>=16);
-	xgr	$X[0],$prefetch		### Xupdate($i)
-	lg	$prefetch,`$stdframe+4*(($i+2)%16)`($sp)
-	xg	$X[0],`$stdframe+4*(($i+8)%16)`($sp)
-	xgr	$X[0],$prefetch
-	rll	$X[0],$X[0],1
-	rllg	$X[1],$X[0],32
-	rll	$X[1],$X[1],1
-	rllg	$X[0],$X[1],32
-	lr	$X[2],$X[1]		# feedback
-___
-$code.=<<___ if ($i<=70);
-	stg	$X[0],`$stdframe+4*($i%16)`($sp)
-___
-unshift(@X,pop(@X));
-}
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi=$X[1];
-
-	&Xupdate($i);
-$code.=<<___;
-	alr	$e,$K		### $i
-	rll	$t1,$a,5
-	lr	$t0,$d
-	xr	$t0,$c
-	alr	$e,$t1
-	nr	$t0,$b
-	alr	$e,$xi
-	xr	$t0,$d
-	rll	$b,$b,30
-	alr	$e,$t0
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi=$X[1];
-
-	&Xupdate($i);
-$code.=<<___;
-	alr	$e,$K		### $i
-	rll	$t1,$a,5
-	lr	$t0,$b
-	alr	$e,$t1
-	xr	$t0,$c
-	alr	$e,$xi
-	xr	$t0,$d
-	rll	$b,$b,30
-	alr	$e,$t0
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi=$X[1];
-
-	&Xupdate($i);
-$code.=<<___;
-	alr	$e,$K		### $i
-	rll	$t1,$a,5
-	lr	$t0,$b
-	alr	$e,$t1
-	or	$t0,$c
-	lr	$t1,$b
-	nr	$t0,$d
-	nr	$t1,$c
-	alr	$e,$xi
-	or	$t0,$t1
-	rll	$b,$b,30
-	alr	$e,$t0
-___
-}
-
-$code.=<<___;
-.text
-.align	64
-.type	Ktable,\@object
-Ktable: .long	0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6
-	.skip	48	#.long	0,0,0,0,0,0,0,0,0,0,0,0
-.size	Ktable,.-Ktable
-.globl	sha1_block_data_order
-.type	sha1_block_data_order,\@function
-sha1_block_data_order:
-___
-$code.=<<___ if ($kimdfunc);
-	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lsoftware
-	lghi	%r0,0
-	la	%r1,`2*$SIZE_T`($sp)
-	.long	0xb93e0002	# kimd %r0,%r2
-	lg	%r0,`2*$SIZE_T`($sp)
-	tmhh	%r0,`0x8000>>$kimdfunc`
-	jz	.Lsoftware
-	lghi	%r0,$kimdfunc
-	lgr	%r1,$ctx
-	lgr	%r2,$inp
-	sllg	%r3,$len,6
-	.long	0xb93e0002	# kimd %r0,%r2
-	brc	1,.-4		# pay attention to "partial completion"
-	br	%r14
-.align	16
-.Lsoftware:
-___
-$code.=<<___;
-	lghi	%r1,-$frame
-	st${g}	$ctx,`2*$SIZE_T`($sp)
-	stm${g}	%r6,%r15,`6*$SIZE_T`($sp)
-	lgr	%r0,$sp
-	la	$sp,0(%r1,$sp)
-	st${g}	%r0,0($sp)
-
-	larl	$t0,Ktable
-	llgf	$A,0($ctx)
-	llgf	$B,4($ctx)
-	llgf	$C,8($ctx)
-	llgf	$D,12($ctx)
-	llgf	$E,16($ctx)
-
-	lg	$K_00_39,0($t0)
-	lg	$K_40_79,8($t0)
-
-.Lloop:
-	rllg	$K_00_39,$K_00_39,32
-___
-for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	rllg	$K_00_39,$K_00_39,32
-___
-for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;	$K=$K_40_79;
-	rllg	$K_40_79,$K_40_79,32
-___
-for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	rllg	$K_40_79,$K_40_79,32
-___
-for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-
-	l${g}	$ctx,`$frame+2*$SIZE_T`($sp)
-	la	$inp,64($inp)
-	al	$A,0($ctx)
-	al	$B,4($ctx)
-	al	$C,8($ctx)
-	al	$D,12($ctx)
-	al	$E,16($ctx)
-	st	$A,0($ctx)
-	st	$B,4($ctx)
-	st	$C,8($ctx)
-	st	$D,12($ctx)
-	st	$E,16($ctx)
-	brct${g} $len,.Lloop
-
-	lm${g}	%r6,%r15,`$frame+6*$SIZE_T`($sp)
-	br	%r14
-.size	sha1_block_data_order,.-sha1_block_data_order
-.string	"SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm	OPENSSL_s390xcap_P,16,8
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-sparcv9.pl b/lib/libssl/src/crypto/sha/asm/sha1-sparcv9.pl
deleted file mode 100644
index 5c161cecd69..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-sparcv9.pl
+++ /dev/null
@@ -1,284 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# Performance improvement is not really impressive on pre-T1 CPU: +8%
-# over Sun C and +25% over gcc [3.3]. While on T1, a.k.a. Niagara, it
-# turned to be 40% faster than 64-bit code generated by Sun C 5.8 and
-# >2x than 64-bit code generated by gcc 3.4. And there is a gimmick.
-# X[16] vector is packed to 8 64-bit registers and as result nothing
-# is spilled on stack. In addition input data is loaded in compact
-# instruction sequence, thus minimizing the window when the code is
-# subject to [inter-thread] cache-thrashing hazard. The goal is to
-# ensure scalability on UltraSPARC T1, or rather to avoid decay when
-# amount of active threads exceeds the number of physical cores.
-
-$bits=32;
-for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)	{ $bias=2047; $frame=192; }
-else		{ $bias=0;    $frame=112; }
-
-$output=shift;
-open STDOUT,">$output";
-
-@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
-$rot1m="%g2";
-$tmp64="%g3";
-$Xi="%g4";
-$A="%l0";
-$B="%l1";
-$C="%l2";
-$D="%l3";
-$E="%l4";
-@V=($A,$B,$C,$D,$E);
-$K_00_19="%l5";
-$K_20_39="%l6";
-$K_40_59="%l7";
-$K_60_79="%g5";
-@K=($K_00_19,$K_20_39,$K_40_59,$K_60_79);
-
-$ctx="%i0";
-$inp="%i1";
-$len="%i2";
-$tmp0="%i3";
-$tmp1="%i4";
-$tmp2="%i5";
-
-sub BODY_00_15 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi=($i&1)?@X[($i/2)%8]:$Xi;
-
-$code.=<<___;
-	sll	$a,5,$tmp0		!! $i
-	add	@K[$i/20],$e,$e
-	srl	$a,27,$tmp1
-	add	$tmp0,$e,$e
-	and	$c,$b,$tmp0
-	add	$tmp1,$e,$e
-	sll	$b,30,$tmp2
-	andn	$d,$b,$tmp1
-	srl	$b,2,$b
-	or	$tmp1,$tmp0,$tmp1
-	or	$tmp2,$b,$b
-	add	$xi,$e,$e
-___
-if ($i&1 && $i<15) {
-	$code.=
-	"	srlx	@X[(($i+1)/2)%8],32,$Xi\n";
-}
-$code.=<<___;
-	add	$tmp1,$e,$e
-___
-}
-
-sub Xupdate {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i/2;
-
-if ($i&1) {
-$code.=<<___;
-	sll	$a,5,$tmp0		!! $i
-	add	@K[$i/20],$e,$e
-	srl	$a,27,$tmp1
-___
-} else {
-$code.=<<___;
-	sllx	@X[($j+6)%8],32,$Xi	! Xupdate($i)
-	xor	@X[($j+1)%8],@X[$j%8],@X[$j%8]
-	srlx	@X[($j+7)%8],32,$tmp1
-	xor	@X[($j+4)%8],@X[$j%8],@X[$j%8]
-	sll	$a,5,$tmp0		!! $i
-	or	$tmp1,$Xi,$Xi
-	add	@K[$i/20],$e,$e		!!
-	xor	$Xi,@X[$j%8],@X[$j%8]
-	srlx	@X[$j%8],31,$Xi
-	add	@X[$j%8],@X[$j%8],@X[$j%8]
-	and	$Xi,$rot1m,$Xi
-	andn	@X[$j%8],$rot1m,@X[$j%8]
-	srl	$a,27,$tmp1		!!
-	or	$Xi,@X[$j%8],@X[$j%8]
-___
-}
-}
-
-sub BODY_16_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-
-	&Xupdate(@_);
-    if ($i&1) {
-	$xi=@X[($i/2)%8];
-    } else {
-	$xi=$Xi;
-	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
-    }
-$code.=<<___;
-	add	$tmp0,$e,$e		!!
-	and	$c,$b,$tmp0
-	add	$tmp1,$e,$e
-	sll	$b,30,$tmp2
-	add	$xi,$e,$e
-	andn	$d,$b,$tmp1
-	srl	$b,2,$b
-	or	$tmp1,$tmp0,$tmp1
-	or	$tmp2,$b,$b
-	add	$tmp1,$e,$e
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi;
-	&Xupdate(@_);
-    if ($i&1) {
-	$xi=@X[($i/2)%8];
-    } else {
-	$xi=$Xi;
-	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
-    }
-$code.=<<___;
-	add	$tmp0,$e,$e		!!
-	xor	$c,$b,$tmp0
-	add	$tmp1,$e,$e
-	sll	$b,30,$tmp2
-	xor	$d,$tmp0,$tmp1
-	srl	$b,2,$b
-	add	$tmp1,$e,$e
-	or	$tmp2,$b,$b
-	add	$xi,$e,$e
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $xi;
-	&Xupdate(@_);
-    if ($i&1) {
-	$xi=@X[($i/2)%8];
-    } else {
-	$xi=$Xi;
-	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
-    }
-$code.=<<___;
-	add	$tmp0,$e,$e		!!
-	and	$c,$b,$tmp0
-	add	$tmp1,$e,$e
-	sll	$b,30,$tmp2
-	or	$c,$b,$tmp1
-	srl	$b,2,$b
-	and	$d,$tmp1,$tmp1
-	add	$xi,$e,$e
-	or	$tmp1,$tmp0,$tmp1
-	or	$tmp2,$b,$b
-	add	$tmp1,$e,$e
-___
-}
-
-$code.=<<___ if ($bits==64);
-.register	%g2,#scratch
-.register	%g3,#scratch
-___
-$code.=<<___;
-.section	".text",#alloc,#execinstr
-
-.align	32
-.globl	sha1_block_data_order
-sha1_block_data_order:
-	save	%sp,-$frame,%sp
-	sllx	$len,6,$len
-	add	$inp,$len,$len
-
-	or	%g0,1,$rot1m
-	sllx	$rot1m,32,$rot1m
-	or	$rot1m,1,$rot1m
-
-	ld	[$ctx+0],$A
-	ld	[$ctx+4],$B
-	ld	[$ctx+8],$C
-	ld	[$ctx+12],$D
-	ld	[$ctx+16],$E
-	andn	$inp,7,$tmp0
-
-	sethi	%hi(0x5a827999),$K_00_19
-	or	$K_00_19,%lo(0x5a827999),$K_00_19
-	sethi	%hi(0x6ed9eba1),$K_20_39
-	or	$K_20_39,%lo(0x6ed9eba1),$K_20_39
-	sethi	%hi(0x8f1bbcdc),$K_40_59
-	or	$K_40_59,%lo(0x8f1bbcdc),$K_40_59
-	sethi	%hi(0xca62c1d6),$K_60_79
-	or	$K_60_79,%lo(0xca62c1d6),$K_60_79
-
-.Lloop:
-	ldx	[$tmp0+0],@X[0]
-	ldx	[$tmp0+16],@X[2]
-	ldx	[$tmp0+32],@X[4]
-	ldx	[$tmp0+48],@X[6]
-	and	$inp,7,$tmp1
-	ldx	[$tmp0+8],@X[1]
-	sll	$tmp1,3,$tmp1
-	ldx	[$tmp0+24],@X[3]
-	subcc	%g0,$tmp1,$tmp2	! should be 64-$tmp1, but -$tmp1 works too
-	ldx	[$tmp0+40],@X[5]
-	bz,pt	%icc,.Laligned
-	ldx	[$tmp0+56],@X[7]
-
-	sllx	@X[0],$tmp1,@X[0]
-	ldx	[$tmp0+64],$tmp64
-___
-for($i=0;$i<7;$i++)
-{   $code.=<<___;
-	srlx	@X[$i+1],$tmp2,$Xi
-	sllx	@X[$i+1],$tmp1,@X[$i+1]
-	or	$Xi,@X[$i],@X[$i]
-___
-}
-$code.=<<___;
-	srlx	$tmp64,$tmp2,$tmp64
-	or	$tmp64,@X[7],@X[7]
-.Laligned:
-	srlx	@X[0],32,$Xi
-___
-for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
-for (;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
-for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-
-	ld	[$ctx+0],@X[0]
-	ld	[$ctx+4],@X[1]
-	ld	[$ctx+8],@X[2]
-	ld	[$ctx+12],@X[3]
-	add	$inp,64,$inp
-	ld	[$ctx+16],@X[4]
-	cmp	$inp,$len
-
-	add	$A,@X[0],$A
-	st	$A,[$ctx+0]
-	add	$B,@X[1],$B
-	st	$B,[$ctx+4]
-	add	$C,@X[2],$C
-	st	$C,[$ctx+8]
-	add	$D,@X[3],$D
-	st	$D,[$ctx+12]
-	add	$E,@X[4],$E
-	st	$E,[$ctx+16]
-
-	bne	`$bits==64?"%xcc":"%icc"`,.Lloop
-	andn	$inp,7,$tmp0
-
-	ret
-	restore
-.type	sha1_block_data_order,#function
-.size	sha1_block_data_order,(.-sha1_block_data_order)
-.asciz	"SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
-.align	4
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-sparcv9a.pl b/lib/libssl/src/crypto/sha/asm/sha1-sparcv9a.pl
deleted file mode 100644
index e65291bbd97..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-sparcv9a.pl
+++ /dev/null
@@ -1,601 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# January 2009
-#
-# Provided that UltraSPARC VIS instructions are pipe-lined(*) and
-# pairable(*) with IALU ones, offloading of Xupdate to the UltraSPARC
-# Graphic Unit would make it possible to achieve higher instruction-
-# level parallelism, ILP, and thus higher performance. It should be
-# explicitly noted that ILP is the keyword, and it means that this
-# code would be unsuitable for cores like UltraSPARC-Tx. The idea is
-# not really novel, Sun had VIS-powered implementation for a while.
-# Unlike Sun's implementation this one can process multiple unaligned
-# input blocks, and as such works as drop-in replacement for OpenSSL
-# sha1_block_data_order. Performance improvement was measured to be
-# 40% over pure IALU sha1-sparcv9.pl on UltraSPARC-IIi, but 12% on
-# UltraSPARC-III. See below for discussion...
-#
-# The module does not present direct interest for OpenSSL, because
-# it doesn't provide better performance on contemporary SPARCv9 CPUs,
-# UltraSPARC-Tx and SPARC64-V[II] to be specific. Those who feel they
-# absolutely must score on UltraSPARC-I-IV can simply replace
-# crypto/sha/asm/sha1-sparcv9.pl with this module.
-#
-# (*)	"Pipe-lined" means that even if it takes several cycles to
-#	complete, next instruction using same functional unit [but not
-#	depending on the result of the current instruction] can start
-#	execution without having to wait for the unit. "Pairable"
-#	means that two [or more] independent instructions can be
-#	issued at the very same time.
-
-$bits=32;
-for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)	{ $bias=2047; $frame=192; }
-else		{ $bias=0;    $frame=112; }
-
-$output=shift;
-open STDOUT,">$output";
-
-$ctx="%i0";
-$inp="%i1";
-$len="%i2";
-$tmp0="%i3";
-$tmp1="%i4";
-$tmp2="%i5";
-$tmp3="%g5";
-
-$base="%g1";
-$align="%g4";
-$Xfer="%o5";
-$nXfer=$tmp3;
-$Xi="%o7";
-
-$A="%l0";
-$B="%l1";
-$C="%l2";
-$D="%l3";
-$E="%l4";
-@V=($A,$B,$C,$D,$E);
-
-$Actx="%o0";
-$Bctx="%o1";
-$Cctx="%o2";
-$Dctx="%o3";
-$Ectx="%o4";
-
-$fmul="%f32";
-$VK_00_19="%f34";
-$VK_20_39="%f36";
-$VK_40_59="%f38";
-$VK_60_79="%f40";
-@VK=($VK_00_19,$VK_20_39,$VK_40_59,$VK_60_79);
-@X=("%f0", "%f1", "%f2", "%f3", "%f4", "%f5", "%f6", "%f7",
-    "%f8", "%f9","%f10","%f11","%f12","%f13","%f14","%f15","%f16");
-
-# This is reference 2x-parallelized VIS-powered Xupdate procedure. It
-# covers even K_NN_MM addition...
-sub Xupdate {
-my ($i)=@_;
-my $K=@VK[($i+16)/20];
-my $j=($i+16)%16;
-
-#	[ provided that GSR.alignaddr_offset is 5, $mul contains
-#	  0x100ULL<<32|0x100 value and K_NN_MM are pre-loaded to
-#	  chosen registers... ]
-$code.=<<___;
-	fxors		@X[($j+13)%16],@X[$j],@X[$j]	!-1/-1/-1:X[0]^=X[13]
-	fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
-	fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
-	fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
-	faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
-	fpadd32		@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
-	fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
-	![fxors		%f15,%f2,%f2]
-	for		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
-	![fxors		%f0,%f3,%f3]			!10/17/12:X[0] dependency
-	fpadd32		$K,@X[$j],%f20
-	std		%f20,[$Xfer+`4*$j`]
-___
-# The numbers delimited with slash are the earliest possible dispatch
-# cycles for given instruction assuming 1 cycle latency for simple VIS
-# instructions, such as on UltraSPARC-I&II, 3 cycles latency, such as
-# on UltraSPARC-III&IV, and 2 cycles latency(*), respectively. Being
-# 2x-parallelized the procedure is "worth" 5, 8.5 or 6 ticks per SHA1
-# round. As [long as] FPU/VIS instructions are perfectly pairable with
-# IALU ones, the round timing is defined by the maximum between VIS
-# and IALU timings. The latter varies from round to round and averages
-# out at 6.25 ticks. This means that USI&II should operate at IALU
-# rate, while USIII&IV - at VIS rate. This explains why performance
-# improvement varies among processors. Well, given that pure IALU
-# sha1-sparcv9.pl module exhibits virtually uniform performance of
-# ~9.3 cycles per SHA1 round. Timings mentioned above are theoretical
-# lower limits. Real-life performance was measured to be 6.6 cycles
-# per SHA1 round on USIIi and 8.3 on USIII. The latter is lower than
-# half-round VIS timing, because there are 16 Xupdate-free rounds,
-# which "push down" average theoretical timing to 8 cycles...
-
-# (*)	SPARC64-V[II] was originally believed to have 2 cycles VIS
-#	latency. Well, it might have, but it doesn't have dedicated
-#	VIS-unit. Instead, VIS instructions are executed by other
-#	functional units, ones used here - by IALU. This doesn't
-#	improve effective ILP...
-}
-
-# The reference Xupdate procedure is then "strained" over *pairs* of
-# BODY_NN_MM and kind of modulo-scheduled in respect to X[n]^=X[n+13]
-# and K_NN_MM addition. It's "running" 15 rounds ahead, which leaves
-# plenty of room to amortize for read-after-write hazard, as well as
-# to fetch and align input for the next spin. The VIS instructions are
-# scheduled for latency of 2 cycles, because there are not enough IALU
-# instructions to schedule for latency of 3, while scheduling for 1
-# would give no gain on USI&II anyway.
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i&~1;
-my $k=($j+16+2)%16;	# ahead reference
-my $l=($j+16-2)%16;	# behind reference
-my $K=@VK[($j+16-2)/20];
-
-$j=($j+16)%16;
-
-$code.=<<___ if (!($i&1));
-	sll		$a,5,$tmp0			!! $i
-	and		$c,$b,$tmp3
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
-	sll		$b,30,$tmp2
-	add		$tmp1,$e,$e
-	andn		$d,$b,$tmp1
-	add		$Xi,$e,$e
-	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
-	srl		$b,2,$b
-	or		$tmp1,$tmp3,$tmp1
-	or		$tmp2,$b,$b
-	add		$tmp1,$e,$e
-	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
-___
-$code.=<<___ if ($i&1);
-	sll		$a,5,$tmp0			!! $i
-	and		$c,$b,$tmp3
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
-	sll		$b,30,$tmp2
-	add		$tmp1,$e,$e
-	 fpadd32	$K,@X[$l],%f20			!
-	andn		$d,$b,$tmp1
-	add		$Xi,$e,$e
-	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
-	srl		$b,2,$b
-	or		$tmp1,$tmp3,$tmp1
-	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
-	or		$tmp2,$b,$b
-	add		$tmp1,$e,$e
-___
-$code.=<<___ if ($i&1 && $i>=2);
-	 std		%f20,[$Xfer+`4*$l`]		!
-___
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i&~1;
-my $k=($j+16+2)%16;	# ahead reference
-my $l=($j+16-2)%16;	# behind reference
-my $K=@VK[($j+16-2)/20];
-
-$j=($j+16)%16;
-
-$code.=<<___ if (!($i&1) && $i<64);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
-___
-$code.=<<___ if ($i&1 && $i<64);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	 fpadd32	$K,@X[$l],%f20			!
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-	 std		%f20,[$Xfer+`4*$l`]		!
-___
-$code.=<<___ if ($i==64);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fpadd32	$K,@X[$l],%f20
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	 std		%f20,[$Xfer+`4*$l`]
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-___
-$code.=<<___ if ($i>64);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-___
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i&~1;
-my $k=($j+16+2)%16;	# ahead reference
-my $l=($j+16-2)%16;	# behind reference
-my $K=@VK[($j+16-2)/20];
-
-$j=($j+16)%16;
-
-$code.=<<___ if (!($i&1));
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
-	and		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	or		$c,$b,$tmp1
-	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
-	srl		$b,2,$b
-	and		$d,$tmp1,$tmp1
-	add		$Xi,$e,$e
-	or		$tmp1,$tmp0,$tmp1
-	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
-	or		$tmp2,$b,$b
-	add		$tmp1,$e,$e
-	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
-___
-$code.=<<___ if ($i&1);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
-	and		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	 fpadd32	$K,@X[$l],%f20			!
-	sll		$b,30,$tmp2
-	or		$c,$b,$tmp1
-	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
-	srl		$b,2,$b
-	and		$d,$tmp1,$tmp1
-	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
-	add		$Xi,$e,$e
-	or		$tmp1,$tmp0,$tmp1
-	or		$tmp2,$b,$b
-	add		$tmp1,$e,$e
-	 std		%f20,[$Xfer+`4*$l`]		!
-___
-}
-
-# If there is more data to process, then we pre-fetch the data for
-# next iteration in last ten rounds...
-sub BODY_70_79 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i&~1;
-my $m=($i%8)*2;
-
-$j=($j+16)%16;
-
-$code.=<<___ if ($i==70);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	 ldd		[$inp+64],@X[0]
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-
-	and		$inp,-64,$nXfer
-	inc		64,$inp
-	and		$nXfer,255,$nXfer
-	alignaddr	%g0,$align,%g0
-	add		$base,$nXfer,$nXfer
-___
-$code.=<<___ if ($i==71);
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-___
-$code.=<<___ if ($i>=72);
-	 faligndata	@X[$m],@X[$m+2],@X[$m]
-	sll		$a,5,$tmp0			!! $i
-	ld		[$Xfer+`4*($i%16)`],$Xi
-	srl		$a,27,$tmp1
-	add		$tmp0,$e,$e
-	xor		$c,$b,$tmp0
-	add		$tmp1,$e,$e
-	 fpadd32	$VK_00_19,@X[$m],%f20
-	sll		$b,30,$tmp2
-	xor		$d,$tmp0,$tmp1
-	srl		$b,2,$b
-	add		$tmp1,$e,$e
-	or		$tmp2,$b,$b
-	add		$Xi,$e,$e
-___
-$code.=<<___ if ($i<77);
-	 ldd		[$inp+`8*($i+1-70)`],@X[2*($i+1-70)]
-___
-$code.=<<___ if ($i==77);	# redundant if $inp was aligned
-	 add		$align,63,$tmp0
-	 and		$tmp0,-8,$tmp0
-	 ldd		[$inp+$tmp0],@X[16]
-___
-$code.=<<___ if ($i>=72);
-	 std		%f20,[$nXfer+`4*$m`]
-___
-}
-
-$code.=<<___;
-.section	".text",#alloc,#execinstr
-
-.align	64
-vis_const:
-.long	0x5a827999,0x5a827999	! K_00_19
-.long	0x6ed9eba1,0x6ed9eba1	! K_20_39
-.long	0x8f1bbcdc,0x8f1bbcdc	! K_40_59
-.long	0xca62c1d6,0xca62c1d6	! K_60_79
-.long	0x00000100,0x00000100
-.align	64
-.type	vis_const,#object
-.size	vis_const,(.-vis_const)
-
-.globl	sha1_block_data_order
-sha1_block_data_order:
-	save	%sp,-$frame,%sp
-	add	%fp,$bias-256,$base
-
-1:	call	.+8
-	add	%o7,vis_const-1b,$tmp0
-
-	ldd	[$tmp0+0],$VK_00_19
-	ldd	[$tmp0+8],$VK_20_39
-	ldd	[$tmp0+16],$VK_40_59
-	ldd	[$tmp0+24],$VK_60_79
-	ldd	[$tmp0+32],$fmul
-
-	ld	[$ctx+0],$Actx
-	and	$base,-256,$base
-	ld	[$ctx+4],$Bctx
-	sub	$base,$bias+$frame,%sp
-	ld	[$ctx+8],$Cctx
-	and	$inp,7,$align
-	ld	[$ctx+12],$Dctx
-	and	$inp,-8,$inp
-	ld	[$ctx+16],$Ectx
-
-	! X[16] is maintained in FP register bank
-	alignaddr	%g0,$align,%g0
-	ldd		[$inp+0],@X[0]
-	sub		$inp,-64,$Xfer
-	ldd		[$inp+8],@X[2]
-	and		$Xfer,-64,$Xfer
-	ldd		[$inp+16],@X[4]
-	and		$Xfer,255,$Xfer
-	ldd		[$inp+24],@X[6]
-	add		$base,$Xfer,$Xfer
-	ldd		[$inp+32],@X[8]
-	ldd		[$inp+40],@X[10]
-	ldd		[$inp+48],@X[12]
-	brz,pt		$align,.Laligned
-	ldd		[$inp+56],@X[14]
-
-	ldd		[$inp+64],@X[16]
-	faligndata	@X[0],@X[2],@X[0]
-	faligndata	@X[2],@X[4],@X[2]
-	faligndata	@X[4],@X[6],@X[4]
-	faligndata	@X[6],@X[8],@X[6]
-	faligndata	@X[8],@X[10],@X[8]
-	faligndata	@X[10],@X[12],@X[10]
-	faligndata	@X[12],@X[14],@X[12]
-	faligndata	@X[14],@X[16],@X[14]
-
-.Laligned:
-	mov		5,$tmp0
-	dec		1,$len
-	alignaddr	%g0,$tmp0,%g0
-	fpadd32		$VK_00_19,@X[0],%f16
-	fpadd32		$VK_00_19,@X[2],%f18
-	fpadd32		$VK_00_19,@X[4],%f20
-	fpadd32		$VK_00_19,@X[6],%f22
-	fpadd32		$VK_00_19,@X[8],%f24
-	fpadd32		$VK_00_19,@X[10],%f26
-	fpadd32		$VK_00_19,@X[12],%f28
-	fpadd32		$VK_00_19,@X[14],%f30
-	std		%f16,[$Xfer+0]
-	mov		$Actx,$A
-	std		%f18,[$Xfer+8]
-	mov		$Bctx,$B
-	std		%f20,[$Xfer+16]
-	mov		$Cctx,$C
-	std		%f22,[$Xfer+24]
-	mov		$Dctx,$D
-	std		%f24,[$Xfer+32]
-	mov		$Ectx,$E
-	std		%f26,[$Xfer+40]
-	fxors		@X[13],@X[0],@X[0]
-	std		%f28,[$Xfer+48]
-	ba		.Loop
-	std		%f30,[$Xfer+56]
-.align	32
-.Loop:
-___
-for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-for (;$i<70;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	tst		$len
-	bz,pn		`$bits==32?"%icc":"%xcc"`,.Ltail
-	nop
-___
-for (;$i<80;$i++)	{ &BODY_70_79($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	add		$A,$Actx,$Actx
-	add		$B,$Bctx,$Bctx
-	add		$C,$Cctx,$Cctx
-	add		$D,$Dctx,$Dctx
-	add		$E,$Ectx,$Ectx
-	mov		5,$tmp0
-	fxors		@X[13],@X[0],@X[0]
-	mov		$Actx,$A
-	mov		$Bctx,$B
-	mov		$Cctx,$C
-	mov		$Dctx,$D
-	mov		$Ectx,$E
-	alignaddr	%g0,$tmp0,%g0	
-	dec		1,$len
-	ba		.Loop
-	mov		$nXfer,$Xfer
-
-.align	32
-.Ltail:
-___
-for($i=70;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	add	$A,$Actx,$Actx
-	add	$B,$Bctx,$Bctx
-	add	$C,$Cctx,$Cctx
-	add	$D,$Dctx,$Dctx
-	add	$E,$Ectx,$Ectx
-
-	st	$Actx,[$ctx+0]
-	st	$Bctx,[$ctx+4]
-	st	$Cctx,[$ctx+8]
-	st	$Dctx,[$ctx+12]
-	st	$Ectx,[$ctx+16]
-
-	ret
-	restore
-.type	sha1_block_data_order,#function
-.size	sha1_block_data_order,(.-sha1_block_data_order)
-.asciz	"SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>"
-.align	4
-___
-
-# Purpose of these subroutines is to explicitly encode VIS instructions,
-# so that one can compile the module without having to specify VIS
-# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
-# Idea is to reserve for option to produce "universal" binary and let
-# programmer detect if current CPU is VIS capable at run-time.
-sub unvis {
-my ($mnemonic,$rs1,$rs2,$rd)=@_;
-my ($ref,$opf);
-my %visopf = (	"fmul8ulx16"	=> 0x037,
-		"faligndata"	=> 0x048,
-		"fpadd32"	=> 0x052,
-		"fxor"		=> 0x06c,
-		"fxors"		=> 0x06d	);
-
-    $ref = "$mnemonic\t$rs1,$rs2,$rd";
-
-    if ($opf=$visopf{$mnemonic}) {
-	foreach ($rs1,$rs2,$rd) {
-	    return $ref if (!/%f([0-9]{1,2})/);
-	    $_=$1;
-	    if ($1>=32) {
-		return $ref if ($1&1);
-		# re-encode for upper double register addressing
-		$_=($1|$1>>5)&31;
-	    }
-	}
-
-	return	sprintf ".word\t0x%08x !%s",
-			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
-			$ref;
-    } else {
-	return $ref;
-    }
-}
-sub unalignaddr {
-my ($mnemonic,$rs1,$rs2,$rd)=@_;
-my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
-my $ref="$mnemonic\t$rs1,$rs2,$rd";
-
-    foreach ($rs1,$rs2,$rd) {
-	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
-	else			{ return $ref; }
-    }
-    return  sprintf ".word\t0x%08x !%s",
-		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
-		    $ref;
-}
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),(%f[0-9]{1,2}),(%f[0-9]{1,2})/
-		&unvis($1,$2,$3,$4)
-	  /gem;
-$code =~ s/\b(alignaddr)\s+(%[goli][0-7]),(%[goli][0-7]),(%[goli][0-7])/
-		&unalignaddr($1,$2,$3,$4)
-	  /gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-thumb.pl b/lib/libssl/src/crypto/sha/asm/sha1-thumb.pl
deleted file mode 100644
index 7c9ea9b0296..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-thumb.pl
+++ /dev/null
@@ -1,259 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# sha1_block for Thumb.
-#
-# January 2007.
-#
-# The code does not present direct interest to OpenSSL, because of low
-# performance. Its purpose is to establish _size_ benchmark. Pretty
-# useless one I must say, because 30% or 88 bytes larger ARMv4 code
-# [avialable on demand] is almost _twice_ as fast. It should also be
-# noted that in-lining of .Lcommon and .Lrotate improves performance
-# by over 40%, while code increases by only 10% or 32 bytes. But once
-# again, the goal was to establish _size_ benchmark, not performance.
-
-$output=shift;
-open STDOUT,">$output";
-
-$inline=0;
-#$cheat_on_binutils=1;
-
-$t0="r0";
-$t1="r1";
-$t2="r2";
-$a="r3";
-$b="r4";
-$c="r5";
-$d="r6";
-$e="r7";
-$K="r8";	# "upper" registers can be used in add/sub and mov insns
-$ctx="r9";
-$inp="r10";
-$len="r11";
-$Xi="r12";
-
-sub common {
-<<___;
-	sub	$t0,#4
-	ldr	$t1,[$t0]
-	add	$e,$K			@ E+=K_xx_xx
-	lsl	$t2,$a,#5
-	add	$t2,$e
-	lsr	$e,$a,#27
-	add	$t2,$e			@ E+=ROR(A,27)
-	add	$t2,$t1			@ E+=X[i]
-___
-}
-sub rotate {
-<<___;
-	mov	$e,$d			@ E=D
-	mov	$d,$c			@ D=C
-	lsl	$c,$b,#30
-	lsr	$b,$b,#2
-	orr	$c,$b			@ C=ROR(B,2)
-	mov	$b,$a			@ B=A
-	add	$a,$t2,$t1		@ A=E+F_xx_xx(B,C,D)
-___
-}
-
-sub BODY_00_19 {
-$code.=$inline?&common():"\tbl	.Lcommon\n";
-$code.=<<___;
-	mov	$t1,$c
-	eor	$t1,$d
-	and	$t1,$b
-	eor	$t1,$d			@ F_00_19(B,C,D)
-___
-$code.=$inline?&rotate():"\tbl	.Lrotate\n";
-}
-
-sub BODY_20_39 {
-$code.=$inline?&common():"\tbl	.Lcommon\n";
-$code.=<<___;
-	mov	$t1,$b
-	eor	$t1,$c
-	eor	$t1,$d			@ F_20_39(B,C,D)
-___
-$code.=$inline?&rotate():"\tbl	.Lrotate\n";
-}
-
-sub BODY_40_59 {
-$code.=$inline?&common():"\tbl	.Lcommon\n";
-$code.=<<___;
-	mov	$t1,$b
-	and	$t1,$c
-	mov	$e,$b
-	orr	$e,$c
-	and	$e,$d
-	orr	$t1,$e			@ F_40_59(B,C,D)
-___
-$code.=$inline?&rotate():"\tbl	.Lrotate\n";
-}
-
-$code=<<___;
-.text
-.code	16
-
-.global	sha1_block_data_order
-.type	sha1_block_data_order,%function
-
-.align	2
-sha1_block_data_order:
-___
-if ($cheat_on_binutils) {
-$code.=<<___;
-.code	32
-	add	r3,pc,#1
-	bx	r3			@ switch to Thumb ISA
-.code	16
-___
-}
-$code.=<<___;
-	push	{r4-r7}
-	mov	r3,r8
-	mov	r4,r9
-	mov	r5,r10
-	mov	r6,r11
-	mov	r7,r12
-	push	{r3-r7,lr}
-	lsl	r2,#6
-	mov	$ctx,r0			@ save context
-	mov	$inp,r1			@ save inp
-	mov	$len,r2			@ save len
-	add	$len,$inp		@ $len to point at inp end
-
-.Lloop:
-	mov	$Xi,sp
-	mov	$t2,sp
-	sub	$t2,#16*4		@ [3]
-.LXload:
-	ldrb	$a,[$t1,#0]		@ $t1 is r1 and holds inp
-	ldrb	$b,[$t1,#1]
-	ldrb	$c,[$t1,#2]
-	ldrb	$d,[$t1,#3]
-	lsl	$a,#24
-	lsl	$b,#16
-	lsl	$c,#8
-	orr	$a,$b
-	orr	$a,$c
-	orr	$a,$d
-	add	$t1,#4
-	push	{$a}
-	cmp	sp,$t2
-	bne	.LXload			@ [+14*16]
-
-	mov	$inp,$t1		@ update $inp
-	sub	$t2,#32*4
-	sub	$t2,#32*4
-	mov	$e,#31			@ [+4]
-.LXupdate:
-	ldr	$a,[sp,#15*4]
-	ldr	$b,[sp,#13*4]
-	ldr	$c,[sp,#7*4]
-	ldr	$d,[sp,#2*4]
-	eor	$a,$b
-	eor	$a,$c
-	eor	$a,$d
-	ror	$a,$e
-	push	{$a}
-	cmp	sp,$t2
-	bne	.LXupdate		@ [+(11+1)*64]
-
-	ldmia	$t0!,{$a,$b,$c,$d,$e}	@ $t0 is r0 and holds ctx
-	mov	$t0,$Xi
-
-	ldr	$t2,.LK_00_19
-	mov	$t1,$t0
-	sub	$t1,#20*4
-	mov	$Xi,$t1
-	mov	$K,$t2			@ [+7+4]
-.L_00_19:
-___
-	&BODY_00_19();
-$code.=<<___;
-	cmp	$Xi,$t0
-	bne	.L_00_19		@ [+(2+9+4+2+8+2)*20]
-
-	ldr	$t2,.LK_20_39
-	mov	$t1,$t0
-	sub	$t1,#20*4
-	mov	$Xi,$t1
-	mov	$K,$t2			@ [+5]
-.L_20_39_or_60_79:
-___
-	&BODY_20_39();
-$code.=<<___;
-	cmp	$Xi,$t0
-	bne	.L_20_39_or_60_79	@ [+(2+9+3+2+8+2)*20*2]
-	cmp	sp,$t0
-	beq	.Ldone			@ [+2]
-
-	ldr	$t2,.LK_40_59
-	mov	$t1,$t0
-	sub	$t1,#20*4
-	mov	$Xi,$t1
-	mov	$K,$t2			@ [+5]
-.L_40_59:
-___
-	&BODY_40_59();
-$code.=<<___;
-	cmp	$Xi,$t0
-	bne	.L_40_59		@ [+(2+9+6+2+8+2)*20]
-
-	ldr	$t2,.LK_60_79
-	mov	$Xi,sp
-	mov	$K,$t2
-	b	.L_20_39_or_60_79	@ [+4]
-.Ldone:
-	mov	$t0,$ctx
-	ldr	$t1,[$t0,#0]
-	ldr	$t2,[$t0,#4]
-	add	$a,$t1
-	ldr	$t1,[$t0,#8]
-	add	$b,$t2
-	ldr	$t2,[$t0,#12]
-	add	$c,$t1
-	ldr	$t1,[$t0,#16]
-	add	$d,$t2
-	add	$e,$t1
-	stmia	$t0!,{$a,$b,$c,$d,$e}	@ [+20]
-
-	add	sp,#80*4		@ deallocate stack frame
-	mov	$t0,$ctx		@ restore ctx
-	mov	$t1,$inp		@ restore inp
-	cmp	$t1,$len
-	beq	.Lexit
-	b	.Lloop			@ [+6] total 3212 cycles
-.Lexit:
-	pop	{r2-r7}
-	mov	r8,r2
-	mov	r9,r3
-	mov	r10,r4
-	mov	r11,r5
-	mov	r12,r6
-	mov	lr,r7
-	pop	{r4-r7}
-	bx	lr
-.align	2
-___
-$code.=".Lcommon:\n".&common()."\tmov	pc,lr\n" if (!$inline);
-$code.=".Lrotate:\n".&rotate()."\tmov	pc,lr\n" if (!$inline);
-$code.=<<___;
-.align	2
-.LK_00_19:	.word	0x5a827999
-.LK_20_39:	.word	0x6ed9eba1
-.LK_40_59:	.word	0x8f1bbcdc
-.LK_60_79:	.word	0xca62c1d6
-.size	sha1_block_data_order,.-sha1_block_data_order
-.asciz	"SHA1 block transform for Thumb, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-print $code;
-close STDOUT; # enforce flush
diff --git a/lib/libssl/src/crypto/sha/asm/sha1-x86_64.pl b/lib/libssl/src/crypto/sha/asm/sha1-x86_64.pl
deleted file mode 100755
index f15c7ec39b2..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha1-x86_64.pl
+++ /dev/null
@@ -1,1261 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# sha1_block procedure for x86_64.
-#
-# It was brought to my attention that on EM64T compiler-generated code
-# was far behind 32-bit assembler implementation. This is unlike on
-# Opteron where compiler-generated code was only 15% behind 32-bit
-# assembler, which originally made it hard to motivate the effort.
-# There was suggestion to mechanically translate 32-bit code, but I
-# dismissed it, reasoning that x86_64 offers enough register bank
-# capacity to fully utilize SHA-1 parallelism. Therefore this fresh
-# implementation:-) However! While 64-bit code does perform better
-# on Opteron, I failed to beat 32-bit assembler on EM64T core. Well,
-# x86_64 does offer larger *addressable* bank, but out-of-order core
-# reaches for even more registers through dynamic aliasing, and EM64T
-# core must have managed to run-time optimize even 32-bit code just as
-# good as 64-bit one. Performance improvement is summarized in the
-# following table:
-#
-#		gcc 3.4		32-bit asm	cycles/byte
-# Opteron	+45%		+20%		6.8
-# Xeon P4	+65%		+0%		9.9
-# Core2		+60%		+10%		7.0
-
-# August 2009.
-#
-# The code was revised to minimize code size and to maximize
-# "distance" between instructions producing input to 'lea'
-# instruction and the 'lea' instruction itself, which is essential
-# for Intel Atom core.
-
-# October 2010.
-#
-# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
-# is to offload message schedule denoted by Wt in NIST specification,
-# or Xupdate in OpenSSL source, to SIMD unit. See sha1-586.pl module
-# for background and implementation details. The only difference from
-# 32-bit code is that 64-bit code doesn't have to spill @X[] elements
-# to free temporary registers.
-
-# April 2011.
-#
-# Add AVX code path. See sha1-586.pl for further information.
-
-######################################################################
-# Current performance is summarized in following table. Numbers are
-# CPU clock cycles spent to process single byte (less is better).
-#
-#		x86_64		SSSE3		AVX
-# P4		9.8		-
-# Opteron	6.6		-
-# Core2		6.7		6.1/+10%	-
-# Atom		11.0		9.7/+13%	-
-# Westmere	7.1		5.6/+27%	-
-# Sandy Bridge	7.9		6.3/+25%	5.2/+51%
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
-		=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
-	   $1>=2.19);
-$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
-	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
-	   $1>=2.09);
-$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
-	   `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
-	   $1>=10);
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-$ctx="%rdi";	# 1st arg
-$inp="%rsi";	# 2nd arg
-$num="%rdx";	# 3rd arg
-
-# reassign arguments in order to produce more compact code
-$ctx="%r8";
-$inp="%r9";
-$num="%r10";
-
-$t0="%eax";
-$t1="%ebx";
-$t2="%ecx";
-@xi=("%edx","%ebp");
-$A="%esi";
-$B="%edi";
-$C="%r11d";
-$D="%r12d";
-$E="%r13d";
-
-@V=($A,$B,$C,$D,$E);
-
-sub BODY_00_19 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___ if ($i==0);
-	mov	`4*$i`($inp),$xi[0]
-	bswap	$xi[0]
-	mov	$xi[0],`4*$i`(%rsp)
-___
-$code.=<<___ if ($i<15);
-	mov	$c,$t0
-	mov	`4*$j`($inp),$xi[1]
-	mov	$a,$t2
-	xor	$d,$t0
-	bswap	$xi[1]
-	rol	\$5,$t2
-	lea	0x5a827999($xi[0],$e),$e
-	and	$b,$t0
-	mov	$xi[1],`4*$j`(%rsp)
-	add	$t2,$e
-	xor	$d,$t0
-	rol	\$30,$b
-	add	$t0,$e
-___
-$code.=<<___ if ($i>=15);
-	mov	`4*($j%16)`(%rsp),$xi[1]
-	mov	$c,$t0
-	mov	$a,$t2
-	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
-	xor	$d,$t0
-	rol	\$5,$t2
-	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
-	and	$b,$t0
-	lea	0x5a827999($xi[0],$e),$e
-	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
-	xor	$d,$t0
-	rol	\$1,$xi[1]
-	add	$t2,$e
-	rol	\$30,$b
-	mov	$xi[1],`4*($j%16)`(%rsp)
-	add	$t0,$e
-___
-unshift(@xi,pop(@xi));
-}
-
-sub BODY_20_39 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
-$code.=<<___ if ($i<79);
-	mov	`4*($j%16)`(%rsp),$xi[1]
-	mov	$c,$t0
-	mov	$a,$t2
-	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
-	xor	$b,$t0
-	rol	\$5,$t2
-	lea	$K($xi[0],$e),$e
-	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
-	xor	$d,$t0
-	add	$t2,$e
-	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
-	rol	\$30,$b
-	add	$t0,$e
-	rol	\$1,$xi[1]
-___
-$code.=<<___ if ($i<76);
-	mov	$xi[1],`4*($j%16)`(%rsp)
-___
-$code.=<<___ if ($i==79);
-	mov	$c,$t0
-	mov	$a,$t2
-	xor	$b,$t0
-	lea	$K($xi[0],$e),$e
-	rol	\$5,$t2
-	xor	$d,$t0
-	add	$t2,$e
-	rol	\$30,$b
-	add	$t0,$e
-___
-unshift(@xi,pop(@xi));
-}
-
-sub BODY_40_59 {
-my ($i,$a,$b,$c,$d,$e)=@_;
-my $j=$i+1;
-$code.=<<___;
-	mov	`4*($j%16)`(%rsp),$xi[1]
-	mov	$c,$t0
-	mov	$c,$t1
-	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
-	and	$d,$t0
-	mov	$a,$t2
-	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
-	xor	$d,$t1
-	lea	0x8f1bbcdc($xi[0],$e),$e
-	rol	\$5,$t2
-	xor	`4*(($j+13)%16)`(%rsp),$xi[1]
-	add	$t0,$e
-	and	$b,$t1
-	rol	\$1,$xi[1]
-	add	$t1,$e
-	rol	\$30,$b
-	mov	$xi[1],`4*($j%16)`(%rsp)
-	add	$t2,$e
-___
-unshift(@xi,pop(@xi));
-}
-
-$code.=<<___;
-.text
-.extern	OPENSSL_ia32cap_P
-
-.globl	sha1_block_data_order
-.type	sha1_block_data_order,\@function,3
-.align	16
-sha1_block_data_order:
-	mov	OPENSSL_ia32cap_P+0(%rip),%r9d
-	mov	OPENSSL_ia32cap_P+4(%rip),%r8d
-	test	\$`1<<9`,%r8d		# check SSSE3 bit
-	jz	.Lialu
-___
-$code.=<<___ if ($avx);
-	and	\$`1<<28`,%r8d		# mask AVX bit
-	and	\$`1<<30`,%r9d		# mask "Intel CPU" bit
-	or	%r9d,%r8d
-	cmp	\$`1<<28|1<<30`,%r8d
-	je	_avx_shortcut
-___
-$code.=<<___;
-	jmp	_ssse3_shortcut
-
-.align	16
-.Lialu:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	mov	%rsp,%r11
-	mov	%rdi,$ctx	# reassigned argument
-	sub	\$`8+16*4`,%rsp
-	mov	%rsi,$inp	# reassigned argument
-	and	\$-64,%rsp
-	mov	%rdx,$num	# reassigned argument
-	mov	%r11,`16*4`(%rsp)
-.Lprologue:
-
-	mov	0($ctx),$A
-	mov	4($ctx),$B
-	mov	8($ctx),$C
-	mov	12($ctx),$D
-	mov	16($ctx),$E
-	jmp	.Lloop
-
-.align	16
-.Lloop:
-___
-for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
-for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
-for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	add	0($ctx),$A
-	add	4($ctx),$B
-	add	8($ctx),$C
-	add	12($ctx),$D
-	add	16($ctx),$E
-	mov	$A,0($ctx)
-	mov	$B,4($ctx)
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-
-	sub	\$1,$num
-	lea	`16*4`($inp),$inp
-	jnz	.Lloop
-
-	mov	`16*4`(%rsp),%rsi
-	mov	(%rsi),%r13
-	mov	8(%rsi),%r12
-	mov	16(%rsi),%rbp
-	mov	24(%rsi),%rbx
-	lea	32(%rsi),%rsp
-.Lepilogue:
-	ret
-.size	sha1_block_data_order,.-sha1_block_data_order
-___
-{{{
-my $Xi=4;
-my @X=map("%xmm$_",(4..7,0..3));
-my @Tx=map("%xmm$_",(8..10));
-my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
-my @T=("%esi","%edi");
-my $j=0;
-my $K_XX_XX="%r11";
-
-my $_rol=sub { &rol(@_) };
-my $_ror=sub { &ror(@_) };
-
-$code.=<<___;
-.type	sha1_block_data_order_ssse3,\@function,3
-.align	16
-sha1_block_data_order_ssse3:
-_ssse3_shortcut:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	lea	`-64-($win64?5*16:0)`(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,64+0(%rsp)
-	movaps	%xmm7,64+16(%rsp)
-	movaps	%xmm8,64+32(%rsp)
-	movaps	%xmm9,64+48(%rsp)
-	movaps	%xmm10,64+64(%rsp)
-.Lprologue_ssse3:
-___
-$code.=<<___;
-	mov	%rdi,$ctx	# reassigned argument
-	mov	%rsi,$inp	# reassigned argument
-	mov	%rdx,$num	# reassigned argument
-
-	shl	\$6,$num
-	add	$inp,$num
-	lea	K_XX_XX(%rip),$K_XX_XX
-
-	mov	0($ctx),$A		# load context
-	mov	4($ctx),$B
-	mov	8($ctx),$C
-	mov	12($ctx),$D
-	mov	$B,@T[0]		# magic seed
-	mov	16($ctx),$E
-
-	movdqa	64($K_XX_XX),@X[2]	# pbswap mask
-	movdqa	0($K_XX_XX),@Tx[1]	# K_00_19
-	movdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
-	movdqu	16($inp),@X[-3&7]
-	movdqu	32($inp),@X[-2&7]
-	movdqu	48($inp),@X[-1&7]
-	pshufb	@X[2],@X[-4&7]		# byte swap
-	add	\$64,$inp
-	pshufb	@X[2],@X[-3&7]
-	pshufb	@X[2],@X[-2&7]
-	pshufb	@X[2],@X[-1&7]
-	paddd	@Tx[1],@X[-4&7]		# add K_00_19
-	paddd	@Tx[1],@X[-3&7]
-	paddd	@Tx[1],@X[-2&7]
-	movdqa	@X[-4&7],0(%rsp)	# X[]+K xfer to IALU
-	psubd	@Tx[1],@X[-4&7]		# restore X[]
-	movdqa	@X[-3&7],16(%rsp)
-	psubd	@Tx[1],@X[-3&7]
-	movdqa	@X[-2&7],32(%rsp)
-	psubd	@Tx[1],@X[-2&7]
-	jmp	.Loop_ssse3
-___
-
-sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
-{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
-  my $arg = pop;
-    $arg = "\$$arg" if ($arg*1 eq $arg);
-    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
-}
-
-sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&movdqa	(@X[0],@X[-3&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(@Tx[0],@X[-1&7]);
-	&palignr(@X[0],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psrldq	(@Tx[0],4);		# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&movdqa	(@Tx[2],@X[0]);
-	&movdqa	(@Tx[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslldq	(@Tx[2],12);		# "X[0]"<<96, extract one dword
-	&paddd	(@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@Tx[0],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(@Tx[1],@Tx[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&psrld	(@Tx[2],30);
-	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pslld	(@Tx[1],2);
-	&pxor	(@X[0],@Tx[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &movdqa	(@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)");	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xupdate_ssse3_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&movdqa	(@Tx[0],@X[-1&7])	if ($Xi==8);
-	 eval(shift(@insns));		# body_20_39
-	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
-	&palignr(@Tx[0],@X[-2&7],8);	# compose "X[-6]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
-	 eval(shift(@insns));
-	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
-	if ($Xi%5) {
-	  &movdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
-	} else {			# ... or load next one
-	  &movdqa	(@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
-	}
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&movdqa	(@Tx[0],@X[0]);
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&pslld	(@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	&psrld	(@Tx[0],30);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &movdqa	(@Tx[1],@X[0])	if ($Xi<19);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xuplast_ssse3_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &paddd	(@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&cmp	($inp,$num);
-	&je	(".Ldone_ssse3");
-
-	unshift(@Tx,pop(@Tx));
-
-	&movdqa	(@X[2],"64($K_XX_XX)");		# pbswap mask
-	&movdqa	(@Tx[1],"0($K_XX_XX)");		# K_00_19
-	&movdqu	(@X[-4&7],"0($inp)");		# load input
-	&movdqu	(@X[-3&7],"16($inp)");
-	&movdqu	(@X[-2&7],"32($inp)");
-	&movdqu	(@X[-1&7],"48($inp)");
-	&pshufb	(@X[-4&7],@X[2]);		# byte swap
-	&add	($inp,64);
-
-  $Xi=0;
-}
-
-sub Xloop_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&pshufb	(@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&paddd	(@X[($Xi-4)&7],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&movdqa	(eval(16*$Xi)."(%rsp)",@X[($Xi-4)&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&psubd	(@X[($Xi-4)&7],@Tx[1]);
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_ssse3()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-sub body_00_19 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,eval(4*($j&15))."(%rsp)");',	# X[]+K xfer
-	'&xor	($c,$d);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&xor	($c,$d);',	# restore $c
-	'&xor	(@T[0],$d);',
-	'&add	($e,$a);',
-	'&$_ror	($b,$j?7:2);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-
-sub body_20_39 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&add	($e,eval(4*($j++&15))."(%rsp)");',	# X[]+K xfer
-	'&xor	(@T[0],$d);',	# ($b^$d)
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&xor	(@T[0],$c);',	# ($b^$d^$c)
-	'&add	($e,$a);',
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[0]);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-
-sub body_40_59 () {
-	(
-	'($a,$b,$c,$d,$e)=@V;'.
-	'&mov	(@T[1],$c);',
-	'&xor	($c,$d);',
-	'&add	($e,eval(4*($j++&15))."(%rsp)");',	# X[]+K xfer
-	'&and	(@T[1],$d);',
-	'&and	(@T[0],$c);',	# ($b&($c^$d))
-	'&$_ror	($b,7);',	# $b>>>2
-	'&add	($e,@T[1]);',
-	'&mov	(@T[1],$a);',	# $b in next round
-	'&$_rol	($a,5);',
-	'&add	($e,@T[0]);',
-	'&xor	($c,$d);',	# restore $c
-	'&add	($e,$a);'	.'unshift(@V,pop(@V)); unshift(@T,pop(@T));'
-	);
-}
-$code.=<<___;
-.align	16
-.Loop_ssse3:
-___
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_16_31(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_00_19);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_40_59);
-	&Xupdate_ssse3_32_79(\&body_20_39);
-	&Xuplast_ssse3_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-	&Xloop_ssse3(\&body_20_39);
-
-$code.=<<___;
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	add	12($ctx),$D
-	mov	$A,0($ctx)
-	add	16($ctx),$E
-	mov	@T[0],4($ctx)
-	mov	@T[0],$B			# magic seed
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	jmp	.Loop_ssse3
-
-.align	16
-.Ldone_ssse3:
-___
-				$j=$saved_j; @V=@saved_V;
-
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-	&Xtail_ssse3(\&body_20_39);
-
-$code.=<<___;
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	mov	$A,0($ctx)
-	add	12($ctx),$D
-	mov	@T[0],4($ctx)
-	add	16($ctx),$E
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-___
-$code.=<<___ if ($win64);
-	movaps	64+0(%rsp),%xmm6
-	movaps	64+16(%rsp),%xmm7
-	movaps	64+32(%rsp),%xmm8
-	movaps	64+48(%rsp),%xmm9
-	movaps	64+64(%rsp),%xmm10
-___
-$code.=<<___;
-	lea	`64+($win64?5*16:0)`(%rsp),%rsi
-	mov	0(%rsi),%r12
-	mov	8(%rsi),%rbp
-	mov	16(%rsi),%rbx
-	lea	24(%rsi),%rsp
-.Lepilogue_ssse3:
-	ret
-.size	sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
-___
-
-if ($avx) {
-my $Xi=4;
-my @X=map("%xmm$_",(4..7,0..3));
-my @Tx=map("%xmm$_",(8..10));
-my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
-my @T=("%esi","%edi");
-my $j=0;
-my $K_XX_XX="%r11";
-
-my $_rol=sub { &shld(@_[0],@_) };
-my $_ror=sub { &shrd(@_[0],@_) };
-
-$code.=<<___;
-.type	sha1_block_data_order_avx,\@function,3
-.align	16
-sha1_block_data_order_avx:
-_avx_shortcut:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	lea	`-64-($win64?5*16:0)`(%rsp),%rsp
-___
-$code.=<<___ if ($win64);
-	movaps	%xmm6,64+0(%rsp)
-	movaps	%xmm7,64+16(%rsp)
-	movaps	%xmm8,64+32(%rsp)
-	movaps	%xmm9,64+48(%rsp)
-	movaps	%xmm10,64+64(%rsp)
-.Lprologue_avx:
-___
-$code.=<<___;
-	mov	%rdi,$ctx	# reassigned argument
-	mov	%rsi,$inp	# reassigned argument
-	mov	%rdx,$num	# reassigned argument
-	vzeroupper
-
-	shl	\$6,$num
-	add	$inp,$num
-	lea	K_XX_XX(%rip),$K_XX_XX
-
-	mov	0($ctx),$A		# load context
-	mov	4($ctx),$B
-	mov	8($ctx),$C
-	mov	12($ctx),$D
-	mov	$B,@T[0]		# magic seed
-	mov	16($ctx),$E
-
-	vmovdqa	64($K_XX_XX),@X[2]	# pbswap mask
-	vmovdqa	0($K_XX_XX),@Tx[1]	# K_00_19
-	vmovdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
-	vmovdqu	16($inp),@X[-3&7]
-	vmovdqu	32($inp),@X[-2&7]
-	vmovdqu	48($inp),@X[-1&7]
-	vpshufb	@X[2],@X[-4&7],@X[-4&7]	# byte swap
-	add	\$64,$inp
-	vpshufb	@X[2],@X[-3&7],@X[-3&7]
-	vpshufb	@X[2],@X[-2&7],@X[-2&7]
-	vpshufb	@X[2],@X[-1&7],@X[-1&7]
-	vpaddd	@Tx[1],@X[-4&7],@X[0]	# add K_00_19
-	vpaddd	@Tx[1],@X[-3&7],@X[1]
-	vpaddd	@Tx[1],@X[-2&7],@X[2]
-	vmovdqa	@X[0],0(%rsp)		# X[]+K xfer to IALU
-	vmovdqa	@X[1],16(%rsp)
-	vmovdqa	@X[2],32(%rsp)
-	jmp	.Loop_avx
-___
-
-sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpsrldq(@Tx[0],@X[-1&7],4);	# "X[-3]", 3 dwords
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@Tx[0],@X[0],31);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslldq(@Tx[2],@X[0],12);		# "X[0]"<<96, extract one dword
-	&vpaddd	(@X[0],@X[0],@X[0]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpsrld	(@Tx[1],@Tx[2],30);
-	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpslld	(@Tx[2],@Tx[2],2);
-	&vpxor	(@X[0],@X[0],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[2]);		# "X[0]"^=("X[0]">>96)<<<2
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	  &vmovdqa	(@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)");	# K_XX_XX
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-
-	 foreach (@insns) { eval; }	# remaining instructions [if any]
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xupdate_avx_32_79()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
-  my ($a,$b,$c,$d,$e);
-
-	&vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
-	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpxor	(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
-	 eval(shift(@insns));
-	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
-	if ($Xi%5) {
-	  &vmovdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
-	} else {			# ... or load next one
-	  &vmovdqa	(@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
-	}
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-
-	&vpsrld	(@Tx[0],@X[0],30);
-	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpslld	(@X[0],@X[0],2);
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# ror
-	 eval(shift(@insns));
-
-	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=2
-	 eval(shift(@insns));		# body_20_39
-	 eval(shift(@insns));
-	  &vmovdqa	(@Tx[1],@X[0])	if ($Xi<19);
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));		# rol
-	 eval(shift(@insns));
-
-	 foreach (@insns) { eval; }	# remaining instructions
-
-  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
-		push(@Tx,shift(@Tx));
-}
-
-sub Xuplast_avx_80()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	  &vpaddd	(@Tx[1],@Tx[1],@X[-1&7]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
-
-	 foreach (@insns) { eval; }		# remaining instructions
-
-	&cmp	($inp,$num);
-	&je	(".Ldone_avx");
-
-	unshift(@Tx,pop(@Tx));
-
-	&vmovdqa(@X[2],"64($K_XX_XX)");		# pbswap mask
-	&vmovdqa(@Tx[1],"0($K_XX_XX)");		# K_00_19
-	&vmovdqu(@X[-4&7],"0($inp)");		# load input
-	&vmovdqu(@X[-3&7],"16($inp)");
-	&vmovdqu(@X[-2&7],"32($inp)");
-	&vmovdqu(@X[-1&7],"48($inp)");
-	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
-	&add	($inp,64);
-
-  $Xi=0;
-}
-
-sub Xloop_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vpaddd	(@X[$Xi&7],@X[($Xi-4)&7],@Tx[1]);
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-	&vmovdqa(eval(16*$Xi)."(%rsp)",@X[$Xi&7]);	# X[]+K xfer to IALU
-	 eval(shift(@insns));
-	 eval(shift(@insns));
-
-	foreach (@insns) { eval; }
-  $Xi++;
-}
-
-sub Xtail_avx()
-{ use integer;
-  my $body = shift;
-  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
-  my ($a,$b,$c,$d,$e);
-
-	foreach (@insns) { eval; }
-}
-
-$code.=<<___;
-.align	16
-.Loop_avx:
-___
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_16_31(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_00_19);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_40_59);
-	&Xupdate_avx_32_79(\&body_20_39);
-	&Xuplast_avx_80(\&body_20_39);	# can jump to "done"
-
-				$saved_j=$j; @saved_V=@V;
-
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-	&Xloop_avx(\&body_20_39);
-
-$code.=<<___;
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	add	12($ctx),$D
-	mov	$A,0($ctx)
-	add	16($ctx),$E
-	mov	@T[0],4($ctx)
-	mov	@T[0],$B			# magic seed
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-	jmp	.Loop_avx
-
-.align	16
-.Ldone_avx:
-___
-				$j=$saved_j; @V=@saved_V;
-
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-	&Xtail_avx(\&body_20_39);
-
-$code.=<<___;
-	vzeroupper
-
-	add	0($ctx),$A			# update context
-	add	4($ctx),@T[0]
-	add	8($ctx),$C
-	mov	$A,0($ctx)
-	add	12($ctx),$D
-	mov	@T[0],4($ctx)
-	add	16($ctx),$E
-	mov	$C,8($ctx)
-	mov	$D,12($ctx)
-	mov	$E,16($ctx)
-___
-$code.=<<___ if ($win64);
-	movaps	64+0(%rsp),%xmm6
-	movaps	64+16(%rsp),%xmm7
-	movaps	64+32(%rsp),%xmm8
-	movaps	64+48(%rsp),%xmm9
-	movaps	64+64(%rsp),%xmm10
-___
-$code.=<<___;
-	lea	`64+($win64?5*16:0)`(%rsp),%rsi
-	mov	0(%rsi),%r12
-	mov	8(%rsi),%rbp
-	mov	16(%rsi),%rbx
-	lea	24(%rsi),%rsp
-.Lepilogue_avx:
-	ret
-.size	sha1_block_data_order_avx,.-sha1_block_data_order_avx
-___
-}
-$code.=<<___;
-.align	64
-K_XX_XX:
-.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
-.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
-.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
-.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
-.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap mask
-___
-}}}
-$code.=<<___;
-.asciz	"SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lprologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lprologue
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	lea	.Lepilogue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
-	jae	.Lcommon_seh_tail
-
-	mov	`16*4`(%rax),%rax	# pull saved stack pointer
-	lea	32(%rax),%rax
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-
-	jmp	.Lcommon_seh_tail
-.size	se_handler,.-se_handler
-
-.type	ssse3_handler,\@abi-omnipotent
-.align	16
-ssse3_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lcommon_seh_tail
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lcommon_seh_tail
-
-	lea	64(%rax),%rsi
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$10,%ecx
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	`24+64+5*16`(%rax),%rax	# adjust stack pointer
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore cotnext->R12
-
-.Lcommon_seh_tail:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$154,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	ssse3_handler,.-ssse3_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_sha1_block_data_order
-	.rva	.LSEH_end_sha1_block_data_order
-	.rva	.LSEH_info_sha1_block_data_order
-	.rva	.LSEH_begin_sha1_block_data_order_ssse3
-	.rva	.LSEH_end_sha1_block_data_order_ssse3
-	.rva	.LSEH_info_sha1_block_data_order_ssse3
-___
-$code.=<<___ if ($avx);
-	.rva	.LSEH_begin_sha1_block_data_order_avx
-	.rva	.LSEH_end_sha1_block_data_order_avx
-	.rva	.LSEH_info_sha1_block_data_order_avx
-___
-$code.=<<___;
-.section	.xdata
-.align	8
-.LSEH_info_sha1_block_data_order:
-	.byte	9,0,0,0
-	.rva	se_handler
-.LSEH_info_sha1_block_data_order_ssse3:
-	.byte	9,0,0,0
-	.rva	ssse3_handler
-	.rva	.Lprologue_ssse3,.Lepilogue_ssse3	# HandlerData[]
-___
-$code.=<<___ if ($avx);
-.LSEH_info_sha1_block_data_order_avx:
-	.byte	9,0,0,0
-	.rva	ssse3_handler
-	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
-___
-}
-
-####################################################################
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha256-586.pl b/lib/libssl/src/crypto/sha/asm/sha256-586.pl
deleted file mode 100644
index 928ec53123b..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha256-586.pl
+++ /dev/null
@@ -1,249 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# SHA256 block transform for x86. September 2007.
-#
-# Performance in clock cycles per processed byte (less is better):
-#
-#		Pentium	PIII	P4	AMD K8	Core2
-# gcc		46	36	41	27	26
-# icc		57	33	38	25	23	
-# x86 asm	40	30	33	20	18
-# x86_64 asm(*)	-	-	21	16	16
-#
-# (*) x86_64 assembler performance is presented for reference
-#     purposes.
-#
-# Performance improvement over compiler generated code varies from
-# 10% to 40% [see above]. Not very impressive on some �-archs, but
-# it's 5 times smaller and optimizies amount of writes.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
-
-$A="eax";
-$E="edx";
-$T="ebx";
-$Aoff=&DWP(0,"esp");
-$Boff=&DWP(4,"esp");
-$Coff=&DWP(8,"esp");
-$Doff=&DWP(12,"esp");
-$Eoff=&DWP(16,"esp");
-$Foff=&DWP(20,"esp");
-$Goff=&DWP(24,"esp");
-$Hoff=&DWP(28,"esp");
-$Xoff=&DWP(32,"esp");
-$K256="ebp";
-
-sub BODY_00_15() {
-    my $in_16_63=shift;
-
-	&mov	("ecx",$E);
-	 &add	($T,"edi")			if ($in_16_63);	# T += sigma1(X[-2])
-	&ror	("ecx",25-11);
-	 &mov	("esi",$Foff);
-	&xor	("ecx",$E);
-	&ror	("ecx",11-6);
-	 &mov	(&DWP(4*(8+15),"esp"),$T)	if ($in_16_63);	# save X[0]
-	&xor	("ecx",$E);
-	&ror	("ecx",6);	# Sigma1(e)
-	 &mov	("edi",$Goff);
-	&add	($T,"ecx");	# T += Sigma1(e)
-
-	&xor	("esi","edi");
-	 &mov	($Eoff,$E);	# modulo-scheduled
-	 &mov	("ecx",$A);
-	&and	("esi",$E);
-	 &mov	($E,$Doff);	# e becomes d, which is e in next iteration
-	&xor	("esi","edi");	# Ch(e,f,g)
-	 &mov	("edi",$A);
-	&add	($T,"esi");	# T += Ch(e,f,g)
-
-	&ror	("ecx",22-13);
-	 &add	($T,$Hoff);	# T += h
-	&xor	("ecx",$A);
-	&ror	("ecx",13-2);
-	 &mov	("esi",$Boff);
-	&xor	("ecx",$A);
-	&ror	("ecx",2);	# Sigma0(a)
-	 &add	($E,$T);	# d += T
-	 &mov	("edi",$Coff);
-
-	&add	($T,"ecx");	# T += Sigma0(a)
-	 &mov	($Aoff,$A);	# modulo-scheduled
-
-	&mov	("ecx",$A);
-	 &sub	("esp",4);
-	&or	($A,"esi");	# a becomes h, which is a in next iteration
-	&and	("ecx","esi");
-	&and	($A,"edi");
-	 &mov	("esi",&DWP(0,$K256));
-	&or	($A,"ecx");	# h=Maj(a,b,c)
-
-	&add	($K256,4);
-	&add	($A,$T);	# h += T
-	 &mov	($T,&DWP(4*(8+15+16-1),"esp"))	if ($in_16_63);	# preload T
-	&add	($E,"esi");	# d += K256[i]
-	&add	($A,"esi");	# h += K256[i]
-}
-
-&function_begin("sha256_block_data_order");
-	&mov	("esi",wparam(0));	# ctx
-	&mov	("edi",wparam(1));	# inp
-	&mov	("eax",wparam(2));	# num
-	&mov	("ebx","esp");		# saved sp
-
-	&call	(&label("pic_point"));	# make it PIC!
-&set_label("pic_point");
-	&blindpop($K256);
-	&lea	($K256,&DWP(&label("K256")."-".&label("pic_point"),$K256));
-
-	&sub	("esp",16);
-	&and	("esp",-64);
-
-	&shl	("eax",6);
-	&add	("eax","edi");
-	&mov	(&DWP(0,"esp"),"esi");	# ctx
-	&mov	(&DWP(4,"esp"),"edi");	# inp
-	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
-	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
-
-&set_label("loop",16);
-    # copy input block to stack reversing byte and dword order
-    for($i=0;$i<4;$i++) {
-	&mov	("eax",&DWP($i*16+0,"edi"));
-	&mov	("ebx",&DWP($i*16+4,"edi"));
-	&mov	("ecx",&DWP($i*16+8,"edi"));
-	&mov	("edx",&DWP($i*16+12,"edi"));
-	&bswap	("eax");
-	&bswap	("ebx");
-	&bswap	("ecx");
-	&bswap	("edx");
-	&push	("eax");
-	&push	("ebx");
-	&push	("ecx");
-	&push	("edx");
-    }
-	&add	("edi",64);
-	&sub	("esp",4*8);		# place for A,B,C,D,E,F,G,H
-	&mov	(&DWP(4*(8+16)+4,"esp"),"edi");
-
-	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
-	&mov	($A,&DWP(0,"esi"));
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edi",&DWP(12,"esi"));
-	# &mov	($Aoff,$A);
-	&mov	($Boff,"ebx");
-	&mov	($Coff,"ecx");
-	&mov	($Doff,"edi");
-	&mov	($E,&DWP(16,"esi"));	
-	&mov	("ebx",&DWP(20,"esi"));
-	&mov	("ecx",&DWP(24,"esi"));
-	&mov	("edi",&DWP(28,"esi"));
-	# &mov	($Eoff,$E);
-	&mov	($Foff,"ebx");
-	&mov	($Goff,"ecx");
-	&mov	($Hoff,"edi");
-
-&set_label("00_15",16);
-	&mov	($T,&DWP(4*(8+15),"esp"));
-
-	&BODY_00_15();
-
-	&cmp	("esi",0xc19bf174);
-	&jne	(&label("00_15"));
-
-	&mov	($T,&DWP(4*(8+15+16-1),"esp"));	# preloaded in BODY_00_15(1)
-&set_label("16_63",16);
-	&mov	("esi",$T);
-	 &mov	("ecx",&DWP(4*(8+15+16-14),"esp"));
-	&ror	("esi",18-7);
-	 &mov	("edi","ecx");
-	&xor	("esi",$T);
-	&ror	("esi",7);
-	&shr	($T,3);
-
-	&ror	("edi",19-17);
-	 &xor	($T,"esi");			# T = sigma0(X[-15])
-	&xor	("edi","ecx");
-	&ror	("edi",17);
-	&shr	("ecx",10);
-	 &add	($T,&DWP(4*(8+15+16),"esp"));	# T += X[-16]
-	&xor	("edi","ecx");			# sigma1(X[-2])
-
-	 &add	($T,&DWP(4*(8+15+16-9),"esp"));	# T += X[-7]
-	# &add	($T,"edi");			# T += sigma1(X[-2])
-	# &mov	(&DWP(4*(8+15),"esp"),$T);	# save X[0]
-
-	&BODY_00_15(1);
-
-	&cmp	("esi",0xc67178f2);
-	&jne	(&label("16_63"));
-
-	&mov	("esi",&DWP(4*(8+16+64)+0,"esp"));#ctx
-	# &mov	($A,$Aoff);
-	&mov	("ebx",$Boff);
-	&mov	("ecx",$Coff);
-	&mov	("edi",$Doff);
-	&add	($A,&DWP(0,"esi"));
-	&add	("ebx",&DWP(4,"esi"));
-	&add	("ecx",&DWP(8,"esi"));
-	&add	("edi",&DWP(12,"esi"));
-	&mov	(&DWP(0,"esi"),$A);
-	&mov	(&DWP(4,"esi"),"ebx");
-	&mov	(&DWP(8,"esi"),"ecx");
-	&mov	(&DWP(12,"esi"),"edi");
-	# &mov	($E,$Eoff);
-	&mov	("eax",$Foff);
-	&mov	("ebx",$Goff);
-	&mov	("ecx",$Hoff);
-	&mov	("edi",&DWP(4*(8+16+64)+4,"esp"));#inp
-	&add	($E,&DWP(16,"esi"));
-	&add	("eax",&DWP(20,"esi"));
-	&add	("ebx",&DWP(24,"esi"));
-	&add	("ecx",&DWP(28,"esi"));
-	&mov	(&DWP(16,"esi"),$E);
-	&mov	(&DWP(20,"esi"),"eax");
-	&mov	(&DWP(24,"esi"),"ebx");
-	&mov	(&DWP(28,"esi"),"ecx");
-
-	&add	("esp",4*(8+16+64));		# destroy frame
-	&sub	($K256,4*64);			# rewind K
-
-	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
-	&jb	(&label("loop"));
-
-	&mov	("esp",&DWP(12,"esp"));		# restore sp
-&function_end_A();
-
-&set_label("K256",64);	# Yes! I keep it in the code segment!
-	&data_word(0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5);
-	&data_word(0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5);
-	&data_word(0xd807aa98,0x12835b01,0x243185be,0x550c7dc3);
-	&data_word(0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174);
-	&data_word(0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc);
-	&data_word(0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da);
-	&data_word(0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7);
-	&data_word(0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967);
-	&data_word(0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13);
-	&data_word(0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85);
-	&data_word(0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3);
-	&data_word(0xd192e819,0xd6990624,0xf40e3585,0x106aa070);
-	&data_word(0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5);
-	&data_word(0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3);
-	&data_word(0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208);
-	&data_word(0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2);
-&function_end_B("sha256_block_data_order");
-&asciz("SHA256 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/sha/asm/sha256-armv4.pl b/lib/libssl/src/crypto/sha/asm/sha256-armv4.pl
deleted file mode 100644
index 9c84e8d93c3..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha256-armv4.pl
+++ /dev/null
@@ -1,211 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA256 block procedure for ARMv4. May 2007.
-
-# Performance is ~2x better than gcc 3.4 generated code and in "abso-
-# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per
-# byte [on single-issue Xscale PXA250 core].
-
-# July 2010.
-#
-# Rescheduling for dual-issue pipeline resulted in 22% improvement on
-# Cortex A8 core and ~20 cycles per processed byte.
-
-# February 2011.
-#
-# Profiler-assisted and platform-specific optimization resulted in 16%
-# improvement on Cortex A8 core and ~17 cycles per processed byte.
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$ctx="r0";	$t0="r0";
-$inp="r1";	$t3="r1";
-$len="r2";	$t1="r2";
-$T1="r3";
-$A="r4";
-$B="r5";
-$C="r6";
-$D="r7";
-$E="r8";
-$F="r9";
-$G="r10";
-$H="r11";
-@V=($A,$B,$C,$D,$E,$F,$G,$H);
-$t2="r12";
-$Ktbl="r14";
-
-@Sigma0=( 2,13,22);
-@Sigma1=( 6,11,25);
-@sigma0=( 7,18, 3);
-@sigma1=(17,19,10);
-
-sub BODY_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___ if ($i<16);
-#if __ARM_ARCH__>=7
-	ldr	$T1,[$inp],#4
-#else
-	ldrb	$T1,[$inp,#3]			@ $i
-	ldrb	$t2,[$inp,#2]
-	ldrb	$t1,[$inp,#1]
-	ldrb	$t0,[$inp],#4
-	orr	$T1,$T1,$t2,lsl#8
-	orr	$T1,$T1,$t1,lsl#16
-	orr	$T1,$T1,$t0,lsl#24
-#endif
-___
-$code.=<<___;
-	mov	$t0,$e,ror#$Sigma1[0]
-	ldr	$t2,[$Ktbl],#4			@ *K256++
-	eor	$t0,$t0,$e,ror#$Sigma1[1]
-	eor	$t1,$f,$g
-#if $i>=16
-	add	$T1,$T1,$t3			@ from BODY_16_xx
-#elif __ARM_ARCH__>=7 && defined(__ARMEL__)
-	rev	$T1,$T1
-#endif
-#if $i==15
-	str	$inp,[sp,#17*4]			@ leave room for $t3
-#endif
-	eor	$t0,$t0,$e,ror#$Sigma1[2]	@ Sigma1(e)
-	and	$t1,$t1,$e
-	str	$T1,[sp,#`$i%16`*4]
-	add	$T1,$T1,$t0
-	eor	$t1,$t1,$g			@ Ch(e,f,g)
-	add	$T1,$T1,$h
-	mov	$h,$a,ror#$Sigma0[0]
-	add	$T1,$T1,$t1
-	eor	$h,$h,$a,ror#$Sigma0[1]
-	add	$T1,$T1,$t2
-	eor	$h,$h,$a,ror#$Sigma0[2]		@ Sigma0(a)
-#if $i>=15
-	ldr	$t3,[sp,#`($i+2)%16`*4]		@ from BODY_16_xx
-#endif
-	orr	$t0,$a,$b
-	and	$t1,$a,$b
-	and	$t0,$t0,$c
-	add	$h,$h,$T1
-	orr	$t0,$t0,$t1			@ Maj(a,b,c)
-	add	$d,$d,$T1
-	add	$h,$h,$t0
-___
-}
-
-sub BODY_16_XX {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___;
-	@ ldr	$t3,[sp,#`($i+1)%16`*4]		@ $i
-	ldr	$t2,[sp,#`($i+14)%16`*4]
-	mov	$t0,$t3,ror#$sigma0[0]
-	ldr	$T1,[sp,#`($i+0)%16`*4]
-	eor	$t0,$t0,$t3,ror#$sigma0[1]
-	ldr	$t1,[sp,#`($i+9)%16`*4]
-	eor	$t0,$t0,$t3,lsr#$sigma0[2]	@ sigma0(X[i+1])
-	mov	$t3,$t2,ror#$sigma1[0]
-	add	$T1,$T1,$t0
-	eor	$t3,$t3,$t2,ror#$sigma1[1]
-	add	$T1,$T1,$t1
-	eor	$t3,$t3,$t2,lsr#$sigma1[2]	@ sigma1(X[i+14])
-	@ add	$T1,$T1,$t3
-___
-	&BODY_00_15(@_);
-}
-
-$code=<<___;
-#include "arm_arch.h"
-
-.text
-.code	32
-
-.type	K256,%object
-.align	5
-K256:
-.word	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-.word	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-.word	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-.word	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-.word	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-.word	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-.word	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-.word	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-.word	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-.word	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-.word	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-.word	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-.word	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-.word	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-.word	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-.word	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-.size	K256,.-K256
-
-.global	sha256_block_data_order
-.type	sha256_block_data_order,%function
-sha256_block_data_order:
-	sub	r3,pc,#8		@ sha256_block_data_order
-	add	$len,$inp,$len,lsl#6	@ len to point at the end of inp
-	stmdb	sp!,{$ctx,$inp,$len,r4-r11,lr}
-	ldmia	$ctx,{$A,$B,$C,$D,$E,$F,$G,$H}
-	sub	$Ktbl,r3,#256		@ K256
-	sub	sp,sp,#16*4		@ alloca(X[16])
-.Loop:
-___
-for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
-$code.=".Lrounds_16_xx:\n";
-for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	and	$t2,$t2,#0xff
-	cmp	$t2,#0xf2
-	bne	.Lrounds_16_xx
-
-	ldr	$T1,[sp,#16*4]		@ pull ctx
-	ldr	$t0,[$T1,#0]
-	ldr	$t1,[$T1,#4]
-	ldr	$t2,[$T1,#8]
-	add	$A,$A,$t0
-	ldr	$t0,[$T1,#12]
-	add	$B,$B,$t1
-	ldr	$t1,[$T1,#16]
-	add	$C,$C,$t2
-	ldr	$t2,[$T1,#20]
-	add	$D,$D,$t0
-	ldr	$t0,[$T1,#24]
-	add	$E,$E,$t1
-	ldr	$t1,[$T1,#28]
-	add	$F,$F,$t2
-	ldr	$inp,[sp,#17*4]		@ pull inp
-	ldr	$t2,[sp,#18*4]		@ pull inp+len
-	add	$G,$G,$t0
-	add	$H,$H,$t1
-	stmia	$T1,{$A,$B,$C,$D,$E,$F,$G,$H}
-	cmp	$inp,$t2
-	sub	$Ktbl,$Ktbl,#256	@ rewind Ktbl
-	bne	.Loop
-
-	add	sp,sp,#`16+3`*4	@ destroy frame
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r11,pc}
-#else
-	ldmia	sp!,{r4-r11,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-.size   sha256_block_data_order,.-sha256_block_data_order
-.asciz  "SHA256 block transform for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT; # enforce flush
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-586.pl b/lib/libssl/src/crypto/sha/asm/sha512-586.pl
deleted file mode 100644
index 7eab6a5b88b..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-586.pl
+++ /dev/null
@@ -1,644 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# SHA512 block transform for x86. September 2007.
-#
-# Performance in clock cycles per processed byte (less is better):
-#
-#		Pentium	PIII	P4	AMD K8	Core2
-# gcc		100	75	116	54	66
-# icc		97	77	95	55	57
-# x86 asm	61	56	82	36	40
-# SSE2 asm	-	-	38	24	20
-# x86_64 asm(*)	-	-	30	10.0	10.5
-#
-# (*) x86_64 assembler performance is presented for reference
-#     purposes.
-#
-# IALU code-path is optimized for elder Pentiums. On vanilla Pentium
-# performance improvement over compiler generated code reaches ~60%,
-# while on PIII - ~35%. On newer �-archs improvement varies from 15%
-# to 50%, but it's less important as they are expected to execute SSE2
-# code-path, which is commonly ~2-3x faster [than compiler generated
-# code]. SSE2 code-path is as fast as original sha512-sse2.pl, even
-# though it does not use 128-bit operations. The latter means that
-# SSE2-aware kernel is no longer required to execute the code. Another
-# difference is that new code optimizes amount of writes, but at the
-# cost of increased data cache "footprint" by 1/2KB.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
-
-$sse2=0;
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&external_label("OPENSSL_ia32cap_P") if ($sse2);
-
-$Tlo=&DWP(0,"esp");	$Thi=&DWP(4,"esp");
-$Alo=&DWP(8,"esp");	$Ahi=&DWP(8+4,"esp");
-$Blo=&DWP(16,"esp");	$Bhi=&DWP(16+4,"esp");
-$Clo=&DWP(24,"esp");	$Chi=&DWP(24+4,"esp");
-$Dlo=&DWP(32,"esp");	$Dhi=&DWP(32+4,"esp");
-$Elo=&DWP(40,"esp");	$Ehi=&DWP(40+4,"esp");
-$Flo=&DWP(48,"esp");	$Fhi=&DWP(48+4,"esp");
-$Glo=&DWP(56,"esp");	$Ghi=&DWP(56+4,"esp");
-$Hlo=&DWP(64,"esp");	$Hhi=&DWP(64+4,"esp");
-$K512="ebp";
-
-$Asse2=&QWP(0,"esp");
-$Bsse2=&QWP(8,"esp");
-$Csse2=&QWP(16,"esp");
-$Dsse2=&QWP(24,"esp");
-$Esse2=&QWP(32,"esp");
-$Fsse2=&QWP(40,"esp");
-$Gsse2=&QWP(48,"esp");
-$Hsse2=&QWP(56,"esp");
-
-$A="mm0";	# B-D and
-$E="mm4";	# F-H are commonly loaded to respectively mm1-mm3 and
-		# mm5-mm7, but it's done on on-demand basis...
-
-sub BODY_00_15_sse2 {
-    my $prefetch=shift;
-
-	&movq	("mm5",$Fsse2);			# load f
-	&movq	("mm6",$Gsse2);			# load g
-	&movq	("mm7",$Hsse2);			# load h
-
-	&movq	("mm1",$E);			# %mm1 is sliding right
-	&movq	("mm2",$E);			# %mm2 is sliding left
-	&psrlq	("mm1",14);
-	&movq	($Esse2,$E);			# modulo-scheduled save e
-	&psllq	("mm2",23);
-	&movq	("mm3","mm1");			# %mm3 is T1
-	&psrlq	("mm1",4);
-	&pxor	("mm3","mm2");
-	&psllq	("mm2",23);
-	&pxor	("mm3","mm1");
-	&psrlq	("mm1",23);
-	&pxor	("mm3","mm2");
-	&psllq	("mm2",4);
-	&pxor	("mm3","mm1");
-	&paddq	("mm7",QWP(0,$K512));		# h+=K512[i]
-	&pxor	("mm3","mm2");			# T1=Sigma1_512(e)
-
-	&pxor	("mm5","mm6");			# f^=g
-	&movq	("mm1",$Bsse2);			# load b
-	&pand	("mm5",$E);			# f&=e
-	&movq	("mm2",$Csse2);			# load c
-	&pxor	("mm5","mm6");			# f^=g
-	&movq	($E,$Dsse2);			# e = load d
-	&paddq	("mm3","mm5");			# T1+=Ch(e,f,g)
-	&movq	(&QWP(0,"esp"),$A);		# modulo-scheduled save a
-	&paddq	("mm3","mm7");			# T1+=h
-
-	&movq	("mm5",$A);			# %mm5 is sliding right
-	&movq	("mm6",$A);			# %mm6 is sliding left
-	&paddq	("mm3",&QWP(8*9,"esp"));	# T1+=X[0]
-	&psrlq	("mm5",28);
-	&paddq	($E,"mm3");			# e += T1
-	&psllq	("mm6",25);
-	&movq	("mm7","mm5");			# %mm7 is T2
-	&psrlq	("mm5",6);
-	&pxor	("mm7","mm6");
-	&psllq	("mm6",5);
-	&pxor	("mm7","mm5");
-	&psrlq	("mm5",5);
-	&pxor	("mm7","mm6");
-	&psllq	("mm6",6);
-	&pxor	("mm7","mm5");
-	&sub	("esp",8);
-	&pxor	("mm7","mm6");			# T2=Sigma0_512(a)
-
-	&movq	("mm5",$A);			# %mm5=a
-	&por	($A,"mm2");			# a=a|c
-	&movq	("mm6",&QWP(8*(9+16-14),"esp"))	if ($prefetch);
-	&pand	("mm5","mm2");			# %mm5=a&c
-	&pand	($A,"mm1");			# a=(a|c)&b
-	&movq	("mm2",&QWP(8*(9+16-1),"esp"))	if ($prefetch);
-	&por	("mm5",$A);			# %mm5=(a&c)|((a|c)&b)
-	&paddq	("mm7","mm5");			# T2+=Maj(a,b,c)
-	&movq	($A,"mm3");			# a=T1
-
-	&mov	(&LB("edx"),&BP(0,$K512));
-	&paddq	($A,"mm7");			# a+=T2
-	&add	($K512,8);
-}
-
-sub BODY_00_15_x86 {
-	#define Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
-	#	LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
-	#	HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
-	&mov	("ecx",$Elo);
-	&mov	("edx",$Ehi);
-	&mov	("esi","ecx");
-
-	&shr	("ecx",9);	# lo>>9
-	&mov	("edi","edx");
-	&shr	("edx",9);	# hi>>9
-	&mov	("ebx","ecx");
-	&shl	("esi",14);	# lo<<14
-	&mov	("eax","edx");
-	&shl	("edi",14);	# hi<<14
-	&xor	("ebx","esi");
-
-	&shr	("ecx",14-9);	# lo>>14
-	&xor	("eax","edi");
-	&shr	("edx",14-9);	# hi>>14
-	&xor	("eax","ecx");
-	&shl	("esi",18-14);	# lo<<18
-	&xor	("ebx","edx");
-	&shl	("edi",18-14);	# hi<<18
-	&xor	("ebx","esi");
-
-	&shr	("ecx",18-14);	# lo>>18
-	&xor	("eax","edi");
-	&shr	("edx",18-14);	# hi>>18
-	&xor	("eax","ecx");
-	&shl	("esi",23-18);	# lo<<23
-	&xor	("ebx","edx");
-	&shl	("edi",23-18);	# hi<<23
-	&xor	("eax","esi");
-	&xor	("ebx","edi");			# T1 = Sigma1(e)
-
-	&mov	("ecx",$Flo);
-	&mov	("edx",$Fhi);
-	&mov	("esi",$Glo);
-	&mov	("edi",$Ghi);
-	 &add	("eax",$Hlo);
-	 &adc	("ebx",$Hhi);			# T1 += h
-	&xor	("ecx","esi");
-	&xor	("edx","edi");
-	&and	("ecx",$Elo);
-	&and	("edx",$Ehi);
-	 &add	("eax",&DWP(8*(9+15)+0,"esp"));
-	 &adc	("ebx",&DWP(8*(9+15)+4,"esp"));	# T1 += X[0]
-	&xor	("ecx","esi");
-	&xor	("edx","edi");			# Ch(e,f,g) = (f^g)&e)^g
-
-	&mov	("esi",&DWP(0,$K512));
-	&mov	("edi",&DWP(4,$K512));		# K[i]
-	&add	("eax","ecx");
-	&adc	("ebx","edx");			# T1 += Ch(e,f,g)
-	&mov	("ecx",$Dlo);
-	&mov	("edx",$Dhi);
-	&add	("eax","esi");
-	&adc	("ebx","edi");			# T1 += K[i]
-	&mov	($Tlo,"eax");
-	&mov	($Thi,"ebx");			# put T1 away
-	&add	("eax","ecx");
-	&adc	("ebx","edx");			# d += T1
-
-	#define Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
-	#	LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
-	#	HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
-	&mov	("ecx",$Alo);
-	&mov	("edx",$Ahi);
-	&mov	($Dlo,"eax");
-	&mov	($Dhi,"ebx");
-	&mov	("esi","ecx");
-
-	&shr	("ecx",2);	# lo>>2
-	&mov	("edi","edx");
-	&shr	("edx",2);	# hi>>2
-	&mov	("ebx","ecx");
-	&shl	("esi",4);	# lo<<4
-	&mov	("eax","edx");
-	&shl	("edi",4);	# hi<<4
-	&xor	("ebx","esi");
-
-	&shr	("ecx",7-2);	# lo>>7
-	&xor	("eax","edi");
-	&shr	("edx",7-2);	# hi>>7
-	&xor	("ebx","ecx");
-	&shl	("esi",25-4);	# lo<<25
-	&xor	("eax","edx");
-	&shl	("edi",25-4);	# hi<<25
-	&xor	("eax","esi");
-
-	&shr	("ecx",28-7);	# lo>>28
-	&xor	("ebx","edi");
-	&shr	("edx",28-7);	# hi>>28
-	&xor	("eax","ecx");
-	&shl	("esi",30-25);	# lo<<30
-	&xor	("ebx","edx");
-	&shl	("edi",30-25);	# hi<<30
-	&xor	("eax","esi");
-	&xor	("ebx","edi");			# Sigma0(a)
-
-	&mov	("ecx",$Alo);
-	&mov	("edx",$Ahi);
-	&mov	("esi",$Blo);
-	&mov	("edi",$Bhi);
-	&add	("eax",$Tlo);
-	&adc	("ebx",$Thi);			# T1 = Sigma0(a)+T1
-	&or	("ecx","esi");
-	&or	("edx","edi");
-	&and	("ecx",$Clo);
-	&and	("edx",$Chi);
-	&and	("esi",$Alo);
-	&and	("edi",$Ahi);
-	&or	("ecx","esi");
-	&or	("edx","edi");			# Maj(a,b,c) = ((a|b)&c)|(a&b)
-
-	&add	("eax","ecx");
-	&adc	("ebx","edx");			# T1 += Maj(a,b,c)
-	&mov	($Tlo,"eax");
-	&mov	($Thi,"ebx");
-
-	&mov	(&LB("edx"),&BP(0,$K512));	# pre-fetch LSB of *K
-	&sub	("esp",8);
-	&lea	($K512,&DWP(8,$K512));		# K++
-}
-
-
-&function_begin("sha512_block_data_order");
-	&mov	("esi",wparam(0));	# ctx
-	&mov	("edi",wparam(1));	# inp
-	&mov	("eax",wparam(2));	# num
-	&mov	("ebx","esp");		# saved sp
-
-	&call	(&label("pic_point"));	# make it PIC!
-&set_label("pic_point");
-	&blindpop($K512);
-	&lea	($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
-
-	&sub	("esp",16);
-	&and	("esp",-64);
-
-	&shl	("eax",7);
-	&add	("eax","edi");
-	&mov	(&DWP(0,"esp"),"esi");	# ctx
-	&mov	(&DWP(4,"esp"),"edi");	# inp
-	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
-	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
-
-if ($sse2) {
-	&picmeup("edx","OPENSSL_ia32cap_P",$K512,&label("K512"));
-	&bt	(&DWP(0,"edx"),26);
-	&jnc	(&label("loop_x86"));
-
-	# load ctx->h[0-7]
-	&movq	($A,&QWP(0,"esi"));
-	&movq	("mm1",&QWP(8,"esi"));
-	&movq	("mm2",&QWP(16,"esi"));
-	&movq	("mm3",&QWP(24,"esi"));
-	&movq	($E,&QWP(32,"esi"));
-	&movq	("mm5",&QWP(40,"esi"));
-	&movq	("mm6",&QWP(48,"esi"));
-	&movq	("mm7",&QWP(56,"esi"));
-	&sub	("esp",8*10);
-
-&set_label("loop_sse2",16);
-	# &movq	($Asse2,$A);
-	&movq	($Bsse2,"mm1");
-	&movq	($Csse2,"mm2");
-	&movq	($Dsse2,"mm3");
-	# &movq	($Esse2,$E);
-	&movq	($Fsse2,"mm5");
-	&movq	($Gsse2,"mm6");
-	&movq	($Hsse2,"mm7");
-
-	&mov	("ecx",&DWP(0,"edi"));
-	&mov	("edx",&DWP(4,"edi"));
-	&add	("edi",8);
-	&bswap	("ecx");
-	&bswap	("edx");
-	&mov	(&DWP(8*9+4,"esp"),"ecx");
-	&mov	(&DWP(8*9+0,"esp"),"edx");
-
-&set_label("00_14_sse2",16);
-	&mov	("eax",&DWP(0,"edi"));
-	&mov	("ebx",&DWP(4,"edi"));
-	&add	("edi",8);
-	&bswap	("eax");
-	&bswap	("ebx");
-	&mov	(&DWP(8*8+4,"esp"),"eax");
-	&mov	(&DWP(8*8+0,"esp"),"ebx");
-
-	&BODY_00_15_sse2();
-
-	&cmp	(&LB("edx"),0x35);
-	&jne	(&label("00_14_sse2"));
-
-	&BODY_00_15_sse2(1);
-
-&set_label("16_79_sse2",16);
-	#&movq	("mm2",&QWP(8*(9+16-1),"esp"));	#prefetched in BODY_00_15 
-	#&movq	("mm6",&QWP(8*(9+16-14),"esp"));
-	&movq	("mm1","mm2");
-
-	&psrlq	("mm2",1);
-	&movq	("mm7","mm6");
-	&psrlq	("mm6",6);
-	&movq	("mm3","mm2");
-
-	&psrlq	("mm2",7-1);
-	&movq	("mm5","mm6");
-	&psrlq	("mm6",19-6);
-	&pxor	("mm3","mm2");
-
-	&psrlq	("mm2",8-7);
-	&pxor	("mm5","mm6");
-	&psrlq	("mm6",61-19);
-	&pxor	("mm3","mm2");
-
-	&movq	("mm2",&QWP(8*(9+16),"esp"));
-
-	&psllq	("mm1",56);
-	&pxor	("mm5","mm6");
-	&psllq	("mm7",3);
-	&pxor	("mm3","mm1");
-
-	&paddq	("mm2",&QWP(8*(9+16-9),"esp"));
-
-	&psllq	("mm1",63-56);
-	&pxor	("mm5","mm7");
-	&psllq	("mm7",45-3);
-	&pxor	("mm3","mm1");
-	&pxor	("mm5","mm7");
-
-	&paddq	("mm3","mm5");
-	&paddq	("mm3","mm2");
-	&movq	(&QWP(8*9,"esp"),"mm3");
-
-	&BODY_00_15_sse2(1);
-
-	&cmp	(&LB("edx"),0x17);
-	&jne	(&label("16_79_sse2"));
-
-	# &movq	($A,$Asse2);
-	&movq	("mm1",$Bsse2);
-	&movq	("mm2",$Csse2);
-	&movq	("mm3",$Dsse2);
-	# &movq	($E,$Esse2);
-	&movq	("mm5",$Fsse2);
-	&movq	("mm6",$Gsse2);
-	&movq	("mm7",$Hsse2);
-
-	&paddq	($A,&QWP(0,"esi"));
-	&paddq	("mm1",&QWP(8,"esi"));
-	&paddq	("mm2",&QWP(16,"esi"));
-	&paddq	("mm3",&QWP(24,"esi"));
-	&paddq	($E,&QWP(32,"esi"));
-	&paddq	("mm5",&QWP(40,"esi"));
-	&paddq	("mm6",&QWP(48,"esi"));
-	&paddq	("mm7",&QWP(56,"esi"));
-
-	&movq	(&QWP(0,"esi"),$A);
-	&movq	(&QWP(8,"esi"),"mm1");
-	&movq	(&QWP(16,"esi"),"mm2");
-	&movq	(&QWP(24,"esi"),"mm3");
-	&movq	(&QWP(32,"esi"),$E);
-	&movq	(&QWP(40,"esi"),"mm5");
-	&movq	(&QWP(48,"esi"),"mm6");
-	&movq	(&QWP(56,"esi"),"mm7");
-
-	&add	("esp",8*80);			# destroy frame
-	&sub	($K512,8*80);			# rewind K
-
-	&cmp	("edi",&DWP(8*10+8,"esp"));	# are we done yet?
-	&jb	(&label("loop_sse2"));
-
-	&emms	();
-	&mov	("esp",&DWP(8*10+12,"esp"));	# restore sp
-&function_end_A();
-}
-&set_label("loop_x86",16);
-    # copy input block to stack reversing byte and qword order
-    for ($i=0;$i<8;$i++) {
-	&mov	("eax",&DWP($i*16+0,"edi"));
-	&mov	("ebx",&DWP($i*16+4,"edi"));
-	&mov	("ecx",&DWP($i*16+8,"edi"));
-	&mov	("edx",&DWP($i*16+12,"edi"));
-	&bswap	("eax");
-	&bswap	("ebx");
-	&bswap	("ecx");
-	&bswap	("edx");
-	&push	("eax");
-	&push	("ebx");
-	&push	("ecx");
-	&push	("edx");
-    }
-	&add	("edi",128);
-	&sub	("esp",9*8);		# place for T,A,B,C,D,E,F,G,H
-	&mov	(&DWP(8*(9+16)+4,"esp"),"edi");
-
-	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
-	&lea	("edi",&DWP(8,"esp"));
-	&mov	("ecx",16);
-	&data_word(0xA5F3F689);		# rep movsd
-
-&set_label("00_15_x86",16);
-	&BODY_00_15_x86();
-
-	&cmp	(&LB("edx"),0x94);
-	&jne	(&label("00_15_x86"));
-
-&set_label("16_79_x86",16);
-	#define sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
-	#	LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
-	#	HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
-	&mov	("ecx",&DWP(8*(9+15+16-1)+0,"esp"));
-	&mov	("edx",&DWP(8*(9+15+16-1)+4,"esp"));
-	&mov	("esi","ecx");
-
-	&shr	("ecx",1);	# lo>>1
-	&mov	("edi","edx");
-	&shr	("edx",1);	# hi>>1
-	&mov	("eax","ecx");
-	&shl	("esi",24);	# lo<<24
-	&mov	("ebx","edx");
-	&shl	("edi",24);	# hi<<24
-	&xor	("ebx","esi");
-
-	&shr	("ecx",7-1);	# lo>>7
-	&xor	("eax","edi");
-	&shr	("edx",7-1);	# hi>>7
-	&xor	("eax","ecx");
-	&shl	("esi",31-24);	# lo<<31
-	&xor	("ebx","edx");
-	&shl	("edi",25-24);	# hi<<25
-	&xor	("ebx","esi");
-
-	&shr	("ecx",8-7);	# lo>>8
-	&xor	("eax","edi");
-	&shr	("edx",8-7);	# hi>>8
-	&xor	("eax","ecx");
-	&shl	("edi",31-25);	# hi<<31
-	&xor	("ebx","edx");
-	&xor	("eax","edi");			# T1 = sigma0(X[-15])
-
-	&mov	(&DWP(0,"esp"),"eax");
-	&mov	(&DWP(4,"esp"),"ebx");		# put T1 away
-
-	#define sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
-	#	LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
-	#	HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
-	&mov	("ecx",&DWP(8*(9+15+16-14)+0,"esp"));
-	&mov	("edx",&DWP(8*(9+15+16-14)+4,"esp"));
-	&mov	("esi","ecx");
-
-	&shr	("ecx",6);	# lo>>6
-	&mov	("edi","edx");
-	&shr	("edx",6);	# hi>>6
-	&mov	("eax","ecx");
-	&shl	("esi",3);	# lo<<3
-	&mov	("ebx","edx");
-	&shl	("edi",3);	# hi<<3
-	&xor	("eax","esi");
-
-	&shr	("ecx",19-6);	# lo>>19
-	&xor	("ebx","edi");
-	&shr	("edx",19-6);	# hi>>19
-	&xor	("eax","ecx");
-	&shl	("esi",13-3);	# lo<<13
-	&xor	("ebx","edx");
-	&shl	("edi",13-3);	# hi<<13
-	&xor	("ebx","esi");
-
-	&shr	("ecx",29-19);	# lo>>29
-	&xor	("eax","edi");
-	&shr	("edx",29-19);	# hi>>29
-	&xor	("ebx","ecx");
-	&shl	("edi",26-13);	# hi<<26
-	&xor	("eax","edx");
-	&xor	("eax","edi");			# sigma1(X[-2])
-
-	&mov	("ecx",&DWP(8*(9+15+16)+0,"esp"));
-	&mov	("edx",&DWP(8*(9+15+16)+4,"esp"));
-	&add	("eax",&DWP(0,"esp"));
-	&adc	("ebx",&DWP(4,"esp"));		# T1 = sigma1(X[-2])+T1
-	&mov	("esi",&DWP(8*(9+15+16-9)+0,"esp"));
-	&mov	("edi",&DWP(8*(9+15+16-9)+4,"esp"));
-	&add	("eax","ecx");
-	&adc	("ebx","edx");			# T1 += X[-16]
-	&add	("eax","esi");
-	&adc	("ebx","edi");			# T1 += X[-7]
-	&mov	(&DWP(8*(9+15)+0,"esp"),"eax");
-	&mov	(&DWP(8*(9+15)+4,"esp"),"ebx");	# save X[0]
-
-	&BODY_00_15_x86();
-
-	&cmp	(&LB("edx"),0x17);
-	&jne	(&label("16_79_x86"));
-
-	&mov	("esi",&DWP(8*(9+16+80)+0,"esp"));# ctx
-	&mov	("edi",&DWP(8*(9+16+80)+4,"esp"));# inp
-    for($i=0;$i<4;$i++) {
-	&mov	("eax",&DWP($i*16+0,"esi"));
-	&mov	("ebx",&DWP($i*16+4,"esi"));
-	&mov	("ecx",&DWP($i*16+8,"esi"));
-	&mov	("edx",&DWP($i*16+12,"esi"));
-	&add	("eax",&DWP(8+($i*16)+0,"esp"));
-	&adc	("ebx",&DWP(8+($i*16)+4,"esp"));
-	&mov	(&DWP($i*16+0,"esi"),"eax");
-	&mov	(&DWP($i*16+4,"esi"),"ebx");
-	&add	("ecx",&DWP(8+($i*16)+8,"esp"));
-	&adc	("edx",&DWP(8+($i*16)+12,"esp"));
-	&mov	(&DWP($i*16+8,"esi"),"ecx");
-	&mov	(&DWP($i*16+12,"esi"),"edx");
-    }
-	&add	("esp",8*(9+16+80));		# destroy frame
-	&sub	($K512,8*80);			# rewind K
-
-	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
-	&jb	(&label("loop_x86"));
-
-	&mov	("esp",&DWP(12,"esp"));		# restore sp
-&function_end_A();
-
-&set_label("K512",64);	# Yes! I keep it in the code segment!
-	&data_word(0xd728ae22,0x428a2f98);	# u64
-	&data_word(0x23ef65cd,0x71374491);	# u64
-	&data_word(0xec4d3b2f,0xb5c0fbcf);	# u64
-	&data_word(0x8189dbbc,0xe9b5dba5);	# u64
-	&data_word(0xf348b538,0x3956c25b);	# u64
-	&data_word(0xb605d019,0x59f111f1);	# u64
-	&data_word(0xaf194f9b,0x923f82a4);	# u64
-	&data_word(0xda6d8118,0xab1c5ed5);	# u64
-	&data_word(0xa3030242,0xd807aa98);	# u64
-	&data_word(0x45706fbe,0x12835b01);	# u64
-	&data_word(0x4ee4b28c,0x243185be);	# u64
-	&data_word(0xd5ffb4e2,0x550c7dc3);	# u64
-	&data_word(0xf27b896f,0x72be5d74);	# u64
-	&data_word(0x3b1696b1,0x80deb1fe);	# u64
-	&data_word(0x25c71235,0x9bdc06a7);	# u64
-	&data_word(0xcf692694,0xc19bf174);	# u64
-	&data_word(0x9ef14ad2,0xe49b69c1);	# u64
-	&data_word(0x384f25e3,0xefbe4786);	# u64
-	&data_word(0x8b8cd5b5,0x0fc19dc6);	# u64
-	&data_word(0x77ac9c65,0x240ca1cc);	# u64
-	&data_word(0x592b0275,0x2de92c6f);	# u64
-	&data_word(0x6ea6e483,0x4a7484aa);	# u64
-	&data_word(0xbd41fbd4,0x5cb0a9dc);	# u64
-	&data_word(0x831153b5,0x76f988da);	# u64
-	&data_word(0xee66dfab,0x983e5152);	# u64
-	&data_word(0x2db43210,0xa831c66d);	# u64
-	&data_word(0x98fb213f,0xb00327c8);	# u64
-	&data_word(0xbeef0ee4,0xbf597fc7);	# u64
-	&data_word(0x3da88fc2,0xc6e00bf3);	# u64
-	&data_word(0x930aa725,0xd5a79147);	# u64
-	&data_word(0xe003826f,0x06ca6351);	# u64
-	&data_word(0x0a0e6e70,0x14292967);	# u64
-	&data_word(0x46d22ffc,0x27b70a85);	# u64
-	&data_word(0x5c26c926,0x2e1b2138);	# u64
-	&data_word(0x5ac42aed,0x4d2c6dfc);	# u64
-	&data_word(0x9d95b3df,0x53380d13);	# u64
-	&data_word(0x8baf63de,0x650a7354);	# u64
-	&data_word(0x3c77b2a8,0x766a0abb);	# u64
-	&data_word(0x47edaee6,0x81c2c92e);	# u64
-	&data_word(0x1482353b,0x92722c85);	# u64
-	&data_word(0x4cf10364,0xa2bfe8a1);	# u64
-	&data_word(0xbc423001,0xa81a664b);	# u64
-	&data_word(0xd0f89791,0xc24b8b70);	# u64
-	&data_word(0x0654be30,0xc76c51a3);	# u64
-	&data_word(0xd6ef5218,0xd192e819);	# u64
-	&data_word(0x5565a910,0xd6990624);	# u64
-	&data_word(0x5771202a,0xf40e3585);	# u64
-	&data_word(0x32bbd1b8,0x106aa070);	# u64
-	&data_word(0xb8d2d0c8,0x19a4c116);	# u64
-	&data_word(0x5141ab53,0x1e376c08);	# u64
-	&data_word(0xdf8eeb99,0x2748774c);	# u64
-	&data_word(0xe19b48a8,0x34b0bcb5);	# u64
-	&data_word(0xc5c95a63,0x391c0cb3);	# u64
-	&data_word(0xe3418acb,0x4ed8aa4a);	# u64
-	&data_word(0x7763e373,0x5b9cca4f);	# u64
-	&data_word(0xd6b2b8a3,0x682e6ff3);	# u64
-	&data_word(0x5defb2fc,0x748f82ee);	# u64
-	&data_word(0x43172f60,0x78a5636f);	# u64
-	&data_word(0xa1f0ab72,0x84c87814);	# u64
-	&data_word(0x1a6439ec,0x8cc70208);	# u64
-	&data_word(0x23631e28,0x90befffa);	# u64
-	&data_word(0xde82bde9,0xa4506ceb);	# u64
-	&data_word(0xb2c67915,0xbef9a3f7);	# u64
-	&data_word(0xe372532b,0xc67178f2);	# u64
-	&data_word(0xea26619c,0xca273ece);	# u64
-	&data_word(0x21c0c207,0xd186b8c7);	# u64
-	&data_word(0xcde0eb1e,0xeada7dd6);	# u64
-	&data_word(0xee6ed178,0xf57d4f7f);	# u64
-	&data_word(0x72176fba,0x06f067aa);	# u64
-	&data_word(0xa2c898a6,0x0a637dc5);	# u64
-	&data_word(0xbef90dae,0x113f9804);	# u64
-	&data_word(0x131c471b,0x1b710b35);	# u64
-	&data_word(0x23047d84,0x28db77f5);	# u64
-	&data_word(0x40c72493,0x32caab7b);	# u64
-	&data_word(0x15c9bebc,0x3c9ebe0a);	# u64
-	&data_word(0x9c100d4c,0x431d67c4);	# u64
-	&data_word(0xcb3e42b6,0x4cc5d4be);	# u64
-	&data_word(0xfc657e2a,0x597f299c);	# u64
-	&data_word(0x3ad6faec,0x5fcb6fab);	# u64
-	&data_word(0x4a475817,0x6c44198c);	# u64
-&function_end_B("sha512_block_data_order");
-&asciz("SHA512 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-armv4.pl b/lib/libssl/src/crypto/sha/asm/sha512-armv4.pl
deleted file mode 100644
index 7faf37b1479..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-armv4.pl
+++ /dev/null
@@ -1,582 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA512 block procedure for ARMv4. September 2007.
-
-# This code is ~4.5 (four and a half) times faster than code generated
-# by gcc 3.4 and it spends ~72 clock cycles per byte [on single-issue
-# Xscale PXA250 core].
-#
-# July 2010.
-#
-# Rescheduling for dual-issue pipeline resulted in 6% improvement on
-# Cortex A8 core and ~40 cycles per processed byte.
-
-# February 2011.
-#
-# Profiler-assisted and platform-specific optimization resulted in 7%
-# improvement on Coxtex A8 core and ~38 cycles per byte.
-
-# March 2011.
-#
-# Add NEON implementation. On Cortex A8 it was measured to process
-# one byte in 25.5 cycles or 47% faster than integer-only code.
-
-# Byte order [in]dependence. =========================================
-#
-# Originally caller was expected to maintain specific *dword* order in
-# h[0-7], namely with most significant dword at *lower* address, which
-# was reflected in below two parameters as 0 and 4. Now caller is
-# expected to maintain native byte order for whole 64-bit values.
-$hi="HI";
-$lo="LO";
-# ====================================================================
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-$ctx="r0";	# parameter block
-$inp="r1";
-$len="r2";
-
-$Tlo="r3";
-$Thi="r4";
-$Alo="r5";
-$Ahi="r6";
-$Elo="r7";
-$Ehi="r8";
-$t0="r9";
-$t1="r10";
-$t2="r11";
-$t3="r12";
-############	r13 is stack pointer
-$Ktbl="r14";
-############	r15 is program counter
-
-$Aoff=8*0;
-$Boff=8*1;
-$Coff=8*2;
-$Doff=8*3;
-$Eoff=8*4;
-$Foff=8*5;
-$Goff=8*6;
-$Hoff=8*7;
-$Xoff=8*8;
-
-sub BODY_00_15() {
-my $magic = shift;
-$code.=<<___;
-	@ Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
-	@ LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
-	@ HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
-	mov	$t0,$Elo,lsr#14
-	str	$Tlo,[sp,#$Xoff+0]
-	mov	$t1,$Ehi,lsr#14
-	str	$Thi,[sp,#$Xoff+4]
-	eor	$t0,$t0,$Ehi,lsl#18
-	ldr	$t2,[sp,#$Hoff+0]	@ h.lo
-	eor	$t1,$t1,$Elo,lsl#18
-	ldr	$t3,[sp,#$Hoff+4]	@ h.hi
-	eor	$t0,$t0,$Elo,lsr#18
-	eor	$t1,$t1,$Ehi,lsr#18
-	eor	$t0,$t0,$Ehi,lsl#14
-	eor	$t1,$t1,$Elo,lsl#14
-	eor	$t0,$t0,$Ehi,lsr#9
-	eor	$t1,$t1,$Elo,lsr#9
-	eor	$t0,$t0,$Elo,lsl#23
-	eor	$t1,$t1,$Ehi,lsl#23	@ Sigma1(e)
-	adds	$Tlo,$Tlo,$t0
-	ldr	$t0,[sp,#$Foff+0]	@ f.lo
-	adc	$Thi,$Thi,$t1		@ T += Sigma1(e)
-	ldr	$t1,[sp,#$Foff+4]	@ f.hi
-	adds	$Tlo,$Tlo,$t2
-	ldr	$t2,[sp,#$Goff+0]	@ g.lo
-	adc	$Thi,$Thi,$t3		@ T += h
-	ldr	$t3,[sp,#$Goff+4]	@ g.hi
-
-	eor	$t0,$t0,$t2
-	str	$Elo,[sp,#$Eoff+0]
-	eor	$t1,$t1,$t3
-	str	$Ehi,[sp,#$Eoff+4]
-	and	$t0,$t0,$Elo
-	str	$Alo,[sp,#$Aoff+0]
-	and	$t1,$t1,$Ehi
-	str	$Ahi,[sp,#$Aoff+4]
-	eor	$t0,$t0,$t2
-	ldr	$t2,[$Ktbl,#$lo]	@ K[i].lo
-	eor	$t1,$t1,$t3		@ Ch(e,f,g)
-	ldr	$t3,[$Ktbl,#$hi]	@ K[i].hi
-
-	adds	$Tlo,$Tlo,$t0
-	ldr	$Elo,[sp,#$Doff+0]	@ d.lo
-	adc	$Thi,$Thi,$t1		@ T += Ch(e,f,g)
-	ldr	$Ehi,[sp,#$Doff+4]	@ d.hi
-	adds	$Tlo,$Tlo,$t2
-	and	$t0,$t2,#0xff
-	adc	$Thi,$Thi,$t3		@ T += K[i]
-	adds	$Elo,$Elo,$Tlo
-	ldr	$t2,[sp,#$Boff+0]	@ b.lo
-	adc	$Ehi,$Ehi,$Thi		@ d += T
-	teq	$t0,#$magic
-
-	ldr	$t3,[sp,#$Coff+0]	@ c.lo
-	orreq	$Ktbl,$Ktbl,#1
-	@ Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
-	@ LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
-	@ HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
-	mov	$t0,$Alo,lsr#28
-	mov	$t1,$Ahi,lsr#28
-	eor	$t0,$t0,$Ahi,lsl#4
-	eor	$t1,$t1,$Alo,lsl#4
-	eor	$t0,$t0,$Ahi,lsr#2
-	eor	$t1,$t1,$Alo,lsr#2
-	eor	$t0,$t0,$Alo,lsl#30
-	eor	$t1,$t1,$Ahi,lsl#30
-	eor	$t0,$t0,$Ahi,lsr#7
-	eor	$t1,$t1,$Alo,lsr#7
-	eor	$t0,$t0,$Alo,lsl#25
-	eor	$t1,$t1,$Ahi,lsl#25	@ Sigma0(a)
-	adds	$Tlo,$Tlo,$t0
-	and	$t0,$Alo,$t2
-	adc	$Thi,$Thi,$t1		@ T += Sigma0(a)
-
-	ldr	$t1,[sp,#$Boff+4]	@ b.hi
-	orr	$Alo,$Alo,$t2
-	ldr	$t2,[sp,#$Coff+4]	@ c.hi
-	and	$Alo,$Alo,$t3
-	and	$t3,$Ahi,$t1
-	orr	$Ahi,$Ahi,$t1
-	orr	$Alo,$Alo,$t0		@ Maj(a,b,c).lo
-	and	$Ahi,$Ahi,$t2
-	adds	$Alo,$Alo,$Tlo
-	orr	$Ahi,$Ahi,$t3		@ Maj(a,b,c).hi
-	sub	sp,sp,#8
-	adc	$Ahi,$Ahi,$Thi		@ h += T
-	tst	$Ktbl,#1
-	add	$Ktbl,$Ktbl,#8
-___
-}
-$code=<<___;
-#include "arm_arch.h"
-#ifdef __ARMEL__
-# define LO 0
-# define HI 4
-# define WORD64(hi0,lo0,hi1,lo1)	.word	lo0,hi0, lo1,hi1
-#else
-# define HI 0
-# define LO 4
-# define WORD64(hi0,lo0,hi1,lo1)	.word	hi0,lo0, hi1,lo1
-#endif
-
-.text
-.code	32
-.type	K512,%object
-.align	5
-K512:
-WORD64(0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd)
-WORD64(0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc)
-WORD64(0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019)
-WORD64(0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118)
-WORD64(0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe)
-WORD64(0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2)
-WORD64(0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1)
-WORD64(0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694)
-WORD64(0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3)
-WORD64(0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65)
-WORD64(0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483)
-WORD64(0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5)
-WORD64(0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210)
-WORD64(0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4)
-WORD64(0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725)
-WORD64(0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70)
-WORD64(0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926)
-WORD64(0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df)
-WORD64(0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8)
-WORD64(0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b)
-WORD64(0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001)
-WORD64(0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30)
-WORD64(0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910)
-WORD64(0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8)
-WORD64(0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53)
-WORD64(0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8)
-WORD64(0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb)
-WORD64(0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3)
-WORD64(0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60)
-WORD64(0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec)
-WORD64(0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9)
-WORD64(0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b)
-WORD64(0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207)
-WORD64(0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178)
-WORD64(0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6)
-WORD64(0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b)
-WORD64(0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493)
-WORD64(0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c)
-WORD64(0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a)
-WORD64(0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817)
-.size	K512,.-K512
-.LOPENSSL_armcap:
-.word	OPENSSL_armcap_P-sha512_block_data_order
-.skip	32-4
-
-.global	sha512_block_data_order
-.type	sha512_block_data_order,%function
-sha512_block_data_order:
-	sub	r3,pc,#8		@ sha512_block_data_order
-	add	$len,$inp,$len,lsl#7	@ len to point at the end of inp
-#if __ARM_ARCH__>=7
-	ldr	r12,.LOPENSSL_armcap
-	ldr	r12,[r3,r12]		@ OPENSSL_armcap_P
-	tst	r12,#1
-	bne	.LNEON
-#endif
-	stmdb	sp!,{r4-r12,lr}
-	sub	$Ktbl,r3,#672		@ K512
-	sub	sp,sp,#9*8
-
-	ldr	$Elo,[$ctx,#$Eoff+$lo]
-	ldr	$Ehi,[$ctx,#$Eoff+$hi]
-	ldr	$t0, [$ctx,#$Goff+$lo]
-	ldr	$t1, [$ctx,#$Goff+$hi]
-	ldr	$t2, [$ctx,#$Hoff+$lo]
-	ldr	$t3, [$ctx,#$Hoff+$hi]
-.Loop:
-	str	$t0, [sp,#$Goff+0]
-	str	$t1, [sp,#$Goff+4]
-	str	$t2, [sp,#$Hoff+0]
-	str	$t3, [sp,#$Hoff+4]
-	ldr	$Alo,[$ctx,#$Aoff+$lo]
-	ldr	$Ahi,[$ctx,#$Aoff+$hi]
-	ldr	$Tlo,[$ctx,#$Boff+$lo]
-	ldr	$Thi,[$ctx,#$Boff+$hi]
-	ldr	$t0, [$ctx,#$Coff+$lo]
-	ldr	$t1, [$ctx,#$Coff+$hi]
-	ldr	$t2, [$ctx,#$Doff+$lo]
-	ldr	$t3, [$ctx,#$Doff+$hi]
-	str	$Tlo,[sp,#$Boff+0]
-	str	$Thi,[sp,#$Boff+4]
-	str	$t0, [sp,#$Coff+0]
-	str	$t1, [sp,#$Coff+4]
-	str	$t2, [sp,#$Doff+0]
-	str	$t3, [sp,#$Doff+4]
-	ldr	$Tlo,[$ctx,#$Foff+$lo]
-	ldr	$Thi,[$ctx,#$Foff+$hi]
-	str	$Tlo,[sp,#$Foff+0]
-	str	$Thi,[sp,#$Foff+4]
-
-.L00_15:
-#if __ARM_ARCH__<7
-	ldrb	$Tlo,[$inp,#7]
-	ldrb	$t0, [$inp,#6]
-	ldrb	$t1, [$inp,#5]
-	ldrb	$t2, [$inp,#4]
-	ldrb	$Thi,[$inp,#3]
-	ldrb	$t3, [$inp,#2]
-	orr	$Tlo,$Tlo,$t0,lsl#8
-	ldrb	$t0, [$inp,#1]
-	orr	$Tlo,$Tlo,$t1,lsl#16
-	ldrb	$t1, [$inp],#8
-	orr	$Tlo,$Tlo,$t2,lsl#24
-	orr	$Thi,$Thi,$t3,lsl#8
-	orr	$Thi,$Thi,$t0,lsl#16
-	orr	$Thi,$Thi,$t1,lsl#24
-#else
-	ldr	$Tlo,[$inp,#4]
-	ldr	$Thi,[$inp],#8
-#ifdef __ARMEL__
-	rev	$Tlo,$Tlo
-	rev	$Thi,$Thi
-#endif
-#endif
-___
-	&BODY_00_15(0x94);
-$code.=<<___;
-	tst	$Ktbl,#1
-	beq	.L00_15
-	ldr	$t0,[sp,#`$Xoff+8*(16-1)`+0]
-	ldr	$t1,[sp,#`$Xoff+8*(16-1)`+4]
-	bic	$Ktbl,$Ktbl,#1
-.L16_79:
-	@ sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
-	@ LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
-	@ HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
-	mov	$Tlo,$t0,lsr#1
-	ldr	$t2,[sp,#`$Xoff+8*(16-14)`+0]
-	mov	$Thi,$t1,lsr#1
-	ldr	$t3,[sp,#`$Xoff+8*(16-14)`+4]
-	eor	$Tlo,$Tlo,$t1,lsl#31
-	eor	$Thi,$Thi,$t0,lsl#31
-	eor	$Tlo,$Tlo,$t0,lsr#8
-	eor	$Thi,$Thi,$t1,lsr#8
-	eor	$Tlo,$Tlo,$t1,lsl#24
-	eor	$Thi,$Thi,$t0,lsl#24
-	eor	$Tlo,$Tlo,$t0,lsr#7
-	eor	$Thi,$Thi,$t1,lsr#7
-	eor	$Tlo,$Tlo,$t1,lsl#25
-
-	@ sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
-	@ LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
-	@ HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
-	mov	$t0,$t2,lsr#19
-	mov	$t1,$t3,lsr#19
-	eor	$t0,$t0,$t3,lsl#13
-	eor	$t1,$t1,$t2,lsl#13
-	eor	$t0,$t0,$t3,lsr#29
-	eor	$t1,$t1,$t2,lsr#29
-	eor	$t0,$t0,$t2,lsl#3
-	eor	$t1,$t1,$t3,lsl#3
-	eor	$t0,$t0,$t2,lsr#6
-	eor	$t1,$t1,$t3,lsr#6
-	ldr	$t2,[sp,#`$Xoff+8*(16-9)`+0]
-	eor	$t0,$t0,$t3,lsl#26
-
-	ldr	$t3,[sp,#`$Xoff+8*(16-9)`+4]
-	adds	$Tlo,$Tlo,$t0
-	ldr	$t0,[sp,#`$Xoff+8*16`+0]
-	adc	$Thi,$Thi,$t1
-
-	ldr	$t1,[sp,#`$Xoff+8*16`+4]
-	adds	$Tlo,$Tlo,$t2
-	adc	$Thi,$Thi,$t3
-	adds	$Tlo,$Tlo,$t0
-	adc	$Thi,$Thi,$t1
-___
-	&BODY_00_15(0x17);
-$code.=<<___;
-	ldreq	$t0,[sp,#`$Xoff+8*(16-1)`+0]
-	ldreq	$t1,[sp,#`$Xoff+8*(16-1)`+4]
-	beq	.L16_79
-	bic	$Ktbl,$Ktbl,#1
-
-	ldr	$Tlo,[sp,#$Boff+0]
-	ldr	$Thi,[sp,#$Boff+4]
-	ldr	$t0, [$ctx,#$Aoff+$lo]
-	ldr	$t1, [$ctx,#$Aoff+$hi]
-	ldr	$t2, [$ctx,#$Boff+$lo]
-	ldr	$t3, [$ctx,#$Boff+$hi]
-	adds	$t0,$Alo,$t0
-	str	$t0, [$ctx,#$Aoff+$lo]
-	adc	$t1,$Ahi,$t1
-	str	$t1, [$ctx,#$Aoff+$hi]
-	adds	$t2,$Tlo,$t2
-	str	$t2, [$ctx,#$Boff+$lo]
-	adc	$t3,$Thi,$t3
-	str	$t3, [$ctx,#$Boff+$hi]
-
-	ldr	$Alo,[sp,#$Coff+0]
-	ldr	$Ahi,[sp,#$Coff+4]
-	ldr	$Tlo,[sp,#$Doff+0]
-	ldr	$Thi,[sp,#$Doff+4]
-	ldr	$t0, [$ctx,#$Coff+$lo]
-	ldr	$t1, [$ctx,#$Coff+$hi]
-	ldr	$t2, [$ctx,#$Doff+$lo]
-	ldr	$t3, [$ctx,#$Doff+$hi]
-	adds	$t0,$Alo,$t0
-	str	$t0, [$ctx,#$Coff+$lo]
-	adc	$t1,$Ahi,$t1
-	str	$t1, [$ctx,#$Coff+$hi]
-	adds	$t2,$Tlo,$t2
-	str	$t2, [$ctx,#$Doff+$lo]
-	adc	$t3,$Thi,$t3
-	str	$t3, [$ctx,#$Doff+$hi]
-
-	ldr	$Tlo,[sp,#$Foff+0]
-	ldr	$Thi,[sp,#$Foff+4]
-	ldr	$t0, [$ctx,#$Eoff+$lo]
-	ldr	$t1, [$ctx,#$Eoff+$hi]
-	ldr	$t2, [$ctx,#$Foff+$lo]
-	ldr	$t3, [$ctx,#$Foff+$hi]
-	adds	$Elo,$Elo,$t0
-	str	$Elo,[$ctx,#$Eoff+$lo]
-	adc	$Ehi,$Ehi,$t1
-	str	$Ehi,[$ctx,#$Eoff+$hi]
-	adds	$t2,$Tlo,$t2
-	str	$t2, [$ctx,#$Foff+$lo]
-	adc	$t3,$Thi,$t3
-	str	$t3, [$ctx,#$Foff+$hi]
-
-	ldr	$Alo,[sp,#$Goff+0]
-	ldr	$Ahi,[sp,#$Goff+4]
-	ldr	$Tlo,[sp,#$Hoff+0]
-	ldr	$Thi,[sp,#$Hoff+4]
-	ldr	$t0, [$ctx,#$Goff+$lo]
-	ldr	$t1, [$ctx,#$Goff+$hi]
-	ldr	$t2, [$ctx,#$Hoff+$lo]
-	ldr	$t3, [$ctx,#$Hoff+$hi]
-	adds	$t0,$Alo,$t0
-	str	$t0, [$ctx,#$Goff+$lo]
-	adc	$t1,$Ahi,$t1
-	str	$t1, [$ctx,#$Goff+$hi]
-	adds	$t2,$Tlo,$t2
-	str	$t2, [$ctx,#$Hoff+$lo]
-	adc	$t3,$Thi,$t3
-	str	$t3, [$ctx,#$Hoff+$hi]
-
-	add	sp,sp,#640
-	sub	$Ktbl,$Ktbl,#640
-
-	teq	$inp,$len
-	bne	.Loop
-
-	add	sp,sp,#8*9		@ destroy frame
-#if __ARM_ARCH__>=5
-	ldmia	sp!,{r4-r12,pc}
-#else
-	ldmia	sp!,{r4-r12,lr}
-	tst	lr,#1
-	moveq	pc,lr			@ be binary compatible with V4, yet
-	bx	lr			@ interoperable with Thumb ISA:-)
-#endif
-___
-
-{
-my @Sigma0=(28,34,39);
-my @Sigma1=(14,18,41);
-my @sigma0=(1, 8, 7);
-my @sigma1=(19,61,6);
-
-my $Ktbl="r3";
-my $cnt="r12";	# volatile register known as ip, intra-procedure-call scratch
-
-my @X=map("d$_",(0..15));
-my @V=($A,$B,$C,$D,$E,$F,$G,$H)=map("d$_",(16..23));
-
-sub NEON_00_15() {
-my $i=shift;
-my ($a,$b,$c,$d,$e,$f,$g,$h)=@_;
-my ($t0,$t1,$t2,$T1,$K,$Ch,$Maj)=map("d$_",(24..31));	# temps
-
-$code.=<<___ if ($i<16 || $i&1);
-	vshr.u64	$t0,$e,#@Sigma1[0]	@ $i
-#if $i<16
-	vld1.64		{@X[$i%16]},[$inp]!	@ handles unaligned
-#endif
-	vshr.u64	$t1,$e,#@Sigma1[1]
-	vshr.u64	$t2,$e,#@Sigma1[2]
-___
-$code.=<<___;
-	vld1.64		{$K},[$Ktbl,:64]!	@ K[i++]
-	vsli.64		$t0,$e,#`64-@Sigma1[0]`
-	vsli.64		$t1,$e,#`64-@Sigma1[1]`
-	vsli.64		$t2,$e,#`64-@Sigma1[2]`
-#if $i<16 && defined(__ARMEL__)
-	vrev64.8	@X[$i],@X[$i]
-#endif
-	vadd.i64	$T1,$K,$h
-	veor		$Ch,$f,$g
-	veor		$t0,$t1
-	vand		$Ch,$e
-	veor		$t0,$t2			@ Sigma1(e)
-	veor		$Ch,$g			@ Ch(e,f,g)
-	vadd.i64	$T1,$t0
-	vshr.u64	$t0,$a,#@Sigma0[0]
-	vadd.i64	$T1,$Ch
-	vshr.u64	$t1,$a,#@Sigma0[1]
-	vshr.u64	$t2,$a,#@Sigma0[2]
-	vsli.64		$t0,$a,#`64-@Sigma0[0]`
-	vsli.64		$t1,$a,#`64-@Sigma0[1]`
-	vsli.64		$t2,$a,#`64-@Sigma0[2]`
-	vadd.i64	$T1,@X[$i%16]
-	vorr		$Maj,$a,$c
-	vand		$Ch,$a,$c
-	veor		$h,$t0,$t1
-	vand		$Maj,$b
-	veor		$h,$t2			@ Sigma0(a)
-	vorr		$Maj,$Ch		@ Maj(a,b,c)
-	vadd.i64	$h,$T1
-	vadd.i64	$d,$T1
-	vadd.i64	$h,$Maj
-___
-}
-
-sub NEON_16_79() {
-my $i=shift;
-
-if ($i&1)	{ &NEON_00_15($i,@_); return; }
-
-# 2x-vectorized, therefore runs every 2nd round
-my @X=map("q$_",(0..7));			# view @X as 128-bit vector
-my ($t0,$t1,$s0,$s1) = map("q$_",(12..15));	# temps
-my ($d0,$d1,$d2) = map("d$_",(24..26));		# temps from NEON_00_15
-my $e=@_[4];					# $e from NEON_00_15
-$i /= 2;
-$code.=<<___;
-	vshr.u64	$t0,@X[($i+7)%8],#@sigma1[0]
-	vshr.u64	$t1,@X[($i+7)%8],#@sigma1[1]
-	vshr.u64	$s1,@X[($i+7)%8],#@sigma1[2]
-	vsli.64		$t0,@X[($i+7)%8],#`64-@sigma1[0]`
-	vext.8		$s0,@X[$i%8],@X[($i+1)%8],#8	@ X[i+1]
-	vsli.64		$t1,@X[($i+7)%8],#`64-@sigma1[1]`
-	veor		$s1,$t0
-	vshr.u64	$t0,$s0,#@sigma0[0]
-	veor		$s1,$t1				@ sigma1(X[i+14])
-	vshr.u64	$t1,$s0,#@sigma0[1]
-	vadd.i64	@X[$i%8],$s1
-	vshr.u64	$s1,$s0,#@sigma0[2]
-	vsli.64		$t0,$s0,#`64-@sigma0[0]`
-	vsli.64		$t1,$s0,#`64-@sigma0[1]`
-	vext.8		$s0,@X[($i+4)%8],@X[($i+5)%8],#8	@ X[i+9]
-	veor		$s1,$t0
-	vshr.u64	$d0,$e,#@Sigma1[0]		@ from NEON_00_15
-	vadd.i64	@X[$i%8],$s0
-	vshr.u64	$d1,$e,#@Sigma1[1]		@ from NEON_00_15
-	veor		$s1,$t1				@ sigma0(X[i+1])
-	vshr.u64	$d2,$e,#@Sigma1[2]		@ from NEON_00_15
-	vadd.i64	@X[$i%8],$s1
-___
-	&NEON_00_15(2*$i,@_);
-}
-
-$code.=<<___;
-#if __ARM_ARCH__>=7
-.fpu	neon
-
-.align	4
-.LNEON:
-	dmb				@ errata #451034 on early Cortex A8
-	vstmdb	sp!,{d8-d15}		@ ABI specification says so
-	sub	$Ktbl,r3,#672		@ K512
-	vldmia	$ctx,{$A-$H}		@ load context
-.Loop_neon:
-___
-for($i=0;$i<16;$i++)	{ &NEON_00_15($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	mov		$cnt,#4
-.L16_79_neon:
-	subs		$cnt,#1
-___
-for(;$i<32;$i++)	{ &NEON_16_79($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	bne		.L16_79_neon
-
-	vldmia		$ctx,{d24-d31}	@ load context to temp
-	vadd.i64	q8,q12		@ vectorized accumulate
-	vadd.i64	q9,q13
-	vadd.i64	q10,q14
-	vadd.i64	q11,q15
-	vstmia		$ctx,{$A-$H}	@ save context
-	teq		$inp,$len
-	sub		$Ktbl,#640	@ rewind K512
-	bne		.Loop_neon
-
-	vldmia	sp!,{d8-d15}		@ epilogue
-	bx	lr
-#endif
-___
-}
-$code.=<<___;
-.size	sha512_block_data_order,.-sha512_block_data_order
-.asciz	"SHA512 block transform for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
-.align	2
-.comm	OPENSSL_armcap_P,4,4
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
-print $code;
-close STDOUT; # enforce flush
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-ia64.pl b/lib/libssl/src/crypto/sha/asm/sha512-ia64.pl
deleted file mode 100755
index 1c6ce56522e..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-ia64.pl
+++ /dev/null
@@ -1,672 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# SHA256/512_Transform for Itanium.
-#
-# sha512_block runs in 1003 cycles on Itanium 2, which is almost 50%
-# faster than gcc and >60%(!) faster than code generated by HP-UX
-# compiler (yes, HP-UX is generating slower code, because unlike gcc,
-# it failed to deploy "shift right pair," 'shrp' instruction, which
-# substitutes for 64-bit rotate).
-#
-# 924 cycles long sha256_block outperforms gcc by over factor of 2(!)
-# and HP-UX compiler - by >40% (yes, gcc won sha512_block, but lost
-# this one big time). Note that "formally" 924 is about 100 cycles
-# too much. I mean it's 64 32-bit rounds vs. 80 virtually identical
-# 64-bit ones and 1003*64/80 gives 802. Extra cycles, 2 per round,
-# are spent on extra work to provide for 32-bit rotations. 32-bit
-# rotations are still handled by 'shrp' instruction and for this
-# reason lower 32 bits are deposited to upper half of 64-bit register
-# prior 'shrp' issue. And in order to minimize the amount of such
-# operations, X[16] values are *maintained* with copies of lower
-# halves in upper halves, which is why you'll spot such instructions
-# as custom 'mux2', "parallel 32-bit add," 'padd4' and "parallel
-# 32-bit unsigned right shift," 'pshr4.u' instructions here.
-#
-# Rules of engagement.
-#
-# There is only one integer shifter meaning that if I have two rotate,
-# deposit or extract instructions in adjacent bundles, they shall
-# split [at run-time if they have to]. But note that variable and
-# parallel shifts are performed by multi-media ALU and *are* pairable
-# with rotates [and alike]. On the backside MMALU is rather slow: it
-# takes 2 extra cycles before the result of integer operation is
-# available *to* MMALU and 2(*) extra cycles before the result of MM
-# operation is available "back" *to* integer ALU, not to mention that
-# MMALU itself has 2 cycles latency. However! I explicitly scheduled
-# these MM instructions to avoid MM stalls, so that all these extra
-# latencies get "hidden" in instruction-level parallelism.
-#
-# (*) 2 cycles on Itanium 1 and 1 cycle on Itanium 2. But I schedule
-#     for 2 in order to provide for best *overall* performance,
-#     because on Itanium 1 stall on MM result is accompanied by
-#     pipeline flush, which takes 6 cycles:-(
-#
-# Resulting performance numbers for 900MHz Itanium 2 system:
-#
-# The 'numbers' are in 1000s of bytes per second processed.
-# type     16 bytes    64 bytes   256 bytes  1024 bytes  8192 bytes
-# sha1(*)   6210.14k   20376.30k   52447.83k   85870.05k  105478.12k
-# sha256    7476.45k   20572.05k   41538.34k   56062.29k   62093.18k
-# sha512    4996.56k   20026.28k   47597.20k   85278.79k  111501.31k
-#
-# (*) SHA1 numbers are for HP-UX compiler and are presented purely
-#     for reference purposes. I bet it can improved too...
-#
-# To generate code, pass the file name with either 256 or 512 in its
-# name and compiler flags.
-
-$output=shift;
-
-if ($output =~ /512.*\.[s|asm]/) {
-	$SZ=8;
-	$BITS=8*$SZ;
-	$LDW="ld8";
-	$STW="st8";
-	$ADD="add";
-	$SHRU="shr.u";
-	$TABLE="K512";
-	$func="sha512_block_data_order";
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=(1,  8, 7);
-	@sigma1=(19,61, 6);
-	$rounds=80;
-} elsif ($output =~ /256.*\.[s|asm]/) {
-	$SZ=4;
-	$BITS=8*$SZ;
-	$LDW="ld4";
-	$STW="st4";
-	$ADD="padd4";
-	$SHRU="pshr4.u";
-	$TABLE="K256";
-	$func="sha256_block_data_order";
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 7,18, 3);
-	@sigma1=(17,19,10);
-	$rounds=64;
-} else { die "nonsense $output"; }
-
-open STDOUT,">$output" || die "can't open $output: $!";
-
-if ($^O eq "hpux") {
-    $ADDP="addp4";
-    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
-} else { $ADDP="add"; }
-for (@ARGV)  {	$big_endian=1 if (/\-DB_ENDIAN/);
-		$big_endian=0 if (/\-DL_ENDIAN/);  }
-if (!defined($big_endian))
-             {	$big_endian=(unpack('L',pack('N',1))==1);  }
-
-$code=<<___;
-.ident  \"$output, version 1.1\"
-.ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
-.explicit
-.text
-
-pfssave=r2;
-lcsave=r3;
-prsave=r14;
-K=r15;
-A=r16;	B=r17;	C=r18;	D=r19;
-E=r20;	F=r21;	G=r22;	H=r23;
-T1=r24;	T2=r25;
-s0=r26;	s1=r27;	t0=r28;	t1=r29;
-Ktbl=r30;
-ctx=r31;	// 1st arg
-input=r48;	// 2nd arg
-num=r49;	// 3rd arg
-sgm0=r50;	sgm1=r51;	// small constants
-A_=r54;	B_=r55;	C_=r56;	D_=r57;
-E_=r58;	F_=r59;	G_=r60;	H_=r61;
-
-// void $func (SHA_CTX *ctx, const void *in,size_t num[,int host])
-.global	$func#
-.proc	$func#
-.align	32
-$func:
-	.prologue
-	.save	ar.pfs,pfssave
-{ .mmi;	alloc	pfssave=ar.pfs,3,27,0,16
-	$ADDP	ctx=0,r32		// 1st arg
-	.save	ar.lc,lcsave
-	mov	lcsave=ar.lc	}
-{ .mmi;	$ADDP	input=0,r33		// 2nd arg
-	mov	num=r34			// 3rd arg
-	.save	pr,prsave
-	mov	prsave=pr	};;
-
-	.body
-{ .mib;	add	r8=0*$SZ,ctx
-	add	r9=1*$SZ,ctx
-	brp.loop.imp	.L_first16,.L_first16_end-16	}
-{ .mib;	add	r10=2*$SZ,ctx
-	add	r11=3*$SZ,ctx
-	brp.loop.imp	.L_rest,.L_rest_end-16		};;
-
-// load A-H
-.Lpic_point:
-{ .mmi;	$LDW	A_=[r8],4*$SZ
-	$LDW	B_=[r9],4*$SZ
-	mov	Ktbl=ip		}
-{ .mmi;	$LDW	C_=[r10],4*$SZ
-	$LDW	D_=[r11],4*$SZ
-	mov	sgm0=$sigma0[2]	};;
-{ .mmi;	$LDW	E_=[r8]
-	$LDW	F_=[r9]
-	add	Ktbl=($TABLE#-.Lpic_point),Ktbl		}
-{ .mmi;	$LDW	G_=[r10]
-	$LDW	H_=[r11]
-	cmp.ne	p0,p16=0,r0	};;	// used in sha256_block
-___
-$code.=<<___ if ($BITS==64);
-{ .mii;	and	r8=7,input
-	and	input=~7,input;;
-	cmp.eq	p9,p0=1,r8	}
-{ .mmi;	cmp.eq	p10,p0=2,r8
-	cmp.eq	p11,p0=3,r8
-	cmp.eq	p12,p0=4,r8	}
-{ .mmi;	cmp.eq	p13,p0=5,r8
-	cmp.eq	p14,p0=6,r8
-	cmp.eq	p15,p0=7,r8	};;
-___
-$code.=<<___;
-.L_outer:
-.rotr	X[16]
-{ .mmi;	mov	A=A_
-	mov	B=B_
-	mov	ar.lc=14	}
-{ .mmi;	mov	C=C_
-	mov	D=D_
-	mov	E=E_		}
-{ .mmi;	mov	F=F_
-	mov	G=G_
-	mov	ar.ec=2		}
-{ .mmi;	ld1	X[15]=[input],$SZ		// eliminated in 64-bit
-	mov	H=H_
-	mov	sgm1=$sigma1[2]	};;
-
-___
-$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32);
-.align	32
-.L_first16:
-{ .mmi;		add	r9=1-$SZ,input
-		add	r10=2-$SZ,input
-		add	r11=3-$SZ,input	};;
-{ .mmi;		ld1	r9=[r9]
-		ld1	r10=[r10]
-		dep.z	$t1=E,32,32	}
-{ .mmi;		$LDW	K=[Ktbl],$SZ
-		ld1	r11=[r11]
-		zxt4	E=E		};;
-{ .mii;		or	$t1=$t1,E
-		dep	X[15]=X[15],r9,8,8
-		dep	r11=r10,r11,8,8	};;
-{ .mmi;		and	T1=F,E
-		and	T2=A,B
-		dep	X[15]=X[15],r11,16,16	}
-{ .mmi;		andcm	r8=G,E
-		and	r9=A,C
-		mux2	$t0=A,0x44	};;	// copy lower half to upper
-{ .mmi;	(p16)	ld1	X[15-1]=[input],$SZ	// prefetch
-		xor	T1=T1,r8		// T1=((e & f) ^ (~e & g))
-		_rotr	r11=$t1,$Sigma1[0] }	// ROTR(e,14)
-{ .mib;		and	r10=B,C
-		xor	T2=T2,r9	};;
-___
-$t0="A", $t1="E", $code.=<<___ if ($BITS==64);
-// in 64-bit mode I load whole X[16] at once and take care of alignment...
-{ .mmi;	add	r8=1*$SZ,input
-	add	r9=2*$SZ,input
-	add	r10=3*$SZ,input		};;
-{ .mmb;	$LDW	X[15]=[input],4*$SZ
-	$LDW	X[14]=[r8],4*$SZ
-(p9)	br.cond.dpnt.many	.L1byte	};;
-{ .mmb;	$LDW	X[13]=[r9],4*$SZ
-	$LDW	X[12]=[r10],4*$SZ
-(p10)	br.cond.dpnt.many	.L2byte	};;
-{ .mmb;	$LDW	X[11]=[input],4*$SZ
-	$LDW	X[10]=[r8],4*$SZ
-(p11)	br.cond.dpnt.many	.L3byte	};;
-{ .mmb;	$LDW	X[ 9]=[r9],4*$SZ
-	$LDW	X[ 8]=[r10],4*$SZ
-(p12)	br.cond.dpnt.many	.L4byte	};;
-{ .mmb;	$LDW	X[ 7]=[input],4*$SZ
-	$LDW	X[ 6]=[r8],4*$SZ
-(p13)	br.cond.dpnt.many	.L5byte	};;
-{ .mmb;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-(p14)	br.cond.dpnt.many	.L6byte	};;
-{ .mmb;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-(p15)	br.cond.dpnt.many	.L7byte	};;
-{ .mmb;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	br.many	.L_first16		};;
-.L1byte:
-{ .mmi;	$LDW	X[13]=[r9],4*$SZ
-	$LDW	X[12]=[r10],4*$SZ
-	shrp	X[15]=X[15],X[14],56	};;
-{ .mmi;	$LDW	X[11]=[input],4*$SZ
-	$LDW	X[10]=[r8],4*$SZ
-	shrp	X[14]=X[14],X[13],56	}
-{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
-	$LDW	X[ 8]=[r10],4*$SZ
-	shrp	X[13]=X[13],X[12],56	};;
-{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
-	$LDW	X[ 6]=[r8],4*$SZ
-	shrp	X[12]=X[12],X[11],56	}
-{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-	shrp	X[11]=X[11],X[10],56	};;
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[10]=X[10],X[ 9],56	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[ 9]=X[ 9],X[ 8],56	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[ 8]=X[ 8],X[ 7],56
-	shrp	X[ 7]=X[ 7],X[ 6],56	}
-{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],56
-	shrp	X[ 5]=X[ 5],X[ 4],56	};;
-{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],56
-	shrp	X[ 3]=X[ 3],X[ 2],56	}
-{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],56
-	shrp	X[ 1]=X[ 1],X[ 0],56	}
-{ .mib;	shrp	X[ 0]=X[ 0],T1,56
-	br.many	.L_first16		};;
-.L2byte:
-{ .mmi;	$LDW	X[11]=[input],4*$SZ
-	$LDW	X[10]=[r8],4*$SZ
-	shrp	X[15]=X[15],X[14],48	}
-{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
-	$LDW	X[ 8]=[r10],4*$SZ
-	shrp	X[14]=X[14],X[13],48	};;
-{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
-	$LDW	X[ 6]=[r8],4*$SZ
-	shrp	X[13]=X[13],X[12],48	}
-{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-	shrp	X[12]=X[12],X[11],48	};;
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[11]=X[11],X[10],48	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[10]=X[10],X[ 9],48	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[ 9]=X[ 9],X[ 8],48
-	shrp	X[ 8]=X[ 8],X[ 7],48	}
-{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],48
-	shrp	X[ 6]=X[ 6],X[ 5],48	};;
-{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],48
-	shrp	X[ 4]=X[ 4],X[ 3],48	}
-{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],48
-	shrp	X[ 2]=X[ 2],X[ 1],48	}
-{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],48
-	shrp	X[ 0]=X[ 0],T1,48	}
-{ .mfb;	br.many	.L_first16		};;
-.L3byte:
-{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
-	$LDW	X[ 8]=[r10],4*$SZ
-	shrp	X[15]=X[15],X[14],40	};;
-{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
-	$LDW	X[ 6]=[r8],4*$SZ
-	shrp	X[14]=X[14],X[13],40	}
-{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-	shrp	X[13]=X[13],X[12],40	};;
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[12]=X[12],X[11],40	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[11]=X[11],X[10],40	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[10]=X[10],X[ 9],40
-	shrp	X[ 9]=X[ 9],X[ 8],40	}
-{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],40
-	shrp	X[ 7]=X[ 7],X[ 6],40	};;
-{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],40
-	shrp	X[ 5]=X[ 5],X[ 4],40	}
-{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],40
-	shrp	X[ 3]=X[ 3],X[ 2],40	}
-{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],40
-	shrp	X[ 1]=X[ 1],X[ 0],40	}
-{ .mib;	shrp	X[ 0]=X[ 0],T1,40
-	br.many	.L_first16		};;
-.L4byte:
-{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
-	$LDW	X[ 6]=[r8],4*$SZ
-	shrp	X[15]=X[15],X[14],32	}
-{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-	shrp	X[14]=X[14],X[13],32	};;
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[13]=X[13],X[12],32	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[12]=X[12],X[11],32	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[11]=X[11],X[10],32
-	shrp	X[10]=X[10],X[ 9],32	}
-{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],32
-	shrp	X[ 8]=X[ 8],X[ 7],32	};;
-{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],32
-	shrp	X[ 6]=X[ 6],X[ 5],32	}
-{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],32
-	shrp	X[ 4]=X[ 4],X[ 3],32	}
-{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],32
-	shrp	X[ 2]=X[ 2],X[ 1],32	}
-{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],32
-	shrp	X[ 0]=X[ 0],T1,32	}
-{ .mfb;	br.many	.L_first16		};;
-.L5byte:
-{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
-	$LDW	X[ 4]=[r10],4*$SZ
-	shrp	X[15]=X[15],X[14],24	};;
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[14]=X[14],X[13],24	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[13]=X[13],X[12],24	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[12]=X[12],X[11],24
-	shrp	X[11]=X[11],X[10],24	}
-{ .mii;	shrp	X[10]=X[10],X[ 9],24
-	shrp	X[ 9]=X[ 9],X[ 8],24	};;
-{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],24
-	shrp	X[ 7]=X[ 7],X[ 6],24	}
-{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],24
-	shrp	X[ 5]=X[ 5],X[ 4],24	}
-{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],24
-	shrp	X[ 3]=X[ 3],X[ 2],24	}
-{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],24
-	shrp	X[ 1]=X[ 1],X[ 0],24	}
-{ .mib;	shrp	X[ 0]=X[ 0],T1,24
-	br.many	.L_first16		};;
-.L6byte:
-{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
-	$LDW	X[ 2]=[r8],4*$SZ
-	shrp	X[15]=X[15],X[14],16	}
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[14]=X[14],X[13],16	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[13]=X[13],X[12],16
-	shrp	X[12]=X[12],X[11],16	}
-{ .mii;	shrp	X[11]=X[11],X[10],16
-	shrp	X[10]=X[10],X[ 9],16	};;
-{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],16
-	shrp	X[ 8]=X[ 8],X[ 7],16	}
-{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],16
-	shrp	X[ 6]=X[ 6],X[ 5],16	}
-{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],16
-	shrp	X[ 4]=X[ 4],X[ 3],16	}
-{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],16
-	shrp	X[ 2]=X[ 2],X[ 1],16	}
-{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],16
-	shrp	X[ 0]=X[ 0],T1,16	}
-{ .mfb;	br.many	.L_first16		};;
-.L7byte:
-{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
-	$LDW	X[ 0]=[r10],4*$SZ
-	shrp	X[15]=X[15],X[14],8	};;
-{ .mii;	$LDW	T1=[input]
-	shrp	X[14]=X[14],X[13],8
-	shrp	X[13]=X[13],X[12],8	}
-{ .mii;	shrp	X[12]=X[12],X[11],8
-	shrp	X[11]=X[11],X[10],8	};;
-{ .mii;	shrp	X[10]=X[10],X[ 9],8
-	shrp	X[ 9]=X[ 9],X[ 8],8	}
-{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],8
-	shrp	X[ 7]=X[ 7],X[ 6],8	}
-{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],8
-	shrp	X[ 5]=X[ 5],X[ 4],8	}
-{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],8
-	shrp	X[ 3]=X[ 3],X[ 2],8	}
-{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],8
-	shrp	X[ 1]=X[ 1],X[ 0],8	}
-{ .mib;	shrp	X[ 0]=X[ 0],T1,8
-	br.many	.L_first16		};;
-
-.align	32
-.L_first16:
-{ .mmi;		$LDW	K=[Ktbl],$SZ
-		and	T1=F,E
-		and	T2=A,B		}
-{ .mmi;		//$LDW	X[15]=[input],$SZ	// X[i]=*input++
-		andcm	r8=G,E
-		and	r9=A,C		};;
-{ .mmi;		xor	T1=T1,r8		//T1=((e & f) ^ (~e & g))
-		and	r10=B,C
-		_rotr	r11=$t1,$Sigma1[0] }	// ROTR(e,14)
-{ .mmi;		xor	T2=T2,r9
-		mux1	X[15]=X[15],\@rev };;	// eliminated in big-endian
-___
-$code.=<<___;
-{ .mib;		add	T1=T1,H			// T1=Ch(e,f,g)+h
-		_rotr	r8=$t1,$Sigma1[1] }	// ROTR(e,18)
-{ .mib;		xor	T2=T2,r10		// T2=((a & b) ^ (a & c) ^ (b & c))
-		mov	H=G		};;
-{ .mib;		xor	r11=r8,r11
-		_rotr	r9=$t1,$Sigma1[2] }	// ROTR(e,41)
-{ .mib;		mov	G=F
-		mov	F=E		};;
-{ .mib;		xor	r9=r9,r11		// r9=Sigma1(e)
-		_rotr	r10=$t0,$Sigma0[0] }	// ROTR(a,28)
-{ .mib;		add	T1=T1,K			// T1=Ch(e,f,g)+h+K512[i]
-		mov	E=D		};;
-{ .mib;		add	T1=T1,r9		// T1+=Sigma1(e)
-		_rotr	r11=$t0,$Sigma0[1] }	// ROTR(a,34)
-{ .mib;		mov	D=C
-		mov	C=B		};;
-{ .mib;		add	T1=T1,X[15]		// T1+=X[i]
-		_rotr	r8=$t0,$Sigma0[2] }	// ROTR(a,39)
-{ .mib;		xor	r10=r10,r11
-		mux2	X[15]=X[15],0x44 };;	// eliminated in 64-bit
-{ .mmi;		xor	r10=r8,r10		// r10=Sigma0(a)
-		mov	B=A
-		add	A=T1,T2		};;
-{ .mib;		add	E=E,T1
-		add	A=A,r10			// T2=Maj(a,b,c)+Sigma0(a)
-	br.ctop.sptk	.L_first16	};;
-.L_first16_end:
-
-{ .mii;	mov	ar.lc=$rounds-17
-	mov	ar.ec=1			};;
-
-.align	32
-.L_rest:
-.rotr	X[16]
-{ .mib;		$LDW	K=[Ktbl],$SZ
-		_rotr	r8=X[15-1],$sigma0[0] }	// ROTR(s0,1)
-{ .mib; 	$ADD	X[15]=X[15],X[15-9]	// X[i&0xF]+=X[(i+9)&0xF]
-		$SHRU	s0=X[15-1],sgm0	};;	// s0=X[(i+1)&0xF]>>7
-{ .mib;		and	T1=F,E
-		_rotr	r9=X[15-1],$sigma0[1] }	// ROTR(s0,8)
-{ .mib;		andcm	r10=G,E
-		$SHRU	s1=X[15-14],sgm1 };;	// s1=X[(i+14)&0xF]>>6
-{ .mmi;		xor	T1=T1,r10		// T1=((e & f) ^ (~e & g))
-		xor	r9=r8,r9
-		_rotr	r10=X[15-14],$sigma1[0] };;// ROTR(s1,19)
-{ .mib;		and	T2=A,B		
-		_rotr	r11=X[15-14],$sigma1[1] }// ROTR(s1,61)
-{ .mib;		and	r8=A,C		};;
-___
-$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32);
-// I adhere to mmi; in order to hold Itanium 1 back and avoid 6 cycle
-// pipeline flush in last bundle. Note that even on Itanium2 the
-// latter stalls for one clock cycle...
-{ .mmi;		xor	s0=s0,r9		// s0=sigma0(X[(i+1)&0xF])
-		dep.z	$t1=E,32,32	}
-{ .mmi;		xor	r10=r11,r10
-		zxt4	E=E		};;
-{ .mmi;		or	$t1=$t1,E
-		xor	s1=s1,r10		// s1=sigma1(X[(i+14)&0xF])
-		mux2	$t0=A,0x44	};;	// copy lower half to upper
-{ .mmi;		xor	T2=T2,r8
-		_rotr	r9=$t1,$Sigma1[0] }	// ROTR(e,14)
-{ .mmi;		and	r10=B,C
-		add	T1=T1,H			// T1=Ch(e,f,g)+h
-		$ADD	X[15]=X[15],s0	};;	// X[i&0xF]+=sigma0(X[(i+1)&0xF])
-___
-$t0="A", $t1="E", $code.=<<___ if ($BITS==64);
-{ .mib;		xor	s0=s0,r9		// s0=sigma0(X[(i+1)&0xF])
-		_rotr	r9=$t1,$Sigma1[0] }	// ROTR(e,14)
-{ .mib;		xor	r10=r11,r10
-		xor	T2=T2,r8	};;
-{ .mib;		xor	s1=s1,r10		// s1=sigma1(X[(i+14)&0xF])
-		add	T1=T1,H		}
-{ .mib;		and	r10=B,C
-		$ADD	X[15]=X[15],s0	};;	// X[i&0xF]+=sigma0(X[(i+1)&0xF])
-___
-$code.=<<___;
-{ .mmi;		xor	T2=T2,r10		// T2=((a & b) ^ (a & c) ^ (b & c))
-		mov	H=G
-		_rotr	r8=$t1,$Sigma1[1] };;	// ROTR(e,18)
-{ .mmi;		xor	r11=r8,r9
-		$ADD	X[15]=X[15],s1		// X[i&0xF]+=sigma1(X[(i+14)&0xF])
-		_rotr	r9=$t1,$Sigma1[2] }	// ROTR(e,41)
-{ .mmi;		mov	G=F
-		mov	F=E		};;
-{ .mib;		xor	r9=r9,r11		// r9=Sigma1(e)
-		_rotr	r10=$t0,$Sigma0[0] }	// ROTR(a,28)
-{ .mib;		add	T1=T1,K			// T1=Ch(e,f,g)+h+K512[i]
-		mov	E=D		};;
-{ .mib;		add	T1=T1,r9		// T1+=Sigma1(e)
-		_rotr	r11=$t0,$Sigma0[1] }	// ROTR(a,34)
-{ .mib;		mov	D=C
-		mov	C=B		};;
-{ .mmi;		add	T1=T1,X[15]		// T1+=X[i]
-		xor	r10=r10,r11
-		_rotr	r8=$t0,$Sigma0[2] };;	// ROTR(a,39)
-{ .mmi;		xor	r10=r8,r10		// r10=Sigma0(a)
-		mov	B=A
-		add	A=T1,T2		};;
-{ .mib;		add	E=E,T1
-		add	A=A,r10			// T2=Maj(a,b,c)+Sigma0(a)
-	br.ctop.sptk	.L_rest	};;
-.L_rest_end:
-
-{ .mmi;	add	A_=A_,A
-	add	B_=B_,B
-	add	C_=C_,C			}
-{ .mmi;	add	D_=D_,D
-	add	E_=E_,E
-	cmp.ltu	p16,p0=1,num		};;
-{ .mmi;	add	F_=F_,F
-	add	G_=G_,G
-	add	H_=H_,H			}
-{ .mmb;	add	Ktbl=-$SZ*$rounds,Ktbl
-(p16)	add	num=-1,num
-(p16)	br.dptk.many	.L_outer	};;
-
-{ .mib;	add	r8=0*$SZ,ctx
-	add	r9=1*$SZ,ctx		}
-{ .mib;	add	r10=2*$SZ,ctx
-	add	r11=3*$SZ,ctx		};;
-{ .mmi;	$STW	[r8]=A_,4*$SZ
-	$STW	[r9]=B_,4*$SZ
-	mov	ar.lc=lcsave		}
-{ .mmi;	$STW	[r10]=C_,4*$SZ
-	$STW	[r11]=D_,4*$SZ
-	mov	pr=prsave,0x1ffff	};;
-{ .mmb;	$STW	[r8]=E_
-	$STW	[r9]=F_			}
-{ .mmb;	$STW	[r10]=G_
-	$STW	[r11]=H_
-	br.ret.sptk.many	b0	};;
-.endp	$func#
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-$code =~ s/_rotr(\s+)([^=]+)=([^,]+),([0-9]+)/shrp$1$2=$3,$3,$4/gm;
-if ($BITS==64) {
-    $code =~ s/mux2(\s+)\S+/nop.i$1 0x0/gm;
-    $code =~ s/mux1(\s+)\S+/nop.i$1 0x0/gm	if ($big_endian);
-    $code =~ s/(shrp\s+X\[[^=]+)=([^,]+),([^,]+),([1-9]+)/$1=$3,$2,64-$4/gm
-    						if (!$big_endian);
-    $code =~ s/ld1(\s+)X\[\S+/nop.m$1 0x0/gm;
-}
-
-print $code;
-
-print<<___ if ($BITS==32);
-.align	64
-.type	K256#,\@object
-K256:	data4	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	data4	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	data4	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	data4	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	data4	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	data4	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	data4	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	data4	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	data4	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	data4	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	data4	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	data4	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	data4	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	data4	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	data4	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	data4	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-.size	K256#,$SZ*$rounds
-stringz	"SHA256 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
-___
-print<<___ if ($BITS==64);
-.align	64
-.type	K512#,\@object
-K512:	data8	0x428a2f98d728ae22,0x7137449123ef65cd
-	data8	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
-	data8	0x3956c25bf348b538,0x59f111f1b605d019
-	data8	0x923f82a4af194f9b,0xab1c5ed5da6d8118
-	data8	0xd807aa98a3030242,0x12835b0145706fbe
-	data8	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
-	data8	0x72be5d74f27b896f,0x80deb1fe3b1696b1
-	data8	0x9bdc06a725c71235,0xc19bf174cf692694
-	data8	0xe49b69c19ef14ad2,0xefbe4786384f25e3
-	data8	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
-	data8	0x2de92c6f592b0275,0x4a7484aa6ea6e483
-	data8	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
-	data8	0x983e5152ee66dfab,0xa831c66d2db43210
-	data8	0xb00327c898fb213f,0xbf597fc7beef0ee4
-	data8	0xc6e00bf33da88fc2,0xd5a79147930aa725
-	data8	0x06ca6351e003826f,0x142929670a0e6e70
-	data8	0x27b70a8546d22ffc,0x2e1b21385c26c926
-	data8	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
-	data8	0x650a73548baf63de,0x766a0abb3c77b2a8
-	data8	0x81c2c92e47edaee6,0x92722c851482353b
-	data8	0xa2bfe8a14cf10364,0xa81a664bbc423001
-	data8	0xc24b8b70d0f89791,0xc76c51a30654be30
-	data8	0xd192e819d6ef5218,0xd69906245565a910
-	data8	0xf40e35855771202a,0x106aa07032bbd1b8
-	data8	0x19a4c116b8d2d0c8,0x1e376c085141ab53
-	data8	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
-	data8	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
-	data8	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
-	data8	0x748f82ee5defb2fc,0x78a5636f43172f60
-	data8	0x84c87814a1f0ab72,0x8cc702081a6439ec
-	data8	0x90befffa23631e28,0xa4506cebde82bde9
-	data8	0xbef9a3f7b2c67915,0xc67178f2e372532b
-	data8	0xca273eceea26619c,0xd186b8c721c0c207
-	data8	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
-	data8	0x06f067aa72176fba,0x0a637dc5a2c898a6
-	data8	0x113f9804bef90dae,0x1b710b35131c471b
-	data8	0x28db77f523047d84,0x32caab7b40c72493
-	data8	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
-	data8	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
-	data8	0x5fcb6fab3ad6faec,0x6c44198c4a475817
-.size	K512#,$SZ*$rounds
-stringz	"SHA512 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
-___
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-mips.pl b/lib/libssl/src/crypto/sha/asm/sha512-mips.pl
deleted file mode 100644
index 495a000695a..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-mips.pl
+++ /dev/null
@@ -1,457 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA2 block procedures for MIPS.
-
-# October 2010.
-#
-# SHA256 performance improvement on MIPS R5000 CPU is ~27% over gcc-
-# generated code in o32 build and ~55% in n32/64 build. SHA512 [which
-# for now can only be compiled for MIPS64 ISA] improvement is modest
-# ~17%, but it comes for free, because it's same instruction sequence.
-# Improvement coefficients are for aligned input.
-
-######################################################################
-# There is a number of MIPS ABI in use, O32 and N32/64 are most
-# widely used. Then there is a new contender: NUBI. It appears that if
-# one picks the latter, it's possible to arrange code in ABI neutral
-# manner. Therefore let's stick to NUBI register layout:
-#
-($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
-($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
-($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
-#
-# The return value is placed in $a0. Following coding rules facilitate
-# interoperability:
-#
-# - never ever touch $tp, "thread pointer", former $gp [o32 can be
-#   excluded from the rule, because it's specified volatile];
-# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
-#   old code];
-# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
-#
-# For reference here is register layout for N32/64 MIPS ABIs:
-#
-# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
-# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
-# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
-# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
-# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
-#
-$flavour = shift; # supported flavours are o32,n32,64,nubi32,nubi64
-
-if ($flavour =~ /64/i) {
-	$LA="dla";
-} else {
-	$LA="la";
-}
-
-if ($flavour =~ /64|n32/i) {
-	$PTR_ADD="dadd";	# incidentally works even on n32
-	$PTR_SUB="dsub";	# incidentally works even on n32
-	$REG_S="sd";
-	$REG_L="ld";
-	$PTR_SLL="dsll";	# incidentally works even on n32
-	$SZREG=8;
-} else {
-	$PTR_ADD="add";
-	$PTR_SUB="sub";
-	$REG_S="sw";
-	$REG_L="lw";
-	$PTR_SLL="sll";
-	$SZREG=4;
-}
-$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
-#
-# <appro@openssl.org>
-#
-######################################################################
-
-$big_endian=(`echo MIPSEL | $ENV{CC} -E -P -`=~/MIPSEL/)?1:0;
-
-for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);	}
-open STDOUT,">$output";
-
-if (!defined($big_endian)) { $big_endian=(unpack('L',pack('N',1))==1); }
-
-if ($output =~ /512/) {
-	$label="512";
-	$SZ=8;
-	$LD="ld";		# load from memory
-	$ST="sd";		# store to memory
-	$SLL="dsll";		# shift left logical
-	$SRL="dsrl";		# shift right logical
-	$ADDU="daddu";
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=( 7, 1, 8);	# right shift first
-	@sigma1=( 6,19,61);	# right shift first
-	$lastK=0x817;
-	$rounds=80;
-} else {
-	$label="256";
-	$SZ=4;
-	$LD="lw";		# load from memory
-	$ST="sw";		# store to memory
-	$SLL="sll";		# shift left logical
-	$SRL="srl";		# shift right logical
-	$ADDU="addu";
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 3, 7,18);	# right shift first
-	@sigma1=(10,17,19);	# right shift first
-	$lastK=0x8f2;
-	$rounds=64;
-}
-
-$MSB = $big_endian ? 0 : ($SZ-1);
-$LSB = ($SZ-1)&~$MSB;
-
-@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("\$$_",(1,2,3,7,24,25,30,31));
-@X=map("\$$_",(8..23));
-
-$ctx=$a0;
-$inp=$a1;
-$len=$a2;	$Ktbl=$len;
-
-sub BODY_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-my ($T1,$tmp0,$tmp1,$tmp2)=(@X[4],@X[5],@X[6],@X[7]);
-
-$code.=<<___ if ($i<15);
-	${LD}l	@X[1],`($i+1)*$SZ+$MSB`($inp)
-	${LD}r	@X[1],`($i+1)*$SZ+$LSB`($inp)
-___
-$code.=<<___	if (!$big_endian && $i<16 && $SZ==4);
-	srl	$tmp0,@X[0],24		# byte swap($i)
-	srl	$tmp1,@X[0],8
-	andi	$tmp2,@X[0],0xFF00
-	sll	@X[0],@X[0],24
-	andi	$tmp1,0xFF00
-	sll	$tmp2,$tmp2,8
-	or	@X[0],$tmp0
-	or	$tmp1,$tmp2
-	or	@X[0],$tmp1
-___
-$code.=<<___	if (!$big_endian && $i<16 && $SZ==8);
-	ori	$tmp0,$zero,0xFF
-	dsll	$tmp2,$tmp0,32
-	or	$tmp0,$tmp2		# 0x000000FF000000FF
-	and	$tmp1,@X[0],$tmp0	# byte swap($i)
-	dsrl	$tmp2,@X[0],24
-	dsll	$tmp1,24
-	and	$tmp2,$tmp0
-	dsll	$tmp0,8			# 0x0000FF000000FF00
-	or	$tmp1,$tmp2
-	and	$tmp2,@X[0],$tmp0
-	dsrl	@X[0],8
-	dsll	$tmp2,8
-	and	@X[0],$tmp0
-	or	$tmp1,$tmp2
-	or	@X[0],$tmp1
-	dsrl	$tmp1,@X[0],32
-	dsll	@X[0],32
-	or	@X[0],$tmp1
-___
-$code.=<<___;
-	$ADDU	$T1,$X[0],$h			# $i
-	$SRL	$h,$e,@Sigma1[0]
-	xor	$tmp2,$f,$g
-	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[2]`
-	and	$tmp2,$e
-	$SRL	$tmp0,$e,@Sigma1[1]
-	xor	$h,$tmp1
-	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[1]`
-	xor	$h,$tmp0
-	$SRL	$tmp0,$e,@Sigma1[2]
-	xor	$h,$tmp1
-	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[0]`
-	xor	$h,$tmp0
-	xor	$tmp2,$g			# Ch(e,f,g)
-	xor	$tmp0,$tmp1,$h			# Sigma1(e)
-
-	$SRL	$h,$a,@Sigma0[0]
-	$ADDU	$T1,$tmp2
-	$LD	$tmp2,`$i*$SZ`($Ktbl)		# K[$i]
-	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[2]`
-	$ADDU	$T1,$tmp0
-	$SRL	$tmp0,$a,@Sigma0[1]
-	xor	$h,$tmp1
-	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[1]`
-	xor	$h,$tmp0
-	$SRL	$tmp0,$a,@Sigma0[2]
-	xor	$h,$tmp1
-	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[0]`
-	xor	$h,$tmp0
-	$ST	@X[0],`($i%16)*$SZ`($sp)	# offload to ring buffer
-	xor	$h,$tmp1			# Sigma0(a)
-
-	or	$tmp0,$a,$b
-	and	$tmp1,$a,$b
-	and	$tmp0,$c
-	or	$tmp1,$tmp0			# Maj(a,b,c)
-	$ADDU	$T1,$tmp2			# +=K[$i]
-	$ADDU	$h,$tmp1
-
-	$ADDU	$d,$T1
-	$ADDU	$h,$T1
-___
-$code.=<<___ if ($i>=13);
-	$LD	@X[3],`(($i+3)%16)*$SZ`($sp)	# prefetch from ring buffer
-___
-}
-
-sub BODY_16_XX {
-my $i=@_[0];
-my ($tmp0,$tmp1,$tmp2,$tmp3)=(@X[4],@X[5],@X[6],@X[7]);
-
-$code.=<<___;
-	$SRL	$tmp2,@X[1],@sigma0[0]		# Xupdate($i)
-	$ADDU	@X[0],@X[9]			# +=X[i+9]
-	$SLL	$tmp1,@X[1],`$SZ*8-@sigma0[2]`
-	$SRL	$tmp0,@X[1],@sigma0[1]
-	xor	$tmp2,$tmp1
-	$SLL	$tmp1,`@sigma0[2]-@sigma0[1]`
-	xor	$tmp2,$tmp0
-	$SRL	$tmp0,@X[1],@sigma0[2]
-	xor	$tmp2,$tmp1
-
-	$SRL	$tmp3,@X[14],@sigma1[0]
-	xor	$tmp2,$tmp0			# sigma0(X[i+1])
-	$SLL	$tmp1,@X[14],`$SZ*8-@sigma1[2]`
-	$ADDU	@X[0],$tmp2
-	$SRL	$tmp0,@X[14],@sigma1[1]
-	xor	$tmp3,$tmp1
-	$SLL	$tmp1,`@sigma1[2]-@sigma1[1]`
-	xor	$tmp3,$tmp0
-	$SRL	$tmp0,@X[14],@sigma1[2]
-	xor	$tmp3,$tmp1
-
-	xor	$tmp3,$tmp0			# sigma1(X[i+14])
-	$ADDU	@X[0],$tmp3
-___
-	&BODY_00_15(@_);
-}
-
-$FRAMESIZE=16*$SZ+16*$SZREG;
-$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
-
-$code.=<<___;
-.text
-.set	noat
-#if !defined(__vxworks) || defined(__pic__)
-.option	pic2
-#endif
-
-.align	5
-.globl	sha${label}_block_data_order
-.ent	sha${label}_block_data_order
-sha${label}_block_data_order:
-	.frame	$sp,$FRAMESIZE,$ra
-	.mask	$SAVED_REGS_MASK,-$SZREG
-	.set	noreorder
-___
-$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
-	.cpload	$pf
-___
-$code.=<<___;
-	$PTR_SUB $sp,$FRAMESIZE
-	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
-	$REG_S	$s3,$FRAMESIZE-11*$SZREG($sp)
-	$REG_S	$s2,$FRAMESIZE-12*$SZREG($sp)
-	$REG_S	$s1,$FRAMESIZE-13*$SZREG($sp)
-	$REG_S	$s0,$FRAMESIZE-14*$SZREG($sp)
-	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	$PTR_SLL @X[15],$len,`log(16*$SZ)/log(2)`
-___
-$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
-	.cplocal	$Ktbl
-	.cpsetup	$pf,$zero,sha${label}_block_data_order
-___
-$code.=<<___;
-	.set	reorder
-	$LA	$Ktbl,K${label}		# PIC-ified 'load address'
-
-	$LD	$A,0*$SZ($ctx)		# load context
-	$LD	$B,1*$SZ($ctx)
-	$LD	$C,2*$SZ($ctx)
-	$LD	$D,3*$SZ($ctx)
-	$LD	$E,4*$SZ($ctx)
-	$LD	$F,5*$SZ($ctx)
-	$LD	$G,6*$SZ($ctx)
-	$LD	$H,7*$SZ($ctx)
-
-	$PTR_ADD @X[15],$inp		# pointer to the end of input
-	$REG_S	@X[15],16*$SZ($sp)
-	b	.Loop
-
-.align	5
-.Loop:
-	${LD}l	@X[0],$MSB($inp)
-	${LD}r	@X[0],$LSB($inp)
-___
-for ($i=0;$i<16;$i++)
-{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
-$code.=<<___;
-	b	.L16_xx
-.align	4
-.L16_xx:
-___
-for (;$i<32;$i++)
-{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
-$code.=<<___;
-	and	@X[6],0xfff
-	li	@X[7],$lastK
-	.set	noreorder
-	bne	@X[6],@X[7],.L16_xx
-	$PTR_ADD $Ktbl,16*$SZ		# Ktbl+=16
-
-	$REG_L	@X[15],16*$SZ($sp)	# restore pointer to the end of input
-	$LD	@X[0],0*$SZ($ctx)
-	$LD	@X[1],1*$SZ($ctx)
-	$LD	@X[2],2*$SZ($ctx)
-	$PTR_ADD $inp,16*$SZ
-	$LD	@X[3],3*$SZ($ctx)
-	$ADDU	$A,@X[0]
-	$LD	@X[4],4*$SZ($ctx)
-	$ADDU	$B,@X[1]
-	$LD	@X[5],5*$SZ($ctx)
-	$ADDU	$C,@X[2]
-	$LD	@X[6],6*$SZ($ctx)
-	$ADDU	$D,@X[3]
-	$LD	@X[7],7*$SZ($ctx)
-	$ADDU	$E,@X[4]
-	$ST	$A,0*$SZ($ctx)
-	$ADDU	$F,@X[5]
-	$ST	$B,1*$SZ($ctx)
-	$ADDU	$G,@X[6]
-	$ST	$C,2*$SZ($ctx)
-	$ADDU	$H,@X[7]
-	$ST	$D,3*$SZ($ctx)
-	$ST	$E,4*$SZ($ctx)
-	$ST	$F,5*$SZ($ctx)
-	$ST	$G,6*$SZ($ctx)
-	$ST	$H,7*$SZ($ctx)
-
-	bne	$inp,@X[15],.Loop
-	$PTR_SUB $Ktbl,`($rounds-16)*$SZ`	# rewind $Ktbl
-
-	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
-	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
-	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
-	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
-	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
-	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
-	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
-	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
-	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
-	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
-___
-$code.=<<___ if ($flavour =~ /nubi/i);
-	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
-	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
-	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
-	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
-	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
-___
-$code.=<<___;
-	jr	$ra
-	$PTR_ADD $sp,$FRAMESIZE
-.end	sha${label}_block_data_order
-
-.rdata
-.align	5
-K${label}:
-___
-if ($SZ==4) {
-$code.=<<___;
-	.word	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
-	.word	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
-	.word	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
-	.word	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
-	.word	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
-	.word	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
-	.word	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
-	.word	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
-	.word	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
-	.word	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
-	.word	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
-	.word	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
-	.word	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
-	.word	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
-	.word	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
-	.word	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
-___
-} else {
-$code.=<<___;
-	.dword	0x428a2f98d728ae22, 0x7137449123ef65cd
-	.dword	0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc
-	.dword	0x3956c25bf348b538, 0x59f111f1b605d019
-	.dword	0x923f82a4af194f9b, 0xab1c5ed5da6d8118
-	.dword	0xd807aa98a3030242, 0x12835b0145706fbe
-	.dword	0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2
-	.dword	0x72be5d74f27b896f, 0x80deb1fe3b1696b1
-	.dword	0x9bdc06a725c71235, 0xc19bf174cf692694
-	.dword	0xe49b69c19ef14ad2, 0xefbe4786384f25e3
-	.dword	0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65
-	.dword	0x2de92c6f592b0275, 0x4a7484aa6ea6e483
-	.dword	0x5cb0a9dcbd41fbd4, 0x76f988da831153b5
-	.dword	0x983e5152ee66dfab, 0xa831c66d2db43210
-	.dword	0xb00327c898fb213f, 0xbf597fc7beef0ee4
-	.dword	0xc6e00bf33da88fc2, 0xd5a79147930aa725
-	.dword	0x06ca6351e003826f, 0x142929670a0e6e70
-	.dword	0x27b70a8546d22ffc, 0x2e1b21385c26c926
-	.dword	0x4d2c6dfc5ac42aed, 0x53380d139d95b3df
-	.dword	0x650a73548baf63de, 0x766a0abb3c77b2a8
-	.dword	0x81c2c92e47edaee6, 0x92722c851482353b
-	.dword	0xa2bfe8a14cf10364, 0xa81a664bbc423001
-	.dword	0xc24b8b70d0f89791, 0xc76c51a30654be30
-	.dword	0xd192e819d6ef5218, 0xd69906245565a910
-	.dword	0xf40e35855771202a, 0x106aa07032bbd1b8
-	.dword	0x19a4c116b8d2d0c8, 0x1e376c085141ab53
-	.dword	0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8
-	.dword	0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb
-	.dword	0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3
-	.dword	0x748f82ee5defb2fc, 0x78a5636f43172f60
-	.dword	0x84c87814a1f0ab72, 0x8cc702081a6439ec
-	.dword	0x90befffa23631e28, 0xa4506cebde82bde9
-	.dword	0xbef9a3f7b2c67915, 0xc67178f2e372532b
-	.dword	0xca273eceea26619c, 0xd186b8c721c0c207
-	.dword	0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178
-	.dword	0x06f067aa72176fba, 0x0a637dc5a2c898a6
-	.dword	0x113f9804bef90dae, 0x1b710b35131c471b
-	.dword	0x28db77f523047d84, 0x32caab7b40c72493
-	.dword	0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c
-	.dword	0x4cc5d4becb3e42b6, 0x597f299cfc657e2a
-	.dword	0x5fcb6fab3ad6faec, 0x6c44198c4a475817
-___
-}
-$code.=<<___;
-.asciiz	"SHA${label} for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
-.align	5
-
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-parisc.pl b/lib/libssl/src/crypto/sha/asm/sha512-parisc.pl
deleted file mode 100755
index 0704302d2a9..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-parisc.pl
+++ /dev/null
@@ -1,805 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA256/512 block procedure for PA-RISC.
-
-# June 2009.
-#
-# SHA256 performance is >75% better than gcc 3.2 generated code on
-# PA-7100LC. Compared to code generated by vendor compiler this
-# implementation is almost 70% faster in 64-bit build, but delivers
-# virtually same performance in 32-bit build on PA-8600.
-#
-# SHA512 performance is >2.9x better than gcc 3.2 generated code on
-# PA-7100LC, PA-RISC 1.1 processor. Then implementation detects if the
-# code is executed on PA-RISC 2.0 processor and switches to 64-bit
-# code path delivering adequate performance even in "blended" 32-bit
-# build. Though 64-bit code is not any faster than code generated by
-# vendor compiler on PA-8600...
-#
-# Special thanks to polarhome.com for providing HP-UX account.
-
-$flavour = shift;
-$output = shift;
-open STDOUT,">$output";
-
-if ($flavour =~ /64/) {
-	$LEVEL		="2.0W";
-	$SIZE_T		=8;
-	$FRAME_MARKER	=80;
-	$SAVED_RP	=16;
-	$PUSH		="std";
-	$PUSHMA		="std,ma";
-	$POP		="ldd";
-	$POPMB		="ldd,mb";
-} else {
-	$LEVEL		="1.0";
-	$SIZE_T		=4;
-	$FRAME_MARKER	=48;
-	$SAVED_RP	=20;
-	$PUSH		="stw";
-	$PUSHMA		="stwm";
-	$POP		="ldw";
-	$POPMB		="ldwm";
-}
-
-if ($output =~ /512/) {
-	$func="sha512_block_data_order";
-	$SZ=8;
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=(1,  8, 7);
-	@sigma1=(19,61, 6);
-	$rounds=80;
-	$LAST10BITS=0x017;
-	$LD="ldd";
-	$LDM="ldd,ma";
-	$ST="std";
-} else {
-	$func="sha256_block_data_order";
-	$SZ=4;
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 7,18, 3);
-	@sigma1=(17,19,10);
-	$rounds=64;
-	$LAST10BITS=0x0f2;
-	$LD="ldw";
-	$LDM="ldwm";
-	$ST="stw";
-}
-
-$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
-				#                 [+ argument transfer]
-$XOFF=16*$SZ+32;		# local variables
-$FRAME+=$XOFF;
-$XOFF+=$FRAME_MARKER;		# distance between %sp and local variables
-
-$ctx="%r26";	# zapped by $a0
-$inp="%r25";	# zapped by $a1
-$num="%r24";	# zapped by $t0
-
-$a0 ="%r26";
-$a1 ="%r25";
-$t0 ="%r24";
-$t1 ="%r29";
-$Tbl="%r31";
-
-@V=($A,$B,$C,$D,$E,$F,$G,$H)=("%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r28");
-
-@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
-    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$inp);
-
-sub ROUND_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-$code.=<<___;
-	_ror	$e,$Sigma1[0],$a0
-	and	$f,$e,$t0
-	_ror	$e,$Sigma1[1],$a1
-	addl	$t1,$h,$h
-	andcm	$g,$e,$t1
-	xor	$a1,$a0,$a0
-	_ror	$a1,`$Sigma1[2]-$Sigma1[1]`,$a1
-	or	$t0,$t1,$t1		; Ch(e,f,g)
-	addl	@X[$i%16],$h,$h
-	xor	$a0,$a1,$a1		; Sigma1(e)
-	addl	$t1,$h,$h
-	_ror	$a,$Sigma0[0],$a0
-	addl	$a1,$h,$h
-
-	_ror	$a,$Sigma0[1],$a1
-	and	$a,$b,$t0
-	and	$a,$c,$t1
-	xor	$a1,$a0,$a0
-	_ror	$a1,`$Sigma0[2]-$Sigma0[1]`,$a1
-	xor	$t1,$t0,$t0
-	and	$b,$c,$t1
-	xor	$a0,$a1,$a1		; Sigma0(a)
-	addl	$h,$d,$d
-	xor	$t1,$t0,$t0		; Maj(a,b,c)
-	`"$LDM	$SZ($Tbl),$t1" if ($i<15)`
-	addl	$a1,$h,$h
-	addl	$t0,$h,$h
-
-___
-}
-
-sub ROUND_16_xx {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-$i-=16;
-$code.=<<___;
-	_ror	@X[($i+1)%16],$sigma0[0],$a0
-	_ror	@X[($i+1)%16],$sigma0[1],$a1
-	addl	@X[($i+9)%16],@X[$i],@X[$i]
-	_ror	@X[($i+14)%16],$sigma1[0],$t0
-	_ror	@X[($i+14)%16],$sigma1[1],$t1
-	xor	$a1,$a0,$a0
-	_shr	@X[($i+1)%16],$sigma0[2],$a1
-	xor	$t1,$t0,$t0
-	_shr	@X[($i+14)%16],$sigma1[2],$t1
-	xor	$a1,$a0,$a0		; sigma0(X[(i+1)&0x0f])
-	xor	$t1,$t0,$t0		; sigma1(X[(i+14)&0x0f])
-	$LDM	$SZ($Tbl),$t1
-	addl	$a0,@X[$i],@X[$i]
-	addl	$t0,@X[$i],@X[$i]
-___
-$code.=<<___ if ($i==15);
-	extru	$t1,31,10,$a1
-	comiclr,<> $LAST10BITS,$a1,%r0
-	ldo	1($Tbl),$Tbl		; signal end of $Tbl
-___
-&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h);
-}
-
-$code=<<___;
-	.LEVEL	$LEVEL
-#if 0
-	.SPACE	\$TEXT\$
-	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
-#else
-	.text
-#endif
-
-	.ALIGN	64
-L\$table
-___
-$code.=<<___ if ($SZ==8);
-	.WORD	0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
-	.WORD	0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
-	.WORD	0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
-	.WORD	0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
-	.WORD	0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
-	.WORD	0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
-	.WORD	0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
-	.WORD	0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
-	.WORD	0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
-	.WORD	0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
-	.WORD	0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
-	.WORD	0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
-	.WORD	0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
-	.WORD	0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
-	.WORD	0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
-	.WORD	0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
-	.WORD	0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
-	.WORD	0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
-	.WORD	0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
-	.WORD	0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
-	.WORD	0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
-	.WORD	0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
-	.WORD	0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
-	.WORD	0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
-	.WORD	0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
-	.WORD	0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
-	.WORD	0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
-	.WORD	0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
-	.WORD	0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
-	.WORD	0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
-	.WORD	0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
-	.WORD	0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
-	.WORD	0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
-	.WORD	0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
-	.WORD	0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
-	.WORD	0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
-	.WORD	0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
-	.WORD	0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
-	.WORD	0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
-	.WORD	0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
-___
-$code.=<<___ if ($SZ==4);
-	.WORD	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	.WORD	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	.WORD	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	.WORD	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	.WORD	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	.WORD	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	.WORD	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	.WORD	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	.WORD	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	.WORD	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	.WORD	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	.WORD	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	.WORD	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	.WORD	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	.WORD	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	.WORD	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-___
-$code.=<<___;
-
-	.EXPORT	$func,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
-	.ALIGN	64
-$func
-	.PROC
-	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
-	.ENTRY
-	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
-	$PUSHMA	%r3,$FRAME(%sp)
-	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
-	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
-	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
-	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
-	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
-	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
-	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
-	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
-	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
-	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
-	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
-	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
-	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
-	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
-	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
-
-	_shl	$num,`log(16*$SZ)/log(2)`,$num
-	addl	$inp,$num,$num		; $num to point at the end of $inp
-
-	$PUSH	$num,`-$FRAME_MARKER-4*$SIZE_T`(%sp)	; save arguments
-	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)
-	$PUSH	$ctx,`-$FRAME_MARKER-2*$SIZE_T`(%sp)
-
-	blr	%r0,$Tbl
-	ldi	3,$t1
-L\$pic
-	andcm	$Tbl,$t1,$Tbl		; wipe privilege level
-	ldo	L\$table-L\$pic($Tbl),$Tbl
-___
-$code.=<<___ if ($SZ==8 && $SIZE_T==4);
-#ifndef __OpenBSD__
-___
-$code.=<<___ if ($SZ==8 && $SIZE_T==4);
-	ldi	31,$t1
-	mtctl	$t1,%cr11
-	extrd,u,*= $t1,%sar,1,$t1	; executes on PA-RISC 1.0
-	b	L\$parisc1
-	nop
-___
-$code.=<<___;
-	$LD	`0*$SZ`($ctx),$A	; load context
-	$LD	`1*$SZ`($ctx),$B
-	$LD	`2*$SZ`($ctx),$C
-	$LD	`3*$SZ`($ctx),$D
-	$LD	`4*$SZ`($ctx),$E
-	$LD	`5*$SZ`($ctx),$F
-	$LD	`6*$SZ`($ctx),$G
-	$LD	`7*$SZ`($ctx),$H
-
-	extru	$inp,31,`log($SZ)/log(2)`,$t0
-	sh3addl	$t0,%r0,$t0
-	subi	`8*$SZ`,$t0,$t0
-	mtctl	$t0,%cr11		; load %sar with align factor
-
-L\$oop
-	ldi	`$SZ-1`,$t0
-	$LDM	$SZ($Tbl),$t1
-	andcm	$inp,$t0,$t0		; align $inp
-___
-	for ($i=0;$i<15;$i++) {		# load input block
-	$code.="\t$LD	`$SZ*$i`($t0),@X[$i]\n";		}
-$code.=<<___;
-	cmpb,*=	$inp,$t0,L\$aligned
-	$LD	`$SZ*15`($t0),@X[15]
-	$LD	`$SZ*16`($t0),@X[16]
-___
-	for ($i=0;$i<16;$i++) {		# align data
-	$code.="\t_align	@X[$i],@X[$i+1],@X[$i]\n";	}
-$code.=<<___;
-L\$aligned
-	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
-___
-
-for($i=0;$i<16;$i++)	{ &ROUND_00_15($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-L\$rounds
-	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
-___
-for(;$i<32;$i++)	{ &ROUND_16_xx($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	bb,>=	$Tbl,31,L\$rounds	; end of $Tbl signalled?
-	nop
-
-	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
-	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
-	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
-	ldo	`-$rounds*$SZ-1`($Tbl),$Tbl		; rewind $Tbl
-
-	$LD	`0*$SZ`($ctx),@X[0]	; load context
-	$LD	`1*$SZ`($ctx),@X[1]
-	$LD	`2*$SZ`($ctx),@X[2]
-	$LD	`3*$SZ`($ctx),@X[3]
-	$LD	`4*$SZ`($ctx),@X[4]
-	$LD	`5*$SZ`($ctx),@X[5]
-	addl	@X[0],$A,$A
-	$LD	`6*$SZ`($ctx),@X[6]
-	addl	@X[1],$B,$B
-	$LD	`7*$SZ`($ctx),@X[7]
-	ldo	`16*$SZ`($inp),$inp	; advance $inp
-
-	$ST	$A,`0*$SZ`($ctx)	; save context
-	addl	@X[2],$C,$C
-	$ST	$B,`1*$SZ`($ctx)
-	addl	@X[3],$D,$D
-	$ST	$C,`2*$SZ`($ctx)
-	addl	@X[4],$E,$E
-	$ST	$D,`3*$SZ`($ctx)
-	addl	@X[5],$F,$F
-	$ST	$E,`4*$SZ`($ctx)
-	addl	@X[6],$G,$G
-	$ST	$F,`5*$SZ`($ctx)
-	addl	@X[7],$H,$H
-	$ST	$G,`6*$SZ`($ctx)
-	$ST	$H,`7*$SZ`($ctx)
-
-	cmpb,*<>,n $inp,$num,L\$oop
-	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
-___
-if ($SZ==8 && $SIZE_T==4)	# SHA512 for 32-bit PA-RISC 1.0
-{{
-$code.=<<___;
-	b	L\$done
-	nop
-
-	.ALIGN	64
-L\$parisc1
-___
-$code.=<<___ if ($SZ==8 && $SIZE_T==4);
-#endif
-___
-
-@V=(  $Ahi,  $Alo,  $Bhi,  $Blo,  $Chi,  $Clo,  $Dhi,  $Dlo,
-      $Ehi,  $Elo,  $Fhi,  $Flo,  $Ghi,  $Glo,  $Hhi,  $Hlo) = 
-   ( "%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
-     "%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16");
-$a0 ="%r17";
-$a1 ="%r18";
-$a2 ="%r19";
-$a3 ="%r20";
-$t0 ="%r21";
-$t1 ="%r22";
-$t2 ="%r28";
-$t3 ="%r29";
-$Tbl="%r31";
-
-@X=("%r23","%r24","%r25","%r26");	# zaps $num,$inp,$ctx
-
-sub ROUND_00_15_pa1 {
-my ($i,$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
-       $ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo,$flag)=@_;
-my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
-
-$code.=<<___ if (!$flag);
-	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
-	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
-___
-$code.=<<___;
-	shd	$ehi,$elo,$Sigma1[0],$t0
-	 add	$Xlo,$hlo,$hlo
-	shd	$elo,$ehi,$Sigma1[0],$t1
-	 addc	$Xhi,$hhi,$hhi		; h += X[i]
-	shd	$ehi,$elo,$Sigma1[1],$t2
-	 ldwm	8($Tbl),$Xhi
-	shd	$elo,$ehi,$Sigma1[1],$t3
-	 ldw	-4($Tbl),$Xlo		; load K[i]
-	xor	$t2,$t0,$t0
-	xor	$t3,$t1,$t1
-	 and	$flo,$elo,$a0
-	 and	$fhi,$ehi,$a1
-	shd	$ehi,$elo,$Sigma1[2],$t2
-	 andcm	$glo,$elo,$a2
-	shd	$elo,$ehi,$Sigma1[2],$t3
-	 andcm	$ghi,$ehi,$a3
-	xor	$t2,$t0,$t0
-	xor	$t3,$t1,$t1		; Sigma1(e)
-	add	$Xlo,$hlo,$hlo
-	 xor	$a2,$a0,$a0
-	addc	$Xhi,$hhi,$hhi		; h += K[i]
-	 xor	$a3,$a1,$a1		; Ch(e,f,g)
-
-	 add	$t0,$hlo,$hlo
-	shd	$ahi,$alo,$Sigma0[0],$t0
-	 addc	$t1,$hhi,$hhi		; h += Sigma1(e)
-	shd	$alo,$ahi,$Sigma0[0],$t1	
-	 add	$a0,$hlo,$hlo
-	shd	$ahi,$alo,$Sigma0[1],$t2
-	 addc	$a1,$hhi,$hhi		; h += Ch(e,f,g)
-	shd	$alo,$ahi,$Sigma0[1],$t3
-
-	xor	$t2,$t0,$t0
-	xor	$t3,$t1,$t1
-	shd	$ahi,$alo,$Sigma0[2],$t2
-	and	$alo,$blo,$a0
-	shd	$alo,$ahi,$Sigma0[2],$t3
-	and	$ahi,$bhi,$a1
-	xor	$t2,$t0,$t0
-	xor	$t3,$t1,$t1		; Sigma0(a)
-
-	and	$alo,$clo,$a2
-	and	$ahi,$chi,$a3
-	xor	$a2,$a0,$a0
-	 add	$hlo,$dlo,$dlo
-	xor	$a3,$a1,$a1
-	 addc	$hhi,$dhi,$dhi		; d += h
-	and	$blo,$clo,$a2
-	 add	$t0,$hlo,$hlo
-	and	$bhi,$chi,$a3
-	 addc	$t1,$hhi,$hhi		; h += Sigma0(a)
-	xor	$a2,$a0,$a0
-	 add	$a0,$hlo,$hlo
-	xor	$a3,$a1,$a1		; Maj(a,b,c)
-	 addc	$a1,$hhi,$hhi		; h += Maj(a,b,c)
-
-___
-$code.=<<___ if ($i==15 && $flag);
-	extru	$Xlo,31,10,$Xlo
-	comiclr,= $LAST10BITS,$Xlo,%r0
-	b	L\$rounds_pa1
-	nop
-___
-push(@X,shift(@X)); push(@X,shift(@X));
-}
-
-sub ROUND_16_xx_pa1 {
-my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
-my ($i)=shift;
-$i-=16;
-$code.=<<___;
-	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
-	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
-	ldw	`-$XOFF+8*(($i+9)%16)`(%sp),$a1
-	ldw	`-$XOFF+8*(($i+9)%16)+4`(%sp),$a0	; load X[i+9]
-	ldw	`-$XOFF+8*(($i+14)%16)`(%sp),$a3
-	ldw	`-$XOFF+8*(($i+14)%16)+4`(%sp),$a2	; load X[i+14]
-	shd	$Xnhi,$Xnlo,$sigma0[0],$t0
-	shd	$Xnlo,$Xnhi,$sigma0[0],$t1
-	 add	$a0,$Xlo,$Xlo
-	shd	$Xnhi,$Xnlo,$sigma0[1],$t2
-	 addc	$a1,$Xhi,$Xhi
-	shd	$Xnlo,$Xnhi,$sigma0[1],$t3
-	xor	$t2,$t0,$t0
-	shd	$Xnhi,$Xnlo,$sigma0[2],$t2
-	xor	$t3,$t1,$t1
-	extru	$Xnhi,`31-$sigma0[2]`,`32-$sigma0[2]`,$t3
-	xor	$t2,$t0,$t0
-	 shd	$a3,$a2,$sigma1[0],$a0
-	xor	$t3,$t1,$t1		; sigma0(X[i+1)&0x0f])
-	 shd	$a2,$a3,$sigma1[0],$a1
-	add	$t0,$Xlo,$Xlo
-	 shd	$a3,$a2,$sigma1[1],$t2
-	addc	$t1,$Xhi,$Xhi
-	 shd	$a2,$a3,$sigma1[1],$t3
-	xor	$t2,$a0,$a0
-	shd	$a3,$a2,$sigma1[2],$t2
-	xor	$t3,$a1,$a1
-	extru	$a3,`31-$sigma1[2]`,`32-$sigma1[2]`,$t3
-	xor	$t2,$a0,$a0
-	xor	$t3,$a1,$a1		; sigma0(X[i+14)&0x0f])
-	add	$a0,$Xlo,$Xlo
-	addc	$a1,$Xhi,$Xhi
-
-	stw	$Xhi,`-$XOFF+8*($i%16)`(%sp)
-	stw	$Xlo,`-$XOFF+8*($i%16)+4`(%sp)
-___
-&ROUND_00_15_pa1($i,@_,1);
-}
-$code.=<<___;
-	ldw	`0*4`($ctx),$Ahi		; load context
-	ldw	`1*4`($ctx),$Alo
-	ldw	`2*4`($ctx),$Bhi
-	ldw	`3*4`($ctx),$Blo
-	ldw	`4*4`($ctx),$Chi
-	ldw	`5*4`($ctx),$Clo
-	ldw	`6*4`($ctx),$Dhi
-	ldw	`7*4`($ctx),$Dlo
-	ldw	`8*4`($ctx),$Ehi
-	ldw	`9*4`($ctx),$Elo
-	ldw	`10*4`($ctx),$Fhi
-	ldw	`11*4`($ctx),$Flo
-	ldw	`12*4`($ctx),$Ghi
-	ldw	`13*4`($ctx),$Glo
-	ldw	`14*4`($ctx),$Hhi
-	ldw	`15*4`($ctx),$Hlo
-
-	extru	$inp,31,2,$t0
-	sh3addl	$t0,%r0,$t0
-	subi	32,$t0,$t0
-	mtctl	$t0,%cr11		; load %sar with align factor
-
-L\$oop_pa1
-	extru	$inp,31,2,$a3
-	comib,=	0,$a3,L\$aligned_pa1
-	sub	$inp,$a3,$inp
-
-	ldw	`0*4`($inp),$X[0]
-	ldw	`1*4`($inp),$X[1]
-	ldw	`2*4`($inp),$t2
-	ldw	`3*4`($inp),$t3
-	ldw	`4*4`($inp),$a0
-	ldw	`5*4`($inp),$a1
-	ldw	`6*4`($inp),$a2
-	ldw	`7*4`($inp),$a3
-	vshd	$X[0],$X[1],$X[0]
-	vshd	$X[1],$t2,$X[1]
-	stw	$X[0],`-$XOFF+0*4`(%sp)
-	ldw	`8*4`($inp),$t0
-	vshd	$t2,$t3,$t2
-	stw	$X[1],`-$XOFF+1*4`(%sp)
-	ldw	`9*4`($inp),$t1
-	vshd	$t3,$a0,$t3
-___
-{
-my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
-for ($i=2;$i<=(128/4-8);$i++) {
-$code.=<<___;
-	stw	$t[0],`-$XOFF+$i*4`(%sp)
-	ldw	`(8+$i)*4`($inp),$t[0]
-	vshd	$t[1],$t[2],$t[1]
-___
-push(@t,shift(@t));
-}
-for (;$i<(128/4-1);$i++) {
-$code.=<<___;
-	stw	$t[0],`-$XOFF+$i*4`(%sp)
-	vshd	$t[1],$t[2],$t[1]
-___
-push(@t,shift(@t));
-}
-$code.=<<___;
-	b	L\$collected_pa1
-	stw	$t[0],`-$XOFF+$i*4`(%sp)
-
-___
-}
-$code.=<<___;
-L\$aligned_pa1
-	ldw	`0*4`($inp),$X[0]
-	ldw	`1*4`($inp),$X[1]
-	ldw	`2*4`($inp),$t2
-	ldw	`3*4`($inp),$t3
-	ldw	`4*4`($inp),$a0
-	ldw	`5*4`($inp),$a1
-	ldw	`6*4`($inp),$a2
-	ldw	`7*4`($inp),$a3
-	stw	$X[0],`-$XOFF+0*4`(%sp)
-	ldw	`8*4`($inp),$t0
-	stw	$X[1],`-$XOFF+1*4`(%sp)
-	ldw	`9*4`($inp),$t1
-___
-{
-my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
-for ($i=2;$i<(128/4-8);$i++) {
-$code.=<<___;
-	stw	$t[0],`-$XOFF+$i*4`(%sp)
-	ldw	`(8+$i)*4`($inp),$t[0]
-___
-push(@t,shift(@t));
-}
-for (;$i<128/4;$i++) {
-$code.=<<___;
-	stw	$t[0],`-$XOFF+$i*4`(%sp)
-___
-push(@t,shift(@t));
-}
-$code.="L\$collected_pa1\n";
-}
-
-for($i=0;$i<16;$i++)	{ &ROUND_00_15_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
-$code.="L\$rounds_pa1\n";
-for(;$i<32;$i++)	{ &ROUND_16_xx_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
-
-$code.=<<___;
-	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
-	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
-	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
-	ldo	`-$rounds*$SZ`($Tbl),$Tbl		; rewind $Tbl
-
-	ldw	`0*4`($ctx),$t1		; update context
-	ldw	`1*4`($ctx),$t0
-	ldw	`2*4`($ctx),$t3
-	ldw	`3*4`($ctx),$t2
-	ldw	`4*4`($ctx),$a1
-	ldw	`5*4`($ctx),$a0
-	ldw	`6*4`($ctx),$a3
-	add	$t0,$Alo,$Alo
-	ldw	`7*4`($ctx),$a2
-	addc	$t1,$Ahi,$Ahi
-	ldw	`8*4`($ctx),$t1
-	add	$t2,$Blo,$Blo
-	ldw	`9*4`($ctx),$t0
-	addc	$t3,$Bhi,$Bhi
-	ldw	`10*4`($ctx),$t3
-	add	$a0,$Clo,$Clo
-	ldw	`11*4`($ctx),$t2
-	addc	$a1,$Chi,$Chi
-	ldw	`12*4`($ctx),$a1
-	add	$a2,$Dlo,$Dlo
-	ldw	`13*4`($ctx),$a0
-	addc	$a3,$Dhi,$Dhi
-	ldw	`14*4`($ctx),$a3
-	add	$t0,$Elo,$Elo
-	ldw	`15*4`($ctx),$a2
-	addc	$t1,$Ehi,$Ehi
-	stw	$Ahi,`0*4`($ctx)
-	add	$t2,$Flo,$Flo
-	stw	$Alo,`1*4`($ctx)
-	addc	$t3,$Fhi,$Fhi
-	stw	$Bhi,`2*4`($ctx)
-	add	$a0,$Glo,$Glo
-	stw	$Blo,`3*4`($ctx)
-	addc	$a1,$Ghi,$Ghi
-	stw	$Chi,`4*4`($ctx)
-	add	$a2,$Hlo,$Hlo
-	stw	$Clo,`5*4`($ctx)
-	addc	$a3,$Hhi,$Hhi
-	stw	$Dhi,`6*4`($ctx)
-	ldo	`16*$SZ`($inp),$inp	; advance $inp
-	stw	$Dlo,`7*4`($ctx)
-	stw	$Ehi,`8*4`($ctx)
-	stw	$Elo,`9*4`($ctx)
-	stw	$Fhi,`10*4`($ctx)
-	stw	$Flo,`11*4`($ctx)
-	stw	$Ghi,`12*4`($ctx)
-	stw	$Glo,`13*4`($ctx)
-	stw	$Hhi,`14*4`($ctx)
-	comb,=	$inp,$num,L\$done
-	stw	$Hlo,`15*4`($ctx)
-	b	L\$oop_pa1
-	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
-L\$done
-___
-}}
-$code.=<<___;
-	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
-	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
-	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
-	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
-	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
-	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
-	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
-	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
-	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
-	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
-	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
-	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
-	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
-	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
-	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
-	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
-	bv	(%r2)
-	.EXIT
-	$POPMB	-$FRAME(%sp),%r3
-	.PROCEND
-
-	.data
-	.STRINGZ "SHA`64*$SZ` block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
-___
-
-# Explicitly encode PA-RISC 2.0 instructions used in this module, so
-# that it can be compiled with .LEVEL 1.0. It should be noted that I
-# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
-# directive...
-
-my $ldd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "ldd$mod\t$args";
-
-    if ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 3 suffices
-    {	my $opcode=(0x14<<26)|($2<<21)|($3<<16)|(($1&0x1FF8)<<1)|(($1>>13)&1);
-	$opcode|=(1<<3) if ($mod =~ /^,m/);
-	$opcode|=(1<<2) if ($mod =~ /^,mb/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $std = sub {
-  my ($mod,$args) = @_;
-  my $orig = "std$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
-    {	my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $extrd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "extrd$mod\t$args";
-
-    # I only have ",u" completer, it's implicitly encoded...
-    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
-    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
-	my $len=32-$3;
-	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
-	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
-    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
-	my $len=32-$2;
-	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
-	$opcode |= (1<<13) if ($mod =~ /,\**=/);
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-my $shrpd = sub {
-  my ($mod,$args) = @_;
-  my $orig = "shrpd$mod\t$args";
-
-    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
-    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
-	my $cpos=63-$3;
-	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
-	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
-    }
-    elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/)	# format 11
-    {	sprintf "\t.WORD\t0x%08x\t; %s",
-		(0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
-    }
-    else { "\t".$orig; }
-};
-
-sub assemble {
-  my ($mnemonic,$mod,$args)=@_;
-  my $opcode = eval("\$$mnemonic");
-
-    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
-}
-
-foreach (split("\n",$code)) {
-	s/\`([^\`]*)\`/eval $1/ge;
-
-	s/shd\s+(%r[0-9]+),(%r[0-9]+),([0-9]+)/
-		$3>31 ? sprintf("shd\t%$2,%$1,%d",$3-32)	# rotation for >=32
-		:       sprintf("shd\t%$1,%$2,%d",$3)/e			or
-	# translate made up instructons: _ror, _shr, _align, _shl
-	s/_ror(\s+)(%r[0-9]+),/
-		($SZ==4 ? "shd" : "shrpd")."$1$2,$2,"/e			or
-
-	s/_shr(\s+%r[0-9]+),([0-9]+),/
-		$SZ==4 ? sprintf("extru%s,%d,%d,",$1,31-$2,32-$2)
-		:        sprintf("extrd,u%s,%d,%d,",$1,63-$2,64-$2)/e	or
-
-	s/_align(\s+%r[0-9]+,%r[0-9]+),/
-		($SZ==4 ? "vshd$1," : "shrpd$1,%sar,")/e		or
-
-	s/_shl(\s+%r[0-9]+),([0-9]+),/
-		$SIZE_T==4 ? sprintf("zdep%s,%d,%d,",$1,31-$2,32-$2)
-		:            sprintf("depd,z%s,%d,%d,",$1,63-$2,64-$2)/e;
-
-	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($SIZE_T==4);
-
-	s/cmpb,\*/comb,/ if ($SIZE_T==4);
-
-	s/\bbv\b/bve/    if ($SIZE_T==8);
-
-	print $_,"\n";
-}
-
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-ppc.pl b/lib/libssl/src/crypto/sha/asm/sha512-ppc.pl
deleted file mode 100755
index 2a7d5a0e8bc..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-ppc.pl
+++ /dev/null
@@ -1,460 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# I let hardware handle unaligned input, except on page boundaries
-# (see below for details). Otherwise straightforward implementation
-# with X vector in register bank. The module is big-endian [which is
-# not big deal as there're no little-endian targets left around].
-
-#			sha256		|	sha512
-# 			-m64	-m32	|	-m64	-m32
-# --------------------------------------+-----------------------
-# PPC970,gcc-4.0.0	+50%	+38%	|	+40%	+410%(*)
-# Power6,xlc-7		+150%	+90%	|	+100%	+430%(*)
-#
-# (*)	64-bit code in 32-bit application context, which actually is
-#	on TODO list. It should be noted that for safe deployment in
-#	32-bit *multi-threaded* context asynchronous signals should be
-#	blocked upon entry to SHA512 block routine. This is because
-#	32-bit signaling procedure invalidates upper halves of GPRs.
-#	Context switch procedure preserves them, but not signaling:-(
-
-# Second version is true multi-thread safe. Trouble with the original
-# version was that it was using thread local storage pointer register.
-# Well, it scrupulously preserved it, but the problem would arise the
-# moment asynchronous signal was delivered and signal handler would
-# dereference the TLS pointer. While it's never the case in openssl
-# application or test suite, we have to respect this scenario and not
-# use TLS pointer register. Alternative would be to require caller to
-# block signals prior calling this routine. For the record, in 32-bit
-# context R2 serves as TLS pointer, while in 64-bit context - R13.
-
-$flavour=shift;
-$output =shift;
-
-if ($flavour =~ /64/) {
-	$SIZE_T=8;
-	$LRSAVE=2*$SIZE_T;
-	$STU="stdu";
-	$UCMP="cmpld";
-	$SHL="sldi";
-	$POP="ld";
-	$PUSH="std";
-} elsif ($flavour =~ /32/) {
-	$SIZE_T=4;
-	$LRSAVE=$SIZE_T;
-	$STU="stwu";
-	$UCMP="cmplw";
-	$SHL="slwi";
-	$POP="lwz";
-	$PUSH="stw";
-} else { die "nonsense $flavour"; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
-die "can't locate ppc-xlate.pl";
-
-open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
-
-if ($output =~ /512/) {
-	$func="sha512_block_data_order";
-	$SZ=8;
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=(1,  8, 7);
-	@sigma1=(19,61, 6);
-	$rounds=80;
-	$LD="ld";
-	$ST="std";
-	$ROR="rotrdi";
-	$SHR="srdi";
-} else {
-	$func="sha256_block_data_order";
-	$SZ=4;
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 7,18, 3);
-	@sigma1=(17,19,10);
-	$rounds=64;
-	$LD="lwz";
-	$ST="stw";
-	$ROR="rotrwi";
-	$SHR="srwi";
-}
-
-$FRAME=32*$SIZE_T+16*$SZ;
-$LOCALS=6*$SIZE_T;
-
-$sp ="r1";
-$toc="r2";
-$ctx="r3";	# zapped by $a0
-$inp="r4";	# zapped by $a1
-$num="r5";	# zapped by $t0
-
-$T  ="r0";
-$a0 ="r3";
-$a1 ="r4";
-$t0 ="r5";
-$t1 ="r6";
-$Tbl="r7";
-
-$A  ="r8";
-$B  ="r9";
-$C  ="r10";
-$D  ="r11";
-$E  ="r12";
-$F  ="r13";	$F="r2" if ($SIZE_T==8);# reassigned to exempt TLS pointer
-$G  ="r14";
-$H  ="r15";
-
-@V=($A,$B,$C,$D,$E,$F,$G,$H);
-@X=("r16","r17","r18","r19","r20","r21","r22","r23",
-    "r24","r25","r26","r27","r28","r29","r30","r31");
-
-$inp="r31";	# reassigned $inp! aliases with @X[15]
-
-sub ROUND_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-$code.=<<___;
-	$LD	$T,`$i*$SZ`($Tbl)
-	$ROR	$a0,$e,$Sigma1[0]
-	$ROR	$a1,$e,$Sigma1[1]
-	and	$t0,$f,$e
-	andc	$t1,$g,$e
-	add	$T,$T,$h
-	xor	$a0,$a0,$a1
-	$ROR	$a1,$a1,`$Sigma1[2]-$Sigma1[1]`
-	or	$t0,$t0,$t1		; Ch(e,f,g)
-	add	$T,$T,@X[$i]
-	xor	$a0,$a0,$a1		; Sigma1(e)
-	add	$T,$T,$t0
-	add	$T,$T,$a0
-
-	$ROR	$a0,$a,$Sigma0[0]
-	$ROR	$a1,$a,$Sigma0[1]
-	and	$t0,$a,$b
-	and	$t1,$a,$c
-	xor	$a0,$a0,$a1
-	$ROR	$a1,$a1,`$Sigma0[2]-$Sigma0[1]`
-	xor	$t0,$t0,$t1
-	and	$t1,$b,$c
-	xor	$a0,$a0,$a1		; Sigma0(a)
-	add	$d,$d,$T
-	xor	$t0,$t0,$t1		; Maj(a,b,c)
-	add	$h,$T,$a0
-	add	$h,$h,$t0
-
-___
-}
-
-sub ROUND_16_xx {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-$i-=16;
-$code.=<<___;
-	$ROR	$a0,@X[($i+1)%16],$sigma0[0]
-	$ROR	$a1,@X[($i+1)%16],$sigma0[1]
-	$ROR	$t0,@X[($i+14)%16],$sigma1[0]
-	$ROR	$t1,@X[($i+14)%16],$sigma1[1]
-	xor	$a0,$a0,$a1
-	$SHR	$a1,@X[($i+1)%16],$sigma0[2]
-	xor	$t0,$t0,$t1
-	$SHR	$t1,@X[($i+14)%16],$sigma1[2]
-	add	@X[$i],@X[$i],@X[($i+9)%16]
-	xor	$a0,$a0,$a1		; sigma0(X[(i+1)&0x0f])
-	xor	$t0,$t0,$t1		; sigma1(X[(i+14)&0x0f])
-	add	@X[$i],@X[$i],$a0
-	add	@X[$i],@X[$i],$t0
-___
-&ROUND_00_15($i,$a,$b,$c,$d,$e,$f,$g,$h);
-}
-
-$code=<<___;
-.machine	"any"
-.text
-
-.globl	$func
-.align	6
-$func:
-	$STU	$sp,-$FRAME($sp)
-	mflr	r0
-	$SHL	$num,$num,`log(16*$SZ)/log(2)`
-
-	$PUSH	$ctx,`$FRAME-$SIZE_T*22`($sp)
-
-	$PUSH	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$PUSH	r13,`$FRAME-$SIZE_T*19`($sp)
-	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
-	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
-	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
-	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
-	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
-	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
-	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
-	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
-	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
-	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
-	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
-	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
-	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
-	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
-	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
-	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
-	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
-	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
-	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
-
-	$LD	$A,`0*$SZ`($ctx)
-	mr	$inp,r4				; incarnate $inp
-	$LD	$B,`1*$SZ`($ctx)
-	$LD	$C,`2*$SZ`($ctx)
-	$LD	$D,`3*$SZ`($ctx)
-	$LD	$E,`4*$SZ`($ctx)
-	$LD	$F,`5*$SZ`($ctx)
-	$LD	$G,`6*$SZ`($ctx)
-	$LD	$H,`7*$SZ`($ctx)
-
-	bl	LPICmeup
-LPICedup:
-	andi.	r0,$inp,3
-	bne	Lunaligned
-Laligned:
-	add	$num,$inp,$num
-	$PUSH	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
-	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
-	bl	Lsha2_block_private
-	b	Ldone
-
-; PowerPC specification allows an implementation to be ill-behaved
-; upon unaligned access which crosses page boundary. "Better safe
-; than sorry" principle makes me treat it specially. But I don't
-; look for particular offending word, but rather for the input
-; block which crosses the boundary. Once found that block is aligned
-; and hashed separately...
-.align	4
-Lunaligned:
-	subfic	$t1,$inp,4096
-	andi.	$t1,$t1,`4096-16*$SZ`	; distance to closest page boundary
-	beq	Lcross_page
-	$UCMP	$num,$t1
-	ble-	Laligned		; didn't cross the page boundary
-	subfc	$num,$t1,$num
-	add	$t1,$inp,$t1
-	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real remaining num
-	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; intermediate end pointer
-	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
-	bl	Lsha2_block_private
-	; $inp equals to the intermediate end pointer here
-	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real remaining num
-Lcross_page:
-	li	$t1,`16*$SZ/4`
-	mtctr	$t1
-	addi	r20,$sp,$LOCALS			; aligned spot below the frame
-Lmemcpy:
-	lbz	r16,0($inp)
-	lbz	r17,1($inp)
-	lbz	r18,2($inp)
-	lbz	r19,3($inp)
-	addi	$inp,$inp,4
-	stb	r16,0(r20)
-	stb	r17,1(r20)
-	stb	r18,2(r20)
-	stb	r19,3(r20)
-	addi	r20,r20,4
-	bdnz	Lmemcpy
-
-	$PUSH	$inp,`$FRAME-$SIZE_T*26`($sp)	; save real inp
-	addi	$t1,$sp,`$LOCALS+16*$SZ`	; fictitious end pointer
-	addi	$inp,$sp,$LOCALS		; fictitious inp pointer
-	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real num
-	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; end pointer
-	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
-	bl	Lsha2_block_private
-	$POP	$inp,`$FRAME-$SIZE_T*26`($sp)	; restore real inp
-	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real num
-	addic.	$num,$num,`-16*$SZ`		; num--
-	bne-	Lunaligned
-
-Ldone:
-	$POP	r0,`$FRAME+$LRSAVE`($sp)
-	$POP	$toc,`$FRAME-$SIZE_T*20`($sp)
-	$POP	r13,`$FRAME-$SIZE_T*19`($sp)
-	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
-	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
-	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
-	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
-	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
-	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
-	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
-	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
-	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
-	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
-	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
-	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
-	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
-	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
-	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
-	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
-	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
-	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
-	mtlr	r0
-	addi	$sp,$sp,$FRAME
-	blr
-	.long	0
-	.byte	0,12,4,1,0x80,18,3,0
-	.long	0
-
-.align	4
-Lsha2_block_private:
-___
-for($i=0;$i<16;$i++) {
-$code.=<<___ if ($SZ==4);
-	lwz	@X[$i],`$i*$SZ`($inp)
-___
-# 64-bit loads are split to 2x32-bit ones, as CPU can't handle
-# unaligned 64-bit loads, only 32-bit ones...
-$code.=<<___ if ($SZ==8);
-	lwz	$t0,`$i*$SZ`($inp)
-	lwz	@X[$i],`$i*$SZ+4`($inp)
-	insrdi	@X[$i],$t0,32,0
-___
-	&ROUND_00_15($i,@V);
-	unshift(@V,pop(@V));
-}
-$code.=<<___;
-	li	$T,`$rounds/16-1`
-	mtctr	$T
-.align	4
-Lrounds:
-	addi	$Tbl,$Tbl,`16*$SZ`
-___
-for(;$i<32;$i++) {
-	&ROUND_16_xx($i,@V);
-	unshift(@V,pop(@V));
-}
-$code.=<<___;
-	bdnz-	Lrounds
-
-	$POP	$ctx,`$FRAME-$SIZE_T*22`($sp)
-	$POP	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
-	$POP	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
-	subi	$Tbl,$Tbl,`($rounds-16)*$SZ`	; rewind Tbl
-
-	$LD	r16,`0*$SZ`($ctx)
-	$LD	r17,`1*$SZ`($ctx)
-	$LD	r18,`2*$SZ`($ctx)
-	$LD	r19,`3*$SZ`($ctx)
-	$LD	r20,`4*$SZ`($ctx)
-	$LD	r21,`5*$SZ`($ctx)
-	$LD	r22,`6*$SZ`($ctx)
-	addi	$inp,$inp,`16*$SZ`		; advance inp
-	$LD	r23,`7*$SZ`($ctx)
-	add	$A,$A,r16
-	add	$B,$B,r17
-	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)
-	add	$C,$C,r18
-	$ST	$A,`0*$SZ`($ctx)
-	add	$D,$D,r19
-	$ST	$B,`1*$SZ`($ctx)
-	add	$E,$E,r20
-	$ST	$C,`2*$SZ`($ctx)
-	add	$F,$F,r21
-	$ST	$D,`3*$SZ`($ctx)
-	add	$G,$G,r22
-	$ST	$E,`4*$SZ`($ctx)
-	add	$H,$H,r23
-	$ST	$F,`5*$SZ`($ctx)
-	$ST	$G,`6*$SZ`($ctx)
-	$UCMP	$inp,$num
-	$ST	$H,`7*$SZ`($ctx)
-	bne	Lsha2_block_private
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-___
-
-# Ugly hack here, because PPC assembler syntax seem to vary too
-# much from platforms to platform...
-$code.=<<___;
-.align	6
-LPICmeup:
-	mflr	r0
-	bcl	20,31,\$+4
-	mflr	$Tbl	; vvvvvv "distance" between . and 1st data entry
-	addi	$Tbl,$Tbl,`64-8`
-	mtlr	r0
-	blr
-	.long	0
-	.byte	0,12,0x14,0,0,0,0,0
-	.space	`64-9*4`
-___
-$code.=<<___ if ($SZ==8);
-	.long	0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
-	.long	0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
-	.long	0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
-	.long	0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
-	.long	0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
-	.long	0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
-	.long	0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
-	.long	0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
-	.long	0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
-	.long	0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
-	.long	0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
-	.long	0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
-	.long	0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
-	.long	0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
-	.long	0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
-	.long	0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
-	.long	0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
-	.long	0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
-	.long	0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
-	.long	0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
-	.long	0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
-	.long	0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
-	.long	0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
-	.long	0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
-	.long	0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
-	.long	0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
-	.long	0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
-	.long	0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
-	.long	0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
-	.long	0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
-	.long	0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
-	.long	0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
-	.long	0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
-	.long	0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
-	.long	0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
-	.long	0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
-	.long	0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
-	.long	0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
-	.long	0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
-	.long	0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
-___
-$code.=<<___ if ($SZ==4);
-	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-s390x.pl b/lib/libssl/src/crypto/sha/asm/sha512-s390x.pl
deleted file mode 100644
index 079a3fc78ab..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-s390x.pl
+++ /dev/null
@@ -1,322 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA256/512 block procedures for s390x.
-
-# April 2007.
-#
-# sha256_block_data_order is reportedly >3 times faster than gcc 3.3
-# generated code (must be a bug in compiler, as improvement is
-# "pathologically" high, in particular in comparison to other SHA
-# modules). But the real twist is that it detects if hardware support
-# for SHA256 is available and in such case utilizes it. Then the
-# performance can reach >6.5x of assembler one for larger chunks.
-#
-# sha512_block_data_order is ~70% faster than gcc 3.3 generated code.
-
-# January 2009.
-#
-# Add support for hardware SHA512 and reschedule instructions to
-# favour dual-issue z10 pipeline. Hardware SHA256/512 is ~4.7x faster
-# than software.
-
-# November 2010.
-#
-# Adapt for -m31 build. If kernel supports what's called "highgprs"
-# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
-# instructions and achieve "64-bit" performance even in 31-bit legacy
-# application context. The feature is not specific to any particular
-# processor, as long as it's "z-CPU". Latter implies that the code
-# remains z/Architecture specific. On z900 SHA256 was measured to
-# perform 2.4x and SHA512 - 13x better than code generated by gcc 4.3.
-
-$flavour = shift;
-
-if ($flavour =~ /3[12]/) {
-	$SIZE_T=4;
-	$g="";
-} else {
-	$SIZE_T=8;
-	$g="g";
-}
-
-$t0="%r0";
-$t1="%r1";
-$ctx="%r2";	$t2="%r2";
-$inp="%r3";
-$len="%r4";	# used as index in inner loop
-
-$A="%r5";
-$B="%r6";
-$C="%r7";
-$D="%r8";
-$E="%r9";
-$F="%r10";
-$G="%r11";
-$H="%r12";	@V=($A,$B,$C,$D,$E,$F,$G,$H);
-$tbl="%r13";
-$T1="%r14";
-$sp="%r15";
-
-while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
-open STDOUT,">$output";
-
-if ($output =~ /512/) {
-	$label="512";
-	$SZ=8;
-	$LD="lg";	# load from memory
-	$ST="stg";	# store to memory
-	$ADD="alg";	# add with memory operand
-	$ROT="rllg";	# rotate left
-	$SHR="srlg";	# logical right shift [see even at the end]
-	@Sigma0=(25,30,36);
-	@Sigma1=(23,46,50);
-	@sigma0=(56,63, 7);
-	@sigma1=( 3,45, 6);
-	$rounds=80;
-	$kimdfunc=3;	# 0 means unknown/unsupported/unimplemented/disabled
-} else {
-	$label="256";
-	$SZ=4;
-	$LD="llgf";	# load from memory
-	$ST="st";	# store to memory
-	$ADD="al";	# add with memory operand
-	$ROT="rll";	# rotate left
-	$SHR="srl";	# logical right shift
-	@Sigma0=(10,19,30);
-	@Sigma1=( 7,21,26);
-	@sigma0=(14,25, 3);
-	@sigma1=(13,15,10);
-	$rounds=64;
-	$kimdfunc=2;	# magic function code for kimd instruction
-}
-$Func="sha${label}_block_data_order";
-$Table="K${label}";
-$stdframe=16*$SIZE_T+4*8;
-$frame=$stdframe+16*$SZ;
-
-sub BODY_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___ if ($i<16);
-	$LD	$T1,`$i*$SZ`($inp)	### $i
-___
-$code.=<<___;
-	$ROT	$t0,$e,$Sigma1[0]
-	$ROT	$t1,$e,$Sigma1[1]
-	 lgr	$t2,$f
-	xgr	$t0,$t1
-	$ROT	$t1,$t1,`$Sigma1[2]-$Sigma1[1]`
-	 xgr	$t2,$g
-	$ST	$T1,`$stdframe+$SZ*($i%16)`($sp)
-	xgr	$t0,$t1			# Sigma1(e)
-	algr	$T1,$h			# T1+=h
-	 ngr	$t2,$e
-	 lgr	$t1,$a
-	algr	$T1,$t0			# T1+=Sigma1(e)
-	$ROT	$h,$a,$Sigma0[0]
-	 xgr	$t2,$g			# Ch(e,f,g)
-	$ADD	$T1,`$i*$SZ`($len,$tbl)	# T1+=K[i]
-	$ROT	$t0,$a,$Sigma0[1]
-	algr	$T1,$t2			# T1+=Ch(e,f,g)
-	 ogr	$t1,$b
-	xgr	$h,$t0
-	 lgr	$t2,$a
-	 ngr	$t1,$c
-	$ROT	$t0,$t0,`$Sigma0[2]-$Sigma0[1]`
-	xgr	$h,$t0			# h=Sigma0(a)
-	 ngr	$t2,$b
-	algr	$h,$T1			# h+=T1
-	 ogr	$t2,$t1			# Maj(a,b,c)
-	algr	$d,$T1			# d+=T1
-	algr	$h,$t2			# h+=Maj(a,b,c)
-___
-}
-
-sub BODY_16_XX {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___;
-	$LD	$T1,`$stdframe+$SZ*(($i+1)%16)`($sp)	### $i
-	$LD	$t1,`$stdframe+$SZ*(($i+14)%16)`($sp)
-	$ROT	$t0,$T1,$sigma0[0]
-	$SHR	$T1,$sigma0[2]
-	$ROT	$t2,$t0,`$sigma0[1]-$sigma0[0]`
-	xgr	$T1,$t0
-	$ROT	$t0,$t1,$sigma1[0]
-	xgr	$T1,$t2					# sigma0(X[i+1])
-	$SHR	$t1,$sigma1[2]
-	$ADD	$T1,`$stdframe+$SZ*($i%16)`($sp)	# +=X[i]
-	xgr	$t1,$t0
-	$ROT	$t0,$t0,`$sigma1[1]-$sigma1[0]`
-	$ADD	$T1,`$stdframe+$SZ*(($i+9)%16)`($sp)	# +=X[i+9]
-	xgr	$t1,$t0				# sigma1(X[i+14])
-	algr	$T1,$t1				# +=sigma1(X[i+14])
-___
-	&BODY_00_15(@_);
-}
-
-$code.=<<___;
-.text
-.align	64
-.type	$Table,\@object
-$Table:
-___
-$code.=<<___ if ($SZ==4);
-	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-___
-$code.=<<___ if ($SZ==8);
-	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
-	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
-	.quad	0x3956c25bf348b538,0x59f111f1b605d019
-	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
-	.quad	0xd807aa98a3030242,0x12835b0145706fbe
-	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
-	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
-	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
-	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
-	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
-	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
-	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
-	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
-	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
-	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
-	.quad	0x06ca6351e003826f,0x142929670a0e6e70
-	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
-	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
-	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
-	.quad	0x81c2c92e47edaee6,0x92722c851482353b
-	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
-	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
-	.quad	0xd192e819d6ef5218,0xd69906245565a910
-	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
-	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
-	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
-	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
-	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
-	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
-	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
-	.quad	0x90befffa23631e28,0xa4506cebde82bde9
-	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
-	.quad	0xca273eceea26619c,0xd186b8c721c0c207
-	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
-	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
-	.quad	0x113f9804bef90dae,0x1b710b35131c471b
-	.quad	0x28db77f523047d84,0x32caab7b40c72493
-	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
-	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
-	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
-___
-$code.=<<___;
-.size	$Table,.-$Table
-.globl	$Func
-.type	$Func,\@function
-$Func:
-	sllg	$len,$len,`log(16*$SZ)/log(2)`
-___
-$code.=<<___ if ($kimdfunc);
-	larl	%r1,OPENSSL_s390xcap_P
-	lg	%r0,0(%r1)
-	tmhl	%r0,0x4000	# check for message-security assist
-	jz	.Lsoftware
-	lghi	%r0,0
-	la	%r1,`2*$SIZE_T`($sp)
-	.long	0xb93e0002	# kimd %r0,%r2
-	lg	%r0,`2*$SIZE_T`($sp)
-	tmhh	%r0,`0x8000>>$kimdfunc`
-	jz	.Lsoftware
-	lghi	%r0,$kimdfunc
-	lgr	%r1,$ctx
-	lgr	%r2,$inp
-	lgr	%r3,$len
-	.long	0xb93e0002	# kimd %r0,%r2
-	brc	1,.-4		# pay attention to "partial completion"
-	br	%r14
-.align	16
-.Lsoftware:
-___
-$code.=<<___;
-	lghi	%r1,-$frame
-	la	$len,0($len,$inp)
-	stm${g}	$ctx,%r15,`2*$SIZE_T`($sp)
-	lgr	%r0,$sp
-	la	$sp,0(%r1,$sp)
-	st${g}	%r0,0($sp)
-
-	larl	$tbl,$Table
-	$LD	$A,`0*$SZ`($ctx)
-	$LD	$B,`1*$SZ`($ctx)
-	$LD	$C,`2*$SZ`($ctx)
-	$LD	$D,`3*$SZ`($ctx)
-	$LD	$E,`4*$SZ`($ctx)
-	$LD	$F,`5*$SZ`($ctx)
-	$LD	$G,`6*$SZ`($ctx)
-	$LD	$H,`7*$SZ`($ctx)
-
-.Lloop:
-	lghi	$len,0
-___
-for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
-$code.=".Lrounds_16_xx:\n";
-for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	aghi	$len,`16*$SZ`
-	lghi	$t0,`($rounds-16)*$SZ`
-	clgr	$len,$t0
-	jne	.Lrounds_16_xx
-
-	l${g}	$ctx,`$frame+2*$SIZE_T`($sp)
-	la	$inp,`16*$SZ`($inp)
-	$ADD	$A,`0*$SZ`($ctx)
-	$ADD	$B,`1*$SZ`($ctx)
-	$ADD	$C,`2*$SZ`($ctx)
-	$ADD	$D,`3*$SZ`($ctx)
-	$ADD	$E,`4*$SZ`($ctx)
-	$ADD	$F,`5*$SZ`($ctx)
-	$ADD	$G,`6*$SZ`($ctx)
-	$ADD	$H,`7*$SZ`($ctx)
-	$ST	$A,`0*$SZ`($ctx)
-	$ST	$B,`1*$SZ`($ctx)
-	$ST	$C,`2*$SZ`($ctx)
-	$ST	$D,`3*$SZ`($ctx)
-	$ST	$E,`4*$SZ`($ctx)
-	$ST	$F,`5*$SZ`($ctx)
-	$ST	$G,`6*$SZ`($ctx)
-	$ST	$H,`7*$SZ`($ctx)
-	cl${g}	$inp,`$frame+4*$SIZE_T`($sp)
-	jne	.Lloop
-
-	lm${g}	%r6,%r15,`$frame+6*$SIZE_T`($sp)	
-	br	%r14
-.size	$Func,.-$Func
-.string	"SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm	OPENSSL_s390xcap_P,16,8
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-# unlike 32-bit shift 64-bit one takes three arguments
-$code =~ s/(srlg\s+)(%r[0-9]+),/$1$2,$2,/gm;
-
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-sparcv9.pl b/lib/libssl/src/crypto/sha/asm/sha512-sparcv9.pl
deleted file mode 100644
index 585740789e6..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-sparcv9.pl
+++ /dev/null
@@ -1,594 +0,0 @@
-#!/usr/bin/env perl
-
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-
-# SHA256 performance improvement over compiler generated code varies
-# from 40% for Sun C [32-bit build] to 70% for gcc [3.3, 64-bit
-# build]. Just like in SHA1 module I aim to ensure scalability on
-# UltraSPARC T1 by packing X[16] to 8 64-bit registers.
-
-# SHA512 on pre-T1 UltraSPARC.
-#
-# Performance is >75% better than 64-bit code generated by Sun C and
-# over 2x than 32-bit code. X[16] resides on stack, but access to it
-# is scheduled for L2 latency and staged through 32 least significant
-# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
-# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
-# good [optimal coefficient is 50%].
-#
-# SHA512 on UltraSPARC T1.
-#
-# It's not any faster than 64-bit code generated by Sun C 5.8. This is
-# because 64-bit code generator has the advantage of using 64-bit
-# loads(*) to access X[16], which I consciously traded for 32-/64-bit
-# ABI duality [as per above]. But it surpasses 32-bit Sun C generated
-# code by 60%, not to mention that it doesn't suffer from severe decay
-# when running 4 times physical cores threads and that it leaves gcc
-# [3.4] behind by over 4x factor! If compared to SHA256, single thread
-# performance is only 10% better, but overall throughput for maximum
-# amount of threads for given CPU exceeds corresponding one of SHA256
-# by 30% [again, optimal coefficient is 50%].
-#
-# (*)	Unlike pre-T1 UltraSPARC loads on T1 are executed strictly
-#	in-order, i.e. load instruction has to complete prior next
-#	instruction in given thread is executed, even if the latter is
-#	not dependent on load result! This means that on T1 two 32-bit
-#	loads are always slower than one 64-bit load. Once again this
-#	is unlike pre-T1 UltraSPARC, where, if scheduled appropriately,
-#	2x32-bit loads can be as fast as 1x64-bit ones.
-
-$bits=32;
-for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
-if ($bits==64)	{ $bias=2047; $frame=192; }
-else		{ $bias=0;    $frame=112; }
-
-$output=shift;
-open STDOUT,">$output";
-
-if ($output =~ /512/) {
-	$label="512";
-	$SZ=8;
-	$LD="ldx";		# load from memory
-	$ST="stx";		# store to memory
-	$SLL="sllx";		# shift left logical
-	$SRL="srlx";		# shift right logical
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=( 7, 1, 8);	# right shift first
-	@sigma1=( 6,19,61);	# right shift first
-	$lastK=0x817;
-	$rounds=80;
-	$align=4;
-
-	$locals=16*$SZ;		# X[16]
-
-	$A="%o0";
-	$B="%o1";
-	$C="%o2";
-	$D="%o3";
-	$E="%o4";
-	$F="%o5";
-	$G="%g1";
-	$H="%o7";
-	@V=($A,$B,$C,$D,$E,$F,$G,$H);
-} else {
-	$label="256";
-	$SZ=4;
-	$LD="ld";		# load from memory
-	$ST="st";		# store to memory
-	$SLL="sll";		# shift left logical
-	$SRL="srl";		# shift right logical
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 3, 7,18);	# right shift first
-	@sigma1=(10,17,19);	# right shift first
-	$lastK=0x8f2;
-	$rounds=64;
-	$align=8;
-
-	$locals=0;		# X[16] is register resident
-	@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
-	
-	$A="%l0";
-	$B="%l1";
-	$C="%l2";
-	$D="%l3";
-	$E="%l4";
-	$F="%l5";
-	$G="%l6";
-	$H="%l7";
-	@V=($A,$B,$C,$D,$E,$F,$G,$H);
-}
-$T1="%g2";
-$tmp0="%g3";
-$tmp1="%g4";
-$tmp2="%g5";
-
-$ctx="%i0";
-$inp="%i1";
-$len="%i2";
-$Ktbl="%i3";
-$tmp31="%i4";
-$tmp32="%i5";
-
-########### SHA256
-$Xload = sub {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-
-    if ($i==0) {
-$code.=<<___;
-	ldx	[$inp+0],@X[0]
-	ldx	[$inp+16],@X[2]
-	ldx	[$inp+32],@X[4]
-	ldx	[$inp+48],@X[6]
-	ldx	[$inp+8],@X[1]
-	ldx	[$inp+24],@X[3]
-	subcc	%g0,$tmp31,$tmp32 ! should be 64-$tmp31, but -$tmp31 works too
-	ldx	[$inp+40],@X[5]
-	bz,pt	%icc,.Laligned
-	ldx	[$inp+56],@X[7]
-
-	sllx	@X[0],$tmp31,@X[0]
-	ldx	[$inp+64],$T1
-___
-for($j=0;$j<7;$j++)
-{   $code.=<<___;
-	srlx	@X[$j+1],$tmp32,$tmp1
-	sllx	@X[$j+1],$tmp31,@X[$j+1]
-	or	$tmp1,@X[$j],@X[$j]
-___
-}
-$code.=<<___;
-	srlx	$T1,$tmp32,$T1
-	or	$T1,@X[7],@X[7]
-.Laligned:
-___
-    }
-
-    if ($i&1) {
-	$code.="\tadd	@X[$i/2],$h,$T1\n";
-    } else {
-	$code.="\tsrlx	@X[$i/2],32,$T1\n\tadd	$h,$T1,$T1\n";
-    }
-} if ($SZ==4);
-
-########### SHA512
-$Xload = sub {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1),"%l".eval((($i+1)*2)%8));
-
-$code.=<<___ if ($i==0);
-	ld	[$inp+0],%l0
-	ld	[$inp+4],%l1
-	ld	[$inp+8],%l2
-	ld	[$inp+12],%l3
-	ld	[$inp+16],%l4
-	ld	[$inp+20],%l5
-	ld	[$inp+24],%l6
-	ld	[$inp+28],%l7
-___
-$code.=<<___ if ($i<15);
-	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
-	add	$tmp31,32,$tmp0
-	sllx	@pair[0],$tmp0,$tmp1
-	`"ld	[$inp+".eval(32+0+$i*8)."],@pair[0]"	if ($i<12)`
-	srlx	@pair[2],$tmp32,@pair[1]
-	or	$tmp1,$tmp2,$tmp2
-	or	@pair[1],$tmp2,$tmp2
-	`"ld	[$inp+".eval(32+4+$i*8)."],@pair[1]"	if ($i<12)`
-	add	$h,$tmp2,$T1
-	$ST	$tmp2,[%sp+`$bias+$frame+$i*$SZ`]
-___
-$code.=<<___ if ($i==12);
-	brnz,a	$tmp31,.+8
-	ld	[$inp+128],%l0
-___
-$code.=<<___ if ($i==15);
-	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
-	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
-	add	$tmp31,32,$tmp0
-	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
-	sllx	@pair[0],$tmp0,$tmp1
-	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
-	srlx	@pair[2],$tmp32,@pair[1]
-	or	$tmp1,$tmp2,$tmp2
-	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
-	or	@pair[1],$tmp2,$tmp2
-	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
-	add	$h,$tmp2,$T1
-	$ST	$tmp2,[%sp+`$bias+$frame+$i*$SZ`]
-	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
-	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
-	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
-___
-} if ($SZ==8);
-
-########### common
-sub BODY_00_15 {
-my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
-
-    if ($i<16) {
-	&$Xload(@_);
-    } else {
-	$code.="\tadd	$h,$T1,$T1\n";
-    }
-
-$code.=<<___;
-	$SRL	$e,@Sigma1[0],$h	!! $i
-	xor	$f,$g,$tmp2
-	$SLL	$e,`$SZ*8-@Sigma1[2]`,$tmp1
-	and	$e,$tmp2,$tmp2
-	$SRL	$e,@Sigma1[1],$tmp0
-	xor	$tmp1,$h,$h
-	$SLL	$e,`$SZ*8-@Sigma1[1]`,$tmp1
-	xor	$tmp0,$h,$h
-	$SRL	$e,@Sigma1[2],$tmp0
-	xor	$tmp1,$h,$h
-	$SLL	$e,`$SZ*8-@Sigma1[0]`,$tmp1
-	xor	$tmp0,$h,$h
-	xor	$g,$tmp2,$tmp2		! Ch(e,f,g)
-	xor	$tmp1,$h,$tmp0		! Sigma1(e)
-
-	$SRL	$a,@Sigma0[0],$h
-	add	$tmp2,$T1,$T1
-	$LD	[$Ktbl+`$i*$SZ`],$tmp2	! K[$i]
-	$SLL	$a,`$SZ*8-@Sigma0[2]`,$tmp1
-	add	$tmp0,$T1,$T1
-	$SRL	$a,@Sigma0[1],$tmp0
-	xor	$tmp1,$h,$h
-	$SLL	$a,`$SZ*8-@Sigma0[1]`,$tmp1
-	xor	$tmp0,$h,$h
-	$SRL	$a,@Sigma0[2],$tmp0
-	xor	$tmp1,$h,$h	
-	$SLL	$a,`$SZ*8-@Sigma0[0]`,$tmp1
-	xor	$tmp0,$h,$h
-	xor	$tmp1,$h,$h		! Sigma0(a)
-
-	or	$a,$b,$tmp0
-	and	$a,$b,$tmp1
-	and	$c,$tmp0,$tmp0
-	or	$tmp0,$tmp1,$tmp1	! Maj(a,b,c)
-	add	$tmp2,$T1,$T1		! +=K[$i]
-	add	$tmp1,$h,$h
-
-	add	$T1,$d,$d
-	add	$T1,$h,$h
-___
-}
-
-########### SHA256
-$BODY_16_XX = sub {
-my $i=@_[0];
-my $xi;
-
-    if ($i&1) {
-	$xi=$tmp32;
-	$code.="\tsrlx	@X[(($i+1)/2)%8],32,$xi\n";
-    } else {
-	$xi=@X[(($i+1)/2)%8];
-    }
-$code.=<<___;
-	srl	$xi,@sigma0[0],$T1		!! Xupdate($i)
-	sll	$xi,`32-@sigma0[2]`,$tmp1
-	srl	$xi,@sigma0[1],$tmp0
-	xor	$tmp1,$T1,$T1
-	sll	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
-	xor	$tmp0,$T1,$T1
-	srl	$xi,@sigma0[2],$tmp0
-	xor	$tmp1,$T1,$T1
-___
-    if ($i&1) {
-	$xi=@X[(($i+14)/2)%8];
-    } else {
-	$xi=$tmp32;
-	$code.="\tsrlx	@X[(($i+14)/2)%8],32,$xi\n";
-    }
-$code.=<<___;
-	srl	$xi,@sigma1[0],$tmp2
-	xor	$tmp0,$T1,$T1			! T1=sigma0(X[i+1])
-	sll	$xi,`32-@sigma1[2]`,$tmp1
-	srl	$xi,@sigma1[1],$tmp0
-	xor	$tmp1,$tmp2,$tmp2
-	sll	$tmp1,`@sigma1[2]-@sigma1[1]`,$tmp1
-	xor	$tmp0,$tmp2,$tmp2
-	srl	$xi,@sigma1[2],$tmp0
-	xor	$tmp1,$tmp2,$tmp2
-___
-    if ($i&1) {
-	$xi=@X[($i/2)%8];
-$code.=<<___;
-	srlx	@X[(($i+9)/2)%8],32,$tmp1	! X[i+9]
-	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
-	srl	@X[($i/2)%8],0,$tmp0
-	add	$tmp2,$tmp1,$tmp1
-	add	$xi,$T1,$T1			! +=X[i]
-	xor	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
-	add	$tmp1,$T1,$T1
-
-	srl	$T1,0,$T1
-	or	$T1,@X[($i/2)%8],@X[($i/2)%8]
-___
-    } else {
-	$xi=@X[(($i+9)/2)%8];
-$code.=<<___;
-	srlx	@X[($i/2)%8],32,$tmp1		! X[i]
-	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
-	add	$xi,$T1,$T1			! +=X[i+9]
-	add	$tmp2,$tmp1,$tmp1
-	srl	@X[($i/2)%8],0,@X[($i/2)%8]
-	add	$tmp1,$T1,$T1
-
-	sllx	$T1,32,$tmp0
-	or	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
-___
-    }
-    &BODY_00_15(@_);
-} if ($SZ==4);
-
-########### SHA512
-$BODY_16_XX = sub {
-my $i=@_[0];
-my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1));
-
-$code.=<<___;
-	sllx	%l2,32,$tmp0		!! Xupdate($i)
-	or	%l3,$tmp0,$tmp0
-
-	srlx	$tmp0,@sigma0[0],$T1
-	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+0`],%l2
-	sllx	$tmp0,`64-@sigma0[2]`,$tmp1
-	ld	[%sp+`$bias+$frame+(($i+1+1)%16)*$SZ+4`],%l3
-	srlx	$tmp0,@sigma0[1],$tmp0
-	xor	$tmp1,$T1,$T1
-	sllx	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
-	xor	$tmp0,$T1,$T1
-	srlx	$tmp0,`@sigma0[2]-@sigma0[1]`,$tmp0
-	xor	$tmp1,$T1,$T1
-	sllx	%l6,32,$tmp2
-	xor	$tmp0,$T1,$T1		! sigma0(X[$i+1])
-	or	%l7,$tmp2,$tmp2
-
-	srlx	$tmp2,@sigma1[0],$tmp1
-	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+0`],%l6
-	sllx	$tmp2,`64-@sigma1[2]`,$tmp0
-	ld	[%sp+`$bias+$frame+(($i+1+14)%16)*$SZ+4`],%l7
-	srlx	$tmp2,@sigma1[1],$tmp2
-	xor	$tmp0,$tmp1,$tmp1
-	sllx	$tmp0,`@sigma1[2]-@sigma1[1]`,$tmp0
-	xor	$tmp2,$tmp1,$tmp1
-	srlx	$tmp2,`@sigma1[2]-@sigma1[1]`,$tmp2
-	xor	$tmp0,$tmp1,$tmp1
-	sllx	%l4,32,$tmp0
-	xor	$tmp2,$tmp1,$tmp1	! sigma1(X[$i+14])
-	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+0`],%l4
-	or	%l5,$tmp0,$tmp0
-	ld	[%sp+`$bias+$frame+(($i+1+9)%16)*$SZ+4`],%l5
-
-	sllx	%l0,32,$tmp2
-	add	$tmp1,$T1,$T1
-	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+0`],%l0
-	or	%l1,$tmp2,$tmp2
-	add	$tmp0,$T1,$T1		! +=X[$i+9]
-	ld	[%sp+`$bias+$frame+(($i+1+0)%16)*$SZ+4`],%l1
-	add	$tmp2,$T1,$T1		! +=X[$i]
-	$ST	$T1,[%sp+`$bias+$frame+($i%16)*$SZ`]
-___
-    &BODY_00_15(@_);
-} if ($SZ==8);
-
-$code.=<<___ if ($bits==64);
-.register	%g2,#scratch
-.register	%g3,#scratch
-___
-$code.=<<___;
-.section	".text",#alloc,#execinstr
-
-.align	64
-K${label}:
-.type	K${label},#object
-___
-if ($SZ==4) {
-$code.=<<___;
-	.long	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
-	.long	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
-	.long	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
-	.long	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
-	.long	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
-	.long	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
-	.long	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
-	.long	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
-	.long	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
-	.long	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
-	.long	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
-	.long	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
-	.long	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
-	.long	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
-	.long	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
-	.long	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
-___
-} else {
-$code.=<<___;
-	.long	0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
-	.long	0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
-	.long	0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
-	.long	0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
-	.long	0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
-	.long	0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
-	.long	0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
-	.long	0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
-	.long	0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
-	.long	0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
-	.long	0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
-	.long	0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
-	.long	0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
-	.long	0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
-	.long	0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
-	.long	0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
-	.long	0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
-	.long	0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
-	.long	0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
-	.long	0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
-	.long	0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
-	.long	0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
-	.long	0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
-	.long	0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
-	.long	0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
-	.long	0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
-	.long	0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
-	.long	0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
-	.long	0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
-	.long	0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
-	.long	0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
-	.long	0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
-	.long	0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
-	.long	0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
-	.long	0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
-	.long	0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
-	.long	0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
-	.long	0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
-	.long	0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
-	.long	0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
-___
-}
-$code.=<<___;
-.size	K${label},.-K${label}
-.globl	sha${label}_block_data_order
-sha${label}_block_data_order:
-	save	%sp,`-$frame-$locals`,%sp
-	and	$inp,`$align-1`,$tmp31
-	sllx	$len,`log(16*$SZ)/log(2)`,$len
-	andn	$inp,`$align-1`,$inp
-	sll	$tmp31,3,$tmp31
-	add	$inp,$len,$len
-___
-$code.=<<___ if ($SZ==8); # SHA512
-	mov	32,$tmp32
-	sub	$tmp32,$tmp31,$tmp32
-___
-$code.=<<___;
-.Lpic:	call	.+8
-	add	%o7,K${label}-.Lpic,$Ktbl
-
-	$LD	[$ctx+`0*$SZ`],$A
-	$LD	[$ctx+`1*$SZ`],$B
-	$LD	[$ctx+`2*$SZ`],$C
-	$LD	[$ctx+`3*$SZ`],$D
-	$LD	[$ctx+`4*$SZ`],$E
-	$LD	[$ctx+`5*$SZ`],$F
-	$LD	[$ctx+`6*$SZ`],$G
-	$LD	[$ctx+`7*$SZ`],$H
-
-.Lloop:
-___
-for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
-$code.=".L16_xx:\n";
-for (;$i<32;$i++)	{ &$BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
-$code.=<<___;
-	and	$tmp2,0xfff,$tmp2
-	cmp	$tmp2,$lastK
-	bne	.L16_xx
-	add	$Ktbl,`16*$SZ`,$Ktbl	! Ktbl+=16
-
-___
-$code.=<<___ if ($SZ==4); # SHA256
-	$LD	[$ctx+`0*$SZ`],@X[0]
-	$LD	[$ctx+`1*$SZ`],@X[1]
-	$LD	[$ctx+`2*$SZ`],@X[2]
-	$LD	[$ctx+`3*$SZ`],@X[3]
-	$LD	[$ctx+`4*$SZ`],@X[4]
-	$LD	[$ctx+`5*$SZ`],@X[5]
-	$LD	[$ctx+`6*$SZ`],@X[6]
-	$LD	[$ctx+`7*$SZ`],@X[7]
-
-	add	$A,@X[0],$A
-	$ST	$A,[$ctx+`0*$SZ`]
-	add	$B,@X[1],$B
-	$ST	$B,[$ctx+`1*$SZ`]
-	add	$C,@X[2],$C
-	$ST	$C,[$ctx+`2*$SZ`]
-	add	$D,@X[3],$D
-	$ST	$D,[$ctx+`3*$SZ`]
-	add	$E,@X[4],$E
-	$ST	$E,[$ctx+`4*$SZ`]
-	add	$F,@X[5],$F
-	$ST	$F,[$ctx+`5*$SZ`]
-	add	$G,@X[6],$G
-	$ST	$G,[$ctx+`6*$SZ`]
-	add	$H,@X[7],$H
-	$ST	$H,[$ctx+`7*$SZ`]
-___
-$code.=<<___ if ($SZ==8); # SHA512
-	ld	[$ctx+`0*$SZ+0`],%l0
-	ld	[$ctx+`0*$SZ+4`],%l1
-	ld	[$ctx+`1*$SZ+0`],%l2
-	ld	[$ctx+`1*$SZ+4`],%l3
-	ld	[$ctx+`2*$SZ+0`],%l4
-	ld	[$ctx+`2*$SZ+4`],%l5
-	ld	[$ctx+`3*$SZ+0`],%l6
-
-	sllx	%l0,32,$tmp0
-	ld	[$ctx+`3*$SZ+4`],%l7
-	sllx	%l2,32,$tmp1
-	or	%l1,$tmp0,$tmp0
-	or	%l3,$tmp1,$tmp1
-	add	$tmp0,$A,$A
-	add	$tmp1,$B,$B
-	$ST	$A,[$ctx+`0*$SZ`]
-	sllx	%l4,32,$tmp2
-	$ST	$B,[$ctx+`1*$SZ`]
-	sllx	%l6,32,$T1
-	or	%l5,$tmp2,$tmp2
-	or	%l7,$T1,$T1
-	add	$tmp2,$C,$C
-	$ST	$C,[$ctx+`2*$SZ`]
-	add	$T1,$D,$D
-	$ST	$D,[$ctx+`3*$SZ`]
-
-	ld	[$ctx+`4*$SZ+0`],%l0
-	ld	[$ctx+`4*$SZ+4`],%l1
-	ld	[$ctx+`5*$SZ+0`],%l2
-	ld	[$ctx+`5*$SZ+4`],%l3
-	ld	[$ctx+`6*$SZ+0`],%l4
-	ld	[$ctx+`6*$SZ+4`],%l5
-	ld	[$ctx+`7*$SZ+0`],%l6
-
-	sllx	%l0,32,$tmp0
-	ld	[$ctx+`7*$SZ+4`],%l7
-	sllx	%l2,32,$tmp1
-	or	%l1,$tmp0,$tmp0
-	or	%l3,$tmp1,$tmp1
-	add	$tmp0,$E,$E
-	add	$tmp1,$F,$F
-	$ST	$E,[$ctx+`4*$SZ`]
-	sllx	%l4,32,$tmp2
-	$ST	$F,[$ctx+`5*$SZ`]
-	sllx	%l6,32,$T1
-	or	%l5,$tmp2,$tmp2
-	or	%l7,$T1,$T1
-	add	$tmp2,$G,$G
-	$ST	$G,[$ctx+`6*$SZ`]
-	add	$T1,$H,$H
-	$ST	$H,[$ctx+`7*$SZ`]
-___
-$code.=<<___;
-	add	$inp,`16*$SZ`,$inp		! advance inp
-	cmp	$inp,$len
-	bne	`$bits==64?"%xcc":"%icc"`,.Lloop
-	sub	$Ktbl,`($rounds-16)*$SZ`,$Ktbl	! rewind Ktbl
-
-	ret
-	restore
-.type	sha${label}_block_data_order,#function
-.size	sha${label}_block_data_order,(.-sha${label}_block_data_order)
-.asciz	"SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
-.align	4
-___
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/asm/sha512-x86_64.pl b/lib/libssl/src/crypto/sha/asm/sha512-x86_64.pl
deleted file mode 100755
index feb0f9e7767..00000000000
--- a/lib/libssl/src/crypto/sha/asm/sha512-x86_64.pl
+++ /dev/null
@@ -1,342 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# sha256/512_block procedure for x86_64.
-#
-# 40% improvement over compiler-generated code on Opteron. On EM64T
-# sha256 was observed to run >80% faster and sha512 - >40%. No magical
-# tricks, just straight implementation... I really wonder why gcc
-# [being armed with inline assembler] fails to generate as fast code.
-# The only thing which is cool about this module is that it's very
-# same instruction sequence used for both SHA-256 and SHA-512. In
-# former case the instructions operate on 32-bit operands, while in
-# latter - on 64-bit ones. All I had to do is to get one flavor right,
-# the other one passed the test right away:-)
-#
-# sha256_block runs in ~1005 cycles on Opteron, which gives you
-# asymptotic performance of 64*1000/1005=63.7MBps times CPU clock
-# frequency in GHz. sha512_block runs in ~1275 cycles, which results
-# in 128*1000/1275=100MBps per GHz. Is there room for improvement?
-# Well, if you compare it to IA-64 implementation, which maintains
-# X[16] in register bank[!], tends to 4 instructions per CPU clock
-# cycle and runs in 1003 cycles, 1275 is very good result for 3-way
-# issue Opteron pipeline and X[16] maintained in memory. So that *if*
-# there is a way to improve it, *then* the only way would be to try to
-# offload X[16] updates to SSE unit, but that would require "deeper"
-# loop unroll, which in turn would naturally cause size blow-up, not
-# to mention increased complexity! And once again, only *if* it's
-# actually possible to noticeably improve overall ILP, instruction
-# level parallelism, on a given CPU implementation in this case.
-#
-# Special note on Intel EM64T. While Opteron CPU exhibits perfect
-# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above],
-# [currently available] EM64T CPUs apparently are far from it. On the
-# contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit
-# sha256_block:-( This is presumably because 64-bit shifts/rotates
-# apparently are not atomic instructions, but implemented in microcode.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-if ($output =~ /512/) {
-	$func="sha512_block_data_order";
-	$TABLE="K512";
-	$SZ=8;
-	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx",
-					"%r8", "%r9", "%r10","%r11");
-	($T1,$a0,$a1,$a2)=("%r12","%r13","%r14","%r15");
-	@Sigma0=(28,34,39);
-	@Sigma1=(14,18,41);
-	@sigma0=(1,  8, 7);
-	@sigma1=(19,61, 6);
-	$rounds=80;
-} else {
-	$func="sha256_block_data_order";
-	$TABLE="K256";
-	$SZ=4;
-	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
-					"%r8d","%r9d","%r10d","%r11d");
-	($T1,$a0,$a1,$a2)=("%r12d","%r13d","%r14d","%r15d");
-	@Sigma0=( 2,13,22);
-	@Sigma1=( 6,11,25);
-	@sigma0=( 7,18, 3);
-	@sigma1=(17,19,10);
-	$rounds=64;
-}
-
-$ctx="%rdi";	# 1st arg
-$round="%rdi";	# zaps $ctx
-$inp="%rsi";	# 2nd arg
-$Tbl="%rbp";
-
-$_ctx="16*$SZ+0*8(%rsp)";
-$_inp="16*$SZ+1*8(%rsp)";
-$_end="16*$SZ+2*8(%rsp)";
-$_rsp="16*$SZ+3*8(%rsp)";
-$framesz="16*$SZ+4*8";
-
-
-sub ROUND_00_15()
-{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___;
-	ror	\$`$Sigma1[2]-$Sigma1[1]`,$a0
-	mov	$f,$a2
-	mov	$T1,`$SZ*($i&0xf)`(%rsp)
-
-	ror	\$`$Sigma0[2]-$Sigma0[1]`,$a1
-	xor	$e,$a0
-	xor	$g,$a2			# f^g
-
-	ror	\$`$Sigma1[1]-$Sigma1[0]`,$a0
-	add	$h,$T1			# T1+=h
-	xor	$a,$a1
-
-	add	($Tbl,$round,$SZ),$T1	# T1+=K[round]
-	and	$e,$a2			# (f^g)&e
-	mov	$b,$h
-
-	ror	\$`$Sigma0[1]-$Sigma0[0]`,$a1
-	xor	$e,$a0
-	xor	$g,$a2			# Ch(e,f,g)=((f^g)&e)^g
-
-	xor	$c,$h			# b^c
-	xor	$a,$a1
-	add	$a2,$T1			# T1+=Ch(e,f,g)
-	mov	$b,$a2
-
-	ror	\$$Sigma1[0],$a0	# Sigma1(e)
-	and	$a,$h			# h=(b^c)&a
-	and	$c,$a2			# b&c
-
-	ror	\$$Sigma0[0],$a1	# Sigma0(a)
-	add	$a0,$T1			# T1+=Sigma1(e)
-	add	$a2,$h			# h+=b&c (completes +=Maj(a,b,c)
-
-	add	$T1,$d			# d+=T1
-	add	$T1,$h			# h+=T1
-	lea	1($round),$round	# round++
-	add	$a1,$h			# h+=Sigma0(a)
-
-___
-}
-
-sub ROUND_16_XX()
-{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
-
-$code.=<<___;
-	mov	`$SZ*(($i+1)&0xf)`(%rsp),$a0
-	mov	`$SZ*(($i+14)&0xf)`(%rsp),$a1
-	mov	$a0,$T1
-	mov	$a1,$a2
-
-	ror	\$`$sigma0[1]-$sigma0[0]`,$T1
-	xor	$a0,$T1
-	shr	\$$sigma0[2],$a0
-
-	ror	\$$sigma0[0],$T1
-	xor	$T1,$a0			# sigma0(X[(i+1)&0xf])
-	mov	`$SZ*(($i+9)&0xf)`(%rsp),$T1
-
-	ror	\$`$sigma1[1]-$sigma1[0]`,$a2
-	xor	$a1,$a2
-	shr	\$$sigma1[2],$a1
-
-	ror	\$$sigma1[0],$a2
-	add	$a0,$T1
-	xor	$a2,$a1			# sigma1(X[(i+14)&0xf])
-
-	add	`$SZ*($i&0xf)`(%rsp),$T1
-	mov	$e,$a0
-	add	$a1,$T1
-	mov	$a,$a1
-___
-	&ROUND_00_15(@_);
-}
-
-$code=<<___;
-.text
-
-.globl	$func
-.type	$func,\@function,4
-.align	16
-$func:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	mov	%rsp,%r11		# copy %rsp
-	shl	\$4,%rdx		# num*16
-	sub	\$$framesz,%rsp
-	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
-	and	\$-64,%rsp		# align stack frame
-	mov	$ctx,$_ctx		# save ctx, 1st arg
-	mov	$inp,$_inp		# save inp, 2nd arh
-	mov	%rdx,$_end		# save end pointer, "3rd" arg
-	mov	%r11,$_rsp		# save copy of %rsp
-.Lprologue:
-
-	lea	$TABLE(%rip),$Tbl
-
-	mov	$SZ*0($ctx),$A
-	mov	$SZ*1($ctx),$B
-	mov	$SZ*2($ctx),$C
-	mov	$SZ*3($ctx),$D
-	mov	$SZ*4($ctx),$E
-	mov	$SZ*5($ctx),$F
-	mov	$SZ*6($ctx),$G
-	mov	$SZ*7($ctx),$H
-	jmp	.Lloop
-
-.align	16
-.Lloop:
-	xor	$round,$round
-___
-	for($i=0;$i<16;$i++) {
-		$code.="	mov	$SZ*$i($inp),$T1\n";
-		$code.="	mov	@ROT[4],$a0\n";
-		$code.="	mov	@ROT[0],$a1\n";
-		$code.="	bswap	$T1\n";
-		&ROUND_00_15($i,@ROT);
-		unshift(@ROT,pop(@ROT));
-	}
-$code.=<<___;
-	jmp	.Lrounds_16_xx
-.align	16
-.Lrounds_16_xx:
-___
-	for(;$i<32;$i++) {
-		&ROUND_16_XX($i,@ROT);
-		unshift(@ROT,pop(@ROT));
-	}
-
-$code.=<<___;
-	cmp	\$$rounds,$round
-	jb	.Lrounds_16_xx
-
-	mov	$_ctx,$ctx
-	lea	16*$SZ($inp),$inp
-
-	add	$SZ*0($ctx),$A
-	add	$SZ*1($ctx),$B
-	add	$SZ*2($ctx),$C
-	add	$SZ*3($ctx),$D
-	add	$SZ*4($ctx),$E
-	add	$SZ*5($ctx),$F
-	add	$SZ*6($ctx),$G
-	add	$SZ*7($ctx),$H
-
-	cmp	$_end,$inp
-
-	mov	$A,$SZ*0($ctx)
-	mov	$B,$SZ*1($ctx)
-	mov	$C,$SZ*2($ctx)
-	mov	$D,$SZ*3($ctx)
-	mov	$E,$SZ*4($ctx)
-	mov	$F,$SZ*5($ctx)
-	mov	$G,$SZ*6($ctx)
-	mov	$H,$SZ*7($ctx)
-	jb	.Lloop
-
-	mov	$_rsp,%rsi
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lepilogue:
-	ret
-.size	$func,.-$func
-___
-
-if ($SZ==4) {
-$code.=<<___;
-.align	64
-.type	$TABLE,\@object
-$TABLE:
-	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
-	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
-	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
-	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
-	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
-	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
-	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
-	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
-	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
-	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
-	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
-	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
-	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
-	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
-	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
-	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
-___
-} else {
-$code.=<<___;
-.align	64
-.type	$TABLE,\@object
-$TABLE:
-	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
-	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
-	.quad	0x3956c25bf348b538,0x59f111f1b605d019
-	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
-	.quad	0xd807aa98a3030242,0x12835b0145706fbe
-	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
-	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
-	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
-	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
-	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
-	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
-	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
-	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
-	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
-	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
-	.quad	0x06ca6351e003826f,0x142929670a0e6e70
-	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
-	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
-	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
-	.quad	0x81c2c92e47edaee6,0x92722c851482353b
-	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
-	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
-	.quad	0xd192e819d6ef5218,0xd69906245565a910
-	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
-	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
-	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
-	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
-	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
-	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
-	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
-	.quad	0x90befffa23631e28,0xa4506cebde82bde9
-	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
-	.quad	0xca273eceea26619c,0xd186b8c721c0c207
-	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
-	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
-	.quad	0x113f9804bef90dae,0x1b710b35131c471b
-	.quad	0x28db77f523047d84,0x32caab7b40c72493
-	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
-	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
-	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/sha/sha.h b/lib/libssl/src/crypto/sha/sha.h
deleted file mode 100644
index 87fdf8d186f..00000000000
--- a/lib/libssl/src/crypto/sha/sha.h
+++ /dev/null
@@ -1,192 +0,0 @@
-/* $OpenBSD: sha.h,v 1.21 2015/09/13 21:09:56 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stddef.h>
-
-#ifndef HEADER_SHA_H
-#define HEADER_SHA_H
-#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__OpenBSD__)
-#define __bounded__(x, y, z)
-#endif
-
-#include <openssl/opensslconf.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA1)
-#error SHA is disabled.
-#endif
-
-/*
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- * ! SHA_LONG has to be at least 32 bits wide.                    !
- * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
- */
-
-#define SHA_LONG unsigned int
-
-#define SHA_LBLOCK	16
-#define SHA_CBLOCK	(SHA_LBLOCK*4)	/* SHA treats input data as a
-					 * contiguous array of 32 bit
-					 * wide big-endian values. */
-#define SHA_LAST_BLOCK  (SHA_CBLOCK-8)
-#define SHA_DIGEST_LENGTH 20
-
-typedef struct SHAstate_st
-	{
-	SHA_LONG h0,h1,h2,h3,h4;
-	SHA_LONG Nl,Nh;
-	SHA_LONG data[SHA_LBLOCK];
-	unsigned int num;
-	} SHA_CTX;
-
-#ifndef OPENSSL_NO_SHA1
-int SHA1_Init(SHA_CTX *c);
-int SHA1_Update(SHA_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA1_Final(unsigned char *md, SHA_CTX *c);
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
-#endif
-
-#define SHA256_CBLOCK	(SHA_LBLOCK*4)	/* SHA-256 treats input data as a
-					 * contiguous array of 32 bit
-					 * wide big-endian values. */
-#define SHA224_DIGEST_LENGTH	28
-#define SHA256_DIGEST_LENGTH	32
-
-typedef struct SHA256state_st
-	{
-	SHA_LONG h[8];
-	SHA_LONG Nl,Nh;
-	SHA_LONG data[SHA_LBLOCK];
-	unsigned int num,md_len;
-	} SHA256_CTX;
-
-#ifndef OPENSSL_NO_SHA256
-int SHA224_Init(SHA256_CTX *c);
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA224_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA224(const unsigned char *d, size_t n,unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-int SHA256_Init(SHA256_CTX *c);
-int SHA256_Update(SHA256_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA256_Final(unsigned char *md, SHA256_CTX *c);
-unsigned char *SHA256(const unsigned char *d, size_t n,unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
-#endif
-
-#define SHA384_DIGEST_LENGTH	48
-#define SHA512_DIGEST_LENGTH	64
-
-#ifndef OPENSSL_NO_SHA512
-/*
- * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
- * being exactly 64-bit wide. See Implementation Notes in sha512.c
- * for further details.
- */
-#define SHA512_CBLOCK	(SHA_LBLOCK*8)	/* SHA-512 treats input data as a
-					 * contiguous array of 64 bit
-					 * wide big-endian values. */
-#if defined(_LP64)
-#define SHA_LONG64 unsigned long
-#define U64(C)     C##UL
-#else
-#define SHA_LONG64 unsigned long long
-#define U64(C)     C##ULL
-#endif
-
-typedef struct SHA512state_st
-	{
-	SHA_LONG64 h[8];
-	SHA_LONG64 Nl,Nh;
-	union {
-		SHA_LONG64	d[SHA_LBLOCK];
-		unsigned char	p[SHA512_CBLOCK];
-	} u;
-	unsigned int num,md_len;
-	} SHA512_CTX;
-#endif
-
-#ifndef OPENSSL_NO_SHA512
-int SHA384_Init(SHA512_CTX *c);
-int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA384_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA384(const unsigned char *d, size_t n,unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-int SHA512_Init(SHA512_CTX *c);
-int SHA512_Update(SHA512_CTX *c, const void *data, size_t len)
-	__attribute__ ((__bounded__(__buffer__,2,3)));
-int SHA512_Final(unsigned char *md, SHA512_CTX *c);
-unsigned char *SHA512(const unsigned char *d, size_t n,unsigned char *md)
-	__attribute__ ((__bounded__(__buffer__,1,2)));
-void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
-#endif
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/sha/sha1_one.c b/lib/libssl/src/crypto/sha/sha1_one.c
deleted file mode 100644
index 91602ee5037..00000000000
--- a/lib/libssl/src/crypto/sha/sha1_one.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/* $OpenBSD: sha1_one.c,v 1.12 2015/09/10 15:56:26 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-
-#ifndef OPENSSL_NO_SHA1
-unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA_CTX c;
-	static unsigned char m[SHA_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	if (!SHA1_Init(&c))
-		return NULL;
-	SHA1_Update(&c,d,n);
-	SHA1_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-#endif
diff --git a/lib/libssl/src/crypto/sha/sha1dgst.c b/lib/libssl/src/crypto/sha/sha1dgst.c
deleted file mode 100644
index 583d1068ba4..00000000000
--- a/lib/libssl/src/crypto/sha/sha1dgst.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* $OpenBSD: sha1dgst.c,v 1.14 2015/09/13 21:09:56 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-
-#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
-
-#include <openssl/opensslv.h>
-
-/* The implementation is in ../md32_common.h */
-
-#include "sha_locl.h"
-
-#endif
-
diff --git a/lib/libssl/src/crypto/sha/sha256.c b/lib/libssl/src/crypto/sha/sha256.c
deleted file mode 100644
index d584660369c..00000000000
--- a/lib/libssl/src/crypto/sha/sha256.c
+++ /dev/null
@@ -1,284 +0,0 @@
-/* $OpenBSD: sha256.c,v 1.9 2015/09/10 15:56:26 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
-
-#include <machine/endian.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/crypto.h>
-#include <openssl/sha.h>
-#include <openssl/opensslv.h>
-
-int SHA224_Init(SHA256_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->h[0]=0xc1059ed8UL;	c->h[1]=0x367cd507UL;
-	c->h[2]=0x3070dd17UL;	c->h[3]=0xf70e5939UL;
-	c->h[4]=0xffc00b31UL;	c->h[5]=0x68581511UL;
-	c->h[6]=0x64f98fa7UL;	c->h[7]=0xbefa4fa4UL;
-	c->md_len=SHA224_DIGEST_LENGTH;
-	return 1;
-	}
-
-int SHA256_Init(SHA256_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->h[0]=0x6a09e667UL;	c->h[1]=0xbb67ae85UL;
-	c->h[2]=0x3c6ef372UL;	c->h[3]=0xa54ff53aUL;
-	c->h[4]=0x510e527fUL;	c->h[5]=0x9b05688cUL;
-	c->h[6]=0x1f83d9abUL;	c->h[7]=0x5be0cd19UL;
-	c->md_len=SHA256_DIGEST_LENGTH;
-	return 1;
-	}
-
-unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA256_CTX c;
-	static unsigned char m[SHA224_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA224_Init(&c);
-	SHA256_Update(&c,d,n);
-	SHA256_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
-unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA256_CTX c;
-	static unsigned char m[SHA256_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA256_Init(&c);
-	SHA256_Update(&c,d,n);
-	SHA256_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
-int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
-{   return SHA256_Update (c,data,len);   }
-int SHA224_Final (unsigned char *md, SHA256_CTX *c)
-{   return SHA256_Final (md,c);   }
-
-#define	DATA_ORDER_IS_BIG_ENDIAN
-
-#define	HASH_LONG		SHA_LONG
-#define	HASH_CTX		SHA256_CTX
-#define	HASH_CBLOCK		SHA_CBLOCK
-/*
- * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
- * default: case below covers for it. It's not clear however if it's
- * permitted to truncate to amount of bytes not divisible by 4. I bet not,
- * but if it is, then default: case shall be extended. For reference.
- * Idea behind separate cases for pre-defined lenghts is to let the
- * compiler decide if it's appropriate to unroll small loops.
- */
-#define	HASH_MAKE_STRING(c,s)	do {	\
-	unsigned long ll;		\
-	unsigned int  nn;		\
-	switch ((c)->md_len)		\
-	{   case SHA224_DIGEST_LENGTH:	\
-		for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++)	\
-		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
-		break;			\
-	    case SHA256_DIGEST_LENGTH:	\
-		for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++)	\
-		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
-		break;			\
-	    default:			\
-		if ((c)->md_len > SHA256_DIGEST_LENGTH)	\
-		    return 0;				\
-		for (nn=0;nn<(c)->md_len/4;nn++)		\
-		{   ll=(c)->h[nn]; HOST_l2c(ll,(s));   }	\
-		break;			\
-	}				\
-	} while (0)
-
-#define	HASH_UPDATE		SHA256_Update
-#define	HASH_TRANSFORM		SHA256_Transform
-#define	HASH_FINAL		SHA256_Final
-#define	HASH_BLOCK_DATA_ORDER	sha256_block_data_order
-#ifndef SHA256_ASM
-static
-#endif
-void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num);
-
-#include "md32_common.h"
-
-#ifndef SHA256_ASM
-static const SHA_LONG K256[64] = {
-	0x428a2f98UL,0x71374491UL,0xb5c0fbcfUL,0xe9b5dba5UL,
-	0x3956c25bUL,0x59f111f1UL,0x923f82a4UL,0xab1c5ed5UL,
-	0xd807aa98UL,0x12835b01UL,0x243185beUL,0x550c7dc3UL,
-	0x72be5d74UL,0x80deb1feUL,0x9bdc06a7UL,0xc19bf174UL,
-	0xe49b69c1UL,0xefbe4786UL,0x0fc19dc6UL,0x240ca1ccUL,
-	0x2de92c6fUL,0x4a7484aaUL,0x5cb0a9dcUL,0x76f988daUL,
-	0x983e5152UL,0xa831c66dUL,0xb00327c8UL,0xbf597fc7UL,
-	0xc6e00bf3UL,0xd5a79147UL,0x06ca6351UL,0x14292967UL,
-	0x27b70a85UL,0x2e1b2138UL,0x4d2c6dfcUL,0x53380d13UL,
-	0x650a7354UL,0x766a0abbUL,0x81c2c92eUL,0x92722c85UL,
-	0xa2bfe8a1UL,0xa81a664bUL,0xc24b8b70UL,0xc76c51a3UL,
-	0xd192e819UL,0xd6990624UL,0xf40e3585UL,0x106aa070UL,
-	0x19a4c116UL,0x1e376c08UL,0x2748774cUL,0x34b0bcb5UL,
-	0x391c0cb3UL,0x4ed8aa4aUL,0x5b9cca4fUL,0x682e6ff3UL,
-	0x748f82eeUL,0x78a5636fUL,0x84c87814UL,0x8cc70208UL,
-	0x90befffaUL,0xa4506cebUL,0xbef9a3f7UL,0xc67178f2UL };
-
-/*
- * FIPS specification refers to right rotations, while our ROTATE macro
- * is left one. This is why you might notice that rotation coefficients
- * differ from those observed in FIPS document by 32-N...
- */
-#define Sigma0(x)	(ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
-#define Sigma1(x)	(ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
-#define sigma0(x)	(ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
-#define sigma1(x)	(ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
-
-#define Ch(x,y,z)	(((x) & (y)) ^ ((~(x)) & (z)))
-#define Maj(x,y,z)	(((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-#ifdef OPENSSL_SMALL_FOOTPRINT
-
-static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
-	{
-	unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1,T2;
-	SHA_LONG	X[16],l;
-	int i;
-	const unsigned char *data=in;
-
-			while (num--) {
-
-	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
-	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
-
-	for (i=0;i<16;i++)
-		{
-		HOST_c2l(data,l); T1 = X[i] = l;
-		T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
-		T2 = Sigma0(a) + Maj(a,b,c);
-		h = g;	g = f;	f = e;	e = d + T1;
-		d = c;	c = b;	b = a;	a = T1 + T2;
-		}
-
-	for (;i<64;i++)
-		{
-		s0 = X[(i+1)&0x0f];	s0 = sigma0(s0);
-		s1 = X[(i+14)&0x0f];	s1 = sigma1(s1);
-
-		T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
-		T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];
-		T2 = Sigma0(a) + Maj(a,b,c);
-		h = g;	g = f;	f = e;	e = d + T1;
-		d = c;	c = b;	b = a;	a = T1 + T2;
-		}
-
-	ctx->h[0] += a;	ctx->h[1] += b;	ctx->h[2] += c;	ctx->h[3] += d;
-	ctx->h[4] += e;	ctx->h[5] += f;	ctx->h[6] += g;	ctx->h[7] += h;
-
-			}
-}
-
-#else
-
-#define	ROUND_00_15(i,a,b,c,d,e,f,g,h)		do {	\
-	T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];	\
-	h = Sigma0(a) + Maj(a,b,c);			\
-	d += T1;	h += T1;		} while (0)
-
-#define	ROUND_16_63(i,a,b,c,d,e,f,g,h,X)	do {	\
-	s0 = X[(i+1)&0x0f];	s0 = sigma0(s0);	\
-	s1 = X[(i+14)&0x0f];	s1 = sigma1(s1);	\
-	T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];	\
-	ROUND_00_15(i,a,b,c,d,e,f,g,h);		} while (0)
-
-static void sha256_block_data_order (SHA256_CTX *ctx, const void *in, size_t num)
-	{
-	unsigned MD32_REG_T a,b,c,d,e,f,g,h,s0,s1,T1;
-	SHA_LONG	X[16];
-	int i;
-	const unsigned char *data=in;
-
-			while (num--) {
-
-	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
-	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
-
-	if (BYTE_ORDER != LITTLE_ENDIAN &&
-	    sizeof(SHA_LONG)==4 && ((size_t)in%4)==0)
-		{
-		const SHA_LONG *W=(const SHA_LONG *)data;
-
-		T1 = X[0] = W[0];	ROUND_00_15(0,a,b,c,d,e,f,g,h);
-		T1 = X[1] = W[1];	ROUND_00_15(1,h,a,b,c,d,e,f,g);
-		T1 = X[2] = W[2];	ROUND_00_15(2,g,h,a,b,c,d,e,f);
-		T1 = X[3] = W[3];	ROUND_00_15(3,f,g,h,a,b,c,d,e);
-		T1 = X[4] = W[4];	ROUND_00_15(4,e,f,g,h,a,b,c,d);
-		T1 = X[5] = W[5];	ROUND_00_15(5,d,e,f,g,h,a,b,c);
-		T1 = X[6] = W[6];	ROUND_00_15(6,c,d,e,f,g,h,a,b);
-		T1 = X[7] = W[7];	ROUND_00_15(7,b,c,d,e,f,g,h,a);
-		T1 = X[8] = W[8];	ROUND_00_15(8,a,b,c,d,e,f,g,h);
-		T1 = X[9] = W[9];	ROUND_00_15(9,h,a,b,c,d,e,f,g);
-		T1 = X[10] = W[10];	ROUND_00_15(10,g,h,a,b,c,d,e,f);
-		T1 = X[11] = W[11];	ROUND_00_15(11,f,g,h,a,b,c,d,e);
-		T1 = X[12] = W[12];	ROUND_00_15(12,e,f,g,h,a,b,c,d);
-		T1 = X[13] = W[13];	ROUND_00_15(13,d,e,f,g,h,a,b,c);
-		T1 = X[14] = W[14];	ROUND_00_15(14,c,d,e,f,g,h,a,b);
-		T1 = X[15] = W[15];	ROUND_00_15(15,b,c,d,e,f,g,h,a);
-
-		data += SHA256_CBLOCK;
-		}
-	else
-		{
-		SHA_LONG l;
-
-		HOST_c2l(data,l); T1 = X[0] = l;  ROUND_00_15(0,a,b,c,d,e,f,g,h);
-		HOST_c2l(data,l); T1 = X[1] = l;  ROUND_00_15(1,h,a,b,c,d,e,f,g);
-		HOST_c2l(data,l); T1 = X[2] = l;  ROUND_00_15(2,g,h,a,b,c,d,e,f);
-		HOST_c2l(data,l); T1 = X[3] = l;  ROUND_00_15(3,f,g,h,a,b,c,d,e);
-		HOST_c2l(data,l); T1 = X[4] = l;  ROUND_00_15(4,e,f,g,h,a,b,c,d);
-		HOST_c2l(data,l); T1 = X[5] = l;  ROUND_00_15(5,d,e,f,g,h,a,b,c);
-		HOST_c2l(data,l); T1 = X[6] = l;  ROUND_00_15(6,c,d,e,f,g,h,a,b);
-		HOST_c2l(data,l); T1 = X[7] = l;  ROUND_00_15(7,b,c,d,e,f,g,h,a);
-		HOST_c2l(data,l); T1 = X[8] = l;  ROUND_00_15(8,a,b,c,d,e,f,g,h);
-		HOST_c2l(data,l); T1 = X[9] = l;  ROUND_00_15(9,h,a,b,c,d,e,f,g);
-		HOST_c2l(data,l); T1 = X[10] = l; ROUND_00_15(10,g,h,a,b,c,d,e,f);
-		HOST_c2l(data,l); T1 = X[11] = l; ROUND_00_15(11,f,g,h,a,b,c,d,e);
-		HOST_c2l(data,l); T1 = X[12] = l; ROUND_00_15(12,e,f,g,h,a,b,c,d);
-		HOST_c2l(data,l); T1 = X[13] = l; ROUND_00_15(13,d,e,f,g,h,a,b,c);
-		HOST_c2l(data,l); T1 = X[14] = l; ROUND_00_15(14,c,d,e,f,g,h,a,b);
-		HOST_c2l(data,l); T1 = X[15] = l; ROUND_00_15(15,b,c,d,e,f,g,h,a);
-		}
-
-	for (i=16;i<64;i+=8)
-		{
-		ROUND_16_63(i+0,a,b,c,d,e,f,g,h,X);
-		ROUND_16_63(i+1,h,a,b,c,d,e,f,g,X);
-		ROUND_16_63(i+2,g,h,a,b,c,d,e,f,X);
-		ROUND_16_63(i+3,f,g,h,a,b,c,d,e,X);
-		ROUND_16_63(i+4,e,f,g,h,a,b,c,d,X);
-		ROUND_16_63(i+5,d,e,f,g,h,a,b,c,X);
-		ROUND_16_63(i+6,c,d,e,f,g,h,a,b,X);
-		ROUND_16_63(i+7,b,c,d,e,f,g,h,a,X);
-		}
-
-	ctx->h[0] += a;	ctx->h[1] += b;	ctx->h[2] += c;	ctx->h[3] += d;
-	ctx->h[4] += e;	ctx->h[5] += f;	ctx->h[6] += g;	ctx->h[7] += h;
-
-			}
-	}
-
-#endif
-#endif /* SHA256_ASM */
-
-#endif /* OPENSSL_NO_SHA256 */
diff --git a/lib/libssl/src/crypto/sha/sha512.c b/lib/libssl/src/crypto/sha/sha512.c
deleted file mode 100644
index 7a55c0acc9d..00000000000
--- a/lib/libssl/src/crypto/sha/sha512.c
+++ /dev/null
@@ -1,558 +0,0 @@
-/* $OpenBSD: sha512.c,v 1.14 2015/09/10 15:56:26 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
- * according to the OpenSSL license [found in ../../LICENSE].
- * ====================================================================
- */
-
-#include <machine/endian.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
-/*
- * IMPLEMENTATION NOTES.
- *
- * As you might have noticed 32-bit hash algorithms:
- *
- * - permit SHA_LONG to be wider than 32-bit (case on CRAY);
- * - optimized versions implement two transform functions: one operating
- *   on [aligned] data in host byte order and one - on data in input
- *   stream byte order;
- * - share common byte-order neutral collector and padding function
- *   implementations, ../md32_common.h;
- *
- * Neither of the above applies to this SHA-512 implementations. Reasons
- * [in reverse order] are:
- *
- * - it's the only 64-bit hash algorithm for the moment of this writing,
- *   there is no need for common collector/padding implementation [yet];
- * - by supporting only one transform function [which operates on
- *   *aligned* data in input stream byte order, big-endian in this case]
- *   we minimize burden of maintenance in two ways: a) collector/padding
- *   function is simpler; b) only one transform function to stare at;
- * - SHA_LONG64 is required to be exactly 64-bit in order to be able to
- *   apply a number of optimizations to mitigate potential performance
- *   penalties caused by previous design decision;
- *
- * Caveat lector.
- *
- * Implementation relies on the fact that "long long" is 64-bit on
- * both 32- and 64-bit platforms. If some compiler vendor comes up
- * with 128-bit long long, adjustment to sha.h would be required.
- * As this implementation relies on 64-bit integer type, it's totally
- * inappropriate for platforms which don't support it, most notably
- * 16-bit platforms.
- *					<appro@fy.chalmers.se>
- */
-
-#include <openssl/crypto.h>
-#include <openssl/opensslv.h>
-#include <openssl/sha.h>
-
-#if !defined(__STRICT_ALIGNMENT) || defined(SHA512_ASM)
-#define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-#endif
-
-int SHA384_Init(SHA512_CTX *c)
-	{
-	c->h[0]=U64(0xcbbb9d5dc1059ed8);
-	c->h[1]=U64(0x629a292a367cd507);
-	c->h[2]=U64(0x9159015a3070dd17);
-	c->h[3]=U64(0x152fecd8f70e5939);
-	c->h[4]=U64(0x67332667ffc00b31);
-	c->h[5]=U64(0x8eb44a8768581511);
-	c->h[6]=U64(0xdb0c2e0d64f98fa7);
-	c->h[7]=U64(0x47b5481dbefa4fa4);
-
-        c->Nl=0;        c->Nh=0;
-        c->num=0;       c->md_len=SHA384_DIGEST_LENGTH;
-        return 1;
-	}
-
-int SHA512_Init(SHA512_CTX *c)
-	{
-	c->h[0]=U64(0x6a09e667f3bcc908);
-	c->h[1]=U64(0xbb67ae8584caa73b);
-	c->h[2]=U64(0x3c6ef372fe94f82b);
-	c->h[3]=U64(0xa54ff53a5f1d36f1);
-	c->h[4]=U64(0x510e527fade682d1);
-	c->h[5]=U64(0x9b05688c2b3e6c1f);
-	c->h[6]=U64(0x1f83d9abfb41bd6b);
-	c->h[7]=U64(0x5be0cd19137e2179);
-
-        c->Nl=0;        c->Nh=0;
-        c->num=0;       c->md_len=SHA512_DIGEST_LENGTH;
-        return 1;
-	}
-
-#ifndef SHA512_ASM
-static
-#endif
-void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num);
-
-int SHA512_Final (unsigned char *md, SHA512_CTX *c)
-	{
-	unsigned char *p=(unsigned char *)c->u.p;
-	size_t n=c->num;
-
-	p[n]=0x80;	/* There always is a room for one */
-	n++;
-	if (n > (sizeof(c->u)-16))
-		memset (p+n,0,sizeof(c->u)-n), n=0,
-		sha512_block_data_order (c,p,1);
-
-	memset (p+n,0,sizeof(c->u)-16-n);
-#if BYTE_ORDER == BIG_ENDIAN
-	c->u.d[SHA_LBLOCK-2] = c->Nh;
-	c->u.d[SHA_LBLOCK-1] = c->Nl;
-#else
-	p[sizeof(c->u)-1]  = (unsigned char)(c->Nl);
-	p[sizeof(c->u)-2]  = (unsigned char)(c->Nl>>8);
-	p[sizeof(c->u)-3]  = (unsigned char)(c->Nl>>16);
-	p[sizeof(c->u)-4]  = (unsigned char)(c->Nl>>24);
-	p[sizeof(c->u)-5]  = (unsigned char)(c->Nl>>32);
-	p[sizeof(c->u)-6]  = (unsigned char)(c->Nl>>40);
-	p[sizeof(c->u)-7]  = (unsigned char)(c->Nl>>48);
-	p[sizeof(c->u)-8]  = (unsigned char)(c->Nl>>56);
-	p[sizeof(c->u)-9]  = (unsigned char)(c->Nh);
-	p[sizeof(c->u)-10] = (unsigned char)(c->Nh>>8);
-	p[sizeof(c->u)-11] = (unsigned char)(c->Nh>>16);
-	p[sizeof(c->u)-12] = (unsigned char)(c->Nh>>24);
-	p[sizeof(c->u)-13] = (unsigned char)(c->Nh>>32);
-	p[sizeof(c->u)-14] = (unsigned char)(c->Nh>>40);
-	p[sizeof(c->u)-15] = (unsigned char)(c->Nh>>48);
-	p[sizeof(c->u)-16] = (unsigned char)(c->Nh>>56);
-#endif
-
-	sha512_block_data_order (c,p,1);
-
-	if (md==0) return 0;
-
-	switch (c->md_len)
-		{
-		/* Let compiler decide if it's appropriate to unroll... */
-		case SHA384_DIGEST_LENGTH:
-			for (n=0;n<SHA384_DIGEST_LENGTH/8;n++)
-				{
-				SHA_LONG64 t = c->h[n];
-
-				*(md++)	= (unsigned char)(t>>56);
-				*(md++)	= (unsigned char)(t>>48);
-				*(md++)	= (unsigned char)(t>>40);
-				*(md++)	= (unsigned char)(t>>32);
-				*(md++)	= (unsigned char)(t>>24);
-				*(md++)	= (unsigned char)(t>>16);
-				*(md++)	= (unsigned char)(t>>8);
-				*(md++)	= (unsigned char)(t);
-				}
-			break;
-		case SHA512_DIGEST_LENGTH:
-			for (n=0;n<SHA512_DIGEST_LENGTH/8;n++)
-				{
-				SHA_LONG64 t = c->h[n];
-
-				*(md++)	= (unsigned char)(t>>56);
-				*(md++)	= (unsigned char)(t>>48);
-				*(md++)	= (unsigned char)(t>>40);
-				*(md++)	= (unsigned char)(t>>32);
-				*(md++)	= (unsigned char)(t>>24);
-				*(md++)	= (unsigned char)(t>>16);
-				*(md++)	= (unsigned char)(t>>8);
-				*(md++)	= (unsigned char)(t);
-				}
-			break;
-		/* ... as well as make sure md_len is not abused. */
-		default:	return 0;
-		}
-
-	return 1;
-	}
-
-int SHA384_Final (unsigned char *md,SHA512_CTX *c)
-{   return SHA512_Final (md,c);   }
-
-int SHA512_Update (SHA512_CTX *c, const void *_data, size_t len)
-	{
-	SHA_LONG64	l;
-	unsigned char  *p=c->u.p;
-	const unsigned char *data=(const unsigned char *)_data;
-
-	if (len==0) return  1;
-
-	l = (c->Nl+(((SHA_LONG64)len)<<3))&U64(0xffffffffffffffff);
-	if (l < c->Nl)		c->Nh++;
-	if (sizeof(len)>=8)	c->Nh+=(((SHA_LONG64)len)>>61);
-	c->Nl=l;
-
-	if (c->num != 0)
-		{
-		size_t n = sizeof(c->u) - c->num;
-
-		if (len < n)
-			{
-			memcpy (p+c->num,data,len), c->num += (unsigned int)len;
-			return 1;
-			}
-		else	{
-			memcpy (p+c->num,data,n), c->num = 0;
-			len-=n, data+=n;
-			sha512_block_data_order (c,p,1);
-			}
-		}
-
-	if (len >= sizeof(c->u))
-		{
-#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-		if ((size_t)data%sizeof(c->u.d[0]) != 0)
-			while (len >= sizeof(c->u))
-				memcpy (p,data,sizeof(c->u)),
-				sha512_block_data_order (c,p,1),
-				len  -= sizeof(c->u),
-				data += sizeof(c->u);
-		else
-#endif
-			sha512_block_data_order (c,data,len/sizeof(c->u)),
-			data += len,
-			len  %= sizeof(c->u),
-			data -= len;
-		}
-
-	if (len != 0)	memcpy (p,data,len), c->num = (int)len;
-
-	return 1;
-	}
-
-int SHA384_Update (SHA512_CTX *c, const void *data, size_t len)
-{   return SHA512_Update (c,data,len);   }
-
-void SHA512_Transform (SHA512_CTX *c, const unsigned char *data)
-	{
-#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
-	if ((size_t)data%sizeof(c->u.d[0]) != 0)
-		memcpy(c->u.p,data,sizeof(c->u.p)),
-		data = c->u.p;
-#endif
-	sha512_block_data_order (c,data,1);
-	}
-
-unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA512_CTX c;
-	static unsigned char m[SHA384_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA384_Init(&c);
-	SHA512_Update(&c,d,n);
-	SHA512_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
-unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
-	{
-	SHA512_CTX c;
-	static unsigned char m[SHA512_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	SHA512_Init(&c);
-	SHA512_Update(&c,d,n);
-	SHA512_Final(md,&c);
-	explicit_bzero(&c,sizeof(c));
-	return(md);
-	}
-
-#ifndef SHA512_ASM
-static const SHA_LONG64 K512[80] = {
-        U64(0x428a2f98d728ae22),U64(0x7137449123ef65cd),
-        U64(0xb5c0fbcfec4d3b2f),U64(0xe9b5dba58189dbbc),
-        U64(0x3956c25bf348b538),U64(0x59f111f1b605d019),
-        U64(0x923f82a4af194f9b),U64(0xab1c5ed5da6d8118),
-        U64(0xd807aa98a3030242),U64(0x12835b0145706fbe),
-        U64(0x243185be4ee4b28c),U64(0x550c7dc3d5ffb4e2),
-        U64(0x72be5d74f27b896f),U64(0x80deb1fe3b1696b1),
-        U64(0x9bdc06a725c71235),U64(0xc19bf174cf692694),
-        U64(0xe49b69c19ef14ad2),U64(0xefbe4786384f25e3),
-        U64(0x0fc19dc68b8cd5b5),U64(0x240ca1cc77ac9c65),
-        U64(0x2de92c6f592b0275),U64(0x4a7484aa6ea6e483),
-        U64(0x5cb0a9dcbd41fbd4),U64(0x76f988da831153b5),
-        U64(0x983e5152ee66dfab),U64(0xa831c66d2db43210),
-        U64(0xb00327c898fb213f),U64(0xbf597fc7beef0ee4),
-        U64(0xc6e00bf33da88fc2),U64(0xd5a79147930aa725),
-        U64(0x06ca6351e003826f),U64(0x142929670a0e6e70),
-        U64(0x27b70a8546d22ffc),U64(0x2e1b21385c26c926),
-        U64(0x4d2c6dfc5ac42aed),U64(0x53380d139d95b3df),
-        U64(0x650a73548baf63de),U64(0x766a0abb3c77b2a8),
-        U64(0x81c2c92e47edaee6),U64(0x92722c851482353b),
-        U64(0xa2bfe8a14cf10364),U64(0xa81a664bbc423001),
-        U64(0xc24b8b70d0f89791),U64(0xc76c51a30654be30),
-        U64(0xd192e819d6ef5218),U64(0xd69906245565a910),
-        U64(0xf40e35855771202a),U64(0x106aa07032bbd1b8),
-        U64(0x19a4c116b8d2d0c8),U64(0x1e376c085141ab53),
-        U64(0x2748774cdf8eeb99),U64(0x34b0bcb5e19b48a8),
-        U64(0x391c0cb3c5c95a63),U64(0x4ed8aa4ae3418acb),
-        U64(0x5b9cca4f7763e373),U64(0x682e6ff3d6b2b8a3),
-        U64(0x748f82ee5defb2fc),U64(0x78a5636f43172f60),
-        U64(0x84c87814a1f0ab72),U64(0x8cc702081a6439ec),
-        U64(0x90befffa23631e28),U64(0xa4506cebde82bde9),
-        U64(0xbef9a3f7b2c67915),U64(0xc67178f2e372532b),
-        U64(0xca273eceea26619c),U64(0xd186b8c721c0c207),
-        U64(0xeada7dd6cde0eb1e),U64(0xf57d4f7fee6ed178),
-        U64(0x06f067aa72176fba),U64(0x0a637dc5a2c898a6),
-        U64(0x113f9804bef90dae),U64(0x1b710b35131c471b),
-        U64(0x28db77f523047d84),U64(0x32caab7b40c72493),
-        U64(0x3c9ebe0a15c9bebc),U64(0x431d67c49c100d4c),
-        U64(0x4cc5d4becb3e42b6),U64(0x597f299cfc657e2a),
-        U64(0x5fcb6fab3ad6faec),U64(0x6c44198c4a475817) };
-
-#if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
-# if defined(__x86_64) || defined(__x86_64__)
-#  define ROTR(a,n)	({ SHA_LONG64 ret;		\
-				asm ("rorq %1,%0"	\
-				: "=r"(ret)		\
-				: "J"(n),"0"(a)		\
-				: "cc"); ret;		})
-#   define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x)));	\
-				asm ("bswapq	%0"		\
-				: "=r"(ret)			\
-				: "0"(ret)); ret;		})
-# elif (defined(__i386) || defined(__i386__))
-#  if defined(I386_ONLY)
-#   define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
-			 unsigned int hi=p[0],lo=p[1];		\
-				asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\
-				    "roll $16,%%eax; roll $16,%%edx; "\
-				    "xchgb %%ah,%%al;xchgb %%dh,%%dl;" \
-				: "=a"(lo),"=d"(hi)		\
-				: "0"(lo),"1"(hi) : "cc");	\
-				((SHA_LONG64)hi)<<32|lo;	})
-#  else
-#   define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
-			 unsigned int hi=p[0],lo=p[1];		\
-				asm ("bswapl %0; bswapl %1;"	\
-				: "=r"(lo),"=r"(hi)		\
-				: "0"(lo),"1"(hi));		\
-				((SHA_LONG64)hi)<<32|lo;	})
-#  endif
-# elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
-#  define ROTR(a,n)	({ SHA_LONG64 ret;		\
-				asm ("rotrdi %0,%1,%2"	\
-				: "=r"(ret)		\
-				: "r"(a),"K"(n)); ret;	})
-# endif
-#endif
-
-#ifndef PULL64
-#define B(x,j)    (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
-#define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
-#endif
-
-#ifndef ROTR
-#define ROTR(x,s)	(((x)>>s) | (x)<<(64-s))
-#endif
-
-#define Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
-#define Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
-#define sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
-#define sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
-
-#define Ch(x,y,z)	(((x) & (y)) ^ ((~(x)) & (z)))
-#define Maj(x,y,z)	(((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
-
-
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
-/*
- * This code should give better results on 32-bit CPU with less than
- * ~24 registers, both size and performance wise...
- */
-static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
-	{
-	const SHA_LONG64 *W=in;
-	SHA_LONG64	A,E,T;
-	SHA_LONG64	X[9+80],*F;
-	int i;
-
-			while (num--) {
-
-	F    = X+80;
-	A    = ctx->h[0];	F[1] = ctx->h[1];
-	F[2] = ctx->h[2];	F[3] = ctx->h[3];
-	E    = ctx->h[4];	F[5] = ctx->h[5];
-	F[6] = ctx->h[6];	F[7] = ctx->h[7];
-
-	for (i=0;i<16;i++,F--)
-		{
-		T = PULL64(W[i]);
-		F[0] = A;
-		F[4] = E;
-		F[8] = T;
-		T   += F[7] + Sigma1(E) + Ch(E,F[5],F[6]) + K512[i];
-		E    = F[3] + T;
-		A    = T + Sigma0(A) + Maj(A,F[1],F[2]);
-		}
-
-	for (;i<80;i++,F--)
-		{
-		T    = sigma0(F[8+16-1]);
-		T   += sigma1(F[8+16-14]);
-		T   += F[8+16] + F[8+16-9];
-
-		F[0] = A;
-		F[4] = E;
-		F[8] = T;
-		T   += F[7] + Sigma1(E) + Ch(E,F[5],F[6]) + K512[i];
-		E    = F[3] + T;
-		A    = T + Sigma0(A) + Maj(A,F[1],F[2]);
-		}
-
-	ctx->h[0] += A;		ctx->h[1] += F[1];
-	ctx->h[2] += F[2];	ctx->h[3] += F[3];
-	ctx->h[4] += E;		ctx->h[5] += F[5];
-	ctx->h[6] += F[6];	ctx->h[7] += F[7];
-
-			W+=SHA_LBLOCK;
-			}
-	}
-
-#elif defined(OPENSSL_SMALL_FOOTPRINT)
-
-static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
-	{
-	const SHA_LONG64 *W=in;
-	SHA_LONG64	a,b,c,d,e,f,g,h,s0,s1,T1,T2;
-	SHA_LONG64	X[16];
-	int i;
-
-			while (num--) {
-
-	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
-	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
-
-	for (i=0;i<16;i++)
-		{
-#if BYTE_ORDER == BIG_ENDIAN
-		T1 = X[i] = W[i];
-#else
-		T1 = X[i] = PULL64(W[i]);
-#endif
-		T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
-		T2 = Sigma0(a) + Maj(a,b,c);
-		h = g;	g = f;	f = e;	e = d + T1;
-		d = c;	c = b;	b = a;	a = T1 + T2;
-		}
-
-	for (;i<80;i++)
-		{
-		s0 = X[(i+1)&0x0f];	s0 = sigma0(s0);
-		s1 = X[(i+14)&0x0f];	s1 = sigma1(s1);
-
-		T1 = X[i&0xf] += s0 + s1 + X[(i+9)&0xf];
-		T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];
-		T2 = Sigma0(a) + Maj(a,b,c);
-		h = g;	g = f;	f = e;	e = d + T1;
-		d = c;	c = b;	b = a;	a = T1 + T2;
-		}
-
-	ctx->h[0] += a;	ctx->h[1] += b;	ctx->h[2] += c;	ctx->h[3] += d;
-	ctx->h[4] += e;	ctx->h[5] += f;	ctx->h[6] += g;	ctx->h[7] += h;
-
-			W+=SHA_LBLOCK;
-			}
-	}
-
-#else
-
-#define	ROUND_00_15(i,a,b,c,d,e,f,g,h)		do {	\
-	T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];	\
-	h = Sigma0(a) + Maj(a,b,c);			\
-	d += T1;	h += T1;		} while (0)
-
-#define	ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X)	do {	\
-	s0 = X[(j+1)&0x0f];	s0 = sigma0(s0);	\
-	s1 = X[(j+14)&0x0f];	s1 = sigma1(s1);	\
-	T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f];	\
-	ROUND_00_15(i+j,a,b,c,d,e,f,g,h);		} while (0)
-
-static void sha512_block_data_order (SHA512_CTX *ctx, const void *in, size_t num)
-	{
-	const SHA_LONG64 *W=in;
-	SHA_LONG64	a,b,c,d,e,f,g,h,s0,s1,T1;
-	SHA_LONG64	X[16];
-	int i;
-
-			while (num--) {
-
-	a = ctx->h[0];	b = ctx->h[1];	c = ctx->h[2];	d = ctx->h[3];
-	e = ctx->h[4];	f = ctx->h[5];	g = ctx->h[6];	h = ctx->h[7];
-
-#if BYTE_ORDER == BIG_ENDIAN
-	T1 = X[0] = W[0];	ROUND_00_15(0,a,b,c,d,e,f,g,h);
-	T1 = X[1] = W[1];	ROUND_00_15(1,h,a,b,c,d,e,f,g);
-	T1 = X[2] = W[2];	ROUND_00_15(2,g,h,a,b,c,d,e,f);
-	T1 = X[3] = W[3];	ROUND_00_15(3,f,g,h,a,b,c,d,e);
-	T1 = X[4] = W[4];	ROUND_00_15(4,e,f,g,h,a,b,c,d);
-	T1 = X[5] = W[5];	ROUND_00_15(5,d,e,f,g,h,a,b,c);
-	T1 = X[6] = W[6];	ROUND_00_15(6,c,d,e,f,g,h,a,b);
-	T1 = X[7] = W[7];	ROUND_00_15(7,b,c,d,e,f,g,h,a);
-	T1 = X[8] = W[8];	ROUND_00_15(8,a,b,c,d,e,f,g,h);
-	T1 = X[9] = W[9];	ROUND_00_15(9,h,a,b,c,d,e,f,g);
-	T1 = X[10] = W[10];	ROUND_00_15(10,g,h,a,b,c,d,e,f);
-	T1 = X[11] = W[11];	ROUND_00_15(11,f,g,h,a,b,c,d,e);
-	T1 = X[12] = W[12];	ROUND_00_15(12,e,f,g,h,a,b,c,d);
-	T1 = X[13] = W[13];	ROUND_00_15(13,d,e,f,g,h,a,b,c);
-	T1 = X[14] = W[14];	ROUND_00_15(14,c,d,e,f,g,h,a,b);
-	T1 = X[15] = W[15];	ROUND_00_15(15,b,c,d,e,f,g,h,a);
-#else
-	T1 = X[0]  = PULL64(W[0]);	ROUND_00_15(0,a,b,c,d,e,f,g,h);
-	T1 = X[1]  = PULL64(W[1]);	ROUND_00_15(1,h,a,b,c,d,e,f,g);
-	T1 = X[2]  = PULL64(W[2]);	ROUND_00_15(2,g,h,a,b,c,d,e,f);
-	T1 = X[3]  = PULL64(W[3]);	ROUND_00_15(3,f,g,h,a,b,c,d,e);
-	T1 = X[4]  = PULL64(W[4]);	ROUND_00_15(4,e,f,g,h,a,b,c,d);
-	T1 = X[5]  = PULL64(W[5]);	ROUND_00_15(5,d,e,f,g,h,a,b,c);
-	T1 = X[6]  = PULL64(W[6]);	ROUND_00_15(6,c,d,e,f,g,h,a,b);
-	T1 = X[7]  = PULL64(W[7]);	ROUND_00_15(7,b,c,d,e,f,g,h,a);
-	T1 = X[8]  = PULL64(W[8]);	ROUND_00_15(8,a,b,c,d,e,f,g,h);
-	T1 = X[9]  = PULL64(W[9]);	ROUND_00_15(9,h,a,b,c,d,e,f,g);
-	T1 = X[10] = PULL64(W[10]);	ROUND_00_15(10,g,h,a,b,c,d,e,f);
-	T1 = X[11] = PULL64(W[11]);	ROUND_00_15(11,f,g,h,a,b,c,d,e);
-	T1 = X[12] = PULL64(W[12]);	ROUND_00_15(12,e,f,g,h,a,b,c,d);
-	T1 = X[13] = PULL64(W[13]);	ROUND_00_15(13,d,e,f,g,h,a,b,c);
-	T1 = X[14] = PULL64(W[14]);	ROUND_00_15(14,c,d,e,f,g,h,a,b);
-	T1 = X[15] = PULL64(W[15]);	ROUND_00_15(15,b,c,d,e,f,g,h,a);
-#endif
-
-	for (i=16;i<80;i+=16)
-		{
-		ROUND_16_80(i, 0,a,b,c,d,e,f,g,h,X);
-		ROUND_16_80(i, 1,h,a,b,c,d,e,f,g,X);
-		ROUND_16_80(i, 2,g,h,a,b,c,d,e,f,X);
-		ROUND_16_80(i, 3,f,g,h,a,b,c,d,e,X);
-		ROUND_16_80(i, 4,e,f,g,h,a,b,c,d,X);
-		ROUND_16_80(i, 5,d,e,f,g,h,a,b,c,X);
-		ROUND_16_80(i, 6,c,d,e,f,g,h,a,b,X);
-		ROUND_16_80(i, 7,b,c,d,e,f,g,h,a,X);
-		ROUND_16_80(i, 8,a,b,c,d,e,f,g,h,X);
-		ROUND_16_80(i, 9,h,a,b,c,d,e,f,g,X);
-		ROUND_16_80(i,10,g,h,a,b,c,d,e,f,X);
-		ROUND_16_80(i,11,f,g,h,a,b,c,d,e,X);
-		ROUND_16_80(i,12,e,f,g,h,a,b,c,d,X);
-		ROUND_16_80(i,13,d,e,f,g,h,a,b,c,X);
-		ROUND_16_80(i,14,c,d,e,f,g,h,a,b,X);
-		ROUND_16_80(i,15,b,c,d,e,f,g,h,a,X);
-		}
-
-	ctx->h[0] += a;	ctx->h[1] += b;	ctx->h[2] += c;	ctx->h[3] += d;
-	ctx->h[4] += e;	ctx->h[5] += f;	ctx->h[6] += g;	ctx->h[7] += h;
-
-			W+=SHA_LBLOCK;
-			}
-	}
-
-#endif
-
-#endif /* SHA512_ASM */
-
-#endif /* !OPENSSL_NO_SHA512 */
diff --git a/lib/libssl/src/crypto/sha/sha_locl.h b/lib/libssl/src/crypto/sha/sha_locl.h
deleted file mode 100644
index d871a3b69d7..00000000000
--- a/lib/libssl/src/crypto/sha/sha_locl.h
+++ /dev/null
@@ -1,414 +0,0 @@
-/* $OpenBSD: sha_locl.h,v 1.21 2016/03/15 20:50:22 krw Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/sha.h>
-
-#define DATA_ORDER_IS_BIG_ENDIAN
-
-#define HASH_LONG               SHA_LONG
-#define HASH_CTX                SHA_CTX
-#define HASH_CBLOCK             SHA_CBLOCK
-#define HASH_MAKE_STRING(c,s)   do {	\
-	unsigned long ll;		\
-	ll=(c)->h0; HOST_l2c(ll,(s));	\
-	ll=(c)->h1; HOST_l2c(ll,(s));	\
-	ll=(c)->h2; HOST_l2c(ll,(s));	\
-	ll=(c)->h3; HOST_l2c(ll,(s));	\
-	ll=(c)->h4; HOST_l2c(ll,(s));	\
-	} while (0)
-
-# define HASH_UPDATE             	SHA1_Update
-# define HASH_TRANSFORM          	SHA1_Transform
-# define HASH_FINAL              	SHA1_Final
-# define HASH_INIT			SHA1_Init
-# define HASH_BLOCK_DATA_ORDER   	sha1_block_data_order
-# define Xupdate(a,ix,ia,ib,ic,id)	( (a)=(ia^ib^ic^id),	\
-					  ix=(a)=ROTATE((a),1)	\
-					)
-
-#ifndef SHA1_ASM
-static
-#endif
-void sha1_block_data_order (SHA_CTX *c, const void *p,size_t num);
-
-#include "md32_common.h"
-
-#define INIT_DATA_h0 0x67452301UL
-#define INIT_DATA_h1 0xefcdab89UL
-#define INIT_DATA_h2 0x98badcfeUL
-#define INIT_DATA_h3 0x10325476UL
-#define INIT_DATA_h4 0xc3d2e1f0UL
-
-int SHA1_Init(SHA_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	c->h0=INIT_DATA_h0;
-	c->h1=INIT_DATA_h1;
-	c->h2=INIT_DATA_h2;
-	c->h3=INIT_DATA_h3;
-	c->h4=INIT_DATA_h4;
-	return 1;
-	}
-
-#define K_00_19	0x5a827999UL
-#define K_20_39 0x6ed9eba1UL
-#define K_40_59 0x8f1bbcdcUL
-#define K_60_79 0xca62c1d6UL
-
-/* As  pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
- * simplified to the code in F_00_19.  Wei attributes these optimisations
- * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
- * #define F(x,y,z) (((x) & (y))  |  ((~(x)) & (z)))
- * I've just become aware of another tweak to be made, again from Wei Dai,
- * in F_40_59, (x&a)|(y&a) -> (x|y)&a
- */
-#define	F_00_19(b,c,d)	((((c) ^ (d)) & (b)) ^ (d)) 
-#define	F_20_39(b,c,d)	((b) ^ (c) ^ (d))
-#define F_40_59(b,c,d)	(((b) & (c)) | (((b)|(c)) & (d))) 
-#define	F_60_79(b,c,d)	F_20_39(b,c,d)
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-
-#define BODY_00_15(i,a,b,c,d,e,f,xi) \
-	(f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-	Xupdate(f,xi,xa,xb,xc,xd); \
-	(f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
-	Xupdate(f,xi,xa,xb,xc,xd); \
-	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
-	Xupdate(f,xa,xa,xb,xc,xd); \
-	(f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
-	(b)=ROTATE((b),30);
-
-#ifdef X
-#undef X
-#endif
-#ifndef MD32_XARRAY
-  /*
-   * Originally X was an array. As it's automatic it's natural
-   * to expect RISC compiler to accommodate at least part of it in
-   * the register bank, isn't it? Unfortunately not all compilers
-   * "find" this expectation reasonable:-( On order to make such
-   * compilers generate better code I replace X[] with a bunch of
-   * X0, X1, etc. See the function body below...
-   *					<appro@fy.chalmers.se>
-   */
-# define X(i)	XX##i
-#else
-  /*
-   * However! Some compilers (most notably HP C) get overwhelmed by
-   * that many local variables so that we have to have the way to
-   * fall down to the original behavior.
-   */
-# define X(i)	XX[i]
-#endif
-
-#if !defined(SHA1_ASM)
-#include <machine/endian.h>
-static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
-	{
-	const unsigned char *data=p;
-	unsigned MD32_REG_T A,B,C,D,E,T,l;
-#ifndef MD32_XARRAY
-	unsigned MD32_REG_T	XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
-				XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15;
-#else
-	SHA_LONG	XX[16];
-#endif
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-			{
-
-	if (BYTE_ORDER != LITTLE_ENDIAN &&
-	    sizeof(SHA_LONG)==4 && ((size_t)p%4)==0)
-		{
-		const SHA_LONG *W=(const SHA_LONG *)data;
-
-		X( 0) = W[0];				X( 1) = W[ 1];
-		BODY_00_15( 0,A,B,C,D,E,T,X( 0));	X( 2) = W[ 2];
-		BODY_00_15( 1,T,A,B,C,D,E,X( 1));	X( 3) = W[ 3];
-		BODY_00_15( 2,E,T,A,B,C,D,X( 2));	X( 4) = W[ 4];
-		BODY_00_15( 3,D,E,T,A,B,C,X( 3));	X( 5) = W[ 5];
-		BODY_00_15( 4,C,D,E,T,A,B,X( 4));	X( 6) = W[ 6];
-		BODY_00_15( 5,B,C,D,E,T,A,X( 5));	X( 7) = W[ 7];
-		BODY_00_15( 6,A,B,C,D,E,T,X( 6));	X( 8) = W[ 8];
-		BODY_00_15( 7,T,A,B,C,D,E,X( 7));	X( 9) = W[ 9];
-		BODY_00_15( 8,E,T,A,B,C,D,X( 8));	X(10) = W[10];
-		BODY_00_15( 9,D,E,T,A,B,C,X( 9));	X(11) = W[11];
-		BODY_00_15(10,C,D,E,T,A,B,X(10));	X(12) = W[12];
-		BODY_00_15(11,B,C,D,E,T,A,X(11));	X(13) = W[13];
-		BODY_00_15(12,A,B,C,D,E,T,X(12));	X(14) = W[14];
-		BODY_00_15(13,T,A,B,C,D,E,X(13));	X(15) = W[15];
-		BODY_00_15(14,E,T,A,B,C,D,X(14));
-		BODY_00_15(15,D,E,T,A,B,C,X(15));
-
-		data += SHA_CBLOCK;
-		}
-	else
-		{
-		HOST_c2l(data,l); X( 0)=l;		HOST_c2l(data,l); X( 1)=l;
-		BODY_00_15( 0,A,B,C,D,E,T,X( 0));	HOST_c2l(data,l); X( 2)=l;
-		BODY_00_15( 1,T,A,B,C,D,E,X( 1));	HOST_c2l(data,l); X( 3)=l;
-		BODY_00_15( 2,E,T,A,B,C,D,X( 2));	HOST_c2l(data,l); X( 4)=l;
-		BODY_00_15( 3,D,E,T,A,B,C,X( 3));	HOST_c2l(data,l); X( 5)=l;
-		BODY_00_15( 4,C,D,E,T,A,B,X( 4));	HOST_c2l(data,l); X( 6)=l;
-		BODY_00_15( 5,B,C,D,E,T,A,X( 5));	HOST_c2l(data,l); X( 7)=l;
-		BODY_00_15( 6,A,B,C,D,E,T,X( 6));	HOST_c2l(data,l); X( 8)=l;
-		BODY_00_15( 7,T,A,B,C,D,E,X( 7));	HOST_c2l(data,l); X( 9)=l;
-		BODY_00_15( 8,E,T,A,B,C,D,X( 8));	HOST_c2l(data,l); X(10)=l;
-		BODY_00_15( 9,D,E,T,A,B,C,X( 9));	HOST_c2l(data,l); X(11)=l;
-		BODY_00_15(10,C,D,E,T,A,B,X(10));	HOST_c2l(data,l); X(12)=l;
-		BODY_00_15(11,B,C,D,E,T,A,X(11));	HOST_c2l(data,l); X(13)=l;
-		BODY_00_15(12,A,B,C,D,E,T,X(12));	HOST_c2l(data,l); X(14)=l;
-		BODY_00_15(13,T,A,B,C,D,E,X(13));	HOST_c2l(data,l); X(15)=l;
-		BODY_00_15(14,E,T,A,B,C,D,X(14));
-		BODY_00_15(15,D,E,T,A,B,C,X(15));
-		}
-
-	BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13));
-	BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14));
-	BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15));
-	BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0));
-
-	BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1));
-	BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2));
-	BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3));
-	BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4));
-	BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5));
-	BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6));
-	BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7));
-	BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8));
-	BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9));
-	BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10));
-	BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11));
-	BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12));
-
-	BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13));
-	BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14));
-	BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15));
-	BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0));
-	BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1));
-	BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2));
-	BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3));
-	BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4));
-
-	BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8));
-	BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9));
-	BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10));
-	BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11));
-	BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12));
-	BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13));
-	BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14));
-	BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15));
-	BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0));
-	BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1));
-	BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2));
-	BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3));
-	BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4));
-	BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5));
-	BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6));
-	BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7));
-	BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8));
-
-	BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10));
-	BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12));
-	BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13));
-	BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14));
-	BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15));
-	BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0));
-	BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1));
-	BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2));
-	BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3));
-	BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4));
-	BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5));
-	BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6));
-	BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7));
-	BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8));
-	BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9));
-	BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10));
-	BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11));
-	BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12));
-	
-	c->h0=(c->h0+E)&0xffffffffL; 
-	c->h1=(c->h1+T)&0xffffffffL;
-	c->h2=(c->h2+A)&0xffffffffL;
-	c->h3=(c->h3+B)&0xffffffffL;
-	c->h4=(c->h4+C)&0xffffffffL;
-
-	if (--num == 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-			}
-	}
-#endif
-
-#else	/* OPENSSL_SMALL_FOOTPRINT */
-
-#define BODY_00_15(xi)		 do {	\
-	T=E+K_00_19+F_00_19(B,C,D);	\
-	E=D, D=C, C=ROTATE(B,30), B=A;	\
-	A=ROTATE(A,5)+T+xi;	    } while(0)
-
-#define BODY_16_19(xa,xb,xc,xd)	 do {	\
-	Xupdate(T,xa,xa,xb,xc,xd);	\
-	T+=E+K_00_19+F_00_19(B,C,D);	\
-	E=D, D=C, C=ROTATE(B,30), B=A;	\
-	A=ROTATE(A,5)+T;	    } while(0)
-
-#define BODY_20_39(xa,xb,xc,xd)	 do {	\
-	Xupdate(T,xa,xa,xb,xc,xd);	\
-	T+=E+K_20_39+F_20_39(B,C,D);	\
-	E=D, D=C, C=ROTATE(B,30), B=A;	\
-	A=ROTATE(A,5)+T;	    } while(0)
-
-#define BODY_40_59(xa,xb,xc,xd)	 do {	\
-	Xupdate(T,xa,xa,xb,xc,xd);	\
-	T+=E+K_40_59+F_40_59(B,C,D);	\
-	E=D, D=C, C=ROTATE(B,30), B=A;	\
-	A=ROTATE(A,5)+T;	    } while(0)
-
-#define BODY_60_79(xa,xb,xc,xd)	 do {	\
-	Xupdate(T,xa,xa,xb,xc,xd);	\
-	T=E+K_60_79+F_60_79(B,C,D);	\
-	E=D, D=C, C=ROTATE(B,30), B=A;	\
-	A=ROTATE(A,5)+T+xa;	    } while(0)
-
-#if !defined(SHA1_ASM)
-static void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, size_t num)
-	{
-	const unsigned char *data=p;
-	unsigned MD32_REG_T A,B,C,D,E,T,l;
-	int i;
-	SHA_LONG	X[16];
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-	for (;;)
-		{
-	for (i=0;i<16;i++)
-	{ HOST_c2l(data,l); X[i]=l; BODY_00_15(X[i]); }
-	for (i=0;i<4;i++)
-	{ BODY_16_19(X[i],       X[i+2],      X[i+8],     X[(i+13)&15]); }
-	for (;i<24;i++)
-	{ BODY_20_39(X[i&15],    X[(i+2)&15], X[(i+8)&15],X[(i+13)&15]); }
-	for (i=0;i<20;i++)
-	{ BODY_40_59(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
-	for (i=4;i<24;i++)
-	{ BODY_60_79(X[(i+8)&15],X[(i+10)&15],X[i&15],    X[(i+5)&15]);  }
-
-	c->h0=(c->h0+A)&0xffffffffL; 
-	c->h1=(c->h1+B)&0xffffffffL;
-	c->h2=(c->h2+C)&0xffffffffL;
-	c->h3=(c->h3+D)&0xffffffffL;
-	c->h4=(c->h4+E)&0xffffffffL;
-
-	if (--num == 0) break;
-
-	A=c->h0;
-	B=c->h1;
-	C=c->h2;
-	D=c->h3;
-	E=c->h4;
-
-		}
-	}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/sparccpuid.S b/lib/libssl/src/crypto/sparccpuid.S
deleted file mode 100644
index b913e3dddbc..00000000000
--- a/lib/libssl/src/crypto/sparccpuid.S
+++ /dev/null
@@ -1,302 +0,0 @@
-#if defined(__SUNPRO_C) && defined(__sparcv9)
-# define ABI64  /* They've said -xarch=v9 at command line */
-#elif defined(__GNUC__) && defined(__arch64__)
-# define ABI64  /* They've said -m64 at command line */
-#endif
-
-#ifdef ABI64
-  .register	%g2,#scratch
-  .register	%g3,#scratch
-# define	FRAME	-192
-# define	BIAS	2047
-#else
-# define	FRAME	-96
-# define	BIAS	0
-#endif
-
-.text
-.align	32
-.global	OPENSSL_wipe_cpu
-.type	OPENSSL_wipe_cpu,#function
-! Keep in mind that this does not excuse us from wiping the stack!
-! This routine wipes registers, but not the backing store [which
-! resides on the stack, toward lower addresses]. To facilitate for
-! stack wiping I return pointer to the top of stack of the *caller*.
-OPENSSL_wipe_cpu:
-	save	%sp,FRAME,%sp
-	nop
-#ifdef __sun
-#include <sys/trap.h>
-	ta	ST_CLEAN_WINDOWS
-#else
-	call	.walk.reg.wins
-#endif
-	nop
-	call	.PIC.zero.up
-	mov	.zero-(.-4),%o0
-	ld	[%o0],%f0
-	ld	[%o0],%f1
-
-	subcc	%g0,1,%o0
-	! Following is V9 "rd %ccr,%o0" instruction. However! V8
-	! specification says that it ("rd %asr2,%o0" in V8 terms) does
-	! not cause illegal_instruction trap. It therefore can be used
-	! to determine if the CPU the code is executing on is V8- or
-	! V9-compliant, as V9 returns a distinct value of 0x99,
-	! "negative" and "borrow" bits set in both %icc and %xcc.
-	.word	0x91408000	!rd	%ccr,%o0
-	cmp	%o0,0x99
-	bne	.v8
-	nop
-			! Even though we do not use %fp register bank,
-			! we wipe it as memcpy might have used it...
-			.word	0xbfa00040	!fmovd	%f0,%f62
-			.word	0xbba00040	!...
-			.word	0xb7a00040
-			.word	0xb3a00040
-			.word	0xafa00040
-			.word	0xaba00040
-			.word	0xa7a00040
-			.word	0xa3a00040
-			.word	0x9fa00040
-			.word	0x9ba00040
-			.word	0x97a00040
-			.word	0x93a00040
-			.word	0x8fa00040
-			.word	0x8ba00040
-			.word	0x87a00040
-			.word	0x83a00040	!fmovd	%f0,%f32
-.v8:			fmovs	%f1,%f31
-	clr	%o0
-			fmovs	%f0,%f30
-	clr	%o1
-			fmovs	%f1,%f29
-	clr	%o2
-			fmovs	%f0,%f28
-	clr	%o3
-			fmovs	%f1,%f27
-	clr	%o4
-			fmovs	%f0,%f26
-	clr	%o5
-			fmovs	%f1,%f25
-	clr	%o7
-			fmovs	%f0,%f24
-	clr	%l0
-			fmovs	%f1,%f23
-	clr	%l1
-			fmovs	%f0,%f22
-	clr	%l2
-			fmovs	%f1,%f21
-	clr	%l3
-			fmovs	%f0,%f20
-	clr	%l4
-			fmovs	%f1,%f19
-	clr	%l5
-			fmovs	%f0,%f18
-	clr	%l6
-			fmovs	%f1,%f17
-	clr	%l7
-			fmovs	%f0,%f16
-	clr	%i0
-			fmovs	%f1,%f15
-	clr	%i1
-			fmovs	%f0,%f14
-	clr	%i2
-			fmovs	%f1,%f13
-	clr	%i3
-			fmovs	%f0,%f12
-	clr	%i4
-			fmovs	%f1,%f11
-	clr	%i5
-			fmovs	%f0,%f10
-	clr	%g1
-			fmovs	%f1,%f9
-	clr	%g2
-			fmovs	%f0,%f8
-	clr	%g3
-			fmovs	%f1,%f7
-	clr	%g4
-			fmovs	%f0,%f6
-	clr	%g5
-			fmovs	%f1,%f5
-			fmovs	%f0,%f4
-			fmovs	%f1,%f3
-			fmovs	%f0,%f2
-
-	add	%fp,BIAS,%i0	! return pointer to caller�s top of stack
-
-	ret
-	restore
-
-.zero:	.long	0x0,0x0
-.PIC.zero.up:
-	retl
-	add	%o0,%o7,%o0
-#ifdef DEBUG
-.global	walk_reg_wins
-.type	walk_reg_wins,#function
-walk_reg_wins:
-#endif
-.walk.reg.wins:
-	save	%sp,FRAME,%sp
-	cmp	%i7,%o7
-	be	2f
-	clr	%o0
-	cmp	%o7,0	! compiler never cleans %o7...
-	be	1f	! could have been a leaf function...
-	clr	%o1
-	call	.walk.reg.wins
-	nop
-1:	clr	%o2
-	clr	%o3
-	clr	%o4
-	clr	%o5
-	clr	%o7
-	clr	%l0
-	clr	%l1
-	clr	%l2
-	clr	%l3
-	clr	%l4
-	clr	%l5
-	clr	%l6
-	clr	%l7
-	add	%o0,1,%i0	! used for debugging
-2:	ret
-	restore
-.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-
-.global	OPENSSL_atomic_add
-.type	OPENSSL_atomic_add,#function
-.align	32
-OPENSSL_atomic_add:
-#ifndef ABI64
-	subcc	%g0,1,%o2
-	.word	0x95408000	!rd	%ccr,%o2, see comment above
-	cmp	%o2,0x99
-	be	.v9
-	nop
-	save	%sp,FRAME,%sp
-	ba	.enter
-	nop
-#ifdef __sun
-! Note that you do not have to link with libthread to call thr_yield,
-! as libc provides a stub, which is overloaded the moment you link
-! with *either* libpthread or libthread...
-#define	YIELD_CPU	thr_yield
-#else
-! applies at least to Linux and FreeBSD... Feedback expected...
-#define	YIELD_CPU	sched_yield
-#endif
-.spin:	call	YIELD_CPU
-	nop
-.enter:	ld	[%i0],%i2
-	cmp	%i2,-4096
-	be	.spin
-	mov	-1,%i2
-	swap	[%i0],%i2
-	cmp	%i2,-1
-	be	.spin
-	add	%i2,%i1,%i2
-	stbar
-	st	%i2,[%i0]
-	sra	%i2,%g0,%i0
-	ret
-	restore
-.v9:
-#endif
-	ld	[%o0],%o2
-1:	add	%o1,%o2,%o3
-	.word	0xd7e2100a	!cas [%o0],%o2,%o3, compare [%o0] with %o2 and swap %o3
-	cmp	%o2,%o3
-	bne	1b
-	mov	%o3,%o2		! cas is always fetching to dest. register
-	add	%o1,%o2,%o0	! OpenSSL expects the new value
-	retl
-	sra	%o0,%g0,%o0	! we return signed int, remember?
-.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
-
-.global	_sparcv9_vis1_probe
-.align	8
-_sparcv9_vis1_probe:
-	add	%sp,BIAS+2,%o1
-	.word	0xc19a5a40	!ldda	[%o1]ASI_FP16_P,%f0
-	retl
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-.type	_sparcv9_vis1_probe,#function
-.size	_sparcv9_vis1_probe,.-_sparcv9_vis1_probe
-
-! Probe and instrument VIS1 instruction. Output is number of cycles it
-! takes to execute rdtick and pair of VIS1 instructions. US-Tx VIS unit
-! is slow (documented to be 6 cycles on T2) and the core is in-order
-! single-issue, it should be possible to distinguish Tx reliably...
-! Observed return values are:
-!
-!	UltraSPARC IIe		7
-!	UltraSPARC III		7
-!	UltraSPARC T1		24
-!
-! Numbers for T2 and SPARC64 V-VII are more than welcomed.
-!
-! It would be possible to detect specifically US-T1 by instrumenting
-! fmul8ulx16, which is emulated on T1 and as such accounts for quite
-! a lot of %tick-s, couple of thousand on Linux...
-.global	_sparcv9_vis1_instrument
-.align	8
-_sparcv9_vis1_instrument:
-	.word	0x91410000	!rd	%tick,%o0
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-	.word	0x85b08d82	!fxor	%f2,%f2,%f2
-	.word	0x93410000	!rd	%tick,%o1
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-	.word	0x85b08d82	!fxor	%f2,%f2,%f2
-	.word	0x95410000	!rd	%tick,%o2
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-	.word	0x85b08d82	!fxor	%f2,%f2,%f2
-	.word	0x97410000	!rd	%tick,%o3
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-	.word	0x85b08d82	!fxor	%f2,%f2,%f2
-	.word	0x99410000	!rd	%tick,%o4
-
-	! calculate intervals
-	sub	%o1,%o0,%o0
-	sub	%o2,%o1,%o1
-	sub	%o3,%o2,%o2
-	sub	%o4,%o3,%o3
-
-	! find minumum value
-	cmp	%o0,%o1
-	.word	0x38680002	!bgu,a	%xcc,.+8
-	mov	%o1,%o0
-	cmp	%o0,%o2
-	.word	0x38680002	!bgu,a	%xcc,.+8
-	mov	%o2,%o0
-	cmp	%o0,%o3
-	.word	0x38680002	!bgu,a	%xcc,.+8
-	mov	%o3,%o0
-
-	retl
-	nop
-.type	_sparcv9_vis1_instrument,#function
-.size	_sparcv9_vis1_instrument,.-_sparcv9_vis1_instrument
-
-.global	_sparcv9_vis2_probe
-.align	8
-_sparcv9_vis2_probe:
-	retl
-	.word	0x81b00980	!bshuffle	%f0,%f0,%f0
-.type	_sparcv9_vis2_probe,#function
-.size	_sparcv9_vis2_probe,.-_sparcv9_vis2_probe
-
-.global	_sparcv9_fmadd_probe
-.align	8
-_sparcv9_fmadd_probe:
-	.word	0x81b00d80	!fxor	%f0,%f0,%f0
-	.word	0x85b08d82	!fxor	%f2,%f2,%f2
-	retl
-	.word	0x81b80440	!fmaddd	%f0,%f0,%f2,%f0
-.type	_sparcv9_fmadd_probe,#function
-.size	_sparcv9_fmadd_probe,.-_sparcv9_fmadd_probe
-
-.section	".init",#alloc,#execinstr
-	call	OPENSSL_cpuid_setup
-	nop
diff --git a/lib/libssl/src/crypto/sparcv9cap.c b/lib/libssl/src/crypto/sparcv9cap.c
deleted file mode 100644
index cc39c1bf453..00000000000
--- a/lib/libssl/src/crypto/sparcv9cap.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* $OpenBSD: sparcv9cap.c,v 1.7 2014/06/20 21:00:46 deraadt Exp $ */
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <setjmp.h>
-#include <signal.h>
-#include <sys/time.h>
-#include <openssl/bn.h>
-
-#define SPARCV9_PREFER_FPU	(1<<1)
-#define SPARCV9_VIS1		(1<<2)
-#define SPARCV9_VIS2		(1<<3)	/* reserved */
-#define SPARCV9_FMADD		(1<<4)	/* reserved for SPARC64 V */
-
-static int OPENSSL_sparcv9cap_P = 0;
-
-int
-bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
-    const BN_ULONG *np, const BN_ULONG *n0, int num)
-{
-	int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
-	int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np, const BN_ULONG *n0, int num);
-
-	if (num >= 8 && !(num & 1) &&
-	    (OPENSSL_sparcv9cap_P & (SPARCV9_PREFER_FPU|SPARCV9_VIS1)) ==
-	    (SPARCV9_PREFER_FPU|SPARCV9_VIS1))
-		return bn_mul_mont_fpu(rp, ap, bp, np, n0, num);
-	else
-		return bn_mul_mont_int(rp, ap, bp, np, n0, num);
-}
-
-void		_sparcv9_vis1_probe(void);
-unsigned long	_sparcv9_vis1_instrument(void);
-void		_sparcv9_vis2_probe(void);
-void		_sparcv9_fmadd_probe(void);
-
-static sigjmp_buf common_jmp;
-static void
-common_handler(int sig)
-{
-	siglongjmp(common_jmp, sig);
-}
-
-void
-OPENSSL_cpuid_setup(void)
-{
-	char *e;
-	struct sigaction	common_act, ill_oact, bus_oact;
-	sigset_t		all_masked, oset;
-	static int trigger = 0;
-
-	if (trigger)
-		return;
-	trigger = 1;
-
-	/* Initial value, fits UltraSPARC-I&II... */
-	OPENSSL_sparcv9cap_P = SPARCV9_PREFER_FPU;
-
-	sigfillset(&all_masked);
-	sigdelset(&all_masked, SIGILL);
-	sigdelset(&all_masked, SIGTRAP);
-#ifdef SIGEMT
-	sigdelset(&all_masked, SIGEMT);
-#endif
-	sigdelset(&all_masked, SIGFPE);
-	sigdelset(&all_masked, SIGBUS);
-	sigdelset(&all_masked, SIGSEGV);
-	sigprocmask(SIG_SETMASK, &all_masked, &oset);
-
-	memset(&common_act, 0, sizeof(common_act));
-	common_act.sa_handler = common_handler;
-	common_act.sa_mask = all_masked;
-
-	sigaction(SIGILL, &common_act, &ill_oact);
-	sigaction(SIGBUS,&common_act,&bus_oact);/* T1 fails 16-bit ldda [on Linux] */
-
-	if (sigsetjmp(common_jmp, 1) == 0) {
-		_sparcv9_vis1_probe();
-		OPENSSL_sparcv9cap_P |= SPARCV9_VIS1;
-		/* detect UltraSPARC-Tx, see sparccpud.S for details... */
-		if (_sparcv9_vis1_instrument() >= 12)
-			OPENSSL_sparcv9cap_P &= ~(SPARCV9_VIS1|SPARCV9_PREFER_FPU);
-		else {
-			_sparcv9_vis2_probe();
-			OPENSSL_sparcv9cap_P |= SPARCV9_VIS2;
-		}
-	}
-
-	if (sigsetjmp(common_jmp, 1) == 0) {
-		_sparcv9_fmadd_probe();
-		OPENSSL_sparcv9cap_P |= SPARCV9_FMADD;
-	}
-
-	sigaction(SIGBUS, &bus_oact, NULL);
-	sigaction(SIGILL, &ill_oact, NULL);
-
-	sigprocmask(SIG_SETMASK, &oset, NULL);
-}
diff --git a/lib/libssl/src/crypto/stack/safestack.h b/lib/libssl/src/crypto/stack/safestack.h
deleted file mode 100644
index 50e5e45829b..00000000000
--- a/lib/libssl/src/crypto/stack/safestack.h
+++ /dev/null
@@ -1,2664 +0,0 @@
-/* $OpenBSD: safestack.h,v 1.14 2014/06/12 15:49:30 deraadt Exp $ */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_SAFESTACK_H
-#define HEADER_SAFESTACK_H
-
-#include <openssl/stack.h>
-
-#ifndef CHECKED_PTR_OF
-#define CHECKED_PTR_OF(type, p) \
-    ((void*) (1 ? p : (type*)0))
-#endif
-
-/* In C++ we get problems because an explicit cast is needed from (void *)
- * we use CHECKED_STACK_OF to ensure the correct type is passed in the macros
- * below. 
- */
-
-#define CHECKED_STACK_OF(type, p) \
-    ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
-
-#define CHECKED_SK_FREE_FUNC(type, p) \
-    ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
-
-#define CHECKED_SK_FREE_FUNC2(type, p) \
-    ((void (*)(void *)) ((1 ? p : (void (*)(type))0)))
-
-#define CHECKED_SK_CMP_FUNC(type, p) \
-    ((int (*)(const void *, const void *)) \
-	((1 ? p : (int (*)(const type * const *, const type * const *))0)))
-
-#define STACK_OF(type) struct stack_st_##type
-#define PREDECLARE_STACK_OF(type) STACK_OF(type);
-
-#define DECLARE_STACK_OF(type) \
-STACK_OF(type) \
-    { \
-    _STACK stack; \
-    };
-#define DECLARE_SPECIAL_STACK_OF(type, type2) \
-STACK_OF(type) \
-    { \
-    _STACK stack; \
-    };
-
-#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/
-
-
-/* Strings are special: normally an lhash entry will point to a single
- * (somewhat) mutable object. In the case of strings:
- *
- * a) Instead of a single char, there is an array of chars, NUL-terminated.
- * b) The string may have be immutable.
- *
- * So, they need their own declarations. Especially important for
- * type-checking tools, such as Deputy.
- *
-o * In practice, however, it appears to be hard to have a const
- * string. For now, I'm settling for dealing with the fact it is a
- * string at all.
- */
-typedef char *OPENSSL_STRING;
-
-typedef const char *OPENSSL_CSTRING;
-
-/* Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
- * STACK_OF(STRING) is really more like STACK_OF(char), only, as
- * mentioned above, instead of a single char each entry is a
- * NUL-terminated array of chars. So, we have to implement STRING
- * specially for STACK_OF. This is dealt with in the autogenerated
- * macros below.
- */
-
-DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
-
-/* Similarly, we sometimes use a block of characters, NOT
- * nul-terminated. These should also be distinguished from "normal"
- * stacks. */
-
-typedef void *OPENSSL_BLOCK;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
-
-/* SKM_sk_... stack macros are internal to safestack.h:
- * never use them directly, use sk_<type>_... instead */
-#define SKM_sk_new(type, cmp) \
-	((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
-#define SKM_sk_new_null(type) \
-	((STACK_OF(type) *)sk_new_null())
-#define SKM_sk_free(type, st) \
-	sk_free(CHECKED_STACK_OF(type, st))
-#define SKM_sk_num(type, st) \
-	sk_num(CHECKED_STACK_OF(type, st))
-#define SKM_sk_value(type, st,i) \
-	((type *)sk_value(CHECKED_STACK_OF(type, st), i))
-#define SKM_sk_set(type, st,i,val) \
-	sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
-#define SKM_sk_zero(type, st) \
-	sk_zero(CHECKED_STACK_OF(type, st))
-#define SKM_sk_push(type, st, val) \
-	sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-#define SKM_sk_unshift(type, st, val) \
-	sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-#define SKM_sk_find(type, st, val) \
-	sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
-#define SKM_sk_find_ex(type, st, val) \
-	sk_find_ex(CHECKED_STACK_OF(type, st), \
-		   CHECKED_PTR_OF(type, val))
-#define SKM_sk_delete(type, st, i) \
-	(type *)sk_delete(CHECKED_STACK_OF(type, st), i)
-#define SKM_sk_delete_ptr(type, st, ptr) \
-	(type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
-#define SKM_sk_insert(type, st,val, i) \
-	sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
-#define SKM_sk_set_cmp_func(type, st, cmp) \
-	((int (*)(const type * const *,const type * const *)) \
-	sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
-#define SKM_sk_dup(type, st) \
-	(STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
-#define SKM_sk_pop_free(type, st, free_func) \
-	sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
-#define SKM_sk_shift(type, st) \
-	(type *)sk_shift(CHECKED_STACK_OF(type, st))
-#define SKM_sk_pop(type, st) \
-	(type *)sk_pop(CHECKED_STACK_OF(type, st))
-#define SKM_sk_sort(type, st) \
-	sk_sort(CHECKED_STACK_OF(type, st))
-#define SKM_sk_is_sorted(type, st) \
-	sk_is_sorted(CHECKED_STACK_OF(type, st))
-
-#define	SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-  (STACK_OF(type) *)d2i_ASN1_SET( \
-				(STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
-				pp, length, \
-				CHECKED_D2I_OF(type, d2i_func), \
-				CHECKED_SK_FREE_FUNC(type, free_func), \
-				ex_tag, ex_class)
-
-#define	SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
-  i2d_ASN1_SET((STACK_OF(OPENSSL_BLOCK) *)CHECKED_STACK_OF(type, st), pp, \
-				CHECKED_I2D_OF(type, i2d_func), \
-				ex_tag, ex_class, is_set)
-
-#define	SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
-	ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
-			CHECKED_I2D_OF(type, i2d_func), buf, len)
-
-#define	SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
-	(STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
-
-#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	(STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
-				CHECKED_D2I_OF(type, d2i_func), \
-				CHECKED_SK_FREE_FUNC(type, free_func), \
-				pass, passlen, oct, seq)
-
-/* This block of defines is updated by util/mkstack.pl, please do not touch! */
-#define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
-#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
-#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
-#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val))
-#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
-#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
-#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
-#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
-#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
-#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
-#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
-#define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
-
-#define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
-#define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
-#define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
-#define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
-#define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
-#define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
-#define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
-#define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
-#define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
-#define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
-#define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
-#define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
-#define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
-#define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
-#define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
-#define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
-#define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
-#define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
-#define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
-#define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
-#define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
-
-#define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
-#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
-#define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
-#define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
-#define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val))
-#define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
-#define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
-#define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
-#define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
-#define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
-#define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
-#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
-#define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
-
-#define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
-#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
-#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
-#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val))
-#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
-#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
-#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
-#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
-#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
-#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
-#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
-#define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
-
-#define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
-#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
-#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
-#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val))
-#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
-#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
-#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
-#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
-#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
-#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
-#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
-#define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
-
-#define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
-#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
-#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
-#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val))
-#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
-#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
-#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
-#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
-#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
-#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
-#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
-#define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
-
-#define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
-#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
-#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
-#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val))
-#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
-#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
-#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
-#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
-#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
-#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
-#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
-#define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
-
-#define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
-#define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
-#define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
-#define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
-#define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
-#define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
-#define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
-#define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
-#define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
-#define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
-#define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
-#define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
-#define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
-#define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
-#define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
-#define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
-
-#define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
-#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
-#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
-#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
-#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val))
-#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
-#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
-#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
-#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
-#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
-#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
-#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
-#define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
-
-#define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
-#define sk_BIO_new_null() SKM_sk_new_null(BIO)
-#define sk_BIO_free(st) SKM_sk_free(BIO, (st))
-#define sk_BIO_num(st) SKM_sk_num(BIO, (st))
-#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
-#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
-#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
-#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
-#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
-#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
-#define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val))
-#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
-#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
-#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
-#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
-#define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
-#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
-#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
-#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
-#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
-#define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
-
-#define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
-#define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
-#define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
-#define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
-#define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
-#define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
-#define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
-#define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
-#define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
-#define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
-#define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
-#define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
-#define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
-#define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
-#define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
-#define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
-
-#define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
-#define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
-#define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
-#define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
-#define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
-#define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
-#define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
-#define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
-#define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
-#define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
-#define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
-#define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
-#define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
-#define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
-#define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
-#define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
-
-#define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
-#define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
-#define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
-#define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
-#define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
-#define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
-#define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
-#define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
-#define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
-#define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
-#define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
-#define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
-#define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
-#define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
-#define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
-#define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
-
-#define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
-#define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
-#define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
-#define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
-#define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
-#define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
-#define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
-#define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
-#define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
-#define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
-#define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
-#define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
-#define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
-#define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
-#define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
-#define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
-
-#define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
-#define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
-#define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
-#define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
-#define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
-#define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
-#define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
-#define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
-#define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
-#define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
-#define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
-#define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
-#define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
-#define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
-#define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
-#define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
-
-#define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
-#define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
-#define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
-#define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
-#define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
-#define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
-#define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
-#define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
-#define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
-#define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
-#define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
-#define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
-#define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
-#define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
-#define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
-#define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
-
-#define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
-#define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
-#define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
-#define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
-#define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val))
-#define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
-#define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
-#define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
-#define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
-#define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
-#define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
-#define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
-#define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
-
-#define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
-#define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
-#define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
-#define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
-#define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
-#define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
-#define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
-#define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val))
-#define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
-#define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
-#define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
-#define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
-#define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
-#define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
-#define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
-#define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
-#define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
-#define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
-
-#define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
-#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
-#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
-#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
-#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
-#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
-#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val))
-#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
-#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
-#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
-#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
-#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
-#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
-#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
-#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
-#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
-#define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
-
-#define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
-#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
-#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
-#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
-#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
-#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
-#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
-#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
-#define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
-
-#define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
-#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
-#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
-#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
-#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
-#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
-#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
-#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
-#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
-#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
-#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
-#define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
-
-#define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
-#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
-#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
-#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
-#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
-#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
-#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val))
-#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
-#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
-#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
-#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
-#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
-#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
-#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
-#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
-#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
-#define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
-
-#define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
-#define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
-#define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
-#define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
-#define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
-#define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
-#define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
-#define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
-#define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
-#define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
-#define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val))
-#define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
-#define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
-#define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
-#define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
-#define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
-#define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
-#define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
-#define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
-#define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
-#define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
-
-#define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
-#define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
-#define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
-#define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
-#define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val))
-#define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
-#define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
-#define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
-#define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
-#define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
-#define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
-#define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
-#define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
-
-#define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
-#define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
-#define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
-#define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
-#define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
-#define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
-#define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
-#define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
-#define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
-#define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
-#define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
-#define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
-#define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
-#define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
-#define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
-#define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
-
-#define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
-#define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
-#define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
-#define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
-#define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
-#define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
-#define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
-#define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
-#define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
-#define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
-#define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
-#define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
-#define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
-#define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
-#define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
-#define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
-#define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
-#define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
-#define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
-#define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
-#define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
-
-#define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
-#define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
-#define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
-#define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
-#define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
-#define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
-#define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
-#define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
-#define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
-#define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
-#define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
-#define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
-#define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
-#define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
-#define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
-#define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
-
-#define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
-#define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
-#define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
-#define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
-#define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
-#define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
-#define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
-#define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
-#define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
-#define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
-#define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
-#define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
-#define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
-#define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
-#define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
-#define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
-
-#define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
-#define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
-#define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
-#define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
-#define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
-#define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
-#define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
-#define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
-#define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
-#define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
-#define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
-#define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
-#define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
-#define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
-#define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
-#define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
-
-#define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
-#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
-#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
-#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val))
-#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
-#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
-#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
-#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
-#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
-#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
-#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
-#define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
-
-#define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
-#define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
-#define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
-#define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
-#define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
-#define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
-#define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
-#define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
-#define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
-#define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
-#define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
-#define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
-#define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
-#define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
-#define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
-#define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
-
-#define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
-#define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
-#define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i))
-#define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val))
-#define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val))
-#define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val))
-#define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val))
-#define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val))
-#define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i))
-#define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr))
-#define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i))
-#define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp))
-#define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st)
-#define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func))
-#define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
-#define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
-
-#define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
-#define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
-#define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
-#define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
-#define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
-#define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
-#define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
-#define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
-#define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
-#define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
-#define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
-#define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
-#define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
-#define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
-#define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
-#define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
-#define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
-#define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
-#define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
-#define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
-#define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
-
-#define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
-#define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
-#define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
-#define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
-#define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
-#define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
-#define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
-#define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
-#define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
-#define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
-#define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
-#define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
-#define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
-#define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
-#define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
-#define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
-
-#define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
-#define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
-#define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
-#define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
-#define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val))
-#define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
-#define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
-#define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
-#define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
-#define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
-#define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
-#define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
-#define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
-
-#define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
-#define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
-#define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
-#define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
-#define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val))
-#define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
-#define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
-#define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
-#define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
-#define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
-#define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
-#define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
-#define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
-
-#define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
-#define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
-#define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
-#define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
-#define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val))
-#define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
-#define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
-#define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
-#define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
-#define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
-#define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
-#define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
-#define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
-
-#define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
-#define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
-#define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
-#define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
-#define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val))
-#define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
-#define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
-#define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
-#define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
-#define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
-#define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
-#define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
-#define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
-
-#define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
-#define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
-#define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
-#define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
-#define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val))
-#define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
-#define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
-#define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
-#define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
-#define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
-#define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
-#define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
-#define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
-
-#define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
-#define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
-#define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
-#define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
-#define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val))
-#define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
-#define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
-#define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
-#define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
-#define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
-#define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
-#define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
-#define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
-
-#define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
-#define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
-#define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
-#define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
-#define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val))
-#define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
-#define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
-#define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
-#define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
-#define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
-#define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
-#define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
-#define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
-
-#define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
-#define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
-#define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
-#define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
-#define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val))
-#define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
-#define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
-#define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
-#define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
-#define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
-#define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
-#define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
-#define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
-
-#define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
-#define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
-#define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
-#define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
-#define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
-#define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
-#define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
-#define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
-#define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
-#define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
-#define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
-#define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
-#define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
-#define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
-#define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
-#define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
-
-#define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
-#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
-#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
-#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
-#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
-#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
-#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val))
-#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
-#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
-#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
-#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
-#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
-#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
-#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
-#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
-#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
-#define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
-
-#define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
-#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
-#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
-#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
-#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
-#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
-#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val))
-#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
-#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
-#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
-#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
-#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
-#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
-#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
-#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
-#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
-#define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
-
-#define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
-#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
-#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
-#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val))
-#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
-#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
-#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
-#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
-#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
-#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
-#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
-#define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
-
-#define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
-#define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
-#define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
-#define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
-#define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val))
-#define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
-#define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
-#define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
-#define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
-#define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
-#define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
-#define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
-#define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
-
-#define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
-#define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
-#define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
-#define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
-#define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val))
-#define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
-#define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
-#define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
-#define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
-#define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
-#define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
-#define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
-#define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
-
-#define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
-#define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
-#define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
-#define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
-#define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
-#define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
-#define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
-#define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
-#define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
-#define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
-#define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
-#define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
-#define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
-#define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
-#define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
-#define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
-
-#define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
-#define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
-#define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
-#define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
-#define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val))
-#define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
-#define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
-#define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
-#define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
-#define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
-#define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
-#define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
-#define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
-
-#define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
-#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
-#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
-#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val))
-#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
-#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
-#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
-#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
-#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
-#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
-#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
-#define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
-
-#define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
-#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
-#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
-#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
-#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
-#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
-#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
-#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
-#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
-#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
-#define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val))
-#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
-#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
-#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
-#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
-#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
-#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
-#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
-#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
-#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
-#define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
-
-#define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
-#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
-#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
-#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val))
-#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
-#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
-#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
-#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
-#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
-#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
-#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
-#define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
-
-#define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
-#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
-#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
-#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val))
-#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
-#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
-#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
-#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
-#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
-#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
-#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
-#define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
-
-#define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
-#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
-#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
-#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
-#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
-#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
-#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val))
-#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
-#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
-#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
-#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
-#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
-#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
-#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
-#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
-#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
-#define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
-
-#define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
-#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
-#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
-#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val))
-#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
-#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
-#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
-#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
-#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
-#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
-#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
-#define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
-
-#define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
-#define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
-#define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i))
-#define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val))
-#define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val))
-#define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val))
-#define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val))
-#define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val))
-#define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i))
-#define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr))
-#define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i))
-#define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp))
-#define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st)
-#define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func))
-#define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
-#define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
-
-#define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
-#define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
-#define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
-#define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
-#define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
-#define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
-#define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
-#define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
-#define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
-#define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
-#define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
-#define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
-#define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
-#define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
-#define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
-#define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
-#define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
-#define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
-#define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
-#define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
-#define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
-
-#define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
-#define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
-#define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
-#define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
-#define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
-#define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
-#define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
-#define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
-#define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
-#define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
-#define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
-#define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
-#define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
-#define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
-#define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
-#define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
-
-#define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
-#define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
-#define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
-#define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
-#define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
-#define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
-#define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
-#define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
-#define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
-#define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
-#define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
-#define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
-#define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
-#define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
-#define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
-#define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
-
-#define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
-#define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
-#define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
-#define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
-#define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
-#define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
-#define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
-#define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
-#define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
-#define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
-#define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
-#define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
-#define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
-#define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
-#define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
-#define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
-
-#define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
-#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
-#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
-#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val))
-#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
-#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
-#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
-#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
-#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
-#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
-#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
-#define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
-
-#define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
-#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
-#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
-#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
-#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
-#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
-#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val))
-#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
-#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
-#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
-#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
-#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
-#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
-#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
-#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
-#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
-#define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
-
-#define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
-#define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
-#define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
-#define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
-#define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
-#define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
-#define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
-#define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
-#define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
-#define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
-#define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
-#define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
-#define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
-#define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
-#define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
-#define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
-
-#define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
-#define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
-#define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
-#define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
-#define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
-#define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
-#define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
-#define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
-#define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
-#define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
-#define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
-#define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
-#define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
-#define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
-#define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
-#define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
-
-#define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
-#define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
-#define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i))
-#define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val))
-#define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val))
-#define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val))
-#define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val))
-#define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val))
-#define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i))
-#define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr))
-#define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i))
-#define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp))
-#define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st)
-#define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func))
-#define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
-#define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
-
-#define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
-#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
-#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
-#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
-#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
-#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
-#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
-#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
-#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
-#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
-#define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val))
-#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
-#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
-#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
-#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
-#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
-#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
-#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
-#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
-#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
-#define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
-
-#define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
-#define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
-#define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
-#define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
-#define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
-#define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
-#define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
-#define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
-#define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
-#define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
-#define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val))
-#define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
-#define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
-#define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
-#define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
-#define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
-#define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
-#define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
-#define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
-#define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
-#define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
-
-#define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
-#define sk_X509_new_null() SKM_sk_new_null(X509)
-#define sk_X509_free(st) SKM_sk_free(X509, (st))
-#define sk_X509_num(st) SKM_sk_num(X509, (st))
-#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
-#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
-#define sk_X509_zero(st) SKM_sk_zero(X509, (st))
-#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
-#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
-#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
-#define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val))
-#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
-#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
-#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
-#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
-#define sk_X509_dup(st) SKM_sk_dup(X509, st)
-#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
-#define sk_X509_shift(st) SKM_sk_shift(X509, (st))
-#define sk_X509_pop(st) SKM_sk_pop(X509, (st))
-#define sk_X509_sort(st) SKM_sk_sort(X509, (st))
-#define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
-
-#define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
-#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
-#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
-#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val))
-#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
-#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
-#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
-#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
-#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
-#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
-#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
-#define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
-
-#define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
-#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
-#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
-#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
-#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
-#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
-#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val))
-#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
-#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
-#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
-#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
-#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
-#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
-#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
-#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
-#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
-#define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
-
-#define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
-#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
-#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
-#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val))
-#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
-#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
-#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
-#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
-#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
-#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
-#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
-#define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
-
-#define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
-#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
-#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
-#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
-#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
-#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
-#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
-#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
-#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
-#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
-#define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val))
-#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
-#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
-#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
-#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
-#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
-#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
-#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
-#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
-#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
-#define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
-
-#define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
-#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
-#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
-#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val))
-#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
-#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
-#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
-#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
-#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
-#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
-#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
-#define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
-
-#define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
-#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
-#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
-#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
-#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
-#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
-#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
-#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
-#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
-#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
-#define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val))
-#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
-#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
-#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
-#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
-#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
-#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
-#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
-#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
-#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
-#define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
-
-#define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
-#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
-#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
-#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val))
-#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
-#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
-#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
-#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
-#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
-#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
-#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
-#define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
-
-#define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
-#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
-#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
-#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
-#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
-#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
-#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
-#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
-#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
-#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
-#define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val))
-#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
-#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
-#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
-#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
-#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
-#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
-#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
-#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
-#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
-#define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
-
-#define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
-#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
-#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
-#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val))
-#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
-#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
-#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
-#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
-#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
-#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
-#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
-#define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
-
-#define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
-#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
-#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
-#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
-#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
-#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
-#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val))
-#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
-#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
-#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
-#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
-#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
-#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
-#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
-#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
-#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
-#define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
-
-#define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
-#define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
-#define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i))
-#define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val))
-#define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val))
-#define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val))
-#define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val))
-#define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val))
-#define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i))
-#define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr))
-#define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i))
-#define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp))
-#define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st)
-#define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func))
-#define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
-#define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
-
-#define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
-#define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
-#define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i))
-#define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val))
-#define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val))
-#define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val))
-#define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val))
-#define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val))
-#define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i))
-#define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr))
-#define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i))
-#define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp))
-#define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st)
-#define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func))
-#define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
-#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
-
-#define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
-#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
-#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
-#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val))
-#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
-#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
-#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
-#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
-#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
-#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
-#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
-#define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
-
-#define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
-#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
-#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
-#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
-#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
-#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
-#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val))
-#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
-#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
-#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
-#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
-#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
-#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
-#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
-#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
-#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
-#define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
-
-#define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
-#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
-#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
-#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
-#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
-#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
-#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val))
-#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
-#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
-#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
-#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
-#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
-#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
-#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
-#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
-#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
-#define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
-
-#define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
-#define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
-#define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
-#define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
-#define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
-#define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
-#define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
-#define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
-#define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
-#define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
-#define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
-#define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
-#define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
-
-#define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
-#define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
-#define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
-#define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
-#define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
-#define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
-#define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
-#define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
-#define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
-#define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
-#define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
-#define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
-#define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
-#define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
-#define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
-#define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
-#define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
-#define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
-#define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
-#define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
-#define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
-
-#define sk_void_new(cmp) SKM_sk_new(void, (cmp))
-#define sk_void_new_null() SKM_sk_new_null(void)
-#define sk_void_free(st) SKM_sk_free(void, (st))
-#define sk_void_num(st) SKM_sk_num(void, (st))
-#define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
-#define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
-#define sk_void_zero(st) SKM_sk_zero(void, (st))
-#define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
-#define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
-#define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
-#define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
-#define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
-#define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
-#define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
-#define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
-#define sk_void_dup(st) SKM_sk_dup(void, st)
-#define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
-#define sk_void_shift(st) SKM_sk_shift(void, (st))
-#define sk_void_pop(st) SKM_sk_pop(void, (st))
-#define sk_void_sort(st) SKM_sk_sort(void, (st))
-#define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
-
-#define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
-#define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
-#define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-#define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-#define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
-#define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
-#define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_STRING, free_func))
-#define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
-#define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
-#define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
-#define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
-#define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
-#define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
-#define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
-#define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
-#define sk_OPENSSL_STRING_set_cmp_func(st, cmp)  \
-	((int (*)(const char * const *,const char * const *)) \
-	sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
-#define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
-#define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
-#define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
-#define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
-#define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
-
-
-#define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
-#define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
-#define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-#define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-#define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
-#define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
-#define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC2(OPENSSL_BLOCK, free_func))
-#define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
-#define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
-#define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
-#define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
-#define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
-#define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
-#define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
-#define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
-#define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp)  \
-	((int (*)(const void * const *,const void * const *)) \
-	sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
-#define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
-#define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
-#define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
-#define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
-#define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
-
-
-#define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-#define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
-#define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
-#define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC2(OPENSSL_PSTRING, free_func))
-#define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
-#define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
-#define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
-#define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
-#define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp)  \
-	((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
-	sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
-#define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
-#define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
-#define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
-#define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
-
-
-#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
-
-#define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
-	SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
-#define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
-	SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
-#define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
-	SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
-#define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
-	SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
-
-#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
-#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
-	SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-
-#define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
-#define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
-#define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
-#define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
-#define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
-#define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
-#define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
-#define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
-#define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
-#define lh_ADDED_OBJ_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
-#define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
-#define lh_ADDED_OBJ_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ADDED_OBJ,lh,out)
-#define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
-
-#define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
-#define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
-#define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
-#define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
-#define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
-#define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
-#define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
-#define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
-#define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
-#define lh_APP_INFO_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(APP_INFO,lh,out)
-#define lh_APP_INFO_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
-#define lh_APP_INFO_stats_bio(lh,out) \
-  LHM_lh_stats_bio(APP_INFO,lh,out)
-#define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
-
-#define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
-#define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
-#define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
-#define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
-#define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
-#define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
-#define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
-#define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
-#define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
-#define lh_CONF_VALUE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
-#define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
-#define lh_CONF_VALUE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(CONF_VALUE,lh,out)
-#define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
-
-#define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
-#define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
-#define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
-#define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
-#define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
-#define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
-#define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
-#define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
-#define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
-#define lh_ENGINE_PILE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
-#define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
-#define lh_ENGINE_PILE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ENGINE_PILE,lh,out)
-#define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
-
-#define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
-#define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
-#define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
-#define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
-#define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
-#define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
-#define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
-#define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
-#define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
-#define lh_ERR_STATE_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ERR_STATE,lh,out)
-#define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
-#define lh_ERR_STATE_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ERR_STATE,lh,out)
-#define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
-
-#define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
-#define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
-#define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
-#define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
-#define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
-#define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
-#define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
-#define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
-#define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
-#define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
-#define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
-#define lh_ERR_STRING_DATA_stats_bio(lh,out) \
-  LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
-#define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
-
-#define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
-#define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
-#define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
-#define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
-#define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
-#define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
-#define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
-#define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
-#define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
-#define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
-#define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
-#define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
-  LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
-#define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
-
-#define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
-#define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
-#define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
-#define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
-#define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
-#define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
-#define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
-#define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
-#define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
-#define lh_FUNCTION_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(FUNCTION,lh,out)
-#define lh_FUNCTION_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
-#define lh_FUNCTION_stats_bio(lh,out) \
-  LHM_lh_stats_bio(FUNCTION,lh,out)
-#define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
-
-#define lh_MEM_new() LHM_lh_new(MEM,mem)
-#define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
-#define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
-#define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
-#define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
-#define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
-#define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
-#define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
-#define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
-#define lh_MEM_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(MEM,lh,out)
-#define lh_MEM_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(MEM,lh,out)
-#define lh_MEM_stats_bio(lh,out) \
-  LHM_lh_stats_bio(MEM,lh,out)
-#define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
-
-#define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
-#define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
-#define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
-#define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
-#define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
-#define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
-#define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
-#define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
-#define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
-#define lh_OBJ_NAME_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
-#define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
-#define lh_OBJ_NAME_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OBJ_NAME,lh,out)
-#define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
-
-#define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
-#define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
-#define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
-#define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
-#define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
-#define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
-#define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
-#define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
-#define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
-#define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
-#define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
-#define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
-#define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
-
-#define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
-#define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
-#define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
-#define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
-#define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
-#define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
-#define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
-#define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
-#define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
-#define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
-#define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
-#define lh_OPENSSL_STRING_stats_bio(lh,out) \
-  LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
-#define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
-
-#define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
-#define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
-#define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
-#define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
-#define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
-#define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
-  LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
-#define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
-#define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
-#define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
-#define lh_SSL_SESSION_node_stats_bio(lh,out) \
-  LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
-#define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
-  LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
-#define lh_SSL_SESSION_stats_bio(lh,out) \
-  LHM_lh_stats_bio(SSL_SESSION,lh,out)
-#define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
-/* End of util/mkstack.pl block, you may now edit :-) */
-
-#endif /* !defined HEADER_SAFESTACK_H */
diff --git a/lib/libssl/src/crypto/stack/stack.c b/lib/libssl/src/crypto/stack/stack.c
deleted file mode 100644
index d941f9e6fb8..00000000000
--- a/lib/libssl/src/crypto/stack/stack.c
+++ /dev/null
@@ -1,341 +0,0 @@
-/* $OpenBSD: stack.c,v 1.19 2015/02/07 13:19:15 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/objects.h>
-#include <openssl/stack.h>
-
-#undef MIN_NODES
-#define MIN_NODES	4
-
-#include <errno.h>
-
-int
-(*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))(
-    const void *, const void *)
-{
-	int (*old)(const void *, const void *) = sk->comp;
-
-	if (sk->comp != c)
-		sk->sorted = 0;
-	sk->comp = c;
-
-	return old;
-}
-
-_STACK *
-sk_dup(_STACK *sk)
-{
-	_STACK *ret;
-	char **s;
-
-	if ((ret = sk_new(sk->comp)) == NULL)
-		goto err;
-	s = reallocarray(ret->data, sk->num_alloc, sizeof(char *));
-	if (s == NULL)
-		goto err;
-	ret->data = s;
-
-	ret->num = sk->num;
-	memcpy(ret->data, sk->data, sizeof(char *) * sk->num);
-	ret->sorted = sk->sorted;
-	ret->num_alloc = sk->num_alloc;
-	ret->comp = sk->comp;
-	return (ret);
-
-err:
-	if (ret)
-		sk_free(ret);
-	return (NULL);
-}
-
-_STACK *
-sk_new_null(void)
-{
-	return sk_new((int (*)(const void *, const void *))0);
-}
-
-_STACK *
-sk_new(int (*c)(const void *, const void *))
-{
-	_STACK *ret;
-	int i;
-
-	if ((ret = malloc(sizeof(_STACK))) == NULL)
-		goto err;
-	if ((ret->data = reallocarray(NULL, MIN_NODES, sizeof(char *))) == NULL)
-		goto err;
-	for (i = 0; i < MIN_NODES; i++)
-		ret->data[i] = NULL;
-	ret->comp = c;
-	ret->num_alloc = MIN_NODES;
-	ret->num = 0;
-	ret->sorted = 0;
-	return (ret);
-
-err:
-	free(ret);
-	return (NULL);
-}
-
-int
-sk_insert(_STACK *st, void *data, int loc)
-{
-	char **s;
-
-	if (st == NULL)
-		return 0;
-	if (st->num_alloc <= st->num + 1) {
-		s = reallocarray(st->data, st->num_alloc, 2 * sizeof(char *));
-		if (s == NULL)
-			return (0);
-		st->data = s;
-		st->num_alloc *= 2;
-	}
-	if ((loc >= (int)st->num) || (loc < 0))
-		st->data[st->num] = data;
-	else {
-		memmove(&(st->data[loc + 1]), &(st->data[loc]),
-		    sizeof(char *)*(st->num - loc));
-		st->data[loc] = data;
-	}
-	st->num++;
-	st->sorted = 0;
-	return (st->num);
-}
-
-void *
-sk_delete_ptr(_STACK *st, void *p)
-{
-	int i;
-
-	for (i = 0; i < st->num; i++)
-		if (st->data[i] == p)
-			return (sk_delete(st, i));
-	return (NULL);
-}
-
-void *
-sk_delete(_STACK *st, int loc)
-{
-	char *ret;
-
-	if (!st || (loc < 0) || (loc >= st->num))
-		return NULL;
-
-	ret = st->data[loc];
-	if (loc != st->num - 1) {
-		memmove(&(st->data[loc]), &(st->data[loc + 1]),
-		    sizeof(char *)*(st->num - 1 - loc));
-	}
-	st->num--;
-	return (ret);
-}
-
-static int
-internal_find(_STACK *st, void *data, int ret_val_options)
-{
-	const void * const *r;
-	int i;
-
-	if (st == NULL)
-		return -1;
-
-	if (st->comp == NULL) {
-		for (i = 0; i < st->num; i++)
-			if (st->data[i] == data)
-				return (i);
-		return (-1);
-	}
-	sk_sort(st);
-	if (data == NULL)
-		return (-1);
-	r = OBJ_bsearch_ex_(&data, st->data, st->num, sizeof(void *), st->comp,
-	    ret_val_options);
-	if (r == NULL)
-		return (-1);
-	return (int)((char **)r - st->data);
-}
-
-int
-sk_find(_STACK *st, void *data)
-{
-	return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
-}
-
-int
-sk_find_ex(_STACK *st, void *data)
-{
-	return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
-}
-
-int
-sk_push(_STACK *st, void *data)
-{
-	return (sk_insert(st, data, st->num));
-}
-
-int
-sk_unshift(_STACK *st, void *data)
-{
-	return (sk_insert(st, data, 0));
-}
-
-void *
-sk_shift(_STACK *st)
-{
-	if (st == NULL)
-		return (NULL);
-	if (st->num <= 0)
-		return (NULL);
-	return (sk_delete(st, 0));
-}
-
-void *
-sk_pop(_STACK *st)
-{
-	if (st == NULL)
-		return (NULL);
-	if (st->num <= 0)
-		return (NULL);
-	return (sk_delete(st, st->num - 1));
-}
-
-void
-sk_zero(_STACK *st)
-{
-	if (st == NULL)
-		return;
-	if (st->num <= 0)
-		return;
-	memset(st->data, 0, sizeof(st->data)*st->num);
-	st->num = 0;
-}
-
-void
-sk_pop_free(_STACK *st, void (*func)(void *))
-{
-	int i;
-
-	if (st == NULL)
-		return;
-	for (i = 0; i < st->num; i++)
-		if (st->data[i] != NULL)
-			func(st->data[i]);
-	sk_free(st);
-}
-
-void
-sk_free(_STACK *st)
-{
-	if (st == NULL)
-		return;
-	free(st->data);
-	free(st);
-}
-
-int
-sk_num(const _STACK *st)
-{
-	if (st == NULL)
-		return -1;
-	return st->num;
-}
-
-void *
-sk_value(const _STACK *st, int i)
-{
-	if (!st || (i < 0) || (i >= st->num))
-		return NULL;
-	return st->data[i];
-}
-
-void *
-sk_set(_STACK *st, int i, void *value)
-{
-	if (!st || (i < 0) || (i >= st->num))
-		return NULL;
-	return (st->data[i] = value);
-}
-
-void
-sk_sort(_STACK *st)
-{
-	if (st && !st->sorted) {
-		int (*comp_func)(const void *, const void *);
-
-		/* same comment as in sk_find ... previously st->comp was declared
-		 * as a (void*,void*) callback type, but this made the population
-		 * of the callback pointer illogical - our callbacks compare
-		 * type** with type**, so we leave the casting until absolutely
-		 * necessary (ie. "now"). */
-		comp_func = (int (*)(const void *, const void *))(st->comp);
-		qsort(st->data, st->num, sizeof(char *), comp_func);
-		st->sorted = 1;
-	}
-}
-
-int
-sk_is_sorted(const _STACK *st)
-{
-	if (!st)
-		return 1;
-	return st->sorted;
-}
diff --git a/lib/libssl/src/crypto/stack/stack.h b/lib/libssl/src/crypto/stack/stack.h
deleted file mode 100644
index 6bea6348f20..00000000000
--- a/lib/libssl/src/crypto/stack/stack.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/* $OpenBSD: stack.h,v 1.9 2014/06/12 15:49:30 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_STACK_H
-#define HEADER_STACK_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct stack_st {
-	int num;
-	char **data;
-	int sorted;
-
-	int num_alloc;
-	int (*comp)(const void *, const void *);
-} _STACK;  /* Use STACK_OF(...) instead */
-
-#define M_sk_num(sk)		((sk) ? (sk)->num:-1)
-#define M_sk_value(sk,n)	((sk) ? (sk)->data[n] : NULL)
-
-int sk_num(const _STACK *);
-void *sk_value(const _STACK *, int);
-
-void *sk_set(_STACK *, int, void *);
-
-_STACK *sk_new(int (*cmp)(const void *, const void *));
-_STACK *sk_new_null(void);
-void sk_free(_STACK *);
-void sk_pop_free(_STACK *st, void (*func)(void *));
-int sk_insert(_STACK *sk, void *data, int where);
-void *sk_delete(_STACK *st, int loc);
-void *sk_delete_ptr(_STACK *st, void *p);
-int sk_find(_STACK *st, void *data);
-int sk_find_ex(_STACK *st, void *data);
-int sk_push(_STACK *st, void *data);
-int sk_unshift(_STACK *st, void *data);
-void *sk_shift(_STACK *st);
-void *sk_pop(_STACK *st);
-void sk_zero(_STACK *st);
-int (*sk_set_cmp_func(_STACK *sk, int (*c)(const void *, const void *)))(
-    const void *, const void *);
-_STACK *sk_dup(_STACK *st);
-void sk_sort(_STACK *st);
-int sk_is_sorted(const _STACK *st);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/ts/ts.h b/lib/libssl/src/crypto/ts/ts.h
deleted file mode 100644
index 4457d30dd7e..00000000000
--- a/lib/libssl/src/crypto/ts/ts.h
+++ /dev/null
@@ -1,839 +0,0 @@
-/* $OpenBSD: ts.h,v 1.7 2014/07/10 22:45:58 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
- * project 2002, 2003, 2004.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_TS_H
-#define HEADER_TS_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BUFFER
-#include <openssl/buffer.h>
-#endif
-#ifndef OPENSSL_NO_EVP
-#include <openssl/evp.h>
-#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/asn1.h>
-#include <openssl/safestack.h>
-
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/*
-MessageImprint ::= SEQUENCE  {
-     hashAlgorithm                AlgorithmIdentifier,
-     hashedMessage                OCTET STRING  }
-*/
-
-typedef struct TS_msg_imprint_st {
-	X509_ALGOR *hash_algo;
-	ASN1_OCTET_STRING *hashed_msg;
-} TS_MSG_IMPRINT;
-
-/*
-TimeStampReq ::= SEQUENCE  {
-   version                  INTEGER  { v1(1) },
-   messageImprint           MessageImprint,
-     --a hash algorithm OID and the hash value of the data to be
-     --time-stamped
-   reqPolicy                TSAPolicyId                OPTIONAL,
-   nonce                    INTEGER                    OPTIONAL,
-   certReq                  BOOLEAN                    DEFAULT FALSE,
-   extensions               [0] IMPLICIT Extensions    OPTIONAL  }
-*/
-
-typedef struct TS_req_st {
-	ASN1_INTEGER *version;
-	TS_MSG_IMPRINT *msg_imprint;
-	ASN1_OBJECT *policy_id;		/* OPTIONAL */
-	ASN1_INTEGER *nonce;		/* OPTIONAL */
-	ASN1_BOOLEAN cert_req;		/* DEFAULT FALSE */
-	STACK_OF(X509_EXTENSION) *extensions;	/* [0] OPTIONAL */
-} TS_REQ;
-
-/*
-Accuracy ::= SEQUENCE {
-                seconds        INTEGER           OPTIONAL,
-                millis     [0] INTEGER  (1..999) OPTIONAL,
-                micros     [1] INTEGER  (1..999) OPTIONAL  }
-*/
-
-typedef struct TS_accuracy_st {
-	ASN1_INTEGER *seconds;
-	ASN1_INTEGER *millis;
-	ASN1_INTEGER *micros;
-} TS_ACCURACY;
-
-/*
-TSTInfo ::= SEQUENCE  {
-    version                      INTEGER  { v1(1) },
-    policy                       TSAPolicyId,
-    messageImprint               MessageImprint,
-      -- MUST have the same value as the similar field in
-      -- TimeStampReq
-    serialNumber                 INTEGER,
-     -- Time-Stamping users MUST be ready to accommodate integers
-     -- up to 160 bits.
-    genTime                      GeneralizedTime,
-    accuracy                     Accuracy                 OPTIONAL,
-    ordering                     BOOLEAN             DEFAULT FALSE,
-    nonce                        INTEGER                  OPTIONAL,
-      -- MUST be present if the similar field was present
-      -- in TimeStampReq.  In that case it MUST have the same value.
-    tsa                          [0] GeneralName          OPTIONAL,
-    extensions                   [1] IMPLICIT Extensions  OPTIONAL   }
-*/
-
-typedef struct TS_tst_info_st {
-	ASN1_INTEGER *version;
-	ASN1_OBJECT *policy_id;
-	TS_MSG_IMPRINT *msg_imprint;
-	ASN1_INTEGER *serial;
-	ASN1_GENERALIZEDTIME *time;
-	TS_ACCURACY *accuracy;
-	ASN1_BOOLEAN ordering;
-	ASN1_INTEGER *nonce;
-	GENERAL_NAME *tsa;
-	STACK_OF(X509_EXTENSION) *extensions;
-} TS_TST_INFO;
-
-/*
-PKIStatusInfo ::= SEQUENCE {
-    status        PKIStatus,
-    statusString  PKIFreeText     OPTIONAL,
-    failInfo      PKIFailureInfo  OPTIONAL  }
-
-From RFC 1510 - section 3.1.1:
-PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-	-- text encoded as UTF-8 String (note:  each UTF8String SHOULD
-	-- include an RFC 1766 language tag to indicate the language
-	-- of the contained text)
-*/
-
-/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
-
-#define	TS_STATUS_GRANTED			0
-#define	TS_STATUS_GRANTED_WITH_MODS		1
-#define	TS_STATUS_REJECTION			2
-#define	TS_STATUS_WAITING			3
-#define	TS_STATUS_REVOCATION_WARNING		4
-#define	TS_STATUS_REVOCATION_NOTIFICATION	5
-
-/* Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c */
-
-#define	TS_INFO_BAD_ALG			0
-#define	TS_INFO_BAD_REQUEST		2
-#define	TS_INFO_BAD_DATA_FORMAT		5
-#define	TS_INFO_TIME_NOT_AVAILABLE	14
-#define	TS_INFO_UNACCEPTED_POLICY	15
-#define	TS_INFO_UNACCEPTED_EXTENSION	16
-#define	TS_INFO_ADD_INFO_NOT_AVAILABLE	17
-#define	TS_INFO_SYSTEM_FAILURE		25
-
-typedef struct TS_status_info_st {
-	ASN1_INTEGER *status;
-	STACK_OF(ASN1_UTF8STRING) *text;
-	ASN1_BIT_STRING *failure_info;
-} TS_STATUS_INFO;
-
-DECLARE_STACK_OF(ASN1_UTF8STRING)
-DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
-
-/*
-TimeStampResp ::= SEQUENCE  {
-     status                  PKIStatusInfo,
-     timeStampToken          TimeStampToken     OPTIONAL }
-*/
-
-typedef struct TS_resp_st {
-	TS_STATUS_INFO *status_info;
-	PKCS7 *token;
-	TS_TST_INFO *tst_info;
-} TS_RESP;
-
-/* The structure below would belong to the ESS component. */
-
-/*
-IssuerSerial ::= SEQUENCE {
-	issuer                   GeneralNames,
-	serialNumber             CertificateSerialNumber
-	}
-*/
-
-typedef struct ESS_issuer_serial {
-	STACK_OF(GENERAL_NAME)	*issuer;
-	ASN1_INTEGER		*serial;
-} ESS_ISSUER_SERIAL;
-
-/*
-ESSCertID ::=  SEQUENCE {
-        certHash                 Hash,
-        issuerSerial             IssuerSerial OPTIONAL
-}
-*/
-
-typedef struct ESS_cert_id {
-	ASN1_OCTET_STRING *hash;	/* Always SHA-1 digest. */
-	ESS_ISSUER_SERIAL *issuer_serial;
-} ESS_CERT_ID;
-
-DECLARE_STACK_OF(ESS_CERT_ID)
-DECLARE_ASN1_SET_OF(ESS_CERT_ID)
-
-/*
-SigningCertificate ::=  SEQUENCE {
-       certs        SEQUENCE OF ESSCertID,
-       policies     SEQUENCE OF PolicyInformation OPTIONAL
-}
-*/
-
-typedef struct ESS_signing_cert {
-	STACK_OF(ESS_CERT_ID) *cert_ids;
-	STACK_OF(POLICYINFO) *policy_info;
-} ESS_SIGNING_CERT;
-
-
-TS_REQ	*TS_REQ_new(void);
-void	TS_REQ_free(TS_REQ *a);
-int	i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
-TS_REQ	*d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
-
-TS_REQ	*TS_REQ_dup(TS_REQ *a);
-
-TS_REQ	*d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
-int	i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
-TS_REQ	*d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
-int	i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
-
-TS_MSG_IMPRINT	*TS_MSG_IMPRINT_new(void);
-void		TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
-int		i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
-TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
-		    const unsigned char **pp, long length);
-
-TS_MSG_IMPRINT	*TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
-
-TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
-int		i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
-TS_MSG_IMPRINT	*d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
-int		i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
-
-TS_RESP	*TS_RESP_new(void);
-void	TS_RESP_free(TS_RESP *a);
-int	i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
-TS_RESP	*d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
-TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
-TS_RESP	*TS_RESP_dup(TS_RESP *a);
-
-TS_RESP	*d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
-int	i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
-TS_RESP	*d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
-int	i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
-
-TS_STATUS_INFO	*TS_STATUS_INFO_new(void);
-void		TS_STATUS_INFO_free(TS_STATUS_INFO *a);
-int		i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
-TS_STATUS_INFO	*d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
-		    const unsigned char **pp, long length);
-TS_STATUS_INFO	*TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
-
-TS_TST_INFO	*TS_TST_INFO_new(void);
-void		TS_TST_INFO_free(TS_TST_INFO *a);
-int		i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
-TS_TST_INFO	*d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
-		    long length);
-TS_TST_INFO	*TS_TST_INFO_dup(TS_TST_INFO *a);
-
-TS_TST_INFO	*d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
-int		i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
-TS_TST_INFO	*d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
-int		i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
-
-TS_ACCURACY	*TS_ACCURACY_new(void);
-void		TS_ACCURACY_free(TS_ACCURACY *a);
-int		i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
-TS_ACCURACY	*d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
-		    long length);
-TS_ACCURACY	*TS_ACCURACY_dup(TS_ACCURACY *a);
-
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
-void		  ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
-int		  i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a,
-		    unsigned char **pp);
-ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
-		    const unsigned char **pp, long length);
-ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
-
-ESS_CERT_ID	*ESS_CERT_ID_new(void);
-void		ESS_CERT_ID_free(ESS_CERT_ID *a);
-int		i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
-ESS_CERT_ID	*d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
-		    long length);
-ESS_CERT_ID	*ESS_CERT_ID_dup(ESS_CERT_ID *a);
-
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
-void		 ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
-int		 i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a,
-		    unsigned char **pp);
-ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
-		    const unsigned char **pp, long length);
-ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
-
-void ERR_load_TS_strings(void);
-
-int TS_REQ_set_version(TS_REQ *a, long version);
-long TS_REQ_get_version(const TS_REQ *a);
-
-int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
-
-int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
-X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
-
-int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
-ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
-
-int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
-ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
-
-int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
-
-int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
-int TS_REQ_get_cert_req(const TS_REQ *a);
-
-STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
-void TS_REQ_ext_free(TS_REQ *a);
-int TS_REQ_get_ext_count(TS_REQ *a);
-int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
-int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
-int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
-X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
-X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
-int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
-void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
-
-/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
-
-int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
-
-int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
-TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
-
-/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
-void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
-PKCS7 *TS_RESP_get_token(TS_RESP *a);
-TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
-
-int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
-long TS_TST_INFO_get_version(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
-ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
-TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
-
-int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
-const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
-const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
-TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
-
-int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
-const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
-const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
-
-int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
-const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
-
-int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
-int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
-const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
-
-int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
-GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
-
-STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
-void TS_TST_INFO_ext_free(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
-int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
-int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
-int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
-X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
-X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
-int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
-void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
-
-/* Declarations related to response generation, defined in ts/ts_resp_sign.c. */
-
-/* Optional flags for response generation. */
-
-/* Don't include the TSA name in response. */
-#define	TS_TSA_NAME		0x01
-
-/* Set ordering to true in response. */
-#define	TS_ORDERING		0x02
-
-/*
- * Include the signer certificate and the other specified certificates in
- * the ESS signing certificate attribute beside the PKCS7 signed data.
- * Only the signer certificates is included by default.
- */
-#define	TS_ESS_CERT_ID_CHAIN	0x04
-
-/* Forward declaration. */
-struct TS_resp_ctx;
-
-/* This must return a unique number less than 160 bits long. */
-typedef ASN1_INTEGER *(*TS_serial_cb)(struct TS_resp_ctx *, void *);
-
-/* This must return the seconds and microseconds since Jan 1, 1970 in
-   the sec and usec variables allocated by the caller.
-   Return non-zero for success and zero for failure. */
-typedef	int (*TS_time_cb)(struct TS_resp_ctx *, void *, time_t *sec, long *usec);
-
-/* This must process the given extension.
- * It can modify the TS_TST_INFO object of the context.
- * Return values: !0 (processed), 0 (error, it must set the
- * status info/failure info of the response).
- */
-typedef	int (*TS_extension_cb)(struct TS_resp_ctx *, X509_EXTENSION *, void *);
-
-typedef struct TS_resp_ctx {
-	X509		*signer_cert;
-	EVP_PKEY	*signer_key;
-	STACK_OF(X509)	*certs;	/* Certs to include in signed data. */
-	STACK_OF(ASN1_OBJECT)	*policies;	/* Acceptable policies. */
-	ASN1_OBJECT	*default_policy; /* It may appear in policies, too. */
-	STACK_OF(EVP_MD)	*mds;	/* Acceptable message digests. */
-	ASN1_INTEGER	*seconds;	/* accuracy, 0 means not specified. */
-	ASN1_INTEGER	*millis;	/* accuracy, 0 means not specified. */
-	ASN1_INTEGER	*micros;	/* accuracy, 0 means not specified. */
-	unsigned	clock_precision_digits; /* fraction of seconds in
-						   time stamp token. */
-	unsigned	flags;		/* Optional info, see values above. */
-
-	/* Callback functions. */
-	TS_serial_cb serial_cb;
-	void *serial_cb_data;	/* User data for serial_cb. */
-
-	TS_time_cb time_cb;
-	void *time_cb_data;	/* User data for time_cb. */
-
-	TS_extension_cb extension_cb;
-	void *extension_cb_data;	/* User data for extension_cb. */
-
-	/* These members are used only while creating the response. */
-	TS_REQ		*request;
-	TS_RESP		*response;
-	TS_TST_INFO	*tst_info;
-} TS_RESP_CTX;
-
-DECLARE_STACK_OF(EVP_MD)
-DECLARE_ASN1_SET_OF(EVP_MD)
-
-/* Creates a response context that can be used for generating responses. */
-TS_RESP_CTX *TS_RESP_CTX_new(void);
-void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
-
-/* This parameter must be set. */
-int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
-
-/* No additional certs are included in the response by default. */
-int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
-
-/* Adds a new acceptable policy, only the default policy
-   is accepted by default. */
-int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
-
-/* Adds a new acceptable message digest. Note that no message digests
-   are accepted by default. The md argument is shared with the caller. */
-int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
-
-/* Accuracy is not included by default. */
-int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
-    int secs, int millis, int micros);
-
-/* Clock precision digits, i.e. the number of decimal digits:
-   '0' means sec, '3' msec, '6' usec, and so on. Default is 0. */
-int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
-    unsigned clock_precision_digits);
-/* At most we accept usec precision. */
-#define TS_MAX_CLOCK_PRECISION_DIGITS	6
-
-/* No flags are set by default. */
-void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
-
-/* Default callback always returns a constant. */
-void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
-
-/* Default callback rejects all extensions. The extension callback is called
- * when the TS_TST_INFO object is already set up and not signed yet. */
-/* FIXME: extension handling is not tested yet. */
-void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
-    TS_extension_cb cb, void *data);
-
-/* The following methods can be used in the callbacks. */
-int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
-    int status, const char *text);
-
-/* Sets the status info only if it is still TS_STATUS_GRANTED. */
-int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
-    int status, const char *text);
-
-int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
-
-/* The get methods below can be used in the extension callback. */
-TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
-
-TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
-
-/*
- * Creates the signed TS_TST_INFO and puts it in TS_RESP.
- * In case of errors it sets the status info properly.
- * Returns NULL only in case of memory allocation/fatal error.
- */
-TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
-
-/*
- * Declarations related to response verification,
- * they are defined in ts/ts_resp_verify.c.
- */
-
-int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
-    X509_STORE *store, X509 **signer_out);
-
-/* Context structure for the generic verify method. */
-
-/* Verify the signer's certificate and the signature of the response. */
-#define	TS_VFY_SIGNATURE	(1u << 0)
-/* Verify the version number of the response. */
-#define	TS_VFY_VERSION		(1u << 1)
-/* Verify if the policy supplied by the user matches the policy of the TSA. */
-#define	TS_VFY_POLICY		(1u << 2)
-/* Verify the message imprint provided by the user. This flag should not be
-   specified with TS_VFY_DATA. */
-#define	TS_VFY_IMPRINT		(1u << 3)
-/* Verify the message imprint computed by the verify method from the user
-   provided data and the MD algorithm of the response. This flag should not be
-   specified with TS_VFY_IMPRINT. */
-#define	TS_VFY_DATA		(1u << 4)
-/* Verify the nonce value. */
-#define	TS_VFY_NONCE		(1u << 5)
-/* Verify if the TSA name field matches the signer certificate. */
-#define	TS_VFY_SIGNER		(1u << 6)
-/* Verify if the TSA name field equals to the user provided name. */
-#define	TS_VFY_TSA_NAME		(1u << 7)
-
-/* You can use the following convenience constants. */
-#define	TS_VFY_ALL_IMPRINT	(TS_VFY_SIGNATURE	\
-				 | TS_VFY_VERSION	\
-				 | TS_VFY_POLICY	\
-				 | TS_VFY_IMPRINT	\
-				 | TS_VFY_NONCE		\
-				 | TS_VFY_SIGNER	\
-				 | TS_VFY_TSA_NAME)
-#define	TS_VFY_ALL_DATA		(TS_VFY_SIGNATURE	\
-				 | TS_VFY_VERSION	\
-				 | TS_VFY_POLICY	\
-				 | TS_VFY_DATA		\
-				 | TS_VFY_NONCE		\
-				 | TS_VFY_SIGNER	\
-				 | TS_VFY_TSA_NAME)
-
-typedef struct TS_verify_ctx {
-	/* Set this to the union of TS_VFY_... flags you want to carry out. */
-	unsigned	flags;
-
-	/* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
-	X509_STORE	*store;
-	STACK_OF(X509)	*certs;
-
-	/* Must be set only with TS_VFY_POLICY. */
-	ASN1_OBJECT	*policy;
-
-	/* Must be set only with TS_VFY_IMPRINT. If md_alg is NULL,
-	   the algorithm from the response is used. */
-	X509_ALGOR	*md_alg;
-	unsigned char	*imprint;
-	unsigned	imprint_len;
-
-	/* Must be set only with TS_VFY_DATA. */
-	BIO		*data;
-
-	/* Must be set only with TS_VFY_TSA_NAME. */
-	ASN1_INTEGER	*nonce;
-
-	/* Must be set only with TS_VFY_TSA_NAME. */
-	GENERAL_NAME	*tsa_name;
-} TS_VERIFY_CTX;
-
-int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
-int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
-
-/*
- * Declarations related to response verification context,
- * they are defined in ts/ts_verify_ctx.c.
- */
-
-/* Set all fields to zero. */
-TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
-void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
-void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
-
-/*
- * If ctx is NULL, it allocates and returns a new object, otherwise
- * it returns ctx. It initialises all the members as follows:
- * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
- * certs = NULL
- * store = NULL
- * policy = policy from the request or NULL if absent (in this case
- *	TS_VFY_POLICY is cleared from flags as well)
- * md_alg = MD algorithm from request
- * imprint, imprint_len = imprint from request
- * data = NULL
- * nonce, nonce_len = nonce from the request or NULL if absent (in this case
- * 	TS_VFY_NONCE is cleared from flags as well)
- * tsa_name = NULL
- * Important: after calling this method TS_VFY_SIGNATURE should be added!
- */
-TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
-
-/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
-
-int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
-int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
-int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
-
-/* Common utility functions defined in ts/ts_lib.c */
-
-int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
-int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
-int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
-int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
-int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
-
-/* Function declarations for handling configuration options,
-   defined in ts/ts_conf.c */
-
-X509 *TS_CONF_load_cert(const char *file);
-STACK_OF(X509) *TS_CONF_load_certs(const char *file);
-EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
-const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
-int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
-    TS_RESP_CTX *ctx);
-int TS_CONF_set_crypto_device(CONF *conf, const char *section,
-    const char *device);
-int TS_CONF_set_default_engine(const char *name);
-int TS_CONF_set_signer_cert(CONF *conf, const char *section,
-    const char *cert, TS_RESP_CTX *ctx);
-int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
-    TS_RESP_CTX *ctx);
-int TS_CONF_set_signer_key(CONF *conf, const char *section,
-    const char *key, const char *pass, TS_RESP_CTX *ctx);
-int TS_CONF_set_def_policy(CONF *conf, const char *section,
-    const char *policy, TS_RESP_CTX *ctx);
-int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
-    TS_RESP_CTX *ctx);
-int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
-int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
-    TS_RESP_CTX *ctx);
-
-/* -------------------------------------------------- */
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_TS_strings(void);
-
-/* Error codes for the TS functions. */
-
-/* Function codes. */
-#define TS_F_D2I_TS_RESP				 147
-#define TS_F_DEF_SERIAL_CB				 110
-#define TS_F_DEF_TIME_CB				 111
-#define TS_F_ESS_ADD_SIGNING_CERT			 112
-#define TS_F_ESS_CERT_ID_NEW_INIT			 113
-#define TS_F_ESS_SIGNING_CERT_NEW_INIT			 114
-#define TS_F_INT_TS_RESP_VERIFY_TOKEN			 149
-#define TS_F_PKCS7_TO_TS_TST_INFO			 148
-#define TS_F_TS_ACCURACY_SET_MICROS			 115
-#define TS_F_TS_ACCURACY_SET_MILLIS			 116
-#define TS_F_TS_ACCURACY_SET_SECONDS			 117
-#define TS_F_TS_CHECK_IMPRINTS				 100
-#define TS_F_TS_CHECK_NONCES				 101
-#define TS_F_TS_CHECK_POLICY				 102
-#define TS_F_TS_CHECK_SIGNING_CERTS			 103
-#define TS_F_TS_CHECK_STATUS_INFO			 104
-#define TS_F_TS_COMPUTE_IMPRINT				 145
-#define TS_F_TS_CONF_SET_DEFAULT_ENGINE			 146
-#define TS_F_TS_GET_STATUS_TEXT				 105
-#define TS_F_TS_MSG_IMPRINT_SET_ALGO			 118
-#define TS_F_TS_REQ_SET_MSG_IMPRINT			 119
-#define TS_F_TS_REQ_SET_NONCE				 120
-#define TS_F_TS_REQ_SET_POLICY_ID			 121
-#define TS_F_TS_RESP_CREATE_RESPONSE			 122
-#define TS_F_TS_RESP_CREATE_TST_INFO			 123
-#define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO		 124
-#define TS_F_TS_RESP_CTX_ADD_MD				 125
-#define TS_F_TS_RESP_CTX_ADD_POLICY			 126
-#define TS_F_TS_RESP_CTX_NEW				 127
-#define TS_F_TS_RESP_CTX_SET_ACCURACY			 128
-#define TS_F_TS_RESP_CTX_SET_CERTS			 129
-#define TS_F_TS_RESP_CTX_SET_DEF_POLICY			 130
-#define TS_F_TS_RESP_CTX_SET_SIGNER_CERT		 131
-#define TS_F_TS_RESP_CTX_SET_STATUS_INFO		 132
-#define TS_F_TS_RESP_GET_POLICY				 133
-#define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION		 134
-#define TS_F_TS_RESP_SET_STATUS_INFO			 135
-#define TS_F_TS_RESP_SET_TST_INFO			 150
-#define TS_F_TS_RESP_SIGN				 136
-#define TS_F_TS_RESP_VERIFY_SIGNATURE			 106
-#define TS_F_TS_RESP_VERIFY_TOKEN			 107
-#define TS_F_TS_TST_INFO_SET_ACCURACY			 137
-#define TS_F_TS_TST_INFO_SET_MSG_IMPRINT		 138
-#define TS_F_TS_TST_INFO_SET_NONCE			 139
-#define TS_F_TS_TST_INFO_SET_POLICY_ID			 140
-#define TS_F_TS_TST_INFO_SET_SERIAL			 141
-#define TS_F_TS_TST_INFO_SET_TIME			 142
-#define TS_F_TS_TST_INFO_SET_TSA			 143
-#define TS_F_TS_VERIFY					 108
-#define TS_F_TS_VERIFY_CERT				 109
-#define TS_F_TS_VERIFY_CTX_NEW				 144
-
-/* Reason codes. */
-#define TS_R_BAD_PKCS7_TYPE				 132
-#define TS_R_BAD_TYPE					 133
-#define TS_R_CERTIFICATE_VERIFY_ERROR			 100
-#define TS_R_COULD_NOT_SET_ENGINE			 127
-#define TS_R_COULD_NOT_SET_TIME				 115
-#define TS_R_D2I_TS_RESP_INT_FAILED			 128
-#define TS_R_DETACHED_CONTENT				 134
-#define TS_R_ESS_ADD_SIGNING_CERT_ERROR			 116
-#define TS_R_ESS_SIGNING_CERTIFICATE_ERROR		 101
-#define TS_R_INVALID_NULL_POINTER			 102
-#define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE		 117
-#define TS_R_MESSAGE_IMPRINT_MISMATCH			 103
-#define TS_R_NONCE_MISMATCH				 104
-#define TS_R_NONCE_NOT_RETURNED				 105
-#define TS_R_NO_CONTENT					 106
-#define TS_R_NO_TIME_STAMP_TOKEN			 107
-#define TS_R_PKCS7_ADD_SIGNATURE_ERROR			 118
-#define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR		 119
-#define TS_R_PKCS7_TO_TS_TST_INFO_FAILED		 129
-#define TS_R_POLICY_MISMATCH				 108
-#define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE	 120
-#define TS_R_RESPONSE_SETUP_ERROR			 121
-#define TS_R_SIGNATURE_FAILURE				 109
-#define TS_R_THERE_MUST_BE_ONE_SIGNER			 110
-#define TS_R_TIME_SYSCALL_ERROR				 122
-#define TS_R_TOKEN_NOT_PRESENT				 130
-#define TS_R_TOKEN_PRESENT				 131
-#define TS_R_TSA_NAME_MISMATCH				 111
-#define TS_R_TSA_UNTRUSTED				 112
-#define TS_R_TST_INFO_SETUP_ERROR			 123
-#define TS_R_TS_DATASIGN				 124
-#define TS_R_UNACCEPTABLE_POLICY			 125
-#define TS_R_UNSUPPORTED_MD_ALGORITHM			 126
-#define TS_R_UNSUPPORTED_VERSION			 113
-#define TS_R_WRONG_CONTENT_TYPE				 114
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ts/ts_asn1.c b/lib/libssl/src/crypto/ts/ts_asn1.c
deleted file mode 100644
index 13864832472..00000000000
--- a/lib/libssl/src/crypto/ts/ts_asn1.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/* $OpenBSD: ts_asn1.c,v 1.9 2015/07/24 15:25:44 jsing Exp $ */
-/* Written by Nils Larsch for the OpenSSL project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/ts.h>
-#include <openssl/err.h>
-#include <openssl/asn1t.h>
-
-static const ASN1_TEMPLATE TS_MSG_IMPRINT_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_MSG_IMPRINT, hash_algo),
-		.field_name = "hash_algo",
-		.item = &X509_ALGOR_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_MSG_IMPRINT, hashed_msg),
-		.field_name = "hashed_msg",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM TS_MSG_IMPRINT_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_MSG_IMPRINT_seq_tt,
-	.tcount = sizeof(TS_MSG_IMPRINT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(TS_MSG_IMPRINT),
-	.sname = "TS_MSG_IMPRINT",
-};
-
-
-TS_MSG_IMPRINT *
-d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a, const unsigned char **in, long len)
-{
-	return (TS_MSG_IMPRINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_MSG_IMPRINT_it);
-}
-
-int
-i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_MSG_IMPRINT_it);
-}
-
-TS_MSG_IMPRINT *
-TS_MSG_IMPRINT_new(void)
-{
-	return (TS_MSG_IMPRINT *)ASN1_item_new(&TS_MSG_IMPRINT_it);
-}
-
-void
-TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it);
-}
-
-TS_MSG_IMPRINT *
-TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *x)
-{
-	return ASN1_item_dup(&TS_MSG_IMPRINT_it, x);
-}
-
-#ifndef OPENSSL_NO_BIO
-TS_MSG_IMPRINT *
-d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a)
-{
-	return ASN1_d2i_bio_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
-	    d2i_TS_MSG_IMPRINT, bp, a);
-}
-
-int
-i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a)
-{
-	return ASN1_i2d_bio_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a);
-}
-#endif
-
-TS_MSG_IMPRINT *
-d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a)
-{
-	return ASN1_d2i_fp_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
-	    d2i_TS_MSG_IMPRINT, fp, a);
-}
-
-int
-i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a)
-{
-	return ASN1_i2d_fp_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a);
-}
-
-static const ASN1_TEMPLATE TS_REQ_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, msg_imprint),
-		.field_name = "msg_imprint",
-		.item = &TS_MSG_IMPRINT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, policy_id),
-		.field_name = "policy_id",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, nonce),
-		.field_name = "nonce",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, cert_req),
-		.field_name = "cert_req",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_REQ, extensions),
-		.field_name = "extensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM TS_REQ_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_REQ_seq_tt,
-	.tcount = sizeof(TS_REQ_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(TS_REQ),
-	.sname = "TS_REQ",
-};
-
-
-TS_REQ *
-d2i_TS_REQ(TS_REQ **a, const unsigned char **in, long len)
-{
-	return (TS_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_REQ_it);
-}
-
-int
-i2d_TS_REQ(const TS_REQ *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_REQ_it);
-}
-
-TS_REQ *
-TS_REQ_new(void)
-{
-	return (TS_REQ *)ASN1_item_new(&TS_REQ_it);
-}
-
-void
-TS_REQ_free(TS_REQ *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_REQ_it);
-}
-
-TS_REQ *
-TS_REQ_dup(TS_REQ *x)
-{
-	return ASN1_item_dup(&TS_REQ_it, x);
-}
-
-#ifndef OPENSSL_NO_BIO
-TS_REQ *
-d2i_TS_REQ_bio(BIO *bp, TS_REQ **a)
-{
-	return ASN1_d2i_bio_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, bp, a);
-}
-
-int
-i2d_TS_REQ_bio(BIO *bp, TS_REQ *a)
-{
-	return ASN1_i2d_bio_of_const(TS_REQ, i2d_TS_REQ, bp, a);
-}
-#endif
-
-TS_REQ *
-d2i_TS_REQ_fp(FILE *fp, TS_REQ **a)
-{
-	return ASN1_d2i_fp_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, fp, a);
-}
-
-int
-i2d_TS_REQ_fp(FILE *fp, TS_REQ *a)
-{
-	return ASN1_i2d_fp_of_const(TS_REQ, i2d_TS_REQ, fp, a);
-}
-
-static const ASN1_TEMPLATE TS_ACCURACY_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_ACCURACY, seconds),
-		.field_name = "seconds",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_ACCURACY, millis),
-		.field_name = "millis",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(TS_ACCURACY, micros),
-		.field_name = "micros",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM TS_ACCURACY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_ACCURACY_seq_tt,
-	.tcount = sizeof(TS_ACCURACY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(TS_ACCURACY),
-	.sname = "TS_ACCURACY",
-};
-
-
-TS_ACCURACY *
-d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **in, long len)
-{
-	return (TS_ACCURACY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_ACCURACY_it);
-}
-
-int
-i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_ACCURACY_it);
-}
-
-TS_ACCURACY *
-TS_ACCURACY_new(void)
-{
-	return (TS_ACCURACY *)ASN1_item_new(&TS_ACCURACY_it);
-}
-
-void
-TS_ACCURACY_free(TS_ACCURACY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_ACCURACY_it);
-}
-
-TS_ACCURACY *
-TS_ACCURACY_dup(TS_ACCURACY *x)
-{
-	return ASN1_item_dup(&TS_ACCURACY_it, x);
-}
-
-static const ASN1_TEMPLATE TS_TST_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, policy_id),
-		.field_name = "policy_id",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, msg_imprint),
-		.field_name = "msg_imprint",
-		.item = &TS_MSG_IMPRINT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, serial),
-		.field_name = "serial",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, time),
-		.field_name = "time",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, accuracy),
-		.field_name = "accuracy",
-		.item = &TS_ACCURACY_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, ordering),
-		.field_name = "ordering",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, nonce),
-		.field_name = "nonce",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_TST_INFO, tsa),
-		.field_name = "tsa",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(TS_TST_INFO, extensions),
-		.field_name = "extensions",
-		.item = &X509_EXTENSION_it,
-	},
-};
-
-const ASN1_ITEM TS_TST_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_TST_INFO_seq_tt,
-	.tcount = sizeof(TS_TST_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(TS_TST_INFO),
-	.sname = "TS_TST_INFO",
-};
-
-
-TS_TST_INFO *
-d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **in, long len)
-{
-	return (TS_TST_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_TST_INFO_it);
-}
-
-int
-i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_TST_INFO_it);
-}
-
-TS_TST_INFO *
-TS_TST_INFO_new(void)
-{
-	return (TS_TST_INFO *)ASN1_item_new(&TS_TST_INFO_it);
-}
-
-void
-TS_TST_INFO_free(TS_TST_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_TST_INFO_it);
-}
-
-TS_TST_INFO *
-TS_TST_INFO_dup(TS_TST_INFO *x)
-{
-	return ASN1_item_dup(&TS_TST_INFO_it, x);
-}
-
-#ifndef OPENSSL_NO_BIO
-TS_TST_INFO *
-d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
-{
-	return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO,
-	    bp, a);
-}
-
-int
-i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a)
-{
-	return ASN1_i2d_bio_of_const(TS_TST_INFO, i2d_TS_TST_INFO, bp, a);
-}
-#endif
-
-TS_TST_INFO *
-d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a)
-{
-	return ASN1_d2i_fp_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO,
-	    fp, a);
-}
-
-int
-i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a)
-{
-	return ASN1_i2d_fp_of_const(TS_TST_INFO, i2d_TS_TST_INFO, fp, a);
-}
-
-static const ASN1_TEMPLATE TS_STATUS_INFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_STATUS_INFO, status),
-		.field_name = "status",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_STATUS_INFO, text),
-		.field_name = "text",
-		.item = &ASN1_UTF8STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_STATUS_INFO, failure_info),
-		.field_name = "failure_info",
-		.item = &ASN1_BIT_STRING_it,
-	},
-};
-
-const ASN1_ITEM TS_STATUS_INFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_STATUS_INFO_seq_tt,
-	.tcount = sizeof(TS_STATUS_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(TS_STATUS_INFO),
-	.sname = "TS_STATUS_INFO",
-};
-
-
-TS_STATUS_INFO *
-d2i_TS_STATUS_INFO(TS_STATUS_INFO **a, const unsigned char **in, long len)
-{
-	return (TS_STATUS_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_STATUS_INFO_it);
-}
-
-int
-i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_STATUS_INFO_it);
-}
-
-TS_STATUS_INFO *
-TS_STATUS_INFO_new(void)
-{
-	return (TS_STATUS_INFO *)ASN1_item_new(&TS_STATUS_INFO_it);
-}
-
-void
-TS_STATUS_INFO_free(TS_STATUS_INFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_STATUS_INFO_it);
-}
-
-TS_STATUS_INFO *
-TS_STATUS_INFO_dup(TS_STATUS_INFO *x)
-{
-	return ASN1_item_dup(&TS_STATUS_INFO_it, x);
-}
-
-static int
-ts_resp_set_tst_info(TS_RESP *a)
-{
-	long    status;
-
-	status = ASN1_INTEGER_get(a->status_info->status);
-
-	if (a->token) {
-		if (status != 0 && status != 1) {
-			TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT);
-			return 0;
-		}
-		if (a->tst_info != NULL)
-			TS_TST_INFO_free(a->tst_info);
-		a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
-		if (!a->tst_info) {
-			TSerr(TS_F_TS_RESP_SET_TST_INFO,
-			    TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
-			return 0;
-		}
-	} else if (status == 0 || status == 1) {
-		TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	TS_RESP *ts_resp = (TS_RESP *)*pval;
-
-	if (op == ASN1_OP_NEW_POST) {
-		ts_resp->tst_info = NULL;
-	} else if (op == ASN1_OP_FREE_POST) {
-		if (ts_resp->tst_info != NULL)
-			TS_TST_INFO_free(ts_resp->tst_info);
-	} else if (op == ASN1_OP_D2I_POST) {
-		if (ts_resp_set_tst_info(ts_resp) == 0)
-			return 0;
-	}
-	return 1;
-}
-
-static const ASN1_AUX TS_RESP_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = ts_resp_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE TS_RESP_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(TS_RESP, status_info),
-		.field_name = "status_info",
-		.item = &TS_STATUS_INFO_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(TS_RESP, token),
-		.field_name = "token",
-		.item = &PKCS7_it,
-	},
-};
-
-const ASN1_ITEM TS_RESP_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = TS_RESP_seq_tt,
-	.tcount = sizeof(TS_RESP_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &TS_RESP_aux,
-	.size = sizeof(TS_RESP),
-	.sname = "TS_RESP",
-};
-
-
-TS_RESP *
-d2i_TS_RESP(TS_RESP **a, const unsigned char **in, long len)
-{
-	return (TS_RESP *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &TS_RESP_it);
-}
-
-int
-i2d_TS_RESP(const TS_RESP *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &TS_RESP_it);
-}
-
-TS_RESP *
-TS_RESP_new(void)
-{
-	return (TS_RESP *)ASN1_item_new(&TS_RESP_it);
-}
-
-void
-TS_RESP_free(TS_RESP *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &TS_RESP_it);
-}
-
-TS_RESP *
-TS_RESP_dup(TS_RESP *x)
-{
-	return ASN1_item_dup(&TS_RESP_it, x);
-}
-
-#ifndef OPENSSL_NO_BIO
-TS_RESP *
-d2i_TS_RESP_bio(BIO *bp, TS_RESP **a)
-{
-	return ASN1_d2i_bio_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, bp, a);
-}
-
-int
-i2d_TS_RESP_bio(BIO *bp, TS_RESP *a)
-{
-	return ASN1_i2d_bio_of_const(TS_RESP, i2d_TS_RESP, bp, a);
-}
-#endif
-
-TS_RESP *
-d2i_TS_RESP_fp(FILE *fp, TS_RESP **a)
-{
-	return ASN1_d2i_fp_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, fp, a);
-}
-
-int
-i2d_TS_RESP_fp(FILE *fp, TS_RESP *a)
-{
-	return ASN1_i2d_fp_of_const(TS_RESP, i2d_TS_RESP, fp, a);
-}
-
-static const ASN1_TEMPLATE ESS_ISSUER_SERIAL_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(ESS_ISSUER_SERIAL, issuer),
-		.field_name = "issuer",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ESS_ISSUER_SERIAL, serial),
-		.field_name = "serial",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM ESS_ISSUER_SERIAL_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ESS_ISSUER_SERIAL_seq_tt,
-	.tcount = sizeof(ESS_ISSUER_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ESS_ISSUER_SERIAL),
-	.sname = "ESS_ISSUER_SERIAL",
-};
-
-
-ESS_ISSUER_SERIAL *
-d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a, const unsigned char **in, long len)
-{
-	return (ESS_ISSUER_SERIAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ESS_ISSUER_SERIAL_it);
-}
-
-int
-i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_ISSUER_SERIAL_it);
-}
-
-ESS_ISSUER_SERIAL *
-ESS_ISSUER_SERIAL_new(void)
-{
-	return (ESS_ISSUER_SERIAL *)ASN1_item_new(&ESS_ISSUER_SERIAL_it);
-}
-
-void
-ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it);
-}
-
-ESS_ISSUER_SERIAL *
-ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *x)
-{
-	return ASN1_item_dup(&ESS_ISSUER_SERIAL_it, x);
-}
-
-static const ASN1_TEMPLATE ESS_CERT_ID_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ESS_CERT_ID, hash),
-		.field_name = "hash",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(ESS_CERT_ID, issuer_serial),
-		.field_name = "issuer_serial",
-		.item = &ESS_ISSUER_SERIAL_it,
-	},
-};
-
-const ASN1_ITEM ESS_CERT_ID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ESS_CERT_ID_seq_tt,
-	.tcount = sizeof(ESS_CERT_ID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ESS_CERT_ID),
-	.sname = "ESS_CERT_ID",
-};
-
-
-ESS_CERT_ID *
-d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **in, long len)
-{
-	return (ESS_CERT_ID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ESS_CERT_ID_it);
-}
-
-int
-i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_CERT_ID_it);
-}
-
-ESS_CERT_ID *
-ESS_CERT_ID_new(void)
-{
-	return (ESS_CERT_ID *)ASN1_item_new(&ESS_CERT_ID_it);
-}
-
-void
-ESS_CERT_ID_free(ESS_CERT_ID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it);
-}
-
-ESS_CERT_ID *
-ESS_CERT_ID_dup(ESS_CERT_ID *x)
-{
-	return ASN1_item_dup(&ESS_CERT_ID_it, x);
-}
-
-static const ASN1_TEMPLATE ESS_SIGNING_CERT_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(ESS_SIGNING_CERT, cert_ids),
-		.field_name = "cert_ids",
-		.item = &ESS_CERT_ID_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(ESS_SIGNING_CERT, policy_info),
-		.field_name = "policy_info",
-		.item = &POLICYINFO_it,
-	},
-};
-
-const ASN1_ITEM ESS_SIGNING_CERT_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ESS_SIGNING_CERT_seq_tt,
-	.tcount = sizeof(ESS_SIGNING_CERT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ESS_SIGNING_CERT),
-	.sname = "ESS_SIGNING_CERT",
-};
-
-
-ESS_SIGNING_CERT *
-d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a, const unsigned char **in, long len)
-{
-	return (ESS_SIGNING_CERT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ESS_SIGNING_CERT_it);
-}
-
-int
-i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ESS_SIGNING_CERT_it);
-}
-
-ESS_SIGNING_CERT *
-ESS_SIGNING_CERT_new(void)
-{
-	return (ESS_SIGNING_CERT *)ASN1_item_new(&ESS_SIGNING_CERT_it);
-}
-
-void
-ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it);
-}
-
-ESS_SIGNING_CERT *
-ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *x)
-{
-	return ASN1_item_dup(&ESS_SIGNING_CERT_it, x);
-}
-
-/* Getting encapsulated TS_TST_INFO object from PKCS7. */
-TS_TST_INFO *
-PKCS7_to_TS_TST_INFO(PKCS7 *token)
-{
-	PKCS7_SIGNED *pkcs7_signed;
-	PKCS7 *enveloped;
-	ASN1_TYPE *tst_info_wrapper;
-	ASN1_OCTET_STRING *tst_info_der;
-	const unsigned char *p;
-
-	if (!PKCS7_type_is_signed(token)) {
-		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
-		return NULL;
-	}
-
-	/* Content must be present. */
-	if (PKCS7_get_detached(token)) {
-		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_DETACHED_CONTENT);
-		return NULL;
-	}
-
-	/* We have a signed data with content. */
-	pkcs7_signed = token->d.sign;
-	enveloped = pkcs7_signed->contents;
-	if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) {
-		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
-		return NULL;
-	}
-
-	/* We have a DER encoded TST_INFO as the signed data. */
-	tst_info_wrapper = enveloped->d.other;
-	if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) {
-		TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_TYPE);
-		return NULL;
-	}
-
-	/* We have the correct ASN1_OCTET_STRING type. */
-	tst_info_der = tst_info_wrapper->value.octet_string;
-	/* At last, decode the TST_INFO. */
-	p = tst_info_der->data;
-	return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length);
-}
diff --git a/lib/libssl/src/crypto/ts/ts_conf.c b/lib/libssl/src/crypto/ts/ts_conf.c
deleted file mode 100644
index bb98a6ff4c9..00000000000
--- a/lib/libssl/src/crypto/ts/ts_conf.c
+++ /dev/null
@@ -1,532 +0,0 @@
-/* $OpenBSD: ts_conf.c,v 1.9 2015/02/11 03:19:37 doug Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/ts.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-/* Macro definitions for the configuration file. */
-
-#define	BASE_SECTION			"tsa"
-#define	ENV_DEFAULT_TSA			"default_tsa"
-#define	ENV_SERIAL			"serial"
-#define ENV_CRYPTO_DEVICE		"crypto_device"
-#define	ENV_SIGNER_CERT			"signer_cert"
-#define	ENV_CERTS			"certs"
-#define	ENV_SIGNER_KEY			"signer_key"
-#define	ENV_DEFAULT_POLICY		"default_policy"
-#define	ENV_OTHER_POLICIES		"other_policies"
-#define	ENV_DIGESTS			"digests"
-#define	ENV_ACCURACY			"accuracy"
-#define	ENV_ORDERING			"ordering"
-#define	ENV_TSA_NAME			"tsa_name"
-#define	ENV_ESS_CERT_ID_CHAIN		"ess_cert_id_chain"
-#define	ENV_VALUE_SECS			"secs"
-#define	ENV_VALUE_MILLISECS		"millisecs"
-#define	ENV_VALUE_MICROSECS		"microsecs"
-#define	ENV_CLOCK_PRECISION_DIGITS	"clock_precision_digits"
-#define	ENV_VALUE_YES			"yes"
-#define	ENV_VALUE_NO			"no"
-
-/* Function definitions for certificate and key loading. */
-
-X509 *
-TS_CONF_load_cert(const char *file)
-{
-	BIO *cert = NULL;
-	X509 *x = NULL;
-
-	if ((cert = BIO_new_file(file, "r")) == NULL)
-		goto end;
-	x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
-
-end:
-	if (x == NULL)
-		fprintf(stderr, "unable to load certificate: %s\n", file);
-	BIO_free(cert);
-	return x;
-}
-
-STACK_OF(X509) *
-TS_CONF_load_certs(const char *file)
-{
-	BIO *certs = NULL;
-	STACK_OF(X509) *othercerts = NULL;
-	STACK_OF(X509_INFO) *allcerts = NULL;
-	int i;
-
-	if (!(certs = BIO_new_file(file, "r")))
-		goto end;
-
-	if (!(othercerts = sk_X509_new_null()))
-		goto end;
-	allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
-	for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
-		X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
-		if (xi->x509) {
-			if (sk_X509_push(othercerts, xi->x509) == 0) {
-				sk_X509_pop_free(othercerts, X509_free);
-				othercerts = NULL;
-				goto end;
-			}
-			xi->x509 = NULL;
-		}
-	}
-
-end:
-	if (othercerts == NULL)
-		fprintf(stderr, "unable to load certificates: %s\n", file);
-	sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
-	BIO_free(certs);
-	return othercerts;
-}
-
-EVP_PKEY *
-TS_CONF_load_key(const char *file, const char *pass)
-{
-	BIO *key = NULL;
-	EVP_PKEY *pkey = NULL;
-
-	if (!(key = BIO_new_file(file, "r")))
-		goto end;
-	pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *) pass);
-
-end:
-	if (pkey == NULL)
-		fprintf(stderr, "unable to load private key: %s\n", file);
-	BIO_free(key);
-	return pkey;
-}
-
-/* Function definitions for handling configuration options. */
-
-static void
-TS_CONF_lookup_fail(const char *name, const char *tag)
-{
-	fprintf(stderr, "variable lookup failed for %s::%s\n", name, tag);
-}
-
-static void
-TS_CONF_invalid(const char *name, const char *tag)
-{
-	fprintf(stderr, "invalid variable value for %s::%s\n", name, tag);
-}
-
-const char *
-TS_CONF_get_tsa_section(CONF *conf, const char *section)
-{
-	if (!section) {
-		section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_TSA);
-		if (!section)
-			TS_CONF_lookup_fail(BASE_SECTION, ENV_DEFAULT_TSA);
-	}
-	return section;
-}
-
-int
-TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
-    TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	char *serial = NCONF_get_string(conf, section, ENV_SERIAL);
-
-	if (!serial) {
-		TS_CONF_lookup_fail(section, ENV_SERIAL);
-		goto err;
-	}
-	TS_RESP_CTX_set_serial_cb(ctx, cb, serial);
-
-	ret = 1;
-
-err:
-	return ret;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-
-int
-TS_CONF_set_crypto_device(CONF *conf, const char *section, const char *device)
-{
-	int ret = 0;
-
-	if (!device)
-		device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
-
-	if (device && !TS_CONF_set_default_engine(device)) {
-		TS_CONF_invalid(section, ENV_CRYPTO_DEVICE);
-		goto err;
-	}
-	ret = 1;
-
-err:
-	return ret;
-}
-
-int
-TS_CONF_set_default_engine(const char *name)
-{
-	ENGINE *e = NULL;
-	int ret = 0;
-
-	/* Leave the default if builtin specified. */
-	if (strcmp(name, "builtin") == 0)
-		return 1;
-
-	if (!(e = ENGINE_by_id(name)))
-		goto err;
-	/* All the operations are going to be carried out by the engine. */
-	if (!ENGINE_set_default(e, ENGINE_METHOD_ALL))
-		goto err;
-	ret = 1;
-
-err:
-	if (!ret) {
-		TSerr(TS_F_TS_CONF_SET_DEFAULT_ENGINE,
-		    TS_R_COULD_NOT_SET_ENGINE);
-		ERR_asprintf_error_data("engine:%s", name);
-	}
-	if (e)
-		ENGINE_free(e);
-	return ret;
-}
-
-#endif
-
-int
-TS_CONF_set_signer_cert(CONF *conf, const char *section, const char *cert,
-    TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	X509 *cert_obj = NULL;
-
-	if (!cert)
-		cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
-	if (!cert) {
-		TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
-		goto err;
-	}
-	if (!(cert_obj = TS_CONF_load_cert(cert)))
-		goto err;
-	if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
-		goto err;
-
-	ret = 1;
-
-err:
-	X509_free(cert_obj);
-	return ret;
-}
-
-int
-TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
-    TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	STACK_OF(X509) *certs_obj = NULL;
-
-	if (!certs)
-		certs = NCONF_get_string(conf, section, ENV_CERTS);
-	/* Certificate chain is optional. */
-	if (!certs)
-		goto end;
-	if (!(certs_obj = TS_CONF_load_certs(certs)))
-		goto err;
-	if (!TS_RESP_CTX_set_certs(ctx, certs_obj))
-		goto err;
-
-end:
-	ret = 1;
-err:
-	sk_X509_pop_free(certs_obj, X509_free);
-	return ret;
-}
-
-int
-TS_CONF_set_signer_key(CONF *conf, const char *section, const char *key,
-    const char *pass, TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	EVP_PKEY *key_obj = NULL;
-
-	if (!key)
-		key = NCONF_get_string(conf, section, ENV_SIGNER_KEY);
-	if (!key) {
-		TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
-		goto err;
-	}
-	if (!(key_obj = TS_CONF_load_key(key, pass)))
-		goto err;
-	if (!TS_RESP_CTX_set_signer_key(ctx, key_obj))
-		goto err;
-
-	ret = 1;
-
-err:
-	EVP_PKEY_free(key_obj);
-	return ret;
-}
-
-int
-TS_CONF_set_def_policy(CONF *conf, const char *section, const char *policy,
-    TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	ASN1_OBJECT *policy_obj = NULL;
-
-    	if (!policy)
-		policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY);
-	if (!policy) {
-		TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
-		goto err;
-	}
-	if (!(policy_obj = OBJ_txt2obj(policy, 0))) {
-		TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
-		goto err;
-	}
-	if (!TS_RESP_CTX_set_def_policy(ctx, policy_obj))
-		goto err;
-
-	ret = 1;
-
-err:
-	ASN1_OBJECT_free(policy_obj);
-	return ret;
-}
-
-int
-TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	int i;
-	STACK_OF(CONF_VALUE) *list = NULL;
-	char *policies = NCONF_get_string(conf, section, ENV_OTHER_POLICIES);
-
-	/* If no other policy is specified, that's fine. */
-	if (policies && !(list = X509V3_parse_list(policies))) {
-		TS_CONF_invalid(section, ENV_OTHER_POLICIES);
-		goto err;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-		const char *extval = val->value ? val->value : val->name;
-		ASN1_OBJECT *objtmp;
-		if (!(objtmp = OBJ_txt2obj(extval, 0))) {
-			TS_CONF_invalid(section, ENV_OTHER_POLICIES);
-			goto err;
-		}
-		if (!TS_RESP_CTX_add_policy(ctx, objtmp))
-			goto err;
-		ASN1_OBJECT_free(objtmp);
-	}
-
-	ret = 1;
-
-err:
-	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-	return ret;
-}
-
-int
-TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	int i;
-	STACK_OF(CONF_VALUE) *list = NULL;
-	char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
-
-	if (!digests) {
-		TS_CONF_lookup_fail(section, ENV_DIGESTS);
-		goto err;
-	}
-	if (!(list = X509V3_parse_list(digests))) {
-		TS_CONF_invalid(section, ENV_DIGESTS);
-		goto err;
-	}
-	if (sk_CONF_VALUE_num(list) == 0) {
-		TS_CONF_invalid(section, ENV_DIGESTS);
-		goto err;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-		const char *extval = val->value ? val->value : val->name;
-		const EVP_MD *md;
-		if (!(md = EVP_get_digestbyname(extval))) {
-			TS_CONF_invalid(section, ENV_DIGESTS);
-			goto err;
-		}
-		if (!TS_RESP_CTX_add_md(ctx, md))
-			goto err;
-	}
-
-	ret = 1;
-
-err:
-	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-	return ret;
-}
-
-int
-TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	int i;
-	int secs = 0, millis = 0, micros = 0;
-	STACK_OF(CONF_VALUE) *list = NULL;
-	char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
-
-	if (accuracy && !(list = X509V3_parse_list(accuracy))) {
-		TS_CONF_invalid(section, ENV_ACCURACY);
-		goto err;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
-		CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
-		if (strcmp(val->name, ENV_VALUE_SECS) == 0) {
-			if (val->value)
-				secs = atoi(val->value);
-		} else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) {
-			if (val->value)
-				millis = atoi(val->value);
-		} else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) {
-			if (val->value)
-				micros = atoi(val->value);
-		} else {
-			TS_CONF_invalid(section, ENV_ACCURACY);
-			goto err;
-		}
-	}
-	if (!TS_RESP_CTX_set_accuracy(ctx, secs, millis, micros))
-		goto err;
-
-	ret = 1;
-
-err:
-	sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
-	return ret;
-}
-
-int
-TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
-    TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	long digits = 0;
-
-	/* If not specified, set the default value to 0, i.e. sec  precision */
-	if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS,
-	    &digits))
-		digits = 0;
-	if (digits < 0 || digits > TS_MAX_CLOCK_PRECISION_DIGITS) {
-		TS_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS);
-		goto err;
-	}
-
-	if (!TS_RESP_CTX_set_clock_precision_digits(ctx, digits))
-		goto err;
-
-	return 1;
-
-err:
-	return ret;
-}
-
-static int
-TS_CONF_add_flag(CONF *conf, const char *section, const char *field, int flag,
-    TS_RESP_CTX *ctx)
-{
-	/* Default is false. */
-	const char *value = NCONF_get_string(conf, section, field);
-
-	if (value) {
-		if (strcmp(value, ENV_VALUE_YES) == 0)
-			TS_RESP_CTX_add_flags(ctx, flag);
-		else if (strcmp(value, ENV_VALUE_NO) != 0) {
-			TS_CONF_invalid(section, field);
-			return 0;
-		}
-	}
-
-	return 1;
-}
-
-int
-TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	return TS_CONF_add_flag(conf, section, ENV_ORDERING, TS_ORDERING, ctx);
-}
-
-int
-TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	return TS_CONF_add_flag(conf, section, ENV_TSA_NAME, TS_TSA_NAME, ctx);
-}
-
-int
-TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section, TS_RESP_CTX *ctx)
-{
-	return TS_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN,
-	    TS_ESS_CERT_ID_CHAIN, ctx);
-}
diff --git a/lib/libssl/src/crypto/ts/ts_err.c b/lib/libssl/src/crypto/ts/ts_err.c
deleted file mode 100644
index f71be883f8e..00000000000
--- a/lib/libssl/src/crypto/ts/ts_err.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* $OpenBSD: ts_err.c,v 1.4 2014/07/10 22:45:58 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ts.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
-
-static ERR_STRING_DATA TS_str_functs[] = {
-	{ERR_FUNC(TS_F_D2I_TS_RESP),	"d2i_TS_RESP"},
-	{ERR_FUNC(TS_F_DEF_SERIAL_CB),	"DEF_SERIAL_CB"},
-	{ERR_FUNC(TS_F_DEF_TIME_CB),	"DEF_TIME_CB"},
-	{ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT),	"ESS_ADD_SIGNING_CERT"},
-	{ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT),	"ESS_CERT_ID_NEW_INIT"},
-	{ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT),	"ESS_SIGNING_CERT_NEW_INIT"},
-	{ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN),	"INT_TS_RESP_VERIFY_TOKEN"},
-	{ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO),	"PKCS7_to_TS_TST_INFO"},
-	{ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS),	"TS_ACCURACY_set_micros"},
-	{ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS),	"TS_ACCURACY_set_millis"},
-	{ERR_FUNC(TS_F_TS_ACCURACY_SET_SECONDS),	"TS_ACCURACY_set_seconds"},
-	{ERR_FUNC(TS_F_TS_CHECK_IMPRINTS),	"TS_CHECK_IMPRINTS"},
-	{ERR_FUNC(TS_F_TS_CHECK_NONCES),	"TS_CHECK_NONCES"},
-	{ERR_FUNC(TS_F_TS_CHECK_POLICY),	"TS_CHECK_POLICY"},
-	{ERR_FUNC(TS_F_TS_CHECK_SIGNING_CERTS),	"TS_CHECK_SIGNING_CERTS"},
-	{ERR_FUNC(TS_F_TS_CHECK_STATUS_INFO),	"TS_CHECK_STATUS_INFO"},
-	{ERR_FUNC(TS_F_TS_COMPUTE_IMPRINT),	"TS_COMPUTE_IMPRINT"},
-	{ERR_FUNC(TS_F_TS_CONF_SET_DEFAULT_ENGINE),	"TS_CONF_set_default_engine"},
-	{ERR_FUNC(TS_F_TS_GET_STATUS_TEXT),	"TS_GET_STATUS_TEXT"},
-	{ERR_FUNC(TS_F_TS_MSG_IMPRINT_SET_ALGO),	"TS_MSG_IMPRINT_set_algo"},
-	{ERR_FUNC(TS_F_TS_REQ_SET_MSG_IMPRINT),	"TS_REQ_set_msg_imprint"},
-	{ERR_FUNC(TS_F_TS_REQ_SET_NONCE),	"TS_REQ_set_nonce"},
-	{ERR_FUNC(TS_F_TS_REQ_SET_POLICY_ID),	"TS_REQ_set_policy_id"},
-	{ERR_FUNC(TS_F_TS_RESP_CREATE_RESPONSE),	"TS_RESP_create_response"},
-	{ERR_FUNC(TS_F_TS_RESP_CREATE_TST_INFO),	"TS_RESP_CREATE_TST_INFO"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO),	"TS_RESP_CTX_add_failure_info"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_MD),	"TS_RESP_CTX_add_md"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_ADD_POLICY),	"TS_RESP_CTX_add_policy"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_NEW),	"TS_RESP_CTX_new"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_SET_ACCURACY),	"TS_RESP_CTX_set_accuracy"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_SET_CERTS),	"TS_RESP_CTX_set_certs"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_SET_DEF_POLICY),	"TS_RESP_CTX_set_def_policy"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_SET_SIGNER_CERT),	"TS_RESP_CTX_set_signer_cert"},
-	{ERR_FUNC(TS_F_TS_RESP_CTX_SET_STATUS_INFO),	"TS_RESP_CTX_set_status_info"},
-	{ERR_FUNC(TS_F_TS_RESP_GET_POLICY),	"TS_RESP_GET_POLICY"},
-	{ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION),	"TS_RESP_SET_GENTIME_WITH_PRECISION"},
-	{ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO),	"TS_RESP_set_status_info"},
-	{ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO),	"TS_RESP_set_tst_info"},
-	{ERR_FUNC(TS_F_TS_RESP_SIGN),	"TS_RESP_SIGN"},
-	{ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE),	"TS_RESP_verify_signature"},
-	{ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN),	"TS_RESP_verify_token"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY),	"TS_TST_INFO_set_accuracy"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),	"TS_TST_INFO_set_msg_imprint"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_NONCE),	"TS_TST_INFO_set_nonce"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_POLICY_ID),	"TS_TST_INFO_set_policy_id"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_SERIAL),	"TS_TST_INFO_set_serial"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_TIME),	"TS_TST_INFO_set_time"},
-	{ERR_FUNC(TS_F_TS_TST_INFO_SET_TSA),	"TS_TST_INFO_set_tsa"},
-	{ERR_FUNC(TS_F_TS_VERIFY),	"TS_VERIFY"},
-	{ERR_FUNC(TS_F_TS_VERIFY_CERT),	"TS_VERIFY_CERT"},
-	{ERR_FUNC(TS_F_TS_VERIFY_CTX_NEW),	"TS_VERIFY_CTX_new"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA TS_str_reasons[]= {
-	{ERR_REASON(TS_R_BAD_PKCS7_TYPE)         , "bad pkcs7 type"},
-	{ERR_REASON(TS_R_BAD_TYPE)               , "bad type"},
-	{ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
-	{ERR_REASON(TS_R_COULD_NOT_SET_ENGINE)   , "could not set engine"},
-	{ERR_REASON(TS_R_COULD_NOT_SET_TIME)     , "could not set time"},
-	{ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED) , "d2i ts resp int failed"},
-	{ERR_REASON(TS_R_DETACHED_CONTENT)       , "detached content"},
-	{ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR), "ess add signing cert error"},
-	{ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR), "ess signing certificate error"},
-	{ERR_REASON(TS_R_INVALID_NULL_POINTER)   , "invalid null pointer"},
-	{ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE), "invalid signer certificate purpose"},
-	{ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH), "message imprint mismatch"},
-	{ERR_REASON(TS_R_NONCE_MISMATCH)         , "nonce mismatch"},
-	{ERR_REASON(TS_R_NONCE_NOT_RETURNED)     , "nonce not returned"},
-	{ERR_REASON(TS_R_NO_CONTENT)             , "no content"},
-	{ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN)    , "no time stamp token"},
-	{ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"},
-	{ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR), "pkcs7 add signed attr error"},
-	{ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED), "pkcs7 to ts tst info failed"},
-	{ERR_REASON(TS_R_POLICY_MISMATCH)        , "policy mismatch"},
-	{ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"},
-	{ERR_REASON(TS_R_RESPONSE_SETUP_ERROR)   , "response setup error"},
-	{ERR_REASON(TS_R_SIGNATURE_FAILURE)      , "signature failure"},
-	{ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER), "there must be one signer"},
-	{ERR_REASON(TS_R_TIME_SYSCALL_ERROR)     , "time syscall error"},
-	{ERR_REASON(TS_R_TOKEN_NOT_PRESENT)      , "token not present"},
-	{ERR_REASON(TS_R_TOKEN_PRESENT)          , "token present"},
-	{ERR_REASON(TS_R_TSA_NAME_MISMATCH)      , "tsa name mismatch"},
-	{ERR_REASON(TS_R_TSA_UNTRUSTED)          , "tsa untrusted"},
-	{ERR_REASON(TS_R_TST_INFO_SETUP_ERROR)   , "tst info setup error"},
-	{ERR_REASON(TS_R_TS_DATASIGN)            , "ts datasign"},
-	{ERR_REASON(TS_R_UNACCEPTABLE_POLICY)    , "unacceptable policy"},
-	{ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM), "unsupported md algorithm"},
-	{ERR_REASON(TS_R_UNSUPPORTED_VERSION)    , "unsupported version"},
-	{ERR_REASON(TS_R_WRONG_CONTENT_TYPE)     , "wrong content type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_TS_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(TS_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, TS_str_functs);
-		ERR_load_strings(0, TS_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ts/ts_lib.c b/lib/libssl/src/crypto/ts/ts_lib.c
deleted file mode 100644
index 293564118fd..00000000000
--- a/lib/libssl/src/crypto/ts/ts_lib.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* $OpenBSD: ts_lib.c,v 1.10 2015/09/10 14:29:22 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/x509v3.h>
-
-/* Local function declarations. */
-
-/* Function definitions. */
-
-int
-TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
-{
-	BIGNUM num_bn;
-	int result = 0;
-	char *hex;
-
-	BN_init(&num_bn);
-	ASN1_INTEGER_to_BN(num, &num_bn);
-	if ((hex = BN_bn2hex(&num_bn))) {
-		result = BIO_write(bio, "0x", 2) > 0;
-		result = result && BIO_write(bio, hex, strlen(hex)) > 0;
-		free(hex);
-	}
-	BN_free(&num_bn);
-
-	return result;
-}
-
-int
-TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
-{
-	char obj_txt[128];
-
-	int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
-	if (len >= sizeof(obj_txt))
-		len = sizeof(obj_txt) - 1;
-	BIO_write(bio, obj_txt, len);
-	BIO_write(bio, "\n", 1);
-	return 1;
-}
-
-int
-TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
-{
-	int i, critical, n;
-	X509_EXTENSION *ex;
-	ASN1_OBJECT *obj;
-
-	BIO_printf(bio, "Extensions:\n");
-	n = X509v3_get_ext_count(extensions);
-	for (i = 0; i < n; i++) {
-		ex = X509v3_get_ext(extensions, i);
-		obj = X509_EXTENSION_get_object(ex);
-		i2a_ASN1_OBJECT(bio, obj);
-		critical = X509_EXTENSION_get_critical(ex);
-		BIO_printf(bio, ": %s\n", critical ? "critical" : "");
-		if (!X509V3_EXT_print(bio, ex, 0, 4)) {
-			BIO_printf(bio, "%4s", "");
-			ASN1_STRING_print(bio, ex->value);
-		}
-		BIO_write(bio, "\n", 1);
-	}
-
-	return 1;
-}
-
-int
-TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
-{
-	int i = OBJ_obj2nid(alg->algorithm);
-
-	return BIO_printf(bio, "Hash Algorithm: %s\n",
-	    (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
-}
-
-int
-TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
-{
-	ASN1_OCTET_STRING *msg;
-
-	TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
-
-	BIO_printf(bio, "Message data:\n");
-	msg = TS_MSG_IMPRINT_get_msg(a);
-	BIO_dump_indent(bio, (const char *)ASN1_STRING_data(msg),
-	    ASN1_STRING_length(msg), 4);
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ts/ts_req_print.c b/lib/libssl/src/crypto/ts/ts_req_print.c
deleted file mode 100644
index 64a8133a58d..00000000000
--- a/lib/libssl/src/crypto/ts/ts_req_print.c
+++ /dev/null
@@ -1,104 +0,0 @@
-/* $OpenBSD: ts_req_print.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/x509v3.h>
-
-/* Function definitions. */
-
-int
-TS_REQ_print_bio(BIO *bio, TS_REQ *a)
-{
-	int v;
-	ASN1_OBJECT *policy_id;
-	const ASN1_INTEGER *nonce;
-
-	if (a == NULL)
-		return 0;
-
-	v = TS_REQ_get_version(a);
-	BIO_printf(bio, "Version: %d\n", v);
-
-	TS_MSG_IMPRINT_print_bio(bio, TS_REQ_get_msg_imprint(a));
-
-	BIO_printf(bio, "Policy OID: ");
-	policy_id = TS_REQ_get_policy_id(a);
-	if (policy_id == NULL)
-		BIO_printf(bio, "unspecified\n");
-	else
-		TS_OBJ_print_bio(bio, policy_id);
-
-	BIO_printf(bio, "Nonce: ");
-	nonce = TS_REQ_get_nonce(a);
-	if (nonce == NULL)
-		BIO_printf(bio, "unspecified");
-	else
-		TS_ASN1_INTEGER_print_bio(bio, nonce);
-	BIO_write(bio, "\n", 1);
-
-	BIO_printf(bio, "Certificate required: %s\n",
-	    TS_REQ_get_cert_req(a) ? "yes" : "no");
-
-	TS_ext_print_bio(bio, TS_REQ_get_exts(a));
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ts/ts_req_utils.c b/lib/libssl/src/crypto/ts/ts_req_utils.c
deleted file mode 100644
index ab813b2b42d..00000000000
--- a/lib/libssl/src/crypto/ts/ts_req_utils.c
+++ /dev/null
@@ -1,255 +0,0 @@
-/* $OpenBSD: ts_req_utils.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/x509v3.h>
-
-int
-TS_REQ_set_version(TS_REQ *a, long version)
-{
-	return ASN1_INTEGER_set(a->version, version);
-}
-
-long
-TS_REQ_get_version(const TS_REQ *a)
-{
-	return ASN1_INTEGER_get(a->version);
-}
-
-int
-TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint)
-{
-	TS_MSG_IMPRINT *new_msg_imprint;
-
-	if (a->msg_imprint == msg_imprint)
-		return 1;
-	new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
-	if (new_msg_imprint == NULL) {
-		TSerr(TS_F_TS_REQ_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	TS_MSG_IMPRINT_free(a->msg_imprint);
-	a->msg_imprint = new_msg_imprint;
-	return 1;
-}
-
-TS_MSG_IMPRINT *
-TS_REQ_get_msg_imprint(TS_REQ *a)
-{
-	return a->msg_imprint;
-}
-
-int
-TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg)
-{
-	X509_ALGOR *new_alg;
-
-	if (a->hash_algo == alg)
-		return 1;
-	new_alg = X509_ALGOR_dup(alg);
-	if (new_alg == NULL) {
-		TSerr(TS_F_TS_MSG_IMPRINT_SET_ALGO, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	X509_ALGOR_free(a->hash_algo);
-	a->hash_algo = new_alg;
-	return 1;
-}
-
-X509_ALGOR *
-TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a)
-{
-	return a->hash_algo;
-}
-
-int
-TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len)
-{
-	return ASN1_OCTET_STRING_set(a->hashed_msg, d, len);
-}
-
-ASN1_OCTET_STRING *
-TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a)
-{
-	return a->hashed_msg;
-}
-
-int
-TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy)
-{
-	ASN1_OBJECT *new_policy;
-
-	if (a->policy_id == policy)
-		return 1;
-	new_policy = OBJ_dup(policy);
-	if (new_policy == NULL) {
-		TSerr(TS_F_TS_REQ_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_OBJECT_free(a->policy_id);
-	a->policy_id = new_policy;
-	return 1;
-}
-
-ASN1_OBJECT *
-TS_REQ_get_policy_id(TS_REQ *a)
-{
-	return a->policy_id;
-}
-
-int
-TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce)
-{
-	ASN1_INTEGER *new_nonce;
-
-	if (a->nonce == nonce)
-		return 1;
-	new_nonce = ASN1_INTEGER_dup(nonce);
-	if (new_nonce == NULL) {
-		TSerr(TS_F_TS_REQ_SET_NONCE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_INTEGER_free(a->nonce);
-	a->nonce = new_nonce;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_REQ_get_nonce(const TS_REQ *a)
-{
-	return a->nonce;
-}
-
-int
-TS_REQ_set_cert_req(TS_REQ *a, int cert_req)
-{
-	a->cert_req = cert_req ? 0xFF : 0x00;
-	return 1;
-}
-
-int
-TS_REQ_get_cert_req(const TS_REQ *a)
-{
-	return a->cert_req ? 1 : 0;
-}
-
-STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a)
-{
-	return a->extensions;
-}
-
-void
-TS_REQ_ext_free(TS_REQ *a)
-{
-	if (!a)
-		return;
-	sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
-	a->extensions = NULL;
-}
-
-int
-TS_REQ_get_ext_count(TS_REQ *a)
-{
-	return X509v3_get_ext_count(a->extensions);
-}
-
-int
-TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
-}
-
-int
-TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
-}
-
-int
-TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
-}
-
-X509_EXTENSION *
-TS_REQ_get_ext(TS_REQ *a, int loc)
-{
-	return X509v3_get_ext(a->extensions, loc);
-}
-
-X509_EXTENSION *
-TS_REQ_delete_ext(TS_REQ *a, int loc)
-{
-	return X509v3_delete_ext(a->extensions, loc);
-}
-
-int
-TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
-}
-
-void *
-TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(a->extensions, nid, crit, idx);
-}
diff --git a/lib/libssl/src/crypto/ts/ts_rsp_print.c b/lib/libssl/src/crypto/ts/ts_rsp_print.c
deleted file mode 100644
index c442b716464..00000000000
--- a/lib/libssl/src/crypto/ts/ts_rsp_print.c
+++ /dev/null
@@ -1,301 +0,0 @@
-/* $OpenBSD: ts_rsp_print.c,v 1.5 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/bn.h>
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-#include <openssl/x509v3.h>
-
-struct status_map_st {
-	int bit;
-	const char *text;
-};
-
-/* Local function declarations. */
-
-static int TS_status_map_print(BIO *bio, struct status_map_st *a,
-    ASN1_BIT_STRING *v);
-static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy);
-
-/* Function definitions. */
-
-int
-TS_RESP_print_bio(BIO *bio, TS_RESP *a)
-{
-	TS_TST_INFO *tst_info;
-
-	BIO_printf(bio, "Status info:\n");
-	TS_STATUS_INFO_print_bio(bio, TS_RESP_get_status_info(a));
-
-	BIO_printf(bio, "\nTST info:\n");
-	tst_info = TS_RESP_get_tst_info(a);
-	if (tst_info != NULL)
-		TS_TST_INFO_print_bio(bio, TS_RESP_get_tst_info(a));
-	else
-		BIO_printf(bio, "Not included.\n");
-
-	return 1;
-}
-
-int
-TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a)
-{
-	static const char *status_map[] = {
-		"Granted.",
-		"Granted with modifications.",
-		"Rejected.",
-		"Waiting.",
-		"Revocation warning.",
-		"Revoked."
-	};
-	static struct status_map_st failure_map[] = {
-		{
-			TS_INFO_BAD_ALG,
-			"unrecognized or unsupported algorithm identifier"
-		},
-		{
-			TS_INFO_BAD_REQUEST,
-			"transaction not permitted or supported"
-		},
-		{
-			TS_INFO_BAD_DATA_FORMAT,
-			"the data submitted has the wrong format"
-		},
-		{
-			TS_INFO_TIME_NOT_AVAILABLE,
-			"the TSA's time source is not available"
-		},
-		{
-			TS_INFO_UNACCEPTED_POLICY,
-			"the requested TSA policy is not supported by the TSA"
-		},
-		{
-			TS_INFO_UNACCEPTED_EXTENSION,
-			"the requested extension is not supported by the TSA"
-		},
-		{
-			TS_INFO_ADD_INFO_NOT_AVAILABLE,
-			"the additional information requested could not be understood "
-			"or is not available"
-		},
-		{
-			TS_INFO_SYSTEM_FAILURE,
-			"the request cannot be handled due to system failure"
-		},
-		{ -1, NULL }
-	};
-	long status;
-	int i, lines = 0;
-
-	/* Printing status code. */
-	BIO_printf(bio, "Status: ");
-	status = ASN1_INTEGER_get(a->status);
-	if (0 <= status &&
-	    status < (long)(sizeof(status_map) / sizeof(status_map[0])))
-		BIO_printf(bio, "%s\n", status_map[status]);
-	else
-		BIO_printf(bio, "out of bounds\n");
-
-	/* Printing status description. */
-	BIO_printf(bio, "Status description: ");
-	for (i = 0; i < sk_ASN1_UTF8STRING_num(a->text); ++i) {
-		if (i > 0)
-			BIO_puts(bio, "\t");
-		ASN1_STRING_print_ex(bio, sk_ASN1_UTF8STRING_value(a->text, i),
-		    0);
-		BIO_puts(bio, "\n");
-	}
-	if (i == 0)
-		BIO_printf(bio, "unspecified\n");
-
-	/* Printing failure information. */
-	BIO_printf(bio, "Failure info: ");
-	if (a->failure_info != NULL)
-		lines = TS_status_map_print(bio, failure_map, a->failure_info);
-	if (lines == 0)
-		BIO_printf(bio, "unspecified");
-	BIO_printf(bio, "\n");
-
-	return 1;
-}
-
-static int
-TS_status_map_print(BIO *bio, struct status_map_st *a, ASN1_BIT_STRING *v)
-{
-	int lines = 0;
-
-	for (; a->bit >= 0; ++a) {
-		if (ASN1_BIT_STRING_get_bit(v, a->bit)) {
-			if (++lines > 1)
-				BIO_printf(bio, ", ");
-			BIO_printf(bio, "%s", a->text);
-		}
-	}
-
-	return lines;
-}
-
-int
-TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
-{
-	int v;
-	ASN1_OBJECT *policy_id;
-	const ASN1_INTEGER *serial;
-	const ASN1_GENERALIZEDTIME *gtime;
-	TS_ACCURACY *accuracy;
-	const ASN1_INTEGER *nonce;
-	GENERAL_NAME *tsa_name;
-
-	if (a == NULL)
-		return 0;
-
-	/* Print version. */
-	v = TS_TST_INFO_get_version(a);
-	BIO_printf(bio, "Version: %d\n", v);
-
-	/* Print policy id. */
-	BIO_printf(bio, "Policy OID: ");
-	policy_id = TS_TST_INFO_get_policy_id(a);
-	TS_OBJ_print_bio(bio, policy_id);
-
-	/* Print message imprint. */
-	TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a));
-
-	/* Print serial number. */
-	BIO_printf(bio, "Serial number: ");
-	serial = TS_TST_INFO_get_serial(a);
-	if (serial == NULL)
-		BIO_printf(bio, "unspecified");
-	else
-		TS_ASN1_INTEGER_print_bio(bio, serial);
-	BIO_write(bio, "\n", 1);
-
-	/* Print time stamp. */
-	BIO_printf(bio, "Time stamp: ");
-	gtime = TS_TST_INFO_get_time(a);
-	ASN1_GENERALIZEDTIME_print(bio, gtime);
-	BIO_write(bio, "\n", 1);
-
-	/* Print accuracy. */
-	BIO_printf(bio, "Accuracy: ");
-	accuracy = TS_TST_INFO_get_accuracy(a);
-	if (accuracy == NULL)
-		BIO_printf(bio, "unspecified");
-	else
-		TS_ACCURACY_print_bio(bio, accuracy);
-	BIO_write(bio, "\n", 1);
-
-	/* Print ordering. */
-	BIO_printf(bio, "Ordering: %s\n",
-	    TS_TST_INFO_get_ordering(a) ? "yes" : "no");
-
-	/* Print nonce. */
-	BIO_printf(bio, "Nonce: ");
-	nonce = TS_TST_INFO_get_nonce(a);
-	if (nonce == NULL)
-		BIO_printf(bio, "unspecified");
-	else
-		TS_ASN1_INTEGER_print_bio(bio, nonce);
-	BIO_write(bio, "\n", 1);
-
-	/* Print TSA name. */
-	BIO_printf(bio, "TSA: ");
-	tsa_name = TS_TST_INFO_get_tsa(a);
-	if (tsa_name == NULL)
-		BIO_printf(bio, "unspecified");
-	else {
-		STACK_OF(CONF_VALUE) *nval;
-		if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL)))
-			X509V3_EXT_val_prn(bio, nval, 0, 0);
-		sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-	}
-	BIO_write(bio, "\n", 1);
-
-	/* Print extensions. */
-	TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a));
-
-	return 1;
-}
-
-static int
-TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy)
-{
-	const ASN1_INTEGER *seconds = TS_ACCURACY_get_seconds(accuracy);
-	const ASN1_INTEGER *millis = TS_ACCURACY_get_millis(accuracy);
-	const ASN1_INTEGER *micros = TS_ACCURACY_get_micros(accuracy);
-
-	if (seconds != NULL)
-		TS_ASN1_INTEGER_print_bio(bio, seconds);
-	else
-		BIO_printf(bio, "unspecified");
-	BIO_printf(bio, " seconds, ");
-	if (millis != NULL)
-		TS_ASN1_INTEGER_print_bio(bio, millis);
-	else
-		BIO_printf(bio, "unspecified");
-	BIO_printf(bio, " millis, ");
-	if (micros != NULL)
-		TS_ASN1_INTEGER_print_bio(bio, micros);
-	else
-		BIO_printf(bio, "unspecified");
-	BIO_printf(bio, " micros");
-
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/ts/ts_rsp_sign.c b/lib/libssl/src/crypto/ts/ts_rsp_sign.c
deleted file mode 100644
index f9e8c53cc87..00000000000
--- a/lib/libssl/src/crypto/ts/ts_rsp_sign.c
+++ /dev/null
@@ -1,1022 +0,0 @@
-/* $OpenBSD: ts_rsp_sign.c,v 1.20 2016/03/11 07:08:45 mmcc Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <sys/time.h>
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/pkcs7.h>
-#include <openssl/ts.h>
-
-/* Private function declarations. */
-
-static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);
-static int def_time_cb(struct TS_resp_ctx *, void *, time_t *sec, long *usec);
-static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *);
-
-static void TS_RESP_CTX_init(TS_RESP_CTX *ctx);
-static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx);
-static int TS_RESP_check_request(TS_RESP_CTX *ctx);
-static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx);
-static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
-    ASN1_OBJECT *policy);
-static int TS_RESP_process_extensions(TS_RESP_CTX *ctx);
-static int TS_RESP_sign(TS_RESP_CTX *ctx);
-
-static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
-    STACK_OF(X509) *certs);
-static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
-static int TS_TST_INFO_content_new(PKCS7 *p7);
-static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
-
-static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision(
-    ASN1_GENERALIZEDTIME *, time_t, long, unsigned);
-
-/* Default callbacks for response generation. */
-
-static ASN1_INTEGER *
-def_serial_cb(struct TS_resp_ctx *ctx, void *data)
-{
-	ASN1_INTEGER *serial = ASN1_INTEGER_new();
-
-	if (!serial)
-		goto err;
-	if (!ASN1_INTEGER_set(serial, 1))
-		goto err;
-	return serial;
-
-err:
-	TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
-	TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-	    "Error during serial number generation.");
-	return NULL;
-}
-
-/* Use the gettimeofday function call. */
-static int
-def_time_cb(struct TS_resp_ctx *ctx, void *data, time_t *sec, long *usec)
-{
-	struct timeval tv;
-
-	if (gettimeofday(&tv, NULL) != 0) {
-		TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Time is not available.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
-		return 0;
-	}
-	/* Return time to caller. */
-	*sec = tv.tv_sec;
-	*usec = tv.tv_usec;
-
-	return 1;
-}
-
-static int
-def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext, void *data)
-{
-	/* No extensions are processed here. */
-	TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-	    "Unsupported extension.");
-	TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION);
-	return 0;
-}
-
-/* TS_RESP_CTX management functions. */
-
-TS_RESP_CTX *
-TS_RESP_CTX_new(void)
-{
-	TS_RESP_CTX *ctx;
-
-	if (!(ctx = calloc(1, sizeof(TS_RESP_CTX)))) {
-		TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	/* Setting default callbacks. */
-	ctx->serial_cb = def_serial_cb;
-	ctx->time_cb = def_time_cb;
-	ctx->extension_cb = def_extension_cb;
-
-	return ctx;
-}
-
-void
-TS_RESP_CTX_free(TS_RESP_CTX *ctx)
-{
-	if (!ctx)
-		return;
-
-	X509_free(ctx->signer_cert);
-	EVP_PKEY_free(ctx->signer_key);
-	sk_X509_pop_free(ctx->certs, X509_free);
-	sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free);
-	ASN1_OBJECT_free(ctx->default_policy);
-	sk_EVP_MD_free(ctx->mds);	/* No EVP_MD_free method exists. */
-	ASN1_INTEGER_free(ctx->seconds);
-	ASN1_INTEGER_free(ctx->millis);
-	ASN1_INTEGER_free(ctx->micros);
-	free(ctx);
-}
-
-int
-TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
-{
-	if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) {
-		TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT,
-		    TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
-		return 0;
-	}
-	X509_free(ctx->signer_cert);
-	ctx->signer_cert = signer;
-	CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
-	return 1;
-}
-
-int
-TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
-{
-	EVP_PKEY_free(ctx->signer_key);
-	ctx->signer_key = key;
-	CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
-
-	return 1;
-}
-
-int
-TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
-{
-	if (ctx->default_policy)
-		ASN1_OBJECT_free(ctx->default_policy);
-	if (!(ctx->default_policy = OBJ_dup(def_policy)))
-		goto err;
-	return 1;
-
-err:
-	TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int
-TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
-{
-	int i;
-
-	if (ctx->certs) {
-		sk_X509_pop_free(ctx->certs, X509_free);
-		ctx->certs = NULL;
-	}
-	if (!certs)
-		return 1;
-	if (!(ctx->certs = sk_X509_dup(certs))) {
-		TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	for (i = 0; i < sk_X509_num(ctx->certs); ++i) {
-		X509 *cert = sk_X509_value(ctx->certs, i);
-		CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509);
-	}
-
-	return 1;
-}
-
-int
-TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
-{
-	ASN1_OBJECT *copy = NULL;
-
-	/* Create new policy stack if necessary. */
-	if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null()))
-		goto err;
-	if (!(copy = OBJ_dup(policy)))
-		goto err;
-	if (!sk_ASN1_OBJECT_push(ctx->policies, copy))
-		goto err;
-
-	return 1;
-
-err:
-	TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
-	ASN1_OBJECT_free(copy);
-	return 0;
-}
-
-int
-TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
-{
-	/* Create new md stack if necessary. */
-	if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null()))
-		goto err;
-	/* Add the shared md, no copy needed. */
-	if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
-		goto err;
-
-	return 1;
-
-err:
-	TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-#define TS_RESP_CTX_accuracy_free(ctx)		\
-	ASN1_INTEGER_free(ctx->seconds);	\
-	ctx->seconds = NULL;			\
-	ASN1_INTEGER_free(ctx->millis);		\
-	ctx->millis = NULL;			\
-	ASN1_INTEGER_free(ctx->micros);		\
-	ctx->micros = NULL;
-
-int
-TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, int secs, int millis, int micros)
-{
-	TS_RESP_CTX_accuracy_free(ctx);
-	if (secs && (!(ctx->seconds = ASN1_INTEGER_new()) ||
-	    !ASN1_INTEGER_set(ctx->seconds, secs)))
-		goto err;
-	if (millis && (!(ctx->millis = ASN1_INTEGER_new()) ||
-	    !ASN1_INTEGER_set(ctx->millis, millis)))
-		goto err;
-	if (micros && (!(ctx->micros = ASN1_INTEGER_new()) ||
-	    !ASN1_INTEGER_set(ctx->micros, micros)))
-		goto err;
-
-	return 1;
-
-err:
-	TS_RESP_CTX_accuracy_free(ctx);
-	TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-void
-TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags)
-{
-	ctx->flags |= flags;
-}
-
-void
-TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data)
-{
-	ctx->serial_cb = cb;
-	ctx->serial_cb_data = data;
-}
-
-void
-TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, TS_extension_cb cb, void *data)
-{
-	ctx->extension_cb = cb;
-	ctx->extension_cb_data = data;
-}
-
-int
-TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, int status, const char *text)
-{
-	TS_STATUS_INFO *si = NULL;
-	ASN1_UTF8STRING *utf8_text = NULL;
-	int ret = 0;
-
-	if (!(si = TS_STATUS_INFO_new()))
-		goto err;
-	if (!ASN1_INTEGER_set(si->status, status))
-		goto err;
-	if (text) {
-		if (!(utf8_text = ASN1_UTF8STRING_new()) ||
-		    !ASN1_STRING_set(utf8_text, text, strlen(text)))
-			goto err;
-		if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
-			goto err;
-		if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text))
-			goto err;
-		utf8_text = NULL;	/* Ownership is lost. */
-	}
-	if (!TS_RESP_set_status_info(ctx->response, si))
-		goto err;
-	ret = 1;
-
-err:
-	if (!ret)
-		TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
-	TS_STATUS_INFO_free(si);
-	ASN1_UTF8STRING_free(utf8_text);
-	return ret;
-}
-
-int
-TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, int status, const char *text)
-{
-	int ret = 1;
-	TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
-
-	if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED) {
-		/* Status has not been set, set it now. */
-		ret = TS_RESP_CTX_set_status_info(ctx, status, text);
-	}
-	return ret;
-}
-
-int
-TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
-{
-	TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
-
-	if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
-		goto err;
-	if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
-		goto err;
-	return 1;
-
-err:
-	TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-TS_REQ *
-TS_RESP_CTX_get_request(TS_RESP_CTX *ctx)
-{
-	return ctx->request;
-}
-
-TS_TST_INFO *
-TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx)
-{
-	return ctx->tst_info;
-}
-
-int
-TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, unsigned precision)
-{
-	if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
-		return 0;
-	ctx->clock_precision_digits = precision;
-	return 1;
-}
-
-/* Main entry method of the response generation. */
-TS_RESP *
-TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
-{
-	ASN1_OBJECT *policy;
-	TS_RESP *response;
-	int result = 0;
-
-	TS_RESP_CTX_init(ctx);
-
-	/* Creating the response object. */
-	if (!(ctx->response = TS_RESP_new())) {
-		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
-		goto end;
-	}
-
-	/* Parsing DER request. */
-	if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) {
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Bad request format or "
-		    "system error.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
-		goto end;
-	}
-
-	/* Setting default status info. */
-	if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL))
-		goto end;
-
-	/* Checking the request format. */
-	if (!TS_RESP_check_request(ctx))
-		goto end;
-
-	/* Checking acceptable policies. */
-	if (!(policy = TS_RESP_get_policy(ctx)))
-		goto end;
-
-	/* Creating the TS_TST_INFO object. */
-	if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
-		goto end;
-
-	/* Processing extensions. */
-	if (!TS_RESP_process_extensions(ctx))
-		goto end;
-
-	/* Generating the signature. */
-	if (!TS_RESP_sign(ctx))
-		goto end;
-
-	/* Everything was successful. */
-	result = 1;
-
-end:
-	if (!result) {
-		TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
-		if (ctx->response != NULL) {
-			if (TS_RESP_CTX_set_status_info_cond(ctx,
-			    TS_STATUS_REJECTION, "Error during response "
-			    "generation.") == 0) {
-				TS_RESP_free(ctx->response);
-				ctx->response = NULL;
-			}
-		}
-	}
-	response = ctx->response;
-	ctx->response = NULL;	/* Ownership will be returned to caller. */
-	TS_RESP_CTX_cleanup(ctx);
-	return response;
-}
-
-/* Initializes the variable part of the context. */
-static void
-TS_RESP_CTX_init(TS_RESP_CTX *ctx)
-{
-	ctx->request = NULL;
-	ctx->response = NULL;
-	ctx->tst_info = NULL;
-}
-
-/* Cleans up the variable part of the context. */
-static void
-TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx)
-{
-	TS_REQ_free(ctx->request);
-	ctx->request = NULL;
-	TS_RESP_free(ctx->response);
-	ctx->response = NULL;
-	TS_TST_INFO_free(ctx->tst_info);
-	ctx->tst_info = NULL;
-}
-
-/* Checks the format and content of the request. */
-static int
-TS_RESP_check_request(TS_RESP_CTX *ctx)
-{
-	TS_REQ *request = ctx->request;
-	TS_MSG_IMPRINT *msg_imprint;
-	X509_ALGOR *md_alg;
-	int md_alg_id;
-	const ASN1_OCTET_STRING *digest;
-	EVP_MD *md = NULL;
-	int i;
-
-	/* Checking request version. */
-	if (TS_REQ_get_version(request) != 1) {
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Bad request version.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST);
-		return 0;
-	}
-
-	/* Checking message digest algorithm. */
-	msg_imprint = TS_REQ_get_msg_imprint(request);
-	md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint);
-	md_alg_id = OBJ_obj2nid(md_alg->algorithm);
-	for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) {
-		EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
-		if (md_alg_id == EVP_MD_type(current_md))
-			md = current_md;
-	}
-	if (!md) {
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Message digest algorithm is "
-		    "not supported.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
-		return 0;
-	}
-
-	/* No message digest takes parameter. */
-	if (md_alg->parameter &&
-	    ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) {
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Superfluous message digest "
-		    "parameter.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
-		return 0;
-	}
-	/* Checking message digest size. */
-	digest = TS_MSG_IMPRINT_get_msg(msg_imprint);
-	if (digest->length != EVP_MD_size(md)) {
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Bad message digest.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
-		return 0;
-	}
-
-	return 1;
-}
-
-/* Returns the TSA policy based on the requested and acceptable policies. */
-static ASN1_OBJECT *
-TS_RESP_get_policy(TS_RESP_CTX *ctx)
-{
-	ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
-	ASN1_OBJECT *policy = NULL;
-	int i;
-
-	if (ctx->default_policy == NULL) {
-		TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
-		return NULL;
-	}
-	/* Return the default policy if none is requested or the default is
-	   requested. */
-	if (!requested || !OBJ_cmp(requested, ctx->default_policy))
-		policy = ctx->default_policy;
-
-	/* Check if the policy is acceptable. */
-	for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i) {
-		ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i);
-		if (!OBJ_cmp(requested, current))
-			policy = current;
-	}
-	if (!policy) {
-		TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
-		TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
-		    "Requested policy is not "
-		    "supported.");
-		TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
-	}
-	return policy;
-}
-
-/* Creates the TS_TST_INFO object based on the settings of the context. */
-static TS_TST_INFO *
-TS_RESP_create_tst_info(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
-{
-	int result = 0;
-	TS_TST_INFO *tst_info = NULL;
-	ASN1_INTEGER *serial = NULL;
-	ASN1_GENERALIZEDTIME *asn1_time = NULL;
-	time_t sec;
-	long usec;
-	TS_ACCURACY *accuracy = NULL;
-	const ASN1_INTEGER *nonce;
-	GENERAL_NAME *tsa_name = NULL;
-
-	if (!(tst_info = TS_TST_INFO_new()))
-		goto end;
-	if (!TS_TST_INFO_set_version(tst_info, 1))
-		goto end;
-	if (!TS_TST_INFO_set_policy_id(tst_info, policy))
-		goto end;
-	if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
-		goto end;
-	if (!(serial = (*ctx->serial_cb)(ctx, ctx->serial_cb_data)) ||
-	    !TS_TST_INFO_set_serial(tst_info, serial))
-		goto end;
-	if (!(*ctx->time_cb)(ctx, ctx->time_cb_data, &sec, &usec) ||
-	    !(asn1_time = TS_RESP_set_genTime_with_precision(NULL, sec, usec,
-	    ctx->clock_precision_digits)) ||
-	    !TS_TST_INFO_set_time(tst_info, asn1_time))
-		goto end;
-
-	/* Setting accuracy if needed. */
-	if ((ctx->seconds || ctx->millis || ctx->micros) &&
-	    !(accuracy = TS_ACCURACY_new()))
-		goto end;
-
-	if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
-		goto end;
-	if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis))
-		goto end;
-	if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros))
-		goto end;
-	if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy))
-		goto end;
-
-	/* Setting ordering. */
-	if ((ctx->flags & TS_ORDERING) &&
-	    !TS_TST_INFO_set_ordering(tst_info, 1))
-		goto end;
-
-	/* Setting nonce if needed. */
-	if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL &&
-	    !TS_TST_INFO_set_nonce(tst_info, nonce))
-		goto end;
-
-	/* Setting TSA name to subject of signer certificate. */
-	if (ctx->flags & TS_TSA_NAME) {
-		if (!(tsa_name = GENERAL_NAME_new()))
-			goto end;
-		tsa_name->type = GEN_DIRNAME;
-		tsa_name->d.dirn =
-		    X509_NAME_dup(ctx->signer_cert->cert_info->subject);
-		if (!tsa_name->d.dirn)
-			goto end;
-		if (!TS_TST_INFO_set_tsa(tst_info, tsa_name))
-			goto end;
-	}
-
-	result = 1;
-
-end:
-	if (!result) {
-		TS_TST_INFO_free(tst_info);
-		tst_info = NULL;
-		TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
-		TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-		    "Error during TSTInfo "
-		    "generation.");
-	}
-	GENERAL_NAME_free(tsa_name);
-	TS_ACCURACY_free(accuracy);
-	ASN1_GENERALIZEDTIME_free(asn1_time);
-	ASN1_INTEGER_free(serial);
-
-	return tst_info;
-}
-
-/* Processing the extensions of the request. */
-static int
-TS_RESP_process_extensions(TS_RESP_CTX *ctx)
-{
-	STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request);
-	int i;
-	int ok = 1;
-
-	for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i) {
-		X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
-		/* XXXXX The last argument was previously
-		   (void *)ctx->extension_cb, but ISO C doesn't permit
-		   converting a function pointer to void *.  For lack of
-		   better information, I'm placing a NULL there instead.
-		   The callback can pick its own address out from the ctx
-		   anyway...
-		*/
-		ok = (*ctx->extension_cb)(ctx, ext, NULL);
-	}
-
-	return ok;
-}
-
-/* Functions for signing the TS_TST_INFO structure of the context. */
-static int
-TS_RESP_sign(TS_RESP_CTX *ctx)
-{
-	int ret = 0;
-	PKCS7 *p7 = NULL;
-	PKCS7_SIGNER_INFO *si;
-	STACK_OF(X509) *certs;	/* Certificates to include in sc. */
-	ESS_SIGNING_CERT *sc = NULL;
-	ASN1_OBJECT *oid;
-	BIO *p7bio = NULL;
-	int i;
-
-	/* Check if signcert and pkey match. */
-	if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
-		TSerr(TS_F_TS_RESP_SIGN,
-		    TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
-		goto err;
-	}
-
-	/* Create a new PKCS7 signed object. */
-	if (!(p7 = PKCS7_new())) {
-		TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (!PKCS7_set_type(p7, NID_pkcs7_signed))
-		goto err;
-
-	/* Force SignedData version to be 3 instead of the default 1. */
-	if (!ASN1_INTEGER_set(p7->d.sign->version, 3))
-		goto err;
-
-	/* Add signer certificate and optional certificate chain. */
-	if (TS_REQ_get_cert_req(ctx->request)) {
-		PKCS7_add_certificate(p7, ctx->signer_cert);
-		if (ctx->certs) {
-			for (i = 0; i < sk_X509_num(ctx->certs); ++i) {
-				X509 *cert = sk_X509_value(ctx->certs, i);
-				PKCS7_add_certificate(p7, cert);
-			}
-		}
-	}
-
-	/* Add a new signer info. */
-	if (!(si = PKCS7_add_signature(p7, ctx->signer_cert,
-	    ctx->signer_key, EVP_sha1()))) {
-		TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
-		goto err;
-	}
-
-	/* Add content type signed attribute to the signer info. */
-	oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
-	if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
-	    V_ASN1_OBJECT, oid)) {
-		TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
-		goto err;
-	}
-
-	/* Create the ESS SigningCertificate attribute which contains
-	   the signer certificate id and optionally the certificate chain. */
-	certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
-	if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
-		goto err;
-
-	/* Add SigningCertificate signed attribute to the signer info. */
-	if (!ESS_add_signing_cert(si, sc)) {
-		TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
-		goto err;
-	}
-
-	/* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */
-	if (!TS_TST_INFO_content_new(p7))
-		goto err;
-
-	/* Add the DER encoded tst_info to the PKCS7 structure. */
-	if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
-		TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* Convert tst_info to DER. */
-	if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) {
-		TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
-		goto err;
-	}
-
-	/* Create the signature and add it to the signer info. */
-	if (!PKCS7_dataFinal(p7, p7bio)) {
-		TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
-		goto err;
-	}
-
-	/* Set new PKCS7 and TST_INFO objects. */
-	TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
-	p7 = NULL;		/* Ownership is lost. */
-	ctx->tst_info = NULL;	/* Ownership is lost. */
-
-	ret = 1;
-
-err:
-	if (!ret)
-		TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
-	    "Error during signature "
-	    "generation.");
-	BIO_free_all(p7bio);
-	ESS_SIGNING_CERT_free(sc);
-	PKCS7_free(p7);
-	return ret;
-}
-
-static ESS_SIGNING_CERT *
-ESS_SIGNING_CERT_new_init(X509 *signcert, STACK_OF(X509) *certs)
-{
-	ESS_CERT_ID *cid;
-	ESS_SIGNING_CERT *sc = NULL;
-	int i;
-
-	/* Creating the ESS_CERT_ID stack. */
-	if (!(sc = ESS_SIGNING_CERT_new()))
-		goto err;
-	if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
-		goto err;
-
-	/* Adding the signing certificate id. */
-	if (!(cid = ESS_CERT_ID_new_init(signcert, 0)) ||
-	    !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
-		goto err;
-	/* Adding the certificate chain ids. */
-	for (i = 0; i < sk_X509_num(certs); ++i) {
-		X509 *cert = sk_X509_value(certs, i);
-		if (!(cid = ESS_CERT_ID_new_init(cert, 1)) ||
-		    !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
-			goto err;
-	}
-
-	return sc;
-
-err:
-	ESS_SIGNING_CERT_free(sc);
-	TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-static ESS_CERT_ID *
-ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
-{
-	ESS_CERT_ID *cid = NULL;
-	GENERAL_NAME *name = NULL;
-
-	/* Recompute SHA1 hash of certificate if necessary (side effect). */
-	X509_check_purpose(cert, -1, 0);
-
-	if (!(cid = ESS_CERT_ID_new()))
-		goto err;
-	if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
-	    sizeof(cert->sha1_hash)))
-		goto err;
-
-	/* Setting the issuer/serial if requested. */
-	if (issuer_needed) {
-		/* Creating issuer/serial structure. */
-		if (!cid->issuer_serial &&
-		    !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
-			goto err;
-		/* Creating general name from the certificate issuer. */
-		if (!(name = GENERAL_NAME_new()))
-			goto err;
-		name->type = GEN_DIRNAME;
-		if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)))
-			goto err;
-		if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
-			goto err;
-		name = NULL;	/* Ownership is lost. */
-		/* Setting the serial number. */
-		ASN1_INTEGER_free(cid->issuer_serial->serial);
-		if (!(cid->issuer_serial->serial =
-		    ASN1_INTEGER_dup(cert->cert_info->serialNumber)))
-			goto err;
-	}
-
-	return cid;
-
-err:
-	GENERAL_NAME_free(name);
-	ESS_CERT_ID_free(cid);
-	TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-static int
-TS_TST_INFO_content_new(PKCS7 *p7)
-{
-	PKCS7 *ret = NULL;
-	ASN1_OCTET_STRING *octet_string = NULL;
-
-	/* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
-	if (!(ret = PKCS7_new()))
-		goto err;
-	if (!(ret->d.other = ASN1_TYPE_new()))
-		goto err;
-	ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
-	if (!(octet_string = ASN1_OCTET_STRING_new()))
-		goto err;
-	ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
-	octet_string = NULL;
-
-	/* Add encapsulated content to signed PKCS7 structure. */
-	if (!PKCS7_set_content(p7, ret))
-		goto err;
-
-	return 1;
-
-err:
-	ASN1_OCTET_STRING_free(octet_string);
-	PKCS7_free(ret);
-	return 0;
-}
-
-static int
-ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
-{
-	ASN1_STRING *seq = NULL;
-	unsigned char *p, *pp = NULL;
-	int len;
-
-	len = i2d_ESS_SIGNING_CERT(sc, NULL);
-	if (!(pp = malloc(len))) {
-		TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	p = pp;
-	i2d_ESS_SIGNING_CERT(sc, &p);
-	if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
-		TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	free(pp);
-	pp = NULL;
-	return PKCS7_add_signed_attribute(si,
-	    NID_id_smime_aa_signingCertificate, V_ASN1_SEQUENCE, seq);
-
-err:
-	ASN1_STRING_free(seq);
-	free(pp);
-
-	return 0;
-}
-
-
-static ASN1_GENERALIZEDTIME *
-TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
-    time_t sec, long usec, unsigned precision)
-{
-	struct tm *tm = NULL;
-	char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
-	char usecstr[TS_MAX_CLOCK_PRECISION_DIGITS + 2];
-	char *p;
-	int rv;
-
-	if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
-		goto err;
-
-	if (!(tm = gmtime(&sec)))
-		goto err;
-
-	/*
-	 * Put "genTime_str" in GeneralizedTime format.  We work around the
-	 * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST
-	 * NOT include fractional seconds") and OpenSSL related functions to
-	 * meet the rfc3161 requirement: "GeneralizedTime syntax can include
-	 * fraction-of-second details".
-	 */
-	if (precision > 0) {
-		/* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
-		   the following restrictions for a DER-encoding, which OpenSSL
-		   (specifically ASN1_GENERALIZEDTIME_check() function) doesn't
-		   support:
-		   "The encoding MUST terminate with a "Z" (which means "Zulu"
-		   time). The decimal point element, if present, MUST be the
-		   point option ".". The fractional-seconds elements,
-		   if present, MUST omit all trailing 0's;
-		   if the elements correspond to 0, they MUST be wholly
-		   omitted, and the decimal point element also MUST be
-		   omitted." */
-		(void) snprintf(usecstr, sizeof(usecstr), ".%06ld", usec);
-		/* truncate and trim trailing 0 */
-		usecstr[precision + 1] = '\0';
-		p = usecstr + strlen(usecstr) - 1;
-		while (p > usecstr && *p == '0')
-			*p-- = '\0';
-		/* if we've reached the beginning, delete the . too */
-		if (p == usecstr)
-			*p = '\0';
-
-	} else {
-		/* empty */
-		usecstr[0] = '\0';
-	}
-	rv = snprintf(genTime_str, sizeof(genTime_str),
-	    "%04d%02d%02d%02d%02d%02d%sZ",
-	    tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
-	    tm->tm_hour, tm->tm_min, tm->tm_sec, usecstr);
-	if (rv == -1 || rv >= sizeof(genTime_str))
-		goto err;
-
-	/* Now call OpenSSL to check and set our genTime value */
-	if (!asn1_time && !(asn1_time = ASN1_GENERALIZEDTIME_new()))
-		goto err;
-	if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) {
-		ASN1_GENERALIZEDTIME_free(asn1_time);
-		goto err;
-	}
-
-	return asn1_time;
-
-err:
-	TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/ts/ts_rsp_utils.c b/lib/libssl/src/crypto/ts/ts_rsp_utils.c
deleted file mode 100644
index 39eb2a29636..00000000000
--- a/lib/libssl/src/crypto/ts/ts_rsp_utils.c
+++ /dev/null
@@ -1,436 +0,0 @@
-/* $OpenBSD: ts_rsp_utils.c,v 1.5 2015/07/29 14:58:34 jsing Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/pkcs7.h>
-#include <openssl/ts.h>
-
-/* Function definitions. */
-
-int
-TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info)
-{
-	TS_STATUS_INFO *new_status_info;
-
-	if (a->status_info == status_info)
-		return 1;
-	new_status_info = TS_STATUS_INFO_dup(status_info);
-	if (new_status_info == NULL) {
-		TSerr(TS_F_TS_RESP_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	TS_STATUS_INFO_free(a->status_info);
-	a->status_info = new_status_info;
-
-	return 1;
-}
-
-TS_STATUS_INFO *
-TS_RESP_get_status_info(TS_RESP *a)
-{
-	return a->status_info;
-}
-
-/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
-void
-TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info)
-{
-	/* Set new PKCS7 and TST_INFO objects. */
-	PKCS7_free(a->token);
-	a->token = p7;
-	TS_TST_INFO_free(a->tst_info);
-	a->tst_info = tst_info;
-}
-
-PKCS7 *
-TS_RESP_get_token(TS_RESP *a)
-{
-	return a->token;
-}
-
-TS_TST_INFO *
-TS_RESP_get_tst_info(TS_RESP *a)
-{
-	return a->tst_info;
-}
-
-int
-TS_TST_INFO_set_version(TS_TST_INFO *a, long version)
-{
-	return ASN1_INTEGER_set(a->version, version);
-}
-
-long
-TS_TST_INFO_get_version(const TS_TST_INFO *a)
-{
-	return ASN1_INTEGER_get(a->version);
-}
-
-int
-TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy)
-{
-	ASN1_OBJECT *new_policy;
-
-	if (a->policy_id == policy)
-		return 1;
-	new_policy = OBJ_dup(policy);
-	if (new_policy == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_OBJECT_free(a->policy_id);
-	a->policy_id = new_policy;
-	return 1;
-}
-
-ASN1_OBJECT *
-TS_TST_INFO_get_policy_id(TS_TST_INFO *a)
-{
-	return a->policy_id;
-}
-
-int
-TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint)
-{
-	TS_MSG_IMPRINT *new_msg_imprint;
-
-	if (a->msg_imprint == msg_imprint)
-		return 1;
-	new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
-	if (new_msg_imprint == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	TS_MSG_IMPRINT_free(a->msg_imprint);
-	a->msg_imprint = new_msg_imprint;
-	return 1;
-}
-
-TS_MSG_IMPRINT *
-TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a)
-{
-	return a->msg_imprint;
-}
-
-int
-TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial)
-{
-	ASN1_INTEGER *new_serial;
-
-	if (a->serial == serial)
-		return 1;
-	new_serial = ASN1_INTEGER_dup(serial);
-	if (new_serial == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_SERIAL, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_INTEGER_free(a->serial);
-	a->serial = new_serial;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_TST_INFO_get_serial(const TS_TST_INFO *a)
-{
-	return a->serial;
-}
-
-int
-TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime)
-{
-	ASN1_GENERALIZEDTIME *new_time;
-
-	if (a->time == gtime)
-		return 1;
-	new_time = ASN1_STRING_dup(gtime);
-	if (new_time == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_TIME, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_GENERALIZEDTIME_free(a->time);
-	a->time = new_time;
-	return 1;
-}
-
-const ASN1_GENERALIZEDTIME *
-TS_TST_INFO_get_time(const TS_TST_INFO *a)
-{
-	return a->time;
-}
-
-int
-TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy)
-{
-	TS_ACCURACY *new_accuracy;
-
-	if (a->accuracy == accuracy)
-		return 1;
-	new_accuracy = TS_ACCURACY_dup(accuracy);
-	if (new_accuracy == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	TS_ACCURACY_free(a->accuracy);
-	a->accuracy = new_accuracy;
-	return 1;
-}
-
-TS_ACCURACY *
-TS_TST_INFO_get_accuracy(TS_TST_INFO *a)
-{
-	return a->accuracy;
-}
-
-int
-TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds)
-{
-	ASN1_INTEGER *new_seconds;
-
-	if (a->seconds == seconds)
-		return 1;
-	new_seconds = ASN1_INTEGER_dup(seconds);
-	if (new_seconds == NULL) {
-		TSerr(TS_F_TS_ACCURACY_SET_SECONDS, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_INTEGER_free(a->seconds);
-	a->seconds = new_seconds;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_ACCURACY_get_seconds(const TS_ACCURACY *a)
-{
-	return a->seconds;
-}
-
-int
-TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis)
-{
-	ASN1_INTEGER *new_millis = NULL;
-
-	if (a->millis == millis)
-		return 1;
-	if (millis != NULL) {
-		new_millis = ASN1_INTEGER_dup(millis);
-		if (new_millis == NULL) {
-			TSerr(TS_F_TS_ACCURACY_SET_MILLIS,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	ASN1_INTEGER_free(a->millis);
-	a->millis = new_millis;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_ACCURACY_get_millis(const TS_ACCURACY *a)
-{
-	return a->millis;
-}
-
-int
-TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros)
-{
-	ASN1_INTEGER *new_micros = NULL;
-
-	if (a->micros == micros)
-		return 1;
-	if (micros != NULL) {
-		new_micros = ASN1_INTEGER_dup(micros);
-		if (new_micros == NULL) {
-			TSerr(TS_F_TS_ACCURACY_SET_MICROS,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	ASN1_INTEGER_free(a->micros);
-	a->micros = new_micros;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_ACCURACY_get_micros(const TS_ACCURACY *a)
-{
-	return a->micros;
-}
-
-int
-TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering)
-{
-	a->ordering = ordering ? 0xFF : 0x00;
-	return 1;
-}
-
-int
-TS_TST_INFO_get_ordering(const TS_TST_INFO *a)
-{
-	return a->ordering ? 1 : 0;
-}
-
-int
-TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce)
-{
-	ASN1_INTEGER *new_nonce;
-
-	if (a->nonce == nonce)
-		return 1;
-	new_nonce = ASN1_INTEGER_dup(nonce);
-	if (new_nonce == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_NONCE, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	ASN1_INTEGER_free(a->nonce);
-	a->nonce = new_nonce;
-	return 1;
-}
-
-const ASN1_INTEGER *
-TS_TST_INFO_get_nonce(const TS_TST_INFO *a)
-{
-	return a->nonce;
-}
-
-int
-TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa)
-{
-	GENERAL_NAME *new_tsa;
-
-	if (a->tsa == tsa)
-		return 1;
-	new_tsa = GENERAL_NAME_dup(tsa);
-	if (new_tsa == NULL) {
-		TSerr(TS_F_TS_TST_INFO_SET_TSA, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	GENERAL_NAME_free(a->tsa);
-	a->tsa = new_tsa;
-	return 1;
-}
-
-GENERAL_NAME *
-TS_TST_INFO_get_tsa(TS_TST_INFO *a)
-{
-	return a->tsa;
-}
-
-STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a)
-{
-	return a->extensions;
-}
-
-void
-TS_TST_INFO_ext_free(TS_TST_INFO *a)
-{
-	if (!a)
-		return;
-	sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
-	a->extensions = NULL;
-}
-
-int
-TS_TST_INFO_get_ext_count(TS_TST_INFO *a)
-{
-	return X509v3_get_ext_count(a->extensions);
-}
-
-int
-TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos)
-{
-	return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
-}
-
-int
-TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
-}
-
-int
-TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos)
-{
-	return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
-}
-
-X509_EXTENSION *
-TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc)
-{
-	return X509v3_get_ext(a->extensions, loc);
-}
-
-X509_EXTENSION *
-TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc)
-{
-	return X509v3_delete_ext(a->extensions, loc);
-}
-
-int
-TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc)
-{
-	return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
-}
-
-void *
-TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(a->extensions, nid, crit, idx);
-}
diff --git a/lib/libssl/src/crypto/ts/ts_rsp_verify.c b/lib/libssl/src/crypto/ts/ts_rsp_verify.c
deleted file mode 100644
index 204c6a9df8b..00000000000
--- a/lib/libssl/src/crypto/ts/ts_rsp_verify.c
+++ /dev/null
@@ -1,745 +0,0 @@
-/* $OpenBSD: ts_rsp_verify.c,v 1.16 2015/07/19 18:25:59 miod Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2002.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/pkcs7.h>
-#include <openssl/ts.h>
-
-/* Private function declarations. */
-
-static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
-    X509 *signer, STACK_OF(X509) **chain);
-static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain);
-static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
-static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
-static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
-static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
-    PKCS7 *token, TS_TST_INFO *tst_info);
-static int TS_check_status_info(TS_RESP *response);
-static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
-static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
-static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
-    X509_ALGOR **md_alg,
-    unsigned char **imprint, unsigned *imprint_len);
-static int TS_check_imprints(X509_ALGOR *algor_a,
-    unsigned char *imprint_a, unsigned len_a,
-    TS_TST_INFO *tst_info);
-static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
-static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
-static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name);
-
-/*
- * Local mapping between response codes and descriptions.
- * Don't forget to change TS_STATUS_BUF_SIZE when modifying
- * the elements of this array.
- */
-static const char *TS_status_text[] = {
-	"granted",
-	"grantedWithMods",
-	"rejection",
-	"waiting",
-	"revocationWarning",
-	"revocationNotification"
-};
-
-#define TS_STATUS_TEXT_SIZE	(sizeof(TS_status_text)/sizeof(*TS_status_text))
-
-/*
- * This must be greater or equal to the sum of the strings in TS_status_text
- * plus the number of its elements.
- */
-#define TS_STATUS_BUF_SIZE	256
-
-static struct {
-	int code;
-	const char *text;
-} TS_failure_info[] = {
-	{ TS_INFO_BAD_ALG, "badAlg" },
-	{ TS_INFO_BAD_REQUEST, "badRequest" },
-	{ TS_INFO_BAD_DATA_FORMAT, "badDataFormat" },
-	{ TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable" },
-	{ TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy" },
-	{ TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension" },
-	{ TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable" },
-	{ TS_INFO_SYSTEM_FAILURE, "systemFailure" }
-};
-
-#define TS_FAILURE_INFO_SIZE	(sizeof(TS_failure_info) / \
-				sizeof(*TS_failure_info))
-
-/* Functions for verifying a signed TS_TST_INFO structure. */
-
-/*
- * This function carries out the following tasks:
- *	- Checks if there is one and only one signer.
- *	- Search for the signing certificate in 'certs' and in the response.
- *	- Check the extended key usage and key usage fields of the signer
- *	certificate (done by the path validation).
- *	- Build and validate the certificate path.
- *	- Check if the certificate path meets the requirements of the
- *	SigningCertificate ESS signed attribute.
- *	- Verify the signature value.
- *	- Returns the signer certificate in 'signer', if 'signer' is not NULL.
- */
-int
-TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
-    X509_STORE *store, X509 **signer_out)
-{
-	STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
-	PKCS7_SIGNER_INFO *si;
-	STACK_OF(X509) *signers = NULL;
-	X509	*signer;
-	STACK_OF(X509) *chain = NULL;
-	char	buf[4096];
-	int	i, j = 0, ret = 0;
-	BIO	*p7bio = NULL;
-
-	/* Some sanity checks first. */
-	if (!token) {
-		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
-		goto err;
-	}
-
-	/* Check for the correct content type */
-	if (!PKCS7_type_is_signed(token)) {
-		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
-		goto err;
-	}
-
-	/* Check if there is one and only one signer. */
-	sinfos = PKCS7_get_signer_info(token);
-	if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
-		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE,
-		    TS_R_THERE_MUST_BE_ONE_SIGNER);
-		goto err;
-	}
-	si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
-
-	/* Check for no content: no data to verify signature. */
-	if (PKCS7_get_detached(token)) {
-		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
-		goto err;
-	}
-
-	/* Get hold of the signer certificate, search only internal
-	   certificates if it was requested. */
-	signers = PKCS7_get0_signers(token, certs, 0);
-	if (!signers || sk_X509_num(signers) != 1)
-		goto err;
-	signer = sk_X509_value(signers, 0);
-
-	/* Now verify the certificate. */
-	if (!TS_verify_cert(store, certs, signer, &chain))
-		goto err;
-
-	/* Check if the signer certificate is consistent with the
-	   ESS extension. */
-	if (!TS_check_signing_certs(si, chain))
-		goto err;
-
-	/* Creating the message digest. */
-	p7bio = PKCS7_dataInit(token, NULL);
-
-	/* We now have to 'read' from p7bio to calculate digests etc. */
-	while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0)
-		;
-
-	/* Verifying the signature. */
-	j = PKCS7_signatureVerify(p7bio, token, si, signer);
-	if (j <= 0) {
-		TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
-		goto err;
-	}
-
-	/* Return the signer certificate if needed. */
-	if (signer_out) {
-		*signer_out = signer;
-		CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
-	}
-
-	ret = 1;
-
-err:
-	BIO_free_all(p7bio);
-	sk_X509_pop_free(chain, X509_free);
-	sk_X509_free(signers);
-
-	return ret;
-}
-
-/*
- * The certificate chain is returned in chain. Caller is responsible for
- * freeing the vector.
- */
-static int
-TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, X509 *signer,
-    STACK_OF(X509) **chain)
-{
-	X509_STORE_CTX cert_ctx;
-	int i;
-	int ret = 0;
-
-	/* chain is an out argument. */
-	*chain = NULL;
-	if (X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted) == 0) {
-		TSerr(TS_F_TS_VERIFY_CERT, ERR_R_X509_LIB);
-		goto err;
-	}
-	X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
-	i = X509_verify_cert(&cert_ctx);
-	if (i <= 0) {
-		int j = X509_STORE_CTX_get_error(&cert_ctx);
-
-		TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
-		ERR_asprintf_error_data("Verify error:%s",
-		    X509_verify_cert_error_string(j));
-		goto err;
-	} else {
-		/* Get a copy of the certificate chain. */
-		*chain = X509_STORE_CTX_get1_chain(&cert_ctx);
-		ret = 1;
-	}
-
-err:
-	X509_STORE_CTX_cleanup(&cert_ctx);
-
-	return ret;
-}
-
-static int
-TS_check_signing_certs(PKCS7_SIGNER_INFO *si, STACK_OF(X509) *chain)
-{
-	ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
-	STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
-	X509 *cert;
-	int i = 0;
-	int ret = 0;
-
-	if (!ss)
-		goto err;
-	cert_ids = ss->cert_ids;
-	/* The signer certificate must be the first in cert_ids. */
-	cert = sk_X509_value(chain, 0);
-	if (TS_find_cert(cert_ids, cert) != 0)
-		goto err;
-
-	/* Check the other certificates of the chain if there are more
-	   than one certificate ids in cert_ids. */
-	if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
-		/* All the certificates of the chain must be in cert_ids. */
-		for (i = 1; i < sk_X509_num(chain); ++i) {
-			cert = sk_X509_value(chain, i);
-			if (TS_find_cert(cert_ids, cert) < 0)
-				goto err;
-		}
-	}
-	ret = 1;
-
-err:
-	if (!ret)
-		TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
-		    TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
-	ESS_SIGNING_CERT_free(ss);
-	return ret;
-}
-
-static ESS_SIGNING_CERT *
-ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
-{
-	ASN1_TYPE *attr;
-	const unsigned char *p;
-
-	attr = PKCS7_get_signed_attribute(si,
-	    NID_id_smime_aa_signingCertificate);
-	if (!attr)
-		return NULL;
-	if (attr->type != V_ASN1_SEQUENCE)
-		return NULL;
-	p = attr->value.sequence->data;
-	return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
-}
-
-/* Returns < 0 if certificate is not found, certificate index otherwise. */
-static int
-TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
-{
-	int i;
-
-	if (!cert_ids || !cert)
-		return -1;
-
-	/* Recompute SHA1 hash of certificate if necessary (side effect). */
-	X509_check_purpose(cert, -1, 0);
-
-	/* Look for cert in the cert_ids vector. */
-	for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
-		ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
-
-		/* Check the SHA-1 hash first. */
-		if (cid->hash->length == sizeof(cert->sha1_hash) &&
-		    !memcmp(cid->hash->data, cert->sha1_hash,
-			sizeof(cert->sha1_hash))) {
-			/* Check the issuer/serial as well if specified. */
-			ESS_ISSUER_SERIAL *is = cid->issuer_serial;
-			if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
-				return i;
-		}
-	}
-
-	return -1;
-}
-
-static int
-TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
-{
-	GENERAL_NAME *issuer;
-
-	if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1)
-		return -1;
-
-	/* Check the issuer first. It must be a directory name. */
-	issuer = sk_GENERAL_NAME_value(is->issuer, 0);
-	if (issuer->type != GEN_DIRNAME ||
-	    X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
-		return -1;
-
-	/* Check the serial number, too. */
-	if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
-		return -1;
-
-	return 0;
-}
-
-/*
- * Verifies whether 'response' contains a valid response with regards
- * to the settings of the context:
- *	- Gives an error message if the TS_TST_INFO is not present.
- *	- Calls _TS_RESP_verify_token to verify the token content.
- */
-int
-TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
-{
-	PKCS7 *token = TS_RESP_get_token(response);
-	TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
-	int ret = 0;
-
-	/* Check if we have a successful TS_TST_INFO object in place. */
-	if (!TS_check_status_info(response))
-		goto err;
-
-	/* Check the contents of the time stamp token. */
-	if (!int_TS_RESP_verify_token(ctx, token, tst_info))
-		goto err;
-
-	ret = 1;
-
-err:
-	return ret;
-}
-
-/*
- * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
- * calls the internal int_TS_RESP_verify_token function for verifying it.
- */
-int
-TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
-{
-	TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
-	int ret = 0;
-
-	if (tst_info) {
-		ret = int_TS_RESP_verify_token(ctx, token, tst_info);
-		TS_TST_INFO_free(tst_info);
-	}
-	return ret;
-}
-
-/*
- * Verifies whether the 'token' contains a valid time stamp token
- * with regards to the settings of the context. Only those checks are
- * carried out that are specified in the context:
- *	- Verifies the signature of the TS_TST_INFO.
- *	- Checks the version number of the response.
- *	- Check if the requested and returned policies math.
- *	- Check if the message imprints are the same.
- *	- Check if the nonces are the same.
- *	- Check if the TSA name matches the signer.
- *	- Check if the TSA name is the expected TSA.
- */
-static int
-int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token,
-    TS_TST_INFO *tst_info)
-{
-	X509 *signer = NULL;
-	GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
-	X509_ALGOR *md_alg = NULL;
-	unsigned char *imprint = NULL;
-	unsigned imprint_len = 0;
-	int ret = 0;
-
-	/* Verify the signature. */
-	if ((ctx->flags & TS_VFY_SIGNATURE) &&
-	    !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
-		goto err;
-
-	/* Check version number of response. */
-	if ((ctx->flags & TS_VFY_VERSION) &&
-	    TS_TST_INFO_get_version(tst_info) != 1) {
-		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
-		goto err;
-	}
-
-	/* Check policies. */
-	if ((ctx->flags & TS_VFY_POLICY) &&
-	    !TS_check_policy(ctx->policy, tst_info))
-		goto err;
-
-	/* Check message imprints. */
-	if ((ctx->flags & TS_VFY_IMPRINT) &&
-	    !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
-		tst_info))
-		goto err;
-
-	/* Compute and check message imprints. */
-	if ((ctx->flags & TS_VFY_DATA) &&
-	    (!TS_compute_imprint(ctx->data, tst_info,
-	    &md_alg, &imprint, &imprint_len) ||
-	    !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
-		goto err;
-
-	/* Check nonces. */
-	if ((ctx->flags & TS_VFY_NONCE) &&
-	    !TS_check_nonces(ctx->nonce, tst_info))
-		goto err;
-
-	/* Check whether TSA name and signer certificate match. */
-	if ((ctx->flags & TS_VFY_SIGNER) &&
-	    tsa_name && !TS_check_signer_name(tsa_name, signer)) {
-		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
-		goto err;
-	}
-
-	/* Check whether the TSA is the expected one. */
-	if ((ctx->flags & TS_VFY_TSA_NAME) &&
-	    !TS_check_signer_name(ctx->tsa_name, signer)) {
-		TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
-		goto err;
-	}
-
-	ret = 1;
-
-err:
-	X509_free(signer);
-	X509_ALGOR_free(md_alg);
-	free(imprint);
-	return ret;
-}
-
-static int
-TS_check_status_info(TS_RESP *response)
-{
-	TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
-	long status = ASN1_INTEGER_get(info->status);
-	const char *status_text = NULL;
-	char *embedded_status_text = NULL;
-	char failure_text[TS_STATUS_BUF_SIZE] = "";
-
-	/* Check if everything went fine. */
-	if (status == 0 || status == 1)
-		return 1;
-
-	/* There was an error, get the description in status_text. */
-	if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
-		status_text = TS_status_text[status];
-	else
-		status_text = "unknown code";
-
-	/* Set the embedded_status_text to the returned description. */
-	if (sk_ASN1_UTF8STRING_num(info->text) > 0 &&
-	    !(embedded_status_text = TS_get_status_text(info->text)))
-		return 0;
-
-	/* Filling in failure_text with the failure information. */
-	if (info->failure_info) {
-		int i;
-		int first = 1;
-		for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) {
-			if (ASN1_BIT_STRING_get_bit(info->failure_info,
-			    TS_failure_info[i].code)) {
-				if (!first)
-					strlcat(failure_text, ",",
-					    TS_STATUS_BUF_SIZE);
-				else
-					first = 0;
-				strlcat(failure_text, TS_failure_info[i].text,
-				    TS_STATUS_BUF_SIZE);
-			}
-		}
-	}
-	if (failure_text[0] == '\0')
-		strlcpy(failure_text, "unspecified", TS_STATUS_BUF_SIZE);
-
-	/* Making up the error string. */
-	TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
-	ERR_asprintf_error_data
-	    ("status code: %s, status text: %s, failure codes: %s",
-	    status_text,
-	    embedded_status_text ? embedded_status_text : "unspecified",
-	    failure_text);
-	free(embedded_status_text);
-
-	return 0;
-}
-
-static char *
-TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
-{
-	int i;
-	unsigned int length = 0;
-	char *result = NULL;
-
-	/* Determine length first. */
-	for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
-		ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-		length += ASN1_STRING_length(current);
-		length += 1;	/* separator character */
-	}
-	/* Allocate memory (closing '\0' included). */
-	if (!(result = malloc(length))) {
-		TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	/* Concatenate the descriptions. */
-	result[0] = '\0';
-	for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
-		ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
-		if (i > 0)
-			strlcat(result, "/", length);
-		strlcat(result, (const char *)ASN1_STRING_data(current), length);
-	}
-	return result;
-}
-
-static int
-TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
-{
-	ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
-
-	if (OBJ_cmp(req_oid, resp_oid) != 0) {
-		TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info, X509_ALGOR **md_alg,
-    unsigned char **imprint, unsigned *imprint_len)
-{
-	TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
-	X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
-	const EVP_MD *md;
-	EVP_MD_CTX md_ctx;
-	unsigned char buffer[4096];
-	int length;
-
-	*md_alg = NULL;
-	*imprint = NULL;
-
-	/* Return the MD algorithm of the response. */
-	if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
-		goto err;
-
-	/* Getting the MD object. */
-	if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
-		TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
-		goto err;
-	}
-
-	/* Compute message digest. */
-	length = EVP_MD_size(md);
-	if (length < 0)
-		goto err;
-	*imprint_len = length;
-	if (!(*imprint = malloc(*imprint_len))) {
-		TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EVP_DigestInit(&md_ctx, md))
-		goto err;
-	while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
-		if (!EVP_DigestUpdate(&md_ctx, buffer, length))
-			goto err;
-	}
-	if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
-		goto err;
-
-	return 1;
-
-err:
-	X509_ALGOR_free(*md_alg);
-	free(*imprint);
-	*imprint = NULL;
-	*imprint_len = 0;
-	return 0;
-}
-
-static int
-TS_check_imprints(X509_ALGOR *algor_a, unsigned char *imprint_a, unsigned len_a,
-    TS_TST_INFO *tst_info)
-{
-	TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
-	X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
-	int ret = 0;
-
-	/* algor_a is optional. */
-	if (algor_a) {
-		/* Compare algorithm OIDs. */
-		if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
-			goto err;
-
-		/* The parameter must be NULL in both. */
-		if ((algor_a->parameter &&
-		    ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL) ||
-		    (algor_b->parameter &&
-		    ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
-			goto err;
-	}
-
-	/* Compare octet strings. */
-	ret = len_a == (unsigned) ASN1_STRING_length(b->hashed_msg) &&
-	    memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
-
-err:
-	if (!ret)
-		TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
-	return ret;
-}
-
-static int
-TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
-{
-	const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
-
-	/* Error if nonce is missing. */
-	if (!b) {
-		TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
-		return 0;
-	}
-
-	/* No error if a nonce is returned without being requested. */
-	if (ASN1_INTEGER_cmp(a, b) != 0) {
-		TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
-		return 0;
-	}
-
-	return 1;
-}
-
-/* Check if the specified TSA name matches either the subject
-   or one of the subject alternative names of the TSA certificate. */
-static int
-TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
-{
-	STACK_OF(GENERAL_NAME) *gen_names = NULL;
-	int idx = -1;
-	int found = 0;
-
-	if (signer == NULL)
-		return 0;
-
-	/* Check the subject name first. */
-	if (tsa_name->type == GEN_DIRNAME &&
-	    X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
-		return 1;
-
-	/* Check all the alternative names. */
-	gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
-	    NULL, &idx);
-	while (gen_names != NULL &&
-	    !(found = (TS_find_name(gen_names, tsa_name) >= 0))) {
-		/* Get the next subject alternative name,
-		   although there should be no more than one. */
-		GENERAL_NAMES_free(gen_names);
-		gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
-		    NULL, &idx);
-	}
-	if (gen_names)
-		GENERAL_NAMES_free(gen_names);
-
-	return found;
-}
-
-/* Returns 1 if name is in gen_names, 0 otherwise. */
-static int
-TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
-{
-	int i, found;
-	for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names);
-	    ++i) {
-		GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
-		found = GENERAL_NAME_cmp(current, name) == 0;
-	}
-	return found ? i - 1 : -1;
-}
diff --git a/lib/libssl/src/crypto/ts/ts_verify_ctx.c b/lib/libssl/src/crypto/ts/ts_verify_ctx.c
deleted file mode 100644
index 7dda76e7d9a..00000000000
--- a/lib/libssl/src/crypto/ts/ts_verify_ctx.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* $OpenBSD: ts_verify_ctx.c,v 1.8 2015/02/10 09:46:30 miod Exp $ */
-/* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
- * project 2003.
- */
-/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/ts.h>
-
-TS_VERIFY_CTX *
-TS_VERIFY_CTX_new(void)
-{
-	TS_VERIFY_CTX *ctx = calloc(1, sizeof(TS_VERIFY_CTX));
-
-	if (!ctx)
-		TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
-
-	return ctx;
-}
-
-void
-TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
-{
-	memset(ctx, 0, sizeof(TS_VERIFY_CTX));
-}
-
-void
-TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
-{
-	if (!ctx)
-		return;
-
-	TS_VERIFY_CTX_cleanup(ctx);
-	free(ctx);
-}
-
-void
-TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
-{
-	if (!ctx)
-		return;
-
-	X509_STORE_free(ctx->store);
-	sk_X509_pop_free(ctx->certs, X509_free);
-
-	ASN1_OBJECT_free(ctx->policy);
-
-	X509_ALGOR_free(ctx->md_alg);
-	free(ctx->imprint);
-
-	BIO_free_all(ctx->data);
-
-	ASN1_INTEGER_free(ctx->nonce);
-
-	GENERAL_NAME_free(ctx->tsa_name);
-
-	TS_VERIFY_CTX_init(ctx);
-}
-
-TS_VERIFY_CTX *
-TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
-{
-	TS_VERIFY_CTX *ret = ctx;
-	ASN1_OBJECT *policy;
-	TS_MSG_IMPRINT *imprint;
-	X509_ALGOR *md_alg;
-	ASN1_OCTET_STRING *msg;
-	const ASN1_INTEGER *nonce;
-
-	if (ret)
-		TS_VERIFY_CTX_cleanup(ret);
-	else if (!(ret = TS_VERIFY_CTX_new()))
-		return NULL;
-
-	/* Setting flags. */
-	ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
-
-	/* Setting policy. */
-	if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
-		if (!(ret->policy = OBJ_dup(policy)))
-			goto err;
-	} else
-		ret->flags &= ~TS_VFY_POLICY;
-
-	/* Setting md_alg, imprint and imprint_len. */
-	imprint = TS_REQ_get_msg_imprint(req);
-	md_alg = TS_MSG_IMPRINT_get_algo(imprint);
-	if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
-		goto err;
-	msg = TS_MSG_IMPRINT_get_msg(imprint);
-	ret->imprint_len = ASN1_STRING_length(msg);
-	if (!(ret->imprint = malloc(ret->imprint_len)))
-		goto err;
-	memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
-
-	/* Setting nonce. */
-	if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
-		if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
-			goto err;
-	} else
-		ret->flags &= ~TS_VFY_NONCE;
-
-	return ret;
-
-err:
-	if (ctx)
-		TS_VERIFY_CTX_cleanup(ctx);
-	else
-		TS_VERIFY_CTX_free(ret);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/txt_db/txt_db.c b/lib/libssl/src/crypto/txt_db/txt_db.c
deleted file mode 100644
index 26df76a9c2a..00000000000
--- a/lib/libssl/src/crypto/txt_db/txt_db.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/* $OpenBSD: txt_db.c,v 1.18 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/txt_db.h>
-
-#undef BUFSIZE
-#define BUFSIZE	512
-
-TXT_DB *
-TXT_DB_read(BIO *in, int num)
-{
-	TXT_DB *ret = NULL;
-	int er = 1;
-	int esc = 0;
-	long ln = 0;
-	int i, add, n;
-	int size = BUFSIZE;
-	int offset = 0;
-	char *p, *f;
-	OPENSSL_STRING *pp;
-	BUF_MEM *buf = NULL;
-
-	if ((buf = BUF_MEM_new()) == NULL)
-		goto err;
-	if (!BUF_MEM_grow(buf, size))
-		goto err;
-
-	if ((ret = malloc(sizeof(TXT_DB))) == NULL)
-		goto err;
-	ret->num_fields = num;
-	ret->index = NULL;
-	ret->qual = NULL;
-	if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
-		goto err;
-	if ((ret->index = reallocarray(NULL, num, sizeof(*ret->index))) == NULL)
-		goto err;
-	if ((ret->qual = reallocarray(NULL, num, sizeof(*(ret->qual)))) == NULL)
-		goto err;
-	for (i = 0; i < num; i++) {
-		ret->index[i] = NULL;
-		ret->qual[i] = NULL;
-	}
-
-	add = (num + 1)*sizeof(char *);
-	buf->data[size-1] = '\0';
-	offset = 0;
-	for (;;) {
-		if (offset != 0) {
-			size += BUFSIZE;
-			if (!BUF_MEM_grow_clean(buf, size))
-				goto err;
-		}
-		buf->data[offset] = '\0';
-		BIO_gets(in, &(buf->data[offset]), size - offset);
-		ln++;
-		if (buf->data[offset] == '\0')
-			break;
-		if ((offset == 0) && (buf->data[0] == '#'))
-			continue;
-		i = strlen(&(buf->data[offset]));
-		offset += i;
-		if (buf->data[offset-1] != '\n')
-			continue;
-		else {
-			buf->data[offset-1] = '\0'; /* blat the '\n' */
-			if (!(p = malloc(add + offset)))
-				goto err;
-			offset = 0;
-		}
-		pp = (char **)p;
-		p += add;
-		n = 0;
-		pp[n++] = p;
-		i = 0;
-		f = buf->data;
-
-		esc = 0;
-		for (;;) {
-			if (*f == '\0')
-				break;
-			if (*f == '\t') {
-				if (esc)
-					p--;
-				else {
-					*(p++)='\0';
-					f++;
-					if (n >= num)
-						break;
-					pp[n++] = p;
-					continue;
-				}
-			}
-			esc=(*f == '\\');
-			*(p++)= *(f++);
-		}
-		*(p++)='\0';
-		if ((n != num) || (*f != '\0')) {
-			fprintf(stderr, "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f);
-			er = 2;
-			goto err;
-		}
-		pp[n] = p;
-		if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) {
-			fprintf(stderr, "failure in sk_push\n");
-			er = 2;
-			goto err;
-		}
-	}
-	er = 0;
-
-err:
-	BUF_MEM_free(buf);
-	if (er) {
-		if (er == 1)
-			fprintf(stderr, "malloc failure\n");
-		if (ret != NULL) {
-			if (ret->data != NULL)
-				sk_OPENSSL_PSTRING_free(ret->data);
-			free(ret->index);
-			free(ret->qual);
-			free(ret);
-		}
-		return (NULL);
-	} else
-		return (ret);
-}
-
-OPENSSL_STRING *
-TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value)
-{
-	OPENSSL_STRING *ret;
-	LHASH_OF(OPENSSL_STRING) *lh;
-
-	if (idx >= db->num_fields) {
-		db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
-		return (NULL);
-	}
-	lh = db->index[idx];
-	if (lh == NULL) {
-		db->error = DB_ERROR_NO_INDEX;
-		return (NULL);
-	}
-	ret = lh_OPENSSL_STRING_retrieve(lh, value);
-	db->error = DB_ERROR_OK;
-	return (ret);
-}
-
-int
-TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *),
-    LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
-{
-	LHASH_OF(OPENSSL_STRING) *idx;
-	OPENSSL_STRING *r;
-	int i, n;
-
-	if (field >= db->num_fields) {
-		db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
-		return (0);
-	}
-	/* FIXME: we lose type checking at this point */
-	if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) {
-		db->error = DB_ERROR_MALLOC;
-		return (0);
-	}
-	n = sk_OPENSSL_PSTRING_num(db->data);
-	for (i = 0; i < n; i++) {
-		r = sk_OPENSSL_PSTRING_value(db->data, i);
-		if ((qual != NULL) && (qual(r) == 0))
-			continue;
-		if ((r = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
-			db->error = DB_ERROR_INDEX_CLASH;
-			db->arg1 = sk_OPENSSL_PSTRING_find(db->data, r);
-			db->arg2 = i;
-			lh_OPENSSL_STRING_free(idx);
-			return (0);
-		}
-	}
-	if (db->index[field] != NULL)
-		lh_OPENSSL_STRING_free(db->index[field]);
-	db->index[field] = idx;
-	db->qual[field] = qual;
-	return (1);
-}
-
-long
-TXT_DB_write(BIO *out, TXT_DB *db)
-{
-	long i, j,n, nn, l, tot = 0;
-	char *p, **pp, *f;
-	BUF_MEM *buf = NULL;
-	long ret = -1;
-
-	if ((buf = BUF_MEM_new()) == NULL)
-		goto err;
-	n = sk_OPENSSL_PSTRING_num(db->data);
-	nn = db->num_fields;
-	for (i = 0; i < n; i++) {
-		pp = sk_OPENSSL_PSTRING_value(db->data, i);
-
-		l = 0;
-		for (j = 0; j < nn; j++) {
-			if (pp[j] != NULL)
-				l += strlen(pp[j]);
-		}
-		if (!BUF_MEM_grow_clean(buf, (int)(l*2 + nn)))
-			goto err;
-
-		p = buf->data;
-		for (j = 0; j < nn; j++) {
-			f = pp[j];
-			if (f != NULL)
-				for (;;) {
-					if (*f == '\0')
-						break;
-					if (*f == '\t')
-						*(p++) = '\\';
-					*(p++) = *(f++);
-				}
-			*(p++) = '\t';
-		}
-		p[-1] = '\n';
-		j = p - buf->data;
-		if (BIO_write(out, buf->data, (int)j) != j)
-			goto err;
-		tot += j;
-	}
-	ret = tot;
-
-err:
-	if (buf != NULL)
-		BUF_MEM_free(buf);
-	return (ret);
-}
-
-int
-TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
-{
-	int i;
-	OPENSSL_STRING *r;
-
-	for (i = 0; i < db->num_fields; i++) {
-		if (db->index[i] != NULL) {
-			if ((db->qual[i] != NULL) && (db->qual[i](row) == 0))
-				continue;
-			r = lh_OPENSSL_STRING_retrieve(db->index[i], row);
-			if (r != NULL) {
-				db->error = DB_ERROR_INDEX_CLASH;
-				db->arg1 = i;
-				db->arg_row = r;
-				goto err;
-			}
-		}
-	}
-	/* We have passed the index checks, now just append and insert */
-	if (!sk_OPENSSL_PSTRING_push(db->data, row)) {
-		db->error = DB_ERROR_MALLOC;
-		goto err;
-	}
-
-	for (i = 0; i < db->num_fields; i++) {
-		if (db->index[i] != NULL) {
-			if ((db->qual[i] != NULL) && (db->qual[i](row) == 0))
-				continue;
-			(void)lh_OPENSSL_STRING_insert(db->index[i], row);
-		}
-	}
-	return (1);
-
-err:
-	return (0);
-}
-
-void
-TXT_DB_free(TXT_DB *db)
-{
-	int i, n;
-	char **p, *max;
-
-	if (db == NULL)
-		return;
-
-	if (db->index != NULL) {
-		for (i = db->num_fields - 1; i >= 0; i--)
-			if (db->index[i] != NULL)
-				lh_OPENSSL_STRING_free(db->index[i]);
-		free(db->index);
-	}
-	free(db->qual);
-	if (db->data != NULL) {
-		for (i = sk_OPENSSL_PSTRING_num(db->data) - 1; i >= 0; i--) {
-			/* check if any 'fields' have been allocated
-			 * from outside of the initial block */
-			p = sk_OPENSSL_PSTRING_value(db->data, i);
-			max = p[db->num_fields]; /* last address */
-			if (max == NULL) /* new row */
-			{
-				for (n = 0; n < db->num_fields; n++)
-					free(p[n]);
-			} else {
-				for (n = 0; n < db->num_fields; n++) {
-					if (((p[n] < (char *)p) ||
-					    (p[n] > max)) &&
-					    (p[n] != NULL))
-						free(p[n]);
-				}
-			}
-			free(sk_OPENSSL_PSTRING_value(db->data, i));
-		}
-		sk_OPENSSL_PSTRING_free(db->data);
-	}
-	free(db);
-}
diff --git a/lib/libssl/src/crypto/txt_db/txt_db.h b/lib/libssl/src/crypto/txt_db/txt_db.h
deleted file mode 100644
index 56b6b42482d..00000000000
--- a/lib/libssl/src/crypto/txt_db/txt_db.h
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: txt_db.h,v 1.9 2014/07/10 22:45:58 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_TXT_DB_H
-#define HEADER_TXT_DB_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/lhash.h>
-
-#define DB_ERROR_OK			0
-#define DB_ERROR_MALLOC			1
-#define DB_ERROR_INDEX_CLASH    	2
-#define DB_ERROR_INDEX_OUT_OF_RANGE	3
-#define DB_ERROR_NO_INDEX		4
-#define DB_ERROR_INSERT_INDEX_CLASH    	5
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef OPENSSL_STRING *OPENSSL_PSTRING;
-DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
-
-typedef struct txt_db_st {
-	int num_fields;
-	STACK_OF(OPENSSL_PSTRING) *data;
-	LHASH_OF(OPENSSL_STRING) **index;
-	int (**qual)(OPENSSL_STRING *);
-	long error;
-	long arg1;
-	long arg2;
-	OPENSSL_STRING *arg_row;
-} TXT_DB;
-
-#ifndef OPENSSL_NO_BIO
-TXT_DB *TXT_DB_read(BIO *in, int num);
-long TXT_DB_write(BIO *out, TXT_DB *db);
-#else
-TXT_DB *TXT_DB_read(char *in, int num);
-long TXT_DB_write(char *out, TXT_DB *db);
-#endif
-int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(OPENSSL_STRING *),
-    LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
-void TXT_DB_free(TXT_DB *db);
-OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx, OPENSSL_STRING *value);
-int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/ui/ui.h b/lib/libssl/src/crypto/ui/ui.h
deleted file mode 100644
index b6b0075e4d6..00000000000
--- a/lib/libssl/src/crypto/ui/ui.h
+++ /dev/null
@@ -1,384 +0,0 @@
-/* $OpenBSD: ui.h,v 1.9 2014/07/10 22:45:58 jsing Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_H
-#define HEADER_UI_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/crypto.h>
-#endif
-#include <openssl/safestack.h>
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Declared already in ossl_typ.h */
-/* typedef struct ui_st UI; */
-/* typedef struct ui_method_st UI_METHOD; */
-
-
-/* All the following functions return -1 or NULL on error and in some cases
-   (UI_process()) -2 if interrupted or in some other way cancelled.
-   When everything is fine, they return 0, a positive value or a non-NULL
-   pointer, all depending on their purpose. */
-
-/* Creators and destructor.   */
-UI *UI_new(void);
-UI *UI_new_method(const UI_METHOD *method);
-void UI_free(UI *ui);
-
-/* The following functions are used to add strings to be printed and prompt
-   strings to prompt for data.  The names are UI_{add,dup}_<function>_string
-   and UI_{add,dup}_input_boolean.
-
-   UI_{add,dup}_<function>_string have the following meanings:
-	add	add a text or prompt string.  The pointers given to these
-		functions are used verbatim, no copying is done.
-	dup	make a copy of the text or prompt string, then add the copy
-		to the collection of strings in the user interface.
-	<function>
-		The function is a name for the functionality that the given
-		string shall be used for.  It can be one of:
-			input	use the string as data prompt.
-			verify	use the string as verification prompt.  This
-				is used to verify a previous input.
-			info	use the string for informational output.
-			error	use the string for error output.
-   Honestly, there's currently no difference between info and error for the
-   moment.
-
-   UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
-   and are typically used when one wants to prompt for a yes/no response.
-
-
-   All of the functions in this group take a UI and a prompt string.
-   The string input and verify addition functions also take a flag argument,
-   a buffer for the result to end up with, a minimum input size and a maximum
-   input size (the result buffer MUST be large enough to be able to contain
-   the maximum number of characters).  Additionally, the verify addition
-   functions takes another buffer to compare the result against.
-   The boolean input functions take an action description string (which should
-   be safe to ignore if the expected user action is obvious, for example with
-   a dialog box with an OK button and a Cancel button), a string of acceptable
-   characters to mean OK and to mean Cancel.  The two last strings are checked
-   to make sure they don't have common characters.  Additionally, the same
-   flag argument as for the string input is taken, as well as a result buffer.
-   The result buffer is required to be at least one byte long.  Depending on
-   the answer, the first character from the OK or the Cancel character strings
-   will be stored in the first byte of the result buffer.  No NUL will be
-   added, so the result is *not* a string.
-
-   On success, the all return an index of the added information.  That index
-   is usefull when retrieving results with UI_get0_result(). */
-int UI_add_input_string(UI *ui, const char *prompt, int flags,
-    char *result_buf, int minsize, int maxsize);
-int UI_dup_input_string(UI *ui, const char *prompt, int flags,
-    char *result_buf, int minsize, int maxsize);
-int UI_add_verify_string(UI *ui, const char *prompt, int flags,
-    char *result_buf, int minsize, int maxsize, const char *test_buf);
-int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-    char *result_buf, int minsize, int maxsize, const char *test_buf);
-int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-    const char *ok_chars, const char *cancel_chars,
-    int flags, char *result_buf);
-int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-    const char *ok_chars, const char *cancel_chars,
-    int flags, char *result_buf);
-int UI_add_info_string(UI *ui, const char *text);
-int UI_dup_info_string(UI *ui, const char *text);
-int UI_add_error_string(UI *ui, const char *text);
-int UI_dup_error_string(UI *ui, const char *text);
-
-/* These are the possible flags.  They can be or'ed together. */
-/* Use to have echoing of input */
-#define UI_INPUT_FLAG_ECHO		0x01
-/* Use a default password.  Where that password is found is completely
-   up to the application, it might for example be in the user data set
-   with UI_add_user_data().  It is not recommended to have more than
-   one input in each UI being marked with this flag, or the application
-   might get confused. */
-#define UI_INPUT_FLAG_DEFAULT_PWD	0x02
-
-/* The user of these routines may want to define flags of their own.  The core
-   UI won't look at those, but will pass them on to the method routines.  They
-   must use higher bits so they don't get confused with the UI bits above.
-   UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
-   example of use is this:
-
-	#define MY_UI_FLAG1	(0x01 << UI_INPUT_FLAG_USER_BASE)
-
-*/
-#define UI_INPUT_FLAG_USER_BASE	16
-
-
-/* The following function helps construct a prompt.  object_desc is a
-   textual short description of the object, for example "pass phrase",
-   and object_name is the name of the object (might be a card name or
-   a file name.
-   The returned string shall always be allocated on the heap with
-   malloc(), and need to be free'd with free().
-
-   If the ui_method doesn't contain a pointer to a user-defined prompt
-   constructor, a default string is built, looking like this:
-
-	"Enter {object_desc} for {object_name}:"
-
-   So, if object_desc has the value "pass phrase" and object_name has
-   the value "foo.key", the resulting string is:
-
-	"Enter pass phrase for foo.key:"
-*/
-char *UI_construct_prompt(UI *ui_method, const char *object_desc,
-    const char *object_name);
-
-
-/* The following function is used to store a pointer to user-specific data.
-   Any previous such pointer will be returned and replaced.
-
-   For callback purposes, this function makes a lot more sense than using
-   ex_data, since the latter requires that different parts of OpenSSL or
-   applications share the same ex_data index.
-
-   Note that the UI_OpenSSL() method completely ignores the user data.
-   Other methods may not, however.  */
-void *UI_add_user_data(UI *ui, void *user_data);
-/* We need a user data retrieving function as well.  */
-void *UI_get0_user_data(UI *ui);
-
-/* Return the result associated with a prompt given with the index i. */
-const char *UI_get0_result(UI *ui, int i);
-
-/* When all strings have been added, process the whole thing. */
-int UI_process(UI *ui);
-
-/* Give a user interface parametrised control commands.  This can be used to
-   send down an integer, a data pointer or a function pointer, as well as
-   be used to get information from a UI. */
-int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)(void));
-
-/* The commands */
-/* Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
-   OpenSSL error stack before printing any info or added error messages and
-   before any prompting. */
-#define UI_CTRL_PRINT_ERRORS		1
-/* Check if a UI_process() is possible to do again with the same instance of
-   a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
-   if not. */
-#define UI_CTRL_IS_REDOABLE		2
-
-
-/* Some methods may use extra data */
-#define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
-#define UI_get_app_data(s)             UI_get_ex_data(s,0)
-int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int UI_set_ex_data(UI *r, int idx, void *arg);
-void *UI_get_ex_data(UI *r, int idx);
-
-/* Use specific methods instead of the built-in one */
-void UI_set_default_method(const UI_METHOD *meth);
-const UI_METHOD *UI_get_default_method(void);
-const UI_METHOD *UI_get_method(UI *ui);
-const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
-
-/* The method with all the built-in thingies */
-UI_METHOD *UI_OpenSSL(void);
-
-
-/* ---------- For method writers ---------- */
-/* A method contains a number of functions that implement the low level
-   of the User Interface.  The functions are:
-
-	an opener	This function starts a session, maybe by opening
-			a channel to a tty, or by opening a window.
-	a writer	This function is called to write a given string,
-			maybe to the tty, maybe as a field label in a
-			window.
-	a flusher	This function is called to flush everything that
-			has been output so far.  It can be used to actually
-			display a dialog box after it has been built.
-	a reader	This function is called to read a given prompt,
-			maybe from the tty, maybe from a field in a
-			window.  Note that it's called wth all string
-			structures, not only the prompt ones, so it must
-			check such things itself.
-	a closer	This function closes the session, maybe by closing
-			the channel to the tty, or closing the window.
-
-   All these functions are expected to return:
-
-	0	on error.
-	1	on success.
-	-1	on out-of-band events, for example if some prompting has
-		been canceled (by pressing Ctrl-C, for example).  This is
-		only checked when returned by the flusher or the reader.
-
-   The way this is used, the opener is first called, then the writer for all
-   strings, then the flusher, then the reader for all strings and finally the
-   closer.  Note that if you want to prompt from a terminal or other command
-   line interface, the best is to have the reader also write the prompts
-   instead of having the writer do it.  If you want to prompt from a dialog
-   box, the writer can be used to build up the contents of the box, and the
-   flusher to actually display the box and run the event loop until all data
-   has been given, after which the reader only grabs the given data and puts
-   them back into the UI strings.
-
-   All method functions take a UI as argument.  Additionally, the writer and
-   the reader take a UI_STRING.
-*/
-
-/* The UI_STRING type is the data structure that contains all the needed info
-   about a string or a prompt, including test data for a verification prompt.
-*/
-typedef struct ui_string_st UI_STRING;
-DECLARE_STACK_OF(UI_STRING)
-
-/* The different types of strings that are currently supported.
-   This is only needed by method authors. */
-enum UI_string_types {
-	UIT_NONE = 0,
-	UIT_PROMPT,		/* Prompt for a string */
-	UIT_VERIFY,		/* Prompt for a string and verify */
-	UIT_BOOLEAN,		/* Prompt for a yes/no response */
-	UIT_INFO,		/* Send info to the user */
-	UIT_ERROR		/* Send an error message to the user */
-};
-
-/* Create and manipulate methods */
-UI_METHOD *UI_create_method(char *name);
-void UI_destroy_method(UI_METHOD *ui_method);
-int UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui));
-int UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis));
-int UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui));
-int UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis));
-int UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui));
-int UI_method_set_prompt_constructor(UI_METHOD *method, char *(*prompt_constructor)(UI* ui, const char* object_desc, const char* object_name));
-int (*UI_method_get_opener(UI_METHOD *method))(UI*);
-int (*UI_method_get_writer(UI_METHOD *method))(UI*, UI_STRING*);
-int (*UI_method_get_flusher(UI_METHOD *method))(UI*);
-int (*UI_method_get_reader(UI_METHOD *method))(UI*, UI_STRING*);
-int (*UI_method_get_closer(UI_METHOD *method))(UI*);
-char * (*UI_method_get_prompt_constructor(UI_METHOD *method))(UI*, const char*, const char*);
-
-/* The following functions are helpers for method writers to access relevant
-   data from a UI_STRING. */
-
-/* Return type of the UI_STRING */
-enum UI_string_types UI_get_string_type(UI_STRING *uis);
-/* Return input flags of the UI_STRING */
-int UI_get_input_flags(UI_STRING *uis);
-/* Return the actual string to output (the prompt, info or error) */
-const char *UI_get0_output_string(UI_STRING *uis);
-/* Return the optional action string to output (the boolean promtp instruction) */
-const char *UI_get0_action_string(UI_STRING *uis);
-/* Return the result of a prompt */
-const char *UI_get0_result_string(UI_STRING *uis);
-/* Return the string to test the result against.  Only useful with verifies. */
-const char *UI_get0_test_string(UI_STRING *uis);
-/* Return the required minimum size of the result */
-int UI_get_result_minsize(UI_STRING *uis);
-/* Return the required maximum size of the result */
-int UI_get_result_maxsize(UI_STRING *uis);
-/* Set the result of a UI_STRING. */
-int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
-
-
-/* A couple of popular utility functions */
-int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify);
-int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, int verify);
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_UI_strings(void);
-
-/* Error codes for the UI functions. */
-
-/* Function codes. */
-#define UI_F_GENERAL_ALLOCATE_BOOLEAN			 108
-#define UI_F_GENERAL_ALLOCATE_PROMPT			 109
-#define UI_F_GENERAL_ALLOCATE_STRING			 100
-#define UI_F_UI_CTRL					 111
-#define UI_F_UI_DUP_ERROR_STRING			 101
-#define UI_F_UI_DUP_INFO_STRING				 102
-#define UI_F_UI_DUP_INPUT_BOOLEAN			 110
-#define UI_F_UI_DUP_INPUT_STRING			 103
-#define UI_F_UI_DUP_VERIFY_STRING			 106
-#define UI_F_UI_GET0_RESULT				 107
-#define UI_F_UI_NEW_METHOD				 104
-#define UI_F_UI_SET_RESULT				 105
-
-/* Reason codes. */
-#define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS		 104
-#define UI_R_INDEX_TOO_LARGE				 102
-#define UI_R_INDEX_TOO_SMALL				 103
-#define UI_R_NO_RESULT_BUFFER				 105
-#define UI_R_RESULT_TOO_LARGE				 100
-#define UI_R_RESULT_TOO_SMALL				 101
-#define UI_R_UNKNOWN_CONTROL_COMMAND			 106
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ui/ui_compat.h b/lib/libssl/src/crypto/ui/ui_compat.h
deleted file mode 100644
index 860e80c83c5..00000000000
--- a/lib/libssl/src/crypto/ui/ui_compat.h
+++ /dev/null
@@ -1,83 +0,0 @@
-/* $OpenBSD: ui_compat.h,v 1.4 2014/06/12 15:49:31 deraadt Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_COMPAT_H
-#define HEADER_UI_COMPAT_H
-
-#include <openssl/opensslconf.h>
-#include <openssl/ui.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* The following functions were previously part of the DES section,
-   and are provided here for backward compatibility reasons. */
-
-#define des_read_pw_string(b,l,p,v) \
-	_ossl_old_des_read_pw_string((b),(l),(p),(v))
-#define des_read_pw(b,bf,s,p,v) \
-	_ossl_old_des_read_pw((b),(bf),(s),(p),(v))
-
-int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt, int verify);
-int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/ui/ui_err.c b/lib/libssl/src/crypto/ui/ui_err.c
deleted file mode 100644
index 576f334796e..00000000000
--- a/lib/libssl/src/crypto/ui/ui_err.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: ui_err.c,v 1.8 2014/07/10 22:45:58 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/ui.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
-
-static ERR_STRING_DATA UI_str_functs[] = {
-	{ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "GENERAL_ALLOCATE_BOOLEAN"},
-	{ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "GENERAL_ALLOCATE_PROMPT"},
-	{ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
-	{ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
-	{ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
-	{ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
-	{ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN), "UI_dup_input_boolean"},
-	{ERR_FUNC(UI_F_UI_DUP_INPUT_STRING), "UI_dup_input_string"},
-	{ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
-	{ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
-	{ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
-	{ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA UI_str_reasons[] = {
-	{ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS), "common ok and cancel characters"},
-	{ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"},
-	{ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"},
-	{ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"},
-	{ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"},
-	{ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"},
-	{ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_UI_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(UI_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, UI_str_functs);
-		ERR_load_strings(0, UI_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/ui/ui_lib.c b/lib/libssl/src/crypto/ui/ui_lib.c
deleted file mode 100644
index 80f0992ddd5..00000000000
--- a/lib/libssl/src/crypto/ui/ui_lib.c
+++ /dev/null
@@ -1,885 +0,0 @@
-/* $OpenBSD: ui_lib.c,v 1.31 2016/04/28 16:42:28 tedu Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/ui.h>
-
-#include "ui_locl.h"
-
-static const UI_METHOD *default_UI_meth = NULL;
-
-UI *
-UI_new(void)
-{
-	return (UI_new_method(NULL));
-}
-
-UI *
-UI_new_method(const UI_METHOD *method)
-{
-	UI *ret;
-
-	ret = malloc(sizeof(UI));
-	if (ret == NULL) {
-		UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	if (method == NULL)
-		ret->meth = UI_get_default_method();
-	else
-		ret->meth = method;
-
-	ret->strings = NULL;
-	ret->user_data = NULL;
-	ret->flags = 0;
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
-	return ret;
-}
-
-static void
-free_string(UI_STRING *uis)
-{
-	if (uis->flags & OUT_STRING_FREEABLE) {
-		free((char *) uis->out_string);
-		switch (uis->type) {
-		case UIT_BOOLEAN:
-			free((char *)uis->_.boolean_data.action_desc);
-			free((char *)uis->_.boolean_data.ok_chars);
-			free((char *)uis->_.boolean_data.cancel_chars);
-			break;
-		default:
-			break;
-		}
-	}
-	free(uis);
-}
-
-void
-UI_free(UI *ui)
-{
-	if (ui == NULL)
-		return;
-	sk_UI_STRING_pop_free(ui->strings, free_string);
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
-	free(ui);
-}
-
-static int
-allocate_string_stack(UI *ui)
-{
-	if (ui->strings == NULL) {
-		ui->strings = sk_UI_STRING_new_null();
-		if (ui->strings == NULL) {
-			return -1;
-		}
-	}
-	return 0;
-}
-
-static UI_STRING *
-general_allocate_prompt(UI *ui, const char *prompt, int prompt_freeable,
-    enum UI_string_types type, int input_flags, char *result_buf)
-{
-	UI_STRING *ret = NULL;
-
-	if (prompt == NULL) {
-		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT,
-		    ERR_R_PASSED_NULL_PARAMETER);
-	} else if ((type == UIT_PROMPT || type == UIT_VERIFY ||
-	    type == UIT_BOOLEAN) && result_buf == NULL) {
-		UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
-	} else if ((ret = malloc(sizeof(UI_STRING)))) {
-		ret->out_string = prompt;
-		ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
-		ret->input_flags = input_flags;
-		ret->type = type;
-		ret->result_buf = result_buf;
-	}
-	return ret;
-}
-
-static int
-general_allocate_string(UI *ui, const char *prompt, int prompt_freeable,
-    enum UI_string_types type, int input_flags, char *result_buf, int minsize,
-    int maxsize, const char *test_buf)
-{
-	int ret = -1;
-	UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
-	    type, input_flags, result_buf);
-
-	if (s) {
-		if (allocate_string_stack(ui) >= 0) {
-			s->_.string_data.result_minsize = minsize;
-			s->_.string_data.result_maxsize = maxsize;
-			s->_.string_data.test_buf = test_buf;
-			ret = sk_UI_STRING_push(ui->strings, s);
-			/* sk_push() returns 0 on error.  Let's adapt that */
-			if (ret <= 0)
-				ret--;
-		} else
-			free_string(s);
-	}
-	return ret;
-}
-
-static int
-general_allocate_boolean(UI *ui, const char *prompt, const char *action_desc,
-    const char *ok_chars, const char *cancel_chars, int prompt_freeable,
-    enum UI_string_types type, int input_flags, char *result_buf)
-{
-	int ret = -1;
-	UI_STRING *s;
-	const char *p;
-
-	if (ok_chars == NULL) {
-		UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
-		    ERR_R_PASSED_NULL_PARAMETER);
-	} else if (cancel_chars == NULL) {
-		UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
-		    ERR_R_PASSED_NULL_PARAMETER);
-	} else {
-		for (p = ok_chars; *p; p++) {
-			if (strchr(cancel_chars, *p)) {
-				UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
-				    UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
-			}
-		}
-
-		s = general_allocate_prompt(ui, prompt, prompt_freeable,
-		    type, input_flags, result_buf);
-
-		if (s) {
-			if (allocate_string_stack(ui) >= 0) {
-				s->_.boolean_data.action_desc = action_desc;
-				s->_.boolean_data.ok_chars = ok_chars;
-				s->_.boolean_data.cancel_chars = cancel_chars;
-				ret = sk_UI_STRING_push(ui->strings, s);
-				/*
-				 * sk_push() returns 0 on error. Let's adapt
-				 * that
-				 */
-				if (ret <= 0)
-					ret--;
-			} else
-				free_string(s);
-		}
-	}
-	return ret;
-}
-
-/* Returns the index to the place in the stack or -1 for error.  Uses a
-   direct reference to the prompt.  */
-int
-UI_add_input_string(UI *ui, const char *prompt, int flags, char *result_buf,
-    int minsize, int maxsize)
-{
-	return general_allocate_string(ui, prompt, 0, UIT_PROMPT, flags,
-	    result_buf, minsize, maxsize, NULL);
-}
-
-/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
-int
-UI_dup_input_string(UI *ui, const char *prompt, int flags, char *result_buf,
-    int minsize, int maxsize)
-{
-	char *prompt_copy = NULL;
-
-	if (prompt) {
-		prompt_copy = strdup(prompt);
-		if (prompt_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-	}
-	return general_allocate_string(ui, prompt_copy, 1, UIT_PROMPT, flags,
-	    result_buf, minsize, maxsize, NULL);
-}
-
-int
-UI_add_verify_string(UI *ui, const char *prompt, int flags, char *result_buf,
-    int minsize, int maxsize, const char *test_buf)
-{
-	return general_allocate_string(ui, prompt, 0, UIT_VERIFY, flags,
-	    result_buf, minsize, maxsize, test_buf);
-}
-
-int
-UI_dup_verify_string(UI *ui, const char *prompt, int flags,
-    char *result_buf, int minsize, int maxsize, const char *test_buf)
-{
-	char *prompt_copy = NULL;
-
-	if (prompt) {
-		prompt_copy = strdup(prompt);
-		if (prompt_copy == NULL) {
-			UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-	}
-	return general_allocate_string(ui, prompt_copy, 1, UIT_VERIFY, flags,
-	    result_buf, minsize, maxsize, test_buf);
-}
-
-int
-UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-    const char *ok_chars, const char *cancel_chars, int flags, char *result_buf)
-{
-	return general_allocate_boolean(ui, prompt, action_desc, ok_chars,
-	    cancel_chars, 0, UIT_BOOLEAN, flags, result_buf);
-}
-
-int
-UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
-    const char *ok_chars, const char *cancel_chars, int flags, char *result_buf)
-{
-	char *prompt_copy = NULL;
-	char *action_desc_copy = NULL;
-	char *ok_chars_copy = NULL;
-	char *cancel_chars_copy = NULL;
-
-	if (prompt) {
-		prompt_copy = strdup(prompt);
-		if (prompt_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	if (action_desc) {
-		action_desc_copy = strdup(action_desc);
-		if (action_desc_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	if (ok_chars) {
-		ok_chars_copy = strdup(ok_chars);
-		if (ok_chars_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	if (cancel_chars) {
-		cancel_chars_copy = strdup(cancel_chars);
-		if (cancel_chars_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
-	    ok_chars_copy, cancel_chars_copy, 1, UIT_BOOLEAN, flags,
-	    result_buf);
-
-err:
-	free(prompt_copy);
-	free(action_desc_copy);
-	free(ok_chars_copy);
-	free(cancel_chars_copy);
-	return -1;
-}
-
-int
-UI_add_info_string(UI *ui, const char *text)
-{
-	return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
-	    NULL);
-}
-
-int
-UI_dup_info_string(UI *ui, const char *text)
-{
-	char *text_copy = NULL;
-
-	if (text) {
-		text_copy = strdup(text);
-		if (text_copy == NULL) {
-			UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-	}
-	return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
-	    0, 0, NULL);
-}
-
-int
-UI_add_error_string(UI *ui, const char *text)
-{
-	return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
-	    NULL);
-}
-
-int
-UI_dup_error_string(UI *ui, const char *text)
-{
-	char *text_copy = NULL;
-
-	if (text) {
-		text_copy = strdup(text);
-		if (text_copy == NULL) {
-			UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
-			return -1;
-		}
-	}
-	return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
-	    0, 0, NULL);
-}
-
-char *
-UI_construct_prompt(UI *ui, const char *object_desc, const char *object_name)
-{
-	char *prompt;
-
-	if (ui->meth->ui_construct_prompt)
-		return ui->meth->ui_construct_prompt(ui, object_desc,
-		    object_name);
-
-	if (object_desc == NULL)
-		return NULL;
-
-	if (object_name == NULL) {
-		if (asprintf(&prompt, "Enter %s:", object_desc) == -1)
-			return (NULL);
-	} else {
-		if (asprintf(&prompt, "Enter %s for %s:", object_desc,
-		    object_name) == -1)
-			return (NULL);
-	}
-
-	return prompt;
-}
-
-void *
-UI_add_user_data(UI *ui, void *user_data)
-{
-	void *old_data = ui->user_data;
-
-	ui->user_data = user_data;
-	return old_data;
-}
-
-void *
-UI_get0_user_data(UI *ui)
-{
-	return ui->user_data;
-}
-
-const char *
-UI_get0_result(UI *ui, int i)
-{
-	if (i < 0) {
-		UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_SMALL);
-		return NULL;
-	}
-	if (i >= sk_UI_STRING_num(ui->strings)) {
-		UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_LARGE);
-		return NULL;
-	}
-	return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
-}
-
-static int
-print_error(const char *str, size_t len, UI *ui)
-{
-	UI_STRING uis;
-
-	memset(&uis, 0, sizeof(uis));
-	uis.type = UIT_ERROR;
-	uis.out_string = str;
-
-	if (ui->meth->ui_write_string &&
-	    !ui->meth->ui_write_string(ui, &uis))
-		return -1;
-	return 0;
-}
-
-int
-UI_process(UI *ui)
-{
-	int i, ok = 0;
-
-	if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
-		return -1;
-
-	if (ui->flags & UI_FLAG_PRINT_ERRORS)
-		ERR_print_errors_cb(
-		    (int (*)(const char *, size_t, void *)) print_error,
-		    (void *)ui);
-
-	for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
-		if (ui->meth->ui_write_string &&
-		    !ui->meth->ui_write_string(ui,
-			sk_UI_STRING_value(ui->strings, i))) {
-			ok = -1;
-			goto err;
-		}
-	}
-
-	if (ui->meth->ui_flush)
-		switch (ui->meth->ui_flush(ui)) {
-		case -1:	/* Interrupt/Cancel/something... */
-			ok = -2;
-			goto err;
-		case 0:		/* Errors */
-			ok = -1;
-			goto err;
-		default:	/* Success */
-			ok = 0;
-			break;
-		}
-
-	for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
-		if (ui->meth->ui_read_string) {
-			switch (ui->meth->ui_read_string(ui,
-			    sk_UI_STRING_value(ui->strings, i))) {
-			case -1:	/* Interrupt/Cancel/something... */
-				ui->flags &= ~UI_FLAG_REDOABLE;
-				ok = -2;
-				goto err;
-			case 0:		/* Errors */
-				ok = -1;
-				goto err;
-			default:	/* Success */
-				ok = 0;
-				break;
-			}
-		}
-	}
-
-err:
-	if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
-		return -1;
-	return ok;
-}
-
-int
-UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
-{
-	if (ui == NULL) {
-		UIerr(UI_F_UI_CTRL, ERR_R_PASSED_NULL_PARAMETER);
-		return -1;
-	}
-	switch (cmd) {
-	case UI_CTRL_PRINT_ERRORS:
-		{
-			int save_flag = !!(ui->flags & UI_FLAG_PRINT_ERRORS);
-			if (i)
-				ui->flags |= UI_FLAG_PRINT_ERRORS;
-			else
-				ui->flags &= ~UI_FLAG_PRINT_ERRORS;
-			return save_flag;
-		}
-	case UI_CTRL_IS_REDOABLE:
-		return !!(ui->flags & UI_FLAG_REDOABLE);
-	default:
-		break;
-	}
-	UIerr(UI_F_UI_CTRL, UI_R_UNKNOWN_CONTROL_COMMAND);
-	return -1;
-}
-
-int
-UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
-	    new_func, dup_func, free_func);
-}
-
-int
-UI_set_ex_data(UI *r, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-
-void *
-UI_get_ex_data(UI *r, int idx)
-{
-	return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-
-void
-UI_set_default_method(const UI_METHOD *meth)
-{
-	default_UI_meth = meth;
-}
-
-const UI_METHOD *
-UI_get_default_method(void)
-{
-	if (default_UI_meth == NULL) {
-		default_UI_meth = UI_OpenSSL();
-	}
-	return default_UI_meth;
-}
-
-const UI_METHOD *
-UI_get_method(UI *ui)
-{
-	return ui->meth;
-}
-
-const UI_METHOD *
-UI_set_method(UI *ui, const UI_METHOD *meth)
-{
-	ui->meth = meth;
-	return ui->meth;
-}
-
-
-UI_METHOD *
-UI_create_method(char *name)
-{
-	UI_METHOD *ui_method = calloc(1, sizeof(UI_METHOD));
-
-	if (ui_method && name)
-		ui_method->name = strdup(name);
-
-	return ui_method;
-}
-
-/* BIG FSCKING WARNING!!!!  If you use this on a statically allocated method
-   (that is, it hasn't been allocated using UI_create_method(), you deserve
-   anything Murphy can throw at you and more!  You have been warned. */
-void
-UI_destroy_method(UI_METHOD *ui_method)
-{
-	free(ui_method->name);
-	ui_method->name = NULL;
-	free(ui_method);
-}
-
-int
-UI_method_set_opener(UI_METHOD *method, int (*opener)(UI *ui))
-{
-	if (method) {
-		method->ui_open_session = opener;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-UI_method_set_writer(UI_METHOD *method, int (*writer)(UI *ui, UI_STRING *uis))
-{
-	if (method) {
-		method->ui_write_string = writer;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-UI_method_set_flusher(UI_METHOD *method, int (*flusher)(UI *ui))
-{
-	if (method) {
-		method->ui_flush = flusher;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-UI_method_set_reader(UI_METHOD *method, int (*reader)(UI *ui, UI_STRING *uis))
-{
-	if (method) {
-		method->ui_read_string = reader;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-UI_method_set_closer(UI_METHOD *method, int (*closer)(UI *ui))
-{
-	if (method) {
-		method->ui_close_session = closer;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-UI_method_set_prompt_constructor(UI_METHOD *method,
-    char *(*prompt_constructor)(UI *ui, const char *object_desc,
-    const char *object_name))
-{
-	if (method) {
-		method->ui_construct_prompt = prompt_constructor;
-		return 0;
-	} else
-		return -1;
-}
-
-int
-(*UI_method_get_opener(UI_METHOD * method))(UI *)
-{
-	if (method)
-		return method->ui_open_session;
-	else
-		return NULL;
-}
-
-int
-(*UI_method_get_writer(UI_METHOD *method))(UI *, UI_STRING *)
-{
-	if (method)
-		return method->ui_write_string;
-	else
-		return NULL;
-}
-
-int
-(*UI_method_get_flusher(UI_METHOD *method)) (UI *)
-{
-	if (method)
-		return method->ui_flush;
-	else
-		return NULL;
-}
-
-int
-(*UI_method_get_reader(UI_METHOD *method))(UI *, UI_STRING *)
-{
-	if (method)
-		return method->ui_read_string;
-	else
-		return NULL;
-}
-
-int
-(*UI_method_get_closer(UI_METHOD *method))(UI *)
-{
-	if (method)
-		return method->ui_close_session;
-	else
-		return NULL;
-}
-
-char *
-(*UI_method_get_prompt_constructor(UI_METHOD *method))(UI *, const char *,
-    const char *)
-{
-	if (method)
-		return method->ui_construct_prompt;
-	else
-		return NULL;
-}
-
-enum UI_string_types
-UI_get_string_type(UI_STRING *uis)
-{
-	if (!uis)
-		return UIT_NONE;
-	return uis->type;
-}
-
-int
-UI_get_input_flags(UI_STRING *uis)
-{
-	if (!uis)
-		return 0;
-	return uis->input_flags;
-}
-
-const char *
-UI_get0_output_string(UI_STRING *uis)
-{
-	if (!uis)
-		return NULL;
-	return uis->out_string;
-}
-
-const char *
-UI_get0_action_string(UI_STRING *uis)
-{
-	if (!uis)
-		return NULL;
-	switch (uis->type) {
-	case UIT_PROMPT:
-	case UIT_BOOLEAN:
-		return uis->_.boolean_data.action_desc;
-	default:
-		return NULL;
-	}
-}
-
-const char *
-UI_get0_result_string(UI_STRING *uis)
-{
-	if (!uis)
-		return NULL;
-	switch (uis->type) {
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->result_buf;
-	default:
-		return NULL;
-	}
-}
-
-const char *
-UI_get0_test_string(UI_STRING *uis)
-{
-	if (!uis)
-		return NULL;
-	switch (uis->type) {
-	case UIT_VERIFY:
-		return uis->_.string_data.test_buf;
-	default:
-		return NULL;
-	}
-}
-
-int
-UI_get_result_minsize(UI_STRING *uis)
-{
-	if (!uis)
-		return -1;
-	switch (uis->type) {
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->_.string_data.result_minsize;
-	default:
-		return -1;
-	}
-}
-
-int
-UI_get_result_maxsize(UI_STRING *uis)
-{
-	if (!uis)
-		return -1;
-	switch (uis->type) {
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		return uis->_.string_data.result_maxsize;
-	default:
-		return -1;
-	}
-}
-
-int
-UI_set_result(UI *ui, UI_STRING *uis, const char *result)
-{
-	int l = strlen(result);
-
-	ui->flags &= ~UI_FLAG_REDOABLE;
-
-	if (!uis)
-		return -1;
-	switch (uis->type) {
-	case UIT_PROMPT:
-	case UIT_VERIFY:
-		if (l < uis->_.string_data.result_minsize) {
-			ui->flags |= UI_FLAG_REDOABLE;
-			UIerr(UI_F_UI_SET_RESULT,
-			    UI_R_RESULT_TOO_SMALL);
-			ERR_asprintf_error_data
-			    ("You must type in %d to %d characters",
-				uis->_.string_data.result_minsize,
-				uis->_.string_data.result_maxsize);
-			return -1;
-		}
-		if (l > uis->_.string_data.result_maxsize) {
-			ui->flags |= UI_FLAG_REDOABLE;
-			UIerr(UI_F_UI_SET_RESULT,
-			    UI_R_RESULT_TOO_LARGE);
-			ERR_asprintf_error_data
-			    ("You must type in %d to %d characters",
-				uis->_.string_data.result_minsize,
-				uis->_.string_data.result_maxsize);
-			return -1;
-		}
-		if (!uis->result_buf) {
-			UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
-			return -1;
-		}
-		strlcpy(uis->result_buf, result,
-		    uis->_.string_data.result_maxsize + 1);
-		break;
-	case UIT_BOOLEAN:
-		{
-			const char *p;
-
-			if (!uis->result_buf) {
-				UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
-				return -1;
-			}
-			uis->result_buf[0] = '\0';
-			for (p = result; *p; p++) {
-				if (strchr(uis->_.boolean_data.ok_chars, *p)) {
-					uis->result_buf[0] =
-					    uis->_.boolean_data.ok_chars[0];
-					break;
-				}
-				if (strchr(uis->_.boolean_data.cancel_chars, *p)) {
-					uis->result_buf[0] =
-					    uis->_.boolean_data.cancel_chars[0];
-					break;
-				}
-			}
-		default:
-			break;
-		}
-	}
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/ui/ui_locl.h b/lib/libssl/src/crypto/ui/ui_locl.h
deleted file mode 100644
index c8190d1307d..00000000000
--- a/lib/libssl/src/crypto/ui/ui_locl.h
+++ /dev/null
@@ -1,148 +0,0 @@
-/* $OpenBSD: ui_locl.h,v 1.6 2014/06/12 15:49:31 deraadt Exp $ */
-
-/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_UI_LOCL_H
-#define HEADER_UI_LOCL_H
-
-#include <openssl/ui.h>
-#include <openssl/crypto.h>
-
-#ifdef _
-#undef _
-#endif
-
-struct ui_method_st {
-	char *name;
-
-	/* All the functions return 1 or non-NULL for success and 0 or NULL
-	   for failure */
-
-	/* Open whatever channel for this, be it the console, an X window
-	   or whatever.
-	   This function should use the ex_data structure to save
-	   intermediate data. */
-	int (*ui_open_session)(UI *ui);
-
-	int (*ui_write_string)(UI *ui, UI_STRING *uis);
-
-	/* Flush the output.  If a GUI dialog box is used, this function can
-	   be used to actually display it. */
-	int (*ui_flush)(UI *ui);
-
-	int (*ui_read_string)(UI *ui, UI_STRING *uis);
-
-	int (*ui_close_session)(UI *ui);
-
-	/* Construct a prompt in a user-defined manner.  object_desc is a
-	   textual short description of the object, for example "pass phrase",
-	   and object_name is the name of the object (might be a card name or
-	   a file name.
-	   The returned string shall always be allocated on the heap with
-	   malloc(), and need to be free'd with free(). */
-	char *(*ui_construct_prompt)(UI *ui, const char *object_desc,
-	    const char *object_name);
-};
-
-struct ui_string_st {
-	enum UI_string_types type; /* Input */
-	const char *out_string;	/* Input */
-	int input_flags;	/* Flags from the user */
-
-	/* The following parameters are completely irrelevant for UIT_INFO,
-	   and can therefore be set to 0 or NULL */
-	char *result_buf;	/* Input and Output: If not NULL, user-defined
-				   with size in result_maxsize.  Otherwise, it
-				   may be allocated by the UI routine, meaning
-				   result_minsize is going to be overwritten.*/
-	union {
-		struct {
-			int result_minsize;	/* Input: minimum required
-						   size of the result.
-						*/
-			int result_maxsize;	/* Input: maximum permitted
-						   size of the result */
-
-			const char *test_buf;	/* Input: test string to verify
-						   against */
-		} string_data;
-		struct {
-			const char *action_desc; /* Input */
-			const char *ok_chars; /* Input */
-			const char *cancel_chars; /* Input */
-		} boolean_data;
-	} _;
-
-#define OUT_STRING_FREEABLE 0x01
-	int flags;		/* flags for internal use */
-};
-
-struct ui_st {
-	const UI_METHOD *meth;
-	STACK_OF(UI_STRING) *strings; /* We might want to prompt for more
-					 than one thing at a time, and
-					 with different echoing status.  */
-	void *user_data;
-	CRYPTO_EX_DATA ex_data;
-
-#define UI_FLAG_REDOABLE	0x0001
-#define UI_FLAG_PRINT_ERRORS	0x0100
-	int flags;
-};
-
-#endif
diff --git a/lib/libssl/src/crypto/ui/ui_openssl.c b/lib/libssl/src/crypto/ui/ui_openssl.c
deleted file mode 100644
index 9562c2c937a..00000000000
--- a/lib/libssl/src/crypto/ui/ui_openssl.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* $OpenBSD: ui_openssl.c,v 1.25 2015/09/10 15:56:26 jsing Exp $ */
-/* Written by Richard Levitte (richard@levitte.org) and others
- * for the OpenSSL project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* The lowest level part of this file was previously in crypto/des/read_pwd.c,
- * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/ioctl.h>
-
-#include <openssl/opensslconf.h>
-
-#include <errno.h>
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <termios.h>
-#include <unistd.h>
-
-#include "ui_locl.h"
-
-#ifndef NX509_SIG
-#define NX509_SIG 32
-#endif
-
-/* Define globals.  They are protected by a lock */
-static struct sigaction savsig[NX509_SIG];
-
-static struct termios tty_orig;
-static FILE *tty_in, *tty_out;
-static int is_a_tty;
-
-/* Declare static functions */
-static int read_till_nl(FILE *);
-static void recsig(int);
-static void pushsig(void);
-static void popsig(void);
-static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
-
-static int read_string(UI *ui, UI_STRING *uis);
-static int write_string(UI *ui, UI_STRING *uis);
-
-static int open_console(UI *ui);
-static int echo_console(UI *ui);
-static int noecho_console(UI *ui);
-static int close_console(UI *ui);
-
-static UI_METHOD ui_openssl = {
-	.name = "OpenSSL default user interface",
-	.ui_open_session = open_console,
-	.ui_write_string = write_string,
-	.ui_read_string = read_string,
-	.ui_close_session = close_console,
-};
-
-/* The method with all the built-in thingies */
-UI_METHOD *
-UI_OpenSSL(void)
-{
-	return &ui_openssl;
-}
-
-/* The following function makes sure that info and error strings are printed
-   before any prompt. */
-static int
-write_string(UI *ui, UI_STRING *uis)
-{
-	switch (UI_get_string_type(uis)) {
-	case UIT_ERROR:
-	case UIT_INFO:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fflush(tty_out);
-		break;
-	default:
-		break;
-	}
-	return 1;
-}
-
-static int
-read_string(UI *ui, UI_STRING *uis)
-{
-	int ok = 0;
-
-	switch (UI_get_string_type(uis)) {
-	case UIT_BOOLEAN:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fputs(UI_get0_action_string(uis), tty_out);
-		fflush(tty_out);
-		return read_string_inner(ui, uis,
-		    UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 0);
-	case UIT_PROMPT:
-		fputs(UI_get0_output_string(uis), tty_out);
-		fflush(tty_out);
-		return read_string_inner(ui, uis,
-		    UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO, 1);
-	case UIT_VERIFY:
-		fprintf(tty_out, "Verifying - %s",
-		    UI_get0_output_string(uis));
-		fflush(tty_out);
-		if ((ok = read_string_inner(ui, uis, UI_get_input_flags(uis) &
-		    UI_INPUT_FLAG_ECHO, 1)) <= 0)
-			return ok;
-		if (strcmp(UI_get0_result_string(uis),
-		    UI_get0_test_string(uis)) != 0) {
-			fprintf(tty_out, "Verify failure\n");
-			fflush(tty_out);
-			return 0;
-		}
-		break;
-	default:
-		break;
-	}
-	return 1;
-}
-
-
-/* Internal functions to read a string without echoing */
-static int
-read_till_nl(FILE *in)
-{
-#define SIZE 4
-	char buf[SIZE + 1];
-
-	do {
-		if (!fgets(buf, SIZE, in))
-			return 0;
-	} while (strchr(buf, '\n') == NULL);
-	return 1;
-}
-
-static volatile sig_atomic_t intr_signal;
-
-static int
-read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
-{
-	static int ps;
-	int ok;
-	char result[BUFSIZ];
-	int maxsize = BUFSIZ - 1;
-	char *p;
-
-	intr_signal = 0;
-	ok = 0;
-	ps = 0;
-
-	pushsig();
-	ps = 1;
-
-	if (!echo && !noecho_console(ui))
-		goto error;
-	ps = 2;
-
-	result[0] = '\0';
-	p = fgets(result, maxsize, tty_in);
-	if (!p)
-		goto error;
-	if (feof(tty_in))
-		goto error;
-	if (ferror(tty_in))
-		goto error;
-	if ((p = strchr(result, '\n')) != NULL) {
-		if (strip_nl)
-			*p = '\0';
-	} else if (!read_till_nl(tty_in))
-		goto error;
-	if (UI_set_result(ui, uis, result) >= 0)
-		ok = 1;
-
-error:
-	if (intr_signal == SIGINT)
-		ok = -1;
-	if (!echo)
-		fprintf(tty_out, "\n");
-	if (ps >= 2 && !echo && !echo_console(ui))
-		ok = 0;
-
-	if (ps >= 1)
-		popsig();
-
-	explicit_bzero(result, BUFSIZ);
-	return ok;
-}
-
-
-/* Internal functions to open, handle and close a channel to the console.  */
-static int
-open_console(UI *ui)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_UI);
-	is_a_tty = 1;
-
-#define DEV_TTY "/dev/tty"
-	if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
-		tty_in = stdin;
-	if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
-		tty_out = stderr;
-
-	if (tcgetattr(fileno(tty_in), &tty_orig) == -1) {
-		if (errno == ENOTTY)
-			is_a_tty = 0;
-		else
-			/*
-			 * Ariel Glenn ariel@columbia.edu reports that
-			 * solaris can return EINVAL instead.  This should be
-			 * ok
-			 */
-			if (errno == EINVAL)
-				is_a_tty = 0;
-		else
-			return 0;
-	}
-
-	return 1;
-}
-
-static int
-noecho_console(UI *ui)
-{
-	struct termios tty_new = tty_orig;
-
-	tty_new.c_lflag &= ~ECHO;
-	if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_new) == -1))
-		return 0;
-	return 1;
-}
-
-static int
-echo_console(UI *ui)
-{
-	if (is_a_tty && (tcsetattr(fileno(tty_in), TCSANOW, &tty_orig) == -1))
-		return 0;
-	return 1;
-}
-
-static int
-close_console(UI *ui)
-{
-	if (tty_in != stdin)
-		fclose(tty_in);
-	if (tty_out != stderr)
-		fclose(tty_out);
-	CRYPTO_w_unlock(CRYPTO_LOCK_UI);
-
-	return 1;
-}
-
-
-/* Internal functions to handle signals and act on them */
-static void
-pushsig(void)
-{
-	int i;
-	struct sigaction sa;
-
-	memset(&sa, 0, sizeof sa);
-	sa.sa_handler = recsig;
-
-	for (i = 1; i < NX509_SIG; i++) {
-		if (i == SIGUSR1)
-			continue;
-		if (i == SIGUSR2)
-			continue;
-		if (i == SIGKILL)	/* We can't make any action on that. */
-			continue;
-		sigaction(i, &sa, &savsig[i]);
-	}
-
-	signal(SIGWINCH, SIG_DFL);
-}
-
-static void
-popsig(void)
-{
-	int i;
-	for (i = 1; i < NX509_SIG; i++) {
-		if (i == SIGUSR1)
-			continue;
-		if (i == SIGUSR2)
-			continue;
-		sigaction(i, &savsig[i], NULL);
-	}
-}
-
-static void
-recsig(int i)
-{
-	intr_signal = i;
-}
diff --git a/lib/libssl/src/crypto/ui/ui_util.c b/lib/libssl/src/crypto/ui/ui_util.c
deleted file mode 100644
index d1040c9826a..00000000000
--- a/lib/libssl/src/crypto/ui/ui_util.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* $OpenBSD: ui_util.c,v 1.10 2015/09/10 15:56:26 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/ui_compat.h>
-
-#include "ui_locl.h"
-
-int
-UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
-{
-	char buff[BUFSIZ];
-	int ret;
-
-	ret = UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
-	    prompt, verify);
-	explicit_bzero(buff, BUFSIZ);
-	return (ret);
-}
-
-int
-UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
-{
-	int ok = 0;
-	UI *ui;
-
-	if (size < 1)
-		return -1;
-
-	ui = UI_new();
-	if (ui) {
-		ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
-		if (ok >= 0 && verify)
-			ok = UI_add_verify_string(ui, prompt, 0, buff, 0,
-			    size - 1, buf);
-		if (ok >= 0)
-			ok = UI_process(ui);
-		UI_free(ui);
-	}
-	if (ok > 0)
-		ok = 0;
-	return (ok);
-}
-
-/*
- * Old compatibility glue - see comment in ui_compat.h.
- */
-int
-_ossl_old_des_read_pw_string(char *buf, int length, const char *prompt, int verify)
-{
-	return UI_UTIL_read_pw_string(buf, length, prompt, verify);
-}
-
-int
-_ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt, int verify)
-{
-	return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
-}
diff --git a/lib/libssl/src/crypto/whrlpool/asm/wp-mmx.pl b/lib/libssl/src/crypto/whrlpool/asm/wp-mmx.pl
deleted file mode 100644
index cb2381c22ba..00000000000
--- a/lib/libssl/src/crypto/whrlpool/asm/wp-mmx.pl
+++ /dev/null
@@ -1,493 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# whirlpool_block_mmx implementation.
-#
-*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
-# in 16KB large table, which is tough on L1 cache, but eliminates
-# unaligned references to it. Value of 2 results in 4KB table, but
-# 7/8 of references to it are unaligned. AMD cores seem to be
-# allergic to the latter, while Intel ones - to former [see the
-# table]. I stick to value of 2 for two reasons: 1. smaller table
-# minimizes cache trashing and thus mitigates the hazard of side-
-# channel leakage similar to AES cache-timing one; 2. performance
-# gap among different �-archs is smaller.
-#
-# Performance table lists rounded amounts of CPU cycles spent by
-# whirlpool_block_mmx routine on single 64 byte input block, i.e.
-# smaller is better and asymptotic throughput can be estimated by
-# multiplying 64 by CPU clock frequency and dividing by relevant
-# value from the given table:
-#
-#		$SCALE=2/8	icc8	gcc3	
-# Intel P4	3200/4600	4600(*)	6400
-# Intel PIII	2900/3000	4900	5400
-# AMD K[78]	2500/1800	9900	8200(**)
-#
-# (*)	I've sketched even non-MMX assembler, but for the record
-#	I've failed to beat the Intel compiler on P4, without using
-#	MMX that is...
-# (**)	... on AMD on the other hand non-MMX assembler was observed
-#	to perform significantly better, but I figured this MMX
-#	implementation is even faster anyway, so why bother? As for
-#	pre-MMX AMD core[s], the improvement coefficient is more
-#	than likely to vary anyway and I don't know how. But the
-#	least I know is that gcc-generated code compiled with
-#	-DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
-#	details] and optimized for Pentium was observed to perform
-#	*better* on Pentium 100 than unrolled non-MMX assembler
-#	loop... So we just say that I don't know if maintaining
-#	non-MMX implementation would actually pay off, but till
-#	opposite is proved "unlikely" is assumed.
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"wp-mmx.pl");
-
-sub L()  { &data_byte(@_); }
-sub LL()
-{	if	($SCALE==2)	{ &data_byte(@_); &data_byte(@_); }
-	elsif	($SCALE==8)	{ for ($i=0;$i<8;$i++) {
-					&data_byte(@_);
-					unshift(@_,pop(@_));
-				  }
-				}
-	else			{ die "unvalid SCALE value"; }
-}
-
-sub scale()
-{	if	($SCALE==2)	{ &lea(@_[0],&DWP(0,@_[1],@_[1])); }
-	elsif	($SCALE==8)	{ &lea(@_[0],&DWP(0,"",@_[1],8));  }
-	else			{ die "unvalid SCALE value";       }
-}
-
-sub row()
-{	if	($SCALE==2)	{ ((8-shift)&7); }
-	elsif	($SCALE==8)	{ (8*shift);     }
-	else			{ die "unvalid SCALE value"; }
-}
-
-$tbl="ebp";
-@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
-
-&function_begin_B("whirlpool_block_mmx");
-	&push	("ebp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-
-	&mov	("esi",&wparam(0));		# hash value
-	&mov	("edi",&wparam(1));		# input data stream
-	&mov	("ebp",&wparam(2));		# number of chunks in input
-
-	&mov	("eax","esp");			# copy stack pointer
-	&sub	("esp",128+20);			# allocate frame
-	&and	("esp",-64);			# align for cache-line
-
-	&lea	("ebx",&DWP(128,"esp"));
-	&mov	(&DWP(0,"ebx"),"esi");		# save parameter block
-	&mov	(&DWP(4,"ebx"),"edi");
-	&mov	(&DWP(8,"ebx"),"ebp");
-	&mov	(&DWP(16,"ebx"),"eax");		# saved stack pointer
-
-	&call	(&label("pic_point"));
-&set_label("pic_point");
-	&blindpop($tbl);
-	&lea	($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
-
-	&xor	("ecx","ecx");
-	&xor	("edx","edx");
-
-	for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); }    # L=H
-&set_label("outerloop");
-	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
-	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
-	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
-
-	&xor	("esi","esi");
-	&mov	(&DWP(12,"ebx"),"esi");		# zero round counter
-
-&set_label("round",16);
-	&movq	(@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8));	# rc[r]
-	&mov	("eax",&DWP(0,"esp"));
-	&mov	("ebx",&DWP(4,"esp"));
-for($i=0;$i<8;$i++) {
-    my $func = ($i==0)? \&movq : \&pxor;
-	&movb	(&LB("ecx"),&LB("eax"));
-	&movb	(&LB("edx"),&HB("eax"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&shr	("eax",16);
-	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
-	&$func	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("eax"));
-	&movb	(&LB("edx"),&HB("eax"));
-	&mov	("eax",&DWP(($i+1)*8,"esp"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&$func	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
-	&$func	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("ebx"));
-	&movb	(&LB("edx"),&HB("ebx"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&shr	("ebx",16);
-	&$func	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
-	&$func	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("ebx"));
-	&movb	(&LB("edx"),&HB("ebx"));
-	&mov	("ebx",&DWP(($i+1)*8+4,"esp"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&$func	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
-	&$func	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
-    push(@mm,shift(@mm));
-}
-
-	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
-
-for($i=0;$i<8;$i++) {
-	&movb	(&LB("ecx"),&LB("eax"));
-	&movb	(&LB("edx"),&HB("eax"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&shr	("eax",16);
-	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
-	&pxor	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("eax"));
-	&movb	(&LB("edx"),&HB("eax"));
-	&mov	("eax",&DWP(64+($i+1)*8,"esp"))		if ($i<7);
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&pxor	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
-	&pxor	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("ebx"));
-	&movb	(&LB("edx"),&HB("ebx"));
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&shr	("ebx",16);
-	&pxor	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
-	&pxor	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
-	&movb	(&LB("ecx"),&LB("ebx"));
-	&movb	(&LB("edx"),&HB("ebx"));
-	&mov	("ebx",&DWP(64+($i+1)*8+4,"esp"))	if ($i<7);
-	&scale	("esi","ecx");
-	&scale	("edi","edx");
-	&pxor	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
-	&pxor	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
-    push(@mm,shift(@mm));
-}
-	&lea	("ebx",&DWP(128,"esp"));
-	&mov	("esi",&DWP(12,"ebx"));		# pull round counter
-	&add	("esi",1);
-	&cmp	("esi",10);
-	&je	(&label("roundsdone"));
-
-	&mov	(&DWP(12,"ebx"),"esi");		# update round counter
-	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
-	&jmp	(&label("round"));
-
-&set_label("roundsdone",16);
-	&mov	("esi",&DWP(0,"ebx"));		# reload argument block
-	&mov	("edi",&DWP(4,"ebx"));
-	&mov	("eax",&DWP(8,"ebx"));
-
-	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
-	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); }    # L^=H
-	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); }    # H=L
-
-	&lea	("edi",&DWP(64,"edi"));		# inp+=64
-	&sub	("eax",1);			# num--
-	&jz	(&label("alldone"));
-	&mov	(&DWP(4,"ebx"),"edi");		# update argument block
-	&mov	(&DWP(8,"ebx"),"eax");
-	&jmp	(&label("outerloop"));
-
-&set_label("alldone");
-	&emms	();
-	&mov	("esp",&DWP(16,"ebx"));		# restore saved stack pointer
-	&pop	("edi");
-	&pop	("esi");
-	&pop	("ebx");
-	&pop	("ebp");
-	&ret	();
-
-&align(64);
-&set_label("table");
-	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
-	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
-	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
-	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
-	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
-	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
-	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
-	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
-	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
-	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
-	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
-	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
-	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
-	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
-	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
-	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
-	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
-	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
-	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
-	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
-	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
-	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
-	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
-	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
-	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
-	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
-	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
-	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
-	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
-	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
-	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
-	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
-	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
-	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
-	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
-	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
-	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
-	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
-	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
-	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
-	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
-	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
-	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
-	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
-	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
-	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
-	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
-	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
-	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
-	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
-	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
-	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
-	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
-	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
-	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
-	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
-	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
-	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
-	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
-	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
-	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
-	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
-	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
-	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
-	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
-	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
-	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
-	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
-	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
-	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
-	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
-	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
-	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
-	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
-	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
-	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
-	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
-	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
-	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
-	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
-	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
-	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
-	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
-	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
-	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
-	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
-	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
-	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
-	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
-	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
-	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
-	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
-	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
-	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
-	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
-	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
-	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
-	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
-	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
-	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
-	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
-	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
-	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
-	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
-	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
-	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
-	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
-	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
-	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
-	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
-	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
-	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
-	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
-	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
-	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
-	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
-	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
-	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
-	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
-	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
-	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
-	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
-	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
-	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
-	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
-	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
-	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
-	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
-	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
-	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
-	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
-	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
-	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
-	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
-	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
-	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
-	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
-	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
-	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
-	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
-	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
-	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
-	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
-	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
-	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
-	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
-	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
-	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
-	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
-	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
-	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
-	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
-	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
-	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
-	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
-	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
-	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
-	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
-	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
-	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
-	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
-	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
-	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
-	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
-	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
-	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
-	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
-	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
-	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
-	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
-	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
-	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
-	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
-	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
-	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
-	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
-	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
-	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
-	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
-	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
-	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
-	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
-	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
-	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
-	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
-	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
-	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
-	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
-	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
-	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
-	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
-	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
-	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
-	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
-	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
-	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
-	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
-	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
-	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
-	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
-	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
-	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
-	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
-	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
-	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
-	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
-	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
-	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
-	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
-	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
-	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
-	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
-	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
-	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
-	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
-	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
-	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
-	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
-	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
-	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
-	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
-	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
-	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
-	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
-	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
-	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
-	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
-	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
-	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
-	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
-	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
-	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
-	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
-	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
-	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
-	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
-	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
-	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
-	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
-	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
-	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
-	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
-	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
-	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
-	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
-	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
-	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
-	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
-	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
-	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
-	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
-	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
-	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
-	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
-	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
-	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
-
-	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
-	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
-	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
-	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
-	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
-	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
-	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
-	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
-	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
-	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
-
-&function_end_B("whirlpool_block_mmx");
-&asm_finish(); 
diff --git a/lib/libssl/src/crypto/whrlpool/asm/wp-x86_64.pl b/lib/libssl/src/crypto/whrlpool/asm/wp-x86_64.pl
deleted file mode 100644
index afadd5d2f15..00000000000
--- a/lib/libssl/src/crypto/whrlpool/asm/wp-x86_64.pl
+++ /dev/null
@@ -1,481 +0,0 @@
-#!/usr/bin/env perl
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
-# project. Rights for redistribution and usage in source and binary
-# forms are granted according to the OpenSSL license.
-# ====================================================================
-#
-# whirlpool_block for x86_64.
-#
-# 2500 cycles per 64-byte input block on AMD64, which is *identical*
-# to 32-bit MMX version executed on same CPU. So why did I bother?
-# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
-# over 80% faster than PathScale 1.4, an "ambitious" commercial
-# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
-# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
-# first example when they fail to generate more optimal code, when
-# I believe they had *all* chances to...
-#
-# Note that register and stack frame layout are virtually identical
-# to 32-bit MMX version, except that %r8-15 are used instead of
-# %mm0-8. You can even notice that K[i] and S[i] are loaded to
-# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
-# This is done in order to avoid 64-bit shift penalties on Intel
-# EM64T core. Speaking of which! I bet it's possible to improve
-# Opteron performance by compressing the table to 2KB and replacing
-# unaligned references with complementary rotations [which would
-# incidentally replace lea instructions], but it would definitely
-# just "kill" EM64T, because it has only 1 shifter/rotator [against
-# 3 on Opteron] and which is *unacceptably* slow with 64-bit
-# operand.
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-sub L() { $code.=".byte	".join(',',@_)."\n"; }
-sub LL(){ $code.=".byte	".join(',',@_).",".join(',',@_)."\n"; }
-
-@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
-
-$func="whirlpool_block";
-$table=".Ltable";
-
-$code=<<___;
-.text
-
-.globl	$func
-.type	$func,\@function,3
-.align	16
-$func:
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-
-	mov	%rsp,%r11
-	sub	\$128+40,%rsp
-	and	\$-64,%rsp
-
-	lea	128(%rsp),%r10
-	mov	%rdi,0(%r10)		# save parameter block
-	mov	%rsi,8(%r10)
-	mov	%rdx,16(%r10)
-	mov	%r11,32(%r10)		# saved stack pointer
-.Lprologue:
-
-	mov	%r10,%rbx
-	lea	$table(%rip),%rbp
-
-	xor	%rcx,%rcx
-	xor	%rdx,%rdx
-___
-for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; }	# L=H
-$code.=".Louterloop:\n";
-for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
-for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
-for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
-$code.=<<___;
-	xor	%rsi,%rsi
-	mov	%rsi,24(%rbx)		# zero round counter
-.align	16
-.Lround:
-	mov	4096(%rbp,%rsi,8),@mm[0]	# rc[r]
-	mov	0(%rsp),%eax
-	mov	4(%rsp),%ebx
-___
-for($i=0;$i<8;$i++) {
-    my $func = ($i==0)? "mov" : "xor";
-    $code.=<<___;
-	mov	%al,%cl
-	mov	%ah,%dl
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	shr	\$16,%eax
-	xor	0(%rbp,%rsi,8),@mm[0]
-	$func	7(%rbp,%rdi,8),@mm[1]
-	mov	%al,%cl
-	mov	%ah,%dl
-	mov	$i*8+8(%rsp),%eax		# ($i+1)*8
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	$func	6(%rbp,%rsi,8),@mm[2]
-	$func	5(%rbp,%rdi,8),@mm[3]
-	mov	%bl,%cl
-	mov	%bh,%dl
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	shr	\$16,%ebx
-	$func	4(%rbp,%rsi,8),@mm[4]
-	$func	3(%rbp,%rdi,8),@mm[5]
-	mov	%bl,%cl
-	mov	%bh,%dl
-	mov	$i*8+8+4(%rsp),%ebx		# ($i+1)*8+4
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	$func	2(%rbp,%rsi,8),@mm[6]
-	$func	1(%rbp,%rdi,8),@mm[7]
-___
-    push(@mm,shift(@mm));
-}
-for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
-for($i=0;$i<8;$i++) {
-    $code.=<<___;
-	mov	%al,%cl
-	mov	%ah,%dl
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	shr	\$16,%eax
-	xor	0(%rbp,%rsi,8),@mm[0]
-	xor	7(%rbp,%rdi,8),@mm[1]
-	mov	%al,%cl
-	mov	%ah,%dl
-	`"mov	64+$i*8+8(%rsp),%eax"	if($i<7);`	# 64+($i+1)*8
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	xor	6(%rbp,%rsi,8),@mm[2]
-	xor	5(%rbp,%rdi,8),@mm[3]
-	mov	%bl,%cl
-	mov	%bh,%dl
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	shr	\$16,%ebx
-	xor	4(%rbp,%rsi,8),@mm[4]
-	xor	3(%rbp,%rdi,8),@mm[5]
-	mov	%bl,%cl
-	mov	%bh,%dl
-	`"mov	64+$i*8+8+4(%rsp),%ebx"	if($i<7);`	# 64+($i+1)*8+4
-	lea	(%rcx,%rcx),%rsi
-	lea	(%rdx,%rdx),%rdi
-	xor	2(%rbp,%rsi,8),@mm[6]
-	xor	1(%rbp,%rdi,8),@mm[7]
-___
-    push(@mm,shift(@mm));
-}
-$code.=<<___;
-	lea	128(%rsp),%rbx
-	mov	24(%rbx),%rsi		# pull round counter
-	add	\$1,%rsi
-	cmp	\$10,%rsi
-	je	.Lroundsdone
-
-	mov	%rsi,24(%rbx)		# update round counter
-___
-for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
-$code.=<<___;
-	jmp	.Lround
-.align	16
-.Lroundsdone:
-	mov	0(%rbx),%rdi		# reload argument block
-	mov	8(%rbx),%rsi
-	mov	16(%rbx),%rax
-___
-for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
-for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; }	# L^=H
-for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; }	# H=L
-$code.=<<___;
-	lea	64(%rsi),%rsi		# inp+=64
-	sub	\$1,%rax		# num--
-	jz	.Lalldone
-	mov	%rsi,8(%rbx)		# update parameter block
-	mov	%rax,16(%rbx)
-	jmp	.Louterloop
-.Lalldone:
-	mov	32(%rbx),%rsi		# restore saved pointer
-	mov	(%rsi),%r15
-	mov	8(%rsi),%r14
-	mov	16(%rsi),%r13
-	mov	24(%rsi),%r12
-	mov	32(%rsi),%rbp
-	mov	40(%rsi),%rbx
-	lea	48(%rsi),%rsp
-.Lepilogue:
-	ret
-.size	$func,.-$func
-
-.align	64
-.type	$table,\@object
-$table:
-___
-	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
-	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
-	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
-	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
-	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
-	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
-	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
-	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
-	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
-	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
-	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
-	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
-	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
-	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
-	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
-	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
-	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
-	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
-	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
-	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
-	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
-	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
-	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
-	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
-	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
-	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
-	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
-	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
-	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
-	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
-	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
-	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
-	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
-	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
-	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
-	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
-	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
-	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
-	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
-	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
-	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
-	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
-	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
-	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
-	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
-	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
-	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
-	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
-	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
-	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
-	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
-	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
-	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
-	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
-	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
-	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
-	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
-	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
-	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
-	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
-	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
-	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
-	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
-	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
-	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
-	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
-	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
-	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
-	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
-	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
-	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
-	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
-	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
-	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
-	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
-	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
-	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
-	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
-	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
-	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
-	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
-	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
-	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
-	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
-	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
-	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
-	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
-	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
-	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
-	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
-	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
-	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
-	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
-	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
-	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
-	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
-	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
-	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
-	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
-	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
-	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
-	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
-	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
-	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
-	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
-	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
-	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
-	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
-	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
-	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
-	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
-	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
-	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
-	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
-	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
-	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
-	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
-	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
-	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
-	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
-	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
-	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
-	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
-	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
-	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
-	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
-	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
-	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
-	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
-	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
-	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
-	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
-	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
-	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
-	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
-	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
-	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
-	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
-	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
-	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
-	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
-	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
-	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
-	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
-	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
-	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
-	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
-	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
-	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
-	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
-	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
-	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
-	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
-	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
-	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
-	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
-	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
-	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
-	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
-	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
-	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
-	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
-	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
-	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
-	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
-	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
-	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
-	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
-	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
-	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
-	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
-	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
-	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
-	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
-	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
-	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
-	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
-	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
-	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
-	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
-	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
-	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
-	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
-	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
-	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
-	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
-	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
-	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
-	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
-	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
-	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
-	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
-	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
-	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
-	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
-	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
-	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
-	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
-	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
-	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
-	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
-	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
-	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
-	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
-	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
-	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
-	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
-	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
-	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
-	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
-	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
-	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
-	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
-	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
-	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
-	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
-	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
-	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
-	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
-	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
-	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
-	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
-	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
-	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
-	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
-	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
-	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
-	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
-	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
-	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
-	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
-	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
-	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
-	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
-	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
-	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
-	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
-	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
-	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
-	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
-	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
-	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
-	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
-	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
-	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
-	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
-	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
-	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
-	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
-	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
-	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
-	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
-	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
-	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
-	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
-	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
-
-	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
-	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
-	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
-	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
-	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
-	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
-	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
-	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
-	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
-	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
-
-$code =~ s/\`([^\`]*)\`/eval $1/gem;
-print $code;
-close STDOUT;
diff --git a/lib/libssl/src/crypto/whrlpool/whrlpool.h b/lib/libssl/src/crypto/whrlpool/whrlpool.h
deleted file mode 100644
index 875d34f7d33..00000000000
--- a/lib/libssl/src/crypto/whrlpool/whrlpool.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* $OpenBSD: whrlpool.h,v 1.5 2014/07/10 22:45:58 jsing Exp $ */
-
-#include <stddef.h>
-
-#ifndef HEADER_WHRLPOOL_H
-#define HEADER_WHRLPOOL_H
-
-#include <openssl/opensslconf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define WHIRLPOOL_DIGEST_LENGTH	(512/8)
-#define WHIRLPOOL_BBLOCK	512
-#define WHIRLPOOL_COUNTER	(256/8)
-
-typedef struct	{
-	union	{
-		unsigned char	c[WHIRLPOOL_DIGEST_LENGTH];
-		/* double q is here to ensure 64-bit alignment */
-		double		q[WHIRLPOOL_DIGEST_LENGTH/sizeof(double)];
-		}	H;
-	unsigned char	data[WHIRLPOOL_BBLOCK/8];
-	unsigned int	bitoff;
-	size_t		bitlen[WHIRLPOOL_COUNTER/sizeof(size_t)];
-	} WHIRLPOOL_CTX;
-
-#ifndef OPENSSL_NO_WHIRLPOOL
-int WHIRLPOOL_Init	(WHIRLPOOL_CTX *c);
-int WHIRLPOOL_Update	(WHIRLPOOL_CTX *c,const void *inp,size_t bytes);
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *inp,size_t bits);
-int WHIRLPOOL_Final	(unsigned char *md,WHIRLPOOL_CTX *c);
-unsigned char *WHIRLPOOL(const void *inp,size_t bytes,unsigned char *md);
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/crypto/whrlpool/wp_block.c b/lib/libssl/src/crypto/whrlpool/wp_block.c
deleted file mode 100644
index 9a681c2888a..00000000000
--- a/lib/libssl/src/crypto/whrlpool/wp_block.c
+++ /dev/null
@@ -1,634 +0,0 @@
-/* $OpenBSD: wp_block.c,v 1.10 2016/03/15 20:50:22 krw Exp $ */
-/**
- * The Whirlpool hashing function.
- *
- * <P>
- * <b>References</b>
- *
- * <P>
- * The Whirlpool algorithm was developed by
- * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
- * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
- *
- * See
- *      P.S.L.M. Barreto, V. Rijmen,
- *      ``The Whirlpool hashing function,''
- *      NESSIE submission, 2000 (tweaked version, 2001),
- *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
- *
- * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
- * Vincent Rijmen. Lookup "reference implementations" on
- * <http://planeta.terra.com.br/informatica/paulobarreto/>
- *
- * =============================================================================
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-#include "wp_locl.h"
-#include <string.h>
-#include <machine/endian.h>
-
-typedef unsigned char		u8;
-#if defined(_LP64)
-typedef unsigned long		u64;
-#else
-typedef unsigned long long	u64;
-#endif
-
-#define ROUNDS	10
-
-#undef SMALL_REGISTER_BANK
-#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
-#  define SMALL_REGISTER_BANK
-#  if defined(WHIRLPOOL_ASM)
-#    ifndef OPENSSL_SMALL_FOOTPRINT
-#      define OPENSSL_SMALL_FOOTPRINT	/* it appears that for elder non-MMX
-					   CPUs this is actually faster! */
-#    endif
-#    define GO_FOR_MMX(ctx,inp,num)	do {			\
-	extern unsigned int OPENSSL_ia32cap_P[];		\
-	void whirlpool_block_mmx(void *,const void *,size_t);	\
-	if (!(OPENSSL_ia32cap_P[0] & (1<<23)))	break;		\
-        whirlpool_block_mmx(ctx->H.c,inp,num);	return;		\
-					} while (0)
-#  endif
-#elif defined(__arm__)
-#  define SMALL_REGISTER_BANK
-#elif defined(__vax__)
-#  define SMALL_REGISTER_BANK
-#endif
-
-#undef ROTATE
-#if defined(__GNUC__) && __GNUC__>=2
-#  if defined(__x86_64) || defined(__x86_64__)
-#      define ROTATE(a,n)	({ u64 ret; asm ("rolq %1,%0"	\
-				   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
-#  elif defined(__ia64) || defined(__ia64__)
-#    if BYTE_ORDER == LITTLE_ENDIAN
-#      define ROTATE(a,n)	({ u64 ret; asm ("shrp %0=%1,%1,%2"	\
-				   : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
-#    else
-#      define ROTATE(a,n)	({ u64 ret; asm ("shrp %0=%1,%1,%2"	\
-				   : "=r"(ret) : "r"(a),"M"(n)); ret; })
-#    endif
-#  endif
-#endif
-
-#if defined(OPENSSL_SMALL_FOOTPRINT)
-#  if !defined(ROTATE)
-#    if BYTE_ORDER == LITTLE_ENDIAN	/* little-endians have to rotate left */
-#      define ROTATE(i,n)	((i)<<(n) ^ (i)>>(64-n))
-#    else				/* big-endians have to rotate right */
-#      define ROTATE(i,n)	((i)>>(n) ^ (i)<<(64-n))
-#    endif
-#  endif
-#  if defined(ROTATE) && !defined(__STRICT_ALIGNMENT)
-#    define __STRICT_ALIGNMENT	/* ensure smallest table size */
-#  endif
-#endif
-
-/*
- * Table size depends on __STRICT_ALIGNMENT and whether or not endian-
- * specific ROTATE macro is defined. If __STRICT_ALIGNMENT is not
- * defined, which is normally the case on x86[_64] CPUs, the table is
- * 4KB large unconditionally. Otherwise if ROTATE is defined, the
- * table is 2KB large, and otherwise - 16KB. 2KB table requires a
- * whole bunch of additional rotations, but I'm willing to "trade,"
- * because 16KB table certainly trashes L1 cache. I wish all CPUs
- * could handle unaligned load as 4KB table doesn't trash the cache,
- * nor does it require additional rotations.
- */
-/*
- * Note that every Cn macro expands as two loads: one byte load and
- * one quadword load. One can argue that that many single-byte loads
- * is too excessive, as one could load a quadword and "milk" it for
- * eight 8-bit values instead. Well, yes, but in order to do so *and*
- * avoid excessive loads you have to accommodate a handful of 64-bit
- * values in the register bank and issue a bunch of shifts and mask.
- * It's a tradeoff: loads vs. shift and mask in big register bank[!].
- * On most CPUs eight single-byte loads are faster and I let other
- * ones to depend on smart compiler to fold byte loads if beneficial.
- * Hand-coded assembler would be another alternative:-)
- */
-#ifdef __STRICT_ALIGNMENT
-#  if defined(ROTATE)
-#    define N	1
-#    define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7
-#    define C0(K,i)	(Cx.q[K.c[(i)*8+0]])
-#    define C1(K,i)	ROTATE(Cx.q[K.c[(i)*8+1]],8)
-#    define C2(K,i)	ROTATE(Cx.q[K.c[(i)*8+2]],16)
-#    define C3(K,i)	ROTATE(Cx.q[K.c[(i)*8+3]],24)
-#    define C4(K,i)	ROTATE(Cx.q[K.c[(i)*8+4]],32)
-#    define C5(K,i)	ROTATE(Cx.q[K.c[(i)*8+5]],40)
-#    define C6(K,i)	ROTATE(Cx.q[K.c[(i)*8+6]],48)
-#    define C7(K,i)	ROTATE(Cx.q[K.c[(i)*8+7]],56)
-#  else
-#    define N	8
-#    define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7, \
-					c7,c0,c1,c2,c3,c4,c5,c6, \
-					c6,c7,c0,c1,c2,c3,c4,c5, \
-					c5,c6,c7,c0,c1,c2,c3,c4, \
-					c4,c5,c6,c7,c0,c1,c2,c3, \
-					c3,c4,c5,c6,c7,c0,c1,c2, \
-					c2,c3,c4,c5,c6,c7,c0,c1, \
-					c1,c2,c3,c4,c5,c6,c7,c0
-#    define C0(K,i)	(Cx.q[0+8*K.c[(i)*8+0]])
-#    define C1(K,i)	(Cx.q[1+8*K.c[(i)*8+1]])
-#    define C2(K,i)	(Cx.q[2+8*K.c[(i)*8+2]])
-#    define C3(K,i)	(Cx.q[3+8*K.c[(i)*8+3]])
-#    define C4(K,i)	(Cx.q[4+8*K.c[(i)*8+4]])
-#    define C5(K,i)	(Cx.q[5+8*K.c[(i)*8+5]])
-#    define C6(K,i)	(Cx.q[6+8*K.c[(i)*8+6]])
-#    define C7(K,i)	(Cx.q[7+8*K.c[(i)*8+7]])
-#  endif
-#else
-#  define N	2
-#  define LL(c0,c1,c2,c3,c4,c5,c6,c7)	c0,c1,c2,c3,c4,c5,c6,c7, \
-					c0,c1,c2,c3,c4,c5,c6,c7
-#  define C0(K,i)	(((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
-#  define C1(K,i)	(((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
-#  define C2(K,i)	(((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
-#  define C3(K,i)	(((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
-#  define C4(K,i)	(((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
-#  define C5(K,i)	(((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
-#  define C6(K,i)	(((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
-#  define C7(K,i)	(((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
-#endif
-
-static const
-union	{
-	u8	c[(256*N+ROUNDS)*sizeof(u64)];
-	u64	q[(256*N+ROUNDS)];
-	} Cx = { {
-	/* Note endian-neutral representation:-) */
-	LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8),
-	LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26),
-	LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8),
-	LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb),
-	LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb),
-	LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11),
-	LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09),
-	LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d),
-	LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b),
-	LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff),
-	LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c),
-	LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e),
-	LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96),
-	LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30),
-	LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d),
-	LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8),
-	LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47),
-	LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35),
-	LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37),
-	LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a),
-	LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2),
-	LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c),
-	LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84),
-	LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80),
-	LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5),
-	LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3),
-	LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21),
-	LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c),
-	LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43),
-	LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29),
-	LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d),
-	LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5),
-	LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd),
-	LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8),
-	LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92),
-	LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e),
-	LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13),
-	LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23),
-	LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20),
-	LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44),
-	LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2),
-	LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf),
-	LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c),
-	LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a),
-	LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50),
-	LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9),
-	LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14),
-	LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9),
-	LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c),
-	LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f),
-	LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90),
-	LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07),
-	LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd),
-	LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3),
-	LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d),
-	LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78),
-	LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97),
-	LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02),
-	LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73),
-	LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7),
-	LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6),
-	LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2),
-	LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49),
-	LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56),
-	LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70),
-	LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd),
-	LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb),
-	LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71),
-	LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b),
-	LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf),
-	LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45),
-	LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a),
-	LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4),
-	LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58),
-	LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e),
-	LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f),
-	LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac),
-	LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0),
-	LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef),
-	LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6),
-	LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c),
-	LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12),
-	LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93),
-	LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde),
-	LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6),
-	LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1),
-	LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b),
-	LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f),
-	LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31),
-	LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8),
-	LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9),
-	LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc),
-	LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e),
-	LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b),
-	LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf),
-	LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59),
-	LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2),
-	LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77),
-	LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33),
-	LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4),
-	LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27),
-	LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb),
-	LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89),
-	LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32),
-	LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54),
-	LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d),
-	LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64),
-	LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d),
-	LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d),
-	LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f),
-	LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca),
-	LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7),
-	LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d),
-	LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce),
-	LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f),
-	LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f),
-	LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63),
-	LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a),
-	LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc),
-	LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82),
-	LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a),
-	LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48),
-	LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95),
-	LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf),
-	LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d),
-	LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0),
-	LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91),
-	LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8),
-	LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b),
-	LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00),
-	LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9),
-	LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e),
-	LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1),
-	LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6),
-	LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28),
-	LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3),
-	LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74),
-	LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe),
-	LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d),
-	LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea),
-	LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57),
-	LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38),
-	LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad),
-	LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4),
-	LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda),
-	LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7),
-	LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb),
-	LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9),
-	LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a),
-	LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03),
-	LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a),
-	LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e),
-	LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60),
-	LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc),
-	LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46),
-	LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f),
-	LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76),
-	LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa),
-	LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36),
-	LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae),
-	LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b),
-	LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85),
-	LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e),
-	LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7),
-	LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55),
-	LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a),
-	LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81),
-	LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52),
-	LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62),
-	LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3),
-	LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10),
-	LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab),
-	LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0),
-	LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5),
-	LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec),
-	LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16),
-	LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94),
-	LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f),
-	LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5),
-	LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98),
-	LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17),
-	LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4),
-	LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1),
-	LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e),
-	LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42),
-	LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34),
-	LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08),
-	LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee),
-	LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61),
-	LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1),
-	LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f),
-	LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24),
-	LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3),
-	LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25),
-	LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22),
-	LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65),
-	LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79),
-	LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69),
-	LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9),
-	LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19),
-	LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe),
-	LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a),
-	LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0),
-	LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99),
-	LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83),
-	LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04),
-	LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66),
-	LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0),
-	LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1),
-	LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd),
-	LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40),
-	LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c),
-	LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18),
-	LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b),
-	LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51),
-	LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05),
-	LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c),
-	LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39),
-	LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa),
-	LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b),
-	LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc),
-	LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e),
-	LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0),
-	LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88),
-	LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67),
-	LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a),
-	LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87),
-	LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1),
-	LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72),
-	LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53),
-	LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01),
-	LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b),
-	LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4),
-	LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3),
-	LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15),
-	LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c),
-	LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5),
-	LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5),
-	LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4),
-	LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba),
-	LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6),
-	LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7),
-	LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06),
-	LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41),
-	LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7),
-	LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f),
-	LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e),
-	LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6),
-	LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2),
-	LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68),
-	LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c),
-	LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed),
-	LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75),
-	LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86),
-	LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b),
-	LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2),
-#define RC	(&(Cx.q[256*N]))
-	0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f,	/* rc[ROUNDS] */
-	0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52,
-	0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35,
-	0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57,
-	0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda,
-	0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85,
-	0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67,
-	0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8,
-	0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e,
-	0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33
-	}
-};
-
-void whirlpool_block(WHIRLPOOL_CTX *ctx,const void *inp,size_t n)
-	{
-	int	r;
-	const u8 *p=inp;
-	union	{ u64 q[8]; u8 c[64]; } S,K,*H=(void *)ctx->H.q;
-
-#ifdef GO_FOR_MMX
-	GO_FOR_MMX(ctx,inp,n);
-#endif
-							do {
-#ifdef OPENSSL_SMALL_FOOTPRINT
-	u64	L[8];
-	int	i;
-
-	for (i=0;i<64;i++)	S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
-	for (r=0;r<ROUNDS;r++)
-		{
-		for (i=0;i<8;i++)
-			{
-			L[i]  = i ? 0 : RC[r];
-			L[i] ^=	C0(K,i)       ^ C1(K,(i-1)&7) ^
-				C2(K,(i-2)&7) ^ C3(K,(i-3)&7) ^
-				C4(K,(i-4)&7) ^ C5(K,(i-5)&7) ^
-				C6(K,(i-6)&7) ^ C7(K,(i-7)&7);
-			}
-		memcpy (K.q,L,64);
-		for (i=0;i<8;i++)
-			{
-			L[i] ^= C0(S,i)       ^ C1(S,(i-1)&7) ^
-				C2(S,(i-2)&7) ^ C3(S,(i-3)&7) ^
-				C4(S,(i-4)&7) ^ C5(S,(i-5)&7) ^
-				C6(S,(i-6)&7) ^ C7(S,(i-7)&7);
-			}
-		memcpy (S.q,L,64);
-		}
-	for (i=0;i<64;i++)	H->c[i] ^= S.c[i] ^ p[i];
-#else
-	u64	L0,L1,L2,L3,L4,L5,L6,L7;
-
-#ifdef __STRICT_ALIGNMENT
-	if ((size_t)p & 7)
-		{
-		memcpy (S.c,p,64);
-		S.q[0] ^= (K.q[0] = H->q[0]);
-		S.q[1] ^= (K.q[1] = H->q[1]);
-		S.q[2] ^= (K.q[2] = H->q[2]);
-		S.q[3] ^= (K.q[3] = H->q[3]);
-		S.q[4] ^= (K.q[4] = H->q[4]);
-		S.q[5] ^= (K.q[5] = H->q[5]);
-		S.q[6] ^= (K.q[6] = H->q[6]);
-		S.q[7] ^= (K.q[7] = H->q[7]);
-		}
-	else
-#endif
-		{
-		const u64 *pa = (const u64*)p;
-		S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
-		S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
-		S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
-		S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
-		S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
-		S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
-		S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
-		S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
-		}
-
-	for(r=0;r<ROUNDS;r++)
-		{
-#ifdef SMALL_REGISTER_BANK
-		L0 =	C0(K,0) ^ C1(K,7) ^ C2(K,6) ^ C3(K,5) ^
-			C4(K,4) ^ C5(K,3) ^ C6(K,2) ^ C7(K,1) ^ RC[r];
-		L1 =	C0(K,1) ^ C1(K,0) ^ C2(K,7) ^ C3(K,6) ^
-			C4(K,5) ^ C5(K,4) ^ C6(K,3) ^ C7(K,2);
-		L2 =	C0(K,2) ^ C1(K,1) ^ C2(K,0) ^ C3(K,7) ^
-			C4(K,6) ^ C5(K,5) ^ C6(K,4) ^ C7(K,3);
-		L3 =	C0(K,3) ^ C1(K,2) ^ C2(K,1) ^ C3(K,0) ^
-			C4(K,7) ^ C5(K,6) ^ C6(K,5) ^ C7(K,4);
-		L4 =	C0(K,4) ^ C1(K,3) ^ C2(K,2) ^ C3(K,1) ^
-			C4(K,0) ^ C5(K,7) ^ C6(K,6) ^ C7(K,5);
-		L5 =	C0(K,5) ^ C1(K,4) ^ C2(K,3) ^ C3(K,2) ^
-			C4(K,1) ^ C5(K,0) ^ C6(K,7) ^ C7(K,6);
-		L6 =	C0(K,6) ^ C1(K,5) ^ C2(K,4) ^ C3(K,3) ^
-			C4(K,2) ^ C5(K,1) ^ C6(K,0) ^ C7(K,7);
-		L7 =	C0(K,7) ^ C1(K,6) ^ C2(K,5) ^ C3(K,4) ^
-			C4(K,3) ^ C5(K,2) ^ C6(K,1) ^ C7(K,0);
-
-		K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
-		K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
-
-		L0 ^=	C0(S,0) ^ C1(S,7) ^ C2(S,6) ^ C3(S,5) ^
-			C4(S,4) ^ C5(S,3) ^ C6(S,2) ^ C7(S,1);
-		L1 ^=	C0(S,1) ^ C1(S,0) ^ C2(S,7) ^ C3(S,6) ^
-			C4(S,5) ^ C5(S,4) ^ C6(S,3) ^ C7(S,2);
-		L2 ^=	C0(S,2) ^ C1(S,1) ^ C2(S,0) ^ C3(S,7) ^
-			C4(S,6) ^ C5(S,5) ^ C6(S,4) ^ C7(S,3);
-		L3 ^=	C0(S,3) ^ C1(S,2) ^ C2(S,1) ^ C3(S,0) ^
-			C4(S,7) ^ C5(S,6) ^ C6(S,5) ^ C7(S,4);
-		L4 ^=	C0(S,4) ^ C1(S,3) ^ C2(S,2) ^ C3(S,1) ^
-			C4(S,0) ^ C5(S,7) ^ C6(S,6) ^ C7(S,5);
-		L5 ^=	C0(S,5) ^ C1(S,4) ^ C2(S,3) ^ C3(S,2) ^
-			C4(S,1) ^ C5(S,0) ^ C6(S,7) ^ C7(S,6);
-		L6 ^=	C0(S,6) ^ C1(S,5) ^ C2(S,4) ^ C3(S,3) ^
-			C4(S,2) ^ C5(S,1) ^ C6(S,0) ^ C7(S,7);
-		L7 ^=	C0(S,7) ^ C1(S,6) ^ C2(S,5) ^ C3(S,4) ^
-			C4(S,3) ^ C5(S,2) ^ C6(S,1) ^ C7(S,0);
-
-		S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
-		S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
-#else
-		L0  = C0(K,0); L1  = C1(K,0); L2  = C2(K,0); L3  = C3(K,0);
-		L4  = C4(K,0); L5  = C5(K,0); L6  = C6(K,0); L7  = C7(K,0);
-		L0 ^= RC[r];
-
-		L1 ^= C0(K,1); L2 ^= C1(K,1); L3 ^= C2(K,1); L4 ^= C3(K,1);
-		L5 ^= C4(K,1); L6 ^= C5(K,1); L7 ^= C6(K,1); L0 ^= C7(K,1);
-
-		L2 ^= C0(K,2); L3 ^= C1(K,2); L4 ^= C2(K,2); L5 ^= C3(K,2);
-		L6 ^= C4(K,2); L7 ^= C5(K,2); L0 ^= C6(K,2); L1 ^= C7(K,2);
-
-		L3 ^= C0(K,3); L4 ^= C1(K,3); L5 ^= C2(K,3); L6 ^= C3(K,3);
-		L7 ^= C4(K,3); L0 ^= C5(K,3); L1 ^= C6(K,3); L2 ^= C7(K,3);
-
-		L4 ^= C0(K,4); L5 ^= C1(K,4); L6 ^= C2(K,4); L7 ^= C3(K,4);
-		L0 ^= C4(K,4); L1 ^= C5(K,4); L2 ^= C6(K,4); L3 ^= C7(K,4);
-
-		L5 ^= C0(K,5); L6 ^= C1(K,5); L7 ^= C2(K,5); L0 ^= C3(K,5);
-		L1 ^= C4(K,5); L2 ^= C5(K,5); L3 ^= C6(K,5); L4 ^= C7(K,5);
-
-		L6 ^= C0(K,6); L7 ^= C1(K,6); L0 ^= C2(K,6); L1 ^= C3(K,6);
-		L2 ^= C4(K,6); L3 ^= C5(K,6); L4 ^= C6(K,6); L5 ^= C7(K,6);
-
-		L7 ^= C0(K,7); L0 ^= C1(K,7); L1 ^= C2(K,7); L2 ^= C3(K,7);
-		L3 ^= C4(K,7); L4 ^= C5(K,7); L5 ^= C6(K,7); L6 ^= C7(K,7);
-
-		K.q[0] = L0; K.q[1] = L1; K.q[2] = L2; K.q[3] = L3;
-		K.q[4] = L4; K.q[5] = L5; K.q[6] = L6; K.q[7] = L7;
-
-		L0 ^= C0(S,0); L1 ^= C1(S,0); L2 ^= C2(S,0); L3 ^= C3(S,0);
-		L4 ^= C4(S,0); L5 ^= C5(S,0); L6 ^= C6(S,0); L7 ^= C7(S,0);
-
-		L1 ^= C0(S,1); L2 ^= C1(S,1); L3 ^= C2(S,1); L4 ^= C3(S,1);
-		L5 ^= C4(S,1); L6 ^= C5(S,1); L7 ^= C6(S,1); L0 ^= C7(S,1);
-
-		L2 ^= C0(S,2); L3 ^= C1(S,2); L4 ^= C2(S,2); L5 ^= C3(S,2);
-		L6 ^= C4(S,2); L7 ^= C5(S,2); L0 ^= C6(S,2); L1 ^= C7(S,2);
-
-		L3 ^= C0(S,3); L4 ^= C1(S,3); L5 ^= C2(S,3); L6 ^= C3(S,3);
-		L7 ^= C4(S,3); L0 ^= C5(S,3); L1 ^= C6(S,3); L2 ^= C7(S,3);
-
-		L4 ^= C0(S,4); L5 ^= C1(S,4); L6 ^= C2(S,4); L7 ^= C3(S,4);
-		L0 ^= C4(S,4); L1 ^= C5(S,4); L2 ^= C6(S,4); L3 ^= C7(S,4);
-
-		L5 ^= C0(S,5); L6 ^= C1(S,5); L7 ^= C2(S,5); L0 ^= C3(S,5);
-		L1 ^= C4(S,5); L2 ^= C5(S,5); L3 ^= C6(S,5); L4 ^= C7(S,5);
-
-		L6 ^= C0(S,6); L7 ^= C1(S,6); L0 ^= C2(S,6); L1 ^= C3(S,6);
-		L2 ^= C4(S,6); L3 ^= C5(S,6); L4 ^= C6(S,6); L5 ^= C7(S,6);
-
-		L7 ^= C0(S,7); L0 ^= C1(S,7); L1 ^= C2(S,7); L2 ^= C3(S,7);
-		L3 ^= C4(S,7); L4 ^= C5(S,7); L5 ^= C6(S,7); L6 ^= C7(S,7);
-
-		S.q[0] = L0; S.q[1] = L1; S.q[2] = L2; S.q[3] = L3;
-		S.q[4] = L4; S.q[5] = L5; S.q[6] = L6; S.q[7] = L7;
-#endif
-		}
-
-#ifdef __STRICT_ALIGNMENT
-	if ((size_t)p & 7)
-		{
-		int i;
-		for(i=0;i<64;i++)	H->c[i] ^= S.c[i] ^ p[i];
-		}
-	else
-#endif
-		{
-		const u64 *pa=(const u64 *)p;
-		H->q[0] ^= S.q[0] ^ pa[0];
-		H->q[1] ^= S.q[1] ^ pa[1];
-		H->q[2] ^= S.q[2] ^ pa[2];
-		H->q[3] ^= S.q[3] ^ pa[3];
-		H->q[4] ^= S.q[4] ^ pa[4];
-		H->q[5] ^= S.q[5] ^ pa[5];
-		H->q[6] ^= S.q[6] ^ pa[6];
-		H->q[7] ^= S.q[7] ^ pa[7];
-		}
-#endif
-							p += 64;
-							} while(--n);
-	}
diff --git a/lib/libssl/src/crypto/whrlpool/wp_dgst.c b/lib/libssl/src/crypto/whrlpool/wp_dgst.c
deleted file mode 100644
index 663f2ef5de1..00000000000
--- a/lib/libssl/src/crypto/whrlpool/wp_dgst.c
+++ /dev/null
@@ -1,266 +0,0 @@
-/* $OpenBSD: wp_dgst.c,v 1.4 2014/07/12 11:25:25 miod Exp $ */
-/**
- * The Whirlpool hashing function.
- *
- * <P>
- * <b>References</b>
- *
- * <P>
- * The Whirlpool algorithm was developed by
- * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
- * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
- *
- * See
- *      P.S.L.M. Barreto, V. Rijmen,
- *      ``The Whirlpool hashing function,''
- *      NESSIE submission, 2000 (tweaked version, 2001),
- *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
- *
- * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
- * Vincent Rijmen. Lookup "reference implementations" on
- * <http://planeta.terra.com.br/informatica/paulobarreto/>
- *
- * =============================================================================
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
- * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
- * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
- * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- */
-
-/*
- * OpenSSL-specific implementation notes.
- *
- * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
- * number of *bytes* as input length argument. Bit-oriented routine
- * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
- * does not have one-stroke counterpart.
- *
- * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
- * to serve WHIRLPOOL_Update. This is done for performance.
- *
- * Unlike authors' reference implementation, block processing
- * routine whirlpool_block is designed to operate on multi-block
- * input. This is done for performance.
- */
-
-#include "wp_locl.h"
-#include <openssl/crypto.h>
-#include <string.h>
-
-int WHIRLPOOL_Init(WHIRLPOOL_CTX *c)
-	{
-	memset (c,0,sizeof(*c));
-	return(1);
-	}
-
-int WHIRLPOOL_Update	(WHIRLPOOL_CTX *c,const void *_inp,size_t bytes)
-	{
-	/* Well, largest suitable chunk size actually is
-	 * (1<<(sizeof(size_t)*8-3))-64, but below number
-	 * is large enough for not to care about excessive
-	 * calls to WHIRLPOOL_BitUpdate... */
-	size_t chunk = ((size_t)1)<<(sizeof(size_t)*8-4);
-	const unsigned char *inp = _inp;
-
-	while (bytes>=chunk)
-		{
-		WHIRLPOOL_BitUpdate(c,inp,chunk*8);
-		bytes -= chunk;
-		inp   += chunk;
-		}
-	if (bytes)
-		WHIRLPOOL_BitUpdate(c,inp,bytes*8);
-
-	return(1);
-	}
-
-void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c,const void *_inp,size_t bits)
-	{
-	size_t		n;
-	unsigned int	bitoff = c->bitoff,
-			bitrem = bitoff%8,
-			inpgap = (8-(unsigned int)bits%8)&7;
-	const unsigned char *inp=_inp;
-
-	/* This 256-bit increment procedure relies on the size_t
-	 * being natural size of CPU register, so that we don't
-	 * have to mask the value in order to detect overflows. */
-	c->bitlen[0] += bits;
-	if (c->bitlen[0] < bits)	/* overflow */
-		{
-		n = 1;
-		do  { 	c->bitlen[n]++;
-		    } while(c->bitlen[n]==0
-		   	    && ++n<(WHIRLPOOL_COUNTER/sizeof(size_t)));
-		}
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-	reconsider:
-	if (inpgap==0 && bitrem==0)	/* byte-oriented loop */
-		{
-		while (bits)
-			{
-			if (bitoff==0 && (n=bits/WHIRLPOOL_BBLOCK))
-				{
-				whirlpool_block(c,inp,n);
-				inp  += n*WHIRLPOOL_BBLOCK/8;
-				bits %= WHIRLPOOL_BBLOCK;
-				}
-			else
-				{
-				unsigned int byteoff = bitoff/8;
-
-				bitrem = WHIRLPOOL_BBLOCK - bitoff;/* re-use bitrem */
-				if (bits >= bitrem)
-					{
-					bits -= bitrem;
-					bitrem /= 8;
-					memcpy(c->data+byteoff,inp,bitrem);
-					inp  += bitrem;
-					whirlpool_block(c,c->data,1);
-					bitoff = 0;
-					}
-				else
-					{
-					memcpy(c->data+byteoff,inp,bits/8);
-					bitoff += (unsigned int)bits;
-					bits = 0;
-					}
-				c->bitoff = bitoff;
-				}
-			}
-		}
-	else				/* bit-oriented loop */
-#endif
-		{
-		/*
-			   inp
-			   |
-			   +-------+-------+-------
-			      |||||||||||||||||||||
-			   +-------+-------+-------
-		+-------+-------+-------+-------+-------
-		||||||||||||||				c->data
-		+-------+-------+-------+-------+-------
-			|
-			c->bitoff/8
-		*/
-		while (bits)
-			{
-			unsigned int	byteoff	= bitoff/8;
-			unsigned char	b;
-
-#ifndef OPENSSL_SMALL_FOOTPRINT
-			if (bitrem==inpgap)
-				{
-				c->data[byteoff++] |= inp[0] & (0xff>>inpgap);
-				inpgap = 8-inpgap;
-				bitoff += inpgap;  bitrem = 0;	/* bitoff%8 */
-				bits   -= inpgap;  inpgap = 0;	/* bits%8   */
-				inp++;
-				if (bitoff==WHIRLPOOL_BBLOCK)
-					{
-					whirlpool_block(c,c->data,1);
-					bitoff = 0;
-					}
-				c->bitoff = bitoff;
-				goto reconsider;
-				}
-			else
-#endif
-			if (bits>=8)
-				{
-				b  = ((inp[0]<<inpgap) | (inp[1]>>(8-inpgap)));
-				b &= 0xff;
-				if (bitrem)	c->data[byteoff++] |= b>>bitrem;
-				else		c->data[byteoff++]  = b;
-				bitoff += 8;
-				bits   -= 8;
-				inp++;
-				if (bitoff>=WHIRLPOOL_BBLOCK)
-					{
-					whirlpool_block(c,c->data,1);
-					byteoff  = 0;
-					bitoff  %= WHIRLPOOL_BBLOCK;
-					}
-				if (bitrem)	c->data[byteoff] = b<<(8-bitrem);
-				}
-			else	/* remaining less than 8 bits */
-				{
-				b = (inp[0]<<inpgap)&0xff;
-				if (bitrem)	c->data[byteoff++] |= b>>bitrem;
-				else		c->data[byteoff++]  = b;
-				bitoff += (unsigned int)bits;
-				if (bitoff==WHIRLPOOL_BBLOCK)
-					{
-					whirlpool_block(c,c->data,1);
-					byteoff  = 0;
-			        	bitoff  %= WHIRLPOOL_BBLOCK;
-					}
-				if (bitrem)	c->data[byteoff] = b<<(8-bitrem);
-				bits = 0;
-				}
-			c->bitoff = bitoff;
-			}
-		}
-	}
-
-int WHIRLPOOL_Final	(unsigned char *md,WHIRLPOOL_CTX *c)
-	{
-	unsigned int	bitoff  = c->bitoff,
-			byteoff = bitoff/8;
-	size_t		i,j,v;
-	unsigned char  *p;
-
-	bitoff %= 8;
-	if (bitoff)	c->data[byteoff] |= 0x80>>bitoff;
-	else		c->data[byteoff]  = 0x80;
-	byteoff++;
-
-	/* pad with zeros */
-	if (byteoff > (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
-		{
-		if (byteoff<WHIRLPOOL_BBLOCK/8)
-			memset(&c->data[byteoff],0,WHIRLPOOL_BBLOCK/8-byteoff);
-		whirlpool_block(c,c->data,1);
-		byteoff = 0;
-		}
-	if (byteoff < (WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER))
-		memset(&c->data[byteoff],0,
-			(WHIRLPOOL_BBLOCK/8-WHIRLPOOL_COUNTER)-byteoff);
-	/* smash 256-bit c->bitlen in big-endian order */
-	p = &c->data[WHIRLPOOL_BBLOCK/8-1];	/* last byte in c->data */
-	for(i=0;i<WHIRLPOOL_COUNTER/sizeof(size_t);i++)
-		for(v=c->bitlen[i],j=0;j<sizeof(size_t);j++,v>>=8)
-			*p-- = (unsigned char)(v&0xff);
-
-	whirlpool_block(c,c->data,1);
-
-	if (md)	{
-		memcpy(md,c->H.c,WHIRLPOOL_DIGEST_LENGTH);
-		memset(c,0,sizeof(*c));
-		return(1);
-		}
-	return(0);
-	}
-
-unsigned char *WHIRLPOOL(const void *inp, size_t bytes,unsigned char *md)
-	{
-	WHIRLPOOL_CTX ctx;
-	static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
-
-	if (md == NULL) md=m;
-	WHIRLPOOL_Init(&ctx);
-	WHIRLPOOL_Update(&ctx,inp,bytes);
-	WHIRLPOOL_Final(md,&ctx);
-	return(md);
-	}
diff --git a/lib/libssl/src/crypto/whrlpool/wp_locl.h b/lib/libssl/src/crypto/whrlpool/wp_locl.h
deleted file mode 100644
index 7724b57acca..00000000000
--- a/lib/libssl/src/crypto/whrlpool/wp_locl.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* $OpenBSD: wp_locl.h,v 1.2 2014/06/12 15:49:31 deraadt Exp $ */
-
-#include <openssl/whrlpool.h>
-
-void whirlpool_block(WHIRLPOOL_CTX *,const void *,size_t);
diff --git a/lib/libssl/src/crypto/x509/by_dir.c b/lib/libssl/src/crypto/x509/by_dir.c
deleted file mode 100644
index 7b7d14a9505..00000000000
--- a/lib/libssl/src/crypto/x509/by_dir.c
+++ /dev/null
@@ -1,422 +0,0 @@
-/* $OpenBSD: by_dir.c,v 1.37 2015/04/11 16:03:21 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/types.h>
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-# include <sys/stat.h>
-
-typedef struct lookup_dir_hashes_st {
-	unsigned long hash;
-	int suffix;
-} BY_DIR_HASH;
-
-typedef struct lookup_dir_entry_st {
-	char *dir;
-	int dir_type;
-	STACK_OF(BY_DIR_HASH) *hashes;
-} BY_DIR_ENTRY;
-
-typedef struct lookup_dir_st {
-	BUF_MEM *buffer;
-	STACK_OF(BY_DIR_ENTRY) *dirs;
-} BY_DIR;
-
-DECLARE_STACK_OF(BY_DIR_HASH)
-DECLARE_STACK_OF(BY_DIR_ENTRY)
-
-static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-    char **ret);
-static int new_dir(X509_LOOKUP *lu);
-static void free_dir(X509_LOOKUP *lu);
-static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
-static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
-    X509_OBJECT *ret);
-
-static X509_LOOKUP_METHOD x509_dir_lookup = {
-	.name = "Load certs from files in a directory",
-	.new_item = new_dir,
-	.free = free_dir,
-	.init = NULL, 
-	.shutdown = NULL,
-	.ctrl = dir_ctrl,
-	.get_by_subject = get_cert_by_subject,
-	.get_by_issuer_serial = NULL,
-	.get_by_fingerprint = NULL,
-	.get_by_alias = NULL,
-};
-
-X509_LOOKUP_METHOD *
-X509_LOOKUP_hash_dir(void)
-{
-	return (&x509_dir_lookup);
-}
-
-static int
-dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-    char **retp)
-{
-	int ret = 0;
-	BY_DIR *ld;
-
-	ld = (BY_DIR *)ctx->method_data;
-
-	switch (cmd) {
-	case X509_L_ADD_DIR:
-		if (argl == X509_FILETYPE_DEFAULT) {
-			ret = add_cert_dir(ld, X509_get_default_cert_dir(),
-			    X509_FILETYPE_PEM);
-			if (!ret) {
-				X509err(X509_F_DIR_CTRL, X509_R_LOADING_CERT_DIR);
-			}
-		} else
-			ret = add_cert_dir(ld, argp, (int)argl);
-		break;
-	}
-	return (ret);
-}
-
-static int
-new_dir(X509_LOOKUP *lu)
-{
-	BY_DIR *a;
-
-	if ((a = malloc(sizeof(BY_DIR))) == NULL)
-		return (0);
-	if ((a->buffer = BUF_MEM_new()) == NULL) {
-		free(a);
-		return (0);
-	}
-	a->dirs = NULL;
-	lu->method_data = (char *)a;
-	return (1);
-}
-
-static void
-by_dir_hash_free(BY_DIR_HASH *hash)
-{
-	free(hash);
-}
-
-static int
-by_dir_hash_cmp(const BY_DIR_HASH * const *a,
-    const BY_DIR_HASH * const *b)
-{
-	if ((*a)->hash > (*b)->hash)
-		return 1;
-	if ((*a)->hash < (*b)->hash)
-		return -1;
-	return 0;
-}
-
-static void
-by_dir_entry_free(BY_DIR_ENTRY *ent)
-{
-	free(ent->dir);
-	if (ent->hashes)
-		sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
-	free(ent);
-}
-
-static void
-free_dir(X509_LOOKUP *lu)
-{
-	BY_DIR *a;
-
-	a = (BY_DIR *)lu->method_data;
-	if (a->dirs != NULL)
-		sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
-	if (a->buffer != NULL)
-		BUF_MEM_free(a->buffer);
-	free(a);
-}
-
-static int
-add_cert_dir(BY_DIR *ctx, const char *dir, int type)
-{
-	int j;
-	const char *s, *ss, *p;
-	ptrdiff_t len;
-
-	if (dir == NULL || !*dir) {
-		X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY);
-		return 0;
-	}
-
-	s = dir;
-	p = s;
-	do {
-		if ((*p == ':') || (*p == '\0')) {
-			BY_DIR_ENTRY *ent;
-			ss = s;
-			s = p + 1;
-			len = p - ss;
-			if (len == 0)
-				continue;
-			for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) {
-				ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j);
-				if (strlen(ent->dir) == (size_t)len &&
-				    strncmp(ent->dir, ss, (size_t)len) == 0)
-					break;
-			}
-			if (j < sk_BY_DIR_ENTRY_num(ctx->dirs))
-				continue;
-			if (ctx->dirs == NULL) {
-				ctx->dirs = sk_BY_DIR_ENTRY_new_null();
-				if (!ctx->dirs) {
-					X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
-					return 0;
-				}
-			}
-			ent = malloc(sizeof(BY_DIR_ENTRY));
-			if (!ent) {
-				X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-			ent->dir_type = type;
-			ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
-			ent->dir = strndup(ss, (size_t)len);
-			if (!ent->dir || !ent->hashes) {
-				X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
-				by_dir_entry_free(ent);
-				return 0;
-			}
-			if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
-				X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
-				by_dir_entry_free(ent);
-				return 0;
-			}
-		}
-	} while (*p++ != '\0');
-	return 1;
-}
-
-static int
-get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
-    X509_OBJECT *ret)
-{
-	BY_DIR *ctx;
-	union	{
-		struct	{
-			X509 st_x509;
-			X509_CINF st_x509_cinf;
-		} x509;
-		struct	{
-			X509_CRL st_crl;
-			X509_CRL_INFO st_crl_info;
-		} crl;
-	} data;
-	int ok = 0;
-	int i, j, k;
-	unsigned long h;
-	BUF_MEM *b = NULL;
-	X509_OBJECT stmp, *tmp;
-	const char *postfix="";
-
-	if (name == NULL)
-		return (0);
-
-	stmp.type = type;
-	if (type == X509_LU_X509) {
-		data.x509.st_x509.cert_info = &data.x509.st_x509_cinf;
-		data.x509.st_x509_cinf.subject = name;
-		stmp.data.x509 = &data.x509.st_x509;
-		postfix="";
-	} else if (type == X509_LU_CRL) {
-		data.crl.st_crl.crl = &data.crl.st_crl_info;
-		data.crl.st_crl_info.issuer = name;
-		stmp.data.crl = &data.crl.st_crl;
-		postfix="r";
-	} else {
-		X509err(X509_F_GET_CERT_BY_SUBJECT, X509_R_WRONG_LOOKUP_TYPE);
-		goto finish;
-	}
-
-	if ((b = BUF_MEM_new()) == NULL) {
-		X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_BUF_LIB);
-		goto finish;
-	}
-
-	ctx = (BY_DIR *)xl->method_data;
-
-	h = X509_NAME_hash(name);
-	for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) {
-		BY_DIR_ENTRY *ent;
-		int idx;
-		BY_DIR_HASH htmp, *hent;
-		ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
-		j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
-		if (!BUF_MEM_grow(b, j)) {
-			X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
-			goto finish;
-		}
-		if (type == X509_LU_CRL && ent->hashes) {
-			htmp.hash = h;
-			CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
-			idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
-			if (idx >= 0) {
-				hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
-				k = hent->suffix;
-			} else {
-				hent = NULL;
-				k = 0;
-			}
-			CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
-		} else {
-			k = 0;
-			hent = NULL;
-		}
-		for (;;) {
-			(void) snprintf(b->data, b->max, "%s/%08lx.%s%d",
-			    ent->dir, h, postfix, k);
-
-			{
-				struct stat st;
-				if (stat(b->data, &st) < 0)
-					break;
-			}
-			/* found one. */
-			if (type == X509_LU_X509) {
-				if ((X509_load_cert_file(xl, b->data,
-				    ent->dir_type)) == 0)
-					break;
-			} else if (type == X509_LU_CRL) {
-				if ((X509_load_crl_file(xl, b->data,
-				    ent->dir_type)) == 0)
-					break;
-			}
-			/* else case will caught higher up */
-			k++;
-		}
-
-		/* we have added it to the cache so now pull it out again */
-		CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-		j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
-		if (j != -1)
-			tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
-		else
-			tmp = NULL;
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-		/* If a CRL, update the last file suffix added for this */
-		if (type == X509_LU_CRL) {
-			CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-			/*
-			 * Look for entry again in case another thread added
-			 * an entry first.
-			 */
-			if (!hent) {
-				htmp.hash = h;
-				idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
-				if (idx >= 0)
-					hent = sk_BY_DIR_HASH_value(
-					    ent->hashes, idx);
-			}
-			if (!hent) {
-				hent = malloc(sizeof(BY_DIR_HASH));
-				if (!hent) {
-					X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
-					CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-					ok = 0;
-					goto finish;
-				}
-				hent->hash = h;
-				hent->suffix = k;
-				if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
-					X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
-					CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-					free(hent);
-					ok = 0;
-					goto finish;
-				}
-			} else if (hent->suffix < k)
-				hent->suffix = k;
-
-			CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-		}
-
-		if (tmp != NULL) {
-			ok = 1;
-			ret->type = tmp->type;
-			memcpy(&ret->data, &tmp->data, sizeof(ret->data));
-			/*
-			 * If we were going to up the reference count,
-			 * we would need to do it on a perl 'type' basis
-			 */
-	/*		CRYPTO_add(&tmp->data.x509->references,1,
-				CRYPTO_LOCK_X509);*/
-			goto finish;
-		}
-	}
-finish:
-	if (b != NULL)
-		BUF_MEM_free(b);
-	return (ok);
-}
diff --git a/lib/libssl/src/crypto/x509/by_file.c b/lib/libssl/src/crypto/x509/by_file.c
deleted file mode 100644
index 377b3b0a8b8..00000000000
--- a/lib/libssl/src/crypto/x509/by_file.c
+++ /dev/null
@@ -1,274 +0,0 @@
-/* $OpenBSD: by_file.c,v 1.20 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-    long argl, char **ret);
-
-static X509_LOOKUP_METHOD x509_file_lookup = {
-	.name = "Load file into cache",
-	.new_item = NULL,
-	.free = NULL,
-	.init = NULL,
-	.shutdown = NULL,
-	.ctrl = by_file_ctrl,
-	.get_by_subject = NULL,
-	.get_by_issuer_serial = NULL,
-	.get_by_fingerprint = NULL,
-	.get_by_alias = NULL,
-};
-
-X509_LOOKUP_METHOD *
-X509_LOOKUP_file(void)
-{
-	return (&x509_file_lookup);
-}
-
-static int
-by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
-    char **ret)
-{
-	int ok = 0;
-
-	switch (cmd) {
-	case X509_L_FILE_LOAD:
-		if (argl == X509_FILETYPE_DEFAULT) {
-			ok = (X509_load_cert_crl_file(ctx,
-			    X509_get_default_cert_file(),
-			    X509_FILETYPE_PEM) != 0);
-			if (!ok) {
-				X509err(X509_F_BY_FILE_CTRL,
-				    X509_R_LOADING_DEFAULTS);
-			}
-		} else {
-			if (argl == X509_FILETYPE_PEM)
-				ok = (X509_load_cert_crl_file(ctx, argp,
-				    X509_FILETYPE_PEM) != 0);
-			else
-				ok = (X509_load_cert_file(ctx,
-				    argp, (int)argl) != 0);
-		}
-		break;
-	}
-	return (ok);
-}
-
-int
-X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-	int ret = 0;
-	BIO *in = NULL;
-	int i, count = 0;
-	X509 *x = NULL;
-
-	if (file == NULL)
-		return (1);
-	in = BIO_new(BIO_s_file_internal());
-
-	if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
-		X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_SYS_LIB);
-		goto err;
-	}
-
-	if (type == X509_FILETYPE_PEM) {
-		for (;;) {
-			x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
-			if (x == NULL) {
-				if ((ERR_GET_REASON(ERR_peek_last_error()) ==
-				    PEM_R_NO_START_LINE) && (count > 0)) {
-					ERR_clear_error();
-					break;
-				} else {
-					X509err(X509_F_X509_LOAD_CERT_FILE,
-					    ERR_R_PEM_LIB);
-					goto err;
-				}
-			}
-			i = X509_STORE_add_cert(ctx->store_ctx, x);
-			if (!i)
-				goto err;
-			count++;
-			X509_free(x);
-			x = NULL;
-		}
-		ret = count;
-	} else if (type == X509_FILETYPE_ASN1) {
-		x = d2i_X509_bio(in, NULL);
-		if (x == NULL) {
-			X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		i = X509_STORE_add_cert(ctx->store_ctx, x);
-		if (!i)
-			goto err;
-		ret = i;
-	} else {
-		X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_BAD_X509_FILETYPE);
-		goto err;
-	}
-err:
-	X509_free(x);
-	BIO_free(in);
-	return (ret);
-}
-
-int
-X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-	int ret = 0;
-	BIO *in = NULL;
-	int i, count = 0;
-	X509_CRL *x = NULL;
-
-	if (file == NULL)
-		return (1);
-	in = BIO_new(BIO_s_file_internal());
-
-	if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
-		X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_SYS_LIB);
-		goto err;
-	}
-
-	if (type == X509_FILETYPE_PEM) {
-		for (;;) {
-			x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
-			if (x == NULL) {
-				if ((ERR_GET_REASON(ERR_peek_last_error()) ==
-				    PEM_R_NO_START_LINE) && (count > 0)) {
-					ERR_clear_error();
-					break;
-				} else {
-					X509err(X509_F_X509_LOAD_CRL_FILE,
-					    ERR_R_PEM_LIB);
-					goto err;
-				}
-			}
-			i = X509_STORE_add_crl(ctx->store_ctx, x);
-			if (!i)
-				goto err;
-			count++;
-			X509_CRL_free(x);
-			x = NULL;
-		}
-		ret = count;
-	} else if (type == X509_FILETYPE_ASN1) {
-		x = d2i_X509_CRL_bio(in, NULL);
-		if (x == NULL) {
-			X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_ASN1_LIB);
-			goto err;
-		}
-		i = X509_STORE_add_crl(ctx->store_ctx, x);
-		if (!i)
-			goto err;
-		ret = i;
-	} else {
-		X509err(X509_F_X509_LOAD_CRL_FILE, X509_R_BAD_X509_FILETYPE);
-		goto err;
-	}
-err:
-	if (x != NULL)
-		X509_CRL_free(x);
-	BIO_free(in);
-	return (ret);
-}
-
-int
-X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
-{
-	STACK_OF(X509_INFO) *inf;
-	X509_INFO *itmp;
-	BIO *in;
-	int i, count = 0;
-	if (type != X509_FILETYPE_PEM)
-		return X509_load_cert_file(ctx, file, type);
-	in = BIO_new_file(file, "r");
-	if (!in) {
-		X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB);
-		return 0;
-	}
-	inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
-	BIO_free(in);
-	if (!inf) {
-		X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB);
-		return 0;
-	}
-	for (i = 0; i < sk_X509_INFO_num(inf); i++) {
-		itmp = sk_X509_INFO_value(inf, i);
-		if (itmp->x509) {
-			X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
-			count++;
-		}
-		if (itmp->crl) {
-			X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
-			count++;
-		}
-	}
-	sk_X509_INFO_pop_free(inf, X509_INFO_free);
-	return count;
-}
-
diff --git a/lib/libssl/src/crypto/x509/by_mem.c b/lib/libssl/src/crypto/x509/by_mem.c
deleted file mode 100644
index ecab813406d..00000000000
--- a/lib/libssl/src/crypto/x509/by_mem.c
+++ /dev/null
@@ -1,138 +0,0 @@
-/* $OpenBSD: by_mem.c,v 1.3 2015/02/05 01:33:22 reyk Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <sys/uio.h>
-#include <errno.h>
-#include <stdio.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/pem.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-
-static int by_mem_ctrl(X509_LOOKUP *, int, const char *, long, char **);
-
-static X509_LOOKUP_METHOD x509_mem_lookup = {
-	.name = "Load cert from memory",
-	.new_item = NULL,
-	.free = NULL,
-	.init = NULL,
-	.shutdown = NULL,
-	.ctrl = by_mem_ctrl,
-	.get_by_subject = NULL,
-	.get_by_issuer_serial = NULL,
-	.get_by_fingerprint = NULL,
-	.get_by_alias = NULL,
-};
-
-X509_LOOKUP_METHOD *
-X509_LOOKUP_mem(void)
-{
-	return (&x509_mem_lookup);
-}
-
-static int
-by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf,
-    long type, char **ret)
-{
-	STACK_OF(X509_INFO)	*inf = NULL;
-	const struct iovec	*iov;
-	X509_INFO		*itmp;
-	BIO			*in = NULL;
-	int			 i, count = 0, ok = 0;
-
-	iov = (const struct iovec *)buf;
-
-	if (!(cmd == X509_L_MEM && type == X509_FILETYPE_PEM))
-		goto done;
-
-	if ((in = BIO_new_mem_buf(iov->iov_base, iov->iov_len)) == NULL)
-		goto done;
-
-	if ((inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL)) == NULL)
-		goto done;
-
-	for (i = 0; i < sk_X509_INFO_num(inf); i++) {
-		itmp = sk_X509_INFO_value(inf, i);
-		if (itmp->x509) {
-			ok = X509_STORE_add_cert(lu->store_ctx, itmp->x509);
-			if (!ok)
-				goto done;
-			count++;
-		}
-		if (itmp->crl) {
-			ok = X509_STORE_add_crl(lu->store_ctx, itmp->crl);
-			if (!ok)
-				goto done;
-			count++;
-		}
-	}
-
-	ok = count != 0;
- done:
-	if (count == 0)
-		X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB);
-	if (inf != NULL)
-		sk_X509_INFO_pop_free(inf, X509_INFO_free);
-	if (in != NULL)
-		BIO_free(in);
-	return (ok);
-}
diff --git a/lib/libssl/src/crypto/x509/x509.h b/lib/libssl/src/crypto/x509/x509.h
deleted file mode 100644
index cf00ea5ebed..00000000000
--- a/lib/libssl/src/crypto/x509/x509.h
+++ /dev/null
@@ -1,1270 +0,0 @@
-/* $OpenBSD: x509.h,v 1.23 2015/04/12 15:15:51 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECDH support in OpenSSL originally developed by 
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_X509_H
-#define HEADER_X509_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_BUFFER
-#include <openssl/buffer.h>
-#endif
-#ifndef OPENSSL_NO_EVP
-#include <openssl/evp.h>
-#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-#include <openssl/stack.h>
-#include <openssl/asn1.h>
-#include <openssl/safestack.h>
-
-#ifndef OPENSSL_NO_EC
-#include <openssl/ec.h>
-#endif
-
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
-#endif
-
-#ifndef OPENSSL_NO_ECDH
-#include <openssl/ecdh.h>
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_DH
-#include <openssl/dh.h>
-#endif
-#endif
-
-#ifndef OPENSSL_NO_SHA
-#include <openssl/sha.h>
-#endif
-#include <openssl/ossl_typ.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define X509_FILETYPE_PEM	1
-#define X509_FILETYPE_ASN1	2
-#define X509_FILETYPE_DEFAULT	3
-
-#define X509v3_KU_DIGITAL_SIGNATURE	0x0080
-#define X509v3_KU_NON_REPUDIATION	0x0040
-#define X509v3_KU_KEY_ENCIPHERMENT	0x0020
-#define X509v3_KU_DATA_ENCIPHERMENT	0x0010
-#define X509v3_KU_KEY_AGREEMENT		0x0008
-#define X509v3_KU_KEY_CERT_SIGN		0x0004
-#define X509v3_KU_CRL_SIGN		0x0002
-#define X509v3_KU_ENCIPHER_ONLY		0x0001
-#define X509v3_KU_DECIPHER_ONLY		0x8000
-#define X509v3_KU_UNDEF			0xffff
-
-typedef struct X509_objects_st
-	{
-	int nid;
-	int (*a2i)(void);
-	int (*i2a)(void);
-	} X509_OBJECTS;
-
-struct X509_algor_st
-	{
-	ASN1_OBJECT *algorithm;
-	ASN1_TYPE *parameter;
-	} /* X509_ALGOR */;
-
-DECLARE_ASN1_SET_OF(X509_ALGOR)
-
-typedef STACK_OF(X509_ALGOR) X509_ALGORS;
-
-typedef struct X509_val_st
-	{
-	ASN1_TIME *notBefore;
-	ASN1_TIME *notAfter;
-	} X509_VAL;
-
-struct X509_pubkey_st
-	{
-	X509_ALGOR *algor;
-	ASN1_BIT_STRING *public_key;
-	EVP_PKEY *pkey;
-	};
-
-typedef struct X509_sig_st
-	{
-	X509_ALGOR *algor;
-	ASN1_OCTET_STRING *digest;
-	} X509_SIG;
-
-typedef struct X509_name_entry_st
-	{
-	ASN1_OBJECT *object;
-	ASN1_STRING *value;
-	int set;
-	int size; 	/* temp variable */
-	} X509_NAME_ENTRY;
-
-DECLARE_STACK_OF(X509_NAME_ENTRY)
-DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
-
-/* we always keep X509_NAMEs in 2 forms. */
-struct X509_name_st
-	{
-	STACK_OF(X509_NAME_ENTRY) *entries;
-	int modified;	/* true if 'bytes' needs to be built */
-#ifndef OPENSSL_NO_BUFFER
-	BUF_MEM *bytes;
-#else
-	char *bytes;
-#endif
-/*	unsigned long hash; Keep the hash around for lookups */
-	unsigned char *canon_enc;
-	int canon_enclen;
-	} /* X509_NAME */;
-
-DECLARE_STACK_OF(X509_NAME)
-
-#define X509_EX_V_NETSCAPE_HACK		0x8000
-#define X509_EX_V_INIT			0x0001
-typedef struct X509_extension_st
-	{
-	ASN1_OBJECT *object;
-	ASN1_BOOLEAN critical;
-	ASN1_OCTET_STRING *value;
-	} X509_EXTENSION;
-
-typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
-
-DECLARE_STACK_OF(X509_EXTENSION)
-DECLARE_ASN1_SET_OF(X509_EXTENSION)
-
-/* a sequence of these are used */
-typedef struct x509_attributes_st
-	{
-	ASN1_OBJECT *object;
-	int single; /* 0 for a set, 1 for a single item (which is wrong) */
-	union	{
-		char		*ptr;
-/* 0 */		STACK_OF(ASN1_TYPE) *set;
-/* 1 */		ASN1_TYPE	*single;
-		} value;
-	} X509_ATTRIBUTE;
-
-DECLARE_STACK_OF(X509_ATTRIBUTE)
-DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
-
-
-typedef struct X509_req_info_st
-	{
-	ASN1_ENCODING enc;
-	ASN1_INTEGER *version;
-	X509_NAME *subject;
-	X509_PUBKEY *pubkey;
-	/*  d=2 hl=2 l=  0 cons: cont: 00 */
-	STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
-	} X509_REQ_INFO;
-
-typedef struct X509_req_st
-	{
-	X509_REQ_INFO *req_info;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int references;
-	} X509_REQ;
-
-typedef struct x509_cinf_st
-	{
-	ASN1_INTEGER *version;		/* [ 0 ] default of v1 */
-	ASN1_INTEGER *serialNumber;
-	X509_ALGOR *signature;
-	X509_NAME *issuer;
-	X509_VAL *validity;
-	X509_NAME *subject;
-	X509_PUBKEY *key;
-	ASN1_BIT_STRING *issuerUID;		/* [ 1 ] optional in v2 */
-	ASN1_BIT_STRING *subjectUID;		/* [ 2 ] optional in v2 */
-	STACK_OF(X509_EXTENSION) *extensions;	/* [ 3 ] optional in v3 */
-	ASN1_ENCODING enc;
-	} X509_CINF;
-
-/* This stuff is certificate "auxiliary info"
- * it contains details which are useful in certificate
- * stores and databases. When used this is tagged onto
- * the end of the certificate itself
- */
-
-typedef struct x509_cert_aux_st
-	{
-	STACK_OF(ASN1_OBJECT) *trust;		/* trusted uses */
-	STACK_OF(ASN1_OBJECT) *reject;		/* rejected uses */
-	ASN1_UTF8STRING *alias;			/* "friendly name" */
-	ASN1_OCTET_STRING *keyid;		/* key id of private key */
-	STACK_OF(X509_ALGOR) *other;		/* other unspecified info */
-	} X509_CERT_AUX;
-
-struct x509_st
-	{
-	X509_CINF *cert_info;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int valid;
-	int references;
-	char *name;
-	CRYPTO_EX_DATA ex_data;
-	/* These contain copies of various extension values */
-	long ex_pathlen;
-	long ex_pcpathlen;
-	unsigned long ex_flags;
-	unsigned long ex_kusage;
-	unsigned long ex_xkusage;
-	unsigned long ex_nscert;
-	ASN1_OCTET_STRING *skid;
-	AUTHORITY_KEYID *akid;
-	X509_POLICY_CACHE *policy_cache;
-	STACK_OF(DIST_POINT) *crldp;
-	STACK_OF(GENERAL_NAME) *altname;
-	NAME_CONSTRAINTS *nc;
-#ifndef OPENSSL_NO_SHA
-	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-#endif
-	X509_CERT_AUX *aux;
-	} /* X509 */;
-
-DECLARE_STACK_OF(X509)
-DECLARE_ASN1_SET_OF(X509)
-
-/* This is used for a table of trust checking functions */
-
-typedef struct x509_trust_st {
-	int trust;
-	int flags;
-	int (*check_trust)(struct x509_trust_st *, X509 *, int);
-	char *name;
-	int arg1;
-	void *arg2;
-} X509_TRUST;
-
-DECLARE_STACK_OF(X509_TRUST)
-
-typedef struct x509_cert_pair_st {
-	X509 *forward;
-	X509 *reverse;
-} X509_CERT_PAIR;
-
-/* standard trust ids */
-
-#define X509_TRUST_DEFAULT	-1	/* Only valid in purpose settings */
-
-#define X509_TRUST_COMPAT	1
-#define X509_TRUST_SSL_CLIENT	2
-#define X509_TRUST_SSL_SERVER	3
-#define X509_TRUST_EMAIL	4
-#define X509_TRUST_OBJECT_SIGN	5
-#define X509_TRUST_OCSP_SIGN	6
-#define X509_TRUST_OCSP_REQUEST	7
-#define X509_TRUST_TSA		8
-
-/* Keep these up to date! */
-#define X509_TRUST_MIN		1
-#define X509_TRUST_MAX		8
-
-
-/* trust_flags values */
-#define	X509_TRUST_DYNAMIC 	1
-#define	X509_TRUST_DYNAMIC_NAME	2
-
-/* check_trust return codes */
-
-#define X509_TRUST_TRUSTED	1
-#define X509_TRUST_REJECTED	2
-#define X509_TRUST_UNTRUSTED	3
-
-/* Flags for X509_print_ex() */
-
-#define	X509_FLAG_COMPAT		0
-#define	X509_FLAG_NO_HEADER		1L
-#define	X509_FLAG_NO_VERSION		(1L << 1)
-#define	X509_FLAG_NO_SERIAL		(1L << 2)
-#define	X509_FLAG_NO_SIGNAME		(1L << 3)
-#define	X509_FLAG_NO_ISSUER		(1L << 4)
-#define	X509_FLAG_NO_VALIDITY		(1L << 5)
-#define	X509_FLAG_NO_SUBJECT		(1L << 6)
-#define	X509_FLAG_NO_PUBKEY		(1L << 7)
-#define	X509_FLAG_NO_EXTENSIONS		(1L << 8)
-#define	X509_FLAG_NO_SIGDUMP		(1L << 9)
-#define	X509_FLAG_NO_AUX		(1L << 10)
-#define	X509_FLAG_NO_ATTRIBUTES		(1L << 11)
-
-/* Flags specific to X509_NAME_print_ex() */	
-
-/* The field separator information */
-
-#define XN_FLAG_SEP_MASK	(0xf << 16)
-
-#define XN_FLAG_COMPAT		0		/* Traditional SSLeay: use old X509_NAME_print */
-#define XN_FLAG_SEP_COMMA_PLUS	(1 << 16)	/* RFC2253 ,+ */
-#define XN_FLAG_SEP_CPLUS_SPC	(2 << 16)	/* ,+ spaced: more readable */
-#define XN_FLAG_SEP_SPLUS_SPC	(3 << 16)	/* ;+ spaced */
-#define XN_FLAG_SEP_MULTILINE	(4 << 16)	/* One line per field */
-
-#define XN_FLAG_DN_REV		(1 << 20)	/* Reverse DN order */
-
-/* How the field name is shown */
-
-#define XN_FLAG_FN_MASK		(0x3 << 21)
-
-#define XN_FLAG_FN_SN		0		/* Object short name */
-#define XN_FLAG_FN_LN		(1 << 21)	/* Object long name */
-#define XN_FLAG_FN_OID		(2 << 21)	/* Always use OIDs */
-#define XN_FLAG_FN_NONE		(3 << 21)	/* No field names */
-
-#define XN_FLAG_SPC_EQ		(1 << 23)	/* Put spaces round '=' */
-
-/* This determines if we dump fields we don't recognise:
- * RFC2253 requires this.
- */
-
-#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
-
-#define XN_FLAG_FN_ALIGN	(1 << 25)	/* Align field names to 20 characters */
-
-/* Complete set of RFC2253 flags */
-
-#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
-			XN_FLAG_SEP_COMMA_PLUS | \
-			XN_FLAG_DN_REV | \
-			XN_FLAG_FN_SN | \
-			XN_FLAG_DUMP_UNKNOWN_FIELDS)
-
-/* readable oneline form */
-
-#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
-			ASN1_STRFLGS_ESC_QUOTE | \
-			XN_FLAG_SEP_CPLUS_SPC | \
-			XN_FLAG_SPC_EQ | \
-			XN_FLAG_FN_SN)
-
-/* readable multiline form */
-
-#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
-			ASN1_STRFLGS_ESC_MSB | \
-			XN_FLAG_SEP_MULTILINE | \
-			XN_FLAG_SPC_EQ | \
-			XN_FLAG_FN_LN | \
-			XN_FLAG_FN_ALIGN)
-
-struct x509_revoked_st
-	{
-	ASN1_INTEGER *serialNumber;
-	ASN1_TIME *revocationDate;
-	STACK_OF(X509_EXTENSION) /* optional */ *extensions;
-	/* Set up if indirect CRL */
-	STACK_OF(GENERAL_NAME) *issuer;
-	/* Revocation reason */
-	int reason;
-	int sequence; /* load sequence */
-	};
-
-DECLARE_STACK_OF(X509_REVOKED)
-DECLARE_ASN1_SET_OF(X509_REVOKED)
-
-typedef struct X509_crl_info_st
-	{
-	ASN1_INTEGER *version;
-	X509_ALGOR *sig_alg;
-	X509_NAME *issuer;
-	ASN1_TIME *lastUpdate;
-	ASN1_TIME *nextUpdate;
-	STACK_OF(X509_REVOKED) *revoked;
-	STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
-	ASN1_ENCODING enc;
-	} X509_CRL_INFO;
-
-struct X509_crl_st
-	{
-	/* actual signature */
-	X509_CRL_INFO *crl;
-	X509_ALGOR *sig_alg;
-	ASN1_BIT_STRING *signature;
-	int references;
-	int flags;
-	/* Copies of various extensions */
-	AUTHORITY_KEYID *akid;
-	ISSUING_DIST_POINT *idp;
-	/* Convenient breakdown of IDP */
-	int idp_flags;
-	int idp_reasons;
-	/* CRL and base CRL numbers for delta processing */
-	ASN1_INTEGER *crl_number;
-	ASN1_INTEGER *base_crl_number;
-#ifndef OPENSSL_NO_SHA
-	unsigned char sha1_hash[SHA_DIGEST_LENGTH];
-#endif
-	STACK_OF(GENERAL_NAMES) *issuers;
-	const X509_CRL_METHOD *meth;
-	void *meth_data;
-	} /* X509_CRL */;
-
-DECLARE_STACK_OF(X509_CRL)
-DECLARE_ASN1_SET_OF(X509_CRL)
-
-typedef struct private_key_st
-	{
-	int version;
-	/* The PKCS#8 data types */
-	X509_ALGOR *enc_algor;
-	ASN1_OCTET_STRING *enc_pkey;	/* encrypted pub key */
-
-	/* When decrypted, the following will not be NULL */
-	EVP_PKEY *dec_pkey;
-
-	/* used to encrypt and decrypt */
-	int key_length;
-	char *key_data;
-	int key_free;	/* true if we should auto free key_data */
-
-	/* expanded version of 'enc_algor' */
-	EVP_CIPHER_INFO cipher;
-
-	int references;
-	} X509_PKEY;
-
-#ifndef OPENSSL_NO_EVP
-typedef struct X509_info_st
-	{
-	X509 *x509;
-	X509_CRL *crl;
-	X509_PKEY *x_pkey;
-
-	EVP_CIPHER_INFO enc_cipher;
-	int enc_len;
-	char *enc_data;
-
-	int references;
-	} X509_INFO;
-
-DECLARE_STACK_OF(X509_INFO)
-#endif
-
-/* The next 2 structures and their 8 routines were sent to me by
- * Pat Richard <patr@x509.com> and are used to manipulate
- * Netscapes spki structures - useful if you are writing a CA web page
- */
-typedef struct Netscape_spkac_st
-	{
-	X509_PUBKEY *pubkey;
-	ASN1_IA5STRING *challenge;	/* challenge sent in atlas >= PR2 */
-	} NETSCAPE_SPKAC;
-
-typedef struct Netscape_spki_st
-	{
-	NETSCAPE_SPKAC *spkac;	/* signed public key and challenge */
-	X509_ALGOR *sig_algor;
-	ASN1_BIT_STRING *signature;
-	} NETSCAPE_SPKI;
-
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence
-	{
-	ASN1_OBJECT *type;
-	STACK_OF(X509) *certs;
-	} NETSCAPE_CERT_SEQUENCE;
-
-/* Unused (and iv length is wrong)
-typedef struct CBCParameter_st
-	{
-	unsigned char iv[8];
-	} CBC_PARAM;
-*/
-
-/* Password based encryption structure */
-
-typedef struct PBEPARAM_st {
-ASN1_OCTET_STRING *salt;
-ASN1_INTEGER *iter;
-} PBEPARAM;
-
-/* Password based encryption V2 structures */
-
-typedef struct PBE2PARAM_st {
-X509_ALGOR *keyfunc;
-X509_ALGOR *encryption;
-} PBE2PARAM;
-
-typedef struct PBKDF2PARAM_st {
-ASN1_TYPE *salt;	/* Usually OCTET STRING but could be anything */
-ASN1_INTEGER *iter;
-ASN1_INTEGER *keylength;
-X509_ALGOR *prf;
-} PBKDF2PARAM;
-
-
-/* PKCS#8 private key info structure */
-
-struct pkcs8_priv_key_info_st
-        {
-        int broken;     /* Flag for various broken formats */
-#define PKCS8_OK		0
-#define PKCS8_NO_OCTET		1
-#define PKCS8_EMBEDDED_PARAM	2
-#define PKCS8_NS_DB		3
-#define PKCS8_NEG_PRIVKEY	4
-        ASN1_INTEGER *version;
-        X509_ALGOR *pkeyalg;
-        ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
-        STACK_OF(X509_ATTRIBUTE) *attributes;
-        };
-
-#ifdef  __cplusplus
-}
-#endif
-
-#include <openssl/x509_vfy.h>
-#include <openssl/pkcs7.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define X509_EXT_PACK_UNKNOWN	1
-#define X509_EXT_PACK_STRING	2
-
-#define		X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
-/* #define	X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
-#define		X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
-#define		X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
-#define		X509_extract_key(x)	X509_get_pubkey(x) /*****/
-#define		X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
-#define		X509_REQ_get_subject_name(x) ((x)->req_info->subject)
-#define		X509_REQ_extract_key(a)	X509_REQ_get_pubkey(a)
-#define		X509_name_cmp(a,b)	X509_NAME_cmp((a),(b))
-#define		X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
-
-#define		X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
-#define 	X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
-#define 	X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
-#define		X509_CRL_get_issuer(x) ((x)->crl->issuer)
-#define		X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
-
-void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
-X509_CRL_METHOD *X509_CRL_METHOD_new(
-	int (*crl_init)(X509_CRL *crl),
-	int (*crl_free)(X509_CRL *crl),
-	int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
-				ASN1_INTEGER *ser, X509_NAME *issuer),
-	int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk));
-void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
-
-void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
-void *X509_CRL_get_meth_data(X509_CRL *crl);
-
-/* This one is only used so that a binary form can output, as in
- * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
-#define 	X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
-
-
-const char *X509_verify_cert_error_string(long n);
-
-#ifndef OPENSSL_NO_EVP
-int X509_verify(X509 *a, EVP_PKEY *r);
-
-int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
-int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
-int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
-
-NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len);
-char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
-EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
-int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
-
-int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
-
-int X509_signature_dump(BIO *bp,const ASN1_STRING *sig, int indent);
-int X509_signature_print(BIO *bp,X509_ALGOR *alg, ASN1_STRING *sig);
-
-int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
-int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
-int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
-int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
-int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
-
-int X509_pubkey_digest(const X509 *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_digest(const X509 *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type,
-		unsigned char *md, unsigned int *len);
-#endif
-
-X509 *d2i_X509_fp(FILE *fp, X509 **x509);
-int i2d_X509_fp(FILE *fp,X509 *x509);
-X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
-int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
-int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
-int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa);
-int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
-int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
-int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
-#endif
-#ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
-int   i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
-int   i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
-#endif
-X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
-int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
-						PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
-int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
-int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
-
-#ifndef OPENSSL_NO_BIO
-X509 *d2i_X509_bio(BIO *bp,X509 **x509);
-int i2d_X509_bio(BIO *bp,X509 *x509);
-X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
-int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
-X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
-int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
-#ifndef OPENSSL_NO_RSA
-RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
-int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
-RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa);
-int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa);
-#endif
-#ifndef OPENSSL_NO_DSA
-DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
-int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
-DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
-int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
-#endif
-#ifndef OPENSSL_NO_EC
-EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
-int   i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
-EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
-int   i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
-#endif
-X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
-int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
-						PKCS8_PRIV_KEY_INFO **p8inf);
-int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf);
-int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
-int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
-int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
-EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
-#endif
-
-X509 *X509_dup(X509 *x509);
-X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
-X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
-X509_CRL *X509_CRL_dup(X509_CRL *crl);
-X509_REQ *X509_REQ_dup(X509_REQ *req);
-X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
-int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
-void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
-						X509_ALGOR *algor);
-void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
-int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
-
-X509_NAME *X509_NAME_dup(X509_NAME *xn);
-X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
-
-int		X509_cmp_time(const ASN1_TIME *s, time_t *t);
-int		X509_cmp_current_time(const ASN1_TIME *s);
-ASN1_TIME *	X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
-ASN1_TIME *	X509_time_adj_ex(ASN1_TIME *s,
-				int offset_day, long offset_sec, time_t *t);
-ASN1_TIME *	X509_gmtime_adj(ASN1_TIME *s, long adj);
-
-const char *	X509_get_default_cert_area(void );
-const char *	X509_get_default_cert_dir(void );
-const char *	X509_get_default_cert_file(void );
-const char *	X509_get_default_cert_dir_env(void );
-const char *	X509_get_default_cert_file_env(void );
-const char *	X509_get_default_private_dir(void );
-
-X509_REQ *	X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
-X509 *		X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
-
-DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
-DECLARE_ASN1_FUNCTIONS(X509_VAL)
-
-DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-
-int		X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_PUBKEY_get(X509_PUBKEY *key);
-int		X509_get_pubkey_parameters(EVP_PKEY *pkey,
-					   STACK_OF(X509) *chain);
-int		i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp);
-EVP_PKEY *	d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp,
-			long length);
-#ifndef OPENSSL_NO_RSA
-int		i2d_RSA_PUBKEY(RSA *a,unsigned char **pp);
-RSA *		d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp,
-			long length);
-#endif
-#ifndef OPENSSL_NO_DSA
-int		i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
-DSA *		d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp,
-			long length);
-#endif
-#ifndef OPENSSL_NO_EC
-int		i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
-EC_KEY 		*d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp,
-			long length);
-#endif
-
-DECLARE_ASN1_FUNCTIONS(X509_SIG)
-DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_REQ)
-
-DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
-X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
-
-DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-
-DECLARE_ASN1_FUNCTIONS(X509_NAME)
-
-int		X509_NAME_set(X509_NAME **xn, X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(X509_CINF)
-
-DECLARE_ASN1_FUNCTIONS(X509)
-DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-
-DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
-
-int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int X509_set_ex_data(X509 *r, int idx, void *arg);
-void *X509_get_ex_data(X509 *r, int idx);
-int		i2d_X509_AUX(X509 *a,unsigned char **pp);
-X509 *		d2i_X509_AUX(X509 **a,const unsigned char **pp,long length);
-
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
-unsigned char * X509_alias_get0(X509 *x, int *len);
-unsigned char * X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
-int X509_TRUST_set(int *t, int trust);
-int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
-int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
-void X509_trust_clear(X509 *x);
-void X509_reject_clear(X509 *x);
-
-DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
-DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
-DECLARE_ASN1_FUNCTIONS(X509_CRL)
-
-int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
-int X509_CRL_get0_by_serial(X509_CRL *crl,
-		X509_REVOKED **ret, ASN1_INTEGER *serial);
-int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
-
-X509_PKEY *	X509_PKEY_new(void );
-void		X509_PKEY_free(X509_PKEY *a);
-
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
-DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
-
-#ifndef OPENSSL_NO_EVP
-X509_INFO *	X509_INFO_new(void);
-void		X509_INFO_free(X509_INFO *a);
-char *		X509_NAME_oneline(X509_NAME *a,char *buf,int size);
-
-int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data,
-	unsigned char *md,unsigned int *len);
-
-int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
-	ASN1_BIT_STRING *signature,void *data,EVP_PKEY *pkey);
-
-int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
-	ASN1_BIT_STRING *signature,
-	void *data, EVP_PKEY *pkey, const EVP_MD *type);
-int ASN1_item_sign_ctx(const ASN1_ITEM *it,
-		X509_ALGOR *algor1, X509_ALGOR *algor2,
-	     	ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx);
-#endif
-
-int 		X509_set_version(X509 *x,long version);
-int 		X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
-ASN1_INTEGER *	X509_get_serialNumber(X509 *x);
-int 		X509_set_issuer_name(X509 *x, X509_NAME *name);
-X509_NAME *	X509_get_issuer_name(X509 *a);
-int 		X509_set_subject_name(X509 *x, X509_NAME *name);
-X509_NAME *	X509_get_subject_name(X509 *a);
-int 		X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
-int 		X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
-int 		X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_get_pubkey(X509 *x);
-ASN1_BIT_STRING * X509_get0_pubkey_bitstr(const X509 *x);
-int		X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
-
-int		X509_REQ_set_version(X509_REQ *x,long version);
-int		X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
-int		X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
-EVP_PKEY *	X509_REQ_get_pubkey(X509_REQ *req);
-int		X509_REQ_extension_nid(int nid);
-int *		X509_REQ_get_extension_nids(void);
-void		X509_REQ_set_extension_nids(int *nids);
-STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
-int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-				int nid);
-int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
-int X509_REQ_get_attr_count(const X509_REQ *req);
-int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid,
-			  int lastpos);
-int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
-X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
-int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
-int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_NID(X509_REQ *req,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-int X509_REQ_add1_attr_by_txt(X509_REQ *req,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-
-int X509_CRL_set_version(X509_CRL *x, long version);
-int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
-int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
-int X509_CRL_sort(X509_CRL *crl);
-
-int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
-int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
-
-int		X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey);
-
-int		X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
-
-int		X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_issuer_and_serial_hash(X509 *a);
-
-int		X509_issuer_name_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_issuer_name_hash(X509 *a);
-
-int		X509_subject_name_cmp(const X509 *a, const X509 *b);
-unsigned long	X509_subject_name_hash(X509 *x);
-
-#ifndef OPENSSL_NO_MD5
-unsigned long	X509_issuer_name_hash_old(X509 *a);
-unsigned long	X509_subject_name_hash_old(X509 *x);
-#endif
-
-int		X509_cmp(const X509 *a, const X509 *b);
-int		X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
-unsigned long	X509_NAME_hash(X509_NAME *x);
-unsigned long	X509_NAME_hash_old(X509_NAME *x);
-
-int		X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
-int		X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
-int		X509_print_ex_fp(FILE *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
-int		X509_print_fp(FILE *bp,X509 *x);
-int		X509_CRL_print_fp(FILE *bp,X509_CRL *x);
-int		X509_REQ_print_fp(FILE *bp,X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
-
-#ifndef OPENSSL_NO_BIO
-int		X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
-int		X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag);
-int		X509_print(BIO *bp,X509 *x);
-int		X509_ocspid_print(BIO *bp,X509 *x);
-int		X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
-int		X509_CRL_print(BIO *bp,X509_CRL *x);
-int		X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag);
-int		X509_REQ_print(BIO *bp,X509_REQ *req);
-#endif
-
-int 		X509_NAME_entry_count(X509_NAME *name);
-int 		X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
-			char *buf,int len);
-int		X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
-			char *buf,int len);
-
-/* NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
- * lastpos, search after that position on. */
-int 		X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
-int 		X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
-			int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int 		X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
-			int loc, int set);
-int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-			unsigned char *bytes, int len, int loc, int set);
-int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-			unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-		const char *field, int type, const unsigned char *bytes, int len);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
-			int type,unsigned char *bytes, int len);
-int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
-			const unsigned char *bytes, int len, int loc, int set);
-X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
-			ASN1_OBJECT *obj, int type,const unsigned char *bytes,
-			int len);
-int 		X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
-			ASN1_OBJECT *obj);
-int 		X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-			const unsigned char *bytes, int len);
-ASN1_OBJECT *	X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *	X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
-int		X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
-int		X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
-				      int nid, int lastpos);
-int		X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
-				      ASN1_OBJECT *obj,int lastpos);
-int		X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
-					   int crit, int lastpos);
-X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
-X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
-STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
-					 X509_EXTENSION *ex, int loc);
-
-int		X509_get_ext_count(X509 *x);
-int		X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
-int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
-X509_EXTENSION *X509_get_ext(X509 *x, int loc);
-X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
-int		X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
-void	*	X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-int		X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-int		X509_CRL_get_ext_count(X509_CRL *x);
-int		X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
-int		X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
-X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
-X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
-int		X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
-void	*	X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-int		X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-int		X509_REVOKED_get_ext_count(X509_REVOKED *x);
-int		X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
-int		X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
-int		X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
-X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
-X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
-int		X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
-void	*	X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-int		X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-							unsigned long flags);
-
-X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
-			int nid, int crit, ASN1_OCTET_STRING *data);
-X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
-			ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
-int		X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
-int		X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
-int		X509_EXTENSION_set_data(X509_EXTENSION *ex,
-			ASN1_OCTET_STRING *data);
-ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
-int		X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-			  int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
-				ASN1_OBJECT *obj, int lastpos, int type);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
-	     int atrtype, const void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
-	     const ASN1_OBJECT *obj, int atrtype, const void *data, int len);
-X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
-		const char *atrname, int type, const unsigned char *bytes, int len);
-int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
-int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len);
-void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
-					int atrtype, void *data);
-int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
-ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
-ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
-
-int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
-int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
-			  int lastpos);
-int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
-			  int lastpos);
-X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
-X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
-int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
-int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-
-int		X509_verify_cert(X509_STORE_CTX *ctx);
-
-/* lookup a cert from a X509 STACK */
-X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
-				     ASN1_INTEGER *serial);
-X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
-
-DECLARE_ASN1_FUNCTIONS(PBEPARAM)
-DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
-DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
-
-int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
-				const unsigned char *salt, int saltlen);
-
-X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
-				const unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
-					 unsigned char *salt, int saltlen);
-X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
-				 unsigned char *salt, int saltlen,
-				 unsigned char *aiv, int prf_nid);
-
-X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
-				int prf_nid, int keylen);
-
-/* PKCS#8 utilities */
-
-DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
-
-EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
-PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
-PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
-
-int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
-			int version, int ptype, void *pval,
-				unsigned char *penc, int penclen);
-int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
-		const unsigned char **pk, int *ppklen,
-		X509_ALGOR **pa,
-		PKCS8_PRIV_KEY_INFO *p8);
-
-int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
-					int ptype, void *pval,
-					unsigned char *penc, int penclen);
-int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
-		const unsigned char **pk, int *ppklen,
-		X509_ALGOR **pa,
-		X509_PUBKEY *pub);
-
-int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST * X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-					char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(X509_TRUST *xp);
-char *X509_TRUST_get0_name(X509_TRUST *xp);
-int X509_TRUST_get_trust(X509_TRUST *xp);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509_strings(void);
-
-/* Error codes for the X509 functions. */
-
-/* Function codes. */
-#define X509_F_ADD_CERT_DIR				 100
-#define X509_F_BY_FILE_CTRL				 101
-#define X509_F_CHECK_POLICY				 145
-#define X509_F_DIR_CTRL					 102
-#define X509_F_GET_CERT_BY_SUBJECT			 103
-#define X509_F_NETSCAPE_SPKI_B64_DECODE			 129
-#define X509_F_NETSCAPE_SPKI_B64_ENCODE			 130
-#define X509_F_X509AT_ADD1_ATTR				 135
-#define X509_F_X509V3_ADD_EXT				 104
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID		 136
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ		 137
-#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT		 140
-#define X509_F_X509_ATTRIBUTE_GET0_DATA			 139
-#define X509_F_X509_ATTRIBUTE_SET1_DATA			 138
-#define X509_F_X509_CHECK_PRIVATE_KEY			 128
-#define X509_F_X509_CRL_PRINT_FP			 147
-#define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
-#define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
-#define X509_F_X509_GET_PUBKEY_PARAMETERS		 110
-#define X509_F_X509_LOAD_CERT_CRL_FILE			 132
-#define X509_F_X509_LOAD_CERT_FILE			 111
-#define X509_F_X509_LOAD_CRL_FILE			 112
-#define X509_F_X509_NAME_ADD_ENTRY			 113
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID		 114
-#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT		 131
-#define X509_F_X509_NAME_ENTRY_SET_OBJECT		 115
-#define X509_F_X509_NAME_ONELINE			 116
-#define X509_F_X509_NAME_PRINT				 117
-#define X509_F_X509_PRINT_EX_FP				 118
-#define X509_F_X509_PUBKEY_GET				 119
-#define X509_F_X509_PUBKEY_SET				 120
-#define X509_F_X509_REQ_CHECK_PRIVATE_KEY		 144
-#define X509_F_X509_REQ_PRINT_EX			 121
-#define X509_F_X509_REQ_PRINT_FP			 122
-#define X509_F_X509_REQ_TO_X509				 123
-#define X509_F_X509_STORE_ADD_CERT			 124
-#define X509_F_X509_STORE_ADD_CRL			 125
-#define X509_F_X509_STORE_CTX_GET1_ISSUER		 146
-#define X509_F_X509_STORE_CTX_INIT			 143
-#define X509_F_X509_STORE_CTX_NEW			 142
-#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT		 134
-#define X509_F_X509_TO_X509_REQ				 126
-#define X509_F_X509_TRUST_ADD				 133
-#define X509_F_X509_TRUST_SET				 141
-#define X509_F_X509_VERIFY_CERT				 127
-
-/* Reason codes. */
-#define X509_R_BAD_X509_FILETYPE			 100
-#define X509_R_BASE64_DECODE_ERROR			 118
-#define X509_R_CANT_CHECK_DH_KEY			 114
-#define X509_R_CERT_ALREADY_IN_HASH_TABLE		 101
-#define X509_R_ERR_ASN1_LIB				 102
-#define X509_R_INVALID_DIRECTORY			 113
-#define X509_R_INVALID_FIELD_NAME			 119
-#define X509_R_INVALID_TRUST				 123
-#define X509_R_KEY_TYPE_MISMATCH			 115
-#define X509_R_KEY_VALUES_MISMATCH			 116
-#define X509_R_LOADING_CERT_DIR				 103
-#define X509_R_LOADING_DEFAULTS				 104
-#define X509_R_METHOD_NOT_SUPPORTED			 124
-#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY		 105
-#define X509_R_PUBLIC_KEY_DECODE_ERROR			 125
-#define X509_R_PUBLIC_KEY_ENCODE_ERROR			 126
-#define X509_R_SHOULD_RETRY				 106
-#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN	 107
-#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
-#define X509_R_UNKNOWN_KEY_TYPE				 117
-#define X509_R_UNKNOWN_NID				 109
-#define X509_R_UNKNOWN_PURPOSE_ID			 121
-#define X509_R_UNKNOWN_TRUST_ID				 120
-#define X509_R_UNSUPPORTED_ALGORITHM			 111
-#define X509_R_WRONG_LOOKUP_TYPE			 112
-#define X509_R_WRONG_TYPE				 122
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/x509/x509_att.c b/lib/libssl/src/crypto/x509/x509_att.c
deleted file mode 100644
index ab11e79b0af..00000000000
--- a/lib/libssl/src/crypto/x509/x509_att.c
+++ /dev/null
@@ -1,403 +0,0 @@
-/* $OpenBSD: x509_att.c,v 1.14 2016/03/21 04:05:33 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int
-X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-{
-	return sk_X509_ATTRIBUTE_num(x);
-}
-
-int
-X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, int lastpos)
-{
-	ASN1_OBJECT *obj;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL)
-		return (-2);
-	return (X509at_get_attr_by_OBJ(x, obj, lastpos));
-}
-
-int
-X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj,
-    int lastpos)
-{
-	int n;
-	X509_ATTRIBUTE *ex;
-
-	if (sk == NULL)
-		return (-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos = 0;
-	n = sk_X509_ATTRIBUTE_num(sk);
-	for (; lastpos < n; lastpos++) {
-		ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
-		if (OBJ_cmp(ex->object, obj) == 0)
-			return (lastpos);
-	}
-	return (-1);
-}
-
-X509_ATTRIBUTE *
-X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-		return NULL;
-	else
-		return sk_X509_ATTRIBUTE_value(x, loc);
-}
-
-X509_ATTRIBUTE *
-X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	X509_ATTRIBUTE *ret;
-
-	if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
-		return (NULL);
-	ret = sk_X509_ATTRIBUTE_delete(x, loc);
-	return (ret);
-}
-
-STACK_OF(X509_ATTRIBUTE) *
-X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr)
-{
-	X509_ATTRIBUTE *new_attr = NULL;
-	STACK_OF(X509_ATTRIBUTE) *sk = NULL;
-
-	if (x == NULL) {
-		X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
-		return (NULL);
-	}
-
-	if (*x == NULL) {
-		if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
-			goto err;
-	} else
-		sk = *x;
-
-	if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
-		goto err2;
-	if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
-		goto err;
-	if (*x == NULL)
-		*x = sk;
-	return (sk);
-
-err:
-	X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
-err2:
-	if (new_attr != NULL)
-		X509_ATTRIBUTE_free(new_attr);
-	if (sk != NULL && sk != *x)
-		sk_X509_ATTRIBUTE_free(sk);
-	return (NULL);
-}
-
-STACK_OF(X509_ATTRIBUTE) *
-X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj,
-    int type, const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-
-	attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
-	if (!attr)
-		return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *
-X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type,
-    const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-
-	attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
-	if (!attr)
-		return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-STACK_OF(X509_ATTRIBUTE) *
-X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname,
-    int type, const unsigned char *bytes, int len)
-{
-	X509_ATTRIBUTE *attr;
-	STACK_OF(X509_ATTRIBUTE) *ret;
-
-	attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
-	if (!attr)
-		return 0;
-	ret = X509at_add1_attr(x, attr);
-	X509_ATTRIBUTE_free(attr);
-	return ret;
-}
-
-void *
-X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
-    int lastpos, int type)
-{
-	int i;
-	X509_ATTRIBUTE *at;
-
-	i = X509at_get_attr_by_OBJ(x, obj, lastpos);
-	if (i == -1)
-		return NULL;
-	if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
-		return NULL;
-	at = X509at_get_attr(x, i);
-	if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
-		return NULL;
-	return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype,
-    const void *data, int len)
-{
-	ASN1_OBJECT *obj;
-	X509_ATTRIBUTE *ret;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL) {
-		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,
-		    X509_R_UNKNOWN_NID);
-		return (NULL);
-	}
-	ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
-	if (ret == NULL)
-		ASN1_OBJECT_free(obj);
-	return (ret);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj,
-    int atrtype, const void *data, int len)
-{
-	X509_ATTRIBUTE *ret;
-
-	if ((attr == NULL) || (*attr == NULL)) {
-		if ((ret = X509_ATTRIBUTE_new()) == NULL) {
-			X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,
-			    ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-	} else
-		ret= *attr;
-
-	if (!X509_ATTRIBUTE_set1_object(ret, obj))
-		goto err;
-	if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
-		goto err;
-
-	if ((attr != NULL) && (*attr == NULL))
-		*attr = ret;
-	return (ret);
-
-err:
-	if ((attr == NULL) || (ret != *attr))
-		X509_ATTRIBUTE_free(ret);
-	return (NULL);
-}
-
-X509_ATTRIBUTE *
-X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname,
-    int type, const unsigned char *bytes, int len)
-{
-	ASN1_OBJECT *obj;
-	X509_ATTRIBUTE *nattr;
-
-	obj = OBJ_txt2obj(atrname, 0);
-	if (obj == NULL) {
-		X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
-		    X509_R_INVALID_FIELD_NAME);
-		ERR_asprintf_error_data("name=%s", atrname);
-		return (NULL);
-	}
-	nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
-	ASN1_OBJECT_free(obj);
-	return nattr;
-}
-
-int
-X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
-{
-	if ((attr == NULL) || (obj == NULL))
-		return (0);
-	ASN1_OBJECT_free(attr->object);
-	attr->object = OBJ_dup(obj);
-	return attr->object != NULL;
-}
-
-int
-X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
-    int len)
-{
-	ASN1_TYPE *ttmp = NULL;
-	ASN1_STRING *stmp = NULL;
-	int atype = 0;
-
-	if (!attr)
-		return 0;
-	if (attrtype & MBSTRING_FLAG) {
-		stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
-		    OBJ_obj2nid(attr->object));
-		if (!stmp) {
-			X509err(X509_F_X509_ATTRIBUTE_SET1_DATA,
-			    ERR_R_ASN1_LIB);
-			return 0;
-		}
-		atype = stmp->type;
-	} else if (len != -1){
-		if (!(stmp = ASN1_STRING_type_new(attrtype)))
-			goto err;
-		if (!ASN1_STRING_set(stmp, data, len))
-			goto err;
-		atype = attrtype;
-	}
-	if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
-		goto err;
-	attr->single = 0;
-	/* This is a bit naughty because the attribute should really have
-	 * at least one value but some types use and zero length SET and
-	 * require this.
-	 */
-	if (attrtype == 0) {
-		ASN1_STRING_free(stmp);
-		return 1;
-	}
-
-	if (!(ttmp = ASN1_TYPE_new()))
-		goto err;
-	if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
-		if (!ASN1_TYPE_set1(ttmp, attrtype, data))
-			goto err;
-	} else
-		ASN1_TYPE_set(ttmp, atype, stmp);
-	if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))
-		goto err;
-	return 1;
-
-err:
-	ASN1_TYPE_free(ttmp);
-	ASN1_STRING_free(stmp);
-	X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int
-X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
-{
-	if (!attr->single)
-		return sk_ASN1_TYPE_num(attr->value.set);
-	if (attr->value.single)
-		return 1;
-	return 0;
-}
-
-ASN1_OBJECT *
-X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
-{
-	if (attr == NULL)
-		return (NULL);
-	return (attr->object);
-}
-
-void *
-X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data)
-{
-	ASN1_TYPE *ttmp;
-
-	ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
-	if (!ttmp)
-		return NULL;
-	if (atrtype != ASN1_TYPE_get(ttmp)){
-		X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
-		return NULL;
-	}
-	return ttmp->value.ptr;
-}
-
-ASN1_TYPE *
-X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
-{
-	if (attr == NULL)
-		return (NULL);
-	if (idx >= X509_ATTRIBUTE_count(attr))
-		return NULL;
-	if (!attr->single)
-		return sk_ASN1_TYPE_value(attr->value.set, idx);
-	else
-		return attr->value.single;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_cmp.c b/lib/libssl/src/crypto/x509/x509_cmp.c
deleted file mode 100644
index 407e1e07adb..00000000000
--- a/lib/libssl/src/crypto/x509/x509_cmp.c
+++ /dev/null
@@ -1,369 +0,0 @@
-/* $OpenBSD: x509_cmp.c,v 1.26 2015/07/29 14:58:34 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int
-X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
-{
-	int i;
-	X509_CINF *ai, *bi;
-
-	ai = a->cert_info;
-	bi = b->cert_info;
-	i = ASN1_STRING_cmp(ai->serialNumber, bi->serialNumber);
-	if (i)
-		return (i);
-	return (X509_NAME_cmp(ai->issuer, bi->issuer));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long
-X509_issuer_and_serial_hash(X509 *a)
-{
-	unsigned long ret = 0;
-	EVP_MD_CTX ctx;
-	unsigned char md[16];
-	char *f;
-
-	EVP_MD_CTX_init(&ctx);
-	f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
-	if (f == NULL)
-		goto err;
-	if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
-		goto err;
-	if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
-		goto err;
-	free(f);
-	f = NULL;
-	if (!EVP_DigestUpdate(&ctx,
-	    (unsigned char *)a->cert_info->serialNumber->data,
-	    (unsigned long)a->cert_info->serialNumber->length))
-		goto err;
-	if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
-		goto err;
-	ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-	    ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) &
-	    0xffffffffL;
-
-err:
-	EVP_MD_CTX_cleanup(&ctx);
-	free(f);
-	return (ret);
-}
-#endif
-
-int
-X509_issuer_name_cmp(const X509 *a, const X509 *b)
-{
-	return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));
-}
-
-int
-X509_subject_name_cmp(const X509 *a, const X509 *b)
-{
-	return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject));
-}
-
-int
-X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
-{
-	return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
-}
-
-#ifndef OPENSSL_NO_SHA
-int
-X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
-{
-	return memcmp(a->sha1_hash, b->sha1_hash, 20);
-}
-#endif
-
-X509_NAME *
-X509_get_issuer_name(X509 *a)
-{
-	return (a->cert_info->issuer);
-}
-
-unsigned long
-X509_issuer_name_hash(X509 *x)
-{
-	return (X509_NAME_hash(x->cert_info->issuer));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long
-X509_issuer_name_hash_old(X509 *x)
-{
-	return (X509_NAME_hash_old(x->cert_info->issuer));
-}
-#endif
-
-X509_NAME *
-X509_get_subject_name(X509 *a)
-{
-	return (a->cert_info->subject);
-}
-
-ASN1_INTEGER *
-X509_get_serialNumber(X509 *a)
-{
-	return (a->cert_info->serialNumber);
-}
-
-unsigned long
-X509_subject_name_hash(X509 *x)
-{
-	return (X509_NAME_hash(x->cert_info->subject));
-}
-
-#ifndef OPENSSL_NO_MD5
-unsigned long
-X509_subject_name_hash_old(X509 *x)
-{
-	return (X509_NAME_hash_old(x->cert_info->subject));
-}
-#endif
-
-#ifndef OPENSSL_NO_SHA
-/* Compare two certificates: they must be identical for
- * this to work. NB: Although "cmp" operations are generally
- * prototyped to take "const" arguments (eg. for use in
- * STACKs), the way X509 handling is - these operations may
- * involve ensuring the hashes are up-to-date and ensuring
- * certain cert information is cached. So this is the point
- * where the "depth-first" constification tree has to halt
- * with an evil cast.
- */
-int
-X509_cmp(const X509 *a, const X509 *b)
-{
-	/* ensure hash is valid */
-	X509_check_purpose((X509 *)a, -1, 0);
-	X509_check_purpose((X509 *)b, -1, 0);
-
-	return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
-}
-#endif
-
-int
-X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
-{
-	int ret;
-
-	/* Ensure canonical encoding is present and up to date */
-	if (!a->canon_enc || a->modified) {
-		ret = i2d_X509_NAME((X509_NAME *)a, NULL);
-		if (ret < 0)
-			return -2;
-	}
-	if (!b->canon_enc || b->modified) {
-		ret = i2d_X509_NAME((X509_NAME *)b, NULL);
-		if (ret < 0)
-			return -2;
-	}
-	ret = a->canon_enclen - b->canon_enclen;
-	if (ret)
-		return ret;
-	return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
-}
-
-unsigned long
-X509_NAME_hash(X509_NAME *x)
-{
-	unsigned long ret = 0;
-	unsigned char md[SHA_DIGEST_LENGTH];
-
-	/* Make sure X509_NAME structure contains valid cached encoding */
-	i2d_X509_NAME(x, NULL);
-	if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
-	    NULL))
-		return 0;
-
-	ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-	    ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)) &
-	    0xffffffffL;
-	return (ret);
-}
-
-
-#ifndef OPENSSL_NO_MD5
-/* I now DER encode the name and hash it.  Since I cache the DER encoding,
- * this is reasonably efficient. */
-
-unsigned long
-X509_NAME_hash_old(X509_NAME *x)
-{
-	EVP_MD_CTX md_ctx;
-	unsigned long ret = 0;
-	unsigned char md[16];
-
-	/* Make sure X509_NAME structure contains valid cached encoding */
-	i2d_X509_NAME(x, NULL);
-	EVP_MD_CTX_init(&md_ctx);
-	if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL) &&
-	    EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length) &&
-	    EVP_DigestFinal_ex(&md_ctx, md, NULL))
-		ret = (((unsigned long)md[0]) |
-		    ((unsigned long)md[1] << 8L) |
-		    ((unsigned long)md[2] << 16L) |
-		    ((unsigned long)md[3] << 24L)) &
-		    0xffffffffL;
-	EVP_MD_CTX_cleanup(&md_ctx);
-
-	return (ret);
-}
-#endif
-
-/* Search a stack of X509 for a match */
-X509 *
-X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
-    ASN1_INTEGER *serial)
-{
-	int i;
-	X509_CINF cinf;
-	X509 x, *x509 = NULL;
-
-	if (!sk)
-		return NULL;
-
-	x.cert_info = &cinf;
-	cinf.serialNumber = serial;
-	cinf.issuer = name;
-
-	for (i = 0; i < sk_X509_num(sk); i++) {
-		x509 = sk_X509_value(sk, i);
-		if (X509_issuer_and_serial_cmp(x509, &x) == 0)
-			return (x509);
-	}
-	return (NULL);
-}
-
-X509 *
-X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
-{
-	X509 *x509;
-	int i;
-
-	for (i = 0; i < sk_X509_num(sk); i++) {
-		x509 = sk_X509_value(sk, i);
-		if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0)
-			return (x509);
-	}
-	return (NULL);
-}
-
-EVP_PKEY *
-X509_get_pubkey(X509 *x)
-{
-	if ((x == NULL) || (x->cert_info == NULL))
-		return (NULL);
-	return (X509_PUBKEY_get(x->cert_info->key));
-}
-
-ASN1_BIT_STRING *
-X509_get0_pubkey_bitstr(const X509 *x)
-{
-	if (!x)
-		return NULL;
-	return x->cert_info->key->public_key;
-}
-
-int
-X509_check_private_key(X509 *x, EVP_PKEY *k)
-{
-	EVP_PKEY *xk;
-	int ret;
-
-	xk = X509_get_pubkey(x);
-
-	if (xk)
-		ret = EVP_PKEY_cmp(xk, k);
-	else
-		ret = -2;
-
-	switch (ret) {
-	case 1:
-		break;
-	case 0:
-		X509err(X509_F_X509_CHECK_PRIVATE_KEY,
-		    X509_R_KEY_VALUES_MISMATCH);
-		break;
-	case -1:
-		X509err(X509_F_X509_CHECK_PRIVATE_KEY,
-		    X509_R_KEY_TYPE_MISMATCH);
-		break;
-	case -2:
-		X509err(X509_F_X509_CHECK_PRIVATE_KEY,
-		    X509_R_UNKNOWN_KEY_TYPE);
-	}
-	EVP_PKEY_free(xk);
-	if (ret > 0)
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_d2.c b/lib/libssl/src/crypto/x509/x509_d2.c
deleted file mode 100644
index 5b0f80adda9..00000000000
--- a/lib/libssl/src/crypto/x509/x509_d2.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* $OpenBSD: x509_d2.c,v 1.10 2015/01/22 09:06:39 reyk Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <sys/uio.h>
-
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-int
-X509_STORE_set_default_paths(X509_STORE *ctx)
-{
-	X509_LOOKUP *lookup;
-
-	lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
-	if (lookup == NULL)
-		return (0);
-	X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
-
-	lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
-	if (lookup == NULL)
-		return (0);
-	X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
-
-	/* clear any errors */
-	ERR_clear_error();
-
-	return (1);
-}
-
-int
-X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path)
-{
-	X509_LOOKUP *lookup;
-
-	if (file != NULL) {
-		lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
-		if (lookup == NULL)
-			return (0);
-		if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1)
-			return (0);
-	}
-	if (path != NULL) {
-		lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
-		if (lookup == NULL)
-			return (0);
-		if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1)
-			return (0);
-	}
-	if ((path == NULL) && (file == NULL))
-		return (0);
-	return (1);
-}
-
-int
-X509_STORE_load_mem(X509_STORE *ctx, void *buf, int len)
-{
-	X509_LOOKUP		*lookup;
-	struct iovec		 iov;
-
-	lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_mem());
-	if (lookup == NULL)
-		return (0);
-
-	iov.iov_base = buf;
-	iov.iov_len = len;
-
-	if (X509_LOOKUP_add_mem(lookup, &iov, X509_FILETYPE_PEM) != 1)
-		return (0);
-
-	return (1);
-}
diff --git a/lib/libssl/src/crypto/x509/x509_def.c b/lib/libssl/src/crypto/x509/x509_def.c
deleted file mode 100644
index 5e570eb9a24..00000000000
--- a/lib/libssl/src/crypto/x509/x509_def.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/* $OpenBSD: x509_def.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-
-const char *
-X509_get_default_private_dir(void)
-{
-	return (X509_PRIVATE_DIR);
-}
-
-const char *
-X509_get_default_cert_area(void)
-{
-	return (X509_CERT_AREA);
-}
-
-const char *
-X509_get_default_cert_dir(void)
-{
-	return (X509_CERT_DIR);
-}
-
-const char *
-X509_get_default_cert_file(void)
-{
-	return (X509_CERT_FILE);
-}
-
-const char *
-X509_get_default_cert_dir_env(void)
-{
-	return (X509_CERT_DIR_EVP);
-}
-
-const char *
-X509_get_default_cert_file_env(void)
-{
-	return (X509_CERT_FILE_EVP);
-}
diff --git a/lib/libssl/src/crypto/x509/x509_err.c b/lib/libssl/src/crypto/x509/x509_err.c
deleted file mode 100644
index 6a15ac9fd09..00000000000
--- a/lib/libssl/src/crypto/x509/x509_err.c
+++ /dev/null
@@ -1,164 +0,0 @@
-/* $OpenBSD: x509_err.c,v 1.12 2014/07/10 22:45:58 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
-
-static ERR_STRING_DATA X509_str_functs[] = {
-	{ERR_FUNC(X509_F_ADD_CERT_DIR),	"ADD_CERT_DIR"},
-	{ERR_FUNC(X509_F_BY_FILE_CTRL),	"BY_FILE_CTRL"},
-	{ERR_FUNC(X509_F_CHECK_POLICY),	"CHECK_POLICY"},
-	{ERR_FUNC(X509_F_DIR_CTRL),	"DIR_CTRL"},
-	{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT),	"GET_CERT_BY_SUBJECT"},
-	{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE),	"NETSCAPE_SPKI_b64_decode"},
-	{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE),	"NETSCAPE_SPKI_b64_encode"},
-	{ERR_FUNC(X509_F_X509AT_ADD1_ATTR),	"X509at_add1_attr"},
-	{ERR_FUNC(X509_F_X509V3_ADD_EXT),	"X509v3_add_ext"},
-	{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),	"X509_ATTRIBUTE_create_by_NID"},
-	{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),	"X509_ATTRIBUTE_create_by_OBJ"},
-	{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),	"X509_ATTRIBUTE_create_by_txt"},
-	{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA),	"X509_ATTRIBUTE_get0_data"},
-	{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA),	"X509_ATTRIBUTE_set1_data"},
-	{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY),	"X509_check_private_key"},
-	{ERR_FUNC(X509_F_X509_CRL_PRINT_FP),	"X509_CRL_print_fp"},
-	{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),	"X509_EXTENSION_create_by_NID"},
-	{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),	"X509_EXTENSION_create_by_OBJ"},
-	{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),	"X509_get_pubkey_parameters"},
-	{ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE),	"X509_load_cert_crl_file"},
-	{ERR_FUNC(X509_F_X509_LOAD_CERT_FILE),	"X509_load_cert_file"},
-	{ERR_FUNC(X509_F_X509_LOAD_CRL_FILE),	"X509_load_crl_file"},
-	{ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY),	"X509_NAME_add_entry"},
-	{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),	"X509_NAME_ENTRY_create_by_NID"},
-	{ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),	"X509_NAME_ENTRY_create_by_txt"},
-	{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),	"X509_NAME_ENTRY_set_object"},
-	{ERR_FUNC(X509_F_X509_NAME_ONELINE),	"X509_NAME_oneline"},
-	{ERR_FUNC(X509_F_X509_NAME_PRINT),	"X509_NAME_print"},
-	{ERR_FUNC(X509_F_X509_PRINT_EX_FP),	"X509_print_ex_fp"},
-	{ERR_FUNC(X509_F_X509_PUBKEY_GET),	"X509_PUBKEY_get"},
-	{ERR_FUNC(X509_F_X509_PUBKEY_SET),	"X509_PUBKEY_set"},
-	{ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),	"X509_REQ_check_private_key"},
-	{ERR_FUNC(X509_F_X509_REQ_PRINT_EX),	"X509_REQ_print_ex"},
-	{ERR_FUNC(X509_F_X509_REQ_PRINT_FP),	"X509_REQ_print_fp"},
-	{ERR_FUNC(X509_F_X509_REQ_TO_X509),	"X509_REQ_to_X509"},
-	{ERR_FUNC(X509_F_X509_STORE_ADD_CERT),	"X509_STORE_add_cert"},
-	{ERR_FUNC(X509_F_X509_STORE_ADD_CRL),	"X509_STORE_add_crl"},
-	{ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),	"X509_STORE_CTX_get1_issuer"},
-	{ERR_FUNC(X509_F_X509_STORE_CTX_INIT),	"X509_STORE_CTX_init"},
-	{ERR_FUNC(X509_F_X509_STORE_CTX_NEW),	"X509_STORE_CTX_new"},
-	{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),	"X509_STORE_CTX_purpose_inherit"},
-	{ERR_FUNC(X509_F_X509_TO_X509_REQ),	"X509_to_X509_REQ"},
-	{ERR_FUNC(X509_F_X509_TRUST_ADD),	"X509_TRUST_add"},
-	{ERR_FUNC(X509_F_X509_TRUST_SET),	"X509_TRUST_set"},
-	{ERR_FUNC(X509_F_X509_VERIFY_CERT),	"X509_verify_cert"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA X509_str_reasons[] = {
-	{ERR_REASON(X509_R_BAD_X509_FILETYPE)    , "bad x509 filetype"},
-	{ERR_REASON(X509_R_BASE64_DECODE_ERROR)  , "base64 decode error"},
-	{ERR_REASON(X509_R_CANT_CHECK_DH_KEY)    , "cant check dh key"},
-	{ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE), "cert already in hash table"},
-	{ERR_REASON(X509_R_ERR_ASN1_LIB)         , "err asn1 lib"},
-	{ERR_REASON(X509_R_INVALID_DIRECTORY)    , "invalid directory"},
-	{ERR_REASON(X509_R_INVALID_FIELD_NAME)   , "invalid field name"},
-	{ERR_REASON(X509_R_INVALID_TRUST)        , "invalid trust"},
-	{ERR_REASON(X509_R_KEY_TYPE_MISMATCH)    , "key type mismatch"},
-	{ERR_REASON(X509_R_KEY_VALUES_MISMATCH)  , "key values mismatch"},
-	{ERR_REASON(X509_R_LOADING_CERT_DIR)     , "loading cert dir"},
-	{ERR_REASON(X509_R_LOADING_DEFAULTS)     , "loading defaults"},
-	{ERR_REASON(X509_R_METHOD_NOT_SUPPORTED) , "method not supported"},
-	{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY), "no cert set for us to verify"},
-	{ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
-	{ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
-	{ERR_REASON(X509_R_SHOULD_RETRY)         , "should retry"},
-	{ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN), "unable to find parameters in chain"},
-	{ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY), "unable to get certs public key"},
-	{ERR_REASON(X509_R_UNKNOWN_KEY_TYPE)     , "unknown key type"},
-	{ERR_REASON(X509_R_UNKNOWN_NID)          , "unknown nid"},
-	{ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID)   , "unknown purpose id"},
-	{ERR_REASON(X509_R_UNKNOWN_TRUST_ID)     , "unknown trust id"},
-	{ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
-	{ERR_REASON(X509_R_WRONG_LOOKUP_TYPE)    , "wrong lookup type"},
-	{ERR_REASON(X509_R_WRONG_TYPE)           , "wrong type"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_X509_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, X509_str_functs);
-		ERR_load_strings(0, X509_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/x509/x509_ext.c b/lib/libssl/src/crypto/x509/x509_ext.c
deleted file mode 100644
index e90befaba11..00000000000
--- a/lib/libssl/src/crypto/x509/x509_ext.c
+++ /dev/null
@@ -1,232 +0,0 @@
-/* $OpenBSD: x509_ext.c,v 1.9 2015/02/10 08:33:10 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int
-X509_CRL_get_ext_count(X509_CRL *x)
-{
-	return (X509v3_get_ext_count(x->crl->extensions));
-}
-
-int
-X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
-{
-	return (X509v3_get_ext_by_NID(x->crl->extensions, nid, lastpos));
-}
-
-int
-X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return (X509v3_get_ext_by_OBJ(x->crl->extensions, obj, lastpos));
-}
-
-int
-X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
-{
-	return (X509v3_get_ext_by_critical(x->crl->extensions, crit, lastpos));
-}
-
-X509_EXTENSION *
-X509_CRL_get_ext(X509_CRL *x, int loc)
-{
-	return (X509v3_get_ext(x->crl->extensions, loc));
-}
-
-X509_EXTENSION *
-X509_CRL_delete_ext(X509_CRL *x, int loc)
-{
-	return (X509v3_delete_ext(x->crl->extensions, loc));
-}
-
-void *
-X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
-}
-
-int
-X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->crl->extensions, nid, value, crit, flags);
-}
-
-int
-X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
-{
-	return (X509v3_add_ext(&(x->crl->extensions), ex, loc) != NULL);
-}
-
-int
-X509_get_ext_count(X509 *x)
-{
-	return (X509v3_get_ext_count(x->cert_info->extensions));
-}
-
-int
-X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
-{
-	return (X509v3_get_ext_by_NID(x->cert_info->extensions, nid, lastpos));
-}
-
-int
-X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return (X509v3_get_ext_by_OBJ(x->cert_info->extensions, obj, lastpos));
-}
-
-int
-X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
-{
-	return (X509v3_get_ext_by_critical(x->cert_info->extensions, crit,
-	    lastpos));
-}
-
-X509_EXTENSION *
-X509_get_ext(X509 *x, int loc)
-{
-	return (X509v3_get_ext(x->cert_info->extensions, loc));
-}
-
-X509_EXTENSION *
-X509_delete_ext(X509 *x, int loc)
-{
-	return (X509v3_delete_ext(x->cert_info->extensions, loc));
-}
-
-int
-X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
-{
-	return (X509v3_add_ext(&(x->cert_info->extensions), ex, loc) != NULL);
-}
-
-void *
-X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
-}
-
-int
-X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit, unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->cert_info->extensions, nid, value, crit,
-	    flags);
-}
-
-int
-X509_REVOKED_get_ext_count(X509_REVOKED *x)
-{
-	return (X509v3_get_ext_count(x->extensions));
-}
-
-int
-X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
-{
-	return (X509v3_get_ext_by_NID(x->extensions, nid, lastpos));
-}
-
-int
-X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj, int lastpos)
-{
-	return (X509v3_get_ext_by_OBJ(x->extensions, obj, lastpos));
-}
-
-int
-X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
-{
-	return (X509v3_get_ext_by_critical(x->extensions, crit, lastpos));
-}
-
-X509_EXTENSION *
-X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
-{
-	return (X509v3_get_ext(x->extensions, loc));
-}
-
-X509_EXTENSION *
-X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
-{
-	return (X509v3_delete_ext(x->extensions, loc));
-}
-
-int
-X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
-{
-	return (X509v3_add_ext(&(x->extensions), ex, loc) != NULL);
-}
-
-void *
-X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
-{
-	return X509V3_get_d2i(x->extensions, nid, crit, idx);
-}
-
-int
-X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
-    unsigned long flags)
-{
-	return X509V3_add1_i2d(&x->extensions, nid, value, crit, flags);
-}
diff --git a/lib/libssl/src/crypto/x509/x509_lcl.h b/lib/libssl/src/crypto/x509/x509_lcl.h
deleted file mode 100644
index 9ffdd01e61c..00000000000
--- a/lib/libssl/src/crypto/x509/x509_lcl.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/* x509_lcl.h */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2013.
- */
-/* ====================================================================
- * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-int x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet);
-int asn1_time_parse(const char *, size_t, struct tm *, int);
-int asn1_tm_cmp(struct tm *tm1, struct tm *tm2);
diff --git a/lib/libssl/src/crypto/x509/x509_lu.c b/lib/libssl/src/crypto/x509/x509_lu.c
deleted file mode 100644
index fdb10023bec..00000000000
--- a/lib/libssl/src/crypto/x509/x509_lu.c
+++ /dev/null
@@ -1,739 +0,0 @@
-/* $OpenBSD: x509_lu.c,v 1.20 2015/04/25 16:02:55 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include "x509_lcl.h"
-
-X509_LOOKUP *
-X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
-{
-	X509_LOOKUP *ret;
-
-	ret = malloc(sizeof(X509_LOOKUP));
-	if (ret == NULL)
-		return NULL;
-
-	ret->init = 0;
-	ret->skip = 0;
-	ret->method = method;
-	ret->method_data = NULL;
-	ret->store_ctx = NULL;
-	if ((method->new_item != NULL) && !method->new_item(ret)) {
-		free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-void
-X509_LOOKUP_free(X509_LOOKUP *ctx)
-{
-	if (ctx == NULL)
-		return;
-	if ((ctx->method != NULL) && (ctx->method->free != NULL))
-		(*ctx->method->free)(ctx);
-	free(ctx);
-}
-
-int
-X509_LOOKUP_init(X509_LOOKUP *ctx)
-{
-	if (ctx->method == NULL)
-		return 0;
-	if (ctx->method->init != NULL)
-		return ctx->method->init(ctx);
-	else
-		return 1;
-}
-
-int
-X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
-{
-	if (ctx->method == NULL)
-		return 0;
-	if (ctx->method->shutdown != NULL)
-		return ctx->method->shutdown(ctx);
-	else
-		return 1;
-}
-
-int
-X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
-    char **ret)
-{
-	if (ctx->method == NULL)
-		return -1;
-	if (ctx->method->ctrl != NULL)
-		return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
-	else
-		return 1;
-}
-
-int
-X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-    X509_OBJECT *ret)
-{
-	if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
-		return X509_LU_FAIL;
-	if (ctx->skip)
-		return 0;
-	return ctx->method->get_by_subject(ctx, type, name, ret);
-}
-
-int
-X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-    ASN1_INTEGER *serial, X509_OBJECT *ret)
-{
-	if ((ctx->method == NULL) ||
-	    (ctx->method->get_by_issuer_serial == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret);
-}
-
-int
-X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, unsigned char *bytes,
-    int len, X509_OBJECT *ret)
-{
-	if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret);
-}
-
-int
-X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
-    X509_OBJECT *ret)
-{
-	if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
-		return X509_LU_FAIL;
-	return ctx->method->get_by_alias(ctx, type, str, len, ret);
-}
-
-static int
-x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b)
-{
-	int ret;
-
-	ret = ((*a)->type - (*b)->type);
-	if (ret)
-		return ret;
-	switch ((*a)->type) {
-	case X509_LU_X509:
-		ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
-		break;
-	case X509_LU_CRL:
-		ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
-		break;
-	default:
-		/* abort(); */
-		return 0;
-	}
-	return ret;
-}
-
-X509_STORE *
-X509_STORE_new(void)
-{
-	X509_STORE *ret;
-
-	if ((ret = malloc(sizeof(X509_STORE))) == NULL)
-		return NULL;
-	ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
-	ret->cache = 1;
-	ret->get_cert_methods = sk_X509_LOOKUP_new_null();
-	ret->verify = 0;
-	ret->verify_cb = 0;
-
-	if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
-		goto err;
-
-	ret->get_issuer = 0;
-	ret->check_issued = 0;
-	ret->check_revocation = 0;
-	ret->get_crl = 0;
-	ret->check_crl = 0;
-	ret->cert_crl = 0;
-	ret->lookup_certs = 0;
-	ret->lookup_crls = 0;
-	ret->cleanup = 0;
-
-	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
-		goto err;
-
-	ret->references = 1;
-	return ret;
-
-err:
-	X509_VERIFY_PARAM_free(ret->param);
-	sk_X509_LOOKUP_free(ret->get_cert_methods);
-	sk_X509_OBJECT_free(ret->objs);
-	free(ret);
-	return NULL;
-}
-
-static void
-cleanup(X509_OBJECT *a)
-{
-	if (a->type == X509_LU_X509) {
-		X509_free(a->data.x509);
-	} else if (a->type == X509_LU_CRL) {
-		X509_CRL_free(a->data.crl);
-	} else {
-		/* abort(); */
-	}
-
-	free(a);
-}
-
-void
-X509_STORE_free(X509_STORE *vfy)
-{
-	int i;
-	STACK_OF(X509_LOOKUP) *sk;
-	X509_LOOKUP *lu;
-
-	if (vfy == NULL)
-		return;
-
-	i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
-	if (i > 0)
-		return;
-
-	sk = vfy->get_cert_methods;
-	for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
-		lu = sk_X509_LOOKUP_value(sk, i);
-		X509_LOOKUP_shutdown(lu);
-		X509_LOOKUP_free(lu);
-	}
-	sk_X509_LOOKUP_free(sk);
-	sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
-	X509_VERIFY_PARAM_free(vfy->param);
-	free(vfy);
-}
-
-X509_LOOKUP *
-X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
-{
-	int i;
-	STACK_OF(X509_LOOKUP) *sk;
-	X509_LOOKUP *lu;
-
-	sk = v->get_cert_methods;
-	for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
-		lu = sk_X509_LOOKUP_value(sk, i);
-		if (m == lu->method) {
-			return lu;
-		}
-	}
-	/* a new one */
-	lu = X509_LOOKUP_new(m);
-	if (lu == NULL)
-		return NULL;
-	else {
-		lu->store_ctx = v;
-		if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
-			return lu;
-		else {
-			X509_LOOKUP_free(lu);
-			return NULL;
-		}
-	}
-}
-
-int
-X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
-    X509_OBJECT *ret)
-{
-	X509_STORE *ctx = vs->ctx;
-	X509_LOOKUP *lu;
-	X509_OBJECT stmp, *tmp;
-	int i, j;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-	tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-	if (tmp == NULL || type == X509_LU_CRL) {
-		for (i = vs->current_method;
-		    i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
-			lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
-			j = X509_LOOKUP_by_subject(lu, type, name, &stmp);
-			if (j < 0) {
-				vs->current_method = j;
-				return j;
-			} else if (j) {
-				tmp = &stmp;
-				break;
-			}
-		}
-		vs->current_method = 0;
-		if (tmp == NULL)
-			return 0;
-	}
-
-/*	if (ret->data.ptr != NULL)
-		X509_OBJECT_free_contents(ret); */
-
-	ret->type = tmp->type;
-	ret->data.ptr = tmp->data.ptr;
-
-	X509_OBJECT_up_ref_count(ret);
-
-	return 1;
-}
-
-int
-X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
-{
-	X509_OBJECT *obj;
-	int ret = 1;
-
-	if (x == NULL)
-		return 0;
-	obj = malloc(sizeof(X509_OBJECT));
-	if (obj == NULL) {
-		X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	obj->type = X509_LU_X509;
-	obj->data.x509 = x;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-	X509_OBJECT_up_ref_count(obj);
-
-	if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
-		X509_OBJECT_free_contents(obj);
-		free(obj);
-		X509err(X509_F_X509_STORE_ADD_CERT,
-		    X509_R_CERT_ALREADY_IN_HASH_TABLE);
-		ret = 0;
-	} else
-		sk_X509_OBJECT_push(ctx->objs, obj);
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-	return ret;
-}
-
-int
-X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
-{
-	X509_OBJECT *obj;
-	int ret = 1;
-
-	if (x == NULL)
-		return 0;
-	obj = malloc(sizeof(X509_OBJECT));
-	if (obj == NULL) {
-		X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	obj->type = X509_LU_CRL;
-	obj->data.crl = x;
-
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-
-	X509_OBJECT_up_ref_count(obj);
-
-	if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
-		X509_OBJECT_free_contents(obj);
-		free(obj);
-		X509err(X509_F_X509_STORE_ADD_CRL,
-		    X509_R_CERT_ALREADY_IN_HASH_TABLE);
-		ret = 0;
-	} else
-		sk_X509_OBJECT_push(ctx->objs, obj);
-
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-
-	return ret;
-}
-
-void
-X509_OBJECT_up_ref_count(X509_OBJECT *a)
-{
-	switch (a->type) {
-	case X509_LU_X509:
-		CRYPTO_add(&a->data.x509->references, 1, CRYPTO_LOCK_X509);
-		break;
-	case X509_LU_CRL:
-		CRYPTO_add(&a->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
-		break;
-	}
-}
-
-void
-X509_OBJECT_free_contents(X509_OBJECT *a)
-{
-	switch (a->type) {
-	case X509_LU_X509:
-		X509_free(a->data.x509);
-		break;
-	case X509_LU_CRL:
-		X509_CRL_free(a->data.crl);
-		break;
-	}
-}
-
-static int
-x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name,
-    int *pnmatch)
-{
-	X509_OBJECT stmp;
-	X509 x509_s;
-	X509_CINF cinf_s;
-	X509_CRL crl_s;
-	X509_CRL_INFO crl_info_s;
-	int idx;
-
-	stmp.type = type;
-	switch (type) {
-	case X509_LU_X509:
-		stmp.data.x509 = &x509_s;
-		x509_s.cert_info = &cinf_s;
-		cinf_s.subject = name;
-		break;
-	case X509_LU_CRL:
-		stmp.data.crl = &crl_s;
-		crl_s.crl = &crl_info_s;
-		crl_info_s.issuer = name;
-		break;
-	default:
-		/* abort(); */
-		return -1;
-	}
-
-	idx = sk_X509_OBJECT_find(h, &stmp);
-	if (idx >= 0 && pnmatch) {
-		int tidx;
-		const X509_OBJECT *tobj, *pstmp;
-		*pnmatch = 1;
-		pstmp = &stmp;
-		for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
-			tobj = sk_X509_OBJECT_value(h, tidx);
-			if (x509_object_cmp(&tobj, &pstmp))
-				break;
-			(*pnmatch)++;
-		}
-	}
-	return idx;
-}
-
-int
-X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name)
-{
-	return x509_object_idx_cnt(h, type, name, NULL);
-}
-
-X509_OBJECT *
-X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-    X509_NAME *name)
-{
-	int idx;
-
-	idx = X509_OBJECT_idx_by_subject(h, type, name);
-	if (idx == -1)
-		return NULL;
-	return sk_X509_OBJECT_value(h, idx);
-}
-
-STACK_OF(X509) *
-X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
-{
-	int i, idx, cnt;
-	STACK_OF(X509) *sk;
-	X509 *x;
-	X509_OBJECT *obj;
-
-	sk = sk_X509_new_null();
-	if (sk == NULL)
-		return NULL;
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-	idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
-	if (idx < 0) {
-		/* Nothing found in cache: do lookup to possibly add new
-		 * objects to cache
-		 */
-		X509_OBJECT xobj;
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-		if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
-			sk_X509_free(sk);
-			return NULL;
-		}
-		X509_OBJECT_free_contents(&xobj);
-		CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-		idx = x509_object_idx_cnt(ctx->ctx->objs,
-		    X509_LU_X509, nm, &cnt);
-		if (idx < 0) {
-			CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-			sk_X509_free(sk);
-			return NULL;
-		}
-	}
-	for (i = 0; i < cnt; i++, idx++) {
-		obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
-		x = obj->data.x509;
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-		if (!sk_X509_push(sk, x)) {
-			CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-			X509_free(x);
-			sk_X509_pop_free(sk, X509_free);
-			return NULL;
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-	return sk;
-
-}
-
-STACK_OF(X509_CRL) *
-X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
-{
-	int i, idx, cnt;
-	STACK_OF(X509_CRL) *sk;
-	X509_CRL *x;
-	X509_OBJECT *obj, xobj;
-
-	sk = sk_X509_CRL_new_null();
-	if (sk == NULL)
-		return NULL;
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-	/* Check cache first */
-	idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
-
-	/* Always do lookup to possibly add new CRLs to cache
-	 */
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-	if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
-		sk_X509_CRL_free(sk);
-		return NULL;
-	}
-	X509_OBJECT_free_contents(&xobj);
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-	idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
-	if (idx < 0) {
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-		sk_X509_CRL_free(sk);
-		return NULL;
-	}
-
-	for (i = 0; i < cnt; i++, idx++) {
-		obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
-		x = obj->data.crl;
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
-		if (!sk_X509_CRL_push(sk, x)) {
-			CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-			X509_CRL_free(x);
-			sk_X509_CRL_pop_free(sk, X509_CRL_free);
-			return NULL;
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-	return sk;
-}
-
-X509_OBJECT *
-X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x)
-{
-	int idx, i;
-	X509_OBJECT *obj;
-
-	idx = sk_X509_OBJECT_find(h, x);
-	if (idx == -1)
-		return NULL;
-	if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
-		return sk_X509_OBJECT_value(h, idx);
-	for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
-		obj = sk_X509_OBJECT_value(h, i);
-		if (x509_object_cmp((const X509_OBJECT **)&obj,
-		    (const X509_OBJECT **)&x))
-			return NULL;
-		if (x->type == X509_LU_X509) {
-			if (!X509_cmp(obj->data.x509, x->data.x509))
-				return obj;
-		} else if (x->type == X509_LU_CRL) {
-			if (!X509_CRL_match(obj->data.crl, x->data.crl))
-				return obj;
-		} else
-			return obj;
-	}
-	return NULL;
-}
-
-
-/* Try to get issuer certificate from store. Due to limitations
- * of the API this can only retrieve a single certificate matching
- * a given subject name. However it will fill the cache with all
- * matching certificates, so we can examine the cache for all
- * matches.
- *
- * Return values are:
- *  1 lookup successful.
- *  0 certificate not found.
- * -1 some other error.
- */
-int
-X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-	X509_NAME *xn;
-	X509_OBJECT obj, *pobj;
-	int i, ok, idx, ret;
-
-	*issuer = NULL;
-	xn = X509_get_issuer_name(x);
-	ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj);
-	if (ok != X509_LU_X509) {
-		if (ok == X509_LU_RETRY) {
-			X509_OBJECT_free_contents(&obj);
-			X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,
-			    X509_R_SHOULD_RETRY);
-			return -1;
-		} else if (ok != X509_LU_FAIL) {
-			X509_OBJECT_free_contents(&obj);
-			/* not good :-(, break anyway */
-			return -1;
-		}
-		return 0;
-	}
-	/* If certificate matches all OK */
-	if (ctx->check_issued(ctx, x, obj.data.x509)) {
-		if (x509_check_cert_time(ctx, obj.data.x509, 1)) {
-			*issuer = obj.data.x509;
-			return 1;
-		}
-	}
-	X509_OBJECT_free_contents(&obj);
-
-	/* Else find index of first cert accepted by 'check_issued' */
-	ret = 0;
-	CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
-	idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
-	if (idx != -1) /* should be true as we've had at least one match */ {
-		/* Look through all matching certs for suitable issuer */
-		for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
-			pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
-			/* See if we've run past the matches */
-			if (pobj->type != X509_LU_X509)
-				break;
-			if (X509_NAME_cmp(xn,
-			    X509_get_subject_name(pobj->data.x509)))
-				break;
-			if (ctx->check_issued(ctx, x, pobj->data.x509)) {
-				*issuer = pobj->data.x509;
-				ret = 1;
-				/*
-				 * If times check, exit with match,
-				 * otherwise keep looking. Leave last
-				 * match in issuer so we return nearest
-				 * match if no certificate time is OK.
-				 */
-				if (x509_check_cert_time(ctx, *issuer, 1))
-					break;
-			}
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
-	if (*issuer)
-		CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
-	return ret;
-}
-
-int
-X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
-{
-	return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
-}
-
-int
-X509_STORE_set_depth(X509_STORE *ctx, int depth)
-{
-	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-	return 1;
-}
-
-int
-X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
-{
-	return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
-}
-
-int
-X509_STORE_set_trust(X509_STORE *ctx, int trust)
-{
-	return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
-}
-
-int
-X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
-{
-	return X509_VERIFY_PARAM_set1(ctx->param, param);
-}
-
-void
-X509_STORE_set_verify_cb(X509_STORE *ctx,
-    int (*verify_cb)(int, X509_STORE_CTX *))
-{
-	ctx->verify_cb = verify_cb;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_obj.c b/lib/libssl/src/crypto/x509/x509_obj.c
deleted file mode 100644
index f7f2a380a11..00000000000
--- a/lib/libssl/src/crypto/x509/x509_obj.c
+++ /dev/null
@@ -1,179 +0,0 @@
-/* $OpenBSD: x509_obj.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-char *
-X509_NAME_oneline(X509_NAME *a, char *buf, int len)
-{
-	X509_NAME_ENTRY *ne;
-	int i;
-	int n, lold, l, l1, l2, num, j, type;
-	const char *s;
-	char *p;
-	unsigned char *q;
-	BUF_MEM *b = NULL;
-	static const char hex[17] = "0123456789ABCDEF";
-	int gs_doit[4];
-	char tmp_buf[80];
-
-	if (buf == NULL) {
-		if ((b = BUF_MEM_new()) == NULL)
-			goto err;
-		if (!BUF_MEM_grow(b, 200))
-			goto err;
-		b->data[0] = '\0';
-		len = 200;
-	}
-	if (a == NULL) {
-		if (b) {
-			buf = b->data;
-			free(b);
-		}
-		strlcpy(buf, "NO X509_NAME", len);
-		return buf;
-	}
-
-	len--; /* space for '\0' */
-	l = 0;
-	for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
-		ne = sk_X509_NAME_ENTRY_value(a->entries, i);
-		n = OBJ_obj2nid(ne->object);
-		if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
-			i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
-			s = tmp_buf;
-		}
-		l1 = strlen(s);
-
-		type = ne->value->type;
-		num = ne->value->length;
-		q = ne->value->data;
-		if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
-			gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
-			for (j = 0; j < num; j++)
-				if (q[j] != 0)
-					gs_doit[j & 3] = 1;
-
-			if (gs_doit[0]|gs_doit[1]|gs_doit[2])
-				gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
-			else {
-				gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
-				gs_doit[3] = 1;
-			}
-		} else
-			gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
-
-		for (l2 = j=0; j < num; j++) {
-			if (!gs_doit[j&3])
-				continue;
-			l2++;
-			if ((q[j] < ' ') || (q[j] > '~'))
-				l2 += 3;
-		}
-
-		lold = l;
-		l += 1 + l1 + 1 + l2;
-		if (b != NULL) {
-			if (!BUF_MEM_grow(b, l + 1))
-				goto err;
-			p = &(b->data[lold]);
-		} else if (l > len) {
-			break;
-		} else
-			p = &(buf[lold]);
-		*(p++) = '/';
-		memcpy(p, s, l1);
-		p += l1;
-		*(p++) = '=';
-		q = ne->value->data;
-		for (j = 0; j < num; j++) {
-			if (!gs_doit[j & 3])
-				continue;
-			n = q[j];
-			if ((n < ' ') || (n > '~')) {
-				*(p++) = '\\';
-				*(p++) = 'x';
-				*(p++) = hex[(n >> 4) & 0x0f];
-				*(p++) = hex[n & 0x0f];
-			} else
-				*(p++) = n;
-		}
-		*p = '\0';
-	}
-	if (b != NULL) {
-		p = b->data;
-		free(b);
-	} else
-		p = buf;
-	if (i == 0)
-		*p = '\0';
-	return (p);
-
-err:
-	X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
-	if (b != NULL)
-		BUF_MEM_free(b);
-	return (NULL);
-}
diff --git a/lib/libssl/src/crypto/x509/x509_r2x.c b/lib/libssl/src/crypto/x509/x509_r2x.c
deleted file mode 100644
index 76faa29b7f2..00000000000
--- a/lib/libssl/src/crypto/x509/x509_r2x.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/* $OpenBSD: x509_r2x.c,v 1.10 2015/09/30 17:30:16 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-X509 *
-X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
-{
-	X509 *ret = NULL;
-	X509_CINF *xi = NULL;
-	X509_NAME *xn;
-
-	if ((ret = X509_new()) == NULL) {
-		X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* duplicate the request */
-	xi = ret->cert_info;
-
-	if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) {
-		if ((xi->version = ASN1_INTEGER_new()) == NULL)
-			goto err;
-		if (!ASN1_INTEGER_set(xi->version, 2))
-			goto err;
-/*		xi->extensions=ri->attributes; <- bad, should not ever be done
-		ri->attributes=NULL; */
-	}
-
-	xn = X509_REQ_get_subject_name(r);
-	if (X509_set_subject_name(ret, X509_NAME_dup(xn)) == 0)
-		goto err;
-	if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
-		goto err;
-
-	if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL)
-		goto err;
-	if (X509_gmtime_adj(xi->validity->notAfter,
-	    (long)60 * 60 * 24 * days) == NULL)
-		goto err;
-
-	X509_set_pubkey(ret, X509_REQ_get_pubkey(r));
-
-	if (!X509_sign(ret, pkey, EVP_md5()))
-		goto err;
-	if (0) {
-err:
-		X509_free(ret);
-		ret = NULL;
-	}
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/x509/x509_req.c b/lib/libssl/src/crypto/x509/x509_req.c
deleted file mode 100644
index dc4bc2639a4..00000000000
--- a/lib/libssl/src/crypto/x509/x509_req.c
+++ /dev/null
@@ -1,347 +0,0 @@
-/* $OpenBSD: x509_req.c,v 1.18 2015/09/30 17:30:16 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-X509_REQ *
-X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-	X509_REQ *ret;
-	X509_REQ_INFO *ri;
-	int i;
-	EVP_PKEY *pktmp;
-
-	ret = X509_REQ_new();
-	if (ret == NULL) {
-		X509err(X509_F_X509_TO_X509_REQ, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	ri = ret->req_info;
-
-	if ((ri->version = ASN1_INTEGER_new()) == NULL)
-		goto err;
-	if (ASN1_INTEGER_set(ri->version, 0) == 0)
-		goto err;
-
-	if (!X509_REQ_set_subject_name(ret, X509_get_subject_name(x)))
-		goto err;
-
-	if ((pktmp = X509_get_pubkey(x)) == NULL)
-		goto err;
-
-	i = X509_REQ_set_pubkey(ret, pktmp);
-	EVP_PKEY_free(pktmp);
-	if (!i)
-		goto err;
-
-	if (pkey != NULL) {
-		if (!X509_REQ_sign(ret, pkey, md))
-			goto err;
-	}
-	return (ret);
-
-err:
-	X509_REQ_free(ret);
-	return (NULL);
-}
-
-EVP_PKEY *
-X509_REQ_get_pubkey(X509_REQ *req)
-{
-	if ((req == NULL) || (req->req_info == NULL))
-		return (NULL);
-	return (X509_PUBKEY_get(req->req_info->pubkey));
-}
-
-int
-X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
-{
-	EVP_PKEY *xk = NULL;
-	int ok = 0;
-
-	xk = X509_REQ_get_pubkey(x);
-	switch (EVP_PKEY_cmp(xk, k)) {
-	case 1:
-		ok = 1;
-		break;
-	case 0:
-		X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-		    X509_R_KEY_VALUES_MISMATCH);
-		break;
-	case -1:
-		X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-		    X509_R_KEY_TYPE_MISMATCH);
-		break;
-	case -2:
-#ifndef OPENSSL_NO_EC
-		if (k->type == EVP_PKEY_EC) {
-			X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-			    ERR_R_EC_LIB);
-			break;
-		}
-#endif
-#ifndef OPENSSL_NO_DH
-		if (k->type == EVP_PKEY_DH) {
-			/* No idea */
-			X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-			    X509_R_CANT_CHECK_DH_KEY);
-			break;
-		}
-#endif
-		X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
-		    X509_R_UNKNOWN_KEY_TYPE);
-	}
-
-	EVP_PKEY_free(xk);
-	return (ok);
-}
-
-/* It seems several organisations had the same idea of including a list of
- * extensions in a certificate request. There are at least two OIDs that are
- * used and there may be more: so the list is configurable.
- */
-
-static int ext_nid_list[] = {NID_ext_req, NID_ms_ext_req, NID_undef};
-
-static int *ext_nids = ext_nid_list;
-
-int
-X509_REQ_extension_nid(int req_nid)
-{
-	int i, nid;
-
-	for (i = 0; ; i++) {
-		nid = ext_nids[i];
-		if (nid == NID_undef)
-			return 0;
-		else if (req_nid == nid)
-			return 1;
-	}
-}
-
-int *
-X509_REQ_get_extension_nids(void)
-{
-	return ext_nids;
-}
-
-void
-X509_REQ_set_extension_nids(int *nids)
-{
-	ext_nids = nids;
-}
-
-STACK_OF(X509_EXTENSION) *
-X509_REQ_get_extensions(X509_REQ *req)
-{
-	X509_ATTRIBUTE *attr;
-	ASN1_TYPE *ext = NULL;
-	int idx, *pnid;
-	const unsigned char *p;
-
-	if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
-		return (NULL);
-	for (pnid = ext_nids; *pnid != NID_undef; pnid++) {
-		idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
-		if (idx == -1)
-			continue;
-		attr = X509_REQ_get_attr(req, idx);
-		if (attr->single)
-			ext = attr->value.single;
-		else if (sk_ASN1_TYPE_num(attr->value.set))
-			ext = sk_ASN1_TYPE_value(attr->value.set, 0);
-		break;
-	}
-	if (!ext || (ext->type != V_ASN1_SEQUENCE))
-		return NULL;
-	p = ext->value.sequence->data;
-	return (STACK_OF(X509_EXTENSION) *)ASN1_item_d2i(NULL, &p,
-	    ext->value.sequence->length, ASN1_ITEM_rptr(X509_EXTENSIONS));
-}
-
-/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
- * in case we want to create a non standard one.
- */
-
-int
-X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
-    int nid)
-{
-	ASN1_TYPE *at = NULL;
-	X509_ATTRIBUTE *attr = NULL;
-
-	if (!(at = ASN1_TYPE_new()) ||
-	    !(at->value.sequence = ASN1_STRING_new()))
-		goto err;
-
-	at->type = V_ASN1_SEQUENCE;
-	/* Generate encoding of extensions */
-	at->value.sequence->length = ASN1_item_i2d((ASN1_VALUE *)exts,
-	    &at->value.sequence->data, ASN1_ITEM_rptr(X509_EXTENSIONS));
-	if (!(attr = X509_ATTRIBUTE_new()))
-		goto err;
-	if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
-		goto err;
-	if (!sk_ASN1_TYPE_push(attr->value.set, at))
-		goto err;
-	at = NULL;
-	attr->single = 0;
-	attr->object = OBJ_nid2obj(nid);
-	if (!req->req_info->attributes) {
-		if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
-			goto err;
-	}
-	if (!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr))
-		goto err;
-	return 1;
-
-err:
-	X509_ATTRIBUTE_free(attr);
-	ASN1_TYPE_free(at);
-	return 0;
-}
-
-/* This is the normal usage: use the "official" OID */
-int
-X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
-{
-	return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
-}
-
-/* Request attribute functions */
-
-int
-X509_REQ_get_attr_count(const X509_REQ *req)
-{
-	return X509at_get_attr_count(req->req_info->attributes);
-}
-
-int
-X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos)
-{
-	return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
-}
-
-int
-X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, int lastpos)
-{
-	return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
-}
-
-X509_ATTRIBUTE *
-X509_REQ_get_attr(const X509_REQ *req, int loc)
-{
-	return X509at_get_attr(req->req_info->attributes, loc);
-}
-
-X509_ATTRIBUTE *
-X509_REQ_delete_attr(X509_REQ *req, int loc)
-{
-	return X509at_delete_attr(req->req_info->attributes, loc);
-}
-
-int
-X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
-{
-	if (X509at_add1_attr(&req->req_info->attributes, attr))
-		return 1;
-	return 0;
-}
-
-int
-X509_REQ_add1_attr_by_OBJ(X509_REQ *req, const ASN1_OBJECT *obj, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
-	    type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
-	    type, bytes, len))
-		return 1;
-	return 0;
-}
-
-int
-X509_REQ_add1_attr_by_txt(X509_REQ *req, const char *attrname, int type,
-    const unsigned char *bytes, int len)
-{
-	if (X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
-	    type, bytes, len))
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_set.c b/lib/libssl/src/crypto/x509/x509_set.c
deleted file mode 100644
index aeaf1610249..00000000000
--- a/lib/libssl/src/crypto/x509/x509_set.c
+++ /dev/null
@@ -1,154 +0,0 @@
-/* $OpenBSD: x509_set.c,v 1.12 2015/09/30 17:49:59 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-X509_set_version(X509 *x, long version)
-{
-	if (x == NULL)
-		return (0);
-	if (x->cert_info->version == NULL) {
-		if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL)
-			return (0);
-	}
-	return (ASN1_INTEGER_set(x->cert_info->version, version));
-}
-
-int
-X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
-{
-	ASN1_INTEGER *in;
-
-	if (x == NULL)
-		return (0);
-	in = x->cert_info->serialNumber;
-	if (in != serial) {
-		in = ASN1_INTEGER_dup(serial);
-		if (in != NULL) {
-			ASN1_INTEGER_free(x->cert_info->serialNumber);
-			x->cert_info->serialNumber = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_set_issuer_name(X509 *x, X509_NAME *name)
-{
-	if ((x == NULL) || (x->cert_info == NULL))
-		return (0);
-	return (X509_NAME_set(&x->cert_info->issuer, name));
-}
-
-int
-X509_set_subject_name(X509 *x, X509_NAME *name)
-{
-	if ((x == NULL) || (x->cert_info == NULL))
-		return (0);
-	return (X509_NAME_set(&x->cert_info->subject, name));
-}
-
-int
-X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
-{
-	ASN1_TIME *in;
-
-	if ((x == NULL) || (x->cert_info->validity == NULL))
-		return (0);
-	in = x->cert_info->validity->notBefore;
-	if (in != tm) {
-		in = ASN1_STRING_dup(tm);
-		if (in != NULL) {
-			ASN1_TIME_free(x->cert_info->validity->notBefore);
-			x->cert_info->validity->notBefore = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
-{
-	ASN1_TIME *in;
-
-	if ((x == NULL) || (x->cert_info->validity == NULL))
-		return (0);
-	in = x->cert_info->validity->notAfter;
-	if (in != tm) {
-		in = ASN1_STRING_dup(tm);
-		if (in != NULL) {
-			ASN1_TIME_free(x->cert_info->validity->notAfter);
-			x->cert_info->validity->notAfter = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
-{
-	if ((x == NULL) || (x->cert_info == NULL))
-		return (0);
-	return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
-}
diff --git a/lib/libssl/src/crypto/x509/x509_trs.c b/lib/libssl/src/crypto/x509/x509_trs.c
deleted file mode 100644
index 42fb97f571e..00000000000
--- a/lib/libssl/src/crypto/x509/x509_trs.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* $OpenBSD: x509_trs.c,v 1.20 2015/02/10 11:22:21 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static int tr_cmp(const X509_TRUST * const *a, const X509_TRUST * const *b);
-static void trtable_free(X509_TRUST *p);
-
-static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
-static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
-static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
-
-static int obj_trust(int id, X509 *x, int flags);
-static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
-
-/* WARNING: the following table should be kept in order of trust
- * and without any gaps so we can just subtract the minimum trust
- * value to get an index into the table
- */
-
-static X509_TRUST trstandard[] = {
-	{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
-	{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL},
-	{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, NULL},
-	{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL},
-	{X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, NULL},
-	{X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, NULL},
-	{X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, NULL},
-	{X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
-};
-
-#define X509_TRUST_COUNT	(sizeof(trstandard)/sizeof(X509_TRUST))
-
-static STACK_OF(X509_TRUST) *trtable = NULL;
-
-static int
-tr_cmp(const X509_TRUST * const *a, const X509_TRUST * const *b)
-{
-	return (*a)->trust - (*b)->trust;
-}
-
-int
-(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
-{
-	int (*oldtrust)(int , X509 *, int);
-
-	oldtrust = default_trust;
-	default_trust = trust;
-	return oldtrust;
-}
-
-int
-X509_check_trust(X509 *x, int id, int flags)
-{
-	X509_TRUST *pt;
-	int idx;
-
-	if (id == -1)
-		return 1;
-	idx = X509_TRUST_get_by_id(id);
-	if (idx == -1)
-		return default_trust(id, x, flags);
-	pt = X509_TRUST_get0(idx);
-	return pt->check_trust(pt, x, flags);
-}
-
-int
-X509_TRUST_get_count(void)
-{
-	if (!trtable)
-		return X509_TRUST_COUNT;
-	return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
-}
-
-X509_TRUST *
-X509_TRUST_get0(int idx)
-{
-	if (idx < 0)
-		return NULL;
-	if (idx < (int)X509_TRUST_COUNT)
-		return trstandard + idx;
-	return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
-}
-
-int
-X509_TRUST_get_by_id(int id)
-{
-	X509_TRUST tmp;
-	int idx;
-
-	if ((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
-		return id - X509_TRUST_MIN;
-	tmp.trust = id;
-	if (!trtable)
-		return -1;
-	idx = sk_X509_TRUST_find(trtable, &tmp);
-	if (idx == -1)
-		return -1;
-	return idx + X509_TRUST_COUNT;
-}
-
-int
-X509_TRUST_set(int *t, int trust)
-{
-	if (X509_TRUST_get_by_id(trust) == -1) {
-		X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
-		return 0;
-	}
-	*t = trust;
-	return 1;
-}
-
-int
-X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-    char *name, int arg1, void *arg2)
-{
-	int idx;
-	X509_TRUST *trtmp;
-	char *name_dup;
-
-	/* This is set according to what we change: application can't set it */
-	flags &= ~X509_TRUST_DYNAMIC;
-	/* This will always be set for application modified trust entries */
-	flags |= X509_TRUST_DYNAMIC_NAME;
-	/* Get existing entry if any */
-	idx = X509_TRUST_get_by_id(id);
-	/* Need a new entry */
-	if (idx == -1) {
-		if (!(trtmp = malloc(sizeof(X509_TRUST)))) {
-			X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		trtmp->flags = X509_TRUST_DYNAMIC;
-	} else {
-		trtmp = X509_TRUST_get0(idx);
-		if (trtmp == NULL) {
-			X509err(X509_F_X509_TRUST_ADD, X509_R_INVALID_TRUST);
-			return 0;
-		}
-	}
-
-	if ((name_dup = strdup(name)) == NULL)
-		goto err;
-
-	/* free existing name if dynamic */
-	if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
-		free(trtmp->name);
-	/* dup supplied name */
-	trtmp->name = name_dup;
-	/* Keep the dynamic flag of existing entry */
-	trtmp->flags &= X509_TRUST_DYNAMIC;
-	/* Set all other flags */
-	trtmp->flags |= flags;
-
-	trtmp->trust = id;
-	trtmp->check_trust = ck;
-	trtmp->arg1 = arg1;
-	trtmp->arg2 = arg2;
-
-	/* If it's a new entry, manage the dynamic table */
-	if (idx == -1) {
-		if (trtable == NULL &&
-		    (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL)
-			goto err;
-		if (sk_X509_TRUST_push(trtable, trtmp) == 0)
-			goto err;
-	}
-	return 1;
-
-err:
-	free(name_dup);
-	if (idx == -1)
-		free(trtmp);
-	X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-static void
-trtable_free(X509_TRUST *p)
-{
-	if (!p)
-		return;
-	if (p->flags & X509_TRUST_DYNAMIC) {
-		if (p->flags & X509_TRUST_DYNAMIC_NAME)
-			free(p->name);
-		free(p);
-	}
-}
-
-void
-X509_TRUST_cleanup(void)
-{
-	unsigned int i;
-
-	for (i = 0; i < X509_TRUST_COUNT; i++)
-		trtable_free(trstandard + i);
-	sk_X509_TRUST_pop_free(trtable, trtable_free);
-	trtable = NULL;
-}
-
-int
-X509_TRUST_get_flags(X509_TRUST *xp)
-{
-	return xp->flags;
-}
-
-char *
-X509_TRUST_get0_name(X509_TRUST *xp)
-{
-	return xp->name;
-}
-
-int
-X509_TRUST_get_trust(X509_TRUST *xp)
-{
-	return xp->trust;
-}
-
-static int
-trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
-{
-	if (x->aux && (x->aux->trust || x->aux->reject))
-		return obj_trust(trust->arg1, x, flags);
-	/* we don't have any trust settings: for compatibility
-	 * we return trusted if it is self signed
-	 */
-	return trust_compat(trust, x, flags);
-}
-
-static int
-trust_1oid(X509_TRUST *trust, X509 *x, int flags)
-{
-	if (x->aux)
-		return obj_trust(trust->arg1, x, flags);
-	return X509_TRUST_UNTRUSTED;
-}
-
-static int
-trust_compat(X509_TRUST *trust, X509 *x, int flags)
-{
-	X509_check_purpose(x, -1, 0);
-	if (x->ex_flags & EXFLAG_SS)
-		return X509_TRUST_TRUSTED;
-	else
-		return X509_TRUST_UNTRUSTED;
-}
-
-static int
-obj_trust(int id, X509 *x, int flags)
-{
-	ASN1_OBJECT *obj;
-	int i;
-	X509_CERT_AUX *ax;
-
-	ax = x->aux;
-	if (!ax)
-		return X509_TRUST_UNTRUSTED;
-	if (ax->reject) {
-		for (i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
-			obj = sk_ASN1_OBJECT_value(ax->reject, i);
-			if (OBJ_obj2nid(obj) == id)
-				return X509_TRUST_REJECTED;
-		}
-	}
-	if (ax->trust) {
-		for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
-			obj = sk_ASN1_OBJECT_value(ax->trust, i);
-			if (OBJ_obj2nid(obj) == id)
-				return X509_TRUST_TRUSTED;
-		}
-	}
-	return X509_TRUST_UNTRUSTED;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_txt.c b/lib/libssl/src/crypto/x509/x509_txt.c
deleted file mode 100644
index 14fa2378c4d..00000000000
--- a/lib/libssl/src/crypto/x509/x509_txt.c
+++ /dev/null
@@ -1,189 +0,0 @@
-/* $OpenBSD: x509_txt.c,v 1.19 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <time.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-const char *
-X509_verify_cert_error_string(long n)
-{
-	static char buf[100];
-
-	switch ((int)n) {
-	case X509_V_OK:
-		return("ok");
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		return("unable to get issuer certificate");
-	case X509_V_ERR_UNABLE_TO_GET_CRL:
-		return("unable to get certificate CRL");
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-		return("unable to decrypt certificate's signature");
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-		return("unable to decrypt CRL's signature");
-	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-		return("unable to decode issuer public key");
-	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-		return("certificate signature failure");
-	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-		return("CRL signature failure");
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-		return("certificate is not yet valid");
-	case X509_V_ERR_CRL_NOT_YET_VALID:
-		return("CRL is not yet valid");
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-		return("certificate has expired");
-	case X509_V_ERR_CRL_HAS_EXPIRED:
-		return("CRL has expired");
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		return("format error in certificate's notBefore field");
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		return("format error in certificate's notAfter field");
-	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-		return("format error in CRL's lastUpdate field");
-	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-		return("format error in CRL's nextUpdate field");
-	case X509_V_ERR_OUT_OF_MEM:
-		return("out of memory");
-	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-		return("self signed certificate");
-	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-		return("self signed certificate in certificate chain");
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-		return("unable to get local issuer certificate");
-	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-		return("unable to verify the first certificate");
-	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-		return("certificate chain too long");
-	case X509_V_ERR_CERT_REVOKED:
-		return("certificate revoked");
-	case X509_V_ERR_INVALID_CA:
-		return ("invalid CA certificate");
-	case X509_V_ERR_INVALID_NON_CA:
-		return ("invalid non-CA certificate (has CA markings)");
-	case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-		return ("path length constraint exceeded");
-	case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
-		return("proxy path length constraint exceeded");
-	case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
-		return("proxy certificates not allowed, please set the appropriate flag");
-	case X509_V_ERR_INVALID_PURPOSE:
-		return ("unsupported certificate purpose");
-	case X509_V_ERR_CERT_UNTRUSTED:
-		return ("certificate not trusted");
-	case X509_V_ERR_CERT_REJECTED:
-		return ("certificate rejected");
-	case X509_V_ERR_APPLICATION_VERIFICATION:
-		return("application verification failure");
-	case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
-		return("subject issuer mismatch");
-	case X509_V_ERR_AKID_SKID_MISMATCH:
-		return("authority and subject key identifier mismatch");
-	case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
-		return("authority and issuer serial number mismatch");
-	case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
-		return("key usage does not include certificate signing");
-	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-		return("unable to get CRL issuer certificate");
-	case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
-		return("unhandled critical extension");
-	case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
-		return("key usage does not include CRL signing");
-	case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
-		return("key usage does not include digital signature");
-	case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
-		return("unhandled critical CRL extension");
-	case X509_V_ERR_INVALID_EXTENSION:
-		return("invalid or inconsistent certificate extension");
-	case X509_V_ERR_INVALID_POLICY_EXTENSION:
-		return("invalid or inconsistent certificate policy extension");
-	case X509_V_ERR_NO_EXPLICIT_POLICY:
-		return("no explicit policy");
-	case X509_V_ERR_DIFFERENT_CRL_SCOPE:
-		return("Different CRL scope");
-	case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
-		return("Unsupported extension feature");
-	case X509_V_ERR_UNNESTED_RESOURCE:
-		return("RFC 3779 resource not subset of parent's resources");
-	case X509_V_ERR_PERMITTED_VIOLATION:
-		return("permitted subtree violation");
-	case X509_V_ERR_EXCLUDED_VIOLATION:
-		return("excluded subtree violation");
-	case X509_V_ERR_SUBTREE_MINMAX:
-		return("name constraints minimum and maximum not supported");
-	case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
-		return("unsupported name constraint type");
-	case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
-		return("unsupported or invalid name constraint syntax");
-	case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
-		return("unsupported or invalid name syntax");
-	case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
-		return("CRL path validation error");
-
-	default:
-		(void) snprintf(buf, sizeof buf, "error number %ld", n);
-		return(buf);
-	}
-}
diff --git a/lib/libssl/src/crypto/x509/x509_v3.c b/lib/libssl/src/crypto/x509/x509_v3.c
deleted file mode 100644
index d9ec9c8c14b..00000000000
--- a/lib/libssl/src/crypto/x509/x509_v3.c
+++ /dev/null
@@ -1,300 +0,0 @@
-/* $OpenBSD: x509_v3.c,v 1.13 2016/03/21 04:05:33 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-int
-X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
-{
-	if (x == NULL)
-		return (0);
-	return (sk_X509_EXTENSION_num(x));
-}
-
-int
-X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, int lastpos)
-{
-	ASN1_OBJECT *obj;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL)
-		return (-2);
-	return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
-}
-
-int
-X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
-    int lastpos)
-{
-	int n;
-	X509_EXTENSION *ex;
-
-	if (sk == NULL)
-		return (-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos = 0;
-	n = sk_X509_EXTENSION_num(sk);
-	for (; lastpos < n; lastpos++) {
-		ex = sk_X509_EXTENSION_value(sk, lastpos);
-		if (OBJ_cmp(ex->object, obj) == 0)
-			return (lastpos);
-	}
-	return (-1);
-}
-
-int
-X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
-    int lastpos)
-{
-	int n;
-	X509_EXTENSION *ex;
-
-	if (sk == NULL)
-		return (-1);
-	lastpos++;
-	if (lastpos < 0)
-		lastpos = 0;
-	n = sk_X509_EXTENSION_num(sk);
-	for (; lastpos < n; lastpos++) {
-		ex = sk_X509_EXTENSION_value(sk, lastpos);
-		if (((ex->critical > 0) && crit) ||
-		    ((ex->critical <= 0) && !crit))
-			return (lastpos);
-	}
-	return (-1);
-}
-
-X509_EXTENSION *
-X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
-{
-	if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-		return NULL;
-	else
-		return sk_X509_EXTENSION_value(x, loc);
-}
-
-X509_EXTENSION *
-X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
-{
-	X509_EXTENSION *ret;
-
-	if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
-		return (NULL);
-	ret = sk_X509_EXTENSION_delete(x, loc);
-	return (ret);
-}
-
-STACK_OF(X509_EXTENSION) *
-X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc)
-{
-	X509_EXTENSION *new_ex = NULL;
-	int n;
-	STACK_OF(X509_EXTENSION) *sk = NULL;
-
-	if (x == NULL) {
-		X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
-		goto err2;
-	}
-
-	if (*x == NULL) {
-		if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
-			goto err;
-	} else
-		sk= *x;
-
-	n = sk_X509_EXTENSION_num(sk);
-	if (loc > n)
-		loc = n;
-	else if (loc < 0)
-		loc = n;
-
-	if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
-		goto err2;
-	if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
-		goto err;
-	if (*x == NULL)
-		*x = sk;
-	return (sk);
-
-err:
-	X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
-err2:
-	if (new_ex != NULL)
-		X509_EXTENSION_free(new_ex);
-	if (sk != NULL && (x != NULL && sk != *x))
-		sk_X509_EXTENSION_free(sk);
-	return (NULL);
-}
-
-X509_EXTENSION *
-X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, int crit,
-    ASN1_OCTET_STRING *data)
-{
-	ASN1_OBJECT *obj;
-	X509_EXTENSION *ret;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL) {
-		X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,
-		    X509_R_UNKNOWN_NID);
-		return (NULL);
-	}
-	ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
-	if (ret == NULL)
-		ASN1_OBJECT_free(obj);
-	return (ret);
-}
-
-X509_EXTENSION *
-X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, ASN1_OBJECT *obj, int crit,
-    ASN1_OCTET_STRING *data)
-{
-	X509_EXTENSION *ret;
-
-	if ((ex == NULL) || (*ex == NULL)) {
-		if ((ret = X509_EXTENSION_new()) == NULL) {
-			X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
-			    ERR_R_MALLOC_FAILURE);
-			return (NULL);
-		}
-	} else
-		ret= *ex;
-
-	if (!X509_EXTENSION_set_object(ret, obj))
-		goto err;
-	if (!X509_EXTENSION_set_critical(ret, crit))
-		goto err;
-	if (!X509_EXTENSION_set_data(ret, data))
-		goto err;
-
-	if ((ex != NULL) && (*ex == NULL))
-		*ex = ret;
-	return (ret);
-
-err:
-	if ((ex == NULL) || (ret != *ex))
-		X509_EXTENSION_free(ret);
-	return (NULL);
-}
-
-int
-X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
-{
-	if ((ex == NULL) || (obj == NULL))
-		return (0);
-	ASN1_OBJECT_free(ex->object);
-	ex->object = OBJ_dup(obj);
-	return ex->object != NULL;
-}
-
-int
-X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
-{
-	if (ex == NULL)
-		return (0);
-	ex->critical = (crit) ? 0xFF : -1;
-	return (1);
-}
-
-int
-X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
-{
-	int i;
-
-	if (ex == NULL)
-		return (0);
-	i = ASN1_STRING_set(ex->value, data->data, data->length);
-	if (!i)
-		return (0);
-	return (1);
-}
-
-ASN1_OBJECT *
-X509_EXTENSION_get_object(X509_EXTENSION *ex)
-{
-	if (ex == NULL)
-		return (NULL);
-	return (ex->object);
-}
-
-ASN1_OCTET_STRING *
-X509_EXTENSION_get_data(X509_EXTENSION *ex)
-{
-	if (ex == NULL)
-		return (NULL);
-	return (ex->value);
-}
-
-int
-X509_EXTENSION_get_critical(X509_EXTENSION *ex)
-{
-	if (ex == NULL)
-		return (0);
-	if (ex->critical > 0)
-		return 1;
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_vfy.c b/lib/libssl/src/crypto/x509/x509_vfy.c
deleted file mode 100644
index 5c043aa7b18..00000000000
--- a/lib/libssl/src/crypto/x509/x509_vfy.c
+++ /dev/null
@@ -1,2157 +0,0 @@
-/* $OpenBSD: x509_vfy.c,v 1.49 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-#include "x509_lcl.h"
-
-/* CRL score values */
-
-/* No unhandled critical extensions */
-
-#define CRL_SCORE_NOCRITICAL	0x100
-
-/* certificate is within CRL scope */
-
-#define CRL_SCORE_SCOPE		0x080
-
-/* CRL times valid */
-
-#define CRL_SCORE_TIME		0x040
-
-/* Issuer name matches certificate */
-
-#define CRL_SCORE_ISSUER_NAME	0x020
-
-/* If this score or above CRL is probably valid */
-
-#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
-
-/* CRL issuer is certificate issuer */
-
-#define CRL_SCORE_ISSUER_CERT	0x018
-
-/* CRL issuer is on certificate path */
-
-#define CRL_SCORE_SAME_PATH	0x008
-
-/* CRL issuer matches CRL AKID */
-
-#define CRL_SCORE_AKID		0x004
-
-/* Have a delta CRL with valid times */
-
-#define CRL_SCORE_TIME_DELTA	0x002
-
-static int null_callback(int ok, X509_STORE_CTX *e);
-static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
-static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_extensions(X509_STORE_CTX *ctx);
-static int check_name_constraints(X509_STORE_CTX *ctx);
-static int check_trust(X509_STORE_CTX *ctx);
-static int check_revocation(X509_STORE_CTX *ctx);
-static int check_cert(X509_STORE_CTX *ctx);
-static int check_policy(X509_STORE_CTX *ctx);
-
-static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
-    unsigned int *preasons, X509_CRL *crl, X509 *x);
-static int get_crl_delta(X509_STORE_CTX *ctx,
-    X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
-static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score,
-    X509_CRL *base, STACK_OF(X509_CRL) *crls);
-static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
-    int *pcrl_score);
-static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
-    unsigned int *preasons);
-static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
-static int check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path,
-    STACK_OF(X509) *crl_path);
-
-static int internal_verify(X509_STORE_CTX *ctx);
-
-static int
-null_callback(int ok, X509_STORE_CTX *e)
-{
-	return ok;
-}
-
-#if 0
-static int
-x509_subject_cmp(X509 **a, X509 **b)
-{
-	return X509_subject_name_cmp(*a, *b);
-}
-#endif
-
-int
-X509_verify_cert(X509_STORE_CTX *ctx)
-{
-	X509 *x, *xtmp, *chain_ss = NULL;
-	int bad_chain = 0;
-	X509_VERIFY_PARAM *param = ctx->param;
-	int depth, i, ok = 0;
-	int num;
-	int (*cb)(int xok, X509_STORE_CTX *xctx);
-	STACK_OF(X509) *sktmp = NULL;
-
-	if (ctx->cert == NULL) {
-		X509err(X509_F_X509_VERIFY_CERT,
-		    X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
-		return -1;
-	}
-
-	cb = ctx->verify_cb;
-
-	/* first we make sure the chain we are going to build is
-	 * present and that the first entry is in place */
-	if (ctx->chain == NULL) {
-		if (((ctx->chain = sk_X509_new_null()) == NULL) ||
-		    (!sk_X509_push(ctx->chain, ctx->cert))) {
-			X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-			goto end;
-		}
-		CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
-		ctx->last_untrusted = 1;
-	}
-
-	/* We use a temporary STACK so we can chop and hack at it */
-	if (ctx->untrusted != NULL &&
-	    (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
-		X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-		goto end;
-	}
-
-	num = sk_X509_num(ctx->chain);
-	x = sk_X509_value(ctx->chain, num - 1);
-	depth = param->depth;
-
-	for (;;) {
-		/* If we have enough, we break */
-		if (depth < num)
-			break;	/* FIXME: If this happens, we should take
-				 * note of it and, if appropriate, use the
-				 * X509_V_ERR_CERT_CHAIN_TOO_LONG error
-				 * code later.
-				 */
-
-		/* If we are self signed, we break */
-		if (ctx->check_issued(ctx, x, x))
-			break;
-
-		/* If we were passed a cert chain, use it first */
-		if (ctx->untrusted != NULL) {
-			xtmp = find_issuer(ctx, sktmp, x);
-			if (xtmp != NULL) {
-				if (!sk_X509_push(ctx->chain, xtmp)) {
-					X509err(X509_F_X509_VERIFY_CERT,
-					    ERR_R_MALLOC_FAILURE);
-					goto end;
-				}
-				CRYPTO_add(&xtmp->references, 1,
-				    CRYPTO_LOCK_X509);
-				(void)sk_X509_delete_ptr(sktmp, xtmp);
-				ctx->last_untrusted++;
-				x = xtmp;
-				num++;
-				/* reparse the full chain for
-				 * the next one */
-				continue;
-			}
-		}
-		break;
-	}
-	sk_X509_free(sktmp);
-	sktmp = NULL;
-	
-	/* at this point, chain should contain a list of untrusted
-	 * certificates.  We now need to add at least one trusted one,
-	 * if possible, otherwise we complain. */
-
-	/* Examine last certificate in chain and see if it
- 	 * is self signed.
- 	 */
-
-	i = sk_X509_num(ctx->chain);
-	x = sk_X509_value(ctx->chain, i - 1);
-	if (ctx->check_issued(ctx, x, x)) {
-		/* we have a self signed certificate */
-		if (sk_X509_num(ctx->chain) == 1) {
-			/* We have a single self signed certificate: see if
-			 * we can find it in the store. We must have an exact
-			 * match to avoid possible impersonation.
-			 */
-			ok = ctx->get_issuer(&xtmp, ctx, x);
-			if ((ok <= 0) || X509_cmp(x, xtmp)) {
-				ctx->error =
-				    X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
-				ctx->current_cert = x;
-				ctx->error_depth = i - 1;
-				if (ok == 1)
-					X509_free(xtmp);
-				bad_chain = 1;
-				ok = cb(0, ctx);
-				if (!ok)
-					goto end;
-			} else {
-				/* We have a match: replace certificate with store version
-				 * so we get any trust settings.
-				 */
-				X509_free(x);
-				x = xtmp;
-				(void)sk_X509_set(ctx->chain, i - 1, x);
-				ctx->last_untrusted = 0;
-			}
-		} else {
-			/* extract and save self signed certificate for later use */
-			chain_ss = sk_X509_pop(ctx->chain);
-			ctx->last_untrusted--;
-			num--;
-			x = sk_X509_value(ctx->chain, num - 1);
-		}
-	}
-
-	/* We now lookup certs from the certificate store */
-	for (;;) {
-		/* If we have enough, we break */
-		if (depth < num)
-			break;
-
-		/* If we are self signed, we break */
-		if (ctx->check_issued(ctx, x, x))
-			break;
-
-		ok = ctx->get_issuer(&xtmp, ctx, x);
-		if (ok < 0)
-			return ok;
-		if (ok == 0)
-			break;
-
-		x = xtmp;
-		if (!sk_X509_push(ctx->chain, x)) {
-			X509_free(xtmp);
-			X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		num++;
-	}
-
-	/* we now have our chain, lets check it... */
-
-	/* Is last certificate looked up self signed? */
-	if (!ctx->check_issued(ctx, x, x)) {
-		if ((chain_ss == NULL) ||
-		    !ctx->check_issued(ctx, x, chain_ss)) {
-			if (ctx->last_untrusted >= num)
-				ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
-			else
-				ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
-			ctx->current_cert = x;
-		} else {
-
-			if (!sk_X509_push(ctx->chain, chain_ss)) {
-				X509_free(chain_ss);
-				X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-			num++;
-			ctx->last_untrusted = num;
-			ctx->current_cert = chain_ss;
-			ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
-			chain_ss = NULL;
-		}
-
-		ctx->error_depth = num - 1;
-		bad_chain = 1;
-		ok = cb(0, ctx);
-		if (!ok)
-			goto end;
-	}
-
-	/* We have the chain complete: now we need to check its purpose */
-	ok = check_chain_extensions(ctx);
-
-	if (!ok)
-		goto end;
-
-	/* Check name constraints */
-
-	ok = check_name_constraints(ctx);
-
-	if (!ok)
-		goto end;
-
-	/* The chain extensions are OK: check trust */
-
-	if (param->trust > 0)
-		ok = check_trust(ctx);
-
-	if (!ok)
-		goto end;
-
-	/* We may as well copy down any DSA parameters that are required */
-	X509_get_pubkey_parameters(NULL, ctx->chain);
-
-	/* Check revocation status: we do this after copying parameters
-	 * because they may be needed for CRL signature verification.
-	 */
-
-	ok = ctx->check_revocation(ctx);
-	if (!ok)
-		goto end;
-
-	/* At this point, we have a chain and need to verify it */
-	if (ctx->verify != NULL)
-		ok = ctx->verify(ctx);
-	else
-		ok = internal_verify(ctx);
-	if (!ok)
-		goto end;
-
-	/* If we get this far evaluate policies */
-	if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
-		ok = ctx->check_policy(ctx);
-	if (!ok)
-		goto end;
-	if (0) {
-end:
-		X509_get_pubkey_parameters(NULL, ctx->chain);
-	}
-	if (sktmp != NULL)
-		sk_X509_free(sktmp);
-	X509_free(chain_ss);
-	return ok;
-}
-
-
-/* Given a STACK_OF(X509) find the issuer of cert (if any)
- */
-
-static X509 *
-find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
-{
-	int i;
-	X509 *issuer, *rv = NULL;
-
-	for (i = 0; i < sk_X509_num(sk); i++) {
-		issuer = sk_X509_value(sk, i);
-		if (ctx->check_issued(ctx, x, issuer)) {
-			rv = issuer;
-			if (x509_check_cert_time(ctx, rv, 1))
-				break;
-		}
-	}
-	return rv;
-}
-
-/* Given a possible certificate and issuer check them */
-
-static int
-check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
-{
-	int ret;
-
-	ret = X509_check_issued(issuer, x);
-	if (ret == X509_V_OK)
-		return 1;
-	/* If we haven't asked for issuer errors don't set ctx */
-	if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
-		return 0;
-
-	ctx->error = ret;
-	ctx->current_cert = x;
-	ctx->current_issuer = issuer;
-	return ctx->verify_cb(0, ctx);
-}
-
-/* Alternative lookup method: look from a STACK stored in other_ctx */
-
-static int
-get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
-{
-	*issuer = find_issuer(ctx, ctx->other_ctx, x);
-	if (*issuer) {
-		CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
-		return 1;
-	} else
-		return 0;
-}
-
-/* Check a certificate chains extensions for consistency
- * with the supplied purpose
- */
-
-static int
-check_chain_extensions(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
-	return 1;
-#else
-	int i, ok = 0, must_be_ca, plen = 0;
-	X509 *x;
-	int (*cb)(int xok, X509_STORE_CTX *xctx);
-	int proxy_path_length = 0;
-	int purpose;
-	int allow_proxy_certs;
-
-	cb = ctx->verify_cb;
-
-	/* must_be_ca can have 1 of 3 values:
-	   -1: we accept both CA and non-CA certificates, to allow direct
-	       use of self-signed certificates (which are marked as CA).
-	   0:  we only accept non-CA certificates.  This is currently not
-	       used, but the possibility is present for future extensions.
-	   1:  we only accept CA certificates.  This is currently used for
-	       all certificates in the chain except the leaf certificate.
-	*/
-	must_be_ca = -1;
-
-	/* CRL path validation */
-	if (ctx->parent) {
-		allow_proxy_certs = 0;
-		purpose = X509_PURPOSE_CRL_SIGN;
-	} else {
-		allow_proxy_certs =
-		    !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
-		purpose = ctx->param->purpose;
-	}
-
-	/* Check all untrusted certificates */
-	for (i = 0; i < ctx->last_untrusted; i++) {
-		int ret;
-		x = sk_X509_value(ctx->chain, i);
-		if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) &&
-		    (x->ex_flags & EXFLAG_CRITICAL)) {
-			ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok = cb(0, ctx);
-			if (!ok)
-				goto end;
-		}
-		if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) {
-			ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok = cb(0, ctx);
-			if (!ok)
-				goto end;
-		}
-		ret = X509_check_ca(x);
-		switch (must_be_ca) {
-		case -1:
-			if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) &&
-			    (ret != 1) && (ret != 0)) {
-				ret = 0;
-				ctx->error = X509_V_ERR_INVALID_CA;
-			} else
-				ret = 1;
-			break;
-		case 0:
-			if (ret != 0) {
-				ret = 0;
-				ctx->error = X509_V_ERR_INVALID_NON_CA;
-			} else
-				ret = 1;
-			break;
-		default:
-			if ((ret == 0) ||
-			    ((ctx->param->flags & X509_V_FLAG_X509_STRICT) &&
-			    (ret != 1))) {
-				ret = 0;
-				ctx->error = X509_V_ERR_INVALID_CA;
-			} else
-				ret = 1;
-			break;
-		}
-		if (ret == 0) {
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok = cb(0, ctx);
-			if (!ok)
-				goto end;
-		}
-		if (ctx->param->purpose > 0) {
-			ret = X509_check_purpose(x, purpose, must_be_ca > 0);
-			if ((ret == 0) ||
-			    ((ctx->param->flags & X509_V_FLAG_X509_STRICT) &&
-			    (ret != 1))) {
-				ctx->error = X509_V_ERR_INVALID_PURPOSE;
-				ctx->error_depth = i;
-				ctx->current_cert = x;
-				ok = cb(0, ctx);
-				if (!ok)
-					goto end;
-			}
-		}
-		/* Check pathlen if not self issued */
-		if ((i > 1) && !(x->ex_flags & EXFLAG_SI) &&
-		    (x->ex_pathlen != -1) &&
-		    (plen > (x->ex_pathlen + proxy_path_length + 1))) {
-			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
-			ctx->error_depth = i;
-			ctx->current_cert = x;
-			ok = cb(0, ctx);
-			if (!ok)
-				goto end;
-		}
-		/* Increment path length if not self issued */
-		if (!(x->ex_flags & EXFLAG_SI))
-			plen++;
-		/* If this certificate is a proxy certificate, the next
-		   certificate must be another proxy certificate or a EE
-		   certificate.  If not, the next certificate must be a
-		   CA certificate.  */
-		if (x->ex_flags & EXFLAG_PROXY) {
-			if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) {
-				ctx->error =
-				    X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
-				ctx->error_depth = i;
-				ctx->current_cert = x;
-				ok = cb(0, ctx);
-				if (!ok)
-					goto end;
-			}
-			proxy_path_length++;
-			must_be_ca = 0;
-		} else
-			must_be_ca = 1;
-	}
-	ok = 1;
-
-end:
-	return ok;
-#endif
-}
-
-static int
-check_name_constraints(X509_STORE_CTX *ctx)
-{
-	X509 *x;
-	int i, j, rv;
-
-	/* Check name constraints for all certificates */
-	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
-		x = sk_X509_value(ctx->chain, i);
-		/* Ignore self issued certs unless last in chain */
-		if (i && (x->ex_flags & EXFLAG_SI))
-			continue;
-		/* Check against constraints for all certificates higher in
-		 * chain including trust anchor. Trust anchor not strictly
-		 * speaking needed but if it includes constraints it is to be
-		 * assumed it expects them to be obeyed.
-		 */
-		for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
-			NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
-			if (nc) {
-				rv = NAME_CONSTRAINTS_check(x, nc);
-				if (rv != X509_V_OK) {
-					ctx->error = rv;
-					ctx->error_depth = i;
-					ctx->current_cert = x;
-					if (!ctx->verify_cb(0, ctx))
-						return 0;
-				}
-			}
-		}
-	}
-	return 1;
-}
-
-static int
-check_trust(X509_STORE_CTX *ctx)
-{
-#ifdef OPENSSL_NO_CHAIN_VERIFY
-	return 1;
-#else
-	int i, ok;
-	X509 *x;
-	int (*cb)(int xok, X509_STORE_CTX *xctx);
-
-	cb = ctx->verify_cb;
-	/* For now just check the last certificate in the chain */
-	i = sk_X509_num(ctx->chain) - 1;
-	x = sk_X509_value(ctx->chain, i);
-	ok = X509_check_trust(x, ctx->param->trust, 0);
-	if (ok == X509_TRUST_TRUSTED)
-		return 1;
-	ctx->error_depth = i;
-	ctx->current_cert = x;
-	if (ok == X509_TRUST_REJECTED)
-		ctx->error = X509_V_ERR_CERT_REJECTED;
-	else
-		ctx->error = X509_V_ERR_CERT_UNTRUSTED;
-	ok = cb(0, ctx);
-	return ok;
-#endif
-}
-
-static int
-check_revocation(X509_STORE_CTX *ctx)
-{
-	int i, last, ok;
-
-	if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
-		return 1;
-	if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
-		last = sk_X509_num(ctx->chain) - 1;
-	else {
-		/* If checking CRL paths this isn't the EE certificate */
-		if (ctx->parent)
-			return 1;
-		last = 0;
-	}
-	for (i = 0; i <= last; i++) {
-		ctx->error_depth = i;
-		ok = check_cert(ctx);
-		if (!ok)
-			return ok;
-	}
-	return 1;
-}
-
-static int
-check_cert(X509_STORE_CTX *ctx)
-{
-	X509_CRL *crl = NULL, *dcrl = NULL;
-	X509 *x;
-	int ok = 0, cnum;
-	unsigned int last_reasons;
-
-	cnum = ctx->error_depth;
-	x = sk_X509_value(ctx->chain, cnum);
-	ctx->current_cert = x;
-	ctx->current_issuer = NULL;
-	ctx->current_crl_score = 0;
-	ctx->current_reasons = 0;
-	while (ctx->current_reasons != CRLDP_ALL_REASONS) {
-		last_reasons = ctx->current_reasons;
-		/* Try to retrieve relevant CRL */
-		if (ctx->get_crl)
-			ok = ctx->get_crl(ctx, &crl, x);
-		else
-			ok = get_crl_delta(ctx, &crl, &dcrl, x);
-		/* If error looking up CRL, nothing we can do except
-		 * notify callback
-		 */
-		if (!ok) {
-			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-			ok = ctx->verify_cb(0, ctx);
-			goto err;
-		}
-		ctx->current_crl = crl;
-		ok = ctx->check_crl(ctx, crl);
-		if (!ok)
-			goto err;
-
-		if (dcrl) {
-			ok = ctx->check_crl(ctx, dcrl);
-			if (!ok)
-				goto err;
-			ok = ctx->cert_crl(ctx, dcrl, x);
-			if (!ok)
-				goto err;
-		} else
-			ok = 1;
-
-		/* Don't look in full CRL if delta reason is removefromCRL */
-		if (ok != 2) {
-			ok = ctx->cert_crl(ctx, crl, x);
-			if (!ok)
-				goto err;
-		}
-
-		ctx->current_crl = NULL;
-		X509_CRL_free(crl);
-		X509_CRL_free(dcrl);
-		crl = NULL;
-		dcrl = NULL;
-		/* If reasons not updated we wont get anywhere by
-		 * another iteration, so exit loop.
-		 */
-		if (last_reasons == ctx->current_reasons) {
-			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
-			ok = ctx->verify_cb(0, ctx);
-			goto err;
-		}
-	}
-
-err:
-	ctx->current_crl = NULL;
-	X509_CRL_free(crl);
-	X509_CRL_free(dcrl);
-	return ok;
-}
-
-/* Check CRL times against values in X509_STORE_CTX */
-
-static int
-check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
-{
-	time_t *ptime = NULL;
-	int i;
-
-	if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)
-		return (1);
-
-	if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
-		ptime = &ctx->param->check_time;
-
-	if (notify)
-		ctx->current_crl = crl;
-
-	i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
-	if (i == 0) {
-		if (!notify)
-			return 0;
-		ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	if (i > 0) {
-		if (!notify)
-			return 0;
-		ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	if (X509_CRL_get_nextUpdate(crl)) {
-		i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
-
-		if (i == 0) {
-			if (!notify)
-				return 0;
-			ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
-			if (!ctx->verify_cb(0, ctx))
-				return 0;
-		}
-		/* Ignore expiry of base CRL is delta is valid */
-		if ((i < 0) &&
-		    !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
-			if (!notify)
-				return 0;
-			ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
-			if (!ctx->verify_cb(0, ctx))
-				return 0;
-		}
-	}
-
-	if (notify)
-		ctx->current_crl = NULL;
-
-	return 1;
-}
-
-static int
-get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
-    X509 **pissuer, int *pscore, unsigned int *preasons,
-    STACK_OF(X509_CRL) *crls)
-{
-	int i, crl_score, best_score = *pscore;
-	unsigned int reasons, best_reasons = 0;
-	X509 *x = ctx->current_cert;
-	X509_CRL *crl, *best_crl = NULL;
-	X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
-
-	for (i = 0; i < sk_X509_CRL_num(crls); i++) {
-		crl = sk_X509_CRL_value(crls, i);
-		reasons = *preasons;
-		crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
-
-		if (crl_score > best_score) {
-			best_crl = crl;
-			best_crl_issuer = crl_issuer;
-			best_score = crl_score;
-			best_reasons = reasons;
-		}
-	}
-
-	if (best_crl) {
-		if (*pcrl)
-			X509_CRL_free(*pcrl);
-		*pcrl = best_crl;
-		*pissuer = best_crl_issuer;
-		*pscore = best_score;
-		*preasons = best_reasons;
-		CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
-		if (*pdcrl) {
-			X509_CRL_free(*pdcrl);
-			*pdcrl = NULL;
-		}
-		get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
-	}
-
-	if (best_score >= CRL_SCORE_VALID)
-		return 1;
-
-	return 0;
-}
-
-/* Compare two CRL extensions for delta checking purposes. They should be
- * both present or both absent. If both present all fields must be identical.
- */
-
-static int
-crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
-{
-	ASN1_OCTET_STRING *exta, *extb;
-	int i;
-
-	i = X509_CRL_get_ext_by_NID(a, nid, -1);
-	if (i >= 0) {
-		/* Can't have multiple occurrences */
-		if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
-			return 0;
-		exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
-	} else
-		exta = NULL;
-
-	i = X509_CRL_get_ext_by_NID(b, nid, -1);
-
-	if (i >= 0) {
-		if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
-			return 0;
-		extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
-	} else
-		extb = NULL;
-
-	if (!exta && !extb)
-		return 1;
-
-	if (!exta || !extb)
-		return 0;
-
-	if (ASN1_OCTET_STRING_cmp(exta, extb))
-		return 0;
-
-	return 1;
-}
-
-/* See if a base and delta are compatible */
-
-static int
-check_delta_base(X509_CRL *delta, X509_CRL *base)
-{
-	/* Delta CRL must be a delta */
-	if (!delta->base_crl_number)
-		return 0;
-	/* Base must have a CRL number */
-	if (!base->crl_number)
-		return 0;
-	/* Issuer names must match */
-	if (X509_NAME_cmp(X509_CRL_get_issuer(base),
-	    X509_CRL_get_issuer(delta)))
-		return 0;
-	/* AKID and IDP must match */
-	if (!crl_extension_match(delta, base, NID_authority_key_identifier))
-		return 0;
-	if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
-		return 0;
-	/* Delta CRL base number must not exceed Full CRL number. */
-	if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
-		return 0;
-	/* Delta CRL number must exceed full CRL number */
-	if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
-		return 1;
-	return 0;
-}
-
-/* For a given base CRL find a delta... maybe extend to delta scoring
- * or retrieve a chain of deltas...
- */
-
-static void
-get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, X509_CRL *base,
-    STACK_OF(X509_CRL) *crls)
-{
-	X509_CRL *delta;
-	int i;
-
-	if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
-		return;
-	if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
-		return;
-	for (i = 0; i < sk_X509_CRL_num(crls); i++) {
-		delta = sk_X509_CRL_value(crls, i);
-		if (check_delta_base(delta, base)) {
-			if (check_crl_time(ctx, delta, 0))
-				*pscore |= CRL_SCORE_TIME_DELTA;
-			CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
-			*dcrl = delta;
-			return;
-		}
-	}
-	*dcrl = NULL;
-}
-
-/* For a given CRL return how suitable it is for the supplied certificate 'x'.
- * The return value is a mask of several criteria.
- * If the issuer is not the certificate issuer this is returned in *pissuer.
- * The reasons mask is also used to determine if the CRL is suitable: if
- * no new reasons the CRL is rejected, otherwise reasons is updated.
- */
-
-static int
-get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, unsigned int *preasons,
-    X509_CRL *crl, X509 *x)
-{
-	int crl_score = 0;
-	unsigned int tmp_reasons = *preasons, crl_reasons;
-
-	/* First see if we can reject CRL straight away */
-
-	/* Invalid IDP cannot be processed */
-	if (crl->idp_flags & IDP_INVALID)
-		return 0;
-	/* Reason codes or indirect CRLs need extended CRL support */
-	if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
-		if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
-			return 0;
-	} else if (crl->idp_flags & IDP_REASONS) {
-		/* If no new reasons reject */
-		if (!(crl->idp_reasons & ~tmp_reasons))
-			return 0;
-	}
-	/* Don't process deltas at this stage */
-	else if (crl->base_crl_number)
-		return 0;
-	/* If issuer name doesn't match certificate need indirect CRL */
-	if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
-		if (!(crl->idp_flags & IDP_INDIRECT))
-			return 0;
-	} else
-		crl_score |= CRL_SCORE_ISSUER_NAME;
-
-	if (!(crl->flags & EXFLAG_CRITICAL))
-		crl_score |= CRL_SCORE_NOCRITICAL;
-
-	/* Check expiry */
-	if (check_crl_time(ctx, crl, 0))
-		crl_score |= CRL_SCORE_TIME;
-
-	/* Check authority key ID and locate certificate issuer */
-	crl_akid_check(ctx, crl, pissuer, &crl_score);
-
-	/* If we can't locate certificate issuer at this point forget it */
-
-	if (!(crl_score & CRL_SCORE_AKID))
-		return 0;
-
-	/* Check cert for matching CRL distribution points */
-
-	if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
-		/* If no new reasons reject */
-		if (!(crl_reasons & ~tmp_reasons))
-			return 0;
-		tmp_reasons |= crl_reasons;
-		crl_score |= CRL_SCORE_SCOPE;
-	}
-
-	*preasons = tmp_reasons;
-
-	return crl_score;
-}
-
-static void
-crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
-    int *pcrl_score)
-{
-	X509 *crl_issuer = NULL;
-	X509_NAME *cnm = X509_CRL_get_issuer(crl);
-	int cidx = ctx->error_depth;
-	int i;
-
-	if (cidx != sk_X509_num(ctx->chain) - 1)
-		cidx++;
-
-	crl_issuer = sk_X509_value(ctx->chain, cidx);
-
-	if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-		if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
-			*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT;
-			*pissuer = crl_issuer;
-			return;
-		}
-	}
-
-	for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
-		crl_issuer = sk_X509_value(ctx->chain, cidx);
-		if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
-			continue;
-		if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-			*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH;
-			*pissuer = crl_issuer;
-			return;
-		}
-	}
-
-	/* Anything else needs extended CRL support */
-
-	if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
-		return;
-
-	/* Otherwise the CRL issuer is not on the path. Look for it in the
-	 * set of untrusted certificates.
-	 */
-	for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
-		crl_issuer = sk_X509_value(ctx->untrusted, i);
-		if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
-			continue;
-		if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
-			*pissuer = crl_issuer;
-			*pcrl_score |= CRL_SCORE_AKID;
-			return;
-		}
-	}
-}
-
-/* Check the path of a CRL issuer certificate. This creates a new
- * X509_STORE_CTX and populates it with most of the parameters from the
- * parent. This could be optimised somewhat since a lot of path checking
- * will be duplicated by the parent, but this will rarely be used in
- * practice.
- */
-
-static int
-check_crl_path(X509_STORE_CTX *ctx, X509 *x)
-{
-	X509_STORE_CTX crl_ctx;
-	int ret;
-
-	/* Don't allow recursive CRL path validation */
-	if (ctx->parent)
-		return 0;
-	if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)) {
-		ret = -1;
-		goto err;
-	}
-
-	crl_ctx.crls = ctx->crls;
-	/* Copy verify params across */
-	X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
-
-	crl_ctx.parent = ctx;
-	crl_ctx.verify_cb = ctx->verify_cb;
-
-	/* Verify CRL issuer */
-	ret = X509_verify_cert(&crl_ctx);
-
-	if (ret <= 0)
-		goto err;
-
-	/* Check chain is acceptable */
-	ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
-
-err:
-	X509_STORE_CTX_cleanup(&crl_ctx);
-	return ret;
-}
-
-/* RFC3280 says nothing about the relationship between CRL path
- * and certificate path, which could lead to situations where a
- * certificate could be revoked or validated by a CA not authorised
- * to do so. RFC5280 is more strict and states that the two paths must
- * end in the same trust anchor, though some discussions remain...
- * until this is resolved we use the RFC5280 version
- */
-
-static int
-check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path,
-    STACK_OF(X509) *crl_path)
-{
-	X509 *cert_ta, *crl_ta;
-
-	cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
-	crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
-	if (!X509_cmp(cert_ta, crl_ta))
-		return 1;
-	return 0;
-}
-
-/* Check for match between two dist point names: three separate cases.
- * 1. Both are relative names and compare X509_NAME types.
- * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
- * 3. Both are full names and compare two GENERAL_NAMES.
- * 4. One is NULL: automatic match.
- */
-
-static int
-idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
-{
-	X509_NAME *nm = NULL;
-	GENERAL_NAMES *gens = NULL;
-	GENERAL_NAME *gena, *genb;
-	int i, j;
-
-	if (!a || !b)
-		return 1;
-	if (a->type == 1) {
-		if (!a->dpname)
-			return 0;
-		/* Case 1: two X509_NAME */
-		if (b->type == 1) {
-			if (!b->dpname)
-				return 0;
-			if (!X509_NAME_cmp(a->dpname, b->dpname))
-				return 1;
-			else
-				return 0;
-		}
-		/* Case 2: set name and GENERAL_NAMES appropriately */
-		nm = a->dpname;
-		gens = b->name.fullname;
-	} else if (b->type == 1) {
-		if (!b->dpname)
-			return 0;
-		/* Case 2: set name and GENERAL_NAMES appropriately */
-		gens = a->name.fullname;
-		nm = b->dpname;
-	}
-
-	/* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
-	if (nm) {
-		for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-			gena = sk_GENERAL_NAME_value(gens, i);
-			if (gena->type != GEN_DIRNAME)
-				continue;
-			if (!X509_NAME_cmp(nm, gena->d.directoryName))
-				return 1;
-		}
-		return 0;
-	}
-
-	/* Else case 3: two GENERAL_NAMES */
-
-	for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
-		gena = sk_GENERAL_NAME_value(a->name.fullname, i);
-		for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
-			genb = sk_GENERAL_NAME_value(b->name.fullname, j);
-			if (!GENERAL_NAME_cmp(gena, genb))
-				return 1;
-		}
-	}
-
-	return 0;
-}
-
-static int
-crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
-{
-	int i;
-	X509_NAME *nm = X509_CRL_get_issuer(crl);
-
-	/* If no CRLissuer return is successful iff don't need a match */
-	if (!dp->CRLissuer)
-		return !!(crl_score & CRL_SCORE_ISSUER_NAME);
-	for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
-		GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
-		if (gen->type != GEN_DIRNAME)
-			continue;
-		if (!X509_NAME_cmp(gen->d.directoryName, nm))
-			return 1;
-	}
-	return 0;
-}
-
-/* Check CRLDP and IDP */
-
-static int
-crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, unsigned int *preasons)
-{
-	int i;
-
-	if (crl->idp_flags & IDP_ONLYATTR)
-		return 0;
-	if (x->ex_flags & EXFLAG_CA) {
-		if (crl->idp_flags & IDP_ONLYUSER)
-			return 0;
-	} else {
-		if (crl->idp_flags & IDP_ONLYCA)
-			return 0;
-	}
-	*preasons = crl->idp_reasons;
-	for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
-		DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
-		if (crldp_check_crlissuer(dp, crl, crl_score)) {
-			if (!crl->idp ||
-			    idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
-				*preasons &= dp->dp_reasons;
-				return 1;
-			}
-		}
-	}
-	if ((!crl->idp || !crl->idp->distpoint) &&
-	    (crl_score & CRL_SCORE_ISSUER_NAME))
-		return 1;
-	return 0;
-}
-
-/* Retrieve CRL corresponding to current certificate.
- * If deltas enabled try to find a delta CRL too
- */
-
-static int
-get_crl_delta(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
-{
-	int ok;
-	X509 *issuer = NULL;
-	int crl_score = 0;
-	unsigned int reasons;
-	X509_CRL *crl = NULL, *dcrl = NULL;
-	STACK_OF(X509_CRL) *skcrl;
-	X509_NAME *nm = X509_get_issuer_name(x);
-
-	reasons = ctx->current_reasons;
-	ok = get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons,
-	    ctx->crls);
-	if (ok)
-		goto done;
-
-	/* Lookup CRLs from store */
-	skcrl = ctx->lookup_crls(ctx, nm);
-
-	/* If no CRLs found and a near match from get_crl_sk use that */
-	if (!skcrl && crl)
-		goto done;
-
-	get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
-
-	sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
-
-done:
-
-	/* If we got any kind of CRL use it and return success */
-	if (crl) {
-		ctx->current_issuer = issuer;
-		ctx->current_crl_score = crl_score;
-		ctx->current_reasons = reasons;
-		*pcrl = crl;
-		*pdcrl = dcrl;
-		return 1;
-	}
-
-	return 0;
-}
-
-/* Check CRL validity */
-static int
-check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
-{
-	X509 *issuer = NULL;
-	EVP_PKEY *ikey = NULL;
-	int ok = 0, chnum, cnum;
-
-	cnum = ctx->error_depth;
-	chnum = sk_X509_num(ctx->chain) - 1;
-	/* if we have an alternative CRL issuer cert use that */
-	if (ctx->current_issuer) {
-		issuer = ctx->current_issuer;
-	} else if (cnum < chnum) {
-		/* Else find CRL issuer: if not last certificate then issuer
-	 	* is next certificate in chain.
-	 	*/
-		issuer = sk_X509_value(ctx->chain, cnum + 1);
-	} else {
-		issuer = sk_X509_value(ctx->chain, chnum);
-		/* If not self signed, can't check signature */
-		if (!ctx->check_issued(ctx, issuer, issuer)) {
-			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
-			ok = ctx->verify_cb(0, ctx);
-			if (!ok)
-				goto err;
-		}
-	}
-
-	if (issuer) {
-		/* Skip most tests for deltas because they have already
-		 * been done
-		 */
-		if (!crl->base_crl_number) {
-			/* Check for cRLSign bit if keyUsage present */
-			if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
-			    !(issuer->ex_kusage & KU_CRL_SIGN)) {
-				ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
-				ok = ctx->verify_cb(0, ctx);
-				if (!ok)
-					goto err;
-			}
-
-			if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
-				ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
-				ok = ctx->verify_cb(0, ctx);
-				if (!ok)
-					goto err;
-			}
-
-			if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
-				if (check_crl_path(ctx,
-				    ctx->current_issuer) <= 0) {
-					ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
-					ok = ctx->verify_cb(0, ctx);
-					if (!ok)
-						goto err;
-				}
-			}
-
-			if (crl->idp_flags & IDP_INVALID) {
-				ctx->error = X509_V_ERR_INVALID_EXTENSION;
-				ok = ctx->verify_cb(0, ctx);
-				if (!ok)
-					goto err;
-			}
-
-
-		}
-
-		if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
-			ok = check_crl_time(ctx, crl, 1);
-			if (!ok)
-				goto err;
-		}
-
-		/* Attempt to get issuer certificate public key */
-		ikey = X509_get_pubkey(issuer);
-
-		if (!ikey) {
-			ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-			ok = ctx->verify_cb(0, ctx);
-			if (!ok)
-				goto err;
-		} else {
-			/* Verify CRL signature */
-			if (X509_CRL_verify(crl, ikey) <= 0) {
-				ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE;
-				ok = ctx->verify_cb(0, ctx);
-				if (!ok)
-					goto err;
-			}
-		}
-	}
-
-	ok = 1;
-
-err:
-	EVP_PKEY_free(ikey);
-	return ok;
-}
-
-/* Check certificate against CRL */
-static int
-cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
-{
-	int ok;
-	X509_REVOKED *rev;
-
-	/* The rules changed for this... previously if a CRL contained
-	 * unhandled critical extensions it could still be used to indicate
-	 * a certificate was revoked. This has since been changed since
-	 * critical extension can change the meaning of CRL entries.
-	 */
-	if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) &&
-	    (crl->flags & EXFLAG_CRITICAL)) {
-		ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
-		ok = ctx->verify_cb(0, ctx);
-		if (!ok)
-			return 0;
-	}
-	/* Look for serial number of certificate in CRL
-	 * If found make sure reason is not removeFromCRL.
-	 */
-	if (X509_CRL_get0_by_cert(crl, &rev, x)) {
-		if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
-			return 2;
-		ctx->error = X509_V_ERR_CERT_REVOKED;
-		ok = ctx->verify_cb(0, ctx);
-		if (!ok)
-			return 0;
-	}
-
-	return 1;
-}
-
-static int
-check_policy(X509_STORE_CTX *ctx)
-{
-	int ret;
-
-	if (ctx->parent)
-		return 1;
-	ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
-	    ctx->param->policies, ctx->param->flags);
-	if (ret == 0) {
-		X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	/* Invalid or inconsistent extensions */
-	if (ret == -1) {
-		/* Locate certificates with bad extensions and notify
-		 * callback.
-		 */
-		X509 *x;
-		int i;
-		for (i = 1; i < sk_X509_num(ctx->chain); i++) {
-			x = sk_X509_value(ctx->chain, i);
-			if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
-				continue;
-			ctx->current_cert = x;
-			ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
-			if (!ctx->verify_cb(0, ctx))
-				return 0;
-		}
-		return 1;
-	}
-	if (ret == -2) {
-		ctx->current_cert = NULL;
-		ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
-		return ctx->verify_cb(0, ctx);
-	}
-
-	if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
-		ctx->current_cert = NULL;
-		ctx->error = X509_V_OK;
-		if (!ctx->verify_cb(2, ctx))
-			return 0;
-	}
-
-	return 1;
-}
-
-int
-x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int quiet)
-{
-	time_t *ptime = NULL;
-	int i;
-
-	if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME)
-		return (1);
-
-	if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
-		ptime = &ctx->param->check_time;
-
-	i = X509_cmp_time(X509_get_notBefore(x), ptime);
-	if (i == 0) {
-		if (quiet)
-			return 0;
-		ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
-		ctx->current_cert = x;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	if (i > 0) {
-		if (quiet)
-			return 0;
-		ctx->error = X509_V_ERR_CERT_NOT_YET_VALID;
-		ctx->current_cert = x;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	i = X509_cmp_time(X509_get_notAfter(x), ptime);
-	if (i == 0) {
-		if (quiet)
-			return 0;
-		ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
-		ctx->current_cert = x;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	if (i < 0) {
-		if (quiet)
-			return 0;
-		ctx->error = X509_V_ERR_CERT_HAS_EXPIRED;
-		ctx->current_cert = x;
-		if (!ctx->verify_cb(0, ctx))
-			return 0;
-	}
-
-	return 1;
-}
-
-static int
-internal_verify(X509_STORE_CTX *ctx)
-{
-	int ok = 0, n;
-	X509 *xs, *xi;
-	EVP_PKEY *pkey = NULL;
-	int (*cb)(int xok, X509_STORE_CTX *xctx);
-
-	cb = ctx->verify_cb;
-
-	n = sk_X509_num(ctx->chain);
-	ctx->error_depth = n - 1;
-	n--;
-	xi = sk_X509_value(ctx->chain, n);
-
-	if (ctx->check_issued(ctx, xi, xi))
-		xs = xi;
-	else {
-		if (n <= 0) {
-			ctx->error = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
-			ctx->current_cert = xi;
-			ok = cb(0, ctx);
-			goto end;
-		} else {
-			n--;
-			ctx->error_depth = n;
-			xs = sk_X509_value(ctx->chain, n);
-		}
-	}
-
-/*	ctx->error=0;  not needed */
-	while (n >= 0) {
-		ctx->error_depth = n;
-
-		/* Skip signature check for self signed certificates unless
-		 * explicitly asked for. It doesn't add any security and
-		 * just wastes time.
-		 */
-		if (!xs->valid && (xs != xi ||
-		    (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
-			if ((pkey = X509_get_pubkey(xi)) == NULL) {
-				ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
-				ctx->current_cert = xi;
-				ok = (*cb)(0, ctx);
-				if (!ok)
-					goto end;
-			} else if (X509_verify(xs, pkey) <= 0) {
-				ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
-				ctx->current_cert = xs;
-				ok = (*cb)(0, ctx);
-				if (!ok) {
-					EVP_PKEY_free(pkey);
-					goto end;
-				}
-			}
-			EVP_PKEY_free(pkey);
-			pkey = NULL;
-		}
-
-		xs->valid = 1;
-
-		ok = x509_check_cert_time(ctx, xs, 0);
-		if (!ok)
-			goto end;
-
-		/* The last error (if any) is still in the error value */
-		ctx->current_issuer = xi;
-		ctx->current_cert = xs;
-		ok = (*cb)(1, ctx);
-		if (!ok)
-			goto end;
-
-		n--;
-		if (n >= 0) {
-			xi = xs;
-			xs = sk_X509_value(ctx->chain, n);
-		}
-	}
-	ok = 1;
-
-end:
-	return ok;
-}
-
-int
-X509_cmp_current_time(const ASN1_TIME *ctm)
-{
-	return X509_cmp_time(ctm, NULL);
-}
-
-/*
- * Compare a possibly unvalidated ASN1_TIME string against a time_t
- * using RFC 5280 rules for the time string. If *cmp_time is NULL
- * the current system time is used.
- *
- * XXX NOTE that unlike what you expect a "cmp" function to do in C,
- * XXX this one is "special", and returns 0 for error.
- *
- * Returns:
- * -1 if the ASN1_time is earlier than OR the same as *cmp_time.
- * 1 if the ASN1_time is later than *cmp_time.
- * 0 on error.
- */
-int
-X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
-{
-	time_t time1, time2;
-	struct tm tm1, tm2;
-	int ret = 0;
-	int type;
-
-	if (cmp_time == NULL)
-		time2 = time(NULL);
-	else
-		time2 = *cmp_time;
-
-	memset(&tm1, 0, sizeof(tm1));
-
-	if ((type = asn1_time_parse(ctm->data, ctm->length, &tm1, 0)) == -1)
-		goto out; /* invalid time */
-
-	/* RFC 5280 section 4.1.2.5 */
-	if (tm1.tm_year < 150 && type != V_ASN1_UTCTIME)
-		goto out;
-	if (tm1.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME)
-		goto out;
-
-	/*
-	 * Defensively fail if the time string is not representable as
-	 * a time_t. A time_t must be sane if you care about times after
-	 * Jan 19 2038.
-	 */
-	if ((time1 = timegm(&tm1)) == -1)
-		goto out;
-
-	if (gmtime_r(&time2, &tm2) == NULL)
-		goto out;
-
-	ret = asn1_tm_cmp(&tm1, &tm2);
-	if (ret == 0)
-		ret = -1; /* 0 is used for error, so map same to less than */
- out:
-	return (ret);
-}
-
-ASN1_TIME *
-X509_gmtime_adj(ASN1_TIME *s, long adj)
-{
-	return X509_time_adj(s, adj, NULL);
-}
-
-ASN1_TIME *
-X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_time)
-{
-	return X509_time_adj_ex(s, 0, offset_sec, in_time);
-}
-
-ASN1_TIME *
-X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *in_time)
-{
-	time_t t;
-	if (in_time == NULL)
-		t = time(NULL);
-	else
-		t = *in_time;
-
-	return ASN1_TIME_adj(s, t, offset_day, offset_sec);
-}
-
-int
-X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
-{
-	EVP_PKEY *ktmp = NULL, *ktmp2;
-	int i, j;
-
-	if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey))
-		return 1;
-
-	for (i = 0; i < sk_X509_num(chain); i++) {
-		ktmp = X509_get_pubkey(sk_X509_value(chain, i));
-		if (ktmp == NULL) {
-			X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
-			    X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
-			return 0;
-		}
-		if (!EVP_PKEY_missing_parameters(ktmp))
-			break;
-		else {
-			EVP_PKEY_free(ktmp);
-			ktmp = NULL;
-		}
-	}
-	if (ktmp == NULL) {
-		X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
-		    X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
-		return 0;
-	}
-
-	/* first, populate the other certs */
-	for (j = i - 1; j >= 0; j--) {
-		ktmp2 = X509_get_pubkey(sk_X509_value(chain, j));
-		EVP_PKEY_copy_parameters(ktmp2, ktmp);
-		EVP_PKEY_free(ktmp2);
-	}
-
-	if (pkey != NULL)
-		EVP_PKEY_copy_parameters(pkey, ktmp);
-	EVP_PKEY_free(ktmp);
-	return 1;
-}
-
-int
-X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	/* This function is (usually) called only once, by
-	 * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX,
-	    argl, argp, new_func, dup_func, free_func);
-}
-
-int
-X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
-{
-	return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
-}
-
-void *
-X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
-{
-	return CRYPTO_get_ex_data(&ctx->ex_data, idx);
-}
-
-int
-X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
-{
-	return ctx->error;
-}
-
-void
-X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
-{
-	ctx->error = err;
-}
-
-int
-X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
-{
-	return ctx->error_depth;
-}
-
-X509 *
-X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
-{
-	return ctx->current_cert;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
-{
-	return ctx->chain;
-}
-
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
-{
-	int i;
-	X509 *x;
-	STACK_OF(X509) *chain;
-
-	if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain)))
-		return NULL;
-	for (i = 0; i < sk_X509_num(chain); i++) {
-		x = sk_X509_value(chain, i);
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-	}
-	return chain;
-}
-
-X509 *
-X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
-{
-	return ctx->current_issuer;
-}
-
-X509_CRL *
-X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
-{
-	return ctx->current_crl;
-}
-
-X509_STORE_CTX *
-X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
-{
-	return ctx->parent;
-}
-
-void
-X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
-{
-	ctx->cert = x;
-}
-
-void
-X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
-	ctx->untrusted = sk;
-}
-
-void
-X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
-{
-	ctx->crls = sk;
-}
-
-int
-X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
-{
-	return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
-}
-
-int
-X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
-{
-	return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
-}
-
-/* This function is used to set the X509_STORE_CTX purpose and trust
- * values. This is intended to be used when another structure has its
- * own trust and purpose values which (if set) will be inherited by
- * the ctx. If they aren't set then we will usually have a default
- * purpose in mind which should then be used to set the trust value.
- * An example of this is SSL use: an SSL structure will have its own
- * purpose and trust settings which the application can set: if they
- * aren't set then we use the default of SSL client/server.
- */
-
-int
-X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-    int purpose, int trust)
-{
-	int idx;
-
-	/* If purpose not set use default */
-	if (!purpose)
-		purpose = def_purpose;
-	/* If we have a purpose then check it is valid */
-	if (purpose) {
-		X509_PURPOSE *ptmp;
-		idx = X509_PURPOSE_get_by_id(purpose);
-		if (idx == -1) {
-			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-			    X509_R_UNKNOWN_PURPOSE_ID);
-			return 0;
-		}
-		ptmp = X509_PURPOSE_get0(idx);
-		if (ptmp->trust == X509_TRUST_DEFAULT) {
-			idx = X509_PURPOSE_get_by_id(def_purpose);
-			if (idx == -1) {
-				X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-				    X509_R_UNKNOWN_PURPOSE_ID);
-				return 0;
-			}
-			ptmp = X509_PURPOSE_get0(idx);
-		}
-		/* If trust not set then get from purpose default */
-		if (!trust)
-			trust = ptmp->trust;
-	}
-	if (trust) {
-		idx = X509_TRUST_get_by_id(trust);
-		if (idx == -1) {
-			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
-			    X509_R_UNKNOWN_TRUST_ID);
-			return 0;
-		}
-	}
-
-	if (purpose && !ctx->param->purpose)
-		ctx->param->purpose = purpose;
-	if (trust && !ctx->param->trust)
-		ctx->param->trust = trust;
-	return 1;
-}
-
-X509_STORE_CTX *
-X509_STORE_CTX_new(void)
-{
-	X509_STORE_CTX *ctx;
-
-	ctx = calloc(1, sizeof(X509_STORE_CTX));
-	if (!ctx) {
-		X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	return ctx;
-}
-
-void
-X509_STORE_CTX_free(X509_STORE_CTX *ctx)
-{
-	if (ctx == NULL)
-		return;
-
-	X509_STORE_CTX_cleanup(ctx);
-	free(ctx);
-}
-
-int
-X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
-    STACK_OF(X509) *chain)
-{
-	int param_ret = 1;
-
-	/*
-	 * Make sure everything is initialized properly even in case of an
-	 * early return due to an error.
-	 *
-	 * While this 'ctx' can be reused, X509_STORE_CTX_cleanup() will have
-	 * freed everything and memset ex_data anyway.  This also allows us
-	 * to safely use X509_STORE_CTX variables from the stack which will
-	 * have uninitialized data.
-	 */
-	memset(ctx, 0, sizeof(*ctx));
-
-	/*
-	 * Set values other than 0.  Keep this in the same order as
-	 * X509_STORE_CTX except for values that may fail.  All fields that
-	 * may fail should go last to make sure 'ctx' is as consistent as
-	 * possible even on early exits.
-	 */
-	ctx->ctx = store;
-	ctx->cert = x509;
-	ctx->untrusted = chain;
-
-	if (store && store->verify)
-		ctx->verify = store->verify;
-	else
-		ctx->verify = internal_verify;
-
-	if (store && store->verify_cb)
-		ctx->verify_cb = store->verify_cb;
-	else
-		ctx->verify_cb = null_callback;
-
-	if (store && store->get_issuer)
-		ctx->get_issuer = store->get_issuer;
-	else
-		ctx->get_issuer = X509_STORE_CTX_get1_issuer;
-
-	if (store && store->check_issued)
-		ctx->check_issued = store->check_issued;
-	else
-		ctx->check_issued = check_issued;
-
-	if (store && store->check_revocation)
-		ctx->check_revocation = store->check_revocation;
-	else
-		ctx->check_revocation = check_revocation;
-
-	if (store && store->get_crl)
-		ctx->get_crl = store->get_crl;
-	else
-		ctx->get_crl = NULL;
-
-	if (store && store->check_crl)
-		ctx->check_crl = store->check_crl;
-	else
-		ctx->check_crl = check_crl;
-
-	if (store && store->cert_crl)
-		ctx->cert_crl = store->cert_crl;
-	else
-		ctx->cert_crl = cert_crl;
-
-	ctx->check_policy = check_policy;
-
-	if (store && store->lookup_certs)
-		ctx->lookup_certs = store->lookup_certs;
-	else
-		ctx->lookup_certs = X509_STORE_get1_certs;
-
-	if (store && store->lookup_crls)
-		ctx->lookup_crls = store->lookup_crls;
-	else
-		ctx->lookup_crls = X509_STORE_get1_crls;
-
-	if (store && store->cleanup)
-		ctx->cleanup = store->cleanup;
-	else
-		ctx->cleanup = NULL;
-
-	ctx->param = X509_VERIFY_PARAM_new();
-	if (!ctx->param) {
-		X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	/* Inherit callbacks and flags from X509_STORE if not set
-	 * use defaults.
-	 */
-	if (store)
-		param_ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
-	else
-		ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
-
-	if (param_ret)
-		param_ret = X509_VERIFY_PARAM_inherit(ctx->param,
-		    X509_VERIFY_PARAM_lookup("default"));
-
-	if (param_ret == 0) {
-		X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-
-	if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
-	    &(ctx->ex_data)) == 0) {
-		X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-/* Set alternative lookup method: just a STACK of trusted certificates.
- * This avoids X509_STORE nastiness where it isn't needed.
- */
-
-void
-X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
-{
-	ctx->other_ctx = sk;
-	ctx->get_issuer = get_issuer_sk;
-}
-
-void
-X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
-{
-	if (ctx->cleanup)
-		ctx->cleanup(ctx);
-	if (ctx->param != NULL) {
-		if (ctx->parent == NULL)
-			X509_VERIFY_PARAM_free(ctx->param);
-		ctx->param = NULL;
-	}
-	if (ctx->tree != NULL) {
-		X509_policy_tree_free(ctx->tree);
-		ctx->tree = NULL;
-	}
-	if (ctx->chain != NULL) {
-		sk_X509_pop_free(ctx->chain, X509_free);
-		ctx->chain = NULL;
-	}
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX,
-	    ctx, &(ctx->ex_data));
-	memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
-}
-
-void
-X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
-{
-	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void
-X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
-{
-	X509_VERIFY_PARAM_set_flags(ctx->param, flags);
-}
-
-void
-X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
-{
-	X509_VERIFY_PARAM_set_time(ctx->param, t);
-}
-
-void
-X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-    int (*verify_cb)(int, X509_STORE_CTX *))
-{
-	ctx->verify_cb = verify_cb;
-}
-
-X509_POLICY_TREE *
-X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
-{
-	return ctx->tree;
-}
-
-int
-X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
-{
-	return ctx->explicit_policy;
-}
-
-int
-X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
-{
-	const X509_VERIFY_PARAM *param;
-	param = X509_VERIFY_PARAM_lookup(name);
-	if (!param)
-		return 0;
-	return X509_VERIFY_PARAM_inherit(ctx->param, param);
-}
-
-X509_VERIFY_PARAM *
-X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
-{
-	return ctx->param;
-}
-
-void
-X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
-{
-	if (ctx->param)
-		X509_VERIFY_PARAM_free(ctx->param);
-	ctx->param = param;
-}
diff --git a/lib/libssl/src/crypto/x509/x509_vfy.h b/lib/libssl/src/crypto/x509/x509_vfy.h
deleted file mode 100644
index e3a1db24078..00000000000
--- a/lib/libssl/src/crypto/x509/x509_vfy.h
+++ /dev/null
@@ -1,560 +0,0 @@
-/* $OpenBSD: x509_vfy.h,v 1.16 2015/09/14 16:13:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_X509_H
-#include <openssl/x509.h>
-/* openssl/x509.h ends up #include-ing this file at about the only
- * appropriate moment. */
-#endif
-
-#ifndef HEADER_X509_VFY_H
-#define HEADER_X509_VFY_H
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_LHASH
-#include <openssl/lhash.h>
-#endif
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-typedef struct x509_file_st
-	{
-	int num_paths;	/* number of paths to files or directories */
-	int num_alloced;
-	char **paths;	/* the list of paths or directories */
-	int *path_type;
-	} X509_CERT_FILE_CTX;
-
-/*******************************/
-/*
-SSL_CTX -> X509_STORE    
-		-> X509_LOOKUP
-			->X509_LOOKUP_METHOD
-		-> X509_LOOKUP
-			->X509_LOOKUP_METHOD
- 
-SSL	-> X509_STORE_CTX
-		->X509_STORE    
-
-The X509_STORE holds the tables etc for verification stuff.
-A X509_STORE_CTX is used while validating a single certificate.
-The X509_STORE has X509_LOOKUPs for looking up certs.
-The X509_STORE then calls a function to actually verify the
-certificate chain.
-*/
-
-#define X509_LU_RETRY		-1
-#define X509_LU_FAIL		0
-#define X509_LU_X509		1
-#define X509_LU_CRL		2
-#define X509_LU_PKEY		3
-
-typedef struct x509_object_st
-	{
-	/* one of the above types */
-	int type;
-	union	{
-		char *ptr;
-		X509 *x509;
-		X509_CRL *crl;
-		EVP_PKEY *pkey;
-		} data;
-	} X509_OBJECT;
-
-typedef struct x509_lookup_st X509_LOOKUP;
-
-DECLARE_STACK_OF(X509_LOOKUP)
-DECLARE_STACK_OF(X509_OBJECT)
-
-/* This is a static that defines the function interface */
-typedef struct x509_lookup_method_st
-	{
-	const char *name;
-	int (*new_item)(X509_LOOKUP *ctx);
-	void (*free)(X509_LOOKUP *ctx);
-	int (*init)(X509_LOOKUP *ctx);
-	int (*shutdown)(X509_LOOKUP *ctx);
-	int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
-			char **ret);
-	int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
-			      X509_OBJECT *ret);
-	int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
-				    ASN1_INTEGER *serial,X509_OBJECT *ret);
-	int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
-				  unsigned char *bytes,int len,
-				  X509_OBJECT *ret);
-	int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
-			    X509_OBJECT *ret);
-	} X509_LOOKUP_METHOD;
-
-/* This structure hold all parameters associated with a verify operation
- * by including an X509_VERIFY_PARAM structure in related structures the
- * parameters used can be customized
- */
-
-typedef struct X509_VERIFY_PARAM_st
-	{
-	char *name;
-	time_t check_time;	/* Time to use */
-	unsigned long inh_flags; /* Inheritance flags */
-	unsigned long flags;	/* Various verify flags */
-	int purpose;		/* purpose to check untrusted certificates */
-	int trust;		/* trust setting to check */
-	int depth;		/* Verify depth */
-	STACK_OF(ASN1_OBJECT) *policies;	/* Permissible policies */
-	} X509_VERIFY_PARAM;
-
-DECLARE_STACK_OF(X509_VERIFY_PARAM)
-
-/* This is used to hold everything.  It is used for all certificate
- * validation.  Once we have a certificate chain, the 'verify'
- * function is then called to actually check the cert chain. */
-struct x509_store_st
-	{
-	/* The following is a cache of trusted certs */
-	int cache; 	/* if true, stash any hits */
-	STACK_OF(X509_OBJECT) *objs;	/* Cache of all objects */
-
-	/* These are external lookup methods */
-	STACK_OF(X509_LOOKUP) *get_cert_methods;
-
-	X509_VERIFY_PARAM *param;
-
-	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);	/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
-	STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
-	STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
-	int (*cleanup)(X509_STORE_CTX *ctx);
-
-	CRYPTO_EX_DATA ex_data;
-	int references;
-	} /* X509_STORE */;
-
-int X509_STORE_set_depth(X509_STORE *store, int depth);
-
-#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-#define X509_STORE_set_verify_func(ctx,func)	((ctx)->verify=(func))
-
-/* This is the functions plus an instance of the local variables. */
-struct x509_lookup_st
-	{
-	int init;			/* have we been started */
-	int skip;			/* don't use us. */
-	X509_LOOKUP_METHOD *method;	/* the functions */
-	char *method_data;		/* method data */
-
-	X509_STORE *store_ctx;	/* who owns us */
-	} /* X509_LOOKUP */;
-
-/* This is a used when verifying cert chains.  Since the
- * gathering of the cert chain can take some time (and have to be
- * 'retried', this needs to be kept and passed around. */
-struct x509_store_ctx_st      /* X509_STORE_CTX */
-	{
-	X509_STORE *ctx;
-	int current_method;	/* used when looking up certs */
-
-	/* The following are set by the caller */
-	X509 *cert;		/* The cert to check */
-	STACK_OF(X509) *untrusted;	/* chain of X509s - untrusted - passed in */
-	STACK_OF(X509_CRL) *crls;	/* set of CRLs passed in */
-
-	X509_VERIFY_PARAM *param;
-	void *other_ctx;	/* Other info for use with get_issuer() */
-
-	/* Callbacks for various operations */
-	int (*verify)(X509_STORE_CTX *ctx);	/* called to verify a certificate */
-	int (*verify_cb)(int ok,X509_STORE_CTX *ctx);		/* error callback */
-	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
-	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
-	int (*check_policy)(X509_STORE_CTX *ctx);
-	STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
-	STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
-	int (*cleanup)(X509_STORE_CTX *ctx);
-
-	/* The following is built up */
-	int valid;		/* if 0, rebuild chain */
-	int last_untrusted;	/* index of last untrusted cert */
-	STACK_OF(X509) *chain; 		/* chain of X509s - built up and trusted */
-	X509_POLICY_TREE *tree;	/* Valid policy tree */
-
-	int explicit_policy;	/* Require explicit policy value */
-
-	/* When something goes wrong, this is why */
-	int error_depth;
-	int error;
-	X509 *current_cert;
-	X509 *current_issuer;	/* cert currently being tested as valid issuer */
-	X509_CRL *current_crl;	/* current CRL */
-
-	int current_crl_score;  /* score of current CRL */
-	unsigned int current_reasons;  /* Reason mask */
-
-	X509_STORE_CTX *parent; /* For CRL path validation: parent context */
-
-	CRYPTO_EX_DATA ex_data;
-	} /* X509_STORE_CTX */;
-
-void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
-
-#define X509_STORE_CTX_set_app_data(ctx,data) \
-	X509_STORE_CTX_set_ex_data(ctx,0,data)
-#define X509_STORE_CTX_get_app_data(ctx) \
-	X509_STORE_CTX_get_ex_data(ctx,0)
-
-#define X509_L_FILE_LOAD	1
-#define X509_L_ADD_DIR		2
-#define X509_L_MEM		3
-
-#define X509_LOOKUP_load_file(x,name,type) \
-		X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
-
-#define X509_LOOKUP_add_dir(x,name,type) \
-		X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
-
-#define X509_LOOKUP_add_mem(x,iov,type) \
-		X509_LOOKUP_ctrl((x),X509_L_MEM,(const char *)(iov),\
-		(long)(type),NULL)
-
-#define		X509_V_OK					0
-/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
-
-#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT		2
-#define		X509_V_ERR_UNABLE_TO_GET_CRL			3
-#define		X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE	4
-#define		X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE	5
-#define		X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY	6
-#define		X509_V_ERR_CERT_SIGNATURE_FAILURE		7
-#define		X509_V_ERR_CRL_SIGNATURE_FAILURE		8
-#define		X509_V_ERR_CERT_NOT_YET_VALID			9
-#define		X509_V_ERR_CERT_HAS_EXPIRED			10
-#define		X509_V_ERR_CRL_NOT_YET_VALID			11
-#define		X509_V_ERR_CRL_HAS_EXPIRED			12
-#define		X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD	13
-#define		X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD	14
-#define		X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD	15
-#define		X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD	16
-#define		X509_V_ERR_OUT_OF_MEM				17
-#define		X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT		18
-#define		X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN		19
-#define		X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY	20
-#define		X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE	21
-#define		X509_V_ERR_CERT_CHAIN_TOO_LONG			22
-#define		X509_V_ERR_CERT_REVOKED				23
-#define		X509_V_ERR_INVALID_CA				24
-#define		X509_V_ERR_PATH_LENGTH_EXCEEDED			25
-#define		X509_V_ERR_INVALID_PURPOSE			26
-#define		X509_V_ERR_CERT_UNTRUSTED			27
-#define		X509_V_ERR_CERT_REJECTED			28
-/* These are 'informational' when looking for issuer cert */
-#define		X509_V_ERR_SUBJECT_ISSUER_MISMATCH		29
-#define		X509_V_ERR_AKID_SKID_MISMATCH			30
-#define		X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH		31
-#define		X509_V_ERR_KEYUSAGE_NO_CERTSIGN			32
-
-#define		X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER		33
-#define		X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION		34
-#define		X509_V_ERR_KEYUSAGE_NO_CRL_SIGN			35
-#define		X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION	36
-#define		X509_V_ERR_INVALID_NON_CA			37
-#define		X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED		38
-#define		X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE	39
-#define		X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED	40
-
-#define		X509_V_ERR_INVALID_EXTENSION			41
-#define		X509_V_ERR_INVALID_POLICY_EXTENSION		42
-#define		X509_V_ERR_NO_EXPLICIT_POLICY			43
-#define		X509_V_ERR_DIFFERENT_CRL_SCOPE			44
-#define		X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE	45
-
-#define		X509_V_ERR_UNNESTED_RESOURCE			46
-
-#define		X509_V_ERR_PERMITTED_VIOLATION			47
-#define		X509_V_ERR_EXCLUDED_VIOLATION			48
-#define		X509_V_ERR_SUBTREE_MINMAX			49
-#define		X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE		51
-#define		X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX	52
-#define		X509_V_ERR_UNSUPPORTED_NAME_SYNTAX		53
-#define		X509_V_ERR_CRL_PATH_VALIDATION_ERROR		54
-
-/* The application is not happy */
-#define		X509_V_ERR_APPLICATION_VERIFICATION		50
-
-/* Certificate verify flags */
-
-/* Send issuer+subject checks to verify_cb */
-#define	X509_V_FLAG_CB_ISSUER_CHECK		0x1
-/* Use check time instead of current time */
-#define	X509_V_FLAG_USE_CHECK_TIME		0x2
-/* Lookup CRLs */
-#define	X509_V_FLAG_CRL_CHECK			0x4
-/* Lookup CRLs for whole chain */
-#define	X509_V_FLAG_CRL_CHECK_ALL		0x8
-/* Ignore unhandled critical extensions */
-#define	X509_V_FLAG_IGNORE_CRITICAL		0x10
-/* Disable workarounds for broken certificates */
-#define	X509_V_FLAG_X509_STRICT			0x20
-/* Enable proxy certificate validation */
-#define	X509_V_FLAG_ALLOW_PROXY_CERTS		0x40
-/* Enable policy checking */
-#define X509_V_FLAG_POLICY_CHECK		0x80
-/* Policy variable require-explicit-policy */
-#define X509_V_FLAG_EXPLICIT_POLICY		0x100
-/* Policy variable inhibit-any-policy */
-#define	X509_V_FLAG_INHIBIT_ANY			0x200
-/* Policy variable inhibit-policy-mapping */
-#define X509_V_FLAG_INHIBIT_MAP			0x400
-/* Notify callback that policy is OK */
-#define X509_V_FLAG_NOTIFY_POLICY		0x800
-/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
-#define X509_V_FLAG_EXTENDED_CRL_SUPPORT	0x1000
-/* Delta CRL support */
-#define X509_V_FLAG_USE_DELTAS			0x2000
-/* Check selfsigned CA signature */
-#define X509_V_FLAG_CHECK_SS_SIGNATURE		0x4000
-/* Do not check certificate or CRL validity against current time. */
-#define X509_V_FLAG_NO_CHECK_TIME		0x200000
-
-#define X509_VP_FLAG_DEFAULT			0x1
-#define X509_VP_FLAG_OVERWRITE			0x2
-#define X509_VP_FLAG_RESET_FLAGS		0x4
-#define X509_VP_FLAG_LOCKED			0x8
-#define X509_VP_FLAG_ONCE			0x10
-
-/* Internal use: mask of policy related options */
-#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
-				| X509_V_FLAG_EXPLICIT_POLICY \
-				| X509_V_FLAG_INHIBIT_ANY \
-				| X509_V_FLAG_INHIBIT_MAP)
-
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
-	     X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
-void X509_OBJECT_up_ref_count(X509_OBJECT *a);
-void X509_OBJECT_free_contents(X509_OBJECT *a);
-X509_STORE *X509_STORE_new(void );
-void X509_STORE_free(X509_STORE *v);
-
-STACK_OF(X509)* X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
-STACK_OF(X509_CRL)* X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
-int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
-int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
-int X509_STORE_set_trust(X509_STORE *ctx, int trust);
-int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
-
-void X509_STORE_set_verify_cb(X509_STORE *ctx,
-				  int (*verify_cb)(int, X509_STORE_CTX *));
-
-X509_STORE_CTX *X509_STORE_CTX_new(void);
-
-int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
-
-void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
-			 X509 *x509, STACK_OF(X509) *chain);
-void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
-
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
-X509_LOOKUP_METHOD *X509_LOOKUP_mem(void);
-
-int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
-int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
-
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
-	X509_OBJECT *ret);
-
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
-	long argl, char **ret);
-
-int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-
-
-X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
-void X509_LOOKUP_free(X509_LOOKUP *ctx);
-int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-	ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-	unsigned char *bytes, int len, X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
-	int len, X509_OBJECT *ret);
-int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
-
-int	X509_STORE_load_locations (X509_STORE *ctx,
-		const char *file, const char *dir);
-int	X509_STORE_load_mem(X509_STORE *ctx, void *buf, int len);
-int	X509_STORE_set_default_paths(X509_STORE *ctx);
-
-int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-	CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int	X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
-void *	X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
-int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
-void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
-int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
-X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
-X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
-X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
-STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-void	X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
-void	X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
-void	X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk);
-int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
-int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
-int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
-				int purpose, int trust);
-void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
-void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
-								time_t t);
-void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-				  int (*verify_cb)(int, X509_STORE_CTX *));
-  
-X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
-int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
-void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
-int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-/* X509_VERIFY_PARAM functions */
-
-X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
-void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
-						const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, 
-						const X509_VERIFY_PARAM *from);
-int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
-int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
-int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
-							unsigned long flags);
-unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
-int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
-int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
-void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
-						ASN1_OBJECT *policy);
-int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 
-					STACK_OF(ASN1_OBJECT) *policies);
-int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-
-int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
-const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
-void X509_VERIFY_PARAM_table_cleanup(void);
-
-int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
-			STACK_OF(X509) *certs,
-			STACK_OF(ASN1_OBJECT) *policy_oids,
-			unsigned int flags);
-
-void X509_policy_tree_free(X509_POLICY_TREE *tree);
-
-int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
-X509_POLICY_LEVEL *
-	X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i);
-
-STACK_OF(X509_POLICY_NODE) *
-	X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree);
-
-STACK_OF(X509_POLICY_NODE) *
-	X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree);
-
-int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
-
-X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i);
-
-const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
-
-STACK_OF(POLICYQUALINFO) *
-	X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node);
-const X509_POLICY_NODE *
-	X509_policy_node_get0_parent(const X509_POLICY_NODE *node);
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-
diff --git a/lib/libssl/src/crypto/x509/x509_vpm.c b/lib/libssl/src/crypto/x509/x509_vpm.c
deleted file mode 100644
index 8ec972050d4..00000000000
--- a/lib/libssl/src/crypto/x509/x509_vpm.c
+++ /dev/null
@@ -1,449 +0,0 @@
-/* $OpenBSD: x509_vpm.c,v 1.11 2014/09/29 04:16:49 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-/* X509_VERIFY_PARAM functions */
-
-static void
-x509_verify_param_zero(X509_VERIFY_PARAM *param)
-{
-	if (!param)
-		return;
-	param->name = NULL;
-	param->purpose = 0;
-	param->trust = 0;
-	/*param->inh_flags = X509_VP_FLAG_DEFAULT;*/
-	param->inh_flags = 0;
-	param->flags = 0;
-	param->depth = -1;
-	if (param->policies) {
-		sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
-		param->policies = NULL;
-	}
-}
-
-X509_VERIFY_PARAM *
-X509_VERIFY_PARAM_new(void)
-{
-	X509_VERIFY_PARAM *param;
-
-	param = calloc(1, sizeof(X509_VERIFY_PARAM));
-	x509_verify_param_zero(param);
-	return param;
-}
-
-void
-X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
-{
-	x509_verify_param_zero(param);
-	free(param);
-}
-
-/* This function determines how parameters are "inherited" from one structure
- * to another. There are several different ways this can happen.
- *
- * 1. If a child structure needs to have its values initialized from a parent
- *    they are simply copied across. For example SSL_CTX copied to SSL.
- * 2. If the structure should take on values only if they are currently unset.
- *    For example the values in an SSL structure will take appropriate value
- *    for SSL servers or clients but only if the application has not set new
- *    ones.
- *
- * The "inh_flags" field determines how this function behaves.
- *
- * Normally any values which are set in the default are not copied from the
- * destination and verify flags are ORed together.
- *
- * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied
- * to the destination. Effectively the values in "to" become default values
- * which will be used only if nothing new is set in "from".
- *
- * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether
- * they are set or not. Flags is still Ored though.
- *
- * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead
- * of ORed.
- *
- * If X509_VP_FLAG_LOCKED is set then no values are copied.
- *
- * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed
- * after the next call.
- */
-
-/* Macro to test if a field should be copied from src to dest */
-
-#define test_x509_verify_param_copy(field, def) \
-	(to_overwrite || \
-		((src->field != def) && (to_default || (dest->field == def))))
-
-/* Macro to test and copy a field if necessary */
-
-#define x509_verify_param_copy(field, def) \
-	if (test_x509_verify_param_copy(field, def)) \
-		dest->field = src->field
-
-
-int
-X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src)
-{
-	unsigned long inh_flags;
-	int to_default, to_overwrite;
-
-	if (!src)
-		return 1;
-	inh_flags = dest->inh_flags | src->inh_flags;
-
-	if (inh_flags & X509_VP_FLAG_ONCE)
-		dest->inh_flags = 0;
-
-	if (inh_flags & X509_VP_FLAG_LOCKED)
-		return 1;
-
-	if (inh_flags & X509_VP_FLAG_DEFAULT)
-		to_default = 1;
-	else
-		to_default = 0;
-
-	if (inh_flags & X509_VP_FLAG_OVERWRITE)
-		to_overwrite = 1;
-	else
-		to_overwrite = 0;
-
-	x509_verify_param_copy(purpose, 0);
-	x509_verify_param_copy(trust, 0);
-	x509_verify_param_copy(depth, -1);
-
-	/* If overwrite or check time not set, copy across */
-
-	if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) {
-		dest->check_time = src->check_time;
-		dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
-		/* Don't need to copy flag: that is done below */
-	}
-
-	if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
-		dest->flags = 0;
-
-	dest->flags |= src->flags;
-
-	if (test_x509_verify_param_copy(policies, NULL)) {
-		if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies))
-			return 0;
-	}
-
-	return 1;
-}
-
-int
-X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to, const X509_VERIFY_PARAM *from)
-{
-	unsigned long save_flags = to->inh_flags;
-	int ret;
-
-	to->inh_flags |= X509_VP_FLAG_DEFAULT;
-	ret = X509_VERIFY_PARAM_inherit(to, from);
-	to->inh_flags = save_flags;
-	return ret;
-}
-
-int
-X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
-{
-	free(param->name);
-	param->name = NULL;
-	if (name == NULL)
-		return 1;
-	param->name = strdup(name);
-	if (param->name)
-		return 1;
-	return 0;
-}
-
-int
-X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
-{
-	param->flags |= flags;
-	if (flags & X509_V_FLAG_POLICY_MASK)
-		param->flags |= X509_V_FLAG_POLICY_CHECK;
-	return 1;
-}
-
-int
-X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param, unsigned long flags)
-{
-	param->flags &= ~flags;
-	return 1;
-}
-
-unsigned long
-X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
-{
-	return param->flags;
-}
-
-int
-X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
-{
-	return X509_PURPOSE_set(&param->purpose, purpose);
-}
-
-int
-X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
-{
-	return X509_TRUST_set(&param->trust, trust);
-}
-
-void
-X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
-{
-	param->depth = depth;
-}
-
-void
-X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
-{
-	param->check_time = t;
-	param->flags |= X509_V_FLAG_USE_CHECK_TIME;
-}
-
-int
-X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param, ASN1_OBJECT *policy)
-{
-	if (!param->policies) {
-		param->policies = sk_ASN1_OBJECT_new_null();
-		if (!param->policies)
-			return 0;
-	}
-	if (!sk_ASN1_OBJECT_push(param->policies, policy))
-		return 0;
-	return 1;
-}
-
-int
-X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
-    STACK_OF(ASN1_OBJECT) *policies)
-{
-	int i;
-	ASN1_OBJECT *oid, *doid;
-
-	if (!param)
-		return 0;
-	if (param->policies)
-		sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
-
-	if (!policies) {
-		param->policies = NULL;
-		return 1;
-	}
-
-	param->policies = sk_ASN1_OBJECT_new_null();
-	if (!param->policies)
-		return 0;
-
-	for (i = 0; i < sk_ASN1_OBJECT_num(policies); i++) {
-		oid = sk_ASN1_OBJECT_value(policies, i);
-		doid = OBJ_dup(oid);
-		if (!doid)
-			return 0;
-		if (!sk_ASN1_OBJECT_push(param->policies, doid)) {
-			ASN1_OBJECT_free(doid);
-			return 0;
-		}
-	}
-	param->flags |= X509_V_FLAG_POLICY_CHECK;
-	return 1;
-}
-
-int
-X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
-{
-	return param->depth;
-}
-
-/* Default verify parameters: these are used for various
- * applications and can be overridden by the user specified table.
- * NB: the 'name' field *must* be in alphabetical order because it
- * will be searched using OBJ_search.
- */
-
-static const X509_VERIFY_PARAM default_table[] = {
-	{
-		"default",			/* X509 default parameters */
-		0,				/* Check time */
-		0,				/* internal flags */
-		0,				/* flags */
-		0,				/* purpose */
-		0,				/* trust */
-		100,				/* depth */
-		NULL				/* policies */
-	},
-	{
-		"pkcs7",			/* S/MIME sign parameters */
-		0,				/* Check time */
-		0,				/* internal flags */
-		0,				/* flags */
-		X509_PURPOSE_SMIME_SIGN,	/* purpose */
-		X509_TRUST_EMAIL,		/* trust */
-		-1,				/* depth */
-		NULL				/* policies */
-	},
-	{
-		"smime_sign",			/* S/MIME sign parameters */
-		0,				/* Check time */
-		0,				/* internal flags */
-		0,				/* flags */
-		X509_PURPOSE_SMIME_SIGN,	/* purpose */
-		X509_TRUST_EMAIL,		/* trust */
-		-1,				/* depth */
-		NULL				/* policies */
-	},
-	{
-		"ssl_client",			/* SSL/TLS client parameters */
-		0,				/* Check time */
-		0,				/* internal flags */
-		0,				/* flags */
-		X509_PURPOSE_SSL_CLIENT,	/* purpose */
-		X509_TRUST_SSL_CLIENT,		/* trust */
-		-1,				/* depth */
-		NULL				/* policies */
-	},
-	{
-		"ssl_server",			/* SSL/TLS server parameters */
-		0,				/* Check time */
-		0,				/* internal flags */
-		0,				/* flags */
-		X509_PURPOSE_SSL_SERVER,	/* purpose */
-		X509_TRUST_SSL_SERVER,		/* trust */
-		-1,				/* depth */
-		NULL				/* policies */
-	}
-};
-
-static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
-
-static int
-table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
-{
-	return strcmp(a->name, b->name);
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
-
-static int
-param_cmp(const X509_VERIFY_PARAM * const *a,
-    const X509_VERIFY_PARAM * const *b)
-{
-	return strcmp((*a)->name, (*b)->name);
-}
-
-int
-X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
-{
-	int idx;
-	X509_VERIFY_PARAM *ptmp;
-
-	if (!param_table) {
-		param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
-		if (!param_table)
-			return 0;
-	} else {
-		idx = sk_X509_VERIFY_PARAM_find(param_table, param);
-		if (idx != -1) {
-			ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx);
-			X509_VERIFY_PARAM_free(ptmp);
-			(void)sk_X509_VERIFY_PARAM_delete(param_table, idx);
-		}
-	}
-	if (!sk_X509_VERIFY_PARAM_push(param_table, param))
-		return 0;
-	return 1;
-}
-
-const X509_VERIFY_PARAM *
-X509_VERIFY_PARAM_lookup(const char *name)
-{
-	int idx;
-	X509_VERIFY_PARAM pm;
-
-	pm.name = (char *)name;
-	if (param_table) {
-		idx = sk_X509_VERIFY_PARAM_find(param_table, &pm);
-		if (idx != -1)
-			return sk_X509_VERIFY_PARAM_value(param_table, idx);
-	}
-	return OBJ_bsearch_table(&pm, default_table,
-	    sizeof(default_table)/sizeof(X509_VERIFY_PARAM));
-}
-
-void
-X509_VERIFY_PARAM_table_cleanup(void)
-{
-	if (param_table)
-		sk_X509_VERIFY_PARAM_pop_free(param_table,
-		    X509_VERIFY_PARAM_free);
-	param_table = NULL;
-}
diff --git a/lib/libssl/src/crypto/x509/x509cset.c b/lib/libssl/src/crypto/x509/x509cset.c
deleted file mode 100644
index afc1f0f2b30..00000000000
--- a/lib/libssl/src/crypto/x509/x509cset.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/* $OpenBSD: x509cset.c,v 1.11 2015/09/30 17:49:59 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-X509_CRL_set_version(X509_CRL *x, long version)
-{
-	if (x == NULL)
-		return (0);
-	if (x->crl->version == NULL) {
-		if ((x->crl->version = ASN1_INTEGER_new()) == NULL)
-			return (0);
-	}
-	return (ASN1_INTEGER_set(x->crl->version, version));
-}
-
-int
-X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
-{
-	if ((x == NULL) || (x->crl == NULL))
-		return (0);
-	return (X509_NAME_set(&x->crl->issuer, name));
-}
-
-int
-X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
-{
-	ASN1_TIME *in;
-
-	if (x == NULL)
-		return (0);
-	in = x->crl->lastUpdate;
-	if (in != tm) {
-		in = ASN1_STRING_dup(tm);
-		if (in != NULL) {
-			ASN1_TIME_free(x->crl->lastUpdate);
-			x->crl->lastUpdate = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
-{
-	ASN1_TIME *in;
-
-	if (x == NULL)
-		return (0);
-	in = x->crl->nextUpdate;
-	if (in != tm) {
-		in = ASN1_STRING_dup(tm);
-		if (in != NULL) {
-			ASN1_TIME_free(x->crl->nextUpdate);
-			x->crl->nextUpdate = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_CRL_sort(X509_CRL *c)
-{
-	int i;
-	X509_REVOKED *r;
-
-	/* sort the data so it will be written in serial
-	 * number order */
-	sk_X509_REVOKED_sort(c->crl->revoked);
-	for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
-		r = sk_X509_REVOKED_value(c->crl->revoked, i);
-		r->sequence = i;
-	}
-	c->crl->enc.modified = 1;
-	return 1;
-}
-
-int
-X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
-{
-	ASN1_TIME *in;
-
-	if (x == NULL)
-		return (0);
-	in = x->revocationDate;
-	if (in != tm) {
-		in = ASN1_STRING_dup(tm);
-		if (in != NULL) {
-			ASN1_TIME_free(x->revocationDate);
-			x->revocationDate = in;
-		}
-	}
-	return (in != NULL);
-}
-
-int
-X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
-{
-	ASN1_INTEGER *in;
-
-	if (x == NULL)
-		return (0);
-	in = x->serialNumber;
-	if (in != serial) {
-		in = ASN1_INTEGER_dup(serial);
-		if (in != NULL) {
-			ASN1_INTEGER_free(x->serialNumber);
-			x->serialNumber = in;
-		}
-	}
-	return (in != NULL);
-}
diff --git a/lib/libssl/src/crypto/x509/x509name.c b/lib/libssl/src/crypto/x509/x509name.c
deleted file mode 100644
index 14634013cf7..00000000000
--- a/lib/libssl/src/crypto/x509/x509name.c
+++ /dev/null
@@ -1,410 +0,0 @@
-/* $OpenBSD: x509name.c,v 1.13 2014/09/29 04:17:24 miod Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-
-int
-X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
-{
-	ASN1_OBJECT *obj;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL)
-		return (-1);
-	return (X509_NAME_get_text_by_OBJ(name, obj, buf, len));
-}
-
-int
-X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
-    int len)
-{
-	int i;
-	ASN1_STRING *data;
-
-	i = X509_NAME_get_index_by_OBJ(name, obj, -1);
-	if (i < 0)
-		return (-1);
-	data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
-	i = (data->length > (len - 1)) ? (len - 1) : data->length;
-	if (buf == NULL)
-		return (data->length);
-	if (i >= 0) {
-		memcpy(buf, data->data, i);
-		buf[i] = '\0';
-	}
-	return (i);
-}
-
-int
-X509_NAME_entry_count(X509_NAME *name)
-{
-	if (name == NULL)
-		return (0);
-	return (sk_X509_NAME_ENTRY_num(name->entries));
-}
-
-int
-X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
-{
-	ASN1_OBJECT *obj;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL)
-		return (-2);
-	return (X509_NAME_get_index_by_OBJ(name, obj, lastpos));
-}
-
-/* NOTE: you should be passsing -1, not 0 as lastpos */
-int
-X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos)
-{
-	int n;
-	X509_NAME_ENTRY *ne;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL)
-		return (-1);
-	if (lastpos < 0)
-		lastpos = -1;
-	sk = name->entries;
-	n = sk_X509_NAME_ENTRY_num(sk);
-	for (lastpos++; lastpos < n; lastpos++) {
-		ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
-		if (OBJ_cmp(ne->object, obj) == 0)
-			return (lastpos);
-	}
-	return (-1);
-}
-
-X509_NAME_ENTRY *
-X509_NAME_get_entry(X509_NAME *name, int loc)
-{
-	if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc ||
-	    loc < 0)
-		return (NULL);
-	else
-		return (sk_X509_NAME_ENTRY_value(name->entries, loc));
-}
-
-X509_NAME_ENTRY *
-X509_NAME_delete_entry(X509_NAME *name, int loc)
-{
-	X509_NAME_ENTRY *ret;
-	int i, n, set_prev, set_next;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc ||
-	    loc < 0)
-		return (NULL);
-	sk = name->entries;
-	ret = sk_X509_NAME_ENTRY_delete(sk, loc);
-	n = sk_X509_NAME_ENTRY_num(sk);
-	name->modified = 1;
-	if (loc == n)
-		return (ret);
-
-	/* else we need to fixup the set field */
-	if (loc != 0)
-		set_prev = (sk_X509_NAME_ENTRY_value(sk, loc - 1))->set;
-	else
-		set_prev = ret->set - 1;
-	set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set;
-
-	/* set_prev is the previous set
-	 * set is the current set
-	 * set_next is the following
-	 * prev  1 1	1 1	1 1	1 1
-	 * set   1	1	2	2
-	 * next  1 1	2 2	2 2	3 2
-	 * so basically only if prev and next differ by 2, then
-	 * re-number down by 1 */
-	if (set_prev + 1 < set_next)
-		for (i = loc; i < n; i++)
-			sk_X509_NAME_ENTRY_value(sk, i)->set--;
-	return (ret);
-}
-
-int
-X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
-    unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-
-	ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
-	if (!ne)
-		return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-int
-X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
-    unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-
-	ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
-	if (!ne)
-		return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-int
-X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
-    const unsigned char *bytes, int len, int loc, int set)
-{
-	X509_NAME_ENTRY *ne;
-	int ret;
-
-	ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
-	if (!ne)
-		return 0;
-	ret = X509_NAME_add_entry(name, ne, loc, set);
-	X509_NAME_ENTRY_free(ne);
-	return ret;
-}
-
-/* if set is -1, append to previous set, 0 'a new one', and 1,
- * prepend to the guy we are about to stomp on. */
-int
-X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, int set)
-{
-	X509_NAME_ENTRY *new_name = NULL;
-	int n, i, inc;
-	STACK_OF(X509_NAME_ENTRY) *sk;
-
-	if (name == NULL)
-		return (0);
-	sk = name->entries;
-	n = sk_X509_NAME_ENTRY_num(sk);
-	if (loc > n)
-		loc = n;
-	else if (loc < 0)
-		loc = n;
-
-	name->modified = 1;
-
-	if (set == -1) {
-		if (loc == 0) {
-			set = 0;
-			inc = 1;
-		} else {
-			set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set;
-			inc = 0;
-		}
-	} else /* if (set >= 0) */ {
-		if (loc >= n) {
-			if (loc != 0)
-				set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1;
-			else
-				set = 0;
-		} else
-			set = sk_X509_NAME_ENTRY_value(sk, loc)->set;
-		inc = (set == 0) ? 1 : 0;
-	}
-
-	if ((new_name = X509_NAME_ENTRY_dup(ne)) == NULL)
-		goto err;
-	new_name->set = set;
-	if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
-		X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	if (inc) {
-		n = sk_X509_NAME_ENTRY_num(sk);
-		for (i = loc + 1; i < n; i++)
-			sk_X509_NAME_ENTRY_value(sk, i - 1)->set += 1;
-	}
-	return (1);
-
-err:
-	if (new_name != NULL)
-		X509_NAME_ENTRY_free(new_name);
-	return (0);
-}
-
-X509_NAME_ENTRY *
-X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
-    const char *field, int type, const unsigned char *bytes, int len)
-{
-	ASN1_OBJECT *obj;
-	X509_NAME_ENTRY *nentry;
-
-	obj = OBJ_txt2obj(field, 0);
-	if (obj == NULL) {
-		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
-		    X509_R_INVALID_FIELD_NAME);
-		ERR_asprintf_error_data("name=%s", field);
-		return (NULL);
-	}
-	nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
-	ASN1_OBJECT_free(obj);
-	return nentry;
-}
-
-X509_NAME_ENTRY *
-X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,
-    unsigned char *bytes, int len)
-{
-	ASN1_OBJECT *obj;
-	X509_NAME_ENTRY *nentry;
-
-	obj = OBJ_nid2obj(nid);
-	if (obj == NULL) {
-		X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,
-		    X509_R_UNKNOWN_NID);
-		return (NULL);
-	}
-	nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
-	ASN1_OBJECT_free(obj);
-	return nentry;
-}
-
-X509_NAME_ENTRY *
-X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type,
-    const unsigned char *bytes, int len)
-{
-	X509_NAME_ENTRY *ret;
-
-	if ((ne == NULL) || (*ne == NULL)) {
-		if ((ret = X509_NAME_ENTRY_new()) == NULL)
-			return (NULL);
-	} else
-		ret= *ne;
-
-	if (!X509_NAME_ENTRY_set_object(ret, obj))
-		goto err;
-	if (!X509_NAME_ENTRY_set_data(ret, type, bytes, len))
-		goto err;
-
-	if ((ne != NULL) && (*ne == NULL))
-		*ne = ret;
-	return (ret);
-
-err:
-	if ((ne == NULL) || (ret != *ne))
-		X509_NAME_ENTRY_free(ret);
-	return (NULL);
-}
-
-int
-X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
-{
-	if ((ne == NULL) || (obj == NULL)) {
-		X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	ASN1_OBJECT_free(ne->object);
-	ne->object = OBJ_dup(obj);
-	return ((ne->object == NULL) ? 0 : 1);
-}
-
-int
-X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
-    const unsigned char *bytes, int len)
-{
-	int i;
-
-	if ((ne == NULL) || ((bytes == NULL) && (len != 0)))
-		return (0);
-	if ((type > 0) && (type & MBSTRING_FLAG))
-		return ASN1_STRING_set_by_NID(&ne->value, bytes, len, type,
-		    OBJ_obj2nid(ne->object)) ? 1 : 0;
-	if (len < 0)
-		len = strlen((const char *)bytes);
-	i = ASN1_STRING_set(ne->value, bytes, len);
-	if (!i)
-		return (0);
-	if (type != V_ASN1_UNDEF) {
-		if (type == V_ASN1_APP_CHOOSE)
-			ne->value->type = ASN1_PRINTABLE_type(bytes, len);
-		else
-			ne->value->type = type;
-	}
-	return (1);
-}
-
-ASN1_OBJECT *
-X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
-{
-	if (ne == NULL)
-		return (NULL);
-	return (ne->object);
-}
-
-ASN1_STRING *
-X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
-{
-	if (ne == NULL)
-		return (NULL);
-	return (ne->value);
-}
diff --git a/lib/libssl/src/crypto/x509/x509rset.c b/lib/libssl/src/crypto/x509/x509rset.c
deleted file mode 100644
index cfac977636f..00000000000
--- a/lib/libssl/src/crypto/x509/x509rset.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/* $OpenBSD: x509rset.c,v 1.6 2014/07/11 08:44:49 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-X509_REQ_set_version(X509_REQ *x, long version)
-{
-	if (x == NULL)
-		return (0);
-	return (ASN1_INTEGER_set(x->req_info->version, version));
-}
-
-int
-X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
-{
-	if ((x == NULL) || (x->req_info == NULL))
-		return (0);
-	return (X509_NAME_set(&x->req_info->subject, name));
-}
-
-int
-X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
-{
-	if ((x == NULL) || (x->req_info == NULL))
-		return (0);
-	return (X509_PUBKEY_set(&x->req_info->pubkey, pkey));
-}
diff --git a/lib/libssl/src/crypto/x509/x509spki.c b/lib/libssl/src/crypto/x509/x509spki.c
deleted file mode 100644
index cd29a8138a9..00000000000
--- a/lib/libssl/src/crypto/x509/x509spki.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* $OpenBSD: x509spki.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/x509.h>
-
-int
-NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
-{
-	if ((x == NULL) || (x->spkac == NULL))
-		return (0);
-	return (X509_PUBKEY_set(&(x->spkac->pubkey), pkey));
-}
-
-EVP_PKEY *
-NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
-{
-	if ((x == NULL) || (x->spkac == NULL))
-		return (NULL);
-	return (X509_PUBKEY_get(x->spkac->pubkey));
-}
-
-/* Load a Netscape SPKI from a base64 encoded string */
-
-NETSCAPE_SPKI *
-NETSCAPE_SPKI_b64_decode(const char *str, int len)
-{
-	unsigned char *spki_der;
-	const unsigned char *p;
-	int spki_len;
-	NETSCAPE_SPKI *spki;
-
-	if (len <= 0)
-		len = strlen(str);
-	if (!(spki_der = malloc(len + 1))) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
-	if (spki_len < 0) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_DECODE,
-		    X509_R_BASE64_DECODE_ERROR);
-		free(spki_der);
-		return NULL;
-	}
-	p = spki_der;
-	spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
-	free(spki_der);
-	return spki;
-}
-
-/* Generate a base64 encoded string from an SPKI */
-
-char *
-NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
-{
-	unsigned char *der_spki, *p;
-	char *b64_str;
-	int der_len;
-	der_len = i2d_NETSCAPE_SPKI(spki, NULL);
-	der_spki = malloc(der_len);
-	b64_str = reallocarray(NULL, der_len, 2);
-	if (!der_spki || !b64_str) {
-		X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
-		free(der_spki);
-		free(b64_str);
-		return NULL;
-	}
-	p = der_spki;
-	i2d_NETSCAPE_SPKI(spki, &p);
-	EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
-	free(der_spki);
-	return b64_str;
-}
diff --git a/lib/libssl/src/crypto/x509/x509type.c b/lib/libssl/src/crypto/x509/x509type.c
deleted file mode 100644
index d0dcffb2905..00000000000
--- a/lib/libssl/src/crypto/x509/x509type.c
+++ /dev/null
@@ -1,130 +0,0 @@
-/* $OpenBSD: x509type.c,v 1.12 2015/06/13 08:38:10 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-int
-X509_certificate_type(X509 *x, EVP_PKEY *pkey)
-{
-	EVP_PKEY *pk;
-	int ret = 0, i;
-
-	if (x == NULL)
-		return (0);
-
-	if (pkey == NULL)
-		pk = X509_get_pubkey(x);
-	else
-		pk = pkey;
-
-	if (pk == NULL)
-		return (0);
-
-	switch (pk->type) {
-	case EVP_PKEY_RSA:
-		ret = EVP_PK_RSA|EVP_PKT_SIGN;
-/*		if (!sign only extension) */
-		ret |= EVP_PKT_ENC;
-		break;
-	case EVP_PKEY_DSA:
-		ret = EVP_PK_DSA|EVP_PKT_SIGN;
-		break;
-	case EVP_PKEY_EC:
-		ret = EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH;
-		break;
-	case EVP_PKEY_DH:
-		ret = EVP_PK_DH|EVP_PKT_EXCH;
-		break;
-	case NID_id_GostR3410_94:
-	case NID_id_GostR3410_2001:
-		ret = EVP_PKT_EXCH|EVP_PKT_SIGN;
-		break;
-	default:
-		break;
-	}
-
-	i = OBJ_obj2nid(x->sig_alg->algorithm);
-	if (i && OBJ_find_sigid_algs(i, NULL, &i)) {
-		switch (i) {
-		case NID_rsaEncryption:
-		case NID_rsa:
-			ret |= EVP_PKS_RSA;
-			break;
-		case NID_dsa:
-		case NID_dsa_2:
-			ret |= EVP_PKS_DSA;
-			break;
-		case NID_X9_62_id_ecPublicKey:
-			ret |= EVP_PKS_EC;
-			break;
-		default:
-			break;
-		}
-	}
-
-	/* /8 because it's 1024 bits we look for, not bytes */
-	if (EVP_PKEY_size(pk) <= 1024 / 8)
-		ret |= EVP_PKT_EXP;
-	if (pkey == NULL)
-		EVP_PKEY_free(pk);
-	return (ret);
-}
diff --git a/lib/libssl/src/crypto/x509/x_all.c b/lib/libssl/src/crypto/x509/x_all.c
deleted file mode 100644
index 21a85354457..00000000000
--- a/lib/libssl/src/crypto/x509/x_all.c
+++ /dev/null
@@ -1,602 +0,0 @@
-/* $OpenBSD: x_all.c,v 1.21 2015/10/13 14:03:26 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/asn1.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/stack.h>
-#include <openssl/x509.h>
-
-#ifndef OPENSSL_NO_DSA
-#include <openssl/dsa.h>
-#endif
-#ifndef OPENSSL_NO_RSA
-#include <openssl/rsa.h>
-#endif
-
-X509 *
-d2i_X509_bio(BIO *bp, X509 **x509)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
-}
-
-int
-i2d_X509_bio(BIO *bp, X509 *x509)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
-}
-
-X509 *
-d2i_X509_fp(FILE *fp, X509 **x509)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
-}
-
-int
-i2d_X509_fp(FILE *fp, X509 *x509)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
-}
-
-X509_CRL *
-d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-}
-
-int
-i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
-}
-
-X509_CRL *
-d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-}
-
-int
-i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
-}
-
-PKCS7 *
-d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-}
-
-int
-i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
-}
-
-PKCS7 *
-d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-}
-
-int
-i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
-}
-
-X509_REQ *
-d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-}
-
-int
-i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
-}
-
-X509_REQ *
-d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-}
-
-int
-i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
-}
-
-#ifndef OPENSSL_NO_RSA
-RSA *
-d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-}
-
-int
-i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
-}
-
-RSA *
-d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-}
-
-int
-i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
-}
-
-RSA *
-d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-}
-
-int
-i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
-}
-
-RSA *
-d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-}
-
-int
-i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
-}
-
-RSA *
-d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
-{
-	return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
-}
-
-int
-i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
-{
-	return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
-}
-
-int
-i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
-{
-	return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
-}
-
-RSA *
-d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
-{
-	return ASN1_d2i_fp((void *(*)(void))RSA_new,
-	    (D2I_OF(void))d2i_RSA_PUBKEY, fp, (void **)rsa);
-}
-#endif
-
-#ifndef OPENSSL_NO_DSA
-DSA *
-d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(DSAPrivateKey), bp, dsa);
-}
-
-int
-i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(DSAPrivateKey), bp, dsa);
-}
-
-DSA *
-d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(DSAPrivateKey), fp, dsa);
-}
-
-int
-i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(DSAPrivateKey), fp, dsa);
-}
-
-DSA *
-d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
-{
-	return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
-}
-
-int
-i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
-{
-	return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
-}
-
-DSA *
-d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
-{
-	return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
-}
-
-int
-i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
-{
-	return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
-}
-#endif
-
-#ifndef OPENSSL_NO_EC
-EC_KEY *
-d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
-{
-	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
-}
-
-int
-i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
-{
-	return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
-}
-
-EC_KEY *
-d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
-{
-	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
-}
-
-int
-i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
-{
-	return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
-}
-
-EC_KEY *
-d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
-{
-	return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
-}
-
-int
-i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
-{
-	return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
-}
-EC_KEY *
-d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
-{
-	return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
-}
-
-int
-i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
-{
-	return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
-}
-#endif
-
-X509_SIG *
-d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_SIG), bp, p8);
-}
-
-int
-i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_SIG), bp, p8);
-}
-
-X509_SIG *
-d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_SIG), fp, p8);
-}
-
-int
-i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_SIG), fp, p8);
-}
-
-PKCS8_PRIV_KEY_INFO *
-d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO **p8inf)
-{
-	return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), bp,
-	    p8inf);
-}
-
-int
-i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
-{
-	return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), bp,
-	    p8inf);
-}
-
-PKCS8_PRIV_KEY_INFO *
-d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO **p8inf)
-{
-	return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), fp,
-	    p8inf);
-}
-
-int
-i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
-{
-	return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), fp,
-	    p8inf);
-}
-
-EVP_PKEY *
-d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
-{
-	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey,
-	    bp, a);
-}
-
-int
-i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
-{
-	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
-}
-
-EVP_PKEY *
-d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
-{
-	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey,
-	    fp, a);
-}
-
-int
-i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
-{
-	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
-}
-
-EVP_PKEY *
-d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
-{
-	return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
-}
-
-int
-i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
-{
-	return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
-}
-
-int
-i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
-{
-	return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
-}
-
-EVP_PKEY *
-d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
-{
-	return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
-}
-
-int
-i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
-{
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	int ret;
-
-	p8inf = EVP_PKEY2PKCS8(key);
-	if (!p8inf)
-		return 0;
-	ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	return ret;
-}
-
-int
-i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
-{
-	PKCS8_PRIV_KEY_INFO *p8inf;
-	int ret;
-	p8inf = EVP_PKEY2PKCS8(key);
-	if (!p8inf)
-		return 0;
-	ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
-	PKCS8_PRIV_KEY_INFO_free(p8inf);
-	return ret;
-}
-
-int
-X509_verify(X509 *a, EVP_PKEY *r)
-{
-	if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
-		return 0;
-	return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), a->sig_alg,
-	    a->signature, a->cert_info, r));
-}
-
-int
-X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
-{
-	return (ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
-	    a->sig_alg, a->signature, a->req_info, r));
-}
-
-int
-NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
-{
-	return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
-	    a->sig_algor, a->signature, a->spkac, r));
-}
-
-int
-X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-	x->cert_info->enc.modified = 1;
-	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF),
-	    x->cert_info->signature, x->sig_alg, x->signature,
-	    x->cert_info, pkey, md));
-}
-
-int
-X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
-{
-	x->cert_info->enc.modified = 1;
-	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
-	    x->cert_info->signature, x->sig_alg, x->signature,
-	    x->cert_info, ctx);
-}
-
-int
-X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-	return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO),
-	    x->sig_alg, NULL, x->signature, x->req_info, pkey, md));
-}
-
-int
-X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
-{
-	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
-	    x->sig_alg, NULL, x->signature, x->req_info, ctx);
-}
-
-int
-X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-	x->crl->enc.modified = 1;
-	return(ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), x->crl->sig_alg,
-	    x->sig_alg, x->signature, x->crl, pkey, md));
-}
-
-int
-X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
-{
-	x->crl->enc.modified = 1;
-	return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
-	    x->crl->sig_alg, x->sig_alg, x->signature, x->crl, ctx);
-}
-
-int
-NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
-{
-	return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
-	    x->sig_algor, NULL, x->signature, x->spkac, pkey, md));
-}
-
-int
-X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
-    unsigned int *len)
-{
-	ASN1_BIT_STRING *key;
-	key = X509_get0_pubkey_bitstr(data);
-	if (!key)
-		return 0;
-	return EVP_Digest(key->data, key->length, md, len, type, NULL);
-}
-
-int
-X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
-    unsigned int *len)
-{
-	return (ASN1_item_digest(ASN1_ITEM_rptr(X509), type, (char *)data,
-	    md, len));
-}
-
-int
-X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md,
-    unsigned int *len)
-{
-	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_CRL), type, (char *)data,
-	    md, len));
-}
-
-int
-X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md,
-    unsigned int *len)
-{
-	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_REQ), type, (char *)data,
-	    md, len));
-}
-
-int
-X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md,
-    unsigned int *len)
-{
-	return (ASN1_item_digest(ASN1_ITEM_rptr(X509_NAME), type, (char *)data,
-	    md, len));
-}
-
-int
-PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
-    const EVP_MD *type, unsigned char *md, unsigned int *len)
-{
-	return(ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
-	    (char *)data, md, len));
-}
diff --git a/lib/libssl/src/crypto/x509v3/ext_dat.h b/lib/libssl/src/crypto/x509v3/ext_dat.h
deleted file mode 100644
index f8bf7916b38..00000000000
--- a/lib/libssl/src/crypto/x509v3/ext_dat.h
+++ /dev/null
@@ -1,129 +0,0 @@
-/* $OpenBSD: ext_dat.h,v 1.12 2015/02/10 13:28:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/opensslconf.h>
-
-/* This file contains a table of "standard" extensions */
-
-extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
-extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
-extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
-extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
-extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl;
-extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
-extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
-extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
-extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
-extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp;
-extern X509V3_EXT_METHOD v3_addr, v3_asid;
-
-/* This table will be searched using OBJ_bsearch so it *must* kept in
- * order of the ext_nid values.
- */
-
-static const X509V3_EXT_METHOD *standard_exts[] = {
-	&v3_nscert,
-	&v3_ns_ia5_list[0],
-	&v3_ns_ia5_list[1],
-	&v3_ns_ia5_list[2],
-	&v3_ns_ia5_list[3],
-	&v3_ns_ia5_list[4],
-	&v3_ns_ia5_list[5],
-	&v3_ns_ia5_list[6],
-	&v3_skey_id,
-	&v3_key_usage,
-	&v3_pkey_usage_period,
-	&v3_alt[0],
-	&v3_alt[1],
-	&v3_bcons,
-	&v3_crl_num,
-	&v3_cpols,
-	&v3_akey_id,
-	&v3_crld,
-	&v3_ext_ku,
-	&v3_delta_crl,
-	&v3_crl_reason,
-#ifndef OPENSSL_NO_OCSP
-	&v3_crl_invdate,
-#endif
-	&v3_sxnet,
-	&v3_info,
-#ifndef OPENSSL_NO_OCSP
-	&v3_ocsp_nonce,
-	&v3_ocsp_crlid,
-	&v3_ocsp_accresp,
-	&v3_ocsp_nocheck,
-	&v3_ocsp_acutoff,
-	&v3_ocsp_serviceloc,
-#endif
-	&v3_sinfo,
-	&v3_policy_constraints,
-#ifndef OPENSSL_NO_OCSP
-	&v3_crl_hold,
-#endif
-	&v3_pci,
-	&v3_name_constraints,
-	&v3_policy_mappings,
-	&v3_inhibit_anyp,
-	&v3_idp,
-	&v3_alt[2],
-	&v3_freshest_crl,
-};
-
-/* Number of standard extensions */
-#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
diff --git a/lib/libssl/src/crypto/x509v3/pcy_cache.c b/lib/libssl/src/crypto/x509v3/pcy_cache.c
deleted file mode 100644
index 9c8ba8298bc..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_cache.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* $OpenBSD: pcy_cache.c,v 1.5 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-static int policy_data_cmp(const X509_POLICY_DATA * const *a,
-    const X509_POLICY_DATA * const *b);
-static int policy_cache_set_int(long *out, ASN1_INTEGER *value);
-
-/* Set cache entry according to CertificatePolicies extension.
- * Note: this destroys the passed CERTIFICATEPOLICIES structure.
- */
-
-static int
-policy_cache_create(X509 *x, CERTIFICATEPOLICIES *policies, int crit)
-{
-	int i;
-	int ret = 0;
-	X509_POLICY_CACHE *cache = x->policy_cache;
-	X509_POLICY_DATA *data = NULL;
-	POLICYINFO *policy;
-
-	if (sk_POLICYINFO_num(policies) == 0)
-		goto bad_policy;
-	cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp);
-	if (!cache->data)
-		goto bad_policy;
-	for (i = 0; i < sk_POLICYINFO_num(policies); i++) {
-		policy = sk_POLICYINFO_value(policies, i);
-		data = policy_data_new(policy, NULL, crit);
-		if (!data)
-			goto bad_policy;
-		/* Duplicate policy OIDs are illegal: reject if matches
-		 * found.
-		 */
-		if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
-			if (cache->anyPolicy) {
-				ret = -1;
-				goto bad_policy;
-			}
-			cache->anyPolicy = data;
-		} else if (sk_X509_POLICY_DATA_find(cache->data, data) != -1) {
-			ret = -1;
-			goto bad_policy;
-		} else if (!sk_X509_POLICY_DATA_push(cache->data, data))
-			goto bad_policy;
-		data = NULL;
-	}
-	ret = 1;
-
-bad_policy:
-	if (ret == -1)
-		x->ex_flags |= EXFLAG_INVALID_POLICY;
-	if (data)
-		policy_data_free(data);
-	sk_POLICYINFO_pop_free(policies, POLICYINFO_free);
-	if (ret <= 0) {
-		sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
-		cache->data = NULL;
-	}
-	return ret;
-}
-
-static int
-policy_cache_new(X509 *x)
-{
-	X509_POLICY_CACHE *cache;
-	ASN1_INTEGER *ext_any = NULL;
-	POLICY_CONSTRAINTS *ext_pcons = NULL;
-	CERTIFICATEPOLICIES *ext_cpols = NULL;
-	POLICY_MAPPINGS *ext_pmaps = NULL;
-	int i;
-
-	cache = malloc(sizeof(X509_POLICY_CACHE));
-	if (!cache)
-		return 0;
-	cache->anyPolicy = NULL;
-	cache->data = NULL;
-	cache->any_skip = -1;
-	cache->explicit_skip = -1;
-	cache->map_skip = -1;
-
-	x->policy_cache = cache;
-
-	/* Handle requireExplicitPolicy *first*. Need to process this
-	 * even if we don't have any policies.
-	 */
-	ext_pcons = X509_get_ext_d2i(x, NID_policy_constraints, &i, NULL);
-
-	if (!ext_pcons) {
-		if (i != -1)
-			goto bad_cache;
-	} else {
-		if (!ext_pcons->requireExplicitPolicy &&
-		    !ext_pcons->inhibitPolicyMapping)
-			goto bad_cache;
-		if (!policy_cache_set_int(&cache->explicit_skip,
-		    ext_pcons->requireExplicitPolicy))
-			goto bad_cache;
-		if (!policy_cache_set_int(&cache->map_skip,
-		    ext_pcons->inhibitPolicyMapping))
-			goto bad_cache;
-	}
-
-	/* Process CertificatePolicies */
-
-	ext_cpols = X509_get_ext_d2i(x, NID_certificate_policies, &i, NULL);
-	/* If no CertificatePolicies extension or problem decoding then
-	 * there is no point continuing because the valid policies will be
-	 * NULL.
-	 */
-	if (!ext_cpols) {
-		/* If not absent some problem with extension */
-		if (i != -1)
-			goto bad_cache;
-		return 1;
-	}
-
-	i = policy_cache_create(x, ext_cpols, i);
-
-	/* NB: ext_cpols freed by policy_cache_set_policies */
-
-	if (i <= 0)
-		return i;
-
-	ext_pmaps = X509_get_ext_d2i(x, NID_policy_mappings, &i, NULL);
-
-	if (!ext_pmaps) {
-		/* If not absent some problem with extension */
-		if (i != -1)
-			goto bad_cache;
-	} else {
-		i = policy_cache_set_mapping(x, ext_pmaps);
-		if (i <= 0)
-			goto bad_cache;
-	}
-
-	ext_any = X509_get_ext_d2i(x, NID_inhibit_any_policy, &i, NULL);
-
-	if (!ext_any) {
-		if (i != -1)
-			goto bad_cache;
-	} else if (!policy_cache_set_int(&cache->any_skip, ext_any))
-		goto bad_cache;
-
-	if (0) {
-bad_cache:
-		x->ex_flags |= EXFLAG_INVALID_POLICY;
-	}
-
-	if (ext_pcons)
-		POLICY_CONSTRAINTS_free(ext_pcons);
-
-	if (ext_any)
-		ASN1_INTEGER_free(ext_any);
-
-	return 1;
-}
-
-void
-policy_cache_free(X509_POLICY_CACHE *cache)
-{
-	if (!cache)
-		return;
-	if (cache->anyPolicy)
-		policy_data_free(cache->anyPolicy);
-	if (cache->data)
-		sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
-	free(cache);
-}
-
-const X509_POLICY_CACHE *
-policy_cache_set(X509 *x)
-{
-	if (x->policy_cache == NULL) {
-		CRYPTO_w_lock(CRYPTO_LOCK_X509);
-		policy_cache_new(x);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-	}
-
-	return x->policy_cache;
-}
-
-X509_POLICY_DATA *
-policy_cache_find_data(const X509_POLICY_CACHE *cache, const ASN1_OBJECT *id)
-{
-	int idx;
-	X509_POLICY_DATA tmp;
-
-	tmp.valid_policy = (ASN1_OBJECT *)id;
-	idx = sk_X509_POLICY_DATA_find(cache->data, &tmp);
-	if (idx == -1)
-		return NULL;
-	return sk_X509_POLICY_DATA_value(cache->data, idx);
-}
-
-static int
-policy_data_cmp(const X509_POLICY_DATA * const *a,
-    const X509_POLICY_DATA * const *b)
-{
-	return OBJ_cmp((*a)->valid_policy, (*b)->valid_policy);
-}
-
-static int
-policy_cache_set_int(long *out, ASN1_INTEGER *value)
-{
-	if (value == NULL)
-		return 1;
-	if (value->type == V_ASN1_NEG_INTEGER)
-		return 0;
-	*out = ASN1_INTEGER_get(value);
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/x509v3/pcy_data.c b/lib/libssl/src/crypto/x509v3/pcy_data.c
deleted file mode 100644
index b3699b02807..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_data.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* $OpenBSD: pcy_data.c,v 1.9 2015/07/15 16:53:42 miod Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Policy Node routines */
-
-void
-policy_data_free(X509_POLICY_DATA *data)
-{
-	ASN1_OBJECT_free(data->valid_policy);
-	/* Don't free qualifiers if shared */
-	if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
-		sk_POLICYQUALINFO_pop_free(data->qualifier_set,
-		    POLICYQUALINFO_free);
-	sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
-	free(data);
-}
-
-/* Create a data based on an existing policy. If 'id' is NULL use the
- * oid in the policy, otherwise use 'id'. This behaviour covers the two
- * types of data in RFC3280: data with from a CertificatePolcies extension
- * and additional data with just the qualifiers of anyPolicy and ID from
- * another source.
- */
-
-X509_POLICY_DATA *
-policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *cid, int crit)
-{
-	X509_POLICY_DATA *ret = NULL;
-	ASN1_OBJECT *id = NULL;
-
-	if (policy == NULL && cid == NULL)
-		return NULL;
-	if (cid != NULL) {
-		id = OBJ_dup(cid);
-		if (id == NULL)
-			return NULL;
-	}
-	ret = malloc(sizeof(X509_POLICY_DATA));
-	if (ret == NULL)
-		goto err;
-	ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
-	if (ret->expected_policy_set == NULL)
-		goto err;
-
-	if (crit)
-		ret->flags = POLICY_DATA_FLAG_CRITICAL;
-	else
-		ret->flags = 0;
-
-	if (id != NULL)
-		ret->valid_policy = id;
-	else {
-		ret->valid_policy = policy->policyid;
-		policy->policyid = NULL;
-	}
-
-	if (policy != NULL) {
-		ret->qualifier_set = policy->qualifiers;
-		policy->qualifiers = NULL;
-	} else
-		ret->qualifier_set = NULL;
-
-	return ret;
-
-err:
-	free(ret);
-	ASN1_OBJECT_free(id);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/pcy_int.h b/lib/libssl/src/crypto/x509v3/pcy_int.h
deleted file mode 100644
index 50ed7cbfcf2..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_int.h
+++ /dev/null
@@ -1,206 +0,0 @@
-/* $OpenBSD: pcy_int.h,v 1.4 2015/07/18 00:01:05 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
-
-DECLARE_STACK_OF(X509_POLICY_DATA)
-
-/* Internal structures */
-
-/* This structure and the field names correspond to the Policy 'node' of
- * RFC3280. NB this structure contains no pointers to parent or child
- * data: X509_POLICY_NODE contains that. This means that the main policy data
- * can be kept static and cached with the certificate.
- */
-
-struct X509_POLICY_DATA_st {
-	unsigned int flags;
-	/* Policy OID and qualifiers for this data */
-	ASN1_OBJECT *valid_policy;
-	STACK_OF(POLICYQUALINFO) *qualifier_set;
-	STACK_OF(ASN1_OBJECT) *expected_policy_set;
-};
-
-/* X509_POLICY_DATA flags values */
-
-/* This flag indicates the structure has been mapped using a policy mapping
- * extension. If policy mapping is not active its references get deleted.
- */
-
-#define POLICY_DATA_FLAG_MAPPED			0x1
-
-/* This flag indicates the data doesn't correspond to a policy in Certificate
- * Policies: it has been mapped to any policy.
- */
-
-#define POLICY_DATA_FLAG_MAPPED_ANY		0x2
-
-/* AND with flags to see if any mapping has occurred */
-
-#define POLICY_DATA_FLAG_MAP_MASK		0x3
-
-/* qualifiers are shared and shouldn't be freed */
-
-#define POLICY_DATA_FLAG_SHARED_QUALIFIERS	0x4
-
-/* Parent node is an extra node and should be freed */
-
-#define POLICY_DATA_FLAG_EXTRA_NODE		0x8
-
-/* Corresponding CertificatePolicies is critical */
-
-#define POLICY_DATA_FLAG_CRITICAL		0x10
-
-/* This structure is cached with a certificate */
-
-struct X509_POLICY_CACHE_st {
-	/* anyPolicy data or NULL if no anyPolicy */
-	X509_POLICY_DATA *anyPolicy;
-	/* other policy data */
-	STACK_OF(X509_POLICY_DATA) *data;
-	/* If InhibitAnyPolicy present this is its value or -1 if absent. */
-	long any_skip;
-	/* If policyConstraints and requireExplicitPolicy present this is its
-	 * value or -1 if absent.
-	 */
-	long explicit_skip;
-	/* If policyConstraints and policyMapping present this is its
-	 * value or -1 if absent.
-         */
-	long map_skip;
-};
-
-/*#define POLICY_CACHE_FLAG_CRITICAL		POLICY_DATA_FLAG_CRITICAL*/
-
-/* This structure represents the relationship between nodes */
-
-struct X509_POLICY_NODE_st {
-	/* node data this refers to */
-	const X509_POLICY_DATA *data;
-	/* Parent node */
-	X509_POLICY_NODE *parent;
-	/* Number of child nodes */
-	int nchild;
-};
-
-struct X509_POLICY_LEVEL_st {
-	/* Cert for this level */
-	X509 *cert;
-	/* nodes at this level */
-	STACK_OF(X509_POLICY_NODE) *nodes;
-	/* anyPolicy node */
-	X509_POLICY_NODE *anyPolicy;
-	/* Extra data */
-	/*STACK_OF(X509_POLICY_DATA) *extra_data;*/
-	unsigned int flags;
-};
-
-struct X509_POLICY_TREE_st {
-	/* This is the tree 'level' data */
-	X509_POLICY_LEVEL *levels;
-	int nlevel;
-	/* Extra policy data when additional nodes (not from the certificate)
-	 * are required.
-	 */
-	STACK_OF(X509_POLICY_DATA) *extra_data;
-	/* This is the authority constained policy set */
-	STACK_OF(X509_POLICY_NODE) *auth_policies;
-	STACK_OF(X509_POLICY_NODE) *user_policies;
-	unsigned int flags;
-};
-
-/* Set if anyPolicy present in user policies */
-#define POLICY_FLAG_ANY_POLICY		0x2
-
-/* Useful macros */
-
-#define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL)
-#define node_critical(node) node_data_critical(node->data)
-
-/* Internal functions */
-
-X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
-    int crit);
-void policy_data_free(X509_POLICY_DATA *data);
-
-X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache,
-    const ASN1_OBJECT *id);
-int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps);
-
-
-STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void);
-
-void policy_cache_init(void);
-
-void policy_cache_free(X509_POLICY_CACHE *cache);
-
-X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
-    const X509_POLICY_NODE *parent, const ASN1_OBJECT *id);
-
-X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
-    const ASN1_OBJECT *id);
-
-int level_add_node(X509_POLICY_LEVEL *level,
-    const X509_POLICY_DATA *data, X509_POLICY_NODE *parent,
-    X509_POLICY_TREE *tree, X509_POLICY_NODE **nodep);
-void policy_node_free(X509_POLICY_NODE *node);
-int policy_node_match(const X509_POLICY_LEVEL *lvl,
-    const X509_POLICY_NODE *node, const ASN1_OBJECT *oid);
-
-const X509_POLICY_CACHE *policy_cache_set(X509 *x);
diff --git a/lib/libssl/src/crypto/x509v3/pcy_lib.c b/lib/libssl/src/crypto/x509v3/pcy_lib.c
deleted file mode 100644
index 6f370640639..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_lib.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/* $OpenBSD: pcy_lib.c,v 1.5 2015/02/07 13:19:15 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* accessor functions */
-
-/* X509_POLICY_TREE stuff */
-
-int
-X509_policy_tree_level_count(const X509_POLICY_TREE *tree)
-{
-	if (!tree)
-		return 0;
-	return tree->nlevel;
-}
-
-X509_POLICY_LEVEL *
-X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i)
-{
-	if (!tree || (i < 0) || (i >= tree->nlevel))
-		return NULL;
-	return tree->levels + i;
-}
-
-STACK_OF(X509_POLICY_NODE) *
-X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree)
-{
-	if (!tree)
-		return NULL;
-	return tree->auth_policies;
-}
-
-STACK_OF(X509_POLICY_NODE) *
-X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree)
-{
-	if (!tree)
-		return NULL;
-	if (tree->flags & POLICY_FLAG_ANY_POLICY)
-		return tree->auth_policies;
-	else
-		return tree->user_policies;
-}
-
-/* X509_POLICY_LEVEL stuff */
-
-int
-X509_policy_level_node_count(X509_POLICY_LEVEL *level)
-{
-	int n;
-	if (!level)
-		return 0;
-	if (level->anyPolicy)
-		n = 1;
-	else
-		n = 0;
-	if (level->nodes)
-		n += sk_X509_POLICY_NODE_num(level->nodes);
-	return n;
-}
-
-X509_POLICY_NODE *
-X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i)
-{
-	if (!level)
-		return NULL;
-	if (level->anyPolicy) {
-		if (i == 0)
-			return level->anyPolicy;
-		i--;
-	}
-	return sk_X509_POLICY_NODE_value(level->nodes, i);
-}
-
-/* X509_POLICY_NODE stuff */
-
-const ASN1_OBJECT *
-X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
-{
-	if (!node)
-		return NULL;
-	return node->data->valid_policy;
-}
-
-STACK_OF(POLICYQUALINFO) *
-X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node)
-{
-	if (!node)
-		return NULL;
-	return node->data->qualifier_set;
-}
-
-const X509_POLICY_NODE *
-X509_policy_node_get0_parent(const X509_POLICY_NODE *node)
-{
-	if (!node)
-		return NULL;
-	return node->parent;
-}
diff --git a/lib/libssl/src/crypto/x509v3/pcy_map.c b/lib/libssl/src/crypto/x509v3/pcy_map.c
deleted file mode 100644
index 6ee1ffe895a..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_map.c
+++ /dev/null
@@ -1,126 +0,0 @@
-/* $OpenBSD: pcy_map.c,v 1.4 2014/07/11 08:44:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Set policy mapping entries in cache.
- * Note: this modifies the passed POLICY_MAPPINGS structure
- */
-
-int
-policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
-{
-	POLICY_MAPPING *map;
-	X509_POLICY_DATA *data;
-	X509_POLICY_CACHE *cache = x->policy_cache;
-	int i;
-	int ret = 0;
-
-	if (sk_POLICY_MAPPING_num(maps) == 0) {
-		ret = -1;
-		goto bad_mapping;
-	}
-	for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++) {
-		map = sk_POLICY_MAPPING_value(maps, i);
-		/* Reject if map to or from anyPolicy */
-		if ((OBJ_obj2nid(map->subjectDomainPolicy) == NID_any_policy) ||
-		    (OBJ_obj2nid(map->issuerDomainPolicy) == NID_any_policy)) {
-			ret = -1;
-			goto bad_mapping;
-		}
-
-		/* Attempt to find matching policy data */
-		data = policy_cache_find_data(cache, map->issuerDomainPolicy);
-		/* If we don't have anyPolicy can't map */
-		if (!data && !cache->anyPolicy)
-			continue;
-
-		/* Create a NODE from anyPolicy */
-		if (!data) {
-			data = policy_data_new(NULL, map->issuerDomainPolicy,
-			    cache->anyPolicy->flags &
-			    POLICY_DATA_FLAG_CRITICAL);
-			if (!data)
-				goto bad_mapping;
-			data->qualifier_set = cache->anyPolicy->qualifier_set;
-			/*map->issuerDomainPolicy = NULL;*/
-			data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
-			data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
-			if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
-				policy_data_free(data);
-				goto bad_mapping;
-			}
-		} else
-			data->flags |= POLICY_DATA_FLAG_MAPPED;
-		if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
-		    map->subjectDomainPolicy))
-			goto bad_mapping;
-		map->subjectDomainPolicy = NULL;
-	}
-
-	ret = 1;
-
-bad_mapping:
-	if (ret == -1)
-		x->ex_flags |= EXFLAG_INVALID_POLICY;
-	sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/x509v3/pcy_node.c b/lib/libssl/src/crypto/x509v3/pcy_node.c
deleted file mode 100644
index ba22b267bfe..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_node.c
+++ /dev/null
@@ -1,199 +0,0 @@
-/* $OpenBSD: pcy_node.c,v 1.6 2015/07/18 00:01:05 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/asn1.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-static int
-node_cmp(const X509_POLICY_NODE * const *a, const X509_POLICY_NODE * const *b)
-{
-	return OBJ_cmp((*a)->data->valid_policy, (*b)->data->valid_policy);
-}
-
-STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
-{
-	return sk_X509_POLICY_NODE_new(node_cmp);
-}
-
-X509_POLICY_NODE *
-tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes, const ASN1_OBJECT *id)
-{
-	X509_POLICY_DATA n;
-	X509_POLICY_NODE l;
-	int idx;
-
-	n.valid_policy = (ASN1_OBJECT *)id;
-	l.data = &n;
-
-	idx = sk_X509_POLICY_NODE_find(nodes, &l);
-	if (idx == -1)
-		return NULL;
-
-	return sk_X509_POLICY_NODE_value(nodes, idx);
-}
-
-X509_POLICY_NODE *
-level_find_node(const X509_POLICY_LEVEL *level, const X509_POLICY_NODE *parent,
-    const ASN1_OBJECT *id)
-{
-	X509_POLICY_NODE *node;
-	int i;
-
-	for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
-		node = sk_X509_POLICY_NODE_value(level->nodes, i);
-		if (node->parent == parent) {
-			if (!OBJ_cmp(node->data->valid_policy, id))
-				return node;
-		}
-	}
-	return NULL;
-}
-
-
-int
-level_add_node(X509_POLICY_LEVEL *level, const X509_POLICY_DATA *data,
-    X509_POLICY_NODE *parent, X509_POLICY_TREE *tree, X509_POLICY_NODE **nodep)
-{
-	X509_POLICY_NODE *node = NULL;
-
-	if (level) {
-		node = malloc(sizeof(X509_POLICY_NODE));
-		if (!node)
-			goto node_error;
-		node->data = data;
-		node->parent = parent;
-		node->nchild = 0;
-		if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
-			if (level->anyPolicy)
-				goto node_error;
-			level->anyPolicy = node;
-			if (parent)
-				parent->nchild++;
-		} else {
-
-			if (!level->nodes)
-				level->nodes = policy_node_cmp_new();
-			if (!level->nodes)
-				goto node_error;
-			if (!sk_X509_POLICY_NODE_push(level->nodes, node))
-				goto node_error;
-			if (parent)
-				parent->nchild++;
-		}
-	}
-
-	if (tree) {
-		if (!tree->extra_data)
-			tree->extra_data = sk_X509_POLICY_DATA_new_null();
-		if (!tree->extra_data)
-			goto node_error_cond;
-		if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))
-			goto node_error_cond;
-	}
-
-	if (nodep)
-		*nodep = node;
-
-	return 1;
-
-node_error_cond:
-	if (level)
-		node = NULL;
-node_error:
-	policy_node_free(node);
-	node = NULL;
-	if (nodep)
-		*nodep = node;
-	return 0;
-}
-
-void
-policy_node_free(X509_POLICY_NODE *node)
-{
-	free(node);
-}
-
-/* See if a policy node matches a policy OID. If mapping enabled look through
- * expected policy set otherwise just valid policy.
- */
-
-int
-policy_node_match(const X509_POLICY_LEVEL *lvl, const X509_POLICY_NODE *node,
-    const ASN1_OBJECT *oid)
-{
-	int i;
-	ASN1_OBJECT *policy_oid;
-	const X509_POLICY_DATA *x = node->data;
-
-	if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP) ||
-	    !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
-		if (!OBJ_cmp(x->valid_policy, oid))
-			return 1;
-		return 0;
-	}
-
-	for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
-		policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
-		if (!OBJ_cmp(policy_oid, oid))
-			return 1;
-	}
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509v3/pcy_tree.c b/lib/libssl/src/crypto/x509v3/pcy_tree.c
deleted file mode 100644
index 7b28acbe1f1..00000000000
--- a/lib/libssl/src/crypto/x509v3/pcy_tree.c
+++ /dev/null
@@ -1,768 +0,0 @@
-/* $OpenBSD: pcy_tree.c,v 1.16 2016/03/11 07:08:45 mmcc Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2004.
- */
-/* ====================================================================
- * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Enable this to print out the complete policy tree at various point during
- * evaluation.
- */
-
-/*#define OPENSSL_POLICY_DEBUG*/
-
-#ifdef OPENSSL_POLICY_DEBUG
-
-static void
-expected_print(BIO *err, X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node,
-    int indent)
-{
-	if ((lev->flags & X509_V_FLAG_INHIBIT_MAP) ||
-	    !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK))
-		BIO_puts(err, "  Not Mapped\n");
-	else {
-		int i;
-		STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set;
-		ASN1_OBJECT *oid;
-		BIO_puts(err, "  Expected: ");
-		for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) {
-			oid = sk_ASN1_OBJECT_value(pset, i);
-			if (i)
-				BIO_puts(err, ", ");
-			i2a_ASN1_OBJECT(err, oid);
-		}
-		BIO_puts(err, "\n");
-	}
-}
-
-static void
-tree_print(char *str, X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
-{
-	X509_POLICY_LEVEL *plev;
-	X509_POLICY_NODE *node;
-	int i;
-	BIO *err;
-
-	err = BIO_new_fp(stderr, BIO_NOCLOSE);
-	if (!curr)
-		curr = tree->levels + tree->nlevel;
-	else
-		curr++;
-	BIO_printf(err, "Level print after %s\n", str);
-	BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels);
-	for (plev = tree->levels; plev != curr; plev++) {
-		BIO_printf(err, "Level %ld, flags = %x\n",
-		    plev - tree->levels, plev->flags);
-		for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) {
-			node = sk_X509_POLICY_NODE_value(plev->nodes, i);
-			X509_POLICY_NODE_print(err, node, 2);
-			expected_print(err, plev, node, 2);
-			BIO_printf(err, "  Flags: %x\n", node->data->flags);
-		}
-		if (plev->anyPolicy)
-			X509_POLICY_NODE_print(err, plev->anyPolicy, 2);
-	}
-
-	BIO_free(err);
-}
-#else
-
-#define tree_print(a,b,c) /* */
-
-#endif
-
-/* Initialize policy tree. Return values:
- *  0 Some internal error occured.
- * -1 Inconsistent or invalid extensions in certificates.
- *  1 Tree initialized OK.
- *  2 Policy tree is empty.
- *  5 Tree OK and requireExplicitPolicy true.
- *  6 Tree empty and requireExplicitPolicy true.
- */
-
-static int
-tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, unsigned int flags)
-{
-	X509_POLICY_TREE *tree;
-	X509_POLICY_LEVEL *level;
-	const X509_POLICY_CACHE *cache;
-	X509_POLICY_DATA *data = NULL;
-	X509 *x;
-	int ret = 1;
-	int i, n;
-	int explicit_policy;
-	int any_skip;
-	int map_skip;
-
-	*ptree = NULL;
-	n = sk_X509_num(certs);
-
-	if (flags & X509_V_FLAG_EXPLICIT_POLICY)
-		explicit_policy = 0;
-	else
-		explicit_policy = n + 1;
-
-	if (flags & X509_V_FLAG_INHIBIT_ANY)
-		any_skip = 0;
-	else
-		any_skip = n + 1;
-
-	if (flags & X509_V_FLAG_INHIBIT_MAP)
-		map_skip = 0;
-	else
-		map_skip = n + 1;
-
-	/* Can't do anything with just a trust anchor */
-	if (n == 1)
-		return 1;
-	/* First setup policy cache in all certificates apart from the
-	 * trust anchor. Note any bad cache results on the way. Also can
-	 * calculate explicit_policy value at this point.
-	 */
-	for (i = n - 2; i >= 0; i--) {
-		x = sk_X509_value(certs, i);
-		X509_check_purpose(x, -1, -1);
-		cache = policy_cache_set(x);
-		/* If cache NULL something bad happened: return immediately */
-		if (cache == NULL)
-			return 0;
-		/* If inconsistent extensions keep a note of it but continue */
-		if (x->ex_flags & EXFLAG_INVALID_POLICY)
-			ret = -1;
-		/* Otherwise if we have no data (hence no CertificatePolicies)
-		 * and haven't already set an inconsistent code note it.
-		 */
-		else if ((ret == 1) && !cache->data)
-			ret = 2;
-		if (explicit_policy > 0) {
-			if (!(x->ex_flags & EXFLAG_SI))
-				explicit_policy--;
-			if ((cache->explicit_skip != -1) &&
-			    (cache->explicit_skip < explicit_policy))
-				explicit_policy = cache->explicit_skip;
-		}
-	}
-
-	if (ret != 1) {
-		if (ret == 2 && !explicit_policy)
-			return 6;
-		return ret;
-	}
-
-
-	/* If we get this far initialize the tree */
-
-	tree = malloc(sizeof(X509_POLICY_TREE));
-
-	if (!tree)
-		return 0;
-
-	tree->flags = 0;
-	tree->levels = calloc(n, sizeof(X509_POLICY_LEVEL));
-	tree->nlevel = 0;
-	tree->extra_data = NULL;
-	tree->auth_policies = NULL;
-	tree->user_policies = NULL;
-
-	if (!tree->levels) {
-		free(tree);
-		return 0;
-	}
-
-	tree->nlevel = n;
-
-	level = tree->levels;
-
-	/* Root data: initialize to anyPolicy */
-
-	data = policy_data_new(NULL, OBJ_nid2obj(NID_any_policy), 0);
-
-	if (!data || !level_add_node(level, data, NULL, tree, NULL))
-		goto bad_tree;
-
-	for (i = n - 2; i >= 0; i--) {
-		level++;
-		x = sk_X509_value(certs, i);
-		cache = policy_cache_set(x);
-		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-		level->cert = x;
-
-		if (!cache->anyPolicy)
-			level->flags |= X509_V_FLAG_INHIBIT_ANY;
-
-		/* Determine inhibit any and inhibit map flags */
-		if (any_skip == 0) {
-			/* Any matching allowed if certificate is self
-			 * issued and not the last in the chain.
-			 */
-			if (!(x->ex_flags & EXFLAG_SI) || (i == 0))
-				level->flags |= X509_V_FLAG_INHIBIT_ANY;
-		} else {
-			if (!(x->ex_flags & EXFLAG_SI))
-				any_skip--;
-			if ((cache->any_skip >= 0) &&
-			    (cache->any_skip < any_skip))
-				any_skip = cache->any_skip;
-		}
-
-		if (map_skip == 0)
-			level->flags |= X509_V_FLAG_INHIBIT_MAP;
-		else {
-			if (!(x->ex_flags & EXFLAG_SI))
-				map_skip--;
-			if ((cache->map_skip >= 0) &&
-			    (cache->map_skip < map_skip))
-				map_skip = cache->map_skip;
-		}
-
-	}
-
-	*ptree = tree;
-
-	if (explicit_policy)
-		return 1;
-	else
-		return 5;
-
-bad_tree:
-	X509_policy_tree_free(tree);
-
-	return 0;
-}
-
-static int
-tree_link_matching_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_DATA *data)
-{
-	X509_POLICY_LEVEL *last = curr - 1;
-	X509_POLICY_NODE *node;
-	int i, matched = 0;
-
-	/* Iterate through all in nodes linking matches */
-	for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
-		node = sk_X509_POLICY_NODE_value(last->nodes, i);
-		if (policy_node_match(last, node, data->valid_policy)) {
-			if (!level_add_node(curr, data, node, NULL, NULL))
-				return 0;
-			matched = 1;
-		}
-	}
-	if (!matched && last->anyPolicy) {
-		if (!level_add_node(curr, data, last->anyPolicy, NULL, NULL))
-			return 0;
-	}
-	return 1;
-}
-
-/* This corresponds to RFC3280 6.1.3(d)(1):
- * link any data from CertificatePolicies onto matching parent
- * or anyPolicy if no match.
- */
-
-static int
-tree_link_nodes(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache)
-{
-	int i;
-	X509_POLICY_DATA *data;
-
-	for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
-		data = sk_X509_POLICY_DATA_value(cache->data, i);
-		/* Look for matching nodes in previous level */
-		if (!tree_link_matching_nodes(curr, data))
-			return 0;
-	}
-	return 1;
-}
-
-/* This corresponds to RFC3280 6.1.3(d)(2):
- * Create new data for any unmatched policies in the parent and link
- * to anyPolicy.
- */
-
-static int
-tree_add_unmatched(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
-    const ASN1_OBJECT *id, X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
-{
-	X509_POLICY_DATA *data;
-
-	if (id == NULL)
-		id = node->data->valid_policy;
-	/* Create a new node with qualifiers from anyPolicy and
-	 * id from unmatched node.
-	 */
-	data = policy_data_new(NULL, id, node_critical(node));
-
-	if (data == NULL)
-		return 0;
-	/* Curr may not have anyPolicy */
-	data->qualifier_set = cache->anyPolicy->qualifier_set;
-	data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
-	if (!level_add_node(curr, data, node, tree, NULL)) {
-		policy_data_free(data);
-		return 0;
-	}
-
-	return 1;
-}
-
-static int
-tree_link_unmatched(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
-    X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
-{
-	const X509_POLICY_LEVEL *last = curr - 1;
-	int i;
-
-	if ((last->flags & X509_V_FLAG_INHIBIT_MAP) ||
-	    !(node->data->flags & POLICY_DATA_FLAG_MAPPED)) {
-		/* If no policy mapping: matched if one child present */
-		if (node->nchild)
-			return 1;
-		if (!tree_add_unmatched(curr, cache, NULL, node, tree))
-			return 0;
-		/* Add it */
-	} else {
-		/* If mapping: matched if one child per expected policy set */
-		STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
-		if (node->nchild == sk_ASN1_OBJECT_num(expset))
-			return 1;
-		/* Locate unmatched nodes */
-		for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++) {
-			ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i);
-			if (level_find_node(curr, node, oid))
-				continue;
-			if (!tree_add_unmatched(curr, cache, oid, node, tree))
-				return 0;
-		}
-	}
-
-	return 1;
-}
-
-static int
-tree_link_any(X509_POLICY_LEVEL *curr, const X509_POLICY_CACHE *cache,
-    X509_POLICY_TREE *tree)
-{
-	int i;
-	X509_POLICY_NODE *node;
-	X509_POLICY_LEVEL *last = curr - 1;
-
-	for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
-		node = sk_X509_POLICY_NODE_value(last->nodes, i);
-
-		if (!tree_link_unmatched(curr, cache, node, tree))
-			return 0;
-	}
-	/* Finally add link to anyPolicy */
-	if (last->anyPolicy) {
-		if (!level_add_node(curr, cache->anyPolicy,
-		    last->anyPolicy, NULL, NULL))
-			return 0;
-	}
-	return 1;
-}
-
-/* Prune the tree: delete any child mapped child data on the current level
- * then proceed up the tree deleting any data with no children. If we ever
- * have no data on a level we can halt because the tree will be empty.
- */
-
-static int
-tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
-{
-	STACK_OF(X509_POLICY_NODE) *nodes;
-	X509_POLICY_NODE *node;
-	int i;
-
-	nodes = curr->nodes;
-	if (curr->flags & X509_V_FLAG_INHIBIT_MAP) {
-		for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
-			node = sk_X509_POLICY_NODE_value(nodes, i);
-			/* Delete any mapped data: see RFC3280 XXXX */
-			if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
-				node->parent->nchild--;
-				free(node);
-				(void)sk_X509_POLICY_NODE_delete(nodes, i);
-			}
-		}
-	}
-
-	for (;;) {
-		--curr;
-		nodes = curr->nodes;
-		for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
-			node = sk_X509_POLICY_NODE_value(nodes, i);
-			if (node->nchild == 0) {
-				node->parent->nchild--;
-				free(node);
-				(void)sk_X509_POLICY_NODE_delete(nodes, i);
-			}
-		}
-		if (curr->anyPolicy && !curr->anyPolicy->nchild) {
-			if (curr->anyPolicy->parent)
-				curr->anyPolicy->parent->nchild--;
-			free(curr->anyPolicy);
-			curr->anyPolicy = NULL;
-		}
-		if (curr == tree->levels) {
-			/* If we zapped anyPolicy at top then tree is empty */
-			if (!curr->anyPolicy)
-				return 2;
-			return 1;
-		}
-	}
-
-	return 1;
-}
-
-static int
-tree_add_auth_node(STACK_OF(X509_POLICY_NODE) **pnodes, X509_POLICY_NODE *pcy)
-{
-	if (!*pnodes) {
-		*pnodes = policy_node_cmp_new();
-		if (!*pnodes)
-			return 0;
-	} else if (sk_X509_POLICY_NODE_find(*pnodes, pcy) != -1)
-		return 1;
-
-	if (!sk_X509_POLICY_NODE_push(*pnodes, pcy))
-		return 0;
-
-	return 1;
-}
-
-/* Calculate the authority set based on policy tree.
- * The 'pnodes' parameter is used as a store for the set of policy nodes
- * used to calculate the user set. If the authority set is not anyPolicy
- * then pnodes will just point to the authority set. If however the authority
- * set is anyPolicy then the set of valid policies (other than anyPolicy)
- * is store in pnodes. The return value of '2' is used in this case to indicate
- * that pnodes should be freed.
- */
-
-static int
-tree_calculate_authority_set(X509_POLICY_TREE *tree,
-    STACK_OF(X509_POLICY_NODE) **pnodes)
-{
-	X509_POLICY_LEVEL *curr;
-	X509_POLICY_NODE *node, *anyptr;
-	STACK_OF(X509_POLICY_NODE) **addnodes;
-	int i, j;
-
-	curr = tree->levels + tree->nlevel - 1;
-
-	/* If last level contains anyPolicy set is anyPolicy */
-	if (curr->anyPolicy) {
-		if (!tree_add_auth_node(&tree->auth_policies, curr->anyPolicy))
-			return 0;
-		addnodes = pnodes;
-	} else
-		/* Add policies to authority set */
-		addnodes = &tree->auth_policies;
-
-	curr = tree->levels;
-	for (i = 1; i < tree->nlevel; i++) {
-		/* If no anyPolicy node on this this level it can't
-		 * appear on lower levels so end search.
-		 */
-		if (!(anyptr = curr->anyPolicy))
-			break;
-		curr++;
-		for (j = 0; j < sk_X509_POLICY_NODE_num(curr->nodes); j++) {
-			node = sk_X509_POLICY_NODE_value(curr->nodes, j);
-			if ((node->parent == anyptr) &&
-			    !tree_add_auth_node(addnodes, node))
-				return 0;
-		}
-	}
-
-	if (addnodes == pnodes)
-		return 2;
-
-	*pnodes = tree->auth_policies;
-
-	return 1;
-}
-
-static int
-tree_calculate_user_set(X509_POLICY_TREE *tree,
-    STACK_OF(ASN1_OBJECT) *policy_oids, STACK_OF(X509_POLICY_NODE) *auth_nodes)
-{
-	int i;
-	X509_POLICY_NODE *node;
-	ASN1_OBJECT *oid;
-	X509_POLICY_NODE *anyPolicy;
-	X509_POLICY_DATA *extra;
-
-	/* Check if anyPolicy present in authority constrained policy set:
-	 * this will happen if it is a leaf node.
-	 */
-
-	if (sk_ASN1_OBJECT_num(policy_oids) <= 0)
-		return 1;
-
-	anyPolicy = tree->levels[tree->nlevel - 1].anyPolicy;
-
-	for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
-		oid = sk_ASN1_OBJECT_value(policy_oids, i);
-		if (OBJ_obj2nid(oid) == NID_any_policy) {
-			tree->flags |= POLICY_FLAG_ANY_POLICY;
-			return 1;
-		}
-	}
-
-	for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
-		oid = sk_ASN1_OBJECT_value(policy_oids, i);
-		node = tree_find_sk(auth_nodes, oid);
-		if (!node) {
-			if (!anyPolicy)
-				continue;
-			/* Create a new node with policy ID from user set
-			 * and qualifiers from anyPolicy.
-			 */
-			extra = policy_data_new(NULL, oid,
-			    node_critical(anyPolicy));
-			if (!extra)
-				return 0;
-			extra->qualifier_set = anyPolicy->data->qualifier_set;
-			extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS |
-			    POLICY_DATA_FLAG_EXTRA_NODE;
-			(void) level_add_node(NULL, extra, anyPolicy->parent,
-			    tree, &node);
-		}
-		if (!tree->user_policies) {
-			tree->user_policies = sk_X509_POLICY_NODE_new_null();
-			if (!tree->user_policies)
-				return 1;
-		}
-		if (!sk_X509_POLICY_NODE_push(tree->user_policies, node))
-			return 0;
-	}
-	return 1;
-}
-
-static int
-tree_evaluate(X509_POLICY_TREE *tree)
-{
-	int ret, i;
-	X509_POLICY_LEVEL *curr = tree->levels + 1;
-	const X509_POLICY_CACHE *cache;
-
-	for (i = 1; i < tree->nlevel; i++, curr++) {
-		cache = policy_cache_set(curr->cert);
-		if (!tree_link_nodes(curr, cache))
-			return 0;
-
-		if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) &&
-		    !tree_link_any(curr, cache, tree))
-			return 0;
-		tree_print("before tree_prune()", tree, curr);
-		ret = tree_prune(tree, curr);
-		if (ret != 1)
-			return ret;
-	}
-
-	return 1;
-}
-
-static void
-exnode_free(X509_POLICY_NODE *node)
-{
-	if (node->data && (node->data->flags & POLICY_DATA_FLAG_EXTRA_NODE))
-		free(node);
-}
-
-void
-X509_policy_tree_free(X509_POLICY_TREE *tree)
-{
-	X509_POLICY_LEVEL *curr;
-	int i;
-
-	if (!tree)
-		return;
-
-	sk_X509_POLICY_NODE_free(tree->auth_policies);
-	sk_X509_POLICY_NODE_pop_free(tree->user_policies, exnode_free);
-
-	for (i = 0, curr = tree->levels; i < tree->nlevel; i++, curr++) {
-		X509_free(curr->cert);
-		if (curr->nodes)
-			sk_X509_POLICY_NODE_pop_free(curr->nodes,
-		    policy_node_free);
-		if (curr->anyPolicy)
-			policy_node_free(curr->anyPolicy);
-	}
-
-	if (tree->extra_data)
-		sk_X509_POLICY_DATA_pop_free(tree->extra_data,
-		    policy_data_free);
-
-	free(tree->levels);
-	free(tree);
-}
-
-/* Application policy checking function.
- * Return codes:
- *  0 	Internal Error.
- *  1   Successful.
- * -1   One or more certificates contain invalid or inconsistent extensions
- * -2	User constrained policy set empty and requireExplicit true.
- */
-
-int
-X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
-    STACK_OF(X509) *certs, STACK_OF(ASN1_OBJECT) *policy_oids,
-    unsigned int flags)
-{
-	int ret, ret2;
-	X509_POLICY_TREE *tree = NULL;
-	STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
-
-	*ptree = NULL;
-	*pexplicit_policy = 0;
-	ret = tree_init(&tree, certs, flags);
-
-	switch (ret) {
-
-		/* Tree empty requireExplicit False: OK */
-	case 2:
-		return 1;
-
-		/* Some internal error */
-	case -1:
-		return -1;
-
-		/* Some internal error */
-	case 0:
-		return 0;
-
-		/* Tree empty requireExplicit True: Error */
-
-	case 6:
-		*pexplicit_policy = 1;
-		return -2;
-
-		/* Tree OK requireExplicit True: OK and continue */
-	case 5:
-		*pexplicit_policy = 1;
-		break;
-
-		/* Tree OK: continue */
-
-	case 1:
-		if (!tree)
-			/*
-			 * tree_init() returns success and a null tree
-			 * if it's just looking at a trust anchor.
-			 * I'm not sure that returning success here is
-			 * correct, but I'm sure that reporting this
-			 * as an internal error which our caller
-			 * interprets as a malloc failure is wrong.
-			 */
-			return 1;
-		break;
-	}
-
-	if (!tree)
-		goto error;
-	ret = tree_evaluate(tree);
-
-	tree_print("tree_evaluate()", tree, NULL);
-
-	if (ret <= 0)
-		goto error;
-
-	/* Return value 2 means tree empty */
-	if (ret == 2) {
-		X509_policy_tree_free(tree);
-		if (*pexplicit_policy)
-			return -2;
-		else
-			return 1;
-	}
-
-	/* Tree is not empty: continue */
-
-	ret = tree_calculate_authority_set(tree, &auth_nodes);
-	if (ret == 0)
-		goto error;
-
-	ret2 = tree_calculate_user_set(tree, policy_oids, auth_nodes);
-
-	/* Return value 2 means auth_nodes needs to be freed */
-	if (ret == 2)
-		sk_X509_POLICY_NODE_free(auth_nodes);
-
-	if (ret2 == 0)
-		goto error;
-
-	if (tree)
-		*ptree = tree;
-
-	if (*pexplicit_policy) {
-		nodes = X509_policy_tree_get0_user_policies(tree);
-		if (sk_X509_POLICY_NODE_num(nodes) <= 0)
-			return -2;
-	}
-
-	return 1;
-
-error:
-	X509_policy_tree_free(tree);
-
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_akey.c b/lib/libssl/src/crypto/x509v3/v3_akey.c
deleted file mode 100644
index 3071baf9ac1..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_akey.c
+++ /dev/null
@@ -1,215 +0,0 @@
-/* $OpenBSD: v3_akey.c,v 1.17 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-    AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_akey_id = {
-	.ext_nid = NID_authority_key_identifier,
-	.ext_flags = X509V3_EXT_MULTILINE,
-	.it = ASN1_ITEM_ref(AUTHORITY_KEYID),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
-	.v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static
-STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
-    AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
-{
-	char *tmp;
-
-	if (akeyid->keyid) {
-		tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
-		X509V3_add_value("keyid", tmp, &extlist);
-		free(tmp);
-	}
-	if (akeyid->issuer)
-		extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
-	if (akeyid->serial) {
-		tmp = hex_to_string(akeyid->serial->data,
-		    akeyid->serial->length);
-		X509V3_add_value("serial", tmp, &extlist);
-		free(tmp);
-	}
-	return extlist;
-}
-
-/* Currently two options:
- * keyid: use the issuers subject keyid, the value 'always' means its is
- * an error if the issuer certificate doesn't have a key id.
- * issuer: use the issuers cert issuer and serial number. The default is
- * to only use this if keyid is not present. With the option 'always'
- * this is always included.
- */
-
-static AUTHORITY_KEYID *
-v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *values)
-{
-	char keyid = 0, issuer = 0;
-	int i;
-	CONF_VALUE *cnf;
-	ASN1_OCTET_STRING *ikeyid = NULL;
-	X509_NAME *isname = NULL;
-	STACK_OF(GENERAL_NAME) *gens = NULL;
-	GENERAL_NAME *gen = NULL;
-	ASN1_INTEGER *serial = NULL;
-	X509_EXTENSION *ext;
-	X509 *cert;
-	AUTHORITY_KEYID *akeyid = NULL;
-
-	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-		cnf = sk_CONF_VALUE_value(values, i);
-		if (!strcmp(cnf->name, "keyid")) {
-			keyid = 1;
-			if (cnf->value && !strcmp(cnf->value, "always"))
-				keyid = 2;
-		}
-		else if (!strcmp(cnf->name, "issuer")) {
-			issuer = 1;
-			if (cnf->value && !strcmp(cnf->value, "always"))
-				issuer = 2;
-		} else {
-			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-			    X509V3_R_UNKNOWN_OPTION);
-			ERR_asprintf_error_data("name=%s", cnf->name);
-			return NULL;
-		}
-	}
-
-	if (!ctx || !ctx->issuer_cert) {
-		if (ctx && (ctx->flags == CTX_TEST))
-			return AUTHORITY_KEYID_new();
-		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-		    X509V3_R_NO_ISSUER_CERTIFICATE);
-		return NULL;
-	}
-
-	cert = ctx->issuer_cert;
-
-	if (keyid) {
-		i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
-		if ((i >= 0)  && (ext = X509_get_ext(cert, i)))
-			ikeyid = X509V3_EXT_d2i(ext);
-		if (keyid == 2 && !ikeyid) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-			    X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
-			return NULL;
-		}
-	}
-
-	if ((issuer && !ikeyid) || (issuer == 2)) {
-		isname = X509_NAME_dup(X509_get_issuer_name(cert));
-		serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert));
-		if (!isname || !serial) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-			    X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
-			goto err;
-		}
-	}
-
-	if (!(akeyid = AUTHORITY_KEYID_new()))
-		goto err;
-
-	if (isname) {
-		if (!(gens = sk_GENERAL_NAME_new_null()) ||
-		    !(gen = GENERAL_NAME_new()) ||
-		    !sk_GENERAL_NAME_push(gens, gen)) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		gen->type = GEN_DIRNAME;
-		gen->d.dirn = isname;
-	}
-
-	akeyid->issuer = gens;
-	akeyid->serial = serial;
-	akeyid->keyid = ikeyid;
-
-	return akeyid;
-
-err:
-	AUTHORITY_KEYID_free(akeyid);
-	GENERAL_NAME_free(gen);
-	sk_GENERAL_NAME_free(gens);
-	X509_NAME_free(isname);
-	ASN1_INTEGER_free(serial);
-	ASN1_OCTET_STRING_free(ikeyid);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_akeya.c b/lib/libssl/src/crypto/x509v3/v3_akeya.c
deleted file mode 100644
index 83ef1b58387..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_akeya.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/* $OpenBSD: v3_akeya.c,v 1.7 2015/07/25 16:00:14 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static const ASN1_TEMPLATE AUTHORITY_KEYID_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(AUTHORITY_KEYID, keyid),
-		.field_name = "keyid",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(AUTHORITY_KEYID, issuer),
-		.field_name = "issuer",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(AUTHORITY_KEYID, serial),
-		.field_name = "serial",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM AUTHORITY_KEYID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = AUTHORITY_KEYID_seq_tt,
-	.tcount = sizeof(AUTHORITY_KEYID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(AUTHORITY_KEYID),
-	.sname = "AUTHORITY_KEYID",
-};
-
-
-AUTHORITY_KEYID *
-d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len)
-{
-	return (AUTHORITY_KEYID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &AUTHORITY_KEYID_it);
-}
-
-int
-i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &AUTHORITY_KEYID_it);
-}
-
-AUTHORITY_KEYID *
-AUTHORITY_KEYID_new(void)
-{
-	return (AUTHORITY_KEYID *)ASN1_item_new(&AUTHORITY_KEYID_it);
-}
-
-void
-AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &AUTHORITY_KEYID_it);
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_alt.c b/lib/libssl/src/crypto/x509v3/v3_alt.c
deleted file mode 100644
index 75c68d3cdb3..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_alt.c
+++ /dev/null
@@ -1,671 +0,0 @@
-/* $OpenBSD: v3_alt.c,v 1.25 2015/09/30 18:21:50 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
-static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
-static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
-static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
-
-const X509V3_EXT_METHOD v3_alt[] = {
-	{
-		.ext_nid = NID_subject_alt_name,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(GENERAL_NAMES),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = NULL,
-		.s2i = NULL,
-		.i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-		.v2i = (X509V3_EXT_V2I)v2i_subject_alt,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_issuer_alt_name,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(GENERAL_NAMES),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = NULL,
-		.s2i = NULL,
-		.i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-		.v2i = (X509V3_EXT_V2I)v2i_issuer_alt,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_certificate_issuer,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(GENERAL_NAMES),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = NULL,
-		.s2i = NULL,
-		.i2v = (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-};
-
-STACK_OF(CONF_VALUE) *
-i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, GENERAL_NAMES *gens,
-    STACK_OF(CONF_VALUE) *ret)
-{
-	int i;
-	GENERAL_NAME *gen;
-
-	for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-		gen = sk_GENERAL_NAME_value(gens, i);
-		ret = i2v_GENERAL_NAME(method, gen, ret);
-	}
-	if (!ret)
-		return sk_CONF_VALUE_new_null();
-	return ret;
-}
-
-STACK_OF(CONF_VALUE) *
-i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen,
-    STACK_OF(CONF_VALUE) *ret)
-{
-	unsigned char *p;
-	char oline[256], htmp[5];
-	int i;
-
-	switch (gen->type) {
-	case GEN_OTHERNAME:
-		X509V3_add_value("othername", "<unsupported>", &ret);
-		break;
-
-	case GEN_X400:
-		X509V3_add_value("X400Name", "<unsupported>", &ret);
-		break;
-
-	case GEN_EDIPARTY:
-		X509V3_add_value("EdiPartyName", "<unsupported>", &ret);
-		break;
-
-	case GEN_EMAIL:
-		X509V3_add_value_uchar("email", gen->d.ia5->data, &ret);
-		break;
-
-	case GEN_DNS:
-		X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret);
-		break;
-
-	case GEN_URI:
-		X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret);
-		break;
-
-	case GEN_DIRNAME:
-		X509_NAME_oneline(gen->d.dirn, oline, 256);
-		X509V3_add_value("DirName", oline, &ret);
-		break;
-
-	case GEN_IPADD:
-		p = gen->d.ip->data;
-		if (gen->d.ip->length == 4)
-			(void) snprintf(oline, sizeof oline,
-			    "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
-		else if (gen->d.ip->length == 16) {
-			oline[0] = 0;
-			for (i = 0; i < 8; i++) {
-				(void) snprintf(htmp, sizeof htmp,
-				    "%X", p[0] << 8 | p[1]);
-				p += 2;
-				strlcat(oline, htmp, sizeof(oline));
-				if (i != 7)
-					strlcat(oline, ":", sizeof(oline));
-			}
-		} else {
-			X509V3_add_value("IP Address", "<invalid>", &ret);
-			break;
-		}
-		X509V3_add_value("IP Address", oline, &ret);
-		break;
-
-	case GEN_RID:
-		i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
-		X509V3_add_value("Registered ID", oline, &ret);
-		break;
-	}
-	return ret;
-}
-
-int
-GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
-{
-	unsigned char *p;
-	int i;
-
-	switch (gen->type) {
-	case GEN_OTHERNAME:
-		BIO_printf(out, "othername:<unsupported>");
-		break;
-
-	case GEN_X400:
-		BIO_printf(out, "X400Name:<unsupported>");
-		break;
-
-	case GEN_EDIPARTY:
-		/* Maybe fix this: it is supported now */
-		BIO_printf(out, "EdiPartyName:<unsupported>");
-		break;
-
-	case GEN_EMAIL:
-		BIO_printf(out, "email:%s", gen->d.ia5->data);
-		break;
-
-	case GEN_DNS:
-		BIO_printf(out, "DNS:%s", gen->d.ia5->data);
-		break;
-
-	case GEN_URI:
-		BIO_printf(out, "URI:%s", gen->d.ia5->data);
-		break;
-
-	case GEN_DIRNAME:
-		BIO_printf(out, "DirName: ");
-		X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
-		break;
-
-	case GEN_IPADD:
-		p = gen->d.ip->data;
-		if (gen->d.ip->length == 4)
-			BIO_printf(out, "IP Address:%d.%d.%d.%d",
-			    p[0], p[1], p[2], p[3]);
-		else if (gen->d.ip->length == 16) {
-			BIO_printf(out, "IP Address");
-			for (i = 0; i < 8; i++) {
-				BIO_printf(out, ":%X", p[0] << 8 | p[1]);
-				p += 2;
-			}
-			BIO_puts(out, "\n");
-		} else {
-			BIO_printf(out, "IP Address:<invalid>");
-			break;
-		}
-		break;
-
-	case GEN_RID:
-		BIO_printf(out, "Registered ID");
-		i2a_ASN1_OBJECT(out, gen->d.rid);
-		break;
-	}
-	return 1;
-}
-
-static GENERAL_NAMES *
-v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-
-	if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
-		X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if (name_cmp(cnf->name, "issuer") == 0 && cnf->value != NULL &&
-		    strcmp(cnf->value, "copy") == 0) {
-			if (!copy_issuer(ctx, gens))
-				goto err;
-		} else {
-			GENERAL_NAME *gen;
-			if ((gen = v2i_GENERAL_NAME(method, ctx, cnf)) == NULL)
-				goto err;
-			if (sk_GENERAL_NAME_push(gens, gen) == 0) {
-				GENERAL_NAME_free(gen);
-				goto err;
-			}
-		}
-	}
-	return gens;
-
-err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-/* Append subject altname of issuer to issuer alt name of subject */
-
-static int
-copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
-{
-	GENERAL_NAMES *ialt;
-	GENERAL_NAME *gen;
-	X509_EXTENSION *ext;
-	int i;
-
-	if (ctx && (ctx->flags == CTX_TEST))
-		return 1;
-	if (!ctx || !ctx->issuer_cert) {
-		X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_NO_ISSUER_DETAILS);
-		goto err;
-	}
-	i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
-	if (i < 0)
-		return 1;
-	if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
-	    !(ialt = X509V3_EXT_d2i(ext))) {
-		X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR);
-		goto err;
-	}
-
-	for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
-		gen = sk_GENERAL_NAME_value(ialt, i);
-		if (!sk_GENERAL_NAME_push(gens, gen)) {
-			X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	sk_GENERAL_NAME_free(ialt);
-
-	return 1;
-
-err:
-	return 0;
-
-}
-
-static GENERAL_NAMES *
-v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-
-	if (!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!name_cmp(cnf->name, "email") && cnf->value &&
-		    !strcmp(cnf->value, "copy")) {
-			if (!copy_email(ctx, gens, 0))
-				goto err;
-		} else if (!name_cmp(cnf->name, "email") && cnf->value &&
-		    !strcmp(cnf->value, "move")) {
-			if (!copy_email(ctx, gens, 1))
-				goto err;
-		} else {
-			GENERAL_NAME *gen;
-			if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-				goto err;
-			if (sk_GENERAL_NAME_push(gens, gen) == 0) {
-				GENERAL_NAME_free(gen);
-				goto err;
-			}
-		}
-	}
-	return gens;
-
-err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-/* Copy any email addresses in a certificate or request to
- * GENERAL_NAMES
- */
-
-static int
-copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
-{
-	X509_NAME *nm;
-	ASN1_IA5STRING *email = NULL;
-	X509_NAME_ENTRY *ne;
-	GENERAL_NAME *gen = NULL;
-	int i;
-
-	if (ctx != NULL && ctx->flags == CTX_TEST)
-		return 1;
-	if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
-		X509V3err(X509V3_F_COPY_EMAIL, X509V3_R_NO_SUBJECT_DETAILS);
-		goto err;
-	}
-	/* Find the subject name */
-	if (ctx->subject_cert)
-		nm = X509_get_subject_name(ctx->subject_cert);
-	else
-		nm = X509_REQ_get_subject_name(ctx->subject_req);
-
-	/* Now add any email address(es) to STACK */
-	i = -1;
-	while ((i = X509_NAME_get_index_by_NID(nm,
-	    NID_pkcs9_emailAddress, i)) >= 0) {
-		ne = X509_NAME_get_entry(nm, i);
-		email = ASN1_STRING_dup(X509_NAME_ENTRY_get_data(ne));
-		if (move_p) {
-			X509_NAME_delete_entry(nm, i);
-			X509_NAME_ENTRY_free(ne);
-			i--;
-		}
-		if (!email || !(gen = GENERAL_NAME_new())) {
-			X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		gen->d.ia5 = email;
-		email = NULL;
-		gen->type = GEN_EMAIL;
-		if (!sk_GENERAL_NAME_push(gens, gen)) {
-			X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		gen = NULL;
-	}
-
-	return 1;
-
-err:
-	GENERAL_NAME_free(gen);
-	ASN1_IA5STRING_free(email);
-	return 0;
-}
-
-GENERAL_NAMES *
-v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	GENERAL_NAME *gen;
-	GENERAL_NAMES *gens = NULL;
-	CONF_VALUE *cnf;
-	int i;
-
-	if (!(gens = sk_GENERAL_NAME_new_null())) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-			goto err;
-		if (sk_GENERAL_NAME_push(gens, gen) == 0) {
-			GENERAL_NAME_free(gen);
-			goto err;
-		}
-	}
-	return gens;
-
-err:
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return NULL;
-}
-
-GENERAL_NAME *
-v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    CONF_VALUE *cnf)
-{
-	return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
-}
-
-GENERAL_NAME *
-a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, int gen_type, char *value, int is_nc)
-{
-	char is_string = 0;
-	GENERAL_NAME *gen = NULL;
-
-	if (!value) {
-		X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_MISSING_VALUE);
-		return NULL;
-	}
-
-	if (out)
-		gen = out;
-	else {
-		gen = GENERAL_NAME_new();
-		if (gen == NULL) {
-			X509V3err(X509V3_F_A2I_GENERAL_NAME,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	}
-
-	switch (gen_type) {
-	case GEN_URI:
-	case GEN_EMAIL:
-	case GEN_DNS:
-		is_string = 1;
-		break;
-
-	case GEN_RID:
-		{
-			ASN1_OBJECT *obj;
-			if (!(obj = OBJ_txt2obj(value, 0))) {
-				X509V3err(X509V3_F_A2I_GENERAL_NAME,
-				    X509V3_R_BAD_OBJECT);
-				ERR_asprintf_error_data("value=%s", value);
-				goto err;
-			}
-			gen->d.rid = obj;
-		}
-		break;
-
-	case GEN_IPADD:
-		if (is_nc)
-			gen->d.ip = a2i_IPADDRESS_NC(value);
-		else
-			gen->d.ip = a2i_IPADDRESS(value);
-		if (gen->d.ip == NULL) {
-			X509V3err(X509V3_F_A2I_GENERAL_NAME,
-			    X509V3_R_BAD_IP_ADDRESS);
-			ERR_asprintf_error_data("value=%s", value);
-			goto err;
-		}
-		break;
-
-	case GEN_DIRNAME:
-		if (!do_dirname(gen, value, ctx)) {
-			X509V3err(X509V3_F_A2I_GENERAL_NAME,
-			    X509V3_R_DIRNAME_ERROR);
-			goto err;
-		}
-		break;
-
-	case GEN_OTHERNAME:
-		if (!do_othername(gen, value, ctx)) {
-			X509V3err(X509V3_F_A2I_GENERAL_NAME,
-			    X509V3_R_OTHERNAME_ERROR);
-			goto err;
-		}
-		break;
-
-	default:
-		X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE);
-		goto err;
-	}
-
-	if (is_string) {
-		if (!(gen->d.ia5 = ASN1_IA5STRING_new()) ||
-		    !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
-			strlen(value))) {
-			X509V3err(X509V3_F_A2I_GENERAL_NAME,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-
-	gen->type = gen_type;
-
-	return gen;
-
-err:
-	if (out == NULL)
-		GENERAL_NAME_free(gen);
-	return NULL;
-}
-
-GENERAL_NAME *
-v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
-{
-	int type;
-	char *name, *value;
-
-	name = cnf->name;
-	value = cnf->value;
-
-	if (!value) {
-		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE);
-		return NULL;
-	}
-
-	if (!name_cmp(name, "email"))
-		type = GEN_EMAIL;
-	else if (!name_cmp(name, "URI"))
-		type = GEN_URI;
-	else if (!name_cmp(name, "DNS"))
-		type = GEN_DNS;
-	else if (!name_cmp(name, "RID"))
-		type = GEN_RID;
-	else if (!name_cmp(name, "IP"))
-		type = GEN_IPADD;
-	else if (!name_cmp(name, "dirName"))
-		type = GEN_DIRNAME;
-	else if (!name_cmp(name, "otherName"))
-		type = GEN_OTHERNAME;
-	else {
-		X509V3err(X509V3_F_V2I_GENERAL_NAME_EX,
-		    X509V3_R_UNSUPPORTED_OPTION);
-		ERR_asprintf_error_data("name=%s", name);
-		return NULL;
-	}
-
-	return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
-}
-
-static int
-do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
-{
-	char *objtmp = NULL, *p;
-	int objlen;
-
-	if (!(p = strchr(value, ';')))
-		return 0;
-	if (!(gen->d.otherName = OTHERNAME_new()))
-		return 0;
-	/* Free this up because we will overwrite it.
-	 * no need to free type_id because it is static
-	 */
-	ASN1_TYPE_free(gen->d.otherName->value);
-	if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)))
-		return 0;
-	objlen = p - value;
-	objtmp = malloc(objlen + 1);
-	if (objtmp) {
-		strlcpy(objtmp, value, objlen + 1);
-		gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
-		free(objtmp);
-	} else
-		gen->d.otherName->type_id = NULL;
-	if (!gen->d.otherName->type_id)
-		return 0;
-	return 1;
-}
-
-static int
-do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
-{
-	int ret;
-	STACK_OF(CONF_VALUE) *sk;
-	X509_NAME *nm;
-
-	if (!(nm = X509_NAME_new()))
-		return 0;
-	sk = X509V3_get_section(ctx, value);
-	if (!sk) {
-		X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
-		ERR_asprintf_error_data("section=%s", value);
-		X509_NAME_free(nm);
-		return 0;
-	}
-	/* FIXME: should allow other character types... */
-	ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
-	if (!ret)
-		X509_NAME_free(nm);
-	gen->d.dirn = nm;
-	X509V3_section_free(ctx, sk);
-
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_bcons.c b/lib/libssl/src/crypto/x509v3/v3_bcons.c
deleted file mode 100644
index 292705a8d61..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_bcons.c
+++ /dev/null
@@ -1,185 +0,0 @@
-/* $OpenBSD: v3_bcons.c,v 1.13 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-    BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_bcons = {
-	.ext_nid = NID_basic_constraints,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(BASIC_CONSTRAINTS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
-	.v2i = (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE BASIC_CONSTRAINTS_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(BASIC_CONSTRAINTS, ca),
-		.field_name = "ca",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(BASIC_CONSTRAINTS, pathlen),
-		.field_name = "pathlen",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM BASIC_CONSTRAINTS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = BASIC_CONSTRAINTS_seq_tt,
-	.tcount = sizeof(BASIC_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(BASIC_CONSTRAINTS),
-	.sname = "BASIC_CONSTRAINTS",
-};
-
-
-BASIC_CONSTRAINTS *
-d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned char **in, long len)
-{
-	return (BASIC_CONSTRAINTS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &BASIC_CONSTRAINTS_it);
-}
-
-int
-i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &BASIC_CONSTRAINTS_it);
-}
-
-BASIC_CONSTRAINTS *
-BASIC_CONSTRAINTS_new(void)
-{
-	return (BASIC_CONSTRAINTS *)ASN1_item_new(&BASIC_CONSTRAINTS_it);
-}
-
-void
-BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &BASIC_CONSTRAINTS_it);
-}
-
-
-static STACK_OF(CONF_VALUE) *
-i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons,
-    STACK_OF(CONF_VALUE) *extlist)
-{
-	X509V3_add_value_bool("CA", bcons->ca, &extlist);
-	X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
-	return extlist;
-}
-
-static BASIC_CONSTRAINTS *
-v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *values)
-{
-	BASIC_CONSTRAINTS *bcons = NULL;
-	CONF_VALUE *val;
-	int i;
-
-	if (!(bcons = BASIC_CONSTRAINTS_new())) {
-		X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-		val = sk_CONF_VALUE_value(values, i);
-		if (!strcmp(val->name, "CA")) {
-			if (!X509V3_get_value_bool(val, &bcons->ca))
-				goto err;
-		} else if (!strcmp(val->name, "pathlen")) {
-			if (!X509V3_get_value_int(val, &bcons->pathlen))
-				goto err;
-		} else {
-			X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS,
-			    X509V3_R_INVALID_NAME);
-			X509V3_conf_err(val);
-			goto err;
-		}
-	}
-	return bcons;
-
-err:
-	BASIC_CONSTRAINTS_free(bcons);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_bitst.c b/lib/libssl/src/crypto/x509v3/v3_bitst.c
deleted file mode 100644
index 0670aa306e0..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_bitst.c
+++ /dev/null
@@ -1,175 +0,0 @@
-/* $OpenBSD: v3_bitst.c,v 1.12 2015/09/29 13:54:40 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static BIT_STRING_BITNAME ns_cert_type_table[] = {
-	{0, "SSL Client", "client"},
-	{1, "SSL Server", "server"},
-	{2, "S/MIME", "email"},
-	{3, "Object Signing", "objsign"},
-	{4, "Unused", "reserved"},
-	{5, "SSL CA", "sslCA"},
-	{6, "S/MIME CA", "emailCA"},
-	{7, "Object Signing CA", "objCA"},
-	{-1, NULL, NULL}
-};
-
-static BIT_STRING_BITNAME key_usage_type_table[] = {
-	{0, "Digital Signature", "digitalSignature"},
-	{1, "Non Repudiation", "nonRepudiation"},
-	{2, "Key Encipherment", "keyEncipherment"},
-	{3, "Data Encipherment", "dataEncipherment"},
-	{4, "Key Agreement", "keyAgreement"},
-	{5, "Certificate Sign", "keyCertSign"},
-	{6, "CRL Sign", "cRLSign"},
-	{7, "Encipher Only", "encipherOnly"},
-	{8, "Decipher Only", "decipherOnly"},
-	{-1, NULL, NULL}
-};
-
-const X509V3_EXT_METHOD v3_nscert = {
-	.ext_nid = NID_netscape_cert_type,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_BIT_STRING),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING,
-	.v2i = (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = ns_cert_type_table,
-};
-
-const X509V3_EXT_METHOD v3_key_usage = {
-	.ext_nid = NID_key_usage,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_BIT_STRING),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING,
-	.v2i = (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = key_usage_type_table,
-};
-
-STACK_OF(CONF_VALUE) *
-i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits,
-    STACK_OF(CONF_VALUE) *ret)
-{
-	BIT_STRING_BITNAME *bnam;
-
-	for (bnam = method->usr_data; bnam->lname; bnam++) {
-		if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
-			X509V3_add_value(bnam->lname, NULL, &ret);
-	}
-	return ret;
-}
-
-ASN1_BIT_STRING *
-v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	CONF_VALUE *val;
-	ASN1_BIT_STRING *bs;
-	int i;
-	BIT_STRING_BITNAME *bnam;
-
-	if (!(bs = ASN1_BIT_STRING_new())) {
-		X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		for (bnam = method->usr_data; bnam->lname; bnam++) {
-			if (!strcmp(bnam->sname, val->name) ||
-			    !strcmp(bnam->lname, val->name) ) {
-				if (!ASN1_BIT_STRING_set_bit(bs,
-				    bnam->bitnum, 1)) {
-					X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-					    ERR_R_MALLOC_FAILURE);
-					ASN1_BIT_STRING_free(bs);
-					return NULL;
-				}
-				break;
-			}
-		}
-		if (!bnam->lname) {
-			X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-			    X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
-			X509V3_conf_err(val);
-			ASN1_BIT_STRING_free(bs);
-			return NULL;
-		}
-	}
-	return bs;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_conf.c b/lib/libssl/src/crypto/x509v3/v3_conf.c
deleted file mode 100644
index 20e156ce876..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_conf.c
+++ /dev/null
@@ -1,576 +0,0 @@
-/* $OpenBSD: v3_conf.c,v 1.19 2015/12/14 03:39:14 beck Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* extension creation utilities */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-
-static int v3_check_critical(char **value);
-static int v3_check_generic(char **value);
-static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
-    int crit, char *value);
-static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
-    int crit, int type, X509V3_CTX *ctx);
-static char *conf_lhash_get_string(void *db, char *section, char *value);
-static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
-static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid,
-    int crit, void *ext_struc);
-static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len);
-
-/* CONF *conf:  Config file    */
-/* char *name:  Name    */
-/* char *value:  Value    */
-X509_EXTENSION *
-X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value)
-{
-	int crit;
-	int ext_type;
-	X509_EXTENSION *ret;
-
-	crit = v3_check_critical(&value);
-	if ((ext_type = v3_check_generic(&value)))
-		return v3_generic_extension(name, value, crit, ext_type, ctx);
-	ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
-	if (!ret) {
-		X509V3err(X509V3_F_X509V3_EXT_NCONF,
-		    X509V3_R_ERROR_IN_EXTENSION);
-		ERR_asprintf_error_data("name=%s, value=%s", name, value);
-	}
-	return ret;
-}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *
-X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value)
-{
-	int crit;
-	int ext_type;
-
-	crit = v3_check_critical(&value);
-	if ((ext_type = v3_check_generic(&value)))
-		return v3_generic_extension(OBJ_nid2sn(ext_nid),
-		    value, crit, ext_type, ctx);
-	return do_ext_nconf(conf, ctx, ext_nid, crit, value);
-}
-
-/* CONF *conf:  Config file    */
-/* char *value:  Value    */
-static X509_EXTENSION *
-do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
-{
-	const X509V3_EXT_METHOD *method;
-	X509_EXTENSION *ext;
-	void *ext_struc;
-
-	if (ext_nid == NID_undef) {
-		X509V3err(X509V3_F_DO_EXT_NCONF,
-		    X509V3_R_UNKNOWN_EXTENSION_NAME);
-		return NULL;
-	}
-	if (!(method = X509V3_EXT_get_nid(ext_nid))) {
-		X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
-		return NULL;
-	}
-	/* Now get internal extension representation based on type */
-	if (method->v2i) {
-		STACK_OF(CONF_VALUE) *nval;
-
-		if (*value == '@')
-			nval = NCONF_get_section(conf, value + 1);
-		else
-			nval = X509V3_parse_list(value);
-		if (sk_CONF_VALUE_num(nval) <= 0) {
-			X509V3err(X509V3_F_DO_EXT_NCONF,
-			    X509V3_R_INVALID_EXTENSION_STRING);
-			ERR_asprintf_error_data("name=%s,section=%s",
-			    OBJ_nid2sn(ext_nid), value);
-			if (*value != '@')
-				sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-			return NULL;
-		}
-		ext_struc = method->v2i(method, ctx, nval);
-		if (*value != '@')
-			sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-	} else if (method->s2i) {
-		ext_struc = method->s2i(method, ctx, value);
-	} else if (method->r2i) {
-		if (!ctx->db || !ctx->db_meth) {
-			X509V3err(X509V3_F_DO_EXT_NCONF,
-			    X509V3_R_NO_CONFIG_DATABASE);
-			return NULL;
-		}
-		ext_struc = method->r2i(method, ctx, value);
-	} else {
-		X509V3err(X509V3_F_DO_EXT_NCONF,
-		    X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
-		ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
-		return NULL;
-	}
-	if (ext_struc == NULL)
-		return NULL;
-
-	ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
-	if (method->it)
-		ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
-	else
-		method->ext_free(ext_struc);
-	return ext;
-}
-
-static X509_EXTENSION *
-do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, int crit,
-    void *ext_struc)
-{
-	unsigned char *ext_der;
-	int ext_len;
-	ASN1_OCTET_STRING *ext_oct = NULL;
-	X509_EXTENSION *ext;
-
-	/* Convert internal representation to DER */
-	if (method->it) {
-		ext_der = NULL;
-		ext_len = ASN1_item_i2d(ext_struc, &ext_der,
-		    ASN1_ITEM_ptr(method->it));
-		if (ext_len < 0)
-			goto merr;
-	} else {
-		unsigned char *p;
-		ext_len = method->i2d(ext_struc, NULL);
-		if (!(ext_der = malloc(ext_len)))
-			goto merr;
-		p = ext_der;
-		method->i2d(ext_struc, &p);
-	}
-	if (!(ext_oct = ASN1_OCTET_STRING_new()))
-		goto merr;
-	ext_oct->data = ext_der;
-	ext_oct->length = ext_len;
-
-	ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
-	if (!ext)
-		goto merr;
-	ASN1_OCTET_STRING_free(ext_oct);
-
-	return ext;
-
-merr:
-	ASN1_OCTET_STRING_free(ext_oct);
-	X509V3err(X509V3_F_DO_EXT_I2D, ERR_R_MALLOC_FAILURE);
-	return NULL;
-
-}
-
-/* Given an internal structure, nid and critical flag create an extension */
-
-X509_EXTENSION *
-X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
-{
-	const X509V3_EXT_METHOD *method;
-
-	if (!(method = X509V3_EXT_get_nid(ext_nid))) {
-		X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
-		return NULL;
-	}
-	return do_ext_i2d(method, ext_nid, crit, ext_struc);
-}
-
-/* Check the extension string for critical flag */
-static int
-v3_check_critical(char **value)
-{
-	char *p = *value;
-
-	if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
-		return 0;
-	p += 9;
-	while (isspace((unsigned char)*p)) p++;
-		*value = p;
-	return 1;
-}
-
-/* Check extension string for generic extension and return the type */
-static int
-v3_check_generic(char **value)
-{
-	int gen_type = 0;
-	char *p = *value;
-
-	if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
-		p += 4;
-		gen_type = 1;
-	} else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
-		p += 5;
-		gen_type = 2;
-	} else
-		return 0;
-
-	while (isspace((unsigned char)*p))
-		p++;
-	*value = p;
-	return gen_type;
-}
-
-/* Create a generic extension: for now just handle DER type */
-static X509_EXTENSION *
-v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
-    X509V3_CTX *ctx)
-{
-	unsigned char *ext_der = NULL;
-	long ext_len = 0;
-	ASN1_OBJECT *obj = NULL;
-	ASN1_OCTET_STRING *oct = NULL;
-	X509_EXTENSION *extension = NULL;
-
-	if (!(obj = OBJ_txt2obj(ext, 0))) {
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
-		    X509V3_R_EXTENSION_NAME_ERROR);
-		ERR_asprintf_error_data("name=%s", ext);
-		goto err;
-	}
-
-	if (gen_type == 1)
-		ext_der = string_to_hex(value, &ext_len);
-	else if (gen_type == 2)
-		ext_der = generic_asn1(value, ctx, &ext_len);
-	else {
-		ERR_asprintf_error_data("Unexpected generic extension type %d", gen_type);
-		goto err;
-	}
-
-	if (ext_der == NULL) {
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
-		    X509V3_R_EXTENSION_VALUE_ERROR);
-		ERR_asprintf_error_data("value=%s", value);
-		goto err;
-	}
-
-	if (!(oct = ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	oct->data = ext_der;
-	oct->length = ext_len;
-	ext_der = NULL;
-
-	extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
-
-err:
-	ASN1_OBJECT_free(obj);
-	ASN1_OCTET_STRING_free(oct);
-	free(ext_der);
-	return extension;
-}
-
-static unsigned char *
-generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len)
-{
-	ASN1_TYPE *typ;
-	unsigned char *ext_der = NULL;
-
-	typ = ASN1_generate_v3(value, ctx);
-	if (typ == NULL)
-		return NULL;
-	*ext_len = i2d_ASN1_TYPE(typ, &ext_der);
-	ASN1_TYPE_free(typ);
-	return ext_der;
-}
-
-/* This is the main function: add a bunch of extensions based on a config file
- * section to an extension STACK.
- */
-
-int
-X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
-    STACK_OF(X509_EXTENSION) **sk)
-{
-	X509_EXTENSION *ext;
-	STACK_OF(CONF_VALUE) *nval;
-	CONF_VALUE *val;
-	int i;
-
-	if (!(nval = NCONF_get_section(conf, section)))
-		return 0;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
-			return 0;
-		if (sk)
-			X509v3_add_ext(sk, ext, -1);
-		X509_EXTENSION_free(ext);
-	}
-	return 1;
-}
-
-/* Convenience functions to add extensions to a certificate, CRL and request */
-
-int
-X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert)
-{
-	STACK_OF(X509_EXTENSION) **sk = NULL;
-
-	if (cert)
-		sk = &cert->cert_info->extensions;
-	return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-}
-
-/* Same as above but for a CRL */
-
-int
-X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-    X509_CRL *crl)
-{
-	STACK_OF(X509_EXTENSION) **sk = NULL;
-
-	if (crl)
-		sk = &crl->crl->extensions;
-	return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-}
-
-/* Add extensions to certificate request */
-
-int
-X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
-    X509_REQ *req)
-{
-	STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
-	int i;
-
-	if (req)
-		sk = &extlist;
-	i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
-	if (!i || !sk)
-		return i;
-	i = X509_REQ_add_extensions(req, extlist);
-	sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
-	return i;
-}
-
-/* Config database functions */
-
-char *
-X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
-{
-	if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
-		X509V3err(X509V3_F_X509V3_GET_STRING,
-		    X509V3_R_OPERATION_NOT_DEFINED);
-		return NULL;
-	}
-	if (ctx->db_meth->get_string)
-		return ctx->db_meth->get_string(ctx->db, name, section);
-	return NULL;
-}
-
-STACK_OF(CONF_VALUE) *
-X509V3_get_section(X509V3_CTX *ctx, char *section)
-{
-	if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
-		X509V3err(X509V3_F_X509V3_GET_SECTION,
-		    X509V3_R_OPERATION_NOT_DEFINED);
-		return NULL;
-	}
-	if (ctx->db_meth->get_section)
-		return ctx->db_meth->get_section(ctx->db, section);
-	return NULL;
-}
-
-void
-X509V3_string_free(X509V3_CTX *ctx, char *str)
-{
-	if (!str)
-		return;
-	if (ctx->db_meth->free_string)
-		ctx->db_meth->free_string(ctx->db, str);
-}
-
-void
-X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
-{
-	if (!section)
-		return;
-	if (ctx->db_meth->free_section)
-		ctx->db_meth->free_section(ctx->db, section);
-}
-
-static char *
-nconf_get_string(void *db, char *section, char *value)
-{
-	return NCONF_get_string(db, section, value);
-}
-
-static
-STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section)
-{
-	return NCONF_get_section(db, section);
-}
-
-static X509V3_CONF_METHOD nconf_method = {
-	nconf_get_string,
-	nconf_get_section,
-	NULL,
-	NULL
-};
-
-void
-X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
-{
-	ctx->db_meth = &nconf_method;
-	ctx->db = conf;
-}
-
-void
-X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
-    X509_CRL *crl, int flags)
-{
-	ctx->issuer_cert = issuer;
-	ctx->subject_cert = subj;
-	ctx->crl = crl;
-	ctx->subject_req = req;
-	ctx->flags = flags;
-}
-
-/* Old conf compatibility functions */
-
-X509_EXTENSION *
-X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *name,
-    char *value)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_nconf(&ctmp, ctx, name, value);
-}
-
-/* LHASH *conf:  Config file    */
-/* char *value:  Value    */
-X509_EXTENSION *
-X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int ext_nid,
-    char *value)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
-}
-
-static char *
-conf_lhash_get_string(void *db, char *section, char *value)
-{
-	return CONF_get_string(db, section, value);
-}
-
-static STACK_OF(CONF_VALUE) *
-conf_lhash_get_section(void *db, char *section)
-{
-	return CONF_get_section(db, section);
-}
-
-static X509V3_CONF_METHOD conf_lhash_method = {
-	conf_lhash_get_string,
-	conf_lhash_get_section,
-	NULL,
-	NULL
-};
-
-void
-X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
-{
-	ctx->db_meth = &conf_lhash_method;
-	ctx->db = lhash;
-}
-
-int
-X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, char *section,
-    X509 *cert)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
-}
-
-/* Same as above but for a CRL */
-
-int
-X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    char *section, X509_CRL *crl)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
-}
-
-/* Add extensions to certificate request */
-
-int
-X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    char *section, X509_REQ *req)
-{
-	CONF ctmp;
-
-	CONF_set_nconf(&ctmp, conf);
-	return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_cpols.c b/lib/libssl/src/crypto/x509v3/v3_cpols.c
deleted file mode 100644
index 5ca001ad55c..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_cpols.c
+++ /dev/null
@@ -1,775 +0,0 @@
-/* $OpenBSD: v3_cpols.c,v 1.23 2015/09/30 18:21:50 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-#include "pcy_int.h"
-
-/* Certificate policies extension support: this one is a bit complex... */
-
-static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
-    BIO *out, int indent);
-static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, char *value);
-static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
-    int indent);
-static void print_notice(BIO *out, USERNOTICE *notice, int indent);
-static POLICYINFO *policy_section(X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *polstrs, int ia5org);
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *unot, int ia5org);
-static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
-
-const X509V3_EXT_METHOD v3_cpols = {
-	.ext_nid = NID_certificate_policies,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(CERTIFICATEPOLICIES),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = (X509V3_EXT_I2R)i2r_certpol,
-	.r2i = (X509V3_EXT_R2I)r2i_certpol,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE CERTIFICATEPOLICIES_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "CERTIFICATEPOLICIES",
-	.item = &POLICYINFO_it,
-};
-
-const ASN1_ITEM CERTIFICATEPOLICIES_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &CERTIFICATEPOLICIES_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "CERTIFICATEPOLICIES",
-};
-
-
-CERTIFICATEPOLICIES *
-d2i_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES **a, const unsigned char **in, long len)
-{
-	return (CERTIFICATEPOLICIES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &CERTIFICATEPOLICIES_it);
-}
-
-int
-i2d_CERTIFICATEPOLICIES(CERTIFICATEPOLICIES *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &CERTIFICATEPOLICIES_it);
-}
-
-CERTIFICATEPOLICIES *
-CERTIFICATEPOLICIES_new(void)
-{
-	return (CERTIFICATEPOLICIES *)ASN1_item_new(&CERTIFICATEPOLICIES_it);
-}
-
-void
-CERTIFICATEPOLICIES_free(CERTIFICATEPOLICIES *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &CERTIFICATEPOLICIES_it);
-}
-
-static const ASN1_TEMPLATE POLICYINFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(POLICYINFO, policyid),
-		.field_name = "policyid",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(POLICYINFO, qualifiers),
-		.field_name = "qualifiers",
-		.item = &POLICYQUALINFO_it,
-	},
-};
-
-const ASN1_ITEM POLICYINFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = POLICYINFO_seq_tt,
-	.tcount = sizeof(POLICYINFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(POLICYINFO),
-	.sname = "POLICYINFO",
-};
-
-
-POLICYINFO *
-d2i_POLICYINFO(POLICYINFO **a, const unsigned char **in, long len)
-{
-	return (POLICYINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &POLICYINFO_it);
-}
-
-int
-i2d_POLICYINFO(POLICYINFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &POLICYINFO_it);
-}
-
-POLICYINFO *
-POLICYINFO_new(void)
-{
-	return (POLICYINFO *)ASN1_item_new(&POLICYINFO_it);
-}
-
-void
-POLICYINFO_free(POLICYINFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &POLICYINFO_it);
-}
-
-static const ASN1_TEMPLATE policydefault_tt = {
-	.flags = 0,
-	.tag = 0,
-	.offset = offsetof(POLICYQUALINFO, d.other),
-	.field_name = "d.other",
-	.item = &ASN1_ANY_it,
-};
-
-static const ASN1_ADB_TABLE POLICYQUALINFO_adbtbl[] = {
-	{
-		.value = NID_id_qt_cps,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(POLICYQUALINFO, d.cpsuri),
-			.field_name = "d.cpsuri",
-			.item = &ASN1_IA5STRING_it,
-		},
-	
-	},
-	{
-		.value = NID_id_qt_unotice,
-		.tt = {
-			.flags = 0,
-			.tag = 0,
-			.offset = offsetof(POLICYQUALINFO, d.usernotice),
-			.field_name = "d.usernotice",
-			.item = &USERNOTICE_it,
-		},
-	
-	},
-};
-
-static const ASN1_ADB POLICYQUALINFO_adb = {
-	.flags = 0,
-	.offset = offsetof(POLICYQUALINFO, pqualid),
-	.app_items = 0,
-	.tbl = POLICYQUALINFO_adbtbl,
-	.tblcount = sizeof(POLICYQUALINFO_adbtbl) / sizeof(ASN1_ADB_TABLE),
-	.default_tt = &policydefault_tt,
-	.null_tt = NULL,
-};
-
-static const ASN1_TEMPLATE POLICYQUALINFO_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(POLICYQUALINFO, pqualid),
-		.field_name = "pqualid",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_ADB_OID,
-		.tag = -1,
-		.offset = 0,
-		.field_name = "POLICYQUALINFO",
-		.item = (const ASN1_ITEM *)&POLICYQUALINFO_adb,
-	},
-};
-
-const ASN1_ITEM POLICYQUALINFO_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = POLICYQUALINFO_seq_tt,
-	.tcount = sizeof(POLICYQUALINFO_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(POLICYQUALINFO),
-	.sname = "POLICYQUALINFO",
-};
-
-
-POLICYQUALINFO *
-d2i_POLICYQUALINFO(POLICYQUALINFO **a, const unsigned char **in, long len)
-{
-	return (POLICYQUALINFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &POLICYQUALINFO_it);
-}
-
-int
-i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &POLICYQUALINFO_it);
-}
-
-POLICYQUALINFO *
-POLICYQUALINFO_new(void)
-{
-	return (POLICYQUALINFO *)ASN1_item_new(&POLICYQUALINFO_it);
-}
-
-void
-POLICYQUALINFO_free(POLICYQUALINFO *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &POLICYQUALINFO_it);
-}
-
-static const ASN1_TEMPLATE USERNOTICE_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(USERNOTICE, noticeref),
-		.field_name = "noticeref",
-		.item = &NOTICEREF_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(USERNOTICE, exptext),
-		.field_name = "exptext",
-		.item = &DISPLAYTEXT_it,
-	},
-};
-
-const ASN1_ITEM USERNOTICE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = USERNOTICE_seq_tt,
-	.tcount = sizeof(USERNOTICE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(USERNOTICE),
-	.sname = "USERNOTICE",
-};
-
-
-USERNOTICE *
-d2i_USERNOTICE(USERNOTICE **a, const unsigned char **in, long len)
-{
-	return (USERNOTICE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &USERNOTICE_it);
-}
-
-int
-i2d_USERNOTICE(USERNOTICE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &USERNOTICE_it);
-}
-
-USERNOTICE *
-USERNOTICE_new(void)
-{
-	return (USERNOTICE *)ASN1_item_new(&USERNOTICE_it);
-}
-
-void
-USERNOTICE_free(USERNOTICE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &USERNOTICE_it);
-}
-
-static const ASN1_TEMPLATE NOTICEREF_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(NOTICEREF, organization),
-		.field_name = "organization",
-		.item = &DISPLAYTEXT_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(NOTICEREF, noticenos),
-		.field_name = "noticenos",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM NOTICEREF_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NOTICEREF_seq_tt,
-	.tcount = sizeof(NOTICEREF_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(NOTICEREF),
-	.sname = "NOTICEREF",
-};
-
-
-NOTICEREF *
-d2i_NOTICEREF(NOTICEREF **a, const unsigned char **in, long len)
-{
-	return (NOTICEREF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &NOTICEREF_it);
-}
-
-int
-i2d_NOTICEREF(NOTICEREF *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &NOTICEREF_it);
-}
-
-NOTICEREF *
-NOTICEREF_new(void)
-{
-	return (NOTICEREF *)ASN1_item_new(&NOTICEREF_it);
-}
-
-void
-NOTICEREF_free(NOTICEREF *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NOTICEREF_it);
-}
-
-static
-STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    char *value)
-{
-	STACK_OF(POLICYINFO) *pols = NULL;
-	char *pstr;
-	POLICYINFO *pol;
-	ASN1_OBJECT *pobj;
-	STACK_OF(CONF_VALUE) *vals;
-	CONF_VALUE *cnf;
-	int i, ia5org;
-
-	pols = sk_POLICYINFO_new_null();
-	if (pols == NULL) {
-		X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	vals = X509V3_parse_list(value);
-	if (vals == NULL) {
-		X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
-		goto err;
-	}
-	ia5org = 0;
-	for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-		cnf = sk_CONF_VALUE_value(vals, i);
-		if (cnf->value || !cnf->name) {
-			X509V3err(X509V3_F_R2I_CERTPOL,
-			    X509V3_R_INVALID_POLICY_IDENTIFIER);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-		pstr = cnf->name;
-		if (!strcmp(pstr, "ia5org")) {
-			ia5org = 1;
-			continue;
-		} else if (*pstr == '@') {
-			STACK_OF(CONF_VALUE) *polsect;
-			polsect = X509V3_get_section(ctx, pstr + 1);
-			if (!polsect) {
-				X509V3err(X509V3_F_R2I_CERTPOL,
-				    X509V3_R_INVALID_SECTION);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol = policy_section(ctx, polsect, ia5org);
-			X509V3_section_free(ctx, polsect);
-			if (!pol)
-				goto err;
-		} else {
-			if (!(pobj = OBJ_txt2obj(cnf->name, 0))) {
-				X509V3err(X509V3_F_R2I_CERTPOL,
-				    X509V3_R_INVALID_OBJECT_IDENTIFIER);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol = POLICYINFO_new();
-			pol->policyid = pobj;
-		}
-		if (!sk_POLICYINFO_push(pols, pol)){
-			POLICYINFO_free(pol);
-			X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	return pols;
-
-err:
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
-	return NULL;
-}
-
-static POLICYINFO *
-policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
-{
-	int i;
-	CONF_VALUE *cnf;
-	POLICYINFO *pol;
-	POLICYQUALINFO *nqual = NULL;
-
-	if ((pol = POLICYINFO_new()) == NULL)
-		goto merr;
-	for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
-		cnf = sk_CONF_VALUE_value(polstrs, i);
-		if (strcmp(cnf->name, "policyIdentifier") == 0) {
-			ASN1_OBJECT *pobj;
-
-			if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {
-				X509V3err(X509V3_F_POLICY_SECTION,
-				    X509V3_R_INVALID_OBJECT_IDENTIFIER);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			pol->policyid = pobj;
-		} else if (name_cmp(cnf->name, "CPS") == 0) {
-			if ((nqual = POLICYQUALINFO_new()) == NULL)
-				goto merr;
-			nqual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
-			nqual->d.cpsuri = ASN1_IA5STRING_new();
-			if (nqual->d.cpsuri == NULL)
-				goto merr;
-			if (ASN1_STRING_set(nqual->d.cpsuri, cnf->value,
-			    strlen(cnf->value)) == 0)
-				goto merr;
-
-			if (pol->qualifiers == NULL) {
-				pol->qualifiers = sk_POLICYQUALINFO_new_null();
-				if (pol->qualifiers == NULL)
-					goto merr;
-			}
-			if (sk_POLICYQUALINFO_push(pol->qualifiers, nqual) == 0)
-				goto merr;
-			nqual = NULL;
-		} else if (name_cmp(cnf->name, "userNotice") == 0) {
-			STACK_OF(CONF_VALUE) *unot;
-			POLICYQUALINFO *qual;
-
-			if (*cnf->value != '@') {
-				X509V3err(X509V3_F_POLICY_SECTION,
-				    X509V3_R_EXPECTED_A_SECTION_NAME);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			unot = X509V3_get_section(ctx, cnf->value + 1);
-			if (unot == NULL) {
-				X509V3err(X509V3_F_POLICY_SECTION,
-				    X509V3_R_INVALID_SECTION);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			qual = notice_section(ctx, unot, ia5org);
-			X509V3_section_free(ctx, unot);
-			if (qual == NULL)
-				goto err;
-
-			if (pol->qualifiers == NULL) {
-				pol->qualifiers = sk_POLICYQUALINFO_new_null();
-				if (pol->qualifiers == NULL)
-					goto merr;
-			}
-			if (sk_POLICYQUALINFO_push(pol->qualifiers, qual) == 0)
-				goto merr;
-		} else {
-			X509V3err(X509V3_F_POLICY_SECTION,
-			    X509V3_R_INVALID_OPTION);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-	}
-	if (pol->policyid == NULL) {
-		X509V3err(X509V3_F_POLICY_SECTION,
-		    X509V3_R_NO_POLICY_IDENTIFIER);
-		goto err;
-	}
-
-	return pol;
-
-merr:
-	X509V3err(X509V3_F_POLICY_SECTION, ERR_R_MALLOC_FAILURE);
-
-err:
-	POLICYQUALINFO_free(nqual);
-	POLICYINFO_free(pol);
-	return NULL;
-}
-
-static POLICYQUALINFO *
-notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org)
-{
-	int i, ret;
-	CONF_VALUE *cnf;
-	USERNOTICE *not;
-	POLICYQUALINFO *qual;
-
-	if (!(qual = POLICYQUALINFO_new()))
-		goto merr;
-	qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
-	if (!(not = USERNOTICE_new()))
-		goto merr;
-	qual->d.usernotice = not;
-	for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
-		cnf = sk_CONF_VALUE_value(unot, i);
-		if (!strcmp(cnf->name, "explicitText")) {
-			if (not->exptext == NULL) {
-				not->exptext = ASN1_VISIBLESTRING_new();
-				if (not->exptext == NULL)
-					goto merr;
-			}
-			if (!ASN1_STRING_set(not->exptext, cnf->value,
-			    strlen(cnf->value)))
-				goto merr;
-		} else if (!strcmp(cnf->name, "organization")) {
-			NOTICEREF *nref;
-			if (!not->noticeref) {
-				if (!(nref = NOTICEREF_new()))
-					goto merr;
-				not->noticeref = nref;
-			} else
-				nref = not->noticeref;
-			if (ia5org)
-				nref->organization->type = V_ASN1_IA5STRING;
-			else
-				nref->organization->type = V_ASN1_VISIBLESTRING;
-			if (!ASN1_STRING_set(nref->organization, cnf->value,
-			    strlen(cnf->value)))
-				goto merr;
-		} else if (!strcmp(cnf->name, "noticeNumbers")) {
-			NOTICEREF *nref;
-			STACK_OF(CONF_VALUE) *nos;
-			if (!not->noticeref) {
-				if (!(nref = NOTICEREF_new()))
-					goto merr;
-				not->noticeref = nref;
-			} else
-				nref = not->noticeref;
-			nos = X509V3_parse_list(cnf->value);
-			if (!nos || !sk_CONF_VALUE_num(nos)) {
-				X509V3err(X509V3_F_NOTICE_SECTION,
-				    X509V3_R_INVALID_NUMBERS);
-				X509V3_conf_err(cnf);
-				if (nos != NULL)
-					sk_CONF_VALUE_pop_free(nos,
-					    X509V3_conf_free);
-				goto err;
-			}
-			ret = nref_nos(nref->noticenos, nos);
-			sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
-			if (!ret)
-				goto err;
-		} else {
-			X509V3err(X509V3_F_NOTICE_SECTION,
-			    X509V3_R_INVALID_OPTION);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-	}
-
-	if (not->noticeref &&
-	    (!not->noticeref->noticenos || !not->noticeref->organization)) {
-		X509V3err(X509V3_F_NOTICE_SECTION,
-		    X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
-		goto err;
-	}
-
-	return qual;
-
-merr:
-	X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_MALLOC_FAILURE);
-
-err:
-	POLICYQUALINFO_free(qual);
-	return NULL;
-}
-
-static int
-nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
-{
-	CONF_VALUE *cnf;
-	ASN1_INTEGER *aint;
-	int i;
-
-	for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
-		cnf = sk_CONF_VALUE_value(nos, i);
-		if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
-			X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER);
-			goto err;
-		}
-		if (!sk_ASN1_INTEGER_push(nnums, aint))
-			goto merr;
-	}
-	return 1;
-
-merr:
-	X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE);
-
-err:
-	sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
-	return 0;
-}
-
-static int
-i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out,
-    int indent)
-{
-	int i;
-	POLICYINFO *pinfo;
-
-	/* First print out the policy OIDs */
-	for (i = 0; i < sk_POLICYINFO_num(pol); i++) {
-		pinfo = sk_POLICYINFO_value(pol, i);
-		BIO_printf(out, "%*sPolicy: ", indent, "");
-		i2a_ASN1_OBJECT(out, pinfo->policyid);
-		BIO_puts(out, "\n");
-		if (pinfo->qualifiers)
-			print_qualifiers(out, pinfo->qualifiers, indent + 2);
-	}
-	return 1;
-}
-
-static void
-print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent)
-{
-	POLICYQUALINFO *qualinfo;
-	int i;
-
-	for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
-		qualinfo = sk_POLICYQUALINFO_value(quals, i);
-		switch (OBJ_obj2nid(qualinfo->pqualid)) {
-		case NID_id_qt_cps:
-			BIO_printf(out, "%*sCPS: %s\n", indent, "",
-			    qualinfo->d.cpsuri->data);
-			break;
-
-		case NID_id_qt_unotice:
-			BIO_printf(out, "%*sUser Notice:\n", indent, "");
-			print_notice(out, qualinfo->d.usernotice, indent + 2);
-			break;
-
-		default:
-			BIO_printf(out, "%*sUnknown Qualifier: ",
-			    indent + 2, "");
-
-			i2a_ASN1_OBJECT(out, qualinfo->pqualid);
-			BIO_puts(out, "\n");
-			break;
-		}
-	}
-}
-
-static void
-print_notice(BIO *out, USERNOTICE *notice, int indent)
-{
-	int i;
-
-	if (notice->noticeref) {
-		NOTICEREF *ref;
-		ref = notice->noticeref;
-		BIO_printf(out, "%*sOrganization: %s\n", indent, "",
-		    ref->organization->data);
-		BIO_printf(out, "%*sNumber%s: ", indent, "",
-		    sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
-		for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
-			ASN1_INTEGER *num;
-			char *tmp;
-			num = sk_ASN1_INTEGER_value(ref->noticenos, i);
-			if (i)
-				BIO_puts(out, ", ");
-			tmp = i2s_ASN1_INTEGER(NULL, num);
-			BIO_puts(out, tmp);
-			free(tmp);
-		}
-		BIO_puts(out, "\n");
-	}
-	if (notice->exptext)
-		BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
-		    notice->exptext->data);
-}
-
-void
-X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent)
-{
-	const X509_POLICY_DATA *dat = node->data;
-
-	BIO_printf(out, "%*sPolicy: ", indent, "");
-
-	i2a_ASN1_OBJECT(out, dat->valid_policy);
-	BIO_puts(out, "\n");
-	BIO_printf(out, "%*s%s\n", indent + 2, "",
-	    node_data_critical(dat) ? "Critical" : "Non Critical");
-	if (dat->qualifier_set)
-		print_qualifiers(out, dat->qualifier_set, indent + 2);
-	else
-		BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, "");
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_crld.c b/lib/libssl/src/crypto/x509v3/v3_crld.c
deleted file mode 100644
index a72d0ab500c..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_crld.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/* $OpenBSD: v3_crld.c,v 1.19 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_crld(const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
-    int indent);
-
-const X509V3_EXT_METHOD v3_crld = {
-	.ext_nid = NID_crl_distribution_points,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(CRL_DIST_POINTS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = v2i_crld,
-	.i2r = i2r_crldp,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_freshest_crl = {
-	.ext_nid = NID_freshest_crl,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(CRL_DIST_POINTS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = v2i_crld,
-	.i2r = i2r_crldp,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static
-STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect)
-{
-	STACK_OF(CONF_VALUE) *gnsect;
-	STACK_OF(GENERAL_NAME) *gens;
-
-	if (*sect == '@')
-		gnsect = X509V3_get_section(ctx, sect + 1);
-	else
-		gnsect = X509V3_parse_list(sect);
-	if (!gnsect) {
-		X509V3err(X509V3_F_GNAMES_FROM_SECTNAME,
-		    X509V3_R_SECTION_NOT_FOUND);
-		return NULL;
-	}
-	gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
-	if (*sect == '@')
-		X509V3_section_free(ctx, gnsect);
-	else
-		sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
-	return gens;
-}
-
-static int
-set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf)
-{
-	STACK_OF(GENERAL_NAME) *fnm = NULL;
-	STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
-
-	if (!strncmp(cnf->name, "fullname", 9)) {
-		fnm = gnames_from_sectname(ctx, cnf->value);
-		if (!fnm)
-			goto err;
-	} else if (!strcmp(cnf->name, "relativename")) {
-		int ret;
-		STACK_OF(CONF_VALUE) *dnsect;
-		X509_NAME *nm;
-		nm = X509_NAME_new();
-		if (!nm)
-			return -1;
-		dnsect = X509V3_get_section(ctx, cnf->value);
-		if (!dnsect) {
-			X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-			    X509V3_R_SECTION_NOT_FOUND);
-			X509_NAME_free(nm);
-			return -1;
-		}
-		ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
-		X509V3_section_free(ctx, dnsect);
-		rnm = nm->entries;
-		nm->entries = NULL;
-		X509_NAME_free(nm);
-		if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
-			goto err;
-		/* Since its a name fragment can't have more than one
-		 * RDNSequence
-		 */
-		if (sk_X509_NAME_ENTRY_value(rnm,
-		    sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
-			X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-			    X509V3_R_INVALID_MULTIPLE_RDNS);
-			goto err;
-		}
-	} else
-		return 0;
-
-	if (*pdp) {
-		X509V3err(X509V3_F_SET_DIST_POINT_NAME,
-		    X509V3_R_DISTPOINT_ALREADY_SET);
-		goto err;
-	}
-
-	*pdp = DIST_POINT_NAME_new();
-	if (!*pdp)
-		goto err;
-	if (fnm) {
-		(*pdp)->type = 0;
-		(*pdp)->name.fullname = fnm;
-	} else {
-		(*pdp)->type = 1;
-		(*pdp)->name.relativename = rnm;
-	}
-
-	return 1;
-
-err:
-	if (fnm)
-		sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
-	if (rnm)
-		sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
-	return -1;
-}
-
-static const BIT_STRING_BITNAME reason_flags[] = {
-	{0, "Unused", "unused"},
-	{1, "Key Compromise", "keyCompromise"},
-	{2, "CA Compromise", "CACompromise"},
-	{3, "Affiliation Changed", "affiliationChanged"},
-	{4, "Superseded", "superseded"},
-	{5, "Cessation Of Operation", "cessationOfOperation"},
-	{6, "Certificate Hold", "certificateHold"},
-	{7, "Privilege Withdrawn", "privilegeWithdrawn"},
-	{8, "AA Compromise", "AACompromise"},
-	{-1, NULL, NULL}
-};
-
-static int
-set_reasons(ASN1_BIT_STRING **preas, char *value)
-{
-	STACK_OF(CONF_VALUE) *rsk = NULL;
-	const BIT_STRING_BITNAME *pbn;
-	const char *bnam;
-	int i, ret = 0;
-
-	if (*preas != NULL)
-		return 0;
-	rsk = X509V3_parse_list(value);
-	if (rsk == NULL)
-		return 0;
-	for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
-		bnam = sk_CONF_VALUE_value(rsk, i)->name;
-		if (!*preas) {
-			*preas = ASN1_BIT_STRING_new();
-			if (!*preas)
-				goto err;
-		}
-		for (pbn = reason_flags; pbn->lname; pbn++) {
-			if (!strcmp(pbn->sname, bnam)) {
-				if (!ASN1_BIT_STRING_set_bit(*preas,
-				    pbn->bitnum, 1))
-					goto err;
-				break;
-			}
-		}
-		if (!pbn->lname)
-			goto err;
-	}
-	ret = 1;
-
-err:
-	sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
-	return ret;
-}
-
-static int
-print_reasons(BIO *out, const char *rname, ASN1_BIT_STRING *rflags, int indent)
-{
-	int first = 1;
-	const BIT_STRING_BITNAME *pbn;
-
-	BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
-	for (pbn = reason_flags; pbn->lname; pbn++) {
-		if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
-			if (first)
-				first = 0;
-			else
-				BIO_puts(out, ", ");
-			BIO_puts(out, pbn->lname);
-		}
-	}
-	if (first)
-		BIO_puts(out, "<EMPTY>\n");
-	else
-		BIO_puts(out, "\n");
-	return 1;
-}
-
-static DIST_POINT *
-crldp_from_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
-{
-	int i;
-	CONF_VALUE *cnf;
-	DIST_POINT *point = NULL;
-
-	point = DIST_POINT_new();
-	if (!point)
-		goto err;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		int ret;
-		cnf = sk_CONF_VALUE_value(nval, i);
-		ret = set_dist_point_name(&point->distpoint, ctx, cnf);
-		if (ret > 0)
-			continue;
-		if (ret < 0)
-			goto err;
-		if (!strcmp(cnf->name, "reasons")) {
-			if (!set_reasons(&point->reasons, cnf->value))
-				goto err;
-		}
-		else if (!strcmp(cnf->name, "CRLissuer")) {
-			point->CRLissuer =
-			    gnames_from_sectname(ctx, cnf->value);
-			if (!point->CRLissuer)
-				goto err;
-		}
-	}
-
-	return point;
-
-err:
-	if (point)
-		DIST_POINT_free(point);
-	return NULL;
-}
-
-static void *
-v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	STACK_OF(DIST_POINT) *crld = NULL;
-	GENERAL_NAMES *gens = NULL;
-	GENERAL_NAME *gen = NULL;
-	CONF_VALUE *cnf;
-	int i;
-
-	if (!(crld = sk_DIST_POINT_new_null()))
-		goto merr;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		DIST_POINT *point;
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!cnf->value) {
-			STACK_OF(CONF_VALUE) *dpsect;
-			dpsect = X509V3_get_section(ctx, cnf->name);
-			if (!dpsect)
-				goto err;
-			point = crldp_from_section(ctx, dpsect);
-			X509V3_section_free(ctx, dpsect);
-			if (!point)
-				goto err;
-			if (!sk_DIST_POINT_push(crld, point)) {
-				DIST_POINT_free(point);
-				goto merr;
-			}
-		} else {
-			if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
-				goto err;
-			if (!(gens = GENERAL_NAMES_new()))
-				goto merr;
-			if (!sk_GENERAL_NAME_push(gens, gen))
-				goto merr;
-			gen = NULL;
-			if (!(point = DIST_POINT_new()))
-				goto merr;
-			if (!sk_DIST_POINT_push(crld, point)) {
-				DIST_POINT_free(point);
-				goto merr;
-			}
-			if (!(point->distpoint = DIST_POINT_NAME_new()))
-				goto merr;
-			point->distpoint->name.fullname = gens;
-			point->distpoint->type = 0;
-			gens = NULL;
-		}
-	}
-	return crld;
-
-merr:
-	X509V3err(X509V3_F_V2I_CRLD, ERR_R_MALLOC_FAILURE);
-err:
-	GENERAL_NAME_free(gen);
-	GENERAL_NAMES_free(gens);
-	sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
-	return NULL;
-}
-
-static int
-dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-	DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
-
-	switch (operation) {
-	case ASN1_OP_NEW_POST:
-		dpn->dpname = NULL;
-		break;
-
-	case ASN1_OP_FREE_POST:
-		if (dpn->dpname)
-			X509_NAME_free(dpn->dpname);
-		break;
-	}
-	return 1;
-}
-
-
-static const ASN1_AUX DIST_POINT_NAME_aux = {
-	.app_data = NULL,
-	.flags = 0,
-	.ref_offset = 0,
-	.ref_lock = 0,
-	.asn1_cb = dpn_cb,
-	.enc_offset = 0,
-};
-static const ASN1_TEMPLATE DIST_POINT_NAME_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(DIST_POINT_NAME, name.fullname),
-		.field_name = "name.fullname",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF,
-		.tag = 1,
-		.offset = offsetof(DIST_POINT_NAME, name.relativename),
-		.field_name = "name.relativename",
-		.item = &X509_NAME_ENTRY_it,
-	},
-};
-
-const ASN1_ITEM DIST_POINT_NAME_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(DIST_POINT_NAME, type),
-	.templates = DIST_POINT_NAME_ch_tt,
-	.tcount = sizeof(DIST_POINT_NAME_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = &DIST_POINT_NAME_aux,
-	.size = sizeof(DIST_POINT_NAME),
-	.sname = "DIST_POINT_NAME",
-};
-
-
-
-DIST_POINT_NAME *
-d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, const unsigned char **in, long len)
-{
-	return (DIST_POINT_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DIST_POINT_NAME_it);
-}
-
-int
-i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIST_POINT_NAME_it);
-}
-
-DIST_POINT_NAME *
-DIST_POINT_NAME_new(void)
-{
-	return (DIST_POINT_NAME *)ASN1_item_new(&DIST_POINT_NAME_it);
-}
-
-void
-DIST_POINT_NAME_free(DIST_POINT_NAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &DIST_POINT_NAME_it);
-}
-
-static const ASN1_TEMPLATE DIST_POINT_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(DIST_POINT, distpoint),
-		.field_name = "distpoint",
-		.item = &DIST_POINT_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(DIST_POINT, reasons),
-		.field_name = "reasons",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(DIST_POINT, CRLissuer),
-		.field_name = "CRLissuer",
-		.item = &GENERAL_NAME_it,
-	},
-};
-
-const ASN1_ITEM DIST_POINT_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = DIST_POINT_seq_tt,
-	.tcount = sizeof(DIST_POINT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(DIST_POINT),
-	.sname = "DIST_POINT",
-};
-
-
-DIST_POINT *
-d2i_DIST_POINT(DIST_POINT **a, const unsigned char **in, long len)
-{
-	return (DIST_POINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &DIST_POINT_it);
-}
-
-int
-i2d_DIST_POINT(DIST_POINT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIST_POINT_it);
-}
-
-DIST_POINT *
-DIST_POINT_new(void)
-{
-	return (DIST_POINT *)ASN1_item_new(&DIST_POINT_it);
-}
-
-void
-DIST_POINT_free(DIST_POINT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &DIST_POINT_it);
-}
-
-static const ASN1_TEMPLATE CRL_DIST_POINTS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "CRLDistributionPoints",
-	.item = &DIST_POINT_it,
-};
-
-const ASN1_ITEM CRL_DIST_POINTS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &CRL_DIST_POINTS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "CRL_DIST_POINTS",
-};
-
-
-CRL_DIST_POINTS *
-d2i_CRL_DIST_POINTS(CRL_DIST_POINTS **a, const unsigned char **in, long len)
-{
-	return (CRL_DIST_POINTS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &CRL_DIST_POINTS_it);
-}
-
-int
-i2d_CRL_DIST_POINTS(CRL_DIST_POINTS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &CRL_DIST_POINTS_it);
-}
-
-CRL_DIST_POINTS *
-CRL_DIST_POINTS_new(void)
-{
-	return (CRL_DIST_POINTS *)ASN1_item_new(&CRL_DIST_POINTS_it);
-}
-
-void
-CRL_DIST_POINTS_free(CRL_DIST_POINTS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &CRL_DIST_POINTS_it);
-}
-
-static const ASN1_TEMPLATE ISSUING_DIST_POINT_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(ISSUING_DIST_POINT, distpoint),
-		.field_name = "distpoint",
-		.item = &DIST_POINT_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(ISSUING_DIST_POINT, onlyuser),
-		.field_name = "onlyuser",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 2,
-		.offset = offsetof(ISSUING_DIST_POINT, onlyCA),
-		.field_name = "onlyCA",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 3,
-		.offset = offsetof(ISSUING_DIST_POINT, onlysomereasons),
-		.field_name = "onlysomereasons",
-		.item = &ASN1_BIT_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 4,
-		.offset = offsetof(ISSUING_DIST_POINT, indirectCRL),
-		.field_name = "indirectCRL",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 5,
-		.offset = offsetof(ISSUING_DIST_POINT, onlyattr),
-		.field_name = "onlyattr",
-		.item = &ASN1_FBOOLEAN_it,
-	},
-};
-
-const ASN1_ITEM ISSUING_DIST_POINT_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ISSUING_DIST_POINT_seq_tt,
-	.tcount = sizeof(ISSUING_DIST_POINT_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ISSUING_DIST_POINT),
-	.sname = "ISSUING_DIST_POINT",
-};
-
-
-ISSUING_DIST_POINT *
-d2i_ISSUING_DIST_POINT(ISSUING_DIST_POINT **a, const unsigned char **in, long len)
-{
-	return (ISSUING_DIST_POINT *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ISSUING_DIST_POINT_it);
-}
-
-int
-i2d_ISSUING_DIST_POINT(ISSUING_DIST_POINT *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ISSUING_DIST_POINT_it);
-}
-
-ISSUING_DIST_POINT *
-ISSUING_DIST_POINT_new(void)
-{
-	return (ISSUING_DIST_POINT *)ASN1_item_new(&ISSUING_DIST_POINT_it);
-}
-
-void
-ISSUING_DIST_POINT_free(ISSUING_DIST_POINT *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ISSUING_DIST_POINT_it);
-}
-
-static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
-    int indent);
-static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval);
-
-const X509V3_EXT_METHOD v3_idp = {
-	NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
-	ASN1_ITEM_ref(ISSUING_DIST_POINT),
-	0, 0, 0, 0,
-	0, 0,
-	0,
-	v2i_idp,
-	i2r_idp, 0,
-	NULL
-};
-
-static void *
-v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	ISSUING_DIST_POINT *idp = NULL;
-	CONF_VALUE *cnf;
-	char *name, *val;
-	int i, ret;
-
-	idp = ISSUING_DIST_POINT_new();
-	if (!idp)
-		goto merr;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		name = cnf->name;
-		val = cnf->value;
-		ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
-		if (ret > 0)
-			continue;
-		if (ret < 0)
-			goto err;
-		if (!strcmp(name, "onlyuser")) {
-			if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
-				goto err;
-		}
-		else if (!strcmp(name, "onlyCA")) {
-			if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
-				goto err;
-		}
-		else if (!strcmp(name, "onlyAA")) {
-			if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
-				goto err;
-		}
-		else if (!strcmp(name, "indirectCRL")) {
-			if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
-				goto err;
-		}
-		else if (!strcmp(name, "onlysomereasons")) {
-			if (!set_reasons(&idp->onlysomereasons, val))
-				goto err;
-		} else {
-			X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-	}
-	return idp;
-
-merr:
-	X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE);
-err:
-	ISSUING_DIST_POINT_free(idp);
-	return NULL;
-}
-
-static int
-print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
-{
-	int i;
-
-	for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-		BIO_printf(out, "%*s", indent + 2, "");
-		GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
-		BIO_puts(out, "\n");
-	}
-	return 1;
-}
-
-static int
-print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
-{
-	if (dpn->type == 0) {
-		BIO_printf(out, "%*sFull Name:\n", indent, "");
-		print_gens(out, dpn->name.fullname, indent);
-	} else {
-		X509_NAME ntmp;
-		ntmp.entries = dpn->name.relativename;
-		BIO_printf(out, "%*sRelative Name:\n%*s",
-		    indent, "", indent + 2, "");
-		X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
-		BIO_puts(out, "\n");
-	}
-	return 1;
-}
-
-static int
-i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out, int indent)
-{
-	ISSUING_DIST_POINT *idp = pidp;
-
-	if (idp->distpoint)
-		print_distpoint(out, idp->distpoint, indent);
-	if (idp->onlyuser > 0)
-		BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
-	if (idp->onlyCA > 0)
-		BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
-	if (idp->indirectCRL > 0)
-		BIO_printf(out, "%*sIndirect CRL\n", indent, "");
-	if (idp->onlysomereasons)
-		print_reasons(out, "Only Some Reasons",
-	    idp->onlysomereasons, indent);
-	if (idp->onlyattr > 0)
-		BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
-	if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0) &&
-	    (idp->indirectCRL <= 0) && !idp->onlysomereasons &&
-	    (idp->onlyattr <= 0))
-		BIO_printf(out, "%*s<EMPTY>\n", indent, "");
-
-	return 1;
-}
-
-static int
-i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, int indent)
-{
-	STACK_OF(DIST_POINT) *crld = pcrldp;
-	DIST_POINT *point;
-	int i;
-
-	for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
-		BIO_puts(out, "\n");
-		point = sk_DIST_POINT_value(crld, i);
-		if (point->distpoint)
-			print_distpoint(out, point->distpoint, indent);
-		if (point->reasons)
-			print_reasons(out, "Reasons", point->reasons,
-		    indent);
-		if (point->CRLissuer) {
-			BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
-			print_gens(out, point->CRLissuer, indent);
-		}
-	}
-	return 1;
-}
-
-int
-DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
-{
-	int i;
-	STACK_OF(X509_NAME_ENTRY) *frag;
-	X509_NAME_ENTRY *ne;
-
-	if (!dpn || (dpn->type != 1))
-		return 1;
-	frag = dpn->name.relativename;
-	dpn->dpname = X509_NAME_dup(iname);
-	if (!dpn->dpname)
-		return 0;
-	for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) {
-		ne = sk_X509_NAME_ENTRY_value(frag, i);
-		if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) {
-			X509_NAME_free(dpn->dpname);
-			dpn->dpname = NULL;
-			return 0;
-		}
-	}
-	/* generate cached encoding of name */
-	if (i2d_X509_NAME(dpn->dpname, NULL) < 0) {
-		X509_NAME_free(dpn->dpname);
-		dpn->dpname = NULL;
-		return 0;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_enum.c b/lib/libssl/src/crypto/x509v3/v3_enum.c
deleted file mode 100644
index 7f35a570128..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_enum.c
+++ /dev/null
@@ -1,107 +0,0 @@
-/* $OpenBSD: v3_enum.c,v 1.11 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <openssl/x509v3.h>
-
-static ENUMERATED_NAMES crl_reasons[] = {
-	{CRL_REASON_UNSPECIFIED, 	 "Unspecified", "unspecified"},
-	{CRL_REASON_KEY_COMPROMISE,	 "Key Compromise", "keyCompromise"},
-	{CRL_REASON_CA_COMPROMISE,	 "CA Compromise", "CACompromise"},
-	{CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed", "affiliationChanged"},
-	{CRL_REASON_SUPERSEDED, 	 "Superseded", "superseded"},
-		{CRL_REASON_CESSATION_OF_OPERATION,
-	"Cessation Of Operation", "cessationOfOperation"},
-	{CRL_REASON_CERTIFICATE_HOLD,	 "Certificate Hold", "certificateHold"},
-	{CRL_REASON_REMOVE_FROM_CRL,	 "Remove From CRL", "removeFromCRL"},
-	{CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"},
-	{CRL_REASON_AA_COMPROMISE,	 "AA Compromise", "AACompromise"},
-	{-1, NULL, NULL}
-};
-
-const X509V3_EXT_METHOD v3_crl_reason = {
-	.ext_nid = NID_crl_reason,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_ENUMERATED),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = crl_reasons,
-};
-
-char *
-i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
-{
-	ENUMERATED_NAMES *enam;
-	long strval;
-
-	strval = ASN1_ENUMERATED_get(e);
-	for (enam = method->usr_data; enam->lname; enam++) {
-		if (strval == enam->bitnum)
-			return strdup(enam->lname);
-	}
-	return i2s_ASN1_ENUMERATED(method, e);
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_extku.c b/lib/libssl/src/crypto/x509v3/v3_extku.c
deleted file mode 100644
index d5021755930..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_extku.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/* $OpenBSD: v3_extku.c,v 1.13 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(
-    const X509V3_EXT_METHOD *method, void *eku, STACK_OF(CONF_VALUE) *extlist);
-
-const X509V3_EXT_METHOD v3_ext_ku = {
-	.ext_nid = NID_ext_key_usage,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = i2v_EXTENDED_KEY_USAGE,
-	.v2i = v2i_EXTENDED_KEY_USAGE,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
-const X509V3_EXT_METHOD v3_ocsp_accresp = {
-	.ext_nid = NID_id_pkix_OCSP_acceptableResponses,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = i2v_EXTENDED_KEY_USAGE,
-	.v2i = v2i_EXTENDED_KEY_USAGE,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE EXTENDED_KEY_USAGE_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "EXTENDED_KEY_USAGE",
-	.item = &ASN1_OBJECT_it,
-};
-
-const ASN1_ITEM EXTENDED_KEY_USAGE_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &EXTENDED_KEY_USAGE_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "EXTENDED_KEY_USAGE",
-};
-
-
-EXTENDED_KEY_USAGE *
-d2i_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE **a, const unsigned char **in, long len)
-{
-	return (EXTENDED_KEY_USAGE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &EXTENDED_KEY_USAGE_it);
-}
-
-int
-i2d_EXTENDED_KEY_USAGE(EXTENDED_KEY_USAGE *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &EXTENDED_KEY_USAGE_it);
-}
-
-EXTENDED_KEY_USAGE *
-EXTENDED_KEY_USAGE_new(void)
-{
-	return (EXTENDED_KEY_USAGE *)ASN1_item_new(&EXTENDED_KEY_USAGE_it);
-}
-
-void
-EXTENDED_KEY_USAGE_free(EXTENDED_KEY_USAGE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &EXTENDED_KEY_USAGE_it);
-}
-
-static STACK_OF(CONF_VALUE) *
-i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, void *a,
-    STACK_OF(CONF_VALUE) *ext_list)
-{
-	EXTENDED_KEY_USAGE *eku = a;
-	int i;
-	ASN1_OBJECT *obj;
-	char obj_tmp[80];
-
-	for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
-		obj = sk_ASN1_OBJECT_value(eku, i);
-		i2t_ASN1_OBJECT(obj_tmp, 80, obj);
-		X509V3_add_value(NULL, obj_tmp, &ext_list);
-	}
-	return ext_list;
-}
-
-static void *
-v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	EXTENDED_KEY_USAGE *extku;
-	char *extval;
-	ASN1_OBJECT *objtmp;
-	CONF_VALUE *val;
-	int i;
-
-	if (!(extku = sk_ASN1_OBJECT_new_null())) {
-		X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		if (val->value)
-			extval = val->value;
-		else
-			extval = val->name;
-		if (!(objtmp = OBJ_txt2obj(extval, 0))) {
-			sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-			X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
-			    X509V3_R_INVALID_OBJECT_IDENTIFIER);
-			X509V3_conf_err(val);
-			return NULL;
-		}
-		if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) {
-			ASN1_OBJECT_free(objtmp);
-			sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-			X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-	}
-	return extku;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_genn.c b/lib/libssl/src/crypto/x509v3/v3_genn.c
deleted file mode 100644
index a6b7a18b17b..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_genn.c
+++ /dev/null
@@ -1,474 +0,0 @@
-/* $OpenBSD: v3_genn.c,v 1.12 2015/09/26 17:38:41 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-static const ASN1_TEMPLATE OTHERNAME_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(OTHERNAME, type_id),
-		.field_name = "type_id",
-		.item = &ASN1_OBJECT_it,
-	},
-	/* Maybe have a true ANY DEFINED BY later */
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = 0,
-		.offset = offsetof(OTHERNAME, value),
-		.field_name = "value",
-		.item = &ASN1_ANY_it,
-	},
-};
-
-const ASN1_ITEM OTHERNAME_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = OTHERNAME_seq_tt,
-	.tcount = sizeof(OTHERNAME_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(OTHERNAME),
-	.sname = "OTHERNAME",
-};
-
-
-OTHERNAME *
-d2i_OTHERNAME(OTHERNAME **a, const unsigned char **in, long len)
-{
-	return (OTHERNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &OTHERNAME_it);
-}
-
-int
-i2d_OTHERNAME(OTHERNAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &OTHERNAME_it);
-}
-
-OTHERNAME *
-OTHERNAME_new(void)
-{
-	return (OTHERNAME *)ASN1_item_new(&OTHERNAME_it);
-}
-
-void
-OTHERNAME_free(OTHERNAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &OTHERNAME_it);
-}
-
-static const ASN1_TEMPLATE EDIPARTYNAME_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(EDIPARTYNAME, nameAssigner),
-		.field_name = "nameAssigner",
-		.item = &DIRECTORYSTRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(EDIPARTYNAME, partyName),
-		.field_name = "partyName",
-		.item = &DIRECTORYSTRING_it,
-	},
-};
-
-const ASN1_ITEM EDIPARTYNAME_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = EDIPARTYNAME_seq_tt,
-	.tcount = sizeof(EDIPARTYNAME_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(EDIPARTYNAME),
-	.sname = "EDIPARTYNAME",
-};
-
-
-EDIPARTYNAME *
-d2i_EDIPARTYNAME(EDIPARTYNAME **a, const unsigned char **in, long len)
-{
-	return (EDIPARTYNAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &EDIPARTYNAME_it);
-}
-
-int
-i2d_EDIPARTYNAME(EDIPARTYNAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &EDIPARTYNAME_it);
-}
-
-EDIPARTYNAME *
-EDIPARTYNAME_new(void)
-{
-	return (EDIPARTYNAME *)ASN1_item_new(&EDIPARTYNAME_it);
-}
-
-void
-EDIPARTYNAME_free(EDIPARTYNAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &EDIPARTYNAME_it);
-}
-
-static const ASN1_TEMPLATE GENERAL_NAME_ch_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_OTHERNAME,
-		.offset = offsetof(GENERAL_NAME, d.otherName),
-		.field_name = "d.otherName",
-		.item = &OTHERNAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_EMAIL,
-		.offset = offsetof(GENERAL_NAME, d.rfc822Name),
-		.field_name = "d.rfc822Name",
-		.item = &ASN1_IA5STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_DNS,
-		.offset = offsetof(GENERAL_NAME, d.dNSName),
-		.field_name = "d.dNSName",
-		.item = &ASN1_IA5STRING_it,
-	},
-	/* Don't decode this */
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_X400,
-		.offset = offsetof(GENERAL_NAME, d.x400Address),
-		.field_name = "d.x400Address",
-		.item = &ASN1_SEQUENCE_it,
-	},
-	/* X509_NAME is a CHOICE type so use EXPLICIT */
-	{
-		.flags = ASN1_TFLG_EXPLICIT,
-		.tag = GEN_DIRNAME,
-		.offset = offsetof(GENERAL_NAME, d.directoryName),
-		.field_name = "d.directoryName",
-		.item = &X509_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_EDIPARTY,
-		.offset = offsetof(GENERAL_NAME, d.ediPartyName),
-		.field_name = "d.ediPartyName",
-		.item = &EDIPARTYNAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_URI,
-		.offset = offsetof(GENERAL_NAME, d.uniformResourceIdentifier),
-		.field_name = "d.uniformResourceIdentifier",
-		.item = &ASN1_IA5STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_IPADD,
-		.offset = offsetof(GENERAL_NAME, d.iPAddress),
-		.field_name = "d.iPAddress",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT,
-		.tag = GEN_RID,
-		.offset = offsetof(GENERAL_NAME, d.registeredID),
-		.field_name = "d.registeredID",
-		.item = &ASN1_OBJECT_it,
-	},
-};
-
-const ASN1_ITEM GENERAL_NAME_it = {
-	.itype = ASN1_ITYPE_CHOICE,
-	.utype = offsetof(GENERAL_NAME, type),
-	.templates = GENERAL_NAME_ch_tt,
-	.tcount = sizeof(GENERAL_NAME_ch_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GENERAL_NAME),
-	.sname = "GENERAL_NAME",
-};
-
-
-GENERAL_NAME *
-d2i_GENERAL_NAME(GENERAL_NAME **a, const unsigned char **in, long len)
-{
-	return (GENERAL_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GENERAL_NAME_it);
-}
-
-int
-i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GENERAL_NAME_it);
-}
-
-GENERAL_NAME *
-GENERAL_NAME_new(void)
-{
-	return (GENERAL_NAME *)ASN1_item_new(&GENERAL_NAME_it);
-}
-
-void
-GENERAL_NAME_free(GENERAL_NAME *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GENERAL_NAME_it);
-}
-
-static const ASN1_TEMPLATE GENERAL_NAMES_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "GeneralNames",
-	.item = &GENERAL_NAME_it,
-};
-
-const ASN1_ITEM GENERAL_NAMES_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &GENERAL_NAMES_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "GENERAL_NAMES",
-};
-
-
-GENERAL_NAMES *
-d2i_GENERAL_NAMES(GENERAL_NAMES **a, const unsigned char **in, long len)
-{
-	return (GENERAL_NAMES *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &GENERAL_NAMES_it);
-}
-
-int
-i2d_GENERAL_NAMES(GENERAL_NAMES *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &GENERAL_NAMES_it);
-}
-
-GENERAL_NAMES *
-GENERAL_NAMES_new(void)
-{
-	return (GENERAL_NAMES *)ASN1_item_new(&GENERAL_NAMES_it);
-}
-
-void
-GENERAL_NAMES_free(GENERAL_NAMES *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GENERAL_NAMES_it);
-}
-
-GENERAL_NAME *
-GENERAL_NAME_dup(GENERAL_NAME *a)
-{
-	return ASN1_item_dup(&GENERAL_NAME_it, a);
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int
-GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
-{
-	int result = -1;
-
-	if (!a || !b || a->type != b->type)
-		return -1;
-	switch (a->type) {
-	case GEN_X400:
-	case GEN_EDIPARTY:
-		result = ASN1_TYPE_cmp(a->d.other, b->d.other);
-		break;
-
-	case GEN_OTHERNAME:
-		result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
-		break;
-
-	case GEN_EMAIL:
-	case GEN_DNS:
-	case GEN_URI:
-		result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
-		break;
-
-	case GEN_DIRNAME:
-		result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
-		break;
-
-	case GEN_IPADD:
-		result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
-		break;
-
-	case GEN_RID:
-		result = OBJ_cmp(a->d.rid, b->d.rid);
-		break;
-	}
-	return result;
-}
-
-/* Returns 0 if they are equal, != 0 otherwise. */
-int
-OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
-{
-	int result = -1;
-
-	if (!a || !b)
-		return -1;
-	/* Check their type first. */
-	if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
-		return result;
-	/* Check the value. */
-	result = ASN1_TYPE_cmp(a->value, b->value);
-	return result;
-}
-
-void
-GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
-{
-	switch (type) {
-	case GEN_X400:
-	case GEN_EDIPARTY:
-		a->d.other = value;
-		break;
-
-	case GEN_OTHERNAME:
-		a->d.otherName = value;
-		break;
-
-	case GEN_EMAIL:
-	case GEN_DNS:
-	case GEN_URI:
-		a->d.ia5 = value;
-		break;
-
-	case GEN_DIRNAME:
-		a->d.dirn = value;
-		break;
-
-	case GEN_IPADD:
-		a->d.ip = value;
-		break;
-
-	case GEN_RID:
-		a->d.rid = value;
-		break;
-	}
-	a->type = type;
-}
-
-void *
-GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype)
-{
-	if (ptype)
-		*ptype = a->type;
-	switch (a->type) {
-	case GEN_X400:
-	case GEN_EDIPARTY:
-		return a->d.other;
-
-	case GEN_OTHERNAME:
-		return a->d.otherName;
-
-	case GEN_EMAIL:
-	case GEN_DNS:
-	case GEN_URI:
-		return a->d.ia5;
-
-	case GEN_DIRNAME:
-		return a->d.dirn;
-
-	case GEN_IPADD:
-		return a->d.ip;
-
-	case GEN_RID:
-		return a->d.rid;
-
-	default:
-		return NULL;
-	}
-}
-
-int
-GENERAL_NAME_set0_othername(GENERAL_NAME *gen, ASN1_OBJECT *oid,
-    ASN1_TYPE *value)
-{
-	OTHERNAME *oth;
-
-	oth = OTHERNAME_new();
-	if (!oth)
-		return 0;
-	oth->type_id = oid;
-	oth->value = value;
-	GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
-	return 1;
-}
-
-int
-GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, ASN1_OBJECT **poid,
-    ASN1_TYPE **pvalue)
-{
-	if (gen->type != GEN_OTHERNAME)
-		return 0;
-	if (poid)
-		*poid = gen->d.otherName->type_id;
-	if (pvalue)
-		*pvalue = gen->d.otherName->value;
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_ia5.c b/lib/libssl/src/crypto/x509v3/v3_ia5.c
deleted file mode 100644
index 20e44ec2b1a..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_ia5.c
+++ /dev/null
@@ -1,239 +0,0 @@
-/* $OpenBSD: v3_ia5.c,v 1.15 2015/09/30 18:21:50 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5);
-static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
-	{
-		.ext_nid = NID_netscape_base_url,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_revocation_url,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_ca_revocation_url,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_renewal_url,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_ca_policy_url,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_ssl_server_name,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = NID_netscape_comment,
-		.ext_flags = 0,
-		.it = ASN1_ITEM_ref(ASN1_IA5STRING),
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = (X509V3_EXT_I2S)i2s_ASN1_IA5STRING,
-		.s2i = (X509V3_EXT_S2I)s2i_ASN1_IA5STRING,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-	{
-		.ext_nid = -1,
-		.ext_flags = 0,
-		.it = NULL,
-		.ext_new = NULL,
-		.ext_free = NULL,
-		.d2i = NULL,
-		.i2d = NULL,
-		.i2s = NULL,
-		.s2i = NULL,
-		.i2v = NULL,
-		.v2i = NULL,
-		.i2r = NULL,
-		.r2i = NULL,
-		.usr_data = NULL,
-	},
-};
-
-static char *
-i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
-{
-	char *tmp;
-
-	if (!ia5 || !ia5->length)
-		return NULL;
-	if (!(tmp = malloc(ia5->length + 1))) {
-		X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	memcpy(tmp, ia5->data, ia5->length);
-	tmp[ia5->length] = 0;
-	return tmp;
-}
-
-static ASN1_IA5STRING *
-s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
-{
-	ASN1_IA5STRING *ia5;
-	if (!str) {
-		X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
-		    X509V3_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-	if (!(ia5 = ASN1_IA5STRING_new()))
-		goto err;
-	if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str,
-	    strlen(str))) {
-		ASN1_IA5STRING_free(ia5);
-		goto err;
-	}
-	return ia5;
-
-err:
-	X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_info.c b/lib/libssl/src/crypto/x509v3/v3_info.c
deleted file mode 100644
index 3b962221872..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_info.c
+++ /dev/null
@@ -1,307 +0,0 @@
-/* $OpenBSD: v3_info.c,v 1.23 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(
-    X509V3_EXT_METHOD *method, AUTHORITY_INFO_ACCESS *ainfo,
-    STACK_OF(CONF_VALUE) *ret);
-static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(
-    X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-const X509V3_EXT_METHOD v3_info = {
-	.ext_nid = NID_info_access,
-	.ext_flags = X509V3_EXT_MULTILINE,
-	.it = ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-	.v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_sinfo = {
-	.ext_nid = NID_sinfo_access,
-	.ext_flags = X509V3_EXT_MULTILINE,
-	.it = ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS,
-	.v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE ACCESS_DESCRIPTION_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ACCESS_DESCRIPTION, method),
-		.field_name = "method",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(ACCESS_DESCRIPTION, location),
-		.field_name = "location",
-		.item = &GENERAL_NAME_it,
-	},
-};
-
-const ASN1_ITEM ACCESS_DESCRIPTION_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = ACCESS_DESCRIPTION_seq_tt,
-	.tcount = sizeof(ACCESS_DESCRIPTION_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(ACCESS_DESCRIPTION),
-	.sname = "ACCESS_DESCRIPTION",
-};
-
-
-ACCESS_DESCRIPTION *
-d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, const unsigned char **in, long len)
-{
-	return (ACCESS_DESCRIPTION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &ACCESS_DESCRIPTION_it);
-}
-
-int
-i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &ACCESS_DESCRIPTION_it);
-}
-
-ACCESS_DESCRIPTION *
-ACCESS_DESCRIPTION_new(void)
-{
-	return (ACCESS_DESCRIPTION *)ASN1_item_new(&ACCESS_DESCRIPTION_it);
-}
-
-void
-ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &ACCESS_DESCRIPTION_it);
-}
-
-static const ASN1_TEMPLATE AUTHORITY_INFO_ACCESS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "GeneralNames",
-	.item = &ACCESS_DESCRIPTION_it,
-};
-
-const ASN1_ITEM AUTHORITY_INFO_ACCESS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &AUTHORITY_INFO_ACCESS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "AUTHORITY_INFO_ACCESS",
-};
-
-
-AUTHORITY_INFO_ACCESS *
-d2i_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS **a, const unsigned char **in, long len)
-{
-	return (AUTHORITY_INFO_ACCESS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &AUTHORITY_INFO_ACCESS_it);
-}
-
-int
-i2d_AUTHORITY_INFO_ACCESS(AUTHORITY_INFO_ACCESS *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &AUTHORITY_INFO_ACCESS_it);
-}
-
-AUTHORITY_INFO_ACCESS *
-AUTHORITY_INFO_ACCESS_new(void)
-{
-	return (AUTHORITY_INFO_ACCESS *)ASN1_item_new(&AUTHORITY_INFO_ACCESS_it);
-}
-
-void
-AUTHORITY_INFO_ACCESS_free(AUTHORITY_INFO_ACCESS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &AUTHORITY_INFO_ACCESS_it);
-}
-
-static STACK_OF(CONF_VALUE) *
-i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
-    AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret)
-{
-	ACCESS_DESCRIPTION *desc;
-	int i, nlen;
-	char objtmp[80], *ntmp;
-	CONF_VALUE *vtmp;
-
-	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
-		desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
-		ret = i2v_GENERAL_NAME(method, desc->location, ret);
-		if (!ret)
-			break;
-		vtmp = sk_CONF_VALUE_value(ret, i);
-		i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
-		nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
-		ntmp = malloc(nlen);
-		if (!ntmp) {
-			X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
-			    ERR_R_MALLOC_FAILURE);
-			return NULL;
-		}
-		strlcpy(ntmp, objtmp, nlen);
-		strlcat(ntmp, " - ", nlen);
-		strlcat(ntmp, vtmp->name, nlen);
-		free(vtmp->name);
-		vtmp->name = ntmp;
-
-	}
-	if (!ret)
-		return sk_CONF_VALUE_new_null();
-	return ret;
-}
-
-static AUTHORITY_INFO_ACCESS *
-v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	AUTHORITY_INFO_ACCESS *ainfo = NULL;
-	CONF_VALUE *cnf, ctmp;
-	ACCESS_DESCRIPTION *acc;
-	int i, objlen;
-	char *objtmp, *ptmp;
-
-	if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
-		X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) {
-			ACCESS_DESCRIPTION_free(acc);
-			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		ptmp = strchr(cnf->name, ';');
-		if (!ptmp) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-			    X509V3_R_INVALID_SYNTAX);
-			goto err;
-		}
-		objlen = ptmp - cnf->name;
-		ctmp.name = ptmp + 1;
-		ctmp.value = cnf->value;
-		if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
-			goto err;
-		if (!(objtmp = malloc(objlen + 1))) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		strlcpy(objtmp, cnf->name, objlen + 1);
-		acc->method = OBJ_txt2obj(objtmp, 0);
-		if (!acc->method) {
-			X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
-			    X509V3_R_BAD_OBJECT);
-			ERR_asprintf_error_data("value=%s", objtmp);
-			free(objtmp);
-			goto err;
-		}
-		free(objtmp);
-	}
-	return ainfo;
-
-err:
-	sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
-	return NULL;
-}
-
-int
-i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
-{
-	i2a_ASN1_OBJECT(bp, a->method);
-	return 2;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_int.c b/lib/libssl/src/crypto/x509v3/v3_int.c
deleted file mode 100644
index bd059b72699..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_int.c
+++ /dev/null
@@ -1,110 +0,0 @@
-/* $OpenBSD: v3_int.c,v 1.10 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/x509v3.h>
-
-const X509V3_EXT_METHOD v3_crl_num = {
-	.ext_nid = NID_crl_number,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_INTEGER),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_delta_crl = {
-	.ext_nid = NID_delta_crl,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_INTEGER),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static void *
-s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx, char *value)
-{
-	return s2i_ASN1_INTEGER(meth, value);
-}
-
-const X509V3_EXT_METHOD v3_inhibit_anyp = {
-	NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
-	0, 0, 0, 0,
-	(X509V3_EXT_I2S)i2s_ASN1_INTEGER,
-	(X509V3_EXT_S2I)s2i_asn1_int,
-	0, 0, 0, 0,
-	NULL
-};
diff --git a/lib/libssl/src/crypto/x509v3/v3_lib.c b/lib/libssl/src/crypto/x509v3/v3_lib.c
deleted file mode 100644
index 7731c7c544d..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_lib.c
+++ /dev/null
@@ -1,345 +0,0 @@
-/* $OpenBSD: v3_lib.c,v 1.14 2015/02/10 11:22:22 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-#include "ext_dat.h"
-
-static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
-
-static int ext_cmp(const X509V3_EXT_METHOD * const *a,
-    const X509V3_EXT_METHOD * const *b);
-static void ext_list_free(X509V3_EXT_METHOD *ext);
-
-int
-X509V3_EXT_add(X509V3_EXT_METHOD *ext)
-{
-	if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	return 1;
-}
-
-static int
-ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
-{
-	return ((*a)->ext_nid - (*b)->ext_nid);
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
-    const X509V3_EXT_METHOD *, ext);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
-    const X509V3_EXT_METHOD *, ext);
-
-const X509V3_EXT_METHOD *
-X509V3_EXT_get_nid(int nid)
-{
-	X509V3_EXT_METHOD tmp;
-	const X509V3_EXT_METHOD *t = &tmp, * const *ret;
-	int idx;
-
-	if (nid < 0)
-		return NULL;
-	tmp.ext_nid = nid;
-	ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
-	if (ret)
-		return *ret;
-	if (!ext_list)
-		return NULL;
-	idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
-	if (idx == -1)
-		return NULL;
-	return sk_X509V3_EXT_METHOD_value(ext_list, idx);
-}
-
-const X509V3_EXT_METHOD *
-X509V3_EXT_get(X509_EXTENSION *ext)
-{
-	int nid;
-
-	if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
-		return NULL;
-	return X509V3_EXT_get_nid(nid);
-}
-
-int
-X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
-{
-	for (; extlist->ext_nid!=-1; extlist++)
-		if (!X509V3_EXT_add(extlist))
-			return 0;
-	return 1;
-}
-
-int
-X509V3_EXT_add_alias(int nid_to, int nid_from)
-{
-	const X509V3_EXT_METHOD *ext;
-	X509V3_EXT_METHOD *tmpext;
-
-	if (!(ext = X509V3_EXT_get_nid(nid_from))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
-		    X509V3_R_EXTENSION_NOT_FOUND);
-		return 0;
-	}
-	if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
-		X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	*tmpext = *ext;
-	tmpext->ext_nid = nid_to;
-	tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
-	return X509V3_EXT_add(tmpext);
-}
-
-void
-X509V3_EXT_cleanup(void)
-{
-	sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
-	ext_list = NULL;
-}
-
-static void
-ext_list_free(X509V3_EXT_METHOD *ext)
-{
-	if (ext->ext_flags & X509V3_EXT_DYNAMIC)
-		free(ext);
-}
-
-/* Legacy function: we don't need to add standard extensions
- * any more because they are now kept in ext_dat.h.
- */
-
-int
-X509V3_add_standard_extensions(void)
-{
-	return 1;
-}
-
-/* Return an extension internal structure */
-
-void *
-X509V3_EXT_d2i(X509_EXTENSION *ext)
-{
-	const X509V3_EXT_METHOD *method;
-	const unsigned char *p;
-
-	if (!(method = X509V3_EXT_get(ext)))
-		return NULL;
-	p = ext->value->data;
-	if (method->it)
-		return ASN1_item_d2i(NULL, &p, ext->value->length,
-		    ASN1_ITEM_ptr(method->it));
-	return method->d2i(NULL, &p, ext->value->length);
-}
-
-/* Get critical flag and decoded version of extension from a NID.
- * The "idx" variable returns the last found extension and can
- * be used to retrieve multiple extensions of the same NID.
- * However multiple extensions with the same NID is usually
- * due to a badly encoded certificate so if idx is NULL we
- * choke if multiple extensions exist.
- * The "crit" variable is set to the critical value.
- * The return value is the decoded extension or NULL on
- * error. The actual error can have several different causes,
- * the value of *crit reflects the cause:
- * >= 0, extension found but not decoded (reflects critical value).
- * -1 extension not found.
- * -2 extension occurs more than once.
- */
-
-void *
-X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx)
-{
-	int lastpos, i;
-	X509_EXTENSION *ex, *found_ex = NULL;
-
-	if (!x) {
-		if (idx)
-			*idx = -1;
-		if (crit)
-			*crit = -1;
-		return NULL;
-	}
-	if (idx)
-		lastpos = *idx + 1;
-	else
-		lastpos = 0;
-	if (lastpos < 0)
-		lastpos = 0;
-	for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
-		ex = sk_X509_EXTENSION_value(x, i);
-		if (OBJ_obj2nid(ex->object) == nid) {
-			if (idx) {
-				*idx = i;
-				found_ex = ex;
-				break;
-			} else if (found_ex) {
-				/* Found more than one */
-				if (crit)
-					*crit = -2;
-				return NULL;
-			}
-			found_ex = ex;
-		}
-	}
-	if (found_ex) {
-		/* Found it */
-		if (crit)
-			*crit = X509_EXTENSION_get_critical(found_ex);
-		return X509V3_EXT_d2i(found_ex);
-	}
-
-	/* Extension not found */
-	if (idx)
-		*idx = -1;
-	if (crit)
-		*crit = -1;
-	return NULL;
-}
-
-/* This function is a general extension append, replace and delete utility.
- * The precise operation is governed by the 'flags' value. The 'crit' and
- * 'value' arguments (if relevant) are the extensions internal structure.
- */
-
-int
-X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
-    int crit, unsigned long flags)
-{
-	int extidx = -1;
-	int errcode;
-	X509_EXTENSION *ext, *extmp;
-	unsigned long ext_op = flags & X509V3_ADD_OP_MASK;
-
-	/* If appending we don't care if it exists, otherwise
-	 * look for existing extension.
-	 */
-	if (ext_op != X509V3_ADD_APPEND)
-		extidx = X509v3_get_ext_by_NID(*x, nid, -1);
-
-	/* See if extension exists */
-	if (extidx >= 0) {
-		/* If keep existing, nothing to do */
-		if (ext_op == X509V3_ADD_KEEP_EXISTING)
-			return 1;
-		/* If default then its an error */
-		if (ext_op == X509V3_ADD_DEFAULT) {
-			errcode = X509V3_R_EXTENSION_EXISTS;
-			goto err;
-		}
-		/* If delete, just delete it */
-		if (ext_op == X509V3_ADD_DELETE) {
-			if (!sk_X509_EXTENSION_delete(*x, extidx))
-				return -1;
-			return 1;
-		}
-	} else {
-		/* If replace existing or delete, error since
-		 * extension must exist
-		 */
-		if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
-		    (ext_op == X509V3_ADD_DELETE)) {
-			errcode = X509V3_R_EXTENSION_NOT_FOUND;
-			goto err;
-		}
-	}
-
-	/* If we get this far then we have to create an extension:
-	 * could have some flags for alternative encoding schemes...
-	 */
-
-	ext = X509V3_EXT_i2d(nid, crit, value);
-
-	if (!ext) {
-		X509V3err(X509V3_F_X509V3_ADD1_I2D,
-		    X509V3_R_ERROR_CREATING_EXTENSION);
-		return 0;
-	}
-
-	/* If extension exists replace it.. */
-	if (extidx >= 0) {
-		extmp = sk_X509_EXTENSION_value(*x, extidx);
-		X509_EXTENSION_free(extmp);
-		if (!sk_X509_EXTENSION_set(*x, extidx, ext))
-			return -1;
-		return 1;
-	}
-
-	if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
-		return -1;
-	if (!sk_X509_EXTENSION_push(*x, ext))
-		return -1;
-
-	return 1;
-
-err:
-	if (!(flags & X509V3_ADD_SILENT))
-		X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
-	return 0;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_ncons.c b/lib/libssl/src/crypto/x509v3/v3_ncons.c
deleted file mode 100644
index 2af15726a80..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_ncons.c
+++ /dev/null
@@ -1,560 +0,0 @@
-/* $OpenBSD: v3_ncons.c,v 1.9 2015/07/29 16:13:48 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-    void *a, BIO *bp, int ind);
-static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
-    STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp, int ind, char *name);
-static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
-
-static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
-static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
-static int nc_dn(X509_NAME *sub, X509_NAME *nm);
-static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
-static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
-static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
-
-const X509V3_EXT_METHOD v3_name_constraints = {
-	.ext_nid = NID_name_constraints,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(NAME_CONSTRAINTS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = v2i_NAME_CONSTRAINTS,
-	.i2r = i2r_NAME_CONSTRAINTS,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE GENERAL_SUBTREE_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(GENERAL_SUBTREE, base),
-		.field_name = "base",
-		.item = &GENERAL_NAME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(GENERAL_SUBTREE, minimum),
-		.field_name = "minimum",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(GENERAL_SUBTREE, maximum),
-		.field_name = "maximum",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM GENERAL_SUBTREE_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = GENERAL_SUBTREE_seq_tt,
-	.tcount = sizeof(GENERAL_SUBTREE_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(GENERAL_SUBTREE),
-	.sname = "GENERAL_SUBTREE",
-};
-
-static const ASN1_TEMPLATE NAME_CONSTRAINTS_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(NAME_CONSTRAINTS, permittedSubtrees),
-		.field_name = "permittedSubtrees",
-		.item = &GENERAL_SUBTREE_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(NAME_CONSTRAINTS, excludedSubtrees),
-		.field_name = "excludedSubtrees",
-		.item = &GENERAL_SUBTREE_it,
-	},
-};
-
-const ASN1_ITEM NAME_CONSTRAINTS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = NAME_CONSTRAINTS_seq_tt,
-	.tcount = sizeof(NAME_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(NAME_CONSTRAINTS),
-	.sname = "NAME_CONSTRAINTS",
-};
-
-
-GENERAL_SUBTREE *
-GENERAL_SUBTREE_new(void)
-{
-	return (GENERAL_SUBTREE*)ASN1_item_new(&GENERAL_SUBTREE_it);
-}
-
-void
-GENERAL_SUBTREE_free(GENERAL_SUBTREE *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &GENERAL_SUBTREE_it);
-}
-
-NAME_CONSTRAINTS *
-NAME_CONSTRAINTS_new(void)
-{
-	return (NAME_CONSTRAINTS*)ASN1_item_new(&NAME_CONSTRAINTS_it);
-}
-
-void
-NAME_CONSTRAINTS_free(NAME_CONSTRAINTS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &NAME_CONSTRAINTS_it);
-}
-
-static void *
-v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	int i;
-	CONF_VALUE tval, *val;
-	STACK_OF(GENERAL_SUBTREE) **ptree = NULL;
-	NAME_CONSTRAINTS *ncons = NULL;
-	GENERAL_SUBTREE *sub = NULL;
-
-	ncons = NAME_CONSTRAINTS_new();
-	if (!ncons)
-		goto memerr;
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		if (!strncmp(val->name, "permitted", 9) && val->name[9]) {
-			ptree = &ncons->permittedSubtrees;
-			tval.name = val->name + 10;
-		} else if (!strncmp(val->name, "excluded", 8) && val->name[8]) {
-			ptree = &ncons->excludedSubtrees;
-			tval.name = val->name + 9;
-		} else {
-			X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS,
-			    X509V3_R_INVALID_SYNTAX);
-			goto err;
-		}
-		tval.value = val->value;
-		sub = GENERAL_SUBTREE_new();
-		if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1))
-			goto err;
-		if (!*ptree)
-			*ptree = sk_GENERAL_SUBTREE_new_null();
-		if (!*ptree || !sk_GENERAL_SUBTREE_push(*ptree, sub))
-			goto memerr;
-		sub = NULL;
-	}
-
-	return ncons;
-
-memerr:
-	X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
-err:
-	if (ncons)
-		NAME_CONSTRAINTS_free(ncons);
-	if (sub)
-		GENERAL_SUBTREE_free(sub);
-
-	return NULL;
-}
-
-static int
-i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a, BIO *bp, int ind)
-{
-	NAME_CONSTRAINTS *ncons = a;
-
-	do_i2r_name_constraints(method, ncons->permittedSubtrees,
-	    bp, ind, "Permitted");
-	do_i2r_name_constraints(method, ncons->excludedSubtrees,
-	    bp, ind, "Excluded");
-	return 1;
-}
-
-static int
-do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
-    STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp, int ind, char *name)
-{
-	GENERAL_SUBTREE *tree;
-	int i;
-
-	if (sk_GENERAL_SUBTREE_num(trees) > 0)
-		BIO_printf(bp, "%*s%s:\n", ind, "", name);
-	for (i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) {
-		tree = sk_GENERAL_SUBTREE_value(trees, i);
-		BIO_printf(bp, "%*s", ind + 2, "");
-		if (tree->base->type == GEN_IPADD)
-			print_nc_ipadd(bp, tree->base->d.ip);
-		else
-			GENERAL_NAME_print(bp, tree->base);
-		BIO_puts(bp, "\n");
-	}
-	return 1;
-}
-
-static int
-print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip)
-{
-	int i, len;
-	unsigned char *p;
-
-	p = ip->data;
-	len = ip->length;
-	BIO_puts(bp, "IP:");
-	if (len == 8) {
-		BIO_printf(bp, "%d.%d.%d.%d/%d.%d.%d.%d",
-		    p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
-	} else if (len == 32) {
-		for (i = 0; i < 16; i++) {
-			BIO_printf(bp, "%X", p[0] << 8 | p[1]);
-			p += 2;
-			if (i == 7)
-				BIO_puts(bp, "/");
-			else if (i != 15)
-				BIO_puts(bp, ":");
-		}
-	} else
-		BIO_printf(bp, "IP Address:<invalid>");
-	return 1;
-}
-
-/* Check a certificate conforms to a specified set of constraints.
- * Return values:
- *  X509_V_OK: All constraints obeyed.
- *  X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation.
- *  X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation.
- *  X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type.
- *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:  Unsupported constraint type.
- *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax.
- *  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name
- */
-
-int
-NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
-{
-	int r, i;
-	X509_NAME *nm;
-
-	nm = X509_get_subject_name(x);
-
-	if (X509_NAME_entry_count(nm) > 0) {
-		GENERAL_NAME gntmp;
-		gntmp.type = GEN_DIRNAME;
-		gntmp.d.directoryName = nm;
-
-		r = nc_match(&gntmp, nc);
-
-		if (r != X509_V_OK)
-			return r;
-
-		gntmp.type = GEN_EMAIL;
-
-		/* Process any email address attributes in subject name */
-
-		for (i = -1;;) {
-			X509_NAME_ENTRY *ne;
-			i = X509_NAME_get_index_by_NID(nm,
-			    NID_pkcs9_emailAddress, i);
-			if (i == -1)
-				break;
-			ne = X509_NAME_get_entry(nm, i);
-			gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
-			if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
-				return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-
-			r = nc_match(&gntmp, nc);
-
-			if (r != X509_V_OK)
-				return r;
-		}
-
-	}
-
-	for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++) {
-		GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i);
-		r = nc_match(gen, nc);
-		if (r != X509_V_OK)
-			return r;
-	}
-
-	return X509_V_OK;
-}
-
-static int
-nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
-{
-	GENERAL_SUBTREE *sub;
-	int i, r, match = 0;
-
-	/* Permitted subtrees: if any subtrees exist of matching the type
-	 * at least one subtree must match.
-	 */
-
-	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
-		sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
-		if (gen->type != sub->base->type)
-			continue;
-		if (sub->minimum || sub->maximum)
-			return X509_V_ERR_SUBTREE_MINMAX;
-		/* If we already have a match don't bother trying any more */
-		if (match == 2)
-			continue;
-		if (match == 0)
-			match = 1;
-		r = nc_match_single(gen, sub->base);
-		if (r == X509_V_OK)
-			match = 2;
-		else if (r != X509_V_ERR_PERMITTED_VIOLATION)
-			return r;
-	}
-
-	if (match == 1)
-		return X509_V_ERR_PERMITTED_VIOLATION;
-
-	/* Excluded subtrees: must not match any of these */
-
-	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
-		sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
-		if (gen->type != sub->base->type)
-			continue;
-		if (sub->minimum || sub->maximum)
-			return X509_V_ERR_SUBTREE_MINMAX;
-
-		r = nc_match_single(gen, sub->base);
-		if (r == X509_V_OK)
-			return X509_V_ERR_EXCLUDED_VIOLATION;
-		else if (r != X509_V_ERR_PERMITTED_VIOLATION)
-			return r;
-
-	}
-
-	return X509_V_OK;
-}
-
-static int
-nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
-{
-	switch (base->type) {
-	case GEN_DIRNAME:
-		return nc_dn(gen->d.directoryName, base->d.directoryName);
-
-	case GEN_DNS:
-		return nc_dns(gen->d.dNSName, base->d.dNSName);
-
-	case GEN_EMAIL:
-		return nc_email(gen->d.rfc822Name, base->d.rfc822Name);
-
-	case GEN_URI:
-		return nc_uri(gen->d.uniformResourceIdentifier,
-		    base->d.uniformResourceIdentifier);
-
-	default:
-		return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
-	}
-}
-
-/* directoryName name constraint matching.
- * The canonical encoding of X509_NAME makes this comparison easy. It is
- * matched if the subtree is a subset of the name.
- */
-
-static int
-nc_dn(X509_NAME *nm, X509_NAME *base)
-{
-	/* Ensure canonical encodings are up to date.  */
-	if (nm->modified && i2d_X509_NAME(nm, NULL) < 0)
-		return X509_V_ERR_OUT_OF_MEM;
-	if (base->modified && i2d_X509_NAME(base, NULL) < 0)
-		return X509_V_ERR_OUT_OF_MEM;
-	if (base->canon_enclen > nm->canon_enclen)
-		return X509_V_ERR_PERMITTED_VIOLATION;
-	if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
-		return X509_V_ERR_PERMITTED_VIOLATION;
-	return X509_V_OK;
-}
-
-static int
-nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
-{
-	char *baseptr = (char *)base->data;
-	char *dnsptr = (char *)dns->data;
-
-	/* Empty matches everything */
-	if (!*baseptr)
-		return X509_V_OK;
-	/* Otherwise can add zero or more components on the left so
-	 * compare RHS and if dns is longer and expect '.' as preceding
-	 * character.
-	 */
-	if (dns->length > base->length) {
-		dnsptr += dns->length - base->length;
-		if (dnsptr[-1] != '.')
-			return X509_V_ERR_PERMITTED_VIOLATION;
-	}
-
-	if (strcasecmp(baseptr, dnsptr))
-		return X509_V_ERR_PERMITTED_VIOLATION;
-
-	return X509_V_OK;
-}
-
-static int
-nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
-{
-	const char *baseptr = (char *)base->data;
-	const char *emlptr = (char *)eml->data;
-	const char *baseat = strchr(baseptr, '@');
-	const char *emlat = strchr(emlptr, '@');
-
-	if (!emlat)
-		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-	/* Special case: inital '.' is RHS match */
-	if (!baseat && (*baseptr == '.')) {
-		if (eml->length > base->length) {
-			emlptr += eml->length - base->length;
-			if (!strcasecmp(baseptr, emlptr))
-				return X509_V_OK;
-		}
-		return X509_V_ERR_PERMITTED_VIOLATION;
-	}
-
-	/* If we have anything before '@' match local part */
-
-	if (baseat) {
-		if (baseat != baseptr) {
-			if ((baseat - baseptr) != (emlat - emlptr))
-				return X509_V_ERR_PERMITTED_VIOLATION;
-			/* Case sensitive match of local part */
-			if (strncmp(baseptr, emlptr, emlat - emlptr))
-				return X509_V_ERR_PERMITTED_VIOLATION;
-		}
-		/* Position base after '@' */
-		baseptr = baseat + 1;
-	}
-	emlptr = emlat + 1;
-	/* Just have hostname left to match: case insensitive */
-	if (strcasecmp(baseptr, emlptr))
-		return X509_V_ERR_PERMITTED_VIOLATION;
-
-	return X509_V_OK;
-}
-
-static int
-nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
-{
-	const char *baseptr = (char *)base->data;
-	const char *hostptr = (char *)uri->data;
-	const char *p = strchr(hostptr, ':');
-	int hostlen;
-
-	/* Check for foo:// and skip past it */
-	if (!p || (p[1] != '/') || (p[2] != '/'))
-		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-	hostptr = p + 3;
-
-	/* Determine length of hostname part of URI */
-
-	/* Look for a port indicator as end of hostname first */
-
-	p = strchr(hostptr, ':');
-	/* Otherwise look for trailing slash */
-	if (!p)
-		p = strchr(hostptr, '/');
-
-	if (!p)
-		hostlen = strlen(hostptr);
-	else
-		hostlen = p - hostptr;
-
-	if (hostlen == 0)
-		return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
-
-	/* Special case: inital '.' is RHS match */
-	if (*baseptr == '.') {
-		if (hostlen > base->length) {
-			p = hostptr + hostlen - base->length;
-			if (!strncasecmp(p, baseptr, base->length))
-				return X509_V_OK;
-		}
-		return X509_V_ERR_PERMITTED_VIOLATION;
-	}
-
-	if ((base->length != (int)hostlen) ||
-	    strncasecmp(hostptr, baseptr, hostlen))
-		return X509_V_ERR_PERMITTED_VIOLATION;
-
-	return X509_V_OK;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_ocsp.c b/lib/libssl/src/crypto/x509v3/v3_ocsp.c
deleted file mode 100644
index 696eee5adc3..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_ocsp.c
+++ /dev/null
@@ -1,380 +0,0 @@
-/* $OpenBSD: v3_ocsp.c,v 1.13 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_OCSP
-
-#include <openssl/asn1.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/ocsp.h>
-#include <openssl/x509v3.h>
-
-/* OCSP extensions and a couple of CRL entry extensions
- */
-
-static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
-    BIO *out, int indent);
-static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
-    BIO *out, int indent);
-static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out,
-    int indent);
-
-static void *ocsp_nonce_new(void);
-static int i2d_ocsp_nonce(void *a, unsigned char **pp);
-static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length);
-static void ocsp_nonce_free(void *a);
-static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
-    BIO *out, int indent);
-
-static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method,
-    void *nocheck, BIO *out, int indent);
-static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    const char *str);
-static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
-    BIO *bp, int ind);
-
-const X509V3_EXT_METHOD v3_ocsp_crlid = {
-	.ext_nid = NID_id_pkix_OCSP_CrlID,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(OCSP_CRLID),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_crlid,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_ocsp_acutoff = {
-	.ext_nid = NID_id_pkix_OCSP_archiveCutoff,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_acutoff,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_crl_invdate = {
-	.ext_nid = NID_invalidity_date,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_acutoff,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_crl_hold = {
-	.ext_nid = NID_hold_instruction_code,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_OBJECT),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_object,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_ocsp_nonce = {
-	.ext_nid = NID_id_pkix_OCSP_Nonce,
-	.ext_flags = 0,
-	.it = NULL,
-	.ext_new = ocsp_nonce_new,
-	.ext_free = ocsp_nonce_free,
-	.d2i = d2i_ocsp_nonce,
-	.i2d = i2d_ocsp_nonce,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_nonce,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_ocsp_nocheck = {
-	.ext_nid = NID_id_pkix_OCSP_noCheck,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_NULL),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = s2i_ocsp_nocheck,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_nocheck,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-const X509V3_EXT_METHOD v3_ocsp_serviceloc = {
-	.ext_nid = NID_id_pkix_OCSP_serviceLocator,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(OCSP_SERVICELOC),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = i2r_ocsp_serviceloc,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static int
-i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
-{
-	OCSP_CRLID *a = in;
-	if (a->crlUrl) {
-		if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0)
-			goto err;
-		if (!ASN1_STRING_print(bp, (ASN1_STRING*)a->crlUrl))
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (a->crlNum) {
-		if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0)
-			goto err;
-		if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0)
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	if (a->crlTime) {
-		if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0)
-			goto err;
-		if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime))
-			goto err;
-		if (BIO_write(bp, "\n", 1) <= 0)
-			goto err;
-	}
-	return 1;
-
-err:
-	return 0;
-}
-
-static int
-i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff, BIO *bp,
-    int ind)
-{
-	if (BIO_printf(bp, "%*s", ind, "") <= 0)
-		return 0;
-	if (!ASN1_GENERALIZEDTIME_print(bp, cutoff))
-		return 0;
-	return 1;
-}
-
-static int
-i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp, int ind)
-{
-	if (BIO_printf(bp, "%*s", ind, "") <= 0)
-		return 0;
-	if (i2a_ASN1_OBJECT(bp, oid) <= 0)
-		return 0;
-	return 1;
-}
-
-/* OCSP nonce. This is needs special treatment because it doesn't have
- * an ASN1 encoding at all: it just contains arbitrary data.
- */
-
-static void *
-ocsp_nonce_new(void)
-{
-	return ASN1_OCTET_STRING_new();
-}
-
-static int
-i2d_ocsp_nonce(void *a, unsigned char **pp)
-{
-	ASN1_OCTET_STRING *os = a;
-
-	if (pp) {
-		memcpy(*pp, os->data, os->length);
-		*pp += os->length;
-	}
-	return os->length;
-}
-
-static void *
-d2i_ocsp_nonce(void *a, const unsigned char **pp, long length)
-{
-	ASN1_OCTET_STRING *os, **pos;
-
-	pos = a;
-	if (pos == NULL || *pos == NULL) {
-		os = ASN1_OCTET_STRING_new();
-		if (os == NULL)
-			goto err;
-	} else
-		os = *pos;
-	if (ASN1_OCTET_STRING_set(os, *pp, length) == 0)
-		goto err;
-
-	*pp += length;
-
-	if (pos != NULL)
-		*pos = os;
-	return os;
-
-err:
-	if (pos == NULL || *pos != os)
-		ASN1_OCTET_STRING_free(os);
-	OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE);
-	return NULL;
-}
-
-static void
-ocsp_nonce_free(void *a)
-{
-	ASN1_OCTET_STRING_free(a);
-}
-
-static int
-i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce, BIO *out,
-    int indent)
-{
-	if (BIO_printf(out, "%*s", indent, "") <= 0)
-		return 0;
-	if (i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0)
-		return 0;
-	return 1;
-}
-
-/* Nocheck is just a single NULL. Don't print anything and always set it */
-
-static int
-i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck, BIO *out,
-    int indent)
-{
-	return 1;
-}
-
-static void *
-s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    const char *str)
-{
-	return ASN1_NULL_new();
-}
-
-static int
-i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in, BIO *bp, int ind)
-{
-	int i;
-	OCSP_SERVICELOC *a = in;
-	ACCESS_DESCRIPTION *ad;
-
-	if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0)
-		goto err;
-	if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0)
-		goto err;
-	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) {
-		ad = sk_ACCESS_DESCRIPTION_value(a->locator, i);
-		if (BIO_printf(bp, "\n%*s", (2 * ind), "") <= 0)
-			goto err;
-		if (i2a_ASN1_OBJECT(bp, ad->method) <= 0)
-			goto err;
-		if (BIO_puts(bp, " - ") <= 0)
-			goto err;
-		if (GENERAL_NAME_print(bp, ad->location) <= 0)
-			goto err;
-	}
-	return 1;
-
-err:
-	return 0;
-}
-#endif
diff --git a/lib/libssl/src/crypto/x509v3/v3_pci.c b/lib/libssl/src/crypto/x509v3/v3_pci.c
deleted file mode 100644
index ff1d0876677..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_pci.c
+++ /dev/null
@@ -1,332 +0,0 @@
-/* $OpenBSD: v3_pci.c,v 1.10 2015/07/29 16:13:49 jsing Exp $ */
-/* Contributed to the OpenSSL Project 2004
- * by Richard Levitte (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska H�gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
-    BIO *out, int indent);
-static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_pci = {
-	.ext_nid = NID_proxyCertInfo,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = (X509V3_EXT_I2R)i2r_pci,
-	.r2i = (X509V3_EXT_R2I)r2i_pci,
-	.usr_data = NULL,
-};
-
-static int
-i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci, BIO *out,
-    int indent)
-{
-	BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
-	if (pci->pcPathLengthConstraint)
-		i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
-	else
-		BIO_printf(out, "infinite");
-	BIO_puts(out, "\n");
-	BIO_printf(out, "%*sPolicy Language: ", indent, "");
-	i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
-	BIO_puts(out, "\n");
-	if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
-		BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
-		    pci->proxyPolicy->policy->data);
-	return 1;
-}
-
-static int
-process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
-    ASN1_INTEGER **pathlen, ASN1_OCTET_STRING **policy)
-{
-	int free_policy = 0;
-
-	if (strcmp(val->name, "language") == 0) {
-		if (*language) {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
-			X509V3_conf_err(val);
-			return 0;
-		}
-		if (!(*language = OBJ_txt2obj(val->value, 0))) {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    X509V3_R_INVALID_OBJECT_IDENTIFIER);
-			X509V3_conf_err(val);
-			return 0;
-		}
-	}
-	else if (strcmp(val->name, "pathlen") == 0) {
-		if (*pathlen) {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
-			X509V3_conf_err(val);
-			return 0;
-		}
-		if (!X509V3_get_value_int(val, pathlen)) {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    X509V3_R_POLICY_PATH_LENGTH);
-			X509V3_conf_err(val);
-			return 0;
-		}
-	}
-	else if (strcmp(val->name, "policy") == 0) {
-		unsigned char *tmp_data = NULL;
-		long val_len;
-		if (!*policy) {
-			*policy = ASN1_OCTET_STRING_new();
-			if (!*policy) {
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    ERR_R_MALLOC_FAILURE);
-				X509V3_conf_err(val);
-				return 0;
-			}
-			free_policy = 1;
-		}
-		if (strncmp(val->value, "hex:", 4) == 0) {
-			unsigned char *tmp_data2 =
-			    string_to_hex(val->value + 4, &val_len);
-
-			if (!tmp_data2) {
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    X509V3_R_ILLEGAL_HEX_DIGIT);
-				X509V3_conf_err(val);
-				goto err;
-			}
-
-			tmp_data = realloc((*policy)->data,
-			    (*policy)->length + val_len + 1);
-			if (tmp_data) {
-				(*policy)->data = tmp_data;
-				memcpy(&(*policy)->data[(*policy)->length],
-				    tmp_data2, val_len);
-				(*policy)->length += val_len;
-				(*policy)->data[(*policy)->length] = '\0';
-			} else {
-				free(tmp_data2);
-				free((*policy)->data);
-				(*policy)->data = NULL;
-				(*policy)->length = 0;
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    ERR_R_MALLOC_FAILURE);
-				X509V3_conf_err(val);
-				goto err;
-			}
-			free(tmp_data2);
-		}
-		else if (strncmp(val->value, "file:", 5) == 0) {
-			unsigned char buf[2048];
-			int n;
-			BIO *b = BIO_new_file(val->value + 5, "r");
-			if (!b) {
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    ERR_R_BIO_LIB);
-				X509V3_conf_err(val);
-				goto err;
-			}
-			while ((n = BIO_read(b, buf, sizeof(buf))) > 0 ||
-			    (n == 0 && BIO_should_retry(b))) {
-				if (!n)
-					continue;
-
-				tmp_data = realloc((*policy)->data,
-				    (*policy)->length + n + 1);
-
-				if (!tmp_data)
-					break;
-
-				(*policy)->data = tmp_data;
-				memcpy(&(*policy)->data[(*policy)->length],
-				    buf, n);
-				(*policy)->length += n;
-				(*policy)->data[(*policy)->length] = '\0';
-			}
-			BIO_free_all(b);
-
-			if (n < 0) {
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    ERR_R_BIO_LIB);
-				X509V3_conf_err(val);
-				goto err;
-			}
-		}
-		else if (strncmp(val->value, "text:", 5) == 0) {
-			val_len = strlen(val->value + 5);
-			tmp_data = realloc((*policy)->data,
-			    (*policy)->length + val_len + 1);
-			if (tmp_data) {
-				(*policy)->data = tmp_data;
-				memcpy(&(*policy)->data[(*policy)->length],
-				    val->value + 5, val_len);
-				(*policy)->length += val_len;
-				(*policy)->data[(*policy)->length] = '\0';
-			} else {
-				free((*policy)->data);
-				(*policy)->data = NULL;
-				(*policy)->length = 0;
-				X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-				    ERR_R_MALLOC_FAILURE);
-				X509V3_conf_err(val);
-				goto err;
-			}
-		} else {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
-			X509V3_conf_err(val);
-			goto err;
-		}
-		if (!tmp_data) {
-			X509V3err(X509V3_F_PROCESS_PCI_VALUE,
-			    ERR_R_MALLOC_FAILURE);
-			X509V3_conf_err(val);
-			goto err;
-		}
-	}
-	return 1;
-
-err:
-	if (free_policy) {
-		ASN1_OCTET_STRING_free(*policy);
-		*policy = NULL;
-	}
-	return 0;
-}
-
-static PROXY_CERT_INFO_EXTENSION *
-r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
-{
-	PROXY_CERT_INFO_EXTENSION *pci = NULL;
-	STACK_OF(CONF_VALUE) *vals;
-	ASN1_OBJECT *language = NULL;
-	ASN1_INTEGER *pathlen = NULL;
-	ASN1_OCTET_STRING *policy = NULL;
-	int i, j;
-
-	vals = X509V3_parse_list(value);
-	for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
-		CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
-		if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
-			X509V3err(X509V3_F_R2I_PCI,
-			    X509V3_R_INVALID_PROXY_POLICY_SETTING);
-			X509V3_conf_err(cnf);
-			goto err;
-		}
-		if (*cnf->name == '@') {
-			STACK_OF(CONF_VALUE) *sect;
-			int success_p = 1;
-
-			sect = X509V3_get_section(ctx, cnf->name + 1);
-			if (!sect) {
-				X509V3err(X509V3_F_R2I_PCI,
-				    X509V3_R_INVALID_SECTION);
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-			for (j = 0; success_p &&
-			    j < sk_CONF_VALUE_num(sect); j++) {
-				success_p = process_pci_value(
-				    sk_CONF_VALUE_value(sect, j),
-				    &language, &pathlen, &policy);
-			}
-			X509V3_section_free(ctx, sect);
-			if (!success_p)
-				goto err;
-		} else {
-			if (!process_pci_value(cnf,
-			    &language, &pathlen, &policy)) {
-				X509V3_conf_err(cnf);
-				goto err;
-			}
-		}
-	}
-
-	/* Language is mandatory */
-	if (!language) {
-		X509V3err(X509V3_F_R2I_PCI,
-		    X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
-		goto err;
-	}
-	i = OBJ_obj2nid(language);
-	if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
-		X509V3err(X509V3_F_R2I_PCI,
-		    X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
-		goto err;
-	}
-
-	pci = PROXY_CERT_INFO_EXTENSION_new();
-	if (!pci) {
-		X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	pci->proxyPolicy->policyLanguage = language;
-	language = NULL;
-	pci->proxyPolicy->policy = policy;
-	policy = NULL;
-	pci->pcPathLengthConstraint = pathlen;
-	pathlen = NULL;
-	goto end;
-
-err:
-	if (language) {
-		ASN1_OBJECT_free(language);
-		language = NULL;
-	}
-	if (pathlen) {
-		ASN1_INTEGER_free(pathlen);
-		pathlen = NULL;
-	}
-	if (policy) {
-		ASN1_OCTET_STRING_free(policy);
-		policy = NULL;
-	}
-end:
-	sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
-	return pci;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_pcia.c b/lib/libssl/src/crypto/x509v3/v3_pcia.c
deleted file mode 100644
index f9ec02c00a5..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_pcia.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* $OpenBSD: v3_pcia.c,v 1.6 2015/07/25 16:00:14 jsing Exp $ */
-/* Contributed to the OpenSSL Project 2004
- * by Richard Levitte (richard@levitte.org)
- */
-/* Copyright (c) 2004 Kungliga Tekniska H�gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static const ASN1_TEMPLATE PROXY_POLICY_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PROXY_POLICY, policyLanguage),
-		.field_name = "policyLanguage",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PROXY_POLICY, policy),
-		.field_name = "policy",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM PROXY_POLICY_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PROXY_POLICY_seq_tt,
-	.tcount = sizeof(PROXY_POLICY_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PROXY_POLICY),
-	.sname = "PROXY_POLICY",
-};
-
-
-PROXY_POLICY *
-d2i_PROXY_POLICY(PROXY_POLICY **a, const unsigned char **in, long len)
-{
-	return (PROXY_POLICY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PROXY_POLICY_it);
-}
-
-int
-i2d_PROXY_POLICY(PROXY_POLICY *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PROXY_POLICY_it);
-}
-
-PROXY_POLICY *
-PROXY_POLICY_new(void)
-{
-	return (PROXY_POLICY *)ASN1_item_new(&PROXY_POLICY_it);
-}
-
-void
-PROXY_POLICY_free(PROXY_POLICY *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PROXY_POLICY_it);
-}
-
-static const ASN1_TEMPLATE PROXY_CERT_INFO_EXTENSION_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PROXY_CERT_INFO_EXTENSION, pcPathLengthConstraint),
-		.field_name = "pcPathLengthConstraint",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(PROXY_CERT_INFO_EXTENSION, proxyPolicy),
-		.field_name = "proxyPolicy",
-		.item = &PROXY_POLICY_it,
-	},
-};
-
-const ASN1_ITEM PROXY_CERT_INFO_EXTENSION_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PROXY_CERT_INFO_EXTENSION_seq_tt,
-	.tcount = sizeof(PROXY_CERT_INFO_EXTENSION_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PROXY_CERT_INFO_EXTENSION),
-	.sname = "PROXY_CERT_INFO_EXTENSION",
-};
-
-
-PROXY_CERT_INFO_EXTENSION *
-d2i_PROXY_CERT_INFO_EXTENSION(PROXY_CERT_INFO_EXTENSION **a, const unsigned char **in, long len)
-{
-	return (PROXY_CERT_INFO_EXTENSION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PROXY_CERT_INFO_EXTENSION_it);
-}
-
-int
-i2d_PROXY_CERT_INFO_EXTENSION(PROXY_CERT_INFO_EXTENSION *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PROXY_CERT_INFO_EXTENSION_it);
-}
-
-PROXY_CERT_INFO_EXTENSION *
-PROXY_CERT_INFO_EXTENSION_new(void)
-{
-	return (PROXY_CERT_INFO_EXTENSION *)ASN1_item_new(&PROXY_CERT_INFO_EXTENSION_it);
-}
-
-void
-PROXY_CERT_INFO_EXTENSION_free(PROXY_CERT_INFO_EXTENSION *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PROXY_CERT_INFO_EXTENSION_it);
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_pcons.c b/lib/libssl/src/crypto/x509v3/v3_pcons.c
deleted file mode 100644
index a5a8d8a025d..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_pcons.c
+++ /dev/null
@@ -1,183 +0,0 @@
-/* $OpenBSD: v3_pcons.c,v 1.9 2015/07/29 16:13:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static STACK_OF(CONF_VALUE) *
-i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *bcons,
-    STACK_OF(CONF_VALUE) *extlist);
-static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-
-const X509V3_EXT_METHOD v3_policy_constraints = {
-	.ext_nid = NID_policy_constraints,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(POLICY_CONSTRAINTS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = i2v_POLICY_CONSTRAINTS,
-	.v2i = v2i_POLICY_CONSTRAINTS,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE POLICY_CONSTRAINTS_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(POLICY_CONSTRAINTS, requireExplicitPolicy),
-		.field_name = "requireExplicitPolicy",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(POLICY_CONSTRAINTS, inhibitPolicyMapping),
-		.field_name = "inhibitPolicyMapping",
-		.item = &ASN1_INTEGER_it,
-	},
-};
-
-const ASN1_ITEM POLICY_CONSTRAINTS_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = POLICY_CONSTRAINTS_seq_tt,
-	.tcount = sizeof(POLICY_CONSTRAINTS_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(POLICY_CONSTRAINTS),
-	.sname = "POLICY_CONSTRAINTS",
-};
-
-
-POLICY_CONSTRAINTS *
-POLICY_CONSTRAINTS_new(void)
-{
-	return (POLICY_CONSTRAINTS*)ASN1_item_new(&POLICY_CONSTRAINTS_it);
-}
-
-void
-POLICY_CONSTRAINTS_free(POLICY_CONSTRAINTS *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &POLICY_CONSTRAINTS_it);
-}
-
-static STACK_OF(CONF_VALUE) *
-i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
-    STACK_OF(CONF_VALUE) *extlist)
-{
-	POLICY_CONSTRAINTS *pcons = a;
-
-	X509V3_add_value_int("Require Explicit Policy",
-	    pcons->requireExplicitPolicy, &extlist);
-	X509V3_add_value_int("Inhibit Policy Mapping",
-	    pcons->inhibitPolicyMapping, &extlist);
-	return extlist;
-}
-
-static void *
-v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *values)
-{
-	POLICY_CONSTRAINTS *pcons = NULL;
-	CONF_VALUE *val;
-	int i;
-
-	if (!(pcons = POLICY_CONSTRAINTS_new())) {
-		X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
-		    ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
-		val = sk_CONF_VALUE_value(values, i);
-		if (!strcmp(val->name, "requireExplicitPolicy")) {
-			if (!X509V3_get_value_int(val,
-			    &pcons->requireExplicitPolicy)) goto err;
-		} else if (!strcmp(val->name, "inhibitPolicyMapping")) {
-			if (!X509V3_get_value_int(val,
-			    &pcons->inhibitPolicyMapping)) goto err;
-		} else {
-			X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
-			    X509V3_R_INVALID_NAME);
-			X509V3_conf_err(val);
-			goto err;
-		}
-	}
-	if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) {
-		X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
-		    X509V3_R_ILLEGAL_EMPTY_EXTENSION);
-		goto err;
-	}
-
-	return pcons;
-
-err:
-	POLICY_CONSTRAINTS_free(pcons);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_pku.c b/lib/libssl/src/crypto/x509v3/v3_pku.c
deleted file mode 100644
index caa3608859a..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_pku.c
+++ /dev/null
@@ -1,166 +0,0 @@
-/* $OpenBSD: v3_pku.c,v 1.12 2015/07/29 16:13:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509v3.h>
-
-static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
-    PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
-*/
-const X509V3_EXT_METHOD v3_pkey_usage_period = {
-	.ext_nid = NID_private_key_usage_period,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(PKEY_USAGE_PERIOD),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE PKEY_USAGE_PERIOD_seq_tt[] = {
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 0,
-		.offset = offsetof(PKEY_USAGE_PERIOD, notBefore),
-		.field_name = "notBefore",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-	{
-		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-		.tag = 1,
-		.offset = offsetof(PKEY_USAGE_PERIOD, notAfter),
-		.field_name = "notAfter",
-		.item = &ASN1_GENERALIZEDTIME_it,
-	},
-};
-
-const ASN1_ITEM PKEY_USAGE_PERIOD_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = PKEY_USAGE_PERIOD_seq_tt,
-	.tcount = sizeof(PKEY_USAGE_PERIOD_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(PKEY_USAGE_PERIOD),
-	.sname = "PKEY_USAGE_PERIOD",
-};
-
-
-PKEY_USAGE_PERIOD *
-d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, const unsigned char **in, long len)
-{
-	return (PKEY_USAGE_PERIOD *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &PKEY_USAGE_PERIOD_it);
-}
-
-int
-i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKEY_USAGE_PERIOD_it);
-}
-
-PKEY_USAGE_PERIOD *
-PKEY_USAGE_PERIOD_new(void)
-{
-	return (PKEY_USAGE_PERIOD *)ASN1_item_new(&PKEY_USAGE_PERIOD_it);
-}
-
-void
-PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &PKEY_USAGE_PERIOD_it);
-}
-
-static int
-i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage,
-    BIO *out, int indent)
-{
-	BIO_printf(out, "%*s", indent, "");
-	if (usage->notBefore) {
-		BIO_write(out, "Not Before: ", 12);
-		ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
-		if (usage->notAfter)
-			BIO_write(out, ", ", 2);
-	}
-	if (usage->notAfter) {
-		BIO_write(out, "Not After: ", 11);
-		ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
-	}
-	return 1;
-}
-
-/*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
-X509V3_EXT_METHOD *method;
-X509V3_CTX *ctx;
-STACK_OF(CONF_VALUE) *values;
-{
-return NULL;
-}
-*/
diff --git a/lib/libssl/src/crypto/x509v3/v3_pmaps.c b/lib/libssl/src/crypto/x509v3/v3_pmaps.c
deleted file mode 100644
index f2d9090157f..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_pmaps.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/* $OpenBSD: v3_pmaps.c,v 1.9 2015/07/29 16:13:49 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-
-#include <stdio.h>
-
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(
-    const X509V3_EXT_METHOD *method, void *pmps, STACK_OF(CONF_VALUE) *extlist);
-
-const X509V3_EXT_METHOD v3_policy_mappings = {
-	.ext_nid = NID_policy_mappings,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(POLICY_MAPPINGS),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = i2v_POLICY_MAPPINGS,
-	.v2i = v2i_POLICY_MAPPINGS,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE POLICY_MAPPING_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(POLICY_MAPPING, issuerDomainPolicy),
-		.field_name = "issuerDomainPolicy",
-		.item = &ASN1_OBJECT_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(POLICY_MAPPING, subjectDomainPolicy),
-		.field_name = "subjectDomainPolicy",
-		.item = &ASN1_OBJECT_it,
-	},
-};
-
-const ASN1_ITEM POLICY_MAPPING_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = POLICY_MAPPING_seq_tt,
-	.tcount = sizeof(POLICY_MAPPING_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(POLICY_MAPPING),
-	.sname = "POLICY_MAPPING",
-};
-
-static const ASN1_TEMPLATE POLICY_MAPPINGS_item_tt = {
-	.flags = ASN1_TFLG_SEQUENCE_OF,
-	.tag = 0,
-	.offset = 0,
-	.field_name = "POLICY_MAPPINGS",
-	.item = &POLICY_MAPPING_it,
-};
-
-const ASN1_ITEM POLICY_MAPPINGS_it = {
-	.itype = ASN1_ITYPE_PRIMITIVE,
-	.utype = -1,
-	.templates = &POLICY_MAPPINGS_item_tt,
-	.tcount = 0,
-	.funcs = NULL,
-	.size = 0,
-	.sname = "POLICY_MAPPINGS",
-};
-
-
-POLICY_MAPPING *
-POLICY_MAPPING_new(void)
-{
-	return (POLICY_MAPPING*)ASN1_item_new(&POLICY_MAPPING_it);
-}
-
-void
-POLICY_MAPPING_free(POLICY_MAPPING *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &POLICY_MAPPING_it);
-}
-
-static STACK_OF(CONF_VALUE) *
-i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, void *a,
-    STACK_OF(CONF_VALUE) *ext_list)
-{
-	POLICY_MAPPINGS *pmaps = a;
-	POLICY_MAPPING *pmap;
-	int i;
-	char obj_tmp1[80];
-	char obj_tmp2[80];
-
-	for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
-		pmap = sk_POLICY_MAPPING_value(pmaps, i);
-		i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);
-		i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy);
-		X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list);
-	}
-	return ext_list;
-}
-
-static void *
-v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	POLICY_MAPPINGS *pmaps = NULL;
-	POLICY_MAPPING *pmap = NULL;
-	ASN1_OBJECT *obj1 = NULL, *obj2 = NULL;
-	CONF_VALUE *val;
-	int i, rc;
-
-	if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
-		X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		val = sk_CONF_VALUE_value(nval, i);
-		if (!val->value || !val->name) {
-			rc = X509V3_R_INVALID_OBJECT_IDENTIFIER;
-			goto err;
-		}
-		obj1 = OBJ_txt2obj(val->name, 0);
-		obj2 = OBJ_txt2obj(val->value, 0);
-		if (!obj1 || !obj2) {
-			rc = X509V3_R_INVALID_OBJECT_IDENTIFIER;
-			goto err;
-		}
-		pmap = POLICY_MAPPING_new();
-		if (!pmap) {
-	    		rc = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-		pmap->issuerDomainPolicy = obj1;
-		pmap->subjectDomainPolicy = obj2;
-		obj1 = obj2 = NULL;
-		if (sk_POLICY_MAPPING_push(pmaps, pmap) == 0) {
-	    		rc = ERR_R_MALLOC_FAILURE;
-			goto err;
-		}
-		pmap = NULL;
-	}
-	return pmaps;
-
-err:
-	sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
-	X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, rc);
-	if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER)
-		X509V3_conf_err(val);
-	ASN1_OBJECT_free(obj1);
-	ASN1_OBJECT_free(obj2);
-	POLICY_MAPPING_free(pmap);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_prn.c b/lib/libssl/src/crypto/x509v3/v3_prn.c
deleted file mode 100644
index e2d8dd8c87c..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_prn.c
+++ /dev/null
@@ -1,225 +0,0 @@
-/* $OpenBSD: v3_prn.c,v 1.18 2015/07/29 14:58:34 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <stdio.h>
-
-#include <openssl/conf.h>
-#include <openssl/x509v3.h>
-
-/* Extension printing routines */
-
-static int unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-    int indent, int supported);
-
-/* Print out a name+value stack */
-
-void
-X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml)
-{
-	int i;
-	CONF_VALUE *nval;
-
-	if (!val)
-		return;
-	if (!ml || !sk_CONF_VALUE_num(val)) {
-		BIO_printf(out, "%*s", indent, "");
-		if (!sk_CONF_VALUE_num(val))
-			BIO_puts(out, "<EMPTY>\n");
-	}
-	for (i = 0; i < sk_CONF_VALUE_num(val); i++) {
-		if (ml)
-			BIO_printf(out, "%*s", indent, "");
-		else if (i > 0) BIO_printf(out, ", ");
-			nval = sk_CONF_VALUE_value(val, i);
-		if (!nval->name)
-			BIO_puts(out, nval->value);
-		else if (!nval->value)
-			BIO_puts(out, nval->name);
-		else
-			BIO_printf(out, "%s:%s", nval->name, nval->value);
-		if (ml)
-			BIO_puts(out, "\n");
-	}
-}
-
-/* Main routine: print out a general extension */
-
-int
-X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent)
-{
-	void *ext_str = NULL;
-	char *value = NULL;
-	const unsigned char *p;
-	const X509V3_EXT_METHOD *method;
-	STACK_OF(CONF_VALUE) *nval = NULL;
-	int ok = 1;
-
-	if (!(method = X509V3_EXT_get(ext)))
-		return unknown_ext_print(out, ext, flag, indent, 0);
-	p = ext->value->data;
-	if (method->it)
-		ext_str = ASN1_item_d2i(NULL, &p, ext->value->length,
-		    ASN1_ITEM_ptr(method->it));
-	else
-		ext_str = method->d2i(NULL, &p, ext->value->length);
-
-	if (!ext_str)
-		return unknown_ext_print(out, ext, flag, indent, 1);
-
-	if (method->i2s) {
-		if (!(value = method->i2s(method, ext_str))) {
-			ok = 0;
-			goto err;
-		}
-		BIO_printf(out, "%*s%s", indent, "", value);
-	} else if (method->i2v) {
-		if (!(nval = method->i2v(method, ext_str, NULL))) {
-			ok = 0;
-			goto err;
-		}
-		X509V3_EXT_val_prn(out, nval, indent,
-		    method->ext_flags & X509V3_EXT_MULTILINE);
-	} else if (method->i2r) {
-		if (!method->i2r(method, ext_str, out, indent))
-			ok = 0;
-	} else
-		ok = 0;
-
-err:
-	sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
-	free(value);
-	if (method->it)
-		ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it));
-	else
-		method->ext_free(ext_str);
-	return ok;
-}
-
-int
-X509V3_extensions_print(BIO *bp, char *title, STACK_OF(X509_EXTENSION) *exts,
-    unsigned long flag, int indent)
-{
-	int i, j;
-
-	if (sk_X509_EXTENSION_num(exts) <= 0)
-		return 1;
-
-	if (title) {
-		BIO_printf(bp, "%*s%s:\n",indent, "", title);
-		indent += 4;
-	}
-
-	for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
-		ASN1_OBJECT *obj;
-		X509_EXTENSION *ex;
-		ex = sk_X509_EXTENSION_value(exts, i);
-		if (indent && BIO_printf(bp, "%*s",indent, "") <= 0)
-			return 0;
-		obj = X509_EXTENSION_get_object(ex);
-		i2a_ASN1_OBJECT(bp, obj);
-		j = X509_EXTENSION_get_critical(ex);
-		if (BIO_printf(bp, ": %s\n",j?"critical":"") <= 0)
-			return 0;
-		if (!X509V3_EXT_print(bp, ex, flag, indent + 4)) {
-			BIO_printf(bp, "%*s", indent + 4, "");
-			ASN1_STRING_print(bp, ex->value);
-		}
-		if (BIO_write(bp, "\n",1) <= 0)
-			return 0;
-	}
-	return 1;
-}
-
-static int
-unknown_ext_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
-    int indent, int supported)
-{
-	switch (flag & X509V3_EXT_UNKNOWN_MASK) {
-	case X509V3_EXT_DEFAULT:
-		return 0;
-	case X509V3_EXT_ERROR_UNKNOWN:
-		if (supported)
-			BIO_printf(out, "%*s<Parse Error>", indent, "");
-		else
-			BIO_printf(out, "%*s<Not Supported>", indent, "");
-		return 1;
-	case X509V3_EXT_PARSE_UNKNOWN:
-		return ASN1_parse_dump(out,
-		    ext->value->data, ext->value->length, indent, -1);
-	case X509V3_EXT_DUMP_UNKNOWN:
-		return BIO_dump_indent(out, (char *)ext->value->data,
-		    ext->value->length, indent);
-	default:
-		return 1;
-	}
-}
-
-
-int
-X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
-{
-	BIO *bio_tmp;
-	int ret;
-
-	if (!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE)))
-		return 0;
-	ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
-	BIO_free(bio_tmp);
-	return ret;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_purp.c b/lib/libssl/src/crypto/x509v3/v3_purp.c
deleted file mode 100644
index 69a8d05f264..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_purp.c
+++ /dev/null
@@ -1,861 +0,0 @@
-/* $OpenBSD: v3_purp.c,v 1.26 2015/02/10 13:28:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 2001.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-#include <openssl/x509_vfy.h>
-
-static void x509v3_cache_extensions(X509 *x);
-
-static int check_ssl_ca(const X509 *x);
-static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int purpose_smime(const X509 *x, int ca);
-static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
-    int ca);
-static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
-static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
-
-static int xp_cmp(const X509_PURPOSE * const *a, const X509_PURPOSE * const *b);
-static void xptable_free(X509_PURPOSE *p);
-
-static X509_PURPOSE xstandard[] = {
-	{X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL},
-	{X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL},
-	{X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
-	{X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL},
-	{X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
-	{X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL},
-	{X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL},
-	{X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper, "OCSP helper", "ocsphelper", NULL},
-	{X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0, check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign", NULL},
-};
-
-#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
-
-static STACK_OF(X509_PURPOSE) *xptable = NULL;
-
-static int
-xp_cmp(const X509_PURPOSE * const *a, const X509_PURPOSE * const *b)
-{
-	return (*a)->purpose - (*b)->purpose;
-}
-
-/* As much as I'd like to make X509_check_purpose use a "const" X509*
- * I really can't because it does recalculate hashes and do other non-const
- * things. */
-int
-X509_check_purpose(X509 *x, int id, int ca)
-{
-	int idx;
-	const X509_PURPOSE *pt;
-
-	if (!(x->ex_flags & EXFLAG_SET)) {
-		CRYPTO_w_lock(CRYPTO_LOCK_X509);
-		x509v3_cache_extensions(x);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-	}
-	if (id == -1)
-		return 1;
-	idx = X509_PURPOSE_get_by_id(id);
-	if (idx == -1)
-		return -1;
-	pt = X509_PURPOSE_get0(idx);
-	return pt->check_purpose(pt, x, ca);
-}
-
-int
-X509_PURPOSE_set(int *p, int purpose)
-{
-	if (X509_PURPOSE_get_by_id(purpose) == -1) {
-		X509V3err(X509V3_F_X509_PURPOSE_SET, X509V3_R_INVALID_PURPOSE);
-		return 0;
-	}
-	*p = purpose;
-	return 1;
-}
-
-int
-X509_PURPOSE_get_count(void)
-{
-	if (!xptable)
-		return X509_PURPOSE_COUNT;
-	return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
-}
-
-X509_PURPOSE *
-X509_PURPOSE_get0(int idx)
-{
-	if (idx < 0)
-		return NULL;
-	if (idx < (int)X509_PURPOSE_COUNT)
-		return xstandard + idx;
-	return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
-}
-
-int
-X509_PURPOSE_get_by_sname(char *sname)
-{
-	int i;
-	X509_PURPOSE *xptmp;
-
-	for (i = 0; i < X509_PURPOSE_get_count(); i++) {
-		xptmp = X509_PURPOSE_get0(i);
-		if (!strcmp(xptmp->sname, sname))
-			return i;
-	}
-	return -1;
-}
-
-int
-X509_PURPOSE_get_by_id(int purpose)
-{
-	X509_PURPOSE tmp;
-	int idx;
-
-	if ((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
-		return purpose - X509_PURPOSE_MIN;
-	tmp.purpose = purpose;
-	if (!xptable)
-		return -1;
-	idx = sk_X509_PURPOSE_find(xptable, &tmp);
-	if (idx == -1)
-		return -1;
-	return idx + X509_PURPOSE_COUNT;
-}
-
-int
-X509_PURPOSE_add(int id, int trust, int flags,
-    int (*ck)(const X509_PURPOSE *, const X509 *, int), char *name,
-    char *sname, void *arg)
-{
-	int idx;
-	X509_PURPOSE *ptmp;
-	char *name_dup, *sname_dup;
-
-	name_dup = sname_dup = NULL;
-
-	if (name == NULL || sname == NULL) {
-		X509V3err(X509V3_F_X509_PURPOSE_ADD,
-		    X509V3_R_INVALID_NULL_ARGUMENT);
-		return 0;
-	}
-
-	/* This is set according to what we change: application can't set it */
-	flags &= ~X509_PURPOSE_DYNAMIC;
-	/* This will always be set for application modified trust entries */
-	flags |= X509_PURPOSE_DYNAMIC_NAME;
-	/* Get existing entry if any */
-	idx = X509_PURPOSE_get_by_id(id);
-	/* Need a new entry */
-	if (idx == -1) {
-		if ((ptmp = malloc(sizeof(X509_PURPOSE))) == NULL) {
-			X509V3err(X509V3_F_X509_PURPOSE_ADD,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-		ptmp->flags = X509_PURPOSE_DYNAMIC;
-	} else
-		ptmp = X509_PURPOSE_get0(idx);
-
-	if ((name_dup = strdup(name)) == NULL)
-		goto err;
-	if ((sname_dup = strdup(sname)) == NULL)
-		goto err;
-
-	/* free existing name if dynamic */
-	if (ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
-		free(ptmp->name);
-		free(ptmp->sname);
-	}
-	/* dup supplied name */
-	ptmp->name = name_dup;
-	ptmp->sname = sname_dup;
-	/* Keep the dynamic flag of existing entry */
-	ptmp->flags &= X509_PURPOSE_DYNAMIC;
-	/* Set all other flags */
-	ptmp->flags |= flags;
-
-	ptmp->purpose = id;
-	ptmp->trust = trust;
-	ptmp->check_purpose = ck;
-	ptmp->usr_data = arg;
-
-	/* If its a new entry manage the dynamic table */
-	if (idx == -1) {
-		if (xptable == NULL &&
-		    (xptable = sk_X509_PURPOSE_new(xp_cmp)) == NULL)
-			goto err;
-		if (sk_X509_PURPOSE_push(xptable, ptmp) == 0)
-			goto err;
-	}
-	return 1;
-
-err:
-	free(name_dup);
-	free(sname_dup);
-	if (idx == -1)
-		free(ptmp);
-	X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-static void
-xptable_free(X509_PURPOSE *p)
-{
-	if (!p)
-		return;
-	if (p->flags & X509_PURPOSE_DYNAMIC) {
-		if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
-			free(p->name);
-			free(p->sname);
-		}
-		free(p);
-	}
-}
-
-void
-X509_PURPOSE_cleanup(void)
-{
-	unsigned int i;
-
-	sk_X509_PURPOSE_pop_free(xptable, xptable_free);
-	for(i = 0; i < X509_PURPOSE_COUNT; i++)
-		xptable_free(xstandard + i);
-	xptable = NULL;
-}
-
-int
-X509_PURPOSE_get_id(X509_PURPOSE *xp)
-{
-	return xp->purpose;
-}
-
-char *
-X509_PURPOSE_get0_name(X509_PURPOSE *xp)
-{
-	return xp->name;
-}
-
-char *
-X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
-{
-	return xp->sname;
-}
-
-int
-X509_PURPOSE_get_trust(X509_PURPOSE *xp)
-{
-	return xp->trust;
-}
-
-static int
-nid_cmp(const int *a, const int *b)
-{
-	return *a - *b;
-}
-
-DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid);
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid);
-
-int
-X509_supported_extension(X509_EXTENSION *ex)
-{
-	/* This table is a list of the NIDs of supported extensions:
-	 * that is those which are used by the verify process. If
-	 * an extension is critical and doesn't appear in this list
-	 * then the verify process will normally reject the certificate.
-	 * The list must be kept in numerical order because it will be
-	 * searched using bsearch.
-	 */
-
-	static const int supported_nids[] = {
-		NID_netscape_cert_type, /* 71 */
-		NID_key_usage,		/* 83 */
-		NID_subject_alt_name,	/* 85 */
-		NID_basic_constraints,	/* 87 */
-		NID_certificate_policies, /* 89 */
-		NID_ext_key_usage,	/* 126 */
-		NID_policy_constraints,	/* 401 */
-		NID_proxyCertInfo,	/* 663 */
-		NID_name_constraints,	/* 666 */
-		NID_policy_mappings,	/* 747 */
-		NID_inhibit_any_policy	/* 748 */
-	};
-
-	int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
-
-	if (ex_nid == NID_undef)
-		return 0;
-
-	if (OBJ_bsearch_nid(&ex_nid, supported_nids,
-	    sizeof(supported_nids) / sizeof(int)))
-		return 1;
-	return 0;
-}
-
-static void
-setup_dp(X509 *x, DIST_POINT *dp)
-{
-	X509_NAME *iname = NULL;
-	int i;
-
-	if (dp->reasons) {
-		if (dp->reasons->length > 0)
-			dp->dp_reasons = dp->reasons->data[0];
-		if (dp->reasons->length > 1)
-			dp->dp_reasons |= (dp->reasons->data[1] << 8);
-		dp->dp_reasons &= CRLDP_ALL_REASONS;
-	} else
-		dp->dp_reasons = CRLDP_ALL_REASONS;
-	if (!dp->distpoint || (dp->distpoint->type != 1))
-		return;
-	for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
-		GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
-		if (gen->type == GEN_DIRNAME) {
-			iname = gen->d.directoryName;
-			break;
-		}
-	}
-	if (!iname)
-		iname = X509_get_issuer_name(x);
-
-	DIST_POINT_set_dpname(dp->distpoint, iname);
-
-}
-
-static void
-setup_crldp(X509 *x)
-{
-	int i;
-
-	x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
-	for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
-		setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
-}
-
-static void
-x509v3_cache_extensions(X509 *x)
-{
-	BASIC_CONSTRAINTS *bs;
-	PROXY_CERT_INFO_EXTENSION *pci;
-	ASN1_BIT_STRING *usage;
-	ASN1_BIT_STRING *ns;
-	EXTENDED_KEY_USAGE *extusage;
-	X509_EXTENSION *ex;
-
-	int i;
-	if (x->ex_flags & EXFLAG_SET)
-		return;
-#ifndef OPENSSL_NO_SHA
-	X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
-#endif
-	/* Does subject name match issuer ? */
-	if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x)))
-		x->ex_flags |= EXFLAG_SI;
-	/* V1 should mean no extensions ... */
-	if (!X509_get_version(x))
-		x->ex_flags |= EXFLAG_V1;
-	/* Handle basic constraints */
-	if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
-		if (bs->ca)
-			x->ex_flags |= EXFLAG_CA;
-		if (bs->pathlen) {
-			if ((bs->pathlen->type == V_ASN1_NEG_INTEGER) ||
-			    !bs->ca) {
-				x->ex_flags |= EXFLAG_INVALID;
-				x->ex_pathlen = 0;
-			} else
-				x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
-		} else
-			x->ex_pathlen = -1;
-		BASIC_CONSTRAINTS_free(bs);
-		x->ex_flags |= EXFLAG_BCONS;
-	}
-	/* Handle proxy certificates */
-	if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
-		if (x->ex_flags & EXFLAG_CA ||
-		    X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0 ||
-		    X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
-			x->ex_flags |= EXFLAG_INVALID;
-		}
-		if (pci->pcPathLengthConstraint) {
-			x->ex_pcpathlen =
-			    ASN1_INTEGER_get(pci->pcPathLengthConstraint);
-		} else
-			x->ex_pcpathlen = -1;
-		PROXY_CERT_INFO_EXTENSION_free(pci);
-		x->ex_flags |= EXFLAG_PROXY;
-	}
-	/* Handle key usage */
-	if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
-		if (usage->length > 0) {
-			x->ex_kusage = usage->data[0];
-			if (usage->length > 1)
-				x->ex_kusage |= usage->data[1] << 8;
-		} else
-			x->ex_kusage = 0;
-		x->ex_flags |= EXFLAG_KUSAGE;
-		ASN1_BIT_STRING_free(usage);
-	}
-	x->ex_xkusage = 0;
-	if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
-		x->ex_flags |= EXFLAG_XKUSAGE;
-		for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
-			switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {
-			case NID_server_auth:
-				x->ex_xkusage |= XKU_SSL_SERVER;
-				break;
-
-			case NID_client_auth:
-				x->ex_xkusage |= XKU_SSL_CLIENT;
-				break;
-
-			case NID_email_protect:
-				x->ex_xkusage |= XKU_SMIME;
-				break;
-
-			case NID_code_sign:
-				x->ex_xkusage |= XKU_CODE_SIGN;
-				break;
-
-			case NID_ms_sgc:
-			case NID_ns_sgc:
-				x->ex_xkusage |= XKU_SGC;
-				break;
-
-			case NID_OCSP_sign:
-				x->ex_xkusage |= XKU_OCSP_SIGN;
-				break;
-
-			case NID_time_stamp:
-				x->ex_xkusage |= XKU_TIMESTAMP;
-				break;
-
-			case NID_dvcs:
-				x->ex_xkusage |= XKU_DVCS;
-				break;
-			}
-		}
-		sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
-	}
-
-	if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
-		if (ns->length > 0)
-			x->ex_nscert = ns->data[0];
-		else
-			x->ex_nscert = 0;
-		x->ex_flags |= EXFLAG_NSCERT;
-		ASN1_BIT_STRING_free(ns);
-	}
-
-	x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
-	x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
-	x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-	x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
-	if (!x->nc && (i != -1))
-		x->ex_flags |= EXFLAG_INVALID;
-	setup_crldp(x);
-
-	for (i = 0; i < X509_get_ext_count(x); i++) {
-		ex = X509_get_ext(x, i);
-		if (OBJ_obj2nid(X509_EXTENSION_get_object(ex)) ==
-		    NID_freshest_crl)
-			x->ex_flags |= EXFLAG_FRESHEST;
-		if (!X509_EXTENSION_get_critical(ex))
-			continue;
-		if (!X509_supported_extension(ex)) {
-			x->ex_flags |= EXFLAG_CRITICAL;
-			break;
-		}
-	}
-	x->ex_flags |= EXFLAG_SET;
-}
-
-/* CA checks common to all purposes
- * return codes:
- * 0 not a CA
- * 1 is a CA
- * 2 basicConstraints absent so "maybe" a CA
- * 3 basicConstraints absent but self signed V1.
- * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
- */
-
-#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
-#define ku_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-#define xku_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
-#define ns_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
-
-static int
-check_ca(const X509 *x)
-{
-	/* keyUsage if present should allow cert signing */
-	if (ku_reject(x, KU_KEY_CERT_SIGN))
-		return 0;
-	if (x->ex_flags & EXFLAG_BCONS) {
-		if (x->ex_flags & EXFLAG_CA)
-			return 1;
-		/* If basicConstraints says not a CA then say so */
-		else
-			return 0;
-	} else {
-		/* we support V1 roots for...  uh, I don't really know why. */
-		if ((x->ex_flags & V1_ROOT) == V1_ROOT)
-			return 3;
-		/* If key usage present it must have certSign so tolerate it */
-		else if (x->ex_flags & EXFLAG_KUSAGE)
-			return 4;
-		/* Older certificates could have Netscape-specific CA types */
-		else if (x->ex_flags & EXFLAG_NSCERT &&
-		    x->ex_nscert & NS_ANY_CA)
-			return 5;
-		/* can this still be regarded a CA certificate?  I doubt it */
-		return 0;
-	}
-}
-
-int
-X509_check_ca(X509 *x)
-{
-	if (!(x->ex_flags & EXFLAG_SET)) {
-		CRYPTO_w_lock(CRYPTO_LOCK_X509);
-		x509v3_cache_extensions(x);
-		CRYPTO_w_unlock(CRYPTO_LOCK_X509);
-	}
-
-	return check_ca(x);
-}
-
-/* Check SSL CA: common checks for SSL client and server */
-static int
-check_ssl_ca(const X509 *x)
-{
-	int ca_ret;
-
-	ca_ret = check_ca(x);
-	if (!ca_ret)
-		return 0;
-	/* check nsCertType if present */
-	if (ca_ret != 5 || x->ex_nscert & NS_SSL_CA)
-		return ca_ret;
-	else
-		return 0;
-}
-
-static int
-check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if (xku_reject(x, XKU_SSL_CLIENT))
-		return 0;
-	if (ca)
-		return check_ssl_ca(x);
-	/* We need to do digital signatures with it */
-	if (ku_reject(x, KU_DIGITAL_SIGNATURE))
-		return 0;
-	/* nsCertType if present should allow SSL client use */
-	if (ns_reject(x, NS_SSL_CLIENT))
-		return 0;
-	return 1;
-}
-
-static int
-check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if (xku_reject(x, XKU_SSL_SERVER|XKU_SGC))
-		return 0;
-	if (ca)
-		return check_ssl_ca(x);
-
-	if (ns_reject(x, NS_SSL_SERVER))
-		return 0;
-	/* Now as for keyUsage: we'll at least need to sign OR encipher */
-	if (ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT))
-		return 0;
-
-	return 1;
-}
-
-static int
-check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-
-	ret = check_purpose_ssl_server(xp, x, ca);
-	if (!ret || ca)
-		return ret;
-	/* We need to encipher or Netscape complains */
-	if (ku_reject(x, KU_KEY_ENCIPHERMENT))
-		return 0;
-	return ret;
-}
-
-/* common S/MIME checks */
-static int
-purpose_smime(const X509 *x, int ca)
-{
-	if (xku_reject(x, XKU_SMIME))
-		return 0;
-	if (ca) {
-		int ca_ret;
-		ca_ret = check_ca(x);
-		if (!ca_ret)
-			return 0;
-		/* check nsCertType if present */
-		if (ca_ret != 5 || x->ex_nscert & NS_SMIME_CA)
-			return ca_ret;
-		else
-			return 0;
-	}
-	if (x->ex_flags & EXFLAG_NSCERT) {
-		if (x->ex_nscert & NS_SMIME)
-			return 1;
-		/* Workaround for some buggy certificates */
-		if (x->ex_nscert & NS_SSL_CLIENT)
-			return 2;
-		return 0;
-	}
-	return 1;
-}
-
-static int
-check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-
-	ret = purpose_smime(x, ca);
-	if (!ret || ca)
-		return ret;
-	if (ku_reject(x, KU_DIGITAL_SIGNATURE|KU_NON_REPUDIATION))
-		return 0;
-	return ret;
-}
-
-static int
-check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int ret;
-
-	ret = purpose_smime(x, ca);
-	if (!ret || ca)
-		return ret;
-	if (ku_reject(x, KU_KEY_ENCIPHERMENT))
-		return 0;
-	return ret;
-}
-
-static int
-check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	if (ca) {
-		int ca_ret;
-		if ((ca_ret = check_ca(x)) != 2)
-			return ca_ret;
-		else
-			return 0;
-	}
-	if (ku_reject(x, KU_CRL_SIGN))
-		return 0;
-	return 1;
-}
-
-/* OCSP helper: this is *not* a full OCSP check. It just checks that
- * each CA is valid. Additional checks must be made on the chain.
- */
-static int
-ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	/* Must be a valid CA.  Should we really support the "I don't know"
-	   value (2)? */
-	if (ca)
-		return check_ca(x);
-	/* leaf certificate is checked in OCSP_verify() */
-	return 1;
-}
-
-static int
-check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	int i_ext;
-
-	/* If ca is true we must return if this is a valid CA certificate. */
-	if (ca)
-		return check_ca(x);
-
-	/*
-	 * Check the optional key usage field:
-	 * if Key Usage is present, it must be one of digitalSignature
-	 * and/or nonRepudiation (other values are not consistent and shall
-	 * be rejected).
-	 */
-	if ((x->ex_flags & EXFLAG_KUSAGE) &&
-	    ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||
-	    !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))
-		return 0;
-
-	/* Only time stamp key usage is permitted and it's required. */
-	if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)
-		return 0;
-
-	/* Extended Key Usage MUST be critical */
-	i_ext = X509_get_ext_by_NID((X509 *) x, NID_ext_key_usage, -1);
-	if (i_ext >= 0) {
-		X509_EXTENSION *ext = X509_get_ext((X509 *) x, i_ext);
-		if (!X509_EXTENSION_get_critical(ext))
-			return 0;
-	}
-
-	return 1;
-}
-
-static int
-no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
-{
-	return 1;
-}
-
-/* Various checks to see if one certificate issued the second.
- * This can be used to prune a set of possible issuer certificates
- * which have been looked up using some simple method such as by
- * subject name.
- * These are:
- * 1. Check issuer_name(subject) == subject_name(issuer)
- * 2. If akid(subject) exists check it matches issuer
- * 3. If key_usage(issuer) exists check it supports certificate signing
- * returns 0 for OK, positive for reason for mismatch, reasons match
- * codes for X509_verify_cert()
- */
-
-int
-X509_check_issued(X509 *issuer, X509 *subject)
-{
-	if (X509_NAME_cmp(X509_get_subject_name(issuer),
-	    X509_get_issuer_name(subject)))
-		return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
-	x509v3_cache_extensions(issuer);
-	x509v3_cache_extensions(subject);
-
-	if (subject->akid) {
-		int ret = X509_check_akid(issuer, subject->akid);
-		if (ret != X509_V_OK)
-			return ret;
-	}
-
-	if (subject->ex_flags & EXFLAG_PROXY) {
-		if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
-			return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
-	} else if (ku_reject(issuer, KU_KEY_CERT_SIGN))
-		return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
-	return X509_V_OK;
-}
-
-int
-X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
-{
-	if (!akid)
-		return X509_V_OK;
-
-	/* Check key ids (if present) */
-	if (akid->keyid && issuer->skid &&
-	    ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid) )
-		return X509_V_ERR_AKID_SKID_MISMATCH;
-	/* Check serial number */
-	if (akid->serial &&
-	    ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))
-		return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-	/* Check issuer name */
-	if (akid->issuer) {
-		/* Ugh, for some peculiar reason AKID includes
-		 * SEQUENCE OF GeneralName. So look for a DirName.
-		 * There may be more than one but we only take any
-		 * notice of the first.
-		 */
-		GENERAL_NAMES *gens;
-		GENERAL_NAME *gen;
-		X509_NAME *nm = NULL;
-		int i;
-		gens = akid->issuer;
-		for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-			gen = sk_GENERAL_NAME_value(gens, i);
-			if (gen->type == GEN_DIRNAME) {
-				nm = gen->d.dirn;
-				break;
-			}
-		}
-		if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
-			return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
-	}
-	return X509_V_OK;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_skey.c b/lib/libssl/src/crypto/x509v3/v3_skey.c
deleted file mode 100644
index f742b67b339..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_skey.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/* $OpenBSD: v3_skey.c,v 1.13 2015/09/30 18:41:06 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
-    X509V3_CTX *ctx, char *str);
-
-const X509V3_EXT_METHOD v3_skey_id = {
-	.ext_nid = NID_subject_key_identifier,
-	.ext_flags = 0,
-	.it = ASN1_ITEM_ref(ASN1_OCTET_STRING),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
-	.s2i = (X509V3_EXT_S2I)s2i_skey_id,
-	.i2v = NULL,
-	.v2i = NULL,
-	.i2r = NULL,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-char *
-i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)
-{
-	return hex_to_string(oct->data, oct->length);
-}
-
-ASN1_OCTET_STRING *
-s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
-{
-	ASN1_OCTET_STRING *oct;
-	long length;
-
-	if (!(oct = ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (!(oct->data = string_to_hex(str, &length))) {
-		ASN1_OCTET_STRING_free(oct);
-		return NULL;
-	}
-
-	oct->length = length;
-
-	return oct;
-}
-
-static ASN1_OCTET_STRING *
-s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
-{
-	ASN1_OCTET_STRING *oct;
-	ASN1_BIT_STRING *pk;
-	unsigned char pkey_dig[EVP_MAX_MD_SIZE];
-	unsigned int diglen;
-
-	if (strcmp(str, "hash"))
-		return s2i_ASN1_OCTET_STRING(method, ctx, str);
-
-	if (!(oct = ASN1_OCTET_STRING_new())) {
-		X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-
-	if (ctx && (ctx->flags == CTX_TEST))
-		return oct;
-
-	if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
-		X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
-		goto err;
-	}
-
-	if (ctx->subject_req)
-		pk = ctx->subject_req->req_info->pubkey->public_key;
-	else
-		pk = ctx->subject_cert->cert_info->key->public_key;
-
-	if (!pk) {
-		X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
-		goto err;
-	}
-
-	if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen,
-	    EVP_sha1(), NULL))
-		goto err;
-
-	if (!ASN1_STRING_set(oct, pkey_dig, diglen)) {
-		X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	return oct;
-
-err:
-	ASN1_OCTET_STRING_free(oct);
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_sxnet.c b/lib/libssl/src/crypto/x509v3/v3_sxnet.c
deleted file mode 100644
index 29976b1d687..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_sxnet.c
+++ /dev/null
@@ -1,386 +0,0 @@
-/* $OpenBSD: v3_sxnet.c,v 1.17 2015/09/30 17:30:16 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* Support for Thawte strong extranet extension */
-
-#define SXNET_TEST
-
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
-    int indent);
-#ifdef SXNET_TEST
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval);
-#endif
-
-const X509V3_EXT_METHOD v3_sxnet = {
-	.ext_nid = NID_sxnet,
-	.ext_flags = X509V3_EXT_MULTILINE,
-	.it = ASN1_ITEM_ref(SXNET),
-	.ext_new = NULL,
-	.ext_free = NULL,
-	.d2i = NULL,
-	.i2d = NULL,
-	.i2s = NULL,
-	.s2i = NULL,
-	.i2v = NULL,
-#ifdef SXNET_TEST
-	.v2i = (X509V3_EXT_V2I)sxnet_v2i,
-#else
-	.v2i = NULL,
-#endif
-	.i2r = (X509V3_EXT_I2R)sxnet_i2r,
-	.r2i = NULL,
-	.usr_data = NULL,
-};
-
-static const ASN1_TEMPLATE SXNETID_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(SXNETID, zone),
-		.field_name = "zone",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(SXNETID, user),
-		.field_name = "user",
-		.item = &ASN1_OCTET_STRING_it,
-	},
-};
-
-const ASN1_ITEM SXNETID_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = SXNETID_seq_tt,
-	.tcount = sizeof(SXNETID_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(SXNETID),
-	.sname = "SXNETID",
-};
-
-
-SXNETID *
-d2i_SXNETID(SXNETID **a, const unsigned char **in, long len)
-{
-	return (SXNETID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &SXNETID_it);
-}
-
-int
-i2d_SXNETID(SXNETID *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNETID_it);
-}
-
-SXNETID *
-SXNETID_new(void)
-{
-	return (SXNETID *)ASN1_item_new(&SXNETID_it);
-}
-
-void
-SXNETID_free(SXNETID *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &SXNETID_it);
-}
-
-static const ASN1_TEMPLATE SXNET_seq_tt[] = {
-	{
-		.flags = 0,
-		.tag = 0,
-		.offset = offsetof(SXNET, version),
-		.field_name = "version",
-		.item = &ASN1_INTEGER_it,
-	},
-	{
-		.flags = ASN1_TFLG_SEQUENCE_OF,
-		.tag = 0,
-		.offset = offsetof(SXNET, ids),
-		.field_name = "ids",
-		.item = &SXNETID_it,
-	},
-};
-
-const ASN1_ITEM SXNET_it = {
-	.itype = ASN1_ITYPE_SEQUENCE,
-	.utype = V_ASN1_SEQUENCE,
-	.templates = SXNET_seq_tt,
-	.tcount = sizeof(SXNET_seq_tt) / sizeof(ASN1_TEMPLATE),
-	.funcs = NULL,
-	.size = sizeof(SXNET),
-	.sname = "SXNET",
-};
-
-
-SXNET *
-d2i_SXNET(SXNET **a, const unsigned char **in, long len)
-{
-	return (SXNET *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-	    &SXNET_it);
-}
-
-int
-i2d_SXNET(SXNET *a, unsigned char **out)
-{
-	return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNET_it);
-}
-
-SXNET *
-SXNET_new(void)
-{
-	return (SXNET *)ASN1_item_new(&SXNET_it);
-}
-
-void
-SXNET_free(SXNET *a)
-{
-	ASN1_item_free((ASN1_VALUE *)a, &SXNET_it);
-}
-
-static int
-sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent)
-{
-	long v;
-	char *tmp;
-	SXNETID *id;
-	int i;
-
-	v = ASN1_INTEGER_get(sx->version);
-	BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
-	for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-		id = sk_SXNETID_value(sx->ids, i);
-		tmp = i2s_ASN1_INTEGER(NULL, id->zone);
-		BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
-		free(tmp);
-		ASN1_STRING_print(out, id->user);
-	}
-	return 1;
-}
-
-#ifdef SXNET_TEST
-
-/* NBB: this is used for testing only. It should *not* be used for anything
- * else because it will just take static IDs from the configuration file and
- * they should really be separate values for each user.
- */
-
-static SXNET *
-sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-	CONF_VALUE *cnf;
-	SXNET *sx = NULL;
-	int i;
-
-	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-		cnf = sk_CONF_VALUE_value(nval, i);
-		if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
-			return NULL;
-	}
-	return sx;
-}
-
-#endif
-
-/* Strong Extranet utility functions */
-
-/* Add an id given the zone as an ASCII number */
-
-int
-SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
-{
-	ASN1_INTEGER *izone = NULL;
-
-	if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_ASC,
-		    X509V3_R_ERROR_CONVERTING_ZONE);
-		return 0;
-	}
-	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-
-/* Add an id given the zone as an unsigned long */
-
-int
-SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen)
-{
-	ASN1_INTEGER *izone = NULL;
-
-	if (!(izone = ASN1_INTEGER_new()) ||
-	    !ASN1_INTEGER_set(izone, lzone)) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
-		ASN1_INTEGER_free(izone);
-		return 0;
-	}
-	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-
-/* Add an id given the zone as an ASN1_INTEGER.
- * Note this version uses the passed integer and doesn't make a copy so don't
- * free it up afterwards.
- */
-
-int
-SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, int userlen)
-{
-	SXNET *sx = NULL;
-	SXNETID *id = NULL;
-
-	if (!psx || !zone || !user) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
-		    X509V3_R_INVALID_NULL_ARGUMENT);
-		return 0;
-	}
-	if (userlen == -1)
-		userlen = strlen(user);
-	if (userlen > 64) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
-		    X509V3_R_USER_TOO_LONG);
-		return 0;
-	}
-	if (!*psx) {
-		if (!(sx = SXNET_new()))
-			goto err;
-		if (!ASN1_INTEGER_set(sx->version, 0))
-			goto err;
-		*psx = sx;
-	} else
-		sx = *psx;
-	if (SXNET_get_id_INTEGER(sx, zone)) {
-		X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
-		    X509V3_R_DUPLICATE_ZONE_ID);
-		return 0;
-	}
-
-	if (!(id = SXNETID_new()))
-		goto err;
-	if (userlen == -1)
-		userlen = strlen(user);
-
-	if (!ASN1_STRING_set(id->user, user, userlen))
-		goto err;
-	if (!sk_SXNETID_push(sx->ids, id))
-		goto err;
-	id->zone = zone;
-	return 1;
-
-err:
-	X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, ERR_R_MALLOC_FAILURE);
-	SXNETID_free(id);
-	SXNET_free(sx);
-	*psx = NULL;
-	return 0;
-}
-
-ASN1_OCTET_STRING *
-SXNET_get_id_asc(SXNET *sx, char *zone)
-{
-	ASN1_INTEGER *izone = NULL;
-	ASN1_OCTET_STRING *oct;
-
-	if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-		X509V3err(X509V3_F_SXNET_GET_ID_ASC,
-		    X509V3_R_ERROR_CONVERTING_ZONE);
-		return NULL;
-	}
-	oct = SXNET_get_id_INTEGER(sx, izone);
-	ASN1_INTEGER_free(izone);
-	return oct;
-}
-
-ASN1_OCTET_STRING *
-SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
-{
-	ASN1_INTEGER *izone = NULL;
-	ASN1_OCTET_STRING *oct;
-
-	if (!(izone = ASN1_INTEGER_new()) ||
-	    !ASN1_INTEGER_set(izone, lzone)) {
-		X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
-		ASN1_INTEGER_free(izone);
-		return NULL;
-	}
-	oct = SXNET_get_id_INTEGER(sx, izone);
-	ASN1_INTEGER_free(izone);
-	return oct;
-}
-
-ASN1_OCTET_STRING *
-SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
-{
-	SXNETID *id;
-	int i;
-
-	for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-		id = sk_SXNETID_value(sx->ids, i);
-		if (!ASN1_STRING_cmp(id->zone, zone))
-			return id->user;
-	}
-	return NULL;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3_utl.c b/lib/libssl/src/crypto/x509v3/v3_utl.c
deleted file mode 100644
index ee135a0b523..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3_utl.c
+++ /dev/null
@@ -1,925 +0,0 @@
-/* $OpenBSD: v3_utl.c,v 1.24 2015/02/07 13:19:15 doug Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project.
- */
-/* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* X509 v3 extension utilities */
-
-#include <ctype.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <openssl/bn.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-static char *strip_spaces(char *name);
-static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
-    GENERAL_NAMES *gens);
-static void str_free(OPENSSL_STRING str);
-static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
-
-static int ipv4_from_asc(unsigned char *v4, const char *in);
-static int ipv6_from_asc(unsigned char *v6, const char *in);
-static int ipv6_cb(const char *elem, int len, void *usr);
-static int ipv6_hex(unsigned char *out, const char *in, int inlen);
-
-/* Add a CONF_VALUE name value pair to stack */
-
-int
-X509V3_add_value(const char *name, const char *value,
-    STACK_OF(CONF_VALUE) **extlist)
-{
-	CONF_VALUE *vtmp = NULL;
-	char *tname = NULL, *tvalue = NULL;
-
-	if (name && !(tname = strdup(name)))
-		goto err;
-	if (value && !(tvalue = strdup(value)))
-		goto err;
-	if (!(vtmp = malloc(sizeof(CONF_VALUE))))
-		goto err;
-	if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
-		goto err;
-	vtmp->section = NULL;
-	vtmp->name = tname;
-	vtmp->value = tvalue;
-	if (!sk_CONF_VALUE_push(*extlist, vtmp))
-		goto err;
-	return 1;
-
-err:
-	X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
-	free(vtmp);
-	free(tname);
-	free(tvalue);
-	return 0;
-}
-
-int
-X509V3_add_value_uchar(const char *name, const unsigned char *value,
-    STACK_OF(CONF_VALUE) **extlist)
-{
-	return X509V3_add_value(name, (const char *)value, extlist);
-}
-
-/* Free function for STACK_OF(CONF_VALUE) */
-
-void
-X509V3_conf_free(CONF_VALUE *conf)
-{
-	if (!conf)
-		return;
-	free(conf->name);
-	free(conf->value);
-	free(conf->section);
-	free(conf);
-}
-
-int
-X509V3_add_value_bool(const char *name, int asn1_bool,
-    STACK_OF(CONF_VALUE) **extlist)
-{
-	if (asn1_bool)
-		return X509V3_add_value(name, "TRUE", extlist);
-	return X509V3_add_value(name, "FALSE", extlist);
-}
-
-int
-X509V3_add_value_bool_nf(char *name, int asn1_bool,
-    STACK_OF(CONF_VALUE) **extlist)
-{
-	if (asn1_bool)
-		return X509V3_add_value(name, "TRUE", extlist);
-	return 1;
-}
-
-
-char *
-i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
-{
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-
-	if (!a)
-		return NULL;
-	if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)))
-		X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
-}
-
-char *
-i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
-{
-	BIGNUM *bntmp = NULL;
-	char *strtmp = NULL;
-
-	if (!a)
-		return NULL;
-	if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
-	    !(strtmp = BN_bn2dec(bntmp)))
-		X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
-	BN_free(bntmp);
-	return strtmp;
-}
-
-ASN1_INTEGER *
-s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
-{
-	BIGNUM *bn = NULL;
-	ASN1_INTEGER *aint;
-	int isneg, ishex;
-	int ret;
-
-	if (!value) {
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER,
-		    X509V3_R_INVALID_NULL_VALUE);
-		return 0;
-	}
-	bn = BN_new();
-	if (value[0] == '-') {
-		value++;
-		isneg = 1;
-	} else
-		isneg = 0;
-
-	if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
-		value += 2;
-		ishex = 1;
-	} else
-		ishex = 0;
-
-	if (ishex)
-		ret = BN_hex2bn(&bn, value);
-	else
-		ret = BN_dec2bn(&bn, value);
-
-	if (!ret || value[ret]) {
-		BN_free(bn);
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR);
-		return 0;
-	}
-
-	if (isneg && BN_is_zero(bn))
-		isneg = 0;
-
-	aint = BN_to_ASN1_INTEGER(bn, NULL);
-	BN_free(bn);
-	if (!aint) {
-		X509V3err(X509V3_F_S2I_ASN1_INTEGER,
-		    X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
-		return 0;
-	}
-	if (isneg)
-		aint->type |= V_ASN1_NEG;
-	return aint;
-}
-
-int
-X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-    STACK_OF(CONF_VALUE) **extlist)
-{
-	char *strtmp;
-	int ret;
-
-	if (!aint)
-		return 1;
-	if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
-		return 0;
-	ret = X509V3_add_value(name, strtmp, extlist);
-	free(strtmp);
-	return ret;
-}
-
-int
-X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
-{
-	char *btmp;
-
-	if (!(btmp = value->value))
-		goto err;
-	if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") ||
-	    !strcmp(btmp, "Y") || !strcmp(btmp, "y") ||
-	    !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
-		*asn1_bool = 0xff;
-		return 1;
-	} else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") ||
-	    !strcmp(btmp, "N") || !strcmp(btmp, "n") ||
-	    !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
-		*asn1_bool = 0;
-		return 1;
-	}
-
-err:
-	X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,
-	    X509V3_R_INVALID_BOOLEAN_STRING);
-	X509V3_conf_err(value);
-	return 0;
-}
-
-int
-X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
-{
-	ASN1_INTEGER *itmp;
-
-	if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
-		X509V3_conf_err(value);
-		return 0;
-	}
-	*aint = itmp;
-	return 1;
-}
-
-#define HDR_NAME	1
-#define HDR_VALUE	2
-
-/*#define DEBUG*/
-
-STACK_OF(CONF_VALUE) *
-X509V3_parse_list(const char *line)
-{
-	char *p, *q, c;
-	char *ntmp, *vtmp;
-	STACK_OF(CONF_VALUE) *values = NULL;
-	char *linebuf;
-	int state;
-
-	/* We are going to modify the line so copy it first */
-	if ((linebuf = strdup(line)) == NULL) {
-		X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	state = HDR_NAME;
-	ntmp = NULL;
-
-	/* Go through all characters */
-	for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') &&
-	    (c != '\n'); p++) {
-
-		switch (state) {
-		case HDR_NAME:
-			if (c == ':') {
-				state = HDR_VALUE;
-				*p = 0;
-				ntmp = strip_spaces(q);
-				if (!ntmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST,
-					    X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				q = p + 1;
-			} else if (c == ',') {
-				*p = 0;
-				ntmp = strip_spaces(q);
-				q = p + 1;
-				if (!ntmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST,
-					    X509V3_R_INVALID_NULL_NAME);
-					goto err;
-				}
-				X509V3_add_value(ntmp, NULL, &values);
-			}
-			break;
-
-		case HDR_VALUE:
-			if (c == ',') {
-				state = HDR_NAME;
-				*p = 0;
-				vtmp = strip_spaces(q);
-				if (!vtmp) {
-					X509V3err(X509V3_F_X509V3_PARSE_LIST,
-					    X509V3_R_INVALID_NULL_VALUE);
-					goto err;
-				}
-				X509V3_add_value(ntmp, vtmp, &values);
-				ntmp = NULL;
-				q = p + 1;
-			}
-
-		}
-	}
-
-	if (state == HDR_VALUE) {
-		vtmp = strip_spaces(q);
-		if (!vtmp) {
-			X509V3err(X509V3_F_X509V3_PARSE_LIST,
-			    X509V3_R_INVALID_NULL_VALUE);
-			goto err;
-		}
-		X509V3_add_value(ntmp, vtmp, &values);
-	} else {
-		ntmp = strip_spaces(q);
-		if (!ntmp) {
-			X509V3err(X509V3_F_X509V3_PARSE_LIST,
-			    X509V3_R_INVALID_NULL_NAME);
-			goto err;
-		}
-		X509V3_add_value(ntmp, NULL, &values);
-	}
-	free(linebuf);
-	return values;
-
-err:
-	free(linebuf);
-	sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
-	return NULL;
-
-}
-
-/* Delete leading and trailing spaces from a string */
-static char *
-strip_spaces(char *name)
-{
-	char *p, *q;
-
-	/* Skip over leading spaces */
-	p = name;
-	while (*p && isspace((unsigned char)*p))
-		p++;
-	if (!*p)
-		return NULL;
-	q = p + strlen(p) - 1;
-	while ((q != p) && isspace((unsigned char)*q))
-		q--;
-	if (p != q)
-		q[1] = 0;
-	if (!*p)
-		return NULL;
-	return p;
-}
-
-/* hex string utilities */
-
-/* Given a buffer of length 'len' return a malloc'ed string with its
- * hex representation
- */
-char *
-hex_to_string(const unsigned char *buffer, long len)
-{
-	char *tmp, *q;
-	const unsigned char *p;
-	int i;
-	static const char hexdig[] = "0123456789ABCDEF";
-
-	if (!buffer || !len)
-		return NULL;
-	if (!(tmp = malloc(len * 3 + 1))) {
-		X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	q = tmp;
-	for (i = 0, p = buffer; i < len; i++, p++) {
-		*q++ = hexdig[(*p >> 4) & 0xf];
-		*q++ = hexdig[*p & 0xf];
-		*q++ = ':';
-	}
-	q[-1] = 0;
-	return tmp;
-}
-
-/* Give a string of hex digits convert to
- * a buffer
- */
-
-unsigned char *
-string_to_hex(const char *str, long *len)
-{
-	unsigned char *hexbuf, *q;
-	unsigned char ch, cl, *p;
-	if (!str) {
-		X509V3err(X509V3_F_STRING_TO_HEX,
-		    X509V3_R_INVALID_NULL_ARGUMENT);
-		return NULL;
-	}
-	if (!(hexbuf = malloc(strlen(str) >> 1)))
-		goto err;
-	for (p = (unsigned char *)str, q = hexbuf; *p; ) {
-		ch = *p++;
-		if (ch == ':')
-			continue;
-		cl = *p++;
-		if (!cl) {
-			X509V3err(X509V3_F_STRING_TO_HEX,
-			    X509V3_R_ODD_NUMBER_OF_DIGITS);
-			free(hexbuf);
-			return NULL;
-		}
-		ch = tolower(ch);
-		cl = tolower(cl);
-
-		if ((ch >= '0') && (ch <= '9'))
-			ch -= '0';
-		else if ((ch >= 'a') && (ch <= 'f'))
-			ch -= 'a' - 10;
-		else
-			goto badhex;
-
-		if ((cl >= '0') && (cl <= '9'))
-			cl -= '0';
-		else if ((cl >= 'a') && (cl <= 'f'))
-			cl -= 'a' - 10;
-		else
-			goto badhex;
-
-		*q++ = (ch << 4) | cl;
-	}
-
-	if (len)
-		*len = q - hexbuf;
-
-	return hexbuf;
-
-err:
-	free(hexbuf);
-	X509V3err(X509V3_F_STRING_TO_HEX, ERR_R_MALLOC_FAILURE);
-	return NULL;
-
-badhex:
-	free(hexbuf);
-	X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ILLEGAL_HEX_DIGIT);
-	return NULL;
-}
-
-/* V2I name comparison function: returns zero if 'name' matches
- * cmp or cmp.*
- */
-
-int
-name_cmp(const char *name, const char *cmp)
-{
-	int len, ret;
-	char c;
-
-	len = strlen(cmp);
-	if ((ret = strncmp(name, cmp, len)))
-		return ret;
-	c = name[len];
-	if (!c || (c=='.'))
-		return 0;
-	return 1;
-}
-
-static int
-sk_strcmp(const char * const *a, const char * const *b)
-{
-	return strcmp(*a, *b);
-}
-
-STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
-{
-	GENERAL_NAMES *gens;
-	STACK_OF(OPENSSL_STRING) *ret;
-
-	gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	return ret;
-}
-
-STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
-{
-	AUTHORITY_INFO_ACCESS *info;
-	STACK_OF(OPENSSL_STRING) *ret = NULL;
-	int i;
-
-	info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
-	if (!info)
-		return NULL;
-	for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
-		ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
-		if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
-			if (ad->location->type == GEN_URI) {
-				if (!append_ia5(&ret,
-				    ad->location->d.uniformResourceIdentifier))
-					break;
-			}
-		}
-	}
-	AUTHORITY_INFO_ACCESS_free(info);
-	return ret;
-}
-
-STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
-{
-	GENERAL_NAMES *gens;
-	STACK_OF(X509_EXTENSION) *exts;
-	STACK_OF(OPENSSL_STRING) *ret;
-
-	exts = X509_REQ_get_extensions(x);
-	gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
-	ret = get_email(X509_REQ_get_subject_name(x), gens);
-	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
-	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
-	return ret;
-}
-
-
-static
-STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name, GENERAL_NAMES *gens)
-{
-	STACK_OF(OPENSSL_STRING) *ret = NULL;
-	X509_NAME_ENTRY *ne;
-	ASN1_IA5STRING *email;
-	GENERAL_NAME *gen;
-	int i;
-
-	/* Now add any email address(es) to STACK */
-	i = -1;
-
-	/* First supplied X509_NAME */
-	while ((i = X509_NAME_get_index_by_NID(name,
-	    NID_pkcs9_emailAddress, i)) >= 0) {
-		ne = X509_NAME_get_entry(name, i);
-		email = X509_NAME_ENTRY_get_data(ne);
-		if (!append_ia5(&ret, email))
-			return NULL;
-	}
-	for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
-		gen = sk_GENERAL_NAME_value(gens, i);
-		if (gen->type != GEN_EMAIL)
-			continue;
-		if (!append_ia5(&ret, gen->d.ia5))
-			return NULL;
-	}
-	return ret;
-}
-
-static void
-str_free(OPENSSL_STRING str)
-{
-	free(str);
-}
-
-static int
-append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
-{
-	char *emtmp;
-
-	/* First some sanity checks */
-	if (email->type != V_ASN1_IA5STRING)
-		return 1;
-	if (!email->data || !email->length)
-		return 1;
-	if (!*sk)
-		*sk = sk_OPENSSL_STRING_new(sk_strcmp);
-	if (!*sk)
-		return 0;
-	/* Don't add duplicates */
-	if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
-		return 1;
-	emtmp = strdup((char *)email->data);
-	if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
-		X509_email_free(*sk);
-		*sk = NULL;
-		return 0;
-	}
-	return 1;
-}
-
-void
-X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
-{
-	sk_OPENSSL_STRING_pop_free(sk, str_free);
-}
-
-/* Convert IP addresses both IPv4 and IPv6 into an
- * OCTET STRING compatible with RFC3280.
- */
-
-ASN1_OCTET_STRING *
-a2i_IPADDRESS(const char *ipasc)
-{
-	unsigned char ipout[16];
-	ASN1_OCTET_STRING *ret;
-	int iplen;
-
-	/* If string contains a ':' assume IPv6 */
-
-	iplen = a2i_ipadd(ipout, ipasc);
-
-	if (!iplen)
-		return NULL;
-
-	ret = ASN1_OCTET_STRING_new();
-	if (!ret)
-		return NULL;
-	if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
-		ASN1_OCTET_STRING_free(ret);
-		return NULL;
-	}
-	return ret;
-}
-
-ASN1_OCTET_STRING *
-a2i_IPADDRESS_NC(const char *ipasc)
-{
-	ASN1_OCTET_STRING *ret = NULL;
-	unsigned char ipout[32];
-	char *iptmp = NULL, *p;
-	int iplen1, iplen2;
-
-	p = strchr(ipasc, '/');
-	if (!p)
-		return NULL;
-	iptmp = strdup(ipasc);
-	if (!iptmp)
-		return NULL;
-	p = iptmp + (p - ipasc);
-	*p++ = 0;
-
-	iplen1 = a2i_ipadd(ipout, iptmp);
-
-	if (!iplen1)
-		goto err;
-
-	iplen2 = a2i_ipadd(ipout + iplen1, p);
-
-	free(iptmp);
-	iptmp = NULL;
-
-	if (!iplen2 || (iplen1 != iplen2))
-		goto err;
-
-	ret = ASN1_OCTET_STRING_new();
-	if (!ret)
-		goto err;
-	if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))
-		goto err;
-
-	return ret;
-
-err:
-	free(iptmp);
-	if (ret)
-		ASN1_OCTET_STRING_free(ret);
-	return NULL;
-}
-
-
-int
-a2i_ipadd(unsigned char *ipout, const char *ipasc)
-{
-	/* If string contains a ':' assume IPv6 */
-
-	if (strchr(ipasc, ':')) {
-		if (!ipv6_from_asc(ipout, ipasc))
-			return 0;
-		return 16;
-	} else {
-		if (!ipv4_from_asc(ipout, ipasc))
-			return 0;
-		return 4;
-	}
-}
-
-static int
-ipv4_from_asc(unsigned char *v4, const char *in)
-{
-	int a0, a1, a2, a3;
-	if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
-		return 0;
-	if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255) ||
-	    (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
-		return 0;
-	v4[0] = a0;
-	v4[1] = a1;
-	v4[2] = a2;
-	v4[3] = a3;
-	return 1;
-}
-
-typedef struct {
-	/* Temporary store for IPV6 output */
-	unsigned char tmp[16];
-	/* Total number of bytes in tmp */
-	int total;
-	/* The position of a zero (corresponding to '::') */
-	int zero_pos;
-	/* Number of zeroes */
-	int zero_cnt;
-} IPV6_STAT;
-
-
-static int
-ipv6_from_asc(unsigned char *v6, const char *in)
-{
-	IPV6_STAT v6stat;
-
-	v6stat.total = 0;
-	v6stat.zero_pos = -1;
-	v6stat.zero_cnt = 0;
-
-	/* Treat the IPv6 representation as a list of values
-	 * separated by ':'. The presence of a '::' will parse
- 	 * as one, two or three zero length elements.
-	 */
-	if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
-		return 0;
-
-	/* Now for some sanity checks */
-
-	if (v6stat.zero_pos == -1) {
-		/* If no '::' must have exactly 16 bytes */
-		if (v6stat.total != 16)
-			return 0;
-	} else {
-		/* If '::' must have less than 16 bytes */
-		if (v6stat.total == 16)
-			return 0;
-		/* More than three zeroes is an error */
-		if (v6stat.zero_cnt > 3)
-			return 0;
-		/* Can only have three zeroes if nothing else present */
-		else if (v6stat.zero_cnt == 3) {
-			if (v6stat.total > 0)
-				return 0;
-		}
-		/* Can only have two zeroes if at start or end */
-		else if (v6stat.zero_cnt == 2) {
-			if ((v6stat.zero_pos != 0) &&
-			    (v6stat.zero_pos != v6stat.total))
-				return 0;
-		} else
-			/* Can only have one zero if *not* start or end */
-		{
-			if ((v6stat.zero_pos == 0) ||
-			    (v6stat.zero_pos == v6stat.total))
-				return 0;
-		}
-	}
-
-	/* Format result */
-
-	if (v6stat.zero_pos >= 0) {
-		/* Copy initial part */
-		memcpy(v6, v6stat.tmp, v6stat.zero_pos);
-		/* Zero middle */
-		memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
-		/* Copy final part */
-		if (v6stat.total != v6stat.zero_pos)
-			memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
-			    v6stat.tmp + v6stat.zero_pos,
-			    v6stat.total - v6stat.zero_pos);
-	} else
-		memcpy(v6, v6stat.tmp, 16);
-
-	return 1;
-}
-
-static int
-ipv6_cb(const char *elem, int len, void *usr)
-{
-	IPV6_STAT *s = usr;
-
-	/* Error if 16 bytes written */
-	if (s->total == 16)
-		return 0;
-	if (len == 0) {
-		/* Zero length element, corresponds to '::' */
-		if (s->zero_pos == -1)
-			s->zero_pos = s->total;
-		/* If we've already got a :: its an error */
-		else if (s->zero_pos != s->total)
-			return 0;
-		s->zero_cnt++;
-	} else {
-		/* If more than 4 characters could be final a.b.c.d form */
-		if (len > 4) {
-			/* Need at least 4 bytes left */
-			if (s->total > 12)
-				return 0;
-			/* Must be end of string */
-			if (elem[len])
-				return 0;
-			if (!ipv4_from_asc(s->tmp + s->total, elem))
-				return 0;
-			s->total += 4;
-		} else {
-			if (!ipv6_hex(s->tmp + s->total, elem, len))
-				return 0;
-			s->total += 2;
-		}
-	}
-	return 1;
-}
-
-/* Convert a string of up to 4 hex digits into the corresponding
- * IPv6 form.
- */
-
-static int
-ipv6_hex(unsigned char *out, const char *in, int inlen)
-{
-	unsigned char c;
-	unsigned int num = 0;
-
-	if (inlen > 4)
-		return 0;
-	while (inlen--) {
-		c = *in++;
-		num <<= 4;
-		if ((c >= '0') && (c <= '9'))
-			num |= c - '0';
-		else if ((c >= 'A') && (c <= 'F'))
-			num |= c - 'A' + 10;
-		else if ((c >= 'a') && (c <= 'f'))
-			num |=  c - 'a' + 10;
-		else
-			return 0;
-	}
-	out[0] = num >> 8;
-	out[1] = num & 0xff;
-	return 1;
-}
-
-int
-X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
-    unsigned long chtype)
-{
-	CONF_VALUE *v;
-	int i, mval;
-	char *p, *type;
-
-	if (!nm)
-		return 0;
-
-	for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
-		v = sk_CONF_VALUE_value(dn_sk, i);
-		type = v->name;
-		/* Skip past any leading X. X: X, etc to allow for
-		 * multiple instances
-		 */
-		for (p = type; *p; p++)
-			if ((*p == ':') || (*p == ',') || (*p == '.')) {
-				p++;
-				if (*p)
-					type = p;
-				break;
-			}
-		if (*type == '+') {
-			mval = -1;
-			type++;
-		} else
-			mval = 0;
-		if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
-		    (unsigned char *) v->value, -1, -1, mval))
-			return 0;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/crypto/x509v3/v3err.c b/lib/libssl/src/crypto/x509v3/v3err.c
deleted file mode 100644
index a49632a0698..00000000000
--- a/lib/libssl/src/crypto/x509v3/v3err.c
+++ /dev/null
@@ -1,226 +0,0 @@
-/* $OpenBSD: v3err.c,v 1.11 2014/07/10 22:45:58 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
-
-static ERR_STRING_DATA X509V3_str_functs[] = {
-	{ERR_FUNC(X509V3_F_A2I_GENERAL_NAME),	"A2I_GENERAL_NAME"},
-	{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),	"ASIDENTIFIERCHOICE_CANONIZE"},
-	{ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),	"ASIDENTIFIERCHOICE_IS_CANONICAL"},
-	{ERR_FUNC(X509V3_F_COPY_EMAIL),	"COPY_EMAIL"},
-	{ERR_FUNC(X509V3_F_COPY_ISSUER),	"COPY_ISSUER"},
-	{ERR_FUNC(X509V3_F_DO_DIRNAME),	"DO_DIRNAME"},
-	{ERR_FUNC(X509V3_F_DO_EXT_CONF),	"DO_EXT_CONF"},
-	{ERR_FUNC(X509V3_F_DO_EXT_I2D),	"DO_EXT_I2D"},
-	{ERR_FUNC(X509V3_F_DO_EXT_NCONF),	"DO_EXT_NCONF"},
-	{ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS),	"DO_I2V_NAME_CONSTRAINTS"},
-	{ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME),	"GNAMES_FROM_SECTNAME"},
-	{ERR_FUNC(X509V3_F_HEX_TO_STRING),	"hex_to_string"},
-	{ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED),	"i2s_ASN1_ENUMERATED"},
-	{ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING),	"I2S_ASN1_IA5STRING"},
-	{ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER),	"i2s_ASN1_INTEGER"},
-	{ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),	"I2V_AUTHORITY_INFO_ACCESS"},
-	{ERR_FUNC(X509V3_F_NOTICE_SECTION),	"NOTICE_SECTION"},
-	{ERR_FUNC(X509V3_F_NREF_NOS),	"NREF_NOS"},
-	{ERR_FUNC(X509V3_F_POLICY_SECTION),	"POLICY_SECTION"},
-	{ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE),	"PROCESS_PCI_VALUE"},
-	{ERR_FUNC(X509V3_F_R2I_CERTPOL),	"R2I_CERTPOL"},
-	{ERR_FUNC(X509V3_F_R2I_PCI),	"R2I_PCI"},
-	{ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING),	"S2I_ASN1_IA5STRING"},
-	{ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER),	"s2i_ASN1_INTEGER"},
-	{ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING),	"s2i_ASN1_OCTET_STRING"},
-	{ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID),	"S2I_ASN1_SKEY_ID"},
-	{ERR_FUNC(X509V3_F_S2I_SKEY_ID),	"S2I_SKEY_ID"},
-	{ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME),	"SET_DIST_POINT_NAME"},
-	{ERR_FUNC(X509V3_F_STRING_TO_HEX),	"string_to_hex"},
-	{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC),	"SXNET_add_id_asc"},
-	{ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER),	"SXNET_add_id_INTEGER"},
-	{ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG),	"SXNET_add_id_ulong"},
-	{ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC),	"SXNET_get_id_asc"},
-	{ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG),	"SXNET_get_id_ulong"},
-	{ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS),	"V2I_ASIDENTIFIERS"},
-	{ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING),	"v2i_ASN1_BIT_STRING"},
-	{ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS),	"V2I_AUTHORITY_INFO_ACCESS"},
-	{ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID),	"V2I_AUTHORITY_KEYID"},
-	{ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS),	"V2I_BASIC_CONSTRAINTS"},
-	{ERR_FUNC(X509V3_F_V2I_CRLD),	"V2I_CRLD"},
-	{ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE),	"V2I_EXTENDED_KEY_USAGE"},
-	{ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES),	"v2i_GENERAL_NAMES"},
-	{ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX),	"v2i_GENERAL_NAME_ex"},
-	{ERR_FUNC(X509V3_F_V2I_IDP),	"V2I_IDP"},
-	{ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS),	"V2I_IPADDRBLOCKS"},
-	{ERR_FUNC(X509V3_F_V2I_ISSUER_ALT),	"V2I_ISSUER_ALT"},
-	{ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS),	"V2I_NAME_CONSTRAINTS"},
-	{ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS),	"V2I_POLICY_CONSTRAINTS"},
-	{ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS),	"V2I_POLICY_MAPPINGS"},
-	{ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT),	"V2I_SUBJECT_ALT"},
-	{ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL),	"V3_ADDR_VALIDATE_PATH_INTERNAL"},
-	{ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION),	"V3_GENERIC_EXTENSION"},
-	{ERR_FUNC(X509V3_F_X509V3_ADD1_I2D),	"X509V3_add1_i2d"},
-	{ERR_FUNC(X509V3_F_X509V3_ADD_VALUE),	"X509V3_add_value"},
-	{ERR_FUNC(X509V3_F_X509V3_EXT_ADD),	"X509V3_EXT_add"},
-	{ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS),	"X509V3_EXT_add_alias"},
-	{ERR_FUNC(X509V3_F_X509V3_EXT_CONF),	"X509V3_EXT_conf"},
-	{ERR_FUNC(X509V3_F_X509V3_EXT_I2D),	"X509V3_EXT_i2d"},
-	{ERR_FUNC(X509V3_F_X509V3_EXT_NCONF),	"X509V3_EXT_nconf"},
-	{ERR_FUNC(X509V3_F_X509V3_GET_SECTION),	"X509V3_get_section"},
-	{ERR_FUNC(X509V3_F_X509V3_GET_STRING),	"X509V3_get_string"},
-	{ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL),	"X509V3_get_value_bool"},
-	{ERR_FUNC(X509V3_F_X509V3_PARSE_LIST),	"X509V3_parse_list"},
-	{ERR_FUNC(X509V3_F_X509_PURPOSE_ADD),	"X509_PURPOSE_add"},
-	{ERR_FUNC(X509V3_F_X509_PURPOSE_SET),	"X509_PURPOSE_set"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA X509V3_str_reasons[] = {
-	{ERR_REASON(X509V3_R_BAD_IP_ADDRESS)     , "bad ip address"},
-	{ERR_REASON(X509V3_R_BAD_OBJECT)         , "bad object"},
-	{ERR_REASON(X509V3_R_BN_DEC2BN_ERROR)    , "bn dec2bn error"},
-	{ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR), "bn to asn1 integer error"},
-	{ERR_REASON(X509V3_R_DIRNAME_ERROR)      , "dirname error"},
-	{ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
-	{ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID)  , "duplicate zone id"},
-	{ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
-	{ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION), "error creating extension"},
-	{ERR_REASON(X509V3_R_ERROR_IN_EXTENSION) , "error in extension"},
-	{ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
-	{ERR_REASON(X509V3_R_EXTENSION_EXISTS)   , "extension exists"},
-	{ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
-	{ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
-	{ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED), "extension setting not supported"},
-	{ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
-	{ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
-	{ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT)  , "illegal hex digit"},
-	{ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG), "incorrect policy syntax tag"},
-	{ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
-	{ERR_REASON(X509V3_R_INVALID_ASNUMBER)   , "invalid asnumber"},
-	{ERR_REASON(X509V3_R_INVALID_ASRANGE)    , "invalid asrange"},
-	{ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
-	{ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING), "invalid extension string"},
-	{ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
-	{ERR_REASON(X509V3_R_INVALID_IPADDRESS)  , "invalid ipaddress"},
-	{ERR_REASON(X509V3_R_INVALID_NAME)       , "invalid name"},
-	{ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
-	{ERR_REASON(X509V3_R_INVALID_NULL_NAME)  , "invalid null name"},
-	{ERR_REASON(X509V3_R_INVALID_NULL_VALUE) , "invalid null value"},
-	{ERR_REASON(X509V3_R_INVALID_NUMBER)     , "invalid number"},
-	{ERR_REASON(X509V3_R_INVALID_NUMBERS)    , "invalid numbers"},
-	{ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER), "invalid object identifier"},
-	{ERR_REASON(X509V3_R_INVALID_OPTION)     , "invalid option"},
-	{ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER), "invalid policy identifier"},
-	{ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING), "invalid proxy policy setting"},
-	{ERR_REASON(X509V3_R_INVALID_PURPOSE)    , "invalid purpose"},
-	{ERR_REASON(X509V3_R_INVALID_SAFI)       , "invalid safi"},
-	{ERR_REASON(X509V3_R_INVALID_SECTION)    , "invalid section"},
-	{ERR_REASON(X509V3_R_INVALID_SYNTAX)     , "invalid syntax"},
-	{ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
-	{ERR_REASON(X509V3_R_MISSING_VALUE)      , "missing value"},
-	{ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS), "need organization and numbers"},
-	{ERR_REASON(X509V3_R_NO_CONFIG_DATABASE) , "no config database"},
-	{ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
-	{ERR_REASON(X509V3_R_NO_ISSUER_DETAILS)  , "no issuer details"},
-	{ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
-	{ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED), "no proxy cert policy language defined"},
-	{ERR_REASON(X509V3_R_NO_PUBLIC_KEY)      , "no public key"},
-	{ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS) , "no subject details"},
-	{ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
-	{ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
-	{ERR_REASON(X509V3_R_OTHERNAME_ERROR)    , "othername error"},
-	{ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED), "policy language already defined"},
-	{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH) , "policy path length"},
-	{ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED), "policy path length already defined"},
-	{ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED), "policy syntax not currently supported"},
-	{ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY), "policy when proxy language requires no policy"},
-	{ERR_REASON(X509V3_R_SECTION_NOT_FOUND)  , "section not found"},
-	{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS), "unable to get issuer details"},
-	{ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID), "unable to get issuer keyid"},
-	{ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT), "unknown bit string argument"},
-	{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION)  , "unknown extension"},
-	{ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
-	{ERR_REASON(X509V3_R_UNKNOWN_OPTION)     , "unknown option"},
-	{ERR_REASON(X509V3_R_UNSUPPORTED_OPTION) , "unsupported option"},
-	{ERR_REASON(X509V3_R_UNSUPPORTED_TYPE)   , "unsupported type"},
-	{ERR_REASON(X509V3_R_USER_TOO_LONG)      , "user too long"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_X509V3_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, X509V3_str_functs);
-		ERR_load_strings(0, X509V3_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/crypto/x509v3/x509v3.h b/lib/libssl/src/crypto/x509v3/x509v3.h
deleted file mode 100644
index b45626a885f..00000000000
--- a/lib/libssl/src/crypto/x509v3/x509v3.h
+++ /dev/null
@@ -1,862 +0,0 @@
-/* $OpenBSD: x509v3.h,v 1.16 2015/02/10 13:28:17 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_X509V3_H
-#define HEADER_X509V3_H
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/bio.h>
-#include <openssl/x509.h>
-#include <openssl/conf.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/* Forward reference */
-struct v3_ext_method;
-struct v3_ext_ctx;
-
-/* Useful typedefs */
-
-typedef void * (*X509V3_EXT_NEW)(void);
-typedef void (*X509V3_EXT_FREE)(void *);
-typedef void * (*X509V3_EXT_D2I)(void *, const unsigned char ** , long);
-typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
-typedef STACK_OF(CONF_VALUE) *
-  (*X509V3_EXT_I2V)(const struct v3_ext_method *method, void *ext,
-		    STACK_OF(CONF_VALUE) *extlist);
-typedef void * (*X509V3_EXT_V2I)(const struct v3_ext_method *method,
-				 struct v3_ext_ctx *ctx,
-				 STACK_OF(CONF_VALUE) *values);
-typedef char * (*X509V3_EXT_I2S)(const struct v3_ext_method *method, void *ext);
-typedef void * (*X509V3_EXT_S2I)(const struct v3_ext_method *method,
-				 struct v3_ext_ctx *ctx, const char *str);
-typedef int (*X509V3_EXT_I2R)(const struct v3_ext_method *method, void *ext,
-			      BIO *out, int indent);
-typedef void * (*X509V3_EXT_R2I)(const struct v3_ext_method *method,
-				 struct v3_ext_ctx *ctx, const char *str);
-
-/* V3 extension structure */
-
-struct v3_ext_method {
-int ext_nid;
-int ext_flags;
-/* If this is set the following four fields are ignored */
-ASN1_ITEM_EXP *it;
-/* Old style ASN1 calls */
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-
-/* The following pair is used for string extensions */
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-
-/* The following pair is used for multi-valued extensions */
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-
-/* The following are used for raw extensions */
-X509V3_EXT_I2R i2r;
-X509V3_EXT_R2I r2i;
-
-void *usr_data;	/* Any extension specific data */
-};
-
-typedef struct X509V3_CONF_METHOD_st {
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-} X509V3_CONF_METHOD;
-
-/* Context specific info */
-struct v3_ext_ctx {
-#define CTX_TEST 0x1
-int flags;
-X509 *issuer_cert;
-X509 *subject_cert;
-X509_REQ *subject_req;
-X509_CRL *crl;
-X509V3_CONF_METHOD *db_meth;
-void *db;
-/* Maybe more here */
-};
-
-typedef struct v3_ext_method X509V3_EXT_METHOD;
-
-DECLARE_STACK_OF(X509V3_EXT_METHOD)
-
-/* ext_flags values */
-#define X509V3_EXT_DYNAMIC	0x1
-#define X509V3_EXT_CTX_DEP	0x2
-#define X509V3_EXT_MULTILINE	0x4
-
-typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
-
-typedef struct BASIC_CONSTRAINTS_st {
-int ca;
-ASN1_INTEGER *pathlen;
-} BASIC_CONSTRAINTS;
-
-
-typedef struct PKEY_USAGE_PERIOD_st {
-ASN1_GENERALIZEDTIME *notBefore;
-ASN1_GENERALIZEDTIME *notAfter;
-} PKEY_USAGE_PERIOD;
-
-typedef struct otherName_st {
-ASN1_OBJECT *type_id;
-ASN1_TYPE *value;
-} OTHERNAME;
-
-typedef struct EDIPartyName_st {
-	ASN1_STRING *nameAssigner;
-	ASN1_STRING *partyName;
-} EDIPARTYNAME;
-
-typedef struct GENERAL_NAME_st {
-
-#define GEN_OTHERNAME	0
-#define GEN_EMAIL	1
-#define GEN_DNS		2
-#define GEN_X400	3
-#define GEN_DIRNAME	4
-#define GEN_EDIPARTY	5
-#define GEN_URI		6
-#define GEN_IPADD	7
-#define GEN_RID		8
-
-int type;
-union {
-	char *ptr;
-	OTHERNAME *otherName; /* otherName */
-	ASN1_IA5STRING *rfc822Name;
-	ASN1_IA5STRING *dNSName;
-	ASN1_TYPE *x400Address;
-	X509_NAME *directoryName;
-	EDIPARTYNAME *ediPartyName;
-	ASN1_IA5STRING *uniformResourceIdentifier;
-	ASN1_OCTET_STRING *iPAddress;
-	ASN1_OBJECT *registeredID;
-
-	/* Old names */
-	ASN1_OCTET_STRING *ip; /* iPAddress */
-	X509_NAME *dirn;		/* dirn */
-	ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
-	ASN1_OBJECT *rid; /* registeredID */
-	ASN1_TYPE *other; /* x400Address */
-} d;
-} GENERAL_NAME;
-
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-
-typedef struct ACCESS_DESCRIPTION_st {
-	ASN1_OBJECT *method;
-	GENERAL_NAME *location;
-} ACCESS_DESCRIPTION;
-
-typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
-
-typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
-
-DECLARE_STACK_OF(GENERAL_NAME)
-DECLARE_ASN1_SET_OF(GENERAL_NAME)
-
-DECLARE_STACK_OF(ACCESS_DESCRIPTION)
-DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-typedef struct DIST_POINT_NAME_st {
-int type;
-union {
-	GENERAL_NAMES *fullname;
-	STACK_OF(X509_NAME_ENTRY) *relativename;
-} name;
-/* If relativename then this contains the full distribution point name */
-X509_NAME *dpname;
-} DIST_POINT_NAME;
-/* All existing reasons */
-#define CRLDP_ALL_REASONS	0x807f
-
-#define CRL_REASON_NONE				-1
-#define CRL_REASON_UNSPECIFIED			0
-#define CRL_REASON_KEY_COMPROMISE		1
-#define CRL_REASON_CA_COMPROMISE		2
-#define CRL_REASON_AFFILIATION_CHANGED		3
-#define CRL_REASON_SUPERSEDED			4
-#define CRL_REASON_CESSATION_OF_OPERATION	5
-#define CRL_REASON_CERTIFICATE_HOLD		6
-#define CRL_REASON_REMOVE_FROM_CRL		8
-#define CRL_REASON_PRIVILEGE_WITHDRAWN		9
-#define CRL_REASON_AA_COMPROMISE		10
-
-struct DIST_POINT_st {
-DIST_POINT_NAME	*distpoint;
-ASN1_BIT_STRING *reasons;
-GENERAL_NAMES *CRLissuer;
-int dp_reasons;
-};
-
-typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
-
-DECLARE_STACK_OF(DIST_POINT)
-DECLARE_ASN1_SET_OF(DIST_POINT)
-
-struct AUTHORITY_KEYID_st {
-ASN1_OCTET_STRING *keyid;
-GENERAL_NAMES *issuer;
-ASN1_INTEGER *serial;
-};
-
-/* Strong extranet structures */
-
-typedef struct SXNET_ID_st {
-	ASN1_INTEGER *zone;
-	ASN1_OCTET_STRING *user;
-} SXNETID;
-
-DECLARE_STACK_OF(SXNETID)
-DECLARE_ASN1_SET_OF(SXNETID)
-
-typedef struct SXNET_st {
-	ASN1_INTEGER *version;
-	STACK_OF(SXNETID) *ids;
-} SXNET;
-
-typedef struct NOTICEREF_st {
-	ASN1_STRING *organization;
-	STACK_OF(ASN1_INTEGER) *noticenos;
-} NOTICEREF;
-
-typedef struct USERNOTICE_st {
-	NOTICEREF *noticeref;
-	ASN1_STRING *exptext;
-} USERNOTICE;
-
-typedef struct POLICYQUALINFO_st {
-	ASN1_OBJECT *pqualid;
-	union {
-		ASN1_IA5STRING *cpsuri;
-		USERNOTICE *usernotice;
-		ASN1_TYPE *other;
-	} d;
-} POLICYQUALINFO;
-
-DECLARE_STACK_OF(POLICYQUALINFO)
-DECLARE_ASN1_SET_OF(POLICYQUALINFO)
-
-typedef struct POLICYINFO_st {
-	ASN1_OBJECT *policyid;
-	STACK_OF(POLICYQUALINFO) *qualifiers;
-} POLICYINFO;
-
-typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
-
-DECLARE_STACK_OF(POLICYINFO)
-DECLARE_ASN1_SET_OF(POLICYINFO)
-
-typedef struct POLICY_MAPPING_st {
-	ASN1_OBJECT *issuerDomainPolicy;
-	ASN1_OBJECT *subjectDomainPolicy;
-} POLICY_MAPPING;
-
-DECLARE_STACK_OF(POLICY_MAPPING)
-
-typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
-
-typedef struct GENERAL_SUBTREE_st {
-	GENERAL_NAME *base;
-	ASN1_INTEGER *minimum;
-	ASN1_INTEGER *maximum;
-} GENERAL_SUBTREE;
-
-DECLARE_STACK_OF(GENERAL_SUBTREE)
-
-struct NAME_CONSTRAINTS_st {
-	STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
-	STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
-};
-
-typedef struct POLICY_CONSTRAINTS_st {
-	ASN1_INTEGER *requireExplicitPolicy;
-	ASN1_INTEGER *inhibitPolicyMapping;
-} POLICY_CONSTRAINTS;
-
-/* Proxy certificate structures, see RFC 3820 */
-typedef struct PROXY_POLICY_st
-	{
-	ASN1_OBJECT *policyLanguage;
-	ASN1_OCTET_STRING *policy;
-	} PROXY_POLICY;
-
-typedef struct PROXY_CERT_INFO_EXTENSION_st
-	{
-	ASN1_INTEGER *pcPathLengthConstraint;
-	PROXY_POLICY *proxyPolicy;
-	} PROXY_CERT_INFO_EXTENSION;
-
-DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
-DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
-
-struct ISSUING_DIST_POINT_st
-	{
-	DIST_POINT_NAME *distpoint;
-	int onlyuser;
-	int onlyCA;
-	ASN1_BIT_STRING *onlysomereasons;
-	int indirectCRL;
-	int onlyattr;
-	};
-
-/* Values in idp_flags field */
-/* IDP present */
-#define	IDP_PRESENT	0x1
-/* IDP values inconsistent */
-#define IDP_INVALID	0x2
-/* onlyuser true */
-#define	IDP_ONLYUSER	0x4
-/* onlyCA true */
-#define	IDP_ONLYCA	0x8
-/* onlyattr true */
-#define IDP_ONLYATTR	0x10
-/* indirectCRL true */
-#define IDP_INDIRECT	0x20
-/* onlysomereasons present */
-#define IDP_REASONS	0x40
-
-#define X509V3_conf_err(val) ERR_asprintf_error_data( \
-			"section:%s,name:%s,value:%s", val->section, \
-			val->name, val->value);
-
-#define X509V3_set_ctx_test(ctx) \
-			X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
-#define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
-
-#define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
-			0,0,0,0, \
-			0,0, \
-			(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
-			(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
-			NULL, NULL, \
-			table}
-
-#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
-			0,0,0,0, \
-			(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
-			(X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
-			0,0,0,0, \
-			NULL}
-
-#define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
-
-
-/* X509_PURPOSE stuff */
-
-#define EXFLAG_BCONS		0x1
-#define EXFLAG_KUSAGE		0x2
-#define EXFLAG_XKUSAGE		0x4
-#define EXFLAG_NSCERT		0x8
-
-#define EXFLAG_CA		0x10
-/* Really self issued not necessarily self signed */
-#define EXFLAG_SI		0x20
-#define EXFLAG_SS		0x20
-#define EXFLAG_V1		0x40
-#define EXFLAG_INVALID		0x80
-#define EXFLAG_SET		0x100
-#define EXFLAG_CRITICAL		0x200
-#define EXFLAG_PROXY		0x400
-
-#define EXFLAG_INVALID_POLICY	0x800
-#define EXFLAG_FRESHEST		0x1000
-
-#define KU_DIGITAL_SIGNATURE	0x0080
-#define KU_NON_REPUDIATION	0x0040
-#define KU_KEY_ENCIPHERMENT	0x0020
-#define KU_DATA_ENCIPHERMENT	0x0010
-#define KU_KEY_AGREEMENT	0x0008
-#define KU_KEY_CERT_SIGN	0x0004
-#define KU_CRL_SIGN		0x0002
-#define KU_ENCIPHER_ONLY	0x0001
-#define KU_DECIPHER_ONLY	0x8000
-
-#define NS_SSL_CLIENT		0x80
-#define NS_SSL_SERVER		0x40
-#define NS_SMIME		0x20
-#define NS_OBJSIGN		0x10
-#define NS_SSL_CA		0x04
-#define NS_SMIME_CA		0x02
-#define NS_OBJSIGN_CA		0x01
-#define NS_ANY_CA		(NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
-
-#define XKU_SSL_SERVER		0x1	
-#define XKU_SSL_CLIENT		0x2
-#define XKU_SMIME		0x4
-#define XKU_CODE_SIGN		0x8
-#define XKU_SGC			0x10
-#define XKU_OCSP_SIGN		0x20
-#define XKU_TIMESTAMP		0x40
-#define XKU_DVCS		0x80
-
-#define X509_PURPOSE_DYNAMIC	0x1
-#define X509_PURPOSE_DYNAMIC_NAME	0x2
-
-typedef struct x509_purpose_st {
-	int purpose;
-	int trust;		/* Default trust ID */
-	int flags;
-	int (*check_purpose)(const struct x509_purpose_st *,
-				const X509 *, int);
-	char *name;
-	char *sname;
-	void *usr_data;
-} X509_PURPOSE;
-
-#define X509_PURPOSE_SSL_CLIENT		1
-#define X509_PURPOSE_SSL_SERVER		2
-#define X509_PURPOSE_NS_SSL_SERVER	3
-#define X509_PURPOSE_SMIME_SIGN		4
-#define X509_PURPOSE_SMIME_ENCRYPT	5
-#define X509_PURPOSE_CRL_SIGN		6
-#define X509_PURPOSE_ANY		7
-#define X509_PURPOSE_OCSP_HELPER	8
-#define X509_PURPOSE_TIMESTAMP_SIGN	9
-
-#define X509_PURPOSE_MIN		1
-#define X509_PURPOSE_MAX		9
-
-/* Flags for X509V3_EXT_print() */
-
-#define X509V3_EXT_UNKNOWN_MASK		(0xfL << 16)
-/* Return error for unknown extensions */
-#define X509V3_EXT_DEFAULT		0
-/* Print error for unknown extensions */
-#define X509V3_EXT_ERROR_UNKNOWN	(1L << 16)
-/* ASN1 parse unknown extensions */
-#define X509V3_EXT_PARSE_UNKNOWN	(2L << 16)
-/* BIO_dump unknown extensions */
-#define X509V3_EXT_DUMP_UNKNOWN		(3L << 16)
-
-/* Flags for X509V3_add1_i2d */
-
-#define X509V3_ADD_OP_MASK		0xfL
-#define X509V3_ADD_DEFAULT		0L
-#define X509V3_ADD_APPEND		1L
-#define X509V3_ADD_REPLACE		2L
-#define X509V3_ADD_REPLACE_EXISTING	3L
-#define X509V3_ADD_KEEP_EXISTING	4L
-#define X509V3_ADD_DELETE		5L
-#define X509V3_ADD_SILENT		0x10
-
-DECLARE_STACK_OF(X509_PURPOSE)
-
-DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
-
-DECLARE_ASN1_FUNCTIONS(SXNET)
-DECLARE_ASN1_FUNCTIONS(SXNETID)
-
-int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); 
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); 
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); 
-
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
-
-DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
-GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
-int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
-
-
-
-ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-				ASN1_BIT_STRING *bits,
-				STACK_OF(CONF_VALUE) *extlist);
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
-
-DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
-
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
-		GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
-GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
-				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-
-DECLARE_ASN1_FUNCTIONS(OTHERNAME)
-DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
-int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
-void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
-void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
-int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
-				ASN1_OBJECT *oid, ASN1_TYPE *value);
-int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen, 
-				ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-
-DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a);
-
-DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
-DECLARE_ASN1_FUNCTIONS(POLICYINFO)
-DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
-DECLARE_ASN1_FUNCTIONS(USERNOTICE)
-DECLARE_ASN1_FUNCTIONS(NOTICEREF)
-
-DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT)
-DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
-DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
-
-int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
-
-int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
-
-DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
-DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
-
-DECLARE_ASN1_ITEM(POLICY_MAPPING)
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
-DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
-
-DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
-DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
-
-DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
-DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
-
-DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
-DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
-
-GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
-			       const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-			       int gen_type, char *value, int is_nc);
-
-#ifdef HEADER_CONF_H
-GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-			       CONF_VALUE *cnf);
-GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
-				  const X509V3_EXT_METHOD *method,
-				  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc);
-void X509V3_conf_free(CONF_VALUE *val);
-
-X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value);
-int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section, STACK_OF(X509_EXTENSION) **sk);
-int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509 *cert);
-int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl);
-
-X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-				    int ext_nid, char *value);
-X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-				char *name, char *value);
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-			char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-			    char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-			    char *section, X509_CRL *crl);
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-			     STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
-#endif
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-				 X509_REQ *req, X509_CRL *crl, int flags);
-
-int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-						STACK_OF(CONF_VALUE) **extlist);
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-void X509V3_EXT_cleanup(void);
-
-const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
-const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
-int X509V3_add_standard_extensions(void);
-STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags);
-
-char *hex_to_string(const unsigned char *buffer, long len);
-unsigned char *string_to_hex(const char *str, long *len);
-int name_cmp(const char *name, const char *cmp);
-
-void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
-								 int ml);
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-int X509V3_extensions_print(BIO *out, char *title, STACK_OF(X509_EXTENSION) *exts, unsigned long flag, int indent);
-
-int X509_check_ca(X509 *x);
-int X509_check_purpose(X509 *x, int id, int ca);
-int X509_supported_extension(X509_EXTENSION *ex);
-int X509_PURPOSE_set(int *p, int purpose);
-int X509_check_issued(X509 *issuer, X509 *subject);
-int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
-int X509_PURPOSE_get_count(void);
-X509_PURPOSE * X509_PURPOSE_get0(int idx);
-int X509_PURPOSE_get_by_sname(char *sname);
-int X509_PURPOSE_get_by_id(int id);
-int X509_PURPOSE_add(int id, int trust, int flags,
-			int (*ck)(const X509_PURPOSE *, const X509 *, int),
-				char *name, char *sname, void *arg);
-char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
-char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
-int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
-void X509_PURPOSE_cleanup(void);
-int X509_PURPOSE_get_id(X509_PURPOSE *);
-
-STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
-STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
-void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
-STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
-
-ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
-ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
-int a2i_ipadd(unsigned char *ipout, const char *ipasc);
-int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
-						unsigned long chtype);
-
-void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
-DECLARE_STACK_OF(X509_POLICY_NODE)
-
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_X509V3_strings(void);
-
-/* Error codes for the X509V3 functions. */
-
-/* Function codes. */
-#define X509V3_F_A2I_GENERAL_NAME			 164
-#define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE		 161
-#define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL	 162
-#define X509V3_F_COPY_EMAIL				 122
-#define X509V3_F_COPY_ISSUER				 123
-#define X509V3_F_DO_DIRNAME				 144
-#define X509V3_F_DO_EXT_CONF				 124
-#define X509V3_F_DO_EXT_I2D				 135
-#define X509V3_F_DO_EXT_NCONF				 151
-#define X509V3_F_DO_I2V_NAME_CONSTRAINTS		 148
-#define X509V3_F_GNAMES_FROM_SECTNAME			 156
-#define X509V3_F_HEX_TO_STRING				 111
-#define X509V3_F_I2S_ASN1_ENUMERATED			 121
-#define X509V3_F_I2S_ASN1_IA5STRING			 149
-#define X509V3_F_I2S_ASN1_INTEGER			 120
-#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS		 138
-#define X509V3_F_NOTICE_SECTION				 132
-#define X509V3_F_NREF_NOS				 133
-#define X509V3_F_POLICY_SECTION				 131
-#define X509V3_F_PROCESS_PCI_VALUE			 150
-#define X509V3_F_R2I_CERTPOL				 130
-#define X509V3_F_R2I_PCI				 155
-#define X509V3_F_S2I_ASN1_IA5STRING			 100
-#define X509V3_F_S2I_ASN1_INTEGER			 108
-#define X509V3_F_S2I_ASN1_OCTET_STRING			 112
-#define X509V3_F_S2I_ASN1_SKEY_ID			 114
-#define X509V3_F_S2I_SKEY_ID				 115
-#define X509V3_F_SET_DIST_POINT_NAME			 158
-#define X509V3_F_STRING_TO_HEX				 113
-#define X509V3_F_SXNET_ADD_ID_ASC			 125
-#define X509V3_F_SXNET_ADD_ID_INTEGER			 126
-#define X509V3_F_SXNET_ADD_ID_ULONG			 127
-#define X509V3_F_SXNET_GET_ID_ASC			 128
-#define X509V3_F_SXNET_GET_ID_ULONG			 129
-#define X509V3_F_V2I_ASIDENTIFIERS			 163
-#define X509V3_F_V2I_ASN1_BIT_STRING			 101
-#define X509V3_F_V2I_AUTHORITY_INFO_ACCESS		 139
-#define X509V3_F_V2I_AUTHORITY_KEYID			 119
-#define X509V3_F_V2I_BASIC_CONSTRAINTS			 102
-#define X509V3_F_V2I_CRLD				 134
-#define X509V3_F_V2I_EXTENDED_KEY_USAGE			 103
-#define X509V3_F_V2I_GENERAL_NAMES			 118
-#define X509V3_F_V2I_GENERAL_NAME_EX			 117
-#define X509V3_F_V2I_IDP				 157
-#define X509V3_F_V2I_IPADDRBLOCKS			 159
-#define X509V3_F_V2I_ISSUER_ALT				 153
-#define X509V3_F_V2I_NAME_CONSTRAINTS			 147
-#define X509V3_F_V2I_POLICY_CONSTRAINTS			 146
-#define X509V3_F_V2I_POLICY_MAPPINGS			 145
-#define X509V3_F_V2I_SUBJECT_ALT			 154
-#define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL		 160
-#define X509V3_F_V3_GENERIC_EXTENSION			 116
-#define X509V3_F_X509V3_ADD1_I2D			 140
-#define X509V3_F_X509V3_ADD_VALUE			 105
-#define X509V3_F_X509V3_EXT_ADD				 104
-#define X509V3_F_X509V3_EXT_ADD_ALIAS			 106
-#define X509V3_F_X509V3_EXT_CONF			 107
-#define X509V3_F_X509V3_EXT_I2D				 136
-#define X509V3_F_X509V3_EXT_NCONF			 152
-#define X509V3_F_X509V3_GET_SECTION			 142
-#define X509V3_F_X509V3_GET_STRING			 143
-#define X509V3_F_X509V3_GET_VALUE_BOOL			 110
-#define X509V3_F_X509V3_PARSE_LIST			 109
-#define X509V3_F_X509_PURPOSE_ADD			 137
-#define X509V3_F_X509_PURPOSE_SET			 141
-
-/* Reason codes. */
-#define X509V3_R_BAD_IP_ADDRESS				 118
-#define X509V3_R_BAD_OBJECT				 119
-#define X509V3_R_BN_DEC2BN_ERROR			 100
-#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR		 101
-#define X509V3_R_DIRNAME_ERROR				 149
-#define X509V3_R_DISTPOINT_ALREADY_SET			 160
-#define X509V3_R_DUPLICATE_ZONE_ID			 133
-#define X509V3_R_ERROR_CONVERTING_ZONE			 131
-#define X509V3_R_ERROR_CREATING_EXTENSION		 144
-#define X509V3_R_ERROR_IN_EXTENSION			 128
-#define X509V3_R_EXPECTED_A_SECTION_NAME		 137
-#define X509V3_R_EXTENSION_EXISTS			 145
-#define X509V3_R_EXTENSION_NAME_ERROR			 115
-#define X509V3_R_EXTENSION_NOT_FOUND			 102
-#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED	 103
-#define X509V3_R_EXTENSION_VALUE_ERROR			 116
-#define X509V3_R_ILLEGAL_EMPTY_EXTENSION		 151
-#define X509V3_R_ILLEGAL_HEX_DIGIT			 113
-#define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG		 152
-#define X509V3_R_INVALID_MULTIPLE_RDNS			 161
-#define X509V3_R_INVALID_ASNUMBER			 162
-#define X509V3_R_INVALID_ASRANGE			 163
-#define X509V3_R_INVALID_BOOLEAN_STRING			 104
-#define X509V3_R_INVALID_EXTENSION_STRING		 105
-#define X509V3_R_INVALID_INHERITANCE			 165
-#define X509V3_R_INVALID_IPADDRESS			 166
-#define X509V3_R_INVALID_NAME				 106
-#define X509V3_R_INVALID_NULL_ARGUMENT			 107
-#define X509V3_R_INVALID_NULL_NAME			 108
-#define X509V3_R_INVALID_NULL_VALUE			 109
-#define X509V3_R_INVALID_NUMBER				 140
-#define X509V3_R_INVALID_NUMBERS			 141
-#define X509V3_R_INVALID_OBJECT_IDENTIFIER		 110
-#define X509V3_R_INVALID_OPTION				 138
-#define X509V3_R_INVALID_POLICY_IDENTIFIER		 134
-#define X509V3_R_INVALID_PROXY_POLICY_SETTING		 153
-#define X509V3_R_INVALID_PURPOSE			 146
-#define X509V3_R_INVALID_SAFI				 164
-#define X509V3_R_INVALID_SECTION			 135
-#define X509V3_R_INVALID_SYNTAX				 143
-#define X509V3_R_ISSUER_DECODE_ERROR			 126
-#define X509V3_R_MISSING_VALUE				 124
-#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS		 142
-#define X509V3_R_NO_CONFIG_DATABASE			 136
-#define X509V3_R_NO_ISSUER_CERTIFICATE			 121
-#define X509V3_R_NO_ISSUER_DETAILS			 127
-#define X509V3_R_NO_POLICY_IDENTIFIER			 139
-#define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED	 154
-#define X509V3_R_NO_PUBLIC_KEY				 114
-#define X509V3_R_NO_SUBJECT_DETAILS			 125
-#define X509V3_R_ODD_NUMBER_OF_DIGITS			 112
-#define X509V3_R_OPERATION_NOT_DEFINED			 148
-#define X509V3_R_OTHERNAME_ERROR			 147
-#define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED	 155
-#define X509V3_R_POLICY_PATH_LENGTH			 156
-#define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED	 157
-#define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED	 158
-#define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
-#define X509V3_R_SECTION_NOT_FOUND			 150
-#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS		 122
-#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID		 123
-#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT		 111
-#define X509V3_R_UNKNOWN_EXTENSION			 129
-#define X509V3_R_UNKNOWN_EXTENSION_NAME			 130
-#define X509V3_R_UNKNOWN_OPTION				 120
-#define X509V3_R_UNSUPPORTED_OPTION			 117
-#define X509V3_R_UNSUPPORTED_TYPE			 167
-#define X509V3_R_USER_TOO_LONG				 132
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/crypto/x86_64cpuid.pl b/lib/libssl/src/crypto/x86_64cpuid.pl
deleted file mode 100644
index b36d3f7dc5d..00000000000
--- a/lib/libssl/src/crypto/x86_64cpuid.pl
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/usr/bin/env perl
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" $xlate $flavour $output";
-*STDOUT=*OUT;
-
-($arg1,$arg2,$arg3,$arg4)=("%rdi","%rsi","%rdx","%rcx");	# Unix order
-
-print<<___;
-.extern		OPENSSL_cpuid_setup
-.hidden		OPENSSL_cpuid_setup
-.section	.init
-	call	OPENSSL_cpuid_setup
-
-.hidden	OPENSSL_ia32cap_P
-.comm	OPENSSL_ia32cap_P,8,4
-
-.text
-
-.globl	OPENSSL_atomic_add
-.type	OPENSSL_atomic_add,\@abi-omnipotent
-.align	16
-OPENSSL_atomic_add:
-	movl	($arg1),%eax
-.Lspin:	leaq	($arg2,%rax),%r8
-	.byte	0xf0		# lock
-	cmpxchgl	%r8d,($arg1)
-	jne	.Lspin
-	movl	%r8d,%eax
-	.byte	0x48,0x98	# cltq/cdqe
-	ret
-.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
-
-.globl	OPENSSL_ia32_cpuid
-.type	OPENSSL_ia32_cpuid,\@abi-omnipotent
-.align	16
-OPENSSL_ia32_cpuid:
-	mov	%rbx,%r8		# save %rbx
-
-	xor	%eax,%eax
-	cpuid
-	mov	%eax,%r11d		# max value for standard query level
-
-	xor	%eax,%eax
-	cmp	\$0x756e6547,%ebx	# "Genu"
-	setne	%al
-	mov	%eax,%r9d
-	cmp	\$0x49656e69,%edx	# "ineI"
-	setne	%al
-	or	%eax,%r9d
-	cmp	\$0x6c65746e,%ecx	# "ntel"
-	setne	%al
-	or	%eax,%r9d		# 0 indicates Intel CPU
-	jz	.Lintel
-
-	cmp	\$0x68747541,%ebx	# "Auth"
-	setne	%al
-	mov	%eax,%r10d
-	cmp	\$0x69746E65,%edx	# "enti"
-	setne	%al
-	or	%eax,%r10d
-	cmp	\$0x444D4163,%ecx	# "cAMD"
-	setne	%al
-	or	%eax,%r10d		# 0 indicates AMD CPU
-	jnz	.Lintel
-
-	# AMD specific
-	mov	\$0x80000000,%eax
-	cpuid
-	cmp	\$0x80000001,%eax
-	jb	.Lintel
-	mov	%eax,%r10d
-	mov	\$0x80000001,%eax
-	cpuid
-	or	%ecx,%r9d
-	and	\$0x00000801,%r9d	# isolate AMD XOP bit, 1<<11
-
-	cmp	\$0x80000008,%r10d
-	jb	.Lintel
-
-	mov	\$0x80000008,%eax
-	cpuid
-	movzb	%cl,%r10		# number of cores - 1
-	inc	%r10			# number of cores
-
-	mov	\$1,%eax
-	cpuid
-	bt	\$28,%edx		# test hyper-threading bit
-	jnc	.Lgeneric
-	shr	\$16,%ebx		# number of logical processors
-	cmp	%r10b,%bl
-	ja	.Lgeneric
-	and	\$0xefffffff,%edx	# ~(1<<28)
-	jmp	.Lgeneric
-
-.Lintel:
-	cmp	\$4,%r11d
-	mov	\$-1,%r10d
-	jb	.Lnocacheinfo
-
-	mov	\$4,%eax
-	mov	\$0,%ecx		# query L1D
-	cpuid
-	mov	%eax,%r10d
-	shr	\$14,%r10d
-	and	\$0xfff,%r10d		# number of cores -1 per L1D
-
-.Lnocacheinfo:
-	mov	\$1,%eax
-	cpuid
-	and	\$0xbfefffff,%edx	# force reserved bits to 0
-	cmp	\$0,%r9d
-	jne	.Lnotintel
-	or	\$0x40000000,%edx	# set reserved bit#30 on Intel CPUs
-	and	\$15,%ah
-	cmp	\$15,%ah		# examine Family ID
-	jne	.Lnotintel
-	or	\$0x00100000,%edx	# set reserved bit#20 to engage RC4_CHAR
-.Lnotintel:
-	bt	\$28,%edx		# test hyper-threading bit
-	jnc	.Lgeneric
-	and	\$0xefffffff,%edx	# ~(1<<28)
-	cmp	\$0,%r10d
-	je	.Lgeneric
-
-	or	\$0x10000000,%edx	# 1<<28
-	shr	\$16,%ebx
-	cmp	\$1,%bl			# see if cache is shared
-	ja	.Lgeneric
-	and	\$0xefffffff,%edx	# ~(1<<28)
-.Lgeneric:
-	and	\$0x00000800,%r9d	# isolate AMD XOP flag
-	and	\$0xfffff7ff,%ecx
-	or	%ecx,%r9d		# merge AMD XOP flag
-
-	mov	%edx,%r10d		# %r9d:%r10d is copy of %ecx:%edx
-	bt	\$27,%r9d		# check OSXSAVE bit
-	jnc	.Lclear_avx
-	xor	%ecx,%ecx		# XCR0
-	.byte	0x0f,0x01,0xd0		# xgetbv
-	and	\$6,%eax		# isolate XMM and YMM state support
-	cmp	\$6,%eax
-	je	.Ldone
-.Lclear_avx:
-	mov	\$0xefffe7ff,%eax	# ~(1<<28|1<<12|1<<11)
-	and	%eax,%r9d		# clear AVX, FMA and AMD XOP bits
-.Ldone:
-	shl	\$32,%r9
-	mov	%r10d,%eax
-	mov	%r8,%rbx		# restore %rbx
-	or	%r9,%rax
-	ret
-.size	OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
-___
-
-print<<___;
-.globl	OPENSSL_wipe_cpu
-.type	OPENSSL_wipe_cpu,\@abi-omnipotent
-.align	16
-OPENSSL_wipe_cpu:
-	pxor	%xmm0,%xmm0
-	pxor	%xmm1,%xmm1
-	pxor	%xmm2,%xmm2
-	pxor	%xmm3,%xmm3
-	pxor	%xmm4,%xmm4
-	pxor	%xmm5,%xmm5
-	pxor	%xmm6,%xmm6
-	pxor	%xmm7,%xmm7
-	pxor	%xmm8,%xmm8
-	pxor	%xmm9,%xmm9
-	pxor	%xmm10,%xmm10
-	pxor	%xmm11,%xmm11
-	pxor	%xmm12,%xmm12
-	pxor	%xmm13,%xmm13
-	pxor	%xmm14,%xmm14
-	pxor	%xmm15,%xmm15
-	xorq	%rcx,%rcx
-	xorq	%rdx,%rdx
-	xorq	%rsi,%rsi
-	xorq	%rdi,%rdi
-	xorq	%r8,%r8
-	xorq	%r9,%r9
-	xorq	%r10,%r10
-	xorq	%r11,%r11
-	leaq	8(%rsp),%rax
-	ret
-.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
-___
-
-close STDOUT;	# flush
diff --git a/lib/libssl/src/crypto/x86cpuid.pl b/lib/libssl/src/crypto/x86cpuid.pl
deleted file mode 100644
index 8a96cda6e69..00000000000
--- a/lib/libssl/src/crypto/x86cpuid.pl
+++ /dev/null
@@ -1,192 +0,0 @@
-#!/usr/bin/env perl
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC, "${dir}perlasm", "perlasm");
-require "x86asm.pl";
-
-&asm_init($ARGV[0],"x86cpuid");
-
-for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
-
-&function_begin("OPENSSL_ia32_cpuid");
-	&xor	("edx","edx");
-	&pushf	();
-	&pop	("eax");
-	&mov	("ecx","eax");
-	&xor	("eax",1<<21);
-	&push	("eax");
-	&popf	();
-	&pushf	();
-	&pop	("eax");
-	&xor	("ecx","eax");
-	&xor	("eax","eax");
-	&bt	("ecx",21);
-	&jnc	(&label("nocpuid"));
-	&cpuid	();
-	&mov	("edi","eax");		# max value for standard query level
-
-	&xor	("eax","eax");
-	&cmp	("ebx",0x756e6547);	# "Genu"
-	&setne	(&LB("eax"));
-	&mov	("ebp","eax");
-	&cmp	("edx",0x49656e69);	# "ineI"
-	&setne	(&LB("eax"));
-	&or	("ebp","eax");
-	&cmp	("ecx",0x6c65746e);	# "ntel"
-	&setne	(&LB("eax"));
-	&or	("ebp","eax");		# 0 indicates Intel CPU
-	&jz	(&label("intel"));
-
-	&cmp	("ebx",0x68747541);	# "Auth"
-	&setne	(&LB("eax"));
-	&mov	("esi","eax");
-	&cmp	("edx",0x69746E65);	# "enti"
-	&setne	(&LB("eax"));
-	&or	("esi","eax");
-	&cmp	("ecx",0x444D4163);	# "cAMD"
-	&setne	(&LB("eax"));
-	&or	("esi","eax");		# 0 indicates AMD CPU
-	&jnz	(&label("intel"));
-
-	# AMD specific
-	&mov	("eax",0x80000000);
-	&cpuid	();
-	&cmp	("eax",0x80000001);
-	&jb	(&label("intel"));
-	&mov	("esi","eax");
-	&mov	("eax",0x80000001);
-	&cpuid	();
-	&or	("ebp","ecx");
-	&and	("ebp",1<<11|1);	# isolate XOP bit
-	&cmp	("esi",0x80000008);
-	&jb	(&label("intel"));
-
-	&mov	("eax",0x80000008);
-	&cpuid	();
-	&movz	("esi",&LB("ecx"));	# number of cores - 1
-	&inc	("esi");		# number of cores
-
-	&mov	("eax",1);
-	&xor	("ecx","ecx");
-	&cpuid	();
-	&bt	("edx",28);
-	&jnc	(&label("generic"));
-	&shr	("ebx",16);
-	&and	("ebx",0xff);
-	&cmp	("ebx","esi");
-	&ja	(&label("generic"));
-	&and	("edx",0xefffffff);	# clear hyper-threading bit
-	&jmp	(&label("generic"));
-	
-&set_label("intel");
-	&cmp	("edi",4);
-	&mov	("edi",-1);
-	&jb	(&label("nocacheinfo"));
-
-	&mov	("eax",4);
-	&mov	("ecx",0);		# query L1D
-	&cpuid	();
-	&mov	("edi","eax");
-	&shr	("edi",14);
-	&and	("edi",0xfff);		# number of cores -1 per L1D
-
-&set_label("nocacheinfo");
-	&mov	("eax",1);
-	&xor	("ecx","ecx");
-	&cpuid	();
-	&and	("edx",0xbfefffff);	# force reserved bits #20, #30 to 0
-	&cmp	("ebp",0);
-	&jne	(&label("notintel"));
-	&or	("edx",1<<30);		# set reserved bit#30 on Intel CPUs
-	&and	(&HB("eax"),15);	# familiy ID
-	&cmp	(&HB("eax"),15);	# P4?
-	&jne	(&label("notintel"));
-	&or	("edx",1<<20);		# set reserved bit#20 to engage RC4_CHAR
-&set_label("notintel");
-	&bt	("edx",28);		# test hyper-threading bit
-	&jnc	(&label("generic"));
-	&and	("edx",0xefffffff);
-	&cmp	("edi",0);
-	&je	(&label("generic"));
-
-	&or	("edx",0x10000000);
-	&shr	("ebx",16);
-	&cmp	(&LB("ebx"),1);
-	&ja	(&label("generic"));
-	&and	("edx",0xefffffff);	# clear hyper-threading bit if not
-
-&set_label("generic");
-	&and	("ebp",1<<11);		# isolate AMD XOP flag
-	&and	("ecx",0xfffff7ff);	# force 11th bit to 0
-	&mov	("esi","edx");
-	&or	("ebp","ecx");		# merge AMD XOP flag
-
-	&bt	("ecx",27);		# check OSXSAVE bit
-	&jnc	(&label("clear_avx"));
-	&xor	("ecx","ecx");
-	&data_byte(0x0f,0x01,0xd0);	# xgetbv
-	&and	("eax",6);
-	&cmp	("eax",6);
-	&je	(&label("done"));
-	&cmp	("eax",2);
-	&je	(&label("clear_avx"));
-&set_label("clear_xmm");
-	&and	("ebp",0xfdfffffd);	# clear AESNI and PCLMULQDQ bits
-	&and	("esi",0xfeffffff);	# clear FXSR
-&set_label("clear_avx");
-	&and	("ebp",0xefffe7ff);	# clear AVX, FMA and AMD XOP bits
-&set_label("done");
-	&mov	("eax","esi");
-	&mov	("edx","ebp");
-&set_label("nocpuid");
-&function_end("OPENSSL_ia32_cpuid");
-
-&external_label("OPENSSL_ia32cap_P");
-
-&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
-	&xor	("eax","eax");
-	&xor	("edx","edx");
-	&picmeup("ecx","OPENSSL_ia32cap_P");
-	&mov	("ecx",&DWP(0,"ecx"));
-	&bt	(&DWP(0,"ecx"),1);
-	&jnc	(&label("no_x87"));
-	if ($sse2) {
-		&and	("ecx",1<<26|1<<24);	# check SSE2 and FXSR bits
-		&cmp	("ecx",1<<26|1<<24);
-		&jne	(&label("no_sse2"));
-		&pxor	("xmm0","xmm0");
-		&pxor	("xmm1","xmm1");
-		&pxor	("xmm2","xmm2");
-		&pxor	("xmm3","xmm3");
-		&pxor	("xmm4","xmm4");
-		&pxor	("xmm5","xmm5");
-		&pxor	("xmm6","xmm6");
-		&pxor	("xmm7","xmm7");
-	&set_label("no_sse2");
-	}
-	# just a bunch of fldz to zap the fp/mm bank followed by finit...
-	&data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b);
-&set_label("no_x87");
-	&lea	("eax",&DWP(4,"esp"));
-	&ret	();
-&function_end_B("OPENSSL_wipe_cpu");
-
-&function_begin_B("OPENSSL_atomic_add");
-	&mov	("edx",&DWP(4,"esp"));	# fetch the pointer, 1st arg
-	&mov	("ecx",&DWP(8,"esp"));	# fetch the increment, 2nd arg
-	&push	("ebx");
-	&nop	();
-	&mov	("eax",&DWP(0,"edx"));
-&set_label("spin");
-	&lea	("ebx",&DWP(0,"eax","ecx"));
-	&nop	();
-	&data_word(0x1ab10ff0);	# lock;	cmpxchg	%ebx,(%edx)	# %eax is envolved and is always reloaded
-	&jne	(&label("spin"));
-	&mov	("eax","ebx");	# OpenSSL expects the new value
-	&pop	("ebx");
-	&ret	();
-&function_end_B("OPENSSL_atomic_add");
-
-&initseg("OPENSSL_cpuid_setup");
-
-&asm_finish();
diff --git a/lib/libssl/src/doc/apps/asn1parse.pod b/lib/libssl/src/doc/apps/asn1parse.pod
deleted file mode 100644
index 18f5de12120..00000000000
--- a/lib/libssl/src/doc/apps/asn1parse.pod
+++ /dev/null
@@ -1,175 +0,0 @@
-=pod
-
-=head1 NAME
-
-asn1parse - ASN.1 parsing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<asn1parse>
-[B<-inform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-offset number>]
-[B<-length number>]
-[B<-i>]
-[B<-oid filename>]
-[B<-strparse offset>]
-[B<-genstr string>]
-[B<-genconf file>]
-
-=head1 DESCRIPTION
-
-The B<asn1parse> command is a diagnostic utility that can parse ASN.1
-structures. It can also be used to extract data from ASN.1 formatted data.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform> B<DER|PEM>
-
-the input format. B<DER> is binary format and B<PEM> (the default) is base64
-encoded.
-
-=item B<-in filename>
-
-the input file, default is standard input
-
-=item B<-out filename>
-
-output file to place the DER encoded data into. If this
-option is not present then no data will be output. This is most useful when
-combined with the B<-strparse> option.
-
-=item B<-noout>
-
-don't output the parsed version of the input file.
-
-=item B<-offset number>
-
-starting offset to begin parsing, default is start of file.
-
-=item B<-length number>
-
-number of bytes to parse, default is until end of file.
-
-=item B<-i>
-
-indents the output according to the "depth" of the structures.
-
-=item B<-oid filename>
-
-a file containing additional OBJECT IDENTIFIERs (OIDs). The format of this
-file is described in the NOTES section below.
-
-=item B<-strparse offset>
-
-parse the contents octets of the ASN.1 object starting at B<offset>. This
-option can be used multiple times to "drill down" into a nested structure.
-
-=item B<-genstr string>, B<-genconf file>
-
-generate encoded data based on B<string>, B<file> or both using
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format. If B<file> only is
-present then the string is obtained from the default section using the name
-B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
-though it came from a file, the contents can thus be examined and written to a
-file using the B<out> option.
-
-=back
-
-=head2 OUTPUT
-
-The output will typically contain lines like this:
-
-  0:d=0  hl=4 l= 681 cons: SEQUENCE
-
-.....
-
-  229:d=3  hl=3 l= 141 prim: BIT STRING
-  373:d=2  hl=3 l= 162 cons: cont [ 3 ]
-  376:d=3  hl=3 l= 159 cons: SEQUENCE
-  379:d=4  hl=2 l=  29 cons: SEQUENCE
-  381:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Key Identifier
-  386:d=5  hl=2 l=  22 prim: OCTET STRING
-  410:d=4  hl=2 l= 112 cons: SEQUENCE
-  412:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key Identifier
-  417:d=5  hl=2 l= 105 prim: OCTET STRING
-  524:d=4  hl=2 l=  12 cons: SEQUENCE
-
-.....
-
-This example is part of a self signed certificate. Each line starts with the
-offset in decimal. B<d=XX> specifies the current depth. The depth is increased
-within the scope of any SET or SEQUENCE. B<hl=XX> gives the header length
-(tag and length octets) of the current type. B<l=XX> gives the length of
-the contents octets.
-
-The B<-i> option can be used to make the output more readable.
-
-Some knowledge of the ASN.1 structure is needed to interpret the output.
-
-In this example the BIT STRING at offset 229 is the certificate public key.
-The contents octets of this will contain the public key information. This can
-be examined using the option B<-strparse 229> to yield:
-
-    0:d=0  hl=3 l= 137 cons: SEQUENCE
-    3:d=1  hl=3 l= 129 prim: INTEGER           :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
-  135:d=1  hl=2 l=   3 prim: INTEGER           :010001
-
-=head1 NOTES
-
-If an OID is not part of OpenSSL's internal table it will be represented in
-numerical form (for example 1.2.3.4). The file passed to the B<-oid> option
-allows additional OIDs to be included. Each line consists of three columns,
-the first column is the OID in numerical format and should be followed by white
-space. The second column is the "short name" which is a single word followed
-by white space. The final column is the rest of the line and is the
-"long name". B<asn1parse> displays the long name. Example:
-
-C<1.2.3.4	shortName	A long name>
-
-=head1 EXAMPLES
-
-Parse a file:
-
- openssl asn1parse -in file.pem
-
-Parse a DER file:
-
- openssl asn1parse -inform DER -in file.der
-
-Generate a simple UTF8String:
-
- openssl asn1parse -genstr 'UTF8:Hello World'
-
-Generate and write out a UTF8String, don't print parsed output:
-
- openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der
-
-Generate using a config file:
-
- openssl asn1parse -genconf asn1.cnf -noout -out asn1.der
-
-Example config file:
-
- asn1=SEQUENCE:seq_sect
-
- [seq_sect]
-
- field1=BOOL:TRUE
- field2=EXP:0, UTF8:some random string
-
-
-=head1 BUGS
-
-There should be options to change the format of output lines. The output of some
-ASN.1 types is not well handled (if at all).
-
-=head1 SEE ALSO
-
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ca.pod b/lib/libssl/src/doc/apps/ca.pod
deleted file mode 100644
index 42aa966bdca..00000000000
--- a/lib/libssl/src/doc/apps/ca.pod
+++ /dev/null
@@ -1,675 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-ca - sample minimal CA application
-
-=head1 SYNOPSIS
-
-B<openssl> B<ca>
-[B<-verbose>]
-[B<-config filename>]
-[B<-name section>]
-[B<-gencrl>]
-[B<-revoke file>]
-[B<-crl_reason reason>]
-[B<-crl_hold instruction>]
-[B<-crl_compromise time>]
-[B<-crl_CA_compromise time>]
-[B<-crldays days>]
-[B<-crlhours hours>]
-[B<-crlexts section>]
-[B<-startdate date>]
-[B<-enddate date>]
-[B<-days arg>]
-[B<-md arg>]
-[B<-policy arg>]
-[B<-keyfile arg>]
-[B<-key arg>]
-[B<-passin arg>]
-[B<-cert file>]
-[B<-selfsign>]
-[B<-in file>]
-[B<-out file>]
-[B<-notext>]
-[B<-outdir dir>]
-[B<-infiles>]
-[B<-spkac file>]
-[B<-ss_cert file>]
-[B<-preserveDN>]
-[B<-noemailDN>]
-[B<-batch>]
-[B<-msie_hack>]
-[B<-extensions section>]
-[B<-extfile section>]
-[B<-engine id>]
-[B<-subj arg>]
-[B<-utf8>]
-[B<-multivalue-rdn>]
-
-=head1 DESCRIPTION
-
-The B<ca> command is a minimal CA application. It can be used
-to sign certificate requests in a variety of forms and generate
-CRLs it also maintains a text database of issued certificates
-and their status.
-
-The options descriptions will be divided into each purpose.
-
-=head1 CA OPTIONS
-
-=over 4
-
-=item B<-config filename>
-
-specifies the configuration file to use.
-
-=item B<-name section>
-
-specifies the configuration file section to use (overrides
-B<default_ca> in the B<ca> section).
-
-=item B<-in filename>
-
-an input filename containing a single certificate request to be
-signed by the CA.
-
-=item B<-ss_cert filename>
-
-a single self signed certificate to be signed by the CA.
-
-=item B<-spkac filename>
-
-a file containing a single Netscape signed public key and challenge
-and additional field values to be signed by the CA. See the B<SPKAC FORMAT>
-section for information on the required format.
-
-=item B<-infiles>
-
-if present this should be the last option, all subsequent arguments
-are assumed to be the names of files containing certificate requests.
-
-=item B<-out filename>
-
-the output file to output certificates to. The default is standard
-output. The certificate details will also be printed out to this
-file.
-
-=item B<-outdir directory>
-
-the directory to output certificates to. The certificate will be
-written to a filename consisting of the serial number in hex with
-".pem" appended.
-
-=item B<-cert>
-
-the CA certificate file.
-
-=item B<-keyfile filename>
-
-the private key to sign requests with.
-
-=item B<-key password>
-
-the password used to encrypt the private key. Since on some
-systems the command line arguments are visible (e.g. Unix with
-the 'ps' utility) this option should be used with caution.
-
-=item B<-selfsign>
-
-indicates the issued certificates are to be signed with the key
-the certificate requests were signed with (given with B<-keyfile>).
-Cerificate requests signed with a different key are ignored.  If
-B<-spkac>, B<-ss_cert> or B<-gencrl> are given, B<-selfsign> is
-ignored.
-
-A consequence of using B<-selfsign> is that the self-signed
-certificate appears among the entries in the certificate database
-(see the configuration option B<database>), and uses the same
-serial number counter as all other certificates sign with the
-self-signed certificate.
-
-=item B<-passin arg>
-
-the key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
-=item B<-notext>
-
-don't output the text form of a certificate to the output file.
-
-=item B<-startdate date>
-
-this allows the start date to be explicitly set. The format of the
-date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
-
-=item B<-enddate date>
-
-this allows the expiry date to be explicitly set. The format of the
-date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
-
-=item B<-days arg>
-
-the number of days to certify the certificate for.
-
-=item B<-md alg>
-
-the message digest to use. Possible values include md5 and sha1.
-This option also applies to CRLs.
-
-=item B<-policy arg>
-
-this option defines the CA "policy" to use. This is a section in
-the configuration file which decides which fields should be mandatory
-or match the CA certificate. Check out the B<POLICY FORMAT> section
-for more information.
-
-=item B<-msie_hack>
-
-this is a legacy option to make B<ca> work with very old versions of
-the IE certificate enrollment control "certenr3". It used UniversalStrings
-for almost everything. Since the old control has various security bugs
-its use is strongly discouraged. The newer control "Xenroll" does not
-need this option.
-
-=item B<-preserveDN>
-
-Normally the DN order of a certificate is the same as the order of the
-fields in the relevant policy section. When this option is set the order
-is the same as the request. This is largely for compatibility with the
-older IE enrollment control which would only accept certificates if their
-DNs match the order of the request. This is not needed for Xenroll.
-
-=item B<-noemailDN>
-
-The DN of a certificate can contain the EMAIL field if present in the
-request DN, however it is good policy just having the e-mail set into
-the altName extension of the certificate. When this option is set the
-EMAIL field is removed from the certificate' subject and set only in
-the, eventually present, extensions. The B<email_in_dn> keyword can be
-used in the configuration file to enable this behaviour.
-
-=item B<-batch>
-
-this sets the batch mode. In this mode no questions will be asked
-and all certificates will be certified automatically.
-
-=item B<-extensions section>
-
-the section of the configuration file containing certificate extensions
-to be added when a certificate is issued (defaults to B<x509_extensions>
-unless the B<-extfile> option is used). If no extension section is
-present then, a V1 certificate is created. If the extension section
-is present (even if it is empty), then a V3 certificate is created. See the:w
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
-extension section format.
-
-=item B<-extfile file>
-
-an additional configuration file to read certificate extensions from
-(using the default section unless the B<-extensions> option is also
-used).
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<ca>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-subj arg>
-
-supersedes subject name given in the request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
-=item B<-utf8>
-
-this option causes field values to be interpreted as UTF8 strings, by
-default they are interpreted as ASCII. This means that the field
-values, whether prompted from a terminal or obtained from a
-configuration file, must be valid UTF8 strings.
-
-=item B<-multivalue-rdn>
-
-this option causes the -subj argument to be interpretedt with full
-support for multivalued RDNs. Example:
-
-I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
-
-If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
-
-=back
-
-=head1 CRL OPTIONS
-
-=over 4
-
-=item B<-gencrl>
-
-this option generates a CRL based on information in the index file.
-
-=item B<-crldays num>
-
-the number of days before the next CRL is due. That is the days from
-now to place in the CRL nextUpdate field.
-
-=item B<-crlhours num>
-
-the number of hours before the next CRL is due.
-
-=item B<-revoke filename>
-
-a filename containing a certificate to revoke.
-
-=item B<-crl_reason reason>
-
-revocation reason, where B<reason> is one of: B<unspecified>, B<keyCompromise>,
-B<CACompromise>, B<affiliationChanged>, B<superseded>, B<cessationOfOperation>,
-B<certificateHold> or B<removeFromCRL>. The matching of B<reason> is case
-insensitive. Setting any revocation reason will make the CRL v2.
-
-In practive B<removeFromCRL> is not particularly useful because it is only used
-in delta CRLs which are not currently implemented.
-
-=item B<-crl_hold instruction>
-
-This sets the CRL revocation reason code to B<certificateHold> and the hold
-instruction to B<instruction> which must be an OID. Although any OID can be
-used only B<holdInstructionNone> (the use of which is discouraged by RFC2459)
-B<holdInstructionCallIssuer> or B<holdInstructionReject> will normally be used.
-
-=item B<-crl_compromise time>
-
-This sets the revocation reason to B<keyCompromise> and the compromise time to
-B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>.
-
-=item B<-crl_CA_compromise time>
-
-This is the same as B<crl_compromise> except the revocation reason is set to
-B<CACompromise>.
-
-=item B<-crlexts section>
-
-the section of the configuration file containing CRL extensions to
-include. If no CRL extension section is present then a V1 CRL is
-created, if the CRL extension section is present (even if it is
-empty) then a V2 CRL is created. The CRL extensions specified are
-CRL extensions and B<not> CRL entry extensions.  It should be noted
-that some software (for example Netscape) can't handle V2 CRLs. See
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
-extension section format.
-
-=back
-
-=head1 CONFIGURATION FILE OPTIONS
-
-The section of the configuration file containing options for B<ca>
-is found as follows: If the B<-name> command line option is used,
-then it names the section to be used. Otherwise the section to
-be used must be named in the B<default_ca> option of the B<ca> section
-of the configuration file (or in the default section of the
-configuration file). Besides B<default_ca>, the following options are
-read directly from the B<ca> section:
- RANDFILE
- preserve
- msie_hack
-With the exception of B<RANDFILE>, this is probably a bug and may
-change in future releases.
-
-Many of the configuration file options are identical to command line
-options. Where the option is present in the configuration file
-and the command line the command line value is used. Where an
-option is described as mandatory then it must be present in
-the configuration file or the command line equivalent (if
-any) used.
-
-=over 4
-
-=item B<oid_file>
-
-This specifies a file containing additional B<OBJECT IDENTIFIERS>.
-Each line of the file should consist of the numerical form of the
-object identifier followed by white space then the short name followed
-by white space and finally the long name.
-
-=item B<oid_section>
-
-This specifies a section in the configuration file containing extra
-object identifiers. Each line should consist of the short name of the
-object identifier followed by B<=> and the numerical form. The short
-and long names are the same when this option is used.
-
-=item B<new_certs_dir>
-
-the same as the B<-outdir> command line option. It specifies
-the directory where new certificates will be placed. Mandatory.
-
-=item B<certificate>
-
-the same as B<-cert>. It gives the file containing the CA
-certificate. Mandatory.
-
-=item B<private_key>
-
-same as the B<-keyfile> option. The file containing the
-CA private key. Mandatory.
-
-=item B<RANDFILE>
-
-a file used to read and write random number seed information, or
-an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-
-=item B<default_days>
-
-the same as the B<-days> option. The number of days to certify
-a certificate for.
-
-=item B<default_startdate>
-
-the same as the B<-startdate> option. The start date to certify
-a certificate for. If not set the current time is used.
-
-=item B<default_enddate>
-
-the same as the B<-enddate> option. Either this option or
-B<default_days> (or the command line equivalents) must be
-present.
-
-=item B<default_crl_hours default_crl_days>
-
-the same as the B<-crlhours> and the B<-crldays> options. These
-will only be used if neither command line option is present. At
-least one of these must be present to generate a CRL.
-
-=item B<default_md>
-
-the same as the B<-md> option. The message digest to use. Mandatory.
-
-=item B<database>
-
-the text database file to use. Mandatory. This file must be present
-though initially it will be empty.
-
-=item B<unique_subject>
-
-if the value B<yes> is given, the valid certificate entries in the
-database must have unique subjects.  if the value B<no> is given,
-several valid certificate entries may have the exact same subject.
-The default value is B<yes>, to be compatible with older (pre 0.9.8)
-versions of OpenSSL.  However, to make CA certificate roll-over easier,
-it's recommended to use the value B<no>, especially if combined with
-the B<-selfsign> command line option.
-
-=item B<serial>
-
-a text file containing the next serial number to use in hex. Mandatory.
-This file must be present and contain a valid serial number.
-
-=item B<crlnumber>
-
-a text file containing the next CRL number to use in hex. The crl number
-will be inserted in the CRLs only if this file exists. If this file is
-present, it must contain a valid CRL number.
-
-=item B<x509_extensions>
-
-the same as B<-extensions>.
-
-=item B<crl_extensions>
-
-the same as B<-crlexts>.
-
-=item B<preserve>
-
-the same as B<-preserveDN>
-
-=item B<email_in_dn>
-
-the same as B<-noemailDN>. If you want the EMAIL field to be removed
-from the DN of the certificate simply set this to 'no'. If not present
-the default is to allow for the EMAIL filed in the certificate's DN.
-
-=item B<msie_hack>
-
-the same as B<-msie_hack>
-
-=item B<policy>
-
-the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
-for more information.
-
-=item B<name_opt>, B<cert_opt>
-
-these options allow the format used to display the certificate details
-when asking the user to confirm signing. All the options supported by
-the B<x509> utilities B<-nameopt> and B<-certopt> switches can be used
-here, except the B<no_signame> and B<no_sigdump> are permanently set
-and cannot be disabled (this is because the certificate signature cannot
-be displayed because the certificate has not been signed at this point).
-
-For convenience the values B<ca_default> are accepted by both to produce
-a reasonable output.
-
-If neither option is present the format used in earlier versions of
-OpenSSL is used. Use of the old format is B<strongly> discouraged because
-it only displays fields mentioned in the B<policy> section, mishandles
-multicharacter string types and does not display extensions.
-
-=item B<copy_extensions>
-
-determines how extensions in certificate requests should be handled.
-If set to B<none> or this option is not present then extensions are
-ignored and not copied to the certificate. If set to B<copy> then any
-extensions present in the request that are not already present are copied
-to the certificate. If set to B<copyall> then all extensions in the
-request are copied to the certificate: if the extension is already present
-in the certificate it is deleted first. See the B<WARNINGS> section before
-using this option.
-
-The main use of this option is to allow a certificate request to supply
-values for certain extensions such as subjectAltName.
-
-=back
-
-=head1 POLICY FORMAT
-
-The policy section consists of a set of variables corresponding to
-certificate DN fields. If the value is "match" then the field value
-must match the same field in the CA certificate. If the value is
-"supplied" then it must be present. If the value is "optional" then
-it may be present. Any fields not mentioned in the policy section
-are silently deleted, unless the B<-preserveDN> option is set but
-this can be regarded more of a quirk than intended behaviour.
-
-=head1 SPKAC FORMAT
-
-The input to the B<-spkac> command line option is a Netscape
-signed public key and challenge. This will usually come from
-the B<KEYGEN> tag in an HTML form to create a new private key.
-It is however possible to create SPKACs using the B<spkac> utility.
-
-The file should contain the variable SPKAC set to the value of
-the SPKAC and also the required DN components as name value pairs.
-If you need to include the same component twice then it can be
-preceded by a number and a '.'.
-
-=head1 EXAMPLES
-
-Note: these examples assume that the B<ca> directory structure is
-already set up and the relevant files already exist. This usually
-involves creating a CA certificate and private key with B<req>, a
-serial number file and an empty index file and placing them in
-the relevant directories.
-
-To use the sample configuration file below the directories demoCA,
-demoCA/private and demoCA/newcerts would be created. The CA
-certificate would be copied to demoCA/cacert.pem and its private
-key to demoCA/private/cakey.pem. A file demoCA/serial would be
-created containing for example "01" and the empty index file
-demoCA/index.txt.
-
-
-Sign a certificate request:
-
- openssl ca -in req.pem -out newcert.pem
-
-Sign a certificate request, using CA extensions:
-
- openssl ca -in req.pem -extensions v3_ca -out newcert.pem
-
-Generate a CRL
-
- openssl ca -gencrl -out crl.pem
-
-Sign several requests:
-
- openssl ca -infiles req1.pem req2.pem req3.pem
-
-Certify a Netscape SPKAC:
-
- openssl ca -spkac spkac.txt
-
-A sample SPKAC file (the SPKAC line has been truncated for clarity):
-
- SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
- CN=Steve Test
- emailAddress=steve@openssl.org
- 0.OU=OpenSSL Group
- 1.OU=Another Group
-
-A sample configuration file with the relevant sections for B<ca>:
-
- [ ca ]
- default_ca      = CA_default            # The default ca section
-
- [ CA_default ]
-
- dir            = ./demoCA              # top dir
- database       = $dir/index.txt        # index file.
- new_certs_dir	= $dir/newcerts         # new certs dir
-
- certificate    = $dir/cacert.pem       # The CA cert
- serial         = $dir/serial           # serial no file
- private_key    = $dir/private/cakey.pem# CA private key
- RANDFILE       = $dir/private/.rand    # random number file
-
- default_days   = 365                   # how long to certify for
- default_crl_days= 30                   # how long before next CRL
- default_md     = md5                   # md to use
-
- policy         = policy_any            # default policy
- email_in_dn    = no                    # Don't add the email into cert DN
-
- name_opt	= ca_default		# Subject name display option
- cert_opt	= ca_default		# Certificate display option
- copy_extensions = none			# Don't copy extensions from request
-
- [ policy_any ]
- countryName            = supplied
- stateOrProvinceName    = optional
- organizationName       = optional
- organizationalUnitName = optional
- commonName             = supplied
- emailAddress           = optional
-
-=head1 FILES
-
-Note: the location of all files can change either by compile time options,
-configuration file entries, environment variables or command line options.
-The values below reflect the default values.
-
- /usr/local/ssl/lib/openssl.cnf - master configuration file
- ./demoCA                       - main CA directory
- ./demoCA/cacert.pem            - CA certificate
- ./demoCA/private/cakey.pem     - CA private key
- ./demoCA/serial                - CA serial number file
- ./demoCA/serial.old            - CA serial number backup file
- ./demoCA/index.txt             - CA text database file
- ./demoCA/index.txt.old         - CA text database backup file
- ./demoCA/certs                 - certificate output file
- ./demoCA/.rnd                  - CA random seed information
-
-=head1 ENVIRONMENT VARIABLES
-
-B<OPENSSL_CONF> reflects the location of master configuration file it can
-be overridden by the B<-config> command line option.
-
-=head1 RESTRICTIONS
-
-The text database index file is a critical part of the process and
-if corrupted it can be difficult to fix. It is theoretically possible
-to rebuild the index file from all the issued certificates and a current
-CRL: however there is no option to do this.
-
-V2 CRL features like delta CRLs are not currently supported.
-
-Although several requests can be input and handled at once it is only
-possible to include one SPKAC or self signed certificate.
-
-=head1 BUGS
-
-The use of an in memory text database can cause problems when large
-numbers of certificates are present because, as the name implies
-the database has to be kept in memory.
-
-The B<ca> command really needs rewriting or the required functionality
-exposed at either a command or interface level so a more friendly utility
-(perl script or GUI) can handle things properly. The scripts B<CA.sh> and
-B<CA.pl> help a little but not very much.
-
-Any fields in a request that are not present in a policy are silently
-deleted. This does not happen if the B<-preserveDN> option is used. To
-enforce the absence of the EMAIL field within the DN, as suggested by
-RFCs, regardless the contents of the request' subject the B<-noemailDN>
-option can be used. The behaviour should be more friendly and
-configurable.
-
-Cancelling some commands by refusing to certify a certificate can
-create an empty file.
-
-=head1 WARNINGS
-
-The B<ca> command is quirky and at times downright unfriendly.
-
-The B<ca> utility was originally meant as an example of how to do things
-in a CA. It was not supposed to be used as a full blown CA itself:
-nevertheless some people are using it for this purpose.
-
-The B<ca> command is effectively a single user command: no locking is
-done on the various files and attempts to run more than one B<ca> command
-on the same database can have unpredictable results.
-
-The B<copy_extensions> option should be used with caution. If care is
-not taken then it can be a security risk. For example if a certificate
-request contains a basicConstraints extension with CA:TRUE and the
-B<copy_extensions> value is set to B<copyall> and the user does not spot
-this when the certificate is displayed then this will hand the requestor
-a valid CA certificate.
-
-This situation can be avoided by setting B<copy_extensions> to B<copy>
-and including basicConstraints with CA:FALSE in the configuration file.
-Then if the request contains a basicConstraints extension it will be
-ignored.
-
-It is advisable to also include values for other extensions such
-as B<keyUsage> to prevent a request supplying its own values.
-
-Additional restrictions can be placed on the CA certificate itself.
-For example if the CA certificate has:
-
- basicConstraints = CA:TRUE, pathlen:0
-
-then even if a certificate is issued with CA:TRUE it will not be valid.
-
-=head1 SEE ALSO
-
-L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
-L<config(5)|config(5)>, L<x509v3_config(5)|x509v3_config(5)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ciphers.pod b/lib/libssl/src/doc/apps/ciphers.pod
deleted file mode 100644
index 757e0221b7b..00000000000
--- a/lib/libssl/src/doc/apps/ciphers.pod
+++ /dev/null
@@ -1,478 +0,0 @@
-=pod
-
-=head1 NAME
-
-ciphers - SSL cipher display and cipher list tool.
-
-=head1 SYNOPSIS
-
-B<openssl> B<ciphers>
-[B<-v>]
-[B<-V>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<cipherlist>]
-
-=head1 DESCRIPTION
-
-The B<ciphers> command converts textual OpenSSL cipher lists into ordered
-SSL cipher preference lists. It can be used as a test tool to determine
-the appropriate cipherlist.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-v>
-
-Verbose option. List ciphers with a complete description of
-protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
-authentication, encryption and mac algorithms used along with any key size
-restrictions and whether the algorithm is classed as an "export" cipher.
-Note that without the B<-v> option, ciphers may seem to appear twice
-in a cipher list; this is when similar ciphers are available for
-SSL v2 and for SSL v3/TLS v1.
-
-=item B<-V>
-
-Like B<-V>, but include cipher suite codes in output (hex format).
-
-=item B<-ssl3>
-
-only include SSL v3 ciphers.
-
-=item B<-ssl2>
-
-only include SSL v2 ciphers.
-
-=item B<-tls1>
-
-only include TLS v1 ciphers.
-
-=item B<-h>, B<-?>
-
-print a brief usage message.
-
-=item B<cipherlist>
-
-a cipher list to convert to a cipher preference list. If it is not included
-then the default cipher list will be used. The format is described below.
-
-=back
-
-=head1 CIPHER LIST FORMAT
-
-The cipher list consists of one or more I<cipher strings> separated by colons.
-Commas or spaces are also acceptable separators but colons are normally used.
-
-The actual cipher string can take several different forms.
-
-It can consist of a single cipher suite such as B<RC4-SHA>.
-
-It can represent a list of cipher suites containing a certain algorithm, or
-cipher suites of a certain type. For example B<SHA1> represents all ciphers
-suites using the digest algorithm SHA1 and B<SSLv3> represents all SSL v3
-algorithms.
-
-Lists of cipher suites can be combined in a single cipher string using the
-B<+> character. This is used as a logical B<and> operation. For example
-B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
-algorithms.
-
-Each cipher string can be optionally preceded by the characters B<!>,
-B<-> or B<+>.
-
-If B<!> is used then the ciphers are permanently deleted from the list.
-The ciphers deleted can never reappear in the list even if they are
-explicitly stated.
-
-If B<-> is used then the ciphers are deleted from the list, but some or
-all of the ciphers can be added again by later options.
-
-If B<+> is used then the ciphers are moved to the end of the list. This
-option doesn't add any new ciphers it just moves matching existing ones.
-
-If none of these characters is present then the string is just interpreted
-as a list of ciphers to be appended to the current preference list. If the
-list includes any ciphers already present they will be ignored: that is they
-will not moved to the end of the list.
-
-Additionally the cipher string B<@STRENGTH> can be used at any point to sort
-the current cipher list in order of encryption algorithm key length.
-
-=head1 CIPHER STRINGS
-
-The following is a list of all permitted cipher strings and their meanings.
-
-=over 4
-
-=item B<DEFAULT>
-
-the default cipher list. This is determined at compile time and, as of OpenSSL
-1.0.0, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string
-specified.
-
-=item B<COMPLEMENTOFDEFAULT>
-
-the ciphers included in B<ALL>, but not enabled by default. Currently
-this is B<ADH>. Note that this rule does not cover B<eNULL>, which is
-not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
-
-=item B<ALL>
-
-all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
-as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
-
-=item B<COMPLEMENTOFALL>
-
-the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
-
-=item B<HIGH>
-
-"high" encryption cipher suites. This currently means those with key lengths larger
-than 128 bits, and some cipher suites with 128-bit keys.
-
-=item B<MEDIUM>
-
-"medium" encryption cipher suites, currently some of those using 128 bit encryption.
-
-=item B<LOW>
-
-"low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms
-but excluding export cipher suites.
-
-=item B<EXP>, B<EXPORT>
-
-export encryption algorithms. Including 40 and 56 bits algorithms.
-
-=item B<EXPORT40>
-
-40 bit export encryption algorithms
-
-=item B<EXPORT56>
-
-56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
-56 bit export ciphers is empty unless OpenSSL has been explicitly configured
-with support for experimental ciphers.
-
-=item B<eNULL>, B<NULL>
-
-the "NULL" ciphers that is those offering no encryption. Because these offer no
-encryption at all and are a security risk they are disabled unless explicitly
-included.
-
-=item B<aNULL>
-
-the cipher suites offering no authentication. This is currently the anonymous
-DH algorithms. These cipher suites are vulnerable to a "man in the middle"
-attack and so their use is normally discouraged.
-
-=item B<kRSA>, B<RSA>
-
-cipher suites using RSA key exchange.
-
-=item B<kEDH>
-
-cipher suites using ephemeral DH key agreement.
-
-=item B<kDHr>, B<kDHd>
-
-cipher suites using DH key agreement and DH certificates signed by CAs with RSA
-and DSS keys respectively. Not implemented.
-
-=item B<aRSA>
-
-cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
-
-=item B<aDSS>, B<DSS>
-
-cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
-
-=item B<aDH>
-
-cipher suites effectively using DH authentication, i.e. the certificates carry
-DH keys.  Not implemented.
-
-=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
-
-ciphers suites using FORTEZZA key exchange, authentication, encryption or all
-FORTEZZA algorithms. Not implemented.
-
-=item B<TLSv1>, B<SSLv3>, B<SSLv2>
-
-TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively.
-
-=item B<DH>
-
-cipher suites using DH, including anonymous DH.
-
-=item B<ADH>
-
-anonymous DH cipher suites.
-
-=item B<AES>
-
-cipher suites using AES.
-
-=item B<CAMELLIA>
-
-cipher suites using Camellia.
-
-=item B<3DES>
-
-cipher suites using triple DES.
-
-=item B<DES>
-
-cipher suites using DES (not triple DES).
-
-=item B<RC4>
-
-cipher suites using RC4.
-
-=item B<RC2>
-
-cipher suites using RC2.
-
-=item B<IDEA>
-
-cipher suites using IDEA.
-
-=item B<SEED>
-
-cipher suites using SEED.
-
-=item B<MD5>
-
-cipher suites using MD5.
-
-=item B<SHA1>, B<SHA>
-
-cipher suites using SHA1.
-
-=item B<aGOST>
-
-cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
-(needs an engine supporting GOST algorithms).
-
-=item B<aGOST01>
-
-cipher suites using GOST R 34.10-2001 authentication.
-
-=item B<aGOST94>
-
-cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
-standard has been expired so use GOST R 34.10-2001)
-
-=item B<kGOST>
-
-cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
-
-=item B<GOST94>
-
-cipher suites, using HMAC based on GOST R 34.11-94.
-
-=item B<GOST89MAC>
-
-cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
-
-
-=back
-
-=head1 CIPHER SUITE NAMES
-
-The following lists give the SSL or TLS cipher suites names from the
-relevant specification and their OpenSSL equivalents. It should be noted,
-that several cipher suite names do not include the authentication used,
-e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
-
-=head2 SSL v3.0 cipher suites.
-
- SSL_RSA_WITH_NULL_MD5                   NULL-MD5
- SSL_RSA_WITH_NULL_SHA                   NULL-SHA
- SSL_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
- SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
- SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
- SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
- SSL_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
- SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
-
- SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- SSL_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
- SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
- SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- SSL_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
- SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
- SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
- SSL_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
- SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
-
- SSL_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
- SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
-
- SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
- SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
- SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.
-
-=head2 TLS v1.0 cipher suites.
-
- TLS_RSA_WITH_NULL_MD5                   NULL-MD5
- TLS_RSA_WITH_NULL_SHA                   NULL-SHA
- TLS_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
- TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
- TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
- TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
- TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
- TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
- TLS_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
- TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
-
- TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- TLS_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
- TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
- TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
- TLS_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
- TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
- TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
- TLS_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
- TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
- TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
- TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
-
- TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
- TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
- TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
- TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
-
-=head2 AES ciphersuites from RFC3268, extending TLS v1.0
-
- TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
- TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
-
- TLS_DH_DSS_WITH_AES_128_CBC_SHA         Not implemented.
- TLS_DH_DSS_WITH_AES_256_CBC_SHA         Not implemented.
- TLS_DH_RSA_WITH_AES_128_CBC_SHA         Not implemented.
- TLS_DH_RSA_WITH_AES_256_CBC_SHA         Not implemented.
-
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
-
- TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
- TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
-
-=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
-
- TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
- TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
-
- TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
- TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
- TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
-
- TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
- TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
- TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
- TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
-
- TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
- TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA
-
-=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
-
- TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
-
- TLS_DH_DSS_WITH_SEED_CBC_SHA           Not implemented.
- TLS_DH_RSA_WITH_SEED_CBC_SHA           Not implemented.
-
- TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
- TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
-
- TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA
-
-=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
-
-Note: these ciphers require an engine which including GOST cryptographic
-algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
-
- TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
- TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
- TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
- TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
-
-=head2 Additional Export 1024 and other cipher suites
-
-Note: these ciphers can also be used in SSL v3.
-
- TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     EXP1024-DES-CBC-SHA
- TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      EXP1024-RC4-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
- TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  EXP1024-DHE-DSS-RC4-SHA
- TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA
-
-=head2 SSL v2.0 cipher suites.
-
- SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
- SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
- SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
- SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
- SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
- SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
- SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
-
-=head1 NOTES
-
-The non-ephemeral DH modes are currently unimplemented in OpenSSL
-because there is no support for DH certificates.
-
-Some compiled versions of OpenSSL may not include all the ciphers
-listed here because some ciphers were excluded at compile time.
-
-=head1 EXAMPLES
-
-Verbose listing of all OpenSSL ciphers including NULL ciphers:
-
- openssl ciphers -v 'ALL:eNULL'
-
-Include all ciphers except NULL and anonymous DH then sort by
-strength:
-
- openssl ciphers -v 'ALL:!ADH:@STRENGTH'
-
-Include only 3DES ciphers and then place RSA ciphers last:
-
- openssl ciphers -v '3DES:+RSA'
-
-Include all RC4 ciphers but leave out those without authentication:
-
- openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
-
-Include all chiphers with RSA authentication but leave out ciphers without
-encryption.
-
- openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
-
-=head1 SEE ALSO
-
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
-
-=head1 HISTORY
-
-The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
-for cipherlist strings were added in OpenSSL 0.9.7.
-The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/cms.pod b/lib/libssl/src/doc/apps/cms.pod
deleted file mode 100644
index f40c2a5787a..00000000000
--- a/lib/libssl/src/doc/apps/cms.pod
+++ /dev/null
@@ -1,602 +0,0 @@
-=pod
-
-=head1 NAME
-
-cms - CMS utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<cms>
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-sign>]
-[B<-verify>]
-[B<-cmsout>]
-[B<-resign>]
-[B<-data_create>]
-[B<-data_out>]
-[B<-digest_create>]
-[B<-digest_verify>]
-[B<-compress>]
-[B<-uncompress>]
-[B<-EncryptedData_encrypt>]
-[B<-sign_receipt>]
-[B<-verify_receipt receipt>]
-[B<-in filename>]
-[B<-inform SMIME|PEM|DER>]
-[B<-rctform SMIME|PEM|DER>]
-[B<-out filename>]
-[B<-outform SMIME|PEM|DER>]
-[B<-stream -indef -noindef>]
-[B<-noindef>]
-[B<-content filename>]
-[B<-text>]
-[B<-noout>]
-[B<-print>]
-[B<-CAfile file>]
-[B<-CApath dir>]
-[B<-md digest>]
-[B<-[cipher]>]
-[B<-nointern>]
-[B<-no_signer_cert_verify>]
-[B<-nocerts>]
-[B<-noattr>]
-[B<-nosmimecap>]
-[B<-binary>]
-[B<-nodetach>]
-[B<-certfile file>]
-[B<-certsout file>]
-[B<-signer file>]
-[B<-recip file>]
-[B<-keyid>]
-[B<-receipt_request_all -receipt_request_first>]
-[B<-receipt_request_from emailaddress>]
-[B<-receipt_request_to emailaddress>]
-[B<-receipt_request_print>]
-[B<-secretkey key>]
-[B<-secretkeyid id>]
-[B<-econtent_type type>]
-[B<-inkey file>]
-[B<-passin arg>]
-[B<-rand file(s)>]
-[B<cert.pem...>]
-[B<-to addr>]
-[B<-from addr>]
-[B<-subject subj>]
-[cert.pem]...
-
-=head1 DESCRIPTION
-
-The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
-verify, compress and uncompress S/MIME messages.
-
-=head1 COMMAND OPTIONS
-
-There are fourteen operation options that set the type of operation to be
-performed. The meaning of the other options varies according to the operation
-type.
-
-=over 4
-
-=item B<-encrypt>
-
-encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format. The
-actual CMS type is <B>EnvelopedData<B>.
-
-=item B<-decrypt>
-
-decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
-
-=item B<-sign>
-
-sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
-
-=item B<-verify>
-
-verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
-
-=item B<-cmsout>
-
-takes an input message and writes out a PEM encoded CMS structure.
-
-=item B<-resign>
-
-resign a message: take an existing message and one or more new signers.
-
-=item B<-data_create>
-
-Create a CMS B<Data> type.
-
-=item B<-data_out>
-
-B<Data> type and output the content.
-
-=item B<-digest_create>
-
-Create a CMS B<DigestedData> type.
-
-=item B<-digest_verify>
-
-Verify a CMS B<DigestedData> type and output the content.
-
-=item B<-compress>
-
-Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
-support for this option to work, otherwise it will output an error.
-
-=item B<-uncompress>
-
-Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
-compiled with B<zlib> support for this option to work, otherwise it will
-output an error.
-
-=item B<-EncryptedData_encrypt>
-
-Encrypt suppled content using supplied symmetric key and algorithm using a CMS
-B<EncrytedData> type and output the content.
-
-=item B<-sign_receipt>
-
-Generate and output a signed receipt for the supplied message. The input
-message B<must> contain a signed receipt request. Functionality is otherwise
-similar to the B<-sign> operation.
-
-=item B<-verify_receipt receipt>
-
-Verify a signed receipt in filename B<receipt>. The input message B<must>
-contain the original receipt request. Functionality is otherwise similar
-to the B<-verify> operation.
-
-=item B<-in filename>
-
-the input message to be encrypted or signed or the message to be decrypted
-or verified.
-
-=item B<-inform SMIME|PEM|DER>
-
-this specifies the input format for the CMS structure. The default
-is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
-format change this to expect PEM and DER format CMS structures
-instead. This currently only affects the input format of the CMS
-structure, if no CMS structure is being input (for example with
-B<-encrypt> or B<-sign>) this option has no effect.
-
-=item B<-rctform SMIME|PEM|DER>
-
-specify the format for a signed receipt for use with the B<-receipt_verify>
-operation.
-
-=item B<-out filename>
-
-the message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
-
-=item B<-outform SMIME|PEM|DER>
-
-this specifies the output format for the CMS structure. The default
-is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
-format change this to write PEM and DER format CMS structures
-instead. This currently only affects the output format of the CMS
-structure, if no CMS structure is being output (for example with
-B<-verify> or B<-decrypt>) this option has no effect.
-
-=item B<-stream -indef -noindef>
-
-the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
-for encoding operations. This permits single pass processing of data without
-the need to hold the entire contents in memory, potentially supporting very
-large files. Streaming is automatically set for S/MIME signing with detached
-data if the output format is B<SMIME> it is currently off by default for all
-other operations.
-
-=item B<-noindef>
-
-disable streaming I/O where it would produce and indefinite length constructed
-encoding. This option currently has no effect. In future streaming will be
-enabled by default on all relevant operations and this option will disable it.
-
-=item B<-content filename>
-
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the CMS
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
-
-=item B<-text>
-
-this option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
-
-=item B<-noout>
-
-for the B<-cmsout> operation do not output the parsed CMS structure. This
-is useful when combined with the B<-print> option or if the syntax of the CMS
-structure is being checked.
-
-=item B<-print>
-
-for the B<-cmsout> operation print out all fields of the CMS structure. This
-is mainly useful for testing purposes.
-
-=item B<-CAfile file>
-
-a file containing trusted CA certificates, only used with B<-verify>.
-
-=item B<-CApath dir>
-
-a directory containing trusted CA certificates, only used with
-B<-verify>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=item B<-md digest>
-
-digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
-
-=item B<-[cipher]>
-
-the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
-or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
-example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
-supported by your version of OpenSSL.
-
-If not specified triple DES is used. Only used with B<-encrypt> and
-B<-EncryptedData_create> commands.
-
-=item B<-nointern>
-
-when verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
-
-=item B<-no_signer_cert_verify>
-
-do not verify the signers certificate of a signed message.
-
-=item B<-nocerts>
-
-when signing a message the signer's certificate is normally included
-with this option it is excluded. This will reduce the size of the
-signed message but the verifier must have a copy of the signers certificate
-available locally (passed using the B<-certfile> option for example).
-
-=item B<-noattr>
-
-normally when a message is signed a set of attributes are included which
-include the signing time and supported symmetric algorithms. With this
-option they are not included.
-
-=item B<-nosmimecap>
-
-exclude the list of supported algorithms from signed attributes, other options
-such as signing time and content type are still included.
-
-=item B<-binary>
-
-normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-nodetach>
-
-when signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME.  Without this option cleartext signing with
-the MIME type multipart/signed is used.
-
-=item B<-certfile file>
-
-allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates. The certificates should be in PEM format.
-
-=item B<-certsout file>
-
-any certificates contained in the message are written to B<file>.
-
-=item B<-signer file>
-
-a signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
-
-=item B<-recip file>
-
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
-
-=item B<-keyid>
-
-use subject key identifier to identify certificates instead of issuer name and
-serial number. The supplied certificate B<must> include a subject key
-identifier extension. Supported by B<-sign> and B<-encrypt> options.
-
-=item B<-receipt_request_all -receipt_request_first>
-
-for B<-sign> option include a signed receipt request. Indicate requests should
-be provided by all receipient or first tier recipients (those mailed directly
-and not from a mailing list). Ignored it B<-receipt_request_from> is included.
-
-=item B<-receipt_request_from emailaddress>
-
-for B<-sign> option include a signed receipt request. Add an explicit email
-address where receipts should be supplied.
-
-=item B<-receipt_request_to emailaddress>
-
-Add an explicit email address where signed receipts should be sent to. This
-option B<must> but supplied if a signed receipt it requested.
-
-=item B<-receipt_request_print>
-
-For the B<-verify> operation print out the contents of any signed receipt
-requests.
-
-=item B<-secretkey key>
-
-specify symmetric key to use. The key must be supplied in hex format and be
-consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
-B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
-with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
-content encryption key using an AES key in the B<KEKRecipientInfo> type.
-
-=item B<-secretkeyid id>
-
-the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
-This option B<must> be present if the B<-secretkey> option is used with
-B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
-relevant key if it is not supplied then an attempt is used to decrypt any
-B<KEKRecipientInfo> structures.
-
-=item B<-econtent_type type>
-
-set the encapsulated content type to B<type> if not supplied the B<Data> type
-is used. The B<type> argument can be any valid OID name in either text or
-numerical format.
-
-=item B<-inkey file>
-
-the private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<cert.pem...>
-
-one or more certificates of message recipients: used when encrypting
-a message.
-
-=item B<-to, -from, -subject>
-
-the relevant mail headers. These are included outside the signed
-portion of a message so they may be included manually. If signing
-then many S/MIME mail clients check the signers certificate's email
-address matches that specified in the From: address.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
-
-Set various certificate chain valiadition option. See the
-L<B<verify>|verify(1)> manual page for details.
-
-=back
-
-=head1 NOTES
-
-The MIME message must be sent without any blank lines between the
-headers and the output. Some mail programs will automatically add
-a blank line. Piping the mail directly to sendmail is one way to
-achieve the correct format.
-
-The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
-properly (if at all). You can use the B<-text> option to automatically
-add plain text headers.
-
-A "signed and encrypted" message is one where a signed message is
-then encrypted. This can be produced by encrypting an already signed
-message: see the examples section.
-
-This version of the program only allows one signer per message but it
-will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains multiple signers. It is possible to sign
-messages "in parallel" by signing an already signed message.
-
-The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
-clients. Strictly speaking these process CMS enveloped data: CMS
-encrypted data is used for other purposes.
-
-The B<-resign> option uses an existing message digest when adding a new
-signer. This means that attributes must be present in at least one existing
-signer using the same message digest or this operation will fail.
-
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
-As a result the encoding is BER using indefinite length constructed encoding
-and no longer DER. Streaming is supported for the B<-encrypt> operation and the
-B<-sign> operation if the content is not detached.
-
-Streaming is always used for the B<-sign> operation with detached data but
-since the content is no longer part of the CMS structure the encoding
-remains DER.
-
-=head1 EXIT CODES
-
-=over 4
-
-=item "0"
-
-the operation was completely successfully.
-
-=item "1"
-
-an error occurred parsing the command options.
-
-=item "2"
-
-one of the input files could not be read.
-
-=item "3"
-
-an error occurred creating the CMS file or when reading the MIME
-message.
-
-=item "4"
-
-an error occurred decrypting or verifying the message.
-
-=item "5"
-
-the message was verified correctly but an error occurred writing out
-the signers certificates.
-
-=back
-
-=head1 COMPATIBILITY WITH PKCS#7 format.
-
-The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
-utility supports Cryptographic Message Syntax format. Use of some features
-will result in messages which cannot be processed by applications which only
-support the older format. These are detailed below.
-
-The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
-
-The B<-outform PEM> option uses different headers.
-
-The B<-compress> option.
-
-The B<-secretkey> option when used with B<-encrypt>.
-
-Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
-be processed by the older B<smime> command.
-
-=head1 EXAMPLES
-
-Create a cleartext signed message:
-
- openssl cms -sign -in message.txt -text -out mail.msg \
-	-signer mycert.pem
-
-Create an opaque signed message
-
- openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
-	-signer mycert.pem
-
-Create a signed message, include some additional certificates and
-read the private key from another file:
-
- openssl cms -sign -in in.txt -text -out mail.msg \
-	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
-
-Create a signed message with two signers, use key identifier:
-
- openssl cms -sign -in message.txt -text -out mail.msg \
-	-signer mycert.pem -signer othercert.pem -keyid
-
-Send a signed message under Unix directly to sendmail, including headers:
-
- openssl cms -sign -in in.txt -text -signer mycert.pem \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed message" | sendmail someone@somewhere
-
-Verify a message and extract the signer's certificate if successful:
-
- openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
-
-Send encrypted mail using triple DES:
-
- openssl cms -encrypt -in in.txt -from steve@openssl.org \
-	-to someone@somewhere -subject "Encrypted message" \
-	-des3 user.pem -out mail.msg
-
-Sign and encrypt mail:
-
- openssl cms -sign -in ml.txt -signer my.pem -text \
-	| openssl cms -encrypt -out mail.msg \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed and Encrypted message" -des3 user.pem
-
-Note: the encryption command does not include the B<-text> option because the
-message being encrypted already has MIME headers.
-
-Decrypt mail:
-
- openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
-
-The output from Netscape form signing is a PKCS#7 structure with the
-detached signature format. You can use this program to verify the
-signature by line wrapping the base64 encoded structure and surrounding
-it with:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-and using the command,
-
- openssl cms -verify -inform PEM -in signature.pem -content content.txt
-
-alternatively you can base64 decode the signature and use
-
- openssl cms -verify -inform DER -in signature.der -content content.txt
-
-Create an encrypted message using 128 bit Camellia:
-
- openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
-
-Add a signer to an existing message:
-
- openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
-
-=head1 BUGS
-
-The MIME parser isn't very clever: it seems to handle most messages that I've
-thrown at it but it may choke on others.
-
-The code currently will only write out the signer's certificate to a file: if
-the signer has a separate encryption certificate this must be manually
-extracted. There should be some heuristic that determines the correct
-encryption certificate.
-
-Ideally a database should be maintained of a certificates for each email
-address.
-
-The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. this means the
-user has to manually include the correct encryption algorithm. It should store
-the list of permitted ciphers in a database and only use those.
-
-No revocation checking is done on the signer's certificate.
-
-=head1 HISTORY
-
-The use of multiple B<-signer> options and the B<-resign> command were first
-added in OpenSSL 1.0.0
-
-
-=cut
diff --git a/lib/libssl/src/doc/apps/config.pod b/lib/libssl/src/doc/apps/config.pod
deleted file mode 100644
index 57ec54ec9e4..00000000000
--- a/lib/libssl/src/doc/apps/config.pod
+++ /dev/null
@@ -1,276 +0,0 @@
-
-=pod
-
-=for comment openssl_manual_section:5
-
-=head1 NAME
-
-config - OpenSSL CONF library configuration files
-
-=head1 DESCRIPTION
-
-The OpenSSL CONF library can be used to read configuration files.
-It is used for the OpenSSL master configuration file B<openssl.cnf>
-and in a few other places like B<SPKAC> files and certificate extension
-files for the B<x509> utility. OpenSSL applications can also use the
-CONF library for their own purposes.
-
-A configuration file is divided into a number of sections. Each section
-starts with a line B<[ section_name ]> and ends when a new section is
-started or end of file is reached. A section name can consist of
-alphanumeric characters and underscores.
-
-The first section of a configuration file is special and is referred
-to as the B<default> section this is usually unnamed and is from the
-start of file until the first named section. When a name is being looked up
-it is first looked up in a named section (if any) and then the
-default section.
-
-The environment is mapped onto a section called B<ENV>.
-
-Comments can be included by preceding them with the B<#> character
-
-Each section in a configuration file consists of a number of name and
-value pairs of the form B<name=value>
-
-The B<name> string can contain any alphanumeric characters as well as
-a few punctuation symbols such as B<.> B<,> B<;> and B<_>.
-
-The B<value> string consists of the string following the B<=> character
-until end of line with any leading and trailing white space removed.
-
-The value string undergoes variable expansion. This can be done by
-including the form B<$var> or B<${var}>: this will substitute the value
-of the named variable in the current section. It is also possible to
-substitute a value from another section using the syntax B<$section::name>
-or B<${section::name}>. An old form using B<$ENV::name> has been deprecated
-because it is unsafe.
-
-It is possible to escape certain characters by using any kind of quote
-or the B<\> character. By making the last character of a line a B<\>
-a B<value> string can be spread across multiple lines. In addition
-the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
-
-=head1 OPENSSL LIBRARY CONFIGURATION
-
-In OpenSSL 0.9.7 and later applications can automatically configure certain
-aspects of OpenSSL using the master OpenSSL configuration file, or optionally
-an alternative configuration file. The B<openssl> utility includes this
-functionality: any sub command uses the master OpenSSL configuration file
-unless an option is used in the sub command to use an alternative configuration
-file.
-
-To enable library configuration the default section needs to contain an
-appropriate line which points to the main configuration section. The default
-name is B<openssl_conf> which is used by the B<openssl> utility. Other
-applications may use an alternative name such as B<myapplicaton_conf>.
-
-The configuration section should consist of a set of name value pairs which
-contain specific module configuration information. The B<name> represents
-the name of the I<configuration module> the meaning of the B<value> is
-module specific: it may, for example, represent a further configuration
-section containing configuration module specific information. E.g.
-
- openssl_conf = openssl_init
-
- [openssl_init]
-
- oid_section = new_oids
- engines = engine_section
-
- [new_oids]
-
- ... new oids here ...
-
- [engine_section]
-
- ... engine stuff here ...
-
-Currently there are two configuration modules. One for ASN1 objects another
-for ENGINE configuration.
-
-=head2 ASN1 OBJECT CONFIGURATION MODULE
-
-This module has the name B<oid_section>. The value of this variable points
-to a section containing name value pairs of OIDs: the name is the OID short
-and long name, the value is the numerical form of the OID. Although some of
-the B<openssl> utility sub commands already have their own ASN1 OBJECT section
-functionality not all do. By using the ASN1 OBJECT configuration module
-B<all> the B<openssl> utility sub commands can see the new objects as well
-as any compliant applications. For example:
-
- [new_oids]
-
- some_new_oid = 1.2.3.4
- some_other_oid = 1.2.3.5
-
-In OpenSSL 0.9.8 it is also possible to set the value to the long name followed
-by a comma and the numerical OID form. For example:
-
- shortName = some object long name, 1.2.3.4
-
-=head2 ENGINE CONFIGURATION MODULE
-
-This ENGINE configuration module has the name B<engines>. The value of this
-variable points to a section containing further ENGINE configuration
-information.
-
-The section pointed to by B<engines> is a table of engine names (though see
-B<engine_id> below) and further sections containing configuration information
-specific to each ENGINE.
-
-Each ENGINE specific section is used to set default algorithms, load
-dynamic, perform initialization and send ctrls. The actual operation performed
-depends on the I<command> name which is the name of the name value pair. The
-currently supported commands are listed below.
-
-For example:
-
- [engine_section]
-
- # Configure ENGINE named "foo"
- foo = foo_section
- # Configure ENGINE named "bar"
- bar = bar_section
-
- [foo_section]
- ... foo ENGINE specific commands ...
-
- [bar_section]
- ... "bar" ENGINE specific commands ...
-
-The command B<engine_id> is used to give the ENGINE name. If used this
-command must be first. For example:
-
- [engine_section]
- # This would normally handle an ENGINE named "foo"
- foo = foo_section
-
- [foo_section]
- # Override default name and use "myfoo" instead.
- engine_id = myfoo
-
-The command B<dynamic_path> loads and adds an ENGINE from the given path. It
-is equivalent to sending the ctrls B<SO_PATH> with the path argument followed
-by B<LIST_ADD> with value 2 and B<LOAD> to the dynamic ENGINE. If this is
-not the required behaviour then alternative ctrls can be sent directly
-to the dynamic ENGINE using ctrl commands.
-
-The command B<init> determines whether to initialize the ENGINE. If the value
-is B<0> the ENGINE will not be initialized, if B<1> and attempt it made to
-initialized the ENGINE immediately. If the B<init> command is not present
-then an attempt will be made to initialize the ENGINE after all commands in
-its section have been processed.
-
-The command B<default_algorithms> sets the default algorithms an ENGINE will
-supply using the functions B<ENGINE_set_default_string()>
-
-If the name matches none of the above command names it is assumed to be a
-ctrl command which is sent to the ENGINE. The value of the command is the
-argument to the ctrl command. If the value is the string B<EMPTY> then no
-value is sent to the command.
-
-For example:
-
-
- [engine_section]
-
- # Configure ENGINE named "foo"
- foo = foo_section
-
- [foo_section]
- # Load engine from DSO
- dynamic_path = /some/path/fooengine.so
- # A foo specific ctrl.
- some_ctrl = some_value
- # Another ctrl that doesn't take a value.
- other_ctrl = EMPTY
- # Supply all default algorithms
- default_algorithms = ALL
-
-=head1 NOTES
-
-If a configuration file attempts to expand a variable that doesn't exist
-then an error is flagged and the file will not load. This can happen
-if an attempt is made to expand an environment variable that doesn't
-exist. For example in a previous version of OpenSSL the default OpenSSL
-master configuration file used the value of B<HOME> which may not be
-defined on non Unix systems and would cause an error.
-
-This can be worked around by including a B<default> section to provide
-a default value: then if the environment lookup fails the default value
-will be used instead. For this to work properly the default value must
-be defined earlier in the configuration file than the expansion. See
-the B<EXAMPLES> section for an example of how to do this.
-
-If the same variable exists in the same section then all but the last
-value will be silently ignored. In certain circumstances such as with
-DNs the same field may occur multiple times. This is usually worked
-around by ignoring any characters before an initial B<.> e.g.
-
- 1.OU="My first OU"
- 2.OU="My Second OU"
-
-=head1 EXAMPLES
-
-Here is a sample configuration file using some of the features
-mentioned above.
-
- # This is the default section.
-
- HOME=/temp
- RANDFILE= ${ENV::HOME}/.rnd
- configdir=$ENV::HOME/config
-
- [ section_one ]
-
- # We are now in section one.
-
- # Quotes permit leading and trailing whitespace
- any = " any variable name "
-
- other = A string that can \
- cover several lines \
- by including \\ characters
-
- message = Hello World\n
-
- [ section_two ]
-
- greeting = $section_one::message
-
-This next example shows how to expand environment variables safely.
-
-Suppose you want a variable called B<tmpfile> to refer to a
-temporary filename. The directory it is placed in can determined by
-the the B<TEMP> or B<TMP> environment variables but they may not be
-set to any value at all. If you just include the environment variable
-names and the variable doesn't exist then this will cause an error when
-an attempt is made to load the configuration file. By making use of the
-default section both values can be looked up with B<TEMP> taking
-priority and B</tmp> used if neither is defined:
-
- TMP=/tmp
- # The above value is used if TMP isn't in the environment
- TEMP=$ENV::TMP
- # The above value is used if TEMP isn't in the environment
- tmpfile=${ENV::TEMP}/tmp.filename
-
-=head1 BUGS
-
-Currently there is no way to include characters using the octal B<\nnn>
-form. Strings are all null terminated so nulls cannot form part of
-the value.
-
-The escaping isn't quite right: if you want to use sequences like B<\n>
-you can't use any quote escaping on the same line.
-
-Files are loaded in a single pass. This means that an variable expansion
-will only work if the variables referenced are defined earlier in the
-file.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>, L<req(1)|req(1)>, L<ca(1)|ca(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/crl.pod b/lib/libssl/src/doc/apps/crl.pod
deleted file mode 100644
index f0374282099..00000000000
--- a/lib/libssl/src/doc/apps/crl.pod
+++ /dev/null
@@ -1,122 +0,0 @@
-=pod
-
-=head1 NAME
-
-crl - CRL utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<crl>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-text>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-hash>]
-[B<-issuer>]
-[B<-lastupdate>]
-[B<-nextupdate>]
-[B<-CAfile file>]
-[B<-CApath dir>]
-
-=head1 DESCRIPTION
-
-The B<crl> command processes CRL files in DER or PEM format.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. B<DER> format is DER encoded CRL
-structure. B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-text>
-
-print out the CRL in text form.
-
-=item B<-noout>
-
-don't output the encoded version of the CRL.
-
-=item B<-hash>
-
-output a hash of the issuer name. This can be use to lookup CRLs in
-a directory by issuer name.
-
-=item B<-hash_old>
-
-outputs the "hash" of the CRL issuer name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
-
-=item B<-issuer>
-
-output the issuer name.
-
-=item B<-lastupdate>
-
-output the lastUpdate field.
-
-=item B<-nextupdate>
-
-output the nextUpdate field.
-
-=item B<-CAfile file>
-
-verify the signature on a CRL by looking up the issuing certificate in
-B<file>
-
-=item B<-CApath dir>
-
-verify the signature on a CRL by looking up the issuing certificate in
-B<dir>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=back
-
-=head1 NOTES
-
-The PEM CRL format uses the header and footer lines:
-
- -----BEGIN X509 CRL-----
- -----END X509 CRL-----
-
-=head1 EXAMPLES
-
-Convert a CRL file from PEM to DER:
-
- openssl crl -in crl.pem -outform DER -out crl.der
-
-Output the text form of a DER encoded certificate:
-
- openssl crl -in crl.der -text -noout
-
-=head1 BUGS
-
-Ideally it should be possible to create a CRL using appropriate options
-and files too.
-
-=head1 SEE ALSO
-
-L<crl2pkcs7(1)|crl2pkcs7(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/crl2pkcs7.pod b/lib/libssl/src/doc/apps/crl2pkcs7.pod
deleted file mode 100644
index 37bd03e3165..00000000000
--- a/lib/libssl/src/doc/apps/crl2pkcs7.pod
+++ /dev/null
@@ -1,91 +0,0 @@
-=pod
-
-=head1 NAME
-
-crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
-
-=head1 SYNOPSIS
-
-B<openssl> B<crl2pkcs7>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-certfile filename>]
-[B<-nocrl>]
-
-=head1 DESCRIPTION
-
-The B<crl2pkcs7> command takes an optional CRL and one or more
-certificates and converts them into a PKCS#7 degenerate "certificates
-only" structure.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the CRL input format. B<DER> format is DER encoded CRL
-structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the PKCS#7 structure output format. B<DER> format is DER
-encoded PKCS#7 structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-in filename>
-
-This specifies the input filename to read a CRL from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write the PKCS#7 structure to or standard
-output by default.
-
-=item B<-certfile filename>
-
-specifies a filename containing one or more certificates in B<PEM> format.
-All certificates in the file will be added to the PKCS#7 structure. This
-option can be used more than once to read certificates form multiple
-files.
-
-=item B<-nocrl>
-
-normally a CRL is included in the output file. With this option no CRL is
-included in the output file and a CRL is not read from the input file.
-
-=back
-
-=head1 EXAMPLES
-
-Create a PKCS#7 structure from a certificate and CRL:
-
- openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem
-
-Creates a PKCS#7 structure in DER format with no CRL from several
-different certificates:
-
- openssl crl2pkcs7 -nocrl -certfile newcert.pem
-	-certfile demoCA/cacert.pem -outform DER -out p7.der
-
-=head1 NOTES
-
-The output file is a PKCS#7 signed data structure containing no signers and
-just certificates and an optional CRL.
-
-This utility can be used to send certificates and CAs to Netscape as part of
-the certificate enrollment process. This involves sending the DER encoded output
-as MIME type application/x-x509-user-cert.
-
-The B<PEM> encoded form with the header and footer lines removed can be used to
-install user certificates and CAs in MSIE using the Xenroll control.
-
-=head1 SEE ALSO
-
-L<pkcs7(1)|pkcs7(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/dgst.pod b/lib/libssl/src/doc/apps/dgst.pod
deleted file mode 100644
index 33fac4d2070..00000000000
--- a/lib/libssl/src/doc/apps/dgst.pod
+++ /dev/null
@@ -1,162 +0,0 @@
-=pod
-
-=head1 NAME
-
-dgst, md5, md4, md2, sha1, sha, ripemd160 - message digests
-
-=head1 SYNOPSIS
-
-B<openssl> B<dgst>
-[B<-md5|-md4|-md2|-sha1|-sha|-ripemd160|-dss1>]
-[B<-c>]
-[B<-d>]
-[B<-hex>]
-[B<-binary>]
-[B<-out filename>]
-[B<-sign filename>]
-[B<-keyform arg>]
-[B<-passin arg>]
-[B<-verify filename>]
-[B<-prverify filename>]
-[B<-signature filename>]
-[B<-hmac key>]
-[B<file...>]
-
-[B<md5|md4|md2|sha1|sha|ripemd160>]
-[B<-c>]
-[B<-d>]
-[B<file...>]
-
-=head1 DESCRIPTION
-
-The digest functions output the message digest of a supplied file or files
-in hexadecimal form. They can also be used for digital signing and verification.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-c>
-
-print out the digest in two digit groups separated by colons, only relevant if
-B<hex> format output is used.
-
-=item B<-d>
-
-print out BIO debugging information.
-
-=item B<-hex>
-
-digest is to be output as a hex dump. This is the default case for a "normal"
-digest as opposed to a digital signature.
-
-=item B<-binary>
-
-output the digest or signature in binary form.
-
-=item B<-out filename>
-
-filename to output to, or standard output by default.
-
-=item B<-sign filename>
-
-digitally sign the digest using the private key in "filename".
-
-=item B<-keyform arg>
-
-Specifies the key format to sign digest with. Only PEM and ENGINE
-formats are supported by the B<dgst> command.
-
-=item B<-engine id>
-
-Use engine B<id> for operations (including private key storage).
-This engine is not used as source for digest algorithms, unless it is
-also specified in the configuration file.
-
-=item B<-sigopt nm:v>
-
-Pass options to the signature algorithm during sign or verify operations.
-Names and values of these options are algorithm-specific.
-
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-verify filename>
-
-verify the signature using the public key in "filename".
-The output is either "Verification OK" or "Verification Failure".
-
-=item B<-prverify filename>
-
-verify the signature using the  the private key in "filename".
-
-=item B<-signature filename>
-
-the actual signature to verify.
-
-=item B<-hmac key>
-
-create a hashed MAC using "key".
-
-=item B<-mac alg>
-
-create MAC (keyed Message Authentication Code). The most popular MAC
-algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
-which are not based on hash, for instance B<gost-mac> algorithm,
-supported by B<ccgost> engine. MAC keys and other options should be set
-via B<-macopt> parameter.
-
-=item B<-macopt nm:v>
-
-Passes options to MAC algorithm, specified by B<-mac> key.
-Following options are supported by both by B<HMAC> and B<gost-mac>:
-
-=over 8
-
-=item B<key:string>
-
-Specifies MAC key as alphnumeric string (use if key contain printable
-characters only). String length must conform to any restrictions of
-the MAC algorithm for example exactly 32 chars for gost-mac.
-
-=item B<hexkey:string>
-
-Specifies MAC key in hexadecimal form (two hex digits per byte).
-Key length must conform to any restrictions of the MAC algorithm
-for example exactly 32 chars for gost-mac.
-
-=back
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<file...>
-
-file or files to digest. If no files are specified then standard input is
-used.
-
-=back
-
-=head1 NOTES
-
-The digest of choice for all new applications is SHA1. Other digests are
-however still widely used.
-
-If you wish to sign or verify data using the DSA algorithm then the dss1
-digest must be used.
-
-A source of random numbers is required for certain signing algorithms, in
-particular DSA.
-
-The signing and verify options should only be used if a single file is
-being signed or verified.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/dhparam.pod b/lib/libssl/src/doc/apps/dhparam.pod
deleted file mode 100644
index 9ca63b7625a..00000000000
--- a/lib/libssl/src/doc/apps/dhparam.pod
+++ /dev/null
@@ -1,141 +0,0 @@
-=pod
-
-=head1 NAME
-
-dhparam - DH parameter manipulation and generation
-
-=head1 SYNOPSIS
-
-B<openssl dhparam>
-[B<-inform DER|PEM>]
-[B<-outform DER|PEM>]
-[B<-in> I<filename>]
-[B<-out> I<filename>]
-[B<-dsaparam>]
-[B<-noout>]
-[B<-text>]
-[B<-C>]
-[B<-2>]
-[B<-5>]
-[B<-rand> I<file(s)>]
-[B<-engine id>]
-[I<numbits>]
-
-=head1 DESCRIPTION
-
-This command is used to manipulate DH parameter files.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#3 DHparameter structure. The PEM form is the
-default format: it consists of the B<DER> format base64 encoded with
-additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in> I<filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified.
-
-=item B<-out> I<filename>
-
-This specifies the output filename parameters to. Standard output is used
-if this option is not present. The output filename should B<not> be the same
-as the input filename.
-
-=item B<-dsaparam>
-
-If this option is used, DSA rather than DH parameters are read or created;
-they are converted to DH format.  Otherwise, "strong" primes (such
-that (p-1)/2 is also prime) will be used for DH parameter generation.
-
-DH parameter generation with the B<-dsaparam> option is much faster,
-and the recommended exponent length is shorter, which makes DH key
-exchange more efficient.  Beware that with such DSA-style DH
-parameters, a fresh DH key should be created for each use to
-avoid small-subgroup attacks that may be possible otherwise.
-
-=item B<-2>, B<-5>
-
-The generator to use, either 2 or 5. 2 is the default. If present then the
-input file is ignored and parameters are generated instead.
-
-=item B<-rand> I<file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item I<numbits>
-
-this option specifies that a parameter set should be generated of size
-I<numbits>. It must be the last option. If not present then a value of 512
-is used. If this option is present then the input file is ignored and
-parameters are generated instead.
-
-=item B<-noout>
-
-this option inhibits the output of the encoded version of the parameters.
-
-=item B<-text>
-
-this option prints out the DH parameters in human readable form.
-
-=item B<-C>
-
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the B<get_dh>I<numbits>B<()> function.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<dhparam>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 WARNINGS
-
-The program B<dhparam> combines the functionality of the programs B<dh> and
-B<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh>
-programs are retained for now but may have different purposes in future
-versions of OpenSSL.
-
-=head1 NOTES
-
-PEM format DH parameters use the header and footer lines:
-
- -----BEGIN DH PARAMETERS-----
- -----END DH PARAMETERS-----
-
-OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42
-DH.
-
-This program manipulates DH parameters not keys.
-
-=head1 BUGS
-
-There should be a way to generate and manipulate DH keys.
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>
-
-=head1 HISTORY
-
-The B<dhparam> command was added in OpenSSL 0.9.5.
-The B<-dsaparam> option was added in OpenSSL 0.9.6.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/dsa.pod b/lib/libssl/src/doc/apps/dsa.pod
deleted file mode 100644
index d3edad0a4ac..00000000000
--- a/lib/libssl/src/doc/apps/dsa.pod
+++ /dev/null
@@ -1,158 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsa - DSA key processing
-
-=head1 SYNOPSIS
-
-B<openssl> B<dsa>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-text>]
-[B<-noout>]
-[B<-modulus>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<dsa> command processes DSA keys. They can be converted between various
-forms and their components printed out. B<Note> This command uses the
-traditional SSLeay compatible format for private key encryption: newer
-applications should use the more secure PKCS#8 format using the B<pkcs8>
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option with a private key uses
-an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of
-version (currently zero), p, q, g, the public and private key components
-respectively as ASN.1 INTEGERs. When used with a public key it uses a
-SubjectPublicKeyInfo structure: it is an error if the key is not DSA.
-
-The B<PEM> form is the default format: it consists of the B<DER> format base64
-encoded with additional header and footer lines. In the case of a private key
-PKCS#8 format is also accepted.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output by
-is not specified. If any encryption options are set then a pass phrase will be
-prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified the key is written in plain text. This
-means that using the B<dsa> utility to read in an encrypted key with no
-encryption option can be used to remove the pass phrase from a key, or by
-setting the encryption options it can be use to add or change the pass phrase.
-These options can only be used with PEM format output files.
-
-=item B<-text>
-
-prints out the public, private key components and parameters.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the key.
-
-=item B<-modulus>
-
-this option prints out the value of the public key component of the key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this option a
-public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output. With this option a public
-key will be output instead. This option is automatically set if the input is
-a public key.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<dsa>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The PEM private key format uses the header and footer lines:
-
- -----BEGIN DSA PRIVATE KEY-----
- -----END DSA PRIVATE KEY-----
-
-The PEM public key format uses the header and footer lines:
-
- -----BEGIN PUBLIC KEY-----
- -----END PUBLIC KEY-----
-
-=head1 EXAMPLES
-
-To remove the pass phrase on a DSA private key:
-
- openssl dsa -in key.pem -out keyout.pem
-
-To encrypt a private key using triple DES:
-
- openssl dsa -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format:
-
- openssl dsa -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl dsa -in key.pem -text -noout
-
-To just output the public part of a private key:
-
- openssl dsa -in key.pem -pubout -out pubkey.pem
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>, L<gendsa(1)|gendsa(1)>, L<rsa(1)|rsa(1)>,
-L<genrsa(1)|genrsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/dsaparam.pod b/lib/libssl/src/doc/apps/dsaparam.pod
deleted file mode 100644
index cb067bbd173..00000000000
--- a/lib/libssl/src/doc/apps/dsaparam.pod
+++ /dev/null
@@ -1,110 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsaparam - DSA parameter manipulation and generation
-
-=head1 SYNOPSIS
-
-B<openssl dsaparam>
-[B<-inform DER|PEM>]
-[B<-outform DER|PEM>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-text>]
-[B<-C>]
-[B<-rand file(s)>]
-[B<-genkey>]
-[B<-engine id>]
-[B<numbits>]
-
-=head1 DESCRIPTION
-
-This command is used to manipulate or generate DSA parameter files.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting
-of p, q and g respectively. The PEM form is the default format: it consists
-of the B<DER> format base64 encoded with additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified. If the B<numbits> parameter is included then
-this option will be ignored.
-
-=item B<-out filename>
-
-This specifies the output filename parameters to. Standard output is used
-if this option is not present. The output filename should B<not> be the same
-as the input filename.
-
-=item B<-noout>
-
-this option inhibits the output of the encoded version of the parameters.
-
-=item B<-text>
-
-this option prints out the DSA parameters in human readable form.
-
-=item B<-C>
-
-this option converts the parameters into C code. The parameters can then
-be loaded by calling the B<get_dsaXXX()> function.
-
-=item B<-genkey>
-
-this option will generate a DSA either using the specified or generated
-parameters.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<numbits>
-
-this option specifies that a parameter set should be generated of size
-B<numbits>. It must be the last option. If this option is included then
-the input file (if any) is ignored.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<dsaparam>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-PEM format DSA parameters use the header and footer lines:
-
- -----BEGIN DSA PARAMETERS-----
- -----END DSA PARAMETERS-----
-
-DSA parameter generation is a slow process and as a result the same set of
-DSA parameters is often used to generate several distinct keys.
-
-=head1 SEE ALSO
-
-L<gendsa(1)|gendsa(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ec.pod b/lib/libssl/src/doc/apps/ec.pod
deleted file mode 100644
index a1b2024d3b5..00000000000
--- a/lib/libssl/src/doc/apps/ec.pod
+++ /dev/null
@@ -1,187 +0,0 @@
-=pod
-
-=head1 NAME
-
-ec - EC key processing
-
-=head1 SYNOPSIS
-
-B<openssl> B<ec>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-text>]
-[B<-noout>]
-[B<-param_out>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-conv_form arg>]
-[B<-param_enc arg>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<ec> command processes EC keys. They can be converted between various
-forms and their components printed out. B<Note> OpenSSL uses the
-private key format specified in 'SEC 1: Elliptic Curve Cryptography'
-(http://www.secg.org/). To convert a OpenSSL EC private key into the
-PKCS#8 private key format use the B<pkcs8> command.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option with a private key uses
-an ASN.1 DER encoded SEC1 private key. When used with a public key it
-uses the SubjectPublicKeyInfo structure as specified in RFC 3280.
-The B<PEM> form is the default format: it consists of the B<DER> format base64
-encoded with additional header and footer lines. In the case of a private key
-PKCS#8 format is also accepted.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output by
-is not specified. If any encryption options are set then a pass phrase will be
-prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, IDEA or
-any other cipher supported by OpenSSL before outputting it. A pass phrase is
-prompted for.
-If none of these options is specified the key is written in plain text. This
-means that using the B<ec> utility to read in an encrypted key with no
-encryption option can be used to remove the pass phrase from a key, or by
-setting the encryption options it can be use to add or change the pass phrase.
-These options can only be used with PEM format output files.
-
-=item B<-text>
-
-prints out the public, private key components and parameters.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the key.
-
-=item B<-modulus>
-
-this option prints out the value of the public key component of the key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this option a
-public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output. With this option a public
-key will be output instead. This option is automatically set if the input is
-a public key.
-
-=item B<-conv_form>
-
-This specifies how the points on the elliptic curve are converted
-into octet strings. Possible values are: B<compressed> (the default
-value), B<uncompressed> and B<hybrid>. For more information regarding
-the point conversion forms please read the X9.62 standard.
-
-=item B<-param_enc arg>
-
-This specifies how the elliptic curve parameters are encoded.
-Possible value are: B<named_curve>, i.e. the ec parameters are
-specified by a OID, or B<explicit> where the ec parameters are
-explicitly given (see RFC 3279 for the definition of the
-EC parameters structures). The default value is B<named_curve>.
-B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
-is currently not implemented in OpenSSL.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<ec>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The PEM private key format uses the header and footer lines:
-
- -----BEGIN EC PRIVATE KEY-----
- -----END EC PRIVATE KEY-----
-
-The PEM public key format uses the header and footer lines:
-
- -----BEGIN PUBLIC KEY-----
- -----END PUBLIC KEY-----
-
-=head1 EXAMPLES
-
-To encrypt a private key using triple DES:
-
- openssl ec -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format:
-
- openssl ec -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl ec -in key.pem -text -noout
-
-To just output the public part of a private key:
-
- openssl ec -in key.pem -pubout -out pubkey.pem
-
-To change the parameters encoding to B<explicit>:
-
- openssl ec -in key.pem -param_enc explicit -out keyout.pem
-
-To change the point conversion form to B<compressed>:
-
- openssl ec -in key.pem -conv_form compressed -out keyout.pem
-
-=head1 SEE ALSO
-
-L<ecparam(1)|ecparam(1)>, L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>
-
-=head1 HISTORY
-
-The ec command was first introduced in OpenSSL 0.9.8.
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org).
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ecparam.pod b/lib/libssl/src/doc/apps/ecparam.pod
deleted file mode 100644
index d25cee50f93..00000000000
--- a/lib/libssl/src/doc/apps/ecparam.pod
+++ /dev/null
@@ -1,176 +0,0 @@
-=pod
-
-=head1 NAME
-
-ecparam - EC parameter manipulation and generation
-
-=head1 SYNOPSIS
-
-B<openssl ecparam>
-[B<-inform DER|PEM>]
-[B<-outform DER|PEM>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-text>]
-[B<-C>]
-[B<-check>]
-[B<-name arg>]
-[B<-list_curve>]
-[B<-conv_form arg>]
-[B<-param_enc arg>]
-[B<-no_seed>]
-[B<-rand file(s)>]
-[B<-genkey>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-This command is used to manipulate or generate EC parameter files.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN.1 DER encoded
-form compatible with RFC 3279 EcpkParameters. The PEM form is the default
-format: it consists of the B<DER> format base64 encoded with additional
-header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified.
-
-=item B<-out filename>
-
-This specifies the output filename parameters to. Standard output is used
-if this option is not present. The output filename should B<not> be the same
-as the input filename.
-
-=item B<-noout>
-
-This option inhibits the output of the encoded version of the parameters.
-
-=item B<-text>
-
-This option prints out the EC parameters in human readable form.
-
-=item B<-C>
-
-This option converts the EC parameters into C code. The parameters can then
-be loaded by calling the B<get_ec_group_XXX()> function.
-
-=item B<-check>
-
-Validate the elliptic curve parameters.
-
-=item B<-name arg>
-
-Use the EC parameters with the specified 'short' name. Use B<-list_curves>
-to get a list of all currently implemented EC parameters.
-
-=item B<-list_curves>
-
-If this options is specified B<ecparam> will print out a list of all
-currently implemented EC parameters names and exit.
-
-=item B<-conv_form>
-
-This specifies how the points on the elliptic curve are converted
-into octet strings. Possible values are: B<compressed> (the default
-value), B<uncompressed> and B<hybrid>. For more information regarding
-the point conversion forms please read the X9.62 standard.
-
-=item B<-param_enc arg>
-
-This specifies how the elliptic curve parameters are encoded.
-Possible value are: B<named_curve>, i.e. the ec parameters are
-specified by a OID, or B<explicit> where the ec parameters are
-explicitly given (see RFC 3279 for the definition of the
-EC parameters structures). The default value is B<named_curve>.
-B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
-is currently not implemented in OpenSSL.
-
-=item B<-no_seed>
-
-This option inhibits that the 'seed' for the parameter generation
-is included in the ECParameters structure (see RFC 3279).
-
-=item B<-genkey>
-
-This option will generate a EC private key using the specified parameters.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<ecparam>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-PEM format EC parameters use the header and footer lines:
-
- -----BEGIN EC PARAMETERS-----
- -----END EC PARAMETERS-----
-
-OpenSSL is currently not able to generate new groups and therefore
-B<ecparam> can only create EC parameters from known (named) curves.
-
-=head1 EXAMPLES
-
-To create EC parameters with the group 'prime192v1':
-
-  openssl ecparam -out ec_param.pem -name prime192v1
-
-To create EC parameters with explicit parameters:
-
-  openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit
-
-To validate given EC parameters:
-
-  openssl ecparam -in ec_param.pem -check
-
-To create EC parameters and a private key:
-
-  openssl ecparam -out ec_key.pem -name prime192v1 -genkey
-
-To change the point encoding to 'compressed':
-
-  openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed
-
-To print out the EC parameters to standard output:
-
-  openssl ecparam -in ec_param.pem -noout -text
-
-=head1 SEE ALSO
-
-L<ec(1)|ec(1)>, L<dsaparam(1)|dsaparam(1)>
-
-=head1 HISTORY
-
-The ecparam command was first introduced in OpenSSL 0.9.8.
-
-=head1 AUTHOR
-
-Nils Larsch for the OpenSSL project (http://www.openssl.org)
-
-=cut
diff --git a/lib/libssl/src/doc/apps/enc.pod b/lib/libssl/src/doc/apps/enc.pod
deleted file mode 100644
index 05d454b3032..00000000000
--- a/lib/libssl/src/doc/apps/enc.pod
+++ /dev/null
@@ -1,329 +0,0 @@
-=pod
-
-=head1 NAME
-
-enc - symmetric cipher routines
-
-=head1 SYNOPSIS
-
-B<openssl enc -ciphername>
-[B<-in filename>]
-[B<-out filename>]
-[B<-pass arg>]
-[B<-e>]
-[B<-d>]
-[B<-a/-base64>]
-[B<-A>]
-[B<-k password>]
-[B<-kfile filename>]
-[B<-K key>]
-[B<-iv IV>]
-[B<-S salt>]
-[B<-salt>]
-[B<-nosalt>]
-[B<-z>]
-[B<-md>]
-[B<-p>]
-[B<-P>]
-[B<-bufsize number>]
-[B<-nopad>]
-[B<-debug>]
-[B<-none>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The symmetric cipher commands allow data to be encrypted or decrypted
-using various block and stream ciphers using keys based on passwords
-or explicitly provided. Base64 encoding or decoding can also be performed
-either by itself or in addition to the encryption or decryption.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-the input filename, standard input by default.
-
-=item B<-out filename>
-
-the output filename, standard output by default.
-
-=item B<-pass arg>
-
-the password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-salt>
-
-use a salt in the key derivation routines. This is the default.
-
-=item B<-nosalt>
-
-don't use a salt in the key derivation routines. This option B<SHOULD NOT> be
-used except for test purposes or compatibility with ancient versions of OpenSSL
-and SSLeay.
-
-=item B<-e>
-
-encrypt the input data: this is the default.
-
-=item B<-d>
-
-decrypt the input data.
-
-=item B<-a>
-
-base64 process the data. This means that if encryption is taking place
-the data is base64 encoded after encryption. If decryption is set then
-the input data is base64 decoded before being decrypted.
-
-=item B<-base64>
-
-same as B<-a>
-
-=item B<-A>
-
-if the B<-a> option is set then base64 process the data on one line.
-
-=item B<-k password>
-
-the password to derive the key from. This is for compatibility with previous
-versions of OpenSSL. Superseded by the B<-pass> argument.
-
-=item B<-kfile filename>
-
-read the password to derive the key from the first line of B<filename>.
-This is for compatibility with previous versions of OpenSSL. Superseded by
-the B<-pass> argument.
-
-=item B<-nosalt>
-
-do not use a salt
-
-=item B<-salt>
-
-use salt (randomly generated or provide with B<-S> option) when
-encrypting (this is the default).
-
-=item B<-S salt>
-
-the actual salt to use: this must be represented as a string of hex digits.
-
-=item B<-K key>
-
-the actual key to use: this must be represented as a string comprised only
-of hex digits. If only the key is specified, the IV must additionally specified
-using the B<-iv> option. When both a key and a password are specified, the
-key given with the B<-K> option will be used and the IV generated from the
-password will be taken. It probably does not make much sense to specify
-both key and password.
-
-=item B<-iv IV>
-
-the actual IV to use: this must be represented as a string comprised only
-of hex digits. When only the key is specified using the B<-K> option, the
-IV must explicitly be defined. When a password is being specified using
-one of the other options, the IV is generated from this password.
-
-=item B<-p>
-
-print out the key and IV used.
-
-=item B<-P>
-
-print out the key and IV used then immediately exit: don't do any encryption
-or decryption.
-
-=item B<-bufsize number>
-
-set the buffer size for I/O
-
-=item B<-nopad>
-
-disable standard block padding
-
-=item B<-debug>
-
-debug the BIOs used for I/O.
-
-=item B<-z>
-
-Compress or decompress clear text using zlib before encryption or after
-decryption. This option exists only if OpenSSL with compiled with zlib
-or zlib-dynamic option.
-
-=item B<-none>
-
-Use NULL cipher (no encryption or decryption of input).
-
-=back
-
-=head1 NOTES
-
-The program can be called either as B<openssl ciphername> or
-B<openssl enc -ciphername>. But the first form doesn't work with
-engine-provided ciphers, because this form is processed before the
-configuration file is read and any ENGINEs loaded.
-
-Engines which provide entirely new encryption algorithms (such as ccgost
-engine which provides gost89 algorithm) should be configured in the
-configuration file. Engines, specified in the command line using -engine
-options can only be used for hadrware-assisted implementations of
-ciphers, which are supported by OpenSSL core or other engine, specified
-in the configuration file.
-
-When enc command lists supported ciphers, ciphers provided by engines,
-specified in the configuration files are listed too.
-
-A password will be prompted for to derive the key and IV if necessary.
-
-The B<-salt> option should B<ALWAYS> be used if the key is being derived
-from a password unless you want compatibility with previous versions of
-OpenSSL and SSLeay.
-
-Without the B<-salt> option it is possible to perform efficient dictionary
-attacks on the password and to attack stream cipher encrypted data. The reason
-for this is that without the salt the same password always generates the same
-encryption key. When the salt is being used the first eight bytes of the
-encrypted data are reserved for the salt: it is generated at random when
-encrypting a file and read from the encrypted file when it is decrypted.
-
-Some of the ciphers do not have large keys and others have security
-implications if not used correctly. A beginner is advised to just use
-a strong block cipher in CBC mode such as bf or des3.
-
-All the block ciphers normally use PKCS#5 padding also known as standard block
-padding: this allows a rudimentary integrity or password check to be
-performed. However since the chance of random data passing the test is
-better than 1 in 256 it isn't a very good test.
-
-If padding is disabled then the input data must be a multiple of the cipher
-block length.
-
-All RC2 ciphers have the same key and effective key length.
-
-Blowfish and RC5 algorithms use a 128 bit key.
-
-=head1 SUPPORTED CIPHERS
-
-Note that some of these ciphers can be disabled at compile time
-and some are available only if an appropriate engine is configured
-in the configuration file. The output of the B<enc> command run with
-unsupported options (for example B<openssl enc -help>) includes a
-list of ciphers, supported by your versesion of OpenSSL, including
-ones provided by configured engines.
-
-
- base64             Base 64
-
- bf-cbc             Blowfish in CBC mode
- bf                 Alias for bf-cbc
- bf-cfb             Blowfish in CFB mode
- bf-ecb             Blowfish in ECB mode
- bf-ofb             Blowfish in OFB mode
-
- cast-cbc           CAST in CBC mode
- cast               Alias for cast-cbc
- cast5-cbc          CAST5 in CBC mode
- cast5-cfb          CAST5 in CFB mode
- cast5-ecb          CAST5 in ECB mode
- cast5-ofb          CAST5 in OFB mode
-
- des-cbc            DES in CBC mode
- des                Alias for des-cbc
- des-cfb            DES in CBC mode
- des-ofb            DES in OFB mode
- des-ecb            DES in ECB mode
-
- des-ede-cbc        Two key triple DES EDE in CBC mode
- des-ede            Two key triple DES EDE in ECB mode
- des-ede-cfb        Two key triple DES EDE in CFB mode
- des-ede-ofb        Two key triple DES EDE in OFB mode
-
- des-ede3-cbc       Three key triple DES EDE in CBC mode
- des-ede3           Three key triple DES EDE in ECB mode
- des3               Alias for des-ede3-cbc
- des-ede3-cfb       Three key triple DES EDE CFB mode
- des-ede3-ofb       Three key triple DES EDE in OFB mode
-
- desx               DESX algorithm.
-
- gost89             GOST 28147-89 in CFB mode (provided by ccgost engine)
- gost89-cnt        `GOST 28147-89 in CNT mode (provided by ccgost engine)
-
- idea-cbc           IDEA algorithm in CBC mode
- idea               same as idea-cbc
- idea-cfb           IDEA in CFB mode
- idea-ecb           IDEA in ECB mode
- idea-ofb           IDEA in OFB mode
-
- rc2-cbc            128 bit RC2 in CBC mode
- rc2                Alias for rc2-cbc
- rc2-cfb            128 bit RC2 in CFB mode
- rc2-ecb            128 bit RC2 in ECB mode
- rc2-ofb            128 bit RC2 in OFB mode
- rc2-64-cbc         64 bit RC2 in CBC mode
- rc2-40-cbc         40 bit RC2 in CBC mode
-
- rc4                128 bit RC4
- rc4-64             64 bit RC4
- rc4-40             40 bit RC4
-
- rc5-cbc            RC5 cipher in CBC mode
- rc5                Alias for rc5-cbc
- rc5-cfb            RC5 cipher in CFB mode
- rc5-ecb            RC5 cipher in ECB mode
- rc5-ofb            RC5 cipher in OFB mode
-
- aes-[128|192|256]-cbc	128/192/256 bit AES in CBC mode
- aes-[128|192|256]	Alias for aes-[128|192|256]-cbc
- aes-[128|192|256]-cfb	128/192/256 bit AES in 128 bit CFB mode
- aes-[128|192|256]-cfb1	128/192/256 bit AES in 1 bit CFB mode
- aes-[128|192|256]-cfb8	128/192/256 bit AES in 8 bit CFB mode
- aes-[128|192|256]-ecb	128/192/256 bit AES in ECB mode
- aes-[128|192|256]-ofb	128/192/256 bit AES in OFB mode
-
-=head1 EXAMPLES
-
-Just base64 encode a binary file:
-
- openssl base64 -in file.bin -out file.b64
-
-Decode the same file
-
- openssl base64 -d -in file.b64 -out file.bin
-
-Encrypt a file using triple DES in CBC mode using a prompted password:
-
- openssl des3 -salt -in file.txt -out file.des3
-
-Decrypt a file using a supplied password:
-
- openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword
-
-Encrypt a file then base64 encode it (so it can be sent via mail for example)
-using Blowfish in CBC mode:
-
- openssl bf -a -salt -in file.txt -out file.bf
-
-Base64 decode a file then decrypt it:
-
- openssl bf -d -salt -a -in file.bf -out file.txt
-
-Decrypt some data using a supplied 40 bit RC4 key:
-
- openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405
-
-=head1 BUGS
-
-The B<-A> option when used with large files doesn't work properly.
-
-There should be an option to allow an iteration count to be included.
-
-The B<enc> program only supports a fixed number of algorithms with
-certain parameters. So if, for example, you want to use RC2 with a
-76 bit key or RC4 with an 84 bit key you can't use this program.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/errstr.pod b/lib/libssl/src/doc/apps/errstr.pod
deleted file mode 100644
index b209faf75f3..00000000000
--- a/lib/libssl/src/doc/apps/errstr.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-errstr - lookup error codes
-
-=head1 SYNOPSIS
-
-B<openssl errstr error_code>
-
-=head1 DESCRIPTION
-
-Sometimes an application will not load error message and only
-numerical forms will be available. The B<errstr> utility can be used to
-display the meaning of the hex code. The hex code is the hex digits after the
-second colon.
-
-=head1 EXAMPLE
-
-The error code:
-
- 27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:
-
-can be displayed with:
-
- openssl errstr 2006D080
-
-to produce the error message:
-
- error:2006D080:BIO routines:BIO_new_file:no such file
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-
-
-=cut
diff --git a/lib/libssl/src/doc/apps/gendsa.pod b/lib/libssl/src/doc/apps/gendsa.pod
deleted file mode 100644
index 8488c7cef8e..00000000000
--- a/lib/libssl/src/doc/apps/gendsa.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-gendsa - generate a DSA private key from a set of parameters
-
-=head1 SYNOPSIS
-
-B<openssl> B<gendsa>
-[B<-out filename>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-rand file(s)>]
-[B<-engine id>]
-[B<paramfile>]
-
-=head1 DESCRIPTION
-
-The B<gendsa> command generates a DSA private key from a DSA parameter file
-(which will be typically generated by the B<openssl dsaparam> command).
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified no encryption is used.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<gendsa>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<paramfile>
-
-This option specifies the DSA parameter file to use. The parameters in this
-file determine the size of the private key. DSA parameters can be generated
-and examined using the B<openssl dsaparam> command.
-
-=back
-
-=head1 NOTES
-
-DSA key generation is little more than random number generation so it is
-much quicker that RSA key generation for example.
-
-=head1 SEE ALSO
-
-L<dsaparam(1)|dsaparam(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/genpkey.pod b/lib/libssl/src/doc/apps/genpkey.pod
deleted file mode 100644
index 1870e302af2..00000000000
--- a/lib/libssl/src/doc/apps/genpkey.pod
+++ /dev/null
@@ -1,215 +0,0 @@
-=pod
-
-=head1 NAME
-
-genpkey - generate a private key
-
-=head1 SYNOPSIS
-
-B<openssl> B<genpkey>
-[B<-out filename>]
-[B<-outform PEM|DER>]
-[B<-pass arg>]
-[B<-cipher>]
-[B<-engine id>]
-[B<-paramfile file>]
-[B<-algorithm alg>]
-[B<-pkeyopt opt:value>]
-[B<-genparam>]
-[B<-text>]
-
-=head1 DESCRIPTION
-
-The B<genpkey> command generates a private key.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-out filename>
-
-the output filename. If this argument is not specified then standard output is
-used.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format DER or PEM.
-
-=item B<-pass arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-cipher>
-
-This option encrypts the private key with the supplied cipher. Any algorithm
-name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<genpkey>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms. If used this option should precede all other
-options.
-
-=item B<-algorithm alg>
-
-public key algorithm to use such as RSA, DSA or DH. If used this option must
-precede any B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
-are mutually exclusive.
-
-=item B<-pkeyopt opt:value>
-
-set the public key algorithm option B<opt> to B<value>. The precise set of
-options supported depends on the public key algorithm used and its
-implementation. See B<KEY GENERATION OPTIONS> below for more details.
-
-=item B<-genparam>
-
-generate a set of parameters instead of a private key. If used this option must
-precede and B<-algorithm>, B<-paramfile> or B<-pkeyopt> options.
-
-=item B<-paramfile filename>
-
-Some public key algorithms generate a private key based on a set of parameters.
-They can be supplied using this option. If this option is used the public key
-algorithm used is determined by the parameters. If used this option must
-precede and B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
-are mutually exclusive.
-
-=item B<-text>
-
-Print an (unencrypted) text representation of private and public keys and
-parameters along with the PEM or DER structure.
-
-=back
-
-=head1 KEY GENERATION OPTIONS
-
-The options supported by each algorith and indeed each implementation of an
-algorithm can vary. The options for the OpenSSL implementations are detailed
-below.
-
-=head1 RSA KEY GENERATION OPTIONS
-
-=over 4
-
-=item B<rsa_keygen_bits:numbits>
-
-The number of bits in the generated key. If not specified 2048 is used.
-
-=item B<rsa_keygen_pubexp:value>
-
-The RSA public exponent value. This can be a large decimal or
-hexadecimal value if preceded by B<0x>. Default value is 65537.
-
-=back
-
-=head1 DSA PARAMETER GENERATION OPTIONS
-
-=over 4
-
-=item B<dsa_paramgen_bits:numbits>
-
-The number of bits in the generated parameters. If not specified 1024 is used.
-
-=back
-
-=head1 DH PARAMETER GENERATION OPTIONS
-
-=over 4
-
-=item B<dh_paramgen_prime_len:numbits>
-
-The number of bits in the prime parameter B<p>.
-
-=item B<dh_paramgen_generator:value>
-
-The value to use for the generator B<g>.
-
-=back
-
-=head1 EC PARAMETER GENERATION OPTIONS
-
-=over 4
-
-=item B<ec_paramgen_curve:curve>
-
-the EC curve to use.
-
-=back
-
-=head1 GOST2001 KEY GENERATION AND PARAMETER OPTIONS
-
-Gost 2001 support is not enabled by default. To enable this algorithm,
-one should load the ccgost engine in the OpenSSL configuration file.
-See README.gost file in the engines/ccgost directiry of the source
-distribution for more details.
-
-Use of a parameter file for the GOST R 34.10 algorithm is optional.
-Parameters can be specified during key generation directly as well as
-during generation of parameter file.
-
-=over 4
-
-=item B<paramset:name>
-
-Specifies GOST R 34.10-2001 parameter set according to RFC 4357.
-Parameter set can be specified using abbreviated name, object short name or
-numeric OID. Following parameter sets are supported:
-
-  paramset   OID               Usage
-  A          1.2.643.2.2.35.1  Signature
-  B          1.2.643.2.2.35.2  Signature
-  C          1.2.643.2.2.35.3  Signature
-  XA         1.2.643.2.2.36.0  Key exchange
-  XB         1.2.643.2.2.36.1  Key exchange
-  test       1.2.643.2.2.35.0  Test purposes
-
-=back
-
-
-
-=head1 NOTES
-
-The use of the genpkey program is encouraged over the algorithm specific
-utilities because additional algorithm options and ENGINE provided algorithms
-can be used.
-
-=head1 EXAMPLES
-
-Generate an RSA private key using default parameters:
-
- openssl genpkey -algorithm RSA -out key.pem
-
-Encrypt output private key using 128 bit AES and the passphrase "hello":
-
- openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello
-
-Generate a 2048 bit RSA key using 3 as the public exponent:
-
- openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048 \
- 						-pkeyopt rsa_keygen_pubexp:3
-
-Generate 1024 bit DSA parameters:
-
- openssl genpkey -genparam -algorithm DSA -out dsap.pem \
-						-pkeyopt dsa_paramgen_bits:1024
-
-Generate DSA key from parameters:
-
- openssl genpkey -paramfile dsap.pem -out dsakey.pem
-
-Generate 1024 bit DH parameters:
-
- openssl genpkey -genparam -algorithm DH -out dhp.pem \
-					-pkeyopt dh_paramgen_prime_len:1024
-
-Generate DH key from parameters:
-
- openssl genpkey -paramfile dhp.pem -out dhkey.pem
-
-
-=cut
-
diff --git a/lib/libssl/src/doc/apps/genrsa.pod b/lib/libssl/src/doc/apps/genrsa.pod
deleted file mode 100644
index 35fd5d481de..00000000000
--- a/lib/libssl/src/doc/apps/genrsa.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-genrsa - generate an RSA private key
-
-=head1 SYNOPSIS
-
-B<openssl> B<genrsa>
-[B<-out filename>]
-[B<-passout arg>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-f4>]
-[B<-3>]
-[B<-rand file(s)>]
-[B<-engine id>]
-[B<numbits>]
-
-=head1 DESCRIPTION
-
-The B<genrsa> command generates an RSA private key.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-out filename>
-
-the output filename. If this argument is not specified then standard output is
-used.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the
-IDEA ciphers respectively before outputting it. If none of these options is
-specified no encryption is used. If encryption is used a pass phrase is prompted
-for if it is not supplied via the B<-passout> argument.
-
-=item B<-F4|-3>
-
-the public exponent to use, either 65537 or 3. The default is 65537.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<genrsa>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<numbits>
-
-the size of the private key to generate in bits. This must be the last option
-specified. The default is 2048.
-
-=back
-
-=head1 NOTES
-
-RSA private key generation essentially involves the generation of two prime
-numbers. When generating a private key various symbols will be output to
-indicate the progress of the generation. A B<.> represents each number which
-has passed an initial sieve test, B<+> means a number has passed a single
-round of the Miller-Rabin primality test. A newline means that the number has
-passed all the prime tests (the actual number depends on the key size).
-
-Because key generation is a random process the time taken to generate a key
-may vary somewhat.
-
-=head1 BUGS
-
-A quirk of the prime generation algorithm is that it cannot generate small
-primes. Therefore the number of bits should not be less that 64. For typical
-private keys this will not matter because for security reasons they will
-be much larger (typically 1024 bits).
-
-=head1 SEE ALSO
-
-L<gendsa(1)|gendsa(1)>
-
-=cut
-
diff --git a/lib/libssl/src/doc/apps/nseq.pod b/lib/libssl/src/doc/apps/nseq.pod
deleted file mode 100644
index 989c3108fb8..00000000000
--- a/lib/libssl/src/doc/apps/nseq.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-nseq - create or examine a netscape certificate sequence
-
-=head1 SYNOPSIS
-
-B<openssl> B<nseq>
-[B<-in filename>]
-[B<-out filename>]
-[B<-toseq>]
-
-=head1 DESCRIPTION
-
-The B<nseq> command takes a file containing a Netscape certificate
-sequence and prints out the certificates contained in it or takes a
-file of certificates and converts it into a Netscape certificate
-sequence.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename or standard output by default.
-
-=item B<-toseq>
-
-normally a Netscape certificate sequence will be input and the output
-is the certificates contained in it. With the B<-toseq> option the
-situation is reversed: a Netscape certificate sequence is created from
-a file of certificates.
-
-=back
-
-=head1 EXAMPLES
-
-Output the certificates in a Netscape certificate sequence
-
- openssl nseq -in nseq.pem -out certs.pem
-
-Create a Netscape certificate sequence
-
- openssl nseq -in certs.pem -toseq -out nseq.pem
-
-=head1 NOTES
-
-The B<PEM> encoded form uses the same headers and footers as a certificate:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-A Netscape certificate sequence is a Netscape specific form that can be sent
-to browsers as an alternative to the standard PKCS#7 format when several
-certificates are sent to the browser: for example during certificate enrollment.
-It is used by Netscape certificate server for example.
-
-=head1 BUGS
-
-This program needs a few more options: like allowing DER or PEM input and
-output files and allowing multiple certificate files to be used.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ocsp.pod b/lib/libssl/src/doc/apps/ocsp.pod
deleted file mode 100644
index 435c83fb858..00000000000
--- a/lib/libssl/src/doc/apps/ocsp.pod
+++ /dev/null
@@ -1,371 +0,0 @@
-=pod
-
-=head1 NAME
-
-ocsp - Online Certificate Status Protocol utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<ocsp>
-[B<-out file>]
-[B<-issuer file>]
-[B<-cert file>]
-[B<-serial n>]
-[B<-signer file>]
-[B<-signkey file>]
-[B<-sign_other file>]
-[B<-no_certs>]
-[B<-req_text>]
-[B<-resp_text>]
-[B<-text>]
-[B<-reqout file>]
-[B<-respout file>]
-[B<-reqin file>]
-[B<-respin file>]
-[B<-nonce>]
-[B<-no_nonce>]
-[B<-url URL>]
-[B<-host host:n>]
-[B<-path>]
-[B<-CApath dir>]
-[B<-CAfile file>]
-[B<-VAfile file>]
-[B<-validity_period n>]
-[B<-status_age n>]
-[B<-noverify>]
-[B<-verify_other file>]
-[B<-trust_other>]
-[B<-no_intern>]
-[B<-no_signature_verify>]
-[B<-no_cert_verify>]
-[B<-no_chain>]
-[B<-no_cert_checks>]
-[B<-port num>]
-[B<-index file>]
-[B<-CA file>]
-[B<-rsigner file>]
-[B<-rkey file>]
-[B<-rother file>]
-[B<-resp_no_certs>]
-[B<-nmin n>]
-[B<-ndays n>]
-[B<-resp_key_id>]
-[B<-nrequest n>]
-[B<-md5|-sha1|...>]
-
-=head1 DESCRIPTION
-
-The Online Certificate Status Protocol (OCSP) enables applications to
-determine the (revocation) state of an identified certificate (RFC 2560).
-
-The B<ocsp> command performs many common OCSP tasks. It can be used
-to print out requests and responses, create requests and send queries
-to an OCSP responder and behave like a mini OCSP server itself.
-
-=head1 OCSP CLIENT OPTIONS
-
-=over 4
-
-=item B<-out filename>
-
-specify output filename, default is standard output.
-
-=item B<-issuer filename>
-
-This specifies the current issuer certificate. This option can be used
-multiple times. The certificate specified in B<filename> must be in
-PEM format. This option B<MUST> come before any B<-cert> options.
-
-=item B<-cert filename>
-
-Add the certificate B<filename> to the request. The issuer certificate
-is taken from the previous B<issuer> option, or an error occurs if no
-issuer certificate is specified.
-
-=item B<-serial num>
-
-Same as the B<cert> option except the certificate with serial number
-B<num> is added to the request. The serial number is interpreted as a
-decimal integer unless preceded by B<0x>. Negative integers can also
-be specified by preceding the value by a B<-> sign.
-
-=item B<-signer filename>, B<-signkey filename>
-
-Sign the OCSP request using the certificate specified in the B<signer>
-option and the private key specified by the B<signkey> option. If
-the B<signkey> option is not present then the private key is read
-from the same file as the certificate. If neither option is specified then
-the OCSP request is not signed.
-
-=item B<-sign_other filename>
-
-Additional certificates to include in the signed request.
-
-=item B<-nonce>, B<-no_nonce>
-
-Add an OCSP nonce extension to a request or disable OCSP nonce addition.
-Normally if an OCSP request is input using the B<respin> option no
-nonce is added: using the B<nonce> option will force addition of a nonce.
-If an OCSP request is being created (using B<cert> and B<serial> options)
-a nonce is automatically added specifying B<no_nonce> overrides this.
-
-=item B<-req_text>, B<-resp_text>, B<-text>
-
-print out the text form of the OCSP request, response or both respectively.
-
-=item B<-reqout file>, B<-respout file>
-
-write out the DER encoded certificate request or response to B<file>.
-
-=item B<-reqin file>, B<-respin file>
-
-read OCSP request or response file from B<file>. These option are ignored
-if OCSP request or response creation is implied by other options (for example
-with B<serial>, B<cert> and B<host> options).
-
-=item B<-url responder_url>
-
-specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.
-
-=item B<-host hostname:port>, B<-path pathname>
-
-if the B<host> option is present then the OCSP request is sent to the host
-B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
-or "/" by default.
-
-=item B<-CAfile file>, B<-CApath pathname>
-
-file or pathname containing trusted CA certificates. These are used to verify
-the signature on the OCSP response.
-
-=item B<-verify_other file>
-
-file containing additional certificates to search when attempting to locate
-the OCSP response signing certificate. Some responders omit the actual signer's
-certificate from the response: this option can be used to supply the necessary
-certificate in such cases.
-
-=item B<-trust_other>
-
-the certificates specified by the B<-verify_other> option should be explicitly
-trusted and no additional checks will be performed on them. This is useful
-when the complete responder certificate chain is not available or trusting a
-root CA is not appropriate.
-
-=item B<-VAfile file>
-
-file containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_other> and B<-trust_other> options.
-
-=item B<-noverify>
-
-don't attempt to verify the OCSP response signature or the nonce values. This
-option will normally only be used for debugging since it disables all verification
-of the responders certificate.
-
-=item B<-no_intern>
-
-ignore certificates contained in the OCSP response when searching for the
-signers certificate. With this option the signers certificate must be specified
-with either the B<-verify_other> or B<-VAfile> options.
-
-=item B<-no_signature_verify>
-
-don't check the signature on the OCSP response. Since this option tolerates invalid
-signatures on OCSP responses it will normally only be used for testing purposes.
-
-=item B<-no_cert_verify>
-
-don't verify the OCSP response signers certificate at all. Since this option allows
-the OCSP response to be signed by any certificate it should only be used for
-testing purposes.
-
-=item B<-no_chain>
-
-do not use certificates in the response as additional untrusted CA
-certificates.
-
-=item B<-no_cert_checks>
-
-don't perform any additional checks on the OCSP response signers certificate.
-That is do not make any checks to see if the signers certificate is authorised
-to provide the necessary status information: as a result this option should
-only be used for testing purposes.
-
-=item B<-validity_period nsec>, B<-status_age age>
-
-these options specify the range of times, in seconds, which will be tolerated
-in an OCSP response. Each certificate status response includes a B<notBefore> time and
-an optional B<notAfter> time. The current time should fall between these two values, but
-the interval between the two times may be only a few seconds. In practice the OCSP
-responder and clients clocks may not be precisely synchronised and so such a check
-may fail. To avoid this the B<-validity_period> option can be used to specify an
-acceptable error range in seconds, the default value is 5 minutes.
-
-If the B<notAfter> time is omitted from a response then this means that new status
-information is immediately available. In this case the age of the B<notBefore> field
-is checked to see it is not older than B<age> seconds old. By default this additional
-check is not performed.
-
-=item B<-md5|-sha1|-sha256|-ripemod160|...>
-
-this option sets digest algorithm to use for certificate identification
-in the OCSP request. By default SHA-1 is used.
-
-=back
-
-=head1 OCSP SERVER OPTIONS
-
-=over 4
-
-=item B<-index indexfile>
-
-B<indexfile> is a text index file in B<ca> format containing certificate revocation
-information.
-
-If the B<index> option is specified the B<ocsp> utility is in responder mode, otherwise
-it is in client mode. The request(s) the responder processes can be either specified on
-the command line (using B<issuer> and B<serial> options), supplied in a file (using the
-B<respin> option) or via external OCSP clients (if B<port> or B<url> is specified).
-
-If the B<index> option is present then the B<CA> and B<rsigner> options must also be
-present.
-
-=item B<-CA file>
-
-CA certificate corresponding to the revocation information in B<indexfile>.
-
-=item B<-rsigner file>
-
-The certificate to sign OCSP responses with.
-
-=item B<-rother file>
-
-Additional certificates to include in the OCSP response.
-
-=item B<-resp_no_certs>
-
-Don't include any certificates in the OCSP response.
-
-=item B<-resp_key_id>
-
-Identify the signer certificate using the key ID, default is to use the subject name.
-
-=item B<-rkey file>
-
-The private key to sign OCSP responses with: if not present the file specified in the
-B<rsigner> option is used.
-
-=item B<-port portnum>
-
-Port to listen for OCSP requests on. The port may also be specified using the B<url>
-option.
-
-=item B<-nrequest number>
-
-The OCSP server will exit after receiving B<number> requests, default unlimited.
-
-=item B<-nmin minutes>, B<-ndays days>
-
-Number of minutes or days when fresh revocation information is available: used in the
-B<nextUpdate> field. If neither option is present then the B<nextUpdate> field is
-omitted meaning fresh revocation information is immediately available.
-
-=back
-
-=head1 OCSP Response verification.
-
-OCSP Response follows the rules specified in RFC2560.
-
-Initially the OCSP responder certificate is located and the signature on
-the OCSP request checked using the responder certificate's public key.
-
-Then a normal certificate verify is performed on the OCSP responder certificate
-building up a certificate chain in the process. The locations of the trusted
-certificates used to build the chain can be specified by the B<CAfile>
-and B<CApath> options or they will be looked for in the standard OpenSSL
-certificates directory.
-
-If the initial verify fails then the OCSP verify process halts with an
-error.
-
-Otherwise the issuing CA certificate in the request is compared to the OCSP
-responder certificate: if there is a match then the OCSP verify succeeds.
-
-Otherwise the OCSP responder certificate's CA is checked against the issuing
-CA certificate in the request. If there is a match and the OCSPSigning
-extended key usage is present in the OCSP responder certificate then the
-OCSP verify succeeds.
-
-Otherwise the root CA of the OCSP responders CA is checked to see if it
-is trusted for OCSP signing. If it is the OCSP verify succeeds.
-
-If none of these checks is successful then the OCSP verify fails.
-
-What this effectively means if that if the OCSP responder certificate is
-authorised directly by the CA it is issuing revocation information about
-(and it is correctly configured) then verification will succeed.
-
-If the OCSP responder is a "global responder" which can give details about
-multiple CAs and has its own separate certificate chain then its root
-CA can be trusted for OCSP signing. For example:
-
- openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem
-
-Alternatively the responder certificate itself can be explicitly trusted
-with the B<-VAfile> option.
-
-=head1 NOTES
-
-As noted, most of the verify options are for testing or debugging purposes.
-Normally only the B<-CApath>, B<-CAfile> and (if the responder is a 'global
-VA') B<-VAfile> options need to be used.
-
-The OCSP server is only useful for test and demonstration purposes: it is
-not really usable as a full OCSP responder. It contains only a very
-simple HTTP request handling and can only handle the POST form of OCSP
-queries. It also handles requests serially meaning it cannot respond to
-new requests until it has processed the current one. The text index file
-format of revocation is also inefficient for large quantities of revocation
-data.
-
-It is possible to run the B<ocsp> application in responder mode via a CGI
-script using the B<respin> and B<respout> options.
-
-=head1 EXAMPLES
-
-Create an OCSP request and write it to a file:
-
- openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der
-
-Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the
-response to a file and print it out in text form
-
- openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
-     -url http://ocsp.myhost.com/ -resp_text -respout resp.der
-
-Read in an OCSP response and print out text form:
-
- openssl ocsp -respin resp.der -text
-
-OCSP server on port 8888 using a standard B<ca> configuration, and a separate
-responder certificate. All requests and responses are printed to a file.
-
- openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-	-text -out log.txt
-
-As above but exit after processing one request:
-
- openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
-     -nrequest 1
-
-Query status information using internally generated request:
-
- openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-     -issuer demoCA/cacert.pem -serial 1
-
-Query status information using request read from a file, write response to a
-second file.
-
- openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
-     -reqin req.der -respout resp.der
diff --git a/lib/libssl/src/doc/apps/openssl.pod b/lib/libssl/src/doc/apps/openssl.pod
deleted file mode 100644
index 718d679dbbc..00000000000
--- a/lib/libssl/src/doc/apps/openssl.pod
+++ /dev/null
@@ -1,418 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-openssl - OpenSSL command line tool
-
-=head1 SYNOPSIS
-
-B<openssl>
-I<command>
-[ I<command_opts> ]
-[ I<command_args> ]
-
-B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> | B<list-cipher-algorithms> | B<list-message-digest-algorithms> | B<list-public-key-algorithms>]
-
-B<openssl> B<no->I<XXX> [ I<arbitrary options> ]
-
-=head1 DESCRIPTION
-
-OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
-v2/v3) and Transport Layer Security (TLS v1) network protocols and related
-cryptography standards required by them.
-
-The B<openssl> program is a command line tool for using the various
-cryptography functions of OpenSSL's B<crypto> library from the shell.
-It can be used for
-
- o  Creation and management of private keys, public keys and parameters
- o  Public key cryptographic operations
- o  Creation of X.509 certificates, CSRs and CRLs
- o  Calculation of Message Digests
- o  Encryption and Decryption with Ciphers
- o  SSL/TLS Client and Server Tests
- o  Handling of S/MIME signed or encrypted mail
- o  Time Stamp requests, generation and verification
-
-=head1 COMMAND SUMMARY
-
-The B<openssl> program provides a rich variety of commands (I<command> in the
-SYNOPSIS above), each of which often has a wealth of options and arguments
-(I<command_opts> and I<command_args> in the SYNOPSIS).
-
-The pseudo-commands B<list-standard-commands>, B<list-message-digest-commands>,
-and B<list-cipher-commands> output a list (one entry per line) of the names
-of all standard commands, message digest commands, or cipher commands,
-respectively, that are available in the present B<openssl> utility.
-
-The pseudo-commands B<list-cipher-algorithms> and
-B<list-message-digest-algorithms> list all cipher and message digest names, one entry per line. Aliases are listed as:
-
- from => to
-
-The pseudo-command B<list-public-key-algorithms> lists all supported public
-key algorithms.
-
-The pseudo-command B<no->I<XXX> tests whether a command of the
-specified name is available.  If no command named I<XXX> exists, it
-returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1
-and prints I<XXX>.  In both cases, the output goes to B<stdout> and
-nothing is printed to B<stderr>.  Additional command line arguments
-are always ignored.  Since for each cipher there is a command of the
-same name, this provides an easy way for shell scripts to test for the
-availability of ciphers in the B<openssl> program.  (B<no->I<XXX> is
-not able to detect pseudo-commands such as B<quit>,
-B<list->I<...>B<-commands>, or B<no->I<XXX> itself.)
-
-=head2 STANDARD COMMANDS
-
-=over 10
-
-=item L<B<asn1parse>|asn1parse(1)>
-
-Parse an ASN.1 sequence.
-
-=item L<B<ca>|ca(1)>
-
-Certificate Authority (CA) Management.
-
-=item L<B<ciphers>|ciphers(1)>
-
-Cipher Suite Description Determination.
-
-=item L<B<cms>|cms(1)>
-
-CMS (Cryptographic Message Syntax) utility
-
-=item L<B<crl>|crl(1)>
-
-Certificate Revocation List (CRL) Management.
-
-=item L<B<crl2pkcs7>|crl2pkcs7(1)>
-
-CRL to PKCS#7 Conversion.
-
-=item L<B<dgst>|dgst(1)>
-
-Message Digest Calculation.
-
-=item B<dh>
-
-Diffie-Hellman Parameter Management.
-Obsoleted by L<B<dhparam>|dhparam(1)>.
-
-=item L<B<dhparam>|dhparam(1)>
-
-Generation and Management of Diffie-Hellman Parameters. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
-
-
-=item L<B<dsa>|dsa(1)>
-
-DSA Data Management.
-
-=item L<B<dsaparam>|dsaparam(1)>
-
-DSA Parameter Generation and Management. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
-
-=item L<B<ec>|ec(1)>
-
-EC (Elliptic curve) key processing
-
-=item L<B<ecparam>|ecparam(1)>
-
-EC parameter manipulation and generation
-
-=item L<B<enc>|enc(1)>
-
-Encoding with Ciphers.
-
-=item L<B<engine>|engine(1)>
-
-Engine (loadble module) information and manipulation.
-
-=item L<B<errstr>|errstr(1)>
-
-Error Number to Error String Conversion.
-
-=item B<gendh>
-
-Generation of Diffie-Hellman Parameters.
-Obsoleted by L<B<dhparam>|dhparam(1)>.
-
-=item L<B<gendsa>|gendsa(1)>
-
-Generation of DSA Private Key from Parameters. Superseded by
-L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>
-
-=item L<B<genpkey>|genpkey(1)>
-
-Generation of Private Key or Parameters.
-
-=item L<B<genrsa>|genrsa(1)>
-
-Generation of RSA Private Key. Superceded by L<B<genpkey>|genpkey(1)>.
-
-=item L<B<nseq>|nseq(1)>
-
-Create or examine a netscape certificate sequence
-
-=item L<B<ocsp>|ocsp(1)>
-
-Online Certificate Status Protocol utility.
-
-=item L<B<passwd>|passwd(1)>
-
-Generation of hashed passwords.
-
-=item L<B<pkcs12>|pkcs12(1)>
-
-PKCS#12 Data Management.
-
-=item L<B<pkcs7>|pkcs7(1)>
-
-PKCS#7 Data Management.
-
-=item L<B<pkey>|pkey(1)>
-
-Public and private key management.
-
-=item L<B<pkeyparam>|pkeyparam(1)>
-
-Public key algorithm parameter management.
-
-=item L<B<pkeyutl>|pkeyutl(1)>
-
-Public key algorithm cryptographic operation utility.
-
-=item L<B<rand>|rand(1)>
-
-Generate pseudo-random bytes.
-
-=item L<B<req>|req(1)>
-
-PKCS#10 X.509 Certificate Signing Request (CSR) Management.
-
-=item L<B<rsa>|rsa(1)>
-
-RSA key management.
-
-
-=item L<B<rsautl>|rsautl(1)>
-
-RSA utility for signing, verification, encryption, and decryption. Superseded
-by  L<B<pkeyutl>|pkeyutl(1)>
-
-=item L<B<s_client>|s_client(1)>
-
-This implements a generic SSL/TLS client which can establish a transparent
-connection to a remote server speaking SSL/TLS. It's intended for testing
-purposes only and provides only rudimentary interface functionality but
-internally uses mostly all functionality of the OpenSSL B<ssl> library.
-
-=item L<B<s_server>|s_server(1)>
-
-This implements a generic SSL/TLS server which accepts connections from remote
-clients speaking SSL/TLS. It's intended for testing purposes only and provides
-only rudimentary interface functionality but internally uses mostly all
-functionality of the OpenSSL B<ssl> library.  It provides both an own command
-line oriented protocol for testing SSL functions and a simple HTTP response
-facility to emulate an SSL/TLS-aware webserver.
-
-=item L<B<s_time>|s_time(1)>
-
-SSL Connection Timer.
-
-=item L<B<sess_id>|sess_id(1)>
-
-SSL Session Data Management.
-
-=item L<B<smime>|smime(1)>
-
-S/MIME mail processing.
-
-=item L<B<speed>|speed(1)>
-
-Algorithm Speed Measurement.
-
-=item L<B<spkac>|spkac(1)>
-
-SPKAC printing and generating utility
-
-=item L<B<ts>|ts(1)>
-
-Time Stamping Authority tool (client/server)
-
-=item L<B<verify>|verify(1)>
-
-X.509 Certificate Verification.
-
-=item L<B<version>|version(1)>
-
-OpenSSL Version Information.
-
-=item L<B<x509>|x509(1)>
-
-X.509 Certificate Data Management.
-
-=back
-
-=head2 MESSAGE DIGEST COMMANDS
-
-=over 10
-
-=item B<md2>
-
-MD2 Digest
-
-=item B<md5>
-
-MD5 Digest
-
-=item B<rmd160>
-
-RMD-160 Digest
-
-=item B<sha>
-
-SHA Digest
-
-=item B<sha1>
-
-SHA-1 Digest
-
-=item B<sha224>
-
-SHA-224 Digest
-
-=item B<sha256>
-
-SHA-256 Digest
-
-=item B<sha384>
-
-SHA-384 Digest
-
-=item B<sha512>
-
-SHA-512 Digest
-
-=back
-
-=head2 ENCODING AND CIPHER COMMANDS
-
-=over 10
-
-=item B<base64>
-
-Base64 Encoding
-
-=item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
-
-Blowfish Cipher
-
-=item B<cast cast-cbc>
-
-CAST Cipher
-
-=item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
-
-CAST5 Cipher
-
-=item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
-
-DES Cipher
-
-=item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
-
-Triple-DES Cipher
-
-=item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
-
-IDEA Cipher
-
-=item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
-
-RC2 Cipher
-
-=item B<rc4>
-
-RC4 Cipher
-
-=item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
-
-RC5 Cipher
-
-=back
-
-=head1 PASS PHRASE ARGUMENTS
-
-Several commands accept password arguments, typically using B<-passin>
-and B<-passout> for input and output passwords respectively. These allow
-the password to be obtained from a variety of sources. Both of these
-options take a single argument whose format is described below. If no
-password argument is given and a password is required then the user is
-prompted to enter one: this will typically be read from the current
-terminal with echoing turned off.
-
-=over 10
-
-=item B<pass:password>
-
-the actual password is B<password>. Since the password is visible
-to utilities (like 'ps' under Unix) this form should only be used
-where security is not important.
-
-=item B<env:var>
-
-obtain the password from the environment variable B<var>. Since
-the environment of other processes is visible on certain platforms
-(e.g. ps under certain Unix OSes) this option should be used with caution.
-
-=item B<file:pathname>
-
-the first line of B<pathname> is the password. If the same B<pathname>
-argument is supplied to B<-passin> and B<-passout> arguments then the first
-line will be used for the input password and the next line for the output
-password. B<pathname> need not refer to a regular file: it could for example
-refer to a device or named pipe.
-
-=item B<fd:number>
-
-read the password from the file descriptor B<number>. This can be used to
-send the data via a pipe for example.
-
-=item B<stdin>
-
-read the password from standard input.
-
-=back
-
-=head1 SEE ALSO
-
-L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
-L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
-L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
-L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
-L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
-L<passwd(1)|passwd(1)>,
-L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
-L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
-L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
-L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
-L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>, L<x509v3_config(5)|x509v3_config(5)>
-
-=head1 HISTORY
-
-The openssl(1) document appeared in OpenSSL 0.9.2.
-The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
-The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
-the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
-For notes on the availability of other commands, see their individual
-manual pages.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/passwd.pod b/lib/libssl/src/doc/apps/passwd.pod
deleted file mode 100644
index f44982549bf..00000000000
--- a/lib/libssl/src/doc/apps/passwd.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-passwd - compute password hashes
-
-=head1 SYNOPSIS
-
-B<openssl passwd>
-[B<-crypt>]
-[B<-1>]
-[B<-apr1>]
-[B<-salt> I<string>]
-[B<-in> I<file>]
-[B<-stdin>]
-[B<-noverify>]
-[B<-quiet>]
-[B<-table>]
-{I<password>}
-
-=head1 DESCRIPTION
-
-The B<passwd> command computes the hash of a password typed at
-run-time or the hash of each password in a list.  The password list is
-taken from the named file for option B<-in file>, from stdin for
-option B<-stdin>, or from the command line, or from the terminal otherwise.
-The Unix standard algorithm B<crypt> and the MD5-based BSD password
-algorithm B<1> and its Apache variant B<apr1> are available.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-crypt>
-
-Use the B<crypt> algorithm (default).
-
-=item B<-1>
-
-Use the MD5 based BSD password algorithm B<1>.
-
-=item B<-apr1>
-
-Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
-
-=item B<-salt> I<string>
-
-Use the specified salt.
-When reading a password from the terminal, this implies B<-noverify>.
-
-=item B<-in> I<file>
-
-Read passwords from I<file>.
-
-=item B<-stdin>
-
-Read passwords from B<stdin>.
-
-=item B<-noverify>
-
-Don't verify when reading a password from the terminal.
-
-=item B<-quiet>
-
-Don't output warnings when passwords given at the command line are truncated.
-
-=item B<-table>
-
-In the output list, prepend the cleartext password and a TAB character
-to each password hash.
-
-=back
-
-=head1 EXAMPLES
-
-B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
-
-B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
-
-B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/pkcs12.pod b/lib/libssl/src/doc/apps/pkcs12.pod
deleted file mode 100644
index 4070c58e530..00000000000
--- a/lib/libssl/src/doc/apps/pkcs12.pod
+++ /dev/null
@@ -1,368 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-pkcs12 - PKCS#12 file utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs12>
-[B<-export>]
-[B<-chain>]
-[B<-inkey filename>]
-[B<-certfile filename>]
-[B<-name name>]
-[B<-caname name>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-noout>]
-[B<-nomacver>]
-[B<-nocerts>]
-[B<-clcerts>]
-[B<-cacerts>]
-[B<-nokeys>]
-[B<-info>]
-[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256 | -nodes>]
-[B<-noiter>]
-[B<-maciter | -nomaciter | -nomac>]
-[B<-twopass>]
-[B<-descert>]
-[B<-certpbe cipher>]
-[B<-keypbe cipher>]
-[B<-macalg digest>]
-[B<-keyex>]
-[B<-keysig>]
-[B<-password arg>]
-[B<-passin arg>]
-[B<-passout arg>]
-[B<-rand file(s)>]
-[B<-CAfile file>]
-[B<-CApath dir>]
-[B<-CSP name>]
-
-=head1 DESCRIPTION
-
-The B<pkcs12> command allows PKCS#12 files (sometimes referred to as
-PFX files) to be created and parsed. PKCS#12 files are used by several
-programs including Netscape, MSIE and MS Outlook.
-
-=head1 COMMAND OPTIONS
-
-There are a lot of options the meaning of some depends of whether a PKCS#12 file
-is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
-file can be created by using the B<-export> option (see below).
-
-=head1 PARSING OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies filename of the PKCS#12 file to be parsed. Standard input is used
-by default.
-
-=item B<-out filename>
-
-The filename to write certificates and private keys to, standard output by
-default.  They are all written in PEM format.
-
-=item B<-passin arg>
-
-the PKCS#12 file (i.e. input file) password source. For more information about
-the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-passout arg>
-
-pass phrase source to encrypt any outputted private keys with. For more
-information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
-in L<openssl(1)|openssl(1)>.
-
-=item B<-password arg>
-
-With -export, -password is equivalent to -passout.
-Otherwise, -password is equivalent to -passin.
-
-=item B<-noout>
-
-this option inhibits output of the keys and certificates to the output file
-version of the PKCS#12 file.
-
-=item B<-clcerts>
-
-only output client certificates (not CA certificates).
-
-=item B<-cacerts>
-
-only output CA certificates (not client certificates).
-
-=item B<-nocerts>
-
-no certificates at all will be output.
-
-=item B<-nokeys>
-
-no private keys will be output.
-
-=item B<-info>
-
-output additional information about the PKCS#12 file structure, algorithms used and
-iteration counts.
-
-=item B<-des>
-
-use DES to encrypt private keys before outputting.
-
-=item B<-des3>
-
-use triple DES to encrypt private keys before outputting, this is the default.
-
-=item B<-idea>
-
-use IDEA to encrypt private keys before outputting.
-
-=item B<-aes128>, B<-aes192>, B<-aes256>
-
-use AES to encrypt private keys before outputting.
-
-=item B<-camellia128>, B<-camellia192>, B<-camellia256>
-
-use Camellia to encrypt private keys before outputting.
-
-=item B<-nodes>
-
-don't encrypt the private keys at all.
-
-=item B<-nomacver>
-
-don't attempt to verify the integrity MAC before reading the file.
-
-=item B<-twopass>
-
-prompt for separate integrity and encryption passwords: most software
-always assumes these are the same so this option will render such
-PKCS#12 files unreadable.
-
-=back
-
-=head1 FILE CREATION OPTIONS
-
-=over 4
-
-=item B<-export>
-
-This option specifies that a PKCS#12 file will be created rather than
-parsed.
-
-=item B<-out filename>
-
-This specifies filename to write the PKCS#12 file to. Standard output is used
-by default.
-
-=item B<-in filename>
-
-The filename to read certificates and private keys from, standard input by
-default.  They must all be in PEM format. The order doesn't matter but one
-private key and its corresponding certificate should be present. If additional
-certificates are present they will also be included in the PKCS#12 file.
-
-=item B<-inkey filename>
-
-file to read private key from. If not present then a private key must be present
-in the input file.
-
-=item B<-name friendlyname>
-
-This specifies the "friendly name" for the certificate and private key. This
-name is typically displayed in list boxes by software importing the file.
-
-=item B<-certfile filename>
-
-A filename to read additional certificates from.
-
-=item B<-caname friendlyname>
-
-This specifies the "friendly name" for other certificates. This option may be
-used multiple times to specify names for all certificates in the order they
-appear. Netscape ignores friendly names on other certificates whereas MSIE
-displays them.
-
-=item B<-pass arg>, B<-passout arg>
-
-the PKCS#12 file (i.e. output file) password source. For more information about
-the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-passin password>
-
-pass phrase source to decrypt any input private keys with. For more information
-about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
-
-=item B<-chain>
-
-if this option is present then an attempt is made to include the entire
-certificate chain of the user certificate. The standard CA store is used
-for this search. If the search fails it is considered a fatal error.
-
-=item B<-descert>
-
-encrypt the certificate using triple DES, this may render the PKCS#12
-file unreadable by some "export grade" software. By default the private
-key is encrypted using triple DES and the certificate using 40 bit RC2.
-
-=item B<-keypbe alg>, B<-certpbe alg>
-
-these options allow the algorithm used to encrypt the private key and
-certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name
-can be used (see B<NOTES> section for more information). If a a cipher name
-(as output by the B<list-cipher-algorithms> command is specified then it
-is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
-use PKCS#12 algorithms.
-
-=item B<-keyex|-keysig>
-
-specifies that the private key is to be used for key exchange or just signing.
-This option is only interpreted by MSIE and similar MS software. Normally
-"export grade" software will only allow 512 bit RSA keys to be used for
-encryption purposes but arbitrary length keys for signing. The B<-keysig>
-option marks the key for signing only. Signing only keys can be used for
-S/MIME signing, authenticode (ActiveX control signing)  and SSL client
-authentication, however due to a bug only MSIE 5.0 and later support
-the use of signing only keys for SSL client authentication.
-
-=item B<-macalg digest>
-
-specify the MAC digest algorithm. If not included them SHA1 will be used.
-
-=item B<-nomaciter>, B<-noiter>
-
-these options affect the iteration counts on the MAC and key algorithms.
-Unless you wish to produce files compatible with MSIE 4.0 you should leave
-these options alone.
-
-To discourage attacks by using large dictionaries of common passwords the
-algorithm that derives keys from passwords can have an iteration count applied
-to it: this causes a certain part of the algorithm to be repeated and slows it
-down. The MAC is used to check the file integrity but since it will normally
-have the same password as the keys and certificates it could also be attacked.
-By default both MAC and encryption iteration counts are set to 2048, using
-these options the MAC and encryption iteration counts can be set to 1, since
-this reduces the file security you should not use these options unless you
-really have to. Most software supports both MAC and key iteration counts.
-MSIE 4.0 doesn't support MAC iteration counts so it needs the B<-nomaciter>
-option.
-
-=item B<-maciter>
-
-This option is included for compatibility with previous versions, it used
-to be needed to use MAC iterations counts but they are now used by default.
-
-=item B<-nomac>
-
-don't attempt to provide the MAC integrity.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-CAfile file>
-
-CA storage as a file.
-
-=item B<-CApath dir>
-
-CA storage as a directory. This directory must be a standard certificate
-directory: that is a hash of each subject name (using B<x509 -hash>) should be
-linked to each certificate.
-
-=item B<-CSP name>
-
-write B<name> as a Microsoft CSP name.
-
-=back
-
-=head1 NOTES
-
-Although there are a large number of options most of them are very rarely
-used. For PKCS#12 file parsing only B<-in> and B<-out> need to be used
-for PKCS#12 file creation B<-export> and B<-name> are also used.
-
-If none of the B<-clcerts>, B<-cacerts> or B<-nocerts> options are present
-then all certificates will be output in the order they appear in the input
-PKCS#12 files. There is no guarantee that the first certificate present is
-the one corresponding to the private key. Certain software which requires
-a private key and certificate and assumes the first certificate in the
-file is the one corresponding to the private key: this may not always
-be the case. Using the B<-clcerts> option will solve this problem by only
-outputting the certificate corresponding to the private key. If the CA
-certificates are required then they can be output to a separate file using
-the B<-nokeys -cacerts> options to just output CA certificates.
-
-The B<-keypbe> and B<-certpbe> algorithms allow the precise encryption
-algorithms for private keys and certificates to be specified. Normally
-the defaults are fine but occasionally software can't handle triple DES
-encrypted private keys, then the option B<-keypbe PBE-SHA1-RC2-40> can
-be used to reduce the private key encryption to 40 bit RC2. A complete
-description of all algorithms is contained in the B<pkcs8> manual page.
-
-=head1 EXAMPLES
-
-Parse a PKCS#12 file and output it to a file:
-
- openssl pkcs12 -in file.p12 -out file.pem
-
-Output only client certificates to a file:
-
- openssl pkcs12 -in file.p12 -clcerts -out file.pem
-
-Don't encrypt the private key:
-
- openssl pkcs12 -in file.p12 -out file.pem -nodes
-
-Print some info about a PKCS#12 file:
-
- openssl pkcs12 -in file.p12 -info -noout
-
-Create a PKCS#12 file:
-
- openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
-
-Include some extra certificates:
-
- openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
-  -certfile othercerts.pem
-
-=head1 BUGS
-
-Some would argue that the PKCS#12 standard is one big bug :-)
-
-Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key generation
-routines. Under rare circumstances this could produce a PKCS#12 file encrypted
-with an invalid key. As a result some PKCS#12 files which triggered this bug
-from other implementations (MSIE or Netscape) could not be decrypted
-by OpenSSL and similarly OpenSSL could produce PKCS#12 files which could
-not be decrypted by other implementations. The chances of producing such
-a file are relatively small: less than 1 in 256.
-
-A side effect of fixing this bug is that any old invalidly encrypted PKCS#12
-files cannot no longer be parsed by the fixed version. Under such circumstances
-the B<pkcs12> utility will report that the MAC is OK but fail with a decryption
-error when extracting private keys.
-
-This problem can be resolved by extracting the private keys and certificates
-from the PKCS#12 file using an older version of OpenSSL and recreating the PKCS#12
-file from the keys and certificates using a newer version of OpenSSL. For example:
-
- old-openssl -in bad.p12 -out keycerts.pem
- openssl -in keycerts.pem -export -name "My PKCS#12 file" -out fixed.p12
-
-=head1 SEE ALSO
-
-L<pkcs8(1)|pkcs8(1)>
-
diff --git a/lib/libssl/src/doc/apps/pkcs7.pod b/lib/libssl/src/doc/apps/pkcs7.pod
deleted file mode 100644
index 13c5cad262a..00000000000
--- a/lib/libssl/src/doc/apps/pkcs7.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-pkcs7 - PKCS#7 utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs7>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-print_certs>]
-[B<-text>]
-[B<-noout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkcs7> command processes PKCS#7 files in DER or PEM format.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. B<DER> format is DER encoded PKCS#7
-v1.5 structure.B<PEM> (the default) is a base64 encoded version of
-the DER form with header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-print_certs>
-
-prints out any certificates or CRLs contained in the file. They are
-preceded by their subject and issuer names in one line format.
-
-=item B<-text>
-
-prints out certificates details in full rather than just subject and
-issuer names.
-
-=item B<-noout>
-
-don't output the encoded version of the PKCS#7 structure (or certificates
-is B<-print_certs> is set).
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<pkcs7>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLES
-
-Convert a PKCS#7 file from PEM to DER:
-
- openssl pkcs7 -in file.pem -outform DER -out file.der
-
-Output all certificates in a file:
-
- openssl pkcs7 -in file.pem -print_certs -out certs.pem
-
-=head1 NOTES
-
-The PEM PKCS#7 format uses the header and footer lines:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-For compatibility with some CAs it will also accept:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-=head1 RESTRICTIONS
-
-There is no option to print out all the fields of a PKCS#7 file.
-
-This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they
-cannot currently parse, for example, the new CMS as described in RFC2630.
-
-=head1 SEE ALSO
-
-L<crl2pkcs7(1)|crl2pkcs7(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/pkcs8.pod b/lib/libssl/src/doc/apps/pkcs8.pod
deleted file mode 100644
index d15c89bbbc3..00000000000
--- a/lib/libssl/src/doc/apps/pkcs8.pod
+++ /dev/null
@@ -1,243 +0,0 @@
-=pod
-
-=head1 NAME
-
-pkcs8 - PKCS#8 format private key conversion tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkcs8>
-[B<-topk8>]
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-noiter>]
-[B<-nocrypt>]
-[B<-nooct>]
-[B<-embed>]
-[B<-nsdb>]
-[B<-v2 alg>]
-[B<-v1 alg>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkcs8> command processes private keys in PKCS#8 format. It can handle
-both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo
-format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-topk8>
-
-Normally a PKCS#8 private key is expected on input and a traditional format
-private key will be written. With the B<-topk8> option the situation is
-reversed: it reads a traditional format private key and writes a PKCS#8
-format key.
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. If a PKCS#8 format key is expected on input
-then either a B<DER> or B<PEM> encoded version of a PKCS#8 key will be
-expected. Otherwise the B<DER> or B<PEM> format of the traditional format
-private key is used.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output by
-default. If any encryption options are set then a pass phrase will be
-prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-nocrypt>
-
-PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo
-structures using an appropriate password based encryption algorithm. With
-this option an unencrypted PrivateKeyInfo structure is expected or output.
-This option does not encrypt private keys at all and should only be used
-when absolutely necessary. Certain software such as some versions of Java
-code signing software used unencrypted private keys.
-
-=item B<-nooct>
-
-This option generates RSA private keys in a broken format that some software
-uses. Specifically the private key should be enclosed in a OCTET STRING
-but some software just includes the structure itself without the
-surrounding OCTET STRING.
-
-=item B<-embed>
-
-This option generates DSA keys in a broken format. The DSA parameters are
-embedded inside the PrivateKey structure. In this form the OCTET STRING
-contains an ASN1 SEQUENCE consisting of two structures: a SEQUENCE containing
-the parameters and an ASN1 INTEGER containing the private key.
-
-=item B<-nsdb>
-
-This option generates DSA keys in a broken format compatible with Netscape
-private key databases. The PrivateKey contains a SEQUENCE consisting of
-the public and private keys respectively.
-
-=item B<-v2 alg>
-
-This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8
-private keys are encrypted with the password based encryption algorithm
-called B<pbeWithMD5AndDES-CBC> this uses 56 bit DES encryption but it
-was the strongest encryption algorithm supported in PKCS#5 v1.5. Using
-the B<-v2> option PKCS#5 v2.0 algorithms are used which can use any
-encryption algorithm such as 168 bit triple DES or 128 bit RC2 however
-not many implementations support PKCS#5 v2.0 yet. If you are just using
-private keys with OpenSSL then this doesn't matter.
-
-The B<alg> argument is the encryption algorithm to use, valid values include
-B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.
-
-=item B<-v1 alg>
-
-This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
-list of possible algorithms is included below.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<pkcs8>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The encrypted form of a PEM encode PKCS#8 files uses the following
-headers and footers:
-
- -----BEGIN ENCRYPTED PRIVATE KEY-----
- -----END ENCRYPTED PRIVATE KEY-----
-
-The unencrypted form uses:
-
- -----BEGIN PRIVATE KEY-----
- -----END PRIVATE KEY-----
-
-Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration
-counts are more secure that those encrypted using the traditional
-SSLeay compatible formats. So if additional security is considered
-important the keys should be converted.
-
-The default encryption is only 56 bits because this is the encryption
-that most current implementations of PKCS#8 will support.
-
-Some software may use PKCS#12 password based encryption algorithms
-with PKCS#8 format private keys: these are handled automatically
-but there is no option to produce them.
-
-It is possible to write out DER encoded encrypted private keys in
-PKCS#8 format because the encryption details are included at an ASN1
-level whereas the traditional format includes them at a PEM level.
-
-=head1 PKCS#5 v1.5 and PKCS#12 algorithms.
-
-Various algorithms can be used with the B<-v1> command line option,
-including PKCS#5 v1.5 and PKCS#12. These are described in more detail
-below.
-
-=over 4
-
-=item B<PBE-MD2-DES PBE-MD5-DES>
-
-These algorithms were included in the original PKCS#5 v1.5 specification.
-They only offer 56 bits of protection since they both use DES.
-
-=item B<PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES>
-
-These algorithms are not mentioned in the original PKCS#5 v1.5 specification
-but they use the same key derivation algorithm and are supported by some
-software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or
-56 bit DES.
-
-=item B<PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40>
-
-These algorithms use the PKCS#12 password based encryption algorithm and
-allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.
-
-=back
-
-=head1 EXAMPLES
-
-Convert a private from traditional to PKCS#5 v2.0 format using triple
-DES:
-
- openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
-
-Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
-(DES):
-
- openssl pkcs8 -in key.pem -topk8 -out enckey.pem
-
-Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm
-(3DES):
-
- openssl pkcs8 -in key.pem -topk8 -out enckey.pem -v1 PBE-SHA1-3DES
-
-Read a DER unencrypted PKCS#8 format private key:
-
- openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem
-
-Convert a private key from any PKCS#8 format to traditional format:
-
- openssl pkcs8 -in pk8.pem -out key.pem
-
-=head1 STANDARDS
-
-Test vectors from this PKCS#5 v2.0 implementation were posted to the
-pkcs-tng mailing list using triple DES, DES and RC2 with high iteration
-counts, several people confirmed that they could decrypt the private
-keys produced and Therefore it can be assumed that the PKCS#5 v2.0
-implementation is reasonably accurate at least as far as these
-algorithms are concerned.
-
-The format of PKCS#8 DSA (and other) private keys is not well documented:
-it is hidden away in PKCS#11 v2.01, section 11.9. OpenSSL's default DSA
-PKCS#8 private key format complies with this standard.
-
-=head1 BUGS
-
-There should be an option that prints out the encryption algorithm
-in use and other details such as the iteration count.
-
-PKCS#8 using triple DES and PKCS#5 v2.0 should be the default private
-key format for OpenSSL: for compatibility several of the utilities use
-the old format at present.
-
-=head1 SEE ALSO
-
-L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/pkey.pod b/lib/libssl/src/doc/apps/pkey.pod
deleted file mode 100644
index 77166dd877c..00000000000
--- a/lib/libssl/src/doc/apps/pkey.pod
+++ /dev/null
@@ -1,135 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-pkey - public or private key processing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkey>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-cipher>]
-[B<-text>]
-[B<-text_pub>]
-[B<-noout>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkey> command processes public or private keys. They can be converted
-between various forms and their components printed out.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format DER or PEM.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output if this
-option is not specified. If any encryption options are set then a pass phrase
-will be prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout password>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-cipher>
-
-These options encrypt the private key with the supplied cipher. Any algorithm
-name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
-
-=item B<-text>
-
-prints out the various public or private key components in
-plain text in addition to the encoded version.
-
-=item B<-text_pub>
-
-print out only public key components even if a private key is being processed.
-
-=item B<-noout>
-
-do not output the encoded version of the key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this
-option a public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output: with this option a public
-key will be output instead. This option is automatically set if
-the input is a public key.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<pkey>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLES
-
-To remove the pass phrase on an RSA private key:
-
- openssl pkey -in key.pem -out keyout.pem
-
-To encrypt a private key using triple DES:
-
- openssl pkey -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format:
-
- openssl pkey -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl pkey -in key.pem -text -noout
-
-To print out the public components of a private key to standard output:
-
- openssl pkey -in key.pem -text_pub -noout
-
-To just output the public part of a private key:
-
- openssl pkey -in key.pem -pubout -out pubkey.pem
-
-=head1 SEE ALSO
-
-L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/pkeyparam.pod b/lib/libssl/src/doc/apps/pkeyparam.pod
deleted file mode 100644
index 81495d2d529..00000000000
--- a/lib/libssl/src/doc/apps/pkeyparam.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-pkeyparam - public key algorithm parameter processing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkeyparam>
-[B<-in filename>]
-[B<-out filename>]
-[B<-text>]
-[B<-noout>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkey> command processes public or private keys. They can be converted
-between various forms and their components printed out.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read parameters from or standard input if
-this option is not specified.
-
-=item B<-out filename>
-
-This specifies the output filename to write parameters to or standard output if
-this option is not specified.
-
-=item B<-text>
-
-prints out the parameters in plain text in addition to the encoded version.
-
-=item B<-noout>
-
-do not output the encoded version of the parameters.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<pkeyparam>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLE
-
-Print out text version of parameters:
-
- openssl pkeyparam -in param.pem -text
-
-=head1 NOTES
-
-There are no B<-inform> or B<-outform> options for this command because only
-PEM format is supported because the key type is determined by the PEM headers.
-
-=head1 SEE ALSO
-
-L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/pkeyutl.pod b/lib/libssl/src/doc/apps/pkeyutl.pod
deleted file mode 100644
index a88380a7a8b..00000000000
--- a/lib/libssl/src/doc/apps/pkeyutl.pod
+++ /dev/null
@@ -1,222 +0,0 @@
-=pod
-
-=head1 NAME
-
-pkeyutl - public key algorithm utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<pkeyutl>
-[B<-in file>]
-[B<-out file>]
-[B<-sigfile file>]
-[B<-inkey file>]
-[B<-keyform PEM|DER>]
-[B<-passin arg>]
-[B<-peerkey file>]
-[B<-peerform PEM|DER>]
-[B<-pubin>]
-[B<-certin>]
-[B<-rev>]
-[B<-sign>]
-[B<-verify>]
-[B<-verifyrecover>]
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-derive>]
-[B<-pkeyopt opt:value>]
-[B<-hexdump>]
-[B<-asn1parse>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<pkeyutl> command can be used to perform public key operations using
-any supported algorithm.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read data from or standard input
-if this option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-inkey file>
-
-the input key file, by default it should be a private key.
-
-=item B<-keyform PEM|DER>
-
-the key format PEM, DER or ENGINE.
-
-=item B<-passin arg>
-
-the input key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-
-=item B<-peerkey file>
-
-the peer key file, used by key derivation (agreement) operations.
-
-=item B<-peerform PEM|DER>
-
-the peer key format PEM, DER or ENGINE.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-
-=item B<-pubin>
-
-the input file is a public key.
-
-=item B<-certin>
-
-the input is a certificate containing a public key.
-
-=item B<-rev>
-
-reverse the order of the input buffer. This is useful for some libraries
-(such as CryptoAPI) which represent the buffer in little endian format.
-
-=item B<-sign>
-
-sign the input data and output the signed result. This requires
-a private key.
-
-=item B<-verify>
-
-verify the input data against the signature file and indicate if the
-verification succeeded or failed.
-
-=item B<-verifyrecover>
-
-verify the input data and output the recovered data.
-
-=item B<-encrypt>
-
-encrypt the input data using a public key.
-
-=item B<-decrypt>
-
-decrypt the input data using a private key.
-
-=item B<-derive>
-
-derive a shared secret using the peer key.
-
-=item B<-hexdump>
-
-hex dump the output data.
-
-=item B<-asn1parse>
-
-asn1parse the output data, this is useful when combined with the
-B<-verifyrecover> option when an ASN1 structure is signed.
-
-=back
-
-=head1 NOTES
-
-The operations and options supported vary according to the key algorithm
-and its implementation. The OpenSSL operations and options are indicated below.
-
-Unless otherwise mentioned all algorithms support the B<digest:alg> option
-which specifies the digest in use for sign, verify and verifyrecover operations.
-The value B<alg> should represent a digest name as used in the
-EVP_get_digestbyname() function for example B<sha1>.
-
-=head1 RSA ALGORITHM
-
-The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover
-operations in general. Some padding modes only support some of these
-operations however.
-
-=over 4
-
-=item -B<rsa_padding_mode:mode>
-
-This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
-PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
-for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
-
-In PKCS#1 padding if the message digest is not set then the supplied data is
-signed or verified directly instead of using a B<DigestInfo> structure. If a
-digest is set then the a B<DigestInfo> structure is used and its the length
-must correspond to the digest type.
-
-For B<oeap> mode only encryption and decryption is supported.
-
-For B<x931> if the digest type is set it is used to format the block data
-otherwise the first byte is used to specify the X9.31 digest ID. Sign,
-verify and verifyrecover are can be performed in this mode.
-
-For B<pss> mode only sign and verify are supported and the digest type must be
-specified.
-
-=item B<rsa_pss_saltlen:len>
-
-For B<pss> mode only this option specifies the salt length. Two special values
-are supported: -1 sets the salt length to the digest length. When signing -2
-sets the salt length to the maximum permissible value. When verifying -2 causes
-the salt length to be automatically determined based on the B<PSS> block
-structure.
-
-=back
-
-=head1 DSA ALGORITHM
-
-The DSA algorithm supports signing and verification operations only. Currently
-there are no additional options other than B<digest>. Only the SHA1
-digest can be used and this digest is assumed by default.
-
-=head1 DH ALGORITHM
-
-The DH algorithm only supports the derivation operation and no additional
-options.
-
-=head1 EC ALGORITHM
-
-The EC algorithm supports sign, verify and derive operations. The sign and
-verify operations use ECDSA and derive uses ECDH. Currently there are no
-additional options other than B<digest>. Only the SHA1 digest can be used and
-this digest is assumed by default.
-
-=head1 EXAMPLES
-
-Sign some data using a private key:
-
- openssl pkeyutl -sign -in file -inkey key.pem -out sig
-
-Recover the signed data (e.g. if an RSA key is used):
-
- openssl pkeyutl -verifyrecover -in sig -inkey key.pem
-
-Verify the signature (e.g. a DSA key):
-
- openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem
-
-Sign data using a message digest value (this is currently only valid for RSA):
-
- openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256
-
-Derive a shared secret value:
-
- openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
-
-=head1 SEE ALSO
-
-L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
-L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/lib/libssl/src/doc/apps/rand.pod b/lib/libssl/src/doc/apps/rand.pod
deleted file mode 100644
index d1d213ef43c..00000000000
--- a/lib/libssl/src/doc/apps/rand.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-rand - generate pseudo-random bytes
-
-=head1 SYNOPSIS
-
-B<openssl rand>
-[B<-out> I<file>]
-[B<-rand> I<file(s)>]
-[B<-base64>]
-[B<-hex>]
-I<num>
-
-=head1 DESCRIPTION
-
-The B<rand> command outputs I<num> pseudo-random bytes after seeding
-the random number generator once.  As in other B<openssl> command
-line tools, PRNG seeding uses the file I<$HOME/>B<.rnd> or B<.rnd>
-in addition to the files given in the B<-rand> option.  A new
-I<$HOME>/B<.rnd> or B<.rnd> file will be written back if enough
-seeding was obtained from these sources.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-out> I<file>
-
-Write to I<file> instead of standard output.
-
-=item B<-rand> I<file(s)>
-
-Use specified file or files or EGD socket (see L<RAND_egd(3)|RAND_egd(3)>)
-for seeding the random number generator.
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-base64>
-
-Perform base64 encoding on the output.
-
-=item B<-hex>
-
-Show the output as a hex string.
-
-=back
-
-=head1 SEE ALSO
-
-L<RAND_bytes(3)|RAND_bytes(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/req.pod b/lib/libssl/src/doc/apps/req.pod
deleted file mode 100644
index 3d556bd9686..00000000000
--- a/lib/libssl/src/doc/apps/req.pod
+++ /dev/null
@@ -1,678 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-req - PKCS#10 certificate request and certificate generating utility.
-
-=head1 SYNOPSIS
-
-B<openssl> B<req>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-text>]
-[B<-pubkey>]
-[B<-noout>]
-[B<-verify>]
-[B<-modulus>]
-[B<-new>]
-[B<-rand file(s)>]
-[B<-newkey rsa:bits>]
-[B<-newkey alg:file>]
-[B<-nodes>]
-[B<-key filename>]
-[B<-keyform PEM|DER>]
-[B<-keyout filename>]
-[B<-keygen_engine id>]
-[B<-[digest]>]
-[B<-config filename>]
-[B<-subj arg>]
-[B<-multivalue-rdn>]
-[B<-x509>]
-[B<-days n>]
-[B<-set_serial n>]
-[B<-asn1-kludge>]
-[B<-no-asn1-kludge>]
-[B<-newhdr>]
-[B<-extensions section>]
-[B<-reqexts section>]
-[B<-utf8>]
-[B<-nameopt>]
-[B<-reqopt>]
-[B<-subject>]
-[B<-subj arg>]
-[B<-batch>]
-[B<-verbose>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<req> command primarily creates and processes certificate requests
-in PKCS#10 format. It can additionally create self signed certificates
-for use as root CAs for example.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#10. The B<PEM> form is the default format: it
-consists of the B<DER> format base64 encoded with additional header and
-footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a request from or standard input
-if this option is not specified. A request is only read if the creation
-options (B<-new> and B<-newkey>) are not specified.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write to or standard output by
-default.
-
-=item B<-passout arg>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-text>
-
-prints out the certificate request in text form.
-
-=item B<-subject>
-
-prints out the request subject (or certificate subject if B<-x509> is
-specified)
-
-=item B<-pubkey>
-
-outputs the public key.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the request.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the public key
-contained in the request.
-
-=item B<-verify>
-
-verifies the signature on the request.
-
-=item B<-new>
-
-this option generates a new certificate request. It will prompt
-the user for the relevant field values. The actual fields
-prompted for and their maximum and minimum sizes are specified
-in the configuration file and any requested extensions.
-
-If the B<-key> option is not used it will generate a new RSA private
-key using information specified in the configuration file.
-
-=item B<-subj arg>
-
-Replaces subject field of input request with specified data and outputs
-modified request. The arg must be formatted as
-I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<-newkey arg>
-
-this option creates a new certificate request and a new private
-key. The argument takes one of several forms. B<rsa:nbits>, where
-B<nbits> is the number of bits, generates an RSA key B<nbits>
-in size. If B<nbits> is omitted, i.e. B<-newkey rsa> specified,
-the default key size, specified in the configuration file is used.
-
-All other algorithms support the B<-newkey alg:file> form, where file may be
-an algorithm parameter file, created by the B<genpkey -genparam> command
-or and X.509 certificate for a key with approriate algorithm.
-
-B<param:file> generates a key using the parameter file or certificate B<file>,
-the algorithm is determined by the parameters. B<algname:file> use algorithm
-B<algname> and parameter file B<file>: the two algorithms must match or an
-error occurs. B<algname> just uses algorithm B<algname>, and parameters,
-if neccessary should be specified via B<-pkeyopt> parameter.
-
-B<dsa:filename> generates a DSA key using the parameters
-in the file B<filename>. B<ec:filename> generates EC key (usable both with
-ECDSA or ECDH algorithms), B<gost2001:filename> generates GOST R
-34.10-2001 key (requires B<ccgost> engine configured in the configuration
-file). If just B<gost2001> is specified a parameter set should be
-specified by B<-pkeyopt paramset:X>
-
-
-=item B<-pkeyopt opt:value>
-
-set the public key algorithm option B<opt> to B<value>. The precise set of
-options supported depends on the public key algorithm used and its
-implementation. See B<KEY GENERATION OPTIONS> in the B<genpkey> manual page
-for more details.
-
-=item B<-key filename>
-
-This specifies the file to read the private key from. It also
-accepts PKCS#8 format private keys for PEM format files.
-
-=item B<-keyform PEM|DER>
-
-the format of the private key file specified in the B<-key>
-argument. PEM is the default.
-
-=item B<-keyout filename>
-
-this gives the filename to write the newly created private key to.
-If this option is not specified then the filename present in the
-configuration file is used.
-
-=item B<-nodes>
-
-if this option is specified then if a private key is created it
-will not be encrypted.
-
-=item B<-[digest]>
-
-this specifies the message digest to sign the request with (such as
-B<-md5>, B<-sha1>). This overrides the digest algorithm specified in
-the configuration file.
-
-Some public key algorithms may override this choice. For instance, DSA
-signatures always use SHA1, GOST R 34.10 signatures always use
-GOST R 34.11-94 (B<-md_gost94>).
-
-=item B<-config filename>
-
-this allows an alternative configuration file to be specified,
-this overrides the compile time filename or any specified in
-the B<OPENSSL_CONF> environment variable.
-
-=item B<-subj arg>
-
-sets subject name for new request or supersedes the subject name
-when processing a request.
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
-characters may be escaped by \ (backslash), no spaces are skipped.
-
-=item B<-multivalue-rdn>
-
-this option causes the -subj argument to be interpreted with full
-support for multivalued RDNs. Example:
-
-I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
-
-If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
-
-=item B<-x509>
-
-this option outputs a self signed certificate instead of a certificate
-request. This is typically used to generate a test certificate or
-a self signed root CA. The extensions added to the certificate
-(if any) are specified in the configuration file. Unless specified
-using the B<set_serial> option B<0> will be used for the serial
-number.
-
-=item B<-days n>
-
-when the B<-x509> option is being used this specifies the number of
-days to certify the certificate for. The default is 30 days.
-
-=item B<-set_serial n>
-
-serial number to use when outputting a self signed certificate. This
-may be specified as a decimal value or a hex value if preceded by B<0x>.
-It is possible to use negative serial numbers but this is not recommended.
-
-=item B<-extensions section>
-
-=item B<-reqexts section>
-
-these options specify alternative sections to include certificate
-extensions (if the B<-x509> option is present) or certificate
-request extensions. This allows several different sections to
-be used in the same configuration file to specify requests for
-a variety of purposes.
-
-=item B<-utf8>
-
-this option causes field values to be interpreted as UTF8 strings, by
-default they are interpreted as ASCII. This means that the field
-values, whether prompted from a terminal or obtained from a
-configuration file, must be valid UTF8 strings.
-
-=item B<-nameopt option>
-
-option which determines how the subject or issuer names are displayed. The
-B<option> argument can be a single option or multiple options separated by
-commas.  Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L<x509(1)|x509(1)> manual page for details.
-
-=item B<-reqopt>
-
-customise the output format used with B<-text>. The B<option> argument can be
-a single option or multiple options separated by commas.
-
-See discission of the  B<-certopt> parameter in the L<B<x509>|x509(1)>
-command.
-
-
-=item B<-asn1-kludge>
-
-by default the B<req> command outputs certificate requests containing
-no attributes in the correct PKCS#10 format. However certain CAs will only
-accept requests containing no attributes in an invalid form: this
-option produces this invalid format.
-
-More precisely the B<Attributes> in a PKCS#10 certificate request
-are defined as a B<SET OF Attribute>. They are B<not OPTIONAL> so
-if no attributes are present then they should be encoded as an
-empty B<SET OF>. The invalid form does not include the empty
-B<SET OF> whereas the correct form does.
-
-It should be noted that very few CAs still require the use of this option.
-
-=item B<-no-asn1-kludge>
-
-Reverses effect of B<-asn1-kludge>
-
-=item B<-newhdr>
-
-Adds the word B<NEW> to the PEM file header and footer lines on the outputted
-request. Some software (Netscape certificate server) and some CAs need this.
-
-=item B<-batch>
-
-non-interactive mode.
-
-=item B<-verbose>
-
-print extra details about the operations being performed.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<req>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-keygen_engine id>
-
-specifies an engine (by its unique B<id> string) which would be used
-for key generation operations.
-
-=back
-
-=head1 CONFIGURATION FILE FORMAT
-
-The configuration options are specified in the B<req> section of
-the configuration file. As with all configuration files if no
-value is specified in the specific section (i.e. B<req>) then
-the initial unnamed or B<default> section is searched too.
-
-The options available are described in detail below.
-
-=over 4
-
-=item B<input_password output_password>
-
-The passwords for the input private key file (if present) and
-the output private key file (if one will be created). The
-command line options B<passin> and B<passout> override the
-configuration file values.
-
-=item B<default_bits>
-
-This specifies the default key size in bits. If not specified then
-512 is used. It is used if the B<-new> option is used. It can be
-overridden by using the B<-newkey> option.
-
-=item B<default_keyfile>
-
-This is the default filename to write a private key to. If not
-specified the key is written to standard output. This can be
-overridden by the B<-keyout> option.
-
-=item B<oid_file>
-
-This specifies a file containing additional B<OBJECT IDENTIFIERS>.
-Each line of the file should consist of the numerical form of the
-object identifier followed by white space then the short name followed
-by white space and finally the long name.
-
-=item B<oid_section>
-
-This specifies a section in the configuration file containing extra
-object identifiers. Each line should consist of the short name of the
-object identifier followed by B<=> and the numerical form. The short
-and long names are the same when this option is used.
-
-=item B<RANDFILE>
-
-This specifies a filename in which random number seed information is
-placed and read from, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-It is used for private key generation.
-
-=item B<encrypt_key>
-
-If this is set to B<no> then if a private key is generated it is
-B<not> encrypted. This is equivalent to the B<-nodes> command line
-option. For compatibility B<encrypt_rsa_key> is an equivalent option.
-
-=item B<default_md>
-
-This option specifies the digest algorithm to use. Possible values
-include B<md5 sha1>. If not present then MD5 is used. This
-option can be overridden on the command line.
-
-=item B<string_mask>
-
-This option masks out the use of certain string types in certain
-fields. Most users will not need to change this option.
-
-It can be set to several values B<default> which is also the default
-option uses PrintableStrings, T61Strings and BMPStrings if the
-B<pkix> value is used then only PrintableStrings and BMPStrings will
-be used. This follows the PKIX recommendation in RFC2459. If the
-B<utf8only> option is used then only UTF8Strings will be used: this
-is the PKIX recommendation in RFC2459 after 2003. Finally the B<nombstr>
-option just uses PrintableStrings and T61Strings: certain software has
-problems with BMPStrings and UTF8Strings: in particular Netscape.
-
-=item B<req_extensions>
-
-this specifies the configuration file section containing a list of
-extensions to add to the certificate request. It can be overridden
-by the B<-reqexts> command line switch. See the
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
-extension section format.
-
-=item B<x509_extensions>
-
-this specifies the configuration file section containing a list of
-extensions to add to certificate generated when the B<-x509> switch
-is used. It can be overridden by the B<-extensions> command line switch.
-
-=item B<prompt>
-
-if set to the value B<no> this disables prompting of certificate fields
-and just takes values from the config file directly. It also changes the
-expected format of the B<distinguished_name> and B<attributes> sections.
-
-=item B<utf8>
-
-if set to the value B<yes> then field values to be interpreted as UTF8
-strings, by default they are interpreted as ASCII. This means that
-the field values, whether prompted from a terminal or obtained from a
-configuration file, must be valid UTF8 strings.
-
-=item B<attributes>
-
-this specifies the section containing any request attributes: its format
-is the same as B<distinguished_name>. Typically these may contain the
-challengePassword or unstructuredName types. They are currently ignored
-by OpenSSL's request signing utilities but some CAs might want them.
-
-=item B<distinguished_name>
-
-This specifies the section containing the distinguished name fields to
-prompt for when generating a certificate or certificate request. The format
-is described in the next section.
-
-=back
-
-=head1 DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT
-
-There are two separate formats for the distinguished name and attribute
-sections. If the B<prompt> option is set to B<no> then these sections
-just consist of field names and values: for example,
-
- CN=My Name
- OU=My Organization
- emailAddress=someone@somewhere.org
-
-This allows external programs (e.g. GUI based) to generate a template file
-with all the field names and values and just pass it to B<req>. An example
-of this kind of configuration file is contained in the B<EXAMPLES> section.
-
-Alternatively if the B<prompt> option is absent or not set to B<no> then the
-file contains field prompting information. It consists of lines of the form:
-
- fieldName="prompt"
- fieldName_default="default field value"
- fieldName_min= 2
- fieldName_max= 4
-
-"fieldName" is the field name being used, for example commonName (or CN).
-The "prompt" string is used to ask the user to enter the relevant
-details. If the user enters nothing then the default value is used if no
-default value is present then the field is omitted. A field can
-still be omitted if a default value is present if the user just
-enters the '.' character.
-
-The number of characters entered must be between the fieldName_min and
-fieldName_max limits: there may be additional restrictions based
-on the field being used (for example countryName can only ever be
-two characters long and must fit in a PrintableString).
-
-Some fields (such as organizationName) can be used more than once
-in a DN. This presents a problem because configuration files will
-not recognize the same name occurring twice. To avoid this problem
-if the fieldName contains some characters followed by a full stop
-they will be ignored. So for example a second organizationName can
-be input by calling it "1.organizationName".
-
-The actual permitted field names are any object identifier short or
-long names. These are compiled into OpenSSL and include the usual
-values such as commonName, countryName, localityName, organizationName,
-organizationUnitName, stateOrProvinceName. Additionally emailAddress
-is include as well as name, surname, givenName initials and dnQualifier.
-
-Additional object identifiers can be defined with the B<oid_file> or
-B<oid_section> options in the configuration file. Any additional fields
-will be treated as though they were a DirectoryString.
-
-
-=head1 EXAMPLES
-
-Examine and verify certificate request:
-
- openssl req -in req.pem -text -verify -noout
-
-Create a private key and then generate a certificate request from it:
-
- openssl genrsa -out key.pem 1024
- openssl req -new -key key.pem -out req.pem
-
-The same but just using req:
-
- openssl req -newkey rsa:1024 -keyout key.pem -out req.pem
-
-Generate a self signed root certificate:
-
- openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem
-
-Example of a file pointed to by the B<oid_file> option:
-
- 1.2.3.4	shortName	A longer Name
- 1.2.3.6	otherName	Other longer Name
-
-Example of a section pointed to by B<oid_section> making use of variable
-expansion:
-
- testoid1=1.2.3.5
- testoid2=${testoid1}.6
-
-Sample configuration file prompting for field values:
-
- [ req ]
- default_bits		= 1024
- default_keyfile 	= privkey.pem
- distinguished_name	= req_distinguished_name
- attributes		= req_attributes
- x509_extensions	= v3_ca
-
- dirstring_type = nobmp
-
- [ req_distinguished_name ]
- countryName			= Country Name (2 letter code)
- countryName_default		= AU
- countryName_min		= 2
- countryName_max		= 2
-
- localityName			= Locality Name (eg, city)
-
- organizationalUnitName		= Organizational Unit Name (eg, section)
-
- commonName			= Common Name (eg, YOUR name)
- commonName_max			= 64
-
- emailAddress			= Email Address
- emailAddress_max		= 40
-
- [ req_attributes ]
- challengePassword		= A challenge password
- challengePassword_min		= 4
- challengePassword_max		= 20
-
- [ v3_ca ]
-
- subjectKeyIdentifier=hash
- authorityKeyIdentifier=keyid:always,issuer:always
- basicConstraints = CA:true
-
-Sample configuration containing all field values:
-
-
- RANDFILE		= $ENV::HOME/.rnd
-
- [ req ]
- default_bits		= 1024
- default_keyfile 	= keyfile.pem
- distinguished_name	= req_distinguished_name
- attributes		= req_attributes
- prompt			= no
- output_password	= mypass
-
- [ req_distinguished_name ]
- C			= GB
- ST			= Test State or Province
- L			= Test Locality
- O			= Organization Name
- OU			= Organizational Unit Name
- CN			= Common Name
- emailAddress		= test@email.address
-
- [ req_attributes ]
- challengePassword		= A challenge password
-
-
-=head1 NOTES
-
-The header and footer lines in the B<PEM> format are normally:
-
- -----BEGIN CERTIFICATE REQUEST-----
- -----END CERTIFICATE REQUEST-----
-
-some software (some versions of Netscape certificate server) instead needs:
-
- -----BEGIN NEW CERTIFICATE REQUEST-----
- -----END NEW CERTIFICATE REQUEST-----
-
-which is produced with the B<-newhdr> option but is otherwise compatible.
-Either form is accepted transparently on input.
-
-The certificate requests generated by B<Xenroll> with MSIE have extensions
-added. It includes the B<keyUsage> extension which determines the type of
-key (signature only or general purpose) and any additional OIDs entered
-by the script in an extendedKeyUsage extension.
-
-=head1 DIAGNOSTICS
-
-The following messages are frequently asked about:
-
-	Using configuration from /some/path/openssl.cnf
-	Unable to load config info
-
-This is followed some time later by...
-
-	unable to find 'distinguished_name' in config
-	problems making Certificate Request
-
-The first error message is the clue: it can't find the configuration
-file! Certain operations (like examining a certificate request) don't
-need a configuration file so its use isn't enforced. Generation of
-certificates or requests however does need a configuration file. This
-could be regarded as a bug.
-
-Another puzzling message is this:
-
-        Attributes:
-            a0:00
-
-this is displayed when no attributes are present and the request includes
-the correct empty B<SET OF> structure (the DER encoding of which is 0xa0
-0x00). If you just see:
-
-        Attributes:
-
-then the B<SET OF> is missing and the encoding is technically invalid (but
-it is tolerated). See the description of the command line option B<-asn1-kludge>
-for more information.
-
-=head1 ENVIRONMENT VARIABLES
-
-The variable B<OPENSSL_CONF> if defined allows an alternative configuration
-file location to be specified, it will be overridden by the B<-config> command
-line switch if it is present. For compatibility reasons the B<SSLEAY_CONF>
-environment variable serves the same purpose but its use is discouraged.
-
-=head1 BUGS
-
-OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
-treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour.
-This can cause problems if you need characters that aren't available in
-PrintableStrings and you don't want to or can't use BMPStrings.
-
-As a consequence of the T61String handling the only correct way to represent
-accented characters in OpenSSL is to use a BMPString: unfortunately Netscape
-currently chokes on these. If you have to use accented characters with Netscape
-and MSIE then you currently need to use the invalid T61String form.
-
-The current prompting is not very friendly. It doesn't allow you to confirm what
-you've just entered. Other things like extensions in certificate requests are
-statically defined in the configuration file. Some of these: like an email
-address in subjectAltName should be input by the user.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>,
-L<x509v3_config(5)|x509v3_config(5)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/rsa.pod b/lib/libssl/src/doc/apps/rsa.pod
deleted file mode 100644
index e1ba8e629fa..00000000000
--- a/lib/libssl/src/doc/apps/rsa.pod
+++ /dev/null
@@ -1,204 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-rsa - RSA key processing tool
-
-=head1 SYNOPSIS
-
-B<openssl> B<rsa>
-[B<-inform PEM|NET|DER>]
-[B<-outform PEM|NET|DER>]
-[B<-in filename>]
-[B<-passin arg>]
-[B<-out filename>]
-[B<-passout arg>]
-[B<-sgckey>]
-[B<-des>]
-[B<-des3>]
-[B<-idea>]
-[B<-text>]
-[B<-noout>]
-[B<-modulus>]
-[B<-check>]
-[B<-pubin>]
-[B<-pubout>]
-[B<-RSAPublicKey_in>]
-[B<-RSAPublicKey_out>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<rsa> command processes RSA keys. They can be converted between various
-forms and their components printed out. B<Note> this command uses the
-traditional SSLeay compatible format for private key encryption: newer
-applications should use the more secure PKCS#8 format using the B<pkcs8>
-utility.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-inform DER|NET|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format.
-The B<PEM> form is the default format: it consists of the B<DER> format base64
-encoded with additional header and footer lines. On input PKCS#8 format private
-keys are also accepted. The B<NET> form is a format is described in the B<NOTES>
-section.
-
-=item B<-outform DER|NET|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a key from or standard input if this
-option is not specified. If the key is encrypted a pass phrase will be
-prompted for.
-
-=item B<-passin arg>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-out filename>
-
-This specifies the output filename to write a key to or standard output if this
-option is not specified. If any encryption options are set then a pass phrase
-will be prompted for. The output filename should B<not> be the same as the input
-filename.
-
-=item B<-passout password>
-
-the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-sgckey>
-
-use the modified NET algorithm used with some versions of Microsoft IIS and SGC
-keys.
-
-=item B<-des|-des3|-idea>
-
-These options encrypt the private key with the DES, triple DES, or the
-IDEA ciphers respectively before outputting it. A pass phrase is prompted for.
-If none of these options is specified the key is written in plain text. This
-means that using the B<rsa> utility to read in an encrypted key with no
-encryption option can be used to remove the pass phrase from a key, or by
-setting the encryption options it can be use to add or change the pass phrase.
-These options can only be used with PEM format output files.
-
-=item B<-text>
-
-prints out the various public or private key components in
-plain text in addition to the encoded version.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the key.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the key.
-
-=item B<-check>
-
-this option checks the consistency of an RSA private key.
-
-=item B<-pubin>
-
-by default a private key is read from the input file: with this
-option a public key is read instead.
-
-=item B<-pubout>
-
-by default a private key is output: with this option a public
-key will be output instead. This option is automatically set if
-the input is a public key.
-
-=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out>
-
-like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<rsa>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 NOTES
-
-The PEM private key format uses the header and footer lines:
-
- -----BEGIN RSA PRIVATE KEY-----
- -----END RSA PRIVATE KEY-----
-
-The PEM public key format uses the header and footer lines:
-
- -----BEGIN PUBLIC KEY-----
- -----END PUBLIC KEY-----
-
-The PEM B<RSAPublicKey> format uses the header and footer lines:
-
- -----BEGIN RSA PUBLIC KEY-----
- -----END RSA PUBLIC KEY-----
-
-The B<NET> form is a format compatible with older Netscape servers
-and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
-It is not very secure and so should only be used when necessary.
-
-Some newer version of IIS have additional data in the exported .key
-files. To use these with the utility, view the file with a binary editor
-and look for the string "private-key", then trace back to the byte
-sequence 0x30, 0x82 (this is an ASN1 SEQUENCE). Copy all the data
-from this point onwards to another file and use that as the input
-to the B<rsa> utility with the B<-inform NET> option. If you get
-an error after entering the password try the B<-sgckey> option.
-
-=head1 EXAMPLES
-
-To remove the pass phrase on an RSA private key:
-
- openssl rsa -in key.pem -out keyout.pem
-
-To encrypt a private key using triple DES:
-
- openssl rsa -in key.pem -des3 -out keyout.pem
-
-To convert a private key from PEM to DER format:
-
- openssl rsa -in key.pem -outform DER -out keyout.der
-
-To print out the components of a private key to standard output:
-
- openssl rsa -in key.pem -text -noout
-
-To just output the public part of a private key:
-
- openssl rsa -in key.pem -pubout -out pubkey.pem
-
-Output the public part of a private key in B<RSAPublicKey> format:
-
- openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem
-
-=head1 BUGS
-
-The command line password arguments don't currently work with
-B<NET> format.
-
-There should be an option that automatically handles .key files,
-without having to manually edit them.
-
-=head1 SEE ALSO
-
-L<pkcs8(1)|pkcs8(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/rsautl.pod b/lib/libssl/src/doc/apps/rsautl.pod
deleted file mode 100644
index 6b23cbcc56c..00000000000
--- a/lib/libssl/src/doc/apps/rsautl.pod
+++ /dev/null
@@ -1,183 +0,0 @@
-=pod
-
-=head1 NAME
-
-rsautl - RSA utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<rsautl>
-[B<-in file>]
-[B<-out file>]
-[B<-inkey file>]
-[B<-pubin>]
-[B<-certin>]
-[B<-sign>]
-[B<-verify>]
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-pkcs>]
-[B<-ssl>]
-[B<-raw>]
-[B<-hexdump>]
-[B<-asn1parse>]
-
-=head1 DESCRIPTION
-
-The B<rsautl> command can be used to sign, verify, encrypt and decrypt
-data using the RSA algorithm.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read data from or standard input
-if this option is not specified.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-inkey file>
-
-the input key file, by default it should be an RSA private key.
-
-=item B<-pubin>
-
-the input file is an RSA public key.
-
-=item B<-certin>
-
-the input is a certificate containing an RSA public key.
-
-=item B<-sign>
-
-sign the input data and output the signed result. This requires
-and RSA private key.
-
-=item B<-verify>
-
-verify the input data and output the recovered data.
-
-=item B<-encrypt>
-
-encrypt the input data using an RSA public key.
-
-=item B<-decrypt>
-
-decrypt the input data using an RSA private key.
-
-=item B<-pkcs, -oaep, -ssl, -raw>
-
-the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
-special padding used in SSL v2 backwards compatible handshakes,
-or no padding, respectively.
-For signatures, only B<-pkcs> and B<-raw> can be used.
-
-=item B<-hexdump>
-
-hex dump the output data.
-
-=item B<-asn1parse>
-
-asn1parse the output data, this is useful when combined with the
-B<-verify> option.
-
-=back
-
-=head1 NOTES
-
-B<rsautl> because it uses the RSA algorithm directly can only be
-used to sign or verify small pieces of data.
-
-=head1 EXAMPLES
-
-Sign some data using a private key:
-
- openssl rsautl -sign -in file -inkey key.pem -out sig
-
-Recover the signed data
-
- openssl rsautl -verify -in sig -inkey key.pem
-
-Examine the raw signed data:
-
- openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
-
- 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
- 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world
-
-The PKCS#1 block formatting is evident from this. If this was done using
-encrypt and decrypt the block would have been of type 2 (the second byte)
-and random padding data visible instead of the 0xff bytes.
-
-It is possible to analyse the signature of certificates using this
-utility in conjunction with B<asn1parse>. Consider the self signed
-example in certs/pca-cert.pem . Running B<asn1parse> as follows yields:
-
- openssl asn1parse -in pca-cert.pem
-
-    0:d=0  hl=4 l= 742 cons: SEQUENCE
-    4:d=1  hl=4 l= 591 cons:  SEQUENCE
-    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]
-   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
-   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
-   16:d=2  hl=2 l=  13 cons:   SEQUENCE
-   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
-   29:d=3  hl=2 l=   0 prim:    NULL
-   31:d=2  hl=2 l=  92 cons:   SEQUENCE
-   33:d=3  hl=2 l=  11 cons:    SET
-   35:d=4  hl=2 l=   9 cons:     SEQUENCE
-   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
-   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
-  ....
-  599:d=1  hl=2 l=  13 cons:  SEQUENCE
-  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
-  612:d=2  hl=2 l=   0 prim:   NULL
-  614:d=1  hl=3 l= 129 prim:  BIT STRING
-
-
-The final BIT STRING contains the actual signature. It can be extracted with:
-
- openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
-
-The certificate public key can be extracted with:
-
- openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
-
-The signature can be analysed with:
-
- openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
-
-    0:d=0  hl=2 l=  32 cons: SEQUENCE
-    2:d=1  hl=2 l=  12 cons:  SEQUENCE
-    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
-   14:d=2  hl=2 l=   0 prim:   NULL
-   16:d=1  hl=2 l=  16 prim:  OCTET STRING
-      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..
-
-This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
-the digest used was md5. The actual part of the certificate that was signed can
-be extracted with:
-
- openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
-
-and its digest computed with:
-
- openssl md5 -c tbs
- MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
-
-which it can be seen agrees with the recovered value above.
-
-=head1 SEE ALSO
-
-L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/lib/libssl/src/doc/apps/s_client.pod b/lib/libssl/src/doc/apps/s_client.pod
deleted file mode 100644
index ea95414f3d2..00000000000
--- a/lib/libssl/src/doc/apps/s_client.pod
+++ /dev/null
@@ -1,316 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_client - SSL/TLS client program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_client>
-[B<-connect host:port>]
-[B<-verify depth>]
-[B<-verify_return_error>]
-[B<-cert filename>]
-[B<-certform DER|PEM>]
-[B<-key filename>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-reconnect>]
-[B<-pause>]
-[B<-showcerts>]
-[B<-debug>]
-[B<-msg>]
-[B<-nbio_test>]
-[B<-state>]
-[B<-nbio>]
-[B<-crlf>]
-[B<-ign_eof>]
-[B<-quiet>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-bugs>]
-[B<-cipher cipherlist>]
-[B<-starttls protocol>]
-[B<-engine id>]
-[B<-tlsextdebug>]
-[B<-no_ticket>]
-[B<-sess_out filename>]
-[B<-sess_in filename>]
-[B<-rand file(s)>]
-
-=head1 DESCRIPTION
-
-The B<s_client> command implements a generic SSL/TLS client which connects
-to a remote host using SSL/TLS. It is a I<very> useful diagnostic tool for
-SSL servers.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-connect host:port>
-
-This specifies the host and optional port to connect to. If not specified
-then an attempt is made to connect to the local host on port 4433.
-
-=item B<-cert certname>
-
-The certificate to use, if one is requested by the server. The default is
-not to use a certificate.
-
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
-with a certificate chain can be seen. As a side effect the connection
-will never fail due to a server certificate verify failure.
-
-=item B<-verify_return_error>
-
-Return verification errors instead of continuing. This will typically
-abort the handshake with a fatal error.
-
-=item B<-CApath directory>
-
-The directory to use for server certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the client certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during server authentication
-and to use when attempting to build the client certificate chain.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
-
-Set various certificate chain valiadition option. See the
-L<B<verify>|verify(1)> manual page for details.
-
-=item B<-reconnect>
-
-reconnects to the same server 5 times using the same session ID, this can
-be used as a test that session caching is working.
-
-=item B<-pause>
-
-pauses 1 second between each read and write call.
-
-=item B<-showcerts>
-
-display the whole server certificate chain: normally only the server
-certificate itself is displayed.
-
-=item B<-prexit>
-
-print session information when the program exits. This will always attempt
-to print out information even if the connection fails. Normally information
-will only be printed out once if the connection succeeds. This option is useful
-because the cipher in use may be renegotiated or the connection may fail
-because a client certificate is required or is requested only after an
-attempt is made to access a certain URL. Note: the output produced by this
-option is not always accurate because a connection might never have been
-established.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non-blocking I/O
-
-=item B<-nbio>
-
-turns on non-blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF as required
-by some servers.
-
-=item B<-ign_eof>
-
-inhibit shutting down the connection when end of file is reached in the
-input.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information.  This implicitly
-turns on B<-ign_eof> as well.
-
-=item B<-psk_identity identity>
-
-Use the PSK identity B<identity> when using a PSK cipher suite.
-
-=item B<-psk key>
-
-Use the PSK key B<key> when using a PSK cipher suite. The key is
-given as a hexadecimal number without leading 0x, for example -psk
-1a2b3c4d.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-Unfortunately there are a lot of ancient and broken servers in use which
-cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-no_tls> option others will only
-support SSL v2 and may need the B<-ssl2> option.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client. See the B<ciphers>
-command for more information.
-
-=item B<-starttls protocol>
-
-send the protocol-specific message(s) to switch to TLS for communication.
-B<protocol> is a keyword for the intended protocol.  Currently, the only
-supported keywords are "smtp", "lmtp", "pop3", "imap", and "ftp".
-
-=item B<-tlsextdebug>
-
-print out a hex dump of any TLS extensions received from the server.
-
-=item B<-no_ticket>
-
-disable RFC4507bis session ticket support.
-
-=item B<-sess_out filename>
-
-output SSL session to B<filename>
-
-=item B<-sess_in sess.pem>
-
-load SSL session from B<filename>. The client will attempt to resume a
-connection from this session.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<s_client>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection is established with an SSL server then any data received
-from the server is displayed and any key presses will be sent to the
-server. When used interactively (which means neither B<-quiet> nor B<-ign_eof>
-have been given), the session will be renegotiated if the line begins with an
-B<R>, and if the line begins with a B<Q> or if end of file is reached, the
-connection will be closed down.
-
-=head1 NOTES
-
-B<s_client> can be used to debug SSL servers. To connect to an SSL HTTP
-server the command:
-
- openssl s_client -connect servername:443
-
-would typically be used (https uses port 443). If the connection succeeds
-then an HTTP command can be given such as "GET /" to retrieve a web page.
-
-If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
-in case it is a buggy server. In particular you should play with these
-options B<before> submitting a bug report to an OpenSSL mailing list.
-
-A frequent problem when attempting to get client certificates working
-is that a web client complains it has no certificates or gives an empty
-list to choose from. This is normally because the server is not sending
-the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using B<s_client> the CA list can be viewed
-and checked. However some servers only request client authentication
-after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> option and send an HTTP request
-for an appropriate page.
-
-If a certificate is specified on the command line using the B<-cert>
-option it will not be used unless the server specifically requests
-a client certificate. Therefore merely including a client certificate
-on the command line is no guarantee that the certificate works.
-
-If there are problems verifying a server certificate then the
-B<-showcerts> option can be used to show the whole chain.
-
-Since the SSLv23 client hello cannot include compression methods or extensions
-these will only be supported if its use is disabled, for example by using the
-B<-no_sslv2> option.
-
-The B<s_client> utility is a test tool and is designed to continue the
-handshake after any certificate verification errors. As a result it will
-accept any certificate chain (trusted or not) sent by the peer. None test
-applications should B<not> do this as it makes them vulnerable to a MITM
-attack. This behaviour can be changed by with the B<-verify_return_error>
-option: any verify errors are then returned aborting the handshake.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_client is rather
-hard to read and not a model of how things should be done. A typical
-SSL client program would be much simpler.
-
-The B<-prexit> option is a bit of a hack. We should really report
-information whenever a session is renegotiated.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/s_server.pod b/lib/libssl/src/doc/apps/s_server.pod
deleted file mode 100644
index b5096cf7358..00000000000
--- a/lib/libssl/src/doc/apps/s_server.pod
+++ /dev/null
@@ -1,355 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_server - SSL/TLS server program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_server>
-[B<-accept port>]
-[B<-context id>]
-[B<-verify depth>]
-[B<-Verify depth>]
-[B<-crl_check>]
-[B<-crl_check_all>]
-[B<-cert filename>]
-[B<-certform DER|PEM>]
-[B<-key keyfile>]
-[B<-keyform DER|PEM>]
-[B<-pass arg>]
-[B<-dcert filename>]
-[B<-dcertform DER|PEM>]
-[B<-dkey keyfile>]
-[B<-dkeyform DER|PEM>]
-[B<-dpass arg>]
-[B<-dhparam filename>]
-[B<-nbio>]
-[B<-nbio_test>]
-[B<-crlf>]
-[B<-debug>]
-[B<-msg>]
-[B<-state>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-nocert>]
-[B<-cipher cipherlist>]
-[B<-quiet>]
-[B<-no_tmp_rsa>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-tls1>]
-[B<-no_ssl2>]
-[B<-no_ssl3>]
-[B<-no_tls1>]
-[B<-no_dhe>]
-[B<-bugs>]
-[B<-hack>]
-[B<-www>]
-[B<-WWW>]
-[B<-HTTP>]
-[B<-engine id>]
-[B<-tlsextdebug>]
-[B<-no_ticket>]
-[B<-id_prefix arg>]
-[B<-rand file(s)>]
-
-=head1 DESCRIPTION
-
-The B<s_server> command implements a generic SSL/TLS server which listens
-for connections on a given port using SSL/TLS.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-accept port>
-
-the TCP port to listen on for connections. If not specified 4433 is used.
-
-=item B<-context id>
-
-sets the SSL context id. It can be given any string value. If this option
-is not present a default value will be used.
-
-=item B<-cert certname>
-
-The certificate to use, most servers cipher suites require the use of a
-certificate and some require a certificate with a certain public key type:
-for example the DSS cipher suites require a certificate containing a DSS
-(DSA) key. If not specified then the filename "server.pem" will be used.
-
-=item B<-certform format>
-
-The certificate format to use: DER or PEM. PEM is the default.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used.
-
-=item B<-keyform format>
-
-The private format to use: DER or PEM. PEM is the default.
-
-=item B<-pass arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-dcert filename>, B<-dkey keyname>
-
-specify an additional certificate and private key, these behave in the
-same manner as the B<-cert> and B<-key> options except there is no default
-if they are not specified (no additional certificate and key is used). As
-noted above some cipher suites require a certificate containing a key of
-a certain type. Some cipher suites need a certificate carrying an RSA key
-and some a DSS (DSA) key. By using RSA and DSS certificates and keys
-a server can support clients which only support RSA or DSS cipher suites
-by using an appropriate certificate.
-
-=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
-
-additional certificate and private key format and passphrase respectively.
-
-=item B<-nocert>
-
-if this option is set then no certificate is used. This restricts the
-cipher suites available to the anonymous ones (currently just anonymous
-DH).
-
-=item B<-dhparam filename>
-
-the DH parameter file to use. The ephemeral DH cipher suites generate keys
-using a set of DH parameters. If not specified then an attempt is made to
-load the parameters from the server certificate file. If this fails then
-a static set of parameters hard coded into the s_server program will be used.
-
-=item B<-no_dhe>
-
-if this option is set then no DH parameters will be loaded effectively
-disabling the ephemeral DH cipher suites.
-
-=item B<-no_tmp_rsa>
-
-certain export cipher suites sometimes use a temporary RSA key, this option
-disables temporary RSA key generation.
-
-=item B<-verify depth>, B<-Verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-client certificate chain and makes the server request a certificate from
-the client. With the B<-verify> option a certificate is requested but the
-client does not have to send one, with the B<-Verify> option the client
-must supply a certificate or an error occurs.
-
-=item B<-crl_check>, B<-crl_check_all>
-
-Check the peer certificate has not been revoked by its CA.
-The CRL(s) are appended to the certificate file. With the B<-crl_check_all>
-option all CRLs of all CAs in the chain are checked.
-
-=item B<-CApath directory>
-
-The directory to use for client certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the server certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during client authentication
-and to use when attempting to build the server certificate chain. The list
-is also used in the list of acceptable client CAs passed to the client when
-a certificate is requested.
-
-=item B<-state>
-
-prints out the SSL session states.
-
-=item B<-debug>
-
-print extensive debugging information including a hex dump of all traffic.
-
-=item B<-msg>
-
-show all protocol messages with hex dump.
-
-=item B<-nbio_test>
-
-tests non blocking I/O
-
-=item B<-nbio>
-
-turns on non blocking I/O
-
-=item B<-crlf>
-
-this option translated a line feed from the terminal into CR+LF.
-
-=item B<-quiet>
-
-inhibit printing of session and certificate information.
-
-=item B<-psk_hint hint>
-
-Use the PSK identity hint B<hint> when using a PSK cipher suite.
-
-=item B<-psk key>
-
-Use the PSK key B<key> when using a PSK cipher suite. The key is
-given as a hexadecimal number without leading 0x, for example -psk
-1a2b3c4d.
-
-=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-hack>
-
-this option enables a further workaround for some some early Netscape
-SSL code (?).
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list used by the server to be modified.  When
-the client sends a list of supported ciphers the first client cipher
-also included in the server list is used. Because the client specifies
-the preference order, the order of the server cipherlist irrelevant. See
-the B<ciphers> command for more information.
-
-=item B<-tlsextdebug>
-
-print out a hex dump of any TLS extensions received from the server.
-
-=item B<-no_ticket>
-
-disable RFC4507bis session ticket support.
-
-=item B<-www>
-
-sends a status message back to the client when it connects. This includes
-lots of information about the ciphers used and various session parameters.
-The output is in HTML format so this option will normally be used with a
-web browser.
-
-=item B<-WWW>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded.
-
-=item B<-HTTP>
-
-emulates a simple web server. Pages will be resolved relative to the
-current directory, for example if the URL https://myhost/page.html is
-requested the file ./page.html will be loaded. The files loaded are
-assumed to contain a complete and correct HTTP response (lines that
-are part of the HTTP response line and headers must end with CRLF).
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<s_server>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<-id_prefix arg>
-
-generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful
-for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
-servers, when each of which might be generating a unique range of session
-IDs (eg. with a certain prefix).
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=back
-
-=head1 CONNECTED COMMANDS
-
-If a connection request is established with an SSL client and neither the
-B<-www> nor the B<-WWW> option has been used then normally any data received
-from the client is displayed and any key presses will be sent to the client.
-
-Certain single letter commands are also recognized which perform special
-operations: these are listed below.
-
-=over 4
-
-=item B<q>
-
-end the current SSL connection but still accept new connections.
-
-=item B<Q>
-
-end the current SSL connection and exit.
-
-=item B<r>
-
-renegotiate the SSL session.
-
-=item B<R>
-
-renegotiate the SSL session and request a client certificate.
-
-=item B<P>
-
-send some plain text down the underlying TCP connection: this should
-cause the client to disconnect due to a protocol violation.
-
-=item B<S>
-
-print out some session cache status information.
-
-=back
-
-=head1 NOTES
-
-B<s_server> can be used to debug SSL clients. To accept connections from
-a web browser the command:
-
- openssl s_server -accept 443 -www
-
-can be used for example.
-
-Most web browsers (in particular Netscape and MSIE) only support RSA cipher
-suites, so they cannot connect to servers which don't use a certificate
-carrying an RSA key or a version of OpenSSL with RSA disabled.
-
-Although specifying an empty list of CAs when requesting a client certificate
-is strictly speaking a protocol violation, some SSL clients interpret this to
-mean any CA is acceptable. This is useful for debugging purposes.
-
-The session parameters can printed out using the B<sess_id> program.
-
-=head1 BUGS
-
-Because this program has a lot of options and also because some of
-the techniques used are rather old, the C source of s_server is rather
-hard to read and not a model of how things should be done. A typical
-SSL server program would be much simpler.
-
-The output of common ciphers is wrong: it just gives the list of ciphers that
-OpenSSL recognizes and the client supports.
-
-There should be a way for the B<s_server> program to print out details of any
-unknown cipher suites a client says it supports.
-
-=head1 SEE ALSO
-
-L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/s_time.pod b/lib/libssl/src/doc/apps/s_time.pod
deleted file mode 100644
index 5be91873d10..00000000000
--- a/lib/libssl/src/doc/apps/s_time.pod
+++ /dev/null
@@ -1,173 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-s_time - SSL/TLS performance timing program
-
-=head1 SYNOPSIS
-
-B<openssl> B<s_time>
-[B<-connect host:port>]
-[B<-www page>]
-[B<-cert filename>]
-[B<-key filename>]
-[B<-CApath directory>]
-[B<-CAfile filename>]
-[B<-reuse>]
-[B<-new>]
-[B<-verify depth>]
-[B<-nbio>]
-[B<-time seconds>]
-[B<-ssl2>]
-[B<-ssl3>]
-[B<-bugs>]
-[B<-cipher cipherlist>]
-
-=head1 DESCRIPTION
-
-The B<s_client> command implements a generic SSL/TLS client which connects to a
-remote host using SSL/TLS. It can request a page from the server and includes
-the time to transfer the payload data in its timing measurements. It measures
-the number of connections within a given timeframe, the amount of data
-transferred (if any), and calculates the average time spent for one connection.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-connect host:port>
-
-This specifies the host and optional port to connect to.
-
-=item B<-www page>
-
-This specifies the page to GET from the server. A value of '/' gets the
-index.htm[l] page. If this parameter is not specified, then B<s_time> will only
-perform the handshake to establish SSL connections but not transfer any
-payload data.
-
-=item B<-cert certname>
-
-The certificate to use, if one is requested by the server. The default is
-not to use a certificate. The file is in PEM format.
-
-=item B<-key keyfile>
-
-The private key to use. If not specified then the certificate file will
-be used. The file is in PEM format.
-
-=item B<-verify depth>
-
-The verify depth to use. This specifies the maximum length of the
-server certificate chain and turns on server certificate verification.
-Currently the verify operation continues after errors so all the problems
-with a certificate chain can be seen. As a side effect the connection
-will never fail due to a server certificate verify failure.
-
-=item B<-CApath directory>
-
-The directory to use for server certificate verification. This directory
-must be in "hash format", see B<verify> for more information. These are
-also used when building the client certificate chain.
-
-=item B<-CAfile file>
-
-A file containing trusted certificates to use during server authentication
-and to use when attempting to build the client certificate chain.
-
-=item B<-new>
-
-performs the timing test using a new session ID for each connection.
-If neither B<-new> nor B<-reuse> are specified, they are both on by default
-and executed in sequence.
-
-=item B<-reuse>
-
-performs the timing test using the same session ID; this can be used as a test
-that session caching is working. If neither B<-new> nor B<-reuse> are
-specified, they are both on by default and executed in sequence.
-
-=item B<-nbio>
-
-turns on non-blocking I/O.
-
-=item B<-ssl2>, B<-ssl3>
-
-these options disable the use of certain SSL or TLS protocols. By default
-the initial handshake uses a method which should be compatible with all
-servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
-The timing program is not as rich in options to turn protocols on and off as
-the L<s_client(1)|s_client(1)> program and may not connect to all servers.
-
-Unfortunately there are a lot of ancient and broken servers in use which
-cannot handle this technique and will fail to connect. Some servers only
-work if TLS is turned off with the B<-ssl3> option; others
-will only support SSL v2 and may need the B<-ssl2> option.
-
-=item B<-bugs>
-
-there are several known bug in SSL and TLS implementations. Adding this
-option enables various workarounds.
-
-=item B<-cipher cipherlist>
-
-this allows the cipher list sent by the client to be modified. Although
-the server determines which cipher suite is used it should take the first
-supported cipher in the list sent by the client.
-See the L<ciphers(1)|ciphers(1)> command for more information.
-
-=item B<-time length>
-
-specifies how long (in seconds) B<s_time> should establish connections and
-optionally transfer payload data from a server. Server and client performance
-and the link speed determine how many connections B<s_time> can establish.
-
-=back
-
-=head1 NOTES
-
-B<s_client> can be used to measure the performance of an SSL connection.
-To connect to an SSL HTTP server and get the default page the command
-
- openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
-
-would typically be used (https uses port 443). 'commoncipher' is a cipher to
-which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
-for details.
-
-If the handshake fails then there are several possible causes, if it is
-nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
-B<-ssl3> options can be tried
-in case it is a buggy server. In particular you should play with these
-options B<before> submitting a bug report to an OpenSSL mailing list.
-
-A frequent problem when attempting to get client certificates working
-is that a web client complains it has no certificates or gives an empty
-list to choose from. This is normally because the server is not sending
-the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
-viewed and checked. However some servers only request client authentication
-after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
-send an HTTP request for an appropriate page.
-
-If a certificate is specified on the command line using the B<-cert>
-option it will not be used unless the server specifically requests
-a client certificate. Therefore merely including a client certificate
-on the command line is no guarantee that the certificate works.
-
-=head1 BUGS
-
-Because this program does not have all the options of the
-L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
-able to measure the performance of all protocols with all servers.
-
-The B<-verify> option should really exit if the server verification
-fails.
-
-=head1 SEE ALSO
-
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/sess_id.pod b/lib/libssl/src/doc/apps/sess_id.pod
deleted file mode 100644
index fea70b22e2f..00000000000
--- a/lib/libssl/src/doc/apps/sess_id.pod
+++ /dev/null
@@ -1,151 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-sess_id - SSL/TLS session handling utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<sess_id>
-[B<-inform PEM|DER>]
-[B<-outform PEM|DER>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-text>]
-[B<-noout>]
-[B<-context ID>]
-
-=head1 DESCRIPTION
-
-The B<sess_id> process the encoded version of the SSL session structure
-and optionally prints out SSL session details (for example the SSL session
-master key) in human readable format. Since this is a diagnostic tool that
-needs some knowledge of the SSL protocol to use properly, most users will
-not need to use it.
-
-=over 4
-
-=item B<-inform DER|PEM>
-
-This specifies the input format. The B<DER> option uses an ASN1 DER encoded
-format containing session details. The precise format can vary from one version
-to the next.  The B<PEM> form is the default format: it consists of the B<DER>
-format base64 encoded with additional header and footer lines.
-
-=item B<-outform DER|PEM>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read session information from or standard
-input by default.
-
-=item B<-out filename>
-
-This specifies the output filename to write session information to or standard
-output if this option is not specified.
-
-=item B<-text>
-
-prints out the various public or private key components in
-plain text in addition to the encoded version.
-
-=item B<-cert>
-
-if a certificate is present in the session it will be output using this option,
-if the B<-text> option is also present then it will be printed out in text form.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the session.
-
-=item B<-context ID>
-
-this option can set the session id so the output session information uses the
-supplied ID. The ID can be any string of characters. This option wont normally
-be used.
-
-=back
-
-=head1 OUTPUT
-
-Typical output:
-
- SSL-Session:
-     Protocol  : TLSv1
-     Cipher    : 0016
-     Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
-     Session-ID-ctx: 01000000
-     Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
-     Key-Arg   : None
-     Start Time: 948459261
-     Timeout   : 300 (sec)
-     Verify return code 0 (ok)
-
-Theses are described below in more detail.
-
-=over 4
-
-=item B<Protocol>
-
-this is the protocol in use TLSv1, SSLv3 or SSLv2.
-
-=item B<Cipher>
-
-the cipher used this is the actual raw SSL or TLS cipher code, see the SSL
-or TLS specifications for more information.
-
-=item B<Session-ID>
-
-the SSL session ID in hex format.
-
-=item B<Session-ID-ctx>
-
-the session ID context in hex format.
-
-=item B<Master-Key>
-
-this is the SSL session master key.
-
-=item B<Key-Arg>
-
-the key argument, this is only used in SSL v2.
-
-=item B<Start Time>
-
-this is the session start time represented as an integer in standard Unix format.
-
-=item B<Timeout>
-
-the timeout in seconds.
-
-=item B<Verify return code>
-
-this is the return code when an SSL client certificate is verified.
-
-=back
-
-=head1 NOTES
-
-The PEM encoded session format uses the header and footer lines:
-
- -----BEGIN SSL SESSION PARAMETERS-----
- -----END SSL SESSION PARAMETERS-----
-
-Since the SSL session output contains the master key it is possible to read the contents
-of an encrypted session using this information. Therefore appropriate security precautions
-should be taken if the information is being output by a "real" application. This is
-however strongly discouraged and should only be used for debugging purposes.
-
-=head1 BUGS
-
-The cipher and start time should be printed out in human readable form.
-
-=head1 SEE ALSO
-
-L<ciphers(1)|ciphers(1)>, L<s_server(1)|s_server(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/smime.pod b/lib/libssl/src/doc/apps/smime.pod
deleted file mode 100644
index 65090fda954..00000000000
--- a/lib/libssl/src/doc/apps/smime.pod
+++ /dev/null
@@ -1,445 +0,0 @@
-=pod
-
-=head1 NAME
-
-smime - S/MIME utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<smime>
-[B<-encrypt>]
-[B<-decrypt>]
-[B<-sign>]
-[B<-resign>]
-[B<-verify>]
-[B<-pk7out>]
-[B<-[cipher]>]
-[B<-in file>]
-[B<-certfile file>]
-[B<-signer file>]
-[B<-recip  file>]
-[B<-inform SMIME|PEM|DER>]
-[B<-passin arg>]
-[B<-inkey file>]
-[B<-out file>]
-[B<-outform SMIME|PEM|DER>]
-[B<-content file>]
-[B<-to addr>]
-[B<-from ad>]
-[B<-subject s>]
-[B<-text>]
-[B<-indef>]
-[B<-noindef>]
-[B<-stream>]
-[B<-rand file(s)>]
-[B<-md digest>]
-[cert.pem]...
-
-=head1 DESCRIPTION
-
-The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
-verify S/MIME messages.
-
-=head1 COMMAND OPTIONS
-
-There are six operation options that set the type of operation to be performed.
-The meaning of the other options varies according to the operation type.
-
-=over 4
-
-=item B<-encrypt>
-
-encrypt mail for the given recipient certificates. Input file is the message
-to be encrypted. The output file is the encrypted mail in MIME format.
-
-=item B<-decrypt>
-
-decrypt mail using the supplied certificate and private key. Expects an
-encrypted mail message in MIME format for the input file. The decrypted mail
-is written to the output file.
-
-=item B<-sign>
-
-sign mail using the supplied certificate and private key. Input file is
-the message to be signed. The signed message in MIME format is written
-to the output file.
-
-=item B<-verify>
-
-verify signed mail. Expects a signed mail message on input and outputs
-the signed data. Both clear text and opaque signing is supported.
-
-=item B<-pk7out>
-
-takes an input message and writes out a PEM encoded PKCS#7 structure.
-
-=item B<-resign>
-
-resign a message: take an existing message and one or more new signers.
-
-=item B<-in filename>
-
-the input message to be encrypted or signed or the MIME message to
-be decrypted or verified.
-
-=item B<-inform SMIME|PEM|DER>
-
-this specifies the input format for the PKCS#7 structure. The default
-is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
-format change this to expect PEM and DER format PKCS#7 structures
-instead. This currently only affects the input format of the PKCS#7
-structure, if no PKCS#7 structure is being input (for example with
-B<-encrypt> or B<-sign>) this option has no effect.
-
-=item B<-out filename>
-
-the message text that has been decrypted or verified or the output MIME
-format message that has been signed or verified.
-
-=item B<-outform SMIME|PEM|DER>
-
-this specifies the output format for the PKCS#7 structure. The default
-is B<SMIME> which write an S/MIME format message. B<PEM> and B<DER>
-format change this to write PEM and DER format PKCS#7 structures
-instead. This currently only affects the output format of the PKCS#7
-structure, if no PKCS#7 structure is being output (for example with
-B<-verify> or B<-decrypt>) this option has no effect.
-
-=item B<-stream -indef -noindef>
-
-the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
-for encoding operations. This permits single pass processing of data without
-the need to hold the entire contents in memory, potentially supporting very
-large files. Streaming is automatically set for S/MIME signing with detached
-data if the output format is B<SMIME> it is currently off by default for all
-other operations.
-
-=item B<-noindef>
-
-disable streaming I/O where it would produce and indefinite length constructed
-encoding. This option currently has no effect. In future streaming will be
-enabled by default on all relevant operations and this option will disable it.
-
-=item B<-content filename>
-
-This specifies a file containing the detached content, this is only
-useful with the B<-verify> command. This is only usable if the PKCS#7
-structure is using the detached signature form where the content is
-not included. This option will override any content if the input format
-is S/MIME and it uses the multipart/signed MIME content type.
-
-=item B<-text>
-
-this option adds plain text (text/plain) MIME headers to the supplied
-message if encrypting or signing. If decrypting or verifying it strips
-off text headers: if the decrypted or verified message is not of MIME
-type text/plain then an error occurs.
-
-=item B<-CAfile file>
-
-a file containing trusted CA certificates, only used with B<-verify>.
-
-=item B<-CApath dir>
-
-a directory containing trusted CA certificates, only used with
-B<-verify>. This directory must be a standard certificate directory: that
-is a hash of each subject name (using B<x509 -hash>) should be linked
-to each certificate.
-
-=item B<-md digest>
-
-digest algorithm to use when signing or resigning. If not present then the
-default digest algorithm for the signing key will be used (usually SHA1).
-
-=item B<-[cipher]>
-
-the encryption algorithm to use. For example DES  (56 bits) - B<-des>,
-triple DES (168 bits) - B<-des3>,
-EVP_get_cipherbyname() function) can also be used preceded by a dash, for
-example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
-supported by your version of OpenSSL.
-
-If not specified 40 bit RC2 is used. Only used with B<-encrypt>.
-
-=item B<-nointern>
-
-when verifying a message normally certificates (if any) included in
-the message are searched for the signing certificate. With this option
-only the certificates specified in the B<-certfile> option are used.
-The supplied certificates can still be used as untrusted CAs however.
-
-=item B<-noverify>
-
-do not verify the signers certificate of a signed message.
-
-=item B<-nochain>
-
-do not do chain verification of signers certificates: that is don't
-use the certificates in the signed message as untrusted CAs.
-
-=item B<-nosigs>
-
-don't try to verify the signatures on the message.
-
-=item B<-nocerts>
-
-when signing a message the signer's certificate is normally included
-with this option it is excluded. This will reduce the size of the
-signed message but the verifier must have a copy of the signers certificate
-available locally (passed using the B<-certfile> option for example).
-
-=item B<-noattr>
-
-normally when a message is signed a set of attributes are included which
-include the signing time and supported symmetric algorithms. With this
-option they are not included.
-
-=item B<-binary>
-
-normally the input message is converted to "canonical" format which is
-effectively using CR and LF as end of line: as required by the S/MIME
-specification. When this option is present no translation occurs. This
-is useful when handling binary data which may not be in MIME format.
-
-=item B<-nodetach>
-
-when signing a message use opaque signing: this form is more resistant
-to translation by mail relays but it cannot be read by mail agents that
-do not support S/MIME.  Without this option cleartext signing with
-the MIME type multipart/signed is used.
-
-=item B<-certfile file>
-
-allows additional certificates to be specified. When signing these will
-be included with the message. When verifying these will be searched for
-the signers certificates. The certificates should be in PEM format.
-
-=item B<-signer file>
-
-a signing certificate when signing or resigning a message, this option can be
-used multiple times if more than one signer is required. If a message is being
-verified then the signers certificates will be written to this file if the
-verification was successful.
-
-=item B<-recip file>
-
-the recipients certificate when decrypting a message. This certificate
-must match one of the recipients of the message or an error occurs.
-
-=item B<-inkey file>
-
-the private key to use when signing or decrypting. This must match the
-corresponding certificate. If this option is not specified then the
-private key must be included in the certificate file specified with
-the B<-recip> or B<-signer> file. When signing this option can be used
-multiple times to specify successive keys.
-
-=item B<-passin arg>
-
-the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-rand file(s)>
-
-a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
-Multiple files can be specified separated by a OS-dependent character.
-The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
-all others.
-
-=item B<cert.pem...>
-
-one or more certificates of message recipients: used when encrypting
-a message.
-
-=item B<-to, -from, -subject>
-
-the relevant mail headers. These are included outside the signed
-portion of a message so they may be included manually. If signing
-then many S/MIME mail clients check the signers certificate's email
-address matches that specified in the From: address.
-
-=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
-
-Set various options of certificate chain verification. See
-L<B<verify>|verify(1)> manual page for details.
-
-=back
-
-=head1 NOTES
-
-The MIME message must be sent without any blank lines between the
-headers and the output. Some mail programs will automatically add
-a blank line. Piping the mail directly to sendmail is one way to
-achieve the correct format.
-
-The supplied message to be signed or encrypted must include the
-necessary MIME headers or many S/MIME clients wont display it
-properly (if at all). You can use the B<-text> option to automatically
-add plain text headers.
-
-A "signed and encrypted" message is one where a signed message is
-then encrypted. This can be produced by encrypting an already signed
-message: see the examples section.
-
-This version of the program only allows one signer per message but it
-will verify multiple signers on received messages. Some S/MIME clients
-choke if a message contains multiple signers. It is possible to sign
-messages "in parallel" by signing an already signed message.
-
-The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
-clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
-encrypted data is used for other purposes.
-
-The B<-resign> option uses an existing message digest when adding a new
-signer. This means that attributes must be present in at least one existing
-signer using the same message digest or this operation will fail.
-
-The B<-stream> and B<-indef> options enable experimental streaming I/O support.
-As a result the encoding is BER using indefinite length constructed encoding
-and no longer DER. Streaming is supported for the B<-encrypt> operation and the
-B<-sign> operation if the content is not detached.
-
-Streaming is always used for the B<-sign> operation with detached data but
-since the content is no longer part of the PKCS#7 structure the encoding
-remains DER.
-
-=head1 EXIT CODES
-
-=over 4
-
-=item "0"
-
-the operation was completely successfully.
-
-=item "1"
-
-an error occurred parsing the command options.
-
-=item "2"
-
-one of the input files could not be read.
-
-=item "3"
-
-an error occurred creating the PKCS#7 file or when reading the MIME
-message.
-
-=item "4"
-
-an error occurred decrypting or verifying the message.
-
-=item "5"
-
-the message was verified correctly but an error occurred writing out
-the signers certificates.
-
-=back
-
-=head1 EXAMPLES
-
-Create a cleartext signed message:
-
- openssl smime -sign -in message.txt -text -out mail.msg \
-	-signer mycert.pem
-
-Create an opaque signed message:
-
- openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
-	-signer mycert.pem
-
-Create a signed message, include some additional certificates and
-read the private key from another file:
-
- openssl smime -sign -in in.txt -text -out mail.msg \
-	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
-
-Create a signed message with two signers:
-
- openssl smime -sign -in message.txt -text -out mail.msg \
-	-signer mycert.pem -signer othercert.pem
-
-Send a signed message under Unix directly to sendmail, including headers:
-
- openssl smime -sign -in in.txt -text -signer mycert.pem \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed message" | sendmail someone@somewhere
-
-Verify a message and extract the signer's certificate if successful:
-
- openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
-
-Send encrypted mail using triple DES:
-
- openssl smime -encrypt -in in.txt -from steve@openssl.org \
-	-to someone@somewhere -subject "Encrypted message" \
-	-des3 user.pem -out mail.msg
-
-Sign and encrypt mail:
-
- openssl smime -sign -in ml.txt -signer my.pem -text \
-	| openssl smime -encrypt -out mail.msg \
-	-from steve@openssl.org -to someone@somewhere \
-	-subject "Signed and Encrypted message" -des3 user.pem
-
-Note: the encryption command does not include the B<-text> option because the
-message being encrypted already has MIME headers.
-
-Decrypt mail:
-
- openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
-
-The output from Netscape form signing is a PKCS#7 structure with the
-detached signature format. You can use this program to verify the
-signature by line wrapping the base64 encoded structure and surrounding
-it with:
-
- -----BEGIN PKCS7-----
- -----END PKCS7-----
-
-and using the command:
-
- openssl smime -verify -inform PEM -in signature.pem -content content.txt
-
-Alternatively you can base64 decode the signature and use:
-
- openssl smime -verify -inform DER -in signature.der -content content.txt
-
-Create an encrypted message using 128 bit Camellia:
-
- openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
-
-Add a signer to an existing message:
-
- openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
-
-=head1 BUGS
-
-The MIME parser isn't very clever: it seems to handle most messages that I've
-thrown at it but it may choke on others.
-
-The code currently will only write out the signer's certificate to a file: if
-the signer has a separate encryption certificate this must be manually
-extracted. There should be some heuristic that determines the correct
-encryption certificate.
-
-Ideally a database should be maintained of a certificates for each email
-address.
-
-The code doesn't currently take note of the permitted symmetric encryption
-algorithms as supplied in the SMIMECapabilities signed attribute. This means the
-user has to manually include the correct encryption algorithm. It should store
-the list of permitted ciphers in a database and only use those.
-
-No revocation checking is done on the signer's certificate.
-
-The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
-structures may cause parsing errors.
-
-=head1 HISTORY
-
-The use of multiple B<-signer> options and the B<-resign> command were first
-added in OpenSSL 1.0.0
-
-
-=cut
diff --git a/lib/libssl/src/doc/apps/speed.pod b/lib/libssl/src/doc/apps/speed.pod
deleted file mode 100644
index c309d9a0603..00000000000
--- a/lib/libssl/src/doc/apps/speed.pod
+++ /dev/null
@@ -1,58 +0,0 @@
-=pod
-
-=head1 NAME
-
-speed - test library performance
-
-=head1 SYNOPSIS
-
-B<openssl speed>
-[B<-engine id>]
-[B<md2>]
-[B<md5>]
-[B<hmac>]
-[B<sha1>]
-[B<rmd160>]
-[B<idea-cbc>]
-[B<rc2-cbc>]
-[B<rc5-cbc>]
-[B<bf-cbc>]
-[B<des-cbc>]
-[B<des-ede3>]
-[B<rc4>]
-[B<rsa512>]
-[B<rsa1024>]
-[B<rsa2048>]
-[B<rsa4096>]
-[B<dsa512>]
-[B<dsa1024>]
-[B<dsa2048>]
-[B<idea>]
-[B<rc2>]
-[B<des>]
-[B<rsa>]
-[B<blowfish>]
-
-=head1 DESCRIPTION
-
-This command is used to test the performance of cryptographic algorithms.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<speed>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=item B<[zero or more test algorithms]>
-
-If any options are given, B<speed> tests those algorithms, otherwise all of
-the above are tested.
-
-=back
-
-=cut
diff --git a/lib/libssl/src/doc/apps/spkac.pod b/lib/libssl/src/doc/apps/spkac.pod
deleted file mode 100644
index 97fb80e4016..00000000000
--- a/lib/libssl/src/doc/apps/spkac.pod
+++ /dev/null
@@ -1,133 +0,0 @@
-=pod
-
-=head1 NAME
-
-spkac - SPKAC printing and generating utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<spkac>
-[B<-in filename>]
-[B<-out filename>]
-[B<-key keyfile>]
-[B<-passin arg>]
-[B<-challenge string>]
-[B<-pubkey>]
-[B<-spkac spkacname>]
-[B<-spksect section>]
-[B<-noout>]
-[B<-verify>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<spkac> command processes Netscape signed public key and challenge
-(SPKAC) files. It can print out their contents, verify the signature and
-produce its own SPKACs from a supplied private key.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-in filename>
-
-This specifies the input filename to read from or standard input if this
-option is not specified. Ignored if the B<-key> option is used.
-
-=item B<-out filename>
-
-specifies the output filename to write to or standard output by
-default.
-
-=item B<-key keyfile>
-
-create an SPKAC file using the private key in B<keyfile>. The
-B<-in>, B<-noout>, B<-spksect> and B<-verify> options are ignored if
-present.
-
-=item B<-passin password>
-
-the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
-
-=item B<-challenge string>
-
-specifies the challenge string if an SPKAC is being created.
-
-=item B<-spkac spkacname>
-
-allows an alternative name form the variable containing the
-SPKAC. The default is "SPKAC". This option affects both
-generated and input SPKAC files.
-
-=item B<-spksect section>
-
-allows an alternative name form the section containing the
-SPKAC. The default is the default section.
-
-=item B<-noout>
-
-don't output the text version of the SPKAC (not used if an
-SPKAC is being created).
-
-=item B<-pubkey>
-
-output the public key of an SPKAC (not used if an SPKAC is
-being created).
-
-=item B<-verify>
-
-verifies the digital signature on the supplied SPKAC.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<spkac>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head1 EXAMPLES
-
-Print out the contents of an SPKAC:
-
- openssl spkac -in spkac.cnf
-
-Verify the signature of an SPKAC:
-
- openssl spkac -in spkac.cnf -noout -verify
-
-Create an SPKAC using the challenge string "hello":
-
- openssl spkac -key key.pem -challenge hello -out spkac.cnf
-
-Example of an SPKAC, (long lines split up for clarity):
-
- SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1cCoq2Wa3Ixs47uI7F\
- PVwHVIPDx5yso105Y6zpozam135a8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03u\
- PFoQIDAQABFgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJh1bEIYuc\
- 2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnDdq+NQ3F+X4deMx9AaEglZtULwV\
- 4=
-
-=head1 NOTES
-
-A created SPKAC with suitable DN components appended can be fed into
-the B<ca> utility.
-
-SPKACs are typically generated by Netscape when a form is submitted
-containing the B<KEYGEN> tag as part of the certificate enrollment
-process.
-
-The challenge string permits a primitive form of proof of possession
-of private key. By checking the SPKAC signature and a random challenge
-string some guarantee is given that the user knows the private key
-corresponding to the public key being certified. This is important in
-some applications. Without this it is possible for a previous SPKAC
-to be used in a "replay attack".
-
-=head1 SEE ALSO
-
-L<ca(1)|ca(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/ts.pod b/lib/libssl/src/doc/apps/ts.pod
deleted file mode 100644
index 3075b6887a2..00000000000
--- a/lib/libssl/src/doc/apps/ts.pod
+++ /dev/null
@@ -1,594 +0,0 @@
-=pod
-
-=head1 NAME
-
-ts - Time Stamping Authority tool (client/server)
-
-=head1 SYNOPSIS
-
-B<openssl> B<ts>
-B<-query>
-[B<-rand> file:file...]
-[B<-config> configfile]
-[B<-data> file_to_hash]
-[B<-digest> digest_bytes]
-[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>]
-[B<-policy> object_id]
-[B<-no_nonce>]
-[B<-cert>]
-[B<-in> request.tsq]
-[B<-out> request.tsq]
-[B<-text>]
-
-B<openssl> B<ts>
-B<-reply>
-[B<-config> configfile]
-[B<-section> tsa_section]
-[B<-queryfile> request.tsq]
-[B<-passin> password_src]
-[B<-signer> tsa_cert.pem]
-[B<-inkey> private.pem]
-[B<-chain> certs_file.pem]
-[B<-policy> object_id]
-[B<-in> response.tsr]
-[B<-token_in>]
-[B<-out> response.tsr]
-[B<-token_out>]
-[B<-text>]
-[B<-engine> id]
-
-B<openssl> B<ts>
-B<-verify>
-[B<-data> file_to_hash]
-[B<-digest> digest_bytes]
-[B<-queryfile> request.tsq]
-[B<-in> response.tsr]
-[B<-token_in>]
-[B<-CApath> trusted_cert_path]
-[B<-CAfile> trusted_certs.pem]
-[B<-untrusted> cert_file.pem]
-
-=head1 DESCRIPTION
-
-The B<ts> command is a basic Time Stamping Authority (TSA) client and server
-application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A
-TSA can be part of a PKI deployment and its role is to provide long
-term proof of the existence of a certain datum before a particular
-time. Here is a brief description of the protocol:
-
-=over 4
-
-=item 1.
-
-The TSA client computes a one-way hash value for a data file and sends
-the hash to the TSA.
-
-=item 2.
-
-The TSA attaches the current date and time to the received hash value,
-signs them and sends the time stamp token back to the client. By
-creating this token the TSA certifies the existence of the original
-data file at the time of response generation.
-
-=item 3.
-
-The TSA client receives the time stamp token and verifies the
-signature on it. It also checks if the token contains the same hash
-value that it had sent to the TSA.
-
-=back
-
-There is one DER encoded protocol data unit defined for transporting a time
-stamp request to the TSA and one for sending the time stamp response
-back to the client. The B<ts> command has three main functions:
-creating a time stamp request based on a data file,
-creating a time stamp response based on a request, verifying if a
-response corresponds to a particular request or a data file.
-
-There is no support for sending the requests/responses automatically
-over HTTP or TCP yet as suggested in RFC 3161. The users must send the
-requests either by ftp or e-mail.
-
-=head1 OPTIONS
-
-=head2 Time Stamp Request generation
-
-The B<-query> switch can be used for creating and printing a time stamp
-request with the following options:
-
-=over 4
-
-=item B<-rand> file:file...
-
-The files containing random data for seeding the random number
-generator. Multiple files can be specified, the separator is B<;> for
-MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
-
-=item B<-config> configfile
-
-The configuration file to use, this option overrides the
-B<OPENSSL_CONF> environment variable. Only the OID section
-of the config file is used with the B<-query> command. (Optional)
-
-=item B<-data> file_to_hash
-
-The data file for which the time stamp request needs to be
-created. stdin is the default if neither the B<-data> nor the B<-digest>
-parameter is specified. (Optional)
-
-=item B<-digest> digest_bytes
-
-It is possible to specify the message imprint explicitly without the data
-file. The imprint must be specified in a hexadecimal format, two characters
-per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
-1AF601...). The number of bytes must match the message digest algorithm
-in use. (Optional)
-
-=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-ripemd160>|B<...>
-
-The message digest to apply to the data file, it supports all the message
-digest algorithms that are supported by the openssl B<dgst> command.
-The default is SHA-1. (Optional)
-
-=item B<-policy> object_id
-
-The policy that the client expects the TSA to use for creating the
-time stamp token. Either the dotted OID notation or OID names defined
-in the config file can be used. If no policy is requested the TSA will
-use its own default policy. (Optional)
-
-=item B<-no_nonce>
-
-No nonce is specified in the request if this option is
-given. Otherwise a 64 bit long pseudo-random none is
-included in the request. It is recommended to use nonce to
-protect against replay-attacks. (Optional)
-
-=item B<-cert>
-
-The TSA is expected to include its signing certificate in the
-response. (Optional)
-
-=item B<-in> request.tsq
-
-This option specifies a previously created time stamp request in DER
-format that will be printed into the output file. Useful when you need
-to examine the content of a request in human-readable
-
-format. (Optional)
-
-=item B<-out> request.tsq
-
-Name of the output file to which the request will be written. Default
-is stdout. (Optional)
-
-=item B<-text>
-
-If this option is specified the output is human-readable text format
-instead of DER. (Optional)
-
-=back
-
-=head2 Time Stamp Response generation
-
-A time stamp response (TimeStampResp) consists of a response status
-and the time stamp token itself (ContentInfo), if the token generation was
-successful. The B<-reply> command is for creating a time stamp
-response or time stamp token based on a request and printing the
-response/token in human-readable format. If B<-token_out> is not
-specified the output is always a time stamp response (TimeStampResp),
-otherwise it is a time stamp token (ContentInfo).
-
-=over 4
-
-=item B<-config> configfile
-
-The configuration file to use, this option overrides the
-B<OPENSSL_CONF> environment variable. See B<CONFIGURATION FILE
-OPTIONS> for configurable variables. (Optional)
-
-=item B<-section> tsa_section
-
-The name of the config file section conatining the settings for the
-response generation. If not specified the default TSA section is
-used, see B<CONFIGURATION FILE OPTIONS> for details. (Optional)
-
-=item B<-queryfile> request.tsq
-
-The name of the file containing a DER encoded time stamp request. (Optional)
-
-=item B<-passin> password_src
-
-Specifies the password source for the private key of the TSA. See
-B<PASS PHRASE ARGUMENTS> in L<openssl(1)|openssl(1)>. (Optional)
-
-=item B<-signer> tsa_cert.pem
-
-The signer certificate of the TSA in PEM format. The TSA signing
-certificate must have exactly one extended key usage assigned to it:
-timeStamping. The extended key usage must also be critical, otherwise
-the certificate is going to be refused. Overrides the B<signer_cert>
-variable of the config file. (Optional)
-
-=item B<-inkey> private.pem
-
-The signer private key of the TSA in PEM format. Overrides the
-B<signer_key> config file option. (Optional)
-
-=item B<-chain> certs_file.pem
-
-The collection of certificates in PEM format that will all
-be included in the response in addition to the signer certificate if
-the B<-cert> option was used for the request. This file is supposed to
-contain the certificate chain for the signer certificate from its
-issuer upwards. The B<-reply> command does not build a certificate
-chain automatically. (Optional)
-
-=item B<-policy> object_id
-
-The default policy to use for the response unless the client
-explicitly requires a particular TSA policy. The OID can be specified
-either in dotted notation or with its name. Overrides the
-B<default_policy> config file option. (Optional)
-
-=item B<-in> response.tsr
-
-Specifies a previously created time stamp response or time stamp token
-(if B<-token_in> is also specified) in DER format that will be written
-to the output file. This option does not require a request, it is
-useful e.g. when you need to examine the content of a response or
-token or you want to extract the time stamp token from a response. If
-the input is a token and the output is a time stamp response a default
-'granted' status info is added to the token. (Optional)
-
-=item B<-token_in>
-
-This flag can be used together with the B<-in> option and indicates
-that the input is a DER encoded time stamp token (ContentInfo) instead
-of a time stamp response (TimeStampResp). (Optional)
-
-=item B<-out> response.tsr
-
-The response is written to this file. The format and content of the
-file depends on other options (see B<-text>, B<-token_out>). The default is
-stdout. (Optional)
-
-=item B<-token_out>
-
-The output is a time stamp token (ContentInfo) instead of time stamp
-response (TimeStampResp). (Optional)
-
-=item B<-text>
-
-If this option is specified the output is human-readable text format
-instead of DER. (Optional)
-
-=item B<-engine> id
-
-Specifying an engine (by its unique B<id> string) will cause B<ts>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms. Default is builtin. (Optional)
-
-=back
-
-=head2 Time Stamp Response verification
-
-The B<-verify> command is for verifying if a time stamp response or time
-stamp token is valid and matches a particular time stamp request or
-data file. The B<-verify> command does not use the configuration file.
-
-=over 4
-
-=item B<-data> file_to_hash
-
-The response or token must be verified against file_to_hash. The file
-is hashed with the message digest algorithm specified in the token.
-The B<-digest> and B<-queryfile> options must not be specified with this one.
-(Optional)
-
-=item B<-digest> digest_bytes
-
-The response or token must be verified against the message digest specified
-with this option. The number of bytes must match the message digest algorithm
-specified in the token. The B<-data> and B<-queryfile> options must not be
-specified with this one. (Optional)
-
-=item B<-queryfile> request.tsq
-
-The original time stamp request in DER format. The B<-data> and B<-digest>
-options must not be specified with this one. (Optional)
-
-=item B<-in> response.tsr
-
-The time stamp response that needs to be verified in DER format. (Mandatory)
-
-=item B<-token_in>
-
-This flag can be used together with the B<-in> option and indicates
-that the input is a DER encoded time stamp token (ContentInfo) instead
-of a time stamp response (TimeStampResp). (Optional)
-
-=item B<-CApath> trusted_cert_path
-
-The name of the directory containing the trused CA certificates of the
-client. See the similar option of L<verify(1)|verify(1)> for additional
-details. Either this option or B<-CAfile> must be specified. (Optional)
-
-
-=item B<-CAfile> trusted_certs.pem
-
-The name of the file containing a set of trusted self-signed CA
-certificates in PEM format. See the similar option of
-L<verify(1)|verify(1)> for additional details. Either this option
-or B<-CApath> must be specified.
-(Optional)
-
-=item B<-untrusted> cert_file.pem
-
-Set of additional untrusted certificates in PEM format which may be
-needed when building the certificate chain for the TSA's signing
-certificate. This file must contain the TSA signing certificate and
-all intermediate CA certificates unless the response includes them.
-(Optional)
-
-=back
-
-=head1 CONFIGURATION FILE OPTIONS
-
-The B<-query> and B<-reply> commands make use of a configuration file
-defined by the B<OPENSSL_CONF> environment variable. See L<config(5)|config(5)>
-for a general description of the syntax of the config file. The
-B<-query> command uses only the symbolic OID names section
-and it can work without it. However, the B<-reply> command needs the
-config file for its operation.
-
-When there is a command line switch equivalent of a variable the
-switch always overrides the settings in the config file.
-
-=over 4
-
-=item B<tsa> section, B<default_tsa>
-
-This is the main section and it specifies the name of another section
-that contains all the options for the B<-reply> command. This default
-section can be overridden with the B<-section> command line switch. (Optional)
-
-=item B<oid_file>
-
-See L<ca(1)|ca(1)> for description. (Optional)
-
-=item B<oid_section>
-
-See L<ca(1)|ca(1)> for description. (Optional)
-
-=item B<RANDFILE>
-
-See L<ca(1)|ca(1)> for description. (Optional)
-
-=item B<serial>
-
-The name of the file containing the hexadecimal serial number of the
-last time stamp response created. This number is incremented by 1 for
-each response. If the file does not exist at the time of response
-generation a new file is created with serial number 1. (Mandatory)
-
-=item B<crypto_device>
-
-Specifies the OpenSSL engine that will be set as the default for
-all available algorithms. The default value is builtin, you can specify
-any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM).
-(Optional)
-
-=item B<signer_cert>
-
-TSA signing certificate in PEM format. The same as the B<-signer>
-command line option. (Optional)
-
-=item B<certs>
-
-A file containing a set of PEM encoded certificates that need to be
-included in the response. The same as the B<-chain> command line
-option. (Optional)
-
-=item B<signer_key>
-
-The private key of the TSA in PEM format. The same as the B<-inkey>
-command line option. (Optional)
-
-=item B<default_policy>
-
-The default policy to use when the request does not mandate any
-policy. The same as the B<-policy> command line option. (Optional)
-
-=item B<other_policies>
-
-Comma separated list of policies that are also acceptable by the TSA
-and used only if the request explicitly specifies one of them. (Optional)
-
-=item B<digests>
-
-The list of message digest algorithms that the TSA accepts. At least
-one algorithm must be specified. (Mandatory)
-
-=item B<accuracy>
-
-The accuracy of the time source of the TSA in seconds, milliseconds
-and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of
-the components is missing zero is assumed for that field. (Optional)
-
-=item B<clock_precision_digits>
-
-Specifies the maximum number of digits, which represent the fraction of
-seconds, that  need to be included in the time field. The trailing zeroes
-must be removed from the time, so there might actually be fewer digits,
-or no fraction of seconds at all. Supported only on UNIX platforms.
-The maximum value is 6, default is 0.
-(Optional)
-
-=item B<ordering>
-
-If this option is yes the responses generated by this TSA can always
-be ordered, even if the time difference between two responses is less
-than the sum of their accuracies. Default is no. (Optional)
-
-=item B<tsa_name>
-
-Set this option to yes if the subject name of the TSA must be included in
-the TSA name field of the response. Default is no. (Optional)
-
-=item B<ess_cert_id_chain>
-
-The SignedData objects created by the TSA always contain the
-certificate identifier of the signing certificate in a signed
-attribute (see RFC 2634, Enhanced Security Services). If this option
-is set to yes and either the B<certs> variable or the B<-chain> option
-is specified then the certificate identifiers of the chain will also
-be included in the SigningCertificate signed attribute. If this
-variable is set to no, only the signing certificate identifier is
-included. Default is no. (Optional)
-
-=back
-
-=head1 ENVIRONMENT VARIABLES
-
-B<OPENSSL_CONF> contains the path of the configuration file and can be
-overridden by the B<-config> command line option.
-
-=head1 EXAMPLES
-
-All the examples below presume that B<OPENSSL_CONF> is set to a proper
-configuration file, e.g. the example configuration file
-openssl/apps/openssl.cnf will do.
-
-=head2 Time Stamp Request
-
-To create a time stamp request for design1.txt with SHA-1
-without nonce and policy and no certificate is required in the response:
-
-  openssl ts -query -data design1.txt -no_nonce \
-	-out design1.tsq
-
-To create a similar time stamp request with specifying the message imprint
-explicitly:
-
-  openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
-	 -no_nonce -out design1.tsq
-
-To print the content of the previous request in human readable format:
-
-  openssl ts -query -in design1.tsq -text
-
-To create a time stamp request which includes the MD-5 digest
-of design2.txt, requests the signer certificate and nonce,
-specifies a policy id (assuming the tsa_policy1 name is defined in the
-OID section of the config file):
-
-  openssl ts -query -data design2.txt -md5 \
-	-policy tsa_policy1 -cert -out design2.tsq
-
-=head2 Time Stamp Response
-
-Before generating a response a signing certificate must be created for
-the TSA that contains the B<timeStamping> critical extended key usage extension
-without any other key usage extensions. You can add the
-'extendedKeyUsage = critical,timeStamping' line to the user certificate section
-of the config file to generate a proper certificate. See L<req(1)|req(1)>,
-L<ca(1)|ca(1)>, L<x509(1)|x509(1)> for instructions. The examples
-below assume that cacert.pem contains the certificate of the CA,
-tsacert.pem is the signing certificate issued by cacert.pem and
-tsakey.pem is the private key of the TSA.
-
-To create a time stamp response for a request:
-
-  openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
-	-signer tsacert.pem -out design1.tsr
-
-If you want to use the settings in the config file you could just write:
-
-  openssl ts -reply -queryfile design1.tsq -out design1.tsr
-
-To print a time stamp reply to stdout in human readable format:
-
-  openssl ts -reply -in design1.tsr -text
-
-To create a time stamp token instead of time stamp response:
-
-  openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out
-
-To print a time stamp token to stdout in human readable format:
-
-  openssl ts -reply -in design1_token.der -token_in -text -token_out
-
-To extract the time stamp token from a response:
-
-  openssl ts -reply -in design1.tsr -out design1_token.der -token_out
-
-To add 'granted' status info to a time stamp token thereby creating a
-valid response:
-
-  openssl ts -reply -in design1_token.der -token_in -out design1.tsr
-
-=head2 Time Stamp Verification
-
-To verify a time stamp reply against a request:
-
-  openssl ts -verify -queryfile design1.tsq -in design1.tsr \
-	-CAfile cacert.pem -untrusted tsacert.pem
-
-To verify a time stamp reply that includes the certificate chain:
-
-  openssl ts -verify -queryfile design2.tsq -in design2.tsr \
-	-CAfile cacert.pem
-
-To verify a time stamp token against the original data file:
-  openssl ts -verify -data design2.txt -in design2.tsr \
-	-CAfile cacert.pem
-
-To verify a time stamp token against a message imprint:
-  openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
-	 -in design2.tsr -CAfile cacert.pem
-
-You could also look at the 'test' directory for more examples.
-
-=head1 BUGS
-
-If you find any bugs or you have suggestions please write to
-Zoltan Glozik <zglozik@opentsa.org>. Known issues:
-
-=over 4
-
-=item * No support for time stamps over SMTP, though it is quite easy
-to implement an automatic e-mail based TSA with L<procmail(1)|procmail(1)>
-and L<perl(1)|perl(1)>. HTTP server support is provided in the form of
-a separate apache module. HTTP client support is provided by
-L<tsget(1)|tsget(1)>. Pure TCP/IP protocol is not supported.
-
-=item * The file containing the last serial number of the TSA is not
-locked when being read or written. This is a problem if more than one
-instance of L<openssl(1)|openssl(1)> is trying to create a time stamp
-response at the same time. This is not an issue when using the apache
-server module, it does proper locking.
-
-=item * Look for the FIXME word in the source files.
-
-=item * The source code should really be reviewed by somebody else, too.
-
-=item * More testing is needed, I have done only some basic tests (see
-test/testtsa).
-
-=back
-
-=cut
-
-=head1 AUTHOR
-
-Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
-
-=head1 SEE ALSO
-
-L<tsget(1)|tsget(1)>, L<openssl(1)|openssl(1)>, L<req(1)|req(1)>,
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<config(5)|config(5)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/verify.pod b/lib/libssl/src/doc/apps/verify.pod
deleted file mode 100644
index 427d463dae5..00000000000
--- a/lib/libssl/src/doc/apps/verify.pod
+++ /dev/null
@@ -1,405 +0,0 @@
-=pod
-
-=head1 NAME
-
-verify - Utility to verify certificates.
-
-=head1 SYNOPSIS
-
-B<openssl> B<verify>
-[B<-CApath directory>]
-[B<-CAfile file>]
-[B<-purpose purpose>]
-[B<-policy arg>]
-[B<-ignore_critical>]
-[B<-crl_check>]
-[B<-crl_check_all>]
-[B<-policy_check>]
-[B<-explicit_policy>]
-[B<-inhibit_any>]
-[B<-inhibit_map>]
-[B<-x509_strict>]
-[B<-extended_crl>]
-[B<-use_deltas>]
-[B<-policy_print>]
-[B<-untrusted file>]
-[B<-help>]
-[B<-issuer_checks>]
-[B<-verbose>]
-[B<->]
-[certificates]
-
-
-=head1 DESCRIPTION
-
-The B<verify> command verifies certificate chains.
-
-=head1 COMMAND OPTIONS
-
-=over 4
-
-=item B<-CApath directory>
-
-A directory of trusted certificates. The certificates should have names
-of the form: hash.0 or have symbolic links to them of this
-form ("hash" is the hashed certificate subject name: see the B<-hash> option
-of the B<x509> utility).
-
-=item B<-CAfile file>
-
-A file of trusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
-=item B<-untrusted file>
-
-A file of untrusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
-
-=item B<-purpose purpose>
-
-The intended use for the certificate. If this option is not specified,
-B<verify> will not consider certificate purpose during chain verification.
-Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
-B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
-information.
-
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-Print extra information about the operations being performed.
-
-=item B<-issuer_checks>
-
-Print out diagnostics relating to searches for the issuer certificate of the
-current certificate. This shows why each candidate issuer certificate was
-rejected. The presence of rejection messages does not itself imply that
-anything is wrong; during the normal verification process, several
-rejections may take place.
-
-=item B<-policy arg>
-
-Enable policy processing and add B<arg> to the user-initial-policy-set (see
-RFC5280). The policy B<arg> can be an object name an OID in numeric form.
-This argument can appear more than once.
-
-=item B<-policy_check>
-
-Enables certificate policy processing.
-
-=item B<-explicit_policy>
-
-Set policy variable require-explicit-policy (see RFC5280).
-
-=item B<-inhibit_any>
-
-Set policy variable inhibit-any-policy (see RFC5280).
-
-=item B<-inhibit_map>
-
-Set policy variable inhibit-policy-mapping (see RFC5280).
-
-=item B<-policy_print>
-
-Print out diagnostics related to policy processing.
-
-=item B<-crl_check>
-
-Checks end entity certificate validity by attempting to look up a valid CRL.
-If a valid CRL cannot be found an error occurs.
-
-=item B<-crl_check_all>
-
-Checks the validity of B<all> certificates in the chain by attempting
-to look up valid CRLs.
-
-=item B<-ignore_critical>
-
-Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by RFC5280).
-If this option is set critical extensions are ignored.
-
-=item B<-x509_strict>
-
-For strict X.509 compliance, disable non-compliant workarounds for broken
-certificates.
-
-=item B<-extended_crl>
-
-Enable extended CRL features such as indirect CRLs and alternate CRL
-signing keys.
-
-=item B<-use_deltas>
-
-Enable support for delta CRLs.
-
-=item B<-check_ss_sig>
-
-Verify the signature on the self-signed root CA. This is disabled by default
-because it doesn't add any security.
-
-=item B<->
-
-Indicates the last option. All arguments following this are assumed to be
-certificate files. This is useful if the first certificate filename begins
-with a B<->.
-
-=item B<certificates>
-
-One or more certificates to verify. If no certificates are given, B<verify>
-will attempt to read a certificate from standard input. Certificates must be
-in PEM format.
-
-=back
-
-=head1 VERIFY OPERATION
-
-The B<verify> program uses the same functions as the internal SSL and S/MIME
-verification, therefore this description applies to these verify operations
-too.
-
-There is one crucial difference between the verify operations performed
-by the B<verify> program: wherever possible an attempt is made to continue
-after an error whereas normally the verify operation would halt on the
-first error. This allows all the problems with a certificate chain to be
-determined.
-
-The verify operation consists of a number of separate steps.
-
-Firstly a certificate chain is built up starting from the supplied certificate
-and ending in the root CA. It is an error if the whole chain cannot be built
-up. The chain is built up by looking up the issuers certificate of the current
-certificate. If a certificate is found which is its own issuer it is assumed
-to be the root CA.
-
-The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
-whose subject name matches the issuer name of the current certificate are
-subject to further tests. The relevant authority key identifier components
-of the current certificate (if present) must match the subject key identifier
-(if present) and issuer and serial number of the candidate issuer, in addition
-the keyUsage extension of the candidate issuer (if present) must permit
-certificate signing.
-
-The lookup first looks in the list of untrusted certificates and if no match
-is found the remaining lookups are from the trusted certificates. The root CA
-is always looked up in the trusted certificate list: if the certificate to
-verify is a root certificate then an exact match must be found in the trusted
-list.
-
-The second operation is to check every untrusted certificate's extensions for
-consistency with the supplied purpose. If the B<-purpose> option is not included
-then no checks are done. The supplied or "leaf" certificate must have extensions
-compatible with the supplied purpose and all other certificates must also be valid
-CA certificates. The precise extensions required are described in more detail in
-the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.
-
-The third operation is to check the trust settings on the root CA. The root
-CA should be trusted for the supplied purpose. For compatibility with previous
-versions of SSLeay and OpenSSL a certificate with no trust settings is considered
-to be valid for all purposes.
-
-The final operation is to check the validity of the certificate chain. The validity
-period is checked against the current system time and the notBefore and notAfter
-dates in the certificate. The certificate signatures are also checked at this
-point.
-
-If all operations complete successfully then certificate is considered valid. If
-any operation fails then the certificate is not valid.
-
-=head1 DIAGNOSTICS
-
-When a verify operation fails the output messages can be somewhat cryptic. The
-general form of the error message is:
-
- server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
- error 24 at 1 depth lookup:invalid CA certificate
-
-The first line contains the name of the certificate being verified followed by
-the subject name of the certificate. The second line contains the error number
-and the depth. The depth is number of the certificate being verified when a
-problem was detected starting with zero for the certificate being verified itself
-then 1 for the CA that signed the certificate and so on. Finally a text version
-of the error number is presented.
-
-An exhaustive list of the error codes and messages is shown below, this also
-includes the name of the error code as defined in the header file x509_vfy.h
-Some of the error codes are defined but never returned: these are described
-as "unused".
-
-=over 4
-
-=item B<0 X509_V_OK: ok>
-
-the operation was successful.
-
-=item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
-
-the issuer certificate of a looked up certificate could not be found. This
-normally means the list of trusted certificates is not complete.
-
-=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
-
-the CRL of a certificate could not be found.
-
-=item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
-
-the certificate signature could not be decrypted. This means that the actual signature value
-could not be determined rather than it not matching the expected value, this is only
-meaningful for RSA keys.
-
-=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
-
-the CRL signature could not be decrypted: this means that the actual signature value
-could not be determined rather than it not matching the expected value. Unused.
-
-=item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
-
-the public key in the certificate SubjectPublicKeyInfo could not be read.
-
-=item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
-
-the certificate is not yet valid: the notBefore date is after the current time.
-
-=item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
-
-the certificate has expired: that is the notAfter date is before the current time.
-
-=item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
-
-the CRL is not yet valid.
-
-=item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
-
-the CRL has expired.
-
-=item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
-
-the certificate notBefore field contains an invalid time.
-
-=item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
-
-the certificate notAfter field contains an invalid time.
-
-=item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
-
-the CRL lastUpdate field contains an invalid time.
-
-=item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
-
-the CRL nextUpdate field contains an invalid time.
-
-=item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
-
-an error occurred trying to allocate memory. This should never happen.
-
-=item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
-
-the passed certificate is self signed and the same certificate cannot be found in the list of
-trusted certificates.
-
-=item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
-
-the certificate chain could be built up using the untrusted certificates but the root could not
-be found locally.
-
-=item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
-
-the issuer certificate could not be found: this occurs if the issuer
-certificate of an untrusted certificate cannot be found.
-
-=item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
-
-no signatures could be verified because the chain contains only one certificate and it is not
-self signed.
-
-=item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
-
-the certificate chain length is greater than the supplied maximum depth. Unused.
-
-=item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
-
-the certificate has been revoked.
-
-=item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
-
-a CA certificate is invalid. Either it is not a CA or its extensions are not consistent
-with the supplied purpose.
-
-=item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
-
-the basicConstraints pathlength parameter has been exceeded.
-
-=item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
-
-the supplied certificate cannot be used for the specified purpose.
-
-=item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
-
-the root CA is not marked as trusted for the specified purpose.
-
-=item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected>
-
-the root CA is marked to reject the specified purpose.
-
-=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
-
-the current candidate issuer certificate was rejected because its subject name
-did not match the issuer name of the current certificate. Only displayed when
-the B<-issuer_checks> option is set.
-
-=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
-
-the current candidate issuer certificate was rejected because its subject key
-identifier was present and did not match the authority key identifier current
-certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
-
-the current candidate issuer certificate was rejected because its issuer name
-and serial number was present and did not match the authority key identifier
-of the current certificate. Only displayed when the B<-issuer_checks> option is set.
-
-=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
-
-the current candidate issuer certificate was rejected because its keyUsage extension
-does not permit certificate signing.
-
-=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
-
-an application specific error. Unused.
-
-=back
-
-=head1 BUGS
-
-Although the issuer checks are a considerable improvement over the old technique they still
-suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
-trusted certificates with matching subject name must either appear in a file (as specified by the
-B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
-the certificates in the file will be recognised.
-
-Previous versions of OpenSSL assume certificates with matching subject name are identical and
-mishandled them.
-
-Previous versions of this documentation swapped the meaning of the
-B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT> and
-B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes.
-
-=head1 SEE ALSO
-
-L<x509(1)|x509(1)>
-
-=cut
diff --git a/lib/libssl/src/doc/apps/version.pod b/lib/libssl/src/doc/apps/version.pod
deleted file mode 100644
index 58f543bc3e6..00000000000
--- a/lib/libssl/src/doc/apps/version.pod
+++ /dev/null
@@ -1,65 +0,0 @@
-=pod
-
-=head1 NAME
-
-version - print OpenSSL version information
-
-=head1 SYNOPSIS
-
-B<openssl version>
-[B<-a>]
-[B<-v>]
-[B<-b>]
-[B<-o>]
-[B<-f>]
-[B<-p>]
-[B<-d>]
-
-=head1 DESCRIPTION
-
-This command is used to print out version information about OpenSSL.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-a>
-
-all information, this is the same as setting all the other flags.
-
-=item B<-v>
-
-the current OpenSSL version.
-
-=item B<-b>
-
-the date the current version of OpenSSL was built.
-
-=item B<-o>
-
-option information: various options set when the library was built.
-
-=item B<-f>
-
-compilation flags.
-
-=item B<-p>
-
-platform setting.
-
-=item B<-d>
-
-OPENSSLDIR setting.
-
-=back
-
-=head1 NOTES
-
-The output of B<openssl version -a> would typically be used when sending
-in a bug report.
-
-=head1 HISTORY
-
-The B<-d> option was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/x509.pod b/lib/libssl/src/doc/apps/x509.pod
deleted file mode 100644
index 1e62ac956ab..00000000000
--- a/lib/libssl/src/doc/apps/x509.pod
+++ /dev/null
@@ -1,861 +0,0 @@
-
-=pod
-
-=head1 NAME
-
-x509 - Certificate display and signing utility
-
-=head1 SYNOPSIS
-
-B<openssl> B<x509>
-[B<-inform DER|PEM|NET>]
-[B<-outform DER|PEM|NET>]
-[B<-keyform DER|PEM>]
-[B<-CAform DER|PEM>]
-[B<-CAkeyform DER|PEM>]
-[B<-in filename>]
-[B<-out filename>]
-[B<-serial>]
-[B<-hash>]
-[B<-subject_hash>]
-[B<-issuer_hash>]
-[B<-subject>]
-[B<-issuer>]
-[B<-nameopt option>]
-[B<-email>]
-[B<-ocsp_uri>]
-[B<-startdate>]
-[B<-enddate>]
-[B<-purpose>]
-[B<-dates>]
-[B<-modulus>]
-[B<-pubkey>]
-[B<-fingerprint>]
-[B<-alias>]
-[B<-noout>]
-[B<-trustout>]
-[B<-clrtrust>]
-[B<-clrreject>]
-[B<-addtrust arg>]
-[B<-addreject arg>]
-[B<-setalias arg>]
-[B<-days arg>]
-[B<-set_serial n>]
-[B<-signkey filename>]
-[B<-x509toreq>]
-[B<-req>]
-[B<-CA filename>]
-[B<-CAkey filename>]
-[B<-CAcreateserial>]
-[B<-CAserial filename>]
-[B<-text>]
-[B<-C>]
-[B<-md2|-md5|-sha1>]
-[B<-clrext>]
-[B<-extfile filename>]
-[B<-extensions section>]
-[B<-engine id>]
-
-=head1 DESCRIPTION
-
-The B<x509> command is a multi purpose certificate utility. It can be
-used to display certificate information, convert certificates to
-various forms, sign certificate requests like a "mini CA" or edit
-certificate trust settings.
-
-Since there are a large number of options they will split up into
-various sections.
-
-=head1 OPTIONS
-
-=head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS
-
-=over 4
-
-=item B<-inform DER|PEM|NET>
-
-This specifies the input format normally the command will expect an X509
-certificate but this can change if other options such as B<-req> are
-present. The DER format is the DER encoding of the certificate and PEM
-is the base64 encoding of the DER encoding with header and footer lines
-added. The NET option is an obscure Netscape server format that is now
-obsolete.
-
-=item B<-outform DER|PEM|NET>
-
-This specifies the output format, the options have the same meaning as the
-B<-inform> option.
-
-=item B<-in filename>
-
-This specifies the input filename to read a certificate from or standard input
-if this option is not specified.
-
-=item B<-out filename>
-
-This specifies the output filename to write to or standard output by
-default.
-
-=item B<-md2|-md5|-sha1>
-
-the digest to use. This affects any signing or display option that uses a message
-digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
-specified then SHA1 is used. If the key being used to sign with is a DSA key
-then this option has no effect: SHA1 is always used with DSA keys.
-
-=item B<-engine id>
-
-specifying an engine (by its unique B<id> string) will cause B<x509>
-to attempt to obtain a functional reference to the specified engine,
-thus initialising it if needed. The engine will then be set as the default
-for all available algorithms.
-
-=back
-
-=head2 DISPLAY OPTIONS
-
-Note: the B<-alias> and B<-purpose> options are also display options
-but are described in the B<TRUST SETTINGS> section.
-
-=over 4
-
-=item B<-text>
-
-prints out the certificate in text form. Full details are output including the
-public key, signature algorithms, issuer and subject names, serial number
-any extensions present and any trust settings.
-
-=item B<-certopt option>
-
-customise the output format used with B<-text>. The B<option> argument can be
-a single option or multiple options separated by commas. The B<-certopt> switch
-may be also be used more than once to set multiple options. See the B<TEXT OPTIONS>
-section for more information.
-
-=item B<-noout>
-
-this option prevents output of the encoded version of the request.
-
-=item B<-pubkey>
-
-outputs the certificate's SubjectPublicKeyInfo block in PEM format.
-
-=item B<-modulus>
-
-this option prints out the value of the modulus of the public key
-contained in the certificate.
-
-=item B<-serial>
-
-outputs the certificate serial number.
-
-=item B<-subject_hash>
-
-outputs the "hash" of the certificate subject name. This is used in OpenSSL to
-form an index to allow certificates in a directory to be looked up by subject
-name.
-
-=item B<-issuer_hash>
-
-outputs the "hash" of the certificate issuer name.
-
-=item B<-hash>
-
-synonym for "-subject_hash" for backward compatibility reasons.
-
-=item B<-subject_hash_old>
-
-outputs the "hash" of the certificate subject name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
-
-=item B<-issuer_hash_old>
-
-outputs the "hash" of the certificate issuer name using the older algorithm
-as used by OpenSSL versions before 1.0.0.
-
-=item B<-subject>
-
-outputs the subject name.
-
-=item B<-issuer>
-
-outputs the issuer name.
-
-=item B<-nameopt option>
-
-option which determines how the subject or issuer names are displayed. The
-B<option> argument can be a single option or multiple options separated by
-commas.  Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the B<NAME OPTIONS> section for more information.
-
-=item B<-email>
-
-outputs the email address(es) if any.
-
-=item B<-ocsp_uri>
-
-outputs the OCSP responder address(es) if any.
-
-=item B<-startdate>
-
-prints out the start date of the certificate, that is the notBefore date.
-
-=item B<-enddate>
-
-prints out the expiry date of the certificate, that is the notAfter date.
-
-=item B<-dates>
-
-prints out the start and expiry dates of a certificate.
-
-=item B<-fingerprint>
-
-prints out the digest of the DER encoded version of the whole certificate
-(see digest options).
-
-=item B<-C>
-
-this outputs the certificate in the form of a C source file.
-
-=back
-
-=head2 TRUST SETTINGS
-
-Please note these options are currently experimental and may well change.
-
-A B<trusted certificate> is an ordinary certificate which has several
-additional pieces of information attached to it such as the permitted
-and prohibited uses of the certificate and an "alias".
-
-Normally when a certificate is being verified at least one certificate
-must be "trusted". By default a trusted certificate must be stored
-locally and must be a root CA: any certificate chain ending in this CA
-is then usable for any purpose.
-
-Trust settings currently are only used with a root CA. They allow a finer
-control over the purposes the root CA can be used for. For example a CA
-may be trusted for SSL client but not SSL server use.
-
-See the description of the B<verify> utility for more information on the
-meaning of trust settings.
-
-Future versions of OpenSSL will recognize trust settings on any
-certificate: not just root CAs.
-
-
-=over 4
-
-=item B<-trustout>
-
-this causes B<x509> to output a B<trusted> certificate. An ordinary
-or trusted certificate can be input but by default an ordinary
-certificate is output and any trust settings are discarded. With the
-B<-trustout> option a trusted certificate is output. A trusted
-certificate is automatically output if any trust settings are modified.
-
-=item B<-setalias arg>
-
-sets the alias of the certificate. This will allow the certificate
-to be referred to using a nickname for example "Steve's Certificate".
-
-=item B<-alias>
-
-outputs the certificate alias, if any.
-
-=item B<-clrtrust>
-
-clears all the permitted or trusted uses of the certificate.
-
-=item B<-clrreject>
-
-clears all the prohibited or rejected uses of the certificate.
-
-=item B<-addtrust arg>
-
-adds a trusted certificate use. Any object name can be used here
-but currently only B<clientAuth> (SSL client use), B<serverAuth>
-(SSL server use) and B<emailProtection> (S/MIME email) are used.
-Other OpenSSL applications may define additional uses.
-
-=item B<-addreject arg>
-
-adds a prohibited use. It accepts the same values as the B<-addtrust>
-option.
-
-=item B<-purpose>
-
-this option performs tests on the certificate extensions and outputs
-the results. For a more complete description see the B<CERTIFICATE
-EXTENSIONS> section.
-
-=back
-
-=head2 SIGNING OPTIONS
-
-The B<x509> utility can be used to sign certificates and requests: it
-can thus behave like a "mini CA".
-
-=over 4
-
-=item B<-signkey filename>
-
-this option causes the input file to be self signed using the supplied
-private key.
-
-If the input file is a certificate it sets the issuer name to the
-subject name (i.e.  makes it self signed) changes the public key to the
-supplied value and changes the start and end dates. The start date is
-set to the current time and the end date is set to a value determined
-by the B<-days> option. Any certificate extensions are retained unless
-the B<-clrext> option is supplied.
-
-If the input is a certificate request then a self signed certificate
-is created using the supplied private key using the subject name in
-the request.
-
-=item B<-clrext>
-
-delete any extensions from a certificate. This option is used when a
-certificate is being created from another certificate (for example with
-the B<-signkey> or the B<-CA> options). Normally all extensions are
-retained.
-
-=item B<-keyform PEM|DER>
-
-specifies the format (DER or PEM) of the private key file used in the
-B<-signkey> option.
-
-=item B<-days arg>
-
-specifies the number of days to make a certificate valid for. The default
-is 30 days.
-
-=item B<-x509toreq>
-
-converts a certificate into a certificate request. The B<-signkey> option
-is used to pass the required private key.
-
-=item B<-req>
-
-by default a certificate is expected on input. With this option a
-certificate request is expected instead.
-
-=item B<-set_serial n>
-
-specifies the serial number to use. This option can be used with either
-the B<-signkey> or B<-CA> options. If used in conjunction with the B<-CA>
-option the serial number file (as specified by the B<-CAserial> or
-B<-CAcreateserial> options) is not used.
-
-The serial number can be decimal or hex (if preceded by B<0x>). Negative
-serial numbers can also be specified but their use is not recommended.
-
-=item B<-CA filename>
-
-specifies the CA certificate to be used for signing. When this option is
-present B<x509> behaves like a "mini CA". The input file is signed by this
-CA using this option: that is its issuer name is set to the subject name
-of the CA and it is digitally signed using the CAs private key.
-
-This option is normally combined with the B<-req> option. Without the
-B<-req> option the input is a certificate which must be self signed.
-
-=item B<-CAkey filename>
-
-sets the CA private key to sign a certificate with. If this option is
-not specified then it is assumed that the CA private key is present in
-the CA certificate file.
-
-=item B<-CAserial filename>
-
-sets the CA serial number file to use.
-
-When the B<-CA> option is used to sign a certificate it uses a serial
-number specified in a file. This file consist of one line containing
-an even number of hex digits with the serial number to use. After each
-use the serial number is incremented and written out to the file again.
-
-The default filename consists of the CA certificate file base name with
-".srl" appended. For example if the CA certificate file is called
-"mycacert.pem" it expects to find a serial number file called "mycacert.srl".
-
-=item B<-CAcreateserial>
-
-with this option the CA serial number file is created if it does not exist:
-it will contain the serial number "02" and the certificate being signed will
-have the 1 as its serial number. Normally if the B<-CA> option is specified
-and the serial number file does not exist it is an error.
-
-=item B<-extfile filename>
-
-file containing certificate extensions to use. If not specified then
-no extensions are added to the certificate.
-
-=item B<-extensions section>
-
-the section to add certificate extensions from. If this option is not
-specified then the extensions should either be contained in the unnamed
-(default) section or the default section should contain a variable called
-"extensions" which contains the section to use. See the
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
-extension section format.
-
-=back
-
-=head2 NAME OPTIONS
-
-The B<nameopt> command line switch determines how the subject and issuer
-names are displayed. If no B<nameopt> switch is present the default "oneline"
-format is used which is compatible with previous versions of OpenSSL.
-Each option is described in detail below, all options can be preceded by
-a B<-> to turn the option off. Only the first four will normally be used.
-
-=over 4
-
-=item B<compat>
-
-use the old format. This is equivalent to specifying no name options at all.
-
-=item B<RFC2253>
-
-displays names compatible with RFC2253 equivalent to B<esc_2253>, B<esc_ctrl>,
-B<esc_msb>, B<utf8>, B<dump_nostr>, B<dump_unknown>, B<dump_der>,
-B<sep_comma_plus>, B<dn_rev> and B<sname>.
-
-=item B<oneline>
-
-a oneline format which is more readable than RFC2253. It is equivalent to
-specifying the  B<esc_2253>, B<esc_ctrl>, B<esc_msb>, B<utf8>, B<dump_nostr>,
-B<dump_der>, B<use_quote>, B<sep_comma_plus_space>, B<space_eq> and B<sname>
-options.
-
-=item B<multiline>
-
-a multiline format. It is equivalent B<esc_ctrl>, B<esc_msb>, B<sep_multiline>,
-B<space_eq>, B<lname> and B<align>.
-
-=item B<esc_2253>
-
-escape the "special" characters required by RFC2253 in a field That is
-B<,+"E<lt>E<gt>;>. Additionally B<#> is escaped at the beginning of a string
-and a space character at the beginning or end of a string.
-
-=item B<esc_ctrl>
-
-escape control characters. That is those with ASCII values less than
-0x20 (space) and the delete (0x7f) character. They are escaped using the
-RFC2253 \XX notation (where XX are two hex digits representing the
-character value).
-
-=item B<esc_msb>
-
-escape characters with the MSB set, that is with ASCII values larger than
-127.
-
-=item B<use_quote>
-
-escapes some characters by surrounding the whole string with B<"> characters,
-without the option all escaping is done with the B<\> character.
-
-=item B<utf8>
-
-convert all strings to UTF8 format first. This is required by RFC2253. If
-you are lucky enough to have a UTF8 compatible terminal then the use
-of this option (and B<not> setting B<esc_msb>) may result in the correct
-display of multibyte (international) characters. Is this option is not
-present then multibyte characters larger than 0xff will be represented
-using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits.
-Also if this option is off any UTF8Strings will be converted to their
-character form first.
-
-=item B<no_type>
-
-this option does not attempt to interpret multibyte characters in any
-way. That is their content octets are merely dumped as though one octet
-represents each character. This is useful for diagnostic purposes but
-will result in rather odd looking output.
-
-=item B<show_type>
-
-show the type of the ASN1 character string. The type precedes the
-field contents. For example "BMPSTRING: Hello World".
-
-=item B<dump_der>
-
-when this option is set any fields that need to be hexdumped will
-be dumped using the DER encoding of the field. Otherwise just the
-content octets will be displayed. Both options use the RFC2253
-B<#XXXX...> format.
-
-=item B<dump_nostr>
-
-dump non character string types (for example OCTET STRING) if this
-option is not set then non character string types will be displayed
-as though each content octet represents a single character.
-
-=item B<dump_all>
-
-dump all fields. This option when used with B<dump_der> allows the
-DER encoding of the structure to be unambiguously determined.
-
-=item B<dump_unknown>
-
-dump any field whose OID is not recognised by OpenSSL.
-
-=item B<sep_comma_plus>, B<sep_comma_plus_space>, B<sep_semi_plus_space>,
-B<sep_multiline>
-
-these options determine the field separators. The first character is
-between RDNs and the second between multiple AVAs (multiple AVAs are
-very rare and their use is discouraged). The options ending in
-"space" additionally place a space after the separator to make it
-more readable. The B<sep_multiline> uses a linefeed character for
-the RDN separator and a spaced B<+> for the AVA separator. It also
-indents the fields by four characters.
-
-=item B<dn_rev>
-
-reverse the fields of the DN. This is required by RFC2253. As a side
-effect this also reverses the order of multiple AVAs but this is
-permissible.
-
-=item B<nofname>, B<sname>, B<lname>, B<oid>
-
-these options alter how the field name is displayed. B<nofname> does
-not display the field at all. B<sname> uses the "short name" form
-(CN for commonName for example). B<lname> uses the long form.
-B<oid> represents the OID in numerical form and is useful for
-diagnostic purpose.
-
-=item B<align>
-
-align field values for a more readable output. Only usable with
-B<sep_multiline>.
-
-=item B<space_eq>
-
-places spaces round the B<=> character which follows the field
-name.
-
-=back
-
-=head2 TEXT OPTIONS
-
-As well as customising the name output format, it is also possible to
-customise the actual fields printed using the B<certopt> options when
-the B<text> option is present. The default behaviour is to print all fields.
-
-=over 4
-
-=item B<compatible>
-
-use the old format. This is equivalent to specifying no output options at all.
-
-=item B<no_header>
-
-don't print header information: that is the lines saying "Certificate" and "Data".
-
-=item B<no_version>
-
-don't print out the version number.
-
-=item B<no_serial>
-
-don't print out the serial number.
-
-=item B<no_signame>
-
-don't print out the signature algorithm used.
-
-=item B<no_validity>
-
-don't print the validity, that is the B<notBefore> and B<notAfter> fields.
-
-=item B<no_subject>
-
-don't print out the subject name.
-
-=item B<no_issuer>
-
-don't print out the issuer name.
-
-=item B<no_pubkey>
-
-don't print out the public key.
-
-=item B<no_sigdump>
-
-don't give a hexadecimal dump of the certificate signature.
-
-=item B<no_aux>
-
-don't print out certificate trust information.
-
-=item B<no_extensions>
-
-don't print out any X509V3 extensions.
-
-=item B<ext_default>
-
-retain default extension behaviour: attempt to print out unsupported certificate extensions.
-
-=item B<ext_error>
-
-print an error message for unsupported certificate extensions.
-
-=item B<ext_parse>
-
-ASN1 parse unsupported extensions.
-
-=item B<ext_dump>
-
-hex dump unsupported extensions.
-
-=item B<ca_default>
-
-the value used by the B<ca> utility, equivalent to B<no_issuer>, B<no_pubkey>, B<no_header>,
-B<no_version>, B<no_sigdump> and B<no_signame>.
-
-=back
-
-=head1 EXAMPLES
-
-Note: in these examples the '\' means the example should be all on one
-line.
-
-Display the contents of a certificate:
-
- openssl x509 -in cert.pem -noout -text
-
-Display the certificate serial number:
-
- openssl x509 -in cert.pem -noout -serial
-
-Display the certificate subject name:
-
- openssl x509 -in cert.pem -noout -subject
-
-Display the certificate subject name in RFC2253 form:
-
- openssl x509 -in cert.pem -noout -subject -nameopt RFC2253
-
-Display the certificate subject name in oneline form on a terminal
-supporting UTF8:
-
- openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb
-
-Display the certificate MD5 fingerprint:
-
- openssl x509 -in cert.pem -noout -fingerprint
-
-Display the certificate SHA1 fingerprint:
-
- openssl x509 -sha1 -in cert.pem -noout -fingerprint
-
-Convert a certificate from PEM to DER format:
-
- openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
-
-Convert a certificate to a certificate request:
-
- openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem
-
-Convert a certificate request into a self signed certificate using
-extensions for a CA:
-
- openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
-	-signkey key.pem -out cacert.pem
-
-Sign a certificate request using the CA certificate above and add user
-certificate extensions:
-
- openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
-	-CA cacert.pem -CAkey key.pem -CAcreateserial
-
-
-Set a certificate to be trusted for SSL client use and change set its alias to
-"Steve's Class 1 CA"
-
- openssl x509 -in cert.pem -addtrust clientAuth \
-	-setalias "Steve's Class 1 CA" -out trust.pem
-
-=head1 NOTES
-
-The PEM format uses the header and footer lines:
-
- -----BEGIN CERTIFICATE-----
- -----END CERTIFICATE-----
-
-it will also handle files containing:
-
- -----BEGIN X509 CERTIFICATE-----
- -----END X509 CERTIFICATE-----
-
-Trusted certificates have the lines
-
- -----BEGIN TRUSTED CERTIFICATE-----
- -----END TRUSTED CERTIFICATE-----
-
-The conversion to UTF8 format used with the name options assumes that
-T61Strings use the ISO8859-1 character set. This is wrong but Netscape
-and MSIE do this as do many certificates. So although this is incorrect
-it is more likely to display the majority of certificates correctly.
-
-The B<-fingerprint> option takes the digest of the DER encoded certificate.
-This is commonly called a "fingerprint". Because of the nature of message
-digests the fingerprint of a certificate is unique to that certificate and
-two certificates with the same fingerprint can be considered to be the same.
-
-The Netscape fingerprint uses MD5 whereas MSIE uses SHA1.
-
-The B<-email> option searches the subject name and the subject alternative
-name extension. Only unique email addresses will be printed out: it will
-not print the same address more than once.
-
-=head1 CERTIFICATE EXTENSIONS
-
-The B<-purpose> option checks the certificate extensions and determines
-what the certificate can be used for. The actual checks done are rather
-complex and include various hacks and workarounds to handle broken
-certificates and software.
-
-The same code is used when verifying untrusted certificates in chains
-so this section is useful if a chain is rejected by the verify code.
-
-The basicConstraints extension CA flag is used to determine whether the
-certificate can be used as a CA. If the CA flag is true then it is a CA,
-if the CA flag is false then it is not a CA. B<All> CAs should have the
-CA flag set to true.
-
-If the basicConstraints extension is absent then the certificate is
-considered to be a "possible CA" other extensions are checked according
-to the intended use of the certificate. A warning is given in this case
-because the certificate should really not be regarded as a CA: however
-it is allowed to be a CA to work around some broken software.
-
-If the certificate is a V1 certificate (and thus has no extensions) and
-it is self signed it is also assumed to be a CA but a warning is again
-given: this is to work around the problem of Verisign roots which are V1
-self signed certificates.
-
-If the keyUsage extension is present then additional restraints are
-made on the uses of the certificate. A CA certificate B<must> have the
-keyCertSign bit set if the keyUsage extension is present.
-
-The extended key usage extension places additional restrictions on the
-certificate uses. If this extension is present (whether critical or not)
-the key can only be used for the purposes specified.
-
-A complete description of each test is given below. The comments about
-basicConstraints and keyUsage and V1 certificates above apply to B<all>
-CA certificates.
-
-
-=over 4
-
-=item B<SSL Client>
-
-The extended key usage extension must be absent or include the "web client
-authentication" OID.  keyUsage must be absent or it must have the
-digitalSignature bit set. Netscape certificate type must be absent or it must
-have the SSL client bit set.
-
-=item B<SSL Client CA>
-
-The extended key usage extension must be absent or include the "web client
-authentication" OID. Netscape certificate type must be absent or it must have
-the SSL CA bit set: this is used as a work around if the basicConstraints
-extension is absent.
-
-=item B<SSL Server>
-
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  keyUsage must be absent or it
-must have the digitalSignature, the keyEncipherment set or both bits set.
-Netscape certificate type must be absent or have the SSL server bit set.
-
-=item B<SSL Server CA>
-
-The extended key usage extension must be absent or include the "web server
-authentication" and/or one of the SGC OIDs.  Netscape certificate type must
-be absent or the SSL CA bit must be set: this is used as a work around if the
-basicConstraints extension is absent.
-
-=item B<Netscape SSL Server>
-
-For Netscape SSL clients to connect to an SSL server it must have the
-keyEncipherment bit set if the keyUsage extension is present. This isn't
-always valid because some cipher suites use the key for digital signing.
-Otherwise it is the same as a normal SSL server.
-
-=item B<Common S/MIME Client Tests>
-
-The extended key usage extension must be absent or include the "email
-protection" OID. Netscape certificate type must be absent or should have the
-S/MIME bit set. If the S/MIME bit is not set in netscape certificate type
-then the SSL client bit is tolerated as an alternative but a warning is shown:
-this is because some Verisign certificates don't set the S/MIME bit.
-
-=item B<S/MIME Signing>
-
-In addition to the common S/MIME client tests the digitalSignature bit must
-be set if the keyUsage extension is present.
-
-=item B<S/MIME Encryption>
-
-In addition to the common S/MIME tests the keyEncipherment bit must be set
-if the keyUsage extension is present.
-
-=item B<S/MIME CA>
-
-The extended key usage extension must be absent or include the "email
-protection" OID. Netscape certificate type must be absent or must have the
-S/MIME CA bit set: this is used as a work around if the basicConstraints
-extension is absent.
-
-=item B<CRL Signing>
-
-The keyUsage extension must be absent or it must have the CRL signing bit
-set.
-
-=item B<CRL Signing CA>
-
-The normal CA tests apply. Except in this case the basicConstraints extension
-must be present.
-
-=back
-
-=head1 BUGS
-
-Extensions in certificates are not transferred to certificate requests and
-vice versa.
-
-It is possible to produce invalid certificates or requests by specifying the
-wrong private key or using inconsistent options in some cases: these should
-be checked.
-
-There should be options to explicitly set such things as start and end
-dates rather than an offset from the current time.
-
-The code to implement the verify behaviour described in the B<TRUST SETTINGS>
-is currently being developed. It thus describes the intended behaviour rather
-than the current behaviour. It is hoped that it will represent reality in
-OpenSSL 0.9.5 and later.
-
-=head1 SEE ALSO
-
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>,
-L<x509v3_config(5)|x509v3_config(5)>
-
-=head1 HISTORY
-
-Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
-
-The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
-before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
-of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
-canonical version of the DN using SHA1. This means that any directories using
-the old form must have their links rebuilt.
-
-=cut
diff --git a/lib/libssl/src/doc/apps/x509v3_config.pod b/lib/libssl/src/doc/apps/x509v3_config.pod
deleted file mode 100644
index 09e1d3a6e34..00000000000
--- a/lib/libssl/src/doc/apps/x509v3_config.pod
+++ /dev/null
@@ -1,529 +0,0 @@
-=pod
-
-=for comment openssl_manual_section:5
-
-=head1 NAME
-
-x509v3_config - X509 V3 certificate extension configuration format
-
-=head1 DESCRIPTION
-
-Several of the OpenSSL utilities can add extensions to a certificate or
-certificate request based on the contents of a configuration file.
-
-Typically the application will contain an option to point to an extension
-section. Each line of the extension section takes the form:
-
- extension_name=[critical,] extension_options
-
-If B<critical> is present then the extension will be critical.
-
-The format of B<extension_options> depends on the value of B<extension_name>.
-
-There are four main types of extension: I<string> extensions, I<multi-valued>
-extensions, I<raw> and I<arbitrary> extensions.
-
-String extensions simply have a string which contains either the value itself
-or how it is obtained.
-
-For example:
-
- nsComment="This is a Comment"
-
-Multi-valued extensions have a short form and a long form. The short form
-is a list of names and values:
-
- basicConstraints=critical,CA:true,pathlen:1
-
-The long form allows the values to be placed in a separate section:
-
- basicConstraints=critical,@bs_section
-
- [bs_section]
-
- CA=true
- pathlen=1
-
-Both forms are equivalent.
-
-The syntax of raw extensions is governed by the extension code: it can
-for example contain data in multiple sections. The correct syntax to
-use is defined by the extension code itself: check out the certificate
-policies extension for an example.
-
-If an extension type is unsupported then the I<arbitrary> extension syntax
-must be used, see the L<ARBITRARY EXTENSIONS|/"ARBITRARY EXTENSIONS"> section for more details.
-
-=head1 STANDARD EXTENSIONS
-
-The following sections describe each supported extension in detail.
-
-=head2 Basic Constraints.
-
-This is a multi valued extension which indicates whether a certificate is
-a CA certificate. The first (mandatory) name is B<CA> followed by B<TRUE> or
-B<FALSE>. If B<CA> is B<TRUE> then an optional B<pathlen> name followed by an
-non-negative value can be included.
-
-For example:
-
- basicConstraints=CA:TRUE
-
- basicConstraints=CA:FALSE
-
- basicConstraints=critical,CA:TRUE, pathlen:0
-
-A CA certificate B<must> include the basicConstraints value with the CA field
-set to TRUE. An end user certificate must either set CA to FALSE or exclude the
-extension entirely. Some software may require the inclusion of basicConstraints
-with CA set to FALSE for end entity certificates.
-
-The pathlen parameter indicates the maximum number of CAs that can appear
-below this one in a chain. So if you have a CA with a pathlen of zero it can
-only be used to sign end user certificates and not further CAs.
-
-
-=head2 Key Usage.
-
-Key usage is a multi valued extension consisting of a list of names of the
-permitted key usages.
-
-The supporte names are: digitalSignature, nonRepudiation, keyEncipherment,
-dataEncipherment, keyAgreement, keyCertSign, cRLSign, encipherOnly
-and decipherOnly.
-
-Examples:
-
- keyUsage=digitalSignature, nonRepudiation
-
- keyUsage=critical, keyCertSign
-
-
-=head2 Extended Key Usage.
-
-This extensions consists of a list of usages indicating purposes for which
-the certificate public key can be used for,
-
-These can either be object short names of the dotted numerical form of OIDs.
-While any OID can be used only certain values make sense. In particular the
-following PKIX, NS and MS values are meaningful:
-
- Value			Meaning
- -----			-------
- serverAuth		SSL/TLS Web Server Authentication.
- clientAuth		SSL/TLS Web Client Authentication.
- codeSigning		Code signing.
- emailProtection	E-mail Protection (S/MIME).
- timeStamping		Trusted Timestamping
- msCodeInd		Microsoft Individual Code Signing (authenticode)
- msCodeCom		Microsoft Commercial Code Signing (authenticode)
- msCTLSign		Microsoft Trust List Signing
- msSGC			Microsoft Server Gated Crypto
- msEFS			Microsoft Encrypted File System
- nsSGC			Netscape Server Gated Crypto
-
-Examples:
-
- extendedKeyUsage=critical,codeSigning,1.2.3.4
- extendedKeyUsage=nsSGC,msSGC
-
-
-=head2 Subject Key Identifier.
-
-This is really a string extension and can take two possible values. Either
-the word B<hash> which will automatically follow the guidelines in RFC3280
-or a hex string giving the extension value to include. The use of the hex
-string is strongly discouraged.
-
-Example:
-
- subjectKeyIdentifier=hash
-
-
-=head2 Authority Key Identifier.
-
-The authority key identifier extension permits two options. keyid and issuer:
-both can take the optional value "always".
-
-If the keyid option is present an attempt is made to copy the subject key
-identifier from the parent certificate. If the value "always" is present
-then an error is returned if the option fails.
-
-The issuer option copies the issuer and serial number from the issuer
-certificate. This will only be done if the keyid option fails or
-is not included unless the "always" flag will always include the value.
-
-Example:
-
- authorityKeyIdentifier=keyid,issuer
-
-
-=head2 Subject Alternative Name.
-
-The subject alternative name extension allows various literal values to be
-included in the configuration file. These include B<email> (an email address)
-B<URI> a uniform resource indicator, B<DNS> (a DNS domain name), B<RID> (a
-registered ID: OBJECT IDENTIFIER), B<IP> (an IP address), B<dirName>
-(a distinguished name) and otherName.
-
-The email option include a special 'copy' value. This will automatically
-include and email addresses contained in the certificate subject name in
-the extension.
-
-The IP address used in the B<IP> options can be in either IPv4 or IPv6 format.
-
-The value of B<dirName> should point to a section containing the distinguished
-name to use as a set of name value pairs. Multi values AVAs can be formed by
-preceeding the name with a B<+> character.
-
-otherName can include arbitrary data associated with an OID: the value
-should be the OID followed by a semicolon and the content in standard
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format.
-
-Examples:
-
- subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
- subjectAltName=IP:192.168.7.1
- subjectAltName=IP:13::17
- subjectAltName=email:my@other.address,RID:1.2.3.4
- subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
-
- subjectAltName=dirName:dir_sect
-
- [dir_sect]
- C=UK
- O=My Organization
- OU=My Unit
- CN=My Name
-
-
-=head2 Issuer Alternative Name.
-
-The issuer alternative name option supports all the literal options of
-subject alternative name. It does B<not> support the email:copy option because
-that would not make sense. It does support an additional issuer:copy option
-that will copy all the subject alternative name values from the issuer
-certificate (if possible).
-
-Example:
-
- issuserAltName = issuer:copy
-
-
-=head2 Authority Info Access.
-
-The authority information access extension gives details about how to access
-certain information relating to the CA. Its syntax is accessOID;location
-where I<location> has the same syntax as subject alternative name (except
-that email:copy is not supported). accessOID can be any valid OID but only
-certain values are meaningful, for example OCSP and caIssuers.
-
-Example:
-
- authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
- authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
-
-
-=head2 CRL distribution points.
-
-This is a multi-valued extension whose options can be either in name:value pair
-using the same form as subject alternative name or a single value representing
-a section name containing all the distribution point fields.
-
-For a name:value pair a new DistributionPoint with the fullName field set to
-the given value both the cRLissuer and reasons fields are omitted in this case.
-
-In the single option case the section indicated contains values for each
-field. In this section:
-
-If the name is "fullname" the value field should contain the full name
-of the distribution point in the same format as subject alternative name.
-
-If the name is "relativename" then the value field should contain a section
-name whose contents represent a DN fragment to be placed in this field.
-
-The name "CRLIssuer" if present should contain a value for this field in
-subject alternative name format.
-
-If the name is "reasons" the value field should consist of a comma
-separated field containing the reasons. Valid reasons are: "keyCompromise",
-"CACompromise", "affiliationChanged", "superseded", "cessationOfOperation",
-"certificateHold", "privilegeWithdrawn" and "AACompromise".
-
-
-Simple examples:
-
- crlDistributionPoints=URI:http://myhost.com/myca.crl
- crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl
-
-Full distribution point example:
-
- crlDistributionPoints=crldp1_section
-
- [crldp1_section]
-
- fullname=URI:http://myhost.com/myca.crl
- CRLissuer=dirName:issuer_sect
- reasons=keyCompromise, CACompromise
-
- [issuer_sect]
- C=UK
- O=Organisation
- CN=Some Name
-
-=head2 Issuing Distribution Point
-
-This extension should only appear in CRLs. It is a multi valued extension
-whose syntax is similar to the "section" pointed to by the CRL distribution
-points extension with a few differences.
-
-The names "reasons" and "CRLissuer" are not recognized.
-
-The name "onlysomereasons" is accepted which sets this field. The value is
-in the same format as the CRL distribution point "reasons" field.
-
-The names "onlyuser", "onlyCA", "onlyAA" and "indirectCRL" are also accepted
-the values should be a boolean value (TRUE or FALSE) to indicate the value of
-the corresponding field.
-
-Example:
-
- issuingDistributionPoint=critical, @idp_section
-
- [idp_section]
-
- fullname=URI:http://myhost.com/myca.crl
- indirectCRL=TRUE
- onlysomereasons=keyCompromise, CACompromise
-
- [issuer_sect]
- C=UK
- O=Organisation
- CN=Some Name
-
-
-=head2 Certificate Policies.
-
-This is a I<raw> extension. All the fields of this extension can be set by
-using the appropriate syntax.
-
-If you follow the PKIX recommendations and just using one OID then you just
-include the value of that OID. Multiple OIDs can be set separated by commas,
-for example:
-
- certificatePolicies= 1.2.4.5, 1.1.3.4
-
-If you wish to include qualifiers then the policy OID and qualifiers need to
-be specified in a separate section: this is done by using the @section syntax
-instead of a literal OID value.
-
-The section referred to must include the policy OID using the name
-policyIdentifier, cPSuri qualifiers can be included using the syntax:
-
- CPS.nnn=value
-
-userNotice qualifiers can be set using the syntax:
-
- userNotice.nnn=@notice
-
-The value of the userNotice qualifier is specified in the relevant section.
-This section can include explicitText, organization and noticeNumbers
-options. explicitText and organization are text strings, noticeNumbers is a
-comma separated list of numbers. The organization and noticeNumbers options
-(if included) must BOTH be present. If you use the userNotice option with IE5
-then you need the 'ia5org' option at the top level to modify the encoding:
-otherwise it will not be interpreted properly.
-
-Example:
-
- certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
-
- [polsect]
-
- policyIdentifier = 1.3.5.8
- CPS.1="http://my.host.name/"
- CPS.2="http://my.your.name/"
- userNotice.1=@notice
-
- [notice]
-
- explicitText="Explicit Text Here"
- organization="Organisation Name"
- noticeNumbers=1,2,3,4
-
-The B<ia5org> option changes the type of the I<organization> field. In RFC2459
-it can only be of type DisplayText. In RFC3280 IA5Strring is also permissible.
-Some software (for example some versions of MSIE) may require ia5org.
-
-=head2 Policy Constraints
-
-This is a multi-valued extension which consisting of the names
-B<requireExplicitPolicy> or B<inhibitPolicyMapping> and a non negative intger
-value. At least one component must be present.
-
-Example:
-
- policyConstraints = requireExplicitPolicy:3
-
-
-=head2 Inhibit Any Policy
-
-This is a string extension whose value must be a non negative integer.
-
-Example:
-
- inhibitAnyPolicy = 2
-
-
-=head2 Name Constraints
-
-The name constraints extension is a multi-valued extension. The name should
-begin with the word B<permitted> or B<excluded> followed by a B<;>. The rest of
-the name and the value follows the syntax of subjectAltName except email:copy
-is not supported and the B<IP> form should consist of an IP addresses and
-subnet mask separated by a B</>.
-
-Examples:
-
- nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
-
- nameConstraints=permitted;email:.somedomain.com
-
- nameConstraints=excluded;email:.com
-issuingDistributionPoint = idp_section
-
-=head2 OCSP No Check
-
-The OCSP No Check extension is a string extension but its value is ignored.
-
-Example:
-
- noCheck = ignored
-
-
-=head1 DEPRECATED EXTENSIONS
-
-The following extensions are non standard, Netscape specific and largely
-obsolete. Their use in new applications is discouraged.
-
-=head2 Netscape String extensions.
-
-Netscape Comment (B<nsComment>) is a string extension containing a comment
-which will be displayed when the certificate is viewed in some browsers.
-
-Example:
-
- nsComment = "Some Random Comment"
-
-Other supported extensions in this category are: B<nsBaseUrl>,
-B<nsRevocationUrl>, B<nsCaRevocationUrl>, B<nsRenewalUrl>, B<nsCaPolicyUrl>
-and B<nsSslServerName>.
-
-
-=head2 Netscape Certificate Type
-
-This is a multi-valued extensions which consists of a list of flags to be
-included. It was used to indicate the purposes for which a certificate could
-be used. The basicConstraints, keyUsage and extended key usage extensions are
-now used instead.
-
-Acceptable values for nsCertType are: B<client>, B<server>, B<email>,
-B<objsign>, B<reserved>, B<sslCA>, B<emailCA>, B<objCA>.
-
-
-=head1 ARBITRARY EXTENSIONS
-
-If an extension is not supported by the OpenSSL code then it must be encoded
-using the arbitrary extension format. It is also possible to use the arbitrary
-format for supported extensions. Extreme care should be taken to ensure that
-the data is formatted correctly for the given extension type.
-
-There are two ways to encode arbitrary extensions.
-
-The first way is to use the word ASN1 followed by the extension content
-using the same syntax as L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>.
-For example:
-
- 1.2.3.4=critical,ASN1:UTF8String:Some random data
-
- 1.2.3.4=ASN1:SEQUENCE:seq_sect
-
- [seq_sect]
-
- field1 = UTF8:field1
- field2 = UTF8:field2
-
-It is also possible to use the word DER to include the raw encoded data in any
-extension.
-
- 1.2.3.4=critical,DER:01:02:03:04
- 1.2.3.4=DER:01020304
-
-The value following DER is a hex dump of the DER encoding of the extension
-Any extension can be placed in this form to override the default behaviour.
-For example:
-
- basicConstraints=critical,DER:00:01:02:03
-
-=head1 WARNING
-
-There is no guarantee that a specific implementation will process a given
-extension. It may therefore be sometimes possible to use certificates for
-purposes prohibited by their extensions because a specific application does
-not recognize or honour the values of the relevant extensions.
-
-The DER and ASN1 options should be used with caution. It is possible to create
-totally invalid extensions if they are not used carefully.
-
-
-=head1 NOTES
-
-If an extension is multi-value and a field value must contain a comma the long
-form must be used otherwise the comma would be misinterpreted as a field
-separator. For example:
-
- subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
-
-will produce an error but the equivalent form:
-
- subjectAltName=@subject_alt_section
-
- [subject_alt_section]
- subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
-
-is valid.
-
-Due to the behaviour of the OpenSSL B<conf> library the same field name
-can only occur once in a section. This means that:
-
- subjectAltName=@alt_section
-
- [alt_section]
-
- email=steve@here
- email=steve@there
-
-will only recognize the last value. This can be worked around by using the form:
-
- [alt_section]
-
- email.1=steve@here
- email.2=steve@there
-
-=head1 HISTORY
-
-The X509v3 extension code was first added to OpenSSL 0.9.2.
-
-Policy mappings, inhibit any policy and name constraints support was added in
-OpenSSL 0.9.8
-
-The B<directoryName> and B<otherName> option as well as the B<ASN1> option
-for arbitrary extensions was added in OpenSSL 0.9.8
-
-=head1 SEE ALSO
-
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>,
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
-
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DES_set_key.pod b/lib/libssl/src/doc/crypto/DES_set_key.pod
deleted file mode 100644
index d1bd43c5927..00000000000
--- a/lib/libssl/src/doc/crypto/DES_set_key.pod
+++ /dev/null
@@ -1,339 +0,0 @@
-=pod
-
-=head1 NAME
-
-DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked,
-DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key,
-DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt,
-DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt,
-DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
-DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
-DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
-DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
-DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/des.h>
-
- void DES_random_key(DES_cblock *ret);
-
- int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
- int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
- int DES_set_key_checked(const_DES_cblock *key,
-        DES_key_schedule *schedule);
- void DES_set_key_unchecked(const_DES_cblock *key,
-        DES_key_schedule *schedule);
-
- void DES_set_odd_parity(DES_cblock *key);
- int DES_is_weak_key(const_DES_cblock *key);
-
- void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
-        DES_key_schedule *ks, int enc);
- void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output,
-        DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
- void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
-        DES_key_schedule *ks1, DES_key_schedule *ks2,
-        DES_key_schedule *ks3, int enc);
-
- void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int enc);
- void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
-        int numbits, long length, DES_key_schedule *schedule,
-        DES_cblock *ivec, int enc);
- void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
-        int numbits, long length, DES_key_schedule *schedule,
-        DES_cblock *ivec);
- void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int enc);
- void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int *num, int enc);
- void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        int *num);
-
- void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
-        long length, DES_key_schedule *schedule, DES_cblock *ivec,
-        const_DES_cblock *inw, const_DES_cblock *outw, int enc);
-
- void DES_ede2_cbc_encrypt(const unsigned char *input,
-        unsigned char *output, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int enc);
- void DES_ede2_cfb64_encrypt(const unsigned char *in,
-        unsigned char *out, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
- void DES_ede2_ofb64_encrypt(const unsigned char *in,
-        unsigned char *out, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_cblock *ivec, int *num);
-
- void DES_ede3_cbc_encrypt(const unsigned char *input,
-        unsigned char *output, long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
-        int enc);
- void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-        DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2,
-        int enc);
- void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
-        DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
- void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
-        long length, DES_key_schedule *ks1,
-        DES_key_schedule *ks2, DES_key_schedule *ks3,
-        DES_cblock *ivec, int *num);
-
- DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
-        long length, DES_key_schedule *schedule,
-        const_DES_cblock *ivec);
- DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
-        long length, int out_count, DES_cblock *seed);
- void DES_string_to_key(const char *str, DES_cblock *key);
- void DES_string_to_2keys(const char *str, DES_cblock *key1,
-        DES_cblock *key2);
-
- char *DES_fcrypt(const char *buf, const char *salt, char *ret);
- char *DES_crypt(const char *buf, const char *salt);
-
- int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
-        DES_cblock *iv);
- int DES_enc_write(int fd, const void *buf, int len,
-        DES_key_schedule *sched, DES_cblock *iv);
-
-=head1 DESCRIPTION
-
-This library contains a fast implementation of the DES encryption
-algorithm.
-
-There are two phases to the use of DES encryption.  The first is the
-generation of a I<DES_key_schedule> from a key, the second is the
-actual encryption.  A DES key is of type I<DES_cblock>. This type is
-consists of 8 bytes with odd parity.  The least significant bit in
-each byte is the parity bit.  The key schedule is an expanded form of
-the key; it is used to speed the encryption process.
-
-DES_random_key() generates a random key in odd parity.
-
-Before a DES key can be used, it must be converted into the
-architecture dependent I<DES_key_schedule> via the
-DES_set_key_checked() or DES_set_key_unchecked() function.
-
-DES_set_key_checked() will check that the key passed is of odd parity
-and is not a week or semi-weak key.  If the parity is wrong, then -1
-is returned.  If the key is a weak key, then -2 is returned.  If an
-error is returned, the key schedule is not generated.
-
-DES_set_key() works like
-DES_set_key_checked() if the I<DES_check_key> flag is non-zero,
-otherwise like DES_set_key_unchecked().  These functions are available
-for compatibility; it is recommended to use a function that does not
-depend on a global variable.
-
-DES_set_odd_parity() sets the parity of the passed I<key> to odd.
-
-DES_is_weak_key() returns 1 is the passed key is a weak key, 0 if it
-is ok.
-
-The following routines mostly operate on an input and output stream of
-I<DES_cblock>s.
-
-DES_ecb_encrypt() is the basic DES encryption routine that encrypts or
-decrypts a single 8-byte I<DES_cblock> in I<electronic code book>
-(ECB) mode.  It always transforms the input data, pointed to by
-I<input>, into the output data, pointed to by the I<output> argument.
-If the I<encrypt> argument is non-zero (DES_ENCRYPT), the I<input>
-(cleartext) is encrypted in to the I<output> (ciphertext) using the
-key_schedule specified by the I<schedule> argument, previously set via
-I<DES_set_key>. If I<encrypt> is zero (DES_DECRYPT), the I<input> (now
-ciphertext) is decrypted into the I<output> (now cleartext).  Input
-and output may overlap.  DES_ecb_encrypt() does not return a value.
-
-DES_ecb3_encrypt() encrypts/decrypts the I<input> block by using
-three-key Triple-DES encryption in ECB mode.  This involves encrypting
-the input with I<ks1>, decrypting with the key schedule I<ks2>, and
-then encrypting with I<ks3>.  This routine greatly reduces the chances
-of brute force breaking of DES and has the advantage of if I<ks1>,
-I<ks2> and I<ks3> are the same, it is equivalent to just encryption
-using ECB mode and I<ks1> as the key.
-
-The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES
-encryption by using I<ks1> for the final encryption.
-
-DES_ncbc_encrypt() encrypts/decrypts using the I<cipher-block-chaining>
-(CBC) mode of DES.  If the I<encrypt> argument is non-zero, the
-routine cipher-block-chain encrypts the cleartext data pointed to by
-the I<input> argument into the ciphertext pointed to by the I<output>
-argument, using the key schedule provided by the I<schedule> argument,
-and initialization vector provided by the I<ivec> argument.  If the
-I<length> argument is not an integral multiple of eight bytes, the
-last block is copied to a temporary area and zero filled.  The output
-is always an integral multiple of eight bytes.
-
-DES_xcbc_encrypt() is RSA's DESX mode of DES.  It uses I<inw> and
-I<outw> to 'whiten' the encryption.  I<inw> and I<outw> are secret
-(unlike the iv) and are as such, part of the key.  So the key is sort
-of 24 bytes.  This is much better than CBC DES.
-
-DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with
-three keys. This means that each DES operation inside the CBC mode is
-really an C<C=E(ks3,D(ks2,E(ks1,M)))>.  This mode is used by SSL.
-
-The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by
-reusing I<ks1> for the final encryption.  C<C=E(ks1,D(ks2,E(ks1,M)))>.
-This form of Triple-DES is used by the RSAREF library.
-
-DES_pcbc_encrypt() encrypt/decrypts using the propagating cipher block
-chaining mode used by Kerberos v4. Its parameters are the same as
-DES_ncbc_encrypt().
-
-DES_cfb_encrypt() encrypt/decrypts using cipher feedback mode.  This
-method takes an array of characters as input and outputs and array of
-characters.  It does not require any padding to 8 character groups.
-Note: the I<ivec> variable is changed and the new changed value needs to
-be passed to the next call to this function.  Since this function runs
-a complete DES ECB encryption per I<numbits>, this function is only
-suggested for use when sending small numbers of characters.
-
-DES_cfb64_encrypt()
-implements CFB mode of DES with 64bit feedback.  Why is this
-useful you ask?  Because this routine will allow you to encrypt an
-arbitrary number of bytes, no 8 byte padding.  Each call to this
-routine will encrypt the input bytes to output and then update ivec
-and num.  num contains 'how far' we are though ivec.  If this does
-not make much sense, read more about cfb mode of DES :-).
-
-DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as
-DES_cfb64_encrypt() except that Triple-DES is used.
-
-DES_ofb_encrypt() encrypts using output feedback mode.  This method
-takes an array of characters as input and outputs and array of
-characters.  It does not require any padding to 8 character groups.
-Note: the I<ivec> variable is changed and the new changed value needs to
-be passed to the next call to this function.  Since this function runs
-a complete DES ECB encryption per numbits, this function is only
-suggested for use when sending small numbers of characters.
-
-DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output
-Feed Back mode.
-
-DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as
-DES_ofb64_encrypt(), using Triple-DES.
-
-The following functions are included in the DES library for
-compatibility with the MIT Kerberos library.
-
-DES_cbc_cksum() produces an 8 byte checksum based on the input stream
-(via CBC encryption).  The last 4 bytes of the checksum are returned
-and the complete 8 bytes are placed in I<output>. This function is
-used by Kerberos v4.  Other applications should use
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead.
-
-DES_quad_cksum() is a Kerberos v4 function.  It returns a 4 byte
-checksum from the input bytes.  The algorithm can be iterated over the
-input, depending on I<out_count>, 1, 2, 3 or 4 times.  If I<output> is
-non-NULL, the 8 bytes generated by each pass are written into
-I<output>.
-
-The following are DES-based transformations:
-
-DES_fcrypt() is a fast version of the Unix crypt(3) function.  This
-version takes only a small amount of space relative to other fast
-crypt() implementations.  This is different to the normal crypt in
-that the third parameter is the buffer that the return value is
-written into.  It needs to be at least 14 bytes long.  This function
-is thread safe, unlike the normal crypt.
-
-DES_crypt() is a faster replacement for the normal system crypt().
-This function calls DES_fcrypt() with a static array passed as the
-third parameter.  This emulates the normal non-thread safe semantics
-of crypt(3).
-
-DES_enc_write() writes I<len> bytes to file descriptor I<fd> from
-buffer I<buf>. The data is encrypted via I<pcbc_encrypt> (default)
-using I<sched> for the key and I<iv> as a starting vector.  The actual
-data send down I<fd> consists of 4 bytes (in network byte order)
-containing the length of the following encrypted data.  The encrypted
-data then follows, padded with random data out to a multiple of 8
-bytes.
-
-DES_enc_read() is used to read I<len> bytes from file descriptor
-I<fd> into buffer I<buf>. The data being read from I<fd> is assumed to
-have come from DES_enc_write() and is decrypted using I<sched> for
-the key schedule and I<iv> for the initial vector.
-
-B<Warning:> The data format used by DES_enc_write() and DES_enc_read()
-has a cryptographic weakness: When asked to write more than MAXWRITE
-bytes, DES_enc_write() will split the data into several chunks that
-are all encrypted using the same IV.  So don't use these functions
-unless you are sure you know what you do (in which case you might not
-want to use them anyway).  They cannot handle non-blocking sockets.
-DES_enc_read() uses an internal state and thus cannot be used on
-multiple files.
-
-I<DES_rw_mode> is used to specify the encryption mode to use with
-DES_enc_read() and DES_end_write().  If set to I<DES_PCBC_MODE> (the
-default), DES_pcbc_encrypt is used.  If set to I<DES_CBC_MODE>
-DES_cbc_encrypt is used.
-
-=head1 NOTES
-
-Single-key DES is insecure due to its short key size.  ECB mode is
-not suitable for most applications.
-
-The L<evp(3)|evp(3)> library provides higher-level encryption functions.
-
-=head1 BUGS
-
-DES_cbc_encrypt() does not modify B<ivec>; use DES_ncbc_encrypt()
-instead.
-
-DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits.
-What this means is that if you set numbits to 12, and length to 2, the
-first 12 bits will come from the 1st input byte and the low half of
-the second input byte.  The second 12 bits will have the low 8 bits
-taken from the 3rd input byte and the top 4 bits taken from the 4th
-input byte.  The same holds for output.  This function has been
-implemented this way because most people will be using a multiple of 8
-and because once you get into pulling bytes input bytes apart things
-get ugly!
-
-DES_string_to_key() is available for backward compatibility with the
-MIT library.  New applications should use a cryptographic hash function.
-The same applies for DES_string_to_2key().
-
-=head1 CONFORMING TO
-
-ANSI X3.106
-
-The B<des> library was initially written to be source code compatible with
-the MIT Kerberos library.
-
-=head1 SEE ALSO
-
-crypt(3), L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-In OpenSSL 0.9.7, all des_ functions were renamed to DES_ to avoid
-clashes with older versions of libdes.
-
-DES_set_key_checked() and DES_set_key_unchecked() were added in
-OpenSSL 0.9.5.
-
-des_generate_random_block(), des_init_random_number_generator(),
-des_new_random_key(), des_set_random_generator_seed() and
-des_set_sequence_number() and des_rand_data() are used in newer
-versions of Kerberos but are not implemented here.
-
-DES_random_key() generated cryptographically weak random data in
-SSLeay and in OpenSSL prior version 0.9.5, as well as in the original
-MIT library.
-
-=head1 AUTHOR
-
-Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
-(http://www.openssl.org).
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_generate_key.pod b/lib/libssl/src/doc/crypto/DH_generate_key.pod
deleted file mode 100644
index 148e13762b7..00000000000
--- a/lib/libssl/src/doc/crypto/DH_generate_key.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_generate_key(DH *dh);
-
- int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
-=head1 DESCRIPTION
-
-DH_generate_key() performs the first step of a Diffie-Hellman key
-exchange by generating private and public DH values. By calling
-DH_compute_key(), these are combined with the other party's public
-value to compute the shared key.
-
-DH_generate_key() expects B<dh> to contain the shared parameters
-B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
-unless B<dh-E<gt>priv_key> is already set, and computes the
-corresponding public value B<dh-E<gt>pub_key>, which can then be
-published.
-
-DH_compute_key() computes the shared secret from the private DH value
-in B<dh> and the other party's public value in B<pub_key> and stores
-it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
-
-=head1 RETURN VALUES
-
-DH_generate_key() returns 1 on success, 0 otherwise.
-
-DH_compute_key() returns the size of the shared secret on success, -1
-on error.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DH_size(3)|DH_size(3)>
-
-=head1 HISTORY
-
-DH_generate_key() and DH_compute_key() are available in all versions
-of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_generate_parameters.pod b/lib/libssl/src/doc/crypto/DH_generate_parameters.pod
deleted file mode 100644
index bd0782cb0c5..00000000000
--- a/lib/libssl/src/doc/crypto/DH_generate_parameters.pod
+++ /dev/null
@@ -1,80 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_generate_parameters_ex, DH_generate_parameters,
-DH_check - generate and check Diffie-Hellman parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
-
- int DH_check(DH *dh, int *codes);
-
-Deprecated:
-
- DH *DH_generate_parameters(int prime_len, int generator,
-     void (*callback)(int, int, void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-DH_generate_parameters_ex() generates Diffie-Hellman parameters that can
-be shared among a group of users, and stores them in the provided B<DH>
-structure.
-
-B<prime_len> is the length in bits of the safe prime to be generated.
-B<generator> is a small number E<gt> 1, typically 2 or 5.
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<cb> is not B<NULL>, it will be
-called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime number is
-generated, and when a prime has been found, B<BN_GENCB_call(cb, 3, 0)> is
-called. See L<BN_generate_prime(3)|BN_generate_prime(3)> for information on
-the BN_GENCB_call() function.
-
-DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
-a safe prime, and that B<g> is a suitable generator. In the case of an
-error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or
-DH_NOT_SUITABLE_GENERATOR are set in B<*codes>.
-DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be
-checked, i.e. it does not equal 2 or 5.
-
-=head1 RETURN VALUES
-
-DH_generate_parameters_ex() and DH_check() return 1 if the check could be
-performed, 0 otherwise.
-
-DH_generate_parameters() (deprecated) returns a pointer to the DH structure, or
-NULL if the parameter generation fails.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-DH_generate_parameters_ex() and DH_generate_parameters() may run for several
-hours before finding a suitable prime.
-
-The parameters generated by DH_generate_parameters_ex() and DH_generate_parameters()
-are not to be used in signature schemes.
-
-=head1 BUGS
-
-If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not
-a usable generator.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DH_free(3)|DH_free(3)>
-
-=head1 HISTORY
-
-DH_check() is available in all versions of SSLeay and OpenSSL.
-The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
-
-In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
-instead of DH_CHECK_P_NOT_SAFE_PRIME.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod b/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod
deleted file mode 100644
index 934ec094bbc..00000000000
--- a/lib/libssl/src/doc/crypto/DH_get_ex_new_index.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific
-data to DH structures
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int DH_set_ex_data(DH *d, int idx, void *arg);
-
- char *DH_get_ex_data(DH *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DH
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
-
-=head1 HISTORY
-
-DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_new.pod b/lib/libssl/src/doc/crypto/DH_new.pod
deleted file mode 100644
index 0fdb7b9680c..00000000000
--- a/lib/libssl/src/doc/crypto/DH_new.pod
+++ /dev/null
@@ -1,38 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_new, DH_free - allocate and free DH objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH* DH_new(void);
-
- void DH_free(DH *dh);
-
-=head1 DESCRIPTION
-
-DH_new() allocates and initializes a B<DH> structure.
-
-DH_free() frees the B<DH> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DH_new() returns B<NULL> and sets an error code that
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a
-pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_set_method.pod b/lib/libssl/src/doc/crypto/DH_set_method.pod
deleted file mode 100644
index d82fe7377a2..00000000000
--- a/lib/libssl/src/doc/crypto/DH_set_method.pod
+++ /dev/null
@@ -1,129 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_set_default_method, DH_get_default_method,
-DH_set_method, DH_new_method, DH_OpenSSL,
-DH_set_default_openssl_method, DH_get_default_openssl_method
-- select DH method
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- void DH_set_default_method(const DH_METHOD *meth);
-
- const DH_METHOD *DH_get_default_method(void);
-
- int DH_set_method(DH *dh, const DH_METHOD *meth);
-
- DH *DH_new_method(ENGINE *engine);
-
- const DH_METHOD *DH_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these DH API functions are affected by the use
-of B<ENGINE> API calls.
-
-Initially, the default DH_METHOD is the OpenSSL internal implementation, as
-returned by DH_OpenSSL().
-
-DH_set_default_method() makes B<meth> the default method for all DH
-structures created later. B<NB>: This is true only whilst no ENGINE has been set
-as a default for DH, so this function is no longer recommended.
-
-DH_get_default_method() returns a pointer to the current default DH_METHOD.
-However, the meaningfulness of this result is dependent on whether the ENGINE
-API is being used, so this function is no longer recommended.
-
-DH_set_method() selects B<meth> to perform all operations using the key B<dh>.
-This will replace the DH_METHOD used by the DH key and if the previous method
-was supplied by an ENGINE, the handle to that ENGINE will be released during the
-change. It is possible to have DH keys that only work with certain DH_METHOD
-implementations (eg. from an ENGINE module that supports embedded
-hardware-protected keys), and in such cases attempting to change the DH_METHOD
-for the key can have unexpected results.
-
-DH_new_method() allocates and initializes a DH structure so that B<engine> will
-be used for the DH operations. If B<engine> is NULL, the default ENGINE for DH
-operations is used, and if no default ENGINE is set, the DH_METHOD controlled by
-DH_set_default_method() is used.
-
-=head1 THE DH_METHOD STRUCTURE
-
- typedef struct dh_meth_st
- {
-     /* name of the implementation */
-	const char *name;
-
-     /* generate private and public DH values for key agreement */
-        int (*generate_key)(DH *dh);
-
-     /* compute shared secret */
-        int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-        int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-                                const BIGNUM *m, BN_CTX *ctx,
-                                BN_MONT_CTX *m_ctx);
-
-     /* called at DH_new */
-        int (*init)(DH *dh);
-
-     /* called at DH_free */
-        int (*finish)(DH *dh);
-
-        int flags;
-
-        char *app_data; /* ?? */
-
- } DH_METHOD;
-
-=head1 RETURN VALUES
-
-DH_OpenSSL() and DH_get_default_method() return pointers to the respective
-B<DH_METHOD>s.
-
-DH_set_method() returns non-zero if the provided B<meth> was successfully set as
-the method for B<dh> (including unloading the ENGINE handle if the previous
-method was supplied by an ENGINE).
-
-DH_new_method() returns NULL and sets an error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise it
-returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, DH_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DH functionality using an ENGINE API function,
-that will override any DH defaults set using the DH API (ie.
-DH_set_default_method()). For this reason, the ENGINE API is the recommended way
-to control default implementations for use in DH and other cryptographic
-algorithms.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
-
-=head1 HISTORY
-
-DH_set_default_method(), DH_get_default_method(), DH_set_method(),
-DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
-
-DH_set_default_openssl_method() and DH_get_default_openssl_method() replaced
-DH_set_default_method() and DH_get_default_method() respectively, and
-DH_set_method() and DH_new_method() were altered to use B<ENGINE>s rather than
-B<DH_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DH API without
-requiring changing these function prototypes.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DH_size.pod b/lib/libssl/src/doc/crypto/DH_size.pod
deleted file mode 100644
index 97f26fda785..00000000000
--- a/lib/libssl/src/doc/crypto/DH_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DH_size - get Diffie-Hellman prime size
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- int DH_size(DH *dh);
-
-=head1 DESCRIPTION
-
-This function returns the Diffie-Hellman size in bytes. It can be used
-to determine how much memory must be allocated for the shared secret
-computed by DH_compute_key().
-
-B<dh-E<gt>p> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>
-
-=head1 HISTORY
-
-DH_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_SIG_new.pod b/lib/libssl/src/doc/crypto/DSA_SIG_new.pod
deleted file mode 100644
index 77aa649db05..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_SIG_new.pod
+++ /dev/null
@@ -1,38 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_SIG_new(void);
-
- void	DSA_SIG_free(DSA_SIG *a);
-
-=head1 DESCRIPTION
-
-DSA_SIG_new() allocates and initializes a B<DSA_SIG> structure.
-
-DSA_SIG_free() frees the B<DSA_SIG> structure and its components. The
-values are erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
-error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_do_sign.pod b/lib/libssl/src/doc/crypto/DSA_do_sign.pod
deleted file mode 100644
index 5dfc733b20e..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_do_sign.pod
+++ /dev/null
@@ -1,47 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_do_sign, DSA_do_verify - raw DSA signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
-
- int DSA_do_verify(const unsigned char *dgst, int dgst_len,
-	     DSA_SIG *sig, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_do_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and returns it in a
-newly allocated B<DSA_SIG> structure.
-
-L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
-of the signing operation in case signature generation is
-time-critical.
-
-DSA_do_verify() verifies that the signature B<sig> matches a given
-message digest B<dgst> of size B<len>.  B<dsa> is the signer's public
-key.
-
-=head1 RETURN VALUES
-
-DSA_do_sign() returns the signature, NULL on error.  DSA_do_verify()
-returns 1 for a valid signature, 0 for an incorrect signature and -1
-on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
-L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_dup_DH.pod b/lib/libssl/src/doc/crypto/DSA_dup_DH.pod
deleted file mode 100644
index 7f6f0d1115a..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_dup_DH.pod
+++ /dev/null
@@ -1,36 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_dup_DH - create a DH structure out of DSA structure
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DH * DSA_dup_DH(const DSA *r);
-
-=head1 DESCRIPTION
-
-DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
-is lost during that conversion, but the resulting DH parameters
-contain its length.
-
-=head1 RETURN VALUE
-
-DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTE
-
-Be careful to avoid small subgroup attacks when using this.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-DSA_dup_DH() was added in OpenSSL 0.9.4.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_generate_key.pod b/lib/libssl/src/doc/crypto/DSA_generate_key.pod
deleted file mode 100644
index 069a05767cb..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_generate_key.pod
+++ /dev/null
@@ -1,32 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_key - generate DSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_generate_key(DSA *a);
-
-=head1 DESCRIPTION
-
-DSA_generate_key() expects B<a> to contain DSA parameters. It generates
-a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
-
-=head1 RETURN VALUE
-
-DSA_generate_key() returns 1 on success, 0 otherwise.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
-
-=head1 HISTORY
-
-DSA_generate_key() is available since SSLeay 0.8.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod b/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod
deleted file mode 100644
index 698b555a0ea..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_generate_parameters.pod
+++ /dev/null
@@ -1,122 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_generate_parameters_ex(DSA *dsa, int bits,
-		const unsigned char *seed,int seed_len,
-		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
-
-Deprecated:
-
- DSA *DSA_generate_parameters(int bits, unsigned char *seed,
-                int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-DSA_generate_parameters_ex() generates primes p and q and a generator g
-for use in the DSA and stores the result in B<dsa>.
-
-B<bits> is the length of the prime to be generated; the DSS allows a
-maximum of 1024 bits.
-
-If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
-generated at random. Otherwise, the seed is used to generate
-them. If the given seed does not yield a prime q, a new random
-seed is chosen and placed at B<seed>.
-
-DSA_generate_parameters_ex() places the iteration count in
-*B<counter_ret> and a counter used for finding a generator in
-*B<h_ret>, unless these are B<NULL>.
-
-A callback function may be used to provide feedback about the progress
-of the key generation. If B<cb> is not B<NULL>, it will be
-called as shown below. For information on the BN_GENCB structure and the
-BN_GENCB_call function discussed below, refer to
-L<BN_generate_prime(3)|BN_generate_prime(3)>.
-
-=over 4
-
-=item *
-
-When a candidate for q is generated, B<BN_GENCB_call(cb, 0, m++)> is called
-(m is 0 for the first candidate).
-
-=item *
-
-When a candidate for q has passed a test by trial division,
-B<BN_GENCB_call(cb, 1, -1)> is called.
-While a candidate for q is tested by Miller-Rabin primality tests,
-B<BN_GENCB_call(cb, 1, i)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime);
-i is the loop counter (starting at 0).
-
-=item *
-
-When a prime q has been found, B<BN_GENCB_call(cb, 2, 0)> and
-B<BN_GENCB_call(cb, 3, 0)> are called.
-
-=item *
-
-Before a candidate for p (other than the first) is generated and tested,
-B<BN_GENCB_call(cb, 0, counter)> is called.
-
-=item *
-
-When a candidate for p has passed the test by trial division,
-B<BN_GENCB_call(cb, 1, -1)> is called.
-While it is tested by the Miller-Rabin primality test,
-B<BN_GENCB_call(cb, 1, i)> is called in the outer loop
-(once for each witness that confirms that the candidate may be prime).
-i is the loop counter (starting at 0).
-
-=item *
-
-When p has been found, B<BN_GENCB_call(cb, 2, 1)> is called.
-
-=item *
-
-When the generator has been found, B<BN_GENCB_call(cb, 3, 1)> is called.
-
-=back
-
-DSA_generate_parameters() (deprecated) works in much the same way as for DSA_generate_parameters_ex, except that no B<dsa> parameter is passed and
-instead a newly allocated B<DSA> structure is returned. Additionally "old
-style" callbacks are used instead of the newer BN_GENCB based approach.
-Refer to L<BN_generate_prime(3)|BN_generate_prime(3)> for further information.
-
-=head1 RETURN VALUE
-
-DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise.
-
-DSA_generate_parameters() returns a pointer to the DSA structure, or
-B<NULL> if the parameter generation fails.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-Seed lengths E<gt> 20 are not supported.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_free(3)|DSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
-
-=head1 HISTORY
-
-DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
-argument was added in SSLeay 0.9.0.
-In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
-in the inner loop of the Miller-Rabin test whenever it reached the
-squaring step (the parameters to B<callback> did not reveal how many
-witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
-is called as in BN_is_prime(3), i.e. once for each witness.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_get_ex_new_index.pod b/lib/libssl/src/doc/crypto/DSA_get_ex_new_index.pod
deleted file mode 100644
index e2fcabf3705..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,37 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application
-specific data to DSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int DSA_set_ex_data(DSA *d, int idx, void *arg);
-
- char *DSA_get_ex_data(DSA *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in DSA
-structures. Their usage is identical to that of
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
-as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
-
-=head1 HISTORY
-
-DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
-available since OpenSSL 0.9.5.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_new.pod b/lib/libssl/src/doc/crypto/DSA_new.pod
deleted file mode 100644
index e1e30b9a079..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_new.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_new, DSA_free - allocate and free DSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- DSA* DSA_new(void);
-
- void DSA_free(DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_new() allocates and initializes a B<DSA> structure. It is equivalent to
-calling DSA_new_method(NULL).
-
-DSA_free() frees the B<DSA> structure and its components. The values are
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, DSA_new() returns B<NULL> and sets an error
-code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
-to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>
-
-=head1 HISTORY
-
-DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_set_method.pod b/lib/libssl/src/doc/crypto/DSA_set_method.pod
deleted file mode 100644
index bc57a3e8e2d..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_set_method.pod
+++ /dev/null
@@ -1,143 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_set_default_method, DSA_get_default_method,
-DSA_set_method, DSA_new_method, DSA_OpenSSL,
-DSA_set_default_openssl_method, DSA_get_default_openssl_method
-- select DSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- void DSA_set_default_method(const DSA_METHOD *meth);
-
- const DSA_METHOD *DSA_get_default_method(void);
-
- int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
-
- DSA *DSA_new_method(ENGINE *engine);
-
- DSA_METHOD *DSA_OpenSSL(void);
-
-=head1 DESCRIPTION
-
-A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
-operations. By modifying the method, alternative implementations
-such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these DSA API functions are affected by the use
-of B<ENGINE> API calls.
-
-Initially, the default DSA_METHOD is the OpenSSL internal implementation,
-as returned by DSA_OpenSSL().
-
-DSA_set_default_method() makes B<meth> the default method for all DSA
-structures created later. B<NB>: This is true only whilst no ENGINE has
-been set as a default for DSA, so this function is no longer recommended.
-
-DSA_get_default_method() returns a pointer to the current default
-DSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
-recommended.
-
-DSA_set_method() selects B<meth> to perform all operations using the key
-B<rsa>. This will replace the DSA_METHOD used by the DSA key and if the
-previous method was supplied by an ENGINE, the handle to that ENGINE will
-be released during the change. It is possible to have DSA keys that only
-work with certain DSA_METHOD implementations (eg. from an ENGINE module
-that supports embedded hardware-protected keys), and in such cases
-attempting to change the DSA_METHOD for the key can have unexpected
-results.
-
-DSA_new_method() allocates and initializes a DSA structure so that B<engine>
-will be used for the DSA operations. If B<engine> is NULL, the default engine
-for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD
-controlled by DSA_set_default_method() is used.
-
-=head1 THE DSA_METHOD STRUCTURE
-
-struct
- {
-     /* name of the implementation */
-        const char *name;
-
-     /* sign */
-	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
-                                 DSA *dsa);
-
-     /* pre-compute k^-1 and r */
-	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-                                 BIGNUM **rp);
-
-     /* verify */
-	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
-                                 DSA_SIG *sig, DSA *dsa);
-
-     /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
-                                          implementations) */
-	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
-                                 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
-                                 BN_CTX *ctx, BN_MONT_CTX *in_mont);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-        int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
-                                 const BIGNUM *p, const BIGNUM *m,
-                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-     /* called at DSA_new */
-        int (*init)(DSA *DSA);
-
-     /* called at DSA_free */
-        int (*finish)(DSA *DSA);
-
-        int flags;
-
-        char *app_data; /* ?? */
-
- } DSA_METHOD;
-
-=head1 RETURN VALUES
-
-DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective
-B<DSA_METHOD>s.
-
-DSA_set_method() returns non-zero if the provided B<meth> was successfully set
-as the method for B<dsa> (including unloading the ENGINE handle if the previous
-method was supplied by an ENGINE).
-
-DSA_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
-fails. Otherwise it returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, DSA_METHOD implementations are grouped together with other
-algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
-default ENGINE is specified for DSA functionality using an ENGINE API function,
-that will override any DSA defaults set using the DSA API (ie.
-DSA_set_default_method()). For this reason, the ENGINE API is the recommended
-way to control default implementations for use in DSA and other cryptographic
-algorithms.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
-
-=head1 HISTORY
-
-DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
-DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
-
-DSA_set_default_openssl_method() and DSA_get_default_openssl_method() replaced
-DSA_set_default_method() and DSA_get_default_method() respectively, and
-DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s rather than
-B<DSA_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
-0.9.7, the handling of defaults in the ENGINE API was restructured so that this
-change was reversed, and behaviour of the other functions resembled more closely
-the previous behaviour. The behaviour of defaults in the ENGINE API now
-transparently overrides the behaviour of defaults in the DSA API without
-requiring changing these function prototypes.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_sign.pod b/lib/libssl/src/doc/crypto/DSA_sign.pod
deleted file mode 100644
index 4e78a713901..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_sign.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int	DSA_sign(int type, const unsigned char *dgst, int len,
-		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
-
- int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
-                BIGNUM **rp);
-
- int	DSA_verify(int type, const unsigned char *dgst, int len,
-		unsigned char *sigbuf, int siglen, DSA *dsa);
-
-=head1 DESCRIPTION
-
-DSA_sign() computes a digital signature on the B<len> byte message
-digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
-encoding at B<sigret>. The length of the signature is places in
-*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
-
-DSA_sign_setup() may be used to precompute part of the signing
-operation in case signature generation is time-critical. It expects
-B<dsa> to contain DSA parameters. It places the precomputed values
-in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
-the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
-be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
-B<ctx> is a pre-allocated B<BN_CTX> or NULL.
-
-DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<dgst> of size B<len>.
-B<dsa> is the signer's public key.
-
-The B<type> parameter is ignored.
-
-=head1 RETURN VALUES
-
-DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
-DSA_verify() returns 1 for a valid signature, 0 for an incorrect
-signature and -1 on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
-
-=head1 HISTORY
-
-DSA_sign() and DSA_verify() are available in all versions of SSLeay.
-DSA_sign_setup() was added in SSLeay 0.8.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/DSA_size.pod b/lib/libssl/src/doc/crypto/DSA_size.pod
deleted file mode 100644
index ba4f650361c..00000000000
--- a/lib/libssl/src/doc/crypto/DSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-DSA_size - get DSA signature size
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
-
- int DSA_size(const DSA *dsa);
-
-=head1 DESCRIPTION
-
-This function returns the size of an ASN.1 encoded DSA signature in
-bytes. It can be used to determine how much memory must be allocated
-for a DSA signature.
-
-B<dsa-E<gt>q> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
-
-=head1 HISTORY
-
-DSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_GFp_simple_method.pod b/lib/libssl/src/doc/crypto/EC_GFp_simple_method.pod
deleted file mode 100644
index aff20ac175b..00000000000
--- a/lib/libssl/src/doc/crypto/EC_GFp_simple_method.pod
+++ /dev/null
@@ -1,60 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining B<EC_METHOD> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
-
- const EC_METHOD *EC_GFp_simple_method(void);
- const EC_METHOD *EC_GFp_mont_method(void);
- const EC_METHOD *EC_GFp_nist_method(void);
- const EC_METHOD *EC_GFp_nistp224_method(void);
- const EC_METHOD *EC_GFp_nistp256_method(void);
- const EC_METHOD *EC_GFp_nistp521_method(void);
-
- const EC_METHOD *EC_GF2m_simple_method(void);
-
- int EC_METHOD_get_field_type(const EC_METHOD *meth);
-
-=head1 DESCRIPTION
-
-The Elliptic Curve library provides a number of different implementations through a single common interface.
-When constructing a curve using EC_GROUP_new (see L<EC_GROUP_new(3)|EC_GROUP_new(3)>) an
-implementation method must be provided. The functions described here all return a const pointer to an
-B<EC_METHOD> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation
-type for the form of curve selected is used.
-
-For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.
-
-For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All
-other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the
-use of montgomery multiplication (see L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>). EC_GFp_nist_method
-offers an implementation optimised for use with NIST recommended curves (NIST curves are available through
-EC_GROUP_new_by_curve_name as described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>).
-
-The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit
-optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these
-implementations are not available on all platforms.
-
-EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either
-F2^m or Fp. If the field type is Fp then the value B<NID_X9_62_prime_field> is returned. If the field type is
-F2^m then the value B<NID_X9_62_characteristic_two_field> is returned. These values are defined in the
-obj_mac.h header file.
-
-=head1 RETURN VALUES
-
-All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.
-
-EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_GROUP_copy.pod b/lib/libssl/src/doc/crypto/EC_GROUP_copy.pod
deleted file mode 100644
index d4896af1d54..00000000000
--- a/lib/libssl/src/doc/crypto/EC_GROUP_copy.pod
+++ /dev/null
@@ -1,174 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating B<EC_GROUP> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
- EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
-
- const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
-
- int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
- const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
-
- int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
- int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
-
- void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
- int EC_GROUP_get_curve_name(const EC_GROUP *group);
-
- void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
- int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
-
- void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
- point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
-
- unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
- size_t EC_GROUP_get_seed_len(const EC_GROUP *);
- size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
-
- int EC_GROUP_get_degree(const EC_GROUP *group);
-
- int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
-
- int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
-
- int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
-
- int EC_GROUP_get_basis_type(const EC_GROUP *);
- int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
- int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, 
-	unsigned int *k2, unsigned int *k3);
-
-=head1 DESCRIPTION
-
-EC_GROUP_copy copies the curve B<src> into B<dst>. Both B<src> and B<dst> must use the same EC_METHOD.
-
-EC_GROUP_dup creates a new EC_GROUP object and copies the content from B<src> to the newly created
-EC_GROUP object.
-
-EC_GROUP_method_of obtains the EC_METHOD of B<group>.
-
-EC_GROUP_set_generator sets curve paramaters that must be agreed by all participants using the curve. These
-paramaters include the B<generator>, the B<order> and the B<cofactor>. The B<generator> is a well defined point on the
-curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and
-n-1 where n is the B<order>. The B<order> multipied by the B<cofactor> gives the number of points on the curve.
-
-EC_GROUP_get0_generator returns the generator for the identified B<group>.
-
-The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided B<order> and B<cofactor> parameters
-with the respective order and cofactors for the B<group>.
-
-The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively
-(see L<EC_GROUP_new(3)|EC_GROUP_new(3)>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name
-will return 0.
-
-The asn1_flag value on a curve is used to determine whether there is a specific ASN1 OID to describe the curve or not.
-If the asn1_flag is 1 then this is a named curve with an associated ASN1 OID. If not then asn1_flag is 0. The functions
-EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. If set then
-the curve_name must also be set.
-
-The point_conversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA).
-point_conversion_form_t is an enum defined as follows: 
-
- typedef enum {
-	/** the point is encoded as z||x, where the octet z specifies 
-	 *   which solution of the quadratic equation y is  */
-	POINT_CONVERSION_COMPRESSED = 2,
-	/** the point is encoded as z||x||y, where z is the octet 0x02  */
-	POINT_CONVERSION_UNCOMPRESSED = 4,
-	/** the point is encoded as z||x||y, where the octet z specifies
-         *  which solution of the quadratic equation y is  */
-	POINT_CONVERSION_HYBRID = 6
- } point_conversion_form_t;
-
- 
-For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by
-the octets for x, followed by the octets for y.
-
-For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For
-POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of
-the two possible solutions for y has been used, followed by the octets for x. 
-
-For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two
-possible solutions for y has been used, followed by the octets for x, followed by the octets for y.
-
-The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form
-for the curve respectively.
-
-ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages
-in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it.
-If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library
-does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block
-containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the
-builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using
-EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use
-this seed value, although it will be preserved in any ASN1 based communications.
-
-EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p.  For F2^m fields this will be
-the value m.
-
-The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid.
-For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is
-simply b. In either case for the curve to be valid the discriminant must be non zero.
-
-The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include
-verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has
-the correct order.
-
-EC_GROUP_cmp compares B<a> and B<b> to determine whether they represent the same curve or not.
-
-The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves
-defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial
-function f(x). This function is either a trinomial of the form:
-
-f(x) = x^m + x^k + 1 with m > k >= 1
-
-or a pentanomial of the form:
-
-f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m > k3 > k2 > k1 >= 1
-
-The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The
-function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of B<k>. Similarly
-the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of B<k1>,
-B<k2> and B<k3> respectively.
-
-=head1 RETURN VALUES
-
-The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check,
-EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.
-
-EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.
-
-EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.
-
-EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.
-
-EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form
-and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the
-specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.
-
-EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not
-specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.
-
-EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is
-0, the return value will be 1. On error 0 is returned.
-
-EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.
-
-EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in <openssl/obj_mac.h>) for a
-trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_GROUP_new.pod b/lib/libssl/src/doc/crypto/EC_GROUP_new.pod
deleted file mode 100644
index 9ab3566e657..00000000000
--- a/lib/libssl/src/doc/crypto/EC_GROUP_new.pod
+++ /dev/null
@@ -1,95 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying B<EC_GROUP> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
- void EC_GROUP_free(EC_GROUP *group);
- void EC_GROUP_clear_free(EC_GROUP *group);
-
- EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-
- int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
- size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-
-=head1 DESCRIPTION
-
-Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the
-prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised
-elliptic curve equation as follows:
-
-y^2 mod p = x^3 +ax + b mod p
-
-The second form is those defined over a binary field F2^m where the elements of the field are integers of length at
-most m bits. For this form the elliptic curve equation is modified to:
-
-y^2 + xy = x^3 + ax^2 + b (where b != 0)
-
-Operations in a binary field are performed relative to an B<irreducible polynomial>. All such curves with OpenSSL
-use a trinomial or a pentanomial for this parameter.
-
-A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by B<meth> (see
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>). It is then necessary to call either EC_GROUP_set_curve_GFp or
-EC_GROUP_set_curve_GF2m as appropriate to create a curve defined over Fp or over F2^m respectively. 
-
-EC_GROUP_set_curve_GFp sets the curve parameters B<p>, B<a> and B<b> for a curve over Fp stored in B<group>.
-EC_group_get_curve_GFp obtains the previously set curve parameters.
-
-EC_GROUP_set_curve_GF2m sets the equivalent curve parameters for a curve over F2^m. In this case B<p> represents
-the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three
-or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.
-EC_group_get_curve_GF2m obtains the previously set curve parameters.
-
-The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and the
-appropriate EC_group_set_curve function. An appropriate default implementation method will be used.
-
-Whilst the library can be used to create any curve using the functions described above, there are also a number of
-predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function
-EC_get_builtin_curves. The parameter B<r> should be an array of EC_builtin_curve structures of size B<nitems>. The function
-will populate the B<r> array with information about the builtin curves. If B<nitems> is less than the total number of
-curves available, then the first B<nitems> curves will be returned. Otherwise the total number of curves will be
-provided. The return value is the total number of curves available (whether that number has been populated in B<r> or
-not). Passing a NULL B<r>, or setting B<nitems> to 0 will do nothing other than return the total number of curves available.
-The EC_builtin_curve structure is defined as follows:
-
- typedef struct { 
-	int nid;
-	const char *comment;
-	} EC_builtin_curve;
-
-Each EC_builtin_curve item has a unique integer id (B<nid>), and a human readable comment string describing the curve.
-
-In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the B<nid> of the curve to
-be constructed.
-
-EC_GROUP_free frees the memory associated with the EC_GROUP.
-
-EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory.
-
-=head1 RETURN VALUES
-
-All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.
-
-EC_get_builtin_curves returns the number of builtin curves that are available.
-
-EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_KEY_new.pod b/lib/libssl/src/doc/crypto/EC_KEY_new.pod
deleted file mode 100644
index 02d7bac82ce..00000000000
--- a/lib/libssl/src/doc/crypto/EC_KEY_new.pod
+++ /dev/null
@@ -1,115 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_enc_flags, EC_KEY_set_enc_flags, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_get_key_method_data, EC_KEY_insert_key_method_data, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates - Functions for creating, destroying and manipulating B<EC_KEY> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- EC_KEY *EC_KEY_new(void);
- int EC_KEY_get_flags(const EC_KEY *key);
- void EC_KEY_set_flags(EC_KEY *key, int flags);
- void EC_KEY_clear_flags(EC_KEY *key, int flags);
- EC_KEY *EC_KEY_new_by_curve_name(int nid);
- void EC_KEY_free(EC_KEY *key);
- EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
- EC_KEY *EC_KEY_dup(const EC_KEY *src);
- int EC_KEY_up_ref(EC_KEY *key);
- const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
- int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
- const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
- int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
- const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
- int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
- unsigned int EC_KEY_get_enc_flags(const EC_KEY *key);
- void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
- point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
- void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
- void *EC_KEY_get_key_method_data(EC_KEY *key, 
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
- void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
- void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
- int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
- int EC_KEY_generate_key(EC_KEY *key);
- int EC_KEY_check_key(const EC_KEY *key);
- int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
-
-=head1 DESCRIPTION
-
-An EC_KEY represents a public key and (optionally) an associated private key. A new EC_KEY (with no associated curve) can be constructed by calling EC_KEY_new.
-The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling
-EC_KEY_set_group.
-
-Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name and supplying the nid of the associated curve. Refer to L<EC_GROUP_new(3)|EC_GROUP_new(3)> for a description of curve names. This function simply wraps calls to EC_KEY_new and 
-EC_GROUP_new_by_curve_name.
-
-Calling EC_KEY_free decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated
-with it.
-
-EC_KEY_copy copies the contents of the EC_KEY in B<src> into B<dest>.
-
-EC_KEY_dup creates a new EC_KEY object and copies B<ec_key> into it.
-
-EC_KEY_up_ref increments the reference count associated with the EC_KEY object.
-
-EC_KEY_generate_key generates a new public and private key for the supplied B<eckey> object. B<eckey> must have an EC_GROUP object
-associated with it before calling this function. The private key is a random integer (0 < priv_key < order, where order is the order
-of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the
-private key.
-
-EC_KEY_check_key performs various sanity checks on the EC_KEY object to confirm that it is valid.
-
-EC_KEY_set_public_key_affine_coordinates sets the public key for B<key> based on its affine co-ordinates, i.e. it constructs an EC_POINT
-object based on the supplied B<x> and B<y> values and sets the public key to be this EC_POINT. It will also performs certain sanity checks
-on the key to confirm that it is valid.
-
-The functions EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, and EC_KEY_set_public_key get and set the EC_GROUP object, the private key and the EC_POINT public key for the B<key> respectively.
-
-The functions EC_KEY_get_enc_flags and EC_KEY_set_enc_flags get and set the value of the encoding flags for the B<key>. There are two encoding
-flags currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY.  These flags define the behaviour of how the  B<key> is
-converted into ASN1 in a call to i2d_ECPrivateKey. If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded
-along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.
-
-The functions EC_KEY_get_conv_form and EC_KEY_set_conv_form get and set the point_conversion_form for the B<key>. For a description
-of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
-
-EC_KEY_insert_key_method_data and EC_KEY_get_key_method_data enable the caller to associate arbitrary additional data specific to the
-elliptic curve scheme being used with the EC_KEY object. This data is treated as a "black box" by the ec library. The data to be stored by EC_KEY_insert_key_method_data is provided in the B<data> parameter, which must have associated functions for duplicating, freeing and "clear_freeing" the data item. If a subsequent EC_KEY_get_key_method_data call is issued, the functions for duplicating, freeing and "clear_freeing" the data item must be provided again, and they must be the same as they were when the data item was inserted.
-
-EC_KEY_set_flags sets the flags in the B<flags> parameter on the EC_KEY object. Any flags that are already set are left set. The currently defined standard flags are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH and is defined in ecdh.h. EC_KEY_get_flags returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags clears the flags indicated by the B<flags> parameter. All other flags are left in their existing state.
-
-EC_KEY_set_asn1_flag sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for further information on the asn1_flag.
-
-EC_KEY_precompute_mult stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also L<EC_POINT_add(3)|EC_POINT_add(3)>.
-
-
-=head1 RETURN VALUES
-
-EC_KEY_new, EC_KEY_new_by_curve_name and EC_KEY_dup return a pointer to the newly created EC_KEY object, or NULL on error.
-
-EC_KEY_get_flags returns the flags associated with the EC_KEY object as an integer.
-
-EC_KEY_copy returns a pointer to the destination key, or NULL on error.
-
-EC_KEY_up_ref, EC_KEY_set_group, EC_KEY_set_private_key, EC_KEY_set_public_key, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key and EC_KEY_set_public_key_affine_coordinates return 1 on success or 0 on error.
-
-EC_KEY_get0_group returns the EC_GROUP associated with the EC_KEY.
-
-EC_KEY_get0_private_key returns the private key associated with the EC_KEY.
-
-EC_KEY_get_enc_flags returns the value of the current encoding flags for the EC_KEY.
-
-EC_KEY_get_conv_form return the point_conversion_form for the EC_KEY.
-
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_POINT_add.pod b/lib/libssl/src/doc/crypto/EC_POINT_add.pod
deleted file mode 100644
index ae926408432..00000000000
--- a/lib/libssl/src/doc/crypto/EC_POINT_add.pod
+++ /dev/null
@@ -1,72 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on B<EC_POINT> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
- int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
- int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
- int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
- int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
- int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
- int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
- int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
- int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
- int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
- int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
- int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
-
-
-=head1 DESCRIPTION
-
-EC_POINT_add adds the two points B<a> and B<b> and places the result in B<r>. Similarly EC_POINT_dbl doubles the point B<a> and places the
-result in B<r>. In both cases it is valid for B<r> to be one of B<a> or B<b>.
-
-EC_POINT_invert calculates the inverse of the supplied point B<a>. The result is placed back in B<a>.
-
-The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.
-
-EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.
-
-EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.
-
-The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine
-co-ordinate system. In the case of EC_POINTs_make_affine the value B<num> provides the number of points in the array B<points> to be
-forced.
-
-EC_POINT_mul calculates the value generator * B<n> + B<q> * B<m> and stores the result in B<r>. The value B<n> may be NULL in which case the result is just B<q> * B<m>.
-
-EC_POINTs_mul calculates the value generator * B<n> + B<q[0]> * B<m[0]> + ... + B<q[num-1]> * B<m[num-1]>. As for EC_POINT_mul the value
-B<n> may be NULL.
-
-The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst
-EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for information
-about the generator.
-
-
-=head1 RETURN VALUES
-
-The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine,
-EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.
-
-EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.
-
-EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.
-
-EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.
-
-EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EC_POINT_new.pod b/lib/libssl/src/doc/crypto/EC_POINT_new.pod
deleted file mode 100644
index b41ca0ed0c8..00000000000
--- a/lib/libssl/src/doc/crypto/EC_POINT_new.pod
+++ /dev/null
@@ -1,123 +0,0 @@
-=pod
-
-=head1 NAME
-
-EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_set_Jprojective_coordinates, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating B<EC_POINT> objects.
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- EC_POINT *EC_POINT_new(const EC_GROUP *group);
- void EC_POINT_free(EC_POINT *point);
- void EC_POINT_clear_free(EC_POINT *point);
- int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
- EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
- const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
- int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
- int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
- int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
- int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
- int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
- size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
-	point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *ctx);
- int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
-        const unsigned char *buf, size_t len, BN_CTX *ctx);
- BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BIGNUM *, BN_CTX *);
- EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
-	EC_POINT *, BN_CTX *);
- char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BN_CTX *);
- EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
-	EC_POINT *, BN_CTX *);
-
-
-=head1 DESCRIPTION
-
-An EC_POINT represents a point on a curve. A new point is constructed by calling the function EC_POINT_new and providing the B<group>
-object that the point relates to.
-
-EC_POINT_free frees the memory associated with the EC_POINT.
-
-EC_POINT_clear_free destroys any sensitive data held within the EC_POINT and then frees its memory.
-
-EC_POINT_copy copies the point B<src> into B<dst>. Both B<src> and B<dst> must use the same EC_METHOD.
-
-EC_POINT_dup creates a new EC_POINT object and copies the content from B<src> to the newly created
-EC_POINT object.
-
-EC_POINT_method_of obtains the EC_METHOD associated with B<point>.
-
-A valid point on a curve is the special point at  infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity.
-
-The affine co-ordinates for a point describe a point in terms of its x and y position. The functions
-EC_POINT_set_affine_coordinates_GFp and EC_POINT_set_affine_coordinates_GF2m set the B<x> and B<y> co-ordinates for the point
-B<p> defined over the curve given in B<group>.
-
-As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian
-projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in
-this co-ordinate system provides more efficient point multiplication operations.
-A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective to affine co-ordinates is simple. The co-ordinate (x, y) is
-mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp and
-EC_POINT_get_Jprojective_coordinates_GFp respectively.
-
-Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is
-on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates_GFp
-and EC_POINT_set_compressed_coordinates_GF2m functions where B<x> is the x co-ordinate and B<y_bit> is a value 0 or 1 to identify which of
-the two possible values for y should be used.
-
-In addition EC_POINTs can be converted to and from various external representations. Supported representations are octet strings, BIGNUMs and hexadecimal. The format of the external representation is described by the point_conversion_form. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for
-a description of point_conversion_form. Octet strings are stored in a buffer along with an associated buffer length. A point held in a BIGNUM is calculated by converting the point to an octet string and then converting that octet string into a BIGNUM integer. Points in hexadecimal format are stored in a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).
-
-The functions EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex and EC_POINT_hex2point convert
-from and to EC_POINTs for the formats: octet string, BIGNUM and hexadecimal respectively.
-
-The function EC_POINT_point2oct must be supplied with a buffer long enough to store the octet string. The return value provides the number of
-octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.
-
-The function EC_POINT_point2hex will allocate sufficient memory to store the hexadecimal string. It is the caller's responsibility to free
-this memory with a subsequent call to free().
-
-=head1 RETURN VALUES
-
-EC_POINT_new and EC_POINT_dup return the newly allocated EC_POINT or NULL on error.
-
-The following functions return 1 on success or 0 on error: EC_POINT_copy, EC_POINT_set_to_infinity, EC_POINT_set_Jprojective_coordinates_GFp,
-EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp,
-EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m,
-EC_POINT_set_compressed_coordinates_GF2m and EC_POINT_oct2point.
-
-EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.
-
-EC_POINT_point2oct returns the length of the required buffer, or 0 on error.
-
-EC_POINT_point2bn returns the pointer to the BIGNUM supplied, or NULL on error.
-
-EC_POINT_bn2point returns the pointer to the EC_POINT supplied, or NULL on error.
-
-EC_POINT_point2hex returns a pointer to the hex string, or NULL on error.
-
-EC_POINT_hex2point returns the pointer to the EC_POINT supplied, or NULL on error.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR.pod b/lib/libssl/src/doc/crypto/ERR.pod
deleted file mode 100644
index 343a9b84c22..00000000000
--- a/lib/libssl/src/doc/crypto/ERR.pod
+++ /dev/null
@@ -1,185 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR - error codes
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
- unsigned long ERR_get_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
-
- int ERR_GET_LIB(unsigned long e);
- int ERR_GET_FUNC(unsigned long e);
- int ERR_GET_REASON(unsigned long e);
-
- void ERR_clear_error(void);
-
- char *ERR_error_string(unsigned long e, char *buf);
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- void ERR_remove_state(unsigned long pid);
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
-         int line);
- void ERR_add_error_data(int num, ...);
-
- void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
- unsigned long ERR_PACK(int lib, int func, int reason);
- int ERR_get_next_error_library(void);
-
-=head1 DESCRIPTION
-
-When a call to the OpenSSL library fails, this is usually signalled
-by the return value, and an error code is stored in an error queue
-associated with the current thread. The B<err> library provides
-functions to obtain these error codes and textual error messages.
-
-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
-access error codes.
-
-Error codes contain information about where the error occurred, and
-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
-extract this information. A method to obtain human-readable error
-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
-
-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
-error queue.
-
-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
-avoid memory leaks when threads are terminated.
-
-=head1 ADDING NEW ERROR CODES TO OPENSSL
-
-See L<ERR_put_error(3)> if you want to record error codes in the
-OpenSSL error system from within your application.
-
-The remainder of this section is of interest only if you want to add
-new error codes to OpenSSL or add error codes from external libraries.
-
-=head2 Reporting errors
-
-Each sub-library has a specific macro XXXerr() that is used to report
-errors. Its first argument is a function code B<XXX_F_...>, the second
-argument is a reason code B<XXX_R_...>. Function codes are derived
-from the function names; reason codes consist of textual error
-descriptions. For example, the function ssl23_read() reports a
-"handshake failure" as follows:
-
- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-
-Function and reason codes should consist of upper case characters,
-numbers and underscores only. The error file generation script translates
-function codes into function names by looking in the header files
-for an appropriate function name, if none is found it just uses
-the capitalized form such as "SSL23_READ" in the above example.
-
-The trailing section of a reason code (after the "_R_") is translated
-into lower case and underscores changed to spaces.
-
-When you are using new function or reason codes, run B<make errors>.
-The necessary B<#define>s will then automatically be added to the
-sub-library's header file.
-
-Although a library will normally report errors using its own specific
-XXXerr macro, another library's macro can be used. This is normally
-only done when a library wants to include ASN1 code which must use
-the ASN1err() macro.
-
-=head2 Adding new libraries
-
-When adding a new sub-library to OpenSSL, assign it a library number
-B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
-name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
-C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
-(in B<crypto/err/err_all.c>). Finally, add an entry
-
- L	XXX	xxx.h	xxx_err.c
-
-to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
-Running B<make errors> will then generate a file B<xxx_err.c>, and
-add all error codes used in the library to B<xxx.h>.
-
-Additionally the library include file must have a certain form.
-Typically it will initially look like this:
-
- #ifndef HEADER_XXX_H
- #define HEADER_XXX_H
-
- #ifdef __cplusplus
- extern "C" {
- #endif
-
- /* Include files */
-
- #include <openssl/bio.h>
- #include <openssl/x509.h>
-
- /* Macros, structures and function prototypes */
-
-
- /* BEGIN ERROR CODES */
-
-The B<BEGIN ERROR CODES> sequence is used by the error code
-generation script as the point to place new error codes, any text
-after this point will be overwritten when B<make errors> is run.
-The closing #endif etc will be automatically added by the script.
-
-The generated C error code file B<xxx_err.c> will load the header
-files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
-header file must load any additional header files containing any
-definitions it uses.
-
-=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
-
-It is also possible to use OpenSSL's error code scheme in external
-libraries. The library needs to load its own codes and call the OpenSSL
-error code insertion script B<mkerr.pl> explicitly to add codes to
-the header file and generate the C error code file. This will normally
-be done if the external library needs to generate new ASN1 structures
-but it can also be used to add more general purpose error code handling.
-
-=head1 INTERNALS
-
-The error queues are stored in a hash table with one B<ERR_STATE>
-entry for each pid. ERR_get_state() returns the current thread's
-B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
-codes. When more error codes are added, the old ones are overwritten,
-on the assumption that the most recent errors are most important.
-
-Error strings are also stored in hash table. The hash tables can
-be obtained by calling ERR_get_err_state_table(void) and
-ERR_get_string_table(void) respectively.
-
-=head1 SEE ALSO
-
-L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-L<ERR_clear_error(3)|ERR_clear_error(3)>,
-L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_print_errors(3)|ERR_print_errors(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<ERR_remove_state(3)|ERR_remove_state(3)>,
-L<ERR_put_error(3)|ERR_put_error(3)>,
-L<ERR_load_strings(3)|ERR_load_strings(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_GET_LIB.pod b/lib/libssl/src/doc/crypto/ERR_GET_LIB.pod
deleted file mode 100644
index 2a129da036c..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_GET_LIB.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
-reason code
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- int ERR_GET_LIB(unsigned long e);
-
- int ERR_GET_FUNC(unsigned long e);
-
- int ERR_GET_REASON(unsigned long e);
-
-=head1 DESCRIPTION
-
-The error code returned by ERR_get_error() consists of a library
-number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
-and ERR_GET_REASON() can be used to extract these.
-
-The library number and function code describe where the error
-occurred, the reason code is the information about what went wrong.
-
-Each sub-library of OpenSSL has a unique library number; function and
-reason codes are unique within each sub-library.  Note that different
-libraries may use the same value to signal different functions and
-reasons.
-
-B<ERR_R_...> reason codes such as B<ERR_R_MALLOC_FAILURE> are globally
-unique. However, when checking for sub-library specific reason codes,
-be sure to also compare the library number.
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
-
-=head1 RETURN VALUES
-
-The library number, function code and reason code respectively.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_clear_error.pod b/lib/libssl/src/doc/crypto/ERR_clear_error.pod
deleted file mode 100644
index 566e1f4e317..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_clear_error.pod
+++ /dev/null
@@ -1,29 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_clear_error - clear the error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_clear_error(void);
-
-=head1 DESCRIPTION
-
-ERR_clear_error() empties the current thread's error queue.
-
-=head1 RETURN VALUES
-
-ERR_clear_error() has no return value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_error_string.pod b/lib/libssl/src/doc/crypto/ERR_error_string.pod
deleted file mode 100644
index cdfa7fe1fe7..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_error_string.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
-ERR_func_error_string, ERR_reason_error_string - obtain human-readable
-error message
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- char *ERR_error_string(unsigned long e, char *buf);
- void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-
- const char *ERR_lib_error_string(unsigned long e);
- const char *ERR_func_error_string(unsigned long e);
- const char *ERR_reason_error_string(unsigned long e);
-
-=head1 DESCRIPTION
-
-ERR_error_string() generates a human-readable string representing the
-error code I<e>, and places it at I<buf>. I<buf> must be at least 120
-bytes long. If I<buf> is B<NULL>, the error string is placed in a
-static buffer.
-ERR_error_string_n() is a variant of ERR_error_string() that writes
-at most I<len> characters (including the terminating 0)
-and truncates the string if necessary.
-For ERR_error_string_n(), I<buf> may not be B<NULL>.
-
-The string will have the following format:
-
- error:[error code]:[library name]:[function name]:[reason string]
-
-I<error code> is an 8 digit hexadecimal number, I<library name>,
-I<function name> and I<reason string> are ASCII text.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the library name, function
-name and reason string respectively.
-
-The OpenSSL error strings should be loaded by calling
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
-applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-first.
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
-all error codes currently in the queue.
-
-=head1 RETURN VALUES
-
-ERR_error_string() returns a pointer to a static buffer containing the
-string if I<buf> B<== NULL>, I<buf> otherwise.
-
-ERR_lib_error_string(), ERR_func_error_string() and
-ERR_reason_error_string() return the strings, and B<NULL> if
-none is registered for the error code.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-L<ERR_print_errors(3)|ERR_print_errors(3)>
-
-=head1 HISTORY
-
-ERR_error_string() is available in all versions of SSLeay and OpenSSL.
-ERR_error_string_n() was added in OpenSSL 0.9.6.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_get_error.pod b/lib/libssl/src/doc/crypto/ERR_get_error.pod
deleted file mode 100644
index 460a79f3f62..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_get_error.pod
+++ /dev/null
@@ -1,79 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_get_error, ERR_peek_error, ERR_peek_last_error,
-ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line,
-ERR_get_error_line_data, ERR_peek_error_line_data,
-ERR_peek_last_error_line_data - obtain error code and data
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- unsigned long ERR_get_error(void);
- unsigned long ERR_peek_error(void);
- unsigned long ERR_peek_last_error(void);
-
- unsigned long ERR_get_error_line(const char **file, int *line);
- unsigned long ERR_peek_error_line(const char **file, int *line);
- unsigned long ERR_peek_last_error_line(const char **file, int *line);
-
- unsigned long ERR_get_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
- unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
-         const char **data, int *flags);
-
-=head1 DESCRIPTION
-
-ERR_get_error() returns the earliest error code from the thread's error
-queue and removes the entry. This function can be called repeatedly
-until there are no more error codes to return.
-
-ERR_peek_error() returns the earliest error code from the thread's
-error queue without modifying it.
-
-ERR_peek_last_error() returns the latest error code from the thread's
-error queue without modifying it.
-
-See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
-location and reason of the error, and
-L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
-messages.
-
-ERR_get_error_line(), ERR_peek_error_line() and
-ERR_peek_last_error_line() are the same as the above, but they
-additionally store the file name and line number where
-the error occurred in *B<file> and *B<line>, unless these are B<NULL>.
-
-ERR_get_error_line_data(), ERR_peek_error_line_data() and
-ERR_peek_last_error_line_data() store additional data and flags
-associated with the error code in *B<data>
-and *B<flags>, unless these are B<NULL>. *B<data> contains a string
-if *B<flags>&B<ERR_TXT_STRING> is true.
-
-An application B<MUST NOT> free the *B<data> pointer (or any other pointers
-returned by these functions) with free() as freeing is handled
-automatically by the error library.
-
-=head1 RETURN VALUES
-
-The error code, or 0 if there is no error in the queue.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
-
-=head1 HISTORY
-
-ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
-ERR_peek_error_line() are available in all versions of SSLeay and
-OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
-were added in SSLeay 0.9.0.
-ERR_peek_last_error(), ERR_peek_last_error_line() and
-ERR_peek_last_error_line_data() were added in OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_load_crypto_strings.pod b/lib/libssl/src/doc/crypto/ERR_load_crypto_strings.pod
deleted file mode 100644
index 9bdec75a463..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_load_crypto_strings.pod
+++ /dev/null
@@ -1,46 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings -
-load and free error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_crypto_strings(void);
- void ERR_free_strings(void);
-
- #include <openssl/ssl.h>
-
- void SSL_load_error_strings(void);
-
-=head1 DESCRIPTION
-
-ERR_load_crypto_strings() registers the error strings for all
-B<libcrypto> functions. SSL_load_error_strings() does the same,
-but also registers the B<libssl> error strings.
-
-One of these functions should be called before generating
-textual error messages. However, this is not required when memory
-usage is an issue.
-
-ERR_free_strings() frees all previously loaded error strings.
-
-=head1 RETURN VALUES
-
-ERR_load_crypto_strings(), SSL_load_error_strings() and
-ERR_free_strings() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings(), SSL_load_error_strings() and
-ERR_free_strings() are available in all versions of SSLeay and
-OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_load_strings.pod b/lib/libssl/src/doc/crypto/ERR_load_strings.pod
deleted file mode 100644
index e9c5cf0fc56..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_load_strings.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load
-arbitrary error strings
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
-
- int ERR_get_next_error_library(void);
-
- unsigned long ERR_PACK(int lib, int func, int reason);
-
-=head1 DESCRIPTION
-
-ERR_load_strings() registers error strings for library number B<lib>.
-
-B<str> is an array of error string data:
-
- typedef struct ERR_string_data_st
- {
-        unsigned long error;
-        char *string;
- } ERR_STRING_DATA;
-
-The error code is generated from the library number and a function and
-reason code: B<error> = ERR_PACK(B<lib>, B<func>, B<reason>).
-ERR_PACK() is a macro.
-
-The last entry in the array is {0,0}.
-
-ERR_get_next_error_library() can be used to assign library numbers
-to user libraries at runtime.
-
-=head1 RETURN VALUE
-
-ERR_PACK() return the error code.
-ERR_get_next_error_library() returns a new library number.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_load_error_strings() and ERR_PACK() are available in all versions
-of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
-SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_print_errors.pod b/lib/libssl/src/doc/crypto/ERR_print_errors.pod
deleted file mode 100644
index b100a5fa2b3..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_print_errors.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_print_errors, ERR_print_errors_fp - print error messages
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_print_errors(BIO *bp);
- void ERR_print_errors_fp(FILE *fp);
-
-=head1 DESCRIPTION
-
-ERR_print_errors() is a convenience function that prints the error
-strings for all errors that OpenSSL has recorded to B<bp>, thus
-emptying the error queue.
-
-ERR_print_errors_fp() is the same, except that the output goes to a
-B<FILE>.
-
-
-The error strings will have the following format:
-
- [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
-
-I<error code> is an 8 digit hexadecimal number. I<library name>,
-I<function name> and I<reason string> are ASCII text, as is I<optional
-text message> if one was set for the respective error code.
-
-If there is no text string registered for the given error code,
-the error string will contain the numeric code.
-
-=head1 RETURN VALUES
-
-ERR_print_errors() and ERR_print_errors_fp() return no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-
-=head1 HISTORY
-
-ERR_print_errors() and ERR_print_errors_fp()
-are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_put_error.pod b/lib/libssl/src/doc/crypto/ERR_put_error.pod
deleted file mode 100644
index acd241fbe47..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_put_error.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_put_error, ERR_add_error_data - record an error
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_put_error(int lib, int func, int reason, const char *file,
-         int line);
-
- void ERR_add_error_data(int num, ...);
-
-=head1 DESCRIPTION
-
-ERR_put_error() adds an error code to the thread's error queue. It
-signals that the error of reason code B<reason> occurred in function
-B<func> of library B<lib>, in line number B<line> of B<file>.
-This function is usually called by a macro.
-
-ERR_add_error_data() associates the concatenation of its B<num> string
-arguments with the error code added last.
-
-L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
-error strings so that the application can a generate human-readable
-error messages for the error code.
-
-=head1 RETURN VALUES
-
-ERR_put_error() and ERR_add_error_data() return
-no values.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
-
-=head1 HISTORY
-
-ERR_put_error() is available in all versions of SSLeay and OpenSSL.
-ERR_add_error_data() was added in SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_remove_state.pod b/lib/libssl/src/doc/crypto/ERR_remove_state.pod
deleted file mode 100644
index a4d38c17fd6..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_remove_state.pod
+++ /dev/null
@@ -1,45 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_remove_thread_state, ERR_remove_state - free a thread's error queue
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
-
-Deprecated:
-
- void ERR_remove_state(unsigned long pid);
-
-=head1 DESCRIPTION
-
-ERR_remove_thread_state() frees the error queue associated with thread B<tid>.
-If B<tid> == B<NULL>, the current thread will have its error queue removed.
-
-Since error queue data structures are allocated automatically for new
-threads, they must be freed when threads are terminated in order to
-avoid memory leaks.
-
-ERR_remove_state is deprecated and has been replaced by
-ERR_remove_thread_state. Since threads in OpenSSL are no longer identified
-by unsigned long values any argument to this function is ignored. Calling
-ERR_remove_state is equivalent to B<ERR_remove_thread_state(NULL)>.
-
-=head1 RETURN VALUE
-
-ERR_remove_thread_state and ERR_remove_state() return no value.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>
-
-=head1 HISTORY
-
-ERR_remove_state() is available in all versions of SSLeay and OpenSSL. It
-was deprecated in OpenSSL 1.0.0 when ERR_remove_thread_state was introduced
-and thread IDs were introduced to identify threads instead of 'unsigned long'. 
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ERR_set_mark.pod b/lib/libssl/src/doc/crypto/ERR_set_mark.pod
deleted file mode 100644
index d3ca4f2e770..00000000000
--- a/lib/libssl/src/doc/crypto/ERR_set_mark.pod
+++ /dev/null
@@ -1,38 +0,0 @@
-=pod
-
-=head1 NAME
-
-ERR_set_mark, ERR_pop_to_mark - set marks and pop errors until mark
-
-=head1 SYNOPSIS
-
- #include <openssl/err.h>
-
- int ERR_set_mark(void);
-
- int ERR_pop_to_mark(void);
-
-=head1 DESCRIPTION
-
-ERR_set_mark() sets a mark on the current topmost error record if there
-is one.
-
-ERR_pop_to_mark() will pop the top of the error stack until a mark is found.
-The mark is then removed.  If there is no mark, the whole stack is removed.
-
-=head1 RETURN VALUES
-
-ERR_set_mark() returns 0 if the error stack is empty, otherwise 1.
-
-ERR_pop_to_mark() returns 0 if there was no mark in the error stack, which
-implies that the stack became empty, otherwise 1.
-
-=head1 SEE ALSO
-
-L<err(3)|err(3)>
-
-=head1 HISTORY
-
-ERR_set_mark() and ERR_pop_to_mark() were added in OpenSSL 0.9.8.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod b/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod
deleted file mode 100644
index 2dffaa1efa2..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_BytesToKey.pod
+++ /dev/null
@@ -1,68 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_BytesToKey - password based encryption routine
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
-                       const unsigned char *salt,
-                       const unsigned char *data, int datal, int count,
-                       unsigned char *key,unsigned char *iv);
-
-=head1 DESCRIPTION
-
-EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
-the cipher to derive the key and IV for. B<md> is the message digest to use.
-The B<salt> parameter is used as a salt in the derivation: it should point to
-an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
-B<datal> bytes which is used to derive the keying data. B<count> is the
-iteration count to use. The derived key and IV will be written to B<key>
-and B<iv> respectively.
-
-=head1 NOTES
-
-A typical application of this function is to derive keying material for an
-encryption algorithm from a password in the B<data> parameter.
-
-Increasing the B<count> parameter slows down the algorithm which makes it
-harder for an attacker to perform a brute force attack using a large number
-of candidate passwords.
-
-If the total key and IV length is less than the digest length and
-B<MD5> is used then the derivation algorithm is compatible with PKCS#5 v1.5
-otherwise a non standard extension is used to derive the extra data.
-
-Newer applications should use more standard algorithms such as PBKDF2 as
-defined in PKCS#5v2.1 for key derivation.
-
-=head1 KEY DERIVATION ALGORITHM
-
-The key and IV is derived by concatenating D_1, D_2, etc until
-enough data is available for the key and IV. D_i is defined as:
-
-	D_i = HASH^count(D_(i-1) || data || salt)
-
-where || denotes concatenation, D_0 is empty, HASH is the digest
-algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
-is HASH(HASH(data)) and so on.
-
-The initial bytes are used for the key and the subsequent bytes for
-the IV.
-
-=head1 RETURN VALUES
-
-EVP_BytesToKey() returns the size of the derived key in bytes.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<PKCS5_PBKDF2_HMAC(3)|PKCS5_PBKDF2_HMAC(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
deleted file mode 100644
index c83dcc736fe..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_DigestInit.pod
+++ /dev/null
@@ -1,277 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
-EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
-EVP_MD_CTX_copy_ex, EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type,
-EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
-EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5,
-EVP_sha1, EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1,
-EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid,
-EVP_get_digestbyobj, EVP_DigestInit, EVP_DigestFinal - EVP digest routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
- EVP_MD_CTX *EVP_MD_CTX_create(void);
-
- int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
- int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
-        unsigned int *s);
-
- int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
- void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
-
- int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
-
- int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
- int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
-        unsigned int *s);
-
- int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
-
- #define EVP_MAX_MD_SIZE 64	/* SHA512 */
-
- int EVP_MD_type(const EVP_MD *md);
- int EVP_MD_pkey_type(const EVP_MD *md);
- int EVP_MD_size(const EVP_MD *md);
- int EVP_MD_block_size(const EVP_MD *md);
-
- const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
- #define EVP_MD_CTX_size(e)		EVP_MD_size(EVP_MD_CTX_md(e))
- #define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
- #define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
-
- const EVP_MD *EVP_md_null(void);
- const EVP_MD *EVP_md2(void);
- const EVP_MD *EVP_md5(void);
- const EVP_MD *EVP_sha1(void);
- const EVP_MD *EVP_dss(void);
- const EVP_MD *EVP_dss1(void);
- const EVP_MD *EVP_ripemd160(void);
-
- const EVP_MD *EVP_sha224(void);
- const EVP_MD *EVP_sha256(void);
- const EVP_MD *EVP_sha384(void);
- const EVP_MD *EVP_sha512(void);
-
- const EVP_MD *EVP_get_digestbyname(const char *name);
- #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
- #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
-
-=head1 DESCRIPTION
-
-The EVP digest routines are a high level interface to message digests.
-
-EVP_MD_CTX_init() initializes digest context B<ctx>.
-
-EVP_MD_CTX_create() allocates, initializes and returns a digest context.
-
-EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
-function. B<type> will typically be supplied by a function such as EVP_sha1().
-If B<impl> is NULL then the default implementation of digest B<type> is used.
-
-EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
-digest context B<ctx>. This function can be called several times on the
-same B<ctx> to hash additional data.
-
-EVP_DigestFinal_ex() retrieves the digest value from B<ctx> and places
-it in B<md>. If the B<s> parameter is not NULL then the number of
-bytes of data written (i.e. the length of the digest) will be written
-to the integer at B<s>, at most B<EVP_MAX_MD_SIZE> bytes will be written.
-After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate()
-can be made, but EVP_DigestInit_ex() can be called to initialize a new
-digest operation.
-
-EVP_MD_CTX_cleanup() cleans up digest context B<ctx>, it should be called
-after a digest context is no longer needed.
-
-EVP_MD_CTX_destroy() cleans up digest context B<ctx> and frees up the
-space allocated to it, it should be called only on a context created
-using EVP_MD_CTX_create().
-
-EVP_MD_CTX_copy_ex() can be used to copy the message digest state from
-B<in> to B<out>. This is useful if large amounts of data are to be
-hashed which only differ in the last few bytes. B<out> must be initialized
-before calling this function.
-
-EVP_DigestInit() behaves in the same way as EVP_DigestInit_ex() except
-the passed context B<ctx> does not have to be initialized, and it always
-uses the default digest implementation.
-
-EVP_DigestFinal() is similar to EVP_DigestFinal_ex() except the digest
-context B<ctx> is automatically cleaned up.
-
-EVP_MD_CTX_copy() is similar to EVP_MD_CTX_copy_ex() except the destination
-B<out> does not have to be initialized.
-
-EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest
-when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure, i.e. the size of the
-hash.
-
-EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the
-message digest when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure.
-
-EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER
-representing the given message digest when passed an B<EVP_MD> structure.
-For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
-normally used when setting ASN1 OIDs.
-
-EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
-B<EVP_MD_CTX>.
-
-EVP_MD_pkey_type() returns the NID of the public key signing algorithm
-associated with this digest. For example EVP_sha1() is associated with RSA so
-this will return B<NID_sha1WithRSAEncryption>. Since digests and signature
-algorithms are no longer linked this function is only retained for
-compatibility reasons.
-
-EVP_md2(), EVP_md5(), EVP_sha1(), EVP_sha224(), EVP_sha256(), EVP_sha384(),
-EVP_sha512() and EVP_ripemd160() return B<EVP_MD> structures for the MD2, MD5,
-SHA1, SHA224, SHA256, SHA384, SHA512 and RIPEMD160 digest algorithms
-respectively.
-
-EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA1 digest
-algorithms but using DSS (DSA) for the signature algorithm. Note: there is
-no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
-however retained for compatibility.
-
-EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
-returns is of zero length.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return an B<EVP_MD> structure when passed a digest name, a digest NID or
-an ASN1_OBJECT structure respectively. The digest table must be initialized
-using, for example, OpenSSL_add_all_digests() for these functions to work.
-
-=head1 RETURN VALUES
-
-EVP_DigestInit_ex(), EVP_DigestUpdate() and EVP_DigestFinal_ex() return 1 for
-success and 0 for failure.
-
-EVP_MD_CTX_copy_ex() returns 1 if successful or 0 for failure.
-
-EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
-corresponding OBJECT IDENTIFIER or NID_undef if none exists.
-
-EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
-EVP_MD_CTX_block_size() return the digest or block size in bytes.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(), EVP_dss(),
-EVP_dss1() and EVP_ripemd160() return pointers to the
-corresponding EVP_MD structures.
-
-EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
-return either an B<EVP_MD> structure or NULL if an error occurs.
-
-=head1 NOTES
-
-The B<EVP> interface to message digests should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the digest used and much more flexible.
-
-New applications should use the SHA2 digest algorithms such as SHA256.
-The other digest algorithms are still in common use.
-
-For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
-set to NULL to use the default digest implementation.
-
-The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
-obsolete but are retained to maintain compatibility with existing code. New
-applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
-EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
-instead of initializing and cleaning it up on each call and allow non default
-implementations of digests to be specified.
-
-In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
-memory leaks will occur.
-
-Stack allocation of EVP_MD_CTX structures is common, for example:
-
- EVP_MD_CTX mctx;
- EVP_MD_CTX_init(&mctx);
-
-This will cause binary compatibility issues if the size of EVP_MD_CTX
-structure changes (this will only happen with a major release of OpenSSL).
-Applications wishing to avoid this should use EVP_MD_CTX_create() instead:
-
- EVP_MD_CTX *mctx;
- mctx = EVP_MD_CTX_create();
-
-
-=head1 EXAMPLE
-
-This example digests the data "Test Message\n" and "Hello World\n", using the
-digest name passed on the command line.
-
- #include <stdio.h>
- #include <openssl/evp.h>
-
- int
- main(int argc, char *argv[])
- {
-	EVP_MD_CTX *mdctx;
-	const EVP_MD *md;
-	const char mess1[] = "Test Message\n";
-	const char mess2[] = "Hello World\n";
-	unsigned char md_value[EVP_MAX_MD_SIZE];
-	int md_len, i;
-
-	OpenSSL_add_all_digests();
-
-	if (argc <= 1) {
-		printf("Usage: mdtest digestname\n");
-		exit(1);
-	}
-
-	md = EVP_get_digestbyname(argv[1]);
-	if (md == NULL) {
-		printf("Unknown message digest %s\n", argv[1]);
-		exit(1);
-	}
-
-	mdctx = EVP_MD_CTX_create();
-	EVP_DigestInit_ex(mdctx, md, NULL);
-	EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
-	EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
-	EVP_DigestFinal_ex(mdctx, md_value, &md_len);
-	EVP_MD_CTX_destroy(mdctx);
-
-	printf("Digest is: ");
-	for(i = 0; i < md_len; i++)
-		printf("%02x", md_value[i]);
-	printf("\n");
- }
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
-EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
-and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
-
-EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha1(),
-EVP_dss(), EVP_dss1() and EVP_ripemd160() were
-changed to return truely const EVP_MD * in OpenSSL 0.9.7.
-
-The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
-later, so now EVP_sha1() can be used with RSA and DSA, there is no need to
-use EVP_dss1() any more.
-
-OpenSSL 1.0 and later does not include the MD2 digest algorithm in the
-default configuration due to its security weaknesses.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod
deleted file mode 100644
index 00205d2ae98..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_DigestSignInit.pod
+++ /dev/null
@@ -1,85 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing
-functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
- int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
-
-=head1 DESCRIPTION
-
-The EVP signature routines are a high level interface to digital signatures.
-
-EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
-ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
-EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
-EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
-be used to set alternative signing options.
-
-EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
-signature context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data. This function is currently implemented
-using a macro.
-
-EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
-If B<sig> is B<NULL> then the maximum size of the output buffer is written to
-the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
-B<siglen> parameter should contain the length of the B<sig> buffer, if the
-call is successful the signature is written to B<sig> and the amount of data
-written to B<siglen>.
-
-=head1 RETURN VALUES
-
-EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
-1 for success and 0 or a negative value for failure. In particular a return
-value of -2 indicates the operation is not supported by the public key
-algorithm.
-
-The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-In previous versions of OpenSSL there was a link between message digest types
-and public key algorithms. This meant that "clone" digests such as EVP_dss1()
-needed to be used to sign using SHA1 and DSA. This is no longer necessary and
-the use of clone digest is now discouraged.
-
-The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
-context. This means that calls to EVP_DigestSignUpdate() and
-EVP_DigestSignFinal() can be called later to digest and sign additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-The use of EVP_PKEY_size() with these functions is discouraged because some
-signature operations may have a signature length which depends on the
-parameters set. As a result EVP_PKEY_size() would have to return a value
-which indicates the maximum possible signature for any set of parameters.
-
-=head1 SEE ALSO
-
-L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
-were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod
deleted file mode 100644
index 5dcfec1837b..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_DigestVerifyInit.pod
+++ /dev/null
@@ -1,80 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP
-signature verification functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
-			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
- int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
-
-=head1 DESCRIPTION
-
-The EVP signature routines are a high level interface to digital signatures.
-
-EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
-B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
-with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
-EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
-can be used to set alternative verification options.
-
-EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
-verification context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data. This function is currently implemented
-using a macro.
-
-EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
-B<sig> of length B<siglen>.
-
-=head1 RETURN VALUES
-
-EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2 indicates
-the operation is not supported by the public key algorithm.
-
-Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
-indicates that the signature did not verify successfully (that is tbs did
-not match the original data or the signature was of invalid form) it is not an
-indication of a more serious error.
-
-The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-In previous versions of OpenSSL there was a link between message digest types
-and public key algorithms. This meant that "clone" digests such as EVP_dss1()
-needed to be used to sign using SHA1 and DSA. This is no longer necessary and
-the use of clone digest is now discouraged.
-
-The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
-context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
-be called later to digest and verify additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-=head1 SEE ALSO
-
-L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
-were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod b/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
deleted file mode 100644
index 02d02ba5f57..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_EncryptInit.pod
+++ /dev/null
@@ -1,548 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_CIPHER_CTX_init, EVP_EncryptInit_ex, EVP_EncryptUpdate,
-EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate,
-EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate,
-EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length,
-EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX_cleanup, EVP_EncryptInit,
-EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal,
-EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname,
-EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid,
-EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length,
-EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher,
-EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length,
-EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data,
-EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags,
-EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param,
-EVP_CIPHER_CTX_set_padding,  EVP_enc_null, EVP_des_cbc, EVP_des_ecb,
-EVP_des_cfb, EVP_des_ofb, EVP_des_ede_cbc, EVP_des_ede, EVP_des_ede_ofb,
-EVP_des_ede_cfb, EVP_des_ede3_cbc, EVP_des_ede3, EVP_des_ede3_ofb,
-EVP_des_ede3_cfb, EVP_desx_cbc, EVP_rc4, EVP_rc4_40, EVP_idea_cbc,
-EVP_idea_ecb, EVP_idea_cfb, EVP_idea_ofb, EVP_idea_cbc, EVP_rc2_cbc,
-EVP_rc2_ecb, EVP_rc2_cfb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc,
-EVP_bf_cbc, EVP_bf_ecb, EVP_bf_cfb, EVP_bf_ofb, EVP_cast5_cbc,
-EVP_cast5_ecb, EVP_cast5_cfb, EVP_cast5_ofb, 
-EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ccm,
-EVP_aes_192_ccm, EVP_aes_256_ccm, EVP_rc5_32_12_16_cbc,
-EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_ofb
-- EVP cipher routines
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
-
- int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
- int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
- int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-	 ENGINE *impl, unsigned char *key, unsigned char *iv);
- int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);
- int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
- int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
- int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv);
- int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-         unsigned char *key, unsigned char *iv, int enc);
- int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
-         int *outl);
-
- int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
- int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
- int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
- int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
-
- const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
- #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
- #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
-
- #define EVP_CIPHER_nid(e)		((e)->nid)
- #define EVP_CIPHER_block_size(e)	((e)->block_size)
- #define EVP_CIPHER_key_length(e)	((e)->key_len)
- #define EVP_CIPHER_iv_length(e)		((e)->iv_len)
- #define EVP_CIPHER_flags(e)		((e)->flags)
- #define EVP_CIPHER_mode(e)		((e)->flags) & EVP_CIPH_MODE)
- int EVP_CIPHER_type(const EVP_CIPHER *ctx);
-
- #define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
- #define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
- #define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
- #define EVP_CIPHER_CTX_key_length(e)	((e)->key_len)
- #define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
- #define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
- #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
- #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
- #define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
- #define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
-
- int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
- int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
-
-=head1 DESCRIPTION
-
-The EVP cipher routines are a high level interface to certain
-symmetric ciphers.
-
-EVP_CIPHER_CTX_init() initializes cipher context B<ctx>.
-
-EVP_EncryptInit_ex() sets up cipher context B<ctx> for encryption
-with cipher B<type> from ENGINE B<impl>. B<ctx> must be initialized
-before calling this function. B<type> is normally supplied
-by a function such as EVP_aes_256_cbc(). If B<impl> is NULL then the
-default implementation is used. B<key> is the symmetric key to use
-and B<iv> is the IV to use (if necessary), the actual number of bytes
-used for the key and IV depends on the cipher. It is possible to set
-all parameters to NULL except B<type> in an initial call and supply
-the remaining parameters in subsequent calls, all of which have B<type>
-set to NULL. This is done when the default cipher parameters are not
-appropriate.
-
-EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
-writes the encrypted version to B<out>. This function can be called
-multiple times to encrypt successive blocks of data. The amount
-of data written depends on the block alignment of the encrypted data:
-as a result the amount of data written may be anything from zero bytes
-to (inl + cipher_block_size - 1) so B<outl> should contain sufficient
-room. The actual number of bytes written is placed in B<outl>.
-
-If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts
-the "final" data, that is any data that remains in a partial block.
-It uses L<standard block padding|/NOTES> (aka PKCS padding). The encrypted
-final data is written to B<out> which should have sufficient space for
-one cipher block. The number of bytes written is placed in B<outl>. After
-this function is called the encryption operation is finished and no further
-calls to EVP_EncryptUpdate() should be made.
-
-If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more
-data and it will return an error if any data remains in a partial block:
-that is if the total data length is not a multiple of the block size.
-
-EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the
-corresponding decryption operations. EVP_DecryptFinal() will return an
-error code if padding is enabled and the final block is not correctly
-formatted. The parameters and restrictions are identical to the encryption
-operations except that if padding is enabled the decrypted data buffer B<out>
-passed to EVP_DecryptUpdate() should have sufficient room for
-(B<inl> + cipher_block_size) bytes unless the cipher block size is 1 in
-which case B<inl> bytes is sufficient.
-
-EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are
-functions that can be used for decryption or encryption. The operation
-performed depends on the value of the B<enc> parameter. It should be set
-to 1 for encryption, 0 for decryption and -1 to leave the value unchanged
-(the actual value of 'enc' being supplied in a previous call).
-
-EVP_CIPHER_CTX_cleanup() clears all information from a cipher context
-and free up any allocated memory associate with it. It should be called
-after all operations using a cipher are complete so sensitive information
-does not remain in memory.
-
-EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a
-similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex and
-EVP_CipherInit_ex() except the B<ctx> parameter does not need to be
-initialized and they always use the default cipher implementation.
-
-EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are
-identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and
-EVP_CipherFinal_ex(). In previous releases they also used to clean up
-the B<ctx>, but this is no longer done and EVP_CIPHER_CTX_clean()
-must be called to free any context resources.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an EVP_CIPHER structure when passed a cipher name, a NID or an
-ASN1_OBJECT structure.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when
-passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX> structure.  The actual NID
-value is an internal value which may not have a corresponding OBJECT
-IDENTIFIER.
-
-EVP_CIPHER_CTX_set_padding() enables or disables padding. By default
-encryption operations are padded using standard block padding and the
-padding is checked and removed when decrypting. If the B<pad> parameter
-is zero then no padding is performed, the total amount of data encrypted
-or decrypted must then be a multiple of the block size or an error will
-occur.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_KEY_LENGTH> is the maximum key length
-for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a
-given cipher, the value of EVP_CIPHER_CTX_key_length() may be different
-for variable key length ciphers.
-
-EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx.
-If the cipher is a fixed length cipher then attempting to set the key
-length to any value other than the fixed value is an error.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>.
-It will return zero if the cipher does not use an IV.  The constant
-B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
-structure. The constant B<EVP_MAX_IV_LENGTH> is also the maximum block
-length for all ciphers.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
-cipher or context. This "type" is the actual NID of the cipher OBJECT
-IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
-128 bit RC2 have the same NID. If the cipher does not have an object
-identifier or does not have ASN1 support this function will return
-B<NID_undef>.
-
-EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
-an B<EVP_CIPHER_CTX> structure.
-
-EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode:
-EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or
-EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then
-EVP_CIPH_STREAM_CIPHER is returned.
-
-EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based
-on the passed cipher. This will typically include any parameters and an
-IV. The cipher IV (if any) must be set when this call is made. This call
-should be made before the cipher is actually "used" (before any
-EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function
-may fail if the cipher does not have any ASN1 support.
-
-EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1
-AlgorithmIdentifier "parameter". The precise effect depends on the cipher
-In the case of RC2, for example, it will set the IV and effective key length.
-This function should be called after the base cipher type is set but before
-the key is set. For example EVP_CipherInit() will be called with the IV and
-key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally
-EVP_CipherInit() again with all parameters except the key set to NULL. It is
-possible for this function to fail if the cipher does not have any ASN1 support
-or the parameters cannot be set (for example the RC2 effective key length
-is not supported.
-
-EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined
-and set. Currently only the RC2 effective key length and the number of rounds of
-RC5 can be set.
-
-=head1 RETURN VALUES
-
-EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex()
-return 1 for success and 0 for failure.
-
-EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for
-failure.  EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for
-success.
-
-EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for
-failure.  EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for
-success.
-
-EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
-
-EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
-return an B<EVP_CIPHER> structure or NULL on error.
-
-EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.
-
-EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
-size.
-
-EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
-length.
-
-EVP_CIPHER_CTX_set_padding() always returns 1.
-
-EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
-length or zero if the cipher does not use an IV.
-
-EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
-OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
-
-EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
-
-EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for
-success or zero for failure.
-
-=head1 CIPHER LISTING
-
-All algorithms have a fixed key length unless otherwise stated.
-
-=over 4
-
-=item EVP_enc_null(void)
-
-Null cipher: does nothing.
-
-=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(void), EVP_aes_128_cfb(void), EVP_aes_128_ofb(void)
-
-128-bit AES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(void), EVP_aes_192_cfb(void), EVP_aes_192_ofb(void)
-
-192-bit AES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(void), EVP_aes_256_cfb(void), EVP_aes_256_ofb(void)
-
-256-bit AES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
-
-DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void),
-EVP_des_ede_cfb(void)
-
-Two key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void),
-EVP_des_ede3_cfb(void)
-
-Three key triple DES in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_desx_cbc(void)
-
-DESX algorithm in CBC mode.
-
-=item EVP_rc4(void)
-
-RC4 stream cipher. This is a variable key length cipher with default key length
-128 bits.
-
-=item EVP_rc4_40(void)
-
-RC4 stream cipher with 40 bit key length. This is obsolete and new code should
-use EVP_rc4() and the EVP_CIPHER_CTX_set_key_length() function.
-
-=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void),
-EVP_idea_ofb(void), EVP_idea_cbc(void)
-
-IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
-
-=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)
-
-RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a
-variable key length cipher with an additional parameter called "effective key
-bits" or "effective key length".  By default both are set to 128 bits.
-
-=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)
-
-RC2 algorithm in CBC mode with a default key length and effective key length of
-40 and 64 bits.  These are obsolete and new code should use EVP_rc2_cbc(),
-EVP_CIPHER_CTX_set_key_length() and EVP_CIPHER_CTX_ctrl() to set the key length
-and effective key length.
-
-=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);
-
-Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This
-is a variable key length cipher.
-
-=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void),
-EVP_cast5_ofb(void)
-
-CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is
-a variable key length cipher.
-
-=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void),
-EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)
-
-RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a
-variable key length cipher with an additional "number of rounds" parameter. By
-default the key length is set to 128 bits and 12 rounds.
-
-=back
-
-=head1 NOTES
-
-Where possible the B<EVP> interface to symmetric ciphers should be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the cipher used and much more flexible.
-
-PKCS padding works by adding B<n> padding bytes of value B<n> to make the total
-length of the encrypted data a multiple of the block size. Padding is always
-added so if the data is already a multiple of the block size B<n> will equal
-the block size. For example if the block size is 8 and 11 bytes are to be
-encrypted then 5 padding bytes of value 5 will be added.
-
-When decrypting the final block is checked to see if it has the correct form.
-
-Although the decryption operation can produce an error if padding is enabled,
-it is not a strong test that the input data or key is correct. A random block
-has better than 1 in 256 chance of being of the correct format and problems with
-the input data earlier on will not produce a final decrypt error.
-
-If padding is disabled then the decryption operation will always succeed if
-the total amount of data decrypted is a multiple of the block size.
-
-The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(),
-EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for
-compatibility with existing code. New code should use EVP_EncryptInit_ex(),
-EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(),
-EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an
-existing context without allocating and freeing it up on each call.
-
-=head1 BUGS
-
-For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is
-a limitation of the current RC5 code rather than the EVP interface.
-
-EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
-default key lengths. If custom ciphers exceed these values the results are
-unpredictable. This is because it has become standard practice to define a
-generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
-
-The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
-for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
-
-=head1 EXAMPLES
-
-Get the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &nrounds);
-
-Get the RC2 effective key length:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &key_bits);
-
-Set the number of rounds used in RC5:
-
- int nrounds;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, nrounds, NULL);
-
-Set the effective key length used in RC2:
-
- int key_bits;
- EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
-
-Encrypt a string using blowfish:
-
- int
- do_crypt(char *outfile)
- {
-	unsigned char outbuf[1024];
-	int outlen, tmplen;
-	/*
-	 * Bogus key and IV: we'd normally set these from
-	 * another source.
-	 */
-	unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
-	unsigned char iv[] = {1,2,3,4,5,6,7,8};
-	const char intext[] = "Some Crypto Text";
-	EVP_CIPHER_CTX ctx;
-	FILE *out;
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv);
-
-	if (!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext,
-	    strlen(intext))) {
-		/* Error */
-		return 0;
-	}
-	/*
-	 * Buffer passed to EVP_EncryptFinal() must be after data just
-	 * encrypted to avoid overwriting it.
-	 */
-	if (!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen)) {
-		/* Error */
-		return 0;
-	}
-	outlen += tmplen;
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	/*
-	 * Need binary mode for fopen because encrypted data is
-	 * binary data. Also cannot use strlen() on it because
-	 * it won't be NUL terminated and may contain embedded
-	 * NULs.
-	 */
-	out = fopen(outfile, "wb");
-	fwrite(outbuf, 1, outlen, out);
-	fclose(out);
-	return 1;
- }
-
-The ciphertext from the above example can be decrypted using the B<openssl>
-utility with the command line:
-
- S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
-
-General encryption, decryption function example using FILE I/O and RC2 with an
-80 bit key:
-
- int
- do_crypt(FILE *in, FILE *out, int do_encrypt)
- {
-	/* Allow enough space in output buffer for additional block */
-	inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
-	int inlen, outlen;
-	/*
-	 * Bogus key and IV: we'd normally set these from
-	 * another source.
-	 */
-	unsigned char key[] = "0123456789";
-	unsigned char iv[] = "12345678";
-
-	/* Don't set key or IV because we will modify the parameters */
-	EVP_CIPHER_CTX_init(&ctx);
-	EVP_CipherInit_ex(&ctx, EVP_rc2(), NULL, NULL, NULL, do_encrypt);
-	EVP_CIPHER_CTX_set_key_length(&ctx, 10);
-	/* We finished modifying parameters so now we can set key and IV */
-	EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
-
-	for(;;) {
-		inlen = fread(inbuf, 1, 1024, in);
-		if (inlen <= 0)
-			break;
-		if (!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf,
-		    inlen)) {
-			/* Error */
-			EVP_CIPHER_CTX_cleanup(&ctx);
-			return 0;
-		}
-		fwrite(outbuf, 1, outlen, out);
-	}
-	if (!EVP_CipherFinal_ex(&ctx, outbuf, &outlen)) {
-		/* Error */
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		return 0;
-	}
-	fwrite(outbuf, 1, outlen, out);
-
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	return 1;
- }
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>
-
-=head1 HISTORY
-
-EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(),
-EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(),
-EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
-OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_OpenInit.pod b/lib/libssl/src/doc/crypto/EVP_OpenInit.pod
deleted file mode 100644
index 0242f66715a..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_OpenInit.pod
+++ /dev/null
@@ -1,61 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
-		int ekl,unsigned char *iv,EVP_PKEY *priv);
- int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-decryption. They decrypt a public key encrypted symmetric key and
-then decrypt data using it.
-
-EVP_OpenInit() initializes a cipher context B<ctx> for decryption
-with cipher B<type>. It decrypts the encrypted symmetric key of length
-B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
-The IV is supplied in the B<iv> parameter.
-
-EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
-as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
-
-=head1 NOTES
-
-It is possible to call EVP_OpenInit() twice in the same way as
-EVP_DecryptInit(). The first call should have B<priv> set to NULL
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-If the cipher passed in the B<type> parameter is a variable length
-cipher then the key length will be set to the value of the recovered
-key length. If the cipher is a fixed length cipher then the recovered
-key length must match the fixed cipher length.
-
-=head1 RETURN VALUES
-
-EVP_OpenInit() returns 0 on error or a non zero integer (actually the
-recovered secret key size) if successful.
-
-EVP_OpenUpdate() returns 1 for success or 0 for failure.
-
-EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_ctrl.pod
deleted file mode 100644
index e8776e1e678..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_ctrl.pod
+++ /dev/null
@@ -1,135 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_get_default_digest_nid,
-EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_set_rsa_padding,
-EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_rsa_keygen_bits,
-EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_dsa_paramgen_bits,
-EVP_PKEY_CTX_set_dh_paramgen_prime_len,
-EVP_PKEY_CTX_set_dh_paramgen_generator,
-EVP_PKEY_CTX_set_ec_paramgen_curve_nid - algorithm specific control operations
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
-				int cmd, int p1, void *p2);
- int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
-						const char *value);
-
- int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
-
- #include <openssl/rsa.h>
-
- int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
-
- int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
- int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
- int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
- int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
-
- #include <openssl/dsa.h>
- int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
-
- #include <openssl/dh.h>
- int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
- int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
-
- #include <openssl/ec.h>
- int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
-
-=head1 DESCRIPTION
-
-The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
-B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
-B<optype> is a mask indicating which operations the control can be applied to.
-The control command is indicated in B<cmd> and any additional arguments in
-B<p1> and B<p2>.
-
-Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
-instead call one of the algorithm specific macros below.
-
-The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm
-specific control operation to a context B<ctx> in string form. This is
-intended to be used for options specified on the command line or in text
-files. The commands supported are documented in the openssl utility
-command line pages for the option B<-pkeyopt> which is supported by the
-B<pkeyutl>, B<genpkey> and B<req> commands.
-
-All the remaining "functions" are implemented as macros.
-
-The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
-in a signature. It can be used with any public key algorithm supporting
-signature operations.
-
-The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
-The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
-RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
-RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
-RSA_X931_PADDING for X9.31 padding (signature operations only) and
-RSA_PKCS1_PSS_PADDING (sign and verify only).
-
-Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() is
-used. If this macro is called for PKCS#1 padding the plaintext buffer is an
-actual digest value and is encapsulated in a DigestInfo structure according to
-PKCS#1 when signing and this structure is expected (and stripped off) when
-verifying. If this control is not used with RSA and PKCS#1 padding then the
-supplied data is used directly and not encapsulated. In the case of X9.31
-padding for RSA the algorithm identifier byte is added or checked and removed
-if this control is called. If it is not called then the first byte of the
-plaintext buffer is expected to be the algorithm identifier byte.
-
-The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
-B<len> as its name implies it is only supported for PSS padding.  Two special
-values are supported: -1 sets the salt length to the digest length. When
-signing -2 sets the salt length to the maximum permissible value. When
-verifying -2 causes the salt length to be automatically determined based on the
-B<PSS> block structure. If this macro is not called a salt length value of -2
-is used by default.
-
-The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for
-RSA key generation to B<bits>. If not specified 1024 bits is used.
-
-The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
-for RSA key generation to B<pubexp> currently it should be an odd integer. The
-B<pubexp> pointer is used internally by this function so it should not be
-modified or free after the call. If this macro is not called then 65537 is used.
-
-The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
-for DSA parameter generation to B<bits>. If not specified 1024 is used.
-
-The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
-prime parameter B<p> for DH parameter generation. If this macro is not called
-then 1024 is used.
-
-The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
-for DH parameter generation. If not specified 2 is used.
-
-The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
-generation to B<nid>. For EC parameter generation this macro must be called
-or an error occurs because there is no default curve.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_new.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_new.pod
deleted file mode 100644
index 60ad61e8534..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_CTX_new.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free -
-public key algorithm context functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
- EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
- EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
- void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_CTX_new() function allocates public key algorithm context using
-the algorithm specified in B<pkey> and ENGINE B<e>.
-
-The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
-using the algorithm specified by B<id> and ENGINE B<e>. It is normally used
-when no B<EVP_PKEY> structure is associated with the operations, for example
-during parameter generation of key generation for some algorithms.
-
-EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
-
-EVP_PKEY_CTX_free() frees up the context B<ctx>.
-
-=head1 NOTES
-
-The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
-by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
-threads: that is it is not permissible to use the same context simultaneously
-in two threads.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
-the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.
-
-EVP_PKEY_CTX_free() does not return a value.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_cmp.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_cmp.pod
deleted file mode 100644
index 7a690247bfc..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_cmp.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters,
-EVP_PKEY_cmp - public key parameter and comparison functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
- int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
-
- int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
- int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
-
-=head1 DESCRIPTION
-
-The function EVP_PKEY_missing_parameters() returns 1 if the public key
-parameters of B<pkey> are missing and 0 if they are present or the algorithm
-doesn't use parameters.
-
-The function EVP_PKEY_copy_parameters() copies the parameters from key
-B<from> to key B<to>.
-
-The function EVP_PKEY_cmp_parameters() compares the parameters of keys
-B<a> and B<b>.
-
-The function EVP_PKEY_cmp() compares the public key components and parameters
-(if present) of keys B<a> and B<b>.
-
-=head1 NOTES
-
-The main purpose of the functions EVP_PKEY_missing_parameters() and
-EVP_PKEY_copy_parameters() is to handle public keys in certificates where the
-parameters are sometimes omitted from a public key if they are inherited from
-the CA that signed it.
-
-Since OpenSSL private keys contain public key components too the function
-EVP_PKEY_cmp() can also be used to determine if a private key matches
-a public key.
-
-=head1 RETURN VALUES
-
-The function EVP_PKEY_missing_parameters() returns 1 if the public key
-parameters of B<pkey> are missing and 0 if they are present or the algorithm
-doesn't use parameters.
-
-These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for
-failure.
-
-The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
-keys match, 0 if they don't match, -1 if the key types are different and
--2 if the operation is not supported.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_decrypt.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_decrypt.pod
deleted file mode 100644
index a64ef12866c..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_decrypt.pod
+++ /dev/null
@@ -1,93 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, size_t *outlen,
-			const unsigned char *in, size_t inlen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_decrypt_init() function initializes a public key algorithm
-context using key B<pkey> for a decryption operation.
-
-The EVP_PKEY_decrypt() function performs a public key decryption operation
-using B<ctx>. The data to be decrypted is specified using the B<in> and
-B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
-buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
-before the call the B<outlen> parameter should contain the length of the
-B<out> buffer, if the call is successful the decrypted data is written to
-B<out> and the amount of data written to B<outlen>.
-
-=head1 NOTES
-
-After the call to EVP_PKEY_decrypt_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_decrypt() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 EXAMPLE
-
-Decrypt data using OAEP (for RSA keys):
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *out, *in;
- size_t outlen, inlen;
- EVP_PKEY *key;
- /* NB: assumes key in, inlen are already set up
-  * and that key is an RSA private key
-  */
- ctx = EVP_PKEY_CTX_new(key);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_decrypt_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0)
-	/* Error */
-
- /* Determine buffer length */
- if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
-	/* Error */
-
- out = malloc(outlen);
-
- if (!out)
-	/* malloc failure */
-
- if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
-	/* Error */
-
- /* Decrypted data is outlen bytes written to buffer out */
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_derive.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_derive.pod
deleted file mode 100644
index 09654e1b81d..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_derive.pod
+++ /dev/null
@@ -1,94 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public
-key algorithm shared secret.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
- int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_derive_init() function initializes a public key algorithm
-context using key B<pkey> for shared secret derivation.
-
-The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
-be a public key.
-
-The EVP_PKEY_derive() derives a shared secret using B<ctx>.
-If B<key> is B<NULL> then the maximum size of the output buffer is written to
-the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
-B<keylen> parameter should contain the length of the B<key> buffer, if the call
-is successful the shared secret is written to B<key> and the amount of data
-written to B<keylen>.
-
-=head1 NOTES
-
-After the call to EVP_PKEY_derive_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_derive() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 EXAMPLE
-
-Derive shared secret (for example DH or EC keys):
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *skey;
- size_t skeylen;
- EVP_PKEY *pkey, *peerkey;
- /* NB: assumes pkey, peerkey have been already set up */
-
- ctx = EVP_PKEY_CTX_new(pkey);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_derive_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
-	/* Error */
-
- /* Determine buffer length */
- if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
-	/* Error */
-
- skey = malloc(skeylen);
-
- if (!skey)
-	/* malloc failure */
-
- if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
-	/* Error */
-
- /* Shared secret is skey bytes written to buffer skey */
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_encrypt.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_encrypt.pod
deleted file mode 100644
index b3ca123df09..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_encrypt.pod
+++ /dev/null
@@ -1,93 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
-			unsigned char *out, size_t *outlen,
-			const unsigned char *in, size_t inlen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_encrypt_init() function initializes a public key algorithm
-context using key B<pkey> for an encryption operation.
-
-The EVP_PKEY_encrypt() function performs a public key encryption operation
-using B<ctx>. The data to be encrypted is specified using the B<in> and
-B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
-buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
-before the call the B<outlen> parameter should contain the length of the
-B<out> buffer, if the call is successful the encrypted data is written to
-B<out> and the amount of data written to B<outlen>.
-
-=head1 NOTES
-
-After the call to EVP_PKEY_encrypt_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_encrypt() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 EXAMPLE
-
-Encrypt data using OAEP (for RSA keys):
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *out, *in;
- size_t outlen, inlen;
- EVP_PKEY *key;
- /* NB: assumes key in, inlen are already set up
-  * and that key is an RSA public key
-  */
- ctx = EVP_PKEY_CTX_new(key);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_encrypt_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING) <= 0)
-	/* Error */
-
- /* Determine buffer length */
- if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
-	/* Error */
-
- out = malloc(outlen);
-
- if (!out)
-	/* malloc failure */
-
- if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
-	/* Error */
-
- /* Encrypted data is outlen bytes written to buffer out */
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_get_default_digest.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_get_default_digest.pod
deleted file mode 100644
index 8ff597d44ad..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_get_default_digest.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_get_default_digest_nid - get default signature digest
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
- int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_get_default_digest_nid() function sets B<pnid> to the default
-message digest NID for the public key signature operations associated with key
-B<pkey>.
-
-=head1 NOTES
-
-For all current standard OpenSSL public key algorithms SHA1 is returned.
-
-=head1 RETURN VALUES
-
-The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest
-is advisory (that is other digests can be used) and 2 if it is mandatory (other
-digests can not be used).  It returns 0 or a negative value for failure. In
-particular a return value of -2 indicates the operation is not supported by the
-public key algorithm.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-
-=head1 HISTORY
-
-This function was first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_keygen.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_keygen.pod
deleted file mode 100644
index adcf3560e0a..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_keygen.pod
+++ /dev/null
@@ -1,170 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init,
-EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb,
-EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data,
-EVP_PKEY_CTX_get_app_data - key and parameter generation functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
- int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
-
- typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
-
- void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
- EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
-
- int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
-
- void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
- void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_keygen_init() function initializes a public key algorithm
-context using key B<pkey> for a key generation operation.
-
-The EVP_PKEY_keygen() function performs a key generation operation, the
-generated key is written to B<ppkey>.
-
-The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
-except parameters are generated.
-
-The function EVP_PKEY_set_cb() sets the key or parameter generation callback
-to B<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter
-generation callback.
-
-The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated
-with the generation operation. If B<idx> is -1 the total number of
-parameters available is returned. Any non negative value returns the value of
-that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
-B<idx> should only be called within the generation callback.
-
-If the callback returns 0 then the key generation operation is aborted and an
-error occurs. This might occur during a time consuming operation where
-a user clicks on a "cancel" button.
-
-The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set
-and retrieve an opaque pointer. This can be used to set some application
-defined value which can be retrieved in the callback: for example a handle
-which is used to update a "progress dialog".
-
-=head1 NOTES
-
-After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm
-specific control operations can be performed to set any appropriate parameters
-for the operation.
-
-The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than
-once on the same context if several operations are performed using the same
-parameters.
-
-The meaning of the parameters passed to the callback will depend on the
-algorithm and the specific implementation of the algorithm. Some might not
-give any useful information at all during key or parameter generation. Others
-might not even call the callback.
-
-The operation performed by key or parameter generation depends on the algorithm
-used. In some cases (e.g. EC with a supplied named curve) the "generation"
-option merely sets the appropriate fields in an EVP_PKEY structure.
-
-In OpenSSL an EVP_PKEY structure containing a private key also contains the
-public key components and parameters (if any). An OpenSSL private key is
-equivalent to what some libraries call a "key pair". A private key can be used
-in functions which require the use of a public key or parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and
-EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure.
-In particular a return value of -2 indicates the operation is not supported by
-the public key algorithm.
-
-=head1 EXAMPLES
-
-Generate a 2048 bit RSA key:
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- EVP_PKEY *pkey = NULL;
- ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_keygen_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
-	/* Error */
-
- /* Generate key */
- if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
-	/* Error */
-
-Generate a key from a set of parameters:
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- EVP_PKEY *pkey = NULL, *param;
- /* Assumed param is set up already */
- ctx = EVP_PKEY_CTX_new(param);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_keygen_init(ctx) <= 0)
-	/* Error */
-
- /* Generate key */
- if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
-	/* Error */
-
-Example of generation callback for OpenSSL public key implementations:
-
- /* Application data is a BIO to output status to */
-
- EVP_PKEY_CTX_set_app_data(ctx, status_bio);
-
- static int
- genpkey_cb(EVP_PKEY_CTX *ctx)
- {
-	char c = '*';
-	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
-	int p;
-
-	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
-	if (p == 0)
-		c='.';
-	if (p == 1)
-		c='+';
-	if (p == 2)
-		c='*';
-	if (p == 3)
-		c='\n';
-	BIO_write(b,&c,1);
-	(void)BIO_flush(b);
-	return 1;
- }
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_new.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_new.pod
deleted file mode 100644
index 77927146595..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_new.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_new, EVP_PKEY_free - private key allocation functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- EVP_PKEY *EVP_PKEY_new(void);
- void EVP_PKEY_free(EVP_PKEY *key);
-
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
-structure which is used by OpenSSL to store private keys.
-
-EVP_PKEY_free() frees up the private key B<key>.
-
-=head1 NOTES
-
-The B<EVP_PKEY> structure is used by various OpenSSL functions
-which require a general private key without reference to any
-particular algorithm.
-
-The structure returned by EVP_PKEY_new() is empty. To add a
-private key to this empty structure the functions described in
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> should be used.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_new() returns either the newly allocated B<EVP_PKEY>
-structure of B<NULL> if an error occurred.
-
-EVP_PKEY_free() does not return a value.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_print_private.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_print_private.pod
deleted file mode 100644
index eabbaed264a..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_print_private.pod
+++ /dev/null
@@ -1,54 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public
-key algorithm printing routines.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
-				int indent, ASN1_PCTX *pctx);
- int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
-				int indent, ASN1_PCTX *pctx);
- int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
-				int indent, ASN1_PCTX *pctx);
-
-=head1 DESCRIPTION
-
-The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
-EVP_PKEY_print_params() print out the public, private or parameter components
-of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
-form. The parameter B<indent> indicated how far the printout should be indented.
-
-The B<pctx> parameter allows the print output to be finely tuned by using
-ASN1 printing options. If B<pctx> is set to NULL then default values will
-be used.
-
-=head1 NOTES
-
-Currently no public key algorithms include any options in the B<pctx> parameter
-parameter.
-
-If the key does not include all the components indicated by the function then
-only those contained in the key will be printed. For example passing a public
-key to EVP_PKEY_print_private() will only print the public components.
-
-=head1 RETURN VALUES
-
-These functions all return 1 for success and 0 or a negative value for failure.
-In particular a return value of -2 indicates the operation is not supported by
-the public key algorithm.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_set1_RSA.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_set1_RSA.pod
deleted file mode 100644
index 096e969fa36..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_set1_RSA.pod
+++ /dev/null
@@ -1,76 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
-EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
-EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
-EVP_PKEY_assign_EC_KEY, EVP_PKEY_type - EVP_PKEY assignment functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
-
- RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
- DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
- DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
- EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
-
- int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
- int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
- int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
- int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
-
- int EVP_PKEY_type(int type);
-
-=head1 DESCRIPTION
-
-EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
-EVP_PKEY_set1_EC_KEY() set the key referenced by B<pkey> to B<key>.
-
-EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
-B<NULL> if the key is not of the correct type.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-and EVP_PKEY_assign_EC_KEY() also set the referenced key to B<key>
-however these use the supplied B<key> internally and so B<key>
-will be freed when the parent B<pkey> is freed.
-
-EVP_PKEY_type() returns the type of key corresponding to the value
-B<type>. The type of a key can be obtained with
-EVP_PKEY_type(pkey->type). The return value will be EVP_PKEY_RSA,
-EVP_PKEY_DSA, EVP_PKEY_DH or EVP_PKEY_EC for the corresponding
-key types or NID_undef if the key type is unassigned.
-
-=head1 NOTES
-
-In accordance with the OpenSSL naming convention the key obtained
-from or assigned to the B<pkey> using the B<1> functions must be
-freed as well as B<pkey>.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-EVP_PKEY_assign_EC_KEY() are implemented as macros.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
-EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
-
-EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
-EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
-an error occurred.
-
-EVP_PKEY_assign_RSA() EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
-and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_sign.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_sign.pod
deleted file mode 100644
index 1925706d96b..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_sign.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
-			unsigned char *sig, size_t *siglen,
-			const unsigned char *tbs, size_t tbslen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_sign_init() function initializes a public key algorithm
-context using key B<pkey> for a signing operation.
-
-The EVP_PKEY_sign() function performs a public key signing operation
-using B<ctx>. The data to be signed is specified using the B<tbs> and
-B<tbslen> parameters. If B<sig> is B<NULL> then the maximum size of the output
-buffer is written to the B<siglen> parameter. If B<sig> is not B<NULL> then
-before the call the B<siglen> parameter should contain the length of the
-B<sig> buffer, if the call is successful the signature is written to
-B<sig> and the amount of data written to B<siglen>.
-
-=head1 NOTES
-
-After the call to EVP_PKEY_sign_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_sign() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 EXAMPLE
-
-Sign data using RSA with PKCS#1 padding and SHA256 digest:
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *md, *sig;
- size_t mdlen, siglen;
- EVP_PKEY *signing_key;
- /* NB: assumes signing_key, md and mdlen are already set up
-  * and that signing_key is an RSA private key
-  */
- ctx = EVP_PKEY_CTX_new(signing_key);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_sign_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
-	/* Error */
-
- /* Determine buffer length */
- if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
-	/* Error */
-
- sig = malloc(siglen);
-
- if (!sig)
-	/* malloc failure */
-
- if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
-	/* Error */
-
- /* Signature is siglen bytes written to buffer sig */
-
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_verify.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_verify.pod
deleted file mode 100644
index 0f092ca8e19..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_verify.pod
+++ /dev/null
@@ -1,92 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public
-key algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
-			const unsigned char *sig, size_t siglen,
-			const unsigned char *tbs, size_t tbslen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_verify_init() function initializes a public key algorithm
-context using key B<pkey> for a signature verification operation.
-
-The EVP_PKEY_verify() function performs a public key verification operation
-using B<ctx>. The signature is specified using the B<sig> and
-B<siglen> parameters. The verified data (i.e. the data believed originally
-signed) is specified using the B<tbs> and B<tbslen> parameters.
-
-=head1 NOTES
-
-After the call to EVP_PKEY_verify_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_verify() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was
-successful and 0 if it failed. Unlike other functions the return value 0 from
-EVP_PKEY_verify() only indicates that the signature did not verify
-successfully (that is tbs did not match the original data or the signature was
-of invalid form) it is not an indication of a more serious error.
-
-A negative value indicates an error other that signature verification failure.
-In particular a return value of -2 indicates the operation is not supported by
-the public key algorithm.
-
-=head1 EXAMPLE
-
-Verify signature using PKCS#1 and SHA256 digest:
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *md, *sig;
- size_t mdlen, siglen;
- EVP_PKEY *verify_key;
- /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
-  * and that verify_key is an RSA public key
-  */
- ctx = EVP_PKEY_CTX_new(verify_key);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_verify_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
-	/* Error */
-
- /* Perform operation */
- ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
-
- /* ret == 1 indicates success, 0 verify failure and < 0 for some
-  * other error.
-  */
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_PKEY_verify_recover.pod b/lib/libssl/src/doc/crypto/EVP_PKEY_verify_recover.pod
deleted file mode 100644
index 095e53ea2f1..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_PKEY_verify_recover.pod
+++ /dev/null
@@ -1,105 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using
-a public key algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
- int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
-			unsigned char *rout, size_t *routlen,
-			const unsigned char *sig, size_t siglen);
-
-=head1 DESCRIPTION
-
-The EVP_PKEY_verify_recover_init() function initializes a public key algorithm
-context using key B<pkey> for a verify recover operation.
-
-The EVP_PKEY_verify_recover() function recovers signed data
-using B<ctx>. The signature is specified using the B<sig> and
-B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
-buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
-before the call the B<routlen> parameter should contain the length of the
-B<rout> buffer, if the call is successful recovered data is written to
-B<rout> and the amount of data written to B<routlen>.
-
-=head1 NOTES
-
-Normally an application is only interested in whether a signature verification
-operation is successful in those cases the EVP_verify() function should be
-used.
-
-Sometimes however it is useful to obtain the data originally signed using a
-signing operation. Only certain public key algorithms can recover a signature
-in this way (for example RSA in PKCS padding mode).
-
-After the call to EVP_PKEY_verify_recover_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
-
-The function EVP_PKEY_verify_recover() can be called more than once on the same
-context if several operations are performed using the same parameters.
-
-=head1 RETURN VALUES
-
-EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for
-success
-and 0 or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
-
-=head1 EXAMPLE
-
-Recover digest originally signed using PKCS#1 and SHA256 digest:
-
- #include <openssl/evp.h>
- #include <openssl/rsa.h>
-
- EVP_PKEY_CTX *ctx;
- unsigned char *rout, *sig;
- size_t routlen, siglen;
- EVP_PKEY *verify_key;
- /* NB: assumes verify_key, sig and siglen are already set up
-  * and that verify_key is an RSA public key
-  */
- ctx = EVP_PKEY_CTX_new(verify_key);
- if (!ctx)
-	/* Error occurred */
- if (EVP_PKEY_verify_recover_init(ctx) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
-	/* Error */
- if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
-	/* Error */
-
- /* Determine buffer length */
- if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
-	/* Error */
-
- rout = malloc(routlen);
-
- if (!rout)
-	/* malloc failure */
-
- if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
-	/* Error */
-
- /* Recovered data is routlen bytes written to buffer rout */
-
-=head1 SEE ALSO
-
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=head1 HISTORY
-
-These functions were first added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_SealInit.pod b/lib/libssl/src/doc/crypto/EVP_SealInit.pod
deleted file mode 100644
index 76eebb72a97..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_SealInit.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
-                  unsigned char **ek, int *ekl, unsigned char *iv,
-                  EVP_PKEY **pubk, int npubk);
- int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl, unsigned char *in, int inl);
- int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
-         int *outl);
-
-=head1 DESCRIPTION
-
-The EVP envelope routines are a high level interface to envelope
-encryption. They generate a random key and IV (if required) then
-"envelope" it by using public key encryption. Data can then be
-encrypted using this key.
-
-EVP_SealInit() initializes a cipher context B<ctx> for encryption
-with cipher B<type> using a random secret key and IV. B<type> is normally
-supplied by a function such as EVP_aes_256_cbc(). The secret key is encrypted
-using one or more public keys, this allows the same encrypted data to be
-decrypted using any of the corresponding private keys. B<ek> is an array of
-buffers where the public key encrypted secret key will be written, each buffer
-must contain enough room for the corresponding encrypted key: that is
-B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
-size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
-an array of B<npubk> public keys.
-
-The B<iv> parameter is a buffer where the generated IV is written to. It must
-contain enough room for the corresponding cipher's IV, as determined by (for
-example) EVP_CIPHER_iv_length(type).
-
-If the cipher does not require an IV then the B<iv> parameter is ignored
-and can be B<NULL>.
-
-EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
-as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
-page.
-
-=head1 RETURN VALUES
-
-EVP_SealInit() returns 0 on error or B<npubk> if successful.
-
-EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
-failure.
-
-=head1 NOTES
-
-The public key must be RSA because it is the only OpenSSL public key
-algorithm that supports key transport.
-
-Envelope encryption is the usual method of using public key encryption
-on large amounts of data, this is because public key encryption is slow
-but symmetric encryption is fast. So symmetric encryption is used for
-bulk encryption and the small random symmetric key used is transferred
-using public key encryption.
-
-It is possible to call EVP_SealInit() twice in the same way as
-EVP_EncryptInit(). The first call should have B<npubk> set to 0
-and (after setting any cipher parameters) it should be called again
-with B<type> set to NULL.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>
-
-=head1 HISTORY
-
-EVP_SealFinal() did not return a value before OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_SignInit.pod b/lib/libssl/src/doc/crypto/EVP_SignInit.pod
deleted file mode 100644
index 6882211e024..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_SignInit.pod
+++ /dev/null
@@ -1,103 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_SignInit, EVP_SignUpdate, EVP_SignFinal, EVP_PKEY_size
-- EVP signing functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
-
- void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-
- int EVP_PKEY_size(EVP_PKEY *pkey);
-
-=head1 DESCRIPTION
-
-The EVP signature routines are a high level interface to digital
-signatures.
-
-EVP_SignInit_ex() sets up signing context B<ctx> to use digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized with
-EVP_MD_CTX_init() before calling this function.
-
-EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
-signature context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
-places the signature in B<sig>. B<sig> must be at least EVP_PKEY_size(pkey)
-bytes in size. B<s> is an OUT parameter, and not used as an IN parameter.
-The number of bytes of data written (i.e. the length of the signature)
-will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
-will be written.
-
-EVP_SignInit() initializes a signing context B<ctx> to use the default
-implementation of digest B<type>.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
-signature returned by EVP_SignFinal() may be smaller.
-
-=head1 RETURN VALUES
-
-EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
-for success and 0 for failure.
-
-EVP_PKEY_size() returns the maximum size of a signature in bytes.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-The call to EVP_SignFinal() internally finalizes a copy of the digest context.
-This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
-later to digest and sign additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-=head1 BUGS
-
-Older versions of this documentation wrongly stated that calls to
-EVP_SignUpdate() could not be made after calling EVP_SignFinal().
-
-Since the private key is passed in the call to EVP_SignFinal() any error
-relating to the private key (for example an unsuitable key and digest
-combination) will not be indicated until after potentially large amounts of
-data have been passed through EVP_SignUpdate().
-
-It is not possible to change the signing parameters using these function.
-
-The previous two bugs are fixed in the newer EVP_SignDigest*() function.
-
-=head1 SEE ALSO
-
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_SignInit_ex() was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod b/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
deleted file mode 100644
index b0d3f8e4c9e..00000000000
--- a/lib/libssl/src/doc/crypto/EVP_VerifyInit.pod
+++ /dev/null
@@ -1,96 +0,0 @@
-=pod
-
-=head1 NAME
-
-EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification
-functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
- int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
-
- int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
-
-=head1 DESCRIPTION
-
-The EVP signature verification routines are a high level interface to digital
-signatures.
-
-EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest
-B<type> from ENGINE B<impl>. B<ctx> must be initialized by calling
-EVP_MD_CTX_init() before calling this function.
-
-EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
-verification context B<ctx>. This function can be called several times on the
-same B<ctx> to include additional data.
-
-EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
-and against the B<siglen> bytes at B<sigbuf>.
-
-EVP_VerifyInit() initializes verification context B<ctx> to use the default
-implementation of digest B<type>.
-
-=head1 RETURN VALUES
-
-EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
-failure.
-
-EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if
-some other error occurred.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-The B<EVP> interface to digital signatures should almost always be used in
-preference to the low level interfaces. This is because the code then becomes
-transparent to the algorithm used and much more flexible.
-
-Due to the link between message digests and public key algorithms the correct
-digest algorithm must be used with the correct public key type. A list of
-algorithms and associated public key algorithms appears in
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
-
-The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
-This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called
-later to digest and verify additional data.
-
-Since only a copy of the digest context is ever finalized the context must
-be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
-will occur.
-
-=head1 BUGS
-
-Older versions of this documentation wrongly stated that calls to
-EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
-
-Since the public key is passed in the call to EVP_SignFinal() any error
-relating to the private key (for example an unsuitable key and digest
-combination) will not be indicated until after potentially large amounts of
-data have been passed through EVP_SignUpdate().
-
-It is not possible to change the signing parameters using these function.
-
-The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
-
-=head1 HISTORY
-
-EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
-available in all versions of SSLeay and OpenSSL.
-
-EVP_VerifyInit_ex() was added in OpenSSL 0.9.7
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/HMAC.pod b/lib/libssl/src/doc/crypto/HMAC.pod
deleted file mode 100644
index d92138d2731..00000000000
--- a/lib/libssl/src/doc/crypto/HMAC.pod
+++ /dev/null
@@ -1,106 +0,0 @@
-=pod
-
-=head1 NAME
-
-HMAC, HMAC_Init, HMAC_Update, HMAC_Final, HMAC_cleanup - HMAC message
-authentication code
-
-=head1 SYNOPSIS
-
- #include <openssl/hmac.h>
-
- unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
-               int key_len, const unsigned char *d, int n,
-               unsigned char *md, unsigned int *md_len);
-
- void HMAC_CTX_init(HMAC_CTX *ctx);
-
- int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
-               const EVP_MD *md);
- int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
-               	   const EVP_MD *md, ENGINE *impl);
- int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
- int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
-
- void HMAC_CTX_cleanup(HMAC_CTX *ctx);
- void HMAC_cleanup(HMAC_CTX *ctx);
-
-=head1 DESCRIPTION
-
-HMAC is a MAC (message authentication code), i.e. a keyed hash
-function used for message authentication, which is based on a hash
-function.
-
-HMAC() computes the message authentication code of the B<n> bytes at
-B<d> using the hash function B<evp_md> and the key B<key> which is
-B<key_len> bytes long.
-
-It places the result in B<md> (which must have space for the output of
-the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
-If B<md> is NULL, the digest is placed in a static array.  The size of
-the output is placed in B<md_len>, unless it is B<NULL>.
-
-B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
-
-HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
-called.
-
-HMAC_CTX_cleanup() erases the key and other data from the B<HMAC_CTX>
-and releases any associated resources. It must be called when an
-B<HMAC_CTX> is no longer required.
-
-HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back
-compatibility with 0.9.6b, it is deprecated.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
-function B<evp_md> and the key B<key> which is B<key_len> bytes
-long. It is deprecated and only included for backward compatibility
-with OpenSSL 0.9.6b.
-
-HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use
-the function B<evp_md> and key B<key>. Either can be NULL, in which
-case the existing one will be reused. HMAC_CTX_init() must have been
-called before the first use of an B<HMAC_CTX> in this
-function. B<N.B. HMAC_Init() had this undocumented behaviour in
-previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in
-programs that expect it will cause them to stop working>.
-
-HMAC_Update() can be called repeatedly with chunks of the message to
-be authenticated (B<len> bytes at B<data>).
-
-HMAC_Final() places the message authentication code in B<md>, which
-must have space for the hash function output.
-
-=head1 RETURN VALUES
-
-HMAC() returns a pointer to the message authentication code or NULL if
-an error occurred.
-
-HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
-an error occurred.
-
-HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
-
-=head1 CONFORMING TO
-
-RFC 2104
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
-
-=head1 HISTORY
-
-HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
-are available since SSLeay 0.9.0.
-
-HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
-since OpenSSL 0.9.7.
-
-HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
-versions of OpenSSL before 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/MD5.pod b/lib/libssl/src/doc/crypto/MD5.pod
deleted file mode 100644
index b0edd5416f7..00000000000
--- a/lib/libssl/src/doc/crypto/MD5.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-
-=head1 NAME
-
-MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
-MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
-
-=head1 SYNOPSIS
-
- #include <openssl/md2.h>
-
- unsigned char *MD2(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- int MD2_Init(MD2_CTX *c);
- int MD2_Update(MD2_CTX *c, const unsigned char *data,
-                  unsigned long len);
- int MD2_Final(unsigned char *md, MD2_CTX *c);
-
-
- #include <openssl/md4.h>
-
- unsigned char *MD4(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- int MD4_Init(MD4_CTX *c);
- int MD4_Update(MD4_CTX *c, const void *data,
-                  unsigned long len);
- int MD4_Final(unsigned char *md, MD4_CTX *c);
-
-
- #include <openssl/md5.h>
-
- unsigned char *MD5(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- int MD5_Init(MD5_CTX *c);
- int MD5_Update(MD5_CTX *c, const void *data,
-                  unsigned long len);
- int MD5_Final(unsigned char *md, MD5_CTX *c);
-
-=head1 DESCRIPTION
-
-MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
-
-MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
-of the B<n> bytes at B<d> and place it in B<md> (which must have space
-for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
-bytes of output). If B<md> is NULL, the digest is placed in a static
-array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-MD2_Init() initializes a B<MD2_CTX> structure.
-
-MD2_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-MD2_Final() places the message digest in B<md>, which must have space
-for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
-
-MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
-MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-etc. instead of calling the hash functions directly.
-
-=head1 NOTE
-
-MD2, MD4, and MD5 are recommended only for compatibility with existing
-applications. In new applications, SHA-1 or RIPEMD-160 should be
-preferred.
-
-=head1 RETURN VALUES
-
-MD2(), MD4(), and MD5() return pointers to the hash value.
-
-MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
-MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
-success, 0 otherwise.
-
-=head1 CONFORMING TO
-
-RFC 1319, RFC 1320, RFC 1321
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
-MD5_Update() and MD5_Final() are available in all versions of SSLeay
-and OpenSSL.
-
-MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
-above.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/OBJ_nid2obj.pod b/lib/libssl/src/doc/crypto/OBJ_nid2obj.pod
deleted file mode 100644
index 95949ac0918..00000000000
--- a/lib/libssl/src/doc/crypto/OBJ_nid2obj.pod
+++ /dev/null
@@ -1,147 +0,0 @@
-=pod
-
-=head1 NAME
-
-OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid,
-OBJ_sn2nid, OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup
-- ASN1 object utility functions
-
-=head1 SYNOPSIS
-
- #include <openssl/objects.h>
-
- ASN1_OBJECT * OBJ_nid2obj(int n);
- const char *  OBJ_nid2ln(int n);
- const char *  OBJ_nid2sn(int n);
-
- int OBJ_obj2nid(const ASN1_OBJECT *o);
- int OBJ_ln2nid(const char *ln);
- int OBJ_sn2nid(const char *sn);
-
- int OBJ_txt2nid(const char *s);
-
- ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
- int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
-
- int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
- ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
-
- int OBJ_create(const char *oid,const char *sn,const char *ln);
- void OBJ_cleanup(void);
-
-=head1 DESCRIPTION
-
-The ASN1 object utility functions process ASN1_OBJECT structures which are
-a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
-
-OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to
-an ASN1_OBJECT structure, its long name and its short name respectively,
-or B<NULL> is an error occurred.
-
-OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID
-for the object B<o>, the long name <ln> or the short name <sn> respectively
-or NID_undef if an error occurred.
-
-OBJ_txt2nid() returns NID corresponding to text string <s>. B<s> can be
-a long name, a short name or the numerical representation of an object.
-
-OBJ_txt2obj() converts the text string B<s> into an ASN1_OBJECT structure.
-If B<no_name> is 0 then long names and short names will be interpreted
-as well as numerical forms. If B<no_name> is 1 only the numerical form
-is acceptable.
-
-OBJ_obj2txt() converts the B<ASN1_OBJECT> B<a> into a textual representation.
-The representation is written as a null terminated string to B<buf>
-at most B<buf_len> bytes are written, truncating the result if necessary.
-The total amount of space required is returned. If B<no_name> is 0 then
-if the object has a long or short name then that will be used, otherwise
-the numerical form will be used. If B<no_name> is 1 then the numerical
-form will always be used.
-
-OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
-
-OBJ_dup() returns a copy of B<o>.
-
-OBJ_create() adds a new object to the internal table. B<oid> is the
-numerical form of the object, B<sn> the short name and B<ln> the
-long name. A new NID is returned for the created object.
-
-OBJ_cleanup() cleans up OpenSSLs internal object table: this should
-be called before an application exits if any new objects were added
-using OBJ_create().
-
-=head1 NOTES
-
-Objects in OpenSSL can have a short name, a long name and a numerical
-identifier (NID) associated with them. A standard set of objects is
-represented in an internal table. The appropriate values are defined
-in the header file B<objects.h>.
-
-For example the OID for commonName has the following definitions:
-
- #define SN_commonName                   "CN"
- #define LN_commonName                   "commonName"
- #define NID_commonName                  13
-
-New objects can be added by calling OBJ_create().
-
-Table objects have certain advantages over other objects: for example
-their NIDs can be used in a C language switch statement. They are
-also static constant structures which are shared: that is there
-is only a single constant structure for each table object.
-
-Objects which are not in the table have the NID value NID_undef.
-
-Objects do not need to be in the internal tables to be processed,
-the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
-form of an OID.
-
-=head1 EXAMPLES
-
-Create an object for B<commonName>:
-
- ASN1_OBJECT *o;
- o = OBJ_nid2obj(NID_commonName);
-
-Check if an object is B<commonName>
-
- if (OBJ_obj2nid(obj) == NID_commonName)
-	/* Do something */
-
-Create a new NID and initialize an object from it:
-
- int new_nid;
- ASN1_OBJECT *obj;
- new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
-
- obj = OBJ_nid2obj(new_nid);
-
-Create a new object directly:
-
- obj = OBJ_txt2obj("1.2.3.4", 1);
-
-=head1 BUGS
-
-OBJ_obj2txt() is awkward and messy to use: it doesn't follow the
-convention of other OpenSSL functions where the buffer can be set
-to B<NULL> to determine the amount of data that should be written.
-Instead B<buf> must point to a valid buffer and B<buf_len> should
-be set to a positive value. A buffer length of 80 should be more
-than enough to handle any OID encountered in practice.
-
-=head1 RETURN VALUES
-
-OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
-error occurred.
-
-OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
-on error.
-
-OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
-a NID or B<NID_undef> on error.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/lib/libssl/src/doc/crypto/OPENSSL_VERSION_NUMBER.pod
deleted file mode 100644
index 2f63a18a71d..00000000000
--- a/lib/libssl/src/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+++ /dev/null
@@ -1,101 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_VERSION_NUMBER, SSLeay, SSLeay_version - get OpenSSL version number
-
-=head1 SYNOPSIS
-
- #include <openssl/opensslv.h>
- #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
-
- #include <openssl/crypto.h>
- long SSLeay(void);
- const char *SSLeay_version(int t);
-
-=head1 DESCRIPTION
-
-OPENSSL_VERSION_NUMBER is a numeric release version identifier:
-
- MMNNFFPPS: major minor fix patch status
-
-The status nibble has one of the values 0 for development, 1 to e for betas
-1 to 14, and f for release.
-
-for example
-
- 0x000906000 == 0.9.6 dev
- 0x000906023 == 0.9.6b beta 3
- 0x00090605f == 0.9.6e release
-
-Versions prior to 0.9.3 have identifiers E<lt> 0x0930.
-Versions between 0.9.3 and 0.9.5 had a version identifier with this
-interpretation:
-
- MMNNFFRBB major minor fix final beta/patch
-
-for example
-
- 0x000904100 == 0.9.4 release
- 0x000905000 == 0.9.5 dev
-
-Version 0.9.5a had an interim interpretation that is like the current one,
-except the patch level got the highest bit set, to keep continuity.  The
-number was therefore 0x0090581f.
-
-
-For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
-
-SSLeay() returns this number. The return value can be compared to the
-macro to make sure that the correct version of the library has been
-loaded, especially when using DLLs on Windows systems.
-
-SSLeay_version() returns different strings depending on B<t>:
-
-=over 4
-
-=item SSLEAY_VERSION
-
-The text variant of the version number and the release date.  For example,
-"OpenSSL 0.9.5a 1 Apr 2000".
-
-=item SSLEAY_CFLAGS
-
-The compiler flags set for the compilation process in the form
-"compiler: ..."  if available or "compiler: information not available"
-otherwise.
-
-=item SSLEAY_BUILT_ON
-
-The date of the build process in the form "built on: ..." if available
-or "built on: date not available" otherwise.
-
-=item SSLEAY_PLATFORM
-
-The "Configure" target of the library build in the form "platform: ..."
-if available or "platform: information not available" otherwise.
-
-=item SSLEAY_DIR
-
-The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
-if available or "OPENSSLDIR: N/A" otherwise.
-
-=back
-
-For an unknown B<t>, the text "not available" is returned.
-
-=head1 RETURN VALUE
-
-The version number.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>
-
-=head1 HISTORY
-
-SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and
-OpenSSL.  OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
-B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/OPENSSL_config.pod b/lib/libssl/src/doc/crypto/OPENSSL_config.pod
deleted file mode 100644
index 897d2cce598..00000000000
--- a/lib/libssl/src/doc/crypto/OPENSSL_config.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions
-
-=head1 SYNOPSIS
-
- #include <openssl/conf.h>
-
- void OPENSSL_config(const char *config_name);
- void OPENSSL_no_config(void);
-
-=head1 DESCRIPTION
-
-OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf>
-configuration file name using B<config_name>. If B<config_name> is NULL then
-the default name B<openssl_conf> will be used. Any errors are ignored. Further
-calls to OPENSSL_config() will have no effect. The configuration file format
-is documented in the L<conf(5)|conf(5)> manual page.
-
-OPENSSL_no_config() disables configuration. If called before OPENSSL_config()
-no configuration takes place.
-
-=head1 NOTES
-
-It is B<strongly> recommended that B<all> new applications call OPENSSL_config()
-or the more sophisticated functions such as CONF_modules_load() during
-initialization (that is before starting any threads). By doing this
-an application does not need to keep track of all configuration options
-and some new functionality can be supported automatically.
-
-It is also possible to automatically call OPENSSL_config() when an application
-calls OPENSSL_add_all_algorithms() by compiling an application with the
-preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
-can be added without source changes.
-
-The environment variable B<OPENSSL_CONF> can be set to specify the location
-of the configuration file.
-
-Currently ASN1 OBJECTs and ENGINE configuration can be performed future
-versions of OpenSSL will add new configuration options.
-
-There are several reasons why calling the OpenSSL configuration routines is
-advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
-In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
-used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
-However very few applications currently support the control interface and so
-very few can load and use dynamic ENGINEs. Equally in future more sophisticated
-ENGINEs will require certain control operations to customize them. If an
-application calls OPENSSL_config() it doesn't need to know or care about
-ENGINE control operations because they can be performed by editing a
-configuration file.
-
-Applications should free up configuration at application closedown by calling
-CONF_modules_free().
-
-=head1 RESTRICTIONS
-
-The OPENSSL_config() function is designed to be a very simple "call it and
-forget it" function. As a result its behaviour is somewhat limited. It ignores
-all errors silently and it can only load from the standard configuration file
-location for example.
-
-It is however B<much> better than nothing. Applications which need finer
-control over their configuration functionality should use the configuration
-functions such as CONF_load_modules() directly.
-
-=head1 RETURN VALUES
-
-Neither OPENSSL_config() nor OPENSSL_no_config() return a value.
-
-=head1 SEE ALSO
-
-L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
-L<CONF_modules_free(3)|CONF_modules_free(3)>
-
-=head1 HISTORY
-
-OPENSSL_config() and OPENSSL_no_config() first appeared in OpenSSL 0.9.7
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/OPENSSL_load_builtin_modules.pod b/lib/libssl/src/doc/crypto/OPENSSL_load_builtin_modules.pod
deleted file mode 100644
index 828fec651d4..00000000000
--- a/lib/libssl/src/doc/crypto/OPENSSL_load_builtin_modules.pod
+++ /dev/null
@@ -1,51 +0,0 @@
-=pod
-
-=head1 NAME
-
-OPENSSL_load_builtin_modules, ASN1_add_oid_module, ENGINE_add_conf_module - add standard configuration modules
-
-=head1 SYNOPSIS
-
- #include <openssl/conf.h>
-
- void OPENSSL_load_builtin_modules(void);
- void ASN1_add_oid_module(void);
- ENGINE_add_conf_module();
-
-=head1 DESCRIPTION
-
-The function OPENSSL_load_builtin_modules() adds all the standard OpenSSL
-configuration modules to the internal list. They can then be used by the
-OpenSSL configuration code.
-
-ASN1_add_oid_module() adds just the ASN1 OBJECT module.
-
-ENGINE_add_conf_module() adds just the ENGINE configuration module.
-
-=head1 NOTES
-
-If the simple configuration function OPENSSL_config() is called then
-OPENSSL_load_builtin_modules() is called automatically.
-
-Applications which use the configuration functions directly will need to
-call OPENSSL_load_builtin_modules() themselves I<before> any other
-configuration code.
-
-Applications should call OPENSSL_load_builtin_modules() to load all
-configuration modules instead of adding modules selectively: otherwise
-functionality may be missing from the application if an when new
-modules are added.
-
-=head1 RETURN VALUE
-
-None of the functions return a value.
-
-=head1 SEE ALSO
-
-L<conf(3)|conf(3)>, L<OPENSSL_config(3)|OPENSSL_config(3)>
-
-=head1 HISTORY
-
-These functions first appeared in OpenSSL 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod b/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod
deleted file mode 100644
index 1bba4d0212a..00000000000
--- a/lib/libssl/src/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup -
-add algorithms to internal table
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- void OpenSSL_add_all_algorithms(void);
- void OpenSSL_add_all_ciphers(void);
- void OpenSSL_add_all_digests(void);
-
- void EVP_cleanup(void);
-
-=head1 DESCRIPTION
-
-OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
-this table to lookup ciphers via functions such as EVP_get_cipher_byname().
-
-OpenSSL_add_all_digests() adds all digest algorithms to the table.
-
-OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
-ciphers).
-
-OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
-password based encryption algorithms.
-
-EVP_cleanup() removes all ciphers and digests from the table.
-
-=head1 RETURN VALUES
-
-None of the functions return a value.
-
-=head1 NOTES
-
-A typical application will call OpenSSL_add_all_algorithms() initially and
-EVP_cleanup() before exiting.
-
-An application does not need to add algorithms to use them explicitly, for
-example by EVP_sha1(). It just needs to add them if it (or any of the functions
-it calls) needs to lookup algorithms.
-
-The cipher and digest lookup functions are used in many parts of the library.
-If the table is not initialized several functions will misbehave and complain
-they cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME
-libraries.  This is a common query in the OpenSSL mailing lists.
-
-Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
-statically linked executable can be quite large. If this is important it is
-possible to just add the required ciphers and digests.
-
-=head1 BUGS
-
-Although the functions do not return error codes it is possible for them to
-fail.  This will only happen as a result of a memory allocation failure so this
-is not too much of a problem in practice.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PEM_read_bio_PrivateKey.pod b/lib/libssl/src/doc/crypto/PEM_read_bio_PrivateKey.pod
deleted file mode 100644
index 6d87079a843..00000000000
--- a/lib/libssl/src/doc/crypto/PEM_read_bio_PrivateKey.pod
+++ /dev/null
@@ -1,498 +0,0 @@
-=pod
-
-=head1 NAME
-
-PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey,
-PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey,
-PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid,
-PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY,
-PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey,
-PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey,
-PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey,
-PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY,
-PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey,
-PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey,
-PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY,
-PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams,
-PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams,
-PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams,
-PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509,
-PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX,
-PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ,
-PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW,
-PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL,
-PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7,
-PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE,
-PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE,
-PEM_write_NETSCAPE_CERT_SEQUENCE - PEM routines
-
-=head1 SYNOPSIS
-
- #include <openssl/pem.h>
-
- EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
-					char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
- int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
-
- RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
-
- int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
-
- RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
-
- int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
-
- DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
-					unsigned char *kstr, int klen,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
-
- int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
-
- DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
-
- DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
-
- int PEM_write_DSAparams(FILE *fp, DSA *x);
-
- DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
-
- DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_DHparams(BIO *bp, DH *x);
-
- int PEM_write_DHparams(FILE *fp, DH *x);
-
- X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
-
- X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509(BIO *bp, X509 *x);
-
- int PEM_write_X509(FILE *fp, X509 *x);
-
- X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
-
- X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
-
- int PEM_write_X509_AUX(FILE *fp, X509 *x);
-
- X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
-					pem_password_cb *cb, void *u);
-
- X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
-					pem_password_cb *cb, void *u);
-
- int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
-
- int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
-
- int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
-
- int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
-
- X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
-					pem_password_cb *cb, void *u);
- X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
-					pem_password_cb *cb, void *u);
- int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
- int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
-
- PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
-
- PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
-
- int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
-
- int PEM_write_PKCS7(FILE *fp, PKCS7 *x);
-
- NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,
-						NETSCAPE_CERT_SEQUENCE **x,
-						pem_password_cb *cb, void *u);
-
- NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,
-						NETSCAPE_CERT_SEQUENCE **x,
-						pem_password_cb *cb, void *u);
-
- int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x);
-
- int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp, NETSCAPE_CERT_SEQUENCE *x);
-
-=head1 DESCRIPTION
-
-The PEM functions read or write structures in PEM format. In
-this sense PEM format is simply base64 encoded data surrounded
-by header lines.
-
-For more details about the meaning of arguments see the
-B<PEM FUNCTION ARGUMENTS> section.
-
-Each operation has four functions associated with it. For
-clarity the term "B<foobar> functions" will be used to collectively
-refer to the PEM_read_bio_foobar(), PEM_read_foobar(),
-PEM_write_bio_foobar() and PEM_write_foobar() functions.
-
-The B<PrivateKey> functions read or write a private key in
-PEM format using an EVP_PKEY structure. The write routines use
-"traditional" private key format and can handle both RSA and DSA
-private keys. The read functions can additionally transparently
-handle PKCS#8 format encrypted and unencrypted keys too.
-
-PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
-write a private key in an EVP_PKEY structure in PKCS#8
-EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
-algorithms. The B<cipher> argument specifies the encryption algorithm to
-use: unlike all other PEM routines the encryption is applied at the
-PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
-encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
-
-PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid()
-also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however
-it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm
-to use is specified in the B<nid> parameter and should be the NID of the
-corresponding OBJECT IDENTIFIER (see NOTES section).
-
-The B<PUBKEY> functions process a public key using an EVP_PKEY
-structure. The public key is encoded as a SubjectPublicKeyInfo
-structure.
-
-The B<RSAPrivateKey> functions process an RSA private key using an
-RSA structure. It handles the same formats as the B<PrivateKey>
-functions but an error occurs if the private key is not RSA.
-
-The B<RSAPublicKey> functions process an RSA public key using an
-RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey
-structure.
-
-The B<RSA_PUBKEY> functions also process an RSA public key using
-an RSA structure. However the public key is encoded using a
-SubjectPublicKeyInfo structure and an error occurs if the public
-key is not RSA.
-
-The B<DSAPrivateKey> functions process a DSA private key using a
-DSA structure. It handles the same formats as the B<PrivateKey>
-functions but an error occurs if the private key is not DSA.
-
-The B<DSA_PUBKEY> functions process a DSA public key using
-a DSA structure. The public key is encoded using a
-SubjectPublicKeyInfo structure and an error occurs if the public
-key is not DSA.
-
-The B<DSAparams> functions process DSA parameters using a DSA
-structure. The parameters are encoded using a foobar structure.
-
-The B<DHparams> functions process DH parameters using a DH
-structure. The parameters are encoded using a PKCS#3 DHparameter
-structure.
-
-The B<X509> functions process an X509 certificate using an X509
-structure. They will also process a trusted X509 certificate but
-any trust settings are discarded.
-
-The B<X509_AUX> functions process a trusted X509 certificate using
-an X509 structure.
-
-The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
-certificate request using an X509_REQ structure. The B<X509_REQ>
-write functions use B<CERTIFICATE REQUEST> in the header whereas
-the B<X509_REQ_NEW> functions use B<NEW CERTIFICATE REQUEST>
-(as required by some CAs). The B<X509_REQ> read functions will
-handle either form so there are no B<X509_REQ_NEW> read functions.
-
-The B<X509_CRL> functions process an X509 CRL using an X509_CRL
-structure.
-
-The B<PKCS7> functions process a PKCS#7 ContentInfo using a PKCS7
-structure.
-
-The B<NETSCAPE_CERT_SEQUENCE> functions process a Netscape Certificate
-Sequence using a NETSCAPE_CERT_SEQUENCE structure.
-
-=head1 PEM FUNCTION ARGUMENTS
-
-The PEM functions have many common arguments.
-
-The B<bp> BIO parameter (if present) specifies the BIO to read from
-or write to.
-
-The B<fp> FILE parameter (if present) specifies the FILE pointer to
-read from or write to.
-
-The PEM read functions all take an argument B<TYPE **x> and return
-a B<TYPE *> pointer. Where B<TYPE> is whatever structure the function
-uses. If B<x> is NULL then the parameter is ignored. If B<x> is not
-NULL but B<*x> is NULL then the structure returned will be written
-to B<*x>. If neither B<x> nor B<*x> is NULL then an attempt is made
-to reuse the structure at B<*x> (but see BUGS and EXAMPLES sections).
-Irrespective of the value of B<x> a pointer to the structure is always
-returned (or NULL if an error occurred).
-
-The PEM functions which write private keys take an B<enc> parameter
-which specifies the encryption algorithm to use, encryption is done
-at the PEM level. If this parameter is set to NULL then the private
-key is written in unencrypted form.
-
-The B<cb> argument is the callback to use when querying for the pass
-phrase used for encrypted PEM structures (normally only private keys).
-
-For the PEM write routines if the B<kstr> parameter is not NULL then
-B<klen> bytes at B<kstr> are used as the passphrase and B<cb> is
-ignored.
-
-If the B<cb> parameters is set to NULL and the B<u> parameter is not
-NULL then the B<u> parameter is interpreted as a null terminated string
-to use as the passphrase. If both B<cb> and B<u> are NULL then the
-default callback routine is used which will typically prompt for the
-passphrase on the current terminal with echoing turned off.
-
-The default passphrase callback is sometimes inappropriate (for example
-in a GUI application) so an alternative can be supplied. The callback
-routine has the following form:
-
- int cb(char *buf, int size, int rwflag, void *u);
-
-B<buf> is the buffer to write the passphrase to. B<size> is the maximum
-length of the passphrase (i.e. the size of buf). B<rwflag> is a flag
-which is set to 0 when reading and 1 when writing. A typical routine
-will ask the user to verify the passphrase (for example by prompting
-for it twice) if B<rwflag> is 1. The B<u> parameter has the same
-value as the B<u> parameter passed to the PEM routine. It allows
-arbitrary data to be passed to the callback by the application
-(for example a window handle in a GUI application). The callback
-B<must> return the number of characters in the passphrase or 0 if
-an error occurred.
-
-=head1 EXAMPLES
-
-Although the PEM routines take several arguments in almost all applications
-most of them are set to 0 or NULL.
-
-Read a certificate in PEM format from a BIO:
-
- X509 *x;
- x = PEM_read_bio_X509(bp, NULL, 0, NULL);
- if (x == NULL) {
-	/* Error */
- }
-
-Alternative method:
-
- X509 *x = NULL;
- if (!PEM_read_bio_X509(bp, &x, 0, NULL)) {
-	/* Error */
- }
-
-Write a certificate to a BIO:
-
- if (!PEM_write_bio_X509(bp, x)) {
-	/* Error */
- }
-
-Write an unencrypted private key to a FILE pointer:
-
- if (!PEM_write_PrivateKey(fp, key, NULL, NULL, 0, 0, NULL)) {
-	/* Error */
- }
-
-Write a private key (using traditional format) to a BIO using
-triple DES encryption, the pass phrase is prompted for:
-
- if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(),
-     NULL, 0, 0, NULL)) {
-	/* Error */
- }
-
-Write a private key (using PKCS#8 format) to a BIO using triple
-DES encryption, using the pass phrase "hello":
-
- if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(),
-     NULL, 0, 0, "hello")) {
-	/* Error */
- }
-
-Read a private key from a BIO using the pass phrase "hello":
-
- key = PEM_read_bio_PrivateKey(bp, NULL, 0, "hello");
- if (key == NULL) {
-	/* Error */
- }
-
-Read a private key from a BIO using a pass phrase callback:
-
- key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key");
- if (key == NULL) {
-	/* Error */
- }
-
-Skeleton pass phrase callback:
-
- int
- pass_cb(char *buf, int size, int rwflag, void *u)
- {
-	int len;
-	char *tmp;
-
-	/* We'd probably do something else if 'rwflag' is 1 */
-	printf("Enter pass phrase for \"%s\"\n", u);
-
-	/* get pass phrase, length 'len' into 'tmp' */
-	tmp = "hello";
-	len = strlen(tmp);
-
-	if (len == 0)
-		return 0;
-	/* if too long, truncate */
-	if (len > size)
-		len = size;
-	memcpy(buf, tmp, len);
-	return len;
- }
-
-=head1 NOTES
-
-The old B<PrivateKey> write routines are retained for compatibility.
-New applications should write private keys using the
-PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines
-because they are more secure (they use an iteration count of 2048 whereas
-the traditional routines use a count of 1) unless compatibility with older
-versions of OpenSSL is important.
-
-The B<PrivateKey> read routines can be used in all applications because
-they handle all formats transparently.
-
-A frequent cause of problems is attempting to use the PEM routines like
-this:
-
- X509 *x;
- PEM_read_bio_X509(bp, &x, 0, NULL);
-
-this is a bug because an attempt will be made to reuse the data at B<x>
-which is an uninitialised pointer.
-
-=head1 PEM ENCRYPTION FORMAT
-
-This old B<PrivateKey> routines use a non standard technique for encryption.
-
-The private key (or other data) takes the following form:
-
- -----BEGIN RSA PRIVATE KEY-----
- Proc-Type: 4,ENCRYPTED
- DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
-
- ...base64 encoded data...
- -----END RSA PRIVATE KEY-----
-
-The line beginning DEK-Info contains two comma separated pieces of information:
-the encryption algorithm name as used by EVP_get_cipherbyname() and an 8
-byte B<salt> encoded as a set of hexadecimal digits.
-
-After this is the base64 encoded encrypted data.
-
-The encryption key is determined using EVP_bytestokey(), using B<salt> and an
-iteration count of 1. The IV used is the value of B<salt> and *not* the IV
-returned by EVP_bytestokey().
-
-=head1 BUGS
-
-The PEM read routines in some versions of OpenSSL will not correctly reuse
-an existing structure. Therefore the following:
-
- PEM_read_bio_X509(bp, &x, 0, NULL);
-
-where B<x> already contains a valid certificate, may not work, whereas:
-
- X509_free(x);
- x = PEM_read_bio_X509(bp, NULL, 0, NULL);
-
-is guaranteed to work.
-
-=head1 RETURN CODES
-
-The read routines return either a pointer to the structure read or NULL
-if an error occurred.
-
-The write routines return 1 for success or 0 for failure.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PEM_write_bio_CMS_stream.pod b/lib/libssl/src/doc/crypto/PEM_write_bio_CMS_stream.pod
deleted file mode 100644
index f9946adebf2..00000000000
--- a/lib/libssl/src/doc/crypto/PEM_write_bio_CMS_stream.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
-
-=head1 SYNOPSIS
-
- #include <openssl/cms.h>
- #include <openssl/pem.h>
-
- int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.
-
-It is otherwise identical to the function SMIME_write_CMS().
-
-=head1 NOTES
-
-This function is effectively a version of the PEM_write_bio_CMS() supporting
-streaming.
-
-=head1 RETURN VALUES
-
-PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>,
-L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
-L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
-
-=head1 HISTORY
-
-PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PEM_write_bio_PKCS7_stream.pod b/lib/libssl/src/doc/crypto/PEM_write_bio_PKCS7_stream.pod
deleted file mode 100644
index 16fc9b68458..00000000000
--- a/lib/libssl/src/doc/crypto/PEM_write_bio_PKCS7_stream.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format.
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
- #include <openssl/pem.h>
-
- int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.
-
-It is otherwise identical to the function SMIME_write_PKCS7().
-
-=head1 NOTES
-
-This function is effectively a version of the PEM_write_bio_PKCS7() supporting
-streaming.
-
-=head1 RETURN VALUES
-
-PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
-L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
-L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
-
-=head1 HISTORY
-
-PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS12_create.pod b/lib/libssl/src/doc/crypto/PKCS12_create.pod
deleted file mode 100644
index 3b27c11a104..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS12_create.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS12_create - create a PKCS#12 structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs12.h>
-
- PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey,
-       X509 *cert, STACK_OF(X509) *ca, int nid_key, int nid_cert,
-       int iter, int mac_iter, int keytype);
-
-=head1 DESCRIPTION
-
-PKCS12_create() creates a PKCS#12 structure.
-
-B<pass> is the passphrase to use. B<name> is the B<friendlyName> to use for
-the supplied certificate and key. B<pkey> is the private key to include in
-the structure and B<cert> its corresponding certificates. B<ca> is an optional
-set of certificates to also include in the structure.
-Either B<pkey>, B<cert> or both can be B<NULL> to indicate that no key or
-certificate is required.
-
-B<nid_key> and B<nid_cert> are the encryption algorithms that should be used
-for the key and certificate respectively. If either B<nid_key> or B<nid_cert>
-is set to -1, no encryption will be used.
-
-B<iter> is the encryption algorithm iteration count to use and B<mac_iter> is
-the MAC iteration count to use. If B<mac_iter> is set to -1, the MAC will be
-omitted entirely.
-
-B<keytype> is the type of key.
-
-=head1 NOTES
-
-The parameters B<nid_key>, B<nid_cert>, B<iter>, B<mac_iter> and B<keytype>
-can all be set to zero and sensible defaults will be used.
-
-These defaults are: 40 bit RC2 encryption for certificates, triple DES
-encryption for private keys, a key iteration count of PKCS12_DEFAULT_ITER
-(currently 2048) and a MAC iteration count of 1.
-
-The default MAC iteration count is 1 in order to retain compatibility with
-old software which did not interpret MAC iteration counts. If such compatibility
-is not required then B<mac_iter> should be set to PKCS12_DEFAULT_ITER.
-
-B<keytype> adds a flag to the store private key. This is a non standard
-extension that is only currently interpreted by MSIE. If set to zero the flag
-is omitted, if set to B<KEY_SIG> the key can be used for signing only, if set
-to B<KEY_EX> it can be used for signing and encryption. This option was useful
-for old export grade software which could use signing only keys of arbitrary
-size but had restrictions on the permissible sizes of keys which could be used
-for encryption.
-
-If a certificate contains an B<alias> or B<keyid> then this will be
-used for the corresponding B<friendlyName> or B<localKeyID> in the
-PKCS12 structure.
-
-=head1 SEE ALSO
-
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
-
-=head1 HISTORY
-
-PKCS12_create was added in OpenSSL 0.9.3.
-
-Before OpenSSL 0.9.8, neither B<pkey> nor B<cert> were allowed to be B<NULL>,
-and a value of B<-1> was not allowed for B<nid_key>, B<nid_cert> and
-B<mac_iter>.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS12_parse.pod b/lib/libssl/src/doc/crypto/PKCS12_parse.pod
deleted file mode 100644
index c54cf2ad613..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS12_parse.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS12_parse - parse a PKCS#12 structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs12.h>
-
-int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
-
-=head1 DESCRIPTION
-
-PKCS12_parse() parses a PKCS12 structure.
-
-B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use.
-If successful the private key will be written to B<*pkey>, the corresponding
-certificate to B<*cert> and any additional certificates to B<*ca>.
-
-=head1 NOTES
-
-The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
-which case additional certificates will be discarded. B<*ca> can also be a
-valid STACK in which case additional certificates are appended to B<*ca>. If
-B<*ca> is B<NULL> a new STACK will be allocated.
-
-The B<friendlyName> and B<localKeyID> attributes (if present) on each
-certificate will be stored in the B<alias> and B<keyid> attributes of the
-B<X509> structure.
-
-=head1 RETURN VALUES
-
-PKCS12_parse() returns 1 for success and zero if an error occurred.
-
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 BUGS
-
-Only a single private key and corresponding certificate is returned by this
-function. More complex PKCS#12 files with multiple private keys will only
-return the first match.
-
-Only B<friendlyName> and B<localKeyID> attributes are currently stored in
-certificates. Other attributes are discarded.
-
-Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
-
-=head1 SEE ALSO
-
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
-
-=head1 HISTORY
-
-PKCS12_parse was added in OpenSSL 0.9.3
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS5_PBKDF2_HMAC.pod b/lib/libssl/src/doc/crypto/PKCS5_PBKDF2_HMAC.pod
deleted file mode 100644
index 0c164a0ed6b..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS5_PBKDF2_HMAC.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS5_PBKDF2_HMAC, PKCS5_PBKDF2_HMAC_SHA1 - password based derivation routines with salt and iteration count
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
- int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
-                       const unsigned char *salt, int saltlen, int iter,
-                       const EVP_MD *digest,
-                       int keylen, unsigned char *out);
-
-int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
-			   const unsigned char *salt, int saltlen, int iter,
-			   int keylen, unsigned char *out);
-
-=head1 DESCRIPTION
-
-PKCS5_PBKDF2_HMAC() derives a key from a password using a salt and iteration count
-as specified in RFC 2898.
-
-B<pass> is the password used in the derivation of length B<passlen>. B<pass>
-is an optional parameter and can be NULL. If B<passlen> is -1, then the
-function will calculate the length of B<pass> using strlen().
-
-B<salt> is the salt used in the derivation of length B<saltlen>. If the
-B<salt> is NULL, then B<saltlen> must be 0. The function will not
-attempt to calculate the length of the B<salt> because it is not assumed to
-be NULL terminated.
-
-B<iter> is the iteration count and its value should be greater than or 
-equal to 1. RFC 2898 suggests an iteration count of at least 1000. Any
-B<iter> less than 1 is treated as a single iteration.
-
-B<digest> is the message digest function used in the derivation. Values include
-any of the EVP_* message digests. PKCS5_PBKDF2_HMAC_SHA1() calls
-PKCS5_PBKDF2_HMAC() with EVP_sha1().
-
-The derived key will be written to B<out>. The size of the B<out> buffer
-is specified via B<keylen>.
-
-=head1 NOTES
-
-A typical application of this function is to derive keying material for an
-encryption algorithm from a password in the B<pass>, a salt in B<salt>,
-and an iteration count.
-
-Increasing the B<iter> parameter slows down the algorithm which makes it
-harder for an attacker to perform a brute force attack using a large number
-of candidate passwords.
-
-=head1 RETURN VALUES
-
-PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on error.
-
-=head1 SEE ALSO
-
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS7_decrypt.pod b/lib/libssl/src/doc/crypto/PKCS7_decrypt.pod
deleted file mode 100644
index 78919998ce7..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS7_decrypt.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
-structure. B<pkey> is the private key of the recipient, B<cert> is the
-recipients certificate, B<data> is a BIO to write the content to and
-B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
-function or errors about unknown algorithms will occur.
-
-Although the recipients certificate is not needed to decrypt the data it is
-needed to locate the appropriate (of possible several) recipients in the PKCS#7
-structure.
-
-The following flags can be passed in the B<flags> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
-from the content. If the content is not of type B<text/plain> then an error is
-returned.
-
-=head1 RETURN VALUES
-
-PKCS7_decrypt() returns either 1 for success or 0 for failure.
-The error can be obtained from ERR_get_error(3)
-
-=head1 BUGS
-
-PKCS7_decrypt() must be passed the correct recipient key and certificate. It
-would be better if it could look up the correct key and certificate from a
-database.
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-
-=head1 HISTORY
-
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS7_encrypt.pod b/lib/libssl/src/doc/crypto/PKCS7_encrypt.pod
deleted file mode 100644
index 8bc77407b9e..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS7_encrypt.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_encrypt - create a PKCS#7 envelopedData structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. B<certs>
-is a list of recipient certificates. B<in> is the content to be encrypted.
-B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
-certificates supplied to this function must all contain RSA public keys, though
-they do not have to be signed using the RSA algorithm.
-
-The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
-its parameters.
-
-Many browsers implement a "sign and encrypt" option which is simply an S/MIME
-envelopedData containing an S/MIME signed message. This can be readily produced
-by storing the S/MIME signed message in a memory BIO and passing it to
-PKCS7_encrypt().
-
-The following flags can be passed in the B<flags> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are
-prepended to the data.
-
-Normally the supplied content is translated into MIME canonical format (as
-required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
-occurs. This option should be used if the supplied data is in binary format
-otherwise the translation will corrupt it. If B<PKCS7_BINARY> is set then
-B<PKCS7_TEXT> is ignored.
-
-If the B<PKCS7_STREAM> flag is set a partial B<PKCS7> structure is output
-suitable for streaming I/O: no data is read from the BIO B<in>.
-
-=head1 NOTES
-
-If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
-complete and outputting its contents via a function that does not
-properly finalize the B<PKCS7> structure will give unpredictable
-results.
-
-Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
-PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
-can be performed by obtaining the streaming ASN1 B<BIO> directly using
-BIO_new_PKCS7().
-
-=head1 RETURN VALUES
-
-PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
-The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-PKCS7_decrypt() was added to OpenSSL 0.9.5
-The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS7_sign.pod b/lib/libssl/src/doc/crypto/PKCS7_sign.pod
deleted file mode 100644
index 64a3036c0a6..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS7_sign.pod
+++ /dev/null
@@ -1,116 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_sign - create a PKCS#7 signedData structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
-the certificate to sign with, B<pkey> is the corresponding private key.
-B<certs> is an optional additional set of certificates to include in the PKCS#7
-structure (for example any intermediate CAs in the chain).
-
-The data to be signed is read from BIO B<data>.
-
-B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-Any of the following flags (ored together) can be passed in the B<flags>
-parameter.
-
-Many S/MIME clients expect the signed content to include valid MIME headers. If
-the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
-to the data.
-
-If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the
-B<signcert> parameter though. This can reduce the size of the signature if the
-signers certificate can be obtained by other means: for example a previously
-signed message.
-
-The data being signed is included in the PKCS7 structure, unless
-B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
-detached signatures which are used in S/MIME plaintext signed messages for
-example.
-
-Normally the supplied content is translated into MIME canonical format (as
-required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
-occurs. This option should be used if the supplied data is in binary format
-otherwise the translation will corrupt it.
-
-The signedData structure includes several PKCS#7 authenticatedAttributes
-including the signing time, the PKCS#7 content type and the supported list of
-ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
-authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
-the SMIMECapabilities are omitted.
-
-If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
-these algorithms is disabled then it will not be included.
-
-If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
-just initialized ready to perform the signing operation. The signing is however
-B<not> performed and the data to be signed is not read from the B<data>
-parameter. Signing is deferred until after the data has been written. In this
-way data can be signed in a single pass.
-
-If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
-which additional signers and capabilities can be added before finalization.
-
-
-=head1 NOTES
-
-If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
-complete and outputting its contents via a function that does not properly
-finalize the B<PKCS7> structure will give unpredictable results.
-
-Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
-PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
-can be performed by obtaining the streaming ASN1 B<BIO> directly using
-BIO_new_PKCS7().
-
-If a signer is specified it will use the default digest for the signing
-algorithm. This is B<SHA1> for both RSA and DSA keys.
-
-In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
-B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
-using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
-called to finalize the structure if streaming is not enabled. Alternative
-signing digests can also be specified using this method.
-
-In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
-PKCS#7 structure is output.
-
-In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
-B<NOT> be NULL.
-
-=head1 BUGS
-
-Some advanced attributes such as counter signatures are not supported.
-
-=head1 RETURN VALUES
-
-PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
-occurred.  The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
-
-=head1 HISTORY
-
-PKCS7_sign() was added to OpenSSL 0.9.5
-
-The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
-
-The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS7_sign_add_signer.pod b/lib/libssl/src/doc/crypto/PKCS7_sign_add_signer.pod
deleted file mode 100644
index 280455d476c..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS7_sign_add_signer.pod
+++ /dev/null
@@ -1,87 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_sign_add_signer - add a signer PKCS7 signed data structure.
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
-
-
-=head1 DESCRIPTION
-
-PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
-key B<pkey> using message digest B<md> to a PKCS7 signed data structure
-B<p7>.
-
-The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
-with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
-signed data structure.
-
-If the B<md> parameter is B<NULL> then the default digest for the public
-key algorithm will be used.
-
-Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
-is not complete and must be finalized either by streaming (if applicable) or
-a call to PKCS7_final().
-
-
-=head1 NOTES
-
-The main purpose of this function is to provide finer control over a PKCS#7
-signed data structure where the simpler PKCS7_sign() function defaults are
-not appropriate. For example if multiple signers or non default digest
-algorithms are needed.
-
-Any of the following flags (ored together) can be passed in the B<flags>
-parameter.
-
-If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
-digest value from the PKCS7 structure: to add a signer to an existing structure.
-An error occurs if a matching digest value cannot be found to copy. The
-returned PKCS7 structure will be valid and finalized when this flag is set.
-
-If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the
-B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
-can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
-needed to finalize it.
-
-If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
-PKCS7 structure, the signer's certificate must still be supplied in the
-B<signcert> parameter though. This can reduce the size of the signature if the
-signers certificate can be obtained by other means: for example a previously
-signed message.
-
-The signedData structure includes several PKCS#7 authenticatedAttributes
-including the signing time, the PKCS#7 content type and the supported list of
-ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
-authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
-the SMIMECapabilities are omitted.
-
-If present the SMIMECapabilities attribute indicates support for the following
-algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
-these algorithms is disabled then it will not be included.
-
-
-PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
-structure just added, this can be used to set additional attributes
-before it is finalized.
-
-=head1 RETURN VALUES
-
-PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
-structure just added or NULL if an error occurs.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_final(3)|PKCS7_final(3)>,
-
-=head1 HISTORY
-
-PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/PKCS7_verify.pod b/lib/libssl/src/doc/crypto/PKCS7_verify.pod
deleted file mode 100644
index 059fbff8e9c..00000000000
--- a/lib/libssl/src/doc/crypto/PKCS7_verify.pod
+++ /dev/null
@@ -1,118 +0,0 @@
-=pod
-
-=head1 NAME
-
-PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
-
- STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-
-=head1 DESCRIPTION
-
-PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
-structure to verify. B<certs> is a set of certificates in which to search for
-the signer's certificate. B<store> is a trusted certificate store (used for
-chain verification). B<indata> is the signed data if the content is not
-present in B<p7> (that is it is detached). The content is written to B<out>
-if it is not NULL.
-
-B<flags> is an optional set of flags, which can be used to modify the verify
-operation.
-
-PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
-B<not> check their validity or whether any signatures are valid. The B<certs>
-and B<flags> parameters have the same meanings as in PKCS7_verify().
-
-=head1 VERIFY PROCESS
-
-Normally the verify process proceeds as follows.
-
-Initially some sanity checks are performed on B<p7>. The type of B<p7> must
-be signedData. There must be at least one signature on the data and if
-the content is detached B<indata> cannot be B<NULL>.
-
-An attempt is made to locate all the signer's certificates, first looking in
-the B<certs> parameter (if it is not B<NULL>) and then looking in any
-certificates contained in the B<p7> structure itself. If any signer's
-certificates cannot be located the operation fails.
-
-Each signer's certificate is chain verified using the B<smimesign> purpose and
-the supplied trusted certificate store. Any internal certificates in the message
-are used as untrusted CAs. If any chain verify fails an error code is returned.
-
-Finally the signed content is read (and written to B<out> is it is not NULL) and
-the signature's checked.
-
-If all signature's verify correctly then the function is successful.
-
-Any of the following flags (ored together) can be passed in the B<flags>
-parameter to change the default verify behaviour. Only the flag
-B<PKCS7_NOINTERN> is meaningful to PKCS7_get0_signers().
-
-If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
-searched when locating the signer's certificate. This means that all the signers
-certificates must be in the B<certs> parameter.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
-from the content. If the content is not of type B<text/plain> then an error is
-returned.
-
-If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
-
-If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
-not used as untrusted CAs. This means that the whole verify chain (apart from
-the signer's certificate) must be contained in the trusted store.
-
-If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
-
-=head1 NOTES
-
-One application of B<PKCS7_NOINTERN> is to only accept messages signed by
-a small number of certificates. The acceptable certificates would be passed
-in the B<certs> parameter. In this case if the signer is not one of the
-certificates supplied in B<certs> then the verify will fail because the
-signer cannot be found.
-
-Care should be taken when modifying the default verify behaviour, for example
-setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification
-and any signed message will be considered valid. This combination is however
-useful if one merely wishes to write the content to B<out> and its validity
-is not considered important.
-
-Chain verification should arguably be performed  using the signing time rather
-than the current time. However since the signing time is supplied by the
-signer it cannot be trusted without additional evidence (such as a trusted
-timestamp).
-
-=head1 RETURN VALUES
-
-PKCS7_verify() returns 1 for a successful verification and zero or a negative
-value if an error occurs.
-
-PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
-
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 BUGS
-
-The trusted certificate store is not searched for the signers certificate,
-this is primarily due to the inadequacies of the current B<X509_STORE>
-functionality.
-
-The lack of single pass processing and need to hold all data in memory as
-mentioned in PKCS7_sign() also applies to PKCS7_verify().
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>
-
-=head1 HISTORY
-
-PKCS7_verify() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND.pod b/lib/libssl/src/doc/crypto/RAND.pod
deleted file mode 100644
index dd6962fa356..00000000000
--- a/lib/libssl/src/doc/crypto/RAND.pod
+++ /dev/null
@@ -1,34 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND - pseudo-random number generator
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int  RAND_bytes(unsigned char *buf, int num);
- int  RAND_pseudo_bytes(unsigned char *buf, int num);
-
-=head1 DESCRIPTION
-
-These functions give access to the systems cryptographically secure
-pseudo-random number generator (PRNG). It is used by other library functions
-for example to generate random keys, and applications can use it when they
-need randomness.
-
-L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
-PRNG.
-
-=head1 INTERNALS
-
-The RAND_SSLeay() method implements a PRNG based on the systems'
-L<arc4random_buf(3)> random number generator.
-
-=head1 SEE ALSO
-
-L<BN_rand(3)|BN_rand(3)>,
-L<RAND_bytes(3)|RAND_bytes(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND_add.pod b/lib/libssl/src/doc/crypto/RAND_add.pod
deleted file mode 100644
index 3ffd4910c42..00000000000
--- a/lib/libssl/src/doc/crypto/RAND_add.pod
+++ /dev/null
@@ -1,30 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_add, RAND_seed, RAND_status - add entropy to the PRNG (DEPRECATED)
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_seed(const void *buf, int num);
-
- void RAND_add(const void *buf, int num, double entropy);
-
- int  RAND_status(void);
-
-=head1 DESCRIPTION
-
-These functions used to allow for the state of the random number generator
-to be controlled by external sources.
-
-They are kept for ABI compatibility but are no longer functional, and
-should not be used in new programs.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND_bytes.pod b/lib/libssl/src/doc/crypto/RAND_bytes.pod
deleted file mode 100644
index c89961ada3d..00000000000
--- a/lib/libssl/src/doc/crypto/RAND_bytes.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_bytes, RAND_pseudo_bytes - generate random data
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- int RAND_bytes(unsigned char *buf, int num);
-
- int RAND_pseudo_bytes(unsigned char *buf, int num);
-
-=head1 DESCRIPTION
-
-RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
-into B<buf>.
-
-RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
-Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
-unique if they are of sufficient length, but are not necessarily
-unpredictable. They can be used for non-cryptographic purposes and for
-certain purposes in cryptographic protocols, but usually not for key
-generation etc.
-
-=head1 RETURN VALUES
-
-RAND_bytes() returns 1.
-RAND_pseudo_bytes() returns 1.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<RAND_add(3)|RAND_add(3)>
-
-=head1 HISTORY
-
-RAND_bytes() is available in all versions of SSLeay and OpenSSL.  It
-has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
-in OpenSSL 0.9.5.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND_cleanup.pod b/lib/libssl/src/doc/crypto/RAND_cleanup.pod
deleted file mode 100644
index 10cb39ce7ad..00000000000
--- a/lib/libssl/src/doc/crypto/RAND_cleanup.pod
+++ /dev/null
@@ -1,25 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_cleanup - erase the PRNG state
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_cleanup(void);
-
-=head1 DESCRIPTION
-
-RAND_cleanup() erases the memory used by the PRNG.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND_load_file.pod b/lib/libssl/src/doc/crypto/RAND_load_file.pod
deleted file mode 100644
index 5e4c2481d86..00000000000
--- a/lib/libssl/src/doc/crypto/RAND_load_file.pod
+++ /dev/null
@@ -1,52 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- const char *RAND_file_name(char *buf, size_t num);
-
- int RAND_load_file(const char *filename, long max_bytes);
-
- int RAND_write_file(const char *filename);
-
-=head1 DESCRIPTION
-
-RAND_file_name() returns a default path for the random seed file.
-B<buf> points to a buffer of size B<num> in which to store the
-filename. If B<num> is too small for the path name, an error occurs.
-
-RAND_load_file() used to allow for the state of the random number generator
-to be controlled by external sources.
-
-It is kept for ABI compatibility but is no longer functional, and
-should not used in new programs.
-
-RAND_write_file() writes a number of random bytes (currently 1024) to
-file B<filename>.
-
-=head1 RETURN VALUES
-
-RAND_load_file() always returns 0.
-
-RAND_write_file() returns the number of bytes written, and -1 if the
-bytes written were generated without appropriate seed.
-
-RAND_file_name() returns a pointer to B<buf> on success, and NULL on
-error.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)>
-
-=head1 HISTORY
-
-RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
-all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RAND_set_rand_method.pod b/lib/libssl/src/doc/crypto/RAND_set_rand_method.pod
deleted file mode 100644
index c02068bf765..00000000000
--- a/lib/libssl/src/doc/crypto/RAND_set_rand_method.pod
+++ /dev/null
@@ -1,40 +0,0 @@
-=pod
-
-=head1 NAME
-
-RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
-
-=head1 SYNOPSIS
-
- #include <openssl/rand.h>
-
- void RAND_set_rand_method(const RAND_METHOD *meth);
-
- const RAND_METHOD *RAND_get_rand_method(void);
-
- RAND_METHOD *RAND_SSLeay(void);
-
-=head1 DESCRIPTION
-
-These functions used to allow for the random number generator functions
-to be replaced by arbitrary code.
-
-They are kept for ABI compatibility but are no longer functional, and
-should not be used in new programs.
-
-=head1 SEE ALSO
-
-L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
-available in all versions of OpenSSL.
-
-In the engine version of version 0.9.6, RAND_set_rand_method() was altered to
-take an ENGINE pointer as its argument. As of version 0.9.7, that has been
-reverted as the ENGINE API transparently overrides RAND defaults if used,
-otherwise RAND API functions work as before. RAND_set_rand_engine() was also
-introduced in version 0.9.7.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RC4.pod b/lib/libssl/src/doc/crypto/RC4.pod
deleted file mode 100644
index b6d3a4342ca..00000000000
--- a/lib/libssl/src/doc/crypto/RC4.pod
+++ /dev/null
@@ -1,62 +0,0 @@
-=pod
-
-=head1 NAME
-
-RC4_set_key, RC4 - RC4 encryption
-
-=head1 SYNOPSIS
-
- #include <openssl/rc4.h>
-
- void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
-
- void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
-          unsigned char *outdata);
-
-=head1 DESCRIPTION
-
-This library implements the Alleged RC4 cipher, which is described for
-example in I<Applied Cryptography>.  It is believed to be compatible
-with RC4[TM], a proprietary cipher of RSA Security Inc.
-
-RC4 is a stream cipher with variable key length.  Typically, 128 bit
-(16 byte) keys are used for strong encryption, but shorter insecure
-key sizes have been widely used due to export restrictions.
-
-RC4 consists of a key setup phase and the actual encryption or
-decryption phase.
-
-RC4_set_key() sets up the B<RC4_KEY> B<key> using the B<len> bytes long
-key at B<data>.
-
-RC4() encrypts or decrypts the B<len> bytes of data at B<indata> using
-B<key> and places the result at B<outdata>.  Repeated RC4() calls with
-the same B<key> yield a continuous key stream.
-
-Since RC4 is a stream cipher (the input is XORed with a pseudo-random
-key stream to produce the output), decryption uses the same function
-calls as encryption.
-
-Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
-etc. instead of calling the RC4 functions directly.
-
-=head1 RETURN VALUES
-
-RC4_set_key() and RC4() do not return values.
-
-=head1 NOTE
-
-Certain conditions have to be observed to securely use stream ciphers.
-It is not permissible to perform multiple encryptions using the same
-key stream.
-
-=head1 SEE ALSO
-
-L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<rc2(3)|rc2(3)>
-
-=head1 HISTORY
-
-RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RIPEMD160.pod b/lib/libssl/src/doc/crypto/RIPEMD160.pod
deleted file mode 100644
index f66fb02ed2b..00000000000
--- a/lib/libssl/src/doc/crypto/RIPEMD160.pod
+++ /dev/null
@@ -1,66 +0,0 @@
-=pod
-
-=head1 NAME
-
-RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final -
-RIPEMD-160 hash function
-
-=head1 SYNOPSIS
-
- #include <openssl/ripemd.h>
-
- unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- int RIPEMD160_Init(RIPEMD160_CTX *c);
- int RIPEMD160_Update(RIPEMD_CTX *c, const void *data,
-                  unsigned long len);
- int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
-
-=head1 DESCRIPTION
-
-RIPEMD-160 is a cryptographic hash function with a
-160 bit output.
-
-RIPEMD160() computes the RIPEMD-160 message digest of the B<n>
-bytes at B<d> and places it in B<md> (which must have space for
-RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
-is placed in a static array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-RIPEMD160_Init() initializes a B<RIPEMD160_CTX> structure.
-
-RIPEMD160_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-RIPEMD160_Final() places the message digest in B<md>, which must have
-space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases
-the B<RIPEMD160_CTX>.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
-hash functions directly.
-
-=head1 RETURN VALUES
-
-RIPEMD160() returns a pointer to the hash value.
-
-RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
-success, 0 otherwise.
-
-=head1 CONFORMING TO
-
-ISO/IEC 10118-3 (draft) (??)
-
-=head1 SEE ALSO
-
-L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-RIPEMD160(), RIPEMD160_Init(), RIPEMD160_Update() and
-RIPEMD160_Final() are available since SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_blinding_on.pod b/lib/libssl/src/doc/crypto/RSA_blinding_on.pod
deleted file mode 100644
index f96e3cf7c96..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_blinding_on.pod
+++ /dev/null
@@ -1,41 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing
-attacks
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
-
- void RSA_blinding_off(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA is vulnerable to timing attacks. In a setup where attackers can
-measure the time of RSA decryption or signature operations, blinding
-must be used to protect the RSA operation from that attack.
-
-RSA_blinding_on() turns blinding on for key B<rsa> and generates a
-random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
-initialized B<BN_CTX>.
-
-RSA_blinding_off() turns blinding off and frees the memory used for
-the blinding factor.
-
-=head1 RETURN VALUES
-
-RSA_blinding_on() returns 1 on success, and 0 if an error occurred.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
-
-=head1 HISTORY
-
-RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_check_key.pod b/lib/libssl/src/doc/crypto/RSA_check_key.pod
deleted file mode 100644
index a5198f3db5b..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_check_key.pod
+++ /dev/null
@@ -1,67 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_check_key - validate private RSA keys
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_check_key(RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function validates RSA keys. It checks that B<p> and B<q> are
-in fact prime, and that B<n = p*q>.
-
-It also checks that B<d*e = 1 mod (p-1*q-1)>,
-and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
-
-As such, this function can not be used with any arbitrary RSA key object,
-even if it is otherwise fit for regular RSA operation. See B<NOTES> for more
-information.
-
-=head1 RETURN VALUE
-
-RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
--1 is returned if an error occurs while checking the key.
-
-If the key is invalid or an error occurred, the reason code can be
-obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 NOTES
-
-This function does not work on RSA public keys that have only the modulus
-and public exponent elements populated. It performs integrity checks on all
-the RSA key material, so the RSA key structure must contain all the private
-key data too.
-
-Unlike most other RSA functions, this function does B<not> work
-transparently with any underlying ENGINE implementation because it uses the
-key data in the RSA structure directly. An ENGINE implementation can
-override the way key data is stored and handled, and can even provide
-support for HSM keys - in which case the RSA structure may contain B<no>
-key data at all! If the ENGINE in question is only being used for
-acceleration or analysis purposes, then in all likelihood the RSA key data
-is complete and untouched, but this can't be assumed in the general case.
-
-=head1 BUGS
-
-A method of verifying the RSA key using opaque RSA API functions might need
-to be considered. Right now RSA_check_key() simply uses the RSA structure
-elements directly, bypassing the RSA_METHOD table altogether (and
-completely violating encapsulation and object-orientation in the process).
-The best fix will probably be to introduce a "check_key()" handler to the
-RSA_METHOD function table so that alternative implementations can also
-provide their own verifiers.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-RSA_check_key() appeared in OpenSSL 0.9.4.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_generate_key.pod b/lib/libssl/src/doc/crypto/RSA_generate_key.pod
deleted file mode 100644
index 00026f04df6..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_generate_key.pod
+++ /dev/null
@@ -1,79 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_generate_key_ex, RSA_generate_key - generate RSA key pair
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
-
-Deprecated:
-
- RSA *RSA_generate_key(int num, unsigned long e,
-    void (*callback)(int,int,void *), void *cb_arg);
-
-=head1 DESCRIPTION
-
-RSA_generate_key_ex() generates a key pair and stores it in the B<RSA>
-structure provided in B<rsa>.
-
-The modulus size will be of length B<bits>, and the public exponent will be
-B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
-The exponent is an odd number, typically 3, 17 or 65537.
-
-A callback function may be used to provide feedback about the
-progress of the key generation. If B<cb> is not B<NULL>, it
-will be called as follows using the BN_GENCB_call() function
-described on the L<BN_generate_prime(3)|BN_generate_prime(3)> page:
-
-=over 4
-
-=item *
-
-While a random prime number is generated, it is called as
-described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
-
-=item *
-
-When the n-th randomly generated prime is rejected as not
-suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.
-
-=item *
-
-When a random p has been found with p-1 relatively prime to B<e>,
-it is called as B<BN_GENCB_call(cb, 3, 0)>.
-
-=back
-
-The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
-
-RSA_generate_key is deprecated (new applications should use
-RSA_generate_key_ex instead). RSA_generate_key works in the same was as
-RSA_generate_key_ex except it uses "old style" call backs. See
-L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
-
-=head1 RETURN VALUE
-
-If key generation fails, RSA_generate_key() returns B<NULL>.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
-
-RSA_generate_key() goes into an infinite loop for illegal input values.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_free(3)|RSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
-
-=head1 HISTORY
-
-The B<cb_arg> argument was added in SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_get_ex_new_index.pod b/lib/libssl/src/doc/crypto/RSA_get_ex_new_index.pod
deleted file mode 100644
index b1ac1167dd9..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_get_ex_new_index.pod
+++ /dev/null
@@ -1,122 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application
-specific data to RSA structures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int RSA_set_ex_data(RSA *r, int idx, void *arg);
-
- void *RSA_get_ex_data(RSA *r, int idx);
-
- typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                           int idx, long argl, void *argp);
- typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                             int idx, long argl, void *argp);
- typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                           int idx, long argl, void *argp);
-
-=head1 DESCRIPTION
-
-Several OpenSSL structures can have application specific data attached to them.
-This has several potential uses, it can be used to cache data associated with
-a structure (for example the hash of some part of the structure) or some
-additional data (for example a handle to the data in an external library).
-
-Since the application data can be anything at all it is passed and retrieved
-as a B<void *> type.
-
-The B<RSA_get_ex_new_index()> function is initially called to "register" some
-new application specific data. It takes three optional function pointers which
-are called when the parent structure (in this case an RSA structure) is
-initially created, when it is copied and when it is freed up. If any or all of
-these function pointer arguments are not used they should be set to NULL. The
-precise manner in which these function pointers are called is described in more
-detail below. B<RSA_get_ex_new_index()> also takes additional long and pointer
-parameters which will be passed to the supplied functions but which otherwise
-have no special meaning. It returns an B<index> which should be stored
-(typically in a static variable) and passed used in the B<idx> parameter in
-the remaining functions. Each successful call to B<RSA_get_ex_new_index()>
-will return an index greater than any previously returned, this is important
-because the optional functions are called in order of increasing index value.
-
-B<RSA_set_ex_data()> is used to set application specific data, the data is
-supplied in the B<arg> parameter and its precise meaning is up to the
-application.
-
-B<RSA_get_ex_data()> is used to retrieve application specific data. The data
-is returned to the application, this will be the same value as supplied to
-a previous B<RSA_set_ex_data()> call.
-
-B<new_func()> is called when a structure is initially allocated (for example
-with B<RSA_new()>. The parent structure members will not have any meaningful
-values at this point. This function will typically be used to allocate any
-application specific structure.
-
-B<free_func()> is called when a structure is being freed up. The dynamic parent
-structure members should not be accessed because they will be freed up when
-this function is called.
-
-B<new_func()> and B<free_func()> take the same parameters. B<parent> is a
-pointer to the parent RSA structure. B<ptr> is a the application specific data
-(this wont be of much use in B<new_func()>. B<ad> is a pointer to the
-B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
-B<CRYPTO_get_ex_data()> and B<CRYPTO_set_ex_data()> can be called to manipulate
-it. The B<idx> parameter is the index: this will be the same value returned by
-B<RSA_get_ex_new_index()> when the functions were initially registered. Finally
-the B<argl> and B<argp> parameters are the values originally passed to the same
-corresponding parameters when B<RSA_get_ex_new_index()> was called.
-
-B<dup_func()> is called when a structure is being copied. Pointers to the
-destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
-B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
-the source application data when the function is called, when the function
-returns the value is copied to the destination: the application can thus modify
-the data pointed to by B<from_d> and have different values in the source and
-destination.  The B<idx>, B<argl> and B<argp> parameters are the same as those
-in B<new_func()> and B<free_func()>.
-
-=head1 RETURN VALUES
-
-B<RSA_get_ex_new_index()> returns a new index or -1 on failure (note 0 is a
-valid index value).
-
-B<RSA_set_ex_data()> returns 1 on success or 0 on failure.
-
-B<RSA_get_ex_data()> returns the application data or 0 on failure. 0 may also
-be valid application data but currently it can only fail if given an invalid
-B<idx> parameter.
-
-B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
-
-On failure an error code can be obtained from
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-B<dup_func()> is currently never called.
-
-The return value of B<new_func()> is ignored.
-
-The B<new_func()> function isn't very useful because no meaningful values are
-present in the parent RSA structure when it is called.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
-
-=head1 HISTORY
-
-RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_new.pod b/lib/libssl/src/doc/crypto/RSA_new.pod
deleted file mode 100644
index 0c85dc1d625..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_new.pod
+++ /dev/null
@@ -1,39 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_new, RSA_free - allocate and free RSA objects
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- RSA * RSA_new(void);
-
- void RSA_free(RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_new() allocates and initializes an B<RSA> structure. It is equivalent to
-calling RSA_new_method(NULL).
-
-RSA_free() frees the B<RSA> structure and its components. The key is
-erased before the memory is returned to the system.
-
-=head1 RETURN VALUES
-
-If the allocation fails, RSA_new() returns B<NULL> and sets an error code that
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a
-pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_new_method(3)|RSA_new_method(3)>
-
-=head1 HISTORY
-
-RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
deleted file mode 100644
index 1c90b2b44d2..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+++ /dev/null
@@ -1,121 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
-RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
-RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
-RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
-RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
-padding
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
-    unsigned char *f, int fl, unsigned char *p, int pl);
-
- int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl);
-
- int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
- int RSA_padding_add_none(unsigned char *to, int tlen,
-    unsigned char *f, int fl);
-
- int RSA_padding_check_none(unsigned char *to, int tlen,
-    unsigned char *f, int fl, int rsa_len);
-
-=head1 DESCRIPTION
-
-The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
-decrypt, sign and verify functions. Normally they should not be called
-from application programs.
-
-However, they can also be called directly to implement padding for other
-asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
-RSA_padding_check_PKCS1_OAEP() may be used in an application combined
-with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
-parameter.
-
-RSA_padding_add_xxx() encodes B<fl> bytes from B<f> so as to fit into
-B<tlen> bytes and stores the result at B<to>. An error occurs if B<fl>
-does not meet the size requirements of the encoding method.
-
-The following encoding methods are implemented:
-
-=over 4
-
-=item PKCS1_type_1
-
-PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures
-
-=item PKCS1_type_2
-
-PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
-
-=item PKCS1_OAEP
-
-PKCS #1 v2.0 EME-OAEP
-
-=item SSLv23
-
-PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
-
-=item none
-
-simply copy the data
-
-=back
-
-RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
-a valid encoding for a B<rsa_len> byte RSA key in the respective
-encoding method and stores the recovered data of at most B<tlen> bytes
-(for B<RSA_NO_PADDING>: of size B<tlen>)
-at B<to>.
-
-For RSA_padding_xxx_OAEP(), B<p> points to the encoding parameter
-of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
-
-=head1 RETURN VALUES
-
-The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
-The RSA_padding_check_xxx() functions return the length of the
-recovered data, -1 on error. Error codes can be obtained by calling
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
-RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
-RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
-RSA_padding_add_none() and RSA_padding_check_none() appeared in
-SSLeay 0.9.0.
-
-RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
-added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_print.pod b/lib/libssl/src/doc/crypto/RSA_print.pod
deleted file mode 100644
index c971e91f4db..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_print.pod
+++ /dev/null
@@ -1,49 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_print, RSA_print_fp,
-DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp,
-DHparams_print, DHparams_print_fp - print cryptographic parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- #include <openssl/dsa.h>
-
- int DSAparams_print(BIO *bp, DSA *x);
- int DSAparams_print_fp(FILE *fp, DSA *x);
- int DSA_print(BIO *bp, DSA *x, int offset);
- int DSA_print_fp(FILE *fp, DSA *x, int offset);
-
- #include <openssl/dh.h>
-
- int DHparams_print(BIO *bp, DH *x);
- int DHparams_print_fp(FILE *fp, DH *x);
-
-=head1 DESCRIPTION
-
-A human-readable hexadecimal output of the components of the RSA
-key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
-
-The output lines are indented by B<offset> spaces.
-
-=head1 RETURN VALUES
-
-These functions return 1 on success, 0 on error.
-
-=head1 SEE ALSO
-
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
-
-=head1 HISTORY
-
-RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
-DH_print_fp() are available in all versions of SSLeay and OpenSSL.
-DSAparams_print() and DSAparams_print_fp() were added in SSLeay 0.8.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod b/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod
deleted file mode 100644
index aa2bc1bd76c..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_private_encrypt.pod
+++ /dev/null
@@ -1,69 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_private_encrypt, RSA_public_decrypt - low level signature operations
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_private_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-
- int RSA_public_decrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-These functions handle RSA signatures at a low level.
-
-RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a
-message digest with an algorithm identifier) using the private key
-B<rsa> and stores the signature in B<to>. B<to> must point to
-B<RSA_size(rsa)> bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This function does not handle the B<algorithmIdentifier>
-specified in PKCS #1. When generating or verifying PKCS #1 signatures,
-L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be used.
-
-=item RSA_NO_PADDING
-
-Raw RSA signature. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Signing user data directly with RSA is insecure.
-
-=back
-
-RSA_public_decrypt() recovers the message digest from the B<flen>
-bytes long signature at B<from> using the signer's public key
-B<rsa>. B<to> must point to a memory section large enough to hold the
-message digest (which is smaller than B<RSA_size(rsa) -
-11>). B<padding> is the padding mode that was used to sign the data.
-
-=head1 RETURN VALUES
-
-RSA_private_encrypt() returns the size of the signature (i.e.,
-RSA_size(rsa)). RSA_public_decrypt() returns the size of the
-recovered message digest.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod b/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod
deleted file mode 100644
index 4bbee53f09b..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_public_encrypt.pod
+++ /dev/null
@@ -1,82 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_public_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
-
- int RSA_private_decrypt(int flen, unsigned char *from,
-     unsigned char *to, RSA *rsa, int padding);
-
-=head1 DESCRIPTION
-
-RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
-session key) using the public key B<rsa> and stores the ciphertext in
-B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
-
-B<padding> denotes one of the following modes:
-
-=over 4
-
-=item RSA_PKCS1_PADDING
-
-PKCS #1 v1.5 padding. This currently is the most widely used mode.
-
-=item RSA_PKCS1_OAEP_PADDING
-
-EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
-encoding parameter. This mode is recommended for all new applications.
-
-=item RSA_SSLV23_PADDING
-
-PKCS #1 v1.5 padding with an SSL-specific modification that denotes
-that the server is SSL3 capable.
-
-=item RSA_NO_PADDING
-
-Raw RSA encryption. This mode should I<only> be used to implement
-cryptographically sound padding modes in the application code.
-Encrypting user data directly with RSA is insecure.
-
-=back
-
-B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
-based padding modes, less than RSA_size(B<rsa>) - 41 for
-RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B<rsa>) for RSA_NO_PADDING.
-
-RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
-private key B<rsa> and stores the plaintext in B<to>. B<to> must point
-to a memory section large enough to hold the decrypted data (which is
-smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
-was used to encrypt the data.
-
-=head1 RETURN VALUES
-
-RSA_public_encrypt() returns the size of the encrypted data (i.e.,
-RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
-recovered plaintext.
-
-On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_size(3)|RSA_size(3)>
-
-=head1 HISTORY
-
-The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
-available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_set_method.pod b/lib/libssl/src/doc/crypto/RSA_set_method.pod
deleted file mode 100644
index 3f50a89e5c4..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_set_method.pod
+++ /dev/null
@@ -1,201 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_set_default_method, RSA_get_default_method, RSA_set_method,
-RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
-RSA_new_method, RSA_get_default_openssl_method,
-RSA_set_default_openssl_method - select RSA method
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- void RSA_set_default_method(const RSA_METHOD *meth);
-
- RSA_METHOD *RSA_get_default_method(void);
-
- int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-
- RSA_METHOD *RSA_get_method(const RSA *rsa);
-
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
-
- RSA_METHOD *RSA_null_method(void);
-
- int RSA_flags(const RSA *rsa);
-
- RSA *RSA_new_method(RSA_METHOD *method);
-
-=head1 DESCRIPTION
-
-An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA
-operations. By modifying the method, alternative implementations such as
-hardware accelerators may be used. IMPORTANT: See the NOTES section for
-important information about how these RSA API functions are affected by the
-use of B<ENGINE> API calls.
-
-Initially, the default RSA_METHOD is the OpenSSL internal implementation,
-as returned by RSA_PKCS1_SSLeay().
-
-RSA_set_default_method() makes B<meth> the default method for all RSA
-structures created later. B<NB>: This is true only whilst no ENGINE has
-been set as a default for RSA, so this function is no longer recommended.
-
-RSA_get_default_method() returns a pointer to the current default
-RSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
-recommended.
-
-RSA_set_method() selects B<meth> to perform all operations using the key
-B<rsa>. This will replace the RSA_METHOD used by the RSA key and if the
-previous method was supplied by an ENGINE, the handle to that ENGINE will
-be released during the change. It is possible to have RSA keys that only
-work with certain RSA_METHOD implementations (eg. from an ENGINE module
-that supports embedded hardware-protected keys), and in such cases
-attempting to change the RSA_METHOD for the key can have unexpected
-results.
-
-RSA_get_method() returns a pointer to the RSA_METHOD being used by B<rsa>.
-This method may or may not be supplied by an ENGINE implementation, but if
-it is, the return value can only be guaranteed to be valid as long as the
-RSA key itself is valid and does not have its implementation changed by
-RSA_set_method().
-
-RSA_flags() returns the B<flags> that are set for B<rsa>'s current
-RSA_METHOD. See the BUGS section.
-
-RSA_new_method() allocates and initializes an RSA structure so that
-B<engine> will be used for the RSA operations. If B<engine> is NULL, the
-default ENGINE for RSA operations is used, and if no default ENGINE is set,
-the RSA_METHOD controlled by RSA_set_default_method() is used.
-
-RSA_flags() returns the B<flags> that are set for B<rsa>'s current method.
-
-RSA_new_method() allocates and initializes an B<RSA> structure so that
-B<method> will be used for the RSA operations. If B<method> is B<NULL>,
-the default method is used.
-
-=head1 THE RSA_METHOD STRUCTURE
-
- typedef struct rsa_meth_st
- {
-     /* name of the implementation */
-	const char *name;
-
-     /* encrypt */
-	int (*rsa_pub_enc)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* verify arbitrary data */
-	int (*rsa_pub_dec)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* sign arbitrary data */
-	int (*rsa_priv_enc)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* decrypt */
-	int (*rsa_priv_dec)(int flen, unsigned char *from,
-          unsigned char *to, RSA *rsa, int padding);
-
-     /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
-                                        implementations) */
-	int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
-
-     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-	int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
-
-     /* called at RSA_new */
-	int (*init)(RSA *rsa);
-
-     /* called at RSA_free */
-	int (*finish)(RSA *rsa);
-
-     /* RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
-      *                            operations, even if p,q,dmp1,dmq1,iqmp
-      *                            are NULL
-      * RSA_FLAG_SIGN_VER        - enable rsa_sign and rsa_verify
-      * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
-      */
-	int flags;
-
-	char *app_data; /* ?? */
-
-     /* sign. For backward compatibility, this is used only
-      * if (flags & RSA_FLAG_SIGN_VER)
-      */
-	int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
-           unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
-     /* verify. For backward compatibility, this is used only
-      * if (flags & RSA_FLAG_SIGN_VER)
-      */
-	int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
-           unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- } RSA_METHOD;
-
-=head1 RETURN VALUES
-
-RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method()
-and RSA_get_method() return pointers to the respective RSA_METHODs.
-
-RSA_set_method() returns a pointer to the old RSA_METHOD implementation
-that was replaced. However, this return value should probably be ignored
-because if it was supplied by an ENGINE, the pointer could be invalidated
-at any time if the ENGINE is unloaded (in fact it could be unloaded as a
-result of the RSA_set_method() function releasing its handle to the
-ENGINE). For this reason, the return type may be replaced with a B<void>
-declaration in a future release.
-
-RSA_new_method() returns NULL and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
-it returns a pointer to the newly allocated structure.
-
-=head1 NOTES
-
-As of version 0.9.7, RSA_METHOD implementations are grouped together with
-other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
-modules. If a default ENGINE is specified for RSA functionality using an
-ENGINE API function, that will override any RSA defaults set using the RSA
-API (ie.  RSA_set_default_method()). For this reason, the ENGINE API is the
-recommended way to control default implementations for use in RSA and other
-cryptographic algorithms.
-
-=head1 BUGS
-
-The behaviour of RSA_flags() is a mis-feature that is left as-is for now
-to avoid creating compatibility problems. RSA functionality, such as the
-encryption functions, are controlled by the B<flags> value in the RSA key
-itself, not by the B<flags> value in the RSA_METHOD attached to the RSA key
-(which is what this function returns). If the flags element of an RSA key
-is changed, the changes will be honoured by RSA functionality but will not
-be reflected in the return value of the RSA_flags() function - in effect
-RSA_flags() behaves more like an RSA_default_flags() function (which does
-not currently exist).
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
-
-=head1 HISTORY
-
-RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
-RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
-well as the rsa_sign and rsa_verify components of RSA_METHOD were
-added in OpenSSL 0.9.4.
-
-RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
-replaced RSA_set_default_method() and RSA_get_default_method()
-respectively, and RSA_set_method() and RSA_new_method() were altered to use
-B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
-version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
-API was restructured so that this change was reversed, and behaviour of the
-other functions resembled more closely the previous behaviour. The
-behaviour of defaults in the ENGINE API now transparently overrides the
-behaviour of defaults in the RSA API without requiring changing these
-function prototypes.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_sign.pod b/lib/libssl/src/doc/crypto/RSA_sign.pod
deleted file mode 100644
index 51587bdc419..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_sign.pod
+++ /dev/null
@@ -1,61 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign, RSA_verify - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
-
- int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
-    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign() signs the message digest B<m> of size B<m_len> using the
-private key B<rsa> as specified in PKCS #1 v2.0. It stores the
-signature in B<sigret> and the signature size in B<siglen>. B<sigret>
-must point to RSA_size(B<rsa>) bytes of memory.
-Note that PKCS #1 adds meta-data, placing limits on the size of the
-key that can be used.
-See L<RSA_private_encrypt(3)|RSA_private_encrypt(3)> for lower-level
-operations.
-
-B<type> denotes the message digest algorithm that was used to generate
-B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
-see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
-an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
-and no algorithm identifier) is created.
-
-RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
-matches a given message digest B<m> of size B<m_len>. B<type> denotes
-the message digest algorithm that was used to generate the signature.
-B<rsa> is the signer's public key.
-
-=head1 RETURN VALUES
-
-RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
-on successful verification, 0 otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)>
-
-=head1 HISTORY
-
-RSA_sign() and RSA_verify() are available in all versions of SSLeay
-and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
deleted file mode 100644
index 664b46174bd..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+++ /dev/null
@@ -1,57 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
-    RSA *rsa);
-
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-    RSA *rsa);
-
-=head1 DESCRIPTION
-
-RSA_sign_ASN1_OCTET_STRING() signs the octet string B<m> of size
-B<m_len> using the private key B<rsa> represented in DER using PKCS #1
-padding. It stores the signature in B<sigret> and the signature size
-in B<siglen>. B<sigret> must point to B<RSA_size(rsa)> bytes of
-memory.
-
-B<dummy> is ignored.
-
-RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
-of size B<siglen> is the DER representation of a given octet string
-B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's
-public key.
-
-=head1 RETURN VALUES
-
-RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
-RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
-otherwise.
-
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 BUGS
-
-These functions serve no recognizable purpose.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-L<RSA_verify(3)|RSA_verify(3)>
-
-=head1 HISTORY
-
-RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
-added in SSLeay 0.8.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/RSA_size.pod b/lib/libssl/src/doc/crypto/RSA_size.pod
deleted file mode 100644
index 5b7f835f95d..00000000000
--- a/lib/libssl/src/doc/crypto/RSA_size.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-RSA_size - get RSA modulus size
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
-
- int RSA_size(const RSA *rsa);
-
-=head1 DESCRIPTION
-
-This function returns the RSA modulus size in bytes. It can be used to
-determine how much memory must be allocated for an RSA encrypted
-value.
-
-B<rsa-E<gt>n> must not be B<NULL>.
-
-=head1 RETURN VALUE
-
-The size in bytes.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>
-
-=head1 HISTORY
-
-RSA_size() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/SHA1.pod b/lib/libssl/src/doc/crypto/SHA1.pod
deleted file mode 100644
index 9fffdf59e7b..00000000000
--- a/lib/libssl/src/doc/crypto/SHA1.pod
+++ /dev/null
@@ -1,71 +0,0 @@
-=pod
-
-=head1 NAME
-
-SHA1, SHA1_Init, SHA1_Update, SHA1_Final - Secure Hash Algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/sha.h>
-
- unsigned char *SHA1(const unsigned char *d, unsigned long n,
-                  unsigned char *md);
-
- int SHA1_Init(SHA_CTX *c);
- int SHA1_Update(SHA_CTX *c, const void *data,
-                  unsigned long len);
- int SHA1_Final(unsigned char *md, SHA_CTX *c);
-
-=head1 DESCRIPTION
-
-SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
-160 bit output.
-
-SHA1() computes the SHA-1 message digest of the B<n>
-bytes at B<d> and places it in B<md> (which must have space for
-SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
-is placed in a static array.
-
-The following functions may be used if the message is not completely
-stored in memory:
-
-SHA1_Init() initializes a B<SHA_CTX> structure.
-
-SHA1_Update() can be called repeatedly with chunks of the message to
-be hashed (B<len> bytes at B<data>).
-
-SHA1_Final() places the message digest in B<md>, which must have space
-for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the B<SHA_CTX>.
-
-Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-etc. instead of calling the hash functions directly.
-
-The predecessor of SHA-1, SHA, is also implemented, but it should be
-used only when backward compatibility is required.
-
-=head1 RETURN VALUES
-
-SHA1() returns a pointer to the hash value.
-
-SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise.
-
-=head1 CONFORMING TO
-
-SHA: US Federal Information Processing Standard FIPS PUB 180 (Secure Hash
-Standard),
-SHA-1: US Federal Information Processing Standard FIPS PUB 180-1 (Secure Hash
-Standard),
-ANSI X9.30
-
-=head1 SEE ALSO
-
-L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
-
-=head1 HISTORY
-
-SHA1(), SHA1_Init(), SHA1_Update() and SHA1_Final() are available in all
-versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/SMIME_read_CMS.pod b/lib/libssl/src/doc/crypto/SMIME_read_CMS.pod
deleted file mode 100644
index acc5524c140..00000000000
--- a/lib/libssl/src/doc/crypto/SMIME_read_CMS.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
- SMIME_read_CMS - parse S/MIME message.
-
-=head1 SYNOPSIS
-
- #include <openssl/cms.h>
-
- CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
-
-=head1 DESCRIPTION
-
-SMIME_read_CMS() parses a message in S/MIME format.
-
-B<in> is a BIO to read the message from.
-
-If cleartext signing is used then the content is saved in a memory bio which is
-written to B<*bcont>, otherwise B<*bcont> is set to NULL.
-
-The parsed CMS_ContentInfo structure is returned or NULL if an
-error occurred.
-
-=head1 NOTES
-
-If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
-then be passed to CMS_verify() with the B<CMS_DETACHED> flag set.
-
-Otherwise the type of the returned structure can be determined
-using CMS_get0_type().
-
-To support future functionality if B<bcont> is not NULL B<*bcont> should be
-initialized to NULL. For example:
-
- BIO *cont = NULL;
- CMS_ContentInfo *cms;
-
- cms = SMIME_read_CMS(in, &cont);
-
-=head1 BUGS
-
-The MIME parser used by SMIME_read_CMS() is somewhat primitive.  While it will
-handle most S/MIME messages more complex compound formats may not work.
-
-The parser assumes that the CMS_ContentInfo structure is always base64 encoded
-and will not handle the case where it is in binary format or uses quoted
-printable format.
-
-The use of a memory BIO to hold the signed content limits the size of message
-which can be processed due to memory restraints: a streaming single pass option
-should be available.
-
-=head1 RETURN VALUES
-
-SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
-if an error occurred. The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
-L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_read_CMS() was added to OpenSSL 0.9.8
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/SMIME_read_PKCS7.pod b/lib/libssl/src/doc/crypto/SMIME_read_PKCS7.pod
deleted file mode 100644
index 9d467159418..00000000000
--- a/lib/libssl/src/doc/crypto/SMIME_read_PKCS7.pod
+++ /dev/null
@@ -1,73 +0,0 @@
-=pod
-
-=head1 NAME
-
-SMIME_read_PKCS7 - parse S/MIME message.
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
-
-=head1 DESCRIPTION
-
-SMIME_read_PKCS7() parses a message in S/MIME format.
-
-B<in> is a BIO to read the message from.
-
-If cleartext signing is used then the content is saved in
-a memory bio which is written to B<*bcont>, otherwise
-B<*bcont> is set to B<NULL>.
-
-The parsed PKCS#7 structure is returned or B<NULL> if an
-error occurred.
-
-=head1 NOTES
-
-If B<*bcont> is not B<NULL> then the message is clear text
-signed. B<*bcont> can then be passed to PKCS7_verify() with
-the B<PKCS7_DETACHED> flag set.
-
-Otherwise the type of the returned structure can be determined
-using PKCS7_type().
-
-To support future functionality if B<bcont> is not B<NULL>
-B<*bcont> should be initialized to B<NULL>. For example:
-
- BIO *cont = NULL;
- PKCS7 *p7;
-
- p7 = SMIME_read_PKCS7(in, &cont);
-
-=head1 BUGS
-
-The MIME parser used by SMIME_read_PKCS7() is somewhat primitive.
-While it will handle most S/MIME messages more complex compound
-formats may not work.
-
-The parser assumes that the PKCS7 structure is always base64
-encoded and will not handle the case where it is in binary format
-or uses quoted printable format.
-
-The use of a memory BIO to hold the signed content limits the size
-of message which can be processed due to memory restraints: a
-streaming single pass option should be available.
-
-=head1 RETURN VALUES
-
-SMIME_read_PKCS7() returns a valid B<PKCS7> structure or B<NULL>
-is an error occurred. The error can be obtained from ERR_get_error(3).
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_type(3)|PKCS7_type(3)>
-L<SMIME_read_PKCS7(3)|SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_read_PKCS7() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/SMIME_write_CMS.pod b/lib/libssl/src/doc/crypto/SMIME_write_CMS.pod
deleted file mode 100644
index 04bedfb4297..00000000000
--- a/lib/libssl/src/doc/crypto/SMIME_write_CMS.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
- SMIME_write_CMS - convert CMS structure to S/MIME format.
-
-=head1 SYNOPSIS
-
- #include <openssl/cms.h>
-
- int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-SMIME_write_CMS() adds the appropriate MIME headers to a CMS
-structure to produce an S/MIME message.
-
-B<out> is the BIO to write the data to. B<cms> is the appropriate
-B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
-supplied in the B<data> argument. B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-The following flags can be passed in the B<flags> parameter.
-
-If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
-makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
-called.
-
-If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
-the content, this only makes sense if B<CMS_DETACHED> is also set.
-
-If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
-be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
-creation function.
-
-If cleartext signing is being used and B<CMS_STREAM> not set then the data must
-be read twice: once to compute the signature in CMS_sign() and once to output
-the S/MIME message.
-
-If streaming is performed the content is output in BER format using indefinite
-length constructed encoding except in the case of signed data with detached
-content where the content is absent and DER format is used.
-
-=head1 BUGS
-
-SMIME_write_CMS() always base64 encodes CMS structures, there should be an
-option to disable this.
-
-=head1 RETURN VALUES
-
-SMIME_write_CMS() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_write_CMS() was added to OpenSSL 0.9.8
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/SMIME_write_PKCS7.pod b/lib/libssl/src/doc/crypto/SMIME_write_PKCS7.pod
deleted file mode 100644
index 4a7cd08c424..00000000000
--- a/lib/libssl/src/doc/crypto/SMIME_write_PKCS7.pod
+++ /dev/null
@@ -1,65 +0,0 @@
-=pod
-
-=head1 NAME
-
-SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
-structure to produce an S/MIME message.
-
-B<out> is the BIO to write the data to. B<p7> is the appropriate B<PKCS7>
-structure. If streaming is enabled then the content must be supplied in the
-B<data> argument. B<flags> is an optional set of flags.
-
-=head1 NOTES
-
-The following flags can be passed in the B<flags> parameter.
-
-If B<PKCS7_DETACHED> is set then cleartext signing will be used,
-this option only makes sense for signedData where B<PKCS7_DETACHED>
-is also set when PKCS7_sign() is also called.
-
-If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
-are added to the content, this only makes sense if B<PKCS7_DETACHED>
-is also set.
-
-If the B<PKCS7_STREAM> flag is set streaming is performed. This flag should
-only be set if B<PKCS7_STREAM> was also set in the previous call to
-PKCS7_sign() or B<PKCS7_encrypt()>.
-
-If cleartext signing is being used and B<PKCS7_STREAM> not set then
-the data must be read twice: once to compute the signature in PKCS7_sign()
-and once to output the S/MIME message.
-
-If streaming is performed the content is output in BER format using indefinite
-length constructed encoding except in the case of signed data with detached
-content where the content is absent and DER format is used.
-
-=head1 BUGS
-
-SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
-should be an option to disable this.
-
-=head1 RETURN VALUES
-
-SMIME_write_PKCS7() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
-
-=head1 HISTORY
-
-SMIME_write_PKCS7() was added to OpenSSL 0.9.5
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_NAME_ENTRY_get_object.pod b/lib/libssl/src/doc/crypto/X509_NAME_ENTRY_get_object.pod
deleted file mode 100644
index 4603202db81..00000000000
--- a/lib/libssl/src/doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ /dev/null
@@ -1,70 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data,
-X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data,
-X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID,
-X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
- ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
-
- int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
- int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
-
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
-
-=head1 DESCRIPTION
-
-X509_NAME_ENTRY_get_object() retrieves the field name of B<ne> in
-and B<ASN1_OBJECT> structure.
-
-X509_NAME_ENTRY_get_data() retrieves the field value of B<ne> in
-and B<ASN1_STRING> structure.
-
-X509_NAME_ENTRY_set_object() sets the field name of B<ne> to B<obj>.
-
-X509_NAME_ENTRY_set_data() sets the field value of B<ne> to string type
-B<type> and value determined by B<bytes> and B<len>.
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
-B<X509_NAME_ENTRY> structure.
-
-=head1 NOTES
-
-X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
-used to examine an B<X509_NAME_ENTRY> function as returned by
-X509_NAME_get_entry() for example.
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
-and X509_NAME_ENTRY_create_by_OBJ() create and return an
-
-X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
-X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
-are seldom used in practice because B<X509_NAME_ENTRY> structures
-are almost always part of B<X509_NAME> structures and the
-corresponding B<X509_NAME> functions are typically used to
-create and add new entries in a single operation.
-
-The arguments of these functions support similar options to the similarly
-named ones of the corresponding B<X509_NAME> functions such as
-X509_NAME_add_entry_by_txt(). So for example B<type> can be set to
-B<MBSTRING_ASC> but in the case of X509_set_data() the field name must be
-set first so the relevant field information can be looked up internally.
-
-=head1 RETURN VALUES
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_NAME_add_entry_by_txt.pod b/lib/libssl/src/doc/crypto/X509_NAME_add_entry_by_txt.pod
deleted file mode 100644
index f97e05e683f..00000000000
--- a/lib/libssl/src/doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ /dev/null
@@ -1,117 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ,
-X509_NAME_add_entry_by_NID, X509_NAME_add_entry, X509_NAME_delete_entry -
-X509_NAME modification functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
-
- int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
-
- int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
-
- int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
-
- X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-
-=head1 DESCRIPTION
-
-X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and
-X509_NAME_add_entry_by_NID() add a field whose name is defined
-by a string B<field>, an object B<obj> or a NID B<nid> respectively.
-The field value to be added is in B<bytes> of length B<len>. If
-B<len> is -1 then the field length is calculated internally using
-strlen(bytes).
-
-The type of field is determined by B<type> which can either be a
-definition of the type of B<bytes> (such as B<MBSTRING_ASC>) or a
-standard ASN1 type (such as B<V_ASN1_IA5STRING>). The new entry is
-added to a position determined by B<loc> and B<set>.
-
-X509_NAME_add_entry() adds a copy of B<X509_NAME_ENTRY> structure B<ne>
-to B<name>. The new entry is added to a position determined by B<loc>
-and B<set>. Since a copy of B<ne> is added B<ne> must be freed up after
-the call.
-
-X509_NAME_delete_entry() deletes an entry from B<name> at position
-B<loc>. The deleted entry is returned and must be freed up.
-
-=head1 NOTES
-
-The use of string types such as B<MBSTRING_ASC> or B<MBSTRING_UTF8>
-is strongly recommended for the B<type> parameter. This allows the
-internal code to correctly determine the type of the field and to
-apply length checks according to the relevant standards. This is
-done using ASN1_STRING_set_by_NID().
-
-If instead an ASN1 type is used no checks are performed and the
-supplied data in B<bytes> is used directly.
-
-In X509_NAME_add_entry_by_txt() the B<field> string represents
-the field name using OBJ_txt2obj(field, 0).
-
-The B<loc> and B<set> parameters determine where a new entry should
-be added. For almost all applications B<loc> can be set to -1 and B<set>
-to 0. This adds a new entry to the end of B<name> as a single valued
-RelativeDistinguishedName (RDN).
-
-B<loc> actually determines the index where the new entry is inserted:
-if it is -1 it is appended.
-
-B<set> determines how the new type is added. If it is zero a
-new RDN is created.
-
-If B<set> is -1 or 1 it is added to the previous or next RDN
-structure respectively. This will then be a multivalued RDN:
-since multivalues RDNs are very seldom used B<set> is almost
-always set to zero.
-
-=head1 EXAMPLES
-
-Create an B<X509_NAME> structure:
-
-"C=UK, O=Disorganized Organization, CN=Joe Bloggs"
-
- X509_NAME *nm;
- nm = X509_NAME_new();
- if (nm == NULL)
-	/* Some error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"C", "UK", -1, -1, 0))
-	/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"O", "Disorganized Organization", -1, -1, 0))
-	/* Error */
- if (!X509_NAME_add_entry_by_txt(nm, MBSTRING_ASC,
-			"CN", "Joe Bloggs", -1, -1, 0))
-	/* Error */
-
-=head1 RETURN VALUES
-
-X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(),
-X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for
-success of 0 if an error occurred.
-
-X509_NAME_delete_entry() returns either the deleted B<X509_NAME_ENTRY>
-structure of B<NULL> if an error occurred.
-
-=head1 BUGS
-
-B<type> can still be set to B<V_ASN1_APP_CHOOSE> to use a
-different algorithm to determine field types. Since this form does
-not understand multicharacter types, performs no length checks and
-can result in invalid field types its use is strongly discouraged.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
-
-=head1 HISTORY
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_NAME_get_index_by_NID.pod b/lib/libssl/src/doc/crypto/X509_NAME_get_index_by_NID.pod
deleted file mode 100644
index 48510890e89..00000000000
--- a/lib/libssl/src/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ /dev/null
@@ -1,102 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry,
-X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ -
-X509_NAME lookup and enumeration functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
- int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
-
- int X509_NAME_entry_count(X509_NAME *name);
- X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
-
- int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
- int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
-
-=head1 DESCRIPTION
-
-These functions allow an B<X509_NAME> structure to be examined. The
-B<X509_NAME> structure is the same as the B<Name> type defined in
-RFC2459 (and elsewhere) and used for example in certificate subject
-and issuer names.
-
-X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve
-the next index matching B<nid> or B<obj> after B<lastpos>. B<lastpos>
-should initially be set to -1. If there are no more entries -1 is returned.
-
-X509_NAME_entry_count() returns the total number of entries in B<name>.
-
-X509_NAME_get_entry() retrieves the B<X509_NAME_ENTRY> from B<name>
-corresponding to index B<loc>. Acceptable values for B<loc> run from
-0 to (X509_NAME_entry_count(name) - 1). The value returned is an
-internal pointer which must not be freed.
-
-X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve
-the "text" from the first entry in B<name> which matches B<nid> or
-B<obj>, if no such entry exists -1 is returned. At most B<len> bytes
-will be written and the text written to B<buf> will be null
-terminated. The length of the output string written is returned
-excluding the terminating null. If B<buf> is <NULL> then the amount
-of space needed in B<buf> (excluding the final null) is returned.
-
-=head1 NOTES
-
-X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() are
-legacy functions which have various limitations which make them
-of minimal use in practice. They can only find the first matching
-entry and will copy the contents of the field verbatim: this can
-be highly confusing if the target is a multicharacter string type
-like a BMPString or a UTF8String.
-
-For a more general solution X509_NAME_get_index_by_NID() or
-X509_NAME_get_index_by_OBJ() should be used followed by
-X509_NAME_get_entry() on any matching indices and then the
-various B<X509_NAME_ENTRY> utility functions on the result.
-
-=head1 EXAMPLES
-
-Process all entries:
-
- int i;
- X509_NAME_ENTRY *e;
-
- for (i = 0; i < X509_NAME_entry_count(nm); i++) {
-	e = X509_NAME_get_entry(nm, i);
-	/* Do something with e */
- }
-
-Process all commonName entries:
-
- int loc;
- X509_NAME_ENTRY *e;
-
- loc = -1;
- for (;;) {
-	lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
-	if (lastpos == -1)
-		break;
-	e = X509_NAME_get_entry(nm, lastpos);
-	/* Do something with e */
- }
-
-=head1 RETURN VALUES
-
-X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ()
-return the index of the next matching entry or -1 if not found.
-
-X509_NAME_entry_count() returns the total number of entries.
-
-X509_NAME_get_entry() returns an B<X509_NAME> pointer to the
-requested entry or B<NULL> if the index is invalid.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_NAME_print_ex.pod b/lib/libssl/src/doc/crypto/X509_NAME_print_ex.pod
deleted file mode 100644
index 5cdf636c16c..00000000000
--- a/lib/libssl/src/doc/crypto/X509_NAME_print_ex.pod
+++ /dev/null
@@ -1,103 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print,
-X509_NAME_oneline - X509_NAME printing routines.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
- int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
- char *	X509_NAME_oneline(X509_NAME *a,char *buf,int size);
- int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-
-=head1 DESCRIPTION
-
-X509_NAME_print_ex() prints a human readable version of B<nm> to BIO B<out>.
-Each line (for multiline formats) is indented by B<indent> spaces. The output
-format can be extensively customised by use of the B<flags> parameter.
-
-X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output
-is written to FILE pointer B<fp>.
-
-X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
-bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically
-allocated and returned, otherwise B<buf> is returned.
-
-X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase>
-characters. Multiple lines are used if the output (including indent) exceeds
-80 characters.
-
-=head1 NOTES
-
-The functions X509_NAME_oneline() and X509_NAME_print() are legacy functions
-which produce a non standard output form, they don't handle multi character
-fields and have various quirks and inconsistencies. Their use is strongly
-discouraged in new applications.
-
-Although there are a large number of possible flags for most purposes
-B<XN_FLAG_ONELINE>, B<XN_FLAG_MULTILINE> or B<XN_FLAG_RFC2253> will suffice.
-As noted on the L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)> manual page
-for UTF8 terminals the B<ASN1_STRFLGS_ESC_MSB> should be unset: so for example
-B<XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB> would be used.
-
-The complete set of the flags supported by X509_NAME_print_ex() is listed below.
-
-Several options can be ored together.
-
-The options B<XN_FLAG_SEP_COMMA_PLUS>, B<XN_FLAG_SEP_CPLUS_SPC>,
-B<XN_FLAG_SEP_SPLUS_SPC> and B<XN_FLAG_SEP_MULTILINE> determine the field
-separators to use. Two distinct separators are used between distinct
-RelativeDistinguishedName components and separate values in the same RDN for a
-multi-valued RDN. Multi-valued RDNs are currently very rare so the second
-separator will hardly ever be used.
-
-B<XN_FLAG_SEP_COMMA_PLUS> uses comma and plus as separators.
-B<XN_FLAG_SEP_CPLUS_SPC> uses comma and plus with spaces: this is more readable
-that plain comma and plus.  B<XN_FLAG_SEP_SPLUS_SPC> uses spaced semicolon and
-plus. B<XN_FLAG_SEP_MULTILINE> uses spaced newline and plus respectively.
-
-If B<XN_FLAG_DN_REV> is set the whole DN is printed in reversed order.
-
-The fields B<XN_FLAG_FN_SN>, B<XN_FLAG_FN_LN>, B<XN_FLAG_FN_OID>,
-B<XN_FLAG_FN_NONE> determine how a field name is displayed. It will
-use the short name (e.g. CN) the long name (e.g. commonName) always
-use OID numerical form (normally OIDs are only used if the field name is not
-recognised) and no field name respectively.
-
-If B<XN_FLAG_SPC_EQ> is set then spaces will be placed around the '=' character
-separating field names and values.
-
-If B<XN_FLAG_DUMP_UNKNOWN_FIELDS> is set then the encoding of unknown fields is
-printed instead of the values.
-
-If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
-is only of use for multiline format.
-
-Additionally all the options supported by ASN1_STRING_print_ex() can be used to
-control how each field value is displayed.
-
-In addition a number options can be set for commonly used formats.
-
-B<XN_FLAG_RFC2253> sets options which produce an output compatible with RFC2253 it
-is equivalent to:
- B<ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS>
-
-
-B<XN_FLAG_ONELINE> is a more readable one line format which is the same as:
- B<ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN>
-
-B<XN_FLAG_MULTILINE> is a multiline format which is the same as:
- B<ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN>
-
-B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it
-calls X509_NAME_print() internally.
-
-=head1 SEE ALSO
-
-L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_error.pod b/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_error.pod
deleted file mode 100644
index 270b265ce5c..00000000000
--- a/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_error.pod
+++ /dev/null
@@ -1,323 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_STORE_CTX_get_error, X509_STORE_CTX_set_error,
-X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert,
-X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set
-certificate verification status information
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
- #include <openssl/x509_vfy.h>
-
- int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
- void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
- int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
- X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-
- STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
-
- const char *X509_verify_cert_error_string(long n);
-
-=head1 DESCRIPTION
-
-These functions are typically called after X509_verify_cert() has indicated
-an error or in a verification callback to determine the nature of an error.
-
-X509_STORE_CTX_get_error() returns the error code of B<ctx>, see
-the B<ERROR CODES> section for a full description of all error codes.
-
-X509_STORE_CTX_set_error() sets the error code of B<ctx> to B<s>. For example
-it might be used in a verification callback to set an error based on additional
-checks.
-
-X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
-non-negative integer representing where in the certificate chain the error
-occurred. If it is zero it occurred in the end entity certificate, one if
-it is the certificate which signed the end entity certificate and so on.
-
-X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
-caused the error or B<NULL> if no certificate is relevant.
-
-X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
-call to X509_verify_cert() is successful. If the call to X509_verify_cert()
-is B<not> successful the returned chain may be incomplete or invalid. The
-returned chain persists after the B<ctx> structure is freed, when it is
-no longer needed it should be free up using:
-
-  sk_X509_pop_free(chain, X509_free);
-
-X509_verify_cert_error_string() returns a human readable error string for
-verification error B<n>.
-
-=head1 RETURN VALUES
-
-X509_STORE_CTX_get_error() returns B<X509_V_OK> or an error code.
-
-X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
-
-X509_STORE_CTX_get_current_cert() returns the certificate which caused the
-error or B<NULL> if no certificate is relevant to the error.
-
-X509_verify_cert_error_string() returns a human readable error string for
-verification error B<n>.
-
-=head1 ERROR CODES
-
-A list of error codes and messages is shown below.  Some of the
-error codes are defined but currently never returned: these are described as
-"unused".
-
-=over 4
-
-=item B<X509_V_OK: ok>
-
-the operation was successful.
-
-=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
-
-the issuer certificate could not be found: this occurs if the issuer certificate
-of an untrusted certificate cannot be found.
-
-=item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
-
-the CRL of a certificate could not be found.
-
-=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt
-certificate's signature>
-
-the certificate signature could not be decrypted. This means that the actual
-signature value could not be determined rather than it not matching the
-expected value, this is only meaningful for RSA keys.
-
-=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's
-signature>
-
-the CRL signature could not be decrypted: this means that the actual signature
-value could not be determined rather than it not matching the expected value.
-Unused.
-
-=item B<X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer
-public key>
-
-the public key in the certificate SubjectPublicKeyInfo could not be read.
-
-=item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
-
-the signature of the certificate is invalid.
-
-=item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
-
-the certificate is not yet valid: the notBefore date is after the current time.
-
-=item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
-
-the certificate has expired: that is the notAfter date is before the current
-time.
-
-=item B<X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
-
-the CRL is not yet valid.
-
-=item B<X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
-
-the CRL has expired.
-
-=item B<X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in
-certificate's notBefore field>
-
-the certificate notBefore field contains an invalid time.
-
-=item B<X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's
-notAfter field>
-
-the certificate notAfter field contains an invalid time.
-
-=item B<X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's
-lastUpdate field>
-
-the CRL lastUpdate field contains an invalid time.
-
-=item B<X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's
-nextUpdate field>
-
-the CRL nextUpdate field contains an invalid time.
-
-=item B<X509_V_ERR_OUT_OF_MEM: out of memory>
-
-an error occurred trying to allocate memory. This should never happen.
-
-=item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
-
-the passed certificate is self signed and the same certificate cannot be found
-in the list of trusted certificates.
-
-=item B<X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in
-certificate chain>
-
-the certificate chain could be built up using the untrusted certificates but
-the root could not be found locally.
-
-=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local
-issuer certificate>
-
-the issuer certificate of a locally looked up certificate could not be found.
-This normally means the list of trusted certificates is not complete.
-
-=item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first
-certificate>
-
-no signatures could be verified because the chain contains only one certificate
-and it is not self signed.
-
-=item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
-
-the certificate chain length is greater than the supplied maximum depth. Unused.
-
-=item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
-
-the certificate has been revoked.
-
-=item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
-
-a CA certificate is invalid. Either it is not a CA or its extensions are not
-consistent with the supplied purpose.
-
-=item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
-
-the basicConstraints pathlength parameter has been exceeded.
-
-=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
-
-the supplied certificate cannot be used for the specified purpose.
-
-=item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
-
-the root CA is not marked as trusted for the specified purpose.
-
-=item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
-
-the root CA is marked to reject the specified purpose.
-
-=item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
-
-the current candidate issuer certificate was rejected because its subject name
-did not match the issuer name of the current certificate. This is only set
-if issuer check debugging is enabled it is used for status notification and
-is B<not> in itself an error.
-
-=item B<X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier
-mismatch>
-
-the current candidate issuer certificate was rejected because its subject key
-identifier was present and did not match the authority key identifier current
-certificate. This is only set if issuer check debugging is enabled it is used
-for status notification and is B<not> in itself an error.
-
-=item B<X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial
-number mismatch>
-
-the current candidate issuer certificate was rejected because its issuer name
-and serial number was present and did not match the authority key identifier of
-the current certificate. This is only set if issuer check debugging is enabled
-it is used for status notification and is B<not> in itself an error.
-
-=item B<X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate
-signing>
-
-the current candidate issuer certificate was rejected because its keyUsage
-extension does not permit certificate signing. This is only set if issuer check
-debugging is enabled it is used for status notification and is B<not> in itself
-an error.
-
-=item B<X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate
-extension>
-
-A certificate extension had an invalid value (for example an incorrect
-encoding) or some value inconsistent with other extensions.
-
-
-=item B<X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent
-certificate policy extension>
-
-A certificate policies extension had an invalid value (for example an incorrect
-encoding) or some value inconsistent with other extensions. This error only
-occurs if policy processing is enabled.
-
-=item B<X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
-
-The verification flags were set to require and explicit policy but none was
-present.
-
-=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
-
-The only CRLs that could be found did not match the scope of the certificate.
-
-=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
-
-Some feature of a certificate extension is not supported. Unused.
-
-=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
-
-A name constraint violation occurred in the permitted subtrees.
-
-=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
-
-A name constraint violation occurred in the excluded subtrees.
-
-=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not
-supported>
-
-A certificate name constraints extension included a minimum or maximum field:
-this is not supported.
-
-=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint
-type>
-
-An unsupported name constraint type was encountered. OpenSSL currently only
-supports directory name, DNS name, email and URI types.
-
-=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name
-constraint syntax>
-
-The format of the name constraint is not recognised: for example an email
-address format of a form not mentioned in RFC3280. This could be caused by
-a garbage extension or some new feature not currently supported.
-
-=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
-
-An error occurred when attempting to verify the CRL path. This error can only
-happen if extended CRL checking is enabled.
-
-=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
-
-an application specific error. This will never be returned unless explicitly
-set by an application.
-
-=back
-
-=head1 NOTES
-
-The above functions should be used instead of directly referencing the fields
-in the B<X509_VERIFY_CTX> structure.
-
-In versions of OpenSSL before 1.0 the current certificate returned by
-X509_STORE_CTX_get_current_cert() was never B<NULL>. Applications should
-check the return value before printing out any debugging information relating
-to the current certificate.
-
-If an unrecognised error code is passed to X509_verify_cert_error_string() the
-numerical value of the unknown code is returned in a static buffer. This is not
-thread safe but will never happen unless an invalid code is passed.
-
-=head1 SEE ALSO
-
-L<X509_verify_cert(3)|X509_verify_cert(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod b/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
deleted file mode 100644
index 25224cef1bf..00000000000
--- a/lib/libssl/src/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
+++ /dev/null
@@ -1,43 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data,
-X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX
-structures
-
-=head1 SYNOPSIS
-
- #include <openssl/x509_vfy.h>
-
- int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
-		CRYPTO_EX_new *new_func,
-		CRYPTO_EX_dup *dup_func,
-		CRYPTO_EX_free *free_func);
-
- int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
-
- void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
-
-=head1 DESCRIPTION
-
-These functions handle application specific data in X509_STORE_CTX structures.
-Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
-and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
-
-=head1 NOTES
-
-This mechanism is used internally by the B<ssl> library to store the B<SSL>
-structure associated with a verification operation in an B<X509_STORE_CTX>
-structure.
-
-=head1 SEE ALSO
-
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
-
-=head1 HISTORY
-
-X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
-X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_STORE_CTX_new.pod b/lib/libssl/src/doc/crypto/X509_STORE_CTX_new.pod
deleted file mode 100644
index 66c0da04d25..00000000000
--- a/lib/libssl/src/doc/crypto/X509_STORE_CTX_new.pod
+++ /dev/null
@@ -1,126 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free,
-X509_STORE_CTX_init, X509_STORE_CTX_trusted_stack, X509_STORE_CTX_set_cert,
-X509_STORE_CTX_set_chain, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_param,
-X509_STORE_CTX_set0_param, X509_STORE_CTX_set_default - X509_STORE_CTX
-initialisation
-
-=head1 SYNOPSIS
-
- #include <openssl/x509_vfy.h>
-
- X509_STORE_CTX *X509_STORE_CTX_new(void);
- void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
- void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
-
- int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
-			 X509 *x509, STACK_OF(X509) *chain);
-
- void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
-
- void	X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
- void	X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx,STACK_OF(X509) *sk);
- void	X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
-
- X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
- void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
- int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
-
-=head1 DESCRIPTION
-
-These functions initialise an B<X509_STORE_CTX> structure for subsequent use
-by X509_verify_cert().
-
-X509_STORE_CTX_new() returns a newly initialised B<X509_STORE_CTX> structure.
-
-X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
-The context can then be reused with an new call to X509_STORE_CTX_init().
-
-X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
-is no longer valid.
-
-X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
-The trusted certificate store is set to B<store>, the end entity certificate
-to be verified is set to B<x509> and a set of additional certificates (which
-will be untrusted but may be used to build the chain) in B<chain>. Any or
-all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
-
-X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
-to B<sk>. This is an alternative way of specifying trusted certificates
-instead of using an B<X509_STORE>.
-
-X509_STORE_CTX_set_cert() sets the certificate to be verified in B<ctx> to
-B<x>.
-
-X509_STORE_CTX_set_chain() sets the additional certificate chain used by B<ctx>
-to B<sk>.
-
-X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate
-verification to B<sk>. These CRLs will only be used if CRL verification is
-enabled in the associated B<X509_VERIFY_PARAM> structure. This might be
-used where additional "useful" CRLs are supplied as part of a protocol,
-for example in a PKCS#7 structure.
-
-X509_VERIFY_PARAM *X509_STORE_CTX_get0_param() retrieves an internal pointer
-to the verification parameters associated with B<ctx>.
-
-X509_STORE_CTX_set0_param() sets the internal verification parameter pointer
-to B<param>. After this call B<param> should not be used.
-
-X509_STORE_CTX_set_default() looks up and sets the default verification
-method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
-find an appropriate set of parameters from B<name>.
-
-=head1 NOTES
-
-The certificates and CRLs in a store are used internally and should B<not>
-be freed up until after the associated B<X509_STORE_CTX> is freed. Legacy
-applications might implicitly use an B<X509_STORE_CTX> like this:
-
-  X509_STORE_CTX ctx;
-  X509_STORE_CTX_init(&ctx, store, cert, chain);
-
-this is B<not> recommended in new applications they should instead do:
-
-  X509_STORE_CTX *ctx;
-  ctx = X509_STORE_CTX_new();
-  if (ctx == NULL)
-	/* Bad error */
-  X509_STORE_CTX_init(ctx, store, cert, chain);
-
-=head1 BUGS
-
-The certificates and CRLs in a context are used internally and should B<not>
-be freed up until after the associated B<X509_STORE_CTX> is freed. Copies
-should be made or reference counts increased instead.
-
-=head1 RETURN VALUES
-
-X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
-error occurred.
-
-X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.
-
-X509_STORE_CTX_get0_param() returns a pointer to an B<X509_VERIFY_PARAM>
-structure or B<NULL> if an error occurred.
-
-X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_trusted_stack(),
-X509_STORE_CTX_set_cert(), X509_STORE_CTX_set_chain(),
-X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return
-values.
-
-X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
-
-=head1 SEE ALSO
-
-L<X509_verify_cert(3)|X509_verify_cert(3)>
-L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
-
-=head1 HISTORY
-
-X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/lib/libssl/src/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
deleted file mode 100644
index 7dfe430c4c7..00000000000
--- a/lib/libssl/src/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
+++ /dev/null
@@ -1,165 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_STORE_CTX_set_verify_cb - set verification callback
-
-=head1 SYNOPSIS
-
- #include <openssl/x509_vfy.h>
-
- void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
-				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
-
-=head1 DESCRIPTION
-
-X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
-B<verify_cb> overwriting any existing callback.
-
-The verification callback can be used to customise the operation of certificate
-verification, either by overriding error conditions or logging errors for
-debugging purposes.
-
-However a verification callback is B<not> essential and the default operation
-is often sufficient.
-
-The B<ok> parameter to the callback indicates the value the callback should
-return to retain the default behaviour. If it is zero then and error condition
-is indicated. If it is 1 then no error occurred. If the flag
-B<X509_V_FLAG_NOTIFY_POLICY> is set then B<ok> is set to 2 to indicate the
-policy checking is complete.
-
-The B<ctx> parameter to the callback is the B<X509_STORE_CTX> structure that
-is performing the verification operation. A callback can examine this
-structure and receive additional information about the error, for example
-by calling X509_STORE_CTX_get_current_cert(). Additional application data can
-be passed to the callback via the B<ex_data> mechanism.
-
-=head1 WARNING
-
-In general a verification callback should B<NOT> unconditionally return 1 in
-all circumstances because this will allow verification to succeed no matter
-what the error. This effectively removes all security from the application
-because B<any> certificate (including untrusted generated ones) will be
-accepted.
-
-=head1 NOTES
-
-The verification callback can be set and inherited from the parent structure
-performing the operation. In some cases (such as S/MIME verification) the
-B<X509_STORE_CTX> structure is created and destroyed internally and the
-only way to set a custom verification callback is by inheriting it from the
-associated B<X509_STORE>.
-
-=head1 RETURN VALUES
-
-X509_STORE_CTX_set_verify_cb() does not return a value.
-
-=head1 EXAMPLES
-
-Default callback operation:
-
- int
- verify_callback(int ok, X509_STORE_CTX *ctx)
- {
-	return ok;
- }
-
-Simple example, suppose a certificate in the chain is expired and we wish
-to continue after this error:
-
- int
- verify_callback(int ok, X509_STORE_CTX *ctx)
- {
-	/* Tolerate certificate expiration */
-	if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
-		return 1;
-	/* Otherwise don't override */
-	return ok;
- }
-
-More complex example, we don't wish to continue after B<any> certificate has
-expired just one specific case:
-
- int
- verify_callback(int ok, X509_STORE_CTX *ctx)
- {
-	int err = X509_STORE_CTX_get_error(ctx);
-	X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
-
-	if (err == X509_V_ERR_CERT_HAS_EXPIRED) {
-		if (check_is_acceptable_expired_cert(err_cert)
-			return 1;
-	}
-	return ok;
- }
-
-Full featured logging callback. In this case the B<bio_err> is assumed to be
-a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
-B<ex_data>.
-
- int
- verify_callback(int ok, X509_STORE_CTX *ctx)
- {
-	X509 *err_cert;
-	int err,depth;
-
-	err_cert = X509_STORE_CTX_get_current_cert(ctx);
-	err =	X509_STORE_CTX_get_error(ctx);
-	depth =	X509_STORE_CTX_get_error_depth(ctx);
-
-	BIO_printf(bio_err,"depth=%d ",depth);
-	if (err_cert) {
-		X509_NAME_print_ex(bio_err,
-		    X509_get_subject_name(err_cert), 0,
-		    XN_FLAG_ONELINE);
-		BIO_puts(bio_err, "\n");
-	} else
-		BIO_puts(bio_err, "<no cert>\n");
-	if (!ok)
-		BIO_printf(bio_err, "verify error:num=%d:%s\n",
-		    err, X509_verify_cert_error_string(err));
-	switch (err) {
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-		BIO_puts(bio_err, "issuer= ");
-		X509_NAME_print_ex(bio_err,
-		    X509_get_issuer_name(err_cert), 0,
-		    XN_FLAG_ONELINE);
-		BIO_puts(bio_err, "\n");
-		break;
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-		BIO_printf(bio_err, "notBefore=");
-		ASN1_TIME_print(bio_err,
-		    X509_get_notBefore(err_cert));
-		BIO_printf(bio_err, "\n");
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-		BIO_printf(bio_err, "notAfter=");
-		ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
-		BIO_printf(bio_err, "\n");
-		break;
-	case X509_V_ERR_NO_EXPLICIT_POLICY:
-		policies_print(bio_err, ctx);
-		break;
-	}
-	if (err == X509_V_OK && ok == 2)
-		/* print out policies */
-
-	BIO_printf(bio_err,"verify return:%d\n",ok);
-	return(ok);
- }
-
-=head1 SEE ALSO
-
-L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
-L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
-L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
-
-=head1 HISTORY
-
-X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
-OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_STORE_set_verify_cb_func.pod b/lib/libssl/src/doc/crypto/X509_STORE_set_verify_cb_func.pod
deleted file mode 100644
index f9602b3e77b..00000000000
--- a/lib/libssl/src/doc/crypto/X509_STORE_set_verify_cb_func.pod
+++ /dev/null
@@ -1,55 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification
-callback
-
-=head1 SYNOPSIS
-
- #include <openssl/x509_vfy.h>
-
- void X509_STORE_set_verify_cb(X509_STORE *st,
-				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
-
- void X509_STORE_set_verify_cb_func(X509_STORE *st,
-				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
-
-=head1 DESCRIPTION
-
-X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
-B<verify_cb> overwriting any existing callback.
-
-X509_STORE_set_verify_cb_func() also sets the verification callback but it
-is implemented as a macro.
-
-=head1 NOTES
-
-The verification callback from an B<X509_STORE> is inherited by
-the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
-be used to set the verification callback when the B<X509_STORE_CTX> is
-otherwise inaccessible (for example during S/MIME verification).
-
-=head1 BUGS
-
-The macro version of this function was the only one available before
-OpenSSL 1.0.0.
-
-=head1 RETURN VALUES
-
-X509_STORE_set_verify_cb() and X509_STORE_set_verify_cb_func() do not return
-a value.
-
-=head1 SEE ALSO
-
-L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
-L<CMS_verify(3)|CMS_verify(3)>
-
-=head1 HISTORY
-
-X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
-OpenSSL.
-
-X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/lib/libssl/src/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
deleted file mode 100644
index 6c88aec49eb..00000000000
--- a/lib/libssl/src/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+++ /dev/null
@@ -1,172 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags,
-X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose,
-X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth,
-X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time,
-X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies - X509
-verification parameters
-
-=head1 SYNOPSIS
-
- #include <openssl/x509_vfy.h>
-
- int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
- int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
-							unsigned long flags);
- unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
-
- int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
- int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
-
- void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
-
- int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
-						ASN1_OBJECT *policy);
- int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
-					STACK_OF(ASN1_OBJECT) *policies);
-
- void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
- int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
-
-=head1 DESCRIPTION
-
-These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
-a certificate verification operation.
-
-The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
-it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
-description of values the B<flags> parameter can take.
-
-X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
-
-X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
-
-X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
-to B<purpose>. This determines the acceptable purpose of the certificate
-chain, for example SSL client or SSL server.
-
-X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to
-B<trust>.
-
-X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
-B<t>. Normally the current time is used.
-
-X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
-by default) and adds B<policy> to the acceptable policy set.
-
-X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
-by default) and sets the acceptable policy set to B<policies>. Any existing
-policy set is cleared. The B<policies> parameter can be B<NULL> to clear
-an existing policy set.
-
-X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
-That is the maximum number of untrusted CA certificates that can appear in a
-chain.
-
-=head1 RETURN VALUES
-
-X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
-X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
-X509_VERIFY_PARAM_add0_policy() and X509_VERIFY_PARAM_set1_policies() return 1
-for success and 0 for failure.
-
-X509_VERIFY_PARAM_get_flags() returns the current verification flags.
-
-X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
-values.
-
-X509_VERIFY_PARAM_get_depth() returns the current verification depth.
-
-=head1 VERIFICATION FLAGS
-
-The verification flags consists of zero or more of the following flags
-ored together.
-
-B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
-certificate. An error occurs if a suitable CRL cannot be found.
-
-B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
-chain.
-
-B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
-any unhandled critical extensions in certificates or (if checked) CRLs results
-in a fatal error. If this flag is set unhandled critical extensions are
-ignored. B<WARNING> setting this option for anything other than debugging
-purposes can be a security risk. Finer control over which extensions are
-supported can be performed in the verification callback.
-
-THe B<X509_V_FLAG_X509_STRICT> flag disables workarounds for some broken
-certificates and makes the verification strictly apply B<X509> rules.
-
-B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
-
-B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
-no policy checking is performed. Additional information is sent to the
-verification callback relating to policy checking.
-
-B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
-B<X509_V_FLAG_INHIBIT_MAP> set the B<require explicit policy>, B<inhibit any
-policy> and B<inhibit policy mapping> flags respectively as defined in
-B<RFC3280>. Policy checking is automatically enabled if any of these flags
-are set.
-
-If B<X509_V_FLAG_NOTIFY_POLICY> is set and the policy checking is successful
-a special status code is set to the verification callback. This permits it
-to examine the valid policy tree and perform additional checks or simply
-log it for debugging purposes.
-
-By default some additional features such as indirect CRLs and CRLs signed by
-different keys are disabled. If B<X509_V_FLAG_EXTENDED_CRL_SUPPORT> is set
-they are enabled.
-
-If B<X509_V_FLAG_USE_DELTAS> ise set delta CRLs (if present) are used to
-determine certificate status. If not set deltas are ignored.
-
-B<X509_V_FLAG_CHECK_SS_SIGNATURE> enables checking of the root CA self signed
-certificate signature. By default this check is disabled because it doesn't
-add any additional security but in some cases applications might want to
-check the signature anyway. A side effect of not checking the root CA
-signature is that disabled or unsupported message digests on the root CA
-are not treated as fatal errors.
-
-The B<X509_V_FLAG_CB_ISSUER_CHECK> flag enables debugging of certificate
-issuer checks. It is B<not> needed unless you are logging certificate
-verification. If this flag is set then additional status codes will be sent
-to the verification callback and it B<must> be prepared to handle such cases
-without assuming they are hard errors.
-
-=head1 NOTES
-
-The above functions should be used to manipulate verification parameters
-instead of legacy functions which work in specific structures such as
-X509_STORE_CTX_set_flags().
-
-=head1 BUGS
-
-Delta CRL checking is currently primitive. Only a single delta can be used and
-(partly due to limitations of B<X509_STORE>) constructed CRLs are not
-maintained.
-
-If CRLs checking is enable CRLs are expected to be available in the
-corresponding B<X509_STORE> structure. No attempt is made to download
-CRLs from the CRL distribution points extension.
-
-=head1 EXAMPLE
-
-Enable CRL checking when performing certificate verification during SSL
-connections associated with an B<SSL_CTX> structure B<ctx>:
-
-  X509_VERIFY_PARAM *param;
-  param = X509_VERIFY_PARAM_new();
-  X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
-  SSL_CTX_set1_param(ctx, param);
-  X509_VERIFY_PARAM_free(param);
-
-=head1 SEE ALSO
-
-L<X509_verify_cert(3)|X509_verify_cert(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_new.pod b/lib/libssl/src/doc/crypto/X509_new.pod
deleted file mode 100644
index a36808b825c..00000000000
--- a/lib/libssl/src/doc/crypto/X509_new.pod
+++ /dev/null
@@ -1,38 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_new, X509_free - X509 certificate ASN1 allocation functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509 *X509_new(void);
- void X509_free(X509 *a);
-
-=head1 DESCRIPTION
-
-The X509 ASN1 allocation routines, allocate and free an
-X509 structure, which represents an X509 certificate.
-
-X509_new() allocates and initializes a X509 structure.
-
-X509_free() frees up the B<X509> structure B<a>.
-If B<a> is a B<NULL> pointer, no action occurs.
-
-=head1 RETURN VALUES
-
-If the allocation fails, X509_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-Otherwise it returns a pointer to the newly allocated structure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509(3)|d2i_X509(3)>
-
-=head1 HISTORY
-
-X509_new() and X509_free() are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/X509_verify_cert.pod b/lib/libssl/src/doc/crypto/X509_verify_cert.pod
deleted file mode 100644
index f05edd83338..00000000000
--- a/lib/libssl/src/doc/crypto/X509_verify_cert.pod
+++ /dev/null
@@ -1,53 +0,0 @@
-=pod
-
-=head1 NAME
-
-X509_verify_cert - discover and verify X509 certificate chain
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- int X509_verify_cert(X509_STORE_CTX *ctx);
-
-=head1 DESCRIPTION
-
-The X509_verify_cert() function attempts to discover and validate a
-certificate chain based on parameters in B<ctx>. A complete description of
-the process is contained in the L<verify(1)|verify(1)> manual page.
-
-=head1 RETURN VALUES
-
-If a complete chain can be built and validated this function returns 1,
-otherwise it return zero, in exceptional circumstances it can also
-return a negative code.
-
-If the function fails additional error information can be obtained by
-examining B<ctx> using, for example X509_STORE_CTX_get_error().
-
-=head1 NOTES
-
-Applications rarely call this function directly but it is used by
-OpenSSL internally for certificate validation, in both the S/MIME and
-SSL/TLS code.
-
-The negative return value from X509_verify_cert() can only occur if no
-certificate is set in B<ctx> (due to a programming error) or if a retry
-operation is requested during internal lookups (which never happens with
-standard lookup methods). It is however recommended that application check
-for <= 0 return value on error.
-
-=head1 BUGS
-
-This function uses the header B<x509.h> as opposed to most chain verification
-functions which use B<x509_vfy.h>.
-
-=head1 SEE ALSO
-
-L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
-
-=head1 HISTORY
-
-X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/bn.pod b/lib/libssl/src/doc/crypto/bn.pod
deleted file mode 100644
index b3ad63320a1..00000000000
--- a/lib/libssl/src/doc/crypto/bn.pod
+++ /dev/null
@@ -1,181 +0,0 @@
-=pod
-
-=head1 NAME
-
-bn - multiprecision integer arithmetics
-
-=head1 SYNOPSIS
-
- #include <openssl/bn.h>
-
- BIGNUM *BN_new(void);
- void BN_free(BIGNUM *a);
- void BN_init(BIGNUM *);
- void BN_clear(BIGNUM *a);
- void BN_clear_free(BIGNUM *a);
-
- BN_CTX *BN_CTX_new(void);
- void BN_CTX_init(BN_CTX *c);
- void BN_CTX_free(BN_CTX *c);
-
- BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
- BIGNUM *BN_dup(const BIGNUM *a);
-
- BIGNUM *BN_swap(BIGNUM *a, BIGNUM *b);
-
- int BN_num_bytes(const BIGNUM *a);
- int BN_num_bits(const BIGNUM *a);
- int BN_num_bits_word(BN_ULONG w);
-
- void BN_set_negative(BIGNUM *a, int n);
- int  BN_is_negative(const BIGNUM *a);
-
- int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
- int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
- int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
- int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
-         BN_CTX *ctx);
- int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_nnmod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_add(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_sub(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
-         BN_CTX *ctx);
- int BN_mod_sqr(BIGNUM *ret, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
- int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
- int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
-         const BIGNUM *m, BN_CTX *ctx);
- int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
-
- int BN_add_word(BIGNUM *a, BN_ULONG w);
- int BN_sub_word(BIGNUM *a, BN_ULONG w);
- int BN_mul_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
- BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
-
- int BN_cmp(BIGNUM *a, BIGNUM *b);
- int BN_ucmp(BIGNUM *a, BIGNUM *b);
- int BN_is_zero(BIGNUM *a);
- int BN_is_one(BIGNUM *a);
- int BN_is_word(BIGNUM *a, BN_ULONG w);
- int BN_is_odd(BIGNUM *a);
-
- int BN_zero(BIGNUM *a);
- int BN_one(BIGNUM *a);
- const BIGNUM *BN_value_one(void);
- int BN_set_word(BIGNUM *a, unsigned long w);
- unsigned long BN_get_word(BIGNUM *a);
-
- int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
- int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
- int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
-
- BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
-         BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
- int BN_is_prime(const BIGNUM *p, int nchecks,
-         void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
-
- int BN_set_bit(BIGNUM *a, int n);
- int BN_clear_bit(BIGNUM *a, int n);
- int BN_is_bit_set(const BIGNUM *a, int n);
- int BN_mask_bits(BIGNUM *a, int n);
- int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
- int BN_lshift1(BIGNUM *r, BIGNUM *a);
- int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
- int BN_rshift1(BIGNUM *r, BIGNUM *a);
-
- int BN_bn2bin(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
- char *BN_bn2hex(const BIGNUM *a);
- char *BN_bn2dec(const BIGNUM *a);
- int BN_hex2bn(BIGNUM **a, const char *str);
- int BN_dec2bn(BIGNUM **a, const char *str);
- int BN_print(BIO *fp, const BIGNUM *a);
- int BN_print_fp(FILE *fp, const BIGNUM *a);
- int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
- BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
-
- BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
-     BN_CTX *ctx);
-
- BN_RECP_CTX *BN_RECP_CTX_new(void);
- void BN_RECP_CTX_init(BN_RECP_CTX *recp);
- void BN_RECP_CTX_free(BN_RECP_CTX *recp);
- int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
- int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-        BN_RECP_CTX *recp, BN_CTX *ctx);
-
- BN_MONT_CTX *BN_MONT_CTX_new(void);
- void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
- void BN_MONT_CTX_free(BN_MONT_CTX *mont);
- int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
- BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
- int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
-         BN_MONT_CTX *mont, BN_CTX *ctx);
- int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
- int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
-         BN_CTX *ctx);
-
- BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
-	BIGNUM *mod);
- void BN_BLINDING_free(BN_BLINDING *b);
- int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
- int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
- int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
- int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
-	BN_CTX *ctx);
- int BN_BLINDING_invert_ex(BIGNUM *n,const BIGNUM *r,BN_BLINDING *b,
-	BN_CTX *ctx);
- unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
- void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
- unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
- void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
- BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
-	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
-	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
-			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
-	BN_MONT_CTX *m_ctx);
-
-=head1 DESCRIPTION
-
-This library performs arithmetic operations on integers of arbitrary
-size. It was written for use in public key cryptography, such as RSA
-and Diffie-Hellman.
-
-It uses dynamic memory allocation for storing its data structures.
-That means that there is no limit on the size of the numbers
-manipulated by these functions, but return values must always be
-checked in case a memory allocation error has occurred.
-
-The basic object in this library is a B<BIGNUM>. It is used to hold a
-single large integer. This type should be considered opaque and fields
-should not be modified or accessed directly.
-
-The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
-L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
-Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
-describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
-random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
-numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
-of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
-
-=head1 SEE ALSO
-
-L<bn_dump(3)|bn_dump(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<BN_new(3)|BN_new(3)>,
-L<BN_CTX_new(3)|BN_CTX_new(3)>, L<BN_copy(3)|BN_copy(3)>,
-L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
-L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
-L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
-L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>,
-L<BN_BLINDING_new(3)|BN_BLINDING_new(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_ASN1_OBJECT.pod b/lib/libssl/src/doc/crypto/d2i_ASN1_OBJECT.pod
deleted file mode 100644
index b2712dc55c6..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_ASN1_OBJECT.pod
+++ /dev/null
@@ -1,25 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_ASN1_OBJECT, i2d_ASN1_OBJECT - ASN1 OBJECT IDENTIFIER functions
-
-=head1 SYNOPSIS
-
- #include <openssl/objects.h>
-
- ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, long length);
- int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an ASN1 OBJECT IDENTIFIER.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_DHparams.pod b/lib/libssl/src/doc/crypto/d2i_DHparams.pod
deleted file mode 100644
index 9f1aac9137a..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_DHparams.pod
+++ /dev/null
@@ -1,26 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
-
- DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
- int i2d_DHparams(DH *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode PKCS#3 DH parameters using the
-DHparameter structure described in PKCS#3.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_DSAPublicKey.pod b/lib/libssl/src/doc/crypto/d2i_DSAPublicKey.pod
deleted file mode 100644
index 10c49e3ad28..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_DSAPublicKey.pod
+++ /dev/null
@@ -1,79 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_DSAPublicKey, i2d_DSAPublicKey, d2i_DSAPrivateKey, i2d_DSAPrivateKey,
-d2i_DSA_PUBKEY, i2d_DSA_PUBKEY, d2i_DSAparams, i2d_DSAparams, d2i_DSA_SIG, i2d_DSA_SIG - DSA key encoding
-and parsing functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/x509.h>
-
- DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
-
- int i2d_DSAparams(const DSA *a, unsigned char **pp);
-
- DSA * d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length);
-
- int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key
-components structure.
-
-d2i_DSA_PUBKEY() and i2d_DSA_PUBKEY() decode and encode an DSA public key using
-a SubjectPublicKeyInfo (certificate public key) structure.
-
-d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key
-components.
-
-d2i_DSAparams(), i2d_DSAparams() decode and encode the DSA parameters using
-a B<Dss-Parms> structure as defined in RFC2459.
-
-d2i_DSA_SIG(), i2d_DSA_SIG() decode and encode a DSA signature using a
-B<Dss-Sig-Value> structure as defined in RFC2459.
-
-The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 NOTES
-
-The B<DSA> structure passed to the private key encoding functions should have
-all the private key components present.
-
-The data encoded by the private key functions is unencrypted and therefore
-offers no private key security.
-
-The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
-functions when encoding public keys because they use a standard format.
-
-The B<DSAPublicKey> functions use an non standard format the actual data encoded
-depends on the value of the B<write_params> field of the B<a> key parameter.
-If B<write_params> is zero then only the B<pub_key> field is encoded as an
-B<INTEGER>. If B<write_params> is 1 then a B<SEQUENCE> consisting of the
-B<p>, B<q>, B<g> and B<pub_key> respectively fields are encoded.
-
-The B<DSAPrivateKey> functions also use a non standard structure consisting
-consisting of a SEQUENCE containing the B<p>, B<q>, B<g> and B<pub_key> and
-B<priv_key> fields respectively.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_ECPKParameters.pod b/lib/libssl/src/doc/crypto/d2i_ECPKParameters.pod
deleted file mode 100644
index 704b4ab3528..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_ECPKParameters.pod
+++ /dev/null
@@ -1,84 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_ECPKParameters, i2d_ECPKParameters, d2i_ECPKParameters_bio, i2d_ECPKParameters_bio, d2i_ECPKParameters_fp, i2d_ECPKParameters_fp, ECPKParameters_print, ECPKParameters_print_fp - Functions for decoding and encoding ASN1 representations of elliptic curve entities
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
-
- EC_GROUP *d2i_ECPKParameters(EC_GROUP **px, const unsigned char **in, long len);
- int i2d_ECPKParameters(const EC_GROUP *x, unsigned char **out);
- #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
- #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
- #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
-                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
- #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
-		(unsigned char *)(x))
- int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
- int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-
-
-=head1 DESCRIPTION
-
-The ECPKParameters encode and decode routines encode and parse the public parameters for an
-B<EC_GROUP> structure, which represents a curve.
-
-d2i_ECPKParameters() attempts to decode B<len> bytes at B<*in>. If 
-successful a pointer to the B<EC_GROUP> structure is returned. If an error
-occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
-returned structure is written to B<*px>. If B<*px> is not B<NULL>
-then it is assumed that B<*px> contains a valid B<EC_GROUP>
-structure and an attempt is made to reuse it. If the call is
-successful B<*in> is incremented to the byte following the
-parsed data.
-
-i2d_ECPKParameters() encodes the structure pointed to by B<x> into DER format.
-If B<out> is not B<NULL> is writes the DER encoded data to the buffer
-at B<*out>, and increments it to point after the data just written.
-If the return value is negative an error occurred, otherwise it
-returns the length of the encoded data. 
-
-If B<*out> is B<NULL> memory will be allocated for a buffer and the encoded
-data written to it. In this case B<*out> is not incremented and it points to
-the start of the data just written.
-
-d2i_ECPKParameters_bio() is similar to d2i_ECPKParameters() except it attempts
-to parse data from BIO B<bp>.
-
-d2i_ECPKParameters_fp() is similar to d2i_ECPKParameters() except it attempts
-to parse data from FILE pointer B<fp>.
-
-i2d_ECPKParameters_bio() is similar to i2d_ECPKParameters() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-i2d_ECPKParameters_fp() is similar to i2d_ECPKParameters() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-These functions are very similar to the X509 functions described in L<d2i_X509(3)|d2i_X509(3)>,
-where further notes and examples are available.
-
-The ECPKParameters_print and ECPKParameters_print_fp functions print a human-readable output
-of the public parameters of the EC_GROUP to B<bp> or B<fp>. The output lines are indented by B<off> spaces.
-
-=head1 RETURN VALUES
-
-d2i_ECPKParameters(), d2i_ECPKParameters_bio() and d2i_ECPKParameters_fp() return a valid B<EC_GROUP> structure
-or B<NULL> if an error occurs.
-
-i2d_ECPKParameters() returns the number of bytes successfully encoded or a negative
-value if an error occurs.
-
-i2d_ECPKParameters_bio(), i2d_ECPKParameters_fp(), ECPKParameters_print and ECPKParameters_print_fp
-return 1 for success and 0 if an error occurs. 
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod b/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod
deleted file mode 100644
index 11515d0acec..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_RSAPublicKey.pod
+++ /dev/null
@@ -1,63 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey,
-d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA,
-d2i_Netscape_RSA - RSA public and private key encoding functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
- #include <openssl/x509.h>
-
- RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length);
-
- int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
-
- RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
-
- int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
-
- RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length);
-
- int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
-
- int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
-
- RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
-
-=head1 DESCRIPTION
-
-d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1
-RSAPublicKey structure.
-
-d2i_RSA_PUBKEY() and i2d_RSA_PUBKEY() decode and encode an RSA public key using
-a SubjectPublicKeyInfo (certificate public key) structure.
-
-d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1
-RSAPrivateKey structure.
-
-d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in
-NET format.
-
-The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 NOTES
-
-The B<RSA> structure passed to the private key encoding functions should have
-all the PKCS#1 private key components present.
-
-The data encoded by the private key functions is unencrypted and therefore
-offers no private key security.
-
-The NET format functions are present to provide compatibility with certain very
-old software. This format has some severe security weaknesses and should be
-avoided if possible.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509.pod b/lib/libssl/src/doc/crypto/d2i_X509.pod
deleted file mode 100644
index fad4e8c35ba..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509.pod
+++ /dev/null
@@ -1,231 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio,
-i2d_X509_fp - X509 encode and decode functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509 *d2i_X509(X509 **px, const unsigned char **in, int len);
- int i2d_X509(X509 *x, unsigned char **out);
-
- X509 *d2i_X509_bio(BIO *bp, X509 **x);
- X509 *d2i_X509_fp(FILE *fp, X509 **x);
-
- int i2d_X509_bio(BIO *bp, X509 *x);
- int i2d_X509_fp(FILE *fp, X509 *x);
-
-=head1 DESCRIPTION
-
-The X509 encode and decode routines encode and parse an
-B<X509> structure, which represents an X509 certificate.
-
-d2i_X509() attempts to decode B<len> bytes at B<*in>. If
-successful a pointer to the B<X509> structure is returned. If an error
-occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
-returned structure is written to B<*px>. If B<*px> is not B<NULL>
-then it is assumed that B<*px> contains a valid B<X509>
-structure and an attempt is made to reuse it. If the call is
-successful B<*in> is incremented to the byte following the
-parsed data.
-
-i2d_X509() encodes the structure pointed to by B<x> into DER format.
-If B<out> is not B<NULL> is writes the DER encoded data to the buffer
-at B<*out>, and increments it to point after the data just written.
-If the return value is negative an error occurred, otherwise it
-returns the length of the encoded data.
-
-For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
-allocated for a buffer and the encoded data written to it. In this
-case B<*out> is not incremented and it points to the start of the
-data just written.
-
-d2i_X509_bio() is similar to d2i_X509() except it attempts
-to parse data from BIO B<bp>.
-
-d2i_X509_fp() is similar to d2i_X509() except it attempts
-to parse data from FILE pointer B<fp>.
-
-i2d_X509_bio() is similar to i2d_X509() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-i2d_X509_fp() is similar to i2d_X509() except it writes
-the encoding of the structure B<x> to BIO B<bp> and it
-returns 1 for success and 0 for failure.
-
-=head1 NOTES
-
-The letters B<i> and B<d> in for example B<i2d_X509> stand for
-"internal" (that is an internal C structure) and "DER". So that
-B<i2d_X509> converts from internal to DER.
-
-The functions can also understand B<BER> forms.
-
-The actual X509 structure passed to i2d_X509() must be a valid
-populated B<X509> structure it can B<not> simply be fed with an
-empty structure such as that returned by X509_new().
-
-The encoded data is in binary form and may contain embedded zeroes.
-Therefore any FILE pointers or BIOs should be opened in binary mode.
-Functions such as B<strlen()> will B<not> return the correct length
-of the encoded structure.
-
-The ways that B<*in> and B<*out> are incremented after the operation
-can trap the unwary. See the B<WARNINGS> section for some common
-errors.
-
-The reason for the auto increment behaviour is to reflect a typical
-usage of ASN1 functions: after one structure is encoded or decoded
-another will processed after it.
-
-=head1 EXAMPLES
-
-Allocate and encode the DER encoding of an X509 structure:
-
- int len;
- unsigned char *buf, *p;
-
- len = i2d_X509(x, NULL);
-
- buf = malloc(len);
-
- if (buf == NULL)
-	/* error */
-
- p = buf;
-
- i2d_X509(x, &p);
-
-If you are using OpenSSL 0.9.7 or later then this can be
-simplified to:
-
-
- int len;
- unsigned char *buf;
-
- buf = NULL;
-
- len = i2d_X509(x, &buf);
-
- if (len < 0)
-	/* error */
-
-Attempt to decode a buffer:
-
- X509 *x;
-
- unsigned char *buf, *p;
-
- int len;
-
- /* Something to setup buf and len */
-
- p = buf;
-
- x = d2i_X509(NULL, &p, len);
-
- if (x == NULL)
-    /* Some error */
-
-Alternative technique:
-
- X509 *x;
-
- unsigned char *buf, *p;
-
- int len;
-
- /* Something to setup buf and len */
-
- p = buf;
-
- x = NULL;
-
- if(!d2i_X509(&x, &p, len))
-    /* Some error */
-
-
-=head1 WARNINGS
-
-The use of temporary variable is mandatory. A common
-mistake is to attempt to use a buffer directly as follows:
-
- int len;
- unsigned char *buf;
-
- len = i2d_X509(x, NULL);
-
- buf = malloc(len);
-
- if (buf == NULL)
-	/* error */
-
- i2d_X509(x, &buf);
-
- /* Other stuff ... */
-
- free(buf);
-
-This code will result in B<buf> apparently containing garbage because
-it was incremented after the call to point after the data just written.
-Also B<buf> will no longer contain the pointer allocated by B<malloc()>
-and the subsequent call to B<free()> may well crash.
-
-The auto allocation feature (setting buf to NULL) only works on OpenSSL
-0.9.7 and later. Attempts to use it on earlier versions will typically
-cause a segmentation violation.
-
-Another trap to avoid is misuse of the B<xp> argument to B<d2i_X509()>:
-
- X509 *x;
-
- if (!d2i_X509(&x, &p, len))
-	/* Some error */
-
-This will probably crash somewhere in B<d2i_X509()>. The reason for this
-is that the variable B<x> is uninitialized and an attempt will be made to
-interpret its (invalid) value as an B<X509> structure, typically causing
-a segmentation violation. If B<x> is set to NULL first then this will not
-happen.
-
-=head1 BUGS
-
-In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when
-B<*px> is valid is broken and some parts of the reused structure may
-persist if they are not present in the new one. As a result the use
-of this "reuse" behaviour is strongly discouraged.
-
-i2d_X509() will not return an error in many versions of OpenSSL,
-if mandatory fields are not initialized due to a programming error
-then the encoded structure may contain invalid data or omit the
-fields entirely and will not be parsed by d2i_X509(). This may be
-fixed in future so code should not assume that i2d_X509() will
-always succeed.
-
-=head1 RETURN VALUES
-
-d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
-or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-i2d_X509() returns the number of bytes successfully encoded or a negative
-value if an error occurs. The error code can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
-
-i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error
-occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>
-
-=head1 HISTORY
-
-d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio and i2d_X509_fp
-are available in all versions of SSLeay and OpenSSL.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509_ALGOR.pod b/lib/libssl/src/doc/crypto/d2i_X509_ALGOR.pod
deleted file mode 100644
index 68011679fd5..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509_ALGOR.pod
+++ /dev/null
@@ -1,26 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_ALGOR, i2d_X509_ALGOR - AlgorithmIdentifier functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length);
- int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an B<X509_ALGOR> structure which is
-equivalent to the B<AlgorithmIdentifier> structure.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509_CRL.pod b/lib/libssl/src/doc/crypto/d2i_X509_CRL.pod
deleted file mode 100644
index 563e4de8e04..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509_CRL.pod
+++ /dev/null
@@ -1,33 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_CRL, i2d_X509_CRL, d2i_X509_CRL_bio, d2i_X509_CRL_fp,
-i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **pp, long length);
- int i2d_X509_CRL(X509_CRL *a, unsigned char **pp);
-
- X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
- X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
-
- int i2d_X509_CRL_bio(BIO *bp, X509_CRL *x);
- int i2d_X509_CRL_fp(FILE *fp, X509_CRL *x);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an X509 CRL (certificate revocation
-list).
-
-Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509_NAME.pod b/lib/libssl/src/doc/crypto/d2i_X509_NAME.pod
deleted file mode 100644
index 2219885338e..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509_NAME.pod
+++ /dev/null
@@ -1,27 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_NAME, i2d_X509_NAME - X509_NAME encoding functions
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length);
- int i2d_X509_NAME(X509_NAME *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an B<X509_NAME> structure which is the
-same as the B<Name> type defined in RFC2459 (and elsewhere) and used
-for example in certificate subject and issuer names.
-
-Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509_REQ.pod b/lib/libssl/src/doc/crypto/d2i_X509_REQ.pod
deleted file mode 100644
index baa8ae391e3..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509_REQ.pod
+++ /dev/null
@@ -1,32 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_REQ, i2d_X509_REQ, d2i_X509_REQ_bio, d2i_X509_REQ_fp,
-i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **pp, long length);
- int i2d_X509_REQ(X509_REQ *a, unsigned char **pp);
-
- X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
- X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
-
- int i2d_X509_REQ_bio(BIO *bp, X509_REQ *x);
- int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
-
-=head1 DESCRIPTION
-
-These functions decode and encode a PKCS#10 certificate request.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/d2i_X509_SIG.pod b/lib/libssl/src/doc/crypto/d2i_X509_SIG.pod
deleted file mode 100644
index 00d03f5ba1e..00000000000
--- a/lib/libssl/src/doc/crypto/d2i_X509_SIG.pod
+++ /dev/null
@@ -1,26 +0,0 @@
-=pod
-
-=head1 NAME
-
-d2i_X509_SIG, i2d_X509_SIG - DigestInfo functions.
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
- X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length);
- int i2d_X509_SIG(X509_SIG *a, unsigned char **pp);
-
-=head1 DESCRIPTION
-
-These functions decode and encode an X509_SIG structure which is
-equivalent to the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
-
-Othewise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
-
-=head1 SEE ALSO
-
-L<d2i_X509(3)|d2i_X509(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/dh.pod b/lib/libssl/src/doc/crypto/dh.pod
deleted file mode 100644
index 5fb9890a770..00000000000
--- a/lib/libssl/src/doc/crypto/dh.pod
+++ /dev/null
@@ -1,79 +0,0 @@
-=pod
-
-=head1 NAME
-
-dh - Diffie-Hellman key agreement
-
-=head1 SYNOPSIS
-
- #include <openssl/dh.h>
- #include <openssl/engine.h>
-
- DH *	DH_new(void);
- void	DH_free(DH *dh);
-
- int	DH_size(const DH *dh);
-
- DH *	DH_generate_parameters(int prime_len, int generator,
-		void (*callback)(int, int, void *), void *cb_arg);
- int	DH_check(const DH *dh, int *codes);
-
- int	DH_generate_key(DH *dh);
- int	DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
-
- void DH_set_default_method(const DH_METHOD *meth);
- const DH_METHOD *DH_get_default_method(void);
- int DH_set_method(DH *dh, const DH_METHOD *meth);
- DH *DH_new_method(ENGINE *engine);
- const DH_METHOD *DH_OpenSSL(void);
-
- int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-	     int (*dup_func)(), void (*free_func)());
- int DH_set_ex_data(DH *d, int idx, char *arg);
- char *DH_get_ex_data(DH *d, int idx);
-
- DH *	d2i_DHparams(DH **a, unsigned char **pp, long length);
- int	i2d_DHparams(const DH *a, unsigned char **pp);
-
- int	DHparams_print_fp(FILE *fp, const DH *x);
- int	DHparams_print(BIO *bp, const DH *x);
-
-=head1 DESCRIPTION
-
-These functions implement the Diffie-Hellman key agreement protocol.  The
-generation of shared DH parameters is described in
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>;
-L<DH_generate_key(3)|DH_generate_key(3)> describes how to perform a key
-agreement.
-
-The B<DH> structure consists of several BIGNUM components.
-
- struct
-        {
-        BIGNUM *p;		// prime number (shared)
-        BIGNUM *g;		// generator of Z_p (shared)
-        BIGNUM *priv_key;	// private DH value x
-        BIGNUM *pub_key;	// public DH value g^x
-        // ...
-        };
- DH
-
-Note that DH keys may use non-standard B<DH_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using DH
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 SEE ALSO
-
-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
-L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/dsa.pod b/lib/libssl/src/doc/crypto/dsa.pod
deleted file mode 100644
index da07d2b930c..00000000000
--- a/lib/libssl/src/doc/crypto/dsa.pod
+++ /dev/null
@@ -1,114 +0,0 @@
-=pod
-
-=head1 NAME
-
-dsa - Digital Signature Algorithm
-
-=head1 SYNOPSIS
-
- #include <openssl/dsa.h>
- #include <openssl/engine.h>
-
- DSA *	DSA_new(void);
- void	DSA_free(DSA *dsa);
-
- int	DSA_size(const DSA *dsa);
-
- DSA *	DSA_generate_parameters(int bits, unsigned char *seed,
-                int seed_len, int *counter_ret, unsigned long *h_ret,
-		void (*callback)(int, int, void *), void *cb_arg);
-
- DH *	DSA_dup_DH(const DSA *r);
-
- int	DSA_generate_key(DSA *dsa);
-
- int	DSA_sign(int dummy, const unsigned char *dgst, int len,
-		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
- int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
-                BIGNUM **rp);
- int	DSA_verify(int dummy, const unsigned char *dgst, int len,
-		const unsigned char *sigbuf, int siglen, DSA *dsa);
-
- void DSA_set_default_method(const DSA_METHOD *meth);
- const DSA_METHOD *DSA_get_default_method(void);
- int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
- DSA *DSA_new_method(ENGINE *engine);
- const DSA_METHOD *DSA_OpenSSL(void);
-
- int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-	     int (*dup_func)(), void (*free_func)());
- int DSA_set_ex_data(DSA *d, int idx, char *arg);
- char *DSA_get_ex_data(DSA *d, int idx);
-
- DSA_SIG *DSA_SIG_new(void);
- void	DSA_SIG_free(DSA_SIG *a);
- int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
- DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
-
- DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
- int	DSA_do_verify(const unsigned char *dgst, int dgst_len,
-	     DSA_SIG *sig, DSA *dsa);
-
- DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
- DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
- DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
- int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
- int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
- int	i2d_DSAparams(const DSA *a,unsigned char **pp);
-
- int	DSAparams_print(BIO *bp, const DSA *x);
- int	DSAparams_print_fp(FILE *fp, const DSA *x);
- int	DSA_print(BIO *bp, const DSA *x, int off);
- int	DSA_print_fp(FILE *bp, const DSA *x, int off);
-
-=head1 DESCRIPTION
-
-These functions implement the Digital Signature Algorithm (DSA).  The
-generation of shared DSA parameters is described in
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
-L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
-generate a signature key. Signature generation and verification are
-described in L<DSA_sign(3)|DSA_sign(3)>.
-
-The B<DSA> structure consists of several BIGNUM components.
-
- struct
-        {
-        BIGNUM *p;		// prime number (public)
-        BIGNUM *q;		// 160-bit subprime, q | p-1 (public)
-        BIGNUM *g;		// generator of subgroup (public)
-        BIGNUM *priv_key;	// private key x
-        BIGNUM *pub_key;	// public key y = g^x
-        // ...
-        }
- DSA;
-
-In public keys, B<priv_key> is NULL.
-
-Note that DSA keys may use non-standard B<DSA_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using DSA
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 CONFORMING TO
-
-US Federal Information Processing Standard FIPS 186 (Digital Signature
-Standard, DSS), ANSI X9.30
-
-=head1 SEE ALSO
-
-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
-L<DSA_new(3)|DSA_new(3)>,
-L<DSA_size(3)|DSA_size(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>,
-L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<RSA_print(3)|RSA_print(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/ec.pod b/lib/libssl/src/doc/crypto/ec.pod
deleted file mode 100644
index 891948e4f6e..00000000000
--- a/lib/libssl/src/doc/crypto/ec.pod
+++ /dev/null
@@ -1,201 +0,0 @@
-=pod
-
-=head1 NAME
-
-ec - Elliptic Curve functions
-
-=head1 SYNOPSIS
-
- #include <openssl/ec.h>
- #include <openssl/bn.h>
-
- const EC_METHOD *EC_GFp_simple_method(void);
- const EC_METHOD *EC_GFp_mont_method(void);
- const EC_METHOD *EC_GFp_nist_method(void);
- const EC_METHOD *EC_GFp_nistp224_method(void);
- const EC_METHOD *EC_GFp_nistp256_method(void);
- const EC_METHOD *EC_GFp_nistp521_method(void);
-
- const EC_METHOD *EC_GF2m_simple_method(void);
-
- EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
- void EC_GROUP_free(EC_GROUP *group);
- void EC_GROUP_clear_free(EC_GROUP *group);
- int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
- EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
- const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
- int EC_METHOD_get_field_type(const EC_METHOD *meth);
- int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
- const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
- int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
- int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
- void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
- int EC_GROUP_get_curve_name(const EC_GROUP *group);
- void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
- int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
- void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
- point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
- unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
- size_t EC_GROUP_get_seed_len(const EC_GROUP *);
- size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
- int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
- int EC_GROUP_get_degree(const EC_GROUP *group);
- int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
- int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
- int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
-
- size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
-
- EC_POINT *EC_POINT_new(const EC_GROUP *group);
- void EC_POINT_free(EC_POINT *point);
- void EC_POINT_clear_free(EC_POINT *point);
- int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
- EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
- const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
- int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
- int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
- int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
- int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
- int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
-	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
- int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
-	const BIGNUM *x, int y_bit, BN_CTX *ctx);
- size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
-	point_conversion_form_t form,
-        unsigned char *buf, size_t len, BN_CTX *ctx);
- int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
-        const unsigned char *buf, size_t len, BN_CTX *ctx);
- BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BIGNUM *, BN_CTX *);
- EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
-	EC_POINT *, BN_CTX *);
- char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
-	point_conversion_form_t form, BN_CTX *);
- EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
-	EC_POINT *, BN_CTX *);
-
- int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
- int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
- int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
- int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
- int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
- int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
- int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
- int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
- int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
- int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
- int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
- int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
-
- int EC_GROUP_get_basis_type(const EC_GROUP *);
- int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
- int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, 
-	unsigned int *k2, unsigned int *k3);
- EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
- int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
- #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
- #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
- #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
-                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
- #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
-		(unsigned char *)(x))
- int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
- int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
-
- EC_KEY *EC_KEY_new(void);
- int EC_KEY_get_flags(const EC_KEY *key);
- void EC_KEY_set_flags(EC_KEY *key, int flags);
- void EC_KEY_clear_flags(EC_KEY *key, int flags);
- EC_KEY *EC_KEY_new_by_curve_name(int nid);
- void EC_KEY_free(EC_KEY *key);
- EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
- EC_KEY *EC_KEY_dup(const EC_KEY *src);
- int EC_KEY_up_ref(EC_KEY *key);
- const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
- int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
- const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
- int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
- const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
- int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
- unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
- void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
- point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
- void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
- void *EC_KEY_get_key_method_data(EC_KEY *key, 
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
- void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
-	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
- void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
- int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
- int EC_KEY_generate_key(EC_KEY *key);
- int EC_KEY_check_key(const EC_KEY *key);
- int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
-
- EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
- int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
-
- EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
- int i2d_ECParameters(EC_KEY *key, unsigned char **out);
-
- EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
- int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
- int	ECParameters_print(BIO *bp, const EC_KEY *key);
- int	EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
- int	ECParameters_print_fp(FILE *fp, const EC_KEY *key);
- int	EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
- EC_KEY *ECParameters_dup(EC_KEY *key);
- #define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
-	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
-				EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
-
-
-=head1 DESCRIPTION
-
-This library provides an extensive set of functions for performing operations on elliptic curves over finite fields.
-In general an elliptic curve is one with an equation of the form:
-
-y^2 = x^3 + ax + b
-
-An B<EC_GROUP> structure is used to represent the definition of an elliptic curve. Points on a curve are stored using an
-B<EC_POINT> structure. An B<EC_KEY> is used to hold a private/public key pair, where a private key is simply a BIGNUM and a
-public key is a point on a curve (represented by an B<EC_POINT>).
-
-The library contains a number of alternative implementations of the different functions. Each implementation is optimised
-for different scenarios. No matter which implementation is being used, the interface remains the same. The library
-handles calling the correct implementation when an interface function is invoked. An implementation is represented by
-an B<EC_METHOD> structure.
-
-The creation and destruction of B<EC_GROUP> objects is described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>. Functions for
-manipulating B<EC_GROUP> objects are described in L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>.
-
-Functions for creating, destroying and manipulating B<EC_POINT> objects are explained in L<EC_POINT_new(3)|EC_POINT_new(3)>,
-whilst functions for performing mathematical operations and tests on B<EC_POINTs> are coverd in L<EC_POINT_add(3)|EC_POINT_add(3)>.
-
-For working with private and public keys refer to L<EC_KEY_new(3)|EC_KEY_new(3)>. Implementations are covered in
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>.
-
-For information on encoding and decoding curve parameters to and from ASN1 see L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>.
-
-=head1 SEE ALSO
-
-L<crypto(3)|crypto(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
-
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/engine.pod b/lib/libssl/src/doc/crypto/engine.pod
deleted file mode 100644
index 31035af398a..00000000000
--- a/lib/libssl/src/doc/crypto/engine.pod
+++ /dev/null
@@ -1,599 +0,0 @@
-=pod
-
-=head1 NAME
-
-ENGINE_add, ENGINE_by_id, ENGINE_finish, ENGINE_get_first,
-ENGINE_get_last, ENGINE_get_next, ENGINE_get_prev,
-ENGINE_init, ENGINE_load_builtin_engines, ENGINE_remove
-- ENGINE cryptographic module support
-
-=head1 SYNOPSIS
-
- #include <openssl/engine.h>
-
- ENGINE *ENGINE_get_first(void);
- ENGINE *ENGINE_get_last(void);
- ENGINE *ENGINE_get_next(ENGINE *e);
- ENGINE *ENGINE_get_prev(ENGINE *e);
-
- int ENGINE_add(ENGINE *e);
- int ENGINE_remove(ENGINE *e);
-
- ENGINE *ENGINE_by_id(const char *id);
-
- int ENGINE_init(ENGINE *e);
- int ENGINE_finish(ENGINE *e);
-
- void ENGINE_load_openssl(void);
- void ENGINE_load_dynamic(void);
- void ENGINE_load_cryptodev(void);
- void ENGINE_load_builtin_engines(void);
-
- void ENGINE_cleanup(void);
-
- ENGINE *ENGINE_get_default_RSA(void);
- ENGINE *ENGINE_get_default_DSA(void);
- ENGINE *ENGINE_get_default_ECDH(void);
- ENGINE *ENGINE_get_default_ECDSA(void);
- ENGINE *ENGINE_get_default_DH(void);
- ENGINE *ENGINE_get_default_RAND(void);
- ENGINE *ENGINE_get_cipher_engine(int nid);
- ENGINE *ENGINE_get_digest_engine(int nid);
-
- int ENGINE_set_default_RSA(ENGINE *e);
- int ENGINE_set_default_DSA(ENGINE *e);
- int ENGINE_set_default_ECDH(ENGINE *e);
- int ENGINE_set_default_ECDSA(ENGINE *e);
- int ENGINE_set_default_DH(ENGINE *e);
- int ENGINE_set_default_RAND(ENGINE *e);
- int ENGINE_set_default_ciphers(ENGINE *e);
- int ENGINE_set_default_digests(ENGINE *e);
- int ENGINE_set_default_string(ENGINE *e, const char *list);
-
- int ENGINE_set_default(ENGINE *e, unsigned int flags);
-
- unsigned int ENGINE_get_table_flags(void);
- void ENGINE_set_table_flags(unsigned int flags);
-
- int ENGINE_register_RSA(ENGINE *e);
- void ENGINE_unregister_RSA(ENGINE *e);
- void ENGINE_register_all_RSA(void);
- int ENGINE_register_DSA(ENGINE *e);
- void ENGINE_unregister_DSA(ENGINE *e);
- void ENGINE_register_all_DSA(void);
- int ENGINE_register_ECDH(ENGINE *e);
- void ENGINE_unregister_ECDH(ENGINE *e);
- void ENGINE_register_all_ECDH(void);
- int ENGINE_register_ECDSA(ENGINE *e);
- void ENGINE_unregister_ECDSA(ENGINE *e);
- void ENGINE_register_all_ECDSA(void);
- int ENGINE_register_DH(ENGINE *e);
- void ENGINE_unregister_DH(ENGINE *e);
- void ENGINE_register_all_DH(void);
- int ENGINE_register_RAND(ENGINE *e);
- void ENGINE_unregister_RAND(ENGINE *e);
- void ENGINE_register_all_RAND(void);
- int ENGINE_register_STORE(ENGINE *e);
- void ENGINE_unregister_STORE(ENGINE *e);
- void ENGINE_register_all_STORE(void);
- int ENGINE_register_ciphers(ENGINE *e);
- void ENGINE_unregister_ciphers(ENGINE *e);
- void ENGINE_register_all_ciphers(void);
- int ENGINE_register_digests(ENGINE *e);
- void ENGINE_unregister_digests(ENGINE *e);
- void ENGINE_register_all_digests(void);
- int ENGINE_register_complete(ENGINE *e);
- int ENGINE_register_all_complete(void);
-
- int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
- int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
- int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
-         long i, void *p, void (*f)(void), int cmd_optional);
- int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
-         int cmd_optional);
-
- int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
- void *ENGINE_get_ex_data(const ENGINE *e, int idx);
-
- int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
- ENGINE *ENGINE_new(void);
- int ENGINE_free(ENGINE *e);
- int ENGINE_up_ref(ENGINE *e);
-
- int ENGINE_set_id(ENGINE *e, const char *id);
- int ENGINE_set_name(ENGINE *e, const char *name);
- int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
- int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
- int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *dh_meth);
- int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *dh_meth);
- int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
- int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
- int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *rand_meth);
- int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
- int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
- int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
- int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
- int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
- int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
- int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
- int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
- int ENGINE_set_flags(ENGINE *e, int flags);
- int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
-
- const char *ENGINE_get_id(const ENGINE *e);
- const char *ENGINE_get_name(const ENGINE *e);
- const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
- const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
- const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
- const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
- const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
- const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
- const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
- ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
- ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
- ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
- ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
- ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
- ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
- const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
- const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
- int ENGINE_get_flags(const ENGINE *e);
- const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
-
- EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
-     UI_METHOD *ui_method, void *callback_data);
- EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
-     UI_METHOD *ui_method, void *callback_data);
-
- void ENGINE_add_conf_module(void);
-
-=head1 DESCRIPTION
-
-These functions create, manipulate, and use cryptographic modules in the
-form of B<ENGINE> objects. These objects act as containers for
-implementations of cryptographic algorithms, and support a
-reference-counted mechanism to allow them to be dynamically loaded in and
-out of the running application.
-
-The cryptographic functionality that can be provided by an B<ENGINE>
-implementation includes the following abstractions;
-
- RSA_METHOD - for providing alternative RSA implementations
- DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
-       STORE_METHOD - similarly for other OpenSSL APIs
- EVP_CIPHER - potentially multiple cipher algorithms (indexed by 'nid')
- EVP_DIGEST - potentially multiple hash algorithms (indexed by 'nid')
- key-loading - loading public and/or private EVP_PKEY keys
-
-=head2 Reference counting and handles
-
-Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be
-treated as handles - ie. not only as pointers, but also as references to
-the underlying ENGINE object. Ie. one should obtain a new reference when
-making copies of an ENGINE pointer if the copies will be used (and
-released) independently.
-
-ENGINE objects have two levels of reference-counting to match the way in
-which the objects are used. At the most basic level, each ENGINE pointer is
-inherently a B<structural> reference - a structural reference is required
-to use the pointer value at all, as this kind of reference is a guarantee
-that the structure can not be deallocated until the reference is released.
-
-However, a structural reference provides no guarantee that the ENGINE is
-initialised and able to use any of its cryptographic
-implementations. Indeed it's quite possible that most ENGINEs will not
-initialise at all in typical environments, as ENGINEs are typically used to
-support specialised hardware. To use an ENGINE's functionality, you need a
-B<functional> reference. This kind of reference can be considered a
-specialised form of structural reference, because each functional reference
-implicitly contains a structural reference as well - however to avoid
-difficult-to-find programming bugs, it is recommended to treat the two
-kinds of reference independently. If you have a functional reference to an
-ENGINE, you have a guarantee that the ENGINE has been initialised ready to
-perform cryptographic operations and will remain uninitialised
-until after you have released your reference.
-
-I<Structural references>
-
-This basic type of reference is used for instantiating new ENGINEs,
-iterating across OpenSSL's internal linked-list of loaded
-ENGINEs, reading information about an ENGINE, etc. Essentially a structural
-reference is sufficient if you only need to query or manipulate the data of
-an ENGINE implementation rather than use its functionality.
-
-The ENGINE_new() function returns a structural reference to a new (empty)
-ENGINE object. There are other ENGINE API functions that return structural
-references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(),
-ENGINE_get_next(), ENGINE_get_prev(). All structural references should be
-released by a corresponding to call to the ENGINE_free() function - the
-ENGINE object itself will only actually be cleaned up and deallocated when
-the last structural reference is released.
-
-It should also be noted that many ENGINE API function calls that accept a
-structural reference will internally obtain another reference - typically
-this happens whenever the supplied ENGINE will be needed by OpenSSL after
-the function has returned. Eg. the function to add a new ENGINE to
-OpenSSL's internal list is ENGINE_add() - if this function returns success,
-then OpenSSL will have stored a new structural reference internally so the
-caller is still responsible for freeing their own reference with
-ENGINE_free() when they are finished with it. In a similar way, some
-functions will automatically release the structural reference passed to it
-if part of the function's job is to do so. Eg. the ENGINE_get_next() and
-ENGINE_get_prev() functions are used for iterating across the internal
-ENGINE list - they will return a new structural reference to the next (or
-previous) ENGINE in the list or NULL if at the end (or beginning) of the
-list, but in either case the structural reference passed to the function is
-released on behalf of the caller.
-
-To clarify a particular function's handling of references, one should
-always consult that function's documentation "man" page, or failing that
-the openssl/engine.h header file includes some hints.
-
-I<Functional references>
-
-As mentioned, functional references exist when the cryptographic
-functionality of an ENGINE is required to be available. A functional
-reference can be obtained in one of two ways; from an existing structural
-reference to the required ENGINE, or by asking OpenSSL for the default
-operational ENGINE for a given cryptographic purpose.
-
-To obtain a functional reference from an existing structural reference,
-call the ENGINE_init() function. This returns zero if the ENGINE was not
-already operational and couldn't be successfully initialised (eg. lack of
-system drivers, no special hardware attached, etc), otherwise it will
-return non-zero to indicate that the ENGINE is now operational and will
-have allocated a new B<functional> reference to the ENGINE. All functional
-references are released by calling ENGINE_finish() (which removes the
-implicit structural reference as well).
-
-The second way to get a functional reference is by asking OpenSSL for a
-default implementation for a given task, eg. by ENGINE_get_default_RSA(),
-ENGINE_get_default_cipher_engine(), etc. These are discussed in the next
-section, though they are not usually required by application programmers as
-they are used automatically when creating and using the relevant
-algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.
-
-=head2 Default implementations
-
-For each supported abstraction, the ENGINE code maintains an internal table
-of state to control which implementations are available for a given
-abstraction and which should be used by default. These implementations are
-registered in the tables and indexed by an 'nid' value, because
-abstractions like EVP_CIPHER and EVP_DIGEST support many distinct
-algorithms and modes, and ENGINEs can support arbitrarily many of them.
-In the case of other abstractions like RSA, DSA, etc, there is only one
-"algorithm" so all implementations implicitly register using the same 'nid'
-index.
-
-When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg.
-when calling RSA_new_method(NULL)), a "get_default" call will be made to the
-ENGINE subsystem to process the corresponding state table and return a
-functional reference to an initialised ENGINE whose implementation should be
-used. If no ENGINE should (or can) be used, it will return NULL and the caller
-will operate with a NULL ENGINE handle - this usually equates to using the
-conventional software implementation. In the latter case, OpenSSL will from
-then on behave the way it used to before the ENGINE API existed.
-
-Each state table has a flag to note whether it has processed this
-"get_default" query since the table was last modified, because to process
-this question it must iterate across all the registered ENGINEs in the
-table trying to initialise each of them in turn, in case one of them is
-operational. If it returns a functional reference to an ENGINE, it will
-also cache another reference to speed up processing future queries (without
-needing to iterate across the table). Likewise, it will cache a NULL
-response if no ENGINE was available so that future queries won't repeat the
-same iteration unless the state table changes. This behaviour can also be
-changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using
-ENGINE_set_table_flags()), no attempted initialisations will take place,
-instead the only way for the state table to return a non-NULL ENGINE to the
-"get_default" query will be if one is expressly set in the table. Eg.
-ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except
-that it also sets the state table's cached response for the "get_default"
-query. In the case of abstractions like EVP_CIPHER, where implementations are
-indexed by 'nid', these flags and cached-responses are distinct for each 'nid'
-value.
-
-=head2 Application requirements
-
-This section will explain the basic things an application programmer should
-support to make the most useful elements of the ENGINE functionality
-available to the user. The first thing to consider is whether the
-programmer wishes to make alternative ENGINE modules available to the
-application and user. OpenSSL maintains an internal linked list of
-"visible" ENGINEs from which it has to operate - at start-up, this list is
-empty and in fact if an application does not call any ENGINE API calls and
-it uses static linking against openssl, then the resulting application
-binary will not contain any alternative ENGINE code at all. So the first
-consideration is whether any/all available ENGINE implementations should be
-made visible to OpenSSL - this is controlled by calling the various "load"
-functions, eg.
-
- /* Make ALL ENGINE implementations bundled with OpenSSL available */
- ENGINE_load_builtin_engines();
-
-Note that ENGINE_load_dynamic(void) is a placeholder and does not enable
-dynamic engine loading support.
-
-Having called any of these functions, ENGINE objects would have been
-dynamically allocated and populated with these implementations and linked
-into OpenSSL's internal linked list. At this point it is important to
-mention an important API function;
-
- void ENGINE_cleanup(void);
-
-If no ENGINE API functions are called at all in an application, then there
-are no inherent memory leaks to worry about from the ENGINE functionality,
-however if any ENGINEs are loaded, even if they are never registered or
-used, it is necessary to use the ENGINE_cleanup() function to
-correspondingly cleanup before program exit, if the caller wishes to avoid
-memory leaks. This mechanism uses an internal callback registration table
-so that any ENGINE API functionality that knows it requires cleanup can
-register its cleanup details to be called during ENGINE_cleanup(). This
-approach allows ENGINE_cleanup() to clean up after any ENGINE functionality
-at all that your program uses, yet doesn't automatically create linker
-dependencies to all possible ENGINE functionality - only the cleanup
-callbacks required by the functionality you do use will be required by the
-linker.
-
-The fact that ENGINEs are made visible to OpenSSL (and thus are linked into
-the program and loaded into memory at run-time) does not mean they are
-"registered" or called into use by OpenSSL automatically - that behaviour
-is something for the application to control. Some applications
-will want to allow the user to specify exactly which ENGINE they want used
-if any is to be used at all. Others may prefer to load all support and have
-OpenSSL automatically use at run-time any ENGINE that is able to
-successfully initialise - ie. to assume that this corresponds to
-acceleration hardware attached to the machine or some such thing. There are
-probably numerous other ways in which applications may prefer to handle
-things, so we will simply illustrate the consequences as they apply to a
-couple of simple cases and leave developers to consider these and the
-source code to openssl's builtin utilities as guides.
-
-I<Using a specific ENGINE implementation>
-
-Here we'll assume an application has been configured by its user or admin
-to want to use the "ACME" ENGINE if it is available in the version of
-OpenSSL the application was compiled with. If it is available, it should be
-used by default for all RSA, DSA, and symmetric cipher operation, otherwise
-OpenSSL should use its builtin software as per usual. The following code
-illustrates how to approach this;
-
- ENGINE *e;
- const char *engine_id = "ACME";
- ENGINE_load_builtin_engines();
- e = ENGINE_by_id(engine_id);
- if (!e)
-     /* the engine isn't available */
-     return;
- if (!ENGINE_init(e)) {
-     /* the engine couldn't initialise, release 'e' */
-     ENGINE_free(e);
-     return;
- }
- if (!ENGINE_set_default_RSA(e))
-     /* This should only happen when 'e' can't initialise, but the previous
-      * statement suggests it did. */
-     abort();
- ENGINE_set_default_DSA(e);
- ENGINE_set_default_ciphers(e);
- /* Release the functional reference from ENGINE_init() */
- ENGINE_finish(e);
- /* Release the structural reference from ENGINE_by_id() */
- ENGINE_free(e);
-
-I<Automatically using builtin ENGINE implementations>
-
-Here we'll assume we want to load and register all ENGINE implementations
-bundled with OpenSSL, such that for any cryptographic algorithm required by
-OpenSSL - if there is an ENGINE that implements it and can be initialise,
-it should be used. The following code illustrates how this can work;
-
- /* Load all bundled ENGINEs into memory and make them visible */
- ENGINE_load_builtin_engines();
- /* Register all of them for every algorithm they collectively implement */
- ENGINE_register_all_complete();
-
-That's all that's required. Eg. the next time OpenSSL tries to set up an
-RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to
-ENGINE_init() and if any of those succeed, that ENGINE will be set as the
-default for RSA use from then on.
-
-=head2 Advanced configuration support
-
-There is a mechanism supported by the ENGINE framework that allows each
-ENGINE implementation to define an arbitrary set of configuration
-"commands" and expose them to OpenSSL and any applications based on
-OpenSSL. This mechanism is entirely based on the use of name-value pairs
-and assumes ASCII input (no unicode or UTF for now!), so it is ideal if
-applications want to provide a transparent way for users to provide
-arbitrary configuration "directives" directly to such ENGINEs. It is also
-possible for the application to dynamically interrogate the loaded ENGINE
-implementations for the names, descriptions, and input flags of their
-available "control commands", providing a more flexible configuration
-scheme. However, if the user is expected to know which ENGINE device he/she
-is using (in the case of specialised hardware, this goes without saying)
-then applications may not need to concern themselves with discovering the
-supported control commands and simply prefer to pass settings into ENGINEs
-exactly as they are provided by the user.
-
-Before illustrating how control commands work, it is worth mentioning what
-they are typically used for. Broadly speaking there are two uses for
-control commands; the first is to provide the necessary details to the
-implementation (which may know nothing at all specific to the host system)
-so that it can be initialised for use. This could include the path to any
-driver or config files it needs to load, required network addresses,
-smart-card identifiers, passwords to initialise protected devices,
-logging information, etc etc. This class of commands typically needs to be
-passed to an ENGINE B<before> attempting to initialise it, ie. before
-calling ENGINE_init(). The other class of commands consist of settings or
-operations that tweak certain behaviour or cause certain operations to take
-place, and these commands may work either before or after ENGINE_init(), or
-in some cases both. ENGINE implementations should provide indications of
-this in the descriptions attached to builtin control commands and/or in
-external product documentation.
-
-I<Issuing control commands to an ENGINE>
-
-Let's illustrate by example; a function for which the caller supplies the
-name of the ENGINE it wishes to use, a table of string-pairs for use before
-initialisation, and another table for use after initialisation. Note that
-the string-pairs used for control commands consist of a command "name"
-followed by the command "parameter" - the parameter could be NULL in some
-cases but the name can not. This function should initialise the ENGINE
-(issuing the "pre" commands beforehand and the "post" commands afterwards)
-and set it as the default for everything except RAND and then return a
-boolean success or failure.
-
- int
- generic_load_engine_fn(const char *engine_id,
-     const char **pre_cmds, int pre_num,
-     const char **post_cmds, int post_num)
- {
-	ENGINE *e = ENGINE_by_id(engine_id);
-
-	if (!e)
-		return 0;
-	while (pre_num--) {
-		if (!ENGINE_ctrl_cmd_string(e,
-		    pre_cmds[0], pre_cmds[1], 0)) {
-			fprintf(stderr,
-			    "Failed command (%s - %s:%s)\n",
-			    engine_id, pre_cmds[0],
-			    pre_cmds[1] ? pre_cmds[1] : "(NULL)");
-			ENGINE_free(e);
-			return 0;
-		}
-		pre_cmds += 2;
-	}
-	if (!ENGINE_init(e)) {
-		fprintf(stderr, "Failed initialisation\n");
-		ENGINE_free(e);
-		return 0;
-	}
-	/*
-	 * ENGINE_init() returned a functional reference,
-	 * so free the structural reference from
-	 * ENGINE_by_id().
-	 */
-	ENGINE_free(e);
-	while (post_num--) {
-		if (!ENGINE_ctrl_cmd_string(e,
-		    post_cmds[0], post_cmds[1], 0)) {
-			fprintf(stderr,
-			    "Failed command (%s - %s:%s)\n",
-			    engine_id, post_cmds[0],
-			    post_cmds[1] ? post_cmds[1] : "(NULL)");
-			ENGINE_finish(e);
-			return 0;
-		}
-		post_cmds += 2;
-	}
-	ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND);
-	/* Success */
-	return 1;
-}
-
-Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can
-relax the semantics of the function - if set non-zero it will only return
-failure if the ENGINE supported the given command name but failed while
-executing it, if the ENGINE doesn't support the command name it will simply
-return success without doing anything. In this case we assume the user is
-only supplying commands specific to the given ENGINE so we set this to
-FALSE.
-
-I<Discovering supported control commands>
-
-It is possible to discover at run-time the names, numerical-ids, descriptions
-and input parameters of the control commands supported by an ENGINE using a
-structural reference. Note that some control commands are defined by OpenSSL
-itself and it will intercept and handle these control commands on behalf of the
-ENGINE, ie. the ENGINE's ctrl() handler is not used for the control command.
-openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands
-implemented by ENGINEs should be numbered from. Any command value lower than
-this symbol is considered a "generic" command is handled directly by the
-OpenSSL core routines.
-
-It is using these "core" control commands that one can discover the control
-commands implemented by a given ENGINE, specifically the commands;
-
- #define ENGINE_HAS_CTRL_FUNCTION		10
- #define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
- #define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
- #define ENGINE_CTRL_GET_CMD_FROM_NAME		13
- #define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
- #define ENGINE_CTRL_GET_NAME_FROM_CMD		15
- #define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
- #define ENGINE_CTRL_GET_DESC_FROM_CMD		17
- #define ENGINE_CTRL_GET_CMD_FLAGS		18
-
-Whilst these commands are automatically processed by the OpenSSL framework code,
-they use various properties exposed by each ENGINE to process these
-queries. An ENGINE has 3 properties it exposes that can affect how this behaves;
-it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in
-the ENGINE's flags, and it can expose an array of control command descriptions.
-If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will
-simply pass all these "core" control commands directly to the ENGINE's ctrl()
-handler (and thus, it must have supplied one), so it is up to the ENGINE to
-reply to these "discovery" commands itself. If that flag is not set, then the
-OpenSSL framework code will work with the following rules;
-
- if no ctrl() handler supplied;
-     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
-     all other commands fail.
- if a ctrl() handler was supplied but no array of control commands;
-     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
-     all other commands fail.
- if a ctrl() handler and array of control commands was supplied;
-     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
-     all other commands proceed processing ...
-
-If the ENGINE's array of control commands is empty then all other commands will
-fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of
-the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the
-identifier of a command supported by the ENGINE and returns the next command
-identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string
-name for a command and returns the corresponding identifier or fails if no such
-command name exists, and the remaining commands take a command identifier and
-return properties of the corresponding commands. All except
-ENGINE_CTRL_GET_FLAGS return the string length of a command name or description,
-or populate a supplied character buffer with a copy of the command name or
-description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR'd mask of the following
-possible values;
-
- #define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
- #define ENGINE_CMD_FLAG_STRING			(unsigned int)0x0002
- #define ENGINE_CMD_FLAG_NO_INPUT		(unsigned int)0x0004
- #define ENGINE_CMD_FLAG_INTERNAL		(unsigned int)0x0008
-
-If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely
-informational to the caller - this flag will prevent the command being usable
-for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string().
-"INTERNAL" commands are not intended to be exposed to text-based configuration
-by applications, administrations, users, etc. These can support arbitrary
-operations via ENGINE_ctrl(), including passing to and/or from the control
-commands data of any arbitrary type. These commands are supported in the
-discovery mechanisms simply allow applications to determine if an ENGINE
-supports certain specific commands it might want to use (eg. application "foo"
-might query various ENGINEs to see if they implement "FOO_GET_VENDOR_LOGO_GIF" -
-and ENGINE could therefore decide whether or not to support this "foo"-specific
-extension).
-
-=head2 Future developments
-
-The ENGINE API and internal architecture is currently being reviewed. Slated for
-possible release in 0.9.8 is support for transparent loading of "dynamic"
-ENGINEs (built as self-contained shared-libraries). This would allow ENGINE
-implementations to be provided independently of OpenSSL libraries and/or
-OpenSSL-based applications, and would also remove any requirement for
-applications to explicitly use the "dynamic" ENGINE to bind to shared-library
-implementations.
-
-=head1 SEE ALSO
-
-L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/evp.pod b/lib/libssl/src/doc/crypto/evp.pod
deleted file mode 100644
index dfd96d3b984..00000000000
--- a/lib/libssl/src/doc/crypto/evp.pod
+++ /dev/null
@@ -1,107 +0,0 @@
-=pod
-
-=head1 NAME
-
-evp - high-level cryptographic functions
-
-=head1 SYNOPSIS
-
- #include <openssl/evp.h>
-
-=head1 DESCRIPTION
-
-The EVP library provides a high-level interface to cryptographic
-functions.
-
-L<B<EVP_Seal>I<...>|EVP_SealInit(3)> and L<B<EVP_Open>I<...>|EVP_OpenInit(3)>
-provide public key encryption and decryption to implement digital "envelopes".
-
-The L<B<EVP_DigestSign>I<...>|EVP_DigestSignInit(3)> and
-L<B<EVP_DigestVerify>I<...>|EVP_DigestVerifyInit(3)> functions implement
-digital signatures and Message Authentication Codes (MACs). Also see the older
-L<B<EVP_Sign>I<...>|EVP_SignInit(3)> and L<B<EVP_Verify>I<...>|EVP_VerifyInit(3)>
-functions.
-
-Symmetric encryption is available with the L<B<EVP_Encrypt>I<...>|EVP_EncryptInit(3)>
-functions.  The L<B<EVP_Digest>I<...>|EVP_DigestInit(3)> functions provide message digests.
-
-Authenticated encryption with additional data (AEAD) is available with
-the L<B<EVP_AEAD>I<...>|EVP_AEAD_CTX_init(3)> functions.
-
-The B<EVP_PKEY>I<...> functions provide a high level interface to
-asymmetric algorithms. To create a new EVP_PKEY see
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>. EVP_PKEYs can be associated
-with a private key of a particular algorithm by using the functions
-described on the L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> page, or
-new keys can be generated using L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>.
-EVP_PKEYs can be compared using L<EVP_PKEY_cmp(3)|EVP_PKEY_cmp(3)>, or printed using
-L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>.
-
-The EVP_PKEY functions support the full range of asymmetric algorithm operations:
-
-=over
-
-=item For key agreement see L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-
-=item For signing and verifying see L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)> and L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>.
-However, note that
-these functions do not perform a digest of the data to be signed. Therefore
-normally you would use the L<B<EVP_DigestSign>I<...>|EVP_DigestSignInit(3)>
-functions for this purpose.
-
-=item For encryption and decryption see L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>
-and L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)> respectively. However, note that
-these functions perform encryption and decryption only. As public key
-encryption is an expensive operation, normally you would wrap
-an encrypted message in a "digital envelope" using the L<B<EVP_Seal>I<...>|EVP_SealInit(3)> and
-L<B<EVP_Open>I<...>|EVP_OpenInit(3)> functions.
-
-=back
-
-The L<EVP_BytesToKey(3)|EVP_BytesToKey(3)> function provides some limited support for password
-based encryption. Careful selection of the parameters will provide a PKCS#5 PBKDF1 compatible
-implementation. However, new applications should not typically use this (preferring, for example,
-PBKDF2 from PCKS#5).
-
-Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>.
-
-All the symmetric algorithms (ciphers), digests and asymmetric algorithms
-(public key algorithms) can be replaced by L<ENGINE|engine(3)> modules providing alternative
-implementations. If ENGINE implementations of ciphers or digests are registered
-as defaults, then the various EVP functions will automatically use those
-implementations automatically in preference to built in software
-implementations. For more information, consult the engine(3) man page.
-
-Although low level algorithm specific functions exist for many algorithms
-their use is discouraged. They cannot be used with an ENGINE and ENGINE
-versions of new algorithms cannot be accessed using the low level functions.
-Also makes code harder to adapt to new algorithms and some options are not
-cleanly supported at the low level and some operations are more efficient
-using the high level interface.
-
-=head1 SEE ALSO
-
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_AEAD_CTX_init(3)|EVP_AEAD_CTX_init(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>,
-L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>,
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>,
-L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>,
-L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>,
-L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
-L<engine(3)|engine(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/i2d_CMS_bio_stream.pod b/lib/libssl/src/doc/crypto/i2d_CMS_bio_stream.pod
deleted file mode 100644
index 558bdd0812c..00000000000
--- a/lib/libssl/src/doc/crypto/i2d_CMS_bio_stream.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
- i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
-
-=head1 SYNOPSIS
-
- #include <openssl/cms.h>
-
- int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.
-
-It is otherwise identical to the function SMIME_write_CMS().
-
-=head1 NOTES
-
-This function is effectively a version of the i2d_CMS_bio() supporting
-streaming.
-
-=head1 BUGS
-
-The prefix "i2d" is arguably wrong because the function outputs BER format.
-
-=head1 RETURN VALUES
-
-i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>,
-L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
-L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
-
-=head1 HISTORY
-
-i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/i2d_PKCS7_bio_stream.pod b/lib/libssl/src/doc/crypto/i2d_PKCS7_bio_stream.pod
deleted file mode 100644
index a37231e267b..00000000000
--- a/lib/libssl/src/doc/crypto/i2d_PKCS7_bio_stream.pod
+++ /dev/null
@@ -1,44 +0,0 @@
-=pod
-
-=head1 NAME
-
-i2d_PKCS7_bio_stream - output PKCS7 structure in BER format.
-
-=head1 SYNOPSIS
-
- #include <openssl/pkcs7.h>
-
- int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
-
-=head1 DESCRIPTION
-
-i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.
-
-It is otherwise identical to the function SMIME_write_PKCS7().
-
-=head1 NOTES
-
-This function is effectively a version of the d2i_PKCS7_bio() supporting
-streaming.
-
-=head1 BUGS
-
-The prefix "i2d" is arguably wrong because the function outputs BER format.
-
-=head1 RETURN VALUES
-
-i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
-
-=head1 SEE ALSO
-
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
-L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
-L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
-
-=head1 HISTORY
-
-i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/lh_stats.pod b/lib/libssl/src/doc/crypto/lh_stats.pod
deleted file mode 100644
index 15f97b55455..00000000000
--- a/lib/libssl/src/doc/crypto/lh_stats.pod
+++ /dev/null
@@ -1,60 +0,0 @@
-=pod
-
-=head1 NAME
-
-lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
-lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
-
-=head1 SYNOPSIS
-
- #include <openssl/lhash.h>
-
- void lh_stats(LHASH *table, FILE *out);
- void lh_node_stats(LHASH *table, FILE *out);
- void lh_node_usage_stats(LHASH *table, FILE *out);
-
- void lh_stats_bio(LHASH *table, BIO *out);
- void lh_node_stats_bio(LHASH *table, BIO *out);
- void lh_node_usage_stats_bio(LHASH *table, BIO *out);
-
-=head1 DESCRIPTION
-
-The B<LHASH> structure records statistics about most aspects of
-accessing the hash table.  This is mostly a legacy of Eric Young
-writing this library for the reasons of implementing what looked like
-a nice algorithm rather than for a particular software product.
-
-lh_stats() prints out statistics on the size of the hash table, how
-many entries are in it, and the number and result of calls to the
-routines in this library.
-
-lh_node_stats() prints the number of entries for each 'bucket' in the
-hash table.
-
-lh_node_usage_stats() prints out a short summary of the state of the
-hash table.  It prints the 'load' and the 'actual load'.  The load is
-the average number of data items per 'bucket' in the hash table.  The
-'actual load' is the average number of items per 'bucket', but only
-for buckets which contain entries.  So the 'actual load' is the
-average number of searches that will need to find an item in the hash
-table, while the 'load' is the average number that will be done to
-record a miss.
-
-lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
-are the same as the above, except that the output goes to a B<BIO>.
-
-=head1 RETURN VALUES
-
-These functions do not return values.
-
-=head1 SEE ALSO
-
-L<bio(3)|bio(3)>, L<lh_new(3)|lh_new(3)>
-
-=head1 HISTORY
-
-These functions are available in all versions of SSLeay and OpenSSL.
-
-This manpage is derived from the SSLeay documentation.
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/rsa.pod b/lib/libssl/src/doc/crypto/rsa.pod
deleted file mode 100644
index 829ce24701d..00000000000
--- a/lib/libssl/src/doc/crypto/rsa.pod
+++ /dev/null
@@ -1,123 +0,0 @@
-=pod
-
-=head1 NAME
-
-rsa - RSA public key cryptosystem
-
-=head1 SYNOPSIS
-
- #include <openssl/rsa.h>
- #include <openssl/engine.h>
-
- RSA * RSA_new(void);
- void RSA_free(RSA *rsa);
-
- int RSA_public_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
- int RSA_private_decrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa, int padding);
- int RSA_private_encrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa,int padding);
- int RSA_public_decrypt(int flen, unsigned char *from,
-    unsigned char *to, RSA *rsa,int padding);
-
- int RSA_sign(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
- int RSA_verify(int type, unsigned char *m, unsigned int m_len,
-    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
-
- int RSA_size(const RSA *rsa);
-
- RSA *RSA_generate_key(int num, unsigned long e,
-    void (*callback)(int,int,void *), void *cb_arg);
-
- int RSA_check_key(RSA *rsa);
-
- int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
- void RSA_blinding_off(RSA *rsa);
-
- void RSA_set_default_method(const RSA_METHOD *meth);
- const RSA_METHOD *RSA_get_default_method(void);
- int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
- const RSA_METHOD *RSA_get_method(const RSA *rsa);
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
- RSA_METHOD *RSA_null_method(void);
- int RSA_flags(const RSA *rsa);
- RSA *RSA_new_method(ENGINE *engine);
-
- int RSA_print(BIO *bp, RSA *x, int offset);
- int RSA_print_fp(FILE *fp, RSA *x, int offset);
-
- int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
-    int (*dup_func)(), void (*free_func)());
- int RSA_set_ex_data(RSA *r,int idx,char *arg);
- char *RSA_get_ex_data(RSA *r, int idx);
-
- int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
-    RSA *rsa);
- int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
-    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-    RSA *rsa);
-
-=head1 DESCRIPTION
-
-These functions implement RSA public key encryption and signatures
-as defined in PKCS #1 v2.0 [RFC 2437].
-
-The B<RSA> structure consists of several BIGNUM components. It can
-contain public as well as private RSA keys:
-
- struct
-        {
-        BIGNUM *n;		// public modulus
-        BIGNUM *e;		// public exponent
-        BIGNUM *d;		// private exponent
-        BIGNUM *p;		// secret prime factor
-        BIGNUM *q;		// secret prime factor
-        BIGNUM *dmp1;		// d mod (p-1)
-        BIGNUM *dmq1;		// d mod (q-1)
-        BIGNUM *iqmp;		// q^-1 mod p
-	// ...
-        };
- RSA
-
-In public keys, the private exponent and the related secret values are
-B<NULL>.
-
-B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
-keys, but the RSA operations are much faster when these values are
-available.
-
-Note that RSA keys may use non-standard B<RSA_METHOD> implementations,
-either directly or by the use of B<ENGINE> modules. In some cases (eg. an
-ENGINE providing support for hardware-embedded keys), these BIGNUM values
-will not be used by the implementation or may be used for alternative data
-storage. For this reason, applications should generally avoid using RSA
-structure elements directly and instead use API functions to query or
-modify keys.
-
-=head1 CONFORMING TO
-
-SSL, PKCS #1 v2.0
-
-=head1 PATENTS
-
-RSA was covered by a US patent which expired in September 2000.
-
-=head1 SEE ALSO
-
-L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_check_key(3)|RSA_check_key(3)>,
-L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
-L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/crypto/x509.pod b/lib/libssl/src/doc/crypto/x509.pod
deleted file mode 100644
index f9e58e0e41a..00000000000
--- a/lib/libssl/src/doc/crypto/x509.pod
+++ /dev/null
@@ -1,64 +0,0 @@
-=pod
-
-=head1 NAME
-
-x509 - X.509 certificate handling
-
-=head1 SYNOPSIS
-
- #include <openssl/x509.h>
-
-=head1 DESCRIPTION
-
-A X.509 certificate is a structured grouping of information about
-an individual, a device, or anything one can imagine.  A X.509 CRL
-(certificate revocation list) is a tool to help determine if a
-certificate is still valid.  The exact definition of those can be
-found in the X.509 document from ITU-T, or in RFC3280 from PKIX.
-In OpenSSL, the type X509 is used to express such a certificate, and
-the type X509_CRL is used to express a CRL.
-
-A related structure is a certificate request, defined in PKCS#10 from
-RSA Security, Inc, also reflected in RFC2896.  In OpenSSL, the type
-X509_REQ is used to express such a certificate request.
-
-To handle some complex parts of a certificate, there are the types
-X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express
-a certificate attributes), X509_EXTENSION (to express a certificate
-extension) and a few more.
-
-Finally, there's the supertype X509_INFO, which can contain a CRL, a
-certificate and a corresponding private key.
-
-B<X509_>I<...>, B<d2i_X509_>I<...> and B<i2d_X509_>I<...> handle X.509
-certificates, with some exceptions, shown below.
-
-B<X509_CRL_>I<...>, B<d2i_X509_CRL_>I<...> and B<i2d_X509_CRL_>I<...>
-handle X.509 CRLs.
-
-B<X509_REQ_>I<...>, B<d2i_X509_REQ_>I<...> and B<i2d_X509_REQ_>I<...>
-handle PKCS#10 certificate requests.
-
-B<X509_NAME_>I<...> handle certificate names.
-
-B<X509_ATTRIBUTE_>I<...> handle certificate attributes.
-
-B<X509_EXTENSION_>I<...> handle certificate extensions.
-
-=head1 SEE ALSO
-
-L<X509_NAME_ENTRY_get_object(3)|X509_NAME_ENTRY_get_object(3)>,
-L<X509_NAME_add_entry_by_txt(3)|X509_NAME_add_entry_by_txt(3)>,
-L<X509_NAME_add_entry_by_NID(3)|X509_NAME_add_entry_by_NID(3)>,
-L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
-L<X509_NAME_new(3)|X509_NAME_new(3)>,
-L<d2i_X509(3)|d2i_X509(3)>,
-L<d2i_X509_ALGOR(3)|d2i_X509_ALGOR(3)>,
-L<d2i_X509_CRL(3)|d2i_X509_CRL(3)>,
-L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<d2i_X509_REQ(3)|d2i_X509_REQ(3)>,
-L<d2i_X509_SIG(3)|d2i_X509_SIG(3)>,
-L<crypto(3)|crypto(3)>,
-L<x509v3(3)|x509v3(3)>
-
-=cut
diff --git a/lib/libssl/src/doc/openssl.txt b/lib/libssl/src/doc/openssl.txt
deleted file mode 100644
index f8817b0a719..00000000000
--- a/lib/libssl/src/doc/openssl.txt
+++ /dev/null
@@ -1,1254 +0,0 @@
-
-This is some preliminary documentation for OpenSSL.
-
-Contents:
-
- OpenSSL X509V3 extension configuration
- X509V3 Extension code: programmers guide
- PKCS#12 Library
-
-
-==============================================================================
-               OpenSSL X509V3 extension configuration
-==============================================================================
-
-OpenSSL X509V3 extension configuration: preliminary documentation.
-
-INTRODUCTION.
-
-For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
-possible to add and print out common X509 V3 certificate and CRL extensions.
-
-BEGINNERS NOTE
-
-For most simple applications you don't need to know too much about extensions:
-the default openssl.cnf values will usually do sensible things.
-
-If you want to know more you can initially quickly look through the sections
-describing how the standard OpenSSL utilities display and add extensions and
-then the list of supported extensions.
-
-For more technical information about the meaning of extensions see:
-
-http://www.imc.org/ietf-pkix/
-http://home.netscape.com/eng/security/certs.html
-
-PRINTING EXTENSIONS.
-
-Extension values are automatically printed out for supported extensions.
-
-openssl x509 -in cert.pem -text
-openssl crl -in crl.pem -text
-
-will give information in the extension printout, for example:
-
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:TRUE
-            X509v3 Subject Key Identifier: 
-                73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
-            X509v3 Authority Key Identifier: 
-                keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
-            X509v3 Key Usage: 
-                Certificate Sign, CRL Sign
-            X509v3 Subject Alternative Name: 
-                email:email@1.address, email:email@2.address
-
-CONFIGURATION FILES.
-
-The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
-which certificate extensions to include. In each case a line:
-
-x509_extensions = extension_section
-
-indicates which section contains the extensions. In the case of 'req' the
-extension section is used when the -x509 option is present to create a
-self signed root certificate.
-
-The 'x509' utility also supports extensions when it signs a certificate.
-The -extfile option is used to set the configuration file containing the
-extensions. In this case a line with:
-
-extensions = extension_section
-
-in the nameless (default) section is used. If no such line is included then
-it uses the default section.
-
-You can also add extensions to CRLs: a line
-
-crl_extensions = crl_extension_section
-
-will include extensions when the -gencrl option is used with the 'ca' utility.
-You can add any extension to a CRL but of the supported extensions only
-issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
-CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
-CRL entry extensions can be displayed.
-
-NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
-you should not include a crl_extensions line in the configuration file.
-
-As with all configuration files you can use the inbuilt environment expansion
-to allow the values to be passed in the environment. Therefore if you have
-several extension sections used for different purposes you can have a line:
-
-x509_extensions = $ENV::ENV_EXT
-
-and set the ENV_EXT environment variable before calling the relevant utility.
-
-EXTENSION SYNTAX.
-
-Extensions have the basic form:
-
-extension_name=[critical,] extension_options
-
-the use of the critical option makes the extension critical. Extreme caution
-should be made when using the critical flag. If an extension is marked
-as critical then any client that does not understand the extension should
-reject it as invalid. Some broken software will reject certificates which
-have *any* critical extensions (these violates PKIX but we have to live
-with it).
-
-There are three main types of extension: string extensions, multi-valued
-extensions, and raw extensions.
-
-String extensions simply have a string which contains either the value itself
-or how it is obtained.
-
-For example:
-
-nsComment="This is a Comment"
-
-Multi-valued extensions have a short form and a long form. The short form
-is a list of names and values:
-
-basicConstraints=critical,CA:true,pathlen:1
-
-The long form allows the values to be placed in a separate section:
-
-basicConstraints=critical,@bs_section
-
-[bs_section]
-
-CA=true
-pathlen=1
-
-Both forms are equivalent. However it should be noted that in some cases the
-same name can appear multiple times, for example,
-
-subjectAltName=email:steve@here,email:steve@there
-
-in this case an equivalent long form is:
-
-subjectAltName=@alt_section
-
-[alt_section]
-
-email.1=steve@here
-email.2=steve@there
-
-This is because the configuration file code cannot handle the same name
-occurring twice in the same section.
-
-The syntax of raw extensions is governed by the extension code: it can
-for example contain data in multiple sections. The correct syntax to
-use is defined by the extension code itself: check out the certificate
-policies extension for an example.
-
-There are two ways to encode arbitrary extensions.
-
-The first way is to use the word ASN1 followed by the extension content
-using the same syntax as ASN1_generate_nconf(). For example:
-
-1.2.3.4=critical,ASN1:UTF8String:Some random data
-
-1.2.3.4=ASN1:SEQUENCE:seq_sect
-
-[seq_sect]
-
-field1 = UTF8:field1
-field2 = UTF8:field2
-
-It is also possible to use the word DER to include arbitrary data in any
-extension.
-
-1.2.3.4=critical,DER:01:02:03:04
-1.2.3.4=DER:01020304
-
-The value following DER is a hex dump of the DER encoding of the extension
-Any extension can be placed in this form to override the default behaviour.
-For example:
-
-basicConstraints=critical,DER:00:01:02:03
-
-WARNING: DER should be used with caution. It is possible to create totally
-invalid extensions unless care is taken.
-
-CURRENTLY SUPPORTED EXTENSIONS.
-
-If you aren't sure about extensions then they can be largely ignored: its only
-when you want to do things like restrict certificate usage when you need to
-worry about them. 
-
-The only extension that a beginner might want to look at is Basic Constraints.
-If in addition you want to try Netscape object signing the you should also
-look at Netscape Certificate Type.
-
-Literal String extensions.
-
-In each case the 'value' of the extension is placed directly in the
-extension. Currently supported extensions in this category are: nsBaseUrl,
-nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
-nsSslServerName and nsComment.
-
-For example:
-
-nsComment="This is a test comment"
-
-Bit Strings.
-
-Bit string extensions just consist of a list of supported bits, currently
-two extensions are in this category: PKIX keyUsage and the Netscape specific
-nsCertType.
-
-nsCertType (netscape certificate type) takes the flags: client, server, email,
-objsign, reserved, sslCA, emailCA, objCA.
-
-keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
-keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
-encipherOnly, decipherOnly.
-
-For example:
-
-nsCertType=server
-
-keyUsage=digitalSignature, nonRepudiation
-
-Hints on Netscape Certificate Type.
-
-Other than Basic Constraints this is the only extension a beginner might
-want to use, if you want to try Netscape object signing, otherwise it can
-be ignored.
-
-If you want a certificate that can be used just for object signing then:
-
-nsCertType=objsign
-
-will do the job. If you want to use it as a normal end user and server
-certificate as well then
-
-nsCertType=objsign,email,server
-
-is more appropriate. You cannot use a self signed certificate for object
-signing (well Netscape signtool can but it cheats!) so you need to create
-a CA certificate and sign an end user certificate with it.
-
-Side note: If you want to conform to the Netscape specifications then you
-should really also set:
-
-nsCertType=objCA
-
-in the *CA* certificate for just an object signing CA and
-
-nsCertType=objCA,emailCA,sslCA
-
-for everything. Current Netscape software doesn't enforce this so it can
-be omitted.
-
-Basic Constraints.
-
-This is generally the only extension you need to worry about for simple
-applications. If you want your certificate to be usable as a CA certificate
-(in addition to an end user certificate) then you set this to:
-
-basicConstraints=CA:TRUE
-
-if you want to be certain the certificate cannot be used as a CA then do:
-
-basicConstraints=CA:FALSE
-
-The rest of this section describes more advanced usage.
-
-Basic constraints is a multi-valued extension that supports a CA and an
-optional pathlen option. The CA option takes the values true and false and
-pathlen takes an integer. Note if the CA option is false the pathlen option
-should be omitted. 
-
-The pathlen parameter indicates the maximum number of CAs that can appear
-below this one in a chain. So if you have a CA with a pathlen of zero it can
-only be used to sign end user certificates and not further CAs. This all
-assumes that the software correctly interprets this extension of course.
-
-Examples:
-
-basicConstraints=CA:TRUE
-basicConstraints=critical,CA:TRUE, pathlen:0
-
-NOTE: for a CA to be considered valid it must have the CA option set to
-TRUE. An end user certificate MUST NOT have the CA value set to true.
-According to PKIX recommendations it should exclude the extension entirely,
-however some software may require CA set to FALSE for end entity certificates.
-
-Extended Key Usage.
-
-This extensions consists of a list of usages.
-
-These can either be object short names of the dotted numerical form of OIDs.
-While any OID can be used only certain values make sense. In particular the
-following PKIX, NS and MS values are meaningful:
-
-Value			Meaning
------			-------
-serverAuth		SSL/TLS Web Server Authentication.
-clientAuth		SSL/TLS Web Client Authentication.
-codeSigning		Code signing.
-emailProtection		E-mail Protection (S/MIME).
-timeStamping		Trusted Timestamping
-msCodeInd		Microsoft Individual Code Signing (authenticode)
-msCodeCom		Microsoft Commercial Code Signing (authenticode)
-msCTLSign		Microsoft Trust List Signing
-msSGC			Microsoft Server Gated Crypto
-msEFS			Microsoft Encrypted File System
-nsSGC			Netscape Server Gated Crypto
-
-For example, under IE5 a CA can be used for any purpose: by including a list
-of the above usages the CA can be restricted to only authorised uses.
-
-Note: software packages may place additional interpretations on certificate 
-use, in particular some usages may only work for selected CAs. Don't for example
-expect just including msSGC or nsSGC will automatically mean that a certificate
-can be used for SGC ("step up" encryption) otherwise anyone could use it.
-
-Examples:
-
-extendedKeyUsage=critical,codeSigning,1.2.3.4
-extendedKeyUsage=nsSGC,msSGC
-
-Subject Key Identifier.
-
-This is really a string extension and can take two possible values. Either
-a hex string giving details of the extension value to include or the word
-'hash' which then automatically follow PKIX guidelines in selecting and
-appropriate key identifier. The use of the hex string is strongly discouraged.
-
-Example: subjectKeyIdentifier=hash
-
-Authority Key Identifier.
-
-The authority key identifier extension permits two options. keyid and issuer:
-both can take the optional value "always".
-
-If the keyid option is present an attempt is made to copy the subject key
-identifier from the parent certificate. If the value "always" is present
-then an error is returned if the option fails.
-
-The issuer option copies the issuer and serial number from the issuer
-certificate. Normally this will only be done if the keyid option fails or
-is not included: the "always" flag will always include the value.
-
-Subject Alternative Name.
-
-The subject alternative name extension allows various literal values to be
-included in the configuration file. These include "email" (an email address)
-"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
-registered ID: OBJECT IDENTIFIER), IP (and IP address) and otherName.
-
-Also the email option include a special 'copy' value. This will automatically
-include and email addresses contained in the certificate subject name in
-the extension.
-
-otherName can include arbitrary data associated with an OID: the value
-should be the OID followed by a semicolon and the content in standard
-ASN1_generate_nconf() format.
-
-Examples:
-
-subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
-subjectAltName=email:my@other.address,RID:1.2.3.4
-subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
-
-Issuer Alternative Name.
-
-The issuer alternative name option supports all the literal options of
-subject alternative name. It does *not* support the email:copy option because
-that would not make sense. It does support an additional issuer:copy option
-that will copy all the subject alternative name values from the issuer 
-certificate (if possible).
-
-Example:
-
-issuserAltName = issuer:copy
-
-Authority Info Access.
-
-The authority information access extension gives details about how to access
-certain information relating to the CA. Its syntax is accessOID;location
-where 'location' has the same syntax as subject alternative name (except
-that email:copy is not supported). accessOID can be any valid OID but only
-certain values are meaningful for example OCSP and caIssuers. OCSP gives the
-location of an OCSP responder: this is used by Netscape PSM and other software.
-
-Example:
-
-authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
-authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
-
-CRL distribution points.
-
-This is a multi-valued extension that supports all the literal options of
-subject alternative name. Of the few software packages that currently interpret
-this extension most only interpret the URI option.
-
-Currently each option will set a new DistributionPoint with the fullName
-field set to the given value.
-
-Other fields like cRLissuer and reasons cannot currently be set or displayed:
-at this time no examples were available that used these fields.
-
-If you see this extension with <UNSUPPORTED> when you attempt to print it out
-or it doesn't appear to display correctly then let me know, including the
-certificate (mail me at steve@openssl.org) .
-
-Examples:
-
-crlDistributionPoints=URI:http://www.myhost.com/myca.crl
-crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
-
-Certificate Policies.
-
-This is a RAW extension. It attempts to display the contents of this extension:
-unfortunately this extension is often improperly encoded.
-
-The certificate policies extension will rarely be used in practice: few
-software packages interpret it correctly or at all. IE5 does partially
-support this extension: but it needs the 'ia5org' option because it will
-only correctly support a broken encoding. Of the options below only the
-policy OID, explicitText and CPS options are displayed with IE5.
-
-All the fields of this extension can be set by using the appropriate syntax.
-
-If you follow the PKIX recommendations of not including any qualifiers and just
-using only one OID then you just include the value of that OID. Multiple OIDs
-can be set separated by commas, for example:
-
-certificatePolicies= 1.2.4.5, 1.1.3.4
-
-If you wish to include qualifiers then the policy OID and qualifiers need to
-be specified in a separate section: this is done by using the @section syntax
-instead of a literal OID value.
-
-The section referred to must include the policy OID using the name
-policyIdentifier, cPSuri qualifiers can be included using the syntax:
-
-CPS.nnn=value
-
-userNotice qualifiers can be set using the syntax:
-
-userNotice.nnn=@notice
-
-The value of the userNotice qualifier is specified in the relevant section.
-This section can include explicitText, organization and noticeNumbers
-options. explicitText and organization are text strings, noticeNumbers is a
-comma separated list of numbers. The organization and noticeNumbers options
-(if included) must BOTH be present. If you use the userNotice option with IE5
-then you need the 'ia5org' option at the top level to modify the encoding:
-otherwise it will not be interpreted properly.
-
-Example:
-
-certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
-
-[polsect]
-
-policyIdentifier = 1.3.5.8
-CPS.1="http://my.host.name/"
-CPS.2="http://my.your.name/"
-userNotice.1=@notice
-
-[notice]
-
-explicitText="Explicit Text Here"
-organization="Organisation Name"
-noticeNumbers=1,2,3,4
-
-TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
-according to PKIX it should be of type DisplayText but Verisign uses an 
-IA5STRING and IE5 needs this too.
-
-Display only extensions.
-
-Some extensions are only partially supported and currently are only displayed
-but cannot be set. These include private key usage period, CRL number, and
-CRL reason.
-
-==============================================================================
-		X509V3 Extension code: programmers guide
-==============================================================================
-
-The purpose of the extension code is twofold. It allows an extension to be
-created from a string or structure describing its contents and it prints out an
-extension in a human or machine readable form.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed before calling the extension functions.
-You used to have to call X509V3_add_standard_extensions(); but this is no longer
-required and this function no longer does anything.
-
-void X509V3_EXT_cleanup(void);
-
-This function should be called to cleanup the extension code if any custom
-extensions have been added. If no custom extensions have been added then this
-call does nothing. After this call all custom extension code is freed up but
-you can still use the standard extensions.
-
-2. Printing and parsing extensions.
-
-The simplest way to print out extensions is via the standard X509 printing
-routines: if you use the standard X509_print() function, the supported
-extensions will be printed out automatically.
-
-The following functions allow finer control over extension display:
-
-int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
-int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
-
-These two functions print out an individual extension to a BIO or FILE pointer.
-Currently the flag argument is unused and should be set to 0. The 'indent'
-argument is the number of spaces to indent each line.
-
-void *X509V3_EXT_d2i(X509_EXTENSION *ext);
-
-This function parses an extension and returns its internal structure. The
-precise structure you get back depends on the extension being parsed. If the
-extension if basicConstraints you will get back a pointer to a
-BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
-details about the structures returned. The returned structure should be freed
-after use using the relevant free function, BASIC_CONSTRAINTS_free() for 
-example.
-
-void	*	X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
-void	*	X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
-void	*	X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
-void 	*	X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
-
-These functions combine the operations of searching for extensions and
-parsing them. They search a certificate, a CRL a CRL entry or a stack
-of extensions respectively for extension whose NID is 'nid' and return
-the parsed result of NULL if an error occurred. For example:
-
-BASIC_CONSTRAINTS *bs;
-bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
-
-This will search for the basicConstraints extension and either return
-it value or NULL. NULL can mean either the extension was not found, it
-occurred more than once or it could not be parsed.
-
-If 'idx' is NULL then an extension is only parsed if it occurs precisely
-once. This is standard behaviour because extensions normally cannot occur
-more than once. If however more than one extension of the same type can
-occur it can be used to parse successive extensions for example:
-
-int i;
-void *ext;
-
-i = -1;
-for(;;) {
-	ext = X509_get_ext_d2i(x, nid, crit, &idx);
-	if(ext == NULL) break;
-	 /* Do something with ext */
-}
-
-If 'crit' is not NULL and the extension was found then the int it points to
-is set to 1 for critical extensions and 0 for non critical. Therefore if the
-function returns NULL but 'crit' is set to 0 or 1 then the extension was
-found but it could not be parsed.
-
-The int pointed to by crit will be set to -1 if the extension was not found
-and -2 if the extension occurred more than once (this will only happen if
-idx is NULL). In both cases the function will return NULL.
-
-3. Generating extensions.
-
-An extension will typically be generated from a configuration file, or some
-other kind of configuration database.
-
-int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-								 X509 *cert);
-int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
-								 X509_CRL *crl);
-
-These functions add all the extensions in the given section to the given
-certificate or CRL. They will normally be called just before the certificate
-or CRL is due to be signed. Both return 0 on error on non zero for success.
-
-In each case 'conf' is the LHASH pointer of the configuration file to use
-and 'section' is the section containing the extension details.
-
-See the 'context functions' section for a description of the ctx parameter.
-
-
-X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
-								 char *value);
-
-This function returns an extension based on a name and value pair, if the
-pair will not need to access other sections in a config file (or there is no
-config file) then the 'conf' parameter can be set to NULL.
-
-X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
-								 char *value);
-
-This function creates an extension in the same way as X509V3_EXT_conf() but
-takes the NID of the extension rather than its name.
-
-For example to produce basicConstraints with the CA flag and a path length of
-10:
-
-x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
-
-
-X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
-
-This function sets up an extension from its internal structure. The ext_nid
-parameter is the NID of the extension and 'crit' is the critical flag.
-
-4. Context functions.
-
-The following functions set and manipulate an extension context structure.
-The purpose of the extension context is to allow the extension code to
-access various structures relating to the "environment" of the certificate:
-for example the issuers certificate or the certificate request.
-
-void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
-                                 X509_REQ *req, X509_CRL *crl, int flags);
-
-This function sets up an X509V3_CTX structure with details of the certificate
-environment: specifically the issuers certificate, the subject certificate,
-the certificate request and the CRL: if these are not relevant or not
-available then they can be set to NULL. The 'flags' parameter should be set
-to zero.
-
-X509V3_set_ctx_test(ctx)
-
-This macro is used to set the 'ctx' structure to a 'test' value: this is to
-allow the syntax of an extension (or configuration file) to be tested.
-
-X509V3_set_ctx_nodb(ctx)
-
-This macro is used when no configuration database is present.
-
-void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
-
-This function is used to set the configuration database when it is an LHASH
-structure: typically a configuration file.
-
-The following functions are used to access a configuration database: they
-should only be used in RAW extensions.
-
-char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
-
-This function returns the value of the parameter "name" in "section", or NULL
-if there has been an error.
-
-void X509V3_string_free(X509V3_CTX *ctx, char *str);
-
-This function frees up the string returned by the above function.
-
-STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
-
-This function returns a whole section as a STACK_OF(CONF_VALUE) .
-
-void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
-
-This function frees up the STACK returned by the above function.
-
-Note: it is possible to use the extension code with a custom configuration
-database. To do this the "db_meth" element of the X509V3_CTX structure should
-be set to an X509V3_CTX_METHOD structure. This structure contains the following
-function pointers:
-
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
-void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
-
-these will be called and passed the 'db' element in the X509V3_CTX structure
-to access the database. If a given function is not implemented or not required
-it can be set to NULL.
-
-5. String helper functions.
-
-There are several "i2s" and "s2i" functions that convert structures to and
-from ASCII strings. In all the "i2s" cases the returned string should be
-freed using Free() after use. Since some of these are part of other extension
-code they may take a 'method' parameter. Unless otherwise stated it can be
-safely set to NULL.
-
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
-
-This returns a hex string from an ASN1_OCTET_STRING.
-
-char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
-char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
-
-These return a string decimal representations of an ASN1_INTEGER and an
-ASN1_ENUMERATED type, respectively.
-
-ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
-                                                   X509V3_CTX *ctx, char *str);
-
-This converts an ASCII hex string to an ASN1_OCTET_STRING.
-
-ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
-
-This converts a decimal ASCII string into an ASN1_INTEGER.
-
-6. Multi valued extension helper functions.
-
-The following functions can be used to manipulate STACKs of CONF_VALUE
-structures, as used by multi valued extensions.
-
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-
-This function expects a boolean value in 'value' and sets 'asn1_bool' to
-it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
-strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
-"false", "N", "n", "NO" or "no".
-
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
-
-This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
-
-int X509V3_add_value(const char *name, const char *value,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This simply adds a string name and value pair.
-
-int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-                          			STACK_OF(CONF_VALUE) **extlist);
-
-The same as above but for an unsigned character value.
-
-int X509V3_add_value_bool(const char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
-
-int X509V3_add_value_bool_nf(char *name, int asn1_bool,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This is the same as above except it adds nothing if asn1_bool is FALSE.
-
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
-						STACK_OF(CONF_VALUE) **extlist);
-
-This function adds the value of the ASN1_INTEGER in decimal form.
-
-7. Other helper functions.
-
-<to be added>
-
-ADDING CUSTOM EXTENSIONS.
-
-Currently there are three types of supported extensions. 
-
-String extensions are simple strings where the value is placed directly in the
-extensions, and the string returned is printed out.
-
-Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
-or return a STACK_OF(CONF_VALUE).
-
-Raw extensions are just passed a BIO or a value and it is the extensions
-responsibility to handle all the necessary printing.
-
-There are two ways to add an extension. One is simply as an alias to an already
-existing extension. An alias is an extension that is identical in ASN1 structure
-to an existing extension but has a different OBJECT IDENTIFIER. This can be
-done by calling:
-
-int X509V3_EXT_add_alias(int nid_to, int nid_from);
-
-'nid_to' is the new extension NID and 'nid_from' is the already existing
-extension NID.
-
-Alternatively an extension can be written from scratch. This involves writing
-the ASN1 code to encode and decode the extension and functions to print out and
-generate the extension from strings. The relevant functions are then placed in
-a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
-called.
-
-The X509V3_EXT_METHOD structure is described below.
-
-struct {
-int ext_nid;
-int ext_flags;
-X509V3_EXT_NEW ext_new;
-X509V3_EXT_FREE ext_free;
-X509V3_EXT_D2I d2i;
-X509V3_EXT_I2D i2d;
-X509V3_EXT_I2S i2s;
-X509V3_EXT_S2I s2i;
-X509V3_EXT_I2V i2v;
-X509V3_EXT_V2I v2i;
-X509V3_EXT_R2I r2i;
-X509V3_EXT_I2R i2r;
-
-void *usr_data;
-};
-
-The elements have the following meanings.
-
-ext_nid		is the NID of the object identifier of the extension.
-
-ext_flags	is set of flags. Currently the only external flag is
-		X509V3_EXT_MULTILINE which means a multi valued extensions
-		should be printed on separate lines.
-
-usr_data	is an extension specific pointer to any relevant data. This
-		allows extensions to share identical code but have different
-		uses. An example of this is the bit string extension which uses
-		usr_data to contain a list of the bit names.
-
-All the remaining elements are function pointers.
-
-ext_new		is a pointer to a function that allocates memory for the
-		extension ASN1 structure: for example ASN1_OBJECT_new().
-
-ext_free	is a pointer to a function that free up memory of the extension
-		ASN1 structure: for example ASN1_OBJECT_free().
-
-d2i		is the standard ASN1 function that converts a DER buffer into
-		the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
-
-i2d		is the standard ASN1 function that converts the internal
-		structure into the DER representation: for example
-		i2d_ASN1_IA5STRING().
-
-The remaining functions are depend on the type of extension. One i2X and
-one X2i should be set and the rest set to NULL. The types set do not need
-to match up, for example the extension could be set using the multi valued
-v2i function and printed out using the raw i2r.
-
-All functions have the X509V3_EXT_METHOD passed to them in the 'method'
-parameter and an X509V3_CTX structure. Extension code can then access the
-parent structure via the 'method' parameter to for example make use of the value
-of usr_data. If the code needs to use detail relating to the request it can
-use the 'ctx' parameter.
-
-A note should be given here about the 'flags' member of the 'ctx' parameter.
-If it has the value CTX_TEST then the configuration syntax is being checked
-and no actual certificate or CRL exists. Therefore any attempt in the config
-file to access such information should silently succeed. If the syntax is OK
-then it should simply return a (possibly bogus) extension, otherwise it
-should return NULL.
-
-char *i2s(struct v3_ext_method *method, void *ext);
-
-This function takes the internal structure in the ext parameter and returns
-a Malloc'ed string representing its value.
-
-void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This function takes the string representation in the ext parameter and returns
-an allocated internal structure: ext_free() will be used on this internal
-structure after use.
-
-i2v and v2i handle a STACK_OF(CONF_VALUE):
-
-typedef struct
-{
-        char *section;
-        char *name;
-        char *value;
-} CONF_VALUE;
-
-Only the name and value members are currently used.
-
-STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
-
-This function is passed the internal structure in the ext parameter and
-returns a STACK of CONF_VALUE structures. The values of name, value,
-section and the structure itself will be freed up with Free after use.
-Several helper functions are available to add values to this STACK.
-
-void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
-						STACK_OF(CONF_VALUE) *values);
-
-This function takes a STACK_OF(CONF_VALUE) structures and should set the
-values of the external structure. This typically uses the name element to
-determine which structure element to set and the value element to determine
-what to set it to. Several helper functions are available for this
-purpose (see above).
-
-int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
-
-This function is passed the internal extension structure in the ext parameter
-and sends out a human readable version of the extension to out. The 'indent'
-parameter should be noted to determine the necessary amount of indentation
-needed on the output.
-
-void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
-
-This is just passed the string representation of the extension. It is intended
-to be used for more elaborate extensions where the standard single and multi
-valued options are insufficient. They can use the 'ctx' parameter to parse the
-configuration database themselves. See the context functions section for details
-of how to do this.
-
-Note: although this type takes the same parameters as the "r2s" function there
-is a subtle difference. Whereas an "r2i" function can access a configuration
-database an "s2i" function MUST NOT. This is so the internal code can safely
-assume that an "s2i" function will work without a configuration database.
-
-==============================================================================
-                            PKCS#12 Library
-==============================================================================
-
-This section describes the internal PKCS#12 support. There are very few
-differences between the old external library and the new internal code at
-present. This may well change because the external library will not be updated
-much in future.
-
-This version now includes a couple of high level PKCS#12 functions which
-generally "do the right thing" and should make it much easier to handle PKCS#12
-structures.
-
-HIGH LEVEL FUNCTIONS.
-
-For most applications you only need concern yourself with the high level
-functions. They can parse and generate simple PKCS#12 files as produced by
-Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
-private key and certificate pair.
-
-1. Initialisation and cleanup.
-
-No special initialisation is needed for the internal PKCS#12 library: the 
-standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
-add all algorithms (you should at least add SHA1 though) then you can manually
-initialise the PKCS#12 library with:
-
-PKCS12_PBE_add();
-
-The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
-called or it can be directly freed with:
-
-EVP_PBE_cleanup();
-
-after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
-be called.
-
-2. I/O functions.
-
-i2d_PKCS12_bio(bp, p12)
-
-This writes out a PKCS12 structure to a BIO.
-
-i2d_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-d2i_PKCS12_bio(bp, p12)
-
-This reads in a PKCS12 structure from a BIO.
-
-d2i_PKCS12_fp(fp, p12)
-
-This is the same but for a FILE pointer.
-
-3. High level functions.
-
-3.1 Parsing with PKCS12_parse().
-
-int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
-								 STACK **ca);
-
-This function takes a PKCS12 structure and a password (ASCII, null terminated)
-and returns the private key, the corresponding certificate and any CA
-certificates. If any of these is not required it can be passed as a NULL.
-The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
-structure. Typically to read in a PKCS#12 file you might do:
-
-p12 = d2i_PKCS12_fp(fp, NULL);
-PKCS12_parse(p12, password, &pkey, &cert, NULL); 	/* CAs not wanted */
-PKCS12_free(p12);
-
-3.2 PKCS#12 creation with PKCS12_create().
-
-PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
-			STACK *ca, int nid_key, int nid_cert, int iter,
-						 int mac_iter, int keytype);
-
-This function will create a PKCS12 structure from a given password, name,
-private key, certificate and optional STACK of CA certificates. The remaining
-5 parameters can be set to 0 and sensible defaults will be used.
-
-The parameters nid_key and nid_cert are the key and certificate encryption
-algorithms, iter is the encryption iteration count, mac_iter is the MAC
-iteration count and keytype is the type of private key. If you really want
-to know what these last 5 parameters do then read the low level section.
-
-Typically to create a PKCS#12 file the following could be used:
-
-p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
-i2d_PKCS12_fp(fp, p12);
-PKCS12_free(p12);
-
-3.3 Changing a PKCS#12 structure password.
-
-int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
-
-This changes the password of an already existing PKCS#12 structure. oldpass
-is the old password and newpass is the new one. An error occurs if the old
-password is incorrect.
-
-LOW LEVEL FUNCTIONS.
-
-In some cases the high level functions do not provide the necessary
-functionality. For example if you want to generate or parse more complex
-PKCS#12 files. The sample pkcs12 application uses the low level functions
-to display details about the internal structure of a PKCS#12 file.
-
-Introduction.
-
-This is a brief description of how a PKCS#12 file is represented internally:
-some knowledge of PKCS#12 is assumed.
-
-A PKCS#12 object contains several levels.
-
-At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
-CRL, a private key, encrypted or unencrypted, a set of safebags (so the
-structure can be nested) or other secrets (not documented at present). 
-A safebag can optionally have attributes, currently these are: a unicode
-friendlyName (a Unicode string) or a localKeyID (a string of bytes).
-
-At the next level is an authSafe which is a set of safebags collected into
-a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
-
-At the top level is the PKCS12 structure itself which contains a set of
-authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
-contains a MAC which is a kind of password protected digest to preserve
-integrity (so any unencrypted stuff below can't be tampered with).
-
-The reason for these levels is so various objects can be encrypted in various
-ways. For example you might want to encrypt a set of private keys with
-triple-DES and then include the related certificates either unencrypted or
-with lower encryption. Yes it's the dreaded crypto laws at work again which
-allow strong encryption on private keys and only weak encryption on other
-stuff.
-
-To build one of these things you turn all certificates and keys into safebags
-(with optional attributes). You collect the safebags into (one or more) STACKS
-and convert these into authsafes (encrypted or unencrypted).  The authsafes
-are collected into a STACK and added to a PKCS12 structure.  Finally a MAC
-inserted.
-
-Pulling one apart is basically the reverse process. The MAC is verified against
-the given password. The authsafes are extracted and each authsafe split into
-a set of safebags (possibly involving decryption). Finally the safebags are
-decomposed into the original keys and certificates and the attributes used to
-match up private key and certificate pairs.
-
-Anyway here are the functions that do the dirty work.
-
-1. Construction functions.
-
-1.1 Safebag functions.
-
-M_PKCS12_x5092certbag(x509)
-
-This macro takes an X509 structure and returns a certificate bag. The
-X509 structure can be freed up after calling this function.
-
-M_PKCS12_x509crl2certbag(crl)
-
-As above but for a CRL.
-
-PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
-
-Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
-Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
-structure contains a private key data in plain text form it should be free'd
-up as soon as it has been encrypted for security reasons (freeing up the
-structure zeros out the sensitive data). This can be done with
-PKCS8_PRIV_KEY_INFO_free().
-
-PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
-
-This sets the key type when a key is imported into MSIE or Outlook 98. Two
-values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
-key that can also be used for signing but its size is limited in the export
-versions of MS software to 512 bits, it is also the default. KEY_SIG is a
-signing only key but the keysize is unlimited (well 16K is supposed to work).
-If you are using the domestic version of MSIE then you can ignore this because
-KEY_EX is not limited and can be used for both.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS8 private key structure into a keybag. This routine embeds the
-p8 structure in the keybag so p8 should not be freed up or used after it is
-called.  The p8 structure will be freed up when the safebag is freed.
-
-PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
-
-Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
-embedded and can be freed up after use.
-
-int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
-
-Add a local key id or a friendlyname to a safebag.
-
-1.2 Authsafe functions.
-
-PKCS7 *PKCS12_pack_p7data(STACK *sk)
-Take a stack of safebags and convert them into an unencrypted authsafe. The
-stack of safebags can be freed up after calling this function.
-
-PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
-
-As above but encrypted.
-
-1.3 PKCS12 functions.
-
-PKCS12 *PKCS12_init(int mode)
-
-Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
-
-M_PKCS12_pack_authsafes(p12, safes)
-
-This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
-
-int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
-
-Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
-that SHA-1 should be used.
-
-2. Extraction Functions.
-
-2.1 Safebags.
-
-M_PKCS12_bag_type(bag)
-
-Return the type of "bag". Returns one of the following
-
-NID_keyBag
-NID_pkcs8ShroudedKeyBag			7
-NID_certBag				8
-NID_crlBag				9
-NID_secretBag				10
-NID_safeContentsBag			11
-
-M_PKCS12_cert_bag_type(bag)
-
-Returns type of certificate bag, following are understood.
-
-NID_x509Certificate			14
-NID_sdsiCertificate			15
-
-M_PKCS12_crl_bag_type(bag)
-
-Returns crl bag type, currently only NID_crlBag is recognised.
-
-M_PKCS12_certbag2x509(bag)
-
-This macro extracts an X509 certificate from a certificate bag.
-
-M_PKCS12_certbag2x509crl(bag)
-
-As above but for a CRL.
-
-EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
-
-Extract a private key from a PKCS8 private key info structure.
-
-M_PKCS12_decrypt_skey(bag, pass, passlen) 
-
-Decrypt a shrouded key bag and return a PKCS8 private key info structure.
-Works with both RSA and DSA keys
-
-char *PKCS12_get_friendlyname(bag)
-
-Returns the friendlyName of a bag if present or NULL if none. The returned
-string is a null terminated ASCII string allocated with Malloc(). It should 
-thus be freed up with Free() after use.
-
-2.2 AuthSafe functions.
-
-M_PKCS12_unpack_p7data(p7)
-
-Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
-
-#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
-
-As above but for an encrypted content info.
-
-2.3 PKCS12 functions.
-
-M_PKCS12_unpack_authsafes(p12)
-
-Extract a STACK of authsafes from a PKCS12 structure.
-
-M_PKCS12_mac_present(p12)
-
-Check to see if a MAC is present.
-
-int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
-
-Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
-
-
-Notes.
-
-1. All the function return 0 or NULL on error.
-2. Encryption based functions take a common set of parameters. These are
-described below.
-
-pass, passlen
-ASCII password and length. The password on the MAC is called the "integrity
-password" the encryption password is called the "privacy password" in the
-PKCS#12 documentation. The passwords do not have to be the same. If -1 is
-passed for the length it is worked out by the function itself (currently
-this is sometimes done whatever is passed as the length but that may change).
-
-salt, saltlen
-A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
-default length is used.
-
-iter
-Iteration count. This is a measure of how many times an internal function is
-called to encrypt the data. The larger this value is the longer it takes, it
-makes dictionary attacks on passwords harder. NOTE: Some implementations do
-not support an iteration count on the MAC. If the password for the MAC and
-encryption is the same then there is no point in having a high iteration
-count for encryption if the MAC has no count. The MAC could be attacked
-and the password used for the main decryption.
-
-pbe_nid
-This is the NID of the password based encryption method used. The following are
-supported.
-NID_pbe_WithSHA1And128BitRC4
-NID_pbe_WithSHA1And40BitRC4
-NID_pbe_WithSHA1And3_Key_TripleDES_CBC
-NID_pbe_WithSHA1And2_Key_TripleDES_CBC
-NID_pbe_WithSHA1And128BitRC2_CBC
-NID_pbe_WithSHA1And40BitRC2_CBC
-
-Which you use depends on the implementation you are exporting to. "Export
-grade" (i.e. cryptographically challenged) products cannot support all
-algorithms. Typically you may be able to use any encryption on shrouded key
-bags but they must then be placed in an unencrypted authsafe. Other authsafes
-may only support 40bit encryption. Of course if you are using SSLeay
-throughout you can strongly encrypt everything and have high iteration counts
-on everything.
-
-3. For decryption routines only the password and length are needed.
-
-4. Unlike the external version the nid's of objects are the values of the
-constants: that is NID_certBag is the real nid, therefore there is no 
-PKCS12_obj_offset() function.  Note the object constants are not the same as
-those of the external version. If you use these constants then you will need
-to recompile your code.
-
-5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or 
-macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
-reused or freed up safely.
-
diff --git a/lib/libssl/src/doc/ssl/BIO_f_ssl.3 b/lib/libssl/src/doc/ssl/BIO_f_ssl.3
deleted file mode 100644
index f70b6c1e235..00000000000
--- a/lib/libssl/src/doc/ssl/BIO_f_ssl.3
+++ /dev/null
@@ -1,479 +0,0 @@
-.\"
-.\"	$OpenBSD: BIO_f_ssl.3,v 1.4 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt BIO_F_SSL 3
-.Os
-.Sh NAME
-.Nm BIO_f_ssl ,
-.Nm BIO_set_ssl ,
-.Nm BIO_get_ssl ,
-.Nm BIO_set_ssl_mode ,
-.Nm BIO_set_ssl_renegotiate_bytes ,
-.Nm BIO_get_num_renegotiates ,
-.Nm BIO_set_ssl_renegotiate_timeout ,
-.Nm BIO_new_ssl ,
-.Nm BIO_new_ssl_connect ,
-.Nm BIO_new_buffer_ssl_connect ,
-.Nm BIO_ssl_copy_session_id ,
-.Nm BIO_ssl_shutdown ,
-.Nm BIO_do_handshake
-.Nd SSL BIO
-.Sh SYNOPSIS
-.In openssl/bio.h
-.In openssl/ssl.h
-.Ft BIO_METHOD *
-.Fn BIO_f_ssl void
-.Fd #define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
-.Fd #define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
-.Fd #define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
-.Fd #define BIO_set_ssl_renegotiate_bytes(b,num) \
-BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL)
-.Fd #define BIO_set_ssl_renegotiate_timeout(b,seconds) \
-BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL)
-.Fd #define BIO_get_num_renegotiates(b) \
-BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL)
-.Ft BIO *
-.Fn BIO_new_ssl "SSL_CTX *ctx" "int client"
-.Ft BIO *
-.Fn BIO_new_ssl_connect "SSL_CTX *ctx"
-.Ft BIO *
-.Fn BIO_new_buffer_ssl_connect "SSL_CTX *ctx"
-.Ft int
-.Fn BIO_ssl_copy_session_id "BIO *to" "BIO *from"
-.Ft void
-.Fn BIO_ssl_shutdown "BIO *bio"
-.Fd #define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
-.Sh DESCRIPTION
-.Fn BIO_f_ssl
-returns the
-.Vt SSL
-.Vt BIO
-method.
-This is a filter
-.Vt BIO
-which is a wrapper around the OpenSSL
-.Vt SSL
-routines adding a
-.Vt BIO
-.Dq flavor
-to SSL I/O.
-.Pp
-I/O performed on an
-.Vt SSL
-.Vt BIO
-communicates using the SSL protocol with
-the
-.Vt SSL Ns 's
-read and write
-.Vt BIO Ns s.
-If an SSL connection is not established then an attempt is made to establish
-one on the first I/O call.
-.Pp
-If a
-.Vt BIO
-is appended to an
-.Vt SSL
-.Vt BIO
-using
-.Xr BIO_push 3
-it is automatically used as the
-.Vt SSL
-.Vt BIO Ns 's read and write
-.Vt BIO Ns s.
-.Pp
-Calling
-.Xr BIO_reset 3
-on an
-.Vt SSL
-.Vt BIO
-closes down any current SSL connection by calling
-.Xr SSL_shutdown 3 .
-.Xr BIO_reset
-is then sent to the next
-.Vt BIO
-in the chain; this will typically disconnect the underlying transport.
-The
-.Vt SSL
-.Vt BIO
-is then reset to the initial accept or connect state.
-.Pp
-If the close flag is set when an
-.Vt SSL
-.Vt BIO
-is freed then the internal
-.Vt SSL
-structure is also freed using
-.Xr SSL_free 3 .
-.Pp
-.Fn BIO_set_ssl
-sets the internal
-.Vt SSL
-pointer of
-.Vt BIO
-.Fa b
-to
-.Fa ssl
-using
-the close flag
-.Fa c .
-.Pp
-.Fn BIO_get_ssl
-retrieves the
-.Vt SSL
-pointer of
-.Vt BIO
-.Fa b ;
-it can then be manipulated using the standard SSL library functions.
-.Pp
-.Fn BIO_set_ssl_mode
-sets the
-.Vt SSL
-.Vt BIO
-mode to
-.Fa client .
-If
-.Fa client
-is 1, client mode is set.
-If
-.Fa client
-is 0, server mode is set.
-.Pp
-.Fn BIO_set_ssl_renegotiate_bytes
-sets the renegotiate byte count to
-.Fa num .
-When set after every
-.Fa num
-bytes of I/O (read and write) the SSL session is automatically renegotiated.
-.Fa num
-must be at least 512 bytes.
-.Pp
-.Fn BIO_set_ssl_renegotiate_timeout
-sets the renegotiate timeout to
-.Fa seconds .
-When the renegotiate timeout elapses the session is automatically renegotiated.
-.Pp
-.Fn BIO_get_num_renegotiates
-returns the total number of session renegotiations due to I/O or timeout.
-.Pp
-.Fn BIO_new_ssl
-allocates an
-.Vt SSL
-.Vt BIO
-using
-.Vt SSL_CTX
-.Va ctx
-and using client mode if
-.Fa client
-is nonzero.
-.Pp
-.Fn BIO_new_ssl_connect
-creates a new
-.Vt BIO
-chain consisting of an
-.Vt SSL
-.Vt BIO
-(using
-.Fa ctx )
-followed by a connect BIO.
-.Pp
-.Fn BIO_new_buffer_ssl_connect
-creates a new
-.Vt BIO
-chain consisting of a buffering
-.Vt BIO ,
-an
-.Vt SSL
-.Vt BIO
-(using
-.Fa ctx )
-and a connect
-.Vt BIO .
-.Pp
-.Fn BIO_ssl_copy_session_id
-copies an SSL session id between
-.Vt BIO
-chains
-.Fa from
-and
-.Fa to .
-It does this by locating the
-.Vt SSL
-.Vt BIO Ns s
-in each chain and calling
-.Xr SSL_copy_session_id 3
-on the internal
-.Vt SSL
-pointer.
-.Pp
-.Fn BIO_ssl_shutdown
-closes down an SSL connection on
-.Vt BIO
-chain
-.Fa bio .
-It does this by locating the
-.Vt SSL
-.Vt BIO
-in the
-chain and calling
-.Xr SSL_shutdown 3
-on its internal
-.Vt SSL
-pointer.
-.Pp
-.Fn BIO_do_handshake
-attempts to complete an SSL handshake on the supplied
-.Vt BIO
-and establish the SSL connection.
-It returns 1 if the connection was established successfully.
-A zero or negative value is returned if the connection could not be
-established; the call
-.Xr BIO_should_retry 3
-should be used for non blocking connect
-.Vt BIO Ns s
-to determine if the call should be retried.
-If an SSL connection has already been established this call has no effect.
-.Sh NOTES
-.Vt SSL
-.Vt BIO Ns s
-are exceptional in that if the underlying transport is non-blocking they can
-still request a retry in exceptional circumstances.
-Specifically this will happen if a session renegotiation takes place during a
-.Xr BIO_read 3
-operation.
-One case where this happens is when step up occurs.
-.Pp
-In OpenSSL 0.9.6 and later the SSL flag
-.Dv SSL_AUTO_RETRY
-can be set to disable this behaviour.
-In other words, when this flag is set an
-.Vt SSL
-.Vt BIO
-using a blocking transport will never request a retry.
-.Pp
-Since unknown
-.Xr BIO_ctrl 3
-operations are sent through filter
-.Vt BIO Ns s
-the server name and port can be set using
-.Xr BIO_set_host 3
-on the
-.Vt BIO
-returned by
-.Fn BIO_new_ssl_connect
-without having to locate the connect
-.Vt BIO
-first.
-.Pp
-Applications do not have to call
-.Fn BIO_do_handshake
-but may wish to do so to separate the handshake process from other I/O
-processing.
-.Sh RETURN VALUES
-.\" XXX
-This section is incomplete.
-.Sh EXAMPLES
-This SSL/TLS client example attempts to retrieve a page from an SSL/TLS web
-server.
-The I/O routines are identical to those of the unencrypted example in
-.Xr BIO_s_connect 3 .
-.Bd -literal
-BIO *sbio, *out;
-int len;
-char tmpbuf[1024];
-SSL_CTX *ctx;
-SSL *ssl;
-
-ERR_load_crypto_strings();
-ERR_load_SSL_strings();
-OpenSSL_add_all_algorithms();
-
-/*
- * We would seed the PRNG here if the platform didn't do it automatically
- */
-
-ctx = SSL_CTX_new(SSLv23_client_method());
-
-/*
- * We'd normally set some stuff like the verify paths and mode here because
- * as things stand this will connect to any server whose certificate is
- * signed by any CA.
- */
-
-sbio = BIO_new_ssl_connect(ctx);
-
-BIO_get_ssl(sbio, &ssl);
-
-if (!ssl) {
-	fprintf(stderr, "Can't locate SSL pointer\en");
-	/* whatever ... */
-}
-
-/* Don't want any retries */
-SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
-
-/* We might want to do other things with ssl here */
-
-BIO_set_conn_hostname(sbio, "localhost:https");
-
-out = BIO_new_fp(stdout, BIO_NOCLOSE);
-if (BIO_do_connect(sbio) <= 0) {
-	fprintf(stderr, "Error connecting to server\en");
-	ERR_print_errors_fp(stderr);
-	/* whatever ... */
-}
-
-if (BIO_do_handshake(sbio) <= 0) {
-	fprintf(stderr, "Error establishing SSL connection\en");
-	ERR_print_errors_fp(stderr);
-	/* whatever ... */
-}
-
-/* Could examine ssl here to get connection info */
-
-BIO_puts(sbio, "GET / HTTP/1.0\en\en");
-for (;;) {
-	len = BIO_read(sbio, tmpbuf, 1024);
-	if(len <= 0) break;
-	BIO_write(out, tmpbuf, len);
-}
-BIO_free_all(sbio);
-BIO_free(out);
-.Ed
-.Pp
-Here is a simple server example.
-It makes use of a buffering
-.Vt BIO
-to allow lines to be read from the
-.Vt SSL
-.Vt BIO
-using
-.Xr BIO_gets 3 .
-It creates a pseudo web page containing the actual request from a client and
-also echoes the request to standard output.
-.Bd -literal
-BIO *sbio, *bbio, *acpt, *out;
-int len;
-char tmpbuf[1024];
-SSL_CTX *ctx;
-SSL *ssl;
-
-ERR_load_crypto_strings();
-ERR_load_SSL_strings();
-OpenSSL_add_all_algorithms();
-
-/* Might seed PRNG here */
-
-ctx = SSL_CTX_new(SSLv23_server_method());
-
-if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
-    || !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM)
-    || !SSL_CTX_check_private_key(ctx)) {
-	fprintf(stderr, "Error setting up SSL_CTX\en");
-	ERR_print_errors_fp(stderr);
-	return 0;
-}
-
-/*
- * Might do other things here like setting verify locations and DH and/or
- * RSA temporary key callbacks
- */
-
-/* New SSL BIO setup as server */
-sbio = BIO_new_ssl(ctx,0);
-
-BIO_get_ssl(sbio, &ssl);
-
-if (!ssl) {
-	fprintf(stderr, "Can't locate SSL pointer\en");
-	/* whatever ... */
-}
-
-/* Don't want any retries */
-SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
-
-/* Create the buffering BIO */
-
-bbio = BIO_new(BIO_f_buffer());
-
-/* Add to chain */
-sbio = BIO_push(bbio, sbio);
-
-acpt = BIO_new_accept("4433");
-
-/*
- * By doing this when a new connection is established we automatically
- * have sbio inserted into it. The BIO chain is now 'swallowed' by the
- * accept BIO and will be freed when the accept BIO is freed.
- */
-
-BIO_set_accept_bios(acpt,sbio);
-
-out = BIO_new_fp(stdout, BIO_NOCLOSE);
-
-/* Setup accept BIO */
-if (BIO_do_accept(acpt) <= 0) {
-	fprintf(stderr, "Error setting up accept BIO\en");
-	ERR_print_errors_fp(stderr);
-	return 0;
-}
-
-/* Now wait for incoming connection */
-if (BIO_do_accept(acpt) <= 0) {
-	fprintf(stderr, "Error in connection\en");
-	ERR_print_errors_fp(stderr);
-	return 0;
-}
-
-/* We only want one connection so remove and free accept BIO */
-
-sbio = BIO_pop(acpt);
-
-BIO_free_all(acpt);
-
-if (BIO_do_handshake(sbio) <= 0) {
-	fprintf(stderr, "Error in SSL handshake\en");
-	ERR_print_errors_fp(stderr);
-	return 0;
-}
-
-BIO_puts(sbio, "HTTP/1.0 200 OK\er\enContent-type: text/plain\er\en\er\en");
-BIO_puts(sbio, "\er\enConnection Established\er\enRequest headers:\er\en");
-BIO_puts(sbio, "--------------------------------------------------\er\en");
-
-for (;;) {
-	len = BIO_gets(sbio, tmpbuf, 1024);
-	if (len <= 0)
-		break;
-	BIO_write(sbio, tmpbuf, len);
-	BIO_write(out, tmpbuf, len);
-	/* Look for blank line signifying end of headers */
-	if ((tmpbuf[0] == '\er') || (tmpbuf[0] == '\en'))
-		break;
-}
-
-BIO_puts(sbio, "--------------------------------------------------\er\en");
-BIO_puts(sbio, "\er\en");
-
-/* Since there is a buffering BIO present we had better flush it */
-BIO_flush(sbio);
-
-BIO_free_all(sbio);
-.Ed
-.Sh BUGS
-In OpenSSL versions before 1.0.0 the
-.Xr BIO_pop 3
-call was handled incorrectly:
-the I/O BIO reference count was incorrectly incremented (instead of
-decremented) and dissociated with the
-.Vt SSL
-.Vt BIO
-even if the
-.Vt SSL
-.Vt BIO
-was not
-explicitly being popped (e.g., a pop higher up the chain).
-Applications which included workarounds for this bug (e.g., freeing BIOs more
-than once) should be modified to handle this fix or they may free up an already
-freed
-.Vt BIO .
diff --git a/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.3 b/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.3
deleted file mode 100644
index ebc478f9c60..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CIPHER_get_name.3
+++ /dev/null
@@ -1,196 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CIPHER_get_name.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CIPHER_GET_NAME 3
-.Os
-.Sh NAME
-.Nm SSL_CIPHER_get_name ,
-.Nm SSL_CIPHER_get_bits ,
-.Nm SSL_CIPHER_get_version ,
-.Nm SSL_CIPHER_description
-.Nd get SSL_CIPHER properties
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_CIPHER_get_name "const SSL_CIPHER *cipher"
-.Ft int
-.Fn SSL_CIPHER_get_bits "const SSL_CIPHER *cipher" "int *alg_bits"
-.Ft char *
-.Fn SSL_CIPHER_get_version "const SSL_CIPHER *cipher"
-.Ft char *
-.Fn SSL_CIPHER_description "const SSL_CIPHER *cipher" "char *buf" "int size"
-.Sh DESCRIPTION
-.Fn SSL_CIPHER_get_name
-returns a pointer to the name of
-.Fa cipher .
-If the
-argument is the
-.Dv NULL
-pointer, a pointer to the constant value
-.Qq NONE
-is returned.
-.Pp
-.Fn SSL_CIPHER_get_bits
-returns the number of secret bits used for
-.Fa cipher .
-If
-.Fa alg_bits
-is not
-.Dv NULL ,
-it contains the number of bits processed by the
-chosen algorithm.
-If
-.Fa cipher
-is
-.Dv NULL ,
-0 is returned.
-.Pp
-.Fn SSL_CIPHER_get_version
-returns a string which indicates the SSL/TLS protocol version that first
-defined the cipher.
-This is currently
-.Qq SSLv2
-or
-.Qq TLSv1/SSLv3 .
-In some cases it should possibly return
-.Qq TLSv1.2
-but the function does not; use
-.Xr SSL_CIPHER_description 3
-instead.
-If
-.Fa cipher
-is
-.Dv NULL ,
-.Qq (NONE)
-is returned.
-.Pp
-.Fn SSL_CIPHER_description
-returns a textual description of the cipher used into the buffer
-.Fa buf
-of length
-.Fa len
-provided.
-If
-.Fa buf
-is
-.Dv NULL ,
-a buffer is allocated using
-.Xr asprintf 3 ;
-that buffer should be freed using the
-.Xr free 3
-function.
-If
-.Fa len
-is too small, or if
-.Fa buf
-is
-.Dv NULL
-and the allocation fails, a pointer to the string
-.Qq Buffer too small
-is returned.
-.Sh NOTES
-The number of bits processed can be different from the secret bits.
-For example, an export cipher like EXP-RC4-MD5 has only 40 secret bits.
-The algorithm does use the full 128 bits (which would be returned for
-.Fa alg_bits ) ,
-but 88 bits are fixed.
-The search space is hence only 40 bits.
-.Pp
-The string returned by
-.Fn SSL_CIPHER_description
-in case of success consists
-of cleartext information separated by one or more blanks in the following
-sequence:
-.Bl -tag -width Ds
-.It Aq Ar ciphername
-Textual representation of the cipher name.
-.It Aq Ar protocol version
-Protocol version:
-.Em SSLv2 ,
-.Em SSLv3 ,
-.Em TLSv1.2 .
-The TLSv1.0 ciphers are flagged with SSLv3.
-No new ciphers were added by TLSv1.1.
-.It Kx= Ns Aq Ar key exchange
-Key exchange method:
-.Em RSA
-(for export ciphers as
-.Em RSA(512)
-or
-.Em RSA(1024) ) ,
-.Em DH
-(for export ciphers as
-.Em DH(512)
-or
-.Em DH(1024) ) ,
-.Em DH/RSA ,
-.Em DH/DSS ,
-.Em Fortezza .
-.It Au= Ns Aq Ar authentication
-Authentication method:
-.Em RSA ,
-.Em DSS ,
-.Em DH ,
-.Em None .
-.Em None
-is the representation of anonymous ciphers.
-.It Enc= Ns Aq Ar symmetric encryption method
-Encryption method with number of secret bits:
-.Em DES(40) ,
-.Em DES(56) ,
-.Em 3DES(168) ,
-.Em RC4(40) ,
-.Em RC4(56) ,
-.Em RC4(64) ,
-.Em RC4(128) ,
-.Em RC2(40) ,
-.Em RC2(56) ,
-.Em RC2(128) ,
-.Em IDEA(128) ,
-.Em Fortezza ,
-.Em None .
-.It Mac= Ns Aq Ar message authentication code
-Message digest:
-.Em MD5 ,
-.Em SHA1 .
-.It Aq Ar export flag
-If the cipher is flagged exportable with respect to old US crypto
-regulations, the word
-.Dq export
-is printed.
-.El
-.Sh RETURN VALUES
-See
-.Sx DESCRIPTION
-.Sh EXAMPLES
-Some examples for the output of
-.Fn SSL_CIPHER_description :
-.D1 "EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1"
-.D1 "EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1"
-.D1 "RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5"
-.D1 "EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export"
-.Pp
-A complete list can be retrieved by invoking the following command:
-.Pp
-.Dl $ openssl ciphers -v ALL
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_get_ciphers 3 ,
-.Xr SSL_get_current_cipher 3
-.Sh BUGS
-If
-.Fn SSL_CIPHER_description
-is called with
-.Fa cipher
-being
-.Dv NULL ,
-the library crashes.
-.Pp
-If
-.Fn SSL_CIPHER_description
-cannot handle a built-in cipher,
-the according description of the cipher property is
-.Qq unknown .
-This case should not occur.
diff --git a/lib/libssl/src/doc/ssl/SSL_COMP_add_compression_method.3 b/lib/libssl/src/doc/ssl/SSL_COMP_add_compression_method.3
deleted file mode 100644
index d683574dd3c..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_COMP_add_compression_method.3
+++ /dev/null
@@ -1,68 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_COMP_add_compression_method.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_COMP_ADD_COMPRESSION_METHOD 3
-.Os
-.Sh NAME
-.Nm SSL_COMP_add_compression_method
-.Nd handle SSL/TLS integrated compression methods
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_COMP_add_compression_method "int id" "COMP_METHOD *cm"
-.Sh DESCRIPTION
-.Fn SSL_COMP_add_compression_method
-adds the compression method
-.Fa cm
-with the identifier
-.Fa id
-to the list of available compression methods.
-This list is globally maintained for all SSL operations within this application.
-It cannot be set for specific SSL_CTX or SSL objects.
-.Sh NOTES
-The TLS standard (or SSLv3) allows the integration of compression methods
-into the communication.
-The TLS RFC does however not specify compression methods or their corresponding
-identifiers, so there is currently no compatible way to integrate compression
-with unknown peers.
-It is therefore currently not recommended to integrate compression into
-applications.
-Applications for non-public use may agree on certain compression methods.
-Using different compression methods with the same identifier will lead to
-connection failure.
-.Pp
-An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
-will unconditionally send the list of all compression methods enabled with
-.Fn SSL_COMP_add_compression_method
-to the server during the handshake.
-Unlike the mechanisms to set a cipher list, there is no method available to
-restrict the list of compression method on a per connection basis.
-.Pp
-An OpenSSL server will match the identifiers listed by a client against
-its own compression methods and will unconditionally activate compression
-when a matching identifier is found.
-There is no way to restrict the list of compression methods supported on a per
-connection basis.
-.Pp
-The OpenSSL library has the compression methods
-.Fn COMP_rle
-and (when especially enabled during compilation)
-.Fn COMP_zlib
-available.
-.Sh WARNINGS
-Once the identities of the compression methods for the TLS protocol have
-been standardized, the compression API will most likely be changed.
-Using it in the current state is not recommended.
-.Sh RETURN VALUES
-.Fn SSL_COMP_add_compression_method
-may return the following values:
-.Bl -tag -width Ds
-.It 0
-The operation succeeded.
-.It 1
-The operation failed.
-Check the error queue to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_add_extra_chain_cert.3 b/lib/libssl/src/doc/ssl/SSL_CTX_add_extra_chain_cert.3
deleted file mode 100644
index c18d2206430..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_add_extra_chain_cert.3
+++ /dev/null
@@ -1,45 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_add_extra_chain_cert.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_ADD_EXTRA_CHAIN_CERT 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_add_extra_chain_cert
-.Nd add certificate to chain
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_add_extra_chain_cert "SSL_CTX ctx" "X509 *x509"
-.Sh DESCRIPTION
-.Fn SSL_CTX_add_extra_chain_cert
-adds the certificate
-.Fa x509
-to the certificate chain presented together with the certificate.
-Several certificates can be added one after the other.
-.Sh NOTES
-When constructing the certificate chain, the chain will be formed from
-these certificates explicitly specified.
-If no chain is specified, the library will try to complete the chain from the
-available CA certificates in the trusted CA storage, see
-.Xr SSL_CTX_load_verify_locations 3 .
-.Pp
-The x509 certificate provided to
-.Fn SSL_CTX_add_extra_chain_cert
-will be freed by the library when the
-.Vt SSL_CTX
-is destroyed.
-An application
-.Em should not
-free the
-.Fa x509
-object.
-.Sh RETURN VALUES
-.Fn SSL_CTX_add_extra_chain_cert
-returns 1 on success.
-Check out the error stack to find out the reason for failure otherwise.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3 ,
-.Xr SSL_CTX_use_certificate 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_add_session.3 b/lib/libssl/src/doc/ssl/SSL_CTX_add_session.3
deleted file mode 100644
index 073b919dc10..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_add_session.3
+++ /dev/null
@@ -1,90 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_add_session.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_ADD_SESSION 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_add_session ,
-.Nm SSL_add_session ,
-.Nm SSL_CTX_remove_session ,
-.Nm SSL_remove_session
-.Nd manipulate session cache
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_add_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Ft int
-.Fn SSL_add_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Ft int
-.Fn SSL_CTX_remove_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Ft int
-.Fn SSL_remove_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Sh DESCRIPTION
-.Fn SSL_CTX_add_session
-adds the session
-.Fa c
-to the context
-.Fa ctx .
-The reference count for session
-.Fa c
-is incremented by 1.
-If a session with the same session id already exists,
-the old session is removed by calling
-.Xr SSL_SESSION_free 3 .
-.Pp
-.Fn SSL_CTX_remove_session
-removes the session
-.Fa c
-from the context
-.Fa ctx .
-.Xr SSL_SESSION_free 3
-is called once for
-.Fa c .
-.Pp
-.Fn SSL_add_session
-and
-.Fn SSL_remove_session
-are synonyms for their
-.Fn SSL_CTX_*
-counterparts.
-.Sh NOTES
-When adding a new session to the internal session cache, it is examined
-whether a session with the same session id already exists.
-In this case it is assumed that both sessions are identical.
-If the same session is stored in a different
-.Vt SSL_SESSION
-object, the old session is removed and replaced by the new session.
-If the session is actually identical (the
-.Vt SSL_SESSION
-object is identical),
-.Fn SSL_CTX_add_session
-is a no-op, and the return value is 0.
-.Pp
-If a server
-.Vt SSL_CTX
-is configured with the
-.Dv SSL_SESS_CACHE_NO_INTERNAL_STORE
-flag then the internal cache will not be populated automatically by new
-sessions negotiated by the SSL/TLS implementation, even though the internal
-cache will be searched automatically for session-resume requests (the
-latter can be suppressed by
-.Dv SSL_SESS_CACHE_NO_INTERNAL_LOOKUP ) .
-So the application can use
-.Fn SSL_CTX_add_session
-directly to have full control over the sessions that can be resumed if desired.
-.Sh RETURN VALUES
-The following values are returned by all functions:
-.Bl -tag -width Ds
-.It 0
-The operation failed.
-In case of the add operation, it was tried to add the same (identical) session
-twice.
-In case of the remove operation, the session was not found in the cache.
-.It 1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_SESSION_free 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_ctrl.3 b/lib/libssl/src/doc/ssl/SSL_CTX_ctrl.3
deleted file mode 100644
index a016845585f..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_ctrl.3
+++ /dev/null
@@ -1,49 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_ctrl.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_CTRL 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_ctrl ,
-.Nm SSL_CTX_callback_ctrl ,
-.Nm SSL_ctrl ,
-.Nm SSL_callback_ctrl
-.Nd internal handling functions for SSL_CTX and SSL objects
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_ctrl "SSL_CTX *ctx" "int cmd" "long larg" "void *parg"
-.Ft long
-.Fn SSL_CTX_callback_ctrl "SSL_CTX *" "int cmd" "void (*fp)()"
-.Ft long
-.Fn SSL_ctrl "SSL *ssl" "int cmd" "long larg" "void *parg"
-.Ft long
-.Fn SSL_callback_ctrl "SSL *" "int cmd" "void (*fp)()"
-.Sh DESCRIPTION
-The
-.Fn SSL_*_ctrl
-family of functions is used to manipulate settings of
-the
-.Vt SSL_CTX
-and
-.Vt SSL
-objects.
-Depending on the command
-.Fa cmd
-the arguments
-.Fa larg ,
-.Fa parg ,
-or
-.Fa fp
-are evaluated.
-These functions should never be called directly.
-All functionalities needed are made available via other functions or macros.
-.Sh RETURN VALUES
-The return values of the
-.Fn SSL*_ctrl
-functions depend on the command supplied via the
-.Fn cmd
-parameter.
-.Sh SEE ALSO
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.3 b/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.3
deleted file mode 100644
index 9d3c52cdd52..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_flush_sessions.3
+++ /dev/null
@@ -1,57 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_flush_sessions.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_FLUSH_SESSIONS 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_flush_sessions ,
-.Nm SSL_flush_sessions
-.Nd remove expired sessions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_flush_sessions "SSL_CTX *ctx" "long tm"
-.Ft void
-.Fn SSL_flush_sessions "SSL_CTX *ctx" "long tm"
-.Sh DESCRIPTION
-.Fn SSL_CTX_flush_sessions
-causes a run through the session cache of
-.Fa ctx
-to remove sessions expired at time
-.Fa tm .
-.Pp
-.Fn SSL_flush_sessions
-is a synonym for
-.Fn SSL_CTX_flush_sessions .
-.Sh NOTES
-If enabled, the internal session cache will collect all sessions established
-up to the specified maximum number (see
-.Fn SSL_CTX_sess_set_cache_size ) .
-As sessions will not be reused ones they are expired, they should be
-removed from the cache to save resources.
-This can either be done automatically whenever 255 new sessions were
-established (see
-.Xr SSL_CTX_set_session_cache_mode 3 )
-or manually by calling
-.Fn SSL_CTX_flush_sessions .
-.Pp
-The parameter
-.Fa tm
-specifies the time which should be used for the
-expiration test, in most cases the actual time given by
-.Fn time 0
-will be used.
-.Pp
-.Fn SSL_CTX_flush_sessions
-will only check sessions stored in the internal cache.
-When a session is found and removed, the
-.Va remove_session_cb
-is however called to synchronize with the external cache (see
-.Xr SSL_CTX_sess_set_get_cb 3 ) .
-.Sh RETURN VALUES
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_CTX_set_timeout 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_free.3 b/lib/libssl/src/doc/ssl/SSL_CTX_free.3
deleted file mode 100644
index 84f5eb57eec..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_free.3
+++ /dev/null
@@ -1,53 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_free.3,v 1.3 2015/12/30 18:45:02 millert Exp $
-.\"
-.Dd $Mdocdate: December 30 2015 $
-.Dt SSL_CTX_FREE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_free
-.Nd free an allocated SSL_CTX object
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_free "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_free
-decrements the reference count of
-.Fa ctx ,
-and removes the
-.Vt SSL_CTX
-object pointed to by
-.Fa ctx
-and frees up the allocated memory if the reference count has reached 0.
-If
-.Fa ctx
-is a
-.Dv NULL
-pointer, no action occurs.
-.Pp
-It also calls the
-.Xr free 3 Ns ing
-procedures for indirectly affected items, if applicable:
-the session cache, the list of ciphers, the list of Client CAs,
-the certificates and keys.
-.Sh WARNINGS
-If a session-remove callback is set
-.Pq Xr SSL_CTX_sess_set_remove_cb 3 ,
-this callback will be called for each session being freed from
-.Fa ctx Ns 's
-session cache.
-This implies that all corresponding sessions from an external session cache are
-removed as well.
-If this is not desired, the user should explicitly unset the callback by
-calling
-.Fn SSL_CTX_sess_set_remove_cb ctx NULL
-prior to calling
-.Fn SSL_CTX_free .
-.Sh RETURN VALUES
-.Fn SSL_CTX_free
-does not provide diagnostic information.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_get_ex_new_index.3 b/lib/libssl/src/doc/ssl/SSL_CTX_get_ex_new_index.3
deleted file mode 100644
index 18e41dd7d29..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_get_ex_new_index.3
+++ /dev/null
@@ -1,70 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_get_ex_new_index.3,v 1.3 2015/09/14 15:51:20 schwarze Exp $
-.\"
-.Dd $Mdocdate: September 14 2015 $
-.Dt SSL_CTX_GET_EX_NEW_INDEX 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_get_ex_new_index ,
-.Nm SSL_CTX_set_ex_data ,
-.Nm SSL_CTX_get_ex_data
-.Nd internal application specific data functions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_CTX_get_ex_new_index
-.Fa "long argl"
-.Fa "void *argp"
-.Fa "CRYPTO_EX_new *new_func"
-.Fa "CRYPTO_EX_dup *dup_func"
-.Fa "CRYPTO_EX_free *free_func"
-.Fc
-.Ft int
-.Fn SSL_CTX_set_ex_data "SSL_CTX *ctx" "int idx" "void *arg"
-.Ft void *
-.Fn SSL_CTX_get_ex_data "const SSL_CTX *ctx" "int idx"
-.Bd -literal
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                int idx, long argl, void *argp);
-.Ed
-.Sh DESCRIPTION
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-.Pp
-.Fn SSL_CTX_get_ex_new_index
-is used to register a new index for application specific data.
-.Pp
-.Fn SSL_CTX_set_ex_data
-is used to store application data at
-.Fa arg
-for
-.Fa idx
-into the
-.Fa ctx
-object.
-.Pp
-.Fn SSL_CTX_get_ex_data
-is used to retrieve the information for
-.Fa idx
-from
-.Fa ctx .
-.Pp
-A detailed description for the
-.Fn *_get_ex_new_index
-functionality can be found in
-.Xr RSA_get_ex_new_index 3 .
-The
-.Fn *_get_ex_data
-and
-.Fn *_set_ex_data
-functionality is described in
-.Xr CRYPTO_set_ex_data 3 .
-.Sh SEE ALSO
-.Xr CRYPTO_set_ex_data 3 ,
-.Xr RSA_get_ex_new_index 3 ,
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_get_verify_mode.3 b/lib/libssl/src/doc/ssl/SSL_CTX_get_verify_mode.3
deleted file mode 100644
index 12e21db6a3a..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_get_verify_mode.3
+++ /dev/null
@@ -1,73 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_get_verify_mode.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_GET_VERIFY_MODE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_get_verify_mode ,
-.Nm SSL_get_verify_mode ,
-.Nm SSL_CTX_get_verify_depth ,
-.Nm SSL_get_verify_depth ,
-.Nm SSL_get_verify_callback ,
-.Nm SSL_CTX_get_verify_callback
-.Nd get currently set verification parameters
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_get_verify_mode "const SSL_CTX *ctx"
-.Ft int
-.Fn SSL_get_verify_mode "const SSL *ssl"
-.Ft int
-.Fn SSL_CTX_get_verify_depth "const SSL_CTX *ctx"
-.Ft int
-.Fn SSL_get_verify_depth "const SSL *ssl"
-.Ft int
-.Fo "(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))"
-.Fa int "X509_STORE_CTX *"
-.Fc
-.Ft int
-.Fo "(*SSL_get_verify_callback(const SSL *ssl))"
-.Fa int "X509_STORE_CTX *"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_get_verify_mode
-returns the verification mode currently set in
-.Fa ctx .
-.Pp
-.Fn SSL_get_verify_mode
-returns the verification mode currently set in
-.Fa ssl .
-.Pp
-.Fn SSL_CTX_get_verify_depth
-returns the verification depth limit currently set
-in
-.Fa ctx .
-If no limit has been explicitly set,
-\(mi1 is returned and the default value will be used.
-.Pp
-.Fn SSL_get_verify_depth
-returns the verification depth limit currently set in
-.Fa ssl .
-If no limit has been explicitly set,
-\(mi1 is returned and the default value will be used.
-.Pp
-.Fn SSL_CTX_get_verify_callback
-returns a function pointer to the verification callback currently set in
-.Fa ctx .
-If no callback was explicitly set, the
-.Dv NULL
-pointer is returned and the default callback will be used.
-.Pp
-.Fn SSL_get_verify_callback
-returns a function pointer to the verification callback currently set in
-.Fa ssl .
-If no callback was explicitly set, the
-.Dv NULL
-pointer is returned and the default callback will be used.
-.Sh RETURN VALUES
-See
-.Sx DESCRIPTION
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_verify 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_load_verify_locations.3 b/lib/libssl/src/doc/ssl/SSL_CTX_load_verify_locations.3
deleted file mode 100644
index 09884db5dad..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_load_verify_locations.3
+++ /dev/null
@@ -1,161 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_load_verify_locations.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_LOAD_VERIFY_LOCATIONS 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_load_verify_locations
-.Nd set default locations for trusted CA certificates
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_CTX_load_verify_locations
-.Fa "SSL_CTX *ctx" "const char *CAfile" "const char *CApath"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_load_verify_locations
-specifies the locations for
-.Fa ctx ,
-at which CA certificates for verification purposes are located.
-The certificates available via
-.Fa CAfile
-and
-.Fa CApath
-are trusted.
-.Sh NOTES
-If
-.Fa CAfile
-is not
-.Dv NULL ,
-it points to a file of CA certificates in PEM format.
-The file can contain several CA certificates identified by sequences of:
-.Bd -literal
- -----BEGIN CERTIFICATE-----
- ... (CA certificate in base64 encoding) ...
- -----END CERTIFICATE-----
-.Ed
-Before, between, and after the certificates arbitrary text is allowed which can
-be used, e.g., for descriptions of the certificates.
-.Pp
-The
-.Fa CAfile
-is processed on execution of the
-.Fn SSL_CTX_load_verify_locations
-function.
-.Pp
-If
-.Fa CApath
-is not NULL, it points to a directory containing CA certificates in PEM format.
-The files each contain one CA certificate.
-The files are looked up by the CA subject name hash value,
-which must hence be available.
-If more than one CA certificate with the same name hash value exist,
-the extension must be different (e.g.,
-.Pa 9d66eef0.0 ,
-.Pa 9d66eef0.1 ,
-etc.).
-The search is performed in the ordering of the extension number,
-regardless of other properties of the certificates.
-.Pp
-The certificates in
-.Fa CApath
-are only looked up when required, e.g., when building the certificate chain or
-when actually performing the verification of a peer certificate.
-.Pp
-When looking up CA certificates, the OpenSSL library will first search the
-certificates in
-.Fa CAfile ,
-then those in
-.Fa CApath .
-Certificate matching is done based on the subject name, the key identifier (if
-present), and the serial number as taken from the certificate to be verified.
-If these data do not match, the next certificate will be tried.
-If a first certificate matching the parameters is found,
-the verification process will be performed;
-no other certificates for the same parameters will be searched in case of
-failure.
-.Pp
-In server mode, when requesting a client certificate, the server must send
-the list of CAs of which it will accept client certificates.
-This list is not influenced by the contents of
-.Fa CAfile
-or
-.Fa CApath
-and must explicitly be set using the
-.Xr SSL_CTX_set_client_CA_list 3
-family of functions.
-.Pp
-When building its own certificate chain, an OpenSSL client/server will try to
-fill in missing certificates from
-.Fa CAfile Ns / Fa CApath ,
-if the
-certificate chain was not explicitly specified (see
-.Xr SSL_CTX_add_extra_chain_cert 3
-and
-.Xr SSL_CTX_use_certificate 3 ) .
-.Sh WARNINGS
-If several CA certificates matching the name, key identifier, and serial
-number condition are available, only the first one will be examined.
-This may lead to unexpected results if the same CA certificate is available
-with different expiration dates.
-If a
-.Dq certificate expired
-verification error occurs, no other certificate will be searched.
-Make sure to not have expired certificates mixed with valid ones.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The operation failed because
-.Fa CAfile
-and
-.Fa CApath
-are
-.Dv NULL
-or the processing at one of the locations specified failed.
-Check the error stack to find out the reason.
-.It 1
-The operation succeeded.
-.El
-.Sh EXAMPLES
-Generate a CA certificate file with descriptive text from the CA certificates
-.Pa ca1.pem
-.Pa ca2.pem
-.Pa ca3.pem :
-.Bd -literal
-#!/bin/sh
-rm CAfile.pem
-for i in ca1.pem ca2.pem ca3.pem; do
-	openssl x509 -in $i -text >> CAfile.pem
-done
-.Ed
-.Pp
-Prepare the directory /some/where/certs containing several CA certificates
-for use as
-.Fa CApath :
-.Bd -literal
-$ cd /some/where/certs
-$ rm -f *.[0-9]* *.r[0-9]*
-$ for c in *.pem; do
->    [ "$c" = "*.pem" ] && continue
->    hash=$(openssl x509 -noout -hash -in "$c")
->    if egrep -q -- '-BEGIN( X509 | TRUSTED | )CERTIFICATE-' "$c"; then
->      suf=0
->      while [ -e $hash.$suf ]; do suf=$(( $suf + 1 )); done
->      ln -s "$c" $hash.$suf
->    fi
->    if egrep -q -- '-BEGIN X509 CRL-' "$c"; then
->      suf=0
->      while [ -e $hash.r$suf ]; do suf=$(( $suf + 1 )); done
->      ln -s "$c" $hash.r$suf
->    fi
-> done
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_add_extra_chain_cert 3 ,
-.Xr SSL_CTX_set_cert_store 3 ,
-.Xr SSL_CTX_set_client_CA_list 3 ,
-.Xr SSL_CTX_use_certificate 3 ,
-.Xr SSL_get_client_CA_list 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_new.3 b/lib/libssl/src/doc/ssl/SSL_CTX_new.3
deleted file mode 100644
index d2c2b034528..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_new.3
+++ /dev/null
@@ -1,111 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_new.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_NEW 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_new ,
-.Nm SSLv3_method ,
-.Nm SSLv3_server_method ,
-.Nm SSLv3_client_method ,
-.Nm TLSv1_method ,
-.Nm TLSv1_server_method ,
-.Nm TLSv1_client_method ,
-.Nm TLSv1_1_method ,
-.Nm TLSv1_1_server_method ,
-.Nm TLSv1_1_client_method ,
-.Nm SSLv23_method ,
-.Nm SSLv23_server_method ,
-.Nm SSLv23_client_method
-.Nd create a new SSL_CTX object as framework for TLS/SSL enabled functions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL_CTX *
-.Fn SSL_CTX_new "const SSL_METHOD *method"
-.Sh DESCRIPTION
-.Fn SSL_CTX_new
-creates a new
-.Vt SSL_CTX
-object as framework to establish TLS/SSL enabled connections.
-.Sh NOTES
-The
-.Vt SSL_CTX
-object uses
-.Fa method
-as its connection method.
-The methods exist in a generic type (for client and server use),
-a server only type, and a client only type.
-.Fa method
-can be of the following types:
-.Bl -tag -width Ds
-.It Fn SSLv3_method void , Fn SSLv3_server_method void , \
-Fn SSLv3_client_method void
-A TLS/SSL connection established with these methods will only understand the
-SSLv3 protocol.
-A client will send out SSLv3 client hello messages and will indicate that it
-only understands SSLv3.
-A server will only understand SSLv3 client hello messages.
-Importantly, this means that it will not understand SSLv2 client hello messages
-which are widely used for compatibility reasons; see
-.Fn SSLv23_*_method .
-.It Fn TLSv1_method void , Fn TLSv1_server_method void , \
-Fn TLSv1_client_method void
-A TLS/SSL connection established with these methods will only understand the
-TLSv1 protocol.
-A client will send out TLSv1 client hello messages and will indicate that it
-only understands TLSv1.
-A server will only understand TLSv1 client hello messages.
-Importantly, this means that it will not understand SSLv2 client hello messages
-which are widely used for compatibility reasons; see
-.Fn SSLv23_*_method .
-It will also not understand SSLv3 client hello messages.
-.It Fn SSLv23_method void , Fn SSLv23_server_method void , \
-Fn SSLv23_client_method void
-A TLS/SSL connection established with these methods may understand the SSLv3,
-TLSv1, TLSv1.1 and TLSv1.2 protocols.
-.Pp
-A client will send out TLSv1 client hello messages including extensions and
-will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback
-to SSLv3.
-A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
-This is the best choice when compatibility is a concern.
-.El
-.Pp
-The list of protocols available can later be limited using the
-.Dv SSL_OP_NO_SSLv3 ,
-.Dv SSL_OP_NO_TLSv1 ,
-.Dv SSL_OP_NO_TLSv1_1 ,
-and
-.Dv SSL_OP_NO_TLSv1_2
-options of the
-.Fn SSL_CTX_set_options
-or
-.Fn SSL_set_options
-functions.
-Using these options it is possible to choose, for example,
-.Fn SSLv23_server_method
-and be able to negotiate with all possible clients,
-but to only allow newer protocols like TLSv1, TLSv1.1 or TLS v1.2.
-.Pp
-.Fn SSL_CTX_new
-initializes the list of ciphers, the session cache setting, the callbacks,
-the keys and certificates, and the options to its default values.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-The creation of a new
-.Vt SSL_CTX
-object failed.
-Check the error stack to find out the reason.
-.It Pointer to an SSL_CTX object
-The return value points to an allocated
-.Vt SSL_CTX
-object.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_CTX_free 3 ,
-.Xr SSL_set_connect_state 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_sess_number.3 b/lib/libssl/src/doc/ssl/SSL_CTX_sess_number.3
deleted file mode 100644
index f3af4eab07a..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_sess_number.3
+++ /dev/null
@@ -1,104 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_sess_number.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SESS_NUMBER 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_sess_number ,
-.Nm SSL_CTX_sess_connect ,
-.Nm SSL_CTX_sess_connect_good ,
-.Nm SSL_CTX_sess_connect_renegotiate ,
-.Nm SSL_CTX_sess_accept ,
-.Nm SSL_CTX_sess_accept_good ,
-.Nm SSL_CTX_sess_accept_renegotiate ,
-.Nm SSL_CTX_sess_hits ,
-.Nm SSL_CTX_sess_cb_hits ,
-.Nm SSL_CTX_sess_misses ,
-.Nm SSL_CTX_sess_timeouts ,
-.Nm SSL_CTX_sess_cache_full
-.Nd obtain session cache statistics
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_sess_number "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_connect "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_connect_good "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_connect_renegotiate "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_accept "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_accept_good "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_accept_renegotiate "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_hits "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_cb_hits "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_misses "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_timeouts "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_CTX_sess_cache_full "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_sess_number
-returns the current number of sessions in the internal session cache.
-.Pp
-.Fn SSL_CTX_sess_connect
-returns the number of started SSL/TLS handshakes in client mode.
-.Pp
-.Fn SSL_CTX_sess_connect_good
-returns the number of successfully established SSL/TLS sessions in client mode.
-.Pp
-.Fn SSL_CTX_sess_connect_renegotiate
-returns the number of start renegotiations in client mode.
-.Pp
-.Fn SSL_CTX_sess_accept
-returns the number of started SSL/TLS handshakes in server mode.
-.Pp
-.Fn SSL_CTX_sess_accept_good
-returns the number of successfully established SSL/TLS sessions in server mode.
-.Pp
-.Fn SSL_CTX_sess_accept_renegotiate
-returns the number of start renegotiations in server mode.
-.Pp
-.Fn SSL_CTX_sess_hits
-returns the number of successfully reused sessions.
-In client mode a session set with
-.Xr SSL_set_session 3
-successfully reused is counted as a hit.
-In server mode a session successfully retrieved from internal or external cache
-is counted as a hit.
-.Pp
-.Fn SSL_CTX_sess_cb_hits
-returns the number of successfully retrieved sessions from the external session
-cache in server mode.
-.Pp
-.Fn SSL_CTX_sess_misses
-returns the number of sessions proposed by clients that were not found in the
-internal session cache in server mode.
-.Pp
-.Fn SSL_CTX_sess_timeouts
-returns the number of sessions proposed by clients and either found in the
-internal or external session cache in server mode,
-but that were invalid due to timeout.
-These sessions are not included in the
-.Fn SSL_CTX_sess_hits
-count.
-.Pp
-.Fn SSL_CTX_sess_cache_full
-returns the number of sessions that were removed because the maximum session
-cache size was exceeded.
-.Sh RETURN VALUES
-The functions return the values indicated in the
-.Sx DESCRIPTION
-section.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_sess_set_cache_size 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_set_session 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.3 b/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.3
deleted file mode 100644
index 89d02dd32bd..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_cache_size.3
+++ /dev/null
@@ -1,55 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_sess_set_cache_size.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SESS_SET_CACHE_SIZE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_sess_set_cache_size ,
-.Nm SSL_CTX_sess_get_cache_size
-.Nd manipulate session cache size
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_sess_set_cache_size "SSL_CTX *ctx" "long t"
-.Ft long
-.Fn SSL_CTX_sess_get_cache_size "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_sess_set_cache_size
-sets the size of the internal session cache of context
-.Fa ctx
-to
-.Fa t .
-.Pp
-.Fn SSL_CTX_sess_get_cache_size
-returns the currently valid session cache size.
-.Sh NOTES
-The internal session cache size is
-.Dv SSL_SESSION_CACHE_MAX_SIZE_DEFAULT ,
-currently 1024\(mu20, so that up to 20000 sessions can be held.
-This size can be modified using the
-.Fn SSL_CTX_sess_set_cache_size
-call.
-A special case is the size 0, which is used for unlimited size.
-.Pp
-When the maximum number of sessions is reached,
-no more new sessions are added to the cache.
-New space may be added by calling
-.Xr SSL_CTX_flush_sessions 3
-to remove expired sessions.
-.Pp
-If the size of the session cache is reduced and more sessions are already in
-the session cache,
-old session will be removed the next time a session shall be added.
-This removal is not synchronized with the expiration of sessions.
-.Sh RETURN VALUES
-.Fn SSL_CTX_sess_set_cache_size
-returns the previously valid size.
-.Pp
-.Fn SSL_CTX_sess_get_cache_size
-returns the currently valid size.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_sess_number 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.3 b/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.3
deleted file mode 100644
index 7a372138c1c..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_sess_set_get_cb.3
+++ /dev/null
@@ -1,159 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_sess_set_get_cb.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SESS_SET_GET_CB 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_sess_set_new_cb ,
-.Nm SSL_CTX_sess_set_remove_cb ,
-.Nm SSL_CTX_sess_set_get_cb ,
-.Nm SSL_CTX_sess_get_new_cb ,
-.Nm SSL_CTX_sess_get_remove_cb ,
-.Nm SSL_CTX_sess_get_get_cb
-.Nd provide callback functions for server side external session caching
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_sess_set_new_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*new_session_cb)(SSL *, SSL_SESSION *)"
-.Fc
-.Ft void
-.Fo SSL_CTX_sess_set_remove_cb
-.Fa "SSL_CTX *ctx"
-.Fa "void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *)"
-.Fc
-.Ft void
-.Fo SSL_CTX_sess_set_get_cb
-.Fa "SSL_CTX *ctx"
-.Fa "SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *)"
-.Fc
-.Ft int
-.Fo "(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))"
-.Fa "struct ssl_st *ssl"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Ft void
-.Fo "(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))"
-.Fa "struct ssl_ctx_st *ctx"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Ft SSL_SESSION *
-.Fo "(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))"
-.Fa "struct ssl_st *ssl"
-.Fa "unsigned char *data"
-.Fa "int len"
-.Fa "int *copy"
-.Fc
-.Ft int
-.Fo "(*new_session_cb)"
-.Fa "struct ssl_st *ssl"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Ft void
-.Fo "(*remove_session_cb)"
-.Fa "struct ssl_ctx_st *ctx"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Ft SSL_SESSION *
-.Fo "(*get_session_cb)"
-.Fa "struct ssl_st *ssl"
-.Fa "unsigned char *data"
-.Fa "int len"
-.Fa "int *copy"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_sess_set_new_cb
-sets the callback function which is automatically called whenever a new session
-was negotiated.
-.Pp
-.Fn SSL_CTX_sess_set_remove_cb
-sets the callback function which is automatically called whenever a session is
-removed by the SSL engine (because it is considered faulty or the session has
-become obsolete because of exceeding the timeout value).
-.Pp
-.Fn SSL_CTX_sess_set_get_cb
-sets the callback function which is called whenever a SSL/TLS client proposes
-to resume a session but the session cannot be found in the internal session
-cache (see
-.Xr SSL_CTX_set_session_cache_mode 3 ) .
-(SSL/TLS server only.)
-.Pp
-.Fn SSL_CTX_sess_get_new_cb ,
-.Fn SSL_CTX_sess_get_remove_cb ,
-and
-.Fn SSL_CTX_sess_get_get_cb
-retrieve the function pointers of the provided callback functions.
-If a callback function has not been set, the
-.Dv NULL
-pointer is returned.
-.Sh NOTES
-In order to allow external session caching, synchronization with the internal
-session cache is realized via callback functions.
-Inside these callback functions, session can be saved to disk or put into a
-database using the
-.Xr d2i_SSL_SESSION 3
-interface.
-.Pp
-The
-.Fn new_session_cb
-function is called whenever a new session has been negotiated and session
-caching is enabled (see
-.Xr SSL_CTX_set_session_cache_mode 3 ) .
-The
-.Fn new_session_cb
-is passed the
-.Fa ssl
-connection and the ssl session
-.Fa sess .
-If the callback returns 0, the session will be immediately removed again.
-.Pp
-The
-.Fn remove_session_cb
-is called whenever the SSL engine removes a session from the internal cache.
-This happens when the session is removed because it is expired or when a
-connection was not shut down cleanly.
-It also happens for all sessions in the internal session cache when
-.Xr SSL_CTX_free 3
-is called.
-The
-.Fn remove_session_cb
-function is passed the
-.Fa ctx
-and the
-.Vt ssl
-session
-.Fa sess .
-It does not provide any feedback.
-.Pp
-The
-.Fn get_session_cb
-function is only called on SSL/TLS servers with the session id proposed by the
-client.
-The
-.Fn get_session_cb
-function is always called, also when session caching was disabled.
-The
-.Fn get_session_cb
-is passed the
-.Fa ssl
-connection, the session id of length
-.Fa length
-at the memory location
-.Fa data .
-With the parameter
-.Fa copy
-the callback can require the SSL engine to increment the reference count of the
-.Vt SSL_SESSION
-object,
-Normally the reference count is not incremented and therefore the session must
-not be explicitly freed with
-.Xr SSL_SESSION_free 3 .
-.Sh SEE ALSO
-.Xr d2i_SSL_SESSION 3 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_free 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_SESSION_free 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_sessions.3 b/lib/libssl/src/doc/ssl/SSL_CTX_sessions.3
deleted file mode 100644
index 23d9edb6e25..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_sessions.3
+++ /dev/null
@@ -1,35 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_sessions.3,v 1.3 2015/11/15 22:02:10 jmc Exp $
-.\"
-.Dd $Mdocdate: November 15 2015 $
-.Dt SSL_CTX_SESSIONS 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_sessions
-.Nd access internal session cache
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft struct lhash_st *
-.Fn SSL_CTX_sessions "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_sessions
-returns a pointer to the lhash databases containing the internal session cache
-for
-.Fa ctx .
-.Sh NOTES
-The sessions in the internal session cache are kept in an
-lhash-type database
-(see
-.Xr lh_new 3 ) .
-It is possible to directly access this database, e.g., for searching.
-In parallel,
-the sessions form a linked list which is maintained separately from the
-lhash operations,
-so that the database must not be modified directly but by using the
-.Xr SSL_CTX_add_session 3
-family of functions.
-.Sh SEE ALSO
-.Xr lh_new 3 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_add_session 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.3
deleted file mode 100644
index 8ef3c5561e6..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_store.3
+++ /dev/null
@@ -1,80 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_cert_store.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CERT_STORE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_cert_store ,
-.Nm SSL_CTX_get_cert_store
-.Nd manipulate X509 certificate verification storage
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *store"
-.Ft X509_STORE *
-.Fn SSL_CTX_get_cert_store "const SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_cert_store
-setsthe verification storage of
-.Fa ctx
-to or replaces it with
-.Fa store .
-If another
-.Vt X509_STORE
-object is currently set in
-.Fa ctx ,
-it will be
-.Xr X509_STORE_free 3 Ns ed.
-.Pp
-.Fn SSL_CTX_get_cert_store
-returns a pointer to the current certificate verification storage.
-.Sh NOTES
-In order to verify the certificates presented by the peer, trusted CA
-certificates must be accessed.
-These CA certificates are made available via lookup methods, handled inside the
-.Vt X509_STORE .
-From the
-.Vt X509_STORE
-the
-.Vt X509_STORE_CTX
-used when verifying certificates is created.
-.Pp
-Typically the trusted certificate store is handled indirectly via using
-.Xr SSL_CTX_load_verify_locations 3 .
-Using the
-.Fn SSL_CTX_set_cert_store
-and
-.Fn SSL_CTX_get_cert_store
-functions it is possible to manipulate the
-.Vt X509_STORE
-object beyond the
-.Xr SSL_CTX_load_verify_locations 3
-call.
-.Pp
-Currently no detailed documentation on how to use the
-.Vt X509_STORE
-object is available.
-Not all members of the
-.Vt X509_STORE
-are used when the verification takes place.
-So will, for example, the
-.Fn verify_callback
-be overridden with the
-.Fn verify_callback
-set via the
-.Xr SSL_CTX_set_verify 3
-family of functions.
-This document must therefore be updated when documentation about the
-.Vt X509_STORE
-object and its handling becomes available.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_cert_store
-does not return diagnostic output.
-.Pp
-.Fn SSL_CTX_get_cert_store
-returns the current setting.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_verify 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.3
deleted file mode 100644
index bb242d6929f..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_cert_verify_callback.3
+++ /dev/null
@@ -1,112 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_cert_verify_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CERT_VERIFY_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_cert_verify_callback
-.Nd set peer certificate verification procedure
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_cert_verify_callback
-.Fa "SSL_CTX *ctx"
-.Fa "int (*callback)(X509_STORE_CTX *, void *)"
-.Fa "void *arg"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_cert_verify_callback
-sets the verification callback function for
-.Fa ctx .
-.Vt SSL
-objects that are created from
-.Fa ctx
-inherit the setting valid at the time when
-.Xr SSL_new 3
-is called.
-.Sh NOTES
-Whenever a certificate is verified during a SSL/TLS handshake,
-a verification function is called.
-If the application does not explicitly specify a verification callback
-function, the built-in verification function is used.
-If a verification callback
-.Fa callback
-is specified via
-.Fn SSL_CTX_set_cert_verify_callback ,
-the supplied callback function is called instead.
-By setting
-.Fa callback
-to
-.Dv NULL ,
-the default behaviour is restored.
-.Pp
-When the verification must be performed,
-.Fa callback
-will be called with the arguments
-.Fn callback "X509_STORE_CTX *x509_store_ctx" "void *arg" .
-The argument
-.Fa arg
-is specified by the application when setting
-.Fa callback .
-.Pp
-.Fa callback
-should return 1 to indicate verification success and 0 to indicate verification
-failure.
-If
-.Dv SSL_VERIFY_PEER
-is set and
-.Fa callback
-returns 0, the handshake will fail.
-As the verification procedure may allow the connection to continue in case of
-failure (by always returning 1) the verification result must be set in any case
-using the
-.Fa error
-member of
-.Fa x509_store_ctx
-so that the calling application will be informed about the detailed result of
-the verification procedure!
-.Pp
-Within
-.Fa x509_store_ctx ,
-.Fa callback
-has access to the
-.Fa verify_callback
-function set using
-.Xr SSL_CTX_set_verify 3 .
-.Sh WARNINGS
-Do not mix the verification callback described in this function with the
-.Fa verify_callback
-function called during the verification process.
-The latter is set using the
-.Xr SSL_CTX_set_verify 3
-family of functions.
-.Pp
-Providing a complete verification procedure including certificate purpose
-settings, etc., is a complex task.
-The built-in procedure is quite powerful and in most cases it should be
-sufficient to modify its behaviour using the
-.Fa verify_callback
-function.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_cert_verify_callback
-does not provide diagnostic information.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_get_verify_result 3
-.Sh HISTORY
-Previous to OpenSSL 0.9.7, the
-.Fa arg
-argument to
-.Fn SSL_CTX_set_cert_verify_callback
-was ignored, and
-.Fa callback
-was called
-simply as
-.Ft int
-.Fn (*callback) "X509_STORE_CTX *" .
-To compile software written for previous versions of OpenSSL,
-a dummy argument will have to be added to
-.Fa callback .
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_cipher_list.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_cipher_list.3
deleted file mode 100644
index e7ce24fb34d..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_cipher_list.3
+++ /dev/null
@@ -1,82 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_cipher_list.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CIPHER_LIST 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_cipher_list ,
-.Nm SSL_set_cipher_list
-.Nd choose list of available SSL_CIPHERs
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_set_cipher_list "SSL_CTX *ctx" "const char *str"
-.Ft int
-.Fn SSL_set_cipher_list "SSL *ssl" "const char *str"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_cipher_list
-sets the list of available ciphers for
-.Fa ctx
-using the control string
-.Fa str .
-The format of the string is described
-in
-.Xr openssl 1 .
-The list of ciphers is inherited by all
-.Fa ssl
-objects created from
-.Fa ctx .
-.Pp
-.Fn SSL_set_cipher_list
-sets the list of ciphers only for
-.Fa ssl .
-.Sh NOTES
-The control string
-.Fa str
-should be universally usable and not depend on details of the library
-configuration (ciphers compiled in).
-Thus no syntax checking takes place.
-Items that are not recognized, because the corresponding ciphers are not
-compiled in or because they are mistyped, are simply ignored.
-Failure is only flagged if no ciphers could be collected at all.
-.Pp
-It should be noted that inclusion of a cipher to be used into the list is a
-necessary condition.
-On the client side, the inclusion into the list is also sufficient.
-On the server side, additional restrictions apply.
-All ciphers have additional requirements.
-ADH ciphers don't need a certificate, but DH-parameters must have been set.
-All other ciphers need a corresponding certificate and key.
-.Pp
-A RSA cipher can only be chosen when a RSA certificate is available.
-RSA export ciphers with a keylength of 512 bits for the RSA key require a
-temporary 512 bit RSA key, as typically the supplied key has a length of 1024
-bits (see
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ) .
-RSA ciphers using EDH need a certificate and key and additional DH-parameters
-(see
-.Xr SSL_CTX_set_tmp_dh_callback 3 ) .
-.Pp
-A DSA cipher can only be chosen when a DSA certificate is available.
-DSA ciphers always use DH key exchange and therefore need DH-parameters (see
-.Xr SSL_CTX_set_tmp_dh_callback 3 ) .
-.Pp
-When these conditions are not met for any cipher in the list (for example, a
-client only supports export RSA ciphers with an asymmetric key length of 512
-bits and the server is not configured to use temporary RSA keys), the
-.Dq no shared cipher
-.Pq Dv SSL_R_NO_SHARED_CIPHER
-error is generated and the handshake will fail.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_cipher_list
-and
-.Fn SSL_set_cipher_list
-return 1 if any cipher could be selected and 0 on complete failure.
-.Sh SEE ALSO
-.Xr ciphers 1 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
-.Xr SSL_CTX_use_certificate 3 ,
-.Xr SSL_get_ciphers 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.3
deleted file mode 100644
index 688c4ac0230..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_client_CA_list.3
+++ /dev/null
@@ -1,132 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_client_CA_list.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CLIENT_CA_LIST 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_client_CA_list ,
-.Nm SSL_set_client_CA_list ,
-.Nm SSL_CTX_add_client_CA ,
-.Nm  SSL_add_client_CA
-.Nd set list of CAs sent to the client when requesting a client certificate
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_set_client_CA_list "SSL_CTX *ctx" "STACK_OF(X509_NAME) *list"
-.Ft void
-.Fn SSL_set_client_CA_list "SSL *s" "STACK_OF(X509_NAME) *list"
-.Ft int
-.Fn SSL_CTX_add_client_CA "SSL_CTX *ctx" "X509 *cacert"
-.Ft int
-.Fn SSL_add_client_CA "SSL *ssl" "X509 *cacert"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_client_CA_list
-sets the
-.Fa list
-of CAs sent to the client when requesting a client certificate for
-.Fa ctx .
-.Pp
-.Fn SSL_set_client_CA_list
-sets the
-.Fa list
-of CAs sent to the client when requesting a client certificate for the chosen
-.Fa ssl ,
-overriding the setting valid for
-.Fa ssl Ns 's
-.Vt SSL_CTX
-object.
-.Pp
-.Fn SSL_CTX_add_client_CA
-adds the CA name extracted from
-.Fa cacert
-to the list of CAs sent to the client when requesting a client certificate for
-.Fa ctx .
-.Pp
-.Fn SSL_add_client_CA
-adds the CA name extracted from
-.Fa cacert
-to the list of CAs sent to the client when requesting a client certificate for
-the chosen
-.Fa ssl ,
-overriding the setting valid for
-.Fa ssl Ns 's
-.Va SSL_CTX
-object.
-.Sh NOTES
-When a TLS/SSL server requests a client certificate (see
-.Fn SSL_CTX_set_verify ) ,
-it sends a list of CAs for which it will accept certificates to the client.
-.Pp
-This list must explicitly be set using
-.Fn SSL_CTX_set_client_CA_list
-for
-.Fa ctx
-and
-.Fn SSL_set_client_CA_list
-for the specific
-.Fa ssl .
-The list specified overrides the previous setting.
-The CAs listed do not become trusted
-.Po
-.Fa list
-only contains the names, not the complete certificates
-.Pc ;
-use
-.Xr SSL_CTX_load_verify_locations 3
-to additionally load them for verification.
-.Pp
-If the list of acceptable CAs is compiled in a file, the
-.Xr SSL_load_client_CA_file 3
-function can be used to help importing the necessary data.
-.Pp
-.Fn SSL_CTX_add_client_CA
-and
-.Fn SSL_add_client_CA
-can be used to add additional items the list of client CAs.
-If no list was specified before using
-.Fn SSL_CTX_set_client_CA_list
-or
-.Fn SSL_set_client_CA_list ,
-a new client CA list for
-.Fa ctx
-or
-.Fa ssl
-(as appropriate) is opened.
-.Pp
-These functions are only useful for TLS/SSL servers.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_client_CA_list
-and
-.Fn SSL_set_client_CA_list
-do not return diagnostic information.
-.Pp
-.Fn SSL_CTX_add_client_CA
-and
-.Fn SSL_add_client_CA
-have the following return values:
-.Bl -tag -width Ds
-.It 0
-A failure while manipulating the
-.Dv STACK_OF Ns
-.Pq Vt X509_NAME
-object occurred or the
-.Vt X509_NAME
-could not be extracted from
-.Fa cacert .
-Check the error stack to find out the reason.
-.It 1
-The operation succeeded.
-.El
-.Sh EXAMPLES
-Scan all certificates in
-.Fa CAfile
-and list them as acceptable CAs:
-.Bd -literal
-SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_get_client_CA_list 3 ,
-.Xr SSL_load_client_CA_file 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.3
deleted file mode 100644
index 7a7d9466d25..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_client_cert_cb.3
+++ /dev/null
@@ -1,143 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_client_cert_cb.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_CLIENT_CERT_CB 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_client_cert_cb ,
-.Nm SSL_CTX_get_client_cert_cb
-.Nd handle client certificate callback function
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_client_cert_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)"
-.Fc
-.Ft int
-.Fo "(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))"
-.Fa "SSL *ssl" "X509 **x509" "EVP_PKEY **pkey"
-.Fc
-.Ft int
-.Fn "(*client_cert_cb)" "SSL *ssl" "X509 **x509" "EVP_PKEY **pkey"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_client_cert_cb
-sets the
-.Fa client_cert_cb()
-callback that is called when a client certificate is requested by a server and
-no certificate was yet set for the SSL object.
-.Pp
-When
-.Fa client_cert_cb
-is
-.Dv NULL ,
-no callback function is used.
-.Pp
-.Fn SSL_CTX_get_client_cert_cb
-returns a pointer to the currently set callback function.
-.Pp
-.Fn client_cert_cb
-is the application-defined callback.
-If it wants to set a certificate,
-a certificate/private key combination must be set using the
-.Fa x509
-and
-.Fa pkey
-arguments and 1 must be returned.
-The certificate will be installed into
-.Fa ssl ;
-see the
-.Sx NOTES
-and
-.Sx BUGS
-sections.
-If no certificate should be set,
-0 has to be returned and no certificate will be sent.
-A negative return value will suspend the handshake and the handshake function
-will return immediately.
-.Xr SSL_get_error 3
-will return
-.Dv SSL_ERROR_WANT_X509_LOOKUP
-to indicate that the handshake was suspended.
-The next call to the handshake function will again lead to the call of
-.Fa client_cert_cb() .
-It is the job of the
-.Fa client_cert_cb()
-to store information
-about the state of the last call, if required to continue.
-.Sh NOTES
-During a handshake (or renegotiation)
-a server may request a certificate from the client.
-A client certificate must only be sent when the server did send the request.
-.Pp
-When a certificate has been set using the
-.Xr SSL_CTX_use_certificate 3
-family of functions,
-it will be sent to the server.
-The TLS standard requires that only a certificate is sent if it matches the
-list of acceptable CAs sent by the server.
-This constraint is violated by the default behavior of the OpenSSL library.
-Using the callback function it is possible to implement a proper selection
-routine or to allow a user interaction to choose the certificate to be sent.
-.Pp
-If a callback function is defined and no certificate was yet defined for the
-.Vt SSL
-object, the callback function will be called.
-If the callback function returns a certificate, the OpenSSL library
-will try to load the private key and certificate data into the
-.Vt SSL
-object using the
-.Fn SSL_use_certificate
-and
-.Fn SSL_use_private_key
-functions.
-Thus it will permanently install the certificate and key for this SSL object.
-It will not be reset by calling
-.Xr SSL_clear 3 .
-If the callback returns no certificate, the OpenSSL library will not send a
-certificate.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_add_extra_chain_cert 3 ,
-.Xr SSL_CTX_use_certificate 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_get_client_CA_list 3
-.Sh BUGS
-The
-.Fa client_cert_cb()
-cannot return a complete certificate chain;
-it can only return one client certificate.
-If the chain only has a length of 2,
-the root CA certificate may be omitted according to the TLS standard and
-thus a standard conforming answer can be sent to the server.
-For a longer chain, the client must send the complete chain
-(with the option to leave out the root CA certificate).
-This can be accomplished only by either adding the intermediate CA certificates
-into the trusted certificate store for the
-.Vt SSL_CTX
-object (resulting in having to add CA certificates that otherwise maybe would
-not be trusted), or by adding the chain certificates using the
-.Xr SSL_CTX_add_extra_chain_cert 3
-function, which is only available for the
-.Vt SSL_CTX
-object as a whole and that therefore probably can only apply for one client
-certificate, making the concept of the callback function
-(to allow the choice from several certificates) questionable.
-.Pp
-Once the
-.Vt SSL
-object has been used in conjunction with the callback function,
-the certificate will be set for the
-.Vt SSL
-object and will not be cleared even when
-.Xr SSL_clear 3
-is called.
-It is therefore
-.Em mandatory
-to destroy the
-.Vt SSL
-object using
-.Xr SSL_free 3
-and create a new one to return to the previous state.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_default_passwd_cb.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_default_passwd_cb.3
deleted file mode 100644
index ac4d55ae731..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_default_passwd_cb.3
+++ /dev/null
@@ -1,95 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_default_passwd_cb.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_DEFAULT_PASSWD_CB 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_default_passwd_cb ,
-.Nm SSL_CTX_set_default_passwd_cb_userdata
-.Nd set passwd callback for encrypted PEM file handling
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_set_default_passwd_cb "SSL_CTX *ctx" "pem_password_cb *cb"
-.Ft void
-.Fn SSL_CTX_set_default_passwd_cb_userdata "SSL_CTX *ctx" "void *u"
-.Ft int
-.Fn pem_passwd_cb "char *buf" "int size" "int rwflag" "void *userdata"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_default_passwd_cb
-sets the default password callback called when loading/storing a PEM
-certificate with encryption.
-.Pp
-.Fn SSL_CTX_set_default_passwd_cb_userdata
-sets a pointer to userdata
-.Fa u
-which will be provided to the password callback on invocation.
-.Pp
-The
-.Fn pem_passwd_cb ,
-which must be provided by the application,
-hands back the password to be used during decryption.
-On invocation a pointer to
-.Fa userdata
-is provided.
-The pem_passwd_cb must write the password into the provided buffer
-.Fa buf
-which is of size
-.Fa size .
-The actual length of the password must be returned to the calling function.
-.Fa rwflag
-indicates whether the callback is used for reading/decryption
-.Pq Fa rwflag No = 0
-or writing/encryption
-.Pq Fa rwflag No = 1 .
-.Sh NOTES
-When loading or storing private keys, a password might be supplied to protect
-the private key.
-The way this password can be supplied may depend on the application.
-If only one private key is handled, it can be practical to have
-.Fn pem_passwd_cb
-handle the password dialog interactively.
-If several keys have to be handled, it can be practical to ask for the password
-once, then keep it in memory and use it several times.
-In the last case, the password could be stored into the
-.Fa userdata
-storage and the
-.Fn pem_passwd_cb
-only returns the password already stored.
-.Pp
-When asking for the password interactively,
-.Fn pem_passwd_cb
-can use
-.Fa rwflag
-to check whether an item shall be encrypted
-.Pq Fa rwflag No = 1 .
-In this case the password dialog may ask for the same password twice for
-comparison in order to catch typos which would make decryption impossible.
-.Pp
-Other items in PEM formatting (certificates) can also be encrypted; it is
-however atypical, as certificate information is considered public.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_default_passwd_cb
-and
-.Fn SSL_CTX_set_default_passwd_cb_userdata
-do not provide diagnostic information.
-.Sh EXAMPLES
-The following example returns the password provided as
-.Fa userdata
-to the calling function.
-The password is considered to be a
-.Sq \e0
-terminated string.
-If the password does not fit into the buffer, the password is truncated.
-.Bd -literal
-int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
-{
-	strncpy(buf, (char *)password, size);
-	buf[size - 1] = '\e0';
-	return strlen(buf);
-}
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_use_certificate 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_generate_session_id.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_generate_session_id.3
deleted file mode 100644
index 0bea48904e2..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_generate_session_id.3
+++ /dev/null
@@ -1,196 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_generate_session_id.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_GENERATE_SESSION_ID 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_generate_session_id ,
-.Nm SSL_set_generate_session_id ,
-.Nm SSL_has_matching_session_id
-.Nd manipulate generation of SSL session IDs (server only)
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Bd -literal
- typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
-                               unsigned int *id_len);
-.Ed
-.Ft int
-.Fn SSL_CTX_set_generate_session_id "SSL_CTX *ctx" "GEN_SESSION_CB cb"
-.Ft int
-.Fn SSL_set_generate_session_id "SSL *ssl" "GEN_SESSION_CB" "cb);"
-.Ft int
-.Fo SSL_has_matching_session_id
-.Fa "const SSL *ssl" "const unsigned char *id" "unsigned int id_len"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_generate_session_id
-sets the callback function for generating new session ids for SSL/TLS sessions
-for
-.Fa ctx
-to be
-.Fa cb .
-.Pp
-.Fn SSL_set_generate_session_id
-sets the callback function for generating new session ids for SSL/TLS sessions
-for
-.Fa ssl
-to be
-.Fa cb .
-.Pp
-.Fn SSL_has_matching_session_id
-checks, whether a session with id
-.Fa id
-(of length
-.Fa id_len )
-is already contained in the internal session cache
-of the parent context of
-.Fa ssl .
-.Sh NOTES
-When a new session is established between client and server,
-the server generates a session id.
-The session id is an arbitrary sequence of bytes.
-The length of the session id is 16 bytes for SSLv2 sessions and between 1 and
-32 bytes for SSLv3/TLSv1.
-The session id is not security critical but must be unique for the server.
-Additionally, the session id is transmitted in the clear when reusing the
-session so it must not contain sensitive information.
-.Pp
-Without a callback being set, an OpenSSL server will generate a unique session
-id from pseudo random numbers of the maximum possible length.
-Using the callback function, the session id can be changed to contain
-additional information like, e.g., a host id in order to improve load balancing
-or external caching techniques.
-.Pp
-The callback function receives a pointer to the memory location to put
-.Fa id
-into and a pointer to the maximum allowed length
-.Fa id_len .
-The buffer at location
-.Fa id
-is only guaranteed to have the size
-.Fa id_len .
-The callback is only allowed to generate a shorter id and reduce
-.Fa id_len ;
-the callback
-.Em must never
-increase
-.Fa id_len
-or write to the location
-.Fa id
-exceeding the given limit.
-.Pp
-If a SSLv2 session id is generated and
-.Fa id_len
-is reduced, it will be restored after the callback has finished and the session
-id will be padded with 0x00.
-It is not recommended to change the
-.Fa id_len
-for SSLv2 sessions.
-The callback can use the
-.Xr SSL_get_version 3
-function to check whether the session is of type SSLv2.
-.Pp
-The location
-.Fa id
-is filled with 0x00 before the callback is called,
-so the callback may only fill part of the possible length and leave
-.Fa id_len
-untouched while maintaining reproducibility.
-.Pp
-Since the sessions must be distinguished, session ids must be unique.
-Without the callback a random number is used,
-so that the probability of generating the same session id is extremely small
-(2^128 possible ids for an SSLv2 session, 2^256 for SSLv3/TLSv1).
-In order to ensure the uniqueness of the generated session id,
-the callback must call
-.Fn SSL_has_matching_session_id
-and generate another id if a conflict occurs.
-If an id conflict is not resolved, the handshake will fail.
-If the application codes, e.g., a unique host id, a unique process number, and
-a unique sequence number into the session id, uniqueness could easily be
-achieved without randomness added (it should however be taken care that
-no confidential information is leaked this way).
-If the application cannot guarantee uniqueness,
-it is recommended to use the maximum
-.Fa id_len
-and fill in the bytes not used to code special information with random data to
-avoid collisions.
-.Pp
-.Fn SSL_has_matching_session_id
-will only query the internal session cache, not the external one.
-Since the session id is generated before the handshake is completed,
-it is not immediately added to the cache.
-If another thread is using the same internal session cache,
-a race condition can occur in that another thread generates the same session id.
-Collisions can also occur when using an external session cache,
-since the external cache is not tested with
-.Fn SSL_has_matching_session_id
-and the same race condition applies.
-.Pp
-When calling
-.Fn SSL_has_matching_session_id
-for an SSLv2 session with reduced
-.Fa id_len Ns  ,
-the match operation will be performed using the fixed length required and with
-a 0x00 padded id.
-.Pp
-The callback must return 0 if it cannot generate a session id for whatever
-reason and return 1 on success.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_generate_session_id
-and
-.Fn SSL_set_generate_session_id
-always return 1.
-.Pp
-.Fn SSL_has_matching_session_id
-returns 1 if another session with the same id is already in the cache.
-.Sh EXAMPLES
-The callback function listed will generate a session id with the server id
-given, and will fill the rest with pseudo random bytes:
-.Bd -literal
-const char session_id_prefix = "www-18";
-
-#define MAX_SESSION_ID_ATTEMPTS 10
-static int
-generate_session_id(const SSL *ssl, unsigned char *id,
-    unsigned int *id_len)
-{
-	unsigned int count = 0;
-	const char *version;
-
-	version = SSL_get_version(ssl);
-	if (!strcmp(version, "SSLv2")) {
-		/* we must not change id_len */
-		;
-	}
-
-	do {
-		RAND_pseudo_bytes(id, *id_len);
-		/*
-		 * Prefix the session_id with the required prefix. NB: If
-		 * our prefix is too long, clip it \(en but there will be
-		 * worse effects anyway, e.g., the server could only
-		 * possibly create one session ID (the prefix!) so all
-		 * future session negotiations will fail due to conflicts.
-		 */
-		memcpy(id, session_id_prefix,
-		    (strlen(session_id_prefix) < *id_len) ?
-		    strlen(session_id_prefix) : *id_len);
-	} while (SSL_has_matching_session_id(ssl, id, *id_len) &&
-	    (++count < MAX_SESSION_ID_ATTEMPTS));
-
-	if (count >= MAX_SESSION_ID_ATTEMPTS)
-		return 0;
-	return 1;
-}
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_get_version 3
-.Sh HISTORY
-.Fn SSL_CTX_set_generate_session_id ,
-.Fn SSL_set_generate_session_id
-and
-.Fn SSL_has_matching_session_id
-were introduced in OpenSSL 0.9.7.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_info_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_info_callback.3
deleted file mode 100644
index 24ee74dda9d..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_info_callback.3
+++ /dev/null
@@ -1,167 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_info_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_INFO_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_info_callback ,
-.Nm SSL_CTX_get_info_callback ,
-.Nm SSL_set_info_callback ,
-.Nm SSL_get_info_callback
-.Nd handle information callback for SSL connections
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_set_info_callback "SSL_CTX *ctx" "void (*callback)()"
-.Ft void
-.Fn "(*SSL_CTX_get_info_callback(const SSL_CTX *ctx))"
-.Ft void
-.Fn SSL_set_info_callback "SSL *ssl" "void (*callback)()"
-.Ft void
-.Fn "(*SSL_get_info_callback(const SSL *ssl))"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_info_callback
-sets the
-.Fa callback
-function that can be used to obtain state information for SSL objects created
-from
-.Fa ctx
-during connection setup and use.
-The setting for
-.Fa ctx
-is overridden from the setting for a specific SSL object, if specified.
-When
-.Fa callback
-is
-.Dv NULL ,
-no callback function is used.
-.Pp
-.Fn SSL_set_info_callback
-sets the
-.Fa callback
-function that can be used to
-obtain state information for
-.Fa ssl
-during connection setup and use.
-When
-.Fa callback
-is
-.Dv NULL ,
-the callback setting currently valid for
-.Fa ctx
-is used.
-.Pp
-.Fn SSL_CTX_get_info_callback
-returns a pointer to the currently set information callback function for
-.Fa ctx .
-.Pp
-.Fn SSL_get_info_callback
-returns a pointer to the currently set information callback function for
-.Fa ssl .
-.Sh NOTES
-When setting up a connection and during use,
-it is possible to obtain state information from the SSL/TLS engine.
-When set, an information callback function is called whenever the state changes,
-an alert appears, or an error occurs.
-.Pp
-The callback function is called as
-.Fn callback "SSL *ssl" "int where" "int ret" .
-The
-.Fa where
-argument specifies information about where (in which context)
-the callback function was called.
-If
-.Fa ret
-is 0, an error condition occurred.
-If an alert is handled,
-.Dv SSL_CB_ALERT
-is set and
-.Fa ret
-specifies the alert information.
-.Pp
-.Fa where
-is a bitmask made up of the following bits:
-.Bl -tag -width Ds
-.It Dv SSL_CB_LOOP
-Callback has been called to indicate state change inside a loop.
-.It Dv SSL_CB_EXIT
-Callback has been called to indicate error exit of a handshake function.
-(May be soft error with retry option for non-blocking setups.)
-.It Dv SSL_CB_READ
-Callback has been called during read operation.
-.It Dv SSL_CB_WRITE
-Callback has been called during write operation.
-.It Dv SSL_CB_ALERT
-Callback has been called due to an alert being sent or received.
-.It Dv SSL_CB_READ_ALERT
-.It Dv SSL_CB_WRITE_ALERT
-.It Dv SSL_CB_ACCEPT_LOOP
-.It Dv SSL_CB_ACCEPT_EXIT
-.It Dv SSL_CB_CONNECT_LOOP
-.It Dv SSL_CB_CONNECT_EXIT
-.It Dv SSL_CB_HANDSHAKE_START
-Callback has been called because a new handshake is started.
-.It Dv SSL_CB_HANDSHAKE_DONE
-Callback has been called because a handshake is finished.
-.El
-.Pp
-The current state information can be obtained using the
-.Xr SSL_state_string 3
-family of functions.
-.Pp
-The
-.Fa ret
-information can be evaluated using the
-.Xr SSL_alert_type_string 3
-family of functions.
-.Sh RETURN VALUES
-.Fn SSL_set_info_callback
-does not provide diagnostic information.
-.Pp
-.Fn SSL_get_info_callback
-returns the current setting.
-.Sh EXAMPLES
-The following example callback function prints state strings,
-information about alerts being handled and error messages to the
-.Va bio_err
-.Vt BIO .
-.Bd -literal
-void
-apps_ssl_info_callback(SSL *s, int where, int ret)
-{
-	const char *str;
-	int w;
-
-	w = where & ~SSL_ST_MASK;
-
-	if (w & SSL_ST_CONNECT)
-		str = "SSL_connect";
-	else if (w & SSL_ST_ACCEPT)
-		str = "SSL_accept";
-	else
-		str = "undefined";
-
-	if (where & SSL_CB_LOOP) {
-		BIO_printf(bio_err, "%s:%s\en", str,
-		    SSL_state_string_long(s));
-	} else if (where & SSL_CB_ALERT) {
-		str = (where & SSL_CB_READ) ? "read" : "write";
-		BIO_printf(bio_err, "SSL3 alert %s:%s:%s\en", str,
-			SSL_alert_type_string_long(ret),
-			SSL_alert_desc_string_long(ret));
-	} else if (where & SSL_CB_EXIT) {
-		if (ret == 0)
-			BIO_printf(bio_err, "%s:failed in %s\en",
-				str, SSL_state_string_long(s));
-		else if (ret < 0) {
-			BIO_printf(bio_err, "%s:error in %s\en",
-				str, SSL_state_string_long(s));
-		}
-	}
-}
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_alert_type_string 3 ,
-.Xr SSL_state_string 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_max_cert_list.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_max_cert_list.3
deleted file mode 100644
index e82f7b14a0b..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_max_cert_list.3
+++ /dev/null
@@ -1,105 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_max_cert_list.3,v 1.3 2016/03/10 23:21:46 mmcc Exp $
-.\"
-.Dd $Mdocdate: March 10 2016 $
-.Dt SSL_CTX_SET_MAX_CERT_LIST 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_max_cert_list ,
-.Nm SSL_CTX_get_max_cert_list ,
-.Nm SSL_set_max_cert_list ,
-.Nm SSL_get_max_cert_list
-.Nd manipulate allowed size for the peer's certificate chain
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_set_max_cert_list "SSL_CTX *ctx" "long size"
-.Ft long
-.Fn SSL_CTX_get_max_cert_list "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_set_max_cert_list "SSL *ssl" "long size"
-.Ft long
-.Fn SSL_get_max_cert_list "SSL *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_max_cert_list
-sets the maximum size allowed for the peer's certificate chain for all
-.Vt SSL
-objects created from
-.Fa ctx
-to be
-.Fa size
-bytes.
-The
-.Vt SSL
-objects inherit the setting valid for
-.Fa ctx
-at the time
-.Xr SSL_new 3
-is being called.
-.Pp
-.Fn SSL_CTX_get_max_cert_list
-returns the currently set maximum size for
-.Fa ctx .
-.Pp
-.Fn SSL_set_max_cert_list
-sets the maximum size allowed for the peer's certificate chain for
-.Fa ssl
-to be
-.Fa size
-bytes.
-This setting stays valid until a new value is set.
-.Pp
-.Fn SSL_get_max_cert_list
-returns the currently set maximum size for
-.Fa ssl .
-.Sh NOTES
-During the handshake process, the peer may send a certificate chain.
-The TLS/SSL standard does not give any maximum size of the certificate chain.
-The OpenSSL library handles incoming data by a dynamically allocated buffer.
-In order to prevent this buffer from growing without bound due to data
-received from a faulty or malicious peer, a maximum size for the certificate
-chain is set.
-.Pp
-The default value for the maximum certificate chain size is 100kB (30kB
-on the 16bit DOS platform).
-This should be sufficient for usual certificate chains
-(OpenSSL's default maximum chain length is 10, see
-.Xr SSL_CTX_set_verify 3 ,
-and certificates without special extensions have a typical size of 1-2kB).
-.Pp
-For special applications it can be necessary to extend the maximum certificate
-chain size allowed to be sent by the peer.
-See for example the work on
-.%T "Internet X.509 Public Key Infrastructure Proxy Certificate Profile"
-and
-.%T "TLS Delegation Protocol"
-at
-.Lk https://www.ietf.org/
-and
-.Lk http://www.globus.org/ .
-.Pp
-Under normal conditions it should never be necessary to set a value smaller
-than the default, as the buffer is handled dynamically and only uses the
-memory actually required by the data sent by the peer.
-.Pp
-If the maximum certificate chain size allowed is exceeded, the handshake will
-fail with a
-.Dv SSL_R_EXCESSIVE_MESSAGE_SIZE
-error.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_max_cert_list
-and
-.Fn SSL_set_max_cert_list
-return the previously set value.
-.Pp
-.Fn SSL_CTX_get_max_cert_list
-and
-.Fn SSL_get_max_cert_list
-return the currently set value.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_new 3
-.Sh HISTORY
-.Fn SSL*_set/get_max_cert_list
-were introduced in OpenSSL 0.9.7.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.3
deleted file mode 100644
index 2a3fcd55319..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_mode.3
+++ /dev/null
@@ -1,126 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_mode.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_MODE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_mode ,
-.Nm SSL_set_mode ,
-.Nm SSL_CTX_get_mode ,
-.Nm SSL_get_mode
-.Nd manipulate SSL engine mode
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_set_mode "SSL_CTX *ctx" "long mode"
-.Ft long
-.Fn SSL_set_mode "SSL *ssl" "long mode"
-.Ft long
-.Fn SSL_CTX_get_mode "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_get_mode "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_mode
-adds the mode set via bitmask in
-.Fa mode
-to
-.Fa ctx .
-Options already set before are not cleared.
-.Pp
-.Fn SSL_set_mode
-adds the mode set via bitmask in
-.Fa mode
-to
-.Fa ssl .
-Options already set before are not cleared.
-.Pp
-.Fn SSL_CTX_get_mode
-returns the mode set for
-.Fa ctx .
-.Pp
-.Fn SSL_get_mode
-returns the mode set for
-.Fa ssl .
-.Sh NOTES
-The following mode changes are available:
-.Bl -tag -width Ds
-.It Dv SSL_MODE_ENABLE_PARTIAL_WRITE
-Allow
-.Fn SSL_write ... n
-to return
-.Ms r
-with
-.EQ
-0 < r < n
-.EN
-(i.e., report success when just a single record has been written).
-When not set (the default),
-.Xr SSL_write 3
-will only report success once the complete chunk was written.
-Once
-.Xr SSL_write 3
-returns with
-.Ms r ,
-.Ms r
-bytes have been successfully written and the next call to
-.Xr SSL_write 3
-must only send the
-.Ms n \(mi r
-bytes left, imitating the behaviour of
-.Xr write 2 .
-.It Dv SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
-Make it possible to retry
-.Xr SSL_write 3
-with changed buffer location (the buffer contents must stay the same).
-This is not the default to avoid the misconception that non-blocking
-.Xr SSL_write 3
-behaves like non-blocking
-.Xr write 2 .
-.It Dv SSL_MODE_AUTO_RETRY
-Never bother the application with retries if the transport is blocking.
-If a renegotiation take place during normal operation, a
-.Xr SSL_read 3
-or
-.Xr SSL_write 3
-would return
-with \(mi1 and indicate the need to retry with
-.Dv SSL_ERROR_WANT_READ .
-In a non-blocking environment applications must be prepared to handle
-incomplete read/write operations.
-In a blocking environment, applications are not always prepared to deal with
-read/write operations returning without success report.
-The flag
-.Dv SSL_MODE_AUTO_RETRY
-will cause read/write operations to only return after the handshake and
-successful completion.
-.It Dv SSL_MODE_RELEASE_BUFFERS
-When we no longer need a read buffer or a write buffer for a given
-.Vt SSL ,
-then release the memory we were using to hold it.
-Released memory is either appended to a list of unused RAM chunks on the
-.Vt SSL_CTX ,
-or simply freed if the list of unused chunks would become longer than
-.Va "SSL_CTX->freelist_max_len" ,
-which defaults to 32.
-Using this flag can save around 34k per idle SSL connection.
-This flag has no effect on SSL v2 connections, or on DTLS connections.
-.El
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_mode
-and
-.Fn SSL_set_mode
-return the new mode bitmask after adding
-.Fa mode .
-.Pp
-.Fn SSL_CTX_get_mode
-and
-.Fn SSL_get_mode
-return the current bitmask.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_write 3
-.Sh HISTORY
-.Dv SSL_MODE_AUTO_RETRY
-was added in OpenSSL 0.9.6.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_msg_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_msg_callback.3
deleted file mode 100644
index c72f37ccd9e..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_msg_callback.3
+++ /dev/null
@@ -1,135 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_msg_callback.3,v 1.3 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt SSL_CTX_SET_MSG_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_msg_callback ,
-.Nm SSL_CTX_set_msg_callback_arg ,
-.Nm SSL_set_msg_callback ,
-.Nm SSL_set_msg_callback_arg
-.Nd install callback for observing protocol messages
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_msg_callback
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)"
-.Fc
-.Ft void
-.Fn SSL_CTX_set_msg_callback_arg "SSL_CTX *ctx" "void *arg"
-.Ft void
-.Fo SSL_set_msg_callback
-.Fa "SSL *ssl"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)"
-.Fc
-.Ft void
-.Fn SSL_set_msg_callback_arg "SSL *ssl" "void *arg"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_msg_callback
-or
-.Fn SSL_set_msg_callback
-can be used to define a message callback function
-.Fa cb
-for observing all SSL/TLS protocol messages (such as handshake messages)
-that are received or sent.
-.Fn SSL_CTX_set_msg_callback_arg
-and
-.Fn SSL_set_msg_callback_arg
-can be used to set argument
-.Fa arg
-to the callback function, which is available for arbitrary application use.
-.Pp
-.Fn SSL_CTX_set_msg_callback
-and
-.Fn SSL_CTX_set_msg_callback_arg
-specify default settings that will be copied to new
-.Vt SSL
-objects by
-.Xr SSL_new 3 .
-.Fn SSL_set_msg_callback
-and
-.Fn SSL_set_msg_callback_arg
-modify the actual settings of an
-.Vt SSL
-object.
-Using a
-.Dv NULL
-pointer for
-.Fa cb
-disables the message callback.
-.Pp
-When
-.Fa cb
-is called by the SSL/TLS library for a protocol message,
-the function arguments have the following meaning:
-.Bl -tag -width Ds
-.It Fa write_p
-This flag is 0 when a protocol message has been received and 1 when a protocol
-message has been sent.
-.It Fa version
-The protocol version according to which the protocol message is
-interpreted by the library.
-Currently, this is one of
-.Dv SSL2_VERSION ,
-.Dv SSL3_VERSION
-and
-.Dv TLS1_VERSION
-(for SSL 2.0, SSL 3.0 and TLS 1.0, respectively).
-.It Fa content_type
-In the case of SSL 2.0, this is always 0.
-In the case of SSL 3.0 or TLS 1.0, this is one of the
-.Em ContentType
-values defined in the protocol specification
-.Po
-.Dq change_cipher_spec(20) ,
-.Dq alert(21) ,
-.Dq handshake(22) ;
-but never
-.Dq application_data(23)
-because the callback will only be called for protocol messages.
-.Pc
-.It Fa buf , Fa len
-.Fa buf
-points to a buffer containing the protocol message, which consists of
-.Fa len
-bytes.
-The buffer is no longer valid after the callback function has returned.
-.It Fa ssl
-The
-.Vt SSL
-object that received or sent the message.
-.It Fa arg
-The user-defined argument optionally defined by
-.Fn SSL_CTX_set_msg_callback_arg
-or
-.Fn SSL_set_msg_callback_arg .
-.El
-.Sh NOTES
-Protocol messages are passed to the callback function after decryption
-and fragment collection where applicable.
-(Thus record boundaries are not visible.)
-.Pp
-If processing a received protocol message results in an error,
-the callback function may not be called.
-For example, the callback function will never see messages that are considered
-too large to be processed.
-.Pp
-Due to automatic protocol version negotiation,
-.Fa version
-is not necessarily the protocol version used by the sender of the message:
-If a TLS 1.0 ClientHello message is received by an SSL 3.0-only server,
-.Fa version
-will be
-.Dv SSL3_VERSION .
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_new 3
-.Sh HISTORY
-.Fn SSL_CTX_set_msg_callback ,
-.Fn SSL_CTX_set_msg_callback_arg ,
-.Fn SSL_set_msg_callback
-and
-.Fn SSL_set_msg_callback_arg
-were added in OpenSSL 0.9.7.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3
deleted file mode 100644
index 852553e97fa..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_options.3
+++ /dev/null
@@ -1,395 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_options.3,v 1.10 2015/07/18 19:41:54 doug Exp $
-.\"
-.Dd $Mdocdate: July 18 2015 $
-.Dt SSL_CTX_SET_OPTIONS 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_options ,
-.Nm SSL_set_options ,
-.Nm SSL_CTX_clear_options ,
-.Nm SSL_clear_options ,
-.Nm SSL_CTX_get_options ,
-.Nm SSL_get_options ,
-.Nm SSL_get_secure_renegotiation_support
-.Nd manipulate SSL options
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_set_options "SSL_CTX *ctx" "long options"
-.Ft long
-.Fn SSL_set_options "SSL *ssl" "long options"
-.Ft long
-.Fn SSL_CTX_clear_options "SSL_CTX *ctx" "long options"
-.Ft long
-.Fn SSL_clear_options "SSL *ssl" "long options"
-.Ft long
-.Fn SSL_CTX_get_options "SSL_CTX *ctx"
-.Ft long
-.Fn SSL_get_options "SSL *ssl"
-.Ft long
-.Fn SSL_get_secure_renegotiation_support "SSL *ssl"
-.Sh DESCRIPTION
-Note: all these functions are implemented using macros.
-.Pp
-.Fn SSL_CTX_set_options
-adds the options set via bitmask in
-.Fa options
-to
-.Fa ctx .
-Options already set before are not cleared!
-.Pp
-.Fn SSL_set_options
-adds the options set via bitmask in
-.Fa options
-to
-.Fa ssl .
-Options already set before are not cleared!
-.Pp
-.Fn SSL_CTX_clear_options
-clears the options set via bitmask in
-.Fa options
-to
-.Fa ctx .
-.Pp
-.Fn SSL_clear_options
-clears the options set via bitmask in
-.Fa options
-to
-.Fa ssl .
-.Pp
-.Fn SSL_CTX_get_options
-returns the options set for
-.Fa ctx .
-.Pp
-.Fn SSL_get_options
-returns the options set for
-.Fa ssl .
-.Pp
-.Fn SSL_get_secure_renegotiation_support
-indicates whether the peer supports secure renegotiation.
-.Sh NOTES
-The behaviour of the SSL library can be changed by setting several options.
-The options are coded as bitmasks and can be combined by a bitwise OR
-operation (|).
-.Pp
-.Fn SSL_CTX_set_options
-and
-.Fn SSL_set_options
-affect the (external) protocol behaviour of the SSL library.
-The (internal) behaviour of the API can be changed by using the similar
-.Xr SSL_CTX_set_mode 3
-and
-.Xr SSL_set_mode 3
-functions.
-.Pp
-During a handshake, the option settings of the SSL object are used.
-When a new SSL object is created from a context using
-.Xr SSL_new 3 ,
-the current option setting is copied.
-Changes to
-.Fa ctx
-do not affect already created
-.Vt SSL
-objects.
-.Fn SSL_clear
-does not affect the settings.
-.Pp
-The following
-.Em bug workaround
-options are available:
-.Bl -tag -width Ds
-.It Dv SSL_OP_MICROSOFT_SESS_ID_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_NETSCAPE_CHALLENGE_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
-.It Dv SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_SAFARI_ECDHE_ECDSA_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_TLS_D5_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_TLS_BLOCK_PADDING_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol vulnerability
-affecting CBC ciphers, which cannot be handled by some broken SSL
-implementations.
-This option has no effect for connections using other ciphers.
-.It Dv SSL_OP_TLSEXT_PADDING
-Adds a padding extension to ensure the ClientHello size is never between 256
-and 511 bytes in length.
-This is needed as a workaround for some implementations.
-.It Dv SSL_OP_ALL
-All of the above bug workarounds.
-.El
-.Pp
-It is usually safe to use
-.Dv SSL_OP_ALL
-to enable the bug workaround options if compatibility with somewhat broken
-implementations is desired.
-.Pp
-The following
-.Em modifying
-options are available:
-.Bl -tag -width Ds
-.It Dv SSL_OP_TLS_ROLLBACK_BUG
-Disable version rollback attack detection.
-.Pp
-During the client key exchange, the client must send the same information
-about acceptable SSL/TLS protocol levels as during the first hello.
-Some clients violate this rule by adapting to the server's answer.
-(Example: the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1,
-the server only understands up to SSLv3.
-In this case the client must still use the same SSLv3.1=TLSv1 announcement.
-Some clients step down to SSLv3 with respect to the server's answer and violate
-the version rollback protection.)
-.It Dv SSL_OP_SINGLE_DH_USE
-Always create a new key when using temporary/ephemeral DH parameters
-(see
-.Xr SSL_CTX_set_tmp_dh_callback 3 ) .
-This option must be used to prevent small subgroup attacks, when the DH
-parameters were not generated using
-.Dq strong
-primes (e.g., when using DSA-parameters, see
-.Xr openssl 1 ) .
-If
-.Dq strong
-primes were used, it is not strictly necessary to generate a new DH key during
-each handshake but it is also recommended.
-.Dv SSL_OP_SINGLE_DH_USE
-should therefore be enabled whenever temporary/ephemeral DH parameters are used.
-.It SSL_OP_EPHEMERAL_RSA
-Always use ephemeral (temporary) RSA key when doing RSA operations (see
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ) .
-According to the specifications, this is only done when a RSA key can only be
-used for signature operations (namely under export ciphers with restricted RSA
-keylength).
-By setting this option, ephemeral RSA keys are always used.
-This option breaks compatibility with the SSL/TLS specifications and may lead
-to interoperability problems with clients and should therefore never be used.
-Ciphers with EDH (ephemeral Diffie-Hellman) key exchange should be used instead.
-.It Dv SSL_OP_CIPHER_SERVER_PREFERENCE
-When choosing a cipher, use the server's preferences instead of the client
-preferences.
-When not set, the SSL server will always follow the client's preferences.
-When set, the SSLv3/TLSv1 server will choose following its own preferences.
-Because of the different protocol, for SSLv2 the server will send its list of
-preferences to the client and the client chooses.
-.It Dv SSL_OP_NETSCAPE_CA_DN_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-As of
-.Ox 5.8 ,
-this option has no effect.
-.It Dv SSL_OP_NO_SSLv2
-As of
-.Ox 5.6 ,
-this option has no effect as SSLv2 support has been removed.
-In previous versions it disabled use of the SSLv2 protocol.
-.It Dv SSL_OP_NO_SSLv3
-Do not use the SSLv3 protocol.
-.It Dv SSL_OP_NO_TLSv1
-Do not use the TLSv1.0 protocol.
-.It Dv SSL_OP_NO_TLSv1_1
-Do not use the TLSv1.1 protocol.
-.It Dv SSL_OP_NO_TLSv1_2
-Do not use the TLSv1.2 protocol.
-.It Dv SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-When performing renegotiation as a server, always start a new session (i.e.,
-session resumption requests are only accepted in the initial handshake).
-This option is not needed for clients.
-.It Dv SSL_OP_NO_TICKET
-Normally clients and servers will, where possible, transparently make use of
-RFC4507bis tickets for stateless session resumption.
-.Pp
-If this option is set this functionality is disabled and tickets will not be
-used by clients or servers.
-.It Dv SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
-As of
-.Ox 5.6 ,
-this option has no effect.
-In previous versions it allowed legacy insecure renegotiation between OpenSSL
-and unpatched clients or servers.
-See the
-.Sx SECURE RENEGOTIATION
-section for more details.
-.It Dv SSL_OP_LEGACY_SERVER_CONNECT
-Allow legacy insecure renegotiation between OpenSSL and unpatched servers
-.Em only :
-this option is currently set by default.
-See the
-.Sx SECURE RENEGOTIATION
-section for more details.
-.El
-.Sh SECURE RENEGOTIATION
-OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
-described in RFC5746.
-This counters the prefix attack described in CVE-2009-3555 and elsewhere.
-.Pp
-The deprecated and highly broken SSLv2 protocol does not support renegotiation
-at all; its use is
-.Em strongly
-discouraged.
-.Pp
-This attack has far-reaching consequences which application writers should be
-aware of.
-In the description below an implementation supporting secure renegotiation is
-referred to as
-.Dq patched .
-A server not supporting secure
-renegotiation is referred to as
-.Dq unpatched .
-.Pp
-The following sections describe the operations permitted by OpenSSL's secure
-renegotiation implementation.
-.Ss Patched client and server
-Connections and renegotiation are always permitted by OpenSSL implementations.
-.Ss Unpatched client and patched OpenSSL server
-The initial connection succeeds but client renegotiation is denied by the
-server with a
-.Em no_renegotiation
-warning alert if TLS v1.0 is used or a fatal
-.Em handshake_failure
-alert in SSL v3.0.
-.Pp
-If the patched OpenSSL server attempts to renegotiate a fatal
-.Em handshake_failure
-alert is sent.
-This is because the server code may be unaware of the unpatched nature of the
-client.
-.Pp
-.Em N.B.:
-a bug in OpenSSL clients earlier than 0.9.8m (all of which are unpatched) will
-result in the connection hanging if it receives a
-.Em no_renegotiation
-alert.
-OpenSSL versions 0.9.8m and later will regard a
-.Em no_renegotiation
-alert as fatal and respond with a fatal
-.Em handshake_failure
-alert.
-This is because the OpenSSL API currently has no provision to indicate to an
-application that a renegotiation attempt was refused.
-.Ss Patched OpenSSL client and unpatched server
-If the option
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-is set then initial connections and renegotiation between patched OpenSSL
-clients and unpatched servers succeeds.
-If neither option is set then initial connections to unpatched servers will
-fail.
-.Pp
-The option
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-is currently set by default even though it has security implications:
-otherwise it would be impossible to connect to unpatched servers (i.e., all of
-them initially) and this is clearly not acceptable.
-Renegotiation is permitted because this does not add any additional security
-issues: during an attack clients do not see any renegotiations anyway.
-.Pp
-As more servers become patched the option
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-will
-.Em not
-be set by default in a future version of OpenSSL.
-.Pp
-OpenSSL client applications wishing to ensure they can connect to unpatched
-servers should always
-.Em set
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-.Pp
-OpenSSL client applications that want to ensure they can
-.Em not
-connect to unpatched servers (and thus avoid any security issues) should always
-.Em clear
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-using
-.Fn SSL_CTX_clear_options
-or
-.Fn SSL_clear_options .
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_options
-and
-.Fn SSL_set_options
-return the new options bitmask after adding
-.Fa options .
-.Pp
-.Fn SSL_CTX_clear_options
-and
-.Fn SSL_clear_options
-return the new options bitmask after clearing
-.Fa options .
-.Pp
-.Fn SSL_CTX_get_options
-and
-.Fn SSL_get_options
-return the current bitmask.
-.Pp
-.Fn SSL_get_secure_renegotiation_support
-returns 1 is the peer supports secure renegotiation and 0 if it does not.
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
-.Xr SSL_new 3
-.Sh HISTORY
-.Dv SSL_OP_CIPHER_SERVER_PREFERENCE
-and
-.Dv SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-have been added in
-OpenSSL 0.9.7.
-.Pp
-.Dv SSL_OP_TLS_ROLLBACK_BUG
-has been added in OpenSSL 0.9.6 and was automatically enabled with
-.Dv SSL_OP_ALL .
-As of 0.9.7, it is no longer included in
-.Dv SSL_OP_ALL
-and must be explicitly set.
-.Pp
-.Dv SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-has been added in OpenSSL 0.9.6e.
-Versions up to OpenSSL 0.9.6c do not include the countermeasure that can be
-disabled with this option (in OpenSSL 0.9.6d, it was always enabled).
-.Pp
-.Fn SSL_CTX_clear_options
-and
-.Fn SSL_clear_options
-were first added in OpenSSL 0.9.8m.
-.Pp
-.Dv SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION ,
-.Dv SSL_OP_LEGACY_SERVER_CONNECT
-and the function
-.Fn SSL_get_secure_renegotiation_support
-were first added in OpenSSL 0.9.8m.
-.Pp
-.Dv SSL_OP_NO_SSLv2
-and
-.Dv SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
-were changed to have no effect in
-.Ox 5.6 .
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_psk_client_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_psk_client_callback.3
deleted file mode 100644
index 40504ce59a0..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_psk_client_callback.3
+++ /dev/null
@@ -1,68 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_psk_client_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_PSK_CLIENT_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_psk_client_callback ,
-.Nm SSL_set_psk_client_callback
-.Nd set PSK client callback
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_psk_client_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Ft void
-.Fo SSL_set_psk_client_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Sh DESCRIPTION
-A client application must provide a callback function which is called
-when the client is sending the ClientKeyExchange message to the server.
-.Pp
-The purpose of the callback function is to select the PSK identity and
-the pre-shared key to use during the connection setup phase.
-.Pp
-The callback is set using functions
-.Fn SSL_CTX_set_psk_client_callback
-or
-.Fn SSL_set_psk_client_callback .
-The callback function is given the connection in parameter
-.Fa ssl ,
-a
-.Dv NULL Ns
--terminated PSK identity hint sent by the server in parameter
-.Fa hint ,
-a buffer
-.Fa identity
-of length
-.Fa max_identity_len
-bytes where the resulting
-.Dv NULL Ns
--terminated identity is to be stored, and a buffer
-.Fa psk
-of
-length
-.Fa max_psk_len
-bytes where the resulting pre-shared key is to be stored.
-.Sh NOTES
-Note that parameter
-.Fa hint
-given to the callback may be
-.Dv NULL .
-.Sh RETURN VALUES
-Return values from the client callback are interpreted as follows:
-.Pp
-On success (callback found a PSK identity and a pre-shared key to use)
-the length (> 0) of
-.Fa psk
-in bytes is returned.
-.Pp
-Otherwise or on errors callback should return 0.
-In this case the connection setup fails.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_quiet_shutdown.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_quiet_shutdown.3
deleted file mode 100644
index 5cad4473186..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_quiet_shutdown.3
+++ /dev/null
@@ -1,115 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_quiet_shutdown.3,v 1.3 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_QUIET_SHUTDOWN 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_quiet_shutdown ,
-.Nm SSL_CTX_get_quiet_shutdown ,
-.Nm SSL_set_quiet_shutdown ,
-.Nm SSL_get_quiet_shutdown
-.Nd manipulate shutdown behaviour
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode"
-.Ft int
-.Fn SSL_CTX_get_quiet_shutdown "const SSL_CTX *ctx"
-.Ft void
-.Fn SSL_set_quiet_shutdown "SSL *ssl" "int mode"
-.Ft int
-.Fn SSL_get_quiet_shutdown "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_quiet_shutdown
-sets the
-.Dq quiet shutdown
-flag for
-.Fa ctx
-to be
-.Fa mode .
-.Vt SSL
-objects created from
-.Fa ctx
-inherit the
-.Fa mode
-valid at the time
-.Xr SSL_new 3
-is called.
-.Fa mode
-may be 0 or 1.
-.Pp
-.Fn SSL_CTX_get_quiet_shutdown
-returns the
-.Dq quiet shutdown
-setting of
-.Fa ctx .
-.Pp
-.Fn SSL_set_quiet_shutdown
-sets the
-.Dq quiet shutdown
-flag for
-.Fa ssl
-to be
-.Fa mode .
-The setting stays valid until
-.Fa ssl
-is removed with
-.Xr SSL_free 3
-or
-.Fn SSL_set_quiet_shutdown
-is called again.
-It is not changed when
-.Xr SSL_clear 3
-is called.
-.Fa mode
-may be 0 or 1.
-.Pp
-.Fn SSL_get_quiet_shutdown
-returns the
-.Dq quiet shutdown
-setting of
-.Fa ssl .
-.Sh NOTES
-Normally when a SSL connection is finished, the parties must send out
-.Dq close notify
-alert messages using
-.Xr SSL_shutdown 3
-for a clean shutdown.
-.Pp
-When setting the
-.Dq quiet shutdown
-flag to 1,
-.Xr SSL_shutdown 3
-will set the internal flags to
-.Dv SSL_SENT_SHUTDOWN Ns | Ns Dv SSL_RECEIVED_SHUTDOWN
-.Po
-.Xr SSL_shutdown 3
-then behaves like
-.Xr SSL_set_shutdown 3
-called with
-.Dv SSL_SENT_SHUTDOWN Ns | Ns Dv SSL_RECEIVED_SHUTDOWN
-.Pc .
-The session is thus considered to be shut down, but no
-.Dq close notify
-alert is sent to the peer.
-This behaviour violates the TLS standard.
-.Pp
-The default is normal shutdown behaviour as described by the TLS standard.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_quiet_shutdown
-and
-.Fn SSL_set_quiet_shutdown
-do not return diagnostic information.
-.Pp
-.Fn SSL_CTX_get_quiet_shutdown
-and
-.Fn SSL_get_quiet_shutdown
-return the current setting.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.3
deleted file mode 100644
index a4e147f05a3..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_session_cache_mode.3
+++ /dev/null
@@ -1,143 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_session_cache_mode.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_SESSION_CACHE_MODE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_session_cache_mode ,
-.Nm SSL_CTX_get_session_cache_mode
-.Nd enable/disable session caching
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_set_session_cache_mode "SSL_CTX ctx" "long mode"
-.Ft long
-.Fn SSL_CTX_get_session_cache_mode "SSL_CTX ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_session_cache_mode
-enables/disables session caching by setting the operational mode for
-.Ar ctx
-to
-.Ar mode .
-.Pp
-.Fn SSL_CTX_get_session_cache_mode
-returns the currently used cache mode.
-.Sh NOTES
-The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse.
-The sessions can be held in memory for each
-.Fa ctx ,
-if more than one
-.Vt SSL_CTX
-object is being maintained, the sessions are unique for each
-.Vt SSL_CTX
-object.
-.Pp
-In order to reuse a session, a client must send the session's id to the server.
-It can only send exactly one id.
-The server then either agrees to reuse the session or it starts a full
-handshake (to create a new session).
-.Pp
-A server will lookup up the session in its internal session storage.
-If the session is not found in internal storage or lookups for the internal
-storage have been deactivated
-.Pq Dv SSL_SESS_CACHE_NO_INTERNAL_LOOKUP ,
-the server will try the external storage if available.
-.Pp
-Since a client may try to reuse a session intended for use in a different
-context, the session id context must be set by the server (see
-.Xr SSL_CTX_set_session_id_context 3 ) .
-.Pp
-The following session cache modes and modifiers are available:
-.Bl -tag -width Ds
-.It Dv SSL_SESS_CACHE_OFF
-No session caching for client or server takes place.
-.It Dv SSL_SESS_CACHE_CLIENT
-Client sessions are added to the session cache.
-As there is no reliable way for the OpenSSL library to know whether a session
-should be reused or which session to choose (due to the abstract BIO layer the
-SSL engine does not have details about the connection),
-the application must select the session to be reused by using the
-.Xr SSL_set_session 3
-function.
-This option is not activated by default.
-.It Dv SSL_SESS_CACHE_SERVER
-Server sessions are added to the session cache.
-When a client proposes a session to be reused, the server looks for the
-corresponding session in (first) the internal session cache (unless
-.Dv SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
-is set), then (second) in the external cache if available.
-If the session is found, the server will try to reuse the session.
-This is the default.
-.It Dv SSL_SESS_CACHE_BOTH
-Enable both
-.Dv SSL_SESS_CACHE_CLIENT
-and
-.Dv SSL_SESS_CACHE_SERVER
-at the same time.
-.It Dv SSL_SESS_CACHE_NO_AUTO_CLEAR
-Normally the session cache is checked for expired sessions every 255
-connections using the
-.Xr SSL_CTX_flush_sessions 3
-function.
-Since this may lead to a delay which cannot be controlled,
-the automatic flushing may be disabled and
-.Xr SSL_CTX_flush_sessions 3
-can be called explicitly by the application.
-.It Dv SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
-By setting this flag, session-resume operations in an SSL/TLS server will not
-automatically look up sessions in the internal cache,
-even if sessions are automatically stored there.
-If external session caching callbacks are in use,
-this flag guarantees that all lookups are directed to the external cache.
-As automatic lookup only applies for SSL/TLS servers,
-the flag has no effect on clients.
-.It Dv SSL_SESS_CACHE_NO_INTERNAL_STORE
-Depending on the presence of
-.Dv SSL_SESS_CACHE_CLIENT
-and/or
-.Dv SSL_SESS_CACHE_SERVER ,
-sessions negotiated in an SSL/TLS handshake may be cached for possible reuse.
-Normally a new session is added to the internal cache as well as any external
-session caching (callback) that is configured for the
-.Vt SSL_CTX .
-This flag will prevent sessions being stored in the internal cache
-(though the application can add them manually using
-.Xr SSL_CTX_add_session 3 ) .
-Note:
-in any SSL/TLS servers where external caching is configured, any successful
-session lookups in the external cache (e.g., for session-resume requests) would
-normally be copied into the local cache before processing continues \(en this
-flag prevents these additions to the internal cache as well.
-.It Dv SSL_SESS_CACHE_NO_INTERNAL
-Enable both
-.Dv SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
-and
-.Dv SSL_SESS_CACHE_NO_INTERNAL_STORE
-at the same time.
-.El
-.Pp
-The default mode is
-.Dv SSL_SESS_CACHE_SERVER .
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_session_cache_mode
-returns the previously set cache mode.
-.Pp
-.Fn SSL_CTX_get_session_cache_mode
-returns the currently set cache mode.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_add_session 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_sess_number 3 ,
-.Xr SSL_CTX_sess_set_cache_size 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3 ,
-.Xr SSL_CTX_set_session_id_context 3 ,
-.Xr SSL_CTX_set_timeout 3 ,
-.Xr SSL_session_reused 3 ,
-.Xr SSL_set_session 3
-.Sh HISTORY
-.Dv SSL_SESS_CACHE_NO_INTERNAL_STORE
-and
-.Dv SSL_SESS_CACHE_NO_INTERNAL
-were introduced in OpenSSL 0.9.6h.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_session_id_context.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_session_id_context.3
deleted file mode 100644
index c8132a910cf..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_session_id_context.3
+++ /dev/null
@@ -1,105 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_session_id_context.3,v 1.3 2015/09/14 15:51:20 schwarze Exp $
-.\"
-.Dd $Mdocdate: September 14 2015 $
-.Dt SSL_CTX_SET_SESSION_ID_CONTEXT 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_session_id_context ,
-.Nm SSL_set_session_id_context
-.Nd set context within which session can be reused (server side only)
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_CTX_set_session_id_context
-.Fa "SSL_CTX *ctx"
-.Fa "const unsigned char *sid_ctx"
-.Fa "unsigned int sid_ctx_len"
-.Fc
-.Ft int
-.Fo SSL_set_session_id_context
-.Fa "SSL *ssl"
-.Fa "const unsigned char *sid_ctx"
-.Fa "unsigned int sid_ctx_len"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_session_id_context
-sets the context
-.Fa sid_ctx
-of length
-.Fa sid_ctx_len
-within which a session can be reused for the
-.Fa ctx
-object.
-.Pp
-.Fn SSL_set_session_id_context
-sets the context
-.Fa sid_ctx
-of length
-.Fa sid_ctx_len
-within which a session can be reused for the
-.Fa ssl
-object.
-.Sh NOTES
-Sessions are generated within a certain context.
-When exporting/importing sessions with
-.Xr i2d_SSL_SESSION 3
-and
-.Xr d2i_SSL_SESSION 3 ,
-it would be possible to re-import a session generated from another context
-(e.g., another application), which might lead to malfunctions.
-Therefore each application must set its own session id context
-.Fa sid_ctx
-which is used to distinguish the contexts and is stored in exported sessions.
-The
-.Fa sid_ctx
-can be any kind of binary data with a given length; it is therefore possible
-to use, for instance, the name of the application, the hostname, the service
-name...
-.Pp
-The session id context becomes part of the session.
-The session id context is set by the SSL/TLS server.
-The
-.Fn SSL_CTX_set_session_id_context
-and
-.Fn SSL_set_session_id_context
-functions are therefore only useful on the server side.
-.Pp
-OpenSSL clients will check the session id context returned by the server when
-reusing a session.
-.Pp
-The maximum length of the
-.Fa sid_ctx
-is limited to
-.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
-.Sh WARNINGS
-If the session id context is not set on an SSL/TLS server and client
-certificates are used, stored sessions will not be reused but a fatal error
-will be flagged and the handshake will fail.
-.Pp
-If a server returns a different session id context to an OpenSSL client
-when reusing a session, an error will be flagged and the handshake will
-fail.
-OpenSSL servers will always return the correct session id context,
-as an OpenSSL server checks the session id context itself before reusing
-a session as described above.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_session_id_context
-and
-.Fn SSL_set_session_id_context
-return the following values:
-.Bl -tag -width Ds
-.It 0
-The length
-.Fa sid_ctx_len
-of the session id context
-.Fa sid_ctx
-exceeded
-the maximum allowed length of
-.Dv SSL_MAX_SSL_SESSION_ID_LENGTH .
-The error is logged to the error stack.
-.It 1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_ssl_version.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_ssl_version.3
deleted file mode 100644
index f4bd74e73b8..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_ssl_version.3
+++ /dev/null
@@ -1,81 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_ssl_version.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_SSL_VERSION 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_ssl_version ,
-.Nm SSL_set_ssl_method ,
-.Nm SSL_get_ssl_method
-.Nd choose a new TLS/SSL method
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_set_ssl_version "SSL_CTX *ctx" "const SSL_METHOD *method"
-.Ft int
-.Fn SSL_set_ssl_method "SSL *s" "const SSL_METHOD *method"
-.Ft const SSL_METHOD *
-.Fn SSL_get_ssl_method "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_ssl_version
-sets a new default TLS/SSL
-.Fa method
-for
-.Vt SSL
-objects newly created from this
-.Fa ctx .
-.Vt SSL
-objects already created with
-.Xr SSL_new 3
-are not affected, except when
-.Xr SSL_clear 3
-is called.
-.Pp
-.Fn SSL_set_ssl_method
-sets a new TLS/SSL
-.Fa method
-for a particular
-.Vt SSL
-object
-.Fa s .
-It may be reset when
-.Xr SSL_clear 3
-is called.
-.Pp
-.Fn SSL_get_ssl_method
-returns a function pointer to the TLS/SSL method set in
-.Fa ssl .
-.Sh NOTES
-The available
-.Fa method
-choices are described in
-.Xr SSL_CTX_new 3 .
-.Pp
-When
-.Xr SSL_clear 3
-is called and no session is connected to an
-.Vt SSL
-object, the method of the
-.Vt SSL
-object is reset to the method currently set in the corresponding
-.Vt SSL_CTX
-object.
-.Sh RETURN VALUES
-The following return values can occur for
-.Fn SSL_CTX_set_ssl_version
-and
-.Fn SSL_set_ssl_method :
-.Bl -tag -width Ds
-.It  0
-The new choice failed.
-Check the error stack to find out the reason.
-.It  1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_set_connect_state 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_timeout.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_timeout.3
deleted file mode 100644
index 6454c4616ff..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_timeout.3
+++ /dev/null
@@ -1,65 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_timeout.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_TIMEOUT 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_timeout ,
-.Nm SSL_CTX_get_timeout
-.Nd manipulate timeout values for session caching
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_CTX_set_timeout "SSL_CTX *ctx" "long t"
-.Ft long
-.Fn SSL_CTX_get_timeout "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_timeout
-sets the timeout for newly created sessions for
-.Fa ctx
-to
-.Fa t .
-The timeout value
-.Fa t
-must be given in seconds.
-.Pp
-.Fn SSL_CTX_get_timeout
-returns the currently set timeout value for
-.Fa ctx .
-.Sh NOTES
-Whenever a new session is created, it is assigned a maximum lifetime.
-This lifetime is specified by storing the creation time of the session and the
-timeout value valid at this time.
-If the actual time is later than creation time plus timeout,
-the session is not reused.
-.Pp
-Due to this realization, all sessions behave according to the timeout value
-valid at the time of the session negotiation.
-Changes of the timeout value do not affect already established sessions.
-.Pp
-The expiration time of a single session can be modified using the
-.Xr SSL_SESSION_get_time 3
-family of functions.
-.Pp
-Expired sessions are removed from the internal session cache, whenever
-.Xr SSL_CTX_flush_sessions 3
-is called, either directly by the application or automatically (see
-.Xr SSL_CTX_set_session_cache_mode 3 ) .
-.Pp
-The default value for session timeout is decided on a per-protocol basis; see
-.Xr SSL_get_default_timeout 3 .
-All currently supported protocols have the same default timeout value of 300
-seconds.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_timeout
-returns the previously set timeout value.
-.Pp
-.Fn SSL_CTX_get_timeout
-returns the currently set timeout value.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_get_default_timeout 3 ,
-.Xr SSL_SESSION_get_time 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.3
deleted file mode 100644
index 17eed868eef..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_dh_callback.3
+++ /dev/null
@@ -1,235 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_tmp_dh_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_TMP_DH_CALLBACK 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_tmp_dh_callback ,
-.Nm SSL_CTX_set_tmp_dh ,
-.Nm SSL_set_tmp_dh_callback ,
-.Nm SSL_set_tmp_dh
-.Nd handle DH keys for ephemeral key exchange
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_tmp_dh_callback
-.Fa "SSL_CTX *ctx"
-.Fa "DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength)"
-.Fc
-.Ft long
-.Fn SSL_CTX_set_tmp_dh "SSL_CTX *ctx" "DH *dh"
-.Ft void
-.Fo SSL_set_tmp_dh_callback
-.Fa "SSL *ssl"
-.Fa "DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength"
-.Fc
-.Ft long
-.Fn SSL_set_tmp_dh "SSL *ssl" "DH *dh"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_tmp_dh_callback
-sets the callback function for
-.Fa ctx
-to be used when a DH parameters are required to
-.Fa tmp_dh_callback .
-The callback is inherited by all
-.Vt ssl
-objects created from
-.Fa ctx .
-.Pp
-.Fn SSL_CTX_set_tmp_dh
-sets DH parameters to be used to be
-.Sy dh Ns  .
-The key is inherited by all
-.Fa ssl
-objects created from
-.Fa ctx .
-.Pp
-.Fn SSL_set_tmp_dh_callback
-sets the callback only for
-.Fa ssl .
-.Pp
-.Fn SSL_set_tmp_dh
-sets the parameters only for
-.Fa ssl .
-.Pp
-These functions apply to SSL/TLS servers only.
-.Sh NOTES
-When using a cipher with RSA authentication,
-an ephemeral DH key exchange can take place.
-Ciphers with DSA keys always use ephemeral DH keys as well.
-In these cases, the session data are negotiated using the ephemeral/temporary
-DH key and the key supplied and certified by the certificate chain is only used
-for signing.
-Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
-.Pp
-Using ephemeral DH key exchange yields forward secrecy,
-as the connection can only be decrypted when the DH key is known.
-By generating a temporary DH key inside the server application that is lost
-when the application is left, it becomes impossible for an attacker to decrypt
-past sessions, even if he gets hold of the normal (certified) key,
-as this key was only used for signing.
-.Pp
-In order to perform a DH key exchange the server must use a DH group
-(DH parameters) and generate a DH key.
-The server will always generate a new DH key during the negotiation,
-when the DH parameters are supplied via callback and/or when the
-.Dv SSL_OP_SINGLE_DH_USE
-option of
-.Xr SSL_CTX_set_options 3
-is set.
-It will immediately create a DH key, when DH parameters are supplied via
-.Fn SSL_CTX_set_tmp_dh
-and
-.Dv SSL_OP_SINGLE_DH_USE
-is not set.
-In this case, it may happen that a key is generated on initialization without
-later being needed, while on the other hand the computer time during the
-negotiation is being saved.
-.Pp
-If
-.Dq strong
-primes were used to generate the DH parameters, it is not strictly necessary to
-generate a new key for each handshake but it does improve forward secrecy.
-If it is not assured that
-.Dq strong
-primes were used (see especially the section about DSA parameters below),
-.Dv SSL_OP_SINGLE_DH_USE
-must be used in order to prevent small subgroup attacks.
-Always using
-.Dv SSL_OP_SINGLE_DH_USE
-has an impact on the computer time needed during negotiation,
-but it is not very large,
-so application authors/users should consider always enabling this option.
-.Pp
-As generating DH parameters is extremely time consuming, an application should
-not generate the parameters on the fly but supply the parameters.
-DH parameters can be reused,
-as the actual key is newly generated during the negotiation.
-The risk in reusing DH parameters is that an attacker may specialize on a very
-often used DH group.
-Applications should therefore generate their own DH parameters during the
-installation process using the openssl
-.Xr openssl 1
-application.
-In order to reduce the computer time needed for this generation,
-it is possible to use DSA parameters instead (see
-.Xr openssl 1 ) ,
-but in this case
-.Dv SSL_OP_SINGLE_DH_USE
-is mandatory.
-.Pp
-Application authors may compile in DH parameters.
-Files
-.Pa dh512.pem ,
-.Pa dh1024.pem ,
-.Pa dh2048.pem ,
-and
-.Pa dh4096.pem
-in the
-.Pa apps
-directory of the current version of the OpenSSL distribution contain the
-.Sq SKIP
-DH parameters,
-which use safe primes and were generated verifiably pseudo-randomly.
-These files can be converted into C code using the
-.Fl C
-option of the
-.Xr openssl 1
-application.
-Authors may also generate their own set of parameters using
-.Xr openssl 1 ,
-but a user may not be sure how the parameters were generated.
-The generation of DH parameters during installation is therefore recommended.
-.Pp
-An application may either directly specify the DH parameters or can supply the
-DH parameters via a callback function.
-The callback approach has the advantage that the callback may supply DH
-parameters for different key lengths.
-.Pp
-The
-.Fa tmp_dh_callback
-is called with the
-.Fa keylength
-needed and the
-.Fa is_export
-information.
-The
-.Fa is_export
-flag is set when the ephemeral DH key exchange is performed with an export
-cipher.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_tmp_dh_callback
-and
-.Fn SSL_set_tmp_dh_callback
-do not return diagnostic output.
-.Pp
-.Fn SSL_CTX_set_tmp_dh
-and
-.Fn SSL_set_tmp_dh
-do return 1 on success and 0 on failure.
-Check the error queue to find out the reason of failure.
-.Sh EXAMPLES
-Handle DH parameters for key lengths of 512 and 1024 bits.
-(Error handling partly left out.)
-.Bd -literal
-\&...
-/* Set up ephemeral DH stuff */
-DH *dh_512 = NULL;
-DH *dh_1024 = NULL;
-FILE *paramfile;
-
-\&...
-
-/* "openssl dhparam -out dh_param_512.pem -2 512" */
-paramfile = fopen("dh_param_512.pem", "r");
-if (paramfile) {
-	dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
-	fclose(paramfile);
-}
-/* "openssl dhparam -out dh_param_1024.pem -2 1024" */
-paramfile = fopen("dh_param_1024.pem", "r");
-if (paramfile) {
-	dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
-	fclose(paramfile);
-}
-
-\&...
-
-/* "openssl dhparam -C -2 512" etc... */
-DH *get_dh512() { ... }
-DH *get_dh1024() { ... }
-
-DH *
-tmp_dh_callback(SSL *s, int is_export, int keylength)
-{
-	DH *dh_tmp=NULL;
-
-	switch (keylength) {
-	case 512:
-		if (!dh_512)
-			dh_512 = get_dh512();
-		dh_tmp = dh_512;
-		break;
-	case 1024:
-		if (!dh_1024)
-			dh_1024 = get_dh1024();
-		dh_tmp = dh_1024;
-		break;
-	default:
-		/*
-		 * Generating a key on the fly is very costly,
-		 * so use what is there
-		 */
-		setup_dh_parameters_like_above();
-	}
-
-	return(dh_tmp);
-}
-.Ed
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_cipher_list 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_rsa_callback.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_rsa_callback.3
deleted file mode 100644
index 253274d122b..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_tmp_rsa_callback.3
+++ /dev/null
@@ -1,231 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_tmp_rsa_callback.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_TMP_RSA_CALLBACK.POD 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_tmp_rsa_callback ,
-.Nm SSL_CTX_set_tmp_rsa ,
-.Nm SSL_CTX_need_tmp_rsa ,
-.Nm SSL_set_tmp_rsa_callback ,
-.Nm SSL_set_tmp_rsa ,
-.Nm SSL_need_tmp_rsa
-.Nd handle RSA keys for ephemeral key exchange
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_tmp_rsa_callback
-.Fa "SSL_CTX *ctx"
-.Fa "RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength)"
-.Fc
-.Ft long
-.Fn SSL_CTX_set_tmp_rsa "SSL_CTX *ctx" "RSA *rsa"
-.Ft long
-.Fn SSL_CTX_need_tmp_rsa "SSL_CTX *ctx"
-.Ft void
-.Fo SSL_set_tmp_rsa_callback
-.Fa "SSL_CTX *ctx"
-.Fa "RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength)"
-.Fc
-.Ft long
-.Fn SSL_set_tmp_rsa "SSL *ssl" "RSA *rsa"
-.Ft long
-.Fn SSL_need_tmp_rsa "SSL *ssl"
-.Ft RSA *
-.Fn "(*tmp_rsa_callback)" "SSL *ssl" "int is_export" "int keylength"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_tmp_rsa_callback
-sets the callback function for
-.Fa ctx
-to be used when a temporary/ephemeral RSA key is required to
-.Fa tmp_rsa_callback .
-The callback is inherited by all
-.Vt SSL
-objects newly created from
-.Fa ctx
-with
-.Xr SSL_new 3 .
-Already created SSL objects are not affected.
-.Pp
-.Fn SSL_CTX_set_tmp_rsa
-sets the temporary/ephemeral RSA key to be used to be
-.Fa rsa .
-The key is inherited by all
-.Vt SSL
-objects newly created from
-.Fa ctx
-with
-.Xr SSL_new 3 .
-Already created SSL objects are not affected.
-.Pp
-.Fn SSL_CTX_need_tmp_rsa
-returns 1,
-if a temporary/ephemeral RSA key is needed for RSA-based strength-limited
-.Sq exportable
-ciphersuites because a RSA key with a keysize larger than 512 bits is installed.
-.Pp
-.Fn SSL_set_tmp_rsa_callback
-sets the callback only for
-.Fa ssl .
-.Pp
-.Fn SSL_set_tmp_rsa
-sets the key only for
-.Fa ssl .
-.Pp
-.Fn SSL_need_tmp_rsa
-returns 1,
-if a temporary/ephemeral RSA key is needed for RSA-based strength-limited
-.Sq exportable
-ciphersuites because a RSA key with a keysize larger than 512 bits is installed.
-.Pp
-These functions apply to SSL/TLS servers only.
-.Sh NOTES
-When using a cipher with RSA authentication,
-an ephemeral RSA key exchange can take place.
-In this case the session data are negotiated using the ephemeral/temporary RSA
-key and the RSA key supplied and certified by the certificate chain is only
-used for signing.
-.Pp
-Under previous export restrictions, ciphers with RSA keys shorter (512 bits)
-than the usual key length of 1024 bits were created.
-To use these ciphers with RSA keys of usual length, an ephemeral key exchange
-must be performed, as the normal (certified) key cannot be directly used.
-.Pp
-Using ephemeral RSA key exchange yields forward secrecy,
-as the connection can only be decrypted when the RSA key is known.
-By generating a temporary RSA key inside the server application that is lost
-when the application is left, it becomes impossible for an attacker to decrypt
-past sessions, even if he gets hold of the normal (certified) RSA key,
-as this key was used for signing only.
-The downside is that creating a RSA key is computationally expensive.
-.Pp
-Additionally, the use of ephemeral RSA key exchange is only allowed in the TLS
-standard when the RSA key can be used for signing only, that is,
-for export ciphers.
-Using ephemeral RSA key exchange for other purposes violates the standard and
-can break interoperability with clients.
-It is therefore strongly recommended to not use ephemeral RSA key exchange and
-use EDH (Ephemeral Diffie-Hellman) key exchange instead in order to achieve
-forward secrecy (see
-.Xr SSL_CTX_set_tmp_dh_callback 3 ) .
-.Pp
-On OpenSSL servers ephemeral RSA key exchange is therefore disabled by default
-and must be explicitly enabled using the
-.Dv SSL_OP_EPHEMERAL_RSA
-option of
-.Xr SSL_CTX_set_options 3 ,
-violating the TLS/SSL
-standard.
-When ephemeral RSA key exchange is required for export ciphers,
-it will automatically be used without this option!
-.Pp
-An application may either directly specify the key or can supply the key via
-a callback function.
-The callback approach has the advantage that the callback may generate the key
-only in case it is actually needed.
-However, as the generation of a RSA key is costly,
-it will lead to a significant delay in the handshake procedure.
-Another advantage of the callback function is that it can supply keys of
-different size (e.g., for
-.Dv SSL_OP_EPHEMERAL_RSA
-usage) while the explicit setting of the key is only useful for key size of
-512 bits to satisfy the export restricted ciphers and does give away key length
-if a longer key would be allowed.
-.Pp
-The
-.Fa tmp_rsa_callback
-is called with the
-.Fa keylength
-needed and the
-.Fa is_export
-information.
-The
-.Fa is_export
-flag is set when the ephemeral RSA key exchange is performed with an export
-cipher.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_tmp_rsa_callback
-and
-.Fn SSL_set_tmp_rsa_callback
-do not return diagnostic output.
-.Pp
-.Fn SSL_CTX_set_tmp_rsa
-and
-.Fn SSL_set_tmp_rsa
-return 1 on success and 0 on failure.
-Check the error queue to find out the reason of failure.
-.Pp
-.Fn SSL_CTX_need_tmp_rsa
-and
-.Fn SSL_need_tmp_rsa
-return 1 if a temporary RSA key is needed and 0 otherwise.
-.Sh EXAMPLES
-Generate temporary RSA keys to prepare ephemeral RSA key exchange.
-As the generation of a RSA key costs a lot of computer time,
-they are saved for later reuse.
-For demonstration purposes, two keys for 512 bits and 1024 bits
-respectively are generated.
-.Bd -literal
-\&...
-
-/* Set up ephemeral RSA stuff */
-RSA *rsa_512 = NULL;
-RSA *rsa_1024 = NULL;
-
-rsa_512 = RSA_generate_key(512, RSA_F4, NULL, NULL);
-if (rsa_512 == NULL)
-	evaluate_error_queue();
-
-rsa_1024 = RSA_generate_key(1024, RSA_F4, NULL, NULL);
-if (rsa_1024 == NULL)
-	evaluate_error_queue();
-
-\&...
-
-RSA *
-tmp_rsa_callback(SSL *s, int is_export, int keylength)
-{
-	RSA *rsa_tmp = NULL;
-
-	switch (keylength) {
-	case 512:
-		if (rsa_512)
-			rsa_tmp = rsa_512;
-		else {
-			/*
-			 * generate on the fly,
-			 * should not happen in this example
-			 */
-			rsa_tmp = RSA_generate_key(keylength, RSA_F4, NULL,
-			    NULL);
-			rsa_512 = rsa_tmp; /* Remember for later reuse */
-		}
-		break;
-	case 1024:
-		if (rsa_1024)
-			rsa_tmp = rsa_1024;
-		else
-			should_not_happen_in_this_example();
-		break;
-	default:
-		/*
-		 * Generating a key on the fly is very costly,
-		 * so use what is there
-		 */
-		if (rsa_1024)
-			rsa_tmp = rsa_1024;
-		else
-			/* Use at least a shorter key */
-			rsa_tmp = rsa_512;
-	}
-	return rsa_tmp;
-}
-.Ed
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_cipher_list 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_new 3
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.3 b/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.3
deleted file mode 100644
index 9292f2086ba..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_set_verify.3
+++ /dev/null
@@ -1,415 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_set_verify.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_SET_VERIFY 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_set_verify ,
-.Nm SSL_set_verify ,
-.Nm SSL_CTX_set_verify_depth ,
-.Nm SSL_set_verify_depth
-.Nd set peer certificate verification parameters
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fo SSL_CTX_set_verify
-.Fa "SSL_CTX *ctx"
-.Fa "int mode"
-.Fa "int (*verify_callback)(int, X509_STORE_CTX *)"
-.Fc
-.Ft void
-.Fo SSL_set_verify
-.Fa "SSL *s"
-.Fa "int mode"
-.Fa "int (*verify_callback)(int, X509_STORE_CTX *)"
-.Fc
-.Ft void
-.Fn SSL_CTX_set_verify_depth "SSL_CTX *ctx" "int depth"
-.Ft void
-.Fn SSL_set_verify_depth "SSL *s" "int depth"
-.Ft int
-.Fn verify_callback "int preverify_ok" "X509_STORE_CTX *x509_ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_set_verify
-sets the verification flags for
-.Fa ctx
-to be
-.Fa mode
-and
-specifies the
-.Fa verify_callback
-function to be used.
-If no callback function shall be specified, the
-.Dv NULL
-pointer can be used for
-.Fa verify_callback .
-.Pp
-.Fn SSL_set_verify
-sets the verification flags for
-.Fa ssl
-to be
-.Fa mode
-and specifies the
-.Fa verify_callback
-function to be used.
-If no callback function shall be specified, the
-.Dv NULL
-pointer can be used for
-.Fa verify_callback .
-In this case last
-.Fa verify_callback
-set specifically for this
-.Fa ssl
-remains.
-If no special callback was set before, the default callback for the underlying
-.Fa ctx
-is used, that was valid at the time
-.Fa ssl
-was created with
-.Xr SSL_new 3 .
-.Pp
-.Fn SSL_CTX_set_verify_depth
-sets the maximum
-.Fa depth
-for the certificate chain verification that shall be allowed for
-.Fa ctx .
-(See the
-.Sx BUGS
-section.)
-.Pp
-.Fn SSL_set_verify_depth
-sets the maximum
-.Fa depth
-for the certificate chain verification that shall be allowed for
-.Fa ssl .
-(See the
-.Sx BUGS
-section.)
-.Sh NOTES
-The verification of certificates can be controlled by a set of bitwise ORed
-.Fa mode
-flags:
-.Bl -tag -width Ds
-.It Dv SSL_VERIFY_NONE
-.Em Server mode:
-the server will not send a client certificate request to the client,
-so the client will not send a certificate.
-.Pp
-.Em Client mode:
-if not using an anonymous cipher (by default disabled),
-the server will send a certificate which will be checked.
-The result of the certificate verification process can be checked after the
-TLS/SSL handshake using the
-.Xr SSL_get_verify_result 3
-function.
-The handshake will be continued regardless of the verification result.
-.It Dv SSL_VERIFY_PEER
-.Em Server mode:
-the server sends a client certificate request to the client.
-The certificate returned (if any) is checked.
-If the verification process fails,
-the TLS/SSL handshake is immediately terminated with an alert message
-containing the reason for the verification failure.
-The behaviour can be controlled by the additional
-.Dv SSL_VERIFY_FAIL_IF_NO_PEER_CERT
-and
-.Dv SSL_VERIFY_CLIENT_ONCE
-flags.
-.Pp
-.Em Client mode:
-the server certificate is verified.
-If the verification process fails,
-the TLS/SSL handshake is immediately terminated with an alert message
-containing the reason for the verification failure.
-If no server certificate is sent, because an anonymous cipher is used,
-.Dv SSL_VERIFY_PEER
-is ignored.
-.It Dv SSL_VERIFY_FAIL_IF_NO_PEER_CERT
-.Em Server mode:
-if the client did not return a certificate, the TLS/SSL
-handshake is immediately terminated with a
-.Dq handshake failure
-alert.
-This flag must be used together with
-.Dv SSL_VERIFY_PEER.
-.Pp
-.Em Client mode:
-ignored
-.It Dv SSL_VERIFY_CLIENT_ONCE
-.Em Server mode:
-only request a client certificate on the initial TLS/SSL handshake.
-Do not ask for a client certificate again in case of a renegotiation.
-This flag must be used together with
-.Dv SSL_VERIFY_PEER .
-.Pp
-.Em Client mode:
-ignored
-.El
-.Pp
-Exactly one of the
-.Fa mode
-flags
-.Dv SSL_VERIFY_NONE
-and
-.Dv SSL_VERIFY_PEER
-must be set at any time.
-.Pp
-The actual verification procedure is performed either using the built-in
-verification procedure or using another application provided verification
-function set with
-.Xr SSL_CTX_set_cert_verify_callback 3 .
-The following descriptions apply in the case of the built-in procedure.
-An application provided procedure also has access to the verify depth
-information and the
-.Fa verify_callback Ns ()
-function, but the way this information is used may be different.
-.Pp
-.Fn SSL_CTX_set_verify_depth
-and
-.Fn SSL_set_verify_depth
-set the limit up to which depth certificates in a chain are used during the
-verification procedure.
-If the certificate chain is longer than allowed,
-the certificates above the limit are ignored.
-Error messages are generated as if these certificates would not be present,
-most likely a
-.Dv X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
-will be issued.
-The depth count is
-.Dq level 0: peer certificate ,
-.Dq level 1: CA certificate ,
-.Dq level 2: higher level CA certificate ,
-and so on.
-Setting the maximum depth to 2 allows the levels 0, 1, and 2.
-The default depth limit is 100,
-allowing for the peer certificate and an additional 100 CA certificates.
-.Pp
-The
-.Fa verify_callback
-function is used to control the behaviour when the
-.Dv SSL_VERIFY_PEER
-flag is set.
-It must be supplied by the application and receives two arguments:
-.Fa preverify_ok
-indicates whether the verification of the certificate in question was passed
-(preverify_ok=1) or not (preverify_ok=0).
-.Fa x509_ctx
-is a pointer to the complete context used
-for the certificate chain verification.
-.Pp
-The certificate chain is checked starting with the deepest nesting level
-(the root CA certificate) and worked upward to the peer's certificate.
-At each level signatures and issuer attributes are checked.
-Whenever a verification error is found, the error number is stored in
-.Fa x509_ctx
-and
-.Fa verify_callback
-is called with
-.Fa preverify_ok
-equal to 0.
-By applying
-.Fn X509_CTX_store_*
-functions
-.Fa verify_callback
-can locate the certificate in question and perform additional steps (see
-.Sx EXAMPLES ) .
-If no error is found for a certificate,
-.Fa verify_callback
-is called with
-.Fa preverify_ok
-equal to 1 before advancing to the next level.
-.Pp
-The return value of
-.Fa verify_callback
-controls the strategy of the further verification process.
-If
-.Fa verify_callback
-returns 0, the verification process is immediately stopped with
-.Dq verification failed
-state.
-If
-.Dv SSL_VERIFY_PEER
-is set, a verification failure alert is sent to the peer and the TLS/SSL
-handshake is terminated.
-If
-.Fa verify_callback
-returns 1, the verification process is continued.
-If
-.Fa verify_callback
-always returns 1,
-the TLS/SSL handshake will not be terminated with respect to verification
-failures and the connection will be established.
-The calling process can however retrieve the error code of the last
-verification error using
-.Xr SSL_get_verify_result 3
-or by maintaining its own error storage managed by
-.Fa verify_callback .
-.Pp
-If no
-.Fa verify_callback
-is specified, the default callback will be used.
-Its return value is identical to
-.Fa preverify_ok ,
-so that any verification
-failure will lead to a termination of the TLS/SSL handshake with an
-alert message, if
-.Dv SSL_VERIFY_PEER
-is set.
-.Sh RETURN VALUES
-The
-.Fn SSL*_set_verify*
-functions do not provide diagnostic information.
-.Sh EXAMPLES
-The following code sequence realizes an example
-.Fa verify_callback
-function that will always continue the TLS/SSL handshake regardless of
-verification failure, if wished.
-The callback realizes a verification depth limit with more informational output.
-.Pp
-All verification errors are printed;
-information about the certificate chain is printed on request.
-The example is realized for a server that does allow but not require client
-certificates.
-.Pp
-The example makes use of the ex_data technique to store application data
-into/retrieve application data from the
-.Vt SSL
-structure (see
-.Xr SSL_get_ex_new_index 3 ,
-.Xr SSL_get_ex_data_X509_STORE_CTX_idx 3 ) .
-.Bd -literal
-\&...
-
-typedef struct {
-	int	verbose_mode;
-	int	verify_depth;
-	int	always_continue;
-} mydata_t;
-int mydata_index;
-\&...
-static int
-verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
-{
-	char buf[256];
-	X509 *err_cert;
-	int err, depth;
-	SSL *ssl;
-	mydata_t *mydata;
-
-	err_cert = X509_STORE_CTX_get_current_cert(ctx);
-	err = X509_STORE_CTX_get_error(ctx);
-	depth = X509_STORE_CTX_get_error_depth(ctx);
-
-	/*
-	 * Retrieve the pointer to the SSL of the connection currently
-	 * treated * and the application specific data stored into the
-	 * SSL object.
-	 */
-	ssl = X509_STORE_CTX_get_ex_data(ctx,
-	    SSL_get_ex_data_X509_STORE_CTX_idx());
-	mydata = SSL_get_ex_data(ssl, mydata_index);
-
-	X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
-
-	/*
-	 * Catch a too long certificate chain. The depth limit set using
-	 * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so
-	 * that whenever the "depth>verify_depth" condition is met, we
-	 * have violated the limit and want to log this error condition.
-	 * We must do it here, because the CHAIN_TOO_LONG error would not
-	 * be found explicitly; only errors introduced by cutting off the
-	 * additional certificates would be logged.
-	 */
-	if (depth > mydata->verify_depth) {
-		preverify_ok = 0;
-		err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
-		X509_STORE_CTX_set_error(ctx, err);
-	}
-	if (!preverify_ok) {
-		printf("verify error:num=%d:%s:depth=%d:%s\en", err,
-		    X509_verify_cert_error_string(err), depth, buf);
-	} else if (mydata->verbose_mode) {
-		printf("depth=%d:%s\en", depth, buf);
-	}
-
-	/*
-	 * At this point, err contains the last verification error.
-	 * We can use it for something special
-	 */
-	if (!preverify_ok && (err ==
-	    X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT)) {
-		X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),
-		    buf, 256);
-		printf("issuer= %s\en", buf);
-	}
-
-	if (mydata->always_continue)
-		return 1;
-	else
-		return preverify_ok;
-}
-\&...
-
-mydata_t mydata;
-
-\&...
-
-mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL);
-
-\&...
-
-SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
-    verify_callback);
-
-/*
- * Let the verify_callback catch the verify_depth error so that we get
- * an appropriate error in the logfile.
- */
-SSL_CTX_set_verify_depth(verify_depth + 1);
-
-/*
- * Set up the SSL specific data into "mydata" and store it into the SSL
- * structure.
- */
-mydata.verify_depth = verify_depth; ...
-SSL_set_ex_data(ssl, mydata_index, &mydata);
-
-\&...
-
-SSL_accept(ssl); /* check of success left out for clarity */
-if (peer = SSL_get_peer_certificate(ssl)) {
-	if (SSL_get_verify_result(ssl) == X509_V_OK) {
-		/* The client sent a certificate which verified OK */
-	}
-}
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_get_verify_mode 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_cert_verify_callback 3 ,
-.Xr SSL_get_ex_data_X509_STORE_CTX_idx 3 ,
-.Xr SSL_get_ex_new_index 3 ,
-.Xr SSL_get_peer_certificate 3 ,
-.Xr SSL_get_verify_result 3 ,
-.Xr SSL_new 3
-.Sh BUGS
-In client mode, it is not checked whether the
-.Dv SSL_VERIFY_PEER
-flag is set, but whether
-.Dv SSL_VERIFY_NONE
-is not set.
-This can lead to unexpected behaviour, if the
-.Dv SSL_VERIFY_PEER
-and
-.Dv SSL_VERIFY_NONE
-are not used as required (exactly one must be set at any time).
-.Pp
-The certificate verification depth set with
-.Fn SSL[_CTX]_verify_depth
-stops the verification at a certain depth.
-The error message produced will be that of an incomplete certificate chain and
-not
-.Dv X509_V_ERR_CERT_CHAIN_TOO_LONG
-as may be expected.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.3 b/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.3
deleted file mode 100644
index 6282c3b0d72..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_use_certificate.3
+++ /dev/null
@@ -1,336 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_use_certificate.3,v 1.3 2015/02/06 01:37:11 reyk Exp $
-.\"
-.Dd $Mdocdate: February 6 2015 $
-.Dt SSL_CTX_USE_CERTIFICATE 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_use_certificate ,
-.Nm SSL_CTX_use_certificate_ASN1 ,
-.Nm SSL_CTX_use_certificate_file ,
-.Nm SSL_use_certificate ,
-.Nm SSL_use_certificate_ASN1 ,
-.Nm SSL_use_certificate_file ,
-.Nm SSL_CTX_use_certificate_chain_file ,
-.Nm SSL_CTX_use_certificate_chain_mem ,
-.Nm SSL_CTX_use_PrivateKey ,
-.Nm SSL_CTX_use_PrivateKey_ASN1 ,
-.Nm SSL_CTX_use_PrivateKey_file ,
-.Nm SSL_CTX_use_RSAPrivateKey ,
-.Nm SSL_CTX_use_RSAPrivateKey_ASN1 ,
-.Nm SSL_CTX_use_RSAPrivateKey_file ,
-.Nm SSL_use_PrivateKey_file ,
-.Nm SSL_use_PrivateKey_ASN1 ,
-.Nm SSL_use_PrivateKey ,
-.Nm SSL_use_RSAPrivateKey ,
-.Nm SSL_use_RSAPrivateKey_ASN1 ,
-.Nm SSL_use_RSAPrivateKey_file ,
-.Nm SSL_CTX_check_private_key ,
-.Nm SSL_check_private_key
-.Nd load certificate and key data
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_use_certificate "SSL_CTX *ctx" "X509 *x"
-.Ft int
-.Fn SSL_CTX_use_certificate_ASN1 "SSL_CTX *ctx" "int len" "unsigned char *d"
-.Ft int
-.Fn SSL_CTX_use_certificate_file "SSL_CTX *ctx" "const char *file" "int type"
-.Ft int
-.Fn SSL_use_certificate "SSL *ssl" "X509 *x"
-.Ft int
-.Fn SSL_use_certificate_ASN1 "SSL *ssl" "unsigned char *d" "int len"
-.Ft int
-.Fn SSL_use_certificate_file "SSL *ssl" "const char *file" "int type"
-.Ft int
-.Fn SSL_CTX_use_certificate_chain_file "SSL_CTX *ctx" "const char *file"
-.Ft int
-.Fn SSL_CTX_use_certificate_chain_mem "SSL_CTX *ctx" "void *buf" "int len"
-.Ft int
-.Fn SSL_CTX_use_PrivateKey "SSL_CTX *ctx" "EVP_PKEY *pkey"
-.Ft int
-.Fo SSL_CTX_use_PrivateKey_ASN1
-.Fa "int pk" "SSL_CTX *ctx" "unsigned char *d" "long len"
-.Fc
-.Ft int
-.Fn SSL_CTX_use_PrivateKey_file "SSL_CTX *ctx" "const char *file" "int type"
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey "SSL_CTX *ctx" "RSA *rsa"
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_ASN1 "SSL_CTX *ctx" "unsigned char *d" "long len"
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_file "SSL_CTX *ctx" "const char *file" "int type"
-.Ft int
-.Fn SSL_use_PrivateKey "SSL *ssl" "EVP_PKEY *pkey"
-.Ft int
-.Fn SSL_use_PrivateKey_ASN1 "int pk" "SSL *ssl" "unsigned char *d" "long len"
-.Ft int
-.Fn SSL_use_PrivateKey_file "SSL *ssl" "const char *file" "int type"
-.Ft int
-.Fn SSL_use_RSAPrivateKey "SSL *ssl" "RSA *rsa"
-.Ft int
-.Fn SSL_use_RSAPrivateKey_ASN1 "SSL *ssl" "unsigned char *d" "long len"
-.Ft int
-.Fn SSL_use_RSAPrivateKey_file "SSL *ssl" "const char *file" "int type"
-.Ft int
-.Fn SSL_CTX_check_private_key "const SSL_CTX *ctx"
-.Ft int
-.Fn SSL_check_private_key "const SSL *ssl"
-.Sh DESCRIPTION
-These functions load the certificates and private keys into the
-.Vt SSL_CTX
-or
-.Vt SSL
-object, respectively.
-.Pp
-The
-.Fn SSL_CTX_*
-class of functions loads the certificates and keys into the
-.Vt SSL_CTX
-object
-.Fa ctx .
-The information is passed to
-.Vt SSL
-objects
-.Fa ssl
-created from
-.Fa ctx
-with
-.Xr SSL_new 3
-by copying, so that changes applied to
-.Fa ctx
-do not propagate to already existing
-.Vt SSL
-objects.
-.Pp
-The
-.Fn SSL_*
-class of functions only loads certificates and keys into a specific
-.Vt SSL
-object.
-The specific information is kept when
-.Xr SSL_clear 3
-is called for this
-.Vt SSL
-object.
-.Pp
-.Fn SSL_CTX_use_certificate
-loads the certificate
-.Fa x
-into
-.Fa ctx ;
-.Fn SSL_use_certificate
-loads
-.Fa x
-into
-.Fa ssl .
-The rest of the certificates needed to form the complete certificate chain can
-be specified using the
-.Xr SSL_CTX_add_extra_chain_cert 3
-function.
-.Pp
-.Fn SSL_CTX_use_certificate_ASN1
-loads the ASN1 encoded certificate from the memory location
-.Fa d
-(with length
-.Fa len )
-into
-.Fa ctx ;
-.Fn SSL_use_certificate_ASN1
-loads the ASN1 encoded certificate into
-.Fa ssl .
-.Pp
-.Fn SSL_CTX_use_certificate_file
-loads the first certificate stored in
-.Fa file
-into
-.Fa ctx .
-The formatting
-.Fa type
-of the certificate must be specified from the known types
-.Dv SSL_FILETYPE_PEM
-and
-.Dv SSL_FILETYPE_ASN1 .
-.Fn SSL_use_certificate_file
-loads the certificate from
-.Fa file
-into
-.Fa ssl .
-See the
-.Sx NOTES
-section on why
-.Fn SSL_CTX_use_certificate_chain_file
-should be preferred.
-.Pp
-The
-.Fn SSL_CTX_use_certificate_chain*
-functions load a certificate chain into
-.Fa ctx .
-The certificates must be in PEM format and must be sorted starting with the
-subject's certificate (actual client or server certificate),
-followed by intermediate CA certificates if applicable,
-and ending at the highest level (root) CA.
-There is no corresponding function working on a single
-.Vt SSL
-object.
-.Pp
-.Fn SSL_CTX_use_PrivateKey
-adds
-.Fa pkey
-as private key to
-.Fa ctx .
-.Fn SSL_CTX_use_RSAPrivateKey
-adds the private key
-.Fa rsa
-of type RSA to
-.Fa ctx .
-.Fn SSL_use_PrivateKey
-adds
-.Fa pkey
-as private key to
-.Fa ssl ;
-.Fn SSL_use_RSAPrivateKey
-adds
-.Fa rsa
-as private key of type RSA to
-.Fa ssl .
-If a certificate has already been set and the private does not belong to the
-certificate, an error is returned.
-To change a certificate private key pair,
-the new certificate needs to be set with
-.Fn SSL_use_certificate
-or
-.Fn SSL_CTX_use_certificate
-before setting the private key with
-.Fn SSL_CTX_use_PrivateKey
-or
-.Fn SSL_use_PrivateKey .
-.Pp
-.Fn SSL_CTX_use_PrivateKey_ASN1
-adds the private key of type
-.Fa pk
-stored at memory location
-.Fa d
-(length
-.Fa len )
-to
-.Fa ctx .
-.Fn SSL_CTX_use_RSAPrivateKey_ASN1
-adds the private key of type RSA stored at memory location
-.Fa d
-(length
-.Fa len )
-to
-.Fa ctx .
-.Fn SSL_use_PrivateKey_ASN1
-and
-.Fn SSL_use_RSAPrivateKey_ASN1
-add the private key to
-.Fa ssl .
-.Pp
-.Fn SSL_CTX_use_PrivateKey_file
-adds the first private key found in
-.Fa file
-to
-.Fa ctx .
-The formatting
-.Fa type
-of the certificate must be specified from the known types
-.Dv SSL_FILETYPE_PEM
-and
-.Dv SSL_FILETYPE_ASN1 .
-.Fn SSL_CTX_use_RSAPrivateKey_file
-adds the first private RSA key found in
-.Fa file
-to
-.Fa ctx .
-.Fn SSL_use_PrivateKey_file
-adds the first private key found in
-.Fa file
-to
-.Fa ssl ;
-.Fn SSL_use_RSAPrivateKey_file
-adds the first private RSA key found to
-.Fa ssl .
-.Pp
-.Fn SSL_CTX_check_private_key
-checks the consistency of a private key with the corresponding certificate
-loaded into
-.Fa ctx .
-If more than one key/certificate pair (RSA/DSA) is installed,
-the last item installed will be checked.
-If, e.g., the last item was a RSA certificate or key,
-the RSA key/certificate pair will be checked.
-.Fn SSL_check_private_key
-performs the same check for
-.Fa ssl .
-If no key/certificate was explicitly added for this
-.Fa ssl ,
-the last item added into
-.Fa ctx
-will be checked.
-.Sh NOTES
-The internal certificate store of OpenSSL can hold two private key/certificate
-pairs at a time:
-one key/certificate of type RSA and one key/certificate of type DSA.
-The certificate used depends on the cipher select, see also
-.Xr SSL_CTX_set_cipher_list 3 .
-.Pp
-When reading certificates and private keys from file, files of type
-.Dv SSL_FILETYPE_ASN1
-(also known as
-.Em DER ,
-binary encoding) can only contain one certificate or private key; consequently,
-.Fn SSL_CTX_use_certificate_chain_file
-is only applicable to PEM formatting.
-Files of type
-.Dv SSL_FILETYPE_PEM
-can contain more than one item.
-.Pp
-.Fn SSL_CTX_use_certificate_chain_file
-adds the first certificate found in the file to the certificate store.
-The other certificates are added to the store of chain certificates using
-.Xr SSL_CTX_add_extra_chain_cert 3 .
-There exists only one extra chain store, so that the same chain is appended
-to both types of certificates, RSA and DSA!
-If it is not intended to use both type of certificate at the same time,
-it is recommended to use the
-.Fn SSL_CTX_use_certificate_chain_file
-instead of the
-.Fn SSL_CTX_use_certificate_file
-function in order to allow the use of complete certificate chains even when no
-trusted CA storage is used or when the CA issuing the certificate shall not be
-added to the trusted CA storage.
-.Pp
-If additional certificates are needed to complete the chain during the TLS
-negotiation, CA certificates are additionally looked up in the locations of
-trusted CA certificates (see
-.Xr SSL_CTX_load_verify_locations 3 ) .
-.Pp
-The private keys loaded from file can be encrypted.
-In order to successfully load encrypted keys,
-a function returning the passphrase must have been supplied (see
-.Xr SSL_CTX_set_default_passwd_cb 3 ) .
-(Certificate files might be encrypted as well from the technical point of view,
-it however does not make sense as the data in the certificate is considered
-public anyway.)
-.Sh RETURN VALUES
-On success, the functions return 1.
-Otherwise check out the error stack to find out the reason.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_add_extra_chain_cert 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_set_cipher_list 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3 ,
-.Xr SSL_CTX_set_default_passwd_cb 3 ,
-.Xr SSL_new 3
-.Sh HISTORY
-Support for DER encoded private keys
-.Pq Dv SSL_FILETYPE_ASN1
-in
-.Fn SSL_CTX_use_PrivateKey_file
-and
-.Fn SSL_use_PrivateKey_file
-was added in 0.9.8.
diff --git a/lib/libssl/src/doc/ssl/SSL_CTX_use_psk_identity_hint.3 b/lib/libssl/src/doc/ssl/SSL_CTX_use_psk_identity_hint.3
deleted file mode 100644
index 00c92b51ab1..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_CTX_use_psk_identity_hint.3
+++ /dev/null
@@ -1,110 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_CTX_use_psk_identity_hint.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CTX_USE_PSK_IDENTITY_HINT 3
-.Os
-.Sh NAME
-.Nm SSL_CTX_use_psk_identity_hint ,
-.Nm SSL_use_psk_identity_hint ,
-.Nm  SSL_CTX_set_psk_server_callback ,
-.Nm SSL_set_psk_server_callback
-.Nd set PSK identity hint to use
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX *ctx" "const char *hint"
-.Ft int
-.Fn SSL_use_psk_identity_hint "SSL *ssl" "const char *hint"
-.Ft void
-.Fo SSL_CTX_set_psk_server_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
-.Fc
-.Ft void
-.Fo SSL_set_psk_server_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len)"
-.Fc
-.Sh DESCRIPTION
-.Fn SSL_CTX_use_psk_identity_hint
-sets the given
-.Dv NULL Ns
--terminated PSK identity hint
-.Fa hint
-to SSL context object
-.Fa ctx .
-.Fn SSL_use_psk_identity_hint
-sets the given
-.Dv NULL Ns
--terminated
-PSK identity hint
-.Fa hint
-to SSL connection object
-.Fa ssl .
-If
-.Fa hint
-is
-.Dv NULL
-the current hint from
-.Fa ctx
-or
-.Fa ssl
-is deleted.
-.Pp
-In the case where PSK identity hint is
-.Dv NULL ,
-the server does not send the
-.Em ServerKeyExchange
-message to the client.
-.Pp
-A server application must provide a callback function which is called when the
-server receives the
-.Em ClientKeyExchange
-message from the client.
-The purpose of the callback function is to validate the received PSK identity
-and to fetch the pre-shared key used during the connection setup phase.
-The callback is set using functions
-.Fn SSL_CTX_set_psk_server_callback
-or
-.Fn SSL_set_psk_server_callback .
-The callback function is given the connection in parameter
-.Fa ssl ,
-.Dv NULL Ns
--terminated PSK identity sent by the client in parameter
-.Fa identity ,
-and a buffer
-.Fa psk
-of length
-.Fa max_psk_len
-bytes where the pre-shared key is to be stored.
-.Sh RETURN VALUES
-.Fn SSL_CTX_use_psk_identity_hint
-and
-.Fn SSL_use_psk_identity_hint
-return 1 on success, 0 otherwise.
-.Pp
-Return values from the server callback are interpreted as follows:
-.Bl -tag -width Ds
-.It >0
-PSK identity was found and the server callback has provided the PSK
-successfully in parameter
-.Fa psk .
-Return value is the length of
-.Fa psk
-in bytes.
-It is an error to return a value greater than
-.Fa max_psk_len .
-.Pp
-If the PSK identity was not found but the callback instructs the protocol to
-continue anyway, the callback must provide some random data to
-.Fa psk
-and return the length of the random data, so the connection will fail with
-.Dq decryption_error
-before it will be finished completely.
-.It 0
-PSK identity was not found.
-An
-.Dq unknown_psk_identity
-alert message will be sent and the connection setup fails.
-.El
diff --git a/lib/libssl/src/doc/ssl/SSL_SESSION_free.3 b/lib/libssl/src/doc/ssl/SSL_SESSION_free.3
deleted file mode 100644
index 69491f714b2..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_SESSION_free.3
+++ /dev/null
@@ -1,84 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_SESSION_free.3,v 1.3 2015/12/30 18:45:02 millert Exp $
-.\"
-.Dd $Mdocdate: December 30 2015 $
-.Dt SSL_SESSION_FREE 3
-.Os
-.Sh NAME
-.Nm SSL_SESSION_free
-.Nd free an allocated SSL_SESSION structure
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_SESSION_free "SSL_SESSION *session"
-.Sh DESCRIPTION
-.Fn SSL_SESSION_free
-decrements the reference count of
-.Fa session
-and removes the
-.Vt SSL_SESSION
-structure pointed to by
-.Fa session
-and frees up the allocated memory, if the reference count has reached 0.
-If
-.Fa session
-is a
-.Dv NULL
-pointer, no action occurs.
-.Sh NOTES
-.Vt SSL_SESSION
-objects are allocated when a TLS/SSL handshake operation is successfully
-completed.
-Depending on the settings, see
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-the
-.Vt SSL_SESSION
-objects are internally referenced by the
-.Vt SSL_CTX
-and linked into its session cache.
-.Vt SSL
-objects may be using the
-.Vt SSL_SESSION
-object; as a session may be reused, several
-.Vt SSL
-objects may be using one
-.Vt SSL_SESSION
-object at the same time.
-It is therefore crucial to keep the reference count (usage information) correct
-and not delete a
-.Vt SSL_SESSION
-object that is still used, as this may lead to program failures due to dangling
-pointers.
-These failures may also appear delayed, e.g., when an
-.Vt SSL_SESSION
-object is completely freed as the reference count incorrectly becomes 0, but it
-is still referenced in the internal session cache and the cache list is
-processed during a
-.Xr SSL_CTX_flush_sessions 3
-operation.
-.Pp
-.Fn SSL_SESSION_free
-must only be called for
-.Vt SSL_SESSION
-objects, for which the reference count was explicitly incremented (e.g., by
-calling
-.Xr SSL_get1_session 3 ;
-see
-.Xr SSL_get_session 3 )
-or when the
-.Vt SSL_SESSION
-object was generated outside a TLS handshake operation, e.g., by using
-.Xr d2i_SSL_SESSION 3 .
-It must not be called on other
-.Vt SSL_SESSION
-objects, as this would cause incorrect reference counts and therefore program
-failures.
-.Sh RETURN VALUES
-.Fn SSL_SESSION_free
-does not provide diagnostic information.
-.Sh SEE ALSO
-.Xr d2i_SSL_SESSION 3 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_get_session 3
diff --git a/lib/libssl/src/doc/ssl/SSL_SESSION_get_ex_new_index.3 b/lib/libssl/src/doc/ssl/SSL_SESSION_get_ex_new_index.3
deleted file mode 100644
index a31f5195069..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_SESSION_get_ex_new_index.3
+++ /dev/null
@@ -1,80 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_SESSION_get_ex_new_index.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SESSION_GET_EX_NEW_INDEX 3
-.Os
-.Sh NAME
-.Nm SSL_SESSION_get_ex_new_index ,
-.Nm SSL_SESSION_set_ex_data ,
-.Nm SSL_SESSION_get_ex_data
-.Nd internal application specific data functions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_SESSION_get_ex_new_index
-.Fa "long argl"
-.Fa "void *argp"
-.Fa "CRYPTO_EX_new *new_func"
-.Fa "CRYPTO_EX_dup *dup_func"
-.Fa "CRYPTO_EX_free *free_func"
-.Fc
-.Ft int
-.Fn SSL_SESSION_set_ex_data "SSL_SESSION *session" "int idx" "void *arg"
-.Ft void *
-.Fn SSL_SESSION_get_ex_data "const SSL_SESSION *session" "int idx"
-.Bd -literal
- typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-                int idx, long argl, void *argp);
- typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-                int idx, long argl, void *argp);
-.Ed
-.Sh DESCRIPTION
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate
-application-specific data attached to a specific structure.
-.Pp
-.Fn SSL_SESSION_get_ex_new_index
-is used to register a new index for application-specific data.
-.Pp
-.Fn SSL_SESSION_set_ex_data
-is used to store application data at
-.Fa arg
-for
-.Fa idx
-into the
-.Fa session
-object.
-.Pp
-.Fn SSL_SESSION_get_ex_data
-is used to retrieve the information for
-.Fa idx
-from
-.Fa session .
-.Pp
-A detailed description for the
-.Fn *_get_ex_new_index
-functionality
-can be found in
-.Xr RSA_get_ex_new_index 3 .
-The
-.Fn *_get_ex_data
-and
-.Fn *_set_ex_data
-functionality is described in
-.Xr CRYPTO_set_ex_data 3 .
-.Sh WARNINGS
-The application data is only maintained for sessions held in memory.
-The application data is not included when dumping the session with
-.Xr i2d_SSL_SESSION 3
-(and all functions indirectly calling the dump functions like
-.Xr PEM_write_SSL_SESSION 3
-and
-.Xr PEM_write_bio_SSL_SESSION 3 )
-and can therefore not be restored.
-.Sh SEE ALSO
-.Xr CRYPTO_set_ex_data 3 ,
-.Xr RSA_get_ex_new_index 3 ,
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.3 b/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.3
deleted file mode 100644
index e906b5ad67f..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_SESSION_get_time.3
+++ /dev/null
@@ -1,98 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_SESSION_get_time.3,v 1.3 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt SSL_SESSION_GET_TIME 3
-.Os
-.Sh NAME
-.Nm SSL_SESSION_get_time ,
-.Nm SSL_SESSION_set_time ,
-.Nm SSL_SESSION_get_timeout ,
-.Nm SSL_SESSION_set_timeout ,
-.Nm SSL_get_time ,
-.Nm SSL_set_time ,
-.Nm SSL_get_timeout ,
-.Nm SSL_set_timeout
-.Nd retrieve and manipulate session time and timeout settings
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_SESSION_get_time "const SSL_SESSION *s"
-.Ft long
-.Fn SSL_SESSION_set_time "SSL_SESSION *s" "long tm"
-.Ft long
-.Fn SSL_SESSION_get_timeout "const SSL_SESSION *s"
-.Ft long
-.Fn SSL_SESSION_set_timeout "SSL_SESSION *s" "long tm"
-.Ft long
-.Fn SSL_get_time "const SSL_SESSION *s"
-.Ft long
-.Fn SSL_set_time "SSL_SESSION *s" "long tm"
-.Ft long
-.Fn SSL_get_timeout "const SSL_SESSION *s"
-.Ft long
-.Fn SSL_set_timeout "SSL_SESSION *s" "long tm"
-.Sh DESCRIPTION
-.Fn SSL_SESSION_get_time
-returns the time at which the session
-.Fa s
-was established.
-The time is given in seconds since the Epoch and therefore compatible to the
-time delivered by the
-.Xr time 3
-call.
-.Pp
-.Fn SSL_SESSION_set_time
-replaces the creation time of the session
-.Fa s
-with
-the chosen value
-.Fa tm .
-.Pp
-.Fn SSL_SESSION_get_timeout
-returns the timeout value set for session
-.Fa s
-in seconds.
-.Pp
-.Fn SSL_SESSION_set_timeout
-sets the timeout value for session
-.Fa s
-in seconds to
-.Fa tm .
-.Pp
-The
-.Fn SSL_get_time ,
-.Fn SSL_set_time ,
-.Fn SSL_get_timeout ,
-and
-.Fn SSL_set_timeout
-functions are synonyms for the
-.Fn SSL_SESSION_*
-counterparts.
-.Sh NOTES
-Sessions are expired by examining the creation time and the timeout value.
-Both are set at creation time of the session to the actual time and the default
-timeout value at creation, respectively, as set by
-.Xr SSL_CTX_set_timeout 3 .
-Using these functions it is possible to extend or shorten the lifetime of the
-session.
-.Sh RETURN VALUES
-.Fn SSL_SESSION_get_time
-and
-.Fn SSL_SESSION_get_timeout
-return the currently valid values.
-.Pp
-.Fn SSL_SESSION_set_time
-and
-.Fn SSL_SESSION_set_timeout
-return 1 on success.
-.Pp
-If any of the function is passed the
-.Dv NULL
-pointer for the session
-.Fa s ,
-0 is returned.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_timeout 3 ,
-.Xr SSL_get_default_timeout 3
diff --git a/lib/libssl/src/doc/ssl/SSL_accept.3 b/lib/libssl/src/doc/ssl/SSL_accept.3
deleted file mode 100644
index 8c7409d04f3..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_accept.3
+++ /dev/null
@@ -1,103 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_accept.3,v 1.3 2015/06/18 22:51:05 doug Exp $
-.\"
-.Dd $Mdocdate: June 18 2015 $
-.Dt SSL_ACCEPT 3
-.Os
-.Sh NAME
-.Nm SSL_accept
-.Nd wait for a TLS/SSL client to initiate a TLS/SSL handshake
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_accept "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_accept
-waits for a TLS/SSL client to initiate the TLS/SSL handshake.
-The communication channel must already have been set and assigned to the
-.Fa ssl
-object by setting an underlying
-.Vt BIO .
-.Sh NOTES
-The behaviour of
-.Fn SSL_accept
-depends on the underlying
-.Vt BIO .
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_accept
-will only return once the handshake has been finished or an error occurred.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_accept
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_accept
-to continue the handshake, indicating the problem by the return value \(mi1.
-In this case a call to
-.Xr SSL_get_error 3
-with the
-return value of
-.Fn SSL_accept
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_accept .
-The action depends on the underlying
-.Dv BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The TLS/SSL handshake was not successful but was shut down controlled and by
-the specifications of the TLS/SSL protocol.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.It 1
-The TLS/SSL handshake was successfully completed,
-and a TLS/SSL connection has been established.
-.It <0
-The TLS/SSL handshake was not successful because a fatal error occurred either
-at the protocol level or a connection failure occurred.
-The shutdown was not clean.
-It can also occur of action is need to continue the operation for non-blocking
-.Vt BIO Ns
-s.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_alert_type_string.3 b/lib/libssl/src/doc/ssl/SSL_alert_type_string.3
deleted file mode 100644
index 10c947dae9e..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_alert_type_string.3
+++ /dev/null
@@ -1,193 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_alert_type_string.3,v 1.3 2015/09/14 15:58:48 schwarze Exp $
-.\"
-.Dd $Mdocdate: September 14 2015 $
-.Dt SSL_ALERT_TYPE_STRING.POD 3
-.Os
-.Sh NAME
-.Nm SSL_alert_type_string ,
-.Nm SSL_alert_type_string_long ,
-.Nm SSL_alert_desc_string ,
-.Nm SSL_alert_desc_string_long
-.Nd get textual description of alert information
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_alert_type_string "int value"
-.Ft const char *
-.Fn SSL_alert_type_string_long "int value"
-.Ft const char *
-.Fn SSL_alert_desc_string "int value"
-.Ft const char *
-.Fn SSL_alert_desc_string_long "int value"
-.Sh DESCRIPTION
-.Fn SSL_alert_type_string
-returns a one letter string indicating the type of the alert specified by
-.Fa value .
-.Pp
-.Fn SSL_alert_type_string_long
-returns a string indicating the type of the alert specified by
-.Fa value .
-.Pp
-.Fn SSL_alert_desc_string
-returns a two letter string as a short form describing the reason of the alert
-specified by
-.Fa value .
-.Pp
-.Fn SSL_alert_desc_string_long
-returns a string describing the reason of the alert specified by
-.Fa value .
-.Sh NOTES
-When one side of an SSL/TLS communication wants to inform the peer about
-a special situation, it sends an alert.
-The alert is sent as a special message and does not influence the normal data
-stream (unless its contents results in the communication being canceled).
-.Pp
-A warning alert is sent, when a non-fatal error condition occurs.
-The
-.Dq close notify
-alert is sent as a warning alert.
-Other examples for non-fatal errors are certificate errors
-.Po
-.Dq certificate expired ,
-.Dq unsupported certificate
-.Pc ,
-for which a warning alert may be sent.
-(The sending party may, however, decide to send a fatal error.)
-The receiving side may cancel the connection on reception of a warning alert at
-its discretion.
-.Pp
-Several alert messages must be sent as fatal alert messages as specified
-by the TLS RFC.
-A fatal alert always leads to a connection abort.
-.Sh RETURN VALUES
-The following strings can occur for
-.Fn SSL_alert_type_string
-or
-.Fn SSL_alert_type_string_long :
-.Bl -tag -width Ds
-.It \(dqW\(dq/\(dqwarning\(dq
-.It \(dqF\(dq/\(dqfatal\(dq
-.It \(dqU\(dq/\(dqunknown\(dq
-This indicates that no support is available for this alert type.
-Probably
-.Fa value
-does not contain a correct alert message.
-.El
-.Pp
-The following strings can occur for
-.Fn SSL_alert_desc_string
-or
-.Fn SSL_alert_desc_string_long :
-.Bl -tag -width Ds
-.It \(dqCN\(dq/\(dqclose notify\(dq
-The connection shall be closed.
-This is a warning alert.
-.It \(dqUM\(dq/\(dqunexpected message\(dq
-An inappropriate message was received.
-This alert is always fatal and should never be observed in communication
-between proper implementations.
-.It \(dqBM\(dq/\(dqbad record mac\(dq
-This alert is returned if a record is received with an incorrect MAC.
-This message is always fatal.
-.It \(dqDF\(dq/\(dqdecompression failure\(dq
-The decompression function received improper input
-(e.g., data that would expand to excessive length).
-This message is always fatal.
-.It \(dqHF\(dq/\(dqhandshake failure\(dq
-Reception of a handshake_failure alert message indicates that the sender was
-unable to negotiate an acceptable set of security parameters given the options
-available.
-This is a fatal error.
-.It \(dqNC\(dq/\(dqno certificate\(dq
-A client, that was asked to send a certificate, does not send a certificate
-(SSLv3 only).
-.It \(dqBC\(dq/\(dqbad certificate\(dq
-A certificate was corrupt, contained signatures that did not verify correctly,
-etc.
-.It \(dqUC\(dq/\(dqunsupported certificate\(dq
-A certificate was of an unsupported type.
-.It \(dqCR\(dq/\(dqcertificate revoked\(dq
-A certificate was revoked by its signer.
-.It \(dqCE\(dq/\(dqcertificate expired\(dq
-A certificate has expired or is not currently valid.
-.It \(dqCU\(dq/\(dqcertificate unknown\(dq
-Some other (unspecified) issue arose in processing the certificate,
-rendering it unacceptable.
-.It \(dqIP\(dq/\(dqillegal parameter\(dq
-A field in the handshake was out of range or inconsistent with other fields.
-This is always fatal.
-.It \(dqDC\(dq/\(dqdecryption failed\(dq
-A TLSCiphertext decrypted in an invalid way: either it wasn't an even multiple
-of the block length or its padding values, when checked, weren't correct.
-This message is always fatal.
-.It \(dqRO\(dq/\(dqrecord overflow\(dq
-A TLSCiphertext record was received which had a length more than
-2^14+2048 bytes, or a record decrypted to a TLSCompressed record with more than
-2^14+1024 bytes.
-This message is always fatal.
-.It \(dqCA\(dq/\(dqunknown CA\(dq
-A valid certificate chain or partial chain was received,
-but the certificate was not accepted because the CA certificate could not be
-located or couldn't be matched with a known, trusted CA.
-This message is always fatal.
-.It \(dqAD\(dq/\(dqaccess denied\(dq
-A valid certificate was received, but when access control was applied,
-the sender decided not to proceed with negotiation.
-This message is always fatal.
-.It \(dqDE\(dq/\(dqdecode error\(dq
-A message could not be decoded because some field was out of the specified
-range or the length of the message was incorrect.
-This message is always fatal.
-.It \(dqCY\(dq/\(dqdecrypt error\(dq
-A handshake cryptographic operation failed, including being unable to correctly
-verify a signature, decrypt a key exchange, or validate a finished message.
-.It \(dqER\(dq/\(dqexport restriction\(dq
-A negotiation not in compliance with export restrictions was detected;
-for example, attempting to transfer a 1024 bit ephemeral RSA key for the
-RSA_EXPORT handshake method.
-This message is always fatal.
-.It \(dqPV\(dq/\(dqprotocol version\(dq
-The protocol version the client has attempted to negotiate is recognized,
-but not supported.
-(For example, old protocol versions might be avoided for security reasons.)
-This message is always fatal.
-.It \(dqIS\(dq/\(dqinsufficient security\(dq
-Returned instead of handshake_failure when a negotiation has failed
-specifically because the server requires ciphers more secure than those
-supported by the client.
-This message is always fatal.
-.It \(dqIE\(dq/\(dqinternal error\(dq
-An internal error unrelated to the peer or the correctness of the protocol
-makes it impossible to continue (such as a memory allocation failure).
-This message is always fatal.
-.It \(dqUS\(dq/\(dquser canceled\(dq
-This handshake is being canceled for some reason unrelated to a protocol
-failure.
-If the user cancels an operation after the handshake is complete,
-just closing the connection by sending a close_notify is more appropriate.
-This alert should be followed by a close_notify.
-This message is generally a warning.
-.It \(dqNR\(dq/\(dqno renegotiation\(dq
-Sent by the client in response to a hello request or by the server in response
-to a client hello after initial handshaking.
-Either of these would normally lead to renegotiation; when that is not
-appropriate, the recipient should respond with this alert; at that point,
-the original requester can decide whether to proceed with the connection.
-One case where this would be appropriate would be where a server has spawned a
-process to satisfy a request; the process might receive security parameters
-(key length, authentication, etc.) at startup and it might be difficult to
-communicate changes to these parameters after that point.
-This message is always a warning.
-.It \(dqUP\(dq/\(dqunknown PSK identity\(dq
-Sent by the server to indicate that it does not recognize a PSK identity or an
-SRP identity.
-.It \(dqUK\(dq/\(dqunknown\(dq
-This indicates that no description is available for this alert type.
-Probably
-.Fa value
-does not contain a correct alert message.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_info_callback 3
diff --git a/lib/libssl/src/doc/ssl/SSL_clear.3 b/lib/libssl/src/doc/ssl/SSL_clear.3
deleted file mode 100644
index 8d49a840ca8..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_clear.3
+++ /dev/null
@@ -1,92 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_clear.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_CLEAR 3
-.Os
-.Sh NAME
-.Nm SSL_clear
-.Nd reset SSL object to allow another connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_clear "SSL *ssl"
-.Sh DESCRIPTION
-Reset
-.Fa ssl
-to allow another connection.
-All settings (method, ciphers, BIOs) are kept.
-.Sh NOTES
-.Fn SSL_clear
-is used to prepare an
-.Vt SSL
-object for a new connection.
-While all settings are kept,
-a side effect is the handling of the current SSL session.
-If a session is still
-.Em open ,
-it is considered bad and will be removed from the session cache,
-as required by RFC2246.
-A session is considered open if
-.Xr SSL_shutdown 3
-was not called for the connection or at least
-.Xr SSL_set_shutdown 3
-was used to
-set the
-.Dv SSL_SENT_SHUTDOWN
-state.
-.Pp
-If a session was closed cleanly,
-the session object will be kept and all settings corresponding.
-This explicitly means that for example the special method used during the
-session will be kept for the next handshake.
-So if the session was a TLSv1 session, a
-.Vt SSL
-client object will use a TLSv1 client method for the next handshake and a
-.Vt SSL
-server object will use a TLSv1 server method, even if
-.Fn SSLv23_*_method Ns s
-were chosen on startup.
-This might lead to connection failures (see
-.Xr SSL_new 3 )
-for a description of the method's properties.
-.Sh WARNINGS
-.Fn SSL_clear
-resets the
-.Vt SSL
-object to allow for another connection.
-The reset operation however keeps several settings of the last sessions
-(some of these settings were made automatically during the last handshake).
-It only makes sense for a new connection with the exact same peer that shares
-these settings,
-and may fail if that peer changes its settings between connections.
-Use the sequence
-.Xr SSL_get_session 3 ;
-.Xr SSL_new 3 ;
-.Xr SSL_set_session 3 ;
-.Xr SSL_free 3
-instead to avoid such failures (or simply
-.Xr SSL_free 3 ;
-.Xr SSL_new 3
-if session reuse is not desired).
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The
-.Fn SSL_clear
-operation could not be performed.
-Check the error stack to find out the reason.
-.It 1
-The
-.Fn SSL_clear
-operation was successful.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_connect.3 b/lib/libssl/src/doc/ssl/SSL_connect.3
deleted file mode 100644
index 105e0ed9234..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_connect.3
+++ /dev/null
@@ -1,102 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_connect.3,v 1.3 2015/07/24 15:25:08 jmc Exp $
-.\"
-.Dd $Mdocdate: July 24 2015 $
-.Dt SSL_CONNECT 3
-.Os
-.Sh NAME
-.Nm SSL_connect
-.Nd initiate the TLS/SSL handshake with a TLS/SSL server
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_connect "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_connect
-initiates the TLS/SSL handshake with a server.
-The communication channel must already have been set and assigned to the
-.Fa ssl
-by setting an underlying
-.Vt BIO .
-.Sh NOTES
-The behaviour of
-.Fn SSL_connect
-depends on the underlying
-.Vt BIO .
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_connect
-will only return once the handshake has been finished or an error occurred.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_connect
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_connect
-to continue the handshake, indicating the problem with the return value \(mi1.
-In this case a call to
-.Xr SSL_get_error 3
-with the return value of
-.Fn SSL_connect
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_connect .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The TLS/SSL handshake was not successful but was shut down controlled and
-by the specifications of the TLS/SSL protocol.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.It 1
-The TLS/SSL handshake was successfully completed,
-and a TLS/SSL connection has been established.
-.It <0
-The TLS/SSL handshake was not successful, because either a fatal error occurred
-at the protocol level or a connection failure occurred.
-The shutdown was not clean.
-It can also occur if action is needed to continue the operation for
-non-blocking
-.Vt BIO Ns s.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_do_handshake.3 b/lib/libssl/src/doc/ssl/SSL_do_handshake.3
deleted file mode 100644
index 78a37b08c94..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_do_handshake.3
+++ /dev/null
@@ -1,101 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_do_handshake.3,v 1.3 2015/06/18 22:51:05 doug Exp $
-.\"
-.Dd $Mdocdate: June 18 2015 $
-.Dt SSL_DO_HANDSHAKE 3
-.Os
-.Sh NAME
-.Nm SSL_do_handshake
-.Nd perform a TLS/SSL handshake
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_do_handshake "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_do_handshake
-will wait for a SSL/TLS handshake to take place.
-If the connection is in client mode, the handshake will be started.
-The handshake routines may have to be explicitly set in advance using either
-.Xr SSL_set_connect_state 3
-or
-.Xr SSL_set_accept_state 3 .
-.Sh NOTES
-The behaviour of
-.Fn SSL_do_handshake
-depends on the underlying
-.Vt BIO .
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_do_handshake
-will only return once the handshake has been finished or an error occurred.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_do_handshake
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_do_handshake
-to continue the handshake.
-In this case a call to
-.Xr SSL_get_error 3
-with the return value of
-.Fn SSL_do_handshake
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_do_handshake .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The TLS/SSL handshake was not successful but was shut down controlled and
-by the specifications of the TLS/SSL protocol.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.It 1
-The TLS/SSL handshake was successfully completed,
-and a TLS/SSL connection has been established.
-.It <0
-The TLS/SSL handshake was not successful because either a fatal error occurred
-at the protocol level or a connection failure occurred.
-The shutdown was not clean.
-It can also occur if action is needed to continue the operation for
-non-blocking
-.Vt BIO Ns s.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_set_connect_state 3
diff --git a/lib/libssl/src/doc/ssl/SSL_free.3 b/lib/libssl/src/doc/ssl/SSL_free.3
deleted file mode 100644
index 1a3711e6c7b..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_free.3
+++ /dev/null
@@ -1,67 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_free.3,v 1.3 2015/12/30 18:45:02 millert Exp $
-.\"
-.Dd $Mdocdate: December 30 2015 $
-.Dt SSL_FREE 3
-.Os
-.Sh NAME
-.Nm SSL_free
-.Nd free an allocated SSL structure
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_free "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_free
-decrements the reference count of
-.Fa ssl ,
-and removes the
-.Vt SSL
-structure pointed to by
-.Fa ssl
-and frees up the allocated memory if the reference count has reached 0.
-If
-.Fa ssl
-is a
-.Dv NULL
-pointer, no action occurs.
-.Sh NOTES
-.Fn SSL_free
-also calls the
-.Xr free 3 Ns
-ing procedures for indirectly affected items, if applicable: the buffering
-.Vt BIO ,
-the read and write
-.Vt BIOs ,
-cipher lists specially created for this
-.Fa ssl ,
-the
-.Sy SSL_SESSION .
-Do not explicitly free these indirectly freed up items before or after calling
-.Fn SSL_free ,
-as trying to free things twice may lead to program failure.
-.Pp
-The
-.Fa ssl
-session has reference counts from two users: the
-.Vt SSL
-object, for which the reference count is removed by
-.Fn SSL_free
-and the internal session cache.
-If the session is considered bad, because
-.Xr SSL_shutdown 3
-was not called for the connection and
-.Xr SSL_set_shutdown 3
-was not used to set the
-.Vt SSL_SENT_SHUTDOWN
-state, the session will also be removed from the session cache as required by
-RFC2246.
-.Sh RETURN VALUES
-.Fn SSL_free
-does not provide diagnostic information.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_SSL_CTX.3 b/lib/libssl/src/doc/ssl/SSL_get_SSL_CTX.3
deleted file mode 100644
index 7ba5b0cb811..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_SSL_CTX.3
+++ /dev/null
@@ -1,28 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_SSL_CTX.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_SSL_CTX 3
-.Os
-.Sh NAME
-.Nm SSL_get_SSL_CTX
-.Nd get the SSL_CTX from which an SSL is created
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL_CTX *
-.Fn SSL_get_SSL_CTX "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_SSL_CTX
-returns a pointer to the
-.Vt SSL_CTX
-object from which
-.Fa ssl
-was created with
-.Xr SSL_new 3 .
-.Sh RETURN VALUES
-The pointer to the
-.Vt SSL_CTX
-object is returned.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_new 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_ciphers.3 b/lib/libssl/src/doc/ssl/SSL_get_ciphers.3
deleted file mode 100644
index 89abc172b4c..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_ciphers.3
+++ /dev/null
@@ -1,68 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_ciphers.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_CIPHERS 3
-.Os
-.Sh NAME
-.Nm SSL_get_ciphers ,
-.Nm SSL_get_cipher_list
-.Nd get list of available SSL_CIPHERs
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft STACK_OF(SSL_CIPHER) *
-.Fn SSL_get_ciphers "const SSL *ssl"
-.Ft const char *
-.Fn SSL_get_cipher_list "const SSL *ssl" "int priority"
-.Sh DESCRIPTION
-.Fn SSL_get_ciphers
-returns the stack of available
-.Vt SSL_CIPHER Ns s
-for
-.Fa ssl ,
-sorted by preference.
-If
-.Fa ssl
-is
-.Dv NULL
-or no ciphers are available,
-.Dv NULL
-is returned.
-.Pp
-.Fn SSL_get_cipher_list
-returns a pointer to the name of the
-.Vt SSL_CIPHER
-listed for
-.Fa ssl
-with
-.Fa priority .
-If
-.Fa ssl
-is
-.Dv NULL ,
-no ciphers are available, or there are fewer ciphers than
-.Fa priority
-available,
-.Dv NULL
-is returned.
-.Sh NOTES
-The details of the ciphers obtained by
-.Fn SSL_get_ciphers
-can be obtained using the
-.Xr SSL_CIPHER_get_name 3
-family of functions.
-.Pp
-Call
-.Fn SSL_get_cipher_list
-with
-.Fa priority
-starting from 0 to obtain the sorted list of available ciphers, until
-.Dv NULL
-is returned.
-.Sh RETURN VALUES
-See
-.Sx DESCRIPTION .
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CIPHER_get_name 3 ,
-.Xr SSL_CTX_set_cipher_list 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.3 b/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.3
deleted file mode 100644
index 7aa5a90c9a1..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_client_CA_list.3
+++ /dev/null
@@ -1,61 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_client_CA_list.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_CLIENT_CA_LIST 3
-.Os
-.Sh NAME
-.Nm SSL_get_client_CA_list ,
-.Nm SSL_CTX_get_client_CA_list
-.Nd get list of client CAs
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft STACK_OF(X509_NAME) *
-.Fn SSL_get_client_CA_list "const SSL *s"
-.Ft STACK_OF(X509_NAME) *
-.Fn SSL_CTX_get_client_CA_list "const SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_CTX_get_client_CA_list
-returns the list of client CAs explicitly set for
-.Fa ctx
-using
-.Xr SSL_CTX_set_client_CA_list 3 .
-.Pp
-.Fn SSL_get_client_CA_list
-returns the list of client CAs explicitly set for
-.Fa ssl
-using
-.Fn SSL_set_client_CA_list
-or
-.Fa ssl Ns 's
-.Vt SSL_CTX
-object with
-.Xr SSL_CTX_set_client_CA_list 3 ,
-when in server mode.
-In client mode,
-.Fn SSL_get_client_CA_list
-returns the list of client CAs sent from the server, if any.
-.Sh RETURN VALUES
-.Fn SSL_CTX_set_client_CA_list
-and
-.Fn SSL_set_client_CA_list
-do not return diagnostic information.
-.Pp
-.Fn SSL_CTX_add_client_CA
-and
-.Fn SSL_add_client_CA
-have the following return values:
-.Bl -tag -width Ds
-.It Dv STACK_OF Ns Po Vt X509_NAMES Pc
-List of CA names explicitly set (for
-.Fa ctx
-or in server mode) or sent by the server (client mode).
-.It Dv NULL
-No client CA list was explicitly set (for
-.Fa ctx
-or in server mode) or the server did not send a list of CAs (client mode).
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_client_CA_list 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_current_cipher.3 b/lib/libssl/src/doc/ssl/SSL_get_current_cipher.3
deleted file mode 100644
index d7140571b03..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_current_cipher.3
+++ /dev/null
@@ -1,52 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_current_cipher.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_CURRENT_CIPHER 3
-.Os
-.Sh NAME
-.Nm SSL_get_current_cipher ,
-.Nm SSL_get_cipher ,
-.Nm SSL_get_cipher_name ,
-.Nm  SSL_get_cipher_bits ,
-.Nm SSL_get_cipher_version
-.Nd get SSL_CIPHER of a connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL_CIPHER *
-.Fn SSL_get_current_cipher "const SSL *ssl"
-.Fd #define SSL_get_cipher(s) SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-.Fd #define SSL_get_cipher_name(s) \
-SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-.Fd #define SSL_get_cipher_bits(s,np) \
-SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-.Fd #define SSL_get_cipher_version(s) \
-SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-.Sh DESCRIPTION
-.Fn SSL_get_current_cipher
-returns a pointer to an
-.Vt SSL_CIPHER
-object containing the description of the actually used cipher of a connection
-established with the
-.Fa ssl
-object.
-.Pp
-.Fn SSL_get_cipher
-and
-.Fn SSL_get_cipher_name
-are identical macros to obtain the name of the currently used cipher.
-.Fn SSL_get_cipher_bits
-is a macro to obtain the number of secret/algorithm bits used and
-.Fn SSL_get_cipher_version
-returns the protocol name.
-See
-.Xr SSL_CIPHER_get_name 3
-for more details.
-.Sh RETURN VALUES
-.Fn SSL_get_current_cipher
-returns the cipher actually used or
-.Dv NULL ,
-when no session has been established.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CIPHER_get_name 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_default_timeout.3 b/lib/libssl/src/doc/ssl/SSL_get_default_timeout.3
deleted file mode 100644
index 1a58e87f271..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_default_timeout.3
+++ /dev/null
@@ -1,36 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_default_timeout.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_DEFAULT_TIMEOUT 3
-.Os
-.Sh NAME
-.Nm SSL_get_default_timeout
-.Nd get default session timeout value
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_get_default_timeout "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_default_timeout
-returns the default timeout value assigned to
-.Vt SSL_SESSION
-objects negotiated for the protocol valid for
-.Fa ssl .
-.Sh NOTES
-Whenever a new session is negotiated, it is assigned a timeout value,
-after which it will not be accepted for session reuse.
-If the timeout value was not explicitly set using
-.Xr SSL_CTX_set_timeout 3 ,
-the hardcoded default timeout for the protocol will be used.
-.Pp
-.Fn SSL_get_default_timeout
-return this hardcoded value, which is 300 seconds for all currently supported
-protocols (SSLv2, SSLv3, and TLSv1).
-.Sh RETURN VALUES
-See description.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_SESSION_get_time 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_error.3 b/lib/libssl/src/doc/ssl/SSL_get_error.3
deleted file mode 100644
index f6e5045b01d..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_error.3
+++ /dev/null
@@ -1,169 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_error.3,v 1.3 2015/07/24 15:25:08 jmc Exp $
-.\"
-.Dd $Mdocdate: July 24 2015 $
-.Dt SSL_GET_ERROR 3
-.Os
-.Sh NAME
-.Nm SSL_get_error
-.Nd obtain result code for TLS/SSL I/O operation
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_get_error "const SSL *ssl" "int ret"
-.Sh DESCRIPTION
-.Fn SSL_get_error
-returns a result code (suitable for the C
-.Dq switch
-statement) for a preceding call to
-.Xr SSL_connect 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_peek 3 ,
-or
-.Xr SSL_write 3
-on
-.Fa ssl .
-The value returned by that TLS/SSL I/O function must be passed to
-.Fn SSL_get_error
-in parameter
-.Fa ret .
-.Pp
-In addition to
-.Fa ssl
-and
-.Fa ret ,
-.Fn SSL_get_error
-inspects the current thread's OpenSSL error queue.
-Thus,
-.Fn SSL_get_error
-must be used in the same thread that performed the TLS/SSL I/O operation,
-and no other OpenSSL function calls should appear in between.
-The current thread's error queue must be empty before the TLS/SSL I/O operation
-is attempted, or
-.Fn SSL_get_error
-will not work reliably.
-.Sh RETURN VALUES
-The following return values can currently occur:
-.Bl -tag -width Ds
-.It Dv SSL_ERROR_NONE
-The TLS/SSL I/O operation completed.
-This result code is returned if and only if
-.Fa ret
-< 0.
-.It Dv SSL_ERROR_ZERO_RETURN
-The TLS/SSL connection has been closed.
-If the protocol version is SSL 3.0 or TLS 1.0, this result code is returned
-only if a closure alert has occurred in the protocol, i.e., if the connection
-has been closed cleanly.
-Note that in this case
-.Dv SSL_ERROR_ZERO_RETURN
-does not necessarily indicate that the underlying transport has been closed.
-.It Dv SSL_ERROR_WANT_READ , Dv SSL_ERROR_WANT_WRITE
-The operation did not complete;
-the same TLS/SSL I/O function should be called again later.
-If, by then, the underlying
-.Vt BIO
-has data available for reading (if the result code is
-.Dv SSL_ERROR_WANT_READ )
-or allows writing data
-.Pq Dv SSL_ERROR_WANT_WRITE ,
-then some TLS/SSL protocol progress will take place,
-i.e., at least part of a TLS/SSL record will be read or written.
-Note that the retry may again lead to a
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE
-condition.
-There is no fixed upper limit for the number of iterations that may be
-necessary until progress becomes visible at application protocol level.
-.Pp
-For socket
-.Fa BIO Ns
-s (e.g., when
-.Fn SSL_set_fd
-was used),
-.Xr select 2
-or
-.Xr poll 2
-on the underlying socket can be used to find out when the TLS/SSL I/O function
-should be retried.
-.Pp
-Caveat: Any TLS/SSL I/O function can lead to either of
-.Dv SSL_ERROR_WANT_READ
-and
-.Dv SSL_ERROR_WANT_WRITE .
-In particular,
-.Xr SSL_read 3
-or
-.Xr SSL_peek 3
-may want to write data and
-.Xr SSL_write 3
-may want
-to read data.
-This is mainly because TLS/SSL handshakes may occur at any time during the
-protocol (initiated by either the client or the server);
-.Xr SSL_read 3 ,
-.Xr SSL_peek 3 ,
-and
-.Xr SSL_write 3
-will handle any pending handshakes.
-.It Dv SSL_ERROR_WANT_CONNECT , Dv SSL_ERROR_WANT_ACCEPT
-The operation did not complete; the same TLS/SSL I/O function should be
-called again later.
-The underlying BIO was not connected yet to the peer and the call would block
-in
-.Xr connect 2 Ns / Ns
-.Xr accept 2 .
-The SSL function should be
-called again when the connection is established.
-These messages can only appear with a
-.Xr BIO_s_connect 3
-or
-.Xr BIO_s_accept 3
-.Vt BIO ,
-respectively.
-In order to find out when the connection has been successfully established,
-on many platforms
-.Xr select 2
-or
-.Xr poll 2
-for writing on the socket file descriptor can be used.
-.It Dv SSL_ERROR_WANT_X509_LOOKUP
-The operation did not complete because an application callback set by
-.Xr SSL_CTX_set_client_cert_cb 3
-has asked to be called again.
-The TLS/SSL I/O function should be called again later.
-Details depend on the application.
-.It Dv SSL_ERROR_SYSCALL
-Some I/O error occurred.
-The OpenSSL error queue may contain more information on the error.
-If the error queue is empty (i.e.,
-.Fn ERR_get_error
-returns 0),
-.Fa ret
-can be used to find out more about the error:
-If
-.Fa ret
-== 0, an
-.Dv EOF
-was observed that violates the protocol.
-If
-.Fa ret
-== \(mi1, the underlying
-.Vt BIO
-reported an
-I/O error (for socket I/O on Unix systems, consult
-.Dv errno
-for details).
-.It Dv SSL_ERROR_SSL
-A failure in the SSL library occurred, usually a protocol error.
-The OpenSSL error queue contains more information on the error.
-.El
-.Sh SEE ALSO
-.Xr err 3 ,
-.Xr ssl 3
-.Sh HISTORY
-.Fn SSL_get_error
-was added in SSLeay 0.8.
diff --git a/lib/libssl/src/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.3 b/lib/libssl/src/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.3
deleted file mode 100644
index ac8a27c952f..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.3
+++ /dev/null
@@ -1,65 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_ex_data_X509_STORE_CTX_idx.3,v 1.3 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_EX_DATA_X509_STORE_CTX_IDX 3
-.Os
-.Sh NAME
-.Nm SSL_get_ex_data_X509_STORE_CTX_idx
-.Nd get ex_data index to access SSL structure from X509_STORE_CTX
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx void
-.Sh DESCRIPTION
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx
-returns the index number under which the pointer to the
-.Vt SSL
-object is stored into the
-.Vt X509_STORE_CTX
-object.
-.Sh NOTES
-Whenever a
-.Vt X509_STORE_CTX
-object is created for the verification of the peer's certificate during a
-handshake, a pointer to the
-.Vt SSL
-object is stored into the
-.Vt X509_STORE_CTX
-object to identify the connection affected.
-To retrieve this pointer the
-.Xr X509_STORE_CTX_get_ex_data 3
-function can be used with the correct index.
-This index is globally the same for all
-.Vt X509_STORE_CTX
-objects and can be retrieved using
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx .
-The index value is set when
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx
-is first called either by the application program directly or indirectly during
-other SSL setup functions or during the handshake.
-.Pp
-The value depends on other index values defined for
-.Vt X509_STORE_CTX
-objects before the SSL index is created.
-.Sh RETURN VALUES
-.Bl -tag -width Ds
-.It \(>=0
-The index value to access the pointer.
-.It <0
-An error occurred, check the error stack for a detailed error message.
-.El
-.Sh EXAMPLES
-The index returned from
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx
-provides access to
-.Vt SSL
-object for the connection during the
-.Fn verify_callback
-when checking the peer's certificate.
-Please check the example in
-.Xr SSL_CTX_set_verify 3 .
-.Sh SEE ALSO
-.Xr CRYPTO_set_ex_data 3 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_verify 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_ex_new_index.3 b/lib/libssl/src/doc/ssl/SSL_get_ex_new_index.3
deleted file mode 100644
index d4613a62104..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_ex_new_index.3
+++ /dev/null
@@ -1,76 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_ex_new_index.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_EX_NEW_INDEX 3
-.Os
-.Sh NAME
-.Nm SSL_get_ex_new_index ,
-.Nm SSL_set_ex_data ,
-.Nm SSL_get_ex_data
-.Nd internal application specific data functions
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fo SSL_get_ex_new_index
-.Fa "long argl"
-.Fa "void *argp"
-.Fa "CRYPTO_EX_new *new_func"
-.Fa "CRYPTO_EX_dup *dup_func"
-.Fa "CRYPTO_EX_free *free_func"
-.Fc
-.Ft int
-.Fn SSL_set_ex_data "SSL *ssl" "int idx" "void *arg"
-.Ft void *
-.Fn SSL_get_ex_data "const SSL *ssl" "int idx"
-.Bd -literal
-typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-               int idx, long argl, void *argp);
-typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
-               int idx, long argl, void *argp);
-typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
-               int idx, long argl, void *argp);
-.Ed
-.Sh DESCRIPTION
-Several OpenSSL structures can have application specific data attached to them.
-These functions are used internally by OpenSSL to manipulate application
-specific data attached to a specific structure.
-.Pp
-.Fn SSL_get_ex_new_index
-is used to register a new index for application specific data.
-.Pp
-.Fn SSL_set_ex_data
-is used to store application data at
-.Fa arg
-for
-.Fa idx
-into the
-.Fa ssl
-object.
-.Pp
-.Fn SSL_get_ex_data
-is used to retrieve the information for
-.Fa idx
-from
-.Fa ssl .
-.Pp
-A detailed description for the
-.Fn *_get_ex_new_index
-functionality can be found in
-.Xr RSA_get_ex_new_index 3 .
-The
-.Fn *_get_ex_data
-and
-.Fn *_set_ex_data
-functionality is described in
-.Xr CRYPTO_set_ex_data 3 .
-.Sh EXAMPLES
-An example of how to use the functionality is included in the example
-.Fn verify_callback
-in
-.Xr SSL_CTX_set_verify 3 .
-.Sh SEE ALSO
-.Xr CRYPTO_set_ex_data 3 ,
-.Xr RSA_get_ex_new_index 3 ,
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_verify 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_fd.3 b/lib/libssl/src/doc/ssl/SSL_get_fd.3
deleted file mode 100644
index b66b5f1044e..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_fd.3
+++ /dev/null
@@ -1,46 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_fd.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_FD 3
-.Os
-.Sh NAME
-.Nm SSL_get_fd ,
-.Nm SSL_get_rfd ,
-.Nm SSL_get_wfd
-.Nd get file descriptor linked to an SSL object
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_get_fd "const SSL *ssl"
-.Ft int
-.Fn SSL_get_rfd "const SSL *ssl"
-.Ft int
-.Fn SSL_get_wfd "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_fd
-returns the file descriptor which is linked to
-.Fa ssl .
-.Fn SSL_get_rfd
-and
-.Fn SSL_get_wfd
-return the file descriptors for the read or the write channel,
-which can be different.
-If the read and the write channel are different,
-.Fn SSL_get_fd
-will return the file descriptor of the read channel.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It \(mi1
-The operation failed, because the underlying
-.Vt BIO
-is not of the correct type (suitable for file descriptors).
-.It \(>=0
-The file descriptor linked to
-.Fa ssl .
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_set_fd 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_peer_cert_chain.3 b/lib/libssl/src/doc/ssl/SSL_get_peer_cert_chain.3
deleted file mode 100644
index e4faece5d0f..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_peer_cert_chain.3
+++ /dev/null
@@ -1,47 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_peer_cert_chain.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_PEER_CERT_CHAIN 3
-.Os
-.Sh NAME
-.Nm SSL_get_peer_cert_chain
-.Nd get the X509 certificate chain of the peer
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft STACK_OF(X509) *
-.Fn SSL_get_peer_cert_chain "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_peer_cert_chain
-returns a pointer to
-.Dv STACK_OF Ns Po Vt X509 Pc
-certificates forming the certificate chain of the peer.
-If called on the client side, the stack also contains the peer's certificate;
-if called on the server side, the peer's certificate must be obtained
-separately using
-.Xr SSL_get_peer_certificate 3 .
-If the peer did not present a certificate,
-.Dv NULL
-is returned.
-.Sh NOTES
-The peer certificate chain is not necessarily available after reusing a
-session, in which case a
-.Dv NULL
-pointer is returned.
-.Pp
-The reference count of the
-.Dv STACK_OF Ns Po Vt X509 Pc
-object is not incremented.
-If the corresponding session is freed, the pointer must not be used any longer.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-No certificate was presented by the peer or no connection was established or
-the certificate chain is no longer available when a session is reused.
-.It Pointer to a Dv STACK_OF Ns Po X509 Pc
-The return value points to the certificate chain presented by the peer.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_get_peer_certificate 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_peer_certificate.3 b/lib/libssl/src/doc/ssl/SSL_get_peer_certificate.3
deleted file mode 100644
index bb325723566..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_peer_certificate.3
+++ /dev/null
@@ -1,53 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_peer_certificate.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_PEER_CERTIFICATE 3
-.Os
-.Sh NAME
-.Nm SSL_get_peer_certificate
-.Nd get the X509 certificate of the peer
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft X509 *
-.Fn SSL_get_peer_certificate "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_peer_certificate
-returns a pointer to the X509 certificate the peer presented.
-If the peer did not present a certificate,
-.Dv NULL
-is returned.
-.Sh NOTES
-Due to the protocol definition, a TLS/SSL server will always send a
-certificate, if present.
-A client will only send a certificate when explicitly requested to do so by the
-server (see
-.Xr SSL_CTX_set_verify 3 ) .
-If an anonymous cipher is used, no certificates are sent.
-.Pp
-That a certificate is returned does not indicate information about the
-verification state.
-Use
-.Xr SSL_get_verify_result 3
-to check the verification state.
-.Pp
-The reference count of the
-.Vt X509
-object is incremented by one, so that it will not be destroyed when the session
-containing the peer certificate is freed.
-The
-.Vt X509
-object must be explicitly freed using
-.Xr X509_free 3 .
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-No certificate was presented by the peer or no connection was established.
-.It Pointer to an X509 certificate
-The return value points to the certificate presented by the peer.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_get_verify_result 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_psk_identity.3 b/lib/libssl/src/doc/ssl/SSL_get_psk_identity.3
deleted file mode 100644
index 408555c0eea..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_psk_identity.3
+++ /dev/null
@@ -1,44 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_psk_identity.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_PSK_IDENTITY 3
-.Os
-.Sh NAME
-.Nm SSL_get_psk_identity ,
-.Nm SSL_get_psk_identity_hint
-.Nd get PSK client identity and hint
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_get_psk_identity_hint "const SSL *ssl"
-.Ft const char *
-.Fn SSL_get_psk_identity "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_psk_identity_hint
-is used to retrieve the PSK identity hint used during the connection setup
-related to
-.Vt SSL
-object
-.Fa ssl .
-Similarly,
-.Fn SSL_get_psk_identity
-is used to retrieve the PSK identity used during the connection setup.
-.Sh RETURN VALUES
-If
-.Pf non- Dv NULL ,
-.Fn SSL_get_psk_identity_hint
-returns the PSK identity hint and
-.Fn SSL_get_psk_identity
-returns the PSK identity.
-Both are
-.Dv NULL Ns -terminated.
-.Fn SSL_get_psk_identity_hint
-may return
-.Dv NULL
-if no PSK identity hint was used during the connection setup.
-.Pp
-Note that the return value is valid only during the lifetime of the
-.Vt SSL
-object
-.Fa ssl .
diff --git a/lib/libssl/src/doc/ssl/SSL_get_rbio.3 b/lib/libssl/src/doc/ssl/SSL_get_rbio.3
deleted file mode 100644
index 4455692eac7..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_rbio.3
+++ /dev/null
@@ -1,45 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_rbio.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_RBIO 3
-.Os
-.Sh NAME
-.Nm SSL_get_rbio ,
-.Nm SSL_get_wbio
-.Nd get BIO linked to an SSL object
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft BIO *
-.Fn SSL_get_rbio "SSL *ssl"
-.Ft BIO *
-.Fn SSL_get_wbio "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_rbio
-and
-.Fn SSL_get_wbio
-return pointers to the
-.Vt BIO Ns s
-for the read or the write channel, which can be different.
-The reference count of the
-.Vt BIO
-is not incremented.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-No
-.Vt BIO
-was connected to the
-.Vt SSL
-object.
-.It Any other pointer
-The
-.Vt BIO
-linked to
-.Fa ssl .
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_set_bio 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_session.3 b/lib/libssl/src/doc/ssl/SSL_get_session.3
deleted file mode 100644
index 435fe209560..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_session.3
+++ /dev/null
@@ -1,97 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_session.3,v 1.3 2014/12/04 18:27:10 schwarze Exp $
-.\"
-.Dd $Mdocdate: December 4 2014 $
-.Dt SSL_GET_SESSION 3
-.Os
-.Sh NAME
-.Nm SSL_get_session ,
-.Nm SSL_get0_session ,
-.Nm SSL_get1_session
-.Nd retrieve TLS/SSL session data
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL_SESSION *
-.Fn SSL_get_session "const SSL *ssl"
-.Ft SSL_SESSION *
-.Fn SSL_get0_session "const SSL *ssl"
-.Ft SSL_SESSION *
-.Fn SSL_get1_session "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_session
-returns a pointer to the
-.Vt SSL_SESSION
-actually used in
-.Fa ssl .
-The reference count of the
-.Vt SSL_SESSION
-is not incremented, so that the pointer can become invalid by other operations.
-.Pp
-.Fn SSL_get0_session
-is the same as
-.Fn SSL_get_session .
-.Pp
-.Fn SSL_get1_session
-is the same as
-.Fn SSL_get_session ,
-but the reference count of the
-.Vt SSL_SESSION
-is incremented by one.
-.Sh NOTES
-The
-Fa ssl
-session contains all information required to re-establish the connection
-without a new handshake.
-.Pp
-.Fn SSL_get0_session
-returns a pointer to the actual session.
-As the reference counter is not incremented,
-the pointer is only valid while the connection is in use.
-If
-.Xr SSL_clear 3
-or
-.Xr SSL_free 3
-is called, the session may be removed completely (if considered bad),
-and the pointer obtained will become invalid.
-Even if the session is valid,
-it can be removed at any time due to timeout during
-.Xr SSL_CTX_flush_sessions 3 .
-.Pp
-If the data is to be kept,
-.Fn SSL_get1_session
-will increment the reference count, so that the session will not be implicitly
-removed by other operations but stays in memory.
-In order to remove the session
-.Xr SSL_SESSION_free 3
-must be explicitly called once to decrement the reference count again.
-.Pp
-.Vt SSL_SESSION
-objects keep internal link information about the session cache list when being
-inserted into one
-.Vt SSL_CTX
-object's session cache.
-One
-.Vt SSL_SESSION
-object, regardless of its reference count, must therefore only be used with one
-.Vt SSL_CTX
-object (and the
-.Vt SSL
-objects created from this
-.Vt SSL_CTX
-object).
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-There is no session available in
-.Fa ssl .
-.It Pointer to an Vt SSL
-The return value points to the data of an
-.Vt SSL
-session.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_SESSION_free 3
diff --git a/lib/libssl/src/doc/ssl/SSL_get_verify_result.3 b/lib/libssl/src/doc/ssl/SSL_get_verify_result.3
deleted file mode 100644
index e89e3dea612..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_verify_result.3
+++ /dev/null
@@ -1,49 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_verify_result.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_VERIFY_RESULT 3
-.Os
-.Sh NAME
-.Nm SSL_get_verify_result
-.Nd get result of peer certificate verification
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft long
-.Fn SSL_get_verify_result "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_verify_result
-returns the result of the verification of the X509 certificate presented by the
-peer, if any.
-.Sh NOTES
-.Fn SSL_get_verify_result
-can only return one error code while the verification of a certificate can fail
-because of many reasons at the same time.
-Only the last verification error that occurred during the processing is
-available from
-.Fn SSL_get_verify_result .
-.Pp
-The verification result is part of the established session and is restored when
-a session is reused.
-.Sh RETURN VALUES
-The following return values can currently occur:
-.Bl -tag -width Ds
-.It Dv X509_V_OK
-The verification succeeded or no peer certificate was presented.
-.It Any other value
-Documented in
-.Xr openssl 1 .
-.El
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_get_peer_certificate 3 ,
-.Xr SSL_set_verify_result 3
-.Sh BUGS
-If no peer certificate was presented, the returned result code is
-.Dv X509_V_OK .
-This is because no verification error occurred;
-however, it does not indicate success.
-.Fn SSL_get_verify_result
-is only useful in connection with
-.Xr SSL_get_peer_certificate 3 .
diff --git a/lib/libssl/src/doc/ssl/SSL_get_version.3 b/lib/libssl/src/doc/ssl/SSL_get_version.3
deleted file mode 100644
index ecfd005f121..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_get_version.3
+++ /dev/null
@@ -1,35 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_get_version.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_GET_VERSION 3
-.Os
-.Sh NAME
-.Nm SSL_get_version
-.Nd get the protocol version of a connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_get_version "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_get_version
-returns the name of the protocol used for the connection
-.Fa ssl .
-.Sh RETURN VALUES
-The following strings can be returned:
-.Bl -tag -width Ds
-.It Qq SSLv2
-The connection uses the SSLv2 protocol.
-.It Qq SSLv3
-The connection uses the SSLv3 protocol.
-.It Qq TLSv1
-The connection uses the TLSv1.0 protocol.
-.It Qq TLSv1.1
-The connection uses the TLSv1.1 protocol.
-.It Qq TLSv1.2
-The connection uses the TLSv1.2 protocol.
-.It Qq unknown
-This indicates that no version has been set (no connection established).
-.El
-.Sh SEE ALSO
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_library_init.3 b/lib/libssl/src/doc/ssl/SSL_library_init.3
deleted file mode 100644
index 0c84c5d9c90..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_library_init.3
+++ /dev/null
@@ -1,54 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_library_init.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_LIBRARY_INIT 3
-.Os
-.Sh NAME
-.Nm SSL_library_init ,
-.Nm OpenSSL_add_ssl_algorithms ,
-.Nm SSLeay_add_ssl_algorithms
-.Nd initialize SSL library by registering algorithms
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_library_init void
-.Fd #define OpenSSL_add_ssl_algorithms() SSL_library_init()
-.Fd #define SSLeay_add_ssl_algorithms() SSL_library_init()
-.Sh DESCRIPTION
-.Fn SSL_library_init
-registers the available SSL/TLS ciphers and digests.
-.Pp
-.Fn OpenSSL_add_ssl_algorithms
-and
-.Fn SSLeay_add_ssl_algorithms
-are synonyms for
-.Fn SSL_library_init .
-.Sh NOTES
-.Fn SSL_library_init
-must be called before any other action takes place.
-.Fn SSL_library_init
-is not reentrant.
-.Sh WARNING
-.Fn SSL_library_init
-adds ciphers and digests used directly and indirectly by SSL/TLS.
-.Sh RETURN VALUES
-.Fn SSL_library_init
-always returns 1, so it is safe to discard the return value.
-.Sh EXAMPLES
-A typical TLS/SSL application will start with the library initialization, and
-provide readable error messages.
-.Bd -literal
-SSL_load_error_strings();                /* readable error messages */
-SSL_library_init();                      /* initialize library */
-.Ed
-.Sh NOTES
-OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to
-.Fn SSL_library_init .
-Applications which need to use SHA2 in earlier versions of OpenSSL should call
-.Fn OpenSSL_add_all_algorithms
-as well.
-.Sh SEE ALSO
-.Xr RAND_add 3 ,
-.Xr ssl 3 ,
-.Xr SSL_load_error_strings 3
diff --git a/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.3 b/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.3
deleted file mode 100644
index d1f085583f6..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_load_client_CA_file.3
+++ /dev/null
@@ -1,53 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_load_client_CA_file.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_LOAD_CLIENT_CA_FILE 3
-.Os
-.Sh NAME
-.Nm SSL_load_client_CA_file
-.Nd load certificate names from file
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft STACK_OF(X509_NAME) *
-.Fn SSL_load_client_CA_file "const char *file"
-.Sh DESCRIPTION
-.Fn SSL_load_client_CA_file
-reads certificates from
-.Fa file
-and returns a
-.Dv STACK_OF Ns
-.Pq Vt X509_NAME
-with the subject names found.
-.Sh NOTES
-.Fn SSL_load_client_CA_file
-reads a file of PEM formatted certificates and extracts the
-.Vt X509_NAME Ns s
-of the certificates found.
-While the name suggests the specific usage as support function for
-.Xr SSL_CTX_set_client_CA_list 3 ,
-it is not limited to CA certificates.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-The operation failed, check out the error stack for the reason.
-.It Pointer to Dv STACK_OF Ns Po Vt X509_NAME Pc
-Pointer to the subject names of the successfully read certificates.
-.El
-.Sh EXAMPLES
-Load names of CAs from file and use it as a client CA list:
-.Bd -literal
-SSL_CTX *ctx;
-STACK_OF(X509_NAME) *cert_names;
-\&...
-cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
-if (cert_names != NULL)
-	SSL_CTX_set_client_CA_list(ctx, cert_names);
-else
-	error_handling();
-\&...
-.Ed
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_client_CA_list 3
diff --git a/lib/libssl/src/doc/ssl/SSL_new.3 b/lib/libssl/src/doc/ssl/SSL_new.3
deleted file mode 100644
index 884b51270bb..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_new.3
+++ /dev/null
@@ -1,41 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_new.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_NEW 3
-.Os
-.Sh NAME
-.Nm SSL_new
-.Nd create a new SSL structure for a connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft SSL *
-.Fn SSL_new "SSL_CTX *ctx"
-.Sh DESCRIPTION
-.Fn SSL_new
-creates a new
-.Vt SSL
-structure which is needed to hold the data for a TLS/SSL connection.
-The new structure inherits the settings of the underlying context
-.Fa ctx :
-connection method (SSLv2/v3/TLSv1), options, verification settings,
-timeout settings.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It Dv NULL
-The creation of a new
-.Vt SSL
-structure failed.
-Check the error stack to find out the reason.
-.It Pointer to an Vt SSL No structure
-The return value points to an allocated
-.Vt SSL
-structure.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_get_SSL_CTX 3
diff --git a/lib/libssl/src/doc/ssl/SSL_pending.3 b/lib/libssl/src/doc/ssl/SSL_pending.3
deleted file mode 100644
index 25ef4ea0bae..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_pending.3
+++ /dev/null
@@ -1,44 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_pending.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_PENDING 3
-.Os
-.Sh NAME
-.Nm SSL_pending
-.Nd obtain number of readable bytes buffered in an SSL object
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_pending "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_pending
-returns the number of bytes which are available inside
-.Fa ssl
-for immediate read.
-.Sh NOTES
-Data are received in blocks from the peer.
-Therefore data can be buffered inside
-.Fa ssl
-and are ready for immediate retrieval with
-.Xr SSL_read 3 .
-.Sh RETURN VALUES
-The number of bytes pending is returned.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_read 3
-.Sh BUGS
-.Fn SSL_pending
-takes into account only bytes from the TLS/SSL record that is currently being
-processed (if any).
-If the
-.Vt SSL
-object's
-.Em read_ahead
-flag is set, additional protocol bytes may have been read containing more
-TLS/SSL records; these are ignored by
-.Fn SSL_pending .
-.Pp
-Up to OpenSSL 0.9.6,
-.Fn SSL_pending
-does not check if the record type of pending data is application data.
diff --git a/lib/libssl/src/doc/ssl/SSL_read.3 b/lib/libssl/src/doc/ssl/SSL_read.3
deleted file mode 100644
index d6e59609588..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_read.3
+++ /dev/null
@@ -1,193 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_read.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_READ 3
-.Os
-.Sh NAME
-.Nm SSL_read
-.Nd read bytes from a TLS/SSL connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_read "SSL *ssl" "void *buf" "int num"
-.Sh DESCRIPTION
-.Fn SSL_read
-tries to read
-.Fa num
-bytes from the specified
-.Fa ssl
-into the buffer
-.Fa buf .
-.Sh NOTES
-If necessary,
-.Fn SSL_read
-will negotiate a TLS/SSL session, if not already explicitly performed by
-.Xr SSL_connect 3
-or
-.Xr SSL_accept 3 .
-If the peer requests a re-negotiation,
-it will be performed transparently during the
-.Fn SSL_read
-operation.
-The behaviour of
-.Fn SSL_read
-depends on the underlying
-.Vt BIO .
-.Pp
-For the transparent negotiation to succeed, the
-.Fa ssl
-must have been initialized to client or server mode.
-This is being done by calling
-.Xr SSL_set_connect_state 3
-or
-.Xr SSL_set_accept_state 3
-before the first call to
-.Fn SSL_read
-or
-.Xr SSL_write 3 .
-.Pp
-.Fn SSL_read
-works based on the SSL/TLS records.
-The data are received in records (with a maximum record size of 16kB for
-SSLv3/TLSv1).
-Only after a record has been completely received can it be processed
-(decrypted and checked for integrity).
-Therefore data not retrieved at the last call of
-.Fn SSL_read
-can still be buffered inside the SSL layer and will be retrieved on the next
-call to
-.Fn SSL_read .
-If
-.Fa num
-is higher than the number of bytes buffered,
-.Fn SSL_read
-will return with the bytes buffered.
-If no more bytes are in the buffer,
-.Fn SSL_read
-will trigger the processing of the next record.
-Only when the record has been received and processed completely will
-.Fn SSL_read
-return reporting success.
-At most the contents of the record will be returned.
-As the size of an SSL/TLS record may exceed the maximum packet size of the
-underlying transport (e.g., TCP), it may be necessary to read several packets
-from the transport layer before the record is complete and
-.Fn SSL_read
-can succeed.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_read
-will only return once the read operation has been finished or an error
-has occurred, except when a renegotiation take place, in which case a
-.Dv SSL_ERROR_WANT_READ
-may occur.
-This behavior can be controlled with the
-.Dv SSL_MODE_AUTO_RETRY
-flag of the
-.Xr SSL_CTX_set_mode 3
-call.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_read
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_read
-to continue the operation.
-In this case a call to
-.Xr SSL_get_error 3
-with the return value of
-.Fn SSL_read
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-As at any time a re-negotiation is possible, a call to
-.Fn SSL_read
-can also cause write operations!
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_read .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Pp
-.Xr SSL_pending 3
-can be used to find out whether there are buffered bytes available for
-immediate retrieval.
-In this case
-.Fn SSL_read
-can be called without blocking or actually receiving new data from the
-underlying socket.
-.Sh WARNING
-When an
-.Fn SSL_read
-operation has to be repeated because of
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE ,
-it must be repeated with the same arguments.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It >0
-The read operation was successful; the return value is the number of bytes
-actually read from the TLS/SSL connection.
-.It 0
-The read operation was not successful.
-The reason may either be a clean shutdown due to a
-.Dq close notify
-alert sent by the peer (in which case the
-.Dv SSL_RECEIVED_SHUTDOWN
-flag in the ssl shutdown state is set (see
-.Xr SSL_shutdown 3
-and
-.Xr SSL_set_shutdown 3 ) .
-It is also possible that the peer simply shut down the underlying transport and
-the shutdown is incomplete.
-Call
-.Fn SSL_get_error
-with the return value to find out whether an error occurred or the connection
-was shut down cleanly
-.Pq Dv SSL_ERROR_ZERO_RETURN .
-.Pp
-SSLv2 (deprecated) does not support a shutdown alert protocol, so it can only
-be detected whether the underlying connection was closed.
-It cannot be checked whether the closure was initiated by the peer or by
-something else.
-.It <0
-The read operation was not successful, because either an error occurred or
-action must be taken by the calling process.
-Call
-.Fn SSL_get_error
-with the return value to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_set_mode 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_pending 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3 ,
-.Xr SSL_write 3
diff --git a/lib/libssl/src/doc/ssl/SSL_rstate_string.3 b/lib/libssl/src/doc/ssl/SSL_rstate_string.3
deleted file mode 100644
index 81d83e52a17..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_rstate_string.3
+++ /dev/null
@@ -1,55 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_rstate_string.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_RSTATE_STRING 3
-.Os
-.Sh NAME
-.Nm SSL_rstate_string ,
-.Nm SSL_rstate_string_long
-.Nd get textual description of state of an SSL object during read operation
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_rstate_string "SSL *ssl"
-.Ft const char *
-.Fn SSL_rstate_string_long "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_rstate_string
-returns a 2-letter string indicating the current read state of the
-.Vt SSL
-object
-.Fa ssl .
-.Pp
-.Fn SSL_rstate_string_long
-returns a string indicating the current read state of the
-.Vt SSL
-object
-.Fa ssl .
-.Sh NOTES
-When performing a read operation, the SSL/TLS engine must parse the record,
-consisting of header and body.
-When working in a blocking environment,
-.Fn SSL_rstate_string[_long]
-should always return
-.Qo RD Qc Ns / Ns Qo read done Qc .
-.Pp
-This function should only seldom be needed in applications.
-.Sh RETURN VALUES
-.Fn SSL_rstate_string
-and
-.Fn SSL_rstate_string_long
-can return the following values:
-.Bl -tag -width Ds
-.It Qo RH Qc Ns / Ns Qo read header Qc
-The header of the record is being evaluated.
-.It Qo RB Qc Ns / Ns Qo read body Qc
-The body of the record is being evaluated.
-.It Qo RD Qc Ns / Ns Qo read done Qc
-The record has been completely processed.
-.It Qo unknown Qc Ns / Ns Qo unknown Qc
-The read state is unknown.
-This should never happen.
-.El
-.Sh SEE ALSO
-.Xr ssl 3
diff --git a/lib/libssl/src/doc/ssl/SSL_session_reused.3 b/lib/libssl/src/doc/ssl/SSL_session_reused.3
deleted file mode 100644
index 6ea45f749bc..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_session_reused.3
+++ /dev/null
@@ -1,32 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_session_reused.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SESSION_REUSED 3
-.Os
-.Sh NAME
-.Nm SSL_session_reused
-.Nd query whether a reused session was negotiated during handshake
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_session_reused "SSL *ssl"
-.Sh DESCRIPTION
-Query whether a reused session was negotiated during the handshake.
-.Sh NOTES
-During the negotiation, a client can propose to reuse a session.
-The server then looks up the session in its cache.
-If both client and server agree on the session,
-it will be reused and a flag is set that can be queried by the application.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-A new session was negotiated.
-.It 1
-A session was reused.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_set_session 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_bio.3 b/lib/libssl/src/doc/ssl/SSL_set_bio.3
deleted file mode 100644
index 7e2611e0006..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_bio.3
+++ /dev/null
@@ -1,51 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_bio.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SET_BIO 3
-.Os
-.Sh NAME
-.Nm SSL_set_bio
-.Nd connect the SSL object with a BIO
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_set_bio "SSL *ssl" "BIO *rbio" "BIO *wbio"
-.Sh DESCRIPTION
-.Fn SSL_set_bio
-connects the
-.Vt BIO Ns
-s
-.Fa rbio
-and
-.Fa wbio
-for the read and write operations of the TLS/SSL (encrypted) side of
-.Fa ssl .
-.Pp
-The SSL engine inherits the behaviour of
-.Fa rbio
-and
-.Fa wbio ,
-respectively.
-If a
-.Vt BIO
-is non-blocking, the
-.Fa ssl
-will also have non-blocking behaviour.
-.Pp
-If there was already a
-.Vt BIO
-connected to
-.Fa ssl ,
-.Xr BIO_free 3
-will be called (for both the reading and writing side, if different).
-.Sh RETURN VALUES
-.Fn SSL_set_bio
-cannot fail.
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_get_rbio 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_connect_state.3 b/lib/libssl/src/doc/ssl/SSL_set_connect_state.3
deleted file mode 100644
index 291d9ac177b..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_connect_state.3
+++ /dev/null
@@ -1,71 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_connect_state.3,v 1.3 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt SSL_SET_CONNECT_STATE 3
-.Os
-.Sh NAME
-.Nm SSL_set_connect_state ,
-.Nm SSL_set_accept_state
-.Nd prepare SSL object to work in client or server mode
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_set_connect_state "SSL *ssl"
-.Ft void
-.Fn SSL_set_accept_state "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_set_connect_state
-sets
-.Fa ssl
-to work in client mode.
-.Pp
-.Fn SSL_set_accept_state
-sets
-.Fa ssl
-to work in server mode.
-.Sh NOTES
-When the
-.Vt SSL_CTX
-object was created with
-.Xr SSL_CTX_new 3 ,
-it was either assigned a dedicated client method, a dedicated server method, or
-a generic method, that can be used for both client and server connections.
-(The method might have been changed with
-.Xr SSL_CTX_set_ssl_version 3
-or
-.Xr SSL_set_ssl_method 3 . )
-.Pp
-When beginning a new handshake, the SSL engine must know whether it must call
-the connect (client) or accept (server) routines.
-Even though it may be clear from the method chosen whether client or server
-mode was requested, the handshake routines must be explicitly set.
-.Pp
-When using the
-.Xr SSL_connect 3
-or
-.Xr SSL_accept 3
-routines, the correct handshake routines are automatically set.
-When performing a transparent negotiation using
-.Xr SSL_write 3
-or
-.Xr SSL_read 3 ,
-the handshake routines must be explicitly set in advance using either
-.Fn SSL_set_connect_state
-or
-.Fn SSL_set_accept_state .
-.Sh RETURN VALUES
-.Fn SSL_set_connect_state
-and
-.Fn SSL_set_accept_state
-do not return diagnostic information.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_set_ssl_version 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_write 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_fd.3 b/lib/libssl/src/doc/ssl/SSL_set_fd.3
deleted file mode 100644
index 94e0c7614a5..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_fd.3
+++ /dev/null
@@ -1,73 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_fd.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SET_FD 3
-.Os
-.Sh NAME
-.Nm SSL_set_fd ,
-.Nm SSL_set_rfd ,
-.Nm SSL_set_wfd
-.Nd connect the SSL object with a file descriptor
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_set_fd "SSL *ssl" "int fd"
-.Ft int
-.Fn SSL_set_rfd "SSL *ssl" "int fd"
-.Ft int
-.Fn SSL_set_wfd "SSL *ssl" "int fd"
-.Sh DESCRIPTION
-.Fn SSL_set_fd
-sets the file descriptor
-.Fa fd
-as the input/output facility for the TLS/SSL (encrypted) side of
-.Fa ssl .
-.Fa fd
-will typically be the socket file descriptor of a network connection.
-.Pp
-When performing the operation, a socket
-.Vt BIO
-is automatically created to interface between the
-.Fa ssl
-and
-.Fa fd .
-The
-.Vt BIO
-and hence the SSL engine inherit the behaviour of
-.Fa fd .
-If
-.Fa fd
-is non-blocking, the
-.Fa ssl
-will also have non-blocking behaviour.
-.Pp
-If there was already a
-.Vt BIO
-connected to
-.Fa ssl ,
-.Xr BIO_free 3
-will be called (for both the reading and writing side, if different).
-.Pp
-.Fn SSL_set_rfd
-and
-.Fn SSL_set_wfd
-perform the respective action, but only for the read channel or the write
-channel, which can be set independently.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The operation failed.
-Check the error stack to find out why.
-.It 1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_get_fd 3 ,
-.Xr SSL_set_bio 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_session.3 b/lib/libssl/src/doc/ssl/SSL_set_session.3
deleted file mode 100644
index 8b4b78b6e28..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_session.3
+++ /dev/null
@@ -1,68 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_session.3,v 1.3 2015/09/14 15:14:55 schwarze Exp $
-.\"
-.Dd $Mdocdate: September 14 2015 $
-.Dt SSL_SET_SESSION 3
-.Os
-.Sh NAME
-.Nm SSL_set_session
-.Nd set a TLS/SSL session to be used during TLS/SSL connect
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_set_session "SSL *ssl" "SSL_SESSION *session"
-.Sh DESCRIPTION
-.Fn SSL_set_session
-sets
-.Fa session
-to be used when the TLS/SSL connection is to be established.
-.Fn SSL_set_session
-is only useful for TLS/SSL clients.
-When the session is set, the reference count of
-.Fa session
-is incremented
-by 1.
-If the session is not reused, the reference count is decremented again during
-.Fn SSL_connect .
-Whether the session was reused can be queried with the
-.Xr SSL_session_reused 3
-call.
-.Pp
-If there is already a session set inside
-.Fa ssl
-(because it was set with
-.Fn SSL_set_session
-before or because the same
-.Fa ssl
-was already used for a connection),
-.Xr SSL_SESSION_free 3
-will be called for that session.
-.Sh NOTES
-.Vt SSL_SESSION
-objects keep internal link information about the session cache list when being
-inserted into one
-.Vt SSL_CTX
-object's session cache.
-One
-.Vt SSL_SESSION
-object, regardless of its reference count, must therefore only be used with one
-.Vt SSL_CTX
-object (and the
-.Vt SSL
-objects created from this
-.Vt SSL_CTX
-object).
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The operation failed; check the error stack to find out the reason.
-.It 1
-The operation succeeded.
-.El
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_get_session 3 ,
-.Xr SSL_SESSION_free 3 ,
-.Xr SSL_session_reused 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_shutdown.3 b/lib/libssl/src/doc/ssl/SSL_set_shutdown.3
deleted file mode 100644
index 546b52dad56..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_shutdown.3
+++ /dev/null
@@ -1,88 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_shutdown.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SET_SHUTDOWN 3
-.Os
-.Sh NAME
-.Nm SSL_set_shutdown ,
-.Nm SSL_get_shutdown
-.Nd manipulate shutdown state of an SSL connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_set_shutdown "SSL *ssl" "int mode"
-.Ft int
-.Fn SSL_get_shutdown "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_set_shutdown
-sets the shutdown state of
-.Fa ssl
-to
-.Fa mode .
-.Pp
-.Fn SSL_get_shutdown
-returns the shutdown mode of
-.Fa ssl .
-.Sh NOTES
-The shutdown state of an ssl connection is a bitmask of:
-.Bl -tag -width Ds
-.It 0
-No shutdown setting, yet.
-.It Dv SSL_SENT_SHUTDOWN
-A
-.Dq close notify
-shutdown alert was sent to the peer; the connection is being considered closed
-and the session is closed and correct.
-.It Dv SSL_RECEIVED_SHUTDOWN
-A shutdown alert was received form the peer, either a normal
-.Dq close notify
-or a fatal error.
-.El
-.Pp
-.Dv SSL_SENT_SHUTDOWN
-and
-.Dv SSL_RECEIVED_SHUTDOWN
-can be set at the same time.
-.Pp
-The shutdown state of the connection is used to determine the state of the
-.Fa ssl
-session.
-If the session is still open when
-.Xr SSL_clear 3
-or
-.Xr SSL_free 3
-is called, it is considered bad and removed according to RFC2246.
-The actual condition for a correctly closed session is
-.Dv SSL_SENT_SHUTDOWN
-(according to the TLS RFC, it is acceptable to only send the
-.Dq close notify
-alert but to not wait for the peer's answer when the underlying connection is
-closed).
-.Fn SSL_set_shutdown
-can be used to set this state without sending a close alert to the peer (see
-.Xr SSL_shutdown 3 ) .
-.Pp
-If a
-.Dq close notify
-was received,
-.Dv SSL_RECEIVED_SHUTDOWN
-will be set, but to set
-.Dv SSL_SENT_SHUTDOWN
-the application must still call
-.Xr SSL_shutdown 3
-or
-.Fn SSL_set_shutdown
-itself.
-.Sh RETURN VALUES
-.Fn SSL_set_shutdown
-does not return diagnostic information.
-.Pp
-.Fn SSL_get_shutdown
-returns the current setting.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_CTX_set_quiet_shutdown 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_set_verify_result.3 b/lib/libssl/src/doc/ssl/SSL_set_verify_result.3
deleted file mode 100644
index 9d5474d07a0..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_set_verify_result.3
+++ /dev/null
@@ -1,42 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_set_verify_result.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SET_VERIFY_RESULT 3
-.Os
-.Sh NAME
-.Nm SSL_set_verify_result
-.Nd override result of peer certificate verification
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft void
-.Fn SSL_set_verify_result "SSL *ssl" "long verify_result"
-.Sh DESCRIPTION
-.Fn SSL_set_verify_result
-sets
-.Fa verify_result
-of the object
-.Fa ssl
-to be the result of the verification of the X509 certificate presented by the
-peer, if any.
-.Sh NOTES
-.Fn SSL_set_verify_result
-overrides the verification result.
-It only changes the verification result of the
-.Fa ssl
-object.
-It does not become part of the established session, so if the session is to be
-reused later, the original value will reappear.
-.Pp
-The valid codes for
-.Fa verify_result
-are documented in
-.Xr openssl 1 .
-.Sh RETURN VALUES
-.Fn SSL_set_verify_result
-does not provide a return value.
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr ssl 3 ,
-.Xr SSL_get_peer_certificate 3 ,
-.Xr SSL_get_verify_result 3
diff --git a/lib/libssl/src/doc/ssl/SSL_shutdown.3 b/lib/libssl/src/doc/ssl/SSL_shutdown.3
deleted file mode 100644
index 187e656fe3d..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_shutdown.3
+++ /dev/null
@@ -1,204 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_shutdown.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_SHUTDOWN 3
-.Os
-.Sh NAME
-.Nm SSL_shutdown
-.Nd shut down a TLS/SSL connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_shutdown "SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_shutdown
-shuts down an active TLS/SSL connection.
-It sends the
-.Dq close notify
-shutdown alert to the peer.
-.Sh NOTES
-.Fn SSL_shutdown
-tries to send the
-.Dq close notify
-shutdown alert to the peer.
-Whether the operation succeeds or not, the
-.Dv SSL_SENT_SHUTDOWN
-flag is set and a currently open session is considered closed and good and will
-be kept in the session cache for further reuse.
-.Pp
-The shutdown procedure consists of 2 steps: the sending of the
-.Dq close notify
-shutdown alert and the reception of the peer's
-.Dq close notify
-shutdown alert.
-According to the TLS standard, it is acceptable for an application to only send
-its shutdown alert and then close the underlying connection without waiting for
-the peer's response (this way resources can be saved, as the process can
-already terminate or serve another connection).
-When the underlying connection shall be used for more communications,
-the complete shutdown procedure (bidirectional
-.Dq close notify
-alerts) must be performed, so that the peers stay synchronized.
-.Pp
-.Fn SSL_shutdown
-supports both uni- and bidirectional shutdown by its 2 step behavior.
-.Pp
-When the application is the first party to send the
-.Dq close notify
-alert,
-.Fn SSL_shutdown
-will only send the alert and then set the
-.Dv SSL_SENT_SHUTDOWN
-flag (so that the session is considered good and will be kept in cache).
-.Fn SSL_shutdown
-will then return 0.
-If a unidirectional shutdown is enough
-(the underlying connection shall be closed anyway), this first call to
-.Fn SSL_shutdown
-is sufficient.
-In order to complete the bidirectional shutdown handshake,
-.Fn SSL_shutdown
-must be called again.
-The second call will make
-.Fn SSL_shutdown
-wait for the peer's
-.Dq close notify
-shutdown alert.
-On success, the second call to
-.Fn SSL_shutdown
-will return 1.
-.Pp
-If the peer already sent the
-.Dq close notify
-alert and it was already processed implicitly inside another function
-.Pq Xr SSL_read 3 ,
-the
-.Dv SSL_RECEIVED_SHUTDOWN
-flag is set.
-.Fn SSL_shutdown
-will send the
-.Dq close notify
-alert, set the
-.Dv SSL_SENT_SHUTDOWN
-flag and will immediately return with 1.
-Whether
-.Dv SSL_RECEIVED_SHUTDOWN
-is already set can be checked using the
-.Fn SSL_get_shutdown
-(see also the
-.Xr SSL_set_shutdown 3
-call).
-.Pp
-It is therefore recommended to check the return value of
-.Fn SSL_shutdown
-and call
-.Fn SSL_shutdown
-again, if the bidirectional shutdown is not yet complete (return value of the
-first call is 0).
-As the shutdown is not specially handled in the SSLv2 protocol,
-.Fn SSL_shutdown
-will succeed on the first call.
-.Pp
-The behaviour of
-.Fn SSL_shutdown
-additionally depends on the underlying
-.Vt BIO .
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_shutdown
-will only return once the
-handshake step has been finished or an error occurred.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_shutdown
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_shutdown
-to continue the handshake.
-In this case a call to
-.Xr SSL_get_error 3
-with the
-return value of
-.Fn SSL_shutdown
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_shutdown .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the
-.Vt BIO
-before being able to continue.
-.Pp
-.Fn SSL_shutdown
-can be modified to only set the connection to
-.Dq shutdown
-state but not actually send the
-.Dq close notify
-alert messages; see
-.Xr SSL_CTX_set_quiet_shutdown 3 .
-When
-.Dq quiet shutdown
-is enabled,
-.Fn SSL_shutdown
-will always succeed and return 1.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It 0
-The shutdown is not yet finished.
-Call
-.Fn SSL_shutdown
-for a second time, if a bidirectional shutdown shall be performed.
-The output of
-.Xr SSL_get_error 3
-may be misleading, as an erroneous
-.Dv SSL_ERROR_SYSCALL
-may be flagged even though no error occurred.
-.It 1
-The shutdown was successfully completed.
-The
-.Dq close notify
-alert was sent and the peer's
-.Dq close notify
-alert was received.
-.It \(mi1
-The shutdown was not successful because a fatal error occurred either
-at the protocol level or a connection failure occurred.
-It can also occur if action is need to continue the operation for non-blocking
-.Vt BIO Ns
-s.
-Call
-.Xr SSL_get_error 3
-with the return value
-.Fa ret
-to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_set_quiet_shutdown 3 ,
-.Xr SSL_free 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_set_shutdown 3
diff --git a/lib/libssl/src/doc/ssl/SSL_state_string.3 b/lib/libssl/src/doc/ssl/SSL_state_string.3
deleted file mode 100644
index e9a042a3ced..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_state_string.3
+++ /dev/null
@@ -1,57 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_state_string.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_STATE_STRING 3
-.Os
-.Sh NAME
-.Nm SSL_state_string ,
-.Nm SSL_state_string_long
-.Nd get textual description of state of an SSL object
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft const char *
-.Fn SSL_state_string "const SSL *ssl"
-.Ft const char *
-.Fn SSL_state_string_long "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_state_string
-returns a 6 letter string indicating the current state of the
-.Vt SSL
-object
-.Fa ssl .
-.Pp
-.Fn SSL_state_string_long
-returns a string indicating the current state of the
-.Vt SSL
-object
-.Fa ssl .
-.Sh NOTES
-During its use, an
-.Vt SSL
-object passes several states.
-The state is internally maintained.
-Querying the state information is not very informative before or when a
-connection has been established.
-It however can be of significant interest during the handshake.
-.Pp
-When using non-blocking sockets,
-the function call performing the handshake may return with
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE
-condition, so that
-.Fn SSL_state_string[_long]
-may be called.
-.Pp
-For both blocking or non-blocking sockets,
-the details state information can be used within the
-.Fn info_callback
-function set with the
-.Xr SSL_set_info_callback 3
-call.
-.Sh RETURN VALUES
-Detailed description of possible states to be included later.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_set_info_callback 3
diff --git a/lib/libssl/src/doc/ssl/SSL_want.3 b/lib/libssl/src/doc/ssl/SSL_want.3
deleted file mode 100644
index e9513c8793a..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_want.3
+++ /dev/null
@@ -1,103 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_want.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_WANT 3
-.Os
-.Sh NAME
-.Nm SSL_want ,
-.Nm SSL_want_nothing ,
-.Nm SSL_want_read ,
-.Nm SSL_want_write ,
-.Nm SSL_want_x509_lookup
-.Nd obtain state information TLS/SSL I/O operation
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_want "const SSL *ssl"
-.Ft int
-.Fn SSL_want_nothing "const SSL *ssl"
-.Ft int
-.Fn SSL_want_read "const SSL *ssl"
-.Ft int
-.Fn SSL_want_write "const SSL *ssl"
-.Ft int
-.Fn SSL_want_x509_lookup "const SSL *ssl"
-.Sh DESCRIPTION
-.Fn SSL_want
-returns state information for the
-.Vt SSL
-object
-.Fa ssl .
-.Pp
-The other
-.Fn SSL_want_*
-calls are shortcuts for the possible states returned by
-.Fn SSL_want .
-.Sh NOTES
-.Fn SSL_want
-examines the internal state information of the
-.Vt SSL
-object.
-Its return values are similar to those of
-.Xr SSL_get_error 3 .
-Unlike
-.Xr SSL_get_error 3 ,
-which also evaluates the error queue,
-the results are obtained by examining an internal state flag only.
-The information must therefore only be used for normal operation under
-non-blocking I/O.
-Error conditions are not handled and must be treated using
-.Xr SSL_get_error 3 .
-.Pp
-The result returned by
-.Fn SSL_want
-should always be consistent with the result of
-.Xr SSL_get_error 3 .
-.Sh RETURN VALUES
-The following return values can currently occur for
-.Fn SSL_want :
-.Bl -tag -width Ds
-.It .Dv SSL_NOTHING
-There is no data to be written or to be read.
-.It .Dv SSL_WRITING
-There are data in the SSL buffer that must be written to the underlying
-.Vt BIO
-layer in order to complete the actual
-.Fn SSL_*
-operation.
-A call to
-.Xr SSL_get_error 3
-should return
-.Dv SSL_ERROR_WANT_WRITE .
-.It Dv SSL_READING
-More data must be read from the underlying
-.Vt BIO
-layer in order to
-complete the actual
-.Fn SSL_*
-operation.
-A call to
-.Xr SSL_get_error 3
-should return
-.Dv SSL_ERROR_WANT_READ.
-.It Dv SSL_X509_LOOKUP
-The operation did not complete because an application callback set by
-.Xr SSL_CTX_set_client_cert_cb 3
-has asked to be called again.
-A call to
-.Xr SSL_get_error 3
-should return
-.Dv SSL_ERROR_WANT_X509_LOOKUP .
-.El
-.Pp
-.Fn SSL_want_nothing ,
-.Fn SSL_want_read ,
-.Fn SSL_want_write ,
-and
-.Fn SSL_want_x509_lookup
-return 1 when the corresponding condition is true or 0 otherwise.
-.Sh SEE ALSO
-.Xr err 3 ,
-.Xr ssl 3 ,
-.Xr SSL_get_error 3
diff --git a/lib/libssl/src/doc/ssl/SSL_write.3 b/lib/libssl/src/doc/ssl/SSL_write.3
deleted file mode 100644
index f020b8b59c9..00000000000
--- a/lib/libssl/src/doc/ssl/SSL_write.3
+++ /dev/null
@@ -1,175 +0,0 @@
-.\"
-.\"	$OpenBSD: SSL_write.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt SSL_WRITE 3
-.Os
-.Sh NAME
-.Nm SSL_write
-.Nd write bytes to a TLS/SSL connection
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft int
-.Fn SSL_write "SSL *ssl" "const void *buf" "int num"
-.Sh DESCRIPTION
-.Fn SSL_write
-writes
-.Fa num
-bytes from the buffer
-.Fa buf
-into the specified
-.Fa ssl
-connection.
-.Sh NOTES
-If necessary,
-.Fn SSL_write
-will negotiate a TLS/SSL session, if not already explicitly performed by
-.Xr SSL_connect 3
-or
-.Xr SSL_accept 3 .
-If the peer requests a re-negotiation,
-it will be performed transparently during the
-.Fn SSL_write
-operation.
-The behaviour of
-.Fn SSL_write
-depends on the underlying
-.Vt BIO .
-.Pp
-For the transparent negotiation to succeed, the
-.Fa ssl
-must have been initialized to client or server mode.
-This is being done by calling
-.Xr SSL_set_connect_state 3
-or
-.Xr SSL_set_accept_state 3
-before the first call to an
-.Xr SSL_read 3
-or
-.Fn SSL_write
-function.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em blocking ,
-.Fn SSL_write
-will only return once the write operation has been finished or an error
-occurred, except when a renegotiation take place, in which case a
-.Dv SSL_ERROR_WANT_READ
-may occur.
-This behaviour can be controlled with the
-.Dv SSL_MODE_AUTO_RETRY
-flag of the
-.Xr SSL_CTX_set_mode 3
-call.
-.Pp
-If the underlying
-.Vt BIO
-is
-.Em non-blocking ,
-.Fn SSL_write
-will also return when the underlying
-.Vt BIO
-could not satisfy the needs of
-.Fn SSL_write
-to continue the operation.
-In this case a call to
-.Xr SSL_get_error 3
-with the return value of
-.Fn SSL_write
-will yield
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE .
-As at any time a re-negotiation is possible, a call to
-.Fn SSL_write
-can also cause read operations!
-The calling process then must repeat the call after taking appropriate action
-to satisfy the needs of
-.Fn SSL_write .
-The action depends on the underlying
-.Vt BIO .
-When using a non-blocking socket, nothing is to be done, but
-.Xr select 2
-can be used to check for the required condition.
-When using a buffering
-.Vt BIO ,
-like a
-.Vt BIO
-pair, data must be written into or retrieved out of the BIO before being able
-to continue.
-.Pp
-.Fn SSL_write
-will only return with success, when the complete contents of
-.Fa buf
-of length
-.Fa num
-have been written.
-This default behaviour can be changed with the
-.Dv SSL_MODE_ENABLE_PARTIAL_WRITE
-option of
-.Xr SSL_CTX_set_mode 3 .
-When this flag is set,
-.Fn SSL_write
-will also return with success when a partial write has been successfully
-completed.
-In this case the
-.Fn SSL_write
-operation is considered completed.
-The bytes are sent and a new
-.Fn SSL_write
-operation with a new buffer (with the already sent bytes removed) must be
-started.
-A partial write is performed with the size of a message block, which is 16kB
-for SSLv3/TLSv1.
-.Sh WARNING
-When an
-.Fn SSL_write
-operation has to be repeated because of
-.Dv SSL_ERROR_WANT_READ
-or
-.Dv SSL_ERROR_WANT_WRITE ,
-it must be repeated with the same arguments.
-.Pp
-When calling
-.Fn SSL_write
-with
-.Fa num Ns
-=0 bytes to be sent the behaviour is undefined.
-.Sh RETURN VALUES
-The following return values can occur:
-.Bl -tag -width Ds
-.It >0
-The write operation was successful.
-The return value is the number of bytes actually written to the TLS/SSL
-connection.
-.It 0
-The write operation was not successful.
-Probably the underlying connection was closed.
-Call
-.Xr SSL_get_error 3
-with the return value to find out whether an error occurred or the connection
-was shut down cleanly
-.Pq Dv SSL_ERROR_ZERO_RETURN .
-.Pp
-SSLv2 (deprecated) does not support a shutdown alert protocol, so it can only
-be detected whether the underlying connection was closed.
-It cannot be checked why the closure happened.
-.It <0
-The write operation was not successful, because either an error occurred or
-action must be taken by the calling process.
-Call
-.Xr SSL_get_error 3
-with the return value to find out the reason.
-.El
-.Sh SEE ALSO
-.Xr bio 3 ,
-.Xr ssl 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_set_mode 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_set_connect_state 3
diff --git a/lib/libssl/src/doc/ssl/d2i_SSL_SESSION.3 b/lib/libssl/src/doc/ssl/d2i_SSL_SESSION.3
deleted file mode 100644
index ef8a36de79b..00000000000
--- a/lib/libssl/src/doc/ssl/d2i_SSL_SESSION.3
+++ /dev/null
@@ -1,129 +0,0 @@
-.\"
-.\"	$OpenBSD: d2i_SSL_SESSION.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
-.\"
-.Dd $Mdocdate: December 2 2014 $
-.Dt D2I_SSL_SESSION 3
-.Os
-.Sh NAME
-.Nm d2i_SSL_SESSION ,
-.Nm i2d_SSL_SESSION
-.Nd convert SSL_SESSION object from/to ASN1 representation
-.Sh SYNOPSIS
-.In openssl/ssl.h
-.Ft  SSL_SESSION *
-.Fn d2i_SSL_SESSION "SSL_SESSION **a" "const unsigned char **pp" "long length"
-.Ft  int
-.Fn i2d_SSL_SESSION "SSL_SESSION *in" "unsigned char **pp"
-.Sh DESCRIPTION
-.Fn d2i_SSL_SESSION
-transforms the external ASN1 representation of an SSL/TLS session,
-stored as binary data at location
-.Fa pp
-with length
-.Fa length ,
-into
-an
-.Vt SSL_SESSION
-object.
-.Pp
-.Fn i2d_SSL_SESSION
-transforms the
-.Vt SSL_SESSION
-object
-.Fa in
-into the ASN1 representation and stores it into the memory location pointed to
-by
-.Fa pp .
-The length of the resulting ASN1 representation is returned.
-If
-.Fa pp
-is the
-.Dv NULL
-pointer, only the length is calculated and returned.
-.Sh NOTES
-The
-.Vt SSL_SESSION
-object is built from several
-.Xr malloc 3 Ns
--ed parts; it can therefore not be moved, copied or stored directly.
-In order to store session data on disk or into a database,
-it must be transformed into a binary ASN1 representation.
-.Pp
-When using
-.Fn d2i_SSL_SESSION ,
-the
-.Vt SSL_SESSION
-object is automatically allocated.
-The reference count is 1, so that the session must be explicitly removed using
-.Xr SSL_SESSION_free 3 ,
-unless the
-.Vt SSL_SESSION
-object is completely taken over, when being called inside the
-.Xr get_session_cb 3
-(see
-.Xr SSL_CTX_sess_set_get_cb 3 ) .
-.Pp
-.Vt SSL_SESSION
-objects keep internal link information about the session cache list when being
-inserted into one
-.Vt SSL_CTX
-object's session cache.
-One
-.Vt SSL_SESSION
-object, regardless of its reference count, must therefore only be used with one
-.Vt SSL_CTX
-object (and the
-.Vt SSL
-objects created from this
-.Vt SSL_CTX
-object).
-.Pp
-When using
-.Fn i2d_SSL_SESSION ,
-the memory location pointed to by
-.Fa pp
-must be large enough to hold the binary representation of the session.
-There is no known limit on the size of the created ASN1 representation,
-so the necessary amount of space should be obtained by first calling
-.Fn i2d_SSL_SESSION
-with
-.Fa pp Ns
-= Ns
-.Dv NULL ,
-and obtain the size needed, then allocate the memory and call
-.Fn i2d_SSL_SESSION
-again.
-Note that this will advance the value contained in
-.Fa *pp
-so it is necessary to save a copy of the original allocation.
-For example:
-.Bd -literal
-int i, j;
-
-char *p, *temp;
-
- i = i2d_SSL_SESSION(sess, NULL);
- p = temp = malloc(i);
- if (temp != NULL) {
-	j = i2d_SSL_SESSION(sess, &temp);
-	assert(i == j);
-	assert(p + i == temp);
- }
-.Ed
-.Sh RETURN VALUES
-.Fn d2i_SSL_SESSION
-returns a pointer to the newly allocated
-.Vt SSL_SESSION
-object.
-In case of failure a
-.Dv NULL
-pointer is returned and the error message can be retrieved from the error
-stack.
-.Pp
-.Fn i2d_SSL_SESSION
-returns the size of the ASN1 representation in bytes.
-When the session is not valid, 0 is returned and no operation is performed.
-.Sh SEE ALSO
-.Xr ssl 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3 ,
-.Xr SSL_SESSION_free 3
diff --git a/lib/libssl/src/doc/ssl/ssl.3 b/lib/libssl/src/doc/ssl/ssl.3
deleted file mode 100644
index 7a76403bdc8..00000000000
--- a/lib/libssl/src/doc/ssl/ssl.3
+++ /dev/null
@@ -1,1319 +0,0 @@
-.\"
-.\"	$OpenBSD: ssl.3,v 1.4 2015/11/11 22:14:40 jmc Exp $
-.\"
-.Dd $Mdocdate: November 11 2015 $
-.Dt SSL 3
-.Os
-.Sh NAME
-.Nm ssl
-.Nd OpenSSL SSL/TLS library
-.Sh DESCRIPTION
-The OpenSSL
-.Nm ssl
-library implements the Secure Sockets Layer (SSL v2/v3) and
-Transport Layer Security (TLS v1) protocols.
-It provides a rich API which is documented here.
-.Pp
-At first the library must be initialized; see
-.Xr SSL_library_init 3 .
-.Pp
-Then an
-.Vt SSL_CTX
-object is created as a framework to establish TLS/SSL enabled connections (see
-.Xr SSL_CTX_new 3 ) .
-Various options regarding certificates, algorithms, etc., can be set in this
-object.
-.Pp
-When a network connection has been created, it can be assigned to an
-.Vt SSL
-object.
-After the
-.Vt SSL
-object has been created using
-.Xr SSL_new 3 ,
-.Xr SSL_set_fd 3
-or
-.Xr SSL_set_bio 3
-can be used to associate the network connection with the object.
-.Pp
-Then the TLS/SSL handshake is performed using
-.Xr SSL_accept 3
-or
-.Xr SSL_connect 3
-respectively.
-.Xr SSL_read 3
-and
-.Xr SSL_write 3
-are used to read and write data on the TLS/SSL connection.
-.Xr SSL_shutdown 3
-can be used to shut down the TLS/SSL connection.
-.Sh DATA STRUCTURES
-Currently the OpenSSL
-.Nm ssl
-library functions deals with the following data structures:
-.Bl -tag -width Ds
-.It Vt SSL_METHOD No (SSL Method)
-That's a dispatch structure describing the internal
-.Nm ssl
-library methods/functions which implement the various protocol versions
-(SSLv1, SSLv2 and TLSv1).
-It's needed to create an
-.Vt SSL_CTX .
-.It Vt SSL_CIPHER No (SSL Cipher)
-This structure holds the algorithm information for a particular cipher which
-is a core part of the SSL/TLS protocol.
-The available ciphers are configured on an
-.Vt SSL_CTX
-basis and the actually used ones are then part of the
-.Vt SSL_SESSION .
-.It Vt SSL_CTX No (SSL Context)
-That's the global context structure which is created by a server or client
-once per program lifetime and which holds mainly default values for the
-.Vt SSL
-structures which are later created for the connections.
-.It Vt SSL_SESSION No (SSL Session)
-This is a structure containing the current TLS/SSL session details for a
-connection:
-.Vt SSL_CIPHER Ns s, client and server certificates, keys, etc.
-.It Vt SSL No (SSL Connection)
-That's the main SSL/TLS structure which is created by a server or client per
-established connection.
-This actually is the core structure in the SSL API.
-Under run-time the application usually deals with this structure which has
-links to mostly all other structures.
-.El
-.Sh HEADER FILES
-Currently the OpenSSL
-.Nm ssl
-library provides the following C header files containing the prototypes for the
-data structures and functions:
-.Bl -tag -width Ds
-.It Pa ssl.h
-That's the common header file for the SSL/TLS API.
-Include it into your program to make the API of the
-.Nm ssl
-library available.
-It internally includes both more private SSL headers and headers from the
-.Em crypto
-library.
-Whenever you need hardcore details on the internals of the SSL API, look inside
-this header file.
-.It Pa ssl2.h
-That's the sub header file dealing with the SSLv2 protocol only.
-.Bf Em
- Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa ssl3.h
-That's the sub header file dealing with the SSLv3 protocol only.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa ssl23.h
-That's the sub header file dealing with the combined use of the SSLv2 and SSLv3
-protocols.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.It Pa tls1.h
-That's the sub header file dealing with the TLSv1 protocol only.
-.Bf Em
-Usually you don't have to include it explicitly because it's already included
-by
-.Pa ssl.h .
-.Ef
-.El
-.Sh API FUNCTIONS
-The functions that the OpenSSL
-.Nm ssl
-library exports are documented below:
-.Ss DEALING WITH PROTOCOL METHODS
-Here we document the various API functions which deal with the SSL/TLS protocol
-methods defined in
-.Vt SSL_METHOD
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_client_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_server_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv2_method void
-.Xc
-Constructor for the SSLv2
-.Vt SSL_METHOD
-structure for combined client and server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_client_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_server_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSLv3_method void
-.Xc
-Constructor for the SSLv3
-.Vt SSL_METHOD
-structure for combined client and server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_client_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for a dedicated client.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_server_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for a dedicated server.
-.It Xo
-.Ft const SSL_METHOD *
-.Fn TLSv1_method void
-.Xc
-Constructor for the TLSv1
-.Vt SSL_METHOD
-structure for combined client and server.
-.El
-.Ss DEALING WITH CIPHERS
-Here we document the various API functions which deal with the SSL/TLS ciphers
-defined in
-.Vt SSL_CIPHER
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft char *
-.Fn SSL_CIPHER_description "SSL_CIPHER *cipher" "char *buf" "int len"
-.Xc
-Write a string to
-.Fa buf
-(with a maximum size of
-.Fa len )
-containing a human readable description of
-.Fa cipher .
-Returns
-.Fa buf .
-.It Xo
-.Ft int
-.Fn SSL_CIPHER_get_bits "SSL_CIPHER *cipher" "int *alg_bits"
-.Xc
-Determine the number of bits in
-.Fa cipher .
-Because of export crippled ciphers there are two bits:
-the bits the algorithm supports in general (stored to
-.Fa alg_bits )
-and the bits which are actually used (the return value).
-.It Xo
-.Ft const char *
-.Fn SSL_CIPHER_get_name "SSL_CIPHER *cipher"
-.Xc
-Return the internal name of
-.Fa cipher
-as a string.
-These are the various strings defined by the
-.Dv SSL2_TXT_xxx ,
-.Dv SSL3_TXT_xxx
-and
-.Dv TLS1_TXT_xxx
-definitions in the header files.
-.It Xo
-.Ft char *
-.Fn SSL_CIPHER_get_version "SSL_CIPHER *cipher"
-.Xc
-Returns a string like
-Qq TLSv1/SSLv3
-or
-Qq SSLv2
-which indicates the SSL/TLS protocol version to which
-.Fa cipher
-belongs (i.e., where it was defined in the specification the first time).
-.El
-.Ss DEALING WITH PROTOCOL CONTEXTS
-Here we document the various API functions which deal with the SSL/TLS
-protocol context defined in the
-.Vt SSL_CTX
-structure.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_CTX_add_client_CA "SSL_CTX *ctx" "X509 *x"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_add_extra_chain_cert "SSL_CTX *ctx" "X509 *x509"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_add_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_check_private_key "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_ctrl "SSL_CTX *ctx" "int cmd" "long larg" "char *parg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_flush_sessions "SSL_CTX *s" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_free "SSL_CTX *a"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_CTX_get_app_data "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft X509_STORE *
-.Fn SSL_CTX_get_cert_store "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_CTX_get_client_CA_list "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))"
-.Fa "SSL *ssl" "X509 **x509" "EVP_PKEY **pkey"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_CTX_get_ex_data "const SSL_CTX *s" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_CTX_get_ex_new_index
-.Fa "long argl"
-.Fa "void *argp"
-.Fa "CRYPTO_EX_new *new_func"
-.Fa "CRYPTO_EX_dup *dup_func"
-.Fa "CRYPTO_EX_free *free_func"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo "(*SSL_CTX_get_info_callback(const SSL_CTX *ctx))"
-.Fa "SSL *ssl"
-.Fa "int cb"
-.Fa "int ret"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_quiet_shutdown "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_session_cache_mode "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_get_timeout "const SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fo "(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))"
-.Fa "int ok"
-.Fa "X509_STORE_CTX *ctx"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_get_verify_mode "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_load_verify_locations "SSL_CTX *ctx" "char *CAfile" "char *CApath"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_need_tmp_RSA "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft SSL_CTX *
-.Fn SSL_CTX_new "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_remove_session "SSL_CTX *ctx" "SSL_SESSION *c"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept_good "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_accept_renegotiate "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_cache_full "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_cb_hits "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect_good "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_connect_renegotiate "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_get_cache_size "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fo "(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))"
-.Fa "SSL *ssl"
-.Fa "unsigned char *data"
-.Fa "int len"
-.Fa "int *copy"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))" "SSL *ssl" "SSL_SESSION *sess"
-.Xc
-.It Xo
-.Ft void
-.Fo "(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))"
-.Fa "SSL_CTX *ctx"
-.Fa "SSL_SESSION *sess"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_hits "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_misses "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_number "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_sess_set_cache_size "SSL_CTX *ctx" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_get_cb
-.Fa "SSL_CTX *ctx"
-.Fa "SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_new_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*cb)(SSL *ssl, SSL_SESSION *sess)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_sess_set_remove_cb
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_sess_timeouts "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft LHASH *
-.Fn SSL_CTX_sessions "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_app_data "SSL_CTX *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_cert_store "SSL_CTX *ctx" "X509_STORE *cs"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_cert_verify_cb "SSL_CTX *ctx" "int (*cb)()" "char *arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_cipher_list "SSL_CTX *ctx" "char *str"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_client_CA_list "SSL_CTX *ctx" "STACK *list"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_client_cert_cb
-.Fa "SSL_CTX *ctx"
-.Fa "int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_default_passwd_cb "SSL_CTX *ctx" "pem_password_cb *cb"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_default_read_ahead "SSL_CTX *ctx" "int m"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_default_verify_paths "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_ex_data "SSL_CTX *s" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_info_callback
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(SSL *ssl, int cb, int ret)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_msg_callback
-.Fa "SSL_CTX *ctx"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, \
-size_t len, SSL *ssl, void *arg)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_msg_callback_arg "SSL_CTX *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_options "SSL_CTX *ctx" "unsigned long op"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_quiet_shutdown "SSL_CTX *ctx" "int mode"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_session_cache_mode "SSL_CTX *ctx" "int mode"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_set_ssl_version "SSL_CTX *ctx" "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_timeout "SSL_CTX *ctx" "long t"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_dh "SSL_CTX* ctx" "DH *dh"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_dh_callback "SSL_CTX *ctx" "DH *(*cb)(void)"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_CTX_set_tmp_rsa "SSL_CTX *ctx" "RSA *rsa"
-.Xc
-.It Xo
-.Fn SSL_CTX_set_tmp_rsa_callback
-.Xc
-.Ft long
-.Fo SSL_CTX_set_tmp_rsa_callback
-.Fa "SSL_CTX *ctx"
-.Fa "RSA *(*cb)(SSL *ssl, int export, int keylength)"
-.Fc
-.Pp
-Sets the callback which will be called when a temporary private key is
-required.
-The
-.Fa export
-flag will be set if the reason for needing a temp key is that an export
-ciphersuite is in use, in which case,
-.Fa keylength
-will contain the required keylength in bits.
-.\" XXX using what?
-Generate a key of appropriate size (using ???) and return it.
-.It Xo
-.Fn SSL_set_tmp_rsa_callback
-.Xc
-.Ft long
-.Fo SSL_set_tmp_rsa_callback
-.Fa "SSL *ssl"
-.Fa "RSA *(*cb)(SSL *ssl, int export, int keylength)"
-.Fc
-.Pp
-The same as
-.Fn SSL_CTX_set_tmp_rsa_callback ,
-except it operates on an
-.Vt SSL
-session instead of a context.
-.It Xo
-.Ft void
-.Fn SSL_CTX_set_verify "SSL_CTX *ctx" "int mode" "int (*cb)(void)"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_PrivateKey "SSL_CTX *ctx" "EVP_PKEY *pkey"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_CTX_use_PrivateKey_ASN1
-.Fa "int type"
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned char *d"
-.Fa "long len"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_PrivateKey_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey "SSL_CTX *ctx" "RSA *rsa"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_ASN1 "SSL_CTX *ctx" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_RSAPrivateKey_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate "SSL_CTX *ctx" "X509 *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate_ASN1 "SSL_CTX *ctx" "int len" "unsigned char *d"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_certificate_file "SSL_CTX *ctx" "char *file" "int type"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_psk_client_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_CTX_use_psk_identity_hint "SSL_CTX *ctx" "const char *hint"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_CTX_set_psk_server_callback
-.Fa "SSL_CTX *ctx"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, \
-unsigned char *psk, int max_psk_len)"
-.Fc
-.Xc
-.El
-.Ss DEALING WITH SESSIONS
-Here we document the various API functions which deal with the SSL/TLS sessions
-defined in the
-.Vt SSL_SESSION
-structures.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_SESSION_cmp "const SSL_SESSION *a" "const SSL_SESSION *b"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_SESSION_free "SSL_SESSION *ss"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_SESSION_get_app_data "SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_SESSION_get_ex_data "const SSL_SESSION *s" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_SESSION_get_ex_new_index
-.Fa "long argl"
-.Fa "char *argp"
-.Fa "int (*new_func)(void)"
-.Fa "int (*dup_func)(void), void (*free_func)(void)"
-.Fc
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_get_time "const SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_get_timeout "const SSL_SESSION *s"
-.Xc
-.It Xo
-.Ft unsigned long
-.Fn SSL_SESSION_hash "const SSL_SESSION *a"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fn SSL_SESSION_new void
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_print "BIO *bp" "const SSL_SESSION *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_print_fp "FILE *fp" "const SSL_SESSION *x"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_SESSION_set_app_data "SSL_SESSION *s" "char *a"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_SESSION_set_ex_data "SSL_SESSION *s" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_set_time "SSL_SESSION *s" "long t"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_SESSION_set_timeout "SSL_SESSION *s" "long t"
-.Xc
-.El
-.Ss DEALING WITH CONNECTIONS
-Here we document the various API functions which deal with the SSL/TLS
-connection defined in the
-.Vt SSL
-structure.
-.Bl -tag -width Ds
-.It Xo
-.Ft int
-.Fn SSL_accept "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_dir_cert_subjects_to_stack "STACK *stack" "const char *dir"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_file_cert_subjects_to_stack "STACK *stack" "const char *file"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_add_client_CA "SSL *ssl" "X509 *x"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_desc_string "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_desc_string_long "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_type_string "int value"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_alert_type_string_long "int value"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_check_private_key "const SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_clear "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_clear_num_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_connect "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_copy_session_id "SSL *t" "const SSL *f"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_ctrl "SSL *ssl" "int cmd" "long larg" "char *parg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_do_handshake "SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL *
-.Fn SSL_dup "SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_dup_CA_list "STACK *sk"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_free "SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_CTX *
-.Fn SSL_get_SSL_CTX "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_app_data "SSL *ssl"
-.Xc
-.It Xo
-.Ft X509 *
-.Fn SSL_get_certificate "const SSL *ssl"
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_cipher "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_cipher_bits "const SSL *ssl" "int *alg_bits"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_list "const SSL *ssl" "int n"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_name "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_cipher_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_ciphers "const SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_client_CA_list "const SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_CIPHER *
-.Fn SSL_get_current_cipher "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_default_timeout "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_error "const SSL *ssl" "int i"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_ex_data "const SSL *ssl" "int idx"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_ex_data_X509_STORE_CTX_idx void
-.Xc
-.It Xo
-.Ft int
-.Fo SSL_get_ex_new_index
-.Fa "long argl"
-.Fa "char *argp"
-.Fa "int (*new_func)(void)"
-.Fa "int (*dup_func)(void)"
-.Fa "void (*free_func)(void)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_fd "const SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn "(*SSL_get_info_callback(const SSL *ssl))"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_get_peer_cert_chain "const SSL *ssl"
-.Xc
-.It Xo
-.Ft X509 *
-.Fn SSL_get_peer_certificate "const SSL *ssl"
-.Xc
-.It Xo
-.Ft EVP_PKEY *
-.Fn SSL_get_privatekey "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_quiet_shutdown "const SSL *ssl"
-.Xc
-.It Xo
-.Ft BIO *
-.Fn SSL_get_rbio "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_read_ahead "const SSL *ssl"
-.Xc
-.It Xo
-.Ft SSL_SESSION *
-.Fn SSL_get_session "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_shared_ciphers "const SSL *ssl" "char *buf" "int len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_shutdown "const SSL *ssl"
-.Xc
-.It Xo
-.Ft const SSL_METHOD *
-.Fn SSL_get_ssl_method "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_state "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_time "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_timeout "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn "(*SSL_get_verify_callback(const SSL *ssl))" int "X509_STORE_CTX *"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_get_verify_mode "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_get_verify_result "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_get_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft BIO *
-.Fn SSL_get_wbio "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_accept_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_before "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_connect_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_in_init "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_is_init_finished "SSL *ssl"
-.Xc
-.It Xo
-.Ft STACK *
-.Fn SSL_load_client_CA_file "char *file"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_load_error_strings "void"
-.Xc
-.It Xo
-.Ft SSL *
-.Fn SSL_new "SSL_CTX *ctx"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_num_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_peek "SSL *ssl" "void *buf" "int num"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_pending "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_read "SSL *ssl" "void *buf" "int num"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_renegotiate "SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_rstate_string "SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_rstate_string_long "SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_session_reused "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_accept_state "SSL *ssl"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_app_data "SSL *ssl" "char *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_bio "SSL *ssl" "BIO *rbio" "BIO *wbio"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_cipher_list "SSL *ssl" "char *str"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_client_CA_list "SSL *ssl" "STACK *list"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_connect_state "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_ex_data "SSL *ssl" "int idx" "char *arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_fd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_info_callback "SSL *ssl" "void (*cb)(void)"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_msg_callback
-.Fa "SSL *ctx"
-.Fa "void (*cb)(int write_p, int version, int content_type, const void *buf, \
-size_t len, SSL *ssl, void *arg)"
-.Fc
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_msg_callback_arg "SSL *ctx" "void *arg"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_options "SSL *ssl" "unsigned long op"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_quiet_shutdown "SSL *ssl" "int mode"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_read_ahead "SSL *ssl" "int yes"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_rfd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_session "SSL *ssl" "SSL_SESSION *session"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_shutdown "SSL *ssl" "int mode"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_ssl_method "SSL *ssl" "const SSL_METHOD *meth"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_time "SSL *ssl" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_timeout "SSL *ssl" "long t"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_verify "SSL *ssl" "int mode" "int (*callback)(void)"
-.Xc
-.It Xo
-.Ft void
-.Fn SSL_set_verify_result "SSL *ssl" "long arg"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_set_wfd "SSL *ssl" "int fd"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_shutdown "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_state "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_state_string "const SSL *ssl"
-.Xc
-.It Xo
-.Ft char *
-.Fn SSL_state_string_long "const SSL *ssl"
-.Xc
-.It Xo
-.Ft long
-.Fn SSL_total_renegotiations "SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey "SSL *ssl" "EVP_PKEY *pkey"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey_ASN1 "int type" "SSL *ssl" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_PrivateKey_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey "SSL *ssl" "RSA *rsa"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey_ASN1 "SSL *ssl" "unsigned char *d" "long len"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_RSAPrivateKey_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate "SSL *ssl" "X509 *x"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate_ASN1 "SSL *ssl" "int len" "unsigned char *d"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_certificate_file "SSL *ssl" "char *file" "int type"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_version "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_nothing "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_read "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_write "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_want_x509_lookup "const SSL *ssl"
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_write "SSL *ssl" "const void *buf" "int num"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_psk_client_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, \
-unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft int
-.Fn SSL_use_psk_identity_hint "SSL *ssl" "const char *hint"
-.Xc
-.It Xo
-.Ft void
-.Fo SSL_set_psk_server_callback
-.Fa "SSL *ssl"
-.Fa "unsigned int (*callback)(SSL *ssl, const char *identity, \
-unsigned char *psk, int max_psk_len)"
-.Fc
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_psk_identity_hint "SSL *ssl"
-.Xc
-.It Xo
-.Ft const char *
-.Fn SSL_get_psk_identity "SSL *ssl"
-.Xc
-.El
-.Sh SEE ALSO
-.Xr openssl 1 ,
-.Xr crypto 3 ,
-.Xr d2i_SSL_SESSION 3 ,
-.Xr SSL_accept 3 ,
-.Xr SSL_alert_type_string 3 ,
-.Xr SSL_CIPHER_get_name 3 ,
-.Xr SSL_clear 3 ,
-.Xr SSL_COMP_add_compression_method 3 ,
-.Xr SSL_connect 3 ,
-.Xr SSL_CTX_add_extra_chain_cert 3 ,
-.Xr SSL_CTX_add_session 3 ,
-.Xr SSL_CTX_ctrl 3 ,
-.Xr SSL_CTX_flush_sessions 3 ,
-.Xr SSL_CTX_get_ex_new_index 3 ,
-.Xr SSL_CTX_get_verify_mode 3 ,
-.Xr SSL_CTX_load_verify_locations 3 ,
-.Xr SSL_CTX_new 3 ,
-.Xr SSL_CTX_sess_number 3 ,
-.Xr SSL_CTX_sess_set_cache_size 3 ,
-.Xr SSL_CTX_sess_set_get_cb 3 ,
-.Xr SSL_CTX_sessions 3 ,
-.Xr SSL_CTX_set_cert_store 3 ,
-.Xr SSL_CTX_set_cert_verify_callback 3 ,
-.Xr SSL_CTX_set_cipher_list 3 ,
-.Xr SSL_CTX_set_client_CA_list 3 ,
-.Xr SSL_CTX_set_client_cert_cb 3 ,
-.Xr SSL_CTX_set_default_passwd_cb 3 ,
-.Xr SSL_CTX_set_generate_session_id 3 ,
-.Xr SSL_CTX_set_info_callback 3 ,
-.Xr SSL_CTX_set_max_cert_list 3 ,
-.Xr SSL_CTX_set_mode 3 ,
-.Xr SSL_CTX_set_msg_callback 3 ,
-.Xr SSL_CTX_set_options 3 ,
-.Xr SSL_CTX_set_psk_client_callback 3 ,
-.Xr SSL_CTX_set_quiet_shutdown 3 ,
-.Xr SSL_CTX_set_session_cache_mode 3 ,
-.Xr SSL_CTX_set_session_id_context 3 ,
-.Xr SSL_CTX_set_ssl_version 3 ,
-.Xr SSL_CTX_set_timeout 3 ,
-.Xr SSL_CTX_set_tmp_dh_callback 3 ,
-.Xr SSL_CTX_set_tmp_rsa_callback 3 ,
-.Xr SSL_CTX_set_verify 3 ,
-.Xr SSL_CTX_use_certificate 3 ,
-.Xr SSL_CTX_use_psk_identity_hint 3 ,
-.Xr SSL_do_handshake 3 ,
-.Xr SSL_get_ciphers 3 ,
-.Xr SSL_get_client_CA_list 3 ,
-.Xr SSL_get_default_timeout 3 ,
-.Xr SSL_get_error 3 ,
-.Xr SSL_get_ex_data_X509_STORE_CTX_idx 3 ,
-.Xr SSL_get_ex_new_index 3 ,
-.Xr SSL_get_fd 3 ,
-.Xr SSL_get_peer_cert_chain 3 ,
-.Xr SSL_get_psk_identity 3 ,
-.Xr SSL_get_rbio 3 ,
-.Xr SSL_get_session 3 ,
-.Xr SSL_get_SSL_CTX 3 ,
-.Xr SSL_get_verify_result 3 ,
-.Xr SSL_get_version 3 ,
-.Xr SSL_library_init 3 ,
-.Xr SSL_load_client_CA_file 3 ,
-.Xr SSL_new 3 ,
-.Xr SSL_pending 3 ,
-.Xr SSL_read 3 ,
-.Xr SSL_rstate_string 3 ,
-.Xr SSL_SESSION_free 3 ,
-.Xr SSL_SESSION_get_ex_new_index 3 ,
-.Xr SSL_SESSION_get_time 3 ,
-.Xr SSL_session_reused 3 ,
-.Xr SSL_set_bio 3 ,
-.Xr SSL_set_connect_state 3 ,
-.Xr SSL_set_fd 3 ,
-.Xr SSL_set_session 3 ,
-.Xr SSL_set_shutdown 3 ,
-.Xr SSL_shutdown 3 ,
-.Xr SSL_state_string 3 ,
-.Xr SSL_want 3 ,
-.Xr SSL_write 3
-.Sh HISTORY
-The
-.Nm
-document appeared in OpenSSL 0.9.2.
diff --git a/lib/libssl/src/doc/standards.txt b/lib/libssl/src/doc/standards.txt
deleted file mode 100644
index 7bada8d35f2..00000000000
--- a/lib/libssl/src/doc/standards.txt
+++ /dev/null
@@ -1,285 +0,0 @@
-Standards related to OpenSSL
-============================
-
-[Please, this is currently a draft.  I made a first try at finding
- documents that describe parts of what OpenSSL implements.  There are
- big gaps, and I've most certainly done something wrong.  Please
- correct whatever is...  Also, this note should be removed when this
- file is reaching a somewhat correct state.        -- Richard Levitte]
-
-
-All pointers in here will be either URL's or blobs of text borrowed
-from miscellaneous indexes, like rfc-index.txt (index of RFCs),
-1id-index.txt (index of Internet drafts) and the like.
-
-To find the latest possible RFCs, it's recommended to either browse
-ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
-use the search mechanism found there.
-To find the latest possible Internet drafts, it's recommended to
-browse ftp://ftp.isi.edu/internet-drafts/.
-To find the latest possible PKCS, it's recommended to browse
-http://www.rsasecurity.com/rsalabs/pkcs/.
-
-
-Implemented:
-------------
-
-These are documents that describe things that are implemented (in
-whole or at least great parts) in OpenSSL.
-
-1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
-     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
-
-1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
-     TXT=32407 bytes) (Status: INFORMATIONAL)
-
-1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
-     TXT=35222 bytes) (Status: INFORMATIONAL)
-
-2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
-     (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
-
-2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
-     January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
-
-2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
-     March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
-
-PKCS#8: Private-Key Information Syntax Standard
-
-PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
-
-2560 X.509 Internet Public Key Infrastructure Online Certificate
-     Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
-     C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
-     STANDARD)
-
-2712 Addition of Kerberos Cipher Suites to Transport Layer Security
-     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
-     (Status: PROPOSED STANDARD)
-
-2898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
-     B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
-     INFORMATIONAL)
-
-2986 PKCS #10: Certification Request Syntax Specification Version 1.7.
-     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
-     (Obsoletes RFC2314) (Status: INFORMATIONAL)
-
-3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
-     September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
-
-3161 Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
-     C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001
-     (Status: PROPOSED STANDARD)
-
-3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
-     Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
-     (Status: PROPOSED STANDARD)
-
-3279 Algorithms and Identifiers for the Internet X.509 Public Key
-     Infrastructure Certificate and Certificate Revocation List (CRL)
-     Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
-     TXT=53833 bytes) (Status: PROPOSED STANDARD)
-
-3280 Internet X.509 Public Key Infrastructure Certificate and
-     Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
-     Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
-     RFC2459) (Status: PROPOSED STANDARD)
-
-3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
-     Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
-     (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:           
-     INFORMATIONAL)                                         
-
-3713 A Description of the Camellia Encryption Algorithm. M. Matsui,
-     J. Nakajima, S. Moriai. April 2004. (Format: TXT=25031 bytes)
-     (Status: INFORMATIONAL)
-
-3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
-     Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
-     June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
-
-4132 Addition of Camellia Cipher Suites to Transport Layer Security
-     (TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
-     bytes) (Status: PROPOSED STANDARD)
-
-4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS).
-     H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes)
-     (Status: PROPOSED STANDARD)
-
-4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon,
-     D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes)
-     (Obsoletes RFC4009) (Status: INFORMATIONAL)
-
-
-Related:
---------
-
-These are documents that are close to OpenSSL, for example the
-STARTTLS documents.
-
-1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
-     Encryption and Authentication Procedures. J. Linn. February 1993.
-     (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
-     STANDARD)
-
-1422 Privacy Enhancement for Internet Electronic Mail: Part II:
-     Certificate-Based Key Management. S. Kent. February 1993. (Format:
-     TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
-
-1423 Privacy Enhancement for Internet Electronic Mail: Part III:
-     Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
-     (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
-     STANDARD)
-
-1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
-     Certification and Related Services. B. Kaliski. February 1993.
-     (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
-
-2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
-     1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
-
-2510 Internet X.509 Public Key Infrastructure Certificate Management
-     Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
-     bytes) (Status: PROPOSED STANDARD)
-
-2511 Internet X.509 Certificate Request Message Format. M. Myers, C.
-     Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
-     (Status: PROPOSED STANDARD)
-
-2527 Internet X.509 Public Key Infrastructure Certificate Policy and
-     Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
-     (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
-
-2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
-     3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
-     PROPOSED STANDARD)
-
-2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
-     D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
-     PROPOSED STANDARD)
-
-2559 Internet X.509 Public Key Infrastructure Operational Protocols -
-     LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
-     TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
-
-2585 Internet X.509 Public Key Infrastructure Operational Protocols:
-     FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
-     bytes) (Status: PROPOSED STANDARD)
-
-2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
-     Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
-     (Status: PROPOSED STANDARD)
-
-2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
-     (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
-
-2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
-     (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
-
-2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
-     1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
-
-2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
-     1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
-
-2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
-     February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
-     EXPERIMENTAL)
-
-2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
-     Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
-     PROPOSED STANDARD)
-
-2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
-     2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
-     STANDARD)
-
-2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
-     (Status: INFORMATIONAL)
-
-2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
-     2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
-
-2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
-     October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
-
-2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
-     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
-     (Status: INFORMATIONAL)
-
-3029 Internet X.509 Public Key Infrastructure Data Validation and
-     Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
-     R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
-     EXPERIMENTAL)
-
-3039 Internet X.509 Public Key Infrastructure Qualified Certificates
-     Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
-     (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
-
-3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
-     Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
-     (Status: INFORMATIONAL)
-
-3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
-     (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
-     (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
-
-3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
-     October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
-
-3207 SMTP Service Extension for Secure SMTP over Transport Layer
-     Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
-     (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
-
-3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
-     (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
-
-3274 Compressed Data Content Type for Cryptographic Message Syntax
-     (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
-     PROPOSED STANDARD)
-
-3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
-     Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
-     Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
-     INFORMATIONAL)
-
-3281 An Internet Attribute Certificate Profile for Authorization. S.
-     Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
-     PROPOSED STANDARD)
-
-3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
-     (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
-     PROPOSED STANDARD)
-
-3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
-     2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
-     PROPOSED STANDARD)
-
-3377 Lightweight Directory Access Protocol (v3): Technical
-     Specification. J. Hodges, R. Morgan. September 2002. (Format:
-     TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
-     RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
-
-3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
-     R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
-     INFORMATIONAL)
-
-3436 Transport Layer Security over Stream Control Transmission
-     Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
-     (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
-
-3657 Use of the Camellia Encryption Algorithm in Cryptographic 
-     Message Syntax (CMS). S. Moriai, A. Kato. January 2004.
-     (Format: TXT=26282 bytes) (Status: PROPOSED STANDARD)
-
-"Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
- 
-
-To be implemented:
-------------------
-
-These are documents that describe things that are planed to be
-implemented in the hopefully short future.
-
diff --git a/lib/libssl/src/ssl/bio_ssl.c b/lib/libssl/src/ssl/bio_ssl.c
deleted file mode 100644
index 6ddbb008e6a..00000000000
--- a/lib/libssl/src/ssl/bio_ssl.c
+++ /dev/null
@@ -1,581 +0,0 @@
-/* $OpenBSD: bio_ssl.c,v 1.22 2015/09/29 18:08:57 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/bio.h>
-#include <openssl/crypto.h>
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-static int ssl_write(BIO *h, const char *buf, int num);
-static int ssl_read(BIO *h, char *buf, int size);
-static int ssl_puts(BIO *h, const char *str);
-static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
-static int ssl_new(BIO *h);
-static int ssl_free(BIO *data);
-static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct bio_ssl_st {
-	SSL *ssl; /* The ssl handle :-) */
-	/* re-negotiate every time the total number of bytes is this size */
-	int num_renegotiates;
-	unsigned long renegotiate_count;
-	unsigned long byte_count;
-	unsigned long renegotiate_timeout;
-	time_t last_time;
-} BIO_SSL;
-
-static BIO_METHOD methods_sslp = {
-	.type = BIO_TYPE_SSL,
-	.name = "ssl",
-	.bwrite = ssl_write,
-	.bread = ssl_read,
-	.bputs = ssl_puts,
-	.ctrl = ssl_ctrl,
-	.create = ssl_new,
-	.destroy = ssl_free,
-	.callback_ctrl = ssl_callback_ctrl,
-};
-
-BIO_METHOD *
-BIO_f_ssl(void)
-{
-	return (&methods_sslp);
-}
-
-static int
-ssl_new(BIO *bi)
-{
-	BIO_SSL *bs;
-
-	bs = calloc(1, sizeof(BIO_SSL));
-	if (bs == NULL) {
-		BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	bi->init = 0;
-	bi->ptr = (char *)bs;
-	bi->flags = 0;
-	return (1);
-}
-
-static int
-ssl_free(BIO *a)
-{
-	BIO_SSL *bs;
-
-	if (a == NULL)
-		return (0);
-	bs = (BIO_SSL *)a->ptr;
-	if (bs->ssl != NULL)
-		SSL_shutdown(bs->ssl);
-	if (a->shutdown) {
-		if (a->init && (bs->ssl != NULL))
-			SSL_free(bs->ssl);
-		a->init = 0;
-		a->flags = 0;
-	}
-	free(a->ptr);
-	return (1);
-}
-
-static int
-ssl_read(BIO *b, char *out, int outl)
-{
-	int ret = 1;
-	BIO_SSL *sb;
-	SSL *ssl;
-	int retry_reason = 0;
-	int r = 0;
-
-	if (out == NULL)
-		return (0);
-	sb = (BIO_SSL *)b->ptr;
-	ssl = sb->ssl;
-
-	BIO_clear_retry_flags(b);
-
-	ret = SSL_read(ssl, out, outl);
-
-	switch (SSL_get_error(ssl, ret)) {
-	case SSL_ERROR_NONE:
-		if (ret <= 0)
-			break;
-		if (sb->renegotiate_count > 0) {
-			sb->byte_count += ret;
-			if (sb->byte_count > sb->renegotiate_count) {
-				sb->byte_count = 0;
-				sb->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				r = 1;
-			}
-		}
-		if ((sb->renegotiate_timeout > 0) && (!r)) {
-			time_t tm;
-
-			tm = time(NULL);
-			if (tm > sb->last_time + sb->renegotiate_timeout) {
-				sb->last_time = tm;
-				sb->num_renegotiates++;
-				SSL_renegotiate(ssl);
-			}
-		}
-
-		break;
-	case SSL_ERROR_WANT_READ:
-		BIO_set_retry_read(b);
-		break;
-	case SSL_ERROR_WANT_WRITE:
-		BIO_set_retry_write(b);
-		break;
-	case SSL_ERROR_WANT_X509_LOOKUP:
-		BIO_set_retry_special(b);
-		retry_reason = BIO_RR_SSL_X509_LOOKUP;
-		break;
-	case SSL_ERROR_WANT_ACCEPT:
-		BIO_set_retry_special(b);
-		retry_reason = BIO_RR_ACCEPT;
-		break;
-	case SSL_ERROR_WANT_CONNECT:
-		BIO_set_retry_special(b);
-		retry_reason = BIO_RR_CONNECT;
-		break;
-	case SSL_ERROR_SYSCALL:
-	case SSL_ERROR_SSL:
-	case SSL_ERROR_ZERO_RETURN:
-	default:
-		break;
-	}
-
-	b->retry_reason = retry_reason;
-	return (ret);
-}
-
-static int
-ssl_write(BIO *b, const char *out, int outl)
-{
-	int ret, r = 0;
-	int retry_reason = 0;
-	SSL *ssl;
-	BIO_SSL *bs;
-
-	if (out == NULL)
-		return (0);
-	bs = (BIO_SSL *)b->ptr;
-	ssl = bs->ssl;
-
-	BIO_clear_retry_flags(b);
-
-/*	ret=SSL_do_handshake(ssl);
-	if (ret > 0) */
-		ret = SSL_write(ssl, out, outl);
-
-	switch (SSL_get_error(ssl, ret)) {
-	case SSL_ERROR_NONE:
-		if (ret <= 0)
-			break;
-		if (bs->renegotiate_count > 0) {
-			bs->byte_count += ret;
-			if (bs->byte_count > bs->renegotiate_count) {
-				bs->byte_count = 0;
-				bs->num_renegotiates++;
-				SSL_renegotiate(ssl);
-				r = 1;
-			}
-		}
-		if ((bs->renegotiate_timeout > 0) && (!r)) {
-			time_t tm;
-
-			tm = time(NULL);
-			if (tm > bs->last_time + bs->renegotiate_timeout) {
-				bs->last_time = tm;
-				bs->num_renegotiates++;
-				SSL_renegotiate(ssl);
-			}
-		}
-		break;
-	case SSL_ERROR_WANT_WRITE:
-		BIO_set_retry_write(b);
-		break;
-	case SSL_ERROR_WANT_READ:
-		BIO_set_retry_read(b);
-		break;
-	case SSL_ERROR_WANT_X509_LOOKUP:
-		BIO_set_retry_special(b);
-		retry_reason = BIO_RR_SSL_X509_LOOKUP;
-		break;
-	case SSL_ERROR_WANT_CONNECT:
-		BIO_set_retry_special(b);
-		retry_reason = BIO_RR_CONNECT;
-	case SSL_ERROR_SYSCALL:
-	case SSL_ERROR_SSL:
-	default:
-		break;
-	}
-
-	b->retry_reason = retry_reason;
-	return (ret);
-}
-
-static long
-ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
-{
-	SSL **sslp, *ssl;
-	BIO_SSL *bs;
-	BIO *dbio, *bio;
-	long ret = 1;
-
-	bs = (BIO_SSL *)b->ptr;
-	ssl = bs->ssl;
-	if ((ssl == NULL)  && (cmd != BIO_C_SET_SSL))
-		return (0);
-	switch (cmd) {
-	case BIO_CTRL_RESET:
-		SSL_shutdown(ssl);
-
-		if (ssl->handshake_func == ssl->method->ssl_connect)
-			SSL_set_connect_state(ssl);
-		else if (ssl->handshake_func == ssl->method->ssl_accept)
-			SSL_set_accept_state(ssl);
-
-		SSL_clear(ssl);
-
-		if (b->next_bio != NULL)
-			ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
-		else if (ssl->rbio != NULL)
-			ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-		else
-			ret = 1;
-		break;
-	case BIO_CTRL_INFO:
-		ret = 0;
-		break;
-	case BIO_C_SSL_MODE:
-		if (num) /* client mode */
-			SSL_set_connect_state(ssl);
-		else
-			SSL_set_accept_state(ssl);
-		break;
-	case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
-		ret = bs->renegotiate_timeout;
-		if (num < 60)
-			num = 5;
-		bs->renegotiate_timeout = (unsigned long)num;
-		bs->last_time = time(NULL);
-		break;
-	case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
-		ret = bs->renegotiate_count;
-		if ((long)num >=512)
-			bs->renegotiate_count = (unsigned long)num;
-		break;
-	case BIO_C_GET_SSL_NUM_RENEGOTIATES:
-		ret = bs->num_renegotiates;
-		break;
-	case BIO_C_SET_SSL:
-		if (ssl != NULL) {
-			ssl_free(b);
-			if (!ssl_new(b))
-				return 0;
-		}
-		b->shutdown = (int)num;
-		ssl = (SSL *)ptr;
-		((BIO_SSL *)b->ptr)->ssl = ssl;
-		bio = SSL_get_rbio(ssl);
-		if (bio != NULL) {
-			if (b->next_bio != NULL)
-				BIO_push(bio, b->next_bio);
-			b->next_bio = bio;
-			CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO);
-		}
-		b->init = 1;
-		break;
-	case BIO_C_GET_SSL:
-		if (ptr != NULL) {
-			sslp = (SSL **)ptr;
-			*sslp = ssl;
-		} else
-			ret = 0;
-		break;
-	case BIO_CTRL_GET_CLOSE:
-		ret = b->shutdown;
-		break;
-	case BIO_CTRL_SET_CLOSE:
-		b->shutdown = (int)num;
-		break;
-	case BIO_CTRL_WPENDING:
-		ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_PENDING:
-		ret = SSL_pending(ssl);
-		if (ret == 0)
-			ret = BIO_pending(ssl->rbio);
-		break;
-	case BIO_CTRL_FLUSH:
-		BIO_clear_retry_flags(b);
-		ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
-		BIO_copy_next_retry(b);
-		break;
-	case BIO_CTRL_PUSH:
-		if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) {
-			SSL_set_bio(ssl, b->next_bio, b->next_bio);
-			CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO);
-		}
-		break;
-	case BIO_CTRL_POP:
-		/* Only detach if we are the BIO explicitly being popped */
-		if (b == ptr) {
-			/* Shouldn't happen in practice because the
-			 * rbio and wbio are the same when pushed.
-			 */
-			if (ssl->rbio != ssl->wbio)
-				BIO_free_all(ssl->wbio);
-			if (b->next_bio != NULL)
-				CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO);
-			ssl->wbio = NULL;
-			ssl->rbio = NULL;
-		}
-		break;
-	case BIO_C_DO_STATE_MACHINE:
-		BIO_clear_retry_flags(b);
-
-		b->retry_reason = 0;
-		ret = (int)SSL_do_handshake(ssl);
-
-		switch (SSL_get_error(ssl, (int)ret)) {
-		case SSL_ERROR_WANT_READ:
-			BIO_set_flags(b,
-			    BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
-			break;
-		case SSL_ERROR_WANT_WRITE:
-			BIO_set_flags(b,
-			    BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
-			break;
-		case SSL_ERROR_WANT_CONNECT:
-			BIO_set_flags(b,
-			    BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
-			b->retry_reason = b->next_bio->retry_reason;
-			break;
-		default:
-			break;
-		}
-		break;
-	case BIO_CTRL_DUP:
-		dbio = (BIO *)ptr;
-		if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
-			SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
-		((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl);
-		((BIO_SSL *)dbio->ptr)->renegotiate_count =
-		    ((BIO_SSL *)b->ptr)->renegotiate_count;
-		((BIO_SSL *)dbio->ptr)->byte_count =
-		    ((BIO_SSL *)b->ptr)->byte_count;
-		((BIO_SSL *)dbio->ptr)->renegotiate_timeout =
-		    ((BIO_SSL *)b->ptr)->renegotiate_timeout;
-		((BIO_SSL *)dbio->ptr)->last_time =
-		    ((BIO_SSL *)b->ptr)->last_time;
-		ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL);
-		break;
-	case BIO_C_GET_FD:
-		ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-		break;
-	case BIO_CTRL_SET_CALLBACK:
-		{
-			ret = 0;
-		}
-		break;
-	case BIO_CTRL_GET_CALLBACK:
-		{
-			void (**fptr)(const SSL *xssl, int type, int val);
-
-			fptr = (void (**)(const SSL *xssl, int type, int val))ptr;
-			*fptr = SSL_get_info_callback(ssl);
-		}
-		break;
-	default:
-		ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
-		break;
-	}
-	return (ret);
-}
-
-static long
-ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
-{
-	SSL *ssl;
-	BIO_SSL *bs;
-	long ret = 1;
-
-	bs = (BIO_SSL *)b->ptr;
-	ssl = bs->ssl;
-	switch (cmd) {
-	case BIO_CTRL_SET_CALLBACK:
-		{
-		/* FIXME: setting this via a completely different prototype
-		   seems like a crap idea */
-			SSL_set_info_callback(ssl, (void (*)(const SSL *, int, int))fp);
-		}
-		break;
-	default:
-		ret = BIO_callback_ctrl(ssl->rbio, cmd, fp);
-		break;
-	}
-	return (ret);
-}
-
-static int
-ssl_puts(BIO *bp, const char *str)
-{
-	int n, ret;
-
-	n = strlen(str);
-	ret = BIO_write(bp, str, n);
-	return (ret);
-}
-
-BIO *
-BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
-{
-	BIO *ret = NULL, *buf = NULL, *ssl = NULL;
-
-	if ((buf = BIO_new(BIO_f_buffer())) == NULL)
-		goto err;
-	if ((ssl = BIO_new_ssl_connect(ctx)) == NULL)
-		goto err;
-	if ((ret = BIO_push(buf, ssl)) == NULL)
-		goto err;
-	return (ret);
-
-err:
-	BIO_free(buf);
-	BIO_free(ssl);
-	return (NULL);
-}
-
-BIO *
-BIO_new_ssl_connect(SSL_CTX *ctx)
-{
-	BIO *ret = NULL, *con = NULL, *ssl = NULL;
-
-	if ((con = BIO_new(BIO_s_connect())) == NULL)
-		goto err;
-	if ((ssl = BIO_new_ssl(ctx, 1)) == NULL)
-		goto err;
-	if ((ret = BIO_push(ssl, con)) == NULL)
-		goto err;
-	return (ret);
-
-err:
-	BIO_free(con);
-	BIO_free(ssl);
-	return (NULL);
-}
-
-BIO *
-BIO_new_ssl(SSL_CTX *ctx, int client)
-{
-	BIO *ret;
-	SSL *ssl;
-
-	if ((ret = BIO_new(BIO_f_ssl())) == NULL)
-		goto err;
-	if ((ssl = SSL_new(ctx)) == NULL)
-		goto err;
-
-	if (client)
-		SSL_set_connect_state(ssl);
-	else
-		SSL_set_accept_state(ssl);
-
-	BIO_set_ssl(ret, ssl, BIO_CLOSE);
-	return (ret);
-
-err:
-	BIO_free(ret);
-	return (NULL);
-}
-
-int
-BIO_ssl_copy_session_id(BIO *t, BIO *f)
-{
-	t = BIO_find_type(t, BIO_TYPE_SSL);
-	f = BIO_find_type(f, BIO_TYPE_SSL);
-	if ((t == NULL) || (f == NULL))
-		return (0);
-	if ((((BIO_SSL *)t->ptr)->ssl == NULL) ||
-	    (((BIO_SSL *)f->ptr)->ssl == NULL))
-		return (0);
-	SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, ((BIO_SSL *)f->ptr)->ssl);
-	return (1);
-}
-
-void
-BIO_ssl_shutdown(BIO *b)
-{
-	SSL *s;
-
-	while (b != NULL) {
-		if (b->method->type == BIO_TYPE_SSL) {
-			s = ((BIO_SSL *)b->ptr)->ssl;
-			SSL_shutdown(s);
-			break;
-		}
-		b = b->next_bio;
-	}
-}
diff --git a/lib/libssl/src/ssl/bs_ber.c b/lib/libssl/src/ssl/bs_ber.c
deleted file mode 100644
index 6e945a02466..00000000000
--- a/lib/libssl/src/ssl/bs_ber.c
+++ /dev/null
@@ -1,268 +0,0 @@
-/*	$OpenBSD: bs_ber.c,v 1.8 2015/06/21 16:10:45 doug Exp $	*/
-/*
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "bytestring.h"
-
-/*
- * kMaxDepth is a just a sanity limit. The code should be such that the length
- * of the input being processes always decreases. None the less, a very large
- * input could otherwise cause the stack to overflow.
- */
-static const unsigned int kMaxDepth = 2048;
-
-/* Non-strict version that allows a relaxed DER with indefinite form. */
-static int
-cbs_nonstrict_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag,
-    size_t *out_header_len)
-{
-	return cbs_get_any_asn1_element_internal(cbs, out,
-	    out_tag, out_header_len, 0);
-}
-
-/*
- * cbs_find_indefinite walks an ASN.1 structure in |orig_in| and sets
- * |*indefinite_found| depending on whether an indefinite length element was
- * found. The value of |orig_in| is not modified.
- *
- * Returns one on success (i.e. |*indefinite_found| was set) and zero on error.
- */
-static int
-cbs_find_indefinite(const CBS *orig_in, char *indefinite_found,
-    unsigned int depth)
-{
-	CBS in;
-
-	if (depth > kMaxDepth)
-		return 0;
-
-	CBS_init(&in, CBS_data(orig_in), CBS_len(orig_in));
-
-	while (CBS_len(&in) > 0) {
-		CBS contents;
-		unsigned int tag;
-		size_t header_len;
-
-		if (!cbs_nonstrict_get_any_asn1_element(&in, &contents, &tag,
-		    &header_len))
-			return 0;
-
-		/* Indefinite form not allowed by DER. */
-		if (CBS_len(&contents) == header_len && header_len > 0 &&
-		    CBS_data(&contents)[header_len - 1] == 0x80) {
-			*indefinite_found = 1;
-			return 1;
-		}
-		if (tag & CBS_ASN1_CONSTRUCTED) {
-			if (!CBS_skip(&contents, header_len) ||
-			    !cbs_find_indefinite(&contents, indefinite_found,
-			    depth + 1))
-				return 0;
-		}
-	}
-
-	*indefinite_found = 0;
-	return 1;
-}
-
-/*
- * is_primitive_type returns true if |tag| likely a primitive type. Normally
- * one can just test the "constructed" bit in the tag but, in BER, even
- * primitive tags can have the constructed bit if they have indefinite
- * length.
- */
-static char
-is_primitive_type(unsigned int tag)
-{
-	return (tag & 0xc0) == 0 &&
-	    (tag & 0x1f) != (CBS_ASN1_SEQUENCE & 0x1f) &&
-	    (tag & 0x1f) != (CBS_ASN1_SET & 0x1f);
-}
-
-/*
- * is_eoc returns true if |header_len| and |contents|, as returned by
- * |cbs_nonstrict_get_any_asn1_element|, indicate an "end of contents" (EOC)
- * value.
- */
-static char
-is_eoc(size_t header_len, CBS *contents)
-{
-	return header_len == 2 && CBS_mem_equal(contents, "\x00\x00", 2);
-}
-
-/*
- * cbs_convert_indefinite reads data with DER encoding (but relaxed to allow
- * indefinite form) from |in| and writes definite form DER data to |out|. If
- * |squash_header| is set then the top-level of elements from |in| will not
- * have their headers written. This is used when concatenating the fragments of
- * an indefinite length, primitive value. If |looking_for_eoc| is set then any
- * EOC elements found will cause the function to return after consuming it.
- * It returns one on success and zero on error.
- */
-static int
-cbs_convert_indefinite(CBS *in, CBB *out, char squash_header,
-    char looking_for_eoc, unsigned int depth)
-{
-	if (depth > kMaxDepth)
-		return 0;
-
-	while (CBS_len(in) > 0) {
-		CBS contents;
-		unsigned int tag;
-		size_t header_len;
-		CBB *out_contents, out_contents_storage;
-
-		if (!cbs_nonstrict_get_any_asn1_element(in, &contents, &tag,
-		    &header_len))
-			return 0;
-
-		out_contents = out;
-
-		if (CBS_len(&contents) == header_len) {
-			if (is_eoc(header_len, &contents))
-				return looking_for_eoc;
-
-			if (header_len > 0 &&
-			    CBS_data(&contents)[header_len - 1] == 0x80) {
-				/*
-				 * This is an indefinite length element. If
-				 * it's a SEQUENCE or SET then we just need to
-				 * write the out the contents as normal, but
-				 * with a concrete length prefix.
-				 *
-				 * If it's a something else then the contents
-				 * will be a series of DER elements of the same
-				 * type which need to be concatenated.
-				 */
-				const char context_specific = (tag & 0xc0)
-				    == 0x80;
-				char squash_child_headers =
-				    is_primitive_type(tag);
-
-				/*
-				 * This is a hack, but it sufficies to handle
-				 * NSS's output. If we find an indefinite
-				 * length, context-specific tag with a definite,
-				 * primtive tag inside it, then we assume that
-				 * the context-specific tag is implicit and the
-				 * tags within are fragments of a primitive type
-				 * that need to be concatenated.
-				 */
-				if (context_specific &&
-				    (tag & CBS_ASN1_CONSTRUCTED)) {
-					CBS in_copy, inner_contents;
-					unsigned int inner_tag;
-					size_t inner_header_len;
-
-					CBS_init(&in_copy, CBS_data(in),
-					    CBS_len(in));
-					if (!cbs_nonstrict_get_any_asn1_element(
-					    &in_copy, &inner_contents,
-					    &inner_tag, &inner_header_len))
-						return 0;
-
-					if (CBS_len(&inner_contents) >
-					    inner_header_len &&
-					    is_primitive_type(inner_tag))
-						squash_child_headers = 1;
-				}
-
-				if (!squash_header) {
-					unsigned int out_tag = tag;
-
-					if (squash_child_headers)
-						out_tag &=
-						    ~CBS_ASN1_CONSTRUCTED;
-
-					if (!CBB_add_asn1(out,
-					    &out_contents_storage, out_tag))
-						return 0;
-
-					out_contents = &out_contents_storage;
-				}
-
-				if (!cbs_convert_indefinite(in, out_contents,
-				    squash_child_headers,
-				    1 /* looking for eoc */, depth + 1))
-					return 0;
-
-				if (out_contents != out && !CBB_flush(out))
-					return 0;
-
-				continue;
-			}
-		}
-
-		if (!squash_header) {
-			if (!CBB_add_asn1(out, &out_contents_storage, tag))
-				return 0;
-
-			out_contents = &out_contents_storage;
-		}
-
-		if (!CBS_skip(&contents, header_len))
-			return 0;
-
-		if (tag & CBS_ASN1_CONSTRUCTED) {
-			if (!cbs_convert_indefinite(&contents, out_contents,
-			    0 /* don't squash header */,
-			    0 /* not looking for eoc */, depth + 1))
-				return 0;
-		} else {
-			if (!CBB_add_bytes(out_contents, CBS_data(&contents),
-			    CBS_len(&contents)))
-				return 0;
-		}
-
-		if (out_contents != out && !CBB_flush(out))
-			return 0;
-	}
-
-	return looking_for_eoc == 0;
-}
-
-int
-CBS_asn1_indefinite_to_definite(CBS *in, uint8_t **out, size_t *out_len)
-{
-	CBB cbb;
-
-	/*
-	 * First, do a quick walk to find any indefinite-length elements. Most
-	 * of the time we hope that there aren't any and thus we can quickly
-	 * return.
-	 */
-	char conversion_needed;
-	if (!cbs_find_indefinite(in, &conversion_needed, 0))
-		return 0;
-
-	if (!conversion_needed) {
-		*out = NULL;
-		*out_len = 0;
-		return 1;
-	}
-
-	if (!CBB_init(&cbb, CBS_len(in)))
-		return 0;
-	if (!cbs_convert_indefinite(in, &cbb, 0, 0, 0)) {
-		CBB_cleanup(&cbb);
-		return 0;
-	}
-
-	return CBB_finish(&cbb, out, out_len);
-}
diff --git a/lib/libssl/src/ssl/bs_cbb.c b/lib/libssl/src/ssl/bs_cbb.c
deleted file mode 100644
index 3f8e08e0e35..00000000000
--- a/lib/libssl/src/ssl/bs_cbb.c
+++ /dev/null
@@ -1,442 +0,0 @@
-/*	$OpenBSD: bs_cbb.c,v 1.13 2015/09/01 13:35:39 jsing Exp $	*/
-/*
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#include <assert.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#include "bytestring.h"
-
-static int
-cbb_init(CBB *cbb, uint8_t *buf, size_t cap)
-{
-	struct cbb_buffer_st *base;
-
-	base = malloc(sizeof(struct cbb_buffer_st));
-	if (base == NULL)
-		return 0;
-
-	base->buf = buf;
-	base->len = 0;
-	base->cap = cap;
-	base->can_resize = 1;
-
-	cbb->base = base;
-	cbb->is_top_level = 1;
-
-	return 1;
-}
-
-int
-CBB_init(CBB *cbb, size_t initial_capacity)
-{
-	uint8_t *buf = NULL;
-
-	memset(cbb, 0, sizeof(*cbb));
-
-	if (initial_capacity > 0) {
-		if ((buf = malloc(initial_capacity)) == NULL)
-			return 0;
-	}
-
-	if (!cbb_init(cbb, buf, initial_capacity)) {
-		free(buf);
-		return 0;
-	}
-
-	return 1;
-}
-
-int
-CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len)
-{
-	memset(cbb, 0, sizeof(*cbb));
-
-	if (!cbb_init(cbb, buf, len))
-		return 0;
-
-	cbb->base->can_resize = 0;
-
-	return 1;
-}
-
-void
-CBB_cleanup(CBB *cbb)
-{
-	if (cbb->base) {
-		if (cbb->base->can_resize)
-			free(cbb->base->buf);
-
-		free(cbb->base);
-	}
-	cbb->base = NULL;
-}
-
-static int
-cbb_buffer_add(struct cbb_buffer_st *base, uint8_t **out, size_t len)
-{
-	size_t newlen;
-
-	if (base == NULL)
-		return 0;
-
-	newlen = base->len + len;
-	if (newlen < base->len)
-		/* Overflow */
-		return 0;
-
-	if (newlen > base->cap) {
-		size_t newcap = base->cap * 2;
-		uint8_t *newbuf;
-
-		if (!base->can_resize)
-			return 0;
-
-		if (newcap < base->cap || newcap < newlen)
-			newcap = newlen;
-
-		newbuf = realloc(base->buf, newcap);
-		if (newbuf == NULL)
-			return 0;
-
-		base->buf = newbuf;
-		base->cap = newcap;
-	}
-
-	if (out)
-		*out = base->buf + base->len;
-
-	base->len = newlen;
-	return 1;
-}
-
-static int
-cbb_add_u(CBB *cbb, uint32_t v, size_t len_len)
-{
-	uint8_t *buf;
-	size_t i;
-
-	if (len_len == 0)
-		return 1;
-
-	if (len_len > 4)
-		return 0;
-
-	if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, &buf, len_len))
-		return 0;
-
-	for (i = len_len - 1; i < len_len; i--) {
-		buf[i] = v;
-		v >>= 8;
-	}
-	return 1;
-}
-
-int
-CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len)
-{
-	if (!cbb->is_top_level)
-		return 0;
-
-	if (!CBB_flush(cbb))
-		return 0;
-
-	if (cbb->base->can_resize && (out_data == NULL || out_len == NULL))
-		/*
-		 * |out_data| and |out_len| can only be NULL if the CBB is
-		 * fixed.
-		 */
-		return 0;
-
-	if (out_data != NULL)
-		*out_data = cbb->base->buf;
-
-	if (out_len != NULL)
-		*out_len = cbb->base->len;
-
-	cbb->base->buf = NULL;
-	CBB_cleanup(cbb);
-	return 1;
-}
-
-/*
- * CBB_flush recurses and then writes out any pending length prefix. The current
- * length of the underlying base is taken to be the length of the
- * length-prefixed data.
- */
-int
-CBB_flush(CBB *cbb)
-{
-	size_t child_start, i, len;
-
-	if (cbb->base == NULL)
-		return 0;
-
-	if (cbb->child == NULL || cbb->pending_len_len == 0)
-		return 1;
-
-	child_start = cbb->offset + cbb->pending_len_len;
-
-	if (!CBB_flush(cbb->child) || child_start < cbb->offset ||
-	    cbb->base->len < child_start)
-		return 0;
-
-	len = cbb->base->len - child_start;
-
-	if (cbb->pending_is_asn1) {
-		/*
-		 * For ASN.1, we assumed that we were using short form which
-		 * only requires a single byte for the length octet.
-		 *
-		 * If it turns out that we need long form, we have to move
-		 * the contents along in order to make space for more length
-		 * octets.
-		 */
-		size_t len_len = 1;  /* total number of length octets */
-		uint8_t initial_length_byte;
-
-		/* We already wrote 1 byte for the length. */
-		assert (cbb->pending_len_len == 1);
-
-		/* Check for long form */
-		if (len > 0xfffffffe)
-			return 0;	/* 0xffffffff is reserved */
-		else if (len > 0xffffff)
-			len_len = 5;
-		else if (len > 0xffff)
-			len_len = 4;
-		else if (len > 0xff)
-			len_len = 3;
-		else if (len > 0x7f)
-			len_len = 2;
-
-		if (len_len == 1) {
-			/* For short form, the initial byte is the length. */
-			initial_length_byte = len;
-			len = 0;
-
-		} else {
-			/*
-			 * For long form, the initial byte is the number of
-			 * subsequent length octets (plus bit 8 set).
-			 */
-			initial_length_byte = 0x80 | (len_len - 1);
-
-			/*
-			 * We need to move the contents along in order to make
-			 * space for the long form length octets.
-			 */
-			size_t extra_bytes = len_len - 1;
-			if (!cbb_buffer_add(cbb->base, NULL, extra_bytes))
-				return 0;
-
-			memmove(cbb->base->buf + child_start + extra_bytes,
-			    cbb->base->buf + child_start, len);
-		}
-		cbb->base->buf[cbb->offset++] = initial_length_byte;
-		cbb->pending_len_len = len_len - 1;
-	}
-
-	for (i = cbb->pending_len_len - 1; i < cbb->pending_len_len; i--) {
-		cbb->base->buf[cbb->offset + i] = len;
-		len >>= 8;
-	}
-	if (len != 0)
-		return 0;
-
-	cbb->child->base = NULL;
-	cbb->child = NULL;
-	cbb->pending_len_len = 0;
-	cbb->pending_is_asn1 = 0;
-	cbb->offset = 0;
-
-	return 1;
-}
-
-
-static int
-cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len)
-{
-	uint8_t *prefix_bytes;
-
-	if (!CBB_flush(cbb))
-		return 0;
-
-	cbb->offset = cbb->base->len;
-	if (!cbb_buffer_add(cbb->base, &prefix_bytes, len_len))
-		return 0;
-
-	memset(prefix_bytes, 0, len_len);
-	memset(out_contents, 0, sizeof(CBB));
-	out_contents->base = cbb->base;
-	cbb->child = out_contents;
-	cbb->pending_len_len = len_len;
-	cbb->pending_is_asn1 = 0;
-
-	return 1;
-}
-
-int
-CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents)
-{
-	return cbb_add_length_prefixed(cbb, out_contents, 1);
-}
-
-int
-CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents)
-{
-	return cbb_add_length_prefixed(cbb, out_contents, 2);
-}
-
-int
-CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents)
-{
-	return cbb_add_length_prefixed(cbb, out_contents, 3);
-}
-
-int
-CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned int tag)
-{
-	if (tag > UINT8_MAX)
-		return 0;
-
-	/* Long form identifier octets are not supported. */
-	if ((tag & 0x1f) == 0x1f)
-		return 0;
-
-	/* Short-form identifier octet only needs a single byte */
-	if (!CBB_flush(cbb) || !CBB_add_u8(cbb, tag))
-		return 0;
-
-	/*
-	 * Add 1 byte to cover the short-form length octet case.  If it turns
-	 * out we need long-form, it will be extended later.
-	 */
-	cbb->offset = cbb->base->len;
-	if (!CBB_add_u8(cbb, 0))
-		return 0;
-
-	memset(out_contents, 0, sizeof(CBB));
-	out_contents->base = cbb->base;
-	cbb->child = out_contents;
-	cbb->pending_len_len = 1;
-	cbb->pending_is_asn1 = 1;
-
-	return 1;
-}
-
-int
-CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len)
-{
-	uint8_t *dest;
-
-	if (!CBB_add_space(cbb, &dest, len))
-		return 0;
-
-	memcpy(dest, data, len);
-	return 1;
-}
-
-int
-CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len)
-{
-	if (!CBB_flush(cbb) || !cbb_buffer_add(cbb->base, out_data, len))
-		return 0;
-
-	return 1;
-}
-
-int
-CBB_add_u8(CBB *cbb, size_t value)
-{
-	if (value > UINT8_MAX)
-		return 0;
-
-	return cbb_add_u(cbb, (uint32_t)value, 1);
-}
-
-int
-CBB_add_u16(CBB *cbb, size_t value)
-{
-	if (value > UINT16_MAX)
-		return 0;
-
-	return cbb_add_u(cbb, (uint32_t)value, 2);
-}
-
-int
-CBB_add_u24(CBB *cbb, size_t value)
-{
-	if (value > 0xffffffUL)
-		return 0;
-
-	return cbb_add_u(cbb, (uint32_t)value, 3);
-}
-
-int
-CBB_add_asn1_uint64(CBB *cbb, uint64_t value)
-{
-	CBB child;
-	size_t i;
-	int started = 0;
-
-	if (!CBB_add_asn1(cbb, &child, CBS_ASN1_INTEGER))
-		return 0;
-
-	for (i = 0; i < 8; i++) {
-		uint8_t byte = (value >> 8 * (7 - i)) & 0xff;
-
-		/*
-		 * ASN.1 restriction: first 9 bits cannot be all zeroes or
-		 * all ones.  Since this function only encodes unsigned
-		 * integers, the only concerns are not encoding leading
-		 * zeros and adding a padding byte if necessary.
-		 *
-		 * In practice, this means:
-		 * 1) Skip leading octets of all zero bits in the value
-		 * 2) After skipping the leading zero octets, if the next 9
-		 *    bits are all ones, add an all zero prefix octet (and
-		 *    set the high bit of the prefix octet if negative).
-		 *
-		 * Additionally, for an unsigned value, add an all zero
-		 * prefix if the high bit of the first octet would be one.
-		 */
-		if (!started) {
-			if (byte == 0)
-				/* Don't encode leading zeros. */
-				continue;
-
-			/*
-			 * If the high bit is set, add a padding byte to make it
-			 * unsigned.
-			 */
-			if ((byte & 0x80) && !CBB_add_u8(&child, 0))
-				return 0;
-
-			started = 1;
-		}
-		if (!CBB_add_u8(&child, byte))
-			return 0;
-	}
-
-	/* 0 is encoded as a single 0, not the empty string. */
-	if (!started && !CBB_add_u8(&child, 0))
-		return 0;
-
-	return CBB_flush(cbb);
-}
diff --git a/lib/libssl/src/ssl/bs_cbs.c b/lib/libssl/src/ssl/bs_cbs.c
deleted file mode 100644
index ea1f0108f61..00000000000
--- a/lib/libssl/src/ssl/bs_cbs.c
+++ /dev/null
@@ -1,511 +0,0 @@
-/*	$OpenBSD: bs_cbs.c,v 1.17 2015/06/24 09:44:18 jsing Exp $	*/
-/*
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#include <assert.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-
-#include "bytestring.h"
-
-void
-CBS_init(CBS *cbs, const uint8_t *data, size_t len)
-{
-	cbs->data = data;
-	cbs->initial_len = len;
-	cbs->len = len;
-}
-
-void
-CBS_dup(const CBS *cbs, CBS *out)
-{
-	CBS_init(out, CBS_data(cbs), CBS_len(cbs));
-	out->initial_len = cbs->initial_len;
-}
-
-static int
-cbs_get(CBS *cbs, const uint8_t **p, size_t n)
-{
-	if (cbs->len < n)
-		return 0;
-
-	*p = cbs->data;
-	cbs->data += n;
-	cbs->len -= n;
-	return 1;
-}
-
-size_t
-CBS_offset(const CBS *cbs)
-{
-	return cbs->initial_len - cbs->len;
-}
-
-int
-CBS_skip(CBS *cbs, size_t len)
-{
-	const uint8_t *dummy;
-	return cbs_get(cbs, &dummy, len);
-}
-
-const uint8_t *
-CBS_data(const CBS *cbs)
-{
-	return cbs->data;
-}
-
-size_t
-CBS_len(const CBS *cbs)
-{
-	return cbs->len;
-}
-
-int
-CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len)
-{
-	free(*out_ptr);
-	*out_ptr = NULL;
-	*out_len = 0;
-
-	if (cbs->len == 0)
-		return 1;
-
-	if ((*out_ptr = malloc(cbs->len)) == NULL)
-		return 0;
-
-	memcpy(*out_ptr, cbs->data, cbs->len);
-
-	*out_len = cbs->len;
-	return 1;
-}
-
-int
-CBS_strdup(const CBS *cbs, char **out_ptr)
-{
-	free(*out_ptr);
-	*out_ptr = strndup((const char *)cbs->data, cbs->len);
-	return (*out_ptr != NULL);
-}
-
-int
-CBS_write_bytes(const CBS *cbs, uint8_t *dst, size_t dst_len, size_t *copied)
-{
-	if (dst_len < cbs->len)
-		return 0;
-
-	memmove(dst, cbs->data, cbs->len);
-
-	if (copied != NULL)
-		*copied = cbs->len;
-
-	return 1;
-}
-
-int
-CBS_contains_zero_byte(const CBS *cbs)
-{
-	return memchr(cbs->data, 0, cbs->len) != NULL;
-}
-
-int
-CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len)
-{
-	if (len != cbs->len)
-		return 0;
-
-	return timingsafe_memcmp(cbs->data, data, len) == 0;
-}
-
-static int
-cbs_get_u(CBS *cbs, uint32_t *out, size_t len)
-{
-	uint32_t result = 0;
-	size_t i;
-	const uint8_t *data;
-
-	if (len < 1 || len > 4)
-		return 0;
-
-	if (!cbs_get(cbs, &data, len))
-		return 0;
-
-	for (i = 0; i < len; i++) {
-		result <<= 8;
-		result |= data[i];
-	}
-	*out = result;
-	return 1;
-}
-
-int
-CBS_get_u8(CBS *cbs, uint8_t *out)
-{
-	const uint8_t *v;
-
-	if (!cbs_get(cbs, &v, 1))
-		return 0;
-
-	*out = *v;
-	return 1;
-}
-
-int
-CBS_get_u16(CBS *cbs, uint16_t *out)
-{
-	uint32_t v;
-
-	if (!cbs_get_u(cbs, &v, 2))
-		return 0;
-
-	*out = v;
-	return 1;
-}
-
-int
-CBS_get_u24(CBS *cbs, uint32_t *out)
-{
-	return cbs_get_u(cbs, out, 3);
-}
-
-int
-CBS_get_u32(CBS *cbs, uint32_t *out)
-{
-	return cbs_get_u(cbs, out, 4);
-}
-
-int
-CBS_get_bytes(CBS *cbs, CBS *out, size_t len)
-{
-	const uint8_t *v;
-
-	if (!cbs_get(cbs, &v, len))
-		return 0;
-
-	CBS_init(out, v, len);
-	return 1;
-}
-
-static int
-cbs_get_length_prefixed(CBS *cbs, CBS *out, size_t len_len)
-{
-	uint32_t len;
-
-	if (!cbs_get_u(cbs, &len, len_len))
-		return 0;
-
-	return CBS_get_bytes(cbs, out, len);
-}
-
-int
-CBS_get_u8_length_prefixed(CBS *cbs, CBS *out)
-{
-	return cbs_get_length_prefixed(cbs, out, 1);
-}
-
-int
-CBS_get_u16_length_prefixed(CBS *cbs, CBS *out)
-{
-	return cbs_get_length_prefixed(cbs, out, 2);
-}
-
-int
-CBS_get_u24_length_prefixed(CBS *cbs, CBS *out)
-{
-	return cbs_get_length_prefixed(cbs, out, 3);
-}
-
-int
-CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag,
-    size_t *out_header_len)
-{
-	return cbs_get_any_asn1_element_internal(cbs, out, out_tag,
-	    out_header_len, 1);
-}
-
-/*
- * Review X.690 for details on ASN.1 DER encoding.
- *
- * If non-strict mode is enabled, then DER rules are relaxed
- * for indefinite constructs (violates DER but a little closer to BER).
- * Non-strict mode should only be used by bs_ber.c
- *
- * Sections 8, 10 and 11 for DER encoding
- */
-int
-cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned int *out_tag,
-    size_t *out_header_len, int strict)
-{
-	uint8_t tag, length_byte;
-	CBS header = *cbs;
-	CBS throwaway;
-	size_t len;
-
-	if (out == NULL)
-		out = &throwaway;
-
-	/*
-	 * Get identifier octet and length octet.  Only 1 octet for each
-	 * is a CBS limitation.
-	 */
-	if (!CBS_get_u8(&header, &tag) || !CBS_get_u8(&header, &length_byte))
-		return 0;
-
-	/* CBS limitation: long form tags are not supported. */
-	if ((tag & 0x1f) == 0x1f)
-		return 0;
-
-	if (out_tag != NULL)
-		*out_tag = tag;
-
-	if ((length_byte & 0x80) == 0) {
-		/* Short form length. */
-		len = ((size_t) length_byte) + 2;
-		if (out_header_len != NULL)
-			*out_header_len = 2;
-
-	} else {
-		/* Long form length. */
-		const size_t num_bytes = length_byte & 0x7f;
-		uint32_t len32;
-
-		/* ASN.1 reserved value for future extensions */
-		if (num_bytes == 0x7f)
-			return 0;
-
-		/* Handle indefinite form length */
-		if (num_bytes == 0) {
-			/* DER encoding doesn't allow for indefinite form. */
-			if (strict)
-				return 0;
-
-			/* Primitive cannot use indefinite in BER or DER. */
-			if ((tag & CBS_ASN1_CONSTRUCTED) == 0)
-				return 0;
-
-			/* Constructed, indefinite length allowed in BER. */
-			if (out_header_len != NULL)
-				*out_header_len = 2;
-			return CBS_get_bytes(cbs, out, 2);
-		}
-
-		/* CBS limitation. */
-		if (num_bytes > 4)
-			return 0;
-
-		if (!cbs_get_u(&header, &len32, num_bytes))
-			return 0;
-
-		/* DER has a minimum length octet requirement. */
-		if (len32 < 128)
-			/* Should have used short form instead */
-			return 0;
-
-		if ((len32 >> ((num_bytes - 1) * 8)) == 0)
-			/* Length should have been at least one byte shorter. */
-			return 0;
-
-		len = len32;
-		if (len + 2 + num_bytes < len)
-			/* Overflow. */
-			return 0;
-
-		len += 2 + num_bytes;
-		if (out_header_len != NULL)
-			*out_header_len = 2 + num_bytes;
-	}
-
-	return CBS_get_bytes(cbs, out, len);
-}
-
-static int
-cbs_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value, int skip_header)
-{
-	size_t header_len;
-	unsigned int tag;
-	CBS throwaway;
-
-	if (out == NULL)
-		out = &throwaway;
-
-	if (!CBS_get_any_asn1_element(cbs, out, &tag, &header_len) ||
-	    tag != tag_value)
-		return 0;
-
-	if (skip_header && !CBS_skip(out, header_len)) {
-		assert(0);
-		return 0;
-	}
-
-	return 1;
-}
-
-int
-CBS_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value)
-{
-	return cbs_get_asn1(cbs, out, tag_value, 1 /* skip header */);
-}
-
-int
-CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned int tag_value)
-{
-	return cbs_get_asn1(cbs, out, tag_value, 0 /* include header */);
-}
-
-int
-CBS_peek_asn1_tag(const CBS *cbs, unsigned int tag_value)
-{
-	if (CBS_len(cbs) < 1)
-		return 0;
-
-	/*
-	 * Tag number 31 indicates the start of a long form number.
-	 * This is valid in ASN.1, but CBS only supports short form.
-	 */
-	if ((tag_value & 0x1f) == 0x1f)
-		return 0;
-
-	return CBS_data(cbs)[0] == tag_value;
-}
-
-/* Encoding details are in ASN.1: X.690 section 8.3 */
-int
-CBS_get_asn1_uint64(CBS *cbs, uint64_t *out)
-{
-	CBS bytes;
-	const uint8_t *data;
-	size_t i, len;
-
-	if (!CBS_get_asn1(cbs, &bytes, CBS_ASN1_INTEGER))
-		return 0;
-
-	*out = 0;
-	data = CBS_data(&bytes);
-	len = CBS_len(&bytes);
-
-	if (len == 0)
-		/* An INTEGER is encoded with at least one content octet. */
-		return 0;
-
-	if ((data[0] & 0x80) != 0)
-		/* Negative number. */
-		return 0;
-
-	if (data[0] == 0 && len > 1 && (data[1] & 0x80) == 0)
-		/* Violates smallest encoding rule: excessive leading zeros. */
-		return 0;
-
-	for (i = 0; i < len; i++) {
-		if ((*out >> 56) != 0)
-			/* Too large to represent as a uint64_t. */
-			return 0;
-
-		*out <<= 8;
-		*out |= data[i];
-	}
-
-	return 1;
-}
-
-int
-CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present, unsigned int tag)
-{
-	if (CBS_peek_asn1_tag(cbs, tag)) {
-		if (!CBS_get_asn1(cbs, out, tag))
-			return 0;
-
-		*out_present = 1;
-	} else {
-		*out_present = 0;
-	}
-	return 1;
-}
-
-int
-CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present,
-    unsigned int tag)
-{
-	CBS child;
-	int present;
-
-	if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
-		return 0;
-
-	if (present) {
-		if (!CBS_get_asn1(&child, out, CBS_ASN1_OCTETSTRING) ||
-		    CBS_len(&child) != 0)
-			return 0;
-	} else {
-		CBS_init(out, NULL, 0);
-	}
-	if (out_present)
-		*out_present = present;
-
-	return 1;
-}
-
-int
-CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned int tag,
-    uint64_t default_value)
-{
-	CBS child;
-	int present;
-
-	if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
-		return 0;
-
-	if (present) {
-		if (!CBS_get_asn1_uint64(&child, out) ||
-		    CBS_len(&child) != 0)
-			return 0;
-	} else {
-		*out = default_value;
-	}
-	return 1;
-}
-
-int
-CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned int tag,
-    int default_value)
-{
-	CBS child, child2;
-	int present;
-
-	if (!CBS_get_optional_asn1(cbs, &child, &present, tag))
-		return 0;
-
-	if (present) {
-		uint8_t boolean;
-
-		if (!CBS_get_asn1(&child, &child2, CBS_ASN1_BOOLEAN) ||
-		    CBS_len(&child2) != 1 || CBS_len(&child) != 0)
-			return 0;
-
-		boolean = CBS_data(&child2)[0];
-		if (boolean == 0)
-			*out = 0;
-		else if (boolean == 0xff)
-			*out = 1;
-		else
-			return 0;
-
-	} else {
-		*out = default_value;
-	}
-	return 1;
-}
diff --git a/lib/libssl/src/ssl/bytestring.h b/lib/libssl/src/ssl/bytestring.h
deleted file mode 100644
index 8ea84005b49..00000000000
--- a/lib/libssl/src/ssl/bytestring.h
+++ /dev/null
@@ -1,511 +0,0 @@
-/*	$OpenBSD: bytestring.h,v 1.14 2015/06/19 00:23:36 doug Exp $	*/
-/*
- * Copyright (c) 2014, Google Inc.
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
- * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
- * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
- * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
-
-#ifndef OPENSSL_HEADER_BYTESTRING_H
-#define OPENSSL_HEADER_BYTESTRING_H
-
-#if defined(__cplusplus)
-extern "C" {
-#endif
-
-#include <sys/types.h>
-#include <stdint.h>
-
-#include <openssl/opensslconf.h>
-
-/*
- * Bytestrings are used for parsing and building TLS and ASN.1 messages.
- *
- * A "CBS" (CRYPTO ByteString) represents a string of bytes in memory and
- * provides utility functions for safely parsing length-prefixed structures
- * like TLS and ASN.1 from it.
- *
- * A "CBB" (CRYPTO ByteBuilder) is a memory buffer that grows as needed and
- * provides utility functions for building length-prefixed messages.
- */
-
-/* CRYPTO ByteString */
-typedef struct cbs_st {
-	const uint8_t *data;
-	size_t initial_len;
-	size_t len;
-} CBS;
-
-/*
- * CBS_init sets |cbs| to point to |data|. It does not take ownership of
- * |data|.
- */
-void CBS_init(CBS *cbs, const uint8_t *data, size_t len);
-
-/*
- * CBS_skip advances |cbs| by |len| bytes. It returns one on success and zero
- * otherwise.
- */
-int CBS_skip(CBS *cbs, size_t len);
-
-/*
- * CBS_data returns a pointer to the contents of |cbs|.
- */
-const uint8_t *CBS_data(const CBS *cbs);
-
-/*
- * CBS_len returns the number of bytes remaining in |cbs|.
- */
-size_t CBS_len(const CBS *cbs);
-
-/*
- * CBS_offset returns the current offset into the original data of |cbs|.
- */
-size_t CBS_offset(const CBS *cbs);
-
-/*
- * CBS_stow copies the current contents of |cbs| into |*out_ptr| and
- * |*out_len|. If |*out_ptr| is not NULL, the contents are freed with
- * free. It returns one on success and zero on allocation failure. On
- * success, |*out_ptr| should be freed with free. If |cbs| is empty,
- * |*out_ptr| will be NULL.
- */
-int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len);
-
-/*
- * CBS_strdup copies the current contents of |cbs| into |*out_ptr| as a
- * NUL-terminated C string. If |*out_ptr| is not NULL, the contents are freed
- * with free. It returns one on success and zero on allocation
- * failure. On success, |*out_ptr| should be freed with free.
- *
- * NOTE: If |cbs| contains NUL bytes, the string will be truncated. Call
- * |CBS_contains_zero_byte(cbs)| to check for NUL bytes.
- */
-int CBS_strdup(const CBS *cbs, char **out_ptr);
-
-/*
- * CBS_write_bytes writes all of the remaining data from |cbs| into |dst|
- * if it is at most |dst_len| bytes.  If |copied| is not NULL, it will be set
- * to the amount copied. It returns one on success and zero otherwise.
- */
-int CBS_write_bytes(const CBS *cbs, uint8_t *dst, size_t dst_len,
-    size_t *copied);
-
-/*
- * CBS_contains_zero_byte returns one if the current contents of |cbs| contains
- * a NUL byte and zero otherwise.
- */
-int CBS_contains_zero_byte(const CBS *cbs);
-
-/*
- * CBS_mem_equal compares the current contents of |cbs| with the |len| bytes
- * starting at |data|. If they're equal, it returns one, otherwise zero. If the
- * lengths match, it uses a constant-time comparison.
- */
-int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len);
-
-/*
- * CBS_get_u8 sets |*out| to the next uint8_t from |cbs| and advances |cbs|. It
- * returns one on success and zero on error.
- */
-int CBS_get_u8(CBS *cbs, uint8_t *out);
-
-/*
- * CBS_get_u16 sets |*out| to the next, big-endian uint16_t from |cbs| and
- * advances |cbs|. It returns one on success and zero on error.
- */
-int CBS_get_u16(CBS *cbs, uint16_t *out);
-
-/*
- * CBS_get_u24 sets |*out| to the next, big-endian 24-bit value from |cbs| and
- * advances |cbs|. It returns one on success and zero on error.
- */
-int CBS_get_u24(CBS *cbs, uint32_t *out);
-
-/*
- * CBS_get_u32 sets |*out| to the next, big-endian uint32_t value from |cbs|
- * and advances |cbs|. It returns one on success and zero on error.
- */
-int CBS_get_u32(CBS *cbs, uint32_t *out);
-
-/*
- * CBS_get_bytes sets |*out| to the next |len| bytes from |cbs| and advances
- * |cbs|. It returns one on success and zero on error.
- */
-int CBS_get_bytes(CBS *cbs, CBS *out, size_t len);
-
-/*
- * CBS_get_u8_length_prefixed sets |*out| to the contents of an 8-bit,
- * length-prefixed value from |cbs| and advances |cbs| over it. It returns one
- * on success and zero on error.
- */
-int CBS_get_u8_length_prefixed(CBS *cbs, CBS *out);
-
-/*
- * CBS_get_u16_length_prefixed sets |*out| to the contents of a 16-bit,
- * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It
- * returns one on success and zero on error.
- */
-int CBS_get_u16_length_prefixed(CBS *cbs, CBS *out);
-
-/*
- * CBS_get_u24_length_prefixed sets |*out| to the contents of a 24-bit,
- * big-endian, length-prefixed value from |cbs| and advances |cbs| over it. It
- * returns one on success and zero on error.
- */
-int CBS_get_u24_length_prefixed(CBS *cbs, CBS *out);
-
-
-/* Parsing ASN.1 */
-
-/*
- * While an identifier can be multiple octets, this library only handles the
- * single octet variety currently.  This limits support up to tag number 30
- * since tag number 31 is a reserved value to indicate multiple octets.
- */
-
-/* Bits 8 and 7: class tag type: See X.690 section 8.1.2.2. */
-#define CBS_ASN1_UNIVERSAL		0x00
-#define CBS_ASN1_APPLICATION		0x40
-#define CBS_ASN1_CONTEXT_SPECIFIC	0x80
-#define CBS_ASN1_PRIVATE		0xc0
-
-/* Bit 6: Primitive or constructed: See X.690 section 8.1.2.3. */
-#define CBS_ASN1_PRIMITIVE	0x00
-#define CBS_ASN1_CONSTRUCTED	0x20
-
-/*
- * Bits 5 to 1 are the tag number.  See X.680 section 8.6 for tag numbers of
- * the universal class.
- */
-
-/*
- * Common universal identifier octets.
- * See X.690 section 8.1 and X.680 section 8.6 for universal tag numbers.
- *
- * Note: These definitions are the cause of some of the strange behavior in
- * CBS's bs_ber.c.
- *
- * In BER, it is the sender's option to use primitive or constructed for
- * bitstring (X.690 section 8.6.1) and octetstring (X.690 section 8.7.1).
- *
- * In DER, bitstring and octetstring are required to be primitive
- * (X.690 section 10.2).
- */
-#define CBS_ASN1_BOOLEAN     (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x1)
-#define CBS_ASN1_INTEGER     (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x2)
-#define CBS_ASN1_BITSTRING   (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x3)
-#define CBS_ASN1_OCTETSTRING (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x4)
-#define CBS_ASN1_OBJECT      (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0x6)
-#define CBS_ASN1_ENUMERATED  (CBS_ASN1_UNIVERSAL | CBS_ASN1_PRIMITIVE | 0xa)
-#define CBS_ASN1_SEQUENCE    (CBS_ASN1_UNIVERSAL | CBS_ASN1_CONSTRUCTED | 0x10)
-#define CBS_ASN1_SET         (CBS_ASN1_UNIVERSAL | CBS_ASN1_CONSTRUCTED | 0x11)
-
-/*
- * CBS_get_asn1 sets |*out| to the contents of DER-encoded, ASN.1 element (not
- * including tag and length bytes) and advances |cbs| over it. The ASN.1
- * element must match |tag_value|. It returns one on success and zero
- * on error.
- *
- * Tag numbers greater than 30 are not supported (i.e. short form only).
- */
-int CBS_get_asn1(CBS *cbs, CBS *out, unsigned int tag_value);
-
-/*
- * CBS_get_asn1_element acts like |CBS_get_asn1| but |out| will include the
- * ASN.1 header bytes too.
- */
-int CBS_get_asn1_element(CBS *cbs, CBS *out, unsigned int tag_value);
-
-/*
- * CBS_peek_asn1_tag looks ahead at the next ASN.1 tag and returns one
- * if the next ASN.1 element on |cbs| would have tag |tag_value|. If
- * |cbs| is empty or the tag does not match, it returns zero. Note: if
- * it returns one, CBS_get_asn1 may still fail if the rest of the
- * element is malformed.
- */
-int CBS_peek_asn1_tag(const CBS *cbs, unsigned int tag_value);
-
-/*
- * CBS_get_any_asn1_element sets |*out| to contain the next ASN.1 element from
- * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to
- * the tag number and |*out_header_len| to the length of the ASN.1 header.
- * Each of |out|, |out_tag|, and |out_header_len| may be NULL to ignore
- * the value.
- *
- * Tag numbers greater than 30 are not supported (i.e. short form only).
- */
-int CBS_get_any_asn1_element(CBS *cbs, CBS *out, unsigned int *out_tag,
-    size_t *out_header_len);
-
-/*
- * CBS_get_asn1_uint64 gets an ASN.1 INTEGER from |cbs| using |CBS_get_asn1|
- * and sets |*out| to its value. It returns one on success and zero on error,
- * where error includes the integer being negative, or too large to represent
- * in 64 bits.
- */
-int CBS_get_asn1_uint64(CBS *cbs, uint64_t *out);
-
-/*
- * CBS_get_optional_asn1 gets an optional explicitly-tagged element
- * from |cbs| tagged with |tag| and sets |*out| to its contents. If
- * present, it sets |*out_present| to one, otherwise zero. It returns
- * one on success, whether or not the element was present, and zero on
- * decode failure.
- */
-int CBS_get_optional_asn1(CBS *cbs, CBS *out, int *out_present,
-    unsigned int tag);
-
-/*
- * CBS_get_optional_asn1_octet_string gets an optional
- * explicitly-tagged OCTET STRING from |cbs|. If present, it sets
- * |*out| to the string and |*out_present| to one. Otherwise, it sets
- * |*out| to empty and |*out_present| to zero. |out_present| may be
- * NULL. It returns one on success, whether or not the element was
- * present, and zero on decode failure.
- */
-int CBS_get_optional_asn1_octet_string(CBS *cbs, CBS *out, int *out_present,
-    unsigned int tag);
-
-/*
- * CBS_get_optional_asn1_uint64 gets an optional explicitly-tagged
- * INTEGER from |cbs|. If present, it sets |*out| to the
- * value. Otherwise, it sets |*out| to |default_value|. It returns one
- * on success, whether or not the element was present, and zero on
- * decode failure.
- */
-int CBS_get_optional_asn1_uint64(CBS *cbs, uint64_t *out, unsigned int tag,
-    uint64_t default_value);
-
-/*
- * CBS_get_optional_asn1_bool gets an optional, explicitly-tagged BOOLEAN from
- * |cbs|. If present, it sets |*out| to either zero or one, based on the
- * boolean. Otherwise, it sets |*out| to |default_value|. It returns one on
- * success, whether or not the element was present, and zero on decode
- * failure.
- */
-int CBS_get_optional_asn1_bool(CBS *cbs, int *out, unsigned int tag,
-    int default_value);
-
-
-/*
- * CRYPTO ByteBuilder.
- *
- * |CBB| objects allow one to build length-prefixed serialisations. A |CBB|
- * object is associated with a buffer and new buffers are created with
- * |CBB_init|. Several |CBB| objects can point at the same buffer when a
- * length-prefix is pending, however only a single |CBB| can be 'current' at
- * any one time. For example, if one calls |CBB_add_u8_length_prefixed| then
- * the new |CBB| points at the same buffer as the original. But if the original
- * |CBB| is used then the length prefix is written out and the new |CBB| must
- * not be used again.
- *
- * If one needs to force a length prefix to be written out because a |CBB| is
- * going out of scope, use |CBB_flush|.
- */
-
-struct cbb_buffer_st {
-	uint8_t *buf;
-
-	/* The number of valid bytes. */
-	size_t len;
-
-	/* The size of buf. */
-	size_t cap;
-
-	/*
-	 * One iff |buf| is owned by this object. If not then |buf| cannot be
-	 * resized.
-	 */
-	char can_resize;
-};
-
-typedef struct cbb_st {
-	struct cbb_buffer_st *base;
-
-	/*
-	 * offset is the offset from the start of |base->buf| to the position of any
-	 * pending length-prefix.
-	 */
-	size_t offset;
-
-	/* child points to a child CBB if a length-prefix is pending. */
-	struct cbb_st *child;
-
-	/*
-	 * pending_len_len contains the number of bytes in a pending length-prefix,
-	 * or zero if no length-prefix is pending.
-	 */
-	uint8_t pending_len_len;
-
-	char pending_is_asn1;
-
-	/*
-	 * is_top_level is true iff this is a top-level |CBB| (as opposed to a child
-	 * |CBB|). Top-level objects are valid arguments for |CBB_finish|.
-	 */
-	char is_top_level;
-} CBB;
-
-/*
- * CBB_init initialises |cbb| with |initial_capacity|. Since a |CBB| grows as
- * needed, the |initial_capacity| is just a hint. It returns one on success or
- * zero on error.
- */
-int CBB_init(CBB *cbb, size_t initial_capacity);
-
-/*
- * CBB_init_fixed initialises |cbb| to write to |len| bytes at |buf|. Since
- * |buf| cannot grow, trying to write more than |len| bytes will cause CBB
- * functions to fail. It returns one on success or zero on error.
- */
-int CBB_init_fixed(CBB *cbb, uint8_t *buf, size_t len);
-
-/*
- * CBB_cleanup frees all resources owned by |cbb| and other |CBB| objects
- * writing to the same buffer. This should be used in an error case where a
- * serialisation is abandoned.
- */
-void CBB_cleanup(CBB *cbb);
-
-/*
- * CBB_finish completes any pending length prefix and sets |*out_data| to a
- * malloced buffer and |*out_len| to the length of that buffer. The caller
- * takes ownership of the buffer and, unless the buffer was fixed with
- * |CBB_init_fixed|, must call |free| when done.
- *
- * It can only be called on a "top level" |CBB|, i.e. one initialised with
- * |CBB_init| or |CBB_init_fixed|. It returns one on success and zero on
- * error.
- */
-int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len);
-
-/*
- * CBB_flush causes any pending length prefixes to be written out and any child
- * |CBB| objects of |cbb| to be invalidated. It returns one on success or zero
- * on error.
- */
-int CBB_flush(CBB *cbb);
-
-/*
- * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The
- * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit
- * length. It returns one on success or zero on error.
- */
-int CBB_add_u8_length_prefixed(CBB *cbb, CBB *out_contents);
-
-/*
- * CBB_add_u16_length_prefixed sets |*out_contents| to a new child of |cbb|.
- * The data written to |*out_contents| will be prefixed in |cbb| with a 16-bit,
- * big-endian length. It returns one on success or zero on error.
- */
-int CBB_add_u16_length_prefixed(CBB *cbb, CBB *out_contents);
-
-/*
- * CBB_add_u24_length_prefixed sets |*out_contents| to a new child of |cbb|.
- * The data written to |*out_contents| will be prefixed in |cbb| with a 24-bit,
- * big-endian length. It returns one on success or zero on error.
- */
-int CBB_add_u24_length_prefixed(CBB *cbb, CBB *out_contents);
-
-/*
- * CBB_add_asn sets |*out_contents| to a |CBB| into which the contents of an
- * ASN.1 object can be written. The |tag| argument will be used as the tag for
- * the object. Passing in |tag| number 31 will return in an error since only
- * single octet identifiers are supported. It returns one on success or zero
- * on error.
- */
-int CBB_add_asn1(CBB *cbb, CBB *out_contents, unsigned int tag);
-
-/*
- * CBB_add_bytes appends |len| bytes from |data| to |cbb|. It returns one on
- * success and zero otherwise.
- */
-int CBB_add_bytes(CBB *cbb, const uint8_t *data, size_t len);
-
-/*
- * CBB_add_space appends |len| bytes to |cbb| and sets |*out_data| to point to
- * the beginning of that space. The caller must then write |len| bytes of
- * actual contents to |*out_data|. It returns one on success and zero
- * otherwise.
- */
-int CBB_add_space(CBB *cbb, uint8_t **out_data, size_t len);
-
-/*
- * CBB_add_u8 appends an 8-bit number from |value| to |cbb|. It returns one on
- * success and zero otherwise.
- */
-int CBB_add_u8(CBB *cbb, size_t value);
-
-/*
- * CBB_add_u8 appends a 16-bit, big-endian number from |value| to |cbb|. It
- * returns one on success and zero otherwise.
- */
-int CBB_add_u16(CBB *cbb, size_t value);
-
-/*
- * CBB_add_u24 appends a 24-bit, big-endian number from |value| to |cbb|. It
- * returns one on success and zero otherwise.
- */
-int CBB_add_u24(CBB *cbb, size_t value);
-
-/*
- * CBB_add_asn1_uint64 writes an ASN.1 INTEGER into |cbb| using |CBB_add_asn1|
- * and writes |value| in its contents. It returns one on success and zero on
- * error.
- */
-int CBB_add_asn1_uint64(CBB *cbb, uint64_t value);
-
-#ifdef LIBRESSL_INTERNAL
-/*
- * CBS_dup sets |out| to point to cbs's |data| and |len|.  It results in two
- * CBS that point to the same buffer.
- */
-void CBS_dup(const CBS *cbs, CBS *out);
-
-/*
- * cbs_get_any_asn1_element sets |*out| to contain the next ASN.1 element from
- * |*cbs| (including header bytes) and advances |*cbs|. It sets |*out_tag| to
- * the tag number and |*out_header_len| to the length of the ASN.1 header. If
- * strict mode is disabled and the element has indefinite length then |*out|
- * will only contain the header. Each of |out|, |out_tag|, and
- * |out_header_len| may be NULL to ignore the value.
- *
- * Tag numbers greater than 30 are not supported (i.e. short form only).
- */
-int cbs_get_any_asn1_element_internal(CBS *cbs, CBS *out, unsigned int *out_tag,
-    size_t *out_header_len, int strict);
-
-/*
- * CBS_asn1_indefinite_to_definite reads an ASN.1 structure from |in|. If it
- * finds indefinite-length elements that otherwise appear to be valid DER, it
- * attempts to convert the DER-like data to DER and sets |*out| and
- * |*out_length| to describe a malloced buffer containing the DER data.
- * Additionally, |*in| will be advanced over the ASN.1 data.
- *
- * If it doesn't find any indefinite-length elements then it sets |*out| to
- * NULL and |*in| is unmodified.
- *
- * This is NOT a conversion from BER to DER.  There are many restrictions when
- * dealing with DER data.  This is only concerned with one: indefinite vs.
- * definite form. However, this suffices to handle the PKCS#7 and PKCS#12 output
- * from NSS.
- *
- * It returns one on success and zero otherwise.
- */
-int CBS_asn1_indefinite_to_definite(CBS *in, uint8_t **out, size_t *out_len);
-#endif /* LIBRESSL_INTERNAL */
-
-#if defined(__cplusplus)
-}  /* extern C */
-#endif
-
-#endif  /* OPENSSL_HEADER_BYTESTRING_H */
diff --git a/lib/libssl/src/ssl/d1_both.c b/lib/libssl/src/ssl/d1_both.c
deleted file mode 100644
index bce084f1eef..00000000000
--- a/lib/libssl/src/ssl/d1_both.c
+++ /dev/null
@@ -1,1374 +0,0 @@
-/* $OpenBSD: d1_both.c,v 1.39 2016/03/06 14:52:15 beck Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "pqueue.h"
-#include "bytestring.h"
-
-#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
-
-#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \
-			if ((end) - (start) <= 8) { \
-				long ii; \
-				for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \
-			} else { \
-				long ii; \
-				bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \
-				for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \
-				bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \
-			} }
-
-#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \
-			long ii; \
-			OPENSSL_assert((msg_len) > 0); \
-			is_complete = 1; \
-			if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \
-			if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \
-				if (bitmask[ii] != 0xff) { is_complete = 0; break; } }
-
-static unsigned char bitmask_start_values[] = {
-	0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80
-};
-static unsigned char bitmask_end_values[] = {
-	0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f
-};
-
-/* XDTLS:  figure out the right values */
-static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
-
-static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
-static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
-    unsigned long frag_len);
-static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
-static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
-    unsigned long len, unsigned short seq_num, unsigned long frag_off,
-    unsigned long frag_len);
-static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
-    int *ok);
-
-static hm_fragment *
-dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
-{
-	hm_fragment *frag = NULL;
-	unsigned char *buf = NULL;
-	unsigned char *bitmask = NULL;
-
-	frag = malloc(sizeof(hm_fragment));
-	if (frag == NULL)
-		return NULL;
-
-	if (frag_len) {
-		buf = malloc(frag_len);
-		if (buf == NULL) {
-			free(frag);
-			return NULL;
-		}
-	}
-
-	/* zero length fragment gets zero frag->fragment */
-	frag->fragment = buf;
-
-	/* Initialize reassembly bitmask if necessary */
-	if (reassembly) {
-		bitmask = malloc(RSMBLY_BITMASK_SIZE(frag_len));
-		if (bitmask == NULL) {
-			free(buf);
-			free(frag);
-			return NULL;
-		}
-		memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
-	}
-
-	frag->reassembly = bitmask;
-
-	return frag;
-}
-
-static void
-dtls1_hm_fragment_free(hm_fragment *frag)
-{
-	if (frag == NULL)
-		return;
-
-	if (frag->msg_header.is_ccs) {
-		EVP_CIPHER_CTX_free(
-		    frag->msg_header.saved_retransmit_state.enc_write_ctx);
-		EVP_MD_CTX_destroy(
-		    frag->msg_header.saved_retransmit_state.write_hash);
-	}
-	free(frag->fragment);
-	free(frag->reassembly);
-	free(frag);
-}
-
-/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
-int
-dtls1_do_write(SSL *s, int type)
-{
-	int ret;
-	int curr_mtu;
-	unsigned int len, frag_off, mac_size, blocksize;
-
-	/* AHA!  Figure out the MTU, and stick to the right size */
-	if (s->d1->mtu < dtls1_min_mtu() &&
-	    !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
-		s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
-		    BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-
-		/*
-		 * I've seen the kernel return bogus numbers when it
-		 * doesn't know the MTU (ie., the initial write), so just
-		 * make sure we have a reasonable number
-		 */
-		if (s->d1->mtu < dtls1_min_mtu()) {
-			s->d1->mtu = 0;
-			s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
-			BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
-			    s->d1->mtu, NULL);
-		}
-	}
-
-	OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());
-	/* should have something reasonable now */
-
-	if (s->init_off == 0  && type == SSL3_RT_HANDSHAKE)
-		OPENSSL_assert(s->init_num ==
-		    (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
-
-	if (s->write_hash)
-		mac_size = EVP_MD_CTX_size(s->write_hash);
-	else
-		mac_size = 0;
-
-	if (s->enc_write_ctx &&
-	    (EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
-		blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
-	else
-		blocksize = 0;
-
-	frag_off = 0;
-	while (s->init_num) {
-		curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
-		    DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
-
-		if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
-			/* grr.. we could get an error if MTU picked was wrong */
-			ret = BIO_flush(SSL_get_wbio(s));
-			if (ret <= 0)
-				return ret;
-			curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
-			    mac_size - blocksize;
-		}
-
-		if (s->init_num > curr_mtu)
-			len = curr_mtu;
-		else
-			len = s->init_num;
-
-
-		/* XDTLS: this function is too long.  split out the CCS part */
-		if (type == SSL3_RT_HANDSHAKE) {
-			if (s->init_off != 0) {
-				OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
-				s->init_off -= DTLS1_HM_HEADER_LENGTH;
-				s->init_num += DTLS1_HM_HEADER_LENGTH;
-
-				if (s->init_num > curr_mtu)
-					len = curr_mtu;
-				else
-					len = s->init_num;
-			}
-
-			dtls1_fix_message_header(s, frag_off,
-			    len - DTLS1_HM_HEADER_LENGTH);
-
-			dtls1_write_message_header(s,
-			    (unsigned char *)&s->init_buf->data[s->init_off]);
-
-			OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
-		}
-
-		ret = dtls1_write_bytes(s, type,
-		    &s->init_buf->data[s->init_off], len);
-		if (ret < 0) {
-			/*
-			 * Might need to update MTU here, but we don't know
-			 * which previous packet caused the failure -- so
-			 * can't really retransmit anything.  continue as
-			 * if everything is fine and wait for an alert to
-			 * handle the retransmit
-			 */
-			if (BIO_ctrl(SSL_get_wbio(s),
-			    BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)
-				s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
-				    BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
-			else
-				return (-1);
-		} else {
-
-			/*
-			 * Bad if this assert fails, only part of the
-			 * handshake message got sent.  but why would
-			 * this happen?
-			 */
-			OPENSSL_assert(len == (unsigned int)ret);
-
-			if (type == SSL3_RT_HANDSHAKE &&
-			    !s->d1->retransmitting) {
-				/*
-				 * Should not be done for 'Hello Request's,
-				 * but in that case we'll ignore the result
-				 * anyway
-				 */
-				unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
-				const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-				int xlen;
-
-				if (frag_off == 0) {
-					/*
-					 * Reconstruct message header is if it
-					 * is being sent in single fragment
-					 */
-					*p++ = msg_hdr->type;
-					l2n3(msg_hdr->msg_len, p);
-					s2n (msg_hdr->seq, p);
-					l2n3(0, p);
-					l2n3(msg_hdr->msg_len, p);
-					p -= DTLS1_HM_HEADER_LENGTH;
-					xlen = ret;
-				} else {
-					p += DTLS1_HM_HEADER_LENGTH;
-					xlen = ret - DTLS1_HM_HEADER_LENGTH;
-				}
-
-				tls1_finish_mac(s, p, xlen);
-			}
-
-			if (ret == s->init_num) {
-				if (s->msg_callback)
-					s->msg_callback(1, s->version, type,
-					    s->init_buf->data,
-					    (size_t)(s->init_off + s->init_num),
-					    s, s->msg_callback_arg);
-
-				s->init_off = 0;
-				/* done writing this message */
-				s->init_num = 0;
-
-				return (1);
-			}
-			s->init_off += ret;
-			s->init_num -= ret;
-			frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
-		}
-	}
-	return (0);
-}
-
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1),
- * maximum acceptable body length 'max'.
- * Read an entire handshake message.  Handshake messages arrive in
- * fragments.
- */
-long
-dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
-	int i, al;
-	struct hm_header_st *msg_hdr;
-	unsigned char *p;
-	unsigned long msg_len;
-
-	/*
-	 * s3->tmp is used to store messages that are unexpected, caused
-	 * by the absence of an optional handshake message
-	 */
-	if (s->s3->tmp.reuse_message) {
-		s->s3->tmp.reuse_message = 0;
-		if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_DTLS1_GET_MESSAGE,
-			    SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-		}
-		*ok = 1;
-		s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-		s->init_num = (int)s->s3->tmp.message_size;
-		return s->init_num;
-	}
-
-	msg_hdr = &s->d1->r_msg_hdr;
-	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
-again:
-	i = dtls1_get_message_fragment(s, st1, stn, max, ok);
-	if (i == DTLS1_HM_BAD_FRAGMENT ||
-	    i == DTLS1_HM_FRAGMENT_RETRY)  /* bad fragment received */
-		goto again;
-	else if (i <= 0 && !*ok)
-		return i;
-
-	p = (unsigned char *)s->init_buf->data;
-	msg_len = msg_hdr->msg_len;
-
-	/* reconstruct message header */
-	*(p++) = msg_hdr->type;
-	l2n3(msg_len, p);
-	s2n (msg_hdr->seq, p);
-	l2n3(0, p);
-	l2n3(msg_len, p);
-
-	p -= DTLS1_HM_HEADER_LENGTH;
-	msg_len += DTLS1_HM_HEADER_LENGTH;
-
-	tls1_finish_mac(s, p, msg_len);
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
-		    s, s->msg_callback_arg);
-
-	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
-
-	/* Don't change sequence numbers while listening */
-	if (!s->d1->listen)
-		s->d1->handshake_read_seq++;
-
-	s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-	return s->init_num;
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	*ok = 0;
-	return -1;
-}
-
-
-static int
-dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
-{
-	size_t frag_off, frag_len, msg_len;
-
-	msg_len = msg_hdr->msg_len;
-	frag_off = msg_hdr->frag_off;
-	frag_len = msg_hdr->frag_len;
-
-	/* sanity checking */
-	if ((frag_off + frag_len) > msg_len) {
-		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,
-		    SSL_R_EXCESSIVE_MESSAGE_SIZE);
-		return SSL_AD_ILLEGAL_PARAMETER;
-	}
-
-	if ((frag_off + frag_len) > (unsigned long)max) {
-		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,
-		    SSL_R_EXCESSIVE_MESSAGE_SIZE);
-		return SSL_AD_ILLEGAL_PARAMETER;
-	}
-
-	if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
-	{
-		/*
-		 * msg_len is limited to 2^24, but is effectively checked
-		 * against max above
-		 */
-		if (!BUF_MEM_grow_clean(s->init_buf,
-		    msg_len + DTLS1_HM_HEADER_LENGTH)) {
-			SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
-			return SSL_AD_INTERNAL_ERROR;
-		}
-
-		s->s3->tmp.message_size = msg_len;
-		s->d1->r_msg_hdr.msg_len = msg_len;
-		s->s3->tmp.message_type = msg_hdr->type;
-		s->d1->r_msg_hdr.type = msg_hdr->type;
-		s->d1->r_msg_hdr.seq = msg_hdr->seq;
-	} else if (msg_len != s->d1->r_msg_hdr.msg_len) {
-		/*
-		 * They must be playing with us! BTW, failure to enforce
-		 * upper limit would open possibility for buffer overrun.
-		 */
-		SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,
-		    SSL_R_EXCESSIVE_MESSAGE_SIZE);
-		return SSL_AD_ILLEGAL_PARAMETER;
-	}
-
-	return 0; /* no error */
-}
-
-static int
-dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
-{
-	/*
-	 * (0) check whether the desired fragment is available
-	 * if so:
-	 * (1) copy over the fragment to s->init_buf->data[]
-	 * (2) update s->init_num
-	 */
-	pitem *item;
-	hm_fragment *frag;
-	int al;
-
-	*ok = 0;
-	item = pqueue_peek(s->d1->buffered_messages);
-	if (item == NULL)
-		return 0;
-
-	frag = (hm_fragment *)item->data;
-
-	/* Don't return if reassembly still in progress */
-	if (frag->reassembly != NULL)
-		return 0;
-
-	if (s->d1->handshake_read_seq == frag->msg_header.seq) {
-		unsigned long frag_len = frag->msg_header.frag_len;
-		pqueue_pop(s->d1->buffered_messages);
-
-		al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
-
-		if (al == 0) /* no alert */
-		{
-			unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-			memcpy(&p[frag->msg_header.frag_off],
-			    frag->fragment, frag->msg_header.frag_len);
-		}
-
-		dtls1_hm_fragment_free(frag);
-		pitem_free(item);
-
-		if (al == 0) {
-			*ok = 1;
-			return frag_len;
-		}
-
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-		s->init_num = 0;
-		*ok = 0;
-		return -1;
-	} else
-		return 0;
-}
-
-/*
- * dtls1_max_handshake_message_len returns the maximum number of bytes
- * permitted in a DTLS handshake message for |s|. The minimum is 16KB,
- * but may be greater if the maximum certificate list size requires it.
- */
-static unsigned long
-dtls1_max_handshake_message_len(const SSL *s)
-{
-	unsigned long max_len;
-
-	max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
-	if (max_len < (unsigned long)s->max_cert_list)
-		return s->max_cert_list;
-	return max_len;
-}
-
-static int
-dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
-{
-	hm_fragment *frag = NULL;
-	pitem *item = NULL;
-	int i = -1, is_complete;
-	unsigned char seq64be[8];
-	unsigned long frag_len = msg_hdr->frag_len;
-
-	if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
-	    msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
-		goto err;
-
-	if (frag_len == 0) {
-		i = DTLS1_HM_FRAGMENT_RETRY;
-		goto err;
-	}
-
-	/* Try to find item in queue */
-	memset(seq64be, 0, sizeof(seq64be));
-	seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
-	seq64be[7] = (unsigned char)msg_hdr->seq;
-	item = pqueue_find(s->d1->buffered_messages, seq64be);
-
-	if (item == NULL) {
-		frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
-		if (frag == NULL)
-			goto err;
-		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-		frag->msg_header.frag_len = frag->msg_header.msg_len;
-		frag->msg_header.frag_off = 0;
-	} else {
-		frag = (hm_fragment*)item->data;
-		if (frag->msg_header.msg_len != msg_hdr->msg_len) {
-			item = NULL;
-			frag = NULL;
-			goto err;
-		}
-	}
-
-	/*
-	 * If message is already reassembled, this must be a
-	 * retransmit and can be dropped.
-	 */
-	if (frag->reassembly == NULL) {
-		unsigned char devnull [256];
-
-		while (frag_len) {
-			i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-			    devnull, frag_len > sizeof(devnull) ?
-			    sizeof(devnull) : frag_len, 0);
-			if (i <= 0)
-				goto err;
-			frag_len -= i;
-		}
-		i = DTLS1_HM_FRAGMENT_RETRY;
-		goto err;
-	}
-
-	/* read the body of the fragment (header has already been read */
-	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-	    frag->fragment + msg_hdr->frag_off, frag_len, 0);
-	if (i <= 0 || (unsigned long)i != frag_len)
-		goto err;
-
-	RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
-	    (long)(msg_hdr->frag_off + frag_len));
-
-	RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
-	    is_complete);
-
-	if (is_complete) {
-		free(frag->reassembly);
-		frag->reassembly = NULL;
-	}
-
-	if (item == NULL) {
-		memset(seq64be, 0, sizeof(seq64be));
-		seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
-		seq64be[7] = (unsigned char)(msg_hdr->seq);
-
-		item = pitem_new(seq64be, frag);
-		if (item == NULL) {
-			i = -1;
-			goto err;
-		}
-
-		pqueue_insert(s->d1->buffered_messages, item);
-	}
-
-	return DTLS1_HM_FRAGMENT_RETRY;
-
-err:
-	if (item == NULL && frag != NULL)
-		dtls1_hm_fragment_free(frag);
-	*ok = 0;
-	return i;
-}
-
-
-static int
-dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
-{
-	int i = -1;
-	hm_fragment *frag = NULL;
-	pitem *item = NULL;
-	unsigned char seq64be[8];
-	unsigned long frag_len = msg_hdr->frag_len;
-
-	if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
-		goto err;
-
-	/* Try to find item in queue, to prevent duplicate entries */
-	memset(seq64be, 0, sizeof(seq64be));
-	seq64be[6] = (unsigned char) (msg_hdr->seq >> 8);
-	seq64be[7] = (unsigned char) msg_hdr->seq;
-	item = pqueue_find(s->d1->buffered_messages, seq64be);
-
-	/*
-	 * If we already have an entry and this one is a fragment,
-	 * don't discard it and rather try to reassemble it.
-	 */
-	if (item != NULL && frag_len < msg_hdr->msg_len)
-		item = NULL;
-
-	/*
-	 * Discard the message if sequence number was already there, is
-	 * too far in the future, already in the queue or if we received
-	 * a FINISHED before the SERVER_HELLO, which then must be a stale
-	 * retransmit.
-	 */
-	if (msg_hdr->seq <= s->d1->handshake_read_seq ||
-	    msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
-	    (s->d1->handshake_read_seq == 0 &&
-	    msg_hdr->type == SSL3_MT_FINISHED)) {
-		unsigned char devnull [256];
-
-		while (frag_len) {
-			i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-			    devnull, frag_len > sizeof(devnull) ?
-			    sizeof(devnull) : frag_len, 0);
-			if (i <= 0)
-				goto err;
-			frag_len -= i;
-		}
-	} else {
-		if (frag_len < msg_hdr->msg_len)
-			return dtls1_reassemble_fragment(s, msg_hdr, ok);
-
-		if (frag_len > dtls1_max_handshake_message_len(s))
-			goto err;
-
-		frag = dtls1_hm_fragment_new(frag_len, 0);
-		if (frag == NULL)
-			goto err;
-
-		memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
-
-		if (frag_len) {
-			/* read the body of the fragment (header has already been read */
-			i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-			    frag->fragment, frag_len, 0);
-			if (i <= 0 || (unsigned long)i != frag_len)
-				goto err;
-		}
-
-		memset(seq64be, 0, sizeof(seq64be));
-		seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
-		seq64be[7] = (unsigned char)(msg_hdr->seq);
-
-		item = pitem_new(seq64be, frag);
-		if (item == NULL)
-			goto err;
-
-		pqueue_insert(s->d1->buffered_messages, item);
-	}
-
-	return DTLS1_HM_FRAGMENT_RETRY;
-
-err:
-	if (item == NULL && frag != NULL)
-		dtls1_hm_fragment_free(frag);
-	*ok = 0;
-	return i;
-}
-
-
-static long
-dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
-{
-	unsigned char wire[DTLS1_HM_HEADER_LENGTH];
-	unsigned long len, frag_off, frag_len;
-	int i, al;
-	struct hm_header_st msg_hdr;
-
-again:
-	/* see if we have the required fragment already */
-	if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
-		if (*ok)
-			s->init_num = frag_len;
-		return frag_len;
-	}
-
-	/* read handshake message header */
-	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
-	    DTLS1_HM_HEADER_LENGTH, 0);
-	if (i <= 0) 	/* nbio, or an error */
-	{
-		s->rwstate = SSL_READING;
-		*ok = 0;
-		return i;
-	}
-	/* Handshake fails if message header is incomplete */
-	if (i != DTLS1_HM_HEADER_LENGTH ||
-	    /* parse the message fragment header */
-	    dtls1_get_message_header(wire, &msg_hdr) == 0) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
-		    SSL_R_UNEXPECTED_MESSAGE);
-		goto f_err;
-	}
-
-	/*
-	 * if this is a future (or stale) message it gets buffered
-	 * (or dropped)--no further processing at this time
-	 * While listening, we accept seq 1 (ClientHello with cookie)
-	 * although we're still expecting seq 0 (ClientHello)
-	 */
-	if (msg_hdr.seq != s->d1->handshake_read_seq &&
-	    !(s->d1->listen && msg_hdr.seq == 1))
-		return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
-
-	len = msg_hdr.msg_len;
-	frag_off = msg_hdr.frag_off;
-	frag_len = msg_hdr.frag_len;
-
-	if (frag_len && frag_len < len)
-		return dtls1_reassemble_fragment(s, &msg_hdr, ok);
-
-	if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
-	    wire[0] == SSL3_MT_HELLO_REQUEST) {
-		/*
-		 * The server may always send 'Hello Request' messages --
-		 * we are doing a handshake anyway now, so ignore them
-		 * if their format is correct. Does not count for
-		 * 'Finished' MAC.
-		 */
-		if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
-			if (s->msg_callback)
-				s->msg_callback(0, s->version,
-				    SSL3_RT_HANDSHAKE, wire,
-				    DTLS1_HM_HEADER_LENGTH, s,
-				    s->msg_callback_arg);
-
-			s->init_num = 0;
-			goto again;
-		}
-		else /* Incorrectly formated Hello request */
-		{
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
-			    SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-		}
-	}
-
-	if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
-		goto f_err;
-
-	/* XDTLS:  ressurect this when restart is in place */
-	s->state = stn;
-
-	if (frag_len > 0) {
-		unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-
-		i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-		    &p[frag_off], frag_len, 0);
-		/* XDTLS:  fix this--message fragments cannot span multiple packets */
-		if (i <= 0) {
-			s->rwstate = SSL_READING;
-			*ok = 0;
-			return i;
-		}
-	} else
-		i = 0;
-
-	/*
-	 * XDTLS:  an incorrectly formatted fragment should cause the
-	 * handshake to fail
-	 */
-	if (i != (int)frag_len) {
-		al = SSL3_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
-		    SSL3_AD_ILLEGAL_PARAMETER);
-		goto f_err;
-	}
-
-	*ok = 1;
-
-	/*
-	 * Note that s->init_num is *not* used as current offset in
-	 * s->init_buf->data, but as a counter summing up fragments'
-	 * lengths: as soon as they sum up to handshake packet
-	 * length, we assume we have got all the fragments.
-	 */
-	s->init_num = frag_len;
-	return frag_len;
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	s->init_num = 0;
-
-	*ok = 0;
-	return (-1);
-}
-
-/*
- * for these 2 messages, we need to
- * ssl->enc_read_ctx			re-init
- * ssl->s3->read_sequence		zero
- * ssl->s3->read_mac_secret		re-init
- * ssl->session->read_sym_enc		assign
- * ssl->session->read_hash		assign
- */
-int
-dtls1_send_change_cipher_spec(SSL *s, int a, int b)
-{
-	unsigned char *p;
-
-	if (s->state == a) {
-		p = (unsigned char *)s->init_buf->data;
-		*p++=SSL3_MT_CCS;
-		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
-		s->init_num = DTLS1_CCS_HEADER_LENGTH;
-
-		s->init_off = 0;
-
-		dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-		    s->d1->handshake_write_seq, 0, 0);
-
-		/* buffer the message to handle re-xmits */
-		dtls1_buffer_message(s, 1);
-
-		s->state = b;
-	}
-
-	/* SSL3_ST_CW_CHANGE_B */
-	return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-static int
-dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-{
-	int n;
-	unsigned char *p;
-
-	n = i2d_X509(x, NULL);
-	if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) {
-		SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
-		return 0;
-	}
-	p = (unsigned char *)&(buf->data[*l]);
-	l2n3(n, p);
-	i2d_X509(x, &p);
-	*l += n + 3;
-
-	return 1;
-}
-
-unsigned long
-dtls1_output_cert_chain(SSL *s, X509 *x)
-{
-	unsigned char *p;
-	int i;
-	unsigned long l = 3 + DTLS1_HM_HEADER_LENGTH;
-	BUF_MEM *buf;
-
-	/* TLSv1 sends a chain with nothing in it, instead of an alert */
-	buf = s->init_buf;
-	if (!BUF_MEM_grow_clean(buf, 10)) {
-		SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
-		return (0);
-	}
-	if (x != NULL) {
-		X509_STORE_CTX xs_ctx;
-
-		if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store,
-		    x, NULL)) {
-			SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
-			return (0);
-		}
-
-		X509_verify_cert(&xs_ctx);
-		/* Don't leave errors in the queue */
-		ERR_clear_error();
-		for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
-			x = sk_X509_value(xs_ctx.chain, i);
-
-			if (!dtls1_add_cert_to_buf(buf, &l, x)) {
-				X509_STORE_CTX_cleanup(&xs_ctx);
-				return 0;
-			}
-		}
-		X509_STORE_CTX_cleanup(&xs_ctx);
-	}
-	/* Thawte special :-) */
-	for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
-		x = sk_X509_value(s->ctx->extra_certs, i);
-		if (!dtls1_add_cert_to_buf(buf, &l, x))
-			return 0;
-	}
-
-	l -= (3 + DTLS1_HM_HEADER_LENGTH);
-
-	p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
-	l2n3(l, p);
-	l += 3;
-	p = (unsigned char *)&(buf->data[0]);
-	p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
-
-	l += DTLS1_HM_HEADER_LENGTH;
-	return (l);
-}
-
-int
-dtls1_read_failed(SSL *s, int code)
-{
-	if (code > 0) {
-#ifdef DEBUG
-		fprintf(stderr, "invalid state reached %s:%d",
-		    __FILE__, __LINE__);
-#endif
-		return 1;
-	}
-
-	if (!dtls1_is_timer_expired(s)) {
-		/*
-		 * not a timeout, none of our business, let higher layers
-		 * handle this.  in fact it's probably an error
-		 */
-		return code;
-	}
-
-	if (!SSL_in_init(s))  /* done, no need to send a retransmit */
-	{
-		BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
-		return code;
-	}
-
-	return dtls1_handle_timeout(s);
-}
-
-int
-dtls1_get_queue_priority(unsigned short seq, int is_ccs)
-{
-	/*
-	 * The index of the retransmission queue actually is the message
-	 * sequence number, since the queue only contains messages of a
-	 * single handshake. However, the ChangeCipherSpec has no message
-	 * sequence number and so using only the sequence will result in
-	 * the CCS and Finished having the same index. To prevent this, the
-	 * sequence number is multiplied by 2. In case of a CCS 1 is
-	 * subtracted.  This does not only differ CSS and Finished, it also
-	 * maintains the order of the index (important for priority queues)
-	 * and fits in the unsigned short variable.
-	 */
-	return seq * 2 - is_ccs;
-}
-
-int
-dtls1_retransmit_buffered_messages(SSL *s)
-{
-	pqueue sent = s->d1->sent_messages;
-	piterator iter;
-	pitem *item;
-	hm_fragment *frag;
-	int found = 0;
-
-	iter = pqueue_iterator(sent);
-
-	for (item = pqueue_next(&iter); item != NULL;
-	    item = pqueue_next(&iter)) {
-		frag = (hm_fragment *)item->data;
-		if (dtls1_retransmit_message(s,
-		    (unsigned short)dtls1_get_queue_priority(
-		    frag->msg_header.seq, frag->msg_header.is_ccs), 0,
-		    &found) <= 0 && found) {
-#ifdef DEBUG
-			fprintf(stderr, "dtls1_retransmit_message() failed\n");
-#endif
-			return -1;
-		}
-	}
-
-	return 1;
-}
-
-int
-dtls1_buffer_message(SSL *s, int is_ccs)
-{
-	pitem *item;
-	hm_fragment *frag;
-	unsigned char seq64be[8];
-
-	/* Buffer the messsage in order to handle DTLS retransmissions. */
-
-	/*
-	 * This function is called immediately after a message has
-	 * been serialized
-	 */
-	OPENSSL_assert(s->init_off == 0);
-
-	frag = dtls1_hm_fragment_new(s->init_num, 0);
-	if (frag == NULL)
-		return 0;
-
-	memcpy(frag->fragment, s->init_buf->data, s->init_num);
-
-	if (is_ccs) {
-		OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
-		    ((s->version == DTLS1_VERSION) ?
-		    DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num);
-	} else {
-		OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
-		    DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
-	}
-
-	frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
-	frag->msg_header.seq = s->d1->w_msg_hdr.seq;
-	frag->msg_header.type = s->d1->w_msg_hdr.type;
-	frag->msg_header.frag_off = 0;
-	frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
-	frag->msg_header.is_ccs = is_ccs;
-
-	/* save current state*/
-	frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
-	frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
-	frag->msg_header.saved_retransmit_state.session = s->session;
-	frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
-
-	memset(seq64be, 0, sizeof(seq64be));
-	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(
-	    frag->msg_header.seq, frag->msg_header.is_ccs) >> 8);
-	seq64be[7] = (unsigned char)(dtls1_get_queue_priority(
-	    frag->msg_header.seq, frag->msg_header.is_ccs));
-
-	item = pitem_new(seq64be, frag);
-	if (item == NULL) {
-		dtls1_hm_fragment_free(frag);
-		return 0;
-	}
-
-	pqueue_insert(s->d1->sent_messages, item);
-	return 1;
-}
-
-int
-dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
-    int *found)
-{
-	int ret;
-	/* XDTLS: for now assuming that read/writes are blocking */
-	pitem *item;
-	hm_fragment *frag;
-	unsigned long header_length;
-	unsigned char seq64be[8];
-	struct dtls1_retransmit_state saved_state;
-	unsigned char save_write_sequence[8];
-
-	/*
-	  OPENSSL_assert(s->init_num == 0);
-	  OPENSSL_assert(s->init_off == 0);
-	 */
-
-	/* XDTLS:  the requested message ought to be found, otherwise error */
-	memset(seq64be, 0, sizeof(seq64be));
-	seq64be[6] = (unsigned char)(seq >> 8);
-	seq64be[7] = (unsigned char)seq;
-
-	item = pqueue_find(s->d1->sent_messages, seq64be);
-	if (item == NULL) {
-#ifdef DEBUG
-		fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
-#endif
-		*found = 0;
-		return 0;
-	}
-
-	*found = 1;
-	frag = (hm_fragment *)item->data;
-
-	if (frag->msg_header.is_ccs)
-		header_length = DTLS1_CCS_HEADER_LENGTH;
-	else
-		header_length = DTLS1_HM_HEADER_LENGTH;
-
-	memcpy(s->init_buf->data, frag->fragment,
-	    frag->msg_header.msg_len + header_length);
-	s->init_num = frag->msg_header.msg_len + header_length;
-
-	dtls1_set_message_header_int(s, frag->msg_header.type,
-	    frag->msg_header.msg_len, frag->msg_header.seq, 0,
-	    frag->msg_header.frag_len);
-
-	/* save current state */
-	saved_state.enc_write_ctx = s->enc_write_ctx;
-	saved_state.write_hash = s->write_hash;
-	saved_state.session = s->session;
-	saved_state.epoch = s->d1->w_epoch;
-
-	s->d1->retransmitting = 1;
-
-	/* restore state in which the message was originally sent */
-	s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
-	s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
-	s->session = frag->msg_header.saved_retransmit_state.session;
-	s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
-
-	if (frag->msg_header.saved_retransmit_state.epoch ==
-	    saved_state.epoch - 1) {
-		memcpy(save_write_sequence, s->s3->write_sequence,
-		    sizeof(s->s3->write_sequence));
-		memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
-		    sizeof(s->s3->write_sequence));
-	}
-
-	ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
-	    SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
-
-	/* restore current state */
-	s->enc_write_ctx = saved_state.enc_write_ctx;
-	s->write_hash = saved_state.write_hash;
-	s->session = saved_state.session;
-	s->d1->w_epoch = saved_state.epoch;
-
-	if (frag->msg_header.saved_retransmit_state.epoch ==
-	    saved_state.epoch - 1) {
-		memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
-		    sizeof(s->s3->write_sequence));
-		memcpy(s->s3->write_sequence, save_write_sequence,
-		    sizeof(s->s3->write_sequence));
-	}
-
-	s->d1->retransmitting = 0;
-
-	(void)BIO_flush(SSL_get_wbio(s));
-	return ret;
-}
-
-/* call this function when the buffered messages are no longer needed */
-void
-dtls1_clear_record_buffer(SSL *s)
-{
-	pitem *item;
-
-	for(item = pqueue_pop(s->d1->sent_messages); item != NULL;
-	    item = pqueue_pop(s->d1->sent_messages)) {
-		dtls1_hm_fragment_free((hm_fragment *)item->data);
-		pitem_free(item);
-	}
-}
-
-unsigned char *
-dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
-    unsigned long len, unsigned long frag_off, unsigned long frag_len)
-{
-	/* Don't change sequence numbers while listening */
-	if (frag_off == 0 && !s->d1->listen) {
-		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
-		s->d1->next_handshake_write_seq++;
-	}
-
-	dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
-	    frag_off, frag_len);
-
-	return p += DTLS1_HM_HEADER_LENGTH;
-}
-
-/* don't actually do the writing, wait till the MTU has been retrieved */
-static void
-dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
-    unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)
-{
-	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-	msg_hdr->type = mt;
-	msg_hdr->msg_len = len;
-	msg_hdr->seq = seq_num;
-	msg_hdr->frag_off = frag_off;
-	msg_hdr->frag_len = frag_len;
-}
-
-static void
-dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)
-{
-	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-	msg_hdr->frag_off = frag_off;
-	msg_hdr->frag_len = frag_len;
-}
-
-static unsigned char *
-dtls1_write_message_header(SSL *s, unsigned char *p)
-{
-	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
-
-	*p++ = msg_hdr->type;
-	l2n3(msg_hdr->msg_len, p);
-
-	s2n(msg_hdr->seq, p);
-	l2n3(msg_hdr->frag_off, p);
-	l2n3(msg_hdr->frag_len, p);
-
-	return p;
-}
-
-unsigned int
-dtls1_min_mtu(void)
-{
-	return (g_probable_mtu[(sizeof(g_probable_mtu) /
-	    sizeof(g_probable_mtu[0])) - 1]);
-}
-
-static unsigned int
-dtls1_guess_mtu(unsigned int curr_mtu)
-{
-	unsigned int i;
-
-	if (curr_mtu == 0)
-		return g_probable_mtu[0];
-
-	for (i = 0; i < sizeof(g_probable_mtu) / sizeof(g_probable_mtu[0]); i++)
-		if (curr_mtu > g_probable_mtu[i])
-			return g_probable_mtu[i];
-
-	return curr_mtu;
-}
-
-int
-dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
-{
-	CBS header;
-	uint32_t msg_len, frag_off, frag_len;
-	uint16_t seq;
-	uint8_t type;
-
-	CBS_init(&header, data, sizeof(*msg_hdr));
-
-	memset(msg_hdr, 0, sizeof(*msg_hdr));
-
-	if (!CBS_get_u8(&header, &type))
-		return 0;
-	if (!CBS_get_u24(&header, &msg_len))
-		return 0;
-	if (!CBS_get_u16(&header, &seq))
-		return 0;
-	if (!CBS_get_u24(&header, &frag_off))
-		return 0;
-	if (!CBS_get_u24(&header, &frag_len))
-		return 0;
-
-	msg_hdr->type = type;
-	msg_hdr->msg_len = msg_len;
-	msg_hdr->seq = seq;
-	msg_hdr->frag_off = frag_off;
-	msg_hdr->frag_len = frag_len;
-
-	return 1;
-}
-
-void
-dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-	memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
-	ccs_hdr->type = *(data++);
-}
-
-int
-dtls1_shutdown(SSL *s)
-{
-	int ret;
-
-	ret = ssl3_shutdown(s);
-	return ret;
-}
diff --git a/lib/libssl/src/ssl/d1_clnt.c b/lib/libssl/src/ssl/d1_clnt.c
deleted file mode 100644
index e018874f0da..00000000000
--- a/lib/libssl/src/ssl/d1_clnt.c
+++ /dev/null
@@ -1,724 +0,0 @@
-/* $OpenBSD: d1_clnt.c,v 1.56 2016/03/11 07:08:45 mmcc Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <limits.h>
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/dh.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-
-#include "bytestring.h"
-
-static const SSL_METHOD *dtls1_get_client_method(int ver);
-static int dtls1_get_hello_verify(SSL *s);
-
-const SSL_METHOD DTLSv1_client_method_data = {
-	.version = DTLS1_VERSION,
-	.ssl_new = dtls1_new,
-	.ssl_clear = dtls1_clear,
-	.ssl_free = dtls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = dtls1_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = dtls1_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = dtls1_get_message,
-	.ssl_read_bytes = dtls1_read_bytes,
-	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.ssl_dispatch_alert = dtls1_dispatch_alert,
-	.ssl_ctrl = dtls1_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = dtls1_get_cipher,
-	.get_ssl_method = dtls1_get_client_method,
-	.get_timeout = dtls1_default_timeout,
-	.ssl3_enc = &DTLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD *
-DTLSv1_client_method(void)
-{
-	return &DTLSv1_client_method_data;
-}
-
-static const SSL_METHOD *
-dtls1_get_client_method(int ver)
-{
-	if (ver == DTLS1_VERSION)
-		return (DTLSv1_client_method());
-	return (NULL);
-}
-
-int
-dtls1_connect(SSL *s)
-{
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	int ret = -1;
-	int new_state, state, skip = 0;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_RENEGOTIATE:
-			s->renegotiate = 1;
-			s->state = SSL_ST_CONNECT;
-			s->ctx->stats.sess_connect_renegotiate++;
-			/* break */
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			s->server = 0;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00)) {
-				SSLerr(SSL_F_DTLS1_CONNECT,
-				    ERR_R_INTERNAL_ERROR);
-				ret = -1;
-				goto end;
-			}
-
-			/* s->version=SSL3_VERSION; */
-			s->type = SSL_ST_CONNECT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl3_setup_buffers(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl_init_wbio_buffer(s, 0)) {
-				ret = -1;
-				goto end;
-			}
-
-			/* don't push the buffering BIO quite yet */
-
-			s->state = SSL3_ST_CW_CLNT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->init_num = 0;
-			/* mark client_random uninitialized */
-			memset(s->s3->client_random, 0,
-			    sizeof(s->s3->client_random));
-			s->d1->send_cookie = 0;
-			s->hit = 0;
-			break;
-
-
-		case SSL3_ST_CW_CLNT_HELLO_A:
-		case SSL3_ST_CW_CLNT_HELLO_B:
-
-			s->shutdown = 0;
-
-			/* every DTLS ClientHello resets Finished MAC */
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			dtls1_start_timer(s);
-			ret = ssl3_client_hello(s);
-			if (ret <= 0)
-				goto end;
-
-			if (s->d1->send_cookie) {
-				s->state = SSL3_ST_CW_FLUSH;
-				s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
-			} else
-				s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
-			s->init_num = 0;
-
-			/* turn on buffering for the next lot of output */
-			if (s->bbio != s->wbio)
-				s->wbio = BIO_push(s->bbio, s->wbio);
-
-			break;
-
-		case SSL3_ST_CR_SRVR_HELLO_A:
-		case SSL3_ST_CR_SRVR_HELLO_B:
-			ret = ssl3_get_server_hello(s);
-			if (ret <= 0)
-				goto end;
-			else {
-				if (s->hit) {
-
-					s->state = SSL3_ST_CR_FINISHED_A;
-				} else
-					s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-		case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-
-			ret = dtls1_get_hello_verify(s);
-			if (ret <= 0)
-				goto end;
-			dtls1_stop_timer(s);
-			if ( s->d1->send_cookie) /* start again, with a cookie */
-				s->state = SSL3_ST_CW_CLNT_HELLO_A;
-			else
-				s->state = SSL3_ST_CR_CERT_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_CERT_A:
-		case SSL3_ST_CR_CERT_B:
-			ret = ssl3_check_finished(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2) {
-				s->hit = 1;
-				if (s->tlsext_ticket_expected)
-					s->state = SSL3_ST_CR_SESSION_TICKET_A;
-				else
-					s->state = SSL3_ST_CR_FINISHED_A;
-				s->init_num = 0;
-				break;
-			}
-			/* Check if it is anon DH. */
-			if (!(s->s3->tmp.new_cipher->algorithm_auth &
-			    SSL_aNULL)) {
-				ret = ssl3_get_server_certificate(s);
-				if (ret <= 0)
-					goto end;
-				if (s->tlsext_status_expected)
-					s->state = SSL3_ST_CR_CERT_STATUS_A;
-				else
-					s->state = SSL3_ST_CR_KEY_EXCH_A;
-			} else {
-				skip = 1;
-				s->state = SSL3_ST_CR_KEY_EXCH_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_KEY_EXCH_A:
-		case SSL3_ST_CR_KEY_EXCH_B:
-			ret = ssl3_get_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_CERT_REQ_A;
-			s->init_num = 0;
-
-			/* at this point we check that we have the
-			 * required stuff from the server */
-			if (!ssl3_check_cert_and_algorithm(s)) {
-				ret = -1;
-				goto end;
-			}
-			break;
-
-		case SSL3_ST_CR_CERT_REQ_A:
-		case SSL3_ST_CR_CERT_REQ_B:
-			ret = ssl3_get_certificate_request(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_SRVR_DONE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_SRVR_DONE_A:
-		case SSL3_ST_CR_SRVR_DONE_B:
-			ret = ssl3_get_server_done(s);
-			if (ret <= 0)
-				goto end;
-			dtls1_stop_timer(s);
-			if (s->s3->tmp.cert_req)
-				s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
-			else
-				s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num = 0;
-			s->state = s->s3->tmp.next_state;
-			break;
-
-		case SSL3_ST_CW_CERT_A:
-		case SSL3_ST_CW_CERT_B:
-		case SSL3_ST_CW_CERT_C:
-		case SSL3_ST_CW_CERT_D:
-			dtls1_start_timer(s);
-			ret = dtls1_send_client_certificate(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_KEY_EXCH_A:
-		case SSL3_ST_CW_KEY_EXCH_B:
-			dtls1_start_timer(s);
-			ret = ssl3_send_client_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-
-			/* EAY EAY EAY need to check for DH fix cert
-			 * sent back */
-			/* For TLS, cert_req is set to 2, so a cert chain
-			 * of nothing is sent, but no verify packet is sent */
-			if (s->s3->tmp.cert_req == 1) {
-				s->state = SSL3_ST_CW_CERT_VRFY_A;
-			} else {
-				s->state = SSL3_ST_CW_CHANGE_A;
-				s->s3->change_cipher_spec = 0;
-			}
-
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_CERT_VRFY_A:
-		case SSL3_ST_CW_CERT_VRFY_B:
-			dtls1_start_timer(s);
-			ret = ssl3_send_client_verify(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_CHANGE_A;
-			s->init_num = 0;
-			s->s3->change_cipher_spec = 0;
-			break;
-
-		case SSL3_ST_CW_CHANGE_A:
-		case SSL3_ST_CW_CHANGE_B:
-			if (!s->hit)
-				dtls1_start_timer(s);
-			ret = dtls1_send_change_cipher_spec(s,
-			    SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
-			if (ret <= 0)
-				goto end;
-
-			s->state = SSL3_ST_CW_FINISHED_A;
-			s->init_num = 0;
-
-			s->session->cipher = s->s3->tmp.new_cipher;
-			if (!s->method->ssl3_enc->setup_key_block(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			if (!s->method->ssl3_enc->change_cipher_state(s,
-			    SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
-				ret = -1;
-				goto end;
-			}
-
-
-			dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
-			break;
-
-		case SSL3_ST_CW_FINISHED_A:
-		case SSL3_ST_CW_FINISHED_B:
-			if (!s->hit)
-				dtls1_start_timer(s);
-			ret = ssl3_send_finished(s,
-			    SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B,
-			    s->method->ssl3_enc->client_finished_label,
-			    s->method->ssl3_enc->client_finished_label_len);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_FLUSH;
-
-			/* clear flags */
-			s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
-			if (s->hit) {
-				s->s3->tmp.next_state = SSL_ST_OK;
-				if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-					s->state = SSL_ST_OK;
-					s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
-					s->s3->delay_buf_pop_ret = 0;
-				}
-			} else {
-
-				/* Allow NewSessionTicket if ticket expected */
-				if (s->tlsext_ticket_expected)
-					s->s3->tmp.next_state =
-					    SSL3_ST_CR_SESSION_TICKET_A;
-				else
-					s->s3->tmp.next_state =
-					    SSL3_ST_CR_FINISHED_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_SESSION_TICKET_A:
-		case SSL3_ST_CR_SESSION_TICKET_B:
-			ret = ssl3_get_new_session_ticket(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_FINISHED_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_CERT_STATUS_A:
-		case SSL3_ST_CR_CERT_STATUS_B:
-			ret = ssl3_get_cert_status(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_FINISHED_A:
-		case SSL3_ST_CR_FINISHED_B:
-			s->d1->change_cipher_spec_ok = 1;
-			ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
-			    SSL3_ST_CR_FINISHED_B);
-			if (ret <= 0)
-				goto end;
-			dtls1_stop_timer(s);
-
-			if (s->hit)
-				s->state = SSL3_ST_CW_CHANGE_A;
-			else
-				s->state = SSL_ST_OK;
-
-
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_FLUSH:
-			s->rwstate = SSL_WRITING;
-			if (BIO_flush(s->wbio) <= 0) {
-				/* If the write error was fatal, stop trying */
-				if (!BIO_should_retry(s->wbio)) {
-					s->rwstate = SSL_NOTHING;
-					s->state = s->s3->tmp.next_state;
-				}
-
-				ret = -1;
-				goto end;
-			}
-			s->rwstate = SSL_NOTHING;
-			s->state = s->s3->tmp.next_state;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			tls1_cleanup_key_block(s);
-
-			/* If we are not 'joining' the last two packets,
-			 * remove the buffering now */
-			if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-				ssl_free_wbio_buffer(s);
-			/* else do it later in ssl3_write */
-
-			s->init_num = 0;
-			s->renegotiate = 0;
-			s->new_session = 0;
-
-			ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
-			if (s->hit)
-				s->ctx->stats.sess_hit++;
-
-			ret = 1;
-			/* s->server=0; */
-			s->handshake_func = dtls1_connect;
-			s->ctx->stats.sess_connect_good++;
-
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-			/* done with handshaking */
-			s->d1->handshake_read_seq = 0;
-			s->d1->next_handshake_write_seq = 0;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		/* did we do anything */
-		if (!s->s3->tmp.reuse_message && !skip) {
-			if (s->debug) {
-				if ((ret = BIO_flush(s->wbio)) <= 0)
-					goto end;
-			}
-
-			if ((cb != NULL) && (s->state != state)) {
-				new_state = s->state;
-				s->state = state;
-				cb(s, SSL_CB_CONNECT_LOOP, 1);
-				s->state = new_state;
-			}
-		}
-		skip = 0;
-	}
-
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s, SSL_CB_CONNECT_EXIT, ret);
-
-	return (ret);
-}
-
-static int
-dtls1_get_hello_verify(SSL *s)
-{
-	long n;
-	int al, ok = 0;
-	size_t cookie_len;
-	uint16_t ssl_version;
-	CBS hello_verify_request, cookie;
-
-	n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
-	    DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
-		s->d1->send_cookie = 0;
-		s->s3->tmp.reuse_message = 1;
-		return (1);
-	}
-
-	if (n < 0)
-		goto truncated;
-
-	CBS_init(&hello_verify_request, s->init_msg, n);
-
-	if (!CBS_get_u16(&hello_verify_request, &ssl_version))
-		goto truncated;
-
-	if (ssl_version != s->version) {
-		SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
-		s->version = (s->version & 0xff00) | (ssl_version & 0xff);
-		al = SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-	}
-
-	if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
-		goto truncated;
-
-	if (!CBS_write_bytes(&cookie, s->d1->cookie,
-	    sizeof(s->d1->cookie), &cookie_len)) {
-		s->d1->cookie_len = 0;
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		goto f_err;
-	}
-	s->d1->cookie_len = cookie_len;
-	s->d1->send_cookie = 1;
-
-	return 1;
-
-truncated:
-	al = SSL_AD_DECODE_ERROR;
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	return -1;
-}
-
-int
-dtls1_send_client_certificate(SSL *s)
-{
-	X509 *x509 = NULL;
-	EVP_PKEY *pkey = NULL;
-	int i;
-	unsigned long l;
-
-	if (s->state ==	SSL3_ST_CW_CERT_A) {
-		if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
-		    (s->cert->key->privatekey == NULL))
-			s->state = SSL3_ST_CW_CERT_B;
-		else
-			s->state = SSL3_ST_CW_CERT_C;
-	}
-
-	/* We need to get a client cert */
-	if (s->state == SSL3_ST_CW_CERT_B) {
-		/* If we get an error, we need to
-		 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
-		 * We then get retied later */
-		i = 0;
-		i = ssl_do_client_cert_cb(s, &x509, &pkey);
-		if (i < 0) {
-			s->rwstate = SSL_X509_LOOKUP;
-			return (-1);
-		}
-		s->rwstate = SSL_NOTHING;
-		if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
-			s->state = SSL3_ST_CW_CERT_B;
-			if (!SSL_use_certificate(s, x509) ||
-			    !SSL_use_PrivateKey(s, pkey))
-				i = 0;
-		} else if (i == 1) {
-			i = 0;
-			SSLerr(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE,
-			    SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-		}
-
-		X509_free(x509);
-		EVP_PKEY_free(pkey);
-		if (i == 0)
-			s->s3->tmp.cert_req = 2;
-
-		/* Ok, we have a cert */
-		s->state = SSL3_ST_CW_CERT_C;
-	}
-
-	if (s->state == SSL3_ST_CW_CERT_C) {
-		s->state = SSL3_ST_CW_CERT_D;
-		l = dtls1_output_cert_chain(s,
-		    (s->s3->tmp.cert_req == 2) ? NULL : s->cert->key->x509);
-		s->init_num = (int)l;
-		s->init_off = 0;
-
-		/* set header called by dtls1_output_cert_chain() */
-
-		/* buffer the message to handle re-xmits */
-		dtls1_buffer_message(s, 0);
-	}
-
-	/* SSL3_ST_CW_CERT_D */
-	return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
diff --git a/lib/libssl/src/ssl/d1_enc.c b/lib/libssl/src/ssl/d1_enc.c
deleted file mode 100644
index 8445ceb10f7..00000000000
--- a/lib/libssl/src/ssl/d1_enc.c
+++ /dev/null
@@ -1,212 +0,0 @@
-/* $OpenBSD: d1_enc.c,v 1.11 2016/03/06 14:52:15 beck Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-
-/* dtls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
- *
- * Returns:
- *   0: (in non-constant time) if the record is publically invalid (i.e. too
- *       short etc).
- *   1: if the record's padding is valid / the encryption was successful.
- *   -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
- *       an internal error occured. */
-int
-dtls1_enc(SSL *s, int send)
-{
-	SSL3_RECORD *rec;
-	EVP_CIPHER_CTX *ds;
-	unsigned long l;
-	int bs, i, j, k, mac_size = 0;
-	const EVP_CIPHER *enc;
-
-	if (send) {
-		if (EVP_MD_CTX_md(s->write_hash)) {
-			mac_size = EVP_MD_CTX_size(s->write_hash);
-			if (mac_size < 0)
-				return -1;
-		}
-		ds = s->enc_write_ctx;
-		rec = &(s->s3->wrec);
-		if (s->enc_write_ctx == NULL)
-			enc = NULL;
-		else {
-			enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-			if (rec->data != rec->input) {
-#ifdef DEBUG
-				/* we can't write into the input stream */
-				fprintf(stderr, "%s:%d: rec->data != rec->input\n",
-				    __FILE__, __LINE__);
-#endif
-			} else if (EVP_CIPHER_block_size(ds->cipher) > 1) {
-				arc4random_buf(rec->input,
-				    EVP_CIPHER_block_size(ds->cipher));
-			}
-		}
-	} else {
-		if (EVP_MD_CTX_md(s->read_hash)) {
-			mac_size = EVP_MD_CTX_size(s->read_hash);
-			OPENSSL_assert(mac_size >= 0);
-		}
-		ds = s->enc_read_ctx;
-		rec = &(s->s3->rrec);
-		if (s->enc_read_ctx == NULL)
-			enc = NULL;
-		else
-			enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-	}
-
-
-	if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
-		memmove(rec->data, rec->input, rec->length);
-		rec->input = rec->data;
-	} else {
-		l = rec->length;
-		bs = EVP_CIPHER_block_size(ds->cipher);
-
-		if ((bs != 1) && send) {
-			i = bs - ((int)l % bs);
-
-			/* Add weird padding of upto 256 bytes */
-
-			/* we need to add 'i' padding bytes of value j */
-			j = i - 1;
-			for (k = (int)l; k < (int)(l + i); k++)
-				rec->input[k] = j;
-			l += i;
-			rec->length += i;
-		}
-
-
-		if (!send) {
-			if (l == 0 || l % bs != 0)
-				return 0;
-		}
-
-		EVP_Cipher(ds, rec->data, rec->input, l);
-
-
-		if ((bs != 1) && !send)
-			return tls1_cbc_remove_padding(s, rec, bs, mac_size);
-	}
-	return (1);
-}
-
diff --git a/lib/libssl/src/ssl/d1_lib.c b/lib/libssl/src/ssl/d1_lib.c
deleted file mode 100644
index 23a7021d356..00000000000
--- a/lib/libssl/src/ssl/d1_lib.c
+++ /dev/null
@@ -1,468 +0,0 @@
-/* $OpenBSD: d1_lib.c,v 1.33 2016/02/29 06:48:03 mmcc Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-
-#include <netinet/in.h>
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "pqueue.h"
-#include "ssl_locl.h"
-
-int dtls1_listen(SSL *s, struct sockaddr *client);
-
-SSL3_ENC_METHOD DTLSv1_enc_data = {
-	.enc = dtls1_enc,
-	.mac = tls1_mac,
-	.setup_key_block = tls1_setup_key_block,
-	.generate_master_secret = tls1_generate_master_secret,
-	.change_cipher_state = tls1_change_cipher_state,
-	.final_finish_mac = tls1_final_finish_mac,
-	.finish_mac_length = TLS1_FINISH_MAC_LENGTH,
-	.cert_verify_mac = tls1_cert_verify_mac,
-	.client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
-	.client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
-	.server_finished_label = TLS_MD_SERVER_FINISH_CONST,
-	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
-	.alert_value = tls1_alert_code,
-	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = SSL_ENC_FLAG_DTLS|SSL_ENC_FLAG_EXPLICIT_IV,
-};
-
-long
-dtls1_default_timeout(void)
-{
-	/* 2 hours, the 24 hours mentioned in the DTLSv1 spec
-	 * is way too long for http, the cache would over fill */
-	return (60*60*2);
-}
-
-int
-dtls1_new(SSL *s)
-{
-	DTLS1_STATE *d1;
-
-	if (!ssl3_new(s))
-		return (0);
-	if ((d1 = calloc(1, sizeof *d1)) == NULL) {
-		ssl3_free(s);
-		return (0);
-	}
-
-	/* d1->handshake_epoch=0; */
-
-	d1->unprocessed_rcds.q = pqueue_new();
-	d1->processed_rcds.q = pqueue_new();
-	d1->buffered_messages = pqueue_new();
-	d1->sent_messages = pqueue_new();
-	d1->buffered_app_data.q = pqueue_new();
-
-	if (s->server) {
-		d1->cookie_len = sizeof(s->d1->cookie);
-	}
-
-	if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q ||
-	    !d1->buffered_messages || !d1->sent_messages ||
-	    !d1->buffered_app_data.q) {
-		pqueue_free(d1->unprocessed_rcds.q);
-		pqueue_free(d1->processed_rcds.q);
-		pqueue_free(d1->buffered_messages);
-		pqueue_free(d1->sent_messages);
-		pqueue_free(d1->buffered_app_data.q);
-		free(d1);
-		ssl3_free(s);
-		return (0);
-	}
-
-	s->d1 = d1;
-	s->method->ssl_clear(s);
-	return (1);
-}
-
-static void
-dtls1_clear_queues(SSL *s)
-{
-	pitem *item = NULL;
-	hm_fragment *frag = NULL;
-	DTLS1_RECORD_DATA *rdata;
-
-	while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
-		rdata = (DTLS1_RECORD_DATA *) item->data;
-		free(rdata->rbuf.buf);
-		free(item->data);
-		pitem_free(item);
-	}
-
-	while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
-		rdata = (DTLS1_RECORD_DATA *) item->data;
-		free(rdata->rbuf.buf);
-		free(item->data);
-		pitem_free(item);
-	}
-
-	while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
-		frag = (hm_fragment *)item->data;
-		free(frag->fragment);
-		free(frag);
-		pitem_free(item);
-	}
-
-	while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
-		frag = (hm_fragment *)item->data;
-		free(frag->fragment);
-		free(frag);
-		pitem_free(item);
-	}
-
-	while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
-		rdata = (DTLS1_RECORD_DATA *) item->data;
-		free(rdata->rbuf.buf);
-		free(item->data);
-		pitem_free(item);
-	}
-}
-
-void
-dtls1_free(SSL *s)
-{
-	if (s == NULL)
-		return;
-
-	ssl3_free(s);
-
-	dtls1_clear_queues(s);
-
-	pqueue_free(s->d1->unprocessed_rcds.q);
-	pqueue_free(s->d1->processed_rcds.q);
-	pqueue_free(s->d1->buffered_messages);
-	pqueue_free(s->d1->sent_messages);
-	pqueue_free(s->d1->buffered_app_data.q);
-
-	explicit_bzero(s->d1, sizeof *s->d1);
-	free(s->d1);
-	s->d1 = NULL;
-}
-
-void
-dtls1_clear(SSL *s)
-{
-	pqueue unprocessed_rcds;
-	pqueue processed_rcds;
-	pqueue buffered_messages;
-	pqueue sent_messages;
-	pqueue buffered_app_data;
-	unsigned int mtu;
-
-	if (s->d1) {
-		unprocessed_rcds = s->d1->unprocessed_rcds.q;
-		processed_rcds = s->d1->processed_rcds.q;
-		buffered_messages = s->d1->buffered_messages;
-		sent_messages = s->d1->sent_messages;
-		buffered_app_data = s->d1->buffered_app_data.q;
-		mtu = s->d1->mtu;
-
-		dtls1_clear_queues(s);
-
-		memset(s->d1, 0, sizeof(*(s->d1)));
-
-		if (s->server) {
-			s->d1->cookie_len = sizeof(s->d1->cookie);
-		}
-
-		if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
-			s->d1->mtu = mtu;
-		}
-
-		s->d1->unprocessed_rcds.q = unprocessed_rcds;
-		s->d1->processed_rcds.q = processed_rcds;
-		s->d1->buffered_messages = buffered_messages;
-		s->d1->sent_messages = sent_messages;
-		s->d1->buffered_app_data.q = buffered_app_data;
-	}
-
-	ssl3_clear(s);
-
-	s->version = DTLS1_VERSION;
-}
-
-long
-dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-	int ret = 0;
-
-	switch (cmd) {
-	case DTLS_CTRL_GET_TIMEOUT:
-		if (dtls1_get_timeout(s, (struct timeval*) parg) != NULL) {
-			ret = 1;
-		}
-		break;
-	case DTLS_CTRL_HANDLE_TIMEOUT:
-		ret = dtls1_handle_timeout(s);
-		break;
-	case DTLS_CTRL_LISTEN:
-		ret = dtls1_listen(s, parg);
-		break;
-
-	default:
-		ret = ssl3_ctrl(s, cmd, larg, parg);
-		break;
-	}
-	return (ret);
-}
-
-/*
- * As it's impossible to use stream ciphers in "datagram" mode, this
- * simple filter is designed to disengage them in DTLS. Unfortunately
- * there is no universal way to identify stream SSL_CIPHER, so we have
- * to explicitly list their SSL_* codes. Currently RC4 is the only one
- * available, but if new ones emerge, they will have to be added...
- */
-const SSL_CIPHER *
-dtls1_get_cipher(unsigned int u)
-{
-	const SSL_CIPHER *ciph = ssl3_get_cipher(u);
-
-	if (ciph != NULL) {
-		if (ciph->algorithm_enc == SSL_RC4)
-			return NULL;
-	}
-
-	return ciph;
-}
-
-void
-dtls1_start_timer(SSL *s)
-{
-
-	/* If timer is not set, initialize duration with 1 second */
-	if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
-		s->d1->timeout_duration = 1;
-	}
-
-	/* Set timeout to current time */
-	gettimeofday(&(s->d1->next_timeout), NULL);
-
-	/* Add duration to current time */
-	s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
-	BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
-	    &(s->d1->next_timeout));
-}
-
-struct timeval*
-dtls1_get_timeout(SSL *s, struct timeval* timeleft)
-{
-	struct timeval timenow;
-
-	/* If no timeout is set, just return NULL */
-	if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
-		return NULL;
-	}
-
-	/* Get current time */
-	gettimeofday(&timenow, NULL);
-
-	/* If timer already expired, set remaining time to 0 */
-	if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
-	    (s->d1->next_timeout.tv_sec == timenow.tv_sec &&
-	     s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
-		memset(timeleft, 0, sizeof(struct timeval));
-		return timeleft;
-	}
-
-	/* Calculate time left until timer expires */
-	memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
-	timeleft->tv_sec -= timenow.tv_sec;
-	timeleft->tv_usec -= timenow.tv_usec;
-	if (timeleft->tv_usec < 0) {
-		timeleft->tv_sec--;
-		timeleft->tv_usec += 1000000;
-	}
-
-	/* If remaining time is less than 15 ms, set it to 0
-	 * to prevent issues because of small devergences with
-	 * socket timeouts.
-	 */
-	if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
-		memset(timeleft, 0, sizeof(struct timeval));
-	}
-
-
-	return timeleft;
-}
-
-int
-dtls1_is_timer_expired(SSL *s)
-{
-	struct timeval timeleft;
-
-	/* Get time left until timeout, return false if no timer running */
-	if (dtls1_get_timeout(s, &timeleft) == NULL) {
-		return 0;
-	}
-
-	/* Return false if timer is not expired yet */
-	if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
-		return 0;
-	}
-
-	/* Timer expired, so return true */
-	return 1;
-}
-
-void
-dtls1_double_timeout(SSL *s)
-{
-	s->d1->timeout_duration *= 2;
-	if (s->d1->timeout_duration > 60)
-		s->d1->timeout_duration = 60;
-	dtls1_start_timer(s);
-}
-
-void
-dtls1_stop_timer(SSL *s)
-{
-	/* Reset everything */
-	memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
-	memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
-	s->d1->timeout_duration = 1;
-	BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
-	    &(s->d1->next_timeout));
-	/* Clear retransmission buffer */
-	dtls1_clear_record_buffer(s);
-}
-
-int
-dtls1_check_timeout_num(SSL *s)
-{
-	s->d1->timeout.num_alerts++;
-
-	/* Reduce MTU after 2 unsuccessful retransmissions */
-	if (s->d1->timeout.num_alerts > 2) {
-		s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
-		    BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
-
-	}
-
-	if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
-		/* fail the connection, enough alerts have been sent */
-		SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM, SSL_R_READ_TIMEOUT_EXPIRED);
-		return -1;
-	}
-
-	return 0;
-}
-
-int
-dtls1_handle_timeout(SSL *s)
-{
-	/* if no timer is expired, don't do anything */
-	if (!dtls1_is_timer_expired(s)) {
-		return 0;
-	}
-
-	dtls1_double_timeout(s);
-
-	if (dtls1_check_timeout_num(s) < 0)
-		return -1;
-
-	s->d1->timeout.read_timeouts++;
-	if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
-		s->d1->timeout.read_timeouts = 1;
-	}
-
-	dtls1_start_timer(s);
-	return dtls1_retransmit_buffered_messages(s);
-}
-
-int
-dtls1_listen(SSL *s, struct sockaddr *client)
-{
-	int ret;
-
-	/* Ensure there is no state left over from a previous invocation */
-	SSL_clear(s);
-
-	SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
-	s->d1->listen = 1;
-
-	ret = SSL_accept(s);
-	if (ret <= 0)
-		return ret;
-
-	(void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
-	return 1;
-}
-
-void
-dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
-    unsigned short epoch)
-{
-	unsigned char dtlsseq[SSL3_SEQUENCE_SIZE];
-	unsigned char *p;
-
-	p = dtlsseq;
-	s2n(epoch, p);
-	memcpy(p, &seq[2], SSL3_SEQUENCE_SIZE - 2);
-	memcpy(dst, dtlsseq, SSL3_SEQUENCE_SIZE);
-}
diff --git a/lib/libssl/src/ssl/d1_meth.c b/lib/libssl/src/ssl/d1_meth.c
deleted file mode 100644
index 7f279a4f50c..00000000000
--- a/lib/libssl/src/ssl/d1_meth.c
+++ /dev/null
@@ -1,112 +0,0 @@
-/* $OpenBSD: d1_meth.c,v 1.9 2015/02/06 08:30:23 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-
-static const SSL_METHOD *dtls1_get_method(int ver);
-
-const SSL_METHOD DTLSv1_method_data = {
-	.version = DTLS1_VERSION,
-	.ssl_new = dtls1_new,
-	.ssl_clear = dtls1_clear,
-	.ssl_free = dtls1_free,
-	.ssl_accept = dtls1_accept,
-	.ssl_connect = dtls1_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = dtls1_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = dtls1_get_message,
-	.ssl_read_bytes = dtls1_read_bytes,
-	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.ssl_dispatch_alert = dtls1_dispatch_alert,
-	.ssl_ctrl = dtls1_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = dtls1_get_cipher,
-	.get_ssl_method = dtls1_get_method,
-	.get_timeout = dtls1_default_timeout,
-	.ssl3_enc = &DTLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD *
-DTLSv1_method(void)
-{
-	return &DTLSv1_method_data;
-}
-
-static const SSL_METHOD *
-dtls1_get_method(int ver)
-{
-	if (ver == DTLS1_VERSION)
-		return (DTLSv1_method());
-	return (NULL);
-}
diff --git a/lib/libssl/src/ssl/d1_pkt.c b/lib/libssl/src/ssl/d1_pkt.c
deleted file mode 100644
index 5326a2c3d0c..00000000000
--- a/lib/libssl/src/ssl/d1_pkt.c
+++ /dev/null
@@ -1,1477 +0,0 @@
-/* $OpenBSD: d1_pkt.c,v 1.48 2015/09/11 18:08:21 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <machine/endian.h>
-
-#include <errno.h>
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-#include "pqueue.h"
-#include "bytestring.h"
-
-/* mod 128 saturating subtract of two 64-bit values in big-endian order */
-static int
-satsub64be(const unsigned char *v1, const unsigned char *v2)
-{
-	int ret, sat, brw, i;
-
-	if (sizeof(long) == 8)
-		do {
-			long l;
-
-			if (BYTE_ORDER == LITTLE_ENDIAN)
-				break;
-			/* not reached on little-endians */
-			/* following test is redundant, because input is
-			 * always aligned, but I take no chances... */
-			if (((size_t)v1 | (size_t)v2) & 0x7)
-				break;
-
-			l  = *((long *)v1);
-			l -= *((long *)v2);
-			if (l > 128)
-				return 128;
-			else if (l<-128)
-				return -128;
-			else
-				return (int)l;
-		} while (0);
-
-	ret = (int)v1[7] - (int)v2[7];
-	sat = 0;
-	brw = ret >> 8;	/* brw is either 0 or -1 */
-	if (ret & 0x80) {
-		for (i = 6; i >= 0; i--) {
-			brw += (int)v1[i]-(int)v2[i];
-			sat |= ~brw;
-			brw >>= 8;
-		}
-	} else {
-		for (i = 6; i >= 0; i--) {
-			brw += (int)v1[i]-(int)v2[i];
-			sat |= brw;
-			brw >>= 8;
-		}
-	}
-	brw <<= 8;	/* brw is either 0 or -256 */
-
-	if (sat & 0xff)
-		return brw | 0x80;
-	else
-		return brw + (ret & 0xFF);
-}
-
-static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
-    int len, int peek);
-static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
-static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
-static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
-    unsigned int *is_next_epoch);
-static int dtls1_buffer_record(SSL *s, record_pqueue *q,
-    unsigned char *priority);
-static int dtls1_process_record(SSL *s);
-
-/* copy buffered record into SSL structure */
-static int
-dtls1_copy_record(SSL *s, pitem *item)
-{
-	DTLS1_RECORD_DATA *rdata;
-
-	rdata = (DTLS1_RECORD_DATA *)item->data;
-
-	free(s->s3->rbuf.buf);
-
-	s->packet = rdata->packet;
-	s->packet_length = rdata->packet_length;
-	memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
-	memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-
-	/* Set proper sequence number for mac calculation */
-	memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
-
-	return (1);
-}
-
-
-static int
-dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
-{
-	DTLS1_RECORD_DATA *rdata;
-	pitem *item;
-
-	/* Limit the size of the queue to prevent DOS attacks */
-	if (pqueue_size(queue->q) >= 100)
-		return 0;
-
-	rdata = malloc(sizeof(DTLS1_RECORD_DATA));
-	item = pitem_new(priority, rdata);
-	if (rdata == NULL || item == NULL)
-		goto init_err;
-
-	rdata->packet = s->packet;
-	rdata->packet_length = s->packet_length;
-	memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
-	memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
-
-	item->data = rdata;
-
-
-	s->packet = NULL;
-	s->packet_length = 0;
-	memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
-	memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
-
-	if (!ssl3_setup_buffers(s))
-		goto err;
-
-	/* insert should not fail, since duplicates are dropped */
-	if (pqueue_insert(queue->q, item) == NULL)
-		goto err;
-
-	return (1);
-
-err:
-	free(rdata->rbuf.buf);
-
-init_err:
-	SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
-	free(rdata);
-	pitem_free(item);
-	return (-1);
-}
-
-
-static int
-dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
-{
-	pitem *item;
-
-	item = pqueue_pop(queue->q);
-	if (item) {
-		dtls1_copy_record(s, item);
-
-		free(item->data);
-		pitem_free(item);
-
-		return (1);
-	}
-
-	return (0);
-}
-
-
-/* retrieve a buffered record that belongs to the new epoch, i.e., not processed
- * yet */
-#define dtls1_get_unprocessed_record(s) \
-                   dtls1_retrieve_buffered_record((s), \
-                   &((s)->d1->unprocessed_rcds))
-
-/* retrieve a buffered record that belongs to the current epoch, ie, processed */
-#define dtls1_get_processed_record(s) \
-                   dtls1_retrieve_buffered_record((s), \
-                   &((s)->d1->processed_rcds))
-
-static int
-dtls1_process_buffered_records(SSL *s)
-{
-	pitem *item;
-
-	item = pqueue_peek(s->d1->unprocessed_rcds.q);
-	if (item) {
-		/* Check if epoch is current. */
-		if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
-			return (1);
-		/* Nothing to do. */
-
-		/* Process all the records. */
-		while (pqueue_peek(s->d1->unprocessed_rcds.q)) {
-			dtls1_get_unprocessed_record(s);
-			if (! dtls1_process_record(s))
-				return (0);
-			if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
-			    s->s3->rrec.seq_num) < 0)
-				return (-1);
-		}
-	}
-
-    /* sync epoch numbers once all the unprocessed records
-     * have been processed */
-	s->d1->processed_rcds.epoch = s->d1->r_epoch;
-	s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
-
-	return (1);
-}
-
-static int
-dtls1_process_record(SSL *s)
-{
-	int i, al;
-	int enc_err;
-	SSL_SESSION *sess;
-	SSL3_RECORD *rr;
-	unsigned int mac_size, orig_len;
-	unsigned char md[EVP_MAX_MD_SIZE];
-
-	rr = &(s->s3->rrec);
-	sess = s->session;
-
-	/* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
-	 * and we have that many bytes in s->packet
-	 */
-	rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
-
-	/* ok, we can now read from 's->packet' data into 'rr'
-	 * rr->input points at rr->length bytes, which
-	 * need to be copied into rr->data by either
-	 * the decryption or by the decompression
-	 * When the data is 'copied' into the rr->data buffer,
-	 * rr->input will be pointed at the new buffer */
-
-	/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
-	 * rr->length bytes of encrypted compressed stuff. */
-
-	/* check is not needed I believe */
-	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
-		al = SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
-		goto f_err;
-	}
-
-	/* decrypt in place in 'rr->input' */
-	rr->data = rr->input;
-
-	enc_err = s->method->ssl3_enc->enc(s, 0);
-	/* enc_err is:
-	 *    0: (in non-constant time) if the record is publically invalid.
-	 *    1: if the padding is valid
-	 *    -1: if the padding is invalid */
-	if (enc_err == 0) {
-		/* For DTLS we simply ignore bad packets. */
-		rr->length = 0;
-		s->packet_length = 0;
-		goto err;
-	}
-
-
-	/* r->length is now the compressed data plus mac */
-	if ((sess != NULL) && (s->enc_read_ctx != NULL) &&
-	    (EVP_MD_CTX_md(s->read_hash) != NULL)) {
-		/* s->read_hash != NULL => mac_size != -1 */
-		unsigned char *mac = NULL;
-		unsigned char mac_tmp[EVP_MAX_MD_SIZE];
-		mac_size = EVP_MD_CTX_size(s->read_hash);
-		OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
-
-		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
-		orig_len = rr->length + ((unsigned int)rr->type >> 8);
-
-		/* orig_len is the length of the record before any padding was
-		 * removed. This is public information, as is the MAC in use,
-		 * therefore we can safely process the record in a different
-		 * amount of time if it's too short to possibly contain a MAC.
-		 */
-		if (orig_len < mac_size ||
-			/* CBC records must have a padding length byte too. */
-		    (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-		    orig_len < mac_size + 1)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT);
-			goto f_err;
-		}
-
-		if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
-			/* We update the length so that the TLS header bytes
-			 * can be constructed correctly but we need to extract
-			 * the MAC in constant time from within the record,
-			 * without leaking the contents of the padding bytes.
-			 * */
-			mac = mac_tmp;
-			ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
-			rr->length -= mac_size;
-		} else {
-			/* In this case there's no padding, so |orig_len|
-			 * equals |rec->length| and we checked that there's
-			 * enough bytes for |mac_size| above. */
-			rr->length -= mac_size;
-			mac = &rr->data[rr->length];
-		}
-
-		i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
-		if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
-			enc_err = -1;
-		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
-			enc_err = -1;
-	}
-
-	if (enc_err < 0) {
-		/* decryption failed, silently discard message */
-		rr->length = 0;
-		s->packet_length = 0;
-		goto err;
-	}
-
-	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
-		al = SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
-		goto f_err;
-	}
-
-	rr->off = 0;
-	/* So at this point the following is true
-	 * ssl->s3->rrec.type 	is the type of record
-	 * ssl->s3->rrec.length	== number of bytes in record
-	 * ssl->s3->rrec.off	== offset to first valid byte
-	 * ssl->s3->rrec.data	== where to take bytes from, increment
-	 *			   after use :-).
-	 */
-
-	/* we have pulled in a full packet so zero things */
-	s->packet_length = 0;
-	return (1);
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (0);
-}
-
-
-/* Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type    - is the type of record
- * ssl->s3->rrec.data, 	 - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by dtls1_read_bytes */
-int
-dtls1_get_record(SSL *s)
-{
-	int i, n;
-	SSL3_RECORD *rr;
-	unsigned char *p = NULL;
-	DTLS1_BITMAP *bitmap;
-	unsigned int is_next_epoch;
-
-	rr = &(s->s3->rrec);
-
-	/* The epoch may have changed.  If so, process all the
-	 * pending records.  This is a non-blocking operation. */
-	if (dtls1_process_buffered_records(s) < 0)
-		return (-1);
-
-	/* if we're renegotiating, then there may be buffered records */
-	if (dtls1_get_processed_record(s))
-		return 1;
-
-	/* get something from the wire */
-	if (0) {
-again:
-		/* dump this record on all retries */
-		rr->length = 0;
-		s->packet_length = 0;
-	}
-
-	/* check if we have the header */
-	if ((s->rstate != SSL_ST_READ_BODY) ||
-	    (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
-		CBS header, seq_no;
-		uint16_t epoch, len, ssl_version;
-		uint8_t type;
-
-		n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
-		/* read timeout is handled by dtls1_read_bytes */
-		if (n <= 0)
-			return(n); /* error or non-blocking */
-
-		/* this packet contained a partial record, dump it */
-		if (s->packet_length != DTLS1_RT_HEADER_LENGTH)
-			goto again;
-
-		s->rstate = SSL_ST_READ_BODY;
-
-		CBS_init(&header, s->packet, s->packet_length);
-
-		/* Pull apart the header into the DTLS1_RECORD */
-		if (!CBS_get_u8(&header, &type))
-			goto again;
-		if (!CBS_get_u16(&header, &ssl_version))
-			goto again;
-
-		/* sequence number is 64 bits, with top 2 bytes = epoch */
-		if (!CBS_get_u16(&header, &epoch) ||
-		    !CBS_get_bytes(&header, &seq_no, 6))
-			goto again;
-
-		if (!CBS_write_bytes(&seq_no, &(s->s3->read_sequence[2]),
-		    sizeof(s->s3->read_sequence) - 2, NULL))
-			goto again;
-		if (!CBS_get_u16(&header, &len))
-			goto again;
-
-		rr->type = type;
-		rr->epoch = epoch;
-		rr->length = len;
-
-		/* unexpected version, silently discard */
-		if (!s->first_packet && ssl_version != s->version)
-			goto again;
-
-		/* wrong version, silently discard record */
-		if ((ssl_version & 0xff00) != (s->version & 0xff00))
-			goto again;
-
-		/* record too long, silently discard it */
-		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
-			goto again;
-
-		/* now s->rstate == SSL_ST_READ_BODY */
-		p = (unsigned char *)CBS_data(&header);
-	}
-
-	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
-	if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
-		/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
-		i = rr->length;
-		n = ssl3_read_n(s, i, i, 1);
-		if (n <= 0)
-			return(n); /* error or non-blocking io */
-
-		/* this packet contained a partial record, dump it */
-		if (n != i)
-			goto again;
-
-		/* now n == rr->length,
-		 * and s->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */
-	}
-	s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
-
-	/* match epochs.  NULL means the packet is dropped on the floor */
-	bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
-	if (bitmap == NULL)
-		goto again;
-
-	/*
-	 * Check whether this is a repeat, or aged record.
-	 * Don't check if we're listening and this message is
-	 * a ClientHello. They can look as if they're replayed,
-	 * since they arrive from different connections and
-	 * would be dropped unnecessarily.
-	 */
-	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
-	    p != NULL && *p == SSL3_MT_CLIENT_HELLO) &&
-	    !dtls1_record_replay_check(s, bitmap))
-		goto again;
-
-	/* just read a 0 length packet */
-	if (rr->length == 0)
-		goto again;
-
-	/* If this record is from the next epoch (either HM or ALERT),
-	 * and a handshake is currently in progress, buffer it since it
-	 * cannot be processed at this time. However, do not buffer
-	 * anything while listening.
-	 */
-	if (is_next_epoch) {
-		if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
-			if (dtls1_buffer_record(s, &(s->d1->unprocessed_rcds),
-			    rr->seq_num) < 0)
-				return (-1);
-			/* Mark receipt of record. */
-			dtls1_record_bitmap_update(s, bitmap);
-		}
-		goto again;
-	}
-
-	if (!dtls1_process_record(s))
-		goto again;
-
-	/* Mark receipt of record. */
-	dtls1_record_bitmap_update(s, bitmap);
-
-	return (1);
-}
-
-/* Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- *   -  0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- *     Change cipher spec protocol
- *             just 1 byte needed, no need for keeping anything stored
- *     Alert protocol
- *             2 bytes needed (AlertLevel, AlertDescription)
- *     Handshake protocol
- *             4 bytes needed (HandshakeType, uint24 length) -- we just have
- *             to detect unexpected Client Hello and Hello Request messages
- *             here, anything else is handled by higher layers
- *     Application data protocol
- *             none of our business
- */
-int
-dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-{
-	int al, i, j, ret;
-	unsigned int n;
-	SSL3_RECORD *rr;
-	void (*cb)(const SSL *ssl, int type2, int val) = NULL;
-
-	if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-		if (!ssl3_setup_buffers(s))
-			return (-1);
-
-	if ((type &&
-	     type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_HANDSHAKE) ||
-	    (peek && (type != SSL3_RT_APPLICATION_DATA))) {
-		SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
-	/* check whether there's a handshake message (client hello?) waiting */
-	if ((ret = have_handshake_fragment(s, type, buf, len, peek)))
-		return ret;
-
-	/* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */
-
-	if (!s->in_handshake && SSL_in_init(s))
-	{
-		/* type == SSL3_RT_APPLICATION_DATA */
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-	}
-
-start:
-	s->rwstate = SSL_NOTHING;
-
-	/* s->s3->rrec.type	    - is the type of record
-	 * s->s3->rrec.data,    - data
-	 * s->s3->rrec.off,     - offset into 'data' for next read
-	 * s->s3->rrec.length,  - number of bytes. */
-	rr = &(s->s3->rrec);
-
-	/* We are not handshaking and have no data yet,
-	 * so process data buffered during the last handshake
-	 * in advance, if any.
-	 */
-	if (s->state == SSL_ST_OK && rr->length == 0) {
-		pitem *item;
-		item = pqueue_pop(s->d1->buffered_app_data.q);
-		if (item) {
-
-			dtls1_copy_record(s, item);
-
-			free(item->data);
-			pitem_free(item);
-		}
-	}
-
-	/* Check for timeout */
-	if (dtls1_handle_timeout(s) > 0)
-		goto start;
-
-	/* get new packet if necessary */
-	if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
-		ret = dtls1_get_record(s);
-		if (ret <= 0) {
-			ret = dtls1_read_failed(s, ret);
-			/* anything other than a timeout is an error */
-			if (ret <= 0)
-				return (ret);
-			else
-				goto start;
-		}
-	}
-
-	if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
-		rr->length = 0;
-		goto start;
-	}
-
-	/* we now have a packet which can be read and processed */
-
-	if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
-	                               * reset by ssl3_get_finished */
-	    && (rr->type != SSL3_RT_HANDSHAKE)) {
-		/* We now have application data between CCS and Finished.
-		 * Most likely the packets were reordered on their way, so
-		 * buffer the application data for later processing rather
-		 * than dropping the connection.
-		 */
-		if (dtls1_buffer_record(s, &(s->d1->buffered_app_data),
-		    rr->seq_num) < 0) {
-			SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-			return (-1);
-		}
-		rr->length = 0;
-		goto start;
-	}
-
-	/* If the other end has shut down, throw anything we read away
-	 * (even in 'peek' mode) */
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-		rr->length = 0;
-		s->rwstate = SSL_NOTHING;
-		return (0);
-	}
-
-
-	if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
-	{
-		/* make sure that we are not getting application data when we
-		 * are doing a handshake for the first time */
-		if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
-			(s->enc_read_ctx == NULL)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
-			goto f_err;
-		}
-
-		if (len <= 0)
-			return (len);
-
-		if ((unsigned int)len > rr->length)
-			n = rr->length;
-		else
-			n = (unsigned int)len;
-
-		memcpy(buf, &(rr->data[rr->off]), n);
-		if (!peek) {
-			rr->length -= n;
-			rr->off += n;
-			if (rr->length == 0) {
-				s->rstate = SSL_ST_READ_HEADER;
-				rr->off = 0;
-			}
-		}
-
-		return (n);
-	}
-
-
-	/* If we get here, then type != rr->type; if we have a handshake
-	 * message, then it was unexpected (Hello Request or Client Hello). */
-
-	/* In case of record types for which we have 'fragment' storage,
-	 * fill that so that we can process the data at a fixed place.
-	 */
-	{
-		unsigned int k, dest_maxlen = 0;
-		unsigned char *dest = NULL;
-		unsigned int *dest_len = NULL;
-
-		if (rr->type == SSL3_RT_HANDSHAKE) {
-			dest_maxlen = sizeof s->d1->handshake_fragment;
-			dest = s->d1->handshake_fragment;
-			dest_len = &s->d1->handshake_fragment_len;
-		} else if (rr->type == SSL3_RT_ALERT) {
-			dest_maxlen = sizeof(s->d1->alert_fragment);
-			dest = s->d1->alert_fragment;
-			dest_len = &s->d1->alert_fragment_len;
-		}
-		/* else it's a CCS message, or application data or wrong */
-		else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
-			/* Application data while renegotiating
-			 * is allowed. Try again reading.
-			 */
-			if (rr->type == SSL3_RT_APPLICATION_DATA) {
-				BIO *bio;
-				s->s3->in_read_app_data = 2;
-				bio = SSL_get_rbio(s);
-				s->rwstate = SSL_READING;
-				BIO_clear_retry_flags(bio);
-				BIO_set_retry_read(bio);
-				return (-1);
-			}
-
-			/* Not certain if this is the right error handling */
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-			goto f_err;
-		}
-
-		if (dest_maxlen > 0) {
-            /* XDTLS:  In a pathalogical case, the Client Hello
-             *  may be fragmented--don't always expect dest_maxlen bytes */
-			if (rr->length < dest_maxlen) {
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-				/*
-				 * for normal alerts rr->length is 2, while
-				 * dest_maxlen is 7 if we were to handle this
-				 * non-existing alert...
-				 */
-				FIX ME
-#endif
-				s->rstate = SSL_ST_READ_HEADER;
-				rr->length = 0;
-				goto start;
-			}
-
-			/* now move 'n' bytes: */
-			for ( k = 0; k < dest_maxlen; k++) {
-				dest[k] = rr->data[rr->off++];
-				rr->length--;
-			}
-			*dest_len = dest_maxlen;
-		}
-	}
-
-	/* s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
-	 * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
-	 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
-
-	/* If we are a client, check for an incoming 'Hello Request': */
-	if ((!s->server) &&
-	    (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
-	    (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
-	    (s->session != NULL) && (s->session->cipher != NULL)) {
-		s->d1->handshake_fragment_len = 0;
-
-		if ((s->d1->handshake_fragment[1] != 0) ||
-		    (s->d1->handshake_fragment[2] != 0) ||
-		    (s->d1->handshake_fragment[3] != 0)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
-			goto err;
-		}
-
-		/* no need to check sequence number on HELLO REQUEST messages */
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-		s->d1->handshake_fragment, 4, s, s->msg_callback_arg);
-
-		if (SSL_is_init_finished(s) &&
-		    !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-		    !s->s3->renegotiate) {
-			s->d1->handshake_read_seq++;
-			s->new_session = 1;
-			ssl3_renegotiate(s);
-			if (ssl3_renegotiate_check(s)) {
-				i = s->handshake_func(s);
-				if (i < 0)
-					return (i);
-				if (i == 0) {
-					SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-					return (-1);
-				}
-
-				if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-					if (s->s3->rbuf.left == 0) /* no read-ahead left? */
-					{
-						BIO *bio;
-						/* In the case where we try to read application data,
-						 * but we trigger an SSL handshake, we return -1 with
-						 * the retry option set.  Otherwise renegotiation may
-						 * cause nasty problems in the blocking world */
-						s->rwstate = SSL_READING;
-						bio = SSL_get_rbio(s);
-						BIO_clear_retry_flags(bio);
-						BIO_set_retry_read(bio);
-						return (-1);
-					}
-				}
-			}
-		}
-		/* we either finished a handshake or ignored the request,
-		 * now try again to obtain the (application) data we were asked for */
-		goto start;
-	}
-
-	if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
-		int alert_level = s->d1->alert_fragment[0];
-		int alert_descr = s->d1->alert_fragment[1];
-
-		s->d1->alert_fragment_len = 0;
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_ALERT,
-		s->d1->alert_fragment, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb = s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb = s->ctx->info_callback;
-
-		if (cb != NULL) {
-			j = (alert_level << 8) | alert_descr;
-			cb(s, SSL_CB_READ_ALERT, j);
-		}
-
-		if (alert_level == 1) /* warning */
-		{
-			s->s3->warn_alert = alert_descr;
-			if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-				s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-				return (0);
-			}
-		} else if (alert_level == 2) /* fatal */
-		{
-			s->rwstate = SSL_NOTHING;
-			s->s3->fatal_alert = alert_descr;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
-			ERR_asprintf_error_data("SSL alert number %d",
-			    alert_descr);
-			s->shutdown|=SSL_RECEIVED_SHUTDOWN;
-			SSL_CTX_remove_session(s->ctx, s->session);
-			return (0);
-		} else {
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
-			goto f_err;
-		}
-
-		goto start;
-	}
-
-	if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */
-	{
-		s->rwstate = SSL_NOTHING;
-		rr->length = 0;
-		return (0);
-	}
-
-	if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-		struct ccs_header_st ccs_hdr;
-		unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
-
-		dtls1_get_ccs_header(rr->data, &ccs_hdr);
-
-		/* 'Change Cipher Spec' is just a single byte, so we know
-		 * exactly what the record payload has to look like */
-		/* XDTLS: check that epoch is consistent */
-		if ((rr->length != ccs_hdr_len) ||
-		    (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
-			i = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
-			goto err;
-		}
-
-		rr->length = 0;
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
-		rr->data, 1, s, s->msg_callback_arg);
-
-		/* We can't process a CCS now, because previous handshake
-		 * messages are still missing, so just drop it.
-		 */
-		if (!s->d1->change_cipher_spec_ok) {
-			goto start;
-		}
-
-		s->d1->change_cipher_spec_ok = 0;
-
-		s->s3->change_cipher_spec = 1;
-		if (!ssl3_do_change_cipher_spec(s))
-			goto err;
-
-		/* do this whenever CCS is processed */
-		dtls1_reset_seq_numbers(s, SSL3_CC_READ);
-
-		goto start;
-	}
-
-	/* Unexpected handshake message (Client Hello, or protocol violation) */
-	if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
-	    !s->in_handshake) {
-		struct hm_header_st msg_hdr;
-
-		/* this may just be a stale retransmit */
-		if (!dtls1_get_message_header(rr->data, &msg_hdr))
-			return -1;
-		if (rr->epoch != s->d1->r_epoch) {
-			rr->length = 0;
-			goto start;
-		}
-
-		/* If we are server, we may have a repeated FINISHED of the
-		 * client here, then retransmit our CCS and FINISHED.
-		 */
-		if (msg_hdr.type == SSL3_MT_FINISHED) {
-			if (dtls1_check_timeout_num(s) < 0)
-				return -1;
-
-			dtls1_retransmit_buffered_messages(s);
-			rr->length = 0;
-			goto start;
-		}
-
-		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
-		    !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-			s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-			s->renegotiate = 1;
-			s->new_session = 1;
-		}
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-
-		if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-			if (s->s3->rbuf.left == 0) /* no read-ahead left? */
-			{
-				BIO *bio;
-				/* In the case where we try to read application data,
-				 * but we trigger an SSL handshake, we return -1 with
-				 * the retry option set.  Otherwise renegotiation may
-				 * cause nasty problems in the blocking world */
-				s->rwstate = SSL_READING;
-				bio = SSL_get_rbio(s);
-				BIO_clear_retry_flags(bio);
-				BIO_set_retry_read(bio);
-				return (-1);
-			}
-		}
-		goto start;
-	}
-
-	switch (rr->type) {
-	default:
-		/* TLS just ignores unknown message types */
-		if (s->version == TLS1_VERSION) {
-			rr->length = 0;
-			goto start;
-		}
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-		goto f_err;
-	case SSL3_RT_CHANGE_CIPHER_SPEC:
-	case SSL3_RT_ALERT:
-	case SSL3_RT_HANDSHAKE:
-		/* we already handled all of these, with the possible exception
-		 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
-		 * should not happen when type != rr->type */
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		goto f_err;
-	case SSL3_RT_APPLICATION_DATA:
-		/* At this point, we were expecting handshake data,
-		 * but have application data.  If the library was
-		 * running inside ssl3_read() (i.e. in_read_app_data
-		 * is set) and it makes sense to read application data
-		 * at this point (session renegotiation not yet started),
-		 * we will indulge it.
-		 */
-		if (s->s3->in_read_app_data &&
-		    (s->s3->total_renegotiations != 0) &&
-		    (((s->state & SSL_ST_CONNECT) &&
-		    (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-		    (s->state <= SSL3_ST_CR_SRVR_HELLO_A)) || (
-		    (s->state & SSL_ST_ACCEPT) &&
-		    (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-		    (s->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
-			s->s3->in_read_app_data = 2;
-			return (-1);
-		} else {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-			goto f_err;
-		}
-	}
-	/* not reached */
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (-1);
-}
-
-int
-dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
-{
-	int i;
-
-	if (SSL_in_init(s) && !s->in_handshake)
-	{
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return -1;
-		}
-	}
-
-	if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
-		SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG);
-		return -1;
-	}
-
-	i = dtls1_write_bytes(s, type, buf_, len);
-	return i;
-}
-
-
-	/* this only happens when a client hello is received and a handshake
-	 * is started. */
-static int
-have_handshake_fragment(SSL *s, int type, unsigned char *buf,
-    int len, int peek)
-{
-
-	if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
-		/* (partially) satisfy request from storage */
-	{
-		unsigned char *src = s->d1->handshake_fragment;
-		unsigned char *dst = buf;
-		unsigned int k, n;
-
-		/* peek == 0 */
-		n = 0;
-		while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
-			*dst++ = *src++;
-			len--;
-			s->d1->handshake_fragment_len--;
-			n++;
-		}
-		/* move any remaining fragment bytes: */
-		for (k = 0; k < s->d1->handshake_fragment_len; k++)
-			s->d1->handshake_fragment[k] = *src++;
-		return n;
-	}
-
-	return 0;
-}
-
-
-/* Call this to write data in records of type 'type'
- * It will return <= 0 if not all data has been sent or non-blocking IO.
- */
-int
-dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
-{
-	int i;
-
-	OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
-	s->rwstate = SSL_NOTHING;
-	i = do_dtls1_write(s, type, buf, len);
-	return i;
-}
-
-int
-do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
-{
-	unsigned char *p, *pseq;
-	int i, mac_size, clear = 0;
-	int prefix_len = 0;
-	SSL3_RECORD *wr;
-	SSL3_BUFFER *wb;
-	SSL_SESSION *sess;
-	int bs;
-
-	/* first check if there is a SSL3_BUFFER still being written
-	 * out.  This will happen with non blocking IO */
-	if (s->s3->wbuf.left != 0) {
-		OPENSSL_assert(0); /* XDTLS:  want to see if we ever get here */
-		return (ssl3_write_pending(s, type, buf, len));
-	}
-
-	/* If we have an alert to send, lets send it */
-	if (s->s3->alert_dispatch) {
-		i = s->method->ssl_dispatch_alert(s);
-		if (i <= 0)
-			return (i);
-		/* if it went, fall through and send more stuff */
-	}
-
-	if (len == 0)
-		return 0;
-
-	wr = &(s->s3->wrec);
-	wb = &(s->s3->wbuf);
-	sess = s->session;
-
-	if ((sess == NULL) || (s->enc_write_ctx == NULL) ||
-	    (EVP_MD_CTX_md(s->write_hash) == NULL))
-		clear = 1;
-
-	if (clear)
-		mac_size = 0;
-	else {
-		mac_size = EVP_MD_CTX_size(s->write_hash);
-		if (mac_size < 0)
-			goto err;
-	}
-
-	/* DTLS implements explicit IV, so no need for empty fragments. */
-
-	p = wb->buf + prefix_len;
-
-	/* write the header */
-
-	*(p++) = type&0xff;
-	wr->type = type;
-
-	*(p++) = (s->version >> 8);
-	*(p++) = s->version&0xff;
-
-	/* field where we are to write out packet epoch, seq num and len */
-	pseq = p;
-
-	p += 10;
-
-	/* lets setup the record stuff. */
-
-	/* Make space for the explicit IV in case of CBC.
-	 * (this is a bit of a boundary violation, but what the heck).
-	 */
-	if (s->enc_write_ctx &&
-	    (EVP_CIPHER_mode( s->enc_write_ctx->cipher ) & EVP_CIPH_CBC_MODE))
-		bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
-	else
-		bs = 0;
-
-	wr->data = p + bs;
-	/* make room for IV in case of CBC */
-	wr->length = (int)len;
-	wr->input = (unsigned char *)buf;
-
-	/* we now 'read' from wr->input, wr->length bytes into
-	 * wr->data */
-
-	memcpy(wr->data, wr->input, wr->length);
-	wr->input = wr->data;
-
-	/* we should still have the output to wr->data and the input
-	 * from wr->input.  Length should be wr->length.
-	 * wr->data still points in the wb->buf */
-
-	if (mac_size != 0) {
-		if (s->method->ssl3_enc->mac(s, &(p[wr->length + bs]), 1) < 0)
-			goto err;
-		wr->length += mac_size;
-	}
-
-	/* this is true regardless of mac size */
-	wr->input = p;
-	wr->data = p;
-
-
-	/* ssl3_enc can only have an error on read */
-	if (bs)	/* bs != 0 in case of CBC */
-	{
-		arc4random_buf(p, bs);
-		/* master IV and last CBC residue stand for
-		 * the rest of randomness */
-		wr->length += bs;
-	}
-
-	s->method->ssl3_enc->enc(s, 1);
-
-	/* record length after mac and block padding */
-/*	if (type == SSL3_RT_APPLICATION_DATA ||
-	(type == SSL3_RT_ALERT && ! SSL_in_init(s))) */
-
-	/* there's only one epoch between handshake and app data */
-
-	s2n(s->d1->w_epoch, pseq);
-
-	/* XDTLS: ?? */
-/*	else
-	s2n(s->d1->handshake_epoch, pseq);
-*/
-
-	memcpy(pseq, &(s->s3->write_sequence[2]), 6);
-	pseq += 6;
-	s2n(wr->length, pseq);
-
-	/* we should now have
-	 * wr->data pointing to the encrypted data, which is
-	 * wr->length long */
-	wr->type=type; /* not needed but helps for debugging */
-	wr->length += DTLS1_RT_HEADER_LENGTH;
-
-	tls1_record_sequence_increment(s->s3->write_sequence);
-
-	/* now let's set up wb */
-	wb->left = prefix_len + wr->length;
-	wb->offset = 0;
-
-	/* memorize arguments so that ssl3_write_pending can detect bad write retries later */
-	s->s3->wpend_tot = len;
-	s->s3->wpend_buf = buf;
-	s->s3->wpend_type = type;
-	s->s3->wpend_ret = len;
-
-	/* we now just need to write the buffer */
-	return ssl3_write_pending(s, type, buf, len);
-err:
-	return -1;
-}
-
-
-
-static int
-dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
-{
-	int cmp;
-	unsigned int shift;
-	const unsigned char *seq = s->s3->read_sequence;
-
-	cmp = satsub64be(seq, bitmap->max_seq_num);
-	if (cmp > 0) {
-		memcpy (s->s3->rrec.seq_num, seq, 8);
-		return 1; /* this record in new */
-	}
-	shift = -cmp;
-	if (shift >= sizeof(bitmap->map)*8)
-		return 0; /* stale, outside the window */
-	else if (bitmap->map & (1UL << shift))
-		return 0; /* record previously received */
-
-	memcpy(s->s3->rrec.seq_num, seq, 8);
-	return 1;
-}
-
-
-static void
-dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
-{
-	int cmp;
-	unsigned int shift;
-	const unsigned char *seq = s->s3->read_sequence;
-
-	cmp = satsub64be(seq, bitmap->max_seq_num);
-	if (cmp > 0) {
-		shift = cmp;
-		if (shift < sizeof(bitmap->map)*8)
-			bitmap->map <<= shift, bitmap->map |= 1UL;
-		else
-			bitmap->map = 1UL;
-		memcpy(bitmap->max_seq_num, seq, 8);
-	} else {
-		shift = -cmp;
-		if (shift < sizeof(bitmap->map) * 8)
-			bitmap->map |= 1UL << shift;
-	}
-}
-
-
-int
-dtls1_dispatch_alert(SSL *s)
-{
-	int i, j;
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	unsigned char buf[DTLS1_AL_HEADER_LENGTH];
-	unsigned char *ptr = &buf[0];
-
-	s->s3->alert_dispatch = 0;
-
-	memset(buf, 0x00, sizeof(buf));
-	*ptr++ = s->s3->send_alert[0];
-	*ptr++ = s->s3->send_alert[1];
-
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-	if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
-		s2n(s->d1->handshake_read_seq, ptr);
-		l2n3(s->d1->r_msg_hdr.frag_off, ptr);
-	}
-#endif
-
-	i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf));
-	if (i <= 0) {
-		s->s3->alert_dispatch = 1;
-		/* fprintf( stderr, "not done with alert\n" ); */
-	} else {
-		if (s->s3->send_alert[0] == SSL3_AL_FATAL
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-		|| s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#endif
-		)
-			(void)BIO_flush(s->wbio);
-
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, SSL3_RT_ALERT,
-			    s->s3->send_alert, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb = s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb = s->ctx->info_callback;
-
-		if (cb != NULL) {
-			j = (s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
-			cb(s, SSL_CB_WRITE_ALERT, j);
-		}
-	}
-	return (i);
-}
-
-
-static DTLS1_BITMAP *
-dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)
-{
-
-	*is_next_epoch = 0;
-
-	/* In current epoch, accept HM, CCS, DATA, & ALERT */
-	if (rr->epoch == s->d1->r_epoch)
-		return &s->d1->bitmap;
-
-	/* Only HM and ALERT messages can be from the next epoch */
-	else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
-		(rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
-		*is_next_epoch = 1;
-		return &s->d1->next_bitmap;
-	}
-
-	return NULL;
-}
-
-void
-dtls1_reset_seq_numbers(SSL *s, int rw)
-{
-	unsigned char *seq;
-	unsigned int seq_bytes = sizeof(s->s3->read_sequence);
-
-	if (rw & SSL3_CC_READ) {
-		seq = s->s3->read_sequence;
-		s->d1->r_epoch++;
-		memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
-		memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
-	} else {
-		seq = s->s3->write_sequence;
-		memcpy(s->d1->last_write_sequence, seq, sizeof(s->s3->write_sequence));
-		s->d1->w_epoch++;
-	}
-
-	memset(seq, 0x00, seq_bytes);
-}
diff --git a/lib/libssl/src/ssl/d1_srtp.c b/lib/libssl/src/ssl/d1_srtp.c
deleted file mode 100644
index 45ce5b8d3eb..00000000000
--- a/lib/libssl/src/ssl/d1_srtp.c
+++ /dev/null
@@ -1,473 +0,0 @@
-/* $OpenBSD: d1_srtp.c,v 1.15 2015/07/31 00:35:06 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- * DTLS code by Eric Rescorla <ekr@rtfm.com>
- *
- * Copyright (C) 2006, Network Resonance, Inc.
- * Copyright (C) 2011, RTFM, Inc.
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-
-#ifndef OPENSSL_NO_SRTP
-
-#include "bytestring.h"
-#include "srtp.h"
-
-static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
-	{
-		"SRTP_AES128_CM_SHA1_80",
-		SRTP_AES128_CM_SHA1_80,
-	},
-	{
-		"SRTP_AES128_CM_SHA1_32",
-		SRTP_AES128_CM_SHA1_32,
-	},
-	{0}
-};
-
-static int
-find_profile_by_name(char *profile_name, SRTP_PROTECTION_PROFILE **pptr,
-    unsigned len)
-{
-	SRTP_PROTECTION_PROFILE *p;
-
-	p = srtp_known_profiles;
-	while (p->name) {
-		if ((len == strlen(p->name)) &&
-		    !strncmp(p->name, profile_name, len)) {
-			*pptr = p;
-			return 0;
-		}
-
-		p++;
-	}
-
-	return 1;
-}
-
-static int
-find_profile_by_num(unsigned profile_num, SRTP_PROTECTION_PROFILE **pptr)
-{
-	SRTP_PROTECTION_PROFILE *p;
-
-	p = srtp_known_profiles;
-	while (p->name) {
-		if (p->id == profile_num) {
-			*pptr = p;
-			return 0;
-		}
-		p++;
-	}
-
-	return 1;
-}
-
-static int
-ssl_ctx_make_profiles(const char *profiles_string,
-    STACK_OF(SRTP_PROTECTION_PROFILE) **out)
-{
-	STACK_OF(SRTP_PROTECTION_PROFILE) *profiles;
-
-	char *col;
-	char *ptr = (char *)profiles_string;
-
-	SRTP_PROTECTION_PROFILE *p;
-
-	if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
-		SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
-		    SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
-		return 1;
-	}
-
-	do {
-		col = strchr(ptr, ':');
-
-		if (!find_profile_by_name(ptr, &p,
-		    col ? col - ptr : (int)strlen(ptr))) {
-			sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
-		} else {
-			SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
-			    SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
-			sk_SRTP_PROTECTION_PROFILE_free(profiles);
-			return 1;
-		}
-
-		if (col)
-			ptr = col + 1;
-	} while (col);
-
-	*out = profiles;
-
-	return 0;
-}
-
-int
-SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
-{
-	return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
-}
-
-int
-SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
-{
-	return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
-}
-
-
-STACK_OF(SRTP_PROTECTION_PROFILE) *
-SSL_get_srtp_profiles(SSL *s)
-{
-	if (s != NULL) {
-		if (s->srtp_profiles != NULL) {
-			return s->srtp_profiles;
-		} else if ((s->ctx != NULL) &&
-		    (s->ctx->srtp_profiles != NULL)) {
-			return s->ctx->srtp_profiles;
-		}
-	}
-
-	return NULL;
-}
-
-SRTP_PROTECTION_PROFILE *
-SSL_get_selected_srtp_profile(SSL *s)
-{
-	return s->srtp_profile;
-}
-
-/* Note: this function returns 0 length if there are no
-   profiles specified */
-int
-ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
-{
-	int ct = 0;
-	int i;
-	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0;
-	SRTP_PROTECTION_PROFILE *prof;
-
-	clnt = SSL_get_srtp_profiles(s);
-
-	ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */
-
-	if (p) {
-		if (ct == 0) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
-			    SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
-			return 1;
-		}
-
-		if ((2 + ct * 2 + 1) > maxlen) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
-			    SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
-			return 1;
-		}
-
-		/* Add the length */
-		s2n(ct * 2, p);
-		for (i = 0; i < ct; i++) {
-			prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
-			s2n(prof->id, p);
-		}
-
-		/* Add an empty use_mki value */
-		*p++ = 0;
-	}
-
-	*len = 2 + ct*2 + 1;
-
-	return 0;
-}
-
-
-int
-ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
-    int *al)
-{
-	SRTP_PROTECTION_PROFILE *cprof, *sprof;
-	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0, *srvr;
-	int i, j;
-	int ret = 1;
-	uint16_t id;
-	CBS cbs, ciphers, mki;
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-		*al = SSL_AD_DECODE_ERROR;
-		goto done;
-	}
-
-	CBS_init(&cbs, d, len);
-	/* Pull off the cipher suite list */
-	if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
-	    CBS_len(&ciphers) % 2) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-		*al = SSL_AD_DECODE_ERROR;
-		goto done;
-	}
-
-	clnt = sk_SRTP_PROTECTION_PROFILE_new_null();
-
-	while (CBS_len(&ciphers) > 0) {
-		if (!CBS_get_u16(&ciphers, &id)) {
-			SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-			    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-			*al = SSL_AD_DECODE_ERROR;
-			goto done;
-		}
-
-		if (!find_profile_by_num(id, &cprof))
-			sk_SRTP_PROTECTION_PROFILE_push(clnt, cprof);
-		else
-			; /* Ignore */
-	}
-
-	/* Extract the MKI value as a sanity check, but discard it for now. */
-	if (!CBS_get_u8_length_prefixed(&cbs, &mki) ||
-	    CBS_len(&cbs) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_MKI_VALUE);
-		*al = SSL_AD_DECODE_ERROR;
-		goto done;
-	}
-
-	srvr = SSL_get_srtp_profiles(s);
-
-	/*
-	 * Pick our most preferred profile. If no profiles have been
-	 * configured then the outer loop doesn't run
-	 * (sk_SRTP_PROTECTION_PROFILE_num() = -1)
-	 * and so we just return without doing anything.
-	 */
-	for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(srvr); i++) {
-		sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
-
-		for (j = 0; j < sk_SRTP_PROTECTION_PROFILE_num(clnt); j++) {
-			cprof = sk_SRTP_PROTECTION_PROFILE_value(clnt, j);
-
-			if (cprof->id == sprof->id) {
-				s->srtp_profile = sprof;
-				*al = 0;
-				ret = 0;
-				goto done;
-			}
-		}
-	}
-
-	ret = 0;
-
-done:
-	if (clnt)
-		sk_SRTP_PROTECTION_PROFILE_free(clnt);
-
-	return ret;
-}
-
-int
-ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
-{
-	if (p) {
-		if (maxlen < 5) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
-			    SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
-			return 1;
-		}
-
-		if (s->srtp_profile == 0) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
-			    SSL_R_USE_SRTP_NOT_NEGOTIATED);
-			return 1;
-		}
-		s2n(2, p);
-		s2n(s->srtp_profile->id, p);
-		*p++ = 0;
-	}
-	*len = 5;
-
-	return 0;
-}
-
-
-int
-ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al)
-{
-	STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
-	SRTP_PROTECTION_PROFILE *prof;
-	int i;
-	uint16_t id;
-	CBS cbs, profile_ids, mki;
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-		*al = SSL_AD_DECODE_ERROR;
-		return 1;
-	}
-
-	CBS_init(&cbs, d, len);
-
-	/*
-	 * As per RFC 5764 section 4.1.1, server response MUST be a single
-	 * profile id.
-	 */
-	if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) ||
-	    !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-		*al = SSL_AD_DECODE_ERROR;
-		return 1;
-	}
-
-	/* Must be no MKI, since we never offer one. */
-	if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-		    SSL_R_BAD_SRTP_MKI_VALUE);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 1;
-	}
-
-	clnt = SSL_get_srtp_profiles(s);
-
-	/* Throw an error if the server gave us an unsolicited extension. */
-	if (clnt == NULL) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-		    SSL_R_NO_SRTP_PROFILES);
-		*al = SSL_AD_DECODE_ERROR;
-		return 1;
-	}
-
-	/*
-	 * Check to see if the server gave us something we support
-	 * (and presumably offered).
-	 */
-	for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(clnt); i++) {
-		prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
-
-		if (prof->id == id) {
-			s->srtp_profile = prof;
-			*al = 0;
-			return 0;
-		}
-	}
-
-	SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
-	    SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
-	*al = SSL_AD_DECODE_ERROR;
-	return 1;
-}
-
-#endif
diff --git a/lib/libssl/src/ssl/d1_srvr.c b/lib/libssl/src/ssl/d1_srvr.c
deleted file mode 100644
index f6664237aee..00000000000
--- a/lib/libssl/src/ssl/d1_srvr.c
+++ /dev/null
@@ -1,751 +0,0 @@
-/* $OpenBSD: d1_srvr.c,v 1.67 2015/09/13 09:20:19 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/dh.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static const SSL_METHOD *dtls1_get_server_method(int ver);
-static int dtls1_send_hello_verify_request(SSL *s);
-
-const SSL_METHOD DTLSv1_server_method_data = {
-	.version = DTLS1_VERSION,
-	.ssl_new = dtls1_new,
-	.ssl_clear = dtls1_clear,
-	.ssl_free = dtls1_free,
-	.ssl_accept = dtls1_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = dtls1_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = dtls1_get_message,
-	.ssl_read_bytes = dtls1_read_bytes,
-	.ssl_write_bytes = dtls1_write_app_data_bytes,
-	.ssl_dispatch_alert = dtls1_dispatch_alert,
-	.ssl_ctrl = dtls1_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = dtls1_get_cipher,
-	.get_ssl_method = dtls1_get_server_method,
-	.get_timeout = dtls1_default_timeout,
-	.ssl3_enc = &DTLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD *
-DTLSv1_server_method(void)
-{
-	return &DTLSv1_server_method_data;
-}
-
-static const SSL_METHOD *
-dtls1_get_server_method(int ver)
-{
-	if (ver == DTLS1_VERSION)
-		return (DTLSv1_server_method());
-	return (NULL);
-}
-
-int
-dtls1_accept(SSL *s)
-{
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	unsigned long alg_k;
-	int ret = -1;
-	int new_state, state, skip = 0;
-	int listen;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	listen = s->d1->listen;
-
-	/* init things to blank */
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-	s->d1->listen = listen;
-
-	if (s->cert == NULL) {
-		SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
-		ret = -1;
-		goto end;
-	}
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_RENEGOTIATE:
-			s->renegotiate = 1;
-			/* s->state=SSL_ST_ACCEPT; */
-
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server = 1;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
-				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
-				ret = -1;
-				goto end;
-			}
-			s->type = SSL_ST_ACCEPT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl3_setup_buffers(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			s->init_num = 0;
-
-			if (s->state != SSL_ST_RENEGOTIATE) {
-				/* Ok, we now need to push on a buffering BIO so that
-				 * the output is sent in a way that TCP likes :-)
-				 * ...but not with SCTP :-)
-				 */
-				if (!ssl_init_wbio_buffer(s, 1)) {
-					ret = -1;
-					goto end;
-				}
-
-				if (!tls1_init_finished_mac(s)) {
-					ret = -1;
-					goto end;
-				}
-
-				s->state = SSL3_ST_SR_CLNT_HELLO_A;
-				s->ctx->stats.sess_accept++;
-			} else {
-				/* s->state == SSL_ST_RENEGOTIATE,
-				 * we will just send a HelloRequest */
-				s->ctx->stats.sess_accept_renegotiate++;
-				s->state = SSL3_ST_SW_HELLO_REQ_A;
-			}
-
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_A:
-		case SSL3_ST_SW_HELLO_REQ_B:
-
-			s->shutdown = 0;
-			dtls1_clear_record_buffer(s);
-			dtls1_start_timer(s);
-			ret = ssl3_send_hello_request(s);
-			if (ret <= 0)
-				goto end;
-			s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-			s->state = SSL3_ST_SW_FLUSH;
-			s->init_num = 0;
-
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_C:
-			s->state = SSL_ST_OK;
-			break;
-
-		case SSL3_ST_SR_CLNT_HELLO_A:
-		case SSL3_ST_SR_CLNT_HELLO_B:
-		case SSL3_ST_SR_CLNT_HELLO_C:
-
-			s->shutdown = 0;
-			ret = ssl3_get_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			dtls1_stop_timer(s);
-
-			if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
-				s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
-			else
-				s->state = SSL3_ST_SW_SRVR_HELLO_A;
-
-			s->init_num = 0;
-
-			/* Reflect ClientHello sequence to remain stateless while listening */
-			if (listen) {
-				memcpy(s->s3->write_sequence, s->s3->read_sequence, sizeof(s->s3->write_sequence));
-			}
-
-			/* If we're just listening, stop here */
-			if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
-				ret = 2;
-				s->d1->listen = 0;
-				/* Set expected sequence numbers
-				 * to continue the handshake.
-				 */
-				s->d1->handshake_read_seq = 2;
-				s->d1->handshake_write_seq = 1;
-				s->d1->next_handshake_write_seq = 1;
-				goto end;
-			}
-
-			break;
-
-		case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-		case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-
-			ret = dtls1_send_hello_verify_request(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_FLUSH;
-			s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
-
-			/* HelloVerifyRequest resets Finished MAC */
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-			break;
-
-
-		case SSL3_ST_SW_SRVR_HELLO_A:
-		case SSL3_ST_SW_SRVR_HELLO_B:
-			s->renegotiate = 2;
-			dtls1_start_timer(s);
-			ret = ssl3_send_server_hello(s);
-			if (ret <= 0)
-				goto end;
-
-			if (s->hit) {
-				if (s->tlsext_ticket_expected)
-					s->state = SSL3_ST_SW_SESSION_TICKET_A;
-				else
-					s->state = SSL3_ST_SW_CHANGE_A;
-			} else
-				s->state = SSL3_ST_SW_CERT_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_A:
-		case SSL3_ST_SW_CERT_B:
-			/* Check if it is anon DH. */
-			if (!(s->s3->tmp.new_cipher->algorithm_auth &
-			    SSL_aNULL)) {
-				dtls1_start_timer(s);
-				ret = dtls1_send_server_certificate(s);
-				if (ret <= 0)
-					goto end;
-				if (s->tlsext_status_expected)
-					s->state = SSL3_ST_SW_CERT_STATUS_A;
-				else
-					s->state = SSL3_ST_SW_KEY_EXCH_A;
-			} else {
-				skip = 1;
-				s->state = SSL3_ST_SW_KEY_EXCH_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_KEY_EXCH_A:
-		case SSL3_ST_SW_KEY_EXCH_B:
-			alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-			/* Only send if using a DH key exchange. */
-			if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
-				dtls1_start_timer(s);
-				ret = ssl3_send_server_key_exchange(s);
-				if (ret <= 0)
-					goto end;
-			} else
-				skip = 1;
-
-			s->state = SSL3_ST_SW_CERT_REQ_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_REQ_A:
-		case SSL3_ST_SW_CERT_REQ_B:
-			/*
-			 * Determine whether or not we need to request a
-			 * certificate.
-			 *
-			 * Do not request a certificate if:
-			 *
-			 * - We did not ask for it (SSL_VERIFY_PEER is unset).
-			 *
-			 * - SSL_VERIFY_CLIENT_ONCE is set and we are
-			 *   renegotiating.
-			 *
-			 * - We are using an anonymous ciphersuites
-			 *   (see section "Certificate request" in SSL 3 drafts
-			 *   and in RFC 2246) ... except when the application
-			 *   insists on verification (against the specs, but
-			 *   s3_clnt.c accepts this for SSL 3).
-			 */
-			if (!(s->verify_mode & SSL_VERIFY_PEER) ||
-			    ((s->session->peer != NULL) &&
-			     (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
-			    ((s->s3->tmp.new_cipher->algorithm_auth &
-			     SSL_aNULL) && !(s->verify_mode &
-			     SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) {
-				/* no cert request */
-				skip = 1;
-				s->s3->tmp.cert_request = 0;
-				s->state = SSL3_ST_SW_SRVR_DONE_A;
-			} else {
-				s->s3->tmp.cert_request = 1;
-				dtls1_start_timer(s);
-				ret = ssl3_send_certificate_request(s);
-				if (ret <= 0)
-					goto end;
-				s->state = SSL3_ST_SW_SRVR_DONE_A;
-				s->init_num = 0;
-			}
-			break;
-
-		case SSL3_ST_SW_SRVR_DONE_A:
-		case SSL3_ST_SW_SRVR_DONE_B:
-			dtls1_start_timer(s);
-			ret = ssl3_send_server_done(s);
-			if (ret <= 0)
-				goto end;
-			s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-			s->state = SSL3_ST_SW_FLUSH;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_FLUSH:
-			s->rwstate = SSL_WRITING;
-			if (BIO_flush(s->wbio) <= 0) {
-				/* If the write error was fatal, stop trying */
-				if (!BIO_should_retry(s->wbio)) {
-					s->rwstate = SSL_NOTHING;
-					s->state = s->s3->tmp.next_state;
-				}
-
-				ret = -1;
-				goto end;
-			}
-			s->rwstate = SSL_NOTHING;
-			s->state = s->s3->tmp.next_state;
-			break;
-
-		case SSL3_ST_SR_CERT_A:
-		case SSL3_ST_SR_CERT_B:
-			if (s->s3->tmp.cert_request) {
-				ret = ssl3_get_client_certificate(s);
-				if (ret <= 0)
-					goto end;
-			}
-			s->init_num = 0;
-			s->state = SSL3_ST_SR_KEY_EXCH_A;
-			break;
-
-		case SSL3_ST_SR_KEY_EXCH_A:
-		case SSL3_ST_SR_KEY_EXCH_B:
-			ret = ssl3_get_client_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-
-			s->state = SSL3_ST_SR_CERT_VRFY_A;
-			s->init_num = 0;
-
-			if (ret == 2) {
-				/* For the ECDH ciphersuites when
-				 * the client sends its ECDH pub key in
-				 * a certificate, the CertificateVerify
-				 * message is not sent.
-				 */
-				s->state = SSL3_ST_SR_FINISHED_A;
-				s->init_num = 0;
-			} else if (SSL_USE_SIGALGS(s)) {
-				s->state = SSL3_ST_SR_CERT_VRFY_A;
-				s->init_num = 0;
-				if (!s->session->peer)
-					break;
-
-				/*
-				 * For sigalgs freeze the handshake buffer
-				 * at this point and digest cached records.
-				 */
-				if (!s->s3->handshake_buffer) {
-					SSLerr(SSL_F_SSL3_ACCEPT,
-					    ERR_R_INTERNAL_ERROR);
-					ret = -1;
-					goto end;
-				}
-				s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-				if (!tls1_digest_cached_records(s)) {
-					ret = -1;
-					goto end;
-				}
-			} else {
-				s->state = SSL3_ST_SR_CERT_VRFY_A;
-				s->init_num = 0;
-
-				/* We need to get hashes here so if there is
-				 * a client cert, it can be verified */
-				s->method->ssl3_enc->cert_verify_mac(s,
-				    NID_md5, &(s->s3->tmp.cert_verify_md[0]));
-				s->method->ssl3_enc->cert_verify_mac(s,
-				    NID_sha1,
-				    &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]));
-			}
-			break;
-
-		case SSL3_ST_SR_CERT_VRFY_A:
-		case SSL3_ST_SR_CERT_VRFY_B:
-
-			s->d1->change_cipher_spec_ok = 1;
-			/* we should decide if we expected this one */
-			ret = ssl3_get_cert_verify(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SR_FINISHED_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SR_FINISHED_A:
-		case SSL3_ST_SR_FINISHED_B:
-			s->d1->change_cipher_spec_ok = 1;
-			ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
-			SSL3_ST_SR_FINISHED_B);
-			if (ret <= 0)
-				goto end;
-			dtls1_stop_timer(s);
-			if (s->hit)
-				s->state = SSL_ST_OK;
-			else if (s->tlsext_ticket_expected)
-				s->state = SSL3_ST_SW_SESSION_TICKET_A;
-			else
-				s->state = SSL3_ST_SW_CHANGE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_SESSION_TICKET_A:
-		case SSL3_ST_SW_SESSION_TICKET_B:
-			ret = ssl3_send_newsession_ticket(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_CHANGE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_STATUS_A:
-		case SSL3_ST_SW_CERT_STATUS_B:
-			ret = ssl3_send_cert_status(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-
-		case SSL3_ST_SW_CHANGE_A:
-		case SSL3_ST_SW_CHANGE_B:
-
-			s->session->cipher = s->s3->tmp.new_cipher;
-			if (!s->method->ssl3_enc->setup_key_block(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			ret = dtls1_send_change_cipher_spec(s,
-			SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
-
-			if (ret <= 0)
-				goto end;
-
-
-			s->state = SSL3_ST_SW_FINISHED_A;
-			s->init_num = 0;
-
-			if (!s->method->ssl3_enc->change_cipher_state(s,
-				SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
-				ret = -1;
-				goto end;
-			}
-
-			dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
-			break;
-
-		case SSL3_ST_SW_FINISHED_A:
-		case SSL3_ST_SW_FINISHED_B:
-			ret = ssl3_send_finished(s,
-			    SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B,
-			    s->method->ssl3_enc->server_finished_label,
-			    s->method->ssl3_enc->server_finished_label_len);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_FLUSH;
-			if (s->hit) {
-				s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
-
-			} else {
-				s->s3->tmp.next_state = SSL_ST_OK;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			tls1_cleanup_key_block(s);
-
-			/* remove buffering on output */
-			ssl_free_wbio_buffer(s);
-
-			s->init_num = 0;
-
-			if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */
-			{
-				s->renegotiate = 0;
-				s->new_session = 0;
-
-				ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
-				s->ctx->stats.sess_accept_good++;
-				/* s->server=1; */
-				s->handshake_func = dtls1_accept;
-
-				if (cb != NULL)
-					cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-			}
-
-			ret = 1;
-
-			/* done handshaking, next message is client hello */
-			s->d1->handshake_read_seq = 0;
-			/* next message is server hello */
-			s->d1->handshake_write_seq = 0;
-			s->d1->next_handshake_write_seq = 0;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		if (!s->s3->tmp.reuse_message && !skip) {
-			if (s->debug) {
-				if ((ret = BIO_flush(s->wbio)) <= 0)
-					goto end;
-			}
-
-			if ((cb != NULL) && (s->state != state)) {
-				new_state = s->state;
-				s->state = state;
-				cb(s, SSL_CB_ACCEPT_LOOP, 1);
-				s->state = new_state;
-			}
-		}
-		skip = 0;
-	}
-end:
-	/* BIO_flush(s->wbio); */
-
-	s->in_handshake--;
-
-	if (cb != NULL)
-		cb(s, SSL_CB_ACCEPT_EXIT, ret);
-
-	return (ret);
-}
-
-int
-dtls1_send_hello_verify_request(SSL *s)
-{
-	unsigned char *d, *p;
-
-	if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
-		d = p = ssl3_handshake_msg_start(s,
-		    DTLS1_MT_HELLO_VERIFY_REQUEST);
-
-		*(p++) = s->version >> 8;
-		*(p++) = s->version & 0xFF;
-
-		if (s->ctx->app_gen_cookie_cb == NULL ||
-		    s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
-			&(s->d1->cookie_len)) == 0) {
-			SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
-			    ERR_R_INTERNAL_ERROR);
-			return 0;
-		}
-
-		*(p++) = (unsigned char) s->d1->cookie_len;
-		memcpy(p, s->d1->cookie, s->d1->cookie_len);
-		p += s->d1->cookie_len;
-
-		ssl3_handshake_msg_finish(s, p - d);
-
-		s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
-	}
-
-	/* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
-	return (ssl3_handshake_write(s));
-}
-
-int
-dtls1_send_server_certificate(SSL *s)
-{
-	unsigned long l;
-	X509 *x;
-
-	if (s->state == SSL3_ST_SW_CERT_A) {
-		x = ssl_get_server_send_cert(s);
-		if (x == NULL) {
-			SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,
-			    ERR_R_INTERNAL_ERROR);
-			return (0);
-		}
-
-		l = dtls1_output_cert_chain(s, x);
-		s->state = SSL3_ST_SW_CERT_B;
-		s->init_num = (int)l;
-		s->init_off = 0;
-
-		/* buffer the message to handle re-xmits */
-		dtls1_buffer_message(s, 0);
-	}
-
-	/* SSL3_ST_SW_CERT_B */
-	return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
-}
diff --git a/lib/libssl/src/ssl/dtls1.h b/lib/libssl/src/ssl/dtls1.h
deleted file mode 100644
index 5aed28e99af..00000000000
--- a/lib/libssl/src/ssl/dtls1.h
+++ /dev/null
@@ -1,245 +0,0 @@
-/* $OpenBSD: dtls1.h,v 1.18 2015/09/10 17:57:50 jsing Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_DTLS1_H
-#define HEADER_DTLS1_H
-
-#include <sys/time.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <openssl/buffer.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define DTLS1_VERSION			0xFEFF
-
-/* lengths of messages */
-#define DTLS1_COOKIE_LENGTH                     256
-
-#define DTLS1_RT_HEADER_LENGTH                  13
-
-#define DTLS1_HM_HEADER_LENGTH                  12
-
-#define DTLS1_HM_BAD_FRAGMENT                   -2
-#define DTLS1_HM_FRAGMENT_RETRY                 -3
-
-#define DTLS1_CCS_HEADER_LENGTH                  1
-
-#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
-#define DTLS1_AL_HEADER_LENGTH                   7
-#else
-#define DTLS1_AL_HEADER_LENGTH                   2
-#endif
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-
-typedef struct dtls1_bitmap_st {
-	unsigned long map;		/* track 32 packets on 32-bit systems
-					   and 64 - on 64-bit systems */
-	unsigned char max_seq_num[8];	/* max record number seen so far,
-					   64-bit value in big-endian
-					   encoding */
-} DTLS1_BITMAP;
-
-struct dtls1_retransmit_state {
-	EVP_CIPHER_CTX *enc_write_ctx;	/* cryptographic state */
-	EVP_MD_CTX *write_hash;		/* used for mac generation */
-	SSL_SESSION *session;
-	unsigned short epoch;
-};
-
-struct hm_header_st {
-	unsigned char type;
-	unsigned long msg_len;
-	unsigned short seq;
-	unsigned long frag_off;
-	unsigned long frag_len;
-	unsigned int is_ccs;
-	struct dtls1_retransmit_state saved_retransmit_state;
-};
-
-struct ccs_header_st {
-	unsigned char type;
-	unsigned short seq;
-};
-
-struct dtls1_timeout_st {
-	/* Number of read timeouts so far */
-	unsigned int read_timeouts;
-
-	/* Number of write timeouts so far */
-	unsigned int write_timeouts;
-
-	/* Number of alerts received so far */
-	unsigned int num_alerts;
-};
-
-struct _pqueue;
-
-typedef struct record_pqueue_st {
-	unsigned short epoch;
-	struct _pqueue *q;
-} record_pqueue;
-
-typedef struct hm_fragment_st {
-	struct hm_header_st msg_header;
-	unsigned char *fragment;
-	unsigned char *reassembly;
-} hm_fragment;
-
-typedef struct dtls1_state_st {
-	unsigned int send_cookie;
-	unsigned char cookie[DTLS1_COOKIE_LENGTH];
-	unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
-	unsigned int cookie_len;
-
-	/*
-	 * The current data and handshake epoch.  This is initially
-	 * undefined, and starts at zero once the initial handshake is
-	 * completed
-	 */
-	unsigned short r_epoch;
-	unsigned short w_epoch;
-
-	/* records being received in the current epoch */
-	DTLS1_BITMAP bitmap;
-
-	/* renegotiation starts a new set of sequence numbers */
-	DTLS1_BITMAP next_bitmap;
-
-	/* handshake message numbers */
-	unsigned short handshake_write_seq;
-	unsigned short next_handshake_write_seq;
-
-	unsigned short handshake_read_seq;
-
-	/* save last sequence number for retransmissions */
-	unsigned char last_write_sequence[8];
-
-	/* Received handshake records (processed and unprocessed) */
-	record_pqueue unprocessed_rcds;
-	record_pqueue processed_rcds;
-
-	/* Buffered handshake messages */
-	struct _pqueue *buffered_messages;
-
-	/* Buffered (sent) handshake records */
-	struct _pqueue *sent_messages;
-
-	/* Buffered application records.
-	 * Only for records between CCS and Finished
-	 * to prevent either protocol violation or
-	 * unnecessary message loss.
-	 */
-	record_pqueue buffered_app_data;
-
-	/* Is set when listening for new connections with dtls1_listen() */
-	unsigned int listen;
-
-	unsigned int mtu; /* max DTLS packet size */
-
-	struct hm_header_st w_msg_hdr;
-	struct hm_header_st r_msg_hdr;
-
-	struct dtls1_timeout_st timeout;
-
-	/* Indicates when the last handshake msg or heartbeat sent will timeout */
-	struct timeval next_timeout;
-
-	/* Timeout duration */
-	unsigned short timeout_duration;
-
-	/* storage for Alert/Handshake protocol data received but not
-	 * yet processed by ssl3_read_bytes: */
-	unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
-	unsigned int alert_fragment_len;
-	unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
-	unsigned int handshake_fragment_len;
-
-	unsigned int retransmitting;
-	unsigned int change_cipher_spec_ok;
-
-
-} DTLS1_STATE;
-
-typedef struct dtls1_record_data_st {
-	unsigned char *packet;
-	unsigned int   packet_length;
-	SSL3_BUFFER    rbuf;
-	SSL3_RECORD    rrec;
-} DTLS1_RECORD_DATA;
-
-#endif
-
-/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
-#define DTLS1_TMO_READ_COUNT                      2
-#define DTLS1_TMO_WRITE_COUNT                     2
-
-#define DTLS1_TMO_ALERT_COUNT                     12
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/ssl/pqueue.c b/lib/libssl/src/ssl/pqueue.c
deleted file mode 100644
index 602969deb0d..00000000000
--- a/lib/libssl/src/ssl/pqueue.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/* $OpenBSD: pqueue.c,v 1.5 2014/06/12 15:49:31 deraadt Exp $ */
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "pqueue.h"
-
-typedef struct _pqueue {
-	pitem *items;
-	int count;
-} pqueue_s;
-
-pitem *
-pitem_new(unsigned char *prio64be, void *data)
-{
-	pitem *item = malloc(sizeof(pitem));
-
-	if (item == NULL)
-		return NULL;
-
-	memcpy(item->priority, prio64be, sizeof(item->priority));
-
-	item->data = data;
-	item->next = NULL;
-
-	return item;
-}
-
-void
-pitem_free(pitem *item)
-{
-	free(item);
-}
-
-pqueue_s *
-pqueue_new(void)
-{
-	return calloc(1, sizeof(pqueue_s));
-}
-
-void
-pqueue_free(pqueue_s *pq)
-{
-	free(pq);
-}
-
-pitem *
-pqueue_insert(pqueue_s *pq, pitem *item)
-{
-	pitem *curr, *next;
-
-	if (pq->items == NULL) {
-		pq->items = item;
-		return item;
-	}
-
-	for (curr = NULL, next = pq->items; next != NULL;
-	    curr = next, next = next->next) {
-		/* we can compare 64-bit value in big-endian encoding
-		 * with memcmp:-) */
-		int cmp = memcmp(next->priority, item->priority,
-		    sizeof(item->priority));
-		if (cmp > 0) {		/* next > item */
-			item->next = next;
-
-			if (curr == NULL)
-				pq->items = item;
-			else
-				curr->next = item;
-
-			return item;
-		} else if (cmp == 0)	/* duplicates not allowed */
-			return NULL;
-	}
-
-	item->next = NULL;
-	curr->next = item;
-
-	return item;
-}
-
-pitem *
-pqueue_peek(pqueue_s *pq)
-{
-	return pq->items;
-}
-
-pitem *
-pqueue_pop(pqueue_s *pq)
-{
-	pitem *item = pq->items;
-
-	if (pq->items != NULL)
-		pq->items = pq->items->next;
-
-	return item;
-}
-
-pitem *
-pqueue_find(pqueue_s *pq, unsigned char *prio64be)
-{
-	pitem *next;
-
-	for (next = pq->items; next != NULL; next = next->next)
-		if (memcmp(next->priority, prio64be,
-		    sizeof(next->priority)) == 0)
-			return next;
-
-	return NULL;
-}
-
-pitem *
-pqueue_iterator(pqueue_s *pq)
-{
-	return pqueue_peek(pq);
-}
-
-pitem *
-pqueue_next(pitem **item)
-{
-	pitem *ret;
-
-	if (item == NULL || *item == NULL)
-		return NULL;
-
-	/* *item != NULL */
-	ret = *item;
-	*item = (*item)->next;
-
-	return ret;
-}
-
-int
-pqueue_size(pqueue_s *pq)
-{
-	pitem *item = pq->items;
-	int count = 0;
-
-	while (item != NULL) {
-		count++;
-		item = item->next;
-	}
-	return count;
-}
diff --git a/lib/libssl/src/ssl/pqueue.h b/lib/libssl/src/ssl/pqueue.h
deleted file mode 100644
index 0d7ddc04e2c..00000000000
--- a/lib/libssl/src/ssl/pqueue.h
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $OpenBSD: pqueue.h,v 1.3 2014/06/12 15:49:31 deraadt Exp $ */
-
-/*
- * DTLS implementation written by Nagendra Modadugu
- * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#ifndef HEADER_PQUEUE_H
-#define HEADER_PQUEUE_H
-
-typedef struct _pqueue *pqueue;
-
-typedef struct _pitem {
-	unsigned char priority[8]; /* 64-bit value in big-endian encoding */
-	void *data;
-	struct _pitem *next;
-} pitem;
-
-typedef struct _pitem *piterator;
-
-pitem *pitem_new(unsigned char *prio64be, void *data);
-void   pitem_free(pitem *item);
-
-pqueue pqueue_new(void);
-void   pqueue_free(pqueue pq);
-
-pitem *pqueue_insert(pqueue pq, pitem *item);
-pitem *pqueue_peek(pqueue pq);
-pitem *pqueue_pop(pqueue pq);
-pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
-pitem *pqueue_iterator(pqueue pq);
-pitem *pqueue_next(piterator *iter);
-
-int    pqueue_size(pqueue pq);
-
-#endif /* ! HEADER_PQUEUE_H */
diff --git a/lib/libssl/src/ssl/s23_clnt.c b/lib/libssl/src/ssl/s23_clnt.c
deleted file mode 100644
index c6920e2b344..00000000000
--- a/lib/libssl/src/ssl/s23_clnt.c
+++ /dev/null
@@ -1,480 +0,0 @@
-/* $OpenBSD: s23_clnt.c,v 1.46 2015/09/11 18:08:21 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static int ssl23_client_hello(SSL *s);
-static int ssl23_get_server_hello(SSL *s);
-
-int
-ssl23_connect(SSL *s)
-{
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	int ret = -1;
-	int new_state, state;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			if (s->session != NULL) {
-				SSLerr(SSL_F_SSL23_CONNECT, SSL_R_SSL23_DOING_SESSION_ID_REUSE);
-				ret = -1;
-				goto end;
-			}
-			s->server = 0;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			/* s->version=TLS1_VERSION; */
-			s->type = SSL_ST_CONNECT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl3_setup_buffers(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			s->state = SSL23_ST_CW_CLNT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->init_num = 0;
-			break;
-
-		case SSL23_ST_CW_CLNT_HELLO_A:
-		case SSL23_ST_CW_CLNT_HELLO_B:
-
-			s->shutdown = 0;
-			ret = ssl23_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL23_ST_CR_SRVR_HELLO_A;
-			s->init_num = 0;
-
-			break;
-
-		case SSL23_ST_CR_SRVR_HELLO_A:
-		case SSL23_ST_CR_SRVR_HELLO_B:
-			ret = ssl23_get_server_hello(s);
-			if (ret >= 0)
-				cb = NULL;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		if (s->debug) {
-			(void)BIO_flush(s->wbio);
-		}
-
-		if ((cb != NULL) && (s->state != state)) {
-			new_state = s->state;
-			s->state = state;
-			cb(s, SSL_CB_CONNECT_LOOP, 1);
-			s->state = new_state;
-		}
-	}
-
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s, SSL_CB_CONNECT_EXIT, ret);
-
-	return (ret);
-}
-
-static int
-ssl23_client_hello(SSL *s)
-{
-	unsigned char *buf;
-	unsigned char *p, *d;
-	int i;
-	unsigned long l;
-	int version = 0, version_major, version_minor;
-	int ret;
-	unsigned long mask, options = s->options;
-
-	/*
-	 * SSL_OP_NO_X disables all protocols above X *if* there are
-	 * some protocols below X enabled. This is required in order
-	 * to maintain "version capability" vector contiguous. So
-	 * that if application wants to disable TLS1.0 in favour of
-	 * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
-	 * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
-	 */
-	mask = SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1;
-	version = TLS1_2_VERSION;
-
-	if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
-		version = TLS1_1_VERSION;
-	mask &= ~SSL_OP_NO_TLSv1_1;
-	if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
-		version = TLS1_VERSION;
-	mask &= ~SSL_OP_NO_TLSv1;
-
-	buf = (unsigned char *)s->init_buf->data;
-	if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
-		arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
-
-		if (version == TLS1_2_VERSION) {
-			version_major = TLS1_2_VERSION_MAJOR;
-			version_minor = TLS1_2_VERSION_MINOR;
-		} else if (version == TLS1_1_VERSION) {
-			version_major = TLS1_1_VERSION_MAJOR;
-			version_minor = TLS1_1_VERSION_MINOR;
-		} else if (version == TLS1_VERSION) {
-			version_major = TLS1_VERSION_MAJOR;
-			version_minor = TLS1_VERSION_MINOR;
-		} else {
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-			    SSL_R_NO_PROTOCOLS_AVAILABLE);
-			return (-1);
-		}
-
-		s->client_version = version;
-
-		/* create Client Hello in SSL 3.0/TLS 1.0 format */
-
-		/*
-		 * Do the record header (5 bytes) and handshake
-		 * message header (4 bytes) last
-		 */
-		d = p = &(buf[SSL3_RT_HEADER_LENGTH + SSL3_HM_HEADER_LENGTH]);
-
-		*(p++) = version_major;
-		*(p++) = version_minor;
-
-		/* Random stuff */
-		memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-		p += SSL3_RANDOM_SIZE;
-
-		/* Session ID (zero since there is no reuse) */
-		*(p++) = 0;
-
-		/* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
-		i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
-		if (i == 0) {
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO,
-			    SSL_R_NO_CIPHERS_AVAILABLE);
-			return -1;
-		}
-		s2n(i, p);
-		p += i;
-
-		/* add in (no) COMPRESSION */
-		*(p++) = 1;
-		/* Add the NULL method */
-		*(p++) = 0;
-
-		/* TLS extensions*/
-		if ((p = ssl_add_clienthello_tlsext(s, p,
-		    buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-			return -1;
-		}
-
-		l = p - d;
-
-		/* fill in 4-byte handshake header */
-		d = &(buf[SSL3_RT_HEADER_LENGTH]);
-		*(d++) = SSL3_MT_CLIENT_HELLO;
-		l2n3(l, d);
-
-		l += 4;
-
-		if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
-			SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-			return -1;
-		}
-
-		/* fill in 5-byte record header */
-		d = buf;
-		*(d++) = SSL3_RT_HANDSHAKE;
-		*(d++) = version_major;
-
-		/*
-		 * Some servers hang if we use long client hellos
-		 * and a record number > TLS 1.0.
-		 */
-		if (TLS1_get_client_version(s) > TLS1_VERSION)
-			*(d++) = 1;
-		else
-			*(d++) = version_minor;
-		s2n((int)l, d);
-
-		/* number of bytes to write */
-		s->init_num = p - buf;
-		s->init_off = 0;
-
-		tls1_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]),
-		    s->init_num - SSL3_RT_HEADER_LENGTH);
-
-		s->state = SSL23_ST_CW_CLNT_HELLO_B;
-		s->init_off = 0;
-	}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	ret = ssl23_write_bytes(s);
-
-	if ((ret >= 2) && s->msg_callback) {
-		/* Client Hello has been sent; tell msg_callback */
-
-		s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
-		    s->init_buf->data + 5, ret - 5, s, s->msg_callback_arg);
-	}
-
-	return ret;
-}
-
-static int
-ssl23_get_server_hello(SSL *s)
-{
-	char buf[8];
-	unsigned char *p;
-	int i;
-	int n;
-
-	n = ssl23_read_bytes(s, 7);
-
-	if (n != 7)
-		return (n);
-	p = s->packet;
-
-	memcpy(buf, p, n);
-
-	/* Old unsupported sslv2 handshake */
-	if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
-	    (p[5] == 0x00) && (p[6] == 0x02)) {
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-		    SSL_R_UNSUPPORTED_PROTOCOL);
-		goto err;
-	}
-
-	if (p[1] == SSL3_VERSION_MAJOR &&
-	    p[2] <= TLS1_2_VERSION_MINOR &&
-	    ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
-	    (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
-		/* we have sslv3 or tls1 (server hello or alert) */
-
-		if ((p[2] == TLS1_VERSION_MINOR) &&
-		    !(s->options & SSL_OP_NO_TLSv1)) {
-			s->version = TLS1_VERSION;
-			s->method = TLSv1_client_method();
-		} else if ((p[2] == TLS1_1_VERSION_MINOR) &&
-		    !(s->options & SSL_OP_NO_TLSv1_1)) {
-			s->version = TLS1_1_VERSION;
-			s->method = TLSv1_1_client_method();
-		} else if ((p[2] == TLS1_2_VERSION_MINOR) &&
-		    !(s->options & SSL_OP_NO_TLSv1_2)) {
-			s->version = TLS1_2_VERSION;
-			s->method = TLSv1_2_client_method();
-		} else {
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-			    SSL_R_UNSUPPORTED_PROTOCOL);
-			goto err;
-		}
-
-		if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
-			/* fatal alert */
-			void (*cb)(const SSL *ssl, int type, int val) = NULL;
-			int j;
-
-			if (s->info_callback != NULL)
-				cb = s->info_callback;
-			else if (s->ctx->info_callback != NULL)
-				cb = s->ctx->info_callback;
-
-			i = p[5];
-			if (cb != NULL) {
-				j = (i << 8) | p[6];
-				cb(s, SSL_CB_READ_ALERT, j);
-			}
-
-			if (s->msg_callback)
-				s->msg_callback(0, s->version, SSL3_RT_ALERT,
-				    p + 5, 2, s, s->msg_callback_arg);
-
-			s->rwstate = SSL_NOTHING;
-			SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
-			    SSL_AD_REASON_OFFSET + p[6]);
-			goto err;
-		}
-
-		if (!ssl_init_wbio_buffer(s, 1))
-			goto err;
-
-		/* we are in this state */
-		s->state = SSL3_ST_CR_SRVR_HELLO_A;
-
-		/* put the 7 bytes we have read into the input buffer
-		 * for SSLv3 */
-		s->rstate = SSL_ST_READ_HEADER;
-		s->packet_length = n;
-		if (s->s3->rbuf.buf == NULL)
-			if (!ssl3_setup_read_buffer(s))
-				goto err;
-		s->packet = &(s->s3->rbuf.buf[0]);
-		memcpy(s->packet, buf, n);
-		s->s3->rbuf.left = n;
-		s->s3->rbuf.offset = 0;
-
-		s->handshake_func = s->method->ssl_connect;
-	} else {
-		SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
-		goto err;
-	}
-	s->init_num = 0;
-
-	/*
-	 * Since, if we are sending a ssl23 client hello, we are not
-	 * reusing a session-id
-	 */
-	if (!ssl_get_new_session(s, 0))
-		goto err;
-
-	return (SSL_connect(s));
-err:
-	return (-1);
-}
diff --git a/lib/libssl/src/ssl/s23_lib.c b/lib/libssl/src/ssl/s23_lib.c
deleted file mode 100644
index cd594aa3c96..00000000000
--- a/lib/libssl/src/ssl/s23_lib.c
+++ /dev/null
@@ -1,132 +0,0 @@
-/* $OpenBSD: s23_lib.c,v 1.18 2014/11/16 14:12:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-
-long
-ssl23_default_timeout(void)
-{
-	return (300);
-}
-
-int
-ssl23_read(SSL *s, void *buf, int len)
-{
-	int n;
-
-	errno = 0;
-	if (SSL_in_init(s) && (!s->in_handshake)) {
-		n = s->handshake_func(s);
-		if (n < 0)
-			return (n);
-		if (n == 0) {
-			SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-		return (SSL_read(s, buf, len));
-	} else {
-		ssl_undefined_function(s);
-		return (-1);
-	}
-}
-
-int
-ssl23_peek(SSL *s, void *buf, int len)
-{
-	int n;
-
-	errno = 0;
-	if (SSL_in_init(s) && (!s->in_handshake)) {
-		n = s->handshake_func(s);
-		if (n < 0)
-			return (n);
-		if (n == 0) {
-			SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-		return (SSL_peek(s, buf, len));
-	} else {
-		ssl_undefined_function(s);
-		return (-1);
-	}
-}
-
-int
-ssl23_write(SSL *s, const void *buf, int len)
-{
-	int n;
-
-	errno = 0;
-	if (SSL_in_init(s) && (!s->in_handshake)) {
-		n = s->handshake_func(s);
-		if (n < 0)
-			return (n);
-		if (n == 0) {
-			SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-		return (SSL_write(s, buf, len));
-	} else {
-		ssl_undefined_function(s);
-		return (-1);
-	}
-}
diff --git a/lib/libssl/src/ssl/s23_pkt.c b/lib/libssl/src/ssl/s23_pkt.c
deleted file mode 100644
index 2081f48f08d..00000000000
--- a/lib/libssl/src/ssl/s23_pkt.c
+++ /dev/null
@@ -1,116 +0,0 @@
-/* $OpenBSD: s23_pkt.c,v 1.9 2014/11/16 14:12:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-int
-ssl23_write_bytes(SSL *s)
-{
-	int i, num, tot;
-	char *buf;
-
-	buf = s->init_buf->data;
-	tot = s->init_off;
-	num = s->init_num;
-	for (;;) {
-		s->rwstate = SSL_WRITING;
-		i = BIO_write(s->wbio, &(buf[tot]), num);
-		if (i <= 0) {
-			s->init_off = tot;
-			s->init_num = num;
-			return (i);
-		}
-		s->rwstate = SSL_NOTHING;
-		if (i == num)
-			return (tot + i);
-
-		num -= i;
-		tot += i;
-	}
-}
-
-/* return regularly only when we have read (at least) 'n' bytes */
-int
-ssl23_read_bytes(SSL *s, int n)
-{
-	unsigned char *p;
-	int j;
-
-	if (s->packet_length < (unsigned int)n) {
-		p = s->packet;
-
-		for (;;) {
-			s->rwstate = SSL_READING;
-			j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
-			    n - s->packet_length);
-			if (j <= 0)
-				return (j);
-			s->rwstate = SSL_NOTHING;
-			s->packet_length += j;
-			if (s->packet_length >= (unsigned int)n)
-				return (s->packet_length);
-		}
-	}
-	return (n);
-}
diff --git a/lib/libssl/src/ssl/s23_srvr.c b/lib/libssl/src/ssl/s23_srvr.c
deleted file mode 100644
index ed476c70d16..00000000000
--- a/lib/libssl/src/ssl/s23_srvr.c
+++ /dev/null
@@ -1,514 +0,0 @@
-/* $OpenBSD: s23_srvr.c,v 1.47 2016/07/16 04:42:35 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-int ssl23_get_client_hello(SSL *s);
-
-int
-ssl23_accept(SSL *s)
-{
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	int ret = -1;
-	int new_state, state;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server = 1;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			/* s->version=SSL3_VERSION; */
-			s->type = SSL_ST_ACCEPT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			s->state = SSL23_ST_SR_CLNT_HELLO_A;
-			s->ctx->stats.sess_accept++;
-			s->init_num = 0;
-			break;
-
-		case SSL23_ST_SR_CLNT_HELLO_A:
-		case SSL23_ST_SR_CLNT_HELLO_B:
-
-			s->shutdown = 0;
-			ret = ssl23_get_client_hello(s);
-			if (ret >= 0)
-				cb = NULL;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		if ((cb != NULL) && (s->state != state)) {
-			new_state = s->state;
-			s->state = state;
-			cb(s, SSL_CB_ACCEPT_LOOP, 1);
-			s->state = new_state;
-		}
-	}
-
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s, SSL_CB_ACCEPT_EXIT, ret);
-
-	return (ret);
-}
-
-
-int
-ssl23_get_client_hello(SSL *s)
-{
-	char buf[11];
-	/*
-	 * sizeof(buf) == 11, because we'll need to request this many bytes in
-	 * the initial read.
-	 * We can detect SSL 3.0/TLS 1.0 Client Hellos ('type == 3') correctly
-	 * only when the following is in a single record, which is not
-	 * guaranteed by the protocol specification:
-	 * Byte  Content
-	 *  0     type            \
-	 *  1/2   version          > record header
-	 *  3/4   length          /
-	 *  5     msg_type        \
-	 *  6-8   length           > Client Hello message
-	 *  9/10  client_version  /
-	 */
-	unsigned char *p, *d, *d_len, *dd;
-	unsigned int i;
-	unsigned int csl, sil, cl;
-	int n = 0, j;
-	int type = 0;
-	int v[2];
-
-	if (s->state ==	SSL23_ST_SR_CLNT_HELLO_A) {
-		/* read the initial header */
-		v[0] = v[1] = 0;
-
-		if (!ssl3_setup_buffers(s))
-			return -1;
-
-		n = ssl23_read_bytes(s, sizeof buf);
-		if (n != sizeof buf)
-			return(n);
-
-		p = s->packet;
-
-		memcpy(buf, p, n);
-
-		if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
-			/*
-			 * SSLv2 header
-			 */
-			if ((p[3] == 0x00) && (p[4] == 0x02)) {
-				/* SSLv2 support has been removed */
-				goto unsupported;
-
-			} else if (p[3] == SSL3_VERSION_MAJOR) {
-				v[0] = p[3];
-				v[1] = p[4];
-				/* SSLv3/TLS */
-
-				if (p[4] >= TLS1_VERSION_MINOR) {
-					if (p[4] >= TLS1_2_VERSION_MINOR &&
-					    !(s->options & SSL_OP_NO_TLSv1_2)) {
-						s->version = TLS1_2_VERSION;
-						s->state = SSL23_ST_SR_CLNT_HELLO_B;
-					} else if (p[4] >= TLS1_1_VERSION_MINOR &&
-					    !(s->options & SSL_OP_NO_TLSv1_1)) {
-						s->version = TLS1_1_VERSION;
-						/* type=2; */ /* done later to survive restarts */
-						s->state = SSL23_ST_SR_CLNT_HELLO_B;
-					} else if (!(s->options & SSL_OP_NO_TLSv1)) {
-						s->version = TLS1_VERSION;
-						/* type=2; */ /* done later to survive restarts */
-						s->state = SSL23_ST_SR_CLNT_HELLO_B;
-					} else {
-						goto unsupported;
-					}
-				} else {
-					/* SSLv3 support has been removed */
-					goto unsupported;
-				}
-			}
-		} else if ((p[0] == SSL3_RT_HANDSHAKE) &&
-		    (p[1] == SSL3_VERSION_MAJOR) &&
-		    (p[5] == SSL3_MT_CLIENT_HELLO) &&
-		    ((p[3] == 0 && p[4] < 5 /* silly record length? */) ||
-		    (p[9] >= p[1]))) {
-			/*
-			 * SSLv3 or tls1 header
-			 */
-
-			v[0] = p[1]; /* major version (= SSL3_VERSION_MAJOR) */
-			/* We must look at client_version inside the Client Hello message
-			 * to get the correct minor version.
-			 * However if we have only a pathologically small fragment of the
-			 * Client Hello message, this would be difficult, and we'd have
-			 * to read more records to find out.
-			 * No known SSL 3.0 client fragments ClientHello like this,
-			 * so we simply reject such connections to avoid
-			 * protocol version downgrade attacks. */
-			if (p[3] == 0 && p[4] < 6) {
-				SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-				    SSL_R_RECORD_TOO_SMALL);
-				return -1;
-			}
-			/* if major version number > 3 set minor to a value
-			 * which will use the highest version 3 we support.
-			 * If TLS 2.0 ever appears we will need to revise
-			 * this....
-			 */
-			if (p[9] > SSL3_VERSION_MAJOR)
-				v[1] = 0xff;
-			else
-				v[1] = p[10]; /* minor version according to client_version */
-			if (v[1] >= TLS1_VERSION_MINOR) {
-				if (v[1] >= TLS1_2_VERSION_MINOR &&
-				    !(s->options & SSL_OP_NO_TLSv1_2)) {
-					s->version = TLS1_2_VERSION;
-					type = 3;
-				} else if (v[1] >= TLS1_1_VERSION_MINOR &&
-				    !(s->options & SSL_OP_NO_TLSv1_1)) {
-					s->version = TLS1_1_VERSION;
-					type = 3;
-				} else if (!(s->options & SSL_OP_NO_TLSv1)) {
-					s->version = TLS1_VERSION;
-					type = 3;
-				} else {
-					goto unsupported;
-				}
-			} else {
-				/* SSLv3 */
-				if (!(s->options & SSL_OP_NO_TLSv1)) {
-					/* we won't be able to use TLS of course,
-					 * but this will send an appropriate alert */
-					s->version = TLS1_VERSION;
-					type = 3;
-				} else {
-					goto unsupported;
-				}
-			}
-		}
-		else if ((strncmp("GET ", (char *)p, 4) == 0) ||
-		    (strncmp("POST ",(char *)p, 5) == 0) ||
-		    (strncmp("HEAD ",(char *)p, 5) == 0) ||
-		    (strncmp("PUT ", (char *)p, 4) == 0)) {
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST);
-			return -1;
-		} else if (strncmp("CONNECT", (char *)p, 7) == 0) {
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST);
-			return -1;
-		}
-	}
-
-	if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
-		/* we have SSLv3/TLSv1 in an SSLv2 header
-		 * (other cases skip this state) */
-
-		/*
-		 * Limit the support of "backward compatible" headers
-		 * only to "backward" versions of TLS. If we have moved
-		 * on to modernity, just say no.
-		 */
-		if (s->options & SSL_OP_NO_TLSv1)
-			goto unsupported;
-
-		type = 2;
-		p = s->packet;
-		v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
-		v[1] = p[4];
-
-		/* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
-		 * header is sent directly on the wire, not wrapped as a TLS
-		 * record. It's format is:
-		 * Byte  Content
-		 * 0-1   msg_length
-		 * 2     msg_type
-		 * 3-4   version
-		 * 5-6   cipher_spec_length
-		 * 7-8   session_id_length
-		 * 9-10  challenge_length
-		 * ...   ...
-		 */
-		n = ((p[0] & 0x7f) << 8) | p[1];
-		if (n > (1024 * 4)) {
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE);
-			return -1;
-		}
-		if (n < 9) {
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-			    SSL_R_RECORD_LENGTH_MISMATCH);
-			return -1;
-		}
-
-		j = ssl23_read_bytes(s, n + 2);
-		if (j != n + 2)
-			return -1;
-
-		tls1_finish_mac(s, s->packet + 2, s->packet_length - 2);
-		if (s->msg_callback)
-			s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
-			    s->packet_length - 2, s, s->msg_callback_arg);
-
-		p = s->packet;
-		p += 5;
-		n2s(p, csl);
-		n2s(p, sil);
-		n2s(p, cl);
-		d = (unsigned char *)s->init_buf->data;
-		if ((csl + sil + cl + 11) != s->packet_length) {
-			/*
-			 * We can't have TLS extensions in SSL 2.0 format
-			 * Client Hello, can we ? Error condition should be
-			 * '>' otherwise
-			 */
-			SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
-			    SSL_R_RECORD_LENGTH_MISMATCH);
-			return -1;
-		}
-
-		/* record header: msg_type ... */
-		*(d++) = SSL3_MT_CLIENT_HELLO;
-		/* ... and length (actual value will be written later) */
-		d_len = d;
-		d += 3;
-
-		/* client_version */
-		*(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
-		*(d++) = v[1];
-
-		/* lets populate the random area */
-		/* get the challenge_length */
-		i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
-		memset(d, 0, SSL3_RANDOM_SIZE);
-		memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i);
-		d += SSL3_RANDOM_SIZE;
-
-		/* no session-id reuse */
-		*(d++) = 0;
-
-		/* ciphers */
-		j = 0;
-		dd = d;
-		d += 2;
-		for (i = 0; i < csl; i += 3) {
-			if (p[i] != 0)
-				continue;
-			*(d++) = p[i + 1];
-			*(d++) = p[i + 2];
-			j += 2;
-		}
-		s2n(j, dd);
-
-		/* add in (no) COMPRESSION */
-		*(d++) = 1;
-		*(d++) = 0;
-
-		i = (d - (unsigned char *)s->init_buf->data) - 4;
-		l2n3((long)i, d_len);
-
-		/* get the data reused from the init_buf */
-		s->s3->tmp.reuse_message = 1;
-		s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
-		s->s3->tmp.message_size = i;
-	}
-
-	/* imaginary new state (for program structure): */
-	/* s->state = SSL23_SR_CLNT_HELLO_C */
-
-	if (type == 2 || type == 3) {
-		/* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */
-
-		if (!ssl_init_wbio_buffer(s, 1))
-			return -1;
-
-		/* we are in this state */
-		s->state = SSL3_ST_SR_CLNT_HELLO_A;
-
-		if (type == 3) {
-			/* put the 'n' bytes we have read into the input buffer
-			 * for SSLv3 */
-			s->rstate = SSL_ST_READ_HEADER;
-			s->packet_length = n;
-			if (s->s3->rbuf.buf == NULL)
-				if (!ssl3_setup_read_buffer(s))
-					return -1;
-
-			s->packet = &(s->s3->rbuf.buf[0]);
-			memcpy(s->packet, buf, n);
-			s->s3->rbuf.left = n;
-			s->s3->rbuf.offset = 0;
-		} else {
-			s->packet_length = 0;
-			s->s3->rbuf.left = 0;
-			s->s3->rbuf.offset = 0;
-		}
-		if (s->version == TLS1_2_VERSION)
-			s->method = TLSv1_2_server_method();
-		else if (s->version == TLS1_1_VERSION)
-			s->method = TLSv1_1_server_method();
-		else if (s->version == TLS1_VERSION)
-			s->method = TLSv1_server_method();
-		else
-			goto unsupported;
-		s->handshake_func = s->method->ssl_accept;
-	} else {
-		/* bad, very bad */
-		SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL);
-		return -1;
-	}
-	s->init_num = 0;
-
-	return (SSL_accept(s));
-
- unsupported:
-	SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
-	return -1;
-}
diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c
deleted file mode 100644
index cfd0fb9b4bd..00000000000
--- a/lib/libssl/src/ssl/s3_both.c
+++ /dev/null
@@ -1,743 +0,0 @@
-/* $OpenBSD: s3_both.c,v 1.48 2015/09/12 15:03:39 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <limits.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "bytestring.h"
-
-/*
- * Send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
- * SSL3_RT_CHANGE_CIPHER_SPEC).
- */
-int
-ssl3_do_write(SSL *s, int type)
-{
-	int ret;
-
-	ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
-	    s->init_num);
-	if (ret < 0)
-		return (-1);
-
-	if (type == SSL3_RT_HANDSHAKE)
-		/*
-		 * Should not be done for 'Hello Request's, but in that case
-		 * we'll ignore the result anyway.
-		 */
-		tls1_finish_mac(s,
-		    (unsigned char *)&s->init_buf->data[s->init_off], ret);
-
-	if (ret == s->init_num) {
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, type, s->init_buf->data,
-			    (size_t)(s->init_off + s->init_num), s,
-			    s->msg_callback_arg);
-		return (1);
-	}
-
-	s->init_off += ret;
-	s->init_num -= ret;
-
-	return (0);
-}
-
-int
-ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
-{
-	unsigned char *p;
-	int md_len;
-
-	if (s->state == a) {
-		md_len = s->method->ssl3_enc->finish_mac_length;
-		OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
-
-		if (s->method->ssl3_enc->final_finish_mac(s, sender, slen,
-		    s->s3->tmp.finish_md) != md_len)
-			return (0);
-		s->s3->tmp.finish_md_len = md_len;
-
-		/* Copy finished so we can use it for renegotiation checks. */
-		if (s->type == SSL_ST_CONNECT) {
-			memcpy(s->s3->previous_client_finished,
-			    s->s3->tmp.finish_md, md_len);
-			s->s3->previous_client_finished_len = md_len;
-		} else {
-			memcpy(s->s3->previous_server_finished,
-			    s->s3->tmp.finish_md, md_len);
-			s->s3->previous_server_finished_len = md_len;
-		}
-
-		p = ssl3_handshake_msg_start(s, SSL3_MT_FINISHED);
-		memcpy(p, s->s3->tmp.finish_md, md_len);
-		ssl3_handshake_msg_finish(s, md_len);
-
-		s->state = b;
-	}
-
-	return (ssl3_handshake_write(s));
-}
-
-/*
- * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
- * so far.
- */
-static void
-ssl3_take_mac(SSL *s)
-{
-	const char *sender;
-	int slen;
-
-	/*
-	 * If no new cipher setup return immediately: other functions will
-	 * set the appropriate error.
-	 */
-	if (s->s3->tmp.new_cipher == NULL)
-		return;
-
-	if (s->state & SSL_ST_CONNECT) {
-		sender = s->method->ssl3_enc->server_finished_label;
-		slen = s->method->ssl3_enc->server_finished_label_len;
-	} else {
-		sender = s->method->ssl3_enc->client_finished_label;
-		slen = s->method->ssl3_enc->client_finished_label_len;
-	}
-
-	s->s3->tmp.peer_finish_md_len =
-	    s->method->ssl3_enc->final_finish_mac(s, sender, slen,
-		s->s3->tmp.peer_finish_md);
-}
-
-int
-ssl3_get_finished(SSL *s, int a, int b)
-{
-	int al, ok, md_len;
-	long n;
-	CBS cbs;
-
-	/* should actually be 36+4 :-) */
-	n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
-	if (!ok)
-		return ((int)n);
-
-	/* If this occurs, we have missed a message */
-	if (!s->s3->change_cipher_spec) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
-		goto f_err;
-	}
-	s->s3->change_cipher_spec = 0;
-
-	md_len = s->method->ssl3_enc->finish_mac_length;
-
-	if (n < 0) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
-		goto f_err;
-	}
-
-	CBS_init(&cbs, s->init_msg, n);
-
-	if (s->s3->tmp.peer_finish_md_len != md_len ||
-	    CBS_len(&cbs) != md_len) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
-		goto f_err;
-	}
-
-	if (!CBS_mem_equal(&cbs, s->s3->tmp.peer_finish_md, CBS_len(&cbs))) {
-		al = SSL_AD_DECRYPT_ERROR;
-		SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
-		goto f_err;
-	}
-
-	/* Copy finished so we can use it for renegotiation checks. */
-	OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
-	if (s->type == SSL_ST_ACCEPT) {
-		memcpy(s->s3->previous_client_finished,
-		    s->s3->tmp.peer_finish_md, md_len);
-		s->s3->previous_client_finished_len = md_len;
-	} else {
-		memcpy(s->s3->previous_server_finished,
-		    s->s3->tmp.peer_finish_md, md_len);
-		s->s3->previous_server_finished_len = md_len;
-	}
-
-	return (1);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	return (0);
-}
-
-/* for these 2 messages, we need to
- * ssl->enc_read_ctx			re-init
- * ssl->s3->read_sequence		zero
- * ssl->s3->read_mac_secret		re-init
- * ssl->session->read_sym_enc		assign
- * ssl->session->read_hash		assign
- */
-int
-ssl3_send_change_cipher_spec(SSL *s, int a, int b)
-{
-	unsigned char *p;
-
-	if (s->state == a) {
-		p = (unsigned char *)s->init_buf->data;
-		*p = SSL3_MT_CCS;
-		s->init_num = 1;
-		s->init_off = 0;
-
-		s->state = b;
-	}
-
-	/* SSL3_ST_CW_CHANGE_B */
-	return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
-static int
-ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
-{
-	int n;
-	unsigned char *p;
-
-	n = i2d_X509(x, NULL);
-	if (!BUF_MEM_grow_clean(buf, n + (*l) + 3)) {
-		SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
-		return (-1);
-	}
-	/* XXX */
-	p = (unsigned char *)&(buf->data[*l]);
-	l2n3(n, p);
-	i2d_X509(x, &p);
-	*l += n + 3;
-
-	return (0);
-}
-
-unsigned long
-ssl3_output_cert_chain(SSL *s, X509 *x)
-{
-	unsigned char *p;
-	unsigned long l = ssl3_handshake_msg_hdr_len(s) + 3;
-	BUF_MEM *buf;
-	int no_chain;
-	int i;
-
-	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
-		no_chain = 1;
-	else
-		no_chain = 0;
-
-	/* TLSv1 sends a chain with nothing in it, instead of an alert */
-	buf = s->init_buf;
-	if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + 6)) {
-		SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
-		return (0);
-	}
-	if (x != NULL) {
-		if (no_chain) {
-			if (ssl3_add_cert_to_buf(buf, &l, x))
-				return (0);
-		} else {
-			X509_STORE_CTX xs_ctx;
-
-			if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store,
-			    x, NULL)) {
-				SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,
-				    ERR_R_X509_LIB);
-				return (0);
-			}
-			X509_verify_cert(&xs_ctx);
-
-			/* Don't leave errors in the queue. */
-			ERR_clear_error();
-			for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
-				x = sk_X509_value(xs_ctx.chain, i);
-				if (ssl3_add_cert_to_buf(buf, &l, x)) {
-					X509_STORE_CTX_cleanup(&xs_ctx);
-					return 0;
-				}
-			}
-			X509_STORE_CTX_cleanup(&xs_ctx);
-		}
-	}
-	/* Thawte special :-) */
-	for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
-		x = sk_X509_value(s->ctx->extra_certs, i);
-		if (ssl3_add_cert_to_buf(buf, &l, x))
-			return (0);
-	}
-
-	l -= ssl3_handshake_msg_hdr_len(s) + 3;
-	p = (unsigned char *)&(buf->data[4]);
-	l2n3(l, p);
-	l += 3;
-	p = (unsigned char *)&(buf->data[0]);
-	*(p++) = SSL3_MT_CERTIFICATE;
-	l2n3(l, p);
-	l += 4; /* XXX */
-	return (l);
-}
-
-/*
- * Obtain handshake message of message type 'mt' (any if mt == -1),
- * maximum acceptable body length 'max'.
- * The first four bytes (msg_type and length) are read in state 'st1',
- * the body is read in state 'stn'.
- */
-long
-ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
-{
-	unsigned char *p;
-	uint32_t l;
-	long n;
-	int i, al;
-	CBS cbs;
-	uint8_t u8;
-
-	if (s->s3->tmp.reuse_message) {
-		s->s3->tmp.reuse_message = 0;
-		if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,
-			    SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-		}
-		*ok = 1;
-		s->init_msg = s->init_buf->data + 4;
-		s->init_num = (int)s->s3->tmp.message_size;
-		return s->init_num;
-	}
-
-	p = (unsigned char *)s->init_buf->data;
-
-	/* s->init_num < 4 */
-	if (s->state == st1) {
-		int skip_message;
-
-		do {
-			while (s->init_num < 4) {
-				i = s->method->ssl_read_bytes(s,
-				    SSL3_RT_HANDSHAKE, &p[s->init_num],
-				    4 - s->init_num, 0);
-				if (i <= 0) {
-					s->rwstate = SSL_READING;
-					*ok = 0;
-					return i;
-				}
-				s->init_num += i;
-			}
-
-			skip_message = 0;
-			if (!s->server && p[0] == SSL3_MT_HELLO_REQUEST) {
-				/*
-				 * The server may always send 'Hello Request'
-				 * messages -- we are doing a handshake anyway
-				 * now, so ignore them if their format is
-				 * correct.  Does not count for 'Finished' MAC.
-				 */
-				if (p[1] == 0 && p[2] == 0 &&p[3] == 0) {
-					s->init_num = 0;
-					skip_message = 1;
-
-					if (s->msg_callback)
-						s->msg_callback(0, s->version,
-						    SSL3_RT_HANDSHAKE, p, 4, s,
-						    s->msg_callback_arg);
-				}
-			}
-		} while (skip_message);
-
-		/* s->init_num == 4 */
-
-		if ((mt >= 0) && (*p != mt)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,
-			    SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-		}
-
-		/* XXX remove call to n2l3 */
-		CBS_init(&cbs, p, 4);
-		if (!CBS_get_u8(&cbs, &u8) ||
-		    !CBS_get_u24(&cbs, &l)) {
-			SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
-			goto err;
-		}
-		s->s3->tmp.message_type = u8;
-
-		if (l > (unsigned long)max) {
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_MESSAGE,
-			    SSL_R_EXCESSIVE_MESSAGE_SIZE);
-			goto f_err;
-		}
-		if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) {
-			SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
-			goto err;
-		}
-		s->s3->tmp.message_size = l;
-		s->state = stn;
-
-		s->init_msg = s->init_buf->data + 4;
-		s->init_num = 0;
-	}
-
-	/* next state (stn) */
-	p = s->init_msg;
-	n = s->s3->tmp.message_size - s->init_num;
-	while (n > 0) {
-		i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
-		    &p[s->init_num], n, 0);
-		if (i <= 0) {
-			s->rwstate = SSL_READING;
-			*ok = 0;
-			return i;
-		}
-		s->init_num += i;
-		n -= i;
-	}
-
-	/* If receiving Finished, record MAC of prior handshake messages for
-	 * Finished verification. */
-	if (*s->init_buf->data == SSL3_MT_FINISHED)
-		ssl3_take_mac(s);
-
-	/* Feed this message into MAC computation. */
-	tls1_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
-	if (s->msg_callback)
-		s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-		    s->init_buf->data, (size_t)s->init_num + 4, s,
-		    s->msg_callback_arg);
-
-	*ok = 1;
-	return (s->init_num);
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	*ok = 0;
-	return (-1);
-}
-
-int
-ssl_cert_type(X509 *x, EVP_PKEY *pkey)
-{
-	EVP_PKEY *pk;
-	int ret = -1, i;
-
-	if (pkey == NULL)
-		pk = X509_get_pubkey(x);
-	else
-		pk = pkey;
-	if (pk == NULL)
-		goto err;
-
-	i = pk->type;
-	if (i == EVP_PKEY_RSA) {
-		ret = SSL_PKEY_RSA_ENC;
-	} else if (i == EVP_PKEY_DSA) {
-		ret = SSL_PKEY_DSA_SIGN;
-	} else if (i == EVP_PKEY_EC) {
-		ret = SSL_PKEY_ECC;
-	} else if (i == NID_id_GostR3410_2001 ||
-	    i == NID_id_GostR3410_2001_cc) {
-		ret = SSL_PKEY_GOST01;
-	}
-
-err:
-	if (!pkey)
-		EVP_PKEY_free(pk);
-	return (ret);
-}
-
-int
-ssl_verify_alarm_type(long type)
-{
-	int al;
-
-	switch (type) {
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
-	case X509_V_ERR_UNABLE_TO_GET_CRL:
-	case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
-		al = SSL_AD_UNKNOWN_CA;
-		break;
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
-	case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
-	case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
-	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
-	case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
-	case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
-	case X509_V_ERR_CERT_NOT_YET_VALID:
-	case X509_V_ERR_CRL_NOT_YET_VALID:
-	case X509_V_ERR_CERT_UNTRUSTED:
-	case X509_V_ERR_CERT_REJECTED:
-		al = SSL_AD_BAD_CERTIFICATE;
-		break;
-	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
-	case X509_V_ERR_CRL_SIGNATURE_FAILURE:
-		al = SSL_AD_DECRYPT_ERROR;
-		break;
-	case X509_V_ERR_CERT_HAS_EXPIRED:
-	case X509_V_ERR_CRL_HAS_EXPIRED:
-		al = SSL_AD_CERTIFICATE_EXPIRED;
-		break;
-	case X509_V_ERR_CERT_REVOKED:
-		al = SSL_AD_CERTIFICATE_REVOKED;
-		break;
-	case X509_V_ERR_OUT_OF_MEM:
-		al = SSL_AD_INTERNAL_ERROR;
-		break;
-	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
-	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
-	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
-	case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
-	case X509_V_ERR_CERT_CHAIN_TOO_LONG:
-	case X509_V_ERR_PATH_LENGTH_EXCEEDED:
-	case X509_V_ERR_INVALID_CA:
-		al = SSL_AD_UNKNOWN_CA;
-		break;
-	case X509_V_ERR_APPLICATION_VERIFICATION:
-		al = SSL_AD_HANDSHAKE_FAILURE;
-		break;
-	case X509_V_ERR_INVALID_PURPOSE:
-		al = SSL_AD_UNSUPPORTED_CERTIFICATE;
-		break;
-	default:
-		al = SSL_AD_CERTIFICATE_UNKNOWN;
-		break;
-	}
-	return (al);
-}
-
-int
-ssl3_setup_init_buffer(SSL *s)
-{
-	BUF_MEM *buf = NULL;
-
-	if (s->init_buf != NULL)
-		return (1);
-
-	if ((buf = BUF_MEM_new()) == NULL)
-		goto err;
-	if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH))
-		goto err;
-
-	s->init_buf = buf;
-	return (1);
-
-err:
-	BUF_MEM_free(buf);
-	return (0);
-}
-
-int
-ssl3_setup_read_buffer(SSL *s)
-{
-	unsigned char *p;
-	size_t len, align, headerlen;
-
-	if (SSL_IS_DTLS(s))
-		headerlen = DTLS1_RT_HEADER_LENGTH;
-	else
-		headerlen = SSL3_RT_HEADER_LENGTH;
-
-	align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-
-	if (s->s3->rbuf.buf == NULL) {
-		len = SSL3_RT_MAX_PLAIN_LENGTH +
-		    SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
-		if ((p = malloc(len)) == NULL)
-			goto err;
-		s->s3->rbuf.buf = p;
-		s->s3->rbuf.len = len;
-	}
-
-	s->packet = &(s->s3->rbuf.buf[0]);
-	return 1;
-
-err:
-	SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int
-ssl3_setup_write_buffer(SSL *s)
-{
-	unsigned char *p;
-	size_t len, align, headerlen;
-
-	if (SSL_IS_DTLS(s))
-		headerlen = DTLS1_RT_HEADER_LENGTH + 1;
-	else
-		headerlen = SSL3_RT_HEADER_LENGTH;
-
-	align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
-
-	if (s->s3->wbuf.buf == NULL) {
-		len = s->max_send_fragment +
-		    SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
-		if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
-			len += headerlen + align +
-			    SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
-
-		if ((p = malloc(len)) == NULL)
-			goto err;
-		s->s3->wbuf.buf = p;
-		s->s3->wbuf.len = len;
-	}
-
-	return 1;
-
-err:
-	SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
-	return 0;
-}
-
-int
-ssl3_setup_buffers(SSL *s)
-{
-	if (!ssl3_setup_read_buffer(s))
-		return 0;
-	if (!ssl3_setup_write_buffer(s))
-		return 0;
-	return 1;
-}
-
-int
-ssl3_release_write_buffer(SSL *s)
-{
-	free(s->s3->wbuf.buf);
-	s->s3->wbuf.buf = NULL;
-	return 1;
-}
-
-int
-ssl3_release_read_buffer(SSL *s)
-{
-	free(s->s3->rbuf.buf);
-	s->s3->rbuf.buf = NULL;
-	return 1;
-}
diff --git a/lib/libssl/src/ssl/s3_cbc.c b/lib/libssl/src/ssl/s3_cbc.c
deleted file mode 100644
index 414d493150d..00000000000
--- a/lib/libssl/src/ssl/s3_cbc.c
+++ /dev/null
@@ -1,656 +0,0 @@
-/* $OpenBSD: s3_cbc.c,v 1.12 2016/03/20 16:50:29 krw Exp $ */
-/* ====================================================================
- * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ssl_locl.h"
-
-#include <openssl/md5.h>
-#include <openssl/sha.h>
-
-/* MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's length
- * field. (SHA-384/512 have 128-bit length.) */
-#define MAX_HASH_BIT_COUNT_BYTES 16
-
-/* MAX_HASH_BLOCK_SIZE is the maximum hash block size that we'll support.
- * Currently SHA-384/512 has a 128-byte block size and that's the largest
- * supported by TLS.) */
-#define MAX_HASH_BLOCK_SIZE 128
-
-/* Some utility functions are needed:
- *
- * These macros return the given value with the MSB copied to all the other
- * bits. They use the fact that arithmetic shift shifts-in the sign bit.
- * However, this is not ensured by the C standard so you may need to replace
- * them with something else on odd CPUs. */
-#define DUPLICATE_MSB_TO_ALL(x) ((unsigned)((int)(x) >> (sizeof(int) * 8 - 1)))
-#define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned char)(DUPLICATE_MSB_TO_ALL(x)))
-
-/* constant_time_lt returns 0xff if a<b and 0x00 otherwise. */
-static unsigned
-constant_time_lt(unsigned a, unsigned b)
-{
-	a -= b;
-	return DUPLICATE_MSB_TO_ALL(a);
-}
-
-/* constant_time_ge returns 0xff if a>=b and 0x00 otherwise. */
-static unsigned
-constant_time_ge(unsigned a, unsigned b)
-{
-	a -= b;
-	return DUPLICATE_MSB_TO_ALL(~a);
-}
-
-/* constant_time_eq_8 returns 0xff if a==b and 0x00 otherwise. */
-static unsigned char
-constant_time_eq_8(unsigned a, unsigned b)
-{
-	unsigned c = a ^ b;
-	c--;
-	return DUPLICATE_MSB_TO_ALL_8(c);
-}
-
-/* tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC
- * record in |rec| in constant time and returns 1 if the padding is valid and
- * -1 otherwise. It also removes any explicit IV from the start of the record
- * without leaking any timing about whether there was enough space after the
- * padding was removed.
- *
- * block_size: the block size of the cipher used to encrypt the record.
- * returns:
- *   0: (in non-constant time) if the record is publicly invalid.
- *   1: if the padding was valid
- *  -1: otherwise. */
-int
-tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size,
-    unsigned mac_size)
-{
-	unsigned padding_length, good, to_check, i;
-	const unsigned overhead = 1 /* padding length byte */ + mac_size;
-
-	/* Check if version requires explicit IV */
-	if (SSL_USE_EXPLICIT_IV(s)) {
-		/* These lengths are all public so we can test them in
-		 * non-constant time.
-		 */
-		if (overhead + block_size > rec->length)
-			return 0;
-		/* We can now safely skip explicit IV */
-		rec->data += block_size;
-		rec->input += block_size;
-		rec->length -= block_size;
-	} else if (overhead > rec->length)
-		return 0;
-
-	padding_length = rec->data[rec->length - 1];
-
-	if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-		/* padding is already verified */
-		rec->length -= padding_length + 1;
-		return 1;
-	}
-
-	good = constant_time_ge(rec->length, overhead + padding_length);
-	/* The padding consists of a length byte at the end of the record and
-	 * then that many bytes of padding, all with the same value as the
-	 * length byte. Thus, with the length byte included, there are i+1
-	 * bytes of padding.
-	 *
-	 * We can't check just |padding_length+1| bytes because that leaks
-	 * decrypted information. Therefore we always have to check the maximum
-	 * amount of padding possible. (Again, the length of the record is
-	 * public information so we can use it.) */
-	to_check = 255; /* maximum amount of padding. */
-	if (to_check > rec->length - 1)
-		to_check = rec->length - 1;
-
-	for (i = 0; i < to_check; i++) {
-		unsigned char mask = constant_time_ge(padding_length, i);
-		unsigned char b = rec->data[rec->length - 1 - i];
-		/* The final |padding_length+1| bytes should all have the value
-		 * |padding_length|. Therefore the XOR should be zero. */
-		good &= ~(mask&(padding_length ^ b));
-	}
-
-	/* If any of the final |padding_length+1| bytes had the wrong value,
-	 * one or more of the lower eight bits of |good| will be cleared. We
-	 * AND the bottom 8 bits together and duplicate the result to all the
-	 * bits. */
-	good &= good >> 4;
-	good &= good >> 2;
-	good &= good >> 1;
-	good <<= sizeof(good)*8 - 1;
-	good = DUPLICATE_MSB_TO_ALL(good);
-
-	padding_length = good & (padding_length + 1);
-	rec->length -= padding_length;
-	rec->type |= padding_length<<8;	/* kludge: pass padding length */
-
-	return (int)((good & 1) | (~good & -1));
-}
-
-/* ssl3_cbc_copy_mac copies |md_size| bytes from the end of |rec| to |out| in
- * constant time (independent of the concrete value of rec->length, which may
- * vary within a 256-byte window).
- *
- * ssl3_cbc_remove_padding or tls1_cbc_remove_padding must be called prior to
- * this function.
- *
- * On entry:
- *   rec->orig_len >= md_size
- *   md_size <= EVP_MAX_MD_SIZE
- *
- * If CBC_MAC_ROTATE_IN_PLACE is defined then the rotation is performed with
- * variable accesses in a 64-byte-aligned buffer. Assuming that this fits into
- * a single or pair of cache-lines, then the variable memory accesses don't
- * actually affect the timing. CPUs with smaller cache-lines [if any] are
- * not multi-core and are not considered vulnerable to cache-timing attacks.
- */
-#define CBC_MAC_ROTATE_IN_PLACE
-
-void
-ssl3_cbc_copy_mac(unsigned char* out, const SSL3_RECORD *rec,
-    unsigned md_size, unsigned orig_len)
-{
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-	unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE];
-	unsigned char *rotated_mac;
-#else
-	unsigned char rotated_mac[EVP_MAX_MD_SIZE];
-#endif
-
-	/* mac_end is the index of |rec->data| just after the end of the MAC. */
-	unsigned mac_end = rec->length;
-	unsigned mac_start = mac_end - md_size;
-	/* scan_start contains the number of bytes that we can ignore because
-	 * the MAC's position can only vary by 255 bytes. */
-	unsigned scan_start = 0;
-	unsigned i, j;
-	unsigned div_spoiler;
-	unsigned rotate_offset;
-
-	OPENSSL_assert(orig_len >= md_size);
-	OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
-
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-	rotated_mac = rotated_mac_buf + ((0 - (size_t)rotated_mac_buf)&63);
-#endif
-
-	/* This information is public so it's safe to branch based on it. */
-	if (orig_len > md_size + 255 + 1)
-		scan_start = orig_len - (md_size + 255 + 1);
-	/* div_spoiler contains a multiple of md_size that is used to cause the
-	 * modulo operation to be constant time. Without this, the time varies
-	 * based on the amount of padding when running on Intel chips at least.
-	 *
-	 * The aim of right-shifting md_size is so that the compiler doesn't
-	 * figure out that it can remove div_spoiler as that would require it
-	 * to prove that md_size is always even, which I hope is beyond it. */
-	div_spoiler = md_size >> 1;
-	div_spoiler <<= (sizeof(div_spoiler) - 1) * 8;
-	rotate_offset = (div_spoiler + mac_start - scan_start) % md_size;
-
-	memset(rotated_mac, 0, md_size);
-	for (i = scan_start, j = 0; i < orig_len; i++) {
-		unsigned char mac_started = constant_time_ge(i, mac_start);
-		unsigned char mac_ended = constant_time_ge(i, mac_end);
-		unsigned char b = rec->data[i];
-		rotated_mac[j++] |= b & mac_started & ~mac_ended;
-		j &= constant_time_lt(j, md_size);
-	}
-
-	/* Now rotate the MAC */
-#if defined(CBC_MAC_ROTATE_IN_PLACE)
-	j = 0;
-	for (i = 0; i < md_size; i++) {
-		/* in case cache-line is 32 bytes, touch second line */
-		((volatile unsigned char *)rotated_mac)[rotate_offset^32];
-		out[j++] = rotated_mac[rotate_offset++];
-		rotate_offset &= constant_time_lt(rotate_offset, md_size);
-	}
-#else
-	memset(out, 0, md_size);
-	rotate_offset = md_size - rotate_offset;
-	rotate_offset &= constant_time_lt(rotate_offset, md_size);
-	for (i = 0; i < md_size; i++) {
-		for (j = 0; j < md_size; j++)
-			out[j] |= rotated_mac[i] & constant_time_eq_8(j, rotate_offset);
-		rotate_offset++;
-		rotate_offset &= constant_time_lt(rotate_offset, md_size);
-	}
-#endif
-}
-
-/* u32toLE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
- * little-endian order. The value of p is advanced by four. */
-#define u32toLE(n, p) \
-	(*((p)++)=(unsigned char)(n), \
-	 *((p)++)=(unsigned char)(n>>8), \
-	 *((p)++)=(unsigned char)(n>>16), \
-	 *((p)++)=(unsigned char)(n>>24))
-
-/* These functions serialize the state of a hash and thus perform the standard
- * "final" operation without adding the padding and length that such a function
- * typically does. */
-static void
-tls1_md5_final_raw(void* ctx, unsigned char *md_out)
-{
-	MD5_CTX *md5 = ctx;
-	u32toLE(md5->A, md_out);
-	u32toLE(md5->B, md_out);
-	u32toLE(md5->C, md_out);
-	u32toLE(md5->D, md_out);
-}
-
-static void
-tls1_sha1_final_raw(void* ctx, unsigned char *md_out)
-{
-	SHA_CTX *sha1 = ctx;
-	l2n(sha1->h0, md_out);
-	l2n(sha1->h1, md_out);
-	l2n(sha1->h2, md_out);
-	l2n(sha1->h3, md_out);
-	l2n(sha1->h4, md_out);
-}
-#define LARGEST_DIGEST_CTX SHA_CTX
-
-static void
-tls1_sha256_final_raw(void* ctx, unsigned char *md_out)
-{
-	SHA256_CTX *sha256 = ctx;
-	unsigned i;
-
-	for (i = 0; i < 8; i++) {
-		l2n(sha256->h[i], md_out);
-	}
-}
-#undef  LARGEST_DIGEST_CTX
-#define LARGEST_DIGEST_CTX SHA256_CTX
-
-static void
-tls1_sha512_final_raw(void* ctx, unsigned char *md_out)
-{
-	SHA512_CTX *sha512 = ctx;
-	unsigned i;
-
-	for (i = 0; i < 8; i++) {
-		l2n8(sha512->h[i], md_out);
-	}
-}
-#undef  LARGEST_DIGEST_CTX
-#define LARGEST_DIGEST_CTX SHA512_CTX
-
-/* ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
- * which ssl3_cbc_digest_record supports. */
-char
-ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
-{
-	switch (EVP_MD_CTX_type(ctx)) {
-	case NID_md5:
-	case NID_sha1:
-	case NID_sha224:
-	case NID_sha256:
-	case NID_sha384:
-	case NID_sha512:
-		return 1;
-	default:
-		return 0;
-	}
-}
-
-/* ssl3_cbc_digest_record computes the MAC of a decrypted, padded SSLv3/TLS
- * record.
- *
- *   ctx: the EVP_MD_CTX from which we take the hash function.
- *     ssl3_cbc_record_digest_supported must return true for this EVP_MD_CTX.
- *   md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written.
- *   md_out_size: if non-NULL, the number of output bytes is written here.
- *   header: the 13-byte, TLS record header.
- *   data: the record data itself, less any preceeding explicit IV.
- *   data_plus_mac_size: the secret, reported length of the data and MAC
- *     once the padding has been removed.
- *   data_plus_mac_plus_padding_size: the public length of the whole
- *     record, including padding.
- *   is_sslv3: non-zero if we are to use SSLv3. Otherwise, TLS.
- *
- * On entry: by virtue of having been through one of the remove_padding
- * functions, above, we know that data_plus_mac_size is large enough to contain
- * a padding byte and MAC. (If the padding was invalid, it might contain the
- * padding too. ) */
-int
-ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char* md_out,
-    size_t* md_out_size, const unsigned char header[13],
-    const unsigned char *data, size_t data_plus_mac_size,
-    size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
-    unsigned mac_secret_length, char is_sslv3)
-{
-	union {	double align;
-		unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
-	} md_state;
-	void (*md_final_raw)(void *ctx, unsigned char *md_out);
-	void (*md_transform)(void *ctx, const unsigned char *block);
-	unsigned md_size, md_block_size = 64;
-	unsigned sslv3_pad_length = 40, header_length, variance_blocks,
-	len, max_mac_bytes, num_blocks,
-	num_starting_blocks, k, mac_end_offset, c, index_a, index_b;
-	unsigned int bits;	/* at most 18 bits */
-	unsigned char length_bytes[MAX_HASH_BIT_COUNT_BYTES];
-	/* hmac_pad is the masked HMAC key. */
-	unsigned char hmac_pad[MAX_HASH_BLOCK_SIZE];
-	unsigned char first_block[MAX_HASH_BLOCK_SIZE];
-	unsigned char mac_out[EVP_MAX_MD_SIZE];
-	unsigned i, j, md_out_size_u;
-	EVP_MD_CTX md_ctx;
-	/* mdLengthSize is the number of bytes in the length field that terminates
-	* the hash. */
-	unsigned md_length_size = 8;
-	char length_is_big_endian = 1;
-
-	/* This is a, hopefully redundant, check that allows us to forget about
-	 * many possible overflows later in this function. */
-	OPENSSL_assert(data_plus_mac_plus_padding_size < 1024*1024);
-
-	switch (EVP_MD_CTX_type(ctx)) {
-	case NID_md5:
-		MD5_Init((MD5_CTX*)md_state.c);
-		md_final_raw = tls1_md5_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) MD5_Transform;
-		md_size = 16;
-		sslv3_pad_length = 48;
-		length_is_big_endian = 0;
-		break;
-	case NID_sha1:
-		SHA1_Init((SHA_CTX*)md_state.c);
-		md_final_raw = tls1_sha1_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA1_Transform;
-		md_size = 20;
-		break;
-	case NID_sha224:
-		SHA224_Init((SHA256_CTX*)md_state.c);
-		md_final_raw = tls1_sha256_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA256_Transform;
-		md_size = 224/8;
-		break;
-	case NID_sha256:
-		SHA256_Init((SHA256_CTX*)md_state.c);
-		md_final_raw = tls1_sha256_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA256_Transform;
-		md_size = 32;
-		break;
-	case NID_sha384:
-		SHA384_Init((SHA512_CTX*)md_state.c);
-		md_final_raw = tls1_sha512_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA512_Transform;
-		md_size = 384/8;
-		md_block_size = 128;
-		md_length_size = 16;
-		break;
-	case NID_sha512:
-		SHA512_Init((SHA512_CTX*)md_state.c);
-		md_final_raw = tls1_sha512_final_raw;
-		md_transform = (void(*)(void *ctx, const unsigned char *block)) SHA512_Transform;
-		md_size = 64;
-		md_block_size = 128;
-		md_length_size = 16;
-		break;
-	default:
-		/* ssl3_cbc_record_digest_supported should have been
-		 * called first to check that the hash function is
-		 * supported. */
-		OPENSSL_assert(0);
-		if (md_out_size)
-			*md_out_size = 0;
-		return 0;
-	}
-
-	OPENSSL_assert(md_length_size <= MAX_HASH_BIT_COUNT_BYTES);
-	OPENSSL_assert(md_block_size <= MAX_HASH_BLOCK_SIZE);
-	OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
-
-	header_length = 13;
-	if (is_sslv3) {
-		header_length = mac_secret_length + sslv3_pad_length +
-		    8 /* sequence number */ +
-		    1 /* record type */ +
-		    2 /* record length */;
-	}
-
-	/* variance_blocks is the number of blocks of the hash that we have to
-	 * calculate in constant time because they could be altered by the
-	 * padding value.
-	 *
-	 * In SSLv3, the padding must be minimal so the end of the plaintext
-	 * varies by, at most, 15+20 = 35 bytes. (We conservatively assume that
-	 * the MAC size varies from 0..20 bytes.) In case the 9 bytes of hash
-	 * termination (0x80 + 64-bit length) don't fit in the final block, we
-	 * say that the final two blocks can vary based on the padding.
-	 *
-	 * TLSv1 has MACs up to 48 bytes long (SHA-384) and the padding is not
-	 * required to be minimal. Therefore we say that the final six blocks
-	 * can vary based on the padding.
-	 *
-	 * Later in the function, if the message is short and there obviously
-	 * cannot be this many blocks then variance_blocks can be reduced. */
-	variance_blocks = is_sslv3 ? 2 : 6;
-	/* From now on we're dealing with the MAC, which conceptually has 13
-	 * bytes of `header' before the start of the data (TLS) or 71/75 bytes
-	 * (SSLv3) */
-	len = data_plus_mac_plus_padding_size + header_length;
-	/* max_mac_bytes contains the maximum bytes of bytes in the MAC, including
-	* |header|, assuming that there's no padding. */
-	max_mac_bytes = len - md_size - 1;
-	/* num_blocks is the maximum number of hash blocks. */
-	num_blocks = (max_mac_bytes + 1 + md_length_size + md_block_size - 1) / md_block_size;
-	/* In order to calculate the MAC in constant time we have to handle
-	 * the final blocks specially because the padding value could cause the
-	 * end to appear somewhere in the final |variance_blocks| blocks and we
-	 * can't leak where. However, |num_starting_blocks| worth of data can
-	 * be hashed right away because no padding value can affect whether
-	 * they are plaintext. */
-	num_starting_blocks = 0;
-	/* k is the starting byte offset into the conceptual header||data where
-	 * we start processing. */
-	k = 0;
-	/* mac_end_offset is the index just past the end of the data to be
-	 * MACed. */
-	mac_end_offset = data_plus_mac_size + header_length - md_size;
-	/* c is the index of the 0x80 byte in the final hash block that
-	 * contains application data. */
-	c = mac_end_offset % md_block_size;
-	/* index_a is the hash block number that contains the 0x80 terminating
-	 * value. */
-	index_a = mac_end_offset / md_block_size;
-	/* index_b is the hash block number that contains the 64-bit hash
-	 * length, in bits. */
-	index_b = (mac_end_offset + md_length_size) / md_block_size;
-	/* bits is the hash-length in bits. It includes the additional hash
-	 * block for the masked HMAC key, or whole of |header| in the case of
-	 * SSLv3. */
-
-	/* For SSLv3, if we're going to have any starting blocks then we need
-	 * at least two because the header is larger than a single block. */
-	if (num_blocks > variance_blocks + (is_sslv3 ? 1 : 0)) {
-		num_starting_blocks = num_blocks - variance_blocks;
-		k = md_block_size*num_starting_blocks;
-	}
-
-	bits = 8*mac_end_offset;
-	if (!is_sslv3) {
-		/* Compute the initial HMAC block. For SSLv3, the padding and
-		 * secret bytes are included in |header| because they take more
-		 * than a single block. */
-		bits += 8*md_block_size;
-		memset(hmac_pad, 0, md_block_size);
-		OPENSSL_assert(mac_secret_length <= sizeof(hmac_pad));
-		memcpy(hmac_pad, mac_secret, mac_secret_length);
-		for (i = 0; i < md_block_size; i++)
-			hmac_pad[i] ^= 0x36;
-
-		md_transform(md_state.c, hmac_pad);
-	}
-
-	if (length_is_big_endian) {
-		memset(length_bytes, 0, md_length_size - 4);
-		length_bytes[md_length_size - 4] = (unsigned char)(bits >> 24);
-		length_bytes[md_length_size - 3] = (unsigned char)(bits >> 16);
-		length_bytes[md_length_size - 2] = (unsigned char)(bits >> 8);
-		length_bytes[md_length_size - 1] = (unsigned char)bits;
-	} else {
-		memset(length_bytes, 0, md_length_size);
-		length_bytes[md_length_size - 5] = (unsigned char)(bits >> 24);
-		length_bytes[md_length_size - 6] = (unsigned char)(bits >> 16);
-		length_bytes[md_length_size - 7] = (unsigned char)(bits >> 8);
-		length_bytes[md_length_size - 8] = (unsigned char)bits;
-	}
-
-	if (k > 0) {
-		if (is_sslv3) {
-			/* The SSLv3 header is larger than a single block.
-			 * overhang is the number of bytes beyond a single
-			 * block that the header consumes: either 7 bytes
-			 * (SHA1) or 11 bytes (MD5). */
-			unsigned overhang = header_length - md_block_size;
-			md_transform(md_state.c, header);
-			memcpy(first_block, header + md_block_size, overhang);
-			memcpy(first_block + overhang, data, md_block_size - overhang);
-			md_transform(md_state.c, first_block);
-			for (i = 1; i < k/md_block_size - 1; i++)
-				md_transform(md_state.c, data + md_block_size*i - overhang);
-		} else {
-			/* k is a multiple of md_block_size. */
-			memcpy(first_block, header, 13);
-			memcpy(first_block + 13, data, md_block_size - 13);
-			md_transform(md_state.c, first_block);
-			for (i = 1; i < k/md_block_size; i++)
-				md_transform(md_state.c, data + md_block_size*i - 13);
-		}
-	}
-
-	memset(mac_out, 0, sizeof(mac_out));
-
-	/* We now process the final hash blocks. For each block, we construct
-	 * it in constant time. If the |i==index_a| then we'll include the 0x80
-	 * bytes and zero pad etc. For each block we selectively copy it, in
-	 * constant time, to |mac_out|. */
-	for (i = num_starting_blocks; i <= num_starting_blocks + variance_blocks; i++) {
-		unsigned char block[MAX_HASH_BLOCK_SIZE];
-		unsigned char is_block_a = constant_time_eq_8(i, index_a);
-		unsigned char is_block_b = constant_time_eq_8(i, index_b);
-		for (j = 0; j < md_block_size; j++) {
-			unsigned char b = 0, is_past_c, is_past_cp1;
-			if (k < header_length)
-				b = header[k];
-			else if (k < data_plus_mac_plus_padding_size + header_length)
-				b = data[k - header_length];
-			k++;
-
-			is_past_c = is_block_a & constant_time_ge(j, c);
-			is_past_cp1 = is_block_a & constant_time_ge(j, c + 1);
-			/* If this is the block containing the end of the
-			 * application data, and we are at the offset for the
-			 * 0x80 value, then overwrite b with 0x80. */
-			b = (b&~is_past_c) | (0x80&is_past_c);
-			/* If this is the block containing the end of the
-			 * application data and we're past the 0x80 value then
-			 * just write zero. */
-			b = b&~is_past_cp1;
-			/* If this is index_b (the final block), but not
-			 * index_a (the end of the data), then the 64-bit
-			 * length didn't fit into index_a and we're having to
-			 * add an extra block of zeros. */
-			b &= ~is_block_b | is_block_a;
-
-			/* The final bytes of one of the blocks contains the
-			 * length. */
-			if (j >= md_block_size - md_length_size) {
-				/* If this is index_b, write a length byte. */
-				b = (b&~is_block_b) | (is_block_b&length_bytes[j - (md_block_size - md_length_size)]);
-			}
-			block[j] = b;
-		}
-
-		md_transform(md_state.c, block);
-		md_final_raw(md_state.c, block);
-		/* If this is index_b, copy the hash value to |mac_out|. */
-		for (j = 0; j < md_size; j++)
-			mac_out[j] |= block[j]&is_block_b;
-	}
-
-	EVP_MD_CTX_init(&md_ctx);
-	if (!EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */)) {
-		EVP_MD_CTX_cleanup(&md_ctx);
-		return 0;
-	}
-	if (is_sslv3) {
-		/* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
-		memset(hmac_pad, 0x5c, sslv3_pad_length);
-
-		EVP_DigestUpdate(&md_ctx, mac_secret, mac_secret_length);
-		EVP_DigestUpdate(&md_ctx, hmac_pad, sslv3_pad_length);
-		EVP_DigestUpdate(&md_ctx, mac_out, md_size);
-	} else {
-		/* Complete the HMAC in the standard manner. */
-		for (i = 0; i < md_block_size; i++)
-			hmac_pad[i] ^= 0x6a;
-
-		EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size);
-		EVP_DigestUpdate(&md_ctx, mac_out, md_size);
-	}
-	EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
-	if (md_out_size)
-		*md_out_size = md_out_size_u;
-	EVP_MD_CTX_cleanup(&md_ctx);
-
-	return 1;
-}
diff --git a/lib/libssl/src/ssl/s3_clnt.c b/lib/libssl/src/ssl/s3_clnt.c
deleted file mode 100644
index 264cb012d5a..00000000000
--- a/lib/libssl/src/ssl/s3_clnt.c
+++ /dev/null
@@ -1,2635 +0,0 @@
-/* $OpenBSD: s3_clnt.c,v 1.138 2016/03/27 00:55:38 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <limits.h>
-#include <stdint.h>
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/dh.h>
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#ifndef OPENSSL_NO_GOST
-#include <openssl/gost.h>
-#endif
-
-#include "bytestring.h"
-
-static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b);
-
-int
-ssl3_connect(SSL *s)
-{
-	void   (*cb)(const SSL *ssl, int type, int val) = NULL;
-	int	 ret = -1;
-	int	 new_state, state, skip = 0;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_RENEGOTIATE:
-			s->renegotiate = 1;
-			s->state = SSL_ST_CONNECT;
-			s->ctx->stats.sess_connect_renegotiate++;
-			/* break */
-		case SSL_ST_BEFORE:
-		case SSL_ST_CONNECT:
-		case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		case SSL_ST_OK|SSL_ST_CONNECT:
-
-			s->server = 0;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			if ((s->version & 0xff00 ) != 0x0300) {
-				SSLerr(SSL_F_SSL3_CONNECT,
-				    ERR_R_INTERNAL_ERROR);
-				ret = -1;
-				goto end;
-			}
-
-			/* s->version=SSL3_VERSION; */
-			s->type = SSL_ST_CONNECT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl3_setup_buffers(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl_init_wbio_buffer(s, 0)) {
-				ret = -1;
-				goto end;
-			}
-
-			/* don't push the buffering BIO quite yet */
-
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			s->state = SSL3_ST_CW_CLNT_HELLO_A;
-			s->ctx->stats.sess_connect++;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_CLNT_HELLO_A:
-		case SSL3_ST_CW_CLNT_HELLO_B:
-
-			s->shutdown = 0;
-			ret = ssl3_client_hello(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_SRVR_HELLO_A;
-			s->init_num = 0;
-
-			/* turn on buffering for the next lot of output */
-			if (s->bbio != s->wbio)
-				s->wbio = BIO_push(s->bbio, s->wbio);
-
-			break;
-
-		case SSL3_ST_CR_SRVR_HELLO_A:
-		case SSL3_ST_CR_SRVR_HELLO_B:
-			ret = ssl3_get_server_hello(s);
-			if (ret <= 0)
-				goto end;
-
-			if (s->hit) {
-				s->state = SSL3_ST_CR_FINISHED_A;
-				if (s->tlsext_ticket_expected) {
-					/* receive renewed session ticket */
-					s->state = SSL3_ST_CR_SESSION_TICKET_A;
-				}
-			} else
-				s->state = SSL3_ST_CR_CERT_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_CERT_A:
-		case SSL3_ST_CR_CERT_B:
-			ret = ssl3_check_finished(s);
-			if (ret <= 0)
-				goto end;
-			if (ret == 2) {
-				s->hit = 1;
-				if (s->tlsext_ticket_expected)
-					s->state = SSL3_ST_CR_SESSION_TICKET_A;
-				else
-					s->state = SSL3_ST_CR_FINISHED_A;
-				s->init_num = 0;
-				break;
-			}
-			/* Check if it is anon DH/ECDH. */
-			if (!(s->s3->tmp.new_cipher->algorithm_auth &
-			    SSL_aNULL)) {
-				ret = ssl3_get_server_certificate(s);
-				if (ret <= 0)
-					goto end;
-				if (s->tlsext_status_expected)
-					s->state = SSL3_ST_CR_CERT_STATUS_A;
-				else
-					s->state = SSL3_ST_CR_KEY_EXCH_A;
-			} else {
-				skip = 1;
-				s->state = SSL3_ST_CR_KEY_EXCH_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_KEY_EXCH_A:
-		case SSL3_ST_CR_KEY_EXCH_B:
-			ret = ssl3_get_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_CERT_REQ_A;
-			s->init_num = 0;
-
-			/*
-			 * At this point we check that we have the
-			 * required stuff from the server.
-			 */
-			if (!ssl3_check_cert_and_algorithm(s)) {
-				ret = -1;
-				goto end;
-			}
-			break;
-
-		case SSL3_ST_CR_CERT_REQ_A:
-		case SSL3_ST_CR_CERT_REQ_B:
-			ret = ssl3_get_certificate_request(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_SRVR_DONE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_SRVR_DONE_A:
-		case SSL3_ST_CR_SRVR_DONE_B:
-			ret = ssl3_get_server_done(s);
-			if (ret <= 0)
-				goto end;
-			if (s->s3->tmp.cert_req)
-				s->state = SSL3_ST_CW_CERT_A;
-			else
-				s->state = SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num = 0;
-
-			break;
-
-		case SSL3_ST_CW_CERT_A:
-		case SSL3_ST_CW_CERT_B:
-		case SSL3_ST_CW_CERT_C:
-		case SSL3_ST_CW_CERT_D:
-			ret = ssl3_send_client_certificate(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_KEY_EXCH_A:
-		case SSL3_ST_CW_KEY_EXCH_B:
-			ret = ssl3_send_client_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-			/*
-			 * EAY EAY EAY need to check for DH fix cert
-			 * sent back
-			 */
-			/*
-			 * For TLS, cert_req is set to 2, so a cert chain
-			 * of nothing is sent, but no verify packet is sent
-			 */
-			/*
-			 * XXX: For now, we do not support client
-			 * authentication in ECDH cipher suites with
-			 * ECDH (rather than ECDSA) certificates.
-			 * We need to skip the certificate verify
-			 * message when client's ECDH public key is sent
-			 * inside the client certificate.
-			 */
-			if (s->s3->tmp.cert_req == 1) {
-				s->state = SSL3_ST_CW_CERT_VRFY_A;
-			} else {
-				s->state = SSL3_ST_CW_CHANGE_A;
-				s->s3->change_cipher_spec = 0;
-			}
-			if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
-				s->state = SSL3_ST_CW_CHANGE_A;
-				s->s3->change_cipher_spec = 0;
-			}
-
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_CERT_VRFY_A:
-		case SSL3_ST_CW_CERT_VRFY_B:
-			ret = ssl3_send_client_verify(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_CHANGE_A;
-			s->init_num = 0;
-			s->s3->change_cipher_spec = 0;
-			break;
-
-		case SSL3_ST_CW_CHANGE_A:
-		case SSL3_ST_CW_CHANGE_B:
-			ret = ssl3_send_change_cipher_spec(s,
-			SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
-			if (ret <= 0)
-				goto end;
-
-			if (s->s3->next_proto_neg_seen)
-				s->state = SSL3_ST_CW_NEXT_PROTO_A;
-			else
-				s->state = SSL3_ST_CW_FINISHED_A;
-			s->init_num = 0;
-
-			s->session->cipher = s->s3->tmp.new_cipher;
-			if (!s->method->ssl3_enc->setup_key_block(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			if (!s->method->ssl3_enc->change_cipher_state(s,
-			    SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
-				ret = -1;
-				goto end;
-			}
-
-			break;
-
-		case SSL3_ST_CW_NEXT_PROTO_A:
-		case SSL3_ST_CW_NEXT_PROTO_B:
-			ret = ssl3_send_next_proto(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CW_FINISHED_A;
-			break;
-
-		case SSL3_ST_CW_FINISHED_A:
-		case SSL3_ST_CW_FINISHED_B:
-			ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
-			    SSL3_ST_CW_FINISHED_B,
-			    s->method->ssl3_enc->client_finished_label,
-			    s->method->ssl3_enc->client_finished_label_len);
-			if (ret <= 0)
-				goto end;
-			s->s3->flags |= SSL3_FLAGS_CCS_OK;
-			s->state = SSL3_ST_CW_FLUSH;
-
-			/* clear flags */
-			s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
-			if (s->hit) {
-				s->s3->tmp.next_state = SSL_ST_OK;
-				if (s->s3->flags &
-				    SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
-					s->state = SSL_ST_OK;
-					s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
-					s->s3->delay_buf_pop_ret = 0;
-				}
-			} else {
-				/* Allow NewSessionTicket if ticket expected */
-				if (s->tlsext_ticket_expected)
-					s->s3->tmp.next_state =
-					    SSL3_ST_CR_SESSION_TICKET_A;
-				else
-
-				s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_SESSION_TICKET_A:
-		case SSL3_ST_CR_SESSION_TICKET_B:
-			ret = ssl3_get_new_session_ticket(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_FINISHED_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_CERT_STATUS_A:
-		case SSL3_ST_CR_CERT_STATUS_B:
-			ret = ssl3_get_cert_status(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_CR_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CR_FINISHED_A:
-		case SSL3_ST_CR_FINISHED_B:
-			s->s3->flags |= SSL3_FLAGS_CCS_OK;
-			ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
-			    SSL3_ST_CR_FINISHED_B);
-			if (ret <= 0)
-				goto end;
-
-			if (s->hit)
-				s->state = SSL3_ST_CW_CHANGE_A;
-			else
-				s->state = SSL_ST_OK;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_CW_FLUSH:
-			s->rwstate = SSL_WRITING;
-			if (BIO_flush(s->wbio) <= 0) {
-				ret = -1;
-				goto end;
-			}
-			s->rwstate = SSL_NOTHING;
-			s->state = s->s3->tmp.next_state;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			tls1_cleanup_key_block(s);
-
-			if (s->init_buf != NULL) {
-				BUF_MEM_free(s->init_buf);
-				s->init_buf = NULL;
-			}
-
-			/*
-			 * If we are not 'joining' the last two packets,
-			 * remove the buffering now
-			 */
-			if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
-				ssl_free_wbio_buffer(s);
-			/* else do it later in ssl3_write */
-
-			s->init_num = 0;
-			s->renegotiate = 0;
-			s->new_session = 0;
-
-			ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
-			if (s->hit)
-				s->ctx->stats.sess_hit++;
-
-			ret = 1;
-			/* s->server=0; */
-			s->handshake_func = ssl3_connect;
-			s->ctx->stats.sess_connect_good++;
-
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL3_CONNECT,
-			    SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		/* did we do anything */
-		if (!s->s3->tmp.reuse_message && !skip) {
-			if (s->debug) {
-				if ((ret = BIO_flush(s->wbio)) <= 0)
-					goto end;
-			}
-
-			if ((cb != NULL) && (s->state != state)) {
-				new_state = s->state;
-				s->state = state;
-				cb(s, SSL_CB_CONNECT_LOOP, 1);
-				s->state = new_state;
-			}
-		}
-		skip = 0;
-	}
-
-end:
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s, SSL_CB_CONNECT_EXIT, ret);
-
-	return (ret);
-}
-
-int
-ssl3_client_hello(SSL *s)
-{
-	unsigned char	*bufend, *p, *d;
-	int		 i;
-
-	if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
-		SSL_SESSION *sess = s->session;
-
-		if ((sess == NULL) ||
-		    (sess->ssl_version != s->version) ||
-		    (!sess->session_id_length && !sess->tlsext_tick) ||
-		    (sess->not_resumable)) {
-			if (!ssl_get_new_session(s, 0))
-				goto err;
-		}
-		/* else use the pre-loaded session */
-
-		/*
-		 * If a DTLS ClientHello message is being resent after a
-		 * HelloVerifyRequest, we must retain the original client
-		 * random value.
-		 */
-		if (!SSL_IS_DTLS(s) || s->d1->send_cookie == 0)
-			arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
-
-		d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
-
-		/*
-		 * Version indicates the negotiated version: for example from
-		 * an SSLv2/v3 compatible client hello). The client_version
-		 * field is the maximum version we permit and it is also
-		 * used in RSA encrypted premaster secrets. Some servers can
-		 * choke if we initially report a higher version then
-		 * renegotiate to a lower one in the premaster secret. This
-		 * didn't happen with TLS 1.0 as most servers supported it
-		 * but it can with TLS 1.1 or later if the server only supports
-		 * 1.0.
-		 *
-		 * Possible scenario with previous logic:
-		 * 	1. Client hello indicates TLS 1.2
-		 * 	2. Server hello says TLS 1.0
-		 *	3. RSA encrypted premaster secret uses 1.2.
-		 * 	4. Handhaked proceeds using TLS 1.0.
-		 *	5. Server sends hello request to renegotiate.
-		 *	6. Client hello indicates TLS v1.0 as we now
-		 *	   know that is maximum server supports.
-		 *	7. Server chokes on RSA encrypted premaster secret
-		 *	   containing version 1.0.
-		 *
-		 * For interoperability it should be OK to always use the
-		 * maximum version we support in client hello and then rely
-		 * on the checking of version to ensure the servers isn't
-		 * being inconsistent: for example initially negotiating with
-		 * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
-		 * client_version in client hello and not resetting it to
-		 * the negotiated version.
-		 */
-		*(p++) = s->client_version >> 8;
-		*(p++) = s->client_version & 0xff;
-
-		/* Random stuff */
-		memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-		p += SSL3_RANDOM_SIZE;
-
-		/* Session ID */
-		if (s->new_session)
-			i = 0;
-		else
-			i = s->session->session_id_length;
-		*(p++) = i;
-		if (i != 0) {
-			if (i > (int)sizeof(s->session->session_id)) {
-				SSLerr(SSL_F_SSL3_CLIENT_HELLO,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			memcpy(p, s->session->session_id, i);
-			p += i;
-		}
-
-		/* DTLS Cookie. */
-		if (SSL_IS_DTLS(s)) {
-			if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
-				SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			*(p++) = s->d1->cookie_len;
-			memcpy(p, s->d1->cookie, s->d1->cookie_len);
-			p += s->d1->cookie_len;
-		}
-
-		/* Ciphers supported */
-		i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
-		if (i == 0) {
-			SSLerr(SSL_F_SSL3_CLIENT_HELLO,
-			    SSL_R_NO_CIPHERS_AVAILABLE);
-			goto err;
-		}
-		s2n(i, p);
-		p += i;
-
-		/* add in (no) COMPRESSION */
-		*(p++) = 1;
-		*(p++) = 0; /* Add the NULL method */
-
-		/* TLS extensions*/
-		bufend = (unsigned char *)s->init_buf->data +
-		    SSL3_RT_MAX_PLAIN_LENGTH;
-		if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
-			SSLerr(SSL_F_SSL3_CLIENT_HELLO,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-
-		ssl3_handshake_msg_finish(s, p - d);
-
-		s->state = SSL3_ST_CW_CLNT_HELLO_B;
-	}
-
-	/* SSL3_ST_CW_CLNT_HELLO_B */
-	return (ssl3_handshake_write(s));
-
-err:
-	return (-1);
-}
-
-int
-ssl3_get_server_hello(SSL *s)
-{
-	STACK_OF(SSL_CIPHER)	*sk;
-	const SSL_CIPHER	*c;
-	unsigned char		*p, *q, *d;
-	int			 i, al, ok;
-	unsigned int		 j;
-	uint16_t		 cipher_value;
-	long			 n;
-	unsigned long		 alg_k;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
-	    SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	if (SSL_IS_DTLS(s)) {
-		if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
-			if (s->d1->send_cookie == 0) {
-				s->s3->tmp.reuse_message = 1;
-				return (1);
-			} else {
-				/* Already sent a cookie. */
-				al = SSL_AD_UNEXPECTED_MESSAGE;
-				SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-				    SSL_R_BAD_MESSAGE_TYPE);
-				goto f_err;
-			}
-		}
-	}
-
-	if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_BAD_MESSAGE_TYPE);
-		goto f_err;
-	}
-
-	d = p = (unsigned char *)s->init_msg;
-
-	if (2 > n)
-		goto truncated;
-	if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
-		s->version = (s->version&0xff00) | p[1];
-		al = SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-	}
-	p += 2;
-
-	/* load the server hello data */
-
-	if (p + SSL3_RANDOM_SIZE + 1 - d > n)
-		goto truncated;
-
-	/* load the server random */
-	memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
-	p += SSL3_RANDOM_SIZE;
-
-	/* get the session-id */
-	j = *(p++);
-
-	if ((j > sizeof s->session->session_id) ||
-	    (j > SSL3_SESSION_ID_SIZE)) {
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_SSL3_SESSION_ID_TOO_LONG);
-		goto f_err;
-	}
-
-	if (p + j + 2 - d > n)
-		goto truncated;
-
-	/* Get the cipher value. */
-	q = p + j;
-	n2s(q, cipher_value);
-
-	/*
-	 * Check if we want to resume the session based on external
-	 * pre-shared secret
-	 */
-	if (s->tls_session_secret_cb) {
-		SSL_CIPHER *pref_cipher = NULL;
-		s->session->master_key_length = sizeof(s->session->master_key);
-		if (s->tls_session_secret_cb(s, s->session->master_key,
-		    &s->session->master_key_length, NULL, &pref_cipher,
-		    s->tls_session_secret_cb_arg)) {
-			s->session->cipher = pref_cipher ? pref_cipher :
-			    ssl3_get_cipher_by_value(cipher_value);
-			s->s3->flags |= SSL3_FLAGS_CCS_OK;
-		}
-	}
-
-	if (j != 0 && j == s->session->session_id_length &&
-	    timingsafe_memcmp(p, s->session->session_id, j) == 0) {
-		if (s->sid_ctx_length != s->session->sid_ctx_length ||
-		    timingsafe_memcmp(s->session->sid_ctx,
-		    s->sid_ctx, s->sid_ctx_length) != 0) {
-			/* actually a client application bug */
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-			    SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
-			goto f_err;
-		}
-		s->s3->flags |= SSL3_FLAGS_CCS_OK;
-		s->hit = 1;
-	} else {
-		/* a miss or crap from the other end */
-
-		/* If we were trying for session-id reuse, make a new
-		 * SSL_SESSION so we don't stuff up other people */
-		s->hit = 0;
-		if (s->session->session_id_length > 0) {
-			if (!ssl_get_new_session(s, 0)) {
-				al = SSL_AD_INTERNAL_ERROR;
-				goto f_err;
-			}
-		}
-		s->session->session_id_length = j;
-		memcpy(s->session->session_id, p, j); /* j could be 0 */
-	}
-	p += j;
-
-	if ((c = ssl3_get_cipher_by_value(cipher_value)) == NULL) {
-		/* unknown cipher */
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_UNKNOWN_CIPHER_RETURNED);
-		goto f_err;
-	}
-
-	/* TLS v1.2 only ciphersuites require v1.2 or later */
-	if ((c->algorithm_ssl & SSL_TLSV1_2) &&
-	    (TLS1_get_version(s) < TLS1_2_VERSION)) {
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_WRONG_CIPHER_RETURNED);
-		goto f_err;
-	}
-	p += SSL3_CIPHER_VALUE_SIZE;
-
-	sk = ssl_get_ciphers_by_id(s);
-	i = sk_SSL_CIPHER_find(sk, c);
-	if (i < 0) {
-		/* we did not say we would use this cipher */
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_WRONG_CIPHER_RETURNED);
-		goto f_err;
-	}
-
-	/*
-	 * Depending on the session caching (internal/external), the cipher
-	 * and/or cipher_id values may not be set. Make sure that
-	 * cipher_id is set and use it for comparison.
-	 */
-	if (s->session->cipher)
-		s->session->cipher_id = s->session->cipher->id;
-	if (s->hit && (s->session->cipher_id != c->id)) {
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
-		goto f_err;
-	}
-	s->s3->tmp.new_cipher = c;
-	/*
-	 * Don't digest cached records if no sigalgs: we may need them for
-	 * client authentication.
-	 */
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) &&
-	    !tls1_digest_cached_records(s)) {
-		al = SSL_AD_INTERNAL_ERROR;
-		goto f_err;
-	}
-	/* lets get the compression algorithm */
-	/* COMPRESSION */
-	if (p + 1 - d > n)
-		goto truncated;
-	if (*(p++) != 0) {
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
-		    SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
-		goto f_err;
-	}
-
-	/* TLS extensions*/
-	if (!ssl_parse_serverhello_tlsext(s, &p, d, n, &al)) {
-		/* 'al' set by ssl_parse_serverhello_tlsext */
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
-		goto f_err;
-	}
-	if (ssl_check_serverhello_tlsext(s) <= 0) {
-		SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
-		goto err;
-	}
-
-	if (p != d + n)
-		goto truncated;
-
-	return (1);
-
-truncated:
-	/* wrong packet length */
-	al = SSL_AD_DECODE_ERROR;
-	SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (-1);
-}
-
-int
-ssl3_get_server_certificate(SSL *s)
-{
-	int			 al, i, ok, ret = -1;
-	long			 n;
-	CBS			 cbs, cert_list;
-	X509			*x = NULL;
-	const unsigned char	*q;
-	STACK_OF(X509)		*sk = NULL;
-	SESS_CERT		*sc;
-	EVP_PKEY		*pkey = NULL;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A,
-	    SSL3_ST_CR_CERT_B, -1, s->max_cert_list, &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
-		s->s3->tmp.reuse_message = 1;
-		return (1);
-	}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_BAD_MESSAGE_TYPE);
-		goto f_err;
-	}
-
-
-	if ((sk = sk_X509_new_null()) == NULL) {
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (n < 0)
-		goto truncated;
-
-	CBS_init(&cbs, s->init_msg, n);
-	if (CBS_len(&cbs) < 3)
-		goto truncated;
-
-	if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
-	    CBS_len(&cbs) != 0) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-
-	while (CBS_len(&cert_list) > 0) {
-		CBS cert;
-
-		if (CBS_len(&cert_list) < 3)
-			goto truncated;
-		if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			    SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-		}
-
-		q = CBS_data(&cert);
-		x = d2i_X509(NULL, &q, CBS_len(&cert));
-		if (x == NULL) {
-			al = SSL_AD_BAD_CERTIFICATE;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			    ERR_R_ASN1_LIB);
-			goto f_err;
-		}
-		if (q != CBS_data(&cert) + CBS_len(&cert)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			    SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-		}
-		if (!sk_X509_push(sk, x)) {
-			SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		x = NULL;
-	}
-
-	i = ssl_verify_cert_chain(s, sk);
-	if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
-		al = ssl_verify_alarm_type(s->verify_result);
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_CERTIFICATE_VERIFY_FAILED);
-		goto f_err;
-
-	}
-	ERR_clear_error(); /* but we keep s->verify_result */
-
-	sc = ssl_sess_cert_new();
-	if (sc == NULL)
-		goto err;
-	if (s->session->sess_cert)
-		ssl_sess_cert_free(s->session->sess_cert);
-	s->session->sess_cert = sc;
-
-	sc->cert_chain = sk;
-	/*
-	 * Inconsistency alert: cert_chain does include the peer's
-	 * certificate, which we don't include in s3_srvr.c
-	 */
-	x = sk_X509_value(sk, 0);
-	sk = NULL;
-	/* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
-
-	pkey = X509_get_pubkey(x);
-
-	if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) {
-		x = NULL;
-		al = SSL3_AL_FATAL;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
-		goto f_err;
-	}
-
-	i = ssl_cert_type(x, pkey);
-	if (i < 0) {
-		x = NULL;
-		al = SSL3_AL_FATAL;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		goto f_err;
-	}
-
-	sc->peer_cert_type = i;
-	CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-	/*
-	 * Why would the following ever happen?
-	 * We just created sc a couple of lines ago.
-	 */
-	X509_free(sc->peer_pkeys[i].x509);
-	sc->peer_pkeys[i].x509 = x;
-	sc->peer_key = &(sc->peer_pkeys[i]);
-
-	X509_free(s->session->peer);
-	CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-	s->session->peer = x;
-	s->session->verify_result = s->verify_result;
-
-	x = NULL;
-	ret = 1;
-
-	if (0) {
-truncated:
-		/* wrong packet length */
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
-		    SSL_R_BAD_PACKET_LENGTH);
-f_err:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	}
-err:
-	EVP_PKEY_free(pkey);
-	X509_free(x);
-	sk_X509_pop_free(sk, X509_free);
-	return (ret);
-}
-
-int
-ssl3_get_key_exchange(SSL *s)
-{
-	unsigned char	*q, md_buf[EVP_MAX_MD_SIZE*2];
-	EVP_MD_CTX	 md_ctx;
-	unsigned char	*param, *p;
-	int		 al, i, j, param_len, ok;
-	long		 n, alg_k, alg_a;
-	EVP_PKEY	*pkey = NULL;
-	const		 EVP_MD *md = NULL;
-	RSA		*rsa = NULL;
-	DH		*dh = NULL;
-	EC_KEY		*ecdh = NULL;
-	BN_CTX		*bn_ctx = NULL;
-	EC_POINT	*srvr_ecpoint = NULL;
-	int		 curve_nid = 0;
-	int		 encoded_pt_len = 0;
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
-	/*
-	 * Use same message size as in ssl3_get_certificate_request()
-	 * as ServerKeyExchange message may be skipped.
-	 */
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
-	    SSL3_ST_CR_KEY_EXCH_B, -1, s->max_cert_list, &ok);
-	if (!ok)
-		return ((int)n);
-	
-	EVP_MD_CTX_init(&md_ctx);
-
-	if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
-		/*
-		 * Do not skip server key exchange if this cipher suite uses
-		 * ephemeral keys.
-		 */
-		if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_UNEXPECTED_MESSAGE);
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			goto f_err;
-		}
-
-		s->s3->tmp.reuse_message = 1;
-		EVP_MD_CTX_cleanup(&md_ctx);
-		return (1);
-	}
-
-	if (s->session->sess_cert != NULL) {
-		DH_free(s->session->sess_cert->peer_dh_tmp);
-		s->session->sess_cert->peer_dh_tmp = NULL;
-
-		EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
-		s->session->sess_cert->peer_ecdh_tmp = NULL;
-	} else {
-		s->session->sess_cert = ssl_sess_cert_new();
-		if (s->session->sess_cert == NULL)
-			goto err;
-	}
-
-	param = p = (unsigned char *)s->init_msg;
-	param_len = 0;
-
-	if (alg_k & SSL_kDHE) {
-		if ((dh = DH_new()) == NULL) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_DH_LIB);
-			goto err;
-		}
-		if (2 > n)
-			goto truncated;
-		n2s(p, i);
-		param_len = i + 2;
-		if (param_len > n) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_BAD_DH_P_LENGTH);
-			goto f_err;
-		}
-		if (!(dh->p = BN_bin2bn(p, i, NULL))) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_BN_LIB);
-			goto err;
-		}
-		p += i;
-
-		if (param_len + 2 > n)
-			goto truncated;
-		n2s(p, i);
-		param_len += i + 2;
-		if (param_len > n) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_BAD_DH_G_LENGTH);
-			goto f_err;
-		}
-		if (!(dh->g = BN_bin2bn(p, i, NULL))) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_BN_LIB);
-			goto err;
-		}
-		p += i;
-
-		if (param_len + 2 > n)
-			goto truncated;
-		n2s(p, i);
-		param_len += i + 2;
-		if (param_len > n) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_BAD_DH_PUB_KEY_LENGTH);
-			goto f_err;
-		}
-		if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_BN_LIB);
-			goto err;
-		}
-		p += i;
-		n -= param_len;
-
-		/*
-		 * Check the strength of the DH key just constructed.
-		 * Discard keys weaker than 1024 bits.
-		 */
-
-		if (DH_size(dh) < 1024 / 8) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_BAD_DH_P_LENGTH);
-			goto err;
-		}
-
-		if (alg_a & SSL_aRSA)
-			pkey = X509_get_pubkey(
-			    s->session->sess_cert->peer_pkeys[
-			    SSL_PKEY_RSA_ENC].x509);
-		else if (alg_a & SSL_aDSS)
-			pkey = X509_get_pubkey(
-			    s->session->sess_cert->peer_pkeys[
-			    SSL_PKEY_DSA_SIGN].x509);
-		/* else anonymous DH, so no certificate or pkey. */
-
-		s->session->sess_cert->peer_dh_tmp = dh;
-		dh = NULL;
-	} else if (alg_k & SSL_kECDHE) {
-		const EC_GROUP *group;
-		EC_GROUP *ngroup;
-
-		if ((ecdh = EC_KEY_new()) == NULL) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		/*
-		 * Extract elliptic curve parameters and the
-		 * server's ephemeral ECDH public key.
-		 * Keep accumulating lengths of various components in
-		 * param_len and make sure it never exceeds n.
-		 */
-
-		/*
-		 * XXX: For now we only support named (not generic) curves
-		 * and the ECParameters in this case is just three bytes.
-		 */
-		param_len = 3;
-		if (param_len > n) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_LENGTH_TOO_SHORT);
-			goto f_err;
-		}
-
-		/*
-		 * Check curve is one of our preferences, if not server has
-		 * sent an invalid curve.
-		 */
-		if (tls1_check_curve(s, p, param_len) != 1) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_CURVE);
-			goto f_err;
-		}
-
-		if ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0) {
-			al = SSL_AD_INTERNAL_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
-			goto f_err;
-		}
-
-		ngroup = EC_GROUP_new_by_curve_name(curve_nid);
-		if (ngroup == NULL) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_EC_LIB);
-			goto err;
-		}
-		if (EC_KEY_set_group(ecdh, ngroup) == 0) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_EC_LIB);
-			goto err;
-		}
-		EC_GROUP_free(ngroup);
-
-		group = EC_KEY_get0_group(ecdh);
-
-		p += 3;
-
-		/* Next, get the encoded ECPoint */
-		if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
-		    ((bn_ctx = BN_CTX_new()) == NULL)) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		if (param_len + 1 > n)
-			goto truncated;
-		encoded_pt_len = *p;
-		/* length of encoded point */
-		p += 1;
-		param_len += (1 + encoded_pt_len);
-		if ((param_len > n) || (EC_POINT_oct2point(group, srvr_ecpoint,
-		    p, encoded_pt_len, bn_ctx) == 0)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_BAD_ECPOINT);
-			goto f_err;
-		}
-
-		n -= param_len;
-		p += encoded_pt_len;
-
-		/*
-		 * The ECC/TLS specification does not mention the use
-		 * of DSA to sign ECParameters in the server key
-		 * exchange message. We do support RSA and ECDSA.
-		 */
-		if (alg_a & SSL_aRSA)
-			pkey = X509_get_pubkey(
-			    s->session->sess_cert->peer_pkeys[
-			    SSL_PKEY_RSA_ENC].x509);
-		else if (alg_a & SSL_aECDSA)
-			pkey = X509_get_pubkey(
-			    s->session->sess_cert->peer_pkeys[
-			    SSL_PKEY_ECC].x509);
-		/* Else anonymous ECDH, so no certificate or pkey. */
-		EC_KEY_set_public_key(ecdh, srvr_ecpoint);
-		s->session->sess_cert->peer_ecdh_tmp = ecdh;
-		ecdh = NULL;
-		BN_CTX_free(bn_ctx);
-		bn_ctx = NULL;
-		EC_POINT_free(srvr_ecpoint);
-		srvr_ecpoint = NULL;
-	} else if (alg_k) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-		    SSL_R_UNEXPECTED_MESSAGE);
-			goto f_err;
-	}
-
-	/* p points to the next byte, there are 'n' bytes left */
-
-	/* if it was signed, check the signature */
-	if (pkey != NULL) {
-		if (SSL_USE_SIGALGS(s)) {
-			int sigalg = tls12_get_sigid(pkey);
-			/* Should never happen */
-			if (sigalg == -1) {
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			/*
-			 * Check key type is consistent
-			 * with signature
-			 */
-			if (2 > n)
-				goto truncated;
-			if (sigalg != (int)p[1]) {
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    SSL_R_WRONG_SIGNATURE_TYPE);
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-			}
-			md = tls12_get_hash(p[0]);
-			if (md == NULL) {
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    SSL_R_UNKNOWN_DIGEST);
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-			}
-			p += 2;
-			n -= 2;
-		} else
-			md = EVP_sha1();
-
-		if (2 > n)
-			goto truncated;
-		n2s(p, i);
-		n -= 2;
-		j = EVP_PKEY_size(pkey);
-
-		if (i != n || n > j) {
-			/* wrong packet length */
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_WRONG_SIGNATURE_LENGTH);
-			goto f_err;
-		}
-
-		if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
-			int num;
-
-			j = 0;
-			q = md_buf;
-			for (num = 2; num > 0; num--) {
-				if (!EVP_DigestInit_ex(&md_ctx,
-				    (num == 2) ?  s->ctx->md5 : s->ctx->sha1,
-				    NULL)) {
-					al = SSL_AD_INTERNAL_ERROR;
-					goto f_err;
-				}
-				EVP_DigestUpdate(&md_ctx,
-				    s->s3->client_random,
-				    SSL3_RANDOM_SIZE);
-				EVP_DigestUpdate(&md_ctx,
-				    s->s3->server_random,
-				    SSL3_RANDOM_SIZE);
-				EVP_DigestUpdate(&md_ctx, param, param_len);
-				EVP_DigestFinal_ex(&md_ctx, q,
-				    (unsigned int *)&i);
-				q += i;
-				j += i;
-			}
-			i = RSA_verify(NID_md5_sha1, md_buf, j,
-			    p, n, pkey->pkey.rsa);
-			if (i < 0) {
-				al = SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    SSL_R_BAD_RSA_DECRYPT);
-				goto f_err;
-			}
-			if (i == 0) {
-				/* bad signature */
-				al = SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    SSL_R_BAD_SIGNATURE);
-				goto f_err;
-			}
-		} else {
-			EVP_VerifyInit_ex(&md_ctx, md, NULL);
-			EVP_VerifyUpdate(&md_ctx, s->s3->client_random,
-			    SSL3_RANDOM_SIZE);
-			EVP_VerifyUpdate(&md_ctx, s->s3->server_random,
-			    SSL3_RANDOM_SIZE);
-			EVP_VerifyUpdate(&md_ctx, param, param_len);
-			if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) {
-				/* bad signature */
-				al = SSL_AD_DECRYPT_ERROR;
-				SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-				    SSL_R_BAD_SIGNATURE);
-				goto f_err;
-			}
-		}
-	} else {
-		/* aNULL does not need public keys. */
-		if (!(alg_a & SSL_aNULL)) {
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-		/* still data left over */
-		if (n != 0) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
-			    SSL_R_EXTRA_DATA_IN_MESSAGE);
-			goto f_err;
-		}
-	}
-	EVP_PKEY_free(pkey);
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return (1);
-truncated:
-	/* wrong packet length */
-	al = SSL_AD_DECODE_ERROR;
-	SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	EVP_PKEY_free(pkey);
-	RSA_free(rsa);
-	DH_free(dh);
-	BN_CTX_free(bn_ctx);
-	EC_POINT_free(srvr_ecpoint);
-	EC_KEY_free(ecdh);
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return (-1);
-}
-
-int
-ssl3_get_certificate_request(SSL *s)
-{
-	int			 ok, ret = 0;
-	long		 	 n;
-	uint8_t			 ctype_num;
-	CBS			 cert_request, ctypes, rdn_list;
-	X509_NAME		*xn = NULL;
-	const unsigned char	*q;
-	STACK_OF(X509_NAME)	*ca_sk = NULL;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A,
-	    SSL3_ST_CR_CERT_REQ_B, -1, s->max_cert_list, &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	s->s3->tmp.cert_req = 0;
-
-	if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
-		s->s3->tmp.reuse_message = 1;
-		/*
-		 * If we get here we don't need any cached handshake records
-		 * as we wont be doing client auth.
-		 */
-		if (s->s3->handshake_buffer) {
-			if (!tls1_digest_cached_records(s))
-				goto err;
-		}
-		return (1);
-	}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_WRONG_MESSAGE_TYPE);
-		goto err;
-	}
-
-	/* TLS does not like anon-DH with client cert */
-	if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
-		goto err;
-	}
-
-	if (n < 0)
-		goto truncated;
-	CBS_init(&cert_request, s->init_msg, n);
-
-	if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* get the certificate types */
-	if (!CBS_get_u8(&cert_request, &ctype_num))
-		goto truncated;
-
-	if (ctype_num > SSL3_CT_NUMBER)
-		ctype_num = SSL3_CT_NUMBER;
-	if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) ||
-	    !CBS_write_bytes(&ctypes, s->s3->tmp.ctype,
-	    sizeof(s->s3->tmp.ctype), NULL)) {
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_DATA_LENGTH_TOO_LONG);
-		goto err;
-	}
-
-	if (SSL_USE_SIGALGS(s)) {
-		CBS sigalgs;
-
-		if (CBS_len(&cert_request) < 2) {
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-		}
-
-		/* Check we have enough room for signature algorithms and
-		 * following length value.
-		 */
-		if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) {
-			ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-		}
-		if ((CBS_len(&sigalgs) & 1) ||
-		    !tls1_process_sigalgs(s, CBS_data(&sigalgs),
-		    CBS_len(&sigalgs))) {
-			ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_SIGNATURE_ALGORITHMS_ERROR);
-			goto err;
-		}
-	}
-
-	/* get the CA RDNs */
-	if (CBS_len(&cert_request) < 2) {
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_DATA_LENGTH_TOO_LONG);
-		goto err;
-	}
-
-	if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) ||
-	    CBS_len(&cert_request) != 0) {
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_LENGTH_MISMATCH);
-		goto err;
-	}
-
-	while (CBS_len(&rdn_list) > 0) {
-		CBS rdn;
-
-		if (CBS_len(&rdn_list) < 2) {
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_DATA_LENGTH_TOO_LONG);
-			goto err;
-		}
-
-		if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) {
-			ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_CA_DN_TOO_LONG);
-			goto err;
-		}
-
-		q = CBS_data(&rdn);
-		if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) {
-			ssl3_send_alert(s, SSL3_AL_FATAL,
-			    SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    ERR_R_ASN1_LIB);
-			goto err;
-		}
-
-		if (q != CBS_data(&rdn) + CBS_len(&rdn)) {
-			ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    SSL_R_CA_DN_LENGTH_MISMATCH);
-			goto err;
-		}
-		if (!sk_X509_NAME_push(ca_sk, xn)) {
-			SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		xn = NULL;	/* avoid free in err block */
-	}
-
-	/* we should setup a certificate to return.... */
-	s->s3->tmp.cert_req = 1;
-	s->s3->tmp.ctype_num = ctype_num;
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-	s->s3->tmp.ca_names = ca_sk;
-	ca_sk = NULL;
-
-	ret = 1;
-	if (0) {
-truncated:
-		SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
-		    SSL_R_BAD_PACKET_LENGTH);
-	}
-err:
-	X509_NAME_free(xn);
-	if (ca_sk != NULL)
-		sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
-	return (ret);
-}
-
-static int
-ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
-{
-	return (X509_NAME_cmp(*a, *b));
-}
-
-int
-ssl3_get_new_session_ticket(SSL *s)
-{
-	int			 ok, al, ret = 0;
-	uint32_t		 lifetime_hint;
-	long			 n;
-	CBS			 cbs, session_ticket;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
-	    SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
-	if (!ok)
-		return ((int)n);
-
-	if (s->s3->tmp.message_type == SSL3_MT_FINISHED) {
-		s->s3->tmp.reuse_message = 1;
-		return (1);
-	}
-	if (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
-		    SSL_R_BAD_MESSAGE_TYPE);
-		goto f_err;
-	}
-
-	if (n < 0) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-
-	CBS_init(&cbs, s->init_msg, n);
-	if (!CBS_get_u32(&cbs, &lifetime_hint) ||
-#if UINT32_MAX > LONG_MAX
-	    lifetime_hint > LONG_MAX ||
-#endif
-	    !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
-	    CBS_len(&cbs) != 0) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-	s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint;
-
-	if (!CBS_stow(&session_ticket, &s->session->tlsext_tick,
-	    &s->session->tlsext_ticklen)) {
-		SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/*
-	 * There are two ways to detect a resumed ticket sesion.
-	 * One is to set an appropriate session ID and then the server
-	 * must return a match in ServerHello. This allows the normal
-	 * client session ID matching to work and we know much
-	 * earlier that the ticket has been accepted.
-	 *
-	 * The other way is to set zero length session ID when the
-	 * ticket is presented and rely on the handshake to determine
-	 * session resumption.
-	 *
-	 * We choose the former approach because this fits in with
-	 * assumptions elsewhere in OpenSSL. The session ID is set
-	 * to the SHA256 (or SHA1 is SHA256 is disabled) hash of the
-	 * ticket.
-	 */
-	EVP_Digest(CBS_data(&session_ticket), CBS_len(&session_ticket),
-	    s->session->session_id, &s->session->session_id_length,
-	    EVP_sha256(), NULL);
-	ret = 1;
-	return (ret);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (-1);
-}
-
-int
-ssl3_get_cert_status(SSL *s)
-{
-	CBS			 cert_status, response;
-	size_t			 stow_len;
-	int			 ok, al;
-	long			 n;
-	uint8_t			 status_type;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
-	    SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS,
-	    16384, &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	if (n < 0) {
-		/* need at least status type + length */
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-
-	CBS_init(&cert_status, s->init_msg, n);
-	if (!CBS_get_u8(&cert_status, &status_type) ||
-	    CBS_len(&cert_status) < 3) {
-		/* need at least status type + length */
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-
-	if (status_type != TLSEXT_STATUSTYPE_ocsp) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-		    SSL_R_UNSUPPORTED_STATUS_TYPE);
-		goto f_err;
-	}
-
-	if (!CBS_get_u24_length_prefixed(&cert_status, &response) ||
-	    CBS_len(&cert_status) != 0) {
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-		    SSL_R_LENGTH_MISMATCH);
-		goto f_err;
-	}
-
-	if (!CBS_stow(&response, &s->tlsext_ocsp_resp,
-	    &stow_len) || stow_len > INT_MAX) {
-		s->tlsext_ocsp_resplen = 0;
- 		al = SSL_AD_INTERNAL_ERROR;
- 		SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
- 		    ERR_R_MALLOC_FAILURE);
- 		goto f_err;
- 	}
-	s->tlsext_ocsp_resplen = (int)stow_len;
-
-	if (s->ctx->tlsext_status_cb) {
-		int ret;
-		ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-		if (ret == 0) {
-			al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
-			SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-			    SSL_R_INVALID_STATUS_RESPONSE);
-			goto f_err;
-		}
-		if (ret < 0) {
-			al = SSL_AD_INTERNAL_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_STATUS,
-			    ERR_R_MALLOC_FAILURE);
-			goto f_err;
-		}
-	}
-	return (1);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	return (-1);
-}
-
-int
-ssl3_get_server_done(SSL *s)
-{
-	int	ok, ret = 0;
-	long	n;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
-	    SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
-	    30, /* should be very small, like 0 :-) */ &ok);
-
-	if (!ok)
-		return ((int)n);
-	if (n > 0) {
-		/* should contain no data */
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
-		SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
-		return (-1);
-	}
-	ret = 1;
-	return (ret);
-}
-
-static int
-ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
-    int *outlen)
-{
-	unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
-	EVP_PKEY *pkey = NULL;
-	unsigned char *q;
-	int ret = -1;
-	int n;
-
-	pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
-	if (pkey == NULL || pkey->type != EVP_PKEY_RSA ||
-	    pkey->pkey.rsa == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-
-	tmp_buf[0] = s->client_version >> 8;
-	tmp_buf[1] = s->client_version & 0xff;
-	arc4random_buf(&tmp_buf[2], sizeof(tmp_buf) - 2);
-
-	s->session->master_key_length = sizeof(tmp_buf);
-
-	q = p;
-	p += 2;
-
-	n = RSA_public_encrypt(sizeof(tmp_buf), tmp_buf, p, pkey->pkey.rsa,
-	    RSA_PKCS1_PADDING);
-	if (n <= 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    SSL_R_BAD_RSA_ENCRYPT);
-		goto err;
-	}
-
-	s2n(n, q);
-	n += 2;
-
-	s->session->master_key_length =
-	    s->method->ssl3_enc->generate_master_secret(s,
-		s->session->master_key, tmp_buf, sizeof(tmp_buf));
-
-	*outlen = n;
-	ret = 1;
-
-err:
-	explicit_bzero(tmp_buf, sizeof(tmp_buf));
-	EVP_PKEY_free(pkey);
-
-	return (ret);
-}
-
-static int
-ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
-    int *outlen)
-{
-	DH *dh_srvr = NULL, *dh_clnt = NULL;
-	unsigned char *key = NULL;
-	int key_size, n;
-	int ret = -1;
-
-	/* Ensure that we have an ephemeral key for DHE. */
-	if (sess_cert->peer_dh_tmp == NULL) {
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
-		goto err;
-	}
-	dh_srvr = sess_cert->peer_dh_tmp;
-
-	/* Generate a new random key. */
-	if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-		goto err;
-	}
-	if (!DH_generate_key(dh_clnt)) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-		goto err;
-	}
-	key_size = DH_size(dh_clnt);
-	if ((key = malloc(key_size)) == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	n = DH_compute_key(key, dh_srvr->pub_key, dh_clnt);
-	if (n <= 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
-		goto err;
-	}
-
-	/* Generate master key from the result. */
-	s->session->master_key_length =
-	    s->method->ssl3_enc->generate_master_secret(s,
-		s->session->master_key, key, n);
-
-	/* Send off the data. */
-	n = BN_num_bytes(dh_clnt->pub_key);
-	s2n(n, p);
-	BN_bn2bin(dh_clnt->pub_key, p);
-	n += 2;
-
-	*outlen = n;
-	ret = 1;
-
-err:
-	DH_free(dh_clnt);
-	if (key != NULL)
-		explicit_bzero(key, key_size);
-	free(key);
-
-	return (ret);
-}
-
-static int
-ssl3_send_client_kex_ecdh(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
-    int *outlen)
-{
-	EC_KEY *tkey, *clnt_ecdh = NULL;
-	const EC_GROUP *srvr_group = NULL;
-	const EC_POINT *srvr_ecpoint = NULL;
-	EVP_PKEY *srvr_pub_pkey = NULL;
-	BN_CTX *bn_ctx = NULL;
-	unsigned char *encodedPoint = NULL;
-	unsigned char *key = NULL;
-	unsigned long alg_k;
-	int encoded_pt_len = 0;
-	int key_size, n;
-	int ret = -1;
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-	/* Ensure that we have an ephemeral key for ECDHE. */
-	if ((alg_k & SSL_kECDHE) && sess_cert->peer_ecdh_tmp == NULL) {
-		ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	tkey = sess_cert->peer_ecdh_tmp;
-
-	if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
-		/* Get the Server Public Key from certificate. */
-		srvr_pub_pkey = X509_get_pubkey(
-		    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
-		if (srvr_pub_pkey != NULL && srvr_pub_pkey->type == EVP_PKEY_EC)
-			tkey = srvr_pub_pkey->pkey.ec;
-	}
-
-	if (tkey == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-
-	srvr_group = EC_KEY_get0_group(tkey);
-	srvr_ecpoint = EC_KEY_get0_public_key(tkey);
-
-	if (srvr_group == NULL || srvr_ecpoint == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-
-	if ((clnt_ecdh = EC_KEY_new()) == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
-		goto err;
-	}
-
-	/* Generate a new ECDH key pair. */
-	if (!(EC_KEY_generate_key(clnt_ecdh))) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-		goto err;
-	}
-	key_size = ECDH_size(clnt_ecdh);
-	if (key_size <= 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-		goto err;
-	}
-	if ((key = malloc(key_size)) == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_MALLOC_FAILURE);
-	}
-	n = ECDH_compute_key(key, key_size, srvr_ecpoint, clnt_ecdh, NULL);
-	if (n <= 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
-		goto err;
-	}
-
-	/* Generate master key from the result. */
-	s->session->master_key_length =
-	    s->method->ssl3_enc->generate_master_secret(s,
-		s->session->master_key, key, n);
-
-	/*
-	 * First check the size of encoding and allocate memory accordingly.
-	 */
-	encoded_pt_len = EC_POINT_point2oct(srvr_group,
-	    EC_KEY_get0_public_key(clnt_ecdh),
-	    POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
-
-	bn_ctx = BN_CTX_new();
-	encodedPoint = malloc(encoded_pt_len);
-	if (encodedPoint == NULL || bn_ctx == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	/* Encode the public key */
-	n = EC_POINT_point2oct(srvr_group, EC_KEY_get0_public_key(clnt_ecdh),
-	    POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encoded_pt_len,
-	    bn_ctx);
-
-	*p = n; /* length of encoded point */
-	/* Encoded point will be copied here */
-	p += 1;
-
-	/* copy the point */
-	memcpy((unsigned char *)p, encodedPoint, n);
-	/* increment n to account for length field */
-	n += 1;
-
-	*outlen = n;
-	ret = 1;
-
-err:
-	if (key != NULL)
-		explicit_bzero(key, key_size);
-	free(key);
-
-	BN_CTX_free(bn_ctx);
-	free(encodedPoint);
-	EC_KEY_free(clnt_ecdh);
-	EVP_PKEY_free(srvr_pub_pkey);
-
-	return (ret);
-}
-
-static int
-ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
-    int *outlen)
-{
-	unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
-	EVP_PKEY *pub_key = NULL;
-	EVP_PKEY_CTX *pkey_ctx;
-	X509 *peer_cert;
-	size_t msglen;
-	unsigned int md_len;
-	EVP_MD_CTX *ukm_hash;
-	int ret = -1;
-	int nid;
-	int n;
-
-	/* Get server sertificate PKEY and create ctx from it */
-	peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
-	if (peer_cert == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
-		goto err;
-	}
-
-	pub_key = X509_get_pubkey(peer_cert);
-	pkey_ctx = EVP_PKEY_CTX_new(pub_key, NULL);
-
-	/*
-	 * If we have send a certificate, and certificate key parameters match
-	 * those of server certificate, use certificate key for key exchange.
-	 * Otherwise, generate ephemeral key pair.
-	 */
-	EVP_PKEY_encrypt_init(pkey_ctx);
-
-	/* Generate session key. */
-	arc4random_buf(premaster_secret, 32);
-
-	/*
-	 * If we have client certificate, use its secret as peer key.
-	 */
-	if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
-		if (EVP_PKEY_derive_set_peer(pkey_ctx,
-		    s->cert->key->privatekey) <=0) {
-			/*
-			 * If there was an error - just ignore it.
-			 * Ephemeral key would be used.
-			 */
-			ERR_clear_error();
-		}
-	}
-
-	/*
-	 * Compute shared IV and store it in algorithm-specific context data.
-	 */
-	ukm_hash = EVP_MD_CTX_create();
-	if (ukm_hash == NULL) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (ssl_get_algorithm2(s) & SSL_HANDSHAKE_MAC_GOST94)
-		nid = NID_id_GostR3411_94;
-	else
-		nid = NID_id_tc26_gost3411_2012_256;
-	if (!EVP_DigestInit(ukm_hash, EVP_get_digestbynid(nid)))
-		goto err;
-	EVP_DigestUpdate(ukm_hash, s->s3->client_random, SSL3_RANDOM_SIZE);
-	EVP_DigestUpdate(ukm_hash, s->s3->server_random, SSL3_RANDOM_SIZE);
-	EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
-	EVP_MD_CTX_destroy(ukm_hash);
-	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
-	    EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_LIBRARY_BUG);
-		goto err;
-	}
-
-	/*
-	 * Make GOST keytransport blob message, encapsulate it into sequence.
-	 */
-	*(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
-	msglen = 255;
-	if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret,
-	    32) < 0) {
-		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, SSL_R_LIBRARY_BUG);
-		goto err;
-	}
-	if (msglen >= 0x80) {
-		*(p++) = 0x81;
-		*(p++) = msglen & 0xff;
-		n = msglen + 3;
-	} else {
-		*(p++) = msglen & 0xff;
-		n = msglen + 2;
-	}
-	memcpy(p, tmp, msglen);
-
-	/* Check if pubkey from client certificate was used. */
-	if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2,
-	    NULL) > 0) {
-		/* Set flag "skip certificate verify". */
-		s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
-	}
-	EVP_PKEY_CTX_free(pkey_ctx);
-	s->session->master_key_length =
-	    s->method->ssl3_enc->generate_master_secret(s,
-		s->session->master_key, premaster_secret, 32);
-
-	*outlen = n;
-	ret = 1;
-
-err:
-	explicit_bzero(premaster_secret, sizeof(premaster_secret));
-	EVP_PKEY_free(pub_key);
-
-	return (ret);
-}
-
-int
-ssl3_send_client_key_exchange(SSL *s)
-{
-	SESS_CERT *sess_cert;
-	unsigned long alg_k;
-	unsigned char *p;
-	int n = 0;
-
-	if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
-		p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_KEY_EXCHANGE);
-
-		alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-		if ((sess_cert = s->session->sess_cert) == NULL) {
-			ssl3_send_alert(s, SSL3_AL_FATAL,
-			    SSL_AD_UNEXPECTED_MESSAGE);
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-
-		if (alg_k & SSL_kRSA) {
-			if (ssl3_send_client_kex_rsa(s, sess_cert, p, &n) != 1)
-				goto err;
-		} else if (alg_k & SSL_kDHE) {
-			if (ssl3_send_client_kex_dhe(s, sess_cert, p, &n) != 1)
-				goto err;
-		} else if (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) {
-			if (ssl3_send_client_kex_ecdh(s, sess_cert, p, &n) != 1)
-				goto err;
-		} else if (alg_k & SSL_kGOST) {
-			if (ssl3_send_client_kex_gost(s, sess_cert, p, &n) != 1)
-				goto err;
-		} else {
-			ssl3_send_alert(s, SSL3_AL_FATAL,
-			    SSL_AD_HANDSHAKE_FAILURE);
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-
-		ssl3_handshake_msg_finish(s, n);
-
-		s->state = SSL3_ST_CW_KEY_EXCH_B;
-	}
-
-	/* SSL3_ST_CW_KEY_EXCH_B */
-	return (ssl3_handshake_write(s));
-
-err:
-	return (-1);
-}
-
-int
-ssl3_send_client_verify(SSL *s)
-{
-	unsigned char	*p;
-	unsigned char	 data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
-	EVP_PKEY	*pkey;
-	EVP_PKEY_CTX	*pctx = NULL;
-	EVP_MD_CTX	 mctx;
-	unsigned	 u = 0;
-	unsigned long	 n;
-	int		 j;
-
-	EVP_MD_CTX_init(&mctx);
-
-	if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
-		p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_VERIFY);
-
-		/*
-		 * Create context from key and test if sha1 is allowed as
-		 * digest.
-		 */
-		pkey = s->cert->key->privatekey;
-		pctx = EVP_PKEY_CTX_new(pkey, NULL);
-		EVP_PKEY_sign_init(pctx);
-		if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
-			if (!SSL_USE_SIGALGS(s))
-				s->method->ssl3_enc->cert_verify_mac(s,
-				    NID_sha1, &(data[MD5_DIGEST_LENGTH]));
-		} else {
-			ERR_clear_error();
-		}
-		/*
-		 * For TLS v1.2 send signature algorithm and signature
-		 * using agreed digest and cached handshake records.
-		 */
-		if (SSL_USE_SIGALGS(s)) {
-			long hdatalen = 0;
-			void *hdata;
-			const EVP_MD *md = s->cert->key->digest;
-			hdatalen = BIO_get_mem_data(s->s3->handshake_buffer,
-			    &hdata);
-			if (hdatalen <= 0 ||
-			    !tls12_get_sigandhash(p, pkey, md)) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			p += 2;
-			if (!EVP_SignInit_ex(&mctx, md, NULL) ||
-			    !EVP_SignUpdate(&mctx, hdata, hdatalen) ||
-			    !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_EVP_LIB);
-				goto err;
-			}
-			s2n(u, p);
-			n = u + 4;
-			if (!tls1_digest_cached_records(s))
-				goto err;
-		} else if (pkey->type == EVP_PKEY_RSA) {
-			s->method->ssl3_enc->cert_verify_mac(
-			    s, NID_md5, &(data[0]));
-			if (RSA_sign(NID_md5_sha1, data,
-			    MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
-			    &u, pkey->pkey.rsa) <= 0 ) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_RSA_LIB);
-				goto err;
-			}
-			s2n(u, p);
-			n = u + 2;
-		} else if (pkey->type == EVP_PKEY_DSA) {
-			if (!DSA_sign(pkey->save_type,
-			    &(data[MD5_DIGEST_LENGTH]),
-			    SHA_DIGEST_LENGTH, &(p[2]),
-			    (unsigned int *)&j, pkey->pkey.dsa)) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_DSA_LIB);
-				goto err;
-			}
-			s2n(j, p);
-			n = j + 2;
-		} else if (pkey->type == EVP_PKEY_EC) {
-			if (!ECDSA_sign(pkey->save_type,
-			    &(data[MD5_DIGEST_LENGTH]),
-			    SHA_DIGEST_LENGTH, &(p[2]),
-			    (unsigned int *)&j, pkey->pkey.ec)) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_ECDSA_LIB);
-				goto err;
-			}
-			s2n(j, p);
-			n = j + 2;
-#ifndef OPENSSL_NO_GOST
-		} else if (pkey->type == NID_id_GostR3410_94 ||
-			   pkey->type == NID_id_GostR3410_2001) {
-			unsigned char signbuf[128];
-			long hdatalen = 0;
-			void *hdata;
-			const EVP_MD *md;
-			int nid;
-			size_t sigsize;
-
-			hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-			if (hdatalen <= 0) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-			if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
-			    !(md = EVP_get_digestbynid(nid))) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-						ERR_R_EVP_LIB);
-				goto err;
-			}
-			if (!EVP_DigestInit_ex(&mctx, md, NULL) ||
-			    !EVP_DigestUpdate(&mctx, hdata, hdatalen) ||
-			    !EVP_DigestFinal(&mctx, signbuf, &u) ||
-			    (EVP_PKEY_CTX_set_signature_md(pctx, md) <= 0) ||
-			    (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
-					       EVP_PKEY_CTRL_GOST_SIG_FORMAT,
-					       GOST_SIG_FORMAT_RS_LE,
-					       NULL) <= 0) ||
-			    (EVP_PKEY_sign(pctx, &(p[2]), &sigsize,
-					   signbuf, u) <= 0)) {
-				SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-				    ERR_R_EVP_LIB);
-				goto err;
-			}
-			if (!tls1_digest_cached_records(s))
-				goto err;
-			j = sigsize;
-			s2n(j, p);
-			n = j + 2;
-#endif
-		} else {
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,
-			    ERR_R_INTERNAL_ERROR);
-			goto err;
-		}
-
-		s->state = SSL3_ST_CW_CERT_VRFY_B;
-
-		ssl3_handshake_msg_finish(s, n);
-	}
-
-	EVP_MD_CTX_cleanup(&mctx);
-	EVP_PKEY_CTX_free(pctx);
-
-	return (ssl3_handshake_write(s));
-
-err:
-	EVP_MD_CTX_cleanup(&mctx);
-	EVP_PKEY_CTX_free(pctx);
-	return (-1);
-}
-
-int
-ssl3_send_client_certificate(SSL *s)
-{
-	X509		*x509 = NULL;
-	EVP_PKEY	*pkey = NULL;
-	int		 i;
-	unsigned long	 l;
-
-	if (s->state ==	SSL3_ST_CW_CERT_A) {
-		if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
-		    (s->cert->key->privatekey == NULL))
-			s->state = SSL3_ST_CW_CERT_B;
-		else
-			s->state = SSL3_ST_CW_CERT_C;
-	}
-
-	/* We need to get a client cert */
-	if (s->state == SSL3_ST_CW_CERT_B) {
-		/*
-		 * If we get an error, we need to
-		 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
-		 * We then get retied later
-		 */
-		i = ssl_do_client_cert_cb(s, &x509, &pkey);
-		if (i < 0) {
-			s->rwstate = SSL_X509_LOOKUP;
-			return (-1);
-		}
-		s->rwstate = SSL_NOTHING;
-		if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
-			s->state = SSL3_ST_CW_CERT_B;
-			if (!SSL_use_certificate(s, x509) ||
-			    !SSL_use_PrivateKey(s, pkey))
-				i = 0;
-		} else if (i == 1) {
-			i = 0;
-			SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
-			    SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
-		}
-
-		X509_free(x509);
-		EVP_PKEY_free(pkey);
-		if (i == 0)
-			s->s3->tmp.cert_req = 2;
-
-		/* Ok, we have a cert */
-		s->state = SSL3_ST_CW_CERT_C;
-	}
-
-	if (s->state == SSL3_ST_CW_CERT_C) {
-		s->state = SSL3_ST_CW_CERT_D;
-		l = ssl3_output_cert_chain(s,
-		    (s->s3->tmp.cert_req == 2) ? NULL : s->cert->key->x509);
-		s->init_num = (int)l;
-		s->init_off = 0;
-	}
-	/* SSL3_ST_CW_CERT_D */
-	return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
-}
-
-#define has_bits(i,m)	(((i)&(m)) == (m))
-
-int
-ssl3_check_cert_and_algorithm(SSL *s)
-{
-	int		 i, idx;
-	long		 alg_k, alg_a;
-	EVP_PKEY	*pkey = NULL;
-	SESS_CERT	*sc;
-	DH		*dh;
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
-	/* We don't have a certificate. */
-	if (alg_a & SSL_aNULL)
-		return (1);
-
-	sc = s->session->sess_cert;
-	if (sc == NULL) {
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-		    ERR_R_INTERNAL_ERROR);
-		goto err;
-	}
-	dh = s->session->sess_cert->peer_dh_tmp;
-
-	/* This is the passed certificate. */
-
-	idx = sc->peer_cert_type;
-	if (idx == SSL_PKEY_ECC) {
-		if (ssl_check_srvr_ecc_cert_and_alg(
-		    sc->peer_pkeys[idx].x509, s) == 0) {
-			/* check failed */
-			SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-			    SSL_R_BAD_ECC_CERT);
-			goto f_err;
-		} else {
-			return (1);
-		}
-	}
-	pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
-	i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
-	EVP_PKEY_free(pkey);
-
-	/* Check that we have a certificate if we require one. */
-	if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-		    SSL_R_MISSING_RSA_SIGNING_CERT);
-		goto f_err;
-	} else if ((alg_a & SSL_aDSS) &&
-	    !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-		    SSL_R_MISSING_DSA_SIGNING_CERT);
-		goto f_err;
-	}
-	if ((alg_k & SSL_kRSA) &&
-	    !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) {
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-		    SSL_R_MISSING_RSA_ENCRYPTING_CERT);
-		goto f_err;
-	}
-	if ((alg_k & SSL_kDHE) &&
-	    !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) {
-		SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
-		    SSL_R_MISSING_DH_KEY);
-		goto f_err;
-	}
-
-	return (1);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-err:
-	return (0);
-}
-
-int
-ssl3_send_next_proto(SSL *s)
-{
-	unsigned int	 len, padding_len;
-	unsigned char	*d, *p;
-
-	if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
-		d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEXT_PROTO);
-
-		len = s->next_proto_negotiated_len;
-		padding_len = 32 - ((len + 2) % 32);
-		*(p++) = len;
-		memcpy(p, s->next_proto_negotiated, len);
-		p += len;
-		*(p++) = padding_len;
-		memset(p, 0, padding_len);
-		p += padding_len;
-
-		ssl3_handshake_msg_finish(s, p - d);
-
-		s->state = SSL3_ST_CW_NEXT_PROTO_B;
-	}
-
-	return (ssl3_handshake_write(s));
-}
-
-/*
- * Check to see if handshake is full or resumed. Usually this is just a
- * case of checking to see if a cache hit has occurred. In the case of
- * session tickets we have to check the next message to be sure.
- */
-
-int
-ssl3_check_finished(SSL *s)
-{
-	int	ok;
-	long	n;
-
-	/* If we have no ticket it cannot be a resumed session. */
-	if (!s->session->tlsext_tick)
-		return (1);
-	/* this function is called when we really expect a Certificate
-	 * message, so permit appropriate message length */
-	n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A,
-	    SSL3_ST_CR_CERT_B, -1, s->max_cert_list, &ok);
-	if (!ok)
-		return ((int)n);
-	s->s3->tmp.reuse_message = 1;
-	if ((s->s3->tmp.message_type == SSL3_MT_FINISHED) ||
-	    (s->s3->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))
-		return (2);
-
-	return (1);
-}
-
-int
-ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
-{
-	int	i = 0;
-
-#ifndef OPENSSL_NO_ENGINE
-	if (s->ctx->client_cert_engine) {
-		i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
-		SSL_get_client_CA_list(s),
-		px509, ppkey, NULL, NULL, NULL);
-		if (i != 0)
-			return (i);
-	}
-#endif
-	if (s->ctx->client_cert_cb)
-		i = s->ctx->client_cert_cb(s, px509, ppkey);
-	return (i);
-}
diff --git a/lib/libssl/src/ssl/s3_lib.c b/lib/libssl/src/ssl/s3_lib.c
deleted file mode 100644
index e873c17c876..00000000000
--- a/lib/libssl/src/ssl/s3_lib.c
+++ /dev/null
@@ -1,2859 +0,0 @@
-/* $OpenBSD: s3_lib.c,v 1.108 2016/04/28 16:39:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include <openssl/dh.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-#include "bytestring.h"
-
-#define SSL3_NUM_CIPHERS	(sizeof(ssl3_ciphers) / sizeof(SSL_CIPHER))
-
-/*
- * FIXED_NONCE_LEN is a macro that provides in the correct value to set the
- * fixed nonce length in algorithms2. It is the inverse of the
- * SSL_CIPHER_AEAD_FIXED_NONCE_LEN macro.
- */
-#define FIXED_NONCE_LEN(x) (((x / 2) & 0xf) << 24)
-
-/* list of available SSLv3 ciphers (sorted by id) */
-SSL_CIPHER ssl3_ciphers[] = {
-
-	/* The RSA ciphers */
-	/* Cipher 01 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_NULL_MD5,
-		.id = SSL3_CK_RSA_NULL_MD5,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_MD5,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher 02 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_NULL_SHA,
-		.id = SSL3_CK_RSA_NULL_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher 04 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_RC4_128_MD5,
-		.id = SSL3_CK_RSA_RC4_128_MD5,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_MD5,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 05 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_RC4_128_SHA,
-		.id = SSL3_CK_RSA_RC4_128_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 07 */
-#ifndef OPENSSL_NO_IDEA
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_IDEA_128_SHA,
-		.id = SSL3_CK_RSA_IDEA_128_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_IDEA,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-#endif
-
-	/* Cipher 09 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_DES_64_CBC_SHA,
-		.id = SSL3_CK_RSA_DES_64_CBC_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_LOW,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 56,
-		.alg_bits = 56,
-	},
-
-	/* Cipher 0A */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_RSA_DES_192_CBC3_SHA,
-		.id = SSL3_CK_RSA_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/*
-	 * Ephemeral DH (DHE) ciphers.
-	 */
-
-	/* Cipher 12 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
-		.id = SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_LOW,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 56,
-		.alg_bits = 56,
-	},
-
-	/* Cipher 13 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
-		.id = SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher 15 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
-		.id = SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_LOW,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 56,
-		.alg_bits = 56,
-	},
-
-	/* Cipher 16 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
-		.id = SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher 18 */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_ADH_RC4_128_MD5,
-		.id = SSL3_CK_ADH_RC4_128_MD5,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_MD5,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 1A */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_ADH_DES_64_CBC_SHA,
-		.id = SSL3_CK_ADH_DES_64_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_LOW,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 56,
-		.alg_bits = 56,
-	},
-
-	/* Cipher 1B */
-	{
-		.valid = 1,
-		.name = SSL3_TXT_ADH_DES_192_CBC_SHA,
-		.id = SSL3_CK_ADH_DES_192_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_SSLV3,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/*
-	 * AES ciphersuites.
-	 */
-
-	/* Cipher 2F */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_128_SHA,
-		.id = TLS1_CK_RSA_WITH_AES_128_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 32 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 33 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 34 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_128_SHA,
-		.id = TLS1_CK_ADH_WITH_AES_128_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 35 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_256_SHA,
-		.id = TLS1_CK_RSA_WITH_AES_256_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 38 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 39 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 3A */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_256_SHA,
-		.id = TLS1_CK_ADH_WITH_AES_256_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* TLS v1.2 ciphersuites */
-	/* Cipher 3B */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_NULL_SHA256,
-		.id = TLS1_CK_RSA_WITH_NULL_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher 3C */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_RSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 3D */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_256_SHA256,
-		.id = TLS1_CK_RSA_WITH_AES_256_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 40 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-#ifndef OPENSSL_NO_CAMELLIA
-	/* Camellia ciphersuites from RFC4132 (128-bit portion) */
-
-	/* Cipher 41 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 44 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 45 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 46 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-#endif /* OPENSSL_NO_CAMELLIA */
-
-	/* TLS v1.2 ciphersuites */
-	/* Cipher 67 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 6A */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 6B */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 6C */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_128_SHA256,
-		.id = TLS1_CK_ADH_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 6D */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_256_SHA256,
-		.id = TLS1_CK_ADH_WITH_AES_256_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* GOST Ciphersuites */
-
-	/* Cipher 81 */
-	{
-		.valid = 1,
-		.name = "GOST2001-GOST89-GOST89",
-		.id = 0x3000081,
-		.algorithm_mkey = SSL_kGOST,
-		.algorithm_auth = SSL_aGOST01,
-		.algorithm_enc = SSL_eGOST2814789CNT,
-		.algorithm_mac = SSL_GOST89MAC,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|
-		    TLS1_STREAM_MAC,
-		.strength_bits = 256,
-		.alg_bits = 256
-	},
-
-	/* Cipher 83 */
-	{
-		.valid = 1,
-		.name = "GOST2001-NULL-GOST94",
-		.id = 0x3000083,
-		.algorithm_mkey = SSL_kGOST,
-		.algorithm_auth = SSL_aGOST01,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_GOST94,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
-		.strength_bits = 0,
-		.alg_bits = 0
-	},
-
-#ifndef OPENSSL_NO_CAMELLIA
-	/* Camellia ciphersuites from RFC4132 (256-bit portion) */
-
-	/* Cipher 84 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 87 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 88 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 89 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-#endif /* OPENSSL_NO_CAMELLIA */
-
-	/*
-	 * GCM ciphersuites from RFC5288.
-	 */
-
-	/* Cipher 9C */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 9D */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher 9E */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher 9F */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher A2 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher A3 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher A6 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher A7 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-#ifndef OPENSSL_NO_CAMELLIA
-	/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
-
-	/* Cipher BA */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256,
-		.id = TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher BD */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
-		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher BE */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
-		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher BF */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256,
-		.id = TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_CAMELLIA128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C0 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-		.id = TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C3 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
-		.id = TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aDSS,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C4 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-		.id = TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C5 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256,
-		.id = TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_CAMELLIA256,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-#endif /* OPENSSL_NO_CAMELLIA */
-
-	/* Cipher C001 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher C002 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C003 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher C004 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C005 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C006 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher C007 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C008 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher C009 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C00A */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C00B */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
-		.id = TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher C00C */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
-		.id = TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C00D */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		.id = TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher C00E */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C00F */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C010 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
-		.id = TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher C011 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
-		.id = TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C012 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		.id = TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher C013 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C014 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C015 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
-		.id = TLS1_CK_ECDH_anon_WITH_NULL_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 0,
-		.alg_bits = 0,
-	},
-
-	/* Cipher C016 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
-		.id = TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_RC4,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_MEDIUM,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C017 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		.id = TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_3DES,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 112,
-		.alg_bits = 168,
-	},
-
-	/* Cipher C018 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
-		.id = TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C019 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
-		.id = TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA1,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-
-	/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
-
-	/* Cipher C023 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C024 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA384,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C025 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C026 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA384,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C027 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C028 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA384,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C029 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128,
-		.algorithm_mac = SSL_SHA256,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C02A */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256,
-		.algorithm_mac = SSL_SHA384,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* GCM based TLS v1.2 ciphersuites from RFC5289 */
-
-	/* Cipher C02B */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C02C */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C02D */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C02E */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kECDHe,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C02F */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C030 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher C031 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES128GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 128,
-		.alg_bits = 128,
-	},
-
-	/* Cipher C032 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		.id = TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
-		.algorithm_mkey = SSL_kECDHr,
-		.algorithm_auth = SSL_aECDH,
-		.algorithm_enc = SSL_AES256GCM,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA384|TLS1_PRF_SHA384|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(4)|
-		    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD,
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-	/* Cipher CC13 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD,
-		.id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher CC14 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD,
-		.id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher CC15 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD,
-		.id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305_OLD,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(0),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher CCA8 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305,
-		.id = TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher CCA9 */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-		.id = TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aECDSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-
-	/* Cipher CCAA */
-	{
-		.valid = 1,
-		.name = TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305,
-		.id = TLS1_CK_DHE_RSA_CHACHA20_POLY1305,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aRSA,
-		.algorithm_enc = SSL_CHACHA20POLY1305,
-		.algorithm_mac = SSL_AEAD,
-		.algorithm_ssl = SSL_TLSV1_2,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_SHA256|TLS1_PRF_SHA256|
-		    SSL_CIPHER_ALGORITHM2_AEAD|FIXED_NONCE_LEN(12),
-		.strength_bits = 256,
-		.alg_bits = 256,
-	},
-#endif
-
-	/* Cipher FF85 FIXME IANA */
-	{
-		.valid = 1,
-		.name = "GOST2012256-GOST89-GOST89",
-		.id = 0x300ff85, /* FIXME IANA */
-		.algorithm_mkey = SSL_kGOST,
-		.algorithm_auth = SSL_aGOST01,
-		.algorithm_enc = SSL_eGOST2814789CNT,
-		.algorithm_mac = SSL_GOST89MAC,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_HIGH,
-		.algorithm2 = SSL_HANDSHAKE_MAC_STREEBOG256|TLS1_PRF_STREEBOG256|
-		    TLS1_STREAM_MAC,
-		.strength_bits = 256,
-		.alg_bits = 256
-	},
-
-	/* Cipher FF87 FIXME IANA */
-	{
-		.valid = 1,
-		.name = "GOST2012256-NULL-STREEBOG256",
-		.id = 0x300ff87, /* FIXME IANA */
-		.algorithm_mkey = SSL_kGOST,
-		.algorithm_auth = SSL_aGOST01,
-		.algorithm_enc = SSL_eNULL,
-		.algorithm_mac = SSL_STREEBOG256,
-		.algorithm_ssl = SSL_TLSV1,
-		.algo_strength = SSL_STRONG_NONE,
-		.algorithm2 = SSL_HANDSHAKE_MAC_STREEBOG256|TLS1_PRF_STREEBOG256,
-		.strength_bits = 0,
-		.alg_bits = 0
-	},
-
-
-	/* end of list */
-};
-
-int
-ssl3_num_ciphers(void)
-{
-	return (SSL3_NUM_CIPHERS);
-}
-
-const SSL_CIPHER *
-ssl3_get_cipher(unsigned int u)
-{
-	if (u < SSL3_NUM_CIPHERS)
-		return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
-	else
-		return (NULL);
-}
-
-const SSL_CIPHER *
-ssl3_get_cipher_by_id(unsigned int id)
-{
-	const SSL_CIPHER *cp;
-	SSL_CIPHER c;
-
-	c.id = id;
-	cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
-	if (cp != NULL && cp->valid == 1)
-		return (cp);
-
-	return (NULL);
-}
-
-const SSL_CIPHER *
-ssl3_get_cipher_by_value(uint16_t value)
-{
-	return ssl3_get_cipher_by_id(SSL3_CK_ID | value);
-}
-
-uint16_t
-ssl3_cipher_get_value(const SSL_CIPHER *c)
-{
-	return (c->id & SSL3_CK_VALUE_MASK);
-}
-
-int
-ssl3_pending(const SSL *s)
-{
-	if (s->rstate == SSL_ST_READ_BODY)
-		return 0;
-
-	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ?
-	    s->s3->rrec.length : 0;
-}
-
-int
-ssl3_handshake_msg_hdr_len(SSL *s)
-{
-	return (SSL_IS_DTLS(s) ? DTLS1_HM_HEADER_LENGTH :
-            SSL3_HM_HEADER_LENGTH);
-}
-
-unsigned char *
-ssl3_handshake_msg_start(SSL *s, uint8_t msg_type)
-{
-	unsigned char *d, *p;
-
-	d = p = (unsigned char *)s->init_buf->data;
-
-	/* Handshake message type and length. */
-	*(p++) = msg_type;
-	l2n3(0, p);
-
-	return (d + ssl3_handshake_msg_hdr_len(s));
-}
-
-void
-ssl3_handshake_msg_finish(SSL *s, unsigned int len)
-{
-	unsigned char *d, *p;
-	uint8_t msg_type;
-
-	d = p = (unsigned char *)s->init_buf->data;
-
-	/* Handshake message length. */
-	msg_type = *(p++);
-	l2n3(len, p);
-
-	s->init_num = ssl3_handshake_msg_hdr_len(s) + (int)len;
-	s->init_off = 0;
-
-	if (SSL_IS_DTLS(s)) {
-		dtls1_set_message_header(s, d, msg_type, len, 0, len);
-		dtls1_buffer_message(s, 0);
-	}
-}
-
-int
-ssl3_handshake_write(SSL *s)
-{
-	if (SSL_IS_DTLS(s))
-		return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
-
-	return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
-}
-
-int
-ssl3_new(SSL *s)
-{
-	SSL3_STATE	*s3;
-
-	if ((s3 = calloc(1, sizeof *s3)) == NULL)
-		goto err;
-	memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
-	memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
-
-	s->s3 = s3;
-
-	s->method->ssl_clear(s);
-	return (1);
-err:
-	return (0);
-}
-
-void
-ssl3_free(SSL *s)
-{
-	if (s == NULL)
-		return;
-
-	tls1_cleanup_key_block(s);
-	ssl3_release_read_buffer(s);
-	ssl3_release_write_buffer(s);
-
-	DH_free(s->s3->tmp.dh);
-	EC_KEY_free(s->s3->tmp.ecdh);
-
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-	BIO_free(s->s3->handshake_buffer);
-	tls1_free_digest_list(s);
-	free(s->s3->alpn_selected);
-
-	explicit_bzero(s->s3, sizeof *s->s3);
-	free(s->s3);
-	s->s3 = NULL;
-}
-
-void
-ssl3_clear(SSL *s)
-{
-	unsigned char	*rp, *wp;
-	size_t		 rlen, wlen;
-
-	tls1_cleanup_key_block(s);
-	if (s->s3->tmp.ca_names != NULL)
-		sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-
-	DH_free(s->s3->tmp.dh);
-	s->s3->tmp.dh = NULL;
-	EC_KEY_free(s->s3->tmp.ecdh);
-	s->s3->tmp.ecdh = NULL;
-
-	rp = s->s3->rbuf.buf;
-	wp = s->s3->wbuf.buf;
-	rlen = s->s3->rbuf.len;
-	wlen = s->s3->wbuf.len;
-
-	BIO_free(s->s3->handshake_buffer);
-	s->s3->handshake_buffer = NULL;
-
-	tls1_free_digest_list(s);
-
-	free(s->s3->alpn_selected);
-	s->s3->alpn_selected = NULL;
-
-	memset(s->s3, 0, sizeof *s->s3);
-	s->s3->rbuf.buf = rp;
-	s->s3->wbuf.buf = wp;
-	s->s3->rbuf.len = rlen;
-	s->s3->wbuf.len = wlen;
-
-	ssl_free_wbio_buffer(s);
-
-	s->packet_length = 0;
-	s->s3->renegotiate = 0;
-	s->s3->total_renegotiations = 0;
-	s->s3->num_renegotiations = 0;
-	s->s3->in_read_app_data = 0;
-	s->version = TLS1_VERSION;
-
-	free(s->next_proto_negotiated);
-	s->next_proto_negotiated = NULL;
-	s->next_proto_negotiated_len = 0;
-}
-
-
-long
-ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-	int ret = 0;
-
-	if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
-		if (!ssl_cert_inst(&s->cert)) {
-			SSLerr(SSL_F_SSL3_CTRL,
-			    ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-	}
-
-	switch (cmd) {
-	case SSL_CTRL_GET_SESSION_REUSED:
-		ret = s->hit;
-		break;
-	case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
-		break;
-	case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
-		ret = s->s3->num_renegotiations;
-		break;
-	case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
-		ret = s->s3->num_renegotiations;
-		s->s3->num_renegotiations = 0;
-		break;
-	case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
-		ret = s->s3->total_renegotiations;
-		break;
-	case SSL_CTRL_GET_FLAGS:
-		ret = (int)(s->s3->flags);
-		break;
-	case SSL_CTRL_NEED_TMP_RSA:
-		ret = 0;
-		break;
-	case SSL_CTRL_SET_TMP_RSA:
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		break;
-	case SSL_CTRL_SET_TMP_DH:
-		{
-			DH *dh = (DH *)parg;
-			if (dh == NULL) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    ERR_R_PASSED_NULL_PARAMETER);
-				return (ret);
-			}
-			if ((dh = DHparams_dup(dh)) == NULL) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    ERR_R_DH_LIB);
-				return (ret);
-			}
-			DH_free(s->cert->dh_tmp);
-			s->cert->dh_tmp = dh;
-			ret = 1;
-		}
-		break;
-
-	case SSL_CTRL_SET_TMP_DH_CB:
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return (ret);
-
-	case SSL_CTRL_SET_DH_AUTO:
-		s->cert->dh_tmp_auto = larg;
-		return 1;
-
-	case SSL_CTRL_SET_TMP_ECDH:
-		{
-			EC_KEY *ecdh = NULL;
-
-			if (parg == NULL) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    ERR_R_PASSED_NULL_PARAMETER);
-				return (ret);
-			}
-			if (!EC_KEY_up_ref((EC_KEY *)parg)) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    ERR_R_ECDH_LIB);
-				return (ret);
-			}
-			ecdh = (EC_KEY *)parg;
-			if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
-				if (!EC_KEY_generate_key(ecdh)) {
-					EC_KEY_free(ecdh);
-					SSLerr(SSL_F_SSL3_CTRL,
-					    ERR_R_ECDH_LIB);
-					return (ret);
-				}
-			}
-			EC_KEY_free(s->cert->ecdh_tmp);
-			s->cert->ecdh_tmp = ecdh;
-			ret = 1;
-		}
-		break;
-	case SSL_CTRL_SET_TMP_ECDH_CB:
-		{
-			SSLerr(SSL_F_SSL3_CTRL,
-			    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-			return (ret);
-		}
-		break;
-	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
-		if (larg == TLSEXT_NAMETYPE_host_name) {
-			free(s->tlsext_hostname);
-			s->tlsext_hostname = NULL;
-
-			ret = 1;
-			if (parg == NULL)
-				break;
-			if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    SSL_R_SSL3_EXT_INVALID_SERVERNAME);
-				return 0;
-			}
-			if ((s->tlsext_hostname = strdup((char *)parg))
-			    == NULL) {
-				SSLerr(SSL_F_SSL3_CTRL,
-				    ERR_R_INTERNAL_ERROR);
-				return 0;
-			}
-		} else {
-			SSLerr(SSL_F_SSL3_CTRL,
-			    SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
-			return 0;
-		}
-		break;
-	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
-		s->tlsext_debug_arg = parg;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
-		s->tlsext_status_type = larg;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
-		*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
-		s->tlsext_ocsp_exts = parg;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
-		*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
-		s->tlsext_ocsp_ids = parg;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
-		*(unsigned char **)parg = s->tlsext_ocsp_resp;
-		return s->tlsext_ocsp_resplen;
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
-		free(s->tlsext_ocsp_resp);
-		s->tlsext_ocsp_resp = parg;
-		s->tlsext_ocsp_resplen = larg;
-		ret = 1;
-		break;
-
-	case SSL_CTRL_SET_ECDH_AUTO:
-		s->cert->ecdh_tmp_auto = larg;
-		ret = 1;
-		break;
-
-	default:
-		break;
-	}
-	return (ret);
-}
-
-long
-ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
-{
-	int	ret = 0;
-
-	if (cmd == SSL_CTRL_SET_TMP_DH_CB) {
-		if (!ssl_cert_inst(&s->cert)) {
-			SSLerr(SSL_F_SSL3_CALLBACK_CTRL,
-			    ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-	}
-
-	switch (cmd) {
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		break;
-	case SSL_CTRL_SET_TMP_DH_CB:
-		s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-		break;
-	case SSL_CTRL_SET_TMP_ECDH_CB:
-		s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
-		break;
-	case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
-		s->tlsext_debug_cb = (void (*)(SSL *, int , int,
-		    unsigned char *, int, void *))fp;
-		break;
-	default:
-		break;
-	}
-	return (ret);
-}
-
-long
-ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
-	CERT	*cert;
-
-	cert = ctx->cert;
-
-	switch (cmd) {
-	case SSL_CTRL_NEED_TMP_RSA:
-		return (0);
-	case SSL_CTRL_SET_TMP_RSA:
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return (0);
-	case SSL_CTRL_SET_TMP_DH:
-		{
-			DH *new = NULL, *dh;
-
-			dh = (DH *)parg;
-			if ((new = DHparams_dup(dh)) == NULL) {
-				SSLerr(SSL_F_SSL3_CTX_CTRL,
-				    ERR_R_DH_LIB);
-				return 0;
-			}
-			DH_free(cert->dh_tmp);
-			cert->dh_tmp = new;
-			return 1;
-		}
-		/*break; */
-
-	case SSL_CTRL_SET_TMP_DH_CB:
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return (0);
-
-	case SSL_CTRL_SET_DH_AUTO:
-		ctx->cert->dh_tmp_auto = larg;
-		return (1);
-
-	case SSL_CTRL_SET_TMP_ECDH:
-		{
-			EC_KEY *ecdh = NULL;
-
-			if (parg == NULL) {
-				SSLerr(SSL_F_SSL3_CTX_CTRL,
-				    ERR_R_ECDH_LIB);
-				return 0;
-			}
-			ecdh = EC_KEY_dup((EC_KEY *)parg);
-			if (ecdh == NULL) {
-				SSLerr(SSL_F_SSL3_CTX_CTRL,
-				    ERR_R_EC_LIB);
-				return 0;
-			}
-			if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
-				if (!EC_KEY_generate_key(ecdh)) {
-					EC_KEY_free(ecdh);
-					SSLerr(SSL_F_SSL3_CTX_CTRL,
-					    ERR_R_ECDH_LIB);
-					return 0;
-				}
-			}
-
-			EC_KEY_free(cert->ecdh_tmp);
-			cert->ecdh_tmp = ecdh;
-			return 1;
-		}
-		/* break; */
-	case SSL_CTRL_SET_TMP_ECDH_CB:
-		{
-			SSLerr(SSL_F_SSL3_CTX_CTRL,
-			    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-			return (0);
-		}
-		break;
-	case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
-		ctx->tlsext_servername_arg = parg;
-		break;
-	case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
-	case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
-		{
-			unsigned char *keys = parg;
-			if (!keys)
-				return 48;
-			if (larg != 48) {
-				SSLerr(SSL_F_SSL3_CTX_CTRL,
-				    SSL_R_INVALID_TICKET_KEYS_LENGTH);
-				return 0;
-			}
-			if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
-				memcpy(ctx->tlsext_tick_key_name, keys, 16);
-				memcpy(ctx->tlsext_tick_hmac_key,
-				    keys + 16, 16);
-				memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
-			} else {
-				memcpy(keys, ctx->tlsext_tick_key_name, 16);
-				memcpy(keys + 16,
-				    ctx->tlsext_tick_hmac_key, 16);
-				memcpy(keys + 32,
-				    ctx->tlsext_tick_aes_key, 16);
-			}
-			return 1;
-		}
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
-		ctx->tlsext_status_arg = parg;
-		return 1;
-		break;
-
-	case SSL_CTRL_SET_ECDH_AUTO:
-		ctx->cert->ecdh_tmp_auto = larg;
-		return 1;
-
-		/* A Thawte special :-) */
-	case SSL_CTRL_EXTRA_CHAIN_CERT:
-		if (ctx->extra_certs == NULL) {
-			if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
-				return (0);
-		}
-		sk_X509_push(ctx->extra_certs,(X509 *)parg);
-		break;
-
-	case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
-		*(STACK_OF(X509) **)parg = ctx->extra_certs;
-		break;
-
-	case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
-		if (ctx->extra_certs) {
-			sk_X509_pop_free(ctx->extra_certs, X509_free);
-			ctx->extra_certs = NULL;
-		}
-		break;
-
-	default:
-		return (0);
-	}
-	return (1);
-}
-
-long
-ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
-{
-	CERT	*cert;
-
-	cert = ctx->cert;
-
-	switch (cmd) {
-	case SSL_CTRL_SET_TMP_RSA_CB:
-		SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return (0);
-	case SSL_CTRL_SET_TMP_DH_CB:
-		cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
-		break;
-	case SSL_CTRL_SET_TMP_ECDH_CB:
-		cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
-		break;
-	case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
-		ctx->tlsext_servername_callback =
-		    (int (*)(SSL *, int *, void *))fp;
-		break;
-
-	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
-		ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
-		break;
-
-	case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
-		ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char  *,
-		    unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp;
-		break;
-
-	default:
-		return (0);
-	}
-	return (1);
-}
-
-/*
- * This function needs to check if the ciphers required are actually available.
- */
-const SSL_CIPHER *
-ssl3_get_cipher_by_char(const unsigned char *p)
-{
-	CBS cipher;
-	uint16_t cipher_value;
-
-	/* We have to assume it is at least 2 bytes due to existing API. */
-	CBS_init(&cipher, p, 2);
-	if (!CBS_get_u16(&cipher, &cipher_value))
-		return NULL;
-
-	return ssl3_get_cipher_by_value(cipher_value);
-}
-
-int
-ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-	if (p != NULL) {
-		if ((c->id & ~SSL3_CK_VALUE_MASK) != SSL3_CK_ID)
-			return (0);
-		s2n(ssl3_cipher_get_value(c), p); 
-	}
-	return (2);
-}
-
-SSL_CIPHER *
-ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
-    STACK_OF(SSL_CIPHER) *srvr)
-{
-	unsigned long alg_k, alg_a, mask_k, mask_a;
-	STACK_OF(SSL_CIPHER) *prio, *allow;
-	SSL_CIPHER *c, *ret = NULL;
-	int i, ii, ok;
-	CERT *cert;
-
-	/* Let's see which ciphers we can support */
-	cert = s->cert;
-
-	/*
-	 * Do not set the compare functions, because this may lead to a
-	 * reordering by "id". We want to keep the original ordering.
-	 * We may pay a price in performance during sk_SSL_CIPHER_find(),
-	 * but would have to pay with the price of sk_SSL_CIPHER_dup().
-	 */
-
-	if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
-		prio = srvr;
-		allow = clnt;
-	} else {
-		prio = clnt;
-		allow = srvr;
-	}
-
-	for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
-		c = sk_SSL_CIPHER_value(prio, i);
-
-		/* Skip TLS v1.2 only ciphersuites if not supported. */
-		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
-		    !SSL_USE_TLS1_2_CIPHERS(s))
-			continue;
-
-		ssl_set_cert_masks(cert, c);
-		mask_k = cert->mask_k;
-		mask_a = cert->mask_a;
-
-		alg_k = c->algorithm_mkey;
-		alg_a = c->algorithm_auth;
-
-
-		ok = (alg_k & mask_k) && (alg_a & mask_a);
-
-		/*
-		 * If we are considering an ECC cipher suite that uses our
-		 * certificate check it.
-		 */
-		if (alg_a & (SSL_aECDSA|SSL_aECDH))
-			ok = ok && tls1_check_ec_server_key(s);
-		/*
-		 * If we are considering an ECC cipher suite that uses
-		 * an ephemeral EC key check it.
-		 */
-		if (alg_k & SSL_kECDHE)
-			ok = ok && tls1_check_ec_tmp_key(s);
-
-		if (!ok)
-			continue;
-		ii = sk_SSL_CIPHER_find(allow, c);
-		if (ii >= 0) {
-			ret = sk_SSL_CIPHER_value(allow, ii);
-			break;
-		}
-	}
-	return (ret);
-}
-
-int
-ssl3_get_req_cert_type(SSL *s, unsigned char *p)
-{
-	int		ret = 0;
-	unsigned long	alg_k;
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-#ifndef OPENSSL_NO_GOST
-	if ((alg_k & SSL_kGOST)) {
-		p[ret++] = TLS_CT_GOST94_SIGN;
-		p[ret++] = TLS_CT_GOST01_SIGN;
-		p[ret++] = TLS_CT_GOST12_256_SIGN;
-		p[ret++] = TLS_CT_GOST12_512_SIGN;
-	}
-#endif
-
-	if (alg_k & SSL_kDHE) {
-		p[ret++] = SSL3_CT_RSA_FIXED_DH;
-		p[ret++] = SSL3_CT_DSS_FIXED_DH;
-	}
-	p[ret++] = SSL3_CT_RSA_SIGN;
-	p[ret++] = SSL3_CT_DSS_SIGN;
-	if ((alg_k & (SSL_kECDHr|SSL_kECDHe))) {
-		p[ret++] = TLS_CT_RSA_FIXED_ECDH;
-		p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
-	}
-
-	/*
-	 * ECDSA certs can be used with RSA cipher suites as well
-	 * so we don't need to check for SSL_kECDH or SSL_kECDHE
-	 */
-	p[ret++] = TLS_CT_ECDSA_SIGN;
-
-	return (ret);
-}
-
-int
-ssl3_shutdown(SSL *s)
-{
-	int	ret;
-
-	/*
-	 * Don't do anything much if we have not done the handshake or
-	 * we don't want to send messages :-)
-	 */
-	if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
-		s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
-		return (1);
-	}
-
-	if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
-		s->shutdown|=SSL_SENT_SHUTDOWN;
-		ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
-		/*
-		 * Our shutdown alert has been sent now, and if it still needs
-	 	 * to be written, s->s3->alert_dispatch will be true
-		 */
-		if (s->s3->alert_dispatch)
-			return(-1);	/* return WANT_WRITE */
-	} else if (s->s3->alert_dispatch) {
-		/* resend it if not sent */
-		ret = s->method->ssl_dispatch_alert(s);
-		if (ret == -1) {
-			/*
-			 * We only get to return -1 here the 2nd/Nth
-			 * invocation, we must  have already signalled
-			 * return 0 upon a previous invoation,
-			 * return WANT_WRITE
-			 */
-			return (ret);
-		}
-	} else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-		/* If we are waiting for a close from our peer, we are closed */
-		s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
-		if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
-			return(-1);	/* return WANT_READ */
-		}
-	}
-
-	if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
-	    !s->s3->alert_dispatch)
-		return (1);
-	else
-		return (0);
-}
-
-int
-ssl3_write(SSL *s, const void *buf, int len)
-{
-	int	ret, n;
-
-#if 0
-	if (s->shutdown & SSL_SEND_SHUTDOWN) {
-		s->rwstate = SSL_NOTHING;
-		return (0);
-	}
-#endif
-	errno = 0;
-	if (s->s3->renegotiate)
-		ssl3_renegotiate_check(s);
-
-	/*
-	 * This is an experimental flag that sends the
-	 * last handshake message in the same packet as the first
-	 * use data - used to see if it helps the TCP protocol during
-	 * session-id reuse
-	 */
-	/* The second test is because the buffer may have been removed */
-	if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
-		/* First time through, we write into the buffer */
-		if (s->s3->delay_buf_pop_ret == 0) {
-			ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA,
-			    buf, len);
-			if (ret <= 0)
-				return (ret);
-
-			s->s3->delay_buf_pop_ret = ret;
-		}
-
-		s->rwstate = SSL_WRITING;
-		n = BIO_flush(s->wbio);
-		if (n <= 0)
-			return (n);
-		s->rwstate = SSL_NOTHING;
-
-		/* We have flushed the buffer, so remove it */
-		ssl_free_wbio_buffer(s);
-		s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
-
-		ret = s->s3->delay_buf_pop_ret;
-		s->s3->delay_buf_pop_ret = 0;
-	} else {
-		ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
-		    buf, len);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	return (ret);
-}
-
-static int
-ssl3_read_internal(SSL *s, void *buf, int len, int peek)
-{
-	int	ret;
-
-	errno = 0;
-	if (s->s3->renegotiate)
-		ssl3_renegotiate_check(s);
-	s->s3->in_read_app_data = 1;
-	ret = s->method->ssl_read_bytes(s,
-	    SSL3_RT_APPLICATION_DATA, buf, len, peek);
-	if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
-		/*
-		 * ssl3_read_bytes decided to call s->handshake_func, which
-		 * called ssl3_read_bytes to read handshake data.
-		 * However, ssl3_read_bytes actually found application data
-		 * and thinks that application data makes sense here; so disable
-		 * handshake processing and try to read application data again.
-		 */
-		s->in_handshake++;
-		ret = s->method->ssl_read_bytes(s,
-		    SSL3_RT_APPLICATION_DATA, buf, len, peek);
-		s->in_handshake--;
-	} else
-		s->s3->in_read_app_data = 0;
-
-	return (ret);
-}
-
-int
-ssl3_read(SSL *s, void *buf, int len)
-{
-	return ssl3_read_internal(s, buf, len, 0);
-}
-
-int
-ssl3_peek(SSL *s, void *buf, int len)
-{
-	return ssl3_read_internal(s, buf, len, 1);
-}
-
-int
-ssl3_renegotiate(SSL *s)
-{
-	if (s->handshake_func == NULL)
-		return (1);
-
-	if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
-		return (0);
-
-	s->s3->renegotiate = 1;
-	return (1);
-}
-
-int
-ssl3_renegotiate_check(SSL *s)
-{
-	int	ret = 0;
-
-	if (s->s3->renegotiate) {
-		if ((s->s3->rbuf.left == 0) && (s->s3->wbuf.left == 0) &&
-		    !SSL_in_init(s)) {
-			/*
-			 * If we are the server, and we have sent
-			 * a 'RENEGOTIATE' message, we need to go
-			 * to SSL_ST_ACCEPT.
-			 */
-			/* SSL_ST_ACCEPT */
-			s->state = SSL_ST_RENEGOTIATE;
-			s->s3->renegotiate = 0;
-			s->s3->num_renegotiations++;
-			s->s3->total_renegotiations++;
-			ret = 1;
-		}
-	}
-	return (ret);
-}
-/*
- * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF
- * and handshake macs if required.
- */
-long
-ssl_get_algorithm2(SSL *s)
-{
-	long	alg2 = s->s3->tmp.new_cipher->algorithm2;
-
-	if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF &&
-	    alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
-		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
-	return alg2;
-}
diff --git a/lib/libssl/src/ssl/s3_pkt.c b/lib/libssl/src/ssl/s3_pkt.c
deleted file mode 100644
index 0e97be6728b..00000000000
--- a/lib/libssl/src/ssl/s3_pkt.c
+++ /dev/null
@@ -1,1391 +0,0 @@
-/* $OpenBSD: s3_pkt.c,v 1.58 2016/07/10 23:07:34 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <errno.h>
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-
-#include "bytestring.h"
-
-static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-    unsigned int len, int create_empty_fragment);
-static int ssl3_get_record(SSL *s);
-
-/* If extend == 0, obtain new n-byte packet; if extend == 1, increase
- * packet by another n bytes.
- * The packet will be in the sub-array of s->s3->rbuf.buf specified
- * by s->packet and s->packet_length.
- * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
- * [plus s->packet_length bytes if extend == 1].)
- */
-int
-ssl3_read_n(SSL *s, int n, int max, int extend)
-{
-	int i, len, left;
-	size_t align;
-	unsigned char *pkt;
-	SSL3_BUFFER *rb;
-
-	if (n <= 0)
-		return n;
-
-	rb = &(s->s3->rbuf);
-	if (rb->buf == NULL)
-		if (!ssl3_setup_read_buffer(s))
-			return -1;
-
-	left = rb->left;
-	align = (size_t)rb->buf + SSL3_RT_HEADER_LENGTH;
-	align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-
-	if (!extend) {
-		/* start with empty packet ... */
-		if (left == 0)
-			rb->offset = align;
-		else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) {
-			/* check if next packet length is large
-			 * enough to justify payload alignment... */
-			pkt = rb->buf + rb->offset;
-			if (pkt[0] == SSL3_RT_APPLICATION_DATA &&
-			    (pkt[3]<<8|pkt[4]) >= 128) {
-				/* Note that even if packet is corrupted
-				 * and its length field is insane, we can
-				 * only be led to wrong decision about
-				 * whether memmove will occur or not.
-				 * Header values has no effect on memmove
-				 * arguments and therefore no buffer
-				 * overrun can be triggered. */
-				memmove(rb->buf + align, pkt, left);
-				rb->offset = align;
-			}
-		}
-		s->packet = rb->buf + rb->offset;
-		s->packet_length = 0;
-		/* ... now we can act as if 'extend' was set */
-	}
-
-	/* For DTLS/UDP reads should not span multiple packets
-	 * because the read operation returns the whole packet
-	 * at once (as long as it fits into the buffer). */
-	if (SSL_IS_DTLS(s)) {
-		if (left > 0 && n > left)
-			n = left;
-	}
-
-	/* if there is enough in the buffer from a previous read, take some */
-	if (left >= n) {
-		s->packet_length += n;
-		rb->left = left - n;
-		rb->offset += n;
-		return (n);
-	}
-
-	/* else we need to read more data */
-
-	len = s->packet_length;
-	pkt = rb->buf + align;
-	/* Move any available bytes to front of buffer:
-	 * 'len' bytes already pointed to by 'packet',
-	 * 'left' extra ones at the end */
-	if (s->packet != pkt)  {
-		/* len > 0 */
-		memmove(pkt, s->packet, len + left);
-		s->packet = pkt;
-		rb->offset = len + align;
-	}
-
-	if (n > (int)(rb->len - rb->offset)) {
-		/* does not happen */
-		SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
-	if (!s->read_ahead) {
-		/* ignore max parameter */
-		max = n;
-	} else {
-		if (max < n)
-			max = n;
-		if (max > (int)(rb->len - rb->offset))
-			max = rb->len - rb->offset;
-	}
-
-	while (left < n) {
-		/* Now we have len+left bytes at the front of s->s3->rbuf.buf
-		 * and need to read in more until we have len+n (up to
-		 * len+max if possible) */
-
-		errno = 0;
-		if (s->rbio != NULL) {
-			s->rwstate = SSL_READING;
-			i = BIO_read(s->rbio, pkt + len + left, max - left);
-		} else {
-			SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET);
-			i = -1;
-		}
-
-		if (i <= 0) {
-			rb->left = left;
-			if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
-			    !SSL_IS_DTLS(s)) {
-				if (len + left == 0)
-					ssl3_release_read_buffer(s);
-			}
-			return (i);
-		}
-		left += i;
-
-		/*
-		 * reads should *never* span multiple packets for DTLS because
-		 * the underlying transport protocol is message oriented as
-		 * opposed to byte oriented as in the TLS case.
-		 */
-		if (SSL_IS_DTLS(s)) {
-			if (n > left)
-				n = left; /* makes the while condition false */
-		}
-	}
-
-	/* done reading, now the book-keeping */
-	rb->offset += n;
-	rb->left = left - n;
-	s->packet_length += n;
-	s->rwstate = SSL_NOTHING;
-	return (n);
-}
-
-/* Call this to get a new input record.
- * It will return <= 0 if more data is needed, normally due to an error
- * or non-blocking IO.
- * When it finishes, one packet has been decoded and can be found in
- * ssl->s3->rrec.type    - is the type of record
- * ssl->s3->rrec.data, 	 - data
- * ssl->s3->rrec.length, - number of bytes
- */
-/* used only by ssl3_read_bytes */
-static int
-ssl3_get_record(SSL *s)
-{
-	int al;
-	int enc_err, n, i, ret = -1;
-	SSL3_RECORD *rr;
-	SSL_SESSION *sess;
-	unsigned char md[EVP_MAX_MD_SIZE];
-	unsigned mac_size, orig_len;
-
-	rr = &(s->s3->rrec);
-	sess = s->session;
-
-again:
-	/* check if we have the header */
-	if ((s->rstate != SSL_ST_READ_BODY) ||
-	    (s->packet_length < SSL3_RT_HEADER_LENGTH)) {
-		CBS header;
-		uint16_t len, ssl_version;
-		uint8_t type;
-
-		n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
-		if (n <= 0)
-			return(n); /* error or non-blocking */
-		s->rstate = SSL_ST_READ_BODY;
-
-		CBS_init(&header, s->packet, n);
-
-		/* Pull apart the header into the SSL3_RECORD */
-		if (!CBS_get_u8(&header, &type) ||
-		    !CBS_get_u16(&header, &ssl_version) ||
-		    !CBS_get_u16(&header, &len)) {
-			SSLerr(SSL_F_SSL3_GET_RECORD,
-			    SSL_R_BAD_PACKET_LENGTH);
-			goto err;
-		}
-
-		rr->type = type;
-		rr->length = len;
-
-		/* Lets check version */
-		if (!s->first_packet && ssl_version != s->version) {
-			SSLerr(SSL_F_SSL3_GET_RECORD,
-			    SSL_R_WRONG_VERSION_NUMBER);
-			if ((s->version & 0xFF00) == (ssl_version & 0xFF00) &&
-			    !s->enc_write_ctx && !s->write_hash)
-				/* Send back error using their minor version number :-) */
-				s->version = ssl_version;
-			al = SSL_AD_PROTOCOL_VERSION;
-			goto f_err;
-		}
-
-		if ((ssl_version >> 8) != SSL3_VERSION_MAJOR) {
-			SSLerr(SSL_F_SSL3_GET_RECORD,
-			    SSL_R_WRONG_VERSION_NUMBER);
-			goto err;
-		}
-
-		if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
-			al = SSL_AD_RECORD_OVERFLOW;
-			SSLerr(SSL_F_SSL3_GET_RECORD,
-			    SSL_R_PACKET_LENGTH_TOO_LONG);
-			goto f_err;
-		}
-
-		/* now s->rstate == SSL_ST_READ_BODY */
-	}
-
-	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
-
-	if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
-		/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
-		i = rr->length;
-		n = ssl3_read_n(s, i, i, 1);
-		if (n <= 0)
-			return(n); /* error or non-blocking io */
-		/* now n == rr->length,
-		 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
-	}
-
-	s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
-
-	/* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
-	 * and we have that many bytes in s->packet
-	 */
-	rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]);
-
-	/* ok, we can now read from 's->packet' data into 'rr'
-	 * rr->input points at rr->length bytes, which
-	 * need to be copied into rr->data by either
-	 * the decryption or by the decompression
-	 * When the data is 'copied' into the rr->data buffer,
-	 * rr->input will be pointed at the new buffer */
-
-	/* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
-	 * rr->length bytes of encrypted compressed stuff. */
-
-	/* check is not needed I believe */
-	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
-		al = SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
-		goto f_err;
-	}
-
-	/* decrypt in place in 'rr->input' */
-	rr->data = rr->input;
-
-	enc_err = s->method->ssl3_enc->enc(s, 0);
-	/* enc_err is:
-	 *    0: (in non-constant time) if the record is publically invalid.
-	 *    1: if the padding is valid
-	 *    -1: if the padding is invalid */
-	if (enc_err == 0) {
-		al = SSL_AD_DECRYPTION_FAILED;
-		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
-		goto f_err;
-	}
-
-
-	/* r->length is now the compressed data plus mac */
-	if ((sess != NULL) && (s->enc_read_ctx != NULL) &&
-	    (EVP_MD_CTX_md(s->read_hash) != NULL)) {
-		/* s->read_hash != NULL => mac_size != -1 */
-		unsigned char *mac = NULL;
-		unsigned char mac_tmp[EVP_MAX_MD_SIZE];
-
-		mac_size = EVP_MD_CTX_size(s->read_hash);
-		OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
-
-		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
-		orig_len = rr->length + ((unsigned int)rr->type >> 8);
-
-		/* orig_len is the length of the record before any padding was
-		 * removed. This is public information, as is the MAC in use,
-		 * therefore we can safely process the record in a different
-		 * amount of time if it's too short to possibly contain a MAC.
-		 */
-		if (orig_len < mac_size ||
-			/* CBC records must have a padding length byte too. */
-		    (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-		    orig_len < mac_size + 1)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT);
-			goto f_err;
-		}
-
-		if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
-			/* We update the length so that the TLS header bytes
-			 * can be constructed correctly but we need to extract
-			 * the MAC in constant time from within the record,
-			 * without leaking the contents of the padding bytes.
-			 * */
-			mac = mac_tmp;
-			ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
-			rr->length -= mac_size;
-		} else {
-			/* In this case there's no padding, so |orig_len|
-			 * equals |rec->length| and we checked that there's
-			 * enough bytes for |mac_size| above. */
-			rr->length -= mac_size;
-			mac = &rr->data[rr->length];
-		}
-
-		i = s->method->ssl3_enc->mac(s,md,0 /* not send */);
-		if (i < 0 || mac == NULL ||
-		    timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
-			enc_err = -1;
-		if (rr->length >
-		    SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
-			enc_err = -1;
-	}
-
-	if (enc_err < 0) {
-		/*
-		 * A separate 'decryption_failed' alert was introduced with
-		 * TLS 1.0, SSL 3.0 only has 'bad_record_mac'. But unless a
-		 * decryption failure is directly visible from the ciphertext
-		 * anyway, we should not reveal which kind of error
-		 * occurred -- this might become visible to an attacker
-		 * (e.g. via a logfile)
-		 */
-		al = SSL_AD_BAD_RECORD_MAC;
-		SSLerr(SSL_F_SSL3_GET_RECORD,
-		    SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
-		goto f_err;
-	}
-
-	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
-		al = SSL_AD_RECORD_OVERFLOW;
-		SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
-		goto f_err;
-	}
-
-	rr->off = 0;
-	/*
-	 * So at this point the following is true
-	 *
-	 * ssl->s3->rrec.type 	is the type of record
-	 * ssl->s3->rrec.length	== number of bytes in record
-	 * ssl->s3->rrec.off	== offset to first valid byte
-	 * ssl->s3->rrec.data	== where to take bytes from, increment
-	 *			   after use :-).
-	 */
-
-	/* we have pulled in a full packet so zero things */
-	s->packet_length = 0;
-
-	/* just read a 0 length packet */
-	if (rr->length == 0)
-		goto again;
-
-	return (1);
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (ret);
-}
-
-/* Call this to write data in records of type 'type'
- * It will return <= 0 if not all data has been sent or non-blocking IO.
- */
-int
-ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
-{
-	const unsigned char *buf = buf_;
-	unsigned int tot, n, nw;
-	int i;
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL3_WRITE_BYTES, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
-	s->rwstate = SSL_NOTHING;
-	tot = s->s3->wnum;
-	s->s3->wnum = 0;
-
-	if (SSL_in_init(s) && !s->in_handshake) {
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_SSL3_WRITE_BYTES,
-			    SSL_R_SSL_HANDSHAKE_FAILURE);
-			return -1;
-		}
-	}
-
-	if (len < tot)
-		len = tot;
-	n = (len - tot);
-	for (;;) {
-		if (n > s->max_send_fragment)
-			nw = s->max_send_fragment;
-		else
-			nw = n;
-
-		i = do_ssl3_write(s, type, &(buf[tot]), nw, 0);
-		if (i <= 0) {
-			s->s3->wnum = tot;
-			return i;
-		}
-
-		if ((i == (int)n) || (type == SSL3_RT_APPLICATION_DATA &&
-		    (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) {
-			/*
-			 * Next chunk of data should get another prepended
-			 * empty fragment in ciphersuites with known-IV
-			 * weakness.
-			 */
-			s->s3->empty_fragment_done = 0;
-
-			return tot + i;
-		}
-
-		n -= i;
-		tot += i;
-	}
-}
-
-static int
-do_ssl3_write(SSL *s, int type, const unsigned char *buf,
-    unsigned int len, int create_empty_fragment)
-{
-	unsigned char *p, *plen;
-	int i, mac_size, clear = 0;
-	int prefix_len = 0;
-	int eivlen;
-	size_t align;
-	SSL3_RECORD *wr;
-	SSL3_BUFFER *wb = &(s->s3->wbuf);
-	SSL_SESSION *sess;
-
-	if (wb->buf == NULL)
-		if (!ssl3_setup_write_buffer(s))
-			return -1;
-
-	/* first check if there is a SSL3_BUFFER still being written
-	 * out.  This will happen with non blocking IO */
-	if (wb->left != 0)
-		return (ssl3_write_pending(s, type, buf, len));
-
-	/* If we have an alert to send, lets send it */
-	if (s->s3->alert_dispatch) {
-		i = s->method->ssl_dispatch_alert(s);
-		if (i <= 0)
-			return (i);
-		/* if it went, fall through and send more stuff */
-		/* we may have released our buffer, so get it again */
-		if (wb->buf == NULL)
-			if (!ssl3_setup_write_buffer(s))
-				return -1;
-	}
-
-	if (len == 0 && !create_empty_fragment)
-		return 0;
-
-	wr = &(s->s3->wrec);
-	sess = s->session;
-
-	if ((sess == NULL) || (s->enc_write_ctx == NULL) ||
-	    (EVP_MD_CTX_md(s->write_hash) == NULL)) {
-		clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */
-		mac_size = 0;
-	} else {
-		mac_size = EVP_MD_CTX_size(s->write_hash);
-		if (mac_size < 0)
-			goto err;
-	}
-
-	/*
-	 * 'create_empty_fragment' is true only when this function calls
-	 * itself.
-	 */
-	if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done) {
-		/*
-		 * Countermeasure against known-IV weakness in CBC ciphersuites
-		 * (see http://www.openssl.org/~bodo/tls-cbc.txt)
-		 */
-		if (s->s3->need_empty_fragments &&
-		    type == SSL3_RT_APPLICATION_DATA) {
-			/* recursive function call with 'create_empty_fragment' set;
-			 * this prepares and buffers the data for an empty fragment
-			 * (these 'prefix_len' bytes are sent out later
-			 * together with the actual payload) */
-			prefix_len = do_ssl3_write(s, type, buf, 0, 1);
-			if (prefix_len <= 0)
-				goto err;
-
-			if (prefix_len >
-				(SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD)) {
-				/* insufficient space */
-				SSLerr(SSL_F_DO_SSL3_WRITE,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-		}
-
-		s->s3->empty_fragment_done = 1;
-	}
-
-	if (create_empty_fragment) {
-		/* extra fragment would be couple of cipher blocks,
-		 * which would be multiple of SSL3_ALIGN_PAYLOAD, so
-		 * if we want to align the real payload, then we can
-		 * just pretent we simply have two headers. */
-		align = (size_t)wb->buf + 2 * SSL3_RT_HEADER_LENGTH;
-		align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-
-		p = wb->buf + align;
-		wb->offset = align;
-	} else if (prefix_len) {
-		p = wb->buf + wb->offset + prefix_len;
-	} else {
-		align = (size_t)wb->buf + SSL3_RT_HEADER_LENGTH;
-		align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
-
-		p = wb->buf + align;
-		wb->offset = align;
-	}
-
-	/* write the header */
-
-	*(p++) = type&0xff;
-	wr->type = type;
-
-	*(p++) = (s->version >> 8);
-	/* Some servers hang if iniatial client hello is larger than 256
-	 * bytes and record version number > TLS 1.0
-	 */
-	if (s->state == SSL3_ST_CW_CLNT_HELLO_B && !s->renegotiate &&
-	    TLS1_get_version(s) > TLS1_VERSION)
-		*(p++) = 0x1;
-	else
-		*(p++) = s->version&0xff;
-
-	/* field where we are to write out packet length */
-	plen = p;
-	p += 2;
-
-	/* Explicit IV length. */
-	if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) {
-		int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
-		if (mode == EVP_CIPH_CBC_MODE) {
-			eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
-			if (eivlen <= 1)
-				eivlen = 0;
-		}
-		/* Need explicit part of IV for GCM mode */
-		else if (mode == EVP_CIPH_GCM_MODE)
-			eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
-		else
-			eivlen = 0;
-	} else if (s->aead_write_ctx != NULL &&
-	    s->aead_write_ctx->variable_nonce_in_record) {
-		eivlen = s->aead_write_ctx->variable_nonce_len;
-	} else
-		eivlen = 0;
-
-	/* lets setup the record stuff. */
-	wr->data = p + eivlen;
-	wr->length = (int)len;
-	wr->input = (unsigned char *)buf;
-
-	/* we now 'read' from wr->input, wr->length bytes into wr->data */
-
-	memcpy(wr->data, wr->input, wr->length);
-	wr->input = wr->data;
-
-	/* we should still have the output to wr->data and the input
-	 * from wr->input.  Length should be wr->length.
-	 * wr->data still points in the wb->buf */
-
-	if (mac_size != 0) {
-		if (s->method->ssl3_enc->mac(s,
-		    &(p[wr->length + eivlen]), 1) < 0)
-			goto err;
-		wr->length += mac_size;
-	}
-
-	wr->input = p;
-	wr->data = p;
-
-	if (eivlen) {
-		/* if (RAND_pseudo_bytes(p, eivlen) <= 0)
-			goto err;
-		*/
-		wr->length += eivlen;
-	}
-
-	/* ssl3_enc can only have an error on read */
-	s->method->ssl3_enc->enc(s, 1);
-
-	/* record length after mac and block padding */
-	s2n(wr->length, plen);
-
-	/* we should now have
-	 * wr->data pointing to the encrypted data, which is
-	 * wr->length long */
-	wr->type=type; /* not needed but helps for debugging */
-	wr->length += SSL3_RT_HEADER_LENGTH;
-
-	if (create_empty_fragment) {
-		/* we are in a recursive call;
-		 * just return the length, don't write out anything here
-		 */
-		return wr->length;
-	}
-
-	/* now let's set up wb */
-	wb->left = prefix_len + wr->length;
-
-	/* memorize arguments so that ssl3_write_pending can detect
-	 * bad write retries later */
-	s->s3->wpend_tot = len;
-	s->s3->wpend_buf = buf;
-	s->s3->wpend_type = type;
-	s->s3->wpend_ret = len;
-
-	/* we now just need to write the buffer */
-	return ssl3_write_pending(s, type, buf, len);
-err:
-	return -1;
-}
-
-/* if s->s3->wbuf.left != 0, we need to call this */
-int
-ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
-{
-	int i;
-	SSL3_BUFFER *wb = &(s->s3->wbuf);
-
-	/* XXXX */
-	if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) &&
-	    !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
-	    (s->s3->wpend_type != type)) {
-		SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
-		return (-1);
-	}
-
-	for (;;) {
-		errno = 0;
-		if (s->wbio != NULL) {
-			s->rwstate = SSL_WRITING;
-			i = BIO_write(s->wbio,
-			(char *)&(wb->buf[wb->offset]),
-			(unsigned int)wb->left);
-		} else {
-			SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BIO_NOT_SET);
-			i = -1;
-		}
-		if (i == wb->left) {
-			wb->left = 0;
-			wb->offset += i;
-			if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
-			    !SSL_IS_DTLS(s))
-				ssl3_release_write_buffer(s);
-			s->rwstate = SSL_NOTHING;
-			return (s->s3->wpend_ret);
-		} else if (i <= 0) {
-			/*
-			 * For DTLS, just drop it. That's kind of the
-			 * whole point in using a datagram service.
-			 */
-			if (SSL_IS_DTLS(s))
-				wb->left = 0;
-			return (i);
-		}
-		wb->offset += i;
-		wb->left -= i;
-	}
-}
-
-/* Return up to 'len' payload bytes received in 'type' records.
- * 'type' is one of the following:
- *
- *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
- *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
- *   -  0 (during a shutdown, no data has to be returned)
- *
- * If we don't have stored data to work from, read a SSL/TLS record first
- * (possibly multiple records if we still don't have anything to return).
- *
- * This function must handle any surprises the peer may have for us, such as
- * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
- * a surprise, but handled as if it were), or renegotiation requests.
- * Also if record payloads contain fragments too small to process, we store
- * them until there is enough for the respective protocol (the record protocol
- * may use arbitrary fragmentation and even interleaving):
- *     Change cipher spec protocol
- *             just 1 byte needed, no need for keeping anything stored
- *     Alert protocol
- *             2 bytes needed (AlertLevel, AlertDescription)
- *     Handshake protocol
- *             4 bytes needed (HandshakeType, uint24 length) -- we just have
- *             to detect unexpected Client Hello and Hello Request messages
- *             here, anything else is handled by higher layers
- *     Application data protocol
- *             none of our business
- */
-int
-ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
-{
-	int al, i, j, ret;
-	unsigned int n;
-	SSL3_RECORD *rr;
-	void (*cb)(const SSL *ssl, int type2, int val) = NULL;
-
-	if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
-		if (!ssl3_setup_read_buffer(s))
-			return (-1);
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
-	if ((type && type != SSL3_RT_APPLICATION_DATA &&
-	    type != SSL3_RT_HANDSHAKE) ||
-	    (peek && (type != SSL3_RT_APPLICATION_DATA))) {
-		SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		return -1;
-	}
-
-	if ((type == SSL3_RT_HANDSHAKE) &&
-	    (s->s3->handshake_fragment_len > 0)) {
-		/* (partially) satisfy request from storage */
-		unsigned char *src = s->s3->handshake_fragment;
-		unsigned char *dst = buf;
-		unsigned int k;
-
-		/* peek == 0 */
-		n = 0;
-		while ((len > 0) && (s->s3->handshake_fragment_len > 0)) {
-			*dst++ = *src++;
-			len--;
-			s->s3->handshake_fragment_len--;
-			n++;
-		}
-		/* move any remaining fragment bytes: */
-		for (k = 0; k < s->s3->handshake_fragment_len; k++)
-			s->s3->handshake_fragment[k] = *src++;
-		return n;
-	}
-
-	/*
-	 * Now s->s3->handshake_fragment_len == 0 if
-	 * type == SSL3_RT_HANDSHAKE.
-	 */
-	if (!s->in_handshake && SSL_in_init(s)) {
-		/* type == SSL3_RT_APPLICATION_DATA */
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-	}
-start:
-	s->rwstate = SSL_NOTHING;
-
-	/*
-	 * s->s3->rrec.type	    - is the type of record
-	 * s->s3->rrec.data,    - data
-	 * s->s3->rrec.off,     - offset into 'data' for next read
-	 * s->s3->rrec.length,  - number of bytes.
-	 */
-	rr = &(s->s3->rrec);
-
-	/* get new packet if necessary */
-	if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
-		ret = ssl3_get_record(s);
-		if (ret <= 0)
-			return (ret);
-	}
-
-	/* we now have a packet which can be read and processed */
-
-	if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
-	                               * reset by ssl3_get_finished */
-	    && (rr->type != SSL3_RT_HANDSHAKE)) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES,
-		    SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
-		goto f_err;
-	}
-
-	/* If the other end has shut down, throw anything we read away
-	 * (even in 'peek' mode) */
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-		rr->length = 0;
-		s->rwstate = SSL_NOTHING;
-		return (0);
-	}
-
-
-	/* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
-	if (type == rr->type) {
-		/* make sure that we are not getting application data when we
-		 * are doing a handshake for the first time */
-		if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
-			(s->enc_read_ctx == NULL)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_APP_DATA_IN_HANDSHAKE);
-			goto f_err;
-		}
-
-		if (len <= 0)
-			return (len);
-
-		if ((unsigned int)len > rr->length)
-			n = rr->length;
-		else
-			n = (unsigned int)len;
-
-		memcpy(buf, &(rr->data[rr->off]), n);
-		if (!peek) {
-			memset(&(rr->data[rr->off]), 0, n);
-			rr->length -= n;
-			rr->off += n;
-			if (rr->length == 0) {
-				s->rstate = SSL_ST_READ_HEADER;
-				rr->off = 0;
-				if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
-				    s->s3->rbuf.left == 0)
-					ssl3_release_read_buffer(s);
-			}
-		}
-		return (n);
-	}
-
-
-	/* If we get here, then type != rr->type; if we have a handshake
-	 * message, then it was unexpected (Hello Request or Client Hello). */
-
-	{
-		/*
-		 * In case of record types for which we have 'fragment'
-		 * storage, * fill that so that we can process the data
-		 * at a fixed place.
-		 */
-		unsigned int dest_maxlen = 0;
-		unsigned char *dest = NULL;
-		unsigned int *dest_len = NULL;
-
-		if (rr->type == SSL3_RT_HANDSHAKE) {
-			dest_maxlen = sizeof s->s3->handshake_fragment;
-			dest = s->s3->handshake_fragment;
-			dest_len = &s->s3->handshake_fragment_len;
-		} else if (rr->type == SSL3_RT_ALERT) {
-			dest_maxlen = sizeof s->s3->alert_fragment;
-			dest = s->s3->alert_fragment;
-			dest_len = &s->s3->alert_fragment_len;
-		}
-		if (dest_maxlen > 0) {
-			/* available space in 'dest' */
-			n = dest_maxlen - *dest_len;
-			if (rr->length < n)
-				n = rr->length; /* available bytes */
-
-			/* now move 'n' bytes: */
-			while (n-- > 0) {
-				dest[(*dest_len)++] = rr->data[rr->off++];
-				rr->length--;
-			}
-
-			if (*dest_len < dest_maxlen)
-				goto start; /* fragment was too small */
-		}
-	}
-
-	/* s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
-	 * s->s3->alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
-	 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
-
-	/* If we are a client, check for an incoming 'Hello Request': */
-	if ((!s->server) && (s->s3->handshake_fragment_len >= 4) &&
-	    (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
-	    (s->session != NULL) && (s->session->cipher != NULL)) {
-		s->s3->handshake_fragment_len = 0;
-
-		if ((s->s3->handshake_fragment[1] != 0) ||
-		    (s->s3->handshake_fragment[2] != 0) ||
-		    (s->s3->handshake_fragment[3] != 0)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
-			goto f_err;
-		}
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
-			    s->s3->handshake_fragment, 4, s,
-			    s->msg_callback_arg);
-
-		if (SSL_is_init_finished(s) &&
-		    !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
-		    !s->s3->renegotiate) {
-			ssl3_renegotiate(s);
-			if (ssl3_renegotiate_check(s)) {
-				i = s->handshake_func(s);
-				if (i < 0)
-					return (i);
-				if (i == 0) {
-					SSLerr(SSL_F_SSL3_READ_BYTES,
-					    SSL_R_SSL_HANDSHAKE_FAILURE);
-					return (-1);
-				}
-
-				if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-					if (s->s3->rbuf.left == 0) {
-						/* no read-ahead left? */
-						BIO *bio;
-			/* In the case where we try to read application data,
-			 * but we trigger an SSL handshake, we return -1 with
-			 * the retry option set.  Otherwise renegotiation may
-			 * cause nasty problems in the blocking world */
-						s->rwstate = SSL_READING;
-						bio = SSL_get_rbio(s);
-						BIO_clear_retry_flags(bio);
-						BIO_set_retry_read(bio);
-						return (-1);
-					}
-				}
-			}
-		}
-		/* we either finished a handshake or ignored the request,
-		 * now try again to obtain the (application) data we were asked for */
-		goto start;
-	}
-	/* If we are a server and get a client hello when renegotiation isn't
-	 * allowed send back a no renegotiation alert and carry on.
-	 * WARNING: experimental code, needs reviewing (steve)
-	 */
-	if (s->server &&
-	    SSL_is_init_finished(s) &&
-	    !s->s3->send_connection_binding &&
-	    (s->s3->handshake_fragment_len >= 4) &&
-	    (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
-	    (s->session != NULL) && (s->session->cipher != NULL)) {
-		/*s->s3->handshake_fragment_len = 0;*/
-		rr->length = 0;
-		ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
-		goto start;
-	}
-	if (s->s3->alert_fragment_len >= 2) {
-		int alert_level = s->s3->alert_fragment[0];
-		int alert_descr = s->s3->alert_fragment[1];
-
-		s->s3->alert_fragment_len = 0;
-
-		if (s->msg_callback)
-			s->msg_callback(0, s->version, SSL3_RT_ALERT,
-			    s->s3->alert_fragment, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb = s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb = s->ctx->info_callback;
-
-		if (cb != NULL) {
-			j = (alert_level << 8) | alert_descr;
-			cb(s, SSL_CB_READ_ALERT, j);
-		}
-
-		if (alert_level == 1) {
-			/* warning */
-			s->s3->warn_alert = alert_descr;
-			if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
-				s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-				return (0);
-			}
-			/* This is a warning but we receive it if we requested
-			 * renegotiation and the peer denied it. Terminate with
-			 * a fatal alert because if application tried to
-			 * renegotiatie it presumably had a good reason and
-			 * expects it to succeed.
-			 *
-			 * In future we might have a renegotiation where we
-			 * don't care if the peer refused it where we carry on.
-			 */
-			else if (alert_descr == SSL_AD_NO_RENEGOTIATION) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_READ_BYTES,
-				    SSL_R_NO_RENEGOTIATION);
-				goto f_err;
-			}
-		} else if (alert_level == 2) {
-			/* fatal */
-			s->rwstate = SSL_NOTHING;
-			s->s3->fatal_alert = alert_descr;
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_AD_REASON_OFFSET + alert_descr);
-			ERR_asprintf_error_data("SSL alert number %d",
-			    alert_descr);
-			s->shutdown |= SSL_RECEIVED_SHUTDOWN;
-			SSL_CTX_remove_session(s->ctx, s->session);
-			return (0);
-		} else {
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
-			goto f_err;
-		}
-
-		goto start;
-	}
-
-	if (s->shutdown & SSL_SENT_SHUTDOWN) {
-		/* but we have not received a shutdown */
-		s->rwstate = SSL_NOTHING;
-		rr->length = 0;
-		return (0);
-	}
-
-	if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-		/* 'Change Cipher Spec' is just a single byte, so we know
-		 * exactly what the record payload has to look like */
-		if ((rr->length != 1) || (rr->off != 0) ||
-			(rr->data[0] != SSL3_MT_CCS)) {
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_BAD_CHANGE_CIPHER_SPEC);
-			goto f_err;
-		}
-
-		/* Check we have a cipher to change to */
-		if (s->s3->tmp.new_cipher == NULL) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_CCS_RECEIVED_EARLY);
-			goto f_err;
-		}
-
-		/* Check that we should be receiving a Change Cipher Spec. */
-		if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_CCS_RECEIVED_EARLY);
-			goto f_err;
-		}
-		s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
-
-		rr->length = 0;
-
-		if (s->msg_callback) {
-			s->msg_callback(0, s->version,
-			    SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s,
-			    s->msg_callback_arg);
-		}
-
-		s->s3->change_cipher_spec = 1;
-		if (!ssl3_do_change_cipher_spec(s))
-			goto err;
-		else
-			goto start;
-	}
-
-	/* Unexpected handshake message (Client Hello, or protocol violation) */
-	if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) {
-		if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
-		    !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-			s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
-			s->renegotiate = 1;
-			s->new_session = 1;
-		}
-		i = s->handshake_func(s);
-		if (i < 0)
-			return (i);
-		if (i == 0) {
-			SSLerr(SSL_F_SSL3_READ_BYTES,
-			    SSL_R_SSL_HANDSHAKE_FAILURE);
-			return (-1);
-		}
-
-		if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
-			if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
-				BIO *bio;
-				/* In the case where we try to read application data,
-				 * but we trigger an SSL handshake, we return -1 with
-				 * the retry option set.  Otherwise renegotiation may
-				 * cause nasty problems in the blocking world */
-				s->rwstate = SSL_READING;
-				bio = SSL_get_rbio(s);
-				BIO_clear_retry_flags(bio);
-				BIO_set_retry_read(bio);
-				return (-1);
-			}
-		}
-		goto start;
-	}
-
-	switch (rr->type) {
-	default:
-		/*
-		 * TLS up to v1.1 just ignores unknown message types:
-		 * TLS v1.2 give an unexpected message alert.
-		 */
-		if (s->version >= TLS1_VERSION &&
-		    s->version <= TLS1_1_VERSION) {
-			rr->length = 0;
-			goto start;
-		}
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-		goto f_err;
-	case SSL3_RT_CHANGE_CIPHER_SPEC:
-	case SSL3_RT_ALERT:
-	case SSL3_RT_HANDSHAKE:
-		/* we already handled all of these, with the possible exception
-		 * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that
-		 * should not happen when type != rr->type */
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
-		goto f_err;
-	case SSL3_RT_APPLICATION_DATA:
-		/* At this point, we were expecting handshake data,
-		 * but have application data.  If the library was
-		 * running inside ssl3_read() (i.e. in_read_app_data
-		 * is set) and it makes sense to read application data
-		 * at this point (session renegotiation not yet started),
-		 * we will indulge it.
-		 */
-		if (s->s3->in_read_app_data &&
-		    (s->s3->total_renegotiations != 0) &&
-		    (((s->state & SSL_ST_CONNECT) &&
-		    (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-		    (s->state <= SSL3_ST_CR_SRVR_HELLO_A)) ||
-		    ((s->state & SSL_ST_ACCEPT) &&
-		    (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-		    (s->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
-			s->s3->in_read_app_data = 2;
-			return (-1);
-		} else {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
-			goto f_err;
-		}
-	}
-	/* not reached */
-
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	return (-1);
-}
-
-int
-ssl3_do_change_cipher_spec(SSL *s)
-{
-	int i;
-	const char *sender;
-	int slen;
-
-	if (s->state & SSL_ST_ACCEPT)
-		i = SSL3_CHANGE_CIPHER_SERVER_READ;
-	else
-		i = SSL3_CHANGE_CIPHER_CLIENT_READ;
-
-	if (s->s3->tmp.key_block == NULL) {
-		if (s->session == NULL || s->session->master_key_length == 0) {
-			/* might happen if dtls1_read_bytes() calls this */
-			SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
-			    SSL_R_CCS_RECEIVED_EARLY);
-			return (0);
-		}
-
-		s->session->cipher = s->s3->tmp.new_cipher;
-		if (!s->method->ssl3_enc->setup_key_block(s))
-			return (0);
-	}
-
-	if (!s->method->ssl3_enc->change_cipher_state(s, i))
-		return (0);
-
-	/* we have to record the message digest at
-	 * this point so we can get it before we read
-	 * the finished message */
-	if (s->state & SSL_ST_CONNECT) {
-		sender = s->method->ssl3_enc->server_finished_label;
-		slen = s->method->ssl3_enc->server_finished_label_len;
-	} else {
-		sender = s->method->ssl3_enc->client_finished_label;
-		slen = s->method->ssl3_enc->client_finished_label_len;
-	}
-
-	i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
-	    s->s3->tmp.peer_finish_md);
-	if (i == 0) {
-		SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
-		return 0;
-	}
-	s->s3->tmp.peer_finish_md_len = i;
-
-	return (1);
-}
-
-int
-ssl3_send_alert(SSL *s, int level, int desc)
-{
-	/* Map tls/ssl alert value to correct one */
-	desc = s->method->ssl3_enc->alert_value(desc);
-	if (desc < 0)
-		return -1;
-	/* If a fatal one, remove from cache */
-	if ((level == 2) && (s->session != NULL))
-		SSL_CTX_remove_session(s->ctx, s->session);
-
-	s->s3->alert_dispatch = 1;
-	s->s3->send_alert[0] = level;
-	s->s3->send_alert[1] = desc;
-	if (s->s3->wbuf.left == 0) /* data still being written out? */
-		return s->method->ssl_dispatch_alert(s);
-
-	/* else data is still being written out, we will get written
-	 * some time in the future */
-	return -1;
-}
-
-int
-ssl3_dispatch_alert(SSL *s)
-{
-	int i, j;
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-
-	s->s3->alert_dispatch = 0;
-	i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
-	if (i <= 0) {
-		s->s3->alert_dispatch = 1;
-	} else {
-		/* Alert sent to BIO.  If it is important, flush it now.
-		 * If the message does not get sent due to non-blocking IO,
-		 * we will not worry too much. */
-		if (s->s3->send_alert[0] == SSL3_AL_FATAL)
-			(void)BIO_flush(s->wbio);
-
-		if (s->msg_callback)
-			s->msg_callback(1, s->version, SSL3_RT_ALERT,
-			    s->s3->send_alert, 2, s, s->msg_callback_arg);
-
-		if (s->info_callback != NULL)
-			cb = s->info_callback;
-		else if (s->ctx->info_callback != NULL)
-			cb = s->ctx->info_callback;
-
-		if (cb != NULL) {
-			j = (s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
-			cb(s, SSL_CB_WRITE_ALERT, j);
-		}
-	}
-	return (i);
-}
diff --git a/lib/libssl/src/ssl/s3_srvr.c b/lib/libssl/src/ssl/s3_srvr.c
deleted file mode 100644
index 9fe96de53e1..00000000000
--- a/lib/libssl/src/ssl/s3_srvr.c
+++ /dev/null
@@ -1,2692 +0,0 @@
-/* $OpenBSD: s3_srvr.c,v 1.126 2016/05/30 13:42:54 beck Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bn.h>
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/dh.h>
-#ifndef OPENSSL_NO_GOST
-#include <openssl/gost.h>
-#endif
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-#include "bytestring.h"
-
-int
-ssl3_accept(SSL *s)
-{
-	unsigned long alg_k;
-	void (*cb)(const SSL *ssl, int type, int val) = NULL;
-	int ret = -1;
-	int new_state, state, skip = 0;
-
-	ERR_clear_error();
-	errno = 0;
-
-	if (s->info_callback != NULL)
-		cb = s->info_callback;
-	else if (s->ctx->info_callback != NULL)
-		cb = s->ctx->info_callback;
-
-	/* init things to blank */
-	s->in_handshake++;
-	if (!SSL_in_init(s) || SSL_in_before(s))
-		SSL_clear(s);
-
-	if (s->cert == NULL) {
-		SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
-		ret = -1;
-		goto end;
-	}
-
-	for (;;) {
-		state = s->state;
-
-		switch (s->state) {
-		case SSL_ST_RENEGOTIATE:
-			s->renegotiate = 1;
-			/* s->state=SSL_ST_ACCEPT; */
-
-		case SSL_ST_BEFORE:
-		case SSL_ST_ACCEPT:
-		case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		case SSL_ST_OK|SSL_ST_ACCEPT:
-
-			s->server = 1;
-			if (cb != NULL)
-				cb(s, SSL_CB_HANDSHAKE_START, 1);
-
-			if ((s->version >> 8) != 3) {
-				SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
-				ret = -1;
-				goto end;
-			}
-			s->type = SSL_ST_ACCEPT;
-
-			if (!ssl3_setup_init_buffer(s)) {
-				ret = -1;
-				goto end;
-			}
-			if (!ssl3_setup_buffers(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			s->init_num = 0;
-
-			if (s->state != SSL_ST_RENEGOTIATE) {
-				/*
-				 * Ok, we now need to push on a buffering BIO
-				 * so that the output is sent in a way that
-				 * TCP likes :-)
-				 */
-				if (!ssl_init_wbio_buffer(s, 1)) {
-					ret = -1;
-					goto end;
-				}
-
-				if (!tls1_init_finished_mac(s)) {
-					ret = -1;
-					goto end;
-				}
-
-				s->state = SSL3_ST_SR_CLNT_HELLO_A;
-				s->ctx->stats.sess_accept++;
-			} else if (!s->s3->send_connection_binding) {
-				/*
-				 * Server attempting to renegotiate with
-				 * client that doesn't support secure
-				 * renegotiation.
-				 */
-				SSLerr(SSL_F_SSL3_ACCEPT,
-				    SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-				ssl3_send_alert(s, SSL3_AL_FATAL,
-				    SSL_AD_HANDSHAKE_FAILURE);
-				ret = -1;
-				goto end;
-			} else {
-				/*
-				 * s->state == SSL_ST_RENEGOTIATE,
-				 * we will just send a HelloRequest
-				 */
-				s->ctx->stats.sess_accept_renegotiate++;
-				s->state = SSL3_ST_SW_HELLO_REQ_A;
-			}
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_A:
-		case SSL3_ST_SW_HELLO_REQ_B:
-
-			s->shutdown = 0;
-			ret = ssl3_send_hello_request(s);
-			if (ret <= 0)
-				goto end;
-			s->s3->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C;
-			s->state = SSL3_ST_SW_FLUSH;
-			s->init_num = 0;
-
-			if (!tls1_init_finished_mac(s)) {
-				ret = -1;
-				goto end;
-			}
-			break;
-
-		case SSL3_ST_SW_HELLO_REQ_C:
-			s->state = SSL_ST_OK;
-			break;
-
-		case SSL3_ST_SR_CLNT_HELLO_A:
-		case SSL3_ST_SR_CLNT_HELLO_B:
-		case SSL3_ST_SR_CLNT_HELLO_C:
-
-			s->shutdown = 0;
-			if (s->rwstate != SSL_X509_LOOKUP) {
-				ret = ssl3_get_client_hello(s);
-				if (ret <= 0)
-					goto end;
-			}
-
-			s->renegotiate = 2;
-			s->state = SSL3_ST_SW_SRVR_HELLO_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_SRVR_HELLO_A:
-		case SSL3_ST_SW_SRVR_HELLO_B:
-			ret = ssl3_send_server_hello(s);
-			if (ret <= 0)
-				goto end;
-			if (s->hit) {
-				if (s->tlsext_ticket_expected)
-					s->state = SSL3_ST_SW_SESSION_TICKET_A;
-				else
-					s->state = SSL3_ST_SW_CHANGE_A;
-			}
-			else
-				s->state = SSL3_ST_SW_CERT_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_A:
-		case SSL3_ST_SW_CERT_B:
-			/* Check if it is anon DH or anon ECDH. */
-			if (!(s->s3->tmp.new_cipher->algorithm_auth &
-			    SSL_aNULL)) {
-				ret = ssl3_send_server_certificate(s);
-				if (ret <= 0)
-					goto end;
-				if (s->tlsext_status_expected)
-					s->state = SSL3_ST_SW_CERT_STATUS_A;
-				else
-					s->state = SSL3_ST_SW_KEY_EXCH_A;
-			} else {
-				skip = 1;
-				s->state = SSL3_ST_SW_KEY_EXCH_A;
-			}
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_KEY_EXCH_A:
-		case SSL3_ST_SW_KEY_EXCH_B:
-			alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-			/*
-			 * Only send if using a DH key exchange.
-			 *
-			 * For ECC ciphersuites, we send a ServerKeyExchange
-			 * message only if the cipher suite is ECDHE. In other
-			 * cases, the server certificate contains the server's
-			 * public key for key exchange.
-			 */
-			if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
-				ret = ssl3_send_server_key_exchange(s);
-				if (ret <= 0)
-					goto end;
-			} else
-				skip = 1;
-
-			s->state = SSL3_ST_SW_CERT_REQ_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_REQ_A:
-		case SSL3_ST_SW_CERT_REQ_B:
-			/*
-			 * Determine whether or not we need to request a
-			 * certificate.
-			 *
-			 * Do not request a certificate if:
-			 *
-			 * - We did not ask for it (SSL_VERIFY_PEER is unset).
-			 *
-			 * - SSL_VERIFY_CLIENT_ONCE is set and we are
-			 *   renegotiating.
-			 *
-			 * - We are using an anonymous ciphersuites
-			 *   (see section "Certificate request" in SSL 3 drafts
-			 *   and in RFC 2246) ... except when the application
-			 *   insists on verification (against the specs, but
-			 *   s3_clnt.c accepts this for SSL 3).
-			 */
-			if (!(s->verify_mode & SSL_VERIFY_PEER) ||
-			    ((s->session->peer != NULL) &&
-			     (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
-			    ((s->s3->tmp.new_cipher->algorithm_auth &
-			     SSL_aNULL) && !(s->verify_mode &
-			     SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) {
-				/* No cert request */
-				skip = 1;
-				s->s3->tmp.cert_request = 0;
-				s->state = SSL3_ST_SW_SRVR_DONE_A;
-				if (s->s3->handshake_buffer) {
-					if (!tls1_digest_cached_records(s)) {
-						ret = -1;
-						goto end;
-					}
-				}
-			} else {
-				s->s3->tmp.cert_request = 1;
-				ret = ssl3_send_certificate_request(s);
-				if (ret <= 0)
-					goto end;
-				s->state = SSL3_ST_SW_SRVR_DONE_A;
-				s->init_num = 0;
-			}
-			break;
-
-		case SSL3_ST_SW_SRVR_DONE_A:
-		case SSL3_ST_SW_SRVR_DONE_B:
-			ret = ssl3_send_server_done(s);
-			if (ret <= 0)
-				goto end;
-			s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
-			s->state = SSL3_ST_SW_FLUSH;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_FLUSH:
-
-			/*
-			 * This code originally checked to see if
-			 * any data was pending using BIO_CTRL_INFO
-			 * and then flushed. This caused problems
-			 * as documented in PR#1939. The proposed
-			 * fix doesn't completely resolve this issue
-			 * as buggy implementations of BIO_CTRL_PENDING
-			 * still exist. So instead we just flush
-			 * unconditionally.
-			 */
-
-			s->rwstate = SSL_WRITING;
-			if (BIO_flush(s->wbio) <= 0) {
-				ret = -1;
-				goto end;
-			}
-			s->rwstate = SSL_NOTHING;
-
-			s->state = s->s3->tmp.next_state;
-			break;
-
-		case SSL3_ST_SR_CERT_A:
-		case SSL3_ST_SR_CERT_B:
-			if (s->s3->tmp.cert_request) {
-				ret = ssl3_get_client_certificate(s);
-				if (ret <= 0)
-					goto end;
-			}
-			s->init_num = 0;
-			s->state = SSL3_ST_SR_KEY_EXCH_A;
-			break;
-
-		case SSL3_ST_SR_KEY_EXCH_A:
-		case SSL3_ST_SR_KEY_EXCH_B:
-			ret = ssl3_get_client_key_exchange(s);
-			if (ret <= 0)
-				goto end;
-			alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-			if (ret == 2) {
-				/*
-				 * For the ECDH ciphersuites when
-				 * the client sends its ECDH pub key in
-				 * a certificate, the CertificateVerify
-				 * message is not sent.
-				 * Also for GOST ciphersuites when
-				 * the client uses its key from the certificate
-				 * for key exchange.
-				 */
-				if (s->s3->next_proto_neg_seen)
-					s->state = SSL3_ST_SR_NEXT_PROTO_A;
-				else
-					s->state = SSL3_ST_SR_FINISHED_A;
-				s->init_num = 0;
-			} else if (SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) {
-				s->state = SSL3_ST_SR_CERT_VRFY_A;
-				s->init_num = 0;
-				if (!s->session->peer)
-					break;
-				/*
-				 * For sigalgs freeze the handshake buffer
-				 * at this point and digest cached records.
-				 */
-				if (!s->s3->handshake_buffer) {
-					SSLerr(SSL_F_SSL3_ACCEPT,
-					    ERR_R_INTERNAL_ERROR);
-					ret = -1;
-					goto end;
-				}
-				s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
-				if (!tls1_digest_cached_records(s)) {
-					ret = -1;
-					goto end;
-				}
-			} else {
-				int offset = 0;
-				int dgst_num;
-
-				s->state = SSL3_ST_SR_CERT_VRFY_A;
-				s->init_num = 0;
-
-				/*
-				 * We need to get hashes here so if there is
-				 * a client cert, it can be verified
-				 * FIXME - digest processing for
-				 * CertificateVerify should be generalized.
-				 * But it is next step
-				 */
-				if (s->s3->handshake_buffer) {
-					if (!tls1_digest_cached_records(s)) {
-						ret = -1;
-						goto end;
-					}
-				}
-				for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST;
-				    dgst_num++)
-					if (s->s3->handshake_dgst[dgst_num]) {
-					int dgst_size;
-
-					s->method->ssl3_enc->cert_verify_mac(s,
-					    EVP_MD_CTX_type(
-					    s->s3->handshake_dgst[dgst_num]),
-					    &(s->s3->tmp.cert_verify_md[offset]));
-					dgst_size = EVP_MD_CTX_size(
-					    s->s3->handshake_dgst[dgst_num]);
-					if (dgst_size < 0) {
-						ret = -1;
-						goto end;
-					}
-					offset += dgst_size;
-				}
-			}
-			break;
-
-		case SSL3_ST_SR_CERT_VRFY_A:
-		case SSL3_ST_SR_CERT_VRFY_B:
-			s->s3->flags |= SSL3_FLAGS_CCS_OK;
-
-			/* we should decide if we expected this one */
-			ret = ssl3_get_cert_verify(s);
-			if (ret <= 0)
-				goto end;
-
-			if (s->s3->next_proto_neg_seen)
-				s->state = SSL3_ST_SR_NEXT_PROTO_A;
-			else
-				s->state = SSL3_ST_SR_FINISHED_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SR_NEXT_PROTO_A:
-		case SSL3_ST_SR_NEXT_PROTO_B:
-			ret = ssl3_get_next_proto(s);
-			if (ret <= 0)
-				goto end;
-			s->init_num = 0;
-			s->state = SSL3_ST_SR_FINISHED_A;
-			break;
-
-		case SSL3_ST_SR_FINISHED_A:
-		case SSL3_ST_SR_FINISHED_B:
-			s->s3->flags |= SSL3_FLAGS_CCS_OK;
-			ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
-			    SSL3_ST_SR_FINISHED_B);
-			if (ret <= 0)
-				goto end;
-			if (s->hit)
-				s->state = SSL_ST_OK;
-			else if (s->tlsext_ticket_expected)
-				s->state = SSL3_ST_SW_SESSION_TICKET_A;
-			else
-				s->state = SSL3_ST_SW_CHANGE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_SESSION_TICKET_A:
-		case SSL3_ST_SW_SESSION_TICKET_B:
-			ret = ssl3_send_newsession_ticket(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_CHANGE_A;
-			s->init_num = 0;
-			break;
-
-		case SSL3_ST_SW_CERT_STATUS_A:
-		case SSL3_ST_SW_CERT_STATUS_B:
-			ret = ssl3_send_cert_status(s);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_KEY_EXCH_A;
-			s->init_num = 0;
-			break;
-
-
-		case SSL3_ST_SW_CHANGE_A:
-		case SSL3_ST_SW_CHANGE_B:
-
-			s->session->cipher = s->s3->tmp.new_cipher;
-			if (!s->method->ssl3_enc->setup_key_block(s)) {
-				ret = -1;
-				goto end;
-			}
-
-			ret = ssl3_send_change_cipher_spec(s,
-			    SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
-
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_FINISHED_A;
-			s->init_num = 0;
-
-			if (!s->method->ssl3_enc->change_cipher_state(
-			    s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
-				ret = -1;
-				goto end;
-			}
-
-			break;
-
-		case SSL3_ST_SW_FINISHED_A:
-		case SSL3_ST_SW_FINISHED_B:
-			ret = ssl3_send_finished(s,
-			SSL3_ST_SW_FINISHED_A, SSL3_ST_SW_FINISHED_B,
-			s->method->ssl3_enc->server_finished_label,
-			s->method->ssl3_enc->server_finished_label_len);
-			if (ret <= 0)
-				goto end;
-			s->state = SSL3_ST_SW_FLUSH;
-			if (s->hit) {
-				if (s->s3->next_proto_neg_seen) {
-					s->s3->flags |= SSL3_FLAGS_CCS_OK;
-					s->s3->tmp.next_state =
-					    SSL3_ST_SR_NEXT_PROTO_A;
-				} else
-					s->s3->tmp.next_state =
-					    SSL3_ST_SR_FINISHED_A;
-			} else
-				s->s3->tmp.next_state = SSL_ST_OK;
-			s->init_num = 0;
-			break;
-
-		case SSL_ST_OK:
-			/* clean a few things up */
-			tls1_cleanup_key_block(s);
-
-			BUF_MEM_free(s->init_buf);
-			s->init_buf = NULL;
-
-			/* remove buffering on output */
-			ssl_free_wbio_buffer(s);
-
-			s->init_num = 0;
-
-			/* skipped if we just sent a HelloRequest */
-			if (s->renegotiate == 2) {
-				s->renegotiate = 0;
-				s->new_session = 0;
-
-				ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
-
-				s->ctx->stats.sess_accept_good++;
-				/* s->server=1; */
-				s->handshake_func = ssl3_accept;
-
-				if (cb != NULL)
-					cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-			}
-
-			ret = 1;
-			goto end;
-			/* break; */
-
-		default:
-			SSLerr(SSL_F_SSL3_ACCEPT,
-			    SSL_R_UNKNOWN_STATE);
-			ret = -1;
-			goto end;
-			/* break; */
-		}
-
-		if (!s->s3->tmp.reuse_message && !skip) {
-			if (s->debug) {
-				if ((ret = BIO_flush(s->wbio)) <= 0)
-					goto end;
-			}
-
-
-			if ((cb != NULL) && (s->state != state)) {
-				new_state = s->state;
-				s->state = state;
-				cb(s, SSL_CB_ACCEPT_LOOP, 1);
-				s->state = new_state;
-			}
-		}
-		skip = 0;
-	}
-end:
-	/* BIO_flush(s->wbio); */
-
-	s->in_handshake--;
-	if (cb != NULL)
-		cb(s, SSL_CB_ACCEPT_EXIT, ret);
-	return (ret);
-}
-
-int
-ssl3_send_hello_request(SSL *s)
-{
-	if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
-		ssl3_handshake_msg_start(s, SSL3_MT_HELLO_REQUEST);
-		ssl3_handshake_msg_finish(s, 0);
-
-		s->state = SSL3_ST_SW_HELLO_REQ_B;
-	}
-
-	/* SSL3_ST_SW_HELLO_REQ_B */
-	return (ssl3_handshake_write(s));
-}
-
-int
-ssl3_get_client_hello(SSL *s)
-{
-	int i, j, ok, al, ret = -1;
-	unsigned int cookie_len;
-	long n;
-	unsigned long id;
-	unsigned char *p, *d;
-	SSL_CIPHER *c;
-	STACK_OF(SSL_CIPHER) *ciphers = NULL;
-	unsigned long alg_k;
-
-	/*
-	 * We do this so that we will respond with our native type.
-	 * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
-	 * This down switching should be handled by a different method.
-	 * If we are SSLv3, we will respond with SSLv3, even if prompted with
-	 * TLSv1.
-	 */
-	if (s->state == SSL3_ST_SR_CLNT_HELLO_A) {
-		s->state = SSL3_ST_SR_CLNT_HELLO_B;
-	}
-	s->first_packet = 1;
-	n = s->method->ssl_get_message(s, SSL3_ST_SR_CLNT_HELLO_B,
-	    SSL3_ST_SR_CLNT_HELLO_C, SSL3_MT_CLIENT_HELLO,
-	    SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-
-	if (!ok)
-		return ((int)n);
-	s->first_packet = 0;
-	d = p = (unsigned char *)s->init_msg;
-
-	if (2 > n)
-		goto truncated;
-	/*
-	 * Use version from inside client hello, not from record header.
-	 * (may differ: see RFC 2246, Appendix E, second paragraph)
-	 */
-	s->client_version = (((int)p[0]) << 8)|(int)p[1];
-	p += 2;
-
-	if ((s->version == DTLS1_VERSION && s->client_version > s->version) ||
-	    (s->version != DTLS1_VERSION && s->client_version < s->version)) {
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-		    SSL_R_WRONG_VERSION_NUMBER);
-		if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
-			!s->enc_write_ctx && !s->write_hash) {
-			/*
-			 * Similar to ssl3_get_record, send alert using remote
-			 * version number
-			 */
-			s->version = s->client_version;
-		}
-		al = SSL_AD_PROTOCOL_VERSION;
-		goto f_err;
-	}
-
-	/*
-	 * If we require cookies and this ClientHello doesn't
-	 * contain one, just return since we do not want to
-	 * allocate any memory yet. So check cookie length...
-	 */
-	if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
-		unsigned int session_length, cookie_length;
-
-		session_length = *(p + SSL3_RANDOM_SIZE);
-		cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
-
-		if (cookie_length == 0)
-			return (1);
-	}
-
-	if (p + SSL3_RANDOM_SIZE + 1 - d > n)
-		goto truncated;
-
-	/* load the client random */
-	memcpy(s->s3->client_random, p, SSL3_RANDOM_SIZE);
-	p += SSL3_RANDOM_SIZE;
-
-	/* get the session-id */
-	j= *(p++);
-	if (p + j - d > n)
-		goto truncated;
-
-	s->hit = 0;
-	/*
-	 * Versions before 0.9.7 always allow clients to resume sessions in
-	 * renegotiation. 0.9.7 and later allow this by default, but optionally
-	 * ignore resumption requests with flag
-	 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag
-	 * rather than a change to default behavior so that applications
-	 * relying on this for security won't even compile against older
-	 * library versions).
-	 *
-	 * 1.0.1 and later also have a function SSL_renegotiate_abbreviated()
-	 * to request renegotiation but not a new session (s->new_session
-	 * remains unset): for servers, this essentially just means that the
-	 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be
-	 * ignored.
-	 */
-	if ((s->new_session && (s->options &
-	    SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
-		if (!ssl_get_new_session(s, 1))
-			goto err;
-	} else {
-		i = ssl_get_prev_session(s, p, j, d + n);
-		if (i == 1) { /* previous session */
-			s->hit = 1;
-		} else if (i == -1)
-			goto err;
-		else {
-			/* i == 0 */
-			if (!ssl_get_new_session(s, 1))
-				goto err;
-		}
-	}
-
-	p += j;
-
-	if (SSL_IS_DTLS(s)) {
-		/* cookie stuff */
-		if (p + 1 - d > n)
-			goto truncated;
-		cookie_len = *(p++);
-
-		/*
-		 * The ClientHello may contain a cookie even if the
-		 * HelloVerify message has not been sent--make sure that it
-		 * does not cause an overflow.
-		 */
-		if (cookie_len > sizeof(s->d1->rcvd_cookie)) {
-			/* too much data */
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-			    SSL_R_COOKIE_MISMATCH);
-			goto f_err;
-		}
-
-		if (p + cookie_len - d > n)
-			goto truncated;
-
-		/* verify the cookie if appropriate option is set. */
-		if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) &&
-		    cookie_len > 0) {
-			memcpy(s->d1->rcvd_cookie, p, cookie_len);
-
-			if (s->ctx->app_verify_cookie_cb != NULL) {
-				if (s->ctx->app_verify_cookie_cb(s,
-				    s->d1->rcvd_cookie, cookie_len) == 0) {
-					al = SSL_AD_HANDSHAKE_FAILURE;
-					SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-					    SSL_R_COOKIE_MISMATCH);
-					goto f_err;
-				}
-				/* else cookie verification succeeded */
-			} else if (timingsafe_memcmp(s->d1->rcvd_cookie, s->d1->cookie,
-			    s->d1->cookie_len) != 0) {
-				/* default verification */
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-				    SSL_R_COOKIE_MISMATCH);
-				goto f_err;
-			}
-
-			ret = 2;
-		}
-
-		p += cookie_len;
-	}
-
-	if (p + 2 - d > n)
-		goto truncated;
-	n2s(p, i);
-	if ((i == 0) && (j != 0)) {
-		/* we need a cipher if we are not resuming a session */
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-		    SSL_R_NO_CIPHERS_SPECIFIED);
-		goto f_err;
-	}
-	if (p + i - d > n)
-		goto truncated;
-	if (i > 0) {
-		if ((ciphers = ssl_bytes_to_cipher_list(s, p, i)) == NULL)
-			goto err;
-	}
-	p += i;
-
-	/* If it is a hit, check that the cipher is in the list */
-	if ((s->hit) && (i > 0)) {
-		j = 0;
-		id = s->session->cipher->id;
-
-		for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-			c = sk_SSL_CIPHER_value(ciphers, i);
-			if (c->id == id) {
-				j = 1;
-				break;
-			}
-		}
-		if (j == 0) {
-			/*
-			 * We need to have the cipher in the cipher
-			 * list if we are asked to reuse it
-			 */
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-			    SSL_R_REQUIRED_CIPHER_MISSING);
-			goto f_err;
-		}
-	}
-
-	/* compression */
-	if (p + 1 - d > n)
-		goto truncated;
-	i= *(p++);
-	if (p + i - d > n)
-		goto truncated;
-	for (j = 0; j < i; j++) {
-		if (p[j] == 0)
-			break;
-	}
-
-	p += i;
-	if (j >= i) {
-		/* no compress */
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-		    SSL_R_NO_COMPRESSION_SPECIFIED);
-		goto f_err;
-	}
-
-	/* TLS extensions*/
-	if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) {
-		/* 'al' set by ssl_parse_clienthello_tlsext */
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT);
-		goto f_err;
-	}
-	if (ssl_check_clienthello_tlsext_early(s) <= 0) {
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-		    SSL_R_CLIENTHELLO_TLSEXT);
-		goto err;
-	}
-
-	/*
-	 * Check if we want to use external pre-shared secret for this
-	 * handshake for not reused session only. We need to generate
-	 * server_random before calling tls_session_secret_cb in order to allow
-	 * SessionTicket processing to use it in key derivation.
-	 */
-	arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE);
-
-	if (!s->hit && s->tls_session_secret_cb) {
-		SSL_CIPHER *pref_cipher = NULL;
-
-		s->session->master_key_length = sizeof(s->session->master_key);
-		if (s->tls_session_secret_cb(s, s->session->master_key,
-		    &s->session->master_key_length, ciphers, &pref_cipher,
-		    s->tls_session_secret_cb_arg)) {
-			s->hit = 1;
-			s->session->ciphers = ciphers;
-			s->session->verify_result = X509_V_OK;
-
-			ciphers = NULL;
-
-			/* check if some cipher was preferred by call back */
-			pref_cipher = pref_cipher ? pref_cipher :
-			    ssl3_choose_cipher(s, s->session->ciphers,
-			    SSL_get_ciphers(s));
-			if (pref_cipher == NULL) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-				    SSL_R_NO_SHARED_CIPHER);
-				goto f_err;
-			}
-
-			s->session->cipher = pref_cipher;
-
-			if (s->cipher_list)
-				sk_SSL_CIPHER_free(s->cipher_list);
-
-			if (s->cipher_list_by_id)
-				sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
-			s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
-			s->cipher_list_by_id =
-			    sk_SSL_CIPHER_dup(s->session->ciphers);
-		}
-	}
-
-	/*
-	 * Given s->session->ciphers and SSL_get_ciphers, we must
-	 * pick a cipher
-	 */
-
-	if (!s->hit) {
-		if (s->session->ciphers != NULL)
-			sk_SSL_CIPHER_free(s->session->ciphers);
-		s->session->ciphers = ciphers;
-		if (ciphers == NULL) {
-			al = SSL_AD_ILLEGAL_PARAMETER;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-			    SSL_R_NO_CIPHERS_PASSED);
-			goto f_err;
-		}
-		ciphers = NULL;
-		c = ssl3_choose_cipher(s, s->session->ciphers,
-		SSL_get_ciphers(s));
-
-		if (c == NULL) {
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
-			    SSL_R_NO_SHARED_CIPHER);
-			goto f_err;
-		}
-		s->s3->tmp.new_cipher = c;
-	} else {
-		s->s3->tmp.new_cipher = s->session->cipher;
-	}
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	if (!(SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) ||
-	    !(s->verify_mode & SSL_VERIFY_PEER)) {
-		if (!tls1_digest_cached_records(s)) {
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-	}
-
-	/*
-	 * We now have the following setup.
-	 * client_random
-	 * cipher_list 		- our prefered list of ciphers
-	 * ciphers 		- the clients prefered list of ciphers
-	 * compression		- basically ignored right now
-	 * ssl version is set	- sslv3
-	 * s->session		- The ssl session has been setup.
-	 * s->hit		- session reuse flag
-	 * s->tmp.new_cipher	- the new cipher to use.
-	 */
-
-	/* Handles TLS extensions that we couldn't check earlier */
-	if (ssl_check_clienthello_tlsext_late(s) <= 0) {
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
-		goto err;
-	}
-
-	if (ret < 0)
-		ret = 1;
-	if (0) {
-truncated:
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_BAD_PACKET_LENGTH);
-f_err:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	}
-err:
-	if (ciphers != NULL)
-		sk_SSL_CIPHER_free(ciphers);
-	return (ret);
-}
-
-int
-ssl3_send_server_hello(SSL *s)
-{
-	unsigned char *bufend;
-	unsigned char *p, *d;
-	int sl;
-
-	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
-		d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO);
-
-		*(p++) = s->version >> 8;
-		*(p++) = s->version & 0xff;
-
-		/* Random stuff */
-		memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
-		p += SSL3_RANDOM_SIZE;
-
-		/*
-		 * There are several cases for the session ID to send
-		 * back in the server hello:
-		 *
-		 * - For session reuse from the session cache,
-		 *   we send back the old session ID.
-		 * - If stateless session reuse (using a session ticket)
-		 *   is successful, we send back the client's "session ID"
-		 *   (which doesn't actually identify the session).
-		 * - If it is a new session, we send back the new
-		 *   session ID.
-		 * - However, if we want the new session to be single-use,
-		 *   we send back a 0-length session ID.
-		 *
-		 * s->hit is non-zero in either case of session reuse,
-		 * so the following won't overwrite an ID that we're supposed
-		 * to send back.
-		 */
-		if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
-		    && !s->hit)
-			s->session->session_id_length = 0;
-
-		sl = s->session->session_id_length;
-		if (sl > (int)sizeof(s->session->session_id)) {
-			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,
-			    ERR_R_INTERNAL_ERROR);
-			return (-1);
-		}
-		*(p++) = sl;
-		memcpy(p, s->session->session_id, sl);
-		p += sl;
-
-		/* put the cipher */
-		s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
-
-		/* put the compression method */
-		*(p++) = 0;
-
-		bufend = (unsigned char *)s->init_buf->data +
-		    SSL3_RT_MAX_PLAIN_LENGTH;
-		if ((p = ssl_add_serverhello_tlsext(s, p, bufend)) == NULL) {
-			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,
-			    ERR_R_INTERNAL_ERROR);
-			return (-1);
-		}
-
-		ssl3_handshake_msg_finish(s, p - d);
-	}
-
-	/* SSL3_ST_SW_SRVR_HELLO_B */
-	return (ssl3_handshake_write(s));
-}
-
-int
-ssl3_send_server_done(SSL *s)
-{
-	if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
-		ssl3_handshake_msg_start(s, SSL3_MT_SERVER_DONE);
-		ssl3_handshake_msg_finish(s, 0);
-
-		s->state = SSL3_ST_SW_SRVR_DONE_B;
-	}
-
-	/* SSL3_ST_SW_SRVR_DONE_B */
-	return (ssl3_handshake_write(s));
-}
-
-int
-ssl3_send_server_key_exchange(SSL *s)
-{
-	unsigned char *q;
-	int j, num;
-	unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
-	unsigned int u;
-	DH *dh = NULL, *dhp;
-	EC_KEY *ecdh = NULL, *ecdhp;
-	unsigned char *encodedPoint = NULL;
-	int encodedlen = 0;
-	int curve_id = 0;
-	BN_CTX *bn_ctx = NULL;
-
-	EVP_PKEY *pkey;
-	const EVP_MD *md = NULL;
-	unsigned char *p, *d;
-	int al, i;
-	unsigned long type;
-	int n;
-	CERT *cert;
-	BIGNUM *r[4];
-	int nr[4], kn;
-	BUF_MEM *buf;
-	EVP_MD_CTX md_ctx;
-
-	EVP_MD_CTX_init(&md_ctx);
-	if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
-		type = s->s3->tmp.new_cipher->algorithm_mkey;
-		cert = s->cert;
-
-		buf = s->init_buf;
-
-		r[0] = r[1] = r[2] = r[3] = NULL;
-		n = 0;
-		if (type & SSL_kDHE) {
-			if (s->cert->dh_tmp_auto != 0) {
-				if ((dhp = ssl_get_auto_dh(s)) == NULL) {
-					al = SSL_AD_INTERNAL_ERROR;
-					SSLerr(
-					    SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-					    ERR_R_INTERNAL_ERROR);
-					goto f_err;
-				}
-			} else
-				dhp = cert->dh_tmp;
-
-			if (dhp == NULL && s->cert->dh_tmp_cb != NULL)
-				dhp = s->cert->dh_tmp_cb(s, 0,
-				    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
-
-			if (dhp == NULL) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    SSL_R_MISSING_TMP_DH_KEY);
-				goto f_err;
-			}
-
-			if (s->s3->tmp.dh != NULL) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-
-			if (s->cert->dh_tmp_auto != 0) {
-				dh = dhp;
-			} else if ((dh = DHparams_dup(dhp)) == NULL) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_DH_LIB);
-				goto err;
-			}
-			s->s3->tmp.dh = dh;
-			if (!DH_generate_key(dh)) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_DH_LIB);
-				goto err;
-			}
-			r[0] = dh->p;
-			r[1] = dh->g;
-			r[2] = dh->pub_key;
-		} else if (type & SSL_kECDHE) {
-			const EC_GROUP *group;
-
-			ecdhp = cert->ecdh_tmp;
-			if (s->cert->ecdh_tmp_auto != 0) {
-				int nid = tls1_get_shared_curve(s);
-				if (nid != NID_undef)
-					ecdhp = EC_KEY_new_by_curve_name(nid);
-			} else if (ecdhp == NULL &&
-			    s->cert->ecdh_tmp_cb != NULL) {
-				ecdhp = s->cert->ecdh_tmp_cb(s, 0,
-				    SSL_C_PKEYLENGTH(s->s3->tmp.new_cipher));
-			}
-			if (ecdhp == NULL) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    SSL_R_MISSING_TMP_ECDH_KEY);
-				goto f_err;
-			}
-
-			if (s->s3->tmp.ecdh != NULL) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_INTERNAL_ERROR);
-				goto err;
-			}
-
-			/* Duplicate the ECDH structure. */
-			if (s->cert->ecdh_tmp_auto != 0) {
-				ecdh = ecdhp;
-			} else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_ECDH_LIB);
-				goto err;
-			}
-			s->s3->tmp.ecdh = ecdh;
-
-			if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
-			    (EC_KEY_get0_private_key(ecdh) == NULL) ||
-			    (s->options & SSL_OP_SINGLE_ECDH_USE)) {
-				if (!EC_KEY_generate_key(ecdh)) {
-					SSLerr(
-					    SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-					    ERR_R_ECDH_LIB);
-					goto err;
-				}
-			}
-
-			if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
-			    (EC_KEY_get0_public_key(ecdh)  == NULL) ||
-			    (EC_KEY_get0_private_key(ecdh) == NULL)) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_ECDH_LIB);
-				goto err;
-			}
-
-			/*
-			 * XXX: For now, we only support ephemeral ECDH
-			 * keys over named (not generic) curves. For
-			 * supported named curves, curve_id is non-zero.
-			 */
-			if ((curve_id = tls1_ec_nid2curve_id(
-			    EC_GROUP_get_curve_name(group))) == 0) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
-				goto err;
-			}
-
-			/*
-			 * Encode the public key.
-			 * First check the size of encoding and
-			 * allocate memory accordingly.
-			 */
-			encodedlen = EC_POINT_point2oct(group,
-			    EC_KEY_get0_public_key(ecdh),
-			    POINT_CONVERSION_UNCOMPRESSED,
-			    NULL, 0, NULL);
-
-			encodedPoint = malloc(encodedlen);
-
-			bn_ctx = BN_CTX_new();
-			if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-
-
-			encodedlen = EC_POINT_point2oct(group,
-			    EC_KEY_get0_public_key(ecdh),
-			    POINT_CONVERSION_UNCOMPRESSED,
-			    encodedPoint, encodedlen, bn_ctx);
-
-			if (encodedlen == 0) {
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    ERR_R_ECDH_LIB);
-				goto err;
-			}
-
-			BN_CTX_free(bn_ctx);
-			bn_ctx = NULL;
-
-			/*
-			 * XXX: For now, we only support named (not
-			 * generic) curves in ECDH ephemeral key exchanges.
-			 * In this situation, we need four additional bytes
-			 * to encode the entire ServerECDHParams
-			 * structure.
-			 */
-			n = 4 + encodedlen;
-
-			/*
-			 * We'll generate the serverKeyExchange message
-			 * explicitly so we can set these to NULLs
-			 */
-			r[0] = NULL;
-			r[1] = NULL;
-			r[2] = NULL;
-			r[3] = NULL;
-		} else
-		{
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-			    SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
-			goto f_err;
-		}
-		for (i = 0; i < 4 && r[i] != NULL; i++) {
-			nr[i] = BN_num_bytes(r[i]);
-			n += 2 + nr[i];
-		}
-
-		if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)) {
-			if ((pkey = ssl_get_sign_pkey(
-			    s, s->s3->tmp.new_cipher, &md)) == NULL) {
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-			}
-			kn = EVP_PKEY_size(pkey);
-		} else {
-			pkey = NULL;
-			kn = 0;
-		}
-
-		if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) +
-		    n + kn)) {
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-			    ERR_LIB_BUF);
-			goto err;
-		}
-
-		d = p = ssl3_handshake_msg_start(s,
-		    SSL3_MT_SERVER_KEY_EXCHANGE);
-
-		for (i = 0; i < 4 && r[i] != NULL; i++) {
-			s2n(nr[i], p);
-			BN_bn2bin(r[i], p);
-			p += nr[i];
-		}
-
-		if (type & SSL_kECDHE) {
-			/*
-			 * XXX: For now, we only support named (not generic)
-			 * curves.
-			 * In this situation, the serverKeyExchange message has:
-			 * [1 byte CurveType], [2 byte CurveName]
-			 * [1 byte length of encoded point], followed by
-			 * the actual encoded point itself
-			 */
-			*p = NAMED_CURVE_TYPE;
-			p += 1;
-			*p = 0;
-			p += 1;
-			*p = curve_id;
-			p += 1;
-			*p = encodedlen;
-			p += 1;
-			memcpy((unsigned char*)p,
-			    (unsigned char *)encodedPoint, encodedlen);
-			free(encodedPoint);
-			encodedPoint = NULL;
-			p += encodedlen;
-		}
-
-
-		/* not anonymous */
-		if (pkey != NULL) {
-			/*
-			 * n is the length of the params, they start at &(d[4])
-			 * and p points to the space at the end.
-			 */
-			if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
-				q = md_buf;
-				j = 0;
-				for (num = 2; num > 0; num--) {
-					if (!EVP_DigestInit_ex(&md_ctx,
-					    (num == 2) ? s->ctx->md5 :
-					    s->ctx->sha1, NULL))
-						goto err;
-					EVP_DigestUpdate(&md_ctx,
-					    s->s3->client_random,
-					    SSL3_RANDOM_SIZE);
-					EVP_DigestUpdate(&md_ctx,
-					    s->s3->server_random,
-					    SSL3_RANDOM_SIZE);
-					EVP_DigestUpdate(&md_ctx, d, n);
-					EVP_DigestFinal_ex(&md_ctx, q,
-					    (unsigned int *)&i);
-					q += i;
-					j += i;
-				}
-				if (RSA_sign(NID_md5_sha1, md_buf, j,
-				    &(p[2]), &u, pkey->pkey.rsa) <= 0) {
-					SSLerr(
-					    SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-					    ERR_LIB_RSA);
-					goto err;
-				}
-				s2n(u, p);
-				n += u + 2;
-			} else if (md) {
-				/* Send signature algorithm. */
-				if (SSL_USE_SIGALGS(s)) {
-					if (!tls12_get_sigandhash(p, pkey, md)) {
-						/* Should never happen */
-						al = SSL_AD_INTERNAL_ERROR;
-						SSLerr(
-						    SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-						    ERR_R_INTERNAL_ERROR);
-						goto f_err;
-					}
-					p += 2;
-				}
-				EVP_SignInit_ex(&md_ctx, md, NULL);
-				EVP_SignUpdate(&md_ctx,
-				    s->s3->client_random,
-				    SSL3_RANDOM_SIZE);
-				EVP_SignUpdate(&md_ctx,
-				    s->s3->server_random,
-				    SSL3_RANDOM_SIZE);
-				EVP_SignUpdate(&md_ctx, d, n);
-				if (!EVP_SignFinal(&md_ctx, &p[2],
-					(unsigned int *)&i, pkey)) {
-					SSLerr(
-					    SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-					    ERR_LIB_EVP);
-					goto err;
-				}
-				s2n(i, p);
-				n += i + 2;
-				if (SSL_USE_SIGALGS(s))
-					n += 2;
-			} else {
-				/* Is this error check actually needed? */
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
-				    SSL_R_UNKNOWN_PKEY_TYPE);
-				goto f_err;
-			}
-		}
-
-		ssl3_handshake_msg_finish(s, n);
-	}
-
-	s->state = SSL3_ST_SW_KEY_EXCH_B;
-	EVP_MD_CTX_cleanup(&md_ctx);
-
-	return (ssl3_handshake_write(s));
-	
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	free(encodedPoint);
-	BN_CTX_free(bn_ctx);
-	EVP_MD_CTX_cleanup(&md_ctx);
-	return (-1);
-}
-
-int
-ssl3_send_certificate_request(SSL *s)
-{
-	unsigned char *p, *d;
-	int i, j, nl, off, n;
-	STACK_OF(X509_NAME) *sk = NULL;
-	X509_NAME *name;
-	BUF_MEM *buf;
-
-	if (s->state == SSL3_ST_SW_CERT_REQ_A) {
-		buf = s->init_buf;
-
-		d = p = ssl3_handshake_msg_start(s,
-		    SSL3_MT_CERTIFICATE_REQUEST);
-
-		/* get the list of acceptable cert types */
-		p++;
-		n = ssl3_get_req_cert_type(s, p);
-		d[0] = n;
-		p += n;
-		n++;
-
-		if (SSL_USE_SIGALGS(s)) {
-			nl = tls12_get_req_sig_algs(s, p + 2);
-			s2n(nl, p);
-			p += nl + 2;
-			n += nl + 2;
-		}
-
-		off = n;
-		p += 2;
-		n += 2;
-
-		sk = SSL_get_client_CA_list(s);
-		nl = 0;
-		if (sk != NULL) {
-			for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-				name = sk_X509_NAME_value(sk, i);
-				j = i2d_X509_NAME(name, NULL);
-				if (!BUF_MEM_grow_clean(buf,
-				    ssl3_handshake_msg_hdr_len(s) + n + j
-				    + 2)) {
-					SSLerr(
-					    SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
-					    ERR_R_BUF_LIB);
-					goto err;
-				}
-				p = ssl3_handshake_msg_start(s,
-				    SSL3_MT_CERTIFICATE_REQUEST) + n;
-				s2n(j, p);
-				i2d_X509_NAME(name, &p);
-				n += 2 + j;
-				nl += 2 + j;
-			}
-		}
-		/* else no CA names */
-		p = ssl3_handshake_msg_start(s,
-		    SSL3_MT_CERTIFICATE_REQUEST) + off;
-		s2n(nl, p);
-
-		ssl3_handshake_msg_finish(s, n);
-
-		s->state = SSL3_ST_SW_CERT_REQ_B;
-	}
-
-	/* SSL3_ST_SW_CERT_REQ_B */
-	return (ssl3_handshake_write(s));
-err:
-	return (-1);
-}
-
-int
-ssl3_get_client_key_exchange(SSL *s)
-{
-	int i, al, ok;
-	long n;
-	unsigned long alg_k;
-	unsigned char *d, *p;
-	RSA *rsa = NULL;
-	EVP_PKEY *pkey = NULL;
-	BIGNUM *pub = NULL;
-	DH *dh_srvr;
-
-	EC_KEY *srvr_ecdh = NULL;
-	EVP_PKEY *clnt_pub_pkey = NULL;
-	EC_POINT *clnt_ecpoint = NULL;
-	BN_CTX *bn_ctx = NULL;
-
-	/* 2048 maxlen is a guess.  How long a key does that permit? */
-	n = s->method->ssl_get_message(s, SSL3_ST_SR_KEY_EXCH_A,
-	    SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
-	if (!ok)
-		return ((int)n);
-	d = p = (unsigned char *)s->init_msg;
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-
-	if (alg_k & SSL_kRSA) {
-		char fakekey[SSL_MAX_MASTER_KEY_LENGTH];
-
-		arc4random_buf(fakekey, sizeof(fakekey));
-		fakekey[0] = s->client_version >> 8;
-		fakekey[1] = s->client_version & 0xff;
-
-		pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
-		if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
-		    (pkey->pkey.rsa == NULL)) {
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_MISSING_RSA_CERTIFICATE);
-			goto f_err;
-		}
-		rsa = pkey->pkey.rsa;
-
-		if (2 > n)
-			goto truncated;
-		n2s(p, i);
-		if (n != i + 2) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
-			goto err;
-		} else
-			n = i;
-
-		i = RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
-
-		ERR_clear_error();
-
-		al = -1;
-
-		if (i != SSL_MAX_MASTER_KEY_LENGTH) {
-			al = SSL_AD_DECODE_ERROR;
-			/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */
-		}
-
-		if (p + 2 - d > n)	/* needed in the SSL3 case */
-			goto truncated;
-		if ((al == -1) && !((p[0] == (s->client_version >> 8)) &&
-		    (p[1] == (s->client_version & 0xff)))) {
-			/*
-			 * The premaster secret must contain the same version
-			 * number as the ClientHello to detect version rollback
-			 * attacks (strangely, the protocol does not offer such
-			 * protection for DH ciphersuites).
-			 * However, buggy clients exist that send the negotiated
-			 * protocol version instead if the server does not
-			 * support the requested protocol version.
-			 * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
-			 * clients.
-			 */
-			if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) &&
-			    (p[0] == (s->version >> 8)) &&
-			    (p[1] == (s->version & 0xff)))) {
-				al = SSL_AD_DECODE_ERROR;
-				/* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
-
-				/*
-				 * The Klima-Pokorny-Rosa extension of
-				 * Bleichenbacher's attack
-				 * (http://eprint.iacr.org/2003/052/) exploits
-				 * the version number check as a "bad version
-				 * oracle" -- an alert would reveal that the
-				 * plaintext corresponding to some ciphertext
-				 * made up by the adversary is properly
-				 * formatted except that the version number is
-				 * wrong.
-				 * To avoid such attacks, we should treat this
-				 * just like any other decryption error.
-				 */
-			}
-		}
-
-		if (al != -1) {
-			/*
-			 * Some decryption failure -- use random value instead
-			 * as countermeasure against Bleichenbacher's attack
-			 * on PKCS #1 v1.5 RSA padding (see RFC 2246,
-			 * section 7.4.7.1).
-			 */
-			i = SSL_MAX_MASTER_KEY_LENGTH;
-			p = fakekey;
-		}
-
-		s->session->master_key_length =
-		    s->method->ssl3_enc->generate_master_secret(s,
-		    s->session->master_key,
-		    p, i);
-		explicit_bzero(p, i);
-	} else if (alg_k & SSL_kDHE) {
-		if (2 > n)
-			goto truncated;
-		n2s(p, i);
-		if (n != i + 2) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
-			goto err;
-		}
-
-		if (n == 0L) {
-			/* the parameters are in the cert */
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_UNABLE_TO_DECODE_DH_CERTS);
-			goto f_err;
-		} else {
-			if (s->s3->tmp.dh == NULL) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    SSL_R_MISSING_TMP_DH_KEY);
-				goto f_err;
-			} else
-				dh_srvr = s->s3->tmp.dh;
-		}
-
-		pub = BN_bin2bn(p, i, NULL);
-		if (pub == NULL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_BN_LIB);
-			goto err;
-		}
-
-		i = DH_compute_key(p, pub, dh_srvr);
-
-		if (i <= 0) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_DH_LIB);
-			BN_clear_free(pub);
-			goto err;
-		}
-
-		DH_free(s->s3->tmp.dh);
-		s->s3->tmp.dh = NULL;
-
-		BN_clear_free(pub);
-		pub = NULL;
-		s->session->master_key_length =
-		    s->method->ssl3_enc->generate_master_secret(
-		        s, s->session->master_key, p, i);
-		explicit_bzero(p, i);
-	} else
-
-	if (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) {
-		int ret = 1;
-		int key_size;
-		const EC_KEY   *tkey;
-		const EC_GROUP *group;
-		const BIGNUM *priv_key;
-
-		/* Initialize structures for server's ECDH key pair. */
-		if ((srvr_ecdh = EC_KEY_new()) == NULL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		/* Let's get server private key and group information. */
-		if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
-			/* Use the certificate */
-			tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
-		} else {
-			/*
-			 * Use the ephermeral values we saved when
-			 * generating the ServerKeyExchange msg.
-			 */
-			tkey = s->s3->tmp.ecdh;
-		}
-
-		group = EC_KEY_get0_group(tkey);
-		priv_key = EC_KEY_get0_private_key(tkey);
-
-		if (!EC_KEY_set_group(srvr_ecdh, group) ||
-		    !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_EC_LIB);
-			goto err;
-		}
-
-		/* Let's get client's public key */
-		if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-
-		if (n == 0L) {
-			/* Client Publickey was in Client Certificate */
-
-			if (alg_k & SSL_kECDHE) {
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    SSL_R_MISSING_TMP_ECDH_KEY);
-				goto f_err;
-			}
-			if (((clnt_pub_pkey = X509_get_pubkey(
-			    s->session->peer)) == NULL) ||
-			    (clnt_pub_pkey->type != EVP_PKEY_EC)) {
-				/*
-				 * XXX: For now, we do not support client
-				 * authentication using ECDH certificates
-				 * so this branch (n == 0L) of the code is
-				 * never executed. When that support is
-				 * added, we ought to ensure the key
-				 * received in the certificate is
-				 * authorized for key agreement.
-				 * ECDH_compute_key implicitly checks that
-				 * the two ECDH shares are for the same
-				 * group.
-				 */
-				al = SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
-				goto f_err;
-			}
-
-			if (EC_POINT_copy(clnt_ecpoint,
-			    EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec))
-			    == 0) {
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    ERR_R_EC_LIB);
-				goto err;
-			}
-			ret = 2; /* Skip certificate verify processing */
-		} else {
-			/*
-			 * Get client's public key from encoded point
-			 * in the ClientKeyExchange message.
-			 */
-			if ((bn_ctx = BN_CTX_new()) == NULL) {
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-
-			/* Get encoded point length */
-			i = *p;
-
-			p += 1;
-			if (n != 1 + i) {
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    ERR_R_EC_LIB);
-				goto err;
-			}
-			if (EC_POINT_oct2point(group,
-				clnt_ecpoint, p, i, bn_ctx) == 0) {
-				SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-				    ERR_R_EC_LIB);
-				goto err;
-			}
-			/*
-			 * p is pointing to somewhere in the buffer
-			 * currently, so set it to the start.
-			 */
-			p = (unsigned char *)s->init_buf->data;
-		}
-
-		/* Compute the shared pre-master secret */
-		key_size = ECDH_size(srvr_ecdh);
-		if (key_size <= 0) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_ECDH_LIB);
-			goto err;
-		}
-		i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh,
-		    NULL);
-		if (i <= 0) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    ERR_R_ECDH_LIB);
-			goto err;
-		}
-
-		EVP_PKEY_free(clnt_pub_pkey);
-		EC_POINT_free(clnt_ecpoint);
-		EC_KEY_free(srvr_ecdh);
-		BN_CTX_free(bn_ctx);
-		EC_KEY_free(s->s3->tmp.ecdh);
-		s->s3->tmp.ecdh = NULL;
-
-
-		/* Compute the master secret */
-		s->session->master_key_length = s->method->ssl3_enc-> \
-		    generate_master_secret(s, s->session->master_key, p, i);
-
-		explicit_bzero(p, i);
-		return (ret);
-	} else
-	if (alg_k & SSL_kGOST) {
-		int ret = 0;
-		EVP_PKEY_CTX *pkey_ctx;
-		EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
-		unsigned char premaster_secret[32], *start;
-		size_t outlen = 32, inlen;
-		unsigned long alg_a;
-		int Ttag, Tclass;
-		long Tlen;
-
-		/* Get our certificate private key*/
-		alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-		if (alg_a & SSL_aGOST01)
-			pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
-
-		pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
-		EVP_PKEY_decrypt_init(pkey_ctx);
-		/*
-		 * If client certificate is present and is of the same type,
-		 * maybe use it for key exchange.
-		 * Don't mind errors from EVP_PKEY_derive_set_peer, because
-		 * it is completely valid to use a client certificate for
-		 * authorization only.
-		 */
-		client_pub_pkey = X509_get_pubkey(s->session->peer);
-		if (client_pub_pkey) {
-			if (EVP_PKEY_derive_set_peer(pkey_ctx,
-			    client_pub_pkey) <= 0)
-				ERR_clear_error();
-		}
-		if (2 > n)
-			goto truncated;
-		/* Decrypt session key */
-		if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
-		    &Tclass, n) != V_ASN1_CONSTRUCTED ||
-		    Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_DECRYPTION_FAILED);
-			goto gerr;
-		}
-		start = p;
-		inlen = Tlen;
-		if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
-		    start, inlen) <=0) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_DECRYPTION_FAILED);
-			goto gerr;
-		}
-		/* Generate master secret */
-		s->session->master_key_length =
-		    s->method->ssl3_enc->generate_master_secret(
-		    s, s->session->master_key, premaster_secret, 32);
-		/* Check if pubkey from client certificate was used */
-		if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, -1,
-		    EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
-			ret = 2;
-		else
-			ret = 1;
-gerr:
-		EVP_PKEY_free(client_pub_pkey);
-		EVP_PKEY_CTX_free(pkey_ctx);
-		if (ret)
-			return (ret);
-		else
-			goto err;
-	} else {
-		al = SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-		    SSL_R_UNKNOWN_CIPHER_TYPE);
-		goto f_err;
-	}
-
-	return (1);
-truncated:
-	al = SSL_AD_DECODE_ERROR;
-	SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH);
-f_err:
-	ssl3_send_alert(s, SSL3_AL_FATAL, al);
-err:
-	EVP_PKEY_free(clnt_pub_pkey);
-	EC_POINT_free(clnt_ecpoint);
-	EC_KEY_free(srvr_ecdh);
-	BN_CTX_free(bn_ctx);
-	return (-1);
-}
-
-int
-ssl3_get_cert_verify(SSL *s)
-{
-	EVP_PKEY *pkey = NULL;
-	unsigned char *p;
-	int al, ok, ret = 0;
-	long n;
-	int type = 0, i, j;
-	X509 *peer;
-	const EVP_MD *md = NULL;
-	EVP_MD_CTX mctx;
-	EVP_MD_CTX_init(&mctx);
-
-	n = s->method->ssl_get_message(s, SSL3_ST_SR_CERT_VRFY_A,
-	    SSL3_ST_SR_CERT_VRFY_B, -1, SSL3_RT_MAX_PLAIN_LENGTH, &ok);
-	if (!ok)
-		return ((int)n);
-
-	if (s->session->peer != NULL) {
-		peer = s->session->peer;
-		pkey = X509_get_pubkey(peer);
-		type = X509_certificate_type(peer, pkey);
-	} else {
-		peer = NULL;
-		pkey = NULL;
-	}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
-		s->s3->tmp.reuse_message = 1;
-		if (peer != NULL) {
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_MISSING_VERIFY_MESSAGE);
-			goto f_err;
-		}
-		ret = 1;
-		goto end;
-	}
-
-	if (peer == NULL) {
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-		    SSL_R_NO_CLIENT_CERT_RECEIVED);
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		goto f_err;
-	}
-
-	if (!(type & EVP_PKT_SIGN)) {
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-		    SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
-		al = SSL_AD_ILLEGAL_PARAMETER;
-		goto f_err;
-	}
-
-	if (s->s3->change_cipher_spec) {
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-		    SSL_R_CCS_RECEIVED_EARLY);
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		goto f_err;
-	}
-
-	/* we now have a signature that we need to verify */
-	p = (unsigned char *)s->init_msg;
-	/*
-	 * Check for broken implementations of GOST ciphersuites.
-	 *
-	 * If key is GOST and n is exactly 64, it is a bare
-	 * signature without length field.
-	 */
-	if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
-	    pkey->type == NID_id_GostR3410_2001) ) {
-		i = 64;
-	} else {
-		if (SSL_USE_SIGALGS(s)) {
-			int sigalg = tls12_get_sigid(pkey);
-			/* Should never happen */
-			if (sigalg == -1) {
-				SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-				    ERR_R_INTERNAL_ERROR);
-				al = SSL_AD_INTERNAL_ERROR;
-				goto f_err;
-			}
-			if (2 > n)
-				goto truncated;
-			/* Check key type is consistent with signature */
-			if (sigalg != (int)p[1]) {
-				SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-				    SSL_R_WRONG_SIGNATURE_TYPE);
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-			}
-			md = tls12_get_hash(p[0]);
-			if (md == NULL) {
-				SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-				    SSL_R_UNKNOWN_DIGEST);
-				al = SSL_AD_DECODE_ERROR;
-				goto f_err;
-			}
-			p += 2;
-			n -= 2;
-		}
-		if (2 > n)
-			goto truncated;
-		n2s(p, i);
-		n -= 2;
-		if (i > n)
-			goto truncated;
-	}
-	j = EVP_PKEY_size(pkey);
-	if ((i > j) || (n > j) || (n <= 0)) {
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-		    SSL_R_WRONG_SIGNATURE_SIZE);
-		al = SSL_AD_DECODE_ERROR;
-		goto f_err;
-	}
-
-	if (SSL_USE_SIGALGS(s)) {
-		long hdatalen = 0;
-		void *hdata;
-		hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-		if (hdatalen <= 0) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    ERR_R_INTERNAL_ERROR);
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-		if (!EVP_VerifyInit_ex(&mctx, md, NULL) ||
-		    !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    ERR_R_EVP_LIB);
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-
-		if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_SIGNATURE);
-			goto f_err;
-		}
-	} else
-	if (pkey->type == EVP_PKEY_RSA) {
-		i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
-		    MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, p, i,
-		    pkey->pkey.rsa);
-		if (i < 0) {
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_RSA_DECRYPT);
-			goto f_err;
-		}
-		if (i == 0) {
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_RSA_SIGNATURE);
-			goto f_err;
-		}
-	} else
-	if (pkey->type == EVP_PKEY_DSA) {
-		j = DSA_verify(pkey->save_type,
-		    &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-		    SHA_DIGEST_LENGTH, p, i, pkey->pkey.dsa);
-		if (j <= 0) {
-			/* bad signature */
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_DSA_SIGNATURE);
-			goto f_err;
-		}
-	} else
-	if (pkey->type == EVP_PKEY_EC) {
-		j = ECDSA_verify(pkey->save_type,
-		    &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
-		    SHA_DIGEST_LENGTH, p, i, pkey->pkey.ec);
-		if (j <= 0) {
-			/* bad signature */
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_ECDSA_SIGNATURE);
-			goto f_err;
-		}
-	} else
-#ifndef OPENSSL_NO_GOST
-	if (pkey->type == NID_id_GostR3410_94 ||
-	    pkey->type == NID_id_GostR3410_2001) {
-		long hdatalen = 0;
-		void *hdata;
-		unsigned char signature[128];
-		unsigned int siglen = sizeof(signature);
-		int nid;
-		EVP_PKEY_CTX *pctx;
-
-		hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-		if (hdatalen <= 0) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    ERR_R_INTERNAL_ERROR);
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-		if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
-				!(md = EVP_get_digestbynid(nid))) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-					ERR_R_EVP_LIB);
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-		pctx = EVP_PKEY_CTX_new(pkey, NULL);
-		if (!pctx) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    ERR_R_EVP_LIB);
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-		if (!EVP_DigestInit_ex(&mctx, md, NULL) ||
-		    !EVP_DigestUpdate(&mctx, hdata, hdatalen) ||
-		    !EVP_DigestFinal(&mctx, signature, &siglen) ||
-		    (EVP_PKEY_verify_init(pctx) <= 0) ||
-		    (EVP_PKEY_CTX_set_signature_md(pctx, md) <= 0) ||
-		    (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY,
-				       EVP_PKEY_CTRL_GOST_SIG_FORMAT,
-				       GOST_SIG_FORMAT_RS_LE,
-				       NULL) <= 0)) {
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    ERR_R_EVP_LIB);
-			al = SSL_AD_INTERNAL_ERROR;
-			EVP_PKEY_CTX_free(pctx);
-			goto f_err;
-		}
-
-		if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) {
-			al = SSL_AD_DECRYPT_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-			    SSL_R_BAD_SIGNATURE);
-			EVP_PKEY_CTX_free(pctx);
-			goto f_err;
-		}
-
-		EVP_PKEY_CTX_free(pctx);
-	} else
-#endif
-	{
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
-		    ERR_R_INTERNAL_ERROR);
-		al = SSL_AD_UNSUPPORTED_CERTIFICATE;
-		goto f_err;
-	}
-
-
-	ret = 1;
-	if (0) {
-truncated:
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_PACKET_LENGTH);
-f_err:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	}
-end:
-	if (s->s3->handshake_buffer) {
-		BIO_free(s->s3->handshake_buffer);
-		s->s3->handshake_buffer = NULL;
-		s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
-	}
-	EVP_MD_CTX_cleanup(&mctx);
-	EVP_PKEY_free(pkey);
-	return (ret);
-}
-
-int
-ssl3_get_client_certificate(SSL *s)
-{
-	CBS cbs, client_certs;
-	int i, ok, al, ret = -1;
-	X509 *x = NULL;
-	long n;
-	const unsigned char *q;
-	STACK_OF(X509) *sk = NULL;
-
-	n = s->method->ssl_get_message(s, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B,
-	    -1, s->max_cert_list, &ok);
-
-	if (!ok)
-		return ((int)n);
-
-	if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
-		if ((s->verify_mode & SSL_VERIFY_PEER) &&
-		    (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
-		    	SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			goto f_err;
-		}
-		/*
-		 * If tls asked for a client cert,
-		 * the client must return a 0 list.
-		 */
-		if (s->s3->tmp.cert_request) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
-			    );
-			al = SSL_AD_UNEXPECTED_MESSAGE;
-			goto f_err;
-		}
-		s->s3->tmp.reuse_message = 1;
-		return (1);
-	}
-
-	if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
-		al = SSL_AD_UNEXPECTED_MESSAGE;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-		    SSL_R_WRONG_MESSAGE_TYPE);
-		goto f_err;
-	}
-
-	if (n < 0)
-		goto truncated;
-
-	CBS_init(&cbs, s->init_msg, n);
-
-	if ((sk = sk_X509_new_null()) == NULL) {
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!CBS_get_u24_length_prefixed(&cbs, &client_certs) ||
-	    CBS_len(&cbs) != 0)
-		goto truncated;
-
-	while (CBS_len(&client_certs) > 0) {
-		CBS cert;
-
-		if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-		}
-
-		q = CBS_data(&cert);
-		x = d2i_X509(NULL, &q, CBS_len(&cert));
-		if (x == NULL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    ERR_R_ASN1_LIB);
-			goto err;
-		}
-		if (q != CBS_data(&cert) + CBS_len(&cert)) {
-			al = SSL_AD_DECODE_ERROR;
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_CERT_LENGTH_MISMATCH);
-			goto f_err;
-		}
-		if (!sk_X509_push(sk, x)) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		x = NULL;
-	}
-
-	if (sk_X509_num(sk) <= 0) {
-		/*
-		 * TLS does not mind 0 certs returned.
-		 * Fail for TLS only if we required a certificate.
-		 */
-		if ((s->verify_mode & SSL_VERIFY_PEER) &&
-		    (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
-			al = SSL_AD_HANDSHAKE_FAILURE;
-			goto f_err;
-		}
-		/* No client certificate so digest cached records */
-		if (s->s3->handshake_buffer && !tls1_digest_cached_records(s)) {
-			al = SSL_AD_INTERNAL_ERROR;
-			goto f_err;
-		}
-	} else {
-		i = ssl_verify_cert_chain(s, sk);
-		if (i <= 0) {
-			al = ssl_verify_alarm_type(s->verify_result);
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    SSL_R_NO_CERTIFICATE_RETURNED);
-			goto f_err;
-		}
-	}
-
-	X509_free(s->session->peer);
-	s->session->peer = sk_X509_shift(sk);
-	s->session->verify_result = s->verify_result;
-
-	/*
-	 * With the current implementation, sess_cert will always be NULL
-	 * when we arrive here
-	 */
-	if (s->session->sess_cert == NULL) {
-		s->session->sess_cert = ssl_sess_cert_new();
-		if (s->session->sess_cert == NULL) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-			    ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-	if (s->session->sess_cert->cert_chain != NULL)
-		sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
-	s->session->sess_cert->cert_chain = sk;
-
-	/*
-	 * Inconsistency alert: cert_chain does *not* include the
-	 * peer's own certificate, while we do include it in s3_clnt.c
-	 */
-
-	sk = NULL;
-
-	ret = 1;
-	if (0) {
-truncated:
-		al = SSL_AD_DECODE_ERROR;
-		SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
-		    SSL_R_BAD_PACKET_LENGTH);
-f_err:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-	}
-err:
-	X509_free(x);
-	if (sk != NULL)
-		sk_X509_pop_free(sk, X509_free);
-	return (ret);
-}
-
-int
-ssl3_send_server_certificate(SSL *s)
-{
-	unsigned long l;
-	X509 *x;
-
-	if (s->state == SSL3_ST_SW_CERT_A) {
-		x = ssl_get_server_send_cert(s);
-		if (x == NULL) {
-			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
-			    ERR_R_INTERNAL_ERROR);
-			return (0);
-		}
-
-		l = ssl3_output_cert_chain(s, x);
-		s->state = SSL3_ST_SW_CERT_B;
-		s->init_num = (int)l;
-		s->init_off = 0;
-	}
-
-	/* SSL3_ST_SW_CERT_B */
-	return (ssl3_handshake_write(s));
-}
-
-/* send a new session ticket (not necessarily for a new session) */
-int
-ssl3_send_newsession_ticket(SSL *s)
-{
-	if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
-		unsigned char *d, *p, *senc, *macstart;
-		const unsigned char *const_p;
-		int len, slen_full, slen;
-		SSL_SESSION *sess;
-		unsigned int hlen;
-		EVP_CIPHER_CTX ctx;
-		HMAC_CTX hctx;
-		SSL_CTX *tctx = s->initial_ctx;
-		unsigned char iv[EVP_MAX_IV_LENGTH];
-		unsigned char key_name[16];
-
-		/* get session encoding length */
-		slen_full = i2d_SSL_SESSION(s->session, NULL);
-		/*
-		 * Some length values are 16 bits, so forget it if session is
- 		 * too long
- 		 */
-		if (slen_full > 0xFF00)
-			return (-1);
-		senc = malloc(slen_full);
-		if (!senc)
-			return (-1);
-		p = senc;
-		i2d_SSL_SESSION(s->session, &p);
-
-		/*
-		 * Create a fresh copy (not shared with other threads) to
-		 * clean up
-		 */
-		const_p = senc;
-		sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
-		if (sess == NULL) {
-			free(senc);
-			return (-1);
-		}
-
-		/* ID is irrelevant for the ticket */
-		sess->session_id_length = 0;
-
-		slen = i2d_SSL_SESSION(sess, NULL);
-		if (slen > slen_full) {
-			/* shouldn't ever happen */
-			free(senc);
-			return (-1);
-		}
-		p = senc;
-		i2d_SSL_SESSION(sess, &p);
-		SSL_SESSION_free(sess);
-
-		/*
-		 * Grow buffer if need be: the length calculation is as
- 		 * follows 1 (size of message name) + 3 (message length
- 		 * bytes) + 4 (ticket lifetime hint) + 2 (ticket length) +
- 		 * 16 (key name) + max_iv_len (iv length) +
- 		 * session_length + max_enc_block_size (max encrypted session
- 		 * length) + max_md_size (HMAC).
- 		 */
-		if (!BUF_MEM_grow(s->init_buf, ssl3_handshake_msg_hdr_len(s) +
-		    22 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH +
-		    EVP_MAX_MD_SIZE + slen)) {
-			free(senc);
-			return (-1);
-		}
-
-		d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEWSESSION_TICKET);
-
-		EVP_CIPHER_CTX_init(&ctx);
-		HMAC_CTX_init(&hctx);
-
-		/*
-		 * Initialize HMAC and cipher contexts. If callback present
-		 * it does all the work otherwise use generated values
-		 * from parent ctx.
-		 */
-		if (tctx->tlsext_ticket_key_cb) {
-			if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
-			    &hctx, 1) < 0) {
-				free(senc);
-				EVP_CIPHER_CTX_cleanup(&ctx);
-				return (-1);
-			}
-		} else {
-			arc4random_buf(iv, 16);
-			EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
-			    tctx->tlsext_tick_aes_key, iv);
-			HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
-			    tlsext_tick_md(), NULL);
-			memcpy(key_name, tctx->tlsext_tick_key_name, 16);
-		}
-
-		/*
-		 * Ticket lifetime hint (advisory only):
-		 * We leave this unspecified for resumed session
-		 * (for simplicity), and guess that tickets for new
-		 * sessions will live as long as their sessions.
-		 */
-		l2n(s->hit ? 0 : s->session->timeout, p);
-
-		/* Skip ticket length for now */
-		p += 2;
-		/* Output key name */
-		macstart = p;
-		memcpy(p, key_name, 16);
-		p += 16;
-		/* output IV */
-		memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
-		p += EVP_CIPHER_CTX_iv_length(&ctx);
-		/* Encrypt session data */
-		EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
-		p += len;
-		EVP_EncryptFinal_ex(&ctx, p, &len);
-		p += len;
-		EVP_CIPHER_CTX_cleanup(&ctx);
-
-		HMAC_Update(&hctx, macstart, p - macstart);
-		HMAC_Final(&hctx, p, &hlen);
-		HMAC_CTX_cleanup(&hctx);
-		p += hlen;
-
-		/* Now write out lengths: p points to end of data written */
-		/* Total length */
-		len = p - d;
-
-		/* Skip ticket lifetime hint. */
-		p = d + 4;
-		s2n(len - 6, p); /* Message length */
-
-		ssl3_handshake_msg_finish(s, len);
-
-		s->state = SSL3_ST_SW_SESSION_TICKET_B;
-
-		free(senc);
-	}
-
-	/* SSL3_ST_SW_SESSION_TICKET_B */
-	return (ssl3_handshake_write(s));
-}
-
-int
-ssl3_send_cert_status(SSL *s)
-{
-	unsigned char *p;
-
-	if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
-		/*
-		 * Grow buffer if need be: the length calculation is as
- 		 * follows 1 (message type) + 3 (message length) +
- 		 * 1 (ocsp response type) + 3 (ocsp response length)
- 		 * + (ocsp response)
- 		 */
-		if (!BUF_MEM_grow(s->init_buf, SSL3_HM_HEADER_LENGTH + 4 +
-		    s->tlsext_ocsp_resplen))
-			return (-1);
-
-		p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_STATUS);
-
-		*(p++) = s->tlsext_status_type;
-		l2n3(s->tlsext_ocsp_resplen, p);
-		memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
-
-		ssl3_handshake_msg_finish(s, s->tlsext_ocsp_resplen + 4);
-
-		s->state = SSL3_ST_SW_CERT_STATUS_B;
-	}
-
-	/* SSL3_ST_SW_CERT_STATUS_B */
-	return (ssl3_handshake_write(s));
-}
-
-/*
- * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
- * It sets the next_proto member in s if found
- */
-int
-ssl3_get_next_proto(SSL *s)
-{
-	CBS cbs, proto, padding;
-	int ok;
-	long n;
-	size_t len;
-
-	/*
-	 * Clients cannot send a NextProtocol message if we didn't see the
-	 * extension in their ClientHello
-	 */
-	if (!s->s3->next_proto_neg_seen) {
-		SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
-		    SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
-		return (-1);
-	}
-
-	/* 514 maxlen is enough for the payload format below */
-	n = s->method->ssl_get_message(s, SSL3_ST_SR_NEXT_PROTO_A,
-	    SSL3_ST_SR_NEXT_PROTO_B, SSL3_MT_NEXT_PROTO, 514, &ok);
-	if (!ok)
-		return ((int)n);
-
-	/*
-	 * s->state doesn't reflect whether ChangeCipherSpec has been received
-	 * in this handshake, but s->s3->change_cipher_spec does (will be reset
-	 * by ssl3_get_finished).
-	 */
-	if (!s->s3->change_cipher_spec) {
-		SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
-		    SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
-		return (-1);
-	}
-
-	if (n < 2)
-		return (0);
-	/* The body must be > 1 bytes long */
-
-	CBS_init(&cbs, s->init_msg, s->init_num);
-
-	/*
-	 * The payload looks like:
-	 *   uint8 proto_len;
-	 *   uint8 proto[proto_len];
-	 *   uint8 padding_len;
-	 *   uint8 padding[padding_len];
-	 */
-	if (!CBS_get_u8_length_prefixed(&cbs, &proto) ||
-	    !CBS_get_u8_length_prefixed(&cbs, &padding) ||
-	    CBS_len(&cbs) != 0)
-		return 0;
-
-	/*
-	 * XXX We should not NULL it, but this matches old behavior of not
-	 * freeing before malloc.
-	 */
-	s->next_proto_negotiated = NULL;
-	s->next_proto_negotiated_len = 0;
-
-	if (!CBS_stow(&proto, &s->next_proto_negotiated, &len)) {
-		SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
-		    ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	s->next_proto_negotiated_len = (uint8_t)len;
-
-	return (1);
-}
diff --git a/lib/libssl/src/ssl/srtp.h b/lib/libssl/src/ssl/srtp.h
deleted file mode 100644
index 6daa02a791c..00000000000
--- a/lib/libssl/src/ssl/srtp.h
+++ /dev/null
@@ -1,142 +0,0 @@
-/* $OpenBSD: srtp.h,v 1.6 2015/09/01 15:18:23 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/*
- * DTLS code by Eric Rescorla <ekr@rtfm.com>
- *
- * Copyright (C) 2006, Network Resonance, Inc.
- * Copyright (C) 2011, RTFM, Inc.
- */
-
-#ifndef HEADER_D1_SRTP_H
-#define HEADER_D1_SRTP_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define SRTP_AES128_CM_SHA1_80 0x0001
-#define SRTP_AES128_CM_SHA1_32 0x0002
-#define SRTP_AES128_F8_SHA1_80 0x0003
-#define SRTP_AES128_F8_SHA1_32 0x0004
-#define SRTP_NULL_SHA1_80      0x0005
-#define SRTP_NULL_SHA1_32      0x0006
-
-int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
-int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
-
-STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
-SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
-
-#ifdef  __cplusplus
-}
-#endif
-
-#endif
diff --git a/lib/libssl/src/ssl/ssl.h b/lib/libssl/src/ssl/ssl.h
deleted file mode 100644
index 58493fa988f..00000000000
--- a/lib/libssl/src/ssl/ssl.h
+++ /dev/null
@@ -1,2382 +0,0 @@
-/* $OpenBSD: ssl.h,v 1.96 2015/10/25 16:07:04 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_H
-#define HEADER_SSL_H
-
-#include <stdint.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/hmac.h>
-#include <openssl/pem.h>
-#include <openssl/safestack.h>
-
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
-
-#ifndef OPENSSL_NO_DEPRECATED
-#include <openssl/buffer.h>
-#include <openssl/crypto.h>
-#include <openssl/lhash.h>
-
-#ifndef OPENSSL_NO_X509
-#include <openssl/x509.h>
-#endif
-#endif
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* SSLeay version number for ASN.1 encoding of the session information */
-/* Version 0 - initial version
- * Version 1 - added the optional peer certificate
- */
-#define SSL_SESSION_ASN1_VERSION 0x0001
-
-/* text strings for the ciphers */
-#define SSL_TXT_NULL_WITH_MD5		SSL2_TXT_NULL_WITH_MD5
-#define SSL_TXT_RC4_128_WITH_MD5	SSL2_TXT_RC4_128_WITH_MD5
-#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
-#define SSL_TXT_RC2_128_CBC_WITH_MD5	SSL2_TXT_RC2_128_CBC_WITH_MD5
-#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
-#define SSL_TXT_IDEA_128_CBC_WITH_MD5	SSL2_TXT_IDEA_128_CBC_WITH_MD5
-#define SSL_TXT_DES_64_CBC_WITH_MD5	SSL2_TXT_DES_64_CBC_WITH_MD5
-#define SSL_TXT_DES_64_CBC_WITH_SHA	SSL2_TXT_DES_64_CBC_WITH_SHA
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
-#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
-
-/*    VRS Additional Kerberos5 entries
- */
-#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-#define SSL_TXT_KRB5_RC4_128_SHA      SSL3_TXT_KRB5_RC4_128_SHA
-#define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
-#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
-#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-#define SSL_TXT_KRB5_RC4_128_MD5      SSL3_TXT_KRB5_RC4_128_MD5
-#define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
-
-#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
-#define SSL_TXT_KRB5_RC2_40_CBC_SHA   SSL3_TXT_KRB5_RC2_40_CBC_SHA
-#define SSL_TXT_KRB5_RC4_40_SHA	      SSL3_TXT_KRB5_RC4_40_SHA
-#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
-#define SSL_TXT_KRB5_RC2_40_CBC_MD5   SSL3_TXT_KRB5_RC2_40_CBC_MD5
-#define SSL_TXT_KRB5_RC4_40_MD5	      SSL3_TXT_KRB5_RC4_40_MD5
-
-#define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
-#define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
-#define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
-#define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
-#define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
-#define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
-#define SSL_MAX_KRB5_PRINCIPAL_LENGTH  256
-
-#define SSL_MAX_SSL_SESSION_ID_LENGTH		32
-#define SSL_MAX_SID_CTX_LENGTH			32
-
-#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES	(512/8)
-#define SSL_MAX_KEY_ARG_LENGTH			8
-#define SSL_MAX_MASTER_KEY_LENGTH		48
-
-
-/* These are used to specify which ciphers to use and not to use */
-
-#define SSL_TXT_LOW		"LOW"
-#define SSL_TXT_MEDIUM		"MEDIUM"
-#define SSL_TXT_HIGH		"HIGH"
-
-#define SSL_TXT_kFZA		"kFZA" /* unused! */
-#define	SSL_TXT_aFZA		"aFZA" /* unused! */
-#define SSL_TXT_eFZA		"eFZA" /* unused! */
-#define SSL_TXT_FZA		"FZA"  /* unused! */
-
-#define	SSL_TXT_aNULL		"aNULL"
-#define	SSL_TXT_eNULL		"eNULL"
-#define	SSL_TXT_NULL		"NULL"
-
-#define SSL_TXT_kRSA		"kRSA"
-#define SSL_TXT_kDHr		"kDHr" /* no such ciphersuites supported! */
-#define SSL_TXT_kDHd		"kDHd" /* no such ciphersuites supported! */
-#define SSL_TXT_kDH 		"kDH"  /* no such ciphersuites supported! */
-#define SSL_TXT_kEDH		"kEDH"
-#define SSL_TXT_kKRB5     	"kKRB5"
-#define SSL_TXT_kECDHr		"kECDHr"
-#define SSL_TXT_kECDHe		"kECDHe"
-#define SSL_TXT_kECDH		"kECDH"
-#define SSL_TXT_kEECDH		"kEECDH"
-#define SSL_TXT_kPSK            "kPSK"
-#define SSL_TXT_kGOST		"kGOST"
-#define SSL_TXT_kSRP		"kSRP"
-
-#define	SSL_TXT_aRSA		"aRSA"
-#define	SSL_TXT_aDSS		"aDSS"
-#define	SSL_TXT_aDH		"aDH" /* no such ciphersuites supported! */
-#define	SSL_TXT_aECDH		"aECDH"
-#define SSL_TXT_aKRB5     	"aKRB5"
-#define SSL_TXT_aECDSA		"aECDSA"
-#define SSL_TXT_aPSK            "aPSK"
-#define SSL_TXT_aGOST94		"aGOST94"
-#define SSL_TXT_aGOST01		"aGOST01"
-#define SSL_TXT_aGOST		"aGOST"
-
-#define	SSL_TXT_DSS		"DSS"
-#define SSL_TXT_DH		"DH"
-#define SSL_TXT_DHE		"DHE" /* same as "kDHE:-ADH" */
-#define SSL_TXT_EDH		"EDH" /* previous name for DHE */
-#define SSL_TXT_ADH		"ADH"
-#define SSL_TXT_RSA		"RSA"
-#define SSL_TXT_ECDH		"ECDH"
-#define SSL_TXT_ECDHE		"ECDHE" /* same as "kECDHE:-AECDH" */
-#define SSL_TXT_EECDH		"EECDH" /* previous name for ECDHE */
-#define SSL_TXT_AECDH		"AECDH"
-#define SSL_TXT_ECDSA		"ECDSA"
-#define SSL_TXT_KRB5      	"KRB5"
-#define SSL_TXT_PSK             "PSK"
-#define SSL_TXT_SRP		"SRP"
-
-#define SSL_TXT_DES		"DES"
-#define SSL_TXT_3DES		"3DES"
-#define SSL_TXT_RC4		"RC4"
-#define SSL_TXT_RC2		"RC2"
-#define SSL_TXT_IDEA		"IDEA"
-#define SSL_TXT_SEED		"SEED"
-#define SSL_TXT_AES128		"AES128"
-#define SSL_TXT_AES256		"AES256"
-#define SSL_TXT_AES		"AES"
-#define SSL_TXT_AES_GCM		"AESGCM"
-#define SSL_TXT_CAMELLIA128	"CAMELLIA128"
-#define SSL_TXT_CAMELLIA256	"CAMELLIA256"
-#define SSL_TXT_CAMELLIA	"CAMELLIA"
-#define SSL_TXT_CHACHA20	"CHACHA20"
-
-#define SSL_TXT_AEAD		"AEAD"
-#define SSL_TXT_MD5		"MD5"
-#define SSL_TXT_SHA1		"SHA1"
-#define SSL_TXT_SHA		"SHA" /* same as "SHA1" */
-#define SSL_TXT_GOST94		"GOST94"
-#define SSL_TXT_GOST89MAC		"GOST89MAC"
-#define SSL_TXT_SHA256		"SHA256"
-#define SSL_TXT_SHA384		"SHA384"
-#define SSL_TXT_STREEBOG256		"STREEBOG256"
-#define SSL_TXT_STREEBOG512		"STREEBOG512"
-
-#define SSL_TXT_DTLS1		"DTLSv1"
-#define SSL_TXT_SSLV2		"SSLv2"
-#define SSL_TXT_SSLV3		"SSLv3"
-#define SSL_TXT_TLSV1		"TLSv1"
-#define SSL_TXT_TLSV1_1		"TLSv1.1"
-#define SSL_TXT_TLSV1_2		"TLSv1.2"
-
-#define SSL_TXT_EXP		"EXP"
-#define SSL_TXT_EXPORT		"EXPORT"
-
-#define SSL_TXT_ALL		"ALL"
-
-/*
- * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
- * ciphers normally not being used.
- * Example: "RC4" will activate all ciphers using RC4 including ciphers
- * without authentication, which would normally disabled by DEFAULT (due
- * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
- * will make sure that it is also disabled in the specific selection.
- * COMPLEMENTOF* identifiers are portable between version, as adjustments
- * to the default cipher setup will also be included here.
- *
- * COMPLEMENTOFDEFAULT does not experience the same special treatment that
- * DEFAULT gets, as only selection is being done and no sorting as needed
- * for DEFAULT.
- */
-#define SSL_TXT_CMPALL		"COMPLEMENTOFALL"
-#define SSL_TXT_CMPDEF		"COMPLEMENTOFDEFAULT"
-
-/* The following cipher list is used by default.
- * It also is substituted when an application-defined cipher list string
- * starts with 'DEFAULT'. */
-#define SSL_DEFAULT_CIPHER_LIST	"ALL:!aNULL:!eNULL:!SSLv2"
-/* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
- * starts with a reasonable order, and all we have to do for DEFAULT is
- * throwing out anonymous and unencrypted ciphersuites!
- * (The latter are not actually enabled by ALL, but "ALL:RSA" would enable
- * some of them.)
- */
-
-/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
-#define SSL_SENT_SHUTDOWN	1
-#define SSL_RECEIVED_SHUTDOWN	2
-
-
-#define SSL_FILETYPE_ASN1	X509_FILETYPE_ASN1
-#define SSL_FILETYPE_PEM	X509_FILETYPE_PEM
-
-/* This is needed to stop compilers complaining about the
- * 'struct ssl_st *' function parameters used to prototype callbacks
- * in SSL_CTX. */
-typedef struct ssl_st *ssl_crock_st;
-typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
-typedef struct ssl_method_st SSL_METHOD;
-typedef struct ssl_cipher_st SSL_CIPHER;
-typedef struct ssl_session_st SSL_SESSION;
-
-DECLARE_STACK_OF(SSL_CIPHER)
-
-/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
-typedef struct srtp_protection_profile_st {
-	const char *name;
-	unsigned long id;
-} SRTP_PROTECTION_PROFILE;
-
-DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
-
-typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
-    int len, void *arg);
-typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
-    STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-/* used to hold info on the particular ciphers used */
-struct ssl_cipher_st {
-	int valid;
-	const char *name;		/* text name */
-	unsigned long id;		/* id, 4 bytes, first is version */
-
-	unsigned long algorithm_mkey;	/* key exchange algorithm */
-	unsigned long algorithm_auth;	/* server authentication */
-	unsigned long algorithm_enc;	/* symmetric encryption */
-	unsigned long algorithm_mac;	/* symmetric authentication */
-	unsigned long algorithm_ssl;	/* (major) protocol version */
-
-	unsigned long algo_strength;	/* strength and export flags */
-	unsigned long algorithm2;	/* Extra flags */
-	int strength_bits;		/* Number of bits really used */
-	int alg_bits;			/* Number of bits for algorithm */
-};
-
-
-/* Used to hold functions for SSLv3/TLSv1 functions */
-struct ssl_method_st {
-	int version;
-	int (*ssl_new)(SSL *s);
-	void (*ssl_clear)(SSL *s);
-	void (*ssl_free)(SSL *s);
-	int (*ssl_accept)(SSL *s);
-	int (*ssl_connect)(SSL *s);
-	int (*ssl_read)(SSL *s, void *buf, int len);
-	int (*ssl_peek)(SSL *s, void *buf, int len);
-	int (*ssl_write)(SSL *s, const void *buf, int len);
-	int (*ssl_shutdown)(SSL *s);
-	int (*ssl_renegotiate)(SSL *s);
-	int (*ssl_renegotiate_check)(SSL *s);
-	long (*ssl_get_message)(SSL *s, int st1, int stn, int mt,
-	    long max, int *ok);
-	int (*ssl_read_bytes)(SSL *s, int type, unsigned char *buf,
-	    int len, int peek);
-	int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len);
-	int (*ssl_dispatch_alert)(SSL *s);
-	long (*ssl_ctrl)(SSL *s, int cmd, long larg, void *parg);
-	long (*ssl_ctx_ctrl)(SSL_CTX *ctx, int cmd, long larg, void *parg);
-	const SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr);
-	int (*put_cipher_by_char)(const SSL_CIPHER *cipher, unsigned char *ptr);
-	int (*ssl_pending)(const SSL *s);
-	int (*num_ciphers)(void);
-	const SSL_CIPHER *(*get_cipher)(unsigned ncipher);
-	const struct ssl_method_st *(*get_ssl_method)(int version);
-	long (*get_timeout)(void);
-	struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
-	int (*ssl_version)(void);
-	long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)(void));
-	long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)(void));
-};
-
-/* Lets make this into an ASN.1 type structure as follows
- * SSL_SESSION_ID ::= SEQUENCE {
- *	version 		INTEGER,	-- structure version number
- *	SSLversion 		INTEGER,	-- SSL version number
- *	Cipher 			OCTET STRING,	-- the 3 byte cipher ID
- *	Session_ID 		OCTET STRING,	-- the Session ID
- *	Master_key 		OCTET STRING,	-- the master key
- *	KRB5_principal		OCTET STRING	-- optional Kerberos principal
- *	Time [ 1 ] EXPLICIT	INTEGER,	-- optional Start Time
- *	Timeout [ 2 ] EXPLICIT	INTEGER,	-- optional Timeout ins seconds
- *	Peer [ 3 ] EXPLICIT	X509,		-- optional Peer Certificate
- *	Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
- *	Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
- *	HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension
- *	PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
- *	PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
- *	Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
- *	Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
- *	Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
- *	SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
- *	}
- * Look in ssl/ssl_asn1.c for more details
- * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
- */
-struct ssl_session_st {
-	int ssl_version;	/* what ssl version session info is
-				 * being kept in here? */
-
-	int master_key_length;
-	unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
-	/* session_id - valid? */
-	unsigned int session_id_length;
-	unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
-	/* this is used to determine whether the session is being reused in
-	 * the appropriate context. It is up to the application to set this,
-	 * via SSL_new */
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
-	/* Used to indicate that session resumption is not allowed.
-	 * Applications can also set this bit for a new session via
-	 * not_resumable_session_cb to disable session caching and tickets. */
-	int not_resumable;
-
-	/* The cert is the certificate used to establish this connection */
-	struct sess_cert_st /* SESS_CERT */ *sess_cert;
-
-	/* This is the cert for the other end.
-	 * On clients, it will be the same as sess_cert->peer_key->x509
-	 * (the latter is not enough as sess_cert is not retained
-	 * in the external representation of sessions, see ssl_asn1.c). */
-	X509 *peer;
-	/* when app_verify_callback accepts a session where the peer's certificate
-	 * is not ok, we must remember the error for session reuse: */
-	long verify_result; /* only for servers */
-
-	long timeout;
-	time_t time;
-	int references;
-
-	const SSL_CIPHER *cipher;
-	unsigned long cipher_id;	/* when ASN.1 loaded, this
-					 * needs to be used to load
-					 * the 'cipher' structure */
-
-	STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
-
-	CRYPTO_EX_DATA ex_data; /* application specific data */
-
-	/* These are used to make removal of session-ids more
-	 * efficient and to implement a maximum cache size. */
-	struct ssl_session_st *prev, *next;
-	char *tlsext_hostname;
-	size_t tlsext_ecpointformatlist_length;
-	uint8_t *tlsext_ecpointformatlist; /* peer's list */
-	size_t tlsext_ellipticcurvelist_length;
-	uint16_t *tlsext_ellipticcurvelist; /* peer's list */
-
-	/* RFC4507 info */
-	unsigned char *tlsext_tick;	/* Session ticket */
-	size_t tlsext_ticklen;		/* Session ticket length */
-	long tlsext_tick_lifetime_hint;	/* Session lifetime hint in seconds */
-};
-
-#endif
-
-/* Allow initial connection to servers that don't support RI */
-#define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
-#define SSL_OP_TLSEXT_PADDING				0x00000010L
-
-/* Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added
- * in OpenSSL 0.9.6d.  Usually (depending on the application protocol)
- * the workaround is not needed.
- * Unfortunately some broken SSL/TLS implementations cannot handle it
- * at all, which is why it was previously included in SSL_OP_ALL.
- * Now it's not.
- */
-#define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS		0x00000800L
-
-/* DTLS options */
-#define SSL_OP_NO_QUERY_MTU				0x00001000L
-/* Turn on Cookie Exchange (on relevant for servers) */
-#define SSL_OP_COOKIE_EXCHANGE				0x00002000L
-/* Don't use RFC4507 ticket extension */
-#define SSL_OP_NO_TICKET				0x00004000L
-
-/* As server, disallow session resumption on renegotiation */
-#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION	0x00010000L
-/* If set, always create a new key when using tmp_ecdh parameters */
-#define SSL_OP_SINGLE_ECDH_USE				0x00080000L
-/* If set, always create a new key when using tmp_dh parameters */
-#define SSL_OP_SINGLE_DH_USE				0x00100000L
-/* Set on servers to choose the cipher according to the server's
- * preferences */
-#define SSL_OP_CIPHER_SERVER_PREFERENCE			0x00400000L
-/* If set, a server will allow a client to issue a SSLv3.0 version number
- * as latest version supported in the premaster secret, even when TLSv1.0
- * (version 3.1) was announced in the client hello. Normally this is
- * forbidden to prevent version rollback attacks. */
-#define SSL_OP_TLS_ROLLBACK_BUG				0x00800000L
-
-#define SSL_OP_NO_TLSv1					0x04000000L
-#define SSL_OP_NO_TLSv1_2				0x08000000L
-#define SSL_OP_NO_TLSv1_1				0x10000000L
-
-/* Make server add server-hello extension from early version of
- * cryptopro draft, when GOST ciphersuite is negotiated.
- * Required for interoperability with CryptoPro CSP 3.x
- */
-#define SSL_OP_CRYPTOPRO_TLSEXT_BUG			0x80000000L
-
-/* SSL_OP_ALL: various bug workarounds that should be rather harmless. */
-#define SSL_OP_ALL \
-    (SSL_OP_LEGACY_SERVER_CONNECT | \
-     SSL_OP_TLSEXT_PADDING | \
-     SSL_OP_CRYPTOPRO_TLSEXT_BUG)
-
-/* Obsolete flags kept for compatibility. No sane code should use them. */
-#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION	0x0
-#define SSL_OP_CISCO_ANYCONNECT				0x0
-#define SSL_OP_EPHEMERAL_RSA				0x0
-#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x0
-#define SSL_OP_MICROSOFT_SESS_ID_BUG			0x0
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x0
-#define SSL_OP_NETSCAPE_CA_DN_BUG			0x0
-#define SSL_OP_NETSCAPE_CHALLENGE_BUG			0x0
-#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG		0x0
-#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x0
-#define SSL_OP_NO_COMPRESSION				0x0
-#define SSL_OP_NO_SSLv2					0x0
-#define SSL_OP_NO_SSLv3					0x0
-#define SSL_OP_PKCS1_CHECK_1				0x0
-#define SSL_OP_PKCS1_CHECK_2				0x0
-#define SSL_OP_SAFARI_ECDHE_ECDSA_BUG			0x0
-#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG			0x0
-#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x0
-#define SSL_OP_TLS_BLOCK_PADDING_BUG			0x0
-#define SSL_OP_TLS_D5_BUG				0x0
-
-/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
- * when just a single record has been written): */
-#define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
-/* Make it possible to retry SSL_write() with changed buffer location
- * (buffer contents must stay the same!); this is not the default to avoid
- * the misconception that non-blocking SSL_write() behaves like
- * non-blocking write(): */
-#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
-/* Never bother the application with retries if the transport
- * is blocking: */
-#define SSL_MODE_AUTO_RETRY 0x00000004L
-/* Don't attempt to automatically build certificate chain */
-#define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
-/* Save RAM by releasing read and write buffers when they're empty. (SSL3 and
- * TLS only.)  "Released" buffers are put onto a free-list in the context
- * or just freed (depending on the context's setting for freelist_max_len). */
-#define SSL_MODE_RELEASE_BUFFERS 0x00000010L
-
-/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value,
- * they cannot be used to clear bits. */
-
-#define SSL_CTX_set_options(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
-#define SSL_CTX_clear_options(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-#define SSL_CTX_get_options(ctx) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
-#define SSL_set_options(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
-#define SSL_clear_options(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
-#define SSL_get_options(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
-
-#define SSL_CTX_set_mode(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
-#define SSL_CTX_clear_mode(ctx,op) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
-#define SSL_CTX_get_mode(ctx) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
-#define SSL_clear_mode(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
-#define SSL_set_mode(ssl,op) \
-	SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
-#define SSL_get_mode(ssl) \
-        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
-#define SSL_set_mtu(ssl, mtu) \
-        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
-
-#define SSL_get_secure_renegotiation_support(ssl) \
-	SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
-
-void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p,
-    int version, int content_type, const void *buf, size_t len, SSL *ssl,
-    void *arg));
-void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
-    int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
-#define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-#define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
-
-struct ssl_aead_ctx_st;
-typedef struct ssl_aead_ctx_st SSL_AEAD_CTX;
-
-#define SSL_MAX_CERT_LIST_DEFAULT 1024*100 /* 100k max cert list :-) */
-
-#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT	(1024*20)
-
-/* This callback type is used inside SSL_CTX, SSL, and in the functions that set
- * them. It is used to override the generation of SSL/TLS session IDs in a
- * server. Return value should be zero on an error, non-zero to proceed. Also,
- * callbacks should themselves check if the id they generate is unique otherwise
- * the SSL handshake will fail with an error - callbacks can do this using the
- * 'ssl' value they're passed by;
- *      SSL_has_matching_session_id(ssl, id, *id_len)
- * The length value passed in is set at the maximum size the session ID can be.
- * In SSLv2 this is 16 bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback
- * can alter this length to be less if desired, but under SSLv2 session IDs are
- * supposed to be fixed at 16 bytes so the id will be padded after the callback
- * returns in this case. It is also an error for the callback to set the size to
- * zero. */
-typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
-    unsigned int *id_len);
-
-typedef struct ssl_comp_st SSL_COMP;
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_comp_st {
-	int id;
-	const char *name;
-};
-
-DECLARE_STACK_OF(SSL_COMP)
-DECLARE_LHASH_OF(SSL_SESSION);
-
-struct ssl_ctx_st {
-	const SSL_METHOD *method;
-
-	STACK_OF(SSL_CIPHER) *cipher_list;
-	/* same as above but sorted for lookup */
-	STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
-	struct x509_store_st /* X509_STORE */ *cert_store;
-	LHASH_OF(SSL_SESSION) *sessions;
-	/* Most session-ids that will be cached, default is
-	 * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */
-	unsigned long session_cache_size;
-	struct ssl_session_st *session_cache_head;
-	struct ssl_session_st *session_cache_tail;
-
-	/* This can have one of 2 values, ored together,
-	 * SSL_SESS_CACHE_CLIENT,
-	 * SSL_SESS_CACHE_SERVER,
-	 * Default is SSL_SESSION_CACHE_SERVER, which means only
-	 * SSL_accept which cache SSL_SESSIONS. */
-	int session_cache_mode;
-
-	/* If timeout is not 0, it is the default timeout value set
-	 * when SSL_new() is called.  This has been put in to make
-	 * life easier to set things up */
-	long session_timeout;
-
-	/* If this callback is not null, it will be called each
-	 * time a session id is added to the cache.  If this function
-	 * returns 1, it means that the callback will do a
-	 * SSL_SESSION_free() when it has finished using it.  Otherwise,
-	 * on 0, it means the callback has finished with it.
-	 * If remove_session_cb is not null, it will be called when
-	 * a session-id is removed from the cache.  After the call,
-	 * OpenSSL will SSL_SESSION_free() it. */
-	int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
-	void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
-	SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
-	unsigned char *data, int len, int *copy);
-
-	struct {
-		int sess_connect;	/* SSL new conn - started */
-		int sess_connect_renegotiate;/* SSL reneg - requested */
-		int sess_connect_good;	/* SSL new conne/reneg - finished */
-		int sess_accept;	/* SSL new accept - started */
-		int sess_accept_renegotiate;/* SSL reneg - requested */
-		int sess_accept_good;	/* SSL accept/reneg - finished */
-		int sess_miss;		/* session lookup misses  */
-		int sess_timeout;	/* reuse attempt on timeouted session */
-		int sess_cache_full;	/* session removed due to full cache */
-		int sess_hit;		/* session reuse actually done */
-		int sess_cb_hit;	/* session-id that was not
-					 * in the cache was
-					 * passed back via the callback.  This
-					 * indicates that the application is
-					 * supplying session-id's from other
-					 * processes - spooky :-) */
-	} stats;
-
-	int references;
-
-	/* if defined, these override the X509_verify_cert() calls */
-	int (*app_verify_callback)(X509_STORE_CTX *, void *);
-	void *app_verify_arg;
-
-	/* Default password callback. */
-	pem_password_cb *default_passwd_callback;
-
-	/* Default password callback user data. */
-	void *default_passwd_callback_userdata;
-
-	/* get client cert callback */
-	int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
-
-	/* cookie generate callback */
-	int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
-	unsigned int *cookie_len);
-
-	/* verify cookie callback */
-	int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
-	unsigned int cookie_len);
-
-	CRYPTO_EX_DATA ex_data;
-
-	const EVP_MD *md5;	/* For SSLv3/TLSv1 'ssl3-md5' */
-	const EVP_MD *sha1;	/* For SSLv3/TLSv1 'ssl3-sha1' */
-
-	STACK_OF(X509) *extra_certs;
-
-	/* Default values used when no per-SSL value is defined follow */
-
-	void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
-
-	/* what we put in client cert requests */
-	STACK_OF(X509_NAME) *client_CA;
-
-
-	/* Default values to use in SSL structures follow (these are copied by SSL_new) */
-
-	unsigned long options;
-	unsigned long mode;
-	long max_cert_list;
-
-	struct cert_st /* CERT */ *cert;
-	int read_ahead;
-
-	/* callback that allows applications to peek at protocol messages */
-	void (*msg_callback)(int write_p, int version, int content_type,
-	    const void *buf, size_t len, SSL *ssl, void *arg);
-	void *msg_callback_arg;
-
-	int verify_mode;
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-	int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); /* called 'verify_callback' in the SSL */
-
-	/* Default generate session ID callback. */
-	GEN_SESSION_CB generate_session_id;
-
-	X509_VERIFY_PARAM *param;
-
-	int quiet_shutdown;
-
-	/* Maximum amount of data to send in one fragment.
-	 * actual record size can be more than this due to
-	 * padding and MAC overheads.
-	 */
-	unsigned int max_send_fragment;
-
-#ifndef OPENSSL_NO_ENGINE
-	/* Engine to pass requests for client certs to
-	 */
-	ENGINE *client_cert_engine;
-#endif
-
-	/* TLS extensions servername callback */
-	int (*tlsext_servername_callback)(SSL*, int *, void *);
-	void *tlsext_servername_arg;
-	/* RFC 4507 session ticket keys */
-	unsigned char tlsext_tick_key_name[16];
-	unsigned char tlsext_tick_hmac_key[16];
-	unsigned char tlsext_tick_aes_key[16];
-	/* Callback to support customisation of ticket key setting */
-	int (*tlsext_ticket_key_cb)(SSL *ssl, unsigned char *name,
-	    unsigned char *iv, EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
-
-	/* certificate status request info */
-	/* Callback for status request */
-	int (*tlsext_status_cb)(SSL *ssl, void *arg);
-	void *tlsext_status_arg;
-
-
-
-
-	/* Next protocol negotiation information */
-	/* (for experimental NPN extension). */
-
-	/* For a server, this contains a callback function by which the set of
-	 * advertised protocols can be provided. */
-	int (*next_protos_advertised_cb)(SSL *s, const unsigned char **buf,
-	    unsigned int *len, void *arg);
-	void *next_protos_advertised_cb_arg;
-	/* For a client, this contains a callback function that selects the
-	 * next protocol from the list provided by the server. */
-	int (*next_proto_select_cb)(SSL *s, unsigned char **out,
-	    unsigned char *outlen, const unsigned char *in,
-	    unsigned int inlen, void *arg);
-	void *next_proto_select_cb_arg;
-
-	/*
-	 * ALPN information
-	 * (we are in the process of transitioning from NPN to ALPN).
-	 */
-
-	/*
-	 * Server callback function that allows the server to select the
-	 * protocol for the connection.
-	 *   out: on successful return, this must point to the raw protocol
-	 *       name (without the length prefix).
-	 *   outlen: on successful return, this contains the length of out.
-	 *   in: points to the client's list of supported protocols in
-	 *       wire-format.
-	 *   inlen: the length of in.
-	 */
-	int (*alpn_select_cb)(SSL *s, const unsigned char **out,
-	    unsigned char *outlen, const unsigned char *in, unsigned int inlen,
-	    void *arg);
-	void *alpn_select_cb_arg;
-
-	/* Client list of supported protocols in wire format. */
-	unsigned char *alpn_client_proto_list;
-	unsigned int alpn_client_proto_list_len;
-
-	/* SRTP profiles we are willing to do from RFC 5764 */
-	STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
-};
-
-#endif
-
-#define SSL_SESS_CACHE_OFF			0x0000
-#define SSL_SESS_CACHE_CLIENT			0x0001
-#define SSL_SESS_CACHE_SERVER			0x0002
-#define SSL_SESS_CACHE_BOTH	(SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
-#define SSL_SESS_CACHE_NO_AUTO_CLEAR		0x0080
-/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
-#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP	0x0100
-#define SSL_SESS_CACHE_NO_INTERNAL_STORE	0x0200
-#define SSL_SESS_CACHE_NO_INTERNAL \
-	(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
-
-LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
-#define SSL_CTX_sess_number(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
-#define SSL_CTX_sess_connect(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
-#define SSL_CTX_sess_connect_good(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
-#define SSL_CTX_sess_connect_renegotiate(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
-#define SSL_CTX_sess_accept_renegotiate(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
-#define SSL_CTX_sess_accept_good(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
-#define SSL_CTX_sess_hits(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
-#define SSL_CTX_sess_cb_hits(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
-#define SSL_CTX_sess_misses(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
-#define SSL_CTX_sess_timeouts(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
-#define SSL_CTX_sess_cache_full(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
-
-void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-    int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess));
-int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
-    SSL_SESSION *sess);
-void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
-    void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess));
-void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
-    SSL_SESSION *sess);
-void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
-    SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
-    int len, int *copy));
-SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
-    unsigned char *Data, int len, int *copy);
-void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,
-    int type, int val));
-void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type,
-    int val);
-void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
-    int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
-int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509,
-    EVP_PKEY **pkey);
-#ifndef OPENSSL_NO_ENGINE
-int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
-#endif
-void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
-    int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
-    unsigned int *cookie_len));
-void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-    int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
-    unsigned int cookie_len));
-void
-SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
-    const unsigned char **out, unsigned int *outlen, void *arg), void *arg);
-void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
-    unsigned char **out, unsigned char *outlen, const unsigned char *in,
-    unsigned int inlen, void *arg), void *arg);
-
-int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-    const unsigned char *in, unsigned int inlen, const unsigned char *client,
-    unsigned int client_len);
-void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-    unsigned *len);
-
-#define OPENSSL_NPN_UNSUPPORTED	0
-#define OPENSSL_NPN_NEGOTIATED	1
-#define OPENSSL_NPN_NO_OVERLAP	2
-
-int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
-    unsigned int protos_len);
-int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
-    unsigned int protos_len);
-void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
-    int (*cb)(SSL *ssl, const unsigned char **out, unsigned char *outlen,
-    const unsigned char *in, unsigned int inlen, void *arg), void *arg);
-void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
-    unsigned int *len);
-
-#define SSL_NOTHING	1
-#define SSL_WRITING	2
-#define SSL_READING	3
-#define SSL_X509_LOOKUP	4
-
-/* These will only be used when doing non-blocking IO */
-#define SSL_want_nothing(s)	(SSL_want(s) == SSL_NOTHING)
-#define SSL_want_read(s)	(SSL_want(s) == SSL_READING)
-#define SSL_want_write(s)	(SSL_want(s) == SSL_WRITING)
-#define SSL_want_x509_lookup(s)	(SSL_want(s) == SSL_X509_LOOKUP)
-
-#define SSL_MAC_FLAG_READ_MAC_STREAM 1
-#define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-struct ssl_st {
-	/* protocol version
-	 * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION, DTLS1_VERSION)
-	 */
-	int version;
-	int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
-
-	const SSL_METHOD *method; /* SSLv3 */
-
-	/* There are 2 BIO's even though they are normally both the
-	 * same.  This is so data can be read and written to different
-	 * handlers */
-
-#ifndef OPENSSL_NO_BIO
-	BIO *rbio; /* used by SSL_read */
-	BIO *wbio; /* used by SSL_write */
-	BIO *bbio; /* used during session-id reuse to concatenate
-		    * messages */
-#else
-	char *rbio; /* used by SSL_read */
-	char *wbio; /* used by SSL_write */
-	char *bbio;
-#endif
-	/* This holds a variable that indicates what we were doing
-	 * when a 0 or -1 is returned.  This is needed for
-	 * non-blocking IO so we know what request needs re-doing when
-	 * in SSL_accept or SSL_connect */
-	int rwstate;
-
-	/* true when we are actually in SSL_accept() or SSL_connect() */
-	int in_handshake;
-	int (*handshake_func)(SSL *);
-
-	/* Imagine that here's a boolean member "init" that is
-	 * switched as soon as SSL_set_{accept/connect}_state
-	 * is called for the first time, so that "state" and
-	 * "handshake_func" are properly initialized.  But as
-	 * handshake_func is == 0 until then, we use this
-	 * test instead of an "init" member.
-	 */
-
-	int server;	/* are we the server side? - mostly used by SSL_clear*/
-
-	int new_session;/* Generate a new session or reuse an old one.
-			 * NB: For servers, the 'new' session may actually be a previously
-			 * cached session or even the previous session unless
-			 * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */
-	int quiet_shutdown;/* don't send shutdown packets */
-	int shutdown;	/* we have shut things down, 0x01 sent, 0x02
-			 * for received */
-	int state;	/* where we are */
-	int rstate;	/* where we are when reading */
-
-	BUF_MEM *init_buf;	/* buffer used during init */
-	void *init_msg;		/* pointer to handshake message body, set by ssl3_get_message() */
-	int init_num;		/* amount read/written */
-	int init_off;		/* amount read/written */
-
-	/* used internally to point at a raw packet */
-	unsigned char *packet;
-	unsigned int packet_length;
-
-	struct ssl3_state_st *s3; /* SSLv3 variables */
-	struct dtls1_state_st *d1; /* DTLSv1 variables */
-
-	int read_ahead;		/* Read as many input bytes as possible
-				 * (for non-blocking reads) */
-
-	/* callback that allows applications to peek at protocol messages */
-	void (*msg_callback)(int write_p, int version, int content_type,
-	    const void *buf, size_t len, SSL *ssl, void *arg);
-	void *msg_callback_arg;
-
-	int hit;		/* reusing a previous session */
-
-	X509_VERIFY_PARAM *param;
-
-	/* crypto */
-	STACK_OF(SSL_CIPHER) *cipher_list;
-	STACK_OF(SSL_CIPHER) *cipher_list_by_id;
-
-	/* These are the ones being used, the ones in SSL_SESSION are
-	 * the ones to be 'copied' into these ones */
-	int mac_flags;
-
-	SSL_AEAD_CTX *aead_read_ctx;	/* AEAD context. If non-NULL, then
-					   enc_read_ctx and read_hash are
-					   ignored. */
-
-	EVP_CIPHER_CTX *enc_read_ctx;		/* cryptographic state */
-	EVP_MD_CTX *read_hash;			/* used for mac generation */
-
-	SSL_AEAD_CTX *aead_write_ctx;	/* AEAD context. If non-NULL, then
-					   enc_write_ctx and write_hash are
-					   ignored. */
-
-	EVP_CIPHER_CTX *enc_write_ctx;		/* cryptographic state */
-	EVP_MD_CTX *write_hash;			/* used for mac generation */
-
-	/* session info */
-
-	/* client cert? */
-	/* This is used to hold the server certificate used */
-	struct cert_st /* CERT */ *cert;
-
-	/* the session_id_context is used to ensure sessions are only reused
-	 * in the appropriate context */
-	unsigned int sid_ctx_length;
-	unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
-
-	/* This can also be in the session once a session is established */
-	SSL_SESSION *session;
-
-	/* Default generate session ID callback. */
-	GEN_SESSION_CB generate_session_id;
-
-	/* Used in SSL2 and SSL3 */
-	int verify_mode;	/* 0 don't care about verify failure.
-				 * 1 fail if verify fails */
-	int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */
-
-	void (*info_callback)(const SSL *ssl,int type,int val); /* optional informational callback */
-
-	int error;		/* error bytes to be written */
-	int error_code;		/* actual code */
-
-
-
-	SSL_CTX *ctx;
-	/* set this flag to 1 and a sleep(1) is put into all SSL_read()
-	 * and SSL_write() calls, good for nbio debuging :-) */
-	int debug;
-
-
-	/* extra application data */
-	long verify_result;
-	CRYPTO_EX_DATA ex_data;
-
-	/* for server side, keep the list of CA_dn we can use */
-	STACK_OF(X509_NAME) *client_CA;
-
-	int references;
-	unsigned long options; /* protocol behaviour */
-	unsigned long mode; /* API behaviour */
-	long max_cert_list;
-	int first_packet;
-	int client_version;	/* what was passed, used for
-				 * SSLv3/TLS rollback check */
-	unsigned int max_send_fragment;
-	/* TLS extension debug callback */
-	void (*tlsext_debug_cb)(SSL *s, int client_server, int type,
-	    unsigned char *data, int len, void *arg);
-	void *tlsext_debug_arg;
-	char *tlsext_hostname;
-	int servername_done;	/* no further mod of servername
-				   0 : call the servername extension callback.
-				   1 : prepare 2, allow last ack just after in server callback.
-				   2 : don't call servername callback, no ack in server hello
-				   */
-	/* certificate status request info */
-	/* Status type or -1 if no status type */
-	int tlsext_status_type;
-	/* Expect OCSP CertificateStatus message */
-	int tlsext_status_expected;
-	/* OCSP status request only */
-	STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
-	X509_EXTENSIONS *tlsext_ocsp_exts;
-	/* OCSP response received or to be sent */
-	unsigned char *tlsext_ocsp_resp;
-	int tlsext_ocsp_resplen;
-
-	/* RFC4507 session ticket expected to be received or sent */
-	int tlsext_ticket_expected;
-	size_t tlsext_ecpointformatlist_length;
-	uint8_t *tlsext_ecpointformatlist; /* our list */
-	size_t tlsext_ellipticcurvelist_length;
-	uint16_t *tlsext_ellipticcurvelist; /* our list */
-
-	/* TLS Session Ticket extension override */
-	TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
-
-	/* TLS Session Ticket extension callback */
-	tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
-	void *tls_session_ticket_ext_cb_arg;
-
-	/* TLS pre-shared secret session resumption */
-	tls_session_secret_cb_fn tls_session_secret_cb;
-	void *tls_session_secret_cb_arg;
-
-	SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */
-
-	/* Next protocol negotiation. For the client, this is the protocol that
-	 * we sent in NextProtocol and is set when handling ServerHello
-	 * extensions.
-	 *
-	 * For a server, this is the client's selected_protocol from
-	 * NextProtocol and is set when handling the NextProtocol message,
-	 * before the Finished message. */
-	unsigned char *next_proto_negotiated;
-	unsigned char next_proto_negotiated_len;
-
-#define session_ctx initial_ctx
-
-	STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;	/* What we'll do */
-	SRTP_PROTECTION_PROFILE *srtp_profile;			/* What's been chosen */
-
-	unsigned int tlsext_heartbeat;	/* Is use of the Heartbeat extension negotiated?
-					   0: disabled
-					   1: enabled
-					   2: enabled, but not allowed to send Requests
-					   */
-	unsigned int tlsext_hb_pending; /* Indicates if a HeartbeatRequest is in flight */
-	unsigned int tlsext_hb_seq;	/* HeartbeatRequest sequence number */
-
-	/* Client list of supported protocols in wire format. */
-	unsigned char *alpn_client_proto_list;
-	unsigned int alpn_client_proto_list_len;
-
-	int renegotiate;/* 1 if we are renegotiating.
-		 	 * 2 if we are a server and are inside a handshake
-	                 * (i.e. not just sending a HelloRequest) */
-
-};
-
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#include <openssl/ssl2.h>
-#include <openssl/ssl3.h>
-#include <openssl/tls1.h>	/* This is mostly sslv3 with a few tweaks */
-#include <openssl/dtls1.h>	/* Datagram TLS */
-#include <openssl/ssl23.h>
-#include <openssl/srtp.h>	/* Support for the use_srtp extension */
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* compatibility */
-#define SSL_set_app_data(s,arg)		(SSL_set_ex_data(s,0,(char *)arg))
-#define SSL_get_app_data(s)		(SSL_get_ex_data(s,0))
-#define SSL_SESSION_set_app_data(s,a)	(SSL_SESSION_set_ex_data(s,0,(char *)a))
-#define SSL_SESSION_get_app_data(s)	(SSL_SESSION_get_ex_data(s,0))
-#define SSL_CTX_get_app_data(ctx)	(SSL_CTX_get_ex_data(ctx,0))
-#define SSL_CTX_set_app_data(ctx,arg)	(SSL_CTX_set_ex_data(ctx,0,(char *)arg))
-
-/* The following are the possible values for ssl->state are are
- * used to indicate where we are up to in the SSL connection establishment.
- * The macros that follow are about the only things you should need to use
- * and even then, only when using non-blocking IO.
- * It can also be useful to work out where you were when the connection
- * failed */
-
-#define SSL_ST_CONNECT			0x1000
-#define SSL_ST_ACCEPT			0x2000
-#define SSL_ST_MASK			0x0FFF
-#define SSL_ST_INIT			(SSL_ST_CONNECT|SSL_ST_ACCEPT)
-#define SSL_ST_BEFORE			0x4000
-#define SSL_ST_OK			0x03
-#define SSL_ST_RENEGOTIATE		(0x04|SSL_ST_INIT)
-
-#define SSL_CB_LOOP			0x01
-#define SSL_CB_EXIT			0x02
-#define SSL_CB_READ			0x04
-#define SSL_CB_WRITE			0x08
-#define SSL_CB_ALERT			0x4000 /* used in callback */
-#define SSL_CB_READ_ALERT		(SSL_CB_ALERT|SSL_CB_READ)
-#define SSL_CB_WRITE_ALERT		(SSL_CB_ALERT|SSL_CB_WRITE)
-#define SSL_CB_ACCEPT_LOOP		(SSL_ST_ACCEPT|SSL_CB_LOOP)
-#define SSL_CB_ACCEPT_EXIT		(SSL_ST_ACCEPT|SSL_CB_EXIT)
-#define SSL_CB_CONNECT_LOOP		(SSL_ST_CONNECT|SSL_CB_LOOP)
-#define SSL_CB_CONNECT_EXIT		(SSL_ST_CONNECT|SSL_CB_EXIT)
-#define SSL_CB_HANDSHAKE_START		0x10
-#define SSL_CB_HANDSHAKE_DONE		0x20
-
-/* Is the SSL_connection established? */
-#define SSL_get_state(a)		SSL_state(a)
-#define SSL_is_init_finished(a)		(SSL_state(a) == SSL_ST_OK)
-#define SSL_in_init(a)			(SSL_state(a)&SSL_ST_INIT)
-#define SSL_in_before(a)		(SSL_state(a)&SSL_ST_BEFORE)
-#define SSL_in_connect_init(a)		(SSL_state(a)&SSL_ST_CONNECT)
-#define SSL_in_accept_init(a)		(SSL_state(a)&SSL_ST_ACCEPT)
-
-/* The following 2 states are kept in ssl->rstate when reads fail,
- * you should not need these */
-#define SSL_ST_READ_HEADER		0xF0
-#define SSL_ST_READ_BODY		0xF1
-#define SSL_ST_READ_DONE		0xF2
-
-/* Obtain latest Finished message
- *   -- that we sent (SSL_get_finished)
- *   -- that we expected from peer (SSL_get_peer_finished).
- * Returns length (0 == no Finished so far), copies up to 'count' bytes. */
-size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
-size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
-
-/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
- * are 'ored' with SSL_VERIFY_PEER if they are desired */
-#define SSL_VERIFY_NONE			0x00
-#define SSL_VERIFY_PEER			0x01
-#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT	0x02
-#define SSL_VERIFY_CLIENT_ONCE		0x04
-
-#define OpenSSL_add_ssl_algorithms()	SSL_library_init()
-#define SSLeay_add_ssl_algorithms()	SSL_library_init()
-
-/* More backward compatibility */
-#define SSL_get_cipher(s) \
-		SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_cipher_bits(s,np) \
-		SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
-#define SSL_get_cipher_version(s) \
-		SSL_CIPHER_get_version(SSL_get_current_cipher(s))
-#define SSL_get_cipher_name(s) \
-		SSL_CIPHER_get_name(SSL_get_current_cipher(s))
-#define SSL_get_time(a)		SSL_SESSION_get_time(a)
-#define SSL_set_time(a,b)	SSL_SESSION_set_time((a),(b))
-#define SSL_get_timeout(a)	SSL_SESSION_get_timeout(a)
-#define SSL_set_timeout(a,b)	SSL_SESSION_set_timeout((a),(b))
-
-#define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
-#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
-
-DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
-
-#define SSL_AD_REASON_OFFSET		1000 /* offset to get SSL_R_... value from SSL_AD_... */
-
-/* These alert types are for SSLv3 and TLSv1 */
-#define SSL_AD_CLOSE_NOTIFY		SSL3_AD_CLOSE_NOTIFY
-#define SSL_AD_UNEXPECTED_MESSAGE	SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
-#define SSL_AD_BAD_RECORD_MAC		SSL3_AD_BAD_RECORD_MAC     /* fatal */
-#define SSL_AD_DECRYPTION_FAILED	TLS1_AD_DECRYPTION_FAILED
-#define SSL_AD_RECORD_OVERFLOW		TLS1_AD_RECORD_OVERFLOW
-#define SSL_AD_DECOMPRESSION_FAILURE	SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
-#define SSL_AD_HANDSHAKE_FAILURE	SSL3_AD_HANDSHAKE_FAILURE/* fatal */
-#define SSL_AD_NO_CERTIFICATE		SSL3_AD_NO_CERTIFICATE /* Not for TLS */
-#define SSL_AD_BAD_CERTIFICATE		SSL3_AD_BAD_CERTIFICATE
-#define SSL_AD_UNSUPPORTED_CERTIFICATE	SSL3_AD_UNSUPPORTED_CERTIFICATE
-#define SSL_AD_CERTIFICATE_REVOKED	SSL3_AD_CERTIFICATE_REVOKED
-#define SSL_AD_CERTIFICATE_EXPIRED	SSL3_AD_CERTIFICATE_EXPIRED
-#define SSL_AD_CERTIFICATE_UNKNOWN	SSL3_AD_CERTIFICATE_UNKNOWN
-#define SSL_AD_ILLEGAL_PARAMETER	SSL3_AD_ILLEGAL_PARAMETER   /* fatal */
-#define SSL_AD_UNKNOWN_CA		TLS1_AD_UNKNOWN_CA	/* fatal */
-#define SSL_AD_ACCESS_DENIED		TLS1_AD_ACCESS_DENIED	/* fatal */
-#define SSL_AD_DECODE_ERROR		TLS1_AD_DECODE_ERROR	/* fatal */
-#define SSL_AD_DECRYPT_ERROR		TLS1_AD_DECRYPT_ERROR
-#define SSL_AD_EXPORT_RESTRICTION	TLS1_AD_EXPORT_RESTRICTION/* fatal */
-#define SSL_AD_PROTOCOL_VERSION		TLS1_AD_PROTOCOL_VERSION /* fatal */
-#define SSL_AD_INSUFFICIENT_SECURITY	TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
-#define SSL_AD_INTERNAL_ERROR		TLS1_AD_INTERNAL_ERROR	/* fatal */
-#define SSL_AD_INAPPROPRIATE_FALLBACK	TLS1_AD_INAPPROPRIATE_FALLBACK /* fatal */
-#define SSL_AD_USER_CANCELLED		TLS1_AD_USER_CANCELLED
-#define SSL_AD_NO_RENEGOTIATION		TLS1_AD_NO_RENEGOTIATION
-#define SSL_AD_UNSUPPORTED_EXTENSION	TLS1_AD_UNSUPPORTED_EXTENSION
-#define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
-#define SSL_AD_UNRECOGNIZED_NAME	TLS1_AD_UNRECOGNIZED_NAME
-#define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
-#define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
-#define SSL_AD_UNKNOWN_PSK_IDENTITY	TLS1_AD_UNKNOWN_PSK_IDENTITY /* fatal */
-
-#define SSL_ERROR_NONE			0
-#define SSL_ERROR_SSL			1
-#define SSL_ERROR_WANT_READ		2
-#define SSL_ERROR_WANT_WRITE		3
-#define SSL_ERROR_WANT_X509_LOOKUP	4
-#define SSL_ERROR_SYSCALL		5 /* look at error stack/return value/errno */
-#define SSL_ERROR_ZERO_RETURN		6
-#define SSL_ERROR_WANT_CONNECT		7
-#define SSL_ERROR_WANT_ACCEPT		8
-
-#define SSL_CTRL_NEED_TMP_RSA			1
-#define SSL_CTRL_SET_TMP_RSA			2
-#define SSL_CTRL_SET_TMP_DH			3
-#define SSL_CTRL_SET_TMP_ECDH			4
-#define SSL_CTRL_SET_TMP_RSA_CB			5
-#define SSL_CTRL_SET_TMP_DH_CB			6
-#define SSL_CTRL_SET_TMP_ECDH_CB		7
-
-#define SSL_CTRL_GET_SESSION_REUSED		8
-#define SSL_CTRL_GET_CLIENT_CERT_REQUEST	9
-#define SSL_CTRL_GET_NUM_RENEGOTIATIONS		10
-#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS	11
-#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS	12
-#define SSL_CTRL_GET_FLAGS			13
-#define SSL_CTRL_EXTRA_CHAIN_CERT		14
-
-#define SSL_CTRL_SET_MSG_CALLBACK               15
-#define SSL_CTRL_SET_MSG_CALLBACK_ARG           16
-
-/* only applies to datagram connections */
-#define SSL_CTRL_SET_MTU                17
-/* Stats */
-#define SSL_CTRL_SESS_NUMBER			20
-#define SSL_CTRL_SESS_CONNECT			21
-#define SSL_CTRL_SESS_CONNECT_GOOD		22
-#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE	23
-#define SSL_CTRL_SESS_ACCEPT			24
-#define SSL_CTRL_SESS_ACCEPT_GOOD		25
-#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE	26
-#define SSL_CTRL_SESS_HIT			27
-#define SSL_CTRL_SESS_CB_HIT			28
-#define SSL_CTRL_SESS_MISSES			29
-#define SSL_CTRL_SESS_TIMEOUTS			30
-#define SSL_CTRL_SESS_CACHE_FULL		31
-#define SSL_CTRL_OPTIONS			32
-#define SSL_CTRL_MODE				33
-
-#define SSL_CTRL_GET_READ_AHEAD			40
-#define SSL_CTRL_SET_READ_AHEAD			41
-#define SSL_CTRL_SET_SESS_CACHE_SIZE		42
-#define SSL_CTRL_GET_SESS_CACHE_SIZE		43
-#define SSL_CTRL_SET_SESS_CACHE_MODE		44
-#define SSL_CTRL_GET_SESS_CACHE_MODE		45
-
-#define SSL_CTRL_GET_MAX_CERT_LIST		50
-#define SSL_CTRL_SET_MAX_CERT_LIST		51
-
-#define SSL_CTRL_SET_MAX_SEND_FRAGMENT		52
-
-/* see tls1.h for macros based on these */
-#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB	53
-#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG	54
-#define SSL_CTRL_SET_TLSEXT_HOSTNAME		55
-#define SSL_CTRL_SET_TLSEXT_DEBUG_CB		56
-#define SSL_CTRL_SET_TLSEXT_DEBUG_ARG		57
-#define SSL_CTRL_GET_TLSEXT_TICKET_KEYS		58
-#define SSL_CTRL_SET_TLSEXT_TICKET_KEYS		59
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB	63
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG	64
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE	65
-#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS	66
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS	67
-#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS	68
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS	69
-#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP	70
-#define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP	71
-
-#define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB	72
-
-#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB	75
-#define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB		76
-#define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB		77
-
-#define SSL_CTRL_SET_SRP_ARG		78
-#define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME		79
-#define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH		80
-#define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD		81
-
-#define DTLS_CTRL_GET_TIMEOUT		73
-#define DTLS_CTRL_HANDLE_TIMEOUT	74
-#define DTLS_CTRL_LISTEN			75
-
-#define SSL_CTRL_GET_RI_SUPPORT			76
-#define SSL_CTRL_CLEAR_OPTIONS			77
-#define SSL_CTRL_CLEAR_MODE			78
-
-#define SSL_CTRL_GET_EXTRA_CHAIN_CERTS		82
-#define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS	83
-
-#define SSL_CTRL_SET_ECDH_AUTO				94
-
-#define SSL_CTRL_SET_DH_AUTO			118
-
-#define DTLSv1_get_timeout(ssl, arg) \
-	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
-#define DTLSv1_handle_timeout(ssl) \
-	SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
-#define DTLSv1_listen(ssl, peer) \
-	SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
-
-#define SSL_session_reused(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
-#define SSL_num_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_clear_num_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
-#define SSL_total_renegotiations(ssl) \
-	SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
-
-#define SSL_CTX_need_tmp_RSA(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_CTX_set_tmp_dh(ctx,dh) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-#define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-#define SSL_CTX_set_dh_auto(ctx, onoff) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
-#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-
-#define SSL_need_tmp_RSA(ssl) \
-	SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
-#define SSL_set_tmp_rsa(ssl,rsa) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
-#define SSL_set_tmp_dh(ssl,dh) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
-#define SSL_set_tmp_ecdh(ssl,ecdh) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
-#define SSL_set_dh_auto(s, onoff) \
-	SSL_ctrl(s,SSL_CTRL_SET_DH_AUTO,onoff,NULL)
-#define SSL_set_ecdh_auto(s, onoff) \
-	SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
-
-#define SSL_CTX_add_extra_chain_cert(ctx,x509) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
-#define SSL_CTX_get_extra_chain_certs(ctx,px509) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
-#define SSL_CTX_clear_extra_chain_certs(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
-
-#ifndef OPENSSL_NO_BIO
-BIO_METHOD *BIO_f_ssl(void);
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
-int BIO_ssl_copy_session_id(BIO *to, BIO *from);
-void BIO_ssl_shutdown(BIO *ssl_bio);
-#endif
-
-int	SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
-SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-void	SSL_CTX_free(SSL_CTX *);
-long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
-long SSL_CTX_get_timeout(const SSL_CTX *ctx);
-X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
-void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
-int SSL_want(const SSL *s);
-int	SSL_clear(SSL *s);
-
-void	SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
-
-const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
-const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id);
-const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value);
-int	SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
-char *	SSL_CIPHER_get_version(const SSL_CIPHER *c);
-const char *	SSL_CIPHER_get_name(const SSL_CIPHER *c);
-unsigned long 	SSL_CIPHER_get_id(const SSL_CIPHER *c);
-uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
-
-int	SSL_get_fd(const SSL *s);
-int	SSL_get_rfd(const SSL *s);
-int	SSL_get_wfd(const SSL *s);
-const char  * SSL_get_cipher_list(const SSL *s, int n);
-char *	SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
-int	SSL_get_read_ahead(const SSL * s);
-int	SSL_pending(const SSL *s);
-int	SSL_set_fd(SSL *s, int fd);
-int	SSL_set_rfd(SSL *s, int fd);
-int	SSL_set_wfd(SSL *s, int fd);
-#ifndef OPENSSL_NO_BIO
-void	SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
-BIO *	SSL_get_rbio(const SSL *s);
-BIO *	SSL_get_wbio(const SSL *s);
-#endif
-int	SSL_set_cipher_list(SSL *s, const char *str);
-void	SSL_set_read_ahead(SSL *s, int yes);
-int	SSL_get_verify_mode(const SSL *s);
-int	SSL_get_verify_depth(const SSL *s);
-int	(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *);
-void	SSL_set_verify(SSL *s, int mode,
-	    int (*callback)(int ok, X509_STORE_CTX *ctx));
-void	SSL_set_verify_depth(SSL *s, int depth);
-int	SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-int	SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
-int	SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
-int	SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len);
-int	SSL_use_certificate(SSL *ssl, X509 *x);
-int	SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
-
-int	SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
-int	SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
-int	SSL_use_certificate_file(SSL *ssl, const char *file, int type);
-int	SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
-int	SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */
-int	SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len);
-STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
-int	SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-	    const char *file);
-int	SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
-	    const char *dir);
-
-void	SSL_load_error_strings(void );
-const char *SSL_state_string(const SSL *s);
-const char *SSL_rstate_string(const SSL *s);
-const char *SSL_state_string_long(const SSL *s);
-const char *SSL_rstate_string_long(const SSL *s);
-long	SSL_SESSION_get_time(const SSL_SESSION *s);
-long	SSL_SESSION_set_time(SSL_SESSION *s, long t);
-long	SSL_SESSION_get_timeout(const SSL_SESSION *s);
-long	SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void	SSL_copy_session_id(SSL *to, const SSL *from);
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
-int
-SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
-unsigned int sid_ctx_len);
-
-SSL_SESSION *SSL_SESSION_new(void);
-const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
-	    unsigned int *len);
-unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
-int	SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
-#ifndef OPENSSL_NO_BIO
-int	SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
-#endif
-void	SSL_SESSION_free(SSL_SESSION *ses);
-int	i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
-int	SSL_set_session(SSL *to, SSL_SESSION *session);
-int	SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
-int	SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
-int	SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
-int	SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
-int	SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-	    unsigned int id_len);
-SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
-	    long length);
-
-#ifdef HEADER_X509_H
-X509 *	SSL_get_peer_certificate(const SSL *s);
-#endif
-
-STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
-
-int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
-int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
-void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
-    int (*callback)(int, X509_STORE_CTX *));
-void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
-void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *, void *), void *arg);
-int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
-int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len);
-int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
-int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, const unsigned char *d, long len);
-int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
-int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d);
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
-
-int SSL_CTX_check_private_key(const SSL_CTX *ctx);
-int SSL_check_private_key(const SSL *ctx);
-
-int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
-
-SSL *SSL_new(SSL_CTX *ctx);
-int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, unsigned int sid_ctx_len);
-
-int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
-int SSL_set_purpose(SSL *s, int purpose);
-int SSL_CTX_set_trust(SSL_CTX *s, int trust);
-int SSL_set_trust(SSL *s, int trust);
-
-int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
-int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
-
-
-void	SSL_free(SSL *ssl);
-int 	SSL_accept(SSL *ssl);
-int 	SSL_connect(SSL *ssl);
-int 	SSL_read(SSL *ssl, void *buf, int num);
-int 	SSL_peek(SSL *ssl, void *buf, int num);
-int 	SSL_write(SSL *ssl, const void *buf, int num);
-long	SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-long	SSL_callback_ctrl(SSL *, int, void (*)(void));
-long	SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
-long	SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
-
-int	SSL_get_error(const SSL *s, int ret_code);
-const char *SSL_get_version(const SSL *s);
-
-/* This sets the 'default' SSL version that SSL_new() will create */
-int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-
-const SSL_METHOD *SSLv23_method(void);		/* SSLv3 or TLSv1.* */
-const SSL_METHOD *SSLv23_server_method(void);	/* SSLv3 or TLSv1.* */
-const SSL_METHOD *SSLv23_client_method(void);	/* SSLv3 or TLSv1.* */
-
-const SSL_METHOD *TLSv1_method(void);		/* TLSv1.0 */
-const SSL_METHOD *TLSv1_server_method(void);	/* TLSv1.0 */
-const SSL_METHOD *TLSv1_client_method(void);	/* TLSv1.0 */
-
-const SSL_METHOD *TLSv1_1_method(void);		/* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_server_method(void);	/* TLSv1.1 */
-const SSL_METHOD *TLSv1_1_client_method(void);	/* TLSv1.1 */
-
-const SSL_METHOD *TLSv1_2_method(void);		/* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_server_method(void);	/* TLSv1.2 */
-const SSL_METHOD *TLSv1_2_client_method(void);	/* TLSv1.2 */
-
-const SSL_METHOD *TLS_method(void);		/* TLS v1.0 or later */
-const SSL_METHOD *TLS_server_method(void);	/* TLS v1.0 or later */
-const SSL_METHOD *TLS_client_method(void);	/* TLS v1.0 or later */
-
-const SSL_METHOD *DTLSv1_method(void);		/* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_server_method(void);	/* DTLSv1.0 */
-const SSL_METHOD *DTLSv1_client_method(void);	/* DTLSv1.0 */
-
-STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
-
-int SSL_do_handshake(SSL *s);
-int SSL_renegotiate(SSL *s);
-int SSL_renegotiate_abbreviated(SSL *s);
-int SSL_renegotiate_pending(SSL *s);
-int SSL_shutdown(SSL *s);
-
-const SSL_METHOD *SSL_get_ssl_method(SSL *s);
-int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
-const char *SSL_alert_type_string_long(int value);
-const char *SSL_alert_type_string(int value);
-const char *SSL_alert_desc_string_long(int value);
-const char *SSL_alert_desc_string(int value);
-
-void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
-STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
-STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
-int SSL_add_client_CA(SSL *ssl, X509 *x);
-int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
-
-void SSL_set_connect_state(SSL *s);
-void SSL_set_accept_state(SSL *s);
-
-long SSL_get_default_timeout(const SSL *s);
-
-int SSL_library_init(void );
-
-char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
-
-SSL *SSL_dup(SSL *ssl);
-
-X509 *SSL_get_certificate(const SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
-
-void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
-int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
-void SSL_set_quiet_shutdown(SSL *ssl,int mode);
-int SSL_get_quiet_shutdown(const SSL *ssl);
-void SSL_set_shutdown(SSL *ssl,int mode);
-int SSL_get_shutdown(const SSL *ssl);
-int SSL_version(const SSL *ssl);
-int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
-int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-    const char *CApath);
-int SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len);
-#define SSL_get0_session SSL_get_session /* just peek at pointer */
-SSL_SESSION *SSL_get_session(const SSL *ssl);
-SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
-SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
-SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx);
-void SSL_set_info_callback(SSL *ssl,
-    void (*cb)(const SSL *ssl, int type, int val));
-void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val);
-int SSL_state(const SSL *ssl);
-void SSL_set_state(SSL *ssl, int state);
-
-void SSL_set_verify_result(SSL *ssl, long v);
-long SSL_get_verify_result(const SSL *ssl);
-
-int SSL_set_ex_data(SSL *ssl, int idx, void *data);
-void *SSL_get_ex_data(const SSL *ssl, int idx);
-int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
-void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
-int SSL_SESSION_get_ex_new_index(long argl, void *argp,
-    CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
-    CRYPTO_EX_free *free_func);
-
-int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
-void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
-int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-
-int SSL_get_ex_data_X509_STORE_CTX_idx(void );
-
-#define SSL_CTX_sess_set_cache_size(ctx,t) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
-#define SSL_CTX_sess_get_cache_size(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
-#define SSL_CTX_set_session_cache_mode(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
-#define SSL_CTX_get_session_cache_mode(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
-
-#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
-#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
-#define SSL_CTX_get_read_ahead(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
-#define SSL_CTX_set_read_ahead(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
-#define SSL_CTX_get_max_cert_list(ctx) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-#define SSL_CTX_set_max_cert_list(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-#define SSL_get_max_cert_list(ssl) \
-	SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
-#define SSL_set_max_cert_list(ssl,m) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
-
-#define SSL_CTX_set_max_send_fragment(ctx,m) \
-	SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-#define SSL_set_max_send_fragment(ssl,m) \
-	SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
-
-/* NB: the keylength is only applicable when is_export is true */
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
-    RSA *(*cb)(SSL *ssl, int is_export, int keylength));
-
-void SSL_set_tmp_rsa_callback(SSL *ssl,
-    RSA *(*cb)(SSL *ssl, int is_export, int keylength));
-void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
-    DH *(*dh)(SSL *ssl, int is_export, int keylength));
-void SSL_set_tmp_dh_callback(SSL *ssl,
-    DH *(*dh)(SSL *ssl, int is_export, int keylength));
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
-    EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
-    EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
-
-const void *SSL_get_current_compression(SSL *s);
-const void *SSL_get_current_expansion(SSL *s);
-
-const char *SSL_COMP_get_name(const void *comp);
-void *SSL_COMP_get_compression_methods(void);
-int SSL_COMP_add_compression_method(int id, void *cm);
-
-/* TLS extensions functions */
-int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
-
-int SSL_set_session_ticket_ext_cb(SSL *s,
-    tls_session_ticket_ext_cb_fn cb, void *arg);
-
-/* Pre-shared secret session resumption functions */
-int SSL_set_session_secret_cb(SSL *s,
-    tls_session_secret_cb_fn tls_session_secret_cb, void *arg);
-
-void SSL_set_debug(SSL *s, int debug);
-int SSL_cache_hit(SSL *s);
-
-/* BEGIN ERROR CODES */
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-void ERR_load_SSL_strings(void);
-
-/* Error codes for the SSL functions. */
-
-/* Function codes. */
-#define SSL_F_CLIENT_CERTIFICATE			 100
-#define SSL_F_CLIENT_FINISHED				 167
-#define SSL_F_CLIENT_HELLO				 101
-#define SSL_F_CLIENT_MASTER_KEY				 102
-#define SSL_F_D2I_SSL_SESSION				 103
-#define SSL_F_DO_DTLS1_WRITE				 245
-#define SSL_F_DO_SSL3_WRITE				 104
-#define SSL_F_DTLS1_ACCEPT				 246
-#define SSL_F_DTLS1_ADD_CERT_TO_BUF			 295
-#define SSL_F_DTLS1_BUFFER_RECORD			 247
-#define SSL_F_DTLS1_CHECK_TIMEOUT_NUM			 316
-#define SSL_F_DTLS1_CLIENT_HELLO			 248
-#define SSL_F_DTLS1_CONNECT				 249
-#define SSL_F_DTLS1_ENC					 250
-#define SSL_F_DTLS1_GET_HELLO_VERIFY			 251
-#define SSL_F_DTLS1_GET_MESSAGE				 252
-#define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT		 253
-#define SSL_F_DTLS1_GET_RECORD				 254
-#define SSL_F_DTLS1_HANDLE_TIMEOUT			 297
-#define SSL_F_DTLS1_HEARTBEAT				 305
-#define SSL_F_DTLS1_OUTPUT_CERT_CHAIN			 255
-#define SSL_F_DTLS1_PREPROCESS_FRAGMENT			 288
-#define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE		 256
-#define SSL_F_DTLS1_PROCESS_RECORD			 257
-#define SSL_F_DTLS1_READ_BYTES				 258
-#define SSL_F_DTLS1_READ_FAILED				 259
-#define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST		 260
-#define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE		 261
-#define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE		 262
-#define SSL_F_DTLS1_SEND_CLIENT_VERIFY			 263
-#define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST		 264
-#define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE		 265
-#define SSL_F_DTLS1_SEND_SERVER_HELLO			 266
-#define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE		 267
-#define SSL_F_DTLS1_WRITE_APP_DATA_BYTES		 268
-#define SSL_F_GET_CLIENT_FINISHED			 105
-#define SSL_F_GET_CLIENT_HELLO				 106
-#define SSL_F_GET_CLIENT_MASTER_KEY			 107
-#define SSL_F_GET_SERVER_FINISHED			 108
-#define SSL_F_GET_SERVER_HELLO				 109
-#define SSL_F_GET_SERVER_VERIFY				 110
-#define SSL_F_I2D_SSL_SESSION				 111
-#define SSL_F_READ_N					 112
-#define SSL_F_REQUEST_CERTIFICATE			 113
-#define SSL_F_SERVER_FINISH				 239
-#define SSL_F_SERVER_HELLO				 114
-#define SSL_F_SERVER_VERIFY				 240
-#define SSL_F_SSL23_ACCEPT				 115
-#define SSL_F_SSL23_CLIENT_HELLO			 116
-#define SSL_F_SSL23_CONNECT				 117
-#define SSL_F_SSL23_GET_CLIENT_HELLO			 118
-#define SSL_F_SSL23_GET_SERVER_HELLO			 119
-#define SSL_F_SSL23_PEEK				 237
-#define SSL_F_SSL23_READ				 120
-#define SSL_F_SSL23_WRITE				 121
-#define SSL_F_SSL2_ACCEPT				 122
-#define SSL_F_SSL2_CONNECT				 123
-#define SSL_F_SSL2_ENC_INIT				 124
-#define SSL_F_SSL2_GENERATE_KEY_MATERIAL		 241
-#define SSL_F_SSL2_PEEK					 234
-#define SSL_F_SSL2_READ					 125
-#define SSL_F_SSL2_READ_INTERNAL			 236
-#define SSL_F_SSL2_SET_CERTIFICATE			 126
-#define SSL_F_SSL2_WRITE				 127
-#define SSL_F_SSL3_ACCEPT				 128
-#define SSL_F_SSL3_ADD_CERT_TO_BUF			 296
-#define SSL_F_SSL3_CALLBACK_CTRL			 233
-#define SSL_F_SSL3_CHANGE_CIPHER_STATE			 129
-#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM		 130
-#define SSL_F_SSL3_CHECK_CLIENT_HELLO			 304
-#define SSL_F_SSL3_CLIENT_HELLO				 131
-#define SSL_F_SSL3_CONNECT				 132
-#define SSL_F_SSL3_CTRL					 213
-#define SSL_F_SSL3_CTX_CTRL				 133
-#define SSL_F_SSL3_DIGEST_CACHED_RECORDS		 293
-#define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC		 292
-#define SSL_F_SSL3_ENC					 134
-#define SSL_F_SSL3_GENERATE_KEY_BLOCK			 238
-#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST		 135
-#define SSL_F_SSL3_GET_CERT_STATUS			 289
-#define SSL_F_SSL3_GET_CERT_VERIFY			 136
-#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE		 137
-#define SSL_F_SSL3_GET_CLIENT_HELLO			 138
-#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE		 139
-#define SSL_F_SSL3_GET_FINISHED				 140
-#define SSL_F_SSL3_GET_KEY_EXCHANGE			 141
-#define SSL_F_SSL3_GET_MESSAGE				 142
-#define SSL_F_SSL3_GET_NEW_SESSION_TICKET		 283
-#define SSL_F_SSL3_GET_NEXT_PROTO			 306
-#define SSL_F_SSL3_GET_RECORD				 143
-#define SSL_F_SSL3_GET_SERVER_CERTIFICATE		 144
-#define SSL_F_SSL3_GET_SERVER_DONE			 145
-#define SSL_F_SSL3_GET_SERVER_HELLO			 146
-#define SSL_F_SSL3_HANDSHAKE_MAC			 285
-#define SSL_F_SSL3_NEW_SESSION_TICKET			 287
-#define SSL_F_SSL3_OUTPUT_CERT_CHAIN			 147
-#define SSL_F_SSL3_PEEK					 235
-#define SSL_F_SSL3_READ_BYTES				 148
-#define SSL_F_SSL3_READ_N				 149
-#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST		 150
-#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE		 151
-#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE		 152
-#define SSL_F_SSL3_SEND_CLIENT_VERIFY			 153
-#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE		 154
-#define SSL_F_SSL3_SEND_SERVER_HELLO			 242
-#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE		 155
-#define SSL_F_SSL3_SETUP_KEY_BLOCK			 157
-#define SSL_F_SSL3_SETUP_READ_BUFFER			 156
-#define SSL_F_SSL3_SETUP_WRITE_BUFFER			 291
-#define SSL_F_SSL3_WRITE_BYTES				 158
-#define SSL_F_SSL3_WRITE_PENDING			 159
-#define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT	 298
-#define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT		 277
-#define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT		 307
-#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK	 215
-#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK	 216
-#define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT	 299
-#define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT		 278
-#define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT		 308
-#define SSL_F_SSL_BAD_METHOD				 160
-#define SSL_F_SSL_BYTES_TO_CIPHER_LIST			 161
-#define SSL_F_SSL_CERT_DUP				 221
-#define SSL_F_SSL_CERT_INST				 222
-#define SSL_F_SSL_CERT_INSTANTIATE			 214
-#define SSL_F_SSL_CERT_NEW				 162
-#define SSL_F_SSL_CHECK_PRIVATE_KEY			 163
-#define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT		 280
-#define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG		 279
-#define SSL_F_SSL_CIPHER_PROCESS_RULESTR		 230
-#define SSL_F_SSL_CIPHER_STRENGTH_SORT			 231
-#define SSL_F_SSL_CLEAR					 164
-#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD		 165
-#define SSL_F_SSL_CREATE_CIPHER_LIST			 166
-#define SSL_F_SSL_CTRL					 232
-#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY			 168
-#define SSL_F_SSL_CTX_MAKE_PROFILES			 309
-#define SSL_F_SSL_CTX_NEW				 169
-#define SSL_F_SSL_CTX_SET_CIPHER_LIST			 269
-#define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE		 290
-#define SSL_F_SSL_CTX_SET_PURPOSE			 226
-#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT		 219
-#define SSL_F_SSL_CTX_SET_SSL_VERSION			 170
-#define SSL_F_SSL_CTX_SET_TRUST				 229
-#define SSL_F_SSL_CTX_USE_CERTIFICATE			 171
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1		 172
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE	 220
-#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE		 173
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY			 174
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1		 175
-#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE		 176
-#define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT		 272
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY			 177
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1		 178
-#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE		 179
-#define SSL_F_SSL_DO_HANDSHAKE				 180
-#define SSL_F_SSL_GET_NEW_SESSION			 181
-#define SSL_F_SSL_GET_PREV_SESSION			 217
-#define SSL_F_SSL_GET_SERVER_SEND_CERT			 182
-#define SSL_F_SSL_GET_SERVER_SEND_PKEY			 317
-#define SSL_F_SSL_GET_SIGN_PKEY				 183
-#define SSL_F_SSL_INIT_WBIO_BUFFER			 184
-#define SSL_F_SSL_LOAD_CLIENT_CA_FILE			 185
-#define SSL_F_SSL_NEW					 186
-#define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT	 300
-#define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT		 302
-#define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT	 310
-#define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT	 301
-#define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT		 303
-#define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT	 311
-#define SSL_F_SSL_PEEK					 270
-#define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT		 281
-#define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT		 282
-#define SSL_F_SSL_READ					 223
-#define SSL_F_SSL_RSA_PRIVATE_DECRYPT			 187
-#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT			 188
-#define SSL_F_SSL_SESSION_NEW				 189
-#define SSL_F_SSL_SESSION_PRINT_FP			 190
-#define SSL_F_SSL_SESSION_SET1_ID_CONTEXT		 312
-#define SSL_F_SSL_SESS_CERT_NEW				 225
-#define SSL_F_SSL_SET_CERT				 191
-#define SSL_F_SSL_SET_CIPHER_LIST			 271
-#define SSL_F_SSL_SET_FD				 192
-#define SSL_F_SSL_SET_PKEY				 193
-#define SSL_F_SSL_SET_PURPOSE				 227
-#define SSL_F_SSL_SET_RFD				 194
-#define SSL_F_SSL_SET_SESSION				 195
-#define SSL_F_SSL_SET_SESSION_ID_CONTEXT		 218
-#define SSL_F_SSL_SET_SESSION_TICKET_EXT		 294
-#define SSL_F_SSL_SET_TRUST				 228
-#define SSL_F_SSL_SET_WFD				 196
-#define SSL_F_SSL_SHUTDOWN				 224
-#define SSL_F_SSL_SRP_CTX_INIT				 313
-#define SSL_F_SSL_UNDEFINED_CONST_FUNCTION		 243
-#define SSL_F_SSL_UNDEFINED_FUNCTION			 197
-#define SSL_F_SSL_UNDEFINED_VOID_FUNCTION		 244
-#define SSL_F_SSL_USE_CERTIFICATE			 198
-#define SSL_F_SSL_USE_CERTIFICATE_ASN1			 199
-#define SSL_F_SSL_USE_CERTIFICATE_FILE			 200
-#define SSL_F_SSL_USE_PRIVATEKEY			 201
-#define SSL_F_SSL_USE_PRIVATEKEY_ASN1			 202
-#define SSL_F_SSL_USE_PRIVATEKEY_FILE			 203
-#define SSL_F_SSL_USE_PSK_IDENTITY_HINT			 273
-#define SSL_F_SSL_USE_RSAPRIVATEKEY			 204
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1		 205
-#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE		 206
-#define SSL_F_SSL_VERIFY_CERT_CHAIN			 207
-#define SSL_F_SSL_WRITE					 208
-#define SSL_F_TLS1_AEAD_CTX_INIT			 339
-#define SSL_F_TLS1_CERT_VERIFY_MAC			 286
-#define SSL_F_TLS1_CHANGE_CIPHER_STATE			 209
-#define SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD		 340
-#define SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER		 338
-#define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT		 274
-#define SSL_F_TLS1_ENC					 210
-#define SSL_F_TLS1_EXPORT_KEYING_MATERIAL		 314
-#define SSL_F_TLS1_HEARTBEAT				 315
-#define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT		 275
-#define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT		 276
-#define SSL_F_TLS1_PRF					 284
-#define SSL_F_TLS1_SETUP_KEY_BLOCK			 211
-#define SSL_F_WRITE_PENDING				 212
-
-/* Reason codes. */
-#define SSL_R_APP_DATA_IN_HANDSHAKE			 100
-#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
-#define SSL_R_BAD_ALERT_RECORD				 101
-#define SSL_R_BAD_AUTHENTICATION_TYPE			 102
-#define SSL_R_BAD_CHANGE_CIPHER_SPEC			 103
-#define SSL_R_BAD_CHECKSUM				 104
-#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK		 106
-#define SSL_R_BAD_DECOMPRESSION				 107
-#define SSL_R_BAD_DH_G_LENGTH				 108
-#define SSL_R_BAD_DH_PUB_KEY_LENGTH			 109
-#define SSL_R_BAD_DH_P_LENGTH				 110
-#define SSL_R_BAD_DIGEST_LENGTH				 111
-#define SSL_R_BAD_DSA_SIGNATURE				 112
-#define SSL_R_BAD_ECC_CERT				 304
-#define SSL_R_BAD_ECDSA_SIGNATURE			 305
-#define SSL_R_BAD_ECPOINT				 306
-#define SSL_R_BAD_HANDSHAKE_LENGTH			 332
-#define SSL_R_BAD_HELLO_REQUEST				 105
-#define SSL_R_BAD_LENGTH				 271
-#define SSL_R_BAD_MAC_DECODE				 113
-#define SSL_R_BAD_MAC_LENGTH				 333
-#define SSL_R_BAD_MESSAGE_TYPE				 114
-#define SSL_R_BAD_PACKET_LENGTH				 115
-#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER		 116
-#define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH		 316
-#define SSL_R_BAD_RESPONSE_ARGUMENT			 117
-#define SSL_R_BAD_RSA_DECRYPT				 118
-#define SSL_R_BAD_RSA_ENCRYPT				 119
-#define SSL_R_BAD_RSA_E_LENGTH				 120
-#define SSL_R_BAD_RSA_MODULUS_LENGTH			 121
-#define SSL_R_BAD_RSA_SIGNATURE				 122
-#define SSL_R_BAD_SIGNATURE				 123
-#define SSL_R_BAD_SRP_A_LENGTH				 347
-#define SSL_R_BAD_SRP_B_LENGTH				 348
-#define SSL_R_BAD_SRP_G_LENGTH				 349
-#define SSL_R_BAD_SRP_N_LENGTH				 350
-#define SSL_R_BAD_SRP_S_LENGTH				 351
-#define SSL_R_BAD_SRTP_MKI_VALUE			 352
-#define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST		 353
-#define SSL_R_BAD_SSL_FILETYPE				 124
-#define SSL_R_BAD_SSL_SESSION_ID_LENGTH			 125
-#define SSL_R_BAD_STATE					 126
-#define SSL_R_BAD_WRITE_RETRY				 127
-#define SSL_R_BIO_NOT_SET				 128
-#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG			 129
-#define SSL_R_BN_LIB					 130
-#define SSL_R_CA_DN_LENGTH_MISMATCH			 131
-#define SSL_R_CA_DN_TOO_LONG				 132
-#define SSL_R_CCS_RECEIVED_EARLY			 133
-#define SSL_R_CERTIFICATE_VERIFY_FAILED			 134
-#define SSL_R_CERT_LENGTH_MISMATCH			 135
-#define SSL_R_CHALLENGE_IS_DIFFERENT			 136
-#define SSL_R_CIPHER_CODE_WRONG_LENGTH			 137
-#define SSL_R_CIPHER_COMPRESSION_UNAVAILABLE		 371
-#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE		 138
-#define SSL_R_CIPHER_TABLE_SRC_ERROR			 139
-#define SSL_R_CLIENTHELLO_TLSEXT			 226
-#define SSL_R_COMPRESSED_LENGTH_TOO_LONG		 140
-#define SSL_R_COMPRESSION_DISABLED			 343
-#define SSL_R_COMPRESSION_FAILURE			 141
-#define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE	 307
-#define SSL_R_COMPRESSION_LIBRARY_ERROR			 142
-#define SSL_R_CONNECTION_ID_IS_DIFFERENT		 143
-#define SSL_R_CONNECTION_TYPE_NOT_SET			 144
-#define SSL_R_COOKIE_MISMATCH				 308
-#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED		 145
-#define SSL_R_DATA_LENGTH_TOO_LONG			 146
-#define SSL_R_DECRYPTION_FAILED				 147
-#define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC	 281
-#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG		 148
-#define SSL_R_DIGEST_CHECK_FAILED			 149
-#define SSL_R_DTLS_MESSAGE_TOO_BIG			 334
-#define SSL_R_DUPLICATE_COMPRESSION_ID			 309
-#define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT		 317
-#define SSL_R_ECC_CERT_NOT_FOR_SIGNING			 318
-#define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE	 322
-#define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE	 323
-#define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER		 310
-#define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST	 354
-#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG			 150
-#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY		 282
-#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST		 151
-#define SSL_R_EXCESSIVE_MESSAGE_SIZE			 152
-#define SSL_R_EXTRA_DATA_IN_MESSAGE			 153
-#define SSL_R_GOT_A_FIN_BEFORE_A_CCS			 154
-#define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS		 355
-#define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION		 356
-#define SSL_R_HTTPS_PROXY_REQUEST			 155
-#define SSL_R_HTTP_REQUEST				 156
-#define SSL_R_ILLEGAL_PADDING				 283
-#define SSL_R_INAPPROPRIATE_FALLBACK			 373
-#define SSL_R_INCONSISTENT_COMPRESSION			 340
-#define SSL_R_INVALID_CHALLENGE_LENGTH			 158
-#define SSL_R_INVALID_COMMAND				 280
-#define SSL_R_INVALID_COMPRESSION_ALGORITHM		 341
-#define SSL_R_INVALID_PURPOSE				 278
-#define SSL_R_INVALID_SRP_USERNAME			 357
-#define SSL_R_INVALID_STATUS_RESPONSE			 328
-#define SSL_R_INVALID_TICKET_KEYS_LENGTH		 325
-#define SSL_R_INVALID_TRUST				 279
-#define SSL_R_KEY_ARG_TOO_LONG				 284
-#define SSL_R_KRB5					 285
-#define SSL_R_KRB5_C_CC_PRINC				 286
-#define SSL_R_KRB5_C_GET_CRED				 287
-#define SSL_R_KRB5_C_INIT				 288
-#define SSL_R_KRB5_C_MK_REQ				 289
-#define SSL_R_KRB5_S_BAD_TICKET				 290
-#define SSL_R_KRB5_S_INIT				 291
-#define SSL_R_KRB5_S_RD_REQ				 292
-#define SSL_R_KRB5_S_TKT_EXPIRED			 293
-#define SSL_R_KRB5_S_TKT_NYV				 294
-#define SSL_R_KRB5_S_TKT_SKEW				 295
-#define SSL_R_LENGTH_MISMATCH				 159
-#define SSL_R_LENGTH_TOO_SHORT				 160
-#define SSL_R_LIBRARY_BUG				 274
-#define SSL_R_LIBRARY_HAS_NO_CIPHERS			 161
-#define SSL_R_MESSAGE_TOO_LONG				 296
-#define SSL_R_MISSING_DH_DSA_CERT			 162
-#define SSL_R_MISSING_DH_KEY				 163
-#define SSL_R_MISSING_DH_RSA_CERT			 164
-#define SSL_R_MISSING_DSA_SIGNING_CERT			 165
-#define SSL_R_MISSING_EXPORT_TMP_DH_KEY			 166
-#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY		 167
-#define SSL_R_MISSING_RSA_CERTIFICATE			 168
-#define SSL_R_MISSING_RSA_ENCRYPTING_CERT		 169
-#define SSL_R_MISSING_RSA_SIGNING_CERT			 170
-#define SSL_R_MISSING_SRP_PARAM				 358
-#define SSL_R_MISSING_TMP_DH_KEY			 171
-#define SSL_R_MISSING_TMP_ECDH_KEY			 311
-#define SSL_R_MISSING_TMP_RSA_KEY			 172
-#define SSL_R_MISSING_TMP_RSA_PKEY			 173
-#define SSL_R_MISSING_VERIFY_MESSAGE			 174
-#define SSL_R_MULTIPLE_SGC_RESTARTS			 346
-#define SSL_R_NON_SSLV2_INITIAL_PACKET			 175
-#define SSL_R_NO_CERTIFICATES_RETURNED			 176
-#define SSL_R_NO_CERTIFICATE_ASSIGNED			 177
-#define SSL_R_NO_CERTIFICATE_RETURNED			 178
-#define SSL_R_NO_CERTIFICATE_SET			 179
-#define SSL_R_NO_CERTIFICATE_SPECIFIED			 180
-#define SSL_R_NO_CIPHERS_AVAILABLE			 181
-#define SSL_R_NO_CIPHERS_PASSED				 182
-#define SSL_R_NO_CIPHERS_SPECIFIED			 183
-#define SSL_R_NO_CIPHER_LIST				 184
-#define SSL_R_NO_CIPHER_MATCH				 185
-#define SSL_R_NO_CLIENT_CERT_METHOD			 331
-#define SSL_R_NO_CLIENT_CERT_RECEIVED			 186
-#define SSL_R_NO_COMPRESSION_SPECIFIED			 187
-#define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER		 330
-#define SSL_R_NO_METHOD_SPECIFIED			 188
-#define SSL_R_NO_PRIVATEKEY				 189
-#define SSL_R_NO_PRIVATE_KEY_ASSIGNED			 190
-#define SSL_R_NO_PROTOCOLS_AVAILABLE			 191
-#define SSL_R_NO_PUBLICKEY				 192
-#define SSL_R_NO_RENEGOTIATION				 339
-#define SSL_R_NO_REQUIRED_DIGEST			 324
-#define SSL_R_NO_SHARED_CIPHER				 193
-#define SSL_R_NO_SRTP_PROFILES				 359
-#define SSL_R_NO_VERIFY_CALLBACK			 194
-#define SSL_R_NULL_SSL_CTX				 195
-#define SSL_R_NULL_SSL_METHOD_PASSED			 196
-#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED		 197
-#define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
-#define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE		 297
-#define SSL_R_PACKET_LENGTH_TOO_LONG			 198
-#define SSL_R_PARSE_TLSEXT				 227
-#define SSL_R_PATH_TOO_LONG				 270
-#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE		 199
-#define SSL_R_PEER_ERROR				 200
-#define SSL_R_PEER_ERROR_CERTIFICATE			 201
-#define SSL_R_PEER_ERROR_NO_CERTIFICATE			 202
-#define SSL_R_PEER_ERROR_NO_CIPHER			 203
-#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE	 204
-#define SSL_R_PRE_MAC_LENGTH_TOO_LONG			 205
-#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS		 206
-#define SSL_R_PROTOCOL_IS_SHUTDOWN			 207
-#define SSL_R_PSK_IDENTITY_NOT_FOUND			 223
-#define SSL_R_PSK_NO_CLIENT_CB				 224
-#define SSL_R_PSK_NO_SERVER_CB				 225
-#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR			 208
-#define SSL_R_PUBLIC_KEY_IS_NOT_RSA			 209
-#define SSL_R_PUBLIC_KEY_NOT_RSA			 210
-#define SSL_R_READ_BIO_NOT_SET				 211
-#define SSL_R_READ_TIMEOUT_EXPIRED			 312
-#define SSL_R_READ_WRONG_PACKET_TYPE			 212
-#define SSL_R_RECORD_LENGTH_MISMATCH			 213
-#define SSL_R_RECORD_TOO_LARGE				 214
-#define SSL_R_RECORD_TOO_SMALL				 298
-#define SSL_R_RENEGOTIATE_EXT_TOO_LONG			 335
-#define SSL_R_RENEGOTIATION_ENCODING_ERR		 336
-#define SSL_R_RENEGOTIATION_MISMATCH			 337
-#define SSL_R_REQUIRED_CIPHER_MISSING			 215
-#define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING	 342
-#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO		 216
-#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO			 217
-#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO		 218
-#define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING		 345
-#define SSL_R_SERVERHELLO_TLSEXT			 275
-#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED		 277
-#define SSL_R_SHORT_READ				 219
-#define SSL_R_SIGNATURE_ALGORITHMS_ERROR		 360
-#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE	 220
-#define SSL_R_SRP_A_CALC				 361
-#define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES		 362
-#define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG	 363
-#define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE		 364
-#define SSL_R_SSL23_DOING_SESSION_ID_REUSE		 221
-#define SSL_R_SSL2_CONNECTION_ID_TOO_LONG		 299
-#define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT		 321
-#define SSL_R_SSL3_EXT_INVALID_SERVERNAME		 319
-#define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE		 320
-#define SSL_R_SSL3_SESSION_ID_TOO_LONG			 300
-#define SSL_R_SSL3_SESSION_ID_TOO_SHORT			 222
-#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		 1042
-#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		 1020
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		 1045
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		 1044
-#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		 1046
-#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE		 1030
-#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		 1040
-#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		 1047
-#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE		 1041
-#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		 1010
-#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	 1043
-#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION	 228
-#define SSL_R_SSL_HANDSHAKE_FAILURE			 229
-#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS		 230
-#define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED		 301
-#define SSL_R_SSL_SESSION_ID_CONFLICT			 302
-#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG		 273
-#define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH		 303
-#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT		 231
-#define SSL_R_TLSV1_ALERT_ACCESS_DENIED			 1049
-#define SSL_R_TLSV1_ALERT_DECODE_ERROR			 1050
-#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED		 1021
-#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR			 1051
-#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		 1060
-#define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK	 1086
-#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY		 1071
-#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR		 1080
-#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		 1100
-#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		 1070
-#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		 1022
-#define SSL_R_TLSV1_ALERT_UNKNOWN_CA			 1048
-#define SSL_R_TLSV1_ALERT_USER_CANCELLED		 1090
-#define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE		 1114
-#define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE	 1113
-#define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE		 1111
-#define SSL_R_TLSV1_UNRECOGNIZED_NAME			 1112
-#define SSL_R_TLSV1_UNSUPPORTED_EXTENSION		 1110
-#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER	 232
-#define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT		 365
-#define SSL_R_TLS_HEARTBEAT_PENDING			 366
-#define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL		 367
-#define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST		 157
-#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
-#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG	 234
-#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER		 235
-#define SSL_R_UNABLE_TO_DECODE_DH_CERTS			 236
-#define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS		 313
-#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY		 237
-#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS		 238
-#define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS		 314
-#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS	 239
-#define SSL_R_UNABLE_TO_FIND_SSL_METHOD			 240
-#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES		 241
-#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES		 242
-#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES		 243
-#define SSL_R_UNEXPECTED_MESSAGE			 244
-#define SSL_R_UNEXPECTED_RECORD				 245
-#define SSL_R_UNINITIALIZED				 276
-#define SSL_R_UNKNOWN_ALERT_TYPE			 246
-#define SSL_R_UNKNOWN_CERTIFICATE_TYPE			 247
-#define SSL_R_UNKNOWN_CIPHER_RETURNED			 248
-#define SSL_R_UNKNOWN_CIPHER_TYPE			 249
-#define SSL_R_UNKNOWN_DIGEST				 368
-#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE			 250
-#define SSL_R_UNKNOWN_PKEY_TYPE				 251
-#define SSL_R_UNKNOWN_PROTOCOL				 252
-#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE			 253
-#define SSL_R_UNKNOWN_SSL_VERSION			 254
-#define SSL_R_UNKNOWN_STATE				 255
-#define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED	 338
-#define SSL_R_UNSUPPORTED_CIPHER			 256
-#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 257
-#define SSL_R_UNSUPPORTED_DIGEST_TYPE			 326
-#define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE		 315
-#define SSL_R_UNSUPPORTED_PROTOCOL			 258
-#define SSL_R_UNSUPPORTED_SSL_VERSION			 259
-#define SSL_R_UNSUPPORTED_STATUS_TYPE			 329
-#define SSL_R_USE_SRTP_NOT_NEGOTIATED			 369
-#define SSL_R_WRITE_BIO_NOT_SET				 260
-#define SSL_R_WRONG_CIPHER_RETURNED			 261
-#define SSL_R_WRONG_CURVE				 378
-#define SSL_R_WRONG_MESSAGE_TYPE			 262
-#define SSL_R_WRONG_NUMBER_OF_KEY_BITS			 263
-#define SSL_R_WRONG_SIGNATURE_LENGTH			 264
-#define SSL_R_WRONG_SIGNATURE_SIZE			 265
-#define SSL_R_WRONG_SIGNATURE_TYPE			 370
-#define SSL_R_WRONG_SSL_VERSION				 266
-#define SSL_R_WRONG_VERSION_NUMBER			 267
-#define SSL_R_X509_LIB					 268
-#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS		 269
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/ssl/ssl2.h b/lib/libssl/src/ssl/ssl2.h
deleted file mode 100644
index 3a8d300729a..00000000000
--- a/lib/libssl/src/ssl/ssl2.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/* $OpenBSD: ssl2.h,v 1.12 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL2_H
-#define HEADER_SSL2_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* Protocol Version Codes */
-#define SSL2_VERSION		0x0002
-#define SSL2_VERSION_MAJOR	0x00
-#define SSL2_VERSION_MINOR	0x02
-/* #define SSL2_CLIENT_VERSION	0x0002 */
-/* #define SSL2_SERVER_VERSION	0x0002 */
-
-/* Protocol Message Codes */
-#define SSL2_MT_ERROR			0
-#define SSL2_MT_CLIENT_HELLO		1
-#define SSL2_MT_CLIENT_MASTER_KEY	2
-#define SSL2_MT_CLIENT_FINISHED		3
-#define SSL2_MT_SERVER_HELLO		4
-#define SSL2_MT_SERVER_VERIFY		5
-#define SSL2_MT_SERVER_FINISHED		6
-#define SSL2_MT_REQUEST_CERTIFICATE	7
-#define SSL2_MT_CLIENT_CERTIFICATE	8
-
-/* Error Message Codes */
-#define SSL2_PE_UNDEFINED_ERROR		0x0000
-#define SSL2_PE_NO_CIPHER		0x0001
-#define SSL2_PE_NO_CERTIFICATE		0x0002
-#define SSL2_PE_BAD_CERTIFICATE		0x0004
-#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
-
-/* Cipher Kind Values */
-#define SSL2_CK_NULL_WITH_MD5			0x02000000 /* v3 */
-#define SSL2_CK_RC4_128_WITH_MD5		0x02010080
-#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5	0x02020080
-#define SSL2_CK_RC2_128_CBC_WITH_MD5		0x02030080
-#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5	0x02040080
-#define SSL2_CK_IDEA_128_CBC_WITH_MD5		0x02050080
-#define SSL2_CK_DES_64_CBC_WITH_MD5		0x02060040
-#define SSL2_CK_DES_64_CBC_WITH_SHA		0x02060140 /* v3 */
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5	0x020700c0
-#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA	0x020701c0 /* v3 */
-#define SSL2_CK_RC4_64_WITH_MD5			0x02080080 /* MS hack */
-
-#define SSL2_CK_DES_64_CFB64_WITH_MD5_1		0x02ff0800 /* SSLeay */
-#define SSL2_CK_NULL				0x02ff0810 /* SSLeay */
-
-#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1	"DES-CFB-M1"
-#define SSL2_TXT_NULL_WITH_MD5			"NULL-MD5"
-#define SSL2_TXT_RC4_128_WITH_MD5		"RC4-MD5"
-#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5	"EXP-RC4-MD5"
-#define SSL2_TXT_RC2_128_CBC_WITH_MD5		"RC2-CBC-MD5"
-#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5	"EXP-RC2-CBC-MD5"
-#define SSL2_TXT_IDEA_128_CBC_WITH_MD5		"IDEA-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_MD5		"DES-CBC-MD5"
-#define SSL2_TXT_DES_64_CBC_WITH_SHA		"DES-CBC-SHA"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5	"DES-CBC3-MD5"
-#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA	"DES-CBC3-SHA"
-#define SSL2_TXT_RC4_64_WITH_MD5		"RC4-64-MD5"
-
-#define SSL2_TXT_NULL				"NULL"
-
-/* Flags for the SSL_CIPHER.algorithm2 field */
-#define SSL2_CF_5_BYTE_ENC			0x01
-#define SSL2_CF_8_BYTE_ENC			0x02
-
-/* Certificate Type Codes */
-#define SSL2_CT_X509_CERTIFICATE		0x01
-
-/* Authentication Type Code */
-#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION		0x01
-
-#define SSL2_MAX_SSL_SESSION_ID_LENGTH		32
-
-/* Upper/Lower Bounds */
-#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS	256
-#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER	32767u	/* 2^15-1 */
-#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER	16383	/* 2^14-1 */
-
-#define SSL2_CHALLENGE_LENGTH	16
-/*#define SSL2_CHALLENGE_LENGTH	32 */
-#define SSL2_MIN_CHALLENGE_LENGTH	16
-#define SSL2_MAX_CHALLENGE_LENGTH	32
-#define SSL2_CONNECTION_ID_LENGTH	16
-#define SSL2_MAX_CONNECTION_ID_LENGTH	16
-#define SSL2_SSL_SESSION_ID_LENGTH	16
-#define SSL2_MAX_CERT_CHALLENGE_LENGTH	32
-#define SSL2_MIN_CERT_CHALLENGE_LENGTH	16
-#define SSL2_MAX_KEY_MATERIAL_LENGTH	24
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/ssl/ssl23.h b/lib/libssl/src/ssl/ssl23.h
deleted file mode 100644
index 570e4b01714..00000000000
--- a/lib/libssl/src/ssl/ssl23.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/* $OpenBSD: ssl23.h,v 1.4 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef HEADER_SSL23_H
-#define HEADER_SSL23_H
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/*client */
-/* write to server */
-#define SSL23_ST_CW_CLNT_HELLO_A	(0x210|SSL_ST_CONNECT)
-#define SSL23_ST_CW_CLNT_HELLO_B	(0x211|SSL_ST_CONNECT)
-/* read from server */
-#define SSL23_ST_CR_SRVR_HELLO_A	(0x220|SSL_ST_CONNECT)
-#define SSL23_ST_CR_SRVR_HELLO_B	(0x221|SSL_ST_CONNECT)
-
-/* server */
-/* read from client */
-#define SSL23_ST_SR_CLNT_HELLO_A	(0x210|SSL_ST_ACCEPT)
-#define SSL23_ST_SR_CLNT_HELLO_B	(0x211|SSL_ST_ACCEPT)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/ssl/ssl3.h b/lib/libssl/src/ssl/ssl3.h
deleted file mode 100644
index 5ec2fe6f884..00000000000
--- a/lib/libssl/src/ssl/ssl3.h
+++ /dev/null
@@ -1,617 +0,0 @@
-/* $OpenBSD: ssl3.h,v 1.41 2015/07/19 06:23:51 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#ifndef HEADER_SSL3_H
-#define HEADER_SSL3_H
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/ssl.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-/* TLS_EMPTY_RENEGOTIATION_INFO_SCSV from RFC 5746. */
-#define SSL3_CK_SCSV				0x030000FF
-
-/* TLS_FALLBACK_SCSV from draft-ietf-tls-downgrade-scsv-03. */
-#define SSL3_CK_FALLBACK_SCSV			0x03005600
-
-#define SSL3_CK_RSA_NULL_MD5			0x03000001
-#define SSL3_CK_RSA_NULL_SHA			0x03000002
-#define SSL3_CK_RSA_RC4_40_MD5 			0x03000003
-#define SSL3_CK_RSA_RC4_128_MD5			0x03000004
-#define SSL3_CK_RSA_RC4_128_SHA			0x03000005
-#define SSL3_CK_RSA_RC2_40_MD5			0x03000006
-#define SSL3_CK_RSA_IDEA_128_SHA		0x03000007
-#define SSL3_CK_RSA_DES_40_CBC_SHA		0x03000008
-#define SSL3_CK_RSA_DES_64_CBC_SHA		0x03000009
-#define SSL3_CK_RSA_DES_192_CBC3_SHA		0x0300000A
-
-#define SSL3_CK_DH_DSS_DES_40_CBC_SHA		0x0300000B
-#define SSL3_CK_DH_DSS_DES_64_CBC_SHA		0x0300000C
-#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 	0x0300000D
-#define SSL3_CK_DH_RSA_DES_40_CBC_SHA		0x0300000E
-#define SSL3_CK_DH_RSA_DES_64_CBC_SHA		0x0300000F
-#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 	0x03000010
-
-#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA		0x03000011
-#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA		0x03000012
-#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA	0x03000013
-#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA		0x03000014
-#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA		0x03000015
-#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA	0x03000016
-
-#define SSL3_CK_ADH_RC4_40_MD5			0x03000017
-#define SSL3_CK_ADH_RC4_128_MD5			0x03000018
-#define SSL3_CK_ADH_DES_40_CBC_SHA		0x03000019
-#define SSL3_CK_ADH_DES_64_CBC_SHA		0x0300001A
-#define SSL3_CK_ADH_DES_192_CBC_SHA		0x0300001B
-
-/*    VRS Additional Kerberos5 entries
- */
-#define SSL3_CK_KRB5_DES_64_CBC_SHA		0x0300001E
-#define SSL3_CK_KRB5_DES_192_CBC3_SHA		0x0300001F
-#define SSL3_CK_KRB5_RC4_128_SHA		0x03000020
-#define SSL3_CK_KRB5_IDEA_128_CBC_SHA	       	0x03000021
-#define SSL3_CK_KRB5_DES_64_CBC_MD5       	0x03000022
-#define SSL3_CK_KRB5_DES_192_CBC3_MD5       	0x03000023
-#define SSL3_CK_KRB5_RC4_128_MD5	       	0x03000024
-#define SSL3_CK_KRB5_IDEA_128_CBC_MD5 		0x03000025
-
-#define SSL3_CK_KRB5_DES_40_CBC_SHA 		0x03000026
-#define SSL3_CK_KRB5_RC2_40_CBC_SHA 		0x03000027
-#define SSL3_CK_KRB5_RC4_40_SHA	 		0x03000028
-#define SSL3_CK_KRB5_DES_40_CBC_MD5 		0x03000029
-#define SSL3_CK_KRB5_RC2_40_CBC_MD5 		0x0300002A
-#define SSL3_CK_KRB5_RC4_40_MD5	 		0x0300002B
-
-#define SSL3_TXT_RSA_NULL_MD5			"NULL-MD5"
-#define SSL3_TXT_RSA_NULL_SHA			"NULL-SHA"
-#define SSL3_TXT_RSA_RC4_40_MD5 		"EXP-RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_MD5		"RC4-MD5"
-#define SSL3_TXT_RSA_RC4_128_SHA		"RC4-SHA"
-#define SSL3_TXT_RSA_RC2_40_MD5			"EXP-RC2-CBC-MD5"
-#define SSL3_TXT_RSA_IDEA_128_SHA		"IDEA-CBC-SHA"
-#define SSL3_TXT_RSA_DES_40_CBC_SHA		"EXP-DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_64_CBC_SHA		"DES-CBC-SHA"
-#define SSL3_TXT_RSA_DES_192_CBC3_SHA		"DES-CBC3-SHA"
-
-#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA		"EXP-DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA		"DH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA 	"DH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA		"EXP-DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA		"DH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA 	"DH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA		"EXP-EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA		"EDH-DSS-DES-CBC-SHA"
-#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA	"EDH-DSS-DES-CBC3-SHA"
-#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA		"EXP-EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA		"EDH-RSA-DES-CBC-SHA"
-#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA	"EDH-RSA-DES-CBC3-SHA"
-
-#define SSL3_TXT_ADH_RC4_40_MD5			"EXP-ADH-RC4-MD5"
-#define SSL3_TXT_ADH_RC4_128_MD5		"ADH-RC4-MD5"
-#define SSL3_TXT_ADH_DES_40_CBC_SHA		"EXP-ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_64_CBC_SHA		"ADH-DES-CBC-SHA"
-#define SSL3_TXT_ADH_DES_192_CBC_SHA		"ADH-DES-CBC3-SHA"
-
-#define SSL3_TXT_KRB5_DES_64_CBC_SHA		"KRB5-DES-CBC-SHA"
-#define SSL3_TXT_KRB5_DES_192_CBC3_SHA		"KRB5-DES-CBC3-SHA"
-#define SSL3_TXT_KRB5_RC4_128_SHA		"KRB5-RC4-SHA"
-#define SSL3_TXT_KRB5_IDEA_128_CBC_SHA	       	"KRB5-IDEA-CBC-SHA"
-#define SSL3_TXT_KRB5_DES_64_CBC_MD5       	"KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_DES_192_CBC3_MD5       	"KRB5-DES-CBC3-MD5"
-#define SSL3_TXT_KRB5_RC4_128_MD5		"KRB5-RC4-MD5"
-#define SSL3_TXT_KRB5_IDEA_128_CBC_MD5 		"KRB5-IDEA-CBC-MD5"
-
-#define SSL3_TXT_KRB5_DES_40_CBC_SHA 		"EXP-KRB5-DES-CBC-SHA"
-#define SSL3_TXT_KRB5_RC2_40_CBC_SHA 		"EXP-KRB5-RC2-CBC-SHA"
-#define SSL3_TXT_KRB5_RC4_40_SHA	 	"EXP-KRB5-RC4-SHA"
-#define SSL3_TXT_KRB5_DES_40_CBC_MD5 		"EXP-KRB5-DES-CBC-MD5"
-#define SSL3_TXT_KRB5_RC2_40_CBC_MD5 		"EXP-KRB5-RC2-CBC-MD5"
-#define SSL3_TXT_KRB5_RC4_40_MD5	 	"EXP-KRB5-RC4-MD5"
-
-#define SSL3_SSL_SESSION_ID_LENGTH		32
-#define SSL3_MAX_SSL_SESSION_ID_LENGTH		32
-
-#define SSL3_MASTER_SECRET_SIZE			48
-#define SSL3_RANDOM_SIZE			32
-#define SSL3_SEQUENCE_SIZE			8
-#define SSL3_SESSION_ID_SIZE			32
-#define SSL3_CIPHER_VALUE_SIZE			2
-
-#define SSL3_RT_HEADER_LENGTH			5
-#define SSL3_HM_HEADER_LENGTH			4
-
-#define SSL3_ALIGN_PAYLOAD			8
-
-/* This is the maximum MAC (digest) size used by the SSL library.
- * Currently maximum of 20 is used by SHA1, but we reserve for
- * future extension for 512-bit hashes.
- */
-
-#define SSL3_RT_MAX_MD_SIZE			64
-
-/* Maximum block size used in all ciphersuites. Currently 16 for AES.
- */
-
-#define	SSL_RT_MAX_CIPHER_BLOCK_SIZE		16
-
-#define SSL3_RT_MAX_EXTRA			(16384)
-
-/* Maximum plaintext length: defined by SSL/TLS standards */
-#define SSL3_RT_MAX_PLAIN_LENGTH		16384
-/* Maximum compression overhead: defined by SSL/TLS standards */
-#define SSL3_RT_MAX_COMPRESSED_OVERHEAD		1024
-
-/* The standards give a maximum encryption overhead of 1024 bytes.
- * In practice the value is lower than this. The overhead is the maximum
- * number of padding bytes (256) plus the mac size.
- */
-#define SSL3_RT_MAX_ENCRYPTED_OVERHEAD	(256 + SSL3_RT_MAX_MD_SIZE)
-
-/* OpenSSL currently only uses a padding length of at most one block so
- * the send overhead is smaller.
- */
-
-#define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
-			(SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
-
-/* If compression isn't used don't include the compression overhead */
-#define SSL3_RT_MAX_COMPRESSED_LENGTH		SSL3_RT_MAX_PLAIN_LENGTH
-#define SSL3_RT_MAX_ENCRYPTED_LENGTH	\
-		(SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
-#define SSL3_RT_MAX_PACKET_SIZE		\
-		(SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
-
-#define SSL3_MD_CLIENT_FINISHED_CONST	"\x43\x4C\x4E\x54"
-#define SSL3_MD_SERVER_FINISHED_CONST	"\x53\x52\x56\x52"
-
-#define SSL3_VERSION			0x0300
-#define SSL3_VERSION_MAJOR		0x03
-#define SSL3_VERSION_MINOR		0x00
-
-#define SSL3_RT_CHANGE_CIPHER_SPEC	20
-#define SSL3_RT_ALERT			21
-#define SSL3_RT_HANDSHAKE		22
-#define SSL3_RT_APPLICATION_DATA	23
-#define TLS1_RT_HEARTBEAT		24
-
-#define SSL3_AL_WARNING			1
-#define SSL3_AL_FATAL			2
-
-#define SSL3_AD_CLOSE_NOTIFY		 0
-#define SSL3_AD_UNEXPECTED_MESSAGE	10	/* fatal */
-#define SSL3_AD_BAD_RECORD_MAC		20	/* fatal */
-#define SSL3_AD_DECOMPRESSION_FAILURE	30	/* fatal */
-#define SSL3_AD_HANDSHAKE_FAILURE	40	/* fatal */
-#define SSL3_AD_NO_CERTIFICATE		41
-#define SSL3_AD_BAD_CERTIFICATE		42
-#define SSL3_AD_UNSUPPORTED_CERTIFICATE	43
-#define SSL3_AD_CERTIFICATE_REVOKED	44
-#define SSL3_AD_CERTIFICATE_EXPIRED	45
-#define SSL3_AD_CERTIFICATE_UNKNOWN	46
-#define SSL3_AD_ILLEGAL_PARAMETER	47	/* fatal */
-
-#define TLS1_HB_REQUEST		1
-#define TLS1_HB_RESPONSE	2
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl3_record_st {
-/*r */	int type;               /* type of record */
-/*rw*/	unsigned int length;    /* How many bytes available */
-/*r */	unsigned int off;       /* read/write offset into 'buf' */
-/*rw*/	unsigned char *data;    /* pointer to the record data */
-/*rw*/	unsigned char *input;   /* where the decode bytes are */
-/*r */  unsigned long epoch;    /* epoch number, needed by DTLS1 */
-/*r */  unsigned char seq_num[8]; /* sequence number, needed by DTLS1 */
-} SSL3_RECORD;
-
-typedef struct ssl3_buffer_st {
-	unsigned char *buf;	/* at least SSL3_RT_MAX_PACKET_SIZE bytes,
-	                         * see ssl3_setup_buffers() */
-	size_t len;		/* buffer size */
-	int offset;		/* where to 'copy from' */
-	int left;		/* how many bytes left */
-} SSL3_BUFFER;
-
-#endif
-
-#define SSL3_CT_RSA_SIGN			1
-#define SSL3_CT_DSS_SIGN			2
-#define SSL3_CT_RSA_FIXED_DH			3
-#define SSL3_CT_DSS_FIXED_DH			4
-#define SSL3_CT_RSA_EPHEMERAL_DH		5
-#define SSL3_CT_DSS_EPHEMERAL_DH		6
-#define SSL3_CT_FORTEZZA_DMS			20
-/* SSL3_CT_NUMBER is used to size arrays and it must be large
- * enough to contain all of the cert types defined either for
- * SSLv3 and TLSv1.
- */
-#define SSL3_CT_NUMBER			11
-
-
-#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS	0x0001
-#define SSL3_FLAGS_DELAY_CLIENT_FINISHED	0x0002
-#define SSL3_FLAGS_POP_BUFFER			0x0004
-#define TLS1_FLAGS_TLS_PADDING_BUG		0x0
-#define TLS1_FLAGS_SKIP_CERT_VERIFY		0x0010
-#define TLS1_FLAGS_KEEP_HANDSHAKE		0x0020
-#define SSL3_FLAGS_CCS_OK			0x0080
-
-#ifndef OPENSSL_NO_SSL_INTERN
-
-typedef struct ssl3_state_st {
-	long flags;
-	int delay_buf_pop_ret;
-
-	unsigned char read_sequence[SSL3_SEQUENCE_SIZE];
-	int read_mac_secret_size;
-	unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
-	unsigned char write_sequence[SSL3_SEQUENCE_SIZE];
-	int write_mac_secret_size;
-	unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
-
-	unsigned char server_random[SSL3_RANDOM_SIZE];
-	unsigned char client_random[SSL3_RANDOM_SIZE];
-
-	/* flags for countermeasure against known-IV weakness */
-	int need_empty_fragments;
-	int empty_fragment_done;
-
-	SSL3_BUFFER rbuf;	/* read IO goes into here */
-	SSL3_BUFFER wbuf;	/* write IO goes into here */
-
-	SSL3_RECORD rrec;	/* each decoded record goes in here */
-	SSL3_RECORD wrec;	/* goes out from here */
-
-	/* storage for Alert/Handshake protocol data received but not
-	 * yet processed by ssl3_read_bytes: */
-	unsigned char alert_fragment[2];
-	unsigned int alert_fragment_len;
-	unsigned char handshake_fragment[4];
-	unsigned int handshake_fragment_len;
-
-	/* partial write - check the numbers match */
-	unsigned int wnum;	/* number of bytes sent so far */
-	int wpend_tot;		/* number bytes written */
-	int wpend_type;
-	int wpend_ret;		/* number of bytes submitted */
-	const unsigned char *wpend_buf;
-
-	/* used during startup, digest all incoming/outgoing packets */
-	BIO *handshake_buffer;
-	/* When set of handshake digests is determined, buffer is hashed
-	 * and freed and MD_CTX-es for all required digests are stored in
-	 * this array */
-	EVP_MD_CTX **handshake_dgst;
-	/* this is set whenerver we see a change_cipher_spec message
-	 * come in when we are not looking for one */
-	int change_cipher_spec;
-
-	int warn_alert;
-	int fatal_alert;
-	/* we allow one fatal and one warning alert to be outstanding,
-	 * send close alert via the warning alert */
-	int alert_dispatch;
-	unsigned char send_alert[2];
-
-	/* This flag is set when we should renegotiate ASAP, basically when
-	 * there is no more data in the read or write buffers */
-	int renegotiate;
-	int total_renegotiations;
-	int num_renegotiations;
-
-	int in_read_app_data;
-
-	struct	{
-		/* actually only needs to be 16+20 */
-		unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2];
-
-		/* actually only need to be 16+20 for SSLv3 and 12 for TLS */
-		unsigned char finish_md[EVP_MAX_MD_SIZE*2];
-		int finish_md_len;
-		unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2];
-		int peer_finish_md_len;
-
-		unsigned long message_size;
-		int message_type;
-
-		/* used to hold the new cipher we are going to use */
-		const SSL_CIPHER *new_cipher;
-		DH *dh;
-
-		EC_KEY *ecdh; /* holds short lived ECDH key */
-
-		/* used when SSL_ST_FLUSH_DATA is entered */
-		int next_state;
-
-		int reuse_message;
-
-		/* used for certificate requests */
-		int cert_req;
-		int ctype_num;
-		char ctype[SSL3_CT_NUMBER];
-		STACK_OF(X509_NAME) *ca_names;
-
-		int key_block_length;
-		unsigned char *key_block;
-
-		const EVP_CIPHER *new_sym_enc;
-		const EVP_AEAD *new_aead;
-		const EVP_MD *new_hash;
-		int new_mac_pkey_type;
-		int new_mac_secret_size;
-		int cert_request;
-	} tmp;
-
-	/* Connection binding to prevent renegotiation attacks */
-	unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
-	unsigned char previous_client_finished_len;
-	unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
-	unsigned char previous_server_finished_len;
-	int send_connection_binding; /* TODOEKR */
-
-	/* Set if we saw the Next Protocol Negotiation extension from our peer.
-	 */
-	int next_proto_neg_seen;
-
-	/*
-	 * ALPN information
-	 * (we are in the process of transitioning from NPN to ALPN).
-	 */
-
-	/*
-	 * In a server these point to the selected ALPN protocol after the
-	 * ClientHello has been processed. In a client these contain the
-	 * protocol that the server selected once the ServerHello has been
-	 * processed.
-	 */
-	unsigned char *alpn_selected;
-	unsigned int alpn_selected_len;
-} SSL3_STATE;
-
-#endif
-
-/* SSLv3 */
-/*client */
-/* extra state */
-#define SSL3_ST_CW_FLUSH			(0x100|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CLNT_HELLO_A			(0x110|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CLNT_HELLO_B			(0x111|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_SRVR_HELLO_A			(0x120|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_HELLO_B			(0x121|SSL_ST_CONNECT)
-#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A	(0x126|SSL_ST_CONNECT)
-#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B	(0x127|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_A			(0x130|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_B			(0x131|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_A			(0x140|SSL_ST_CONNECT)
-#define SSL3_ST_CR_KEY_EXCH_B			(0x141|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_A			(0x150|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_REQ_B			(0x151|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_A			(0x160|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SRVR_DONE_B			(0x161|SSL_ST_CONNECT)
-/* write to server */
-#define SSL3_ST_CW_CERT_A			(0x170|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_B			(0x171|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_C			(0x172|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_D			(0x173|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_A			(0x180|SSL_ST_CONNECT)
-#define SSL3_ST_CW_KEY_EXCH_B			(0x181|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_A			(0x190|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CERT_VRFY_B			(0x191|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_A			(0x1A0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_CHANGE_B			(0x1A1|SSL_ST_CONNECT)
-#define SSL3_ST_CW_NEXT_PROTO_A			(0x200|SSL_ST_CONNECT)
-#define SSL3_ST_CW_NEXT_PROTO_B			(0x201|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_A			(0x1B0|SSL_ST_CONNECT)
-#define SSL3_ST_CW_FINISHED_B			(0x1B1|SSL_ST_CONNECT)
-/* read from server */
-#define SSL3_ST_CR_CHANGE_A			(0x1C0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CHANGE_B			(0x1C1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_A			(0x1D0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_FINISHED_B			(0x1D1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SESSION_TICKET_A		(0x1E0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_SESSION_TICKET_B		(0x1E1|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_STATUS_A		(0x1F0|SSL_ST_CONNECT)
-#define SSL3_ST_CR_CERT_STATUS_B		(0x1F1|SSL_ST_CONNECT)
-
-/* server */
-/* extra state */
-#define SSL3_ST_SW_FLUSH			(0x100|SSL_ST_ACCEPT)
-/* read from client */
-/* Do not change the number values, they do matter */
-#define SSL3_ST_SR_CLNT_HELLO_A			(0x110|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_B			(0x111|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CLNT_HELLO_C			(0x112|SSL_ST_ACCEPT)
-/* write to client */
-#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A	(0x113|SSL_ST_ACCEPT)
-#define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B	(0x114|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_A			(0x120|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_B			(0x121|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_HELLO_REQ_C			(0x122|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_A			(0x130|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_HELLO_B			(0x131|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_A			(0x140|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_B			(0x141|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_A			(0x150|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_KEY_EXCH_B			(0x151|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_A			(0x160|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_REQ_B			(0x161|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_A			(0x170|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SRVR_DONE_B			(0x171|SSL_ST_ACCEPT)
-/* read from client */
-#define SSL3_ST_SR_CERT_A			(0x180|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_B			(0x181|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_A			(0x190|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_KEY_EXCH_B			(0x191|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_A			(0x1A0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CERT_VRFY_B			(0x1A1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_A			(0x1B0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_CHANGE_B			(0x1B1|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_NEXT_PROTO_A			(0x210|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_NEXT_PROTO_B			(0x211|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_A			(0x1C0|SSL_ST_ACCEPT)
-#define SSL3_ST_SR_FINISHED_B			(0x1C1|SSL_ST_ACCEPT)
-/* write to client */
-#define SSL3_ST_SW_CHANGE_A			(0x1D0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CHANGE_B			(0x1D1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_A			(0x1E0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_FINISHED_B			(0x1E1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SESSION_TICKET_A		(0x1F0|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SESSION_TICKET_B		(0x1F1|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_STATUS_A		(0x200|SSL_ST_ACCEPT)
-#define SSL3_ST_SW_CERT_STATUS_B		(0x201|SSL_ST_ACCEPT)
-
-#define SSL3_MT_HELLO_REQUEST			0
-#define SSL3_MT_CLIENT_HELLO			1
-#define SSL3_MT_SERVER_HELLO			2
-#define	SSL3_MT_NEWSESSION_TICKET		4
-#define SSL3_MT_CERTIFICATE			11
-#define SSL3_MT_SERVER_KEY_EXCHANGE		12
-#define SSL3_MT_CERTIFICATE_REQUEST		13
-#define SSL3_MT_SERVER_DONE			14
-#define SSL3_MT_CERTIFICATE_VERIFY		15
-#define SSL3_MT_CLIENT_KEY_EXCHANGE		16
-#define SSL3_MT_FINISHED			20
-#define SSL3_MT_CERTIFICATE_STATUS		22
-
-#define SSL3_MT_NEXT_PROTO			67
-
-#define DTLS1_MT_HELLO_VERIFY_REQUEST		3
-
-#define SSL3_MT_CCS				1
-
-/* These are used when changing over to a new cipher */
-#define SSL3_CC_READ		0x01
-#define SSL3_CC_WRITE		0x02
-#define SSL3_CC_CLIENT		0x10
-#define SSL3_CC_SERVER		0x20
-#define SSL3_CHANGE_CIPHER_CLIENT_WRITE		(SSL3_CC_CLIENT|SSL3_CC_WRITE)
-#define SSL3_CHANGE_CIPHER_SERVER_READ		(SSL3_CC_SERVER|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_CLIENT_READ		(SSL3_CC_CLIENT|SSL3_CC_READ)
-#define SSL3_CHANGE_CIPHER_SERVER_WRITE		(SSL3_CC_SERVER|SSL3_CC_WRITE)
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/ssl/ssl_algs.c b/lib/libssl/src/ssl/ssl_algs.c
deleted file mode 100644
index 3010a735c96..00000000000
--- a/lib/libssl/src/ssl/ssl_algs.c
+++ /dev/null
@@ -1,131 +0,0 @@
-/* $OpenBSD: ssl_algs.c,v 1.22 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-
-int
-SSL_library_init(void)
-{
-
-#ifndef OPENSSL_NO_DES
-	EVP_add_cipher(EVP_des_cbc());
-	EVP_add_cipher(EVP_des_ede3_cbc());
-#endif
-#ifndef OPENSSL_NO_IDEA
-	EVP_add_cipher(EVP_idea_cbc());
-#endif
-#ifndef OPENSSL_NO_RC4
-	EVP_add_cipher(EVP_rc4());
-#if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
-	EVP_add_cipher(EVP_rc4_hmac_md5());
-#endif
-#endif
-#ifndef OPENSSL_NO_RC2
-	EVP_add_cipher(EVP_rc2_cbc());
-	/* Not actually used for SSL/TLS but this makes PKCS#12 work
-	 * if an application only calls SSL_library_init().
-	 */
-	EVP_add_cipher(EVP_rc2_40_cbc());
-#endif
-	EVP_add_cipher(EVP_aes_128_cbc());
-	EVP_add_cipher(EVP_aes_192_cbc());
-	EVP_add_cipher(EVP_aes_256_cbc());
-	EVP_add_cipher(EVP_aes_128_gcm());
-	EVP_add_cipher(EVP_aes_256_gcm());
-	EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
-	EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
-#ifndef OPENSSL_NO_CAMELLIA
-	EVP_add_cipher(EVP_camellia_128_cbc());
-	EVP_add_cipher(EVP_camellia_256_cbc());
-#endif
-#ifndef OPENSSL_NO_GOST
-	EVP_add_cipher(EVP_gost2814789_cfb64());
-	EVP_add_cipher(EVP_gost2814789_cnt());
-#endif
-
-	EVP_add_digest(EVP_md5());
-	EVP_add_digest_alias(SN_md5, "ssl2-md5");
-	EVP_add_digest_alias(SN_md5, "ssl3-md5");
-	EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
-	EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
-	EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
-	EVP_add_digest(EVP_sha224());
-	EVP_add_digest(EVP_sha256());
-	EVP_add_digest(EVP_sha384());
-	EVP_add_digest(EVP_sha512());
-	EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
-	EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
-	EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
-	EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
-	EVP_add_digest(EVP_ecdsa());
-#ifndef OPENSSL_NO_GOST
-	EVP_add_digest(EVP_gostr341194());
-	EVP_add_digest(EVP_gost2814789imit());
-	EVP_add_digest(EVP_streebog256());
-	EVP_add_digest(EVP_streebog512());
-#endif
-	/* initialize cipher/digest methods table */
-	ssl_load_ciphers();
-	return (1);
-}
-
diff --git a/lib/libssl/src/ssl/ssl_asn1.c b/lib/libssl/src/ssl/ssl_asn1.c
deleted file mode 100644
index ee00cb286d2..00000000000
--- a/lib/libssl/src/ssl/ssl_asn1.c
+++ /dev/null
@@ -1,691 +0,0 @@
-/* $OpenBSD: ssl_asn1.c,v 1.41 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-/* XXX - these are here to avoid including asn1_mac.h */
-int asn1_GetSequence(ASN1_const_CTX *c, long *length);
-void asn1_add_error(const unsigned char *address, int offset);
-
-typedef struct ssl_session_asn1_st {
-	ASN1_INTEGER version;
-	ASN1_INTEGER ssl_version;
-	ASN1_OCTET_STRING cipher;
-	ASN1_OCTET_STRING master_key;
-	ASN1_OCTET_STRING session_id;
-	ASN1_OCTET_STRING session_id_context;
-	ASN1_INTEGER time;
-	ASN1_INTEGER timeout;
-	ASN1_INTEGER verify_result;
-	ASN1_OCTET_STRING tlsext_hostname;
-	ASN1_INTEGER tlsext_tick_lifetime;
-	ASN1_OCTET_STRING tlsext_tick;
-} SSL_SESSION_ASN1;
-
-int
-i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
-{
-#define LSIZE2 (sizeof(long)*2)
-	int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v6 = 0, v9 = 0, v10 = 0;
-	unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
-	unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
-	unsigned char ibuf6[LSIZE2];
-	SSL_SESSION_ASN1 a;
-	unsigned char *p;
-	int len = 0, ret;
-	long l;
-
-	if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
-		return (0);
-
-	/*
-	 * Note that I cheat in the following 2 assignments.
-	 * I know that if the ASN1_INTEGER passed to ASN1_INTEGER_set
-	 * is > sizeof(long)+1, the buffer will not be re-malloc()ed.
-	 * This is a bit evil but makes things simple, no dynamic allocation
-	 * to clean up :-)
-	 */
-	a.version.length = LSIZE2;
-	a.version.type = V_ASN1_INTEGER;
-	a.version.data = ibuf1;
-	ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
-	len += i2d_ASN1_INTEGER(&(a.version), NULL);
-
-	a.ssl_version.length = LSIZE2;
-	a.ssl_version.type = V_ASN1_INTEGER;
-	a.ssl_version.data = ibuf2;
-	ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
-	len += i2d_ASN1_INTEGER(&(a.ssl_version), NULL);
-
-	a.cipher.length = 2;
-	a.cipher.type = V_ASN1_OCTET_STRING;
-	l = (in->cipher == NULL) ? in->cipher_id : in->cipher->id;
-	buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
-	buf[1] = ((unsigned char)(l)) & 0xff;
-	a.cipher.data = buf;
-	len += i2d_ASN1_OCTET_STRING(&(a.cipher), NULL);
-
-	a.master_key.length = in->master_key_length;
-	a.master_key.type = V_ASN1_OCTET_STRING;
-	a.master_key.data = in->master_key;
-	len += i2d_ASN1_OCTET_STRING(&(a.master_key), NULL);
-
-	a.session_id.length = in->session_id_length;
-	a.session_id.type = V_ASN1_OCTET_STRING;
-	a.session_id.data = in->session_id;
-	len += i2d_ASN1_OCTET_STRING(&(a.session_id), NULL);
-
-	if (in->time != 0L) {
-		a.time.length = LSIZE2;
-		a.time.type = V_ASN1_INTEGER;
-		a.time.data = ibuf3;
-		ASN1_INTEGER_set(&(a.time), in->time);	/* XXX 2038 */
-		v1 = i2d_ASN1_INTEGER(&(a.time), NULL);
-		len += ASN1_object_size(1, v1, 1);
-	}
-
-	if (in->timeout != 0L) {
-		a.timeout.length = LSIZE2;
-		a.timeout.type = V_ASN1_INTEGER;
-		a.timeout.data = ibuf4;
-		ASN1_INTEGER_set(&(a.timeout), in->timeout);
-		v2 = i2d_ASN1_INTEGER(&(a.timeout), NULL);
-		len += ASN1_object_size(1, v2, 2);
-	}
-
-	if (in->peer != NULL) {
-		v3 = i2d_X509(in->peer, NULL);
-		len += ASN1_object_size(1, v3, 3);
-	}
-
-	a.session_id_context.length = in->sid_ctx_length;
-	a.session_id_context.type = V_ASN1_OCTET_STRING;
-	a.session_id_context.data = in->sid_ctx;
-	v4 = i2d_ASN1_OCTET_STRING(&(a.session_id_context), NULL);
-	len += ASN1_object_size(1, v4, 4);
-
-	if (in->verify_result != X509_V_OK) {
-		a.verify_result.length = LSIZE2;
-		a.verify_result.type = V_ASN1_INTEGER;
-		a.verify_result.data = ibuf5;
-		ASN1_INTEGER_set(&a.verify_result, in->verify_result);
-		v5 = i2d_ASN1_INTEGER(&(a.verify_result), NULL);
-		len += ASN1_object_size(1, v5, 5);
-	}
-
-	if (in->tlsext_hostname) {
-		a.tlsext_hostname.length = strlen(in->tlsext_hostname);
-		a.tlsext_hostname.type = V_ASN1_OCTET_STRING;
-		a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname;
-		v6 = i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), NULL);
-		len += ASN1_object_size(1, v6, 6);
-	}
-
-	/* 7 - PSK identity hint. */
-	/* 8 - PSK identity. */
-
-	if (in->tlsext_tick_lifetime_hint > 0) {
-		a.tlsext_tick_lifetime.length = LSIZE2;
-		a.tlsext_tick_lifetime.type = V_ASN1_INTEGER;
-		a.tlsext_tick_lifetime.data = ibuf6;
-		ASN1_INTEGER_set(&a.tlsext_tick_lifetime,
-		    in->tlsext_tick_lifetime_hint);
-		v9 = i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), NULL);
-		len += ASN1_object_size(1, v9, 9);
-	}
-
-	if (in->tlsext_tick) {
-		a.tlsext_tick.length = in->tlsext_ticklen;
-		a.tlsext_tick.type = V_ASN1_OCTET_STRING;
-		a.tlsext_tick.data = (unsigned char *)in->tlsext_tick;
-		v10 = i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), NULL);
-		len += ASN1_object_size(1, v10, 10);
-	}
-
-	/* 11 - Compression method. */
-	/* 12 - SRP username. */
-
-	/* If given a NULL pointer, return the length only. */
-	ret = (ASN1_object_size(1, len, V_ASN1_SEQUENCE));
-	if (pp == NULL)
-		return (ret);
-
-	/* Burp out the ASN1. */
-	p = *pp;
-	ASN1_put_object(&p, 1, len, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-	i2d_ASN1_INTEGER(&(a.version), &p);
-	i2d_ASN1_INTEGER(&(a.ssl_version), &p);
-	i2d_ASN1_OCTET_STRING(&(a.cipher), &p);
-	i2d_ASN1_OCTET_STRING(&(a.session_id), &p);
-	i2d_ASN1_OCTET_STRING(&(a.master_key), &p);
-	if (in->time != 0L) {
-		ASN1_put_object(&p, 1, v1, 1, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_INTEGER(&(a.time), &p);
-	}
-	if (in->timeout != 0L) {
-		ASN1_put_object(&p, 1, v2, 2, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_INTEGER(&(a.timeout), &p);
-	}
-	if (in->peer != NULL) {
-		ASN1_put_object(&p, 1, v3, 3, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_X509(in->peer, &p);
-	}
-	ASN1_put_object(&p, 1, v4, 4, V_ASN1_CONTEXT_SPECIFIC);
-	i2d_ASN1_OCTET_STRING(&(a.session_id_context), &p);
-	if (in->verify_result != X509_V_OK) {
-		ASN1_put_object(&p, 1, v5, 5, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_INTEGER(&(a.verify_result), &p);
-	}
-	if (in->tlsext_hostname) {
-		ASN1_put_object(&p, 1, v6, 6, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), &p);
-	}
-	/* 7 - PSK identity hint. */
-	/* 8 - PSK identity. */
-	if (in->tlsext_tick_lifetime_hint > 0) {
-		ASN1_put_object(&p, 1, v9, 9, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), &p);
-	}
-	if (in->tlsext_tick) {
-		ASN1_put_object(&p, 1, v10, 10, V_ASN1_CONTEXT_SPECIFIC);
-		i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), &p);
-	}
-	/* 11 - Compression method. */
-	/* 12 - SRP username. */
-
-	*pp = p;
-	return (ret);
-}
-
-SSL_SESSION *
-d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
-{
-	SSL_SESSION *ret = NULL;
-	ASN1_const_CTX c;
-	ASN1_INTEGER ai, *aip;
-	ASN1_OCTET_STRING os, *osp;
-	int ssl_version = 0, i;
-	int Tinf, Ttag, Tclass;
-	long Tlen;
-	long id;
-
-	c.pp = pp;
-	c.p = *pp;
-	c.q = *pp;
-	c.max = (length == 0) ? 0 : (c.p + length);
-	c.slen = length;
-
-	if (a == NULL || *a == NULL) {
-		if ((ret = SSL_SESSION_new()) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-	} else
-		ret = *a;
-
-	aip = &ai;
-	osp = &os;
-
-	if (!asn1_GetSequence(&c, &length)) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-
-	ai.data = NULL;
-	ai.length = 0;
-	c.q = c.p;
-	if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	c.slen -= (c.p - c.q);
-
-	if (ai.data != NULL) {
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	}
-
-	/* we don't care about the version right now :-) */
-	c.q = c.p;
-	if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	c.slen -= (c.p - c.q);
-	ssl_version = (int)ASN1_INTEGER_get(aip);
-	ret->ssl_version = ssl_version;
-	if (ai.data != NULL) {
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	}
-
-	os.data = NULL;
-	os.length = 0;
-	c.q = c.p;
-	if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	c.slen -= (c.p - c.q);
-	if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
-		if (os.length != 2) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    SSL_R_CIPHER_CODE_WRONG_LENGTH);
-			goto err;
-		}
-		id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
-		    (unsigned long)os.data[1];
-	} else {
-		SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
-		goto err;
-	}
-
-	ret->cipher = NULL;
-	ret->cipher_id = id;
-
-	c.q = c.p;
-	if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	c.slen -= (c.p - c.q);
-
-	i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
-	if (os.length > i)
-		os.length = i;
-	if (os.length > (int)sizeof(ret->session_id)) /* can't happen */
-		os.length = sizeof(ret->session_id);
-
-	ret->session_id_length = os.length;
-	OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
-	memcpy(ret->session_id, os.data, os.length);
-
-	c.q = c.p;
-	if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-	c.slen -= (c.p - c.q);
-	if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
-		ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
-	else
-		ret->master_key_length = os.length;
-	memcpy(ret->master_key, os.data, ret->master_key_length);
-
-	os.length = 0;
-
-	/* 1 - Time (INTEGER). */
-	/* XXX 2038 */
-	ai.length = 0;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 1)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (ai.data != NULL) {
-		ret->time = ASN1_INTEGER_get(aip);
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	} else
-		ret->time = time(NULL);
-
-	/* 2 - Timeout (INTEGER). */
-	ai.length = 0;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 2)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (ai.data != NULL) {
-		ret->timeout = ASN1_INTEGER_get(aip);
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	} else
-		ret->timeout = 3;
-
-	/* 3 - Peer (X509). */
-	X509_free(ret->peer);
-	ret->peer = NULL;
-
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 3)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-
-	/* 4 - Session ID (OCTET STRING). */
-	os.length = 0;
-	free(os.data);
-	os.data = NULL;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (os.data != NULL) {
-		if (os.length > SSL_MAX_SID_CTX_LENGTH) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
-			goto err;
-		} else {
-			ret->sid_ctx_length = os.length;
-			memcpy(ret->sid_ctx, os.data, os.length);
-		}
-		free(os.data);
-		os.data = NULL;
-		os.length = 0;
-	} else
-		ret->sid_ctx_length = 0;
-
-	/* 5 - Verify_result. */
-	ai.length = 0;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 5)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (ai.data != NULL) {
-		ret->verify_result = ASN1_INTEGER_get(aip);
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	} else
-		ret->verify_result = X509_V_OK;
-
-	/* 6 - HostName (OCTET STRING). */
-	os.length = 0;
-	os.data = NULL;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 6)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (os.data) {
-		ret->tlsext_hostname = strndup((char *)os.data, os.length);
-		free(os.data);
-		os.data = NULL;
-		os.length = 0;
-	} else
-		ret->tlsext_hostname = NULL;
-
-	/* 7 - PSK identity hint (OCTET STRING). */
-	/* 8 - PSK identity (OCTET STRING). */
-
-	/* 9 - Ticket lifetime. */
-	ai.length = 0;
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 9)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (ai.data != NULL) {
-		ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip);
-		free(ai.data);
-		ai.data = NULL;
-		ai.length = 0;
-	} else if (ret->tlsext_ticklen && ret->session_id_length)
-		ret->tlsext_tick_lifetime_hint = -1;
-	else
-		ret->tlsext_tick_lifetime_hint = 0;
-	os.length = 0;
-	os.data = NULL;
-
-	/* 10 - Ticket (OCTET STRING). */
-	if (c.slen != 0L &&
-	    *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 10)) {
-		c.q = c.p;
-		Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
-		if (Tinf & 0x80) {
-			SSLerr(SSL_F_D2I_SSL_SESSION,
-			    ERR_R_BAD_ASN1_OBJECT_HEADER);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1))
-			Tlen = c.slen - (c.p - c.q) - 2;
-		if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
-			SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-			goto err;
-		}
-		if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
-			Tlen = c.slen - (c.p - c.q);
-			if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
-				SSLerr(SSL_F_D2I_SSL_SESSION,
-				    ERR_R_MISSING_ASN1_EOS);
-				goto err;
-			}
-		}
-		c.slen -= (c.p - c.q);
-	}
-	if (os.data) {
-		ret->tlsext_tick = os.data;
-		ret->tlsext_ticklen = os.length;
-		os.data = NULL;
-		os.length = 0;
-	} else
-		ret->tlsext_tick = NULL;
-
-	/* 11 - Compression method (OCTET STRING). */
-	/* 12 - SRP username (OCTET STRING). */
-
-	if (!asn1_const_Finish(&c)) {
-		SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
-		goto err;
-	}
-
-	*pp = c.p;
-	if (a != NULL)
-		*a = ret;
-
-	return (ret);
-
-err:
-	ERR_asprintf_error_data("offset=%d", (int)(c.q - *pp));
-	if (ret != NULL && (a == NULL || *a != ret))
-		SSL_SESSION_free(ret);
-
-	return (NULL);
-}
diff --git a/lib/libssl/src/ssl/ssl_cert.c b/lib/libssl/src/ssl/ssl_cert.c
deleted file mode 100644
index 7e92812e56a..00000000000
--- a/lib/libssl/src/ssl/ssl_cert.c
+++ /dev/null
@@ -1,722 +0,0 @@
-/* $OpenBSD: ssl_cert.c,v 1.52 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-
-#include <sys/types.h>
-
-#include <dirent.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#include <openssl/bio.h>
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/opensslconf.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
-
-#include "ssl_locl.h"
-
-int
-SSL_get_ex_data_X509_STORE_CTX_idx(void)
-{
-	static volatile int ssl_x509_store_ctx_idx = -1;
-	int got_write_lock = 0;
-
-	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-
-	if (ssl_x509_store_ctx_idx < 0) {
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-		got_write_lock = 1;
-
-		if (ssl_x509_store_ctx_idx < 0) {
-			ssl_x509_store_ctx_idx =
-			    X509_STORE_CTX_get_ex_new_index(
-				0, "SSL for verify callback", NULL, NULL, NULL);
-		}
-	}
-
-	if (got_write_lock)
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	else
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-
-	return ssl_x509_store_ctx_idx;
-}
-
-static void
-ssl_cert_set_default_md(CERT *cert)
-{
-	/* Set digest values to defaults */
-	cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
-	cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
-	cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
-	cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-#ifndef OPENSSL_NO_GOST
-	cert->pkeys[SSL_PKEY_GOST01].digest = EVP_gostr341194();
-#endif
-}
-
-CERT *
-ssl_cert_new(void)
-{
-	CERT *ret;
-
-	ret = calloc(1, sizeof(CERT));
-	if (ret == NULL) {
-		SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-	ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
-	ret->references = 1;
-	ssl_cert_set_default_md(ret);
-	return (ret);
-}
-
-CERT *
-ssl_cert_dup(CERT *cert)
-{
-	CERT *ret;
-	int i;
-
-	ret = calloc(1, sizeof(CERT));
-	if (ret == NULL) {
-		SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
-		return (NULL);
-	}
-
-	/*
-	 * same as ret->key = ret->pkeys + (cert->key - cert->pkeys),
-	 * if you find that more readable
-	 */
-	ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
-
-	ret->valid = cert->valid;
-	ret->mask_k = cert->mask_k;
-	ret->mask_a = cert->mask_a;
-
-	if (cert->dh_tmp != NULL) {
-		ret->dh_tmp = DHparams_dup(cert->dh_tmp);
-		if (ret->dh_tmp == NULL) {
-			SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
-			goto err;
-		}
-		if (cert->dh_tmp->priv_key) {
-			BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
-			if (!b) {
-				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-				goto err;
-			}
-			ret->dh_tmp->priv_key = b;
-		}
-		if (cert->dh_tmp->pub_key) {
-			BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
-			if (!b) {
-				SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
-				goto err;
-			}
-			ret->dh_tmp->pub_key = b;
-		}
-	}
-	ret->dh_tmp_cb = cert->dh_tmp_cb;
-	ret->dh_tmp_auto = cert->dh_tmp_auto;
-
-	if (cert->ecdh_tmp) {
-		ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
-		if (ret->ecdh_tmp == NULL) {
-			SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-	ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
-	ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
-
-	for (i = 0; i < SSL_PKEY_NUM; i++) {
-		if (cert->pkeys[i].x509 != NULL) {
-			ret->pkeys[i].x509 = cert->pkeys[i].x509;
-			CRYPTO_add(&ret->pkeys[i].x509->references, 1,
-			CRYPTO_LOCK_X509);
-		}
-
-		if (cert->pkeys[i].privatekey != NULL) {
-			ret->pkeys[i].privatekey = cert->pkeys[i].privatekey;
-			CRYPTO_add(&ret->pkeys[i].privatekey->references, 1,
-			CRYPTO_LOCK_EVP_PKEY);
-
-			switch (i) {
-				/*
-				 * If there was anything special to do for
-				 * certain types of keys, we'd do it here.
-				 * (Nothing at the moment, I think.)
-				 */
-
-			case SSL_PKEY_RSA_ENC:
-			case SSL_PKEY_RSA_SIGN:
-				/* We have an RSA key. */
-				break;
-
-			case SSL_PKEY_DSA_SIGN:
-				/* We have a DSA key. */
-				break;
-
-			case SSL_PKEY_DH_RSA:
-			case SSL_PKEY_DH_DSA:
-				/* We have a DH key. */
-				break;
-
-			case SSL_PKEY_ECC:
-				/* We have an ECC key */
-				break;
-
-			default:
-				/* Can't happen. */
-				SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG);
-			}
-		}
-	}
-
-	/*
-	 * ret->extra_certs *should* exist, but currently the own certificate
-	 * chain is held inside SSL_CTX
-	 */
-
-	ret->references = 1;
-	/*
-	 * Set digests to defaults. NB: we don't copy existing values
-	 * as they will be set during handshake.
-	 */
-	ssl_cert_set_default_md(ret);
-
-	return (ret);
-
-err:
-	DH_free(ret->dh_tmp);
-	EC_KEY_free(ret->ecdh_tmp);
-
-	for (i = 0; i < SSL_PKEY_NUM; i++) {
-		X509_free(ret->pkeys[i].x509);
-		EVP_PKEY_free(ret->pkeys[i].privatekey);
-	}
-	free (ret);
-	return NULL;
-}
-
-
-void
-ssl_cert_free(CERT *c)
-{
-	int i;
-
-	if (c == NULL)
-		return;
-
-	i = CRYPTO_add(&c->references, -1, CRYPTO_LOCK_SSL_CERT);
-	if (i > 0)
-		return;
-
-	DH_free(c->dh_tmp);
-	EC_KEY_free(c->ecdh_tmp);
-
-	for (i = 0; i < SSL_PKEY_NUM; i++) {
-		X509_free(c->pkeys[i].x509);
-		EVP_PKEY_free(c->pkeys[i].privatekey);
-	}
-
-	free(c);
-}
-
-int
-ssl_cert_inst(CERT **o)
-{
-	/*
-	 * Create a CERT if there isn't already one
-	 * (which cannot really happen, as it is initially created in
-	 * SSL_CTX_new; but the earlier code usually allows for that one
-	 * being non-existant, so we follow that behaviour, as it might
-	 * turn out that there actually is a reason for it -- but I'm
-	 * not sure that *all* of the existing code could cope with
-	 * s->cert being NULL, otherwise we could do without the
-	 * initialization in SSL_CTX_new).
-	 */
-
-	if (o == NULL) {
-		SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (*o == NULL) {
-		if ((*o = ssl_cert_new()) == NULL) {
-			SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
-			return (0);
-		}
-	}
-	return (1);
-}
-
-
-SESS_CERT *
-ssl_sess_cert_new(void)
-{
-	SESS_CERT *ret;
-
-	ret = calloc(1, sizeof *ret);
-	if (ret == NULL) {
-		SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
-	ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
-	ret->references = 1;
-
-	return ret;
-}
-
-void
-ssl_sess_cert_free(SESS_CERT *sc)
-{
-	int i;
-
-	if (sc == NULL)
-		return;
-
-	i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
-	if (i > 0)
-		return;
-
-	/* i == 0 */
-	if (sc->cert_chain != NULL)
-		sk_X509_pop_free(sc->cert_chain, X509_free);
-	for (i = 0; i < SSL_PKEY_NUM; i++)
-		X509_free(sc->peer_pkeys[i].x509);
-
-	DH_free(sc->peer_dh_tmp);
-	EC_KEY_free(sc->peer_ecdh_tmp);
-
-	free(sc);
-}
-
-int
-ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
-{
-	X509_STORE_CTX ctx;
-	X509 *x;
-	int ret;
-
-	if ((sk == NULL) || (sk_X509_num(sk) == 0))
-		return (0);
-
-	x = sk_X509_value(sk, 0);
-	if (!X509_STORE_CTX_init(&ctx, s->ctx->cert_store, x, sk)) {
-		SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
-		return (0);
-	}
-	X509_STORE_CTX_set_ex_data(&ctx,
-	    SSL_get_ex_data_X509_STORE_CTX_idx(), s);
-
-	/*
-	 * We need to inherit the verify parameters. These can be
-	 * determined by the context: if its a server it will verify
-	 * SSL client certificates or vice versa.
-	 */
-	X509_STORE_CTX_set_default(&ctx,
-	    s->server ? "ssl_client" : "ssl_server");
-
-	/*
-	 * Anything non-default in "param" should overwrite anything
-	 * in the ctx.
-	 */
-	X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
-
-	if (s->verify_callback)
-		X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
-
-	if (s->ctx->app_verify_callback != NULL)
-		ret = s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
-	else
-		ret = X509_verify_cert(&ctx);
-
-	s->verify_result = ctx.error;
-	X509_STORE_CTX_cleanup(&ctx);
-
-	return (ret);
-}
-
-static void
-set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
-    STACK_OF(X509_NAME) *name_list)
-{
-	if (*ca_list != NULL)
-		sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
-
-	*ca_list = name_list;
-}
-
-STACK_OF(X509_NAME) *
-SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
-{
-	int i;
-	STACK_OF(X509_NAME) *ret;
-	X509_NAME *name;
-
-	ret = sk_X509_NAME_new_null();
-	for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-		name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
-		if ((name == NULL) || !sk_X509_NAME_push(ret, name)) {
-			sk_X509_NAME_pop_free(ret, X509_NAME_free);
-			return (NULL);
-		}
-	}
-	return (ret);
-}
-
-void
-SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
-{
-	set_client_CA_list(&(s->client_CA), name_list);
-}
-
-void
-SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
-{
-	set_client_CA_list(&(ctx->client_CA), name_list);
-}
-
-STACK_OF(X509_NAME) *
-SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
-{
-	return (ctx->client_CA);
-}
-
-STACK_OF(X509_NAME) *
-SSL_get_client_CA_list(const SSL *s)
-{
-	if (s->type == SSL_ST_CONNECT) {
-		/* We are in the client. */
-		if (((s->version >> 8) == SSL3_VERSION_MAJOR) &&
-		    (s->s3 != NULL))
-			return (s->s3->tmp.ca_names);
-		else
-			return (NULL);
-	} else {
-		if (s->client_CA != NULL)
-			return (s->client_CA);
-		else
-			return (s->ctx->client_CA);
-	}
-}
-
-static int
-add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
-{
-	X509_NAME *name;
-
-	if (x == NULL)
-		return (0);
-	if ((*sk == NULL) && ((*sk = sk_X509_NAME_new_null()) == NULL))
-		return (0);
-
-	if ((name = X509_NAME_dup(X509_get_subject_name(x))) == NULL)
-		return (0);
-
-	if (!sk_X509_NAME_push(*sk, name)) {
-		X509_NAME_free(name);
-		return (0);
-	}
-	return (1);
-}
-
-int
-SSL_add_client_CA(SSL *ssl, X509 *x)
-{
-	return (add_client_CA(&(ssl->client_CA), x));
-}
-
-int
-SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
-{
-	return (add_client_CA(&(ctx->client_CA), x));
-}
-
-static int
-xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
-{
-	return (X509_NAME_cmp(*a, *b));
-}
-
-/*!
- * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
- * it doesn't really have anything to do with clients (except that a common use
- * for a stack of CAs is to send it to the client). Actually, it doesn't have
- * much to do with CAs, either, since it will load any old cert.
- * \param file the file containing one or more certs.
- * \return a ::STACK containing the certs.
- */
-STACK_OF(X509_NAME) *
-SSL_load_client_CA_file(const char *file)
-{
-	BIO *in;
-	X509 *x = NULL;
-	X509_NAME *xn = NULL;
-	STACK_OF(X509_NAME) *ret = NULL, *sk;
-
-	sk = sk_X509_NAME_new(xname_cmp);
-
-	in = BIO_new(BIO_s_file_internal());
-
-	if ((sk == NULL) || (in == NULL)) {
-		SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!BIO_read_filename(in, file))
-		goto err;
-
-	for (;;) {
-		if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
-			break;
-		if (ret == NULL) {
-			ret = sk_X509_NAME_new_null();
-			if (ret == NULL) {
-				SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-		if ((xn = X509_get_subject_name(x)) == NULL) goto err;
-			/* check for duplicates */
-		xn = X509_NAME_dup(xn);
-		if (xn == NULL)
-			goto err;
-		if (sk_X509_NAME_find(sk, xn) >= 0)
-			X509_NAME_free(xn);
-		else {
-			sk_X509_NAME_push(sk, xn);
-			sk_X509_NAME_push(ret, xn);
-		}
-	}
-
-	if (0) {
-err:
-		if (ret != NULL)
-			sk_X509_NAME_pop_free(ret, X509_NAME_free);
-		ret = NULL;
-	}
-	if (sk != NULL)
-		sk_X509_NAME_free(sk);
-	BIO_free(in);
-	X509_free(x);
-	if (ret != NULL)
-		ERR_clear_error();
-	return (ret);
-}
-
-/*!
- * Add a file of certs to a stack.
- * \param stack the stack to add to.
- * \param file the file to add from. All certs in this file that are not
- * already in the stack will be added.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int
-SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
-    const char *file)
-{
-	BIO *in;
-	X509 *x = NULL;
-	X509_NAME *xn = NULL;
-	int ret = 1;
-	int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b);
-
-	oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
-
-	in = BIO_new(BIO_s_file_internal());
-
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
-		    ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!BIO_read_filename(in, file))
-		goto err;
-
-	for (;;) {
-		if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
-			break;
-		if ((xn = X509_get_subject_name(x)) == NULL) goto err;
-			xn = X509_NAME_dup(xn);
-		if (xn == NULL)
-			goto err;
-		if (sk_X509_NAME_find(stack, xn) >= 0)
-			X509_NAME_free(xn);
-		else
-			sk_X509_NAME_push(stack, xn);
-	}
-
-	ERR_clear_error();
-
-	if (0) {
-err:
-		ret = 0;
-	}
-	BIO_free(in);
-	X509_free(x);
-
-	(void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
-
-	return ret;
-}
-
-/*!
- * Add a directory of certs to a stack.
- * \param stack the stack to append to.
- * \param dir the directory to append from. All files in this directory will be
- * examined as potential certs. Any that are acceptable to
- * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will
- * be included.
- * \return 1 for success, 0 for failure. Note that in the case of failure some
- * certs may have been added to \c stack.
- */
-
-int
-SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
-{
-	DIR *dirp = NULL;
-	char *path = NULL;
-	int ret = 0;
-
-	dirp = opendir(dir);
-	if (dirp) {
-		struct dirent *dp;
-		while ((dp = readdir(dirp)) != NULL) {
-			if (asprintf(&path, "%s/%s", dir, dp->d_name) != -1) {
-				ret = SSL_add_file_cert_subjects_to_stack(
-				    stack, path);
-				free(path);
-			}
-			if (!ret)
-				break;
-		}
-		(void) closedir(dirp);
-	}
-	if (!ret) {
- 		SYSerr(SYS_F_OPENDIR, errno);
-		ERR_asprintf_error_data("opendir ('%s')", dir);
-		SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
-	}
-	return ret;
-}
diff --git a/lib/libssl/src/ssl/ssl_ciph.c b/lib/libssl/src/ssl/ssl_ciph.c
deleted file mode 100644
index 526d98e2937..00000000000
--- a/lib/libssl/src/ssl/ssl_ciph.c
+++ /dev/null
@@ -1,1798 +0,0 @@
-/* $OpenBSD: ssl_ciph.c,v 1.86 2016/04/28 16:39:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "ssl_locl.h"
-
-#define SSL_ENC_DES_IDX		0
-#define SSL_ENC_3DES_IDX	1
-#define SSL_ENC_RC4_IDX		2
-#define SSL_ENC_IDEA_IDX	3
-#define SSL_ENC_NULL_IDX	4
-#define SSL_ENC_AES128_IDX	5
-#define SSL_ENC_AES256_IDX	6
-#define SSL_ENC_CAMELLIA128_IDX	7
-#define SSL_ENC_CAMELLIA256_IDX	8
-#define SSL_ENC_GOST89_IDX	9
-#define SSL_ENC_AES128GCM_IDX	10
-#define SSL_ENC_AES256GCM_IDX	11
-#define SSL_ENC_NUM_IDX		12
-
-
-static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
-	NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
-#define SSL_MD_MD5_IDX	0
-#define SSL_MD_SHA1_IDX	1
-#define SSL_MD_GOST94_IDX 2
-#define SSL_MD_GOST89MAC_IDX 3
-#define SSL_MD_SHA256_IDX 4
-#define SSL_MD_SHA384_IDX 5
-#define SSL_MD_STREEBOG256_IDX 6
-#define SSL_MD_STREEBOG512_IDX 7
-/*Constant SSL_MAX_DIGEST equal to size of digests array should be
- * defined in the
- * ssl_locl.h */
-#define SSL_MD_NUM_IDX	SSL_MAX_DIGEST
-static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
-	NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
-static int  ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
-	EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_GOSTIMIT,
-	EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC,
-};
-
-static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
-	0, 0, 0, 0, 0, 0, 0, 0
-};
-
-static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
-	SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
-	SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
-	SSL_HANDSHAKE_MAC_SHA384, SSL_HANDSHAKE_MAC_STREEBOG256,
-	SSL_HANDSHAKE_MAC_STREEBOG512
-};
-
-#define CIPHER_ADD	1
-#define CIPHER_KILL	2
-#define CIPHER_DEL	3
-#define CIPHER_ORD	4
-#define CIPHER_SPECIAL	5
-
-typedef struct cipher_order_st {
-	const SSL_CIPHER *cipher;
-	int active;
-	int dead;
-	struct cipher_order_st *next, *prev;
-} CIPHER_ORDER;
-
-static const SSL_CIPHER cipher_aliases[] = {
-
-	/* "ALL" doesn't include eNULL (must be specifically enabled) */
-	{
-		.name = SSL_TXT_ALL,
-		.algorithm_enc = ~SSL_eNULL,
-	},
-
-	/* "COMPLEMENTOFALL" */
-	{
-		.name = SSL_TXT_CMPALL,
-		.algorithm_enc = SSL_eNULL,
-	},
-
-	/*
-	 * "COMPLEMENTOFDEFAULT"
-	 * (does *not* include ciphersuites not found in ALL!)
-	 */
-	{
-		.name = SSL_TXT_CMPDEF,
-		.algorithm_mkey = SSL_kDHE|SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-		.algorithm_enc = ~SSL_eNULL,
-	},
-
-	/*
-	 * key exchange aliases
-	 * (some of those using only a single bit here combine multiple key
-	 * exchange algs according to the RFCs, e.g. kEDH combines DHE_DSS
-	 * and DHE_RSA)
-	 */
-	{
-		.name = SSL_TXT_kRSA,
-		.algorithm_mkey = SSL_kRSA,
-	},
-	{
-		.name = SSL_TXT_kEDH,
-		.algorithm_mkey = SSL_kDHE,
-	},
-	{
-		.name = SSL_TXT_DH,
-		.algorithm_mkey = SSL_kDHE,
-	},
-
-	{
-		.name = SSL_TXT_kECDHr,
-		.algorithm_mkey = SSL_kECDHr,
-	},
-	{
-		.name = SSL_TXT_kECDHe,
-		.algorithm_mkey = SSL_kECDHe,
-	},
-	{
-		.name = SSL_TXT_kECDH,
-		.algorithm_mkey = SSL_kECDHr|SSL_kECDHe,
-	},
-	{
-		.name = SSL_TXT_kEECDH,
-		.algorithm_mkey = SSL_kECDHE,
-	},
-	{
-		.name = SSL_TXT_ECDH,
-		.algorithm_mkey = SSL_kECDHr|SSL_kECDHe|SSL_kECDHE,
-	},
-
-	{
-		.name = SSL_TXT_kGOST,
-		.algorithm_mkey = SSL_kGOST,
-	},
-
-	/* server authentication aliases */
-	{
-		.name = SSL_TXT_aRSA,
-		.algorithm_auth = SSL_aRSA,
-	},
-	{
-		.name = SSL_TXT_aDSS,
-		.algorithm_auth = SSL_aDSS,
-	},
-	{
-		.name = SSL_TXT_DSS,
-		.algorithm_auth = SSL_aDSS,
-	},
-	{
-		.name = SSL_TXT_aNULL,
-		.algorithm_auth = SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_aECDH,
-		.algorithm_auth = SSL_aECDH,
-	},
-	{
-		.name = SSL_TXT_aECDSA,
-		.algorithm_auth = SSL_aECDSA,
-	},
-	{
-		.name = SSL_TXT_ECDSA,
-		.algorithm_auth = SSL_aECDSA,
-	},
-	{
-		.name = SSL_TXT_aGOST01,
-		.algorithm_auth = SSL_aGOST01,
-	},
-	{
-		.name = SSL_TXT_aGOST,
-		.algorithm_auth = SSL_aGOST01,
-	},
-
-	/* aliases combining key exchange and server authentication */
-	{
-		.name = SSL_TXT_DHE,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = ~SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_EDH,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = ~SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_ECDHE,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = ~SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_EECDH,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = ~SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_NULL,
-		.algorithm_enc = SSL_eNULL,
-	},
-	{
-		.name = SSL_TXT_RSA,
-		.algorithm_mkey = SSL_kRSA,
-		.algorithm_auth = SSL_aRSA,
-	},
-	{
-		.name = SSL_TXT_ADH,
-		.algorithm_mkey = SSL_kDHE,
-		.algorithm_auth = SSL_aNULL,
-	},
-	{
-		.name = SSL_TXT_AECDH,
-		.algorithm_mkey = SSL_kECDHE,
-		.algorithm_auth = SSL_aNULL,
-	},
-
-	/* symmetric encryption aliases */
-	{
-		.name = SSL_TXT_DES,
-		.algorithm_enc = SSL_DES,
-	},
-	{
-		.name = SSL_TXT_3DES,
-		.algorithm_enc = SSL_3DES,
-	},
-	{
-		.name = SSL_TXT_RC4,
-		.algorithm_enc = SSL_RC4,
-	},
-	{
-		.name = SSL_TXT_IDEA,
-		.algorithm_enc = SSL_IDEA,
-	},
-	{
-		.name = SSL_TXT_eNULL,
-		.algorithm_enc = SSL_eNULL,
-	},
-	{
-		.name = SSL_TXT_AES128,
-		.algorithm_enc = SSL_AES128|SSL_AES128GCM,
-	},
-	{
-		.name = SSL_TXT_AES256,
-		.algorithm_enc = SSL_AES256|SSL_AES256GCM,
-	},
-	{
-		.name = SSL_TXT_AES,
-		.algorithm_enc = SSL_AES,
-	},
-	{
-		.name = SSL_TXT_AES_GCM,
-		.algorithm_enc = SSL_AES128GCM|SSL_AES256GCM,
-	},
-	{
-		.name = SSL_TXT_CAMELLIA128,
-		.algorithm_enc = SSL_CAMELLIA128,
-	},
-	{
-		.name = SSL_TXT_CAMELLIA256,
-		.algorithm_enc = SSL_CAMELLIA256,
-	},
-	{
-		.name = SSL_TXT_CAMELLIA,
-		.algorithm_enc = SSL_CAMELLIA128|SSL_CAMELLIA256,
-	},
-	{
-		.name = SSL_TXT_CHACHA20,
-		.algorithm_enc = SSL_CHACHA20POLY1305|SSL_CHACHA20POLY1305_OLD,
-	},
-
-	/* MAC aliases */
-	{
-		.name = SSL_TXT_AEAD,
-		.algorithm_mac = SSL_AEAD,
-	},
-	{
-		.name = SSL_TXT_MD5,
-		.algorithm_mac = SSL_MD5,
-	},
-	{
-		.name = SSL_TXT_SHA1,
-		.algorithm_mac = SSL_SHA1,
-	},
-	{
-		.name = SSL_TXT_SHA,
-		.algorithm_mac = SSL_SHA1,
-	},
-	{
-		.name = SSL_TXT_GOST94,
-		.algorithm_mac = SSL_GOST94,
-	},
-	{
-		.name = SSL_TXT_GOST89MAC,
-		.algorithm_mac = SSL_GOST89MAC,
-	},
-	{
-		.name = SSL_TXT_SHA256,
-		.algorithm_mac = SSL_SHA256,
-	},
-	{
-		.name = SSL_TXT_SHA384,
-		.algorithm_mac = SSL_SHA384,
-	},
-	{
-		.name = SSL_TXT_STREEBOG256,
-		.algorithm_mac = SSL_STREEBOG256,
-	},
-	{
-		.name = SSL_TXT_STREEBOG512,
-		.algorithm_mac = SSL_STREEBOG512,
-	},
-
-	/* protocol version aliases */
-	{
-		.name = SSL_TXT_SSLV3,
-		.algorithm_ssl = SSL_SSLV3,
-	},
-	{
-		.name = SSL_TXT_TLSV1,
-		.algorithm_ssl = SSL_TLSV1,
-	},
-	{
-		.name = SSL_TXT_TLSV1_2,
-		.algorithm_ssl = SSL_TLSV1_2,
-	},
-
-	/* strength classes */
-	{
-		.name = SSL_TXT_LOW,
-		.algo_strength = SSL_LOW,
-	},
-	{
-		.name = SSL_TXT_MEDIUM,
-		.algo_strength = SSL_MEDIUM,
-	},
-	{
-		.name = SSL_TXT_HIGH,
-		.algo_strength = SSL_HIGH,
-	},
-};
-
-void
-ssl_load_ciphers(void)
-{
-	ssl_cipher_methods[SSL_ENC_DES_IDX] =
-	    EVP_get_cipherbyname(SN_des_cbc);
-	ssl_cipher_methods[SSL_ENC_3DES_IDX] =
-	    EVP_get_cipherbyname(SN_des_ede3_cbc);
-	ssl_cipher_methods[SSL_ENC_RC4_IDX] =
-	    EVP_get_cipherbyname(SN_rc4);
-#ifndef OPENSSL_NO_IDEA
-	ssl_cipher_methods[SSL_ENC_IDEA_IDX] =
-	    EVP_get_cipherbyname(SN_idea_cbc);
-#else
-	ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
-#endif
-	ssl_cipher_methods[SSL_ENC_AES128_IDX] =
-	    EVP_get_cipherbyname(SN_aes_128_cbc);
-	ssl_cipher_methods[SSL_ENC_AES256_IDX] =
-	    EVP_get_cipherbyname(SN_aes_256_cbc);
-	ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
-	    EVP_get_cipherbyname(SN_camellia_128_cbc);
-	ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
-	    EVP_get_cipherbyname(SN_camellia_256_cbc);
-	ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
-	    EVP_get_cipherbyname(SN_gost89_cnt);
-
-	ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
-	    EVP_get_cipherbyname(SN_aes_128_gcm);
-	ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
-	    EVP_get_cipherbyname(SN_aes_256_gcm);
-
-	ssl_digest_methods[SSL_MD_MD5_IDX] =
-	    EVP_get_digestbyname(SN_md5);
-	ssl_mac_secret_size[SSL_MD_MD5_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
-	OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
-	ssl_digest_methods[SSL_MD_SHA1_IDX] =
-	    EVP_get_digestbyname(SN_sha1);
-	ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
-	OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
-	ssl_digest_methods[SSL_MD_GOST94_IDX] =
-	    EVP_get_digestbyname(SN_id_GostR3411_94);
-	if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
-		ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
-		    EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
-		OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
-	}
-	ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
-	    EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
-	if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
-		ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
-	}
-
-	ssl_digest_methods[SSL_MD_SHA256_IDX] =
-	    EVP_get_digestbyname(SN_sha256);
-	ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
-	ssl_digest_methods[SSL_MD_SHA384_IDX] =
-	    EVP_get_digestbyname(SN_sha384);
-	ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
-	ssl_digest_methods[SSL_MD_STREEBOG256_IDX] =
-	    EVP_get_digestbyname(SN_id_tc26_gost3411_2012_256);
-	ssl_mac_secret_size[SSL_MD_STREEBOG256_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG256_IDX]);
-	ssl_digest_methods[SSL_MD_STREEBOG512_IDX] =
-	    EVP_get_digestbyname(SN_id_tc26_gost3411_2012_512);
-	ssl_mac_secret_size[SSL_MD_STREEBOG512_IDX] =
-	    EVP_MD_size(ssl_digest_methods[SSL_MD_STREEBOG512_IDX]);
-}
-
-int
-ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-    const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size)
-{
-	const SSL_CIPHER *c;
-	int i;
-
-	c = s->cipher;
-	if (c == NULL)
-		return (0);
-
-	/*
-	 * This function does not handle EVP_AEAD.
-	 * See ssl_cipher_get_aead_evp instead.
-	 */
-	if (c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)
-		return(0);
-
-	if ((enc == NULL) || (md == NULL))
-		return (0);
-
-	switch (c->algorithm_enc) {
-	case SSL_DES:
-		i = SSL_ENC_DES_IDX;
-		break;
-	case SSL_3DES:
-		i = SSL_ENC_3DES_IDX;
-		break;
-	case SSL_RC4:
-		i = SSL_ENC_RC4_IDX;
-		break;
-	case SSL_IDEA:
-		i = SSL_ENC_IDEA_IDX;
-		break;
-	case SSL_eNULL:
-		i = SSL_ENC_NULL_IDX;
-		break;
-	case SSL_AES128:
-		i = SSL_ENC_AES128_IDX;
-		break;
-	case SSL_AES256:
-		i = SSL_ENC_AES256_IDX;
-		break;
-	case SSL_CAMELLIA128:
-		i = SSL_ENC_CAMELLIA128_IDX;
-		break;
-	case SSL_CAMELLIA256:
-		i = SSL_ENC_CAMELLIA256_IDX;
-		break;
-	case SSL_eGOST2814789CNT:
-		i = SSL_ENC_GOST89_IDX;
-		break;
-	case SSL_AES128GCM:
-		i = SSL_ENC_AES128GCM_IDX;
-		break;
-	case SSL_AES256GCM:
-		i = SSL_ENC_AES256GCM_IDX;
-		break;
-	default:
-		i = -1;
-		break;
-	}
-
-	if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
-		*enc = NULL;
-	else {
-		if (i == SSL_ENC_NULL_IDX)
-			*enc = EVP_enc_null();
-		else
-			*enc = ssl_cipher_methods[i];
-	}
-
-	switch (c->algorithm_mac) {
-	case SSL_MD5:
-		i = SSL_MD_MD5_IDX;
-		break;
-	case SSL_SHA1:
-		i = SSL_MD_SHA1_IDX;
-		break;
-	case SSL_SHA256:
-		i = SSL_MD_SHA256_IDX;
-		break;
-	case SSL_SHA384:
-		i = SSL_MD_SHA384_IDX;
-		break;
-	case SSL_GOST94:
-		i = SSL_MD_GOST94_IDX;
-		break;
-	case SSL_GOST89MAC:
-		i = SSL_MD_GOST89MAC_IDX;
-		break;
-	case SSL_STREEBOG256:
-		i = SSL_MD_STREEBOG256_IDX;
-		break;
-	case SSL_STREEBOG512:
-		i = SSL_MD_STREEBOG512_IDX;
-		break;
-	default:
-		i = -1;
-		break;
-	}
-	if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
-		*md = NULL;
-
-		if (mac_pkey_type != NULL)
-			*mac_pkey_type = NID_undef;
-		if (mac_secret_size != NULL)
-			*mac_secret_size = 0;
-		if (c->algorithm_mac == SSL_AEAD)
-			mac_pkey_type = NULL;
-	} else {
-		*md = ssl_digest_methods[i];
-		if (mac_pkey_type != NULL)
-			*mac_pkey_type = ssl_mac_pkey_id[i];
-		if (mac_secret_size != NULL)
-			*mac_secret_size = ssl_mac_secret_size[i];
-	}
-
-	if ((*enc != NULL) &&
-	    (*md != NULL || (EVP_CIPHER_flags(*enc)&EVP_CIPH_FLAG_AEAD_CIPHER)) &&
-	    (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
-		const EVP_CIPHER *evp;
-
-		if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
-		    s->ssl_version < TLS1_VERSION)
-			return 1;
-
-		if (c->algorithm_enc == SSL_RC4 &&
-		    c->algorithm_mac == SSL_MD5 &&
-		    (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
-			*enc = evp, *md = NULL;
-		else if (c->algorithm_enc == SSL_AES128 &&
-		    c->algorithm_mac == SSL_SHA1 &&
-		    (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
-			*enc = evp, *md = NULL;
-		else if (c->algorithm_enc == SSL_AES256 &&
-		    c->algorithm_mac == SSL_SHA1 &&
-		    (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
-			*enc = evp, *md = NULL;
-		return (1);
-	} else
-		return (0);
-}
-
-/*
- * ssl_cipher_get_evp_aead sets aead to point to the correct EVP_AEAD object
- * for s->cipher. It returns 1 on success and 0 on error.
- */
-int
-ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead)
-{
-	const SSL_CIPHER *c = s->cipher;
-
-	*aead = NULL;
-
-	if (c == NULL)
-		return 0;
-	if ((c->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD) == 0)
-		return 0;
-
-	switch (c->algorithm_enc) {
-#ifndef OPENSSL_NO_AES
-	case SSL_AES128GCM:
-		*aead = EVP_aead_aes_128_gcm();
-		return 1;
-	case SSL_AES256GCM:
-		*aead = EVP_aead_aes_256_gcm();
-		return 1;
-#endif
-#if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
-	case SSL_CHACHA20POLY1305:
-		*aead = EVP_aead_chacha20_poly1305();
-		return 1;
-	case SSL_CHACHA20POLY1305_OLD:
-		*aead = EVP_aead_chacha20_poly1305_old();
-		return 1;
-#endif
-	default:
-		break;
-	}
-	return 0;
-}
-
-int
-ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
-{
-	if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
-		return 0;
-	}
-	*mask = ssl_handshake_digest_flag[idx];
-	if (*mask)
-		*md = ssl_digest_methods[idx];
-	else
-		*md = NULL;
-	return 1;
-}
-
-#define ITEM_SEP(a) \
-	(((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
-
-static void
-ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
-    CIPHER_ORDER **tail)
-{
-	if (curr == *tail)
-		return;
-	if (curr == *head)
-		*head = curr->next;
-	if (curr->prev != NULL)
-		curr->prev->next = curr->next;
-	if (curr->next != NULL)
-		curr->next->prev = curr->prev;
-	(*tail)->next = curr;
-	curr->prev= *tail;
-	curr->next = NULL;
-	*tail = curr;
-}
-
-static void
-ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
-    CIPHER_ORDER **tail)
-{
-	if (curr == *head)
-		return;
-	if (curr == *tail)
-		*tail = curr->prev;
-	if (curr->next != NULL)
-		curr->next->prev = curr->prev;
-	if (curr->prev != NULL)
-		curr->prev->next = curr->next;
-	(*head)->prev = curr;
-	curr->next= *head;
-	curr->prev = NULL;
-	*head = curr;
-}
-
-static void
-ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
-    unsigned long *enc, unsigned long *mac, unsigned long *ssl)
-{
-	*mkey = 0;
-	*auth = 0;
-	*enc = 0;
-	*mac = 0;
-	*ssl = 0;
-
-	/*
-	 * Check for the availability of GOST 34.10 public/private key
-	 * algorithms. If they are not available disable the associated
-	 * authentication and key exchange algorithms.
-	 */
-	if (EVP_PKEY_meth_find(NID_id_GostR3410_2001) == NULL) {
-		*auth |= SSL_aGOST01;
-		*mkey |= SSL_kGOST;
-	}
-
-#ifdef SSL_FORBID_ENULL
-	*enc |= SSL_eNULL;
-#endif
-
-	*enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] == NULL) ? SSL_AES128GCM : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] == NULL) ? SSL_AES256GCM : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] == NULL) ? SSL_CAMELLIA128 : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] == NULL) ? SSL_CAMELLIA256 : 0;
-	*enc |= (ssl_cipher_methods[SSL_ENC_GOST89_IDX] == NULL) ? SSL_eGOST2814789CNT : 0;
-
-	*mac |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL) ? SSL_GOST89MAC : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_STREEBOG256_IDX] == NULL) ? SSL_STREEBOG256 : 0;
-	*mac |= (ssl_digest_methods[SSL_MD_STREEBOG512_IDX] == NULL) ? SSL_STREEBOG512 : 0;
-
-}
-
-static void
-ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, int num_of_ciphers,
-    unsigned long disabled_mkey, unsigned long disabled_auth,
-    unsigned long disabled_enc, unsigned long disabled_mac,
-    unsigned long disabled_ssl, CIPHER_ORDER *co_list,
-    CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
-{
-	int i, co_list_num;
-	const SSL_CIPHER *c;
-
-	/*
-	 * We have num_of_ciphers descriptions compiled in, depending on the
-	 * method selected (SSLv3, TLSv1, etc). These will later be sorted in
-	 * a linked list with at most num entries.
-	 */
-
-	/* Get the initial list of ciphers */
-	co_list_num = 0;	/* actual count of ciphers */
-	for (i = 0; i < num_of_ciphers; i++) {
-		c = ssl_method->get_cipher(i);
-		/* drop those that use any of that is not available */
-		if ((c != NULL) && c->valid &&
-		    !(c->algorithm_mkey & disabled_mkey) &&
-		    !(c->algorithm_auth & disabled_auth) &&
-		    !(c->algorithm_enc & disabled_enc) &&
-		    !(c->algorithm_mac & disabled_mac) &&
-		    !(c->algorithm_ssl & disabled_ssl)) {
-			co_list[co_list_num].cipher = c;
-			co_list[co_list_num].next = NULL;
-			co_list[co_list_num].prev = NULL;
-			co_list[co_list_num].active = 0;
-			co_list_num++;
-			/*
-			if (!sk_push(ca_list,(char *)c)) goto err;
-			*/
-		}
-	}
-
-	/*
-	 * Prepare linked list from list entries
-	 */
-	if (co_list_num > 0) {
-		co_list[0].prev = NULL;
-
-		if (co_list_num > 1) {
-			co_list[0].next = &co_list[1];
-
-			for (i = 1; i < co_list_num - 1; i++) {
-				co_list[i].prev = &co_list[i - 1];
-				co_list[i].next = &co_list[i + 1];
-			}
-
-			co_list[co_list_num - 1].prev =
-			    &co_list[co_list_num - 2];
-		}
-
-		co_list[co_list_num - 1].next = NULL;
-
-		*head_p = &co_list[0];
-		*tail_p = &co_list[co_list_num - 1];
-	}
-}
-
-static void
-ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list, int num_of_group_aliases,
-    unsigned long disabled_mkey, unsigned long disabled_auth,
-    unsigned long disabled_enc, unsigned long disabled_mac,
-    unsigned long disabled_ssl, CIPHER_ORDER *head)
-{
-	CIPHER_ORDER *ciph_curr;
-	const SSL_CIPHER **ca_curr;
-	int i;
-	unsigned long mask_mkey = ~disabled_mkey;
-	unsigned long mask_auth = ~disabled_auth;
-	unsigned long mask_enc = ~disabled_enc;
-	unsigned long mask_mac = ~disabled_mac;
-	unsigned long mask_ssl = ~disabled_ssl;
-
-	/*
-	 * First, add the real ciphers as already collected
-	 */
-	ciph_curr = head;
-	ca_curr = ca_list;
-	while (ciph_curr != NULL) {
-		*ca_curr = ciph_curr->cipher;
-		ca_curr++;
-		ciph_curr = ciph_curr->next;
-	}
-
-	/*
-	 * Now we add the available ones from the cipher_aliases[] table.
-	 * They represent either one or more algorithms, some of which
-	 * in any affected category must be supported (set in enabled_mask),
-	 * or represent a cipher strength value (will be added in any case because algorithms=0).
-	 */
-	for (i = 0; i < num_of_group_aliases; i++) {
-		unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
-		unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
-		unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
-		unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
-		unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
-
-		if (algorithm_mkey)
-			if ((algorithm_mkey & mask_mkey) == 0)
-				continue;
-
-		if (algorithm_auth)
-			if ((algorithm_auth & mask_auth) == 0)
-				continue;
-
-		if (algorithm_enc)
-			if ((algorithm_enc & mask_enc) == 0)
-				continue;
-
-		if (algorithm_mac)
-			if ((algorithm_mac & mask_mac) == 0)
-				continue;
-
-		if (algorithm_ssl)
-			if ((algorithm_ssl & mask_ssl) == 0)
-				continue;
-
-		*ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
-		ca_curr++;
-	}
-
-	*ca_curr = NULL;	/* end of list */
-}
-
-static void
-ssl_cipher_apply_rule(unsigned long cipher_id, unsigned long alg_mkey,
-    unsigned long alg_auth, unsigned long alg_enc, unsigned long alg_mac,
-    unsigned long alg_ssl, unsigned long algo_strength,
-    int rule, int strength_bits, CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
-{
-	CIPHER_ORDER *head, *tail, *curr, *next, *last;
-	const SSL_CIPHER *cp;
-	int reverse = 0;
-
-
-	if (rule == CIPHER_DEL)
-		reverse = 1; /* needed to maintain sorting between currently deleted ciphers */
-
-	head = *head_p;
-	tail = *tail_p;
-
-	if (reverse) {
-		next = tail;
-		last = head;
-	} else {
-		next = head;
-		last = tail;
-	}
-
-	curr = NULL;
-	for (;;) {
-		if (curr == last)
-			break;
-		curr = next;
-		next = reverse ? curr->prev : curr->next;
-
-		cp = curr->cipher;
-
-		/*
-		 * Selection criteria is either the value of strength_bits
-		 * or the algorithms used.
-		 */
-		if (strength_bits >= 0) {
-			if (strength_bits != cp->strength_bits)
-				continue;
-		} else {
-
-			if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
-				continue;
-			if (alg_auth && !(alg_auth & cp->algorithm_auth))
-				continue;
-			if (alg_enc && !(alg_enc & cp->algorithm_enc))
-				continue;
-			if (alg_mac && !(alg_mac & cp->algorithm_mac))
-				continue;
-			if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
-				continue;
-			if ((algo_strength & SSL_STRONG_MASK) && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
-				continue;
-		}
-
-
-		/* add the cipher if it has not been added yet. */
-		if (rule == CIPHER_ADD) {
-			/* reverse == 0 */
-			if (!curr->active) {
-				ll_append_tail(&head, curr, &tail);
-				curr->active = 1;
-			}
-		}
-		/* Move the added cipher to this location */
-		else if (rule == CIPHER_ORD) {
-			/* reverse == 0 */
-			if (curr->active) {
-				ll_append_tail(&head, curr, &tail);
-			}
-		} else if (rule == CIPHER_DEL) {
-			/* reverse == 1 */
-			if (curr->active) {
-				/* most recently deleted ciphersuites get best positions
-				 * for any future CIPHER_ADD (note that the CIPHER_DEL loop
-				 * works in reverse to maintain the order) */
-				ll_append_head(&head, curr, &tail);
-				curr->active = 0;
-			}
-		} else if (rule == CIPHER_KILL) {
-			/* reverse == 0 */
-			if (head == curr)
-				head = curr->next;
-			else
-				curr->prev->next = curr->next;
-			if (tail == curr)
-				tail = curr->prev;
-			curr->active = 0;
-			if (curr->next != NULL)
-				curr->next->prev = curr->prev;
-			if (curr->prev != NULL)
-				curr->prev->next = curr->next;
-			curr->next = NULL;
-			curr->prev = NULL;
-		}
-	}
-
-	*head_p = head;
-	*tail_p = tail;
-}
-
-static int
-ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
-{
-	int max_strength_bits, i, *number_uses;
-	CIPHER_ORDER *curr;
-
-	/*
-	 * This routine sorts the ciphers with descending strength. The sorting
-	 * must keep the pre-sorted sequence, so we apply the normal sorting
-	 * routine as '+' movement to the end of the list.
-	 */
-	max_strength_bits = 0;
-	curr = *head_p;
-	while (curr != NULL) {
-		if (curr->active &&
-		    (curr->cipher->strength_bits > max_strength_bits))
-			max_strength_bits = curr->cipher->strength_bits;
-		curr = curr->next;
-	}
-
-	number_uses = calloc((max_strength_bits + 1), sizeof(int));
-	if (!number_uses) {
-		SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	/*
-	 * Now find the strength_bits values actually used
-	 */
-	curr = *head_p;
-	while (curr != NULL) {
-		if (curr->active)
-			number_uses[curr->cipher->strength_bits]++;
-		curr = curr->next;
-	}
-	/*
-	 * Go through the list of used strength_bits values in descending
-	 * order.
-	 */
-	for (i = max_strength_bits; i >= 0; i--)
-		if (number_uses[i] > 0)
-			ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p, tail_p);
-
-	free(number_uses);
-	return (1);
-}
-
-static int
-ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
-    CIPHER_ORDER **tail_p, const SSL_CIPHER **ca_list)
-{
-	unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl;
-	unsigned long algo_strength;
-	int j, multi, found, rule, retval, ok, buflen;
-	unsigned long cipher_id = 0;
-	const char *l, *buf;
-	char ch;
-
-	retval = 1;
-	l = rule_str;
-	for (;;) {
-		ch = *l;
-
-		if (ch == '\0')
-			break;
-
-		if (ch == '-') {
-			rule = CIPHER_DEL;
-			l++;
-		} else if (ch == '+') {
-			rule = CIPHER_ORD;
-			l++;
-		} else if (ch == '!') {
-			rule = CIPHER_KILL;
-			l++;
-		} else if (ch == '@') {
-			rule = CIPHER_SPECIAL;
-			l++;
-		} else {
-			rule = CIPHER_ADD;
-		}
-
-		if (ITEM_SEP(ch)) {
-			l++;
-			continue;
-		}
-
-		alg_mkey = 0;
-		alg_auth = 0;
-		alg_enc = 0;
-		alg_mac = 0;
-		alg_ssl = 0;
-		algo_strength = 0;
-
-		for (;;) {
-			ch = *l;
-			buf = l;
-			buflen = 0;
-			while (((ch >= 'A') && (ch <= 'Z')) ||
-			    ((ch >= '0') && (ch <= '9')) ||
-			    ((ch >= 'a') && (ch <= 'z')) ||
-			    (ch == '-') || (ch == '.')) {
-				ch = *(++l);
-				buflen++;
-			}
-
-			if (buflen == 0) {
-				/*
-				 * We hit something we cannot deal with,
-				 * it is no command or separator nor
-				 * alphanumeric, so we call this an error.
-				 */
-				SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-				    SSL_R_INVALID_COMMAND);
-				retval = found = 0;
-				l++;
-				break;
-			}
-
-			if (rule == CIPHER_SPECIAL) {
-				 /* unused -- avoid compiler warning */
-				found = 0;
-				/* special treatment */
-				break;
-			}
-
-			/* check for multi-part specification */
-			if (ch == '+') {
-				multi = 1;
-				l++;
-			} else
-				multi = 0;
-
-			/*
-			 * Now search for the cipher alias in the ca_list.
-			 * Be careful with the strncmp, because the "buflen"
-			 * limitation will make the rule "ADH:SOME" and the
-			 * cipher "ADH-MY-CIPHER" look like a match for
-			 * buflen=3. So additionally check whether the cipher
-			 * name found has the correct length. We can save a
-			 * strlen() call: just checking for the '\0' at the
-			 * right place is sufficient, we have to strncmp()
-			 * anyway (we cannot use strcmp(), because buf is not
-			 * '\0' terminated.)
-			 */
-			j = found = 0;
-			cipher_id = 0;
-			while (ca_list[j]) {
-				if (!strncmp(buf, ca_list[j]->name, buflen) &&
-				    (ca_list[j]->name[buflen] == '\0')) {
-					found = 1;
-					break;
-				} else
-					j++;
-			}
-
-			if (!found)
-				break;	/* ignore this entry */
-
-			if (ca_list[j]->algorithm_mkey) {
-				if (alg_mkey) {
-					alg_mkey &= ca_list[j]->algorithm_mkey;
-					if (!alg_mkey) {
-						found = 0;
-						break;
-					}
-				} else
-					alg_mkey = ca_list[j]->algorithm_mkey;
-			}
-
-			if (ca_list[j]->algorithm_auth) {
-				if (alg_auth) {
-					alg_auth &= ca_list[j]->algorithm_auth;
-					if (!alg_auth) {
-						found = 0;
-						break;
-					}
-				} else
-					alg_auth = ca_list[j]->algorithm_auth;
-			}
-
-			if (ca_list[j]->algorithm_enc) {
-				if (alg_enc) {
-					alg_enc &= ca_list[j]->algorithm_enc;
-					if (!alg_enc) {
-						found = 0;
-						break;
-					}
-				} else
-					alg_enc = ca_list[j]->algorithm_enc;
-			}
-
-			if (ca_list[j]->algorithm_mac) {
-				if (alg_mac) {
-					alg_mac &= ca_list[j]->algorithm_mac;
-					if (!alg_mac) {
-						found = 0;
-						break;
-					}
-				} else
-					alg_mac = ca_list[j]->algorithm_mac;
-			}
-
-			if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
-				if (algo_strength & SSL_STRONG_MASK) {
-					algo_strength &=
-					    (ca_list[j]->algo_strength &
-					    SSL_STRONG_MASK) | ~SSL_STRONG_MASK;
-					if (!(algo_strength &
-					    SSL_STRONG_MASK)) {
-						found = 0;
-						break;
-					}
-				} else
-					algo_strength |=
-					    ca_list[j]->algo_strength &
-					    SSL_STRONG_MASK;
-			}
-
-			if (ca_list[j]->valid) {
-				/*
-				 * explicit ciphersuite found; its protocol
-				 * version does not become part of the search
-				 * pattern!
-				 */
-				cipher_id = ca_list[j]->id;
-			} else {
-				/*
-				 * not an explicit ciphersuite; only in this
-				 * case, the protocol version is considered
-				 * part of the search pattern
-				 */
-				if (ca_list[j]->algorithm_ssl) {
-					if (alg_ssl) {
-						alg_ssl &=
-						    ca_list[j]->algorithm_ssl;
-						if (!alg_ssl) {
-							found = 0;
-							break;
-						}
-					} else
-						alg_ssl =
-						    ca_list[j]->algorithm_ssl;
-				}
-			}
-
-			if (!multi)
-				break;
-		}
-
-		/*
-		 * Ok, we have the rule, now apply it
-		 */
-		if (rule == CIPHER_SPECIAL) {
-			/* special command */
-			ok = 0;
-			if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
-				ok = ssl_cipher_strength_sort(head_p, tail_p);
-			else
-				SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
-				    SSL_R_INVALID_COMMAND);
-			if (ok == 0)
-				retval = 0;
-			/*
-			 * We do not support any "multi" options
-			 * together with "@", so throw away the
-			 * rest of the command, if any left, until
-			 * end or ':' is found.
-			 */
-			while ((*l != '\0') && !ITEM_SEP(*l))
-				l++;
-		} else if (found) {
-			ssl_cipher_apply_rule(cipher_id, alg_mkey, alg_auth,
-			    alg_enc, alg_mac, alg_ssl, algo_strength, rule,
-			    -1, head_p, tail_p);
-		} else {
-			while ((*l != '\0') && !ITEM_SEP(*l))
-				l++;
-		}
-		if (*l == '\0')
-			break; /* done */
-	}
-
-	return (retval);
-}
-
-static inline int
-ssl_aes_is_accelerated(void)
-{
-#if defined(__i386__) || defined(__x86_64__)
-	return ((OPENSSL_cpu_caps() & (1ULL << 57)) != 0);
-#else
-	return (0);
-#endif
-}
-
-STACK_OF(SSL_CIPHER) *
-ssl_create_cipher_list(const SSL_METHOD *ssl_method,
-    STACK_OF(SSL_CIPHER) **cipher_list,
-    STACK_OF(SSL_CIPHER) **cipher_list_by_id,
-    const char *rule_str)
-{
-	int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
-	unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl;
-	STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
-	const char *rule_p;
-	CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
-	const SSL_CIPHER **ca_list = NULL;
-
-	/*
-	 * Return with error if nothing to do.
-	 */
-	if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
-		return NULL;
-
-	/*
-	 * To reduce the work to do we only want to process the compiled
-	 * in algorithms, so we first get the mask of disabled ciphers.
-	 */
-	ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc, &disabled_mac, &disabled_ssl);
-
-	/*
-	 * Now we have to collect the available ciphers from the compiled
-	 * in ciphers. We cannot get more than the number compiled in, so
-	 * it is used for allocation.
-	 */
-	num_of_ciphers = ssl_method->num_ciphers();
-	co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
-	if (co_list == NULL) {
-		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-		return(NULL);	/* Failure */
-	}
-
-	ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
-	disabled_mkey, disabled_auth, disabled_enc, disabled_mac, disabled_ssl,
-	co_list, &head, &tail);
-
-
-	/* Now arrange all ciphers by preference: */
-
-	/* Everything else being equal, prefer ephemeral ECDH over other key exchange mechanisms */
-	ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-	ssl_cipher_apply_rule(0, SSL_kECDHE, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
-
-	if (ssl_aes_is_accelerated() == 1) {
-		/*
-		 * We have hardware assisted AES - prefer AES as a symmetric
-		 * cipher, with CHACHA20 second.
-		 */
-		ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0,
-		    CIPHER_ADD, -1, &head, &tail);
-		ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305,
-		    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-		ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD,
-		    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-	} else {
-		/*
-		 * CHACHA20 is fast and safe on all hardware and is thus our
-		 * preferred symmetric cipher, with AES second.
-		 */
-		ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305,
-		    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-		ssl_cipher_apply_rule(0, 0, 0, SSL_CHACHA20POLY1305_OLD,
-		    0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-		ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0,
-		    CIPHER_ADD, -1, &head, &tail);
-	}
-
-	/* Temporarily enable everything else for sorting */
-	ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
-
-	/* Low priority for MD5 */
-	ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head, &tail);
-
-	/* Move anonymous ciphers to the end.  Usually, these will remain disabled.
-	 * (For applications that allow them, they aren't too bad, but we prefer
-	 * authenticated ciphers.) */
-	ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
-
-	/* Move ciphers without forward secrecy to the end */
-	ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
-	ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
-
-	/* RC4 is sort of broken - move it to the end */
-	ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head, &tail);
-
-	/* Now sort by symmetric encryption strength.  The above ordering remains
-	 * in force within each class */
-	if (!ssl_cipher_strength_sort(&head, &tail)) {
-		free(co_list);
-		return NULL;
-	}
-
-	/* Now disable everything (maintaining the ordering!) */
-	ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
-
-
-	/*
-	 * We also need cipher aliases for selecting based on the rule_str.
-	 * There might be two types of entries in the rule_str: 1) names
-	 * of ciphers themselves 2) aliases for groups of ciphers.
-	 * For 1) we need the available ciphers and for 2) the cipher
-	 * groups of cipher_aliases added together in one list (otherwise
-	 * we would be happy with just the cipher_aliases table).
-	 */
-	num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
-	num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
-	ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
-	if (ca_list == NULL) {
-		free(co_list);
-		SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-		return(NULL);	/* Failure */
-	}
-	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
-	disabled_mkey, disabled_auth, disabled_enc,
-	disabled_mac, disabled_ssl, head);
-
-	/*
-	 * If the rule_string begins with DEFAULT, apply the default rule
-	 * before using the (possibly available) additional rules.
-	 */
-	ok = 1;
-	rule_p = rule_str;
-	if (strncmp(rule_str, "DEFAULT", 7) == 0) {
-		ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
-		&head, &tail, ca_list);
-		rule_p += 7;
-		if (*rule_p == ':')
-			rule_p++;
-	}
-
-	if (ok && (strlen(rule_p) > 0))
-		ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
-
-	free((void *)ca_list);	/* Not needed anymore */
-
-	if (!ok) {
-		/* Rule processing failure */
-		free(co_list);
-		return (NULL);
-	}
-
-	/*
-	 * Allocate new "cipherstack" for the result, return with error
-	 * if we cannot get one.
-	 */
-	if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
-		free(co_list);
-		return (NULL);
-	}
-
-	/*
-	 * The cipher selection for the list is done. The ciphers are added
-	 * to the resulting precedence to the STACK_OF(SSL_CIPHER).
-	 */
-	for (curr = head; curr != NULL; curr = curr->next) {
-		if (curr->active) {
-			sk_SSL_CIPHER_push(cipherstack, curr->cipher);
-		}
-	}
-	free(co_list);	/* Not needed any longer */
-
-	tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
-	if (tmp_cipher_list == NULL) {
-		sk_SSL_CIPHER_free(cipherstack);
-		return NULL;
-	}
-	if (*cipher_list != NULL)
-		sk_SSL_CIPHER_free(*cipher_list);
-	*cipher_list = cipherstack;
-	if (*cipher_list_by_id != NULL)
-		sk_SSL_CIPHER_free(*cipher_list_by_id);
-	*cipher_list_by_id = tmp_cipher_list;
-	(void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
-	    ssl_cipher_ptr_id_cmp);
-
-	sk_SSL_CIPHER_sort(*cipher_list_by_id);
-	return (cipherstack);
-}
-
-const SSL_CIPHER *
-SSL_CIPHER_get_by_id(unsigned int id)
-{
-	return ssl3_get_cipher_by_id(id);
-}
-
-const SSL_CIPHER *
-SSL_CIPHER_get_by_value(uint16_t value)
-{
-	return ssl3_get_cipher_by_value(value);
-}
-
-char *
-SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
-{
-	unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
-	const char *ver, *kx, *au, *enc, *mac;
-	char *ret;
-	int l;
-
-	alg_mkey = cipher->algorithm_mkey;
-	alg_auth = cipher->algorithm_auth;
-	alg_enc = cipher->algorithm_enc;
-	alg_mac = cipher->algorithm_mac;
-	alg_ssl = cipher->algorithm_ssl;
-
-	alg2 = cipher->algorithm2;
-
-	if (alg_ssl & SSL_SSLV3)
-		ver = "SSLv3";
-	else if (alg_ssl & SSL_TLSV1_2)
-		ver = "TLSv1.2";
-	else
-		ver = "unknown";
-
-	switch (alg_mkey) {
-	case SSL_kRSA:
-		kx = "RSA";
-		break;
-	case SSL_kDHE:
-		kx = "DH";
-		break;
-	case SSL_kECDHr:
-		kx = "ECDH/RSA";
-		break;
-	case SSL_kECDHe:
-		kx = "ECDH/ECDSA";
-		break;
-	case SSL_kECDHE:
-		kx = "ECDH";
-		break;
-	case SSL_kGOST:
-		kx = "GOST";
-		break;
-	default:
-		kx = "unknown";
-	}
-
-	switch (alg_auth) {
-	case SSL_aRSA:
-		au = "RSA";
-		break;
-	case SSL_aDSS:
-		au = "DSS";
-		break;
-	case SSL_aECDH:
-		au = "ECDH";
-		break;
-	case SSL_aNULL:
-		au = "None";
-		break;
-	case SSL_aECDSA:
-		au = "ECDSA";
-		break;
-	case SSL_aGOST01:
-		au = "GOST01";
-		break;
-	default:
-		au = "unknown";
-		break;
-	}
-
-	switch (alg_enc) {
-	case SSL_DES:
-		enc = "DES(56)";
-		break;
-	case SSL_3DES:
-		enc = "3DES(168)";
-		break;
-	case SSL_RC4:
-		enc = alg2 & SSL2_CF_8_BYTE_ENC ? "RC4(64)" : "RC4(128)";
-		break;
-	case SSL_IDEA:
-		enc = "IDEA(128)";
-		break;
-	case SSL_eNULL:
-		enc = "None";
-		break;
-	case SSL_AES128:
-		enc = "AES(128)";
-		break;
-	case SSL_AES256:
-		enc = "AES(256)";
-		break;
-	case SSL_AES128GCM:
-		enc = "AESGCM(128)";
-		break;
-	case SSL_AES256GCM:
-		enc = "AESGCM(256)";
-		break;
-	case SSL_CAMELLIA128:
-		enc = "Camellia(128)";
-		break;
-	case SSL_CAMELLIA256:
-		enc = "Camellia(256)";
-		break;
-	case SSL_CHACHA20POLY1305:
-		enc = "ChaCha20-Poly1305";
-		break;
-	case SSL_CHACHA20POLY1305_OLD:
-		enc = "ChaCha20-Poly1305-Old";
-		break;
-	case SSL_eGOST2814789CNT:
-		enc = "GOST-28178-89-CNT";
-		break;
-	default:
-		enc = "unknown";
-		break;
-	}
-
-	switch (alg_mac) {
-	case SSL_MD5:
-		mac = "MD5";
-		break;
-	case SSL_SHA1:
-		mac = "SHA1";
-		break;
-	case SSL_SHA256:
-		mac = "SHA256";
-		break;
-	case SSL_SHA384:
-		mac = "SHA384";
-		break;
-	case SSL_AEAD:
-		mac = "AEAD";
-		break;
-	case SSL_GOST94:
-		mac = "GOST94";
-		break;
-	case SSL_GOST89MAC:
-		mac = "GOST89IMIT";
-		break;
-	case SSL_STREEBOG256:
-		mac = "STREEBOG256";
-		break;
-	case SSL_STREEBOG512:
-		mac = "STREEBOG512";
-		break;
-	default:
-		mac = "unknown";
-		break;
-	}
-
-	if (asprintf(&ret, "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s\n",
-	    cipher->name, ver, kx, au, enc, mac) == -1)
-		return "OPENSSL_malloc Error";
-
-	if (buf != NULL) {
-		l = strlcpy(buf, ret, len);
-		free(ret);
-		ret = buf;
-		if (l >= len)
-			ret = "Buffer too small";
-	}
-
-	return (ret);
-}
-
-char *
-SSL_CIPHER_get_version(const SSL_CIPHER *c)
-{
-	if (c == NULL)
-		return("(NONE)");
-	if ((c->id >> 24) == 3)
-		return("TLSv1/SSLv3");
-	else
-		return("unknown");
-}
-
-/* return the actual cipher being used */
-const char *
-SSL_CIPHER_get_name(const SSL_CIPHER *c)
-{
-	if (c != NULL)
-		return (c->name);
-	return("(NONE)");
-}
-
-/* number of bits for symmetric cipher */
-int
-SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
-{
-	int ret = 0;
-
-	if (c != NULL) {
-		if (alg_bits != NULL)
-			*alg_bits = c->alg_bits;
-		ret = c->strength_bits;
-	}
-	return (ret);
-}
-
-unsigned long
-SSL_CIPHER_get_id(const SSL_CIPHER *c)
-{
-	return c->id;
-}
-
-uint16_t
-SSL_CIPHER_get_value(const SSL_CIPHER *c)
-{
-	return ssl3_cipher_get_value(c);
-}
-
-void *
-SSL_COMP_get_compression_methods(void)
-{
-	return NULL;
-}
-
-int
-SSL_COMP_add_compression_method(int id, void *cm)
-{
-	return 1;
-}
-
-const char *
-SSL_COMP_get_name(const void *comp)
-{
-	return NULL;
-}
diff --git a/lib/libssl/src/ssl/ssl_err.c b/lib/libssl/src/ssl/ssl_err.c
deleted file mode 100644
index 04742b60ca2..00000000000
--- a/lib/libssl/src/ssl/ssl_err.c
+++ /dev/null
@@ -1,615 +0,0 @@
-/* $OpenBSD: ssl_err.c,v 1.29 2015/02/22 15:54:27 jsing Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
-
-static ERR_STRING_DATA SSL_str_functs[]= {
-	{ERR_FUNC(SSL_F_CLIENT_CERTIFICATE),	"CLIENT_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_CLIENT_FINISHED),	"CLIENT_FINISHED"},
-	{ERR_FUNC(SSL_F_CLIENT_HELLO),	"CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_CLIENT_MASTER_KEY),	"CLIENT_MASTER_KEY"},
-	{ERR_FUNC(SSL_F_D2I_SSL_SESSION),	"d2i_SSL_SESSION"},
-	{ERR_FUNC(SSL_F_DO_DTLS1_WRITE),	"DO_DTLS1_WRITE"},
-	{ERR_FUNC(SSL_F_DO_SSL3_WRITE),	"DO_SSL3_WRITE"},
-	{ERR_FUNC(SSL_F_DTLS1_ACCEPT),	"DTLS1_ACCEPT"},
-	{ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF),	"DTLS1_ADD_CERT_TO_BUF"},
-	{ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD),	"DTLS1_BUFFER_RECORD"},
-	{ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM),	"DTLS1_CHECK_TIMEOUT_NUM"},
-	{ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO),	"DTLS1_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_DTLS1_CONNECT),	"DTLS1_CONNECT"},
-	{ERR_FUNC(SSL_F_DTLS1_ENC),	"DTLS1_ENC"},
-	{ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY),	"DTLS1_GET_HELLO_VERIFY"},
-	{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE),	"DTLS1_GET_MESSAGE"},
-	{ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),	"DTLS1_GET_MESSAGE_FRAGMENT"},
-	{ERR_FUNC(SSL_F_DTLS1_GET_RECORD),	"DTLS1_GET_RECORD"},
-	{ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT),	"DTLS1_HANDLE_TIMEOUT"},
-	{ERR_FUNC(SSL_F_DTLS1_HEARTBEAT),	"DTLS1_HEARTBEAT"},
-	{ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN),	"DTLS1_OUTPUT_CERT_CHAIN"},
-	{ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT),	"DTLS1_PREPROCESS_FRAGMENT"},
-	{ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),	"DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
-	{ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD),	"DTLS1_PROCESS_RECORD"},
-	{ERR_FUNC(SSL_F_DTLS1_READ_BYTES),	"DTLS1_READ_BYTES"},
-	{ERR_FUNC(SSL_F_DTLS1_READ_FAILED),	"DTLS1_READ_FAILED"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),	"DTLS1_SEND_CERTIFICATE_REQUEST"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),	"DTLS1_SEND_CLIENT_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),	"DTLS1_SEND_CLIENT_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY),	"DTLS1_SEND_CLIENT_VERIFY"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),	"DTLS1_SEND_HELLO_VERIFY_REQUEST"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),	"DTLS1_SEND_SERVER_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO),	"DTLS1_SEND_SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),	"DTLS1_SEND_SERVER_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),	"DTLS1_WRITE_APP_DATA_BYTES"},
-	{ERR_FUNC(SSL_F_GET_CLIENT_FINISHED),	"GET_CLIENT_FINISHED"},
-	{ERR_FUNC(SSL_F_GET_CLIENT_HELLO),	"GET_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY),	"GET_CLIENT_MASTER_KEY"},
-	{ERR_FUNC(SSL_F_GET_SERVER_FINISHED),	"GET_SERVER_FINISHED"},
-	{ERR_FUNC(SSL_F_GET_SERVER_HELLO),	"GET_SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_GET_SERVER_VERIFY),	"GET_SERVER_VERIFY"},
-	{ERR_FUNC(SSL_F_I2D_SSL_SESSION),	"i2d_SSL_SESSION"},
-	{ERR_FUNC(SSL_F_READ_N),	"READ_N"},
-	{ERR_FUNC(SSL_F_REQUEST_CERTIFICATE),	"REQUEST_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SERVER_FINISH),	"SERVER_FINISH"},
-	{ERR_FUNC(SSL_F_SERVER_HELLO),	"SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_SERVER_VERIFY),	"SERVER_VERIFY"},
-	{ERR_FUNC(SSL_F_SSL23_ACCEPT),	"SSL23_ACCEPT"},
-	{ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO),	"SSL23_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_SSL23_CONNECT),	"SSL23_CONNECT"},
-	{ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO),	"SSL23_GET_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO),	"SSL23_GET_SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_SSL23_PEEK),	"SSL23_PEEK"},
-	{ERR_FUNC(SSL_F_SSL23_READ),	"SSL23_READ"},
-	{ERR_FUNC(SSL_F_SSL23_WRITE),	"SSL23_WRITE"},
-	{ERR_FUNC(SSL_F_SSL2_ACCEPT),	"SSL2_ACCEPT"},
-	{ERR_FUNC(SSL_F_SSL2_CONNECT),	"SSL2_CONNECT"},
-	{ERR_FUNC(SSL_F_SSL2_ENC_INIT),	"SSL2_ENC_INIT"},
-	{ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),	"SSL2_GENERATE_KEY_MATERIAL"},
-	{ERR_FUNC(SSL_F_SSL2_PEEK),	"SSL2_PEEK"},
-	{ERR_FUNC(SSL_F_SSL2_READ),	"SSL2_READ"},
-	{ERR_FUNC(SSL_F_SSL2_READ_INTERNAL),	"SSL2_READ_INTERNAL"},
-	{ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE),	"SSL2_SET_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SSL2_WRITE),	"SSL2_WRITE"},
-	{ERR_FUNC(SSL_F_SSL3_ACCEPT),	"SSL3_ACCEPT"},
-	{ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF),	"SSL3_ADD_CERT_TO_BUF"},
-	{ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL),	"SSL3_CALLBACK_CTRL"},
-	{ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE),	"SSL3_CHANGE_CIPHER_STATE"},
-	{ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),	"SSL3_CHECK_CERT_AND_ALGORITHM"},
-	{ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO),	"SSL3_CHECK_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO),	"SSL3_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_SSL3_CONNECT),	"SSL3_CONNECT"},
-	{ERR_FUNC(SSL_F_SSL3_CTRL),	"SSL3_CTRL"},
-	{ERR_FUNC(SSL_F_SSL3_CTX_CTRL),	"SSL3_CTX_CTRL"},
-	{ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),	"SSL3_DIGEST_CACHED_RECORDS"},
-	{ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),	"SSL3_DO_CHANGE_CIPHER_SPEC"},
-	{ERR_FUNC(SSL_F_SSL3_ENC),	"SSL3_ENC"},
-	{ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK),	"SSL3_GENERATE_KEY_BLOCK"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),	"SSL3_GET_CERTIFICATE_REQUEST"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS),	"SSL3_GET_CERT_STATUS"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY),	"SSL3_GET_CERT_VERIFY"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),	"SSL3_GET_CLIENT_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO),	"SSL3_GET_CLIENT_HELLO"},
-	{ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),	"SSL3_GET_CLIENT_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_FINISHED),	"SSL3_GET_FINISHED"},
-	{ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE),	"SSL3_GET_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_MESSAGE),	"SSL3_GET_MESSAGE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),	"SSL3_GET_NEW_SESSION_TICKET"},
-	{ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO),	"SSL3_GET_NEXT_PROTO"},
-	{ERR_FUNC(SSL_F_SSL3_GET_RECORD),	"SSL3_GET_RECORD"},
-	{ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),	"SSL3_GET_SERVER_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE),	"SSL3_GET_SERVER_DONE"},
-	{ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO),	"SSL3_GET_SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC),	"ssl3_handshake_mac"},
-	{ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET),	"SSL3_NEW_SESSION_TICKET"},
-	{ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN),	"SSL3_OUTPUT_CERT_CHAIN"},
-	{ERR_FUNC(SSL_F_SSL3_PEEK),	"SSL3_PEEK"},
-	{ERR_FUNC(SSL_F_SSL3_READ_BYTES),	"SSL3_READ_BYTES"},
-	{ERR_FUNC(SSL_F_SSL3_READ_N),	"SSL3_READ_N"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),	"SSL3_SEND_CERTIFICATE_REQUEST"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),	"SSL3_SEND_CLIENT_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),	"SSL3_SEND_CLIENT_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY),	"SSL3_SEND_CLIENT_VERIFY"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),	"SSL3_SEND_SERVER_CERTIFICATE"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO),	"SSL3_SEND_SERVER_HELLO"},
-	{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),	"SSL3_SEND_SERVER_KEY_EXCHANGE"},
-	{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK),	"SSL3_SETUP_KEY_BLOCK"},
-	{ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER),	"SSL3_SETUP_READ_BUFFER"},
-	{ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER),	"SSL3_SETUP_WRITE_BUFFER"},
-	{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES),	"SSL3_WRITE_BYTES"},
-	{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING),	"SSL3_WRITE_PENDING"},
-	{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),	"SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT"},
-	{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),	"SSL_ADD_CLIENTHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),	"SSL_ADD_CLIENTHELLO_USE_SRTP_EXT"},
-	{ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),	"SSL_add_dir_cert_subjects_to_stack"},
-	{ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),	"SSL_add_file_cert_subjects_to_stack"},
-	{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),	"SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT"},
-	{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),	"SSL_ADD_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),	"SSL_ADD_SERVERHELLO_USE_SRTP_EXT"},
-	{ERR_FUNC(SSL_F_SSL_BAD_METHOD),	"SSL_BAD_METHOD"},
-	{ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST),	"SSL_BYTES_TO_CIPHER_LIST"},
-	{ERR_FUNC(SSL_F_SSL_CERT_DUP),	"SSL_CERT_DUP"},
-	{ERR_FUNC(SSL_F_SSL_CERT_INST),	"SSL_CERT_INST"},
-	{ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE),	"SSL_CERT_INSTANTIATE"},
-	{ERR_FUNC(SSL_F_SSL_CERT_NEW),	"SSL_CERT_NEW"},
-	{ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY),	"SSL_check_private_key"},
-	{ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),	"SSL_CHECK_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),	"SSL_CHECK_SRVR_ECC_CERT_AND_ALG"},
-	{ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),	"SSL_CIPHER_PROCESS_RULESTR"},
-	{ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT),	"SSL_CIPHER_STRENGTH_SORT"},
-	{ERR_FUNC(SSL_F_SSL_CLEAR),	"SSL_clear"},
-	{ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),	"SSL_COMP_add_compression_method"},
-	{ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST),	"SSL_CREATE_CIPHER_LIST"},
-	{ERR_FUNC(SSL_F_SSL_CTRL),	"SSL_ctrl"},
-	{ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY),	"SSL_CTX_check_private_key"},
-	{ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES),	"SSL_CTX_MAKE_PROFILES"},
-	{ERR_FUNC(SSL_F_SSL_CTX_NEW),	"SSL_CTX_new"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST),	"SSL_CTX_set_cipher_list"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),	"SSL_CTX_set_client_cert_engine"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE),	"SSL_CTX_set_purpose"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),	"SSL_CTX_set_session_id_context"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION),	"SSL_CTX_set_ssl_version"},
-	{ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST),	"SSL_CTX_set_trust"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE),	"SSL_CTX_use_certificate"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),	"SSL_CTX_use_certificate_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),	"SSL_CTX_use_certificate_chain_file"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),	"SSL_CTX_use_certificate_file"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY),	"SSL_CTX_use_PrivateKey"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),	"SSL_CTX_use_PrivateKey_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),	"SSL_CTX_use_PrivateKey_file"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),	"SSL_CTX_use_psk_identity_hint"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY),	"SSL_CTX_use_RSAPrivateKey"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),	"SSL_CTX_use_RSAPrivateKey_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),	"SSL_CTX_use_RSAPrivateKey_file"},
-	{ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE),	"SSL_do_handshake"},
-	{ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION),	"SSL_GET_NEW_SESSION"},
-	{ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION),	"SSL_GET_PREV_SESSION"},
-	{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT),	"SSL_GET_SERVER_SEND_CERT"},
-	{ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY),	"SSL_GET_SERVER_SEND_PKEY"},
-	{ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY),	"SSL_GET_SIGN_PKEY"},
-	{ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER),	"SSL_INIT_WBIO_BUFFER"},
-	{ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE),	"SSL_load_client_CA_file"},
-	{ERR_FUNC(SSL_F_SSL_NEW),	"SSL_new"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),	"SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),	"SSL_PARSE_CLIENTHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),	"SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),	"SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),	"SSL_PARSE_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),	"SSL_PARSE_SERVERHELLO_USE_SRTP_EXT"},
-	{ERR_FUNC(SSL_F_SSL_PEEK),	"SSL_peek"},
-	{ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),	"SSL_PREPARE_CLIENTHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),	"SSL_PREPARE_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_SSL_READ),	"SSL_read"},
-	{ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT),	"SSL_RSA_PRIVATE_DECRYPT"},
-	{ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT),	"SSL_RSA_PUBLIC_ENCRYPT"},
-	{ERR_FUNC(SSL_F_SSL_SESSION_NEW),	"SSL_SESSION_new"},
-	{ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP),	"SSL_SESSION_print_fp"},
-	{ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),	"SSL_SESSION_set1_id_context"},
-	{ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW),	"SSL_SESS_CERT_NEW"},
-	{ERR_FUNC(SSL_F_SSL_SET_CERT),	"SSL_SET_CERT"},
-	{ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST),	"SSL_set_cipher_list"},
-	{ERR_FUNC(SSL_F_SSL_SET_FD),	"SSL_set_fd"},
-	{ERR_FUNC(SSL_F_SSL_SET_PKEY),	"SSL_SET_PKEY"},
-	{ERR_FUNC(SSL_F_SSL_SET_PURPOSE),	"SSL_set_purpose"},
-	{ERR_FUNC(SSL_F_SSL_SET_RFD),	"SSL_set_rfd"},
-	{ERR_FUNC(SSL_F_SSL_SET_SESSION),	"SSL_set_session"},
-	{ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),	"SSL_set_session_id_context"},
-	{ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),	"SSL_set_session_ticket_ext"},
-	{ERR_FUNC(SSL_F_SSL_SET_TRUST),	"SSL_set_trust"},
-	{ERR_FUNC(SSL_F_SSL_SET_WFD),	"SSL_set_wfd"},
-	{ERR_FUNC(SSL_F_SSL_SHUTDOWN),	"SSL_shutdown"},
-	{ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT),	"SSL_SRP_CTX_init"},
-	{ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),	"SSL_UNDEFINED_CONST_FUNCTION"},
-	{ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION),	"SSL_UNDEFINED_FUNCTION"},
-	{ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),	"SSL_UNDEFINED_VOID_FUNCTION"},
-	{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE),	"SSL_use_certificate"},
-	{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1),	"SSL_use_certificate_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE),	"SSL_use_certificate_file"},
-	{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY),	"SSL_use_PrivateKey"},
-	{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1),	"SSL_use_PrivateKey_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE),	"SSL_use_PrivateKey_file"},
-	{ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT),	"SSL_use_psk_identity_hint"},
-	{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY),	"SSL_use_RSAPrivateKey"},
-	{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),	"SSL_use_RSAPrivateKey_ASN1"},
-	{ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),	"SSL_use_RSAPrivateKey_file"},
-	{ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN),	"SSL_VERIFY_CERT_CHAIN"},
-	{ERR_FUNC(SSL_F_SSL_WRITE),	"SSL_write"},
-	{ERR_FUNC(SSL_F_TLS1_AEAD_CTX_INIT), "TLS1_AEAD_CTX_INIT"},
-	{ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC),	"tls1_cert_verify_mac"},
-	{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "TLS1_CHANGE_CIPHER_STATE"},
-	{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD),	"TLS1_CHANGE_CIPHER_STATE_AEAD"},
-	{ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER), "TLS1_CHANGE_CIPHER_STATE_CIPHER"},
-	{ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),	"TLS1_CHECK_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_TLS1_ENC),	"TLS1_ENC"},
-	{ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),	"TLS1_EXPORT_KEYING_MATERIAL"},
-	{ERR_FUNC(SSL_F_TLS1_HEARTBEAT),	"SSL_F_TLS1_HEARTBEAT"},
-	{ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),	"TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),	"TLS1_PREPARE_SERVERHELLO_TLSEXT"},
-	{ERR_FUNC(SSL_F_TLS1_PRF),	"tls1_prf"},
-	{ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK),	"TLS1_SETUP_KEY_BLOCK"},
-	{ERR_FUNC(SSL_F_WRITE_PENDING),	"WRITE_PENDING"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA SSL_str_reasons[]= {
-	{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
-	{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
-	{ERR_REASON(SSL_R_BAD_ALERT_RECORD)      , "bad alert record"},
-	{ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
-	{ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
-	{ERR_REASON(SSL_R_BAD_CHECKSUM)          , "bad checksum"},
-	{ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK), "bad data returned by callback"},
-	{ERR_REASON(SSL_R_BAD_DECOMPRESSION)     , "bad decompression"},
-	{ERR_REASON(SSL_R_BAD_DH_G_LENGTH)       , "bad dh g length"},
-	{ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH) , "bad dh pub key length"},
-	{ERR_REASON(SSL_R_BAD_DH_P_LENGTH)       , "bad dh p length"},
-	{ERR_REASON(SSL_R_BAD_DIGEST_LENGTH)     , "bad digest length"},
-	{ERR_REASON(SSL_R_BAD_DSA_SIGNATURE)     , "bad dsa signature"},
-	{ERR_REASON(SSL_R_BAD_ECC_CERT)          , "bad ecc cert"},
-	{ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE)   , "bad ecdsa signature"},
-	{ERR_REASON(SSL_R_BAD_ECPOINT)           , "bad ecpoint"},
-	{ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH)  , "bad handshake length"},
-	{ERR_REASON(SSL_R_BAD_HELLO_REQUEST)     , "bad hello request"},
-	{ERR_REASON(SSL_R_BAD_LENGTH)            , "bad length"},
-	{ERR_REASON(SSL_R_BAD_MAC_DECODE)        , "bad mac decode"},
-	{ERR_REASON(SSL_R_BAD_MAC_LENGTH)        , "bad mac length"},
-	{ERR_REASON(SSL_R_BAD_MESSAGE_TYPE)      , "bad message type"},
-	{ERR_REASON(SSL_R_BAD_PACKET_LENGTH)     , "bad packet length"},
-	{ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER), "bad protocol version number"},
-	{ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH), "bad psk identity hint length"},
-	{ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT) , "bad response argument"},
-	{ERR_REASON(SSL_R_BAD_RSA_DECRYPT)       , "bad rsa decrypt"},
-	{ERR_REASON(SSL_R_BAD_RSA_ENCRYPT)       , "bad rsa encrypt"},
-	{ERR_REASON(SSL_R_BAD_RSA_E_LENGTH)      , "bad rsa e length"},
-	{ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
-	{ERR_REASON(SSL_R_BAD_RSA_SIGNATURE)     , "bad rsa signature"},
-	{ERR_REASON(SSL_R_BAD_SIGNATURE)         , "bad signature"},
-	{ERR_REASON(SSL_R_BAD_SRP_A_LENGTH)      , "bad srp a length"},
-	{ERR_REASON(SSL_R_BAD_SRP_B_LENGTH)      , "bad srp b length"},
-	{ERR_REASON(SSL_R_BAD_SRP_G_LENGTH)      , "bad srp g length"},
-	{ERR_REASON(SSL_R_BAD_SRP_N_LENGTH)      , "bad srp n length"},
-	{ERR_REASON(SSL_R_BAD_SRP_S_LENGTH)      , "bad srp s length"},
-	{ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE)    , "bad srtp mki value"},
-	{ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST), "bad srtp protection profile list"},
-	{ERR_REASON(SSL_R_BAD_SSL_FILETYPE)      , "bad ssl filetype"},
-	{ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH), "bad ssl session id length"},
-	{ERR_REASON(SSL_R_BAD_STATE)             , "bad state"},
-	{ERR_REASON(SSL_R_BAD_WRITE_RETRY)       , "bad write retry"},
-	{ERR_REASON(SSL_R_BIO_NOT_SET)           , "bio not set"},
-	{ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG), "block cipher pad is wrong"},
-	{ERR_REASON(SSL_R_BN_LIB)                , "bn lib"},
-	{ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH) , "ca dn length mismatch"},
-	{ERR_REASON(SSL_R_CA_DN_TOO_LONG)        , "ca dn too long"},
-	{ERR_REASON(SSL_R_CCS_RECEIVED_EARLY)    , "ccs received early"},
-	{ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED), "certificate verify failed"},
-	{ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH)  , "cert length mismatch"},
-	{ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
-	{ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
-	{ERR_REASON(SSL_R_CIPHER_COMPRESSION_UNAVAILABLE), "cipher compression unavailable"},
-	{ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE), "cipher or hash unavailable"},
-	{ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
-	{ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT)    , "clienthello tlsext"},
-	{ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG), "compressed length too long"},
-	{ERR_REASON(SSL_R_COMPRESSION_DISABLED)  , "compression disabled"},
-	{ERR_REASON(SSL_R_COMPRESSION_FAILURE)   , "compression failure"},
-	{ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE), "compression id not within private range"},
-	{ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR), "compression library error"},
-	{ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT), "connection id is different"},
-	{ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
-	{ERR_REASON(SSL_R_COOKIE_MISMATCH)       , "cookie mismatch"},
-	{ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED), "data between ccs and finished"},
-	{ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG)  , "data length too long"},
-	{ERR_REASON(SSL_R_DECRYPTION_FAILED)     , "decryption failed"},
-	{ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC), "decryption failed or bad record mac"},
-	{ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG), "dh public value length is wrong"},
-	{ERR_REASON(SSL_R_DIGEST_CHECK_FAILED)   , "digest check failed"},
-	{ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG)  , "dtls message too big"},
-	{ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
-	{ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT), "ecc cert not for key agreement"},
-	{ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
-	{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE), "ecc cert should have rsa signature"},
-	{ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE), "ecc cert should have sha1 signature"},
-	{ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER), "ecgroup too large for cipher"},
-	{ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST), "empty srtp protection profile list"},
-	{ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG), "encrypted length too long"},
-	{ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY), "error generating tmp rsa key"},
-	{ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST), "error in received cipher list"},
-	{ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
-	{ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE) , "extra data in message"},
-	{ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
-	{ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS), "got next proto before a ccs"},
-	{ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION), "got next proto without seeing extension"},
-	{ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST)   , "https proxy request"},
-	{ERR_REASON(SSL_R_HTTP_REQUEST)          , "http request"},
-	{ERR_REASON(SSL_R_ILLEGAL_PADDING)       , "illegal padding"},
-	{ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
-	{ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
-	{ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
-	{ERR_REASON(SSL_R_INVALID_COMMAND)       , "invalid command"},
-	{ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM), "invalid compression algorithm"},
-	{ERR_REASON(SSL_R_INVALID_PURPOSE)       , "invalid purpose"},
-	{ERR_REASON(SSL_R_INVALID_SRP_USERNAME)  , "invalid srp username"},
-	{ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
-	{ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH), "invalid ticket keys length"},
-	{ERR_REASON(SSL_R_INVALID_TRUST)         , "invalid trust"},
-	{ERR_REASON(SSL_R_KEY_ARG_TOO_LONG)      , "key arg too long"},
-	{ERR_REASON(SSL_R_KRB5)                  , "krb5"},
-	{ERR_REASON(SSL_R_KRB5_C_CC_PRINC)       , "krb5 client cc principal (no tkt?)"},
-	{ERR_REASON(SSL_R_KRB5_C_GET_CRED)       , "krb5 client get cred"},
-	{ERR_REASON(SSL_R_KRB5_C_INIT)           , "krb5 client init"},
-	{ERR_REASON(SSL_R_KRB5_C_MK_REQ)         , "krb5 client mk_req (expired tkt?)"},
-	{ERR_REASON(SSL_R_KRB5_S_BAD_TICKET)     , "krb5 server bad ticket"},
-	{ERR_REASON(SSL_R_KRB5_S_INIT)           , "krb5 server init"},
-	{ERR_REASON(SSL_R_KRB5_S_RD_REQ)         , "krb5 server rd_req (keytab perms?)"},
-	{ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED)    , "krb5 server tkt expired"},
-	{ERR_REASON(SSL_R_KRB5_S_TKT_NYV)        , "krb5 server tkt not yet valid"},
-	{ERR_REASON(SSL_R_KRB5_S_TKT_SKEW)       , "krb5 server tkt skew"},
-	{ERR_REASON(SSL_R_LENGTH_MISMATCH)       , "length mismatch"},
-	{ERR_REASON(SSL_R_LENGTH_TOO_SHORT)      , "length too short"},
-	{ERR_REASON(SSL_R_LIBRARY_BUG)           , "library bug"},
-	{ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
-	{ERR_REASON(SSL_R_MESSAGE_TOO_LONG)      , "message too long"},
-	{ERR_REASON(SSL_R_MISSING_DH_DSA_CERT)   , "missing dh dsa cert"},
-	{ERR_REASON(SSL_R_MISSING_DH_KEY)        , "missing dh key"},
-	{ERR_REASON(SSL_R_MISSING_DH_RSA_CERT)   , "missing dh rsa cert"},
-	{ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
-	{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY), "missing export tmp dh key"},
-	{ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY), "missing export tmp rsa key"},
-	{ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
-	{ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT), "missing rsa encrypting cert"},
-	{ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
-	{ERR_REASON(SSL_R_MISSING_SRP_PARAM)     , "can't find SRP server param"},
-	{ERR_REASON(SSL_R_MISSING_TMP_DH_KEY)    , "missing tmp dh key"},
-	{ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY)  , "missing tmp ecdh key"},
-	{ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY)   , "missing tmp rsa key"},
-	{ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY)  , "missing tmp rsa pkey"},
-	{ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
-	{ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS) , "multiple sgc restarts"},
-	{ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
-	{ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
-	{ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
-	{ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
-	{ERR_REASON(SSL_R_NO_CERTIFICATE_SET)    , "no certificate set"},
-	{ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
-	{ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE)  , "no ciphers available"},
-	{ERR_REASON(SSL_R_NO_CIPHERS_PASSED)     , "no ciphers passed"},
-	{ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED)  , "no ciphers specified"},
-	{ERR_REASON(SSL_R_NO_CIPHER_LIST)        , "no cipher list"},
-	{ERR_REASON(SSL_R_NO_CIPHER_MATCH)       , "no cipher match"},
-	{ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD) , "no client cert method"},
-	{ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
-	{ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
-	{ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"},
-	{ERR_REASON(SSL_R_NO_METHOD_SPECIFIED)   , "no method specified"},
-	{ERR_REASON(SSL_R_NO_PRIVATEKEY)         , "no privatekey"},
-	{ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
-	{ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
-	{ERR_REASON(SSL_R_NO_PUBLICKEY)          , "no publickey"},
-	{ERR_REASON(SSL_R_NO_RENEGOTIATION)      , "no renegotiation"},
-	{ERR_REASON(SSL_R_NO_REQUIRED_DIGEST)    , "digest requred for handshake isn't computed"},
-	{ERR_REASON(SSL_R_NO_SHARED_CIPHER)      , "no shared cipher"},
-	{ERR_REASON(SSL_R_NO_SRTP_PROFILES)      , "no srtp profiles"},
-	{ERR_REASON(SSL_R_NO_VERIFY_CALLBACK)    , "no verify callback"},
-	{ERR_REASON(SSL_R_NULL_SSL_CTX)          , "null ssl ctx"},
-	{ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
-	{ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED), "old session cipher not returned"},
-	{ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED), "old session compression algorithm not returned"},
-	{ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE), "only tls allowed in fips mode"},
-	{ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
-	{ERR_REASON(SSL_R_PARSE_TLSEXT)          , "parse tlsext"},
-	{ERR_REASON(SSL_R_PATH_TOO_LONG)         , "path too long"},
-	{ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE), "peer did not return a certificate"},
-	{ERR_REASON(SSL_R_PEER_ERROR)            , "peer error"},
-	{ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
-	{ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE), "peer error no certificate"},
-	{ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER)  , "peer error no cipher"},
-	{ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE), "peer error unsupported certificate type"},
-	{ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
-	{ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS), "problems mapping cipher functions"},
-	{ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN)  , "protocol is shutdown"},
-	{ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
-	{ERR_REASON(SSL_R_PSK_NO_CLIENT_CB)      , "psk no client cb"},
-	{ERR_REASON(SSL_R_PSK_NO_SERVER_CB)      , "psk no server cb"},
-	{ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
-	{ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA) , "public key is not rsa"},
-	{ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA)    , "public key not rsa"},
-	{ERR_REASON(SSL_R_READ_BIO_NOT_SET)      , "read bio not set"},
-	{ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED)  , "read timeout expired"},
-	{ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
-	{ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
-	{ERR_REASON(SSL_R_RECORD_TOO_LARGE)      , "record too large"},
-	{ERR_REASON(SSL_R_RECORD_TOO_SMALL)      , "record too small"},
-	{ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
-	{ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR), "renegotiation encoding err"},
-	{ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
-	{ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
-	{ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING), "required compresssion algorithm missing"},
-	{ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO), "reuse cert length not zero"},
-	{ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
-	{ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO), "reuse cipher list not zero"},
-	{ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING), "scsv received when renegotiating"},
-	{ERR_REASON(SSL_R_SERVERHELLO_TLSEXT)    , "serverhello tlsext"},
-	{ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED), "session id context uninitialized"},
-	{ERR_REASON(SSL_R_SHORT_READ)            , "short read"},
-	{ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR), "signature algorithms error"},
-	{ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE), "signature for non signing certificate"},
-	{ERR_REASON(SSL_R_SRP_A_CALC)            , "error with the srp params"},
-	{ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES), "srtp could not allocate profiles"},
-	{ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG), "srtp protection profile list too long"},
-	{ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE), "srtp unknown protection profile"},
-	{ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE), "ssl23 doing session id reuse"},
-	{ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG), "ssl2 connection id too long"},
-	{ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT), "ssl3 ext invalid ecpointformat"},
-	{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME), "ssl3 ext invalid servername"},
-	{ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE), "ssl3 ext invalid servername type"},
-	{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
-	{ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT), "ssl3 session id too short"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE), "sslv3 alert bad certificate"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC), "sslv3 alert bad record mac"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED), "sslv3 alert certificate expired"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED), "sslv3 alert certificate revoked"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN), "sslv3 alert certificate unknown"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE), "sslv3 alert decompression failure"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE), "sslv3 alert handshake failure"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER), "sslv3 alert illegal parameter"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE), "sslv3 alert no certificate"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE), "sslv3 alert unexpected message"},
-	{ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE), "sslv3 alert unsupported certificate"},
-	{ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION), "ssl ctx has no default ssl version"},
-	{ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE) , "ssl handshake failure"},
-	{ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS), "ssl library has no ciphers"},
-	{ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED), "ssl session id callback failed"},
-	{ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
-	{ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG), "ssl session id context too long"},
-	{ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH), "ssl session id has bad length"},
-	{ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT), "ssl session id is different"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED), "tlsv1 alert access denied"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED), "tlsv1 alert decryption failed"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR), "tlsv1 alert decrypt error"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION), "tlsv1 alert export restriction"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK), "tlsv1 alert inappropriate fallback"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY), "tlsv1 alert insufficient security"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR), "tlsv1 alert internal error"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION), "tlsv1 alert no renegotiation"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION), "tlsv1 alert protocol version"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW), "tlsv1 alert record overflow"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
-	{ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED), "tlsv1 alert user cancelled"},
-	{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE), "tlsv1 bad certificate hash value"},
-	{ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE), "tlsv1 bad certificate status response"},
-	{ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE), "tlsv1 certificate unobtainable"},
-	{ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
-	{ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION), "tlsv1 unsupported extension"},
-	{ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER), "tls client cert req with anon cipher"},
-	{ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT), "peer does not accept heartbeats"},
-	{ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING) , "heartbeat request already pending"},
-	{ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL), "tls illegal exporter label"},
-	{ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST), "tls invalid ecpointformat list"},
-	{ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST), "tls peer did not respond with certificate list"},
-	{ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG), "tls rsa encrypted value length is wrong"},
-	{ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER), "tried to use unsupported cipher"},
-	{ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS), "unable to decode dh certs"},
-	{ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS), "unable to decode ecdh certs"},
-	{ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY), "unable to extract public key"},
-	{ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS), "unable to find dh parameters"},
-	{ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS), "unable to find ecdh parameters"},
-	{ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS), "unable to find public key parameters"},
-	{ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD), "unable to find ssl method"},
-	{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES), "unable to load ssl2 md5 routines"},
-	{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES), "unable to load ssl3 md5 routines"},
-	{ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES), "unable to load ssl3 sha1 routines"},
-	{ERR_REASON(SSL_R_UNEXPECTED_MESSAGE)    , "unexpected message"},
-	{ERR_REASON(SSL_R_UNEXPECTED_RECORD)     , "unexpected record"},
-	{ERR_REASON(SSL_R_UNINITIALIZED)         , "uninitialized"},
-	{ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE)    , "unknown alert type"},
-	{ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
-	{ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
-	{ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE)   , "unknown cipher type"},
-	{ERR_REASON(SSL_R_UNKNOWN_DIGEST)        , "unknown digest"},
-	{ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE), "unknown key exchange type"},
-	{ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE)     , "unknown pkey type"},
-	{ERR_REASON(SSL_R_UNKNOWN_PROTOCOL)      , "unknown protocol"},
-	{ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE), "unknown remote error type"},
-	{ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION)   , "unknown ssl version"},
-	{ERR_REASON(SSL_R_UNKNOWN_STATE)         , "unknown state"},
-	{ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED), "unsafe legacy renegotiation disabled"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_CIPHER)    , "unsupported cipher"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM), "unsupported compression algorithm"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE), "unsupported elliptic curve"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL)  , "unsupported protocol"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
-	{ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
-	{ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
-	{ERR_REASON(SSL_R_WRITE_BIO_NOT_SET)     , "write bio not set"},
-	{ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED) , "wrong cipher returned"},
-	{ERR_REASON(SSL_R_WRONG_CURVE)           , "wrong curve"},
-	{ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE)    , "wrong message type"},
-	{ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
-	{ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
-	{ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE)  , "wrong signature size"},
-	{ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE)  , "wrong signature type"},
-	{ERR_REASON(SSL_R_WRONG_SSL_VERSION)     , "wrong ssl version"},
-	{ERR_REASON(SSL_R_WRONG_VERSION_NUMBER)  , "wrong version number"},
-	{ERR_REASON(SSL_R_X509_LIB)              , "x509 lib"},
-	{ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS), "x509 verification setup problems"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_SSL_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, SSL_str_functs);
-		ERR_load_strings(0, SSL_str_reasons);
-	}
-#endif
-}
diff --git a/lib/libssl/src/ssl/ssl_err2.c b/lib/libssl/src/ssl/ssl_err2.c
deleted file mode 100644
index 9aad13cdc58..00000000000
--- a/lib/libssl/src/ssl/ssl_err2.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* $OpenBSD: ssl_err2.c,v 1.7 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/err.h>
-#include <openssl/ssl.h>
-
-void
-SSL_load_error_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	ERR_load_crypto_strings();
-	ERR_load_SSL_strings();
-#endif
-}
-
diff --git a/lib/libssl/src/ssl/ssl_lib.c b/lib/libssl/src/ssl/ssl_lib.c
deleted file mode 100644
index 5b9b952e720..00000000000
--- a/lib/libssl/src/ssl/ssl_lib.c
+++ /dev/null
@@ -1,3062 +0,0 @@
-/* $OpenBSD: ssl_lib.c,v 1.116 2015/10/25 15:52:49 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/lhash.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-#include <openssl/x509v3.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "bytestring.h"
-
-const char *SSL_version_str = OPENSSL_VERSION_TEXT;
-
-SSL3_ENC_METHOD ssl3_undef_enc_method = {
-	/*
-	 * Evil casts, but these functions are only called if there's a
-	 * library bug.
-	 */
-	.enc = (int (*)(SSL *, int))ssl_undefined_function,
-	.mac = (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
-	.setup_key_block = ssl_undefined_function,
-	.generate_master_secret = (int (*)(SSL *, unsigned char *,
-	    unsigned char *, int))ssl_undefined_function,
-	.change_cipher_state = (int (*)(SSL*, int))ssl_undefined_function,
-	.final_finish_mac = (int (*)(SSL *,  const char*, int,
-	    unsigned char *))ssl_undefined_function,
-	.finish_mac_length = 0,
-	.cert_verify_mac = (int (*)(SSL *, int,
-	    unsigned char *))ssl_undefined_function,
-	.client_finished_label = NULL,
-	.client_finished_label_len = 0,
-	.server_finished_label = NULL,
-	.server_finished_label_len = 0,
-	.alert_value = (int (*)(int))ssl_undefined_function,
-	.export_keying_material = (int (*)(SSL *, unsigned char *, size_t,
-	    const char *, size_t, const unsigned char *, size_t,
-	    int use_context))ssl_undefined_function,
-	.enc_flags = 0,
-};
-
-int
-SSL_clear(SSL *s)
-{
-	if (s->method == NULL) {
-		SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
-		return (0);
-	}
-
-	if (ssl_clear_bad_session(s)) {
-		SSL_SESSION_free(s->session);
-		s->session = NULL;
-	}
-
-	s->error = 0;
-	s->hit = 0;
-	s->shutdown = 0;
-
-	if (s->renegotiate) {
-		SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
-		return (0);
-	}
-
-	s->type = 0;
-
-	s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
-
-	s->version = s->method->version;
-	s->client_version = s->version;
-	s->rwstate = SSL_NOTHING;
-	s->rstate = SSL_ST_READ_HEADER;
-
-	BUF_MEM_free(s->init_buf);
-	s->init_buf = NULL;
-
-	ssl_clear_cipher_ctx(s);
-	ssl_clear_hash_ctx(&s->read_hash);
-	ssl_clear_hash_ctx(&s->write_hash);
-
-	s->first_packet = 0;
-
-	/*
-	 * Check to see if we were changed into a different method, if
-	 * so, revert back if we are not doing session-id reuse.
-	 */
-	if (!s->in_handshake && (s->session == NULL) &&
-	    (s->method != s->ctx->method)) {
-		s->method->ssl_free(s);
-		s->method = s->ctx->method;
-		if (!s->method->ssl_new(s))
-			return (0);
-	} else
-		s->method->ssl_clear(s);
-
-	return (1);
-}
-
-/* Used to change an SSL_CTXs default SSL method type */
-int
-SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
-{
-	STACK_OF(SSL_CIPHER)	*sk;
-
-	ctx->method = meth;
-
-	sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
-	    &(ctx->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
-	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
-		SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
-		    SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
-		return (0);
-	}
-	return (1);
-}
-
-SSL *
-SSL_new(SSL_CTX *ctx)
-{
-	SSL	*s;
-
-	if (ctx == NULL) {
-		SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
-		return (NULL);
-	}
-	if (ctx->method == NULL) {
-		SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
-		return (NULL);
-	}
-
-	s = calloc(1, sizeof(SSL));
-	if (s == NULL)
-		goto err;
-
-
-	s->options = ctx->options;
-	s->mode = ctx->mode;
-	s->max_cert_list = ctx->max_cert_list;
-
-	if (ctx->cert != NULL) {
-		/*
-		 * Earlier library versions used to copy the pointer to
-		 * the CERT, not its contents; only when setting new
-		 * parameters for the per-SSL copy, ssl_cert_new would be
-		 * called (and the direct reference to the per-SSL_CTX
-		 * settings would be lost, but those still were indirectly
-		 * accessed for various purposes, and for that reason they
-		 * used to be known as s->ctx->default_cert).
-		 * Now we don't look at the SSL_CTX's CERT after having
-		 * duplicated it once.
-		*/
-		s->cert = ssl_cert_dup(ctx->cert);
-		if (s->cert == NULL)
-			goto err;
-	} else
-		s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */
-
-	s->read_ahead = ctx->read_ahead;
-	s->msg_callback = ctx->msg_callback;
-	s->msg_callback_arg = ctx->msg_callback_arg;
-	s->verify_mode = ctx->verify_mode;
-	s->sid_ctx_length = ctx->sid_ctx_length;
-	OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
-	memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
-	s->verify_callback = ctx->default_verify_callback;
-	s->generate_session_id = ctx->generate_session_id;
-
-	s->param = X509_VERIFY_PARAM_new();
-	if (!s->param)
-		goto err;
-	X509_VERIFY_PARAM_inherit(s->param, ctx->param);
-	s->quiet_shutdown = ctx->quiet_shutdown;
-	s->max_send_fragment = ctx->max_send_fragment;
-
-	CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-	s->ctx = ctx;
-	s->tlsext_debug_cb = 0;
-	s->tlsext_debug_arg = NULL;
-	s->tlsext_ticket_expected = 0;
-	s->tlsext_status_type = -1;
-	s->tlsext_status_expected = 0;
-	s->tlsext_ocsp_ids = NULL;
-	s->tlsext_ocsp_exts = NULL;
-	s->tlsext_ocsp_resp = NULL;
-	s->tlsext_ocsp_resplen = -1;
-	CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-	s->initial_ctx = ctx;
-	s->next_proto_negotiated = NULL;
-
-	if (s->ctx->alpn_client_proto_list != NULL) {
-		s->alpn_client_proto_list =
-		    malloc(s->ctx->alpn_client_proto_list_len);
-		if (s->alpn_client_proto_list == NULL)
-			goto err;
-		memcpy(s->alpn_client_proto_list,
-		    s->ctx->alpn_client_proto_list,
-		    s->ctx->alpn_client_proto_list_len);
-		s->alpn_client_proto_list_len =
-		    s->ctx->alpn_client_proto_list_len;
-	}
-
-	s->verify_result = X509_V_OK;
-
-	s->method = ctx->method;
-
-	if (!s->method->ssl_new(s))
-		goto err;
-
-	s->references = 1;
-	s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
-
-	SSL_clear(s);
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-	return (s);
-
-err:
-	SSL_free(s);
-	SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
-	return (NULL);
-}
-
-int
-SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
-    unsigned int sid_ctx_len)
-{
-	if (sid_ctx_len > sizeof ctx->sid_ctx) {
-		SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
-		    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-		return (0);
-	}
-	ctx->sid_ctx_length = sid_ctx_len;
-	memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
-
-	return (1);
-}
-
-int
-SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
-    unsigned int sid_ctx_len)
-{
-	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-		SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
-		    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-		return (0);
-	}
-	ssl->sid_ctx_length = sid_ctx_len;
-	memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
-
-	return (1);
-}
-
-int
-SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	ctx->generate_session_id = cb;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	return (1);
-}
-
-int
-SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
-{
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL);
-	ssl->generate_session_id = cb;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
-	return (1);
-}
-
-int
-SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
-    unsigned int id_len)
-{
-	/*
-	 * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp
-	 * shows how we can "construct" a session to give us the desired
-	 * check - ie. to find if there's a session in the hash table
-	 * that would conflict with any new session built out of this
-	 * id/id_len and the ssl_version in use by this SSL.
-	 */
-	SSL_SESSION r, *p;
-
-	if (id_len > sizeof r.session_id)
-		return (0);
-
-	r.ssl_version = ssl->version;
-	r.session_id_length = id_len;
-	memcpy(r.session_id, id, id_len);
-
-	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-	p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
-	CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-	return (p != NULL);
-}
-
-int
-SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
-{
-	return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
-}
-
-int
-SSL_set_purpose(SSL *s, int purpose)
-{
-	return (X509_VERIFY_PARAM_set_purpose(s->param, purpose));
-}
-
-int
-SSL_CTX_set_trust(SSL_CTX *s, int trust)
-{
-	return (X509_VERIFY_PARAM_set_trust(s->param, trust));
-}
-
-int
-SSL_set_trust(SSL *s, int trust)
-{
-	return (X509_VERIFY_PARAM_set_trust(s->param, trust));
-}
-
-int
-SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
-{
-	return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
-}
-
-int
-SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
-{
-	return (X509_VERIFY_PARAM_set1(ssl->param, vpm));
-}
-
-void
-SSL_free(SSL *s)
-{
-	int	i;
-
-	if (s == NULL)
-		return;
-
-	i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
-	if (i > 0)
-		return;
-
-	if (s->param)
-		X509_VERIFY_PARAM_free(s->param);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
-
-	if (s->bbio != NULL) {
-		/* If the buffering BIO is in place, pop it off */
-		if (s->bbio == s->wbio) {
-			s->wbio = BIO_pop(s->wbio);
-		}
-		BIO_free(s->bbio);
-		s->bbio = NULL;
-	}
-
-	if (s->rbio != s->wbio)
-		BIO_free_all(s->rbio);
-	BIO_free_all(s->wbio);
-
-	if (s->init_buf != NULL)
-		BUF_MEM_free(s->init_buf);
-
-	/* add extra stuff */
-	if (s->cipher_list != NULL)
-		sk_SSL_CIPHER_free(s->cipher_list);
-	if (s->cipher_list_by_id != NULL)
-		sk_SSL_CIPHER_free(s->cipher_list_by_id);
-
-	/* Make the next call work :-) */
-	if (s->session != NULL) {
-		ssl_clear_bad_session(s);
-		SSL_SESSION_free(s->session);
-	}
-
-	ssl_clear_cipher_ctx(s);
-	ssl_clear_hash_ctx(&s->read_hash);
-	ssl_clear_hash_ctx(&s->write_hash);
-
-	if (s->cert != NULL)
-		ssl_cert_free(s->cert);
-	/* Free up if allocated */
-
-	free(s->tlsext_hostname);
-	SSL_CTX_free(s->initial_ctx);
-	free(s->tlsext_ecpointformatlist);
-	free(s->tlsext_ellipticcurvelist);
-	if (s->tlsext_ocsp_exts)
-		sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
-		    X509_EXTENSION_free);
-	if (s->tlsext_ocsp_ids)
-		sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
-	free(s->tlsext_ocsp_resp);
-
-	if (s->client_CA != NULL)
-		sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
-
-	if (s->method != NULL)
-		s->method->ssl_free(s);
-
-	SSL_CTX_free(s->ctx);
-
-
-	free(s->next_proto_negotiated);
-	free(s->alpn_client_proto_list);
-
-#ifndef OPENSSL_NO_SRTP
-	if (s->srtp_profiles)
-		sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
-#endif
-
-	free(s);
-}
-
-void
-SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
-{
-	/* If the output buffering BIO is still in place, remove it */
-	if (s->bbio != NULL) {
-		if (s->wbio == s->bbio) {
-			s->wbio = s->wbio->next_bio;
-			s->bbio->next_bio = NULL;
-		}
-	}
-
-	if (s->rbio != rbio && s->rbio != s->wbio)
-		BIO_free_all(s->rbio);
-	if (s->wbio != wbio)
-		BIO_free_all(s->wbio);
-	s->rbio = rbio;
-	s->wbio = wbio;
-}
-
-BIO *
-SSL_get_rbio(const SSL *s)
-{
-	return (s->rbio);
-}
-
-BIO *
-SSL_get_wbio(const SSL *s)
-{
-	return (s->wbio);
-}
-
-int
-SSL_get_fd(const SSL *s)
-{
-	return (SSL_get_rfd(s));
-}
-
-int
-SSL_get_rfd(const SSL *s)
-{
-	int	 ret = -1;
-	BIO	*b, *r;
-
-	b = SSL_get_rbio(s);
-	r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
-	if (r != NULL)
-		BIO_get_fd(r, &ret);
-	return (ret);
-}
-
-int
-SSL_get_wfd(const SSL *s)
-{
-	int	 ret = -1;
-	BIO	*b, *r;
-
-	b = SSL_get_wbio(s);
-	r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
-	if (r != NULL)
-		BIO_get_fd(r, &ret);
-	return (ret);
-}
-
-int
-SSL_set_fd(SSL *s, int fd)
-{
-	int	 ret = 0;
-	BIO	*bio = NULL;
-
-	bio = BIO_new(BIO_s_socket());
-
-	if (bio == NULL) {
-		SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
-		goto err;
-	}
-	BIO_set_fd(bio, fd, BIO_NOCLOSE);
-	SSL_set_bio(s, bio, bio);
-	ret = 1;
-err:
-	return (ret);
-}
-
-int
-SSL_set_wfd(SSL *s, int fd)
-{
-	int	 ret = 0;
-	BIO	*bio = NULL;
-
-	if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
-	    || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
-		bio = BIO_new(BIO_s_socket());
-
-		if (bio == NULL) {
-			SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
-			goto err;
-		}
-		BIO_set_fd(bio, fd, BIO_NOCLOSE);
-		SSL_set_bio(s, SSL_get_rbio(s), bio);
-	} else
-		SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
-	ret = 1;
-err:
-	return (ret);
-}
-
-int
-SSL_set_rfd(SSL *s, int fd)
-{
-	int	 ret = 0;
-	BIO	*bio = NULL;
-
-	if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
-	    || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
-		bio = BIO_new(BIO_s_socket());
-
-		if (bio == NULL) {
-			SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
-			goto err;
-		}
-		BIO_set_fd(bio, fd, BIO_NOCLOSE);
-		SSL_set_bio(s, bio, SSL_get_wbio(s));
-	} else
-		SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
-	ret = 1;
-err:
-	return (ret);
-}
-
-
-/* return length of latest Finished message we sent, copy to 'buf' */
-size_t
-SSL_get_finished(const SSL *s, void *buf, size_t count)
-{
-	size_t	ret = 0;
-
-	if (s->s3 != NULL) {
-		ret = s->s3->tmp.finish_md_len;
-		if (count > ret)
-			count = ret;
-		memcpy(buf, s->s3->tmp.finish_md, count);
-	}
-	return (ret);
-}
-
-/* return length of latest Finished message we expected, copy to 'buf' */
-size_t
-SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
-{
-	size_t	ret = 0;
-
-	if (s->s3 != NULL) {
-		ret = s->s3->tmp.peer_finish_md_len;
-		if (count > ret)
-			count = ret;
-		memcpy(buf, s->s3->tmp.peer_finish_md, count);
-	}
-	return (ret);
-}
-
-
-int
-SSL_get_verify_mode(const SSL *s)
-{
-	return (s->verify_mode);
-}
-
-int
-SSL_get_verify_depth(const SSL *s)
-{
-	return (X509_VERIFY_PARAM_get_depth(s->param));
-}
-
-int
-(*SSL_get_verify_callback(const SSL *s))(int, X509_STORE_CTX *)
-{
-	return (s->verify_callback);
-}
-
-int
-SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
-{
-	return (ctx->verify_mode);
-}
-
-int
-SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
-{
-	return (X509_VERIFY_PARAM_get_depth(ctx->param));
-}
-
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
-{
-	return (ctx->default_verify_callback);
-}
-
-void
-SSL_set_verify(SSL *s, int mode,
-    int (*callback)(int ok, X509_STORE_CTX *ctx))
-{
-	s->verify_mode = mode;
-	if (callback != NULL)
-		s->verify_callback = callback;
-}
-
-void
-SSL_set_verify_depth(SSL *s, int depth)
-{
-	X509_VERIFY_PARAM_set_depth(s->param, depth);
-}
-
-void
-SSL_set_read_ahead(SSL *s, int yes)
-{
-	s->read_ahead = yes;
-}
-
-int
-SSL_get_read_ahead(const SSL *s)
-{
-	return (s->read_ahead);
-}
-
-int
-SSL_pending(const SSL *s)
-{
-	/*
-	 * SSL_pending cannot work properly if read-ahead is enabled
-	 * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
-	 * and it is impossible to fix since SSL_pending cannot report
-	 * errors that may be observed while scanning the new data.
-	 * (Note that SSL_pending() is often used as a boolean value,
-	 * so we'd better not return -1.)
-	 */
-	return (s->method->ssl_pending(s));
-}
-
-X509 *
-SSL_get_peer_certificate(const SSL *s)
-{
-	X509	*r;
-
-	if ((s == NULL) || (s->session == NULL))
-		r = NULL;
-	else
-		r = s->session->peer;
-
-	if (r == NULL)
-		return (r);
-
-	CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
-
-	return (r);
-}
-
-STACK_OF(X509) *
-SSL_get_peer_cert_chain(const SSL *s)
-{
-	STACK_OF(X509)	*r;
-
-	if ((s == NULL) || (s->session == NULL) ||
-	    (s->session->sess_cert == NULL))
-		r = NULL;
-	else
-		r = s->session->sess_cert->cert_chain;
-
-	/*
-	 * If we are a client, cert_chain includes the peer's own
-	 * certificate;
-	 * if we are a server, it does not.
-	 */
-	return (r);
-}
-
-/*
- * Now in theory, since the calling process own 't' it should be safe to
- * modify.  We need to be able to read f without being hassled
- */
-void
-SSL_copy_session_id(SSL *t, const SSL *f)
-{
-	CERT	*tmp;
-
-	/* Do we need to to SSL locking? */
-	SSL_set_session(t, SSL_get_session(f));
-
-	/*
-	 * What if we are setup as SSLv2 but want to talk SSLv3 or
-	 * vice-versa.
-	 */
-	if (t->method != f->method) {
-		t->method->ssl_free(t);	/* cleanup current */
-		t->method=f->method;	/* change method */
-		t->method->ssl_new(t);	/* setup new */
-	}
-
-	tmp = t->cert;
-	if (f->cert != NULL) {
-		CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
-		t->cert = f->cert;
-	} else
-		t->cert = NULL;
-	if (tmp != NULL)
-		ssl_cert_free(tmp);
-	SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
-}
-
-/* Fix this so it checks all the valid key/cert options */
-int
-SSL_CTX_check_private_key(const SSL_CTX *ctx)
-{
-	if ((ctx == NULL) || (ctx->cert == NULL) ||
-	    (ctx->cert->key->x509 == NULL)) {
-		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
-		    SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return (0);
-	}
-	if (ctx->cert->key->privatekey == NULL) {
-		SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
-		    SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-		return (0);
-	}
-	return (X509_check_private_key(ctx->cert->key->x509,
-	    ctx->cert->key->privatekey));
-}
-
-/* Fix this function so that it takes an optional type parameter */
-int
-SSL_check_private_key(const SSL *ssl)
-{
-	if (ssl == NULL) {
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (ssl->cert == NULL) {
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
-		    SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return (0);
-	}
-	if (ssl->cert->key->x509 == NULL) {
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
-		    SSL_R_NO_CERTIFICATE_ASSIGNED);
-		return (0);
-	}
-	if (ssl->cert->key->privatekey == NULL) {
-		SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,
-		    SSL_R_NO_PRIVATE_KEY_ASSIGNED);
-		return (0);
-	}
-	return (X509_check_private_key(ssl->cert->key->x509,
-	    ssl->cert->key->privatekey));
-}
-
-int
-SSL_accept(SSL *s)
-{
-	if (s->handshake_func == NULL)
-		SSL_set_accept_state(s); /* Not properly initialized yet */
-
-	return (s->method->ssl_accept(s));
-}
-
-int
-SSL_connect(SSL *s)
-{
-	if (s->handshake_func == NULL)
-		SSL_set_connect_state(s); /* Not properly initialized yet */
-
-	return (s->method->ssl_connect(s));
-}
-
-long
-SSL_get_default_timeout(const SSL *s)
-{
-	return (s->method->get_timeout());
-}
-
-int
-SSL_read(SSL *s, void *buf, int num)
-{
-	if (s->handshake_func == NULL) {
-		SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
-		return (-1);
-	}
-
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-		s->rwstate = SSL_NOTHING;
-		return (0);
-	}
-	return (s->method->ssl_read(s, buf, num));
-}
-
-int
-SSL_peek(SSL *s, void *buf, int num)
-{
-	if (s->handshake_func == NULL) {
-		SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
-		return (-1);
-	}
-
-	if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
-		return (0);
-	}
-	return (s->method->ssl_peek(s, buf, num));
-}
-
-int
-SSL_write(SSL *s, const void *buf, int num)
-{
-	if (s->handshake_func == NULL) {
-		SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
-		return (-1);
-	}
-
-	if (s->shutdown & SSL_SENT_SHUTDOWN) {
-		s->rwstate = SSL_NOTHING;
-		SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
-		return (-1);
-	}
-	return (s->method->ssl_write(s, buf, num));
-}
-
-int
-SSL_shutdown(SSL *s)
-{
-	/*
-	 * Note that this function behaves differently from what one might
-	 * expect.  Return values are 0 for no success (yet),
-	 * 1 for success; but calling it once is usually not enough,
-	 * even if blocking I/O is used (see ssl3_shutdown).
-	 */
-
-	if (s->handshake_func == NULL) {
-		SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
-		return (-1);
-	}
-
-	if ((s != NULL) && !SSL_in_init(s))
-		return (s->method->ssl_shutdown(s));
-	else
-		return (1);
-}
-
-int
-SSL_renegotiate(SSL *s)
-{
-	if (s->renegotiate == 0)
-		s->renegotiate = 1;
-
-	s->new_session = 1;
-
-	return (s->method->ssl_renegotiate(s));
-}
-
-int
-SSL_renegotiate_abbreviated(SSL *s)
-{
-	if (s->renegotiate == 0)
-		s->renegotiate = 1;
-
-	s->new_session = 0;
-
-	return (s->method->ssl_renegotiate(s));
-}
-
-int
-SSL_renegotiate_pending(SSL *s)
-{
-	/*
-	 * Becomes true when negotiation is requested;
-	 * false again once a handshake has finished.
-	 */
-	return (s->renegotiate != 0);
-}
-
-long
-SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
-{
-	long	l;
-
-	switch (cmd) {
-	case SSL_CTRL_GET_READ_AHEAD:
-		return (s->read_ahead);
-	case SSL_CTRL_SET_READ_AHEAD:
-		l = s->read_ahead;
-		s->read_ahead = larg;
-		return (l);
-
-	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-		s->msg_callback_arg = parg;
-		return (1);
-
-	case SSL_CTRL_OPTIONS:
-		return (s->options|=larg);
-	case SSL_CTRL_CLEAR_OPTIONS:
-		return (s->options&=~larg);
-	case SSL_CTRL_MODE:
-		return (s->mode|=larg);
-	case SSL_CTRL_CLEAR_MODE:
-		return (s->mode &=~larg);
-	case SSL_CTRL_GET_MAX_CERT_LIST:
-		return (s->max_cert_list);
-	case SSL_CTRL_SET_MAX_CERT_LIST:
-		l = s->max_cert_list;
-		s->max_cert_list = larg;
-		return (l);
-	case SSL_CTRL_SET_MTU:
-#ifndef OPENSSL_NO_DTLS1
-		if (larg < (long)dtls1_min_mtu())
-			return (0);
-#endif
-		if (SSL_IS_DTLS(s)) {
-			s->d1->mtu = larg;
-			return (larg);
-		}
-		return (0);
-	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
-		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
-			return (0);
-		s->max_send_fragment = larg;
-		return (1);
-	case SSL_CTRL_GET_RI_SUPPORT:
-		if (s->s3)
-			return (s->s3->send_connection_binding);
-		else return (0);
-	default:
-		return (s->method->ssl_ctrl(s, cmd, larg, parg));
-	}
-}
-
-long
-SSL_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
-{
-	switch (cmd) {
-	case SSL_CTRL_SET_MSG_CALLBACK:
-		s->msg_callback = (void (*)(int write_p, int version,
-		    int content_type, const void *buf, size_t len,
-		    SSL *ssl, void *arg))(fp);
-		return (1);
-
-	default:
-		return (s->method->ssl_callback_ctrl(s, cmd, fp));
-	}
-}
-
-LHASH_OF(SSL_SESSION) *
-SSL_CTX_sessions(SSL_CTX *ctx)
-{
-	return (ctx->sessions);
-}
-
-long
-SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
-{
-	long	l;
-
-	switch (cmd) {
-	case SSL_CTRL_GET_READ_AHEAD:
-		return (ctx->read_ahead);
-	case SSL_CTRL_SET_READ_AHEAD:
-		l = ctx->read_ahead;
-		ctx->read_ahead = larg;
-		return (l);
-
-	case SSL_CTRL_SET_MSG_CALLBACK_ARG:
-		ctx->msg_callback_arg = parg;
-		return (1);
-
-	case SSL_CTRL_GET_MAX_CERT_LIST:
-		return (ctx->max_cert_list);
-	case SSL_CTRL_SET_MAX_CERT_LIST:
-		l = ctx->max_cert_list;
-		ctx->max_cert_list = larg;
-		return (l);
-
-	case SSL_CTRL_SET_SESS_CACHE_SIZE:
-		l = ctx->session_cache_size;
-		ctx->session_cache_size = larg;
-		return (l);
-	case SSL_CTRL_GET_SESS_CACHE_SIZE:
-		return (ctx->session_cache_size);
-	case SSL_CTRL_SET_SESS_CACHE_MODE:
-		l = ctx->session_cache_mode;
-		ctx->session_cache_mode = larg;
-		return (l);
-	case SSL_CTRL_GET_SESS_CACHE_MODE:
-		return (ctx->session_cache_mode);
-
-	case SSL_CTRL_SESS_NUMBER:
-		return (lh_SSL_SESSION_num_items(ctx->sessions));
-	case SSL_CTRL_SESS_CONNECT:
-		return (ctx->stats.sess_connect);
-	case SSL_CTRL_SESS_CONNECT_GOOD:
-		return (ctx->stats.sess_connect_good);
-	case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
-		return (ctx->stats.sess_connect_renegotiate);
-	case SSL_CTRL_SESS_ACCEPT:
-		return (ctx->stats.sess_accept);
-	case SSL_CTRL_SESS_ACCEPT_GOOD:
-		return (ctx->stats.sess_accept_good);
-	case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
-		return (ctx->stats.sess_accept_renegotiate);
-	case SSL_CTRL_SESS_HIT:
-		return (ctx->stats.sess_hit);
-	case SSL_CTRL_SESS_CB_HIT:
-		return (ctx->stats.sess_cb_hit);
-	case SSL_CTRL_SESS_MISSES:
-		return (ctx->stats.sess_miss);
-	case SSL_CTRL_SESS_TIMEOUTS:
-		return (ctx->stats.sess_timeout);
-	case SSL_CTRL_SESS_CACHE_FULL:
-		return (ctx->stats.sess_cache_full);
-	case SSL_CTRL_OPTIONS:
-		return (ctx->options|=larg);
-	case SSL_CTRL_CLEAR_OPTIONS:
-		return (ctx->options&=~larg);
-	case SSL_CTRL_MODE:
-		return (ctx->mode|=larg);
-	case SSL_CTRL_CLEAR_MODE:
-		return (ctx->mode&=~larg);
-	case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
-		if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
-			return (0);
-		ctx->max_send_fragment = larg;
-		return (1);
-	default:
-		return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
-	}
-}
-
-long
-SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
-{
-	switch (cmd) {
-	case SSL_CTRL_SET_MSG_CALLBACK:
-		ctx->msg_callback = (void (*)(int write_p, int version,
-		    int content_type, const void *buf, size_t len, SSL *ssl,
-		    void *arg))(fp);
-		return (1);
-
-	default:
-		return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
-	}
-}
-
-int
-ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
-{
-	long	l;
-
-	l = a->id - b->id;
-	if (l == 0L)
-		return (0);
-	else
-		return ((l > 0) ? 1:-1);
-}
-
-int
-ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
-    const SSL_CIPHER * const *bp)
-{
-	long	l;
-
-	l = (*ap)->id - (*bp)->id;
-	if (l == 0L)
-		return (0);
-	else
-		return ((l > 0) ? 1:-1);
-}
-
-/*
- * Return a STACK of the ciphers available for the SSL and in order of
- * preference.
- */
-STACK_OF(SSL_CIPHER) *
-SSL_get_ciphers(const SSL *s)
-{
-	if (s != NULL) {
-		if (s->cipher_list != NULL) {
-			return (s->cipher_list);
-		} else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
-			return (s->ctx->cipher_list);
-		}
-	}
-	return (NULL);
-}
-
-/*
- * Return a STACK of the ciphers available for the SSL and in order of
- * algorithm id.
- */
-STACK_OF(SSL_CIPHER) *
-ssl_get_ciphers_by_id(SSL *s)
-{
-	if (s != NULL) {
-		if (s->cipher_list_by_id != NULL) {
-			return (s->cipher_list_by_id);
-		} else if ((s->ctx != NULL) &&
-		    (s->ctx->cipher_list_by_id != NULL)) {
-			return (s->ctx->cipher_list_by_id);
-		}
-	}
-	return (NULL);
-}
-
-/* The old interface to get the same thing as SSL_get_ciphers(). */
-const char *
-SSL_get_cipher_list(const SSL *s, int n)
-{
-	SSL_CIPHER		*c;
-	STACK_OF(SSL_CIPHER)	*sk;
-
-	if (s == NULL)
-		return (NULL);
-	sk = SSL_get_ciphers(s);
-	if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
-		return (NULL);
-	c = sk_SSL_CIPHER_value(sk, n);
-	if (c == NULL)
-		return (NULL);
-	return (c->name);
-}
-
-/* Specify the ciphers to be used by default by the SSL_CTX. */
-int
-SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
-{
-	STACK_OF(SSL_CIPHER)	*sk;
-
-	sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
-	    &ctx->cipher_list_by_id, str);
-	/*
-	 * ssl_create_cipher_list may return an empty stack if it
-	 * was unable to find a cipher matching the given rule string
-	 * (for example if the rule string specifies a cipher which
-	 * has been disabled). This is not an error as far as
-	 * ssl_create_cipher_list is concerned, and hence
-	 * ctx->cipher_list and ctx->cipher_list_by_id has been
-	 * updated.
-	 */
-	if (sk == NULL)
-		return (0);
-	else if (sk_SSL_CIPHER_num(sk) == 0) {
-		SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-		return (0);
-	}
-	return (1);
-}
-
-/* Specify the ciphers to be used by the SSL. */
-int
-SSL_set_cipher_list(SSL *s, const char *str)
-{
-	STACK_OF(SSL_CIPHER)	*sk;
-
-	sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
-	&s->cipher_list_by_id, str);
-	/* see comment in SSL_CTX_set_cipher_list */
-	if (sk == NULL)
-		return (0);
-	else if (sk_SSL_CIPHER_num(sk) == 0) {
-		SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
-		return (0);
-	}
-	return (1);
-}
-
-/* works well for SSLv2, not so good for SSLv3 */
-char *
-SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
-{
-	char			*end;
-	STACK_OF(SSL_CIPHER)	*sk;
-	SSL_CIPHER		*c;
-	size_t			 curlen = 0;
-	int			 i;
-
-	if (s->session == NULL || s->session->ciphers == NULL || len < 2)
-		return (NULL);
-
-	sk = s->session->ciphers;
-	if (sk_SSL_CIPHER_num(sk) == 0)
-		return (NULL);
-
-	buf[0] = '\0';
-	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-		c = sk_SSL_CIPHER_value(sk, i);
-		end = buf + curlen;
-		if (strlcat(buf, c->name, len) >= len ||
-		    (curlen = strlcat(buf, ":", len)) >= len) {
-			/* remove truncated cipher from list */
-			*end = '\0';
-			break;
-		}
-	}
-	/* remove trailing colon */
-	if ((end = strrchr(buf, ':')) != NULL)
-		*end = '\0';
-	return (buf);
-}
-
-int
-ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
-{
-	int		 i;
-	SSL_CIPHER	*c;
-	unsigned char	*q;
-
-	if (sk == NULL)
-		return (0);
-	q = p;
-
-	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-		c = sk_SSL_CIPHER_value(sk, i);
-
-		/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
-		if ((c->algorithm_ssl & SSL_TLSV1_2) &&
-		    (TLS1_get_client_version(s) < TLS1_2_VERSION))
-			continue;
-
-		s2n(ssl3_cipher_get_value(c), p);
-	}
-
-	/*
-	 * If p == q, no ciphers and caller indicates an error. Otherwise
-	 * add SCSV if not renegotiating.
-	 */
-	if (p != q && !s->renegotiate)
-		s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p);
-
-	return (p - q);
-}
-
-STACK_OF(SSL_CIPHER) *
-ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
-{
-	CBS			 cbs;
-	const SSL_CIPHER	*c;
-	STACK_OF(SSL_CIPHER)	*sk = NULL;
-	unsigned long		 cipher_id;
-	uint16_t		 cipher_value, max_version;
-
-	if (s->s3)
-		s->s3->send_connection_binding = 0;
-
-	/*
-	 * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
-	 */
-	if (num < 2 || num > 0x10000 - 2) {
-		SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-		    SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
-		return (NULL);
-	}
-
-	if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
-		SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	CBS_init(&cbs, p, num);
-	while (CBS_len(&cbs) > 0) {
-		if (!CBS_get_u16(&cbs, &cipher_value)) {
-			SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-			    SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
-			goto err;
-		}
-
-		cipher_id = SSL3_CK_ID | cipher_value;
-
-		if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
-			/*
-			 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
-			 * renegotiating.
-			 */
-			if (s->renegotiate) {
-				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-				    SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
-				ssl3_send_alert(s, SSL3_AL_FATAL,
-				    SSL_AD_HANDSHAKE_FAILURE);
-
-				goto err;
-			}
-			s->s3->send_connection_binding = 1;
-			continue;
-		}
-
-		if (cipher_id == SSL3_CK_FALLBACK_SCSV) {
-			/*
-			 * TLS_FALLBACK_SCSV indicates that the client
-			 * previously tried a higher protocol version.
-			 * Fail if the current version is an unexpected
-			 * downgrade.
-			 */
-			max_version = ssl_max_server_version(s);
-			if (max_version == 0 || s->version < max_version) {
-				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-				    SSL_R_INAPPROPRIATE_FALLBACK);
-				if (s->s3 != NULL)
-					ssl3_send_alert(s, SSL3_AL_FATAL,
-					    SSL_AD_INAPPROPRIATE_FALLBACK);
-				goto err;
-			}
-			continue;
-		}
-
-		if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
-			if (!sk_SSL_CIPHER_push(sk, c)) {
-				SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
-				    ERR_R_MALLOC_FAILURE);
-				goto err;
-			}
-		}
-	}
-
-	return (sk);
-
-err:
-	sk_SSL_CIPHER_free(sk);
-
-	return (NULL);
-}
-
-
-/*
- * Return a servername extension value if provided in Client Hello, or NULL.
- * So far, only host_name types are defined (RFC 3546).
- */
-const char *
-SSL_get_servername(const SSL *s, const int type)
-{
-	if (type != TLSEXT_NAMETYPE_host_name)
-		return (NULL);
-
-	return (s->session && !s->tlsext_hostname ?
-	    s->session->tlsext_hostname :
-	    s->tlsext_hostname);
-}
-
-int
-SSL_get_servername_type(const SSL *s)
-{
-	if (s->session &&
-	    (!s->tlsext_hostname ?
-	    s->session->tlsext_hostname : s->tlsext_hostname))
-		return (TLSEXT_NAMETYPE_host_name);
-	return (-1);
-}
-
-/*
- * SSL_select_next_proto implements the standard protocol selection. It is
- * expected that this function is called from the callback set by
- * SSL_CTX_set_next_proto_select_cb.
- *
- * The protocol data is assumed to be a vector of 8-bit, length prefixed byte
- * strings. The length byte itself is not included in the length. A byte
- * string of length 0 is invalid. No byte string may be truncated.
- *
- * The current, but experimental algorithm for selecting the protocol is:
- *
- * 1) If the server doesn't support NPN then this is indicated to the
- * callback. In this case, the client application has to abort the connection
- * or have a default application level protocol.
- *
- * 2) If the server supports NPN, but advertises an empty list then the
- * client selects the first protcol in its list, but indicates via the
- * API that this fallback case was enacted.
- *
- * 3) Otherwise, the client finds the first protocol in the server's list
- * that it supports and selects this protocol. This is because it's
- * assumed that the server has better information about which protocol
- * a client should use.
- *
- * 4) If the client doesn't support any of the server's advertised
- * protocols, then this is treated the same as case 2.
- *
- * It returns either
- * OPENSSL_NPN_NEGOTIATED if a common protocol was found, or
- * OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
- */
-int
-SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
-    const unsigned char *server, unsigned int server_len,
-    const unsigned char *client, unsigned int client_len)
-{
-	unsigned int		 i, j;
-	const unsigned char	*result;
-	int			 status = OPENSSL_NPN_UNSUPPORTED;
-
-	/*
-	 * For each protocol in server preference order,
-	 * see if we support it.
-	 */
-	for (i = 0; i < server_len; ) {
-		for (j = 0; j < client_len; ) {
-			if (server[i] == client[j] &&
-			    memcmp(&server[i + 1],
-			    &client[j + 1], server[i]) == 0) {
-				/* We found a match */
-				result = &server[i];
-				status = OPENSSL_NPN_NEGOTIATED;
-				goto found;
-			}
-			j += client[j];
-			j++;
-		}
-		i += server[i];
-		i++;
-	}
-
-	/* There's no overlap between our protocols and the server's list. */
-	result = client;
-	status = OPENSSL_NPN_NO_OVERLAP;
-
-found:
-	*out = (unsigned char *) result + 1;
-	*outlen = result[0];
-	return (status);
-}
-
-/*
- * SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
- * requested protocol for this connection and returns 0. If the client didn't
- * request any protocol, then *data is set to NULL.
- *
- * Note that the client can request any protocol it chooses. The value returned
- * from this function need not be a member of the list of supported protocols
- * provided by the callback.
- */
-void
-SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
-    unsigned *len)
-{
-	*data = s->next_proto_negotiated;
-	if (!*data) {
-		*len = 0;
-	} else {
-		*len = s->next_proto_negotiated_len;
-	}
-}
-
-/*
- * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when a
- * TLS server needs a list of supported protocols for Next Protocol
- * Negotiation. The returned list must be in wire format.  The list is returned
- * by setting |out| to point to it and |outlen| to its length. This memory will
- * not be modified, but one should assume that the SSL* keeps a reference to
- * it.
- *
- * The callback should return SSL_TLSEXT_ERR_OK if it wishes to advertise.
- * Otherwise, no such extension will be included in the ServerHello.
- */
-void
-SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl,
-    const unsigned char **out, unsigned int *outlen, void *arg), void *arg)
-{
-	ctx->next_protos_advertised_cb = cb;
-	ctx->next_protos_advertised_cb_arg = arg;
-}
-
-/*
- * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
- * client needs to select a protocol from the server's provided list. |out|
- * must be set to point to the selected protocol (which may be within |in|).
- * The length of the protocol name must be written into |outlen|. The server's
- * advertised protocols are provided in |in| and |inlen|. The callback can
- * assume that |in| is syntactically valid.
- *
- * The client must select a protocol. It is fatal to the connection if this
- * callback returns a value other than SSL_TLSEXT_ERR_OK.
- */
-void
-SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx, int (*cb) (SSL *s,
-    unsigned char **out, unsigned char *outlen, const unsigned char *in,
-    unsigned int inlen, void *arg), void *arg)
-{
-	ctx->next_proto_select_cb = cb;
-	ctx->next_proto_select_cb_arg = arg;
-}
-
-/*
- * SSL_CTX_set_alpn_protos sets the ALPN protocol list to the specified
- * protocols, which must be in wire-format (i.e. a series of non-empty,
- * 8-bit length-prefixed strings). Returns 0 on success.
- */
-int
-SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
-    unsigned int protos_len)
-{
-	free(ctx->alpn_client_proto_list);
-	if ((ctx->alpn_client_proto_list = malloc(protos_len)) == NULL)
-		return (1);
-	memcpy(ctx->alpn_client_proto_list, protos, protos_len);
-	ctx->alpn_client_proto_list_len = protos_len;
-
-	return (0);
-}
-
-/*
- * SSL_set_alpn_protos sets the ALPN protocol list to the specified
- * protocols, which must be in wire-format (i.e. a series of non-empty,
- * 8-bit length-prefixed strings). Returns 0 on success.
- */
-int
-SSL_set_alpn_protos(SSL *ssl, const unsigned char* protos,
-    unsigned int protos_len)
-{
-	free(ssl->alpn_client_proto_list);
-	if ((ssl->alpn_client_proto_list = malloc(protos_len)) == NULL)
-		return (1);
-	memcpy(ssl->alpn_client_proto_list, protos, protos_len);
-	ssl->alpn_client_proto_list_len = protos_len;
-
-	return (0);
-}
-
-/*
- * SSL_CTX_set_alpn_select_cb sets a callback function that is called during
- * ClientHello processing in order to select an ALPN protocol from the
- * client's list of offered protocols.
- */
-void
-SSL_CTX_set_alpn_select_cb(SSL_CTX* ctx,
-    int (*cb) (SSL *ssl, const unsigned char **out, unsigned char *outlen,
-    const unsigned char *in, unsigned int inlen, void *arg), void *arg)
-{
-	ctx->alpn_select_cb = cb;
-	ctx->alpn_select_cb_arg = arg;
-}
-
-/*
- * SSL_get0_alpn_selected gets the selected ALPN protocol (if any). On return
- * it sets data to point to len bytes of protocol name (not including the
- * leading length-prefix byte). If the server didn't respond with* a negotiated
- * protocol then len will be zero.
- */
-void
-SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
-    unsigned *len)
-{
-	*data = NULL;
-	*len = 0;
-
-	if (ssl->s3 != NULL) {
-		*data = ssl->s3->alpn_selected;
-		*len = ssl->s3->alpn_selected_len;
-	}
-}
-
-int
-SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-    const char *label, size_t llen, const unsigned char *p, size_t plen,
-    int use_context)
-{
-	return (s->method->ssl3_enc->export_keying_material(s, out, olen,
-	    label, llen, p, plen, use_context));
-}
-
-static unsigned long
-ssl_session_hash(const SSL_SESSION *a)
-{
-	unsigned long	l;
-
-	l = (unsigned long)
-	    ((unsigned int) a->session_id[0]     )|
-	    ((unsigned int) a->session_id[1]<< 8L)|
-	    ((unsigned long)a->session_id[2]<<16L)|
-	    ((unsigned long)a->session_id[3]<<24L);
-	return (l);
-}
-
-/*
- * NB: If this function (or indeed the hash function which uses a sort of
- * coarser function than this one) is changed, ensure
- * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on being
- * able to construct an SSL_SESSION that will collide with any existing session
- * with a matching session ID.
- */
-static int
-ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
-{
-	if (a->ssl_version != b->ssl_version)
-		return (1);
-	if (a->session_id_length != b->session_id_length)
-		return (1);
-	if (timingsafe_memcmp(a->session_id, b->session_id, a->session_id_length) != 0)
-		return (1);
-	return (0);
-}
-
-/*
- * These wrapper functions should remain rather than redeclaring
- * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
- * variable. The reason is that the functions aren't static, they're exposed via
- * ssl.h.
- */
-static
-IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
-static
-IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
-
-SSL_CTX *
-SSL_CTX_new(const SSL_METHOD *meth)
-{
-	SSL_CTX	*ret = NULL;
-
-	if (meth == NULL) {
-		SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
-		return (NULL);
-	}
-
-	if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
-		SSLerr(SSL_F_SSL_CTX_NEW,
-		    SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
-		goto err;
-	}
-	ret = calloc(1, sizeof(SSL_CTX));
-	if (ret == NULL)
-		goto err;
-
-	ret->method = meth;
-
-	ret->cert_store = NULL;
-	ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
-	ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
-	ret->session_cache_head = NULL;
-	ret->session_cache_tail = NULL;
-
-	/* We take the system default */
-	ret->session_timeout = meth->get_timeout();
-
-	ret->new_session_cb = 0;
-	ret->remove_session_cb = 0;
-	ret->get_session_cb = 0;
-	ret->generate_session_id = 0;
-
-	memset((char *)&ret->stats, 0, sizeof(ret->stats));
-
-	ret->references = 1;
-	ret->quiet_shutdown = 0;
-
-	ret->info_callback = NULL;
-
-	ret->app_verify_callback = 0;
-	ret->app_verify_arg = NULL;
-
-	ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
-	ret->read_ahead = 0;
-	ret->msg_callback = 0;
-	ret->msg_callback_arg = NULL;
-	ret->verify_mode = SSL_VERIFY_NONE;
-	ret->sid_ctx_length = 0;
-	ret->default_verify_callback = NULL;
-	if ((ret->cert = ssl_cert_new()) == NULL)
-		goto err;
-
-	ret->default_passwd_callback = 0;
-	ret->default_passwd_callback_userdata = NULL;
-	ret->client_cert_cb = 0;
-	ret->app_gen_cookie_cb = 0;
-	ret->app_verify_cookie_cb = 0;
-
-	ret->sessions = lh_SSL_SESSION_new();
-	if (ret->sessions == NULL)
-		goto err;
-	ret->cert_store = X509_STORE_new();
-	if (ret->cert_store == NULL)
-		goto err;
-
-	ssl_create_cipher_list(ret->method, &ret->cipher_list,
-	    &ret->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
-	if (ret->cipher_list == NULL ||
-	    sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
-		SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
-		goto err2;
-	}
-
-	ret->param = X509_VERIFY_PARAM_new();
-	if (!ret->param)
-		goto err;
-
-	if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
-		SSLerr(SSL_F_SSL_CTX_NEW,
-		    SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
-		goto err2;
-	}
-	if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
-		SSLerr(SSL_F_SSL_CTX_NEW,
-		    SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
-		goto err2;
-	}
-
-	if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
-		goto err;
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
-
-	ret->extra_certs = NULL;
-
-	ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
-
-	ret->tlsext_servername_callback = 0;
-	ret->tlsext_servername_arg = NULL;
-
-	/* Setup RFC4507 ticket keys */
-	arc4random_buf(ret->tlsext_tick_key_name, 16);
-	arc4random_buf(ret->tlsext_tick_hmac_key, 16);
-	arc4random_buf(ret->tlsext_tick_aes_key, 16);
-
-	ret->tlsext_status_cb = 0;
-	ret->tlsext_status_arg = NULL;
-
-	ret->next_protos_advertised_cb = 0;
-	ret->next_proto_select_cb = 0;
-#ifndef OPENSSL_NO_ENGINE
-	ret->client_cert_engine = NULL;
-#ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
-#define eng_strx(x)	#x
-#define eng_str(x)	eng_strx(x)
-	/* Use specific client engine automatically... ignore errors */
-	{
-		ENGINE *eng;
-		eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-		if (!eng) {
-			ERR_clear_error();
-			ENGINE_load_builtin_engines();
-			eng = ENGINE_by_id(eng_str(
-			    OPENSSL_SSL_CLIENT_ENGINE_AUTO));
-		}
-		if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
-			ERR_clear_error();
-	}
-#endif
-#endif
-	/*
-	 * Default is to connect to non-RI servers. When RI is more widely
-	 * deployed might change this.
-	 */
-	ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
-
-	return (ret);
-err:
-	SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
-err2:
-	SSL_CTX_free(ret);
-	return (NULL);
-}
-
-void
-SSL_CTX_free(SSL_CTX *a)
-{
-	int	i;
-
-	if (a == NULL)
-		return;
-
-	i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
-	if (i > 0)
-		return;
-
-	if (a->param)
-		X509_VERIFY_PARAM_free(a->param);
-
-	/*
-	 * Free internal session cache. However: the remove_cb() may reference
-	 * the ex_data of SSL_CTX, thus the ex_data store can only be removed
-	 * after the sessions were flushed.
-	 * As the ex_data handling routines might also touch the session cache,
-	 * the most secure solution seems to be: empty (flush) the cache, then
-	 * free ex_data, then finally free the cache.
-	 * (See ticket [openssl.org #212].)
-	 */
-	if (a->sessions != NULL)
-		SSL_CTX_flush_sessions(a, 0);
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
-	if (a->sessions != NULL)
-		lh_SSL_SESSION_free(a->sessions);
-
-	if (a->cert_store != NULL)
-		X509_STORE_free(a->cert_store);
-	if (a->cipher_list != NULL)
-		sk_SSL_CIPHER_free(a->cipher_list);
-	if (a->cipher_list_by_id != NULL)
-		sk_SSL_CIPHER_free(a->cipher_list_by_id);
-	if (a->cert != NULL)
-		ssl_cert_free(a->cert);
-	if (a->client_CA != NULL)
-		sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
-	if (a->extra_certs != NULL)
-		sk_X509_pop_free(a->extra_certs, X509_free);
-
-#ifndef OPENSSL_NO_SRTP
-	if (a->srtp_profiles)
-		sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
-#endif
-
-#ifndef OPENSSL_NO_ENGINE
-	if (a->client_cert_engine)
-		ENGINE_finish(a->client_cert_engine);
-#endif
-
-	free(a->alpn_client_proto_list);
-
-	free(a);
-}
-
-void
-SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
-{
-	ctx->default_passwd_callback = cb;
-}
-
-void
-SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
-{
-	ctx->default_passwd_callback_userdata = u;
-}
-
-void
-SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(X509_STORE_CTX *,
-    void *), void *arg)
-{
-	ctx->app_verify_callback = cb;
-	ctx->app_verify_arg = arg;
-}
-
-void
-SSL_CTX_set_verify(SSL_CTX *ctx, int mode, int (*cb)(int, X509_STORE_CTX *))
-{
-	ctx->verify_mode = mode;
-	ctx->default_verify_callback = cb;
-}
-
-void
-SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
-{
-	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
-}
-
-void
-ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
-{
-	CERT_PKEY	*cpk;
-	int		 rsa_enc, rsa_sign, dh_tmp, dsa_sign;
-	unsigned long	 mask_k, mask_a;
-	int		 have_ecc_cert, ecdh_ok, ecdsa_ok;
-	int		 have_ecdh_tmp;
-	X509		*x = NULL;
-	EVP_PKEY	*ecc_pkey = NULL;
-	int		 signature_nid = 0, pk_nid = 0, md_nid = 0;
-
-	if (c == NULL)
-		return;
-
-	dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL ||
-	    c->dh_tmp_auto != 0);
-
-	have_ecdh_tmp = (c->ecdh_tmp != NULL || c->ecdh_tmp_cb != NULL ||
-	    c->ecdh_tmp_auto != 0);
-	cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
-	rsa_enc = (cpk->x509 != NULL && cpk->privatekey != NULL);
-	cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
-	rsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
-	cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
-	dsa_sign = (cpk->x509 != NULL && cpk->privatekey != NULL);
-/* FIX THIS EAY EAY EAY */
-	cpk = &(c->pkeys[SSL_PKEY_ECC]);
-	have_ecc_cert = (cpk->x509 != NULL && cpk->privatekey != NULL);
-	mask_k = 0;
-	mask_a = 0;
-
-	cpk = &(c->pkeys[SSL_PKEY_GOST01]);
-	if (cpk->x509 != NULL && cpk->privatekey !=NULL) {
-		mask_k |= SSL_kGOST;
-		mask_a |= SSL_aGOST01;
-	}
-
-	if (rsa_enc)
-		mask_k|=SSL_kRSA;
-
-	if (dh_tmp)
-		mask_k|=SSL_kDHE;
-
-	if (rsa_enc || rsa_sign)
-		mask_a|=SSL_aRSA;
-
-	if (dsa_sign)
-		mask_a|=SSL_aDSS;
-
-	mask_a|=SSL_aNULL;
-
-	/*
-	 * An ECC certificate may be usable for ECDH and/or
-	 * ECDSA cipher suites depending on the key usage extension.
-	 */
-	if (have_ecc_cert) {
-		/* This call populates extension flags (ex_flags) */
-		x = (c->pkeys[SSL_PKEY_ECC]).x509;
-		X509_check_purpose(x, -1, 0);
-		ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
-		(x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
-		ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
-		(x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
-		ecc_pkey = X509_get_pubkey(x);
-		EVP_PKEY_free(ecc_pkey);
-		if ((x->sig_alg) && (x->sig_alg->algorithm)) {
-			signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
-			OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
-		}
-		if (ecdh_ok) {
-			if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
-				mask_k|=SSL_kECDHr;
-				mask_a|=SSL_aECDH;
-			}
-			if (pk_nid == NID_X9_62_id_ecPublicKey) {
-				mask_k|=SSL_kECDHe;
-				mask_a|=SSL_aECDH;
-			}
-		}
-		if (ecdsa_ok)
-			mask_a|=SSL_aECDSA;
-	}
-
-	if (have_ecdh_tmp) {
-		mask_k|=SSL_kECDHE;
-	}
-
-
-	c->mask_k = mask_k;
-	c->mask_a = mask_a;
-	c->valid = 1;
-}
-
-/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
-#define ku_reject(x, usage) \
-	(((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
-
-
-int
-ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
-{
-	unsigned long		 alg_k, alg_a;
-	int			 signature_nid = 0, md_nid = 0, pk_nid = 0;
-	const SSL_CIPHER	*cs = s->s3->tmp.new_cipher;
-
-	alg_k = cs->algorithm_mkey;
-	alg_a = cs->algorithm_auth;
-
-	/* This call populates the ex_flags field correctly */
-	X509_check_purpose(x, -1, 0);
-	if ((x->sig_alg) && (x->sig_alg->algorithm)) {
-		signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
-		OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
-	}
-	if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
-		/* key usage, if present, must allow key agreement */
-		if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
-			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-			    SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
-			return (0);
-		}
-		if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) <
-		    TLS1_2_VERSION) {
-			/* signature alg must be ECDSA */
-			if (pk_nid != NID_X9_62_id_ecPublicKey) {
-				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-				    SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
-				return (0);
-			}
-		}
-		if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) <
-		    TLS1_2_VERSION) {
-			/* signature alg must be RSA */
-			if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
-				SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-				    SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
-				return (0);
-			}
-		}
-	}
-	if (alg_a & SSL_aECDSA) {
-		/* key usage, if present, must allow signing */
-		if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
-			SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
-			    SSL_R_ECC_CERT_NOT_FOR_SIGNING);
-			return (0);
-		}
-	}
-
-	return (1);
-	/* all checks are ok */
-}
-
-
-/* THIS NEEDS CLEANING UP */
-CERT_PKEY *
-ssl_get_server_send_pkey(const SSL *s)
-{
-	unsigned long	 alg_k, alg_a;
-	CERT		*c;
-	int		 i;
-
-	c = s->cert;
-	ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
-
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-
-	if (alg_k & (SSL_kECDHr|SSL_kECDHe)) {
-		/*
-		 * We don't need to look at SSL_kECDHE
-		 * since no certificate is needed for
-		 * anon ECDH and for authenticated
-		 * ECDHE, the check for the auth
-		 * algorithm will set i correctly
-		 * NOTE: For ECDH-RSA, we need an ECC
-		 * not an RSA cert but for EECDH-RSA
-		 * we need an RSA cert. Placing the
-		 * checks for SSL_kECDH before RSA
-		 * checks ensures the correct cert is chosen.
-		 */
-		i = SSL_PKEY_ECC;
-	} else if (alg_a & SSL_aECDSA) {
-		i = SSL_PKEY_ECC;
-	} else if (alg_a & SSL_aDSS) {
-		i = SSL_PKEY_DSA_SIGN;
-	} else if (alg_a & SSL_aRSA) {
-		if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
-			i = SSL_PKEY_RSA_SIGN;
-		else
-			i = SSL_PKEY_RSA_ENC;
-	} else if (alg_a & SSL_aGOST01) {
-		i = SSL_PKEY_GOST01;
-	} else { /* if (alg_a & SSL_aNULL) */
-		SSLerr(SSL_F_SSL_GET_SERVER_SEND_PKEY, ERR_R_INTERNAL_ERROR);
-		return (NULL);
-	}
-
-	return (c->pkeys + i);
-}
-
-X509 *
-ssl_get_server_send_cert(const SSL *s)
-{
-	CERT_PKEY	*cpk;
-
-	cpk = ssl_get_server_send_pkey(s);
-	if (!cpk)
-		return (NULL);
-	return (cpk->x509);
-}
-
-EVP_PKEY *
-ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
-{
-	unsigned long	 alg_a;
-	CERT		*c;
-	int		 idx = -1;
-
-	alg_a = cipher->algorithm_auth;
-	c = s->cert;
-
-	if ((alg_a & SSL_aDSS) &&
-	    (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
-		idx = SSL_PKEY_DSA_SIGN;
-	else if (alg_a & SSL_aRSA) {
-		if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
-			idx = SSL_PKEY_RSA_SIGN;
-		else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
-			idx = SSL_PKEY_RSA_ENC;
-	} else if ((alg_a & SSL_aECDSA) &&
-	    (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
-		idx = SSL_PKEY_ECC;
-	if (idx == -1) {
-		SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
-		return (NULL);
-	}
-	if (pmd)
-		*pmd = c->pkeys[idx].digest;
-	return (c->pkeys[idx].privatekey);
-}
-
-DH *
-ssl_get_auto_dh(SSL *s)
-{
-	CERT_PKEY *cpk;
-	int keylen;
-	DH *dhp;
-
-	if (s->cert->dh_tmp_auto == 2) {
-		keylen = 1024;
-	} else if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
-		keylen = 1024;
-		if (s->s3->tmp.new_cipher->strength_bits == 256)
-			keylen = 3072;
-	} else {
-		if ((cpk = ssl_get_server_send_pkey(s)) == NULL)
-			return (NULL);
-		if (cpk->privatekey == NULL || cpk->privatekey->pkey.dh == NULL)
-			return (NULL);
-		keylen = EVP_PKEY_bits(cpk->privatekey);
-	}
-
-	if ((dhp = DH_new()) == NULL)
-		return (NULL);
-
-	dhp->g = BN_new();
-	if (dhp->g != NULL)
-		BN_set_word(dhp->g, 2);
-
-	if (keylen >= 8192)
-		dhp->p = get_rfc3526_prime_8192(NULL);
-	else if (keylen >= 4096)
-		dhp->p = get_rfc3526_prime_4096(NULL);
-	else if (keylen >= 3072)
-		dhp->p = get_rfc3526_prime_3072(NULL);
-	else if (keylen >= 2048)
-		dhp->p = get_rfc3526_prime_2048(NULL);
-	else if (keylen >= 1536)
-		dhp->p = get_rfc3526_prime_1536(NULL);
-	else
-		dhp->p = get_rfc2409_prime_1024(NULL);
-
-	if (dhp->p == NULL || dhp->g == NULL) {
-		DH_free(dhp);
-		return (NULL);
-	}
-	return (dhp);
-}
-
-void
-ssl_update_cache(SSL *s, int mode)
-{
-	int	i;
-
-	/*
-	 * If the session_id_length is 0, we are not supposed to cache it,
-	 * and it would be rather hard to do anyway :-)
-	 */
-	if (s->session->session_id_length == 0)
-		return;
-
-	i = s->session_ctx->session_cache_mode;
-	if ((i & mode) && (!s->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
-	    || SSL_CTX_add_session(s->session_ctx, s->session))
-	    && (s->session_ctx->new_session_cb != NULL)) {
-		CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
-		if (!s->session_ctx->new_session_cb(s, s->session))
-			SSL_SESSION_free(s->session);
-	}
-
-	/* auto flush every 255 connections */
-	if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
-	    ((i & mode) == mode)) {
-		if ((((mode & SSL_SESS_CACHE_CLIENT) ?
-		    s->session_ctx->stats.sess_connect_good :
-		    s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
-			SSL_CTX_flush_sessions(s->session_ctx, time(NULL));
-		}
-	}
-}
-
-const SSL_METHOD *
-SSL_get_ssl_method(SSL *s)
-{
-	return (s->method);
-}
-
-int
-SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
-{
-	int	conn = -1;
-	int	ret = 1;
-
-	if (s->method != meth) {
-		if (s->handshake_func != NULL)
-			conn = (s->handshake_func == s->method->ssl_connect);
-
-		if (s->method->version == meth->version)
-			s->method = meth;
-		else {
-			s->method->ssl_free(s);
-			s->method = meth;
-			ret = s->method->ssl_new(s);
-		}
-
-		if (conn == 1)
-			s->handshake_func = meth->ssl_connect;
-		else if (conn == 0)
-			s->handshake_func = meth->ssl_accept;
-	}
-	return (ret);
-}
-
-int
-SSL_get_error(const SSL *s, int i)
-{
-	int		 reason;
-	unsigned long	 l;
-	BIO		*bio;
-
-	if (i > 0)
-		return (SSL_ERROR_NONE);
-
-	/* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake
-	 * etc, where we do encode the error */
-	if ((l = ERR_peek_error()) != 0) {
-		if (ERR_GET_LIB(l) == ERR_LIB_SYS)
-			return (SSL_ERROR_SYSCALL);
-		else
-			return (SSL_ERROR_SSL);
-	}
-
-	if ((i < 0) && SSL_want_read(s)) {
-		bio = SSL_get_rbio(s);
-		if (BIO_should_read(bio)) {
-			return (SSL_ERROR_WANT_READ);
-		} else if (BIO_should_write(bio)) {
-			/*
-			 * This one doesn't make too much sense...  We never
-			 * try to write to the rbio, and an application
-			 * program where rbio and wbio are separate couldn't
-			 * even know what it should wait for.  However if we
-			 * ever set s->rwstate incorrectly (so that we have
-			 * SSL_want_read(s) instead of SSL_want_write(s))
-			 * and rbio and wbio *are* the same, this test works
-			 * around that bug; so it might be safer to keep it.
-			 */
-			return (SSL_ERROR_WANT_WRITE);
-		} else if (BIO_should_io_special(bio)) {
-			reason = BIO_get_retry_reason(bio);
-			if (reason == BIO_RR_CONNECT)
-				return (SSL_ERROR_WANT_CONNECT);
-			else if (reason == BIO_RR_ACCEPT)
-				return (SSL_ERROR_WANT_ACCEPT);
-			else
-				return (SSL_ERROR_SYSCALL); /* unknown */
-		}
-	}
-
-	if ((i < 0) && SSL_want_write(s)) {
-		bio = SSL_get_wbio(s);
-		if (BIO_should_write(bio)) {
-			return (SSL_ERROR_WANT_WRITE);
-		} else if (BIO_should_read(bio)) {
-			/*
-			 * See above (SSL_want_read(s) with
-			 * BIO_should_write(bio))
-			 */
-			return (SSL_ERROR_WANT_READ);
-		} else if (BIO_should_io_special(bio)) {
-			reason = BIO_get_retry_reason(bio);
-			if (reason == BIO_RR_CONNECT)
-				return (SSL_ERROR_WANT_CONNECT);
-			else if (reason == BIO_RR_ACCEPT)
-				return (SSL_ERROR_WANT_ACCEPT);
-			else
-				return (SSL_ERROR_SYSCALL);
-		}
-	}
-	if ((i < 0) && SSL_want_x509_lookup(s)) {
-		return (SSL_ERROR_WANT_X509_LOOKUP);
-	}
-
-	if (i == 0) {
-		if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
-		    (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
-		return (SSL_ERROR_ZERO_RETURN);
-	}
-	return (SSL_ERROR_SYSCALL);
-}
-
-int
-SSL_do_handshake(SSL *s)
-{
-	int	ret = 1;
-
-	if (s->handshake_func == NULL) {
-		SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
-		return (-1);
-	}
-
-	s->method->ssl_renegotiate_check(s);
-
-	if (SSL_in_init(s) || SSL_in_before(s)) {
-		ret = s->handshake_func(s);
-	}
-	return (ret);
-}
-
-/*
- * For the next 2 functions, SSL_clear() sets shutdown and so
- * one of these calls will reset it
- */
-void
-SSL_set_accept_state(SSL *s)
-{
-	s->server = 1;
-	s->shutdown = 0;
-	s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
-	s->handshake_func = s->method->ssl_accept;
-	/* clear the current cipher */
-	ssl_clear_cipher_ctx(s);
-	ssl_clear_hash_ctx(&s->read_hash);
-	ssl_clear_hash_ctx(&s->write_hash);
-}
-
-void
-SSL_set_connect_state(SSL *s)
-{
-	s->server = 0;
-	s->shutdown = 0;
-	s->state = SSL_ST_CONNECT|SSL_ST_BEFORE;
-	s->handshake_func = s->method->ssl_connect;
-	/* clear the current cipher */
-	ssl_clear_cipher_ctx(s);
-	ssl_clear_hash_ctx(&s->read_hash);
-	ssl_clear_hash_ctx(&s->write_hash);
-}
-
-int
-ssl_undefined_function(SSL *s)
-{
-	SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,
-	    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return (0);
-}
-
-int
-ssl_undefined_void_function(void)
-{
-	SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
-	    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return (0);
-}
-
-int
-ssl_undefined_const_function(const SSL *s)
-{
-	SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
-	    ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-	return (0);
-}
-
-const char *
-ssl_version_string(int ver)
-{
-	switch (ver) {
-	case DTLS1_VERSION:
-		return (SSL_TXT_DTLS1);
-	case TLS1_VERSION:
-		return (SSL_TXT_TLSV1);
-	case TLS1_1_VERSION:
-		return (SSL_TXT_TLSV1_1);
-	case TLS1_2_VERSION:
-		return (SSL_TXT_TLSV1_2);
-	default:
-		return ("unknown");
-	}
-}
-
-const char *
-SSL_get_version(const SSL *s)
-{
-	return ssl_version_string(s->version);
-}
-
-uint16_t
-ssl_max_server_version(SSL *s)
-{
-	uint16_t max_version;
-
-	/*
-	 * The SSL method will be changed during version negotiation, as such
-	 * we want to use the SSL method from the context.
-	 */
-	max_version = s->ctx->method->version;
-
-	if (SSL_IS_DTLS(s))
-		return (DTLS1_VERSION);
-
-	if ((s->options & SSL_OP_NO_TLSv1_2) == 0 &&
-	    max_version >= TLS1_2_VERSION)
-		return (TLS1_2_VERSION);
-	if ((s->options & SSL_OP_NO_TLSv1_1) == 0 &&
-	    max_version >= TLS1_1_VERSION)
-		return (TLS1_1_VERSION);
-	if ((s->options & SSL_OP_NO_TLSv1) == 0 &&
-	    max_version >= TLS1_VERSION)
-		return (TLS1_VERSION);
-
-	return (0);
-}
-
-SSL *
-SSL_dup(SSL *s)
-{
-	STACK_OF(X509_NAME) *sk;
-	X509_NAME *xn;
-	SSL *ret;
-	int i;
-
-	if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
-		return (NULL);
-
-	ret->version = s->version;
-	ret->type = s->type;
-	ret->method = s->method;
-
-	if (s->session != NULL) {
-		/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
-		SSL_copy_session_id(ret, s);
-	} else {
-		/*
-		 * No session has been established yet, so we have to expect
-		 * that s->cert or ret->cert will be changed later --
-		 * they should not both point to the same object,
-		 * and thus we can't use SSL_copy_session_id.
-		 */
-
-		ret->method->ssl_free(ret);
-		ret->method = s->method;
-		ret->method->ssl_new(ret);
-
-		if (s->cert != NULL) {
-			if (ret->cert != NULL) {
-				ssl_cert_free(ret->cert);
-			}
-			ret->cert = ssl_cert_dup(s->cert);
-			if (ret->cert == NULL)
-				goto err;
-		}
-
-		SSL_set_session_id_context(ret,
-		s->sid_ctx, s->sid_ctx_length);
-	}
-
-	ret->options = s->options;
-	ret->mode = s->mode;
-	SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
-	SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
-	ret->msg_callback = s->msg_callback;
-	ret->msg_callback_arg = s->msg_callback_arg;
-	SSL_set_verify(ret, SSL_get_verify_mode(s),
-	SSL_get_verify_callback(s));
-	SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
-	ret->generate_session_id = s->generate_session_id;
-
-	SSL_set_info_callback(ret, SSL_get_info_callback(s));
-
-	ret->debug = s->debug;
-
-	/* copy app data, a little dangerous perhaps */
-	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL,
-	    &ret->ex_data, &s->ex_data))
-		goto err;
-
-	/* setup rbio, and wbio */
-	if (s->rbio != NULL) {
-		if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
-			goto err;
-	}
-	if (s->wbio != NULL) {
-		if (s->wbio != s->rbio) {
-			if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
-				goto err;
-		} else
-			ret->wbio = ret->rbio;
-	}
-	ret->rwstate = s->rwstate;
-	ret->in_handshake = s->in_handshake;
-	ret->handshake_func = s->handshake_func;
-	ret->server = s->server;
-	ret->renegotiate = s->renegotiate;
-	ret->new_session = s->new_session;
-	ret->quiet_shutdown = s->quiet_shutdown;
-	ret->shutdown = s->shutdown;
-	/* SSL_dup does not really work at any state, though */
-	ret->state=s->state;
-	ret->rstate = s->rstate;
-
-	/*
-	 * Would have to copy ret->init_buf, ret->init_msg, ret->init_num,
-	 * ret->init_off
-	 */
-	ret->init_num = 0;
-
-	ret->hit = s->hit;
-
-	X509_VERIFY_PARAM_inherit(ret->param, s->param);
-
-	/* dup the cipher_list and cipher_list_by_id stacks */
-	if (s->cipher_list != NULL) {
-		if ((ret->cipher_list =
-		    sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
-			goto err;
-	}
-	if (s->cipher_list_by_id != NULL) {
-		if ((ret->cipher_list_by_id =
-		    sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL)
-			goto err;
-	}
-
-	/* Dup the client_CA list */
-	if (s->client_CA != NULL) {
-		if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
-			ret->client_CA = sk;
-		for (i = 0; i < sk_X509_NAME_num(sk); i++) {
-			xn = sk_X509_NAME_value(sk, i);
-			if (sk_X509_NAME_set(sk, i,
-			    X509_NAME_dup(xn)) == NULL) {
-				X509_NAME_free(xn);
-				goto err;
-			}
-		}
-	}
-
-	if (0) {
-err:
-		if (ret != NULL)
-			SSL_free(ret);
-		ret = NULL;
-	}
-	return (ret);
-}
-
-void
-ssl_clear_cipher_ctx(SSL *s)
-{
-	EVP_CIPHER_CTX_free(s->enc_read_ctx);
-	s->enc_read_ctx = NULL;
-	EVP_CIPHER_CTX_free(s->enc_write_ctx);
-	s->enc_write_ctx = NULL;
-
-	if (s->aead_read_ctx != NULL) {
-		EVP_AEAD_CTX_cleanup(&s->aead_read_ctx->ctx);
-		free(s->aead_read_ctx);
-		s->aead_read_ctx = NULL;
-	}
-	if (s->aead_write_ctx != NULL) {
-		EVP_AEAD_CTX_cleanup(&s->aead_write_ctx->ctx);
-		free(s->aead_write_ctx);
-		s->aead_write_ctx = NULL;
-	}
-
-}
-
-/* Fix this function so that it takes an optional type parameter */
-X509 *
-SSL_get_certificate(const SSL *s)
-{
-	if (s->cert != NULL)
-		return (s->cert->key->x509);
-	else
-		return (NULL);
-}
-
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *
-SSL_get_privatekey(SSL *s)
-{
-	if (s->cert != NULL)
-		return (s->cert->key->privatekey);
-	else
-		return (NULL);
-}
-
-const SSL_CIPHER *
-SSL_get_current_cipher(const SSL *s)
-{
-	if ((s->session != NULL) && (s->session->cipher != NULL))
-		return (s->session->cipher);
-	return (NULL);
-}
-const void *
-SSL_get_current_compression(SSL *s)
-{
-	return (NULL);
-}
-
-const void *
-SSL_get_current_expansion(SSL *s)
-{
-	return (NULL);
-}
-
-int
-ssl_init_wbio_buffer(SSL *s, int push)
-{
-	BIO	*bbio;
-
-	if (s->bbio == NULL) {
-		bbio = BIO_new(BIO_f_buffer());
-		if (bbio == NULL)
-			return (0);
-		s->bbio = bbio;
-	} else {
-		bbio = s->bbio;
-		if (s->bbio == s->wbio)
-			s->wbio = BIO_pop(s->wbio);
-	}
-	(void)BIO_reset(bbio);
-/*	if (!BIO_set_write_buffer_size(bbio,16*1024)) */
-	if (!BIO_set_read_buffer_size(bbio, 1)) {
-		SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
-		return (0);
-	}
-	if (push) {
-		if (s->wbio != bbio)
-			s->wbio = BIO_push(bbio, s->wbio);
-	} else {
-		if (s->wbio == bbio)
-			s->wbio = BIO_pop(bbio);
-	}
-	return (1);
-}
-
-void
-ssl_free_wbio_buffer(SSL *s)
-{
-	if (s == NULL)
-		return;
-
-	if (s->bbio == NULL)
-		return;
-
-	if (s->bbio == s->wbio) {
-		/* remove buffering */
-		s->wbio = BIO_pop(s->wbio);
-	}
-	BIO_free(s->bbio);
-	s->bbio = NULL;
-}
-
-void
-SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
-{
-	ctx->quiet_shutdown = mode;
-}
-
-int
-SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
-{
-	return (ctx->quiet_shutdown);
-}
-
-void
-SSL_set_quiet_shutdown(SSL *s, int mode)
-{
-	s->quiet_shutdown = mode;
-}
-
-int
-SSL_get_quiet_shutdown(const SSL *s)
-{
-	return (s->quiet_shutdown);
-}
-
-void
-SSL_set_shutdown(SSL *s, int mode)
-{
-	s->shutdown = mode;
-}
-
-int
-SSL_get_shutdown(const SSL *s)
-{
-	return (s->shutdown);
-}
-
-int
-SSL_version(const SSL *s)
-{
-	return (s->version);
-}
-
-SSL_CTX *
-SSL_get_SSL_CTX(const SSL *ssl)
-{
-	return (ssl->ctx);
-}
-
-SSL_CTX *
-SSL_set_SSL_CTX(SSL *ssl, SSL_CTX* ctx)
-{
-	if (ssl->ctx == ctx)
-		return (ssl->ctx);
-	if (ctx == NULL)
-		ctx = ssl->initial_ctx;
-	if (ssl->cert != NULL)
-		ssl_cert_free(ssl->cert);
-	ssl->cert = ssl_cert_dup(ctx->cert);
-	CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
-	SSL_CTX_free(ssl->ctx); /* decrement reference count */
-	ssl->ctx = ctx;
-	return (ssl->ctx);
-}
-
-int
-SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
-{
-	return (X509_STORE_set_default_paths(ctx->cert_store));
-}
-
-int
-SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
-    const char *CApath)
-{
-	return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
-}
-
-int
-SSL_CTX_load_verify_mem(SSL_CTX *ctx, void *buf, int len)
-{
-	return (X509_STORE_load_mem(ctx->cert_store, buf, len));
-}
-
-void
-SSL_set_info_callback(SSL *ssl, void (*cb)(const SSL *ssl, int type, int val))
-{
-	ssl->info_callback = cb;
-}
-
-void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
-{
-	return (ssl->info_callback);
-}
-
-int
-SSL_state(const SSL *ssl)
-{
-	return (ssl->state);
-}
-
-void
-SSL_set_state(SSL *ssl, int state)
-{
-	ssl->state = state;
-}
-
-void
-SSL_set_verify_result(SSL *ssl, long arg)
-{
-	ssl->verify_result = arg;
-}
-
-long
-SSL_get_verify_result(const SSL *ssl)
-{
-	return (ssl->verify_result);
-}
-
-int
-SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
-	    new_func, dup_func, free_func));
-}
-
-int
-SSL_set_ex_data(SSL *s, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *
-SSL_get_ex_data(const SSL *s, int idx)
-{
-	return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int
-SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return (CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
-	    new_func, dup_func, free_func));
-}
-
-int
-SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *
-SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
-{
-	return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-int
-ssl_ok(SSL *s)
-{
-	return (1);
-}
-
-X509_STORE *
-SSL_CTX_get_cert_store(const SSL_CTX *ctx)
-{
-	return (ctx->cert_store);
-}
-
-void
-SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
-{
-	if (ctx->cert_store != NULL)
-		X509_STORE_free(ctx->cert_store);
-	ctx->cert_store = store;
-}
-
-int
-SSL_want(const SSL *s)
-{
-	return (s->rwstate);
-}
-
-void
-SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb)(SSL *ssl, int is_export,
-    int keylength))
-{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
-}
-
-void
-SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb)(SSL *ssl, int is_export,
-    int keylength))
-{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB,(void (*)(void))cb);
-}
-
-void
-SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, DH *(*dh)(SSL *ssl, int is_export,
-    int keylength))
-{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
-}
-
-void
-SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh)(SSL *ssl, int is_export,
-    int keylength))
-{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB,(void (*)(void))dh);
-}
-
-void
-SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx, EC_KEY *(*ecdh)(SSL *ssl,
-    int is_export, int keylength))
-{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
-	    (void (*)(void))ecdh);
-}
-
-void
-SSL_set_tmp_ecdh_callback(SSL *ssl, EC_KEY *(*ecdh)(SSL *ssl, int is_export,
-    int keylength))
-{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB,(void (*)(void))ecdh);
-}
-
-
-void
-SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version,
-    int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
-{
-	SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK,
-	    (void (*)(void))cb);
-}
-
-void
-SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version,
-    int content_type, const void *buf, size_t len, SSL *ssl, void *arg))
-{
-	SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
-}
-
-void
-ssl_clear_hash_ctx(EVP_MD_CTX **hash)
-{
-	if (*hash)
-		EVP_MD_CTX_destroy(*hash);
-	*hash = NULL;
-}
-
-void
-SSL_set_debug(SSL *s, int debug)
-{
-	s->debug = debug;
-}
-
-int
-SSL_cache_hit(SSL *s)
-{
-	return (s->hit);
-}
-
-IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
diff --git a/lib/libssl/src/ssl/ssl_locl.h b/lib/libssl/src/ssl/ssl_locl.h
deleted file mode 100644
index 2a521fe26a3..00000000000
--- a/lib/libssl/src/ssl/ssl_locl.h
+++ /dev/null
@@ -1,847 +0,0 @@
-/* $OpenBSD: ssl_locl.h,v 1.129 2016/04/28 16:39:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
- * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_SSL_LOCL_H
-#define HEADER_SSL_LOCL_H
-
-#include <sys/types.h>
-
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-#include <unistd.h>
-
-#include <openssl/opensslconf.h>
-#include <openssl/bio.h>
-#include <openssl/buffer.h>
-#include <openssl/dsa.h>
-#include <openssl/err.h>
-#include <openssl/rsa.h>
-#include <openssl/ssl.h>
-#include <openssl/stack.h>
-
-#define c2l(c,l)	(l = ((unsigned long)(*((c)++)))     , \
-			 l|=(((unsigned long)(*((c)++)))<< 8), \
-			 l|=(((unsigned long)(*((c)++)))<<16), \
-			 l|=(((unsigned long)(*((c)++)))<<24))
-
-/* NOTE - c is not incremented as per c2l */
-#define c2ln(c,l1,l2,n)	{ \
-			c+=n; \
-			l1=l2=0; \
-			switch (n) { \
-			case 8: l2 =((unsigned long)(*(--(c))))<<24; \
-			case 7: l2|=((unsigned long)(*(--(c))))<<16; \
-			case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
-			case 5: l2|=((unsigned long)(*(--(c))));     \
-			case 4: l1 =((unsigned long)(*(--(c))))<<24; \
-			case 3: l1|=((unsigned long)(*(--(c))))<<16; \
-			case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
-			case 1: l1|=((unsigned long)(*(--(c))));     \
-				} \
-			}
-
-#define l2c(l,c)	(*((c)++)=(unsigned char)(((l)    )&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24)&0xff))
-
-#define n2l(c,l)	(l =((unsigned long)(*((c)++)))<<24, \
-			 l|=((unsigned long)(*((c)++)))<<16, \
-			 l|=((unsigned long)(*((c)++)))<< 8, \
-			 l|=((unsigned long)(*((c)++))))
-
-#define l2n(l,c)	(*((c)++)=(unsigned char)(((l)>>24)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)    )&0xff))
-
-#define l2n8(l,c)	(*((c)++)=(unsigned char)(((l)>>56)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>48)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>40)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>32)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>24)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>>16)&0xff), \
-			 *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
-			 *((c)++)=(unsigned char)(((l)    )&0xff))
-
-/* NOTE - c is not incremented as per l2c */
-#define l2cn(l1,l2,c,n)	{ \
-			c+=n; \
-			switch (n) { \
-			case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
-			case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
-			case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
-			case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
-			case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
-			case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
-			case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
-			case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
-				} \
-			}
-
-#define n2s(c,s)	((s=(((unsigned int)(c[0]))<< 8)| \
-			    (((unsigned int)(c[1]))    )),c+=2)
-#define s2n(s,c)	((c[0]=(unsigned char)(((s)>> 8)&0xff), \
-			  c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
-
-#define n2l3(c,l)	((l =(((unsigned long)(c[0]))<<16)| \
-			     (((unsigned long)(c[1]))<< 8)| \
-			     (((unsigned long)(c[2]))    )),c+=3)
-
-#define l2n3(l,c)	((c[0]=(unsigned char)(((l)>>16)&0xff), \
-			  c[1]=(unsigned char)(((l)>> 8)&0xff), \
-			  c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
-
-/* LOCAL STUFF */
-
-#define SSL_DECRYPT	0
-#define SSL_ENCRYPT	1
-
-/*
- * Define the Bitmasks for SSL_CIPHER.algorithms.
- * This bits are used packed as dense as possible. If new methods/ciphers
- * etc will be added, the bits a likely to change, so this information
- * is for internal library use only, even though SSL_CIPHER.algorithms
- * can be publicly accessed.
- * Use the according functions for cipher management instead.
- *
- * The bit mask handling in the selection and sorting scheme in
- * ssl_create_cipher_list() has only limited capabilities, reflecting
- * that the different entities within are mutually exclusive:
- * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
- */
-
-/* Bits for algorithm_mkey (key exchange algorithm) */
-#define SSL_kRSA		0x00000001L /* RSA key exchange */
-#define SSL_kDHE		0x00000008L /* tmp DH key no DH cert */
-#define SSL_kECDHr		0x00000020L /* ECDH cert, RSA CA cert */
-#define SSL_kECDHe		0x00000040L /* ECDH cert, ECDSA CA cert */
-#define SSL_kECDHE		0x00000080L /* ephemeral ECDH */
-#define SSL_kGOST		0x00000200L /* GOST key exchange */
-
-/* Bits for algorithm_auth (server authentication) */
-#define SSL_aRSA		0x00000001L /* RSA auth */
-#define SSL_aDSS 		0x00000002L /* DSS auth */
-#define SSL_aNULL 		0x00000004L /* no auth (i.e. use ADH or AECDH) */
-#define SSL_aECDH 		0x00000010L /* Fixed ECDH auth (kECDHe or kECDHr) */
-#define SSL_aECDSA              0x00000040L /* ECDSA auth*/
-#define SSL_aGOST01 		0x00000200L /* GOST R 34.10-2001 signature auth */
-
-
-/* Bits for algorithm_enc (symmetric encryption) */
-#define SSL_DES			0x00000001L
-#define SSL_3DES		0x00000002L
-#define SSL_RC4			0x00000004L
-#define SSL_IDEA		0x00000008L
-#define SSL_eNULL		0x00000010L
-#define SSL_AES128		0x00000020L
-#define SSL_AES256		0x00000040L
-#define SSL_CAMELLIA128		0x00000080L
-#define SSL_CAMELLIA256		0x00000100L
-#define SSL_eGOST2814789CNT	0x00000200L
-#define SSL_AES128GCM		0x00000400L
-#define SSL_AES256GCM		0x00000800L
-#define SSL_CHACHA20POLY1305	0x00001000L
-#define SSL_CHACHA20POLY1305_OLD	0x00002000L
-
-#define SSL_AES        		(SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
-#define SSL_CAMELLIA		(SSL_CAMELLIA128|SSL_CAMELLIA256)
-
-
-/* Bits for algorithm_mac (symmetric authentication) */
-
-#define SSL_MD5			0x00000001L
-#define SSL_SHA1		0x00000002L
-#define SSL_GOST94      0x00000004L
-#define SSL_GOST89MAC   0x00000008L
-#define SSL_SHA256		0x00000010L
-#define SSL_SHA384		0x00000020L
-/* Not a real MAC, just an indication it is part of cipher */
-#define SSL_AEAD		0x00000040L
-#define SSL_STREEBOG256		0x00000080L
-#define SSL_STREEBOG512		0x00000100L
-
-/* Bits for algorithm_ssl (protocol version) */
-#define SSL_SSLV3		0x00000002L
-#define SSL_TLSV1		SSL_SSLV3	/* for now */
-#define SSL_TLSV1_2		0x00000004L
-
-
-/* Bits for algorithm2 (handshake digests and other extra flags) */
-
-#define SSL_HANDSHAKE_MAC_MD5 0x10
-#define SSL_HANDSHAKE_MAC_SHA 0x20
-#define SSL_HANDSHAKE_MAC_GOST94 0x40
-#define SSL_HANDSHAKE_MAC_SHA256 0x80
-#define SSL_HANDSHAKE_MAC_SHA384 0x100
-#define SSL_HANDSHAKE_MAC_STREEBOG256 0x200
-#define SSL_HANDSHAKE_MAC_STREEBOG512 0x400
-#define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
-
-/* When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX
- * make sure to update this constant too */
-#define SSL_MAX_DIGEST 8
-
-#define SSL3_CK_ID		0x03000000
-#define SSL3_CK_VALUE_MASK	0x0000ffff
-
-#define TLS1_PRF_DGST_MASK	(0xff << TLS1_PRF_DGST_SHIFT)
-
-#define TLS1_PRF_DGST_SHIFT 10
-#define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF_STREEBOG256 (SSL_HANDSHAKE_MAC_STREEBOG256 << TLS1_PRF_DGST_SHIFT)
-#define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
-
-/* Stream MAC for GOST ciphersuites from cryptopro draft
- * (currently this also goes into algorithm2) */
-#define TLS1_STREAM_MAC 0x04
-
-/*
- * SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD is an algorithm2 flag that
- * indicates that the variable part of the nonce is included as a prefix of
- * the record (AES-GCM, for example, does this with an 8-byte variable nonce.)
- */
-#define SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD (1 << 22)
-
-/*
- * SSL_CIPHER_ALGORITHM2_AEAD is an algorithm2 flag that indicates the cipher
- * is implemented via an EVP_AEAD.
- */
-#define SSL_CIPHER_ALGORITHM2_AEAD (1 << 23)
-
-/*
- * SSL_CIPHER_AEAD_FIXED_NONCE_LEN returns the number of bytes of fixed nonce
- * for an SSL_CIPHER with the SSL_CIPHER_ALGORITHM2_AEAD flag.
- */
-#define SSL_CIPHER_AEAD_FIXED_NONCE_LEN(ssl_cipher) \
-	(((ssl_cipher->algorithm2 >> 24) & 0xf) * 2)
-
-/*
- * Cipher strength information.
- */
-#define SSL_STRONG_MASK		0x000001fcL
-#define SSL_STRONG_NONE		0x00000004L
-#define SSL_LOW			0x00000020L
-#define SSL_MEDIUM		0x00000040L
-#define SSL_HIGH		0x00000080L
-
-/*
- * The keylength (measured in RSA key bits, I guess)  for temporary keys.
- * Cipher argument is so that this can be variable in the future.
- */
-#define SSL_C_PKEYLENGTH(c)	1024
-
-/* Check if an SSL structure is using DTLS. */
-#define SSL_IS_DTLS(s) (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
-
-/* See if we need explicit IV. */
-#define SSL_USE_EXPLICIT_IV(s) \
-	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
-
-/* See if we use signature algorithms extension. */
-#define SSL_USE_SIGALGS(s) \
-	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
-
-/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
-#define SSL_USE_TLS1_2_CIPHERS(s) \
-	(s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
-
-/* Mostly for SSLv3 */
-#define SSL_PKEY_RSA_ENC	0
-#define SSL_PKEY_RSA_SIGN	1
-#define SSL_PKEY_DSA_SIGN	2
-#define SSL_PKEY_DH_RSA		3
-#define SSL_PKEY_DH_DSA		4
-#define SSL_PKEY_ECC            5
-#define SSL_PKEY_GOST01		6
-#define SSL_PKEY_NUM		7
-
-/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
- * 	    <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
- * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
- * SSL_kDHE <- RSA_ENC | RSA_SIGN | DSA_SIGN
- * SSL_aRSA <- RSA_ENC | RSA_SIGN
- * SSL_aDSS <- DSA_SIGN
- */
-
-/*
-#define CERT_INVALID		0
-#define CERT_PUBLIC_KEY		1
-#define CERT_PRIVATE_KEY	2
-*/
-
-/* From ECC-TLS draft, used in encoding the curve type in
- * ECParameters
- */
-#define EXPLICIT_PRIME_CURVE_TYPE  1
-#define EXPLICIT_CHAR2_CURVE_TYPE  2
-#define NAMED_CURVE_TYPE           3
-
-typedef struct cert_pkey_st {
-	X509 *x509;
-	EVP_PKEY *privatekey;
-	/* Digest to use when signing */
-	const EVP_MD *digest;
-} CERT_PKEY;
-
-typedef struct cert_st {
-	/* Current active set */
-	CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array
-			 * Probably it would make more sense to store
-			 * an index, not a pointer. */
-
-	/* The following masks are for the key and auth
-	 * algorithms that are supported by the certs below */
-	int valid;
-	unsigned long mask_k;
-	unsigned long mask_a;
-
-	DH *dh_tmp;
-	DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
-	int dh_tmp_auto;
-
-	EC_KEY *ecdh_tmp;
-	EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
-	int ecdh_tmp_auto;
-
-	CERT_PKEY pkeys[SSL_PKEY_NUM];
-
-	int references; /* >1 only if SSL_copy_session_id is used */
-} CERT;
-
-
-typedef struct sess_cert_st {
-	STACK_OF(X509) *cert_chain; /* as received from peer */
-
-	/* The 'peer_...' members are used only by clients. */
-	int peer_cert_type;
-
-	CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
-	CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
-	/* Obviously we don't have the private keys of these,
-	 * so maybe we shouldn't even use the CERT_PKEY type here. */
-
-	DH *peer_dh_tmp;
-	EC_KEY *peer_ecdh_tmp;
-
-	int references; /* actually always 1 at the moment */
-} SESS_CERT;
-
-
-/*#define SSL_DEBUG	*/
-/*#define RSA_DEBUG	*/
-
-/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
- * It is a bit of a mess of functions, but hell, think of it as
- * an opaque structure :-) */
-typedef struct ssl3_enc_method {
-	int (*enc)(SSL *, int);
-	int (*mac)(SSL *, unsigned char *, int);
-	int (*setup_key_block)(SSL *);
-	int (*generate_master_secret)(SSL *, unsigned char *,
-	    unsigned char *, int);
-	int (*change_cipher_state)(SSL *, int);
-	int (*final_finish_mac)(SSL *,  const char *, int, unsigned char *);
-	int finish_mac_length;
-	int (*cert_verify_mac)(SSL *, int, unsigned char *);
-	const char *client_finished_label;
-	int client_finished_label_len;
-	const char *server_finished_label;
-	int server_finished_label_len;
-	int (*alert_value)(int);
-	int (*export_keying_material)(SSL *, unsigned char *, size_t,
-	    const char *, size_t, const unsigned char *, size_t,
-	    int use_context);
-	/* Flags indicating protocol version requirements. */
-	unsigned int enc_flags;
-} SSL3_ENC_METHOD;
-
-/*
- * Flag values for enc_flags.
- */
-
-/* Uses explicit IV. */
-#define SSL_ENC_FLAG_EXPLICIT_IV        (1 << 0)
-
-/* Uses signature algorithms extension. */
-#define SSL_ENC_FLAG_SIGALGS            (1 << 1)
-
-/* Uses SHA256 default PRF. */
-#define SSL_ENC_FLAG_SHA256_PRF         (1 << 2)
-
-/* Is DTLS. */
-#define SSL_ENC_FLAG_DTLS               (1 << 3)
-
-/* Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2. */
-#define SSL_ENC_FLAG_TLS1_2_CIPHERS     (1 << 4)
-
-/*
- * ssl_aead_ctx_st contains information about an AEAD that is being used to
- * encrypt an SSL connection.
- */
-struct ssl_aead_ctx_st {
-	EVP_AEAD_CTX ctx;
-	/*
-	 * fixed_nonce contains any bytes of the nonce that are fixed for all
-	 * records.
-	 */
-	unsigned char fixed_nonce[12];
-	unsigned char fixed_nonce_len;
-	unsigned char variable_nonce_len;
-	unsigned char xor_fixed_nonce;
-	unsigned char tag_len;
-	/*
-	 * variable_nonce_in_record is non-zero if the variable nonce
-	 * for a record is included as a prefix before the ciphertext.
-	 */
-	char variable_nonce_in_record;
-};
-
-extern SSL3_ENC_METHOD ssl3_undef_enc_method;
-extern SSL_CIPHER ssl3_ciphers[];
-
-const char *ssl_version_string(int ver);
-uint16_t ssl_max_server_version(SSL *s);
-
-extern SSL3_ENC_METHOD DTLSv1_enc_data;
-extern SSL3_ENC_METHOD TLSv1_enc_data;
-extern SSL3_ENC_METHOD TLSv1_1_enc_data;
-extern SSL3_ENC_METHOD TLSv1_2_enc_data;
-
-void ssl_clear_cipher_ctx(SSL *s);
-int ssl_clear_bad_session(SSL *s);
-CERT *ssl_cert_new(void);
-CERT *ssl_cert_dup(CERT *cert);
-int ssl_cert_inst(CERT **o);
-void ssl_cert_free(CERT *c);
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
-int ssl_get_new_session(SSL *s, int session);
-int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
-    const unsigned char *limit);
-int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
-DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
-int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
-    const SSL_CIPHER * const *bp);
-STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p,
-    int num);
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
-    unsigned char *p);
-STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
-    STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
-    const char *rule_str);
-void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
-    const EVP_MD **md, int *mac_pkey_type, int *mac_secret_size);
-int ssl_cipher_get_evp_aead(const SSL_SESSION *s, const EVP_AEAD **aead);
-int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
-
-int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
-int ssl_undefined_function(SSL *s);
-int ssl_undefined_void_function(void);
-int ssl_undefined_const_function(const SSL *s);
-CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
-X509 *ssl_get_server_send_cert(const SSL *);
-EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
-DH *ssl_get_auto_dh(SSL *s);
-int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
-void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
-STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
-int ssl_verify_alarm_type(long type);
-void ssl_load_ciphers(void);
-
-const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
-int ssl3_send_server_certificate(SSL *s);
-int ssl3_send_newsession_ticket(SSL *s);
-int ssl3_send_cert_status(SSL *s);
-int ssl3_get_finished(SSL *s, int state_a, int state_b);
-int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
-int ssl3_do_write(SSL *s, int type);
-int ssl3_send_alert(SSL *s, int level, int desc);
-int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
-long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
-int ssl3_num_ciphers(void);
-const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
-const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
-const SSL_CIPHER *ssl3_get_cipher_by_value(uint16_t value);
-uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
-int ssl3_renegotiate(SSL *ssl);
-
-int ssl3_renegotiate_check(SSL *ssl);
-
-int ssl3_dispatch_alert(SSL *s);
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
-unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
-    STACK_OF(SSL_CIPHER) *srvr);
-int	ssl3_setup_buffers(SSL *s);
-int	ssl3_setup_init_buffer(SSL *s);
-int	ssl3_setup_read_buffer(SSL *s);
-int	ssl3_setup_write_buffer(SSL *s);
-int	ssl3_release_read_buffer(SSL *s);
-int	ssl3_release_write_buffer(SSL *s);
-int	ssl3_new(SSL *s);
-void	ssl3_free(SSL *s);
-int	ssl3_accept(SSL *s);
-int	ssl3_connect(SSL *s);
-int	ssl3_read(SSL *s, void *buf, int len);
-int	ssl3_peek(SSL *s, void *buf, int len);
-int	ssl3_write(SSL *s, const void *buf, int len);
-int	ssl3_shutdown(SSL *s);
-void	ssl3_clear(SSL *s);
-long	ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
-long	ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
-long	ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
-long	ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void));
-int	ssl3_pending(const SSL *s);
-
-int ssl3_handshake_msg_hdr_len(SSL *s);
-unsigned char *ssl3_handshake_msg_start(SSL *s, uint8_t htype);
-void ssl3_handshake_msg_finish(SSL *s, unsigned int len);
-int ssl3_handshake_write(SSL *s);
-
-void tls1_record_sequence_increment(unsigned char *seq);
-int ssl3_do_change_cipher_spec(SSL *ssl);
-
-int ssl23_read(SSL *s, void *buf, int len);
-int ssl23_peek(SSL *s, void *buf, int len);
-int ssl23_write(SSL *s, const void *buf, int len);
-long ssl23_default_timeout(void);
-
-long tls1_default_timeout(void);
-int dtls1_do_write(SSL *s, int type);
-int ssl3_read_n(SSL *s, int n, int max, int extend);
-int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
-int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
-    unsigned int len);
-unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
-    unsigned char mt, unsigned long len, unsigned long frag_off,
-    unsigned long frag_len);
-
-int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
-int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
-
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
-int dtls1_read_failed(SSL *s, int code);
-int dtls1_buffer_message(SSL *s, int ccs);
-int dtls1_retransmit_message(SSL *s, unsigned short seq,
-    unsigned long frag_off, int *found);
-int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
-int dtls1_retransmit_buffered_messages(SSL *s);
-void dtls1_clear_record_buffer(SSL *s);
-int dtls1_get_message_header(unsigned char *data,
-    struct hm_header_st *msg_hdr);
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
-void dtls1_reset_seq_numbers(SSL *s, int rw);
-void dtls1_build_sequence_number(unsigned char *dst, unsigned char *seq,
-    unsigned short epoch);
-long dtls1_default_timeout(void);
-struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
-int dtls1_check_timeout_num(SSL *s);
-int dtls1_handle_timeout(SSL *s);
-const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
-void dtls1_start_timer(SSL *s);
-void dtls1_stop_timer(SSL *s);
-int dtls1_is_timer_expired(SSL *s);
-void dtls1_double_timeout(SSL *s);
-unsigned int dtls1_min_mtu(void);
-
-/* some client-only functions */
-int ssl3_client_hello(SSL *s);
-int ssl3_get_server_hello(SSL *s);
-int ssl3_get_certificate_request(SSL *s);
-int ssl3_get_new_session_ticket(SSL *s);
-int ssl3_get_cert_status(SSL *s);
-int ssl3_get_server_done(SSL *s);
-int ssl3_send_client_verify(SSL *s);
-int ssl3_send_client_certificate(SSL *s);
-int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
-int ssl3_send_client_key_exchange(SSL *s);
-int ssl3_get_key_exchange(SSL *s);
-int ssl3_get_server_certificate(SSL *s);
-int ssl3_check_cert_and_algorithm(SSL *s);
-int ssl3_check_finished(SSL *s);
-int ssl3_send_next_proto(SSL *s);
-
-int dtls1_send_client_certificate(SSL *s);
-
-/* some server-only functions */
-int ssl3_get_client_hello(SSL *s);
-int ssl3_send_server_hello(SSL *s);
-int ssl3_send_hello_request(SSL *s);
-int ssl3_send_server_key_exchange(SSL *s);
-int ssl3_send_certificate_request(SSL *s);
-int ssl3_send_server_done(SSL *s);
-int ssl3_get_client_certificate(SSL *s);
-int ssl3_get_client_key_exchange(SSL *s);
-int ssl3_get_cert_verify(SSL *s);
-int ssl3_get_next_proto(SSL *s);
-
-int dtls1_send_server_certificate(SSL *s);
-
-int ssl23_accept(SSL *s);
-int ssl23_connect(SSL *s);
-int ssl23_read_bytes(SSL *s, int n);
-int ssl23_write_bytes(SSL *s);
-
-int tls1_new(SSL *s);
-void tls1_free(SSL *s);
-void tls1_clear(SSL *s);
-long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-long tls1_callback_ctrl(SSL *s, int cmd, void (*fp)(void));
-
-int dtls1_new(SSL *s);
-int dtls1_accept(SSL *s);
-int dtls1_connect(SSL *s);
-void dtls1_free(SSL *s);
-void dtls1_clear(SSL *s);
-long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
-int dtls1_shutdown(SSL *s);
-
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
-int dtls1_get_record(SSL *s);
-int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
-    unsigned int len);
-int dtls1_dispatch_alert(SSL *s);
-int dtls1_enc(SSL *s, int snd);
-
-int ssl_init_wbio_buffer(SSL *s, int push);
-void ssl_free_wbio_buffer(SSL *s);
-
-int tls1_init_finished_mac(SSL *s);
-void tls1_finish_mac(SSL *s, const unsigned char *buf, int len);
-void tls1_free_digest_list(SSL *s);
-void tls1_cleanup_key_block(SSL *s);
-int tls1_digest_cached_records(SSL *s);
-int tls1_change_cipher_state(SSL *s, int which);
-int tls1_setup_key_block(SSL *s);
-int tls1_enc(SSL *s, int snd);
-int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *p);
-int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
-int tls1_mac(SSL *ssl, unsigned char *md, int snd);
-int tls1_generate_master_secret(SSL *s, unsigned char *out,
-    unsigned char *p, int len);
-int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-    const char *label, size_t llen, const unsigned char *p, size_t plen,
-    int use_context);
-int tls1_alert_code(int code);
-int ssl_ok(SSL *s);
-
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
-
-SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
-
-int tls1_ec_curve_id2nid(uint16_t curve_id);
-uint16_t tls1_ec_nid2curve_id(int nid);
-int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
-int tls1_get_shared_curve(SSL *s);
-
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
-    unsigned char *limit);
-
-unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p,
-    unsigned char *limit);
-
-int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
-    unsigned char *d, int n, int *al);
-int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
-    unsigned char *d, int n, int *al);
-int ssl_check_clienthello_tlsext_early(SSL *s);
-int ssl_check_clienthello_tlsext_late(SSL *s);
-int ssl_check_serverhello_tlsext(SSL *s);
-
-#define tlsext_tick_md	EVP_sha256
-int tls1_process_ticket(SSL *s, const unsigned char *session_id, int len,
-    const unsigned char *limit, SSL_SESSION **ret);
-int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
-    const EVP_MD *md);
-int tls12_get_sigid(const EVP_PKEY *pk);
-const EVP_MD *tls12_get_hash(unsigned char hash_alg);
-
-void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
-int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p,
-    int *len, int maxlen);
-int ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d,
-    int len, int *al);
-int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p,
-    int *len, int maxlen);
-int ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d,
-    int len, int *al);
-long ssl_get_algorithm2(SSL *s);
-int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize);
-int tls12_get_req_sig_algs(SSL *s, unsigned char *p);
-
-int tls1_check_ec_server_key(SSL *s);
-int tls1_check_ec_tmp_key(SSL *s);
-
-int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p,
-    int *len, int maxlen);
-int ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d,
-    int len, int *al);
-int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p,
-    int *len, int maxlen);
-int ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d,
-    int len, int *al);
-
-/* s3_cbc.c */
-void ssl3_cbc_copy_mac(unsigned char *out, const SSL3_RECORD *rec,
-    unsigned md_size, unsigned orig_len);
-int tls1_cbc_remove_padding(const SSL *s, SSL3_RECORD *rec,
-    unsigned block_size, unsigned mac_size);
-char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
-int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
-    size_t *md_out_size, const unsigned char header[13],
-    const unsigned char *data, size_t data_plus_mac_size,
-    size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
-    unsigned mac_secret_length, char is_sslv3);
-
-#endif
diff --git a/lib/libssl/src/ssl/ssl_rsa.c b/lib/libssl/src/ssl/ssl_rsa.c
deleted file mode 100644
index 7481524942a..00000000000
--- a/lib/libssl/src/ssl/ssl_rsa.c
+++ /dev/null
@@ -1,751 +0,0 @@
-/* $OpenBSD: ssl_rsa.c,v 1.21 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/bio.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/pem.h>
-#include <openssl/x509.h>
-
-static int ssl_set_cert(CERT *c, X509 *x509);
-static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
-static int ssl_ctx_use_certificate_chain_bio(SSL_CTX *, BIO *);
-
-int
-SSL_use_certificate(SSL *ssl, X509 *x)
-{
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ssl->cert)) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	return (ssl_set_cert(ssl->cert, x));
-}
-
-int
-SSL_use_certificate_file(SSL *ssl, const char *file, int type)
-{
-	int j;
-	BIO *in;
-	int ret = 0;
-	X509 *x = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		x = d2i_X509_bio(in, NULL);
-	} else if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		x = PEM_read_bio_X509(in, NULL,
-		    ssl->ctx->default_passwd_callback,
-		    ssl->ctx->default_passwd_callback_userdata);
-	} else {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
-		goto end;
-	}
-
-	ret = SSL_use_certificate(ssl, x);
-end:
-	X509_free(x);
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
-{
-	X509 *x;
-	int ret;
-
-	x = d2i_X509(NULL, &d,(long)len);
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_use_certificate(ssl, x);
-	X509_free(x);
-	return (ret);
-}
-
-int
-SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
-{
-	EVP_PKEY *pkey;
-	int ret;
-
-	if (rsa == NULL) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ssl->cert)) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	if ((pkey = EVP_PKEY_new()) == NULL) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
-		return (0);
-	}
-
-	RSA_up_ref(rsa);
-	EVP_PKEY_assign_RSA(pkey, rsa);
-
-	ret = ssl_set_pkey(ssl->cert, pkey);
-	EVP_PKEY_free(pkey);
-	return (ret);
-}
-
-static int
-ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
-{
-	int i;
-
-	i = ssl_cert_type(NULL, pkey);
-	if (i < 0) {
-		SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		return (0);
-	}
-
-	if (c->pkeys[i].x509 != NULL) {
-		EVP_PKEY *pktmp;
-		pktmp = X509_get_pubkey(c->pkeys[i].x509);
-		EVP_PKEY_copy_parameters(pktmp, pkey);
-		EVP_PKEY_free(pktmp);
-		ERR_clear_error();
-
-		/*
-		 * Don't check the public/private key, this is mostly
-		 * for smart cards.
-		 */
-		if ((pkey->type == EVP_PKEY_RSA) &&
-			(RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
-;
-		else
-		if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
-			X509_free(c->pkeys[i].x509);
-			c->pkeys[i].x509 = NULL;
-			return 0;
-		}
-	}
-
-	EVP_PKEY_free(c->pkeys[i].privatekey);
-	CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
-	c->pkeys[i].privatekey = pkey;
-	c->key = &(c->pkeys[i]);
-
-	c->valid = 0;
-	return (1);
-}
-
-int
-SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
-{
-	int j, ret = 0;
-	BIO *in;
-	RSA *rsa = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		rsa = d2i_RSAPrivateKey_bio(in, NULL);
-	} else if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-		    ssl->ctx->default_passwd_callback,
-		    ssl->ctx->default_passwd_callback_userdata);
-	} else {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-	if (rsa == NULL) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
-		goto end;
-	}
-	ret = SSL_use_RSAPrivateKey(ssl, rsa);
-	RSA_free(rsa);
-end:
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
-{
-	int ret;
-	const unsigned char *p;
-	RSA *rsa;
-
-	p = d;
-	if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
-		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_use_RSAPrivateKey(ssl, rsa);
-	RSA_free(rsa);
-	return (ret);
-}
-
-int
-SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
-{
-	int ret;
-
-	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ssl->cert)) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	ret = ssl_set_pkey(ssl->cert, pkey);
-	return (ret);
-}
-
-int
-SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
-{
-	int j, ret = 0;
-	BIO *in;
-	EVP_PKEY *pkey = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		pkey = PEM_read_bio_PrivateKey(in, NULL,
-		    ssl->ctx->default_passwd_callback,
-		    ssl->ctx->default_passwd_callback_userdata);
-	} else if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		pkey = d2i_PrivateKey_bio(in, NULL);
-	} else {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
-		goto end;
-	}
-	ret = SSL_use_PrivateKey(ssl, pkey);
-	EVP_PKEY_free(pkey);
-end:
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
-{
-	int ret;
-	const unsigned char *p;
-	EVP_PKEY *pkey;
-
-	p = d;
-	if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
-		SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_use_PrivateKey(ssl, pkey);
-	EVP_PKEY_free(pkey);
-	return (ret);
-}
-
-int
-SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
-{
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ctx->cert)) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	return (ssl_set_cert(ctx->cert, x));
-}
-
-static int
-ssl_set_cert(CERT *c, X509 *x)
-{
-	EVP_PKEY *pkey;
-	int i;
-
-	pkey = X509_get_pubkey(x);
-	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
-		return (0);
-	}
-
-	i = ssl_cert_type(x, pkey);
-	if (i < 0) {
-		SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
-		EVP_PKEY_free(pkey);
-		return (0);
-	}
-
-	if (c->pkeys[i].privatekey != NULL) {
-		EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
-		ERR_clear_error();
-
-		/*
-		 * Don't check the public/private key, this is mostly
-		 * for smart cards.
-		 */
-		if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
-			(RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
-		RSA_METHOD_FLAG_NO_CHECK))
-;
-		else
-		if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
-			/*
-			 * don't fail for a cert/key mismatch, just free
-			 * current private key (when switching to a different
-			 * cert & key, first this function should be used,
-			 * then ssl_set_pkey
-			 */
-			EVP_PKEY_free(c->pkeys[i].privatekey);
-			c->pkeys[i].privatekey = NULL;
-			/* clear error queue */
-			ERR_clear_error();
-		}
-	}
-
-	EVP_PKEY_free(pkey);
-
-	X509_free(c->pkeys[i].x509);
-	CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
-	c->pkeys[i].x509 = x;
-	c->key = &(c->pkeys[i]);
-
-	c->valid = 0;
-	return (1);
-}
-
-int
-SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
-{
-	int j;
-	BIO *in;
-	int ret = 0;
-	X509 *x = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		x = d2i_X509_bio(in, NULL);
-	} else if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
-		    ctx->default_passwd_callback_userdata);
-	} else {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
-		goto end;
-	}
-
-	ret = SSL_CTX_use_certificate(ctx, x);
-end:
-	X509_free(x);
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
-{
-	X509 *x;
-	int ret;
-
-	x = d2i_X509(NULL, &d,(long)len);
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_CTX_use_certificate(ctx, x);
-	X509_free(x);
-	return (ret);
-}
-
-int
-SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
-{
-	int ret;
-	EVP_PKEY *pkey;
-
-	if (rsa == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ctx->cert)) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	if ((pkey = EVP_PKEY_new()) == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
-		return (0);
-	}
-
-	RSA_up_ref(rsa);
-	EVP_PKEY_assign_RSA(pkey, rsa);
-
-	ret = ssl_set_pkey(ctx->cert, pkey);
-	EVP_PKEY_free(pkey);
-	return (ret);
-}
-
-int
-SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-{
-	int j, ret = 0;
-	BIO *in;
-	RSA *rsa = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		rsa = d2i_RSAPrivateKey_bio(in, NULL);
-	} else if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-		    ctx->default_passwd_callback,
-		    ctx->default_passwd_callback_userdata);
-	} else {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-	if (rsa == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
-		goto end;
-	}
-	ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
-	RSA_free(rsa);
-end:
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
-{
-	int ret;
-	const unsigned char *p;
-	RSA *rsa;
-
-	p = d;
-	if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
-	RSA_free(rsa);
-	return (ret);
-}
-
-int
-SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
-{
-	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,
-		    ERR_R_PASSED_NULL_PARAMETER);
-		return (0);
-	}
-	if (!ssl_cert_inst(&ctx->cert)) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-	return (ssl_set_pkey(ctx->cert, pkey));
-}
-
-int
-SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
-{
-	int j, ret = 0;
-	BIO *in;
-	EVP_PKEY *pkey = NULL;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-	if (type == SSL_FILETYPE_PEM) {
-		j = ERR_R_PEM_LIB;
-		pkey = PEM_read_bio_PrivateKey(in, NULL,
-		    ctx->default_passwd_callback,
-		    ctx->default_passwd_callback_userdata);
-	} else if (type == SSL_FILETYPE_ASN1) {
-		j = ERR_R_ASN1_LIB;
-		pkey = d2i_PrivateKey_bio(in, NULL);
-	} else {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,
-		    SSL_R_BAD_SSL_FILETYPE);
-		goto end;
-	}
-	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
-		goto end;
-	}
-	ret = SSL_CTX_use_PrivateKey(ctx, pkey);
-	EVP_PKEY_free(pkey);
-end:
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
-    long len)
-{
-	int ret;
-	const unsigned char *p;
-	EVP_PKEY *pkey;
-
-	p = d;
-	if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
-		return (0);
-	}
-
-	ret = SSL_CTX_use_PrivateKey(ctx, pkey);
-	EVP_PKEY_free(pkey);
-	return (ret);
-}
-
-
-/*
- * Read a bio that contains our certificate in "PEM" format,
- * possibly followed by a sequence of CA certificates that should be
- * sent to the peer in the Certificate message.
- */
-static int
-ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
-{
-	int ret = 0;
-	X509 *x = NULL;
-
-	ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
-
-	x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
-	    ctx->default_passwd_callback_userdata);
-	if (x == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
-		goto end;
-	}
-
-	ret = SSL_CTX_use_certificate(ctx, x);
-
-	if (ERR_peek_error() != 0)
-		ret = 0;
-	/* Key/certificate mismatch doesn't imply ret==0 ... */
-	if (ret) {
-		/*
-		 * If we could set up our certificate, now proceed to
-		 * the CA certificates.
-		 */
-		X509 *ca;
-		int r;
-		unsigned long err;
-
-		if (ctx->extra_certs != NULL) {
-			sk_X509_pop_free(ctx->extra_certs, X509_free);
-			ctx->extra_certs = NULL;
-		}
-
-		while ((ca = PEM_read_bio_X509(in, NULL,
-		    ctx->default_passwd_callback,
-		    ctx->default_passwd_callback_userdata)) != NULL) {
-			r = SSL_CTX_add_extra_chain_cert(ctx, ca);
-			if (!r) {
-				X509_free(ca);
-				ret = 0;
-				goto end;
-			}
-			/*
-			 * Note that we must not free r if it was successfully
-			 * added to the chain (while we must free the main
-			 * certificate, since its reference count is increased
-			 * by SSL_CTX_use_certificate).
-			 */
-		}
-
-		/* When the while loop ends, it's usually just EOF. */
-		err = ERR_peek_last_error();
-		if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
-		    ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
-			ERR_clear_error();
-		else
-			ret = 0; /* some real error */
-	}
-
-end:
-	X509_free(x);
-	return (ret);
-}
-
-int
-SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
-{
-	BIO *in;
-	int ret = 0;
-
-	in = BIO_new(BIO_s_file_internal());
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	if (BIO_read_filename(in, file) <= 0) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
-		goto end;
-	}
-
-	ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
-
-end:
-	BIO_free(in);
-	return (ret);
-}
-
-int
-SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
-{
-	BIO *in;
-	int ret = 0;
-
-	in = BIO_new_mem_buf(buf, len);
-	if (in == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
-		goto end;
-	}
-
-	ret = ssl_ctx_use_certificate_chain_bio(ctx, in);
-
-end:
-	BIO_free(in);
-	return (ret);
-}
diff --git a/lib/libssl/src/ssl/ssl_sess.c b/lib/libssl/src/ssl/ssl_sess.c
deleted file mode 100644
index 16dd5c444cb..00000000000
--- a/lib/libssl/src/ssl/ssl_sess.c
+++ /dev/null
@@ -1,1099 +0,0 @@
-/* $OpenBSD: ssl_sess.c,v 1.49 2016/03/11 07:08:45 mmcc Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <openssl/lhash.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-
-#include "ssl_locl.h"
-
-static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
-static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
-static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
-
-/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
-SSL_SESSION *
-SSL_get_session(const SSL *ssl)
-{
-	return (ssl->session);
-}
-
-/* variant of SSL_get_session: caller really gets something */
-SSL_SESSION *
-SSL_get1_session(SSL *ssl)
-{
-	SSL_SESSION *sess;
-
-	/*
-	 * Need to lock this all up rather than just use CRYPTO_add so that
-	 * somebody doesn't free ssl->session between when we check it's
-	 * non-null and when we up the reference count.
-	 */
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
-	sess = ssl->session;
-	if (sess)
-		sess->references++;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
-
-	return (sess);
-}
-
-int
-SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION,
-	    argl, argp, new_func, dup_func, free_func);
-}
-
-int
-SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
-{
-	return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
-}
-
-void *
-SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
-{
-	return (CRYPTO_get_ex_data(&s->ex_data, idx));
-}
-
-SSL_SESSION *
-SSL_SESSION_new(void)
-{
-	SSL_SESSION *ss;
-
-	ss = calloc(1, sizeof(SSL_SESSION));
-	if (ss == NULL) {
-		SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
-	ss->references = 1;
-	ss->timeout=60*5+4; /* 5 minute timeout by default */
-	ss->time = time(NULL);
-	ss->prev = NULL;
-	ss->next = NULL;
-	ss->tlsext_hostname = NULL;
-
-	ss->tlsext_ecpointformatlist_length = 0;
-	ss->tlsext_ecpointformatlist = NULL;
-	ss->tlsext_ellipticcurvelist_length = 0;
-	ss->tlsext_ellipticcurvelist = NULL;
-
-	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
-	return (ss);
-}
-
-const unsigned char *
-SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len)
-{
-	if (len)
-		*len = s->session_id_length;
-	return s->session_id;
-}
-
-unsigned int
-SSL_SESSION_get_compress_id(const SSL_SESSION *s)
-{
-	return 0;
-}
-
-/*
- * SSLv3/TLSv1 has 32 bytes (256 bits) of session ID space. As such, filling
- * the ID with random gunk repeatedly until we have no conflict is going to
- * complete in one iteration pretty much "most" of the time (btw:
- * understatement). So, if it takes us 10 iterations and we still can't avoid
- * a conflict - well that's a reasonable point to call it quits. Either the
- * arc4random code is broken or someone is trying to open roughly very close to
- * 2^128 (or 2^256) SSL sessions to our server. How you might store that many
- * sessions is perhaps a more interesting question...
- */
-
-#define MAX_SESS_ID_ATTEMPTS 10
-
-static int
-def_generate_session_id(const SSL *ssl, unsigned char *id, unsigned int *id_len)
-{
-	unsigned int retry = 0;
-
-	do {
-		arc4random_buf(id, *id_len);
-	} while (SSL_has_matching_session_id(ssl, id, *id_len) &&
-	    (++retry < MAX_SESS_ID_ATTEMPTS));
-
-	if (retry < MAX_SESS_ID_ATTEMPTS)
-		return 1;
-
-	/* else - woops a session_id match */
-	/* XXX We should also check the external cache --
-	 * but the probability of a collision is negligible, and
-	 * we could not prevent the concurrent creation of sessions
-	 * with identical IDs since we currently don't have means
-	 * to atomically check whether a session ID already exists
-	 * and make a reservation for it if it does not
-	 * (this problem applies to the internal cache as well).
-	 */
-	return 0;
-}
-
-int
-ssl_get_new_session(SSL *s, int session)
-{
-	unsigned int tmp;
-	SSL_SESSION *ss = NULL;
-	GEN_SESSION_CB cb = def_generate_session_id;
-
-	/* This gets used by clients and servers. */
-
-	if ((ss = SSL_SESSION_new()) == NULL)
-		return (0);
-
-	/* If the context has a default timeout, use it */
-	if (s->session_ctx->session_timeout == 0)
-		ss->timeout = SSL_get_default_timeout(s);
-	else
-		ss->timeout = s->session_ctx->session_timeout;
-
-	if (s->session != NULL) {
-		SSL_SESSION_free(s->session);
-		s->session = NULL;
-	}
-
-	if (session) {
-		switch (s->version) {
-		case TLS1_VERSION:
-		case TLS1_1_VERSION:
-		case TLS1_2_VERSION:
-		case DTLS1_VERSION:
-			ss->ssl_version = s->version;
-			ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
-			break;
-		default:
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-			    SSL_R_UNSUPPORTED_SSL_VERSION);
-			SSL_SESSION_free(ss);
-			return (0);
-		}
-
-		/* If RFC4507 ticket use empty session ID. */
-		if (s->tlsext_ticket_expected) {
-			ss->session_id_length = 0;
-			goto sess_id_done;
-		}
-
-		/* Choose which callback will set the session ID. */
-		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-		if (s->generate_session_id)
-			cb = s->generate_session_id;
-		else if (s->session_ctx->generate_session_id)
-			cb = s->session_ctx->generate_session_id;
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-
-		/* Choose a session ID. */
-		tmp = ss->session_id_length;
-		if (!cb(s, ss->session_id, &tmp)) {
-			/* The callback failed */
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-			SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
-			SSL_SESSION_free(ss);
-			return (0);
-		}
-
-		/*
-		 * Don't allow the callback to set the session length to zero.
-		 * nor set it higher than it was.
-		 */
-		if (!tmp || (tmp > ss->session_id_length)) {
-			/* The callback set an illegal length */
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-			SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
-			SSL_SESSION_free(ss);
-			return (0);
-		}
-		ss->session_id_length = tmp;
-
-		/* Finally, check for a conflict. */
-		if (SSL_has_matching_session_id(s, ss->session_id,
-			ss->session_id_length)) {
-			SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-			SSL_R_SSL_SESSION_ID_CONFLICT);
-			SSL_SESSION_free(ss);
-			return (0);
-		}
-
-sess_id_done:
-		if (s->tlsext_hostname) {
-			ss->tlsext_hostname = strdup(s->tlsext_hostname);
-			if (ss->tlsext_hostname == NULL) {
-				SSLerr(SSL_F_SSL_GET_NEW_SESSION,
-				    ERR_R_INTERNAL_ERROR);
-				SSL_SESSION_free(ss);
-				return 0;
-			}
-		}
-	} else {
-		ss->session_id_length = 0;
-	}
-
-	if (s->sid_ctx_length > sizeof ss->sid_ctx) {
-		SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
-		SSL_SESSION_free(ss);
-		return 0;
-	}
-
-	memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
-	ss->sid_ctx_length = s->sid_ctx_length;
-	s->session = ss;
-	ss->ssl_version = s->version;
-	ss->verify_result = X509_V_OK;
-
-	return (1);
-}
-
-/*
- * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
- * connection. It is only called by servers.
- *
- *   session_id: points at the session ID in the ClientHello. This code will
- *       read past the end of this in order to parse out the session ticket
- *       extension, if any.
- *   len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
- *
- * Returns:
- *   -1: error
- *    0: a session may have been found.
- *
- * Side effects:
- *   - If a session is found then s->session is pointed at it (after freeing
- *     an existing session if need be) and s->verify_result is set from the
- *     session.
- *   - Both for new and resumed sessions, s->tlsext_ticket_expected is set
- *     to 1 if the server should issue a new session ticket (to 0 otherwise).
- */
-int
-ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
-    const unsigned char *limit)
-{
-	SSL_SESSION *ret = NULL;
-	int fatal = 0;
-	int try_session_cache = 1;
-	int r;
-
-	/* This is used only by servers. */
-
-	if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
-		goto err;
-
-	if (len == 0)
-		try_session_cache = 0;
-
-	/* Sets s->tlsext_ticket_expected. */
-	r = tls1_process_ticket(s, session_id, len, limit, &ret);
-	switch (r) {
-	case -1: /* Error during processing */
-		fatal = 1;
-		goto err;
-	case 0: /* No ticket found */
-	case 1: /* Zero length ticket found */
-		break; /* Ok to carry on processing session id. */
-	case 2: /* Ticket found but not decrypted. */
-	case 3: /* Ticket decrypted, *ret has been set. */
-		try_session_cache = 0;
-		break;
-	default:
-		abort();
-	}
-
-	if (try_session_cache && ret == NULL &&
-	    !(s->session_ctx->session_cache_mode &
-	     SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
-		SSL_SESSION data;
-		data.ssl_version = s->version;
-		data.session_id_length = len;
-		memcpy(data.session_id, session_id, len);
-
-		CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-		ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
-		if (ret != NULL) {
-			/* Don't allow other threads to steal it. */
-			CRYPTO_add(&ret->references, 1,
-			    CRYPTO_LOCK_SSL_SESSION);
-		}
-		CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
-
-		if (ret == NULL)
-			s->session_ctx->stats.sess_miss++;
-	}
-
-	if (try_session_cache && ret == NULL &&
-	    s->session_ctx->get_session_cb != NULL) {
-		int copy = 1;
-
-		if ((ret = s->session_ctx->get_session_cb(s, session_id,
-		    len, &copy))) {
-			s->session_ctx->stats.sess_cb_hit++;
-
-			/*
-			 * Increment reference count now if the session
-			 * callback asks us to do so (note that if the session
-			 * structures returned by the callback are shared
-			 * between threads, it must handle the reference count
-			 * itself [i.e. copy == 0], or things won't be
-			 * thread-safe).
-			 */
-			if (copy)
-				CRYPTO_add(&ret->references, 1,
-				    CRYPTO_LOCK_SSL_SESSION);
-
-			/*
-			 * Add the externally cached session to the internal
-			 * cache as well if and only if we are supposed to.
-			 */
-			if (!(s->session_ctx->session_cache_mode &
-			    SSL_SESS_CACHE_NO_INTERNAL_STORE))
-				/*
-				 * The following should not return 1,
-				 * otherwise, things are very strange.
-				 */
-				SSL_CTX_add_session(s->session_ctx, ret);
-		}
-	}
-
-	if (ret == NULL)
-		goto err;
-
-	/* Now ret is non-NULL and we own one of its reference counts. */
-
-	if (ret->sid_ctx_length != s->sid_ctx_length ||
-	    timingsafe_memcmp(ret->sid_ctx,
-		s->sid_ctx, ret->sid_ctx_length) != 0) {
-		/* We have the session requested by the client, but we don't
-		 * want to use it in this context. */
-		goto err; /* treat like cache miss */
-	}
-
-	if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
-		/*
-		 * We can't be sure if this session is being used out of
-		 * context, which is especially important for SSL_VERIFY_PEER.
-		 * The application should have used
-		 * SSL[_CTX]_set_session_id_context.
-		 *
-		 * For this error case, we generate an error instead of treating
-		 * the event like a cache miss (otherwise it would be easy for
-		 * applications to effectively disable the session cache by
-		 * accident without anyone noticing).
-		 */
-		SSLerr(SSL_F_SSL_GET_PREV_SESSION,
-		    SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
-		fatal = 1;
-		goto err;
-	}
-
-	if (ret->cipher == NULL) {
-		ret->cipher = ssl3_get_cipher_by_id(ret->cipher_id);
-		if (ret->cipher == NULL)
-			goto err;
-	}
-
-	if (ret->timeout < (time(NULL) - ret->time)) {
-		/* timeout */
-		s->session_ctx->stats.sess_timeout++;
-		if (try_session_cache) {
-			/* session was from the cache, so remove it */
-			SSL_CTX_remove_session(s->session_ctx, ret);
-		}
-		goto err;
-	}
-
-	s->session_ctx->stats.sess_hit++;
-
-	if (s->session != NULL)
-		SSL_SESSION_free(s->session);
-	s->session = ret;
-	s->verify_result = s->session->verify_result;
-	return 1;
-
-err:
-	if (ret != NULL) {
-		SSL_SESSION_free(ret);
-		if (!try_session_cache) {
-			/*
-			 * The session was from a ticket, so we should
-			 * issue a ticket for the new session.
-			 */
-			s->tlsext_ticket_expected = 1;
-		}
-	}
-	if (fatal)
-		return -1;
-	else
-		return 0;
-}
-
-int
-SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
-	int ret = 0;
-	SSL_SESSION *s;
-
-	/*
-	 * Add just 1 reference count for the SSL_CTX's session cache
-	 * even though it has two ways of access: each session is in a
-	 * doubly linked list and an lhash.
-	 */
-	CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
-
-	/*
-	 * If session c is in already in cache, we take back the increment
-	 * later.
-	 */
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	s = lh_SSL_SESSION_insert(ctx->sessions, c);
-
-	/*
-	 * s != NULL iff we already had a session with the given PID.
-	 * In this case, s == c should hold (then we did not really modify
-	 * ctx->sessions), or we're in trouble.
-	 */
-	if (s != NULL && s != c) {
-		/* We *are* in trouble ... */
-		SSL_SESSION_list_remove(ctx, s);
-		SSL_SESSION_free(s);
-		/*
-		 * ... so pretend the other session did not exist in cache
-		 * (we cannot handle two SSL_SESSION structures with identical
-		 * session ID in the same cache, which could happen e.g. when
-		 * two threads concurrently obtain the same session from an
-		 * external cache).
-		 */
-		s = NULL;
-	}
-
-	/* Put at the head of the queue unless it is already in the cache */
-	if (s == NULL)
-		SSL_SESSION_list_add(ctx, c);
-
-	if (s != NULL) {
-		/*
-		 * existing cache entry -- decrement previously incremented
-		 * reference count because it already takes into account the
-		 * cache.
-		 */
-		SSL_SESSION_free(s); /* s == c */
-		ret = 0;
-	} else {
-		/*
-		 * New cache entry -- remove old ones if cache has become
-		 * too large.
-		 */
-
-		ret = 1;
-
-		if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
-			while (SSL_CTX_sess_number(ctx) >
-			    SSL_CTX_sess_get_cache_size(ctx)) {
-				if (!remove_session_lock(ctx,
-				    ctx->session_cache_tail, 0))
-					break;
-				else
-					ctx->stats.sess_cache_full++;
-			}
-		}
-	}
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-	return (ret);
-}
-
-int
-SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
-{
-	return remove_session_lock(ctx, c, 1);
-}
-
-static int
-remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
-{
-	SSL_SESSION *r;
-	int ret = 0;
-
-	if ((c != NULL) && (c->session_id_length != 0)) {
-		if (lck)
-			CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-		if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
-			ret = 1;
-			r = lh_SSL_SESSION_delete(ctx->sessions, c);
-			SSL_SESSION_list_remove(ctx, c);
-		}
-		if (lck)
-			CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-
-		if (ret) {
-			r->not_resumable = 1;
-			if (ctx->remove_session_cb != NULL)
-				ctx->remove_session_cb(ctx, r);
-			SSL_SESSION_free(r);
-		}
-	} else
-		ret = 0;
-	return (ret);
-}
-
-void
-SSL_SESSION_free(SSL_SESSION *ss)
-{
-	int i;
-
-	if (ss == NULL)
-		return;
-
-	i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
-	if (i > 0)
-		return;
-
-	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
-
-	explicit_bzero(ss->master_key, sizeof ss->master_key);
-	explicit_bzero(ss->session_id, sizeof ss->session_id);
-	if (ss->sess_cert != NULL)
-		ssl_sess_cert_free(ss->sess_cert);
-	X509_free(ss->peer);
-	if (ss->ciphers != NULL)
-		sk_SSL_CIPHER_free(ss->ciphers);
-	free(ss->tlsext_hostname);
-	free(ss->tlsext_tick);
-	ss->tlsext_ecpointformatlist_length = 0;
-	free(ss->tlsext_ecpointformatlist);
-	ss->tlsext_ellipticcurvelist_length = 0;
-	free(ss->tlsext_ellipticcurvelist);
-	explicit_bzero(ss, sizeof(*ss));
-	free(ss);
-}
-
-int
-SSL_set_session(SSL *s, SSL_SESSION *session)
-{
-	int ret = 0;
-	const SSL_METHOD *meth;
-
-	if (session != NULL) {
-		meth = s->ctx->method->get_ssl_method(session->ssl_version);
-		if (meth == NULL)
-			meth = s->method->get_ssl_method(session->ssl_version);
-		if (meth == NULL) {
-			SSLerr(SSL_F_SSL_SET_SESSION,
-			    SSL_R_UNABLE_TO_FIND_SSL_METHOD);
-			return (0);
-		}
-
-		if (meth != s->method) {
-			if (!SSL_set_ssl_method(s, meth))
-				return (0);
-		}
-
-
-		/* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
-		CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
-		if (s->session != NULL)
-			SSL_SESSION_free(s->session);
-		s->session = session;
-		s->verify_result = s->session->verify_result;
-		/* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
-		ret = 1;
-	} else {
-		if (s->session != NULL) {
-			SSL_SESSION_free(s->session);
-			s->session = NULL;
-		}
-
-		meth = s->ctx->method;
-		if (meth != s->method) {
-			if (!SSL_set_ssl_method(s, meth))
-				return (0);
-		}
-		ret = 1;
-	}
-	return (ret);
-}
-
-long
-SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
-{
-	if (s == NULL)
-		return (0);
-	s->timeout = t;
-	return (1);
-}
-
-long
-SSL_SESSION_get_timeout(const SSL_SESSION *s)
-{
-	if (s == NULL)
-		return (0);
-	return (s->timeout);
-}
-
-/* XXX 2038 */
-long
-SSL_SESSION_get_time(const SSL_SESSION *s)
-{
-	if (s == NULL)
-		return (0);
-	return (s->time);
-}
-
-/* XXX 2038 */
-long
-SSL_SESSION_set_time(SSL_SESSION *s, long t)
-{
-	if (s == NULL)
-		return (0);
-	s->time = t;
-	return (t);
-}
-
-X509 *
-SSL_SESSION_get0_peer(SSL_SESSION *s)
-{
-	return s->peer;
-}
-
-int
-SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
-    unsigned int sid_ctx_len)
-{
-	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-		SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
-		    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
-		return 0;
-	}
-	s->sid_ctx_length = sid_ctx_len;
-	memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
-
-	return 1;
-}
-
-long
-SSL_CTX_set_timeout(SSL_CTX *s, long t)
-{
-	long l;
-
-	if (s == NULL)
-		return (0);
-	l = s->session_timeout;
-	s->session_timeout = t;
-
-	return (l);
-}
-
-long
-SSL_CTX_get_timeout(const SSL_CTX *s)
-{
-	if (s == NULL)
-		return (0);
-	return (s->session_timeout);
-}
-
-int
-SSL_set_session_secret_cb(SSL *s, int (*tls_session_secret_cb)(SSL *s,
-    void *secret, int *secret_len, STACK_OF(SSL_CIPHER) *peer_ciphers,
-    SSL_CIPHER **cipher, void *arg), void *arg)
-{
-	if (s == NULL)
-		return (0);
-	s->tls_session_secret_cb = tls_session_secret_cb;
-	s->tls_session_secret_cb_arg = arg;
-	return (1);
-}
-
-int
-SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
-    void *arg)
-{
-	if (s == NULL)
-		return (0);
-	s->tls_session_ticket_ext_cb = cb;
-	s->tls_session_ticket_ext_cb_arg = arg;
-	return (1);
-}
-
-int
-SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
-{
-	if (s->version >= TLS1_VERSION) {
-		free(s->tlsext_session_ticket);
-		s->tlsext_session_ticket =
-		    malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
-		if (!s->tlsext_session_ticket) {
-			SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
-			    ERR_R_MALLOC_FAILURE);
-			return 0;
-		}
-
-		if (ext_data) {
-			s->tlsext_session_ticket->length = ext_len;
-			s->tlsext_session_ticket->data =
-			    s->tlsext_session_ticket + 1;
-			memcpy(s->tlsext_session_ticket->data,
-			    ext_data, ext_len);
-		} else {
-			s->tlsext_session_ticket->length = 0;
-			s->tlsext_session_ticket->data = NULL;
-		}
-
-		return 1;
-	}
-
-	return 0;
-}
-
-typedef struct timeout_param_st {
-	SSL_CTX *ctx;
-	long time;
-	LHASH_OF(SSL_SESSION) *cache;
-} TIMEOUT_PARAM;
-
-static void
-timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
-{
-	if ((p->time == 0) || (p->time > (s->time + s->timeout))) {
-		/* timeout */
-		/* The reason we don't call SSL_CTX_remove_session() is to
-		 * save on locking overhead */
-		(void)lh_SSL_SESSION_delete(p->cache, s);
-		SSL_SESSION_list_remove(p->ctx, s);
-		s->not_resumable = 1;
-		if (p->ctx->remove_session_cb != NULL)
-			p->ctx->remove_session_cb(p->ctx, s);
-		SSL_SESSION_free(s);
-	}
-}
-
-static
-IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
-
-/* XXX 2038 */
-void
-SSL_CTX_flush_sessions(SSL_CTX *s, long t)
-{
-	unsigned long i;
-	TIMEOUT_PARAM tp;
-
-	tp.ctx = s;
-	tp.cache = s->sessions;
-	if (tp.cache == NULL)
-		return;
-	tp.time = t;
-	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-	i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
-	CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
-	lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
-	TIMEOUT_PARAM, &tp);
-	CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
-	CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
-}
-
-int
-ssl_clear_bad_session(SSL *s)
-{
-	if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&
-	    !(SSL_in_init(s) || SSL_in_before(s))) {
-		SSL_CTX_remove_session(s->ctx, s->session);
-		return (1);
-	} else
-		return (0);
-}
-
-/* locked by SSL_CTX in the calling function */
-static void
-SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
-{
-	if ((s->next == NULL) || (s->prev == NULL))
-		return;
-
-	if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
-		/* last element in list */
-		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
-			/* only one element in list */
-			ctx->session_cache_head = NULL;
-			ctx->session_cache_tail = NULL;
-		} else {
-			ctx->session_cache_tail = s->prev;
-			s->prev->next =
-			    (SSL_SESSION *)&(ctx->session_cache_tail);
-		}
-	} else {
-		if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
-			/* first element in list */
-			ctx->session_cache_head = s->next;
-			s->next->prev =
-			    (SSL_SESSION *)&(ctx->session_cache_head);
-		} else {
-			/* middle of list */
-			s->next->prev = s->prev;
-			s->prev->next = s->next;
-		}
-	}
-	s->prev = s->next = NULL;
-}
-
-static void
-SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
-{
-	if ((s->next != NULL) && (s->prev != NULL))
-		SSL_SESSION_list_remove(ctx, s);
-
-	if (ctx->session_cache_head == NULL) {
-		ctx->session_cache_head = s;
-		ctx->session_cache_tail = s;
-		s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
-		s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
-	} else {
-		s->next = ctx->session_cache_head;
-		s->next->prev = s;
-		s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
-		ctx->session_cache_head = s;
-	}
-}
-
-void
-SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
-    int (*cb)(struct ssl_st *ssl, SSL_SESSION *sess)) {
-	ctx->new_session_cb = cb;
-}
-
-int
-(*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(SSL *ssl, SSL_SESSION *sess)
-{
-	return ctx->new_session_cb;
-}
-
-void
-SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
-    void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess))
-{
-	ctx->remove_session_cb = cb;
-}
-
-void
-(*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(SSL_CTX * ctx, SSL_SESSION *sess)
-{
-	return ctx->remove_session_cb;
-}
-
-void
-SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
-    unsigned char *data, int len, int *copy))
-{
-	ctx->get_session_cb = cb;
-}
-
-SSL_SESSION *
-(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data,
-    int len, int *copy)
-{
-	return ctx->get_session_cb;
-}
-
-void
-SSL_CTX_set_info_callback(SSL_CTX *ctx,
-    void (*cb)(const SSL *ssl, int type, int val))
-{
-	ctx->info_callback = cb;
-}
-
-void
-(*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type, int val)
-{
-	return ctx->info_callback;
-}
-
-void
-SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
-    int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey))
-{
-	ctx->client_cert_cb = cb;
-}
-
-int
-(*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL * ssl, X509 ** x509,
-    EVP_PKEY **pkey)
-{
-	return ctx->client_cert_cb;
-}
-
-#ifndef OPENSSL_NO_ENGINE
-int
-SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
-{
-	if (!ENGINE_init(e)) {
-		SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
-		    ERR_R_ENGINE_LIB);
-		return 0;
-	}
-	if (!ENGINE_get_ssl_client_cert_function(e)) {
-		SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
-		    SSL_R_NO_CLIENT_CERT_METHOD);
-		ENGINE_finish(e);
-		return 0;
-	}
-	ctx->client_cert_engine = e;
-	return 1;
-}
-#endif
-
-void
-SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
-    int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len))
-{
-	ctx->app_gen_cookie_cb = cb;
-}
-
-void
-SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-    int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
-{
-	ctx->app_verify_cookie_cb = cb;
-}
-
-IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION, SSL_SESSION)
diff --git a/lib/libssl/src/ssl/ssl_stat.c b/lib/libssl/src/ssl/ssl_stat.c
deleted file mode 100644
index 6d67d19c253..00000000000
--- a/lib/libssl/src/ssl/ssl_stat.c
+++ /dev/null
@@ -1,801 +0,0 @@
-/* $OpenBSD: ssl_stat.c,v 1.12 2014/11/16 14:12:47 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-const char *
-SSL_state_string_long(const SSL *s)
-{
-	const char *str;
-
-	switch (s->state) {
-	case SSL_ST_BEFORE:
-		str = "before SSL initialization";
-		break;
-	case SSL_ST_ACCEPT:
-		str = "before accept initialization";
-		break;
-	case SSL_ST_CONNECT:
-		str = "before connect initialization";
-		break;
-	case SSL_ST_OK:
-		str = "SSL negotiation finished successfully";
-		break;
-	case SSL_ST_RENEGOTIATE:
-		str = "SSL renegotiate ciphers";
-		break;
-	case SSL_ST_BEFORE|SSL_ST_CONNECT:
-		str = "before/connect initialization";
-		break;
-	case SSL_ST_OK|SSL_ST_CONNECT:
-		str = "ok/connect SSL initialization";
-		break;
-	case SSL_ST_BEFORE|SSL_ST_ACCEPT:
-		str = "before/accept initialization";
-		break;
-	case SSL_ST_OK|SSL_ST_ACCEPT:
-		str = "ok/accept SSL initialization";
-		break;
-
-	/* SSLv3 additions */
-	case SSL3_ST_CW_CLNT_HELLO_A:
-		str = "SSLv3 write client hello A";
-		break;
-	case SSL3_ST_CW_CLNT_HELLO_B:
-		str = "SSLv3 write client hello B";
-		break;
-	case SSL3_ST_CR_SRVR_HELLO_A:
-		str = "SSLv3 read server hello A";
-		break;
-	case SSL3_ST_CR_SRVR_HELLO_B:
-		str = "SSLv3 read server hello B";
-		break;
-	case SSL3_ST_CR_CERT_A:
-		str = "SSLv3 read server certificate A";
-		break;
-	case SSL3_ST_CR_CERT_B:
-		str = "SSLv3 read server certificate B";
-		break;
-	case SSL3_ST_CR_KEY_EXCH_A:
-		str = "SSLv3 read server key exchange A";
-		break;
-	case SSL3_ST_CR_KEY_EXCH_B:
-		str = "SSLv3 read server key exchange B";
-		break;
-	case SSL3_ST_CR_CERT_REQ_A:
-		str = "SSLv3 read server certificate request A";
-		break;
-	case SSL3_ST_CR_CERT_REQ_B:
-		str = "SSLv3 read server certificate request B";
-		break;
-	case SSL3_ST_CR_SESSION_TICKET_A:
-		str = "SSLv3 read server session ticket A";
-		break;
-	case SSL3_ST_CR_SESSION_TICKET_B:
-		str = "SSLv3 read server session ticket B";
-		break;
-	case SSL3_ST_CR_SRVR_DONE_A:
-		str = "SSLv3 read server done A";
-		break;
-	case SSL3_ST_CR_SRVR_DONE_B:
-		str = "SSLv3 read server done B";
-		break;
-	case SSL3_ST_CW_CERT_A:
-		str = "SSLv3 write client certificate A";
-		break;
-	case SSL3_ST_CW_CERT_B:
-		str = "SSLv3 write client certificate B";
-		break;
-	case SSL3_ST_CW_CERT_C:
-		str = "SSLv3 write client certificate C";
-		break;
-	case SSL3_ST_CW_CERT_D:
-		str = "SSLv3 write client certificate D";
-		break;
-	case SSL3_ST_CW_KEY_EXCH_A:
-		str = "SSLv3 write client key exchange A";
-		break;
-	case SSL3_ST_CW_KEY_EXCH_B:
-		str = "SSLv3 write client key exchange B";
-		break;
-	case SSL3_ST_CW_CERT_VRFY_A:
-		str = "SSLv3 write certificate verify A";
-		break;
-	case SSL3_ST_CW_CERT_VRFY_B:
-		str = "SSLv3 write certificate verify B";
-		break;
-
-	case SSL3_ST_CW_CHANGE_A:
-	case SSL3_ST_SW_CHANGE_A:
-		str = "SSLv3 write change cipher spec A";
-		break;
-	case SSL3_ST_CW_CHANGE_B:
-	case SSL3_ST_SW_CHANGE_B:
-		str = "SSLv3 write change cipher spec B";
-		break;
-	case SSL3_ST_CW_FINISHED_A:
-	case SSL3_ST_SW_FINISHED_A:
-		str = "SSLv3 write finished A";
-		break;
-	case SSL3_ST_CW_FINISHED_B:
-	case SSL3_ST_SW_FINISHED_B:
-		str = "SSLv3 write finished B";
-		break;
-	case SSL3_ST_CR_CHANGE_A:
-	case SSL3_ST_SR_CHANGE_A:
-		str = "SSLv3 read change cipher spec A";
-		break;
-	case SSL3_ST_CR_CHANGE_B:
-	case SSL3_ST_SR_CHANGE_B:
-		str = "SSLv3 read change cipher spec B";
-		break;
-	case SSL3_ST_CR_FINISHED_A:
-	case SSL3_ST_SR_FINISHED_A:
-		str = "SSLv3 read finished A";
-		break;
-	case SSL3_ST_CR_FINISHED_B:
-	case SSL3_ST_SR_FINISHED_B:
-		str = "SSLv3 read finished B";
-		break;
-
-	case SSL3_ST_CW_FLUSH:
-	case SSL3_ST_SW_FLUSH:
-		str = "SSLv3 flush data";
-		break;
-
-	case SSL3_ST_SR_CLNT_HELLO_A:
-		str = "SSLv3 read client hello A";
-		break;
-	case SSL3_ST_SR_CLNT_HELLO_B:
-		str = "SSLv3 read client hello B";
-		break;
-	case SSL3_ST_SR_CLNT_HELLO_C:
-		str = "SSLv3 read client hello C";
-		break;
-	case SSL3_ST_SW_HELLO_REQ_A:
-		str = "SSLv3 write hello request A";
-		break;
-	case SSL3_ST_SW_HELLO_REQ_B:
-		str = "SSLv3 write hello request B";
-		break;
-	case SSL3_ST_SW_HELLO_REQ_C:
-		str = "SSLv3 write hello request C";
-		break;
-	case SSL3_ST_SW_SRVR_HELLO_A:
-		str = "SSLv3 write server hello A";
-		break;
-	case SSL3_ST_SW_SRVR_HELLO_B:
-		str = "SSLv3 write server hello B";
-		break;
-	case SSL3_ST_SW_CERT_A:
-		str = "SSLv3 write certificate A";
-		break;
-	case SSL3_ST_SW_CERT_B:
-		str = "SSLv3 write certificate B";
-		break;
-	case SSL3_ST_SW_KEY_EXCH_A:
-		str = "SSLv3 write key exchange A";
-		break;
-	case SSL3_ST_SW_KEY_EXCH_B:
-		str = "SSLv3 write key exchange B";
-		break;
-	case SSL3_ST_SW_CERT_REQ_A:
-		str = "SSLv3 write certificate request A";
-		break;
-	case SSL3_ST_SW_CERT_REQ_B:
-		str = "SSLv3 write certificate request B";
-		break;
-	case SSL3_ST_SW_SESSION_TICKET_A:
-		str = "SSLv3 write session ticket A";
-		break;
-	case SSL3_ST_SW_SESSION_TICKET_B:
-		str = "SSLv3 write session ticket B";
-		break;
-	case SSL3_ST_SW_SRVR_DONE_A:
-		str = "SSLv3 write server done A";
-		break;
-	case SSL3_ST_SW_SRVR_DONE_B:
-		str = "SSLv3 write server done B";
-		break;
-	case SSL3_ST_SR_CERT_A:
-		str = "SSLv3 read client certificate A";
-		break;
-	case SSL3_ST_SR_CERT_B:
-		str = "SSLv3 read client certificate B";
-		break;
-	case SSL3_ST_SR_KEY_EXCH_A:
-		str = "SSLv3 read client key exchange A";
-		break;
-	case SSL3_ST_SR_KEY_EXCH_B:
-		str = "SSLv3 read client key exchange B";
-		break;
-	case SSL3_ST_SR_CERT_VRFY_A:
-		str = "SSLv3 read certificate verify A";
-		break;
-	case SSL3_ST_SR_CERT_VRFY_B:
-		str = "SSLv3 read certificate verify B";
-		break;
-
-	/* DTLS */
-	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-		str = "DTLS1 read hello verify request A";
-		break;
-	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-		str = "DTLS1 read hello verify request B";
-		break;
-	case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-		str = "DTLS1 write hello verify request A";
-		break;
-	case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-		str = "DTLS1 write hello verify request B";
-		break;
-
-	default:
-		str = "unknown state";
-		break;
-	}
-	return (str);
-}
-
-const char *
-SSL_rstate_string_long(const SSL *s)
-{
-	const char *str;
-
-	switch (s->rstate) {
-	case SSL_ST_READ_HEADER:
-		str = "read header";
-		break;
-	case SSL_ST_READ_BODY:
-		str = "read body";
-		break;
-	case SSL_ST_READ_DONE:
-		str = "read done";
-		break;
-	default:
-		str = "unknown";
-		break;
-	}
-	return (str);
-}
-
-const char *
-SSL_state_string(const SSL *s)
-{
-	const char *str;
-
-	switch (s->state) {
-	case SSL_ST_BEFORE:
-		str = "PINIT ";
-		break;
-	case SSL_ST_ACCEPT:
-		str = "AINIT ";
-		break;
-	case SSL_ST_CONNECT:
-		str = "CINIT ";
-		break;
-	case SSL_ST_OK:
-		str = "SSLOK ";
-		break;
-
-	/* SSLv3 additions */
-	case SSL3_ST_SW_FLUSH:
-	case SSL3_ST_CW_FLUSH:
-		str = "3FLUSH";
-		break;
-	case SSL3_ST_CW_CLNT_HELLO_A:
-		str = "3WCH_A";
-		break;
-	case SSL3_ST_CW_CLNT_HELLO_B:
-		str = "3WCH_B";
-		break;
-	case SSL3_ST_CR_SRVR_HELLO_A:
-		str = "3RSH_A";
-		break;
-	case SSL3_ST_CR_SRVR_HELLO_B:
-		str = "3RSH_B";
-		break;
-	case SSL3_ST_CR_CERT_A:
-		str = "3RSC_A";
-		break;
-	case SSL3_ST_CR_CERT_B:
-		str = "3RSC_B";
-		break;
-	case SSL3_ST_CR_KEY_EXCH_A:
-		str = "3RSKEA";
-		break;
-	case SSL3_ST_CR_KEY_EXCH_B:
-		str = "3RSKEB";
-		break;
-	case SSL3_ST_CR_CERT_REQ_A:
-		str = "3RCR_A";
-		break;
-	case SSL3_ST_CR_CERT_REQ_B:
-		str = "3RCR_B";
-		break;
-	case SSL3_ST_CR_SRVR_DONE_A:
-		str = "3RSD_A";
-		break;
-	case SSL3_ST_CR_SRVR_DONE_B:
-		str = "3RSD_B";
-		break;
-	case SSL3_ST_CW_CERT_A:
-		str = "3WCC_A";
-		break;
-	case SSL3_ST_CW_CERT_B:
-		str = "3WCC_B";
-		break;
-	case SSL3_ST_CW_CERT_C:
-		str = "3WCC_C";
-		break;
-	case SSL3_ST_CW_CERT_D:
-		str = "3WCC_D";
-		break;
-	case SSL3_ST_CW_KEY_EXCH_A:
-		str = "3WCKEA";
-		break;
-	case SSL3_ST_CW_KEY_EXCH_B:
-		str = "3WCKEB";
-		break;
-	case SSL3_ST_CW_CERT_VRFY_A:
-		str = "3WCV_A";
-		break;
-	case SSL3_ST_CW_CERT_VRFY_B:
-		str = "3WCV_B";
-		break;
-
-	case SSL3_ST_SW_CHANGE_A:
-	case SSL3_ST_CW_CHANGE_A:
-		str = "3WCCSA";
-		break;
-	case SSL3_ST_SW_CHANGE_B:
-	case SSL3_ST_CW_CHANGE_B:
-		str = "3WCCSB";
-		break;
-	case SSL3_ST_SW_FINISHED_A:
-	case SSL3_ST_CW_FINISHED_A:
-		str = "3WFINA";
-		break;
-	case SSL3_ST_SW_FINISHED_B:
-	case SSL3_ST_CW_FINISHED_B:
-		str = "3WFINB";
-		break;
-	case SSL3_ST_SR_CHANGE_A:
-	case SSL3_ST_CR_CHANGE_A:
-		str = "3RCCSA";
-		break;
-	case SSL3_ST_SR_CHANGE_B:
-	case SSL3_ST_CR_CHANGE_B:
-		str = "3RCCSB";
-		break;
-	case SSL3_ST_SR_FINISHED_A:
-	case SSL3_ST_CR_FINISHED_A:
-		str = "3RFINA";
-		break;
-	case SSL3_ST_SR_FINISHED_B:
-	case SSL3_ST_CR_FINISHED_B:
-		str = "3RFINB";
-		break;
-
-	case SSL3_ST_SW_HELLO_REQ_A:
-		str = "3WHR_A";
-		break;
-	case SSL3_ST_SW_HELLO_REQ_B:
-		str = "3WHR_B";
-		break;
-	case SSL3_ST_SW_HELLO_REQ_C:
-		str = "3WHR_C";
-		break;
-	case SSL3_ST_SR_CLNT_HELLO_A:
-		str = "3RCH_A";
-		break;
-	case SSL3_ST_SR_CLNT_HELLO_B:
-		str = "3RCH_B";
-		break;
-	case SSL3_ST_SR_CLNT_HELLO_C:
-		str = "3RCH_C";
-		break;
-	case SSL3_ST_SW_SRVR_HELLO_A:
-		str = "3WSH_A";
-		break;
-	case SSL3_ST_SW_SRVR_HELLO_B:
-		str = "3WSH_B";
-		break;
-	case SSL3_ST_SW_CERT_A:
-		str = "3WSC_A";
-		break;
-	case SSL3_ST_SW_CERT_B:
-		str = "3WSC_B";
-		break;
-	case SSL3_ST_SW_KEY_EXCH_A:
-		str = "3WSKEA";
-		break;
-	case SSL3_ST_SW_KEY_EXCH_B:
-		str = "3WSKEB";
-		break;
-	case SSL3_ST_SW_CERT_REQ_A:
-		str = "3WCR_A";
-		break;
-	case SSL3_ST_SW_CERT_REQ_B:
-		str = "3WCR_B";
-		break;
-	case SSL3_ST_SW_SRVR_DONE_A:
-		str = "3WSD_A";
-		break;
-	case SSL3_ST_SW_SRVR_DONE_B:
-		str = "3WSD_B";
-		break;
-	case SSL3_ST_SR_CERT_A:
-		str = "3RCC_A";
-		break;
-	case SSL3_ST_SR_CERT_B:
-		str = "3RCC_B";
-		break;
-	case SSL3_ST_SR_KEY_EXCH_A:
-		str = "3RCKEA";
-		break;
-	case SSL3_ST_SR_KEY_EXCH_B:
-		str = "3RCKEB";
-		break;
-	case SSL3_ST_SR_CERT_VRFY_A:
-		str = "3RCV_A";
-		break;
-	case SSL3_ST_SR_CERT_VRFY_B:
-		str = "3RCV_B";
-		break;
-
-	/* DTLS */
-	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
-		str = "DRCHVA";
-		break;
-	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-		str = "DRCHVB";
-		break;
-	case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
-		str = "DWCHVA";
-		break;
-	case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
-		str = "DWCHVB";
-		break;
-
-	default:
-		str = "UNKWN ";
-		break;
-	}
-	return (str);
-}
-
-const char *
-SSL_alert_type_string_long(int value)
-{
-	value >>= 8;
-	if (value == SSL3_AL_WARNING)
-		return ("warning");
-	else if (value == SSL3_AL_FATAL)
-		return ("fatal");
-	else
-		return ("unknown");
-}
-
-const char *
-SSL_alert_type_string(int value)
-{
-	value >>= 8;
-	if (value == SSL3_AL_WARNING)
-		return ("W");
-	else if (value == SSL3_AL_FATAL)
-		return ("F");
-	else
-		return ("U");
-}
-
-const char *
-SSL_alert_desc_string(int value)
-{
-	const char *str;
-
-	switch (value & 0xff) {
-	case SSL3_AD_CLOSE_NOTIFY:
-		str = "CN";
-		break;
-	case SSL3_AD_UNEXPECTED_MESSAGE:
-		str = "UM";
-		break;
-	case SSL3_AD_BAD_RECORD_MAC:
-		str = "BM";
-		break;
-	case SSL3_AD_DECOMPRESSION_FAILURE:
-		str = "DF";
-		break;
-	case SSL3_AD_HANDSHAKE_FAILURE:
-		str = "HF";
-		break;
-	case SSL3_AD_NO_CERTIFICATE:
-		str = "NC";
-		break;
-	case SSL3_AD_BAD_CERTIFICATE:
-		str = "BC";
-		break;
-	case SSL3_AD_UNSUPPORTED_CERTIFICATE:
-		str = "UC";
-		break;
-	case SSL3_AD_CERTIFICATE_REVOKED:
-		str = "CR";
-		break;
-	case SSL3_AD_CERTIFICATE_EXPIRED:
-		str = "CE";
-		break;
-	case SSL3_AD_CERTIFICATE_UNKNOWN:
-		str = "CU";
-		break;
-	case SSL3_AD_ILLEGAL_PARAMETER:
-		str = "IP";
-		break;
-	case TLS1_AD_DECRYPTION_FAILED:
-		str = "DC";
-		break;
-	case TLS1_AD_RECORD_OVERFLOW:
-		str = "RO";
-		break;
-	case TLS1_AD_UNKNOWN_CA:
-		str = "CA";
-		break;
-	case TLS1_AD_ACCESS_DENIED:
-		str = "AD";
-		break;
-	case TLS1_AD_DECODE_ERROR:
-		str = "DE";
-		break;
-	case TLS1_AD_DECRYPT_ERROR:
-		str = "CY";
-		break;
-	case TLS1_AD_EXPORT_RESTRICTION:
-		str = "ER";
-		break;
-	case TLS1_AD_PROTOCOL_VERSION:
-		str = "PV";
-		break;
-	case TLS1_AD_INSUFFICIENT_SECURITY:
-		str = "IS";
-		break;
-	case TLS1_AD_INTERNAL_ERROR:
-		str = "IE";
-		break;
-	case TLS1_AD_USER_CANCELLED:
-		str = "US";
-		break;
-	case TLS1_AD_NO_RENEGOTIATION:
-		str = "NR";
-		break;
-	case TLS1_AD_UNSUPPORTED_EXTENSION:
-		str = "UE";
-		break;
-	case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
-		str = "CO";
-		break;
-	case TLS1_AD_UNRECOGNIZED_NAME:
-		str = "UN";
-		break;
-	case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-		str = "BR";
-		break;
-	case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
-		str = "BH";
-		break;
-	case TLS1_AD_UNKNOWN_PSK_IDENTITY:
-		str = "UP";
-		break;
-	default:
-		str = "UK";
-		break;
-	}
-	return (str);
-}
-
-const char *
-SSL_alert_desc_string_long(int value)
-{
-	const char *str;
-
-	switch (value & 0xff) {
-	case SSL3_AD_CLOSE_NOTIFY:
-		str = "close notify";
-		break;
-	case SSL3_AD_UNEXPECTED_MESSAGE:
-		str = "unexpected_message";
-		break;
-	case SSL3_AD_BAD_RECORD_MAC:
-		str = "bad record mac";
-		break;
-	case SSL3_AD_DECOMPRESSION_FAILURE:
-		str = "decompression failure";
-		break;
-	case SSL3_AD_HANDSHAKE_FAILURE:
-		str = "handshake failure";
-		break;
-	case SSL3_AD_NO_CERTIFICATE:
-		str = "no certificate";
-		break;
-	case SSL3_AD_BAD_CERTIFICATE:
-		str = "bad certificate";
-		break;
-	case SSL3_AD_UNSUPPORTED_CERTIFICATE:
-		str = "unsupported certificate";
-		break;
-	case SSL3_AD_CERTIFICATE_REVOKED:
-		str = "certificate revoked";
-		break;
-	case SSL3_AD_CERTIFICATE_EXPIRED:
-		str = "certificate expired";
-		break;
-	case SSL3_AD_CERTIFICATE_UNKNOWN:
-		str = "certificate unknown";
-		break;
-	case SSL3_AD_ILLEGAL_PARAMETER:
-		str = "illegal parameter";
-		break;
-	case TLS1_AD_DECRYPTION_FAILED:
-		str = "decryption failed";
-		break;
-	case TLS1_AD_RECORD_OVERFLOW:
-		str = "record overflow";
-		break;
-	case TLS1_AD_UNKNOWN_CA:
-		str = "unknown CA";
-		break;
-	case TLS1_AD_ACCESS_DENIED:
-		str = "access denied";
-		break;
-	case TLS1_AD_DECODE_ERROR:
-		str = "decode error";
-		break;
-	case TLS1_AD_DECRYPT_ERROR:
-		str = "decrypt error";
-		break;
-	case TLS1_AD_EXPORT_RESTRICTION:
-		str = "export restriction";
-		break;
-	case TLS1_AD_PROTOCOL_VERSION:
-		str = "protocol version";
-		break;
-	case TLS1_AD_INSUFFICIENT_SECURITY:
-		str = "insufficient security";
-		break;
-	case TLS1_AD_INTERNAL_ERROR:
-		str = "internal error";
-		break;
-	case TLS1_AD_USER_CANCELLED:
-		str = "user canceled";
-		break;
-	case TLS1_AD_NO_RENEGOTIATION:
-		str = "no renegotiation";
-		break;
-	case TLS1_AD_UNSUPPORTED_EXTENSION:
-		str = "unsupported extension";
-		break;
-	case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
-		str = "certificate unobtainable";
-		break;
-	case TLS1_AD_UNRECOGNIZED_NAME:
-		str = "unrecognized name";
-		break;
-	case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-		str = "bad certificate status response";
-		break;
-	case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
-		str = "bad certificate hash value";
-		break;
-	case TLS1_AD_UNKNOWN_PSK_IDENTITY:
-		str = "unknown PSK identity";
-		break;
-	default:
-		str = "unknown";
-		break;
-	}
-	return (str);
-}
-
-const char *
-SSL_rstate_string(const SSL *s)
-{
-	const char *str;
-
-	switch (s->rstate) {
-	case SSL_ST_READ_HEADER:
-		str = "RH";
-		break;
-	case SSL_ST_READ_BODY:
-		str = "RB";
-		break;
-	case SSL_ST_READ_DONE:
-		str = "RD";
-		break;
-	default:
-		str = "unknown";
-		break;
-	}
-	return (str);
-}
diff --git a/lib/libssl/src/ssl/ssl_txt.c b/lib/libssl/src/ssl/ssl_txt.c
deleted file mode 100644
index c3626dc03a1..00000000000
--- a/lib/libssl/src/ssl/ssl_txt.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/* $OpenBSD: ssl_txt.c,v 1.26 2014/12/14 15:30:50 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include <openssl/buffer.h>
-
-#include "ssl_locl.h"
-
-int
-SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
-{
-	BIO *b;
-	int ret;
-
-	if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
-		SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
-		return (0);
-	}
-	BIO_set_fp(b, fp, BIO_NOCLOSE);
-	ret = SSL_SESSION_print(b, x);
-	BIO_free(b);
-	return (ret);
-}
-
-int
-SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
-{
-	unsigned int i;
-	const char *s;
-
-	if (x == NULL)
-		goto err;
-	if (BIO_puts(bp, "SSL-Session:\n") <= 0)
-		goto err;
-
-	s = ssl_version_string(x->ssl_version);
-	if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
-		goto err;
-
-	if (x->cipher == NULL) {
-		if (((x->cipher_id) & 0xff000000) == 0x02000000) {
-			if (BIO_printf(bp, "    Cipher    : %06lX\n", x->cipher_id&0xffffff) <= 0)
-				goto err;
-		} else {
-			if (BIO_printf(bp, "    Cipher    : %04lX\n", x->cipher_id&0xffff) <= 0)
-				goto err;
-		}
-	} else {
-		if (BIO_printf(bp, "    Cipher    : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0)
-			goto err;
-	}
-	if (BIO_puts(bp, "    Session-ID: ") <= 0)
-		goto err;
-	for (i = 0; i < x->session_id_length; i++) {
-		if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
-			goto err;
-	}
-	if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
-		goto err;
-	for (i = 0; i < x->sid_ctx_length; i++) {
-		if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
-			goto err;
-	}
-	if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
-		goto err;
-	for (i = 0; i < (unsigned int)x->master_key_length; i++) {
-		if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
-			goto err;
-	}
-	if (x->tlsext_tick_lifetime_hint) {
-		if (BIO_printf(bp,
-		    "\n    TLS session ticket lifetime hint: %ld (seconds)",
-		    x->tlsext_tick_lifetime_hint) <= 0)
-			goto err;
-	}
-	if (x->tlsext_tick) {
-		if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
-			goto err;
-		if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4) <= 0)
-			goto err;
-	}
-
-	if (x->time != 0) {
-		if (BIO_printf(bp, "\n    Start Time: %lld", (long long)x->time) <= 0)
-			goto err;
-	}
-	if (x->timeout != 0L) {
-		if (BIO_printf(bp, "\n    Timeout   : %ld (sec)", x->timeout) <= 0)
-			goto err;
-	}
-	if (BIO_puts(bp, "\n") <= 0)
-		goto err;
-
-	if (BIO_puts(bp, "    Verify return code: ") <= 0)
-		goto err;
-
-	if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
-	    X509_verify_cert_error_string(x->verify_result)) <= 0)
-		goto err;
-
-	return (1);
-err:
-	return (0);
-}
-
diff --git a/lib/libssl/src/ssl/t1_clnt.c b/lib/libssl/src/ssl/t1_clnt.c
deleted file mode 100644
index 0853a3cb33a..00000000000
--- a/lib/libssl/src/ssl/t1_clnt.c
+++ /dev/null
@@ -1,237 +0,0 @@
-/* $OpenBSD: t1_clnt.c,v 1.18 2015/09/11 14:39:05 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-
-static const SSL_METHOD *tls1_get_client_method(int ver);
-
-const SSL_METHOD TLS_client_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = ssl23_connect,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_client_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_client_method_data = {
-	.version = TLS1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_client_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_1_client_method_data = {
-	.version = TLS1_1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_client_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_2_client_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl_undefined_function,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_client_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_2_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-static const SSL_METHOD *
-tls1_get_client_method(int ver)
-{
-	if (ver == TLS1_2_VERSION)
-		return (TLSv1_2_client_method());
-	if (ver == TLS1_1_VERSION)
-		return (TLSv1_1_client_method());
-	if (ver == TLS1_VERSION)
-		return (TLSv1_client_method());
-	return (NULL);
-}
-
-const SSL_METHOD *
-SSLv23_client_method(void)
-{
-	return (TLS_client_method());
-}
-
-const SSL_METHOD *
-TLS_client_method(void)
-{
-	return (&TLS_client_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_client_method(void)
-{
-	return (&TLSv1_client_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_1_client_method(void)
-{
-	return (&TLSv1_1_client_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_2_client_method(void)
-{
-	return (&TLSv1_2_client_method_data);
-}
diff --git a/lib/libssl/src/ssl/t1_enc.c b/lib/libssl/src/ssl/t1_enc.c
deleted file mode 100644
index 53570b2d4f7..00000000000
--- a/lib/libssl/src/ssl/t1_enc.c
+++ /dev/null
@@ -1,1419 +0,0 @@
-/* $OpenBSD: t1_enc.c,v 1.85 2016/04/28 16:39:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/md5.h>
-
-void
-tls1_cleanup_key_block(SSL *s)
-{
-	if (s->s3->tmp.key_block != NULL) {
-		explicit_bzero(s->s3->tmp.key_block,
-		    s->s3->tmp.key_block_length);
-		free(s->s3->tmp.key_block);
-		s->s3->tmp.key_block = NULL;
-	}
-	s->s3->tmp.key_block_length = 0;
-}
-
-int
-tls1_init_finished_mac(SSL *s)
-{
-	BIO_free(s->s3->handshake_buffer);
-	tls1_free_digest_list(s);
-
-	s->s3->handshake_buffer = BIO_new(BIO_s_mem());
-	if (s->s3->handshake_buffer == NULL)
-		return (0);
-
-	(void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);
-
-	return (1);
-}
-
-void
-tls1_free_digest_list(SSL *s)
-{
-	int i;
-
-	if (s == NULL)
-		return;
-
-	if (s->s3->handshake_dgst == NULL)
-		return;
-	for (i = 0; i < SSL_MAX_DIGEST; i++) {
-		if (s->s3->handshake_dgst[i])
-			EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
-	}
-	free(s->s3->handshake_dgst);
-	s->s3->handshake_dgst = NULL;
-}
-
-void
-tls1_finish_mac(SSL *s, const unsigned char *buf, int len)
-{
-	if (s->s3->handshake_buffer &&
-	    !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
-		BIO_write(s->s3->handshake_buffer, (void *)buf, len);
-	} else {
-		int i;
-		for (i = 0; i < SSL_MAX_DIGEST; i++) {
-			if (s->s3->handshake_dgst[i]!= NULL)
-				EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len);
-		}
-	}
-}
-
-int
-tls1_digest_cached_records(SSL *s)
-{
-	int i;
-	long mask;
-	const EVP_MD *md;
-	long hdatalen;
-	void *hdata;
-
-	tls1_free_digest_list(s);
-
-	s->s3->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *));
-	if (s->s3->handshake_dgst == NULL) {
-		SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);
-		return 0;
-	}
-	hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
-	if (hdatalen <= 0) {
-		SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS,
-		    SSL_R_BAD_HANDSHAKE_LENGTH);
-		return 0;
-	}
-
-	/* Loop through bits of the algorithm2 field and create MD contexts. */
-	for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
-		if ((mask & ssl_get_algorithm2(s)) && md) {
-			s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
-			if (s->s3->handshake_dgst[i] == NULL) {
-				SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS,
-				    ERR_R_MALLOC_FAILURE);
-				return 0;
-			}
-			if (!EVP_DigestInit_ex(s->s3->handshake_dgst[i],
-			    md, NULL)) {
-				EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
-				return 0;
-			}
-			if (!EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata,
-			    hdatalen))
-				return 0;
-		}
-	}
-
-	if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
-		BIO_free(s->s3->handshake_buffer);
-		s->s3->handshake_buffer = NULL;
-	}
-
-	return 1;
-}
-
-void
-tls1_record_sequence_increment(unsigned char *seq)
-{
-	int i;
-
-	for (i = SSL3_SEQUENCE_SIZE - 1; i >= 0; i--) {
-		if (++seq[i] != 0)
-			break;
-	}
-}
-
-/* seed1 through seed5 are virtually concatenated */
-static int
-tls1_P_hash(const EVP_MD *md, const unsigned char *sec, int sec_len,
-    const void *seed1, int seed1_len, const void *seed2, int seed2_len,
-    const void *seed3, int seed3_len, const void *seed4, int seed4_len,
-    const void *seed5, int seed5_len, unsigned char *out, int olen)
-{
-	int chunk;
-	size_t j;
-	EVP_MD_CTX ctx, ctx_tmp;
-	EVP_PKEY *mac_key;
-	unsigned char A1[EVP_MAX_MD_SIZE];
-	size_t A1_len;
-	int ret = 0;
-
-	chunk = EVP_MD_size(md);
-	OPENSSL_assert(chunk >= 0);
-
-	EVP_MD_CTX_init(&ctx);
-	EVP_MD_CTX_init(&ctx_tmp);
-	mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
-	if (!mac_key)
-		goto err;
-	if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
-		goto err;
-	if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
-		goto err;
-	if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
-		goto err;
-	if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
-		goto err;
-	if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
-		goto err;
-	if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
-		goto err;
-	if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
-		goto err;
-	if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
-		goto err;
-
-	for (;;) {
-		/* Reinit mac contexts */
-		if (!EVP_DigestSignInit(&ctx, NULL, md, NULL, mac_key))
-			goto err;
-		if (!EVP_DigestSignInit(&ctx_tmp, NULL, md, NULL, mac_key))
-			goto err;
-		if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
-			goto err;
-		if (!EVP_DigestSignUpdate(&ctx_tmp, A1, A1_len))
-			goto err;
-		if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
-			goto err;
-		if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
-			goto err;
-		if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
-			goto err;
-		if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
-			goto err;
-		if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
-			goto err;
-
-		if (olen > chunk) {
-			if (!EVP_DigestSignFinal(&ctx, out, &j))
-				goto err;
-			out += j;
-			olen -= j;
-			/* calc the next A1 value */
-			if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
-				goto err;
-		} else {
-			/* last one */
-			if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
-				goto err;
-			memcpy(out, A1, olen);
-			break;
-		}
-	}
-	ret = 1;
-
-err:
-	EVP_PKEY_free(mac_key);
-	EVP_MD_CTX_cleanup(&ctx);
-	EVP_MD_CTX_cleanup(&ctx_tmp);
-	explicit_bzero(A1, sizeof(A1));
-	return ret;
-}
-
-/* seed1 through seed5 are virtually concatenated */
-static int
-tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2,
-    int seed2_len, const void *seed3, int seed3_len, const void *seed4,
-    int seed4_len, const void *seed5, int seed5_len, const unsigned char *sec,
-    int slen, unsigned char *out1, unsigned char *out2, int olen)
-{
-	int len, i, idx, count;
-	const unsigned char *S1;
-	long m;
-	const EVP_MD *md;
-	int ret = 0;
-
-	/* Count number of digests and partition sec evenly */
-	count = 0;
-	for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
-		if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
-			count++;
-	}
-	if (count == 0) {
-		SSLerr(SSL_F_TLS1_PRF,
-		    SSL_R_SSL_HANDSHAKE_FAILURE);
-		goto err;
-	}
-	len = slen / count;
-	if (count == 1)
-		slen = 0;
-	S1 = sec;
-	memset(out1, 0, olen);
-	for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
-		if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
-			if (!md) {
-				SSLerr(SSL_F_TLS1_PRF,
-				    SSL_R_UNSUPPORTED_DIGEST_TYPE);
-				goto err;
-			}
-			if (!tls1_P_hash(md , S1, len + (slen&1), seed1,
-			    seed1_len, seed2, seed2_len, seed3, seed3_len,
-			    seed4, seed4_len, seed5, seed5_len, out2, olen))
-				goto err;
-			S1 += len;
-			for (i = 0; i < olen; i++) {
-				out1[i] ^= out2[i];
-			}
-		}
-	}
-	ret = 1;
-
-err:
-	return ret;
-}
-
-static int
-tls1_generate_key_block(SSL *s, unsigned char *km, unsigned char *tmp, int num)
-{
-	int ret;
-
-	ret = tls1_PRF(ssl_get_algorithm2(s),
-	    TLS_MD_KEY_EXPANSION_CONST, TLS_MD_KEY_EXPANSION_CONST_SIZE,
-	    s->s3->server_random, SSL3_RANDOM_SIZE,
-	    s->s3->client_random, SSL3_RANDOM_SIZE,
-	    NULL, 0, NULL, 0,
-	    s->session->master_key, s->session->master_key_length,
-	    km, tmp, num);
-	return ret;
-}
-
-/*
- * tls1_aead_ctx_init allocates aead_ctx, if needed. It returns 1 on success
- * and 0 on failure.
- */
-static int
-tls1_aead_ctx_init(SSL_AEAD_CTX **aead_ctx)
-{
-	if (*aead_ctx != NULL) {
-		EVP_AEAD_CTX_cleanup(&(*aead_ctx)->ctx);
-		return (1);
-	}
-
-	*aead_ctx = malloc(sizeof(SSL_AEAD_CTX));
-	if (*aead_ctx == NULL) {
-		SSLerr(SSL_F_TLS1_AEAD_CTX_INIT, ERR_R_MALLOC_FAILURE);
-		return (0);
-	}
-
-	return (1);
-}
-
-static int
-tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
-    unsigned key_len, const unsigned char *iv, unsigned iv_len)
-{
-	const EVP_AEAD *aead = s->s3->tmp.new_aead;
-	SSL_AEAD_CTX *aead_ctx;
-
-	if (is_read) {
-		if (!tls1_aead_ctx_init(&s->aead_read_ctx))
-			return 0;
-		aead_ctx = s->aead_read_ctx;
-	} else {
-		if (!tls1_aead_ctx_init(&s->aead_write_ctx))
-			return 0;
-		aead_ctx = s->aead_write_ctx;
-	}
-
-	if (!EVP_AEAD_CTX_init(&aead_ctx->ctx, aead, key, key_len,
-	    EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
-		return (0);
-	if (iv_len > sizeof(aead_ctx->fixed_nonce)) {
-		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD,
-		    ERR_R_INTERNAL_ERROR);
-		return (0);
-	}
-	memcpy(aead_ctx->fixed_nonce, iv, iv_len);
-	aead_ctx->fixed_nonce_len = iv_len;
-	aead_ctx->variable_nonce_len = 8;  /* always the case, currently. */
-	aead_ctx->variable_nonce_in_record =
-	    (s->s3->tmp.new_cipher->algorithm2 &
-	    SSL_CIPHER_ALGORITHM2_VARIABLE_NONCE_IN_RECORD) != 0;
-	aead_ctx->xor_fixed_nonce =
-	    s->s3->tmp.new_cipher->algorithm_enc == SSL_CHACHA20POLY1305;
-	aead_ctx->tag_len = EVP_AEAD_max_overhead(aead);
-
-	if (aead_ctx->xor_fixed_nonce) {
-		if (aead_ctx->fixed_nonce_len != EVP_AEAD_nonce_length(aead) ||
-		    aead_ctx->variable_nonce_len > EVP_AEAD_nonce_length(aead)) {
-			SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD,
-			    ERR_R_INTERNAL_ERROR);
-			return (0);
-		}
-	} else {
-		if (aead_ctx->variable_nonce_len + aead_ctx->fixed_nonce_len !=
-		    EVP_AEAD_nonce_length(aead)) {
-			SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_AEAD,
-			    ERR_R_INTERNAL_ERROR);
-			return (0);
-		}
-	}
-
-	return (1);
-}
-
-/*
- * tls1_change_cipher_state_cipher performs the work needed to switch cipher
- * states when using EVP_CIPHER. The argument is_read is true iff this function
- * is being called due to reading, as opposed to writing, a ChangeCipherSpec
- * message. In order to support export ciphersuites, use_client_keys indicates
- * whether the key material provided is in the "client write" direction.
- */
-static int
-tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
-    const unsigned char *mac_secret, unsigned int mac_secret_size,
-    const unsigned char *key, unsigned int key_len, const unsigned char *iv,
-    unsigned int iv_len)
-{
-	EVP_CIPHER_CTX *cipher_ctx;
-	const EVP_CIPHER *cipher;
-	EVP_MD_CTX *mac_ctx;
-	const EVP_MD *mac;
-	int mac_type;
-
-	cipher = s->s3->tmp.new_sym_enc;
-	mac = s->s3->tmp.new_hash;
-	mac_type = s->s3->tmp.new_mac_pkey_type;
-
-	if (is_read) {
-		if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
-			s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
-		else
-			s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
-
-		EVP_CIPHER_CTX_free(s->enc_read_ctx);
-		s->enc_read_ctx = NULL;
-		EVP_MD_CTX_destroy(s->read_hash);
-		s->read_hash = NULL;
-
-		if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
-			goto err;
-		s->enc_read_ctx = cipher_ctx;
-		if ((mac_ctx = EVP_MD_CTX_create()) == NULL)
-			goto err;
-		s->read_hash = mac_ctx;
-	} else {
-		if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
-			s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
-		else
-			s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
-
-		/*
-		 * DTLS fragments retain a pointer to the compression, cipher
-		 * and hash contexts, so that it can restore state in order
-		 * to perform retransmissions. As such, we cannot free write
-		 * contexts that are used for DTLS - these are instead freed
-		 * by DTLS when its frees a ChangeCipherSpec fragment.
-		 */
-		if (!SSL_IS_DTLS(s)) {
-			EVP_CIPHER_CTX_free(s->enc_write_ctx);
-			s->enc_write_ctx = NULL;
-			EVP_MD_CTX_destroy(s->write_hash);
-			s->write_hash = NULL;
-		}
-		if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL)
-			goto err;
-		s->enc_write_ctx = cipher_ctx;
-		if ((mac_ctx = EVP_MD_CTX_create()) == NULL)
-			goto err;
-		s->write_hash = mac_ctx;
-	}
-
-	if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) {
-		EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, NULL,
-		    !is_read);
-		EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GCM_SET_IV_FIXED,
-		    iv_len, (unsigned char *)iv);
-	} else
-		EVP_CipherInit_ex(cipher_ctx, cipher, NULL, key, iv, !is_read);
-
-	if (!(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
-		EVP_PKEY *mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
-		    mac_secret, mac_secret_size);
-		if (mac_key == NULL)
-			goto err;
-		EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key);
-		EVP_PKEY_free(mac_key);
-	} else if (mac_secret_size > 0) {
-		/* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
-		EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_AEAD_SET_MAC_KEY,
-		    mac_secret_size, (unsigned char *)mac_secret);
-	}
-
-	if (s->s3->tmp.new_cipher->algorithm_enc == SSL_eGOST2814789CNT) {
-		int nid;
-		if (s->s3->tmp.new_cipher->algorithm2 & SSL_HANDSHAKE_MAC_GOST94)
-			nid = NID_id_Gost28147_89_CryptoPro_A_ParamSet;
-		else
-			nid = NID_id_tc26_gost_28147_param_Z;
-
-		EVP_CIPHER_CTX_ctrl(cipher_ctx, EVP_CTRL_GOST_SET_SBOX, nid, 0);
-		if (s->s3->tmp.new_cipher->algorithm_mac == SSL_GOST89MAC)
-			EVP_MD_CTX_ctrl(mac_ctx, EVP_MD_CTRL_GOST_SET_SBOX, nid, 0);
-	}
-
-	return (1);
-
-err:
-	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE_CIPHER, ERR_R_MALLOC_FAILURE);
-	return (0);
-}
-
-int
-tls1_change_cipher_state(SSL *s, int which)
-{
-	const unsigned char *client_write_mac_secret, *server_write_mac_secret;
-	const unsigned char *client_write_key, *server_write_key;
-	const unsigned char *client_write_iv, *server_write_iv;
-	const unsigned char *mac_secret, *key, *iv;
-	int mac_secret_size, key_len, iv_len;
-	unsigned char *key_block, *seq;
-	const EVP_CIPHER *cipher;
-	const EVP_AEAD *aead;
-	char is_read, use_client_keys;
-
-
-	cipher = s->s3->tmp.new_sym_enc;
-	aead = s->s3->tmp.new_aead;
-
-	/*
-	 * is_read is true if we have just read a ChangeCipherSpec message,
-	 * that is we need to update the read cipherspec. Otherwise we have
-	 * just written one.
-	 */
-	is_read = (which & SSL3_CC_READ) != 0;
-
-	/*
-	 * use_client_keys is true if we wish to use the keys for the "client
-	 * write" direction. This is the case if we're a client sending a
-	 * ChangeCipherSpec, or a server reading a client's ChangeCipherSpec.
-	 */
-	use_client_keys = ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
-	    (which == SSL3_CHANGE_CIPHER_SERVER_READ));
-
-
-	/*
-	 * Reset sequence number to zero - for DTLS this is handled in
-	 * dtls1_reset_seq_numbers().
-	 */
-	if (!SSL_IS_DTLS(s)) {
-		seq = is_read ? s->s3->read_sequence : s->s3->write_sequence;
-		memset(seq, 0, SSL3_SEQUENCE_SIZE);
-	}
-
-	if (aead != NULL) {
-		key_len = EVP_AEAD_key_length(aead);
-		iv_len = SSL_CIPHER_AEAD_FIXED_NONCE_LEN(s->s3->tmp.new_cipher);
-	} else {
-		key_len = EVP_CIPHER_key_length(cipher);
-		iv_len = EVP_CIPHER_iv_length(cipher);
-
-		/* If GCM mode only part of IV comes from PRF. */
-		if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
-			iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
-	}
-
-	mac_secret_size = s->s3->tmp.new_mac_secret_size;
-
-	key_block = s->s3->tmp.key_block;
-	client_write_mac_secret = key_block;
-	key_block += mac_secret_size;
-	server_write_mac_secret = key_block;
-	key_block += mac_secret_size;
-	client_write_key = key_block;
-	key_block += key_len;
-	server_write_key = key_block;
-	key_block += key_len;
-	client_write_iv = key_block;
-	key_block += iv_len;
-	server_write_iv = key_block;
-	key_block += iv_len;
-
-	if (use_client_keys) {
-		mac_secret = client_write_mac_secret;
-		key = client_write_key;
-		iv = client_write_iv;
-	} else {
-		mac_secret = server_write_mac_secret;
-		key = server_write_key;
-		iv = server_write_iv;
-	}
-
-	if (key_block - s->s3->tmp.key_block != s->s3->tmp.key_block_length) {
-		SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
-		goto err2;
-	}
-
-	if (is_read) {
-		memcpy(s->s3->read_mac_secret, mac_secret, mac_secret_size);
-		s->s3->read_mac_secret_size = mac_secret_size;
-	} else {
-		memcpy(s->s3->write_mac_secret, mac_secret, mac_secret_size);
-		s->s3->write_mac_secret_size = mac_secret_size;
-	}
-
-	if (aead != NULL) {
-		return tls1_change_cipher_state_aead(s, is_read, key, key_len,
-		    iv, iv_len);
-	}
-
-	return tls1_change_cipher_state_cipher(s, is_read, use_client_keys,
-	    mac_secret, mac_secret_size, key, key_len, iv, iv_len);
-
-err2:
-	return (0);
-}
-
-int
-tls1_setup_key_block(SSL *s)
-{
-	unsigned char *key_block, *tmp_block = NULL;
-	int mac_type = NID_undef, mac_secret_size = 0;
-	int key_block_len, key_len, iv_len;
-	const EVP_CIPHER *cipher = NULL;
-	const EVP_AEAD *aead = NULL;
-	const EVP_MD *mac = NULL;
-	int ret = 0;
-
-	if (s->s3->tmp.key_block_length != 0)
-		return (1);
-
-	if (s->session->cipher &&
-	    (s->session->cipher->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)) {
-		if (!ssl_cipher_get_evp_aead(s->session, &aead)) {
-			SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,
-			    SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-			return (0);
-		}
-		key_len = EVP_AEAD_key_length(aead);
-		iv_len = SSL_CIPHER_AEAD_FIXED_NONCE_LEN(s->session->cipher);
-	} else {
-		if (!ssl_cipher_get_evp(s->session, &cipher, &mac, &mac_type,
-		    &mac_secret_size)) {
-			SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,
-			    SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
-			return (0);
-		}
-		key_len = EVP_CIPHER_key_length(cipher);
-		iv_len = EVP_CIPHER_iv_length(cipher);
-
-		/* If GCM mode only part of IV comes from PRF. */
-		if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE)
-			iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
-	}
-
-	s->s3->tmp.new_aead = aead;
-	s->s3->tmp.new_sym_enc = cipher;
-	s->s3->tmp.new_hash = mac;
-	s->s3->tmp.new_mac_pkey_type = mac_type;
-	s->s3->tmp.new_mac_secret_size = mac_secret_size;
-
-	tls1_cleanup_key_block(s);
-
-	if ((key_block = reallocarray(NULL, mac_secret_size + key_len + iv_len,
-	    2)) == NULL) {
-		SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-	key_block_len = (mac_secret_size + key_len + iv_len) * 2;
-
-	s->s3->tmp.key_block_length = key_block_len;
-	s->s3->tmp.key_block = key_block;
-
-	if ((tmp_block = malloc(key_block_len)) == NULL) {
-		SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
-		goto err;
-	}
-
-	if (!tls1_generate_key_block(s, key_block, tmp_block, key_block_len))
-		goto err;
-
-	if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS) &&
-	    s->method->version <= TLS1_VERSION) {
-		/*
-		 * Enable vulnerability countermeasure for CBC ciphers with
-		 * known-IV problem (http://www.openssl.org/~bodo/tls-cbc.txt)
-		 */
-		s->s3->need_empty_fragments = 1;
-
-		if (s->session->cipher != NULL) {
-			if (s->session->cipher->algorithm_enc == SSL_eNULL)
-				s->s3->need_empty_fragments = 0;
-
-#ifndef OPENSSL_NO_RC4
-			if (s->session->cipher->algorithm_enc == SSL_RC4)
-				s->s3->need_empty_fragments = 0;
-#endif
-		}
-	}
-
-	ret = 1;
-
-err:
-	if (tmp_block) {
-		explicit_bzero(tmp_block, key_block_len);
-		free(tmp_block);
-	}
-	return (ret);
-}
-
-/* tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
- *
- * Returns:
- *   0: (in non-constant time) if the record is publically invalid (i.e. too
- *       short etc).
- *   1: if the record's padding is valid / the encryption was successful.
- *   -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
- *       an internal error occured.
- */
-int
-tls1_enc(SSL *s, int send)
-{
-	const SSL_AEAD_CTX *aead;
-	const EVP_CIPHER *enc;
-	EVP_CIPHER_CTX *ds;
-	SSL3_RECORD *rec;
-	unsigned char *seq;
-	unsigned long l;
-	int bs, i, j, k, pad = 0, ret, mac_size = 0;
-
-	if (send) {
-		aead = s->aead_write_ctx;
-		rec = &s->s3->wrec;
-		seq = s->s3->write_sequence;
-	} else {
-		aead = s->aead_read_ctx;
-		rec = &s->s3->rrec;
-		seq = s->s3->read_sequence;
-	}
-
-	if (aead) {
-		unsigned char ad[13], *in, *out, nonce[16];
-		size_t out_len, pad_len = 0;
-		unsigned int nonce_used;
-
-		if (SSL_IS_DTLS(s)) {
-			dtls1_build_sequence_number(ad, seq,
-			    send ? s->d1->w_epoch : s->d1->r_epoch);
-		} else {
-			memcpy(ad, seq, SSL3_SEQUENCE_SIZE);
-			tls1_record_sequence_increment(seq);
-		}
-
-		ad[8] = rec->type;
-		ad[9] = (unsigned char)(s->version >> 8);
-		ad[10] = (unsigned char)(s->version);
-
-		if (aead->variable_nonce_len > 8 ||
-		    aead->variable_nonce_len > sizeof(nonce))
-			return -1;
-
-		if (aead->xor_fixed_nonce) {
-			if (aead->fixed_nonce_len > sizeof(nonce) ||
-			    aead->variable_nonce_len > aead->fixed_nonce_len)
-				return -1;  /* Should never happen. */
-			pad_len = aead->fixed_nonce_len - aead->variable_nonce_len;
-		} else {
-			if (aead->fixed_nonce_len +
-			    aead->variable_nonce_len > sizeof(nonce))
-				return -1;  /* Should never happen. */
-		}
-
-		if (send) {
-			size_t len = rec->length;
-			size_t eivlen = 0;
-			in = rec->input;
-			out = rec->data;
-
-			if (aead->xor_fixed_nonce) {
-				/*
-				 * The sequence number is left zero
-				 * padded, then xored with the fixed
-				 * nonce.
-				 */
-				memset(nonce, 0, pad_len);
-				memcpy(nonce + pad_len, ad,
-				    aead->variable_nonce_len);
-				for (i = 0; i < aead->fixed_nonce_len; i++)
-					nonce[i] ^= aead->fixed_nonce[i];
-				nonce_used = aead->fixed_nonce_len;
-			} else {
-				/*
-				 * When sending we use the sequence number as
-				 * the variable part of the nonce.
-				 */
-				memcpy(nonce, aead->fixed_nonce,
-				    aead->fixed_nonce_len);
-				nonce_used = aead->fixed_nonce_len;
-				memcpy(nonce + nonce_used, ad,
-				    aead->variable_nonce_len);
-				nonce_used += aead->variable_nonce_len;
-			}
-
-			/*
-			 * In do_ssl3_write, rec->input is moved forward by
-			 * variable_nonce_len in order to leave space for the
-			 * variable nonce. Thus we can copy the sequence number
-			 * bytes into place without overwriting any of the
-			 * plaintext.
-			 */
-			if (aead->variable_nonce_in_record) {
-				memcpy(out, ad, aead->variable_nonce_len);
-				len -= aead->variable_nonce_len;
-				eivlen = aead->variable_nonce_len;
-			}
-
-			ad[11] = len >> 8;
-			ad[12] = len & 0xff;
-
-			if (!EVP_AEAD_CTX_seal(&aead->ctx,
-			    out + eivlen, &out_len, len + aead->tag_len, nonce,
-			    nonce_used, in + eivlen, len, ad, sizeof(ad)))
-				return -1;
-			if (aead->variable_nonce_in_record)
-				out_len += aead->variable_nonce_len;
-		} else {
-			/* receive */
-			size_t len = rec->length;
-
-			if (rec->data != rec->input)
-				return -1;  /* internal error - should never happen. */
-			out = in = rec->input;
-
-			if (len < aead->variable_nonce_len)
-				return 0;
-
-			if (aead->xor_fixed_nonce) {
-				/*
-				 * The sequence number is left zero
-				 * padded, then xored with the fixed
-				 * nonce.
-				 */
-				memset(nonce, 0, pad_len);
-				memcpy(nonce + pad_len, ad,
-				    aead->variable_nonce_len);
-				for (i = 0; i < aead->fixed_nonce_len; i++)
-					nonce[i] ^= aead->fixed_nonce[i];
-				nonce_used = aead->fixed_nonce_len;
-			} else {
-				memcpy(nonce, aead->fixed_nonce,
-				    aead->fixed_nonce_len);
-				nonce_used = aead->fixed_nonce_len;
-
-				memcpy(nonce + nonce_used,
-				    aead->variable_nonce_in_record ? in : ad,
-				    aead->variable_nonce_len);
-				nonce_used += aead->variable_nonce_len;
-			}
-
-			if (aead->variable_nonce_in_record) {
-				in += aead->variable_nonce_len;
-				len -= aead->variable_nonce_len;
-				out += aead->variable_nonce_len;
-			}
-
-			if (len < aead->tag_len)
-				return 0;
-			len -= aead->tag_len;
-
-			ad[11] = len >> 8;
-			ad[12] = len & 0xff;
-
-			if (!EVP_AEAD_CTX_open(&aead->ctx, out, &out_len, len,
-			    nonce, nonce_used, in, len + aead->tag_len, ad,
-			    sizeof(ad)))
-				return -1;
-
-			rec->data = rec->input = out;
-		}
-
-		rec->length = out_len;
-
-		return 1;
-	}
-
-	if (send) {
-		if (EVP_MD_CTX_md(s->write_hash)) {
-			int n = EVP_MD_CTX_size(s->write_hash);
-			OPENSSL_assert(n >= 0);
-		}
-		ds = s->enc_write_ctx;
-		if (s->enc_write_ctx == NULL)
-			enc = NULL;
-		else {
-			int ivlen = 0;
-			enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
-			if (SSL_USE_EXPLICIT_IV(s) &&
-			    EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
-				ivlen = EVP_CIPHER_iv_length(enc);
-			if (ivlen > 1) {
-				if (rec->data != rec->input) {
-#ifdef DEBUG
-					/* we can't write into the input stream:
-					 * Can this ever happen?? (steve)
-					 */
-					fprintf(stderr,
-					    "%s:%d: rec->data != rec->input\n",
-					    __FILE__, __LINE__);
-#endif
-				} else
-					arc4random_buf(rec->input, ivlen);
-			}
-		}
-	} else {
-		if (EVP_MD_CTX_md(s->read_hash)) {
-			int n = EVP_MD_CTX_size(s->read_hash);
-			OPENSSL_assert(n >= 0);
-		}
-		ds = s->enc_read_ctx;
-		if (s->enc_read_ctx == NULL)
-			enc = NULL;
-		else
-			enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
-	}
-
-	if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
-		memmove(rec->data, rec->input, rec->length);
-		rec->input = rec->data;
-		ret = 1;
-	} else {
-		l = rec->length;
-		bs = EVP_CIPHER_block_size(ds->cipher);
-
-		if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
-			unsigned char buf[13];
-
-			if (SSL_IS_DTLS(s)) {
-				dtls1_build_sequence_number(buf, seq,
-				    send ? s->d1->w_epoch : s->d1->r_epoch);
-			} else {
-				memcpy(buf, seq, SSL3_SEQUENCE_SIZE);
-				tls1_record_sequence_increment(seq);
-			}
-
-			buf[8] = rec->type;
-			buf[9] = (unsigned char)(s->version >> 8);
-			buf[10] = (unsigned char)(s->version);
-			buf[11] = rec->length >> 8;
-			buf[12] = rec->length & 0xff;
-			pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD, 13, buf);
-			if (send) {
-				l += pad;
-				rec->length += pad;
-			}
-		} else if ((bs != 1) && send) {
-			i = bs - ((int)l % bs);
-
-			/* Add weird padding of upto 256 bytes */
-
-			/* we need to add 'i' padding bytes of value j */
-			j = i - 1;
-			for (k = (int)l; k < (int)(l + i); k++)
-				rec->input[k] = j;
-			l += i;
-			rec->length += i;
-		}
-
-		if (!send) {
-			if (l == 0 || l % bs != 0)
-				return 0;
-		}
-
-		i = EVP_Cipher(ds, rec->data, rec->input, l);
-		if ((EVP_CIPHER_flags(ds->cipher) &
-		    EVP_CIPH_FLAG_CUSTOM_CIPHER) ? (i < 0) : (i == 0))
-			return -1;	/* AEAD can fail to verify MAC */
-		if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
-			rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-			rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
-			rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
-		}
-
-		ret = 1;
-		if (EVP_MD_CTX_md(s->read_hash) != NULL)
-			mac_size = EVP_MD_CTX_size(s->read_hash);
-		if ((bs != 1) && !send)
-			ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
-		if (pad && !send)
-			rec->length -= pad;
-	}
-	return ret;
-}
-
-int
-tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
-{
-	EVP_MD_CTX ctx, *d = NULL;
-	unsigned int ret;
-	int i;
-
-	if (s->s3->handshake_buffer)
-		if (!tls1_digest_cached_records(s))
-			return 0;
-
-	for (i = 0; i < SSL_MAX_DIGEST; i++) {
-		if (s->s3->handshake_dgst[i] &&
-		    EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
-			d = s->s3->handshake_dgst[i];
-			break;
-		}
-	}
-	if (d == NULL) {
-		SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
-		return 0;
-	}
-
-	EVP_MD_CTX_init(&ctx);
-	if (!EVP_MD_CTX_copy_ex(&ctx, d))
-		return 0;
-	EVP_DigestFinal_ex(&ctx, out, &ret);
-	EVP_MD_CTX_cleanup(&ctx);
-
-	return ((int)ret);
-}
-
-int
-tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char *out)
-{
-	unsigned int i;
-	EVP_MD_CTX ctx;
-	unsigned char buf[2*EVP_MAX_MD_SIZE];
-	unsigned char *q, buf2[12];
-	int idx;
-	long mask;
-	int err = 0;
-	const EVP_MD *md;
-
-	q = buf;
-
-	if (s->s3->handshake_buffer)
-		if (!tls1_digest_cached_records(s))
-			return 0;
-
-	EVP_MD_CTX_init(&ctx);
-
-	for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
-		if (ssl_get_algorithm2(s) & mask) {
-			int hashsize = EVP_MD_size(md);
-			EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
-			if (!hdgst || hashsize < 0 ||
-			    hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
-				/* internal error: 'buf' is too small for this cipersuite! */
-				err = 1;
-			} else {
-				if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
-				    !EVP_DigestFinal_ex(&ctx, q, &i) ||
-				    (i != (unsigned int)hashsize))
-					err = 1;
-				q += hashsize;
-			}
-		}
-	}
-
-	if (!tls1_PRF(ssl_get_algorithm2(s), str, slen, buf, (int)(q - buf),
-	    NULL, 0, NULL, 0, NULL, 0,
-	    s->session->master_key, s->session->master_key_length,
-	    out, buf2, sizeof buf2))
-		err = 1;
-	EVP_MD_CTX_cleanup(&ctx);
-
-	if (err)
-		return 0;
-	else
-		return sizeof buf2;
-}
-
-int
-tls1_mac(SSL *ssl, unsigned char *md, int send)
-{
-	SSL3_RECORD *rec;
-	unsigned char *seq;
-	EVP_MD_CTX *hash;
-	size_t md_size, orig_len;
-	EVP_MD_CTX hmac, *mac_ctx;
-	unsigned char header[13];
-	int stream_mac = (send ?
-	    (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM) :
-	    (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
-	int t;
-
-	if (send) {
-		rec = &(ssl->s3->wrec);
-		seq = &(ssl->s3->write_sequence[0]);
-		hash = ssl->write_hash;
-	} else {
-		rec = &(ssl->s3->rrec);
-		seq = &(ssl->s3->read_sequence[0]);
-		hash = ssl->read_hash;
-	}
-
-	t = EVP_MD_CTX_size(hash);
-	OPENSSL_assert(t >= 0);
-	md_size = t;
-
-	/* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
-	if (stream_mac) {
-		mac_ctx = hash;
-	} else {
-		if (!EVP_MD_CTX_copy(&hmac, hash))
-			return -1;
-		mac_ctx = &hmac;
-	}
-
-	if (SSL_IS_DTLS(ssl))
-		dtls1_build_sequence_number(header, seq,
-		    send ? ssl->d1->w_epoch : ssl->d1->r_epoch);
-	else
-		memcpy(header, seq, SSL3_SEQUENCE_SIZE);
-
-	/* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
-	orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
-	rec->type &= 0xff;
-
-	header[8] = rec->type;
-	header[9] = (unsigned char)(ssl->version >> 8);
-	header[10] = (unsigned char)(ssl->version);
-	header[11] = (rec->length) >> 8;
-	header[12] = (rec->length) & 0xff;
-
-	if (!send &&
-	    EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
-	    ssl3_cbc_record_digest_supported(mac_ctx)) {
-		/* This is a CBC-encrypted record. We must avoid leaking any
-		 * timing-side channel information about how many blocks of
-		 * data we are hashing because that gives an attacker a
-		 * timing-oracle. */
-		if (!ssl3_cbc_digest_record(mac_ctx,
-		    md, &md_size, header, rec->input,
-		    rec->length + md_size, orig_len,
-		    ssl->s3->read_mac_secret,
-		    ssl->s3->read_mac_secret_size,
-		    0 /* not SSLv3 */))
-			return -1;
-	} else {
-		EVP_DigestSignUpdate(mac_ctx, header, sizeof(header));
-		EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
-		t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
-		OPENSSL_assert(t > 0);
-	}
-
-	if (!stream_mac)
-		EVP_MD_CTX_cleanup(&hmac);
-
-	if (!SSL_IS_DTLS(ssl))
-		tls1_record_sequence_increment(seq);
-
-	return (md_size);
-}
-
-int
-tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
-    int len)
-{
-	unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
-
-	tls1_PRF(ssl_get_algorithm2(s),
-	    TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
-	    s->s3->client_random, SSL3_RANDOM_SIZE, NULL, 0,
-	    s->s3->server_random, SSL3_RANDOM_SIZE, NULL, 0,
-	    p, len, s->session->master_key, buff, sizeof buff);
-
-	return (SSL3_MASTER_SECRET_SIZE);
-}
-
-int
-tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-    const char *label, size_t llen, const unsigned char *context,
-    size_t contextlen, int use_context)
-{
-	unsigned char *buff;
-	unsigned char *val = NULL;
-	size_t vallen, currentvalpos;
-	int rv;
-
-	buff = malloc(olen);
-	if (buff == NULL)
-		goto err2;
-
-	/* construct PRF arguments
-	 * we construct the PRF argument ourself rather than passing separate
-	 * values into the TLS PRF to ensure that the concatenation of values
-	 * does not create a prohibited label.
-	 */
-	vallen = llen + SSL3_RANDOM_SIZE * 2;
-	if (use_context) {
-		vallen += 2 + contextlen;
-	}
-
-	val = malloc(vallen);
-	if (val == NULL)
-		goto err2;
-	currentvalpos = 0;
-	memcpy(val + currentvalpos, (unsigned char *) label, llen);
-	currentvalpos += llen;
-	memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
-	currentvalpos += SSL3_RANDOM_SIZE;
-	memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
-	currentvalpos += SSL3_RANDOM_SIZE;
-
-	if (use_context) {
-		val[currentvalpos] = (contextlen >> 8) & 0xff;
-		currentvalpos++;
-		val[currentvalpos] = contextlen & 0xff;
-		currentvalpos++;
-		if ((contextlen > 0) || (context != NULL)) {
-			memcpy(val + currentvalpos, context, contextlen);
-		}
-	}
-
-	/* disallow prohibited labels
-	 * note that SSL3_RANDOM_SIZE > max(prohibited label len) =
-	 * 15, so size of val > max(prohibited label len) = 15 and the
-	 * comparisons won't have buffer overflow
-	 */
-	if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
-	    TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
-		goto err1;
-	if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
-	    TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
-		goto err1;
-	if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
-	    TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
-		goto err1;
-	if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
-	    TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
-		goto err1;
-
-	rv = tls1_PRF(ssl_get_algorithm2(s),
-	    val, vallen, NULL, 0, NULL, 0, NULL, 0, NULL, 0,
-	    s->session->master_key, s->session->master_key_length,
-	    out, buff, olen);
-
-	goto ret;
-err1:
-	SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
-	    SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
-	rv = 0;
-	goto ret;
-err2:
-	SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
-	rv = 0;
-ret:
-	free(buff);
-	free(val);
-
-	return (rv);
-}
-
-int
-tls1_alert_code(int code)
-{
-	switch (code) {
-	case SSL_AD_CLOSE_NOTIFY:
-		return (SSL3_AD_CLOSE_NOTIFY);
-	case SSL_AD_UNEXPECTED_MESSAGE:
-		return (SSL3_AD_UNEXPECTED_MESSAGE);
-	case SSL_AD_BAD_RECORD_MAC:
-		return (SSL3_AD_BAD_RECORD_MAC);
-	case SSL_AD_DECRYPTION_FAILED:
-		return (TLS1_AD_DECRYPTION_FAILED);
-	case SSL_AD_RECORD_OVERFLOW:
-		return (TLS1_AD_RECORD_OVERFLOW);
-	case SSL_AD_DECOMPRESSION_FAILURE:
-		return (SSL3_AD_DECOMPRESSION_FAILURE);
-	case SSL_AD_HANDSHAKE_FAILURE:
-		return (SSL3_AD_HANDSHAKE_FAILURE);
-	case SSL_AD_NO_CERTIFICATE:
-		return (-1);
-	case SSL_AD_BAD_CERTIFICATE:
-		return (SSL3_AD_BAD_CERTIFICATE);
-	case SSL_AD_UNSUPPORTED_CERTIFICATE:
-		return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
-	case SSL_AD_CERTIFICATE_REVOKED:
-		return (SSL3_AD_CERTIFICATE_REVOKED);
-	case SSL_AD_CERTIFICATE_EXPIRED:
-		return (SSL3_AD_CERTIFICATE_EXPIRED);
-	case SSL_AD_CERTIFICATE_UNKNOWN:
-		return (SSL3_AD_CERTIFICATE_UNKNOWN);
-	case SSL_AD_ILLEGAL_PARAMETER:
-		return (SSL3_AD_ILLEGAL_PARAMETER);
-	case SSL_AD_UNKNOWN_CA:
-		return (TLS1_AD_UNKNOWN_CA);
-	case SSL_AD_ACCESS_DENIED:
-		return (TLS1_AD_ACCESS_DENIED);
-	case SSL_AD_DECODE_ERROR:
-		return (TLS1_AD_DECODE_ERROR);
-	case SSL_AD_DECRYPT_ERROR:
-		return (TLS1_AD_DECRYPT_ERROR);
-	case SSL_AD_EXPORT_RESTRICTION:
-		return (TLS1_AD_EXPORT_RESTRICTION);
-	case SSL_AD_PROTOCOL_VERSION:
-		return (TLS1_AD_PROTOCOL_VERSION);
-	case SSL_AD_INSUFFICIENT_SECURITY:
-		return (TLS1_AD_INSUFFICIENT_SECURITY);
-	case SSL_AD_INTERNAL_ERROR:
-		return (TLS1_AD_INTERNAL_ERROR);
-	case SSL_AD_INAPPROPRIATE_FALLBACK:
-		return(TLS1_AD_INAPPROPRIATE_FALLBACK);
-	case SSL_AD_USER_CANCELLED:
-		return (TLS1_AD_USER_CANCELLED);
-	case SSL_AD_NO_RENEGOTIATION:
-		return (TLS1_AD_NO_RENEGOTIATION);
-	case SSL_AD_UNSUPPORTED_EXTENSION:
-		return (TLS1_AD_UNSUPPORTED_EXTENSION);
-	case SSL_AD_CERTIFICATE_UNOBTAINABLE:
-		return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
-	case SSL_AD_UNRECOGNIZED_NAME:
-		return (TLS1_AD_UNRECOGNIZED_NAME);
-	case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
-		return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
-	case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
-		return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
-	case SSL_AD_UNKNOWN_PSK_IDENTITY:
-		return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
-	default:
-		return (-1);
-	}
-}
diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c
deleted file mode 100644
index 3022469ea91..00000000000
--- a/lib/libssl/src/ssl/t1_lib.c
+++ /dev/null
@@ -1,2424 +0,0 @@
-/* $OpenBSD: t1_lib.c,v 1.88 2016/08/27 15:58:06 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/evp.h>
-#include <openssl/hmac.h>
-#include <openssl/objects.h>
-#include <openssl/ocsp.h>
-
-#include "ssl_locl.h"
-#include "bytestring.h"
-
-static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
-    const unsigned char *sess_id, int sesslen,
-    SSL_SESSION **psess);
-
-SSL3_ENC_METHOD TLSv1_enc_data = {
-	.enc = tls1_enc,
-	.mac = tls1_mac,
-	.setup_key_block = tls1_setup_key_block,
-	.generate_master_secret = tls1_generate_master_secret,
-	.change_cipher_state = tls1_change_cipher_state,
-	.final_finish_mac = tls1_final_finish_mac,
-	.finish_mac_length = TLS1_FINISH_MAC_LENGTH,
-	.cert_verify_mac = tls1_cert_verify_mac,
-	.client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
-	.client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
-	.server_finished_label = TLS_MD_SERVER_FINISH_CONST,
-	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
-	.alert_value = tls1_alert_code,
-	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = 0,
-};
-
-SSL3_ENC_METHOD TLSv1_1_enc_data = {
-	.enc = tls1_enc,
-	.mac = tls1_mac,
-	.setup_key_block = tls1_setup_key_block,
-	.generate_master_secret = tls1_generate_master_secret,
-	.change_cipher_state = tls1_change_cipher_state,
-	.final_finish_mac = tls1_final_finish_mac,
-	.finish_mac_length = TLS1_FINISH_MAC_LENGTH,
-	.cert_verify_mac = tls1_cert_verify_mac,
-	.client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
-	.client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
-	.server_finished_label = TLS_MD_SERVER_FINISH_CONST,
-	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
-	.alert_value = tls1_alert_code,
-	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV,
-};
-
-SSL3_ENC_METHOD TLSv1_2_enc_data = {
-	.enc = tls1_enc,
-	.mac = tls1_mac,
-	.setup_key_block = tls1_setup_key_block,
-	.generate_master_secret = tls1_generate_master_secret,
-	.change_cipher_state = tls1_change_cipher_state,
-	.final_finish_mac = tls1_final_finish_mac,
-	.finish_mac_length = TLS1_FINISH_MAC_LENGTH,
-	.cert_verify_mac = tls1_cert_verify_mac,
-	.client_finished_label = TLS_MD_CLIENT_FINISH_CONST,
-	.client_finished_label_len = TLS_MD_CLIENT_FINISH_CONST_SIZE,
-	.server_finished_label = TLS_MD_SERVER_FINISH_CONST,
-	.server_finished_label_len = TLS_MD_SERVER_FINISH_CONST_SIZE,
-	.alert_value = tls1_alert_code,
-	.export_keying_material = tls1_export_keying_material,
-	.enc_flags = SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|
-	    SSL_ENC_FLAG_SHA256_PRF|SSL_ENC_FLAG_TLS1_2_CIPHERS,
-};
-
-long
-tls1_default_timeout(void)
-{
-	/* 2 hours, the 24 hours mentioned in the TLSv1 spec
-	 * is way too long for http, the cache would over fill */
-	return (60 * 60 * 2);
-}
-
-int
-tls1_new(SSL *s)
-{
-	if (!ssl3_new(s))
-		return (0);
-	s->method->ssl_clear(s);
-	return (1);
-}
-
-void
-tls1_free(SSL *s)
-{
-	if (s == NULL)
-		return;
-
-	free(s->tlsext_session_ticket);
-	ssl3_free(s);
-}
-
-void
-tls1_clear(SSL *s)
-{
-	ssl3_clear(s);
-	s->version = s->method->version;
-}
-
-
-static int nid_list[] = {
-	NID_sect163k1,		/* sect163k1 (1) */
-	NID_sect163r1,		/* sect163r1 (2) */
-	NID_sect163r2,		/* sect163r2 (3) */
-	NID_sect193r1,		/* sect193r1 (4) */
-	NID_sect193r2,		/* sect193r2 (5) */
-	NID_sect233k1,		/* sect233k1 (6) */
-	NID_sect233r1,		/* sect233r1 (7) */
-	NID_sect239k1,		/* sect239k1 (8) */
-	NID_sect283k1,		/* sect283k1 (9) */
-	NID_sect283r1,		/* sect283r1 (10) */
-	NID_sect409k1,		/* sect409k1 (11) */
-	NID_sect409r1,		/* sect409r1 (12) */
-	NID_sect571k1,		/* sect571k1 (13) */
-	NID_sect571r1,		/* sect571r1 (14) */
-	NID_secp160k1,		/* secp160k1 (15) */
-	NID_secp160r1,		/* secp160r1 (16) */
-	NID_secp160r2,		/* secp160r2 (17) */
-	NID_secp192k1,		/* secp192k1 (18) */
-	NID_X9_62_prime192v1,	/* secp192r1 (19) */
-	NID_secp224k1,		/* secp224k1 (20) */
-	NID_secp224r1,		/* secp224r1 (21) */
-	NID_secp256k1,		/* secp256k1 (22) */
-	NID_X9_62_prime256v1,	/* secp256r1 (23) */
-	NID_secp384r1,		/* secp384r1 (24) */
-	NID_secp521r1,		/* secp521r1 (25) */
-	NID_brainpoolP256r1,	/* brainpoolP256r1 (26) */
-	NID_brainpoolP384r1,	/* brainpoolP384r1 (27) */
-	NID_brainpoolP512r1	/* brainpoolP512r1 (28) */
-};
-
-static const uint8_t ecformats_default[] = {
-	TLSEXT_ECPOINTFORMAT_uncompressed,
-	TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
-	TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
-};
-
-static const uint16_t eccurves_default[] = {
-	14,			/* sect571r1 (14) */
-	13,			/* sect571k1 (13) */
-	25,			/* secp521r1 (25) */
-	28,			/* brainpool512r1 (28) */
-	11,			/* sect409k1 (11) */
-	12,			/* sect409r1 (12) */
-	27,			/* brainpoolP384r1 (27) */
-	24,			/* secp384r1 (24) */
-	9,			/* sect283k1 (9) */
-	10,			/* sect283r1 (10) */
-	26,			/* brainpoolP256r1 (26) */
-	22,			/* secp256k1 (22) */
-	23,			/* secp256r1 (23) */
-	8,			/* sect239k1 (8) */
-	6,			/* sect233k1 (6) */
-	7,			/* sect233r1 (7) */
-	20,			/* secp224k1 (20) */
-	21,			/* secp224r1 (21) */
-	4,			/* sect193r1 (4) */
-	5,			/* sect193r2 (5) */
-	18,			/* secp192k1 (18) */
-	19,			/* secp192r1 (19) */
-	1,			/* sect163k1 (1) */
-	2,			/* sect163r1 (2) */
-	3,			/* sect163r2 (3) */
-	15,			/* secp160k1 (15) */
-	16,			/* secp160r1 (16) */
-	17,			/* secp160r2 (17) */
-};
-
-int
-tls1_ec_curve_id2nid(uint16_t curve_id)
-{
-	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
-	if ((curve_id < 1) ||
-	    ((unsigned int)curve_id > sizeof(nid_list) / sizeof(nid_list[0])))
-		return 0;
-	return nid_list[curve_id - 1];
-}
-
-uint16_t
-tls1_ec_nid2curve_id(int nid)
-{
-	/* ECC curves from draft-ietf-tls-ecc-12.txt (Oct. 17, 2005) */
-	switch (nid) {
-	case NID_sect163k1: /* sect163k1 (1) */
-		return 1;
-	case NID_sect163r1: /* sect163r1 (2) */
-		return 2;
-	case NID_sect163r2: /* sect163r2 (3) */
-		return 3;
-	case NID_sect193r1: /* sect193r1 (4) */
-		return 4;
-	case NID_sect193r2: /* sect193r2 (5) */
-		return 5;
-	case NID_sect233k1: /* sect233k1 (6) */
-		return 6;
-	case NID_sect233r1: /* sect233r1 (7) */
-		return 7;
-	case NID_sect239k1: /* sect239k1 (8) */
-		return 8;
-	case NID_sect283k1: /* sect283k1 (9) */
-		return 9;
-	case NID_sect283r1: /* sect283r1 (10) */
-		return 10;
-	case NID_sect409k1: /* sect409k1 (11) */
-		return 11;
-	case NID_sect409r1: /* sect409r1 (12) */
-		return 12;
-	case NID_sect571k1: /* sect571k1 (13) */
-		return 13;
-	case NID_sect571r1: /* sect571r1 (14) */
-		return 14;
-	case NID_secp160k1: /* secp160k1 (15) */
-		return 15;
-	case NID_secp160r1: /* secp160r1 (16) */
-		return 16;
-	case NID_secp160r2: /* secp160r2 (17) */
-		return 17;
-	case NID_secp192k1: /* secp192k1 (18) */
-		return 18;
-	case NID_X9_62_prime192v1: /* secp192r1 (19) */
-		return 19;
-	case NID_secp224k1: /* secp224k1 (20) */
-		return 20;
-	case NID_secp224r1: /* secp224r1 (21) */
-		return 21;
-	case NID_secp256k1: /* secp256k1 (22) */
-		return 22;
-	case NID_X9_62_prime256v1: /* secp256r1 (23) */
-		return 23;
-	case NID_secp384r1: /* secp384r1 (24) */
-		return 24;
-	case NID_secp521r1: /* secp521r1 (25) */
-		return 25;
-	case NID_brainpoolP256r1: /* brainpoolP256r1 (26) */
-		return 26;
-	case NID_brainpoolP384r1: /* brainpoolP384r1 (27) */
-		return 27;
-	case NID_brainpoolP512r1: /* brainpoolP512r1 (28) */
-		return 28;
-	default:
-		return 0;
-	}
-}
-
-/*
- * Return the appropriate format list. If client_formats is non-zero, return
- * the client/session formats. Otherwise return the custom format list if one
- * exists, or the default formats if a custom list has not been specified.
- */
-static void
-tls1_get_formatlist(SSL *s, int client_formats, const uint8_t **pformats,
-    size_t *pformatslen)
-{
-	if (client_formats != 0) {
-		*pformats = s->session->tlsext_ecpointformatlist;
-		*pformatslen = s->session->tlsext_ecpointformatlist_length;
-		return;
-	}
-
-	*pformats = s->tlsext_ecpointformatlist;
-	*pformatslen = s->tlsext_ecpointformatlist_length;
-	if (*pformats == NULL) {
-		*pformats = ecformats_default;
-		*pformatslen = sizeof(ecformats_default);
-	}
-}
-
-/*
- * Return the appropriate curve list. If client_curves is non-zero, return
- * the client/session curves. Otherwise return the custom curve list if one
- * exists, or the default curves if a custom list has not been specified.
- */
-static void
-tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves,
-    size_t *pcurveslen)
-{
-	if (client_curves != 0) {
-		*pcurves = s->session->tlsext_ellipticcurvelist;
-		*pcurveslen = s->session->tlsext_ellipticcurvelist_length;
-		return;
-	}
-
-	*pcurves = s->tlsext_ellipticcurvelist;
-	*pcurveslen = s->tlsext_ellipticcurvelist_length;
-	if (*pcurves == NULL) {
-		*pcurves = eccurves_default;
-		*pcurveslen = sizeof(eccurves_default) / 2;
-	}
-}
-
-/* Check that a curve is one of our preferences. */
-int
-tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
-{
-	CBS cbs;
-	const uint16_t *curves;
-	size_t curveslen, i;
-	uint8_t type;
-	uint16_t cid;
-
-	CBS_init(&cbs, p, len);
-
-	/* Only named curves are supported. */
-	if (CBS_len(&cbs) != 3 ||
-	    !CBS_get_u8(&cbs, &type) ||
-	    type != NAMED_CURVE_TYPE ||
-	    !CBS_get_u16(&cbs, &cid))
-		return (0);
-
-	tls1_get_curvelist(s, 0, &curves, &curveslen);
-
-	for (i = 0; i < curveslen; i++) {
-		if (curves[i] == cid)
-			return (1);
-	}
-	return (0);
-}
-
-int
-tls1_get_shared_curve(SSL *s)
-{
-	size_t preflen, supplen, i, j;
-	const uint16_t *pref, *supp;
-	unsigned long server_pref;
-
-	/* Cannot do anything on the client side. */
-	if (s->server == 0)
-		return (NID_undef);
-
-	/* Return first preference shared curve. */
-	server_pref = (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE);
-	tls1_get_curvelist(s, (server_pref == 0), &pref, &preflen);
-	tls1_get_curvelist(s, (server_pref != 0), &supp, &supplen);
-
-	for (i = 0; i < preflen; i++) {
-		for (j = 0; j < supplen; j++) {
-			if (pref[i] == supp[j])
-				return (tls1_ec_curve_id2nid(pref[i]));
-		}
-	}
-	return (NID_undef);
-}
-
-/* For an EC key set TLS ID and required compression based on parameters. */
-static int
-tls1_set_ec_id(uint16_t *curve_id, uint8_t *comp_id, EC_KEY *ec)
-{
-	const EC_GROUP *grp;
-	const EC_METHOD *meth;
-	int is_prime = 0;
-	int nid, id;
-
-	if (ec == NULL)
-		return (0);
-
-	/* Determine if it is a prime field. */
-	if ((grp = EC_KEY_get0_group(ec)) == NULL)
-		return (0);
-	if ((meth = EC_GROUP_method_of(grp)) == NULL)
-		return (0);
-	if (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field)
-		is_prime = 1;
-
-	/* Determine curve ID. */
-	nid = EC_GROUP_get_curve_name(grp);
-	id = tls1_ec_nid2curve_id(nid);
-
-	/* If we have an ID set it, otherwise set arbitrary explicit curve. */
-	if (id != 0)
-		*curve_id = id;
-	else
-		*curve_id = is_prime ? 0xff01 : 0xff02;
-
-	/* Specify the compression identifier. */
-	if (comp_id != NULL) {
-		if (EC_KEY_get0_public_key(ec) == NULL)
-			return (0);
-
-		if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED) {
-			*comp_id = is_prime ?
-			    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime :
-			    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
-		} else {
-			*comp_id = TLSEXT_ECPOINTFORMAT_uncompressed;
-		}
-	}
-	return (1);
-}
-
-/* Check that an EC key is compatible with extensions. */
-static int
-tls1_check_ec_key(SSL *s, const uint16_t *curve_id, const uint8_t *comp_id)
-{
-	size_t curveslen, formatslen, i;
-	const uint16_t *curves;
-	const uint8_t *formats;
-
-	/*
-	 * Check point formats extension if present, otherwise everything
-	 * is supported (see RFC4492).
-	 */
-	tls1_get_formatlist(s, 1, &formats, &formatslen);
-	if (comp_id != NULL && formats != NULL) {
-		for (i = 0; i < formatslen; i++) {
-			if (formats[i] == *comp_id)
-				break;
-		}
-		if (i == formatslen)
-			return (0);
-	}
-
-	/*
-	 * Check curve list if present, otherwise everything is supported.
-	 */
-	tls1_get_curvelist(s, 1, &curves, &curveslen);
-	if (curve_id != NULL && curves != NULL) {
-		for (i = 0; i < curveslen; i++) {
-			if (curves[i] == *curve_id)
-				break;
-		}
-		if (i == curveslen)
-			return (0);
-	}
-
-	return (1);
-}
-
-/* Check EC server key is compatible with client extensions. */
-int
-tls1_check_ec_server_key(SSL *s)
-{
-	CERT_PKEY *cpk = s->cert->pkeys + SSL_PKEY_ECC;
-	uint16_t curve_id;
-	uint8_t comp_id;
-	EVP_PKEY *pkey;
-	int rv;
-
-	if (cpk->x509 == NULL || cpk->privatekey == NULL)
-		return (0);
-	if ((pkey = X509_get_pubkey(cpk->x509)) == NULL)
-		return (0);
-	rv = tls1_set_ec_id(&curve_id, &comp_id, pkey->pkey.ec);
-	EVP_PKEY_free(pkey);
-	if (rv != 1)
-		return (0);
-
-	return tls1_check_ec_key(s, &curve_id, &comp_id);
-}
-
-/* Check EC temporary key is compatible with client extensions. */
-int
-tls1_check_ec_tmp_key(SSL *s)
-{
-	EC_KEY *ec = s->cert->ecdh_tmp;
-	uint16_t curve_id;
-
-	if (s->cert->ecdh_tmp_auto != 0) {
-		/* Need a shared curve. */
-		if (tls1_get_shared_curve(s) != NID_undef)
-			return (1);
-		return (0);
-	}
-
-	if (ec == NULL) {
-		if (s->cert->ecdh_tmp_cb != NULL)
-			return (1);
-		return (0);
-	}
-	if (tls1_set_ec_id(&curve_id, NULL, ec) != 1)
-		return (0);
-
-	return tls1_check_ec_key(s, &curve_id, NULL);
-}
-
-/*
- * List of supported signature algorithms and hashes. Should make this
- * customisable at some point, for now include everything we support.
- */
-
-static unsigned char tls12_sigalgs[] = {
-	TLSEXT_hash_sha512, TLSEXT_signature_rsa,
-	TLSEXT_hash_sha512, TLSEXT_signature_dsa,
-	TLSEXT_hash_sha512, TLSEXT_signature_ecdsa,
-#ifndef OPENSSL_NO_GOST
-	TLSEXT_hash_streebog_512, TLSEXT_signature_gostr12_512,
-#endif
-
-	TLSEXT_hash_sha384, TLSEXT_signature_rsa,
-	TLSEXT_hash_sha384, TLSEXT_signature_dsa,
-	TLSEXT_hash_sha384, TLSEXT_signature_ecdsa,
-
-	TLSEXT_hash_sha256, TLSEXT_signature_rsa,
-	TLSEXT_hash_sha256, TLSEXT_signature_dsa,
-	TLSEXT_hash_sha256, TLSEXT_signature_ecdsa,
-
-#ifndef OPENSSL_NO_GOST
-	TLSEXT_hash_streebog_256, TLSEXT_signature_gostr12_256,
-	TLSEXT_hash_gost94, TLSEXT_signature_gostr01,
-#endif
-
-	TLSEXT_hash_sha224, TLSEXT_signature_rsa,
-	TLSEXT_hash_sha224, TLSEXT_signature_dsa,
-	TLSEXT_hash_sha224, TLSEXT_signature_ecdsa,
-
-	TLSEXT_hash_sha1, TLSEXT_signature_rsa,
-	TLSEXT_hash_sha1, TLSEXT_signature_dsa,
-	TLSEXT_hash_sha1, TLSEXT_signature_ecdsa,
-};
-
-int
-tls12_get_req_sig_algs(SSL *s, unsigned char *p)
-{
-	size_t slen = sizeof(tls12_sigalgs);
-
-	if (p)
-		memcpy(p, tls12_sigalgs, slen);
-	return (int)slen;
-}
-
-unsigned char *
-ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
-{
-	int extdatalen = 0;
-	unsigned char *ret = p;
-	int using_ecc = 0;
-
-	/* See if we support any ECC ciphersuites. */
-	if (s->version != DTLS1_VERSION && s->version >= TLS1_VERSION) {
-		STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
-		unsigned long alg_k, alg_a;
-		int i;
-
-		for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
-			SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
-
-			alg_k = c->algorithm_mkey;
-			alg_a = c->algorithm_auth;
-
-			if ((alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe) ||
-			    (alg_a & SSL_aECDSA))) {
-				using_ecc = 1;
-				break;
-			}
-		}
-	}
-
-	ret += 2;
-
-	if (ret >= limit)
-		return NULL; /* this really never occurs, but ... */
-
-	if (s->tlsext_hostname != NULL) {
-		/* Add TLS extension servername to the Client Hello message */
-		size_t size_str, lenmax;
-
-		/* check for enough space.
-		   4 for the servername type and extension length
-		   2 for servernamelist length
-		   1 for the hostname type
-		   2 for hostname length
-		   + hostname length
-		*/
-
-		if ((size_t)(limit - ret) < 9)
-			return NULL;
-
-		lenmax = limit - ret - 9;
-		if ((size_str = strlen(s->tlsext_hostname)) > lenmax)
-			return NULL;
-
-		/* extension type and length */
-		s2n(TLSEXT_TYPE_server_name, ret);
-
-		s2n(size_str + 5, ret);
-
-		/* length of servername list */
-		s2n(size_str + 3, ret);
-
-		/* hostname type, length and hostname */
-		*(ret++) = (unsigned char) TLSEXT_NAMETYPE_host_name;
-		s2n(size_str, ret);
-		memcpy(ret, s->tlsext_hostname, size_str);
-		ret += size_str;
-	}
-
-	/* Add RI if renegotiating */
-	if (s->renegotiate) {
-		int el;
-
-		if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		if ((size_t)(limit - ret) < 4 + el)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_renegotiate, ret);
-		s2n(el, ret);
-
-		if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		ret += el;
-	}
-
-	if (using_ecc) {
-		size_t curveslen, formatslen, lenmax;
-		const uint16_t *curves;
-		const uint8_t *formats;
-		int i;
-
-		/*
-		 * Add TLS extension ECPointFormats to the ClientHello message.
-		 */
-		tls1_get_formatlist(s, 0, &formats, &formatslen);
-
-		if ((size_t)(limit - ret) < 5)
-			return NULL;
-
-		lenmax = limit - ret - 5;
-		if (formatslen > lenmax)
-			return NULL;
-		if (formatslen > 255) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		s2n(TLSEXT_TYPE_ec_point_formats, ret);
-		s2n(formatslen + 1, ret);
-		*(ret++) = (unsigned char)formatslen;
-		memcpy(ret, formats, formatslen);
-		ret += formatslen;
-
-		/*
-		 * Add TLS extension EllipticCurves to the ClientHello message.
-		 */
-		tls1_get_curvelist(s, 0, &curves, &curveslen);
-
-		if ((size_t)(limit - ret) < 6)
-			return NULL;
-
-		lenmax = limit - ret - 6;
-		if (curveslen > lenmax)
-			return NULL;
-		if (curveslen > 65532) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		s2n(TLSEXT_TYPE_elliptic_curves, ret);
-		s2n((curveslen * 2) + 2, ret);
-
-		/* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for
-		 * elliptic_curve_list, but the examples use two bytes.
-		 * https://www1.ietf.org/mail-archive/web/tls/current/msg00538.html
-		 * resolves this to two bytes.
-		 */
-		s2n(curveslen * 2, ret);
-		for (i = 0; i < curveslen; i++)
-			s2n(curves[i], ret);
-	}
-
-	if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
-		int ticklen;
-		if (!s->new_session && s->session && s->session->tlsext_tick)
-			ticklen = s->session->tlsext_ticklen;
-		else if (s->session && s->tlsext_session_ticket &&
-		    s->tlsext_session_ticket->data) {
-			ticklen = s->tlsext_session_ticket->length;
-			s->session->tlsext_tick = malloc(ticklen);
-			if (!s->session->tlsext_tick)
-				return NULL;
-			memcpy(s->session->tlsext_tick,
-			    s->tlsext_session_ticket->data, ticklen);
-			s->session->tlsext_ticklen = ticklen;
-		} else
-			ticklen = 0;
-		if (ticklen == 0 && s->tlsext_session_ticket &&
-		    s->tlsext_session_ticket->data == NULL)
-			goto skip_ext;
-		/* Check for enough room 2 for extension type, 2 for len
- 		 * rest for ticket
-  		 */
-		if ((size_t)(limit - ret) < 4 + ticklen)
-			return NULL;
-		s2n(TLSEXT_TYPE_session_ticket, ret);
-
-		s2n(ticklen, ret);
-		if (ticklen) {
-			memcpy(ret, s->session->tlsext_tick, ticklen);
-			ret += ticklen;
-		}
-	}
-skip_ext:
-
-	if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
-		if ((size_t)(limit - ret) < sizeof(tls12_sigalgs) + 6)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_signature_algorithms, ret);
-		s2n(sizeof(tls12_sigalgs) + 2, ret);
-		s2n(sizeof(tls12_sigalgs), ret);
-		memcpy(ret, tls12_sigalgs, sizeof(tls12_sigalgs));
-		ret += sizeof(tls12_sigalgs);
-	}
-
-	if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp &&
-	    s->version != DTLS1_VERSION) {
-		int i;
-		long extlen, idlen, itmp;
-		OCSP_RESPID *id;
-
-		idlen = 0;
-		for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
-			id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
-			itmp = i2d_OCSP_RESPID(id, NULL);
-			if (itmp <= 0)
-				return NULL;
-			idlen += itmp + 2;
-		}
-
-		if (s->tlsext_ocsp_exts) {
-			extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
-			if (extlen < 0)
-				return NULL;
-		} else
-			extlen = 0;
-
-		if ((size_t)(limit - ret) < 7 + extlen + idlen)
-			return NULL;
-		s2n(TLSEXT_TYPE_status_request, ret);
-		if (extlen + idlen > 0xFFF0)
-			return NULL;
-		s2n(extlen + idlen + 5, ret);
-		*(ret++) = TLSEXT_STATUSTYPE_ocsp;
-		s2n(idlen, ret);
-		for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
-			/* save position of id len */
-			unsigned char *q = ret;
-			id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
-			/* skip over id len */
-			ret += 2;
-			itmp = i2d_OCSP_RESPID(id, &ret);
-			/* write id len */
-			s2n(itmp, q);
-		}
-		s2n(extlen, ret);
-		if (extlen > 0)
-			i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
-	}
-
-	if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
-		/* The client advertises an emtpy extension to indicate its
-		 * support for Next Protocol Negotiation */
-		if ((size_t)(limit - ret) < 4)
-			return NULL;
-		s2n(TLSEXT_TYPE_next_proto_neg, ret);
-		s2n(0, ret);
-	}
-
-	if (s->alpn_client_proto_list != NULL &&
-	    s->s3->tmp.finish_md_len == 0) {
-		if ((size_t)(limit - ret) < 6 + s->alpn_client_proto_list_len)
-			return (NULL);
-		s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
-		s2n(2 + s->alpn_client_proto_list_len, ret);
-		s2n(s->alpn_client_proto_list_len, ret);
-		memcpy(ret, s->alpn_client_proto_list,
-		    s->alpn_client_proto_list_len);
-		ret += s->alpn_client_proto_list_len;
-	}
-
-#ifndef OPENSSL_NO_SRTP
-	if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
-		int el;
-
-		ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
-
-		if ((size_t)(limit - ret) < 4 + el)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_use_srtp, ret);
-		s2n(el, ret);
-
-		if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-		ret += el;
-	}
-#endif
-
-	/*
-	 * Add padding to workaround bugs in F5 terminators.
-	 * See https://tools.ietf.org/html/draft-agl-tls-padding-03
-	 *
-	 * Note that this seems to trigger issues with IronPort SMTP
-	 * appliances.
-	 *
-	 * NB: because this code works out the length of all existing
-	 * extensions it MUST always appear last.
-	 */
-	if (s->options & SSL_OP_TLSEXT_PADDING) {
-		int hlen = ret - (unsigned char *)s->init_buf->data;
-
-		/*
-		 * The code in s23_clnt.c to build ClientHello messages
-		 * includes the 5-byte record header in the buffer, while the
-		 * code in s3_clnt.c does not.
-		 */
-		if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
-			hlen -= 5;
-		if (hlen > 0xff && hlen < 0x200) {
-			hlen = 0x200 - hlen;
-			if (hlen >= 4)
-				hlen -= 4;
-			else
-				hlen = 0;
-
-			s2n(TLSEXT_TYPE_padding, ret);
-			s2n(hlen, ret);
-			memset(ret, 0, hlen);
-			ret += hlen;
-		}
-	}
-
-	if ((extdatalen = ret - p - 2) == 0)
-		return p;
-
-	s2n(extdatalen, p);
-	return ret;
-}
-
-unsigned char *
-ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
-{
-	int using_ecc, extdatalen = 0;
-	unsigned long alg_a, alg_k;
-	unsigned char *ret = p;
-	int next_proto_neg_seen;
-
-	alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	using_ecc = (alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe) ||
-	    alg_a & SSL_aECDSA) &&
-	    s->session->tlsext_ecpointformatlist != NULL;
-
-	ret += 2;
-	if (ret >= limit)
-		return NULL; /* this really never occurs, but ... */
-
-	if (!s->hit && s->servername_done == 1 &&
-	    s->session->tlsext_hostname != NULL) {
-		if ((size_t)(limit - ret) < 4)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_server_name, ret);
-		s2n(0, ret);
-	}
-
-	if (s->s3->send_connection_binding) {
-		int el;
-
-		if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		if ((size_t)(limit - ret) < 4 + el)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_renegotiate, ret);
-		s2n(el, ret);
-
-		if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		ret += el;
-	}
-
-	if (using_ecc && s->version != DTLS1_VERSION) {
-		const unsigned char *formats;
-		size_t formatslen, lenmax;
-
-		/*
-		 * Add TLS extension ECPointFormats to the ServerHello message.
-		 */
-		tls1_get_formatlist(s, 0, &formats, &formatslen);
-
-		if ((size_t)(limit - ret) < 5)
-			return NULL;
-
-		lenmax = limit - ret - 5;
-		if (formatslen > lenmax)
-			return NULL;
-		if (formatslen > 255) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-
-		s2n(TLSEXT_TYPE_ec_point_formats, ret);
-		s2n(formatslen + 1, ret);
-		*(ret++) = (unsigned char)formatslen;
-		memcpy(ret, formats, formatslen);
-		ret += formatslen;
-	}
-
-	/*
-	 * Currently the server should not respond with a SupportedCurves
-	 * extension.
-	 */
-
-	if (s->tlsext_ticket_expected &&
-	    !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
-		if ((size_t)(limit - ret) < 4)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_session_ticket, ret);
-		s2n(0, ret);
-	}
-
-	if (s->tlsext_status_expected) {
-		if ((size_t)(limit - ret) < 4)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_status_request, ret);
-		s2n(0, ret);
-	}
-
-#ifndef OPENSSL_NO_SRTP
-	if (SSL_IS_DTLS(s) && s->srtp_profile) {
-		int el;
-
-		ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
-
-		if ((size_t)(limit - ret) < 4 + el)
-			return NULL;
-
-		s2n(TLSEXT_TYPE_use_srtp, ret);
-		s2n(el, ret);
-
-		if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT,
-			    ERR_R_INTERNAL_ERROR);
-			return NULL;
-		}
-		ret += el;
-	}
-#endif
-
-	if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80 ||
-	    (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81) &&
-	    (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
-		static const unsigned char cryptopro_ext[36] = {
-			0xfd, 0xe8, /*65000*/
-			0x00, 0x20, /*32 bytes length*/
-			0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
-			0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
-			0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
-			0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
-		};
-		if ((size_t)(limit - ret) < sizeof(cryptopro_ext))
-			return NULL;
-		memcpy(ret, cryptopro_ext, sizeof(cryptopro_ext));
-		ret += sizeof(cryptopro_ext);
-	}
-
-	next_proto_neg_seen = s->s3->next_proto_neg_seen;
-	s->s3->next_proto_neg_seen = 0;
-	if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
-		const unsigned char *npa;
-		unsigned int npalen;
-		int r;
-
-		r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
-		    s->ctx->next_protos_advertised_cb_arg);
-		if (r == SSL_TLSEXT_ERR_OK) {
-			if ((size_t)(limit - ret) < 4 + npalen)
-				return NULL;
-			s2n(TLSEXT_TYPE_next_proto_neg, ret);
-			s2n(npalen, ret);
-			memcpy(ret, npa, npalen);
-			ret += npalen;
-			s->s3->next_proto_neg_seen = 1;
-		}
-	}
-
-	if (s->s3->alpn_selected != NULL) {
-		const unsigned char *selected = s->s3->alpn_selected;
-		unsigned int len = s->s3->alpn_selected_len;
-
-		if ((long)(limit - ret - 4 - 2 - 1 - len) < 0)
-			return (NULL);
-		s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
-		s2n(3 + len, ret);
-		s2n(1 + len, ret);
-		*ret++ = len;
-		memcpy(ret, selected, len);
-		ret += len;
-	}
-
-	if ((extdatalen = ret - p - 2) == 0)
-		return p;
-
-	s2n(extdatalen, p);
-	return ret;
-}
-
-/*
- * tls1_alpn_handle_client_hello is called to process the ALPN extension in a
- * ClientHello.
- *   data: the contents of the extension, not including the type and length.
- *   data_len: the number of bytes in data.
- *   al: a pointer to the alert value to send in the event of a non-zero
- *       return.
- *   returns: 1 on success.
- */
-static int
-tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
-    unsigned int data_len, int *al)
-{
-	CBS cbs, proto_name_list, alpn;
-	const unsigned char *selected;
-	unsigned char selected_len;
-	int r;
-
-	if (s->ctx->alpn_select_cb == NULL)
-		return (1);
-
-	if (data_len < 2)
-		goto parse_error;
-
-	CBS_init(&cbs, data, data_len);
-
-	/*
-	 * data should contain a uint16 length followed by a series of 8-bit,
-	 * length-prefixed strings.
-	 */
-	if (!CBS_get_u16_length_prefixed(&cbs, &alpn) ||
-	    CBS_len(&alpn) < 2 ||
-	    CBS_len(&cbs) != 0)
-		goto parse_error;
-
-	/* Validate data before sending to callback. */
-	CBS_dup(&alpn, &proto_name_list);
-	while (CBS_len(&proto_name_list) > 0) {
-		CBS proto_name;
-
-		if (!CBS_get_u8_length_prefixed(&proto_name_list, &proto_name) ||
-		    CBS_len(&proto_name) == 0)
-			goto parse_error;
-	}
-
-	r = s->ctx->alpn_select_cb(s, &selected, &selected_len,
-	    CBS_data(&alpn), CBS_len(&alpn), s->ctx->alpn_select_cb_arg);
-	if (r == SSL_TLSEXT_ERR_OK) {
-		free(s->s3->alpn_selected);
-		if ((s->s3->alpn_selected = malloc(selected_len)) == NULL) {
-			*al = SSL_AD_INTERNAL_ERROR;
-			return (-1);
-		}
-		memcpy(s->s3->alpn_selected, selected, selected_len);
-		s->s3->alpn_selected_len = selected_len;
-	}
-
-	return (1);
-
-parse_error:
-	*al = SSL_AD_DECODE_ERROR;
-	return (0);
-}
-
-int
-ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
-    int n, int *al)
-{
-	unsigned short type;
-	unsigned short size;
-	unsigned short len;
-	unsigned char *data = *p;
-	unsigned char *end = d + n;
-	int renegotiate_seen = 0;
-	int sigalg_seen = 0;
-
-	s->servername_done = 0;
-	s->tlsext_status_type = -1;
-	s->s3->next_proto_neg_seen = 0;
-	free(s->s3->alpn_selected);
-	s->s3->alpn_selected = NULL;
-	s->srtp_profile = NULL;
-
-	if (data == end)
-		goto ri_check;
-
-	if (end - data < 2)
-		goto err;
-	n2s(data, len);
-
-	if (end - data != len)
-		goto err;
-
-	while (end - data >= 4) {
-		n2s(data, type);
-		n2s(data, size);
-
-		if (end - data < size)
-			goto err;
-
-		if (s->tlsext_debug_cb)
-			s->tlsext_debug_cb(s, 0, type, data, size,
-			    s->tlsext_debug_arg);
-/* The servername extension is treated as follows:
-
-   - Only the hostname type is supported with a maximum length of 255.
-   - The servername is rejected if too long or if it contains zeros,
-     in which case an fatal alert is generated.
-   - The servername field is maintained together with the session cache.
-   - When a session is resumed, the servername call back invoked in order
-     to allow the application to position itself to the right context.
-   - The servername is acknowledged if it is new for a session or when
-     it is identical to a previously used for the same session.
-     Applications can control the behaviour.  They can at any time
-     set a 'desirable' servername for a new SSL object. This can be the
-     case for example with HTTPS when a Host: header field is received and
-     a renegotiation is requested. In this case, a possible servername
-     presented in the new client hello is only acknowledged if it matches
-     the value of the Host: field.
-   - Applications must  use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
-     if they provide for changing an explicit servername context for the session,
-     i.e. when the session has been established with a servername extension.
-   - On session reconnect, the servername extension may be absent.
-
-*/
-
-		if (type == TLSEXT_TYPE_server_name) {
-			unsigned char *sdata;
-			int servname_type;
-			int dsize;
-
-			if (size < 2) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-			n2s(data, dsize);
-
-			size -= 2;
-			if (dsize > size) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-
-			sdata = data;
-			while (dsize > 3) {
-				servname_type = *(sdata++);
-
-				n2s(sdata, len);
-				dsize -= 3;
-
-				if (len > dsize) {
-					*al = SSL_AD_DECODE_ERROR;
-					return 0;
-				}
-				if (s->servername_done == 0)
-					switch (servname_type) {
-					case TLSEXT_NAMETYPE_host_name:
-						if (!s->hit) {
-							if (s->session->tlsext_hostname) {
-								*al = SSL_AD_DECODE_ERROR;
-								return 0;
-							}
-							if (len > TLSEXT_MAXLEN_host_name) {
-								*al = TLS1_AD_UNRECOGNIZED_NAME;
-								return 0;
-							}
-							if ((s->session->tlsext_hostname =
-							    malloc(len + 1)) == NULL) {
-								*al = TLS1_AD_INTERNAL_ERROR;
-								return 0;
-							}
-							memcpy(s->session->tlsext_hostname, sdata, len);
-							s->session->tlsext_hostname[len] = '\0';
-							if (strlen(s->session->tlsext_hostname) != len) {
-								free(s->session->tlsext_hostname);
-								s->session->tlsext_hostname = NULL;
-								*al = TLS1_AD_UNRECOGNIZED_NAME;
-								return 0;
-							}
-							s->servername_done = 1;
-
-
-						} else {
-							s->servername_done = s->session->tlsext_hostname &&
-							    strlen(s->session->tlsext_hostname) == len &&
-							    strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0;
-						}
-						break;
-
-					default:
-						break;
-					}
-
-				dsize -= len;
-			}
-			if (dsize != 0) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-
-		}
-
-		else if (type == TLSEXT_TYPE_ec_point_formats &&
-		    s->version != DTLS1_VERSION) {
-			unsigned char *sdata = data;
-			size_t formatslen;
-			uint8_t *formats;
-
-			if (size < 1) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-			formatslen = *(sdata++);
-			if (formatslen != size - 1) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-
-			if (!s->hit) {
-				free(s->session->tlsext_ecpointformatlist);
-				s->session->tlsext_ecpointformatlist = NULL;
-				s->session->tlsext_ecpointformatlist_length = 0;
-
-				if ((formats = reallocarray(NULL, formatslen,
-				    sizeof(uint8_t))) == NULL) {
-					*al = TLS1_AD_INTERNAL_ERROR;
-					return 0;
-				}
-				memcpy(formats, sdata, formatslen);
-				s->session->tlsext_ecpointformatlist = formats;
-				s->session->tlsext_ecpointformatlist_length =
-				    formatslen;
-			}
-		} else if (type == TLSEXT_TYPE_elliptic_curves &&
-		    s->version != DTLS1_VERSION) {
-			unsigned char *sdata = data;
-			size_t curveslen, i;
-			uint16_t *curves;
-
-			if (size < 2) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-			n2s(sdata, curveslen);
-			if (curveslen != size - 2 || curveslen % 2 != 0) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-			curveslen /= 2;
-
-			if (!s->hit) {
-				if (s->session->tlsext_ellipticcurvelist) {
-					*al = TLS1_AD_DECODE_ERROR;
-					return 0;
-				}
-				s->session->tlsext_ellipticcurvelist_length = 0;
-				if ((curves = reallocarray(NULL, curveslen,
-				    sizeof(uint16_t))) == NULL) {
-					*al = TLS1_AD_INTERNAL_ERROR;
-					return 0;
-				}
-				for (i = 0; i < curveslen; i++)
-					n2s(sdata, curves[i]);
-				s->session->tlsext_ellipticcurvelist = curves;
-				s->session->tlsext_ellipticcurvelist_length = curveslen;
-			}
-		}
-		else if (type == TLSEXT_TYPE_session_ticket) {
-			if (s->tls_session_ticket_ext_cb &&
-			    !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) {
-				*al = TLS1_AD_INTERNAL_ERROR;
-				return 0;
-			}
-		} else if (type == TLSEXT_TYPE_renegotiate) {
-			if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
-				return 0;
-			renegotiate_seen = 1;
-		} else if (type == TLSEXT_TYPE_signature_algorithms) {
-			int dsize;
-			if (sigalg_seen || size < 2) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-			sigalg_seen = 1;
-			n2s(data, dsize);
-			size -= 2;
-			if (dsize != size || dsize & 1) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-			if (!tls1_process_sigalgs(s, data, dsize)) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-		} else if (type == TLSEXT_TYPE_status_request &&
-		    s->version != DTLS1_VERSION) {
-
-			if (size < 5) {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-
-			s->tlsext_status_type = *data++;
-			size--;
-			if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
-				const unsigned char *sdata;
-				int dsize;
-				/* Read in responder_id_list */
-				n2s(data, dsize);
-				size -= 2;
-				if (dsize > size  ) {
-					*al = SSL_AD_DECODE_ERROR;
-					return 0;
-				}
-				while (dsize > 0) {
-					OCSP_RESPID *id;
-					int idsize;
-					if (dsize < 4) {
-						*al = SSL_AD_DECODE_ERROR;
-						return 0;
-					}
-					n2s(data, idsize);
-					dsize -= 2 + idsize;
-					size -= 2 + idsize;
-					if (dsize < 0) {
-						*al = SSL_AD_DECODE_ERROR;
-						return 0;
-					}
-					sdata = data;
-					data += idsize;
-					id = d2i_OCSP_RESPID(NULL,
-					    &sdata, idsize);
-					if (!id) {
-						*al = SSL_AD_DECODE_ERROR;
-						return 0;
-					}
-					if (data != sdata) {
-						OCSP_RESPID_free(id);
-						*al = SSL_AD_DECODE_ERROR;
-						return 0;
-					}
-					if (!s->tlsext_ocsp_ids &&
-					    !(s->tlsext_ocsp_ids =
-					    sk_OCSP_RESPID_new_null())) {
-						OCSP_RESPID_free(id);
-						*al = SSL_AD_INTERNAL_ERROR;
-						return 0;
-					}
-					if (!sk_OCSP_RESPID_push(
-					    s->tlsext_ocsp_ids, id)) {
-						OCSP_RESPID_free(id);
-						*al = SSL_AD_INTERNAL_ERROR;
-						return 0;
-					}
-				}
-
-				/* Read in request_extensions */
-				if (size < 2) {
-					*al = SSL_AD_DECODE_ERROR;
-					return 0;
-				}
-				n2s(data, dsize);
-				size -= 2;
-				if (dsize != size) {
-					*al = SSL_AD_DECODE_ERROR;
-					return 0;
-				}
-				sdata = data;
-				if (dsize > 0) {
-					if (s->tlsext_ocsp_exts) {
-						sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
-						    X509_EXTENSION_free);
-					}
-
-					s->tlsext_ocsp_exts =
-					    d2i_X509_EXTENSIONS(NULL,
-					    &sdata, dsize);
-					if (!s->tlsext_ocsp_exts ||
-						    (data + dsize != sdata)) {
-						*al = SSL_AD_DECODE_ERROR;
-						return 0;
-					}
-				}
-			} else {
-				/* We don't know what to do with any other type
- 			 	* so ignore it.
- 			 	*/
-				s->tlsext_status_type = -1;
-			}
-		}
-		else if (type == TLSEXT_TYPE_next_proto_neg &&
-		    s->s3->tmp.finish_md_len == 0 &&
-		    s->s3->alpn_selected == NULL) {
-			/* We shouldn't accept this extension on a
-			 * renegotiation.
-			 *
-			 * s->new_session will be set on renegotiation, but we
-			 * probably shouldn't rely that it couldn't be set on
-			 * the initial renegotation too in certain cases (when
-			 * there's some other reason to disallow resuming an
-			 * earlier session -- the current code won't be doing
-			 * anything like that, but this might change).
-
-			 * A valid sign that there's been a previous handshake
-			 * in this connection is if s->s3->tmp.finish_md_len >
-			 * 0.  (We are talking about a check that will happen
-			 * in the Hello protocol round, well before a new
-			 * Finished message could have been computed.) */
-			s->s3->next_proto_neg_seen = 1;
-		}
-		else if (type ==
-		    TLSEXT_TYPE_application_layer_protocol_negotiation &&
-		    s->ctx->alpn_select_cb != NULL &&
-		    s->s3->tmp.finish_md_len == 0) {
-			if (tls1_alpn_handle_client_hello(s, data,
-			    size, al) != 1)
-				return (0);
-			/* ALPN takes precedence over NPN. */
-			s->s3->next_proto_neg_seen = 0;
-		}
-
-		/* session ticket processed earlier */
-#ifndef OPENSSL_NO_SRTP
-		else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
-			if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
-				return 0;
-		}
-#endif
-
-		data += size;
-	}
-
-	/* Spurious data on the end */
-	if (data != end)
-		goto err;
-
-	*p = data;
-
-ri_check:
-
-	/* Need RI if renegotiating */
-
-	if (!renegotiate_seen && s->renegotiate) {
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT,
-		    SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-		return 0;
-	}
-
-	return 1;
-
-err:
-	*al = SSL_AD_DECODE_ERROR;
-	return 0;
-}
-
-/*
- * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
- * elements of zero length are allowed and the set of elements must exactly fill
- * the length of the block.
- */
-static char
-ssl_next_proto_validate(const unsigned char *d, unsigned int len)
-{
-	CBS npn, value;
-
-	CBS_init(&npn, d, len);
-	while (CBS_len(&npn) > 0) {
-		if (!CBS_get_u8_length_prefixed(&npn, &value) ||
-		    CBS_len(&value) == 0)
-			return 0;
-	}
-	return 1;
-}
-
-int
-ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
-    int n, int *al)
-{
-	unsigned short type;
-	unsigned short size;
-	unsigned short len;
-	unsigned char *data = *p;
-	unsigned char *end = d + n;
-	int tlsext_servername = 0;
-	int renegotiate_seen = 0;
-
-	s->s3->next_proto_neg_seen = 0;
-	free(s->s3->alpn_selected);
-	s->s3->alpn_selected = NULL;
-
-	if (data == end)
-		goto ri_check;
-
-	if (end - data < 2)
-		goto err;
-	n2s(data, len);
-
-	if (end - data != len)
-		goto err;
-
-	while (end - data >= 4) {
-		n2s(data, type);
-		n2s(data, size);
-
-		if (end - data < size)
-			goto err;
-
-		if (s->tlsext_debug_cb)
-			s->tlsext_debug_cb(s, 1, type, data, size,
-			    s->tlsext_debug_arg);
-
-		if (type == TLSEXT_TYPE_server_name) {
-			if (s->tlsext_hostname == NULL || size > 0) {
-				*al = TLS1_AD_UNRECOGNIZED_NAME;
-				return 0;
-			}
-			tlsext_servername = 1;
-
-		}
-		else if (type == TLSEXT_TYPE_ec_point_formats &&
-		    s->version != DTLS1_VERSION) {
-			unsigned char *sdata = data;
-			size_t formatslen;
-			uint8_t *formats;
-
-			if (size < 1) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-			formatslen = *(sdata++);
-			if (formatslen != size - 1) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-
-			if (!s->hit) {
-				free(s->session->tlsext_ecpointformatlist);
-				s->session->tlsext_ecpointformatlist = NULL;
-				s->session->tlsext_ecpointformatlist_length = 0;
-
-				if ((formats = reallocarray(NULL, formatslen,
-				    sizeof(uint8_t))) == NULL) {
-					*al = TLS1_AD_INTERNAL_ERROR;
-					return 0;
-				}
-				memcpy(formats, sdata, formatslen);
-				s->session->tlsext_ecpointformatlist = formats;
-				s->session->tlsext_ecpointformatlist_length =
-				    formatslen;
-			}
-		}
-		else if (type == TLSEXT_TYPE_session_ticket) {
-			if (s->tls_session_ticket_ext_cb &&
-			    !s->tls_session_ticket_ext_cb(s, data, size, s->tls_session_ticket_ext_cb_arg)) {
-				*al = TLS1_AD_INTERNAL_ERROR;
-				return 0;
-			}
-			if ((SSL_get_options(s) & SSL_OP_NO_TICKET) || (size > 0)) {
-				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
-				return 0;
-			}
-			s->tlsext_ticket_expected = 1;
-		}
-		else if (type == TLSEXT_TYPE_status_request &&
-		    s->version != DTLS1_VERSION) {
-			/* MUST be empty and only sent if we've requested
-			 * a status request message.
-			 */
-			if ((s->tlsext_status_type == -1) || (size > 0)) {
-				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
-				return 0;
-			}
-			/* Set flag to expect CertificateStatus message */
-			s->tlsext_status_expected = 1;
-		}
-		else if (type == TLSEXT_TYPE_next_proto_neg &&
-		    s->s3->tmp.finish_md_len == 0) {
-			unsigned char *selected;
-			unsigned char selected_len;
-
-			/* We must have requested it. */
-			if (s->ctx->next_proto_select_cb == NULL) {
-				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
-				return 0;
-			}
-			/* The data must be valid */
-			if (!ssl_next_proto_validate(data, size)) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return 0;
-			}
-			if (s->ctx->next_proto_select_cb(s, &selected, &selected_len, data, size, s->ctx->next_proto_select_cb_arg) != SSL_TLSEXT_ERR_OK) {
-				*al = TLS1_AD_INTERNAL_ERROR;
-				return 0;
-			}
-			s->next_proto_negotiated = malloc(selected_len);
-			if (!s->next_proto_negotiated) {
-				*al = TLS1_AD_INTERNAL_ERROR;
-				return 0;
-			}
-			memcpy(s->next_proto_negotiated, selected, selected_len);
-			s->next_proto_negotiated_len = selected_len;
-			s->s3->next_proto_neg_seen = 1;
-		}
-		else if (type ==
-		    TLSEXT_TYPE_application_layer_protocol_negotiation) {
-			unsigned int len;
-
-			/* We must have requested it. */
-			if (s->alpn_client_proto_list == NULL) {
-				*al = TLS1_AD_UNSUPPORTED_EXTENSION;
-				return 0;
-			}
-			if (size < 4) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return (0);
-			}
-
-			/* The extension data consists of:
-			 *   uint16 list_length
-			 *   uint8 proto_length;
-			 *   uint8 proto[proto_length]; */
-			len = ((unsigned int)data[0]) << 8 |
-			    ((unsigned int)data[1]);
-			if (len != (unsigned int)size - 2) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return (0);
-			}
-			len = data[2];
-			if (len != (unsigned int)size - 3) {
-				*al = TLS1_AD_DECODE_ERROR;
-				return (0);
-			}
-			free(s->s3->alpn_selected);
-			s->s3->alpn_selected = malloc(len);
-			if (s->s3->alpn_selected == NULL) {
-				*al = TLS1_AD_INTERNAL_ERROR;
-				return (0);
-			}
-			memcpy(s->s3->alpn_selected, data + 3, len);
-			s->s3->alpn_selected_len = len;
-
-		} else if (type == TLSEXT_TYPE_renegotiate) {
-			if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
-				return 0;
-			renegotiate_seen = 1;
-		}
-#ifndef OPENSSL_NO_SRTP
-		else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
-			if (ssl_parse_serverhello_use_srtp_ext(s, data,
-			    size, al))
-				return 0;
-		}
-#endif
-
-		data += size;
-
-	}
-
-	if (data != d + n) {
-		*al = SSL_AD_DECODE_ERROR;
-		return 0;
-	}
-
-	if (!s->hit && tlsext_servername == 1) {
-		if (s->tlsext_hostname) {
-			if (s->session->tlsext_hostname == NULL) {
-				s->session->tlsext_hostname =
-				    strdup(s->tlsext_hostname);
-
-				if (!s->session->tlsext_hostname) {
-					*al = SSL_AD_UNRECOGNIZED_NAME;
-					return 0;
-				}
-			} else {
-				*al = SSL_AD_DECODE_ERROR;
-				return 0;
-			}
-		}
-	}
-
-	*p = data;
-
-ri_check:
-
-	/* Determine if we need to see RI. Strictly speaking if we want to
-	 * avoid an attack we should *always* see RI even on initial server
-	 * hello because the client doesn't see any renegotiation during an
-	 * attack. However this would mean we could not connect to any server
-	 * which doesn't support RI so for the immediate future tolerate RI
-	 * absence on initial connect only.
-	 */
-	if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)) {
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT,
-		    SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-		return 0;
-	}
-
-	return 1;
-
-err:
-	*al = SSL_AD_DECODE_ERROR;
-	return 0;
-}
-
-int
-ssl_check_clienthello_tlsext_early(SSL *s)
-{
-	int ret = SSL_TLSEXT_ERR_NOACK;
-	int al = SSL_AD_UNRECOGNIZED_NAME;
-
-	/* The handling of the ECPointFormats extension is done elsewhere, namely in
-	 * ssl3_choose_cipher in s3_lib.c.
-	 */
-	/* The handling of the EllipticCurves extension is done elsewhere, namely in
-	 * ssl3_choose_cipher in s3_lib.c.
-	 */
-
-	if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
-		ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
-	else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
-		ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-
-	switch (ret) {
-	case SSL_TLSEXT_ERR_ALERT_FATAL:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-		return -1;
-	case SSL_TLSEXT_ERR_ALERT_WARNING:
-		ssl3_send_alert(s, SSL3_AL_WARNING, al);
-		return 1;
-	case SSL_TLSEXT_ERR_NOACK:
-		s->servername_done = 0;
-	default:
-		return 1;
-	}
-}
-
-int
-ssl_check_clienthello_tlsext_late(SSL *s)
-{
-	int ret = SSL_TLSEXT_ERR_OK;
-	int al = 0;	/* XXX gcc3 */
-
-	/* If status request then ask callback what to do.
- 	 * Note: this must be called after servername callbacks in case
- 	 * the certificate has changed, and must be called after the cipher
-	 * has been chosen because this may influence which certificate is sent
- 	 */
-	if ((s->tlsext_status_type != -1) &&
-	    s->ctx && s->ctx->tlsext_status_cb) {
-		int r;
-		CERT_PKEY *certpkey;
-		certpkey = ssl_get_server_send_pkey(s);
-		/* If no certificate can't return certificate status */
-		if (certpkey == NULL) {
-			s->tlsext_status_expected = 0;
-			return 1;
-		}
-		/* Set current certificate to one we will use so
-		 * SSL_get_certificate et al can pick it up.
-		 */
-		s->cert->key = certpkey;
-		r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-		switch (r) {
-			/* We don't want to send a status request response */
-		case SSL_TLSEXT_ERR_NOACK:
-			s->tlsext_status_expected = 0;
-			break;
-			/* status request response should be sent */
-		case SSL_TLSEXT_ERR_OK:
-			if (s->tlsext_ocsp_resp)
-				s->tlsext_status_expected = 1;
-			else
-				s->tlsext_status_expected = 0;
-			break;
-			/* something bad happened */
-		case SSL_TLSEXT_ERR_ALERT_FATAL:
-			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-			al = SSL_AD_INTERNAL_ERROR;
-			goto err;
-		}
-	} else
-		s->tlsext_status_expected = 0;
-
-err:
-	switch (ret) {
-	case SSL_TLSEXT_ERR_ALERT_FATAL:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-		return -1;
-	case SSL_TLSEXT_ERR_ALERT_WARNING:
-		ssl3_send_alert(s, SSL3_AL_WARNING, al);
-		return 1;
-	default:
-		return 1;
-	}
-}
-
-int
-ssl_check_serverhello_tlsext(SSL *s)
-{
-	int ret = SSL_TLSEXT_ERR_NOACK;
-	int al = SSL_AD_UNRECOGNIZED_NAME;
-
-	/* If we are client and using an elliptic curve cryptography cipher
-	 * suite, then if server returns an EC point formats lists extension
-	 * it must contain uncompressed.
-	 */
-	unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
-	unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
-	if ((s->tlsext_ecpointformatlist != NULL) &&
-	    (s->tlsext_ecpointformatlist_length > 0) &&
-	    (s->session->tlsext_ecpointformatlist != NULL) &&
-	    (s->session->tlsext_ecpointformatlist_length > 0) &&
-	    ((alg_k & (SSL_kECDHE|SSL_kECDHr|SSL_kECDHe)) || (alg_a & SSL_aECDSA))) {
-		/* we are using an ECC cipher */
-		size_t i;
-		unsigned char *list;
-		int found_uncompressed = 0;
-		list = s->session->tlsext_ecpointformatlist;
-		for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
-			if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
-				found_uncompressed = 1;
-				break;
-			}
-		}
-		if (!found_uncompressed) {
-			SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
-			return -1;
-		}
-	}
-	ret = SSL_TLSEXT_ERR_OK;
-
-	if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
-		ret = s->ctx->tlsext_servername_callback(s, &al, s->ctx->tlsext_servername_arg);
-	else if (s->initial_ctx != NULL && s->initial_ctx->tlsext_servername_callback != 0)
-		ret = s->initial_ctx->tlsext_servername_callback(s, &al, s->initial_ctx->tlsext_servername_arg);
-
-	/* If we've requested certificate status and we wont get one
- 	 * tell the callback
- 	 */
-	if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) &&
-	    s->ctx && s->ctx->tlsext_status_cb) {
-		int r;
-		/* Set resp to NULL, resplen to -1 so callback knows
- 		 * there is no response.
- 		 */
-		free(s->tlsext_ocsp_resp);
-		s->tlsext_ocsp_resp = NULL;
-		s->tlsext_ocsp_resplen = -1;
-		r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
-		if (r == 0) {
-			al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
-			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-		}
-		if (r < 0) {
-			al = SSL_AD_INTERNAL_ERROR;
-			ret = SSL_TLSEXT_ERR_ALERT_FATAL;
-		}
-	}
-
-	switch (ret) {
-	case SSL_TLSEXT_ERR_ALERT_FATAL:
-		ssl3_send_alert(s, SSL3_AL_FATAL, al);
-
-		return -1;
-	case SSL_TLSEXT_ERR_ALERT_WARNING:
-		ssl3_send_alert(s, SSL3_AL_WARNING, al);
-
-		return 1;
-	case SSL_TLSEXT_ERR_NOACK:
-		s->servername_done = 0;
-	default:
-		return 1;
-	}
-}
-
-/* Since the server cache lookup is done early on in the processing of the
- * ClientHello, and other operations depend on the result, we need to handle
- * any TLS session ticket extension at the same time.
- *
- *   session_id: points at the session ID in the ClientHello. This code will
- *       read past the end of this in order to parse out the session ticket
- *       extension, if any.
- *   len: the length of the session ID.
- *   limit: a pointer to the first byte after the ClientHello.
- *   ret: (output) on return, if a ticket was decrypted, then this is set to
- *       point to the resulting session.
- *
- * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
- * ciphersuite, in which case we have no use for session tickets and one will
- * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
- *
- * Returns:
- *   -1: fatal error, either from parsing or decrypting the ticket.
- *    0: no ticket was found (or was ignored, based on settings).
- *    1: a zero length extension was found, indicating that the client supports
- *       session tickets but doesn't currently have one to offer.
- *    2: either s->tls_session_secret_cb was set, or a ticket was offered but
- *       couldn't be decrypted because of a non-fatal error.
- *    3: a ticket was successfully decrypted and *ret was set.
- *
- * Side effects:
- *   Sets s->tlsext_ticket_expected to 1 if the server will have to issue
- *   a new session ticket to the client because the client indicated support
- *   (and s->tls_session_secret_cb is NULL) but the client either doesn't have
- *   a session ticket or we couldn't use the one it gave us, or if
- *   s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
- *   Otherwise, s->tlsext_ticket_expected is set to 0.
- */
-int
-tls1_process_ticket(SSL *s, const unsigned char *session, int session_len,
-    const unsigned char *limit, SSL_SESSION **ret)
-{
-	/* Point after session ID in client hello */
-	CBS session_id, cookie, cipher_list, compress_algo, extensions;
-
-	*ret = NULL;
-	s->tlsext_ticket_expected = 0;
-
-	/* If tickets disabled behave as if no ticket present
-	 * to permit stateful resumption.
-	 */
-	if (SSL_get_options(s) & SSL_OP_NO_TICKET)
-		return 0;
-	if (!limit)
-		return 0;
-
-	if (limit < session)
-		return -1;
-
-	CBS_init(&session_id, session, limit - session);
-
-	/* Skip past the session id */
-	if (!CBS_skip(&session_id, session_len))
-		return -1;
-
-	/* Skip past DTLS cookie */
-	if (SSL_IS_DTLS(s)) {
-		if (!CBS_get_u8_length_prefixed(&session_id, &cookie))
-			return -1;
-	}
-
-	/* Skip past cipher list */
-	if (!CBS_get_u16_length_prefixed(&session_id, &cipher_list))
-		return -1;
-
-	/* Skip past compression algorithm list */
-	if (!CBS_get_u8_length_prefixed(&session_id, &compress_algo))
-		return -1;
-
-	/* Now at start of extensions */
-	if (CBS_len(&session_id) == 0)
-		return 0;
-	if (!CBS_get_u16_length_prefixed(&session_id, &extensions))
-		return -1;
-
-	while (CBS_len(&extensions) > 0) {
-		CBS ext_data;
-		uint16_t ext_type;
-
-		if (!CBS_get_u16(&extensions, &ext_type) ||
-		    !CBS_get_u16_length_prefixed(&extensions, &ext_data))
-			return -1;
-
-		if (ext_type == TLSEXT_TYPE_session_ticket) {
-			int r;
-			if (CBS_len(&ext_data) == 0) {
-				/* The client will accept a ticket but doesn't
-				 * currently have one. */
-				s->tlsext_ticket_expected = 1;
-				return 1;
-			}
-			if (s->tls_session_secret_cb) {
-				/* Indicate that the ticket couldn't be
-				 * decrypted rather than generating the session
-				 * from ticket now, trigger abbreviated
-				 * handshake based on external mechanism to
-				 * calculate the master secret later. */
-				return 2;
-			}
-
-			r = tls_decrypt_ticket(s, CBS_data(&ext_data),
-			    CBS_len(&ext_data), session, session_len, ret);
-
-			switch (r) {
-			case 2: /* ticket couldn't be decrypted */
-				s->tlsext_ticket_expected = 1;
-				return 2;
-			case 3: /* ticket was decrypted */
-				return r;
-			case 4: /* ticket decrypted but need to renew */
-				s->tlsext_ticket_expected = 1;
-				return 3;
-			default: /* fatal error */
-				return -1;
-			}
-		}
-	}
-	return 0;
-}
-
-/* tls_decrypt_ticket attempts to decrypt a session ticket.
- *
- *   etick: points to the body of the session ticket extension.
- *   eticklen: the length of the session tickets extenion.
- *   sess_id: points at the session ID.
- *   sesslen: the length of the session ID.
- *   psess: (output) on return, if a ticket was decrypted, then this is set to
- *       point to the resulting session.
- *
- * Returns:
- *   -1: fatal error, either from parsing or decrypting the ticket.
- *    2: the ticket couldn't be decrypted.
- *    3: a ticket was successfully decrypted and *psess was set.
- *    4: same as 3, but the ticket needs to be renewed.
- */
-static int
-tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
-    const unsigned char *sess_id, int sesslen, SSL_SESSION **psess)
-{
-	SSL_SESSION *sess;
-	unsigned char *sdec;
-	const unsigned char *p;
-	int slen, mlen, renew_ticket = 0;
-	unsigned char tick_hmac[EVP_MAX_MD_SIZE];
-	HMAC_CTX hctx;
-	EVP_CIPHER_CTX ctx;
-	SSL_CTX *tctx = s->initial_ctx;
-	/* Need at least keyname + iv + some encrypted data */
-	if (eticklen < 48)
-		return 2;
-	/* Initialize session ticket encryption and HMAC contexts */
-	HMAC_CTX_init(&hctx);
-	EVP_CIPHER_CTX_init(&ctx);
-	if (tctx->tlsext_ticket_key_cb) {
-		unsigned char *nctick = (unsigned char *)etick;
-		int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
-		    &ctx, &hctx, 0);
-		if (rv < 0) {
-			EVP_CIPHER_CTX_cleanup(&ctx);
-			return -1;
-		}
-		if (rv == 0) {
-			EVP_CIPHER_CTX_cleanup(&ctx);
-			return 2;
-		}
-		if (rv == 2)
-			renew_ticket = 1;
-	} else {
-		/* Check key name matches */
-		if (timingsafe_memcmp(etick, tctx->tlsext_tick_key_name, 16))
-			return 2;
-		HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
-		    tlsext_tick_md(), NULL);
-		EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
-		    tctx->tlsext_tick_aes_key, etick + 16);
-	}
-	/* Attempt to process session ticket, first conduct sanity and
-	 * integrity checks on ticket.
-	 */
-	mlen = HMAC_size(&hctx);
-	if (mlen < 0) {
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		return -1;
-	}
-	eticklen -= mlen;
-	/* Check HMAC of encrypted ticket */
-	HMAC_Update(&hctx, etick, eticklen);
-	HMAC_Final(&hctx, tick_hmac, NULL);
-	HMAC_CTX_cleanup(&hctx);
-	if (timingsafe_memcmp(tick_hmac, etick + eticklen, mlen)) {
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		return 2;
-	}
-	/* Attempt to decrypt session data */
-	/* Move p after IV to start of encrypted ticket, update length */
-	p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
-	eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
-	sdec = malloc(eticklen);
-	if (!sdec) {
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		return -1;
-	}
-	EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
-	if (EVP_DecryptFinal_ex(&ctx, sdec + slen, &mlen) <= 0) {
-		free(sdec);
-		EVP_CIPHER_CTX_cleanup(&ctx);
-		return 2;
-	}
-	slen += mlen;
-	EVP_CIPHER_CTX_cleanup(&ctx);
-	p = sdec;
-
-	sess = d2i_SSL_SESSION(NULL, &p, slen);
-	free(sdec);
-	if (sess) {
-		/* The session ID, if non-empty, is used by some clients to
-		 * detect that the ticket has been accepted. So we copy it to
-		 * the session structure. If it is empty set length to zero
-		 * as required by standard.
-		 */
-		if (sesslen)
-			memcpy(sess->session_id, sess_id, sesslen);
-		sess->session_id_length = sesslen;
-		*psess = sess;
-		if (renew_ticket)
-			return 4;
-		else
-			return 3;
-	}
-	ERR_clear_error();
-	/* For session parse failure, indicate that we need to send a new
-	 * ticket. */
-	return 2;
-}
-
-/* Tables to translate from NIDs to TLS v1.2 ids */
-
-typedef struct {
-	int nid;
-	int id;
-} tls12_lookup;
-
-static tls12_lookup tls12_md[] = {
-	{NID_md5, TLSEXT_hash_md5},
-	{NID_sha1, TLSEXT_hash_sha1},
-	{NID_sha224, TLSEXT_hash_sha224},
-	{NID_sha256, TLSEXT_hash_sha256},
-	{NID_sha384, TLSEXT_hash_sha384},
-	{NID_sha512, TLSEXT_hash_sha512},
-	{NID_id_GostR3411_94, TLSEXT_hash_gost94},
-	{NID_id_tc26_gost3411_2012_256, TLSEXT_hash_streebog_256},
-	{NID_id_tc26_gost3411_2012_512, TLSEXT_hash_streebog_512}
-};
-
-static tls12_lookup tls12_sig[] = {
-	{EVP_PKEY_RSA, TLSEXT_signature_rsa},
-	{EVP_PKEY_DSA, TLSEXT_signature_dsa},
-	{EVP_PKEY_EC, TLSEXT_signature_ecdsa},
-	{EVP_PKEY_GOSTR01, TLSEXT_signature_gostr01},
-};
-
-static int
-tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
-{
-	size_t i;
-	for (i = 0; i < tlen; i++) {
-		if (table[i].nid == nid)
-			return table[i].id;
-	}
-	return -1;
-}
-
-int
-tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk, const EVP_MD *md)
-{
-	int sig_id, md_id;
-	if (!md)
-		return 0;
-	md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
-	    sizeof(tls12_md) / sizeof(tls12_lookup));
-	if (md_id == -1)
-		return 0;
-	sig_id = tls12_get_sigid(pk);
-	if (sig_id == -1)
-		return 0;
-	p[0] = (unsigned char)md_id;
-	p[1] = (unsigned char)sig_id;
-	return 1;
-}
-
-int
-tls12_get_sigid(const EVP_PKEY *pk)
-{
-	return tls12_find_id(pk->type, tls12_sig,
-	    sizeof(tls12_sig) / sizeof(tls12_lookup));
-}
-
-const EVP_MD *
-tls12_get_hash(unsigned char hash_alg)
-{
-	switch (hash_alg) {
-	case TLSEXT_hash_sha1:
-		return EVP_sha1();
-	case TLSEXT_hash_sha224:
-		return EVP_sha224();
-	case TLSEXT_hash_sha256:
-		return EVP_sha256();
-	case TLSEXT_hash_sha384:
-		return EVP_sha384();
-	case TLSEXT_hash_sha512:
-		return EVP_sha512();
-#ifndef OPENSSL_NO_GOST
-	case TLSEXT_hash_gost94:
-		return EVP_gostr341194();
-	case TLSEXT_hash_streebog_256:
-		return EVP_streebog256();
-	case TLSEXT_hash_streebog_512:
-		return EVP_streebog512();
-#endif
-	default:
-		return NULL;
-	}
-}
-
-/* Set preferred digest for each key type */
-
-int
-tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize)
-{
-	int idx;
-	const EVP_MD *md;
-	CERT *c = s->cert;
-	CBS cbs;
-
-	/* Extension ignored for inappropriate versions */
-	if (!SSL_USE_SIGALGS(s))
-		return 1;
-
-	/* Should never happen */
-	if (!c || dsize < 0)
-		return 0;
-
-	CBS_init(&cbs, data, dsize);
-
-	c->pkeys[SSL_PKEY_DSA_SIGN].digest = NULL;
-	c->pkeys[SSL_PKEY_RSA_SIGN].digest = NULL;
-	c->pkeys[SSL_PKEY_RSA_ENC].digest = NULL;
-	c->pkeys[SSL_PKEY_ECC].digest = NULL;
-	c->pkeys[SSL_PKEY_GOST01].digest = NULL;
-
-	while (CBS_len(&cbs) > 0) {
-		uint8_t hash_alg, sig_alg;
-
-		if (!CBS_get_u8(&cbs, &hash_alg) ||
-		    !CBS_get_u8(&cbs, &sig_alg)) {
-			/* Should never happen */
-			return 0;
-		}
-
-		switch (sig_alg) {
-		case TLSEXT_signature_rsa:
-			idx = SSL_PKEY_RSA_SIGN;
-			break;
-		case TLSEXT_signature_dsa:
-			idx = SSL_PKEY_DSA_SIGN;
-			break;
-		case TLSEXT_signature_ecdsa:
-			idx = SSL_PKEY_ECC;
-			break;
-		case TLSEXT_signature_gostr01:
-		case TLSEXT_signature_gostr12_256:
-		case TLSEXT_signature_gostr12_512:
-			idx = SSL_PKEY_GOST01;
-			break;
-		default:
-			continue;
-		}
-
-		if (c->pkeys[idx].digest == NULL) {
-			md = tls12_get_hash(hash_alg);
-			if (md) {
-				c->pkeys[idx].digest = md;
-				if (idx == SSL_PKEY_RSA_SIGN)
-					c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
-			}
-		}
-
-	}
-
-	/* Set any remaining keys to default values. NOTE: if alg is not
-	 * supported it stays as NULL.
-	 */
-	if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
-		c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
-	if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
-		c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
-		c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
-	}
-	if (!c->pkeys[SSL_PKEY_ECC].digest)
-		c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
-#ifndef OPENSSL_NO_GOST
-	if (!c->pkeys[SSL_PKEY_GOST01].digest)
-		c->pkeys[SSL_PKEY_GOST01].digest = EVP_gostr341194();
-#endif
-	return 1;
-}
diff --git a/lib/libssl/src/ssl/t1_meth.c b/lib/libssl/src/ssl/t1_meth.c
deleted file mode 100644
index aea4c04547f..00000000000
--- a/lib/libssl/src/ssl/t1_meth.c
+++ /dev/null
@@ -1,235 +0,0 @@
-/* $OpenBSD: t1_meth.c,v 1.17 2015/09/11 14:52:17 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-
-static const SSL_METHOD *tls1_get_method(int ver);
-
-const SSL_METHOD TLS_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl23_accept,
-	.ssl_connect = ssl23_connect,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_method_data = {
-	.version = TLS1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_1_method_data = {
-	.version = TLS1_1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_2_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl3_connect,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_2_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-static const SSL_METHOD *
-tls1_get_method(int ver)
-{
-	if (ver == TLS1_2_VERSION)
-		return (TLSv1_2_method());
-	if (ver == TLS1_1_VERSION)
-		return (TLSv1_1_method());
-	if (ver == TLS1_VERSION)
-		return (TLSv1_method());
-	return (NULL);
-}
-
-const SSL_METHOD *
-SSLv23_method(void)
-{
-	return (TLS_method());
-}
-
-const SSL_METHOD *
-TLS_method(void)
-{
-	return &TLS_method_data;
-}
-
-const SSL_METHOD *
-TLSv1_method(void)
-{
-	return (&TLSv1_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_1_method(void)
-{
-	return (&TLSv1_1_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_2_method(void)
-{
-	return (&TLSv1_2_method_data);
-}
diff --git a/lib/libssl/src/ssl/t1_reneg.c b/lib/libssl/src/ssl/t1_reneg.c
deleted file mode 100644
index 294a632b8f3..00000000000
--- a/lib/libssl/src/ssl/t1_reneg.c
+++ /dev/null
@@ -1,286 +0,0 @@
-/* $OpenBSD: t1_reneg.c,v 1.11 2015/06/20 16:42:48 doug Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2009 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/objects.h>
-
-#include "ssl_locl.h"
-#include "bytestring.h"
-
-/* Add the client's renegotiation binding */
-int
-ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-    int maxlen)
-{
-	if (p) {
-		if ((s->s3->previous_client_finished_len + 1) > maxlen) {
-			SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT,
-			    SSL_R_RENEGOTIATE_EXT_TOO_LONG);
-			return 0;
-		}
-
-		/* Length byte */
-		*p = s->s3->previous_client_finished_len;
-		p++;
-
-		memcpy(p, s->s3->previous_client_finished,
-		    s->s3->previous_client_finished_len);
-
-	}
-
-	*len = s->s3->previous_client_finished_len + 1;
-
-	return 1;
-}
-
-/* Parse the client's renegotiation binding and abort if it's not
-   right */
-int
-ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d, int len,
-    int *al)
-{
-	CBS cbs, reneg;
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_ENCODING_ERR);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 0;
-	}
-
-	CBS_init(&cbs, d, len);
-	if (!CBS_get_u8_length_prefixed(&cbs, &reneg) ||
-	    /* Consistency check */
-	    CBS_len(&cbs) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_ENCODING_ERR);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 0;
-	}
-
-	/* Check that the extension matches */
-	if (CBS_len(&reneg) != s->s3->previous_client_finished_len) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_MISMATCH);
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		return 0;
-	}
-
-	if (!CBS_mem_equal(&reneg, s->s3->previous_client_finished,
-	    s->s3->previous_client_finished_len)) {
-		SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_MISMATCH);
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		return 0;
-	}
-
-	s->s3->send_connection_binding = 1;
-
-	return 1;
-}
-
-/* Add the server's renegotiation binding */
-int
-ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
-    int maxlen)
-{
-	if (p) {
-		if ((s->s3->previous_client_finished_len +
-		    s->s3->previous_server_finished_len + 1) > maxlen) {
-			SSLerr(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT,
-			    SSL_R_RENEGOTIATE_EXT_TOO_LONG);
-			return 0;
-		}
-
-		/* Length byte */
-		*p = s->s3->previous_client_finished_len +
-		    s->s3->previous_server_finished_len;
-		p++;
-
-		memcpy(p, s->s3->previous_client_finished,
-		    s->s3->previous_client_finished_len);
-		p += s->s3->previous_client_finished_len;
-
-		memcpy(p, s->s3->previous_server_finished,
-		    s->s3->previous_server_finished_len);
-
-	}
-
-	*len = s->s3->previous_client_finished_len +
-	    s->s3->previous_server_finished_len + 1;
-
-	return 1;
-}
-
-/* Parse the server's renegotiation binding and abort if it's not
-   right */
-int
-ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, int *al)
-{
-	CBS cbs, reneg, previous_client, previous_server;
-	int expected_len = s->s3->previous_client_finished_len +
-	    s->s3->previous_server_finished_len;
-
-	/* Check for logic errors */
-	OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
-	OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
-
-	if (len < 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_ENCODING_ERR);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 0;
-	}
-
-	CBS_init(&cbs, d, len);
-
-	if (!CBS_get_u8_length_prefixed(&cbs, &reneg) ||
-	    /* Consistency check */
-	    CBS_len(&cbs) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_ENCODING_ERR);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 0;
-	}
-
-	/* Check that the extension matches */
-	if (CBS_len(&reneg) != expected_len ||
-	    !CBS_get_bytes(&reneg, &previous_client,
-	    s->s3->previous_client_finished_len) ||
-	    !CBS_get_bytes(&reneg, &previous_server,
-	    s->s3->previous_server_finished_len) ||
-	    CBS_len(&reneg) != 0) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_MISMATCH);
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		return 0;
-	}
-
-	if (!CBS_mem_equal(&previous_client, s->s3->previous_client_finished,
-	    CBS_len(&previous_client))) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_MISMATCH);
-		*al = SSL_AD_HANDSHAKE_FAILURE;
-		return 0;
-	}
-	if (!CBS_mem_equal(&previous_server, s->s3->previous_server_finished,
-	    CBS_len(&previous_server))) {
-		SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
-		    SSL_R_RENEGOTIATION_MISMATCH);
-		*al = SSL_AD_ILLEGAL_PARAMETER;
-		return 0;
-	}
-
-	s->s3->send_connection_binding = 1;
-
-	return 1;
-}
diff --git a/lib/libssl/src/ssl/t1_srvr.c b/lib/libssl/src/ssl/t1_srvr.c
deleted file mode 100644
index 902cd93cd7c..00000000000
--- a/lib/libssl/src/ssl/t1_srvr.c
+++ /dev/null
@@ -1,238 +0,0 @@
-/* $OpenBSD: t1_srvr.c,v 1.19 2015/09/11 14:47:56 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-
-#include "ssl_locl.h"
-
-#include <openssl/buffer.h>
-#include <openssl/evp.h>
-#include <openssl/objects.h>
-#include <openssl/x509.h>
-
-static const SSL_METHOD *tls1_get_server_method(int ver);
-
-const SSL_METHOD TLS_server_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl23_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl23_read,
-	.ssl_peek = ssl23_peek,
-	.ssl_write = ssl23_write,
-	.ssl_shutdown = ssl_undefined_function,
-	.ssl_renegotiate = ssl_undefined_function,
-	.ssl_renegotiate_check = ssl_ok,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl_undefined_const_function,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_server_method,
-	.get_timeout = ssl23_default_timeout,
-	.ssl3_enc = &ssl3_undef_enc_method,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_server_method_data = {
-	.version = TLS1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_server_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_1_server_method_data = {
-	.version = TLS1_1_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_server_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_1_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-const SSL_METHOD TLSv1_2_server_method_data = {
-	.version = TLS1_2_VERSION,
-	.ssl_new = tls1_new,
-	.ssl_clear = tls1_clear,
-	.ssl_free = tls1_free,
-	.ssl_accept = ssl3_accept,
-	.ssl_connect = ssl_undefined_function,
-	.ssl_read = ssl3_read,
-	.ssl_peek = ssl3_peek,
-	.ssl_write = ssl3_write,
-	.ssl_shutdown = ssl3_shutdown,
-	.ssl_renegotiate = ssl3_renegotiate,
-	.ssl_renegotiate_check = ssl3_renegotiate_check,
-	.ssl_get_message = ssl3_get_message,
-	.ssl_read_bytes = ssl3_read_bytes,
-	.ssl_write_bytes = ssl3_write_bytes,
-	.ssl_dispatch_alert = ssl3_dispatch_alert,
-	.ssl_ctrl = ssl3_ctrl,
-	.ssl_ctx_ctrl = ssl3_ctx_ctrl,
-	.get_cipher_by_char = ssl3_get_cipher_by_char,
-	.put_cipher_by_char = ssl3_put_cipher_by_char,
-	.ssl_pending = ssl3_pending,
-	.num_ciphers = ssl3_num_ciphers,
-	.get_cipher = ssl3_get_cipher,
-	.get_ssl_method = tls1_get_server_method,
-	.get_timeout = tls1_default_timeout,
-	.ssl3_enc = &TLSv1_2_enc_data,
-	.ssl_version = ssl_undefined_void_function,
-	.ssl_callback_ctrl = ssl3_callback_ctrl,
-	.ssl_ctx_callback_ctrl = ssl3_ctx_callback_ctrl,
-};
-
-static const SSL_METHOD *
-tls1_get_server_method(int ver)
-{
-	if (ver == TLS1_2_VERSION)
-		return (TLSv1_2_server_method());
-	if (ver == TLS1_1_VERSION)
-		return (TLSv1_1_server_method());
-	if (ver == TLS1_VERSION)
-		return (TLSv1_server_method());
-	return (NULL);
-}
-
-const SSL_METHOD *
-SSLv23_server_method(void)
-{
-	return (TLS_server_method());
-}
-
-const SSL_METHOD *
-TLS_server_method(void)
-{
-	return (&TLS_server_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_server_method(void)
-{
-	return (&TLSv1_server_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_1_server_method(void)
-{
-	return (&TLSv1_1_server_method_data);
-}
-
-const SSL_METHOD *
-TLSv1_2_server_method(void)
-{
-	return (&TLSv1_2_server_method_data);
-}
diff --git a/lib/libssl/src/ssl/tls1.h b/lib/libssl/src/ssl/tls1.h
deleted file mode 100644
index e1231178661..00000000000
--- a/lib/libssl/src/ssl/tls1.h
+++ /dev/null
@@ -1,758 +0,0 @@
-/* $OpenBSD: tls1.h,v 1.28 2016/04/28 16:39:45 jsing Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@openssl.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * Portions of the attached software ("Contribution") are developed by
- * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
- *
- * The Contribution is licensed pursuant to the OpenSSL open source
- * license provided above.
- *
- * ECC cipher suite support in OpenSSL originally written by
- * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright 2005 Nokia. All rights reserved.
- *
- * The portions of the attached software ("Contribution") is developed by
- * Nokia Corporation and is licensed pursuant to the OpenSSL open source
- * license.
- *
- * The Contribution, originally written by Mika Kousa and Pasi Eronen of
- * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
- * support (see RFC 4279) to OpenSSL.
- *
- * No patent licenses or other rights except those expressly stated in
- * the OpenSSL open source license shall be deemed granted or received
- * expressly, by implication, estoppel, or otherwise.
- *
- * No assurances are provided by Nokia that the Contribution does not
- * infringe the patent or other intellectual property rights of any third
- * party or that the license provides you with all the necessary rights
- * to make use of the Contribution.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
- * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
- * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
- * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
- * OTHERWISE.
- */
-
-#ifndef HEADER_TLS1_H
-#define HEADER_TLS1_H
-
-#include <openssl/buffer.h>
-
-#ifdef  __cplusplus
-extern "C" {
-#endif
-
-#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES	0
-
-#define TLS1_2_VERSION			0x0303
-#define TLS1_2_VERSION_MAJOR		0x03
-#define TLS1_2_VERSION_MINOR		0x03
-
-#define TLS1_1_VERSION			0x0302
-#define TLS1_1_VERSION_MAJOR		0x03
-#define TLS1_1_VERSION_MINOR		0x02
-
-#define TLS1_VERSION			0x0301
-#define TLS1_VERSION_MAJOR		0x03
-#define TLS1_VERSION_MINOR		0x01
-
-#define TLS1_get_version(s) \
-		((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
-
-#define TLS1_get_client_version(s) \
-		((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
-
-/*
- * TLS Alert codes.
- *
- * https://www.iana.org/assignments/tls-parameters/#tls-parameters-6
- */
-
-#define TLS1_AD_DECRYPTION_FAILED		21
-#define TLS1_AD_RECORD_OVERFLOW			22
-#define TLS1_AD_UNKNOWN_CA			48	/* fatal */
-#define TLS1_AD_ACCESS_DENIED			49	/* fatal */
-#define TLS1_AD_DECODE_ERROR			50	/* fatal */
-#define TLS1_AD_DECRYPT_ERROR			51
-#define TLS1_AD_EXPORT_RESTRICTION		60	/* fatal */
-#define TLS1_AD_PROTOCOL_VERSION		70	/* fatal */
-#define TLS1_AD_INSUFFICIENT_SECURITY		71	/* fatal */
-#define TLS1_AD_INTERNAL_ERROR			80	/* fatal */
-/* Code 86 from RFC 7507. */
-#define TLS1_AD_INAPPROPRIATE_FALLBACK		86	/* fatal */
-#define TLS1_AD_USER_CANCELLED			90
-#define TLS1_AD_NO_RENEGOTIATION		100
-/* Codes 110-114 from RFC 3546. */
-#define TLS1_AD_UNSUPPORTED_EXTENSION		110
-#define TLS1_AD_CERTIFICATE_UNOBTAINABLE	111
-#define TLS1_AD_UNRECOGNIZED_NAME	 	112
-#define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE	113
-#define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE	114
-/* Code 115 from RFC 4279. */
-#define TLS1_AD_UNKNOWN_PSK_IDENTITY		115	/* fatal */
-
-/*
- * TLS ExtensionType values.
- *
- * https://www.iana.org/assignments/tls-extensiontype-values/
- */
-
-/* ExtensionType values from RFC 3546, RFC 4366 and RFC 6066. */
-#define TLSEXT_TYPE_server_name			0
-#define TLSEXT_TYPE_max_fragment_length		1
-#define TLSEXT_TYPE_client_certificate_url	2
-#define TLSEXT_TYPE_trusted_ca_keys		3
-#define TLSEXT_TYPE_truncated_hmac		4
-#define TLSEXT_TYPE_status_request		5
-
-/* ExtensionType values from RFC 4681. */
-#define TLSEXT_TYPE_user_mapping		6
-
-/* ExtensionType values from RFC 5878. */
-#define TLSEXT_TYPE_client_authz		7
-#define TLSEXT_TYPE_server_authz		8
-
-/* ExtensionType values from RFC 6091. */
-#define TLSEXT_TYPE_cert_type		9
-
-/* ExtensionType values from RFC 4492. */
-#define TLSEXT_TYPE_elliptic_curves		10
-#define TLSEXT_TYPE_ec_point_formats		11
-
-/* ExtensionType value from RFC 5054. */
-#define TLSEXT_TYPE_srp				12
-
-/* ExtensionType values from RFC 5246. */
-#define TLSEXT_TYPE_signature_algorithms	13
-
-/* ExtensionType value from RFC 5764. */
-#define TLSEXT_TYPE_use_srtp	14
-
-/* ExtensionType value from RFC 5620. */
-#define TLSEXT_TYPE_heartbeat	15
-
-/* ExtensionType value from RFC 7301. */
-#define TLSEXT_TYPE_application_layer_protocol_negotiation 16
-
-/* ExtensionType value for TLS padding extension.
- * (TEMPORARY - registered 2014-03-12, expires 2015-03-12)
- * https://tools.ietf.org/html/draft-agl-tls-padding-03
- */
-#define TLSEXT_TYPE_padding	21
-
-/* ExtensionType value from RFC 4507. */
-#define TLSEXT_TYPE_session_ticket		35
-
-/* Temporary extension type */
-#define TLSEXT_TYPE_renegotiate                 0xff01
-
-/* This is not an IANA defined extension number */
-#define TLSEXT_TYPE_next_proto_neg		13172
-
-/* NameType value from RFC 3546. */
-#define TLSEXT_NAMETYPE_host_name 0
-/* status request value from RFC 3546 */
-#define TLSEXT_STATUSTYPE_ocsp 1
-
-/* ECPointFormat values from RFC 4492. */
-#define TLSEXT_ECPOINTFORMAT_first			0
-#define TLSEXT_ECPOINTFORMAT_uncompressed		0
-#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime	1
-#define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2	2
-#define TLSEXT_ECPOINTFORMAT_last			2
-
-/* Signature and hash algorithms from RFC 5246. */
-
-#define TLSEXT_signature_anonymous			0
-#define TLSEXT_signature_rsa				1
-#define TLSEXT_signature_dsa				2
-#define TLSEXT_signature_ecdsa				3
-/* FIXME IANA */
-#define TLSEXT_signature_gostr01			237
-#define TLSEXT_signature_gostr12_256			238
-#define TLSEXT_signature_gostr12_512			239
-
-#define TLSEXT_hash_none				0
-#define TLSEXT_hash_md5					1
-#define TLSEXT_hash_sha1				2
-#define TLSEXT_hash_sha224				3
-#define TLSEXT_hash_sha256				4
-#define TLSEXT_hash_sha384				5
-#define TLSEXT_hash_sha512				6
-/* FIXME IANA */
-#define TLSEXT_hash_gost94				237
-#define TLSEXT_hash_streebog_256			238
-#define TLSEXT_hash_streebog_512			239
-
-#define TLSEXT_MAXLEN_host_name 255
-
-const char *SSL_get_servername(const SSL *s, const int type);
-int SSL_get_servername_type(const SSL *s);
-/* SSL_export_keying_material exports a value derived from the master secret,
- * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
- * optional context. (Since a zero length context is allowed, the |use_context|
- * flag controls whether a context is included.)
- *
- * It returns 1 on success and zero otherwise.
- */
-int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
-    const char *label, size_t llen, const unsigned char *p, size_t plen,
-    int use_context);
-
-#define SSL_set_tlsext_host_name(s,name) \
-SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
-
-#define SSL_set_tlsext_debug_callback(ssl, cb) \
-SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
-
-#define SSL_set_tlsext_debug_arg(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
-
-#define SSL_set_tlsext_status_type(ssl, type) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
-
-#define SSL_get_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-#define SSL_set_tlsext_status_exts(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
-
-#define SSL_get_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-#define SSL_set_tlsext_status_ids(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
-
-#define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
-SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
-
-#define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
-SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
-
-#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
-SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
-
-#define SSL_TLSEXT_ERR_OK 0
-#define SSL_TLSEXT_ERR_ALERT_WARNING 1
-#define SSL_TLSEXT_ERR_ALERT_FATAL 2
-#define SSL_TLSEXT_ERR_NOACK 3
-
-#define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
-SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
-
-#define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-#define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
-	SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
-
-#define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
-
-#define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
-SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
-
-#define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
-SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
-
-/* PSK ciphersuites from RFC 4279. */
-#define TLS1_CK_PSK_WITH_RC4_128_SHA                    0x0300008A
-#define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA               0x0300008B
-#define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
-#define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
-
-/* Additional TLS ciphersuites from expired Internet Draft
- * draft-ietf-tls-56-bit-ciphersuites-01.txt
- * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see
- * s3_lib.c).  We actually treat them like SSL 3.0 ciphers, which we probably
- * shouldn't.  Note that the first two are actually not in the IDs. */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5		0x03000060 /* not in ID */
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	0x03000061 /* not in ID */
-#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA		0x03000062
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	0x03000063
-#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA		0x03000064
-#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	0x03000065
-#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA		0x03000066
-
-/* AES ciphersuites from RFC 3268. */
-
-#define TLS1_CK_RSA_WITH_AES_128_SHA			0x0300002F
-#define TLS1_CK_DH_DSS_WITH_AES_128_SHA			0x03000030
-#define TLS1_CK_DH_RSA_WITH_AES_128_SHA			0x03000031
-#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA		0x03000032
-#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA		0x03000033
-#define TLS1_CK_ADH_WITH_AES_128_SHA			0x03000034
-
-#define TLS1_CK_RSA_WITH_AES_256_SHA			0x03000035
-#define TLS1_CK_DH_DSS_WITH_AES_256_SHA			0x03000036
-#define TLS1_CK_DH_RSA_WITH_AES_256_SHA			0x03000037
-#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA		0x03000038
-#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA		0x03000039
-#define TLS1_CK_ADH_WITH_AES_256_SHA			0x0300003A
-
-/* TLS v1.2 ciphersuites */
-#define TLS1_CK_RSA_WITH_NULL_SHA256			0x0300003B
-#define TLS1_CK_RSA_WITH_AES_128_SHA256			0x0300003C
-#define TLS1_CK_RSA_WITH_AES_256_SHA256			0x0300003D
-#define TLS1_CK_DH_DSS_WITH_AES_128_SHA256		0x0300003E
-#define TLS1_CK_DH_RSA_WITH_AES_128_SHA256		0x0300003F
-#define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256		0x03000040
-
-/* Camellia ciphersuites from RFC 4132. */
-#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA		0x03000041
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA	0x03000042
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA	0x03000043
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA	0x03000044
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA	0x03000045
-#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA		0x03000046
-
-/* TLS v1.2 ciphersuites */
-#define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256		0x03000067
-#define TLS1_CK_DH_DSS_WITH_AES_256_SHA256		0x03000068
-#define TLS1_CK_DH_RSA_WITH_AES_256_SHA256		0x03000069
-#define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256		0x0300006A
-#define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256		0x0300006B
-#define TLS1_CK_ADH_WITH_AES_128_SHA256			0x0300006C
-#define TLS1_CK_ADH_WITH_AES_256_SHA256			0x0300006D
-
-/* Camellia ciphersuites from RFC 4132. */
-#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA		0x03000084
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA	0x03000085
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA	0x03000086
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA	0x03000087
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA	0x03000088
-#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA		0x03000089
-
-/* SEED ciphersuites from RFC 4162. */
-#define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
-#define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
-#define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
-#define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
-#define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
-#define TLS1_CK_ADH_WITH_SEED_SHA                	0x0300009B
-
-/* TLS v1.2 GCM ciphersuites from RFC 5288. */
-#define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256		0x0300009C
-#define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384		0x0300009D
-#define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256		0x0300009E
-#define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384		0x0300009F
-#define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256		0x030000A0
-#define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384		0x030000A1
-#define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256		0x030000A2
-#define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384		0x030000A3
-#define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256		0x030000A4
-#define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384		0x030000A5
-#define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256		0x030000A6
-#define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384		0x030000A7
-
-/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
-#define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA256	0x030000BA
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256	0x030000BB
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256	0x030000BC
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256	0x030000BD
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256	0x030000BE
-#define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA256	0x030000BF
-
-#define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA256	0x030000C0
-#define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256	0x030000C1
-#define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256	0x030000C2
-#define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256	0x030000C3
-#define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256	0x030000C4
-#define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA256	0x030000C5
-
-/* ECC ciphersuites from RFC 4492. */
-#define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
-#define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
-#define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
-
-#define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
-#define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
-#define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
-
-#define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
-#define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
-#define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
-#define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
-#define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
-
-#define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
-#define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
-#define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
-#define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
-#define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
-
-#define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
-#define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
-#define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
-#define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
-#define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
-
-/* SRP ciphersuites from RFC 5054. */
-#define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA		0x0300C01A
-#define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA	0x0300C01B
-#define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA	0x0300C01C
-#define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA		0x0300C01D
-#define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA	0x0300C01E
-#define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA	0x0300C01F
-#define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA		0x0300C020
-#define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA	0x0300C021
-#define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA	0x0300C022
-
-/* ECDH HMAC based ciphersuites from RFC 5289. */
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256         0x0300C023
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384         0x0300C024
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256          0x0300C025
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384          0x0300C026
-#define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256           0x0300C027
-#define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384           0x0300C028
-#define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256            0x0300C029
-#define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384            0x0300C02A
-
-/* ECDH GCM based ciphersuites from RFC 5289. */
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256	0x0300C02B
-#define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384	0x0300C02C
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256      0x0300C02D
-#define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384      0x0300C02E
-#define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256       0x0300C02F
-#define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384       0x0300C030
-#define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
-#define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
-
-/* ChaCha20-Poly1305 based ciphersuites. */
-#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305_OLD		0x0300CC13
-#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305_OLD	0x0300CC14
-#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305_OLD		0x0300CC15
-#define TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305		0x0300CCA8
-#define TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305		0x0300CCA9
-#define TLS1_CK_DHE_RSA_CHACHA20_POLY1305		0x0300CCAA
-
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5		"EXP1024-RC4-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5	"EXP1024-RC2-CBC-MD5"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DES-CBC-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA	"EXP1024-DHE-DSS-DES-CBC-SHA"
-#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA		"EXP1024-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA	"EXP1024-DHE-DSS-RC4-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA		"DHE-DSS-RC4-SHA"
-
-/* AES ciphersuites from RFC 3268. */
-#define TLS1_TXT_RSA_WITH_AES_128_SHA			"AES128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA		"DH-DSS-AES128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA		"DH-RSA-AES128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA		"DHE-DSS-AES128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA		"DHE-RSA-AES128-SHA"
-#define TLS1_TXT_ADH_WITH_AES_128_SHA			"ADH-AES128-SHA"
-
-#define TLS1_TXT_RSA_WITH_AES_256_SHA			"AES256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA		"DH-DSS-AES256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA		"DH-RSA-AES256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA		"DHE-DSS-AES256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA		"DHE-RSA-AES256-SHA"
-#define TLS1_TXT_ADH_WITH_AES_256_SHA			"ADH-AES256-SHA"
-
-/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
-#define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
-
-#define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
-
-#define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
-
-#define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
-
-#define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
-#define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
-
-/* PSK ciphersuites from RFC 4279. */
-#define TLS1_TXT_PSK_WITH_RC4_128_SHA			"PSK-RC4-SHA"
-#define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA		"PSK-3DES-EDE-CBC-SHA"
-#define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA		"PSK-AES128-CBC-SHA"
-#define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA		"PSK-AES256-CBC-SHA"
-
-/* SRP ciphersuite from RFC 5054. */
-#define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA		"SRP-3DES-EDE-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA	"SRP-RSA-3DES-EDE-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA	"SRP-DSS-3DES-EDE-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA		"SRP-AES-128-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA	"SRP-RSA-AES-128-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA	"SRP-DSS-AES-128-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA		"SRP-AES-256-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA	"SRP-RSA-AES-256-CBC-SHA"
-#define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA	"SRP-DSS-AES-256-CBC-SHA"
-
-/* Camellia ciphersuites from RFC 4132. */
-#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA		"CAMELLIA128-SHA"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA	"DH-DSS-CAMELLIA128-SHA"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA	"DH-RSA-CAMELLIA128-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA	"DHE-DSS-CAMELLIA128-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA	"DHE-RSA-CAMELLIA128-SHA"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA		"ADH-CAMELLIA128-SHA"
-
-#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA		"CAMELLIA256-SHA"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA	"DH-DSS-CAMELLIA256-SHA"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA	"DH-RSA-CAMELLIA256-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA	"DHE-DSS-CAMELLIA256-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA	"DHE-RSA-CAMELLIA256-SHA"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA		"ADH-CAMELLIA256-SHA"
-
-/* TLS 1.2 Camellia SHA-256 ciphersuites from RFC5932 */
-#define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA256	"CAMELLIA128-SHA256"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256	"DH-DSS-CAMELLIA128-SHA256"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256	"DH-RSA-CAMELLIA128-SHA256"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256	"DHE-DSS-CAMELLIA128-SHA256"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256	"DHE-RSA-CAMELLIA128-SHA256"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA256	"ADH-CAMELLIA128-SHA256"
-
-#define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA256	"CAMELLIA256-SHA256"
-#define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256	"DH-DSS-CAMELLIA256-SHA256"
-#define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256	"DH-RSA-CAMELLIA256-SHA256"
-#define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256	"DHE-DSS-CAMELLIA256-SHA256"
-#define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256	"DHE-RSA-CAMELLIA256-SHA256"
-#define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA256	"ADH-CAMELLIA256-SHA256"
-
-/* SEED ciphersuites from RFC 4162. */
-#define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
-#define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
-#define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
-#define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
-#define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
-#define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
-
-/* TLS v1.2 ciphersuites. */
-#define TLS1_TXT_RSA_WITH_NULL_SHA256			"NULL-SHA256"
-#define TLS1_TXT_RSA_WITH_AES_128_SHA256		"AES128-SHA256"
-#define TLS1_TXT_RSA_WITH_AES_256_SHA256		"AES256-SHA256"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256		"DH-DSS-AES128-SHA256"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256		"DH-RSA-AES128-SHA256"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256		"DHE-DSS-AES128-SHA256"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256		"DHE-RSA-AES128-SHA256"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256		"DH-DSS-AES256-SHA256"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256		"DH-RSA-AES256-SHA256"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256		"DHE-DSS-AES256-SHA256"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256		"DHE-RSA-AES256-SHA256"
-#define TLS1_TXT_ADH_WITH_AES_128_SHA256		"ADH-AES128-SHA256"
-#define TLS1_TXT_ADH_WITH_AES_256_SHA256		"ADH-AES256-SHA256"
-
-/* TLS v1.2 GCM ciphersuites from RFC 5288. */
-#define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256		"AES128-GCM-SHA256"
-#define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384		"AES256-GCM-SHA384"
-#define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256	"DHE-RSA-AES128-GCM-SHA256"
-#define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384	"DHE-RSA-AES256-GCM-SHA384"
-#define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256		"DH-RSA-AES128-GCM-SHA256"
-#define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384		"DH-RSA-AES256-GCM-SHA384"
-#define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256	"DHE-DSS-AES128-GCM-SHA256"
-#define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384	"DHE-DSS-AES256-GCM-SHA384"
-#define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256		"DH-DSS-AES128-GCM-SHA256"
-#define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384		"DH-DSS-AES256-GCM-SHA384"
-#define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256		"ADH-AES128-GCM-SHA256"
-#define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384		"ADH-AES256-GCM-SHA384"
-
-/* ECDH HMAC based ciphersuites from RFC 5289. */
-
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256    "ECDHE-ECDSA-AES128-SHA256"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384    "ECDHE-ECDSA-AES256-SHA384"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256     "ECDH-ECDSA-AES128-SHA256"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384     "ECDH-ECDSA-AES256-SHA384"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256      "ECDHE-RSA-AES128-SHA256"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384      "ECDHE-RSA-AES256-SHA384"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256       "ECDH-RSA-AES128-SHA256"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384       "ECDH-RSA-AES256-SHA384"
-
-/* ECDH GCM based ciphersuites from RFC 5289. */
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    "ECDHE-ECDSA-AES128-GCM-SHA256"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    "ECDHE-ECDSA-AES256-GCM-SHA384"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256     "ECDH-ECDSA-AES128-GCM-SHA256"
-#define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384     "ECDH-ECDSA-AES256-GCM-SHA384"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256      "ECDHE-RSA-AES128-GCM-SHA256"
-#define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384      "ECDHE-RSA-AES256-GCM-SHA384"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
-#define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
-
-/* ChaCha20-Poly1305 based ciphersuites. */
-#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305_OLD	"ECDHE-RSA-CHACHA20-POLY1305-OLD"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_OLD	"ECDHE-ECDSA-CHACHA20-POLY1305-OLD"
-#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305_OLD	"DHE-RSA-CHACHA20-POLY1305-OLD"
-#define TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305	"ECDHE-RSA-CHACHA20-POLY1305"
-#define TLS1_TXT_ECDHE_ECDSA_WITH_CHACHA20_POLY1305	"ECDHE-ECDSA-CHACHA20-POLY1305"
-#define TLS1_TXT_DHE_RSA_WITH_CHACHA20_POLY1305		"DHE-RSA-CHACHA20-POLY1305"
-
-#define TLS_CT_RSA_SIGN			1
-#define TLS_CT_DSS_SIGN			2
-#define TLS_CT_RSA_FIXED_DH		3
-#define TLS_CT_DSS_FIXED_DH		4
-#define TLS_CT_ECDSA_SIGN		64
-#define TLS_CT_RSA_FIXED_ECDH		65
-#define TLS_CT_ECDSA_FIXED_ECDH 	66
-#define TLS_CT_GOST94_SIGN		21
-#define TLS_CT_GOST01_SIGN		22
-#define TLS_CT_GOST12_256_SIGN		238 /* FIXME: IANA */
-#define TLS_CT_GOST12_512_SIGN		239 /* FIXME: IANA */
-/* when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
- * comment there) */
-#define TLS_CT_NUMBER			11
-
-#define TLS1_FINISH_MAC_LENGTH		12
-
-#define TLS_MD_MAX_CONST_SIZE			20
-#define TLS_MD_CLIENT_FINISH_CONST		"client finished"
-#define TLS_MD_CLIENT_FINISH_CONST_SIZE		15
-#define TLS_MD_SERVER_FINISH_CONST		"server finished"
-#define TLS_MD_SERVER_FINISH_CONST_SIZE		15
-#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_KEY_EXPANSION_CONST		"key expansion"
-#define TLS_MD_KEY_EXPANSION_CONST_SIZE		13
-#define TLS_MD_CLIENT_WRITE_KEY_CONST		"client write key"
-#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_SERVER_WRITE_KEY_CONST		"server write key"
-#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE	16
-#define TLS_MD_IV_BLOCK_CONST			"IV block"
-#define TLS_MD_IV_BLOCK_CONST_SIZE		8
-#define TLS_MD_MASTER_SECRET_CONST		"master secret"
-#define TLS_MD_MASTER_SECRET_CONST_SIZE		13
-
-/* TLS Session Ticket extension struct. */
-struct tls_session_ticket_ext_st {
-	unsigned short length;
-	void *data;
-};
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
diff --git a/lib/libssl/src/test/CAss.cnf b/lib/libssl/src/test/CAss.cnf
deleted file mode 100644
index 109bc8c10ba..00000000000
--- a/lib/libssl/src/test/CAss.cnf
+++ /dev/null
@@ -1,76 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 2048
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= sha1
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName		= Organization Name (eg, company)
-organizationName_value		= Dodgy Brothers
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Dodgy CA
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-#unique_subject	= no			# Set to 'no' to allow creation of
-					# several ctificates with same subject.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-x509_extensions	= v3_ca			# The extentions to add to the cert
-
-name_opt 	= ca_default		# Subject Name options
-cert_opt 	= ca_default		# Certificate field options
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-policy		= policy_anything
-
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-
-
-[ v3_ca ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = CA:true,pathlen:1
-keyUsage = cRLSign, keyCertSign
-issuerAltName=issuer:copy
diff --git a/lib/libssl/src/test/CAssdh.cnf b/lib/libssl/src/test/CAssdh.cnf
deleted file mode 100644
index 4e0a908679f..00000000000
--- a/lib/libssl/src/test/CAssdh.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DH certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = CU
-countryName_value             = CU
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = La Junta de la Revolucion
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Junta
-
diff --git a/lib/libssl/src/test/CAssdsa.cnf b/lib/libssl/src/test/CAssdsa.cnf
deleted file mode 100644
index a6b4d1810c9..00000000000
--- a/lib/libssl/src/test/CAssdsa.cnf
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
diff --git a/lib/libssl/src/test/CAssrsa.cnf b/lib/libssl/src/test/CAssrsa.cnf
deleted file mode 100644
index eb24a6dfc0e..00000000000
--- a/lib/libssl/src/test/CAssrsa.cnf
+++ /dev/null
@@ -1,24 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - CA
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName              = Organization Name (eg, company)
-organizationName_value                = Hermanos Locos
-
-commonName                    = Common Name (eg, YOUR name)
-commonName_value              = Hermanos Locos CA
-
diff --git a/lib/libssl/src/test/CAtsa.cnf b/lib/libssl/src/test/CAtsa.cnf
deleted file mode 100644
index f5a275bfc23..00000000000
--- a/lib/libssl/src/test/CAtsa.cnf
+++ /dev/null
@@ -1,163 +0,0 @@
-
-#
-# This config is used by the Time Stamp Authority tests.
-#
-
-RANDFILE		= ./.rnd
-
-# Extra OBJECT IDENTIFIER info:
-oid_section		= new_oids
-
-TSDNSECT		= ts_cert_dn
-INDEX			= 1
-
-[ new_oids ]
-
-# Policies used by the TSA tests.
-tsa_policy1 = 1.2.3.4.1
-tsa_policy2 = 1.2.3.4.5.6
-tsa_policy3 = 1.2.3.4.5.7
-
-#----------------------------------------------------------------------
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-[ CA_default ]
-
-dir		= ./demoCA
-certs		= $dir/certs		# Where the issued certs are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/newcerts		# default place for new certs.
-
-certificate	= $dir/cacert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-private_key	= $dir/private/cakey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-default_days	= 365			# how long to certify for
-default_md	= sha1			# which md to use.
-preserve	= no			# keep passed DN ordering
-
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= supplied
-stateOrProvinceName	= supplied
-organizationName	= supplied
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-#----------------------------------------------------------------------
-[ req ]
-default_bits		= 1024
-default_md		= sha1
-distinguished_name	= $ENV::TSDNSECT
-encrypt_rsa_key		= no
-prompt 			= no
-# attributes		= req_attributes
-x509_extensions	= v3_ca	# The extentions to add to the self signed cert
-
-string_mask = nombstr
-
-[ ts_ca_dn ]
-countryName			= HU
-stateOrProvinceName		= Budapest
-localityName			= Budapest
-organizationName		= Gov-CA Ltd.
-commonName			= ca1
-
-[ ts_cert_dn ]
-countryName			= HU
-stateOrProvinceName		= Budapest
-localityName			= Buda
-organizationName		= Hun-TSA Ltd.
-commonName			= tsa$ENV::INDEX
-
-[ tsa_cert ]
-
-# TSA server cert is not a CA cert.
-basicConstraints=CA:FALSE
-
-# The following key usage flags are needed for TSA server certificates.
-keyUsage = nonRepudiation, digitalSignature
-extendedKeyUsage = critical,timeStamping
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ non_tsa_cert ]
-
-# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
-basicConstraints=CA:FALSE
-
-# The following key usage flags are needed for TSA server certificates.
-keyUsage = nonRepudiation, digitalSignature
-# timeStamping is not supported by this certificate
-# extendedKeyUsage = critical,timeStamping
-
-# PKIX recommendations harmless if included in all certificates.
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-
-[ v3_req ]
-
-# Extensions to add to a certificate request
-basicConstraints = CA:FALSE
-keyUsage = nonRepudiation, digitalSignature
-
-[ v3_ca ]
-
-# Extensions for a typical CA
-
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always,issuer:always
-basicConstraints = critical,CA:true
-keyUsage = cRLSign, keyCertSign
-
-#----------------------------------------------------------------------
-[ tsa ]
-
-default_tsa = tsa_config1	# the default TSA section
-
-[ tsa_config1 ]
-
-# These are used by the TSA reply generation only.
-dir		= .			# TSA root directory
-serial		= $dir/tsa_serial	# The current serial number (mandatory)
-signer_cert	= $dir/tsa_cert1.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/tsaca.pem	# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/tsa_key1.pem	# The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
-accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
-ordering		= yes	# Is ordering defined for timestamps?
-				# (optional, default: no)
-tsa_name		= yes	# Must the TSA name be included in the reply?
-				# (optional, default: no)
-ess_cert_id_chain	= yes	# Must the ESS cert id chain be included?
-				# (optional, default: no)
-
-[ tsa_config2 ]
-
-# This configuration uses a certificate which doesn't have timeStamping usage.
-# These are used by the TSA reply generation only.
-dir		= .			# TSA root directory
-serial		= $dir/tsa_serial	# The current serial number (mandatory)
-signer_cert	= $dir/tsa_cert2.pem 	# The TSA signing certificate
-					# (optional)
-certs		= $dir/demoCA/cacert.pem# Certificate chain to include in reply
-					# (optional)
-signer_key	= $dir/tsa_key2.pem	# The TSA private key (optional)
-
-default_policy	= tsa_policy1		# Policy if request did not specify it
-					# (optional)
-other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
diff --git a/lib/libssl/src/test/P1ss.cnf b/lib/libssl/src/test/P1ss.cnf
deleted file mode 100644
index 326cce2ba83..00000000000
--- a/lib/libssl/src/test/P1ss.cnf
+++ /dev/null
@@ -1,37 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-2.commonName			= Common Name (eg, YOUR name)
-2.commonName_value		= Proxy 1
-
-[ v3_proxy ]
-basicConstraints=CA:FALSE
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
diff --git a/lib/libssl/src/test/P2ss.cnf b/lib/libssl/src/test/P2ss.cnf
deleted file mode 100644
index 8b502321b88..00000000000
--- a/lib/libssl/src/test/P2ss.cnf
+++ /dev/null
@@ -1,45 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= md2
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-2.commonName			= Common Name (eg, YOUR name)
-2.commonName_value		= Proxy 1
-
-3.commonName			= Common Name (eg, YOUR name)
-3.commonName_value		= Proxy 2
-
-[ v3_proxy ]
-basicConstraints=CA:FALSE
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-proxyCertInfo=critical,@proxy_ext
-
-[ proxy_ext ]
-language=id-ppl-anyLanguage
-pathlen=0
-policy=text:BC
diff --git a/lib/libssl/src/test/Sssdsa.cnf b/lib/libssl/src/test/Sssdsa.cnf
deleted file mode 100644
index 8e170a28ef5..00000000000
--- a/lib/libssl/src/test/Sssdsa.cnf
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# hacked by iang to do DSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_rsa_key               = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
-
diff --git a/lib/libssl/src/test/Sssrsa.cnf b/lib/libssl/src/test/Sssrsa.cnf
deleted file mode 100644
index 8c79a03fca8..00000000000
--- a/lib/libssl/src/test/Sssrsa.cnf
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-# create RSA certs - Server
-
-RANDFILE              = ./.rnd
-
-####################################################################
-[ req ]
-distinguished_name    = req_distinguished_name
-encrypt_key           = no
-
-[ req_distinguished_name ]
-countryName                   = Country Name (2 letter code)
-countryName_default           = ES
-countryName_value             = ES
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Tortilleras S.A.
-
-0.commonName                  = Common Name (eg, YOUR name)
-0.commonName_value            = Torti
-
-1.commonName                  = Common Name (eg, YOUR name)
-1.commonName_value            = Gordita
diff --git a/lib/libssl/src/test/Uss.cnf b/lib/libssl/src/test/Uss.cnf
deleted file mode 100644
index 58ac0ca54d7..00000000000
--- a/lib/libssl/src/test/Uss.cnf
+++ /dev/null
@@ -1,36 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ req ]
-default_bits		= 2048
-default_keyfile 	= keySS.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-default_md		= sha256
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-organizationName                = Organization Name (eg, company)
-organizationName_value          = Dodgy Brothers
-
-0.commonName			= Common Name (eg, YOUR name)
-0.commonName_value		= Brother 1
-
-1.commonName			= Common Name (eg, YOUR name)
-1.commonName_value		= Brother 2
-
-[ v3_ee ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer:always
-basicConstraints = CA:false
-keyUsage = nonRepudiation, digitalSignature, keyEncipherment
-issuerAltName=issuer:copy
-
diff --git a/lib/libssl/src/test/VMSca-response.1 b/lib/libssl/src/test/VMSca-response.1
deleted file mode 100644
index 8b137891791..00000000000
--- a/lib/libssl/src/test/VMSca-response.1
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/lib/libssl/src/test/VMSca-response.2 b/lib/libssl/src/test/VMSca-response.2
deleted file mode 100644
index 9b48ee4cf97..00000000000
--- a/lib/libssl/src/test/VMSca-response.2
+++ /dev/null
@@ -1,2 +0,0 @@
-y
-y
diff --git a/lib/libssl/src/test/asn1test.c b/lib/libssl/src/test/asn1test.c
deleted file mode 100755
index 6e6f91f81b3..00000000000
--- a/lib/libssl/src/test/asn1test.c
+++ /dev/null
@@ -1,23 +0,0 @@
-/* $OpenBSD: asn1test.c,v 1.2 2014/06/12 15:49:31 deraadt Exp $ */
-#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
-
-typedef struct X
-    {
-    STACK_OF(X509_EXTENSION) *ext;
-    } X;
-
-/* This isn't meant to run particularly, it's just to test type checking */
-int main(int argc, char **argv)
-    {
-    X *x = NULL;
-    unsigned char **pp = NULL;
-
-    M_ASN1_I2D_vars(x);
-    M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
-				     i2d_X509_EXTENSION);
-    M_ASN1_I2D_seq_total();
-    M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
-				     i2d_X509_EXTENSION);
-    M_ASN1_I2D_finish();
-    }
diff --git a/lib/libssl/src/test/bctest b/lib/libssl/src/test/bctest
deleted file mode 100644
index bdb3218f7ac..00000000000
--- a/lib/libssl/src/test/bctest
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/sh
-
-# This script is used by test/Makefile.ssl to check whether a sane 'bc'
-# is installed.
-# ('make test_bn' should not try to run 'bc' if it does not exist or if
-# it is a broken 'bc' version that is known to cause trouble.)
-#
-# If 'bc' works, we also test if it knows the 'print' command.
-#
-# In any case, output an appropriate command line for running (or not
-# running) bc.
-
-
-IFS=:
-try_without_dir=true
-# First we try "bc", then "$dir/bc" for each item in $PATH.
-for dir in dummy:$PATH; do
-    if [ "$try_without_dir" = true ]; then
-      # first iteration
-      bc=bc
-      try_without_dir=false
-    else
-      # second and later iterations
-      bc="$dir/bc"
-      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
-        bc=''
-      fi
-    fi
-
-    if [ ! "$bc" = '' ]; then
-        failure=none
-
-
-        # Test for SunOS 5.[78] bc bug
-        "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
-a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
-CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
-10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
-C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
-3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
-4FC3CADF855448B24A9D7640BCF473E
-b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
-9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
-8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
-3ED0E2017D60A68775B75481449
-(a/b)*b + (a%b) - a
-EOF
-        if [ 0 != "`cat tmp.bctest`" ]; then
-            failure=SunOStest
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # Test for SCO bc bug.
-            "$bc" >tmp.bctest <<\EOF
-obase=16
-ibase=16
--FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
-9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
-11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
-1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
-AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
-F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
-B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
-02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
-85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
-A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
-E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
-8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
-04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
-89C8D71
-AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
-928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
-8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
-37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
-E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
-F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
-9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
-D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
-5296964
-EOF
-            if [ "0
-0" != "`cat tmp.bctest`" ]; then
-                failure=SCOtest
-            fi
-        fi
-
-
-        if [ "$failure" = none ]; then
-            # bc works; now check if it knows the 'print' command.
-            if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
-            then
-                echo "$bc"
-            else
-                echo "sed 's/print.*//' | $bc"
-            fi
-            exit 0
-        fi
-
-        echo "$bc does not work properly ('$failure' failed).  Looking for another bc ..." >&2
-    fi
-done
-
-echo "No working bc found.  Consider installing GNU bc." >&2
-if [ "$1" = ignore ]; then
-  echo "cat >/dev/null"
-  exit 0
-fi
-exit 1
diff --git a/lib/libssl/src/test/cms-examples.pl b/lib/libssl/src/test/cms-examples.pl
deleted file mode 100644
index 2e95b48ba45..00000000000
--- a/lib/libssl/src/test/cms-examples.pl
+++ /dev/null
@@ -1,409 +0,0 @@
-# test/cms-examples.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# Perl script to run tests against S/MIME examples in RFC4134
-# Assumes RFC is in current directory and called "rfc4134.txt"
-
-use MIME::Base64;
-
-my $badttest = 0;
-my $verbose  = 1;
-
-my $cmscmd;
-my $exdir  = "./";
-my $exfile = "./rfc4134.txt";
-
-if (-f "../apps/openssl")
-	{
-	$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
-	}
-elsif (-f "..\\out32dll\\openssl.exe")
-	{
-	$cmscmd = "..\\out32dll\\openssl.exe cms";
-	}
-elsif (-f "..\\out32\\openssl.exe")
-	{
-	$cmscmd = "..\\out32\\openssl.exe cms";
-	}
-
-my @test_list = (
-    [ "3.1.bin"  => "dataout" ],
-    [ "3.2.bin"  => "encode, dataout" ],
-    [ "4.1.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.2.bin"  => "encode, verifyder, cont, rsa" ],
-    [ "4.3.bin"  => "encode, verifyder, cont_extern, dss" ],
-    [ "4.4.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.5.bin"  => "verifyder, cont, rsa" ],
-    [ "4.6.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.7.bin"  => "encode, verifyder, cont, dss" ],
-    [ "4.8.eml"  => "verifymime, dss" ],
-    [ "4.9.eml"  => "verifymime, dss" ],
-    [ "4.10.bin" => "encode, verifyder, cont, dss" ],
-    [ "4.11.bin" => "encode, certsout" ],
-    [ "5.1.bin"  => "encode, envelopeder, cont" ],
-    [ "5.2.bin"  => "encode, envelopeder, cont" ],
-    [ "5.3.eml"  => "envelopemime, cont" ],
-    [ "6.0.bin"  => "encode, digest, cont" ],
-    [ "7.1.bin"  => "encode, encrypted, cont" ],
-    [ "7.2.bin"  => "encode, encrypted, cont" ]
-);
-
-# Extract examples from RFC4134 text.
-# Base64 decode all examples, certificates and
-# private keys are converted to PEM format.
-
-my ( $filename, $data );
-
-my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
-
-$data = "";
-
-open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
-
-while (<IN>) {
-    next unless (/^\|/);
-    s/^\|//;
-    next if (/^\*/);
-    if (/^>(.*)$/) {
-        $filename = $1;
-        next;
-    }
-    if (/^</) {
-        $filename = "$exdir/$filename";
-        if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
-            $data = decode_base64($data);
-            open OUT, ">$filename";
-            binmode OUT;
-            print OUT $data;
-            close OUT;
-            push @cleanup, $filename;
-        }
-        elsif ( $filename =~ /\.cer$/ ) {
-            write_pem( $filename, "CERTIFICATE", $data );
-        }
-        elsif ( $filename =~ /\.pri$/ ) {
-            write_pem( $filename, "PRIVATE KEY", $data );
-        }
-        $data     = "";
-        $filename = "";
-    }
-    else {
-        $data .= $_;
-    }
-
-}
-
-my $secretkey =
-  "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
-
-foreach (@test_list) {
-    my ( $file, $tlist ) = @$_;
-    print "Example file $file:\n";
-    if ( $tlist =~ /encode/ ) {
-        run_reencode_test( $exdir, $file );
-    }
-    if ( $tlist =~ /certsout/ ) {
-        run_certsout_test( $exdir, $file );
-    }
-    if ( $tlist =~ /dataout/ ) {
-        run_dataout_test( $exdir, $file );
-    }
-    if ( $tlist =~ /verify/ ) {
-        run_verify_test( $exdir, $tlist, $file );
-    }
-    if ( $tlist =~ /digest/ ) {
-        run_digest_test( $exdir, $tlist, $file );
-    }
-    if ( $tlist =~ /encrypted/ ) {
-        run_encrypted_test( $exdir, $tlist, $file, $secretkey );
-    }
-    if ( $tlist =~ /envelope/ ) {
-        run_envelope_test( $exdir, $tlist, $file );
-    }
-
-}
-
-foreach (@cleanup) {
-    unlink $_;
-}
-
-if ($badtest) {
-    print "\n$badtest TESTS FAILED!!\n";
-}
-else {
-    print "\n***All tests successful***\n";
-}
-
-sub write_pem {
-    my ( $filename, $str, $data ) = @_;
-
-    $filename =~ s/\.[^.]*$/.pem/;
-
-    push @cleanup, $filename;
-
-    open OUT, ">$filename";
-
-    print OUT "-----BEGIN $str-----\n";
-    print OUT $data;
-    print OUT "-----END $str-----\n";
-
-    close OUT;
-}
-
-sub run_reencode_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.der";
-
-    system( "$cmscmd -cmsout -inform DER -outform DER"
-          . " -in $cmsdir/$tfile -out tmp.der" );
-
-    if ($?) {
-        print "\tReencode command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
-        print "\tReencode FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tReencode passed\n" if $verbose;
-    }
-}
-
-sub run_certsout_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.der";
-    unlink "tmp.pem";
-
-    system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
-          . " -in $cmsdir/$tfile -out tmp.der" );
-
-    if ($?) {
-        print "\tCertificate output command FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tCertificate output passed\n" if $verbose;
-    }
-}
-
-sub run_dataout_test {
-    my ( $cmsdir, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    system(
-        "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
-
-    if ($?) {
-        print "\tDataout command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
-        print "\tDataout compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDataout passed\n" if $verbose;
-    }
-}
-
-sub run_verify_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    $form   = "DER"                     if $tlist =~ /verifyder/;
-    $form   = "SMIME"                   if $tlist =~ /verifymime/;
-    $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
-    $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
-
-    $cmd =
-        "$cmscmd -verify -inform $form"
-      . " -CAfile $cafile"
-      . " -in $cmsdir/$tfile -out tmp.txt";
-
-    $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tVerify command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tVerify content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tVerify passed\n" if $verbose;
-    }
-}
-
-sub run_envelope_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    $form = "DER"   if $tlist =~ /envelopeder/;
-    $form = "SMIME" if $tlist =~ /envelopemime/;
-
-    $cmd =
-        "$cmscmd -decrypt -inform $form"
-      . " -recip $cmsdir/BobRSASignByCarl.pem"
-      . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
-      . " -in $cmsdir/$tfile -out tmp.txt";
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tDecrypt command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tDecrypt content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDecrypt passed\n" if $verbose;
-    }
-}
-
-sub run_digest_test {
-    my ( $cmsdir, $tlist, $tfile ) = @_;
-    unlink "tmp.txt";
-
-    my $cmd =
-      "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
-
-    system("$cmd 2>cms.err 1>cms.out");
-
-    if ($?) {
-        print "\tDigest verify command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tDigest verify content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tDigest verify passed\n" if $verbose;
-    }
-}
-
-sub run_encrypted_test {
-    my ( $cmsdir, $tlist, $tfile, $key ) = @_;
-    unlink "tmp.txt";
-
-    system( "$cmscmd -EncryptedData_decrypt -inform DER"
-          . " -secretkey $key"
-          . " -in $cmsdir/$tfile -out tmp.txt" );
-
-    if ($?) {
-        print "\tEncrypted Data command FAILED!!\n";
-        $badtest++;
-    }
-    elsif ( $tlist =~ /cont/
-        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
-    {
-        print "\tEncrypted Data content compare FAILED!!\n";
-        $badtest++;
-    }
-    else {
-        print "\tEncryptedData verify passed\n" if $verbose;
-    }
-}
-
-sub cmp_files {
-    my ( $f1, $f2 ) = @_;
-    my ( $fp1, $fp2 );
-
-    my ( $rd1, $rd2 );
-
-    if ( !open( $fp1, "<$f1" ) ) {
-        print STDERR "Can't Open file $f1\n";
-        return 0;
-    }
-
-    if ( !open( $fp2, "<$f2" ) ) {
-        print STDERR "Can't Open file $f2\n";
-        return 0;
-    }
-
-    binmode $fp1;
-    binmode $fp2;
-
-    my $ret = 0;
-
-    for ( ; ; ) {
-        $n1 = sysread $fp1, $rd1, 4096;
-        $n2 = sysread $fp2, $rd2, 4096;
-        last if ( $n1 != $n2 );
-        last if ( $rd1 ne $rd2 );
-
-        if ( $n1 == 0 ) {
-            $ret = 1;
-            last;
-        }
-
-    }
-
-    close $fp1;
-    close $fp2;
-
-    return $ret;
-
-}
-
diff --git a/lib/libssl/src/test/cms-test.pl b/lib/libssl/src/test/cms-test.pl
deleted file mode 100644
index dfef799be2f..00000000000
--- a/lib/libssl/src/test/cms-test.pl
+++ /dev/null
@@ -1,459 +0,0 @@
-# test/cms-test.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# CMS, PKCS7 consistency test script. Run extensive tests on
-# OpenSSL PKCS#7 and CMS implementations.
-
-my $ossl_path;
-my $redir = " 2> cms.err > cms.out";
-# Make VMS work
-if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
-    $ossl_path = "pipe mcr OSSLX:openssl";
-}
-# Make MSYS work
-elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
-    $ossl_path = "cmd /c ..\\apps\\openssl";
-}
-elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
-    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
-}
-elsif ( -f "..\\out32dll\\openssl.exe" ) {
-    $ossl_path = "..\\out32dll\\openssl.exe";
-}
-elsif ( -f "..\\out32\\openssl.exe" ) {
-    $ossl_path = "..\\out32\\openssl.exe";
-}
-else {
-    die "Can't find OpenSSL executable";
-}
-
-my $pk7cmd   = "$ossl_path smime ";
-my $cmscmd   = "$ossl_path cms ";
-my $smdir    = "smime-certs";
-my $halt_err = 1;
-
-my $badcmd = 0;
-my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
-
-my @smime_pkcs7_tests = (
-
-    [
-        "signed content DER format, RSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -certfile $smdir/smroot.pem"
-          . " -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed detached content DER format, RSA key",
-        "-sign -in smcont.txt -outform \"DER\""
-          . " -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, RSA",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -stream -signer $smdir/smrsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content DER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed detached content DER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\""
-          . " -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed detached content DER format, add RSA signer",
-        "-resign -inform \"DER\" -in test.cms -outform \"DER\""
-          . " -signer $smdir/smrsa1.pem -out test2.cms",
-        "-verify -in test2.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, DSA key",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -stream -signer $smdir/smdsa1.pem -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming BER format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
-        "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "enveloped content test streaming S/MIME format, 3 recipients",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, 3 recipients, key only used",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
-        "-encrypt -in smcont.txt"
-          . " -aes256 -stream -out test.cms"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-);
-
-my @smime_cms_tests = (
-
-    [
-        "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
-        "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform \"DER\" "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
-        "-sign -in smcont.txt -outform PEM -nodetach"
-          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
-          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
-          . " -stream -out test.cms",
-        "-verify -in test.cms -inform PEM "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed content MIME format, RSA key, signed receipt request",
-        "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
-          . " -receipt_request_to test\@openssl.org -receipt_request_all"
-          . " -out test.cms",
-        "-verify -in test.cms "
-          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
-    ],
-
-    [
-        "signed receipt MIME format, RSA key",
-        "-sign_receipt -in test.cms"
-          . " -signer $smdir/smrsa2.pem"
-          . " -out test2.cms",
-        "-verify_receipt test2.cms -in test.cms"
-          . " \"-CAfile\" $smdir/smroot.pem"
-    ],
-
-    [
-        "enveloped content test streaming S/MIME format, 3 recipients, keyid",
-        "-encrypt -in smcont.txt"
-          . " -stream -out test.cms -keyid"
-          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
-        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
-    ],
-
-    [
-        "enveloped content test streaming PEM format, KEK",
-        "-encrypt -in smcont.txt -outform PEM -aes128"
-          . " -stream -out test.cms "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0",
-        "-decrypt -in test.cms -out smtst.txt -inform PEM"
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0"
-    ],
-
-    [
-        "enveloped content test streaming PEM format, KEK, key only",
-        "-encrypt -in smcont.txt -outform PEM -aes128"
-          . " -stream -out test.cms "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-          . " -secretkeyid C0FEE0",
-        "-decrypt -in test.cms -out smtst.txt -inform PEM"
-          . " -secretkey 000102030405060708090A0B0C0D0E0F "
-    ],
-
-    [
-        "data content test streaming PEM format",
-        "-data_create -in smcont.txt -outform PEM -nodetach"
-          . " -stream -out test.cms",
-        "-data_out -in test.cms -inform PEM -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 128 bit RC2 key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 40 bit RC2 key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -rc2 -secretkey 0001020304"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 0001020304 -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, triple DES key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
-          . " -out smtst.txt"
-    ],
-
-    [
-        "encrypted content test streaming PEM format, 128 bit AES key",
-        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
-          . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
-          . " -stream -out test.cms",
-        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
-          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
-    ],
-
-);
-
-my @smime_cms_comp_tests = (
-
-    [
-        "compressed content test streaming PEM format",
-        "-compress -in smcont.txt -outform PEM -nodetach"
-          . " -stream -out test.cms",
-        "-uncompress -in test.cms -inform PEM -out smtst.txt"
-    ]
-
-);
-
-print "CMS => PKCS#7 compatibility tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
-
-print "CMS <= PKCS#7 compatibility tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
-
-print "CMS <=> CMS consistency tests\n";
-
-run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
-run_smime_tests( \$badcmd, \@smime_cms_tests,   $cmscmd, $cmscmd );
-
-if ( `$ossl_path version -f` =~ /ZLIB/ ) {
-    run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
-}
-else {
-    print "Zlib not supported: compression tests skipped\n";
-}
-
-print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
-
-if ($badcmd) {
-    print "$badcmd TESTS FAILED!!\n";
-}
-else {
-    print "ALL TESTS SUCCESSFUL.\n";
-}
-
-unlink "test.cms";
-unlink "test2.cms";
-unlink "smtst.txt";
-unlink "cms.out";
-unlink "cms.err";
-
-sub run_smime_tests {
-    my ( $rv, $aref, $scmd, $vcmd ) = @_;
-
-    foreach $smtst (@$aref) {
-        my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
-	if ($ossl8)
-		{
-		# Skip smime resign: 0.9.8 smime doesn't support -resign	
-		next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
-		# Disable streaming: option not supported in 0.9.8
-		$tnam =~ s/streaming//;	
-		$rscmd =~ s/-stream//;	
-		$rvcmd =~ s/-stream//;
-		}
-        system("$scmd$rscmd$redir");
-        if ($?) {
-            print "$tnam: generation error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-        }
-        system("$vcmd$rvcmd$redir");
-        if ($?) {
-            print "$tnam: verify error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-        }
-	if (!cmp_files("smtst.txt", "smcont.txt")) {
-            print "$tnam: content verify error\n";
-            $$rv++;
-            exit 1 if $halt_err;
-            next;
-	}
-        print "$tnam: OK\n";
-    }
-}
-
-sub cmp_files {
-    use FileHandle;
-    my ( $f1, $f2 ) = @_;
-    my $fp1 = FileHandle->new();
-    my $fp2 = FileHandle->new();
-
-    my ( $rd1, $rd2 );
-
-    if ( !open( $fp1, "<$f1" ) ) {
-        print STDERR "Can't Open file $f1\n";
-        return 0;
-    }
-
-    if ( !open( $fp2, "<$f2" ) ) {
-        print STDERR "Can't Open file $f2\n";
-        return 0;
-    }
-
-    binmode $fp1;
-    binmode $fp2;
-
-    my $ret = 0;
-
-    for ( ; ; ) {
-        $n1 = sysread $fp1, $rd1, 4096;
-        $n2 = sysread $fp2, $rd2, 4096;
-        last if ( $n1 != $n2 );
-        last if ( $rd1 ne $rd2 );
-
-        if ( $n1 == 0 ) {
-            $ret = 1;
-            last;
-        }
-
-    }
-
-    close $fp1;
-    close $fp2;
-
-    return $ret;
-
-}
-
diff --git a/lib/libssl/src/test/methtest.c b/lib/libssl/src/test/methtest.c
deleted file mode 100644
index 1e65ccf99cc..00000000000
--- a/lib/libssl/src/test/methtest.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* $OpenBSD: methtest.c,v 1.4 2014/06/12 15:49:31 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include "meth.h"
-#include <openssl/err.h>
-
-int main(argc,argv)
-int argc;
-char *argv[];
-	{
-	METHOD_CTX *top,*tmp1,*tmp2;
-
-	top=METH_new(x509_lookup()); /* get a top level context */
-	if (top == NULL) goto err;
-
-	tmp1=METH_new(x509_by_file());
-	if (top == NULL) goto err;
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
-	METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
-
-	tmp2=METH_new(x509_by_dir());
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
-	METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
-	METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
-	METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
-
-/*	tmp=METH_new(x509_by_issuer_dir);
-	METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-
-	tmp=METH_new(x509_by_issuer_primary);
-	METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
-	METH_push(top,METH_X509_BY_ISSUER,tmp);
-*/
-
-	METH_init(top);
-	METH_control(tmp1,METH_CONTROL_DUMP,stdout);
-	METH_control(tmp2,METH_CONTROL_DUMP,stdout);
-	EXIT(0);
-err:
-	ERR_load_crypto_strings();
-	ERR_print_errors_fp(stderr);
-	EXIT(1);
-	return(0);
-	}
diff --git a/lib/libssl/src/test/pkcs7-1.pem b/lib/libssl/src/test/pkcs7-1.pem
deleted file mode 100644
index c47b27af889..00000000000
--- a/lib/libssl/src/test/pkcs7-1.pem
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN PKCS7-----
-MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
-SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
-AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
-eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
-MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
-bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
-ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
-FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
-9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
-BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
-bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
-BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
-j7Kie1x339mxW/w9VZNTUDQQweHh
------END PKCS7-----
diff --git a/lib/libssl/src/test/pkcs7.pem b/lib/libssl/src/test/pkcs7.pem
deleted file mode 100644
index d55c60b94e1..00000000000
--- a/lib/libssl/src/test/pkcs7.pem
+++ /dev/null
@@ -1,54 +0,0 @@
-     MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
-     AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
-     EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
-     cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
-     ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
-     MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
-     c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
-     bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
-     CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
-     Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
-     CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
-     ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
-     l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
-     HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
-     Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
-     c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
-     YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
-     dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
-     dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
-     LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
-     ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
-     biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
-     IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
-     AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-     L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
-     HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
-     slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
-     ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
-     /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
-     aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
-     ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
-     OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
-     MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
-     Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
-     qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
-     sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
-     P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
-     A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
-     KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
-     Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
-     Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
-     hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
-     Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
-     dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
-     KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
-     dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
-     I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
-     ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
-     ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
-     ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
-     MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
-     /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
-     DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
-     b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/lib/libssl/src/test/pkits-test.pl b/lib/libssl/src/test/pkits-test.pl
deleted file mode 100644
index 5c6b89fcdb0..00000000000
--- a/lib/libssl/src/test/pkits-test.pl
+++ /dev/null
@@ -1,949 +0,0 @@
-# test/pkits-test.pl
-# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
-# project.
-#
-# ====================================================================
-# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-#
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in
-#    the documentation and/or other materials provided with the
-#    distribution.
-#
-# 3. All advertising materials mentioning features or use of this
-#    software must display the following acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
-#
-# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-#    endorse or promote products derived from this software without
-#    prior written permission. For written permission, please contact
-#    licensing@OpenSSL.org.
-#
-# 5. Products derived from this software may not be called "OpenSSL"
-#    nor may "OpenSSL" appear in their names without prior written
-#    permission of the OpenSSL Project.
-#
-# 6. Redistributions of any form whatsoever must retain the following
-#    acknowledgment:
-#    "This product includes software developed by the OpenSSL Project
-#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
-#
-# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-# OF THE POSSIBILITY OF SUCH DAMAGE.
-# ====================================================================
-
-# Perl utility to run PKITS tests for RFC3280 compliance. 
-
-my $ossl_path;
-
-if ( -f "../apps/openssl" ) {
-    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
-}
-elsif ( -f "..\\out32dll\\openssl.exe" ) {
-    $ossl_path = "..\\out32dll\\openssl.exe";
-}
-elsif ( -f "..\\out32\\openssl.exe" ) {
-    $ossl_path = "..\\out32\\openssl.exe";
-}
-else {
-    die "Can't find OpenSSL executable";
-}
-
-my $pkitsdir = "pkits/smime";
-my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
-
-die "Can't find PKITS test data" if !-d $pkitsdir;
-
-my $nist1 = "2.16.840.1.101.3.2.1.48.1";
-my $nist2 = "2.16.840.1.101.3.2.1.48.2";
-my $nist3 = "2.16.840.1.101.3.2.1.48.3";
-my $nist4 = "2.16.840.1.101.3.2.1.48.4";
-my $nist5 = "2.16.840.1.101.3.2.1.48.5";
-my $nist6 = "2.16.840.1.101.3.2.1.48.6";
-
-my $apolicy = "X509v3 Any Policy";
-
-# This table contains the chapter headings of the accompanying PKITS
-# document. They provide useful informational output and their names
-# can be converted into the filename to test.
-
-my @testlists = (
-    [ "4.1", "Signature Verification" ],
-    [ "4.1.1", "Valid Signatures Test1",                        0 ],
-    [ "4.1.2", "Invalid CA Signature Test2",                    7 ],
-    [ "4.1.3", "Invalid EE Signature Test3",                    7 ],
-    [ "4.1.4", "Valid DSA Signatures Test4",                    0 ],
-    [ "4.1.5", "Valid DSA Parameter Inheritance Test5",         0 ],
-    [ "4.1.6", "Invalid DSA Signature Test6",                   7 ],
-    [ "4.2",   "Validity Periods" ],
-    [ "4.2.1", "Invalid CA notBefore Date Test1",               9 ],
-    [ "4.2.2", "Invalid EE notBefore Date Test2",               9 ],
-    [ "4.2.3", "Valid pre2000 UTC notBefore Date Test3",        0 ],
-    [ "4.2.4", "Valid GeneralizedTime notBefore Date Test4",    0 ],
-    [ "4.2.5", "Invalid CA notAfter Date Test5",                10 ],
-    [ "4.2.6", "Invalid EE notAfter Date Test6",                10 ],
-    [ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7",    10 ],
-    [ "4.2.8", "Valid GeneralizedTime notAfter Date Test8",     0 ],
-    [ "4.3",   "Verifying Name Chaining" ],
-    [ "4.3.1", "Invalid Name Chaining EE Test1",                20 ],
-    [ "4.3.2", "Invalid Name Chaining Order Test2",             20 ],
-    [ "4.3.3", "Valid Name Chaining Whitespace Test3",          0 ],
-    [ "4.3.4", "Valid Name Chaining Whitespace Test4",          0 ],
-    [ "4.3.5", "Valid Name Chaining Capitalization Test5",      0 ],
-    [ "4.3.6", "Valid Name Chaining UIDs Test6",                0 ],
-    [ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
-    [ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8",  0 ],
-    [ "4.3.9", "Valid UTF8String Encoded Names Test9",          0 ],
-    [ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
-    [ "4.3.11", "Valid UTF8String Case Insensitive Match Test11",           0 ],
-    [ "4.4",    "Basic Certificate Revocation Tests" ],
-    [ "4.4.1",  "Missing CRL Test1",                                        3 ],
-    [ "4.4.2", "Invalid Revoked CA Test2",          23 ],
-    [ "4.4.3", "Invalid Revoked EE Test3",          23 ],
-    [ "4.4.4", "Invalid Bad CRL Signature Test4",   8 ],
-    [ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
-    [ "4.4.6", "Invalid Wrong CRL Test6",           3 ],
-    [ "4.4.7", "Valid Two CRLs Test7",              0 ],
-
-    # The test document suggests these should return certificate revoked...
-    # Subsquent discussion has concluded they should not due to unhandle
-    # critical CRL extensions.
-    [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
-    [ "4.4.9", "Invalid Unknown CRL Extension Test9",       36 ],
-
-    [ "4.4.10", "Invalid Unknown CRL Extension Test10",             36 ],
-    [ "4.4.11", "Invalid Old CRL nextUpdate Test11",                12 ],
-    [ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12",            12 ],
-    [ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13",      0 ],
-    [ "4.4.14", "Valid Negative Serial Number Test14",              0 ],
-    [ "4.4.15", "Invalid Negative Serial Number Test15",            23 ],
-    [ "4.4.16", "Valid Long Serial Number Test16",                  0 ],
-    [ "4.4.17", "Valid Long Serial Number Test17",                  0 ],
-    [ "4.4.18", "Invalid Long Serial Number Test18",                23 ],
-    [ "4.4.19", "Valid Separate Certificate and CRL Keys Test19",   0 ],
-    [ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
-
-    # CRL path is revoked so get a CRL path validation error
-    [ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21",      54 ],
-    [ "4.5",    "Verifying Paths with Self-Issued Certificates" ],
-    [ "4.5.1",  "Valid Basic Self-Issued Old With New Test1",            0 ],
-    [ "4.5.2",  "Invalid Basic Self-Issued Old With New Test2",          23 ],
-    [ "4.5.3",  "Valid Basic Self-Issued New With Old Test3",            0 ],
-    [ "4.5.4",  "Valid Basic Self-Issued New With Old Test4",            0 ],
-    [ "4.5.5",  "Invalid Basic Self-Issued New With Old Test5",          23 ],
-    [ "4.5.6",  "Valid Basic Self-Issued CRL Signing Key Test6",         0 ],
-    [ "4.5.7",  "Invalid Basic Self-Issued CRL Signing Key Test7",       23 ],
-    [ "4.5.8",  "Invalid Basic Self-Issued CRL Signing Key Test8",       20 ],
-    [ "4.6",    "Verifying Basic Constraints" ],
-    [ "4.6.1",  "Invalid Missing basicConstraints Test1",                24 ],
-    [ "4.6.2",  "Invalid cA False Test2",                                24 ],
-    [ "4.6.3",  "Invalid cA False Test3",                                24 ],
-    [ "4.6.4",  "Valid basicConstraints Not Critical Test4",             0 ],
-    [ "4.6.5",  "Invalid pathLenConstraint Test5",                       25 ],
-    [ "4.6.6",  "Invalid pathLenConstraint Test6",                       25 ],
-    [ "4.6.7",  "Valid pathLenConstraint Test7",                         0 ],
-    [ "4.6.8",  "Valid pathLenConstraint Test8",                         0 ],
-    [ "4.6.9",  "Invalid pathLenConstraint Test9",                       25 ],
-    [ "4.6.10", "Invalid pathLenConstraint Test10",                      25 ],
-    [ "4.6.11", "Invalid pathLenConstraint Test11",                      25 ],
-    [ "4.6.12", "Invalid pathLenConstraint Test12",                      25 ],
-    [ "4.6.13", "Valid pathLenConstraint Test13",                        0 ],
-    [ "4.6.14", "Valid pathLenConstraint Test14",                        0 ],
-    [ "4.6.15", "Valid Self-Issued pathLenConstraint Test15",            0 ],
-    [ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16",          25 ],
-    [ "4.6.17", "Valid Self-Issued pathLenConstraint Test17",            0 ],
-    [ "4.7",    "Key Usage" ],
-    [ "4.7.1",  "Invalid keyUsage Critical keyCertSign False Test1",     20 ],
-    [ "4.7.2",  "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
-    [ "4.7.3",  "Valid keyUsage Not Critical Test3",                     0 ],
-    [ "4.7.4",  "Invalid keyUsage Critical cRLSign False Test4",         35 ],
-    [ "4.7.5",  "Invalid keyUsage Not Critical cRLSign False Test5",     35 ],
-
-    # Certificate policy tests need special handling. They can have several
-    # sub tests and we need to check the outputs are correct.
-
-    [ "4.8", "Certificate Policies" ],
-    [
-        "4.8.1.1",
-        "All Certificates Same Policy Test1",
-        "-policy anyPolicy -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.1.2",
-        "All Certificates Same Policy Test1",
-        "-policy $nist1 -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.1.3",
-        "All Certificates Same Policy Test1",
-        "-policy $nist2 -explicit_policy",
-        "True", $nist1, "<empty>", 43
-    ],
-    [
-        "4.8.1.4",
-        "All Certificates Same Policy Test1",
-        "-policy $nist1 -policy $nist2 -explicit_policy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.2.1",
-        "All Certificates No Policies Test2",
-        "-policy anyPolicy",
-        "False", "<empty>", "<empty>", 0
-    ],
-    [
-        "4.8.2.2",
-        "All Certificates No Policies Test2",
-        "-policy anyPolicy -explicit_policy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.3.1",
-        "Different Policies Test3",
-        "-policy anyPolicy",
-        "False", "<empty>", "<empty>", 0
-    ],
-    [
-        "4.8.3.2",
-        "Different Policies Test3",
-        "-policy anyPolicy -explicit_policy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.3.3",
-        "Different Policies Test3",
-        "-policy $nist1 -policy $nist2 -explicit_policy",
-        "True", "<empty>", "<empty>", 43
-    ],
-
-    [
-        "4.8.4",
-        "Different Policies Test4",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.5",
-        "Different Policies Test5",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.6.1",
-        "Overlapping Policies Test6",
-        "-policy anyPolicy",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.6.2",
-        "Overlapping Policies Test6",
-        "-policy $nist1",
-        "True", $nist1, $nist1, 0
-    ],
-    [
-        "4.8.6.3",
-        "Overlapping Policies Test6",
-        "-policy $nist2",
-        "True", $nist1, "<empty>", 43
-    ],
-    [
-        "4.8.7",
-        "Different Policies Test7",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.8",
-        "Different Policies Test8",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.9",
-        "Different Policies Test9",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.10.1",
-        "All Certificates Same Policies Test10",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-    [
-        "4.8.10.2",
-        "All Certificates Same Policies Test10",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.8.10.3",
-        "All Certificates Same Policies Test10",
-        "-policy anyPolicy",
-        "True", "$nist1:$nist2", "$nist1:$nist2", 0
-    ],
-    [
-        "4.8.11.1",
-        "All Certificates AnyPolicy Test11",
-        "-policy anyPolicy",
-        "True", "$apolicy", "$apolicy", 0
-    ],
-    [
-        "4.8.11.2",
-        "All Certificates AnyPolicy Test11",
-        "-policy $nist1",
-        "True", "$apolicy", "$nist1", 0
-    ],
-    [
-        "4.8.12",
-        "Different Policies Test12",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.8.13.1",
-        "All Certificates Same Policies Test13",
-        "-policy $nist1",
-        "True", "$nist1:$nist2:$nist3", "$nist1", 0
-    ],
-    [
-        "4.8.13.2",
-        "All Certificates Same Policies Test13",
-        "-policy $nist2",
-        "True", "$nist1:$nist2:$nist3", "$nist2", 0
-    ],
-    [
-        "4.8.13.3",
-        "All Certificates Same Policies Test13",
-        "-policy $nist3",
-        "True", "$nist1:$nist2:$nist3", "$nist3", 0
-    ],
-    [
-        "4.8.14.1",       "AnyPolicy Test14",
-        "-policy $nist1", "True",
-        "$nist1",         "$nist1",
-        0
-    ],
-    [
-        "4.8.14.2",       "AnyPolicy Test14",
-        "-policy $nist2", "True",
-        "$nist1",         "<empty>",
-        43
-    ],
-    [
-        "4.8.15",
-        "User Notice Qualifier Test15",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.16",
-        "User Notice Qualifier Test16",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.17",
-        "User Notice Qualifier Test17",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.18.1",
-        "User Notice Qualifier Test18",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-    [
-        "4.8.18.2",
-        "User Notice Qualifier Test18",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.8.19",
-        "User Notice Qualifier Test19",
-        "-policy anyPolicy",
-        "False", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.8.20",
-        "CPS Pointer Qualifier Test20",
-        "-policy anyPolicy -explicit_policy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [ "4.9", "Require Explicit Policy" ],
-    [
-        "4.9.1",
-        "Valid RequireExplicitPolicy Test1",
-        "-policy anyPolicy",
-        "False", "<empty>", "<empty>", 0
-    ],
-    [
-        "4.9.2",
-        "Valid RequireExplicitPolicy Test2",
-        "-policy anyPolicy",
-        "False", "<empty>", "<empty>", 0
-    ],
-    [
-        "4.9.3",
-        "Invalid RequireExplicitPolicy Test3",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.9.4",
-        "Valid RequireExplicitPolicy Test4",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.9.5",
-        "Invalid RequireExplicitPolicy Test5",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.9.6",
-        "Valid Self-Issued requireExplicitPolicy Test6",
-        "-policy anyPolicy",
-        "False", "<empty>", "<empty>", 0
-    ],
-    [
-        "4.9.7",
-        "Invalid Self-Issued requireExplicitPolicy Test7",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.9.8",
-        "Invalid Self-Issued requireExplicitPolicy Test8",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [ "4.10", "Policy Mappings" ],
-    [
-        "4.10.1.1",
-        "Valid Policy Mapping Test1",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.1.2",
-        "Valid Policy Mapping Test1",
-        "-policy $nist2",
-        "True", "$nist1", "<empty>", 43
-    ],
-    [
-        "4.10.1.3",
-        "Valid Policy Mapping Test1",
-        "-policy anyPolicy -inhibit_map",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.10.2.1",
-        "Invalid Policy Mapping Test2",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.10.2.2",
-        "Invalid Policy Mapping Test2",
-        "-policy anyPolicy -inhibit_map",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.10.3.1",
-        "Valid Policy Mapping Test3",
-        "-policy $nist1",
-        "True", "$nist2", "<empty>", 43
-    ],
-    [
-        "4.10.3.2",
-        "Valid Policy Mapping Test3",
-        "-policy $nist2",
-        "True", "$nist2", "$nist2", 0
-    ],
-    [
-        "4.10.4",
-        "Invalid Policy Mapping Test4",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.10.5.1",
-        "Valid Policy Mapping Test5",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.5.2",
-        "Valid Policy Mapping Test5",
-        "-policy $nist6",
-        "True", "$nist1", "<empty>", 43
-    ],
-    [
-        "4.10.6.1",
-        "Valid Policy Mapping Test6",
-        "-policy $nist1",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.6.2",
-        "Valid Policy Mapping Test6",
-        "-policy $nist6",
-        "True", "$nist1", "<empty>", 43
-    ],
-    [ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
-    [ "4.10.8", "Invalid Mapping To anyPolicy Test8",   42 ],
-    [
-        "4.10.9",
-        "Valid Policy Mapping Test9",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.10.10",
-        "Invalid Policy Mapping Test10",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.10.11",
-        "Valid Policy Mapping Test11",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.12.1",
-        "Valid Policy Mapping Test12",
-        "-policy $nist1",
-        "True", "$nist1:$nist2", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.12.2",
-        "Valid Policy Mapping Test12",
-        "-policy $nist2",
-        "True", "$nist1:$nist2", "$nist2", 0
-    ],
-    [
-        "4.10.13",
-        "Valid Policy Mapping Test13",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-
-    # TODO: check notice display
-    [
-        "4.10.14",
-        "Valid Policy Mapping Test14",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [ "4.11", "Inhibit Policy Mapping" ],
-    [
-        "4.11.1",
-        "Invalid inhibitPolicyMapping Test1",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.2",
-        "Valid inhibitPolicyMapping Test2",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.11.3",
-        "Invalid inhibitPolicyMapping Test3",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.4",
-        "Valid inhibitPolicyMapping Test4",
-        "-policy anyPolicy",
-        "True", "$nist2", "$nist2", 0
-    ],
-    [
-        "4.11.5",
-        "Invalid inhibitPolicyMapping Test5",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.6",
-        "Invalid inhibitPolicyMapping Test6",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.7",
-        "Valid Self-Issued inhibitPolicyMapping Test7",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.11.8",
-        "Invalid Self-Issued inhibitPolicyMapping Test8",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.9",
-        "Invalid Self-Issued inhibitPolicyMapping Test9",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.10",
-        "Invalid Self-Issued inhibitPolicyMapping Test10",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.11.11",
-        "Invalid Self-Issued inhibitPolicyMapping Test11",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [ "4.12", "Inhibit Any Policy" ],
-    [
-        "4.12.1",
-        "Invalid inhibitAnyPolicy Test1",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.12.2",
-        "Valid inhibitAnyPolicy Test2",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.12.3.1",
-        "inhibitAnyPolicy Test3",
-        "-policy anyPolicy",
-        "True", "$nist1", "$nist1", 0
-    ],
-    [
-        "4.12.3.2",
-        "inhibitAnyPolicy Test3",
-        "-policy anyPolicy -inhibit_any",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.12.4",
-        "Invalid inhibitAnyPolicy Test4",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.12.5",
-        "Invalid inhibitAnyPolicy Test5",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [
-        "4.12.6",
-        "Invalid inhibitAnyPolicy Test6",
-        "-policy anyPolicy",
-        "True", "<empty>", "<empty>", 43
-    ],
-    [ "4.12.7",  "Valid Self-Issued inhibitAnyPolicy Test7",      0 ],
-    [ "4.12.8",  "Invalid Self-Issued inhibitAnyPolicy Test8",    43 ],
-    [ "4.12.9",  "Valid Self-Issued inhibitAnyPolicy Test9",      0 ],
-    [ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10",   43 ],
-    [ "4.13",    "Name Constraints" ],
-    [ "4.13.1",  "Valid DN nameConstraints Test1",                0 ],
-    [ "4.13.2",  "Invalid DN nameConstraints Test2",              47 ],
-    [ "4.13.3",  "Invalid DN nameConstraints Test3",              47 ],
-    [ "4.13.4",  "Valid DN nameConstraints Test4",                0 ],
-    [ "4.13.5",  "Valid DN nameConstraints Test5",                0 ],
-    [ "4.13.6",  "Valid DN nameConstraints Test6",                0 ],
-    [ "4.13.7",  "Invalid DN nameConstraints Test7",              48 ],
-    [ "4.13.8",  "Invalid DN nameConstraints Test8",              48 ],
-    [ "4.13.9",  "Invalid DN nameConstraints Test9",              48 ],
-    [ "4.13.10", "Invalid DN nameConstraints Test10",             48 ],
-    [ "4.13.11", "Valid DN nameConstraints Test11",               0 ],
-    [ "4.13.12", "Invalid DN nameConstraints Test12",             47 ],
-    [ "4.13.13", "Invalid DN nameConstraints Test13",             47 ],
-    [ "4.13.14", "Valid DN nameConstraints Test14",               0 ],
-    [ "4.13.15", "Invalid DN nameConstraints Test15",             48 ],
-    [ "4.13.16", "Invalid DN nameConstraints Test16",             48 ],
-    [ "4.13.17", "Invalid DN nameConstraints Test17",             48 ],
-    [ "4.13.18", "Valid DN nameConstraints Test18",               0 ],
-    [ "4.13.19", "Valid Self-Issued DN nameConstraints Test19",   0 ],
-    [ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
-    [ "4.13.21", "Valid RFC822 nameConstraints Test21",           0 ],
-    [ "4.13.22", "Invalid RFC822 nameConstraints Test22",         47 ],
-    [ "4.13.23", "Valid RFC822 nameConstraints Test23",           0 ],
-    [ "4.13.24", "Invalid RFC822 nameConstraints Test24",         47 ],
-    [ "4.13.25", "Valid RFC822 nameConstraints Test25",           0 ],
-    [ "4.13.26", "Invalid RFC822 nameConstraints Test26",         48 ],
-    [ "4.13.27", "Valid DN and RFC822 nameConstraints Test27",    0 ],
-    [ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28",  47 ],
-    [ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29",  47 ],
-    [ "4.13.30", "Valid DNS nameConstraints Test30",              0 ],
-    [ "4.13.31", "Invalid DNS nameConstraints Test31",            47 ],
-    [ "4.13.32", "Valid DNS nameConstraints Test32",              0 ],
-    [ "4.13.33", "Invalid DNS nameConstraints Test33",            48 ],
-    [ "4.13.34", "Valid URI nameConstraints Test34",              0 ],
-    [ "4.13.35", "Invalid URI nameConstraints Test35",            47 ],
-    [ "4.13.36", "Valid URI nameConstraints Test36",              0 ],
-    [ "4.13.37", "Invalid URI nameConstraints Test37",            48 ],
-    [ "4.13.38", "Invalid DNS nameConstraints Test38",            47 ],
-    [ "4.14",    "Distribution Points" ],
-    [ "4.14.1",  "Valid distributionPoint Test1",                 0 ],
-    [ "4.14.2",  "Invalid distributionPoint Test2",               23 ],
-    [ "4.14.3",  "Invalid distributionPoint Test3",               44 ],
-    [ "4.14.4",  "Valid distributionPoint Test4",                 0 ],
-    [ "4.14.5",  "Valid distributionPoint Test5",                 0 ],
-    [ "4.14.6",  "Invalid distributionPoint Test6",               23 ],
-    [ "4.14.7",  "Valid distributionPoint Test7",                 0 ],
-    [ "4.14.8",  "Invalid distributionPoint Test8",               44 ],
-    [ "4.14.9",  "Invalid distributionPoint Test9",               44 ],
-    [ "4.14.10", "Valid No issuingDistributionPoint Test10",      0 ],
-    [ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11",      44 ],
-    [ "4.14.12", "Invalid onlyContainsCACerts CRL Test12",        44 ],
-    [ "4.14.13", "Valid onlyContainsCACerts CRL Test13",          0 ],
-    [ "4.14.14", "Invalid onlyContainsAttributeCerts Test14",     44 ],
-    [ "4.14.15", "Invalid onlySomeReasons Test15",                23 ],
-    [ "4.14.16", "Invalid onlySomeReasons Test16",                23 ],
-    [ "4.14.17", "Invalid onlySomeReasons Test17",                3 ],
-    [ "4.14.18", "Valid onlySomeReasons Test18",                  0 ],
-    [ "4.14.19", "Valid onlySomeReasons Test19",                  0 ],
-    [ "4.14.20", "Invalid onlySomeReasons Test20",                23 ],
-    [ "4.14.21", "Invalid onlySomeReasons Test21",                23 ],
-    [ "4.14.22", "Valid IDP with indirectCRL Test22",             0 ],
-    [ "4.14.23", "Invalid IDP with indirectCRL Test23",           23 ],
-    [ "4.14.24", "Valid IDP with indirectCRL Test24",             0 ],
-    [ "4.14.25", "Valid IDP with indirectCRL Test25",             0 ],
-    [ "4.14.26", "Invalid IDP with indirectCRL Test26",           44 ],
-    [ "4.14.27", "Invalid cRLIssuer Test27",                      3 ],
-    [ "4.14.28", "Valid cRLIssuer Test28",                        0 ],
-    [ "4.14.29", "Valid cRLIssuer Test29",                        0 ],
-
-    # Although this test is valid it has a circular dependency. As a result
-    # an attempt is made to reursively checks a CRL path and rejected due to
-    # a CRL path validation error. PKITS notes suggest this test does not
-    # need to be run due to this issue.
-    [ "4.14.30", "Valid cRLIssuer Test30",                                 54 ],
-    [ "4.14.31", "Invalid cRLIssuer Test31",                               23 ],
-    [ "4.14.32", "Invalid cRLIssuer Test32",                               23 ],
-    [ "4.14.33", "Valid cRLIssuer Test33",                                 0 ],
-    [ "4.14.34", "Invalid cRLIssuer Test34",                               23 ],
-    [ "4.14.35", "Invalid cRLIssuer Test35",                               44 ],
-    [ "4.15",    "Delta-CRLs" ],
-    [ "4.15.1",  "Invalid deltaCRLIndicator No Base Test1",                3 ],
-    [ "4.15.2",  "Valid delta-CRL Test2",                                  0 ],
-    [ "4.15.3",  "Invalid delta-CRL Test3",                                23 ],
-    [ "4.15.4",  "Invalid delta-CRL Test4",                                23 ],
-    [ "4.15.5",  "Valid delta-CRL Test5",                                  0 ],
-    [ "4.15.6",  "Invalid delta-CRL Test6",                                23 ],
-    [ "4.15.7",  "Valid delta-CRL Test7",                                  0 ],
-    [ "4.15.8",  "Valid delta-CRL Test8",                                  0 ],
-    [ "4.15.9",  "Invalid delta-CRL Test9",                                23 ],
-    [ "4.15.10", "Invalid delta-CRL Test10",                               12 ],
-    [ "4.16",    "Private Certificate Extensions" ],
-    [ "4.16.1",  "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
-    [ "4.16.2",  "Invalid Unknown Critical Certificate Extension Test2",   34 ],
-);
-
-
-my $verbose = 1;
-
-my $numtest = 0;
-my $numfail = 0;
-
-my $ossl = "ossl/apps/openssl";
-
-my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
-$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
-
-# Check for expiry of trust anchor
-system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0";
-if ($? == 256)
-	{
-	print STDERR "WARNING: using older expired data\n";
-	$ossl_cmd .= "-attime 1291940972 ";
-	}
-
-$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
-
-system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
-
-die "Can't create trust anchor file" if $?;
-
-print "Running PKITS tests:\n" if $verbose;
-
-foreach (@testlists) {
-    my $argnum = @$_;
-    if ( $argnum == 2 ) {
-        my ( $tnum, $title ) = @$_;
-        print "$tnum $title\n" if $verbose;
-    }
-    elsif ( $argnum == 3 ) {
-        my ( $tnum, $title, $exp_ret ) = @$_;
-        my $filename = $title;
-        $exp_ret += 32 if $exp_ret;
-        $filename =~ tr/ -//d;
-        $filename = "Signed${filename}.eml";
-        if ( !-f "$pkitsdir/$filename" ) {
-            print "\"$filename\" not found\n";
-        }
-        else {
-            my $ret;
-            my $test_fail = 0;
-            my $errmsg    = "";
-            my $cmd       = $ossl_cmd;
-            $cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
-            my $cmdout = `$cmd`;
-            $ret = $? >> 8;
-            if ( $? & 0xff ) {
-                $errmsg .= "Abnormal OpenSSL termination\n";
-                $test_fail = 1;
-            }
-            if ( $exp_ret != $ret ) {
-                $errmsg .= "Return code:$ret, ";
-                $errmsg .= "expected $exp_ret\n";
-                $test_fail = 1;
-            }
-            if ($test_fail) {
-                print "$tnum $title : Failed!\n";
-                print "Filename: $pkitsdir/$filename\n";
-                print $errmsg;
-                print "Command output:\n$cmdout\n";
-                $numfail++;
-            }
-            $numtest++;
-        }
-    }
-    elsif ( $argnum == 7 ) {
-        my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
-          = @$_;
-        my $filename = $title;
-        $exp_ret += 32 if $exp_ret;
-        $filename =~ tr/ -//d;
-        $filename = "Signed${filename}.eml";
-        if ( !-f "$pkitsdir/$filename" ) {
-            print "\"$filename\" not found\n";
-        }
-        else {
-            my $ret;
-            my $cmdout    = "";
-            my $errmsg    = "";
-            my $epol      = "";
-            my $aset      = "";
-            my $uset      = "";
-            my $pol       = -1;
-            my $test_fail = 0;
-            my $cmd       = $ossl_cmd;
-            $cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
-            @oparr = `$cmd`;
-            $ret   = $? >> 8;
-
-            if ( $? & 0xff ) {
-                $errmsg .= "Abnormal OpenSSL termination\n";
-                $test_fail = 1;
-            }
-            foreach (@oparr) {
-                my $test_failed = 0;
-                $cmdout .= $_;
-                if (/^Require explicit Policy: (.*)$/) {
-                    $epol = $1;
-                }
-                if (/^Authority Policies/) {
-                    if (/empty/) {
-                        $aset = "<empty>";
-                    }
-                    else {
-                        $pol = 1;
-                    }
-                }
-                $test_fail = 1 if (/leak/i);
-                if (/^User Policies/) {
-                    if (/empty/) {
-                        $uset = "<empty>";
-                    }
-                    else {
-                        $pol = 2;
-                    }
-                }
-                if (/\s+Policy: (.*)$/) {
-                    if ( $pol == 1 ) {
-                        $aset .= ":" if $aset ne "";
-                        $aset .= $1;
-                    }
-                    elsif ( $pol == 2 ) {
-                        $uset .= ":" if $uset ne "";
-                        $uset .= $1;
-                    }
-                }
-            }
-
-            if ( $epol ne $exp_epol ) {
-                $errmsg .= "Explicit policy:$epol, ";
-                $errmsg .= "expected $exp_epol\n";
-                $test_fail = 1;
-            }
-            if ( $aset ne $exp_aset ) {
-                $errmsg .= "Authority policy set :$aset, ";
-                $errmsg .= "expected $exp_aset\n";
-                $test_fail = 1;
-            }
-            if ( $uset ne $exp_uset ) {
-                $errmsg .= "User policy set :$uset, ";
-                $errmsg .= "expected $exp_uset\n";
-                $test_fail = 1;
-            }
-
-            if ( $exp_ret != $ret ) {
-                print "Return code:$ret, expected $exp_ret\n";
-                $test_fail = 1;
-            }
-
-            if ($test_fail) {
-                print "$tnum $title : Failed!\n";
-                print "Filename: $pkitsdir/$filename\n";
-                print "Command output:\n$cmdout\n";
-                $numfail++;
-            }
-            $numtest++;
-        }
-    }
-}
-
-if ($numfail) {
-    print "$numfail tests failed out of $numtest\n";
-}
-else {
-    print "All Tests Successful.\n";
-}
-
-unlink "pkitsta.pem";
-
diff --git a/lib/libssl/src/test/r160test.c b/lib/libssl/src/test/r160test.c
deleted file mode 100644
index 0aadcdac161..00000000000
--- a/lib/libssl/src/test/r160test.c
+++ /dev/null
@@ -1,57 +0,0 @@
-/* $OpenBSD: r160test.c,v 1.2 2014/06/12 15:49:31 deraadt Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
diff --git a/lib/libssl/src/test/smcont.txt b/lib/libssl/src/test/smcont.txt
deleted file mode 100644
index e837c0b75b6..00000000000
--- a/lib/libssl/src/test/smcont.txt
+++ /dev/null
@@ -1 +0,0 @@
-Some test content for OpenSSL CMS
-\ No newline at end of file
diff --git a/lib/libssl/src/test/smime-certs/smdsa1.pem b/lib/libssl/src/test/smime-certs/smdsa1.pem
deleted file mode 100644
index d5677dbfbec..00000000000
--- a/lib/libssl/src/test/smime-certs/smdsa1.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGATQlPPF+OeU8nu3rsdXGDiZdJzOkuCce3KQfTABA9C+Dk4CVcvBdd
-YRLGpnykumkNTO1sTO+4/Gphsuje1ujK9td4UEhdYqylCe5QjEMrszDlJtelDQF9
-C0yhdjKGTP0kxofLhsGckcuQvcKEKffT2pDDKJIy4vWQO0UyJl1vjLcCFG2uiGGx
-9fMUZq1v0ePD4Wo0Xkxo
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsWMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBN
-CU88X455Tye7eux1cYOJl0nM6S4Jx7cpB9MAED0L4OTgJVy8F11hEsamfKS6aQ1M
-7WxM77j8amGy6N7W6Mr213hQSF1irKUJ7lCMQyuzMOUm16UNAX0LTKF2MoZM/STG
-h8uGwZyRy5C9woQp99PakMMokjLi9ZA7RTImXW+Mt6OBgzCBgDAdBgNVHQ4EFgQU
-4Qfbhpi5yqXaXuCLXj427mR25MkwHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2ExQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBAFrdUzKK1pWO
-kd02S423KUBc4GWWyiGlVoEO7WxVhHLJ8sm67X7OtJOwe0UGt+Nc5qLtyJYSirw8
-phjiTdNpQCTJ8+Kc56tWkJ6H7NAI4vTJtPL5BM/EmeYrVSU9JI9xhqpyKw9IBD+n
-hRJ79W9FaiJRvaAOX+TkyTukJrxAWRyv
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smdsa2.pem b/lib/libssl/src/test/smime-certs/smdsa2.pem
deleted file mode 100644
index ef86c115d7f..00000000000
--- a/lib/libssl/src/test/smime-certs/smdsa2.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGBAIPmO8BtJ+Yac58trrPwq9b/6VW3jQTWzTLWSH84/QQdqQa+Pz3v
-It/+hHM0daNF5uls8ICsPL1aLXmRx0pHvIyb0aAzYae4T4Jv/COPDMTdKbA1uitJ
-VbkGZrm+LIrs7I9lOkb4T0vI6kL/XdOCXY1469zsqCgJ/O2ibn6mq0nWAhR716o2
-Nf8SimTZYB0/CKje6M5ufA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpTCCAw6gAwIBAgIJAMtotfHYdEsXMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhQACgYEA
-g+Y7wG0n5hpzny2us/Cr1v/pVbeNBNbNMtZIfzj9BB2pBr4/Pe8i3/6EczR1o0Xm
-6WzwgKw8vVoteZHHSke8jJvRoDNhp7hPgm/8I48MxN0psDW6K0lVuQZmub4siuzs
-j2U6RvhPS8jqQv9d04JdjXjr3OyoKAn87aJufqarSdajgYMwgYAwHQYDVR0OBBYE
-FHsAGNfVltSYUq4hC+YVYwsYtA+dMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcXdsab
-rWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgbAMCAGA1UdEQQZMBeB
-FXNtaW1lZHNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQCx9BtCbaYF
-FXjLClkuKXbESaDZA1biPgY25i00FsUzARuhCpqD2v+0tu5c33ZzIhL6xlvBRU5l
-6Atw/xpZhae+hdBEtxPJoGekLLrHOau7Md3XwDjV4lFgcEJkWZoaSOOIK+4D5jF0
-jZWtHjnwEzuLYlo7ScHSsbcQfjH0M1TP5A==
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smdsa3.pem b/lib/libssl/src/test/smime-certs/smdsa3.pem
deleted file mode 100644
index eeb848dabc5..00000000000
--- a/lib/libssl/src/test/smime-certs/smdsa3.pem
+++ /dev/null
@@ -1,34 +0,0 @@
------BEGIN DSA PRIVATE KEY-----
-MIIBvAIBAAKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3
-OjSGLh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqt
-GcoAgsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2J
-jt+dqk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qt
-wjqvWp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK
-+FMOGnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4Z
-SJCBQw5zAoGAYzOpPmh8Je1IDauEXhgaLz14wqYUHHcrj2VWVJ6fRm8GhdQFJSI7
-GUk08pgKZSKic2lNqxuzW7/vFxKQ/nvzfytY16b+2i+BR4Q6yvMzCebE1hHVg0Ju
-TwfUMwoFEOhYP6ZwHSUiQl9IBMH9TNJCMwYMxfY+VOrURFsjGTRUgpwCFQCIGt5g
-Y+XZd0Sv69CatDIRYWvaIA==
------END DSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDpDCCAw2gAwIBAgIJAMtotfHYdEsYMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggG3MIIBLAYHKoZIzjgEATCCAR8CgYEAxSX7
-CDziGsDDuW4sPgKGFITVcUXgTi0KLFN0L+AfJK2nNATa9zo0hi4dcGcR6oZQBNEJ
-mrE2iqI7pNtJzVnhZ3M0s+rw5dCFSRIUvFWKK+ZLfYC6rRnKAILH+IEQyLrSckA2
-jZ9yFWPPbl1FSKHsb0Hi0AwQoEDwuTvKyXagcLcCFQCtiY7fnapNO3kFBOfZKGFB
-CsjaKwKBgQCOCBKbrH/BteJAh5kbZx1zNrRuRFiQ5lukLcI6r1qdRilMeVhctbVV
-kfZ5eay9A4vpDXRDaPkpCo+4d7g7pRjiOk9JkGG1dodSCvhTDhpzqr2fHjUxNp+D
-xk6OabmetywZvkGK0LKzYlGOL2pCxUNqxCv0i8HbAxSuGUiQgUMOcwOBhAACgYBj
-M6k+aHwl7UgNq4ReGBovPXjCphQcdyuPZVZUnp9GbwaF1AUlIjsZSTTymAplIqJz
-aU2rG7Nbv+8XEpD+e/N/K1jXpv7aL4FHhDrK8zMJ5sTWEdWDQm5PB9QzCgUQ6Fg/
-pnAdJSJCX0gEwf1M0kIzBgzF9j5U6tREWyMZNFSCnKOBgzCBgDAdBgNVHQ4EFgQU
-VhpVXqQ/EzUMdxLvP7o9EhJ8h70wHwYDVR0jBBgwFoAUE89Lp7uJLrM4Vxd2xput
-aFvl7RcwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBsAwIAYDVR0RBBkwF4EV
-c21pbWVkc2EzQG9wZW5zc2wub3JnMA0GCSqGSIb3DQEBBQUAA4GBACM9e75EQa8m
-k/AZkH/tROqf3yeqijULl9x8FjFatqoY+29OM6oMGM425IqSkKd2ipz7OxO0SShu
-rE0O3edS7DvYBwvhWPviRaYBMyZ4iFJVup+fOzoYK/j/bASxS3BHQBwb2r4rhe25
-OlTyyFEk7DJyW18YFOG97S1P52oQ5f5x
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smdsap.pem b/lib/libssl/src/test/smime-certs/smdsap.pem
deleted file mode 100644
index 249706c8c77..00000000000
--- a/lib/libssl/src/test/smime-certs/smdsap.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN DSA PARAMETERS-----
-MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
-Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
-gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
-qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
-Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
-GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
-Qw5z
------END DSA PARAMETERS-----
diff --git a/lib/libssl/src/test/smime-certs/smroot.pem b/lib/libssl/src/test/smime-certs/smroot.pem
deleted file mode 100644
index a59eb2684ca..00000000000
--- a/lib/libssl/src/test/smime-certs/smroot.pem
+++ /dev/null
@@ -1,30 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDBV1Z/Q5gPF7lojc8pKUdyz5+Jf2B3vs4he6egekugWnoJduki
-9Lnae/JchB/soIX0co3nLc11NuFFlnAWJNMDJr08l5AHAJLYNHevF5l/f9oDQwvZ
-speKh1xpIAJNqCTzVeQ/ZLx6/GccIXV/xDuKIiovqJTPgR5WPkYKaw++lQIDAQAB
-AoGALXnUj5SflJU4+B2652ydMKUjWl0KnL/VjkyejgGV/j6py8Ybaixz9q8Gv7oY
-JDlRqMC1HfZJCFQDQrHy5VJ+CywA/H9WrqKo/Ch9U4tJAZtkig1Cmay/BAYixVu0
-xBeim10aKF6hxHH4Chg9We+OCuzWBWJhqveNjuDedL/i7JUCQQDlejovcwBUCbhJ
-U12qKOwlaboolWbl7yF3XdckTJZg7+1UqQHZH5jYZlLZyZxiaC92SNV0SyTLJZnS
-Jh5CO+VDAkEA16/pPcuVtMMz/R6SSPpRSIAa1stLs0mFSs3NpR4pdm0n42mu05pO
-1tJEt3a1g7zkreQBf53+Dwb+lA841EkjRwJBAIFmt0DifKDnCkBu/jZh9SfzwsH3
-3Zpzik+hXxxdA7+ODCrdUul449vDd5zQD5t+XKU61QNLDGhxv5e9XvrCg7kCQH/a
-3ldsVF0oDaxxL+QkxoREtCQ5tLEd1u7F2q6Tl56FDE0pe6Ih6bQ8RtG+g9EI60IN
-U7oTrOO5kLWx5E0q4ccCQAZVgoenn9MhRU1agKOCuM6LT2DxReTu4XztJzynej+8
-0J93n3ebanB1MlRpn1XJwhQ7gAC8ImaQKLJK5jdJzFc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICaTCCAdKgAwIBAgIJAP6VN47boiXRMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDdaFw0xNjA1MTExMzUzMDdaMEQx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRU
-ZXN0IFMvTUlNRSBSU0EgUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
-wVdWf0OYDxe5aI3PKSlHcs+fiX9gd77OIXunoHpLoFp6CXbpIvS52nvyXIQf7KCF
-9HKN5y3NdTbhRZZwFiTTAya9PJeQBwCS2DR3rxeZf3/aA0ML2bKXiodcaSACTagk
-81XkP2S8evxnHCF1f8Q7iiIqL6iUz4EeVj5GCmsPvpUCAwEAAaNjMGEwHQYDVR0O
-BBYEFBPPS6e7iS6zOFcXdsabrWhb5e0XMB8GA1UdIwQYMBaAFBPPS6e7iS6zOFcX
-dsabrWhb5e0XMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
-SIb3DQEBBQUAA4GBAIECprq5viDvnDbkyOaiSr9ubMUmWqvycfAJMdPZRKcOZczS
-l+L9R9lF3JSqbt3knOe9u6bGDBOTY2285PdCCuHRVMk2Af1f6El1fqAlRUwNqipp
-r68sWFuRqrcRNtk6QQvXfkOhrqQBuDa7te/OVQLa2lGN9Dr2mQsD8ijctatG
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smrsa1.pem b/lib/libssl/src/test/smime-certs/smrsa1.pem
deleted file mode 100644
index 2cf3148e334..00000000000
--- a/lib/libssl/src/test/smime-certs/smrsa1.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQC6A978j4pmPgUtUQqF+bjh6vdhwGOGZSD7xXgFTMjm88twfv+E
-ixkq2KXSDjD0ZXoQbdOaSbvGRQrIJpG2NGiKAFdYNrP025kCCdh5wF/aEI7KLEm7
-JlHwXpQsuj4wkMgmkFjL3Ty4Z55aNH+2pPQIa0k+ENJXm2gDuhqgBmduAwIDAQAB
-AoGBAJMuYu51aO2THyeHGwt81uOytcCbqGP7eoib62ZOJhxPRGYjpmuqX+R9/V5i
-KiwGavm63JYUx0WO9YP+uIZxm1BUATzkgkS74u5LP6ajhkZh6/Bck1oIYYkbVOXl
-JVrdENuH6U7nupznsyYgONByo+ykFPVUGmutgiaC7NMVo/MxAkEA6KLejWXdCIEn
-xr7hGph9NlvY9xuRIMexRV/WrddcFfCdjI1PciIupgrIkR65M9yr7atm1iU6/aRf
-KOr8rLZsSQJBAMyyXN71NsDNx4BP6rtJ/LJMP0BylznWkA7zWfGCbAYn9VhZVlSY
-Eu9Gyr7quD1ix7G3kInKVYOEEOpockBLz+sCQQCedyMmKjcQLfpMVYW8uhbAynvW
-h36qV5yXZxszO7nMcCTBsxhk5IfmLv5EbCs3+p9avCDGyoGOeUMg+kC33WORAkAg
-oUIarH4o5+SoeJTTfCzTA0KF9H5U0vYt2+73h7HOnWoHxl3zqDZEfEVvf50U8/0f
-QELDJETTbScBJtsnkq43AkEA38etvoZ2i4FJvvo7R/9gWBHVEcrGzcsCBYrNnIR1
-SZLRwHEGaiOK1wxMsWzqp7PJwL9z/M8A8DyOFBx3GPOniA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsTMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALoD3vyPimY+BS1RCoX5uOHq92HAY4ZlIPvFeAVMyObzy3B+/4SLGSrYpdIOMPRl
-ehBt05pJu8ZFCsgmkbY0aIoAV1g2s/TbmQIJ2HnAX9oQjsosSbsmUfBelCy6PjCQ
-yCaQWMvdPLhnnlo0f7ak9AhrST4Q0lebaAO6GqAGZ24DAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFE2vMvKz5jrC7Lbdg68XwZ95iL/QMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMUBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQAi
-O3GOkUl646oLnOimc36i9wxZ1tejsqs8vMjJ0Pym6Uq9FE2JoGzJ6OhB1GOsEVmj
-9cQ5UNQcRYL3cqOFtl6f4Dpu/lhzfbaqgmLjv29G1mS0uuTZrixhlyCXjwcbOkNC
-I/+wvHHENYIK5+T/79M9LaZ2Qk4F9MNE1VMljdz9Qw==
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smrsa2.pem b/lib/libssl/src/test/smime-certs/smrsa2.pem
deleted file mode 100644
index d41f69c82f6..00000000000
--- a/lib/libssl/src/test/smime-certs/smrsa2.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQCwBfryW4Vu5U9wNIDKspJO/N9YF4CcTlrCUyzVlKgb+8urHlSe
-59i5verR9IOCCXkemjOzZ/3nALTGqYZlnEvHp0Rjk+KdKXnKBIB+SRPpeu3LcXMT
-WPgsThPa0UQxedNKG0g6aG+kLhsDlFBCoxd09jJtSpb9jmroJOq0ZYEHLwIDAQAB
-AoGAKa/w4677Je1W5+r3SYoLDnvi5TkDs4D3C6ipKJgBTEdQz+DqB4w/DpZE4551
-+rkFn1LDxcxuHGRVa+tAMhZW97fwq9YUbjVZEyOz79qrX+BMyl/NbHkf1lIKDo3q
-dWalzQvop7nbzeLC+VmmviwZfLQUbA61AQl3jm4dswT4XykCQQDloDadEv/28NTx
-bvvywvyGuvJkCkEIycm4JrIInvwsd76h/chZ3oymrqzc7hkEtK6kThqlS5y+WXl6
-QzPruTKTAkEAxD2ro/VUoN+scIVaLmn0RBmZ67+9Pdn6pNSfjlK3s0T0EM6/iUWS
-M06l6L9wFS3/ceu1tIifsh9BeqOGTa+udQJARIFnybTBaIqw/NZ/lA1YCVn8tpvY
-iyaoZ6gjtS65TQrsdKeh/i3HCHNUXxUpoZ3F/H7QtD+6o49ODou+EbVOwQJAVmex
-A2gp8wuJKaINqxIL81AybZLnCCzKJ3lXJ5tUNyLNM/lUbGStktm2Q1zHRQwTxV07
-jFn7trn8YrtNjzcjYQJAUKIJRt38A8Jw3HoPT+D0WS2IgxjVL0eYGsZX1lyeammG
-6rfnQ3u5uP7mEK2EH2o8mDUpAE0gclWBU9UkKxJsGA==
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsUMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDhaFw0xNjA1MTAxMzUzMDhaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALAF+vJbhW7lT3A0gMqykk7831gXgJxOWsJTLNWUqBv7y6seVJ7n2Lm96tH0g4IJ
-eR6aM7Nn/ecAtMaphmWcS8enRGOT4p0pecoEgH5JE+l67ctxcxNY+CxOE9rRRDF5
-00obSDpob6QuGwOUUEKjF3T2Mm1Klv2Oaugk6rRlgQcvAgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFIL/u+mEvaw7RuKLRuElfVkxSQjYMB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhMkBvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQC2
-rXR5bm/9RtOMQPleNpd3y6uUX3oy+0CafK5Yl3PMnItjjnKJ0l1/DbLbDj2twehe
-ewaB8CROcBCA3AMLSmGvPKgUCFMGtWam3328M4fBHzon5ka7qDXzM+imkAly/Yx2
-YNdR/aNOug+5sXygHmTSKqiCpQjOIClzXoPVVeEVHw==
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/smime-certs/smrsa3.pem b/lib/libssl/src/test/smime-certs/smrsa3.pem
deleted file mode 100644
index c8cbe55151e..00000000000
--- a/lib/libssl/src/test/smime-certs/smrsa3.pem
+++ /dev/null
@@ -1,31 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQC6syTZtZNe1hRScFc4PUVyVLsr7+C1HDIZnOHmwFoLayX6RHwy
-ep/TkdwiPHnemVLuwvpSjLMLZkXy/J764kSHJrNeVl3UvmCVCOm40hAtK1+F39pM
-h8phkbPPD7i+hwq4/Vs79o46nzwbVKmzgoZBJhZ+codujUSYM3LjJ4aq+wIDAQAB
-AoGAE1Zixrnr3bLGwBMqtYSDIOhtyos59whImCaLr17U9MHQWS+mvYO98if1aQZi
-iQ/QazJ+wvYXxWJ+dEB+JvYwqrGeuAU6He/rAb4OShG4FPVU2D19gzRnaButWMeT
-/1lgXV08hegGBL7RQNaN7b0viFYMcKnSghleMP0/q+Y/oaECQQDkXEwDYJW13X9p
-ijS20ykWdY5lLknjkHRhhOYux0rlhOqsyMZjoUmwI2m0qj9yrIysKhrk4MZaM/uC
-hy0xp3hdAkEA0Uv/UY0Kwsgc+W6YxeypECtg1qCE6FBib8n4iFy/6VcWqhvE5xrs
-OdhKv9/p6aLjLneGd1sU+F8eS9LGyKIbNwJBAJPgbNzXA7uUZriqZb5qeTXxBDfj
-RLfXSHYKAKEULxz3+JvRHB9SR4yHMiFrCdExiZrHXUkPgYLSHLGG5a4824UCQD6T
-9XvhquUARkGCAuWy0/3Eqoihp/t6BWSdQ9Upviu7YUhtUxsyXo0REZB7F4pGrJx5
-GlhXgFaewgUzuUHFzlMCQCzJMMWslWpoLntnR6sMhBMhBFHSw+Y5CbxBmFrdtSkd
-VdtNO1VuDCTxjjW7W3Khj7LX4KZ1ye/5jfAgnnnXisc=
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICizCCAfSgAwIBAgIJAMtotfHYdEsVMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
-BAYTAlVLMRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDExRUZXN0IFMv
-TUlNRSBSU0EgUm9vdDAeFw0wODAyMjIxMzUzMDlaFw0xNjA1MTAxMzUzMDlaMEUx
-CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
-ZXN0IFMvTUlNRSBFRSBSU0EgIzMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
-ALqzJNm1k17WFFJwVzg9RXJUuyvv4LUcMhmc4ebAWgtrJfpEfDJ6n9OR3CI8ed6Z
-Uu7C+lKMswtmRfL8nvriRIcms15WXdS+YJUI6bjSEC0rX4Xf2kyHymGRs88PuL6H
-Crj9Wzv2jjqfPBtUqbOChkEmFn5yh26NRJgzcuMnhqr7AgMBAAGjgYMwgYAwHQYD
-VR0OBBYEFDsSFjNtYZzd0tTHafNS7tneQQj6MB8GA1UdIwQYMBaAFBPPS6e7iS6z
-OFcXdsabrWhb5e0XMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXgMCAGA1Ud
-EQQZMBeBFXNtaW1lcnNhM0BvcGVuc3NsLm9yZzANBgkqhkiG9w0BAQUFAAOBgQBE
-tUDB+1Dqigu4p1xtdq7JRK6S+gfA7RWmhz0j2scb2zhpS12h37JLHsidGeKAzZYq
-jUjOrH/j3xcV5AnuJoqImJaN23nzzxtR4qGGX2mrq6EtObzdEGgCUaizsGM+0slJ
-PYxcy8KeY/63B1BpYhj2RjGkL6HrvuAaxVORa3acoA==
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/tcrl b/lib/libssl/src/test/tcrl
deleted file mode 100644
index 055269eab8d..00000000000
--- a/lib/libssl/src/test/tcrl
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl crl'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testcrl.pem
-fi
-
-echo testing crl conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/test.cnf b/lib/libssl/src/test/test.cnf
deleted file mode 100644
index 10834442a18..00000000000
--- a/lib/libssl/src/test/test.cnf
+++ /dev/null
@@ -1,88 +0,0 @@
-#
-# SSLeay example configuration file.
-# This is mostly being used for generation of certificate requests.
-#
-
-RANDFILE		= ./.rnd
-
-####################################################################
-[ ca ]
-default_ca	= CA_default		# The default ca section
-
-####################################################################
-[ CA_default ]
-
-dir		= ./demoCA		# Where everything is kept
-certs		= $dir/certs		# Where the issued certs are kept
-crl_dir		= $dir/crl		# Where the issued crl are kept
-database	= $dir/index.txt	# database index file.
-new_certs_dir	= $dir/new_certs	# default place for new certs.
-
-certificate	= $dir/CAcert.pem 	# The CA certificate
-serial		= $dir/serial 		# The current serial number
-crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/CAkey.pem# The private key
-RANDFILE	= $dir/private/.rand	# private random number file
-
-default_days	= 365			# how long to certify for
-default_crl_days= 30			# how long before next CRL
-default_md	= md5			# which md to use.
-
-# A few difference way of specifying how similar the request should look
-# For type CA, the listed attributes must be the same, and the optional
-# and supplied fields are just that :-)
-policy		= policy_match
-
-# For the CA policy
-[ policy_match ]
-countryName		= match
-stateOrProvinceName	= match
-organizationName	= match
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-# For the 'anything' policy
-# At this point in time, you must list all acceptable 'object'
-# types.
-[ policy_anything ]
-countryName		= optional
-stateOrProvinceName	= optional
-localityName		= optional
-organizationName	= optional
-organizationalUnitName	= optional
-commonName		= supplied
-emailAddress		= optional
-
-####################################################################
-[ req ]
-default_bits		= 1024
-default_keyfile 	= testkey.pem
-distinguished_name	= req_distinguished_name
-encrypt_rsa_key		= no
-
-[ req_distinguished_name ]
-countryName			= Country Name (2 letter code)
-countryName_default		= AU
-countryName_value		= AU
-
-stateOrProvinceName		= State or Province Name (full name)
-stateOrProvinceName_default	= Queensland
-stateOrProvinceName_value	=
-
-localityName			= Locality Name (eg, city)
-localityName_value		= Brisbane
-
-organizationName		= Organization Name (eg, company)
-organizationName_default	= 
-organizationName_value		= CryptSoft Pty Ltd
-
-organizationalUnitName		= Organizational Unit Name (eg, section)
-organizationalUnitName_default	=
-organizationalUnitName_value	= .
-
-commonName			= Common Name (eg, YOUR name)
-commonName_value		= Eric Young
-
-emailAddress			= Email Address
-emailAddress_value		= eay@mincom.oz.au
diff --git a/lib/libssl/src/test/test_aesni b/lib/libssl/src/test/test_aesni
deleted file mode 100644
index e8fb63ee2bf..00000000000
--- a/lib/libssl/src/test/test_aesni
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/sh
-
-PROG=$1
-
-if [ -x $PROG ]; then
-    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
-	:
-    else
-	echo "$PROG is not OpenSSL executable"
-	exit 1
-    fi
-else
-    echo "$PROG is not executable"
-    exit 1;
-fi
-
-if $PROG engine aesni | grep -v no-aesni; then
-
-    HASH=`cat $PROG | $PROG dgst -hex`
-
-    AES_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
-		aes-128-cbc aes-192-cbc aes-256-cbc \
-		aes-128-cfb aes-192-cfb aes-256-cfb \
-		aes-128-ofb aes-192-ofb aes-256-ofb"
-    BUFSIZE="16 32 48 64 80 96 128 144 999"
-
-    nerr=0
-
-    for alg in $AES_ALGS; do
-	echo $alg
-	for bufsize in $BUFSIZE; do
-	    TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
-		$PROG enc -d -k "$HASH" -$alg | \
-		$PROG dgst -hex ) 2>/dev/null`
-	    if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg/$bufsize encrypt test failed"
-		nerr=`expr $nerr + 1`
-	    fi
-	done
-	for bufsize in $BUFSIZE; do 
-	    TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg | \
-		$PROG enc -d -k "$HASH" -$alg -bufsize $bufsize -engine aesni | \
-		$PROG dgst -hex ) 2>/dev/null`
-	    if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg/$bufsize decrypt test failed"
-		nerr=`expr $nerr + 1`
-	    fi
-	done
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -engine aesni | \
-		$PROG enc -d -k "$HASH" -$alg -engine aesni | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg en/decrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-    done
-
-    if [ $nerr -gt 0 ]; then
-	echo "AESNI engine test failed."
-	exit 1;
-    fi
-else
-    echo "AESNI engine is not available"
-fi
-
-exit 0
diff --git a/lib/libssl/src/test/test_padlock b/lib/libssl/src/test/test_padlock
deleted file mode 100755
index 5c0f21043ce..00000000000
--- a/lib/libssl/src/test/test_padlock
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/sh
-
-PROG=$1
-
-if [ -x $PROG ]; then
-    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
-	:
-    else
-	echo "$PROG is not OpenSSL executable"
-	exit 1
-    fi
-else
-    echo "$PROG is not executable"
-    exit 1;
-fi
-
-if $PROG engine padlock | grep -v no-ACE; then
-
-    HASH=`cat $PROG | $PROG dgst -hex`
-
-    ACE_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
-		aes-128-cbc aes-192-cbc aes-256-cbc \
-		aes-128-cfb aes-192-cfb aes-256-cfb \
-		aes-128-ofb aes-192-ofb aes-256-ofb"
-
-    nerr=0
-
-    for alg in $ACE_ALGS; do
-	echo $alg
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
-		$PROG enc -d -k "$HASH" -$alg | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg encrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg | \
-		$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg decrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-	TEST=`(	cat $PROG | \
-		$PROG enc -e -k "$HASH" -$alg -engine padlock | \
-		$PROG enc -d -k "$HASH" -$alg -engine padlock | \
-		$PROG dgst -hex ) 2>/dev/null`
-	if [ "$TEST" != "$HASH" ]; then
-		echo "-$alg en/decrypt test failed"
-		nerr=`expr $nerr + 1`
-	fi
-    done
-
-    if [ $nerr -gt 0 ]; then
-	echo "PadLock ACE test failed."
-	exit 1;
-    fi
-else
-    echo "PadLock ACE is not available"
-fi
-
-exit 0
diff --git a/lib/libssl/src/test/testca b/lib/libssl/src/test/testca
deleted file mode 100644
index b109cfe271f..00000000000
--- a/lib/libssl/src/test/testca
+++ /dev/null
@@ -1,51 +0,0 @@
-#!/bin/sh
-
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH="../apps\;$PATH"
-else
-    PATH="../apps:$PATH"
-fi
-export SH PATH
-
-SSLEAY_CONFIG="-config CAss.cnf"
-export SSLEAY_CONFIG
-
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-
-/bin/rm -fr demoCA
-$SH ../apps/CA.sh -newca <<EOF
-EOF
-
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-SSLEAY_CONFIG="-config Uss.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -newreq
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-
-SSLEAY_CONFIG="-config ../apps/openssl.cnf"
-export SSLEAY_CONFIG
-$SH ../apps/CA.sh -sign  <<EOF
-y
-y
-EOF
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-
-$SH ../apps/CA.sh -verify newcert.pem
-if [ $? != 0 ]; then
-	exit 1;
-fi
-
-/bin/rm -fr demoCA newcert.pem newreq.pem
-#usage: CA -newcert|-newreq|-newca|-sign|-verify
-
diff --git a/lib/libssl/src/test/testcrl.pem b/lib/libssl/src/test/testcrl.pem
deleted file mode 100644
index 09897883547..00000000000
--- a/lib/libssl/src/test/testcrl.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN X509 CRL-----
-MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
-F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
-IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
-MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
-MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
-MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
-MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
-MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
-MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
-NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
-NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
-AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
-wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
-JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
------END X509 CRL-----
diff --git a/lib/libssl/src/test/testenc b/lib/libssl/src/test/testenc
deleted file mode 100644
index f5ce7c0c457..00000000000
--- a/lib/libssl/src/test/testenc
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/sh
-
-testsrc=Makefile
-test=./p
-cmd="../util/shlib_wrap.sh ../apps/openssl"
-
-cat $testsrc >$test;
-
-echo cat
-$cmd enc < $test > $test.cipher
-$cmd enc < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-echo base64
-$cmd enc -a -e < $test > $test.cipher
-$cmd enc -a -d < $test.cipher >$test.clear
-cmp $test $test.clear
-if [ $? != 0 ]
-then
-	exit 1
-else
-	/bin/rm $test.cipher $test.clear
-fi
-
-for i in `$cmd list-cipher-commands`
-do
-	echo $i
-	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-
-	echo $i base64
-	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
-	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
-	cmp $test $test.$i.clear
-	if [ $? != 0 ]
-	then
-		exit 1
-	else
-		/bin/rm $test.$i.cipher $test.$i.clear
-	fi
-done
-rm -f $test
diff --git a/lib/libssl/src/test/testgen b/lib/libssl/src/test/testgen
deleted file mode 100644
index 524c0d134c8..00000000000
--- a/lib/libssl/src/test/testgen
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh
-
-T=testcert
-KEY=512
-CA=../certs/testca.pem
-
-/bin/rm -f $T.1 $T.2 $T.key
-
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH=../apps\;$PATH;
-else
-    PATH=../apps:$PATH;
-fi
-export PATH
-
-echo "generating certificate request"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-  echo "There should be a 2 sequences of .'s and some +'s."
-  echo "There should not be more that at most 80 per line"
-fi
-
-echo "This could take some time."
-
-rm -f testkey.pem testreq.pem
-
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
-if [ $? != 0 ]; then
-echo problems creating request
-exit 1
-fi
-
-../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
-if [ $? != 0 ]; then
-echo signature on req is wrong
-exit 1
-fi
-
-exit 0
diff --git a/lib/libssl/src/test/testp7.pem b/lib/libssl/src/test/testp7.pem
deleted file mode 100644
index e5b7866c315..00000000000
--- a/lib/libssl/src/test/testp7.pem
+++ /dev/null
@@ -1,46 +0,0 @@
------BEGIN PKCS7-----
-MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
-cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
-DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
-BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
-HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
-ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
-biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
-aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
-aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
-VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
-UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
-AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
-BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
-ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
-IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
-bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
-L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
-OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
-IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
-ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
-cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
-QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
-MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
-AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
-cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
-AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
-dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
-Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
-DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
-TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
-AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
-2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
-47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
-MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
-QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
-AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
-ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
-BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
-ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
-MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
-sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
-XfZsaiiIgotQHjEA
------END PKCS7-----
diff --git a/lib/libssl/src/test/testreq2.pem b/lib/libssl/src/test/testreq2.pem
deleted file mode 100644
index c3cdcffcbc6..00000000000
--- a/lib/libssl/src/test/testreq2.pem
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
-QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
-DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
-hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
-gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
------END CERTIFICATE REQUEST-----
diff --git a/lib/libssl/src/test/testrsa.pem b/lib/libssl/src/test/testrsa.pem
deleted file mode 100644
index aad21067a8f..00000000000
--- a/lib/libssl/src/test/testrsa.pem
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
-Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
-rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
-oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
-mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
-rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
-mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
------END RSA PRIVATE KEY-----
diff --git a/lib/libssl/src/test/testsid.pem b/lib/libssl/src/test/testsid.pem
deleted file mode 100644
index 7ffd008f666..00000000000
--- a/lib/libssl/src/test/testsid.pem
+++ /dev/null
@@ -1,12 +0,0 @@
------BEGIN SSL SESSION PARAMETERS-----
-MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
-bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
-ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
-YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
-A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
-LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
-CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
-TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
-hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
-CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
------END SSL SESSION PARAMETERS-----
diff --git a/lib/libssl/src/test/testss b/lib/libssl/src/test/testss
deleted file mode 100644
index 1a426857d31..00000000000
--- a/lib/libssl/src/test/testss
+++ /dev/null
@@ -1,163 +0,0 @@
-#!/bin/sh
-
-digest='-sha1'
-reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
-x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
-verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
-dummycnf="../apps/openssl.cnf"
-
-CAkey="keyCA.ss"
-CAcert="certCA.ss"
-CAreq="reqCA.ss"
-CAconf="CAss.cnf"
-CAreq2="req2CA.ss"	# temp
-
-Uconf="Uss.cnf"
-Ukey="keyU.ss"
-Ureq="reqU.ss"
-Ucert="certU.ss"
-
-P1conf="P1ss.cnf"
-P1key="keyP1.ss"
-P1req="reqP1.ss"
-P1cert="certP1.ss"
-P1intermediate="tmp_intP1.ss"
-
-P2conf="P2ss.cnf"
-P2key="keyP2.ss"
-P2req="reqP2.ss"
-P2cert="certP2.ss"
-P2intermediate="tmp_intP2.ss"
-
-echo
-echo "make a certificate request using 'req'"
-
-echo "string to make the random number generator think it has entropy" >> ./.rnd
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  req_new='-newkey dsa:../apps/dsa512.pem'
-else
-  req_new='-new'
-fi
-
-$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a certificate request"
-	exit 1
-fi
-echo
-echo "convert the certificate request into a self signed certificate using 'x509'"
-$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to self sign a certificate request"
-	exit 1
-fi
-
-echo
-echo "convert a certificate into a certificate request using 'x509'"
-$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' convert a certificate to a certificate request"
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq -noout
-if [ $? != 0 ]; then
-	echo first generated request is invalid
-	exit 1
-fi
-
-$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
-if [ $? != 0 ]; then
-	echo second generated request is invalid
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $CAcert
-if [ $? != 0 ]; then
-	echo first generated cert is invalid
-	exit 1
-fi
-
-echo
-echo "make a user certificate request using 'req'"
-$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a user certificate request"
-	exit 1
-fi
-
-echo
-echo "sign user certificate request with the just created CA via 'x509'"
-$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a user certificate request"
-	exit 1
-fi
-
-$verifycmd -CAfile $CAcert $Ucert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
-
-echo
-echo "make a proxy certificate request using 'req'"
-$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate a proxy certificate request"
-	exit 1
-fi
-
-echo
-echo "sign proxy certificate request with the just created user certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a proxy certificate request"
-	exit 1
-fi
-
-cat $Ucert > $P1intermediate
-$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
-
-echo
-echo "make another proxy certificate request using 'req'"
-$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'req' to generate another proxy certificate request"
-	exit 1
-fi
-
-echo
-echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
-$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
-if [ $? != 0 ]; then
-	echo "error using 'x509' to sign a second proxy certificate request"
-	exit 1
-fi
-
-cat $Ucert $P1cert > $P2intermediate
-$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
-echo
-echo "Certificate details"
-$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
-
-echo
-echo The generated CA certificate is $CAcert
-echo The generated CA private key is $CAkey
-
-echo The generated user certificate is $Ucert
-echo The generated user private key is $Ukey
-
-echo The first generated proxy certificate is $P1cert
-echo The first generated proxy private key is $P1key
-
-echo The second generated proxy certificate is $P2cert
-echo The second generated proxy private key is $P2key
-
-/bin/rm err.ss
-#/bin/rm $P1intermediate
-#/bin/rm $P2intermediate
-exit 0
diff --git a/lib/libssl/src/test/testssl b/lib/libssl/src/test/testssl
deleted file mode 100644
index 4e8542b5568..00000000000
--- a/lib/libssl/src/test/testssl
+++ /dev/null
@@ -1,178 +0,0 @@
-#!/bin/sh
-
-if [ "$1" = "" ]; then
-  key=../apps/server.pem
-else
-  key="$1"
-fi
-if [ "$2" = "" ]; then
-  cert=../apps/server.pem
-else
-  cert="$2"
-fi
-ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
-
-if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
-  dsa_cert=YES
-else
-  dsa_cert=NO
-fi
-
-if [ "$3" = "" ]; then
-  CA="-CApath ../certs"
-else
-  CA="-CAfile $3"
-fi
-
-if [ "$4" = "" ]; then
-  extra=""
-else
-  extra="$4"
-fi
-
-#############################################################################
-
-echo test sslv2
-$ssltest -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication
-$ssltest -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication
-  $ssltest -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication
-  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3
-$ssltest -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication
-$ssltest -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication
-$ssltest -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication
-$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3
-$ssltest $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication
-$ssltest -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication
-$ssltest -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2 via BIO pair
-$ssltest -bio_pair -ssl2 $extra || exit 1
-
-echo test sslv2 with server authentication via BIO pair
-$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo test sslv2 with client authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
-
-  echo test sslv2 with both client and server authentication via BIO pair
-  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
-fi
-
-echo test sslv3 via BIO pair
-$ssltest -bio_pair -ssl3 $extra || exit 1
-
-echo test sslv3 with server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
-
-echo test sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
-
-echo test sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 via BIO pair
-$ssltest $extra || exit 1
-
-if [ $dsa_cert = NO ]; then
-  echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
-  $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
-fi
-
-echo test sslv2/sslv3 with 1024bit DHE via BIO pair
-$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
-
-echo test sslv2/sslv3 with server authentication
-$ssltest -bio_pair -server_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with client authentication via BIO pair
-$ssltest -bio_pair -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair
-$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
-
-echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
-$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
-
-echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
-  echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
-    echo "Testing $cipher"
-    prot=""
-    if [ $protocol = "SSLv3" ] ; then
-      prot="-ssl3"
-    fi
-    $ssltest -cipher $cipher $prot
-    if [ $? -ne 0 ] ; then
-	  echo "Failed $cipher"
-	  exit 1
-    fi
-  done
-done
-
-#############################################################################
-
-if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-  echo skipping anonymous DH tests
-else
-  echo test tls1 with 1024bit anonymous DH, multiple handshakes
-  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
-fi
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  echo skipping RSA tests
-else
-  echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
-  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
-
-  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
-    echo skipping RSA+DHE tests
-  else
-    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
-    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
-  fi
-fi
-
-echo test tls1 with PSK
-$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
-
-echo test tls1 with PSK via BIO pair
-$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
-
-if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
-  echo skipping SRP tests
-else
-  echo test tls1 with SRP
-  $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
-
-  echo test tls1 with SRP via BIO pair
-  $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
-fi
-
-exit 0
diff --git a/lib/libssl/src/test/testsslproxy b/lib/libssl/src/test/testsslproxy
deleted file mode 100644
index 58bbda8ab7d..00000000000
--- a/lib/libssl/src/test/testsslproxy
+++ /dev/null
@@ -1,10 +0,0 @@
-#! /bin/sh
-
-echo 'Testing a lot of proxy conditions.'
-echo 'Some of them may turn out being invalid, which is fine.'
-for auth in A B C BC; do
-    for cond in A B C 'A|B&!C'; do
-	sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
-	if [ $? = 3 ]; then exit 1; fi
-    done
-done
diff --git a/lib/libssl/src/test/testtsa b/lib/libssl/src/test/testtsa
deleted file mode 100644
index bb653b5f73d..00000000000
--- a/lib/libssl/src/test/testtsa
+++ /dev/null
@@ -1,238 +0,0 @@
-#!/bin/sh
-
-#
-# A few very basic tests for the 'ts' time stamping authority command.
-#
-
-SH="/bin/sh"
-if test "$OSTYPE" = msdosdjgpp; then
-    PATH="../apps\;$PATH"
-else
-    PATH="../apps:$PATH"
-fi
-export SH PATH
-
-OPENSSL_CONF="../CAtsa.cnf"
-export OPENSSL_CONF
-# Because that's what ../apps/CA.sh really looks at
-SSLEAY_CONFIG="-config $OPENSSL_CONF"
-export SSLEAY_CONFIG
-
-OPENSSL="`pwd`/../util/opensslwrap.sh"
-export OPENSSL
-
-error () {
-
-    echo "TSA test failed!" >&2
-    exit 1
-}
-
-setup_dir () {
-
-    rm -rf tsa 2>/dev/null
-    mkdir tsa
-    cd ./tsa
-}
-
-clean_up_dir () {
-
-    cd ..
-    rm -rf tsa
-}
-
-create_ca () {
-
-    echo "Creating a new CA for the TSA tests..."
-    TSDNSECT=ts_ca_dn
-    export TSDNSECT   
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
-	-out tsaca.pem -keyout tsacakey.pem
-    test $? != 0 && error
-}
-
-create_tsa_cert () {
-
-    INDEX=$1
-    export INDEX
-    EXT=$2
-    TSDNSECT=ts_cert_dn
-    export TSDNSECT   
-
-    ../../util/shlib_wrap.sh ../../apps/openssl req -new \
-	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
-    test $? != 0 && error
-echo Using extension $EXT
-    ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
-	-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
-	-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
-	-extfile $OPENSSL_CONF -extensions $EXT
-    test $? != 0 && error
-}
-
-print_request () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
-}
-
-create_time_stamp_request1 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
-    test $? != 0 && error
-}
-
-create_time_stamp_request2 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
-	-out req2.tsq
-    test $? != 0 && error
-}
-
-create_time_stamp_request3 () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
-    test $? != 0 && error
-}
-
-print_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
-    test $? != 0 && error
-}
-
-create_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
-    test $? != 0 && error
-}
-
-time_stamp_response_token_test () {
-
-    RESPONSE2=$2.copy.tsr
-    TOKEN_DER=$2.token.der
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
-    test $? != 0 && error
-    cmp $RESPONSE2 $2
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
-    test $? != 0 && error
-}
-
-verify_time_stamp_response () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-
-verify_time_stamp_token () {
-
-    # create the token from the response first
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
-	-CAfile tsaca.pem -untrusted tsa_cert1.pem
-    test $? != 0 && error
-}
-
-verify_time_stamp_response_fail () {
-
-    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
-	-untrusted tsa_cert1.pem
-    # Checks if the verification failed, as it should have.
-    test $? = 0 && error
-    echo Ok
-}
-
-# main functions
-
-echo "Setting up TSA test directory..."
-setup_dir
-
-echo "Creating CA for TSA tests..."
-create_ca
-
-echo "Creating tsa_cert1.pem TSA server cert..."
-create_tsa_cert 1 tsa_cert
-
-echo "Creating tsa_cert2.pem non-TSA server cert..."
-create_tsa_cert 2 non_tsa_cert
-
-echo "Creating req1.req time stamp request for file testtsa..."
-create_time_stamp_request1
-
-echo "Printing req1.req..."
-print_request req1.tsq
-
-echo "Generating valid response for req1.req..."
-create_time_stamp_response req1.tsq resp1.tsr tsa_config1
-
-echo "Printing response..."
-print_response resp1.tsr
-
-echo "Verifying valid response..."
-verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
-
-echo "Verifying valid token..."
-verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
-
-# The tests below are commented out, because invalid signer certificates
-# can no longer be specified in the config file.
-
-# echo "Generating _invalid_ response for req1.req..."
-# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
-
-# echo "Printing response..."
-# print_response resp1_bad.tsr
-
-# echo "Verifying invalid response, it should fail..."
-# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
-
-echo "Creating req2.req time stamp request for file testtsa..."
-create_time_stamp_request2
-
-echo "Printing req2.req..."
-print_request req2.tsq
-
-echo "Generating valid response for req2.req..."
-create_time_stamp_response req2.tsq resp2.tsr tsa_config1
-
-echo "Checking '-token_in' and '-token_out' options with '-reply'..."
-time_stamp_response_token_test req2.tsq resp2.tsr
-
-echo "Printing response..."
-print_response resp2.tsr
-
-echo "Verifying valid response..."
-verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req1.tsq resp2.tsr
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req2.tsq resp1.tsr
-
-echo "Creating req3.req time stamp request for file CAtsa.cnf..."
-create_time_stamp_request3
-
-echo "Printing req3.req..."
-print_request req3.tsq
-
-echo "Verifying response against wrong request, it should fail..."
-verify_time_stamp_response_fail req3.tsq resp1.tsr
-
-echo "Cleaning up..."
-clean_up_dir
-
-exit 0
diff --git a/lib/libssl/src/test/testx509.pem b/lib/libssl/src/test/testx509.pem
deleted file mode 100644
index 8a85d14964f..00000000000
--- a/lib/libssl/src/test/testx509.pem
+++ /dev/null
@@ -1,10 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
-BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
-MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
-RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
-AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
-/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
-Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
-zl9HYIMxATFyqSiD9jsx
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/times b/lib/libssl/src/test/times
deleted file mode 100644
index 6b66eb342e6..00000000000
--- a/lib/libssl/src/test/times
+++ /dev/null
@@ -1,113 +0,0 @@
-
-More number for the questions about SSL overheads....
-
-The following numbers were generated on a Pentium pro 200, running Linux.
-They give an indication of the SSL protocol and encryption overheads.
-
-The program that generated them is an unreleased version of ssl/ssltest.c
-which is the SSLeay ssl protocol testing program.  It is a single process that
-talks both sides of the SSL protocol via a non-blocking memory buffer
-interface.
-
-How do I read this?  The protocol and cipher are reasonable obvious.
-The next number is the number of connections being made.  The next is the
-number of bytes exchanged between the client and server side of the protocol.
-This is the number of bytes that the client sends to the server, and then
-the server sends back.  Because this is all happening in one process,
-the data is being encrypted, decrypted, encrypted and then decrypted again.
-It is a round trip of that many bytes.  Because the one process performs
-both the client and server sides of the protocol and it sends this many bytes
-each direction, multiply this number by 4 to generate the number
-of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
-elapsed doing a full SSL handshake, the second is the cost of one
-full handshake and the rest being session-id reuse.
-
-SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
-SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
-SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
-SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
-SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
-SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
-SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
-
-SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
-SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
-SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
-SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
-SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
-SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
-
-SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
-SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
-SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
-SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
-SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
-SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
-SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
-
-SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
-SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
-SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
-SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
-SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
-SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
-SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
-
-What does this all mean?  Well for a server, with no session-id reuse, with
-a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
-a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
-about 49 connections a second.  Reality will be quite different :-).
-
-Remember the first number is 1000 full ssl handshakes, the second is
-1 full and 999 with session-id reuse.  The RSA overheads for each exchange
-would be one public and one private operation, but the protocol/MAC/cipher
-cost would be quite similar in both the client and server.
-
-eric (adding numbers to speculation)
-
---- Appendix ---
-- The time measured is user time but these number a very rough.
-- Remember this is the cost of both client and server sides of the protocol.
-- The TCP/kernel overhead of connection establishment is normally the
-  killer in SSL.  Often delays in the TCP protocol will make session-id
-  reuse look slower that new sessions, but this would not be the case on
-  a loaded server.
-- The TCP round trip latencies, while slowing individual connections,
-  would have minimal impact on throughput.
-- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
-- the required number of bytes are processed.
-- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
-- A 512bit server key was being used except where noted.
-- No server key verification was being performed on the client side of the
-  protocol.  This would slow things down very little.
-- The library being used is SSLeay 0.8.x.
-- The normal measuring system was commands of the form
-  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
-  This modified version of ssltest should be in the next public release of
-  SSLeay.
-
-The general cipher performance number for this platform are
-
-SSLeay 0.8.2a 04-Sep-1997
-built on Fri Sep  5 17:37:05 EST 1997
-options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
-C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
-The 'numbers' are in 1000s of bytes per second processed.
-type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
-md2               131.02k      368.41k      500.57k      549.21k      566.09k
-mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
-md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
-sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
-sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
-rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
-des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
-des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
-idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
-rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
-blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
-                  sign    verify
-rsa  512 bits   0.0100s   0.0011s
-rsa 1024 bits   0.0451s   0.0012s
-rsa 2048 bits   0.2605s   0.0086s
-rsa 4096 bits   1.6883s   0.0302s
-
diff --git a/lib/libssl/src/test/tpkcs7 b/lib/libssl/src/test/tpkcs7
deleted file mode 100644
index 3e435ffbf9f..00000000000
--- a/lib/libssl/src/test/tpkcs7
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testp7.pem
-fi
-
-echo testing pkcs7 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/tpkcs7d b/lib/libssl/src/test/tpkcs7d
deleted file mode 100644
index 64fc28e88f0..00000000000
--- a/lib/libssl/src/test/tpkcs7d
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=pkcs7-1.pem
-fi
-
-echo "testing pkcs7 conversions (2)"
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/treq b/lib/libssl/src/test/treq
deleted file mode 100644
index 77f37dcf3a9..00000000000
--- a/lib/libssl/src/test/treq
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testreq.pem
-fi
-
-if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
-  echo "skipping req conversion test for $t"
-  exit 0
-fi
-
-echo testing req conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -verify -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -verify -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/trsa b/lib/libssl/src/test/trsa
deleted file mode 100644
index 249ac1ddcc6..00000000000
--- a/lib/libssl/src/test/trsa
+++ /dev/null
@@ -1,83 +0,0 @@
-#!/bin/sh
-
-if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
-  echo skipping rsa conversion test
-  exit 0
-fi
-
-cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testrsa.pem
-fi
-
-echo testing rsa conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/tsid b/lib/libssl/src/test/tsid
deleted file mode 100644
index 6adbd531ce0..00000000000
--- a/lib/libssl/src/test/tsid
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testsid.pem
-fi
-
-echo testing session-id conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in fff.p -inform p -outform t >f.t
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> d"
-#$cmd -in f.t -inform t -outform d >ff.d2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-#echo "d -> t"
-#$cmd -in f.d -inform d -outform t >ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#echo "t -> t"
-#$cmd -in f.t -inform t -outform t >ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#echo "p -> t"
-#$cmd -in f.p -inform p -outform t >ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#echo "t -> p"
-#$cmd -in f.t -inform t -outform p >ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp fff.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-#cmp f.t ff.t1
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t2
-#if [ $? != 0 ]; then exit 1; fi
-#cmp f.t ff.t3
-#if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-#cmp f.p ff.p2
-#if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/tx509 b/lib/libssl/src/test/tx509
deleted file mode 100644
index 4a15b98d17d..00000000000
--- a/lib/libssl/src/test/tx509
+++ /dev/null
@@ -1,78 +0,0 @@
-#!/bin/sh
-
-cmd='../util/shlib_wrap.sh ../apps/openssl x509'
-
-if [ "$1"x != "x" ]; then
-	t=$1
-else
-	t=testx509.pem
-fi
-
-echo testing X509 conversions
-cp $t fff.p
-
-echo "p -> d"
-$cmd -in fff.p -inform p -outform d >f.d
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in fff.p -inform p -outform n >f.n
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in fff.p -inform p -outform p >f.p
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> d"
-$cmd -in f.d -inform d -outform d >ff.d1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> d"
-$cmd -in f.n -inform n -outform d >ff.d2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> d"
-$cmd -in f.p -inform p -outform d >ff.d3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> n"
-$cmd -in f.d -inform d -outform n >ff.n1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> n"
-$cmd -in f.n -inform n -outform n >ff.n2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> n"
-$cmd -in f.p -inform p -outform n >ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-echo "d -> p"
-$cmd -in f.d -inform d -outform p >ff.p1
-if [ $? != 0 ]; then exit 1; fi
-echo "n -> p"
-$cmd -in f.n -inform n -outform p >ff.p2
-if [ $? != 0 ]; then exit 1; fi
-echo "p -> p"
-$cmd -in f.p -inform p -outform p >ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp fff.p f.p
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp fff.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.n ff.n1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.n ff.n3
-if [ $? != 0 ]; then exit 1; fi
-
-cmp f.p ff.p1
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p2
-if [ $? != 0 ]; then exit 1; fi
-cmp f.p ff.p3
-if [ $? != 0 ]; then exit 1; fi
-
-/bin/rm -f f.* ff.* fff.*
-exit 0
diff --git a/lib/libssl/src/test/v3-cert1.pem b/lib/libssl/src/test/v3-cert1.pem
deleted file mode 100644
index 0da253d5c34..00000000000
--- a/lib/libssl/src/test/v3-cert1.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
-NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
-dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
-ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
-ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
-ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
-miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
-AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
-Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
-DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
-MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
-AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
-X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
-WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
------END CERTIFICATE-----
diff --git a/lib/libssl/src/test/v3-cert2.pem b/lib/libssl/src/test/v3-cert2.pem
deleted file mode 100644
index de0723ff8de..00000000000
--- a/lib/libssl/src/test/v3-cert2.pem
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
-YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
-ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
-dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
-WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
-BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
-FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
-6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
-G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
-YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
-b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
-F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
-lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
-jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
------END CERTIFICATE-----
diff --git a/lib/libssl/src/util/mkerr.pl b/lib/libssl/src/util/mkerr.pl
deleted file mode 100644
index aec401c7731..00000000000
--- a/lib/libssl/src/util/mkerr.pl
+++ /dev/null
@@ -1,810 +0,0 @@
-#!/usr/local/bin/perl -w
-
-my $config = "crypto/err/openssl.ec";
-my $hprefix = "openssl/";
-my $debug = 0;
-my $rebuild = 0;
-my $static = 1;
-my $recurse = 0;
-my $reindex = 0;
-my $dowrite = 0;
-my $staticloader = "";
-
-my $pack_errcode;
-my $load_errcode;
-
-my $errcount;
-
-while (@ARGV) {
-	my $arg = $ARGV[0];
-	if($arg eq "-conf") {
-		shift @ARGV;
-		$config = shift @ARGV;
-	} elsif($arg eq "-hprefix") {
-		shift @ARGV;
-		$hprefix = shift @ARGV;
-	} elsif($arg eq "-debug") {
-		$debug = 1;
-		shift @ARGV;
-	} elsif($arg eq "-rebuild") {
-		$rebuild = 1;
-		shift @ARGV;
-	} elsif($arg eq "-recurse") {
-		$recurse = 1;
-		shift @ARGV;
-	} elsif($arg eq "-reindex") {
-		$reindex = 1;
-		shift @ARGV;
-	} elsif($arg eq "-nostatic") {
-		$static = 0;
-		shift @ARGV;
-	} elsif($arg eq "-staticloader") {
-		$staticloader = "static ";
-		shift @ARGV;
-	} elsif($arg eq "-write") {
-		$dowrite = 1;
-		shift @ARGV;
-	} elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") {
-		print STDERR <<"EOF";
-mkerr.pl [options] ...
-
-Options:
-
-  -conf F       Use the config file F instead of the default one:
-                  crypto/err/openssl.ec
-
-  -hprefix P    Prepend the filenames in generated #include <header>
-                statements with prefix P. Default: 'openssl/' (without
-                the quotes, naturally)
-
-  -debug        Turn on debugging verbose output on stderr.
-
-  -rebuild      Rebuild all header and C source files, irrespective of the
-                fact if any error or function codes have been added/removed.
-                Default: only update files for libraries which saw change
-                         (of course, this requires '-write' as well, or no
-                          files will be touched!)
-
-  -recurse      scan a preconfigured set of directories / files for error and
-                function codes:
-                  (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <apps/*.c>)
-                When this option is NOT specified, the filelist is taken from
-                the commandline instead. Here, wildcards may be embedded. (Be
-                sure to escape those to prevent the shell from expanding them
-                for you when you wish mkerr.pl to do so instead.)
-                Default: take file list to scan from the command line.
-
-  -reindex      Discard the numeric values previously assigned to the error
-                and function codes as extracted from the scanned header files;
-                instead renumber all of them starting from 100. (Note that
-                the numbers assigned through 'R' records in the config file
-                remain intact.)
-                Default: keep previously assigned numbers. (You are warned
-                         when collisions are detected.)
-
-  -nostatic     Generates a different source code, where these additional 
-                functions are generated for each library specified in the
-                config file:
-                  void ERR_load_<LIB>_strings(void);
-                  void ERR_unload_<LIB>_strings(void);
-                  void ERR_<LIB>_error(int f, int r, char *fn, int ln);
-                  #define <LIB>err(f,r) ERR_<LIB>_error(f,r,__FILE__,__LINE__)
-                while the code facilitates the use of these in an environment
-                where the error support routines are dynamically loaded at 
-                runtime.
-                Default: 'static' code generation.
-
-  -staticloader Prefix generated functions with the 'static' scope modifier.
-                Default: don't write any scope modifier prefix.
-
-  -write        Actually (over)write the generated code to the header and C 
-                source files as assigned to each library through the config 
-                file.
-                Default: don't write.
-
-  -help / -h / -? / --help            Show this help text.
-
-  ...           Additional arguments are added to the file list to scan,
-                assuming '-recurse' was NOT specified on the command line.
-
-EOF
-		exit 1;
-	} else {
-		last;
-	}
-}
-
-if($recurse) {
-	@source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>);
-} else {
-	@source = @ARGV;
-}
-
-# Read in the config file
-
-open(IN, "<$config") || die "Can't open config file $config";
-
-# Parse config file
-
-while(<IN>)
-{
-	if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
-		$hinc{$1} = $2;
-		$libinc{$2} = $1;
-		$cskip{$3} = $1;
-		if($3 ne "NONE") {
-			$csrc{$1} = $3;
-			$fmax{$1} = 100;
-			$rmax{$1} = 100;
-			$fassigned{$1} = ":";
-			$rassigned{$1} = ":";
-			$fnew{$1} = 0;
-			$rnew{$1} = 0;
-		}
-	} elsif (/^F\s+(\S+)/) {
-	# Add extra function with $1
-	} elsif (/^R\s+(\S+)\s+(\S+)/) {
-		$rextra{$1} = $2;
-		$rcodes{$1} = $2;
-	}
-}
-
-close IN;
-
-# Scan each header file in turn and make a list of error codes
-# and function names
-
-while (($hdr, $lib) = each %libinc)
-{
-	next if($hdr eq "NONE");
-	print STDERR "Scanning header file $hdr\n" if $debug; 
-	my $line = "", $def= "", $linenr = 0, $gotfile = 0;
-	if (open(IN, "<$hdr")) {
-	    $gotfile = 1;
-	    while(<IN>) {
-		$linenr++;
-		print STDERR "line: $linenr\r" if $debug;
-
-		last if(/BEGIN\s+ERROR\s+CODES/);
-		if ($line ne '') {
-		    $_ = $line . $_;
-		    $line = '';
-		}
-
-		if (/\\$/) {
-		    $line = $_;
-		    next;
-		}
-
-		if(/\/\*/) {
-		    if (not /\*\//) {		# multiline comment...
-			$line = $_;		# ... just accumulate
-			next; 
-		    } else {
-			s/\/\*.*?\*\///gs;	# wipe it
-		    }
-		}
-
-		if ($cpp) {
-		    $cpp++ if /^#\s*if/;
-		    $cpp-- if /^#\s*endif/;
-		    next;
-		}
-		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
-
-		next if (/^\#/);                      # skip preprocessor directives
-
-		s/{[^{}]*}//gs;                      # ignore {} blocks
-
-		if (/\{|\/\*/) { # Add a } so editor works...
-		    $line = $_;
-		} else {
-		    $def .= $_;
-		}
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-        $defnr = 0;
-	# Delete any DECLARE_ macros
-	$def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
-	foreach (split /;/, $def) {
-	    $defnr++;
-	    print STDERR "def: $defnr\r" if $debug;
-
-	    # The goal is to collect function names from function declarations.
-
-	    s/^[\n\s]*//g;
-	    s/[\n\s]*$//g;
-
-	    # Skip over recognized non-function declarations
-	    next if(/typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/);
-
-	    # Remove STACK_OF(foo)
-	    s/STACK_OF\(\w+\)/void/;
-
-	    # Reduce argument lists to empty ()
-	    # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
-	    while(/\(.*\)/s) {
-		s/\([^\(\)]+\)/\{\}/gs;
-		s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
-	    }
-	    # pretend as we didn't use curly braces: {} -> ()
-	    s/\{\}/\(\)/gs;
-
-	    if (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
-		my $name = $1;		# a function name!
-		$name =~ tr/[a-z]/[A-Z]/;
-		$ftrans{$name} = $1;
-	    } elsif (/[\(\)]/ and not (/=/)) {
-		print STDERR "Header $hdr: cannot parse: $_;\n";
-	    }
-	}
-
-	print STDERR "                                  \r" if $debug;
-
-	next if $reindex;
-
-	# Scan function and reason codes and store them: keep a note of the
-	# maximum code used.
-
-	if ($gotfile) {
-	  while(<IN>) {
-		if(/^\#define\s+(\S+)\s+(\S+)/) {
-			$name = $1;
-			$code = $2;
-			next if $name =~ /^${lib}err/;
-			unless($name =~ /^${lib}_([RF])_(\w+)$/) {
-				print STDERR "Invalid error code $name\n";
-				next;
-			}
-			if($1 eq "R") {
-				$rcodes{$name} = $code;
-				if ($rassigned{$lib} =~ /:$code:/) {
-					print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n";
-					++$errcount;
-				}
-				$rassigned{$lib} .= "$code:";
-				if(!(exists $rextra{$name}) &&
-					 ($code > $rmax{$lib}) ) {
-					$rmax{$lib} = $code;
-				}
-			} else {
-				if ($fassigned{$lib} =~ /:$code:/) {
-					print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n";
-					++$errcount;
-				}
-				$fassigned{$lib} .= "$code:";
-				if($code > $fmax{$lib}) {
-					$fmax{$lib} = $code;
-				}
-				$fcodes{$name} = $code;
-			}
-		}
-	  }
-	}
-
-	if ($debug) {
-		if (defined($fmax{$lib})) {
-			print STDERR "Max function code fmax" . "{" . "$lib" . "} = $fmax{$lib}\n";
-			$fassigned{$lib} =~ m/^:(.*):$/;
-			@fassigned = sort {$a <=> $b} split(":", $1);
-			print STDERR "  @fassigned\n";
-		}
-		if (defined($rmax{$lib})) {
-			print STDERR "Max reason code rmax" . "{" . "$lib" . "} = $rmax{$lib}\n";
-			$rassigned{$lib} =~ m/^:(.*):$/;
-			@rassigned = sort {$a <=> $b} split(":", $1);
-			print STDERR "  @rassigned\n";
-		}
-	}
-
-	if ($lib eq "SSL") {
-		if ($rmax{$lib} >= 1000) {
-			print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n";
-			print STDERR "!!        Any new alerts must be added to $config.\n";
-			++$errcount;
-			print STDERR "\n";
-		}
-	}
-	close IN;
-}
-
-# Scan each C source file and look for function and reason codes
-# This is done by looking for strings that "look like" function or
-# reason codes: basically anything consisting of all upper case and
-# numerics which has _F_ or _R_ in it and which has the name of an
-# error library at the start. This seems to work fine except for the
-# oddly named structure BIO_F_CTX which needs to be ignored.
-# If a code doesn't exist in list compiled from headers then mark it
-# with the value "X" as a place holder to give it a value later.
-# Store all function and reason codes found in %ufcodes and %urcodes
-# so all those unreferenced can be printed out.
-
-
-foreach $file (@source) {
-	# Don't parse the error source file.
-	next if exists $cskip{$file};
-	print STDERR "File loaded: ".$file."\r" if $debug;
-	open(IN, "<$file") || die "Can't open source file $file\n";
-	while(<IN>) {
-		# skip obsoleted source files entirely!
-		last if(/^#error\s+obsolete/);
-
-		if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
-			next unless exists $csrc{$2};
-			next if($1 eq "BIO_F_BUFFER_CTX");
-			$ufcodes{$1} = 1;
-			if(!exists $fcodes{$1}) {
-				$fcodes{$1} = "X";
-				$fnew{$2}++;
-			}
-			$notrans{$1} = 1 unless exists $ftrans{$3};
-			print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug; 
-		}
-		if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
-			next unless exists $csrc{$2};
-			$urcodes{$1} = 1;
-			if(!exists $rcodes{$1}) {
-				$rcodes{$1} = "X";
-				$rnew{$2}++;
-			}
-			print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug; 
-		} 
-	}
-	close IN;
-}
-print STDERR "                                  \n" if $debug;
-
-# Now process each library in turn.
-
-foreach $lib (keys %csrc)
-{
-	my $hfile = $hinc{$lib};
-	my $cfile = $csrc{$lib};
-	if(!$fnew{$lib} && !$rnew{$lib}) {
-		print STDERR "$lib:\t\tNo new error codes\n";
-		next unless $rebuild;
-	} else {
-		print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
-		print STDERR " $rnew{$lib} New Reasons.\n";
-		next unless $dowrite;
-	}
-
-	# If we get here then we have some new error codes so we
-	# need to rebuild the header file and C file.
-
-	# Make a sorted list of error and reason codes for later use.
-
-	my @function = sort grep(/^${lib}_/,keys %fcodes);
-	my @reasons = sort grep(/^${lib}_/,keys %rcodes);
-
-	# Rewrite the header file
-
-	if (open(IN, "<$hfile")) {
-	    # Copy across the old file
-	    while(<IN>) {
-		push @out, $_;
-		last if (/BEGIN ERROR CODES/);
-	    }
-	    close IN;
-	} else {
-	    push @out,
-"/* ====================================================================\n",
-" * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.\n",
-" *\n",
-" * Redistribution and use in source and binary forms, with or without\n",
-" * modification, are permitted provided that the following conditions\n",
-" * are met:\n",
-" *\n",
-" * 1. Redistributions of source code must retain the above copyright\n",
-" *    notice, this list of conditions and the following disclaimer. \n",
-" *\n",
-" * 2. Redistributions in binary form must reproduce the above copyright\n",
-" *    notice, this list of conditions and the following disclaimer in\n",
-" *    the documentation and/or other materials provided with the\n",
-" *    distribution.\n",
-" *\n",
-" * 3. All advertising materials mentioning features or use of this\n",
-" *    software must display the following acknowledgment:\n",
-" *    \"This product includes software developed by the OpenSSL Project\n",
-" *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)\"\n",
-" *\n",
-" * 4. The names \"OpenSSL Toolkit\" and \"OpenSSL Project\" must not be used to\n",
-" *    endorse or promote products derived from this software without\n",
-" *    prior written permission. For written permission, please contact\n",
-" *    openssl-core\@openssl.org.\n",
-" *\n",
-" * 5. Products derived from this software may not be called \"OpenSSL\"\n",
-" *    nor may \"OpenSSL\" appear in their names without prior written\n",
-" *    permission of the OpenSSL Project.\n",
-" *\n",
-" * 6. Redistributions of any form whatsoever must retain the following\n",
-" *    acknowledgment:\n",
-" *    \"This product includes software developed by the OpenSSL Project\n",
-" *    for use in the OpenSSL Toolkit (http://www.openssl.org/)\"\n",
-" *\n",
-" * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\n",
-" * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n",
-" * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n",
-" * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR\n",
-" * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n",
-" * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n",
-" * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n",
-" * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n",
-" * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n",
-" * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n",
-" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n",
-" * OF THE POSSIBILITY OF SUCH DAMAGE.\n",
-" * ====================================================================\n",
-" *\n",
-" * This product includes cryptographic software written by Eric Young\n",
-" * (eay\@cryptsoft.com).  This product includes software written by Tim\n",
-" * Hudson (tjh\@cryptsoft.com).\n",
-" *\n",
-" */\n",
-"\n",
-"#ifndef HEADER_${lib}_ERR_H\n",
-"#define HEADER_${lib}_ERR_H\n",
-"\n",
-"#ifdef  __cplusplus\n",
-"extern \"C\" {\n",
-"#endif\n",
-"\n",
-"/* BEGIN ERROR CODES */\n";
-	}
-	open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
-
-	print OUT @out;
-	undef @out;
-	print OUT <<"EOF";
-/* The following lines are auto generated by the script mkerr.pl. Any changes
- * made after this point may be overwritten when the script is next run.
- */
-EOF
-	if($static) {
-		print OUT <<"EOF";
-${staticloader}void ERR_load_${lib}_strings(void);
-
-EOF
-	} else {
-		print OUT <<"EOF";
-${staticloader}void ERR_load_${lib}_strings(void);
-${staticloader}void ERR_unload_${lib}_strings(void);
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line);
-#define ${lib}err(f,r) ERR_${lib}_error((f),(r),__FILE__,__LINE__)
-
-EOF
-	}
-	print OUT <<"EOF";
-/* Error codes for the $lib functions. */
-
-/* Function codes. */
-EOF
-
-	foreach $i (@function) {
-		$z=6-int(length($i)/8);
-		if($fcodes{$i} eq "X") {
-			$fassigned{$lib} =~ m/^:([^:]*):/;
-			$findcode = $1;
-			if (!defined($findcode)) {
-				$findcode = $fmax{$lib};
-			}
-			while ($fassigned{$lib} =~ m/:$findcode:/) {
-				$findcode++;
-			}
-			$fcodes{$i} = $findcode;
-			$fassigned{$lib} .= "$findcode:";
-			print STDERR "New Function code $i\n" if $debug;
-		}
-		printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
-	}
-
-	print OUT "\n/* Reason codes. */\n";
-
-	foreach $i (@reasons) {
-		$z=6-int(length($i)/8);
-		if($rcodes{$i} eq "X") {
-			$rassigned{$lib} =~ m/^:([^:]*):/;
-			$findcode = $1;
-			if (!defined($findcode)) {
-				$findcode = $rmax{$lib};
-			}
-			while ($rassigned{$lib} =~ m/:$findcode:/) {
-				$findcode++;
-			}
-			$rcodes{$i} = $findcode;
-			$rassigned{$lib} .= "$findcode:";
-			print STDERR "New Reason code   $i\n" if $debug;
-		}
-		printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
-	}
-	print OUT <<"EOF";
-
-#ifdef  __cplusplus
-}
-#endif
-#endif
-EOF
-	close OUT;
-
-	# Rewrite the C source file containing the error details.
-
-	# First, read any existing reason string definitions:
-	my %err_reason_strings;
-	if (open(IN,"<$cfile")) {
-		while (<IN>) {
-			if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
-				$err_reason_strings{$1} = $2;
-			}
-			if (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) {
-				if (!exists $ftrans{$1} && ($1 ne $2)) {
-					print STDERR "WARNING: Mismatched function string $2\n";
-					$ftrans{$1} = $2;
-				}
-			}
-		}
-		close(IN);
-	}
-
-
-	my $hincf;
-	if($static) {
-		$hfile =~ /([^\/]+)$/;
-		$hincf = "<${hprefix}$1>";
-	} else {
-		$hincf = "\"$hfile\"";
-	}
-
-	# If static we know the error code at compile time so use it
-	# in error definitions.
-
-	if ($static)
-		{
-		$pack_errcode = "ERR_LIB_${lib}";
-		$load_errcode = "0";
-		}
-	else
-		{
-		$pack_errcode = "0";
-		$load_errcode = "ERR_LIB_${lib}";
-		}
-
-
-	open (OUT,">$cfile") || die "Can't open $cfile for writing";
-
-	print OUT <<"EOF";
-/* $cfile */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core\@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay\@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh\@cryptsoft.com).
- *
- */
-
-/* NOTE: this file was auto generated by the mkerr.pl script: any changes
- * made to it will be overwritten when the script next updates this file,
- * only reason strings will be preserved.
- */
-
-#include <stdio.h>
-#include <openssl/err.h>
-#include $hincf
-
-/* BEGIN ERROR CODES */
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
-#define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
-
-static ERR_STRING_DATA ${lib}_str_functs[]=
-	{
-EOF
-	# Add each function code: if a function name is found then use it.
-	foreach $i (@function) {
-		my $fn;
-		$i =~ /^${lib}_F_(\S+)$/;
-		$fn = $1;
-		if(exists $ftrans{$fn}) {
-			$fn = $ftrans{$fn};
-		}
-#		print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
-		print OUT "{ERR_FUNC($i),\t\"$fn\"},\n";
-	}
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-static ERR_STRING_DATA ${lib}_str_reasons[]=
-	{
-EOF
-	# Add each reason code.
-	foreach $i (@reasons) {
-		my $rn;
-		my $rstr = "ERR_REASON($i)";
-		my $nspc = 0;
-		if (exists $err_reason_strings{$i}) {
-			$rn = $err_reason_strings{$i};
-		} else {
-			$i =~ /^${lib}_R_(\S+)$/;
-			$rn = $1;
-			$rn =~ tr/_[A-Z]/ [a-z]/;
-		}
-		$nspc = 40 - length($rstr) unless length($rstr) > 40;
-		$nspc = " " x $nspc;
-		print OUT "{${rstr}${nspc},\"$rn\"},\n";
-	}
-if($static) {
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-#endif
-
-${staticloader}void ERR_load_${lib}_strings(void)
-	{
-#ifndef OPENSSL_NO_ERR
-
-	if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL)
-		{
-		ERR_load_strings($load_errcode,${lib}_str_functs);
-		ERR_load_strings($load_errcode,${lib}_str_reasons);
-		}
-#endif
-	}
-EOF
-} else {
-	print OUT <<"EOF";
-{0,NULL}
-	};
-
-#endif
-
-#ifdef ${lib}_LIB_NAME
-static ERR_STRING_DATA ${lib}_lib_name[]=
-        {
-{0	,${lib}_LIB_NAME},
-{0,NULL}
-	};
-#endif
-
-
-static int ${lib}_lib_error_code=0;
-static int ${lib}_error_init=1;
-
-${staticloader}void ERR_load_${lib}_strings(void)
-	{
-	if (${lib}_lib_error_code == 0)
-		${lib}_lib_error_code=ERR_get_next_error_library();
-
-	if (${lib}_error_init)
-		{
-		${lib}_error_init=0;
-#ifndef OPENSSL_NO_ERR
-		ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs);
-		ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-		${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0);
-		ERR_load_strings(0,${lib}_lib_name);
-#endif
-		}
-	}
-
-${staticloader}void ERR_unload_${lib}_strings(void)
-	{
-	if (${lib}_error_init == 0)
-		{
-#ifndef OPENSSL_NO_ERR
-		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_functs);
-		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_reasons);
-#endif
-
-#ifdef ${lib}_LIB_NAME
-		ERR_unload_strings(0,${lib}_lib_name);
-#endif
-		${lib}_error_init=1;
-		}
-	}
-
-${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line)
-	{
-	if (${lib}_lib_error_code == 0)
-		${lib}_lib_error_code=ERR_get_next_error_library();
-	ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line);
-	}
-EOF
-
-}
-
-	close OUT;
-	undef %err_reason_strings;
-}
-
-if($debug && %notrans) {
-	print STDERR "The following function codes were not translated:\n";
-	foreach(sort keys %notrans)
-	{
-		print STDERR "$_\n";
-	}
-}
-
-# Make a list of unreferenced function and reason codes
-
-foreach (keys %fcodes) {
-	push (@funref, $_) unless exists $ufcodes{$_};
-}
-
-foreach (keys %rcodes) {
-	push (@runref, $_) unless exists $urcodes{$_};
-}
-
-if($debug && defined(@funref) ) {
-	print STDERR "The following function codes were not referenced:\n";
-	foreach(sort @funref)
-	{
-		print STDERR "$_\n";
-	}
-}
-
-if($debug && defined(@runref) ) {
-	print STDERR "The following reason codes were not referenced:\n";
-	foreach(sort @runref)
-	{
-		print STDERR "$_\n";
-	}
-}
-
-if($errcount) {
-	print STDERR "There were errors, failing...\n\n";
-	exit $errcount;
-}
-
diff --git a/lib/libssl/src/util/mkstack.pl b/lib/libssl/src/util/mkstack.pl
deleted file mode 100644
index 77b0ec49430..00000000000
--- a/lib/libssl/src/util/mkstack.pl
+++ /dev/null
@@ -1,179 +0,0 @@
-#!/usr/local/bin/perl -w
-
-# This is a utility that searches out "DECLARE_STACK_OF()"
-# declarations in .h and .c files, and updates/creates/replaces
-# the corresponding macro declarations in crypto/stack/safestack.h.
-# As it's not generally possible to have macros that generate macros,
-# we need to control this from the "outside", here in this script.
-#
-# Geoff Thorpe, June, 2000 (with massive Perl-hacking
-#                           help from Steve Robb)
-
-my $safestack = "crypto/stack/safestack";
-
-my $do_write;
-while (@ARGV) {
-	my $arg = $ARGV[0];
-	if($arg eq "-write") {
-		$do_write = 1;
-	}
-	shift @ARGV;
-}
-
-
-@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
-foreach $file (@source) {
-	next if -l $file;
-
-	# Open the .c/.h file for reading
-	open(IN, "< $file") || die "Can't open $file for reading: $!";
-
-	while(<IN>) {
-		if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
-			push @stacklst, $1;
-		}
-	        if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) {
-		    	push @sstacklst, [$1, $2];
-		}
-		if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
-			push @asn1setlst, $1;
-		}
-		if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
-			push @p12stklst, $1;
-		}
-		if (/^DECLARE_LHASH_OF\(([^)]+)\)/) {
-			push @lhashlst, $1;
-		}
-	}
-	close(IN);
-}
-
-
-
-my $old_stackfile = "";
-my $new_stackfile = "";
-my $inside_block = 0;
-my $type_thing;
-
-open(IN, "< $safestack.h") || die "Can't open input file: $!";
-while(<IN>) {
-	$old_stackfile .= $_;
-
-	if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) {
-		$inside_block = 1;
-	}
-	if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) {
-		$inside_block = 0;
-	} elsif ($inside_block == 0) {
-		$new_stackfile .= $_;
-	}
-	next if($inside_block != 1);
-	$new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
-		
-	foreach $type_thing (sort @stacklst) {
-		$new_stackfile .= <<EOF;
-
-#define sk_${type_thing}_new(cmp) SKM_sk_new($type_thing, (cmp))
-#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
-#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
-#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
-#define sk_${type_thing}_value(st, i) SKM_sk_value($type_thing, (st), (i))
-#define sk_${type_thing}_set(st, i, val) SKM_sk_set($type_thing, (st), (i), (val))
-#define sk_${type_thing}_zero(st) SKM_sk_zero($type_thing, (st))
-#define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val))
-#define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val))
-#define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val))
-#define sk_${type_thing}_find_ex(st, val) SKM_sk_find_ex($type_thing, (st), (val))
-#define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i))
-#define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr))
-#define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i))
-#define sk_${type_thing}_set_cmp_func(st, cmp) SKM_sk_set_cmp_func($type_thing, (st), (cmp))
-#define sk_${type_thing}_dup(st) SKM_sk_dup($type_thing, st)
-#define sk_${type_thing}_pop_free(st, free_func) SKM_sk_pop_free($type_thing, (st), (free_func))
-#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
-#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
-#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
-#define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st))
-EOF
-	}
-
-	foreach $type_thing (sort @sstacklst) {
-	    my $t1 = $type_thing->[0];
-	    my $t2 = $type_thing->[1];
-	    $new_stackfile .= <<EOF;
-
-#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp)))
-#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null())
-#define sk_${t1}_push(st, val) sk_push(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
-#define sk_${t1}_find(st, val) sk_find(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
-#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_STACK_OF($t1, st), i))
-#define sk_${t1}_num(st) SKM_sk_num($t1, st)
-#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF($t1, st), CHECKED_SK_FREE_FUNC2($t1, free_func))
-#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val), i)
-#define sk_${t1}_free(st) SKM_sk_free(${t1}, st)
-#define sk_${t1}_set(st, i, val) sk_set(CHECKED_STACK_OF($t1, st), i, CHECKED_PTR_OF($t2, val))
-#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st))
-#define sk_${t1}_unshift(st, val) sk_unshift(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
-#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val))
-#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i))
-#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, ptr))
-#define sk_${t1}_set_cmp_func(st, cmp)  \\
-	((int (*)(const $t2 * const *,const $t2 * const *)) \\
-	sk_set_cmp_func(CHECKED_STACK_OF($t1, st), CHECKED_SK_CMP_FUNC($t2, cmp)))
-#define sk_${t1}_dup(st) SKM_sk_dup($t1, st)
-#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st))
-#define sk_${t1}_pop(st) ($t2 *)sk_pop(CHECKED_STACK_OF($t1, st))
-#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st))
-#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st))
-
-EOF
-	}
-
-	foreach $type_thing (sort @p12stklst) {
-		$new_stackfile .= <<EOF;
-
-#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
-	SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
-EOF
-	}
-
-	foreach $type_thing (sort @lhashlst) {
-		my $lc_tt = lc $type_thing;
-		$new_stackfile .= <<EOF;
-
-#define lh_${type_thing}_new() LHM_lh_new(${type_thing},${lc_tt})
-#define lh_${type_thing}_insert(lh,inst) LHM_lh_insert(${type_thing},lh,inst)
-#define lh_${type_thing}_retrieve(lh,inst) LHM_lh_retrieve(${type_thing},lh,inst)
-#define lh_${type_thing}_delete(lh,inst) LHM_lh_delete(${type_thing},lh,inst)
-#define lh_${type_thing}_doall(lh,fn) LHM_lh_doall(${type_thing},lh,fn)
-#define lh_${type_thing}_doall_arg(lh,fn,arg_type,arg) \\
-  LHM_lh_doall_arg(${type_thing},lh,fn,arg_type,arg)
-#define lh_${type_thing}_error(lh) LHM_lh_error(${type_thing},lh)
-#define lh_${type_thing}_num_items(lh) LHM_lh_num_items(${type_thing},lh)
-#define lh_${type_thing}_down_load(lh) LHM_lh_down_load(${type_thing},lh)
-#define lh_${type_thing}_node_stats_bio(lh,out) \\
-  LHM_lh_node_stats_bio(${type_thing},lh,out)
-#define lh_${type_thing}_node_usage_stats_bio(lh,out) \\
-  LHM_lh_node_usage_stats_bio(${type_thing},lh,out)
-#define lh_${type_thing}_stats_bio(lh,out) \\
-  LHM_lh_stats_bio(${type_thing},lh,out)
-#define lh_${type_thing}_free(lh) LHM_lh_free(${type_thing},lh)
-EOF
-	}
-
-	$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
-	$inside_block = 2;
-}
-
-
-if ($new_stackfile eq $old_stackfile) {
-	print "No changes to $safestack.h.\n";
-	exit 0; # avoid unnecessary rebuild
-}
-
-if ($do_write) {
-	print "Writing new $safestack.h.\n";
-	open OUT, ">$safestack.h" || die "Can't open output file";
-	print OUT $new_stackfile;
-	close OUT;
-}
author	beck <beck@openbsd.org>	2016-09-03 11:33:34 +0000
committer	beck <beck@openbsd.org>	2016-09-03 11:33:34 +0000
commit	8204a9859e29f943f9d45fa3c5bacf005da87a21 (patch)
tree	3d72799b17122728ed1ce817d171df956c52a633 /lib/libssl/src
parent	Remove NULL pointer checks before calls to free(). (diff)
download	wireguard-openbsd-8204a9859e29f943f9d45fa3c5bacf005da87a21.tar.xz wireguard-openbsd-8204a9859e29f943f9d45fa3c5bacf005da87a21.zip